diff --git a/go.mod b/go.mod
index 3a51f64cbe..857b67dbe2 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/tektoncd/cli
 
-go 1.23.4
+go 1.24.0
 
 require (
 	github.com/AlecAivazis/survey/v2 v2.3.7
@@ -12,15 +12,15 @@ require (
 	github.com/docker/docker v28.2.2+incompatible
 	github.com/fatih/color v1.18.0
 	github.com/google/go-cmp v0.7.0
-	github.com/google/go-containerregistry v0.20.3
+	github.com/google/go-containerregistry v0.20.6
 	github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b
 	github.com/hinshun/vt10x v0.0.0-20220228203356-1ab2cad5fd82
 	github.com/jonboulle/clockwork v0.5.0
 	github.com/ktr0731/go-fuzzyfinder v0.8.0
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/pkg/errors v0.9.1
-	github.com/sigstore/cosign/v2 v2.5.0
-	github.com/sigstore/sigstore v1.9.4
+	github.com/sigstore/cosign/v2 v2.5.2
+	github.com/sigstore/sigstore v1.9.5
 	github.com/spf13/cobra v1.9.1
 	github.com/spf13/pflag v1.0.6
 	github.com/tektoncd/chains v0.25.1
@@ -35,10 +35,10 @@ require (
 	golang.org/x/term v0.32.0
 	gotest.tools v2.2.0+incompatible
 	gotest.tools/v3 v3.5.2
-	k8s.io/api v0.32.5
-	k8s.io/apimachinery v0.32.5
+	k8s.io/api v0.33.1
+	k8s.io/apimachinery v0.33.1
 	k8s.io/cli-runtime v0.29.15
-	k8s.io/client-go v0.32.5
+	k8s.io/client-go v0.33.1
 	knative.dev/pkg v0.0.0-20250415155312-ed3e2158b883
 	sigs.k8s.io/yaml v1.4.0
 )
@@ -47,23 +47,23 @@ replace github.com/alibabacloud-go/cr-20160607 => github.com/vdemeester/cr-20160
 
 require (
 	cel.dev/expr v0.23.1 // indirect
-	cloud.google.com/go v0.120.0 // indirect
-	cloud.google.com/go/auth v0.16.0 // indirect
+	cloud.google.com/go v0.121.1 // indirect
+	cloud.google.com/go/auth v0.16.2 // indirect
 	cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
-	cloud.google.com/go/compute/metadata v0.6.0 // indirect
+	cloud.google.com/go/compute/metadata v0.7.0 // indirect
 	cloud.google.com/go/firestore v1.18.0 // indirect
-	cloud.google.com/go/iam v1.5.0 // indirect
-	cloud.google.com/go/kms v1.21.1 // indirect
-	cloud.google.com/go/longrunning v0.6.6 // indirect
-	cloud.google.com/go/monitoring v1.24.1 // indirect
-	cloud.google.com/go/storage v1.52.0 // indirect
+	cloud.google.com/go/iam v1.5.2 // indirect
+	cloud.google.com/go/kms v1.22.0 // indirect
+	cloud.google.com/go/longrunning v0.6.7 // indirect
+	cloud.google.com/go/monitoring v1.24.2 // indirect
+	cloud.google.com/go/storage v1.53.0 // indirect
 	contrib.go.opencensus.io/exporter/ocagent v0.7.1-0.20200907061046-05415f1de66d // indirect
 	contrib.go.opencensus.io/exporter/prometheus v0.4.2 // indirect
 	github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.14.0 // indirect
 	github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.1 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.3.1 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
@@ -81,7 +81,6 @@ require (
 	github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.51.0 // indirect
 	github.com/IBM/sarama v1.45.1 // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
-	github.com/ProtonMail/go-crypto v1.1.5 // indirect
 	github.com/ThalesIgnite/crypto11 v1.2.5 // indirect
 	github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4 // indirect
 	github.com/alibabacloud-go/cr-20160607 v1.0.1 // indirect
@@ -96,44 +95,44 @@ require (
 	github.com/aliyun/credentials-go v1.3.2 // indirect
 	github.com/antlr4-go/antlr/v4 v4.13.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
-	github.com/aws/aws-sdk-go v1.55.6 // indirect
-	github.com/aws/aws-sdk-go-v2 v1.36.3 // indirect
-	github.com/aws/aws-sdk-go-v2/config v1.29.12 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.65 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect
+	github.com/aws/aws-sdk-go v1.55.7 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.36.4 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.29.16 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.69 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.31 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.35 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.35 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ecr v1.40.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.31.2 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 // indirect
-	github.com/aws/aws-sdk-go-v2/service/kms v1.38.1 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.25.2 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.0 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.33.17 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.16 // indirect
+	github.com/aws/aws-sdk-go-v2/service/kms v1.41.0 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.25.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.33.21 // indirect
 	github.com/aws/smithy-go v1.22.3 // indirect
 	github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.9.1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/blendle/zapdriver v1.3.1 // indirect
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/cenkalti/backoff/v5 v5.0.2 // indirect
 	github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589 // indirect
 	github.com/clbanning/mxj/v2 v2.7.0 // indirect
 	github.com/cloudevents/sdk-go/v2 v2.16.0 // indirect
-	github.com/cloudflare/circl v1.6.1 // indirect
 	github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f // indirect
 	github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be // indirect
 	github.com/containerd/stargz-snapshotter/estargz v0.16.3 // indirect
 	github.com/coreos/go-oidc/v3 v3.14.1 // indirect
-	github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 // indirect
+	github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect
 	github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 // indirect
 	github.com/dimchansky/utfbom v1.1.1 // indirect
 	github.com/docker/distribution v2.8.3+incompatible // indirect
-	github.com/docker/docker-credential-helpers v0.8.2 // indirect
+	github.com/docker/docker-credential-helpers v0.9.3 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/eapache/go-resiliency v1.7.0 // indirect
 	github.com/eapache/go-xerial-snappy v0.0.0-20230731223053-c322873962e3 // indirect
@@ -156,7 +155,7 @@ require (
 	github.com/go-jose/go-jose/v4 v4.0.5 // indirect
 	github.com/go-kit/log v0.2.1 // indirect
 	github.com/go-logfmt/logfmt v0.6.0 // indirect
-	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/logr v1.4.3 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/analysis v0.23.0 // indirect
 	github.com/go-openapi/errors v0.22.1 // indirect
@@ -177,31 +176,30 @@ require (
 	github.com/golang/snappy v1.0.0 // indirect
 	github.com/google/btree v1.1.3 // indirect
 	github.com/google/cel-go v0.25.0 // indirect
-	github.com/google/certificate-transparency-go v1.3.1 // indirect
+	github.com/google/certificate-transparency-go v1.3.2 // indirect
 	github.com/google/gnostic-models v0.6.9 // indirect
 	github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20240108195214-a0658aa1d0cc // indirect
 	github.com/google/go-containerregistry/pkg/authn/kubernetes v0.0.0-20240108195214-a0658aa1d0cc // indirect
-	github.com/google/go-github/v55 v55.0.0 // indirect
+	github.com/google/go-github/v72 v72.0.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
-	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/s2a-go v0.1.9 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/google/wire v0.6.0 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
-	github.com/googleapis/gax-go/v2 v2.14.1 // indirect
-	github.com/gorilla/websocket v1.5.3 // indirect
+	github.com/googleapis/gax-go/v2 v2.14.2 // indirect
+	github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 // indirect
 	github.com/grafeas/grafeas v0.2.3 // indirect
 	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
 	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
-	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 // indirect
+	github.com/hashicorp/go-secure-stdlib/parseutil v0.2.0 // indirect
 	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
-	github.com/hashicorp/go-sockaddr v1.0.5 // indirect
+	github.com/hashicorp/go-sockaddr v1.0.7 // indirect
 	github.com/hashicorp/go-uuid v1.0.3 // indirect
 	github.com/hashicorp/golang-lru v1.0.2 // indirect
 	github.com/hashicorp/hcl v1.0.1-vault-5 // indirect
@@ -249,17 +247,17 @@ require (
 	github.com/nsf/termbox-go v1.1.1 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
-	github.com/opencontainers/image-spec v1.1.0 // indirect
+	github.com/opencontainers/image-spec v1.1.1 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/openzipkin/zipkin-go v0.4.3 // indirect
-	github.com/pelletier/go-toml/v2 v2.2.3 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
 	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
 	github.com/pierrec/lz4/v4 v4.1.22 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
-	github.com/prometheus/client_golang v1.21.1 // indirect
-	github.com/prometheus/client_model v0.6.1 // indirect
-	github.com/prometheus/common v0.62.0 // indirect
+	github.com/prometheus/client_golang v1.22.0 // indirect
+	github.com/prometheus/client_model v0.6.2 // indirect
+	github.com/prometheus/common v0.63.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
 	github.com/prometheus/statsd_exporter v0.22.7 // indirect
 	github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
@@ -271,15 +269,15 @@ require (
 	github.com/secure-systems-lab/go-securesystemslib v0.9.0 // indirect
 	github.com/segmentio/ksuid v1.0.4 // indirect
 	github.com/shibumi/go-pathspec v1.3.0 // indirect
-	github.com/sigstore/fulcio v1.6.6 // indirect
-	github.com/sigstore/protobuf-specs v0.4.1 // indirect
+	github.com/sigstore/fulcio v1.7.1 // indirect
+	github.com/sigstore/protobuf-specs v0.4.3 // indirect
 	github.com/sigstore/rekor v1.3.10 // indirect
-	github.com/sigstore/sigstore-go v0.7.1 // indirect
-	github.com/sigstore/sigstore/pkg/signature/kms/aws v1.9.1 // indirect
-	github.com/sigstore/sigstore/pkg/signature/kms/azure v1.9.1 // indirect
-	github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.9.1 // indirect
-	github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.9.1 // indirect
-	github.com/sigstore/timestamp-authority v1.2.5 // indirect
+	github.com/sigstore/sigstore-go v1.0.0 // indirect
+	github.com/sigstore/sigstore/pkg/signature/kms/aws v1.9.5 // indirect
+	github.com/sigstore/sigstore/pkg/signature/kms/azure v1.9.5 // indirect
+	github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.9.5 // indirect
+	github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.9.5 // indirect
+	github.com/sigstore/timestamp-authority v1.2.8 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
@@ -291,7 +289,7 @@ require (
 	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect
 	github.com/thales-e-security/pool v0.0.2 // indirect
-	github.com/theupdateframework/go-tuf/v2 v2.0.2 // indirect
+	github.com/theupdateframework/go-tuf/v2 v2.1.1 // indirect
 	github.com/tidwall/gjson v1.14.2 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.0 // indirect
@@ -299,7 +297,7 @@ require (
 	github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
 	github.com/tjfoc/gmsm v1.4.1 // indirect
 	github.com/transparency-dev/merkle v0.0.2 // indirect
-	github.com/vbatts/tar-split v0.11.6 // indirect
+	github.com/vbatts/tar-split v0.12.1 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
 	github.com/xdg-go/scram v1.1.2 // indirect
@@ -307,38 +305,38 @@ require (
 	github.com/xlab/treeprint v1.2.0 // indirect
 	github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
 	github.com/zeebo/errs v1.4.0 // indirect
-	gitlab.com/gitlab-org/api/client-go v0.127.0 // indirect
+	gitlab.com/gitlab-org/api/client-go v0.130.1 // indirect
 	go.mongodb.org/mongo-driver v1.17.3 // indirect
 	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
 	go.opentelemetry.io/contrib/detectors/gcp v1.35.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect
-	go.opentelemetry.io/otel v1.35.0 // indirect
-	go.opentelemetry.io/otel/metric v1.35.0 // indirect
-	go.opentelemetry.io/otel/sdk v1.35.0 // indirect
-	go.opentelemetry.io/otel/sdk/metric v1.35.0 // indirect
-	go.opentelemetry.io/otel/trace v1.35.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect
+	go.opentelemetry.io/otel v1.36.0 // indirect
+	go.opentelemetry.io/otel/metric v1.36.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.36.0 // indirect
+	go.opentelemetry.io/otel/sdk/metric v1.36.0 // indirect
+	go.opentelemetry.io/otel/trace v1.36.0 // indirect
 	go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
-	goa.design/goa/v3 v3.20.0 // indirect
+	goa.design/goa/v3 v3.20.1 // indirect
 	gocloud.dev v0.40.0 // indirect
 	gocloud.dev/docstore/mongodocstore v0.40.0 // indirect
 	gocloud.dev/pubsub/kafkapubsub v0.40.0 // indirect
-	golang.org/x/crypto v0.37.0 // indirect
-	golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac // indirect
-	golang.org/x/mod v0.24.0 // indirect
-	golang.org/x/net v0.39.0 // indirect
-	golang.org/x/oauth2 v0.29.0 // indirect
-	golang.org/x/sync v0.13.0 // indirect
+	golang.org/x/crypto v0.39.0 // indirect
+	golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 // indirect
+	golang.org/x/mod v0.25.0 // indirect
+	golang.org/x/net v0.41.0 // indirect
+	golang.org/x/oauth2 v0.30.0 // indirect
+	golang.org/x/sync v0.15.0 // indirect
 	golang.org/x/sys v0.33.0 // indirect
-	golang.org/x/text v0.24.0 // indirect
-	golang.org/x/time v0.11.0 // indirect
+	golang.org/x/text v0.26.0 // indirect
+	golang.org/x/time v0.12.0 // indirect
 	golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect
 	gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect
-	google.golang.org/api v0.229.0 // indirect
-	google.golang.org/genproto v0.0.0-20250324211829-b45e905df463 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e // indirect
-	google.golang.org/grpc v1.72.0 // indirect
+	google.golang.org/api v0.237.0 // indirect
+	google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20250519155744-55703ea1f237 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 // indirect
+	google.golang.org/grpc v1.73.0 // indirect
 	google.golang.org/protobuf v1.36.6 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
@@ -347,7 +345,7 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/apiextensions-apiserver v0.32.4 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 // indirect
+	k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff // indirect
 	k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect
 	knative.dev/eventing v0.30.3 // indirect
 	knative.dev/networking v0.0.0-20231017124814-2a7676e912b7 // indirect
@@ -355,6 +353,7 @@ require (
 	sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect
 	sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
 	sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect
+	sigs.k8s.io/randfill v1.0.0 // indirect
 	sigs.k8s.io/release-utils v0.11.1 // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.6.0 // indirect
 )
diff --git a/go.sum b/go.sum
index 211a687d81..ed618b15a4 100644
--- a/go.sum
+++ b/go.sum
@@ -28,10 +28,10 @@ cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+Y
 cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4=
 cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc=
 cloud.google.com/go v0.98.0/go.mod h1:ua6Ush4NALrHk5QXDWnjvZHN93OuF0HfuEPq9I1X0cM=
-cloud.google.com/go v0.120.0 h1:wc6bgG9DHyKqF5/vQvX1CiZrtHnxJjBlKUyF9nP6meA=
-cloud.google.com/go v0.120.0/go.mod h1:/beW32s8/pGRuj4IILWQNd4uuebeT4dkOhKmkfit64Q=
-cloud.google.com/go/auth v0.16.0 h1:Pd8P1s9WkcrBE2n/PhAwKsdrR35V3Sg2II9B+ndM3CU=
-cloud.google.com/go/auth v0.16.0/go.mod h1:1howDHJ5IETh/LwYs3ZxvlkXF48aSqqJUM+5o02dNOI=
+cloud.google.com/go v0.121.1 h1:S3kTQSydxmu1JfLRLpKtxRPA7rSrYPRPEUmL/PavVUw=
+cloud.google.com/go v0.121.1/go.mod h1:nRFlrHq39MNVWu+zESP2PosMWA0ryJw8KUBZ2iZpxbw=
+cloud.google.com/go/auth v0.16.2 h1:QvBAGFPLrDeoiNjyfVunhQ10HKNYuOwZ5noee0M5df4=
+cloud.google.com/go/auth v0.16.2/go.mod h1:sRBas2Y1fB1vZTdurouM0AzuYQBMZinrUYL8EufhtEA=
 cloud.google.com/go/auth/oauth2adapt v0.2.8 h1:keo8NaayQZ6wimpNSmW5OPc283g65QNIiLpZnkHRbnc=
 cloud.google.com/go/auth/oauth2adapt v0.2.8/go.mod h1:XQ9y31RkqZCcwJWNSx2Xvric3RrU88hAYYbjDWYDL+c=
 cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
@@ -40,39 +40,39 @@ cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvf
 cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
 cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
 cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
-cloud.google.com/go/compute/metadata v0.6.0 h1:A6hENjEsCDtC1k8byVsgwvVcioamEHvZ4j01OwKxG9I=
-cloud.google.com/go/compute/metadata v0.6.0/go.mod h1:FjyFAW1MW0C203CEOMDTu3Dk1FlqW3Rga40jzHL4hfg=
+cloud.google.com/go/compute/metadata v0.7.0 h1:PBWF+iiAerVNe8UCHxdOt6eHLVc3ydFeOCw78U8ytSU=
+cloud.google.com/go/compute/metadata v0.7.0/go.mod h1:j5MvL9PprKL39t166CoB1uVHfQMs4tFQZZcKwksXUjo=
 cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
 cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
 cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk=
 cloud.google.com/go/firestore v1.18.0 h1:cuydCaLS7Vl2SatAeivXyhbhDEIR8BDmtn4egDhIn2s=
 cloud.google.com/go/firestore v1.18.0/go.mod h1:5ye0v48PhseZBdcl0qbl3uttu7FIEwEYVaWm0UIEOEU=
-cloud.google.com/go/iam v1.5.0 h1:QlLcVMhbLGOjRcGe6VTGGTyQib8dRLK2B/kYNV0+2xs=
-cloud.google.com/go/iam v1.5.0/go.mod h1:U+DOtKQltF/LxPEtcDLoobcsZMilSRwR7mgNL7knOpo=
-cloud.google.com/go/kms v1.21.1 h1:r1Auo+jlfJSf8B7mUnVw5K0fI7jWyoUy65bV53VjKyk=
-cloud.google.com/go/kms v1.21.1/go.mod h1:s0wCyByc9LjTdCjG88toVs70U9W+cc6RKFc8zAqX7nE=
+cloud.google.com/go/iam v1.5.2 h1:qgFRAGEmd8z6dJ/qyEchAuL9jpswyODjA2lS+w234g8=
+cloud.google.com/go/iam v1.5.2/go.mod h1:SE1vg0N81zQqLzQEwxL2WI6yhetBdbNQuTvIKCSkUHE=
+cloud.google.com/go/kms v1.22.0 h1:dBRIj7+GDeeEvatJeTB19oYZNV0aj6wEqSIT/7gLqtk=
+cloud.google.com/go/kms v1.22.0/go.mod h1:U7mf8Sva5jpOb4bxYZdtw/9zsbIjrklYwPcvMk34AL8=
 cloud.google.com/go/logging v1.13.0 h1:7j0HgAp0B94o1YRDqiqm26w4q1rDMH7XNRU34lJXHYc=
 cloud.google.com/go/logging v1.13.0/go.mod h1:36CoKh6KA/M0PbhPKMq6/qety2DCAErbhXT62TuXALA=
-cloud.google.com/go/longrunning v0.6.6 h1:XJNDo5MUfMM05xK3ewpbSdmt7R2Zw+aQEMbdQR65Rbw=
-cloud.google.com/go/longrunning v0.6.6/go.mod h1:hyeGJUrPHcx0u2Uu1UFSoYZLn4lkMrccJig0t4FI7yw=
-cloud.google.com/go/monitoring v1.24.1 h1:vKiypZVFD/5a3BbQMvI4gZdl8445ITzXFh257XBgrS0=
-cloud.google.com/go/monitoring v1.24.1/go.mod h1:Z05d1/vn9NaujqY2voG6pVQXoJGbp+r3laV+LySt9K0=
+cloud.google.com/go/longrunning v0.6.7 h1:IGtfDWHhQCgCjwQjV9iiLnUta9LBCo8R9QmAFsS/PrE=
+cloud.google.com/go/longrunning v0.6.7/go.mod h1:EAFV3IZAKmM56TyiE6VAP3VoTzhZzySwI/YI1s/nRsY=
+cloud.google.com/go/monitoring v1.24.2 h1:5OTsoJ1dXYIiMiuL+sYscLc9BumrL3CarVLL7dd7lHM=
+cloud.google.com/go/monitoring v1.24.2/go.mod h1:x7yzPWcgDRnPEv3sI+jJGBkwl5qINf+6qY4eq0I9B4U=
 cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
 cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
 cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
 cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU=
-cloud.google.com/go/pubsub v1.47.0 h1:Ou2Qu4INnf7ykrFjGv2ntFOjVo8Nloh/+OffF4mUu9w=
-cloud.google.com/go/pubsub v1.47.0/go.mod h1:LaENesmga+2u0nDtLkIOILskxsfvn/BXX9Ak1NFxOs8=
+cloud.google.com/go/pubsub v1.49.0 h1:5054IkbslnrMCgA2MAEPcsN3Ky+AyMpEZcii/DoySPo=
+cloud.google.com/go/pubsub v1.49.0/go.mod h1:K1FswTWP+C1tI/nfi3HQecoVeFvL4HUOB1tdaNXKhUY=
 cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
 cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos=
 cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
 cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
 cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
 cloud.google.com/go/storage v1.18.2/go.mod h1:AiIj7BWXyhO5gGVmYJ+S8tbkCx3yb0IMjua8Aw4naVM=
-cloud.google.com/go/storage v1.52.0 h1:ROpzMW/IwipKtatA69ikxibdzQSiXJrY9f6IgBa9AlA=
-cloud.google.com/go/storage v1.52.0/go.mod h1:4wrBAbAYUvYkbrf19ahGm4I5kDQhESSqN3CGEkMGvOY=
-cloud.google.com/go/trace v1.11.3 h1:c+I4YFjxRQjvAhRmSsmjpASUKq88chOX854ied0K/pE=
-cloud.google.com/go/trace v1.11.3/go.mod h1:pt7zCYiDSQjC9Y2oqCsh9jF4GStB/hmjrYLsxRR27q8=
+cloud.google.com/go/storage v1.53.0 h1:gg0ERZwL17pJ+Cz3cD2qS60w1WMDnwcm5YPAIQBHUAw=
+cloud.google.com/go/storage v1.53.0/go.mod h1:7/eO2a/srr9ImZW9k5uufcNahT2+fPb8w5it1i5boaA=
+cloud.google.com/go/trace v1.11.6 h1:2O2zjPzqPYAHrn3OKl029qlqG6W8ZdYaOWRyr8NgMT4=
+cloud.google.com/go/trace v1.11.6/go.mod h1:GA855OeDEBiBMzcckLPE2kDunIpC72N+Pq8WFieFjnI=
 code.gitea.io/sdk/gitea v0.20.0 h1:Zm/QDwwZK1awoM4AxdjeAQbxolzx2rIP8dDfmKu+KoU=
 code.gitea.io/sdk/gitea v0.20.0/go.mod h1:faouBHC/zyx5wLgjmRKR62ydyvMzwWf3QnU0bH7Cw6U=
 contrib.go.opencensus.io/exporter/ocagent v0.7.1-0.20200907061046-05415f1de66d h1:LblfooH1lKOpp1hIhukktmSAxFkqMPFk9KR6iZ0MJNI=
@@ -102,14 +102,14 @@ github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.14.0
 github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.14.0/go.mod h1:tlqp9mUGbsP+0z3Q+c0Q5MgSdq/OMwQhm5bffR3Q3ss=
 github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU=
 github.com/Azure/azure-sdk-for-go v68.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.1 h1:DSDNVxqkoXJiko6x8a90zidoYqnYYa6c1MTzDKzKkTo=
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.1/go.mod h1:zGqV2R4Cr/k8Uye5w+dgQ06WJtEcbQG/8J7BB6hnCr4=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2 h1:F0gBpfdPLGsw+nsgk6aqqkZS1jiixa5WwFe3fk/T3Ys=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2/go.mod h1:SqINnQ9lVVdRlyC8cd1lCI0SdX4n2paeABd2K8ggfnE=
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U=
+github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 h1:B+blDbyVIG3WaikNxPnhPiJ1MThR03b3vKGtER95TP4=
+github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1/go.mod h1:JdM5psgjfBf5fo2uWOZhflPWyDBZ/O/CNAH9CtsuZE4=
 github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2 h1:yz1bePFlP5Vws5+8ez6T3HWXPmwOK7Yvq8QxDBD3SKY=
 github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2/go.mod h1:Pa9ZNPuoNu/GztvBSKk9J1cDJW6vk/n0zLtV4mgd8N8=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4=
+github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA=
 github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.3.1 h1:Wgf5rZba3YZqeTNJPtvqZoBu1sBN/L4sry+u2U3Y75w=
 github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.3.1/go.mod h1:xxCBG/f/4Vbmh2XQJBsOmNdxWUY5j/s27jujKPbQf14=
 github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1 h1:bFWuoEKg+gImo7pvkiQEFAc8ocibADgXeiLAxWhWmkI=
@@ -166,10 +166,6 @@ github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMo
 github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63nhn5WAunQHLTznkw5W8b1Xc0dNjp83s=
 github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDeC1lPdgDeDbhX8XFpy1jqjK0IBG8W5K+xYqA0w=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
-github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8=
-github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q=
-github.com/ProtonMail/go-crypto v1.1.5 h1:eoAQfK2dwL+tFSFpr7TbOaPNUbPiJj4fLYwwGE1FQO4=
-github.com/ProtonMail/go-crypto v1.1.5/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=
 github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
 github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
 github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
@@ -243,20 +239,20 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj
 github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
-github.com/aws/aws-sdk-go v1.55.6 h1:cSg4pvZ3m8dgYcgqB97MrcdjUmZ1BeMYKUxMMB89IPk=
-github.com/aws/aws-sdk-go v1.55.6/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU=
-github.com/aws/aws-sdk-go-v2 v1.36.3 h1:mJoei2CxPutQVxaATCzDUjcZEjVRdpsiiXi2o38yqWM=
-github.com/aws/aws-sdk-go-v2 v1.36.3/go.mod h1:LLXuLpgzEbD766Z5ECcRmi8AzSwfZItDtmABVkRLGzg=
-github.com/aws/aws-sdk-go-v2/config v1.29.12 h1:Y/2a+jLPrPbHpFkpAAYkVEtJmxORlXoo5k2g1fa2sUo=
-github.com/aws/aws-sdk-go-v2/config v1.29.12/go.mod h1:xse1YTjmORlb/6fhkWi8qJh3cvZi4JoVNhc+NbJt4kI=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.65 h1:q+nV2yYegofO/SUXruT+pn4KxkxmaQ++1B/QedcKBFM=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.65/go.mod h1:4zyjAuGOdikpNYiSGpsGz8hLGmUzlY8pc8r9QQ/RXYQ=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 h1:x793wxmUWVDhshP8WW2mlnXuFrO4cOd3HLBroh1paFw=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30/go.mod h1:Jpne2tDnYiFascUEs2AWHJL9Yp7A5ZVy3TNyxaAjD6M=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 h1:ZK5jHhnrioRkUNOc+hOgQKlUL5JeC3S6JgLxtQ+Rm0Q=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34/go.mod h1:p4VfIceZokChbA9FzMbRGz5OV+lekcVtHlPKEO0gSZY=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 h1:SZwFm17ZUNNg5Np0ioo/gq8Mn6u9w19Mri8DnJ15Jf0=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34/go.mod h1:dFZsC0BLo346mvKQLWmoJxT+Sjp+qcVR1tRVHQGOH9Q=
+github.com/aws/aws-sdk-go v1.55.7 h1:UJrkFq7es5CShfBwlWAC8DA077vp8PyVbQd3lqLiztE=
+github.com/aws/aws-sdk-go v1.55.7/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU=
+github.com/aws/aws-sdk-go-v2 v1.36.4 h1:GySzjhVvx0ERP6eyfAbAuAXLtAda5TEy19E5q5W8I9E=
+github.com/aws/aws-sdk-go-v2 v1.36.4/go.mod h1:LLXuLpgzEbD766Z5ECcRmi8AzSwfZItDtmABVkRLGzg=
+github.com/aws/aws-sdk-go-v2/config v1.29.16 h1:XkruGnXX1nEZ+Nyo9v84TzsX+nj86icbFAeust6uo8A=
+github.com/aws/aws-sdk-go-v2/config v1.29.16/go.mod h1:uCW7PNjGwZ5cOGZ5jr8vCWrYkGIhPoTNV23Q/tpHKzg=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.69 h1:8B8ZQboRc3uaIKjshve/XlvJ570R7BKNy3gftSbS178=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.69/go.mod h1:gPME6I8grR1jCqBFEGthULiolzf/Sexq/Wy42ibKK9c=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.31 h1:oQWSGexYasNpYp4epLGZxxjsDo8BMBh6iNWkTXQvkwk=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.31/go.mod h1:nc332eGUU+djP3vrMI6blS0woaCfHTe3KiSQUVTMRq0=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.35 h1:o1v1VFfPcDVlK3ll1L5xHsaQAFdNtZ5GXnNR7SwueC4=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.35/go.mod h1:rZUQNYMNG+8uZxz9FOerQJ+FceCiodXvixpeRtdESrU=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.35 h1:R5b82ubO2NntENm3SAm0ADME+H630HomNJdgv+yZ3xw=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.35/go.mod h1:FuA+nmgMRfkzVKYDNEqQadvEMxtxl9+RLT9ribCwEMs=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 h1:bIqFDwgGXXN1Kpp99pDOdKMTTb5d2KyU5X/BZxjOkRo=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3/go.mod h1:H5O/EsxDWyU+LP/V8i5sm8cxoZgc2fdNR9bxlOFrQTo=
 github.com/aws/aws-sdk-go-v2/service/ecr v1.40.3 h1:a+210FCU/pR5hhKRaskRfX/ogcyyzFBrehcTk5DTAyU=
@@ -265,16 +261,16 @@ github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.31.2 h1:E6/Myrj9HgLF22medmDrKm
 github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.31.2/go.mod h1:OQ8NALFcchBJ/qruak6zKUQodovnTKKaReTuCkc5/9Y=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 h1:eAh2A4b5IzM/lum78bZ590jy36+d/aFLgKF/4Vd1xPE=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3/go.mod h1:0yKJC/kb8sAnmlYa6Zs3QVYqaC8ug2AbnNChv5Ox3uA=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 h1:dM9/92u2F1JbDaGooxTq18wmmFzbJRfXfVfy96/1CXM=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15/go.mod h1:SwFBy2vjtA0vZbjjaFtfN045boopadnoVPhu4Fv66vY=
-github.com/aws/aws-sdk-go-v2/service/kms v1.38.1 h1:tecq7+mAav5byF+Mr+iONJnCBf4B4gon8RSp4BrweSc=
-github.com/aws/aws-sdk-go-v2/service/kms v1.38.1/go.mod h1:cQn6tAF77Di6m4huxovNM7NVAozWTZLsDRp9t8Z/WYk=
-github.com/aws/aws-sdk-go-v2/service/sso v1.25.2 h1:pdgODsAhGo4dvzC3JAG5Ce0PX8kWXrTZGx+jxADD+5E=
-github.com/aws/aws-sdk-go-v2/service/sso v1.25.2/go.mod h1:qs4a9T5EMLl/Cajiw2TcbNt2UNo/Hqlyp+GiuG4CFDI=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.0 h1:90uX0veLKcdHVfvxhkWUQSCi5VabtwMLFutYiRke4oo=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.0/go.mod h1:MlYRNmYu/fGPoxBQVvBYr9nyr948aY/WLUvwBMBJubs=
-github.com/aws/aws-sdk-go-v2/service/sts v1.33.17 h1:PZV5W8yk4OtH1JAuhV2PXwwO9v5G5Aoj+eMCn4T+1Kc=
-github.com/aws/aws-sdk-go-v2/service/sts v1.33.17/go.mod h1:cQnB8CUnxbMU82JvlqjKR2HBOm3fe9pWorWBza6MBJ4=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.16 h1:/ldKrPPXTC421bTNWrUIpq3CxwHwRI/kpc+jPUTJocM=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.16/go.mod h1:5vkf/Ws0/wgIMJDQbjI4p2op86hNW6Hie5QtebrDgT8=
+github.com/aws/aws-sdk-go-v2/service/kms v1.41.0 h1:2jKyib9msVrAVn+lngwlSplG13RpUZmzVte2yDao5nc=
+github.com/aws/aws-sdk-go-v2/service/kms v1.41.0/go.mod h1:RyhzxkWGcfixlkieewzpO3D4P4fTMxhIDqDZWsh0u/4=
+github.com/aws/aws-sdk-go-v2/service/sso v1.25.4 h1:EU58LP8ozQDVroOEyAfcq0cGc5R/FTZjVoYJ6tvby3w=
+github.com/aws/aws-sdk-go-v2/service/sso v1.25.4/go.mod h1:CrtOgCcysxMvrCoHnvNAD7PHWclmoFG78Q2xLK0KKcs=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.2 h1:XB4z0hbQtpmBnb1FQYvKaCM7UsS6Y/u8jVBwIUGeCTk=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.2/go.mod h1:hwRpqkRxnQ58J9blRDrB4IanlXCpcKmsC83EhG77upg=
+github.com/aws/aws-sdk-go-v2/service/sts v1.33.21 h1:nyLjs8sYJShFYj6aiyjCBI3EcLn1udWrQTjEF+SOXB0=
+github.com/aws/aws-sdk-go-v2/service/sts v1.33.21/go.mod h1:EhdxtZ+g84MSGrSrHzZiUm9PYiZkrADNja15wtRJSJo=
 github.com/aws/smithy-go v1.22.3 h1:Z//5NuZCSW6R4PhQ93hShNbyBbn8BWCmCVCt+Q8Io5k=
 github.com/aws/smithy-go v1.22.3/go.mod h1:t1ufH5HMublsJYulve2RKmHDC15xu1f26kHCp/HgceI=
 github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.9.1 h1:50sS0RWhGpW/yZx2KcDNEb1u1MANv5BMEkJgcieEDTA=
@@ -295,8 +291,8 @@ github.com/blendle/zapdriver v1.3.1/go.mod h1:mdXfREi6u5MArG4j9fewC+FGnXaBR+T4Ox
 github.com/bluekeyes/go-gitdiff v0.8.0 h1:Nn1wfw3/XeKoc3lWk+2bEXGUHIx36kj80FM1gVcBk+o=
 github.com/bluekeyes/go-gitdiff v0.8.0/go.mod h1:WWAk1Mc6EgWarCrPFO+xeYlujPu98VuLW3Tu+B/85AE=
 github.com/bmizerany/perks v0.0.0-20141205001514-d9a9656a3a4b/go.mod h1:ac9efd0D1fsDb3EJvhqgXRbFx7bs2wqZ10HQPeU8U/Q=
-github.com/buildkite/agent/v3 v3.95.1 h1:soe8EyQf068snMYtsQM10+l/l2wwbZIz0P7aDbz+Zws=
-github.com/buildkite/agent/v3 v3.95.1/go.mod h1:k2rfXF1U6fl/wejFXuS4YWXX4nDXZFpvKjCc5KUOAXg=
+github.com/buildkite/agent/v3 v3.98.2 h1:VOOxv8XD8HVCtEvtRPQhvB6k2Gorha2gN1wGh94gYAA=
+github.com/buildkite/agent/v3 v3.98.2/go.mod h1:+zCvvo/OlOwfs+AH3QvSn37H3cBXP3Fe18eoSbqUvnY=
 github.com/buildkite/go-pipeline v0.13.3 h1:llI7sAdZ7sqYE7r8ePlmDADRhJ1K0Kua2+gv74Z9+Es=
 github.com/buildkite/go-pipeline v0.13.3/go.mod h1:1uC2XdHkTV1G5jYv9K8omERIwrsYbBruBrPx1Zu1uFw=
 github.com/buildkite/interpolate v0.1.5 h1:v2Ji3voik69UZlbfoqzx+qfcsOKLA61nHdU79VV+tPU=
@@ -306,6 +302,8 @@ github.com/buildkite/roko v1.3.1/go.mod h1:23R9e6nHxgedznkwwfmqZ6+0VJZJZ2Sg/uVcp
 github.com/c2h5oh/datasize v0.0.0-20171227191756-4eba002a5eae/go.mod h1:S/7n9copUssQ56c7aAgHqftWO4LTf4xY6CGWt8Bc+3M=
 github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
 github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
+github.com/cenkalti/backoff/v5 v5.0.2 h1:rIfFVxEf1QsI7E1ZHfp/B4DF/6QBAUhmgkxc0H7Zss8=
+github.com/cenkalti/backoff/v5 v5.0.2/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/census-instrumentation/opencensus-proto v0.4.1 h1:iKLQ0xPNFxR/2hzXZMrBo8f1j86j5WHzznCCQxV/b8g=
@@ -333,8 +331,6 @@ github.com/cloudevents/sdk-go/v2 v2.4.1/go.mod h1:MZiMwmAh5tGj+fPFvtHv9hKurKqXtd
 github.com/cloudevents/sdk-go/v2 v2.8.0/go.mod h1:GpCBmUj7DIRiDhVvsK5d6WCbgTWs8DxAWTRtAwQmIXs=
 github.com/cloudevents/sdk-go/v2 v2.16.0 h1:wnunjgiLQCfYlyo+E4+mFlZtAh7pKn7vT8MMD3lSwCg=
 github.com/cloudevents/sdk-go/v2 v2.16.0/go.mod h1:5YWqklyhDSmGzBK/JENKKXdulbPq0JFf3c/KEnMLqgg=
-github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0=
-github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
 github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
@@ -378,10 +374,10 @@ github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ
 github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
 github.com/creack/pty v1.1.24 h1:bJrF4RRfyJnbTJqzRLHzcGaZK1NeM5kTC9jGgovnR1s=
 github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE=
-github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 h1:2Dx4IHfC1yHWI12AxQDJM1QbRCDfk6M+blLzlZCXdrc=
-github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw=
-github.com/danieljoos/wincred v1.2.1 h1:dl9cBrupW8+r5250DYkYxocLeZ1Y4vB1kxgtjxw8GQs=
-github.com/danieljoos/wincred v1.2.1/go.mod h1:uGaFL9fDn3OLTvzCGulzE+SzjEe5NGlh5FdCcyfPwps=
+github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467 h1:uX1JmpONuD549D73r6cgnxyUu18Zb7yHAy5AYU0Pm4Q=
+github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw=
+github.com/danieljoos/wincred v1.2.2 h1:774zMFJrqaeYCK2W57BgAem/MLi6mtSE47MB6BOJ0i0=
+github.com/danieljoos/wincred v1.2.2/go.mod h1:w7w4Utbrz8lqeMbDAK0lkNJUv5sAOkFi7nd/ogr0Uh8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
@@ -410,8 +406,8 @@ github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBi
 github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/docker v28.2.2+incompatible h1:CjwRSksz8Yo4+RmQ339Dp/D2tGO5JxwYeqtMOEe0LDw=
 github.com/docker/docker v28.2.2+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo=
-github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
+github.com/docker/docker-credential-helpers v0.9.3 h1:gAm/VtF9wgqJMoxzT3Gj5p4AqIjCBS4wrsOh9yRqcz8=
+github.com/docker/docker-credential-helpers v0.9.3/go.mod h1:x+4Gbw9aGmChi3qTLZj8Dfn0TD20M/fuWy0E5+WDeCo=
 github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM=
 github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
 github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
@@ -522,8 +518,8 @@ github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTg
 github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
 github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
-github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
+github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
 github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
 github.com/go-openapi/analysis v0.23.0 h1:aGday7OWupfMs+LbmLZG4k0MYXIANxcuBTYUC03zFCU=
@@ -561,8 +557,8 @@ github.com/go-piv/piv-go/v2 v2.3.0 h1:kKkrYlgLQTMPA6BiSL25A7/x4CEh2YCG7rtb/aTkx+
 github.com/go-piv/piv-go/v2 v2.3.0/go.mod h1:ShZi74nnrWNQEdWzRUd/3cSig3uNOcEZp+EWl0oewnI=
 github.com/go-rod/rod v0.116.2 h1:A5t2Ky2A+5eD/ZJQr1EfsQSe5rms5Xof/qj296e+ZqA=
 github.com/go-rod/rod v0.116.2/go.mod h1:H+CMO9SCNc2TJ2WfrG+pKhITz57uGNYU43qYHh438Mg=
-github.com/go-sql-driver/mysql v1.9.1 h1:FrjNGn/BsJQjVRuSa8CBrM5BWA9BWoXXat3KrtSb/iI=
-github.com/go-sql-driver/mysql v1.9.1/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI64Gl8i5p1WMU=
+github.com/go-sql-driver/mysql v1.9.2 h1:4cNKDYQ1I84SXslGddlsrMhc8k4LeDVj6Ad6WRjiHuU=
+github.com/go-sql-driver/mysql v1.9.2/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI64Gl8i5p1WMU=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
@@ -651,8 +647,8 @@ github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg=
 github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4=
 github.com/google/cel-go v0.25.0 h1:jsFw9Fhn+3y2kBbltZR4VEz5xKkcIFRPDnuEzAGv5GY=
 github.com/google/cel-go v0.25.0/go.mod h1:hjEb6r5SuOSlhCHmFoLzu8HGCERvIsDAbxDAyNU/MmI=
-github.com/google/certificate-transparency-go v1.3.1 h1:akbcTfQg0iZlANZLn0L9xOeWtyCIdeoYhKrqi5iH3Go=
-github.com/google/certificate-transparency-go v1.3.1/go.mod h1:gg+UQlx6caKEDQ9EElFOujyxEQEfOiQzAt6782Bvi8k=
+github.com/google/certificate-transparency-go v1.3.2 h1:9ahSNZF2o7SYMaKaXhAumVEzXB2QaayzII9C8rv7v+A=
+github.com/google/certificate-transparency-go v1.3.2/go.mod h1:H5FpMUaGa5Ab2+KCYsxg6sELw3Flkl7pGZzWdBoYLXs=
 github.com/google/gnostic-models v0.6.9 h1:MU/8wDLif2qCXZmzncUQ/BOfxWfthHi63KqpoNbWqVw=
 github.com/google/gnostic-models v0.6.9/go.mod h1:CiWsm0s6BSQd1hRn8/QmxqB6BesYcbSZxsz9b0KuDBw=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
@@ -672,8 +668,8 @@ github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
 github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
-github.com/google/go-containerregistry v0.20.3 h1:oNx7IdTI936V8CQRveCjaxOiegWwvM7kqkbXTpyiovI=
-github.com/google/go-containerregistry v0.20.3/go.mod h1:w00pIgBRDVUDFM6bq+Qx8lwNWK+cxgCuX1vd3PIBDNI=
+github.com/google/go-containerregistry v0.20.6 h1:cvWX87UxxLgaH76b4hIvya6Dzz9qHB31qAwjAohdSTU=
+github.com/google/go-containerregistry v0.20.6/go.mod h1:T0x8MuoAoKX/873bkeSfLD2FAkwCDf9/HZgsFJ02E2Y=
 github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20240108195214-a0658aa1d0cc h1:eJ9J17+23quNw5z6O9AdTH+irI7JI+6eQX9TswViyvk=
 github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20240108195214-a0658aa1d0cc/go.mod h1:Ek+8PQrShkA7aHEj3/zSW33wU0V/Bx3zW/gFh7l21xY=
 github.com/google/go-containerregistry/pkg/authn/kubernetes v0.0.0-20240108195214-a0658aa1d0cc h1:fHDosK/RhxYQpWBRo+bbawVuR402odSaNToA0Pp+ojw=
@@ -681,8 +677,8 @@ github.com/google/go-containerregistry/pkg/authn/kubernetes v0.0.0-2024010819521
 github.com/google/go-github/v27 v27.0.6/go.mod h1:/0Gr8pJ55COkmv+S/yPKCczSkUPIM/LnFyubufRNIS0=
 github.com/google/go-github/v31 v31.0.0 h1:JJUxlP9lFK+ziXKimTCprajMApV1ecWD4NB6CCb0plo=
 github.com/google/go-github/v31 v31.0.0/go.mod h1:NQPZol8/1sMoWYGN2yaALIBytu17gAWfhbweiEed3pM=
-github.com/google/go-github/v55 v55.0.0 h1:4pp/1tNMB9X/LuAhs5i0KQAE40NmiR/y6prLNb9x9cg=
-github.com/google/go-github/v55 v55.0.0/go.mod h1:JLahOTA1DnXzhxEymmFF5PP2tSS9JVNj68mSZNDwskA=
+github.com/google/go-github/v72 v72.0.0 h1:FcIO37BLoVPBO9igQQ6tStsv2asG4IPcYFi655PPvBM=
+github.com/google/go-github/v72 v72.0.0/go.mod h1:WWtw8GMRiL62mvIquf1kO3onRHeWWKmK01qdCY8c5fg=
 github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
 github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
@@ -717,18 +713,16 @@ github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLe
 github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo=
-github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
+github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8=
+github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0=
 github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM=
 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
 github.com/google/subcommands v1.2.0/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk=
-github.com/google/tink/go v1.7.0 h1:6Eox8zONGebBFcCBqkVmt60LaWZa6xg1cl/DwAh/J1w=
-github.com/google/tink/go v1.7.0/go.mod h1:GAUOd+QE3pgj9q8VKIGTCP33c/B7eb4NhxLcgTJZStM=
-github.com/google/trillian v1.7.1 h1:+zX8jLM3524bAMPS+VxaDIDgsMv3/ty6DuLWerHXcek=
-github.com/google/trillian v1.7.1/go.mod h1:E1UMAHqpZCA8AQdrKdWmHmtUfSeiD0sDWD1cv00Xa+c=
+github.com/google/trillian v1.7.2 h1:EPBxc4YWY4Ak8tcuhyFleY+zYlbCDCa4Sn24e1Ka8Js=
+github.com/google/trillian v1.7.2/go.mod h1:mfQJW4qRH6/ilABtPYNBerVJAJ/upxHLX81zxNQw05s=
 github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -742,8 +736,8 @@ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+
 github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
 github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0=
 github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM=
-github.com/googleapis/gax-go/v2 v2.14.1 h1:hb0FFeiPaQskmvakKu5EbCbpntQn48jyHuvrkurSS/Q=
-github.com/googleapis/gax-go/v2 v2.14.1/go.mod h1:Hb/NubMaVM88SrNkvl8X/o8XWwDJEPqouaLeN2IUxoA=
+github.com/googleapis/gax-go/v2 v2.14.2 h1:eBLnkZ9635krYIPD+ag1USrOAI0Nr0QYF3+/3GqO0k0=
+github.com/googleapis/gax-go/v2 v2.14.2/go.mod h1:ON64QhlJkhVtSqp4v1uaK92VyZ2gmvDQsweuyLV+8+w=
 github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg=
 github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU=
 github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA=
@@ -757,8 +751,8 @@ github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWS
 github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
 github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
 github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
-github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 h1:JeSE6pjso5THxAzdVpqr6/geYxZytqFMBCOtn/ujyeo=
+github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674/go.mod h1:r4w70xmWCQKmi1ONH4KIaBptdivuRPyosB9RmPlGEwA=
 github.com/grafeas/grafeas v0.2.3 h1:B9Bgc3ZQjPhqXKmro95Dfyb+GlE6D1pMuExT+n66ChE=
 github.com/grafeas/grafeas v0.2.3/go.mod h1:O+UvNYn4LhdKR59XrxRDWwr2bbheR1KRRNdD8mJpxs4=
 github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
@@ -770,8 +764,8 @@ github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgf
 github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
 github.com/grpc-ecosystem/grpc-gateway v1.14.6/go.mod h1:zdiPV4Yse/1gnckTHtghG4GkDEdKCRJduHpTxT3/jcw=
 github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1 h1:e9Rjr40Z98/clHv5Yg79Is0NtosR5LXRvdr7o/6NwbA=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1/go.mod h1:tIxuGz/9mpox++sgp9fJjHO0+q1X9/UOWd798aAm22M=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 h1:5ZPtiqj0JL5oKWmcsq4VMaAW5ukBEgSGXEN89zeH1Jo=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3/go.mod h1:ndYquD05frm2vACXE1nsccT4oJzjhw2arTS2cpUD1PI=
 github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 h1:2VTzZjLZBgl62/EtslCrtky5vbi9dd7HrQPQIx6wqiw=
 github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI=
 github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b h1:wDUNC2eKiL35DbLvsDhiblTUXHxcOPwQSCzi7xpQUN4=
@@ -798,15 +792,13 @@ github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFO
 github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU=
 github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
 github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
-github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 h1:UpiO20jno/eV1eVZcxqWnUohyKRe1g8FPV/xH1s/2qs=
-github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8=
-github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U=
+github.com/hashicorp/go-secure-stdlib/parseutil v0.2.0 h1:U+kC2dOhMFQctRfhK0gRctKAPTloZdMU5ZJxaesJ/VM=
+github.com/hashicorp/go-secure-stdlib/parseutil v0.2.0/go.mod h1:Ll013mhdmsVDuoIXVfBtvgGJsXDYkTw1kooNcoCXuE0=
 github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts=
 github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4=
 github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU=
-github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A=
-github.com/hashicorp/go-sockaddr v1.0.5 h1:dvk7TIXCZpmfOlM+9mlcrWmWjw/wlKT+VDq2wMvfPJU=
-github.com/hashicorp/go-sockaddr v1.0.5/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI=
+github.com/hashicorp/go-sockaddr v1.0.7 h1:G+pTkSO01HpR5qCxg7lxfsFEZaG+C0VssTy/9dbT+Fw=
+github.com/hashicorp/go-sockaddr v1.0.7/go.mod h1:FZQbEYa1pxkQ7WLpyXJ6cbjpT8q0YgQaK/JakXqGyWw=
 github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4=
 github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
 github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
@@ -858,14 +850,12 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/influxdata/tdigest v0.0.0-20180711151920-a7d76c6f093a/go.mod h1:9GkyshztGufsdPQWjH+ifgnIr3xNUL5syI70g2dzU1o=
 github.com/influxdata/tdigest v0.0.0-20181121200506-bf2b5ad3c0a9/go.mod h1:Js0mqiSBE6Ffsg94weZZ2c+v/ciT8QRHFOap7EKDrR0=
-github.com/jackc/pgerrcode v0.0.0-20240316143900-6e2875d9b438 h1:Dj0L5fhJ9F82ZJyVOmBx6msDp/kfd1t9GRfny/mfJA0=
-github.com/jackc/pgerrcode v0.0.0-20240316143900-6e2875d9b438/go.mod h1:a/s9Lp5W7n/DD0VrVoyJ00FbP2ytTPDVOivvn2bMlds=
 github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
 github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
 github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
 github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
-github.com/jackc/pgx/v5 v5.7.2 h1:mLoDLV6sonKlvjIEsV56SkWNCnuNv531l94GaIzO+XI=
-github.com/jackc/pgx/v5 v5.7.2/go.mod h1:ncY89UGWxg82EykZUwSpUKEfccBGGYq1xjrOpsbsfGQ=
+github.com/jackc/pgx/v5 v5.7.5 h1:JHGfMnQY+IEtGM63d+NGMjoRpysB2JBwDr5fsngwmJs=
+github.com/jackc/pgx/v5 v5.7.5/go.mod h1:aruU7o91Tc2q2cFp5h4uP3f6ztExVpyVv88Xl/8Vl8M=
 github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
 github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
 github.com/jcmturner/aescts/v2 v2.0.0 h1:9YKLH6ey7H4eDBXW8khjYslgyqG2xZikXP0EQFKrle8=
@@ -918,8 +908,8 @@ github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNU
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
 github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8=
 github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg=
-github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6 h1:IsMZxCuZqKuao2vNdfD82fjjgPLfyHLpR41Z88viRWs=
-github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6/go.mod h1:3VeWNIJaW+O5xpRQbPp0Ybqu1vJd/pm7s2F473HRrkw=
+github.com/keybase/go-keychain v0.0.1 h1:way+bWYa6lDppZoZcgMbYsvC7GxljxrskdNInRtuthU=
+github.com/keybase/go-keychain v0.0.1/go.mod h1:PdEILRW3i9D8JcdM+FmY6RwkHGnhHxXwkPPMeUgOK1k=
 github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
 github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
@@ -996,14 +986,12 @@ github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrk
 github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
 github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
-github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo=
 github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0=
 github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0=
 github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg=
 github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY=
 github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
 github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
-github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c h1:cqn374mizHuIWj+OSJCajGr/phAmuMug9qIX3l9CflE=
 github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
@@ -1071,12 +1059,12 @@ github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAl
 github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro=
 github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4=
 github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog=
-github.com/open-policy-agent/opa v1.1.0 h1:HMz2evdEMTyNqtdLjmu3Vyx06BmhNYAx67Yz3Ll9q2s=
-github.com/open-policy-agent/opa v1.1.0/go.mod h1:T1pASQ1/vwfTa+e2fYcfpLCvWgYtqtiUv+IuA/dLPQs=
+github.com/open-policy-agent/opa v1.5.1 h1:LTxxBJusMVjfs67W4FoRcnMfXADIGFMzpqnfk6D08Cg=
+github.com/open-policy-agent/opa v1.5.1/go.mod h1:bYbS7u+uhTI+cxHQIpzvr5hxX0hV7urWtY+38ZtjMgk=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
-github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
-github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM=
+github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
+github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
 github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
 github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs=
 github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
@@ -1089,8 +1077,8 @@ github.com/pborman/uuid v1.2.1 h1:+ZZIw58t/ozdjRaXh/3awHfmWRbzYxJoAdNJxe/3pvw=
 github.com/pborman/uuid v1.2.1/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/pelletier/go-toml/v2 v2.0.0-beta.2/go.mod h1:+X+aW6gUj6Hda43TeYHVCIvYNG/jqY/8ZFXAeXXHl+Q=
-github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M=
-github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc=
+github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4=
+github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
 github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI=
 github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
 github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=
@@ -1120,14 +1108,14 @@ github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqr
 github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY=
 github.com/prometheus/client_golang v1.12.2/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY=
 github.com/prometheus/client_golang v1.13.0/go.mod h1:vTeo+zgvILHsnnj/39Ou/1fPN5nJFOEMgftOUOmlvYQ=
-github.com/prometheus/client_golang v1.21.1 h1:DOvXXTqVzvkIewV/CDPFdejpMCGeMcbGCQ8YOmu+Ibk=
-github.com/prometheus/client_golang v1.21.1/go.mod h1:U9NM32ykUErtVBxdvD3zfi+EuFkkaBvMb09mIfe0Zgg=
+github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q=
+github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
-github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
+github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk=
+github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE=
 github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
 github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
@@ -1137,8 +1125,8 @@ github.com/prometheus/common v0.28.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+
 github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
 github.com/prometheus/common v0.35.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA=
 github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA=
-github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io=
-github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I=
+github.com/prometheus/common v0.63.0 h1:YR/EIY1o3mEFP/kZCD7iDMnLPlGyuU2Gb3HIcXnA98k=
+github.com/prometheus/common v0.63.0/go.mod h1:VVFF/fBIoToEnWRVkYoXEkq3R3paCoxG9PXP74SnV18=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
@@ -1158,8 +1146,8 @@ github.com/rabbitmq/amqp091-go v1.1.0/go.mod h1:ogQDLSOACsLPsIq0NpbtiifNZi2YOz0V
 github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
 github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5XpJzTSTfLsJV/mx9Q9g7kxmchpfZyxgzM=
 github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
-github.com/redis/go-redis/v9 v9.7.3 h1:YpPyAayJV+XErNsatSElgRZZVCwXX9QzkKYNvO7x0wM=
-github.com/redis/go-redis/v9 v9.7.3/go.mod h1:bGUrSggJ9X9GUmZpZNEOQKaANxSGgOEBRltRTZHSvrA=
+github.com/redis/go-redis/v9 v9.8.0 h1:q3nRvjrlge/6UD7eTu/DSg2uYiU2mCL0G/uzBWqhicI=
+github.com/redis/go-redis/v9 v9.8.0/go.mod h1:huWgSWd8mW6+m0VPhJjSSQ+d6Nh1VICQ6Q5lHuCH/Iw=
 github.com/rickb777/date v1.13.0/go.mod h1:GZf3LoGnxPWjX+/1TXOuzHefZFDovTyNLHDMd3qH70k=
 github.com/rickb777/plural v1.2.1/go.mod h1:j058+3M5QQFgcZZ2oKIOekcygoZUL8gKW5yRO14BuAw=
 github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
@@ -1178,7 +1166,6 @@ github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNl
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
-github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
 github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
 github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
 github.com/sagikazarmark/locafero v0.7.0 h1:5MqpDsTGNDhY8sGp0Aowyf0qKsPrhewaLSsFaodPcyo=
@@ -1201,28 +1188,28 @@ github.com/shurcooL/githubv4 v0.0.0-20190718010115-4ba037080260/go.mod h1:hAF0iL
 github.com/shurcooL/graphql v0.0.0-20181231061246-d48a9a75455f h1:tygelZueB1EtXkPI6mQ4o9DQ0+FKW41hTbunoXZCTqk=
 github.com/shurcooL/graphql v0.0.0-20181231061246-d48a9a75455f/go.mod h1:AuYgA5Kyo4c7HfUmvRGs/6rGlMMV/6B1bVnB9JxJEEg=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
-github.com/sigstore/cosign/v2 v2.5.0 h1:1aRfPgRQHHlODI3Mvs/JkPBS9dJT9bRLCuHZgnHxFt8=
-github.com/sigstore/cosign/v2 v2.5.0/go.mod h1:2V2hmo+jjFNnDb5Q5VL6PXvLU9Vujio7T5yldrpNTRw=
-github.com/sigstore/fulcio v1.6.6 h1:XaMYX6TNT+8n7Npe8D94nyZ7/ERjEsNGFC+REdi/wzw=
-github.com/sigstore/fulcio v1.6.6/go.mod h1:BhQ22lwaebDgIxVBEYOOqLRcN5+xOV+C9bh/GUXRhOk=
-github.com/sigstore/protobuf-specs v0.4.1 h1:5SsMqZbdkcO/DNHudaxuCUEjj6x29tS2Xby1BxGU7Zc=
-github.com/sigstore/protobuf-specs v0.4.1/go.mod h1:+gXR+38nIa2oEupqDdzg4qSBT0Os+sP7oYv6alWewWc=
+github.com/sigstore/cosign/v2 v2.5.2 h1:i5Dw7M7W9OcWgyiknJB8vNx/07KweninBDxRoHPxqHE=
+github.com/sigstore/cosign/v2 v2.5.2/go.mod h1:CYlcgkPQJZ5pvWlbl7mOfO/Q1S1N7r4tpdYCtFwhXco=
+github.com/sigstore/fulcio v1.7.1 h1:RcoW20Nz49IGeZyu3y9QYhyyV3ZKQ85T+FXPKkvE+aQ=
+github.com/sigstore/fulcio v1.7.1/go.mod h1:7lYY+hsd8Dt+IvKQRC+KEhWpCZ/GlmNvwIa5JhypMS8=
+github.com/sigstore/protobuf-specs v0.4.3 h1:kRgJ+ciznipH9xhrkAbAEHuuxD3GhYnGC873gZpjJT4=
+github.com/sigstore/protobuf-specs v0.4.3/go.mod h1:+gXR+38nIa2oEupqDdzg4qSBT0Os+sP7oYv6alWewWc=
 github.com/sigstore/rekor v1.3.10 h1:/mSvRo4MZ/59ECIlARhyykAlQlkmeAQpvBPlmJtZOCU=
 github.com/sigstore/rekor v1.3.10/go.mod h1:JvryKJ40O0XA48MdzYUPu0y4fyvqt0C4iSY7ri9iu3A=
-github.com/sigstore/sigstore v1.9.4 h1:64+OGed80+A4mRlNzRd055vFcgBeDghjZw24rPLZgDU=
-github.com/sigstore/sigstore v1.9.4/go.mod h1:Q7tGTC3gbtK7c3jcxEmGc2MmK4rRpIRzi3bxRFWKvEY=
-github.com/sigstore/sigstore-go v0.7.1 h1:lyzi3AjO6+BHc5zCf9fniycqPYOt3RaC08M/FRmQhVY=
-github.com/sigstore/sigstore-go v0.7.1/go.mod h1:AIRj4I3LC82qd07VFm3T2zXYiddxeBV1k/eoS8nTz0E=
-github.com/sigstore/sigstore/pkg/signature/kms/aws v1.9.1 h1:/YcNq687WnXpIRXl04nLfJX741G4iW+w+7Nem2Zy0f4=
-github.com/sigstore/sigstore/pkg/signature/kms/aws v1.9.1/go.mod h1:ApL9RpKsi7gkSYN0bMNdm/3jZ9EefxMmfYHfUmq2ZYM=
-github.com/sigstore/sigstore/pkg/signature/kms/azure v1.9.1 h1:FnusXyTIInnwfIOzzl5PFilRm1I97dxMSOcCkZBu9Kc=
-github.com/sigstore/sigstore/pkg/signature/kms/azure v1.9.1/go.mod h1:d5m5LOa/69a+t2YC9pDPwS1n2i/PhqB4cUKbpVDlKKE=
-github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.9.1 h1:LFiYK1DEWQ6Hf/nroFzBMM+s5rVSjVL45Alpb5Ctl5A=
-github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.9.1/go.mod h1:GFyFmDsE2wDuIHZD+4+JErGpA0S4zJsKNz5l2JVJd8s=
-github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.9.1 h1:sIW6xe4yU5eIMH8fve2C78d+r29KmHnIb+7po+80bsY=
-github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.9.1/go.mod h1:3pNf99GnK9eu3XUa5ebHzgEQSVYf9hqAoPFwbwD6O6M=
-github.com/sigstore/timestamp-authority v1.2.5 h1:W22JmwRv1Salr/NFFuP7iJuhytcZszQjldoB8GiEdnw=
-github.com/sigstore/timestamp-authority v1.2.5/go.mod h1:gWPKWq4HMWgPCETre0AakgBzcr9DRqHrsgbrRqsigOs=
+github.com/sigstore/sigstore v1.9.5 h1:Wm1LT9yF4LhQdEMy5A2JeGRHTrAWGjT3ubE5JUSrGVU=
+github.com/sigstore/sigstore v1.9.5/go.mod h1:VtxgvGqCmEZN9X2zhFSOkfXxvKUjpy8RpUW39oCtoII=
+github.com/sigstore/sigstore-go v1.0.0 h1:4N07S2zLxf09nTRwaPKyAxbKzpM8WJYUS8lWWaYxneU=
+github.com/sigstore/sigstore-go v1.0.0/go.mod h1:UYsZ/XHE4eltv1o1Lu+n6poW1Z5to3f0+emvfXNxIN8=
+github.com/sigstore/sigstore/pkg/signature/kms/aws v1.9.5 h1:qp2VFyKuFQvTGmZwk5Q7m5nE4NwnF9tHwkyz0gtWAck=
+github.com/sigstore/sigstore/pkg/signature/kms/aws v1.9.5/go.mod h1:DKlQjjr+GsWljEYPycI0Sf8URLCk4EbGA9qYjF47j4g=
+github.com/sigstore/sigstore/pkg/signature/kms/azure v1.9.5 h1:CRZcdYn5AOptStsLRAAACudAVmb1qUbhMlzrvm7ju3o=
+github.com/sigstore/sigstore/pkg/signature/kms/azure v1.9.5/go.mod h1:b9rFfITq2fp1M3oJmq6lFFhSrAz5vOEJH1qzbMsZWN4=
+github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.9.5 h1:7U0GsO0UGG1PdtgS6wBkRC0sMgq7BRVaFlPRwN4m1Qg=
+github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.9.5/go.mod h1:/2qrI0nnCy/DTIPOMFaZlFnNPWEn5UeS70P37XEM88o=
+github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.9.5 h1:S2ukEfN1orLKw2wEQIUHDDlzk0YcylhcheeZ5TGk8LI=
+github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.9.5/go.mod h1:m7sQxVJmDa+rsmS1m6biQxaLX83pzNS7ThUEyjOqkCU=
+github.com/sigstore/timestamp-authority v1.2.8 h1:BEV3fkphwU4zBp3allFAhCqQb99HkiyCXB853RIwuEE=
+github.com/sigstore/timestamp-authority v1.2.8/go.mod h1:G2/0hAZmLPnevEwT1S9IvtNHUm9Ktzvso6xuRhl94ZY=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
 github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
@@ -1313,8 +1300,8 @@ github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gt
 github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU=
 github.com/theupdateframework/go-tuf v0.7.0 h1:CqbQFrWo1ae3/I0UCblSbczevCCbS31Qvs5LdxRWqRI=
 github.com/theupdateframework/go-tuf v0.7.0/go.mod h1:uEB7WSY+7ZIugK6R1hiBMBjQftaFzn7ZCDJcp1tCUug=
-github.com/theupdateframework/go-tuf/v2 v2.0.2 h1:PyNnjV9BJNzN1ZE6BcWK+5JbF+if370jjzO84SS+Ebo=
-github.com/theupdateframework/go-tuf/v2 v2.0.2/go.mod h1:baB22nBHeHBCeuGZcIlctNq4P61PcOdyARlplg5xmLA=
+github.com/theupdateframework/go-tuf/v2 v2.1.1 h1:OWcoHItwsGO+7m0wLa7FDWPR4oB1cj0zOr1kosE4G+I=
+github.com/theupdateframework/go-tuf/v2 v2.1.1/go.mod h1:V675cQGhZONR0OGQ8r1feO0uwtsTBYPDWHzAAPn5rjE=
 github.com/tidwall/gjson v1.14.2 h1:6BBkirS0rAHjumnjHF6qgy5d2YAJ1TLIaFE2lzfOLqo=
 github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
 github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
@@ -1327,6 +1314,8 @@ github.com/tink-crypto/tink-go-awskms/v2 v2.1.0 h1:N9UxlsOzu5mttdjhxkDLbzwtEecuX
 github.com/tink-crypto/tink-go-awskms/v2 v2.1.0/go.mod h1:PxSp9GlOkKL9rlybW804uspnHuO9nbD98V/fDX4uSis=
 github.com/tink-crypto/tink-go-gcpkms/v2 v2.2.0 h1:3B9i6XBXNTRspfkTC0asN5W0K6GhOSgcujNiECNRNb0=
 github.com/tink-crypto/tink-go-gcpkms/v2 v2.2.0/go.mod h1:jY5YN2BqD/KSCHM9SqZPIpJNG/u3zwfLXHgws4x2IRw=
+github.com/tink-crypto/tink-go-hcvault/v2 v2.3.0 h1:6nAX1aRGnkg2SEUMwO5toB2tQkP0Jd6cbmZ/K5Le1V0=
+github.com/tink-crypto/tink-go-hcvault/v2 v2.3.0/go.mod h1:HOC5NWW1wBI2Vke1FGcRBvDATkEYE7AUDiYbXqi2sBw=
 github.com/tink-crypto/tink-go/v2 v2.4.0 h1:8VPZeZI4EeZ8P/vB6SIkhlStrJfivTJn+cQ4dtyHNh0=
 github.com/tink-crypto/tink-go/v2 v2.4.0/go.mod h1:l//evrF2Y3MjdbpNDNGnKgCpo5zSmvUvnQ4MU+yE2sw=
 github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 h1:e/5i7d4oYZ+C1wj2THlRK+oAhjeS/TRQwMfkIuet3w0=
@@ -1344,10 +1333,12 @@ github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljT
 github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
-github.com/vbatts/tar-split v0.11.6 h1:4SjTW5+PU11n6fZenf2IPoV8/tz3AaYHMWjf23envGs=
-github.com/vbatts/tar-split v0.11.6/go.mod h1:dqKNtesIOr2j2Qv3W/cHjnvk9I8+G7oAkFDFN6TCBEI=
+github.com/vbatts/tar-split v0.12.1 h1:CqKoORW7BUWBe7UL/iqTVvkTBOF8UvOMKOIZykxnnbo=
+github.com/vbatts/tar-split v0.12.1/go.mod h1:eF6B6i6ftWQcDqEn3/iGFRFRo8cBIMSJVOpnNdfTMFA=
 github.com/vdemeester/cr-20160607 v1.0.1 h1:nHyI7BZNR04QFtgItJFVAr8SLeoVIFd8co+DODxnPKE=
 github.com/vdemeester/cr-20160607 v1.0.1/go.mod h1:QHeKZtZ3F3FOE+/uIXCBAp8POwnUYekpLwr1dtQa5r0=
+github.com/vektah/gqlparser/v2 v2.5.26 h1:REqqFkO8+SOEgZHR/eHScjjVjGS8Nk3RMO/juiTobN4=
+github.com/vektah/gqlparser/v2 v2.5.26/go.mod h1:D1/VCZtV3LPnQrcPBeR/q5jkSQIPti0uYCP/RI0gIeo=
 github.com/wavesoftware/go-ensure v1.0.0/go.mod h1:K2UAFSwMTvpiRGay/M3aEYYuurcR8S4A6HkQlJPV8k4=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
@@ -1393,8 +1384,8 @@ github.com/zalando/go-keyring v0.2.3 h1:v9CUu9phlABObO4LPWycf+zwMG7nlbb3t/B5wa97
 github.com/zalando/go-keyring v0.2.3/go.mod h1:HL4k+OXQfJUWaMnqyuSOc0drfGPX2b51Du6K+MRgZMk=
 github.com/zeebo/errs v1.4.0 h1:XNdoD/RRMKP7HD0UhJnIzUy74ISdGGxURlYG8HSWSfM=
 github.com/zeebo/errs v1.4.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4=
-gitlab.com/gitlab-org/api/client-go v0.127.0 h1:8xnxcNKGF2gDazEoMs+hOZfOspSSw8D0vAoWhQk9U+U=
-gitlab.com/gitlab-org/api/client-go v0.127.0/go.mod h1:bYC6fPORKSmtuPRyD9Z2rtbAjE7UeNatu2VWHRf4/LE=
+gitlab.com/gitlab-org/api/client-go v0.130.1 h1:1xF5C5Zq3sFeNg3PzS2z63oqrxifne3n/OnbI7nptRc=
+gitlab.com/gitlab-org/api/client-go v0.130.1/go.mod h1:ZhSxLAWadqP6J9lMh40IAZOlOxBLPRh7yFOXR/bMJWM=
 go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
 go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4=
 go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs=
@@ -1421,43 +1412,43 @@ go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUz
 go.opentelemetry.io/contrib/detectors/gcp v1.35.0 h1:bGvFt68+KTiAKFlacHW6AhA56GF2rS0bdD3aJYEnmzA=
 go.opentelemetry.io/contrib/detectors/gcp v1.35.0/go.mod h1:qGWP8/+ILwMRIUf9uIVLloR1uo5ZYAslM4O6OqUi1DA=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 h1:x7wzEgXfnzJcHDwStJT+mxOz4etr2EcexjqhBvmoakw=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0/go.mod h1:rg+RlpR5dKwaS95IyyZqj5Wd4E13lk/msnTS0Xl9lJM=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0 h1:q4XOmH/0opmeuJtPsbFNivyl7bCt7yRBbeEm2sC/XtQ=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0/go.mod h1:snMWehoOh2wsEwnvvwtDyFCxVeDAODenXHtn5vzrKjo=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 h1:sbiXRNDSWJOTobXh5HyQKjq6wUC5tNybqjIqDpAY4CU=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0/go.mod h1:69uWxva0WgAA/4bu2Yy70SLDBwZXuQ6PbBpbsa5iZrQ=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 h1:F7Jx+6hwnZ41NSFTO5q4LYDtJRXBf2PD0rNBkeB/lus=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q=
 go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo=
-go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ=
-go.opentelemetry.io/otel v1.35.0/go.mod h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y=
+go.opentelemetry.io/otel v1.36.0 h1:UumtzIklRBY6cI/lllNZlALOF5nNIzJVb16APdvgTXg=
+go.opentelemetry.io/otel v1.36.0/go.mod h1:/TcFMXYjyRNh8khOAO9ybYkqaDBb/70aVwkNML4pP8E=
 go.opentelemetry.io/otel/exporters/otlp v0.20.0 h1:PTNgq9MRmQqqJY0REVbZFvwkYOA85vbdQU/nVfxDyqg=
 go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0 h1:OeNbIYk/2C15ckl7glBlOBp5+WlYsOElzTNmiPW/x60=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0/go.mod h1:7Bept48yIeqxP2OZ9/AqIpYS94h2or0aB4FypJTc8ZM=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0 h1:1fTNlAIJZGWLP5FVu0fikVry1IsiUnXjf7QFvoNN3Xw=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0/go.mod h1:zjPK58DtkqQFn+YUMbx0M2XV3QgKU0gS9LeGohREyK4=
 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.34.0 h1:BEj3SPM81McUZHYjRS5pEgNgnmzGJ5tRpU5krWnV8Bs=
 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.34.0/go.mod h1:9cKLGBDzI/F3NoHLQGm4ZrYdIHsvGt6ej6hUowxY0J4=
 go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.35.0 h1:PB3Zrjs1sG1GBX51SXyTSoOTqcDglmsk7nT6tkKPb/k=
 go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.35.0/go.mod h1:U2R3XyVPzn0WX7wOIypPuptulsMcPDPs/oiSVOMVnHY=
 go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU=
-go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M=
-go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE=
+go.opentelemetry.io/otel/metric v1.36.0 h1:MoWPKVhQvJ+eeXWHFBOPoBOi20jh6Iq2CcCREuTYufE=
+go.opentelemetry.io/otel/metric v1.36.0/go.mod h1:zC7Ks+yeyJt4xig9DEw9kuUFe5C3zLbVjV2PzT6qzbs=
 go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw=
 go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc=
-go.opentelemetry.io/otel/sdk v1.35.0 h1:iPctf8iprVySXSKJffSS79eOjl9pvxV9ZqOWT0QejKY=
-go.opentelemetry.io/otel/sdk v1.35.0/go.mod h1:+ga1bZliga3DxJ3CQGg3updiaAJoNECOgJREo9KHGQg=
+go.opentelemetry.io/otel/sdk v1.36.0 h1:b6SYIuLRs88ztox4EyrvRti80uXIFy+Sqzoh9kFULbs=
+go.opentelemetry.io/otel/sdk v1.36.0/go.mod h1:+lC+mTgD+MUWfjJubi2vvXWcVxyr9rmlshZni72pXeY=
 go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE=
 go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE=
-go.opentelemetry.io/otel/sdk/metric v1.35.0 h1:1RriWBmCKgkeHEhM7a2uMjMUfP7MsOF5JpUCaEqEI9o=
-go.opentelemetry.io/otel/sdk/metric v1.35.0/go.mod h1:is6XYCUMpcKi+ZsOvfluY5YstFnhW0BidkR+gL+qN+w=
+go.opentelemetry.io/otel/sdk/metric v1.36.0 h1:r0ntwwGosWGaa0CrSt8cuNuTcccMXERFwHX4dThiPis=
+go.opentelemetry.io/otel/sdk/metric v1.36.0/go.mod h1:qTNOhFDfKRwX0yXOqJYegL5WRaW376QbB7P4Pb0qva4=
 go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw=
-go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs=
-go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
+go.opentelemetry.io/otel/trace v1.36.0 h1:ahxWNuqZjpdiFAyrIoQ4GIiAIhxAunQR6MUoKrsNd4w=
+go.opentelemetry.io/otel/trace v1.36.0/go.mod h1:gQ+OnDZzrybY4k4seLzPAWNwVBBVlF2szhehOBB/tGA=
 go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
 go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4=
 go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4=
 go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY=
 go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds=
-go.step.sm/crypto v0.60.0 h1:UgSw8DFG5xUOGB3GUID17UA32G4j1iNQ4qoMhBmsVFw=
-go.step.sm/crypto v0.60.0/go.mod h1:Ep83Lv818L4gV0vhFTdPWRKnL6/5fRMpi8SaoP5ArSw=
+go.step.sm/crypto v0.66.0 h1:9TW6BEguOtcS9NIjja9bDQ+j8OjhenU/F6lJfHjbXNU=
+go.step.sm/crypto v0.66.0/go.mod h1:anqGyvO/Px05D1mznHq4/a9wwP1I1DmMZvk+TWX5Dzo=
 go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
@@ -1475,8 +1466,8 @@ go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo=
 go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI=
 go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
 go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
-goa.design/goa/v3 v3.20.0 h1:mYYNqCBg9SSxe2jxvPJFOPmJqqKkSAUSU84jpczky3s=
-goa.design/goa/v3 v3.20.0/go.mod h1:g8sT4ioTaRt8BZKwZ1YOQe7UgWqkZMx+q6NWgQfzLUU=
+goa.design/goa/v3 v3.20.1 h1:NpGdgRjaXUMOvb4dIfkUwAJOrLf1Jz0K0ggYj4Q7DFM=
+goa.design/goa/v3 v3.20.1/go.mod h1:cLX3Y1JvnCabMWDAZxmfnjxM1f1l9g7Zf0C9CD9GIAQ=
 gocloud.dev v0.40.0 h1:f8LgP+4WDqOG/RXoUcyLpeIAGOcAbZrZbDQCUee10ng=
 gocloud.dev v0.40.0/go.mod h1:drz+VyYNBvrMTW0KZiBAYEdl8lbNZx+OQ7oQvdrFmSQ=
 gocloud.dev/docstore/mongodocstore v0.40.0 h1:KTwP9Wr3PNPxN3bItxtK/RHiF4D6cTYjE5GDkPKcJrI=
@@ -1509,8 +1500,8 @@ golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliY
 golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
 golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
-golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE=
-golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc=
+golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
+golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
 golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -1522,8 +1513,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
 golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac h1:l5+whBCLH3iH2ZNHYLbAe58bo7yrN4mVcnkHDYz5vvs=
-golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac/go.mod h1:hH+7mtFmImwwcMvScyxUhjuVHR3HGaDPMn9rMSUUbxo=
+golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 h1:R84qjqJb5nVJMxqWYb3np9L5ZsaDtB+a39EqjV0JSUM=
+golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0/go.mod h1:S9Xr4PYopiDyqSyp5NjCrhFrqg6A5zA2E/iPHPhqnS8=
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -1554,8 +1545,8 @@ golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.24.0 h1:ZfthKaKaT4NrhGVZHO1/WDTwGES4De8KtWO0SIbNJMU=
-golang.org/x/mod v0.24.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
+golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
+golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -1619,8 +1610,8 @@ golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ=
 golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
 golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
 golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
-golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY=
-golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E=
+golang.org/x/net v0.41.0 h1:vBTly1HeNPEn3wtREYfy4GZ/NECgw2Cnl+nK6Nz3uvw=
+golang.org/x/net v0.41.0/go.mod h1:B/K4NNqkfmg07DQYrbwvSluqCJOOXwUjeb/5lOisjbA=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -1639,8 +1630,8 @@ golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ
 golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
-golang.org/x/oauth2 v0.29.0 h1:WdYw2tdTK1S8olAzWHdgeqfy+Mtm9XNhv/xJsY65d98=
-golang.org/x/oauth2 v0.29.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8=
+golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
+golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -1658,8 +1649,8 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
 golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.13.0 h1:AauUjRAJ9OSnvULf/ARrrVywoJDy0YS2AwQ98I37610=
-golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
+golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
+golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -1783,15 +1774,15 @@ golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0=
-golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU=
+golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
+golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
-golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
+golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
+golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
 golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -1863,8 +1854,8 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps=
-golang.org/x/tools v0.32.0 h1:Q7N1vhpkQv7ybVzLFtTjvQya2ewbwNDZzUgfXGqtMWU=
-golang.org/x/tools v0.32.0/go.mod h1:ZxrU41P/wAbZD8EDa6dDCa6XfpkhJ7HFMjHJXfBDu8s=
+golang.org/x/tools v0.34.0 h1:qIpSLOxeCYGg9TrcJokLBG4KFA6d795g0xkBkiESGlo=
+golang.org/x/tools v0.34.0/go.mod h1:pAP9OwEaY1CAW3HOmg3hLZC5Z0CCmzjAF2UQMSqNARg=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -1909,8 +1900,8 @@ google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqiv
 google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI=
 google.golang.org/api v0.58.0/go.mod h1:cAbP2FsxoGVNwtgNAmmn3y5G1TWAiVYRmg4yku3lv+E=
 google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I=
-google.golang.org/api v0.229.0 h1:p98ymMtqeJ5i3lIBMj5MpR9kzIIgzpHHh8vQ+vgAzx8=
-google.golang.org/api v0.229.0/go.mod h1:wyDfmq5g1wYJWn29O22FDWN48P7Xcz0xz+LBpptYvB0=
+google.golang.org/api v0.237.0 h1:MP7XVsGZesOsx3Q8WVa4sUdbrsTvDSOERd3Vh4xj/wc=
+google.golang.org/api v0.237.0/go.mod h1:cOVEm2TpdAGHL2z+UwyS+kmlGr3bVWQQ6sYEqkKje50=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -1981,12 +1972,12 @@ google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ6
 google.golang.org/genproto v0.0.0-20211016002631-37fc39342514/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
 google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
 google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20250324211829-b45e905df463 h1:qEFnJI6AnfZk0NNe8YTyXQh5i//Zxi4gBHwRgp76qpw=
-google.golang.org/genproto v0.0.0-20250324211829-b45e905df463/go.mod h1:SqIx1NV9hcvqdLHo7uNZDS5lrUJybQ3evo3+z/WBfA0=
-google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e h1:UdXH7Kzbj+Vzastr5nVfccbmFsmYNygVLSPk1pEfDoY=
-google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e/go.mod h1:085qFyf2+XaZlRdCgKNCIZ3afY2p4HHZdoIRpId8F4A=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e h1:ztQaXfzEXTmCBvbtWYRhJxW+0iJcz2qXfd38/e9l7bA=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
+google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 h1:1tXaIXCracvtsRxSBsYDiSBN0cuJvM7QYW+MrpIRY78=
+google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2/go.mod h1:49MsLSx0oWMOZqcpB3uL8ZOkAh1+TndpJ8ONoCBWiZk=
+google.golang.org/genproto/googleapis/api v0.0.0-20250519155744-55703ea1f237 h1:Kog3KlB4xevJlAcbbbzPfRG0+X9fdoGM+UBRKVz6Wr0=
+google.golang.org/genproto/googleapis/api v0.0.0-20250519155744-55703ea1f237/go.mod h1:ezi0AVyMKDWy5xAncvjLWH7UcLBB5n7y2fQ8MzjJcto=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 h1:fc6jSaCT0vBduLYZHYrBBNY4dsWuvgyff9noRNDdBeE=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM=
 google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
@@ -2015,8 +2006,8 @@ google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnD
 google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
 google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k=
 google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
-google.golang.org/grpc v1.72.0 h1:S7UkcVa60b5AAQTaO6ZKamFp1zMZSU0fGDK2WZLbBnM=
-google.golang.org/grpc v1.72.0/go.mod h1:wH5Aktxcg25y1I3w7H69nHfXdOG3UiadoBtjh3izSDM=
+google.golang.org/grpc v1.73.0 h1:VIWSmpI2MegBtTuFt5/JWy2oXxtjJ/e89Z70ImfD2ok=
+google.golang.org/grpc v1.73.0/go.mod h1:50sbHOUqWoCQGI8V2HQLJM0B+LMlIUjNSZmow7EVBQc=
 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
@@ -2088,21 +2079,21 @@ honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 k8s.io/api v0.22.5/go.mod h1:mEhXyLaSD1qTOf40rRiKXkc+2iCem09rWLlFwhCEiAs=
-k8s.io/api v0.32.5 h1:uqjjsYo1kTJr5NIcoIaP9F+TgXgADH7nKQx91FDAhtk=
-k8s.io/api v0.32.5/go.mod h1:bXXFU3fGCZ/eFMZvfHZC69PeGbXEL4zzjuPVzOxHF64=
+k8s.io/api v0.33.1 h1:tA6Cf3bHnLIrUK4IqEgb2v++/GYUtqiu9sRVk3iBXyw=
+k8s.io/api v0.33.1/go.mod h1:87esjTn9DRSRTD4fWMXamiXxJhpOIREjWOSjsW1kEHw=
 k8s.io/apiextensions-apiserver v0.22.5/go.mod h1:tIXeZ0BrDxUb1PoAz+tgOz43Zi1Bp4BEEqVtUccMJbE=
 k8s.io/apiextensions-apiserver v0.32.4 h1:IA+CoR63UDOijR/vEpow6wQnX4V6iVpzazJBskHrpHE=
 k8s.io/apiextensions-apiserver v0.32.4/go.mod h1:Y06XO/b92H8ymOdG1HlA1submf7gIhbEDc3RjriqZOs=
 k8s.io/apimachinery v0.19.7/go.mod h1:6sRbGRAVY5DOCuZwB5XkqguBqpqLU6q/kOaOdk29z6Q=
 k8s.io/apimachinery v0.22.5/go.mod h1:xziclGKwuuJ2RM5/rSFQSYAj0zdbci3DH8kj+WvyN0U=
-k8s.io/apimachinery v0.32.5 h1:6We3aJ6crC0ap8EhsEXcgX3LpI6SEjubpiOMXLROwPM=
-k8s.io/apimachinery v0.32.5/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE=
+k8s.io/apimachinery v0.33.1 h1:mzqXWV8tW9Rw4VeW9rEkqvnxj59k1ezDUl20tFK/oM4=
+k8s.io/apimachinery v0.33.1/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM=
 k8s.io/apiserver v0.22.5/go.mod h1:s2WbtgZAkTKt679sYtSudEQrTGWUSQAPe6MupLnlmaQ=
 k8s.io/cli-runtime v0.29.15 h1:DLucYFyRTyYfRADJEIJ3270Kx6a4C9Ac+o1FkknyZyM=
 k8s.io/cli-runtime v0.29.15/go.mod h1:EjQsNazuwZWLTXLCCP4jGpkd95UO6wXKLVguSqfjwaU=
 k8s.io/client-go v0.22.5/go.mod h1:cs6yf/61q2T1SdQL5Rdcjg9J1ElXSwbjSrW2vFImM4Y=
-k8s.io/client-go v0.32.5 h1:huFmQMzgWu0z4kbWsuZci+Gt4Fo72I4CcrvhToZ/Qp0=
-k8s.io/client-go v0.32.5/go.mod h1:Qchw6f9WIVrur7DKojAHpRgGLcANT0RLIvF39Jz58xA=
+k8s.io/client-go v0.33.1 h1:ZZV/Ks2g92cyxWkRRnfUDsnhNn28eFpt26aGc8KbXF4=
+k8s.io/client-go v0.33.1/go.mod h1:JAsUrl1ArO7uRVFWfcj6kOomSlCv+JpvIsp6usAGefA=
 k8s.io/code-generator v0.22.5/go.mod h1:sbdWCOVob+KaQ5O7xs8PNNaCTpbWVqNgA6EPwLOmRNk=
 k8s.io/component-base v0.22.5/go.mod h1:VK3I+TjuF9eaa+Ln67dKxhGar5ynVbwnGrUiNF4MqCI=
 k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
@@ -2119,8 +2110,8 @@ k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
 k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
 k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o=
 k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw=
-k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 h1:hcha5B1kVACrLujCKLbr8XWMxCxzQx42DY8QKYJrDLg=
-k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7/go.mod h1:GewRfANuJ70iYzvn+i4lezLDAFzvjxZYK1gn1lWcfas=
+k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff h1:/usPimJzUKKu+m+TE36gUyGcf03XZEP0ZIKgKj35LS4=
+k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff/go.mod h1:5jIi+8yX4RIb8wk3XwBo5Pq2ccx4FP10ohkbSKCZoK8=
 k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
 k8s.io/utils v0.0.0-20211208161948-7d6a63dca704/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
 k8s.io/utils v0.0.0-20241210054802-24370beab758 h1:sdbE21q2nlQtFh65saZY+rRM6x6aJJI8IUa1AmH/qa0=
@@ -2148,13 +2139,16 @@ sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKU
 sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3/go.mod h1:9n16EZKMhXBNSiUC5kSdFQJkdH3zbxS/JoO619G1VAY=
 sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 h1:W6cLQc5pnqM7vh3b7HvGNfXrJ/xL6BDMS0v1V/HHg5U=
 sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3/go.mod h1:JWP1Fj0VWGHyw3YUPjXSQnRnrwezrZSrApfX5S0nIag=
+sigs.k8s.io/randfill v0.0.0-20250304075658-069ef1bbf016/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY=
+sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU=
+sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY=
 sigs.k8s.io/release-utils v0.11.1 h1:hzvXGpHgHJfLOJB6TRuu14bzWc3XEglHmXHJqwClSZE=
 sigs.k8s.io/release-utils v0.11.1/go.mod h1:ybR2V/uQAOGxYfzYtBenSYeXWkBGNP2qnEiX77ACtpc=
 sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
 sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
 sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4=
-sigs.k8s.io/structured-merge-diff/v4 v4.5.0 h1:nbCitCK2hfnhyiKo6uf2HxUPTCodY6Qaf85SbDIaMBk=
-sigs.k8s.io/structured-merge-diff/v4 v4.5.0/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4=
+sigs.k8s.io/structured-merge-diff/v4 v4.6.0 h1:IUA9nvMmnKWcj5jl84xn+T5MnlZKThmUW1TdblaLVAc=
+sigs.k8s.io/structured-merge-diff/v4 v4.6.0/go.mod h1:dDy58f92j70zLsuZVuUX5Wp9vtxXpaZnkPGWeqDfCps=
 sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
 sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc=
 sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=
diff --git a/vendor/cloud.google.com/go/.release-please-manifest-individual.json b/vendor/cloud.google.com/go/.release-please-manifest-individual.json
index 512fdb07b6..4587272da2 100644
--- a/vendor/cloud.google.com/go/.release-please-manifest-individual.json
+++ b/vendor/cloud.google.com/go/.release-please-manifest-individual.json
@@ -1,16 +1,16 @@
 {
-  "auth": "0.15.0",
+  "auth": "0.16.1",
   "auth/oauth2adapt": "0.2.8",
-  "bigquery": "1.67.0",
-  "bigtable": "1.35.0",
+  "bigquery": "1.68.0",
+  "bigtable": "1.37.0",
   "datastore": "1.20.0",
   "errorreporting": "0.3.2",
   "firestore": "1.18.0",
   "logging": "1.13.0",
   "profiler": "0.4.2",
-  "pubsub": "1.48.0",
+  "pubsub": "1.49.0",
   "pubsublite": "1.8.2",
-  "spanner": "1.77.0",
-  "storage": "1.51.0",
+  "spanner": "1.81.0",
+  "storage": "1.54.0",
   "vertexai": "0.13.3"
 }
diff --git a/vendor/cloud.google.com/go/.release-please-manifest-submodules.json b/vendor/cloud.google.com/go/.release-please-manifest-submodules.json
index 58620ecb26..87a8d1683b 100644
--- a/vendor/cloud.google.com/go/.release-please-manifest-submodules.json
+++ b/vendor/cloud.google.com/go/.release-please-manifest-submodules.json
@@ -1,156 +1,161 @@
 {
-    "accessapproval": "1.8.5",
-    "accesscontextmanager": "1.9.5",
-    "advisorynotifications": "1.5.4",
-    "ai": "0.10.1",
-    "aiplatform": "1.78.0",
-    "alloydb": "1.15.0",
-    "analytics": "0.27.1",
-    "apigateway": "1.7.5",
-    "apigeeconnect": "1.7.5",
-    "apigeeregistry": "0.9.5",
-    "apihub": "0.1.4",
-    "apikeys": "1.2.5",
-    "appengine": "1.9.5",
-    "apphub": "0.2.4",
-    "apps": "0.7.1",
-    "area120": "0.9.5",
-    "artifactregistry": "1.16.3",
-    "asset": "1.20.5",
-    "assuredworkloads": "1.12.5",
-    "automl": "1.14.6",
-    "backupdr": "1.3.1",
-    "baremetalsolution": "1.3.5",
-    "batch": "1.12.1",
-    "beyondcorp": "1.1.5",
-    "billing": "1.20.3",
-    "binaryauthorization": "1.9.4",
-    "certificatemanager": "1.9.4",
-    "channel": "1.19.4",
-    "chat": "0.12.1",
-    "cloudbuild": "1.22.1",
-    "cloudcontrolspartner": "1.3.1",
-    "clouddms": "1.8.6",
-    "cloudprofiler": "0.4.4",
-    "cloudquotas": "1.3.2",
-    "cloudtasks": "1.13.5",
-    "commerce": "1.2.3",
-    "compute": "1.35.0",
+    "accessapproval": "1.8.6",
+    "accesscontextmanager": "1.9.6",
+    "advisorynotifications": "1.5.5",
+    "ai": "0.11.1",
+    "aiplatform": "1.86.0",
+    "alloydb": "1.15.2",
+    "analytics": "0.28.1",
+    "apigateway": "1.7.6",
+    "apigeeconnect": "1.7.6",
+    "apigeeregistry": "0.9.6",
+    "apihub": "0.1.5",
+    "apikeys": "1.2.6",
+    "appengine": "1.9.6",
+    "apphub": "0.3.1",
+    "apps": "0.7.2",
+    "area120": "0.9.6",
+    "artifactregistry": "1.17.1",
+    "asset": "1.21.0",
+    "assuredworkloads": "1.12.6",
+    "automl": "1.14.7",
+    "backupdr": "1.3.2",
+    "baremetalsolution": "1.3.6",
+    "batch": "1.12.2",
+    "beyondcorp": "1.1.6",
+    "billing": "1.20.4",
+    "binaryauthorization": "1.9.5",
+    "certificatemanager": "1.9.5",
+    "channel": "1.19.5",
+    "chat": "0.13.0",
+    "chronicle": "0.1.0",
+    "cloudbuild": "1.22.2",
+    "cloudcontrolspartner": "1.4.0",
+    "clouddms": "1.8.7",
+    "cloudprofiler": "0.4.5",
+    "cloudquotas": "1.3.3",
+    "cloudtasks": "1.13.6",
+    "commerce": "1.2.4",
+    "compute": "1.37.0",
     "compute/metadata": "0.6.0",
-    "confidentialcomputing": "1.9.1",
-    "config": "1.3.1",
-    "contactcenterinsights": "1.17.2",
-    "container": "1.42.3",
-    "containeranalysis": "0.13.4",
-    "datacatalog": "1.25.0",
-    "dataflow": "0.10.5",
-    "dataform": "0.11.1",
-    "datafusion": "1.8.5",
-    "datalabeling": "0.9.5",
-    "dataplex": "1.23.1",
-    "dataproc": "2.11.1",
-    "dataqna": "0.9.5",
-    "datastream": "1.13.2",
-    "deploy": "1.26.3",
-    "developerconnect": "0.3.2",
-    "dialogflow": "1.68.1",
-    "discoveryengine": "1.16.2",
-    "dlp": "1.22.0",
-    "documentai": "1.36.0",
-    "domains": "0.10.5",
-    "edgecontainer": "1.4.2",
-    "edgenetwork": "1.2.4",
-    "essentialcontacts": "1.7.5",
-    "eventarc": "1.15.4",
-    "filestore": "1.10.1",
-    "financialservices": "0.1.1",
-    "functions": "1.19.4",
-    "gkebackup": "1.6.4",
-    "gkeconnect": "0.12.3",
-    "gkehub": "0.15.5",
-    "gkemulticloud": "1.5.2",
-    "grafeas": "0.3.15",
-    "gsuiteaddons": "1.7.6",
-    "iam": "1.4.2",
-    "iap": "1.10.5",
-    "identitytoolkit": "0.2.4",
-    "ids": "1.5.5",
-    "iot": "1.8.5",
-    "kms": "1.21.1",
-    "language": "1.14.4",
-    "lifesciences": "0.10.5",
-    "longrunning": "0.6.6",
-    "managedidentities": "1.7.5",
-    "managedkafka": "0.5.0",
-    "maps": "1.20.1",
-    "mediatranslation": "0.9.5",
-    "memcache": "1.11.5",
-    "memorystore": "0.2.1",
-    "metastore": "1.14.5",
-    "migrationcenter": "1.1.4",
-    "modelarmor": "0.1.0",
-    "monitoring": "1.24.1",
-    "netapp": "1.7.1",
-    "networkconnectivity": "1.16.3",
-    "networkmanagement": "1.18.2",
-    "networksecurity": "0.10.5",
-    "networkservices": "0.2.4",
-    "notebooks": "1.12.5",
-    "optimization": "1.7.5",
-    "oracledatabase": "0.3.0",
-    "orchestration": "1.11.7",
-    "orgpolicy": "1.14.3",
-    "osconfig": "1.14.4",
-    "oslogin": "1.14.5",
-    "parallelstore": "0.10.1",
-    "parametermanager": "0.1.1",
-    "phishingprotection": "0.9.5",
-    "policysimulator": "0.3.5",
-    "policytroubleshooter": "1.11.5",
-    "privatecatalog": "0.10.6",
-    "privilegedaccessmanager": "0.2.4",
-    "rapidmigrationassessment": "1.1.5",
-    "recaptchaenterprise": "2.20.2",
-    "recommendationengine": "0.9.5",
-    "recommender": "1.13.4",
-    "redis": "1.18.1",
-    "resourcemanager": "1.10.5",
-    "retail": "1.19.3",
-    "run": "1.9.2",
-    "scheduler": "1.11.6",
-    "secretmanager": "1.14.6",
-    "securesourcemanager": "1.3.2",
-    "security": "1.18.4",
-    "securitycenter": "1.36.1",
-    "securitycentermanagement": "1.1.4",
-    "securityposture": "0.2.4",
-    "servicecontrol": "1.14.4",
-    "servicedirectory": "1.12.5",
-    "servicehealth": "1.2.2",
-    "servicemanagement": "1.10.5",
-    "serviceusage": "1.9.5",
-    "shell": "1.8.5",
-    "shopping": "0.18.0",
-    "speech": "1.26.1",
-    "storageinsights": "1.1.5",
-    "storagetransfer": "1.12.3",
-    "streetview": "0.2.4",
-    "support": "1.1.5",
-    "talent": "1.8.2",
-    "telcoautomation": "1.1.4",
-    "texttospeech": "1.11.2",
-    "tpu": "1.8.2",
-    "trace": "1.11.5",
-    "translate": "1.12.4",
-    "video": "1.23.4",
-    "videointelligence": "1.12.5",
-    "vision": "2.9.4",
-    "visionai": "0.4.4",
-    "vmmigration": "1.8.5",
-    "vmwareengine": "1.3.4",
-    "vpcaccess": "1.8.5",
-    "webrisk": "1.10.5",
-    "websecurityscanner": "1.7.5",
-    "workflows": "1.14.0",
-    "workstations": "1.1.4"
+    "confidentialcomputing": "1.9.2",
+    "config": "1.3.2",
+    "contactcenterinsights": "1.17.3",
+    "container": "1.42.4",
+    "containeranalysis": "0.14.1",
+    "datacatalog": "1.26.0",
+    "dataflow": "0.11.0",
+    "dataform": "0.11.2",
+    "datafusion": "1.8.6",
+    "datalabeling": "0.9.6",
+    "dataplex": "1.25.2",
+    "dataproc": "2.11.2",
+    "dataqna": "0.9.7",
+    "datastream": "1.14.1",
+    "deploy": "1.27.1",
+    "developerconnect": "0.3.3",
+    "devicestreaming": "0.1.0",
+    "dialogflow": "1.68.2",
+    "discoveryengine": "1.17.2",
+    "dlp": "1.22.1",
+    "documentai": "1.37.0",
+    "domains": "0.10.6",
+    "edgecontainer": "1.4.3",
+    "edgenetwork": "1.2.6",
+    "essentialcontacts": "1.7.6",
+    "eventarc": "1.15.5",
+    "filestore": "1.10.2",
+    "financialservices": "0.1.3",
+    "functions": "1.19.6",
+    "gkebackup": "1.7.0",
+    "gkeconnect": "0.12.4",
+    "gkehub": "0.15.6",
+    "gkemulticloud": "1.5.3",
+    "grafeas": "0.3.16",
+    "gsuiteaddons": "1.7.7",
+    "iam": "1.5.2",
+    "iap": "1.11.1",
+    "identitytoolkit": "0.2.5",
+    "ids": "1.5.6",
+    "iot": "1.8.6",
+    "kms": "1.21.2",
+    "language": "1.14.5",
+    "lifesciences": "0.10.6",
+    "longrunning": "0.6.7",
+    "lustre": "0.1.0",
+    "managedidentities": "1.7.6",
+    "managedkafka": "0.5.2",
+    "maps": "1.20.4",
+    "mediatranslation": "0.9.6",
+    "memcache": "1.11.6",
+    "memorystore": "0.3.0",
+    "metastore": "1.14.7",
+    "migrationcenter": "1.1.5",
+    "modelarmor": "0.2.0",
+    "monitoring": "1.24.2",
+    "netapp": "1.8.0",
+    "networkconnectivity": "1.17.1",
+    "networkmanagement": "1.19.1",
+    "networksecurity": "0.10.6",
+    "networkservices": "0.2.5",
+    "notebooks": "1.12.6",
+    "optimization": "1.7.6",
+    "oracledatabase": "0.5.0",
+    "orchestration": "1.11.9",
+    "orgpolicy": "1.15.0",
+    "osconfig": "1.14.6",
+    "oslogin": "1.14.6",
+    "parallelstore": "0.11.2",
+    "parametermanager": "0.2.1",
+    "phishingprotection": "0.9.6",
+    "policysimulator": "0.3.6",
+    "policytroubleshooter": "1.11.6",
+    "privatecatalog": "0.10.7",
+    "privilegedaccessmanager": "0.2.5",
+    "rapidmigrationassessment": "1.1.7",
+    "recaptchaenterprise": "2.20.4",
+    "recommendationengine": "0.9.6",
+    "recommender": "1.13.5",
+    "redis": "1.18.2",
+    "resourcemanager": "1.10.6",
+    "retail": "1.20.0",
+    "run": "1.9.3",
+    "scheduler": "1.11.7",
+    "secretmanager": "1.14.7",
+    "securesourcemanager": "1.3.3",
+    "security": "1.18.5",
+    "securitycenter": "1.36.2",
+    "securitycentermanagement": "1.1.5",
+    "securityposture": "0.2.5",
+    "servicecontrol": "1.14.5",
+    "servicedirectory": "1.12.6",
+    "servicehealth": "1.2.3",
+    "servicemanagement": "1.10.6",
+    "serviceusage": "1.9.6",
+    "shell": "1.8.6",
+    "shopping": "0.20.0",
+    "spanner/benchmarks": "0.1.0",
+    "speech": "1.27.1",
+    "storagebatchoperations": "0.0.0",
+    "storageinsights": "1.1.6",
+    "storagetransfer": "1.12.4",
+    "streetview": "0.2.5",
+    "support": "1.1.6",
+    "talent": "1.8.3",
+    "telcoautomation": "1.1.5",
+    "texttospeech": "1.13.0",
+    "tpu": "1.8.3",
+    "trace": "1.11.6",
+    "translate": "1.12.5",
+    "video": "1.23.5",
+    "videointelligence": "1.12.6",
+    "vision": "2.9.5",
+    "visionai": "0.4.5",
+    "vmmigration": "1.8.6",
+    "vmwareengine": "1.3.5",
+    "vpcaccess": "1.8.6",
+    "webrisk": "1.11.1",
+    "websecurityscanner": "1.7.6",
+    "workflows": "1.14.2",
+    "workstations": "1.1.5"
 }
diff --git a/vendor/cloud.google.com/go/.release-please-manifest.json b/vendor/cloud.google.com/go/.release-please-manifest.json
index 441e0825ce..dbbf4e935d 100644
--- a/vendor/cloud.google.com/go/.release-please-manifest.json
+++ b/vendor/cloud.google.com/go/.release-please-manifest.json
@@ -1,3 +1,3 @@
 {
-  ".": "0.120.0"
+  ".": "0.121.1"
 }
diff --git a/vendor/cloud.google.com/go/CHANGES.md b/vendor/cloud.google.com/go/CHANGES.md
index 28a3338a63..8ae24f470d 100644
--- a/vendor/cloud.google.com/go/CHANGES.md
+++ b/vendor/cloud.google.com/go/CHANGES.md
@@ -2,6 +2,27 @@
 
 
 
+## [0.121.1](https://github.com/googleapis/google-cloud-go/compare/v0.121.0...v0.121.1) (2025-05-13)
+
+
+### Bug Fixes
+
+* **civil:** Add support for civil.Date, civil.Time and civil.DateTime arguments to their respective Scan methods ([#12240](https://github.com/googleapis/google-cloud-go/issues/12240)) ([7127ce9](https://github.com/googleapis/google-cloud-go/commit/7127ce9992f890667f2c8f75c924136b0e94f115)), refs [#12060](https://github.com/googleapis/google-cloud-go/issues/12060)
+
+## [0.121.0](https://github.com/googleapis/google-cloud-go/compare/v0.120.1...v0.121.0) (2025-04-28)
+
+
+### Features
+
+* **debugger:** Remove debugger/apiv2 client ([#12050](https://github.com/googleapis/google-cloud-go/issues/12050)) ([af8641e](https://github.com/googleapis/google-cloud-go/commit/af8641e7d011349afa774b668b30a95b007fd076))
+
+## [0.120.1](https://github.com/googleapis/google-cloud-go/compare/v0.120.0...v0.120.1) (2025-04-14)
+
+
+### Bug Fixes
+
+* **readme:** Update authentication section ([#11918](https://github.com/googleapis/google-cloud-go/issues/11918)) ([2fda860](https://github.com/googleapis/google-cloud-go/commit/2fda86031820ad7d29322f03ad6f34871ad5ff59))
+
 ## [0.120.0](https://github.com/googleapis/google-cloud-go/compare/v0.119.0...v0.120.0) (2025-03-20)
 
 
diff --git a/vendor/cloud.google.com/go/CONTRIBUTING.md b/vendor/cloud.google.com/go/CONTRIBUTING.md
index 36d1b275e3..26ea7bb285 100644
--- a/vendor/cloud.google.com/go/CONTRIBUTING.md
+++ b/vendor/cloud.google.com/go/CONTRIBUTING.md
@@ -138,23 +138,38 @@ Finally, in the general project, create an API key for the translate API:
 
 #### Local Setup
 
-Once the three projects are created and configured, set the following environment
-variables:
+Once the three projects are created and configured, set the following
+environment variables:
 
 - `GCLOUD_TESTS_GOLANG_PROJECT_ID`: Developers Console project's ID (e.g.
 bamboo-shift-455) for the general project.
 - `GCLOUD_TESTS_GOLANG_KEY`: The path to the JSON key file of the general
 project's service account.
-- `GCLOUD_TESTS_GOLANG_DATASTORE_DATABASES`: Comma separated list of developer's Datastore databases. If not provided, default database i.e. empty string is used.
+- `GCLOUD_TESTS_GOLANG_DATASTORE_DATABASES`: Comma separated list of developer's
+Datastore databases. If not provided, default database i.e. empty string is used.
 - `GCLOUD_TESTS_GOLANG_FIRESTORE_PROJECT_ID`: Developers Console project's ID
 (e.g. doorway-cliff-677) for the Firestore project.
-- `GCLOUD_TESTS_GOLANG_FIRESTORE_DATABASES` : Comma separated list of developer's Firestore databases. If not provided, default database is used.
+- `GCLOUD_TESTS_GOLANG_FIRESTORE_DATABASES`: Comma separated list of developer's
+Firestore databases. If not provided, default database is used.
 - `GCLOUD_TESTS_GOLANG_FIRESTORE_KEY`: The path to the JSON key file of the
 Firestore project's service account.
 - `GCLOUD_TESTS_API_KEY`: API key for using the Translate API created above.
-- `GCLOUD_TESTS_GOLANG_SECONDARY_BIGTABLE_PROJECT_ID`: Developers Console project's ID (e.g. doorway-cliff-677) for Bigtable optional secondary project. This can be same as Firestore project or any project other than the general project.
-- `GCLOUD_TESTS_BIGTABLE_CLUSTER`: Cluster ID of Bigtable cluster in general project
-- `GCLOUD_TESTS_BIGTABLE_PRI_PROJ_SEC_CLUSTER`: Optional. Cluster ID of Bigtable secondary cluster in general project
+- `GCLOUD_TESTS_GOLANG_SECONDARY_BIGTABLE_PROJECT_ID`: Developers Console
+project's ID (e.g. doorway-cliff-677) for Bigtable optional secondary project.
+This can be same as Firestore project or any project other than the general
+project.
+- `GCLOUD_TESTS_BIGTABLE_CLUSTER`: Cluster ID of Bigtable cluster in general
+project.
+- `GCLOUD_TESTS_BIGTABLE_PRI_PROJ_SEC_CLUSTER`: Optional. Cluster ID of Bigtable
+secondary cluster in general project
+- `TEST_UNIVERSE_DOMAIN`: Optional. Universe domain to test universe domain
+functionality against.
+- `TEST_UNIVERSE_PROJECT_ID`: Optional. Project ID within the universe domain
+for testing.
+- `TEST_UNIVERSE_LOCATION`: Optional. Available location within the universe
+domain.
+- `TEST_UNIVERSE_DOMAIN_CREDENTIAL`: Optional. The path to the JSON key file of
+the universe domain's service account.
 
 As part of the setup that follows, the following variables will be configured:
 
diff --git a/vendor/cloud.google.com/go/README.md b/vendor/cloud.google.com/go/README.md
index 8f149c8a4a..98d47fa2c4 100644
--- a/vendor/cloud.google.com/go/README.md
+++ b/vendor/cloud.google.com/go/README.md
@@ -27,19 +27,32 @@ programming language follows. This means the currently supported versions are:
 - Go 1.23
 - Go 1.24
 
-## Authorization
-
-By default, each API will use [Google Application Default Credentials](https://developers.google.com/identity/protocols/application-default-credentials)
-for authorization credentials used in calling the API endpoints. This will allow your
-application to run in many environments without requiring explicit configuration.
+## Authentication
+
+By default, each client library will use [Application Default Credentials](https://developers.google.com/identity/protocols/application-default-credentials)
+(ADC) to automatically configure the credentials used in calling the API endpoint.
+When using the libraries in a Google Cloud Platform environment such as Compute
+Engine, Kubernetes Engine, or App Engine, no additional authentication steps are
+necessary. See [Authentication methods at Google](https://cloud.google.com/docs/authentication)
+and [Authenticate for using client libraries](https://cloud.google.com/docs/authentication/client-libraries)
+for more information.
 
 ```go
 client, err := storage.NewClient(ctx)
 ```
 
-To authorize using a
-[JSON key file](https://cloud.google.com/iam/docs/managing-service-account-keys),
-pass
+For applications running elsewhere, such as your local development environment,
+you can use the `gcloud auth application-default login` command from the
+[Google Cloud CLI](https://cloud.google.com/cli) to set user credentials in
+your local filesystem. Application Default Credentials will automatically detect
+these credentials. See [Set up ADC for a local development
+environment](https://cloud.google.com/docs/authentication/set-up-adc-local-dev-environment)
+for more information.
+
+Alternately, you may need to provide an explicit path to your credentials. To authenticate
+using a [service account](https://cloud.google.com/docs/authentication#service-accounts)
+key file, either set the `GOOGLE_APPLICATION_CREDENTIALS` environment variable to the path
+to your key file, or programmatically pass
 [`option.WithCredentialsFile`](https://pkg.go.dev/google.golang.org/api/option#WithCredentialsFile)
 to the `NewClient` function of the desired package. For example:
 
@@ -47,14 +60,15 @@ to the `NewClient` function of the desired package. For example:
 client, err := storage.NewClient(ctx, option.WithCredentialsFile("path/to/keyfile.json"))
 ```
 
-You can exert more control over authorization by using the
+You can exert even more control over authentication by using the
 [credentials](https://pkg.go.dev/cloud.google.com/go/auth/credentials) package to
 create an [auth.Credentials](https://pkg.go.dev/cloud.google.com/go/auth#Credentials).
 Then pass [`option.WithAuthCredentials`](https://pkg.go.dev/google.golang.org/api/option#WithAuthCredentials)
 to the `NewClient` function:
 
 ```go
-creds := ...
+creds, err := credentials.DetectDefault(&credentials.DetectOptions{...})
+...
 client, err := storage.NewClient(ctx, option.WithAuthCredentials(creds))
 ```
 
diff --git a/vendor/cloud.google.com/go/auth/CHANGES.md b/vendor/cloud.google.com/go/auth/CHANGES.md
index 4bb269f67a..66131916eb 100644
--- a/vendor/cloud.google.com/go/auth/CHANGES.md
+++ b/vendor/cloud.google.com/go/auth/CHANGES.md
@@ -1,5 +1,20 @@
 # Changelog
 
+## [0.16.2](https://github.com/googleapis/google-cloud-go/compare/auth/v0.16.1...auth/v0.16.2) (2025-06-04)
+
+
+### Bug Fixes
+
+* **auth:** Add back DirectPath misconfiguration logging ([#11162](https://github.com/googleapis/google-cloud-go/issues/11162)) ([8d52da5](https://github.com/googleapis/google-cloud-go/commit/8d52da58da5a0ed77a0f6307d1b561bc045406a1))
+* **auth:** Remove s2a fallback option ([#12354](https://github.com/googleapis/google-cloud-go/issues/12354)) ([d5acc59](https://github.com/googleapis/google-cloud-go/commit/d5acc599cd775ddc404349e75906fa02e8ff133e))
+
+## [0.16.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.16.0...auth/v0.16.1) (2025-04-23)
+
+
+### Bug Fixes
+
+* **auth:** Clone detectopts before assigning TokenBindingType ([#11881](https://github.com/googleapis/google-cloud-go/issues/11881)) ([2167b02](https://github.com/googleapis/google-cloud-go/commit/2167b020fdc43b517c2b6ecca264a10e357ea035))
+
 ## [0.16.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.15.0...auth/v0.16.0) (2025-04-14)
 
 
diff --git a/vendor/cloud.google.com/go/auth/grpctransport/directpath.go b/vendor/cloud.google.com/go/auth/grpctransport/directpath.go
index b3f185f350..69d6d0034e 100644
--- a/vendor/cloud.google.com/go/auth/grpctransport/directpath.go
+++ b/vendor/cloud.google.com/go/auth/grpctransport/directpath.go
@@ -20,14 +20,18 @@ import (
 	"os"
 	"strconv"
 	"strings"
+	"time"
 
 	"cloud.google.com/go/auth"
 	"cloud.google.com/go/auth/credentials"
 	"cloud.google.com/go/auth/internal/compute"
+	"golang.org/x/time/rate"
 	"google.golang.org/grpc"
 	grpcgoogle "google.golang.org/grpc/credentials/google"
 )
 
+var logRateLimiter = rate.Sometimes{Interval: 1 * time.Second}
+
 func isDirectPathEnabled(endpoint string, opts *Options) bool {
 	if opts.InternalOptions != nil && !opts.InternalOptions.EnableDirectPath {
 		return false
@@ -111,14 +115,16 @@ func isDirectPathBoundTokenEnabled(opts *InternalOptions) bool {
 // configuration allows the use of direct path. If it does not the provided
 // grpcOpts and endpoint are returned.
 func configureDirectPath(grpcOpts []grpc.DialOption, opts *Options, endpoint string, creds *auth.Credentials) ([]grpc.DialOption, string, error) {
+	logRateLimiter.Do(func() {
+		logDirectPathMisconfig(endpoint, creds, opts)
+	})
 	if isDirectPathEnabled(endpoint, opts) && compute.OnComputeEngine() && isTokenProviderDirectPathCompatible(creds, opts) {
 		// Overwrite all of the previously specific DialOptions, DirectPath uses its own set of credentials and certificates.
 		defaultCredetialsOptions := grpcgoogle.DefaultCredentialsOptions{PerRPCCreds: &grpcCredentialsProvider{creds: creds}}
 		if isDirectPathBoundTokenEnabled(opts.InternalOptions) && isTokenProviderComputeEngine(creds) {
-			opts.DetectOpts.TokenBindingType = credentials.ALTSHardBinding
-			altsCreds, err := credentials.DetectDefault(opts.resolveDetectOptions())
-			// Revert it back since the same opts will be used in subsequent dial() calls.
-			opts.DetectOpts.TokenBindingType = credentials.NoBinding
+			optsClone := opts.resolveDetectOptions()
+			optsClone.TokenBindingType = credentials.ALTSHardBinding
+			altsCreds, err := credentials.DetectDefault(optsClone)
 			if err != nil {
 				return nil, "", err
 			}
@@ -152,3 +158,20 @@ func configureDirectPath(grpcOpts []grpc.DialOption, opts *Options, endpoint str
 	}
 	return grpcOpts, endpoint, nil
 }
+
+func logDirectPathMisconfig(endpoint string, creds *auth.Credentials, o *Options) {
+
+	// Case 1: does not enable DirectPath
+	if !isDirectPathEnabled(endpoint, o) {
+		o.logger().Warn("DirectPath is disabled. To enable, please set the EnableDirectPath option along with the EnableDirectPathXds option.")
+	} else {
+		// Case 2: credential is not correctly set
+		if !isTokenProviderDirectPathCompatible(creds, o) {
+			o.logger().Warn("DirectPath is disabled. Please make sure the token source is fetched from GCE metadata server and the default service account is used.")
+		}
+		// Case 3: not running on GCE
+		if !compute.OnComputeEngine() {
+			o.logger().Warn("DirectPath is disabled. DirectPath is only available in a GCE environment.")
+		}
+	}
+}
diff --git a/vendor/cloud.google.com/go/auth/grpctransport/grpctransport.go b/vendor/cloud.google.com/go/auth/grpctransport/grpctransport.go
index 90c17f047e..834aef41c8 100644
--- a/vendor/cloud.google.com/go/auth/grpctransport/grpctransport.go
+++ b/vendor/cloud.google.com/go/auth/grpctransport/grpctransport.go
@@ -304,17 +304,18 @@ func dial(ctx context.Context, secure bool, opts *Options) (*grpc.ClientConn, er
 			// This condition is only met for non-DirectPath clients because
 			// TransportTypeMTLSS2A is used only when InternalOptions.EnableDirectPath
 			// is false.
+			optsClone := opts.resolveDetectOptions()
 			if transportCreds.TransportType == transport.TransportTypeMTLSS2A {
 				// Check that the client allows requesting hard-bound token for the transport type mTLS using S2A.
 				for _, ev := range opts.InternalOptions.AllowHardBoundTokens {
 					if ev == "MTLS_S2A" {
-						opts.DetectOpts.TokenBindingType = credentials.MTLSHardBinding
+						optsClone.TokenBindingType = credentials.MTLSHardBinding
 						break
 					}
 				}
 			}
 			var err error
-			creds, err = credentials.DetectDefault(opts.resolveDetectOptions())
+			creds, err = credentials.DetectDefault(optsClone)
 			if err != nil {
 				return nil, err
 			}
diff --git a/vendor/cloud.google.com/go/auth/internal/transport/cba.go b/vendor/cloud.google.com/go/auth/internal/transport/cba.go
index b1f0fcf937..14bca966ec 100644
--- a/vendor/cloud.google.com/go/auth/internal/transport/cba.go
+++ b/vendor/cloud.google.com/go/auth/internal/transport/cba.go
@@ -31,7 +31,6 @@ import (
 	"cloud.google.com/go/auth/internal"
 	"cloud.google.com/go/auth/internal/transport/cert"
 	"github.com/google/s2a-go"
-	"github.com/google/s2a-go/fallback"
 	"google.golang.org/grpc/credentials"
 )
 
@@ -170,18 +169,9 @@ func GetGRPCTransportCredsAndEndpoint(opts *Options) (*GRPCTransportCredentials,
 		return &GRPCTransportCredentials{defaultTransportCreds, config.endpoint, TransportTypeUnknown}, nil
 	}
 
-	var fallbackOpts *s2a.FallbackOptions
-	// In case of S2A failure, fall back to the endpoint that would've been used without S2A.
-	if fallbackHandshake, err := fallback.DefaultFallbackClientHandshakeFunc(config.endpoint); err == nil {
-		fallbackOpts = &s2a.FallbackOptions{
-			FallbackClientHandshakeFunc: fallbackHandshake,
-		}
-	}
-
 	s2aTransportCreds, err := s2a.NewClientCreds(&s2a.ClientOptions{
 		S2AAddress:     s2aAddr,
 		TransportCreds: transportCredsForS2A,
-		FallbackOpts:   fallbackOpts,
 	})
 	if err != nil {
 		// Use default if we cannot initialize S2A client transport credentials.
@@ -218,23 +208,9 @@ func GetHTTPTransportConfig(opts *Options) (cert.Provider, func(context.Context,
 		return config.clientCertSource, nil, nil
 	}
 
-	var fallbackOpts *s2a.FallbackOptions
-	// In case of S2A failure, fall back to the endpoint that would've been used without S2A.
-	if fallbackURL, err := url.Parse(config.endpoint); err == nil {
-		if fallbackDialer, fallbackServerAddr, err := fallback.DefaultFallbackDialerAndAddress(fallbackURL.Hostname()); err == nil {
-			fallbackOpts = &s2a.FallbackOptions{
-				FallbackDialer: &s2a.FallbackDialer{
-					Dialer:     fallbackDialer,
-					ServerAddr: fallbackServerAddr,
-				},
-			}
-		}
-	}
-
 	dialTLSContextFunc := s2a.NewS2ADialTLSContextFunc(&s2a.ClientOptions{
 		S2AAddress:     s2aAddr,
 		TransportCreds: transportCredsForS2A,
-		FallbackOpts:   fallbackOpts,
 	})
 	return nil, dialTLSContextFunc, nil
 }
diff --git a/vendor/cloud.google.com/go/compute/metadata/CHANGES.md b/vendor/cloud.google.com/go/compute/metadata/CHANGES.md
index bcfb5d8165..1f848ce0b3 100644
--- a/vendor/cloud.google.com/go/compute/metadata/CHANGES.md
+++ b/vendor/cloud.google.com/go/compute/metadata/CHANGES.md
@@ -1,5 +1,12 @@
 # Changes
 
+## [0.7.0](https://github.com/googleapis/google-cloud-go/compare/compute/metadata/v0.6.0...compute/metadata/v0.7.0) (2025-05-13)
+
+
+### Features
+
+* **compute/metadata:** Allow canceling GCE detection ([#11786](https://github.com/googleapis/google-cloud-go/issues/11786)) ([78100fe](https://github.com/googleapis/google-cloud-go/commit/78100fe7e28cd30f1e10b47191ac3c9839663b64))
+
 ## [0.6.0](https://github.com/googleapis/google-cloud-go/compare/compute/metadata/v0.5.2...compute/metadata/v0.6.0) (2024-12-13)
 
 
diff --git a/vendor/cloud.google.com/go/compute/metadata/metadata.go b/vendor/cloud.google.com/go/compute/metadata/metadata.go
index 4c18a383a4..322be8032d 100644
--- a/vendor/cloud.google.com/go/compute/metadata/metadata.go
+++ b/vendor/cloud.google.com/go/compute/metadata/metadata.go
@@ -117,80 +117,18 @@ var (
 // NOTE: True returned from `OnGCE` does not guarantee that the metadata server
 // is accessible from this process and have all the metadata defined.
 func OnGCE() bool {
-	onGCEOnce.Do(initOnGCE)
-	return onGCE
-}
-
-func initOnGCE() {
-	onGCE = testOnGCE()
+	return OnGCEWithContext(context.Background())
 }
 
-func testOnGCE() bool {
-	// The user explicitly said they're on GCE, so trust them.
-	if os.Getenv(metadataHostEnv) != "" {
-		return true
-	}
-
-	ctx, cancel := context.WithCancel(context.Background())
-	defer cancel()
-
-	resc := make(chan bool, 2)
-
-	// Try two strategies in parallel.
-	// See https://github.com/googleapis/google-cloud-go/issues/194
-	go func() {
-		req, _ := http.NewRequest("GET", "http://"+metadataIP, nil)
-		req.Header.Set("User-Agent", userAgent)
-		res, err := newDefaultHTTPClient().Do(req.WithContext(ctx))
-		if err != nil {
-			resc <- false
-			return
-		}
-		defer res.Body.Close()
-		resc <- res.Header.Get("Metadata-Flavor") == "Google"
-	}()
-
-	go func() {
-		resolver := &net.Resolver{}
-		addrs, err := resolver.LookupHost(ctx, "metadata.google.internal.")
-		if err != nil || len(addrs) == 0 {
-			resc <- false
-			return
-		}
-		resc <- strsContains(addrs, metadataIP)
-	}()
-
-	tryHarder := systemInfoSuggestsGCE()
-	if tryHarder {
-		res := <-resc
-		if res {
-			// The first strategy succeeded, so let's use it.
-			return true
-		}
-		// Wait for either the DNS or metadata server probe to
-		// contradict the other one and say we are running on
-		// GCE. Give it a lot of time to do so, since the system
-		// info already suggests we're running on a GCE BIOS.
-		timer := time.NewTimer(5 * time.Second)
-		defer timer.Stop()
-		select {
-		case res = <-resc:
-			return res
-		case <-timer.C:
-			// Too slow. Who knows what this system is.
-			return false
-		}
-	}
-
-	// There's no hint from the system info that we're running on
-	// GCE, so use the first probe's result as truth, whether it's
-	// true or false. The goal here is to optimize for speed for
-	// users who are NOT running on GCE. We can't assume that
-	// either a DNS lookup or an HTTP request to a blackholed IP
-	// address is fast. Worst case this should return when the
-	// metaClient's Transport.ResponseHeaderTimeout or
-	// Transport.Dial.Timeout fires (in two seconds).
-	return <-resc
+// OnGCEWithContext reports whether this process is running on Google Compute Platforms.
+// This function's return value is memoized for better performance.
+// NOTE: True returned from `OnGCEWithContext` does not guarantee that the metadata server
+// is accessible from this process and have all the metadata defined.
+func OnGCEWithContext(ctx context.Context) bool {
+	onGCEOnce.Do(func() {
+		onGCE = defaultClient.OnGCEWithContext(ctx)
+	})
+	return onGCE
 }
 
 // Subscribe calls Client.SubscribeWithContext on the default client.
@@ -450,6 +388,84 @@ func NewWithOptions(opts *Options) *Client {
 	return &Client{hc: client, logger: logger}
 }
 
+// NOTE: metadataRequestStrategy is assigned to a variable for test stubbing purposes.
+var metadataRequestStrategy = func(ctx context.Context, httpClient *http.Client, resc chan bool) {
+	req, _ := http.NewRequest("GET", "http://"+metadataIP, nil)
+	req.Header.Set("User-Agent", userAgent)
+	res, err := httpClient.Do(req.WithContext(ctx))
+	if err != nil {
+		resc <- false
+		return
+	}
+	defer res.Body.Close()
+	resc <- res.Header.Get("Metadata-Flavor") == "Google"
+}
+
+// NOTE: dnsRequestStrategy is assigned to a variable for test stubbing purposes.
+var dnsRequestStrategy = func(ctx context.Context, resc chan bool) {
+	resolver := &net.Resolver{}
+	addrs, err := resolver.LookupHost(ctx, "metadata.google.internal.")
+	if err != nil || len(addrs) == 0 {
+		resc <- false
+		return
+	}
+	resc <- strsContains(addrs, metadataIP)
+}
+
+// OnGCEWithContext reports whether this process is running on Google Compute Platforms.
+// NOTE: True returned from `OnGCEWithContext` does not guarantee that the metadata server
+// is accessible from this process and have all the metadata defined.
+func (c *Client) OnGCEWithContext(ctx context.Context) bool {
+	// The user explicitly said they're on GCE, so trust them.
+	if os.Getenv(metadataHostEnv) != "" {
+		return true
+	}
+
+	ctx, cancel := context.WithCancel(ctx)
+	defer cancel()
+
+	resc := make(chan bool, 2)
+
+	// Try two strategies in parallel.
+	// See https://github.com/googleapis/google-cloud-go/issues/194
+	go metadataRequestStrategy(ctx, c.hc, resc)
+	go dnsRequestStrategy(ctx, resc)
+
+	tryHarder := systemInfoSuggestsGCE()
+	if tryHarder {
+		res := <-resc
+		if res {
+			// The first strategy succeeded, so let's use it.
+			return true
+		}
+
+		// Wait for either the DNS or metadata server probe to
+		// contradict the other one and say we are running on
+		// GCE. Give it a lot of time to do so, since the system
+		// info already suggests we're running on a GCE BIOS.
+		// Ensure cancellations from the calling context are respected.
+		waitContext, cancelWait := context.WithTimeout(ctx, 5*time.Second)
+		defer cancelWait()
+		select {
+		case res = <-resc:
+			return res
+		case <-waitContext.Done():
+			// Too slow. Who knows what this system is.
+			return false
+		}
+	}
+
+	// There's no hint from the system info that we're running on
+	// GCE, so use the first probe's result as truth, whether it's
+	// true or false. The goal here is to optimize for speed for
+	// users who are NOT running on GCE. We can't assume that
+	// either a DNS lookup or an HTTP request to a blackholed IP
+	// address is fast. Worst case this should return when the
+	// metaClient's Transport.ResponseHeaderTimeout or
+	// Transport.Dial.Timeout fires (in two seconds).
+	return <-resc
+}
+
 // getETag returns a value from the metadata service as well as the associated ETag.
 // This func is otherwise equivalent to Get.
 func (c *Client) getETag(ctx context.Context, suffix string) (value, etag string, err error) {
diff --git a/vendor/cloud.google.com/go/compute/metadata/syscheck.go b/vendor/cloud.google.com/go/compute/metadata/syscheck.go
index e0704fa647..d57ae1b27c 100644
--- a/vendor/cloud.google.com/go/compute/metadata/syscheck.go
+++ b/vendor/cloud.google.com/go/compute/metadata/syscheck.go
@@ -20,7 +20,9 @@ package metadata
 // doing network requests) suggests that we're running on GCE. If this
 // returns true, testOnGCE tries a bit harder to reach its metadata
 // server.
-func systemInfoSuggestsGCE() bool {
+//
+// NOTE: systemInfoSuggestsGCE is assigned to a varible for test stubbing purposes.
+var systemInfoSuggestsGCE = func() bool {
 	// We don't currently have checks for other GOOS
 	return false
 }
diff --git a/vendor/cloud.google.com/go/compute/metadata/syscheck_linux.go b/vendor/cloud.google.com/go/compute/metadata/syscheck_linux.go
index 74689acbbb..17ba5a3a23 100644
--- a/vendor/cloud.google.com/go/compute/metadata/syscheck_linux.go
+++ b/vendor/cloud.google.com/go/compute/metadata/syscheck_linux.go
@@ -21,8 +21,10 @@ import (
 	"strings"
 )
 
-func systemInfoSuggestsGCE() bool {
+// NOTE: systemInfoSuggestsGCE is assigned to a varible for test stubbing purposes.
+var systemInfoSuggestsGCE = func() bool {
 	b, _ := os.ReadFile("/sys/class/dmi/id/product_name")
+
 	name := strings.TrimSpace(string(b))
 	return name == "Google" || name == "Google Compute Engine"
 }
diff --git a/vendor/cloud.google.com/go/compute/metadata/syscheck_windows.go b/vendor/cloud.google.com/go/compute/metadata/syscheck_windows.go
index c0ce627872..f57a5b14e9 100644
--- a/vendor/cloud.google.com/go/compute/metadata/syscheck_windows.go
+++ b/vendor/cloud.google.com/go/compute/metadata/syscheck_windows.go
@@ -22,7 +22,8 @@ import (
 	"golang.org/x/sys/windows/registry"
 )
 
-func systemInfoSuggestsGCE() bool {
+// NOTE: systemInfoSuggestsGCE is assigned to a varible for test stubbing purposes.
+var systemInfoSuggestsGCE = func() bool {
 	k, err := registry.OpenKey(registry.LOCAL_MACHINE, `SYSTEM\HardwareConfig\Current`, registry.QUERY_VALUE)
 	if err != nil {
 		return false
diff --git a/vendor/cloud.google.com/go/go.work b/vendor/cloud.google.com/go/go.work
index 5e0a8cad3b..cbf3f83f76 100644
--- a/vendor/cloud.google.com/go/go.work
+++ b/vendor/cloud.google.com/go/go.work
@@ -35,6 +35,7 @@ use (
 	./certificatemanager
 	./channel
 	./chat
+	./chronicle
 	./cloudbuild
 	./cloudcontrolspartner
 	./clouddms
@@ -61,6 +62,7 @@ use (
 	./datastream
 	./deploy
 	./developerconnect
+	./devicestreaming
 	./dialogflow
 	./discoveryengine
 	./dlp
@@ -102,6 +104,7 @@ use (
 	./lifesciences
 	./logging
 	./longrunning
+	./lustre
 	./managedidentities
 	./managedkafka
 	./maps
@@ -157,10 +160,12 @@ use (
 	./shell
 	./shopping
 	./spanner
+	./spanner/benchmarks
 	./spanner/test/opentelemetry/test
 	./speech
 	./storage
 	./storage/internal/benchmarks
+	./storagebatchoperations
 	./storageinsights
 	./storagetransfer
 	./streetview
diff --git a/vendor/cloud.google.com/go/go.work.sum b/vendor/cloud.google.com/go/go.work.sum
index 6546ee83f5..a960384b1c 100644
--- a/vendor/cloud.google.com/go/go.work.sum
+++ b/vendor/cloud.google.com/go/go.work.sum
@@ -118,6 +118,7 @@ github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq
 github.com/iancoleman/strcase v0.3.0 h1:nTXanmYxhfFAMjZL34Ov6gkzEsSJZ5DbhxWjvSASxEI=
 github.com/ianlancetaylor/demangle v0.0.0-20240312041847-bd984b5ce465 h1:KwWnWVWCNtNq/ewIX7HIKnELmEx2nDP42yskD/pi7QE=
 github.com/ianlancetaylor/demangle v0.0.0-20240312041847-bd984b5ce465/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw=
+github.com/ianlancetaylor/demangle v0.0.0-20250417193237-f615e6bd150b/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw=
 github.com/imdario/mergo v0.3.11 h1:3tnifQM4i+fbajXKBHXWEH+KvNHqojZ778UH75j3bGA=
 github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
 github.com/itchyny/gojq v0.12.9 h1:biKpbKwMxVYhCU1d6mR7qMr3f0Hn9F5k5YykCVb3gmM=
@@ -174,7 +175,6 @@ github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXY
 github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
 github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
 github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
-github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 h1:qLC7fQah7D6K1B0ujays3HV9gkFtllcxhzImRR7ArPQ=
 github.com/spf13/afero v1.10.0 h1:EaGW2JJh15aKOejeuJ+wpFSHnbd7GE6Wvp3TsNhb6LY=
 github.com/spf13/cast v1.3.1 h1:nFm6S0SMdyzrzcmThSipiEubIDy8WEXKNZ0UOgiRpng=
@@ -211,6 +211,7 @@ golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
 golang.org/x/telemetry v0.0.0-20240208230135-b75ee8823808/go.mod h1:KG1lNk5ZFNssSZLrpVb4sMXKMpGwGXOxSG3rnu2gZQQ=
 golang.org/x/telemetry v0.0.0-20240521205824-bda55230c457 h1:zf5N6UOrA487eEFacMePxjXAJctxKmyjKUsjA11Uzuk=
+golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
 golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4=
 golang.org/x/tools v0.10.0 h1:tvDr/iQoUqNdohiYm0LmmKcBk+q86lb9EprIUFhHHGg=
 golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc=
@@ -230,7 +231,6 @@ google.golang.org/genproto/googleapis/bytestream v0.0.0-20240513163218-0867130af
 google.golang.org/genproto/googleapis/bytestream v0.0.0-20250115164207-1a7da9e5054f h1:NtrhicUU5+S4TaE5AurusJUYfAo/QB8a+kbIXipuJeI=
 google.golang.org/genproto/googleapis/bytestream v0.0.0-20250303144028-a0af3efb3deb/go.mod h1:35wIojE/F1ptq1nfNDNjtowabHoMSA2qQs7+smpCO5s=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20230725213213-b022f6e96895/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250218202821-56aae31c358a/go.mod h1:uRxBH1mhmO8PGhU89cMcHaXKZqO+OfakD8QQO0oYwlQ=
 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0 h1:rNBFJjBCOgVr9pWD7rs/knKL4FRTKgpZmsRfV214zcA=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 honnef.co/go/tools v0.1.3 h1:qTakTkI6ni6LFD5sBwwsdSO+AQqbSIxOauHTTQKZ/7o=
diff --git a/vendor/cloud.google.com/go/iam/CHANGES.md b/vendor/cloud.google.com/go/iam/CHANGES.md
index 1c6498d569..7839f3b895 100644
--- a/vendor/cloud.google.com/go/iam/CHANGES.md
+++ b/vendor/cloud.google.com/go/iam/CHANGES.md
@@ -1,6 +1,22 @@
 # Changes
 
 
+## [1.5.2](https://github.com/googleapis/google-cloud-go/compare/iam/v1.5.1...iam/v1.5.2) (2025-04-15)
+
+
+### Bug Fixes
+
+* **iam:** Update google.golang.org/api to 0.229.0 ([3319672](https://github.com/googleapis/google-cloud-go/commit/3319672f3dba84a7150772ccb5433e02dab7e201))
+
+## [1.5.1](https://github.com/googleapis/google-cloud-go/compare/iam/v1.5.0...iam/v1.5.1) (2025-04-15)
+
+
+### Documentation
+
+* **iam:** Formatting update for ListPolicyBindingsRequest ([dfdf404](https://github.com/googleapis/google-cloud-go/commit/dfdf404138728724aa6305c5c465ecc6fe5b1264))
+* **iam:** Minor doc update for ListPrincipalAccessBoundaryPoliciesResponse ([20f762c](https://github.com/googleapis/google-cloud-go/commit/20f762c528726a3f038d3e1f37e8a4952118badf))
+* **iam:** Minor doc update for ListPrincipalAccessBoundaryPoliciesResponse ([20f762c](https://github.com/googleapis/google-cloud-go/commit/20f762c528726a3f038d3e1f37e8a4952118badf))
+
 ## [1.5.0](https://github.com/googleapis/google-cloud-go/compare/iam/v1.4.2...iam/v1.5.0) (2025-03-31)
 
 
diff --git a/vendor/cloud.google.com/go/internal/.repo-metadata-full.json b/vendor/cloud.google.com/go/internal/.repo-metadata-full.json
index d72e823299..2e8cd8993b 100644
--- a/vendor/cloud.google.com/go/internal/.repo-metadata-full.json
+++ b/vendor/cloud.google.com/go/internal/.repo-metadata-full.json
@@ -589,6 +589,16 @@
     "release_level": "preview",
     "library_type": "GAPIC_AUTO"
   },
+  "cloud.google.com/go/bigquery/storage/apiv1beta": {
+    "api_shortname": "bigquerystorage",
+    "distribution_name": "cloud.google.com/go/bigquery/storage/apiv1beta",
+    "description": "BigQuery Storage API",
+    "language": "go",
+    "client_library_type": "generated",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/bigquery/latest/storage/apiv1beta",
+    "release_level": "preview",
+    "library_type": "GAPIC_AUTO"
+  },
   "cloud.google.com/go/bigquery/storage/apiv1beta1": {
     "api_shortname": "bigquerystorage",
     "distribution_name": "cloud.google.com/go/bigquery/storage/apiv1beta1",
@@ -719,6 +729,16 @@
     "release_level": "preview",
     "library_type": "GAPIC_AUTO"
   },
+  "cloud.google.com/go/chronicle/apiv1": {
+    "api_shortname": "chronicle",
+    "distribution_name": "cloud.google.com/go/chronicle/apiv1",
+    "description": "Chronicle API",
+    "language": "go",
+    "client_library_type": "generated",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/chronicle/latest/apiv1",
+    "release_level": "preview",
+    "library_type": "GAPIC_AUTO"
+  },
   "cloud.google.com/go/cloudbuild/apiv1/v2": {
     "api_shortname": "cloudbuild",
     "distribution_name": "cloud.google.com/go/cloudbuild/apiv1/v2",
@@ -1069,16 +1089,6 @@
     "release_level": "preview",
     "library_type": "GAPIC_AUTO"
   },
-  "cloud.google.com/go/debugger/apiv2": {
-    "api_shortname": "clouddebugger",
-    "distribution_name": "cloud.google.com/go/debugger/apiv2",
-    "description": "Stackdriver Debugger API",
-    "language": "go",
-    "client_library_type": "generated",
-    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/latest/debugger/apiv2",
-    "release_level": "preview",
-    "library_type": "GAPIC_AUTO"
-  },
   "cloud.google.com/go/deploy/apiv1": {
     "api_shortname": "clouddeploy",
     "distribution_name": "cloud.google.com/go/deploy/apiv1",
@@ -1099,6 +1109,16 @@
     "release_level": "preview",
     "library_type": "GAPIC_AUTO"
   },
+  "cloud.google.com/go/devicestreaming/apiv1": {
+    "api_shortname": "devicestreaming",
+    "distribution_name": "cloud.google.com/go/devicestreaming/apiv1",
+    "description": "Device Streaming API",
+    "language": "go",
+    "client_library_type": "generated",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/devicestreaming/latest/apiv1",
+    "release_level": "preview",
+    "library_type": "GAPIC_AUTO"
+  },
   "cloud.google.com/go/dialogflow/apiv2": {
     "api_shortname": "dialogflow",
     "distribution_name": "cloud.google.com/go/dialogflow/apiv2",
@@ -1459,6 +1479,26 @@
     "release_level": "stable",
     "library_type": "GAPIC_AUTO"
   },
+  "cloud.google.com/go/iam/apiv3": {
+    "api_shortname": "iam",
+    "distribution_name": "cloud.google.com/go/iam/apiv3",
+    "description": "Identity and Access Management (IAM) API",
+    "language": "go",
+    "client_library_type": "generated",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/iam/latest/apiv3",
+    "release_level": "preview",
+    "library_type": "GAPIC_AUTO"
+  },
+  "cloud.google.com/go/iam/apiv3beta": {
+    "api_shortname": "iam",
+    "distribution_name": "cloud.google.com/go/iam/apiv3beta",
+    "description": "Identity and Access Management (IAM) API",
+    "language": "go",
+    "client_library_type": "generated",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/iam/latest/apiv3beta",
+    "release_level": "preview",
+    "library_type": "GAPIC_AUTO"
+  },
   "cloud.google.com/go/iam/credentials/apiv1": {
     "api_shortname": "iamcredentials",
     "distribution_name": "cloud.google.com/go/iam/credentials/apiv1",
@@ -1599,6 +1639,16 @@
     "release_level": "stable",
     "library_type": "GAPIC_AUTO"
   },
+  "cloud.google.com/go/lustre/apiv1": {
+    "api_shortname": "lustre",
+    "distribution_name": "cloud.google.com/go/lustre/apiv1",
+    "description": "Google Cloud Managed Lustre API",
+    "language": "go",
+    "client_library_type": "generated",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/lustre/latest/apiv1",
+    "release_level": "preview",
+    "library_type": "GAPIC_AUTO"
+  },
   "cloud.google.com/go/managedidentities/apiv1": {
     "api_shortname": "managedidentities",
     "distribution_name": "cloud.google.com/go/managedidentities/apiv1",
@@ -1632,7 +1682,7 @@
   "cloud.google.com/go/maps/areainsights/apiv1": {
     "api_shortname": "areainsights",
     "distribution_name": "cloud.google.com/go/maps/areainsights/apiv1",
-    "description": "Places Insights API",
+    "description": "Places Aggregate API",
     "language": "go",
     "client_library_type": "generated",
     "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/maps/latest/areainsights/apiv1",
@@ -2139,13 +2189,13 @@
     "release_level": "stable",
     "library_type": "GAPIC_MANUAL"
   },
-  "cloud.google.com/go/pubsub/apiv1": {
+  "cloud.google.com/go/pubsub/v2/apiv1": {
     "api_shortname": "pubsub",
-    "distribution_name": "cloud.google.com/go/pubsub/apiv1",
+    "distribution_name": "cloud.google.com/go/pubsub/v2/apiv1",
     "description": "Cloud Pub/Sub API",
     "language": "go",
     "client_library_type": "generated",
-    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/pubsub/latest/apiv1",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/pubsub/latest/v2/apiv1",
     "release_level": "stable",
     "library_type": "GAPIC_AUTO"
   },
@@ -2282,7 +2332,7 @@
   "cloud.google.com/go/retail/apiv2": {
     "api_shortname": "retail",
     "distribution_name": "cloud.google.com/go/retail/apiv2",
-    "description": "Vertex AI Search for Retail API",
+    "description": "Vertex AI Search for commerce API",
     "language": "go",
     "client_library_type": "generated",
     "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/retail/latest/apiv2",
@@ -2292,7 +2342,7 @@
   "cloud.google.com/go/retail/apiv2alpha": {
     "api_shortname": "retail",
     "distribution_name": "cloud.google.com/go/retail/apiv2alpha",
-    "description": "Vertex AI Search for Retail API",
+    "description": "Vertex AI Search for commerce API",
     "language": "go",
     "client_library_type": "generated",
     "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/retail/latest/apiv2alpha",
@@ -2302,7 +2352,7 @@
   "cloud.google.com/go/retail/apiv2beta": {
     "api_shortname": "retail",
     "distribution_name": "cloud.google.com/go/retail/apiv2beta",
-    "description": "Vertex AI Search for Retail API",
+    "description": "Vertex AI Search for commerce API",
     "language": "go",
     "client_library_type": "generated",
     "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/retail/latest/apiv2beta",
@@ -2599,6 +2649,16 @@
     "release_level": "preview",
     "library_type": "GAPIC_AUTO"
   },
+  "cloud.google.com/go/shopping/merchant/issueresolution/apiv1beta": {
+    "api_shortname": "merchantapi",
+    "distribution_name": "cloud.google.com/go/shopping/merchant/issueresolution/apiv1beta",
+    "description": "Merchant API",
+    "language": "go",
+    "client_library_type": "generated",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/shopping/latest/merchant/issueresolution/apiv1beta",
+    "release_level": "preview",
+    "library_type": "GAPIC_AUTO"
+  },
   "cloud.google.com/go/shopping/merchant/lfp/apiv1beta": {
     "api_shortname": "merchantapi",
     "distribution_name": "cloud.google.com/go/shopping/merchant/lfp/apiv1beta",
@@ -2619,6 +2679,16 @@
     "release_level": "preview",
     "library_type": "GAPIC_AUTO"
   },
+  "cloud.google.com/go/shopping/merchant/ordertracking/apiv1beta": {
+    "api_shortname": "merchantapi",
+    "distribution_name": "cloud.google.com/go/shopping/merchant/ordertracking/apiv1beta",
+    "description": "Merchant API",
+    "language": "go",
+    "client_library_type": "generated",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/shopping/latest/merchant/ordertracking/apiv1beta",
+    "release_level": "preview",
+    "library_type": "GAPIC_AUTO"
+  },
   "cloud.google.com/go/shopping/merchant/products/apiv1beta": {
     "api_shortname": "merchantapi",
     "distribution_name": "cloud.google.com/go/shopping/merchant/products/apiv1beta",
@@ -2679,6 +2749,16 @@
     "release_level": "stable",
     "library_type": "GAPIC_MANUAL"
   },
+  "cloud.google.com/go/spanner/adapter/apiv1": {
+    "api_shortname": "spanner",
+    "distribution_name": "cloud.google.com/go/spanner/adapter/apiv1",
+    "description": "Cloud Spanner API",
+    "language": "go",
+    "client_library_type": "generated",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/spanner/latest/adapter/apiv1",
+    "release_level": "preview",
+    "library_type": "GAPIC_AUTO"
+  },
   "cloud.google.com/go/spanner/admin/database/apiv1": {
     "api_shortname": "spanner",
     "distribution_name": "cloud.google.com/go/spanner/admin/database/apiv1",
@@ -2779,6 +2859,16 @@
     "release_level": "stable",
     "library_type": "GAPIC_AUTO"
   },
+  "cloud.google.com/go/storagebatchoperations/apiv1": {
+    "api_shortname": "storagebatchoperations",
+    "distribution_name": "cloud.google.com/go/storagebatchoperations/apiv1",
+    "description": "Storage Batch Operations API",
+    "language": "go",
+    "client_library_type": "generated",
+    "client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/storagebatchoperations/latest/apiv1",
+    "release_level": "preview",
+    "library_type": "GAPIC_AUTO"
+  },
   "cloud.google.com/go/storageinsights/apiv1": {
     "api_shortname": "storageinsights",
     "distribution_name": "cloud.google.com/go/storageinsights/apiv1",
diff --git a/vendor/cloud.google.com/go/kms/apiv1/autokey_admin_client.go b/vendor/cloud.google.com/go/kms/apiv1/autokey_admin_client.go
index 22b9eaa141..93e98452e8 100644
--- a/vendor/cloud.google.com/go/kms/apiv1/autokey_admin_client.go
+++ b/vendor/cloud.google.com/go/kms/apiv1/autokey_admin_client.go
@@ -371,7 +371,7 @@ func (c *autokeyAdminGRPCClient) Connection() *grpc.ClientConn {
 // use by Google-written clients.
 func (c *autokeyAdminGRPCClient) setGoogleClientInfo(keyval ...string) {
 	kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
-	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "grpc", grpc.Version)
+	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "grpc", grpc.Version, "pb", protoVersion)
 	c.xGoogHeaders = []string{
 		"x-goog-api-client", gax.XGoogHeader(kv...),
 	}
@@ -446,7 +446,7 @@ func defaultAutokeyAdminRESTClientOptions() []option.ClientOption {
 // use by Google-written clients.
 func (c *autokeyAdminRESTClient) setGoogleClientInfo(keyval ...string) {
 	kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
-	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "rest", "UNKNOWN")
+	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "rest", "UNKNOWN", "pb", protoVersion)
 	c.xGoogHeaders = []string{
 		"x-goog-api-client", gax.XGoogHeader(kv...),
 	}
diff --git a/vendor/cloud.google.com/go/kms/apiv1/autokey_client.go b/vendor/cloud.google.com/go/kms/apiv1/autokey_client.go
index 7986a78e1d..4ba085578b 100644
--- a/vendor/cloud.google.com/go/kms/apiv1/autokey_client.go
+++ b/vendor/cloud.google.com/go/kms/apiv1/autokey_client.go
@@ -401,7 +401,7 @@ func (c *autokeyGRPCClient) Connection() *grpc.ClientConn {
 // use by Google-written clients.
 func (c *autokeyGRPCClient) setGoogleClientInfo(keyval ...string) {
 	kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
-	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "grpc", grpc.Version)
+	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "grpc", grpc.Version, "pb", protoVersion)
 	c.xGoogHeaders = []string{
 		"x-goog-api-client", gax.XGoogHeader(kv...),
 	}
@@ -501,7 +501,7 @@ func defaultAutokeyRESTClientOptions() []option.ClientOption {
 // use by Google-written clients.
 func (c *autokeyRESTClient) setGoogleClientInfo(keyval ...string) {
 	kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
-	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "rest", "UNKNOWN")
+	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "rest", "UNKNOWN", "pb", protoVersion)
 	c.xGoogHeaders = []string{
 		"x-goog-api-client", gax.XGoogHeader(kv...),
 	}
diff --git a/vendor/cloud.google.com/go/kms/apiv1/ekm_client.go b/vendor/cloud.google.com/go/kms/apiv1/ekm_client.go
index f7ef5ac46e..0282a7bacb 100644
--- a/vendor/cloud.google.com/go/kms/apiv1/ekm_client.go
+++ b/vendor/cloud.google.com/go/kms/apiv1/ekm_client.go
@@ -427,7 +427,7 @@ func (c *ekmGRPCClient) Connection() *grpc.ClientConn {
 // use by Google-written clients.
 func (c *ekmGRPCClient) setGoogleClientInfo(keyval ...string) {
 	kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
-	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "grpc", grpc.Version)
+	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "grpc", grpc.Version, "pb", protoVersion)
 	c.xGoogHeaders = []string{
 		"x-goog-api-client", gax.XGoogHeader(kv...),
 	}
@@ -500,7 +500,7 @@ func defaultEkmRESTClientOptions() []option.ClientOption {
 // use by Google-written clients.
 func (c *ekmRESTClient) setGoogleClientInfo(keyval ...string) {
 	kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
-	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "rest", "UNKNOWN")
+	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "rest", "UNKNOWN", "pb", protoVersion)
 	c.xGoogHeaders = []string{
 		"x-goog-api-client", gax.XGoogHeader(kv...),
 	}
diff --git a/vendor/cloud.google.com/go/kms/apiv1/helpers.go b/vendor/cloud.google.com/go/kms/apiv1/helpers.go
index afdc9d0800..3d2c434993 100644
--- a/vendor/cloud.google.com/go/kms/apiv1/helpers.go
+++ b/vendor/cloud.google.com/go/kms/apiv1/helpers.go
@@ -18,6 +18,7 @@ package kms
 
 import (
 	"context"
+	"fmt"
 	"io"
 	"log/slog"
 	"net/http"
@@ -28,10 +29,13 @@ import (
 	"google.golang.org/api/option"
 	"google.golang.org/grpc"
 	"google.golang.org/protobuf/proto"
+	"google.golang.org/protobuf/runtime/protoimpl"
 )
 
 const serviceName = "cloudkms.googleapis.com"
 
+var protoVersion = fmt.Sprintf("1.%d", protoimpl.MaxVersion)
+
 // For more information on implementing a client constructor hook, see
 // https://github.com/googleapis/google-cloud-go/wiki/Customizing-constructors.
 type clientHookParams struct{}
diff --git a/vendor/cloud.google.com/go/kms/apiv1/key_management_client.go b/vendor/cloud.google.com/go/kms/apiv1/key_management_client.go
index 2c99b71deb..3246c31c21 100644
--- a/vendor/cloud.google.com/go/kms/apiv1/key_management_client.go
+++ b/vendor/cloud.google.com/go/kms/apiv1/key_management_client.go
@@ -1196,7 +1196,7 @@ func (c *keyManagementGRPCClient) Connection() *grpc.ClientConn {
 // use by Google-written clients.
 func (c *keyManagementGRPCClient) setGoogleClientInfo(keyval ...string) {
 	kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
-	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "grpc", grpc.Version)
+	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "grpc", grpc.Version, "pb", protoVersion)
 	c.xGoogHeaders = []string{
 		"x-goog-api-client", gax.XGoogHeader(kv...),
 	}
@@ -1278,7 +1278,7 @@ func defaultKeyManagementRESTClientOptions() []option.ClientOption {
 // use by Google-written clients.
 func (c *keyManagementRESTClient) setGoogleClientInfo(keyval ...string) {
 	kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
-	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "rest", "UNKNOWN")
+	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "rest", "UNKNOWN", "pb", protoVersion)
 	c.xGoogHeaders = []string{
 		"x-goog-api-client", gax.XGoogHeader(kv...),
 	}
diff --git a/vendor/cloud.google.com/go/kms/apiv1/kmspb/autokey.pb.go b/vendor/cloud.google.com/go/kms/apiv1/kmspb/autokey.pb.go
index 023bc0f679..6f12a2532e 100644
--- a/vendor/cloud.google.com/go/kms/apiv1/kmspb/autokey.pb.go
+++ b/vendor/cloud.google.com/go/kms/apiv1/kmspb/autokey.pb.go
@@ -15,23 +15,22 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.35.2
-// 	protoc        v4.25.3
+// 	protoc        v4.25.7
 // source: google/cloud/kms/v1/autokey.proto
 
 package kmspb
 
 import (
-	context "context"
-	reflect "reflect"
-	sync "sync"
-
 	longrunningpb "cloud.google.com/go/longrunning/autogen/longrunningpb"
+	context "context"
 	_ "google.golang.org/genproto/googleapis/api/annotations"
 	grpc "google.golang.org/grpc"
 	codes "google.golang.org/grpc/codes"
 	status "google.golang.org/grpc/status"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
 )
 
 const (
diff --git a/vendor/cloud.google.com/go/kms/apiv1/kmspb/autokey_admin.pb.go b/vendor/cloud.google.com/go/kms/apiv1/kmspb/autokey_admin.pb.go
index adec5faf18..e0569d6114 100644
--- a/vendor/cloud.google.com/go/kms/apiv1/kmspb/autokey_admin.pb.go
+++ b/vendor/cloud.google.com/go/kms/apiv1/kmspb/autokey_admin.pb.go
@@ -15,16 +15,13 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.35.2
-// 	protoc        v4.25.3
+// 	protoc        v4.25.7
 // source: google/cloud/kms/v1/autokey_admin.proto
 
 package kmspb
 
 import (
 	context "context"
-	reflect "reflect"
-	sync "sync"
-
 	_ "google.golang.org/genproto/googleapis/api/annotations"
 	grpc "google.golang.org/grpc"
 	codes "google.golang.org/grpc/codes"
@@ -32,6 +29,8 @@ import (
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	fieldmaskpb "google.golang.org/protobuf/types/known/fieldmaskpb"
+	reflect "reflect"
+	sync "sync"
 )
 
 const (
@@ -232,6 +231,11 @@ type AutokeyConfig struct {
 	KeyProject string `protobuf:"bytes,2,opt,name=key_project,json=keyProject,proto3" json:"key_project,omitempty"`
 	// Output only. The state for the AutokeyConfig.
 	State AutokeyConfig_State `protobuf:"varint,4,opt,name=state,proto3,enum=google.cloud.kms.v1.AutokeyConfig_State" json:"state,omitempty"`
+	// Optional. A checksum computed by the server based on the value of other
+	// fields. This may be sent on update requests to ensure that the client has
+	// an up-to-date value before proceeding. The request will be rejected with an
+	// ABORTED error on a mismatched etag.
+	Etag string `protobuf:"bytes,6,opt,name=etag,proto3" json:"etag,omitempty"`
 }
 
 func (x *AutokeyConfig) Reset() {
@@ -285,6 +289,13 @@ func (x *AutokeyConfig) GetState() AutokeyConfig_State {
 	return AutokeyConfig_STATE_UNSPECIFIED
 }
 
+func (x *AutokeyConfig) GetEtag() string {
+	if x != nil {
+		return x.Etag
+	}
+	return ""
+}
+
 // Request message for
 // [ShowEffectiveAutokeyConfig][google.cloud.kms.v1.AutokeyAdmin.ShowEffectiveAutokeyConfig].
 type ShowEffectiveAutokeyConfigRequest struct {
@@ -417,7 +428,7 @@ var file_google_cloud_kms_v1_autokey_admin_proto_rawDesc = []byte{
 	0x41, 0x02, 0xfa, 0x41, 0x27, 0x0a, 0x25, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x6b, 0x6d, 0x73, 0x2e,
 	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41,
 	0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x22, 0xd6, 0x02, 0x0a, 0x0d, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f,
+	0x6d, 0x65, 0x22, 0xef, 0x02, 0x0a, 0x0d, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f,
 	0x6e, 0x66, 0x69, 0x67, 0x12, 0x17, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
 	0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x08, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x24, 0x0a,
 	0x0b, 0x6b, 0x65, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01,
@@ -426,82 +437,83 @@ var file_google_cloud_kms_v1_autokey_admin_proto_rawDesc = []byte{
 	0x28, 0x0e, 0x32, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75,
 	0x64, 0x2e, 0x6b, 0x6d, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79,
 	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x42, 0x03, 0xe0, 0x41,
-	0x03, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x22, 0x56, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x74,
-	0x65, 0x12, 0x15, 0x0a, 0x11, 0x53, 0x54, 0x41, 0x54, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45,
-	0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x41, 0x43, 0x54, 0x49,
-	0x56, 0x45, 0x10, 0x01, 0x12, 0x17, 0x0a, 0x13, 0x4b, 0x45, 0x59, 0x5f, 0x50, 0x52, 0x4f, 0x4a,
-	0x45, 0x43, 0x54, 0x5f, 0x44, 0x45, 0x4c, 0x45, 0x54, 0x45, 0x44, 0x10, 0x02, 0x12, 0x11, 0x0a,
-	0x0d, 0x55, 0x4e, 0x49, 0x4e, 0x49, 0x54, 0x49, 0x41, 0x4c, 0x49, 0x5a, 0x45, 0x44, 0x10, 0x03,
-	0x3a, 0x69, 0xea, 0x41, 0x66, 0x0a, 0x25, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x6b, 0x6d, 0x73, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41,
-	0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1e, 0x66, 0x6f,
-	0x6c, 0x64, 0x65, 0x72, 0x73, 0x2f, 0x7b, 0x66, 0x6f, 0x6c, 0x64, 0x65, 0x72, 0x7d, 0x2f, 0x61,
-	0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2a, 0x0e, 0x61, 0x75,
-	0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x73, 0x32, 0x0d, 0x61, 0x75,
-	0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x70, 0x0a, 0x21, 0x53,
-	0x68, 0x6f, 0x77, 0x45, 0x66, 0x66, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x41, 0x75, 0x74, 0x6f,
-	0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
-	0x12, 0x4b, 0x0a, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
-	0x42, 0x33, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x2d, 0x0a, 0x2b, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x72,
-	0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x50, 0x72,
-	0x6f, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x22, 0x45, 0x0a,
-	0x22, 0x53, 0x68, 0x6f, 0x77, 0x45, 0x66, 0x66, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x41, 0x75,
-	0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f,
-	0x6e, 0x73, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6b, 0x65, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x6a, 0x65,
-	0x63, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6b, 0x65, 0x79, 0x50, 0x72, 0x6f,
-	0x6a, 0x65, 0x63, 0x74, 0x32, 0xc8, 0x05, 0x0a, 0x0c, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79,
-	0x41, 0x64, 0x6d, 0x69, 0x6e, 0x12, 0xd2, 0x01, 0x0a, 0x13, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65,
-	0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2f, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73,
-	0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65,
-	0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d,
-	0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66,
-	0x69, 0x67, 0x22, 0x66, 0xda, 0x41, 0x1a, 0x61, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x5f, 0x63,
-	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2c, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73,
-	0x6b, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x43, 0x3a, 0x0e, 0x61, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79,
-	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x32, 0x31, 0x2f, 0x76, 0x31, 0x2f, 0x7b, 0x61, 0x75,
-	0x74, 0x6f, 0x6b, 0x65, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6e, 0x61, 0x6d,
-	0x65, 0x3d, 0x66, 0x6f, 0x6c, 0x64, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x61, 0x75, 0x74, 0x6f,
-	0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x7d, 0x12, 0x97, 0x01, 0x0a, 0x10, 0x47,
-	0x65, 0x74, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
-	0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b,
-	0x6d, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79,
-	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73,
-	0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69,
-	0x67, 0x22, 0x31, 0xda, 0x41, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x24,
-	0x12, 0x22, 0x2f, 0x76, 0x31, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x66, 0x6f, 0x6c, 0x64,
-	0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x61, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e,
-	0x66, 0x69, 0x67, 0x7d, 0x12, 0xd2, 0x01, 0x0a, 0x1a, 0x53, 0x68, 0x6f, 0x77, 0x45, 0x66, 0x66,
-	0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e,
-	0x66, 0x69, 0x67, 0x12, 0x36, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c, 0x6f,
-	0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x68, 0x6f, 0x77, 0x45, 0x66,
+	0x03, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x12, 0x17, 0x0a, 0x04, 0x65, 0x74, 0x61, 0x67,
+	0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x01, 0x52, 0x04, 0x65, 0x74, 0x61,
+	0x67, 0x22, 0x56, 0x0a, 0x05, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x15, 0x0a, 0x11, 0x53, 0x54,
+	0x41, 0x54, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10,
+	0x00, 0x12, 0x0a, 0x0a, 0x06, 0x41, 0x43, 0x54, 0x49, 0x56, 0x45, 0x10, 0x01, 0x12, 0x17, 0x0a,
+	0x13, 0x4b, 0x45, 0x59, 0x5f, 0x50, 0x52, 0x4f, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x44, 0x45, 0x4c,
+	0x45, 0x54, 0x45, 0x44, 0x10, 0x02, 0x12, 0x11, 0x0a, 0x0d, 0x55, 0x4e, 0x49, 0x4e, 0x49, 0x54,
+	0x49, 0x41, 0x4c, 0x49, 0x5a, 0x45, 0x44, 0x10, 0x03, 0x3a, 0x69, 0xea, 0x41, 0x66, 0x0a, 0x25,
+	0x63, 0x6c, 0x6f, 0x75, 0x64, 0x6b, 0x6d, 0x73, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
+	0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1e, 0x66, 0x6f, 0x6c, 0x64, 0x65, 0x72, 0x73, 0x2f, 0x7b,
+	0x66, 0x6f, 0x6c, 0x64, 0x65, 0x72, 0x7d, 0x2f, 0x61, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2a, 0x0e, 0x61, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x73, 0x32, 0x0d, 0x61, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f,
+	0x6e, 0x66, 0x69, 0x67, 0x22, 0x70, 0x0a, 0x21, 0x53, 0x68, 0x6f, 0x77, 0x45, 0x66, 0x66, 0x65,
+	0x63, 0x74, 0x69, 0x76, 0x65, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x4b, 0x0a, 0x06, 0x70, 0x61, 0x72,
+	0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x33, 0xe0, 0x41, 0x02, 0xfa, 0x41,
+	0x2d, 0x0a, 0x2b, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
+	0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
+	0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x50, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x52, 0x06,
+	0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x22, 0x45, 0x0a, 0x22, 0x53, 0x68, 0x6f, 0x77, 0x45, 0x66,
 	0x66, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f,
-	0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x37, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73, 0x2e, 0x76,
-	0x31, 0x2e, 0x53, 0x68, 0x6f, 0x77, 0x45, 0x66, 0x66, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x41,
-	0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70,
-	0x6f, 0x6e, 0x73, 0x65, 0x22, 0x43, 0xda, 0x41, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x82,
-	0xd3, 0xe4, 0x93, 0x02, 0x34, 0x12, 0x32, 0x2f, 0x76, 0x31, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65,
-	0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x73,
-	0x68, 0x6f, 0x77, 0x45, 0x66, 0x66, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x41, 0x75, 0x74, 0x6f,
-	0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x74, 0xca, 0x41, 0x17, 0x63, 0x6c,
-	0x6f, 0x75, 0x64, 0x6b, 0x6d, 0x73, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69,
-	0x73, 0x2e, 0x63, 0x6f, 0x6d, 0xd2, 0x41, 0x57, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f,
-	0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63,
-	0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c,
-	0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x2c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77,
-	0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f,
-	0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x6b, 0x6d, 0x73, 0x42,
-	0x59, 0x0a, 0x17, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c,
-	0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73, 0x2e, 0x76, 0x31, 0x42, 0x11, 0x41, 0x75, 0x74, 0x6f,
-	0x6b, 0x65, 0x79, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a,
-	0x29, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f,
-	0x6d, 0x2f, 0x67, 0x6f, 0x2f, 0x6b, 0x6d, 0x73, 0x2f, 0x61, 0x70, 0x69, 0x76, 0x31, 0x2f, 0x6b,
-	0x6d, 0x73, 0x70, 0x62, 0x3b, 0x6b, 0x6d, 0x73, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x33,
+	0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1f, 0x0a, 0x0b,
+	0x6b, 0x65, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x0a, 0x6b, 0x65, 0x79, 0x50, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x32, 0xc8, 0x05,
+	0x0a, 0x0c, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x12, 0xd2,
+	0x01, 0x0a, 0x13, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79,
+	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64,
+	0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
+	0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75,
+	0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x66, 0xda, 0x41, 0x1a,
+	0x61, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2c, 0x75,
+	0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x43,
+	0x3a, 0x0e, 0x61, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x32, 0x31, 0x2f, 0x76, 0x31, 0x2f, 0x7b, 0x61, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x5f, 0x63,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x66, 0x6f, 0x6c, 0x64, 0x65,
+	0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x61, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x7d, 0x12, 0x97, 0x01, 0x0a, 0x10, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x6f, 0x6b,
+	0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47,
+	0x65, 0x74, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52,
+	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74,
+	0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x31, 0xda, 0x41, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x24, 0x12, 0x22, 0x2f, 0x76, 0x31, 0x2f, 0x7b,
+	0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x66, 0x6f, 0x6c, 0x64, 0x65, 0x72, 0x73, 0x2f, 0x2a, 0x2f, 0x61,
+	0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x7d, 0x12, 0xd2, 0x01,
+	0x0a, 0x1a, 0x53, 0x68, 0x6f, 0x77, 0x45, 0x66, 0x66, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x41,
+	0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x36, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73, 0x2e,
+	0x76, 0x31, 0x2e, 0x53, 0x68, 0x6f, 0x77, 0x45, 0x66, 0x66, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65,
+	0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x1a, 0x37, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c,
+	0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x68, 0x6f, 0x77, 0x45,
+	0x66, 0x66, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x43, 0xda,
+	0x41, 0x06, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x34, 0x12, 0x32,
+	0x2f, 0x76, 0x31, 0x2f, 0x7b, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x3d, 0x70, 0x72, 0x6f, 0x6a,
+	0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x73, 0x68, 0x6f, 0x77, 0x45, 0x66, 0x66, 0x65,
+	0x63, 0x74, 0x69, 0x76, 0x65, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x1a, 0x74, 0xca, 0x41, 0x17, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x6b, 0x6d, 0x73, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0xd2, 0x41,
+	0x57, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68,
+	0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x2c,
+	0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f,
+	0x63, 0x6c, 0x6f, 0x75, 0x64, 0x6b, 0x6d, 0x73, 0x42, 0x59, 0x0a, 0x17, 0x63, 0x6f, 0x6d, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x6b, 0x6d, 0x73,
+	0x2e, 0x76, 0x31, 0x42, 0x11, 0x41, 0x75, 0x74, 0x6f, 0x6b, 0x65, 0x79, 0x41, 0x64, 0x6d, 0x69,
+	0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x29, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x6f, 0x2f, 0x6b, 0x6d,
+	0x73, 0x2f, 0x61, 0x70, 0x69, 0x76, 0x31, 0x2f, 0x6b, 0x6d, 0x73, 0x70, 0x62, 0x3b, 0x6b, 0x6d,
+	0x73, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
diff --git a/vendor/cloud.google.com/go/kms/apiv1/kmspb/ekm_service.pb.go b/vendor/cloud.google.com/go/kms/apiv1/kmspb/ekm_service.pb.go
index a56b41f46b..13f4e25241 100644
--- a/vendor/cloud.google.com/go/kms/apiv1/kmspb/ekm_service.pb.go
+++ b/vendor/cloud.google.com/go/kms/apiv1/kmspb/ekm_service.pb.go
@@ -15,16 +15,13 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.35.2
-// 	protoc        v4.25.3
+// 	protoc        v4.25.7
 // source: google/cloud/kms/v1/ekm_service.proto
 
 package kmspb
 
 import (
 	context "context"
-	reflect "reflect"
-	sync "sync"
-
 	_ "google.golang.org/genproto/googleapis/api/annotations"
 	grpc "google.golang.org/grpc"
 	codes "google.golang.org/grpc/codes"
@@ -33,6 +30,8 @@ import (
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	fieldmaskpb "google.golang.org/protobuf/types/known/fieldmaskpb"
 	timestamppb "google.golang.org/protobuf/types/known/timestamppb"
+	reflect "reflect"
+	sync "sync"
 )
 
 const (
@@ -239,6 +238,10 @@ type ListEkmConnectionsResponse struct {
 	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
 	// The total number of [EkmConnections][google.cloud.kms.v1.EkmConnection]
 	// that matched the query.
+	//
+	// This field is not populated if
+	// [ListEkmConnectionsRequest.filter][google.cloud.kms.v1.ListEkmConnectionsRequest.filter]
+	// is applied.
 	TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
 }
 
diff --git a/vendor/cloud.google.com/go/kms/apiv1/kmspb/resources.pb.go b/vendor/cloud.google.com/go/kms/apiv1/kmspb/resources.pb.go
index 16871b8cd1..4ba8029e40 100644
--- a/vendor/cloud.google.com/go/kms/apiv1/kmspb/resources.pb.go
+++ b/vendor/cloud.google.com/go/kms/apiv1/kmspb/resources.pb.go
@@ -15,21 +15,20 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.35.2
-// 	protoc        v4.25.3
+// 	protoc        v4.25.7
 // source: google/cloud/kms/v1/resources.proto
 
 package kmspb
 
 import (
-	reflect "reflect"
-	sync "sync"
-
 	_ "google.golang.org/genproto/googleapis/api/annotations"
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	durationpb "google.golang.org/protobuf/types/known/durationpb"
 	timestamppb "google.golang.org/protobuf/types/known/timestamppb"
 	wrapperspb "google.golang.org/protobuf/types/known/wrapperspb"
+	reflect "reflect"
+	sync "sync"
 )
 
 const (
@@ -404,6 +403,8 @@ func (KeyOperationAttestation_AttestationFormat) EnumDescriptor() ([]byte, []int
 // The suffix following `HMAC_` corresponds to the hash algorithm being used
 // (eg. SHA256).
 //
+// Algorithms beginning with `PQ_` are post-quantum.
+//
 // For more information, see [Key purposes and algorithms]
 // (https://cloud.google.com/kms/docs/algorithms).
 type CryptoKeyVersion_CryptoKeyVersionAlgorithm int32
@@ -627,7 +628,7 @@ const (
 	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
 	// state.
 	CryptoKeyVersion_DISABLED CryptoKeyVersion_CryptoKeyVersionState = 2
-	// This version is destroyed, and the key material is no longer stored.
+	// The key material of this version is destroyed and no longer stored.
 	// This version may only become
 	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
 	// again if this version is
diff --git a/vendor/cloud.google.com/go/kms/apiv1/kmspb/service.pb.go b/vendor/cloud.google.com/go/kms/apiv1/kmspb/service.pb.go
index af57a57a3b..0f8a7a94f0 100644
--- a/vendor/cloud.google.com/go/kms/apiv1/kmspb/service.pb.go
+++ b/vendor/cloud.google.com/go/kms/apiv1/kmspb/service.pb.go
@@ -15,16 +15,13 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.35.2
-// 	protoc        v4.25.3
+// 	protoc        v4.25.7
 // source: google/cloud/kms/v1/service.proto
 
 package kmspb
 
 import (
 	context "context"
-	reflect "reflect"
-	sync "sync"
-
 	_ "google.golang.org/genproto/googleapis/api/annotations"
 	grpc "google.golang.org/grpc"
 	codes "google.golang.org/grpc/codes"
@@ -33,6 +30,8 @@ import (
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	fieldmaskpb "google.golang.org/protobuf/types/known/fieldmaskpb"
 	wrapperspb "google.golang.org/protobuf/types/known/wrapperspb"
+	reflect "reflect"
+	sync "sync"
 )
 
 const (
@@ -469,6 +468,10 @@ type ListKeyRingsResponse struct {
 	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
 	// The total number of [KeyRings][google.cloud.kms.v1.KeyRing] that matched
 	// the query.
+	//
+	// This field is not populated if
+	// [ListKeyRingsRequest.filter][google.cloud.kms.v1.ListKeyRingsRequest.filter]
+	// is applied.
 	TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
 }
 
@@ -538,6 +541,10 @@ type ListCryptoKeysResponse struct {
 	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
 	// The total number of [CryptoKeys][google.cloud.kms.v1.CryptoKey] that
 	// matched the query.
+	//
+	// This field is not populated if
+	// [ListCryptoKeysRequest.filter][google.cloud.kms.v1.ListCryptoKeysRequest.filter]
+	// is applied.
 	TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
 }
 
@@ -608,6 +615,10 @@ type ListCryptoKeyVersionsResponse struct {
 	// The total number of
 	// [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] that matched the
 	// query.
+	//
+	// This field is not populated if
+	// [ListCryptoKeyVersionsRequest.filter][google.cloud.kms.v1.ListCryptoKeyVersionsRequest.filter]
+	// is applied.
 	TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
 }
 
@@ -677,6 +688,10 @@ type ListImportJobsResponse struct {
 	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
 	// The total number of [ImportJobs][google.cloud.kms.v1.ImportJob] that
 	// matched the query.
+	//
+	// This field is not populated if
+	// [ListImportJobsRequest.filter][google.cloud.kms.v1.ListImportJobsRequest.filter]
+	// is applied.
 	TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
 }
 
diff --git a/vendor/cloud.google.com/go/kms/internal/version.go b/vendor/cloud.google.com/go/kms/internal/version.go
index 670f0797ee..eddfee04b0 100644
--- a/vendor/cloud.google.com/go/kms/internal/version.go
+++ b/vendor/cloud.google.com/go/kms/internal/version.go
@@ -15,4 +15,4 @@
 package internal
 
 // Version is the current tagged release of the library.
-const Version = "1.21.1"
+const Version = "1.22.0"
diff --git a/vendor/cloud.google.com/go/longrunning/CHANGES.md b/vendor/cloud.google.com/go/longrunning/CHANGES.md
index a71958edb0..ca0d28f167 100644
--- a/vendor/cloud.google.com/go/longrunning/CHANGES.md
+++ b/vendor/cloud.google.com/go/longrunning/CHANGES.md
@@ -1,5 +1,12 @@
 # Changes
 
+## [0.6.7](https://github.com/googleapis/google-cloud-go/compare/longrunning/v0.6.6...longrunning/v0.6.7) (2025-04-15)
+
+
+### Bug Fixes
+
+* **longrunning:** Update google.golang.org/api to 0.229.0 ([3319672](https://github.com/googleapis/google-cloud-go/commit/3319672f3dba84a7150772ccb5433e02dab7e201))
+
 ## [0.6.6](https://github.com/googleapis/google-cloud-go/compare/longrunning/v0.6.5...longrunning/v0.6.6) (2025-03-13)
 
 
diff --git a/vendor/cloud.google.com/go/monitoring/internal/version.go b/vendor/cloud.google.com/go/monitoring/internal/version.go
index 3e6c62c920..e199c1168a 100644
--- a/vendor/cloud.google.com/go/monitoring/internal/version.go
+++ b/vendor/cloud.google.com/go/monitoring/internal/version.go
@@ -15,4 +15,4 @@
 package internal
 
 // Version is the current tagged release of the library.
-const Version = "1.24.1"
+const Version = "1.24.2"
diff --git a/vendor/cloud.google.com/go/release-please-config-yoshi-submodules.json b/vendor/cloud.google.com/go/release-please-config-yoshi-submodules.json
index 4d8d236ed8..157b414912 100644
--- a/vendor/cloud.google.com/go/release-please-config-yoshi-submodules.json
+++ b/vendor/cloud.google.com/go/release-please-config-yoshi-submodules.json
@@ -90,6 +90,9 @@
         "chat": {
             "component": "chat"
         },
+        "chronicle": {
+            "component": "chronicle"
+        },
         "cloudbuild": {
             "component": "cloudbuild"
         },
@@ -165,6 +168,9 @@
         "developerconnect": {
             "component": "developerconnect"
         },
+        "devicestreaming": {
+            "component": "devicestreaming"
+        },
         "dialogflow": {
             "component": "dialogflow"
         },
@@ -246,6 +252,9 @@
         "longrunning": {
             "component": "longrunning"
         },
+        "lustre": {
+            "component": "lustre"
+        },
         "managedidentities": {
             "component": "managedidentities"
         },
@@ -399,9 +408,15 @@
         "shopping": {
             "component": "shopping"
         },
+        "spanner/benchmarks": {
+            "component": "spanner/benchmarks"
+        },
         "speech": {
             "component": "speech"
         },
+        "storagebatchoperations": {
+            "component": "storagebatchoperations"
+        },
         "storageinsights": {
             "component": "storageinsights"
         },
diff --git a/vendor/cloud.google.com/go/storage/CHANGES.md b/vendor/cloud.google.com/go/storage/CHANGES.md
index ca5cbb7c25..cc0452c6ac 100644
--- a/vendor/cloud.google.com/go/storage/CHANGES.md
+++ b/vendor/cloud.google.com/go/storage/CHANGES.md
@@ -1,6 +1,27 @@
 # Changes
 
 
+## [1.53.0](https://github.com/googleapis/google-cloud-go/compare/storage/v1.52.0...storage/v1.53.0) (2025-05-02)
+
+
+### Features
+
+* **storage/control:** Add Anywhere cache control APIs ([83ae06c](https://github.com/googleapis/google-cloud-go/commit/83ae06c3ec7d190e38856ba4cfd8a13f08356b4d))
+
+
+### Bug Fixes
+
+* **storage:** Fix append edge cases ([#12074](https://github.com/googleapis/google-cloud-go/issues/12074)) ([0eee1f9](https://github.com/googleapis/google-cloud-go/commit/0eee1f99a7dc0d1bfc36fa43d78933cae47962ee))
+* **storage:** Fix retries for redirection errors. ([#12093](https://github.com/googleapis/google-cloud-go/issues/12093)) ([3e177e7](https://github.com/googleapis/google-cloud-go/commit/3e177e755f5bf6aa96e8712cc4adcba7eb6f04f6))
+* **storage:** Handle gRPC deadlines in tests. ([#12092](https://github.com/googleapis/google-cloud-go/issues/12092)) ([30b7cd2](https://github.com/googleapis/google-cloud-go/commit/30b7cd27771ccbd49b70ee106da36362ba8f1e87))
+* **storage:** Update offset on resumable upload retry ([#12086](https://github.com/googleapis/google-cloud-go/issues/12086)) ([6ce8fe5](https://github.com/googleapis/google-cloud-go/commit/6ce8fe5aec0ec7916eda4d1405cab5f5f65a5de8))
+* **storage:** Validate Bidi option for MRD ([#12033](https://github.com/googleapis/google-cloud-go/issues/12033)) ([d9018cf](https://github.com/googleapis/google-cloud-go/commit/d9018cf640a9ac25e2b23b75b3bcfa734379ab09))
+
+
+### Documentation
+
+* **storage/control:** Added comments for Anywhere cache messages ([83ae06c](https://github.com/googleapis/google-cloud-go/commit/83ae06c3ec7d190e38856ba4cfd8a13f08356b4d))
+
 ## [1.52.0](https://github.com/googleapis/google-cloud-go/compare/storage/v1.51.0...storage/v1.52.0) (2025-04-22)
 
 
diff --git a/vendor/cloud.google.com/go/storage/doc.go b/vendor/cloud.google.com/go/storage/doc.go
index 4fcfb73264..ec801fb545 100644
--- a/vendor/cloud.google.com/go/storage/doc.go
+++ b/vendor/cloud.google.com/go/storage/doc.go
@@ -333,12 +333,13 @@ to add a [custom audit logging] header:
 
 # gRPC API
 
-This package includes support for the Cloud Storage gRPC API. The
-implementation uses gRPC rather than the Default
-JSON & XML APIs to make requests to Cloud Storage.
-The Go Storage gRPC client is generally available.
-The Notifications, Serivce Account HMAC
-and GetServiceAccount RPCs are not supported through the gRPC client.
+This package includes support for the [Cloud Storage gRPC API]. This
+implementation uses gRPC rather than the default JSON & XML APIs
+to make requests to Cloud Storage. All methods on the [Client] support
+the gRPC API, with the exception of [GetServiceAccount], [Notification],
+and [HMACKey] methods.
+
+The Cloud Storage gRPC API is generally available.
 
 To create a client which will use gRPC, use the alternate constructor:
 
@@ -349,43 +350,31 @@ To create a client which will use gRPC, use the alternate constructor:
 	}
 	// Use client as usual.
 
-Using the gRPC API inside GCP with a bucket in the same region can allow for
-[Direct Connectivity] (enabling requests to skip some proxy steps and reducing
-response latency). A warning is emmitted if gRPC is not used within GCP to
-warn that Direct Connectivity could not be initialized. Direct Connectivity
-is not required to access the gRPC API.
+One major advantage of the gRPC API is that it can use [Direct Connectivity],
+enabling requests to skip some proxy steps and reducing responce latency.
+Requirements to use Direct Connectivity include:
+
+  - Your application must be running inside Google Cloud.
+  - Your Cloud Storage [bucket location] must overlap with your VM or compute
+    environment zone. For example, if your VM is in us-east1a, your bucket
+    must be located in either us-east1 (single region), nam4 (dual region),
+    or us (multi-region).
+  - Your client must use service account authentication.
+
+Additional requirements for Direct Connectivity are documented in the
+[Cloud Storage gRPC docs].
 
 Dependencies for the gRPC API may slightly increase the size of binaries for
 applications depending on this package. If you are not using gRPC, you can use
 the build tag `disable_grpc_modules` to opt out of these dependencies and
 reduce the binary size.
 
-The gRPC client emits metrics by default and will export the
-gRPC telemetry discussed in [gRFC/66] and [gRFC/78] to
-[Google Cloud Monitoring]. The metrics are accessible through Cloud Monitoring
-API and you incur no additional cost for publishing the metrics. Google Cloud
-Support can use this information to more quickly diagnose problems related to
-GCS and gRPC.
-Sending this data does not incur any billing charges, and requires minimal
-CPU (a single RPC every minute) or memory (a few KiB to batch the
-telemetry).
-
-To access the metrics you can view them through Cloud Monitoring
-[metric explorer] with the prefix `storage.googleapis.com/client`. Metrics are emitted
-every minute.
-
-You can disable metrics using the following example when creating a new gRPC
-client using [WithDisabledClientMetrics].
-
-The metrics exporter uses Cloud Monitoring API which determines
-project ID and credentials doing the following:
-
-* Project ID is determined using OTel Resource Detector for the environment
-otherwise it falls back to the project provided by [google.FindCredentials].
-
-* Credentials are determined using [Application Default Credentials]. The
-principal must have `roles/monitoring.metricWriter` role granted. If not a
-logged warning will be emitted. Subsequent are silenced to prevent noisy logs.
+The gRPC client is instrumented with Open Telemetry metrics which export to
+Cloud Monitoring by default. More information is available in the
+[gRPC client-side metrics] documentation, including information about
+roles which must be enabled in order to do the export successfully. To
+disable this export, you can use the [WithDisabledClientMetrics] client
+option.
 
 # Storage Control API
 
@@ -394,11 +383,6 @@ and Managed Folder operations) are supported via the autogenerated Storage Contr
 client, which is available as a subpackage in this module. See package docs at
 [cloud.google.com/go/storage/control/apiv2] or reference the [Storage Control API] docs.
 
-[Application Default Credentials]: https://cloud.google.com/docs/authentication/application-default-credentials
-[google.FindCredentials]: https://pkg.go.dev/golang.org/x/oauth2/google#FindDefaultCredentials
-[gRFC/66]: https://github.com/grpc/proposal/blob/master/A66-otel-stats.md
-[gRFC/78]: https://github.com/grpc/proposal/blob/master/A78-grpc-metrics-wrr-pf-xds.md
-[Google Cloud Monitoring]: https://cloud.google.com/monitoring/docs
 [Cloud Storage IAM docs]: https://cloud.google.com/storage/docs/access-control/iam
 [XML POST Object docs]: https://cloud.google.com/storage/docs/xml-api/post-object
 [Cloud Storage retry docs]: https://cloud.google.com/storage/docs/retry-strategy
@@ -408,7 +392,10 @@ client, which is available as a subpackage in this module. See package docs at
 [IAM Service Account Credentials API]: https://console.developers.google.com/apis/api/iamcredentials.googleapis.com/overview
 [custom audit logging]: https://cloud.google.com/storage/docs/audit-logging#add-custom-metadata
 [Storage Control API]: https://cloud.google.com/storage/docs/reference/rpc/google.storage.control.v2
-[metric explorer]: https://console.cloud.google.com/projectselector/monitoring/metrics-explorer
+[Cloud Storage gRPC API]: https://cloud.google.com/storage/docs/enable-grpc-api
 [Direct Connectivity]: https://cloud.google.com/vpc-service-controls/docs/set-up-private-connectivity#direct-connectivity
+[bucket location]: https://cloud.google.com/storage/docs/locations
+[Cloud Storage gRPC docs]: https://cloud.google.com/storage/docs/enable-grpc-api#limitations
+[gRPC client-side metrics]: https://cloud.google.com/storage/docs/client-side-metrics
 */
 package storage // import "cloud.google.com/go/storage"
diff --git a/vendor/cloud.google.com/go/storage/grpc_client.go b/vendor/cloud.google.com/go/storage/grpc_client.go
index 1dd564cda6..2b0a4b4f9e 100644
--- a/vendor/cloud.google.com/go/storage/grpc_client.go
+++ b/vendor/cloud.google.com/go/storage/grpc_client.go
@@ -22,7 +22,6 @@ import (
 	"hash/crc32"
 	"io"
 	"log"
-	"net/url"
 	"os"
 	"sync"
 
@@ -31,7 +30,6 @@ import (
 	gapic "cloud.google.com/go/storage/internal/apiv2"
 	"cloud.google.com/go/storage/internal/apiv2/storagepb"
 	"github.com/googleapis/gax-go/v2"
-	"google.golang.org/api/googleapi"
 	"google.golang.org/api/iterator"
 	"google.golang.org/api/option"
 	"google.golang.org/api/option/internaloption"
@@ -57,12 +55,6 @@ const (
 	// This is only used for the gRPC client.
 	defaultConnPoolSize = 1
 
-	// maxPerMessageWriteSize is the maximum amount of content that can be sent
-	// per WriteObjectRequest message. A buffer reaching this amount will
-	// precipitate a flush of the buffer. It is only used by the gRPC Writer
-	// implementation.
-	maxPerMessageWriteSize int = int(storagepb.ServiceConstants_MAX_WRITE_CHUNK_BYTES)
-
 	// globalProjectAlias is the project ID alias used for global buckets.
 	//
 	// This is only used for the gRPC API.
@@ -1063,6 +1055,10 @@ func contextMetadataFromBidiReadObject(req *storagepb.BidiReadObjectRequest) []s
 }
 
 func (c *grpcStorageClient) NewMultiRangeDownloader(ctx context.Context, params *newMultiRangeDownloaderParams, opts ...storageOption) (mr *MultiRangeDownloader, err error) {
+	if !c.config.grpcBidiReads {
+		return nil, errors.New("storage: MultiRangeDownloader requires the experimental.WithGRPCBidiReads option")
+	}
+
 	ctx = trace.StartSpan(ctx, "cloud.google.com/go/storage.grpcStorageClient.NewMultiRangeDownloader")
 	defer func() { trace.EndSpan(ctx, err) }()
 	s := callSettings(c.settings, opts...)
@@ -1423,11 +1419,7 @@ func (mrd *gRPCBidiReader) activeRange() []mrdRange {
 
 // retryStream cancel's stream and reopen the stream again.
 func (mrd *gRPCBidiReader) retryStream(err error) error {
-	var shouldRetry = ShouldRetry
-	if mrd.settings.retry != nil && mrd.settings.retry.shouldRetry != nil {
-		shouldRetry = mrd.settings.retry.shouldRetry
-	}
-	if shouldRetry(err) {
+	if mrd.settings.retry.runShouldRetry(err) {
 		// This will "close" the existing stream and immediately attempt to
 		// reopen the stream, but will backoff if further attempts are necessary.
 		// When Reopening the stream only failed readID will be added to stream.
@@ -1736,116 +1728,6 @@ func (c *grpcStorageClient) NewRangeReader(ctx context.Context, params *newRange
 	return r, nil
 }
 
-func (c *grpcStorageClient) OpenWriter(params *openWriterParams, opts ...storageOption) (*io.PipeWriter, error) {
-	var offset int64
-	errorf := params.setError
-	setObj := params.setObj
-	setFlush := params.setFlush
-	pr, pw := io.Pipe()
-
-	s := callSettings(c.settings, opts...)
-
-	retryDeadline := defaultWriteChunkRetryDeadline
-	if params.chunkRetryDeadline != 0 {
-		retryDeadline = params.chunkRetryDeadline
-	}
-	if s.retry == nil {
-		s.retry = defaultRetry.clone()
-	}
-	s.retry.maxRetryDuration = retryDeadline
-
-	// Set Flush func for use by exported Writer.Flush.
-	var gw *gRPCWriter
-	setFlush(func() (int64, error) {
-		return gw.flush()
-	})
-	gw, err := newGRPCWriter(c, s, params, pr, pw, params.setPipeWriter)
-	if err != nil {
-		errorf(err)
-		pr.CloseWithError(err)
-		close(params.donec)
-		return nil, err
-	}
-
-	var o *storagepb.Object
-
-	// If we are taking over an appendable object, send the first message here
-	// to get the append offset.
-	if params.appendGen > 0 {
-		// Create the buffer sender. This opens a stream and blocks until we
-		// get a response that tells us what offset to write from.
-		wbs, err := gw.newGRPCAppendTakeoverWriteBufferSender(params.ctx)
-		if err != nil {
-			return nil, fmt.Errorf("storage: creating buffer sender: %w", err)
-		}
-		// Propagate append offset to caller and buffer sending logic below.
-		params.setTakeoverOffset(wbs.takeoverOffset)
-		offset = wbs.takeoverOffset
-		gw.streamSender = wbs
-		o = wbs.objResource
-		setObj(newObjectFromProto(o))
-	}
-
-	// This function reads the data sent to the pipe and sends sets of messages
-	// on the gRPC client-stream as the buffer is filled.
-	go func() {
-		err := func() error {
-			// Unless the user told us the content type, we have to determine it from
-			// the first read.
-			if params.attrs.ContentType == "" && !params.forceEmptyContentType {
-				gw.reader, gw.spec.Resource.ContentType = gax.DetermineContentType(gw.reader)
-			}
-
-			// Loop until there is an error or the Object has been finalized.
-			for {
-				// Note: This blocks until either the buffer is full or EOF is read.
-				recvd, doneReading, err := gw.read()
-				if err != nil {
-					return err
-				}
-
-				uploadBuff := func(ctx context.Context) error {
-					obj, err := gw.uploadBuffer(ctx, recvd, offset, doneReading)
-					if obj != nil {
-						o = obj
-						setObj(newObjectFromProto(o))
-					}
-					return err
-				}
-
-				// Add routing headers to the context metadata for single-shot and resumable
-				// writes. Append writes need to set this at a lower level to pass the routing
-				// token.
-				bctx := gw.ctx
-				if !gw.append {
-					bctx = bucketContext(bctx, gw.bucket)
-				}
-				err = run(bctx, uploadBuff, gw.settings.retry, s.idempotent)
-				if err != nil {
-					return err
-				}
-				offset += int64(recvd)
-
-				// When we are done reading data without errors, set the object and
-				// finish.
-				if doneReading {
-					// Build Object from server's response.
-					setObj(newObjectFromProto(o))
-					return nil
-				}
-			}
-		}()
-
-		// These calls are still valid if err is nil
-		err = checkCanceled(err)
-		errorf(err)
-		pr.CloseWithError(err)
-		close(params.donec)
-	}()
-
-	return pw, nil
-}
-
 // IAM methods.
 
 func (c *grpcStorageClient) GetIamPolicy(ctx context.Context, resource string, version int32, opts ...storageOption) (*iampb.Policy, error) {
@@ -2146,11 +2028,7 @@ func (r *gRPCReader) Close() error {
 func (r *gRPCReader) recv() error {
 	databufs := mem.BufferSlice{}
 	err := r.stream.RecvMsg(&databufs)
-	var shouldRetry = ShouldRetry
-	if r.settings.retry != nil && r.settings.retry.shouldRetry != nil {
-		shouldRetry = r.settings.retry.shouldRetry
-	}
-	if err != nil && shouldRetry(err) {
+	if err != nil && r.settings.retry.runShouldRetry(err) {
 		// This will "close" the existing stream and immediately attempt to
 		// reopen the stream, but will backoff if further attempts are necessary.
 		// Reopening the stream Recvs the first message, so if retrying is
@@ -2613,467 +2491,3 @@ func (r *gRPCReader) reopenStream() error {
 	r.cancel = cancel
 	return nil
 }
-
-func newGRPCWriter(c *grpcStorageClient, s *settings, params *openWriterParams, r io.Reader, pw *io.PipeWriter, setPipeWriter func(*io.PipeWriter)) (*gRPCWriter, error) {
-	if params.attrs.Retention != nil {
-		// TO-DO: remove once ObjectRetention is available - see b/308194853
-		return nil, status.Errorf(codes.Unimplemented, "storage: object retention is not supported in gRPC")
-	}
-
-	size := googleapi.MinUploadChunkSize
-	// A completely bufferless upload (params.chunkSize <= 0) is not possible in
-	// gRPC because the buffer must be provided to the message. Use the minimum
-	// size possible.
-	if params.chunkSize > 0 {
-		size = params.chunkSize
-	}
-
-	// Round up chunksize to nearest 256KiB
-	if size%googleapi.MinUploadChunkSize != 0 {
-		size += googleapi.MinUploadChunkSize - (size % googleapi.MinUploadChunkSize)
-	}
-
-	if s.userProject != "" {
-		params.ctx = setUserProjectMetadata(params.ctx, s.userProject)
-	}
-
-	spec := &storagepb.WriteObjectSpec{
-		Resource:   params.attrs.toProtoObject(params.bucket),
-		Appendable: proto.Bool(params.append),
-	}
-	var appendSpec *storagepb.AppendObjectSpec
-	if params.appendGen > 0 {
-		appendSpec = &storagepb.AppendObjectSpec{
-			Bucket:     bucketResourceName(globalProjectAlias, params.bucket),
-			Object:     params.attrs.Name,
-			Generation: params.appendGen,
-		}
-	}
-	// WriteObject doesn't support the generation condition, so use default.
-	if err := applyCondsProto("WriteObject", defaultGen, params.conds, spec); err != nil {
-		return nil, err
-	}
-
-	return &gRPCWriter{
-		buf:                   make([]byte, size),
-		c:                     c,
-		ctx:                   params.ctx,
-		reader:                r,
-		pw:                    pw,
-		bucket:                params.bucket,
-		attrs:                 params.attrs,
-		conds:                 params.conds,
-		spec:                  spec,
-		appendSpec:            appendSpec,
-		encryptionKey:         params.encryptionKey,
-		settings:              s,
-		progress:              params.progress,
-		setSize:               params.setSize,
-		sendCRC32C:            params.sendCRC32C,
-		forceOneShot:          params.chunkSize <= 0,
-		forceEmptyContentType: params.forceEmptyContentType,
-		append:                params.append,
-		finalizeOnClose:       params.finalizeOnClose,
-		setPipeWriter:         setPipeWriter,
-		flushComplete:         make(chan int64),
-	}, nil
-}
-
-// gRPCWriter is a wrapper around the the gRPC client-stream API that manages
-// sending chunks of data provided by the user over the stream.
-type gRPCWriter struct {
-	c             *grpcStorageClient
-	buf           []byte
-	reader        io.Reader
-	pw            *io.PipeWriter
-	setPipeWriter func(*io.PipeWriter) // used to set in parent storage.Writer
-
-	ctx context.Context
-
-	bucket        string
-	attrs         *ObjectAttrs
-	conds         *Conditions
-	spec          *storagepb.WriteObjectSpec
-	appendSpec    *storagepb.AppendObjectSpec
-	encryptionKey []byte
-	settings      *settings
-	progress      func(int64)
-	setSize       func(int64)
-
-	sendCRC32C            bool
-	forceOneShot          bool
-	forceEmptyContentType bool
-	append                bool
-	finalizeOnClose       bool
-
-	streamSender    gRPCBidiWriteBufferSender
-	flushInProgress bool       // true when the pipe is being recreated for a flush.
-	flushComplete   chan int64 // use to signal back to flush call that flush to server was completed.
-}
-
-func bucketContext(ctx context.Context, bucket string) context.Context {
-	hds := []string{"x-goog-request-params", fmt.Sprintf("bucket=projects/_/buckets/%s", url.QueryEscape(bucket))}
-	return gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
-}
-
-// drainInboundStream calls stream.Recv() repeatedly until an error is returned.
-// It returns the last Resource received on the stream, or nil if no Resource
-// was returned. drainInboundStream always returns a non-nil error. io.EOF
-// indicates all messages were successfully read.
-func drainInboundStream(stream storagepb.Storage_BidiWriteObjectClient) (object *storagepb.Object, err error) {
-	for err == nil {
-		var resp *storagepb.BidiWriteObjectResponse
-		resp, err = stream.Recv()
-		// GetResource() returns nil on a nil response
-		if resp.GetResource() != nil {
-			object = resp.GetResource()
-		}
-	}
-	return object, err
-}
-
-func bidiWriteObjectRequest(buf []byte, offset int64, flush, finishWrite bool) *storagepb.BidiWriteObjectRequest {
-	var data *storagepb.BidiWriteObjectRequest_ChecksummedData
-	if buf != nil {
-		data = &storagepb.BidiWriteObjectRequest_ChecksummedData{
-			ChecksummedData: &storagepb.ChecksummedData{
-				Content: buf,
-			},
-		}
-	}
-	req := &storagepb.BidiWriteObjectRequest{
-		Data:        data,
-		WriteOffset: offset,
-		FinishWrite: finishWrite,
-		Flush:       flush,
-		StateLookup: flush,
-	}
-	return req
-}
-
-type gRPCBidiWriteBufferSender interface {
-	// sendBuffer implementations should upload buf, respecting flush and
-	// finishWrite. Callers must guarantee that buf is not too long to fit in a
-	// gRPC message.
-	//
-	// If flush is true, implementations must not return until the data in buf is
-	// stable. If finishWrite is true, implementations must return the object on
-	// success.
-	sendBuffer(ctx context.Context, buf []byte, offset int64, flush, finishWrite bool) (*storagepb.Object, error)
-}
-
-type gRPCOneshotBidiWriteBufferSender struct {
-	firstMessage *storagepb.BidiWriteObjectRequest
-	raw          *gapic.Client
-	stream       storagepb.Storage_BidiWriteObjectClient
-	settings     *settings
-}
-
-func (w *gRPCWriter) newGRPCOneshotBidiWriteBufferSender() (*gRPCOneshotBidiWriteBufferSender, error) {
-	firstMessage := &storagepb.BidiWriteObjectRequest{
-		FirstMessage: &storagepb.BidiWriteObjectRequest_WriteObjectSpec{
-			WriteObjectSpec: w.spec,
-		},
-		CommonObjectRequestParams: toProtoCommonObjectRequestParams(w.encryptionKey),
-		// For a non-resumable upload, checksums must be sent in this message.
-		// TODO: Currently the checksums are only sent on the first message
-		// of the stream, but in the future, we must also support sending it
-		// on the *last* message of the stream (instead of the first).
-		ObjectChecksums: toProtoChecksums(w.sendCRC32C, w.attrs),
-	}
-
-	return &gRPCOneshotBidiWriteBufferSender{
-		firstMessage: firstMessage,
-		raw:          w.c.raw,
-		settings:     w.settings,
-	}, nil
-}
-
-func (s *gRPCOneshotBidiWriteBufferSender) sendBuffer(ctx context.Context, buf []byte, offset int64, flush, finishWrite bool) (obj *storagepb.Object, err error) {
-	var firstMessage *storagepb.BidiWriteObjectRequest
-	if s.stream == nil {
-		s.stream, err = s.raw.BidiWriteObject(ctx, s.settings.gax...)
-		if err != nil {
-			return
-		}
-		firstMessage = s.firstMessage
-	}
-	req := bidiWriteObjectRequest(buf, offset, flush, finishWrite)
-	if firstMessage != nil {
-		proto.Merge(req, firstMessage)
-	}
-
-	sendErr := s.stream.Send(req)
-	if sendErr != nil {
-		obj, err = drainInboundStream(s.stream)
-		s.stream = nil
-		if sendErr != io.EOF {
-			err = sendErr
-		}
-		return
-	}
-	// Oneshot uploads assume all flushes succeed
-
-	if finishWrite {
-		s.stream.CloseSend()
-		// Oneshot uploads only read from the response stream on completion or
-		// failure
-		obj, err = drainInboundStream(s.stream)
-		s.stream = nil
-		if err == io.EOF {
-			err = nil
-		}
-	}
-	return
-}
-
-type gRPCResumableBidiWriteBufferSender struct {
-	queryRetry        *retryConfig
-	upid              string
-	progress          func(int64)
-	raw               *gapic.Client
-	forceFirstMessage bool
-	stream            storagepb.Storage_BidiWriteObjectClient
-	flushOffset       int64
-	settings          *settings
-}
-
-func (w *gRPCWriter) newGRPCResumableBidiWriteBufferSender(ctx context.Context) (*gRPCResumableBidiWriteBufferSender, error) {
-	req := &storagepb.StartResumableWriteRequest{
-		WriteObjectSpec:           w.spec,
-		CommonObjectRequestParams: toProtoCommonObjectRequestParams(w.encryptionKey),
-		// TODO: Currently the checksums are only sent on the request to initialize
-		// the upload, but in the future, we must also support sending it
-		// on the *last* message of the stream.
-		ObjectChecksums: toProtoChecksums(w.sendCRC32C, w.attrs),
-	}
-
-	var upid string
-	err := run(ctx, func(ctx context.Context) error {
-		upres, err := w.c.raw.StartResumableWrite(ctx, req, w.settings.gax...)
-		upid = upres.GetUploadId()
-		return err
-	}, w.settings.retry, w.settings.idempotent)
-	if err != nil {
-		return nil, err
-	}
-
-	// Set up an initial connection for the 0 offset, so we don't query state
-	// unnecessarily for the first buffer. If we fail, we'll just retry in the
-	// normal connect path.
-	stream, err := w.c.raw.BidiWriteObject(ctx, w.settings.gax...)
-	if err != nil {
-		stream = nil
-	}
-
-	return &gRPCResumableBidiWriteBufferSender{
-		queryRetry:        w.settings.retry,
-		upid:              upid,
-		progress:          w.progress,
-		raw:               w.c.raw,
-		forceFirstMessage: true,
-		stream:            stream,
-		settings:          w.settings,
-	}, nil
-}
-
-// queryProgress is a helper that queries the status of the resumable upload
-// associated with the given upload ID.
-func (s *gRPCResumableBidiWriteBufferSender) queryProgress(ctx context.Context) (int64, error) {
-	var persistedSize int64
-	err := run(ctx, func(ctx context.Context) error {
-		q, err := s.raw.QueryWriteStatus(ctx, &storagepb.QueryWriteStatusRequest{
-			UploadId: s.upid,
-		}, s.settings.gax...)
-		// q.GetPersistedSize() will return 0 if q is nil.
-		persistedSize = q.GetPersistedSize()
-		return err
-	}, s.queryRetry, true)
-
-	return persistedSize, err
-}
-
-func (s *gRPCResumableBidiWriteBufferSender) sendBuffer(ctx context.Context, buf []byte, offset int64, flush, finishWrite bool) (obj *storagepb.Object, err error) {
-	if s.stream == nil {
-		// Determine offset and reconnect
-		s.flushOffset, err = s.queryProgress(ctx)
-		if err != nil {
-			return
-		}
-		s.stream, err = s.raw.BidiWriteObject(ctx, s.settings.gax...)
-		if err != nil {
-			return
-		}
-		s.forceFirstMessage = true
-	}
-
-	// clean up buf. We'll still write the message if a flush/finishWrite was
-	// requested.
-	if offset < s.flushOffset {
-		trim := s.flushOffset - offset
-		if int64(len(buf)) <= trim {
-			trim = int64(len(buf))
-		}
-		buf = buf[trim:]
-	}
-	if len(buf) == 0 && !flush && !finishWrite {
-		// no need to send anything
-		return nil, nil
-	}
-
-	req := bidiWriteObjectRequest(buf, offset, flush, finishWrite)
-	if s.forceFirstMessage {
-		req.FirstMessage = &storagepb.BidiWriteObjectRequest_UploadId{UploadId: s.upid}
-		s.forceFirstMessage = false
-	}
-
-	sendErr := s.stream.Send(req)
-	if sendErr != nil {
-		obj, err = drainInboundStream(s.stream)
-		s.stream = nil
-		if err == io.EOF {
-			// This is unexpected - we got an error on Send(), but not on Recv().
-			// Bubble up the sendErr.
-			err = sendErr
-		}
-		return
-	}
-
-	if finishWrite {
-		s.stream.CloseSend()
-		obj, err = drainInboundStream(s.stream)
-		s.stream = nil
-		if err == io.EOF {
-			err = nil
-			if obj.GetSize() > s.flushOffset {
-				s.progress(obj.GetSize())
-			}
-		}
-		return
-	}
-
-	if flush {
-		resp, err := s.stream.Recv()
-		if err != nil {
-			return nil, err
-		}
-		persistedOffset := resp.GetPersistedSize()
-		if persistedOffset > s.flushOffset {
-			s.flushOffset = persistedOffset
-			s.progress(s.flushOffset)
-		}
-	}
-	return
-}
-
-// uploadBuffer uploads the buffer at the given offset using a bi-directional
-// Write stream. It will open a new stream if necessary (on the first call or
-// after resuming from failure) and chunk the buffer per maxPerMessageWriteSize.
-// The final Object is returned on success if doneReading is true.
-//
-// Returns object and any error that is not retriable.
-func (w *gRPCWriter) uploadBuffer(ctx context.Context, recvd int, start int64, doneReading bool) (obj *storagepb.Object, err error) {
-	if w.streamSender == nil {
-		if w.append {
-			// Appendable object semantics
-			w.streamSender, err = w.newGRPCAppendableObjectBufferSender()
-		} else if doneReading || w.forceOneShot {
-			// One shot semantics
-			w.streamSender, err = w.newGRPCOneshotBidiWriteBufferSender()
-		} else {
-			// Resumable write semantics
-			w.streamSender, err = w.newGRPCResumableBidiWriteBufferSender(ctx)
-		}
-		if err != nil {
-			return
-		}
-	}
-
-	data := w.buf[:recvd]
-	offset := start
-	// We want to go through this loop at least once, in case we have to
-	// finishWrite with an empty buffer.
-	for {
-		// Send as much as we can fit into a single gRPC message. Only flush once,
-		// when sending the very last message.
-		l := maxPerMessageWriteSize
-		flush := false
-		if len(data) <= l {
-			l = len(data)
-			flush = true
-		}
-		obj, err = w.streamSender.sendBuffer(ctx, data[:l], offset, flush, flush && doneReading)
-		if err != nil {
-			return nil, err
-		}
-		data = data[l:]
-		offset += int64(l)
-		if len(data) == 0 {
-			// Update object size to match persisted offset.
-			if obj != nil {
-				obj.Size = offset
-			}
-			break
-		}
-	}
-	if w.flushInProgress {
-		w.setSize(offset)
-		w.flushInProgress = false
-		w.flushComplete <- offset
-	}
-	return
-}
-
-// read copies the data in the reader to the given buffer and reports how much
-// data was read into the buffer and if there is no more data to read (EOF).
-// read returns when either 1. the buffer is full, 2. Writer.Flush was called,
-// or 3. Writer.Close was called.
-func (w *gRPCWriter) read() (int, bool, error) {
-	// Set n to -1 to start the Read loop.
-	var n, recvd int = -1, 0
-	var err error
-	for err == nil && n != 0 {
-		// The routine blocks here until data is received.
-		n, err = w.reader.Read(w.buf[recvd:])
-		recvd += n
-	}
-	var done bool
-	if err == io.EOF {
-		err = nil
-		// EOF can come from Writer.Flush or Writer.Close.
-		if w.flushInProgress {
-			// Reset pipe for additional writes after the flush.
-			pr, pw := io.Pipe()
-			w.reader = pr
-			w.pw = pw
-			w.setPipeWriter(pw)
-		} else {
-			done = true
-		}
-	}
-	return recvd, done, err
-}
-
-// flush flushes the current buffer regardless of whether it is full or not.
-// It's the implementation for Writer.Flush.
-func (w *gRPCWriter) flush() (int64, error) {
-	if !w.append {
-		return 0, errors.New("Flush is supported only if Writer.Append is set to true")
-	}
-
-	// Close PipeWriter to trigger EOF on read side of the stream.
-	w.flushInProgress = true
-	w.pw.Close()
-
-	// Wait for flush to complete
-	offset := <-w.flushComplete
-	return offset, nil
-}
-
-func checkCanceled(err error) error {
-	if status.Code(err) == codes.Canceled {
-		return context.Canceled
-	}
-
-	return err
-}
diff --git a/vendor/cloud.google.com/go/storage/grpc_reader.go b/vendor/cloud.google.com/go/storage/grpc_reader.go
index e1aecad653..099e6a6155 100644
--- a/vendor/cloud.google.com/go/storage/grpc_reader.go
+++ b/vendor/cloud.google.com/go/storage/grpc_reader.go
@@ -424,11 +424,7 @@ func (r *gRPCReadObjectReader) recv() error {
 	databufs := mem.BufferSlice{}
 	err := r.stream.RecvMsg(&databufs)
 
-	var shouldRetry = ShouldRetry
-	if r.settings.retry != nil && r.settings.retry.shouldRetry != nil {
-		shouldRetry = r.settings.retry.shouldRetry
-	}
-	if err != nil && shouldRetry(err) {
+	if err != nil && r.settings.retry.runShouldRetry(err) {
 		// This will "close" the existing stream and immediately attempt to
 		// reopen the stream, but will backoff if further attempts are necessary.
 		// Reopening the stream Recvs the first message, so if retrying is
diff --git a/vendor/cloud.google.com/go/storage/grpc_writer.go b/vendor/cloud.google.com/go/storage/grpc_writer.go
index 83d2c9e3e8..c74d1ff316 100644
--- a/vendor/cloud.google.com/go/storage/grpc_writer.go
+++ b/vendor/cloud.google.com/go/storage/grpc_writer.go
@@ -19,17 +19,646 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"net/url"
 	"time"
 
 	gapic "cloud.google.com/go/storage/internal/apiv2"
 	"cloud.google.com/go/storage/internal/apiv2/storagepb"
 	gax "github.com/googleapis/gax-go/v2"
+	"google.golang.org/api/googleapi"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/proto"
 )
 
-const defaultWriteChunkRetryDeadline = 32 * time.Second
+const (
+	// defaultWriteChunkRetryDeadline is the default deadline for the upload
+	// of a single chunk. It can be overwritten by Writer.ChunkRetryDeadline.
+	defaultWriteChunkRetryDeadline = 32 * time.Second
+	// maxPerMessageWriteSize is the maximum amount of content that can be sent
+	// per WriteObjectRequest message. A buffer reaching this amount will
+	// precipitate a flush of the buffer. It is only used by the gRPC Writer
+	// implementation.
+	maxPerMessageWriteSize int = int(storagepb.ServiceConstants_MAX_WRITE_CHUNK_BYTES)
+)
+
+func withBidiWriteObjectRedirectionErrorRetries(s *settings) (newr *retryConfig) {
+	oldr := s.retry
+	newr = oldr.clone()
+	if newr == nil {
+		newr = &retryConfig{}
+	}
+	if (oldr.policy == RetryIdempotent && !s.idempotent) || oldr.policy == RetryNever {
+		// We still retry redirection errors even when settings indicate not to
+		// retry.
+		//
+		// The protocol requires us to respect redirection errors, so RetryNever has
+		// to ignore them.
+		//
+		// Idempotency is always protected by redirection errors: they either
+		// contain a handle which can be used as idempotency information, or they do
+		// not contain a handle and are "affirmative failures" which indicate that
+		// no server-side action occurred.
+		newr.policy = RetryAlways
+		newr.shouldRetry = func(err error) bool {
+			return errors.Is(err, bidiWriteObjectRedirectionError{})
+		}
+		return newr
+	}
+	// If retry settings allow retries normally, fall back to that behavior.
+	newr.shouldRetry = func(err error) bool {
+		if errors.Is(err, bidiWriteObjectRedirectionError{}) {
+			return true
+		}
+		v := oldr.runShouldRetry(err)
+		return v
+	}
+	return newr
+}
+
+func (c *grpcStorageClient) OpenWriter(params *openWriterParams, opts ...storageOption) (*io.PipeWriter, error) {
+	var offset int64
+	errorf := params.setError
+	setObj := params.setObj
+	setFlush := params.setFlush
+	pr, pw := io.Pipe()
+
+	s := callSettings(c.settings, opts...)
+
+	retryDeadline := defaultWriteChunkRetryDeadline
+	if params.chunkRetryDeadline != 0 {
+		retryDeadline = params.chunkRetryDeadline
+	}
+	if s.retry == nil {
+		s.retry = defaultRetry.clone()
+	}
+	if params.append {
+		s.retry = withBidiWriteObjectRedirectionErrorRetries(s)
+	}
+	s.retry.maxRetryDuration = retryDeadline
+
+	// Set Flush func for use by exported Writer.Flush.
+	var gw *gRPCWriter
+	setFlush(func() (int64, error) {
+		return gw.flush()
+	})
+	gw, err := newGRPCWriter(c, s, params, pr, pw, params.setPipeWriter)
+	if err != nil {
+		errorf(err)
+		pr.CloseWithError(err)
+		close(params.donec)
+		return nil, err
+	}
+
+	var o *storagepb.Object
+
+	// If we are taking over an appendable object, send the first message here
+	// to get the append offset.
+	if params.appendGen > 0 {
+		// Create the buffer sender. This opens a stream and blocks until we
+		// get a response that tells us what offset to write from.
+		wbs, err := gw.newGRPCAppendTakeoverWriteBufferSender(params.ctx)
+		if err != nil {
+			return nil, fmt.Errorf("storage: creating buffer sender: %w", err)
+		}
+		// Propagate append offset to caller and buffer sending logic below.
+		params.setTakeoverOffset(wbs.takeoverOffset)
+		offset = wbs.takeoverOffset
+		gw.streamSender = wbs
+		o = wbs.objResource
+		setObj(newObjectFromProto(o))
+	}
+
+	// This function reads the data sent to the pipe and sends sets of messages
+	// on the gRPC client-stream as the buffer is filled.
+	go func() {
+		err := func() error {
+			// Unless the user told us the content type, we have to determine it from
+			// the first read.
+			if params.attrs.ContentType == "" && !params.forceEmptyContentType {
+				gw.reader, gw.spec.Resource.ContentType = gax.DetermineContentType(gw.reader)
+			}
+
+			// Loop until there is an error or the Object has been finalized.
+			for {
+				// Note: This blocks until either the buffer is full or EOF is read.
+				recvd, doneReading, err := gw.read()
+				if err != nil {
+					return err
+				}
+
+				uploadBuff := func(ctx context.Context) error {
+					obj, err := gw.uploadBuffer(ctx, recvd, offset, doneReading)
+					if obj != nil {
+						o = obj
+						setObj(newObjectFromProto(o))
+					}
+					return err
+				}
+
+				// Add routing headers to the context metadata for single-shot and resumable
+				// writes. Append writes need to set this at a lower level to pass the routing
+				// token.
+				bctx := gw.ctx
+				if !gw.append {
+					bctx = bucketContext(bctx, gw.bucket)
+				}
+				err = run(bctx, uploadBuff, gw.settings.retry, s.idempotent)
+				offset += int64(recvd)
+				// If this buffer upload was triggered by a flush, reset and
+				// communicate back the result.
+				if gw.flushInProgress {
+					gw.setSize(offset)
+					gw.flushInProgress = false
+					gw.flushComplete <- flushResult{offset: offset, err: err}
+				}
+				if err != nil {
+					return err
+				}
+				// When we are done reading data without errors, set the object and
+				// finish.
+				if doneReading {
+					// Build Object from server's response.
+					setObj(newObjectFromProto(o))
+					return nil
+				}
+			}
+		}()
+
+		// These calls are still valid if err is nil
+		err = checkCanceled(err)
+		errorf(err)
+		pr.CloseWithError(err)
+		close(params.donec)
+	}()
+
+	return pw, nil
+}
+
+func newGRPCWriter(c *grpcStorageClient, s *settings, params *openWriterParams, r io.Reader, pw *io.PipeWriter, setPipeWriter func(*io.PipeWriter)) (*gRPCWriter, error) {
+	if params.attrs.Retention != nil {
+		// TO-DO: remove once ObjectRetention is available - see b/308194853
+		return nil, status.Errorf(codes.Unimplemented, "storage: object retention is not supported in gRPC")
+	}
+
+	size := googleapi.MinUploadChunkSize
+	// A completely bufferless upload (params.chunkSize <= 0) is not possible in
+	// gRPC because the buffer must be provided to the message. Use the minimum
+	// size possible.
+	if params.chunkSize > 0 {
+		size = params.chunkSize
+	}
+
+	// Round up chunksize to nearest 256KiB
+	if size%googleapi.MinUploadChunkSize != 0 {
+		size += googleapi.MinUploadChunkSize - (size % googleapi.MinUploadChunkSize)
+	}
+
+	if s.userProject != "" {
+		params.ctx = setUserProjectMetadata(params.ctx, s.userProject)
+	}
+
+	spec := &storagepb.WriteObjectSpec{
+		Resource:   params.attrs.toProtoObject(params.bucket),
+		Appendable: proto.Bool(params.append),
+	}
+	var appendSpec *storagepb.AppendObjectSpec
+	if params.appendGen > 0 {
+		appendSpec = &storagepb.AppendObjectSpec{
+			Bucket:     bucketResourceName(globalProjectAlias, params.bucket),
+			Object:     params.attrs.Name,
+			Generation: params.appendGen,
+		}
+	}
+	// WriteObject doesn't support the generation condition, so use default.
+	if err := applyCondsProto("WriteObject", defaultGen, params.conds, spec); err != nil {
+		return nil, err
+	}
+
+	return &gRPCWriter{
+		buf:                   make([]byte, size),
+		c:                     c,
+		ctx:                   params.ctx,
+		reader:                r,
+		pw:                    pw,
+		bucket:                params.bucket,
+		attrs:                 params.attrs,
+		conds:                 params.conds,
+		spec:                  spec,
+		appendSpec:            appendSpec,
+		encryptionKey:         params.encryptionKey,
+		settings:              s,
+		progress:              params.progress,
+		setSize:               params.setSize,
+		sendCRC32C:            params.sendCRC32C,
+		forceOneShot:          params.chunkSize <= 0,
+		forceEmptyContentType: params.forceEmptyContentType,
+		append:                params.append,
+		finalizeOnClose:       params.finalizeOnClose,
+		setPipeWriter:         setPipeWriter,
+		flushComplete:         make(chan flushResult),
+	}, nil
+}
+
+// gRPCWriter is a wrapper around the the gRPC client-stream API that manages
+// sending chunks of data provided by the user over the stream.
+type gRPCWriter struct {
+	c             *grpcStorageClient
+	buf           []byte
+	reader        io.Reader
+	pw            *io.PipeWriter
+	setPipeWriter func(*io.PipeWriter) // used to set in parent storage.Writer
+
+	ctx context.Context
+
+	bucket        string
+	attrs         *ObjectAttrs
+	conds         *Conditions
+	spec          *storagepb.WriteObjectSpec
+	appendSpec    *storagepb.AppendObjectSpec
+	encryptionKey []byte
+	settings      *settings
+	progress      func(int64)
+	setSize       func(int64)
+
+	sendCRC32C            bool
+	forceOneShot          bool
+	forceEmptyContentType bool
+	append                bool
+	finalizeOnClose       bool
+
+	streamSender    gRPCBidiWriteBufferSender
+	flushInProgress bool             // true when the pipe is being recreated for a flush.
+	flushComplete   chan flushResult // use to signal back to flush call that flush to server was completed.
+}
+
+type flushResult struct {
+	err    error
+	offset int64
+}
+
+func bucketContext(ctx context.Context, bucket string) context.Context {
+	hds := []string{"x-goog-request-params", fmt.Sprintf("bucket=projects/_/buckets/%s", url.QueryEscape(bucket))}
+	return gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
+}
+
+// drainInboundStream calls stream.Recv() repeatedly until an error is returned.
+// It returns the last Resource received on the stream, or nil if no Resource
+// was returned. drainInboundStream always returns a non-nil error. io.EOF
+// indicates all messages were successfully read.
+func drainInboundStream(stream storagepb.Storage_BidiWriteObjectClient) (object *storagepb.Object, err error) {
+	for err == nil {
+		var resp *storagepb.BidiWriteObjectResponse
+		resp, err = stream.Recv()
+		// GetResource() returns nil on a nil response
+		if resp.GetResource() != nil {
+			object = resp.GetResource()
+		}
+	}
+	return object, err
+}
+
+func bidiWriteObjectRequest(buf []byte, offset int64, flush, finishWrite bool) *storagepb.BidiWriteObjectRequest {
+	var data *storagepb.BidiWriteObjectRequest_ChecksummedData
+	if buf != nil {
+		data = &storagepb.BidiWriteObjectRequest_ChecksummedData{
+			ChecksummedData: &storagepb.ChecksummedData{
+				Content: buf,
+			},
+		}
+	}
+	req := &storagepb.BidiWriteObjectRequest{
+		Data:        data,
+		WriteOffset: offset,
+		FinishWrite: finishWrite,
+		Flush:       flush,
+		StateLookup: flush,
+	}
+	return req
+}
+
+type gRPCBidiWriteBufferSender interface {
+	// sendBuffer implementations should upload buf, respecting flush and
+	// finishWrite. Callers must guarantee that buf is not too long to fit in a
+	// gRPC message.
+	//
+	// If flush is true, implementations must not return until the data in buf is
+	// stable. If finishWrite is true, implementations must return the object on
+	// success.
+	sendBuffer(ctx context.Context, buf []byte, offset int64, flush, finishWrite bool) (*storagepb.Object, error)
+}
+
+type gRPCOneshotBidiWriteBufferSender struct {
+	firstMessage *storagepb.BidiWriteObjectRequest
+	raw          *gapic.Client
+	stream       storagepb.Storage_BidiWriteObjectClient
+	settings     *settings
+}
+
+func (w *gRPCWriter) newGRPCOneshotBidiWriteBufferSender() (*gRPCOneshotBidiWriteBufferSender, error) {
+	firstMessage := &storagepb.BidiWriteObjectRequest{
+		FirstMessage: &storagepb.BidiWriteObjectRequest_WriteObjectSpec{
+			WriteObjectSpec: w.spec,
+		},
+		CommonObjectRequestParams: toProtoCommonObjectRequestParams(w.encryptionKey),
+		// For a non-resumable upload, checksums must be sent in this message.
+		// TODO: Currently the checksums are only sent on the first message
+		// of the stream, but in the future, we must also support sending it
+		// on the *last* message of the stream (instead of the first).
+		ObjectChecksums: toProtoChecksums(w.sendCRC32C, w.attrs),
+	}
+
+	return &gRPCOneshotBidiWriteBufferSender{
+		firstMessage: firstMessage,
+		raw:          w.c.raw,
+		settings:     w.settings,
+	}, nil
+}
+
+func (s *gRPCOneshotBidiWriteBufferSender) sendBuffer(ctx context.Context, buf []byte, offset int64, flush, finishWrite bool) (obj *storagepb.Object, err error) {
+	var firstMessage *storagepb.BidiWriteObjectRequest
+	if s.stream == nil {
+		s.stream, err = s.raw.BidiWriteObject(ctx, s.settings.gax...)
+		if err != nil {
+			return
+		}
+		firstMessage = s.firstMessage
+	}
+	req := bidiWriteObjectRequest(buf, offset, flush, finishWrite)
+	if firstMessage != nil {
+		proto.Merge(req, firstMessage)
+	}
+
+	sendErr := s.stream.Send(req)
+	if sendErr != nil {
+		obj, err = drainInboundStream(s.stream)
+		s.stream = nil
+		if sendErr != io.EOF {
+			err = sendErr
+		}
+		return
+	}
+	// Oneshot uploads assume all flushes succeed
+
+	if finishWrite {
+		s.stream.CloseSend()
+		// Oneshot uploads only read from the response stream on completion or
+		// failure
+		obj, err = drainInboundStream(s.stream)
+		s.stream = nil
+		if err == io.EOF {
+			err = nil
+		}
+	}
+	return
+}
+
+type gRPCResumableBidiWriteBufferSender struct {
+	queryRetry        *retryConfig
+	upid              string
+	progress          func(int64)
+	raw               *gapic.Client
+	forceFirstMessage bool
+	stream            storagepb.Storage_BidiWriteObjectClient
+	flushOffset       int64
+	settings          *settings
+}
+
+func (w *gRPCWriter) newGRPCResumableBidiWriteBufferSender(ctx context.Context) (*gRPCResumableBidiWriteBufferSender, error) {
+	req := &storagepb.StartResumableWriteRequest{
+		WriteObjectSpec:           w.spec,
+		CommonObjectRequestParams: toProtoCommonObjectRequestParams(w.encryptionKey),
+		// TODO: Currently the checksums are only sent on the request to initialize
+		// the upload, but in the future, we must also support sending it
+		// on the *last* message of the stream.
+		ObjectChecksums: toProtoChecksums(w.sendCRC32C, w.attrs),
+	}
+
+	var upid string
+	err := run(ctx, func(ctx context.Context) error {
+		upres, err := w.c.raw.StartResumableWrite(ctx, req, w.settings.gax...)
+		upid = upres.GetUploadId()
+		return err
+	}, w.settings.retry, w.settings.idempotent)
+	if err != nil {
+		return nil, err
+	}
+
+	// Set up an initial connection for the 0 offset, so we don't query state
+	// unnecessarily for the first buffer. If we fail, we'll just retry in the
+	// normal connect path.
+	stream, err := w.c.raw.BidiWriteObject(ctx, w.settings.gax...)
+	if err != nil {
+		stream = nil
+	}
+
+	return &gRPCResumableBidiWriteBufferSender{
+		queryRetry:        w.settings.retry,
+		upid:              upid,
+		progress:          w.progress,
+		raw:               w.c.raw,
+		forceFirstMessage: true,
+		stream:            stream,
+		settings:          w.settings,
+	}, nil
+}
+
+// queryProgress is a helper that queries the status of the resumable upload
+// associated with the given upload ID.
+func (s *gRPCResumableBidiWriteBufferSender) queryProgress(ctx context.Context) (int64, error) {
+	var persistedSize int64
+	err := run(ctx, func(ctx context.Context) error {
+		q, err := s.raw.QueryWriteStatus(ctx, &storagepb.QueryWriteStatusRequest{
+			UploadId: s.upid,
+		}, s.settings.gax...)
+		// q.GetPersistedSize() will return 0 if q is nil.
+		persistedSize = q.GetPersistedSize()
+		return err
+	}, s.queryRetry, true)
+
+	return persistedSize, err
+}
+
+func (s *gRPCResumableBidiWriteBufferSender) sendBuffer(ctx context.Context, buf []byte, offset int64, flush, finishWrite bool) (obj *storagepb.Object, err error) {
+	if s.stream == nil {
+		// Determine offset and reconnect
+		s.flushOffset, err = s.queryProgress(ctx)
+		if err != nil {
+			return
+		}
+		s.stream, err = s.raw.BidiWriteObject(ctx, s.settings.gax...)
+		if err != nil {
+			return
+		}
+		s.forceFirstMessage = true
+	}
+
+	// clean up buf. We'll still write the message if a flush/finishWrite was
+	// requested.
+	if offset < s.flushOffset {
+		trim := s.flushOffset - offset
+		if int64(len(buf)) <= trim {
+			trim = int64(len(buf))
+		}
+		buf = buf[trim:]
+		offset += trim
+	}
+	if len(buf) == 0 && !flush && !finishWrite {
+		// no need to send anything
+		return nil, nil
+	}
+
+	req := bidiWriteObjectRequest(buf, offset, flush, finishWrite)
+	if s.forceFirstMessage {
+		req.FirstMessage = &storagepb.BidiWriteObjectRequest_UploadId{UploadId: s.upid}
+		s.forceFirstMessage = false
+	}
+
+	sendErr := s.stream.Send(req)
+	if sendErr != nil {
+		obj, err = drainInboundStream(s.stream)
+		s.stream = nil
+		if err == io.EOF {
+			// This is unexpected - we got an error on Send(), but not on Recv().
+			// Bubble up the sendErr.
+			err = sendErr
+		}
+		return
+	}
+
+	if finishWrite {
+		s.stream.CloseSend()
+		obj, err = drainInboundStream(s.stream)
+		s.stream = nil
+		if err == io.EOF {
+			err = nil
+			if obj.GetSize() > s.flushOffset {
+				s.progress(obj.GetSize())
+			}
+		}
+		return
+	}
+
+	if flush {
+		resp, err := s.stream.Recv()
+		if err != nil {
+			return nil, err
+		}
+		persistedOffset := resp.GetPersistedSize()
+		if persistedOffset > s.flushOffset {
+			s.flushOffset = persistedOffset
+			s.progress(s.flushOffset)
+		}
+	}
+	return
+}
+
+// uploadBuffer uploads the buffer at the given offset using a bi-directional
+// Write stream. It will open a new stream if necessary (on the first call or
+// after resuming from failure) and chunk the buffer per maxPerMessageWriteSize.
+// The final Object is returned on success if doneReading is true.
+//
+// Returns object and any error that is not retriable.
+func (w *gRPCWriter) uploadBuffer(ctx context.Context, recvd int, start int64, doneReading bool) (obj *storagepb.Object, err error) {
+	if w.streamSender == nil {
+		if w.append {
+			// Appendable object semantics
+			w.streamSender, err = w.newGRPCAppendableObjectBufferSender()
+		} else if doneReading || w.forceOneShot {
+			// One shot semantics
+			w.streamSender, err = w.newGRPCOneshotBidiWriteBufferSender()
+		} else {
+			// Resumable write semantics
+			w.streamSender, err = w.newGRPCResumableBidiWriteBufferSender(ctx)
+		}
+		if err != nil {
+			return
+		}
+	}
+
+	data := w.buf[:recvd]
+	offset := start
+	// We want to go through this loop at least once, in case we have to
+	// finishWrite with an empty buffer.
+	for {
+		// Send as much as we can fit into a single gRPC message. Only flush once,
+		// when sending the very last message.
+		l := maxPerMessageWriteSize
+		flush := false
+		if len(data) <= l {
+			l = len(data)
+			flush = true
+		}
+		obj, err = w.streamSender.sendBuffer(ctx, data[:l], offset, flush, flush && doneReading)
+		if err != nil {
+			return nil, err
+		}
+		data = data[l:]
+		offset += int64(l)
+		if len(data) == 0 {
+			// Update object size to match persisted offset.
+			if obj != nil {
+				obj.Size = offset
+			}
+			break
+		}
+	}
+	return
+}
+
+// read copies the data in the reader to the given buffer and reports how much
+// data was read into the buffer and if there is no more data to read (EOF).
+// read returns when either 1. the buffer is full, 2. Writer.Flush was called,
+// or 3. Writer.Close was called.
+func (w *gRPCWriter) read() (int, bool, error) {
+	// Set n to -1 to start the Read loop.
+	var n, recvd int = -1, 0
+	var err error
+	for err == nil && n != 0 {
+		// The routine blocks here until data is received.
+		n, err = w.reader.Read(w.buf[recvd:])
+		recvd += n
+	}
+	var done bool
+	if err == io.EOF {
+		err = nil
+		// EOF can come from Writer.Flush or Writer.Close.
+		if w.flushInProgress {
+			// Reset pipe for additional writes after the flush.
+			pr, pw := io.Pipe()
+			w.reader = pr
+			w.pw = pw
+			w.setPipeWriter(pw)
+		} else {
+			done = true
+		}
+	}
+	return recvd, done, err
+}
+
+// flush flushes the current buffer regardless of whether it is full or not.
+// It's the implementation for Writer.Flush.
+func (w *gRPCWriter) flush() (int64, error) {
+	if !w.append {
+		return 0, errors.New("Flush is supported only if Writer.Append is set to true")
+	}
+
+	// Close PipeWriter to trigger EOF on read side of the stream.
+	w.flushInProgress = true
+	w.pw.Close()
+
+	// Wait for flush to complete
+	result := <-w.flushComplete
+	return result.offset, result.err
+}
+
+func checkCanceled(err error) error {
+	if status.Code(err) == codes.Canceled {
+		return context.Canceled
+	}
+
+	return err
+}
 
 type gRPCAppendBidiWriteBufferSender struct {
 	bucket          string
@@ -60,7 +689,7 @@ func (w *gRPCWriter) newGRPCAppendableObjectBufferSender() (*gRPCAppendBidiWrite
 	s := &gRPCAppendBidiWriteBufferSender{
 		bucket:   w.spec.GetResource().GetBucket(),
 		raw:      w.c.raw,
-		settings: w.c.settings,
+		settings: w.settings,
 		firstMessage: &storagepb.BidiWriteObjectRequest{
 			FirstMessage: &storagepb.BidiWriteObjectRequest_WriteObjectSpec{
 				WriteObjectSpec: w.spec,
@@ -82,7 +711,7 @@ func (w *gRPCWriter) newGRPCAppendTakeoverWriteBufferSender(ctx context.Context)
 	s := &gRPCAppendBidiWriteBufferSender{
 		bucket:   w.spec.GetResource().GetBucket(),
 		raw:      w.c.raw,
-		settings: w.c.settings,
+		settings: w.settings,
 		firstMessage: &storagepb.BidiWriteObjectRequest{
 			FirstMessage: &storagepb.BidiWriteObjectRequest_AppendObjectSpec{
 				AppendObjectSpec: w.appendSpec,
@@ -101,6 +730,11 @@ func (w *gRPCWriter) newGRPCAppendTakeoverWriteBufferSender(ctx context.Context)
 		return nil, err
 	}
 	firstResp := <-s.recvs
+	// Check recvErr after getting the response.
+	if s.recvErr != nil {
+		return nil, s.recvErr
+	}
+
 	// Object resource is returned in the first response on takeover, so capture
 	// this now.
 	s.objResource = firstResp.GetResource()
@@ -126,6 +760,10 @@ func (s *gRPCAppendBidiWriteBufferSender) connect(ctx context.Context) (err erro
 		if s.firstMessage.GetAppendObjectSpec().GetGeneration() != 0 {
 			return nil
 		}
+		// Also always ok to reconnect if we've seen a redirect token
+		if s.routingToken != nil {
+			return nil
+		}
 
 		// We can also reconnect if the first message has an if_generation_match or
 		// if_metageneration_match condition. Note that negative conditions like
@@ -208,7 +846,7 @@ func (s *gRPCAppendBidiWriteBufferSender) maybeUpdateFirstMessage(resp *storagep
 type bidiWriteObjectRedirectionError struct{}
 
 func (e bidiWriteObjectRedirectionError) Error() string {
-	return "BidiWriteObjectRedirectedError"
+	return ""
 }
 
 func (s *gRPCAppendBidiWriteBufferSender) handleRedirectionError(e *storagepb.BidiWriteObjectRedirectedError) bool {
@@ -253,10 +891,10 @@ func (s *gRPCAppendBidiWriteBufferSender) receiveMessages(resps chan<- *storagep
 	if st, ok := status.FromError(err); ok && st.Code() == codes.Aborted {
 		for _, d := range st.Details() {
 			if e, ok := d.(*storagepb.BidiWriteObjectRedirectedError); ok {
-				// If we can handle this error, replace it with the sentinel. Otherwise,
-				// report it to the user.
+				// If we can handle this error, wrap it with the sentinel so it gets
+				// retried.
 				if ok := s.handleRedirectionError(e); ok {
-					err = bidiWriteObjectRedirectionError{}
+					err = fmt.Errorf("%w%w", bidiWriteObjectRedirectionError{}, err)
 				}
 			}
 		}
@@ -374,12 +1012,6 @@ func (s *gRPCAppendBidiWriteBufferSender) sendBuffer(ctx context.Context, buf []
 			err = s.recvErr
 		}
 		s.stream = nil
-
-		// Retry transparently on a redirection error
-		if _, ok := err.(bidiWriteObjectRedirectionError); ok {
-			s.forceFirstMessage = true
-			continue
-		}
 		return
 	}
 }
diff --git a/vendor/cloud.google.com/go/storage/internal/version.go b/vendor/cloud.google.com/go/storage/internal/version.go
index 7651272b2f..215f04cde0 100644
--- a/vendor/cloud.google.com/go/storage/internal/version.go
+++ b/vendor/cloud.google.com/go/storage/internal/version.go
@@ -15,4 +15,4 @@
 package internal
 
 // Version is the current tagged release of the library.
-const Version = "1.52.0"
+const Version = "1.53.0"
diff --git a/vendor/cloud.google.com/go/storage/invoke.go b/vendor/cloud.google.com/go/storage/invoke.go
index 34b676c5fa..609d012230 100644
--- a/vendor/cloud.google.com/go/storage/invoke.go
+++ b/vendor/cloud.google.com/go/storage/invoke.go
@@ -53,6 +53,13 @@ var (
 	})
 )
 
+func (r *retryConfig) runShouldRetry(err error) bool {
+	if r == nil || r.shouldRetry == nil {
+		return ShouldRetry(err)
+	}
+	return r.shouldRetry(err)
+}
+
 // run determines whether a retry is necessary based on the config and
 // idempotency information. It then calls the function with or without retries
 // as appropriate, using the configured settings.
@@ -73,10 +80,6 @@ func run(ctx context.Context, call func(ctx context.Context) error, retry *retry
 		bo.Initial = retry.backoff.Initial
 		bo.Max = retry.backoff.Max
 	}
-	var errorFunc func(err error) bool = ShouldRetry
-	if retry.shouldRetry != nil {
-		errorFunc = retry.shouldRetry
-	}
 
 	var quitAfterTimer *time.Timer
 	if retry.maxRetryDuration != 0 {
@@ -103,7 +106,7 @@ func run(ctx context.Context, call func(ctx context.Context) error, retry *retry
 			return true, fmt.Errorf("storage: retry failed after %v attempts; last error: %w", *retry.maxAttempts, lastErr)
 		}
 		attempts++
-		retryable := errorFunc(lastErr)
+		retryable := retry.runShouldRetry(lastErr)
 		// Explicitly check context cancellation so that we can distinguish between a
 		// DEADLINE_EXCEEDED error from the server and a user-set context deadline.
 		// Unfortunately gRPC will codes.DeadlineExceeded (which may be retryable if it's
diff --git a/vendor/cloud.google.com/go/storage/reader.go b/vendor/cloud.google.com/go/storage/reader.go
index c3109f8b11..e1a8b9b674 100644
--- a/vendor/cloud.google.com/go/storage/reader.go
+++ b/vendor/cloud.google.com/go/storage/reader.go
@@ -161,7 +161,8 @@ func (o *ObjectHandle) NewRangeReader(ctx context.Context, offset, length int64)
 // Must be called on a gRPC client created using [NewGRPCClient].
 //
 // This uses the gRPC-specific bi-directional read API, which is in private
-// preview; please contact your account manager if interested.
+// preview; please contact your account manager if interested. The option
+// [experimental.WithGRPCBidiReads] must be selected in order to use this API.
 func (o *ObjectHandle) NewMultiRangeDownloader(ctx context.Context) (mrd *MultiRangeDownloader, err error) {
 	// This span covers the life of the reader. It is closed via the context
 	// in Reader.Close.
diff --git a/vendor/cloud.google.com/go/storage/storage.go b/vendor/cloud.google.com/go/storage/storage.go
index 18f461802c..a820666a48 100644
--- a/vendor/cloud.google.com/go/storage/storage.go
+++ b/vendor/cloud.google.com/go/storage/storage.go
@@ -1267,7 +1267,7 @@ func (o *ObjectHandle) NewWriter(ctx context.Context) *Writer {
 // This feature is in preview and is not yet available for general use.
 func (o *ObjectHandle) NewWriterFromAppendableObject(ctx context.Context, opts *AppendableWriterOpts) (*Writer, int64, error) {
 	ctx = trace.StartSpan(ctx, "cloud.google.com/go/storage.Object.Writer")
-	if o.gen == 0 {
+	if o.gen < 0 {
 		return nil, 0, errors.New("storage: ObjectHandle.Generation must be set to use NewWriterFromAppendableObject")
 	}
 	w := &Writer{
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/CHANGELOG.md b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/CHANGELOG.md
index bd9667d99f..926ed3882c 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/CHANGELOG.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Release History
 
+## 1.18.0 (2025-04-03)
+
+### Features Added
+
+* Added `AccessToken.RefreshOn` and updated `BearerTokenPolicy` to consider nonzero values of it when deciding whether to request a new token
+
+
 ## 1.17.1 (2025-03-20)
 
 ### Other Changes
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/exported/exported.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/exported/exported.go
index f2b296b6dc..460170034a 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/exported/exported.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/exported/exported.go
@@ -47,8 +47,13 @@ func HasStatusCode(resp *http.Response, statusCodes ...int) bool {
 // AccessToken represents an Azure service bearer access token with expiry information.
 // Exported as azcore.AccessToken.
 type AccessToken struct {
-	Token     string
+	// Token is the access token
+	Token string
+	// ExpiresOn indicates when the token expires
 	ExpiresOn time.Time
+	// RefreshOn is a suggested time to refresh the token.
+	// Clients should ignore this value when it's zero.
+	RefreshOn time.Time
 }
 
 // TokenRequestOptions contain specific parameter that may be used by credentials types when attempting to get a token.
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared/constants.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared/constants.go
index c8929e5969..85514db3b8 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared/constants.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/internal/shared/constants.go
@@ -40,5 +40,5 @@ const (
 	Module = "azcore"
 
 	// Version is the semantic version (see http://semver.org) of this module.
-	Version = "v1.17.1"
+	Version = "v1.18.0"
 )
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime/policy_bearer_token.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime/policy_bearer_token.go
index b26db920b0..1950a2e5b3 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime/policy_bearer_token.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime/policy_bearer_token.go
@@ -51,6 +51,15 @@ func acquire(state acquiringResourceState) (newResource exported.AccessToken, ne
 	return tk, tk.ExpiresOn, nil
 }
 
+// shouldRefresh determines whether the token should be refreshed. It's a variable so tests can replace it.
+var shouldRefresh = func(tk exported.AccessToken, _ acquiringResourceState) bool {
+	if tk.RefreshOn.IsZero() {
+		return tk.ExpiresOn.Add(-5 * time.Minute).Before(time.Now())
+	}
+	// no offset in this case because the authority suggested a refresh window--between RefreshOn and ExpiresOn
+	return tk.RefreshOn.Before(time.Now())
+}
+
 // NewBearerTokenPolicy creates a policy object that authorizes requests with bearer tokens.
 // cred: an azcore.TokenCredential implementation such as a credential object from azidentity
 // scopes: the list of permission scopes required for the token.
@@ -69,11 +78,14 @@ func NewBearerTokenPolicy(cred exported.TokenCredential, scopes []string, opts *
 			return authNZ(policy.TokenRequestOptions{Scopes: scopes})
 		}
 	}
+	mr := temporal.NewResourceWithOptions(acquire, temporal.ResourceOptions[exported.AccessToken, acquiringResourceState]{
+		ShouldRefresh: shouldRefresh,
+	})
 	return &BearerTokenPolicy{
 		authzHandler: ah,
 		cred:         cred,
 		scopes:       scopes,
-		mainResource: temporal.NewResource(acquire),
+		mainResource: mr,
 		allowHTTP:    opts.InsecureAllowCredentialWithHTTP,
 	}
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/CHANGELOG.md b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/CHANGELOG.md
index 11c64eb294..84e7941e4f 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/CHANGELOG.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/CHANGELOG.md
@@ -1,5 +1,29 @@
 # Release History
 
+## 1.10.1 (2025-06-10)
+
+### Bugs Fixed
+- `AzureCLICredential` and `AzureDeveloperCLICredential` could wait indefinitely for subprocess output
+
+## 1.10.0 (2025-05-14)
+
+### Features Added
+- `DefaultAzureCredential` reads environment variable `AZURE_TOKEN_CREDENTIALS` to enable a subset of its credentials:
+  - `dev` selects `AzureCLICredential` and `AzureDeveloperCLICredential`
+  - `prod` selects `EnvironmentCredential`, `WorkloadIdentityCredential` and `ManagedIdentityCredential`
+
+## 1.9.0 (2025-04-08)
+
+### Features Added
+* `GetToken()` sets `AccessToken.RefreshOn` when the token provider specifies a value
+
+### Other Changes
+* `NewManagedIdentityCredential` logs the configured user-assigned identity, if any
+* Deprecated `UsernamePasswordCredential` because it can't support multifactor
+  authentication (MFA), which Microsoft Entra ID requires for most tenants. See
+  https://aka.ms/azsdk/identity/mfa for migration guidance.
+* Updated dependencies
+
 ## 1.8.2 (2025-02-12)
 
 ### Other Changes
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/README.md b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/README.md
index 5cc64c08f2..069bc688d5 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/README.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/README.md
@@ -21,7 +21,7 @@ go get -u github.com/Azure/azure-sdk-for-go/sdk/azidentity
 ## Prerequisites
 
 - an [Azure subscription](https://azure.microsoft.com/free/)
-- Go 1.18
+- [Supported](https://aka.ms/azsdk/go/supported-versions) version of Go
 
 ### Authenticating during local development
 
@@ -146,7 +146,6 @@ client := armresources.NewResourceGroupsClient("subscription ID", chain, nil)
 |-|-
 |[InteractiveBrowserCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#InteractiveBrowserCredential)|Interactively authenticate a user with the default web browser
 |[DeviceCodeCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#DeviceCodeCredential)|Interactively authenticate a user on a device with limited UI
-|[UsernamePasswordCredential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#UsernamePasswordCredential)|Authenticate a user with a username and password
 
 ### Authenticating via Development Tools
 
@@ -159,7 +158,7 @@ client := armresources.NewResourceGroupsClient("subscription ID", chain, nil)
 
 `DefaultAzureCredential` and `EnvironmentCredential` can be configured with environment variables. Each type of authentication requires values for specific variables:
 
-#### Service principal with secret
+### Service principal with secret
 
 |variable name|value
 |-|-
@@ -167,7 +166,7 @@ client := armresources.NewResourceGroupsClient("subscription ID", chain, nil)
 |`AZURE_TENANT_ID`|ID of the application's Microsoft Entra tenant
 |`AZURE_CLIENT_SECRET`|one of the application's client secrets
 
-#### Service principal with certificate
+### Service principal with certificate
 
 |variable name|value
 |-|-
@@ -176,16 +175,7 @@ client := armresources.NewResourceGroupsClient("subscription ID", chain, nil)
 |`AZURE_CLIENT_CERTIFICATE_PATH`|path to a certificate file including private key
 |`AZURE_CLIENT_CERTIFICATE_PASSWORD`|password of the certificate file, if any
 
-#### Username and password
-
-|variable name|value
-|-|-
-|`AZURE_CLIENT_ID`|ID of a Microsoft Entra application
-|`AZURE_USERNAME`|a username (usually an email address)
-|`AZURE_PASSWORD`|that user's password
-
-Configuration is attempted in the above order. For example, if values for a
-client secret and certificate are both present, the client secret will be used.
+Configuration is attempted in the above order. For example, if values for a client secret and certificate are both present, the client secret will be used.
 
 ## Token caching
 
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TOKEN_CACHING.MD b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TOKEN_CACHING.MD
index 8fc7c64aa3..da2094e36b 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TOKEN_CACHING.MD
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TOKEN_CACHING.MD
@@ -22,11 +22,11 @@ Some credential types support opt-in persistent token caching (see [the below ta
 
 Persistent caches are encrypted at rest using a mechanism that depends on the operating system:
 
-| Operating system | Encryption facility                            |
-| ---------------- | ---------------------------------------------- |
-| Linux            | kernel key retention service (keyctl)          |
-| macOS            | Keychain (requires cgo and native build tools) |
-| Windows          | Data Protection API (DPAPI)                    |
+| Operating system | Encryption facility                   | Limitations                                                                                                                                                                                                                                      |
+| ---------------- | ------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| Linux            | kernel key retention service (keyctl) | Cache data is lost on system shutdown because kernel keys are stored in memory. Depending on kernel compile options, data may also be lost on logout, or storage may be impossible because the key retention service isn't available. |
+| macOS            | Keychain                              | Building requires cgo and native build tools. Keychain access requires a graphical session, so persistent caching isn't possible in a headless environment such as an SSH session (macOS as host).                                               |
+| Windows          | Data Protection API (DPAPI)           | No specific limitations.                                                                                                                                                                                                                         |
 
 Persistent caching requires encryption. When the required encryption facility is unuseable, or the application is running on an unsupported OS, the persistent cache constructor returns an error. This doesn't mean that authentication is impossible, only that credentials can't persist authentication data and the application will need to reauthenticate the next time it runs. See the package documentation for examples showing how to configure persistent caching and access cached data for [users][user_example] and [service principals][sp_example].
 
@@ -50,7 +50,6 @@ The following table indicates the state of in-memory and persistent caching in e
 | `InteractiveBrowserCredential` | Supported                                                           | Supported                |
 | `ManagedIdentityCredential`    | Supported                                                           | Not Supported            |
 | `OnBehalfOfCredential`         | Supported                                                           | Not Supported            |
-| `UsernamePasswordCredential`   | Supported                                                           | Supported                |
 | `WorkloadIdentityCredential`   | Supported                                                           | Supported                |
 
 [sp_example]: https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity#example-package-PersistentServicePrincipalAuthentication
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TROUBLESHOOTING.md b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TROUBLESHOOTING.md
index 9c4b1cd71c..91f4f05cc0 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TROUBLESHOOTING.md
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/TROUBLESHOOTING.md
@@ -20,7 +20,6 @@ This troubleshooting guide covers failure investigation techniques, common error
   - [Azure App Service and Azure Functions managed identity](#azure-app-service-and-azure-functions-managed-identity)
   - [Azure Kubernetes Service managed identity](#azure-kubernetes-service-managed-identity)
   - [Azure Virtual Machine managed identity](#azure-virtual-machine-managed-identity)
-- [Troubleshoot UsernamePasswordCredential authentication issues](#troubleshoot-usernamepasswordcredential-authentication-issues)
 - [Troubleshoot WorkloadIdentityCredential authentication issues](#troubleshoot-workloadidentitycredential-authentication-issues)
 - [Get additional help](#get-additional-help)
 
@@ -111,13 +110,6 @@ azlog.SetEvents(azidentity.EventAuthentication)
 |AADSTS700027|Client assertion contains an invalid signature.|Ensure the specified certificate has been uploaded to the application registration as described in [Microsoft Entra ID documentation](https://learn.microsoft.com/entra/identity-platform/howto-create-service-principal-portal#option-1-upload-a-certificate).|
 |AADSTS700016|The specified application wasn't found in the specified tenant.|Ensure the client and tenant IDs provided to the credential constructor are correct for your application registration. For multi-tenant apps, ensure the application has been added to the desired tenant by a tenant admin. To add a new application in the desired tenant, follow the [Microsoft Entra ID instructions](https://learn.microsoft.com/entra/identity-platform/howto-create-service-principal-portal).|
 
-<a id="username-password"></a>
-## Troubleshoot UsernamePasswordCredential authentication issues
-
-| Error Code | Issue | Mitigation |
-|---|---|---|
-|AADSTS50126|The provided username or password is invalid.|Ensure the username and password provided to the credential constructor are valid.|
-
 <a id="managed-id"></a>
 ## Troubleshoot ManagedIdentityCredential authentication issues
 
@@ -181,6 +173,7 @@ curl "$IDENTITY_ENDPOINT?resource=https://management.core.windows.net&api-versio
 |---|---|---|
 |Azure CLI not found on path|The Azure CLI isn’t installed or isn't on the application's path.|<ul><li>Ensure the Azure CLI is installed as described in [Azure CLI documentation](https://learn.microsoft.com/cli/azure/install-azure-cli).</li><li>Validate the installation location is in the application's `PATH` environment variable.</li></ul>|
 |Please run 'az login' to set up account|No account is currently logged into the Azure CLI, or the login has expired.|<ul><li>Run `az login` to log into the Azure CLI. More information about Azure CLI authentication is available in the [Azure CLI documentation](https://learn.microsoft.com/cli/azure/authenticate-azure-cli).</li><li>Verify that the Azure CLI can obtain tokens. See [below](#verify-the-azure-cli-can-obtain-tokens) for instructions.</li></ul>|
+|Subscription "[your subscription]" contains invalid characters. If this is the name of a subscription, use its ID instead|The subscription name contains a character that may not be safe in a command line.|Use the subscription's ID instead of its name. You can get this from the Azure CLI: `az account show --name "[your subscription]" --query "id"`
 
 #### Verify the Azure CLI can obtain tokens
 
@@ -226,7 +219,7 @@ azd auth token --output json --scope https://management.core.windows.net/.defaul
 
 | Error Message |Description| Mitigation |
 |---|---|---|
-|no client ID/tenant ID/token file specified|Incomplete configuration|In most cases these values are provided via environment variables set by Azure Workload Identity.<ul><li>If your application runs on Azure Kubernetes Servide (AKS) or a cluster that has deployed the Azure Workload Identity admission webhook, check pod labels and service account configuration. See the [AKS documentation](https://learn.microsoft.com/azure/aks/workload-identity-deploy-cluster#disable-workload-identity) and [Azure Workload Identity troubleshooting guide](https://azure.github.io/azure-workload-identity/docs/troubleshooting.html) for more details.<li>If your application isn't running on AKS or your cluster hasn't deployed the Workload Identity admission webhook, set these values in `WorkloadIdentityCredentialOptions`
+|no client ID/tenant ID/token file specified|Incomplete configuration|In most cases these values are provided via environment variables set by Azure Workload Identity.<ul><li>If your application runs on Azure Kubernetes Service (AKS) or a cluster that has deployed the Azure Workload Identity admission webhook, check pod labels and service account configuration. See the [AKS documentation](https://learn.microsoft.com/azure/aks/workload-identity-deploy-cluster#disable-workload-identity) and [Azure Workload Identity troubleshooting guide](https://azure.github.io/azure-workload-identity/docs/troubleshooting.html) for more details.<li>If your application isn't running on AKS or your cluster hasn't deployed the Workload Identity admission webhook, set these values in `WorkloadIdentityCredentialOptions`
 
 <a id="apc"></a>
 ## Troubleshoot AzurePipelinesCredential authentication issues
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/assets.json b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/assets.json
index 045f87acd5..4118f99ef2 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/assets.json
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/assets.json
@@ -2,5 +2,5 @@
   "AssetsRepo": "Azure/azure-sdk-assets",
   "AssetsRepoPrefixPath": "go",
   "TagPrefix": "go/azidentity",
-  "Tag": "go/azidentity_c55452bbf6"
+  "Tag": "go/azidentity_191110b0dd"
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azidentity.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azidentity.go
index 40a94154c6..bd196ddd32 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azidentity.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azidentity.go
@@ -22,6 +22,7 @@ import (
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/streaming"
 	"github.com/Azure/azure-sdk-for-go/sdk/azidentity/internal"
 	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
+	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity"
 	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/public"
 )
 
@@ -208,6 +209,10 @@ type msalConfidentialClient interface {
 	AcquireTokenOnBehalfOf(ctx context.Context, userAssertion string, scopes []string, options ...confidential.AcquireOnBehalfOfOption) (confidential.AuthResult, error)
 }
 
+type msalManagedIdentityClient interface {
+	AcquireToken(context.Context, string, ...managedidentity.AcquireTokenOption) (managedidentity.AuthResult, error)
+}
+
 // enables fakes for test scenarios
 type msalPublicClient interface {
 	AcquireTokenSilent(ctx context.Context, scopes []string, options ...public.AcquireSilentOption) (public.AuthResult, error)
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_cli_credential.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_cli_credential.go
index 36e359a099..0fd03f4563 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_cli_credential.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_cli_credential.go
@@ -148,8 +148,14 @@ var defaultAzTokenProvider azTokenProvider = func(ctx context.Context, scopes []
 	cliCmd.Env = os.Environ()
 	var stderr bytes.Buffer
 	cliCmd.Stderr = &stderr
+	cliCmd.WaitDelay = 100 * time.Millisecond
 
-	output, err := cliCmd.Output()
+	stdout, err := cliCmd.Output()
+	if errors.Is(err, exec.ErrWaitDelay) && len(stdout) > 0 {
+		// The child process wrote to stdout and exited without closing it.
+		// Swallow this error and return stdout because it may contain a token.
+		return stdout, nil
+	}
 	if err != nil {
 		msg := stderr.String()
 		var exErr *exec.ExitError
@@ -162,7 +168,7 @@ var defaultAzTokenProvider azTokenProvider = func(ctx context.Context, scopes []
 		return nil, newCredentialUnavailableError(credNameAzureCLI, msg)
 	}
 
-	return output, nil
+	return stdout, nil
 }
 
 func (c *AzureCLICredential) createAccessToken(tk []byte) (azcore.AccessToken, error) {
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_developer_cli_credential.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_developer_cli_credential.go
index 46d0b55192..1bd3720b64 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_developer_cli_credential.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/azure_developer_cli_credential.go
@@ -130,7 +130,14 @@ var defaultAzdTokenProvider azdTokenProvider = func(ctx context.Context, scopes
 	cliCmd.Env = os.Environ()
 	var stderr bytes.Buffer
 	cliCmd.Stderr = &stderr
-	output, err := cliCmd.Output()
+	cliCmd.WaitDelay = 100 * time.Millisecond
+
+	stdout, err := cliCmd.Output()
+	if errors.Is(err, exec.ErrWaitDelay) && len(stdout) > 0 {
+		// The child process wrote to stdout and exited without closing it.
+		// Swallow this error and return stdout because it may contain a token.
+		return stdout, nil
+	}
 	if err != nil {
 		msg := stderr.String()
 		var exErr *exec.ExitError
@@ -144,7 +151,7 @@ var defaultAzdTokenProvider azdTokenProvider = func(ctx context.Context, scopes
 		}
 		return nil, newCredentialUnavailableError(credNameAzureDeveloperCLI, msg)
 	}
-	return output, nil
+	return stdout, nil
 }
 
 func (c *AzureDeveloperCLICredential) createAccessToken(tk []byte) (azcore.AccessToken, error) {
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/confidential_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/confidential_client.go
index 92f508094d..58c4b585c1 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/confidential_client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/confidential_client.go
@@ -118,7 +118,7 @@ func (c *confidentialClient) GetToken(ctx context.Context, tro policy.TokenReque
 		msg := fmt.Sprintf(scopeLogFmt, c.name, strings.Join(ar.GrantedScopes, ", "))
 		log.Write(EventAuthentication, msg)
 	}
-	return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
+	return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC(), RefreshOn: ar.Metadata.RefreshOn.UTC()}, err
 }
 
 func (c *confidentialClient) client(tro policy.TokenRequestOptions) (msalConfidentialClient, *sync.Mutex, error) {
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/default_azure_credential.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/default_azure_credential.go
index 14af271f6a..f2a31ee6ac 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/default_azure_credential.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/default_azure_credential.go
@@ -8,6 +8,7 @@ package azidentity
 
 import (
 	"context"
+	"fmt"
 	"os"
 	"strings"
 
@@ -16,6 +17,8 @@ import (
 	"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
 )
 
+const azureTokenCredentials = "AZURE_TOKEN_CREDENTIALS"
+
 // DefaultAzureCredentialOptions contains optional parameters for DefaultAzureCredential.
 // These options may not apply to all credentials in the chain.
 type DefaultAzureCredentialOptions struct {
@@ -36,7 +39,7 @@ type DefaultAzureCredentialOptions struct {
 	// the application responsible for ensuring the configured authority is valid and trustworthy.
 	DisableInstanceDiscovery bool
 
-	// TenantID sets the default tenant for authentication via the Azure CLI and workload identity.
+	// TenantID sets the default tenant for authentication via the Azure CLI, Azure Developer CLI, and workload identity.
 	TenantID string
 }
 
@@ -67,8 +70,22 @@ type DefaultAzureCredential struct {
 
 // NewDefaultAzureCredential creates a DefaultAzureCredential. Pass nil for options to accept defaults.
 func NewDefaultAzureCredential(options *DefaultAzureCredentialOptions) (*DefaultAzureCredential, error) {
-	var creds []azcore.TokenCredential
-	var errorMessages []string
+	var (
+		creds                   []azcore.TokenCredential
+		errorMessages           []string
+		includeDev, includeProd = true, true
+	)
+
+	if c, ok := os.LookupEnv(azureTokenCredentials); ok {
+		switch c {
+		case "dev":
+			includeProd = false
+		case "prod":
+			includeDev = false
+		default:
+			return nil, fmt.Errorf(`invalid %s value %q. Valid values are "dev" and "prod"`, azureTokenCredentials, c)
+		}
+	}
 
 	if options == nil {
 		options = &DefaultAzureCredentialOptions{}
@@ -80,60 +97,63 @@ func NewDefaultAzureCredential(options *DefaultAzureCredentialOptions) (*Default
 		}
 	}
 
-	envCred, err := NewEnvironmentCredential(&EnvironmentCredentialOptions{
-		ClientOptions:              options.ClientOptions,
-		DisableInstanceDiscovery:   options.DisableInstanceDiscovery,
-		additionallyAllowedTenants: additionalTenants,
-	})
-	if err == nil {
-		creds = append(creds, envCred)
-	} else {
-		errorMessages = append(errorMessages, "EnvironmentCredential: "+err.Error())
-		creds = append(creds, &defaultCredentialErrorReporter{credType: "EnvironmentCredential", err: err})
-	}
-
-	wic, err := NewWorkloadIdentityCredential(&WorkloadIdentityCredentialOptions{
-		AdditionallyAllowedTenants: additionalTenants,
-		ClientOptions:              options.ClientOptions,
-		DisableInstanceDiscovery:   options.DisableInstanceDiscovery,
-		TenantID:                   options.TenantID,
-	})
-	if err == nil {
-		creds = append(creds, wic)
-	} else {
-		errorMessages = append(errorMessages, credNameWorkloadIdentity+": "+err.Error())
-		creds = append(creds, &defaultCredentialErrorReporter{credType: credNameWorkloadIdentity, err: err})
-	}
+	if includeProd {
+		envCred, err := NewEnvironmentCredential(&EnvironmentCredentialOptions{
+			ClientOptions:              options.ClientOptions,
+			DisableInstanceDiscovery:   options.DisableInstanceDiscovery,
+			additionallyAllowedTenants: additionalTenants,
+		})
+		if err == nil {
+			creds = append(creds, envCred)
+		} else {
+			errorMessages = append(errorMessages, "EnvironmentCredential: "+err.Error())
+			creds = append(creds, &defaultCredentialErrorReporter{credType: "EnvironmentCredential", err: err})
+		}
 
-	o := &ManagedIdentityCredentialOptions{ClientOptions: options.ClientOptions, dac: true}
-	if ID, ok := os.LookupEnv(azureClientID); ok {
-		o.ID = ClientID(ID)
-	}
-	miCred, err := NewManagedIdentityCredential(o)
-	if err == nil {
-		creds = append(creds, miCred)
-	} else {
-		errorMessages = append(errorMessages, credNameManagedIdentity+": "+err.Error())
-		creds = append(creds, &defaultCredentialErrorReporter{credType: credNameManagedIdentity, err: err})
-	}
+		wic, err := NewWorkloadIdentityCredential(&WorkloadIdentityCredentialOptions{
+			AdditionallyAllowedTenants: additionalTenants,
+			ClientOptions:              options.ClientOptions,
+			DisableInstanceDiscovery:   options.DisableInstanceDiscovery,
+			TenantID:                   options.TenantID,
+		})
+		if err == nil {
+			creds = append(creds, wic)
+		} else {
+			errorMessages = append(errorMessages, credNameWorkloadIdentity+": "+err.Error())
+			creds = append(creds, &defaultCredentialErrorReporter{credType: credNameWorkloadIdentity, err: err})
+		}
 
-	cliCred, err := NewAzureCLICredential(&AzureCLICredentialOptions{AdditionallyAllowedTenants: additionalTenants, TenantID: options.TenantID})
-	if err == nil {
-		creds = append(creds, cliCred)
-	} else {
-		errorMessages = append(errorMessages, credNameAzureCLI+": "+err.Error())
-		creds = append(creds, &defaultCredentialErrorReporter{credType: credNameAzureCLI, err: err})
+		o := &ManagedIdentityCredentialOptions{ClientOptions: options.ClientOptions, dac: true}
+		if ID, ok := os.LookupEnv(azureClientID); ok {
+			o.ID = ClientID(ID)
+		}
+		miCred, err := NewManagedIdentityCredential(o)
+		if err == nil {
+			creds = append(creds, miCred)
+		} else {
+			errorMessages = append(errorMessages, credNameManagedIdentity+": "+err.Error())
+			creds = append(creds, &defaultCredentialErrorReporter{credType: credNameManagedIdentity, err: err})
+		}
 	}
+	if includeDev {
+		azCred, err := NewAzureCLICredential(&AzureCLICredentialOptions{AdditionallyAllowedTenants: additionalTenants, TenantID: options.TenantID})
+		if err == nil {
+			creds = append(creds, azCred)
+		} else {
+			errorMessages = append(errorMessages, credNameAzureCLI+": "+err.Error())
+			creds = append(creds, &defaultCredentialErrorReporter{credType: credNameAzureCLI, err: err})
+		}
 
-	azdCred, err := NewAzureDeveloperCLICredential(&AzureDeveloperCLICredentialOptions{
-		AdditionallyAllowedTenants: additionalTenants,
-		TenantID:                   options.TenantID,
-	})
-	if err == nil {
-		creds = append(creds, azdCred)
-	} else {
-		errorMessages = append(errorMessages, credNameAzureDeveloperCLI+": "+err.Error())
-		creds = append(creds, &defaultCredentialErrorReporter{credType: credNameAzureDeveloperCLI, err: err})
+		azdCred, err := NewAzureDeveloperCLICredential(&AzureDeveloperCLICredentialOptions{
+			AdditionallyAllowedTenants: additionalTenants,
+			TenantID:                   options.TenantID,
+		})
+		if err == nil {
+			creds = append(creds, azdCred)
+		} else {
+			errorMessages = append(errorMessages, credNameAzureDeveloperCLI+": "+err.Error())
+			creds = append(creds, &defaultCredentialErrorReporter{credType: credNameAzureDeveloperCLI, err: err})
+		}
 	}
 
 	if len(errorMessages) > 0 {
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/environment_credential.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/environment_credential.go
index b30f5474f5..9b5e17dcde 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/environment_credential.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/environment_credential.go
@@ -60,21 +60,13 @@ type EnvironmentCredentialOptions struct {
 // Note that this credential uses [ParseCertificates] to load the certificate and key from the file. If this
 // function isn't able to parse your certificate, use [ClientCertificateCredential] instead.
 //
-// # User with username and password
-//
-// AZURE_TENANT_ID: (optional) tenant to authenticate in. Defaults to "organizations".
-//
-// AZURE_CLIENT_ID: client ID of the application the user will authenticate to
-//
-// AZURE_USERNAME: a username (usually an email address)
-//
-// AZURE_PASSWORD: the user's password
-//
 // # Configuration for multitenant applications
 //
 // To enable multitenant authentication, set AZURE_ADDITIONALLY_ALLOWED_TENANTS with a semicolon delimited list of tenants
 // the credential may request tokens from in addition to the tenant specified by AZURE_TENANT_ID. Set
 // AZURE_ADDITIONALLY_ALLOWED_TENANTS to "*" to enable the credential to request a token from any tenant.
+//
+// [Entra ID documentation]: https://aka.ms/azsdk/identity/mfa
 type EnvironmentCredential struct {
 	cred azcore.TokenCredential
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/errors.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/errors.go
index b05cb035a8..a6d7c6cbc7 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/errors.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/errors.go
@@ -103,8 +103,6 @@ func (e *AuthenticationFailedError) Error() string {
 		anchor = "client-secret"
 	case credNameManagedIdentity:
 		anchor = "managed-id"
-	case credNameUserPassword:
-		anchor = "username-password"
 	case credNameWorkloadIdentity:
 		anchor = "workload"
 	}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/go.work b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/go.work
index 04ea962b42..6dd5b3d64d 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/go.work
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/go.work
@@ -1,4 +1,4 @@
-go 1.18
+go 1.23.0
 
 use (
 	.
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed-identity-matrix.json b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed-identity-matrix.json
index 1c3791777a..edd56f9d57 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed-identity-matrix.json
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed-identity-matrix.json
@@ -9,7 +9,7 @@
                 }
             },
             "GoVersion": [
-                "1.22.1"
+                "env:GO_VERSION_PREVIOUS"
             ],
             "IDENTITY_IMDS_AVAILABLE": "1"
         }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_client.go
index cc07fd7015..b3a0f85883 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_client.go
@@ -8,24 +8,18 @@ package azidentity
 
 import (
 	"context"
-	"encoding/json"
 	"errors"
 	"fmt"
 	"net/http"
-	"net/url"
-	"os"
-	"path/filepath"
-	"runtime"
-	"strconv"
 	"strings"
 	"time"
 
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
 	azruntime "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
-	"github.com/Azure/azure-sdk-for-go/sdk/azcore/streaming"
 	"github.com/Azure/azure-sdk-for-go/sdk/internal/log"
-	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
+	msalerrors "github.com/AzureAD/microsoft-authentication-library-for-go/apps/errors"
+	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity"
 )
 
 const (
@@ -41,59 +35,20 @@ const (
 	msiResID                 = "msi_res_id"
 	msiSecret                = "MSI_SECRET"
 	imdsAPIVersion           = "2018-02-01"
-	azureArcAPIVersion       = "2019-08-15"
+	azureArcAPIVersion       = "2020-06-01"
 	qpClientID               = "client_id"
 	serviceFabricAPIVersion  = "2019-07-01-preview"
 )
 
 var imdsProbeTimeout = time.Second
 
-type msiType int
-
-const (
-	msiTypeAppService msiType = iota
-	msiTypeAzureArc
-	msiTypeAzureML
-	msiTypeCloudShell
-	msiTypeIMDS
-	msiTypeServiceFabric
-)
-
 type managedIdentityClient struct {
-	azClient  *azcore.Client
-	endpoint  string
-	id        ManagedIDKind
-	msiType   msiType
-	probeIMDS bool
+	azClient                      *azcore.Client
+	imds, probeIMDS, userAssigned bool
 	// chained indicates whether the client is part of a credential chain. If true, the client will return
 	// a credentialUnavailableError instead of an AuthenticationFailedError for an unexpected IMDS response.
-	chained bool
-}
-
-// arcKeyDirectory returns the directory expected to contain Azure Arc keys
-var arcKeyDirectory = func() (string, error) {
-	switch runtime.GOOS {
-	case "linux":
-		return "/var/opt/azcmagent/tokens", nil
-	case "windows":
-		pd := os.Getenv("ProgramData")
-		if pd == "" {
-			return "", errors.New("environment variable ProgramData has no value")
-		}
-		return filepath.Join(pd, "AzureConnectedMachineAgent", "Tokens"), nil
-	default:
-		return "", fmt.Errorf("unsupported OS %q", runtime.GOOS)
-	}
-}
-
-type wrappedNumber json.Number
-
-func (n *wrappedNumber) UnmarshalJSON(b []byte) error {
-	c := string(b)
-	if c == "\"\"" {
-		return nil
-	}
-	return json.Unmarshal(b, (*json.Number)(n))
+	chained    bool
+	msalClient msalManagedIdentityClient
 }
 
 // setIMDSRetryOptionDefaults sets zero-valued fields to default values appropriate for IMDS
@@ -141,51 +96,20 @@ func newManagedIdentityClient(options *ManagedIdentityCredentialOptions) (*manag
 		options = &ManagedIdentityCredentialOptions{}
 	}
 	cp := options.ClientOptions
-	c := managedIdentityClient{id: options.ID, endpoint: imdsEndpoint, msiType: msiTypeIMDS}
-	env := "IMDS"
-	if endpoint, ok := os.LookupEnv(identityEndpoint); ok {
-		if _, ok := os.LookupEnv(identityHeader); ok {
-			if _, ok := os.LookupEnv(identityServerThumbprint); ok {
-				if options.ID != nil {
-					return nil, errors.New("the Service Fabric API doesn't support specifying a user-assigned identity at runtime. The identity is determined by cluster resource configuration. See https://aka.ms/servicefabricmi")
-				}
-				env = "Service Fabric"
-				c.endpoint = endpoint
-				c.msiType = msiTypeServiceFabric
-			} else {
-				env = "App Service"
-				c.endpoint = endpoint
-				c.msiType = msiTypeAppService
-			}
-		} else if _, ok := os.LookupEnv(arcIMDSEndpoint); ok {
-			if options.ID != nil {
-				return nil, errors.New("the Azure Arc API doesn't support specifying a user-assigned managed identity at runtime")
-			}
-			env = "Azure Arc"
-			c.endpoint = endpoint
-			c.msiType = msiTypeAzureArc
-		}
-	} else if endpoint, ok := os.LookupEnv(msiEndpoint); ok {
-		c.endpoint = endpoint
-		if _, ok := os.LookupEnv(msiSecret); ok {
-			if options.ID != nil && options.ID.idKind() != miClientID {
-				return nil, errors.New("the Azure ML API supports specifying a user-assigned managed identity by client ID only")
-			}
-			env = "Azure ML"
-			c.msiType = msiTypeAzureML
-		} else {
-			if options.ID != nil {
-				return nil, errors.New("the Cloud Shell API doesn't support user-assigned managed identities")
-			}
-			env = "Cloud Shell"
-			c.msiType = msiTypeCloudShell
-		}
-	} else {
+	c := managedIdentityClient{}
+	source, err := managedidentity.GetSource()
+	if err != nil {
+		return nil, err
+	}
+	env := string(source)
+	if source == managedidentity.DefaultToIMDS {
+		env = "IMDS"
+		c.imds = true
 		c.probeIMDS = options.dac
 		setIMDSRetryOptionDefaults(&cp.Retry)
 	}
 
-	client, err := azcore.NewClient(module, version, azruntime.PipelineOptions{
+	c.azClient, err = azcore.NewClient(module, version, azruntime.PipelineOptions{
 		Tracing: azruntime.TracingOptions{
 			Namespace: traceNamespace,
 		},
@@ -193,28 +117,53 @@ func newManagedIdentityClient(options *ManagedIdentityCredentialOptions) (*manag
 	if err != nil {
 		return nil, err
 	}
-	c.azClient = client
+
+	id := managedidentity.SystemAssigned()
+	if options.ID != nil {
+		c.userAssigned = true
+		switch s := options.ID.String(); options.ID.idKind() {
+		case miClientID:
+			id = managedidentity.UserAssignedClientID(s)
+		case miObjectID:
+			id = managedidentity.UserAssignedObjectID(s)
+		case miResourceID:
+			id = managedidentity.UserAssignedResourceID(s)
+		}
+	}
+	msalClient, err := managedidentity.New(id, managedidentity.WithHTTPClient(&c), managedidentity.WithRetryPolicyDisabled())
+	if err != nil {
+		return nil, err
+	}
+	c.msalClient = &msalClient
 
 	if log.Should(EventAuthentication) {
-		log.Writef(EventAuthentication, "Managed Identity Credential will use %s managed identity", env)
+		msg := fmt.Sprintf("%s will use %s managed identity", credNameManagedIdentity, env)
+		if options.ID != nil {
+			kind := "client"
+			switch options.ID.(type) {
+			case ObjectID:
+				kind = "object"
+			case ResourceID:
+				kind = "resource"
+			}
+			msg += fmt.Sprintf(" with %s ID %q", kind, options.ID.String())
+		}
+		log.Write(EventAuthentication, msg)
 	}
 
 	return &c, nil
 }
 
-// provideToken acquires a token for MSAL's confidential.Client, which caches the token
-func (c *managedIdentityClient) provideToken(ctx context.Context, params confidential.TokenProviderParameters) (confidential.TokenProviderResult, error) {
-	result := confidential.TokenProviderResult{}
-	tk, err := c.authenticate(ctx, c.id, params.Scopes)
-	if err == nil {
-		result.AccessToken = tk.Token
-		result.ExpiresInSeconds = int(time.Until(tk.ExpiresOn).Seconds())
-	}
-	return result, err
+func (*managedIdentityClient) CloseIdleConnections() {
+	// do nothing
+}
+
+func (c *managedIdentityClient) Do(r *http.Request) (*http.Response, error) {
+	return doForClient(c.azClient, r)
 }
 
 // authenticate acquires an access token
-func (c *managedIdentityClient) authenticate(ctx context.Context, id ManagedIDKind, scopes []string) (azcore.AccessToken, error) {
+func (c *managedIdentityClient) GetToken(ctx context.Context, tro policy.TokenRequestOptions) (azcore.AccessToken, error) {
 	// no need to synchronize around this value because it's true only when DefaultAzureCredential constructed the client,
 	// and in that case ChainedTokenCredential.GetToken synchronizes goroutines that would execute this block
 	if c.probeIMDS {
@@ -222,7 +171,7 @@ func (c *managedIdentityClient) authenticate(ctx context.Context, id ManagedIDKi
 		cx, cancel := context.WithTimeout(ctx, imdsProbeTimeout)
 		defer cancel()
 		cx = policy.WithRetryOptions(cx, policy.RetryOptions{MaxRetries: -1})
-		req, err := azruntime.NewRequest(cx, http.MethodGet, c.endpoint)
+		req, err := azruntime.NewRequest(cx, http.MethodGet, imdsEndpoint)
 		if err != nil {
 			return azcore.AccessToken{}, fmt.Errorf("failed to create IMDS probe request: %s", err)
 		}
@@ -237,32 +186,26 @@ func (c *managedIdentityClient) authenticate(ctx context.Context, id ManagedIDKi
 		c.probeIMDS = false
 	}
 
-	msg, err := c.createAuthRequest(ctx, id, scopes)
-	if err != nil {
-		return azcore.AccessToken{}, err
-	}
-
-	resp, err := c.azClient.Pipeline().Do(msg)
-	if err != nil {
-		return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, err.Error(), nil)
-	}
-
-	if azruntime.HasStatusCode(resp, http.StatusOK, http.StatusCreated) {
-		tk, err := c.createAccessToken(resp)
-		if err != nil && c.chained && c.msiType == msiTypeIMDS {
-			// failure to unmarshal a 2xx implies the response is from something other than IMDS such as a proxy listening at
+	ar, err := c.msalClient.AcquireToken(ctx, tro.Scopes[0], managedidentity.WithClaims(tro.Claims))
+	if err == nil {
+		msg := fmt.Sprintf(scopeLogFmt, credNameManagedIdentity, strings.Join(ar.GrantedScopes, ", "))
+		log.Write(EventAuthentication, msg)
+		return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC(), RefreshOn: ar.Metadata.RefreshOn.UTC()}, err
+	}
+	if c.imds {
+		var ije msalerrors.InvalidJsonErr
+		if c.chained && errors.As(err, &ije) {
+			// an unmarshaling error implies the response is from something other than IMDS such as a proxy listening at
 			// the same address. Return a credentialUnavailableError so credential chains continue to their next credential
-			err = newCredentialUnavailableError(credNameManagedIdentity, err.Error())
+			return azcore.AccessToken{}, newCredentialUnavailableError(credNameManagedIdentity, err.Error())
+		}
+		resp := getResponseFromError(err)
+		if resp == nil {
+			return azcore.AccessToken{}, newAuthenticationFailedErrorFromMSAL(credNameManagedIdentity, err)
 		}
-		return tk, err
-	}
-
-	if c.msiType == msiTypeIMDS {
 		switch resp.StatusCode {
 		case http.StatusBadRequest:
-			if id != nil {
-				// return authenticationFailedError, halting any encompassing credential chain,
-				// because the explicit user-assigned identity implies the developer expected this to work
+			if c.userAssigned {
 				return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, "the requested identity isn't assigned to this resource", resp)
 			}
 			msg := "failed to authenticate a system assigned identity"
@@ -278,237 +221,7 @@ func (c *managedIdentityClient) authenticate(ctx context.Context, id ManagedIDKi
 				return azcore.AccessToken{}, newCredentialUnavailableError(credNameManagedIdentity, fmt.Sprintf("unexpected response %q", string(body)))
 			}
 		}
-		if c.chained {
-			// the response may be from something other than IMDS, for example a proxy returning
-			// 404. Return credentialUnavailableError so credential chains continue to their
-			// next credential, include the response in the error message to help debugging
-			err = newAuthenticationFailedError(credNameManagedIdentity, "", resp)
-			return azcore.AccessToken{}, newCredentialUnavailableError(credNameManagedIdentity, err.Error())
-		}
-	}
-
-	return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, "", resp)
-}
-
-func (c *managedIdentityClient) createAccessToken(res *http.Response) (azcore.AccessToken, error) {
-	value := struct {
-		// these are the only fields that we use
-		Token        string        `json:"access_token,omitempty"`
-		RefreshToken string        `json:"refresh_token,omitempty"`
-		ExpiresIn    wrappedNumber `json:"expires_in,omitempty"` // this field should always return the number of seconds for which a token is valid
-		ExpiresOn    interface{}   `json:"expires_on,omitempty"` // the value returned in this field varies between a number and a date string
-	}{}
-	if err := azruntime.UnmarshalAsJSON(res, &value); err != nil {
-		return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, "Unexpected response content", res)
-	}
-	if value.ExpiresIn != "" {
-		expiresIn, err := json.Number(value.ExpiresIn).Int64()
-		if err != nil {
-			return azcore.AccessToken{}, err
-		}
-		return azcore.AccessToken{Token: value.Token, ExpiresOn: time.Now().Add(time.Second * time.Duration(expiresIn)).UTC()}, nil
-	}
-	switch v := value.ExpiresOn.(type) {
-	case float64:
-		return azcore.AccessToken{Token: value.Token, ExpiresOn: time.Unix(int64(v), 0).UTC()}, nil
-	case string:
-		if expiresOn, err := strconv.Atoi(v); err == nil {
-			return azcore.AccessToken{Token: value.Token, ExpiresOn: time.Unix(int64(expiresOn), 0).UTC()}, nil
-		}
-		return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, "unexpected expires_on value: "+v, res)
-	default:
-		msg := fmt.Sprintf("unsupported type received in expires_on: %T, %v", v, v)
-		return azcore.AccessToken{}, newAuthenticationFailedError(credNameManagedIdentity, msg, res)
-	}
-}
-
-func (c *managedIdentityClient) createAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
-	switch c.msiType {
-	case msiTypeIMDS:
-		return c.createIMDSAuthRequest(ctx, id, scopes)
-	case msiTypeAppService:
-		return c.createAppServiceAuthRequest(ctx, id, scopes)
-	case msiTypeAzureArc:
-		// need to perform preliminary request to retreive the secret key challenge provided by the HIMDS service
-		key, err := c.getAzureArcSecretKey(ctx, scopes)
-		if err != nil {
-			msg := fmt.Sprintf("failed to retreive secret key from the identity endpoint: %v", err)
-			return nil, newAuthenticationFailedError(credNameManagedIdentity, msg, nil)
-		}
-		return c.createAzureArcAuthRequest(ctx, scopes, key)
-	case msiTypeAzureML:
-		return c.createAzureMLAuthRequest(ctx, id, scopes)
-	case msiTypeServiceFabric:
-		return c.createServiceFabricAuthRequest(ctx, scopes)
-	case msiTypeCloudShell:
-		return c.createCloudShellAuthRequest(ctx, scopes)
-	default:
-		return nil, newCredentialUnavailableError(credNameManagedIdentity, "managed identity isn't supported in this environment")
-	}
-}
-
-func (c *managedIdentityClient) createIMDSAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
-	request, err := azruntime.NewRequest(ctx, http.MethodGet, c.endpoint)
-	if err != nil {
-		return nil, err
-	}
-	request.Raw().Header.Set(headerMetadata, "true")
-	q := request.Raw().URL.Query()
-	q.Set("api-version", imdsAPIVersion)
-	q.Set("resource", strings.Join(scopes, " "))
-	if id != nil {
-		switch id.idKind() {
-		case miClientID:
-			q.Set(qpClientID, id.String())
-		case miObjectID:
-			q.Set("object_id", id.String())
-		case miResourceID:
-			q.Set(msiResID, id.String())
-		}
-	}
-	request.Raw().URL.RawQuery = q.Encode()
-	return request, nil
-}
-
-func (c *managedIdentityClient) createAppServiceAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
-	request, err := azruntime.NewRequest(ctx, http.MethodGet, c.endpoint)
-	if err != nil {
-		return nil, err
-	}
-	request.Raw().Header.Set("X-IDENTITY-HEADER", os.Getenv(identityHeader))
-	q := request.Raw().URL.Query()
-	q.Set("api-version", "2019-08-01")
-	q.Set("resource", scopes[0])
-	if id != nil {
-		switch id.idKind() {
-		case miClientID:
-			q.Set(qpClientID, id.String())
-		case miObjectID:
-			q.Set("principal_id", id.String())
-		case miResourceID:
-			q.Set(miResID, id.String())
-		}
-	}
-	request.Raw().URL.RawQuery = q.Encode()
-	return request, nil
-}
-
-func (c *managedIdentityClient) createAzureMLAuthRequest(ctx context.Context, id ManagedIDKind, scopes []string) (*policy.Request, error) {
-	request, err := azruntime.NewRequest(ctx, http.MethodGet, c.endpoint)
-	if err != nil {
-		return nil, err
-	}
-	request.Raw().Header.Set("secret", os.Getenv(msiSecret))
-	q := request.Raw().URL.Query()
-	q.Set("api-version", "2017-09-01")
-	q.Set("resource", strings.Join(scopes, " "))
-	q.Set("clientid", os.Getenv(defaultIdentityClientID))
-	if id != nil {
-		switch id.idKind() {
-		case miClientID:
-			q.Set("clientid", id.String())
-		case miObjectID:
-			return nil, newAuthenticationFailedError(credNameManagedIdentity, "Azure ML doesn't support specifying a managed identity by object ID", nil)
-		case miResourceID:
-			return nil, newAuthenticationFailedError(credNameManagedIdentity, "Azure ML doesn't support specifying a managed identity by resource ID", nil)
-		}
-	}
-	request.Raw().URL.RawQuery = q.Encode()
-	return request, nil
-}
-
-func (c *managedIdentityClient) createServiceFabricAuthRequest(ctx context.Context, scopes []string) (*policy.Request, error) {
-	request, err := azruntime.NewRequest(ctx, http.MethodGet, c.endpoint)
-	if err != nil {
-		return nil, err
-	}
-	q := request.Raw().URL.Query()
-	request.Raw().Header.Set("Accept", "application/json")
-	request.Raw().Header.Set("Secret", os.Getenv(identityHeader))
-	q.Set("api-version", serviceFabricAPIVersion)
-	q.Set("resource", strings.Join(scopes, " "))
-	request.Raw().URL.RawQuery = q.Encode()
-	return request, nil
-}
-
-func (c *managedIdentityClient) getAzureArcSecretKey(ctx context.Context, resources []string) (string, error) {
-	// create the request to retreive the secret key challenge provided by the HIMDS service
-	request, err := azruntime.NewRequest(ctx, http.MethodGet, c.endpoint)
-	if err != nil {
-		return "", err
-	}
-	request.Raw().Header.Set(headerMetadata, "true")
-	q := request.Raw().URL.Query()
-	q.Set("api-version", azureArcAPIVersion)
-	q.Set("resource", strings.Join(resources, " "))
-	request.Raw().URL.RawQuery = q.Encode()
-	// send the initial request to get the short-lived secret key
-	response, err := c.azClient.Pipeline().Do(request)
-	if err != nil {
-		return "", err
-	}
-	// the endpoint is expected to return a 401 with the WWW-Authenticate header set to the location
-	// of the secret key file. Any other status code indicates an error in the request.
-	if response.StatusCode != 401 {
-		msg := fmt.Sprintf("expected a 401 response, received %d", response.StatusCode)
-		return "", newAuthenticationFailedError(credNameManagedIdentity, msg, response)
-	}
-	header := response.Header.Get("WWW-Authenticate")
-	if len(header) == 0 {
-		return "", newAuthenticationFailedError(credNameManagedIdentity, "HIMDS response has no WWW-Authenticate header", nil)
-	}
-	// the WWW-Authenticate header is expected in the following format: Basic realm=/some/file/path.key
-	_, p, found := strings.Cut(header, "=")
-	if !found {
-		return "", newAuthenticationFailedError(credNameManagedIdentity, "unexpected WWW-Authenticate header from HIMDS: "+header, nil)
-	}
-	expected, err := arcKeyDirectory()
-	if err != nil {
-		return "", err
-	}
-	if filepath.Dir(p) != expected || !strings.HasSuffix(p, ".key") {
-		return "", newAuthenticationFailedError(credNameManagedIdentity, "unexpected file path from HIMDS service: "+p, nil)
-	}
-	f, err := os.Stat(p)
-	if err != nil {
-		return "", newAuthenticationFailedError(credNameManagedIdentity, fmt.Sprintf("could not stat %q: %v", p, err), nil)
-	}
-	if s := f.Size(); s > 4096 {
-		return "", newAuthenticationFailedError(credNameManagedIdentity, fmt.Sprintf("key is too large (%d bytes)", s), nil)
-	}
-	key, err := os.ReadFile(p)
-	if err != nil {
-		return "", newAuthenticationFailedError(credNameManagedIdentity, fmt.Sprintf("could not read %q: %v", p, err), nil)
-	}
-	return string(key), nil
-}
-
-func (c *managedIdentityClient) createAzureArcAuthRequest(ctx context.Context, resources []string, key string) (*policy.Request, error) {
-	request, err := azruntime.NewRequest(ctx, http.MethodGet, c.endpoint)
-	if err != nil {
-		return nil, err
-	}
-	request.Raw().Header.Set(headerMetadata, "true")
-	request.Raw().Header.Set("Authorization", fmt.Sprintf("Basic %s", key))
-	q := request.Raw().URL.Query()
-	q.Set("api-version", azureArcAPIVersion)
-	q.Set("resource", strings.Join(resources, " "))
-	request.Raw().URL.RawQuery = q.Encode()
-	return request, nil
-}
-
-func (c *managedIdentityClient) createCloudShellAuthRequest(ctx context.Context, scopes []string) (*policy.Request, error) {
-	request, err := azruntime.NewRequest(ctx, http.MethodPost, c.endpoint)
-	if err != nil {
-		return nil, err
-	}
-	request.Raw().Header.Set(headerMetadata, "true")
-	data := url.Values{}
-	data.Set("resource", strings.Join(scopes, " "))
-	dataEncoded := data.Encode()
-	body := streaming.NopCloser(strings.NewReader(dataEncoded))
-	if err := request.SetBody(body, "application/x-www-form-urlencoded"); err != nil {
-		return nil, err
 	}
-	return request, nil
+	err = newAuthenticationFailedErrorFromMSAL(credNameManagedIdentity, err)
+	return azcore.AccessToken{}, err
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_credential.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_credential.go
index 1d53579cf3..11b686ccda 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_credential.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/managed_identity_credential.go
@@ -14,7 +14,6 @@ import (
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
-	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/confidential"
 )
 
 const credNameManagedIdentity = "ManagedIdentityCredential"
@@ -110,8 +109,7 @@ type ManagedIdentityCredentialOptions struct {
 //
 // [Azure managed identity]: https://learn.microsoft.com/entra/identity/managed-identities-azure-resources/overview
 type ManagedIdentityCredential struct {
-	client *confidentialClient
-	mic    *managedIdentityClient
+	mic *managedIdentityClient
 }
 
 // NewManagedIdentityCredential creates a ManagedIdentityCredential. Pass nil to accept default options.
@@ -123,38 +121,22 @@ func NewManagedIdentityCredential(options *ManagedIdentityCredentialOptions) (*M
 	if err != nil {
 		return nil, err
 	}
-	cred := confidential.NewCredFromTokenProvider(mic.provideToken)
-
-	// It's okay to give MSAL an invalid client ID because MSAL will use it only as part of a cache key.
-	// ManagedIdentityClient handles all the details of authentication and won't receive this value from MSAL.
-	clientID := "SYSTEM-ASSIGNED-MANAGED-IDENTITY"
-	if options.ID != nil {
-		clientID = options.ID.String()
-	}
-	// similarly, it's okay to give MSAL an incorrect tenant because MSAL won't use the value
-	c, err := newConfidentialClient("common", clientID, credNameManagedIdentity, cred, confidentialClientOptions{
-		ClientOptions: options.ClientOptions,
-	})
-	if err != nil {
-		return nil, err
-	}
-	return &ManagedIdentityCredential{client: c, mic: mic}, nil
+	return &ManagedIdentityCredential{mic: mic}, nil
 }
 
 // GetToken requests an access token from the hosting environment. This method is called automatically by Azure SDK clients.
 func (c *ManagedIdentityCredential) GetToken(ctx context.Context, opts policy.TokenRequestOptions) (azcore.AccessToken, error) {
 	var err error
-	ctx, endSpan := runtime.StartSpan(ctx, credNameManagedIdentity+"."+traceOpGetToken, c.client.azClient.Tracer(), nil)
+	ctx, endSpan := runtime.StartSpan(ctx, credNameManagedIdentity+"."+traceOpGetToken, c.mic.azClient.Tracer(), nil)
 	defer func() { endSpan(err) }()
 
 	if len(opts.Scopes) != 1 {
 		err = fmt.Errorf("%s.GetToken() requires exactly one scope", credNameManagedIdentity)
 		return azcore.AccessToken{}, err
 	}
-	// managed identity endpoints require a Microsoft Entra ID v1 resource (i.e. token audience), not a v2 scope, so we remove "/.default" here
+	// managed identity endpoints require a v1 resource (i.e. token audience), not a v2 scope, so we remove "/.default" here
 	opts.Scopes = []string{strings.TrimSuffix(opts.Scopes[0], defaultSuffix)}
-	tk, err := c.client.GetToken(ctx, opts)
-	return tk, err
+	return c.mic.GetToken(ctx, opts)
 }
 
 var _ azcore.TokenCredential = (*ManagedIdentityCredential)(nil)
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/public_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/public_client.go
index ef5e4d7212..053d1785f8 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/public_client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/public_client.go
@@ -243,7 +243,7 @@ func (p *publicClient) token(ar public.AuthResult, err error) (azcore.AccessToke
 	} else {
 		err = newAuthenticationFailedErrorFromMSAL(p.name, err)
 	}
-	return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err
+	return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC(), RefreshOn: ar.Metadata.RefreshOn.UTC()}, err
 }
 
 // resolveTenant returns the correct WithTenantID() argument for a token request given the client's
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/test-resources-post.ps1 b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/test-resources-post.ps1
index efa8c6d3eb..67f97fbb2b 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/test-resources-post.ps1
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/test-resources-post.ps1
@@ -72,6 +72,7 @@ az container create -g $rg -n $aciName --image $image `
   --acr-identity $($DeploymentOutputs['AZIDENTITY_USER_ASSIGNED_IDENTITY']) `
   --assign-identity [system] $($DeploymentOutputs['AZIDENTITY_USER_ASSIGNED_IDENTITY']) `
   --cpu 1 `
+  --ip-address Public `
   --memory 1.0 `
   --os-type Linux `
   --role "Storage Blob Data Reader" `
@@ -82,7 +83,8 @@ az container create -g $rg -n $aciName --image $image `
   AZIDENTITY_USER_ASSIGNED_IDENTITY_CLIENT_ID=$($DeploymentOutputs['AZIDENTITY_USER_ASSIGNED_IDENTITY_CLIENT_ID']) `
   AZIDENTITY_USER_ASSIGNED_IDENTITY_OBJECT_ID=$($DeploymentOutputs['AZIDENTITY_USER_ASSIGNED_IDENTITY_OBJECT_ID']) `
   FUNCTIONS_CUSTOMHANDLER_PORT=80
-Write-Host "##vso[task.setvariable variable=AZIDENTITY_ACI_NAME;]$aciName"
+$aciIP = az container show -g $rg -n $aciName --query ipAddress.ip --output tsv
+Write-Host "##vso[task.setvariable variable=AZIDENTITY_ACI_IP;]$aciIP"
 
 # Azure Functions deployment: copy the Windows binary from the Docker image, deploy it in a zip
 Write-Host "Deploying to Azure Functions"
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/username_password_credential.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/username_password_credential.go
index 740abd4709..5791e7d224 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/username_password_credential.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/username_password_credential.go
@@ -17,6 +17,11 @@ import (
 const credNameUserPassword = "UsernamePasswordCredential"
 
 // UsernamePasswordCredentialOptions contains optional parameters for UsernamePasswordCredential.
+//
+// Deprecated: UsernamePasswordCredential is deprecated because it can't support multifactor
+// authentication. See [Entra ID documentation] for migration guidance.
+//
+// [Entra ID documentation]: https://aka.ms/azsdk/identity/mfa
 type UsernamePasswordCredentialOptions struct {
 	azcore.ClientOptions
 
@@ -43,8 +48,13 @@ type UsernamePasswordCredentialOptions struct {
 
 // UsernamePasswordCredential authenticates a user with a password. Microsoft doesn't recommend this kind of authentication,
 // because it's less secure than other authentication flows. This credential is not interactive, so it isn't compatible
-// with any form of multi-factor authentication, and the application must already have user or admin consent.
+// with any form of multifactor authentication, and the application must already have user or admin consent.
 // This credential can only authenticate work and school accounts; it can't authenticate Microsoft accounts.
+//
+// Deprecated: this credential is deprecated because it can't support multifactor authentication. See [Entra ID documentation]
+// for migration guidance.
+//
+// [Entra ID documentation]: https://aka.ms/azsdk/identity/mfa
 type UsernamePasswordCredential struct {
 	client *publicClient
 }
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/version.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/version.go
index fec0419ca7..2b767762fa 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/version.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/azidentity/version.go
@@ -14,5 +14,5 @@ const (
 	module = "github.com/Azure/azure-sdk-for-go/sdk/" + component
 
 	// Version is the semantic version (see http://semver.org) of this module.
-	version = "v1.8.2"
+	version = "v1.10.1"
 )
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/internal/log/log.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/internal/log/log.go
index 4f1dcf1b78..76dadf7d35 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/internal/log/log.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/internal/log/log.go
@@ -44,7 +44,7 @@ func Should(cls Event) bool {
 	if log.lst == nil {
 		return false
 	}
-	if log.cls == nil || len(log.cls) == 0 {
+	if len(log.cls) == 0 {
 		return true
 	}
 	for _, c := range log.cls {
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/internal/temporal/resource.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/internal/temporal/resource.go
index 238ef42ed0..02aa1fb3bc 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/sdk/internal/temporal/resource.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/internal/temporal/resource.go
@@ -11,9 +11,17 @@ import (
 	"time"
 )
 
+// backoff sets a minimum wait time between eager update attempts. It's a variable so tests can manipulate it.
+var backoff = func(now, lastAttempt time.Time) bool {
+	return lastAttempt.Add(30 * time.Second).After(now)
+}
+
 // AcquireResource abstracts a method for refreshing a temporal resource.
 type AcquireResource[TResource, TState any] func(state TState) (newResource TResource, newExpiration time.Time, err error)
 
+// ShouldRefresh abstracts a method for indicating whether a resource should be refreshed before expiration.
+type ShouldRefresh[TResource, TState any] func(TResource, TState) bool
+
 // Resource is a temporal resource (usually a credential) that requires periodic refreshing.
 type Resource[TResource, TState any] struct {
 	// cond is used to synchronize access to the shared resource embodied by the remaining fields
@@ -31,24 +39,43 @@ type Resource[TResource, TState any] struct {
 	// lastAttempt indicates when a thread/goroutine last attempted to acquire/update the resource
 	lastAttempt time.Time
 
+	// shouldRefresh indicates whether the resource should be refreshed before expiration
+	shouldRefresh ShouldRefresh[TResource, TState]
+
 	// acquireResource is the callback function that actually acquires the resource
 	acquireResource AcquireResource[TResource, TState]
 }
 
 // NewResource creates a new Resource that uses the specified AcquireResource for refreshing.
 func NewResource[TResource, TState any](ar AcquireResource[TResource, TState]) *Resource[TResource, TState] {
-	return &Resource[TResource, TState]{cond: sync.NewCond(&sync.Mutex{}), acquireResource: ar}
+	r := &Resource[TResource, TState]{acquireResource: ar, cond: sync.NewCond(&sync.Mutex{})}
+	r.shouldRefresh = r.expiringSoon
+	return r
+}
+
+// ResourceOptions contains optional configuration for Resource
+type ResourceOptions[TResource, TState any] struct {
+	// ShouldRefresh indicates whether [Resource.Get] should acquire an updated resource despite
+	// the currently held resource not having expired. [Resource.Get] ignores all errors from
+	// refresh attempts triggered by ShouldRefresh returning true, and doesn't call ShouldRefresh
+	// when the resource has expired (it unconditionally updates expired resources). When
+	// ShouldRefresh is nil, [Resource.Get] refreshes the resource if it will expire within 5
+	// minutes.
+	ShouldRefresh ShouldRefresh[TResource, TState]
+}
+
+// NewResourceWithOptions creates a new Resource that uses the specified AcquireResource for refreshing.
+func NewResourceWithOptions[TResource, TState any](ar AcquireResource[TResource, TState], opts ResourceOptions[TResource, TState]) *Resource[TResource, TState] {
+	r := NewResource(ar)
+	if opts.ShouldRefresh != nil {
+		r.shouldRefresh = opts.ShouldRefresh
+	}
+	return r
 }
 
 // Get returns the underlying resource.
 // If the resource is fresh, no refresh is performed.
 func (er *Resource[TResource, TState]) Get(state TState) (TResource, error) {
-	// If the resource is expiring within this time window, update it eagerly.
-	// This allows other threads/goroutines to keep running by using the not-yet-expired
-	// resource value while one thread/goroutine updates the resource.
-	const window = 5 * time.Minute   // This example updates the resource 5 minutes prior to expiration
-	const backoff = 30 * time.Second // Minimum wait time between eager update attempts
-
 	now, acquire, expired := time.Now(), false, false
 
 	// acquire exclusive lock
@@ -65,9 +92,8 @@ func (er *Resource[TResource, TState]) Get(state TState) (TResource, error) {
 				break
 			}
 			// Getting here means that this thread/goroutine will wait for the updated resource
-		} else if er.expiration.Add(-window).Before(now) {
-			// The resource is valid but is expiring within the time window
-			if !er.acquiring && er.lastAttempt.Add(backoff).Before(now) {
+		} else if er.shouldRefresh(resource, state) {
+			if !(er.acquiring || backoff(now, er.lastAttempt)) {
 				// If another thread/goroutine is not acquiring/renewing the resource, and none has attempted
 				// to do so within the last 30 seconds, this thread/goroutine will do it
 				er.acquiring, acquire = true, true
@@ -121,3 +147,8 @@ func (er *Resource[TResource, TState]) Expire() {
 	// Reset the expiration as if we never got this resource to begin with
 	er.expiration = time.Time{}
 }
+
+func (er *Resource[TResource, TState]) expiringSoon(TResource, TState) bool {
+	// call time.Now() instead of using Get's value so ShouldRefresh doesn't need a time.Time parameter
+	return er.expiration.Add(-5 * time.Minute).Before(time.Now())
+}
diff --git a/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/azure_ml.go b/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/azure_ml.go
new file mode 100644
index 0000000000..d7cffc295e
--- /dev/null
+++ b/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/azure_ml.go
@@ -0,0 +1,28 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+
+package managedidentity
+
+import (
+	"context"
+	"net/http"
+	"os"
+)
+
+func createAzureMLAuthRequest(ctx context.Context, id ID, resource string) (*http.Request, error) {
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, os.Getenv(msiEndpointEnvVar), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Set("secret", os.Getenv(msiSecretEnvVar))
+	q := req.URL.Query()
+	q.Set(apiVersionQueryParameterName, azureMLAPIVersion)
+	q.Set(resourceQueryParameterName, resource)
+	q.Set("clientid", os.Getenv("DEFAULT_IDENTITY_CLIENT_ID"))
+	if cid, ok := id.(UserAssignedClientID); ok {
+		q.Set("clientid", string(cid))
+	}
+	req.URL.RawQuery = q.Encode()
+	return req, nil
+}
diff --git a/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/cloud_shell.go b/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/cloud_shell.go
new file mode 100644
index 0000000000..be9a0bca38
--- /dev/null
+++ b/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/cloud_shell.go
@@ -0,0 +1,37 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+
+package managedidentity
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"os"
+	"strings"
+)
+
+func createCloudShellAuthRequest(ctx context.Context, resource string) (*http.Request, error) {
+	msiEndpoint := os.Getenv(msiEndpointEnvVar)
+	msiEndpointParsed, err := url.Parse(msiEndpoint)
+	if err != nil {
+		return nil, fmt.Errorf("couldn't parse %q: %s", msiEndpoint, err)
+	}
+
+	data := url.Values{}
+	data.Set(resourceQueryParameterName, resource)
+	msiDataEncoded := data.Encode()
+	body := io.NopCloser(strings.NewReader(msiDataEncoded))
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodPost, msiEndpointParsed.String(), body)
+	if err != nil {
+		return nil, fmt.Errorf("error creating http request %s", err)
+	}
+
+	req.Header.Set(metaHTTPHeaderName, "true")
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+
+	return req, nil
+}
diff --git a/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/managedidentity.go b/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/managedidentity.go
new file mode 100644
index 0000000000..ca3de4325f
--- /dev/null
+++ b/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/managedidentity.go
@@ -0,0 +1,717 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+
+/*
+Package managedidentity provides a client for retrieval of Managed Identity applications.
+The Managed Identity Client is used to acquire a token for managed identity assigned to
+an azure resource such as Azure function, app service, virtual machine, etc. to acquire a token
+without using credentials.
+*/
+package managedidentity
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"os"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"sync/atomic"
+	"time"
+
+	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/errors"
+	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/base"
+	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/base/storage"
+	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/oauth/ops"
+	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/oauth/ops/accesstokens"
+	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/oauth/ops/authority"
+	"github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/shared"
+)
+
+// AuthResult contains the results of one token acquisition operation.
+// For details see https://aka.ms/msal-net-authenticationresult
+type AuthResult = base.AuthResult
+
+type TokenSource = base.TokenSource
+
+const (
+	TokenSourceIdentityProvider = base.TokenSourceIdentityProvider
+	TokenSourceCache            = base.TokenSourceCache
+)
+
+const (
+	// DefaultToIMDS indicates that the source is defaulted to IMDS when no environment variables are set.
+	DefaultToIMDS Source = "DefaultToIMDS"
+	AzureArc      Source = "AzureArc"
+	ServiceFabric Source = "ServiceFabric"
+	CloudShell    Source = "CloudShell"
+	AzureML       Source = "AzureML"
+	AppService    Source = "AppService"
+
+	// General request query parameter names
+	metaHTTPHeaderName           = "Metadata"
+	apiVersionQueryParameterName = "api-version"
+	resourceQueryParameterName   = "resource"
+	wwwAuthenticateHeaderName    = "www-authenticate"
+
+	// UAMI query parameter name
+	miQueryParameterClientId       = "client_id"
+	miQueryParameterObjectId       = "object_id"
+	miQueryParameterPrincipalId    = "principal_id"
+	miQueryParameterResourceIdIMDS = "msi_res_id"
+	miQueryParameterResourceId     = "mi_res_id"
+
+	// IMDS
+	imdsDefaultEndpoint           = "http://169.254.169.254/metadata/identity/oauth2/token"
+	imdsAPIVersion                = "2018-02-01"
+	systemAssignedManagedIdentity = "system_assigned_managed_identity"
+
+	// Azure Arc
+	azureArcEndpoint               = "http://127.0.0.1:40342/metadata/identity/oauth2/token"
+	azureArcAPIVersion             = "2020-06-01"
+	azureArcFileExtension          = ".key"
+	azureArcMaxFileSizeBytes int64 = 4096
+	linuxTokenPath                 = "/var/opt/azcmagent/tokens" // #nosec G101
+	linuxHimdsPath                 = "/opt/azcmagent/bin/himds"
+	azureConnectedMachine          = "AzureConnectedMachineAgent"
+	himdsExecutableName            = "himds.exe"
+	tokenName                      = "Tokens"
+
+	// App Service
+	appServiceAPIVersion = "2019-08-01"
+
+	// AzureML
+	azureMLAPIVersion = "2017-09-01"
+	// Service Fabric
+	serviceFabricAPIVersion = "2019-07-01-preview"
+
+	// Environment Variables
+	identityEndpointEnvVar              = "IDENTITY_ENDPOINT"
+	identityHeaderEnvVar                = "IDENTITY_HEADER"
+	azurePodIdentityAuthorityHostEnvVar = "AZURE_POD_IDENTITY_AUTHORITY_HOST"
+	imdsEndVar                          = "IMDS_ENDPOINT"
+	msiEndpointEnvVar                   = "MSI_ENDPOINT"
+	msiSecretEnvVar                     = "MSI_SECRET"
+	identityServerThumbprintEnvVar      = "IDENTITY_SERVER_THUMBPRINT"
+
+	defaultRetryCount = 3
+)
+
+var retryCodesForIMDS = []int{
+	http.StatusNotFound,                      // 404
+	http.StatusGone,                          // 410
+	http.StatusTooManyRequests,               // 429
+	http.StatusInternalServerError,           // 500
+	http.StatusNotImplemented,                // 501
+	http.StatusBadGateway,                    // 502
+	http.StatusServiceUnavailable,            // 503
+	http.StatusGatewayTimeout,                // 504
+	http.StatusHTTPVersionNotSupported,       // 505
+	http.StatusVariantAlsoNegotiates,         // 506
+	http.StatusInsufficientStorage,           // 507
+	http.StatusLoopDetected,                  // 508
+	http.StatusNotExtended,                   // 510
+	http.StatusNetworkAuthenticationRequired, // 511
+}
+
+var retryStatusCodes = []int{
+	http.StatusRequestTimeout,      // 408
+	http.StatusTooManyRequests,     // 429
+	http.StatusInternalServerError, // 500
+	http.StatusBadGateway,          // 502
+	http.StatusServiceUnavailable,  // 503
+	http.StatusGatewayTimeout,      // 504
+}
+
+var getAzureArcPlatformPath = func(platform string) string {
+	switch platform {
+	case "windows":
+		return filepath.Join(os.Getenv("ProgramData"), azureConnectedMachine, tokenName)
+	case "linux":
+		return linuxTokenPath
+	default:
+		return ""
+	}
+}
+
+var getAzureArcHimdsFilePath = func(platform string) string {
+	switch platform {
+	case "windows":
+		return filepath.Join(os.Getenv("ProgramData"), azureConnectedMachine, himdsExecutableName)
+	case "linux":
+		return linuxHimdsPath
+	default:
+		return ""
+	}
+}
+
+type Source string
+
+type ID interface {
+	value() string
+}
+
+type systemAssignedValue string // its private for a reason to make the input consistent.
+type UserAssignedClientID string
+type UserAssignedObjectID string
+type UserAssignedResourceID string
+
+func (s systemAssignedValue) value() string    { return string(s) }
+func (c UserAssignedClientID) value() string   { return string(c) }
+func (o UserAssignedObjectID) value() string   { return string(o) }
+func (r UserAssignedResourceID) value() string { return string(r) }
+func SystemAssigned() ID {
+	return systemAssignedValue(systemAssignedManagedIdentity)
+}
+
+// cache never uses the client because instance discovery is always disabled.
+var cacheManager *storage.Manager = storage.New(nil)
+
+type Client struct {
+	httpClient         ops.HTTPClient
+	miType             ID
+	source             Source
+	authParams         authority.AuthParams
+	retryPolicyEnabled bool
+	canRefresh         *atomic.Value
+}
+
+type AcquireTokenOptions struct {
+	claims string
+}
+
+type ClientOption func(*Client)
+
+type AcquireTokenOption func(o *AcquireTokenOptions)
+
+// WithClaims sets additional claims to request for the token, such as those required by token revocation or conditional access policies.
+// Use this option when Azure AD returned a claims challenge for a prior request. The argument must be decoded.
+func WithClaims(claims string) AcquireTokenOption {
+	return func(o *AcquireTokenOptions) {
+		o.claims = claims
+	}
+}
+
+// WithHTTPClient allows for a custom HTTP client to be set.
+func WithHTTPClient(httpClient ops.HTTPClient) ClientOption {
+	return func(c *Client) {
+		c.httpClient = httpClient
+	}
+}
+
+func WithRetryPolicyDisabled() ClientOption {
+	return func(c *Client) {
+		c.retryPolicyEnabled = false
+	}
+}
+
+// Client to be used to acquire tokens for managed identity.
+// ID: [SystemAssigned], [UserAssignedClientID], [UserAssignedResourceID], [UserAssignedObjectID]
+//
+// Options: [WithHTTPClient]
+func New(id ID, options ...ClientOption) (Client, error) {
+	source, err := GetSource()
+	if err != nil {
+		return Client{}, err
+	}
+
+	// Check for user-assigned restrictions based on the source
+	switch source {
+	case AzureArc:
+		switch id.(type) {
+		case UserAssignedClientID, UserAssignedResourceID, UserAssignedObjectID:
+			return Client{}, errors.New("Azure Arc doesn't support user-assigned managed identities")
+		}
+	case AzureML:
+		switch id.(type) {
+		case UserAssignedObjectID, UserAssignedResourceID:
+			return Client{}, errors.New("Azure ML supports specifying a user-assigned managed identity by client ID only")
+		}
+	case CloudShell:
+		switch id.(type) {
+		case UserAssignedClientID, UserAssignedResourceID, UserAssignedObjectID:
+			return Client{}, errors.New("Cloud Shell doesn't support user-assigned managed identities")
+		}
+	case ServiceFabric:
+		switch id.(type) {
+		case UserAssignedClientID, UserAssignedResourceID, UserAssignedObjectID:
+			return Client{}, errors.New("Service Fabric API doesn't support specifying a user-assigned identity. The identity is determined by cluster resource configuration. See https://aka.ms/servicefabricmi")
+		}
+	}
+
+	switch t := id.(type) {
+	case UserAssignedClientID:
+		if len(string(t)) == 0 {
+			return Client{}, fmt.Errorf("empty %T", t)
+		}
+	case UserAssignedResourceID:
+		if len(string(t)) == 0 {
+			return Client{}, fmt.Errorf("empty %T", t)
+		}
+	case UserAssignedObjectID:
+		if len(string(t)) == 0 {
+			return Client{}, fmt.Errorf("empty %T", t)
+		}
+	case systemAssignedValue:
+	default:
+		return Client{}, fmt.Errorf("unsupported type %T", id)
+	}
+	zero := atomic.Value{}
+	zero.Store(false)
+	client := Client{
+		miType:             id,
+		httpClient:         shared.DefaultClient,
+		retryPolicyEnabled: true,
+		source:             source,
+		canRefresh:         &zero,
+	}
+	for _, option := range options {
+		option(&client)
+	}
+	fakeAuthInfo, err := authority.NewInfoFromAuthorityURI("https://login.microsoftonline.com/managed_identity", false, true)
+	if err != nil {
+		return Client{}, err
+	}
+	client.authParams = authority.NewAuthParams(client.miType.value(), fakeAuthInfo)
+	return client, nil
+}
+
+// GetSource detects and returns the managed identity source available on the environment.
+func GetSource() (Source, error) {
+	identityEndpoint := os.Getenv(identityEndpointEnvVar)
+	identityHeader := os.Getenv(identityHeaderEnvVar)
+	identityServerThumbprint := os.Getenv(identityServerThumbprintEnvVar)
+	msiEndpoint := os.Getenv(msiEndpointEnvVar)
+	msiSecret := os.Getenv(msiSecretEnvVar)
+	imdsEndpoint := os.Getenv(imdsEndVar)
+
+	if identityEndpoint != "" && identityHeader != "" {
+		if identityServerThumbprint != "" {
+			return ServiceFabric, nil
+		}
+		return AppService, nil
+	} else if msiEndpoint != "" {
+		if msiSecret != "" {
+			return AzureML, nil
+		} else {
+			return CloudShell, nil
+		}
+	} else if isAzureArcEnvironment(identityEndpoint, imdsEndpoint) {
+		return AzureArc, nil
+	}
+
+	return DefaultToIMDS, nil
+}
+
+// This function wraps time.Now() and is used for refreshing the application
+// was created to test the function against refreshin
+var now = time.Now
+
+// Acquires tokens from the configured managed identity on an azure resource.
+//
+// Resource: scopes application is requesting access to
+// Options: [WithClaims]
+func (c Client) AcquireToken(ctx context.Context, resource string, options ...AcquireTokenOption) (AuthResult, error) {
+	resource = strings.TrimSuffix(resource, "/.default")
+	o := AcquireTokenOptions{}
+	for _, option := range options {
+		option(&o)
+	}
+	c.authParams.Scopes = []string{resource}
+
+	// ignore cached access tokens when given claims
+	if o.claims == "" {
+		stResp, err := cacheManager.Read(ctx, c.authParams)
+		if err != nil {
+			return AuthResult{}, err
+		}
+		ar, err := base.AuthResultFromStorage(stResp)
+		if err == nil {
+			if !stResp.AccessToken.RefreshOn.T.IsZero() && !stResp.AccessToken.RefreshOn.T.After(now()) && c.canRefresh.CompareAndSwap(false, true) {
+				defer c.canRefresh.Store(false)
+				if tr, er := c.getToken(ctx, resource); er == nil {
+					return tr, nil
+				}
+			}
+			ar.AccessToken, err = c.authParams.AuthnScheme.FormatAccessToken(ar.AccessToken)
+			return ar, err
+		}
+	}
+	return c.getToken(ctx, resource)
+}
+
+func (c Client) getToken(ctx context.Context, resource string) (AuthResult, error) {
+	switch c.source {
+	case AzureArc:
+		return c.acquireTokenForAzureArc(ctx, resource)
+	case AzureML:
+		return c.acquireTokenForAzureML(ctx, resource)
+	case CloudShell:
+		return c.acquireTokenForCloudShell(ctx, resource)
+	case DefaultToIMDS:
+		return c.acquireTokenForIMDS(ctx, resource)
+	case AppService:
+		return c.acquireTokenForAppService(ctx, resource)
+	case ServiceFabric:
+		return c.acquireTokenForServiceFabric(ctx, resource)
+	default:
+		return AuthResult{}, fmt.Errorf("unsupported source %q", c.source)
+	}
+}
+
+func (c Client) acquireTokenForAppService(ctx context.Context, resource string) (AuthResult, error) {
+	req, err := createAppServiceAuthRequest(ctx, c.miType, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	tokenResponse, err := c.getTokenForRequest(req, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	return authResultFromToken(c.authParams, tokenResponse)
+}
+
+func (c Client) acquireTokenForIMDS(ctx context.Context, resource string) (AuthResult, error) {
+	req, err := createIMDSAuthRequest(ctx, c.miType, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	tokenResponse, err := c.getTokenForRequest(req, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	return authResultFromToken(c.authParams, tokenResponse)
+}
+
+func (c Client) acquireTokenForCloudShell(ctx context.Context, resource string) (AuthResult, error) {
+	req, err := createCloudShellAuthRequest(ctx, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	tokenResponse, err := c.getTokenForRequest(req, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	return authResultFromToken(c.authParams, tokenResponse)
+}
+
+func (c Client) acquireTokenForAzureML(ctx context.Context, resource string) (AuthResult, error) {
+	req, err := createAzureMLAuthRequest(ctx, c.miType, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	tokenResponse, err := c.getTokenForRequest(req, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	return authResultFromToken(c.authParams, tokenResponse)
+}
+
+func (c Client) acquireTokenForServiceFabric(ctx context.Context, resource string) (AuthResult, error) {
+	req, err := createServiceFabricAuthRequest(ctx, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	tokenResponse, err := c.getTokenForRequest(req, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	return authResultFromToken(c.authParams, tokenResponse)
+}
+
+func (c Client) acquireTokenForAzureArc(ctx context.Context, resource string) (AuthResult, error) {
+	req, err := createAzureArcAuthRequest(ctx, resource, "")
+	if err != nil {
+		return AuthResult{}, err
+	}
+
+	response, err := c.httpClient.Do(req)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	defer response.Body.Close()
+
+	if response.StatusCode != http.StatusUnauthorized {
+		return AuthResult{}, fmt.Errorf("expected a 401 response, received %d", response.StatusCode)
+	}
+
+	secret, err := c.getAzureArcSecretKey(response, runtime.GOOS)
+	if err != nil {
+		return AuthResult{}, err
+	}
+
+	secondRequest, err := createAzureArcAuthRequest(ctx, resource, string(secret))
+	if err != nil {
+		return AuthResult{}, err
+	}
+
+	tokenResponse, err := c.getTokenForRequest(secondRequest, resource)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	return authResultFromToken(c.authParams, tokenResponse)
+}
+
+func authResultFromToken(authParams authority.AuthParams, token accesstokens.TokenResponse) (AuthResult, error) {
+	if cacheManager == nil {
+		return AuthResult{}, errors.New("cache instance is nil")
+	}
+	account, err := cacheManager.Write(authParams, token)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	// if refreshOn is not set, set it to half of the time until expiry if expiry is more than 2 hours away
+	if token.RefreshOn.T.IsZero() {
+		if lifetime := time.Until(token.ExpiresOn); lifetime > 2*time.Hour {
+			token.RefreshOn.T = time.Now().Add(lifetime / 2)
+		}
+	}
+	ar, err := base.NewAuthResult(token, account)
+	if err != nil {
+		return AuthResult{}, err
+	}
+	ar.AccessToken, err = authParams.AuthnScheme.FormatAccessToken(ar.AccessToken)
+	return ar, err
+}
+
+// contains checks if the element is present in the list.
+func contains[T comparable](list []T, element T) bool {
+	for _, v := range list {
+		if v == element {
+			return true
+		}
+	}
+	return false
+}
+
+// retry performs an HTTP request with retries based on the provided options.
+func (c Client) retry(maxRetries int, req *http.Request) (*http.Response, error) {
+	var resp *http.Response
+	var err error
+	for attempt := 0; attempt < maxRetries; attempt++ {
+		tryCtx, tryCancel := context.WithTimeout(req.Context(), time.Minute)
+		defer tryCancel()
+		if resp != nil && resp.Body != nil {
+			_, _ = io.Copy(io.Discard, resp.Body)
+			resp.Body.Close()
+		}
+		cloneReq := req.Clone(tryCtx)
+		resp, err = c.httpClient.Do(cloneReq)
+		retrylist := retryStatusCodes
+		if c.source == DefaultToIMDS {
+			retrylist = retryCodesForIMDS
+		}
+		if err == nil && !contains(retrylist, resp.StatusCode) {
+			return resp, nil
+		}
+		select {
+		case <-time.After(time.Second):
+		case <-req.Context().Done():
+			err = req.Context().Err()
+			return resp, err
+		}
+	}
+	return resp, err
+}
+
+func (c Client) getTokenForRequest(req *http.Request, resource string) (accesstokens.TokenResponse, error) {
+	r := accesstokens.TokenResponse{}
+	var resp *http.Response
+	var err error
+
+	if c.retryPolicyEnabled {
+		resp, err = c.retry(defaultRetryCount, req)
+	} else {
+		resp, err = c.httpClient.Do(req)
+	}
+	if err != nil {
+		return r, err
+	}
+	responseBytes, err := io.ReadAll(resp.Body)
+	defer resp.Body.Close()
+	if err != nil {
+		return r, err
+	}
+	switch resp.StatusCode {
+	case http.StatusOK, http.StatusAccepted:
+	default:
+		sd := strings.TrimSpace(string(responseBytes))
+		if sd != "" {
+			return r, errors.CallErr{
+				Req:  req,
+				Resp: resp,
+				Err: fmt.Errorf("http call(%s)(%s) error: reply status code was %d:\n%s",
+					req.URL.String(),
+					req.Method,
+					resp.StatusCode,
+					sd),
+			}
+		}
+		return r, errors.CallErr{
+			Req:  req,
+			Resp: resp,
+			Err:  fmt.Errorf("http call(%s)(%s) error: reply status code was %d", req.URL.String(), req.Method, resp.StatusCode),
+		}
+	}
+
+	err = json.Unmarshal(responseBytes, &r)
+	if err != nil {
+		return r, errors.InvalidJsonErr{
+			Err: fmt.Errorf("error parsing the json error: %s", err),
+		}
+	}
+	r.GrantedScopes.Slice = append(r.GrantedScopes.Slice, resource)
+
+	return r, err
+}
+
+func createAppServiceAuthRequest(ctx context.Context, id ID, resource string) (*http.Request, error) {
+	identityEndpoint := os.Getenv(identityEndpointEnvVar)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, identityEndpoint, nil)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("X-IDENTITY-HEADER", os.Getenv(identityHeaderEnvVar))
+	q := req.URL.Query()
+	q.Set("api-version", appServiceAPIVersion)
+	q.Set("resource", resource)
+	switch t := id.(type) {
+	case UserAssignedClientID:
+		q.Set(miQueryParameterClientId, string(t))
+	case UserAssignedResourceID:
+		q.Set(miQueryParameterResourceId, string(t))
+	case UserAssignedObjectID:
+		q.Set(miQueryParameterObjectId, string(t))
+	case systemAssignedValue:
+	default:
+		return nil, fmt.Errorf("unsupported type %T", id)
+	}
+	req.URL.RawQuery = q.Encode()
+	return req, nil
+}
+
+func createIMDSAuthRequest(ctx context.Context, id ID, resource string) (*http.Request, error) {
+	msiEndpoint, err := url.Parse(imdsDefaultEndpoint)
+	if err != nil {
+		return nil, fmt.Errorf("couldn't parse %q: %s", imdsDefaultEndpoint, err)
+	}
+	msiParameters := msiEndpoint.Query()
+	msiParameters.Set(apiVersionQueryParameterName, imdsAPIVersion)
+	msiParameters.Set(resourceQueryParameterName, resource)
+
+	switch t := id.(type) {
+	case UserAssignedClientID:
+		msiParameters.Set(miQueryParameterClientId, string(t))
+	case UserAssignedResourceID:
+		msiParameters.Set(miQueryParameterResourceIdIMDS, string(t))
+	case UserAssignedObjectID:
+		msiParameters.Set(miQueryParameterObjectId, string(t))
+	case systemAssignedValue: // not adding anything
+	default:
+		return nil, fmt.Errorf("unsupported type %T", id)
+	}
+
+	msiEndpoint.RawQuery = msiParameters.Encode()
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, msiEndpoint.String(), nil)
+	if err != nil {
+		return nil, fmt.Errorf("error creating http request %s", err)
+	}
+	req.Header.Set(metaHTTPHeaderName, "true")
+	return req, nil
+}
+
+func createAzureArcAuthRequest(ctx context.Context, resource string, key string) (*http.Request, error) {
+	identityEndpoint := os.Getenv(identityEndpointEnvVar)
+	if identityEndpoint == "" {
+		identityEndpoint = azureArcEndpoint
+	}
+	msiEndpoint, parseErr := url.Parse(identityEndpoint)
+
+	if parseErr != nil {
+		return nil, fmt.Errorf("couldn't parse %q: %s", identityEndpoint, parseErr)
+	}
+
+	msiParameters := msiEndpoint.Query()
+	msiParameters.Set(apiVersionQueryParameterName, azureArcAPIVersion)
+	msiParameters.Set(resourceQueryParameterName, resource)
+
+	msiEndpoint.RawQuery = msiParameters.Encode()
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, msiEndpoint.String(), nil)
+	if err != nil {
+		return nil, fmt.Errorf("error creating http request %s", err)
+	}
+	req.Header.Set(metaHTTPHeaderName, "true")
+
+	if key != "" {
+		req.Header.Set("Authorization", fmt.Sprintf("Basic %s", key))
+	}
+
+	return req, nil
+}
+
+func isAzureArcEnvironment(identityEndpoint, imdsEndpoint string) bool {
+	if identityEndpoint != "" && imdsEndpoint != "" {
+		return true
+	}
+	himdsFilePath := getAzureArcHimdsFilePath(runtime.GOOS)
+	if himdsFilePath != "" {
+		if _, err := os.Stat(himdsFilePath); err == nil {
+			return true
+		}
+	}
+	return false
+}
+
+func (c *Client) getAzureArcSecretKey(response *http.Response, platform string) (string, error) {
+	wwwAuthenticateHeader := response.Header.Get(wwwAuthenticateHeaderName)
+
+	if len(wwwAuthenticateHeader) == 0 {
+		return "", errors.New("response has no www-authenticate header")
+	}
+
+	// check if the platform is supported
+	expectedSecretFilePath := getAzureArcPlatformPath(platform)
+	if expectedSecretFilePath == "" {
+		return "", errors.New("platform not supported, expected linux or windows")
+	}
+
+	parts := strings.Split(wwwAuthenticateHeader, "Basic realm=")
+	if len(parts) < 2 {
+		return "", fmt.Errorf("basic realm= not found in the string, instead found: %s", wwwAuthenticateHeader)
+	}
+
+	secretFilePath := parts
+
+	// check that the file in the file path is a .key file
+	fileName := filepath.Base(secretFilePath[1])
+	if !strings.HasSuffix(fileName, azureArcFileExtension) {
+		return "", fmt.Errorf("invalid file extension, expected %s, got %s", azureArcFileExtension, filepath.Ext(fileName))
+	}
+
+	// check that file path from header matches the expected file path for the platform
+	if expectedSecretFilePath != filepath.Dir(secretFilePath[1]) {
+		return "", fmt.Errorf("invalid file path, expected %s, got %s", expectedSecretFilePath, filepath.Dir(secretFilePath[1]))
+	}
+
+	fileInfo, err := os.Stat(secretFilePath[1])
+	if err != nil {
+		return "", fmt.Errorf("failed to get metadata for %s due to error: %s", secretFilePath[1], err)
+	}
+
+	// Throw an error if the secret file's size is greater than 4096 bytes
+	if s := fileInfo.Size(); s > azureArcMaxFileSizeBytes {
+		return "", fmt.Errorf("invalid secret file size, expected %d, file size was %d", azureArcMaxFileSizeBytes, s)
+	}
+
+	// Attempt to read the contents of the secret file
+	secret, err := os.ReadFile(secretFilePath[1])
+	if err != nil {
+		return "", fmt.Errorf("failed to read %q due to error: %s", secretFilePath[1], err)
+	}
+
+	return string(secret), nil
+}
diff --git a/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/servicefabric.go b/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/servicefabric.go
new file mode 100644
index 0000000000..535065e9d9
--- /dev/null
+++ b/vendor/github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity/servicefabric.go
@@ -0,0 +1,25 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+
+package managedidentity
+
+import (
+	"context"
+	"net/http"
+	"os"
+)
+
+func createServiceFabricAuthRequest(ctx context.Context, resource string) (*http.Request, error) {
+	identityEndpoint := os.Getenv(identityEndpointEnvVar)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, identityEndpoint, nil)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Accept", "application/json")
+	req.Header.Set("Secret", os.Getenv(identityHeaderEnvVar))
+	q := req.URL.Query()
+	q.Set("api-version", serviceFabricAPIVersion)
+	q.Set("resource", resource)
+	req.URL.RawQuery = q.Encode()
+	return req, nil
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/AUTHORS b/vendor/github.com/ProtonMail/go-crypto/AUTHORS
deleted file mode 100644
index 2b00ddba0d..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/AUTHORS
+++ /dev/null
@@ -1,3 +0,0 @@
-# This source code refers to The Go Authors for copyright purposes.
-# The master list of authors is in the main Go distribution,
-# visible at https://tip.golang.org/AUTHORS.
diff --git a/vendor/github.com/ProtonMail/go-crypto/CONTRIBUTORS b/vendor/github.com/ProtonMail/go-crypto/CONTRIBUTORS
deleted file mode 100644
index 1fbd3e976f..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/CONTRIBUTORS
+++ /dev/null
@@ -1,3 +0,0 @@
-# This source code was written by the Go contributors.
-# The master list of contributors is in the main Go distribution,
-# visible at https://tip.golang.org/CONTRIBUTORS.
diff --git a/vendor/github.com/ProtonMail/go-crypto/LICENSE b/vendor/github.com/ProtonMail/go-crypto/LICENSE
deleted file mode 100644
index 6a66aea5ea..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/LICENSE
+++ /dev/null
@@ -1,27 +0,0 @@
-Copyright (c) 2009 The Go Authors. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-   * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-   * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-   * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/ProtonMail/go-crypto/PATENTS b/vendor/github.com/ProtonMail/go-crypto/PATENTS
deleted file mode 100644
index 733099041f..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/PATENTS
+++ /dev/null
@@ -1,22 +0,0 @@
-Additional IP Rights Grant (Patents)
-
-"This implementation" means the copyrightable works distributed by
-Google as part of the Go project.
-
-Google hereby grants to You a perpetual, worldwide, non-exclusive,
-no-charge, royalty-free, irrevocable (except as stated in this section)
-patent license to make, have made, use, offer to sell, sell, import,
-transfer and otherwise run, modify and propagate the contents of this
-implementation of Go, where such license applies only to those patent
-claims, both currently owned or controlled by Google and acquired in
-the future, licensable by Google that are necessarily infringed by this
-implementation of Go.  This grant does not include claims that would be
-infringed only as a consequence of further modification of this
-implementation.  If you or your agent or exclusive licensee institute or
-order or agree to the institution of patent litigation against any
-entity (including a cross-claim or counterclaim in a lawsuit) alleging
-that this implementation of Go or any code incorporated within this
-implementation of Go constitutes direct or contributory patent
-infringement, or inducement of patent infringement, then any patent
-rights granted to you under this License for this implementation of Go
-shall terminate as of the date such litigation is filed.
diff --git a/vendor/github.com/ProtonMail/go-crypto/bitcurves/bitcurve.go b/vendor/github.com/ProtonMail/go-crypto/bitcurves/bitcurve.go
deleted file mode 100644
index c85e6befec..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/bitcurves/bitcurve.go
+++ /dev/null
@@ -1,381 +0,0 @@
-package bitcurves
-
-// Copyright 2010 The Go Authors. All rights reserved.
-// Copyright 2011 ThePiachu. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package bitelliptic implements several Koblitz elliptic curves over prime
-// fields.
-
-// This package operates, internally, on Jacobian coordinates. For a given
-// (x, y) position on the curve, the Jacobian coordinates are (x1, y1, z1)
-// where x = x1/z1² and y = y1/z1³. The greatest speedups come when the whole
-// calculation can be performed within the transform (as in ScalarMult and
-// ScalarBaseMult). But even for Add and Double, it's faster to apply and
-// reverse the transform than to operate in affine coordinates.
-
-import (
-	"crypto/elliptic"
-	"io"
-	"math/big"
-	"sync"
-)
-
-// A BitCurve represents a Koblitz Curve with a=0.
-// See http://www.hyperelliptic.org/EFD/g1p/auto-shortw.html
-type BitCurve struct {
-	Name    string
-	P       *big.Int // the order of the underlying field
-	N       *big.Int // the order of the base point
-	B       *big.Int // the constant of the BitCurve equation
-	Gx, Gy  *big.Int // (x,y) of the base point
-	BitSize int      // the size of the underlying field
-}
-
-// Params returns the parameters of the given BitCurve (see BitCurve struct)
-func (bitCurve *BitCurve) Params() (cp *elliptic.CurveParams) {
-	cp = new(elliptic.CurveParams)
-	cp.Name = bitCurve.Name
-	cp.P = bitCurve.P
-	cp.N = bitCurve.N
-	cp.Gx = bitCurve.Gx
-	cp.Gy = bitCurve.Gy
-	cp.BitSize = bitCurve.BitSize
-	return cp
-}
-
-// IsOnCurve returns true if the given (x,y) lies on the BitCurve.
-func (bitCurve *BitCurve) IsOnCurve(x, y *big.Int) bool {
-	// y² = x³ + b
-	y2 := new(big.Int).Mul(y, y) //y²
-	y2.Mod(y2, bitCurve.P)       //y²%P
-
-	x3 := new(big.Int).Mul(x, x) //x²
-	x3.Mul(x3, x)                //x³
-
-	x3.Add(x3, bitCurve.B) //x³+B
-	x3.Mod(x3, bitCurve.P) //(x³+B)%P
-
-	return x3.Cmp(y2) == 0
-}
-
-// affineFromJacobian reverses the Jacobian transform. See the comment at the
-// top of the file.
-func (bitCurve *BitCurve) affineFromJacobian(x, y, z *big.Int) (xOut, yOut *big.Int) {
-	if z.Cmp(big.NewInt(0)) == 0 {
-		panic("bitcurve: Can't convert to affine with Jacobian Z = 0")
-	}
-	// x = YZ^2 mod P
-	zinv := new(big.Int).ModInverse(z, bitCurve.P)
-	zinvsq := new(big.Int).Mul(zinv, zinv)
-
-	xOut = new(big.Int).Mul(x, zinvsq)
-	xOut.Mod(xOut, bitCurve.P)
-	// y = YZ^3 mod P
-	zinvsq.Mul(zinvsq, zinv)
-	yOut = new(big.Int).Mul(y, zinvsq)
-	yOut.Mod(yOut, bitCurve.P)
-	return xOut, yOut
-}
-
-// Add returns the sum of (x1,y1) and (x2,y2)
-func (bitCurve *BitCurve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int) {
-	z := new(big.Int).SetInt64(1)
-	x, y, z := bitCurve.addJacobian(x1, y1, z, x2, y2, z)
-	return bitCurve.affineFromJacobian(x, y, z)
-}
-
-// addJacobian takes two points in Jacobian coordinates, (x1, y1, z1) and
-// (x2, y2, z2) and returns their sum, also in Jacobian form.
-func (bitCurve *BitCurve) addJacobian(x1, y1, z1, x2, y2, z2 *big.Int) (*big.Int, *big.Int, *big.Int) {
-	// See http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-2007-bl
-	z1z1 := new(big.Int).Mul(z1, z1)
-	z1z1.Mod(z1z1, bitCurve.P)
-	z2z2 := new(big.Int).Mul(z2, z2)
-	z2z2.Mod(z2z2, bitCurve.P)
-
-	u1 := new(big.Int).Mul(x1, z2z2)
-	u1.Mod(u1, bitCurve.P)
-	u2 := new(big.Int).Mul(x2, z1z1)
-	u2.Mod(u2, bitCurve.P)
-	h := new(big.Int).Sub(u2, u1)
-	if h.Sign() == -1 {
-		h.Add(h, bitCurve.P)
-	}
-	i := new(big.Int).Lsh(h, 1)
-	i.Mul(i, i)
-	j := new(big.Int).Mul(h, i)
-
-	s1 := new(big.Int).Mul(y1, z2)
-	s1.Mul(s1, z2z2)
-	s1.Mod(s1, bitCurve.P)
-	s2 := new(big.Int).Mul(y2, z1)
-	s2.Mul(s2, z1z1)
-	s2.Mod(s2, bitCurve.P)
-	r := new(big.Int).Sub(s2, s1)
-	if r.Sign() == -1 {
-		r.Add(r, bitCurve.P)
-	}
-	r.Lsh(r, 1)
-	v := new(big.Int).Mul(u1, i)
-
-	x3 := new(big.Int).Set(r)
-	x3.Mul(x3, x3)
-	x3.Sub(x3, j)
-	x3.Sub(x3, v)
-	x3.Sub(x3, v)
-	x3.Mod(x3, bitCurve.P)
-
-	y3 := new(big.Int).Set(r)
-	v.Sub(v, x3)
-	y3.Mul(y3, v)
-	s1.Mul(s1, j)
-	s1.Lsh(s1, 1)
-	y3.Sub(y3, s1)
-	y3.Mod(y3, bitCurve.P)
-
-	z3 := new(big.Int).Add(z1, z2)
-	z3.Mul(z3, z3)
-	z3.Sub(z3, z1z1)
-	if z3.Sign() == -1 {
-		z3.Add(z3, bitCurve.P)
-	}
-	z3.Sub(z3, z2z2)
-	if z3.Sign() == -1 {
-		z3.Add(z3, bitCurve.P)
-	}
-	z3.Mul(z3, h)
-	z3.Mod(z3, bitCurve.P)
-
-	return x3, y3, z3
-}
-
-// Double returns 2*(x,y)
-func (bitCurve *BitCurve) Double(x1, y1 *big.Int) (*big.Int, *big.Int) {
-	z1 := new(big.Int).SetInt64(1)
-	return bitCurve.affineFromJacobian(bitCurve.doubleJacobian(x1, y1, z1))
-}
-
-// doubleJacobian takes a point in Jacobian coordinates, (x, y, z), and
-// returns its double, also in Jacobian form.
-func (bitCurve *BitCurve) doubleJacobian(x, y, z *big.Int) (*big.Int, *big.Int, *big.Int) {
-	// See http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#doubling-dbl-2009-l
-
-	a := new(big.Int).Mul(x, x) //X1²
-	b := new(big.Int).Mul(y, y) //Y1²
-	c := new(big.Int).Mul(b, b) //B²
-
-	d := new(big.Int).Add(x, b) //X1+B
-	d.Mul(d, d)                 //(X1+B)²
-	d.Sub(d, a)                 //(X1+B)²-A
-	d.Sub(d, c)                 //(X1+B)²-A-C
-	d.Mul(d, big.NewInt(2))     //2*((X1+B)²-A-C)
-
-	e := new(big.Int).Mul(big.NewInt(3), a) //3*A
-	f := new(big.Int).Mul(e, e)             //E²
-
-	x3 := new(big.Int).Mul(big.NewInt(2), d) //2*D
-	x3.Sub(f, x3)                            //F-2*D
-	x3.Mod(x3, bitCurve.P)
-
-	y3 := new(big.Int).Sub(d, x3)                  //D-X3
-	y3.Mul(e, y3)                                  //E*(D-X3)
-	y3.Sub(y3, new(big.Int).Mul(big.NewInt(8), c)) //E*(D-X3)-8*C
-	y3.Mod(y3, bitCurve.P)
-
-	z3 := new(big.Int).Mul(y, z) //Y1*Z1
-	z3.Mul(big.NewInt(2), z3)    //3*Y1*Z1
-	z3.Mod(z3, bitCurve.P)
-
-	return x3, y3, z3
-}
-
-// TODO: double check if it is okay
-// ScalarMult returns k*(Bx,By) where k is a number in big-endian form.
-func (bitCurve *BitCurve) ScalarMult(Bx, By *big.Int, k []byte) (*big.Int, *big.Int) {
-	// We have a slight problem in that the identity of the group (the
-	// point at infinity) cannot be represented in (x, y) form on a finite
-	// machine. Thus the standard add/double algorithm has to be tweaked
-	// slightly: our initial state is not the identity, but x, and we
-	// ignore the first true bit in |k|.  If we don't find any true bits in
-	// |k|, then we return nil, nil, because we cannot return the identity
-	// element.
-
-	Bz := new(big.Int).SetInt64(1)
-	x := Bx
-	y := By
-	z := Bz
-
-	seenFirstTrue := false
-	for _, byte := range k {
-		for bitNum := 0; bitNum < 8; bitNum++ {
-			if seenFirstTrue {
-				x, y, z = bitCurve.doubleJacobian(x, y, z)
-			}
-			if byte&0x80 == 0x80 {
-				if !seenFirstTrue {
-					seenFirstTrue = true
-				} else {
-					x, y, z = bitCurve.addJacobian(Bx, By, Bz, x, y, z)
-				}
-			}
-			byte <<= 1
-		}
-	}
-
-	if !seenFirstTrue {
-		return nil, nil
-	}
-
-	return bitCurve.affineFromJacobian(x, y, z)
-}
-
-// ScalarBaseMult returns k*G, where G is the base point of the group and k is
-// an integer in big-endian form.
-func (bitCurve *BitCurve) ScalarBaseMult(k []byte) (*big.Int, *big.Int) {
-	return bitCurve.ScalarMult(bitCurve.Gx, bitCurve.Gy, k)
-}
-
-var mask = []byte{0xff, 0x1, 0x3, 0x7, 0xf, 0x1f, 0x3f, 0x7f}
-
-// TODO: double check if it is okay
-// GenerateKey returns a public/private key pair. The private key is generated
-// using the given reader, which must return random data.
-func (bitCurve *BitCurve) GenerateKey(rand io.Reader) (priv []byte, x, y *big.Int, err error) {
-	byteLen := (bitCurve.BitSize + 7) >> 3
-	priv = make([]byte, byteLen)
-
-	for x == nil {
-		_, err = io.ReadFull(rand, priv)
-		if err != nil {
-			return
-		}
-		// We have to mask off any excess bits in the case that the size of the
-		// underlying field is not a whole number of bytes.
-		priv[0] &= mask[bitCurve.BitSize%8]
-		// This is because, in tests, rand will return all zeros and we don't
-		// want to get the point at infinity and loop forever.
-		priv[1] ^= 0x42
-		x, y = bitCurve.ScalarBaseMult(priv)
-	}
-	return
-}
-
-// Marshal converts a point into the form specified in section 4.3.6 of ANSI
-// X9.62.
-func (bitCurve *BitCurve) Marshal(x, y *big.Int) []byte {
-	byteLen := (bitCurve.BitSize + 7) >> 3
-
-	ret := make([]byte, 1+2*byteLen)
-	ret[0] = 4 // uncompressed point
-
-	xBytes := x.Bytes()
-	copy(ret[1+byteLen-len(xBytes):], xBytes)
-	yBytes := y.Bytes()
-	copy(ret[1+2*byteLen-len(yBytes):], yBytes)
-	return ret
-}
-
-// Unmarshal converts a point, serialised by Marshal, into an x, y pair. On
-// error, x = nil.
-func (bitCurve *BitCurve) Unmarshal(data []byte) (x, y *big.Int) {
-	byteLen := (bitCurve.BitSize + 7) >> 3
-	if len(data) != 1+2*byteLen {
-		return
-	}
-	if data[0] != 4 { // uncompressed form
-		return
-	}
-	x = new(big.Int).SetBytes(data[1 : 1+byteLen])
-	y = new(big.Int).SetBytes(data[1+byteLen:])
-	return
-}
-
-//curve parameters taken from:
-//http://www.secg.org/collateral/sec2_final.pdf
-
-var initonce sync.Once
-var secp160k1 *BitCurve
-var secp192k1 *BitCurve
-var secp224k1 *BitCurve
-var secp256k1 *BitCurve
-
-func initAll() {
-	initS160()
-	initS192()
-	initS224()
-	initS256()
-}
-
-func initS160() {
-	// See SEC 2 section 2.4.1
-	secp160k1 = new(BitCurve)
-	secp160k1.Name = "secp160k1"
-	secp160k1.P, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", 16)
-	secp160k1.N, _ = new(big.Int).SetString("0100000000000000000001B8FA16DFAB9ACA16B6B3", 16)
-	secp160k1.B, _ = new(big.Int).SetString("0000000000000000000000000000000000000007", 16)
-	secp160k1.Gx, _ = new(big.Int).SetString("3B4C382CE37AA192A4019E763036F4F5DD4D7EBB", 16)
-	secp160k1.Gy, _ = new(big.Int).SetString("938CF935318FDCED6BC28286531733C3F03C4FEE", 16)
-	secp160k1.BitSize = 160
-}
-
-func initS192() {
-	// See SEC 2 section 2.5.1
-	secp192k1 = new(BitCurve)
-	secp192k1.Name = "secp192k1"
-	secp192k1.P, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37", 16)
-	secp192k1.N, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D", 16)
-	secp192k1.B, _ = new(big.Int).SetString("000000000000000000000000000000000000000000000003", 16)
-	secp192k1.Gx, _ = new(big.Int).SetString("DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D", 16)
-	secp192k1.Gy, _ = new(big.Int).SetString("9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D", 16)
-	secp192k1.BitSize = 192
-}
-
-func initS224() {
-	// See SEC 2 section 2.6.1
-	secp224k1 = new(BitCurve)
-	secp224k1.Name = "secp224k1"
-	secp224k1.P, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", 16)
-	secp224k1.N, _ = new(big.Int).SetString("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7", 16)
-	secp224k1.B, _ = new(big.Int).SetString("00000000000000000000000000000000000000000000000000000005", 16)
-	secp224k1.Gx, _ = new(big.Int).SetString("A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", 16)
-	secp224k1.Gy, _ = new(big.Int).SetString("7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", 16)
-	secp224k1.BitSize = 224
-}
-
-func initS256() {
-	// See SEC 2 section 2.7.1
-	secp256k1 = new(BitCurve)
-	secp256k1.Name = "secp256k1"
-	secp256k1.P, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", 16)
-	secp256k1.N, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", 16)
-	secp256k1.B, _ = new(big.Int).SetString("0000000000000000000000000000000000000000000000000000000000000007", 16)
-	secp256k1.Gx, _ = new(big.Int).SetString("79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", 16)
-	secp256k1.Gy, _ = new(big.Int).SetString("483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", 16)
-	secp256k1.BitSize = 256
-}
-
-// S160 returns a BitCurve which implements secp160k1 (see SEC 2 section 2.4.1)
-func S160() *BitCurve {
-	initonce.Do(initAll)
-	return secp160k1
-}
-
-// S192 returns a BitCurve which implements secp192k1 (see SEC 2 section 2.5.1)
-func S192() *BitCurve {
-	initonce.Do(initAll)
-	return secp192k1
-}
-
-// S224 returns a BitCurve which implements secp224k1 (see SEC 2 section 2.6.1)
-func S224() *BitCurve {
-	initonce.Do(initAll)
-	return secp224k1
-}
-
-// S256 returns a BitCurve which implements bitcurves (see SEC 2 section 2.7.1)
-func S256() *BitCurve {
-	initonce.Do(initAll)
-	return secp256k1
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/brainpool/brainpool.go b/vendor/github.com/ProtonMail/go-crypto/brainpool/brainpool.go
deleted file mode 100644
index cb6676de24..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/brainpool/brainpool.go
+++ /dev/null
@@ -1,134 +0,0 @@
-// Package brainpool implements Brainpool elliptic curves.
-// Implementation of rcurves is from github.com/ebfe/brainpool
-// Note that these curves are implemented with naive, non-constant time operations
-// and are likely not suitable for environments where timing attacks are a concern.
-package brainpool
-
-import (
-	"crypto/elliptic"
-	"math/big"
-	"sync"
-)
-
-var (
-	once                   sync.Once
-	p256t1, p384t1, p512t1 *elliptic.CurveParams
-	p256r1, p384r1, p512r1 *rcurve
-)
-
-func initAll() {
-	initP256t1()
-	initP384t1()
-	initP512t1()
-	initP256r1()
-	initP384r1()
-	initP512r1()
-}
-
-func initP256t1() {
-	p256t1 = &elliptic.CurveParams{Name: "brainpoolP256t1"}
-	p256t1.P, _ = new(big.Int).SetString("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", 16)
-	p256t1.N, _ = new(big.Int).SetString("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", 16)
-	p256t1.B, _ = new(big.Int).SetString("662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", 16)
-	p256t1.Gx, _ = new(big.Int).SetString("A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4", 16)
-	p256t1.Gy, _ = new(big.Int).SetString("2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE", 16)
-	p256t1.BitSize = 256
-}
-
-func initP256r1() {
-	twisted := p256t1
-	params := &elliptic.CurveParams{
-		Name:    "brainpoolP256r1",
-		P:       twisted.P,
-		N:       twisted.N,
-		BitSize: twisted.BitSize,
-	}
-	params.Gx, _ = new(big.Int).SetString("8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", 16)
-	params.Gy, _ = new(big.Int).SetString("547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", 16)
-	z, _ := new(big.Int).SetString("3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0", 16)
-	p256r1 = newrcurve(twisted, params, z)
-}
-
-func initP384t1() {
-	p384t1 = &elliptic.CurveParams{Name: "brainpoolP384t1"}
-	p384t1.P, _ = new(big.Int).SetString("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", 16)
-	p384t1.N, _ = new(big.Int).SetString("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", 16)
-	p384t1.B, _ = new(big.Int).SetString("7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", 16)
-	p384t1.Gx, _ = new(big.Int).SetString("18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC", 16)
-	p384t1.Gy, _ = new(big.Int).SetString("25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928", 16)
-	p384t1.BitSize = 384
-}
-
-func initP384r1() {
-	twisted := p384t1
-	params := &elliptic.CurveParams{
-		Name:    "brainpoolP384r1",
-		P:       twisted.P,
-		N:       twisted.N,
-		BitSize: twisted.BitSize,
-	}
-	params.Gx, _ = new(big.Int).SetString("1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E", 16)
-	params.Gy, _ = new(big.Int).SetString("8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315", 16)
-	z, _ := new(big.Int).SetString("41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C", 16)
-	p384r1 = newrcurve(twisted, params, z)
-}
-
-func initP512t1() {
-	p512t1 = &elliptic.CurveParams{Name: "brainpoolP512t1"}
-	p512t1.P, _ = new(big.Int).SetString("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16)
-	p512t1.N, _ = new(big.Int).SetString("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16)
-	p512t1.B, _ = new(big.Int).SetString("7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", 16)
-	p512t1.Gx, _ = new(big.Int).SetString("640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA", 16)
-	p512t1.Gy, _ = new(big.Int).SetString("5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332", 16)
-	p512t1.BitSize = 512
-}
-
-func initP512r1() {
-	twisted := p512t1
-	params := &elliptic.CurveParams{
-		Name:    "brainpoolP512r1",
-		P:       twisted.P,
-		N:       twisted.N,
-		BitSize: twisted.BitSize,
-	}
-	params.Gx, _ = new(big.Int).SetString("81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822", 16)
-	params.Gy, _ = new(big.Int).SetString("7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892", 16)
-	z, _ := new(big.Int).SetString("12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB", 16)
-	p512r1 = newrcurve(twisted, params, z)
-}
-
-// P256t1 returns a Curve which implements Brainpool P256t1 (see RFC 5639, section 3.4)
-func P256t1() elliptic.Curve {
-	once.Do(initAll)
-	return p256t1
-}
-
-// P256r1 returns a Curve which implements Brainpool P256r1 (see RFC 5639, section 3.4)
-func P256r1() elliptic.Curve {
-	once.Do(initAll)
-	return p256r1
-}
-
-// P384t1 returns a Curve which implements Brainpool P384t1 (see RFC 5639, section 3.6)
-func P384t1() elliptic.Curve {
-	once.Do(initAll)
-	return p384t1
-}
-
-// P384r1 returns a Curve which implements Brainpool P384r1 (see RFC 5639, section 3.6)
-func P384r1() elliptic.Curve {
-	once.Do(initAll)
-	return p384r1
-}
-
-// P512t1 returns a Curve which implements Brainpool P512t1 (see RFC 5639, section 3.7)
-func P512t1() elliptic.Curve {
-	once.Do(initAll)
-	return p512t1
-}
-
-// P512r1 returns a Curve which implements Brainpool P512r1 (see RFC 5639, section 3.7)
-func P512r1() elliptic.Curve {
-	once.Do(initAll)
-	return p512r1
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/brainpool/rcurve.go b/vendor/github.com/ProtonMail/go-crypto/brainpool/rcurve.go
deleted file mode 100644
index 7e291d6aa4..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/brainpool/rcurve.go
+++ /dev/null
@@ -1,83 +0,0 @@
-package brainpool
-
-import (
-	"crypto/elliptic"
-	"math/big"
-)
-
-var _ elliptic.Curve = (*rcurve)(nil)
-
-type rcurve struct {
-	twisted elliptic.Curve
-	params  *elliptic.CurveParams
-	z       *big.Int
-	zinv    *big.Int
-	z2      *big.Int
-	z3      *big.Int
-	zinv2   *big.Int
-	zinv3   *big.Int
-}
-
-var (
-	two   = big.NewInt(2)
-	three = big.NewInt(3)
-)
-
-func newrcurve(twisted elliptic.Curve, params *elliptic.CurveParams, z *big.Int) *rcurve {
-	zinv := new(big.Int).ModInverse(z, params.P)
-	return &rcurve{
-		twisted: twisted,
-		params:  params,
-		z:       z,
-		zinv:    zinv,
-		z2:      new(big.Int).Exp(z, two, params.P),
-		z3:      new(big.Int).Exp(z, three, params.P),
-		zinv2:   new(big.Int).Exp(zinv, two, params.P),
-		zinv3:   new(big.Int).Exp(zinv, three, params.P),
-	}
-}
-
-func (curve *rcurve) toTwisted(x, y *big.Int) (*big.Int, *big.Int) {
-	var tx, ty big.Int
-	tx.Mul(x, curve.z2)
-	tx.Mod(&tx, curve.params.P)
-	ty.Mul(y, curve.z3)
-	ty.Mod(&ty, curve.params.P)
-	return &tx, &ty
-}
-
-func (curve *rcurve) fromTwisted(tx, ty *big.Int) (*big.Int, *big.Int) {
-	var x, y big.Int
-	x.Mul(tx, curve.zinv2)
-	x.Mod(&x, curve.params.P)
-	y.Mul(ty, curve.zinv3)
-	y.Mod(&y, curve.params.P)
-	return &x, &y
-}
-
-func (curve *rcurve) Params() *elliptic.CurveParams {
-	return curve.params
-}
-
-func (curve *rcurve) IsOnCurve(x, y *big.Int) bool {
-	return curve.twisted.IsOnCurve(curve.toTwisted(x, y))
-}
-
-func (curve *rcurve) Add(x1, y1, x2, y2 *big.Int) (x, y *big.Int) {
-	tx1, ty1 := curve.toTwisted(x1, y1)
-	tx2, ty2 := curve.toTwisted(x2, y2)
-	return curve.fromTwisted(curve.twisted.Add(tx1, ty1, tx2, ty2))
-}
-
-func (curve *rcurve) Double(x1, y1 *big.Int) (x, y *big.Int) {
-	return curve.fromTwisted(curve.twisted.Double(curve.toTwisted(x1, y1)))
-}
-
-func (curve *rcurve) ScalarMult(x1, y1 *big.Int, scalar []byte) (x, y *big.Int) {
-	tx1, ty1 := curve.toTwisted(x1, y1)
-	return curve.fromTwisted(curve.twisted.ScalarMult(tx1, ty1, scalar))
-}
-
-func (curve *rcurve) ScalarBaseMult(scalar []byte) (x, y *big.Int) {
-	return curve.fromTwisted(curve.twisted.ScalarBaseMult(scalar))
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/eax/eax.go b/vendor/github.com/ProtonMail/go-crypto/eax/eax.go
deleted file mode 100644
index 3ae91d594c..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/eax/eax.go
+++ /dev/null
@@ -1,162 +0,0 @@
-// Copyright (C) 2019 ProtonTech AG
-
-// Package eax provides an implementation of the EAX
-// (encrypt-authenticate-translate) mode of operation, as described in
-// Bellare, Rogaway, and Wagner "THE EAX MODE OF OPERATION: A TWO-PASS
-// AUTHENTICATED-ENCRYPTION SCHEME OPTIMIZED FOR SIMPLICITY AND EFFICIENCY."
-// In FSE'04, volume 3017 of LNCS, 2004
-package eax
-
-import (
-	"crypto/cipher"
-	"crypto/subtle"
-	"errors"
-	"github.com/ProtonMail/go-crypto/internal/byteutil"
-)
-
-const (
-	defaultTagSize   = 16
-	defaultNonceSize = 16
-)
-
-type eax struct {
-	block     cipher.Block // Only AES-{128, 192, 256} supported
-	tagSize   int          // At least 12 bytes recommended
-	nonceSize int
-}
-
-func (e *eax) NonceSize() int {
-	return e.nonceSize
-}
-
-func (e *eax) Overhead() int {
-	return e.tagSize
-}
-
-// NewEAX returns an EAX instance with AES-{KEYLENGTH} and default nonce and
-// tag lengths. Supports {128, 192, 256}- bit key length.
-func NewEAX(block cipher.Block) (cipher.AEAD, error) {
-	return NewEAXWithNonceAndTagSize(block, defaultNonceSize, defaultTagSize)
-}
-
-// NewEAXWithNonceAndTagSize returns an EAX instance with AES-{keyLength} and
-// given nonce and tag lengths in bytes. Panics on zero nonceSize and
-// exceedingly long tags.
-//
-// It is recommended to use at least 12 bytes as tag length (see, for instance,
-// NIST SP 800-38D).
-//
-// Only to be used for compatibility with existing cryptosystems with
-// non-standard parameters. For all other cases, prefer NewEAX.
-func NewEAXWithNonceAndTagSize(
-	block cipher.Block, nonceSize, tagSize int) (cipher.AEAD, error) {
-	if nonceSize < 1 {
-		return nil, eaxError("Cannot initialize EAX with nonceSize = 0")
-	}
-	if tagSize > block.BlockSize() {
-		return nil, eaxError("Custom tag length exceeds blocksize")
-	}
-	return &eax{
-		block:     block,
-		tagSize:   tagSize,
-		nonceSize: nonceSize,
-	}, nil
-}
-
-func (e *eax) Seal(dst, nonce, plaintext, adata []byte) []byte {
-	if len(nonce) > e.nonceSize {
-		panic("crypto/eax: Nonce too long for this instance")
-	}
-	ret, out := byteutil.SliceForAppend(dst, len(plaintext)+e.tagSize)
-	omacNonce := e.omacT(0, nonce)
-	omacAdata := e.omacT(1, adata)
-
-	// Encrypt message using CTR mode and omacNonce as IV
-	ctr := cipher.NewCTR(e.block, omacNonce)
-	ciphertextData := out[:len(plaintext)]
-	ctr.XORKeyStream(ciphertextData, plaintext)
-
-	omacCiphertext := e.omacT(2, ciphertextData)
-
-	tag := out[len(plaintext):]
-	for i := 0; i < e.tagSize; i++ {
-		tag[i] = omacCiphertext[i] ^ omacNonce[i] ^ omacAdata[i]
-	}
-	return ret
-}
-
-func (e *eax) Open(dst, nonce, ciphertext, adata []byte) ([]byte, error) {
-	if len(nonce) > e.nonceSize {
-		panic("crypto/eax: Nonce too long for this instance")
-	}
-	if len(ciphertext) < e.tagSize {
-		return nil, eaxError("Ciphertext shorter than tag length")
-	}
-	sep := len(ciphertext) - e.tagSize
-
-	// Compute tag
-	omacNonce := e.omacT(0, nonce)
-	omacAdata := e.omacT(1, adata)
-	omacCiphertext := e.omacT(2, ciphertext[:sep])
-
-	tag := make([]byte, e.tagSize)
-	for i := 0; i < e.tagSize; i++ {
-		tag[i] = omacCiphertext[i] ^ omacNonce[i] ^ omacAdata[i]
-	}
-
-	// Compare tags
-	if subtle.ConstantTimeCompare(ciphertext[sep:], tag) != 1 {
-		return nil, eaxError("Tag authentication failed")
-	}
-
-	// Decrypt ciphertext
-	ret, out := byteutil.SliceForAppend(dst, len(ciphertext))
-	ctr := cipher.NewCTR(e.block, omacNonce)
-	ctr.XORKeyStream(out, ciphertext[:sep])
-
-	return ret[:sep], nil
-}
-
-// Tweakable OMAC - Calls OMAC_K([t]_n || plaintext)
-func (e *eax) omacT(t byte, plaintext []byte) []byte {
-	blockSize := e.block.BlockSize()
-	byteT := make([]byte, blockSize)
-	byteT[blockSize-1] = t
-	concat := append(byteT, plaintext...)
-	return e.omac(concat)
-}
-
-func (e *eax) omac(plaintext []byte) []byte {
-	blockSize := e.block.BlockSize()
-	// L ← E_K(0^n); B ← 2L; P ← 4L
-	L := make([]byte, blockSize)
-	e.block.Encrypt(L, L)
-	B := byteutil.GfnDouble(L)
-	P := byteutil.GfnDouble(B)
-
-	// CBC with IV = 0
-	cbc := cipher.NewCBCEncrypter(e.block, make([]byte, blockSize))
-	padded := e.pad(plaintext, B, P)
-	cbcCiphertext := make([]byte, len(padded))
-	cbc.CryptBlocks(cbcCiphertext, padded)
-
-	return cbcCiphertext[len(cbcCiphertext)-blockSize:]
-}
-
-func (e *eax) pad(plaintext, B, P []byte) []byte {
-	// if |M| in {n, 2n, 3n, ...}
-	blockSize := e.block.BlockSize()
-	if len(plaintext) != 0 && len(plaintext)%blockSize == 0 {
-		return byteutil.RightXor(plaintext, B)
-	}
-
-	// else return (M || 1 || 0^(n−1−(|M| % n))) xor→ P
-	ending := make([]byte, blockSize-len(plaintext)%blockSize)
-	ending[0] = 0x80
-	padded := append(plaintext, ending...)
-	return byteutil.RightXor(padded, P)
-}
-
-func eaxError(err string) error {
-	return errors.New("crypto/eax: " + err)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/eax/eax_test_vectors.go b/vendor/github.com/ProtonMail/go-crypto/eax/eax_test_vectors.go
deleted file mode 100644
index ddb53d0790..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/eax/eax_test_vectors.go
+++ /dev/null
@@ -1,58 +0,0 @@
-package eax
-
-// Test vectors from
-// https://web.cs.ucdavis.edu/~rogaway/papers/eax.pdf
-var testVectors = []struct {
-	msg, key, nonce, header, ciphertext string
-}{
-	{"",
-		"233952DEE4D5ED5F9B9C6D6FF80FF478",
-		"62EC67F9C3A4A407FCB2A8C49031A8B3",
-		"6BFB914FD07EAE6B",
-		"E037830E8389F27B025A2D6527E79D01"},
-	{"F7FB",
-		"91945D3F4DCBEE0BF45EF52255F095A4",
-		"BECAF043B0A23D843194BA972C66DEBD",
-		"FA3BFD4806EB53FA",
-		"19DD5C4C9331049D0BDAB0277408F67967E5"},
-	{"1A47CB4933",
-		"01F74AD64077F2E704C0F60ADA3DD523",
-		"70C3DB4F0D26368400A10ED05D2BFF5E",
-		"234A3463C1264AC6",
-		"D851D5BAE03A59F238A23E39199DC9266626C40F80"},
-	{"481C9E39B1",
-		"D07CF6CBB7F313BDDE66B727AFD3C5E8",
-		"8408DFFF3C1A2B1292DC199E46B7D617",
-		"33CCE2EABFF5A79D",
-		"632A9D131AD4C168A4225D8E1FF755939974A7BEDE"},
-	{"40D0C07DA5E4",
-		"35B6D0580005BBC12B0587124557D2C2",
-		"FDB6B06676EEDC5C61D74276E1F8E816",
-		"AEB96EAEBE2970E9",
-		"071DFE16C675CB0677E536F73AFE6A14B74EE49844DD"},
-	{"4DE3B35C3FC039245BD1FB7D",
-		"BD8E6E11475E60B268784C38C62FEB22",
-		"6EAC5C93072D8E8513F750935E46DA1B",
-		"D4482D1CA78DCE0F",
-		"835BB4F15D743E350E728414ABB8644FD6CCB86947C5E10590210A4F"},
-	{"8B0A79306C9CE7ED99DAE4F87F8DD61636",
-		"7C77D6E813BED5AC98BAA417477A2E7D",
-		"1A8C98DCD73D38393B2BF1569DEEFC19",
-		"65D2017990D62528",
-		"02083E3979DA014812F59F11D52630DA30137327D10649B0AA6E1C181DB617D7F2"},
-	{"1BDA122BCE8A8DBAF1877D962B8592DD2D56",
-		"5FFF20CAFAB119CA2FC73549E20F5B0D",
-		"DDE59B97D722156D4D9AFF2BC7559826",
-		"54B9F04E6A09189A",
-		"2EC47B2C4954A489AFC7BA4897EDCDAE8CC33B60450599BD02C96382902AEF7F832A"},
-	{"6CF36720872B8513F6EAB1A8A44438D5EF11",
-		"A4A4782BCFFD3EC5E7EF6D8C34A56123",
-		"B781FCF2F75FA5A8DE97A9CA48E522EC",
-		"899A175897561D7E",
-		"0DE18FD0FDD91E7AF19F1D8EE8733938B1E8E7F6D2231618102FDB7FE55FF1991700"},
-	{"CA40D7446E545FFAED3BD12A740A659FFBBB3CEAB7",
-		"8395FCF1E95BEBD697BD010BC766AAC3",
-		"22E7ADD93CFC6393C57EC0B3C17D6B44",
-		"126735FCC320D25A",
-		"CB8920F87A6C75CFF39627B56E3ED197C552D295A7CFC46AFC253B4652B1AF3795B124AB6E"},
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/eax/random_vectors.go b/vendor/github.com/ProtonMail/go-crypto/eax/random_vectors.go
deleted file mode 100644
index 4eb19f28d9..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/eax/random_vectors.go
+++ /dev/null
@@ -1,131 +0,0 @@
-// These vectors include key length in {128, 192, 256}, tag size 128, and
-// random nonce, header, and plaintext lengths.
-
-// This file was automatically generated.
-
-package eax
-
-var randomVectors = []struct {
-	key, nonce, header, plaintext, ciphertext string
-}{
-	{"DFDE093F36B0356E5A81F609786982E3",
-		"1D8AC604419001816905BA72B14CED7E",
-		"152A1517A998D7A24163FCDD146DE81AC347C8B97088F502093C1ABB8F6E33D9A219C34D7603A18B1F5ABE02E56661B7D7F67E81EC08C1302EF38D80A859486D450E94A4F26AD9E68EEBBC0C857A0FC5CF9E641D63D565A7E361BC8908F5A8DC8FD6",
-		"1C8EAAB71077FE18B39730A3156ADE29C5EE824C7EE86ED2A253B775603FB237116E654F6FEC588DD27F523A0E01246FE73FE348491F2A8E9ABC6CA58D663F71CDBCF4AD798BE46C42AE6EE8B599DB44A1A48D7BBBBA0F7D2750181E1C5E66967F7D57CBD30AFBDA5727",
-		"79E7E150934BBEBF7013F61C60462A14D8B15AF7A248AFB8A344EF021C1500E16666891D6E973D8BB56B71A371F12CA34660C4410C016982B20F547E3762A58B7BF4F20236CADCF559E2BE7D783B13723B2741FC7CDC8997D839E39A3DDD2BADB96743DD7049F1BDB0516A262869915B3F70498AFB7B191BF960"},
-	{"F10619EF02E5D94D7550EB84ED364A21",
-		"8DC0D4F2F745BBAE835CC5574B942D20",
-		"FE561358F2E8DF7E1024FF1AE9A8D36EBD01352214505CB99D644777A8A1F6027FA2BDBFC529A9B91136D5F2416CFC5F0F4EC3A1AFD32BDDA23CA504C5A5CB451785FABF4DFE4CD50D817491991A60615B30286361C100A95D1712F2A45F8E374461F4CA2B",
-		"D7B5A971FC219631D30EFC3664AE3127D9CF3097DAD9C24AC7905D15E8D9B25B026B31D68CAE00975CDB81EB1FD96FD5E1A12E2BB83FA25F1B1D91363457657FC03875C27F2946C5",
-		"2F336ED42D3CC38FC61660C4CD60BA4BD438B05F5965D8B7B399D2E7167F5D34F792D318F94DB15D67463AC449E13D568CC09BFCE32A35EE3EE96A041927680AE329811811E27F2D1E8E657707AF99BA96D13A478D695D59"},
-	{"429F514EFC64D98A698A9247274CFF45",
-		"976AA5EB072F912D126ACEBC954FEC38",
-		"A71D89DC5B6CEDBB7451A27C3C2CAE09126DB4C421",
-		"5632FE62AB1DC549D54D3BC3FC868ACCEDEFD9ECF5E9F8",
-		"848AE4306CA8C7F416F8707625B7F55881C0AB430353A5C967CDA2DA787F581A70E34DBEBB2385"},
-	{"398138F309085F47F8457CDF53895A63",
-		"F8A8A7F2D28E5FFF7BBC2F24353F7A36",
-		"5D633C21BA7764B8855CAB586F3746E236AD486039C83C6B56EFA9C651D38A41D6B20DAEE3418BFEA44B8BD6",
-		"A3BBAA91920AF5E10659818B1B3B300AC79BFC129C8329E75251F73A66D3AE0128EB91D5031E0A65C329DB7D1E9C0493E268",
-		"D078097267606E5FB07CFB7E2B4B718172A82C6A4CEE65D549A4DFB9838003BD2FBF64A7A66988AC1A632FD88F9E9FBB57C5A78AD2E086EACBA3DB68511D81C2970A"},
-	{"7A4151EBD3901B42CBA45DAFB2E931BA",
-		"0FC88ACEE74DD538040321C330974EB8",
-		"250464FB04733BAB934C59E6AD2D6AE8D662CBCFEFBE61E5A308D4211E58C4C25935B72C69107722E946BFCBF416796600542D76AEB73F2B25BF53BAF97BDEB36ED3A7A51C31E7F170EB897457E7C17571D1BA0A908954E9",
-		"88C41F3EBEC23FAB8A362D969CAC810FAD4F7CA6A7F7D0D44F060F92E37E1183768DD4A8C733F71C96058D362A39876D183B86C103DE",
-		"74A25B2182C51096D48A870D80F18E1CE15867778E34FCBA6BD7BFB3739FDCD42AD0F2D9F4EBA29085285C6048C15BCE5E5166F1F962D3337AA88E6062F05523029D0A7F0BF9"},
-	{"BFB147E1CD5459424F8C0271FC0E0DC5",
-		"EABCC126442BF373969EA3015988CC45",
-		"4C0880E1D71AA2C7",
-		"BE1B5EC78FBF73E7A6682B21BA7E0E5D2D1C7ABE",
-		"5660D7C1380E2F306895B1402CB2D6C37876504276B414D120F4CF92FDDDBB293A238EA0"},
-	{"595DD6F52D18BC2CA8EB4EDAA18D9FA3",
-		"0F84B5D36CF4BC3B863313AF3B4D2E97",
-		"30AE6CC5F99580F12A779D98BD379A60948020C0B6FBD5746B30BA3A15C6CD33DAF376C70A9F15B6C0EB410A93161F7958AE23",
-		"8EF3687A1642B070970B0B91462229D1D76ABC154D18211F7152AA9FF368",
-		"317C1DDB11417E5A9CC4DDE7FDFF6659A5AC4B31DE025212580A05CDAC6024D3E4AE7C2966E52B9129E9ECDBED86"},
-	{"44E6F2DC8FDC778AD007137D11410F50",
-		"270A237AD977F7187AA6C158A0BAB24F",
-		"509B0F0EB12E2AA5C5BA2DE553C07FAF4CE0C9E926531AA709A3D6224FCB783ACCF1559E10B1123EBB7D52E8AB54E6B5352A9ED0D04124BF0E9D9BACFD7E32B817B2E625F5EE94A64EDE9E470DE7FE6886C19B294F9F828209FE257A78",
-		"8B3D7815DF25618A5D0C55A601711881483878F113A12EC36CF64900549A3199555528559DC118F789788A55FAFD944E6E99A9CA3F72F238CD3F4D88223F7A745992B3FAED1848",
-		"1CC00D79F7AD82FDA71B58D286E5F34D0CC4CEF30704E771CC1E50746BDF83E182B078DB27149A42BAE619DF0F85B0B1090AD55D3B4471B0D6F6ECCD09C8F876B30081F0E7537A9624F8AAF29DA85E324122EFB4D68A56"},
-	{"BB7BC352A03044B4428D8DBB4B0701FDEC4649FD17B81452",
-		"8B4BBE26CCD9859DCD84884159D6B0A4",
-		"2212BEB0E78E0F044A86944CF33C8D5C80D9DBE1034BF3BCF73611835C7D3A52F5BD2D81B68FD681B68540A496EE5DA16FD8AC8824E60E1EC2042BE28FB0BFAD4E4B03596446BDD8C37D936D9B3D5295BE19F19CF5ACE1D33A46C952CE4DE5C12F92C1DD051E04AEED",
-		"9037234CC44FFF828FABED3A7084AF40FA7ABFF8E0C0EFB57A1CC361E18FC4FAC1AB54F3ABFE9FF77263ACE16C3A",
-		"A9391B805CCD956081E0B63D282BEA46E7025126F1C1631239C33E92AA6F92CD56E5A4C56F00FF9658E93D48AF4EF0EF81628E34AD4DB0CDAEDCD2A17EE7"},
-	{"99C0AD703196D2F60A74E6B378B838B31F82EA861F06FC4E",
-		"92745C018AA708ECFEB1667E9F3F1B01",
-		"828C69F376C0C0EC651C67749C69577D589EE39E51404D80EBF70C8660A8F5FD375473F4A7C611D59CB546A605D67446CE2AA844135FCD78BB5FBC90222A00D42920BB1D7EEDFB0C4672554F583EF23184F89063CDECBE482367B5F9AF3ACBC3AF61392BD94CBCD9B64677",
-		"A879214658FD0A5B0E09836639BF82E05EC7A5EF71D4701934BDA228435C68AC3D5CEB54997878B06A655EEACEFB1345C15867E7FE6C6423660C8B88DF128EBD6BCD85118DBAE16E9252FFB204324E5C8F38CA97759BDBF3CB0083",
-		"51FE87996F194A2585E438B023B345439EA60D1AEBED4650CDAF48A4D4EEC4FC77DC71CC4B09D3BEEF8B7B7AF716CE2B4EFFB3AC9E6323C18AC35E0AA6E2BBBC8889490EB6226C896B0D105EAB42BFE7053CCF00ED66BA94C1BA09A792AA873F0C3B26C5C5F9A936E57B25"},
-	{"7086816D00D648FB8304AA8C9E552E1B69A9955FB59B25D1",
-		"0F45CF7F0BF31CCEB85D9DA10F4D749F",
-		"93F27C60A417D9F0669E86ACC784FC8917B502DAF30A6338F11B30B94D74FEFE2F8BE1BBE2EAD10FAB7EED3C6F72B7C3ECEE1937C32ED4970A6404E139209C05",
-		"877F046601F3CBE4FB1491943FA29487E738F94B99AF206262A1D6FF856C9AA0B8D4D08A54370C98F8E88FA3DCC2B14C1F76D71B2A4C7963AEE8AF960464C5BEC8357AD00DC8",
-		"FE96906B895CE6A8E72BC72344E2C8BB3C63113D70EAFA26C299BAFE77A8A6568172EB447FB3E86648A0AF3512DEB1AAC0819F3EC553903BF28A9FB0F43411237A774BF9EE03E445D280FBB9CD12B9BAAB6EF5E52691"},
-	{"062F65A896D5BF1401BADFF70E91B458E1F9BD4888CB2E4D",
-		"5B11EA1D6008EBB41CF892FCA5B943D1",
-		"BAF4FF5C8242",
-		"A8870E091238355984EB2F7D61A865B9170F440BFF999A5993DD41A10F4440D21FF948DDA2BF663B2E03AC3324492DC5E40262ECC6A65C07672353BE23E7FB3A9D79FF6AA38D97960905A38DECC312CB6A59E5467ECF06C311CD43ADC0B543EDF34FE8BE611F176460D5627CA51F8F8D9FED71F55C",
-		"B10E127A632172CF8AA7539B140D2C9C2590E6F28C3CB892FC498FCE56A34F732FBFF32E79C7B9747D9094E8635A0C084D6F0247F9768FB5FF83493799A9BEC6C39572120C40E9292C8C947AE8573462A9108C36D9D7112E6995AE5867E6C8BB387D1C5D4BEF524F391B9FD9F0A3B4BFA079E915BCD920185CFD38D114C558928BD7D47877"},
-	{"38A8E45D6D705A11AF58AED5A1344896998EACF359F2E26A",
-		"FD82B5B31804FF47D44199B533D0CF84",
-		"DE454D4E62FE879F2050EE3E25853623D3E9AC52EEC1A1779A48CFAF5ECA0BFDE44749391866D1",
-		"B804",
-		"164BB965C05EBE0931A1A63293EDF9C38C27"},
-	{"34C33C97C6D7A0850DA94D78A58DC61EC717CD7574833068",
-		"343BE00DA9483F05C14F2E9EB8EA6AE8",
-		"78312A43EFDE3CAE34A65796FF059A3FE15304EEA5CF1D9306949FE5BF3349D4977D4EBE76C040FE894C5949E4E4D6681153DA87FB9AC5062063CA2EA183566343362370944CE0362D25FC195E124FD60E8682E665D13F2229DDA3E4B2CB1DCA",
-		"CC11BB284B1153578E4A5ED9D937B869DAF00F5B1960C23455CA9CC43F486A3BE0B66254F1041F04FDF459C8640465B6E1D2CF899A381451E8E7FCB50CF87823BE77E24B132BBEEDC72E53369B275E1D8F49ECE59F4F215230AC4FE133FC80E4F634EE80BA4682B62C86",
-		"E7F703DC31A95E3A4919FF957836CB76C063D81702AEA4703E1C2BF30831E58C4609D626EC6810E12EAA5B930F049FF9EFC22C3E3F1EBD4A1FB285CB02A1AC5AD46B425199FC0A85670A5C4E3DAA9636C8F64C199F42F18AAC8EA7457FD377F322DD7752D7D01B946C8F0A97E6113F0D50106F319AFD291AAACE"},
-	{"C6ECF7F053573E403E61B83052A343D93CBCC179D1E835BE",
-		"E280E13D7367042E3AA09A80111B6184",
-		"21486C9D7A9647",
-		"5F2639AFA6F17931853791CD8C92382BBB677FD72D0AB1A080D0E49BFAA21810E963E4FACD422E92F65CBFAD5884A60CD94740DF31AF02F95AA57DA0C4401B0ED906",
-		"5C51DB20755302070C45F52E50128A67C8B2E4ED0EACB7E29998CCE2E8C289DD5655913EC1A51CC3AABE5CDC2402B2BE7D6D4BF6945F266FBD70BA9F37109067157AE7530678B45F64475D4EBFCB5FFF46A5"},
-	{"5EC6CF7401BC57B18EF154E8C38ACCA8959E57D2F3975FF5",
-		"656B41CB3F9CF8C08BAD7EBFC80BD225",
-		"6B817C2906E2AF425861A7EF59BA5801F143EE2A139EE72697CDE168B4",
-		"2C0E1DDC9B1E5389BA63845B18B1F8A1DB062037151BCC56EF7C21C0BB4DAE366636BBA975685D7CC5A94AFBE89C769016388C56FB7B57CE750A12B718A8BDCF70E80E8659A8330EFC8F86640F21735E8C80E23FE43ABF23507CE3F964AE4EC99D",
-		"ED780CF911E6D1AA8C979B889B0B9DC1ABE261832980BDBFB576901D9EF5AB8048998E31A15BE54B3E5845A4D136AD24D0BDA1C3006168DF2F8AC06729CB0818867398150020131D8F04EDF1923758C9EABB5F735DE5EA1758D4BC0ACFCA98AFD202E9839B8720253693B874C65586C6F0"},
-	{"C92F678EB2208662F5BCF3403EC05F5961E957908A3E79421E1D25FC19054153",
-		"DA0F3A40983D92F2D4C01FED33C7A192",
-		"2B6E9D26DB406A0FAB47608657AA10EFC2B4AA5F459B29FF85AC9A40BFFE7AEB04F77E9A11FAAA116D7F6D4DA417671A9AB02C588E0EF59CB1BFB4B1CC931B63A3B3A159FCEC97A04D1E6F0C7E6A9CEF6B0ABB04758A69F1FE754DF4C2610E8C46B6CF413BDB31351D55BEDCB7B4A13A1C98E10984475E0F2F957853",
-		"F37326A80E08",
-		"83519E53E321D334F7C10B568183775C0E9AAE55F806"},
-	{"6847E0491BE57E72995D186D50094B0B3593957A5146798FCE68B287B2FB37B5",
-		"3EE1182AEBB19A02B128F28E1D5F7F99",
-		"D9F35ABB16D776CE",
-		"DB7566ED8EA95BDF837F23DB277BAFBC5E70D1105ADFD0D9EF15475051B1EF94709C67DCA9F8D5",
-		"2CDCED0C9EBD6E2A508822A685F7DCD1CDD99E7A5FCA786C234E7F7F1D27EC49751AD5DCFA30C5EDA87C43CAE3B919B6BBCFE34C8EDA59"},
-	{"82B019673642C08388D3E42075A4D5D587558C229E4AB8F660E37650C4C41A0A",
-		"336F5D681E0410FAE7B607246092C6DC",
-		"D430CBD8FE435B64214E9E9CDC5DE99D31CFCFB8C10AA0587A49DF276611",
-		"998404153AD77003E1737EDE93ED79859EE6DCCA93CB40C4363AA817ABF2DBBD46E42A14A7183B6CC01E12A577888141363D0AE011EB6E8D28C0B235",
-		"9BEF69EEB60BD3D6065707B7557F25292A8872857CFBD24F2F3C088E4450995333088DA50FD9121221C504DF1D0CD5EFE6A12666C5D5BB12282CF4C19906E9CFAB97E9BDF7F49DC17CFC384B"},
-	{"747B2E269B1859F0622C15C8BAD6A725028B1F94B8DB7326948D1E6ED663A8BC",
-		"AB91F7245DDCE3F1C747872D47BE0A8A",
-		"3B03F786EF1DDD76E1D42646DA4CD2A5165DC5383CE86D1A0B5F13F910DC278A4E451EE0192CBA178E13B3BA27FDC7840DF73D2E104B",
-		"6B803F4701114F3E5FE21718845F8416F70F626303F545BE197189E0A2BA396F37CE06D389EB2658BC7D56D67868708F6D0D32",
-		"1570DDB0BCE75AA25D1957A287A2C36B1A5F2270186DA81BA6112B7F43B0F3D1D0ED072591DCF1F1C99BBB25621FC39B896FF9BD9413A2845363A9DCD310C32CF98E57"},
-	{"02E59853FB29AEDA0FE1C5F19180AD99A12FF2F144670BB2B8BADF09AD812E0A",
-		"C691294EF67CD04D1B9242AF83DD1421",
-		"879334DAE3",
-		"1E17F46A98FEF5CBB40759D95354",
-		"FED8C3FF27DDF6313AED444A2985B36CBA268AAD6AAC563C0BA28F6DB5DB"},
-	{"F6C1FB9B4188F2288FF03BD716023198C3582CF2A037FC2F29760916C2B7FCDB",
-		"4228DA0678CA3534588859E77DFF014C",
-		"D8153CAF35539A61DD8D05B3C9B44F01E564FB9348BCD09A1C23B84195171308861058F0A3CD2A55B912A3AAEE06FF4D356C77275828F2157C2FC7C115DA39E443210CCC56BEDB0CC99BBFB227ABD5CC454F4E7F547C7378A659EEB6A7E809101A84F866503CB18D4484E1FA09B3EC7FC75EB2E35270800AA7",
-		"23B660A779AD285704B12EC1C580387A47BEC7B00D452C6570",
-		"5AA642BBABA8E49849002A2FAF31DB8FC7773EFDD656E469CEC19B3206D4174C9A263D0A05484261F6"},
-	{"8FF6086F1FADB9A3FBE245EAC52640C43B39D43F89526BB5A6EBA47710931446",
-		"943188480C99437495958B0AE4831AA9",
-		"AD5CD0BDA426F6EBA23C8EB23DC73FF9FEC173355EDBD6C9344C4C4383F211888F7CE6B29899A6801DF6B38651A7C77150941A",
-		"80CD5EA8D7F81DDF5070B934937912E8F541A5301877528EB41AB60C020968D459960ED8FB73083329841A",
-		"ABAE8EB7F36FCA2362551E72DAC890BA1BB6794797E0FC3B67426EC9372726ED4725D379EA0AC9147E48DCD0005C502863C2C5358A38817C8264B5"},
-	{"A083B54E6B1FE01B65D42FCD248F97BB477A41462BBFE6FD591006C022C8FD84",
-		"B0490F5BD68A52459556B3749ACDF40E",
-		"8892E047DA5CFBBDF7F3CFCBD1BD21C6D4C80774B1826999234394BD3E513CC7C222BB40E1E3140A152F19B3802F0D036C24A590512AD0E8",
-		"D7B15752789DC94ED0F36778A5C7BBB207BEC32BAC66E702B39966F06E381E090C6757653C3D26A81EC6AD6C364D66867A334C91BB0B8A8A4B6EACDF0783D09010AEBA2DD2062308FE99CC1F",
-		"C071280A732ADC93DF272BF1E613B2BB7D46FC6665EF2DC1671F3E211D6BDE1D6ADDD28DF3AA2E47053FC8BB8AE9271EC8BC8B2CFFA320D225B451685B6D23ACEFDD241FE284F8ADC8DB07F456985B14330BBB66E0FB212213E05B3E"},
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/internal/byteutil/byteutil.go b/vendor/github.com/ProtonMail/go-crypto/internal/byteutil/byteutil.go
deleted file mode 100644
index d558b9bd82..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/internal/byteutil/byteutil.go
+++ /dev/null
@@ -1,90 +0,0 @@
-// Copyright (C) 2019 ProtonTech AG
-// This file contains necessary tools for the aex and ocb packages.
-//
-// These functions SHOULD NOT be used elsewhere, since they are optimized for
-// specific input nature in the EAX and OCB modes of operation.
-
-package byteutil
-
-// GfnDouble computes 2 * input in the field of 2^n elements.
-// The irreducible polynomial in the finite field for n=128 is
-// x^128 + x^7 + x^2 + x + 1 (equals 0x87)
-// Constant-time execution in order to avoid side-channel attacks
-func GfnDouble(input []byte) []byte {
-	if len(input) != 16 {
-		panic("Doubling in GFn only implemented for n = 128")
-	}
-	// If the first bit is zero, return 2L = L << 1
-	// Else return (L << 1) xor 0^120 10000111
-	shifted := ShiftBytesLeft(input)
-	shifted[15] ^= ((input[0] >> 7) * 0x87)
-	return shifted
-}
-
-// ShiftBytesLeft outputs the byte array corresponding to x << 1 in binary.
-func ShiftBytesLeft(x []byte) []byte {
-	l := len(x)
-	dst := make([]byte, l)
-	for i := 0; i < l-1; i++ {
-		dst[i] = (x[i] << 1) | (x[i+1] >> 7)
-	}
-	dst[l-1] = x[l-1] << 1
-	return dst
-}
-
-// ShiftNBytesLeft puts in dst the byte array corresponding to x << n in binary.
-func ShiftNBytesLeft(dst, x []byte, n int) {
-	// Erase first n / 8 bytes
-	copy(dst, x[n/8:])
-
-	// Shift the remaining n % 8 bits
-	bits := uint(n % 8)
-	l := len(dst)
-	for i := 0; i < l-1; i++ {
-		dst[i] = (dst[i] << bits) | (dst[i+1] >> uint(8-bits))
-	}
-	dst[l-1] = dst[l-1] << bits
-
-	// Append trailing zeroes
-	dst = append(dst, make([]byte, n/8)...)
-}
-
-// XorBytesMut replaces X with X XOR Y. len(X) must be >= len(Y).
-func XorBytesMut(X, Y []byte) {
-	for i := 0; i < len(Y); i++ {
-		X[i] ^= Y[i]
-	}
-}
-
-// XorBytes puts X XOR Y into Z. len(Z) and len(X) must be >= len(Y).
-func XorBytes(Z, X, Y []byte) {
-	for i := 0; i < len(Y); i++ {
-		Z[i] = X[i] ^ Y[i]
-	}
-}
-
-// RightXor XORs smaller input (assumed Y) at the right of the larger input (assumed X)
-func RightXor(X, Y []byte) []byte {
-	offset := len(X) - len(Y)
-	xored := make([]byte, len(X))
-	copy(xored, X)
-	for i := 0; i < len(Y); i++ {
-		xored[offset+i] ^= Y[i]
-	}
-	return xored
-}
-
-// SliceForAppend takes a slice and a requested number of bytes. It returns a
-// slice with the contents of the given slice followed by that many bytes and a
-// second slice that aliases into it and contains only the extra bytes. If the
-// original slice has sufficient capacity then no allocation is performed.
-func SliceForAppend(in []byte, n int) (head, tail []byte) {
-	if total := len(in) + n; cap(in) >= total {
-		head = in[:total]
-	} else {
-		head = make([]byte, total)
-		copy(head, in)
-	}
-	tail = head[len(in):]
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/ocb/ocb.go b/vendor/github.com/ProtonMail/go-crypto/ocb/ocb.go
deleted file mode 100644
index 24f893017b..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/ocb/ocb.go
+++ /dev/null
@@ -1,313 +0,0 @@
-// Copyright (C) 2019 ProtonTech AG
-
-// Package ocb provides an implementation of the OCB (offset codebook) mode of
-// operation, as described in RFC-7253 of the IRTF and in Rogaway, Bellare,
-// Black and Krovetz - OCB: A BLOCK-CIPHER MODE OF OPERATION FOR EFFICIENT
-// AUTHENTICATED ENCRYPTION (2003).
-// Security considerations (from RFC-7253): A private key MUST NOT be used to
-// encrypt more than 2^48 blocks. Tag length should be at least 12 bytes (a
-// brute-force forging adversary succeeds after 2^{tag length} attempts). A
-// single key SHOULD NOT be used to decrypt ciphertext with different tag
-// lengths. Nonces need not be secret, but MUST NOT be reused.
-// This package only supports underlying block ciphers with 128-bit blocks,
-// such as AES-{128, 192, 256}, but may be extended to other sizes.
-package ocb
-
-import (
-	"bytes"
-	"crypto/cipher"
-	"crypto/subtle"
-	"errors"
-	"math/bits"
-
-	"github.com/ProtonMail/go-crypto/internal/byteutil"
-)
-
-type ocb struct {
-	block     cipher.Block
-	tagSize   int
-	nonceSize int
-	mask      mask
-	// Optimized en/decrypt: For each nonce N used to en/decrypt, the 'Ktop'
-	// internal variable can be reused for en/decrypting with nonces sharing
-	// all but the last 6 bits with N. The prefix of the first nonce used to
-	// compute the new Ktop, and the Ktop value itself, are stored in
-	// reusableKtop. If using incremental nonces, this saves one block cipher
-	// call every 63 out of 64 OCB encryptions, and stores one nonce and one
-	// output of the block cipher in memory only.
-	reusableKtop reusableKtop
-}
-
-type mask struct {
-	// L_*, L_$, (L_i)_{i ∈ N}
-	lAst []byte
-	lDol []byte
-	L    [][]byte
-}
-
-type reusableKtop struct {
-	noncePrefix []byte
-	Ktop        []byte
-}
-
-const (
-	defaultTagSize   = 16
-	defaultNonceSize = 15
-)
-
-const (
-	enc = iota
-	dec
-)
-
-func (o *ocb) NonceSize() int {
-	return o.nonceSize
-}
-
-func (o *ocb) Overhead() int {
-	return o.tagSize
-}
-
-// NewOCB returns an OCB instance with the given block cipher and default
-// tag and nonce sizes.
-func NewOCB(block cipher.Block) (cipher.AEAD, error) {
-	return NewOCBWithNonceAndTagSize(block, defaultNonceSize, defaultTagSize)
-}
-
-// NewOCBWithNonceAndTagSize returns an OCB instance with the given block
-// cipher, nonce length, and tag length. Panics on zero nonceSize and
-// exceedingly long tag size.
-//
-// It is recommended to use at least 12 bytes as tag length.
-func NewOCBWithNonceAndTagSize(
-	block cipher.Block, nonceSize, tagSize int) (cipher.AEAD, error) {
-	if block.BlockSize() != 16 {
-		return nil, ocbError("Block cipher must have 128-bit blocks")
-	}
-	if nonceSize < 1 {
-		return nil, ocbError("Incorrect nonce length")
-	}
-	if nonceSize >= block.BlockSize() {
-		return nil, ocbError("Nonce length exceeds blocksize - 1")
-	}
-	if tagSize > block.BlockSize() {
-		return nil, ocbError("Custom tag length exceeds blocksize")
-	}
-	return &ocb{
-		block:     block,
-		tagSize:   tagSize,
-		nonceSize: nonceSize,
-		mask:      initializeMaskTable(block),
-		reusableKtop: reusableKtop{
-			noncePrefix: nil,
-			Ktop:        nil,
-		},
-	}, nil
-}
-
-func (o *ocb) Seal(dst, nonce, plaintext, adata []byte) []byte {
-	if len(nonce) > o.nonceSize {
-		panic("crypto/ocb: Incorrect nonce length given to OCB")
-	}
-	sep := len(plaintext)
-	ret, out := byteutil.SliceForAppend(dst, sep+o.tagSize)
-	tag := o.crypt(enc, out[:sep], nonce, adata, plaintext)
-	copy(out[sep:], tag)
-	return ret
-}
-
-func (o *ocb) Open(dst, nonce, ciphertext, adata []byte) ([]byte, error) {
-	if len(nonce) > o.nonceSize {
-		panic("Nonce too long for this instance")
-	}
-	if len(ciphertext) < o.tagSize {
-		return nil, ocbError("Ciphertext shorter than tag length")
-	}
-	sep := len(ciphertext) - o.tagSize
-	ret, out := byteutil.SliceForAppend(dst, sep)
-	ciphertextData := ciphertext[:sep]
-	tag := o.crypt(dec, out, nonce, adata, ciphertextData)
-	if subtle.ConstantTimeCompare(tag, ciphertext[sep:]) == 1 {
-		return ret, nil
-	}
-	for i := range out {
-		out[i] = 0
-	}
-	return nil, ocbError("Tag authentication failed")
-}
-
-// On instruction enc (resp. dec), crypt is the encrypt (resp. decrypt)
-// function. It writes the resulting plain/ciphertext into Y and returns
-// the tag.
-func (o *ocb) crypt(instruction int, Y, nonce, adata, X []byte) []byte {
-	//
-	// Consider X as a sequence of 128-bit blocks
-	//
-	// Note: For encryption (resp. decryption), X is the plaintext (resp., the
-	// ciphertext without the tag).
-	blockSize := o.block.BlockSize()
-
-	//
-	// Nonce-dependent and per-encryption variables
-	//
-	// Zero out the last 6 bits of the nonce into truncatedNonce to see if Ktop
-	// is already computed.
-	truncatedNonce := make([]byte, len(nonce))
-	copy(truncatedNonce, nonce)
-	truncatedNonce[len(truncatedNonce)-1] &= 192
-	var Ktop []byte
-	if bytes.Equal(truncatedNonce, o.reusableKtop.noncePrefix) {
-		Ktop = o.reusableKtop.Ktop
-	} else {
-		// Nonce = num2str(TAGLEN mod 128, 7) || zeros(120 - bitlen(N)) || 1 || N
-		paddedNonce := append(make([]byte, blockSize-1-len(nonce)), 1)
-		paddedNonce = append(paddedNonce, truncatedNonce...)
-		paddedNonce[0] |= byte(((8 * o.tagSize) % (8 * blockSize)) << 1)
-		// Last 6 bits of paddedNonce are already zero. Encrypt into Ktop
-		paddedNonce[blockSize-1] &= 192
-		Ktop = paddedNonce
-		o.block.Encrypt(Ktop, Ktop)
-		o.reusableKtop.noncePrefix = truncatedNonce
-		o.reusableKtop.Ktop = Ktop
-	}
-
-	// Stretch = Ktop || ((lower half of Ktop) XOR (lower half of Ktop << 8))
-	xorHalves := make([]byte, blockSize/2)
-	byteutil.XorBytes(xorHalves, Ktop[:blockSize/2], Ktop[1:1+blockSize/2])
-	stretch := append(Ktop, xorHalves...)
-	bottom := int(nonce[len(nonce)-1] & 63)
-	offset := make([]byte, len(stretch))
-	byteutil.ShiftNBytesLeft(offset, stretch, bottom)
-	offset = offset[:blockSize]
-
-	//
-	// Process any whole blocks
-	//
-	// Note: For encryption Y is ciphertext || tag, for decryption Y is
-	// plaintext || tag.
-	checksum := make([]byte, blockSize)
-	m := len(X) / blockSize
-	for i := 0; i < m; i++ {
-		index := bits.TrailingZeros(uint(i + 1))
-		if len(o.mask.L)-1 < index {
-			o.mask.extendTable(index)
-		}
-		byteutil.XorBytesMut(offset, o.mask.L[bits.TrailingZeros(uint(i+1))])
-		blockX := X[i*blockSize : (i+1)*blockSize]
-		blockY := Y[i*blockSize : (i+1)*blockSize]
-		switch instruction {
-		case enc:
-			byteutil.XorBytesMut(checksum, blockX)
-			byteutil.XorBytes(blockY, blockX, offset)
-			o.block.Encrypt(blockY, blockY)
-			byteutil.XorBytesMut(blockY, offset)
-		case dec:
-			byteutil.XorBytes(blockY, blockX, offset)
-			o.block.Decrypt(blockY, blockY)
-			byteutil.XorBytesMut(blockY, offset)
-			byteutil.XorBytesMut(checksum, blockY)
-		}
-	}
-	//
-	// Process any final partial block and compute raw tag
-	//
-	tag := make([]byte, blockSize)
-	if len(X)%blockSize != 0 {
-		byteutil.XorBytesMut(offset, o.mask.lAst)
-		pad := make([]byte, blockSize)
-		o.block.Encrypt(pad, offset)
-		chunkX := X[blockSize*m:]
-		chunkY := Y[blockSize*m : len(X)]
-		switch instruction {
-		case enc:
-			byteutil.XorBytesMut(checksum, chunkX)
-			checksum[len(chunkX)] ^= 128
-			byteutil.XorBytes(chunkY, chunkX, pad[:len(chunkX)])
-			// P_* || bit(1) || zeroes(127) - len(P_*)
-		case dec:
-			byteutil.XorBytes(chunkY, chunkX, pad[:len(chunkX)])
-			// P_* || bit(1) || zeroes(127) - len(P_*)
-			byteutil.XorBytesMut(checksum, chunkY)
-			checksum[len(chunkY)] ^= 128
-		}
-	}
-	byteutil.XorBytes(tag, checksum, offset)
-	byteutil.XorBytesMut(tag, o.mask.lDol)
-	o.block.Encrypt(tag, tag)
-	byteutil.XorBytesMut(tag, o.hash(adata))
-	return tag[:o.tagSize]
-}
-
-// This hash function is used to compute the tag. Per design, on empty input it
-// returns a slice of zeros, of the same length as the underlying block cipher
-// block size.
-func (o *ocb) hash(adata []byte) []byte {
-	//
-	// Consider A as a sequence of 128-bit blocks
-	//
-	A := make([]byte, len(adata))
-	copy(A, adata)
-	blockSize := o.block.BlockSize()
-
-	//
-	// Process any whole blocks
-	//
-	sum := make([]byte, blockSize)
-	offset := make([]byte, blockSize)
-	m := len(A) / blockSize
-	for i := 0; i < m; i++ {
-		chunk := A[blockSize*i : blockSize*(i+1)]
-		index := bits.TrailingZeros(uint(i + 1))
-		// If the mask table is too short
-		if len(o.mask.L)-1 < index {
-			o.mask.extendTable(index)
-		}
-		byteutil.XorBytesMut(offset, o.mask.L[index])
-		byteutil.XorBytesMut(chunk, offset)
-		o.block.Encrypt(chunk, chunk)
-		byteutil.XorBytesMut(sum, chunk)
-	}
-
-	//
-	// Process any final partial block; compute final hash value
-	//
-	if len(A)%blockSize != 0 {
-		byteutil.XorBytesMut(offset, o.mask.lAst)
-		// Pad block with 1 || 0 ^ 127 - bitlength(a)
-		ending := make([]byte, blockSize-len(A)%blockSize)
-		ending[0] = 0x80
-		encrypted := append(A[blockSize*m:], ending...)
-		byteutil.XorBytesMut(encrypted, offset)
-		o.block.Encrypt(encrypted, encrypted)
-		byteutil.XorBytesMut(sum, encrypted)
-	}
-	return sum
-}
-
-func initializeMaskTable(block cipher.Block) mask {
-	//
-	// Key-dependent variables
-	//
-	lAst := make([]byte, block.BlockSize())
-	block.Encrypt(lAst, lAst)
-	lDol := byteutil.GfnDouble(lAst)
-	L := make([][]byte, 1)
-	L[0] = byteutil.GfnDouble(lDol)
-
-	return mask{
-		lAst: lAst,
-		lDol: lDol,
-		L:    L,
-	}
-}
-
-// Extends the L array of mask m up to L[limit], with L[i] = GfnDouble(L[i-1])
-func (m *mask) extendTable(limit int) {
-	for i := len(m.L); i <= limit; i++ {
-		m.L = append(m.L, byteutil.GfnDouble(m.L[i-1]))
-	}
-}
-
-func ocbError(err string) error {
-	return errors.New("crypto/ocb: " + err)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/ocb/random_vectors.go b/vendor/github.com/ProtonMail/go-crypto/ocb/random_vectors.go
deleted file mode 100644
index 0efaf344fd..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/ocb/random_vectors.go
+++ /dev/null
@@ -1,136 +0,0 @@
-// In the test vectors provided by RFC 7253, the "bottom"
-// internal variable, which defines "offset" for the first time, does not
-// exceed 15. However, it can attain values up to 63.
-
-// These vectors include key length in {128, 192, 256}, tag size 128, and
-// random nonce, header, and plaintext lengths.
-
-// This file was automatically generated.
-
-package ocb
-
-var randomVectors = []struct {
-	key, nonce, header, plaintext, ciphertext string
-}{
-
-	{"9438C5D599308EAF13F800D2D31EA7F0",
-		"C38EE4801BEBFFA1CD8635BE",
-		"0E507B7DADD8A98CDFE272D3CB6B3E8332B56AE583FB049C0874D4200BED16BD1A044182434E9DA0E841F182DFD5B3016B34641CED0784F1745F63AB3D0DA22D3351C9EF9A658B8081E24498EBF61FCE40DA6D8E184536",
-		"962D227786FB8913A8BAD5DC3250",
-		"EEDEF5FFA5986D1E3BF86DDD33EF9ADC79DCA06E215FA772CCBA814F63AD"},
-	{"BA7DE631C7D6712167C6724F5B9A2B1D",
-		"35263EBDA05765DC0E71F1F5",
-		"0103257B4224507C0242FEFE821EA7FA42E0A82863E5F8B68F7D881B4B44FA428A2B6B21D2F591260802D8AB6D83",
-		"9D6D1FC93AE8A64E7889B7B2E3521EFA9B920A8DDB692E6F833DDC4A38AFA535E5E2A3ED82CB7E26404AB86C54D01C4668F28398C2DF33D5D561CBA1C8DCFA7A912F5048E545B59483C0E3221F54B14DAA2E4EB657B3BEF9554F34CAD69B2724AE962D3D8A",
-		"E93852D1985C5E775655E937FA79CE5BF28A585F2AF53A5018853B9634BE3C84499AC0081918FDCE0624494D60E25F76ACD6853AC7576E3C350F332249BFCABD4E73CEABC36BE4EDDA40914E598AE74174A0D7442149B26990899491BDDFE8FC54D6C18E83AE9E9A6FFBF5D376565633862EEAD88D"},
-	{"2E74B25289F6FD3E578C24866E9C72A5",
-		"FD912F15025AF8414642BA1D1D",
-		"FB5FB8C26F365EEDAB5FE260C6E3CCD27806729C8335F146063A7F9EA93290E56CF84576EB446350D22AD730547C267B1F0BBB97EB34E1E2C41A",
-		"6C092EBF78F76EE8C1C6E592277D9545BA16EDB67BC7D8480B9827702DC2F8A129E2B08A2CE710CA7E1DA45CE162BB6CD4B512E632116E2211D3C90871EFB06B8D4B902681C7FB",
-		"6AC0A77F26531BF4F354A1737F99E49BE32ECD909A7A71AD69352906F54B08A9CE9B8CA5D724CBFFC5673437F23F630697F3B84117A1431D6FA8CC13A974FB4AD360300522E09511B99E71065D5AC4BBCB1D791E864EF4"},
-	{"E7EC507C802528F790AFF5303A017B17",
-		"4B97A7A568940A9E3CE7A99E93031E",
-		"28349BDC5A09390C480F9B8AA3EDEA3DDB8B9D64BCA322C570B8225DF0E31190DAB25A4014BA39519E02ABFB12B89AA28BBFD29E486E7FB28734258C817B63CED9912DBAFEBB93E2798AB2890DE3B0ACFCFF906AB15563EF7823CE83D27CDB251195E22BD1337BCBDE65E7C2C427321C463C2777BFE5AEAA",
-		"9455B3EA706B74",
-		"7F33BA3EA848D48A96B9530E26888F43EBD4463C9399B6"},
-	{"6C928AA3224736F28EE7378DE0090191",
-		"8936138E2E4C6A13280017A1622D",
-		"6202717F2631565BDCDC57C6584543E72A7C8BD444D0D108ED35069819633C",
-		"DA0691439E5F035F3E455269D14FE5C201C8C9B0A3FE2D3F86BCC59387C868FE65733D388360B31E3CE28B4BF6A8BE636706B536D5720DB66B47CF1C7A5AFD6F61E0EF90F1726D6B0E169F9A768B2B7AE4EE00A17F630AC905FCAAA1B707FFF25B3A1AAE83B504837C64A5639B2A34002B300EC035C9B43654DA55",
-		"B8804D182AB0F0EEB464FA7BD1329AD6154F982013F3765FEDFE09E26DAC078C9C1439BFC1159D6C02A25E3FF83EF852570117B315852AD5EE20E0FA3AA0A626B0E43BC0CEA38B44579DD36803455FB46989B90E6D229F513FD727AF8372517E9488384C515D6067704119C931299A0982EDDFB9C2E86A90C450C077EB222511EC9CCABC9FCFDB19F70088"},
-	{"ECEA315CA4B3F425B0C9957A17805EA4",
-		"664CDAE18403F4F9BA13015A44FC",
-		"642AFB090D6C6DB46783F08B01A3EF2A8FEB5736B531EAC226E7888FCC8505F396818F83105065FACB3267485B9E5E4A0261F621041C08FCCB2A809A49AB5252A91D0971BCC620B9D614BD77E57A0EED2FA5",
-		"6852C31F8083E20E364CEA21BB7854D67CEE812FE1C9ED2425C0932A90D3780728D1BB",
-		"2ECEF962A9695A463ADABB275BDA9FF8B2BA57AEC2F52EFFB700CD9271A74D2A011C24AEA946051BD6291776429B7E681BA33E"},
-	{"4EE616C4A58AAA380878F71A373461F6",
-		"91B8C9C176D9C385E9C47E52",
-		"CDA440B7F9762C572A718AC754EDEECC119E5EE0CCB9FEA4FFB22EEE75087C032EBF3DA9CDD8A28CC010B99ED45143B41A4BA50EA2A005473F89639237838867A57F23B0F0ED3BF22490E4501DAC9C658A9B9F",
-		"D6E645FA9AE410D15B8123FD757FA356A8DBE9258DDB5BE88832E615910993F497EC",
-		"B70ED7BF959FB2AAED4F36174A2A99BFB16992C8CDF369C782C4DB9C73DE78C5DB8E0615F647243B97ACDB24503BC9CADC48"},
-	{"DCD475773136C830D5E3D0C5FE05B7FF",
-		"BB8E1FBB483BE7616A922C4A",
-		"36FEF2E1CB29E76A6EA663FC3AF66ECD7404F466382F7B040AABED62293302B56E8783EF7EBC21B4A16C3E78A7483A0A403F253A2CDC5BBF79DC3DAE6C73F39A961D8FBBE8D41B",
-		"441E886EA38322B2437ECA7DEB5282518865A66780A454E510878E61BFEC3106A3CD93D2A02052E6F9E1832F9791053E3B76BF4C07EFDD6D4106E3027FABB752E60C1AA425416A87D53938163817A1051EBA1D1DEEB4B9B25C7E97368B52E5911A31810B0EC5AF547559B6142D9F4C4A6EF24A4CF75271BF9D48F62B",
-		"1BE4DD2F4E25A6512C2CC71D24BBB07368589A94C2714962CD0ACE5605688F06342587521E75F0ACAFFD86212FB5C34327D238DB36CF2B787794B9A4412E7CD1410EA5DDD2450C265F29CF96013CD213FD2880657694D718558964BC189B4A84AFCF47EB012935483052399DBA5B088B0A0477F20DFE0E85DCB735E21F22A439FB837DD365A93116D063E607"},
-	{"3FBA2B3D30177FFE15C1C59ED2148BB2C091F5615FBA7C07",
-		"FACF804A4BEBF998505FF9DE",
-		"8213B9263B2971A5BDA18DBD02208EE1",
-		"15B323926993B326EA19F892D704439FC478828322AF72118748284A1FD8A6D814E641F70512FD706980337379F31DC63355974738D7FEA87AD2858C0C2EBBFBE74371C21450072373C7B651B334D7C4D43260B9D7CCD3AF9EDB",
-		"6D35DC1469B26E6AAB26272A41B46916397C24C485B61162E640A062D9275BC33DDCFD3D9E1A53B6C8F51AC89B66A41D59B3574197A40D9B6DCF8A4E2A001409C8112F16B9C389E0096179DB914E05D6D11ED0005AD17E1CE105A2F0BAB8F6B1540DEB968B7A5428FF44"},
-	{"53B52B8D4D748BCDF1DDE68857832FA46227FA6E2F32EFA1",
-		"0B0EF53D4606B28D1398355F",
-		"F23882436349094AF98BCACA8218E81581A043B19009E28EFBF2DE37883E04864148CC01D240552CA8844EC1456F42034653067DA67E80F87105FD06E14FF771246C9612867BE4D215F6D761",
-		"F15030679BD4088D42CAC9BF2E9606EAD4798782FA3ED8C57EBE7F84A53236F51B25967C6489D0CD20C9EEA752F9BC",
-		"67B96E2D67C3729C96DAEAEDF821D61C17E648643A2134C5621FEC621186915AD80864BFD1EB5B238BF526A679385E012A457F583AFA78134242E9D9C1B4E4"},
-	{"0272DD80F23399F49BFC320381A5CD8225867245A49A7D41",
-		"5C83F4896D0738E1366B1836",
-		"69B0337289B19F73A12BAEEA857CCAF396C11113715D9500CCCF48BA08CFF12BC8B4BADB3084E63B85719DB5058FA7C2C11DEB096D7943CFA7CAF5",
-		"C01AD10FC8B562CD17C7BC2FAB3E26CBDFF8D7F4DEA816794BBCC12336991712972F52816AABAB244EB43B0137E2BAC1DD413CE79531E78BEF782E6B439612BB3AEF154DE3502784F287958EBC159419F9EBA27916A28D6307324129F506B1DE80C1755A929F87",
-		"FEFE52DD7159C8DD6E8EC2D3D3C0F37AB6CB471A75A071D17EC4ACDD8F3AA4D7D4F7BB559F3C09099E3D9003E5E8AA1F556B79CECDE66F85B08FA5955E6976BF2695EA076388A62D2AD5BAB7CBF1A7F3F4C8D5CDF37CDE99BD3E30B685D9E5EEE48C7C89118EF4878EB89747F28271FA2CC45F8E9E7601"},
-	{"3EEAED04A455D6E5E5AB53CFD5AFD2F2BC625C7BF4BE49A5",
-		"36B88F63ADBB5668588181D774",
-		"D367E3CB3703E762D23C6533188EF7028EFF9D935A3977150361997EC9DEAF1E4794BDE26AA8B53C124980B1362EC86FCDDFC7A90073171C1BAEE351A53234B86C66E8AB92FAE99EC6967A6D3428892D80",
-		"573454C719A9A55E04437BF7CBAAF27563CCCD92ADD5E515CD63305DFF0687E5EEF790C5DCA5C0033E9AB129505E2775438D92B38F08F3B0356BA142C6F694",
-		"E9F79A5B432D9E682C9AAA5661CFC2E49A0FCB81A431E54B42EB73DD3BED3F377FEC556ABA81624BA64A5D739AD41467460088F8D4F442180A9382CA635745473794C382FCDDC49BA4EB6D8A44AE3C"},
-	{"B695C691538F8CBD60F039D0E28894E3693CC7C36D92D79D",
-		"BC099AEB637361BAC536B57618",
-		"BFFF1A65AE38D1DC142C71637319F5F6508E2CB33C9DCB94202B359ED5A5ED8042E7F4F09231D32A7242976677E6F4C549BF65FADC99E5AF43F7A46FD95E16C2",
-		"081DF3FD85B415D803F0BE5AC58CFF0023FDDED99788296C3731D8",
-		"E50C64E3614D94FE69C47092E46ACC9957C6FEA2CCBF96BC62FBABE7424753C75F9C147C42AE26FE171531"},
-	{"C9ACBD2718F0689A1BE9802A551B6B8D9CF5614DAF5E65ED",
-		"B1B0AAF373B8B026EB80422051D8",
-		"6648C0E61AC733C76119D23FB24548D637751387AA2EAE9D80E912B7BD486CAAD9EAF4D7A5FE2B54AAD481E8EC94BB4D558000896E2010462B70C9FED1E7273080D1",
-		"189F591F6CB6D59AFEDD14C341741A8F1037DC0DF00FC57CE65C30F49E860255CEA5DC6019380CC0FE8880BC1A9E685F41C239C38F36E3F2A1388865C5C311059C0A",
-		"922A5E949B61D03BE34AB5F4E58607D4504EA14017BB363DAE3C873059EA7A1C77A746FB78981671D26C2CF6D9F24952D510044CE02A10177E9DB42D0145211DFE6E84369C5E3BC2669EAB4147B2822895F9"},
-	{"7A832BD2CF5BF4919F353CE2A8C86A5E406DA2D52BE16A72",
-		"2F2F17CECF7E5A756D10785A3CB9DB",
-		"61DA05E3788CC2D8405DBA70C7A28E5AF699863C9F72E6C6770126929F5D6FA267F005EBCF49495CB46400958A3AE80D1289D1C671",
-		"44E91121195A41AF14E8CFDBD39A4B517BE0DF1A72977ED8A3EEF8EEDA1166B2EB6DB2C4AE2E74FA0F0C74537F659BFBD141E5DDEC67E64EDA85AABD3F52C85A785B9FB3CECD70E7DF",
-		"BEDF596EA21288D2B84901E188F6EE1468B14D5161D3802DBFE00D60203A24E2AB62714BF272A45551489838C3A7FEAADC177B591836E73684867CCF4E12901DCF2064058726BBA554E84ADC5136F507E961188D4AF06943D3"},
-	{"1508E8AE9079AA15F1CEC4F776B4D11BCCB061B58AA56C18",
-		"BCA625674F41D1E3AB47672DC0C3",
-		"8B12CF84F16360F0EAD2A41BC021530FFCEC7F3579CAE658E10E2D3D81870F65AFCED0C77C6C4C6E6BA424FF23088C796BA6195ABA35094BF1829E089662E7A95FC90750AE16D0C8AFA55DAC789D7735B970B58D4BE7CEC7341DA82A0179A01929C27A59C5063215B859EA43",
-		"E525422519ECE070E82C",
-		"B47BC07C3ED1C0A43BA52C43CBACBCDBB29CAF1001E09FDF7107"},
-	{"7550C2761644E911FE9ADD119BAC07376BEA442845FEAD876D7E7AC1B713E464",
-		"36D2EC25ADD33CDEDF495205BBC923",
-		"7FCFE81A3790DE97FFC3DE160C470847EA7E841177C2F759571CBD837EA004A6CA8C6F4AEBFF2E9FD552D73EB8A30705D58D70C0B67AEEA280CBBF0A477358ACEF1E7508F2735CD9A0E4F9AC92B8C008F575D3B6278F1C18BD01227E3502E5255F3AB1893632AD00C717C588EF652A51A43209E7EE90",
-		"2B1A62F8FDFAA3C16470A21AD307C9A7D03ADE8EF72C69B06F8D738CDE578D7AEFD0D40BD9C022FB9F580DF5394C998ACCCEFC5471A3996FB8F1045A81FDC6F32D13502EA65A211390C8D882B8E0BEFD8DD8CBEF51D1597B124E9F7F",
-		"C873E02A22DB89EB0787DB6A60B99F7E4A0A085D5C4232A81ADCE2D60AA36F92DDC33F93DD8640AC0E08416B187FB382B3EC3EE85A64B0E6EE41C1366A5AD2A282F66605E87031CCBA2FA7B2DA201D975994AADE3DD1EE122AE09604AD489B84BF0C1AB7129EE16C6934850E"},
-	{"A51300285E554FDBDE7F771A9A9A80955639DD87129FAEF74987C91FB9687C71",
-		"81691D5D20EC818FCFF24B33DECC",
-		"C948093218AA9EB2A8E44A87EEA73FC8B6B75A196819A14BD83709EA323E8DF8B491045220E1D88729A38DBCFFB60D3056DAD4564498FD6574F74512945DEB34B69329ACED9FFC05D5D59DFCD5B973E2ACAFE6AD1EF8BBBC49351A2DD12508ED89ED",
-		"EB861165DAF7625F827C6B574ED703F03215",
-		"C6CD1CE76D2B3679C1B5AA1CFD67CCB55444B6BFD3E22C81CBC9BB738796B83E54E3"},
-	{"8CE0156D26FAEB7E0B9B800BBB2E9D4075B5EAC5C62358B0E7F6FCE610223282",
-		"D2A7B94DD12CDACA909D3AD7",
-		"E021A78F374FC271389AB9A3E97077D755",
-		"7C26000B58929F5095E1CEE154F76C2A299248E299F9B5ADE6C403AA1FD4A67FD4E0232F214CE7B919EE7A1027D2B76C57475715CD078461",
-		"C556FB38DF069B56F337B5FF5775CE6EAA16824DFA754F20B78819028EA635C3BB7AA731DE8776B2DCB67DCA2D33EEDF3C7E52EA450013722A41755A0752433ED17BDD5991AAE77A"},
-	{"1E8000A2CE00A561C9920A30BF0D7B983FEF8A1014C8F04C35CA6970E6BA02BD",
-		"65ED3D63F79F90BBFD19775E",
-		"336A8C0B7243582A46B221AA677647FCAE91",
-		"134A8B34824A290E7B",
-		"914FBEF80D0E6E17F8BDBB6097EBF5FBB0554952DC2B9E5151"},
-	{"53D5607BBE690B6E8D8F6D97F3DF2BA853B682597A214B8AA0EA6E598650AF15",
-		"C391A856B9FE234E14BA1AC7BB40FF",
-		"479682BC21349C4BE1641D5E78FE2C79EC1B9CF5470936DCAD9967A4DCD7C4EFADA593BC9EDE71E6A08829B8580901B61E274227E9D918502DE3",
-		"EAD154DC09C5E26C5D26FF33ED148B27120C7F2C23225CC0D0631B03E1F6C6D96FEB88C1A4052ACB4CE746B884B6502931F407021126C6AAB8C514C077A5A38438AE88EE",
-		"938821286EBB671D999B87C032E1D6055392EB564E57970D55E545FC5E8BAB90E6E3E3C0913F6320995FC636D72CD9919657CC38BD51552F4A502D8D1FE56DB33EBAC5092630E69EBB986F0E15CEE9FC8C052501"},
-	{"294362FCC984F440CEA3E9F7D2C06AF20C53AAC1B3738CA2186C914A6E193ABB",
-		"B15B61C8BB39261A8F55AB178EC3",
-		"D0729B6B75BB",
-		"2BD089ADCE9F334BAE3B065996C7D616DD0C27DF4218DCEEA0FBCA0F968837CE26B0876083327E25681FDDD620A32EC0DA12F73FAE826CC94BFF2B90A54D2651",
-		"AC94B25E4E21DE2437B806966CCD5D9385EF0CD4A51AB9FA6DE675C7B8952D67802E9FEC1FDE9F5D1EAB06057498BC0EEA454804FC9D2068982A3E24182D9AC2E7AB9994DDC899A604264583F63D066B"},
-	{"959DBFEB039B1A5B8CE6A44649B602AAA5F98A906DB96143D202CD2024F749D9",
-		"01D7BDB1133E9C347486C1EFA6",
-		"F3843955BD741F379DD750585EDC55E2CDA05CCBA8C1F4622AC2FE35214BC3A019B8BD12C4CC42D9213D1E1556941E8D8450830287FFB3B763A13722DD4140ED9846FB5FFF745D7B0B967D810A068222E10B259AF1D392035B0D83DC1498A6830B11B2418A840212599171E0258A1C203B05362978",
-		"A21811232C950FA8B12237C2EBD6A7CD2C3A155905E9E0C7C120",
-		"63C1CE397B22F1A03F1FA549B43178BC405B152D3C95E977426D519B3DFCA28498823240592B6EEE7A14"},
-	{"096AE499F5294173F34FF2B375F0E5D5AB79D0D03B33B1A74D7D576826345DF4",
-		"0C52B3D11D636E5910A4DD76D32C",
-		"229E9ECA3053789E937447BC719467075B6138A142DA528DA8F0CF8DDF022FD9AF8E74779BA3AC306609",
-		"8B7A00038783E8BAF6EDEAE0C4EAB48FC8FD501A588C7E4A4DB71E3604F2155A97687D3D2FFF8569261375A513CF4398CE0F87CA1658A1050F6EF6C4EA3E25",
-		"C20B6CF8D3C8241825FD90B2EDAC7593600646E579A8D8DAAE9E2E40C3835FE801B2BE4379131452BC5182C90307B176DFBE2049544222FE7783147B690774F6D9D7CEF52A91E61E298E9AA15464AC"},
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_a.go b/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_a.go
deleted file mode 100644
index 330309ff5f..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_a.go
+++ /dev/null
@@ -1,78 +0,0 @@
-package ocb
-
-import (
-	"encoding/hex"
-)
-
-// Test vectors from https://tools.ietf.org/html/rfc7253. Note that key is
-// shared across tests.
-var testKey, _ = hex.DecodeString("000102030405060708090A0B0C0D0E0F")
-
-var rfc7253testVectors = []struct {
-	nonce, header, plaintext, ciphertext string
-}{
-	{"BBAA99887766554433221100",
-		"",
-		"",
-		"785407BFFFC8AD9EDCC5520AC9111EE6"},
-	{"BBAA99887766554433221101",
-		"0001020304050607",
-		"0001020304050607",
-		"6820B3657B6F615A5725BDA0D3B4EB3A257C9AF1F8F03009"},
-	{"BBAA99887766554433221102",
-		"0001020304050607",
-		"",
-		"81017F8203F081277152FADE694A0A00"},
-	{"BBAA99887766554433221103",
-		"",
-		"0001020304050607",
-		"45DD69F8F5AAE72414054CD1F35D82760B2CD00D2F99BFA9"},
-	{"BBAA99887766554433221104",
-		"000102030405060708090A0B0C0D0E0F",
-		"000102030405060708090A0B0C0D0E0F",
-		"571D535B60B277188BE5147170A9A22C3AD7A4FF3835B8C5701C1CCEC8FC3358"},
-	{"BBAA99887766554433221105",
-		"000102030405060708090A0B0C0D0E0F",
-		"",
-		"8CF761B6902EF764462AD86498CA6B97"},
-	{"BBAA99887766554433221106",
-		"",
-		"000102030405060708090A0B0C0D0E0F",
-		"5CE88EC2E0692706A915C00AEB8B2396F40E1C743F52436BDF06D8FA1ECA343D"},
-	{"BBAA99887766554433221107",
-		"000102030405060708090A0B0C0D0E0F1011121314151617",
-		"000102030405060708090A0B0C0D0E0F1011121314151617",
-		"1CA2207308C87C010756104D8840CE1952F09673A448A122C92C62241051F57356D7F3C90BB0E07F"},
-	{"BBAA99887766554433221108",
-		"000102030405060708090A0B0C0D0E0F1011121314151617",
-		"",
-		"6DC225A071FC1B9F7C69F93B0F1E10DE"},
-	{"BBAA99887766554433221109",
-		"",
-		"000102030405060708090A0B0C0D0E0F1011121314151617",
-		"221BD0DE7FA6FE993ECCD769460A0AF2D6CDED0C395B1C3CE725F32494B9F914D85C0B1EB38357FF"},
-	{"BBAA9988776655443322110A",
-		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
-		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
-		"BD6F6C496201C69296C11EFD138A467ABD3C707924B964DEAFFC40319AF5A48540FBBA186C5553C68AD9F592A79A4240"},
-	{"BBAA9988776655443322110B",
-		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
-		"",
-		"FE80690BEE8A485D11F32965BC9D2A32"},
-	{"BBAA9988776655443322110C",
-		"",
-		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
-		"2942BFC773BDA23CABC6ACFD9BFD5835BD300F0973792EF46040C53F1432BCDFB5E1DDE3BC18A5F840B52E653444D5DF"},
-	{"BBAA9988776655443322110D",
-		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-		"D5CA91748410C1751FF8A2F618255B68A0A12E093FF454606E59F9C1D0DDC54B65E8628E568BAD7AED07BA06A4A69483A7035490C5769E60"},
-	{"BBAA9988776655443322110E",
-		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-		"",
-		"C5CD9D1850C141E358649994EE701B68"},
-	{"BBAA9988776655443322110F",
-		"",
-		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-		"4412923493C57D5DE0D700F753CCE0D1D2D95060122E9F15A5DDBFC5787E50B5CC55EE507BCB084E479AD363AC366B95A98CA5F3000B1479"},
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_b.go b/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_b.go
deleted file mode 100644
index 14a3c336fb..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_b.go
+++ /dev/null
@@ -1,25 +0,0 @@
-package ocb
-
-// Second set of test vectors from https://tools.ietf.org/html/rfc7253
-var rfc7253TestVectorTaglen96 = struct {
-	key, nonce, header, plaintext, ciphertext string
-}{"0F0E0D0C0B0A09080706050403020100",
-	"BBAA9988776655443322110D",
-	"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-	"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-	"1792A4E31E0755FB03E31B22116E6C2DDF9EFD6E33D536F1A0124B0A55BAE884ED93481529C76B6AD0C515F4D1CDD4FDAC4F02AA"}
-
-var rfc7253AlgorithmTest = []struct {
-	KEYLEN, TAGLEN int
-	OUTPUT         string
-}{
-	{128, 128, "67E944D23256C5E0B6C61FA22FDF1EA2"},
-	{192, 128, "F673F2C3E7174AAE7BAE986CA9F29E17"},
-	{256, 128, "D90EB8E9C977C88B79DD793D7FFA161C"},
-	{128, 96, "77A3D8E73589158D25D01209"},
-	{192, 96, "05D56EAD2752C86BE6932C5E"},
-	{256, 96, "5458359AC23B0CBA9E6330DD"},
-	{128, 64, "192C9B7BD90BA06A"},
-	{192, 64, "0066BC6E0EF34E24"},
-	{256, 64, "7D4EA5D445501CBE"},
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap/keywrap.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap/keywrap.go
deleted file mode 100644
index 3c6251d1ce..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap/keywrap.go
+++ /dev/null
@@ -1,153 +0,0 @@
-// Copyright 2014 Matthew Endsley
-// All rights reserved
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted providing that the following conditions
-// are met:
-// 1. Redistributions of source code must retain the above copyright
-//    notice, this list of conditions and the following disclaimer.
-// 2. Redistributions in binary form must reproduce the above copyright
-//    notice, this list of conditions and the following disclaimer in the
-//    documentation and/or other materials provided with the distribution.
-//
-// THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-// IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-// ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
-// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
-// IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-// POSSIBILITY OF SUCH DAMAGE.
-
-// Package keywrap is an implementation of the RFC 3394 AES key wrapping
-// algorithm. This is used in OpenPGP with elliptic curve keys.
-package keywrap
-
-import (
-	"crypto/aes"
-	"encoding/binary"
-	"errors"
-)
-
-var (
-	// ErrWrapPlaintext is returned if the plaintext is not a multiple
-	// of 64 bits.
-	ErrWrapPlaintext = errors.New("keywrap: plainText must be a multiple of 64 bits")
-
-	// ErrUnwrapCiphertext is returned if the ciphertext is not a
-	// multiple of 64 bits.
-	ErrUnwrapCiphertext = errors.New("keywrap: cipherText must by a multiple of 64 bits")
-
-	// ErrUnwrapFailed is returned if unwrapping a key fails.
-	ErrUnwrapFailed = errors.New("keywrap: failed to unwrap key")
-
-	// NB: the AES NewCipher call only fails if the key is an invalid length.
-
-	// ErrInvalidKey is returned when the AES key is invalid.
-	ErrInvalidKey = errors.New("keywrap: invalid AES key")
-)
-
-// Wrap a key using the RFC 3394 AES Key Wrap Algorithm.
-func Wrap(key, plainText []byte) ([]byte, error) {
-	if len(plainText)%8 != 0 {
-		return nil, ErrWrapPlaintext
-	}
-
-	c, err := aes.NewCipher(key)
-	if err != nil {
-		return nil, ErrInvalidKey
-	}
-
-	nblocks := len(plainText) / 8
-
-	// 1) Initialize variables.
-	var block [aes.BlockSize]byte
-	// - Set A = IV, an initial value (see 2.2.3)
-	for ii := 0; ii < 8; ii++ {
-		block[ii] = 0xA6
-	}
-
-	// - For i = 1 to n
-	// -   Set R[i] = P[i]
-	intermediate := make([]byte, len(plainText))
-	copy(intermediate, plainText)
-
-	// 2) Calculate intermediate values.
-	for ii := 0; ii < 6; ii++ {
-		for jj := 0; jj < nblocks; jj++ {
-			// - B = AES(K, A | R[i])
-			copy(block[8:], intermediate[jj*8:jj*8+8])
-			c.Encrypt(block[:], block[:])
-
-			// - A = MSB(64, B) ^ t where t = (n*j)+1
-			t := uint64(ii*nblocks + jj + 1)
-			val := binary.BigEndian.Uint64(block[:8]) ^ t
-			binary.BigEndian.PutUint64(block[:8], val)
-
-			// - R[i] = LSB(64, B)
-			copy(intermediate[jj*8:jj*8+8], block[8:])
-		}
-	}
-
-	// 3) Output results.
-	// - Set C[0] = A
-	// - For i = 1 to n
-	// -   C[i] = R[i]
-	return append(block[:8], intermediate...), nil
-}
-
-// Unwrap a key using the RFC 3394 AES Key Wrap Algorithm.
-func Unwrap(key, cipherText []byte) ([]byte, error) {
-	if len(cipherText)%8 != 0 {
-		return nil, ErrUnwrapCiphertext
-	}
-
-	c, err := aes.NewCipher(key)
-	if err != nil {
-		return nil, ErrInvalidKey
-	}
-
-	nblocks := len(cipherText)/8 - 1
-
-	// 1) Initialize variables.
-	var block [aes.BlockSize]byte
-	// - Set A = C[0]
-	copy(block[:8], cipherText[:8])
-
-	// - For i = 1 to n
-	// -   Set R[i] = C[i]
-	intermediate := make([]byte, len(cipherText)-8)
-	copy(intermediate, cipherText[8:])
-
-	// 2) Compute intermediate values.
-	for jj := 5; jj >= 0; jj-- {
-		for ii := nblocks - 1; ii >= 0; ii-- {
-			// - B = AES-1(K, (A ^ t) | R[i]) where t = n*j+1
-			// - A = MSB(64, B)
-			t := uint64(jj*nblocks + ii + 1)
-			val := binary.BigEndian.Uint64(block[:8]) ^ t
-			binary.BigEndian.PutUint64(block[:8], val)
-
-			copy(block[8:], intermediate[ii*8:ii*8+8])
-			c.Decrypt(block[:], block[:])
-
-			// - R[i] = LSB(B, 64)
-			copy(intermediate[ii*8:ii*8+8], block[8:])
-		}
-	}
-
-	// 3) Output results.
-	// - If A is an appropriate initial value (see 2.2.3),
-	for ii := 0; ii < 8; ii++ {
-		if block[ii] != 0xA6 {
-			return nil, ErrUnwrapFailed
-		}
-	}
-
-	// - For i = 1 to n
-	// -   P[i] = R[i]
-	return intermediate, nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/armor.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/armor.go
deleted file mode 100644
index e0a677f284..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/armor.go
+++ /dev/null
@@ -1,183 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package armor implements OpenPGP ASCII Armor, see RFC 4880. OpenPGP Armor is
-// very similar to PEM except that it has an additional CRC checksum.
-package armor // import "github.com/ProtonMail/go-crypto/openpgp/armor"
-
-import (
-	"bufio"
-	"bytes"
-	"encoding/base64"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-// A Block represents an OpenPGP armored structure.
-//
-// The encoded form is:
-//
-//	-----BEGIN Type-----
-//	Headers
-//
-//	base64-encoded Bytes
-//	'=' base64 encoded checksum (optional) not checked anymore
-//	-----END Type-----
-//
-// where Headers is a possibly empty sequence of Key: Value lines.
-//
-// Since the armored data can be very large, this package presents a streaming
-// interface.
-type Block struct {
-	Type    string            // The type, taken from the preamble (i.e. "PGP SIGNATURE").
-	Header  map[string]string // Optional headers.
-	Body    io.Reader         // A Reader from which the contents can be read
-	lReader lineReader
-	oReader openpgpReader
-}
-
-var ArmorCorrupt error = errors.StructuralError("armor invalid")
-
-var armorStart = []byte("-----BEGIN ")
-var armorEnd = []byte("-----END ")
-var armorEndOfLine = []byte("-----")
-
-// lineReader wraps a line based reader. It watches for the end of an armor block
-type lineReader struct {
-	in  *bufio.Reader
-	buf []byte
-	eof bool
-}
-
-func (l *lineReader) Read(p []byte) (n int, err error) {
-	if l.eof {
-		return 0, io.EOF
-	}
-
-	if len(l.buf) > 0 {
-		n = copy(p, l.buf)
-		l.buf = l.buf[n:]
-		return
-	}
-
-	line, isPrefix, err := l.in.ReadLine()
-	if err != nil {
-		return
-	}
-	if isPrefix {
-		return 0, ArmorCorrupt
-	}
-
-	if bytes.HasPrefix(line, armorEnd) {
-		l.eof = true
-		return 0, io.EOF
-	}
-
-	if len(line) == 5 && line[0] == '=' {
-		// This is the checksum line
-		// Don't check the checksum
-
-		l.eof = true
-		return 0, io.EOF
-	}
-
-	if len(line) > 96 {
-		return 0, ArmorCorrupt
-	}
-
-	n = copy(p, line)
-	bytesToSave := len(line) - n
-	if bytesToSave > 0 {
-		if cap(l.buf) < bytesToSave {
-			l.buf = make([]byte, 0, bytesToSave)
-		}
-		l.buf = l.buf[0:bytesToSave]
-		copy(l.buf, line[n:])
-	}
-
-	return
-}
-
-// openpgpReader passes Read calls to the underlying base64 decoder.
-type openpgpReader struct {
-	lReader   *lineReader
-	b64Reader io.Reader
-}
-
-func (r *openpgpReader) Read(p []byte) (n int, err error) {
-	n, err = r.b64Reader.Read(p)
-	return
-}
-
-// Decode reads a PGP armored block from the given Reader. It will ignore
-// leading garbage. If it doesn't find a block, it will return nil, io.EOF. The
-// given Reader is not usable after calling this function: an arbitrary amount
-// of data may have been read past the end of the block.
-func Decode(in io.Reader) (p *Block, err error) {
-	r := bufio.NewReaderSize(in, 100)
-	var line []byte
-	ignoreNext := false
-
-TryNextBlock:
-	p = nil
-
-	// Skip leading garbage
-	for {
-		ignoreThis := ignoreNext
-		line, ignoreNext, err = r.ReadLine()
-		if err != nil {
-			return
-		}
-		if ignoreNext || ignoreThis {
-			continue
-		}
-		line = bytes.TrimSpace(line)
-		if len(line) > len(armorStart)+len(armorEndOfLine) && bytes.HasPrefix(line, armorStart) {
-			break
-		}
-	}
-
-	p = new(Block)
-	p.Type = string(line[len(armorStart) : len(line)-len(armorEndOfLine)])
-	p.Header = make(map[string]string)
-	nextIsContinuation := false
-	var lastKey string
-
-	// Read headers
-	for {
-		isContinuation := nextIsContinuation
-		line, nextIsContinuation, err = r.ReadLine()
-		if err != nil {
-			p = nil
-			return
-		}
-		if isContinuation {
-			p.Header[lastKey] += string(line)
-			continue
-		}
-		line = bytes.TrimSpace(line)
-		if len(line) == 0 {
-			break
-		}
-
-		i := bytes.Index(line, []byte(":"))
-		if i == -1 {
-			goto TryNextBlock
-		}
-		lastKey = string(line[:i])
-		var value string
-		if len(line) > i+2 {
-			value = string(line[i+2:])
-		}
-		p.Header[lastKey] = value
-	}
-
-	p.lReader.in = r
-	p.oReader.lReader = &p.lReader
-	p.oReader.b64Reader = base64.NewDecoder(base64.StdEncoding, &p.lReader)
-	p.Body = &p.oReader
-
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/encode.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/encode.go
deleted file mode 100644
index 550efddf05..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/encode.go
+++ /dev/null
@@ -1,206 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package armor
-
-import (
-	"encoding/base64"
-	"io"
-	"sort"
-)
-
-var armorHeaderSep = []byte(": ")
-var blockEnd = []byte("\n=")
-var newline = []byte("\n")
-var armorEndOfLineOut = []byte("-----\n")
-
-const crc24Init = 0xb704ce
-const crc24Poly = 0x1864cfb
-
-// crc24 calculates the OpenPGP checksum as specified in RFC 4880, section 6.1
-func crc24(crc uint32, d []byte) uint32 {
-	for _, b := range d {
-		crc ^= uint32(b) << 16
-		for i := 0; i < 8; i++ {
-			crc <<= 1
-			if crc&0x1000000 != 0 {
-				crc ^= crc24Poly
-			}
-		}
-	}
-	return crc
-}
-
-// writeSlices writes its arguments to the given Writer.
-func writeSlices(out io.Writer, slices ...[]byte) (err error) {
-	for _, s := range slices {
-		_, err = out.Write(s)
-		if err != nil {
-			return err
-		}
-	}
-	return
-}
-
-// lineBreaker breaks data across several lines, all of the same byte length
-// (except possibly the last). Lines are broken with a single '\n'.
-type lineBreaker struct {
-	lineLength  int
-	line        []byte
-	used        int
-	out         io.Writer
-	haveWritten bool
-}
-
-func newLineBreaker(out io.Writer, lineLength int) *lineBreaker {
-	return &lineBreaker{
-		lineLength: lineLength,
-		line:       make([]byte, lineLength),
-		used:       0,
-		out:        out,
-	}
-}
-
-func (l *lineBreaker) Write(b []byte) (n int, err error) {
-	n = len(b)
-
-	if n == 0 {
-		return
-	}
-
-	if l.used == 0 && l.haveWritten {
-		_, err = l.out.Write([]byte{'\n'})
-		if err != nil {
-			return
-		}
-	}
-
-	if l.used+len(b) < l.lineLength {
-		l.used += copy(l.line[l.used:], b)
-		return
-	}
-
-	l.haveWritten = true
-	_, err = l.out.Write(l.line[0:l.used])
-	if err != nil {
-		return
-	}
-	excess := l.lineLength - l.used
-	l.used = 0
-
-	_, err = l.out.Write(b[0:excess])
-	if err != nil {
-		return
-	}
-
-	_, err = l.Write(b[excess:])
-	return
-}
-
-func (l *lineBreaker) Close() (err error) {
-	if l.used > 0 {
-		_, err = l.out.Write(l.line[0:l.used])
-		if err != nil {
-			return
-		}
-	}
-
-	return
-}
-
-// encoding keeps track of a running CRC24 over the data which has been written
-// to it and outputs a OpenPGP checksum when closed, followed by an armor
-// trailer.
-//
-// It's built into a stack of io.Writers:
-//
-//	encoding -> base64 encoder -> lineBreaker -> out
-type encoding struct {
-	out        io.Writer
-	breaker    *lineBreaker
-	b64        io.WriteCloser
-	crc        uint32
-	crcEnabled bool
-	blockType  []byte
-}
-
-func (e *encoding) Write(data []byte) (n int, err error) {
-	if e.crcEnabled {
-		e.crc = crc24(e.crc, data)
-	}
-	return e.b64.Write(data)
-}
-
-func (e *encoding) Close() (err error) {
-	err = e.b64.Close()
-	if err != nil {
-		return
-	}
-	e.breaker.Close()
-
-	if e.crcEnabled {
-		var checksumBytes [3]byte
-		checksumBytes[0] = byte(e.crc >> 16)
-		checksumBytes[1] = byte(e.crc >> 8)
-		checksumBytes[2] = byte(e.crc)
-
-		var b64ChecksumBytes [4]byte
-		base64.StdEncoding.Encode(b64ChecksumBytes[:], checksumBytes[:])
-
-		return writeSlices(e.out, blockEnd, b64ChecksumBytes[:], newline, armorEnd, e.blockType, armorEndOfLine)
-	}
-	return writeSlices(e.out, newline, armorEnd, e.blockType, armorEndOfLine)
-}
-
-func encode(out io.Writer, blockType string, headers map[string]string, checksum bool) (w io.WriteCloser, err error) {
-	bType := []byte(blockType)
-	err = writeSlices(out, armorStart, bType, armorEndOfLineOut)
-	if err != nil {
-		return
-	}
-
-	keys := make([]string, len(headers))
-	i := 0
-	for k := range headers {
-		keys[i] = k
-		i++
-	}
-	sort.Strings(keys)
-	for _, k := range keys {
-		err = writeSlices(out, []byte(k), armorHeaderSep, []byte(headers[k]), newline)
-		if err != nil {
-			return
-		}
-	}
-
-	_, err = out.Write(newline)
-	if err != nil {
-		return
-	}
-
-	e := &encoding{
-		out:        out,
-		breaker:    newLineBreaker(out, 64),
-		blockType:  bType,
-		crc:        crc24Init,
-		crcEnabled: checksum,
-	}
-	e.b64 = base64.NewEncoder(base64.StdEncoding, e.breaker)
-	return e, nil
-}
-
-// Encode returns a WriteCloser which will encode the data written to it in
-// OpenPGP armor.
-func Encode(out io.Writer, blockType string, headers map[string]string) (w io.WriteCloser, err error) {
-	return encode(out, blockType, headers, true)
-}
-
-// EncodeWithChecksumOption returns a WriteCloser which will encode the data written to it in
-// OpenPGP armor and provides the option to include a checksum.
-// When forming ASCII Armor, the CRC24 footer SHOULD NOT be generated,
-// unless interoperability with implementations that require the CRC24 footer
-// to be present is a concern.
-func EncodeWithChecksumOption(out io.Writer, blockType string, headers map[string]string, doChecksum bool) (w io.WriteCloser, err error) {
-	return encode(out, blockType, headers, doChecksum)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/canonical_text.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/canonical_text.go
deleted file mode 100644
index 5b40e1375d..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/canonical_text.go
+++ /dev/null
@@ -1,71 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package openpgp
-
-import (
-	"hash"
-	"io"
-)
-
-// NewCanonicalTextHash reformats text written to it into the canonical
-// form and then applies the hash h.  See RFC 4880, section 5.2.1.
-func NewCanonicalTextHash(h hash.Hash) hash.Hash {
-	return &canonicalTextHash{h, 0}
-}
-
-type canonicalTextHash struct {
-	h hash.Hash
-	s int
-}
-
-var newline = []byte{'\r', '\n'}
-
-func writeCanonical(cw io.Writer, buf []byte, s *int) (int, error) {
-	start := 0
-	for i, c := range buf {
-		switch *s {
-		case 0:
-			if c == '\r' {
-				*s = 1
-			} else if c == '\n' {
-				if _, err := cw.Write(buf[start:i]); err != nil {
-					return 0, err
-				}
-				if _, err := cw.Write(newline); err != nil {
-					return 0, err
-				}
-				start = i + 1
-			}
-		case 1:
-			*s = 0
-		}
-	}
-
-	if _, err := cw.Write(buf[start:]); err != nil {
-		return 0, err
-	}
-	return len(buf), nil
-}
-
-func (cth *canonicalTextHash) Write(buf []byte) (int, error) {
-	return writeCanonical(cth.h, buf, &cth.s)
-}
-
-func (cth *canonicalTextHash) Sum(in []byte) []byte {
-	return cth.h.Sum(in)
-}
-
-func (cth *canonicalTextHash) Reset() {
-	cth.h.Reset()
-	cth.s = 0
-}
-
-func (cth *canonicalTextHash) Size() int {
-	return cth.h.Size()
-}
-
-func (cth *canonicalTextHash) BlockSize() int {
-	return cth.h.BlockSize()
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdh/ecdh.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdh/ecdh.go
deleted file mode 100644
index db8fb163b6..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdh/ecdh.go
+++ /dev/null
@@ -1,206 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package ecdh implements ECDH encryption, suitable for OpenPGP,
-// as specified in RFC 6637, section 8.
-package ecdh
-
-import (
-	"bytes"
-	"errors"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/aes/keywrap"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/ecc"
-)
-
-type KDF struct {
-	Hash   algorithm.Hash
-	Cipher algorithm.Cipher
-}
-
-type PublicKey struct {
-	curve ecc.ECDHCurve
-	Point []byte
-	KDF
-}
-
-type PrivateKey struct {
-	PublicKey
-	D []byte
-}
-
-func NewPublicKey(curve ecc.ECDHCurve, kdfHash algorithm.Hash, kdfCipher algorithm.Cipher) *PublicKey {
-	return &PublicKey{
-		curve: curve,
-		KDF: KDF{
-			Hash:   kdfHash,
-			Cipher: kdfCipher,
-		},
-	}
-}
-
-func NewPrivateKey(key PublicKey) *PrivateKey {
-	return &PrivateKey{
-		PublicKey: key,
-	}
-}
-
-func (pk *PublicKey) GetCurve() ecc.ECDHCurve {
-	return pk.curve
-}
-
-func (pk *PublicKey) MarshalPoint() []byte {
-	return pk.curve.MarshalBytePoint(pk.Point)
-}
-
-func (pk *PublicKey) UnmarshalPoint(p []byte) error {
-	pk.Point = pk.curve.UnmarshalBytePoint(p)
-	if pk.Point == nil {
-		return errors.New("ecdh: failed to parse EC point")
-	}
-	return nil
-}
-
-func (sk *PrivateKey) MarshalByteSecret() []byte {
-	return sk.curve.MarshalByteSecret(sk.D)
-}
-
-func (sk *PrivateKey) UnmarshalByteSecret(d []byte) error {
-	sk.D = sk.curve.UnmarshalByteSecret(d)
-
-	if sk.D == nil {
-		return errors.New("ecdh: failed to parse scalar")
-	}
-	return nil
-}
-
-func GenerateKey(rand io.Reader, c ecc.ECDHCurve, kdf KDF) (priv *PrivateKey, err error) {
-	priv = new(PrivateKey)
-	priv.PublicKey.curve = c
-	priv.PublicKey.KDF = kdf
-	priv.PublicKey.Point, priv.D, err = c.GenerateECDH(rand)
-	return
-}
-
-func Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint []byte) (vsG, c []byte, err error) {
-	if len(msg) > 40 {
-		return nil, nil, errors.New("ecdh: message too long")
-	}
-	// the sender MAY use 21, 13, and 5 bytes of padding for AES-128,
-	// AES-192, and AES-256, respectively, to provide the same number of
-	// octets, 40 total, as an input to the key wrapping method.
-	padding := make([]byte, 40-len(msg))
-	for i := range padding {
-		padding[i] = byte(40 - len(msg))
-	}
-	m := append(msg, padding...)
-
-	ephemeral, zb, err := pub.curve.Encaps(random, pub.Point)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	vsG = pub.curve.MarshalBytePoint(ephemeral)
-
-	z, err := buildKey(pub, zb, curveOID, fingerprint, false, false)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	if c, err = keywrap.Wrap(z, m); err != nil {
-		return nil, nil, err
-	}
-
-	return vsG, c, nil
-
-}
-
-func Decrypt(priv *PrivateKey, vsG, c, curveOID, fingerprint []byte) (msg []byte, err error) {
-	var m []byte
-	zb, err := priv.PublicKey.curve.Decaps(priv.curve.UnmarshalBytePoint(vsG), priv.D)
-
-	// Try buildKey three times to workaround an old bug, see comments in buildKey.
-	for i := 0; i < 3; i++ {
-		var z []byte
-		// RFC6637 §8: "Compute Z = KDF( S, Z_len, Param );"
-		z, err = buildKey(&priv.PublicKey, zb, curveOID, fingerprint, i == 1, i == 2)
-		if err != nil {
-			return nil, err
-		}
-
-		// RFC6637 §8: "Compute C = AESKeyWrap( Z, c ) as per [RFC3394]"
-		m, err = keywrap.Unwrap(z, c)
-		if err == nil {
-			break
-		}
-	}
-
-	// Only return an error after we've tried all (required) variants of buildKey.
-	if err != nil {
-		return nil, err
-	}
-
-	// RFC6637 §8: "m = symm_alg_ID || session key || checksum || pkcs5_padding"
-	// The last byte should be the length of the padding, as per PKCS5; strip it off.
-	return m[:len(m)-int(m[len(m)-1])], nil
-}
-
-func buildKey(pub *PublicKey, zb []byte, curveOID, fingerprint []byte, stripLeading, stripTrailing bool) ([]byte, error) {
-	// Param = curve_OID_len || curve_OID || public_key_alg_ID || 03
-	//         || 01 || KDF_hash_ID || KEK_alg_ID for AESKeyWrap
-	//         || "Anonymous Sender    " || recipient_fingerprint;
-	param := new(bytes.Buffer)
-	if _, err := param.Write(curveOID); err != nil {
-		return nil, err
-	}
-	algKDF := []byte{18, 3, 1, pub.KDF.Hash.Id(), pub.KDF.Cipher.Id()}
-	if _, err := param.Write(algKDF); err != nil {
-		return nil, err
-	}
-	if _, err := param.Write([]byte("Anonymous Sender    ")); err != nil {
-		return nil, err
-	}
-	if _, err := param.Write(fingerprint[:]); err != nil {
-		return nil, err
-	}
-
-	// MB = Hash ( 00 || 00 || 00 || 01 || ZB || Param );
-	h := pub.KDF.Hash.New()
-	if _, err := h.Write([]byte{0x0, 0x0, 0x0, 0x1}); err != nil {
-		return nil, err
-	}
-	zbLen := len(zb)
-	i := 0
-	j := zbLen - 1
-	if stripLeading {
-		// Work around old go crypto bug where the leading zeros are missing.
-		for i < zbLen && zb[i] == 0 {
-			i++
-		}
-	}
-	if stripTrailing {
-		// Work around old OpenPGP.js bug where insignificant trailing zeros in
-		// this little-endian number are missing.
-		// (See https://github.com/openpgpjs/openpgpjs/pull/853.)
-		for j >= 0 && zb[j] == 0 {
-			j--
-		}
-	}
-	if _, err := h.Write(zb[i : j+1]); err != nil {
-		return nil, err
-	}
-	if _, err := h.Write(param.Bytes()); err != nil {
-		return nil, err
-	}
-	mb := h.Sum(nil)
-
-	return mb[:pub.KDF.Cipher.KeySize()], nil // return oBits leftmost bits of MB.
-
-}
-
-func Validate(priv *PrivateKey) error {
-	return priv.curve.ValidateECDH(priv.Point, priv.D)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdsa/ecdsa.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdsa/ecdsa.go
deleted file mode 100644
index f94ae1b2f5..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdsa/ecdsa.go
+++ /dev/null
@@ -1,80 +0,0 @@
-// Package ecdsa implements ECDSA signature, suitable for OpenPGP,
-// as specified in RFC 6637, section 5.
-package ecdsa
-
-import (
-	"errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/ecc"
-	"io"
-	"math/big"
-)
-
-type PublicKey struct {
-	X, Y  *big.Int
-	curve ecc.ECDSACurve
-}
-
-type PrivateKey struct {
-	PublicKey
-	D *big.Int
-}
-
-func NewPublicKey(curve ecc.ECDSACurve) *PublicKey {
-	return &PublicKey{
-		curve: curve,
-	}
-}
-
-func NewPrivateKey(key PublicKey) *PrivateKey {
-	return &PrivateKey{
-		PublicKey: key,
-	}
-}
-
-func (pk *PublicKey) GetCurve() ecc.ECDSACurve {
-	return pk.curve
-}
-
-func (pk *PublicKey) MarshalPoint() []byte {
-	return pk.curve.MarshalIntegerPoint(pk.X, pk.Y)
-}
-
-func (pk *PublicKey) UnmarshalPoint(p []byte) error {
-	pk.X, pk.Y = pk.curve.UnmarshalIntegerPoint(p)
-	if pk.X == nil {
-		return errors.New("ecdsa: failed to parse EC point")
-	}
-	return nil
-}
-
-func (sk *PrivateKey) MarshalIntegerSecret() []byte {
-	return sk.curve.MarshalIntegerSecret(sk.D)
-}
-
-func (sk *PrivateKey) UnmarshalIntegerSecret(d []byte) error {
-	sk.D = sk.curve.UnmarshalIntegerSecret(d)
-
-	if sk.D == nil {
-		return errors.New("ecdsa: failed to parse scalar")
-	}
-	return nil
-}
-
-func GenerateKey(rand io.Reader, c ecc.ECDSACurve) (priv *PrivateKey, err error) {
-	priv = new(PrivateKey)
-	priv.PublicKey.curve = c
-	priv.PublicKey.X, priv.PublicKey.Y, priv.D, err = c.GenerateECDSA(rand)
-	return
-}
-
-func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error) {
-	return priv.PublicKey.curve.Sign(rand, priv.X, priv.Y, priv.D, hash)
-}
-
-func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool {
-	return pub.curve.Verify(pub.X, pub.Y, hash, r, s)
-}
-
-func Validate(priv *PrivateKey) error {
-	return priv.curve.ValidateECDSA(priv.X, priv.Y, priv.D.Bytes())
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/ed25519/ed25519.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/ed25519/ed25519.go
deleted file mode 100644
index 6abdf7c446..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/ed25519/ed25519.go
+++ /dev/null
@@ -1,115 +0,0 @@
-// Package ed25519 implements the ed25519 signature algorithm for OpenPGP
-// as defined in the Open PGP crypto refresh.
-package ed25519
-
-import (
-	"crypto/subtle"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	ed25519lib "github.com/cloudflare/circl/sign/ed25519"
-)
-
-const (
-	// PublicKeySize is the size, in bytes, of public keys in this package.
-	PublicKeySize = ed25519lib.PublicKeySize
-	// SeedSize is the size, in bytes, of private key seeds.
-	// The private key representation used by RFC 8032.
-	SeedSize = ed25519lib.SeedSize
-	// SignatureSize is the size, in bytes, of signatures generated and verified by this package.
-	SignatureSize = ed25519lib.SignatureSize
-)
-
-type PublicKey struct {
-	// Point represents the elliptic curve point of the public key.
-	Point []byte
-}
-
-type PrivateKey struct {
-	PublicKey
-	// Key the private key representation by RFC 8032,
-	// encoded as seed | pub key point.
-	Key []byte
-}
-
-// NewPublicKey creates a new empty ed25519 public key.
-func NewPublicKey() *PublicKey {
-	return &PublicKey{}
-}
-
-// NewPrivateKey creates a new empty private key referencing the public key.
-func NewPrivateKey(key PublicKey) *PrivateKey {
-	return &PrivateKey{
-		PublicKey: key,
-	}
-}
-
-// Seed returns the ed25519 private key secret seed.
-// The private key representation by RFC 8032.
-func (pk *PrivateKey) Seed() []byte {
-	return pk.Key[:SeedSize]
-}
-
-// MarshalByteSecret returns the underlying 32 byte seed of the private key.
-func (pk *PrivateKey) MarshalByteSecret() []byte {
-	return pk.Seed()
-}
-
-// UnmarshalByteSecret computes the private key from the secret seed
-// and stores it in the private key object.
-func (sk *PrivateKey) UnmarshalByteSecret(seed []byte) error {
-	sk.Key = ed25519lib.NewKeyFromSeed(seed)
-	return nil
-}
-
-// GenerateKey generates a fresh private key with the provided randomness source.
-func GenerateKey(rand io.Reader) (*PrivateKey, error) {
-	publicKey, privateKey, err := ed25519lib.GenerateKey(rand)
-	if err != nil {
-		return nil, err
-	}
-	privateKeyOut := new(PrivateKey)
-	privateKeyOut.PublicKey.Point = publicKey[:]
-	privateKeyOut.Key = privateKey[:]
-	return privateKeyOut, nil
-}
-
-// Sign signs a message with the ed25519 algorithm.
-// priv MUST be a valid key! Check this with Validate() before use.
-func Sign(priv *PrivateKey, message []byte) ([]byte, error) {
-	return ed25519lib.Sign(priv.Key, message), nil
-}
-
-// Verify verifies an ed25519 signature.
-func Verify(pub *PublicKey, message []byte, signature []byte) bool {
-	return ed25519lib.Verify(pub.Point, message, signature)
-}
-
-// Validate checks if the ed25519 private key is valid.
-func Validate(priv *PrivateKey) error {
-	expectedPrivateKey := ed25519lib.NewKeyFromSeed(priv.Seed())
-	if subtle.ConstantTimeCompare(priv.Key, expectedPrivateKey) == 0 {
-		return errors.KeyInvalidError("ed25519: invalid ed25519 secret")
-	}
-	if subtle.ConstantTimeCompare(priv.PublicKey.Point, expectedPrivateKey[SeedSize:]) == 0 {
-		return errors.KeyInvalidError("ed25519: invalid ed25519 public key")
-	}
-	return nil
-}
-
-// ENCODING/DECODING signature:
-
-// WriteSignature encodes and writes an ed25519 signature to writer.
-func WriteSignature(writer io.Writer, signature []byte) error {
-	_, err := writer.Write(signature)
-	return err
-}
-
-// ReadSignature decodes an ed25519 signature from a reader.
-func ReadSignature(reader io.Reader) ([]byte, error) {
-	signature := make([]byte, SignatureSize)
-	if _, err := io.ReadFull(reader, signature); err != nil {
-		return nil, err
-	}
-	return signature, nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/ed448/ed448.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/ed448/ed448.go
deleted file mode 100644
index b11fb4fb17..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/ed448/ed448.go
+++ /dev/null
@@ -1,119 +0,0 @@
-// Package ed448 implements the ed448 signature algorithm for OpenPGP
-// as defined in the Open PGP crypto refresh.
-package ed448
-
-import (
-	"crypto/subtle"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	ed448lib "github.com/cloudflare/circl/sign/ed448"
-)
-
-const (
-	// PublicKeySize is the size, in bytes, of public keys in this package.
-	PublicKeySize = ed448lib.PublicKeySize
-	// SeedSize is the size, in bytes, of private key seeds.
-	// The private key representation used by RFC 8032.
-	SeedSize = ed448lib.SeedSize
-	// SignatureSize is the size, in bytes, of signatures generated and verified by this package.
-	SignatureSize = ed448lib.SignatureSize
-)
-
-type PublicKey struct {
-	// Point represents the elliptic curve point of the public key.
-	Point []byte
-}
-
-type PrivateKey struct {
-	PublicKey
-	// Key the private key representation by RFC 8032,
-	// encoded as seed | public key point.
-	Key []byte
-}
-
-// NewPublicKey creates a new empty ed448 public key.
-func NewPublicKey() *PublicKey {
-	return &PublicKey{}
-}
-
-// NewPrivateKey creates a new empty private key referencing the public key.
-func NewPrivateKey(key PublicKey) *PrivateKey {
-	return &PrivateKey{
-		PublicKey: key,
-	}
-}
-
-// Seed returns the ed448 private key secret seed.
-// The private key representation by RFC 8032.
-func (pk *PrivateKey) Seed() []byte {
-	return pk.Key[:SeedSize]
-}
-
-// MarshalByteSecret returns the underlying seed of the private key.
-func (pk *PrivateKey) MarshalByteSecret() []byte {
-	return pk.Seed()
-}
-
-// UnmarshalByteSecret computes the private key from the secret seed
-// and stores it in the private key object.
-func (sk *PrivateKey) UnmarshalByteSecret(seed []byte) error {
-	sk.Key = ed448lib.NewKeyFromSeed(seed)
-	return nil
-}
-
-// GenerateKey generates a fresh private key with the provided randomness source.
-func GenerateKey(rand io.Reader) (*PrivateKey, error) {
-	publicKey, privateKey, err := ed448lib.GenerateKey(rand)
-	if err != nil {
-		return nil, err
-	}
-	privateKeyOut := new(PrivateKey)
-	privateKeyOut.PublicKey.Point = publicKey[:]
-	privateKeyOut.Key = privateKey[:]
-	return privateKeyOut, nil
-}
-
-// Sign signs a message with the ed448 algorithm.
-// priv MUST be a valid key! Check this with Validate() before use.
-func Sign(priv *PrivateKey, message []byte) ([]byte, error) {
-	// Ed448 is used with the empty string as a context string.
-	// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-08#section-13.7
-	return ed448lib.Sign(priv.Key, message, ""), nil
-}
-
-// Verify verifies a ed448 signature
-func Verify(pub *PublicKey, message []byte, signature []byte) bool {
-	// Ed448 is used with the empty string as a context string.
-	// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-08#section-13.7
-	return ed448lib.Verify(pub.Point, message, signature, "")
-}
-
-// Validate checks if the ed448 private key is valid
-func Validate(priv *PrivateKey) error {
-	expectedPrivateKey := ed448lib.NewKeyFromSeed(priv.Seed())
-	if subtle.ConstantTimeCompare(priv.Key, expectedPrivateKey) == 0 {
-		return errors.KeyInvalidError("ed448: invalid ed448 secret")
-	}
-	if subtle.ConstantTimeCompare(priv.PublicKey.Point, expectedPrivateKey[SeedSize:]) == 0 {
-		return errors.KeyInvalidError("ed448: invalid ed448 public key")
-	}
-	return nil
-}
-
-// ENCODING/DECODING signature:
-
-// WriteSignature encodes and writes an ed448 signature to writer.
-func WriteSignature(writer io.Writer, signature []byte) error {
-	_, err := writer.Write(signature)
-	return err
-}
-
-// ReadSignature decodes an ed448 signature from a reader.
-func ReadSignature(reader io.Reader) ([]byte, error) {
-	signature := make([]byte, SignatureSize)
-	if _, err := io.ReadFull(reader, signature); err != nil {
-		return nil, err
-	}
-	return signature, nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/eddsa/eddsa.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/eddsa/eddsa.go
deleted file mode 100644
index 99ecfc7f12..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/eddsa/eddsa.go
+++ /dev/null
@@ -1,91 +0,0 @@
-// Package eddsa implements EdDSA signature, suitable for OpenPGP, as specified in
-// https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-13.7
-package eddsa
-
-import (
-	"errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/ecc"
-	"io"
-)
-
-type PublicKey struct {
-	X     []byte
-	curve ecc.EdDSACurve
-}
-
-type PrivateKey struct {
-	PublicKey
-	D []byte
-}
-
-func NewPublicKey(curve ecc.EdDSACurve) *PublicKey {
-	return &PublicKey{
-		curve: curve,
-	}
-}
-
-func NewPrivateKey(key PublicKey) *PrivateKey {
-	return &PrivateKey{
-		PublicKey: key,
-	}
-}
-
-func (pk *PublicKey) GetCurve() ecc.EdDSACurve {
-	return pk.curve
-}
-
-func (pk *PublicKey) MarshalPoint() []byte {
-	return pk.curve.MarshalBytePoint(pk.X)
-}
-
-func (pk *PublicKey) UnmarshalPoint(x []byte) error {
-	pk.X = pk.curve.UnmarshalBytePoint(x)
-
-	if pk.X == nil {
-		return errors.New("eddsa: failed to parse EC point")
-	}
-	return nil
-}
-
-func (sk *PrivateKey) MarshalByteSecret() []byte {
-	return sk.curve.MarshalByteSecret(sk.D)
-}
-
-func (sk *PrivateKey) UnmarshalByteSecret(d []byte) error {
-	sk.D = sk.curve.UnmarshalByteSecret(d)
-
-	if sk.D == nil {
-		return errors.New("eddsa: failed to parse scalar")
-	}
-	return nil
-}
-
-func GenerateKey(rand io.Reader, c ecc.EdDSACurve) (priv *PrivateKey, err error) {
-	priv = new(PrivateKey)
-	priv.PublicKey.curve = c
-	priv.PublicKey.X, priv.D, err = c.GenerateEdDSA(rand)
-	return
-}
-
-func Sign(priv *PrivateKey, message []byte) (r, s []byte, err error) {
-	sig, err := priv.PublicKey.curve.Sign(priv.PublicKey.X, priv.D, message)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	r, s = priv.PublicKey.curve.MarshalSignature(sig)
-	return
-}
-
-func Verify(pub *PublicKey, message, r, s []byte) bool {
-	sig := pub.curve.UnmarshalSignature(r, s)
-	if sig == nil {
-		return false
-	}
-
-	return pub.curve.Verify(pub.X, message, sig)
-}
-
-func Validate(priv *PrivateKey) error {
-	return priv.curve.ValidateEdDSA(priv.PublicKey.X, priv.D)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/elgamal/elgamal.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/elgamal/elgamal.go
deleted file mode 100644
index bad2774344..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/elgamal/elgamal.go
+++ /dev/null
@@ -1,124 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package elgamal implements ElGamal encryption, suitable for OpenPGP,
-// as specified in "A Public-Key Cryptosystem and a Signature Scheme Based on
-// Discrete Logarithms," IEEE Transactions on Information Theory, v. IT-31,
-// n. 4, 1985, pp. 469-472.
-//
-// This form of ElGamal embeds PKCS#1 v1.5 padding, which may make it
-// unsuitable for other protocols. RSA should be used in preference in any
-// case.
-package elgamal // import "github.com/ProtonMail/go-crypto/openpgp/elgamal"
-
-import (
-	"crypto/rand"
-	"crypto/subtle"
-	"errors"
-	"io"
-	"math/big"
-)
-
-// PublicKey represents an ElGamal public key.
-type PublicKey struct {
-	G, P, Y *big.Int
-}
-
-// PrivateKey represents an ElGamal private key.
-type PrivateKey struct {
-	PublicKey
-	X *big.Int
-}
-
-// Encrypt encrypts the given message to the given public key. The result is a
-// pair of integers. Errors can result from reading random, or because msg is
-// too large to be encrypted to the public key.
-func Encrypt(random io.Reader, pub *PublicKey, msg []byte) (c1, c2 *big.Int, err error) {
-	pLen := (pub.P.BitLen() + 7) / 8
-	if len(msg) > pLen-11 {
-		err = errors.New("elgamal: message too long")
-		return
-	}
-
-	// EM = 0x02 || PS || 0x00 || M
-	em := make([]byte, pLen-1)
-	em[0] = 2
-	ps, mm := em[1:len(em)-len(msg)-1], em[len(em)-len(msg):]
-	err = nonZeroRandomBytes(ps, random)
-	if err != nil {
-		return
-	}
-	em[len(em)-len(msg)-1] = 0
-	copy(mm, msg)
-
-	m := new(big.Int).SetBytes(em)
-
-	k, err := rand.Int(random, pub.P)
-	if err != nil {
-		return
-	}
-
-	c1 = new(big.Int).Exp(pub.G, k, pub.P)
-	s := new(big.Int).Exp(pub.Y, k, pub.P)
-	c2 = s.Mul(s, m)
-	c2.Mod(c2, pub.P)
-
-	return
-}
-
-// Decrypt takes two integers, resulting from an ElGamal encryption, and
-// returns the plaintext of the message. An error can result only if the
-// ciphertext is invalid. Users should keep in mind that this is a padding
-// oracle and thus, if exposed to an adaptive chosen ciphertext attack, can
-// be used to break the cryptosystem.  See “Chosen Ciphertext Attacks
-// Against Protocols Based on the RSA Encryption Standard PKCS #1”, Daniel
-// Bleichenbacher, Advances in Cryptology (Crypto '98),
-func Decrypt(priv *PrivateKey, c1, c2 *big.Int) (msg []byte, err error) {
-	s := new(big.Int).Exp(c1, priv.X, priv.P)
-	if s.ModInverse(s, priv.P) == nil {
-		return nil, errors.New("elgamal: invalid private key")
-	}
-	s.Mul(s, c2)
-	s.Mod(s, priv.P)
-	em := s.Bytes()
-
-	firstByteIsTwo := subtle.ConstantTimeByteEq(em[0], 2)
-
-	// The remainder of the plaintext must be a string of non-zero random
-	// octets, followed by a 0, followed by the message.
-	//   lookingForIndex: 1 iff we are still looking for the zero.
-	//   index: the offset of the first zero byte.
-	var lookingForIndex, index int
-	lookingForIndex = 1
-
-	for i := 1; i < len(em); i++ {
-		equals0 := subtle.ConstantTimeByteEq(em[i], 0)
-		index = subtle.ConstantTimeSelect(lookingForIndex&equals0, i, index)
-		lookingForIndex = subtle.ConstantTimeSelect(equals0, 0, lookingForIndex)
-	}
-
-	if firstByteIsTwo != 1 || lookingForIndex != 0 || index < 9 {
-		return nil, errors.New("elgamal: decryption error")
-	}
-	return em[index+1:], nil
-}
-
-// nonZeroRandomBytes fills the given slice with non-zero random octets.
-func nonZeroRandomBytes(s []byte, rand io.Reader) (err error) {
-	_, err = io.ReadFull(rand, s)
-	if err != nil {
-		return
-	}
-
-	for i := 0; i < len(s); i++ {
-		for s[i] == 0 {
-			_, err = io.ReadFull(rand, s[i:i+1])
-			if err != nil {
-				return
-			}
-		}
-	}
-
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/errors/errors.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/errors/errors.go
deleted file mode 100644
index 0eb3937b39..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/errors/errors.go
+++ /dev/null
@@ -1,180 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package errors contains common error types for the OpenPGP packages.
-package errors // import "github.com/ProtonMail/go-crypto/openpgp/errors"
-
-import (
-	"strconv"
-)
-
-var (
-	// ErrDecryptSessionKeyParsing is a generic error message for parsing errors in decrypted data
-	// to reduce the risk of oracle attacks.
-	ErrDecryptSessionKeyParsing = DecryptWithSessionKeyError("parsing error")
-	// ErrAEADTagVerification is returned if one of the tag verifications in SEIPDv2 fails
-	ErrAEADTagVerification error = DecryptWithSessionKeyError("AEAD tag verification failed")
-	// ErrMDCHashMismatch
-	ErrMDCHashMismatch error = SignatureError("MDC hash mismatch")
-	// ErrMDCMissing
-	ErrMDCMissing error = SignatureError("MDC packet not found")
-)
-
-// A StructuralError is returned when OpenPGP data is found to be syntactically
-// invalid.
-type StructuralError string
-
-func (s StructuralError) Error() string {
-	return "openpgp: invalid data: " + string(s)
-}
-
-// A DecryptWithSessionKeyError is returned when a failure occurs when reading from symmetrically decrypted data or
-// an authentication tag verification fails.
-// Such an error indicates that the supplied session key is likely wrong or the data got corrupted.
-type DecryptWithSessionKeyError string
-
-func (s DecryptWithSessionKeyError) Error() string {
-	return "openpgp: decryption with session key failed: " + string(s)
-}
-
-// HandleSensitiveParsingError handles parsing errors when reading data from potentially decrypted data.
-// The function makes parsing errors generic to reduce the risk of oracle attacks in SEIPDv1.
-func HandleSensitiveParsingError(err error, decrypted bool) error {
-	if !decrypted {
-		// Data was not encrypted so we return the inner error.
-		return err
-	}
-	// The data is read from a stream that decrypts using a session key;
-	// therefore, we need to handle parsing errors appropriately.
-	// This is essential to mitigate the risk of oracle attacks.
-	if decError, ok := err.(*DecryptWithSessionKeyError); ok {
-		return decError
-	}
-	if decError, ok := err.(DecryptWithSessionKeyError); ok {
-		return decError
-	}
-	return ErrDecryptSessionKeyParsing
-}
-
-// UnsupportedError indicates that, although the OpenPGP data is valid, it
-// makes use of currently unimplemented features.
-type UnsupportedError string
-
-func (s UnsupportedError) Error() string {
-	return "openpgp: unsupported feature: " + string(s)
-}
-
-// InvalidArgumentError indicates that the caller is in error and passed an
-// incorrect value.
-type InvalidArgumentError string
-
-func (i InvalidArgumentError) Error() string {
-	return "openpgp: invalid argument: " + string(i)
-}
-
-// SignatureError indicates that a syntactically valid signature failed to
-// validate.
-type SignatureError string
-
-func (b SignatureError) Error() string {
-	return "openpgp: invalid signature: " + string(b)
-}
-
-type signatureExpiredError int
-
-func (se signatureExpiredError) Error() string {
-	return "openpgp: signature expired"
-}
-
-var ErrSignatureExpired error = signatureExpiredError(0)
-
-type keyExpiredError int
-
-func (ke keyExpiredError) Error() string {
-	return "openpgp: key expired"
-}
-
-var ErrSignatureOlderThanKey error = signatureOlderThanKeyError(0)
-
-type signatureOlderThanKeyError int
-
-func (ske signatureOlderThanKeyError) Error() string {
-	return "openpgp: signature is older than the key"
-}
-
-var ErrKeyExpired error = keyExpiredError(0)
-
-type keyIncorrectError int
-
-func (ki keyIncorrectError) Error() string {
-	return "openpgp: incorrect key"
-}
-
-var ErrKeyIncorrect error = keyIncorrectError(0)
-
-// KeyInvalidError indicates that the public key parameters are invalid
-// as they do not match the private ones
-type KeyInvalidError string
-
-func (e KeyInvalidError) Error() string {
-	return "openpgp: invalid key: " + string(e)
-}
-
-type unknownIssuerError int
-
-func (unknownIssuerError) Error() string {
-	return "openpgp: signature made by unknown entity"
-}
-
-var ErrUnknownIssuer error = unknownIssuerError(0)
-
-type keyRevokedError int
-
-func (keyRevokedError) Error() string {
-	return "openpgp: signature made by revoked key"
-}
-
-var ErrKeyRevoked error = keyRevokedError(0)
-
-type WeakAlgorithmError string
-
-func (e WeakAlgorithmError) Error() string {
-	return "openpgp: weak algorithms are rejected: " + string(e)
-}
-
-type UnknownPacketTypeError uint8
-
-func (upte UnknownPacketTypeError) Error() string {
-	return "openpgp: unknown packet type: " + strconv.Itoa(int(upte))
-}
-
-type CriticalUnknownPacketTypeError uint8
-
-func (upte CriticalUnknownPacketTypeError) Error() string {
-	return "openpgp: unknown critical packet type: " + strconv.Itoa(int(upte))
-}
-
-// AEADError indicates that there is a problem when initializing or using a
-// AEAD instance, configuration struct, nonces or index values.
-type AEADError string
-
-func (ae AEADError) Error() string {
-	return "openpgp: aead error: " + string(ae)
-}
-
-// ErrDummyPrivateKey results when operations are attempted on a private key
-// that is just a dummy key. See
-// https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=doc/DETAILS;h=fe55ae16ab4e26d8356dc574c9e8bc935e71aef1;hb=23191d7851eae2217ecdac6484349849a24fd94a#l1109
-type ErrDummyPrivateKey string
-
-func (dke ErrDummyPrivateKey) Error() string {
-	return "openpgp: s2k GNU dummy key: " + string(dke)
-}
-
-// ErrMalformedMessage results when the packet sequence is incorrect
-type ErrMalformedMessage string
-
-func (dke ErrMalformedMessage) Error() string {
-	return "openpgp: malformed message " + string(dke)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/hash.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/hash.go
deleted file mode 100644
index 526bd7777f..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/hash.go
+++ /dev/null
@@ -1,24 +0,0 @@
-package openpgp
-
-import (
-	"crypto"
-
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-)
-
-// HashIdToHash returns a crypto.Hash which corresponds to the given OpenPGP
-// hash id.
-func HashIdToHash(id byte) (h crypto.Hash, ok bool) {
-	return algorithm.HashIdToHash(id)
-}
-
-// HashIdToString returns the name of the hash function corresponding to the
-// given OpenPGP hash id.
-func HashIdToString(id byte) (name string, ok bool) {
-	return algorithm.HashIdToString(id)
-}
-
-// HashToHashId returns an OpenPGP hash id which corresponds the given Hash.
-func HashToHashId(h crypto.Hash) (id byte, ok bool) {
-	return algorithm.HashToHashId(h)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/aead.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/aead.go
deleted file mode 100644
index d067065186..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/aead.go
+++ /dev/null
@@ -1,65 +0,0 @@
-// Copyright (C) 2019 ProtonTech AG
-
-package algorithm
-
-import (
-	"crypto/cipher"
-	"github.com/ProtonMail/go-crypto/eax"
-	"github.com/ProtonMail/go-crypto/ocb"
-)
-
-// AEADMode defines the Authenticated Encryption with Associated Data mode of
-// operation.
-type AEADMode uint8
-
-// Supported modes of operation (see RFC4880bis [EAX] and RFC7253)
-const (
-	AEADModeEAX = AEADMode(1)
-	AEADModeOCB = AEADMode(2)
-	AEADModeGCM = AEADMode(3)
-)
-
-// TagLength returns the length in bytes of authentication tags.
-func (mode AEADMode) TagLength() int {
-	switch mode {
-	case AEADModeEAX:
-		return 16
-	case AEADModeOCB:
-		return 16
-	case AEADModeGCM:
-		return 16
-	default:
-		return 0
-	}
-}
-
-// NonceLength returns the length in bytes of nonces.
-func (mode AEADMode) NonceLength() int {
-	switch mode {
-	case AEADModeEAX:
-		return 16
-	case AEADModeOCB:
-		return 15
-	case AEADModeGCM:
-		return 12
-	default:
-		return 0
-	}
-}
-
-// New returns a fresh instance of the given mode
-func (mode AEADMode) New(block cipher.Block) (alg cipher.AEAD) {
-	var err error
-	switch mode {
-	case AEADModeEAX:
-		alg, err = eax.NewEAX(block)
-	case AEADModeOCB:
-		alg, err = ocb.NewOCB(block)
-	case AEADModeGCM:
-		alg, err = cipher.NewGCM(block)
-	}
-	if err != nil {
-		panic(err.Error())
-	}
-	return alg
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/cipher.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/cipher.go
deleted file mode 100644
index c76a75bcda..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/cipher.go
+++ /dev/null
@@ -1,97 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package algorithm
-
-import (
-	"crypto/aes"
-	"crypto/cipher"
-	"crypto/des"
-
-	"golang.org/x/crypto/cast5"
-)
-
-// Cipher is an official symmetric key cipher algorithm. See RFC 4880,
-// section 9.2.
-type Cipher interface {
-	// Id returns the algorithm ID, as a byte, of the cipher.
-	Id() uint8
-	// KeySize returns the key size, in bytes, of the cipher.
-	KeySize() int
-	// BlockSize returns the block size, in bytes, of the cipher.
-	BlockSize() int
-	// New returns a fresh instance of the given cipher.
-	New(key []byte) cipher.Block
-}
-
-// The following constants mirror the OpenPGP standard (RFC 4880).
-const (
-	TripleDES = CipherFunction(2)
-	CAST5     = CipherFunction(3)
-	AES128    = CipherFunction(7)
-	AES192    = CipherFunction(8)
-	AES256    = CipherFunction(9)
-)
-
-// CipherById represents the different block ciphers specified for OpenPGP. See
-// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-13
-var CipherById = map[uint8]Cipher{
-	TripleDES.Id(): TripleDES,
-	CAST5.Id():     CAST5,
-	AES128.Id():    AES128,
-	AES192.Id():    AES192,
-	AES256.Id():    AES256,
-}
-
-type CipherFunction uint8
-
-// ID returns the algorithm Id, as a byte, of cipher.
-func (sk CipherFunction) Id() uint8 {
-	return uint8(sk)
-}
-
-// KeySize returns the key size, in bytes, of cipher.
-func (cipher CipherFunction) KeySize() int {
-	switch cipher {
-	case CAST5:
-		return cast5.KeySize
-	case AES128:
-		return 16
-	case AES192, TripleDES:
-		return 24
-	case AES256:
-		return 32
-	}
-	return 0
-}
-
-// BlockSize returns the block size, in bytes, of cipher.
-func (cipher CipherFunction) BlockSize() int {
-	switch cipher {
-	case TripleDES:
-		return des.BlockSize
-	case CAST5:
-		return 8
-	case AES128, AES192, AES256:
-		return 16
-	}
-	return 0
-}
-
-// New returns a fresh instance of the given cipher.
-func (cipher CipherFunction) New(key []byte) (block cipher.Block) {
-	var err error
-	switch cipher {
-	case TripleDES:
-		block, err = des.NewTripleDESCipher(key)
-	case CAST5:
-		block, err = cast5.NewCipher(key)
-	case AES128, AES192, AES256:
-		block, err = aes.NewCipher(key)
-	}
-	if err != nil {
-		panic(err.Error())
-	}
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/hash.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/hash.go
deleted file mode 100644
index d1a00fc749..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/hash.go
+++ /dev/null
@@ -1,143 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package algorithm
-
-import (
-	"crypto"
-	"fmt"
-	"hash"
-)
-
-// Hash is an official hash function algorithm. See RFC 4880, section 9.4.
-type Hash interface {
-	// Id returns the algorithm ID, as a byte, of Hash.
-	Id() uint8
-	// Available reports whether the given hash function is linked into the binary.
-	Available() bool
-	// HashFunc simply returns the value of h so that Hash implements SignerOpts.
-	HashFunc() crypto.Hash
-	// New returns a new hash.Hash calculating the given hash function. New
-	// panics if the hash function is not linked into the binary.
-	New() hash.Hash
-	// Size returns the length, in bytes, of a digest resulting from the given
-	// hash function. It doesn't require that the hash function in question be
-	// linked into the program.
-	Size() int
-	// String is the name of the hash function corresponding to the given
-	// OpenPGP hash id.
-	String() string
-}
-
-// The following vars mirror the crypto/Hash supported hash functions.
-var (
-	SHA1     Hash = cryptoHash{2, crypto.SHA1}
-	SHA256   Hash = cryptoHash{8, crypto.SHA256}
-	SHA384   Hash = cryptoHash{9, crypto.SHA384}
-	SHA512   Hash = cryptoHash{10, crypto.SHA512}
-	SHA224   Hash = cryptoHash{11, crypto.SHA224}
-	SHA3_256 Hash = cryptoHash{12, crypto.SHA3_256}
-	SHA3_512 Hash = cryptoHash{14, crypto.SHA3_512}
-)
-
-// HashById represents the different hash functions specified for OpenPGP. See
-// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-14
-var (
-	HashById = map[uint8]Hash{
-		SHA256.Id():   SHA256,
-		SHA384.Id():   SHA384,
-		SHA512.Id():   SHA512,
-		SHA224.Id():   SHA224,
-		SHA3_256.Id(): SHA3_256,
-		SHA3_512.Id(): SHA3_512,
-	}
-)
-
-// cryptoHash contains pairs relating OpenPGP's hash identifier with
-// Go's crypto.Hash type. See RFC 4880, section 9.4.
-type cryptoHash struct {
-	id uint8
-	crypto.Hash
-}
-
-// Id returns the algorithm ID, as a byte, of cryptoHash.
-func (h cryptoHash) Id() uint8 {
-	return h.id
-}
-
-var hashNames = map[uint8]string{
-	SHA256.Id():   "SHA256",
-	SHA384.Id():   "SHA384",
-	SHA512.Id():   "SHA512",
-	SHA224.Id():   "SHA224",
-	SHA3_256.Id(): "SHA3-256",
-	SHA3_512.Id(): "SHA3-512",
-}
-
-func (h cryptoHash) String() string {
-	s, ok := hashNames[h.id]
-	if !ok {
-		panic(fmt.Sprintf("Unsupported hash function %d", h.id))
-	}
-	return s
-}
-
-// HashIdToHash returns a crypto.Hash which corresponds to the given OpenPGP
-// hash id.
-func HashIdToHash(id byte) (h crypto.Hash, ok bool) {
-	if hash, ok := HashById[id]; ok {
-		return hash.HashFunc(), true
-	}
-	return 0, false
-}
-
-// HashIdToHashWithSha1 returns a crypto.Hash which corresponds to the given OpenPGP
-// hash id, allowing sha1.
-func HashIdToHashWithSha1(id byte) (h crypto.Hash, ok bool) {
-	if hash, ok := HashById[id]; ok {
-		return hash.HashFunc(), true
-	}
-
-	if id == SHA1.Id() {
-		return SHA1.HashFunc(), true
-	}
-
-	return 0, false
-}
-
-// HashIdToString returns the name of the hash function corresponding to the
-// given OpenPGP hash id.
-func HashIdToString(id byte) (name string, ok bool) {
-	if hash, ok := HashById[id]; ok {
-		return hash.String(), true
-	}
-	return "", false
-}
-
-// HashToHashId returns an OpenPGP hash id which corresponds the given Hash.
-func HashToHashId(h crypto.Hash) (id byte, ok bool) {
-	for id, hash := range HashById {
-		if hash.HashFunc() == h {
-			return id, true
-		}
-	}
-
-	return 0, false
-}
-
-// HashToHashIdWithSha1 returns an OpenPGP hash id which corresponds the given Hash,
-// allowing instances of SHA1
-func HashToHashIdWithSha1(h crypto.Hash) (id byte, ok bool) {
-	for id, hash := range HashById {
-		if hash.HashFunc() == h {
-			return id, true
-		}
-	}
-
-	if h == SHA1.HashFunc() {
-		return SHA1.Id(), true
-	}
-
-	return 0, false
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519.go
deleted file mode 100644
index 888767c4e4..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve25519.go
+++ /dev/null
@@ -1,171 +0,0 @@
-// Package ecc implements a generic interface for ECDH, ECDSA, and EdDSA.
-package ecc
-
-import (
-	"crypto/subtle"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	x25519lib "github.com/cloudflare/circl/dh/x25519"
-)
-
-type curve25519 struct{}
-
-func NewCurve25519() *curve25519 {
-	return &curve25519{}
-}
-
-func (c *curve25519) GetCurveName() string {
-	return "curve25519"
-}
-
-// MarshalBytePoint encodes the public point from native format, adding the prefix.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.6
-func (c *curve25519) MarshalBytePoint(point []byte) []byte {
-	return append([]byte{0x40}, point...)
-}
-
-// UnmarshalBytePoint decodes the public point to native format, removing the prefix.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.6
-func (c *curve25519) UnmarshalBytePoint(point []byte) []byte {
-	if len(point) != x25519lib.Size+1 {
-		return nil
-	}
-
-	// Remove prefix
-	return point[1:]
-}
-
-// MarshalByteSecret encodes the secret scalar from native format.
-// Note that the EC secret scalar differs from the definition of public keys in
-// [Curve25519] in two ways: (1) the byte-ordering is big-endian, which is
-// more uniform with how big integers are represented in OpenPGP, and (2) the
-// leading zeros are truncated.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.6.1.1
-// Note that leading zero bytes are stripped later when encoding as an MPI.
-func (c *curve25519) MarshalByteSecret(secret []byte) []byte {
-	d := make([]byte, x25519lib.Size)
-	copyReversed(d, secret)
-
-	// The following ensures that the private key is a number of the form
-	// 2^{254} + 8 * [0, 2^{251}), in order to avoid the small subgroup of
-	// the curve.
-	//
-	// This masking is done internally in the underlying lib and so is unnecessary
-	// for security, but OpenPGP implementations require that private keys be
-	// pre-masked.
-	d[0] &= 127
-	d[0] |= 64
-	d[31] &= 248
-
-	return d
-}
-
-// UnmarshalByteSecret decodes the secret scalar from native format.
-// Note that the EC secret scalar differs from the definition of public keys in
-// [Curve25519] in two ways: (1) the byte-ordering is big-endian, which is
-// more uniform with how big integers are represented in OpenPGP, and (2) the
-// leading zeros are truncated.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.6.1.1
-func (c *curve25519) UnmarshalByteSecret(d []byte) []byte {
-	if len(d) > x25519lib.Size {
-		return nil
-	}
-
-	// Ensure truncated leading bytes are re-added
-	secret := make([]byte, x25519lib.Size)
-	copyReversed(secret, d)
-
-	return secret
-}
-
-// generateKeyPairBytes Generates a private-public key-pair.
-// 'priv' is a private key; a little-endian scalar belonging to the set
-// 2^{254} + 8 * [0, 2^{251}), in order to avoid the small subgroup of the
-// curve. 'pub' is simply 'priv' * G where G is the base point.
-// See https://cr.yp.to/ecdh.html and RFC7748, sec 5.
-func (c *curve25519) generateKeyPairBytes(rand io.Reader) (priv, pub x25519lib.Key, err error) {
-	_, err = io.ReadFull(rand, priv[:])
-	if err != nil {
-		return
-	}
-
-	x25519lib.KeyGen(&pub, &priv)
-	return
-}
-
-func (c *curve25519) GenerateECDH(rand io.Reader) (point []byte, secret []byte, err error) {
-	priv, pub, err := c.generateKeyPairBytes(rand)
-	if err != nil {
-		return
-	}
-
-	return pub[:], priv[:], nil
-}
-
-func (c *genericCurve) MaskSecret(secret []byte) []byte {
-	return secret
-}
-
-func (c *curve25519) Encaps(rand io.Reader, point []byte) (ephemeral, sharedSecret []byte, err error) {
-	// RFC6637 §8: "Generate an ephemeral key pair {v, V=vG}"
-	// ephemeralPrivate corresponds to `v`.
-	// ephemeralPublic corresponds to `V`.
-	ephemeralPrivate, ephemeralPublic, err := c.generateKeyPairBytes(rand)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// RFC6637 §8: "Obtain the authenticated recipient public key R"
-	// pubKey corresponds to `R`.
-	var pubKey x25519lib.Key
-	copy(pubKey[:], point)
-
-	// RFC6637 §8: "Compute the shared point S = vR"
-	//	"VB = convert point V to the octet string"
-	// sharedPoint corresponds to `VB`.
-	var sharedPoint x25519lib.Key
-	x25519lib.Shared(&sharedPoint, &ephemeralPrivate, &pubKey)
-
-	return ephemeralPublic[:], sharedPoint[:], nil
-}
-
-func (c *curve25519) Decaps(vsG, secret []byte) (sharedSecret []byte, err error) {
-	var ephemeralPublic, decodedPrivate, sharedPoint x25519lib.Key
-	// RFC6637 §8: "The decryption is the inverse of the method given."
-	// All quoted descriptions in comments below describe encryption, and
-	// the reverse is performed.
-	// vsG corresponds to `VB` in RFC6637 §8 .
-
-	// RFC6637 §8: "VB = convert point V to the octet string"
-	copy(ephemeralPublic[:], vsG)
-
-	// decodedPrivate corresponds to `r` in RFC6637 §8 .
-	copy(decodedPrivate[:], secret)
-
-	// RFC6637 §8: "Note that the recipient obtains the shared secret by calculating
-	//   S = rV = rvG, where (r,R) is the recipient's key pair."
-	// sharedPoint corresponds to `S`.
-	x25519lib.Shared(&sharedPoint, &decodedPrivate, &ephemeralPublic)
-
-	return sharedPoint[:], nil
-}
-
-func (c *curve25519) ValidateECDH(point []byte, secret []byte) (err error) {
-	var pk, sk x25519lib.Key
-	copy(sk[:], secret)
-	x25519lib.KeyGen(&pk, &sk)
-
-	if subtle.ConstantTimeCompare(point, pk[:]) == 0 {
-		return errors.KeyInvalidError("ecc: invalid curve25519 public point")
-	}
-
-	return nil
-}
-
-func copyReversed(out []byte, in []byte) {
-	l := len(in)
-	for i := 0; i < l; i++ {
-		out[i] = in[l-i-1]
-	}
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve_info.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve_info.go
deleted file mode 100644
index 0da2d0d852..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curve_info.go
+++ /dev/null
@@ -1,143 +0,0 @@
-// Package ecc implements a generic interface for ECDH, ECDSA, and EdDSA.
-package ecc
-
-import (
-	"bytes"
-	"crypto/elliptic"
-
-	"github.com/ProtonMail/go-crypto/bitcurves"
-	"github.com/ProtonMail/go-crypto/brainpool"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
-)
-
-const Curve25519GenName = "Curve25519"
-
-type CurveInfo struct {
-	GenName string
-	Oid     *encoding.OID
-	Curve   Curve
-}
-
-var Curves = []CurveInfo{
-	{
-		// NIST P-256
-		GenName: "P256",
-		Oid:     encoding.NewOID([]byte{0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07}),
-		Curve:   NewGenericCurve(elliptic.P256()),
-	},
-	{
-		// NIST P-384
-		GenName: "P384",
-		Oid:     encoding.NewOID([]byte{0x2B, 0x81, 0x04, 0x00, 0x22}),
-		Curve:   NewGenericCurve(elliptic.P384()),
-	},
-	{
-		// NIST P-521
-		GenName: "P521",
-		Oid:     encoding.NewOID([]byte{0x2B, 0x81, 0x04, 0x00, 0x23}),
-		Curve:   NewGenericCurve(elliptic.P521()),
-	},
-	{
-		// SecP256k1
-		GenName: "SecP256k1",
-		Oid:     encoding.NewOID([]byte{0x2B, 0x81, 0x04, 0x00, 0x0A}),
-		Curve:   NewGenericCurve(bitcurves.S256()),
-	},
-	{
-		// Curve25519
-		GenName: Curve25519GenName,
-		Oid:     encoding.NewOID([]byte{0x2B, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01}),
-		Curve:   NewCurve25519(),
-	},
-	{
-		// x448
-		GenName: "Curve448",
-		Oid:     encoding.NewOID([]byte{0x2B, 0x65, 0x6F}),
-		Curve:   NewX448(),
-	},
-	{
-		// Ed25519
-		GenName: Curve25519GenName,
-		Oid:     encoding.NewOID([]byte{0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01}),
-		Curve:   NewEd25519(),
-	},
-	{
-		// Ed448
-		GenName: "Curve448",
-		Oid:     encoding.NewOID([]byte{0x2B, 0x65, 0x71}),
-		Curve:   NewEd448(),
-	},
-	{
-		// BrainpoolP256r1
-		GenName: "BrainpoolP256",
-		Oid:     encoding.NewOID([]byte{0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07}),
-		Curve:   NewGenericCurve(brainpool.P256r1()),
-	},
-	{
-		// BrainpoolP384r1
-		GenName: "BrainpoolP384",
-		Oid:     encoding.NewOID([]byte{0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0B}),
-		Curve:   NewGenericCurve(brainpool.P384r1()),
-	},
-	{
-		// BrainpoolP512r1
-		GenName: "BrainpoolP512",
-		Oid:     encoding.NewOID([]byte{0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0D}),
-		Curve:   NewGenericCurve(brainpool.P512r1()),
-	},
-}
-
-func FindByCurve(curve Curve) *CurveInfo {
-	for _, curveInfo := range Curves {
-		if curveInfo.Curve.GetCurveName() == curve.GetCurveName() {
-			return &curveInfo
-		}
-	}
-	return nil
-}
-
-func FindByOid(oid encoding.Field) *CurveInfo {
-	var rawBytes = oid.Bytes()
-	for _, curveInfo := range Curves {
-		if bytes.Equal(curveInfo.Oid.Bytes(), rawBytes) {
-			return &curveInfo
-		}
-	}
-	return nil
-}
-
-func FindEdDSAByGenName(curveGenName string) EdDSACurve {
-	for _, curveInfo := range Curves {
-		if curveInfo.GenName == curveGenName {
-			curve, ok := curveInfo.Curve.(EdDSACurve)
-			if ok {
-				return curve
-			}
-		}
-	}
-	return nil
-}
-
-func FindECDSAByGenName(curveGenName string) ECDSACurve {
-	for _, curveInfo := range Curves {
-		if curveInfo.GenName == curveGenName {
-			curve, ok := curveInfo.Curve.(ECDSACurve)
-			if ok {
-				return curve
-			}
-		}
-	}
-	return nil
-}
-
-func FindECDHByGenName(curveGenName string) ECDHCurve {
-	for _, curveInfo := range Curves {
-		if curveInfo.GenName == curveGenName {
-			curve, ok := curveInfo.Curve.(ECDHCurve)
-			if ok {
-				return curve
-			}
-		}
-	}
-	return nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curves.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curves.go
deleted file mode 100644
index 5ed9c93b3d..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curves.go
+++ /dev/null
@@ -1,48 +0,0 @@
-// Package ecc implements a generic interface for ECDH, ECDSA, and EdDSA.
-package ecc
-
-import (
-	"io"
-	"math/big"
-)
-
-type Curve interface {
-	GetCurveName() string
-}
-
-type ECDSACurve interface {
-	Curve
-	MarshalIntegerPoint(x, y *big.Int) []byte
-	UnmarshalIntegerPoint([]byte) (x, y *big.Int)
-	MarshalIntegerSecret(d *big.Int) []byte
-	UnmarshalIntegerSecret(d []byte) *big.Int
-	GenerateECDSA(rand io.Reader) (x, y, secret *big.Int, err error)
-	Sign(rand io.Reader, x, y, d *big.Int, hash []byte) (r, s *big.Int, err error)
-	Verify(x, y *big.Int, hash []byte, r, s *big.Int) bool
-	ValidateECDSA(x, y *big.Int, secret []byte) error
-}
-
-type EdDSACurve interface {
-	Curve
-	MarshalBytePoint(x []byte) []byte
-	UnmarshalBytePoint([]byte) (x []byte)
-	MarshalByteSecret(d []byte) []byte
-	UnmarshalByteSecret(d []byte) []byte
-	MarshalSignature(sig []byte) (r, s []byte)
-	UnmarshalSignature(r, s []byte) (sig []byte)
-	GenerateEdDSA(rand io.Reader) (pub, priv []byte, err error)
-	Sign(publicKey, privateKey, message []byte) (sig []byte, err error)
-	Verify(publicKey, message, sig []byte) bool
-	ValidateEdDSA(publicKey, privateKey []byte) (err error)
-}
-type ECDHCurve interface {
-	Curve
-	MarshalBytePoint([]byte) (encoded []byte)
-	UnmarshalBytePoint(encoded []byte) []byte
-	MarshalByteSecret(d []byte) []byte
-	UnmarshalByteSecret(d []byte) []byte
-	GenerateECDH(rand io.Reader) (point []byte, secret []byte, err error)
-	Encaps(rand io.Reader, point []byte) (ephemeral, sharedSecret []byte, err error)
-	Decaps(ephemeral, secret []byte) (sharedSecret []byte, err error)
-	ValidateECDH(public []byte, secret []byte) error
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/ed25519.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/ed25519.go
deleted file mode 100644
index 5a4c3a8596..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/ed25519.go
+++ /dev/null
@@ -1,120 +0,0 @@
-// Package ecc implements a generic interface for ECDH, ECDSA, and EdDSA.
-package ecc
-
-import (
-	"bytes"
-	"crypto/subtle"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	ed25519lib "github.com/cloudflare/circl/sign/ed25519"
-)
-
-const ed25519Size = 32
-
-type ed25519 struct{}
-
-func NewEd25519() *ed25519 {
-	return &ed25519{}
-}
-
-func (c *ed25519) GetCurveName() string {
-	return "ed25519"
-}
-
-// MarshalBytePoint encodes the public point from native format, adding the prefix.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.5
-func (c *ed25519) MarshalBytePoint(x []byte) []byte {
-	return append([]byte{0x40}, x...)
-}
-
-// UnmarshalBytePoint decodes a point from prefixed format to native.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.5
-func (c *ed25519) UnmarshalBytePoint(point []byte) (x []byte) {
-	if len(point) != ed25519lib.PublicKeySize+1 {
-		return nil
-	}
-
-	// Return unprefixed
-	return point[1:]
-}
-
-// MarshalByteSecret encodes a scalar in native format.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.5
-func (c *ed25519) MarshalByteSecret(d []byte) []byte {
-	return d
-}
-
-// UnmarshalByteSecret decodes a scalar in native format and re-adds the stripped leading zeroes
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.5
-func (c *ed25519) UnmarshalByteSecret(s []byte) (d []byte) {
-	if len(s) > ed25519lib.SeedSize {
-		return nil
-	}
-
-	// Handle stripped leading zeroes
-	d = make([]byte, ed25519lib.SeedSize)
-	copy(d[ed25519lib.SeedSize-len(s):], s)
-	return
-}
-
-// MarshalSignature splits a signature in R and S.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.2.3.3.1
-func (c *ed25519) MarshalSignature(sig []byte) (r, s []byte) {
-	return sig[:ed25519Size], sig[ed25519Size:]
-}
-
-// UnmarshalSignature decodes R and S in the native format, re-adding the stripped leading zeroes
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.2.3.3.1
-func (c *ed25519) UnmarshalSignature(r, s []byte) (sig []byte) {
-	// Check size
-	if len(r) > 32 || len(s) > 32 {
-		return nil
-	}
-
-	sig = make([]byte, ed25519lib.SignatureSize)
-
-	// Handle stripped leading zeroes
-	copy(sig[ed25519Size-len(r):ed25519Size], r)
-	copy(sig[ed25519lib.SignatureSize-len(s):], s)
-	return sig
-}
-
-func (c *ed25519) GenerateEdDSA(rand io.Reader) (pub, priv []byte, err error) {
-	pk, sk, err := ed25519lib.GenerateKey(rand)
-
-	if err != nil {
-		return nil, nil, err
-	}
-
-	return pk, sk[:ed25519lib.SeedSize], nil
-}
-
-func getEd25519Sk(publicKey, privateKey []byte) ed25519lib.PrivateKey {
-	privateKeyCap, privateKeyLen, publicKeyLen := cap(privateKey), len(privateKey), len(publicKey)
-
-	if privateKeyCap >= privateKeyLen+publicKeyLen &&
-		bytes.Equal(privateKey[privateKeyLen:privateKeyLen+publicKeyLen], publicKey) {
-		return privateKey[:privateKeyLen+publicKeyLen]
-	}
-
-	return append(privateKey[:privateKeyLen:privateKeyLen], publicKey...)
-}
-
-func (c *ed25519) Sign(publicKey, privateKey, message []byte) (sig []byte, err error) {
-	sig = ed25519lib.Sign(getEd25519Sk(publicKey, privateKey), message)
-	return sig, nil
-}
-
-func (c *ed25519) Verify(publicKey, message, sig []byte) bool {
-	return ed25519lib.Verify(publicKey, message, sig)
-}
-
-func (c *ed25519) ValidateEdDSA(publicKey, privateKey []byte) (err error) {
-	priv := getEd25519Sk(publicKey, privateKey)
-	expectedPriv := ed25519lib.NewKeyFromSeed(priv.Seed())
-	if subtle.ConstantTimeCompare(priv, expectedPriv) == 0 {
-		return errors.KeyInvalidError("ecc: invalid ed25519 secret")
-	}
-	return nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/ed448.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/ed448.go
deleted file mode 100644
index b6edda7480..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/ed448.go
+++ /dev/null
@@ -1,119 +0,0 @@
-// Package ecc implements a generic interface for ECDH, ECDSA, and EdDSA.
-package ecc
-
-import (
-	"bytes"
-	"crypto/subtle"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	ed448lib "github.com/cloudflare/circl/sign/ed448"
-)
-
-type ed448 struct{}
-
-func NewEd448() *ed448 {
-	return &ed448{}
-}
-
-func (c *ed448) GetCurveName() string {
-	return "ed448"
-}
-
-// MarshalBytePoint encodes the public point from native format, adding the prefix.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.5
-func (c *ed448) MarshalBytePoint(x []byte) []byte {
-	// Return prefixed
-	return append([]byte{0x40}, x...)
-}
-
-// UnmarshalBytePoint decodes a point from prefixed format to native.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.5
-func (c *ed448) UnmarshalBytePoint(point []byte) (x []byte) {
-	if len(point) != ed448lib.PublicKeySize+1 {
-		return nil
-	}
-
-	// Strip prefix
-	return point[1:]
-}
-
-// MarshalByteSecret encoded a scalar from native format to prefixed.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.5
-func (c *ed448) MarshalByteSecret(d []byte) []byte {
-	// Return prefixed
-	return append([]byte{0x40}, d...)
-}
-
-// UnmarshalByteSecret decodes a scalar from prefixed format to native.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.5
-func (c *ed448) UnmarshalByteSecret(s []byte) (d []byte) {
-	// Check prefixed size
-	if len(s) != ed448lib.SeedSize+1 {
-		return nil
-	}
-
-	// Strip prefix
-	return s[1:]
-}
-
-// MarshalSignature splits a signature in R and S, where R is in prefixed native format and
-// S is an MPI with value zero.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.2.3.3.2
-func (c *ed448) MarshalSignature(sig []byte) (r, s []byte) {
-	return append([]byte{0x40}, sig...), []byte{}
-}
-
-// UnmarshalSignature decodes R and S in the native format. Only R is used, in prefixed native format.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.2.3.3.2
-func (c *ed448) UnmarshalSignature(r, s []byte) (sig []byte) {
-	if len(r) != ed448lib.SignatureSize+1 {
-		return nil
-	}
-
-	return r[1:]
-}
-
-func (c *ed448) GenerateEdDSA(rand io.Reader) (pub, priv []byte, err error) {
-	pk, sk, err := ed448lib.GenerateKey(rand)
-
-	if err != nil {
-		return nil, nil, err
-	}
-
-	return pk, sk[:ed448lib.SeedSize], nil
-}
-
-func getEd448Sk(publicKey, privateKey []byte) ed448lib.PrivateKey {
-	privateKeyCap, privateKeyLen, publicKeyLen := cap(privateKey), len(privateKey), len(publicKey)
-
-	if privateKeyCap >= privateKeyLen+publicKeyLen &&
-		bytes.Equal(privateKey[privateKeyLen:privateKeyLen+publicKeyLen], publicKey) {
-		return privateKey[:privateKeyLen+publicKeyLen]
-	}
-
-	return append(privateKey[:privateKeyLen:privateKeyLen], publicKey...)
-}
-
-func (c *ed448) Sign(publicKey, privateKey, message []byte) (sig []byte, err error) {
-	// Ed448 is used with the empty string as a context string.
-	// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-13.7
-	sig = ed448lib.Sign(getEd448Sk(publicKey, privateKey), message, "")
-
-	return sig, nil
-}
-
-func (c *ed448) Verify(publicKey, message, sig []byte) bool {
-	// Ed448 is used with the empty string as a context string.
-	// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-13.7
-	return ed448lib.Verify(publicKey, message, sig, "")
-}
-
-func (c *ed448) ValidateEdDSA(publicKey, privateKey []byte) (err error) {
-	priv := getEd448Sk(publicKey, privateKey)
-	expectedPriv := ed448lib.NewKeyFromSeed(priv.Seed())
-	if subtle.ConstantTimeCompare(priv, expectedPriv) == 0 {
-		return errors.KeyInvalidError("ecc: invalid ed448 secret")
-	}
-	return nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/generic.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/generic.go
deleted file mode 100644
index e28d7c7106..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/generic.go
+++ /dev/null
@@ -1,149 +0,0 @@
-// Package ecc implements a generic interface for ECDH, ECDSA, and EdDSA.
-package ecc
-
-import (
-	"crypto/ecdsa"
-	"crypto/elliptic"
-	"fmt"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"io"
-	"math/big"
-)
-
-type genericCurve struct {
-	Curve elliptic.Curve
-}
-
-func NewGenericCurve(c elliptic.Curve) *genericCurve {
-	return &genericCurve{
-		Curve: c,
-	}
-}
-
-func (c *genericCurve) GetCurveName() string {
-	return c.Curve.Params().Name
-}
-
-func (c *genericCurve) MarshalBytePoint(point []byte) []byte {
-	return point
-}
-
-func (c *genericCurve) UnmarshalBytePoint(point []byte) []byte {
-	return point
-}
-
-func (c *genericCurve) MarshalIntegerPoint(x, y *big.Int) []byte {
-	return elliptic.Marshal(c.Curve, x, y)
-}
-
-func (c *genericCurve) UnmarshalIntegerPoint(point []byte) (x, y *big.Int) {
-	return elliptic.Unmarshal(c.Curve, point)
-}
-
-func (c *genericCurve) MarshalByteSecret(d []byte) []byte {
-	return d
-}
-
-func (c *genericCurve) UnmarshalByteSecret(d []byte) []byte {
-	return d
-}
-
-func (c *genericCurve) MarshalIntegerSecret(d *big.Int) []byte {
-	return d.Bytes()
-}
-
-func (c *genericCurve) UnmarshalIntegerSecret(d []byte) *big.Int {
-	return new(big.Int).SetBytes(d)
-}
-
-func (c *genericCurve) GenerateECDH(rand io.Reader) (point, secret []byte, err error) {
-	secret, x, y, err := elliptic.GenerateKey(c.Curve, rand)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	point = elliptic.Marshal(c.Curve, x, y)
-	return point, secret, nil
-}
-
-func (c *genericCurve) GenerateECDSA(rand io.Reader) (x, y, secret *big.Int, err error) {
-	priv, err := ecdsa.GenerateKey(c.Curve, rand)
-	if err != nil {
-		return
-	}
-
-	return priv.X, priv.Y, priv.D, nil
-}
-
-func (c *genericCurve) Encaps(rand io.Reader, point []byte) (ephemeral, sharedSecret []byte, err error) {
-	xP, yP := elliptic.Unmarshal(c.Curve, point)
-	if xP == nil {
-		panic("invalid point")
-	}
-
-	d, x, y, err := elliptic.GenerateKey(c.Curve, rand)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	vsG := elliptic.Marshal(c.Curve, x, y)
-	zbBig, _ := c.Curve.ScalarMult(xP, yP, d)
-
-	byteLen := (c.Curve.Params().BitSize + 7) >> 3
-	zb := make([]byte, byteLen)
-	zbBytes := zbBig.Bytes()
-	copy(zb[byteLen-len(zbBytes):], zbBytes)
-
-	return vsG, zb, nil
-}
-
-func (c *genericCurve) Decaps(ephemeral, secret []byte) (sharedSecret []byte, err error) {
-	x, y := elliptic.Unmarshal(c.Curve, ephemeral)
-	zbBig, _ := c.Curve.ScalarMult(x, y, secret)
-	byteLen := (c.Curve.Params().BitSize + 7) >> 3
-	zb := make([]byte, byteLen)
-	zbBytes := zbBig.Bytes()
-	copy(zb[byteLen-len(zbBytes):], zbBytes)
-
-	return zb, nil
-}
-
-func (c *genericCurve) Sign(rand io.Reader, x, y, d *big.Int, hash []byte) (r, s *big.Int, err error) {
-	priv := &ecdsa.PrivateKey{D: d, PublicKey: ecdsa.PublicKey{X: x, Y: y, Curve: c.Curve}}
-	return ecdsa.Sign(rand, priv, hash)
-}
-
-func (c *genericCurve) Verify(x, y *big.Int, hash []byte, r, s *big.Int) bool {
-	pub := &ecdsa.PublicKey{X: x, Y: y, Curve: c.Curve}
-	return ecdsa.Verify(pub, hash, r, s)
-}
-
-func (c *genericCurve) validate(xP, yP *big.Int, secret []byte) error {
-	// the public point should not be at infinity (0,0)
-	zero := new(big.Int)
-	if xP.Cmp(zero) == 0 && yP.Cmp(zero) == 0 {
-		return errors.KeyInvalidError(fmt.Sprintf("ecc (%s): infinity point", c.Curve.Params().Name))
-	}
-
-	// re-derive the public point Q' = (X,Y) = dG
-	// to compare to declared Q in public key
-	expectedX, expectedY := c.Curve.ScalarBaseMult(secret)
-	if xP.Cmp(expectedX) != 0 || yP.Cmp(expectedY) != 0 {
-		return errors.KeyInvalidError(fmt.Sprintf("ecc (%s): invalid point", c.Curve.Params().Name))
-	}
-
-	return nil
-}
-
-func (c *genericCurve) ValidateECDSA(xP, yP *big.Int, secret []byte) error {
-	return c.validate(xP, yP, secret)
-}
-
-func (c *genericCurve) ValidateECDH(point []byte, secret []byte) error {
-	xP, yP := elliptic.Unmarshal(c.Curve, point)
-	if xP == nil {
-		return errors.KeyInvalidError(fmt.Sprintf("ecc (%s): invalid point", c.Curve.Params().Name))
-	}
-
-	return c.validate(xP, yP, secret)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/x448.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/x448.go
deleted file mode 100644
index df04262e9e..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/x448.go
+++ /dev/null
@@ -1,107 +0,0 @@
-// Package ecc implements a generic interface for ECDH, ECDSA, and EdDSA.
-package ecc
-
-import (
-	"crypto/subtle"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	x448lib "github.com/cloudflare/circl/dh/x448"
-)
-
-type x448 struct{}
-
-func NewX448() *x448 {
-	return &x448{}
-}
-
-func (c *x448) GetCurveName() string {
-	return "x448"
-}
-
-// MarshalBytePoint encodes the public point from native format, adding the prefix.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.6
-func (c *x448) MarshalBytePoint(point []byte) []byte {
-	return append([]byte{0x40}, point...)
-}
-
-// UnmarshalBytePoint decodes a point from prefixed format to native.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.6
-func (c *x448) UnmarshalBytePoint(point []byte) []byte {
-	if len(point) != x448lib.Size+1 {
-		return nil
-	}
-
-	return point[1:]
-}
-
-// MarshalByteSecret encoded a scalar from native format to prefixed.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.6.1.2
-func (c *x448) MarshalByteSecret(d []byte) []byte {
-	return append([]byte{0x40}, d...)
-}
-
-// UnmarshalByteSecret decodes a scalar from prefixed format to native.
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-06#section-5.5.5.6.1.2
-func (c *x448) UnmarshalByteSecret(d []byte) []byte {
-	if len(d) != x448lib.Size+1 {
-		return nil
-	}
-
-	// Store without prefix
-	return d[1:]
-}
-
-func (c *x448) generateKeyPairBytes(rand io.Reader) (sk, pk x448lib.Key, err error) {
-	if _, err = rand.Read(sk[:]); err != nil {
-		return
-	}
-
-	x448lib.KeyGen(&pk, &sk)
-	return
-}
-
-func (c *x448) GenerateECDH(rand io.Reader) (point []byte, secret []byte, err error) {
-	priv, pub, err := c.generateKeyPairBytes(rand)
-	if err != nil {
-		return
-	}
-
-	return pub[:], priv[:], nil
-}
-
-func (c *x448) Encaps(rand io.Reader, point []byte) (ephemeral, sharedSecret []byte, err error) {
-	var pk, ss x448lib.Key
-	seed, e, err := c.generateKeyPairBytes(rand)
-	if err != nil {
-		return nil, nil, err
-	}
-	copy(pk[:], point)
-	x448lib.Shared(&ss, &seed, &pk)
-
-	return e[:], ss[:], nil
-}
-
-func (c *x448) Decaps(ephemeral, secret []byte) (sharedSecret []byte, err error) {
-	var ss, sk, e x448lib.Key
-
-	copy(sk[:], secret)
-	copy(e[:], ephemeral)
-	x448lib.Shared(&ss, &sk, &e)
-
-	return ss[:], nil
-}
-
-func (c *x448) ValidateECDH(point []byte, secret []byte) error {
-	var sk, pk, expectedPk x448lib.Key
-
-	copy(pk[:], point)
-	copy(sk[:], secret)
-	x448lib.KeyGen(&expectedPk, &sk)
-
-	if subtle.ConstantTimeCompare(expectedPk[:], pk[:]) == 0 {
-		return errors.KeyInvalidError("ecc: invalid curve25519 public point")
-	}
-
-	return nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/encoding.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/encoding.go
deleted file mode 100644
index 6c921481b7..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/encoding.go
+++ /dev/null
@@ -1,27 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package encoding implements openpgp packet field encodings as specified in
-// RFC 4880 and 6637.
-package encoding
-
-import "io"
-
-// Field is an encoded field of an openpgp packet.
-type Field interface {
-	// Bytes returns the decoded data.
-	Bytes() []byte
-
-	// BitLength is the size in bits of the decoded data.
-	BitLength() uint16
-
-	// EncodedBytes returns the encoded data.
-	EncodedBytes() []byte
-
-	// EncodedLength is the size in bytes of the encoded data.
-	EncodedLength() uint16
-
-	// ReadFrom reads the next Field from r.
-	ReadFrom(r io.Reader) (int64, error)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/mpi.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/mpi.go
deleted file mode 100644
index 02e5e695c3..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/mpi.go
+++ /dev/null
@@ -1,91 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package encoding
-
-import (
-	"io"
-	"math/big"
-	"math/bits"
-)
-
-// An MPI is used to store the contents of a big integer, along with the bit
-// length that was specified in the original input. This allows the MPI to be
-// reserialized exactly.
-type MPI struct {
-	bytes     []byte
-	bitLength uint16
-}
-
-// NewMPI returns a MPI initialized with bytes.
-func NewMPI(bytes []byte) *MPI {
-	for len(bytes) != 0 && bytes[0] == 0 {
-		bytes = bytes[1:]
-	}
-	if len(bytes) == 0 {
-		bitLength := uint16(0)
-		return &MPI{bytes, bitLength}
-	}
-	bitLength := 8*uint16(len(bytes)-1) + uint16(bits.Len8(bytes[0]))
-	return &MPI{bytes, bitLength}
-}
-
-// Bytes returns the decoded data.
-func (m *MPI) Bytes() []byte {
-	return m.bytes
-}
-
-// BitLength is the size in bits of the decoded data.
-func (m *MPI) BitLength() uint16 {
-	return m.bitLength
-}
-
-// EncodedBytes returns the encoded data.
-func (m *MPI) EncodedBytes() []byte {
-	return append([]byte{byte(m.bitLength >> 8), byte(m.bitLength)}, m.bytes...)
-}
-
-// EncodedLength is the size in bytes of the encoded data.
-func (m *MPI) EncodedLength() uint16 {
-	return uint16(2 + len(m.bytes))
-}
-
-// ReadFrom reads into m the next MPI from r.
-func (m *MPI) ReadFrom(r io.Reader) (int64, error) {
-	var buf [2]byte
-	n, err := io.ReadFull(r, buf[0:])
-	if err != nil {
-		if err == io.EOF {
-			err = io.ErrUnexpectedEOF
-		}
-		return int64(n), err
-	}
-
-	m.bitLength = uint16(buf[0])<<8 | uint16(buf[1])
-	m.bytes = make([]byte, (int(m.bitLength)+7)/8)
-
-	nn, err := io.ReadFull(r, m.bytes)
-	if err == io.EOF {
-		err = io.ErrUnexpectedEOF
-	}
-
-	// remove leading zero bytes from malformed GnuPG encoded MPIs:
-	// https://bugs.gnupg.org/gnupg/issue1853
-	// for _, b := range m.bytes {
-	// 	if b != 0 {
-	// 		break
-	// 	}
-	// 	m.bytes = m.bytes[1:]
-	// 	m.bitLength -= 8
-	// }
-
-	return int64(n) + int64(nn), err
-}
-
-// SetBig initializes m with the bits from n.
-func (m *MPI) SetBig(n *big.Int) *MPI {
-	m.bytes = n.Bytes()
-	m.bitLength = uint16(n.BitLen())
-	return m
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/oid.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/oid.go
deleted file mode 100644
index c9df9fe232..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/oid.go
+++ /dev/null
@@ -1,88 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package encoding
-
-import (
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-// OID is used to store a variable-length field with a one-octet size
-// prefix. See https://tools.ietf.org/html/rfc6637#section-9.
-type OID struct {
-	bytes []byte
-}
-
-const (
-	// maxOID is the maximum number of bytes in a OID.
-	maxOID = 254
-	// reservedOIDLength1 and reservedOIDLength2 are OID lengths that the RFC
-	// specifies are reserved.
-	reservedOIDLength1 = 0
-	reservedOIDLength2 = 0xff
-)
-
-// NewOID returns a OID initialized with bytes.
-func NewOID(bytes []byte) *OID {
-	switch len(bytes) {
-	case reservedOIDLength1, reservedOIDLength2:
-		panic("encoding: NewOID argument length is reserved")
-	default:
-		if len(bytes) > maxOID {
-			panic("encoding: NewOID argument too large")
-		}
-	}
-
-	return &OID{
-		bytes: bytes,
-	}
-}
-
-// Bytes returns the decoded data.
-func (o *OID) Bytes() []byte {
-	return o.bytes
-}
-
-// BitLength is the size in bits of the decoded data.
-func (o *OID) BitLength() uint16 {
-	return uint16(len(o.bytes) * 8)
-}
-
-// EncodedBytes returns the encoded data.
-func (o *OID) EncodedBytes() []byte {
-	return append([]byte{byte(len(o.bytes))}, o.bytes...)
-}
-
-// EncodedLength is the size in bytes of the encoded data.
-func (o *OID) EncodedLength() uint16 {
-	return uint16(1 + len(o.bytes))
-}
-
-// ReadFrom reads into b the next OID from r.
-func (o *OID) ReadFrom(r io.Reader) (int64, error) {
-	var buf [1]byte
-	n, err := io.ReadFull(r, buf[:])
-	if err != nil {
-		if err == io.EOF {
-			err = io.ErrUnexpectedEOF
-		}
-		return int64(n), err
-	}
-
-	switch buf[0] {
-	case reservedOIDLength1, reservedOIDLength2:
-		return int64(n), errors.UnsupportedError("reserved for future extensions")
-	}
-
-	o.bytes = make([]byte, buf[0])
-
-	nn, err := io.ReadFull(r, o.bytes)
-	if err == io.EOF {
-		err = io.ErrUnexpectedEOF
-	}
-
-	return int64(n) + int64(nn), err
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/key_generation.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/key_generation.go
deleted file mode 100644
index 77213f66be..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/key_generation.go
+++ /dev/null
@@ -1,456 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package openpgp
-
-import (
-	"crypto"
-	"crypto/rand"
-	"crypto/rsa"
-	goerrors "errors"
-	"io"
-	"math/big"
-	"time"
-
-	"github.com/ProtonMail/go-crypto/openpgp/ecdh"
-	"github.com/ProtonMail/go-crypto/openpgp/ecdsa"
-	"github.com/ProtonMail/go-crypto/openpgp/ed25519"
-	"github.com/ProtonMail/go-crypto/openpgp/ed448"
-	"github.com/ProtonMail/go-crypto/openpgp/eddsa"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/ecc"
-	"github.com/ProtonMail/go-crypto/openpgp/packet"
-	"github.com/ProtonMail/go-crypto/openpgp/x25519"
-	"github.com/ProtonMail/go-crypto/openpgp/x448"
-)
-
-// NewEntity returns an Entity that contains a fresh RSA/RSA keypair with a
-// single identity composed of the given full name, comment and email, any of
-// which may be empty but must not contain any of "()<>\x00".
-// If config is nil, sensible defaults will be used.
-func NewEntity(name, comment, email string, config *packet.Config) (*Entity, error) {
-	creationTime := config.Now()
-	keyLifetimeSecs := config.KeyLifetime()
-
-	// Generate a primary signing key
-	primaryPrivRaw, err := newSigner(config)
-	if err != nil {
-		return nil, err
-	}
-	primary := packet.NewSignerPrivateKey(creationTime, primaryPrivRaw)
-	if config.V6() {
-		if err := primary.UpgradeToV6(); err != nil {
-			return nil, err
-		}
-	}
-
-	e := &Entity{
-		PrimaryKey: &primary.PublicKey,
-		PrivateKey: primary,
-		Identities: make(map[string]*Identity),
-		Subkeys:    []Subkey{},
-		Signatures: []*packet.Signature{},
-	}
-
-	if config.V6() {
-		// In v6 keys algorithm preferences should be stored in direct key signatures
-		selfSignature := createSignaturePacket(&primary.PublicKey, packet.SigTypeDirectSignature, config)
-		err = writeKeyProperties(selfSignature, creationTime, keyLifetimeSecs, config)
-		if err != nil {
-			return nil, err
-		}
-		err = selfSignature.SignDirectKeyBinding(&primary.PublicKey, primary, config)
-		if err != nil {
-			return nil, err
-		}
-		e.Signatures = append(e.Signatures, selfSignature)
-		e.SelfSignature = selfSignature
-	}
-
-	err = e.addUserId(name, comment, email, config, creationTime, keyLifetimeSecs, !config.V6())
-	if err != nil {
-		return nil, err
-	}
-
-	// NOTE: No key expiry here, but we will not return this subkey in EncryptionKey()
-	// if the primary/master key has expired.
-	err = e.addEncryptionSubkey(config, creationTime, 0)
-	if err != nil {
-		return nil, err
-	}
-
-	return e, nil
-}
-
-func (t *Entity) AddUserId(name, comment, email string, config *packet.Config) error {
-	creationTime := config.Now()
-	keyLifetimeSecs := config.KeyLifetime()
-	return t.addUserId(name, comment, email, config, creationTime, keyLifetimeSecs, !config.V6())
-}
-
-func writeKeyProperties(selfSignature *packet.Signature, creationTime time.Time, keyLifetimeSecs uint32, config *packet.Config) error {
-	advertiseAead := config.AEAD() != nil
-
-	selfSignature.CreationTime = creationTime
-	selfSignature.KeyLifetimeSecs = &keyLifetimeSecs
-	selfSignature.FlagsValid = true
-	selfSignature.FlagSign = true
-	selfSignature.FlagCertify = true
-	selfSignature.SEIPDv1 = true // true by default, see 5.8 vs. 5.14
-	selfSignature.SEIPDv2 = advertiseAead
-
-	// Set the PreferredHash for the SelfSignature from the packet.Config.
-	// If it is not the must-implement algorithm from rfc4880bis, append that.
-	hash, ok := algorithm.HashToHashId(config.Hash())
-	if !ok {
-		return errors.UnsupportedError("unsupported preferred hash function")
-	}
-
-	selfSignature.PreferredHash = []uint8{hash}
-	if config.Hash() != crypto.SHA256 {
-		selfSignature.PreferredHash = append(selfSignature.PreferredHash, hashToHashId(crypto.SHA256))
-	}
-
-	// Likewise for DefaultCipher.
-	selfSignature.PreferredSymmetric = []uint8{uint8(config.Cipher())}
-	if config.Cipher() != packet.CipherAES128 {
-		selfSignature.PreferredSymmetric = append(selfSignature.PreferredSymmetric, uint8(packet.CipherAES128))
-	}
-
-	// We set CompressionNone as the preferred compression algorithm because
-	// of compression side channel attacks, then append the configured
-	// DefaultCompressionAlgo if any is set (to signal support for cases
-	// where the application knows that using compression is safe).
-	selfSignature.PreferredCompression = []uint8{uint8(packet.CompressionNone)}
-	if config.Compression() != packet.CompressionNone {
-		selfSignature.PreferredCompression = append(selfSignature.PreferredCompression, uint8(config.Compression()))
-	}
-
-	if advertiseAead {
-		// Get the preferred AEAD mode from the packet.Config.
-		// If it is not the must-implement algorithm from rfc9580, append that.
-		modes := []uint8{uint8(config.AEAD().Mode())}
-		if config.AEAD().Mode() != packet.AEADModeOCB {
-			modes = append(modes, uint8(packet.AEADModeOCB))
-		}
-
-		// For preferred (AES256, GCM), we'll generate (AES256, GCM), (AES256, OCB), (AES128, GCM), (AES128, OCB)
-		for _, cipher := range selfSignature.PreferredSymmetric {
-			for _, mode := range modes {
-				selfSignature.PreferredCipherSuites = append(selfSignature.PreferredCipherSuites, [2]uint8{cipher, mode})
-			}
-		}
-	}
-	return nil
-}
-
-func (t *Entity) addUserId(name, comment, email string, config *packet.Config, creationTime time.Time, keyLifetimeSecs uint32, writeProperties bool) error {
-	uid := packet.NewUserId(name, comment, email)
-	if uid == nil {
-		return errors.InvalidArgumentError("user id field contained invalid characters")
-	}
-
-	if _, ok := t.Identities[uid.Id]; ok {
-		return errors.InvalidArgumentError("user id exist")
-	}
-
-	primary := t.PrivateKey
-	isPrimaryId := len(t.Identities) == 0
-	selfSignature := createSignaturePacket(&primary.PublicKey, packet.SigTypePositiveCert, config)
-	if writeProperties {
-		err := writeKeyProperties(selfSignature, creationTime, keyLifetimeSecs, config)
-		if err != nil {
-			return err
-		}
-	}
-	selfSignature.IsPrimaryId = &isPrimaryId
-
-	// User ID binding signature
-	err := selfSignature.SignUserId(uid.Id, &primary.PublicKey, primary, config)
-	if err != nil {
-		return err
-	}
-	t.Identities[uid.Id] = &Identity{
-		Name:          uid.Id,
-		UserId:        uid,
-		SelfSignature: selfSignature,
-		Signatures:    []*packet.Signature{selfSignature},
-	}
-	return nil
-}
-
-// AddSigningSubkey adds a signing keypair as a subkey to the Entity.
-// If config is nil, sensible defaults will be used.
-func (e *Entity) AddSigningSubkey(config *packet.Config) error {
-	creationTime := config.Now()
-	keyLifetimeSecs := config.KeyLifetime()
-
-	subPrivRaw, err := newSigner(config)
-	if err != nil {
-		return err
-	}
-	sub := packet.NewSignerPrivateKey(creationTime, subPrivRaw)
-	sub.IsSubkey = true
-	if config.V6() {
-		if err := sub.UpgradeToV6(); err != nil {
-			return err
-		}
-	}
-
-	subkey := Subkey{
-		PublicKey:  &sub.PublicKey,
-		PrivateKey: sub,
-	}
-	subkey.Sig = createSignaturePacket(e.PrimaryKey, packet.SigTypeSubkeyBinding, config)
-	subkey.Sig.CreationTime = creationTime
-	subkey.Sig.KeyLifetimeSecs = &keyLifetimeSecs
-	subkey.Sig.FlagsValid = true
-	subkey.Sig.FlagSign = true
-	subkey.Sig.EmbeddedSignature = createSignaturePacket(subkey.PublicKey, packet.SigTypePrimaryKeyBinding, config)
-	subkey.Sig.EmbeddedSignature.CreationTime = creationTime
-
-	err = subkey.Sig.EmbeddedSignature.CrossSignKey(subkey.PublicKey, e.PrimaryKey, subkey.PrivateKey, config)
-	if err != nil {
-		return err
-	}
-
-	err = subkey.Sig.SignKey(subkey.PublicKey, e.PrivateKey, config)
-	if err != nil {
-		return err
-	}
-
-	e.Subkeys = append(e.Subkeys, subkey)
-	return nil
-}
-
-// AddEncryptionSubkey adds an encryption keypair as a subkey to the Entity.
-// If config is nil, sensible defaults will be used.
-func (e *Entity) AddEncryptionSubkey(config *packet.Config) error {
-	creationTime := config.Now()
-	keyLifetimeSecs := config.KeyLifetime()
-	return e.addEncryptionSubkey(config, creationTime, keyLifetimeSecs)
-}
-
-func (e *Entity) addEncryptionSubkey(config *packet.Config, creationTime time.Time, keyLifetimeSecs uint32) error {
-	subPrivRaw, err := newDecrypter(config)
-	if err != nil {
-		return err
-	}
-	sub := packet.NewDecrypterPrivateKey(creationTime, subPrivRaw)
-	sub.IsSubkey = true
-	if config.V6() {
-		if err := sub.UpgradeToV6(); err != nil {
-			return err
-		}
-	}
-
-	subkey := Subkey{
-		PublicKey:  &sub.PublicKey,
-		PrivateKey: sub,
-	}
-	subkey.Sig = createSignaturePacket(e.PrimaryKey, packet.SigTypeSubkeyBinding, config)
-	subkey.Sig.CreationTime = creationTime
-	subkey.Sig.KeyLifetimeSecs = &keyLifetimeSecs
-	subkey.Sig.FlagsValid = true
-	subkey.Sig.FlagEncryptStorage = true
-	subkey.Sig.FlagEncryptCommunications = true
-
-	err = subkey.Sig.SignKey(subkey.PublicKey, e.PrivateKey, config)
-	if err != nil {
-		return err
-	}
-
-	e.Subkeys = append(e.Subkeys, subkey)
-	return nil
-}
-
-// Generates a signing key
-func newSigner(config *packet.Config) (signer interface{}, err error) {
-	switch config.PublicKeyAlgorithm() {
-	case packet.PubKeyAlgoRSA:
-		bits := config.RSAModulusBits()
-		if bits < 1024 {
-			return nil, errors.InvalidArgumentError("bits must be >= 1024")
-		}
-		if config != nil && len(config.RSAPrimes) >= 2 {
-			primes := config.RSAPrimes[0:2]
-			config.RSAPrimes = config.RSAPrimes[2:]
-			return generateRSAKeyWithPrimes(config.Random(), 2, bits, primes)
-		}
-		return rsa.GenerateKey(config.Random(), bits)
-	case packet.PubKeyAlgoEdDSA:
-		if config.V6() {
-			// Implementations MUST NOT accept or generate v6 key material
-			// using the deprecated OIDs.
-			return nil, errors.InvalidArgumentError("EdDSALegacy cannot be used for v6 keys")
-		}
-		curve := ecc.FindEdDSAByGenName(string(config.CurveName()))
-		if curve == nil {
-			return nil, errors.InvalidArgumentError("unsupported curve")
-		}
-
-		priv, err := eddsa.GenerateKey(config.Random(), curve)
-		if err != nil {
-			return nil, err
-		}
-		return priv, nil
-	case packet.PubKeyAlgoECDSA:
-		curve := ecc.FindECDSAByGenName(string(config.CurveName()))
-		if curve == nil {
-			return nil, errors.InvalidArgumentError("unsupported curve")
-		}
-
-		priv, err := ecdsa.GenerateKey(config.Random(), curve)
-		if err != nil {
-			return nil, err
-		}
-		return priv, nil
-	case packet.PubKeyAlgoEd25519:
-		priv, err := ed25519.GenerateKey(config.Random())
-		if err != nil {
-			return nil, err
-		}
-		return priv, nil
-	case packet.PubKeyAlgoEd448:
-		priv, err := ed448.GenerateKey(config.Random())
-		if err != nil {
-			return nil, err
-		}
-		return priv, nil
-	default:
-		return nil, errors.InvalidArgumentError("unsupported public key algorithm")
-	}
-}
-
-// Generates an encryption/decryption key
-func newDecrypter(config *packet.Config) (decrypter interface{}, err error) {
-	switch config.PublicKeyAlgorithm() {
-	case packet.PubKeyAlgoRSA:
-		bits := config.RSAModulusBits()
-		if bits < 1024 {
-			return nil, errors.InvalidArgumentError("bits must be >= 1024")
-		}
-		if config != nil && len(config.RSAPrimes) >= 2 {
-			primes := config.RSAPrimes[0:2]
-			config.RSAPrimes = config.RSAPrimes[2:]
-			return generateRSAKeyWithPrimes(config.Random(), 2, bits, primes)
-		}
-		return rsa.GenerateKey(config.Random(), bits)
-	case packet.PubKeyAlgoEdDSA, packet.PubKeyAlgoECDSA:
-		fallthrough // When passing EdDSA or ECDSA, we generate an ECDH subkey
-	case packet.PubKeyAlgoECDH:
-		if config.V6() &&
-			(config.CurveName() == packet.Curve25519 ||
-				config.CurveName() == packet.Curve448) {
-			// Implementations MUST NOT accept or generate v6 key material
-			// using the deprecated OIDs.
-			return nil, errors.InvalidArgumentError("ECDH with Curve25519/448 legacy cannot be used for v6 keys")
-		}
-		var kdf = ecdh.KDF{
-			Hash:   algorithm.SHA512,
-			Cipher: algorithm.AES256,
-		}
-		curve := ecc.FindECDHByGenName(string(config.CurveName()))
-		if curve == nil {
-			return nil, errors.InvalidArgumentError("unsupported curve")
-		}
-		return ecdh.GenerateKey(config.Random(), curve, kdf)
-	case packet.PubKeyAlgoEd25519, packet.PubKeyAlgoX25519: // When passing Ed25519, we generate an x25519 subkey
-		return x25519.GenerateKey(config.Random())
-	case packet.PubKeyAlgoEd448, packet.PubKeyAlgoX448: // When passing Ed448, we generate an x448 subkey
-		return x448.GenerateKey(config.Random())
-	default:
-		return nil, errors.InvalidArgumentError("unsupported public key algorithm")
-	}
-}
-
-var bigOne = big.NewInt(1)
-
-// generateRSAKeyWithPrimes generates a multi-prime RSA keypair of the
-// given bit size, using the given random source and pre-populated primes.
-func generateRSAKeyWithPrimes(random io.Reader, nprimes int, bits int, prepopulatedPrimes []*big.Int) (*rsa.PrivateKey, error) {
-	priv := new(rsa.PrivateKey)
-	priv.E = 65537
-
-	if nprimes < 2 {
-		return nil, goerrors.New("generateRSAKeyWithPrimes: nprimes must be >= 2")
-	}
-
-	if bits < 1024 {
-		return nil, goerrors.New("generateRSAKeyWithPrimes: bits must be >= 1024")
-	}
-
-	primes := make([]*big.Int, nprimes)
-
-NextSetOfPrimes:
-	for {
-		todo := bits
-		// crypto/rand should set the top two bits in each prime.
-		// Thus each prime has the form
-		//   p_i = 2^bitlen(p_i) × 0.11... (in base 2).
-		// And the product is:
-		//   P = 2^todo × α
-		// where α is the product of nprimes numbers of the form 0.11...
-		//
-		// If α < 1/2 (which can happen for nprimes > 2), we need to
-		// shift todo to compensate for lost bits: the mean value of 0.11...
-		// is 7/8, so todo + shift - nprimes * log2(7/8) ~= bits - 1/2
-		// will give good results.
-		if nprimes >= 7 {
-			todo += (nprimes - 2) / 5
-		}
-		for i := 0; i < nprimes; i++ {
-			var err error
-			if len(prepopulatedPrimes) == 0 {
-				primes[i], err = rand.Prime(random, todo/(nprimes-i))
-				if err != nil {
-					return nil, err
-				}
-			} else {
-				primes[i] = prepopulatedPrimes[0]
-				prepopulatedPrimes = prepopulatedPrimes[1:]
-			}
-
-			todo -= primes[i].BitLen()
-		}
-
-		// Make sure that primes is pairwise unequal.
-		for i, prime := range primes {
-			for j := 0; j < i; j++ {
-				if prime.Cmp(primes[j]) == 0 {
-					continue NextSetOfPrimes
-				}
-			}
-		}
-
-		n := new(big.Int).Set(bigOne)
-		totient := new(big.Int).Set(bigOne)
-		pminus1 := new(big.Int)
-		for _, prime := range primes {
-			n.Mul(n, prime)
-			pminus1.Sub(prime, bigOne)
-			totient.Mul(totient, pminus1)
-		}
-		if n.BitLen() != bits {
-			// This should never happen for nprimes == 2 because
-			// crypto/rand should set the top two bits in each prime.
-			// For nprimes > 2 we hope it does not happen often.
-			continue NextSetOfPrimes
-		}
-
-		priv.D = new(big.Int)
-		e := big.NewInt(int64(priv.E))
-		ok := priv.D.ModInverse(e, totient)
-
-		if ok != nil {
-			priv.Primes = primes
-			priv.N = n
-			break
-		}
-	}
-
-	priv.Precompute()
-	return priv, nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/keys.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/keys.go
deleted file mode 100644
index a071353e2e..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/keys.go
+++ /dev/null
@@ -1,901 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package openpgp
-
-import (
-	goerrors "errors"
-	"fmt"
-	"io"
-	"time"
-
-	"github.com/ProtonMail/go-crypto/openpgp/armor"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/packet"
-)
-
-// PublicKeyType is the armor type for a PGP public key.
-var PublicKeyType = "PGP PUBLIC KEY BLOCK"
-
-// PrivateKeyType is the armor type for a PGP private key.
-var PrivateKeyType = "PGP PRIVATE KEY BLOCK"
-
-// An Entity represents the components of an OpenPGP key: a primary public key
-// (which must be a signing key), one or more identities claimed by that key,
-// and zero or more subkeys, which may be encryption keys.
-type Entity struct {
-	PrimaryKey    *packet.PublicKey
-	PrivateKey    *packet.PrivateKey
-	Identities    map[string]*Identity // indexed by Identity.Name
-	Revocations   []*packet.Signature
-	Subkeys       []Subkey
-	SelfSignature *packet.Signature   // Direct-key self signature of the PrimaryKey (contains primary key properties in v6)
-	Signatures    []*packet.Signature // all (potentially unverified) self-signatures, revocations, and third-party signatures
-}
-
-// An Identity represents an identity claimed by an Entity and zero or more
-// assertions by other entities about that claim.
-type Identity struct {
-	Name          string // by convention, has the form "Full Name (comment) <email@example.com>"
-	UserId        *packet.UserId
-	SelfSignature *packet.Signature
-	Revocations   []*packet.Signature
-	Signatures    []*packet.Signature // all (potentially unverified) self-signatures, revocations, and third-party signatures
-}
-
-// A Subkey is an additional public key in an Entity. Subkeys can be used for
-// encryption.
-type Subkey struct {
-	PublicKey   *packet.PublicKey
-	PrivateKey  *packet.PrivateKey
-	Sig         *packet.Signature
-	Revocations []*packet.Signature
-}
-
-// A Key identifies a specific public key in an Entity. This is either the
-// Entity's primary key or a subkey.
-type Key struct {
-	Entity        *Entity
-	PublicKey     *packet.PublicKey
-	PrivateKey    *packet.PrivateKey
-	SelfSignature *packet.Signature
-	Revocations   []*packet.Signature
-}
-
-// A KeyRing provides access to public and private keys.
-type KeyRing interface {
-	// KeysById returns the set of keys that have the given key id.
-	KeysById(id uint64) []Key
-	// KeysByIdAndUsage returns the set of keys with the given id
-	// that also meet the key usage given by requiredUsage.
-	// The requiredUsage is expressed as the bitwise-OR of
-	// packet.KeyFlag* values.
-	KeysByIdUsage(id uint64, requiredUsage byte) []Key
-	// DecryptionKeys returns all private keys that are valid for
-	// decryption.
-	DecryptionKeys() []Key
-}
-
-// PrimaryIdentity returns an Identity, preferring non-revoked identities,
-// identities marked as primary, or the latest-created identity, in that order.
-func (e *Entity) PrimaryIdentity() *Identity {
-	var primaryIdentity *Identity
-	for _, ident := range e.Identities {
-		if shouldPreferIdentity(primaryIdentity, ident) {
-			primaryIdentity = ident
-		}
-	}
-	return primaryIdentity
-}
-
-func shouldPreferIdentity(existingId, potentialNewId *Identity) bool {
-	if existingId == nil {
-		return true
-	}
-
-	if len(existingId.Revocations) > len(potentialNewId.Revocations) {
-		return true
-	}
-
-	if len(existingId.Revocations) < len(potentialNewId.Revocations) {
-		return false
-	}
-
-	if existingId.SelfSignature == nil {
-		return true
-	}
-
-	if existingId.SelfSignature.IsPrimaryId != nil && *existingId.SelfSignature.IsPrimaryId &&
-		!(potentialNewId.SelfSignature.IsPrimaryId != nil && *potentialNewId.SelfSignature.IsPrimaryId) {
-		return false
-	}
-
-	if !(existingId.SelfSignature.IsPrimaryId != nil && *existingId.SelfSignature.IsPrimaryId) &&
-		potentialNewId.SelfSignature.IsPrimaryId != nil && *potentialNewId.SelfSignature.IsPrimaryId {
-		return true
-	}
-
-	return potentialNewId.SelfSignature.CreationTime.After(existingId.SelfSignature.CreationTime)
-}
-
-// EncryptionKey returns the best candidate Key for encrypting a message to the
-// given Entity.
-func (e *Entity) EncryptionKey(now time.Time) (Key, bool) {
-	// Fail to find any encryption key if the...
-	primarySelfSignature, primaryIdentity := e.PrimarySelfSignature()
-	if primarySelfSignature == nil || // no self-signature found
-		e.PrimaryKey.KeyExpired(primarySelfSignature, now) || // primary key has expired
-		e.Revoked(now) || // primary key has been revoked
-		primarySelfSignature.SigExpired(now) || // user ID or or direct self-signature has expired
-		(primaryIdentity != nil && primaryIdentity.Revoked(now)) { // user ID has been revoked (for v4 keys)
-		return Key{}, false
-	}
-
-	// Iterate the keys to find the newest, unexpired one
-	candidateSubkey := -1
-	var maxTime time.Time
-	for i, subkey := range e.Subkeys {
-		if subkey.Sig.FlagsValid &&
-			subkey.Sig.FlagEncryptCommunications &&
-			subkey.PublicKey.PubKeyAlgo.CanEncrypt() &&
-			!subkey.PublicKey.KeyExpired(subkey.Sig, now) &&
-			!subkey.Sig.SigExpired(now) &&
-			!subkey.Revoked(now) &&
-			(maxTime.IsZero() || subkey.Sig.CreationTime.After(maxTime)) {
-			candidateSubkey = i
-			maxTime = subkey.Sig.CreationTime
-		}
-	}
-
-	if candidateSubkey != -1 {
-		subkey := e.Subkeys[candidateSubkey]
-		return Key{e, subkey.PublicKey, subkey.PrivateKey, subkey.Sig, subkey.Revocations}, true
-	}
-
-	// If we don't have any subkeys for encryption and the primary key
-	// is marked as OK to encrypt with, then we can use it.
-	if primarySelfSignature.FlagsValid && primarySelfSignature.FlagEncryptCommunications &&
-		e.PrimaryKey.PubKeyAlgo.CanEncrypt() {
-		return Key{e, e.PrimaryKey, e.PrivateKey, primarySelfSignature, e.Revocations}, true
-	}
-
-	return Key{}, false
-}
-
-// CertificationKey return the best candidate Key for certifying a key with this
-// Entity.
-func (e *Entity) CertificationKey(now time.Time) (Key, bool) {
-	return e.CertificationKeyById(now, 0)
-}
-
-// CertificationKeyById return the Key for key certification with this
-// Entity and keyID.
-func (e *Entity) CertificationKeyById(now time.Time, id uint64) (Key, bool) {
-	return e.signingKeyByIdUsage(now, id, packet.KeyFlagCertify)
-}
-
-// SigningKey return the best candidate Key for signing a message with this
-// Entity.
-func (e *Entity) SigningKey(now time.Time) (Key, bool) {
-	return e.SigningKeyById(now, 0)
-}
-
-// SigningKeyById return the Key for signing a message with this
-// Entity and keyID.
-func (e *Entity) SigningKeyById(now time.Time, id uint64) (Key, bool) {
-	return e.signingKeyByIdUsage(now, id, packet.KeyFlagSign)
-}
-
-func (e *Entity) signingKeyByIdUsage(now time.Time, id uint64, flags int) (Key, bool) {
-	// Fail to find any signing key if the...
-	primarySelfSignature, primaryIdentity := e.PrimarySelfSignature()
-	if primarySelfSignature == nil || // no self-signature found
-		e.PrimaryKey.KeyExpired(primarySelfSignature, now) || // primary key has expired
-		e.Revoked(now) || // primary key has been revoked
-		primarySelfSignature.SigExpired(now) || // user ID or direct self-signature has expired
-		(primaryIdentity != nil && primaryIdentity.Revoked(now)) { // user ID has been revoked (for v4 keys)
-		return Key{}, false
-	}
-
-	// Iterate the keys to find the newest, unexpired one
-	candidateSubkey := -1
-	var maxTime time.Time
-	for idx, subkey := range e.Subkeys {
-		if subkey.Sig.FlagsValid &&
-			(flags&packet.KeyFlagCertify == 0 || subkey.Sig.FlagCertify) &&
-			(flags&packet.KeyFlagSign == 0 || subkey.Sig.FlagSign) &&
-			subkey.PublicKey.PubKeyAlgo.CanSign() &&
-			!subkey.PublicKey.KeyExpired(subkey.Sig, now) &&
-			!subkey.Sig.SigExpired(now) &&
-			!subkey.Revoked(now) &&
-			(maxTime.IsZero() || subkey.Sig.CreationTime.After(maxTime)) &&
-			(id == 0 || subkey.PublicKey.KeyId == id) {
-			candidateSubkey = idx
-			maxTime = subkey.Sig.CreationTime
-		}
-	}
-
-	if candidateSubkey != -1 {
-		subkey := e.Subkeys[candidateSubkey]
-		return Key{e, subkey.PublicKey, subkey.PrivateKey, subkey.Sig, subkey.Revocations}, true
-	}
-
-	// If we don't have any subkeys for signing and the primary key
-	// is marked as OK to sign with, then we can use it.
-	if primarySelfSignature.FlagsValid &&
-		(flags&packet.KeyFlagCertify == 0 || primarySelfSignature.FlagCertify) &&
-		(flags&packet.KeyFlagSign == 0 || primarySelfSignature.FlagSign) &&
-		e.PrimaryKey.PubKeyAlgo.CanSign() &&
-		(id == 0 || e.PrimaryKey.KeyId == id) {
-		return Key{e, e.PrimaryKey, e.PrivateKey, primarySelfSignature, e.Revocations}, true
-	}
-
-	// No keys with a valid Signing Flag or no keys matched the id passed in
-	return Key{}, false
-}
-
-func revoked(revocations []*packet.Signature, now time.Time) bool {
-	for _, revocation := range revocations {
-		if revocation.RevocationReason != nil && *revocation.RevocationReason == packet.KeyCompromised {
-			// If the key is compromised, the key is considered revoked even before the revocation date.
-			return true
-		}
-		if !revocation.SigExpired(now) {
-			return true
-		}
-	}
-	return false
-}
-
-// Revoked returns whether the entity has any direct key revocation signatures.
-// Note that third-party revocation signatures are not supported.
-// Note also that Identity and Subkey revocation should be checked separately.
-func (e *Entity) Revoked(now time.Time) bool {
-	return revoked(e.Revocations, now)
-}
-
-// EncryptPrivateKeys encrypts all non-encrypted keys in the entity with the same key
-// derived from the provided passphrase. Public keys and dummy keys are ignored,
-// and don't cause an error to be returned.
-func (e *Entity) EncryptPrivateKeys(passphrase []byte, config *packet.Config) error {
-	var keysToEncrypt []*packet.PrivateKey
-	// Add entity private key to encrypt.
-	if e.PrivateKey != nil && !e.PrivateKey.Dummy() && !e.PrivateKey.Encrypted {
-		keysToEncrypt = append(keysToEncrypt, e.PrivateKey)
-	}
-
-	// Add subkeys to encrypt.
-	for _, sub := range e.Subkeys {
-		if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() && !sub.PrivateKey.Encrypted {
-			keysToEncrypt = append(keysToEncrypt, sub.PrivateKey)
-		}
-	}
-	return packet.EncryptPrivateKeys(keysToEncrypt, passphrase, config)
-}
-
-// DecryptPrivateKeys decrypts all encrypted keys in the entity with the given passphrase.
-// Avoids recomputation of similar s2k key derivations. Public keys and dummy keys are ignored,
-// and don't cause an error to be returned.
-func (e *Entity) DecryptPrivateKeys(passphrase []byte) error {
-	var keysToDecrypt []*packet.PrivateKey
-	// Add entity private key to decrypt.
-	if e.PrivateKey != nil && !e.PrivateKey.Dummy() && e.PrivateKey.Encrypted {
-		keysToDecrypt = append(keysToDecrypt, e.PrivateKey)
-	}
-
-	// Add subkeys to decrypt.
-	for _, sub := range e.Subkeys {
-		if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() && sub.PrivateKey.Encrypted {
-			keysToDecrypt = append(keysToDecrypt, sub.PrivateKey)
-		}
-	}
-	return packet.DecryptPrivateKeys(keysToDecrypt, passphrase)
-}
-
-// Revoked returns whether the identity has been revoked by a self-signature.
-// Note that third-party revocation signatures are not supported.
-func (i *Identity) Revoked(now time.Time) bool {
-	return revoked(i.Revocations, now)
-}
-
-// Revoked returns whether the subkey has been revoked by a self-signature.
-// Note that third-party revocation signatures are not supported.
-func (s *Subkey) Revoked(now time.Time) bool {
-	return revoked(s.Revocations, now)
-}
-
-// Revoked returns whether the key or subkey has been revoked by a self-signature.
-// Note that third-party revocation signatures are not supported.
-// Note also that Identity revocation should be checked separately.
-// Normally, it's not necessary to call this function, except on keys returned by
-// KeysById or KeysByIdUsage.
-func (key *Key) Revoked(now time.Time) bool {
-	return revoked(key.Revocations, now)
-}
-
-// An EntityList contains one or more Entities.
-type EntityList []*Entity
-
-// KeysById returns the set of keys that have the given key id.
-func (el EntityList) KeysById(id uint64) (keys []Key) {
-	for _, e := range el {
-		if e.PrimaryKey.KeyId == id {
-			selfSig, _ := e.PrimarySelfSignature()
-			keys = append(keys, Key{e, e.PrimaryKey, e.PrivateKey, selfSig, e.Revocations})
-		}
-
-		for _, subKey := range e.Subkeys {
-			if subKey.PublicKey.KeyId == id {
-				keys = append(keys, Key{e, subKey.PublicKey, subKey.PrivateKey, subKey.Sig, subKey.Revocations})
-			}
-		}
-	}
-	return
-}
-
-// KeysByIdAndUsage returns the set of keys with the given id that also meet
-// the key usage given by requiredUsage.  The requiredUsage is expressed as
-// the bitwise-OR of packet.KeyFlag* values.
-func (el EntityList) KeysByIdUsage(id uint64, requiredUsage byte) (keys []Key) {
-	for _, key := range el.KeysById(id) {
-		if requiredUsage != 0 {
-			if key.SelfSignature == nil || !key.SelfSignature.FlagsValid {
-				continue
-			}
-
-			var usage byte
-			if key.SelfSignature.FlagCertify {
-				usage |= packet.KeyFlagCertify
-			}
-			if key.SelfSignature.FlagSign {
-				usage |= packet.KeyFlagSign
-			}
-			if key.SelfSignature.FlagEncryptCommunications {
-				usage |= packet.KeyFlagEncryptCommunications
-			}
-			if key.SelfSignature.FlagEncryptStorage {
-				usage |= packet.KeyFlagEncryptStorage
-			}
-			if usage&requiredUsage != requiredUsage {
-				continue
-			}
-		}
-
-		keys = append(keys, key)
-	}
-	return
-}
-
-// DecryptionKeys returns all private keys that are valid for decryption.
-func (el EntityList) DecryptionKeys() (keys []Key) {
-	for _, e := range el {
-		for _, subKey := range e.Subkeys {
-			if subKey.PrivateKey != nil && subKey.Sig.FlagsValid && (subKey.Sig.FlagEncryptStorage || subKey.Sig.FlagEncryptCommunications) {
-				keys = append(keys, Key{e, subKey.PublicKey, subKey.PrivateKey, subKey.Sig, subKey.Revocations})
-			}
-		}
-	}
-	return
-}
-
-// ReadArmoredKeyRing reads one or more public/private keys from an armor keyring file.
-func ReadArmoredKeyRing(r io.Reader) (EntityList, error) {
-	block, err := armor.Decode(r)
-	if err == io.EOF {
-		return nil, errors.InvalidArgumentError("no armored data found")
-	}
-	if err != nil {
-		return nil, err
-	}
-	if block.Type != PublicKeyType && block.Type != PrivateKeyType {
-		return nil, errors.InvalidArgumentError("expected public or private key block, got: " + block.Type)
-	}
-
-	return ReadKeyRing(block.Body)
-}
-
-// ReadKeyRing reads one or more public/private keys. Unsupported keys are
-// ignored as long as at least a single valid key is found.
-func ReadKeyRing(r io.Reader) (el EntityList, err error) {
-	packets := packet.NewReader(r)
-	var lastUnsupportedError error
-
-	for {
-		var e *Entity
-		e, err = ReadEntity(packets)
-		if err != nil {
-			// TODO: warn about skipped unsupported/unreadable keys
-			if _, ok := err.(errors.UnsupportedError); ok {
-				lastUnsupportedError = err
-				err = readToNextPublicKey(packets)
-			} else if _, ok := err.(errors.StructuralError); ok {
-				// Skip unreadable, badly-formatted keys
-				lastUnsupportedError = err
-				err = readToNextPublicKey(packets)
-			}
-			if err == io.EOF {
-				err = nil
-				break
-			}
-			if err != nil {
-				el = nil
-				break
-			}
-		} else {
-			el = append(el, e)
-		}
-	}
-
-	if len(el) == 0 && err == nil {
-		err = lastUnsupportedError
-	}
-	return
-}
-
-// readToNextPublicKey reads packets until the start of the entity and leaves
-// the first packet of the new entity in the Reader.
-func readToNextPublicKey(packets *packet.Reader) (err error) {
-	var p packet.Packet
-	for {
-		p, err = packets.Next()
-		if err == io.EOF {
-			return
-		} else if err != nil {
-			if _, ok := err.(errors.UnsupportedError); ok {
-				continue
-			}
-			return
-		}
-
-		if pk, ok := p.(*packet.PublicKey); ok && !pk.IsSubkey {
-			packets.Unread(p)
-			return
-		}
-	}
-}
-
-// ReadEntity reads an entity (public key, identities, subkeys etc) from the
-// given Reader.
-func ReadEntity(packets *packet.Reader) (*Entity, error) {
-	e := new(Entity)
-	e.Identities = make(map[string]*Identity)
-
-	p, err := packets.Next()
-	if err != nil {
-		return nil, err
-	}
-
-	var ok bool
-	if e.PrimaryKey, ok = p.(*packet.PublicKey); !ok {
-		if e.PrivateKey, ok = p.(*packet.PrivateKey); !ok {
-			packets.Unread(p)
-			return nil, errors.StructuralError("first packet was not a public/private key")
-		}
-		e.PrimaryKey = &e.PrivateKey.PublicKey
-	}
-
-	if !e.PrimaryKey.PubKeyAlgo.CanSign() {
-		return nil, errors.StructuralError("primary key cannot be used for signatures")
-	}
-
-	var revocations []*packet.Signature
-	var directSignatures []*packet.Signature
-EachPacket:
-	for {
-		p, err := packets.Next()
-		if err == io.EOF {
-			break
-		} else if err != nil {
-			return nil, err
-		}
-
-		switch pkt := p.(type) {
-		case *packet.UserId:
-			if err := addUserID(e, packets, pkt); err != nil {
-				return nil, err
-			}
-		case *packet.Signature:
-			if pkt.SigType == packet.SigTypeKeyRevocation {
-				revocations = append(revocations, pkt)
-			} else if pkt.SigType == packet.SigTypeDirectSignature {
-				directSignatures = append(directSignatures, pkt)
-			}
-			// Else, ignoring the signature as it does not follow anything
-			// we would know to attach it to.
-		case *packet.PrivateKey:
-			if !pkt.IsSubkey {
-				packets.Unread(p)
-				break EachPacket
-			}
-			err = addSubkey(e, packets, &pkt.PublicKey, pkt)
-			if err != nil {
-				return nil, err
-			}
-		case *packet.PublicKey:
-			if !pkt.IsSubkey {
-				packets.Unread(p)
-				break EachPacket
-			}
-			err = addSubkey(e, packets, pkt, nil)
-			if err != nil {
-				return nil, err
-			}
-		default:
-			// we ignore unknown packets.
-		}
-	}
-
-	if len(e.Identities) == 0 && e.PrimaryKey.Version < 6 {
-		return nil, errors.StructuralError(fmt.Sprintf("v%d entity without any identities", e.PrimaryKey.Version))
-	}
-
-	// An implementation MUST ensure that a valid direct-key signature is present before using a v6 key.
-	if e.PrimaryKey.Version == 6 {
-		if len(directSignatures) == 0 {
-			return nil, errors.StructuralError("v6 entity without a valid direct-key signature")
-		}
-		// Select main direct key signature.
-		var mainDirectKeySelfSignature *packet.Signature
-		for _, directSignature := range directSignatures {
-			if directSignature.SigType == packet.SigTypeDirectSignature &&
-				directSignature.CheckKeyIdOrFingerprint(e.PrimaryKey) &&
-				(mainDirectKeySelfSignature == nil ||
-					directSignature.CreationTime.After(mainDirectKeySelfSignature.CreationTime)) {
-				mainDirectKeySelfSignature = directSignature
-			}
-		}
-		if mainDirectKeySelfSignature == nil {
-			return nil, errors.StructuralError("no valid direct-key self-signature for v6 primary key found")
-		}
-		// Check that the main self-signature is valid.
-		err = e.PrimaryKey.VerifyDirectKeySignature(mainDirectKeySelfSignature)
-		if err != nil {
-			return nil, errors.StructuralError("invalid direct-key self-signature for v6 primary key")
-		}
-		e.SelfSignature = mainDirectKeySelfSignature
-		e.Signatures = directSignatures
-	}
-
-	for _, revocation := range revocations {
-		err = e.PrimaryKey.VerifyRevocationSignature(revocation)
-		if err == nil {
-			e.Revocations = append(e.Revocations, revocation)
-		} else {
-			// TODO: RFC 4880 5.2.3.15 defines revocation keys.
-			return nil, errors.StructuralError("revocation signature signed by alternate key")
-		}
-	}
-
-	return e, nil
-}
-
-func addUserID(e *Entity, packets *packet.Reader, pkt *packet.UserId) error {
-	// Make a new Identity object, that we might wind up throwing away.
-	// We'll only add it if we get a valid self-signature over this
-	// userID.
-	identity := new(Identity)
-	identity.Name = pkt.Id
-	identity.UserId = pkt
-
-	for {
-		p, err := packets.Next()
-		if err == io.EOF {
-			break
-		} else if err != nil {
-			return err
-		}
-
-		sig, ok := p.(*packet.Signature)
-		if !ok {
-			packets.Unread(p)
-			break
-		}
-
-		if sig.SigType != packet.SigTypeGenericCert &&
-			sig.SigType != packet.SigTypePersonaCert &&
-			sig.SigType != packet.SigTypeCasualCert &&
-			sig.SigType != packet.SigTypePositiveCert &&
-			sig.SigType != packet.SigTypeCertificationRevocation {
-			return errors.StructuralError("user ID signature with wrong type")
-		}
-
-		if sig.CheckKeyIdOrFingerprint(e.PrimaryKey) {
-			if err = e.PrimaryKey.VerifyUserIdSignature(pkt.Id, e.PrimaryKey, sig); err != nil {
-				return errors.StructuralError("user ID self-signature invalid: " + err.Error())
-			}
-			if sig.SigType == packet.SigTypeCertificationRevocation {
-				identity.Revocations = append(identity.Revocations, sig)
-			} else if identity.SelfSignature == nil || sig.CreationTime.After(identity.SelfSignature.CreationTime) {
-				identity.SelfSignature = sig
-			}
-			identity.Signatures = append(identity.Signatures, sig)
-			e.Identities[pkt.Id] = identity
-		} else {
-			identity.Signatures = append(identity.Signatures, sig)
-		}
-	}
-
-	return nil
-}
-
-func addSubkey(e *Entity, packets *packet.Reader, pub *packet.PublicKey, priv *packet.PrivateKey) error {
-	var subKey Subkey
-	subKey.PublicKey = pub
-	subKey.PrivateKey = priv
-
-	for {
-		p, err := packets.Next()
-		if err == io.EOF {
-			break
-		} else if err != nil {
-			return errors.StructuralError("subkey signature invalid: " + err.Error())
-		}
-
-		sig, ok := p.(*packet.Signature)
-		if !ok {
-			packets.Unread(p)
-			break
-		}
-
-		if sig.SigType != packet.SigTypeSubkeyBinding && sig.SigType != packet.SigTypeSubkeyRevocation {
-			return errors.StructuralError("subkey signature with wrong type")
-		}
-
-		if err := e.PrimaryKey.VerifyKeySignature(subKey.PublicKey, sig); err != nil {
-			return errors.StructuralError("subkey signature invalid: " + err.Error())
-		}
-
-		switch sig.SigType {
-		case packet.SigTypeSubkeyRevocation:
-			subKey.Revocations = append(subKey.Revocations, sig)
-		case packet.SigTypeSubkeyBinding:
-			if subKey.Sig == nil || sig.CreationTime.After(subKey.Sig.CreationTime) {
-				subKey.Sig = sig
-			}
-		}
-	}
-
-	if subKey.Sig == nil {
-		return errors.StructuralError("subkey packet not followed by signature")
-	}
-
-	e.Subkeys = append(e.Subkeys, subKey)
-
-	return nil
-}
-
-// SerializePrivate serializes an Entity, including private key material, but
-// excluding signatures from other entities, to the given Writer.
-// Identities and subkeys are re-signed in case they changed since NewEntry.
-// If config is nil, sensible defaults will be used.
-func (e *Entity) SerializePrivate(w io.Writer, config *packet.Config) (err error) {
-	if e.PrivateKey.Dummy() {
-		return errors.ErrDummyPrivateKey("dummy private key cannot re-sign identities")
-	}
-	return e.serializePrivate(w, config, true)
-}
-
-// SerializePrivateWithoutSigning serializes an Entity, including private key
-// material, but excluding signatures from other entities, to the given Writer.
-// Self-signatures of identities and subkeys are not re-signed. This is useful
-// when serializing GNU dummy keys, among other things.
-// If config is nil, sensible defaults will be used.
-func (e *Entity) SerializePrivateWithoutSigning(w io.Writer, config *packet.Config) (err error) {
-	return e.serializePrivate(w, config, false)
-}
-
-func (e *Entity) serializePrivate(w io.Writer, config *packet.Config, reSign bool) (err error) {
-	if e.PrivateKey == nil {
-		return goerrors.New("openpgp: private key is missing")
-	}
-	err = e.PrivateKey.Serialize(w)
-	if err != nil {
-		return
-	}
-	for _, revocation := range e.Revocations {
-		err := revocation.Serialize(w)
-		if err != nil {
-			return err
-		}
-	}
-	for _, directSignature := range e.Signatures {
-		err := directSignature.Serialize(w)
-		if err != nil {
-			return err
-		}
-	}
-	for _, ident := range e.Identities {
-		err = ident.UserId.Serialize(w)
-		if err != nil {
-			return
-		}
-		if reSign {
-			if ident.SelfSignature == nil {
-				return goerrors.New("openpgp: can't re-sign identity without valid self-signature")
-			}
-			err = ident.SelfSignature.SignUserId(ident.UserId.Id, e.PrimaryKey, e.PrivateKey, config)
-			if err != nil {
-				return
-			}
-		}
-		for _, sig := range ident.Signatures {
-			err = sig.Serialize(w)
-			if err != nil {
-				return err
-			}
-		}
-	}
-	for _, subkey := range e.Subkeys {
-		err = subkey.PrivateKey.Serialize(w)
-		if err != nil {
-			return
-		}
-		if reSign {
-			err = subkey.Sig.SignKey(subkey.PublicKey, e.PrivateKey, config)
-			if err != nil {
-				return
-			}
-			if subkey.Sig.EmbeddedSignature != nil {
-				err = subkey.Sig.EmbeddedSignature.CrossSignKey(subkey.PublicKey, e.PrimaryKey,
-					subkey.PrivateKey, config)
-				if err != nil {
-					return
-				}
-			}
-		}
-		for _, revocation := range subkey.Revocations {
-			err := revocation.Serialize(w)
-			if err != nil {
-				return err
-			}
-		}
-		err = subkey.Sig.Serialize(w)
-		if err != nil {
-			return
-		}
-	}
-	return nil
-}
-
-// Serialize writes the public part of the given Entity to w, including
-// signatures from other entities. No private key material will be output.
-func (e *Entity) Serialize(w io.Writer) error {
-	err := e.PrimaryKey.Serialize(w)
-	if err != nil {
-		return err
-	}
-	for _, revocation := range e.Revocations {
-		err := revocation.Serialize(w)
-		if err != nil {
-			return err
-		}
-	}
-	for _, directSignature := range e.Signatures {
-		err := directSignature.Serialize(w)
-		if err != nil {
-			return err
-		}
-	}
-	for _, ident := range e.Identities {
-		err = ident.UserId.Serialize(w)
-		if err != nil {
-			return err
-		}
-		for _, sig := range ident.Signatures {
-			err = sig.Serialize(w)
-			if err != nil {
-				return err
-			}
-		}
-	}
-	for _, subkey := range e.Subkeys {
-		err = subkey.PublicKey.Serialize(w)
-		if err != nil {
-			return err
-		}
-		for _, revocation := range subkey.Revocations {
-			err := revocation.Serialize(w)
-			if err != nil {
-				return err
-			}
-		}
-		err = subkey.Sig.Serialize(w)
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-// SignIdentity adds a signature to e, from signer, attesting that identity is
-// associated with e. The provided identity must already be an element of
-// e.Identities and the private key of signer must have been decrypted if
-// necessary.
-// If config is nil, sensible defaults will be used.
-func (e *Entity) SignIdentity(identity string, signer *Entity, config *packet.Config) error {
-	certificationKey, ok := signer.CertificationKey(config.Now())
-	if !ok {
-		return errors.InvalidArgumentError("no valid certification key found")
-	}
-
-	if certificationKey.PrivateKey.Encrypted {
-		return errors.InvalidArgumentError("signing Entity's private key must be decrypted")
-	}
-
-	ident, ok := e.Identities[identity]
-	if !ok {
-		return errors.InvalidArgumentError("given identity string not found in Entity")
-	}
-
-	sig := createSignaturePacket(certificationKey.PublicKey, packet.SigTypeGenericCert, config)
-
-	signingUserID := config.SigningUserId()
-	if signingUserID != "" {
-		if _, ok := signer.Identities[signingUserID]; !ok {
-			return errors.InvalidArgumentError("signer identity string not found in signer Entity")
-		}
-		sig.SignerUserId = &signingUserID
-	}
-
-	if err := sig.SignUserId(identity, e.PrimaryKey, certificationKey.PrivateKey, config); err != nil {
-		return err
-	}
-	ident.Signatures = append(ident.Signatures, sig)
-	return nil
-}
-
-// RevokeKey generates a key revocation signature (packet.SigTypeKeyRevocation) with the
-// specified reason code and text (RFC4880 section-5.2.3.23).
-// If config is nil, sensible defaults will be used.
-func (e *Entity) RevokeKey(reason packet.ReasonForRevocation, reasonText string, config *packet.Config) error {
-	revSig := createSignaturePacket(e.PrimaryKey, packet.SigTypeKeyRevocation, config)
-	revSig.RevocationReason = &reason
-	revSig.RevocationReasonText = reasonText
-
-	if err := revSig.RevokeKey(e.PrimaryKey, e.PrivateKey, config); err != nil {
-		return err
-	}
-	e.Revocations = append(e.Revocations, revSig)
-	return nil
-}
-
-// RevokeSubkey generates a subkey revocation signature (packet.SigTypeSubkeyRevocation) for
-// a subkey with the specified reason code and text (RFC4880 section-5.2.3.23).
-// If config is nil, sensible defaults will be used.
-func (e *Entity) RevokeSubkey(sk *Subkey, reason packet.ReasonForRevocation, reasonText string, config *packet.Config) error {
-	if err := e.PrimaryKey.VerifyKeySignature(sk.PublicKey, sk.Sig); err != nil {
-		return errors.InvalidArgumentError("given subkey is not associated with this key")
-	}
-
-	revSig := createSignaturePacket(e.PrimaryKey, packet.SigTypeSubkeyRevocation, config)
-	revSig.RevocationReason = &reason
-	revSig.RevocationReasonText = reasonText
-
-	if err := revSig.RevokeSubkey(sk.PublicKey, e.PrivateKey, config); err != nil {
-		return err
-	}
-
-	sk.Revocations = append(sk.Revocations, revSig)
-	return nil
-}
-
-func (e *Entity) primaryDirectSignature() *packet.Signature {
-	return e.SelfSignature
-}
-
-// PrimarySelfSignature searches the entity for the self-signature that stores key preferences.
-// For V4 keys, returns the self-signature of the primary identity, and the identity.
-// For V6 keys, returns the latest valid direct-key self-signature, and no identity (nil).
-// This self-signature is to be used to check the key expiration,
-// algorithm preferences, and so on.
-func (e *Entity) PrimarySelfSignature() (*packet.Signature, *Identity) {
-	if e.PrimaryKey.Version == 6 {
-		return e.primaryDirectSignature(), nil
-	}
-	primaryIdentity := e.PrimaryIdentity()
-	if primaryIdentity == nil {
-		return nil, nil
-	}
-	return primaryIdentity.SelfSignature, primaryIdentity
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/keys_test_data.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/keys_test_data.go
deleted file mode 100644
index 108fd096f3..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/keys_test_data.go
+++ /dev/null
@@ -1,538 +0,0 @@
-package openpgp
-
-const expiringKeyHex = "c6c04d0451d0c680010800abbb021fd03ffc4e96618901180c3fdcb060ee69eeead97b91256d11420d80b5f1b51930248044130bd300605cf8a05b7a40d3d8cfb0a910be2e3db50dcd50a9c54064c2a5550801daa834ff4480b33d3d3ca495ff8a4e84a886977d17d998f881241a874083d8b995beab555b6d22b8a4817ab17ac3e7304f7d4d2c05c495fb2218348d3bc13651db1d92732e368a9dd7dcefa6eddff30b94706a9aaee47e9d39321460b740c59c6fc3c2fd8ab6c0fb868cb87c0051f0321301fe0f0e1820b15e7fb7063395769b525005c7e30a7ce85984f5cac00504e7b4fdc45d74958de8388436fd5c7ba9ea121f1c851b5911dd1b47a14d81a09e92ef37721e2325b6790011010001cd00c2c07b041001080025050251d0c680050900278d00060b09070803020415080a0203160201021901021b03021e01000a0910e7b484133a890a35ae4b0800a1beb82e7f28eaf5273d6af9d3391314f6280b2b624eaca2851f89a9ebcaf80ac589ebd509f168bc4322106ca2e2ce77a76e071a3c7444787d65216b5f05e82c77928860b92aace3b7d0327db59492f422eb9dfab7249266d37429870b091a98aba8724c2259ebf8f85093f21255eafa75aa841e31d94f2ac891b9755fed455e539044ee69fc47950b80e003fc9f298d695660f28329eaa38037c367efde1727458e514faf990d439a21461b719edaddf9296d3d0647b43ca56cb8dbf63b4fcf8b9968e7928c463470fab3b98e44d0d95645062f94b2d04fe56bd52822b71934db8ce845622c40b92fcbe765a142e7f38b61a6aa9606c8e8858dcd3b6eb1894acec04d0451d1f06b01080088bea67444e1789390e7c0335c86775502d58ec783d99c8ef4e06de235ed3dd4b0467f6f358d818c7d8989d43ec6d69fcbc8c32632d5a1b605e3fa8e41d695fcdcaa535936cd0157f9040dce362519803b908eafe838bb13216c885c6f93e9e8d5745607f0d062322085d6bdc760969149a8ff8dd9f5c18d9bfe2e6f63a06e17694cf1f67587c6fb70e9aebf90ffc528ca3b615ac7c9d4a21ea4f7c06f2e98fbbd90a859b8608bf9ea638e3a54289ce44c283110d0c45fa458de6251cd6e7baf71f80f12c8978340490fd90c92b81736ae902ed958e478dceae2835953d189c45d182aff02ea2be61b81d8e94430f041d638647b43e2fcb45fd512fbf5068b810011010001c2c06504180108000f050251d1f06b050900081095021b0c000a0910e7b484133a890a35e63407fe2ec88d6d1e6c9ce7553ece0cb2524747217bad29f251d33df84599ffcc900141a355abd62126800744068a5e05dc167056aa9205273dc7765a2ed49db15c2a83b8d6e6429c902136f1e12229086c1c10c0053242c2a4ae1930db58163387a48cad64607ff2153c320e42843dec28e3fce90e7399d63ac0affa2fee1f0adc0953c89eb3f46ef1d6c04328ed13b491669d5120a3782e3ffb7c69575fb77eebd108794f4dda9d34be2bae57e8e59ec8ebfda2f6f06104b2321be408ea146e2db482b00c5055c8618de36ac9716f80da2617e225556d0fce61b01c8cea2d1e0ea982c31711060ca370f2739366e1e708f38405d784b49d16a26cf62d152eae734327cec04d0451d1f07b010800d5af91c5e7c2fd8951c8d254eab0c97cdcb66822f868b79b78c366255059a68fd74ebca9adb9b970cd9e586690e6e0756705432306878c897b10a4b4ca0005966f99ac8fa4e6f9caf54bf8e53844544beee9872a7ac64c119cf1393d96e674254b661f61ee975633d0e8a8672531edb6bb8e211204e7754a9efa802342118eee850beea742bac95a3f706cc2024cf6037a308bb68162b2f53b9a6346a96e6d31871a2456186e24a1c7a82b82ac04afdfd57cd7fb9ba77a9c760d40b76a170f7be525e5fb6a9848cc726e806187710d9b190387df28700f321f988a392899f93815cc937f309129eb94d5299c5547cb2c085898e6639496e70d746c9d3fb9881d0011010001c2c06504180108000f050251d1f07b050900266305021b0c000a0910e7b484133a890a35bff207fd10dfe8c4a6ea1dd30568012b6fd6891a763c87ad0f7a1d112aad9e8e3239378a3b85588c235865bac2e614348cb4f216d7217f53b3ef48c192e0a4d31d64d7bfa5faccf21155965fa156e887056db644a05ad08a85cc6152d1377d9e37b46f4ff462bbe68ace2dc586ef90070314576c985d8037c2ba63f0a7dc17a62e15bd77e88bc61d9d00858979709f12304264a4cf4225c5cf86f12c8e19486cb9cdcc69f18f027e5f16f4ca8b50e28b3115eaff3a345acd21f624aef81f6ede515c1b55b26b84c1e32264754eab672d5489b287e7277ea855e0a5ff2aa9e8b8c76d579a964ec225255f4d57bf66639ccb34b64798846943e162a41096a7002ca21c7f56"
-const subkeyUsageHex = "988d04533a52bc010400d26af43085558f65b9e7dbc90cb9238015259aed5e954637adcfa2181548b2d0b60c65f1f42ec5081cbf1bc0a8aa4900acfb77070837c58f26012fbce297d70afe96e759ad63531f0037538e70dbf8e384569b9720d99d8eb39d8d0a2947233ed242436cb6ac7dfe74123354b3d0119b5c235d3dd9c9d6c004f8ffaf67ad8583001101000188b7041f010200210502533b8552170c8001ce094aa433f7040bb2ddf0be3893cb843d0fe70c020700000a0910a42704b92866382aa98404009d63d916a27543da4221c60087c33f1c44bec9998c5438018ed370cca4962876c748e94b73eb39c58eb698063f3fd6346d58dd2a11c0247934c4a9d71f24754f7468f96fb24c3e791dd2392b62f626148ad724189498cbf993db2df7c0cdc2d677c35da0f16cb16c9ce7c33b4de65a4a91b1d21a130ae9cc26067718910ef8e2b417556d627261203c756d627261407379642e65642e61753e88b80413010200220502533a52bc021b03060b090807030206150802090a0b0416020301021e01021780000a0910a42704b92866382a47840400c0c2bd04f5fca586de408b395b3c280a278259c93eaaa8b79a53b97003f8ed502a8a00446dd9947fb462677e4fcac0dac2f0701847d15130aadb6cd9e0705ea0cf5f92f129136c7be21a718d46c8e641eb7f044f2adae573e11ae423a0a9ca51324f03a8a2f34b91fa40c3cc764bee4dccadedb54c768ba0469b683ea53f1c29b88d04533a52bc01040099c92a5d6f8b744224da27bc2369127c35269b58bec179de6bbc038f749344222f85a31933224f26b70243c4e4b2d242f0c4777eaef7b5502f9dad6d8bf3aaeb471210674b74de2d7078af497d55f5cdad97c7bedfbc1b41e8065a97c9c3d344b21fc81d27723af8e374bc595da26ea242dccb6ae497be26eea57e563ed517e90011010001889f0418010200090502533a52bc021b0c000a0910a42704b92866382afa1403ff70284c2de8a043ff51d8d29772602fa98009b7861c540535f874f2c230af8caf5638151a636b21f8255003997ccd29747fdd06777bb24f9593bd7d98a3e887689bf902f999915fcc94625ae487e5d13e6616f89090ebc4fdc7eb5cad8943e4056995bb61c6af37f8043016876a958ec7ebf39c43d20d53b7f546cfa83e8d2604b88d04533b8283010400c0b529316dbdf58b4c54461e7e669dc11c09eb7f73819f178ccd4177b9182b91d138605fcf1e463262fabefa73f94a52b5e15d1904635541c7ea540f07050ce0fb51b73e6f88644cec86e91107c957a114f69554548a85295d2b70bd0b203992f76eb5d493d86d9eabcaa7ef3fc7db7e458438db3fcdb0ca1cc97c638439a9170011010001889f0418010200090502533b8283021b0c000a0910a42704b92866382adc6d0400cfff6258485a21675adb7a811c3e19ebca18851533f75a7ba317950b9997fda8d1a4c8c76505c08c04b6c2cc31dc704d33da36a21273f2b388a1a706f7c3378b66d887197a525936ed9a69acb57fe7f718133da85ec742001c5d1864e9c6c8ea1b94f1c3759cebfd93b18606066c063a63be86085b7e37bdbc65f9a915bf084bb901a204533b85cd110400aed3d2c52af2b38b5b67904b0ef73d6dd7aef86adb770e2b153cd22489654dcc91730892087bb9856ae2d9f7ed1eb48f214243fe86bfe87b349ebd7c30e630e49c07b21fdabf78b7a95c8b7f969e97e3d33f2e074c63552ba64a2ded7badc05ce0ea2be6d53485f6900c7860c7aa76560376ce963d7271b9b54638a4028b573f00a0d8854bfcdb04986141568046202192263b9b67350400aaa1049dbc7943141ef590a70dcb028d730371d92ea4863de715f7f0f16d168bd3dc266c2450457d46dcbbf0b071547e5fbee7700a820c3750b236335d8d5848adb3c0da010e998908dfd93d961480084f3aea20b247034f8988eccb5546efaa35a92d0451df3aaf1aee5aa36a4c4d462c760ecd9cebcabfbe1412b1f21450f203fd126687cd486496e971a87fd9e1a8a765fe654baa219a6871ab97768596ab05c26c1aeea8f1a2c72395a58dbc12ef9640d2b95784e974a4d2d5a9b17c25fedacfe551bda52602de8f6d2e48443f5dd1a2a2a8e6a5e70ecdb88cd6e766ad9745c7ee91d78cc55c3d06536b49c3fee6c3d0b6ff0fb2bf13a314f57c953b8f4d93bf88e70418010200090502533b85cd021b0200520910a42704b92866382a47200419110200060502533b85cd000a091042ce2c64bc0ba99214b2009e26b26852c8b13b10c35768e40e78fbbb48bd084100a0c79d9ea0844fa5853dd3c85ff3ecae6f2c9dd6c557aa04008bbbc964cd65b9b8299d4ebf31f41cc7264b8cf33a00e82c5af022331fac79efc9563a822497ba012953cefe2629f1242fcdcb911dbb2315985bab060bfd58261ace3c654bdbbe2e8ed27a46e836490145c86dc7bae15c011f7e1ffc33730109b9338cd9f483e7cef3d2f396aab5bd80efb6646d7e778270ee99d934d187dd98"
-const revokedKeyHex = "988d045331ce82010400c4fdf7b40a5477f206e6ee278eaef888ca73bf9128a9eef9f2f1ddb8b7b71a4c07cfa241f028a04edb405e4d916c61d6beabc333813dc7b484d2b3c52ee233c6a79b1eea4e9cc51596ba9cd5ac5aeb9df62d86ea051055b79d03f8a4fa9f38386f5bd17529138f3325d46801514ea9047977e0829ed728e68636802796801be10011010001889f04200102000905025331d0e3021d03000a0910a401d9f09a34f7c042aa040086631196405b7e6af71026b88e98012eab44aa9849f6ef3fa930c7c9f23deaedba9db1538830f8652fb7648ec3fcade8dbcbf9eaf428e83c6cbcc272201bfe2fbb90d41963397a7c0637a1a9d9448ce695d9790db2dc95433ad7be19eb3de72dacf1d6db82c3644c13eae2a3d072b99bb341debba012c5ce4006a7d34a1f4b94b444526567205265766f6b657220283c52656727732022424d204261726973746122204b657920262530305c303e5c29203c72656740626d626172697374612e636f2e61753e88b704130102002205025331ce82021b03060b090807030206150802090a0b0416020301021e01021780000a0910a401d9f09a34f7c0019c03f75edfbeb6a73e7225ad3cc52724e2872e04260d7daf0d693c170d8c4b243b8767bc7785763533febc62ec2600c30603c433c095453ede59ff2fcabeb84ce32e0ed9d5cf15ffcbc816202b64370d4d77c1e9077d74e94a16fb4fa2e5bec23a56d7a73cf275f91691ae1801a976fcde09e981a2f6327ac27ea1fecf3185df0d56889c04100102000605025331cfb5000a0910fe9645554e8266b64b4303fc084075396674fb6f778d302ac07cef6bc0b5d07b66b2004c44aef711cbac79617ef06d836b4957522d8772dd94bf41a2f4ac8b1ee6d70c57503f837445a74765a076d07b829b8111fc2a918423ddb817ead7ca2a613ef0bfb9c6b3562aec6c3cf3c75ef3031d81d95f6563e4cdcc9960bcb386c5d757b104fcca5fe11fc709df884604101102000605025331cfe7000a09107b15a67f0b3ddc0317f6009e360beea58f29c1d963a22b962b80788c3fa6c84e009d148cfde6b351469b8eae91187eff07ad9d08fcaab88d045331ce820104009f25e20a42b904f3fa555530fe5c46737cf7bd076c35a2a0d22b11f7e0b61a69320b768f4a80fe13980ce380d1cfc4a0cd8fbe2d2e2ef85416668b77208baa65bf973fe8e500e78cc310d7c8705cdb34328bf80e24f0385fce5845c33bc7943cf6b11b02348a23da0bf6428e57c05135f2dc6bd7c1ce325d666d5a5fd2fd5e410011010001889f04180102000905025331ce82021b0c000a0910a401d9f09a34f7c0418003fe34feafcbeaef348a800a0d908a7a6809cc7304017d820f70f0474d5e23cb17e38b67dc6dca282c6ca00961f4ec9edf2738d0f087b1d81e4871ef08e1798010863afb4eac4c44a376cb343be929c5be66a78cfd4456ae9ec6a99d97f4e1c3ff3583351db2147a65c0acef5c003fb544ab3a2e2dc4d43646f58b811a6c3a369d1f"
-const revokedSubkeyHex = "988d04533121f6010400aefc803a3e4bb1a61c86e8a86d2726c6a43e0079e9f2713f1fa017e9854c83877f4aced8e331d675c67ea83ddab80aacbfa0b9040bb12d96f5a3d6be09455e2a76546cbd21677537db941cab710216b6d24ec277ee0bd65b910f416737ed120f6b93a9d3b306245c8cfd8394606fdb462e5cf43c551438d2864506c63367fc890011010001b41d416c696365203c616c69636540626d626172697374612e636f2e61753e88bb041301020025021b03060b090807030206150802090a0b0416020301021e01021780050253312798021901000a09104ef7e4beccde97f015a803ff5448437780f63263b0df8442a995e7f76c221351a51edd06f2063d8166cf3157aada4923dfc44aa0f2a6a4da5cf83b7fe722ba8ab416c976e77c6b5682e7f1069026673bd0de56ba06fd5d7a9f177607f277d9b55ff940a638c3e68525c67517e2b3d976899b93ca267f705b3e5efad7d61220e96b618a4497eab8d04403d23f8846041011020006050253312910000a09107b15a67f0b3ddc03d96e009f50b6365d86c4be5d5e9d0ea42d5e56f5794c617700a0ab274e19c2827780016d23417ce89e0a2c0d987d889c04100102000605025331cf7a000a0910a401d9f09a34f7c0ee970400aca292f213041c9f3b3fc49148cbda9d84afee6183c8dd6c5ff2600b29482db5fecd4303797be1ee6d544a20a858080fec43412061c9a71fae4039fd58013b4ae341273e6c66ad4c7cdd9e68245bedb260562e7b166f2461a1032f2b38c0e0e5715fb3d1656979e052b55ca827a76f872b78a9fdae64bc298170bfcebedc1271b41a416c696365203c616c696365407379646973702e6f722e61753e88b804130102002205025331278b021b03060b090807030206150802090a0b0416020301021e01021780000a09104ef7e4beccde97f06a7003fa03c3af68d272ebc1fa08aa72a03b02189c26496a2833d90450801c4e42c5b5f51ad96ce2d2c9cef4b7c02a6a2fcf1412d6a2d486098eb762f5010a201819c17fd2888aec8eda20c65a3b75744de7ee5cc8ac7bfc470cbe3cb982720405a27a3c6a8c229cfe36905f881b02ed5680f6a8f05866efb9d6c5844897e631deb949ca8846041011020006050253312910000a09107b15a67f0b3ddc0347bc009f7fa35db59147469eb6f2c5aaf6428accb138b22800a0caa2f5f0874bacc5909c652a57a31beda65eddd5889c04100102000605025331cf7a000a0910a401d9f09a34f7c0316403ff46f2a5c101256627f16384d34a38fb47a6c88ba60506843e532d91614339fccae5f884a5741e7582ffaf292ba38ee10a270a05f139bde3814b6a077e8cd2db0f105ebea2a83af70d385f13b507fac2ad93ff79d84950328bb86f3074745a8b7f9b64990fb142e2a12976e27e8d09a28dc5621f957ac49091116da410ac3cbde1b88d04533121f6010400cbd785b56905e4192e2fb62a720727d43c4fa487821203cf72138b884b78b701093243e1d8c92a0248a6c0203a5a88693da34af357499abacaf4b3309c640797d03093870a323b4b6f37865f6eaa2838148a67df4735d43a90ca87942554cdf1c4a751b1e75f9fd4ce4e97e278d6c1c7ed59d33441df7d084f3f02beb68896c70011010001889f0418010200090502533121f6021b0c000a09104ef7e4beccde97f0b98b03fc0a5ccf6a372995835a2f5da33b282a7d612c0ab2a97f59cf9fff73e9110981aac2858c41399afa29624a7fd8a0add11654e3d882c0fd199e161bdad65e5e2548f7b68a437ea64293db1246e3011cbb94dc1bcdeaf0f2539bd88ff16d95547144d97cead6a8c5927660a91e6db0d16eb36b7b49a3525b54d1644e65599b032b7eb901a204533127a0110400bd3edaa09eff9809c4edc2c2a0ebe52e53c50a19c1e49ab78e6167bf61473bb08f2050d78a5cbbc6ed66aff7b42cd503f16b4a0b99fa1609681fca9b7ce2bbb1a5b3864d6cdda4d7ef7849d156d534dea30fb0efb9e4cf8959a2b2ce623905882d5430b995a15c3b9fe92906086788b891002924f94abe139b42cbbfaaabe42f00a0b65dc1a1ad27d798adbcb5b5ad02d2688c89477b03ff4eebb6f7b15a73b96a96bed201c0e5e4ea27e4c6e2dd1005b94d4b90137a5b1cf5e01c6226c070c4cc999938101578877ee76d296b9aab8246d57049caacf489e80a3f40589cade790a020b1ac146d6f7a6241184b8c7fcde680eae3188f5dcbe846d7f7bdad34f6fcfca08413e19c1d5df83fc7c7c627d493492e009c2f52a80400a2fe82de87136fd2e8845888c4431b032ba29d9a29a804277e31002a8201fb8591a3e55c7a0d0881496caf8b9fb07544a5a4879291d0dc026a0ea9e5bd88eb4aa4947bbd694b25012e208a250d65ddc6f1eea59d3aed3b4ec15fcab85e2afaa23a40ab1ef9ce3e11e1bc1c34a0e758e7aa64deb8739276df0af7d4121f834a9b88e70418010200090502533127a0021b02005209104ef7e4beccde97f047200419110200060502533127a0000a0910dbce4ee19529437fe045009c0b32f5ead48ee8a7e98fac0dea3d3e6c0e2c552500a0ad71fadc5007cfaf842d9b7db3335a8cdad15d3d1a6404009b08e2c68fe8f3b45c1bb72a4b3278cdf3012aa0f229883ad74aa1f6000bb90b18301b2f85372ca5d6b9bf478d235b733b1b197d19ccca48e9daf8e890cb64546b4ce1b178faccfff07003c172a2d4f5ebaba9f57153955f3f61a9b80a4f5cb959908f8b211b03b7026a8a82fc612bfedd3794969bcf458c4ce92be215a1176ab88d045331d144010400a5063000c5aaf34953c1aa3bfc95045b3aab9882b9a8027fecfe2142dc6b47ba8aca667399990244d513dd0504716908c17d92c65e74219e004f7b83fc125e575dd58efec3ab6dd22e3580106998523dea42ec75bf9aa111734c82df54630bebdff20fe981cfc36c76f865eb1c2fb62c9e85bc3a6e5015a361a2eb1c8431578d0011010001889f04280102000905025331d433021d03000a09104ef7e4beccde97f02e5503ff5e0630d1b65291f4882b6d40a29da4616bb5088717d469fbcc3648b8276de04a04988b1f1b9f3e18f52265c1f8b6c85861691c1a6b8a3a25a1809a0b32ad330aec5667cb4262f4450649184e8113849b05e5ad06a316ea80c001e8e71838190339a6e48bbde30647bcf245134b9a97fa875c1d83a9862cae87ffd7e2c4ce3a1b89013d04180102000905025331d144021b0200a809104ef7e4beccde97f09d2004190102000605025331d144000a0910677815e371c2fd23522203fe22ab62b8e7a151383cea3edd3a12995693911426f8ccf125e1f6426388c0010f88d9ca7da2224aee8d1c12135998640c5e1813d55a93df472faae75bef858457248db41b4505827590aeccf6f9eb646da7f980655dd3050c6897feddddaca90676dee856d66db8923477d251712bb9b3186b4d0114daf7d6b59272b53218dd1da94a03ff64006fcbe71211e5daecd9961fba66cdb6de3f914882c58ba5beddeba7dcb950c1156d7fba18c19ea880dccc800eae335deec34e3b84ac75ffa24864f782f87815cda1c0f634b3dd2fa67cea30811d21723d21d9551fa12ccbcfa62b6d3a15d01307b99925707992556d50065505b090aadb8579083a20fe65bd2a270da9b011"
-
-const missingCrossSignatureKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-Charset: UTF-8
-
-mQENBFMYynYBCACVOZ3/e8Bm2b9KH9QyIlHGo/i1bnkpqsgXj8tpJ2MIUOnXMMAY
-ztW7kKFLCmgVdLIC0vSoLA4yhaLcMojznh/2CcUglZeb6Ao8Gtelr//Rd5DRfPpG
-zqcfUo+m+eO1co2Orabw0tZDfGpg5p3AYl0hmxhUyYSc/xUq93xL1UJzBFgYXY54
-QsM8dgeQgFseSk/YvdP5SMx1ev+eraUyiiUtWzWrWC1TdyRa5p4UZg6Rkoppf+WJ
-QrW6BWrhAtqATHc8ozV7uJjeONjUEq24roRc/OFZdmQQGK6yrzKnnbA6MdHhqpdo
-9kWDcXYb7pSE63Lc+OBa5X2GUVvXJLS/3nrtABEBAAG0F2ludmFsaWQtc2lnbmlu
-Zy1zdWJrZXlziQEoBBMBAgASBQJTnKB5AhsBAgsHAhUIAh4BAAoJEO3UDQUIHpI/
-dN4H/idX4FQ1LIZCnpHS/oxoWQWfpRgdKAEM0qCqjMgiipJeEwSQbqjTCynuh5/R
-JlODDz85ABR06aoF4l5ebGLQWFCYifPnJZ/Yf5OYcMGtb7dIbqxWVFL9iLMO/oDL
-ioI3dotjPui5e+2hI9pVH1UHB/bZ/GvMGo6Zg0XxLPolKQODMVjpjLAQ0YJ3spew
-RAmOGre6tIvbDsMBnm8qREt7a07cBJ6XK7xjxYaZHQBiHVxyEWDa6gyANONx8duW
-/fhQ/zDTnyVM/ik6VO0Ty9BhPpcEYLFwh5c1ilFari1ta3e6qKo6ZGa9YMk/REhu
-yBHd9nTkI+0CiQUmbckUiVjDKKe5AQ0EUxjKdgEIAJcXQeP+NmuciE99YcJoffxv
-2gVLU4ZXBNHEaP0mgaJ1+tmMD089vUQAcyGRvw8jfsNsVZQIOAuRxY94aHQhIRHR
-bUzBN28ofo/AJJtfx62C15xt6fDKRV6HXYqAiygrHIpEoRLyiN69iScUsjIJeyFL
-C8wa72e8pSL6dkHoaV1N9ZH/xmrJ+k0vsgkQaAh9CzYufncDxcwkoP+aOlGtX1gP
-WwWoIbz0JwLEMPHBWvDDXQcQPQTYQyj+LGC9U6f9VZHN25E94subM1MjuT9OhN9Y
-MLfWaaIc5WyhLFyQKW2Upofn9wSFi8ubyBnv640Dfd0rVmaWv7LNTZpoZ/GbJAMA
-EQEAAYkBHwQYAQIACQUCU5ygeQIbAgAKCRDt1A0FCB6SP0zCB/sEzaVR38vpx+OQ
-MMynCBJrakiqDmUZv9xtplY7zsHSQjpd6xGflbU2n+iX99Q+nav0ETQZifNUEd4N
-1ljDGQejcTyKD6Pkg6wBL3x9/RJye7Zszazm4+toJXZ8xJ3800+BtaPoI39akYJm
-+ijzbskvN0v/j5GOFJwQO0pPRAFtdHqRs9Kf4YanxhedB4dIUblzlIJuKsxFit6N
-lgGRblagG3Vv2eBszbxzPbJjHCgVLR3RmrVezKOsZjr/2i7X+xLWIR0uD3IN1qOW
-CXQxLBizEEmSNVNxsp7KPGTLnqO3bPtqFirxS9PJLIMPTPLNBY7ZYuPNTMqVIUWF
-4artDmrG
-=7FfJ
------END PGP PUBLIC KEY BLOCK-----`
-
-const invalidCrossSignatureKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-
-mQENBFMYynYBCACVOZ3/e8Bm2b9KH9QyIlHGo/i1bnkpqsgXj8tpJ2MIUOnXMMAY
-ztW7kKFLCmgVdLIC0vSoLA4yhaLcMojznh/2CcUglZeb6Ao8Gtelr//Rd5DRfPpG
-zqcfUo+m+eO1co2Orabw0tZDfGpg5p3AYl0hmxhUyYSc/xUq93xL1UJzBFgYXY54
-QsM8dgeQgFseSk/YvdP5SMx1ev+eraUyiiUtWzWrWC1TdyRa5p4UZg6Rkoppf+WJ
-QrW6BWrhAtqATHc8ozV7uJjeONjUEq24roRc/OFZdmQQGK6yrzKnnbA6MdHhqpdo
-9kWDcXYb7pSE63Lc+OBa5X2GUVvXJLS/3nrtABEBAAG0F2ludmFsaWQtc2lnbmlu
-Zy1zdWJrZXlziQEoBBMBAgASBQJTnKB5AhsBAgsHAhUIAh4BAAoJEO3UDQUIHpI/
-dN4H/idX4FQ1LIZCnpHS/oxoWQWfpRgdKAEM0qCqjMgiipJeEwSQbqjTCynuh5/R
-JlODDz85ABR06aoF4l5ebGLQWFCYifPnJZ/Yf5OYcMGtb7dIbqxWVFL9iLMO/oDL
-ioI3dotjPui5e+2hI9pVH1UHB/bZ/GvMGo6Zg0XxLPolKQODMVjpjLAQ0YJ3spew
-RAmOGre6tIvbDsMBnm8qREt7a07cBJ6XK7xjxYaZHQBiHVxyEWDa6gyANONx8duW
-/fhQ/zDTnyVM/ik6VO0Ty9BhPpcEYLFwh5c1ilFari1ta3e6qKo6ZGa9YMk/REhu
-yBHd9nTkI+0CiQUmbckUiVjDKKe5AQ0EUxjKdgEIAIINDqlj7X6jYKc6DjwrOkjQ
-UIRWbQQar0LwmNilehmt70g5DCL1SYm9q4LcgJJ2Nhxj0/5qqsYib50OSWMcKeEe
-iRXpXzv1ObpcQtI5ithp0gR53YPXBib80t3bUzomQ5UyZqAAHzMp3BKC54/vUrSK
-FeRaxDzNLrCeyI00+LHNUtwghAqHvdNcsIf8VRumK8oTm3RmDh0TyjASWYbrt9c8
-R1Um3zuoACOVy+mEIgIzsfHq0u7dwYwJB5+KeM7ZLx+HGIYdUYzHuUE1sLwVoELh
-+SHIGHI1HDicOjzqgajShuIjj5hZTyQySVprrsLKiXS6NEwHAP20+XjayJ/R3tEA
-EQEAAYkCPgQYAQIBKAUCU5ygeQIbAsBdIAQZAQIABgUCU5ygeQAKCRCpVlnFZmhO
-52RJB/9uD1MSa0wjY6tHOIgquZcP3bHBvHmrHNMw9HR2wRCMO91ZkhrpdS3ZHtgb
-u3/55etj0FdvDo1tb8P8FGSVtO5Vcwf5APM8sbbqoi8L951Q3i7qt847lfhu6sMl
-w0LWFvPTOLHrliZHItPRjOltS1WAWfr2jUYhsU9ytaDAJmvf9DujxEOsN5G1YJep
-54JCKVCkM/y585Zcnn+yxk/XwqoNQ0/iJUT9qRrZWvoeasxhl1PQcwihCwss44A+
-YXaAt3hbk+6LEQuZoYS73yR3WHj+42tfm7YxRGeubXfgCEz/brETEWXMh4pe0vCL
-bfWrmfSPq2rDegYcAybxRQz0lF8PAAoJEO3UDQUIHpI/exkH/0vQfdHA8g/N4T6E
-i6b1CUVBAkvtdJpCATZjWPhXmShOw62gkDw306vHPilL4SCvEEi4KzG72zkp6VsB
-DSRcpxCwT4mHue+duiy53/aRMtSJ+vDfiV1Vhq+3sWAck/yUtfDU9/u4eFaiNok1
-8/Gd7reyuZt5CiJnpdPpjCwelK21l2w7sHAnJF55ITXdOxI8oG3BRKufz0z5lyDY
-s2tXYmhhQIggdgelN8LbcMhWs/PBbtUr6uZlNJG2lW1yscD4aI529VjwJlCeo745
-U7pO4eF05VViUJ2mmfoivL3tkhoTUWhx8xs8xCUcCg8DoEoSIhxtOmoTPR22Z9BL
-6LCg2mg=
-=Dhm4
------END PGP PUBLIC KEY BLOCK-----`
-
-const goodCrossSignatureKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1
-
-mI0EVUqeVwEEAMufHRrMPWK3gyvi0O0tABCs/oON9zV9KDZlr1a1M91ShCSFwCPo
-7r80PxdWVWcj0V5h50/CJYtpN3eE/mUIgW2z1uDYQF1OzrQ8ubrksfsJvpAhENom
-lTQEppv9mV8qhcM278teb7TX0pgrUHLYF5CfPdp1L957JLLXoQR/lwLVABEBAAG0
-E2dvb2Qtc2lnbmluZy1zdWJrZXmIuAQTAQIAIgUCVUqeVwIbAwYLCQgHAwIGFQgC
-CQoLBBYCAwECHgECF4AACgkQNRjL95IRWP69XQQAlH6+eyXJN4DZTLX78KGjHrsw
-6FCvxxClEPtPUjcJy/1KCRQmtLAt9PbbA78dvgzjDeZMZqRAwdjyJhjyg/fkU2OH
-7wq4ktjUu+dLcOBb+BFMEY+YjKZhf6EJuVfxoTVr5f82XNPbYHfTho9/OABKH6kv
-X70PaKZhbwnwij8Nts65AaIEVUqftREEAJ3WxZfqAX0bTDbQPf2CMT2IVMGDfhK7
-GyubOZgDFFjwUJQvHNvsrbeGLZ0xOBumLINyPO1amIfTgJNm1iiWFWfmnHReGcDl
-y5mpYG60Mb79Whdcer7CMm3AqYh/dW4g6IB02NwZMKoUHo3PXmFLxMKXnWyJ0clw
-R0LI/Qn509yXAKDh1SO20rqrBM+EAP2c5bfI98kyNwQAi3buu94qo3RR1ZbvfxgW
-CKXDVm6N99jdZGNK7FbRifXqzJJDLcXZKLnstnC4Sd3uyfyf1uFhmDLIQRryn5m+
-LBYHfDBPN3kdm7bsZDDq9GbTHiFZUfm/tChVKXWxkhpAmHhU/tH6GGzNSMXuIWSO
-aOz3Rqq0ED4NXyNKjdF9MiwD/i83S0ZBc0LmJYt4Z10jtH2B6tYdqnAK29uQaadx
-yZCX2scE09UIm32/w7pV77CKr1Cp/4OzAXS1tmFzQ+bX7DR+Gl8t4wxr57VeEMvl
-BGw4Vjh3X8//m3xynxycQU18Q1zJ6PkiMyPw2owZ/nss3hpSRKFJsxMLhW3fKmKr
-Ey2KiOcEGAECAAkFAlVKn7UCGwIAUgkQNRjL95IRWP5HIAQZEQIABgUCVUqftQAK
-CRD98VjDN10SqkWrAKDTpEY8D8HC02E/KVC5YUI01B30wgCgurpILm20kXEDCeHp
-C5pygfXw1DJrhAP+NyPJ4um/bU1I+rXaHHJYroYJs8YSweiNcwiHDQn0Engh/mVZ
-SqLHvbKh2dL/RXymC3+rjPvQf5cup9bPxNMa6WagdYBNAfzWGtkVISeaQW+cTEp/
-MtgVijRGXR/lGLGETPg2X3Afwn9N9bLMBkBprKgbBqU7lpaoPupxT61bL70=
-=vtbN
------END PGP PUBLIC KEY BLOCK-----`
-
-const revokedUserIDKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-
-mQENBFsgO5EBCADhREPmcjsPkXe1z7ctvyWL0S7oa9JaoGZ9oPDHFDlQxd0qlX2e
-DZJZDg0qYvVixmaULIulApq1puEsaJCn3lHUbHlb4PYKwLEywYXM28JN91KtLsz/
-uaEX2KC5WqeP40utmzkNLq+oRX/xnRMgwbO7yUNVG2UlEa6eI+xOXO3YtLdmJMBW
-ClQ066ZnOIzEo1JxnIwha1CDBMWLLfOLrg6l8InUqaXbtEBbnaIYO6fXVXELUjkx
-nmk7t/QOk0tXCy8muH9UDqJkwDUESY2l79XwBAcx9riX8vY7vwC34pm22fAUVLCJ
-x1SJx0J8bkeNp38jKM2Zd9SUQqSbfBopQ4pPABEBAAG0I0dvbGFuZyBHb3BoZXIg
-PG5vLXJlcGx5QGdvbGFuZy5jb20+iQFUBBMBCgA+FiEE5Ik5JLcNx6l6rZfw1oFy
-9I6cUoMFAlsgO5ECGwMFCQPCZwAFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQ
-1oFy9I6cUoMIkwf8DNPeD23i4jRwd/pylbvxwZintZl1fSwTJW1xcOa1emXaEtX2
-depuqhP04fjlRQGfsYAQh7X9jOJxAHjTmhqFBi5sD7QvKU00cPFYbJ/JTx0B41bl
-aXnSbGhRPh63QtEZL7ACAs+shwvvojJqysx7kyVRu0EW2wqjXdHwR/SJO6nhNBa2
-DXzSiOU/SUA42mmG+5kjF8Aabq9wPwT9wjraHShEweNerNMmOqJExBOy3yFeyDpa
-XwEZFzBfOKoxFNkIaVf5GSdIUGhFECkGvBMB935khftmgR8APxdU4BE7XrXexFJU
-8RCuPXonm4WQOwTWR0vQg64pb2WKAzZ8HhwTGbQiR29sYW5nIEdvcGhlciA8cmV2
-b2tlZEBnb2xhbmcuY29tPokBNgQwAQoAIBYhBOSJOSS3Dcepeq2X8NaBcvSOnFKD
-BQJbIDv3Ah0AAAoJENaBcvSOnFKDfWMIAKhI/Tvu3h8fSUxp/gSAcduT6bC1JttG
-0lYQ5ilKB/58lBUA5CO3ZrKDKlzW3M8VEcvohVaqeTMKeoQd5rCZq8KxHn/KvN6N
-s85REfXfniCKfAbnGgVXX3kDmZ1g63pkxrFu0fDZjVDXC6vy+I0sGyI/Inro0Pzb
-tvn0QCsxjapKK15BtmSrpgHgzVqVg0cUp8vqZeKFxarYbYB2idtGRci4b9tObOK0
-BSTVFy26+I/mrFGaPrySYiy2Kz5NMEcRhjmTxJ8jSwEr2O2sUR0yjbgUAXbTxDVE
-/jg5fQZ1ACvBRQnB7LvMHcInbzjyeTM3FazkkSYQD6b97+dkWwb1iWG5AQ0EWyA7
-kQEIALkg04REDZo1JgdYV4x8HJKFS4xAYWbIva1ZPqvDNmZRUbQZR2+gpJGEwn7z
-VofGvnOYiGW56AS5j31SFf5kro1+1bZQ5iOONBng08OOo58/l1hRseIIVGB5TGSa
-PCdChKKHreJI6hS3mShxH6hdfFtiZuB45rwoaArMMsYcjaezLwKeLc396cpUwwcZ
-snLUNd1Xu5EWEF2OdFkZ2a1qYdxBvAYdQf4+1Nr+NRIx1u1NS9c8jp3PuMOkrQEi
-bNtc1v6v0Jy52mKLG4y7mC/erIkvkQBYJdxPaP7LZVaPYc3/xskcyijrJ/5ufoD8
-K71/ShtsZUXSQn9jlRaYR0EbojMAEQEAAYkBPAQYAQoAJhYhBOSJOSS3Dcepeq2X
-8NaBcvSOnFKDBQJbIDuRAhsMBQkDwmcAAAoJENaBcvSOnFKDkFMIAIt64bVZ8x7+
-TitH1bR4pgcNkaKmgKoZz6FXu80+SnbuEt2NnDyf1cLOSimSTILpwLIuv9Uft5Pb
-OraQbYt3xi9yrqdKqGLv80bxqK0NuryNkvh9yyx5WoG1iKqMj9/FjGghuPrRaT4l
-QinNAghGVkEy1+aXGFrG2DsOC1FFI51CC2WVTzZ5RwR2GpiNRfESsU1rZAUqf/2V
-yJl9bD5R4SUNy8oQmhOxi+gbhD4Ao34e4W0ilibslI/uawvCiOwlu5NGd8zv5n+U
-heiQvzkApQup5c+BhH5zFDFdKJ2CBByxw9+7QjMFI/wgLixKuE0Ob2kAokXf7RlB
-7qTZOahrETw=
-=IKnw
------END PGP PUBLIC KEY BLOCK-----`
-
-const keyWithFirstUserIDRevoked = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: OpenPGP.js v4.10.10
-Comment: https://openpgpjs.org
-
-xsBNBFsgO5EBCADhREPmcjsPkXe1z7ctvyWL0S7oa9JaoGZ9oPDHFDlQxd0q
-lX2eDZJZDg0qYvVixmaULIulApq1puEsaJCn3lHUbHlb4PYKwLEywYXM28JN
-91KtLsz/uaEX2KC5WqeP40utmzkNLq+oRX/xnRMgwbO7yUNVG2UlEa6eI+xO
-XO3YtLdmJMBWClQ066ZnOIzEo1JxnIwha1CDBMWLLfOLrg6l8InUqaXbtEBb
-naIYO6fXVXELUjkxnmk7t/QOk0tXCy8muH9UDqJkwDUESY2l79XwBAcx9riX
-8vY7vwC34pm22fAUVLCJx1SJx0J8bkeNp38jKM2Zd9SUQqSbfBopQ4pPABEB
-AAHNIkdvbGFuZyBHb3BoZXIgPHJldm9rZWRAZ29sYW5nLmNvbT7CwI0EMAEK
-ACAWIQTkiTkktw3HqXqtl/DWgXL0jpxSgwUCWyA79wIdAAAhCRDWgXL0jpxS
-gxYhBOSJOSS3Dcepeq2X8NaBcvSOnFKDfWMIAKhI/Tvu3h8fSUxp/gSAcduT
-6bC1JttG0lYQ5ilKB/58lBUA5CO3ZrKDKlzW3M8VEcvohVaqeTMKeoQd5rCZ
-q8KxHn/KvN6Ns85REfXfniCKfAbnGgVXX3kDmZ1g63pkxrFu0fDZjVDXC6vy
-+I0sGyI/Inro0Pzbtvn0QCsxjapKK15BtmSrpgHgzVqVg0cUp8vqZeKFxarY
-bYB2idtGRci4b9tObOK0BSTVFy26+I/mrFGaPrySYiy2Kz5NMEcRhjmTxJ8j
-SwEr2O2sUR0yjbgUAXbTxDVE/jg5fQZ1ACvBRQnB7LvMHcInbzjyeTM3Fazk
-kSYQD6b97+dkWwb1iWHNI0dvbGFuZyBHb3BoZXIgPG5vLXJlcGx5QGdvbGFu
-Zy5jb20+wsCrBBMBCgA+FiEE5Ik5JLcNx6l6rZfw1oFy9I6cUoMFAlsgO5EC
-GwMFCQPCZwAFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AAIQkQ1oFy9I6cUoMW
-IQTkiTkktw3HqXqtl/DWgXL0jpxSgwiTB/wM094PbeLiNHB3+nKVu/HBmKe1
-mXV9LBMlbXFw5rV6ZdoS1fZ16m6qE/Th+OVFAZ+xgBCHtf2M4nEAeNOaGoUG
-LmwPtC8pTTRw8Vhsn8lPHQHjVuVpedJsaFE+HrdC0RkvsAICz6yHC++iMmrK
-zHuTJVG7QRbbCqNd0fBH9Ik7qeE0FrYNfNKI5T9JQDjaaYb7mSMXwBpur3A/
-BP3COtodKETB416s0yY6okTEE7LfIV7IOlpfARkXMF84qjEU2QhpV/kZJ0hQ
-aEUQKQa8EwH3fmSF+2aBHwA/F1TgETtetd7EUlTxEK49eiebhZA7BNZHS9CD
-rilvZYoDNnweHBMZzsBNBFsgO5EBCAC5INOERA2aNSYHWFeMfByShUuMQGFm
-yL2tWT6rwzZmUVG0GUdvoKSRhMJ+81aHxr5zmIhluegEuY99UhX+ZK6NftW2
-UOYjjjQZ4NPDjqOfP5dYUbHiCFRgeUxkmjwnQoSih63iSOoUt5kocR+oXXxb
-YmbgeOa8KGgKzDLGHI2nsy8Cni3N/enKVMMHGbJy1DXdV7uRFhBdjnRZGdmt
-amHcQbwGHUH+PtTa/jUSMdbtTUvXPI6dz7jDpK0BImzbXNb+r9CcudpiixuM
-u5gv3qyJL5EAWCXcT2j+y2VWj2HN/8bJHMoo6yf+bn6A/Cu9f0obbGVF0kJ/
-Y5UWmEdBG6IzABEBAAHCwJMEGAEKACYWIQTkiTkktw3HqXqtl/DWgXL0jpxS
-gwUCWyA7kQIbDAUJA8JnAAAhCRDWgXL0jpxSgxYhBOSJOSS3Dcepeq2X8NaB
-cvSOnFKDkFMIAIt64bVZ8x7+TitH1bR4pgcNkaKmgKoZz6FXu80+SnbuEt2N
-nDyf1cLOSimSTILpwLIuv9Uft5PbOraQbYt3xi9yrqdKqGLv80bxqK0NuryN
-kvh9yyx5WoG1iKqMj9/FjGghuPrRaT4lQinNAghGVkEy1+aXGFrG2DsOC1FF
-I51CC2WVTzZ5RwR2GpiNRfESsU1rZAUqf/2VyJl9bD5R4SUNy8oQmhOxi+gb
-hD4Ao34e4W0ilibslI/uawvCiOwlu5NGd8zv5n+UheiQvzkApQup5c+BhH5z
-FDFdKJ2CBByxw9+7QjMFI/wgLixKuE0Ob2kAokXf7RlB7qTZOahrETw=
-=+2T8
------END PGP PUBLIC KEY BLOCK-----
-`
-
-const keyWithOnlyUserIDRevoked = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-
-mDMEYYwB7RYJKwYBBAHaRw8BAQdARimqhPPzyGAXmfQJjcqM1QVPzLtURJSzNVll
-JV4tEaW0KVJldm9rZWQgUHJpbWFyeSBVc2VyIElEIDxyZXZva2VkQGtleS5jb20+
-iHgEMBYIACAWIQSpyJZAXYqVEFkjyKutFcS0yeB0LQUCYYwCtgIdAAAKCRCtFcS0
-yeB0LbSsAQD8OYMaaBjrdzzpwIkP1stgmPd4/kzN/ZG28Ywl6a5F5QEA5Xg7aq4e
-/t6Fsb4F5iqB956kSPe6YJrikobD/tBbMwSIkAQTFggAOBYhBKnIlkBdipUQWSPI
-q60VxLTJ4HQtBQJhjAHtAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEK0V
-xLTJ4HQtBaoBAPZL7luTCji+Tqhn7XNfFE/0QIahCt8k9wfO1cGlB3inAQDf8Tzw
-ZGR5fNluUcNoVxQT7bUSFStbaGo3k0BaOYPbCLg4BGGMAe0SCisGAQQBl1UBBQEB
-B0DLwSpveSrbIO/IVZD13yrs1XuB3FURZUnafGrRq7+jUAMBCAeIeAQYFggAIBYh
-BKnIlkBdipUQWSPIq60VxLTJ4HQtBQJhjAHtAhsMAAoJEK0VxLTJ4HQtZ1oA/j9u
-8+p3xTNzsmabTL6BkNbMeB/RUKCrlm6woM6AV+vxAQCcXTn3JC2sNoNrLoXuVzaA
-mcG3/TwG5GSQUUPkrDsGDA==
-=mFWy
------END PGP PUBLIC KEY BLOCK-----
-`
-
-const keyWithSubKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-
-mI0EWyKwKQEEALwXhKBnyaaNFeK3ljfc/qn9X/QFw+28EUfgZPHjRmHubuXLE2uR
-s3ZoSXY2z7Dkv+NyHYMt8p+X8q5fR7JvUjK2XbPyKoiJVnHINll83yl67DaWfKNL
-EjNoO0kIfbXfCkZ7EG6DL+iKtuxniGTcnGT47e+HJSqb/STpLMnWwXjBABEBAAG0
-I0dvbGFuZyBHb3BoZXIgPG5vLXJlcGx5QGdvbGFuZy5jb20+iM4EEwEKADgWIQQ/
-lRafP/p9PytHbwxMvYJsOQdOOAUCWyKwKQIbAwULCQgHAwUVCgkICwUWAgMBAAIe
-AQIXgAAKCRBMvYJsOQdOOOsFBAC62mXww8XuqvYLcVOvHkWLT6mhxrQOJXnlfpn7
-2uBV9CMhoG/Ycd43NONsJrB95Apr9TDIqWnVszNbqPCuBhZQSGLdbiDKjxnCWBk0
-69qv4RNtkpOhYB7jK4s8F5oQZqId6JasT/PmJTH92mhBYhhTQr0GYFuPX2UJdkw9
-Sn9C67iNBFsisDUBBAC3A+Yo9lgCnxi/pfskyLrweYif6kIXWLAtLTsM6g/6jt7b
-wTrknuCPyTv0QKGXsAEe/cK/Xq3HvX9WfXPGIHc/X56ZIsHQ+RLowbZV/Lhok1IW
-FAuQm8axr/by80cRwFnzhfPc/ukkAq2Qyj4hLsGblu6mxeAhzcp8aqmWOO2H9QAR
-AQABiLYEKAEKACAWIQQ/lRafP/p9PytHbwxMvYJsOQdOOAUCWyK16gIdAAAKCRBM
-vYJsOQdOOB1vA/4u4uLONsE+2GVOyBsHyy7uTdkuxaR9b54A/cz6jT/tzUbeIzgx
-22neWhgvIEghnUZd0vEyK9k1wy5vbDlEo6nKzHso32N1QExGr5upRERAxweDxGOj
-7luDwNypI7QcifE64lS/JmlnunwRCdRWMKc0Fp+7jtRc5mpwyHN/Suf5RokBagQY
-AQoAIBYhBD+VFp8/+n0/K0dvDEy9gmw5B044BQJbIrA1AhsCAL8JEEy9gmw5B044
-tCAEGQEKAB0WIQSNdnkaWY6t62iX336UXbGvYdhXJwUCWyKwNQAKCRCUXbGvYdhX
-JxJSA/9fCPHP6sUtGF1o3G1a3yvOUDGr1JWcct9U+QpbCt1mZoNopCNDDQAJvDWl
-mvDgHfuogmgNJRjOMznvahbF+wpTXmB7LS0SK412gJzl1fFIpK4bgnhu0TwxNsO1
-8UkCZWqxRMgcNUn9z6XWONK8dgt5JNvHSHrwF4CxxwjL23AAtK+FA/UUoi3U4kbC
-0XnSr1Sl+mrzQi1+H7xyMe7zjqe+gGANtskqexHzwWPUJCPZ5qpIa2l8ghiUim6b
-4ymJ+N8/T8Yva1FaPEqfMzzqJr8McYFm0URioXJPvOAlRxdHPteZ0qUopt/Jawxl
-Xt6B9h1YpeLoJwjwsvbi98UTRs0jXwoY
-=3fWu
------END PGP PUBLIC KEY BLOCK-----`
-
-const keyWithSubKeyAndBadSelfSigOrder = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-
-mI0EWyLLDQEEAOqIOpJ/ha1OYAGduu9tS3rBz5vyjbNgJO4sFveEM0mgsHQ0X9/L
-plonW+d0gRoO1dhJ8QICjDAc6+cna1DE3tEb5m6JtQ30teLZuqrR398Cf6w7NNVz
-r3lrlmnH9JaKRuXl7tZciwyovneBfZVCdtsRZjaLI1uMQCz/BToiYe3DABEBAAG0
-I0dvbGFuZyBHb3BoZXIgPG5vLXJlcGx5QGdvbGFuZy5jb20+iM4EEwEKADgWIQRZ
-sixZOfQcZdW0wUqmgmdsv1O9xgUCWyLLDQIbAwULCQgHAwUVCgkICwUWAgMBAAIe
-AQIXgAAKCRCmgmdsv1O9xql2A/4pix98NxjhdsXtazA9agpAKeADf9tG4Za27Gj+
-3DCww/E4iP2X35jZimSm/30QRB6j08uGCqd9vXkkJxtOt63y/IpVOtWX6vMWSTUm
-k8xKkaYMP0/IzKNJ1qC/qYEUYpwERBKg9Z+k99E2Ql4kRHdxXUHq6OzY79H18Y+s
-GdeM/riNBFsiyxsBBAC54Pxg/8ZWaZX1phGdwfe5mek27SOYpC0AxIDCSOdMeQ6G
-HPk38pywl1d+S+KmF/F4Tdi+kWro62O4eG2uc/T8JQuRDUhSjX0Qa51gPzJrUOVT
-CFyUkiZ/3ZDhtXkgfuso8ua2ChBgR9Ngr4v43tSqa9y6AK7v0qjxD1x+xMrjXQAR
-AQABiQFxBBgBCgAmAhsCFiEEWbIsWTn0HGXVtMFKpoJnbL9TvcYFAlsizTIFCQAN
-MRcAv7QgBBkBCgAdFiEEJcoVUVJIk5RWj1c/o62jUpRPICQFAlsiyxsACgkQo62j
-UpRPICQq5gQApoWIigZxXFoM0uw4uJBS5JFZtirTANvirZV5RhndwHeMN6JttaBS
-YnjyA4+n1D+zB2VqliD2QrsX12KJN6rGOehCtEIClQ1Hodo9nC6kMzzAwW1O8bZs
-nRJmXV+bsvD4sidLZLjdwOVa3Cxh6pvq4Uur6a7/UYx121hEY0Qx0s8JEKaCZ2y/
-U73GGi0D/i20VW8AWYAPACm2zMlzExKTOAV01YTQH/3vW0WLrOse53WcIVZga6es
-HuO4So0SOEAvxKMe5HpRIu2dJxTvd99Bo9xk9xJU0AoFrO0vNCRnL+5y68xMlODK
-lEw5/kl0jeaTBp6xX0HDQOEVOpPGUwWV4Ij2EnvfNDXaE1vK1kffiQFrBBgBCgAg
-AhsCFiEEWbIsWTn0HGXVtMFKpoJnbL9TvcYFAlsi0AYAv7QgBBkBCgAdFiEEJcoV
-UVJIk5RWj1c/o62jUpRPICQFAlsiyxsACgkQo62jUpRPICQq5gQApoWIigZxXFoM
-0uw4uJBS5JFZtirTANvirZV5RhndwHeMN6JttaBSYnjyA4+n1D+zB2VqliD2QrsX
-12KJN6rGOehCtEIClQ1Hodo9nC6kMzzAwW1O8bZsnRJmXV+bsvD4sidLZLjdwOVa
-3Cxh6pvq4Uur6a7/UYx121hEY0Qx0s8JEKaCZ2y/U73GRl0EAJokkXmy4zKDHWWi
-wvK9gi2gQgRkVnu2AiONxJb5vjeLhM/07BRmH6K1o+w3fOeEQp4FjXj1eQ5fPSM6
-Hhwx2CTl9SDnPSBMiKXsEFRkmwQ2AAsQZLmQZvKBkLZYeBiwf+IY621eYDhZfo+G
-1dh1WoUCyREZsJQg2YoIpWIcvw+a
-=bNRo
------END PGP PUBLIC KEY BLOCK-----
-`
-
-const onlySubkeyNoPrivateKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-Version: GnuPG v1
-
-lQCVBFggvocBBAC7vBsHn7MKmS6IiiZNTXdciplVgS9cqVd+RTdIAoyNTcsiV1H0
-GQ3QtodOPeDlQDNoqinqaobd7R9g3m3hS53Nor7yBZkCWQ5x9v9JxRtoAq0sklh1
-I1X2zEqZk2l6YrfBF/64zWrhjnW3j23szkrAIVu0faQXbQ4z56tmZrw11wARAQAB
-/gdlAkdOVQG0CUdOVSBEdW1teYi4BBMBAgAiBQJYIL6HAhsDBgsJCAcDAgYVCAIJ
-CgsEFgIDAQIeAQIXgAAKCRCd1xxWp1CYAnjGA/9synn6ZXJUKAXQzySgmCZvCIbl
-rqBfEpxwLG4Q/lONhm5vthAE0z49I8hj5Gc5e2tLYUtq0o0OCRdCrYHa/efOYWpJ
-6RsK99bePOisVzmOABLIgZkcr022kHoMCmkPgv9CUGKP1yqbGl+zzAwQfUjRUmvD
-ZIcWLHi2ge4GzPMPi50B2ARYIL6cAQQAxWHnicKejAFcFcF1/3gUSgSH7eiwuBPX
-M7vDdgGzlve1o1jbV4tzrjN9jsCl6r0nJPDMfBSzgLr1auNTRG6HpJ4abcOx86ED
-Ad+avDcQPZb7z3dPhH/gb2lQejZsHh7bbeOS8WMSzHV3RqCLd8J/xwWPNR5zKn1f
-yp4IGfopidMAEQEAAQAD+wQOelnR82+dxyM2IFmZdOB9wSXQeCVOvxSaNMh6Y3lk
-UOOkO8Nlic4x0ungQRvjoRs4wBmCuwFK/MII6jKui0B7dn/NDf51i7rGdNGuJXDH
-e676By1sEY/NGkc74jr74T+5GWNU64W0vkpfgVmjSAzsUtpmhJMXsc7beBhJdnVl
-AgDKCb8hZqj1alcdmLoNvb7ibA3K/V8J462CPD7bMySPBa/uayoFhNxibpoXml2r
-oOtHa5izF3b0/9JY97F6rqkdAgD6GdTJ+xmlCoz1Sewoif1I6krq6xoa7gOYpIXo
-UL1Afr+LiJeyAnF/M34j/kjIVmPanZJjry0kkjHE5ILjH3uvAf4/6n9np+Th8ujS
-YDCIzKwR7639+H+qccOaddCep8Y6KGUMVdD/vTKEx1rMtK+hK/CDkkkxnFslifMJ
-kqoqv3WUqCWJAT0EGAECAAkFAlggvpwCGwIAqAkQndccVqdQmAKdIAQZAQIABgUC
-WCC+nAAKCRDmGUholQPwvQk+A/9latnSsR5s5/1A9TFki11GzSEnfLbx46FYOdkW
-n3YBxZoPQGxNA1vIn8GmouxZInw9CF4jdOJxEdzLlYQJ9YLTLtN5tQEMl/19/bR8
-/qLacAZ9IOezYRWxxZsyn6//jfl7A0Y+FV59d4YajKkEfItcIIlgVBSW6T+TNQT3
-R+EH5HJ/A/4/AN0CmBhhE2vGzTnVU0VPrE4V64pjn1rufFdclgpixNZCuuqpKpoE
-VVHn6mnBf4njKjZrAGPs5kfQ+H4NsM7v3Zz4yV6deu9FZc4O6E+V1WJ38rO8eBix
-7G2jko106CC6vtxsCPVIzY7aaG3H5pjRtomw+pX7SzrQ7FUg2PGumg==
-=F/T0
------END PGP PRIVATE KEY BLOCK-----`
-
-const ecdsaPrivateKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-
-xaUEX1KsSRMIKoZIzj0DAQcCAwTpYqJsnJiFhKKh+8TulWD+lVmerBFNS+Ii
-B+nlG3T0xQQ4Sy5eIjJ0CExIQQzi3EElF/Z2l4F3WC5taFA11NgA/gkDCHSS
-PThf1M2K4LN8F1MRcvR+sb7i0nH55ojkwuVB1DE6jqIT9m9i+mX1tzjSAS+6
-lPQiweCJvG7xTC7Hs3AzRapf/r1At4TB+v+5G2/CKynNFEJpbGwgPGJpbGxA
-aG9tZS5jb20+wncEEBMIAB8FAl9SrEkGCwkHCAMCBBUICgIDFgIBAhkBAhsD
-Ah4BAAoJEMpwT3+q3+xqw5UBAMebZN9isEZ1ML+R/jWAAWMwa/knMugrEZ1v
-Bl9+ZwM0AQCZdf80/wYY4Nve01qSRFv8OmKswLli3TvDv6FKc4cLz8epBF9S
-rEkSCCqGSM49AwEHAgMEAjKnT9b5wY2bf9TpAV3d7OUfPOxKj9c4VzeVzSrH
-AtQgo/MuI1cdYVURicV4i76DNjFhQHQFTk7BrC+C2u1yqQMBCAf+CQMIHImA
-iYfzQtjgQWSFZYUkCFpbbwhNF0ch+3HNaZkaHCnZRIsWsRnc6FCb6lRQyK9+
-Dq59kHlduE5QgY40894jfmP2JdJHU6nBdYrivbEdbMJhBBgTCAAJBQJfUqxJ
-AhsMAAoJEMpwT3+q3+xqUI0BAMykhV08kQ4Ip9Qlbss6Jdufv7YrU0Vd5hou
-b5TmiPd0APoDBh3qIic+aLLUcAuG3+Gt1P1AbUlmqV61ozn1WfHxfw==
-=KLN8
------END PGP PRIVATE KEY BLOCK-----`
-
-const dsaPrivateKeyWithElGamalSubkey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-
-lQOBBF9/MLsRCACeaF6BI0jTgDAs86t8/kXPfwlPvR2MCYzB0BCqAdcq1hV/GTYd
-oNmJRna/ZJfsI/vf+d8Nv+EYOQkPheFS1MJVBitkAXjQPgm8i1tQWen1FCWZxqGk
-/vwZYF4yo8GhZ+Wxi3w09W9Cp9QM/CTmyE1Xe7wpPBGe+oD+me8Zxjyt8JBS4Qx+
-gvWbfHxfHnggh4pz7U8QkItlLsBNQEdX4R5+zwRN66g2ZSX/shaa/EkVnihUhD7r
-njP9I51ORWucTQD6OvgooaNQZCkQ/Se9TzdakwWKS2XSIFXiY/e2E5ZgKI/pfKDU
-iA/KessxddPb7nP/05OIJqg9AoDrD4vmehLzAQD+zsUS3LDU1m9/cG4LMsQbT2VK
-Te4HqbGIAle+eu/asQf8DDJMrbZpiJZvADum9j0TJ0oep6VdMbzo9RSDKvlLKT9m
-kG63H8oDWnCZm1a+HmGq9YIX+JHWmsLXXsFLeEouLzHO+mZo0X28eji3V2T87hyR
-MmUM0wFo4k7jK8uVmkDXv3XwNp2uByWxUKZd7EnWmcEZWqIiexJ7XpCS0Pg3tRaI
-zxve0SRe/dxfUPnTk/9KQ9hS6DWroBKquL182zx1Fggh4LIWWE2zq+UYn8BI0E8A
-rmIDFJdF8ymFQGRrEy6g79NnkPmkrZWsgMRYY65P6v4zLVmqohJKkpm3/Uxa6QAP
-CCoPh/JTOvPeCP2bOJH8z4Z9Py3ouMIjofQW8sXqRgf/RIHbh0KsINHrwwZ4gVIr
-MK3RofpaYxw1ztPIWb4cMWoWZHH1Pxh7ggTGSBpAhKXkiWw2Rxat8QF5aA7e962c
-bLvVv8dqsPrD/RnVJHag89cbPTzjn7gY9elE8EM8ithV3oQkwHTr4avYlpDZsgNd
-hUW3YgRwGo31tdzxoG04AcpV2t+07P8XMPr9hsfWs4rHohXPi38Hseu1Ji+dBoWQ
-3+1w/HH3o55s+jy4Ruaz78AIrjbmAJq+6rA2mIcCgrhw3DnzuwQAKeBvSeqn9zfS
-ZC812osMBVmkycwelpaIh64WZ0vWL3GvdXDctV2kXM+qVpDTLEny0LuiXxrwCKQL
-Ev4HAwK9uQBcreDEEud7pfRb8EYP5lzO2ZA7RaIvje6EWAGBvJGMRT0QQE5SGqc7
-Fw5geigBdt+vVyRuNNhg3c2fdn/OBQaYu0J/8AiOogG8EaM8tCFlbGdhbWFsQGRz
-YS5jb20gPGVsZ2FtYWxAZHNhLmNvbT6IkAQTEQgAOBYhBI+gnfiHQxB35/Dp0XAQ
-aE/rsWC5BQJffzC7AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEHAQaE/r
-sWC5A4EA/0GcJmyPtN+Klc7b9sVT3JgKTRnB/URxOJfYJofP0hZLAQCkqyMO+adV
-JvbgDH0zaITQWZSSXPqpgMpCA6juTrDsd50CawRffzC7EAgAxFFFSAAEQzWTgKU5
-EBtpxxoPzHqcChawTHRxHxjcELXzmUBS5PzfA1HXSPnNqK/x3Ut5ycC3CsW41Fnt
-Gm3706Wu9VFbFZVn55F9lPiplUo61n5pqMvOr1gmuQsdXiTa0t5FRa4TZ2VSiHFw
-vdAVSPTUsT4ZxJ1rPyFYRtq1n3pQcvdZowd07r0JnzTMjLLMFYCKhwIowoOC4zqJ
-iB8enjwOlpaqBATRm9xpVF7SJkroPF6/B1vdhj7E3c1aJyHlo0PYBAg756sSHWHg
-UuLyUQ4TA0hcCVenn/L/aSY2LnbdZB1EBhlYjA7dTCgwIqsQhfQmPkjz6g64A7+Y
-HbbrLwADBQgAk14QIEQ+J/VHetpQV/jt2pNsFK1kVK7mXK0spTExaC2yj2sXlHjL
-Ie3bO5T/KqmIaBEB5db5fA5xK9cZt79qrQHDKsEqUetUeMUWLBx77zBsus3grIgy
-bwDZKseRzQ715pwxquxQlScGoDIBKEh08HpwHkq140eIj3w+MAIfndaZaSCNaxaP
-Snky7BQmJ7Wc7qrIwoQP6yrnUqyW2yNi81nJYUhxjChqaFSlwzLs/iNGryBKo0ic
-BqVIRjikKHBlwBng6WyrltQo/Vt9GG8w+lqaAVXbJRlaBZJUR+2NKi/YhP3qQse3
-v8fi4kns0gh5LK+2C01RvdX4T49QSExuIf4HAwLJqYIGwadA2uem5v7/765ZtFWV
-oL0iZ0ueTJDby4wTFDpLVzzDi/uVcB0ZRFrGOp7w6OYcNYTtV8n3xmli2Q5Trw0c
-wZVzvg+ABKWiv7faBjMczIFF8y6WZKOIeAQYEQgAIBYhBI+gnfiHQxB35/Dp0XAQ
-aE/rsWC5BQJffzC7AhsMAAoJEHAQaE/rsWC5ZmIA/jhS4r4lClbvjuPWt0Yqdn7R
-fss2SPMYvMrrDh42aE0OAQD8xn4G6CN8UtW9xihXOY6FpxiJ/sMc2VaneeUd34oa
-4g==
-=XZm8
------END PGP PRIVATE KEY BLOCK-----`
-
-// https://tests.sequoia-pgp.org/#Certificate_expiration
-// P _ U p
-const expiringPrimaryUIDKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-
-xsDNBF2lnPIBDAC5cL9PQoQLTMuhjbYvb4Ncuuo0bfmgPRFywX53jPhoFf4Zg6mv
-/seOXpgecTdOcVttfzC8ycIKrt3aQTiwOG/ctaR4Bk/t6ayNFfdUNxHWk4WCKzdz
-/56fW2O0F23qIRd8UUJp5IIlN4RDdRCtdhVQIAuzvp2oVy/LaS2kxQoKvph/5pQ/
-5whqsyroEWDJoSV0yOb25B/iwk/pLUFoyhDG9bj0kIzDxrEqW+7Ba8nocQlecMF3
-X5KMN5kp2zraLv9dlBBpWW43XktjcCZgMy20SouraVma8Je/ECwUWYUiAZxLIlMv
-9CurEOtxUw6N3RdOtLmYZS9uEnn5y1UkF88o8Nku890uk6BrewFzJyLAx5wRZ4F0
-qV/yq36UWQ0JB/AUGhHVPdFf6pl6eaxBwT5GXvbBUibtf8YI2og5RsgTWtXfU7eb
-SGXrl5ZMpbA6mbfhd0R8aPxWfmDWiIOhBufhMCvUHh1sApMKVZnvIff9/0Dca3wb
-vLIwa3T4CyshfT0AEQEAAc0hQm9iIEJhYmJhZ2UgPGJvYkBvcGVucGdwLmV4YW1w
-bGU+wsFcBBMBCgCQBYJhesp/BYkEWQPJBQsJCAcCCRD7/MgqAV5zMEcUAAAAAAAe
-ACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmeEOQlNyTLFkc9I/elp+BpY
-495V7KatqtDmsyDr+zDAdwYVCgkICwIEFgIDAQIXgAIbAwIeARYhBNGmbhojsYLJ
-mA94jPv8yCoBXnMwAABSCQv/av8hKyynMtXVKFuWOGJw0mR8auDm84WdhMFRZg8t
-yTJ1L88+Ny4WUAFeqo2j7DU2yPGrm5rmuvzlEedFYFeOWt+A4adz+oumgRd0nsgG
-Lf3QYUWQhLWVlz+H7zubgKqSB2A2RqV65S7mTTVro42nb2Mng6rvGWiqeKG5nrXN
-/01p1mIBQGR/KnZSqYLzA2Pw2PiJoSkXT26PDz/kiEMXpjKMR6sicV4bKVlEdUvm
-pIImIPBHZq1EsKXEyWtWC41w/pc+FofGE+uSFs2aef1vvEHFkj3BHSK8gRcH3kfR
-eFroTET8C2q9V1AOELWm+Ys6PzGzF72URK1MKXlThuL4t4LjvXWGNA78IKW+/RQH
-DzK4U0jqSO0mL6qxqVS5Ij6jjL6OTrVEGdtDf5n0vI8tcUTBKtVqYAYk+t2YGT05
-ayxALtb7viVKo8f10WEcCuKshn0gdsEFMRZQzJ89uQIY3R3FbsdRCaE6OEaDgKMQ
-UTFROyfhthgzRKbRxfcplMUCzsDNBF2lnPIBDADWML9cbGMrp12CtF9b2P6z9TTT
-74S8iyBOzaSvdGDQY/sUtZXRg21HWamXnn9sSXvIDEINOQ6A9QxdxoqWdCHrOuW3
-ofneYXoG+zeKc4dC86wa1TR2q9vW+RMXSO4uImA+Uzula/6k1DogDf28qhCxMwG/
-i/m9g1c/0aApuDyKdQ1PXsHHNlgd/Dn6rrd5y2AObaifV7wIhEJnvqgFXDN2RXGj
-LeCOHV4Q2WTYPg/S4k1nMXVDwZXrvIsA0YwIMgIT86Rafp1qKlgPNbiIlC1g9RY/
-iFaGN2b4Ir6GDohBQSfZW2+LXoPZuVE/wGlQ01rh827KVZW4lXvqsge+wtnWlszc
-selGATyzqOK9LdHPdZGzROZYI2e8c+paLNDdVPL6vdRBUnkCaEkOtl1mr2JpQi5n
-TU+gTX4IeInC7E+1a9UDF/Y85ybUz8XV8rUnR76UqVC7KidNepdHbZjjXCt8/Zo+
-Tec9JNbYNQB/e9ExmDntmlHEsSEQzFwzj8sxH48AEQEAAcLA9gQYAQoAIBYhBNGm
-bhojsYLJmA94jPv8yCoBXnMwBQJdpZzyAhsMAAoJEPv8yCoBXnMw6f8L/26C34dk
-jBffTzMj5Bdzm8MtF67OYneJ4TQMw7+41IL4rVcSKhIhk/3Ud5knaRtP2ef1+5F6
-6h9/RPQOJ5+tvBwhBAcUWSupKnUrdVaZQanYmtSxcVV2PL9+QEiNN3tzluhaWO//
-rACxJ+K/ZXQlIzwQVTpNhfGzAaMVV9zpf3u0k14itcv6alKY8+rLZvO1wIIeRZLm
-U0tZDD5HtWDvUV7rIFI1WuoLb+KZgbYn3OWjCPHVdTrdZ2CqnZbG3SXw6awH9bzR
-LV9EXkbhIMez0deCVdeo+wFFklh8/5VK2b0vk/+wqMJxfpa1lHvJLobzOP9fvrsw
-sr92MA2+k901WeISR7qEzcI0Fdg8AyFAExaEK6VyjP7SXGLwvfisw34OxuZr3qmx
-1Sufu4toH3XrB7QJN8XyqqbsGxUCBqWif9RSK4xjzRTe56iPeiSJJOIciMP9i2ld
-I+KgLycyeDvGoBj0HCLO3gVaBe4ubVrj5KjhX2PVNEJd3XZRzaXZE2aAMQ==
-=AmgT
------END PGP PUBLIC KEY BLOCK-----`
-
-const rsa2048PrivateKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-Comment: gpg (GnuPG) 2.2.27 with libgcrypt 1.9.4
-
-lQPGBGL07P0BCADL0etN8efyAXA6sL2WfQvHe5wEKYXPWeN2+jiqSppfeRZAOlzP
-kZ3U+cloeJriplYvVJwI3ID2aw52Z/TRn8iKRP5eOUFrEgcgl06lazLtOndK7o7p
-oBV5mLtHEirFHm6W61fNt10jzM0jx0PV6nseLhFB2J42F1cmU/aBgFo41wjLSZYr
-owR+v+O9S5sUXblQF6sEDcY01sBEu09zrIgT49VFwQ1Cvdh9XZEOTQBfdiugoj5a
-DS3fAqAka3r1VoQK4eR7/upnYSgSACGeaQ4pUelKku5rpm50gdWTY8ppq0k9e1eT
-y2x0OQcW3hWE+j4os1ca0ZEADMdqr/99MOxrABEBAAH+BwMCJWxU4VOZOJ7/I6vX
-FxdfBhIBEXlJ52FM3S/oYtXqLhkGyrtmZOeEazVvUtuCe3M3ScHI8xCthcmE8E0j
-bi+ZEHPS2NiBZtgHFF27BLn7zZuTc+oD5WKduZdK3463egnyThTqIIMl25WZBuab
-k5ycwYrWwBH0jfA4gwJ13ai4pufKC2RM8qIu6YAVPglYBKFLKGvvJHa5vI+LuA0E
-K+k35hIic7yVUcQneNnAF2598X5yWiieYnOZpmHlRw1zfbMwOJr3ZNj2v94u7b+L
-sTa/1Uv9887Vb6sJp0c2Sh4cwEccoPYkvMqFn3ZrJUr3UdDu1K2vWohPtswzhrYV
-+RdPZE5RLoCQufKvlPezk0Pzhzb3bBU7XjUbdGY1nH/EyQeBNp+Gw6qldKvzcBaB
-cyOK1c6hPSszpJX93m5UxCN55IeifmcNjmbDh8vGCCdajy6d56qV2n4F3k7vt1J1
-0UlxIGhqijJoaTCX66xjLMC6VXkSz6aHQ35rnXosm/cqPcQshsZTdlfSyWkorfdr
-4Hj8viBER26mjYurTMLBKDtUN724ZrR0Ev5jorX9uoKlgl87bDZHty2Ku2S+vR68
-VAvnj6Fi1BYNclnDoqxdRB2z5T9JbWE52HuG83/QsplhEqXxESDxriTyTHMbNxEe
-88soVCDh4tgflZFa2ucUr6gEKJKij7jgahARnyaXfPZlQBUAS1YUeILYmN+VR+M/
-sHENpwDWc7TInn8VN638nJV+ScZGMih3AwWZTIoiLju3MMt1K0YZ3NuiqwGH4Jwg
-/BbEdTWeCci9y3NEQHQ3uZZ5p6j2CwFVlK11idemCMvAiTVxF+gKdaLMkeCwKxru
-J3YzhKEo+iDVYbPYBYizx/EHBn2U5kITQ5SBXzjTaaFMNZJEf9JYsL1ybPB6HOFY
-VNVB2KT8CGVwtCJHb2xhbmcgR29waGVyIDxnb2xhbmdAZXhhbXBsZS5vcmc+iQFO
-BBMBCgA4FiEEC6K7U7f4qesybTnqSkra7gHusm0FAmL07P0CGwMFCwkIBwIGFQoJ
-CAsCBBYCAwECHgECF4AACgkQSkra7gHusm1MvwgAxpClWkeSqIhMQfbiuz0+lOkE
-89y1DCFw8bHjZoUf4/4K8hFA3dGkk+q72XFgiyaCpfXxMt6Gi+dN47t+tTv9NIqC
-sukbaoJBmJDhN6+djmJOgOYy+FWsW2LAk2LOwKYulpnBZdcA5rlMAhBg7gevQpF+
-ruSU69P7UUaFJl/DC7hDmaIcj+4cjBE/HO26SnVQjoTfjZT82rDh1Wsuf8LnkJUk
-b3wezBLpXKjDvdHikdv4gdlR4AputVM38aZntYYglh/EASo5TneyZ7ZscdLNRdcF
-r5O2fKqrOJLOdaoYRFZZWOvP5GtEVFDU7WGivOSVfiszBE0wZR3dgZRJipHCXJ0D
-xgRi9Oz9AQgAtMJcJqLLVANJHl90tWuoizDkm+Imcwq2ubQAjpclnNrODnDK+7o4
-pBsWmXbZSdkC4gY+LhOQA6bPDD0JEHM58DOnrm49BddxXAyK0HPsk4sGGt2SS86B
-OawWNdfJVyqw4bAiHWDmQg4PcjBbt3ocOIxAR6I5kBSiQVxuGQs9T+Zvg3G1r3Or
-fS6DzlgY3HFUML5YsGH4lOxNSOoKAP68GIH/WNdUZ+feiRg9knIib6I3Hgtf5eO8
-JRH7aWE/TD7eNu36bLLjT5TZPq5r6xaD2plbtPOyXbNPWs9qI1yG+VnErfaLY0w8
-Qo0aqzbgID+CTZVomXSOpOcQseaFKw8ZfQARAQAB/gcDArha6+/+d4OY/w9N32K9
-hFNYt4LufTETMQ+k/sBeaMuAVzmT47DlAXzkrZhGW4dZOtXMu1rXaUwHlqkhEyzL
-L4MYEWVXfD+LbZNEK3MEFss6RK+UAMeT/PTV9aA8cXQVPcSJYzfBXHQ1U1hnOgrO
-apn92MN8RmkhX8wJLyeWTMMuP4lXByJMmmGo8WvifeRD2kFY4y0WVBDAXJAV4Ljf
-Di/bBiwoc5a+gxHuZT2W9ZSxBQJNXdt4Un2IlyZuo58s5MLx2N0EaNJ8PwRUE6fM
-RZYO8aZCEPUtINE4njbvsWOMCtrblsMPwZ1B0SiIaWmLaNyGdCNKea+fCIW7kasC
-JYMhnLumpUTXg5HNexkCsl7ABWj0PYBflOE61h8EjWpnQ7JBBVKS2ua4lMjwHRX7
-5o5yxym9k5UZNFdGoXVL7xpizCcdGawxTJvwhs3vBqu1ZWYCegOAZWDrOkCyhUpq
-8uKMROZFbn+FwE+7tjt+v2ed62FVEvD6g4V3ThCA6mQqeOARfJWN8GZY8BDm8lht
-crOXriUkrx+FlrgGtm2CkwjW5/9Xd7AhFpHnQdFeozOHyq1asNSgJF9sNi9Lz94W
-skQSVRi0IExxSXYGI3Y0nnAZUe2BAQflYPJdEveSr3sKlUqXiETTA1VXsTPK3kOC
-92CbLzj/Hz199jZvywwyu53I+GKMpF42rMq7zxr2oa61YWY4YE/GDezwwys/wLx/
-QpCW4X3ppI7wJjCSSqEV0baYZSSli1ayheS6dxi8QnSpX1Bmpz6gU7m/M9Sns+hl
-J7ZvgpjCAiV7KJTjtclr5/S02zP78LTVkoTWoz/6MOTROwaP63VBUXX8pbJhf/vu
-DLmNnDk8joMJxoDXWeNU0EnNl4hP7Z/jExRBOEO4oAnUf/Sf6gCWQhL5qcajtg6w
-tGv7vx3f2IkBNgQYAQoAIBYhBAuiu1O3+KnrMm056kpK2u4B7rJtBQJi9Oz9AhsM
-AAoJEEpK2u4B7rJt6lgIAMBWqP4BCOGnQXBbgJ0+ACVghpkFUXZTb/tXJc8UUvTM
-8uov6k/RsqDGZrvhhufD7Wwt7j9v7dD7VPp7bPyjVWyimglQzWguTUUqLDGlstYH
-5uYv1pzma0ZsAGNqFeGlTLsKOSGKFMH4rB2KfN2n51L8POvtp1y7GKZQbWIWneaB
-cZr3BINU5GMvYYU7pAYcoR+mJPdJx5Up3Ocn+bn8Tu1sy9C/ArtCQucazGnoE9u1
-HhNLrh0CdzzX7TNH6TQ8LwPOvq0K5l/WqbN9lE0WBBhMv2HydxhluO8AhU+A5GqC
-C+wET7nVDnhoOm/fstIeb7/LN7OYejKPeHdFBJEL9GA=
-=u442
------END PGP PRIVATE KEY BLOCK-----`
-
-const curve25519PrivateKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-Comment: gpg (GnuPG) 2.2.27 with libgcrypt 1.9.4
-
-lFgEYvTtQBYJKwYBBAHaRw8BAQdAxsNXLbrk5xOjpO24VhOMvQ0/F+JcyIkckMDH
-X3FIGxcAAQDFOlunZWYuPsCx5JLp78vKqUTfgef9TGG4oD6I/Sa0zBMstCJHb2xh
-bmcgR29waGVyIDxnb2xhbmdAZXhhbXBsZS5vcmc+iJAEExYIADgWIQSFQHEOazmo
-h1ldII4MvfnLQ4JBNwUCYvTtQAIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAK
-CRAMvfnLQ4JBN5yeAQCKdry8B5ScCPrev2+UByMCss7Sdu5RhomCFsHdNPLcKAEA
-8ugei+1owHsV+3cGwWWzKk6sLa8ZN87i3SKuOGp9DQycXQRi9O1AEgorBgEEAZdV
-AQUBAQdA5CubPp8l7lrVQ25h7Hx5XN2C8xanRnnpcjzEooCaEA0DAQgHAAD/Rpc+
-sOZUXrFk9HOWB1XU41LoWbDBoG8sP8RWAVYwD5AQRYh4BBgWCAAgFiEEhUBxDms5
-qIdZXSCODL35y0OCQTcFAmL07UACGwwACgkQDL35y0OCQTcvdwEA7lb5g/YisrEf
-iq660uwMGoepLUfvtqKzuQ6heYe83y0BAN65Ffg5HYOJzUEi0kZQRf7OhdtuL2kJ
-SRXn8DmCTfEB
-=cELM
------END PGP PRIVATE KEY BLOCK-----`
-
-const curve448PrivateKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-Comment: C1DB 65D5 80D7 B922 7254  4B1E A699 9895 FABA CE52
-
-xYUEYV2UmRYDK2VxAc9AFyxgh5xnSbyt50TWl558mw9xdMN+/UBLr5+UMP8IsrvV
-MdXuTIE8CyaUQKSotHtH2RkYEXj5nsMAAAHPQIbTMSzjIWug8UFECzAex5FHgAgH
-gYF3RK+TS8D24wX8kOu2C/NoVxwGY+p+i0JHaB+7yljriSKAGxs6wsBEBB8WCgCD
-BYJhXZSZBYkFpI+9AwsJBwkQppmYlfq6zlJHFAAAAAAAHgAgc2FsdEBub3RhdGlv
-bnMuc2VxdW9pYS1wZ3Aub3Jn5wSpIutJ5HncJWk4ruUV8GzQF390rR5+qWEAnAoY
-akcDFQoIApsBAh4BFiEEwdtl1YDXuSJyVEseppmYlfq6zlIAALzdA5dA/fsgYg/J
-qaQriYKaPUkyHL7EB3BXhV2d1h/gk+qJLvXQuU2WEJ/XSs3GrsBRiiZwvPH4o+7b
-mleAxjy5wpS523vqrrBR2YZ5FwIku7WS4litSdn4AtVam/TlLdMNIf41CtFeZKBe
-c5R5VNdQy8y7qy8AAADNEUN1cnZlNDQ4IE9wdGlvbiA4wsBHBBMWCgCGBYJhXZSZ
-BYkFpI+9AwsJBwkQppmYlfq6zlJHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2Vx
-dW9pYS1wZ3Aub3JnD55UsYMzE6OACP+mgw5zvT+BBgol8/uFQjHg4krjUCMDFQoI
-ApkBApsBAh4BFiEEwdtl1YDXuSJyVEseppmYlfq6zlIAAPQJA5dA0Xqwzn/0uwCq
-RlsOVCB3f5NOj1exKnlBvRw0xT1VBee1yxvlUt5eIAoCxWoRlWBJob3TTkhm9AEA
-8dyhwPmyGfWHzPw5NFG3xsXrZdNXNvit9WMVAPcmsyR7teXuDlJItxRAdJJc/qfJ
-YVbBFoaNrhYAAADHhQRhXZSZFgMrZXEBz0BL7THZ9MnCLfSPJ1FMLim9eGkQ3Bfn
-M3he5rOwO3t14QI1LjI96OjkeJipMgcFAmEP1Bq/ZHGO7oAAAc9AFnE8iNBaT3OU
-EFtxkmWHXtdaYMmGGRdopw9JPXr/UxuunDln5o9dxPxf7q7z26zXrZen+qed/Isa
-HsDCwSwEGBYKAWsFgmFdlJkFiQWkj70JEKaZmJX6us5SRxQAAAAAAB4AIHNhbHRA
-bm90YXRpb25zLnNlcXVvaWEtcGdwLm9yZxREUizdTcepBzgSMOv2VWQCWbl++3CZ
-EbgAWDryvSsyApsCwDGgBBkWCgBvBYJhXZSZCRBKo3SL4S5djkcUAAAAAAAeACBz
-YWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmemoGTDjmNQiIzw6HOEddvS0OB7
-UZ/P07jM/EVmnYxTlBYhBAxsnkGpx1UCiH6gUUqjdIvhLl2OAAALYQOXQAMB1oKq
-OWxSFmvmgCKNcbAAyA3piF5ERIqs4z07oJvqDYrOWt75UsEIH/04gU/vHc4EmfG2
-JDLJgOLlyTUPkL/08f0ydGZPofFQBhn8HkuFFjnNtJ5oz3GIP4cdWMQFaUw0uvjb
-PM9Tm3ptENGd6Ts1AAAAFiEEwdtl1YDXuSJyVEseppmYlfq6zlIAAGpTA5dATR6i
-U2GrpUcQgpG+JqfAsGmF4yAOhgFxc1UfidFk3nTup3fLgjipkYY170WLRNbyKkVO
-Sodx93GAs58rizO1acDAWiLq3cyEPBFXbyFThbcNPcLl+/77Uk/mgkYrPQFAQWdK
-1kSRm4SizDBK37K8ChAAAADHhwRhXZSZEgMrZW8Bx0DMhzvhQo+OsXeqQ6QVw4sF
-CaexHh6rLohh7TzL3hQSjoJ27fV6JBkIWdn0LfrMlJIDbSv2SLdlgQMBCgkAAcdA
-MO7Dc1myF6Co1fAH+EuP+OxhxP/7V6ljuSCZENDfA49tQkzTta+PniG+pOVB2LHb
-huyaKBkqiaogo8LAOQQYFgoAeAWCYV2UmQWJBaSPvQkQppmYlfq6zlJHFAAAAAAA
-HgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnEjBMQAmc/2u45u5FQGmB
-QAytjSG2LM3JQN+PPVl5vEkCmwwWIQTB22XVgNe5InJUSx6mmZiV+rrOUgAASdYD
-l0DXEHQ9ykNP2rZP35ET1dmiFagFtTj/hLQcWlg16LqvJNGqOgYXuqTerbiOOt02
-XLCBln+wdewpU4ChEffMUDRBfqfQco/YsMqWV7bHJHAO0eC/DMKCjyU90xdH7R/d
-QgqsfguR1PqPuJxpXV4bSr6CGAAAAA==
-=MSvh
------END PGP PRIVATE KEY BLOCK-----`
-
-const keyWithNotation = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-
-xVgEY9gIshYJKwYBBAHaRw8BAQdAF25fSM8OpFlXZhop4Qpqo5ywGZ4jgWlR
-ppjhIKDthREAAQC+LFpzFcMJYcjxGKzBGHN0Px2jU4d04YSRnFAik+lVVQ6u
-zRdUZXN0IDx0ZXN0QGV4YW1wbGUuY29tPsLACgQQFgoAfAUCY9gIsgQLCQcI
-CRD/utJOCym8pR0UgAAAAAAQAAR0ZXh0QGV4YW1wbGUuY29tdGVzdB8UAAAA
-AAASAARiaW5hcnlAZXhhbXBsZS5jb20AAQIDAxUICgQWAAIBAhkBAhsDAh4B
-FiEEEMCQTUVGKgCX5rDQ/7rSTgspvKUAAPl5AP9Npz90LxzrB97Qr2DrGwfG
-wuYn4FSYwtuPfZHHeoIabwD/QEbvpQJ/NBb9EAZuow4Rirlt1yv19mmnF+j5
-8yUzhQjHXQRj2AiyEgorBgEEAZdVAQUBAQdARXAo30DmKcyUg6co7OUm0RNT
-z9iqFbDBzA8A47JEt1MDAQgHAAD/XKK3lBm0SqMR558HLWdBrNG6NqKuqb5X
-joCML987ZNgRD8J4BBgWCAAqBQJj2AiyCRD/utJOCym8pQIbDBYhBBDAkE1F
-RioAl+aw0P+60k4LKbylAADRxgEAg7UfBDiDPp5LHcW9D+SgFHk6+GyEU4ev
-VppQxdtxPvAA/34snHBX7Twnip1nMt7P4e2hDiw/hwQ7oqioOvc6jMkP
-=Z8YJ
------END PGP PRIVATE KEY BLOCK-----
-`
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_config.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_config.go
deleted file mode 100644
index fec41a0e73..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_config.go
+++ /dev/null
@@ -1,67 +0,0 @@
-// Copyright (C) 2019 ProtonTech AG
-
-package packet
-
-import "math/bits"
-
-// CipherSuite contains a combination of Cipher and Mode
-type CipherSuite struct {
-	// The cipher function
-	Cipher CipherFunction
-	// The AEAD mode of operation.
-	Mode AEADMode
-}
-
-// AEADConfig collects a number of AEAD parameters along with sensible defaults.
-// A nil AEADConfig is valid and results in all default values.
-type AEADConfig struct {
-	// The AEAD mode of operation.
-	DefaultMode AEADMode
-	// Amount of octets in each chunk of data
-	ChunkSize uint64
-}
-
-// Mode returns the AEAD mode of operation.
-func (conf *AEADConfig) Mode() AEADMode {
-	// If no preference is specified, OCB is used (which is mandatory to implement).
-	if conf == nil || conf.DefaultMode == 0 {
-		return AEADModeOCB
-	}
-
-	mode := conf.DefaultMode
-	if mode != AEADModeEAX && mode != AEADModeOCB && mode != AEADModeGCM {
-		panic("AEAD mode unsupported")
-	}
-	return mode
-}
-
-// ChunkSizeByte returns the byte indicating the chunk size. The effective
-// chunk size is computed with the formula uint64(1) << (chunkSizeByte + 6)
-// limit to 16 = 4 MiB
-// https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-5.13.2
-func (conf *AEADConfig) ChunkSizeByte() byte {
-	if conf == nil || conf.ChunkSize == 0 {
-		return 12 // 1 << (12 + 6) == 262144 bytes
-	}
-
-	chunkSize := conf.ChunkSize
-	exponent := bits.Len64(chunkSize) - 1
-	switch {
-	case exponent < 6:
-		exponent = 6
-	case exponent > 16:
-		exponent = 16
-	}
-
-	return byte(exponent - 6)
-}
-
-// decodeAEADChunkSize returns the effective chunk size. In 32-bit systems, the
-// maximum returned value is 1 << 30.
-func decodeAEADChunkSize(c byte) int {
-	size := uint64(1 << (c + 6))
-	if size != uint64(int(size)) {
-		return 1 << 30
-	}
-	return int(size)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_crypter.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_crypter.go
deleted file mode 100644
index 5e46046563..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_crypter.go
+++ /dev/null
@@ -1,250 +0,0 @@
-// Copyright (C) 2019 ProtonTech AG
-
-package packet
-
-import (
-	"crypto/cipher"
-	"encoding/binary"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-// aeadCrypter is an AEAD opener/sealer, its configuration, and data for en/decryption.
-type aeadCrypter struct {
-	aead           cipher.AEAD
-	chunkSize      int
-	nonce          []byte
-	associatedData []byte       // Chunk-independent associated data
-	chunkIndex     []byte       // Chunk counter
-	packetTag      packetType   // SEIP packet (v2) or AEAD Encrypted Data packet
-	bytesProcessed int          // Amount of plaintext bytes encrypted/decrypted
-}
-
-// computeNonce takes the incremental index and computes an eXclusive OR with
-// the least significant 8 bytes of the receivers' initial nonce (see sec.
-// 5.16.1 and 5.16.2). It returns the resulting nonce.
-func (wo *aeadCrypter) computeNextNonce() (nonce []byte) {
-	if wo.packetTag == packetTypeSymmetricallyEncryptedIntegrityProtected {
-		return wo.nonce
-	}
-
-	nonce = make([]byte, len(wo.nonce))
-	copy(nonce, wo.nonce)
-	offset := len(wo.nonce) - 8
-	for i := 0; i < 8; i++ {
-		nonce[i+offset] ^= wo.chunkIndex[i]
-	}
-	return
-}
-
-// incrementIndex performs an integer increment by 1 of the integer represented by the
-// slice, modifying it accordingly.
-func (wo *aeadCrypter) incrementIndex() error {
-	index := wo.chunkIndex
-	if len(index) == 0 {
-		return errors.AEADError("Index has length 0")
-	}
-	for i := len(index) - 1; i >= 0; i-- {
-		if index[i] < 255 {
-			index[i]++
-			return nil
-		}
-		index[i] = 0
-	}
-	return errors.AEADError("cannot further increment index")
-}
-
-// aeadDecrypter reads and decrypts bytes. It buffers extra decrypted bytes when
-// necessary, similar to aeadEncrypter.
-type aeadDecrypter struct {
-	aeadCrypter           // Embedded ciphertext opener
-	reader      io.Reader // 'reader' is a partialLengthReader
-	chunkBytes  []byte
-	peekedBytes []byte    // Used to detect last chunk
-	buffer      []byte    // Buffered decrypted bytes
-}
-
-// Read decrypts bytes and reads them into dst. It decrypts when necessary and
-// buffers extra decrypted bytes. It returns the number of bytes copied into dst
-// and an error.
-func (ar *aeadDecrypter) Read(dst []byte) (n int, err error) {
-	// Return buffered plaintext bytes from previous calls
-	if len(ar.buffer) > 0 {
-		n = copy(dst, ar.buffer)
-		ar.buffer = ar.buffer[n:]
-		return
-	}
-
-	// Read a chunk
-	tagLen := ar.aead.Overhead()
-	copy(ar.chunkBytes, ar.peekedBytes) // Copy bytes peeked in previous chunk or in initialization
-	bytesRead, errRead := io.ReadFull(ar.reader, ar.chunkBytes[tagLen:])
-	if errRead != nil && errRead != io.EOF && errRead != io.ErrUnexpectedEOF {
-		return 0, errRead
-	}
-
-	if bytesRead > 0 {
-		ar.peekedBytes = ar.chunkBytes[bytesRead:bytesRead+tagLen]
-
-		decrypted, errChunk := ar.openChunk(ar.chunkBytes[:bytesRead])
-		if errChunk != nil {
-			return 0, errChunk
-		}
-
-		// Return decrypted bytes, buffering if necessary
-		n = copy(dst, decrypted)
-		ar.buffer = decrypted[n:]
-		return
-	}
-
-	return 0, io.EOF
-}
-
-// Close checks the final authentication tag of the stream.
-// In the future, this function could also be used to wipe the reader
-// and peeked & decrypted bytes, if necessary.
-func (ar *aeadDecrypter) Close() (err error) {
-	errChunk := ar.validateFinalTag(ar.peekedBytes)
-	if errChunk != nil {
-		return errChunk
-	}
-	return nil
-}
-
-// openChunk decrypts and checks integrity of an encrypted chunk, returning
-// the underlying plaintext and an error. It accesses peeked bytes from next
-// chunk, to identify the last chunk and decrypt/validate accordingly.
-func (ar *aeadDecrypter) openChunk(data []byte) ([]byte, error) {
-	adata := ar.associatedData
-	if ar.aeadCrypter.packetTag == packetTypeAEADEncrypted {
-		adata = append(ar.associatedData, ar.chunkIndex...)
-	}
-
-	nonce := ar.computeNextNonce()
-	plainChunk, err := ar.aead.Open(data[:0:len(data)], nonce, data, adata)
-	if err != nil {
-		return nil, errors.ErrAEADTagVerification
-	}
-	ar.bytesProcessed += len(plainChunk)
-	if err = ar.aeadCrypter.incrementIndex(); err != nil {
-		return nil, err
-	}
-	return plainChunk, nil
-}
-
-// Checks the summary tag. It takes into account the total decrypted bytes into
-// the associated data. It returns an error, or nil if the tag is valid.
-func (ar *aeadDecrypter) validateFinalTag(tag []byte) error {
-	// Associated: tag, version, cipher, aead, chunk size, ...
-	amountBytes := make([]byte, 8)
-	binary.BigEndian.PutUint64(amountBytes, uint64(ar.bytesProcessed))
-
-	adata := ar.associatedData
-	if ar.aeadCrypter.packetTag == packetTypeAEADEncrypted {
-		// ... index ...
-		adata = append(ar.associatedData, ar.chunkIndex...)
-	}
-
-	// ... and total number of encrypted octets
-	adata = append(adata, amountBytes...)
-	nonce := ar.computeNextNonce()
-	if _, err := ar.aead.Open(nil, nonce, tag, adata); err != nil {
-		return errors.ErrAEADTagVerification
-	}
-	return nil
-}
-
-// aeadEncrypter encrypts and writes bytes. It encrypts when necessary according
-// to the AEAD block size, and buffers the extra encrypted bytes for next write.
-type aeadEncrypter struct {
-	aeadCrypter                // Embedded plaintext sealer
-	writer      io.WriteCloser // 'writer' is a partialLengthWriter
-	chunkBytes  []byte
-	offset      int
-}
-
-// Write encrypts and writes bytes. It encrypts when necessary and buffers extra
-// plaintext bytes for next call. When the stream is finished, Close() MUST be
-// called to append the final tag.
-func (aw *aeadEncrypter) Write(plaintextBytes []byte) (n int, err error) {
-	for n != len(plaintextBytes) {
-		copied := copy(aw.chunkBytes[aw.offset:aw.chunkSize], plaintextBytes[n:])
-		n += copied
-		aw.offset += copied
-
-		if aw.offset == aw.chunkSize {
-			encryptedChunk, err := aw.sealChunk(aw.chunkBytes[:aw.offset])
-			if err != nil {
-				return n, err
-			}
-			_, err = aw.writer.Write(encryptedChunk)
-			if err != nil {
-				return n, err
-			}
-			aw.offset = 0
-		}
-	}
-	return
-}
-
-// Close encrypts and writes the remaining buffered plaintext if any, appends
-// the final authentication tag, and closes the embedded writer. This function
-// MUST be called at the end of a stream.
-func (aw *aeadEncrypter) Close() (err error) {
-	// Encrypt and write a chunk if there's buffered data left, or if we haven't
-	// written any chunks yet.
-	if aw.offset > 0 || aw.bytesProcessed == 0 {
-		lastEncryptedChunk, err := aw.sealChunk(aw.chunkBytes[:aw.offset])
-		if err != nil {
-			return err
-		}
-		_, err = aw.writer.Write(lastEncryptedChunk)
-		if err != nil {
-			return err
-		}
-	}
-	// Compute final tag (associated data: packet tag, version, cipher, aead,
-	// chunk size...
-	adata := aw.associatedData
-
-	if aw.aeadCrypter.packetTag == packetTypeAEADEncrypted {
-		// ... index ...
-		adata = append(aw.associatedData, aw.chunkIndex...)
-	}
-
-	// ... and total number of encrypted octets
-	amountBytes := make([]byte, 8)
-	binary.BigEndian.PutUint64(amountBytes, uint64(aw.bytesProcessed))
-	adata = append(adata, amountBytes...)
-
-	nonce := aw.computeNextNonce()
-	finalTag := aw.aead.Seal(nil, nonce, nil, adata)
-	_, err = aw.writer.Write(finalTag)
-	if err != nil {
-		return err
-	}
-	return aw.writer.Close()
-}
-
-// sealChunk Encrypts and authenticates the given chunk.
-func (aw *aeadEncrypter) sealChunk(data []byte) ([]byte, error) {
-	if len(data) > aw.chunkSize {
-		return nil, errors.AEADError("chunk exceeds maximum length")
-	}
-	if aw.associatedData == nil {
-		return nil, errors.AEADError("can't seal without headers")
-	}
-	adata := aw.associatedData
-	if aw.aeadCrypter.packetTag == packetTypeAEADEncrypted {
-		adata = append(aw.associatedData, aw.chunkIndex...)
-	}
-
-	nonce := aw.computeNextNonce()
-	encrypted := aw.aead.Seal(data[:0], nonce, data, adata)
-	aw.bytesProcessed += len(data)
-	if err := aw.aeadCrypter.incrementIndex(); err != nil {
-		return nil, err
-	}
-	return encrypted, nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_encrypted.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_encrypted.go
deleted file mode 100644
index 583765d87c..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_encrypted.go
+++ /dev/null
@@ -1,100 +0,0 @@
-// Copyright (C) 2019 ProtonTech AG
-
-package packet
-
-import (
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-)
-
-// AEADEncrypted represents an AEAD Encrypted Packet.
-// See https://www.ietf.org/archive/id/draft-koch-openpgp-2015-rfc4880bis-00.html#name-aead-encrypted-data-packet-t
-type AEADEncrypted struct {
-	cipher        CipherFunction
-	mode          AEADMode
-	chunkSizeByte byte
-	Contents      io.Reader // Encrypted chunks and tags
-	initialNonce  []byte    // Referred to as IV in RFC4880-bis
-}
-
-// Only currently defined version
-const aeadEncryptedVersion = 1
-
-func (ae *AEADEncrypted) parse(buf io.Reader) error {
-	headerData := make([]byte, 4)
-	if n, err := io.ReadFull(buf, headerData); n < 4 {
-		return errors.AEADError("could not read aead header:" + err.Error())
-	}
-	// Read initial nonce
-	mode := AEADMode(headerData[2])
-	nonceLen := mode.IvLength()
-
-	// This packet supports only EAX and OCB
-	// https://www.ietf.org/archive/id/draft-koch-openpgp-2015-rfc4880bis-00.html#name-aead-encrypted-data-packet-t
-	if nonceLen == 0 || mode > AEADModeOCB {
-		return errors.AEADError("unknown mode")
-	}
-
-	initialNonce := make([]byte, nonceLen)
-	if n, err := io.ReadFull(buf, initialNonce); n < nonceLen {
-		return errors.AEADError("could not read aead nonce:" + err.Error())
-	}
-	ae.Contents = buf
-	ae.initialNonce = initialNonce
-	c := headerData[1]
-	if _, ok := algorithm.CipherById[c]; !ok {
-		return errors.UnsupportedError("unknown cipher: " + string(c))
-	}
-	ae.cipher = CipherFunction(c)
-	ae.mode = mode
-	ae.chunkSizeByte = headerData[3]
-	return nil
-}
-
-// Decrypt returns a io.ReadCloser from which decrypted bytes can be read, or
-// an error.
-func (ae *AEADEncrypted) Decrypt(ciph CipherFunction, key []byte) (io.ReadCloser, error) {
-	return ae.decrypt(key)
-}
-
-// decrypt prepares an aeadCrypter and returns a ReadCloser from which
-// decrypted bytes can be read (see aeadDecrypter.Read()).
-func (ae *AEADEncrypted) decrypt(key []byte) (io.ReadCloser, error) {
-	blockCipher := ae.cipher.new(key)
-	aead := ae.mode.new(blockCipher)
-	// Carry the first tagLen bytes
-	chunkSize := decodeAEADChunkSize(ae.chunkSizeByte)
-	tagLen := ae.mode.TagLength()
-	chunkBytes := make([]byte, chunkSize+tagLen*2)
-	peekedBytes := chunkBytes[chunkSize+tagLen:]
-	n, err := io.ReadFull(ae.Contents, peekedBytes)
-	if n < tagLen || (err != nil && err != io.EOF) {
-		return nil, errors.AEADError("Not enough data to decrypt:" + err.Error())
-	}
-
-	return &aeadDecrypter{
-		aeadCrypter: aeadCrypter{
-			aead:           aead,
-			chunkSize:      chunkSize,
-			nonce:          ae.initialNonce,
-			associatedData: ae.associatedData(),
-			chunkIndex:     make([]byte, 8),
-			packetTag:      packetTypeAEADEncrypted,
-		},
-		reader:      ae.Contents,
-		chunkBytes:  chunkBytes,
-		peekedBytes: peekedBytes,
-	}, nil
-}
-
-// associatedData for chunks: tag, version, cipher, mode, chunk size byte
-func (ae *AEADEncrypted) associatedData() []byte {
-	return []byte{
-		0xD4,
-		aeadEncryptedVersion,
-		byte(ae.cipher),
-		byte(ae.mode),
-		ae.chunkSizeByte}
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/compressed.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/compressed.go
deleted file mode 100644
index 0bcb38caca..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/compressed.go
+++ /dev/null
@@ -1,161 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"compress/bzip2"
-	"compress/flate"
-	"compress/zlib"
-	"io"
-	"strconv"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-// Compressed represents a compressed OpenPGP packet. The decompressed contents
-// will contain more OpenPGP packets. See RFC 4880, section 5.6.
-type Compressed struct {
-	Body io.Reader
-}
-
-const (
-	NoCompression      = flate.NoCompression
-	BestSpeed          = flate.BestSpeed
-	BestCompression    = flate.BestCompression
-	DefaultCompression = flate.DefaultCompression
-)
-
-// CompressionConfig contains compressor configuration settings.
-type CompressionConfig struct {
-	// Level is the compression level to use. It must be set to
-	// between -1 and 9, with -1 causing the compressor to use the
-	// default compression level, 0 causing the compressor to use
-	// no compression and 1 to 9 representing increasing (better,
-	// slower) compression levels. If Level is less than -1 or
-	// more then 9, a non-nil error will be returned during
-	// encryption. See the constants above for convenient common
-	// settings for Level.
-	Level int
-}
-
-// decompressionReader ensures that the whole compression packet is read.
-type decompressionReader struct {
-	compressed   io.Reader
-	decompressed io.ReadCloser
-	readAll      bool
-}
-
-func newDecompressionReader(r io.Reader, decompressor io.ReadCloser) *decompressionReader {
-	return &decompressionReader{
-		compressed:   r,
-		decompressed: decompressor,
-	}
-}
-
-func (dr *decompressionReader) Read(data []byte) (n int, err error) {
-	if dr.readAll {
-		return 0, io.EOF
-	}
-	n, err = dr.decompressed.Read(data)
-	if err == io.EOF {
-		dr.readAll = true
-		// Close the decompressor.
-		if errDec := dr.decompressed.Close(); errDec != nil {
-			return n, errDec
-		}
-		// Consume all remaining data from the compressed packet.
-		consumeAll(dr.compressed)
-	}
-	return n, err
-}
-
-func (c *Compressed) parse(r io.Reader) error {
-	var buf [1]byte
-	_, err := readFull(r, buf[:])
-	if err != nil {
-		return err
-	}
-
-	switch buf[0] {
-	case 0:
-		c.Body = r
-	case 1:
-		c.Body = newDecompressionReader(r, flate.NewReader(r))
-	case 2:
-		decompressor, err := zlib.NewReader(r)
-		if err != nil {
-			return err
-		}
-		c.Body = newDecompressionReader(r, decompressor)
-	case 3:
-		c.Body = newDecompressionReader(r, io.NopCloser(bzip2.NewReader(r)))
-	default:
-		err = errors.UnsupportedError("unknown compression algorithm: " + strconv.Itoa(int(buf[0])))
-	}
-
-	return err
-}
-
-// compressedWriterCloser represents the serialized compression stream
-// header and the compressor. Its Close() method ensures that both the
-// compressor and serialized stream header are closed. Its Write()
-// method writes to the compressor.
-type compressedWriteCloser struct {
-	sh io.Closer      // Stream Header
-	c  io.WriteCloser // Compressor
-}
-
-func (cwc compressedWriteCloser) Write(p []byte) (int, error) {
-	return cwc.c.Write(p)
-}
-
-func (cwc compressedWriteCloser) Close() (err error) {
-	err = cwc.c.Close()
-	if err != nil {
-		return err
-	}
-
-	return cwc.sh.Close()
-}
-
-// SerializeCompressed serializes a compressed data packet to w and
-// returns a WriteCloser to which the literal data packets themselves
-// can be written and which MUST be closed on completion. If cc is
-// nil, sensible defaults will be used to configure the compression
-// algorithm.
-func SerializeCompressed(w io.WriteCloser, algo CompressionAlgo, cc *CompressionConfig) (literaldata io.WriteCloser, err error) {
-	compressed, err := serializeStreamHeader(w, packetTypeCompressed)
-	if err != nil {
-		return
-	}
-
-	_, err = compressed.Write([]byte{uint8(algo)})
-	if err != nil {
-		return
-	}
-
-	level := DefaultCompression
-	if cc != nil {
-		level = cc.Level
-	}
-
-	var compressor io.WriteCloser
-	switch algo {
-	case CompressionZIP:
-		compressor, err = flate.NewWriter(compressed, level)
-	case CompressionZLIB:
-		compressor, err = zlib.NewWriterLevel(compressed, level)
-	default:
-		s := strconv.Itoa(int(algo))
-		err = errors.UnsupportedError("Unsupported compression algorithm: " + s)
-	}
-	if err != nil {
-		return
-	}
-
-	literaldata = compressedWriteCloser{compressed, compressor}
-
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/config.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/config.go
deleted file mode 100644
index 8bf8e6e51f..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/config.go
+++ /dev/null
@@ -1,410 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"crypto"
-	"crypto/rand"
-	"io"
-	"math/big"
-	"time"
-
-	"github.com/ProtonMail/go-crypto/openpgp/s2k"
-)
-
-var (
-	defaultRejectPublicKeyAlgorithms = map[PublicKeyAlgorithm]bool{
-		PubKeyAlgoElGamal: true,
-		PubKeyAlgoDSA:     true,
-	}
-	defaultRejectHashAlgorithms = map[crypto.Hash]bool{
-		crypto.MD5:       true,
-		crypto.RIPEMD160: true,
-	}
-	defaultRejectMessageHashAlgorithms = map[crypto.Hash]bool{
-		crypto.SHA1:      true,
-		crypto.MD5:       true,
-		crypto.RIPEMD160: true,
-	}
-	defaultRejectCurves = map[Curve]bool{
-		CurveSecP256k1: true,
-	}
-)
-
-// A global feature flag to indicate v5 support.
-// Can be set via a build tag, e.g.: `go build -tags v5 ./...`
-// If the build tag is missing config_v5.go will set it to true.
-//
-// Disables parsing of v5 keys and v5 signatures.
-// These are non-standard entities, which in the crypto-refresh have been superseded
-// by v6 keys, v6 signatures and SEIPDv2 encrypted data, respectively.
-var V5Disabled = false
-
-// Config collects a number of parameters along with sensible defaults.
-// A nil *Config is valid and results in all default values.
-type Config struct {
-	// Rand provides the source of entropy.
-	// If nil, the crypto/rand Reader is used.
-	Rand io.Reader
-	// DefaultHash is the default hash function to be used.
-	// If zero, SHA-256 is used.
-	DefaultHash crypto.Hash
-	// DefaultCipher is the cipher to be used.
-	// If zero, AES-128 is used.
-	DefaultCipher CipherFunction
-	// Time returns the current time as the number of seconds since the
-	// epoch. If Time is nil, time.Now is used.
-	Time func() time.Time
-	// DefaultCompressionAlgo is the compression algorithm to be
-	// applied to the plaintext before encryption. If zero, no
-	// compression is done.
-	DefaultCompressionAlgo CompressionAlgo
-	// CompressionConfig configures the compression settings.
-	CompressionConfig *CompressionConfig
-	// S2K (String to Key) config, used for key derivation in the context of secret key encryption
-	// and password-encrypted data.
-	// If nil, the default configuration is used
-	S2KConfig *s2k.Config
-	// Iteration count for Iterated S2K (String to Key).
-	// Only used if sk2.Mode is nil.
-	// This value is duplicated here from s2k.Config for backwards compatibility.
-	// It determines the strength of the passphrase stretching when
-	// the said passphrase is hashed to produce a key. S2KCount
-	// should be between 65536 and 65011712, inclusive. If Config
-	// is nil or S2KCount is 0, the value 16777216 used. Not all
-	// values in the above range can be represented. S2KCount will
-	// be rounded up to the next representable value if it cannot
-	// be encoded exactly. When set, it is strongly encrouraged to
-	// use a value that is at least 65536. See RFC 4880 Section
-	// 3.7.1.3.
-	//
-	// Deprecated: SK2Count should be configured in S2KConfig instead.
-	S2KCount int
-	// RSABits is the number of bits in new RSA keys made with NewEntity.
-	// If zero, then 2048 bit keys are created.
-	RSABits int
-	// The public key algorithm to use - will always create a signing primary
-	// key and encryption subkey.
-	Algorithm PublicKeyAlgorithm
-	// Some known primes that are optionally prepopulated by the caller
-	RSAPrimes []*big.Int
-	// Curve configures the desired packet.Curve if the Algorithm is PubKeyAlgoECDSA,
-	// PubKeyAlgoEdDSA, or PubKeyAlgoECDH. If empty Curve25519 is used.
-	Curve Curve
-	// AEADConfig configures the use of the new AEAD Encrypted Data Packet,
-	// defined in the draft of the next version of the OpenPGP specification.
-	// If a non-nil AEADConfig is passed, usage of this packet is enabled. By
-	// default, it is disabled. See the documentation of AEADConfig for more
-	// configuration options related to AEAD.
-	// **Note: using this option may break compatibility with other OpenPGP
-	// implementations, as well as future versions of this library.**
-	AEADConfig *AEADConfig
-	// V6Keys configures version 6 key generation. If false, this package still
-	// supports version 6 keys, but produces version 4 keys.
-	V6Keys bool
-	// Minimum RSA key size allowed for key generation and message signing, verification and encryption.
-	MinRSABits uint16
-	// Reject insecure algorithms, only works with v2 api
-	RejectPublicKeyAlgorithms   map[PublicKeyAlgorithm]bool
-	RejectHashAlgorithms        map[crypto.Hash]bool
-	RejectMessageHashAlgorithms map[crypto.Hash]bool
-	RejectCurves                map[Curve]bool
-	// "The validity period of the key.  This is the number of seconds after
-	// the key creation time that the key expires.  If this is not present
-	// or has a value of zero, the key never expires.  This is found only on
-	// a self-signature.""
-	// https://tools.ietf.org/html/rfc4880#section-5.2.3.6
-	KeyLifetimeSecs uint32
-	// "The validity period of the signature.  This is the number of seconds
-	// after the signature creation time that the signature expires.  If
-	// this is not present or has a value of zero, it never expires."
-	// https://tools.ietf.org/html/rfc4880#section-5.2.3.10
-	SigLifetimeSecs uint32
-	// SigningKeyId is used to specify the signing key to use (by Key ID).
-	// By default, the signing key is selected automatically, preferring
-	// signing subkeys if available.
-	SigningKeyId uint64
-	// SigningIdentity is used to specify a user ID (packet Signer's User ID, type 28)
-	// when producing a generic certification signature onto an existing user ID.
-	// The identity must be present in the signer Entity.
-	SigningIdentity string
-	// InsecureAllowUnauthenticatedMessages controls, whether it is tolerated to read
-	// encrypted messages without Modification Detection Code (MDC).
-	// MDC is mandated by the IETF OpenPGP Crypto Refresh draft and has long been implemented
-	// in most OpenPGP implementations. Messages without MDC are considered unnecessarily
-	// insecure and should be prevented whenever possible.
-	// In case one needs to deal with messages from very old OpenPGP implementations, there
-	// might be no other way than to tolerate the missing MDC. Setting this flag, allows this
-	// mode of operation. It should be considered a measure of last resort.
-	InsecureAllowUnauthenticatedMessages bool
-	// InsecureAllowDecryptionWithSigningKeys allows decryption with keys marked as signing keys in the v2 API.
-	// This setting is potentially insecure, but it is needed as some libraries
-	// ignored key flags when selecting a key for encryption.
-	// Not relevant for the v1 API, as all keys were allowed in decryption.
-	InsecureAllowDecryptionWithSigningKeys bool
-	// KnownNotations is a map of Notation Data names to bools, which controls
-	// the notation names that are allowed to be present in critical Notation Data
-	// signature subpackets.
-	KnownNotations map[string]bool
-	// SignatureNotations is a list of Notations to be added to any signatures.
-	SignatureNotations []*Notation
-	// CheckIntendedRecipients controls, whether the OpenPGP Intended Recipient Fingerprint feature
-	// should be enabled for encryption and decryption.
-	// (See https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-intended-recipient-fingerpr).
-	// When the flag is set, encryption produces Intended Recipient Fingerprint signature sub-packets and decryption
-	// checks whether the key it was encrypted to is one of the included fingerprints in the signature.
-	// If the flag is disabled, no Intended Recipient Fingerprint sub-packets are created or checked.
-	// The default behavior, when the config or flag is nil, is to enable the feature.
-	CheckIntendedRecipients *bool
-	// CacheSessionKey controls if decryption should return the session key used for decryption.
-	// If the flag is set, the session key is cached in the message details struct.
-	CacheSessionKey bool
-	// CheckPacketSequence is a flag that controls if the pgp message reader should strictly check
-	// that the packet sequence conforms with the grammar mandated by rfc4880.
-	// The default behavior, when the config or flag is nil, is to check the packet sequence.
-	CheckPacketSequence *bool
-	// NonDeterministicSignaturesViaNotation is a flag to enable randomization of signatures.
-	// If true, a salt notation is used to randomize signatures generated by v4 and v5 keys
-	// (v6 signatures are always non-deterministic, by design).
-	// This protects EdDSA signatures from potentially leaking the secret key in case of faults (i.e. bitflips) which, in principle, could occur
-	// during the signing computation. It is added to signatures of any algo for simplicity, and as it may also serve as protection in case of
-	// weaknesses in the hash algo, potentially hindering e.g. some chosen-prefix attacks.
-	// The default behavior, when the config or flag is nil, is to enable the feature.
-	NonDeterministicSignaturesViaNotation *bool
-}
-
-func (c *Config) Random() io.Reader {
-	if c == nil || c.Rand == nil {
-		return rand.Reader
-	}
-	return c.Rand
-}
-
-func (c *Config) Hash() crypto.Hash {
-	if c == nil || uint(c.DefaultHash) == 0 {
-		return crypto.SHA256
-	}
-	return c.DefaultHash
-}
-
-func (c *Config) Cipher() CipherFunction {
-	if c == nil || uint8(c.DefaultCipher) == 0 {
-		return CipherAES128
-	}
-	return c.DefaultCipher
-}
-
-func (c *Config) Now() time.Time {
-	if c == nil || c.Time == nil {
-		return time.Now().Truncate(time.Second)
-	}
-	return c.Time().Truncate(time.Second)
-}
-
-// KeyLifetime returns the validity period of the key.
-func (c *Config) KeyLifetime() uint32 {
-	if c == nil {
-		return 0
-	}
-	return c.KeyLifetimeSecs
-}
-
-// SigLifetime returns the validity period of the signature.
-func (c *Config) SigLifetime() uint32 {
-	if c == nil {
-		return 0
-	}
-	return c.SigLifetimeSecs
-}
-
-func (c *Config) Compression() CompressionAlgo {
-	if c == nil {
-		return CompressionNone
-	}
-	return c.DefaultCompressionAlgo
-}
-
-func (c *Config) RSAModulusBits() int {
-	if c == nil || c.RSABits == 0 {
-		return 2048
-	}
-	return c.RSABits
-}
-
-func (c *Config) PublicKeyAlgorithm() PublicKeyAlgorithm {
-	if c == nil || c.Algorithm == 0 {
-		return PubKeyAlgoRSA
-	}
-	return c.Algorithm
-}
-
-func (c *Config) CurveName() Curve {
-	if c == nil || c.Curve == "" {
-		return Curve25519
-	}
-	return c.Curve
-}
-
-// Deprecated: The hash iterations should now be queried via the S2K() method.
-func (c *Config) PasswordHashIterations() int {
-	if c == nil || c.S2KCount == 0 {
-		return 0
-	}
-	return c.S2KCount
-}
-
-func (c *Config) S2K() *s2k.Config {
-	if c == nil {
-		return nil
-	}
-	// for backwards compatibility
-	if c.S2KCount > 0 && c.S2KConfig == nil {
-		return &s2k.Config{
-			S2KCount: c.S2KCount,
-		}
-	}
-	return c.S2KConfig
-}
-
-func (c *Config) AEAD() *AEADConfig {
-	if c == nil {
-		return nil
-	}
-	return c.AEADConfig
-}
-
-func (c *Config) SigningKey() uint64 {
-	if c == nil {
-		return 0
-	}
-	return c.SigningKeyId
-}
-
-func (c *Config) SigningUserId() string {
-	if c == nil {
-		return ""
-	}
-	return c.SigningIdentity
-}
-
-func (c *Config) AllowUnauthenticatedMessages() bool {
-	if c == nil {
-		return false
-	}
-	return c.InsecureAllowUnauthenticatedMessages
-}
-
-func (c *Config) AllowDecryptionWithSigningKeys() bool {
-	if c == nil {
-		return false
-	}
-	return c.InsecureAllowDecryptionWithSigningKeys
-}
-
-func (c *Config) KnownNotation(notationName string) bool {
-	if c == nil {
-		return false
-	}
-	return c.KnownNotations[notationName]
-}
-
-func (c *Config) Notations() []*Notation {
-	if c == nil {
-		return nil
-	}
-	return c.SignatureNotations
-}
-
-func (c *Config) V6() bool {
-	if c == nil {
-		return false
-	}
-	return c.V6Keys
-}
-
-func (c *Config) IntendedRecipients() bool {
-	if c == nil || c.CheckIntendedRecipients == nil {
-		return true
-	}
-	return *c.CheckIntendedRecipients
-}
-
-func (c *Config) RetrieveSessionKey() bool {
-	if c == nil {
-		return false
-	}
-	return c.CacheSessionKey
-}
-
-func (c *Config) MinimumRSABits() uint16 {
-	if c == nil || c.MinRSABits == 0 {
-		return 2047
-	}
-	return c.MinRSABits
-}
-
-func (c *Config) RejectPublicKeyAlgorithm(alg PublicKeyAlgorithm) bool {
-	var rejectedAlgorithms map[PublicKeyAlgorithm]bool
-	if c == nil || c.RejectPublicKeyAlgorithms == nil {
-		// Default
-		rejectedAlgorithms = defaultRejectPublicKeyAlgorithms
-	} else {
-		rejectedAlgorithms = c.RejectPublicKeyAlgorithms
-	}
-	return rejectedAlgorithms[alg]
-}
-
-func (c *Config) RejectHashAlgorithm(hash crypto.Hash) bool {
-	var rejectedAlgorithms map[crypto.Hash]bool
-	if c == nil || c.RejectHashAlgorithms == nil {
-		// Default
-		rejectedAlgorithms = defaultRejectHashAlgorithms
-	} else {
-		rejectedAlgorithms = c.RejectHashAlgorithms
-	}
-	return rejectedAlgorithms[hash]
-}
-
-func (c *Config) RejectMessageHashAlgorithm(hash crypto.Hash) bool {
-	var rejectedAlgorithms map[crypto.Hash]bool
-	if c == nil || c.RejectMessageHashAlgorithms == nil {
-		// Default
-		rejectedAlgorithms = defaultRejectMessageHashAlgorithms
-	} else {
-		rejectedAlgorithms = c.RejectMessageHashAlgorithms
-	}
-	return rejectedAlgorithms[hash]
-}
-
-func (c *Config) RejectCurve(curve Curve) bool {
-	var rejectedCurve map[Curve]bool
-	if c == nil || c.RejectCurves == nil {
-		// Default
-		rejectedCurve = defaultRejectCurves
-	} else {
-		rejectedCurve = c.RejectCurves
-	}
-	return rejectedCurve[curve]
-}
-
-func (c *Config) StrictPacketSequence() bool {
-	if c == nil || c.CheckPacketSequence == nil {
-		return true
-	}
-	return *c.CheckPacketSequence
-}
-
-func (c *Config) RandomizeSignaturesViaNotation() bool {
-	if c == nil || c.NonDeterministicSignaturesViaNotation == nil {
-		return true
-	}
-	return *c.NonDeterministicSignaturesViaNotation
-}
-
-// BoolPointer is a helper function to set a boolean pointer in the Config.
-// e.g., config.CheckPacketSequence = BoolPointer(true)
-func BoolPointer(value bool) *bool {
-	return &value
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/config_v5.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/config_v5.go
deleted file mode 100644
index f2415906b9..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/config_v5.go
+++ /dev/null
@@ -1,7 +0,0 @@
-//go:build !v5
-
-package packet
-
-func init() {
-	V5Disabled = true
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/encrypted_key.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/encrypted_key.go
deleted file mode 100644
index b90bb28911..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/encrypted_key.go
+++ /dev/null
@@ -1,584 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"bytes"
-	"crypto"
-	"crypto/rsa"
-	"encoding/binary"
-	"encoding/hex"
-	"io"
-	"math/big"
-	"strconv"
-
-	"github.com/ProtonMail/go-crypto/openpgp/ecdh"
-	"github.com/ProtonMail/go-crypto/openpgp/elgamal"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
-	"github.com/ProtonMail/go-crypto/openpgp/x25519"
-	"github.com/ProtonMail/go-crypto/openpgp/x448"
-)
-
-// EncryptedKey represents a public-key encrypted session key. See RFC 4880,
-// section 5.1.
-type EncryptedKey struct {
-	Version        int
-	KeyId          uint64
-	KeyVersion     int    // v6
-	KeyFingerprint []byte // v6
-	Algo           PublicKeyAlgorithm
-	CipherFunc     CipherFunction // only valid after a successful Decrypt for a v3 packet
-	Key            []byte         // only valid after a successful Decrypt
-
-	encryptedMPI1, encryptedMPI2 encoding.Field
-	ephemeralPublicX25519        *x25519.PublicKey // used for x25519
-	ephemeralPublicX448          *x448.PublicKey   // used for x448
-	encryptedSession             []byte            // used for x25519 and x448
-}
-
-func (e *EncryptedKey) parse(r io.Reader) (err error) {
-	var buf [8]byte
-	_, err = readFull(r, buf[:versionSize])
-	if err != nil {
-		return
-	}
-	e.Version = int(buf[0])
-	if e.Version != 3 && e.Version != 6 {
-		return errors.UnsupportedError("unknown EncryptedKey version " + strconv.Itoa(int(buf[0])))
-	}
-	if e.Version == 6 {
-		//Read a one-octet size of the following two fields.
-		if _, err = readFull(r, buf[:1]); err != nil {
-			return
-		}
-		// The size may also be zero, and the key version and
-		// fingerprint omitted for an "anonymous recipient"
-		if buf[0] != 0 {
-			// non-anonymous case
-			_, err = readFull(r, buf[:versionSize])
-			if err != nil {
-				return
-			}
-			e.KeyVersion = int(buf[0])
-			if e.KeyVersion != 4 && e.KeyVersion != 6 {
-				return errors.UnsupportedError("unknown public key version " + strconv.Itoa(e.KeyVersion))
-			}
-			var fingerprint []byte
-			if e.KeyVersion == 6 {
-				fingerprint = make([]byte, fingerprintSizeV6)
-			} else if e.KeyVersion == 4 {
-				fingerprint = make([]byte, fingerprintSize)
-			}
-			_, err = readFull(r, fingerprint)
-			if err != nil {
-				return
-			}
-			e.KeyFingerprint = fingerprint
-			if e.KeyVersion == 6 {
-				e.KeyId = binary.BigEndian.Uint64(e.KeyFingerprint[:keyIdSize])
-			} else if e.KeyVersion == 4 {
-				e.KeyId = binary.BigEndian.Uint64(e.KeyFingerprint[fingerprintSize-keyIdSize : fingerprintSize])
-			}
-		}
-	} else {
-		_, err = readFull(r, buf[:8])
-		if err != nil {
-			return
-		}
-		e.KeyId = binary.BigEndian.Uint64(buf[:keyIdSize])
-	}
-
-	_, err = readFull(r, buf[:1])
-	if err != nil {
-		return
-	}
-	e.Algo = PublicKeyAlgorithm(buf[0])
-	var cipherFunction byte
-	switch e.Algo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly:
-		e.encryptedMPI1 = new(encoding.MPI)
-		if _, err = e.encryptedMPI1.ReadFrom(r); err != nil {
-			return
-		}
-	case PubKeyAlgoElGamal:
-		e.encryptedMPI1 = new(encoding.MPI)
-		if _, err = e.encryptedMPI1.ReadFrom(r); err != nil {
-			return
-		}
-
-		e.encryptedMPI2 = new(encoding.MPI)
-		if _, err = e.encryptedMPI2.ReadFrom(r); err != nil {
-			return
-		}
-	case PubKeyAlgoECDH:
-		e.encryptedMPI1 = new(encoding.MPI)
-		if _, err = e.encryptedMPI1.ReadFrom(r); err != nil {
-			return
-		}
-
-		e.encryptedMPI2 = new(encoding.OID)
-		if _, err = e.encryptedMPI2.ReadFrom(r); err != nil {
-			return
-		}
-	case PubKeyAlgoX25519:
-		e.ephemeralPublicX25519, e.encryptedSession, cipherFunction, err = x25519.DecodeFields(r, e.Version == 6)
-		if err != nil {
-			return
-		}
-	case PubKeyAlgoX448:
-		e.ephemeralPublicX448, e.encryptedSession, cipherFunction, err = x448.DecodeFields(r, e.Version == 6)
-		if err != nil {
-			return
-		}
-	}
-	if e.Version < 6 {
-		switch e.Algo {
-		case PubKeyAlgoX25519, PubKeyAlgoX448:
-			e.CipherFunc = CipherFunction(cipherFunction)
-			// Check for validiy is in the Decrypt method
-		}
-	}
-
-	_, err = consumeAll(r)
-	return
-}
-
-// Decrypt decrypts an encrypted session key with the given private key. The
-// private key must have been decrypted first.
-// If config is nil, sensible defaults will be used.
-func (e *EncryptedKey) Decrypt(priv *PrivateKey, config *Config) error {
-	if e.Version < 6 && e.KeyId != 0 && e.KeyId != priv.KeyId {
-		return errors.InvalidArgumentError("cannot decrypt encrypted session key for key id " + strconv.FormatUint(e.KeyId, 16) + " with private key id " + strconv.FormatUint(priv.KeyId, 16))
-	}
-	if e.Version == 6 && e.KeyVersion != 0 && !bytes.Equal(e.KeyFingerprint, priv.Fingerprint) {
-		return errors.InvalidArgumentError("cannot decrypt encrypted session key for key fingerprint " + hex.EncodeToString(e.KeyFingerprint) + " with private key fingerprint " + hex.EncodeToString(priv.Fingerprint))
-	}
-	if e.Algo != priv.PubKeyAlgo {
-		return errors.InvalidArgumentError("cannot decrypt encrypted session key of type " + strconv.Itoa(int(e.Algo)) + " with private key of type " + strconv.Itoa(int(priv.PubKeyAlgo)))
-	}
-	if priv.Dummy() {
-		return errors.ErrDummyPrivateKey("dummy key found")
-	}
-
-	var err error
-	var b []byte
-
-	// TODO(agl): use session key decryption routines here to avoid
-	// padding oracle attacks.
-	switch priv.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly:
-		// Supports both *rsa.PrivateKey and crypto.Decrypter
-		k := priv.PrivateKey.(crypto.Decrypter)
-		b, err = k.Decrypt(config.Random(), padToKeySize(k.Public().(*rsa.PublicKey), e.encryptedMPI1.Bytes()), nil)
-	case PubKeyAlgoElGamal:
-		c1 := new(big.Int).SetBytes(e.encryptedMPI1.Bytes())
-		c2 := new(big.Int).SetBytes(e.encryptedMPI2.Bytes())
-		b, err = elgamal.Decrypt(priv.PrivateKey.(*elgamal.PrivateKey), c1, c2)
-	case PubKeyAlgoECDH:
-		vsG := e.encryptedMPI1.Bytes()
-		m := e.encryptedMPI2.Bytes()
-		oid := priv.PublicKey.oid.EncodedBytes()
-		fp := priv.PublicKey.Fingerprint[:]
-		if priv.PublicKey.Version == 5 {
-			// For v5 the, the fingerprint must be restricted to 20 bytes
-			fp = fp[:20]
-		}
-		b, err = ecdh.Decrypt(priv.PrivateKey.(*ecdh.PrivateKey), vsG, m, oid, fp)
-	case PubKeyAlgoX25519:
-		b, err = x25519.Decrypt(priv.PrivateKey.(*x25519.PrivateKey), e.ephemeralPublicX25519, e.encryptedSession)
-	case PubKeyAlgoX448:
-		b, err = x448.Decrypt(priv.PrivateKey.(*x448.PrivateKey), e.ephemeralPublicX448, e.encryptedSession)
-	default:
-		err = errors.InvalidArgumentError("cannot decrypt encrypted session key with private key of type " + strconv.Itoa(int(priv.PubKeyAlgo)))
-	}
-	if err != nil {
-		return err
-	}
-
-	var key []byte
-	switch priv.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoElGamal, PubKeyAlgoECDH:
-		keyOffset := 0
-		if e.Version < 6 {
-			e.CipherFunc = CipherFunction(b[0])
-			keyOffset = 1
-			if !e.CipherFunc.IsSupported() {
-				return errors.UnsupportedError("unsupported encryption function")
-			}
-		}
-		key, err = decodeChecksumKey(b[keyOffset:])
-		if err != nil {
-			return err
-		}
-	case PubKeyAlgoX25519, PubKeyAlgoX448:
-		if e.Version < 6 {
-			switch e.CipherFunc {
-			case CipherAES128, CipherAES192, CipherAES256:
-				break
-			default:
-				return errors.StructuralError("v3 PKESK mandates AES as cipher function for x25519 and x448")
-			}
-		}
-		key = b[:]
-	default:
-		return errors.UnsupportedError("unsupported algorithm for decryption")
-	}
-	e.Key = key
-	return nil
-}
-
-// Serialize writes the encrypted key packet, e, to w.
-func (e *EncryptedKey) Serialize(w io.Writer) error {
-	var encodedLength int
-	switch e.Algo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly:
-		encodedLength = int(e.encryptedMPI1.EncodedLength())
-	case PubKeyAlgoElGamal:
-		encodedLength = int(e.encryptedMPI1.EncodedLength()) + int(e.encryptedMPI2.EncodedLength())
-	case PubKeyAlgoECDH:
-		encodedLength = int(e.encryptedMPI1.EncodedLength()) + int(e.encryptedMPI2.EncodedLength())
-	case PubKeyAlgoX25519:
-		encodedLength = x25519.EncodedFieldsLength(e.encryptedSession, e.Version == 6)
-	case PubKeyAlgoX448:
-		encodedLength = x448.EncodedFieldsLength(e.encryptedSession, e.Version == 6)
-	default:
-		return errors.InvalidArgumentError("don't know how to serialize encrypted key type " + strconv.Itoa(int(e.Algo)))
-	}
-
-	packetLen := versionSize /* version */ + keyIdSize /* key id */ + algorithmSize /* algo */ + encodedLength
-	if e.Version == 6 {
-		packetLen = versionSize /* version */ + algorithmSize /* algo */ + encodedLength + keyVersionSize /* key version */
-		if e.KeyVersion == 6 {
-			packetLen += fingerprintSizeV6
-		} else if e.KeyVersion == 4 {
-			packetLen += fingerprintSize
-		}
-	}
-
-	err := serializeHeader(w, packetTypeEncryptedKey, packetLen)
-	if err != nil {
-		return err
-	}
-
-	_, err = w.Write([]byte{byte(e.Version)})
-	if err != nil {
-		return err
-	}
-	if e.Version == 6 {
-		_, err = w.Write([]byte{byte(e.KeyVersion)})
-		if err != nil {
-			return err
-		}
-		// The key version number may also be zero,
-		// and the fingerprint omitted
-		if e.KeyVersion != 0 {
-			_, err = w.Write(e.KeyFingerprint)
-			if err != nil {
-				return err
-			}
-		}
-	} else {
-		// Write KeyID
-		err = binary.Write(w, binary.BigEndian, e.KeyId)
-		if err != nil {
-			return err
-		}
-	}
-	_, err = w.Write([]byte{byte(e.Algo)})
-	if err != nil {
-		return err
-	}
-
-	switch e.Algo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly:
-		_, err := w.Write(e.encryptedMPI1.EncodedBytes())
-		return err
-	case PubKeyAlgoElGamal:
-		if _, err := w.Write(e.encryptedMPI1.EncodedBytes()); err != nil {
-			return err
-		}
-		_, err := w.Write(e.encryptedMPI2.EncodedBytes())
-		return err
-	case PubKeyAlgoECDH:
-		if _, err := w.Write(e.encryptedMPI1.EncodedBytes()); err != nil {
-			return err
-		}
-		_, err := w.Write(e.encryptedMPI2.EncodedBytes())
-		return err
-	case PubKeyAlgoX25519:
-		err := x25519.EncodeFields(w, e.ephemeralPublicX25519, e.encryptedSession, byte(e.CipherFunc), e.Version == 6)
-		return err
-	case PubKeyAlgoX448:
-		err := x448.EncodeFields(w, e.ephemeralPublicX448, e.encryptedSession, byte(e.CipherFunc), e.Version == 6)
-		return err
-	default:
-		panic("internal error")
-	}
-}
-
-// SerializeEncryptedKeyAEAD serializes an encrypted key packet to w that contains
-// key, encrypted to pub.
-// If aeadSupported is set, PKESK v6 is used, otherwise v3.
-// Note: aeadSupported MUST match the value passed to SerializeSymmetricallyEncrypted.
-// If config is nil, sensible defaults will be used.
-func SerializeEncryptedKeyAEAD(w io.Writer, pub *PublicKey, cipherFunc CipherFunction, aeadSupported bool, key []byte, config *Config) error {
-	return SerializeEncryptedKeyAEADwithHiddenOption(w, pub, cipherFunc, aeadSupported, key, false, config)
-}
-
-// SerializeEncryptedKeyAEADwithHiddenOption serializes an encrypted key packet to w that contains
-// key, encrypted to pub.
-// Offers the hidden flag option to indicated if the PKESK packet should include a wildcard KeyID.
-// If aeadSupported is set, PKESK v6 is used, otherwise v3.
-// Note: aeadSupported MUST match the value passed to SerializeSymmetricallyEncrypted.
-// If config is nil, sensible defaults will be used.
-func SerializeEncryptedKeyAEADwithHiddenOption(w io.Writer, pub *PublicKey, cipherFunc CipherFunction, aeadSupported bool, key []byte, hidden bool, config *Config) error {
-	var buf [36]byte // max possible header size is v6
-	lenHeaderWritten := versionSize
-	version := 3
-
-	if aeadSupported {
-		version = 6
-	}
-	// An implementation MUST NOT generate ElGamal v6 PKESKs.
-	if version == 6 && pub.PubKeyAlgo == PubKeyAlgoElGamal {
-		return errors.InvalidArgumentError("ElGamal v6 PKESK are not allowed")
-	}
-	// In v3 PKESKs, for x25519 and x448, mandate using AES
-	if version == 3 && (pub.PubKeyAlgo == PubKeyAlgoX25519 || pub.PubKeyAlgo == PubKeyAlgoX448) {
-		switch cipherFunc {
-		case CipherAES128, CipherAES192, CipherAES256:
-			break
-		default:
-			return errors.InvalidArgumentError("v3 PKESK mandates AES for x25519 and x448")
-		}
-	}
-
-	buf[0] = byte(version)
-
-	// If hidden is set, the key should be hidden
-	// An implementation MAY accept or use a Key ID of all zeros,
-	// or a key version of zero and no key fingerprint, to hide the intended decryption key.
-	// See Section 5.1.8. in the open pgp crypto refresh
-	if version == 6 {
-		if !hidden {
-			// A one-octet size of the following two fields.
-			buf[1] = byte(keyVersionSize + len(pub.Fingerprint))
-			// A one octet key version number.
-			buf[2] = byte(pub.Version)
-			lenHeaderWritten += keyVersionSize + 1
-			// The fingerprint of the public key
-			copy(buf[lenHeaderWritten:lenHeaderWritten+len(pub.Fingerprint)], pub.Fingerprint)
-			lenHeaderWritten += len(pub.Fingerprint)
-		} else {
-			// The size may also be zero, and the key version
-			// and fingerprint omitted for an "anonymous recipient"
-			buf[1] = 0
-			lenHeaderWritten += 1
-		}
-	} else {
-		if !hidden {
-			binary.BigEndian.PutUint64(buf[versionSize:(versionSize+keyIdSize)], pub.KeyId)
-		}
-		lenHeaderWritten += keyIdSize
-	}
-	buf[lenHeaderWritten] = byte(pub.PubKeyAlgo)
-	lenHeaderWritten += algorithmSize
-
-	var keyBlock []byte
-	switch pub.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoElGamal, PubKeyAlgoECDH:
-		lenKeyBlock := len(key) + 2
-		if version < 6 {
-			lenKeyBlock += 1 // cipher type included
-		}
-		keyBlock = make([]byte, lenKeyBlock)
-		keyOffset := 0
-		if version < 6 {
-			keyBlock[0] = byte(cipherFunc)
-			keyOffset = 1
-		}
-		encodeChecksumKey(keyBlock[keyOffset:], key)
-	case PubKeyAlgoX25519, PubKeyAlgoX448:
-		// algorithm is added in plaintext below
-		keyBlock = key
-	}
-
-	switch pub.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly:
-		return serializeEncryptedKeyRSA(w, config.Random(), buf[:lenHeaderWritten], pub.PublicKey.(*rsa.PublicKey), keyBlock)
-	case PubKeyAlgoElGamal:
-		return serializeEncryptedKeyElGamal(w, config.Random(), buf[:lenHeaderWritten], pub.PublicKey.(*elgamal.PublicKey), keyBlock)
-	case PubKeyAlgoECDH:
-		return serializeEncryptedKeyECDH(w, config.Random(), buf[:lenHeaderWritten], pub.PublicKey.(*ecdh.PublicKey), keyBlock, pub.oid, pub.Fingerprint)
-	case PubKeyAlgoX25519:
-		return serializeEncryptedKeyX25519(w, config.Random(), buf[:lenHeaderWritten], pub.PublicKey.(*x25519.PublicKey), keyBlock, byte(cipherFunc), version)
-	case PubKeyAlgoX448:
-		return serializeEncryptedKeyX448(w, config.Random(), buf[:lenHeaderWritten], pub.PublicKey.(*x448.PublicKey), keyBlock, byte(cipherFunc), version)
-	case PubKeyAlgoDSA, PubKeyAlgoRSASignOnly:
-		return errors.InvalidArgumentError("cannot encrypt to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo)))
-	}
-
-	return errors.UnsupportedError("encrypting a key to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo)))
-}
-
-// SerializeEncryptedKey serializes an encrypted key packet to w that contains
-// key, encrypted to pub.
-// PKESKv6 is used if config.AEAD() is not nil.
-// If config is nil, sensible defaults will be used.
-// Deprecated: Use SerializeEncryptedKeyAEAD instead.
-func SerializeEncryptedKey(w io.Writer, pub *PublicKey, cipherFunc CipherFunction, key []byte, config *Config) error {
-	return SerializeEncryptedKeyAEAD(w, pub, cipherFunc, config.AEAD() != nil, key, config)
-}
-
-// SerializeEncryptedKeyWithHiddenOption serializes an encrypted key packet to w that contains
-// key, encrypted to pub. PKESKv6 is used if config.AEAD() is not nil.
-// The hidden option controls if the packet should be anonymous, i.e., omit key metadata.
-// If config is nil, sensible defaults will be used.
-// Deprecated: Use SerializeEncryptedKeyAEADwithHiddenOption instead.
-func SerializeEncryptedKeyWithHiddenOption(w io.Writer, pub *PublicKey, cipherFunc CipherFunction, key []byte, hidden bool, config *Config) error {
-	return SerializeEncryptedKeyAEADwithHiddenOption(w, pub, cipherFunc, config.AEAD() != nil, key, hidden, config)
-}
-
-func serializeEncryptedKeyRSA(w io.Writer, rand io.Reader, header []byte, pub *rsa.PublicKey, keyBlock []byte) error {
-	cipherText, err := rsa.EncryptPKCS1v15(rand, pub, keyBlock)
-	if err != nil {
-		return errors.InvalidArgumentError("RSA encryption failed: " + err.Error())
-	}
-
-	cipherMPI := encoding.NewMPI(cipherText)
-	packetLen := len(header) /* header length */ + int(cipherMPI.EncodedLength())
-
-	err = serializeHeader(w, packetTypeEncryptedKey, packetLen)
-	if err != nil {
-		return err
-	}
-	_, err = w.Write(header[:])
-	if err != nil {
-		return err
-	}
-	_, err = w.Write(cipherMPI.EncodedBytes())
-	return err
-}
-
-func serializeEncryptedKeyElGamal(w io.Writer, rand io.Reader, header []byte, pub *elgamal.PublicKey, keyBlock []byte) error {
-	c1, c2, err := elgamal.Encrypt(rand, pub, keyBlock)
-	if err != nil {
-		return errors.InvalidArgumentError("ElGamal encryption failed: " + err.Error())
-	}
-
-	packetLen := len(header) /* header length */
-	packetLen += 2 /* mpi size */ + (c1.BitLen()+7)/8
-	packetLen += 2 /* mpi size */ + (c2.BitLen()+7)/8
-
-	err = serializeHeader(w, packetTypeEncryptedKey, packetLen)
-	if err != nil {
-		return err
-	}
-	_, err = w.Write(header[:])
-	if err != nil {
-		return err
-	}
-	if _, err = w.Write(new(encoding.MPI).SetBig(c1).EncodedBytes()); err != nil {
-		return err
-	}
-	_, err = w.Write(new(encoding.MPI).SetBig(c2).EncodedBytes())
-	return err
-}
-
-func serializeEncryptedKeyECDH(w io.Writer, rand io.Reader, header []byte, pub *ecdh.PublicKey, keyBlock []byte, oid encoding.Field, fingerprint []byte) error {
-	vsG, c, err := ecdh.Encrypt(rand, pub, keyBlock, oid.EncodedBytes(), fingerprint)
-	if err != nil {
-		return errors.InvalidArgumentError("ECDH encryption failed: " + err.Error())
-	}
-
-	g := encoding.NewMPI(vsG)
-	m := encoding.NewOID(c)
-
-	packetLen := len(header) /* header length */
-	packetLen += int(g.EncodedLength()) + int(m.EncodedLength())
-
-	err = serializeHeader(w, packetTypeEncryptedKey, packetLen)
-	if err != nil {
-		return err
-	}
-
-	_, err = w.Write(header[:])
-	if err != nil {
-		return err
-	}
-	if _, err = w.Write(g.EncodedBytes()); err != nil {
-		return err
-	}
-	_, err = w.Write(m.EncodedBytes())
-	return err
-}
-
-func serializeEncryptedKeyX25519(w io.Writer, rand io.Reader, header []byte, pub *x25519.PublicKey, keyBlock []byte, cipherFunc byte, version int) error {
-	ephemeralPublicX25519, ciphertext, err := x25519.Encrypt(rand, pub, keyBlock)
-	if err != nil {
-		return errors.InvalidArgumentError("x25519 encryption failed: " + err.Error())
-	}
-
-	packetLen := len(header) /* header length */
-	packetLen += x25519.EncodedFieldsLength(ciphertext, version == 6)
-
-	err = serializeHeader(w, packetTypeEncryptedKey, packetLen)
-	if err != nil {
-		return err
-	}
-
-	_, err = w.Write(header[:])
-	if err != nil {
-		return err
-	}
-	return x25519.EncodeFields(w, ephemeralPublicX25519, ciphertext, cipherFunc, version == 6)
-}
-
-func serializeEncryptedKeyX448(w io.Writer, rand io.Reader, header []byte, pub *x448.PublicKey, keyBlock []byte, cipherFunc byte, version int) error {
-	ephemeralPublicX448, ciphertext, err := x448.Encrypt(rand, pub, keyBlock)
-	if err != nil {
-		return errors.InvalidArgumentError("x448 encryption failed: " + err.Error())
-	}
-
-	packetLen := len(header) /* header length */
-	packetLen += x448.EncodedFieldsLength(ciphertext, version == 6)
-
-	err = serializeHeader(w, packetTypeEncryptedKey, packetLen)
-	if err != nil {
-		return err
-	}
-
-	_, err = w.Write(header[:])
-	if err != nil {
-		return err
-	}
-	return x448.EncodeFields(w, ephemeralPublicX448, ciphertext, cipherFunc, version == 6)
-}
-
-func checksumKeyMaterial(key []byte) uint16 {
-	var checksum uint16
-	for _, v := range key {
-		checksum += uint16(v)
-	}
-	return checksum
-}
-
-func decodeChecksumKey(msg []byte) (key []byte, err error) {
-	key = msg[:len(msg)-2]
-	expectedChecksum := uint16(msg[len(msg)-2])<<8 | uint16(msg[len(msg)-1])
-	checksum := checksumKeyMaterial(key)
-	if checksum != expectedChecksum {
-		err = errors.StructuralError("session key checksum is incorrect")
-	}
-	return
-}
-
-func encodeChecksumKey(buffer []byte, key []byte) {
-	copy(buffer, key)
-	checksum := checksumKeyMaterial(key)
-	buffer[len(key)] = byte(checksum >> 8)
-	buffer[len(key)+1] = byte(checksum)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/literal.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/literal.go
deleted file mode 100644
index 8a028c8a17..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/literal.go
+++ /dev/null
@@ -1,91 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"encoding/binary"
-	"io"
-)
-
-// LiteralData represents an encrypted file. See RFC 4880, section 5.9.
-type LiteralData struct {
-	Format   uint8
-	IsBinary bool
-	FileName string
-	Time     uint32 // Unix epoch time. Either creation time or modification time. 0 means undefined.
-	Body     io.Reader
-}
-
-// ForEyesOnly returns whether the contents of the LiteralData have been marked
-// as especially sensitive.
-func (l *LiteralData) ForEyesOnly() bool {
-	return l.FileName == "_CONSOLE"
-}
-
-func (l *LiteralData) parse(r io.Reader) (err error) {
-	var buf [256]byte
-
-	_, err = readFull(r, buf[:2])
-	if err != nil {
-		return
-	}
-
-	l.Format = buf[0]
-	l.IsBinary = l.Format == 'b'
-	fileNameLen := int(buf[1])
-
-	_, err = readFull(r, buf[:fileNameLen])
-	if err != nil {
-		return
-	}
-
-	l.FileName = string(buf[:fileNameLen])
-
-	_, err = readFull(r, buf[:4])
-	if err != nil {
-		return
-	}
-
-	l.Time = binary.BigEndian.Uint32(buf[:4])
-	l.Body = r
-	return
-}
-
-// SerializeLiteral serializes a literal data packet to w and returns a
-// WriteCloser to which the data itself can be written and which MUST be closed
-// on completion. The fileName is truncated to 255 bytes.
-func SerializeLiteral(w io.WriteCloser, isBinary bool, fileName string, time uint32) (plaintext io.WriteCloser, err error) {
-	var buf [4]byte
-	buf[0] = 'b'
-	if !isBinary {
-		buf[0] = 'u'
-	}
-	if len(fileName) > 255 {
-		fileName = fileName[:255]
-	}
-	buf[1] = byte(len(fileName))
-
-	inner, err := serializeStreamHeader(w, packetTypeLiteralData)
-	if err != nil {
-		return
-	}
-
-	_, err = inner.Write(buf[:2])
-	if err != nil {
-		return
-	}
-	_, err = inner.Write([]byte(fileName))
-	if err != nil {
-		return
-	}
-	binary.BigEndian.PutUint32(buf[:], time)
-	_, err = inner.Write(buf[:])
-	if err != nil {
-		return
-	}
-
-	plaintext = inner
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/marker.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/marker.go
deleted file mode 100644
index 1ee378ba3c..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/marker.go
+++ /dev/null
@@ -1,33 +0,0 @@
-package packet
-
-import (
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-type Marker struct{}
-
-const markerString = "PGP"
-
-// parse just checks if the packet contains "PGP".
-func (m *Marker) parse(reader io.Reader) error {
-	var buffer [3]byte
-	if _, err := io.ReadFull(reader, buffer[:]); err != nil {
-		return err
-	}
-	if string(buffer[:]) != markerString {
-		return errors.StructuralError("invalid marker packet")
-	}
-	return nil
-}
-
-// SerializeMarker writes a marker packet to writer.
-func SerializeMarker(writer io.Writer) error {
-	err := serializeHeader(writer, packetTypeMarker, len(markerString))
-	if err != nil {
-		return err
-	}
-	_, err = writer.Write([]byte(markerString))
-	return err
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/notation.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/notation.go
deleted file mode 100644
index 2c3e3f50b2..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/notation.go
+++ /dev/null
@@ -1,29 +0,0 @@
-package packet
-
-// Notation type represents a Notation Data subpacket
-// see https://tools.ietf.org/html/rfc4880#section-5.2.3.16
-type Notation struct {
-	Name            string
-	Value           []byte
-	IsCritical      bool
-	IsHumanReadable bool
-}
-
-func (notation *Notation) getData() []byte {
-	nameData := []byte(notation.Name)
-	nameLen := len(nameData)
-	valueLen := len(notation.Value)
-
-	data := make([]byte, 8+nameLen+valueLen)
-	if notation.IsHumanReadable {
-		data[0] = 0x80
-	}
-
-	data[4] = byte(nameLen >> 8)
-	data[5] = byte(nameLen)
-	data[6] = byte(valueLen >> 8)
-	data[7] = byte(valueLen)
-	copy(data[8:8+nameLen], nameData)
-	copy(data[8+nameLen:], notation.Value)
-	return data
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/ocfb.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/ocfb.go
deleted file mode 100644
index 4f26d0a00b..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/ocfb.go
+++ /dev/null
@@ -1,137 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// OpenPGP CFB Mode. http://tools.ietf.org/html/rfc4880#section-13.9
-
-package packet
-
-import (
-	"crypto/cipher"
-)
-
-type ocfbEncrypter struct {
-	b       cipher.Block
-	fre     []byte
-	outUsed int
-}
-
-// An OCFBResyncOption determines if the "resynchronization step" of OCFB is
-// performed.
-type OCFBResyncOption bool
-
-const (
-	OCFBResync   OCFBResyncOption = true
-	OCFBNoResync OCFBResyncOption = false
-)
-
-// NewOCFBEncrypter returns a cipher.Stream which encrypts data with OpenPGP's
-// cipher feedback mode using the given cipher.Block, and an initial amount of
-// ciphertext.  randData must be random bytes and be the same length as the
-// cipher.Block's block size. Resync determines if the "resynchronization step"
-// from RFC 4880, 13.9 step 7 is performed. Different parts of OpenPGP vary on
-// this point.
-func NewOCFBEncrypter(block cipher.Block, randData []byte, resync OCFBResyncOption) (cipher.Stream, []byte) {
-	blockSize := block.BlockSize()
-	if len(randData) != blockSize {
-		return nil, nil
-	}
-
-	x := &ocfbEncrypter{
-		b:       block,
-		fre:     make([]byte, blockSize),
-		outUsed: 0,
-	}
-	prefix := make([]byte, blockSize+2)
-
-	block.Encrypt(x.fre, x.fre)
-	for i := 0; i < blockSize; i++ {
-		prefix[i] = randData[i] ^ x.fre[i]
-	}
-
-	block.Encrypt(x.fre, prefix[:blockSize])
-	prefix[blockSize] = x.fre[0] ^ randData[blockSize-2]
-	prefix[blockSize+1] = x.fre[1] ^ randData[blockSize-1]
-
-	if resync {
-		block.Encrypt(x.fre, prefix[2:])
-	} else {
-		x.fre[0] = prefix[blockSize]
-		x.fre[1] = prefix[blockSize+1]
-		x.outUsed = 2
-	}
-	return x, prefix
-}
-
-func (x *ocfbEncrypter) XORKeyStream(dst, src []byte) {
-	for i := 0; i < len(src); i++ {
-		if x.outUsed == len(x.fre) {
-			x.b.Encrypt(x.fre, x.fre)
-			x.outUsed = 0
-		}
-
-		x.fre[x.outUsed] ^= src[i]
-		dst[i] = x.fre[x.outUsed]
-		x.outUsed++
-	}
-}
-
-type ocfbDecrypter struct {
-	b       cipher.Block
-	fre     []byte
-	outUsed int
-}
-
-// NewOCFBDecrypter returns a cipher.Stream which decrypts data with OpenPGP's
-// cipher feedback mode using the given cipher.Block. Prefix must be the first
-// blockSize + 2 bytes of the ciphertext, where blockSize is the cipher.Block's
-// block size. On successful exit, blockSize+2 bytes of decrypted data are written into
-// prefix. Resync determines if the "resynchronization step" from RFC 4880,
-// 13.9 step 7 is performed. Different parts of OpenPGP vary on this point.
-func NewOCFBDecrypter(block cipher.Block, prefix []byte, resync OCFBResyncOption) cipher.Stream {
-	blockSize := block.BlockSize()
-	if len(prefix) != blockSize+2 {
-		return nil
-	}
-
-	x := &ocfbDecrypter{
-		b:       block,
-		fre:     make([]byte, blockSize),
-		outUsed: 0,
-	}
-	prefixCopy := make([]byte, len(prefix))
-	copy(prefixCopy, prefix)
-
-	block.Encrypt(x.fre, x.fre)
-	for i := 0; i < blockSize; i++ {
-		prefixCopy[i] ^= x.fre[i]
-	}
-
-	block.Encrypt(x.fre, prefix[:blockSize])
-	prefixCopy[blockSize] ^= x.fre[0]
-	prefixCopy[blockSize+1] ^= x.fre[1]
-
-	if resync {
-		block.Encrypt(x.fre, prefix[2:])
-	} else {
-		x.fre[0] = prefix[blockSize]
-		x.fre[1] = prefix[blockSize+1]
-		x.outUsed = 2
-	}
-	copy(prefix, prefixCopy)
-	return x
-}
-
-func (x *ocfbDecrypter) XORKeyStream(dst, src []byte) {
-	for i := 0; i < len(src); i++ {
-		if x.outUsed == len(x.fre) {
-			x.b.Encrypt(x.fre, x.fre)
-			x.outUsed = 0
-		}
-
-		c := src[i]
-		dst[i] = x.fre[x.outUsed] ^ src[i]
-		x.fre[x.outUsed] = c
-		x.outUsed++
-	}
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/one_pass_signature.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/one_pass_signature.go
deleted file mode 100644
index f393c4063b..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/one_pass_signature.go
+++ /dev/null
@@ -1,157 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"crypto"
-	"encoding/binary"
-	"io"
-	"strconv"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-)
-
-// OnePassSignature represents a one-pass signature packet. See RFC 4880,
-// section 5.4.
-type OnePassSignature struct {
-	Version        int
-	SigType        SignatureType
-	Hash           crypto.Hash
-	PubKeyAlgo     PublicKeyAlgorithm
-	KeyId          uint64
-	IsLast         bool
-	Salt           []byte // v6 only
-	KeyFingerprint []byte // v6 only
-}
-
-func (ops *OnePassSignature) parse(r io.Reader) (err error) {
-	var buf [8]byte
-	// Read: version | signature type | hash algorithm | public-key algorithm
-	_, err = readFull(r, buf[:4])
-	if err != nil {
-		return
-	}
-	if buf[0] != 3 && buf[0] != 6 {
-		return errors.UnsupportedError("one-pass-signature packet version " + strconv.Itoa(int(buf[0])))
-	}
-	ops.Version = int(buf[0])
-
-	var ok bool
-	ops.Hash, ok = algorithm.HashIdToHashWithSha1(buf[2])
-	if !ok {
-		return errors.UnsupportedError("hash function: " + strconv.Itoa(int(buf[2])))
-	}
-
-	ops.SigType = SignatureType(buf[1])
-	ops.PubKeyAlgo = PublicKeyAlgorithm(buf[3])
-
-	if ops.Version == 6 {
-		// Only for v6, a variable-length field containing the salt
-		_, err = readFull(r, buf[:1])
-		if err != nil {
-			return
-		}
-		saltLength := int(buf[0])
-		var expectedSaltLength int
-		expectedSaltLength, err = SaltLengthForHash(ops.Hash)
-		if err != nil {
-			return
-		}
-		if saltLength != expectedSaltLength {
-			err = errors.StructuralError("unexpected salt size for the given hash algorithm")
-			return
-		}
-		salt := make([]byte, expectedSaltLength)
-		_, err = readFull(r, salt)
-		if err != nil {
-			return
-		}
-		ops.Salt = salt
-
-		// Only for v6 packets, 32 octets of the fingerprint of the signing key.
-		fingerprint := make([]byte, 32)
-		_, err = readFull(r, fingerprint)
-		if err != nil {
-			return
-		}
-		ops.KeyFingerprint = fingerprint
-		ops.KeyId = binary.BigEndian.Uint64(ops.KeyFingerprint[:8])
-	} else {
-		_, err = readFull(r, buf[:8])
-		if err != nil {
-			return
-		}
-		ops.KeyId = binary.BigEndian.Uint64(buf[:8])
-	}
-
-	_, err = readFull(r, buf[:1])
-	if err != nil {
-		return
-	}
-	ops.IsLast = buf[0] != 0
-	return
-}
-
-// Serialize marshals the given OnePassSignature to w.
-func (ops *OnePassSignature) Serialize(w io.Writer) error {
-	//v3 length 1+1+1+1+8+1 =
-	packetLength := 13
-	if ops.Version == 6 {
-		// v6 length 1+1+1+1+1+len(salt)+32+1 =
-		packetLength = 38 + len(ops.Salt)
-	}
-
-	if err := serializeHeader(w, packetTypeOnePassSignature, packetLength); err != nil {
-		return err
-	}
-
-	var buf [8]byte
-	buf[0] = byte(ops.Version)
-	buf[1] = uint8(ops.SigType)
-	var ok bool
-	buf[2], ok = algorithm.HashToHashIdWithSha1(ops.Hash)
-	if !ok {
-		return errors.UnsupportedError("hash type: " + strconv.Itoa(int(ops.Hash)))
-	}
-	buf[3] = uint8(ops.PubKeyAlgo)
-
-	_, err := w.Write(buf[:4])
-	if err != nil {
-		return err
-	}
-
-	if ops.Version == 6 {
-		// write salt for v6 signatures
-		_, err := w.Write([]byte{uint8(len(ops.Salt))})
-		if err != nil {
-			return err
-		}
-		_, err = w.Write(ops.Salt)
-		if err != nil {
-			return err
-		}
-
-		// write fingerprint v6 signatures
-		_, err = w.Write(ops.KeyFingerprint)
-		if err != nil {
-			return err
-		}
-	} else {
-		binary.BigEndian.PutUint64(buf[:8], ops.KeyId)
-		_, err := w.Write(buf[:8])
-		if err != nil {
-			return err
-		}
-	}
-
-	isLast := []byte{byte(0)}
-	if ops.IsLast {
-		isLast[0] = 1
-	}
-
-	_, err = w.Write(isLast)
-	return err
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/opaque.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/opaque.go
deleted file mode 100644
index cef7c661d3..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/opaque.go
+++ /dev/null
@@ -1,170 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"bytes"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-// OpaquePacket represents an OpenPGP packet as raw, unparsed data. This is
-// useful for splitting and storing the original packet contents separately,
-// handling unsupported packet types or accessing parts of the packet not yet
-// implemented by this package.
-type OpaquePacket struct {
-	// Packet type
-	Tag uint8
-	// Reason why the packet was parsed opaquely
-	Reason error
-	// Binary contents of the packet data
-	Contents []byte
-}
-
-func (op *OpaquePacket) parse(r io.Reader) (err error) {
-	op.Contents, err = io.ReadAll(r)
-	return
-}
-
-// Serialize marshals the packet to a writer in its original form, including
-// the packet header.
-func (op *OpaquePacket) Serialize(w io.Writer) (err error) {
-	err = serializeHeader(w, packetType(op.Tag), len(op.Contents))
-	if err == nil {
-		_, err = w.Write(op.Contents)
-	}
-	return
-}
-
-// Parse attempts to parse the opaque contents into a structure supported by
-// this package. If the packet is not known then the result will be another
-// OpaquePacket.
-func (op *OpaquePacket) Parse() (p Packet, err error) {
-	hdr := bytes.NewBuffer(nil)
-	err = serializeHeader(hdr, packetType(op.Tag), len(op.Contents))
-	if err != nil {
-		op.Reason = err
-		return op, err
-	}
-	p, err = Read(io.MultiReader(hdr, bytes.NewBuffer(op.Contents)))
-	if err != nil {
-		op.Reason = err
-		p = op
-	}
-	return
-}
-
-// OpaqueReader reads OpaquePackets from an io.Reader.
-type OpaqueReader struct {
-	r io.Reader
-}
-
-func NewOpaqueReader(r io.Reader) *OpaqueReader {
-	return &OpaqueReader{r: r}
-}
-
-// Read the next OpaquePacket.
-func (or *OpaqueReader) Next() (op *OpaquePacket, err error) {
-	tag, _, contents, err := readHeader(or.r)
-	if err != nil {
-		return
-	}
-	op = &OpaquePacket{Tag: uint8(tag), Reason: err}
-	err = op.parse(contents)
-	if err != nil {
-		consumeAll(contents)
-	}
-	return
-}
-
-// OpaqueSubpacket represents an unparsed OpenPGP subpacket,
-// as found in signature and user attribute packets.
-type OpaqueSubpacket struct {
-	SubType       uint8
-	EncodedLength []byte // Store the original encoded length for signature verifications.
-	Contents      []byte
-}
-
-// OpaqueSubpackets extracts opaque, unparsed OpenPGP subpackets from
-// their byte representation.
-func OpaqueSubpackets(contents []byte) (result []*OpaqueSubpacket, err error) {
-	var (
-		subHeaderLen int
-		subPacket    *OpaqueSubpacket
-	)
-	for len(contents) > 0 {
-		subHeaderLen, subPacket, err = nextSubpacket(contents)
-		if err != nil {
-			break
-		}
-		result = append(result, subPacket)
-		contents = contents[subHeaderLen+len(subPacket.Contents):]
-	}
-	return
-}
-
-func nextSubpacket(contents []byte) (subHeaderLen int, subPacket *OpaqueSubpacket, err error) {
-	// RFC 4880, section 5.2.3.1
-	var subLen uint32
-	var encodedLength []byte
-	if len(contents) < 1 {
-		goto Truncated
-	}
-	subPacket = &OpaqueSubpacket{}
-	switch {
-	case contents[0] < 192:
-		subHeaderLen = 2 // 1 length byte, 1 subtype byte
-		if len(contents) < subHeaderLen {
-			goto Truncated
-		}
-		encodedLength = contents[0:1]
-		subLen = uint32(contents[0])
-		contents = contents[1:]
-	case contents[0] < 255:
-		subHeaderLen = 3 // 2 length bytes, 1 subtype
-		if len(contents) < subHeaderLen {
-			goto Truncated
-		}
-		encodedLength = contents[0:2]
-		subLen = uint32(contents[0]-192)<<8 + uint32(contents[1]) + 192
-		contents = contents[2:]
-	default:
-		subHeaderLen = 6 // 5 length bytes, 1 subtype
-		if len(contents) < subHeaderLen {
-			goto Truncated
-		}
-		encodedLength = contents[0:5]
-		subLen = uint32(contents[1])<<24 |
-			uint32(contents[2])<<16 |
-			uint32(contents[3])<<8 |
-			uint32(contents[4])
-		contents = contents[5:]
-
-	}
-	if subLen > uint32(len(contents)) || subLen == 0 {
-		goto Truncated
-	}
-	subPacket.SubType = contents[0]
-	subPacket.EncodedLength = encodedLength
-	subPacket.Contents = contents[1:subLen]
-	return
-Truncated:
-	err = errors.StructuralError("subpacket truncated")
-	return
-}
-
-func (osp *OpaqueSubpacket) Serialize(w io.Writer) (err error) {
-	buf := make([]byte, 6)
-	copy(buf, osp.EncodedLength)
-	n := len(osp.EncodedLength)
-
-	buf[n] = osp.SubType
-	if _, err = w.Write(buf[:n+1]); err != nil {
-		return
-	}
-	_, err = w.Write(osp.Contents)
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet.go
deleted file mode 100644
index 1e92e22c97..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet.go
+++ /dev/null
@@ -1,675 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package packet implements parsing and serialization of OpenPGP packets, as
-// specified in RFC 4880.
-package packet // import "github.com/ProtonMail/go-crypto/openpgp/packet"
-
-import (
-	"bytes"
-	"crypto/cipher"
-	"crypto/rsa"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-)
-
-// readFull is the same as io.ReadFull except that reading zero bytes returns
-// ErrUnexpectedEOF rather than EOF.
-func readFull(r io.Reader, buf []byte) (n int, err error) {
-	n, err = io.ReadFull(r, buf)
-	if err == io.EOF {
-		err = io.ErrUnexpectedEOF
-	}
-	return
-}
-
-// readLength reads an OpenPGP length from r. See RFC 4880, section 4.2.2.
-func readLength(r io.Reader) (length int64, isPartial bool, err error) {
-	var buf [4]byte
-	_, err = readFull(r, buf[:1])
-	if err != nil {
-		return
-	}
-	switch {
-	case buf[0] < 192:
-		length = int64(buf[0])
-	case buf[0] < 224:
-		length = int64(buf[0]-192) << 8
-		_, err = readFull(r, buf[0:1])
-		if err != nil {
-			return
-		}
-		length += int64(buf[0]) + 192
-	case buf[0] < 255:
-		length = int64(1) << (buf[0] & 0x1f)
-		isPartial = true
-	default:
-		_, err = readFull(r, buf[0:4])
-		if err != nil {
-			return
-		}
-		length = int64(buf[0])<<24 |
-			int64(buf[1])<<16 |
-			int64(buf[2])<<8 |
-			int64(buf[3])
-	}
-	return
-}
-
-// partialLengthReader wraps an io.Reader and handles OpenPGP partial lengths.
-// The continuation lengths are parsed and removed from the stream and EOF is
-// returned at the end of the packet. See RFC 4880, section 4.2.2.4.
-type partialLengthReader struct {
-	r         io.Reader
-	remaining int64
-	isPartial bool
-}
-
-func (r *partialLengthReader) Read(p []byte) (n int, err error) {
-	for r.remaining == 0 {
-		if !r.isPartial {
-			return 0, io.EOF
-		}
-		r.remaining, r.isPartial, err = readLength(r.r)
-		if err != nil {
-			return 0, err
-		}
-	}
-
-	toRead := int64(len(p))
-	if toRead > r.remaining {
-		toRead = r.remaining
-	}
-
-	n, err = r.r.Read(p[:int(toRead)])
-	r.remaining -= int64(n)
-	if n < int(toRead) && err == io.EOF {
-		err = io.ErrUnexpectedEOF
-	}
-	return
-}
-
-// partialLengthWriter writes a stream of data using OpenPGP partial lengths.
-// See RFC 4880, section 4.2.2.4.
-type partialLengthWriter struct {
-	w          io.WriteCloser
-	buf        bytes.Buffer
-	lengthByte [1]byte
-}
-
-func (w *partialLengthWriter) Write(p []byte) (n int, err error) {
-	bufLen := w.buf.Len()
-	if bufLen > 512 {
-		for power := uint(30); ; power-- {
-			l := 1 << power
-			if bufLen >= l {
-				w.lengthByte[0] = 224 + uint8(power)
-				_, err = w.w.Write(w.lengthByte[:])
-				if err != nil {
-					return
-				}
-				var m int
-				m, err = w.w.Write(w.buf.Next(l))
-				if err != nil {
-					return
-				}
-				if m != l {
-					return 0, io.ErrShortWrite
-				}
-				break
-			}
-		}
-	}
-	return w.buf.Write(p)
-}
-
-func (w *partialLengthWriter) Close() (err error) {
-	len := w.buf.Len()
-	err = serializeLength(w.w, len)
-	if err != nil {
-		return err
-	}
-	_, err = w.buf.WriteTo(w.w)
-	if err != nil {
-		return err
-	}
-	return w.w.Close()
-}
-
-// A spanReader is an io.LimitReader, but it returns ErrUnexpectedEOF if the
-// underlying Reader returns EOF before the limit has been reached.
-type spanReader struct {
-	r io.Reader
-	n int64
-}
-
-func (l *spanReader) Read(p []byte) (n int, err error) {
-	if l.n <= 0 {
-		return 0, io.EOF
-	}
-	if int64(len(p)) > l.n {
-		p = p[0:l.n]
-	}
-	n, err = l.r.Read(p)
-	l.n -= int64(n)
-	if l.n > 0 && err == io.EOF {
-		err = io.ErrUnexpectedEOF
-	}
-	return
-}
-
-// readHeader parses a packet header and returns an io.Reader which will return
-// the contents of the packet. See RFC 4880, section 4.2.
-func readHeader(r io.Reader) (tag packetType, length int64, contents io.Reader, err error) {
-	var buf [4]byte
-	_, err = io.ReadFull(r, buf[:1])
-	if err != nil {
-		return
-	}
-	if buf[0]&0x80 == 0 {
-		err = errors.StructuralError("tag byte does not have MSB set")
-		return
-	}
-	if buf[0]&0x40 == 0 {
-		// Old format packet
-		tag = packetType((buf[0] & 0x3f) >> 2)
-		lengthType := buf[0] & 3
-		if lengthType == 3 {
-			length = -1
-			contents = r
-			return
-		}
-		lengthBytes := 1 << lengthType
-		_, err = readFull(r, buf[0:lengthBytes])
-		if err != nil {
-			return
-		}
-		for i := 0; i < lengthBytes; i++ {
-			length <<= 8
-			length |= int64(buf[i])
-		}
-		contents = &spanReader{r, length}
-		return
-	}
-
-	// New format packet
-	tag = packetType(buf[0] & 0x3f)
-	length, isPartial, err := readLength(r)
-	if err != nil {
-		return
-	}
-	if isPartial {
-		contents = &partialLengthReader{
-			remaining: length,
-			isPartial: true,
-			r:         r,
-		}
-		length = -1
-	} else {
-		contents = &spanReader{r, length}
-	}
-	return
-}
-
-// serializeHeader writes an OpenPGP packet header to w. See RFC 4880, section
-// 4.2.
-func serializeHeader(w io.Writer, ptype packetType, length int) (err error) {
-	err = serializeType(w, ptype)
-	if err != nil {
-		return
-	}
-	return serializeLength(w, length)
-}
-
-// serializeType writes an OpenPGP packet type to w. See RFC 4880, section
-// 4.2.
-func serializeType(w io.Writer, ptype packetType) (err error) {
-	var buf [1]byte
-	buf[0] = 0x80 | 0x40 | byte(ptype)
-	_, err = w.Write(buf[:])
-	return
-}
-
-// serializeLength writes an OpenPGP packet length to w. See RFC 4880, section
-// 4.2.2.
-func serializeLength(w io.Writer, length int) (err error) {
-	var buf [5]byte
-	var n int
-
-	if length < 192 {
-		buf[0] = byte(length)
-		n = 1
-	} else if length < 8384 {
-		length -= 192
-		buf[0] = 192 + byte(length>>8)
-		buf[1] = byte(length)
-		n = 2
-	} else {
-		buf[0] = 255
-		buf[1] = byte(length >> 24)
-		buf[2] = byte(length >> 16)
-		buf[3] = byte(length >> 8)
-		buf[4] = byte(length)
-		n = 5
-	}
-
-	_, err = w.Write(buf[:n])
-	return
-}
-
-// serializeStreamHeader writes an OpenPGP packet header to w where the
-// length of the packet is unknown. It returns a io.WriteCloser which can be
-// used to write the contents of the packet. See RFC 4880, section 4.2.
-func serializeStreamHeader(w io.WriteCloser, ptype packetType) (out io.WriteCloser, err error) {
-	err = serializeType(w, ptype)
-	if err != nil {
-		return
-	}
-	out = &partialLengthWriter{w: w}
-	return
-}
-
-// Packet represents an OpenPGP packet. Users are expected to try casting
-// instances of this interface to specific packet types.
-type Packet interface {
-	parse(io.Reader) error
-}
-
-// consumeAll reads from the given Reader until error, returning the number of
-// bytes read.
-func consumeAll(r io.Reader) (n int64, err error) {
-	var m int
-	var buf [1024]byte
-
-	for {
-		m, err = r.Read(buf[:])
-		n += int64(m)
-		if err == io.EOF {
-			err = nil
-			return
-		}
-		if err != nil {
-			return
-		}
-	}
-}
-
-// packetType represents the numeric ids of the different OpenPGP packet types. See
-// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-2
-type packetType uint8
-
-const (
-	packetTypeEncryptedKey                             packetType = 1
-	packetTypeSignature                                packetType = 2
-	packetTypeSymmetricKeyEncrypted                    packetType = 3
-	packetTypeOnePassSignature                         packetType = 4
-	packetTypePrivateKey                               packetType = 5
-	packetTypePublicKey                                packetType = 6
-	packetTypePrivateSubkey                            packetType = 7
-	packetTypeCompressed                               packetType = 8
-	packetTypeSymmetricallyEncrypted                   packetType = 9
-	packetTypeMarker                                   packetType = 10
-	packetTypeLiteralData                              packetType = 11
-	packetTypeTrust                                    packetType = 12
-	packetTypeUserId                                   packetType = 13
-	packetTypePublicSubkey                             packetType = 14
-	packetTypeUserAttribute                            packetType = 17
-	packetTypeSymmetricallyEncryptedIntegrityProtected packetType = 18
-	packetTypeAEADEncrypted                            packetType = 20
-	packetPadding                                      packetType = 21
-)
-
-// EncryptedDataPacket holds encrypted data. It is currently implemented by
-// SymmetricallyEncrypted and AEADEncrypted.
-type EncryptedDataPacket interface {
-	Decrypt(CipherFunction, []byte) (io.ReadCloser, error)
-}
-
-// Read reads a single OpenPGP packet from the given io.Reader. If there is an
-// error parsing a packet, the whole packet is consumed from the input.
-func Read(r io.Reader) (p Packet, err error) {
-	tag, len, contents, err := readHeader(r)
-	if err != nil {
-		return
-	}
-
-	switch tag {
-	case packetTypeEncryptedKey:
-		p = new(EncryptedKey)
-	case packetTypeSignature:
-		p = new(Signature)
-	case packetTypeSymmetricKeyEncrypted:
-		p = new(SymmetricKeyEncrypted)
-	case packetTypeOnePassSignature:
-		p = new(OnePassSignature)
-	case packetTypePrivateKey, packetTypePrivateSubkey:
-		pk := new(PrivateKey)
-		if tag == packetTypePrivateSubkey {
-			pk.IsSubkey = true
-		}
-		p = pk
-	case packetTypePublicKey, packetTypePublicSubkey:
-		isSubkey := tag == packetTypePublicSubkey
-		p = &PublicKey{IsSubkey: isSubkey}
-	case packetTypeCompressed:
-		p = new(Compressed)
-	case packetTypeSymmetricallyEncrypted:
-		p = new(SymmetricallyEncrypted)
-	case packetTypeLiteralData:
-		p = new(LiteralData)
-	case packetTypeUserId:
-		p = new(UserId)
-	case packetTypeUserAttribute:
-		p = new(UserAttribute)
-	case packetTypeSymmetricallyEncryptedIntegrityProtected:
-		se := new(SymmetricallyEncrypted)
-		se.IntegrityProtected = true
-		p = se
-	case packetTypeAEADEncrypted:
-		p = new(AEADEncrypted)
-	case packetPadding:
-		p = Padding(len)
-	case packetTypeMarker:
-		p = new(Marker)
-	case packetTypeTrust:
-		// Not implemented, just consume
-		err = errors.UnknownPacketTypeError(tag)
-	default:
-		// Packet Tags from 0 to 39 are critical.
-		// Packet Tags from 40 to 63 are non-critical.
-		if tag < 40 {
-			err = errors.CriticalUnknownPacketTypeError(tag)
-		} else {
-			err = errors.UnknownPacketTypeError(tag)
-		}
-	}
-	if p != nil {
-		err = p.parse(contents)
-	}
-	if err != nil {
-		consumeAll(contents)
-	}
-	return
-}
-
-// ReadWithCheck reads a single OpenPGP message packet from the given io.Reader. If there is an
-// error parsing a packet, the whole packet is consumed from the input.
-// ReadWithCheck additionally checks if the OpenPGP message packet sequence adheres
-// to the packet composition rules in rfc4880, if not throws an error.
-func ReadWithCheck(r io.Reader, sequence *SequenceVerifier) (p Packet, msgErr error, err error) {
-	tag, len, contents, err := readHeader(r)
-	if err != nil {
-		return
-	}
-	switch tag {
-	case packetTypeEncryptedKey:
-		msgErr = sequence.Next(ESKSymbol)
-		p = new(EncryptedKey)
-	case packetTypeSignature:
-		msgErr = sequence.Next(SigSymbol)
-		p = new(Signature)
-	case packetTypeSymmetricKeyEncrypted:
-		msgErr = sequence.Next(ESKSymbol)
-		p = new(SymmetricKeyEncrypted)
-	case packetTypeOnePassSignature:
-		msgErr = sequence.Next(OPSSymbol)
-		p = new(OnePassSignature)
-	case packetTypeCompressed:
-		msgErr = sequence.Next(CompSymbol)
-		p = new(Compressed)
-	case packetTypeSymmetricallyEncrypted:
-		msgErr = sequence.Next(EncSymbol)
-		p = new(SymmetricallyEncrypted)
-	case packetTypeLiteralData:
-		msgErr = sequence.Next(LDSymbol)
-		p = new(LiteralData)
-	case packetTypeSymmetricallyEncryptedIntegrityProtected:
-		msgErr = sequence.Next(EncSymbol)
-		se := new(SymmetricallyEncrypted)
-		se.IntegrityProtected = true
-		p = se
-	case packetTypeAEADEncrypted:
-		msgErr = sequence.Next(EncSymbol)
-		p = new(AEADEncrypted)
-	case packetPadding:
-		p = Padding(len)
-	case packetTypeMarker:
-		p = new(Marker)
-	case packetTypeTrust:
-		// Not implemented, just consume
-		err = errors.UnknownPacketTypeError(tag)
-	case packetTypePrivateKey,
-		packetTypePrivateSubkey,
-		packetTypePublicKey,
-		packetTypePublicSubkey,
-		packetTypeUserId,
-		packetTypeUserAttribute:
-		msgErr = sequence.Next(UnknownSymbol)
-		consumeAll(contents)
-	default:
-		// Packet Tags from 0 to 39 are critical.
-		// Packet Tags from 40 to 63 are non-critical.
-		if tag < 40 {
-			err = errors.CriticalUnknownPacketTypeError(tag)
-		} else {
-			err = errors.UnknownPacketTypeError(tag)
-		}
-	}
-	if p != nil {
-		err = p.parse(contents)
-	}
-	if err != nil {
-		consumeAll(contents)
-	}
-	return
-}
-
-// SignatureType represents the different semantic meanings of an OpenPGP
-// signature. See RFC 4880, section 5.2.1.
-type SignatureType uint8
-
-const (
-	SigTypeBinary                  SignatureType = 0x00
-	SigTypeText                    SignatureType = 0x01
-	SigTypeGenericCert             SignatureType = 0x10
-	SigTypePersonaCert             SignatureType = 0x11
-	SigTypeCasualCert              SignatureType = 0x12
-	SigTypePositiveCert            SignatureType = 0x13
-	SigTypeSubkeyBinding           SignatureType = 0x18
-	SigTypePrimaryKeyBinding       SignatureType = 0x19
-	SigTypeDirectSignature         SignatureType = 0x1F
-	SigTypeKeyRevocation           SignatureType = 0x20
-	SigTypeSubkeyRevocation        SignatureType = 0x28
-	SigTypeCertificationRevocation SignatureType = 0x30
-)
-
-// PublicKeyAlgorithm represents the different public key system specified for
-// OpenPGP. See
-// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-12
-type PublicKeyAlgorithm uint8
-
-const (
-	PubKeyAlgoRSA     PublicKeyAlgorithm = 1
-	PubKeyAlgoElGamal PublicKeyAlgorithm = 16
-	PubKeyAlgoDSA     PublicKeyAlgorithm = 17
-	// RFC 6637, Section 5.
-	PubKeyAlgoECDH  PublicKeyAlgorithm = 18
-	PubKeyAlgoECDSA PublicKeyAlgorithm = 19
-	// https://www.ietf.org/archive/id/draft-koch-eddsa-for-openpgp-04.txt
-	PubKeyAlgoEdDSA PublicKeyAlgorithm = 22
-	// https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh
-	PubKeyAlgoX25519  PublicKeyAlgorithm = 25
-	PubKeyAlgoX448    PublicKeyAlgorithm = 26
-	PubKeyAlgoEd25519 PublicKeyAlgorithm = 27
-	PubKeyAlgoEd448   PublicKeyAlgorithm = 28
-
-	// Deprecated in RFC 4880, Section 13.5. Use key flags instead.
-	PubKeyAlgoRSAEncryptOnly PublicKeyAlgorithm = 2
-	PubKeyAlgoRSASignOnly    PublicKeyAlgorithm = 3
-)
-
-// CanEncrypt returns true if it's possible to encrypt a message to a public
-// key of the given type.
-func (pka PublicKeyAlgorithm) CanEncrypt() bool {
-	switch pka {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoElGamal, PubKeyAlgoECDH, PubKeyAlgoX25519, PubKeyAlgoX448:
-		return true
-	}
-	return false
-}
-
-// CanSign returns true if it's possible for a public key of the given type to
-// sign a message.
-func (pka PublicKeyAlgorithm) CanSign() bool {
-	switch pka {
-	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoDSA, PubKeyAlgoECDSA, PubKeyAlgoEdDSA, PubKeyAlgoEd25519, PubKeyAlgoEd448:
-		return true
-	}
-	return false
-}
-
-// CipherFunction represents the different block ciphers specified for OpenPGP. See
-// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-13
-type CipherFunction algorithm.CipherFunction
-
-const (
-	Cipher3DES   CipherFunction = 2
-	CipherCAST5  CipherFunction = 3
-	CipherAES128 CipherFunction = 7
-	CipherAES192 CipherFunction = 8
-	CipherAES256 CipherFunction = 9
-)
-
-// KeySize returns the key size, in bytes, of cipher.
-func (cipher CipherFunction) KeySize() int {
-	return algorithm.CipherFunction(cipher).KeySize()
-}
-
-// IsSupported returns true if the cipher is supported from the library
-func (cipher CipherFunction) IsSupported() bool {
-	return algorithm.CipherFunction(cipher).KeySize() > 0
-}
-
-// blockSize returns the block size, in bytes, of cipher.
-func (cipher CipherFunction) blockSize() int {
-	return algorithm.CipherFunction(cipher).BlockSize()
-}
-
-// new returns a fresh instance of the given cipher.
-func (cipher CipherFunction) new(key []byte) (block cipher.Block) {
-	return algorithm.CipherFunction(cipher).New(key)
-}
-
-// padToKeySize left-pads a MPI with zeroes to match the length of the
-// specified RSA public.
-func padToKeySize(pub *rsa.PublicKey, b []byte) []byte {
-	k := (pub.N.BitLen() + 7) / 8
-	if len(b) >= k {
-		return b
-	}
-	bb := make([]byte, k)
-	copy(bb[len(bb)-len(b):], b)
-	return bb
-}
-
-// CompressionAlgo Represents the different compression algorithms
-// supported by OpenPGP (except for BZIP2, which is not currently
-// supported). See Section 9.3 of RFC 4880.
-type CompressionAlgo uint8
-
-const (
-	CompressionNone CompressionAlgo = 0
-	CompressionZIP  CompressionAlgo = 1
-	CompressionZLIB CompressionAlgo = 2
-)
-
-// AEADMode represents the different Authenticated Encryption with Associated
-// Data specified for OpenPGP.
-// See https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-9.6
-type AEADMode algorithm.AEADMode
-
-const (
-	AEADModeEAX AEADMode = 1
-	AEADModeOCB AEADMode = 2
-	AEADModeGCM AEADMode = 3
-)
-
-func (mode AEADMode) IvLength() int {
-	return algorithm.AEADMode(mode).NonceLength()
-}
-
-func (mode AEADMode) TagLength() int {
-	return algorithm.AEADMode(mode).TagLength()
-}
-
-// IsSupported returns true if the aead mode is supported from the library
-func (mode AEADMode) IsSupported() bool {
-	return algorithm.AEADMode(mode).TagLength() > 0
-}
-
-// new returns a fresh instance of the given mode.
-func (mode AEADMode) new(block cipher.Block) cipher.AEAD {
-	return algorithm.AEADMode(mode).New(block)
-}
-
-// ReasonForRevocation represents a revocation reason code as per RFC4880
-// section 5.2.3.23.
-type ReasonForRevocation uint8
-
-const (
-	NoReason       ReasonForRevocation = 0
-	KeySuperseded  ReasonForRevocation = 1
-	KeyCompromised ReasonForRevocation = 2
-	KeyRetired     ReasonForRevocation = 3
-	UserIDNotValid ReasonForRevocation = 32
-	Unknown        ReasonForRevocation = 200
-)
-
-func NewReasonForRevocation(value byte) ReasonForRevocation {
-	if value < 4 || value == 32 {
-		return ReasonForRevocation(value)
-	}
-	return Unknown
-}
-
-// Curve is a mapping to supported ECC curves for key generation.
-// See https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-06.html#name-curve-specific-wire-formats
-type Curve string
-
-const (
-	Curve25519         Curve = "Curve25519"
-	Curve448           Curve = "Curve448"
-	CurveNistP256      Curve = "P256"
-	CurveNistP384      Curve = "P384"
-	CurveNistP521      Curve = "P521"
-	CurveSecP256k1     Curve = "SecP256k1"
-	CurveBrainpoolP256 Curve = "BrainpoolP256"
-	CurveBrainpoolP384 Curve = "BrainpoolP384"
-	CurveBrainpoolP512 Curve = "BrainpoolP512"
-)
-
-// TrustLevel represents a trust level per RFC4880 5.2.3.13
-type TrustLevel uint8
-
-// TrustAmount represents a trust amount per RFC4880 5.2.3.13
-type TrustAmount uint8
-
-const (
-	// versionSize is the length in bytes of the version value.
-	versionSize = 1
-	// algorithmSize is the length in bytes of the key algorithm value.
-	algorithmSize = 1
-	// keyVersionSize is the length in bytes of the key version value
-	keyVersionSize = 1
-	// keyIdSize is the length in bytes of the key identifier value.
-	keyIdSize = 8
-	// timestampSize is the length in bytes of encoded timestamps.
-	timestampSize = 4
-	// fingerprintSizeV6 is the length in bytes of the key fingerprint in v6.
-	fingerprintSizeV6 = 32
-	// fingerprintSize is the length in bytes of the key fingerprint.
-	fingerprintSize = 20
-)
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet_sequence.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet_sequence.go
deleted file mode 100644
index 55a8a56c2d..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet_sequence.go
+++ /dev/null
@@ -1,222 +0,0 @@
-package packet
-
-// This file implements the pushdown automata (PDA) from PGPainless (Paul Schaub)
-// to verify pgp packet sequences. See Paul's blogpost for more details:
-// https://blog.jabberhead.tk/2022/10/26/implementing-packet-sequence-validation-using-pushdown-automata/
-import (
-	"fmt"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-func NewErrMalformedMessage(from State, input InputSymbol, stackSymbol StackSymbol) errors.ErrMalformedMessage {
-	return errors.ErrMalformedMessage(fmt.Sprintf("state %d, input symbol %d, stack symbol %d ", from, input, stackSymbol))
-}
-
-// InputSymbol defines the input alphabet of the PDA
-type InputSymbol uint8
-
-const (
-	LDSymbol InputSymbol = iota
-	SigSymbol
-	OPSSymbol
-	CompSymbol
-	ESKSymbol
-	EncSymbol
-	EOSSymbol
-	UnknownSymbol
-)
-
-// StackSymbol defines the stack alphabet of the PDA
-type StackSymbol int8
-
-const (
-	MsgStackSymbol StackSymbol = iota
-	OpsStackSymbol
-	KeyStackSymbol
-	EndStackSymbol
-	EmptyStackSymbol
-)
-
-// State defines the states of the PDA
-type State int8
-
-const (
-	OpenPGPMessage State = iota
-	ESKMessage
-	LiteralMessage
-	CompressedMessage
-	EncryptedMessage
-	ValidMessage
-)
-
-// transition represents a state transition in the PDA
-type transition func(input InputSymbol, stackSymbol StackSymbol) (State, []StackSymbol, bool, error)
-
-// SequenceVerifier is a pushdown automata to verify
-// PGP messages packet sequences according to rfc4880.
-type SequenceVerifier struct {
-	stack []StackSymbol
-	state State
-}
-
-// Next performs a state transition with the given input symbol.
-// If the transition fails a ErrMalformedMessage is returned.
-func (sv *SequenceVerifier) Next(input InputSymbol) error {
-	for {
-		stackSymbol := sv.popStack()
-		transitionFunc := getTransition(sv.state)
-		nextState, newStackSymbols, redo, err := transitionFunc(input, stackSymbol)
-		if err != nil {
-			return err
-		}
-		if redo {
-			sv.pushStack(stackSymbol)
-		}
-		for _, newStackSymbol := range newStackSymbols {
-			sv.pushStack(newStackSymbol)
-		}
-		sv.state = nextState
-		if !redo {
-			break
-		}
-	}
-	return nil
-}
-
-// Valid returns true if RDA is in a valid state.
-func (sv *SequenceVerifier) Valid() bool {
-	return sv.state == ValidMessage && len(sv.stack) == 0
-}
-
-func (sv *SequenceVerifier) AssertValid() error {
-	if !sv.Valid() {
-		return errors.ErrMalformedMessage("invalid message")
-	}
-	return nil
-}
-
-func NewSequenceVerifier() *SequenceVerifier {
-	return &SequenceVerifier{
-		stack: []StackSymbol{EndStackSymbol, MsgStackSymbol},
-		state: OpenPGPMessage,
-	}
-}
-
-func (sv *SequenceVerifier) popStack() StackSymbol {
-	if len(sv.stack) == 0 {
-		return EmptyStackSymbol
-	}
-	elemIndex := len(sv.stack) - 1
-	stackSymbol := sv.stack[elemIndex]
-	sv.stack = sv.stack[:elemIndex]
-	return stackSymbol
-}
-
-func (sv *SequenceVerifier) pushStack(stackSymbol StackSymbol) {
-	sv.stack = append(sv.stack, stackSymbol)
-}
-
-func getTransition(from State) transition {
-	switch from {
-	case OpenPGPMessage:
-		return fromOpenPGPMessage
-	case LiteralMessage:
-		return fromLiteralMessage
-	case CompressedMessage:
-		return fromCompressedMessage
-	case EncryptedMessage:
-		return fromEncryptedMessage
-	case ESKMessage:
-		return fromESKMessage
-	case ValidMessage:
-		return fromValidMessage
-	}
-	return nil
-}
-
-// fromOpenPGPMessage is the transition for the state OpenPGPMessage.
-func fromOpenPGPMessage(input InputSymbol, stackSymbol StackSymbol) (State, []StackSymbol, bool, error) {
-	if stackSymbol != MsgStackSymbol {
-		return 0, nil, false, NewErrMalformedMessage(OpenPGPMessage, input, stackSymbol)
-	}
-	switch input {
-	case LDSymbol:
-		return LiteralMessage, nil, false, nil
-	case SigSymbol:
-		return OpenPGPMessage, []StackSymbol{MsgStackSymbol}, false, nil
-	case OPSSymbol:
-		return OpenPGPMessage, []StackSymbol{OpsStackSymbol, MsgStackSymbol}, false, nil
-	case CompSymbol:
-		return CompressedMessage, nil, false, nil
-	case ESKSymbol:
-		return ESKMessage, []StackSymbol{KeyStackSymbol}, false, nil
-	case EncSymbol:
-		return EncryptedMessage, nil, false, nil
-	}
-	return 0, nil, false, NewErrMalformedMessage(OpenPGPMessage, input, stackSymbol)
-}
-
-// fromESKMessage is the transition for the state ESKMessage.
-func fromESKMessage(input InputSymbol, stackSymbol StackSymbol) (State, []StackSymbol, bool, error) {
-	if stackSymbol != KeyStackSymbol {
-		return 0, nil, false, NewErrMalformedMessage(ESKMessage, input, stackSymbol)
-	}
-	switch input {
-	case ESKSymbol:
-		return ESKMessage, []StackSymbol{KeyStackSymbol}, false, nil
-	case EncSymbol:
-		return EncryptedMessage, nil, false, nil
-	}
-	return 0, nil, false, NewErrMalformedMessage(ESKMessage, input, stackSymbol)
-}
-
-// fromLiteralMessage is the transition for the state LiteralMessage.
-func fromLiteralMessage(input InputSymbol, stackSymbol StackSymbol) (State, []StackSymbol, bool, error) {
-	switch input {
-	case SigSymbol:
-		if stackSymbol == OpsStackSymbol {
-			return LiteralMessage, nil, false, nil
-		}
-	case EOSSymbol:
-		if stackSymbol == EndStackSymbol {
-			return ValidMessage, nil, false, nil
-		}
-	}
-	return 0, nil, false, NewErrMalformedMessage(LiteralMessage, input, stackSymbol)
-}
-
-// fromLiteralMessage is the transition for the state CompressedMessage.
-func fromCompressedMessage(input InputSymbol, stackSymbol StackSymbol) (State, []StackSymbol, bool, error) {
-	switch input {
-	case SigSymbol:
-		if stackSymbol == OpsStackSymbol {
-			return CompressedMessage, nil, false, nil
-		}
-	case EOSSymbol:
-		if stackSymbol == EndStackSymbol {
-			return ValidMessage, nil, false, nil
-		}
-	}
-	return OpenPGPMessage, []StackSymbol{MsgStackSymbol}, true, nil
-}
-
-// fromEncryptedMessage is the transition for the state EncryptedMessage.
-func fromEncryptedMessage(input InputSymbol, stackSymbol StackSymbol) (State, []StackSymbol, bool, error) {
-	switch input {
-	case SigSymbol:
-		if stackSymbol == OpsStackSymbol {
-			return EncryptedMessage, nil, false, nil
-		}
-	case EOSSymbol:
-		if stackSymbol == EndStackSymbol {
-			return ValidMessage, nil, false, nil
-		}
-	}
-	return OpenPGPMessage, []StackSymbol{MsgStackSymbol}, true, nil
-}
-
-// fromValidMessage is the transition for the state ValidMessage.
-func fromValidMessage(input InputSymbol, stackSymbol StackSymbol) (State, []StackSymbol, bool, error) {
-	return 0, nil, false, NewErrMalformedMessage(ValidMessage, input, stackSymbol)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet_unsupported.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet_unsupported.go
deleted file mode 100644
index 2d714723cf..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet_unsupported.go
+++ /dev/null
@@ -1,24 +0,0 @@
-package packet
-
-import (
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-// UnsupportedPackage represents a OpenPGP packet with a known packet type
-// but with unsupported content.
-type UnsupportedPacket struct {
-	IncompletePacket Packet
-	Error            errors.UnsupportedError
-}
-
-// Implements the Packet interface
-func (up *UnsupportedPacket) parse(read io.Reader) error {
-	err := up.IncompletePacket.parse(read)
-	if castedErr, ok := err.(errors.UnsupportedError); ok {
-		up.Error = castedErr
-		return nil
-	}
-	return err
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/padding.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/padding.go
deleted file mode 100644
index 3b6a7045d1..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/padding.go
+++ /dev/null
@@ -1,26 +0,0 @@
-package packet
-
-import (
-	"io"
-)
-
-// Padding type represents a Padding Packet (Tag 21).
-// The padding type is represented by the length of its padding.
-// see https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh#name-padding-packet-tag-21
-type Padding int
-
-// parse just ignores the padding content.
-func (pad Padding) parse(reader io.Reader) error {
-	_, err := io.CopyN(io.Discard, reader, int64(pad))
-	return err
-}
-
-// SerializePadding writes the padding to writer.
-func (pad Padding) SerializePadding(writer io.Writer, rand io.Reader) error {
-	err := serializeHeader(writer, packetPadding, int(pad))
-	if err != nil {
-		return err
-	}
-	_, err = io.CopyN(writer, rand, int64(pad))
-	return err
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key.go
deleted file mode 100644
index f04e6c6b87..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key.go
+++ /dev/null
@@ -1,1191 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"bytes"
-	"crypto"
-	"crypto/cipher"
-	"crypto/dsa"
-	"crypto/rsa"
-	"crypto/sha1"
-	"crypto/sha256"
-	"crypto/subtle"
-	"fmt"
-	"io"
-	"math/big"
-	"strconv"
-	"time"
-
-	"github.com/ProtonMail/go-crypto/openpgp/ecdh"
-	"github.com/ProtonMail/go-crypto/openpgp/ecdsa"
-	"github.com/ProtonMail/go-crypto/openpgp/ed25519"
-	"github.com/ProtonMail/go-crypto/openpgp/ed448"
-	"github.com/ProtonMail/go-crypto/openpgp/eddsa"
-	"github.com/ProtonMail/go-crypto/openpgp/elgamal"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
-	"github.com/ProtonMail/go-crypto/openpgp/s2k"
-	"github.com/ProtonMail/go-crypto/openpgp/x25519"
-	"github.com/ProtonMail/go-crypto/openpgp/x448"
-	"golang.org/x/crypto/hkdf"
-)
-
-// PrivateKey represents a possibly encrypted private key. See RFC 4880,
-// section 5.5.3.
-type PrivateKey struct {
-	PublicKey
-	Encrypted     bool // if true then the private key is unavailable until Decrypt has been called.
-	encryptedData []byte
-	cipher        CipherFunction
-	s2k           func(out, in []byte)
-	aead          AEADMode // only relevant if S2KAEAD is enabled
-	// An *{rsa|dsa|elgamal|ecdh|ecdsa|ed25519|ed448}.PrivateKey or
-	// crypto.Signer/crypto.Decrypter (Decryptor RSA only).
-	PrivateKey interface{}
-	iv         []byte
-
-	// Type of encryption of the S2K packet
-	// Allowed values are 0 (Not encrypted), 253 (AEAD), 254 (SHA1), or
-	// 255 (2-byte checksum)
-	s2kType S2KType
-	// Full parameters of the S2K packet
-	s2kParams *s2k.Params
-}
-
-// S2KType s2k packet type
-type S2KType uint8
-
-const (
-	// S2KNON unencrypt
-	S2KNON S2KType = 0
-	// S2KAEAD use authenticated encryption
-	S2KAEAD S2KType = 253
-	// S2KSHA1 sha1 sum check
-	S2KSHA1 S2KType = 254
-	// S2KCHECKSUM sum check
-	S2KCHECKSUM S2KType = 255
-)
-
-func NewRSAPrivateKey(creationTime time.Time, priv *rsa.PrivateKey) *PrivateKey {
-	pk := new(PrivateKey)
-	pk.PublicKey = *NewRSAPublicKey(creationTime, &priv.PublicKey)
-	pk.PrivateKey = priv
-	return pk
-}
-
-func NewDSAPrivateKey(creationTime time.Time, priv *dsa.PrivateKey) *PrivateKey {
-	pk := new(PrivateKey)
-	pk.PublicKey = *NewDSAPublicKey(creationTime, &priv.PublicKey)
-	pk.PrivateKey = priv
-	return pk
-}
-
-func NewElGamalPrivateKey(creationTime time.Time, priv *elgamal.PrivateKey) *PrivateKey {
-	pk := new(PrivateKey)
-	pk.PublicKey = *NewElGamalPublicKey(creationTime, &priv.PublicKey)
-	pk.PrivateKey = priv
-	return pk
-}
-
-func NewECDSAPrivateKey(creationTime time.Time, priv *ecdsa.PrivateKey) *PrivateKey {
-	pk := new(PrivateKey)
-	pk.PublicKey = *NewECDSAPublicKey(creationTime, &priv.PublicKey)
-	pk.PrivateKey = priv
-	return pk
-}
-
-func NewEdDSAPrivateKey(creationTime time.Time, priv *eddsa.PrivateKey) *PrivateKey {
-	pk := new(PrivateKey)
-	pk.PublicKey = *NewEdDSAPublicKey(creationTime, &priv.PublicKey)
-	pk.PrivateKey = priv
-	return pk
-}
-
-func NewECDHPrivateKey(creationTime time.Time, priv *ecdh.PrivateKey) *PrivateKey {
-	pk := new(PrivateKey)
-	pk.PublicKey = *NewECDHPublicKey(creationTime, &priv.PublicKey)
-	pk.PrivateKey = priv
-	return pk
-}
-
-func NewX25519PrivateKey(creationTime time.Time, priv *x25519.PrivateKey) *PrivateKey {
-	pk := new(PrivateKey)
-	pk.PublicKey = *NewX25519PublicKey(creationTime, &priv.PublicKey)
-	pk.PrivateKey = priv
-	return pk
-}
-
-func NewX448PrivateKey(creationTime time.Time, priv *x448.PrivateKey) *PrivateKey {
-	pk := new(PrivateKey)
-	pk.PublicKey = *NewX448PublicKey(creationTime, &priv.PublicKey)
-	pk.PrivateKey = priv
-	return pk
-}
-
-func NewEd25519PrivateKey(creationTime time.Time, priv *ed25519.PrivateKey) *PrivateKey {
-	pk := new(PrivateKey)
-	pk.PublicKey = *NewEd25519PublicKey(creationTime, &priv.PublicKey)
-	pk.PrivateKey = priv
-	return pk
-}
-
-func NewEd448PrivateKey(creationTime time.Time, priv *ed448.PrivateKey) *PrivateKey {
-	pk := new(PrivateKey)
-	pk.PublicKey = *NewEd448PublicKey(creationTime, &priv.PublicKey)
-	pk.PrivateKey = priv
-	return pk
-}
-
-// NewSignerPrivateKey creates a PrivateKey from a crypto.Signer that
-// implements RSA, ECDSA or EdDSA.
-func NewSignerPrivateKey(creationTime time.Time, signer interface{}) *PrivateKey {
-	pk := new(PrivateKey)
-	// In general, the public Keys should be used as pointers. We still
-	// type-switch on the values, for backwards-compatibility.
-	switch pubkey := signer.(type) {
-	case *rsa.PrivateKey:
-		pk.PublicKey = *NewRSAPublicKey(creationTime, &pubkey.PublicKey)
-	case rsa.PrivateKey:
-		pk.PublicKey = *NewRSAPublicKey(creationTime, &pubkey.PublicKey)
-	case *ecdsa.PrivateKey:
-		pk.PublicKey = *NewECDSAPublicKey(creationTime, &pubkey.PublicKey)
-	case ecdsa.PrivateKey:
-		pk.PublicKey = *NewECDSAPublicKey(creationTime, &pubkey.PublicKey)
-	case *eddsa.PrivateKey:
-		pk.PublicKey = *NewEdDSAPublicKey(creationTime, &pubkey.PublicKey)
-	case eddsa.PrivateKey:
-		pk.PublicKey = *NewEdDSAPublicKey(creationTime, &pubkey.PublicKey)
-	case *ed25519.PrivateKey:
-		pk.PublicKey = *NewEd25519PublicKey(creationTime, &pubkey.PublicKey)
-	case ed25519.PrivateKey:
-		pk.PublicKey = *NewEd25519PublicKey(creationTime, &pubkey.PublicKey)
-	case *ed448.PrivateKey:
-		pk.PublicKey = *NewEd448PublicKey(creationTime, &pubkey.PublicKey)
-	case ed448.PrivateKey:
-		pk.PublicKey = *NewEd448PublicKey(creationTime, &pubkey.PublicKey)
-	default:
-		panic("openpgp: unknown signer type in NewSignerPrivateKey")
-	}
-	pk.PrivateKey = signer
-	return pk
-}
-
-// NewDecrypterPrivateKey creates a PrivateKey from a *{rsa|elgamal|ecdh|x25519|x448}.PrivateKey.
-func NewDecrypterPrivateKey(creationTime time.Time, decrypter interface{}) *PrivateKey {
-	pk := new(PrivateKey)
-	switch priv := decrypter.(type) {
-	case *rsa.PrivateKey:
-		pk.PublicKey = *NewRSAPublicKey(creationTime, &priv.PublicKey)
-	case *elgamal.PrivateKey:
-		pk.PublicKey = *NewElGamalPublicKey(creationTime, &priv.PublicKey)
-	case *ecdh.PrivateKey:
-		pk.PublicKey = *NewECDHPublicKey(creationTime, &priv.PublicKey)
-	case *x25519.PrivateKey:
-		pk.PublicKey = *NewX25519PublicKey(creationTime, &priv.PublicKey)
-	case *x448.PrivateKey:
-		pk.PublicKey = *NewX448PublicKey(creationTime, &priv.PublicKey)
-	default:
-		panic("openpgp: unknown decrypter type in NewDecrypterPrivateKey")
-	}
-	pk.PrivateKey = decrypter
-	return pk
-}
-
-func (pk *PrivateKey) parse(r io.Reader) (err error) {
-	err = (&pk.PublicKey).parse(r)
-	if err != nil {
-		return
-	}
-	v5 := pk.PublicKey.Version == 5
-	v6 := pk.PublicKey.Version == 6
-
-	if V5Disabled && v5 {
-		return errors.UnsupportedError("support for parsing v5 entities is disabled; build with `-tags v5` if needed")
-	}
-
-	var buf [1]byte
-	_, err = readFull(r, buf[:])
-	if err != nil {
-		return
-	}
-	pk.s2kType = S2KType(buf[0])
-	var optCount [1]byte
-	if v5 || (v6 && pk.s2kType != S2KNON) {
-		if _, err = readFull(r, optCount[:]); err != nil {
-			return
-		}
-	}
-
-	switch pk.s2kType {
-	case S2KNON:
-		pk.s2k = nil
-		pk.Encrypted = false
-	case S2KSHA1, S2KCHECKSUM, S2KAEAD:
-		if (v5 || v6) && pk.s2kType == S2KCHECKSUM {
-			return errors.StructuralError(fmt.Sprintf("wrong s2k identifier for version %d", pk.Version))
-		}
-		_, err = readFull(r, buf[:])
-		if err != nil {
-			return
-		}
-		pk.cipher = CipherFunction(buf[0])
-		if pk.cipher != 0 && !pk.cipher.IsSupported() {
-			return errors.UnsupportedError("unsupported cipher function in private key")
-		}
-		// [Optional] If string-to-key usage octet was 253,
-		// a one-octet AEAD algorithm.
-		if pk.s2kType == S2KAEAD {
-			_, err = readFull(r, buf[:])
-			if err != nil {
-				return
-			}
-			pk.aead = AEADMode(buf[0])
-			if !pk.aead.IsSupported() {
-				return errors.UnsupportedError("unsupported aead mode in private key")
-			}
-		}
-
-		// [Optional] Only for a version 6 packet,
-		// and if string-to-key usage octet was 255, 254, or 253,
-		// an one-octet count of the following field.
-		if v6 {
-			_, err = readFull(r, buf[:])
-			if err != nil {
-				return
-			}
-		}
-
-		pk.s2kParams, err = s2k.ParseIntoParams(r)
-		if err != nil {
-			return
-		}
-		if pk.s2kParams.Dummy() {
-			return
-		}
-		if pk.s2kParams.Mode() == s2k.Argon2S2K && pk.s2kType != S2KAEAD {
-			return errors.StructuralError("using Argon2 S2K without AEAD is not allowed")
-		}
-		if pk.s2kParams.Mode() == s2k.SimpleS2K && pk.Version == 6 {
-			return errors.StructuralError("using Simple S2K with version 6 keys is not allowed")
-		}
-		pk.s2k, err = pk.s2kParams.Function()
-		if err != nil {
-			return
-		}
-		pk.Encrypted = true
-	default:
-		return errors.UnsupportedError("deprecated s2k function in private key")
-	}
-
-	if pk.Encrypted {
-		var ivSize int
-		// If the S2K usage octet was 253, the IV is of the size expected by the AEAD mode,
-		// unless it's a version 5 key, in which case it's the size of the symmetric cipher's block size.
-		// For all other S2K modes, it's always the block size.
-		if !v5 && pk.s2kType == S2KAEAD {
-			ivSize = pk.aead.IvLength()
-		} else {
-			ivSize = pk.cipher.blockSize()
-		}
-
-		if ivSize == 0 {
-			return errors.UnsupportedError("unsupported cipher in private key: " + strconv.Itoa(int(pk.cipher)))
-		}
-		pk.iv = make([]byte, ivSize)
-		_, err = readFull(r, pk.iv)
-		if err != nil {
-			return
-		}
-		if v5 && pk.s2kType == S2KAEAD {
-			pk.iv = pk.iv[:pk.aead.IvLength()]
-		}
-	}
-
-	var privateKeyData []byte
-	if v5 {
-		var n [4]byte /* secret material four octet count */
-		_, err = readFull(r, n[:])
-		if err != nil {
-			return
-		}
-		count := uint32(uint32(n[0])<<24 | uint32(n[1])<<16 | uint32(n[2])<<8 | uint32(n[3]))
-		if !pk.Encrypted {
-			count = count + 2 /* two octet checksum */
-		}
-		privateKeyData = make([]byte, count)
-		_, err = readFull(r, privateKeyData)
-		if err != nil {
-			return
-		}
-	} else {
-		privateKeyData, err = io.ReadAll(r)
-		if err != nil {
-			return
-		}
-	}
-	if !pk.Encrypted {
-		if len(privateKeyData) < 2 {
-			return errors.StructuralError("truncated private key data")
-		}
-		if pk.Version != 6 {
-			// checksum
-			var sum uint16
-			for i := 0; i < len(privateKeyData)-2; i++ {
-				sum += uint16(privateKeyData[i])
-			}
-			if privateKeyData[len(privateKeyData)-2] != uint8(sum>>8) ||
-				privateKeyData[len(privateKeyData)-1] != uint8(sum) {
-				return errors.StructuralError("private key checksum failure")
-			}
-			privateKeyData = privateKeyData[:len(privateKeyData)-2]
-			return pk.parsePrivateKey(privateKeyData)
-		} else {
-			// No checksum
-			return pk.parsePrivateKey(privateKeyData)
-		}
-	}
-
-	pk.encryptedData = privateKeyData
-	return
-}
-
-// Dummy returns true if the private key is a dummy key. This is a GNU extension.
-func (pk *PrivateKey) Dummy() bool {
-	return pk.s2kParams.Dummy()
-}
-
-func mod64kHash(d []byte) uint16 {
-	var h uint16
-	for _, b := range d {
-		h += uint16(b)
-	}
-	return h
-}
-
-func (pk *PrivateKey) Serialize(w io.Writer) (err error) {
-	contents := bytes.NewBuffer(nil)
-	err = pk.PublicKey.serializeWithoutHeaders(contents)
-	if err != nil {
-		return
-	}
-	if _, err = contents.Write([]byte{uint8(pk.s2kType)}); err != nil {
-		return
-	}
-
-	optional := bytes.NewBuffer(nil)
-	if pk.Encrypted || pk.Dummy() {
-		// [Optional] If string-to-key usage octet was 255, 254, or 253,
-		// a one-octet symmetric encryption algorithm.
-		if _, err = optional.Write([]byte{uint8(pk.cipher)}); err != nil {
-			return
-		}
-		// [Optional] If string-to-key usage octet was 253,
-		// a one-octet AEAD algorithm.
-		if pk.s2kType == S2KAEAD {
-			if _, err = optional.Write([]byte{uint8(pk.aead)}); err != nil {
-				return
-			}
-		}
-
-		s2kBuffer := bytes.NewBuffer(nil)
-		if err := pk.s2kParams.Serialize(s2kBuffer); err != nil {
-			return err
-		}
-		// [Optional] Only for a version 6 packet, and if string-to-key
-		// usage octet was 255, 254, or 253, an one-octet
-		// count of the following field.
-		if pk.Version == 6 {
-			if _, err = optional.Write([]byte{uint8(s2kBuffer.Len())}); err != nil {
-				return
-			}
-		}
-		// [Optional] If string-to-key usage octet was 255, 254, or 253,
-		// a string-to-key (S2K) specifier. The length of the string-to-key specifier
-		// depends on its type
-		if _, err = io.Copy(optional, s2kBuffer); err != nil {
-			return
-		}
-
-		// IV
-		if pk.Encrypted {
-			if _, err = optional.Write(pk.iv); err != nil {
-				return
-			}
-			if pk.Version == 5 && pk.s2kType == S2KAEAD {
-				// Add padding for version 5
-				padding := make([]byte, pk.cipher.blockSize()-len(pk.iv))
-				if _, err = optional.Write(padding); err != nil {
-					return
-				}
-			}
-		}
-	}
-	if pk.Version == 5 || (pk.Version == 6 && pk.s2kType != S2KNON) {
-		contents.Write([]byte{uint8(optional.Len())})
-	}
-
-	if _, err := io.Copy(contents, optional); err != nil {
-		return err
-	}
-
-	if !pk.Dummy() {
-		l := 0
-		var priv []byte
-		if !pk.Encrypted {
-			buf := bytes.NewBuffer(nil)
-			err = pk.serializePrivateKey(buf)
-			if err != nil {
-				return err
-			}
-			l = buf.Len()
-			if pk.Version != 6 {
-				checksum := mod64kHash(buf.Bytes())
-				buf.Write([]byte{byte(checksum >> 8), byte(checksum)})
-			}
-			priv = buf.Bytes()
-		} else {
-			priv, l = pk.encryptedData, len(pk.encryptedData)
-		}
-
-		if pk.Version == 5 {
-			contents.Write([]byte{byte(l >> 24), byte(l >> 16), byte(l >> 8), byte(l)})
-		}
-		contents.Write(priv)
-	}
-
-	ptype := packetTypePrivateKey
-	if pk.IsSubkey {
-		ptype = packetTypePrivateSubkey
-	}
-	err = serializeHeader(w, ptype, contents.Len())
-	if err != nil {
-		return
-	}
-	_, err = io.Copy(w, contents)
-	if err != nil {
-		return
-	}
-	return
-}
-
-func serializeRSAPrivateKey(w io.Writer, priv *rsa.PrivateKey) error {
-	if _, err := w.Write(new(encoding.MPI).SetBig(priv.D).EncodedBytes()); err != nil {
-		return err
-	}
-	if _, err := w.Write(new(encoding.MPI).SetBig(priv.Primes[1]).EncodedBytes()); err != nil {
-		return err
-	}
-	if _, err := w.Write(new(encoding.MPI).SetBig(priv.Primes[0]).EncodedBytes()); err != nil {
-		return err
-	}
-	_, err := w.Write(new(encoding.MPI).SetBig(priv.Precomputed.Qinv).EncodedBytes())
-	return err
-}
-
-func serializeDSAPrivateKey(w io.Writer, priv *dsa.PrivateKey) error {
-	_, err := w.Write(new(encoding.MPI).SetBig(priv.X).EncodedBytes())
-	return err
-}
-
-func serializeElGamalPrivateKey(w io.Writer, priv *elgamal.PrivateKey) error {
-	_, err := w.Write(new(encoding.MPI).SetBig(priv.X).EncodedBytes())
-	return err
-}
-
-func serializeECDSAPrivateKey(w io.Writer, priv *ecdsa.PrivateKey) error {
-	_, err := w.Write(encoding.NewMPI(priv.MarshalIntegerSecret()).EncodedBytes())
-	return err
-}
-
-func serializeEdDSAPrivateKey(w io.Writer, priv *eddsa.PrivateKey) error {
-	_, err := w.Write(encoding.NewMPI(priv.MarshalByteSecret()).EncodedBytes())
-	return err
-}
-
-func serializeECDHPrivateKey(w io.Writer, priv *ecdh.PrivateKey) error {
-	_, err := w.Write(encoding.NewMPI(priv.MarshalByteSecret()).EncodedBytes())
-	return err
-}
-
-func serializeX25519PrivateKey(w io.Writer, priv *x25519.PrivateKey) error {
-	_, err := w.Write(priv.Secret)
-	return err
-}
-
-func serializeX448PrivateKey(w io.Writer, priv *x448.PrivateKey) error {
-	_, err := w.Write(priv.Secret)
-	return err
-}
-
-func serializeEd25519PrivateKey(w io.Writer, priv *ed25519.PrivateKey) error {
-	_, err := w.Write(priv.MarshalByteSecret())
-	return err
-}
-
-func serializeEd448PrivateKey(w io.Writer, priv *ed448.PrivateKey) error {
-	_, err := w.Write(priv.MarshalByteSecret())
-	return err
-}
-
-// decrypt decrypts an encrypted private key using a decryption key.
-func (pk *PrivateKey) decrypt(decryptionKey []byte) error {
-	if pk.Dummy() {
-		return errors.ErrDummyPrivateKey("dummy key found")
-	}
-	if !pk.Encrypted {
-		return nil
-	}
-	block := pk.cipher.new(decryptionKey)
-	var data []byte
-	switch pk.s2kType {
-	case S2KAEAD:
-		aead := pk.aead.new(block)
-		additionalData, err := pk.additionalData()
-		if err != nil {
-			return err
-		}
-		// Decrypt the encrypted key material with aead
-		data, err = aead.Open(nil, pk.iv, pk.encryptedData, additionalData)
-		if err != nil {
-			return err
-		}
-	case S2KSHA1, S2KCHECKSUM:
-		cfb := cipher.NewCFBDecrypter(block, pk.iv)
-		data = make([]byte, len(pk.encryptedData))
-		cfb.XORKeyStream(data, pk.encryptedData)
-		if pk.s2kType == S2KSHA1 {
-			if len(data) < sha1.Size {
-				return errors.StructuralError("truncated private key data")
-			}
-			h := sha1.New()
-			h.Write(data[:len(data)-sha1.Size])
-			sum := h.Sum(nil)
-			if !bytes.Equal(sum, data[len(data)-sha1.Size:]) {
-				return errors.StructuralError("private key checksum failure")
-			}
-			data = data[:len(data)-sha1.Size]
-		} else {
-			if len(data) < 2 {
-				return errors.StructuralError("truncated private key data")
-			}
-			var sum uint16
-			for i := 0; i < len(data)-2; i++ {
-				sum += uint16(data[i])
-			}
-			if data[len(data)-2] != uint8(sum>>8) ||
-				data[len(data)-1] != uint8(sum) {
-				return errors.StructuralError("private key checksum failure")
-			}
-			data = data[:len(data)-2]
-		}
-	default:
-		return errors.InvalidArgumentError("invalid s2k type")
-	}
-
-	err := pk.parsePrivateKey(data)
-	if _, ok := err.(errors.KeyInvalidError); ok {
-		return errors.KeyInvalidError("invalid key parameters")
-	}
-	if err != nil {
-		return err
-	}
-
-	// Mark key as unencrypted
-	pk.s2kType = S2KNON
-	pk.s2k = nil
-	pk.Encrypted = false
-	pk.encryptedData = nil
-	return nil
-}
-
-func (pk *PrivateKey) decryptWithCache(passphrase []byte, keyCache *s2k.Cache) error {
-	if pk.Dummy() {
-		return errors.ErrDummyPrivateKey("dummy key found")
-	}
-	if !pk.Encrypted {
-		return nil
-	}
-
-	key, err := keyCache.GetOrComputeDerivedKey(passphrase, pk.s2kParams, pk.cipher.KeySize())
-	if err != nil {
-		return err
-	}
-	if pk.s2kType == S2KAEAD {
-		key = pk.applyHKDF(key)
-	}
-	return pk.decrypt(key)
-}
-
-// Decrypt decrypts an encrypted private key using a passphrase.
-func (pk *PrivateKey) Decrypt(passphrase []byte) error {
-	if pk.Dummy() {
-		return errors.ErrDummyPrivateKey("dummy key found")
-	}
-	if !pk.Encrypted {
-		return nil
-	}
-
-	key := make([]byte, pk.cipher.KeySize())
-	pk.s2k(key, passphrase)
-	if pk.s2kType == S2KAEAD {
-		key = pk.applyHKDF(key)
-	}
-	return pk.decrypt(key)
-}
-
-// DecryptPrivateKeys decrypts all encrypted keys with the given config and passphrase.
-// Avoids recomputation of similar s2k key derivations.
-func DecryptPrivateKeys(keys []*PrivateKey, passphrase []byte) error {
-	// Create a cache to avoid recomputation of key derviations for the same passphrase.
-	s2kCache := &s2k.Cache{}
-	for _, key := range keys {
-		if key != nil && !key.Dummy() && key.Encrypted {
-			err := key.decryptWithCache(passphrase, s2kCache)
-			if err != nil {
-				return err
-			}
-		}
-	}
-	return nil
-}
-
-// encrypt encrypts an unencrypted private key.
-func (pk *PrivateKey) encrypt(key []byte, params *s2k.Params, s2kType S2KType, cipherFunction CipherFunction, rand io.Reader) error {
-	if pk.Dummy() {
-		return errors.ErrDummyPrivateKey("dummy key found")
-	}
-	if pk.Encrypted {
-		return nil
-	}
-	// check if encryptionKey has the correct size
-	if len(key) != cipherFunction.KeySize() {
-		return errors.InvalidArgumentError("supplied encryption key has the wrong size")
-	}
-
-	if params.Mode() == s2k.Argon2S2K && s2kType != S2KAEAD {
-		return errors.InvalidArgumentError("using Argon2 S2K without AEAD is not allowed")
-	}
-	if params.Mode() != s2k.Argon2S2K && params.Mode() != s2k.IteratedSaltedS2K &&
-		params.Mode() != s2k.SaltedS2K { // only allowed for high-entropy passphrases
-		return errors.InvalidArgumentError("insecure S2K mode")
-	}
-
-	priv := bytes.NewBuffer(nil)
-	err := pk.serializePrivateKey(priv)
-	if err != nil {
-		return err
-	}
-
-	pk.cipher = cipherFunction
-	pk.s2kParams = params
-	pk.s2k, err = pk.s2kParams.Function()
-	if err != nil {
-		return err
-	}
-
-	privateKeyBytes := priv.Bytes()
-	pk.s2kType = s2kType
-	block := pk.cipher.new(key)
-	switch s2kType {
-	case S2KAEAD:
-		if pk.aead == 0 {
-			return errors.StructuralError("aead mode is not set on key")
-		}
-		aead := pk.aead.new(block)
-		additionalData, err := pk.additionalData()
-		if err != nil {
-			return err
-		}
-		pk.iv = make([]byte, aead.NonceSize())
-		_, err = io.ReadFull(rand, pk.iv)
-		if err != nil {
-			return err
-		}
-		// Decrypt the encrypted key material with aead
-		pk.encryptedData = aead.Seal(nil, pk.iv, privateKeyBytes, additionalData)
-	case S2KSHA1, S2KCHECKSUM:
-		pk.iv = make([]byte, pk.cipher.blockSize())
-		_, err = io.ReadFull(rand, pk.iv)
-		if err != nil {
-			return err
-		}
-		cfb := cipher.NewCFBEncrypter(block, pk.iv)
-		if s2kType == S2KSHA1 {
-			h := sha1.New()
-			h.Write(privateKeyBytes)
-			sum := h.Sum(nil)
-			privateKeyBytes = append(privateKeyBytes, sum...)
-		} else {
-			var sum uint16
-			for _, b := range privateKeyBytes {
-				sum += uint16(b)
-			}
-			privateKeyBytes = append(privateKeyBytes, []byte{uint8(sum >> 8), uint8(sum)}...)
-		}
-		pk.encryptedData = make([]byte, len(privateKeyBytes))
-		cfb.XORKeyStream(pk.encryptedData, privateKeyBytes)
-	default:
-		return errors.InvalidArgumentError("invalid s2k type for encryption")
-	}
-
-	pk.Encrypted = true
-	pk.PrivateKey = nil
-	return err
-}
-
-// EncryptWithConfig encrypts an unencrypted private key using the passphrase and the config.
-func (pk *PrivateKey) EncryptWithConfig(passphrase []byte, config *Config) error {
-	params, err := s2k.Generate(config.Random(), config.S2K())
-	if err != nil {
-		return err
-	}
-	// Derive an encryption key with the configured s2k function.
-	key := make([]byte, config.Cipher().KeySize())
-	s2k, err := params.Function()
-	if err != nil {
-		return err
-	}
-	s2k(key, passphrase)
-	s2kType := S2KSHA1
-	if config.AEAD() != nil {
-		s2kType = S2KAEAD
-		pk.aead = config.AEAD().Mode()
-		pk.cipher = config.Cipher()
-		key = pk.applyHKDF(key)
-	}
-	// Encrypt the private key with the derived encryption key.
-	return pk.encrypt(key, params, s2kType, config.Cipher(), config.Random())
-}
-
-// EncryptPrivateKeys encrypts all unencrypted keys with the given config and passphrase.
-// Only derives one key from the passphrase, which is then used to encrypt each key.
-func EncryptPrivateKeys(keys []*PrivateKey, passphrase []byte, config *Config) error {
-	params, err := s2k.Generate(config.Random(), config.S2K())
-	if err != nil {
-		return err
-	}
-	// Derive an encryption key with the configured s2k function.
-	encryptionKey := make([]byte, config.Cipher().KeySize())
-	s2k, err := params.Function()
-	if err != nil {
-		return err
-	}
-	s2k(encryptionKey, passphrase)
-	for _, key := range keys {
-		if key != nil && !key.Dummy() && !key.Encrypted {
-			s2kType := S2KSHA1
-			if config.AEAD() != nil {
-				s2kType = S2KAEAD
-				key.aead = config.AEAD().Mode()
-				key.cipher = config.Cipher()
-				derivedKey := key.applyHKDF(encryptionKey)
-				err = key.encrypt(derivedKey, params, s2kType, config.Cipher(), config.Random())
-			} else {
-				err = key.encrypt(encryptionKey, params, s2kType, config.Cipher(), config.Random())
-			}
-			if err != nil {
-				return err
-			}
-		}
-	}
-	return nil
-}
-
-// Encrypt encrypts an unencrypted private key using a passphrase.
-func (pk *PrivateKey) Encrypt(passphrase []byte) error {
-	// Default config of private key encryption
-	config := &Config{
-		S2KConfig: &s2k.Config{
-			S2KMode:  s2k.IteratedSaltedS2K,
-			S2KCount: 65536,
-			Hash:     crypto.SHA256,
-		},
-		DefaultCipher: CipherAES256,
-	}
-	return pk.EncryptWithConfig(passphrase, config)
-}
-
-func (pk *PrivateKey) serializePrivateKey(w io.Writer) (err error) {
-	switch priv := pk.PrivateKey.(type) {
-	case *rsa.PrivateKey:
-		err = serializeRSAPrivateKey(w, priv)
-	case *dsa.PrivateKey:
-		err = serializeDSAPrivateKey(w, priv)
-	case *elgamal.PrivateKey:
-		err = serializeElGamalPrivateKey(w, priv)
-	case *ecdsa.PrivateKey:
-		err = serializeECDSAPrivateKey(w, priv)
-	case *eddsa.PrivateKey:
-		err = serializeEdDSAPrivateKey(w, priv)
-	case *ecdh.PrivateKey:
-		err = serializeECDHPrivateKey(w, priv)
-	case *x25519.PrivateKey:
-		err = serializeX25519PrivateKey(w, priv)
-	case *x448.PrivateKey:
-		err = serializeX448PrivateKey(w, priv)
-	case *ed25519.PrivateKey:
-		err = serializeEd25519PrivateKey(w, priv)
-	case *ed448.PrivateKey:
-		err = serializeEd448PrivateKey(w, priv)
-	default:
-		err = errors.InvalidArgumentError("unknown private key type")
-	}
-	return
-}
-
-func (pk *PrivateKey) parsePrivateKey(data []byte) (err error) {
-	switch pk.PublicKey.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoRSAEncryptOnly:
-		return pk.parseRSAPrivateKey(data)
-	case PubKeyAlgoDSA:
-		return pk.parseDSAPrivateKey(data)
-	case PubKeyAlgoElGamal:
-		return pk.parseElGamalPrivateKey(data)
-	case PubKeyAlgoECDSA:
-		return pk.parseECDSAPrivateKey(data)
-	case PubKeyAlgoECDH:
-		return pk.parseECDHPrivateKey(data)
-	case PubKeyAlgoEdDSA:
-		return pk.parseEdDSAPrivateKey(data)
-	case PubKeyAlgoX25519:
-		return pk.parseX25519PrivateKey(data)
-	case PubKeyAlgoX448:
-		return pk.parseX448PrivateKey(data)
-	case PubKeyAlgoEd25519:
-		return pk.parseEd25519PrivateKey(data)
-	case PubKeyAlgoEd448:
-		return pk.parseEd448PrivateKey(data)
-	default:
-		err = errors.StructuralError("unknown private key type")
-		return
-	}
-}
-
-func (pk *PrivateKey) parseRSAPrivateKey(data []byte) (err error) {
-	rsaPub := pk.PublicKey.PublicKey.(*rsa.PublicKey)
-	rsaPriv := new(rsa.PrivateKey)
-	rsaPriv.PublicKey = *rsaPub
-
-	buf := bytes.NewBuffer(data)
-	d := new(encoding.MPI)
-	if _, err := d.ReadFrom(buf); err != nil {
-		return err
-	}
-
-	p := new(encoding.MPI)
-	if _, err := p.ReadFrom(buf); err != nil {
-		return err
-	}
-
-	q := new(encoding.MPI)
-	if _, err := q.ReadFrom(buf); err != nil {
-		return err
-	}
-
-	rsaPriv.D = new(big.Int).SetBytes(d.Bytes())
-	rsaPriv.Primes = make([]*big.Int, 2)
-	rsaPriv.Primes[0] = new(big.Int).SetBytes(p.Bytes())
-	rsaPriv.Primes[1] = new(big.Int).SetBytes(q.Bytes())
-	if err := rsaPriv.Validate(); err != nil {
-		return errors.KeyInvalidError(err.Error())
-	}
-	rsaPriv.Precompute()
-	pk.PrivateKey = rsaPriv
-
-	return nil
-}
-
-func (pk *PrivateKey) parseDSAPrivateKey(data []byte) (err error) {
-	dsaPub := pk.PublicKey.PublicKey.(*dsa.PublicKey)
-	dsaPriv := new(dsa.PrivateKey)
-	dsaPriv.PublicKey = *dsaPub
-
-	buf := bytes.NewBuffer(data)
-	x := new(encoding.MPI)
-	if _, err := x.ReadFrom(buf); err != nil {
-		return err
-	}
-
-	dsaPriv.X = new(big.Int).SetBytes(x.Bytes())
-	if err := validateDSAParameters(dsaPriv); err != nil {
-		return err
-	}
-	pk.PrivateKey = dsaPriv
-
-	return nil
-}
-
-func (pk *PrivateKey) parseElGamalPrivateKey(data []byte) (err error) {
-	pub := pk.PublicKey.PublicKey.(*elgamal.PublicKey)
-	priv := new(elgamal.PrivateKey)
-	priv.PublicKey = *pub
-
-	buf := bytes.NewBuffer(data)
-	x := new(encoding.MPI)
-	if _, err := x.ReadFrom(buf); err != nil {
-		return err
-	}
-
-	priv.X = new(big.Int).SetBytes(x.Bytes())
-	if err := validateElGamalParameters(priv); err != nil {
-		return err
-	}
-	pk.PrivateKey = priv
-
-	return nil
-}
-
-func (pk *PrivateKey) parseECDSAPrivateKey(data []byte) (err error) {
-	ecdsaPub := pk.PublicKey.PublicKey.(*ecdsa.PublicKey)
-	ecdsaPriv := ecdsa.NewPrivateKey(*ecdsaPub)
-
-	buf := bytes.NewBuffer(data)
-	d := new(encoding.MPI)
-	if _, err := d.ReadFrom(buf); err != nil {
-		return err
-	}
-
-	if err := ecdsaPriv.UnmarshalIntegerSecret(d.Bytes()); err != nil {
-		return err
-	}
-	if err := ecdsa.Validate(ecdsaPriv); err != nil {
-		return err
-	}
-	pk.PrivateKey = ecdsaPriv
-
-	return nil
-}
-
-func (pk *PrivateKey) parseECDHPrivateKey(data []byte) (err error) {
-	ecdhPub := pk.PublicKey.PublicKey.(*ecdh.PublicKey)
-	ecdhPriv := ecdh.NewPrivateKey(*ecdhPub)
-
-	buf := bytes.NewBuffer(data)
-	d := new(encoding.MPI)
-	if _, err := d.ReadFrom(buf); err != nil {
-		return err
-	}
-
-	if err := ecdhPriv.UnmarshalByteSecret(d.Bytes()); err != nil {
-		return err
-	}
-
-	if err := ecdh.Validate(ecdhPriv); err != nil {
-		return err
-	}
-
-	pk.PrivateKey = ecdhPriv
-
-	return nil
-}
-
-func (pk *PrivateKey) parseX25519PrivateKey(data []byte) (err error) {
-	publicKey := pk.PublicKey.PublicKey.(*x25519.PublicKey)
-	privateKey := x25519.NewPrivateKey(*publicKey)
-	privateKey.PublicKey = *publicKey
-
-	privateKey.Secret = make([]byte, x25519.KeySize)
-
-	if len(data) != x25519.KeySize {
-		err = errors.StructuralError("wrong x25519 key size")
-		return err
-	}
-	subtle.ConstantTimeCopy(1, privateKey.Secret, data)
-	if err = x25519.Validate(privateKey); err != nil {
-		return err
-	}
-	pk.PrivateKey = privateKey
-	return nil
-}
-
-func (pk *PrivateKey) parseX448PrivateKey(data []byte) (err error) {
-	publicKey := pk.PublicKey.PublicKey.(*x448.PublicKey)
-	privateKey := x448.NewPrivateKey(*publicKey)
-	privateKey.PublicKey = *publicKey
-
-	privateKey.Secret = make([]byte, x448.KeySize)
-
-	if len(data) != x448.KeySize {
-		err = errors.StructuralError("wrong x448 key size")
-		return err
-	}
-	subtle.ConstantTimeCopy(1, privateKey.Secret, data)
-	if err = x448.Validate(privateKey); err != nil {
-		return err
-	}
-	pk.PrivateKey = privateKey
-	return nil
-}
-
-func (pk *PrivateKey) parseEd25519PrivateKey(data []byte) (err error) {
-	publicKey := pk.PublicKey.PublicKey.(*ed25519.PublicKey)
-	privateKey := ed25519.NewPrivateKey(*publicKey)
-	privateKey.PublicKey = *publicKey
-
-	if len(data) != ed25519.SeedSize {
-		err = errors.StructuralError("wrong ed25519 key size")
-		return err
-	}
-	err = privateKey.UnmarshalByteSecret(data)
-	if err != nil {
-		return err
-	}
-	err = ed25519.Validate(privateKey)
-	if err != nil {
-		return err
-	}
-	pk.PrivateKey = privateKey
-	return nil
-}
-
-func (pk *PrivateKey) parseEd448PrivateKey(data []byte) (err error) {
-	publicKey := pk.PublicKey.PublicKey.(*ed448.PublicKey)
-	privateKey := ed448.NewPrivateKey(*publicKey)
-	privateKey.PublicKey = *publicKey
-
-	if len(data) != ed448.SeedSize {
-		err = errors.StructuralError("wrong ed448 key size")
-		return err
-	}
-	err = privateKey.UnmarshalByteSecret(data)
-	if err != nil {
-		return err
-	}
-	err = ed448.Validate(privateKey)
-	if err != nil {
-		return err
-	}
-	pk.PrivateKey = privateKey
-	return nil
-}
-
-func (pk *PrivateKey) parseEdDSAPrivateKey(data []byte) (err error) {
-	eddsaPub := pk.PublicKey.PublicKey.(*eddsa.PublicKey)
-	eddsaPriv := eddsa.NewPrivateKey(*eddsaPub)
-	eddsaPriv.PublicKey = *eddsaPub
-
-	buf := bytes.NewBuffer(data)
-	d := new(encoding.MPI)
-	if _, err := d.ReadFrom(buf); err != nil {
-		return err
-	}
-
-	if err = eddsaPriv.UnmarshalByteSecret(d.Bytes()); err != nil {
-		return err
-	}
-
-	if err := eddsa.Validate(eddsaPriv); err != nil {
-		return err
-	}
-
-	pk.PrivateKey = eddsaPriv
-
-	return nil
-}
-
-func (pk *PrivateKey) additionalData() ([]byte, error) {
-	additionalData := bytes.NewBuffer(nil)
-	// Write additional data prefix based on packet type
-	var packetByte byte
-	if pk.PublicKey.IsSubkey {
-		packetByte = 0xc7
-	} else {
-		packetByte = 0xc5
-	}
-	// Write public key to additional data
-	_, err := additionalData.Write([]byte{packetByte})
-	if err != nil {
-		return nil, err
-	}
-	err = pk.PublicKey.serializeWithoutHeaders(additionalData)
-	if err != nil {
-		return nil, err
-	}
-	return additionalData.Bytes(), nil
-}
-
-func (pk *PrivateKey) applyHKDF(inputKey []byte) []byte {
-	var packetByte byte
-	if pk.PublicKey.IsSubkey {
-		packetByte = 0xc7
-	} else {
-		packetByte = 0xc5
-	}
-	associatedData := []byte{packetByte, byte(pk.Version), byte(pk.cipher), byte(pk.aead)}
-	hkdfReader := hkdf.New(sha256.New, inputKey, []byte{}, associatedData)
-	encryptionKey := make([]byte, pk.cipher.KeySize())
-	_, _ = readFull(hkdfReader, encryptionKey)
-	return encryptionKey
-}
-
-func validateDSAParameters(priv *dsa.PrivateKey) error {
-	p := priv.P // group prime
-	q := priv.Q // subgroup order
-	g := priv.G // g has order q mod p
-	x := priv.X // secret
-	y := priv.Y // y == g**x mod p
-	one := big.NewInt(1)
-	// expect g, y >= 2 and g < p
-	if g.Cmp(one) <= 0 || y.Cmp(one) <= 0 || g.Cmp(p) > 0 {
-		return errors.KeyInvalidError("dsa: invalid group")
-	}
-	// expect p > q
-	if p.Cmp(q) <= 0 {
-		return errors.KeyInvalidError("dsa: invalid group prime")
-	}
-	// q should be large enough and divide p-1
-	pSub1 := new(big.Int).Sub(p, one)
-	if q.BitLen() < 150 || new(big.Int).Mod(pSub1, q).Cmp(big.NewInt(0)) != 0 {
-		return errors.KeyInvalidError("dsa: invalid order")
-	}
-	// confirm that g has order q mod p
-	if !q.ProbablyPrime(32) || new(big.Int).Exp(g, q, p).Cmp(one) != 0 {
-		return errors.KeyInvalidError("dsa: invalid order")
-	}
-	// check y
-	if new(big.Int).Exp(g, x, p).Cmp(y) != 0 {
-		return errors.KeyInvalidError("dsa: mismatching values")
-	}
-
-	return nil
-}
-
-func validateElGamalParameters(priv *elgamal.PrivateKey) error {
-	p := priv.P // group prime
-	g := priv.G // g has order p-1 mod p
-	x := priv.X // secret
-	y := priv.Y // y == g**x mod p
-	one := big.NewInt(1)
-	// Expect g, y >= 2 and g < p
-	if g.Cmp(one) <= 0 || y.Cmp(one) <= 0 || g.Cmp(p) > 0 {
-		return errors.KeyInvalidError("elgamal: invalid group")
-	}
-	if p.BitLen() < 1024 {
-		return errors.KeyInvalidError("elgamal: group order too small")
-	}
-	pSub1 := new(big.Int).Sub(p, one)
-	if new(big.Int).Exp(g, pSub1, p).Cmp(one) != 0 {
-		return errors.KeyInvalidError("elgamal: invalid group")
-	}
-	// Since p-1 is not prime, g might have a smaller order that divides p-1.
-	// We cannot confirm the exact order of g, but we make sure it is not too small.
-	gExpI := new(big.Int).Set(g)
-	i := 1
-	threshold := 2 << 17 // we want order > threshold
-	for i < threshold {
-		i++ // we check every order to make sure key validation is not easily bypassed by guessing y'
-		gExpI.Mod(new(big.Int).Mul(gExpI, g), p)
-		if gExpI.Cmp(one) == 0 {
-			return errors.KeyInvalidError("elgamal: order too small")
-		}
-	}
-	// Check y
-	if new(big.Int).Exp(g, x, p).Cmp(y) != 0 {
-		return errors.KeyInvalidError("elgamal: mismatching values")
-	}
-
-	return nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key_test_data.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key_test_data.go
deleted file mode 100644
index 029b8f1aab..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key_test_data.go
+++ /dev/null
@@ -1,12 +0,0 @@
-package packet
-
-// Generated with `gpg --export-secret-keys "Test Key 2"`
-const privKeyRSAHex = "9501fe044cc349a8010400b70ca0010e98c090008d45d1ee8f9113bd5861fd57b88bacb7c68658747663f1e1a3b5a98f32fda6472373c024b97359cd2efc88ff60f77751adfbf6af5e615e6a1408cfad8bf0cea30b0d5f53aa27ad59089ba9b15b7ebc2777a25d7b436144027e3bcd203909f147d0e332b240cf63d3395f5dfe0df0a6c04e8655af7eacdf0011010001fe0303024a252e7d475fd445607de39a265472aa74a9320ba2dac395faa687e9e0336aeb7e9a7397e511b5afd9dc84557c80ac0f3d4d7bfec5ae16f20d41c8c84a04552a33870b930420e230e179564f6d19bb153145e76c33ae993886c388832b0fa042ddda7f133924f3854481533e0ede31d51278c0519b29abc3bf53da673e13e3e1214b52413d179d7f66deee35cac8eacb060f78379d70ef4af8607e68131ff529439668fc39c9ce6dfef8a5ac234d234802cbfb749a26107db26406213ae5c06d4673253a3cbee1fcbae58d6ab77e38d6e2c0e7c6317c48e054edadb5a40d0d48acb44643d998139a8a66bb820be1f3f80185bc777d14b5954b60effe2448a036d565c6bc0b915fcea518acdd20ab07bc1529f561c58cd044f723109b93f6fd99f876ff891d64306b5d08f48bab59f38695e9109c4dec34013ba3153488ce070268381ba923ee1eb77125b36afcb4347ec3478c8f2735b06ef17351d872e577fa95d0c397c88c71b59629a36aec"
-
-// Generated by `gpg --export-secret-keys` followed by a manual extraction of
-// the ElGamal subkey from the packets.
-const privKeyElGamalHex = "9d0157044df9ee1a100400eb8e136a58ec39b582629cdadf830bc64e0a94ed8103ca8bb247b27b11b46d1d25297ef4bcc3071785ba0c0bedfe89eabc5287fcc0edf81ab5896c1c8e4b20d27d79813c7aede75320b33eaeeaa586edc00fd1036c10133e6ba0ff277245d0d59d04b2b3421b7244aca5f4a8d870c6f1c1fbff9e1c26699a860b9504f35ca1d700030503fd1ededd3b840795be6d9ccbe3c51ee42e2f39233c432b831ddd9c4e72b7025a819317e47bf94f9ee316d7273b05d5fcf2999c3a681f519b1234bbfa6d359b4752bd9c3f77d6b6456cde152464763414ca130f4e91d91041432f90620fec0e6d6b5116076c2985d5aeaae13be492b9b329efcaf7ee25120159a0a30cd976b42d7afe030302dae7eb80db744d4960c4df930d57e87fe81412eaace9f900e6c839817a614ddb75ba6603b9417c33ea7b6c93967dfa2bcff3fa3c74a5ce2c962db65b03aece14c96cbd0038fc"
-
-// pkcs1PrivKeyHex is a PKCS#1, RSA private key.
-// Generated by `openssl genrsa 1024 | openssl rsa -outform DER  | xxd -p`
-const pkcs1PrivKeyHex = "3082025d02010002818100e98edfa1c3b35884a54d0b36a6a603b0290fa85e49e30fa23fc94fef9c6790bc4849928607aa48d809da326fb42a969d06ad756b98b9c1a90f5d4a2b6d0ac05953c97f4da3120164a21a679793ce181c906dc01d235cc085ddcdf6ea06c389b6ab8885dfd685959e693138856a68a7e5db263337ff82a088d583a897cf2d59e9020301000102818100b6d5c9eb70b02d5369b3ee5b520a14490b5bde8a317d36f7e4c74b7460141311d1e5067735f8f01d6f5908b2b96fbd881f7a1ab9a84d82753e39e19e2d36856be960d05ac9ef8e8782ea1b6d65aee28fdfe1d61451e8cff0adfe84322f12cf455028b581cf60eb9e0e140ba5d21aeba6c2634d7c65318b9a665fc01c3191ca21024100fa5e818da3705b0fa33278bb28d4b6f6050388af2d4b75ec9375dd91ccf2e7d7068086a8b82a8f6282e4fbbdb8a7f2622eb97295249d87acea7f5f816f54d347024100eecf9406d7dc49cdfb95ab1eff4064de84c7a30f64b2798936a0d2018ba9eb52e4b636f82e96c49cc63b80b675e91e40d1b2e4017d4b9adaf33ab3d9cf1c214f024100c173704ace742c082323066226a4655226819a85304c542b9dacbeacbf5d1881ee863485fcf6f59f3a604f9b42289282067447f2b13dfeed3eab7851fc81e0550240741fc41f3fc002b382eed8730e33c5d8de40256e4accee846667f536832f711ab1d4590e7db91a8a116ac5bff3be13d3f9243ff2e976662aa9b395d907f8e9c9024046a5696c9ef882363e06c9fa4e2f5b580906452befba03f4a99d0f873697ef1f851d2226ca7934b30b7c3e80cb634a67172bbbf4781735fe3e09263e2dd723e7"
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key.go
deleted file mode 100644
index f8da781bbe..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key.go
+++ /dev/null
@@ -1,1120 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"crypto/dsa"
-	"crypto/rsa"
-	"crypto/sha1"
-	"crypto/sha256"
-	_ "crypto/sha512"
-	"encoding/binary"
-	"fmt"
-	"hash"
-	"io"
-	"math/big"
-	"strconv"
-	"time"
-
-	"github.com/ProtonMail/go-crypto/openpgp/ecdh"
-	"github.com/ProtonMail/go-crypto/openpgp/ecdsa"
-	"github.com/ProtonMail/go-crypto/openpgp/ed25519"
-	"github.com/ProtonMail/go-crypto/openpgp/ed448"
-	"github.com/ProtonMail/go-crypto/openpgp/eddsa"
-	"github.com/ProtonMail/go-crypto/openpgp/elgamal"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/ecc"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
-	"github.com/ProtonMail/go-crypto/openpgp/x25519"
-	"github.com/ProtonMail/go-crypto/openpgp/x448"
-)
-
-// PublicKey represents an OpenPGP public key. See RFC 4880, section 5.5.2.
-type PublicKey struct {
-	Version      int
-	CreationTime time.Time
-	PubKeyAlgo   PublicKeyAlgorithm
-	PublicKey    interface{} // *rsa.PublicKey, *dsa.PublicKey, *ecdsa.PublicKey or *eddsa.PublicKey, *x25519.PublicKey, *x448.PublicKey, *ed25519.PublicKey, *ed448.PublicKey
-	Fingerprint  []byte
-	KeyId        uint64
-	IsSubkey     bool
-
-	// RFC 4880 fields
-	n, e, p, q, g, y encoding.Field
-
-	// RFC 6637 fields
-	// oid contains the OID byte sequence identifying the elliptic curve used
-	oid encoding.Field
-
-	// kdf stores key derivation function parameters
-	// used for ECDH encryption. See RFC 6637, Section 9.
-	kdf encoding.Field
-}
-
-// UpgradeToV5 updates the version of the key to v5, and updates all necessary
-// fields.
-func (pk *PublicKey) UpgradeToV5() {
-	pk.Version = 5
-	pk.setFingerprintAndKeyId()
-}
-
-// UpgradeToV6 updates the version of the key to v6, and updates all necessary
-// fields.
-func (pk *PublicKey) UpgradeToV6() error {
-	pk.Version = 6
-	pk.setFingerprintAndKeyId()
-	return pk.checkV6Compatibility()
-}
-
-// signingKey provides a convenient abstraction over signature verification
-// for v3 and v4 public keys.
-type signingKey interface {
-	SerializeForHash(io.Writer) error
-	SerializeSignaturePrefix(io.Writer) error
-	serializeWithoutHeaders(io.Writer) error
-}
-
-// NewRSAPublicKey returns a PublicKey that wraps the given rsa.PublicKey.
-func NewRSAPublicKey(creationTime time.Time, pub *rsa.PublicKey) *PublicKey {
-	pk := &PublicKey{
-		Version:      4,
-		CreationTime: creationTime,
-		PubKeyAlgo:   PubKeyAlgoRSA,
-		PublicKey:    pub,
-		n:            new(encoding.MPI).SetBig(pub.N),
-		e:            new(encoding.MPI).SetBig(big.NewInt(int64(pub.E))),
-	}
-
-	pk.setFingerprintAndKeyId()
-	return pk
-}
-
-// NewDSAPublicKey returns a PublicKey that wraps the given dsa.PublicKey.
-func NewDSAPublicKey(creationTime time.Time, pub *dsa.PublicKey) *PublicKey {
-	pk := &PublicKey{
-		Version:      4,
-		CreationTime: creationTime,
-		PubKeyAlgo:   PubKeyAlgoDSA,
-		PublicKey:    pub,
-		p:            new(encoding.MPI).SetBig(pub.P),
-		q:            new(encoding.MPI).SetBig(pub.Q),
-		g:            new(encoding.MPI).SetBig(pub.G),
-		y:            new(encoding.MPI).SetBig(pub.Y),
-	}
-
-	pk.setFingerprintAndKeyId()
-	return pk
-}
-
-// NewElGamalPublicKey returns a PublicKey that wraps the given elgamal.PublicKey.
-func NewElGamalPublicKey(creationTime time.Time, pub *elgamal.PublicKey) *PublicKey {
-	pk := &PublicKey{
-		Version:      4,
-		CreationTime: creationTime,
-		PubKeyAlgo:   PubKeyAlgoElGamal,
-		PublicKey:    pub,
-		p:            new(encoding.MPI).SetBig(pub.P),
-		g:            new(encoding.MPI).SetBig(pub.G),
-		y:            new(encoding.MPI).SetBig(pub.Y),
-	}
-
-	pk.setFingerprintAndKeyId()
-	return pk
-}
-
-func NewECDSAPublicKey(creationTime time.Time, pub *ecdsa.PublicKey) *PublicKey {
-	pk := &PublicKey{
-		Version:      4,
-		CreationTime: creationTime,
-		PubKeyAlgo:   PubKeyAlgoECDSA,
-		PublicKey:    pub,
-		p:            encoding.NewMPI(pub.MarshalPoint()),
-	}
-
-	curveInfo := ecc.FindByCurve(pub.GetCurve())
-	if curveInfo == nil {
-		panic("unknown elliptic curve")
-	}
-	pk.oid = curveInfo.Oid
-	pk.setFingerprintAndKeyId()
-	return pk
-}
-
-func NewECDHPublicKey(creationTime time.Time, pub *ecdh.PublicKey) *PublicKey {
-	var pk *PublicKey
-	var kdf = encoding.NewOID([]byte{0x1, pub.Hash.Id(), pub.Cipher.Id()})
-	pk = &PublicKey{
-		Version:      4,
-		CreationTime: creationTime,
-		PubKeyAlgo:   PubKeyAlgoECDH,
-		PublicKey:    pub,
-		p:            encoding.NewMPI(pub.MarshalPoint()),
-		kdf:          kdf,
-	}
-
-	curveInfo := ecc.FindByCurve(pub.GetCurve())
-
-	if curveInfo == nil {
-		panic("unknown elliptic curve")
-	}
-
-	pk.oid = curveInfo.Oid
-	pk.setFingerprintAndKeyId()
-	return pk
-}
-
-func NewEdDSAPublicKey(creationTime time.Time, pub *eddsa.PublicKey) *PublicKey {
-	curveInfo := ecc.FindByCurve(pub.GetCurve())
-	pk := &PublicKey{
-		Version:      4,
-		CreationTime: creationTime,
-		PubKeyAlgo:   PubKeyAlgoEdDSA,
-		PublicKey:    pub,
-		oid:          curveInfo.Oid,
-		// Native point format, see draft-koch-eddsa-for-openpgp-04, Appendix B
-		p: encoding.NewMPI(pub.MarshalPoint()),
-	}
-
-	pk.setFingerprintAndKeyId()
-	return pk
-}
-
-func NewX25519PublicKey(creationTime time.Time, pub *x25519.PublicKey) *PublicKey {
-	pk := &PublicKey{
-		Version:      4,
-		CreationTime: creationTime,
-		PubKeyAlgo:   PubKeyAlgoX25519,
-		PublicKey:    pub,
-	}
-
-	pk.setFingerprintAndKeyId()
-	return pk
-}
-
-func NewX448PublicKey(creationTime time.Time, pub *x448.PublicKey) *PublicKey {
-	pk := &PublicKey{
-		Version:      4,
-		CreationTime: creationTime,
-		PubKeyAlgo:   PubKeyAlgoX448,
-		PublicKey:    pub,
-	}
-
-	pk.setFingerprintAndKeyId()
-	return pk
-}
-
-func NewEd25519PublicKey(creationTime time.Time, pub *ed25519.PublicKey) *PublicKey {
-	pk := &PublicKey{
-		Version:      4,
-		CreationTime: creationTime,
-		PubKeyAlgo:   PubKeyAlgoEd25519,
-		PublicKey:    pub,
-	}
-
-	pk.setFingerprintAndKeyId()
-	return pk
-}
-
-func NewEd448PublicKey(creationTime time.Time, pub *ed448.PublicKey) *PublicKey {
-	pk := &PublicKey{
-		Version:      4,
-		CreationTime: creationTime,
-		PubKeyAlgo:   PubKeyAlgoEd448,
-		PublicKey:    pub,
-	}
-
-	pk.setFingerprintAndKeyId()
-	return pk
-}
-
-func (pk *PublicKey) parse(r io.Reader) (err error) {
-	// RFC 4880, section 5.5.2
-	var buf [6]byte
-	_, err = readFull(r, buf[:])
-	if err != nil {
-		return
-	}
-
-	pk.Version = int(buf[0])
-	if pk.Version != 4 && pk.Version != 5 && pk.Version != 6 {
-		return errors.UnsupportedError("public key version " + strconv.Itoa(int(buf[0])))
-	}
-
-	if V5Disabled && pk.Version == 5 {
-		return errors.UnsupportedError("support for parsing v5 entities is disabled; build with `-tags v5` if needed")
-	}
-
-	if pk.Version >= 5 {
-		// Read the four-octet scalar octet count
-		// The count is not used in this implementation
-		var n [4]byte
-		_, err = readFull(r, n[:])
-		if err != nil {
-			return
-		}
-	}
-	pk.CreationTime = time.Unix(int64(uint32(buf[1])<<24|uint32(buf[2])<<16|uint32(buf[3])<<8|uint32(buf[4])), 0)
-	pk.PubKeyAlgo = PublicKeyAlgorithm(buf[5])
-	// Ignore four-ocet length
-	switch pk.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly:
-		err = pk.parseRSA(r)
-	case PubKeyAlgoDSA:
-		err = pk.parseDSA(r)
-	case PubKeyAlgoElGamal:
-		err = pk.parseElGamal(r)
-	case PubKeyAlgoECDSA:
-		err = pk.parseECDSA(r)
-	case PubKeyAlgoECDH:
-		err = pk.parseECDH(r)
-	case PubKeyAlgoEdDSA:
-		err = pk.parseEdDSA(r)
-	case PubKeyAlgoX25519:
-		err = pk.parseX25519(r)
-	case PubKeyAlgoX448:
-		err = pk.parseX448(r)
-	case PubKeyAlgoEd25519:
-		err = pk.parseEd25519(r)
-	case PubKeyAlgoEd448:
-		err = pk.parseEd448(r)
-	default:
-		err = errors.UnsupportedError("public key type: " + strconv.Itoa(int(pk.PubKeyAlgo)))
-	}
-	if err != nil {
-		return
-	}
-
-	pk.setFingerprintAndKeyId()
-	return
-}
-
-func (pk *PublicKey) setFingerprintAndKeyId() {
-	// RFC 4880, section 12.2
-	if pk.Version >= 5 {
-		fingerprint := sha256.New()
-		if err := pk.SerializeForHash(fingerprint); err != nil {
-			// Should not happen for a hash.
-			panic(err)
-		}
-		pk.Fingerprint = make([]byte, 32)
-		copy(pk.Fingerprint, fingerprint.Sum(nil))
-		pk.KeyId = binary.BigEndian.Uint64(pk.Fingerprint[:8])
-	} else {
-		fingerprint := sha1.New()
-		if err := pk.SerializeForHash(fingerprint); err != nil {
-			// Should not happen for a hash.
-			panic(err)
-		}
-		pk.Fingerprint = make([]byte, 20)
-		copy(pk.Fingerprint, fingerprint.Sum(nil))
-		pk.KeyId = binary.BigEndian.Uint64(pk.Fingerprint[12:20])
-	}
-}
-
-func (pk *PublicKey) checkV6Compatibility() error {
-	// Implementations MUST NOT accept or generate version 6 key material using the deprecated OIDs.
-	switch pk.PubKeyAlgo {
-	case PubKeyAlgoECDH:
-		curveInfo := ecc.FindByOid(pk.oid)
-		if curveInfo == nil {
-			return errors.UnsupportedError(fmt.Sprintf("unknown oid: %x", pk.oid))
-		}
-		if curveInfo.GenName == ecc.Curve25519GenName {
-			return errors.StructuralError("cannot generate v6 key with deprecated OID: Curve25519Legacy")
-		}
-	case PubKeyAlgoEdDSA:
-		return errors.StructuralError("cannot generate v6 key with deprecated algorithm: EdDSALegacy")
-	}
-	return nil
-}
-
-// parseRSA parses RSA public key material from the given Reader. See RFC 4880,
-// section 5.5.2.
-func (pk *PublicKey) parseRSA(r io.Reader) (err error) {
-	pk.n = new(encoding.MPI)
-	if _, err = pk.n.ReadFrom(r); err != nil {
-		return
-	}
-	pk.e = new(encoding.MPI)
-	if _, err = pk.e.ReadFrom(r); err != nil {
-		return
-	}
-
-	if len(pk.e.Bytes()) > 3 {
-		err = errors.UnsupportedError("large public exponent")
-		return
-	}
-	rsa := &rsa.PublicKey{
-		N: new(big.Int).SetBytes(pk.n.Bytes()),
-		E: 0,
-	}
-	for i := 0; i < len(pk.e.Bytes()); i++ {
-		rsa.E <<= 8
-		rsa.E |= int(pk.e.Bytes()[i])
-	}
-	pk.PublicKey = rsa
-	return
-}
-
-// parseDSA parses DSA public key material from the given Reader. See RFC 4880,
-// section 5.5.2.
-func (pk *PublicKey) parseDSA(r io.Reader) (err error) {
-	pk.p = new(encoding.MPI)
-	if _, err = pk.p.ReadFrom(r); err != nil {
-		return
-	}
-	pk.q = new(encoding.MPI)
-	if _, err = pk.q.ReadFrom(r); err != nil {
-		return
-	}
-	pk.g = new(encoding.MPI)
-	if _, err = pk.g.ReadFrom(r); err != nil {
-		return
-	}
-	pk.y = new(encoding.MPI)
-	if _, err = pk.y.ReadFrom(r); err != nil {
-		return
-	}
-
-	dsa := new(dsa.PublicKey)
-	dsa.P = new(big.Int).SetBytes(pk.p.Bytes())
-	dsa.Q = new(big.Int).SetBytes(pk.q.Bytes())
-	dsa.G = new(big.Int).SetBytes(pk.g.Bytes())
-	dsa.Y = new(big.Int).SetBytes(pk.y.Bytes())
-	pk.PublicKey = dsa
-	return
-}
-
-// parseElGamal parses ElGamal public key material from the given Reader. See
-// RFC 4880, section 5.5.2.
-func (pk *PublicKey) parseElGamal(r io.Reader) (err error) {
-	pk.p = new(encoding.MPI)
-	if _, err = pk.p.ReadFrom(r); err != nil {
-		return
-	}
-	pk.g = new(encoding.MPI)
-	if _, err = pk.g.ReadFrom(r); err != nil {
-		return
-	}
-	pk.y = new(encoding.MPI)
-	if _, err = pk.y.ReadFrom(r); err != nil {
-		return
-	}
-
-	elgamal := new(elgamal.PublicKey)
-	elgamal.P = new(big.Int).SetBytes(pk.p.Bytes())
-	elgamal.G = new(big.Int).SetBytes(pk.g.Bytes())
-	elgamal.Y = new(big.Int).SetBytes(pk.y.Bytes())
-	pk.PublicKey = elgamal
-	return
-}
-
-// parseECDSA parses ECDSA public key material from the given Reader. See
-// RFC 6637, Section 9.
-func (pk *PublicKey) parseECDSA(r io.Reader) (err error) {
-	pk.oid = new(encoding.OID)
-	if _, err = pk.oid.ReadFrom(r); err != nil {
-		return
-	}
-
-	curveInfo := ecc.FindByOid(pk.oid)
-	if curveInfo == nil {
-		return errors.UnsupportedError(fmt.Sprintf("unknown oid: %x", pk.oid))
-	}
-
-	pk.p = new(encoding.MPI)
-	if _, err = pk.p.ReadFrom(r); err != nil {
-		return
-	}
-
-	c, ok := curveInfo.Curve.(ecc.ECDSACurve)
-	if !ok {
-		return errors.UnsupportedError(fmt.Sprintf("unsupported oid: %x", pk.oid))
-	}
-
-	ecdsaKey := ecdsa.NewPublicKey(c)
-	err = ecdsaKey.UnmarshalPoint(pk.p.Bytes())
-	pk.PublicKey = ecdsaKey
-
-	return
-}
-
-// parseECDH parses ECDH public key material from the given Reader. See
-// RFC 6637, Section 9.
-func (pk *PublicKey) parseECDH(r io.Reader) (err error) {
-	pk.oid = new(encoding.OID)
-	if _, err = pk.oid.ReadFrom(r); err != nil {
-		return
-	}
-
-	curveInfo := ecc.FindByOid(pk.oid)
-	if curveInfo == nil {
-		return errors.UnsupportedError(fmt.Sprintf("unknown oid: %x", pk.oid))
-	}
-
-	if pk.Version == 6 && curveInfo.GenName == ecc.Curve25519GenName {
-		// Implementations MUST NOT accept or generate version 6 key material using the deprecated OIDs.
-		return errors.StructuralError("cannot read v6 key with deprecated OID: Curve25519Legacy")
-	}
-
-	pk.p = new(encoding.MPI)
-	if _, err = pk.p.ReadFrom(r); err != nil {
-		return
-	}
-	pk.kdf = new(encoding.OID)
-	if _, err = pk.kdf.ReadFrom(r); err != nil {
-		return
-	}
-
-	c, ok := curveInfo.Curve.(ecc.ECDHCurve)
-	if !ok {
-		return errors.UnsupportedError(fmt.Sprintf("unsupported oid: %x", pk.oid))
-	}
-
-	if kdfLen := len(pk.kdf.Bytes()); kdfLen < 3 {
-		return errors.UnsupportedError("unsupported ECDH KDF length: " + strconv.Itoa(kdfLen))
-	}
-	if reserved := pk.kdf.Bytes()[0]; reserved != 0x01 {
-		return errors.UnsupportedError("unsupported KDF reserved field: " + strconv.Itoa(int(reserved)))
-	}
-	kdfHash, ok := algorithm.HashById[pk.kdf.Bytes()[1]]
-	if !ok {
-		return errors.UnsupportedError("unsupported ECDH KDF hash: " + strconv.Itoa(int(pk.kdf.Bytes()[1])))
-	}
-	kdfCipher, ok := algorithm.CipherById[pk.kdf.Bytes()[2]]
-	if !ok {
-		return errors.UnsupportedError("unsupported ECDH KDF cipher: " + strconv.Itoa(int(pk.kdf.Bytes()[2])))
-	}
-
-	ecdhKey := ecdh.NewPublicKey(c, kdfHash, kdfCipher)
-	err = ecdhKey.UnmarshalPoint(pk.p.Bytes())
-	pk.PublicKey = ecdhKey
-
-	return
-}
-
-func (pk *PublicKey) parseEdDSA(r io.Reader) (err error) {
-	if pk.Version == 6 {
-		// Implementations MUST NOT accept or generate version 6 key material using the deprecated OIDs.
-		return errors.StructuralError("cannot generate v6 key with deprecated algorithm: EdDSALegacy")
-	}
-
-	pk.oid = new(encoding.OID)
-	if _, err = pk.oid.ReadFrom(r); err != nil {
-		return
-	}
-
-	curveInfo := ecc.FindByOid(pk.oid)
-	if curveInfo == nil {
-		return errors.UnsupportedError(fmt.Sprintf("unknown oid: %x", pk.oid))
-	}
-
-	c, ok := curveInfo.Curve.(ecc.EdDSACurve)
-	if !ok {
-		return errors.UnsupportedError(fmt.Sprintf("unsupported oid: %x", pk.oid))
-	}
-
-	pk.p = new(encoding.MPI)
-	if _, err = pk.p.ReadFrom(r); err != nil {
-		return
-	}
-
-	if len(pk.p.Bytes()) == 0 {
-		return errors.StructuralError("empty EdDSA public key")
-	}
-
-	pub := eddsa.NewPublicKey(c)
-
-	switch flag := pk.p.Bytes()[0]; flag {
-	case 0x04:
-		// TODO: see _grcy_ecc_eddsa_ensure_compact in grcypt
-		return errors.UnsupportedError("unsupported EdDSA compression: " + strconv.Itoa(int(flag)))
-	case 0x40:
-		err = pub.UnmarshalPoint(pk.p.Bytes())
-	default:
-		return errors.UnsupportedError("unsupported EdDSA compression: " + strconv.Itoa(int(flag)))
-	}
-
-	pk.PublicKey = pub
-	return
-}
-
-func (pk *PublicKey) parseX25519(r io.Reader) (err error) {
-	point := make([]byte, x25519.KeySize)
-	_, err = io.ReadFull(r, point)
-	if err != nil {
-		return
-	}
-	pub := &x25519.PublicKey{
-		Point: point,
-	}
-	pk.PublicKey = pub
-	return
-}
-
-func (pk *PublicKey) parseX448(r io.Reader) (err error) {
-	point := make([]byte, x448.KeySize)
-	_, err = io.ReadFull(r, point)
-	if err != nil {
-		return
-	}
-	pub := &x448.PublicKey{
-		Point: point,
-	}
-	pk.PublicKey = pub
-	return
-}
-
-func (pk *PublicKey) parseEd25519(r io.Reader) (err error) {
-	point := make([]byte, ed25519.PublicKeySize)
-	_, err = io.ReadFull(r, point)
-	if err != nil {
-		return
-	}
-	pub := &ed25519.PublicKey{
-		Point: point,
-	}
-	pk.PublicKey = pub
-	return
-}
-
-func (pk *PublicKey) parseEd448(r io.Reader) (err error) {
-	point := make([]byte, ed448.PublicKeySize)
-	_, err = io.ReadFull(r, point)
-	if err != nil {
-		return
-	}
-	pub := &ed448.PublicKey{
-		Point: point,
-	}
-	pk.PublicKey = pub
-	return
-}
-
-// SerializeForHash serializes the PublicKey to w with the special packet
-// header format needed for hashing.
-func (pk *PublicKey) SerializeForHash(w io.Writer) error {
-	if err := pk.SerializeSignaturePrefix(w); err != nil {
-		return err
-	}
-	return pk.serializeWithoutHeaders(w)
-}
-
-// SerializeSignaturePrefix writes the prefix for this public key to the given Writer.
-// The prefix is used when calculating a signature over this public key. See
-// RFC 4880, section 5.2.4.
-func (pk *PublicKey) SerializeSignaturePrefix(w io.Writer) error {
-	var pLength = pk.algorithmSpecificByteCount()
-	// version, timestamp, algorithm
-	pLength += versionSize + timestampSize + algorithmSize
-	if pk.Version >= 5 {
-		// key octet count (4).
-		pLength += 4
-		_, err := w.Write([]byte{
-			// When a v4 signature is made over a key, the hash data starts with the octet 0x99, followed by a two-octet length
-			// of the key, and then the body of the key packet. When a v6 signature is made over a key, the hash data starts
-			// with the salt, then octet 0x9B, followed by a four-octet length of the key, and then the body of the key packet.
-			0x95 + byte(pk.Version),
-			byte(pLength >> 24),
-			byte(pLength >> 16),
-			byte(pLength >> 8),
-			byte(pLength),
-		})
-		return err
-	}
-	if _, err := w.Write([]byte{0x99, byte(pLength >> 8), byte(pLength)}); err != nil {
-		return err
-	}
-	return nil
-}
-
-func (pk *PublicKey) Serialize(w io.Writer) (err error) {
-	length := uint32(versionSize + timestampSize + algorithmSize) // 6 byte header
-	length += pk.algorithmSpecificByteCount()
-	if pk.Version >= 5 {
-		length += 4 // octet key count
-	}
-	packetType := packetTypePublicKey
-	if pk.IsSubkey {
-		packetType = packetTypePublicSubkey
-	}
-	err = serializeHeader(w, packetType, int(length))
-	if err != nil {
-		return
-	}
-	return pk.serializeWithoutHeaders(w)
-}
-
-func (pk *PublicKey) algorithmSpecificByteCount() uint32 {
-	length := uint32(0)
-	switch pk.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly:
-		length += uint32(pk.n.EncodedLength())
-		length += uint32(pk.e.EncodedLength())
-	case PubKeyAlgoDSA:
-		length += uint32(pk.p.EncodedLength())
-		length += uint32(pk.q.EncodedLength())
-		length += uint32(pk.g.EncodedLength())
-		length += uint32(pk.y.EncodedLength())
-	case PubKeyAlgoElGamal:
-		length += uint32(pk.p.EncodedLength())
-		length += uint32(pk.g.EncodedLength())
-		length += uint32(pk.y.EncodedLength())
-	case PubKeyAlgoECDSA:
-		length += uint32(pk.oid.EncodedLength())
-		length += uint32(pk.p.EncodedLength())
-	case PubKeyAlgoECDH:
-		length += uint32(pk.oid.EncodedLength())
-		length += uint32(pk.p.EncodedLength())
-		length += uint32(pk.kdf.EncodedLength())
-	case PubKeyAlgoEdDSA:
-		length += uint32(pk.oid.EncodedLength())
-		length += uint32(pk.p.EncodedLength())
-	case PubKeyAlgoX25519:
-		length += x25519.KeySize
-	case PubKeyAlgoX448:
-		length += x448.KeySize
-	case PubKeyAlgoEd25519:
-		length += ed25519.PublicKeySize
-	case PubKeyAlgoEd448:
-		length += ed448.PublicKeySize
-	default:
-		panic("unknown public key algorithm")
-	}
-	return length
-}
-
-// serializeWithoutHeaders marshals the PublicKey to w in the form of an
-// OpenPGP public key packet, not including the packet header.
-func (pk *PublicKey) serializeWithoutHeaders(w io.Writer) (err error) {
-	t := uint32(pk.CreationTime.Unix())
-	if _, err = w.Write([]byte{
-		byte(pk.Version),
-		byte(t >> 24), byte(t >> 16), byte(t >> 8), byte(t),
-		byte(pk.PubKeyAlgo),
-	}); err != nil {
-		return
-	}
-
-	if pk.Version >= 5 {
-		n := pk.algorithmSpecificByteCount()
-		if _, err = w.Write([]byte{
-			byte(n >> 24), byte(n >> 16), byte(n >> 8), byte(n),
-		}); err != nil {
-			return
-		}
-	}
-
-	switch pk.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly:
-		if _, err = w.Write(pk.n.EncodedBytes()); err != nil {
-			return
-		}
-		_, err = w.Write(pk.e.EncodedBytes())
-		return
-	case PubKeyAlgoDSA:
-		if _, err = w.Write(pk.p.EncodedBytes()); err != nil {
-			return
-		}
-		if _, err = w.Write(pk.q.EncodedBytes()); err != nil {
-			return
-		}
-		if _, err = w.Write(pk.g.EncodedBytes()); err != nil {
-			return
-		}
-		_, err = w.Write(pk.y.EncodedBytes())
-		return
-	case PubKeyAlgoElGamal:
-		if _, err = w.Write(pk.p.EncodedBytes()); err != nil {
-			return
-		}
-		if _, err = w.Write(pk.g.EncodedBytes()); err != nil {
-			return
-		}
-		_, err = w.Write(pk.y.EncodedBytes())
-		return
-	case PubKeyAlgoECDSA:
-		if _, err = w.Write(pk.oid.EncodedBytes()); err != nil {
-			return
-		}
-		_, err = w.Write(pk.p.EncodedBytes())
-		return
-	case PubKeyAlgoECDH:
-		if _, err = w.Write(pk.oid.EncodedBytes()); err != nil {
-			return
-		}
-		if _, err = w.Write(pk.p.EncodedBytes()); err != nil {
-			return
-		}
-		_, err = w.Write(pk.kdf.EncodedBytes())
-		return
-	case PubKeyAlgoEdDSA:
-		if _, err = w.Write(pk.oid.EncodedBytes()); err != nil {
-			return
-		}
-		_, err = w.Write(pk.p.EncodedBytes())
-		return
-	case PubKeyAlgoX25519:
-		publicKey := pk.PublicKey.(*x25519.PublicKey)
-		_, err = w.Write(publicKey.Point)
-		return
-	case PubKeyAlgoX448:
-		publicKey := pk.PublicKey.(*x448.PublicKey)
-		_, err = w.Write(publicKey.Point)
-		return
-	case PubKeyAlgoEd25519:
-		publicKey := pk.PublicKey.(*ed25519.PublicKey)
-		_, err = w.Write(publicKey.Point)
-		return
-	case PubKeyAlgoEd448:
-		publicKey := pk.PublicKey.(*ed448.PublicKey)
-		_, err = w.Write(publicKey.Point)
-		return
-	}
-	return errors.InvalidArgumentError("bad public-key algorithm")
-}
-
-// CanSign returns true iff this public key can generate signatures
-func (pk *PublicKey) CanSign() bool {
-	return pk.PubKeyAlgo != PubKeyAlgoRSAEncryptOnly && pk.PubKeyAlgo != PubKeyAlgoElGamal && pk.PubKeyAlgo != PubKeyAlgoECDH
-}
-
-// VerifyHashTag returns nil iff sig appears to be a plausible signature of the data
-// hashed into signed, based solely on its HashTag. signed is mutated by this call.
-func VerifyHashTag(signed hash.Hash, sig *Signature) (err error) {
-	if sig.Version == 5 && (sig.SigType == 0x00 || sig.SigType == 0x01) {
-		sig.AddMetadataToHashSuffix()
-	}
-	signed.Write(sig.HashSuffix)
-	hashBytes := signed.Sum(nil)
-	if hashBytes[0] != sig.HashTag[0] || hashBytes[1] != sig.HashTag[1] {
-		return errors.SignatureError("hash tag doesn't match")
-	}
-	return nil
-}
-
-// VerifySignature returns nil iff sig is a valid signature, made by this
-// public key, of the data hashed into signed. signed is mutated by this call.
-func (pk *PublicKey) VerifySignature(signed hash.Hash, sig *Signature) (err error) {
-	if !pk.CanSign() {
-		return errors.InvalidArgumentError("public key cannot generate signatures")
-	}
-	if sig.Version == 5 && (sig.SigType == 0x00 || sig.SigType == 0x01) {
-		sig.AddMetadataToHashSuffix()
-	}
-	signed.Write(sig.HashSuffix)
-	hashBytes := signed.Sum(nil)
-	// see discussion https://github.com/ProtonMail/go-crypto/issues/107
-	if sig.Version >= 5 && (hashBytes[0] != sig.HashTag[0] || hashBytes[1] != sig.HashTag[1]) {
-		return errors.SignatureError("hash tag doesn't match")
-	}
-
-	if pk.PubKeyAlgo != sig.PubKeyAlgo {
-		return errors.InvalidArgumentError("public key and signature use different algorithms")
-	}
-
-	switch pk.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
-		rsaPublicKey, _ := pk.PublicKey.(*rsa.PublicKey)
-		err = rsa.VerifyPKCS1v15(rsaPublicKey, sig.Hash, hashBytes, padToKeySize(rsaPublicKey, sig.RSASignature.Bytes()))
-		if err != nil {
-			return errors.SignatureError("RSA verification failure")
-		}
-		return nil
-	case PubKeyAlgoDSA:
-		dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey)
-		// Need to truncate hashBytes to match FIPS 186-3 section 4.6.
-		subgroupSize := (dsaPublicKey.Q.BitLen() + 7) / 8
-		if len(hashBytes) > subgroupSize {
-			hashBytes = hashBytes[:subgroupSize]
-		}
-		if !dsa.Verify(dsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.DSASigR.Bytes()), new(big.Int).SetBytes(sig.DSASigS.Bytes())) {
-			return errors.SignatureError("DSA verification failure")
-		}
-		return nil
-	case PubKeyAlgoECDSA:
-		ecdsaPublicKey := pk.PublicKey.(*ecdsa.PublicKey)
-		if !ecdsa.Verify(ecdsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.ECDSASigR.Bytes()), new(big.Int).SetBytes(sig.ECDSASigS.Bytes())) {
-			return errors.SignatureError("ECDSA verification failure")
-		}
-		return nil
-	case PubKeyAlgoEdDSA:
-		eddsaPublicKey := pk.PublicKey.(*eddsa.PublicKey)
-		if !eddsa.Verify(eddsaPublicKey, hashBytes, sig.EdDSASigR.Bytes(), sig.EdDSASigS.Bytes()) {
-			return errors.SignatureError("EdDSA verification failure")
-		}
-		return nil
-	case PubKeyAlgoEd25519:
-		ed25519PublicKey := pk.PublicKey.(*ed25519.PublicKey)
-		if !ed25519.Verify(ed25519PublicKey, hashBytes, sig.EdSig) {
-			return errors.SignatureError("Ed25519 verification failure")
-		}
-		return nil
-	case PubKeyAlgoEd448:
-		ed448PublicKey := pk.PublicKey.(*ed448.PublicKey)
-		if !ed448.Verify(ed448PublicKey, hashBytes, sig.EdSig) {
-			return errors.SignatureError("ed448 verification failure")
-		}
-		return nil
-	default:
-		return errors.SignatureError("Unsupported public key algorithm used in signature")
-	}
-}
-
-// keySignatureHash returns a Hash of the message that needs to be signed for
-// pk to assert a subkey relationship to signed.
-func keySignatureHash(pk, signed signingKey, hashFunc hash.Hash) (h hash.Hash, err error) {
-	h = hashFunc
-
-	// RFC 4880, section 5.2.4
-	err = pk.SerializeForHash(h)
-	if err != nil {
-		return nil, err
-	}
-
-	err = signed.SerializeForHash(h)
-	return
-}
-
-// VerifyKeyHashTag returns nil iff sig appears to be a plausible signature over this
-// primary key and subkey, based solely on its HashTag.
-func (pk *PublicKey) VerifyKeyHashTag(signed *PublicKey, sig *Signature) error {
-	preparedHash, err := sig.PrepareVerify()
-	if err != nil {
-		return err
-	}
-	h, err := keySignatureHash(pk, signed, preparedHash)
-	if err != nil {
-		return err
-	}
-	return VerifyHashTag(h, sig)
-}
-
-// VerifyKeySignature returns nil iff sig is a valid signature, made by this
-// public key, of signed.
-func (pk *PublicKey) VerifyKeySignature(signed *PublicKey, sig *Signature) error {
-	preparedHash, err := sig.PrepareVerify()
-	if err != nil {
-		return err
-	}
-	h, err := keySignatureHash(pk, signed, preparedHash)
-	if err != nil {
-		return err
-	}
-	if err = pk.VerifySignature(h, sig); err != nil {
-		return err
-	}
-
-	if sig.FlagSign {
-		// Signing subkeys must be cross-signed. See
-		// https://www.gnupg.org/faq/subkey-cross-certify.html.
-		if sig.EmbeddedSignature == nil {
-			return errors.StructuralError("signing subkey is missing cross-signature")
-		}
-		preparedHashEmbedded, err := sig.EmbeddedSignature.PrepareVerify()
-		if err != nil {
-			return err
-		}
-		// Verify the cross-signature. This is calculated over the same
-		// data as the main signature, so we cannot just recursively
-		// call signed.VerifyKeySignature(...)
-		if h, err = keySignatureHash(pk, signed, preparedHashEmbedded); err != nil {
-			return errors.StructuralError("error while hashing for cross-signature: " + err.Error())
-		}
-		if err := signed.VerifySignature(h, sig.EmbeddedSignature); err != nil {
-			return errors.StructuralError("error while verifying cross-signature: " + err.Error())
-		}
-	}
-
-	return nil
-}
-
-func keyRevocationHash(pk signingKey, hashFunc hash.Hash) (err error) {
-	return pk.SerializeForHash(hashFunc)
-}
-
-// VerifyRevocationHashTag returns nil iff sig appears to be a plausible signature
-// over this public key, based solely on its HashTag.
-func (pk *PublicKey) VerifyRevocationHashTag(sig *Signature) (err error) {
-	preparedHash, err := sig.PrepareVerify()
-	if err != nil {
-		return err
-	}
-	if err = keyRevocationHash(pk, preparedHash); err != nil {
-		return err
-	}
-	return VerifyHashTag(preparedHash, sig)
-}
-
-// VerifyRevocationSignature returns nil iff sig is a valid signature, made by this
-// public key.
-func (pk *PublicKey) VerifyRevocationSignature(sig *Signature) (err error) {
-	preparedHash, err := sig.PrepareVerify()
-	if err != nil {
-		return err
-	}
-	if err = keyRevocationHash(pk, preparedHash); err != nil {
-		return err
-	}
-	return pk.VerifySignature(preparedHash, sig)
-}
-
-// VerifySubkeyRevocationSignature returns nil iff sig is a valid subkey revocation signature,
-// made by this public key, of signed.
-func (pk *PublicKey) VerifySubkeyRevocationSignature(sig *Signature, signed *PublicKey) (err error) {
-	preparedHash, err := sig.PrepareVerify()
-	if err != nil {
-		return err
-	}
-	h, err := keySignatureHash(pk, signed, preparedHash)
-	if err != nil {
-		return err
-	}
-	return pk.VerifySignature(h, sig)
-}
-
-// userIdSignatureHash returns a Hash of the message that needs to be signed
-// to assert that pk is a valid key for id.
-func userIdSignatureHash(id string, pk *PublicKey, h hash.Hash) (err error) {
-
-	// RFC 4880, section 5.2.4
-	if err := pk.SerializeSignaturePrefix(h); err != nil {
-		return err
-	}
-	if err := pk.serializeWithoutHeaders(h); err != nil {
-		return err
-	}
-
-	var buf [5]byte
-	buf[0] = 0xb4
-	buf[1] = byte(len(id) >> 24)
-	buf[2] = byte(len(id) >> 16)
-	buf[3] = byte(len(id) >> 8)
-	buf[4] = byte(len(id))
-	h.Write(buf[:])
-	h.Write([]byte(id))
-
-	return nil
-}
-
-// directKeySignatureHash returns a Hash of the message that needs to be signed.
-func directKeySignatureHash(pk *PublicKey, h hash.Hash) (err error) {
-	return pk.SerializeForHash(h)
-}
-
-// VerifyUserIdHashTag returns nil iff sig appears to be a plausible signature over this
-// public key and UserId, based solely on its HashTag
-func (pk *PublicKey) VerifyUserIdHashTag(id string, sig *Signature) (err error) {
-	preparedHash, err := sig.PrepareVerify()
-	if err != nil {
-		return err
-	}
-	err = userIdSignatureHash(id, pk, preparedHash)
-	if err != nil {
-		return err
-	}
-	return VerifyHashTag(preparedHash, sig)
-}
-
-// VerifyUserIdSignature returns nil iff sig is a valid signature, made by this
-// public key, that id is the identity of pub.
-func (pk *PublicKey) VerifyUserIdSignature(id string, pub *PublicKey, sig *Signature) (err error) {
-	h, err := sig.PrepareVerify()
-	if err != nil {
-		return err
-	}
-	if err := userIdSignatureHash(id, pub, h); err != nil {
-		return err
-	}
-	return pk.VerifySignature(h, sig)
-}
-
-// VerifyDirectKeySignature returns nil iff sig is a valid signature, made by this
-// public key.
-func (pk *PublicKey) VerifyDirectKeySignature(sig *Signature) (err error) {
-	h, err := sig.PrepareVerify()
-	if err != nil {
-		return err
-	}
-	if err := directKeySignatureHash(pk, h); err != nil {
-		return err
-	}
-	return pk.VerifySignature(h, sig)
-}
-
-// KeyIdString returns the public key's fingerprint in capital hex
-// (e.g. "6C7EE1B8621CC013").
-func (pk *PublicKey) KeyIdString() string {
-	return fmt.Sprintf("%X", pk.Fingerprint[12:20])
-}
-
-// KeyIdShortString returns the short form of public key's fingerprint
-// in capital hex, as shown by gpg --list-keys (e.g. "621CC013").
-func (pk *PublicKey) KeyIdShortString() string {
-	return fmt.Sprintf("%X", pk.Fingerprint[16:20])
-}
-
-// BitLength returns the bit length for the given public key.
-func (pk *PublicKey) BitLength() (bitLength uint16, err error) {
-	switch pk.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly:
-		bitLength = pk.n.BitLength()
-	case PubKeyAlgoDSA:
-		bitLength = pk.p.BitLength()
-	case PubKeyAlgoElGamal:
-		bitLength = pk.p.BitLength()
-	case PubKeyAlgoECDSA:
-		bitLength = pk.p.BitLength()
-	case PubKeyAlgoECDH:
-		bitLength = pk.p.BitLength()
-	case PubKeyAlgoEdDSA:
-		bitLength = pk.p.BitLength()
-	case PubKeyAlgoX25519:
-		bitLength = x25519.KeySize * 8
-	case PubKeyAlgoX448:
-		bitLength = x448.KeySize * 8
-	case PubKeyAlgoEd25519:
-		bitLength = ed25519.PublicKeySize * 8
-	case PubKeyAlgoEd448:
-		bitLength = ed448.PublicKeySize * 8
-	default:
-		err = errors.InvalidArgumentError("bad public-key algorithm")
-	}
-	return
-}
-
-// Curve returns the used elliptic curve of this public key.
-// Returns an error if no elliptic curve is used.
-func (pk *PublicKey) Curve() (curve Curve, err error) {
-	switch pk.PubKeyAlgo {
-	case PubKeyAlgoECDSA, PubKeyAlgoECDH, PubKeyAlgoEdDSA:
-		curveInfo := ecc.FindByOid(pk.oid)
-		if curveInfo == nil {
-			return "", errors.UnsupportedError(fmt.Sprintf("unknown oid: %x", pk.oid))
-		}
-		curve = Curve(curveInfo.GenName)
-	case PubKeyAlgoEd25519, PubKeyAlgoX25519:
-		curve = Curve25519
-	case PubKeyAlgoEd448, PubKeyAlgoX448:
-		curve = Curve448
-	default:
-		err = errors.InvalidArgumentError("public key does not operate with an elliptic curve")
-	}
-	return
-}
-
-// KeyExpired returns whether sig is a self-signature of a key that has
-// expired or is created in the future.
-func (pk *PublicKey) KeyExpired(sig *Signature, currentTime time.Time) bool {
-	if pk.CreationTime.Unix() > currentTime.Unix() {
-		return true
-	}
-	if sig.KeyLifetimeSecs == nil || *sig.KeyLifetimeSecs == 0 {
-		return false
-	}
-	expiry := pk.CreationTime.Add(time.Duration(*sig.KeyLifetimeSecs) * time.Second)
-	return currentTime.Unix() > expiry.Unix()
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key_test_data.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key_test_data.go
deleted file mode 100644
index b255f1f6f8..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key_test_data.go
+++ /dev/null
@@ -1,24 +0,0 @@
-package packet
-
-const rsaFingerprintHex = "5fb74b1d03b1e3cb31bc2f8aa34d7e18c20c31bb"
-
-const rsaPkDataHex = "988d044d3c5c10010400b1d13382944bd5aba23a4312968b5095d14f947f600eb478e14a6fcb16b0e0cac764884909c020bc495cfcc39a935387c661507bdb236a0612fb582cac3af9b29cc2c8c70090616c41b662f4da4c1201e195472eb7f4ae1ccbcbf9940fe21d985e379a5563dde5b9a23d35f1cfaa5790da3b79db26f23695107bfaca8e7b5bcd0011010001"
-
-const dsaFingerprintHex = "eece4c094db002103714c63c8e8fbe54062f19ed"
-
-const dsaPkDataHex = "9901a2044d432f89110400cd581334f0d7a1e1bdc8b9d6d8c0baf68793632735d2bb0903224cbaa1dfbf35a60ee7a13b92643421e1eb41aa8d79bea19a115a677f6b8ba3c7818ce53a6c2a24a1608bd8b8d6e55c5090cbde09dd26e356267465ae25e69ec8bdd57c7bbb2623e4d73336f73a0a9098f7f16da2e25252130fd694c0e8070c55a812a423ae7f00a0ebf50e70c2f19c3520a551bd4b08d30f23530d3d03ff7d0bf4a53a64a09dc5e6e6e35854b7d70c882b0c60293401958b1bd9e40abec3ea05ba87cf64899299d4bd6aa7f459c201d3fbbd6c82004bdc5e8a9eb8082d12054cc90fa9d4ec251a843236a588bf49552441817436c4f43326966fe85447d4e6d0acf8fa1ef0f014730770603ad7634c3088dc52501c237328417c31c89ed70400b2f1a98b0bf42f11fefc430704bebbaa41d9f355600c3facee1e490f64208e0e094ea55e3a598a219a58500bf78ac677b670a14f4e47e9cf8eab4f368cc1ddcaa18cc59309d4cc62dd4f680e73e6cc3e1ce87a84d0925efbcb26c575c093fc42eecf45135fabf6403a25c2016e1774c0484e440a18319072c617cc97ac0a3bb0"
-
-const ecdsaFingerprintHex = "9892270b38b8980b05c8d56d43fe956c542ca00b"
-
-const ecdsaPkDataHex = "9893045071c29413052b8104002304230401f4867769cedfa52c325018896245443968e52e51d0c2df8d939949cb5b330f2921711fbee1c9b9dddb95d15cb0255e99badeddda7cc23d9ddcaacbc290969b9f24019375d61c2e4e3b36953a28d8b2bc95f78c3f1d592fb24499be348656a7b17e3963187b4361afe497bc5f9f81213f04069f8e1fb9e6a6290ae295ca1a92b894396cb4"
-
-const ecdhFingerprintHex = "722354df2475a42164d1d49faa8b938f9a201946"
-
-const ecdhPkDataHex = "b90073044d53059212052b810400220303042faa84024a20b6735c4897efa5bfb41bf85b7eefeab5ca0cb9ffc8ea04a46acb25534a577694f9e25340a4ab5223a9dd1eda530c8aa2e6718db10d7e672558c7736fe09369ea5739a2a3554bf16d41faa50562f11c6d39bbd5dffb6b9a9ec91803010909"
-
-const eddsaFingerprintHex = "b2d5e5ec0e6deca6bc8eeeb00907e75e1dd99ad8"
-
-const eddsaPkDataHex = "98330456e2132b16092b06010401da470f01010740bbda39266affa511a8c2d02edf690fb784b0499c4406185811a163539ef11dc1b41d74657374696e67203c74657374696e674074657374696e672e636f6d3e8879041316080021050256e2132b021b03050b09080702061508090a0b020416020301021e01021780000a09100907e75e1dd99ad86d0c00fe39d2008359352782bc9b61ac382584cd8eff3f57a18c2287e3afeeb05d1f04ba00fe2d0bc1ddf3ff8adb9afa3e7d9287244b4ec567f3db4d60b74a9b5465ed528203"
-
-// Source: https://sites.google.com/site/brainhub/pgpecckeys#TOC-ECC-NIST-P-384-key
-const ecc384PubHex = `99006f044d53059213052b81040022030304f6b8c5aced5b84ef9f4a209db2e4a9dfb70d28cb8c10ecd57674a9fa5a67389942b62d5e51367df4c7bfd3f8e500feecf07ed265a621a8ebbbe53e947ec78c677eba143bd1533c2b350e1c29f82313e1e1108eba063be1e64b10e6950e799c2db42465635f6473615f64685f333834203c6f70656e70677040627261696e6875622e6f72673e8900cb04101309005305024d530592301480000000002000077072656665727265642d656d61696c2d656e636f64696e67407067702e636f6d7067706d696d65040b090807021901051b03000000021602051e010000000415090a08000a0910098033880f54719fca2b0180aa37350968bd5f115afd8ce7bc7b103822152dbff06d0afcda835329510905b98cb469ba208faab87c7412b799e7b633017f58364ea480e8a1a3f253a0c5f22c446e8be9a9fce6210136ee30811abbd49139de28b5bdf8dc36d06ae748579e9ff503b90073044d53059212052b810400220303042faa84024a20b6735c4897efa5bfb41bf85b7eefeab5ca0cb9ffc8ea04a46acb25534a577694f9e25340a4ab5223a9dd1eda530c8aa2e6718db10d7e672558c7736fe09369ea5739a2a3554bf16d41faa50562f11c6d39bbd5dffb6b9a9ec9180301090989008404181309000c05024d530592051b0c000000000a0910098033880f54719f80970180eee7a6d8fcee41ee4f9289df17f9bcf9d955dca25c583b94336f3a2b2d4986dc5cf417b8d2dc86f741a9e1a6d236c0e3017d1c76575458a0cfb93ae8a2b274fcc65ceecd7a91eec83656ba13219969f06945b48c56bd04152c3a0553c5f2f4bd1267`
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/reader.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/reader.go
deleted file mode 100644
index dd84092392..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/reader.go
+++ /dev/null
@@ -1,209 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-type PacketReader interface {
-	Next() (p Packet, err error)
-	Push(reader io.Reader) (err error)
-	Unread(p Packet)
-}
-
-// Reader reads packets from an io.Reader and allows packets to be 'unread' so
-// that they result from the next call to Next.
-type Reader struct {
-	q       []Packet
-	readers []io.Reader
-}
-
-// New io.Readers are pushed when a compressed or encrypted packet is processed
-// and recursively treated as a new source of packets. However, a carefully
-// crafted packet can trigger an infinite recursive sequence of packets. See
-// http://mumble.net/~campbell/misc/pgp-quine
-// https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4402
-// This constant limits the number of recursive packets that may be pushed.
-const maxReaders = 32
-
-// Next returns the most recently unread Packet, or reads another packet from
-// the top-most io.Reader. Unknown/unsupported/Marker packet types are skipped.
-func (r *Reader) Next() (p Packet, err error) {
-	for {
-		p, err := r.read()
-		if err == io.EOF {
-			break
-		} else if err != nil {
-			if _, ok := err.(errors.UnknownPacketTypeError); ok {
-				continue
-			}
-			if _, ok := err.(errors.UnsupportedError); ok {
-				switch p.(type) {
-				case *SymmetricallyEncrypted, *AEADEncrypted, *Compressed, *LiteralData:
-					return nil, err
-				}
-				continue
-			}
-			return nil, err
-		} else {
-			//A marker packet MUST be ignored when received
-			switch p.(type) {
-			case *Marker:
-				continue
-			}
-			return p, nil
-		}
-	}
-	return nil, io.EOF
-}
-
-// Next returns the most recently unread Packet, or reads another packet from
-// the top-most io.Reader. Unknown/Marker packet types are skipped while unsupported
-// packets are returned as UnsupportedPacket type.
-func (r *Reader) NextWithUnsupported() (p Packet, err error) {
-	for {
-		p, err = r.read()
-		if err == io.EOF {
-			break
-		} else if err != nil {
-			if _, ok := err.(errors.UnknownPacketTypeError); ok {
-				continue
-			}
-			if casteErr, ok := err.(errors.UnsupportedError); ok {
-				return &UnsupportedPacket{
-					IncompletePacket: p,
-					Error:            casteErr,
-				}, nil
-			}
-			return
-		} else {
-			//A marker packet MUST be ignored when received
-			switch p.(type) {
-			case *Marker:
-				continue
-			}
-			return
-		}
-	}
-	return nil, io.EOF
-}
-
-func (r *Reader) read() (p Packet, err error) {
-	if len(r.q) > 0 {
-		p = r.q[len(r.q)-1]
-		r.q = r.q[:len(r.q)-1]
-		return
-	}
-	for len(r.readers) > 0 {
-		p, err = Read(r.readers[len(r.readers)-1])
-		if err == io.EOF {
-			r.readers = r.readers[:len(r.readers)-1]
-			continue
-		}
-		return p, err
-	}
-	return nil, io.EOF
-}
-
-// Push causes the Reader to start reading from a new io.Reader. When an EOF
-// error is seen from the new io.Reader, it is popped and the Reader continues
-// to read from the next most recent io.Reader. Push returns a StructuralError
-// if pushing the reader would exceed the maximum recursion level, otherwise it
-// returns nil.
-func (r *Reader) Push(reader io.Reader) (err error) {
-	if len(r.readers) >= maxReaders {
-		return errors.StructuralError("too many layers of packets")
-	}
-	r.readers = append(r.readers, reader)
-	return nil
-}
-
-// Unread causes the given Packet to be returned from the next call to Next.
-func (r *Reader) Unread(p Packet) {
-	r.q = append(r.q, p)
-}
-
-func NewReader(r io.Reader) *Reader {
-	return &Reader{
-		q:       nil,
-		readers: []io.Reader{r},
-	}
-}
-
-// CheckReader is similar to Reader but additionally
-// uses the pushdown automata to verify the read packet sequence.
-type CheckReader struct {
-	Reader
-	verifier  *SequenceVerifier
-	fullyRead bool
-}
-
-// Next returns the most recently unread Packet, or reads another packet from
-// the top-most io.Reader. Unknown packet types are skipped.
-// If the read packet sequence does not conform to the packet composition
-// rules in rfc4880, it returns an error.
-func (r *CheckReader) Next() (p Packet, err error) {
-	if r.fullyRead {
-		return nil, io.EOF
-	}
-	if len(r.q) > 0 {
-		p = r.q[len(r.q)-1]
-		r.q = r.q[:len(r.q)-1]
-		return
-	}
-	var errMsg error
-	for len(r.readers) > 0 {
-		p, errMsg, err = ReadWithCheck(r.readers[len(r.readers)-1], r.verifier)
-		if errMsg != nil {
-			err = errMsg
-			return
-		}
-		if err == nil {
-			return
-		}
-		if err == io.EOF {
-			r.readers = r.readers[:len(r.readers)-1]
-			continue
-		}
-		//A marker packet MUST be ignored when received
-		switch p.(type) {
-		case *Marker:
-			continue
-		}
-		if _, ok := err.(errors.UnknownPacketTypeError); ok {
-			continue
-		}
-		if _, ok := err.(errors.UnsupportedError); ok {
-			switch p.(type) {
-			case *SymmetricallyEncrypted, *AEADEncrypted, *Compressed, *LiteralData:
-				return nil, err
-			}
-			continue
-		}
-		return nil, err
-	}
-	if errMsg = r.verifier.Next(EOSSymbol); errMsg != nil {
-		return nil, errMsg
-	}
-	if errMsg = r.verifier.AssertValid(); errMsg != nil {
-		return nil, errMsg
-	}
-	r.fullyRead = true
-	return nil, io.EOF
-}
-
-func NewCheckReader(r io.Reader) *CheckReader {
-	return &CheckReader{
-		Reader: Reader{
-			q:       nil,
-			readers: []io.Reader{r},
-		},
-		verifier:  NewSequenceVerifier(),
-		fullyRead: false,
-	}
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/recipient.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/recipient.go
deleted file mode 100644
index fb2e362e4a..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/recipient.go
+++ /dev/null
@@ -1,15 +0,0 @@
-package packet
-
-// Recipient type represents a Intended Recipient Fingerprint subpacket
-// See https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh#name-intended-recipient-fingerpr
-type Recipient struct {
-	KeyVersion  int
-	Fingerprint []byte
-}
-
-func (r *Recipient) Serialize() []byte {
-	packet := make([]byte, len(r.Fingerprint)+1)
-	packet[0] = byte(r.KeyVersion)
-	copy(packet[1:], r.Fingerprint)
-	return packet
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/signature.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/signature.go
deleted file mode 100644
index 3a4b366d87..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/signature.go
+++ /dev/null
@@ -1,1509 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"bytes"
-	"crypto"
-	"crypto/dsa"
-	"encoding/asn1"
-	"encoding/binary"
-	"hash"
-	"io"
-	"math/big"
-	"strconv"
-	"time"
-
-	"github.com/ProtonMail/go-crypto/openpgp/ecdsa"
-	"github.com/ProtonMail/go-crypto/openpgp/ed25519"
-	"github.com/ProtonMail/go-crypto/openpgp/ed448"
-	"github.com/ProtonMail/go-crypto/openpgp/eddsa"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
-)
-
-const (
-	// First octet of key flags.
-	// See RFC 9580, section 5.2.3.29 for details.
-	KeyFlagCertify = 1 << iota
-	KeyFlagSign
-	KeyFlagEncryptCommunications
-	KeyFlagEncryptStorage
-	KeyFlagSplitKey
-	KeyFlagAuthenticate
-	_
-	KeyFlagGroupKey
-)
-
-const (
-	// First octet of keyserver preference flags.
-	// See RFC 9580, section 5.2.3.25 for details.
-	_ = 1 << iota
-	_
-	_
-	_
-	_
-	_
-	_
-	KeyserverPrefNoModify
-)
-
-const SaltNotationName = "salt@notations.openpgpjs.org"
-
-// Signature represents a signature. See RFC 9580, section 5.2.
-type Signature struct {
-	Version    int
-	SigType    SignatureType
-	PubKeyAlgo PublicKeyAlgorithm
-	Hash       crypto.Hash
-	// salt contains a random salt value for v6 signatures
-	// See RFC 9580 Section 5.2.4.
-	salt []byte
-
-	// HashSuffix is extra data that is hashed in after the signed data.
-	HashSuffix []byte
-	// HashTag contains the first two bytes of the hash for fast rejection
-	// of bad signed data.
-	HashTag [2]byte
-
-	// Metadata includes format, filename and time, and is protected by v5
-	// signatures of type 0x00 or 0x01. This metadata is included into the hash
-	// computation; if nil, six 0x00 bytes are used instead. See section 5.2.4.
-	Metadata *LiteralData
-
-	CreationTime time.Time
-
-	RSASignature         encoding.Field
-	DSASigR, DSASigS     encoding.Field
-	ECDSASigR, ECDSASigS encoding.Field
-	EdDSASigR, EdDSASigS encoding.Field
-	EdSig                []byte
-
-	// rawSubpackets contains the unparsed subpackets, in order.
-	rawSubpackets []outputSubpacket
-
-	// The following are optional so are nil when not included in the
-	// signature.
-
-	SigLifetimeSecs, KeyLifetimeSecs                        *uint32
-	PreferredSymmetric, PreferredHash, PreferredCompression []uint8
-	PreferredCipherSuites                                   [][2]uint8
-	IssuerKeyId                                             *uint64
-	IssuerFingerprint                                       []byte
-	SignerUserId                                            *string
-	IsPrimaryId                                             *bool
-	Notations                                               []*Notation
-	IntendedRecipients                                      []*Recipient
-
-	// TrustLevel and TrustAmount can be set by the signer to assert that
-	// the key is not only valid but also trustworthy at the specified
-	// level.
-	// See RFC 9580, section 5.2.3.21 for details.
-	TrustLevel  TrustLevel
-	TrustAmount TrustAmount
-
-	// TrustRegularExpression can be used in conjunction with trust Signature
-	// packets to limit the scope of the trust that is extended.
-	// See RFC 9580, section 5.2.3.22 for details.
-	TrustRegularExpression *string
-
-	// KeyserverPrefsValid is set if any keyserver preferences were given. See RFC 9580, section
-	// 5.2.3.25 for details.
-	KeyserverPrefsValid   bool
-	KeyserverPrefNoModify bool
-
-	// PreferredKeyserver can be set to a URI where the latest version of the
-	// key that this signature is made over can be found. See RFC 9580, section
-	// 5.2.3.26 for details.
-	PreferredKeyserver string
-
-	// PolicyURI can be set to the URI of a document that describes the
-	// policy under which the signature was issued. See RFC 9580, section
-	// 5.2.3.28 for details.
-	PolicyURI string
-
-	// FlagsValid is set if any flags were given. See RFC 9580, section
-	// 5.2.3.29 for details.
-	FlagsValid                                                                                                         bool
-	FlagCertify, FlagSign, FlagEncryptCommunications, FlagEncryptStorage, FlagSplitKey, FlagAuthenticate, FlagGroupKey bool
-
-	// RevocationReason is set if this signature has been revoked.
-	// See RFC 9580, section 5.2.3.31 for details.
-	RevocationReason     *ReasonForRevocation
-	RevocationReasonText string
-
-	// In a self-signature, these flags are set there is a features subpacket
-	// indicating that the issuer implementation supports these features
-	// see https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh#features-subpacket
-	SEIPDv1, SEIPDv2 bool
-
-	// EmbeddedSignature, if non-nil, is a signature of the parent key, by
-	// this key. This prevents an attacker from claiming another's signing
-	// subkey as their own.
-	EmbeddedSignature *Signature
-
-	outSubpackets []outputSubpacket
-}
-
-// VerifiableSignature internally keeps state if the
-// the signature has been verified before.
-type VerifiableSignature struct {
-	Valid  *bool // nil if it has not been verified yet
-	Packet *Signature
-}
-
-// NewVerifiableSig returns a struct of type VerifiableSignature referencing the input signature.
-func NewVerifiableSig(signature *Signature) *VerifiableSignature {
-	return &VerifiableSignature{
-		Packet: signature,
-	}
-}
-
-// Salt returns the signature salt for v6 signatures.
-func (sig *Signature) Salt() []byte {
-	if sig == nil {
-		return nil
-	}
-	return sig.salt
-}
-
-func (sig *Signature) parse(r io.Reader) (err error) {
-	// RFC 9580, section 5.2.3
-	var buf [7]byte
-	_, err = readFull(r, buf[:1])
-	if err != nil {
-		return
-	}
-	sig.Version = int(buf[0])
-	if sig.Version != 4 && sig.Version != 5 && sig.Version != 6 {
-		err = errors.UnsupportedError("signature packet version " + strconv.Itoa(int(buf[0])))
-		return
-	}
-
-	if V5Disabled && sig.Version == 5 {
-		return errors.UnsupportedError("support for parsing v5 entities is disabled; build with `-tags v5` if needed")
-	}
-
-	if sig.Version == 6 {
-		_, err = readFull(r, buf[:7])
-	} else {
-		_, err = readFull(r, buf[:5])
-	}
-	if err != nil {
-		return
-	}
-	sig.SigType = SignatureType(buf[0])
-	sig.PubKeyAlgo = PublicKeyAlgorithm(buf[1])
-	switch sig.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoDSA, PubKeyAlgoECDSA, PubKeyAlgoEdDSA, PubKeyAlgoEd25519, PubKeyAlgoEd448:
-	default:
-		err = errors.UnsupportedError("public key algorithm " + strconv.Itoa(int(sig.PubKeyAlgo)))
-		return
-	}
-
-	var ok bool
-
-	if sig.Version < 5 {
-		sig.Hash, ok = algorithm.HashIdToHashWithSha1(buf[2])
-	} else {
-		sig.Hash, ok = algorithm.HashIdToHash(buf[2])
-	}
-
-	if !ok {
-		return errors.UnsupportedError("hash function " + strconv.Itoa(int(buf[2])))
-	}
-
-	var hashedSubpacketsLength int
-	if sig.Version == 6 {
-		// For a v6 signature, a four-octet length is used.
-		hashedSubpacketsLength =
-			int(buf[3])<<24 |
-				int(buf[4])<<16 |
-				int(buf[5])<<8 |
-				int(buf[6])
-	} else {
-		hashedSubpacketsLength = int(buf[3])<<8 | int(buf[4])
-	}
-	hashedSubpackets := make([]byte, hashedSubpacketsLength)
-	_, err = readFull(r, hashedSubpackets)
-	if err != nil {
-		return
-	}
-	err = sig.buildHashSuffix(hashedSubpackets)
-	if err != nil {
-		return
-	}
-
-	err = parseSignatureSubpackets(sig, hashedSubpackets, true)
-	if err != nil {
-		return
-	}
-
-	if sig.Version == 6 {
-		_, err = readFull(r, buf[:4])
-	} else {
-		_, err = readFull(r, buf[:2])
-	}
-
-	if err != nil {
-		return
-	}
-	var unhashedSubpacketsLength uint32
-	if sig.Version == 6 {
-		unhashedSubpacketsLength = uint32(buf[0])<<24 | uint32(buf[1])<<16 | uint32(buf[2])<<8 | uint32(buf[3])
-	} else {
-		unhashedSubpacketsLength = uint32(buf[0])<<8 | uint32(buf[1])
-	}
-	unhashedSubpackets := make([]byte, unhashedSubpacketsLength)
-	_, err = readFull(r, unhashedSubpackets)
-	if err != nil {
-		return
-	}
-	err = parseSignatureSubpackets(sig, unhashedSubpackets, false)
-	if err != nil {
-		return
-	}
-
-	_, err = readFull(r, sig.HashTag[:2])
-	if err != nil {
-		return
-	}
-
-	if sig.Version == 6 {
-		// Only for v6 signatures, a variable-length field containing the salt
-		_, err = readFull(r, buf[:1])
-		if err != nil {
-			return
-		}
-		saltLength := int(buf[0])
-		var expectedSaltLength int
-		expectedSaltLength, err = SaltLengthForHash(sig.Hash)
-		if err != nil {
-			return
-		}
-		if saltLength != expectedSaltLength {
-			err = errors.StructuralError("unexpected salt size for the given hash algorithm")
-			return
-		}
-		salt := make([]byte, expectedSaltLength)
-		_, err = readFull(r, salt)
-		if err != nil {
-			return
-		}
-		sig.salt = salt
-	}
-
-	switch sig.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
-		sig.RSASignature = new(encoding.MPI)
-		_, err = sig.RSASignature.ReadFrom(r)
-	case PubKeyAlgoDSA:
-		sig.DSASigR = new(encoding.MPI)
-		if _, err = sig.DSASigR.ReadFrom(r); err != nil {
-			return
-		}
-
-		sig.DSASigS = new(encoding.MPI)
-		_, err = sig.DSASigS.ReadFrom(r)
-	case PubKeyAlgoECDSA:
-		sig.ECDSASigR = new(encoding.MPI)
-		if _, err = sig.ECDSASigR.ReadFrom(r); err != nil {
-			return
-		}
-
-		sig.ECDSASigS = new(encoding.MPI)
-		_, err = sig.ECDSASigS.ReadFrom(r)
-	case PubKeyAlgoEdDSA:
-		sig.EdDSASigR = new(encoding.MPI)
-		if _, err = sig.EdDSASigR.ReadFrom(r); err != nil {
-			return
-		}
-
-		sig.EdDSASigS = new(encoding.MPI)
-		if _, err = sig.EdDSASigS.ReadFrom(r); err != nil {
-			return
-		}
-	case PubKeyAlgoEd25519:
-		sig.EdSig, err = ed25519.ReadSignature(r)
-		if err != nil {
-			return
-		}
-	case PubKeyAlgoEd448:
-		sig.EdSig, err = ed448.ReadSignature(r)
-		if err != nil {
-			return
-		}
-	default:
-		panic("unreachable")
-	}
-	return
-}
-
-// parseSignatureSubpackets parses subpackets of the main signature packet. See
-// RFC 9580, section 5.2.3.1.
-func parseSignatureSubpackets(sig *Signature, subpackets []byte, isHashed bool) (err error) {
-	for len(subpackets) > 0 {
-		subpackets, err = parseSignatureSubpacket(sig, subpackets, isHashed)
-		if err != nil {
-			return
-		}
-	}
-
-	if sig.CreationTime.IsZero() {
-		err = errors.StructuralError("no creation time in signature")
-	}
-
-	return
-}
-
-type signatureSubpacketType uint8
-
-const (
-	creationTimeSubpacket        signatureSubpacketType = 2
-	signatureExpirationSubpacket signatureSubpacketType = 3
-	exportableCertSubpacket      signatureSubpacketType = 4
-	trustSubpacket               signatureSubpacketType = 5
-	regularExpressionSubpacket   signatureSubpacketType = 6
-	keyExpirationSubpacket       signatureSubpacketType = 9
-	prefSymmetricAlgosSubpacket  signatureSubpacketType = 11
-	issuerSubpacket              signatureSubpacketType = 16
-	notationDataSubpacket        signatureSubpacketType = 20
-	prefHashAlgosSubpacket       signatureSubpacketType = 21
-	prefCompressionSubpacket     signatureSubpacketType = 22
-	keyserverPrefsSubpacket      signatureSubpacketType = 23
-	prefKeyserverSubpacket       signatureSubpacketType = 24
-	primaryUserIdSubpacket       signatureSubpacketType = 25
-	policyUriSubpacket           signatureSubpacketType = 26
-	keyFlagsSubpacket            signatureSubpacketType = 27
-	signerUserIdSubpacket        signatureSubpacketType = 28
-	reasonForRevocationSubpacket signatureSubpacketType = 29
-	featuresSubpacket            signatureSubpacketType = 30
-	embeddedSignatureSubpacket   signatureSubpacketType = 32
-	issuerFingerprintSubpacket   signatureSubpacketType = 33
-	intendedRecipientSubpacket   signatureSubpacketType = 35
-	prefCipherSuitesSubpacket    signatureSubpacketType = 39
-)
-
-// parseSignatureSubpacket parses a single subpacket. len(subpacket) is >= 1.
-func parseSignatureSubpacket(sig *Signature, subpacket []byte, isHashed bool) (rest []byte, err error) {
-	// RFC 9580, section 5.2.3.7
-	var (
-		length     uint32
-		packetType signatureSubpacketType
-		isCritical bool
-	)
-	if len(subpacket) == 0 {
-		err = errors.StructuralError("zero length signature subpacket")
-		return
-	}
-	switch {
-	case subpacket[0] < 192:
-		length = uint32(subpacket[0])
-		subpacket = subpacket[1:]
-	case subpacket[0] < 255:
-		if len(subpacket) < 2 {
-			goto Truncated
-		}
-		length = uint32(subpacket[0]-192)<<8 + uint32(subpacket[1]) + 192
-		subpacket = subpacket[2:]
-	default:
-		if len(subpacket) < 5 {
-			goto Truncated
-		}
-		length = uint32(subpacket[1])<<24 |
-			uint32(subpacket[2])<<16 |
-			uint32(subpacket[3])<<8 |
-			uint32(subpacket[4])
-		subpacket = subpacket[5:]
-	}
-	if length > uint32(len(subpacket)) {
-		goto Truncated
-	}
-	rest = subpacket[length:]
-	subpacket = subpacket[:length]
-	if len(subpacket) == 0 {
-		err = errors.StructuralError("zero length signature subpacket")
-		return
-	}
-	packetType = signatureSubpacketType(subpacket[0] & 0x7f)
-	isCritical = subpacket[0]&0x80 == 0x80
-	subpacket = subpacket[1:]
-	sig.rawSubpackets = append(sig.rawSubpackets, outputSubpacket{isHashed, packetType, isCritical, subpacket})
-	if !isHashed &&
-		packetType != issuerSubpacket &&
-		packetType != issuerFingerprintSubpacket &&
-		packetType != embeddedSignatureSubpacket {
-		return
-	}
-	switch packetType {
-	case creationTimeSubpacket:
-		if len(subpacket) != 4 {
-			err = errors.StructuralError("signature creation time not four bytes")
-			return
-		}
-		t := binary.BigEndian.Uint32(subpacket)
-		sig.CreationTime = time.Unix(int64(t), 0)
-	case signatureExpirationSubpacket:
-		// Signature expiration time, section 5.2.3.18
-		if len(subpacket) != 4 {
-			err = errors.StructuralError("expiration subpacket with bad length")
-			return
-		}
-		sig.SigLifetimeSecs = new(uint32)
-		*sig.SigLifetimeSecs = binary.BigEndian.Uint32(subpacket)
-	case exportableCertSubpacket:
-		if subpacket[0] == 0 {
-			err = errors.UnsupportedError("signature with non-exportable certification")
-			return
-		}
-	case trustSubpacket:
-		if len(subpacket) != 2 {
-			err = errors.StructuralError("trust subpacket with bad length")
-			return
-		}
-		// Trust level and amount, section 5.2.3.21
-		sig.TrustLevel = TrustLevel(subpacket[0])
-		sig.TrustAmount = TrustAmount(subpacket[1])
-	case regularExpressionSubpacket:
-		if len(subpacket) == 0 {
-			err = errors.StructuralError("regexp subpacket with bad length")
-			return
-		}
-		// Trust regular expression, section 5.2.3.22
-		// RFC specifies the string should be null-terminated; remove a null byte from the end
-		if subpacket[len(subpacket)-1] != 0x00 {
-			err = errors.StructuralError("expected regular expression to be null-terminated")
-			return
-		}
-		trustRegularExpression := string(subpacket[:len(subpacket)-1])
-		sig.TrustRegularExpression = &trustRegularExpression
-	case keyExpirationSubpacket:
-		// Key expiration time, section 5.2.3.13
-		if len(subpacket) != 4 {
-			err = errors.StructuralError("key expiration subpacket with bad length")
-			return
-		}
-		sig.KeyLifetimeSecs = new(uint32)
-		*sig.KeyLifetimeSecs = binary.BigEndian.Uint32(subpacket)
-	case prefSymmetricAlgosSubpacket:
-		// Preferred symmetric algorithms, section 5.2.3.14
-		sig.PreferredSymmetric = make([]byte, len(subpacket))
-		copy(sig.PreferredSymmetric, subpacket)
-	case issuerSubpacket:
-		// Issuer, section 5.2.3.12
-		if sig.Version > 4 && isHashed {
-			err = errors.StructuralError("issuer subpacket found in v6 key")
-			return
-		}
-		if len(subpacket) != 8 {
-			err = errors.StructuralError("issuer subpacket with bad length")
-			return
-		}
-		if sig.Version <= 4 {
-			sig.IssuerKeyId = new(uint64)
-			*sig.IssuerKeyId = binary.BigEndian.Uint64(subpacket)
-		}
-	case notationDataSubpacket:
-		// Notation data, section 5.2.3.24
-		if len(subpacket) < 8 {
-			err = errors.StructuralError("notation data subpacket with bad length")
-			return
-		}
-
-		nameLength := uint32(subpacket[4])<<8 | uint32(subpacket[5])
-		valueLength := uint32(subpacket[6])<<8 | uint32(subpacket[7])
-		if len(subpacket) != int(nameLength)+int(valueLength)+8 {
-			err = errors.StructuralError("notation data subpacket with bad length")
-			return
-		}
-
-		notation := Notation{
-			IsHumanReadable: (subpacket[0] & 0x80) == 0x80,
-			Name:            string(subpacket[8:(nameLength + 8)]),
-			Value:           subpacket[(nameLength + 8):(valueLength + nameLength + 8)],
-			IsCritical:      isCritical,
-		}
-
-		sig.Notations = append(sig.Notations, &notation)
-	case prefHashAlgosSubpacket:
-		// Preferred hash algorithms, section 5.2.3.16
-		sig.PreferredHash = make([]byte, len(subpacket))
-		copy(sig.PreferredHash, subpacket)
-	case prefCompressionSubpacket:
-		// Preferred compression algorithms, section 5.2.3.17
-		sig.PreferredCompression = make([]byte, len(subpacket))
-		copy(sig.PreferredCompression, subpacket)
-	case keyserverPrefsSubpacket:
-		// Keyserver preferences, section 5.2.3.25
-		sig.KeyserverPrefsValid = true
-		if len(subpacket) == 0 {
-			return
-		}
-		if subpacket[0]&KeyserverPrefNoModify != 0 {
-			sig.KeyserverPrefNoModify = true
-		}
-	case prefKeyserverSubpacket:
-		// Preferred keyserver, section 5.2.3.26
-		sig.PreferredKeyserver = string(subpacket)
-	case primaryUserIdSubpacket:
-		// Primary User ID, section 5.2.3.27
-		if len(subpacket) != 1 {
-			err = errors.StructuralError("primary user id subpacket with bad length")
-			return
-		}
-		sig.IsPrimaryId = new(bool)
-		if subpacket[0] > 0 {
-			*sig.IsPrimaryId = true
-		}
-	case keyFlagsSubpacket:
-		// Key flags, section 5.2.3.29
-		sig.FlagsValid = true
-		if len(subpacket) == 0 {
-			return
-		}
-		if subpacket[0]&KeyFlagCertify != 0 {
-			sig.FlagCertify = true
-		}
-		if subpacket[0]&KeyFlagSign != 0 {
-			sig.FlagSign = true
-		}
-		if subpacket[0]&KeyFlagEncryptCommunications != 0 {
-			sig.FlagEncryptCommunications = true
-		}
-		if subpacket[0]&KeyFlagEncryptStorage != 0 {
-			sig.FlagEncryptStorage = true
-		}
-		if subpacket[0]&KeyFlagSplitKey != 0 {
-			sig.FlagSplitKey = true
-		}
-		if subpacket[0]&KeyFlagAuthenticate != 0 {
-			sig.FlagAuthenticate = true
-		}
-		if subpacket[0]&KeyFlagGroupKey != 0 {
-			sig.FlagGroupKey = true
-		}
-	case signerUserIdSubpacket:
-		userId := string(subpacket)
-		sig.SignerUserId = &userId
-	case reasonForRevocationSubpacket:
-		// Reason For Revocation, section 5.2.3.31
-		if len(subpacket) == 0 {
-			err = errors.StructuralError("empty revocation reason subpacket")
-			return
-		}
-		sig.RevocationReason = new(ReasonForRevocation)
-		*sig.RevocationReason = NewReasonForRevocation(subpacket[0])
-		sig.RevocationReasonText = string(subpacket[1:])
-	case featuresSubpacket:
-		// Features subpacket, section 5.2.3.32 specifies a very general
-		// mechanism for OpenPGP implementations to signal support for new
-		// features.
-		if len(subpacket) > 0 {
-			if subpacket[0]&0x01 != 0 {
-				sig.SEIPDv1 = true
-			}
-			// 0x02 and 0x04 are reserved
-			if subpacket[0]&0x08 != 0 {
-				sig.SEIPDv2 = true
-			}
-		}
-	case embeddedSignatureSubpacket:
-		// Only usage is in signatures that cross-certify
-		// signing subkeys. section 5.2.3.34 describes the
-		// format, with its usage described in section 11.1
-		if sig.EmbeddedSignature != nil {
-			err = errors.StructuralError("Cannot have multiple embedded signatures")
-			return
-		}
-		sig.EmbeddedSignature = new(Signature)
-		if err := sig.EmbeddedSignature.parse(bytes.NewBuffer(subpacket)); err != nil {
-			return nil, err
-		}
-		if sigType := sig.EmbeddedSignature.SigType; sigType != SigTypePrimaryKeyBinding {
-			return nil, errors.StructuralError("cross-signature has unexpected type " + strconv.Itoa(int(sigType)))
-		}
-	case policyUriSubpacket:
-		// Policy URI, section 5.2.3.28
-		sig.PolicyURI = string(subpacket)
-	case issuerFingerprintSubpacket:
-		if len(subpacket) == 0 {
-			err = errors.StructuralError("empty issuer fingerprint subpacket")
-			return
-		}
-		v, l := subpacket[0], len(subpacket[1:])
-		if v >= 5 && l != 32 || v < 5 && l != 20 {
-			return nil, errors.StructuralError("bad fingerprint length")
-		}
-		sig.IssuerFingerprint = make([]byte, l)
-		copy(sig.IssuerFingerprint, subpacket[1:])
-		sig.IssuerKeyId = new(uint64)
-		if v >= 5 {
-			*sig.IssuerKeyId = binary.BigEndian.Uint64(subpacket[1:9])
-		} else {
-			*sig.IssuerKeyId = binary.BigEndian.Uint64(subpacket[13:21])
-		}
-	case intendedRecipientSubpacket:
-		// Intended Recipient Fingerprint, section 5.2.3.36
-		if len(subpacket) < 1 {
-			return nil, errors.StructuralError("invalid intended recipient fingerpring length")
-		}
-		version, length := subpacket[0], len(subpacket[1:])
-		if version >= 5 && length != 32 || version < 5 && length != 20 {
-			return nil, errors.StructuralError("invalid fingerprint length")
-		}
-		fingerprint := make([]byte, length)
-		copy(fingerprint, subpacket[1:])
-		sig.IntendedRecipients = append(sig.IntendedRecipients, &Recipient{int(version), fingerprint})
-	case prefCipherSuitesSubpacket:
-		// Preferred AEAD cipher suites, section 5.2.3.15
-		if len(subpacket)%2 != 0 {
-			err = errors.StructuralError("invalid aead cipher suite length")
-			return
-		}
-
-		sig.PreferredCipherSuites = make([][2]byte, len(subpacket)/2)
-
-		for i := 0; i < len(subpacket)/2; i++ {
-			sig.PreferredCipherSuites[i] = [2]uint8{subpacket[2*i], subpacket[2*i+1]}
-		}
-	default:
-		if isCritical {
-			err = errors.UnsupportedError("unknown critical signature subpacket type " + strconv.Itoa(int(packetType)))
-			return
-		}
-	}
-	return
-
-Truncated:
-	err = errors.StructuralError("signature subpacket truncated")
-	return
-}
-
-// subpacketLengthLength returns the length, in bytes, of an encoded length value.
-func subpacketLengthLength(length int) int {
-	if length < 192 {
-		return 1
-	}
-	if length < 16320 {
-		return 2
-	}
-	return 5
-}
-
-func (sig *Signature) CheckKeyIdOrFingerprint(pk *PublicKey) bool {
-	if sig.IssuerFingerprint != nil && len(sig.IssuerFingerprint) >= 20 {
-		return bytes.Equal(sig.IssuerFingerprint, pk.Fingerprint)
-	}
-	return sig.IssuerKeyId != nil && *sig.IssuerKeyId == pk.KeyId
-}
-
-func (sig *Signature) CheckKeyIdOrFingerprintExplicit(fingerprint []byte, keyId uint64) bool {
-	if sig.IssuerFingerprint != nil && len(sig.IssuerFingerprint) >= 20 && fingerprint != nil {
-		return bytes.Equal(sig.IssuerFingerprint, fingerprint)
-	}
-	return sig.IssuerKeyId != nil && *sig.IssuerKeyId == keyId
-}
-
-// serializeSubpacketLength marshals the given length into to.
-func serializeSubpacketLength(to []byte, length int) int {
-	// RFC 9580, Section 4.2.1.
-	if length < 192 {
-		to[0] = byte(length)
-		return 1
-	}
-	if length < 16320 {
-		length -= 192
-		to[0] = byte((length >> 8) + 192)
-		to[1] = byte(length)
-		return 2
-	}
-	to[0] = 255
-	to[1] = byte(length >> 24)
-	to[2] = byte(length >> 16)
-	to[3] = byte(length >> 8)
-	to[4] = byte(length)
-	return 5
-}
-
-// subpacketsLength returns the serialized length, in bytes, of the given
-// subpackets.
-func subpacketsLength(subpackets []outputSubpacket, hashed bool) (length int) {
-	for _, subpacket := range subpackets {
-		if subpacket.hashed == hashed {
-			length += subpacketLengthLength(len(subpacket.contents) + 1)
-			length += 1 // type byte
-			length += len(subpacket.contents)
-		}
-	}
-	return
-}
-
-// serializeSubpackets marshals the given subpackets into to.
-func serializeSubpackets(to []byte, subpackets []outputSubpacket, hashed bool) {
-	for _, subpacket := range subpackets {
-		if subpacket.hashed == hashed {
-			n := serializeSubpacketLength(to, len(subpacket.contents)+1)
-			to[n] = byte(subpacket.subpacketType)
-			if subpacket.isCritical {
-				to[n] |= 0x80
-			}
-			to = to[1+n:]
-			n = copy(to, subpacket.contents)
-			to = to[n:]
-		}
-	}
-}
-
-// SigExpired returns whether sig is a signature that has expired or is created
-// in the future.
-func (sig *Signature) SigExpired(currentTime time.Time) bool {
-	if sig.CreationTime.Unix() > currentTime.Unix() {
-		return true
-	}
-	if sig.SigLifetimeSecs == nil || *sig.SigLifetimeSecs == 0 {
-		return false
-	}
-	expiry := sig.CreationTime.Add(time.Duration(*sig.SigLifetimeSecs) * time.Second)
-	return currentTime.Unix() > expiry.Unix()
-}
-
-// buildHashSuffix constructs the HashSuffix member of sig in preparation for signing.
-func (sig *Signature) buildHashSuffix(hashedSubpackets []byte) (err error) {
-	var hashId byte
-	var ok bool
-
-	if sig.Version < 5 {
-		hashId, ok = algorithm.HashToHashIdWithSha1(sig.Hash)
-	} else {
-		hashId, ok = algorithm.HashToHashId(sig.Hash)
-	}
-
-	if !ok {
-		sig.HashSuffix = nil
-		return errors.InvalidArgumentError("hash cannot be represented in OpenPGP: " + strconv.Itoa(int(sig.Hash)))
-	}
-
-	hashedFields := bytes.NewBuffer([]byte{
-		uint8(sig.Version),
-		uint8(sig.SigType),
-		uint8(sig.PubKeyAlgo),
-		uint8(hashId),
-	})
-	hashedSubpacketsLength := len(hashedSubpackets)
-	if sig.Version == 6 {
-		// v6 signatures store the length in 4 octets
-		hashedFields.Write([]byte{
-			uint8(hashedSubpacketsLength >> 24),
-			uint8(hashedSubpacketsLength >> 16),
-			uint8(hashedSubpacketsLength >> 8),
-			uint8(hashedSubpacketsLength),
-		})
-	} else {
-		hashedFields.Write([]byte{
-			uint8(hashedSubpacketsLength >> 8),
-			uint8(hashedSubpacketsLength),
-		})
-	}
-	lenPrefix := hashedFields.Len()
-	hashedFields.Write(hashedSubpackets)
-
-	var l uint64 = uint64(lenPrefix + len(hashedSubpackets))
-	if sig.Version == 5 {
-		// v5 case
-		hashedFields.Write([]byte{0x05, 0xff})
-		hashedFields.Write([]byte{
-			uint8(l >> 56), uint8(l >> 48), uint8(l >> 40), uint8(l >> 32),
-			uint8(l >> 24), uint8(l >> 16), uint8(l >> 8), uint8(l),
-		})
-	} else {
-		// v4 and v6 case
-		hashedFields.Write([]byte{byte(sig.Version), 0xff})
-		hashedFields.Write([]byte{
-			uint8(l >> 24), uint8(l >> 16), uint8(l >> 8), uint8(l),
-		})
-	}
-	sig.HashSuffix = make([]byte, hashedFields.Len())
-	copy(sig.HashSuffix, hashedFields.Bytes())
-	return
-}
-
-func (sig *Signature) signPrepareHash(h hash.Hash) (digest []byte, err error) {
-	hashedSubpacketsLen := subpacketsLength(sig.outSubpackets, true)
-	hashedSubpackets := make([]byte, hashedSubpacketsLen)
-	serializeSubpackets(hashedSubpackets, sig.outSubpackets, true)
-	err = sig.buildHashSuffix(hashedSubpackets)
-	if err != nil {
-		return
-	}
-	if sig.Version == 5 && (sig.SigType == 0x00 || sig.SigType == 0x01) {
-		sig.AddMetadataToHashSuffix()
-	}
-
-	h.Write(sig.HashSuffix)
-	digest = h.Sum(nil)
-	copy(sig.HashTag[:], digest)
-	return
-}
-
-// PrepareSign must be called to create a hash object before Sign for v6 signatures.
-// The created hash object initially hashes a randomly generated salt
-// as required by v6 signatures. The generated salt is stored in sig. If the signature is not v6,
-// the method returns an empty hash object.
-// See RFC 9580 Section 5.2.4.
-func (sig *Signature) PrepareSign(config *Config) (hash.Hash, error) {
-	if !sig.Hash.Available() {
-		return nil, errors.UnsupportedError("hash function")
-	}
-	hasher := sig.Hash.New()
-	if sig.Version == 6 {
-		if sig.salt == nil {
-			var err error
-			sig.salt, err = SignatureSaltForHash(sig.Hash, config.Random())
-			if err != nil {
-				return nil, err
-			}
-		}
-		hasher.Write(sig.salt)
-	}
-	return hasher, nil
-}
-
-// SetSalt sets the signature salt for v6 signatures.
-// Assumes salt is generated correctly and checks if length matches.
-// If the signature is not v6, the method ignores the salt.
-// Use PrepareSign whenever possible instead of generating and
-// hashing the salt externally.
-// See RFC 9580 Section 5.2.4.
-func (sig *Signature) SetSalt(salt []byte) error {
-	if sig.Version == 6 {
-		expectedSaltLength, err := SaltLengthForHash(sig.Hash)
-		if err != nil {
-			return err
-		}
-		if salt == nil || len(salt) != expectedSaltLength {
-			return errors.InvalidArgumentError("unexpected salt size for the given hash algorithm")
-		}
-		sig.salt = salt
-	}
-	return nil
-}
-
-// PrepareVerify must be called to create a hash object before verifying v6 signatures.
-// The created hash object initially hashes the internally stored salt.
-// If the signature is not v6, the method returns an empty hash object.
-// See RFC 9580 Section 5.2.4.
-func (sig *Signature) PrepareVerify() (hash.Hash, error) {
-	if !sig.Hash.Available() {
-		return nil, errors.UnsupportedError("hash function")
-	}
-	hasher := sig.Hash.New()
-	if sig.Version == 6 {
-		if sig.salt == nil {
-			return nil, errors.StructuralError("v6 requires a salt for the hash to be signed")
-		}
-		hasher.Write(sig.salt)
-	}
-	return hasher, nil
-}
-
-// Sign signs a message with a private key. The hash, h, must contain
-// the hash of the message to be signed and will be mutated by this function.
-// On success, the signature is stored in sig. Call Serialize to write it out.
-// If config is nil, sensible defaults will be used.
-func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey, config *Config) (err error) {
-	if priv.Dummy() {
-		return errors.ErrDummyPrivateKey("dummy key found")
-	}
-	sig.Version = priv.PublicKey.Version
-	sig.IssuerFingerprint = priv.PublicKey.Fingerprint
-	if sig.Version < 6 && config.RandomizeSignaturesViaNotation() {
-		sig.removeNotationsWithName(SaltNotationName)
-		salt, err := SignatureSaltForHash(sig.Hash, config.Random())
-		if err != nil {
-			return err
-		}
-		notation := Notation{
-			Name:            SaltNotationName,
-			Value:           salt,
-			IsCritical:      false,
-			IsHumanReadable: false,
-		}
-		sig.Notations = append(sig.Notations, &notation)
-	}
-	sig.outSubpackets, err = sig.buildSubpackets(priv.PublicKey)
-	if err != nil {
-		return err
-	}
-	digest, err := sig.signPrepareHash(h)
-	if err != nil {
-		return
-	}
-	switch priv.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
-		// supports both *rsa.PrivateKey and crypto.Signer
-		sigdata, err := priv.PrivateKey.(crypto.Signer).Sign(config.Random(), digest, sig.Hash)
-		if err == nil {
-			sig.RSASignature = encoding.NewMPI(sigdata)
-		}
-	case PubKeyAlgoDSA:
-		dsaPriv := priv.PrivateKey.(*dsa.PrivateKey)
-
-		// Need to truncate hashBytes to match FIPS 186-3 section 4.6.
-		subgroupSize := (dsaPriv.Q.BitLen() + 7) / 8
-		if len(digest) > subgroupSize {
-			digest = digest[:subgroupSize]
-		}
-		r, s, err := dsa.Sign(config.Random(), dsaPriv, digest)
-		if err == nil {
-			sig.DSASigR = new(encoding.MPI).SetBig(r)
-			sig.DSASigS = new(encoding.MPI).SetBig(s)
-		}
-	case PubKeyAlgoECDSA:
-		var r, s *big.Int
-		if sk, ok := priv.PrivateKey.(*ecdsa.PrivateKey); ok {
-			r, s, err = ecdsa.Sign(config.Random(), sk, digest)
-		} else {
-			var b []byte
-			b, err = priv.PrivateKey.(crypto.Signer).Sign(config.Random(), digest, sig.Hash)
-			if err == nil {
-				r, s, err = unwrapECDSASig(b)
-			}
-		}
-
-		if err == nil {
-			sig.ECDSASigR = new(encoding.MPI).SetBig(r)
-			sig.ECDSASigS = new(encoding.MPI).SetBig(s)
-		}
-	case PubKeyAlgoEdDSA:
-		sk := priv.PrivateKey.(*eddsa.PrivateKey)
-		r, s, err := eddsa.Sign(sk, digest)
-		if err == nil {
-			sig.EdDSASigR = encoding.NewMPI(r)
-			sig.EdDSASigS = encoding.NewMPI(s)
-		}
-	case PubKeyAlgoEd25519:
-		sk := priv.PrivateKey.(*ed25519.PrivateKey)
-		signature, err := ed25519.Sign(sk, digest)
-		if err == nil {
-			sig.EdSig = signature
-		}
-	case PubKeyAlgoEd448:
-		sk := priv.PrivateKey.(*ed448.PrivateKey)
-		signature, err := ed448.Sign(sk, digest)
-		if err == nil {
-			sig.EdSig = signature
-		}
-	default:
-		err = errors.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
-	}
-
-	return
-}
-
-// unwrapECDSASig parses the two integer components of an ASN.1-encoded ECDSA signature.
-func unwrapECDSASig(b []byte) (r, s *big.Int, err error) {
-	var ecsdaSig struct {
-		R, S *big.Int
-	}
-	_, err = asn1.Unmarshal(b, &ecsdaSig)
-	if err != nil {
-		return
-	}
-	return ecsdaSig.R, ecsdaSig.S, nil
-}
-
-// SignUserId computes a signature from priv, asserting that pub is a valid
-// key for the identity id.  On success, the signature is stored in sig. Call
-// Serialize to write it out.
-// If config is nil, sensible defaults will be used.
-func (sig *Signature) SignUserId(id string, pub *PublicKey, priv *PrivateKey, config *Config) error {
-	if priv.Dummy() {
-		return errors.ErrDummyPrivateKey("dummy key found")
-	}
-	prepareHash, err := sig.PrepareSign(config)
-	if err != nil {
-		return err
-	}
-	if err := userIdSignatureHash(id, pub, prepareHash); err != nil {
-		return err
-	}
-	return sig.Sign(prepareHash, priv, config)
-}
-
-// SignDirectKeyBinding computes a signature from priv
-// On success, the signature is stored in sig.
-// Call Serialize to write it out.
-// If config is nil, sensible defaults will be used.
-func (sig *Signature) SignDirectKeyBinding(pub *PublicKey, priv *PrivateKey, config *Config) error {
-	if priv.Dummy() {
-		return errors.ErrDummyPrivateKey("dummy key found")
-	}
-	prepareHash, err := sig.PrepareSign(config)
-	if err != nil {
-		return err
-	}
-	if err := directKeySignatureHash(pub, prepareHash); err != nil {
-		return err
-	}
-	return sig.Sign(prepareHash, priv, config)
-}
-
-// CrossSignKey computes a signature from signingKey on pub hashed using hashKey. On success,
-// the signature is stored in sig. Call Serialize to write it out.
-// If config is nil, sensible defaults will be used.
-func (sig *Signature) CrossSignKey(pub *PublicKey, hashKey *PublicKey, signingKey *PrivateKey,
-	config *Config) error {
-	prepareHash, err := sig.PrepareSign(config)
-	if err != nil {
-		return err
-	}
-	h, err := keySignatureHash(hashKey, pub, prepareHash)
-	if err != nil {
-		return err
-	}
-	return sig.Sign(h, signingKey, config)
-}
-
-// SignKey computes a signature from priv, asserting that pub is a subkey. On
-// success, the signature is stored in sig. Call Serialize to write it out.
-// If config is nil, sensible defaults will be used.
-func (sig *Signature) SignKey(pub *PublicKey, priv *PrivateKey, config *Config) error {
-	if priv.Dummy() {
-		return errors.ErrDummyPrivateKey("dummy key found")
-	}
-	prepareHash, err := sig.PrepareSign(config)
-	if err != nil {
-		return err
-	}
-	h, err := keySignatureHash(&priv.PublicKey, pub, prepareHash)
-	if err != nil {
-		return err
-	}
-	return sig.Sign(h, priv, config)
-}
-
-// RevokeKey computes a revocation signature of pub using priv. On success, the signature is
-// stored in sig. Call Serialize to write it out.
-// If config is nil, sensible defaults will be used.
-func (sig *Signature) RevokeKey(pub *PublicKey, priv *PrivateKey, config *Config) error {
-	prepareHash, err := sig.PrepareSign(config)
-	if err != nil {
-		return err
-	}
-	if err := keyRevocationHash(pub, prepareHash); err != nil {
-		return err
-	}
-	return sig.Sign(prepareHash, priv, config)
-}
-
-// RevokeSubkey computes a subkey revocation signature of pub using priv.
-// On success, the signature is stored in sig. Call Serialize to write it out.
-// If config is nil, sensible defaults will be used.
-func (sig *Signature) RevokeSubkey(pub *PublicKey, priv *PrivateKey, config *Config) error {
-	// Identical to a subkey binding signature
-	return sig.SignKey(pub, priv, config)
-}
-
-// Serialize marshals sig to w. Sign, SignUserId or SignKey must have been
-// called first.
-func (sig *Signature) Serialize(w io.Writer) (err error) {
-	if len(sig.outSubpackets) == 0 {
-		sig.outSubpackets = sig.rawSubpackets
-	}
-	if sig.RSASignature == nil && sig.DSASigR == nil && sig.ECDSASigR == nil && sig.EdDSASigR == nil && sig.EdSig == nil {
-		return errors.InvalidArgumentError("Signature: need to call Sign, SignUserId or SignKey before Serialize")
-	}
-
-	sigLength := 0
-	switch sig.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
-		sigLength = int(sig.RSASignature.EncodedLength())
-	case PubKeyAlgoDSA:
-		sigLength = int(sig.DSASigR.EncodedLength())
-		sigLength += int(sig.DSASigS.EncodedLength())
-	case PubKeyAlgoECDSA:
-		sigLength = int(sig.ECDSASigR.EncodedLength())
-		sigLength += int(sig.ECDSASigS.EncodedLength())
-	case PubKeyAlgoEdDSA:
-		sigLength = int(sig.EdDSASigR.EncodedLength())
-		sigLength += int(sig.EdDSASigS.EncodedLength())
-	case PubKeyAlgoEd25519:
-		sigLength = ed25519.SignatureSize
-	case PubKeyAlgoEd448:
-		sigLength = ed448.SignatureSize
-	default:
-		panic("impossible")
-	}
-
-	hashedSubpacketsLen := subpacketsLength(sig.outSubpackets, true)
-	unhashedSubpacketsLen := subpacketsLength(sig.outSubpackets, false)
-	length := 4 + /* length of version|signature type|public-key algorithm|hash algorithm */
-		2 /* length of hashed subpackets */ + hashedSubpacketsLen +
-		2 /* length of unhashed subpackets */ + unhashedSubpacketsLen +
-		2 /* hash tag */ + sigLength
-	if sig.Version == 6 {
-		length += 4 + /* the two length fields are four-octet instead of two */
-			1 + /* salt length */
-			len(sig.salt) /* length salt */
-	}
-	err = serializeHeader(w, packetTypeSignature, length)
-	if err != nil {
-		return
-	}
-	err = sig.serializeBody(w)
-	if err != nil {
-		return err
-	}
-	return
-}
-
-func (sig *Signature) serializeBody(w io.Writer) (err error) {
-	var fields []byte
-	if sig.Version == 6 {
-		// v6 signatures use 4 octets for length
-		hashedSubpacketsLen :=
-			uint32(uint32(sig.HashSuffix[4])<<24) |
-				uint32(uint32(sig.HashSuffix[5])<<16) |
-				uint32(uint32(sig.HashSuffix[6])<<8) |
-				uint32(sig.HashSuffix[7])
-		fields = sig.HashSuffix[:8+hashedSubpacketsLen]
-	} else {
-		hashedSubpacketsLen := uint16(uint16(sig.HashSuffix[4])<<8) |
-			uint16(sig.HashSuffix[5])
-		fields = sig.HashSuffix[:6+hashedSubpacketsLen]
-
-	}
-	_, err = w.Write(fields)
-	if err != nil {
-		return
-	}
-
-	unhashedSubpacketsLen := subpacketsLength(sig.outSubpackets, false)
-	var unhashedSubpackets []byte
-	if sig.Version == 6 {
-		unhashedSubpackets = make([]byte, 4+unhashedSubpacketsLen)
-		unhashedSubpackets[0] = byte(unhashedSubpacketsLen >> 24)
-		unhashedSubpackets[1] = byte(unhashedSubpacketsLen >> 16)
-		unhashedSubpackets[2] = byte(unhashedSubpacketsLen >> 8)
-		unhashedSubpackets[3] = byte(unhashedSubpacketsLen)
-		serializeSubpackets(unhashedSubpackets[4:], sig.outSubpackets, false)
-	} else {
-		unhashedSubpackets = make([]byte, 2+unhashedSubpacketsLen)
-		unhashedSubpackets[0] = byte(unhashedSubpacketsLen >> 8)
-		unhashedSubpackets[1] = byte(unhashedSubpacketsLen)
-		serializeSubpackets(unhashedSubpackets[2:], sig.outSubpackets, false)
-	}
-
-	_, err = w.Write(unhashedSubpackets)
-	if err != nil {
-		return
-	}
-	_, err = w.Write(sig.HashTag[:])
-	if err != nil {
-		return
-	}
-
-	if sig.Version == 6 {
-		// write salt for v6 signatures
-		_, err = w.Write([]byte{uint8(len(sig.salt))})
-		if err != nil {
-			return
-		}
-		_, err = w.Write(sig.salt)
-		if err != nil {
-			return
-		}
-	}
-
-	switch sig.PubKeyAlgo {
-	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
-		_, err = w.Write(sig.RSASignature.EncodedBytes())
-	case PubKeyAlgoDSA:
-		if _, err = w.Write(sig.DSASigR.EncodedBytes()); err != nil {
-			return
-		}
-		_, err = w.Write(sig.DSASigS.EncodedBytes())
-	case PubKeyAlgoECDSA:
-		if _, err = w.Write(sig.ECDSASigR.EncodedBytes()); err != nil {
-			return
-		}
-		_, err = w.Write(sig.ECDSASigS.EncodedBytes())
-	case PubKeyAlgoEdDSA:
-		if _, err = w.Write(sig.EdDSASigR.EncodedBytes()); err != nil {
-			return
-		}
-		_, err = w.Write(sig.EdDSASigS.EncodedBytes())
-	case PubKeyAlgoEd25519:
-		err = ed25519.WriteSignature(w, sig.EdSig)
-	case PubKeyAlgoEd448:
-		err = ed448.WriteSignature(w, sig.EdSig)
-	default:
-		panic("impossible")
-	}
-	return
-}
-
-// outputSubpacket represents a subpacket to be marshaled.
-type outputSubpacket struct {
-	hashed        bool // true if this subpacket is in the hashed area.
-	subpacketType signatureSubpacketType
-	isCritical    bool
-	contents      []byte
-}
-
-func (sig *Signature) buildSubpackets(issuer PublicKey) (subpackets []outputSubpacket, err error) {
-	creationTime := make([]byte, 4)
-	binary.BigEndian.PutUint32(creationTime, uint32(sig.CreationTime.Unix()))
-	// Signature Creation Time
-	subpackets = append(subpackets, outputSubpacket{true, creationTimeSubpacket, true, creationTime})
-	// Signature Expiration Time
-	if sig.SigLifetimeSecs != nil && *sig.SigLifetimeSecs != 0 {
-		sigLifetime := make([]byte, 4)
-		binary.BigEndian.PutUint32(sigLifetime, *sig.SigLifetimeSecs)
-		subpackets = append(subpackets, outputSubpacket{true, signatureExpirationSubpacket, true, sigLifetime})
-	}
-	// Trust Signature
-	if sig.TrustLevel != 0 {
-		subpackets = append(subpackets, outputSubpacket{true, trustSubpacket, true, []byte{byte(sig.TrustLevel), byte(sig.TrustAmount)}})
-	}
-	// Regular Expression
-	if sig.TrustRegularExpression != nil {
-		// RFC specifies the string should be null-terminated; add a null byte to the end
-		subpackets = append(subpackets, outputSubpacket{true, regularExpressionSubpacket, true, []byte(*sig.TrustRegularExpression + "\000")})
-	}
-	// Key Expiration Time
-	if sig.KeyLifetimeSecs != nil && *sig.KeyLifetimeSecs != 0 {
-		keyLifetime := make([]byte, 4)
-		binary.BigEndian.PutUint32(keyLifetime, *sig.KeyLifetimeSecs)
-		subpackets = append(subpackets, outputSubpacket{true, keyExpirationSubpacket, true, keyLifetime})
-	}
-	// Preferred Symmetric Ciphers for v1 SEIPD
-	if len(sig.PreferredSymmetric) > 0 {
-		subpackets = append(subpackets, outputSubpacket{true, prefSymmetricAlgosSubpacket, false, sig.PreferredSymmetric})
-	}
-	// Issuer Key ID
-	if sig.IssuerKeyId != nil && sig.Version == 4 {
-		keyId := make([]byte, 8)
-		binary.BigEndian.PutUint64(keyId, *sig.IssuerKeyId)
-		subpackets = append(subpackets, outputSubpacket{true, issuerSubpacket, true, keyId})
-	}
-	// Notation Data
-	for _, notation := range sig.Notations {
-		subpackets = append(
-			subpackets,
-			outputSubpacket{
-				true,
-				notationDataSubpacket,
-				notation.IsCritical,
-				notation.getData(),
-			})
-	}
-	// Preferred Hash Algorithms
-	if len(sig.PreferredHash) > 0 {
-		subpackets = append(subpackets, outputSubpacket{true, prefHashAlgosSubpacket, false, sig.PreferredHash})
-	}
-	// Preferred Compression Algorithms
-	if len(sig.PreferredCompression) > 0 {
-		subpackets = append(subpackets, outputSubpacket{true, prefCompressionSubpacket, false, sig.PreferredCompression})
-	}
-	// Keyserver Preferences
-	// Keyserver preferences may only appear in self-signatures or certification signatures.
-	if sig.KeyserverPrefsValid {
-		var prefs byte
-		if sig.KeyserverPrefNoModify {
-			prefs |= KeyserverPrefNoModify
-		}
-		subpackets = append(subpackets, outputSubpacket{true, keyserverPrefsSubpacket, false, []byte{prefs}})
-	}
-	// Preferred Keyserver
-	if len(sig.PreferredKeyserver) > 0 {
-		subpackets = append(subpackets, outputSubpacket{true, prefKeyserverSubpacket, false, []uint8(sig.PreferredKeyserver)})
-	}
-	// Primary User ID
-	if sig.IsPrimaryId != nil && *sig.IsPrimaryId {
-		subpackets = append(subpackets, outputSubpacket{true, primaryUserIdSubpacket, false, []byte{1}})
-	}
-	// Policy URI
-	if len(sig.PolicyURI) > 0 {
-		subpackets = append(subpackets, outputSubpacket{true, policyUriSubpacket, false, []uint8(sig.PolicyURI)})
-	}
-	// Key Flags
-	// Key flags may only appear in self-signatures or certification signatures.
-	if sig.FlagsValid {
-		var flags byte
-		if sig.FlagCertify {
-			flags |= KeyFlagCertify
-		}
-		if sig.FlagSign {
-			flags |= KeyFlagSign
-		}
-		if sig.FlagEncryptCommunications {
-			flags |= KeyFlagEncryptCommunications
-		}
-		if sig.FlagEncryptStorage {
-			flags |= KeyFlagEncryptStorage
-		}
-		if sig.FlagSplitKey {
-			flags |= KeyFlagSplitKey
-		}
-		if sig.FlagAuthenticate {
-			flags |= KeyFlagAuthenticate
-		}
-		if sig.FlagGroupKey {
-			flags |= KeyFlagGroupKey
-		}
-		subpackets = append(subpackets, outputSubpacket{true, keyFlagsSubpacket, true, []byte{flags}})
-	}
-	// Signer's User ID
-	if sig.SignerUserId != nil {
-		subpackets = append(subpackets, outputSubpacket{true, signerUserIdSubpacket, false, []byte(*sig.SignerUserId)})
-	}
-	// Reason for Revocation
-	// Revocation reason appears only in revocation signatures and is serialized as per section 5.2.3.31.
-	if sig.RevocationReason != nil {
-		subpackets = append(subpackets, outputSubpacket{true, reasonForRevocationSubpacket, true,
-			append([]uint8{uint8(*sig.RevocationReason)}, []uint8(sig.RevocationReasonText)...)})
-	}
-	// Features
-	var features = byte(0x00)
-	if sig.SEIPDv1 {
-		features |= 0x01
-	}
-	if sig.SEIPDv2 {
-		features |= 0x08
-	}
-	if features != 0x00 {
-		subpackets = append(subpackets, outputSubpacket{true, featuresSubpacket, false, []byte{features}})
-	}
-	// Embedded Signature
-	// EmbeddedSignature appears only in subkeys capable of signing and is serialized as per section 5.2.3.34.
-	if sig.EmbeddedSignature != nil {
-		var buf bytes.Buffer
-		err = sig.EmbeddedSignature.serializeBody(&buf)
-		if err != nil {
-			return
-		}
-		subpackets = append(subpackets, outputSubpacket{true, embeddedSignatureSubpacket, true, buf.Bytes()})
-	}
-	// Issuer Fingerprint
-	if sig.IssuerFingerprint != nil {
-		contents := append([]uint8{uint8(issuer.Version)}, sig.IssuerFingerprint...)
-		subpackets = append(subpackets, outputSubpacket{true, issuerFingerprintSubpacket, sig.Version >= 5, contents})
-	}
-	// Intended Recipient Fingerprint
-	for _, recipient := range sig.IntendedRecipients {
-		subpackets = append(
-			subpackets,
-			outputSubpacket{
-				true,
-				intendedRecipientSubpacket,
-				false,
-				recipient.Serialize(),
-			})
-	}
-	// Preferred AEAD Ciphersuites
-	if len(sig.PreferredCipherSuites) > 0 {
-		serialized := make([]byte, len(sig.PreferredCipherSuites)*2)
-		for i, cipherSuite := range sig.PreferredCipherSuites {
-			serialized[2*i] = cipherSuite[0]
-			serialized[2*i+1] = cipherSuite[1]
-		}
-		subpackets = append(subpackets, outputSubpacket{true, prefCipherSuitesSubpacket, false, serialized})
-	}
-	return
-}
-
-// AddMetadataToHashSuffix modifies the current hash suffix to include metadata
-// (format, filename, and time). Version 5 keys protect this data including it
-// in the hash computation. See section 5.2.4.
-func (sig *Signature) AddMetadataToHashSuffix() {
-	if sig == nil || sig.Version != 5 {
-		return
-	}
-	if sig.SigType != 0x00 && sig.SigType != 0x01 {
-		return
-	}
-	lit := sig.Metadata
-	if lit == nil {
-		// This will translate into six 0x00 bytes.
-		lit = &LiteralData{}
-	}
-
-	// Extract the current byte count
-	n := sig.HashSuffix[len(sig.HashSuffix)-8:]
-	l := uint64(
-		uint64(n[0])<<56 | uint64(n[1])<<48 | uint64(n[2])<<40 | uint64(n[3])<<32 |
-			uint64(n[4])<<24 | uint64(n[5])<<16 | uint64(n[6])<<8 | uint64(n[7]))
-
-	suffix := bytes.NewBuffer(nil)
-	suffix.Write(sig.HashSuffix[:l])
-
-	// Add the metadata
-	var buf [4]byte
-	buf[0] = lit.Format
-	fileName := lit.FileName
-	if len(lit.FileName) > 255 {
-		fileName = fileName[:255]
-	}
-	buf[1] = byte(len(fileName))
-	suffix.Write(buf[:2])
-	suffix.Write([]byte(lit.FileName))
-	binary.BigEndian.PutUint32(buf[:], lit.Time)
-	suffix.Write(buf[:])
-
-	suffix.Write([]byte{0x05, 0xff})
-	suffix.Write([]byte{
-		uint8(l >> 56), uint8(l >> 48), uint8(l >> 40), uint8(l >> 32),
-		uint8(l >> 24), uint8(l >> 16), uint8(l >> 8), uint8(l),
-	})
-	sig.HashSuffix = suffix.Bytes()
-}
-
-// SaltLengthForHash selects the required salt length for the given hash algorithm,
-// as per Table 23 (Hash algorithm registry) of the crypto refresh.
-// See RFC 9580 Section 9.5.
-func SaltLengthForHash(hash crypto.Hash) (int, error) {
-	switch hash {
-	case crypto.SHA256, crypto.SHA224, crypto.SHA3_256:
-		return 16, nil
-	case crypto.SHA384:
-		return 24, nil
-	case crypto.SHA512, crypto.SHA3_512:
-		return 32, nil
-	default:
-		return 0, errors.UnsupportedError("hash function not supported for V6 signatures")
-	}
-}
-
-// SignatureSaltForHash generates a random signature salt
-// with the length for the given hash algorithm.
-// See RFC 9580 Section 9.5.
-func SignatureSaltForHash(hash crypto.Hash, randReader io.Reader) ([]byte, error) {
-	saltLength, err := SaltLengthForHash(hash)
-	if err != nil {
-		return nil, err
-	}
-	salt := make([]byte, saltLength)
-	_, err = io.ReadFull(randReader, salt)
-	if err != nil {
-		return nil, err
-	}
-	return salt, nil
-}
-
-// removeNotationsWithName removes all notations in this signature with the given name.
-func (sig *Signature) removeNotationsWithName(name string) {
-	if sig == nil || sig.Notations == nil {
-		return
-	}
-	updatedNotations := make([]*Notation, 0, len(sig.Notations))
-	for _, notation := range sig.Notations {
-		if notation.Name != name {
-			updatedNotations = append(updatedNotations, notation)
-		}
-	}
-	sig.Notations = updatedNotations
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetric_key_encrypted.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetric_key_encrypted.go
deleted file mode 100644
index 2812a1db88..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetric_key_encrypted.go
+++ /dev/null
@@ -1,331 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"bytes"
-	"crypto/cipher"
-	"crypto/sha256"
-	"io"
-	"strconv"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/s2k"
-	"golang.org/x/crypto/hkdf"
-)
-
-// This is the largest session key that we'll support. Since at most 256-bit cipher
-// is supported in OpenPGP, this is large enough to contain also the auth tag.
-const maxSessionKeySizeInBytes = 64
-
-// SymmetricKeyEncrypted represents a passphrase protected session key. See RFC
-// 4880, section 5.3.
-type SymmetricKeyEncrypted struct {
-	Version      int
-	CipherFunc   CipherFunction
-	Mode         AEADMode
-	s2k          func(out, in []byte)
-	iv           []byte
-	encryptedKey []byte // Contains also the authentication tag for AEAD
-}
-
-// parse parses an SymmetricKeyEncrypted packet as specified in
-// https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#name-symmetric-key-encrypted-ses
-func (ske *SymmetricKeyEncrypted) parse(r io.Reader) error {
-	var buf [1]byte
-
-	// Version
-	if _, err := readFull(r, buf[:]); err != nil {
-		return err
-	}
-	ske.Version = int(buf[0])
-	if ske.Version != 4 && ske.Version != 5 && ske.Version != 6 {
-		return errors.UnsupportedError("unknown SymmetricKeyEncrypted version")
-	}
-
-	if V5Disabled && ske.Version == 5 {
-		return errors.UnsupportedError("support for parsing v5 entities is disabled; build with `-tags v5` if needed")
-	}
-
-	if ske.Version > 5 {
-		// Scalar octet count
-		if _, err := readFull(r, buf[:]); err != nil {
-			return err
-		}
-	}
-
-	// Cipher function
-	if _, err := readFull(r, buf[:]); err != nil {
-		return err
-	}
-	ske.CipherFunc = CipherFunction(buf[0])
-	if !ske.CipherFunc.IsSupported() {
-		return errors.UnsupportedError("unknown cipher: " + strconv.Itoa(int(buf[0])))
-	}
-
-	if ske.Version >= 5 {
-		// AEAD mode
-		if _, err := readFull(r, buf[:]); err != nil {
-			return errors.StructuralError("cannot read AEAD octet from packet")
-		}
-		ske.Mode = AEADMode(buf[0])
-	}
-
-	if ske.Version > 5 {
-		// Scalar octet count
-		if _, err := readFull(r, buf[:]); err != nil {
-			return err
-		}
-	}
-
-	var err error
-	if ske.s2k, err = s2k.Parse(r); err != nil {
-		if _, ok := err.(errors.ErrDummyPrivateKey); ok {
-			return errors.UnsupportedError("missing key GNU extension in session key")
-		}
-		return err
-	}
-
-	if ske.Version >= 5 {
-		// AEAD IV
-		iv := make([]byte, ske.Mode.IvLength())
-		_, err := readFull(r, iv)
-		if err != nil {
-			return errors.StructuralError("cannot read AEAD IV")
-		}
-
-		ske.iv = iv
-	}
-
-	encryptedKey := make([]byte, maxSessionKeySizeInBytes)
-	// The session key may follow. We just have to try and read to find
-	// out. If it exists then we limit it to maxSessionKeySizeInBytes.
-	n, err := readFull(r, encryptedKey)
-	if err != nil && err != io.ErrUnexpectedEOF {
-		return err
-	}
-
-	if n != 0 {
-		if n == maxSessionKeySizeInBytes {
-			return errors.UnsupportedError("oversized encrypted session key")
-		}
-		ske.encryptedKey = encryptedKey[:n]
-	}
-	return nil
-}
-
-// Decrypt attempts to decrypt an encrypted session key and returns the key and
-// the cipher to use when decrypting a subsequent Symmetrically Encrypted Data
-// packet.
-func (ske *SymmetricKeyEncrypted) Decrypt(passphrase []byte) ([]byte, CipherFunction, error) {
-	key := make([]byte, ske.CipherFunc.KeySize())
-	ske.s2k(key, passphrase)
-	if len(ske.encryptedKey) == 0 {
-		return key, ske.CipherFunc, nil
-	}
-	switch ske.Version {
-	case 4:
-		plaintextKey, cipherFunc, err := ske.decryptV4(key)
-		return plaintextKey, cipherFunc, err
-	case 5, 6:
-		plaintextKey, err := ske.aeadDecrypt(ske.Version, key)
-		return plaintextKey, CipherFunction(0), err
-	}
-	err := errors.UnsupportedError("unknown SymmetricKeyEncrypted version")
-	return nil, CipherFunction(0), err
-}
-
-func (ske *SymmetricKeyEncrypted) decryptV4(key []byte) ([]byte, CipherFunction, error) {
-	// the IV is all zeros
-	iv := make([]byte, ske.CipherFunc.blockSize())
-	c := cipher.NewCFBDecrypter(ske.CipherFunc.new(key), iv)
-	plaintextKey := make([]byte, len(ske.encryptedKey))
-	c.XORKeyStream(plaintextKey, ske.encryptedKey)
-	cipherFunc := CipherFunction(plaintextKey[0])
-	if cipherFunc.blockSize() == 0 {
-		return nil, ske.CipherFunc, errors.UnsupportedError(
-			"unknown cipher: " + strconv.Itoa(int(cipherFunc)))
-	}
-	plaintextKey = plaintextKey[1:]
-	if len(plaintextKey) != cipherFunc.KeySize() {
-		return nil, cipherFunc, errors.StructuralError(
-			"length of decrypted key not equal to cipher keysize")
-	}
-	return plaintextKey, cipherFunc, nil
-}
-
-func (ske *SymmetricKeyEncrypted) aeadDecrypt(version int, key []byte) ([]byte, error) {
-	adata := []byte{0xc3, byte(version), byte(ske.CipherFunc), byte(ske.Mode)}
-	aead := getEncryptedKeyAeadInstance(ske.CipherFunc, ske.Mode, key, adata, version)
-
-	plaintextKey, err := aead.Open(nil, ske.iv, ske.encryptedKey, adata)
-	if err != nil {
-		return nil, err
-	}
-	return plaintextKey, nil
-}
-
-// SerializeSymmetricKeyEncrypted serializes a symmetric key packet to w.
-// The packet contains a random session key, encrypted by a key derived from
-// the given passphrase. The session key is returned and must be passed to
-// SerializeSymmetricallyEncrypted.
-// If config is nil, sensible defaults will be used.
-func SerializeSymmetricKeyEncrypted(w io.Writer, passphrase []byte, config *Config) (key []byte, err error) {
-	cipherFunc := config.Cipher()
-
-	sessionKey := make([]byte, cipherFunc.KeySize())
-	_, err = io.ReadFull(config.Random(), sessionKey)
-	if err != nil {
-		return
-	}
-
-	err = SerializeSymmetricKeyEncryptedReuseKey(w, sessionKey, passphrase, config)
-	if err != nil {
-		return
-	}
-
-	key = sessionKey
-	return
-}
-
-// SerializeSymmetricKeyEncryptedReuseKey serializes a symmetric key packet to w.
-// The packet contains the given session key, encrypted by a key derived from
-// the given passphrase. The returned session key must be passed to
-// SerializeSymmetricallyEncrypted.
-// If config is nil, sensible defaults will be used.
-// Deprecated: Use SerializeSymmetricKeyEncryptedAEADReuseKey instead.
-func SerializeSymmetricKeyEncryptedReuseKey(w io.Writer, sessionKey []byte, passphrase []byte, config *Config) (err error) {
-	return SerializeSymmetricKeyEncryptedAEADReuseKey(w, sessionKey, passphrase, config.AEAD() != nil, config)
-}
-
-// SerializeSymmetricKeyEncryptedAEADReuseKey serializes a symmetric key packet to w.
-// The packet contains the given session key, encrypted by a key derived from
-// the given passphrase. The returned session key must be passed to
-// SerializeSymmetricallyEncrypted.
-// If aeadSupported is set, SKESK v6 is used, otherwise v4.
-// Note: aeadSupported MUST match the value passed to SerializeSymmetricallyEncrypted.
-// If config is nil, sensible defaults will be used.
-func SerializeSymmetricKeyEncryptedAEADReuseKey(w io.Writer, sessionKey []byte, passphrase []byte, aeadSupported bool, config *Config) (err error) {
-	var version int
-	if aeadSupported {
-		version = 6
-	} else {
-		version = 4
-	}
-	cipherFunc := config.Cipher()
-	// cipherFunc must be AES
-	if !cipherFunc.IsSupported() || cipherFunc < CipherAES128 || cipherFunc > CipherAES256 {
-		return errors.UnsupportedError("unsupported cipher: " + strconv.Itoa(int(cipherFunc)))
-	}
-
-	keySize := cipherFunc.KeySize()
-	s2kBuf := new(bytes.Buffer)
-	keyEncryptingKey := make([]byte, keySize)
-	// s2k.Serialize salts and stretches the passphrase, and writes the
-	// resulting key to keyEncryptingKey and the s2k descriptor to s2kBuf.
-	err = s2k.Serialize(s2kBuf, keyEncryptingKey, config.Random(), passphrase, config.S2K())
-	if err != nil {
-		return
-	}
-	s2kBytes := s2kBuf.Bytes()
-
-	var packetLength int
-	switch version {
-	case 4:
-		packetLength = 2 /* header */ + len(s2kBytes) + 1 /* cipher type */ + keySize
-	case 5, 6:
-		ivLen := config.AEAD().Mode().IvLength()
-		tagLen := config.AEAD().Mode().TagLength()
-		packetLength = 3 + len(s2kBytes) + ivLen + keySize + tagLen
-	}
-	if version > 5 {
-		packetLength += 2 // additional octet count fields
-	}
-
-	err = serializeHeader(w, packetTypeSymmetricKeyEncrypted, packetLength)
-	if err != nil {
-		return
-	}
-
-	// Symmetric Key Encrypted Version
-	buf := []byte{byte(version)}
-
-	if version > 5 {
-		// Scalar octet count
-		buf = append(buf, byte(3+len(s2kBytes)+config.AEAD().Mode().IvLength()))
-	}
-
-	// Cipher function
-	buf = append(buf, byte(cipherFunc))
-
-	if version >= 5 {
-		// AEAD mode
-		buf = append(buf, byte(config.AEAD().Mode()))
-	}
-	if version > 5 {
-		// Scalar octet count
-		buf = append(buf, byte(len(s2kBytes)))
-	}
-	_, err = w.Write(buf)
-	if err != nil {
-		return
-	}
-	_, err = w.Write(s2kBytes)
-	if err != nil {
-		return
-	}
-
-	switch version {
-	case 4:
-		iv := make([]byte, cipherFunc.blockSize())
-		c := cipher.NewCFBEncrypter(cipherFunc.new(keyEncryptingKey), iv)
-		encryptedCipherAndKey := make([]byte, keySize+1)
-		c.XORKeyStream(encryptedCipherAndKey, buf[1:])
-		c.XORKeyStream(encryptedCipherAndKey[1:], sessionKey)
-		_, err = w.Write(encryptedCipherAndKey)
-		if err != nil {
-			return
-		}
-	case 5, 6:
-		mode := config.AEAD().Mode()
-		adata := []byte{0xc3, byte(version), byte(cipherFunc), byte(mode)}
-		aead := getEncryptedKeyAeadInstance(cipherFunc, mode, keyEncryptingKey, adata, version)
-
-		// Sample iv using random reader
-		iv := make([]byte, config.AEAD().Mode().IvLength())
-		_, err = io.ReadFull(config.Random(), iv)
-		if err != nil {
-			return
-		}
-		// Seal and write (encryptedData includes auth. tag)
-
-		encryptedData := aead.Seal(nil, iv, sessionKey, adata)
-		_, err = w.Write(iv)
-		if err != nil {
-			return
-		}
-		_, err = w.Write(encryptedData)
-		if err != nil {
-			return
-		}
-	}
-
-	return
-}
-
-func getEncryptedKeyAeadInstance(c CipherFunction, mode AEADMode, inputKey, associatedData []byte, version int) (aead cipher.AEAD) {
-	var blockCipher cipher.Block
-	if version > 5 {
-		hkdfReader := hkdf.New(sha256.New, inputKey, []byte{}, associatedData)
-
-		encryptionKey := make([]byte, c.KeySize())
-		_, _ = readFull(hkdfReader, encryptionKey)
-
-		blockCipher = c.new(encryptionKey)
-	} else {
-		blockCipher = c.new(inputKey)
-	}
-	return mode.new(blockCipher)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted.go
deleted file mode 100644
index 0e898742cf..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted.go
+++ /dev/null
@@ -1,94 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-const aeadSaltSize = 32
-
-// SymmetricallyEncrypted represents a symmetrically encrypted byte string. The
-// encrypted Contents will consist of more OpenPGP packets. See RFC 4880,
-// sections 5.7 and 5.13.
-type SymmetricallyEncrypted struct {
-	Version            int
-	Contents           io.Reader // contains tag for version 2
-	IntegrityProtected bool      // If true it is type 18 (with MDC or AEAD). False is packet type 9
-
-	// Specific to version 1
-	prefix []byte
-
-	// Specific to version 2
-	Cipher        CipherFunction
-	Mode          AEADMode
-	ChunkSizeByte byte
-	Salt          [aeadSaltSize]byte
-}
-
-const (
-	symmetricallyEncryptedVersionMdc  = 1
-	symmetricallyEncryptedVersionAead = 2
-)
-
-func (se *SymmetricallyEncrypted) parse(r io.Reader) error {
-	if se.IntegrityProtected {
-		// See RFC 4880, section 5.13.
-		var buf [1]byte
-		_, err := readFull(r, buf[:])
-		if err != nil {
-			return err
-		}
-
-		switch buf[0] {
-		case symmetricallyEncryptedVersionMdc:
-			se.Version = symmetricallyEncryptedVersionMdc
-		case symmetricallyEncryptedVersionAead:
-			se.Version = symmetricallyEncryptedVersionAead
-			if err := se.parseAead(r); err != nil {
-				return err
-			}
-		default:
-			return errors.UnsupportedError("unknown SymmetricallyEncrypted version")
-		}
-	}
-	se.Contents = r
-	return nil
-}
-
-// Decrypt returns a ReadCloser, from which the decrypted Contents of the
-// packet can be read. An incorrect key will only be detected after trying
-// to decrypt the entire data.
-func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, error) {
-	if se.Version == symmetricallyEncryptedVersionAead {
-		return se.decryptAead(key)
-	}
-
-	return se.decryptMdc(c, key)
-}
-
-// SerializeSymmetricallyEncrypted serializes a symmetrically encrypted packet
-// to w and returns a WriteCloser to which the to-be-encrypted packets can be
-// written.
-// If aeadSupported is set to true, SEIPDv2 is used with the indicated CipherSuite.
-// Otherwise, SEIPDv1 is used with the indicated CipherFunction.
-// Note: aeadSupported MUST match the value passed to SerializeEncryptedKeyAEAD
-// and/or SerializeSymmetricKeyEncryptedAEADReuseKey.
-// If config is nil, sensible defaults will be used.
-func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, aeadSupported bool, cipherSuite CipherSuite, key []byte, config *Config) (Contents io.WriteCloser, err error) {
-	writeCloser := noOpCloser{w}
-	ciphertext, err := serializeStreamHeader(writeCloser, packetTypeSymmetricallyEncryptedIntegrityProtected)
-	if err != nil {
-		return
-	}
-
-	if aeadSupported {
-		return serializeSymmetricallyEncryptedAead(ciphertext, cipherSuite, config.AEADConfig.ChunkSizeByte(), config.Random(), key)
-	}
-
-	return serializeSymmetricallyEncryptedMdc(ciphertext, c, key, config)
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted_aead.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted_aead.go
deleted file mode 100644
index 3ddc4fe4a9..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted_aead.go
+++ /dev/null
@@ -1,168 +0,0 @@
-// Copyright 2023 Proton AG. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"crypto/cipher"
-	"crypto/sha256"
-	"fmt"
-	"io"
-	"strconv"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"golang.org/x/crypto/hkdf"
-)
-
-// parseAead parses a V2 SEIPD packet (AEAD) as specified in
-// https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-5.13.2
-func (se *SymmetricallyEncrypted) parseAead(r io.Reader) error {
-	headerData := make([]byte, 3)
-	if n, err := io.ReadFull(r, headerData); n < 3 {
-		return errors.StructuralError("could not read aead header: " + err.Error())
-	}
-
-	// Cipher
-	se.Cipher = CipherFunction(headerData[0])
-	// cipherFunc must have block size 16 to use AEAD
-	if se.Cipher.blockSize() != 16 {
-		return errors.UnsupportedError("invalid aead cipher: " + strconv.Itoa(int(se.Cipher)))
-	}
-
-	// Mode
-	se.Mode = AEADMode(headerData[1])
-	if se.Mode.TagLength() == 0 {
-		return errors.UnsupportedError("unknown aead mode: " + strconv.Itoa(int(se.Mode)))
-	}
-
-	// Chunk size
-	se.ChunkSizeByte = headerData[2]
-	if se.ChunkSizeByte > 16 {
-		return errors.UnsupportedError("invalid aead chunk size byte: " + strconv.Itoa(int(se.ChunkSizeByte)))
-	}
-
-	// Salt
-	if n, err := io.ReadFull(r, se.Salt[:]); n < aeadSaltSize {
-		return errors.StructuralError("could not read aead salt: " + err.Error())
-	}
-
-	return nil
-}
-
-// associatedData for chunks: tag, version, cipher, mode, chunk size byte
-func (se *SymmetricallyEncrypted) associatedData() []byte {
-	return []byte{
-		0xD2,
-		symmetricallyEncryptedVersionAead,
-		byte(se.Cipher),
-		byte(se.Mode),
-		se.ChunkSizeByte,
-	}
-}
-
-// decryptAead decrypts a V2 SEIPD packet (AEAD) as specified in
-// https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-5.13.2
-func (se *SymmetricallyEncrypted) decryptAead(inputKey []byte) (io.ReadCloser, error) {
-	if se.Cipher.KeySize() != len(inputKey) {
-		return nil, errors.StructuralError(fmt.Sprintf("invalid session key length for cipher: got %d bytes, but expected %d bytes", len(inputKey), se.Cipher.KeySize()))
-	}
-
-	aead, nonce := getSymmetricallyEncryptedAeadInstance(se.Cipher, se.Mode, inputKey, se.Salt[:], se.associatedData())
-	// Carry the first tagLen bytes
-	chunkSize := decodeAEADChunkSize(se.ChunkSizeByte)
-	tagLen := se.Mode.TagLength()
-	chunkBytes := make([]byte, chunkSize+tagLen*2)
-	peekedBytes := chunkBytes[chunkSize+tagLen:]
-	n, err := io.ReadFull(se.Contents, peekedBytes)
-	if n < tagLen || (err != nil && err != io.EOF) {
-		return nil, errors.StructuralError("not enough data to decrypt:" + err.Error())
-	}
-
-	return &aeadDecrypter{
-		aeadCrypter: aeadCrypter{
-			aead:           aead,
-			chunkSize:      decodeAEADChunkSize(se.ChunkSizeByte),
-			nonce:          nonce,
-			associatedData: se.associatedData(),
-			chunkIndex:     nonce[len(nonce)-8:],
-			packetTag:      packetTypeSymmetricallyEncryptedIntegrityProtected,
-		},
-		reader:      se.Contents,
-		chunkBytes:  chunkBytes,
-		peekedBytes: peekedBytes,
-	}, nil
-}
-
-// serializeSymmetricallyEncryptedAead encrypts to a writer a V2 SEIPD packet (AEAD) as specified in
-// https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-5.13.2
-func serializeSymmetricallyEncryptedAead(ciphertext io.WriteCloser, cipherSuite CipherSuite, chunkSizeByte byte, rand io.Reader, inputKey []byte) (Contents io.WriteCloser, err error) {
-	// cipherFunc must have block size 16 to use AEAD
-	if cipherSuite.Cipher.blockSize() != 16 {
-		return nil, errors.InvalidArgumentError("invalid aead cipher function")
-	}
-
-	if cipherSuite.Cipher.KeySize() != len(inputKey) {
-		return nil, errors.InvalidArgumentError("error in aead serialization: bad key length")
-	}
-
-	// Data for en/decryption: tag, version, cipher, aead mode, chunk size
-	prefix := []byte{
-		0xD2,
-		symmetricallyEncryptedVersionAead,
-		byte(cipherSuite.Cipher),
-		byte(cipherSuite.Mode),
-		chunkSizeByte,
-	}
-
-	// Write header (that correspond to prefix except first byte)
-	n, err := ciphertext.Write(prefix[1:])
-	if err != nil || n < 4 {
-		return nil, err
-	}
-
-	// Random salt
-	salt := make([]byte, aeadSaltSize)
-	if _, err := io.ReadFull(rand, salt); err != nil {
-		return nil, err
-	}
-
-	if _, err := ciphertext.Write(salt); err != nil {
-		return nil, err
-	}
-
-	aead, nonce := getSymmetricallyEncryptedAeadInstance(cipherSuite.Cipher, cipherSuite.Mode, inputKey, salt, prefix)
-
-	chunkSize := decodeAEADChunkSize(chunkSizeByte)
-	tagLen := aead.Overhead()
-	chunkBytes := make([]byte, chunkSize+tagLen)
-	return &aeadEncrypter{
-		aeadCrypter: aeadCrypter{
-			aead:           aead,
-			chunkSize:      chunkSize,
-			associatedData: prefix,
-			nonce:          nonce,
-			chunkIndex:     nonce[len(nonce)-8:],
-			packetTag:      packetTypeSymmetricallyEncryptedIntegrityProtected,
-		},
-		writer:     ciphertext,
-		chunkBytes: chunkBytes,
-	}, nil
-}
-
-func getSymmetricallyEncryptedAeadInstance(c CipherFunction, mode AEADMode, inputKey, salt, associatedData []byte) (aead cipher.AEAD, nonce []byte) {
-	hkdfReader := hkdf.New(sha256.New, inputKey, salt, associatedData)
-
-	encryptionKey := make([]byte, c.KeySize())
-	_, _ = readFull(hkdfReader, encryptionKey)
-
-	nonce = make([]byte, mode.IvLength())
-
-	// Last 64 bits of nonce are the counter
-	_, _ = readFull(hkdfReader, nonce[:len(nonce)-8])
-
-	blockCipher := c.new(encryptionKey)
-	aead = mode.new(blockCipher)
-
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted_mdc.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted_mdc.go
deleted file mode 100644
index 8b18623684..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted_mdc.go
+++ /dev/null
@@ -1,256 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"crypto/cipher"
-	"crypto/sha1"
-	"crypto/subtle"
-	"hash"
-	"io"
-	"strconv"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-)
-
-// seMdcReader wraps an io.Reader with a no-op Close method.
-type seMdcReader struct {
-	in io.Reader
-}
-
-func (ser seMdcReader) Read(buf []byte) (int, error) {
-	return ser.in.Read(buf)
-}
-
-func (ser seMdcReader) Close() error {
-	return nil
-}
-
-func (se *SymmetricallyEncrypted) decryptMdc(c CipherFunction, key []byte) (io.ReadCloser, error) {
-	if !c.IsSupported() {
-		return nil, errors.UnsupportedError("unsupported cipher: " + strconv.Itoa(int(c)))
-	}
-
-	if len(key) != c.KeySize() {
-		return nil, errors.InvalidArgumentError("SymmetricallyEncrypted: incorrect key length")
-	}
-
-	if se.prefix == nil {
-		se.prefix = make([]byte, c.blockSize()+2)
-		_, err := readFull(se.Contents, se.prefix)
-		if err != nil {
-			return nil, err
-		}
-	} else if len(se.prefix) != c.blockSize()+2 {
-		return nil, errors.InvalidArgumentError("can't try ciphers with different block lengths")
-	}
-
-	ocfbResync := OCFBResync
-	if se.IntegrityProtected {
-		// MDC packets use a different form of OCFB mode.
-		ocfbResync = OCFBNoResync
-	}
-
-	s := NewOCFBDecrypter(c.new(key), se.prefix, ocfbResync)
-
-	plaintext := cipher.StreamReader{S: s, R: se.Contents}
-
-	if se.IntegrityProtected {
-		// IntegrityProtected packets have an embedded hash that we need to check.
-		h := sha1.New()
-		h.Write(se.prefix)
-		return &seMDCReader{in: plaintext, h: h}, nil
-	}
-
-	// Otherwise, we just need to wrap plaintext so that it's a valid ReadCloser.
-	return seMdcReader{plaintext}, nil
-}
-
-const mdcTrailerSize = 1 /* tag byte */ + 1 /* length byte */ + sha1.Size
-
-// An seMDCReader wraps an io.Reader, maintains a running hash and keeps hold
-// of the most recent 22 bytes (mdcTrailerSize). Upon EOF, those bytes form an
-// MDC packet containing a hash of the previous Contents which is checked
-// against the running hash. See RFC 4880, section 5.13.
-type seMDCReader struct {
-	in          io.Reader
-	h           hash.Hash
-	trailer     [mdcTrailerSize]byte
-	scratch     [mdcTrailerSize]byte
-	trailerUsed int
-	error       bool
-	eof         bool
-}
-
-func (ser *seMDCReader) Read(buf []byte) (n int, err error) {
-	if ser.error {
-		err = io.ErrUnexpectedEOF
-		return
-	}
-	if ser.eof {
-		err = io.EOF
-		return
-	}
-
-	// If we haven't yet filled the trailer buffer then we must do that
-	// first.
-	for ser.trailerUsed < mdcTrailerSize {
-		n, err = ser.in.Read(ser.trailer[ser.trailerUsed:])
-		ser.trailerUsed += n
-		if err == io.EOF {
-			if ser.trailerUsed != mdcTrailerSize {
-				n = 0
-				err = io.ErrUnexpectedEOF
-				ser.error = true
-				return
-			}
-			ser.eof = true
-			n = 0
-			return
-		}
-
-		if err != nil {
-			n = 0
-			return
-		}
-	}
-
-	// If it's a short read then we read into a temporary buffer and shift
-	// the data into the caller's buffer.
-	if len(buf) <= mdcTrailerSize {
-		n, err = readFull(ser.in, ser.scratch[:len(buf)])
-		copy(buf, ser.trailer[:n])
-		ser.h.Write(buf[:n])
-		copy(ser.trailer[:], ser.trailer[n:])
-		copy(ser.trailer[mdcTrailerSize-n:], ser.scratch[:])
-		if n < len(buf) {
-			ser.eof = true
-			err = io.EOF
-		}
-		return
-	}
-
-	n, err = ser.in.Read(buf[mdcTrailerSize:])
-	copy(buf, ser.trailer[:])
-	ser.h.Write(buf[:n])
-	copy(ser.trailer[:], buf[n:])
-
-	if err == io.EOF {
-		ser.eof = true
-	}
-	return
-}
-
-// This is a new-format packet tag byte for a type 19 (Integrity Protected) packet.
-const mdcPacketTagByte = byte(0x80) | 0x40 | 19
-
-func (ser *seMDCReader) Close() error {
-	if ser.error {
-		return errors.ErrMDCHashMismatch
-	}
-
-	for !ser.eof {
-		// We haven't seen EOF so we need to read to the end
-		var buf [1024]byte
-		_, err := ser.Read(buf[:])
-		if err == io.EOF {
-			break
-		}
-		if err != nil {
-			return errors.ErrMDCHashMismatch
-		}
-	}
-
-	ser.h.Write(ser.trailer[:2])
-
-	final := ser.h.Sum(nil)
-	if subtle.ConstantTimeCompare(final, ser.trailer[2:]) != 1 {
-		return errors.ErrMDCHashMismatch
-	}
-	// The hash already includes the MDC header, but we still check its value
-	// to confirm encryption correctness
-	if ser.trailer[0] != mdcPacketTagByte || ser.trailer[1] != sha1.Size {
-		return errors.ErrMDCHashMismatch
-	}
-	return nil
-}
-
-// An seMDCWriter writes through to an io.WriteCloser while maintains a running
-// hash of the data written. On close, it emits an MDC packet containing the
-// running hash.
-type seMDCWriter struct {
-	w io.WriteCloser
-	h hash.Hash
-}
-
-func (w *seMDCWriter) Write(buf []byte) (n int, err error) {
-	w.h.Write(buf)
-	return w.w.Write(buf)
-}
-
-func (w *seMDCWriter) Close() (err error) {
-	var buf [mdcTrailerSize]byte
-
-	buf[0] = mdcPacketTagByte
-	buf[1] = sha1.Size
-	w.h.Write(buf[:2])
-	digest := w.h.Sum(nil)
-	copy(buf[2:], digest)
-
-	_, err = w.w.Write(buf[:])
-	if err != nil {
-		return
-	}
-	return w.w.Close()
-}
-
-// noOpCloser is like an ioutil.NopCloser, but for an io.Writer.
-type noOpCloser struct {
-	w io.Writer
-}
-
-func (c noOpCloser) Write(data []byte) (n int, err error) {
-	return c.w.Write(data)
-}
-
-func (c noOpCloser) Close() error {
-	return nil
-}
-
-func serializeSymmetricallyEncryptedMdc(ciphertext io.WriteCloser, c CipherFunction, key []byte, config *Config) (Contents io.WriteCloser, err error) {
-	// Disallow old cipher suites
-	if !c.IsSupported() || c < CipherAES128 {
-		return nil, errors.InvalidArgumentError("invalid mdc cipher function")
-	}
-
-	if c.KeySize() != len(key) {
-		return nil, errors.InvalidArgumentError("error in mdc serialization: bad key length")
-	}
-
-	_, err = ciphertext.Write([]byte{symmetricallyEncryptedVersionMdc})
-	if err != nil {
-		return
-	}
-
-	block := c.new(key)
-	blockSize := block.BlockSize()
-	iv := make([]byte, blockSize)
-	_, err = io.ReadFull(config.Random(), iv)
-	if err != nil {
-		return nil, err
-	}
-	s, prefix := NewOCFBEncrypter(block, iv, OCFBNoResync)
-	_, err = ciphertext.Write(prefix)
-	if err != nil {
-		return
-	}
-	plaintext := cipher.StreamWriter{S: s, W: ciphertext}
-
-	h := sha1.New()
-	h.Write(iv)
-	h.Write(iv[blockSize-2:])
-	Contents = &seMDCWriter{w: plaintext, h: h}
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userattribute.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userattribute.go
deleted file mode 100644
index 63814ed132..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userattribute.go
+++ /dev/null
@@ -1,100 +0,0 @@
-// Copyright 2013 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"bytes"
-	"image"
-	"image/jpeg"
-	"io"
-)
-
-const UserAttrImageSubpacket = 1
-
-// UserAttribute is capable of storing other types of data about a user
-// beyond name, email and a text comment. In practice, user attributes are typically used
-// to store a signed thumbnail photo JPEG image of the user.
-// See RFC 4880, section 5.12.
-type UserAttribute struct {
-	Contents []*OpaqueSubpacket
-}
-
-// NewUserAttributePhoto creates a user attribute packet
-// containing the given images.
-func NewUserAttributePhoto(photos ...image.Image) (uat *UserAttribute, err error) {
-	uat = new(UserAttribute)
-	for _, photo := range photos {
-		var buf bytes.Buffer
-		// RFC 4880, Section 5.12.1.
-		data := []byte{
-			0x10, 0x00, // Little-endian image header length (16 bytes)
-			0x01,       // Image header version 1
-			0x01,       // JPEG
-			0, 0, 0, 0, // 12 reserved octets, must be all zero.
-			0, 0, 0, 0,
-			0, 0, 0, 0}
-		if _, err = buf.Write(data); err != nil {
-			return
-		}
-		if err = jpeg.Encode(&buf, photo, nil); err != nil {
-			return
-		}
-
-		lengthBuf := make([]byte, 5)
-		n := serializeSubpacketLength(lengthBuf, len(buf.Bytes())+1)
-		lengthBuf = lengthBuf[:n]
-
-		uat.Contents = append(uat.Contents, &OpaqueSubpacket{
-			SubType:       UserAttrImageSubpacket,
-			EncodedLength: lengthBuf,
-			Contents:      buf.Bytes(),
-		})
-	}
-	return
-}
-
-// NewUserAttribute creates a new user attribute packet containing the given subpackets.
-func NewUserAttribute(contents ...*OpaqueSubpacket) *UserAttribute {
-	return &UserAttribute{Contents: contents}
-}
-
-func (uat *UserAttribute) parse(r io.Reader) (err error) {
-	// RFC 4880, section 5.13
-	b, err := io.ReadAll(r)
-	if err != nil {
-		return
-	}
-	uat.Contents, err = OpaqueSubpackets(b)
-	return
-}
-
-// Serialize marshals the user attribute to w in the form of an OpenPGP packet, including
-// header.
-func (uat *UserAttribute) Serialize(w io.Writer) (err error) {
-	var buf bytes.Buffer
-	for _, sp := range uat.Contents {
-		err = sp.Serialize(&buf)
-		if err != nil {
-			return err
-		}
-	}
-	if err = serializeHeader(w, packetTypeUserAttribute, buf.Len()); err != nil {
-		return err
-	}
-	_, err = w.Write(buf.Bytes())
-	return
-}
-
-// ImageData returns zero or more byte slices, each containing
-// JPEG File Interchange Format (JFIF), for each photo in the
-// user attribute packet.
-func (uat *UserAttribute) ImageData() (imageData [][]byte) {
-	for _, sp := range uat.Contents {
-		if sp.SubType == UserAttrImageSubpacket && len(sp.Contents) > 16 {
-			imageData = append(imageData, sp.Contents[16:])
-		}
-	}
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userid.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userid.go
deleted file mode 100644
index 3c7451a3c3..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userid.go
+++ /dev/null
@@ -1,166 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package packet
-
-import (
-	"io"
-	"strings"
-)
-
-// UserId contains text that is intended to represent the name and email
-// address of the key holder. See RFC 4880, section 5.11. By convention, this
-// takes the form "Full Name (Comment) <email@example.com>"
-type UserId struct {
-	Id string // By convention, this takes the form "Full Name (Comment) <email@example.com>" which is split out in the fields below.
-
-	Name, Comment, Email string
-}
-
-func hasInvalidCharacters(s string) bool {
-	for _, c := range s {
-		switch c {
-		case '(', ')', '<', '>', 0:
-			return true
-		}
-	}
-	return false
-}
-
-// NewUserId returns a UserId or nil if any of the arguments contain invalid
-// characters. The invalid characters are '\x00', '(', ')', '<' and '>'
-func NewUserId(name, comment, email string) *UserId {
-	// RFC 4880 doesn't deal with the structure of userid strings; the
-	// name, comment and email form is just a convention. However, there's
-	// no convention about escaping the metacharacters and GPG just refuses
-	// to create user ids where, say, the name contains a '('. We mirror
-	// this behaviour.
-
-	if hasInvalidCharacters(name) || hasInvalidCharacters(comment) || hasInvalidCharacters(email) {
-		return nil
-	}
-
-	uid := new(UserId)
-	uid.Name, uid.Comment, uid.Email = name, comment, email
-	uid.Id = name
-	if len(comment) > 0 {
-		if len(uid.Id) > 0 {
-			uid.Id += " "
-		}
-		uid.Id += "("
-		uid.Id += comment
-		uid.Id += ")"
-	}
-	if len(email) > 0 {
-		if len(uid.Id) > 0 {
-			uid.Id += " "
-		}
-		uid.Id += "<"
-		uid.Id += email
-		uid.Id += ">"
-	}
-	return uid
-}
-
-func (uid *UserId) parse(r io.Reader) (err error) {
-	// RFC 4880, section 5.11
-	b, err := io.ReadAll(r)
-	if err != nil {
-		return
-	}
-	uid.Id = string(b)
-	uid.Name, uid.Comment, uid.Email = parseUserId(uid.Id)
-	return
-}
-
-// Serialize marshals uid to w in the form of an OpenPGP packet, including
-// header.
-func (uid *UserId) Serialize(w io.Writer) error {
-	err := serializeHeader(w, packetTypeUserId, len(uid.Id))
-	if err != nil {
-		return err
-	}
-	_, err = w.Write([]byte(uid.Id))
-	return err
-}
-
-// parseUserId extracts the name, comment and email from a user id string that
-// is formatted as "Full Name (Comment) <email@example.com>".
-func parseUserId(id string) (name, comment, email string) {
-	var n, c, e struct {
-		start, end int
-	}
-	var state int
-
-	for offset, rune := range id {
-		switch state {
-		case 0:
-			// Entering name
-			n.start = offset
-			state = 1
-			fallthrough
-		case 1:
-			// In name
-			if rune == '(' {
-				state = 2
-				n.end = offset
-			} else if rune == '<' {
-				state = 5
-				n.end = offset
-			}
-		case 2:
-			// Entering comment
-			c.start = offset
-			state = 3
-			fallthrough
-		case 3:
-			// In comment
-			if rune == ')' {
-				state = 4
-				c.end = offset
-			}
-		case 4:
-			// Between comment and email
-			if rune == '<' {
-				state = 5
-			}
-		case 5:
-			// Entering email
-			e.start = offset
-			state = 6
-			fallthrough
-		case 6:
-			// In email
-			if rune == '>' {
-				state = 7
-				e.end = offset
-			}
-		default:
-			// After email
-		}
-	}
-	switch state {
-	case 1:
-		// ended in the name
-		n.end = len(id)
-	case 3:
-		// ended in comment
-		c.end = len(id)
-	case 6:
-		// ended in email
-		e.end = len(id)
-	}
-
-	name = strings.TrimSpace(id[n.start:n.end])
-	comment = strings.TrimSpace(id[c.start:c.end])
-	email = strings.TrimSpace(id[e.start:e.end])
-
-	// RFC 2822 3.4: alternate simple form of a mailbox
-	if email == "" && strings.ContainsRune(name, '@') {
-		email = name
-		name = ""
-	}
-
-	return
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/read.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/read.go
deleted file mode 100644
index e6dd9b5fd3..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/read.go
+++ /dev/null
@@ -1,619 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package openpgp implements high level operations on OpenPGP messages.
-package openpgp // import "github.com/ProtonMail/go-crypto/openpgp"
-
-import (
-	"crypto"
-	_ "crypto/sha256"
-	_ "crypto/sha512"
-	"hash"
-	"io"
-	"strconv"
-
-	"github.com/ProtonMail/go-crypto/openpgp/armor"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-	"github.com/ProtonMail/go-crypto/openpgp/packet"
-	_ "golang.org/x/crypto/sha3"
-)
-
-// SignatureType is the armor type for a PGP signature.
-var SignatureType = "PGP SIGNATURE"
-
-// readArmored reads an armored block with the given type.
-func readArmored(r io.Reader, expectedType string) (body io.Reader, err error) {
-	block, err := armor.Decode(r)
-	if err != nil {
-		return
-	}
-
-	if block.Type != expectedType {
-		return nil, errors.InvalidArgumentError("expected '" + expectedType + "', got: " + block.Type)
-	}
-
-	return block.Body, nil
-}
-
-// MessageDetails contains the result of parsing an OpenPGP encrypted and/or
-// signed message.
-type MessageDetails struct {
-	IsEncrypted              bool                // true if the message was encrypted.
-	EncryptedToKeyIds        []uint64            // the list of recipient key ids.
-	IsSymmetricallyEncrypted bool                // true if a passphrase could have decrypted the message.
-	DecryptedWith            Key                 // the private key used to decrypt the message, if any.
-	IsSigned                 bool                // true if the message is signed.
-	SignedByKeyId            uint64              // the key id of the signer, if any.
-	SignedByFingerprint      []byte              // the key fingerprint of the signer, if any.
-	SignedBy                 *Key                // the key of the signer, if available.
-	LiteralData              *packet.LiteralData // the metadata of the contents
-	UnverifiedBody           io.Reader           // the contents of the message.
-
-	// If IsSigned is true and SignedBy is non-zero then the signature will
-	// be verified as UnverifiedBody is read. The signature cannot be
-	// checked until the whole of UnverifiedBody is read so UnverifiedBody
-	// must be consumed until EOF before the data can be trusted. Even if a
-	// message isn't signed (or the signer is unknown) the data may contain
-	// an authentication code that is only checked once UnverifiedBody has
-	// been consumed. Once EOF has been seen, the following fields are
-	// valid. (An authentication code failure is reported as a
-	// SignatureError error when reading from UnverifiedBody.)
-	Signature            *packet.Signature   // the signature packet itself.
-	SignatureError       error               // nil if the signature is good.
-	UnverifiedSignatures []*packet.Signature // all other unverified signature packets.
-
-	decrypted io.ReadCloser
-}
-
-// A PromptFunction is used as a callback by functions that may need to decrypt
-// a private key, or prompt for a passphrase. It is called with a list of
-// acceptable, encrypted private keys and a boolean that indicates whether a
-// passphrase is usable. It should either decrypt a private key or return a
-// passphrase to try. If the decrypted private key or given passphrase isn't
-// correct, the function will be called again, forever. Any error returned will
-// be passed up.
-type PromptFunction func(keys []Key, symmetric bool) ([]byte, error)
-
-// A keyEnvelopePair is used to store a private key with the envelope that
-// contains a symmetric key, encrypted with that key.
-type keyEnvelopePair struct {
-	key          Key
-	encryptedKey *packet.EncryptedKey
-}
-
-// ReadMessage parses an OpenPGP message that may be signed and/or encrypted.
-// The given KeyRing should contain both public keys (for signature
-// verification) and, possibly encrypted, private keys for decrypting.
-// If config is nil, sensible defaults will be used.
-func ReadMessage(r io.Reader, keyring KeyRing, prompt PromptFunction, config *packet.Config) (md *MessageDetails, err error) {
-	var p packet.Packet
-
-	var symKeys []*packet.SymmetricKeyEncrypted
-	var pubKeys []keyEnvelopePair
-	// Integrity protected encrypted packet: SymmetricallyEncrypted or AEADEncrypted
-	var edp packet.EncryptedDataPacket
-
-	packets := packet.NewReader(r)
-	md = new(MessageDetails)
-	md.IsEncrypted = true
-
-	// The message, if encrypted, starts with a number of packets
-	// containing an encrypted decryption key. The decryption key is either
-	// encrypted to a public key, or with a passphrase. This loop
-	// collects these packets.
-ParsePackets:
-	for {
-		p, err = packets.Next()
-		if err != nil {
-			return nil, err
-		}
-		switch p := p.(type) {
-		case *packet.SymmetricKeyEncrypted:
-			// This packet contains the decryption key encrypted with a passphrase.
-			md.IsSymmetricallyEncrypted = true
-			symKeys = append(symKeys, p)
-		case *packet.EncryptedKey:
-			// This packet contains the decryption key encrypted to a public key.
-			md.EncryptedToKeyIds = append(md.EncryptedToKeyIds, p.KeyId)
-			switch p.Algo {
-			case packet.PubKeyAlgoRSA, packet.PubKeyAlgoRSAEncryptOnly, packet.PubKeyAlgoElGamal, packet.PubKeyAlgoECDH, packet.PubKeyAlgoX25519, packet.PubKeyAlgoX448:
-				break
-			default:
-				continue
-			}
-			if keyring != nil {
-				var keys []Key
-				if p.KeyId == 0 {
-					keys = keyring.DecryptionKeys()
-				} else {
-					keys = keyring.KeysById(p.KeyId)
-				}
-				for _, k := range keys {
-					pubKeys = append(pubKeys, keyEnvelopePair{k, p})
-				}
-			}
-		case *packet.SymmetricallyEncrypted:
-			if !p.IntegrityProtected && !config.AllowUnauthenticatedMessages() {
-				return nil, errors.UnsupportedError("message is not integrity protected")
-			}
-			edp = p
-			break ParsePackets
-		case *packet.AEADEncrypted:
-			edp = p
-			break ParsePackets
-		case *packet.Compressed, *packet.LiteralData, *packet.OnePassSignature:
-			// This message isn't encrypted.
-			if len(symKeys) != 0 || len(pubKeys) != 0 {
-				return nil, errors.StructuralError("key material not followed by encrypted message")
-			}
-			packets.Unread(p)
-			return readSignedMessage(packets, nil, keyring, config)
-		}
-	}
-
-	var candidates []Key
-	var decrypted io.ReadCloser
-
-	// Now that we have the list of encrypted keys we need to decrypt at
-	// least one of them or, if we cannot, we need to call the prompt
-	// function so that it can decrypt a key or give us a passphrase.
-FindKey:
-	for {
-		// See if any of the keys already have a private key available
-		candidates = candidates[:0]
-		candidateFingerprints := make(map[string]bool)
-
-		for _, pk := range pubKeys {
-			if pk.key.PrivateKey == nil {
-				continue
-			}
-			if !pk.key.PrivateKey.Encrypted {
-				if len(pk.encryptedKey.Key) == 0 {
-					errDec := pk.encryptedKey.Decrypt(pk.key.PrivateKey, config)
-					if errDec != nil {
-						continue
-					}
-				}
-				// Try to decrypt symmetrically encrypted
-				decrypted, err = edp.Decrypt(pk.encryptedKey.CipherFunc, pk.encryptedKey.Key)
-				if err != nil && err != errors.ErrKeyIncorrect {
-					return nil, err
-				}
-				if decrypted != nil {
-					md.DecryptedWith = pk.key
-					break FindKey
-				}
-			} else {
-				fpr := string(pk.key.PublicKey.Fingerprint[:])
-				if v := candidateFingerprints[fpr]; v {
-					continue
-				}
-				candidates = append(candidates, pk.key)
-				candidateFingerprints[fpr] = true
-			}
-		}
-
-		if len(candidates) == 0 && len(symKeys) == 0 {
-			return nil, errors.ErrKeyIncorrect
-		}
-
-		if prompt == nil {
-			return nil, errors.ErrKeyIncorrect
-		}
-
-		passphrase, err := prompt(candidates, len(symKeys) != 0)
-		if err != nil {
-			return nil, err
-		}
-
-		// Try the symmetric passphrase first
-		if len(symKeys) != 0 && passphrase != nil {
-			for _, s := range symKeys {
-				key, cipherFunc, err := s.Decrypt(passphrase)
-				// In v4, on wrong passphrase, session key decryption is very likely to result in an invalid cipherFunc:
-				// only for < 5% of cases we will proceed to decrypt the data
-				if err == nil {
-					decrypted, err = edp.Decrypt(cipherFunc, key)
-					if err != nil {
-						return nil, err
-					}
-					if decrypted != nil {
-						break FindKey
-					}
-				}
-			}
-		}
-	}
-
-	md.decrypted = decrypted
-	if err := packets.Push(decrypted); err != nil {
-		return nil, err
-	}
-	mdFinal, sensitiveParsingErr := readSignedMessage(packets, md, keyring, config)
-	if sensitiveParsingErr != nil {
-		return nil, errors.HandleSensitiveParsingError(sensitiveParsingErr, md.decrypted != nil)
-	}
-	return mdFinal, nil
-}
-
-// readSignedMessage reads a possibly signed message if mdin is non-zero then
-// that structure is updated and returned. Otherwise a fresh MessageDetails is
-// used.
-func readSignedMessage(packets *packet.Reader, mdin *MessageDetails, keyring KeyRing, config *packet.Config) (md *MessageDetails, err error) {
-	if mdin == nil {
-		mdin = new(MessageDetails)
-	}
-	md = mdin
-
-	var p packet.Packet
-	var h hash.Hash
-	var wrappedHash hash.Hash
-	var prevLast bool
-FindLiteralData:
-	for {
-		p, err = packets.Next()
-		if err != nil {
-			return nil, err
-		}
-		switch p := p.(type) {
-		case *packet.Compressed:
-			if err := packets.Push(p.Body); err != nil {
-				return nil, err
-			}
-		case *packet.OnePassSignature:
-			if prevLast {
-				return nil, errors.UnsupportedError("nested signature packets")
-			}
-
-			if p.IsLast {
-				prevLast = true
-			}
-
-			h, wrappedHash, err = hashForSignature(p.Hash, p.SigType, p.Salt)
-			if err != nil {
-				md.SignatureError = err
-			}
-
-			md.IsSigned = true
-			if p.Version == 6 {
-				md.SignedByFingerprint = p.KeyFingerprint
-			}
-			md.SignedByKeyId = p.KeyId
-
-			if keyring != nil {
-				keys := keyring.KeysByIdUsage(p.KeyId, packet.KeyFlagSign)
-				if len(keys) > 0 {
-					md.SignedBy = &keys[0]
-				}
-			}
-		case *packet.LiteralData:
-			md.LiteralData = p
-			break FindLiteralData
-		}
-	}
-
-	if md.IsSigned && md.SignatureError == nil {
-		md.UnverifiedBody = &signatureCheckReader{packets, h, wrappedHash, md, config}
-	} else if md.decrypted != nil {
-		md.UnverifiedBody = &checkReader{md, false}
-	} else {
-		md.UnverifiedBody = md.LiteralData.Body
-	}
-
-	return md, nil
-}
-
-func wrapHashForSignature(hashFunc hash.Hash, sigType packet.SignatureType) (hash.Hash, error) {
-	switch sigType {
-	case packet.SigTypeBinary:
-		return hashFunc, nil
-	case packet.SigTypeText:
-		return NewCanonicalTextHash(hashFunc), nil
-	}
-	return nil, errors.UnsupportedError("unsupported signature type: " + strconv.Itoa(int(sigType)))
-}
-
-// hashForSignature returns a pair of hashes that can be used to verify a
-// signature. The signature may specify that the contents of the signed message
-// should be preprocessed (i.e. to normalize line endings). Thus this function
-// returns two hashes. The second should be used to hash the message itself and
-// performs any needed preprocessing.
-func hashForSignature(hashFunc crypto.Hash, sigType packet.SignatureType, sigSalt []byte) (hash.Hash, hash.Hash, error) {
-	if _, ok := algorithm.HashToHashIdWithSha1(hashFunc); !ok {
-		return nil, nil, errors.UnsupportedError("unsupported hash function")
-	}
-	if !hashFunc.Available() {
-		return nil, nil, errors.UnsupportedError("hash not available: " + strconv.Itoa(int(hashFunc)))
-	}
-	h := hashFunc.New()
-	if sigSalt != nil {
-		h.Write(sigSalt)
-	}
-	wrappedHash, err := wrapHashForSignature(h, sigType)
-	if err != nil {
-		return nil, nil, err
-	}
-	switch sigType {
-	case packet.SigTypeBinary:
-		return h, wrappedHash, nil
-	case packet.SigTypeText:
-		return h, wrappedHash, nil
-	}
-	return nil, nil, errors.UnsupportedError("unsupported signature type: " + strconv.Itoa(int(sigType)))
-}
-
-// checkReader wraps an io.Reader from a LiteralData packet. When it sees EOF
-// it closes the ReadCloser from any SymmetricallyEncrypted packet to trigger
-// MDC checks.
-type checkReader struct {
-	md      *MessageDetails
-	checked bool
-}
-
-func (cr *checkReader) Read(buf []byte) (int, error) {
-	n, sensitiveParsingError := cr.md.LiteralData.Body.Read(buf)
-	if sensitiveParsingError == io.EOF {
-		if cr.checked {
-			// Only check once
-			return n, io.EOF
-		}
-		mdcErr := cr.md.decrypted.Close()
-		if mdcErr != nil {
-			return n, mdcErr
-		}
-		cr.checked = true
-		return n, io.EOF
-	}
-
-	if sensitiveParsingError != nil {
-		return n, errors.HandleSensitiveParsingError(sensitiveParsingError, true)
-	}
-
-	return n, nil
-}
-
-// signatureCheckReader wraps an io.Reader from a LiteralData packet and hashes
-// the data as it is read. When it sees an EOF from the underlying io.Reader
-// it parses and checks a trailing Signature packet and triggers any MDC checks.
-type signatureCheckReader struct {
-	packets        *packet.Reader
-	h, wrappedHash hash.Hash
-	md             *MessageDetails
-	config         *packet.Config
-}
-
-func (scr *signatureCheckReader) Read(buf []byte) (int, error) {
-	n, sensitiveParsingError := scr.md.LiteralData.Body.Read(buf)
-
-	// Hash only if required
-	if scr.md.SignedBy != nil {
-		scr.wrappedHash.Write(buf[:n])
-	}
-
-	readsDecryptedData := scr.md.decrypted != nil
-	if sensitiveParsingError == io.EOF {
-		var p packet.Packet
-		var readError error
-		var sig *packet.Signature
-
-		p, readError = scr.packets.Next()
-		for readError == nil {
-			var ok bool
-			if sig, ok = p.(*packet.Signature); ok {
-				if sig.Version == 5 && (sig.SigType == 0x00 || sig.SigType == 0x01) {
-					sig.Metadata = scr.md.LiteralData
-				}
-
-				// If signature KeyID matches
-				if scr.md.SignedBy != nil && *sig.IssuerKeyId == scr.md.SignedByKeyId {
-					key := scr.md.SignedBy
-					signatureError := key.PublicKey.VerifySignature(scr.h, sig)
-					if signatureError == nil {
-						signatureError = checkMessageSignatureDetails(key, sig, scr.config)
-					}
-					scr.md.Signature = sig
-					scr.md.SignatureError = signatureError
-				} else {
-					scr.md.UnverifiedSignatures = append(scr.md.UnverifiedSignatures, sig)
-				}
-			}
-
-			p, readError = scr.packets.Next()
-		}
-
-		if scr.md.SignedBy != nil && scr.md.Signature == nil {
-			if scr.md.UnverifiedSignatures == nil {
-				scr.md.SignatureError = errors.StructuralError("LiteralData not followed by signature")
-			} else {
-				scr.md.SignatureError = errors.StructuralError("No matching signature found")
-			}
-		}
-
-		// The SymmetricallyEncrypted packet, if any, might have an
-		// unsigned hash of its own. In order to check this we need to
-		// close that Reader.
-		if scr.md.decrypted != nil {
-			if sensitiveParsingError := scr.md.decrypted.Close(); sensitiveParsingError != nil {
-				return n, errors.HandleSensitiveParsingError(sensitiveParsingError, true)
-			}
-		}
-		return n, io.EOF
-	}
-
-	if sensitiveParsingError != nil {
-		return n, errors.HandleSensitiveParsingError(sensitiveParsingError, readsDecryptedData)
-	}
-
-	return n, nil
-}
-
-// VerifyDetachedSignature takes a signed file and a detached signature and
-// returns the signature packet and the entity the signature was signed by,
-// if any, and a possible signature verification error.
-// If the signer isn't known, ErrUnknownIssuer is returned.
-func VerifyDetachedSignature(keyring KeyRing, signed, signature io.Reader, config *packet.Config) (sig *packet.Signature, signer *Entity, err error) {
-	return verifyDetachedSignature(keyring, signed, signature, nil, false, config)
-}
-
-// VerifyDetachedSignatureAndHash performs the same actions as
-// VerifyDetachedSignature and checks that the expected hash functions were used.
-func VerifyDetachedSignatureAndHash(keyring KeyRing, signed, signature io.Reader, expectedHashes []crypto.Hash, config *packet.Config) (sig *packet.Signature, signer *Entity, err error) {
-	return verifyDetachedSignature(keyring, signed, signature, expectedHashes, true, config)
-}
-
-// CheckDetachedSignature takes a signed file and a detached signature and
-// returns the entity the signature was signed by, if any, and a possible
-// signature verification error. If the signer isn't known,
-// ErrUnknownIssuer is returned.
-func CheckDetachedSignature(keyring KeyRing, signed, signature io.Reader, config *packet.Config) (signer *Entity, err error) {
-	_, signer, err = verifyDetachedSignature(keyring, signed, signature, nil, false, config)
-	return
-}
-
-// CheckDetachedSignatureAndHash performs the same actions as
-// CheckDetachedSignature and checks that the expected hash functions were used.
-func CheckDetachedSignatureAndHash(keyring KeyRing, signed, signature io.Reader, expectedHashes []crypto.Hash, config *packet.Config) (signer *Entity, err error) {
-	_, signer, err = verifyDetachedSignature(keyring, signed, signature, expectedHashes, true, config)
-	return
-}
-
-func verifyDetachedSignature(keyring KeyRing, signed, signature io.Reader, expectedHashes []crypto.Hash, checkHashes bool, config *packet.Config) (sig *packet.Signature, signer *Entity, err error) {
-	var issuerKeyId uint64
-	var hashFunc crypto.Hash
-	var sigType packet.SignatureType
-	var keys []Key
-	var p packet.Packet
-
-	packets := packet.NewReader(signature)
-	for {
-		p, err = packets.Next()
-		if err == io.EOF {
-			return nil, nil, errors.ErrUnknownIssuer
-		}
-		if err != nil {
-			return nil, nil, err
-		}
-
-		var ok bool
-		sig, ok = p.(*packet.Signature)
-		if !ok {
-			return nil, nil, errors.StructuralError("non signature packet found")
-		}
-		if sig.IssuerKeyId == nil {
-			return nil, nil, errors.StructuralError("signature doesn't have an issuer")
-		}
-		issuerKeyId = *sig.IssuerKeyId
-		hashFunc = sig.Hash
-		sigType = sig.SigType
-		if checkHashes {
-			matchFound := false
-			// check for hashes
-			for _, expectedHash := range expectedHashes {
-				if hashFunc == expectedHash {
-					matchFound = true
-					break
-				}
-			}
-			if !matchFound {
-				return nil, nil, errors.StructuralError("hash algorithm or salt mismatch with cleartext message headers")
-			}
-		}
-		keys = keyring.KeysByIdUsage(issuerKeyId, packet.KeyFlagSign)
-		if len(keys) > 0 {
-			break
-		}
-	}
-
-	if len(keys) == 0 {
-		panic("unreachable")
-	}
-
-	h, err := sig.PrepareVerify()
-	if err != nil {
-		return nil, nil, err
-	}
-	wrappedHash, err := wrapHashForSignature(h, sigType)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	if _, err := io.Copy(wrappedHash, signed); err != nil && err != io.EOF {
-		return nil, nil, err
-	}
-
-	for _, key := range keys {
-		err = key.PublicKey.VerifySignature(h, sig)
-		if err == nil {
-			return sig, key.Entity, checkMessageSignatureDetails(&key, sig, config)
-		}
-	}
-
-	return nil, nil, err
-}
-
-// CheckArmoredDetachedSignature performs the same actions as
-// CheckDetachedSignature but expects the signature to be armored.
-func CheckArmoredDetachedSignature(keyring KeyRing, signed, signature io.Reader, config *packet.Config) (signer *Entity, err error) {
-	body, err := readArmored(signature, SignatureType)
-	if err != nil {
-		return
-	}
-
-	return CheckDetachedSignature(keyring, signed, body, config)
-}
-
-// checkMessageSignatureDetails returns an error if:
-//   - The signature (or one of the binding signatures mentioned below)
-//     has a unknown critical notation data subpacket
-//   - The primary key of the signing entity is revoked
-//   - The primary identity is revoked
-//   - The signature is expired
-//   - The primary key of the signing entity is expired according to the
-//     primary identity binding signature
-//
-// ... or, if the signature was signed by a subkey and:
-//   - The signing subkey is revoked
-//   - The signing subkey is expired according to the subkey binding signature
-//   - The signing subkey binding signature is expired
-//   - The signing subkey cross-signature is expired
-//
-// NOTE: The order of these checks is important, as the caller may choose to
-// ignore ErrSignatureExpired or ErrKeyExpired errors, but should never
-// ignore any other errors.
-func checkMessageSignatureDetails(key *Key, signature *packet.Signature, config *packet.Config) error {
-	now := config.Now()
-	primarySelfSignature, primaryIdentity := key.Entity.PrimarySelfSignature()
-	signedBySubKey := key.PublicKey != key.Entity.PrimaryKey
-	sigsToCheck := []*packet.Signature{signature, primarySelfSignature}
-	if signedBySubKey {
-		sigsToCheck = append(sigsToCheck, key.SelfSignature, key.SelfSignature.EmbeddedSignature)
-	}
-	for _, sig := range sigsToCheck {
-		for _, notation := range sig.Notations {
-			if notation.IsCritical && !config.KnownNotation(notation.Name) {
-				return errors.SignatureError("unknown critical notation: " + notation.Name)
-			}
-		}
-	}
-	if key.Entity.Revoked(now) || // primary key is revoked
-		(signedBySubKey && key.Revoked(now)) || // subkey is revoked
-		(primaryIdentity != nil && primaryIdentity.Revoked(now)) { // primary identity is revoked for v4
-		return errors.ErrKeyRevoked
-	}
-	if key.Entity.PrimaryKey.KeyExpired(primarySelfSignature, now) { // primary key is expired
-		return errors.ErrKeyExpired
-	}
-	if signedBySubKey {
-		if key.PublicKey.KeyExpired(key.SelfSignature, now) { // subkey is expired
-			return errors.ErrKeyExpired
-		}
-	}
-	for _, sig := range sigsToCheck {
-		if sig.SigExpired(now) { // any of the relevant signatures are expired
-			return errors.ErrSignatureExpired
-		}
-	}
-	return nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/read_write_test_data.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/read_write_test_data.go
deleted file mode 100644
index 670d60226a..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/read_write_test_data.go
+++ /dev/null
@@ -1,457 +0,0 @@
-package openpgp
-
-const testKey1KeyId uint64 = 0xA34D7E18C20C31BB
-const testKey3KeyId uint64 = 0x338934250CCC0360
-const testKeyP256KeyId uint64 = 0xd44a2c495918513e
-
-const signedInput = "Signed message\nline 2\nline 3\n"
-const signedTextInput = "Signed message\r\nline 2\r\nline 3\r\n"
-
-const recipientUnspecifiedHex = "848c0300000000000000000103ff62d4d578d03cf40c3da998dfe216c074fa6ddec5e31c197c9666ba292830d91d18716a80f699f9d897389a90e6d62d0238f5f07a5248073c0f24920e4bc4a30c2d17ee4e0cae7c3d4aaa4e8dced50e3010a80ee692175fa0385f62ecca4b56ee6e9980aa3ec51b61b077096ac9e800edaf161268593eedb6cc7027ff5cb32745d250010d407a6221ae22ef18469b444f2822478c4d190b24d36371a95cb40087cdd42d9399c3d06a53c0673349bfb607927f20d1e122bde1e2bf3aa6cae6edf489629bcaa0689539ae3b718914d88ededc3b"
-
-const detachedSignatureHex = "889c04000102000605024d449cd1000a0910a34d7e18c20c31bb167603ff57718d09f28a519fdc7b5a68b6a3336da04df85e38c5cd5d5bd2092fa4629848a33d85b1729402a2aab39c3ac19f9d573f773cc62c264dc924c067a79dfd8a863ae06c7c8686120760749f5fd9b1e03a64d20a7df3446ddc8f0aeadeaeba7cbaee5c1e366d65b6a0c6cc749bcb912d2f15013f812795c2e29eb7f7b77f39ce77"
-
-const detachedSignatureTextHex = "889c04010102000605024d449d21000a0910a34d7e18c20c31bbc8c60400a24fbef7342603a41cb1165767bd18985d015fb72fe05db42db36cfb2f1d455967f1e491194fbf6cf88146222b23bf6ffbd50d17598d976a0417d3192ff9cc0034fd00f287b02e90418bbefe609484b09231e4e7a5f3562e199bf39909ab5276c4d37382fe088f6b5c3426fc1052865da8b3ab158672d58b6264b10823dc4b39"
-
-const detachedSignatureDSAHex = "884604001102000605024d6c4eac000a0910338934250ccc0360f18d00a087d743d6405ed7b87755476629600b8b694a39e900a0abff8126f46faf1547c1743c37b21b4ea15b8f83"
-
-const detachedSignatureP256Hex = "885e0400130a0006050256e5bb00000a0910d44a2c495918513edef001009841a4f792beb0befccb35c8838a6a87d9b936beaa86db6745ddc7b045eee0cf00fd1ac1f78306b17e965935dd3f8bae4587a76587e4af231efe19cc4011a8434817"
-
-// The plaintext is https://www.gutenberg.org/cache/epub/1080/pg1080.txt
-const modestProposalSha512 = "lbbrB1+WP3T9AaC9OQqBdOcCjgeEQadlulXsNPgVx0tyqPzDHwUugZ2gE7V0ESKAw6kAVfgkcuvfgxAAGaeHtw=="
-
-const testKeys1And2Hex = "988d044d3c5c10010400b1d13382944bd5aba23a4312968b5095d14f947f600eb478e14a6fcb16b0e0cac764884909c020bc495cfcc39a935387c661507bdb236a0612fb582cac3af9b29cc2c8c70090616c41b662f4da4c1201e195472eb7f4ae1ccbcbf9940fe21d985e379a5563dde5b9a23d35f1cfaa5790da3b79db26f23695107bfaca8e7b5bcd0011010001b41054657374204b6579203120285253412988b804130102002205024d3c5c10021b03060b090807030206150802090a0b0416020301021e01021780000a0910a34d7e18c20c31bbb5b304009cc45fe610b641a2c146331be94dade0a396e73ca725e1b25c21708d9cab46ecca5ccebc23055879df8f99eea39b377962a400f2ebdc36a7c99c333d74aeba346315137c3ff9d0a09b0273299090343048afb8107cf94cbd1400e3026f0ccac7ecebbc4d78588eb3e478fe2754d3ca664bcf3eac96ca4a6b0c8d7df5102f60f6b0020003b88d044d3c5c10010400b201df61d67487301f11879d514f4248ade90c8f68c7af1284c161098de4c28c2850f1ec7b8e30f959793e571542ffc6532189409cb51c3d30dad78c4ad5165eda18b20d9826d8707d0f742e2ab492103a85bbd9ddf4f5720f6de7064feb0d39ee002219765bb07bcfb8b877f47abe270ddeda4f676108cecb6b9bb2ad484a4f0011010001889f04180102000905024d3c5c10021b0c000a0910a34d7e18c20c31bb1a03040085c8d62e16d05dc4e9dad64953c8a2eed8b6c12f92b1575eeaa6dcf7be9473dd5b24b37b6dffbb4e7c99ed1bd3cb11634be19b3e6e207bed7505c7ca111ccf47cb323bf1f8851eb6360e8034cbff8dd149993c959de89f8f77f38e7e98b8e3076323aa719328e2b408db5ec0d03936efd57422ba04f925cdc7b4c1af7590e40ab0020003988d044d3c5c33010400b488c3e5f83f4d561f317817538d9d0397981e9aef1321ca68ebfae1cf8b7d388e19f4b5a24a82e2fbbf1c6c26557a6c5845307a03d815756f564ac7325b02bc83e87d5480a8fae848f07cb891f2d51ce7df83dcafdc12324517c86d472cc0ee10d47a68fd1d9ae49a6c19bbd36d82af597a0d88cc9c49de9df4e696fc1f0b5d0011010001b42754657374204b6579203220285253412c20656e637279707465642070726976617465206b65792988b804130102002205024d3c5c33021b03060b090807030206150802090a0b0416020301021e01021780000a0910d4984f961e35246b98940400908a73b6a6169f700434f076c6c79015a49bee37130eaf23aaa3cfa9ce60bfe4acaa7bc95f1146ada5867e0079babb38804891f4f0b8ebca57a86b249dee786161a755b7a342e68ccf3f78ed6440a93a6626beb9a37aa66afcd4f888790cb4bb46d94a4ae3eb3d7d3e6b00f6bfec940303e89ec5b32a1eaaacce66497d539328b0020003b88d044d3c5c33010400a4e913f9442abcc7f1804ccab27d2f787ffa592077ca935a8bb23165bd8d57576acac647cc596b2c3f814518cc8c82953c7a4478f32e0cf645630a5ba38d9618ef2bc3add69d459ae3dece5cab778938d988239f8c5ae437807075e06c828019959c644ff05ef6a5a1dab72227c98e3a040b0cf219026640698d7a13d8538a570011010001889f04180102000905024d3c5c33021b0c000a0910d4984f961e35246b26c703ff7ee29ef53bc1ae1ead533c408fa136db508434e233d6e62be621e031e5940bbd4c08142aed0f82217e7c3e1ec8de574bc06ccf3c36633be41ad78a9eacd209f861cae7b064100758545cc9dd83db71806dc1cfd5fb9ae5c7474bba0c19c44034ae61bae5eca379383339dece94ff56ff7aa44a582f3e5c38f45763af577c0934b0020003"
-
-const testKeys1And2PrivateHex = "9501d8044d3c5c10010400b1d13382944bd5aba23a4312968b5095d14f947f600eb478e14a6fcb16b0e0cac764884909c020bc495cfcc39a935387c661507bdb236a0612fb582cac3af9b29cc2c8c70090616c41b662f4da4c1201e195472eb7f4ae1ccbcbf9940fe21d985e379a5563dde5b9a23d35f1cfaa5790da3b79db26f23695107bfaca8e7b5bcd00110100010003ff4d91393b9a8e3430b14d6209df42f98dc927425b881f1209f319220841273a802a97c7bdb8b3a7740b3ab5866c4d1d308ad0d3a79bd1e883aacf1ac92dfe720285d10d08752a7efe3c609b1d00f17f2805b217be53999a7da7e493bfc3e9618fd17018991b8128aea70a05dbce30e4fbe626aa45775fa255dd9177aabf4df7cf0200c1ded12566e4bc2bb590455e5becfb2e2c9796482270a943343a7835de41080582c2be3caf5981aa838140e97afa40ad652a0b544f83eb1833b0957dce26e47b0200eacd6046741e9ce2ec5beb6fb5e6335457844fb09477f83b050a96be7da043e17f3a9523567ed40e7a521f818813a8b8a72209f1442844843ccc7eb9805442570200bdafe0438d97ac36e773c7162028d65844c4d463e2420aa2228c6e50dc2743c3d6c72d0d782a5173fe7be2169c8a9f4ef8a7cf3e37165e8c61b89c346cdc6c1799d2b41054657374204b6579203120285253412988b804130102002205024d3c5c10021b03060b090807030206150802090a0b0416020301021e01021780000a0910a34d7e18c20c31bbb5b304009cc45fe610b641a2c146331be94dade0a396e73ca725e1b25c21708d9cab46ecca5ccebc23055879df8f99eea39b377962a400f2ebdc36a7c99c333d74aeba346315137c3ff9d0a09b0273299090343048afb8107cf94cbd1400e3026f0ccac7ecebbc4d78588eb3e478fe2754d3ca664bcf3eac96ca4a6b0c8d7df5102f60f6b00200009d01d8044d3c5c10010400b201df61d67487301f11879d514f4248ade90c8f68c7af1284c161098de4c28c2850f1ec7b8e30f959793e571542ffc6532189409cb51c3d30dad78c4ad5165eda18b20d9826d8707d0f742e2ab492103a85bbd9ddf4f5720f6de7064feb0d39ee002219765bb07bcfb8b877f47abe270ddeda4f676108cecb6b9bb2ad484a4f00110100010003fd17a7490c22a79c59281fb7b20f5e6553ec0c1637ae382e8adaea295f50241037f8997cf42c1ce26417e015091451b15424b2c59eb8d4161b0975630408e394d3b00f88d4b4e18e2cc85e8251d4753a27c639c83f5ad4a571c4f19d7cd460b9b73c25ade730c99df09637bd173d8e3e981ac64432078263bb6dc30d3e974150dd0200d0ee05be3d4604d2146fb0457f31ba17c057560785aa804e8ca5530a7cd81d3440d0f4ba6851efcfd3954b7e68908fc0ba47f7ac37bf559c6c168b70d3a7c8cd0200da1c677c4bce06a068070f2b3733b0a714e88d62aa3f9a26c6f5216d48d5c2b5624144f3807c0df30be66b3268eeeca4df1fbded58faf49fc95dc3c35f134f8b01fd1396b6c0fc1b6c4f0eb8f5e44b8eace1e6073e20d0b8bc5385f86f1cf3f050f66af789f3ef1fc107b7f4421e19e0349c730c68f0a226981f4e889054fdb4dc149e8e889f04180102000905024d3c5c10021b0c000a0910a34d7e18c20c31bb1a03040085c8d62e16d05dc4e9dad64953c8a2eed8b6c12f92b1575eeaa6dcf7be9473dd5b24b37b6dffbb4e7c99ed1bd3cb11634be19b3e6e207bed7505c7ca111ccf47cb323bf1f8851eb6360e8034cbff8dd149993c959de89f8f77f38e7e98b8e3076323aa719328e2b408db5ec0d03936efd57422ba04f925cdc7b4c1af7590e40ab00200009501fe044d3c5c33010400b488c3e5f83f4d561f317817538d9d0397981e9aef1321ca68ebfae1cf8b7d388e19f4b5a24a82e2fbbf1c6c26557a6c5845307a03d815756f564ac7325b02bc83e87d5480a8fae848f07cb891f2d51ce7df83dcafdc12324517c86d472cc0ee10d47a68fd1d9ae49a6c19bbd36d82af597a0d88cc9c49de9df4e696fc1f0b5d0011010001fe030302e9030f3c783e14856063f16938530e148bc57a7aa3f3e4f90df9dceccdc779bc0835e1ad3d006e4a8d7b36d08b8e0de5a0d947254ecfbd22037e6572b426bcfdc517796b224b0036ff90bc574b5509bede85512f2eefb520fb4b02aa523ba739bff424a6fe81c5041f253f8d757e69a503d3563a104d0d49e9e890b9d0c26f96b55b743883b472caa7050c4acfd4a21f875bdf1258d88bd61224d303dc9df77f743137d51e6d5246b88c406780528fd9a3e15bab5452e5b93970d9dcc79f48b38651b9f15bfbcf6da452837e9cc70683d1bdca94507870f743e4ad902005812488dd342f836e72869afd00ce1850eea4cfa53ce10e3608e13d3c149394ee3cbd0e23d018fcbcb6e2ec5a1a22972d1d462ca05355d0d290dd2751e550d5efb38c6c89686344df64852bf4ff86638708f644e8ec6bd4af9b50d8541cb91891a431326ab2e332faa7ae86cfb6e0540aa63160c1e5cdd5a4add518b303fff0a20117c6bc77f7cfbaf36b04c865c6c2b42754657374204b6579203220285253412c20656e637279707465642070726976617465206b65792988b804130102002205024d3c5c33021b03060b090807030206150802090a0b0416020301021e01021780000a0910d4984f961e35246b98940400908a73b6a6169f700434f076c6c79015a49bee37130eaf23aaa3cfa9ce60bfe4acaa7bc95f1146ada5867e0079babb38804891f4f0b8ebca57a86b249dee786161a755b7a342e68ccf3f78ed6440a93a6626beb9a37aa66afcd4f888790cb4bb46d94a4ae3eb3d7d3e6b00f6bfec940303e89ec5b32a1eaaacce66497d539328b00200009d01fe044d3c5c33010400a4e913f9442abcc7f1804ccab27d2f787ffa592077ca935a8bb23165bd8d57576acac647cc596b2c3f814518cc8c82953c7a4478f32e0cf645630a5ba38d9618ef2bc3add69d459ae3dece5cab778938d988239f8c5ae437807075e06c828019959c644ff05ef6a5a1dab72227c98e3a040b0cf219026640698d7a13d8538a570011010001fe030302e9030f3c783e148560f936097339ae381d63116efcf802ff8b1c9360767db5219cc987375702a4123fd8657d3e22700f23f95020d1b261eda5257e9a72f9a918e8ef22dd5b3323ae03bbc1923dd224db988cadc16acc04b120a9f8b7e84da9716c53e0334d7b66586ddb9014df604b41be1e960dcfcbc96f4ed150a1a0dd070b9eb14276b9b6be413a769a75b519a53d3ecc0c220e85cd91ca354d57e7344517e64b43b6e29823cbd87eae26e2b2e78e6dedfbb76e3e9f77bcb844f9a8932eb3db2c3f9e44316e6f5d60e9e2a56e46b72abe6b06dc9a31cc63f10023d1f5e12d2a3ee93b675c96f504af0001220991c88db759e231b3320dcedf814dcf723fd9857e3d72d66a0f2af26950b915abdf56c1596f46a325bf17ad4810d3535fb02a259b247ac3dbd4cc3ecf9c51b6c07cebb009c1506fba0a89321ec8683e3fd009a6e551d50243e2d5092fefb3321083a4bad91320dc624bd6b5dddf93553e3d53924c05bfebec1fb4bd47e89a1a889f04180102000905024d3c5c33021b0c000a0910d4984f961e35246b26c703ff7ee29ef53bc1ae1ead533c408fa136db508434e233d6e62be621e031e5940bbd4c08142aed0f82217e7c3e1ec8de574bc06ccf3c36633be41ad78a9eacd209f861cae7b064100758545cc9dd83db71806dc1cfd5fb9ae5c7474bba0c19c44034ae61bae5eca379383339dece94ff56ff7aa44a582f3e5c38f45763af577c0934b0020000"
-
-const dsaElGamalTestKeysHex = "9501e1044dfcb16a110400aa3e5c1a1f43dd28c2ffae8abf5cfce555ee874134d8ba0a0f7b868ce2214beddc74e5e1e21ded354a95d18acdaf69e5e342371a71fbb9093162e0c5f3427de413a7f2c157d83f5cd2f9d791256dc4f6f0e13f13c3302af27f2384075ab3021dff7a050e14854bbde0a1094174855fc02f0bae8e00a340d94a1f22b32e48485700a0cec672ac21258fb95f61de2ce1af74b2c4fa3e6703ff698edc9be22c02ae4d916e4fa223f819d46582c0516235848a77b577ea49018dcd5e9e15cff9dbb4663a1ae6dd7580fa40946d40c05f72814b0f88481207e6c0832c3bded4853ebba0a7e3bd8e8c66df33d5a537cd4acf946d1080e7a3dcea679cb2b11a72a33a2b6a9dc85f466ad2ddf4c3db6283fa645343286971e3dd700703fc0c4e290d45767f370831a90187e74e9972aae5bff488eeff7d620af0362bfb95c1a6c3413ab5d15a2e4139e5d07a54d72583914661ed6a87cce810be28a0aa8879a2dd39e52fb6fe800f4f181ac7e328f740cde3d09a05cecf9483e4cca4253e60d4429ffd679d9996a520012aad119878c941e3cf151459873bdfc2a9563472fe0303027a728f9feb3b864260a1babe83925ce794710cfd642ee4ae0e5b9d74cee49e9c67b6cd0ea5dfbb582132195a121356a1513e1bca73e5b80c58c7ccb4164453412f456c47616d616c2054657374204b65792031886204131102002205024dfcb16a021b03060b090807030206150802090a0b0416020301021e01021780000a091033af447ccd759b09fadd00a0b8fd6f5a790bad7e9f2dbb7632046dc4493588db009c087c6a9ba9f7f49fab221587a74788c00db4889ab00200009d0157044dfcb16a1004008dec3f9291205255ccff8c532318133a6840739dd68b03ba942676f9038612071447bf07d00d559c5c0875724ea16a4c774f80d8338b55fca691a0522e530e604215b467bbc9ccfd483a1da99d7bc2648b4318fdbd27766fc8bfad3fddb37c62b8ae7ccfe9577e9b8d1e77c1d417ed2c2ef02d52f4da11600d85d3229607943700030503ff506c94c87c8cab778e963b76cf63770f0a79bf48fb49d3b4e52234620fc9f7657f9f8d56c96a2b7c7826ae6b57ebb2221a3fe154b03b6637cea7e6d98e3e45d87cf8dc432f723d3d71f89c5192ac8d7290684d2c25ce55846a80c9a7823f6acd9bb29fa6cd71f20bc90eccfca20451d0c976e460e672b000df49466408d527affe0303027a728f9feb3b864260abd761730327bca2aaa4ea0525c175e92bf240682a0e83b226f97ecb2e935b62c9a133858ce31b271fa8eb41f6a1b3cd72a63025ce1a75ee4180dcc284884904181102000905024dfcb16a021b0c000a091033af447ccd759b09dd0b009e3c3e7296092c81bee5a19929462caaf2fff3ae26009e218c437a2340e7ea628149af1ec98ec091a43992b00200009501e1044dfcb1be1104009f61faa61aa43df75d128cbe53de528c4aec49ce9360c992e70c77072ad5623de0a3a6212771b66b39a30dad6781799e92608316900518ec01184a85d872365b7d2ba4bacfb5882ea3c2473d3750dc6178cc1cf82147fb58caa28b28e9f12f6d1efcb0534abed644156c91cca4ab78834268495160b2400bc422beb37d237c2300a0cac94911b6d493bda1e1fbc6feeca7cb7421d34b03fe22cec6ccb39675bb7b94a335c2b7be888fd3906a1125f33301d8aa6ec6ee6878f46f73961c8d57a3e9544d8ef2a2cbfd4d52da665b1266928cfe4cb347a58c412815f3b2d2369dec04b41ac9a71cc9547426d5ab941cccf3b18575637ccfb42df1a802df3cfe0a999f9e7109331170e3a221991bf868543960f8c816c28097e503fe319db10fb98049f3a57d7c80c420da66d56f3644371631fad3f0ff4040a19a4fedc2d07727a1b27576f75a4d28c47d8246f27071e12d7a8de62aad216ddbae6aa02efd6b8a3e2818cda48526549791ab277e447b3a36c57cefe9b592f5eab73959743fcc8e83cbefec03a329b55018b53eec196765ae40ef9e20521a603c551efe0303020950d53a146bf9c66034d00c23130cce95576a2ff78016ca471276e8227fb30b1ffbd92e61804fb0c3eff9e30b1a826ee8f3e4730b4d86273ca977b4164453412f456c47616d616c2054657374204b65792032886204131102002205024dfcb1be021b03060b090807030206150802090a0b0416020301021e01021780000a0910a86bf526325b21b22bd9009e34511620415c974750a20df5cb56b182f3b48e6600a0a9466cb1a1305a84953445f77d461593f1d42bc1b00200009d0157044dfcb1be1004009565a951da1ee87119d600c077198f1c1bceb0f7aa54552489298e41ff788fa8f0d43a69871f0f6f77ebdfb14a4260cf9fbeb65d5844b4272a1904dd95136d06c3da745dc46327dd44a0f16f60135914368c8039a34033862261806bb2c5ce1152e2840254697872c85441ccb7321431d75a747a4bfb1d2c66362b51ce76311700030503fc0ea76601c196768070b7365a200e6ddb09307f262d5f39eec467b5f5784e22abdf1aa49226f59ab37cb49969d8f5230ea65caf56015abda62604544ed526c5c522bf92bed178a078789f6c807b6d34885688024a5bed9e9f8c58d11d4b82487b44c5f470c5606806a0443b79cadb45e0f897a561a53f724e5349b9267c75ca17fe0303020950d53a146bf9c660bc5f4ce8f072465e2d2466434320c1e712272fafc20e342fe7608101580fa1a1a367e60486a7cd1246b7ef5586cf5e10b32762b710a30144f12dd17dd4884904181102000905024dfcb1be021b0c000a0910a86bf526325b21b2904c00a0b2b66b4b39ccffda1d10f3ea8d58f827e30a8b8e009f4255b2d8112a184e40cde43a34e8655ca7809370b0020000"
-
-const ed25519wX25519Key = "c54b0663877fe31b00000020f94da7bb48d60a61e567706a6587d0331999bb9d891a08242ead84543df895a3001972817b12be707e8d5f586ce61361201d344eb266a2c82fde6835762b65b0b7c2b1061f1b0a00000042058263877fe3030b090705150a0e080c021600029b03021e09222106cb186c4f0609a697e4d52dfa6c722b0c1f1e27c18a56708f6525ec27bad9acc905270902070200000000ad2820103e2d7d227ec0e6d7ce4471db36bfc97083253690271498a7ef0576c07faae14585b3b903b0127ec4fda2f023045a2ec76bcb4f9571a9651e14aee1137a1d668442c88f951e33c4ffd33fb9a17d511eed758fc6d9cc50cb5fd793b2039d5804c74b0663877fe319000000208693248367f9e5015db922f8f48095dda784987f2d5985b12fbad16caf5e4435004d600a4f794d44775c57a26e0feefed558e9afffd6ad0d582d57fb2ba2dcedb8c29b06181b0a0000002c050263877fe322a106cb186c4f0609a697e4d52dfa6c722b0c1f1e27c18a56708f6525ec27bad9acc9021b0c00000000defa20a6e9186d9d5935fc8fe56314cdb527486a5a5120f9b762a235a729f039010a56b89c658568341fbef3b894e9834ad9bc72afae2f4c9c47a43855e65f1cb0a3f77bbc5f61085c1f8249fe4e7ca59af5f0bcee9398e0fa8d76e522e1d8ab42bb0d"
-
-const signedMessageHex = "a3019bc0cbccc0c4b8d8b74ee2108fe16ec6d3ca490cbe362d3f8333d3f352531472538b8b13d353b97232f352158c20943157c71c16064626063656269052062e4e01987e9b6fccff4b7df3a34c534b23e679cbec3bc0f8f6e64dfb4b55fe3f8efa9ce110ddb5cd79faf1d753c51aecfa669f7e7aa043436596cccc3359cb7dd6bbe9ecaa69e5989d9e57209571edc0b2fa7f57b9b79a64ee6e99ce1371395fee92fec2796f7b15a77c386ff668ee27f6d38f0baa6c438b561657377bf6acff3c5947befd7bf4c196252f1d6e5c524d0300"
-
-const signedTextMessageHex = "a3019bc0cbccc8c4b8d8b74ee2108fe16ec6d36a250cbece0c178233d3f352531472538b8b13d35379b97232f352158ca0b4312f57c71c1646462606365626906a062e4e019811591798ff99bf8afee860b0d8a8c2a85c3387e3bcf0bb3b17987f2bbcfab2aa526d930cbfd3d98757184df3995c9f3e7790e36e3e9779f06089d4c64e9e47dd6202cb6e9bc73c5d11bb59fbaf89d22d8dc7cf199ddf17af96e77c5f65f9bbed56f427bd8db7af37f6c9984bf9385efaf5f184f986fb3e6adb0ecfe35bbf92d16a7aa2a344fb0bc52fb7624f0200"
-
-const signedEncryptedMessageHex = "c18c032a67d68660df41c70103ff5a84c9a72f80e74ef0384c2d6a9ebfe2b09e06a8f298394f6d2abf174e40934ab0ec01fb2d0ddf21211c6fe13eb238563663b017a6b44edca552eb4736c4b7dc6ed907dd9e12a21b51b64b46f902f76fb7aaf805c1db8070574d8d0431a23e324a750f77fb72340a17a42300ee4ca8207301e95a731da229a63ab9c6b44541fbd2c11d016d810b3b3b2b38f15b5b40f0a4910332829c2062f1f7cc61f5b03677d73c54cafa1004ced41f315d46444946faae571d6f426e6dbd45d9780eb466df042005298adabf7ce0ef766dfeb94cd449c7ed0046c880339599c4711af073ce649b1e237c40b50a5536283e03bdbb7afad78bd08707715c67fb43295f905b4c479178809d429a8e167a9a8c6dfd8ab20b4edebdc38d6dec879a3202e1b752690d9bb5b0c07c5a227c79cc200e713a99251a4219d62ad5556900cf69bd384b6c8e726c7be267471d0d23af956da165af4af757246c2ebcc302b39e8ef2fccb4971b234fcda22d759ddb20e27269ee7f7fe67898a9de721bfa02ab0becaa046d00ea16cb1afc4e2eab40d0ac17121c565686e5cbd0cbdfbd9d6db5c70278b9c9db5a83176d04f61fbfbc4471d721340ede2746e5c312ded4f26787985af92b64fae3f253dbdde97f6a5e1996fd4d865599e32ff76325d3e9abe93184c02988ee89a4504356a4ef3b9b7a57cbb9637ca90af34a7676b9ef559325c3cca4e29d69fec1887f5440bb101361d744ad292a8547f22b4f22b419a42aa836169b89190f46d9560824cb2ac6e8771de8223216a5e647e132ab9eebcba89569ab339cb1c3d70fe806b31f4f4c600b4103b8d7583ebff16e43dcda551e6530f975122eb8b29"
-
-const verifiedSignatureEncryptedMessageHex = "c2b304000108000605026048f6d600210910a34d7e18c20c31bb1621045fb74b1d03b1e3cb31bc2f8aa34d7e18c20c31bb9a3b0400a32ddac1af259c1b0abab0041327ea04970944401978fb647dd1cf9aba4f164e43f0d8a9389501886474bdd4a6e77f6aea945c07dfbf87743835b44cc2c39a1f9aeecfa83135abc92e18e50396f2e6a06c44e0188b0081effbfb4160d28f118d4ff73dd199a102e47cffd8c7ff2bacd83ae72b5820c021a486766dd587b5da61"
-
-const unverifiedSignatureEncryptedMessageHex = "c2b304000108000605026048f6d600210910a34d7e18c20c31bb1621045fb74b1d03b1e3cb31bc2f8aa34d7e18c20c31bb9a3b0400a32ddac1af259c1b0abab0041327ea04970944401978fb647dd1cf9aba4f164e43f0d8a9389501886474bdd4a6e77f6aea945c07dfbf87743835b44cc2c39a1f9aeecfa83135abc92e18e50396f2e6a06c44e0188b0081effbfb4160d28f118d4ff73dd199a102e47cffd8c7ff2bacd83ae72b5820c021a486766dd587b5da61"
-
-const signedEncryptedMessage2Hex = "85010e03cf6a7abcd43e36731003fb057f5495b79db367e277cdbe4ab90d924ddee0c0381494112ff8c1238fb0184af35d1731573b01bc4c55ecacd2aafbe2003d36310487d1ecc9ac994f3fada7f9f7f5c3a64248ab7782906c82c6ff1303b69a84d9a9529c31ecafbcdb9ba87e05439897d87e8a2a3dec55e14df19bba7f7bd316291c002ae2efd24f83f9e3441203fc081c0c23dc3092a454ca8a082b27f631abf73aca341686982e8fbda7e0e7d863941d68f3de4a755c2964407f4b5e0477b3196b8c93d551dd23c8beef7d0f03fbb1b6066f78907faf4bf1677d8fcec72651124080e0b7feae6b476e72ab207d38d90b958759fdedfc3c6c35717c9dbfc979b3cfbbff0a76d24a5e57056bb88acbd2a901ef64bc6e4db02adc05b6250ff378de81dca18c1910ab257dff1b9771b85bb9bbe0a69f5989e6d1710a35e6dfcceb7d8fb5ccea8db3932b3d9ff3fe0d327597c68b3622aec8e3716c83a6c93f497543b459b58ba504ed6bcaa747d37d2ca746fe49ae0a6ce4a8b694234e941b5159ff8bd34b9023da2814076163b86f40eed7c9472f81b551452d5ab87004a373c0172ec87ea6ce42ccfa7dbdad66b745496c4873d8019e8c28d6b3"
-
-const signatureEncryptedMessage2Hex = "c24604001102000605024dfd0166000a091033af447ccd759b09bae600a096ec5e63ecf0a403085e10f75cc3bab327663282009f51fad9df457ed8d2b70d8a73c76e0443eac0f377"
-
-const symmetricallyEncryptedCompressedHex = "c32e040903085a357c1a7b5614ed00cc0d1d92f428162058b3f558a0fb0980d221ebac6c97d5eda4e0fe32f6e706e94dd263012d6ca1ef8c4bbd324098225e603a10c85ebf09cbf7b5aeeb5ce46381a52edc51038b76a8454483be74e6dcd1e50d5689a8ae7eceaeefed98a0023d49b22eb1f65c2aa1ef1783bb5e1995713b0457102ec3c3075fe871267ffa4b686ad5d52000d857"
-
-const dsaTestKeyHex = "9901a2044d6c49de110400cb5ce438cf9250907ac2ba5bf6547931270b89f7c4b53d9d09f4d0213a5ef2ec1f26806d3d259960f872a4a102ef1581ea3f6d6882d15134f21ef6a84de933cc34c47cc9106efe3bd84c6aec12e78523661e29bc1a61f0aab17fa58a627fd5fd33f5149153fbe8cd70edf3d963bc287ef875270ff14b5bfdd1bca4483793923b00a0fe46d76cb6e4cbdc568435cd5480af3266d610d303fe33ae8273f30a96d4d34f42fa28ce1112d425b2e3bf7ea553d526e2db6b9255e9dc7419045ce817214d1a0056dbc8d5289956a4b1b69f20f1105124096e6a438f41f2e2495923b0f34b70642607d45559595c7fe94d7fa85fc41bf7d68c1fd509ebeaa5f315f6059a446b9369c277597e4f474a9591535354c7e7f4fd98a08aa60400b130c24ff20bdfbf683313f5daebf1c9b34b3bdadfc77f2ddd72ee1fb17e56c473664bc21d66467655dd74b9005e3a2bacce446f1920cd7017231ae447b67036c9b431b8179deacd5120262d894c26bc015bffe3d827ba7087ad9b700d2ca1f6d16cc1786581e5dd065f293c31209300f9b0afcc3f7c08dd26d0a22d87580b4db41054657374204b65792033202844534129886204131102002205024d6c49de021b03060b090807030206150802090a0b0416020301021e01021780000a0910338934250ccc03607e0400a0bdb9193e8a6b96fc2dfc108ae848914b504481f100a09c4dc148cb693293a67af24dd40d2b13a9e36794"
-
-const dsaTestKeyPrivateHex = "9501bb044d6c49de110400cb5ce438cf9250907ac2ba5bf6547931270b89f7c4b53d9d09f4d0213a5ef2ec1f26806d3d259960f872a4a102ef1581ea3f6d6882d15134f21ef6a84de933cc34c47cc9106efe3bd84c6aec12e78523661e29bc1a61f0aab17fa58a627fd5fd33f5149153fbe8cd70edf3d963bc287ef875270ff14b5bfdd1bca4483793923b00a0fe46d76cb6e4cbdc568435cd5480af3266d610d303fe33ae8273f30a96d4d34f42fa28ce1112d425b2e3bf7ea553d526e2db6b9255e9dc7419045ce817214d1a0056dbc8d5289956a4b1b69f20f1105124096e6a438f41f2e2495923b0f34b70642607d45559595c7fe94d7fa85fc41bf7d68c1fd509ebeaa5f315f6059a446b9369c277597e4f474a9591535354c7e7f4fd98a08aa60400b130c24ff20bdfbf683313f5daebf1c9b34b3bdadfc77f2ddd72ee1fb17e56c473664bc21d66467655dd74b9005e3a2bacce446f1920cd7017231ae447b67036c9b431b8179deacd5120262d894c26bc015bffe3d827ba7087ad9b700d2ca1f6d16cc1786581e5dd065f293c31209300f9b0afcc3f7c08dd26d0a22d87580b4d00009f592e0619d823953577d4503061706843317e4fee083db41054657374204b65792033202844534129886204131102002205024d6c49de021b03060b090807030206150802090a0b0416020301021e01021780000a0910338934250ccc03607e0400a0bdb9193e8a6b96fc2dfc108ae848914b504481f100a09c4dc148cb693293a67af24dd40d2b13a9e36794"
-
-const p256TestKeyHex = "98520456e5b83813082a8648ce3d030107020304a2072cd6d21321266c758cc5b83fab0510f751cb8d91897cddb7047d8d6f185546e2107111b0a95cb8ef063c33245502af7a65f004d5919d93ee74eb71a66253b424502d3235362054657374204b6579203c696e76616c6964406578616d706c652e636f6d3e8879041313080021050256e5b838021b03050b09080702061508090a0b020416020301021e01021780000a0910d44a2c495918513e54e50100dfa64f97d9b47766fc1943c6314ba3f2b2a103d71ad286dc5b1efb96a345b0c80100dbc8150b54241f559da6ef4baacea6d31902b4f4b1bdc09b34bf0502334b7754b8560456e5b83812082a8648ce3d030107020304bfe3cea9cee13486f8d518aa487fecab451f25467d2bf08e58f63e5fa525d5482133e6a79299c274b068ef0be448152ad65cf11cf764348588ca4f6a0bcf22b6030108078861041813080009050256e5b838021b0c000a0910d44a2c495918513e4a4800ff49d589fa64024ad30be363a032e3a0e0e6f5db56ba4c73db850518bf0121b8f20100fd78e065f4c70ea5be9df319ea67e493b936fc78da834a71828043d3154af56e"
-
-const p256TestKeyPrivateHex = "94a50456e5b83813082a8648ce3d030107020304a2072cd6d21321266c758cc5b83fab0510f751cb8d91897cddb7047d8d6f185546e2107111b0a95cb8ef063c33245502af7a65f004d5919d93ee74eb71a66253fe070302f0c2bfb0b6c30f87ee1599472b8636477eab23ced13b271886a4b50ed34c9d8436af5af5b8f88921f0efba6ef8c37c459bbb88bc1c6a13bbd25c4ce9b1e97679569ee77645d469bf4b43de637f5561b424502d3235362054657374204b6579203c696e76616c6964406578616d706c652e636f6d3e8879041313080021050256e5b838021b03050b09080702061508090a0b020416020301021e01021780000a0910d44a2c495918513e54e50100dfa64f97d9b47766fc1943c6314ba3f2b2a103d71ad286dc5b1efb96a345b0c80100dbc8150b54241f559da6ef4baacea6d31902b4f4b1bdc09b34bf0502334b77549ca90456e5b83812082a8648ce3d030107020304bfe3cea9cee13486f8d518aa487fecab451f25467d2bf08e58f63e5fa525d5482133e6a79299c274b068ef0be448152ad65cf11cf764348588ca4f6a0bcf22b603010807fe0703027510012471a603cfee2968dce19f732721ddf03e966fd133b4e3c7a685b788705cbc46fb026dc94724b830c9edbaecd2fb2c662f23169516cacd1fe423f0475c364ecc10abcabcfd4bbbda1a36a1bd8861041813080009050256e5b838021b0c000a0910d44a2c495918513e4a4800ff49d589fa64024ad30be363a032e3a0e0e6f5db56ba4c73db850518bf0121b8f20100fd78e065f4c70ea5be9df319ea67e493b936fc78da834a71828043d3154af56e"
-
-const armoredPrivateKeyBlock = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-Version: GnuPG v1.4.10 (GNU/Linux)
-
-lQHYBE2rFNoBBADFwqWQIW/DSqcB4yCQqnAFTJ27qS5AnB46ccAdw3u4Greeu3Bp
-idpoHdjULy7zSKlwR1EA873dO/k/e11Ml3dlAFUinWeejWaK2ugFP6JjiieSsrKn
-vWNicdCS4HTWn0X4sjl0ZiAygw6GNhqEQ3cpLeL0g8E9hnYzJKQ0LWJa0QARAQAB
-AAP/TB81EIo2VYNmTq0pK1ZXwUpxCrvAAIG3hwKjEzHcbQznsjNvPUihZ+NZQ6+X
-0HCfPAdPkGDCLCb6NavcSW+iNnLTrdDnSI6+3BbIONqWWdRDYJhqZCkqmG6zqSfL
-IdkJgCw94taUg5BWP/AAeQrhzjChvpMQTVKQL5mnuZbUCeMCAN5qrYMP2S9iKdnk
-VANIFj7656ARKt/nf4CBzxcpHTyB8+d2CtPDKCmlJP6vL8t58Jmih+kHJMvC0dzn
-gr5f5+sCAOOe5gt9e0am7AvQWhdbHVfJU0TQJx+m2OiCJAqGTB1nvtBLHdJnfdC9
-TnXXQ6ZXibqLyBies/xeY2sCKL5qtTMCAKnX9+9d/5yQxRyrQUHt1NYhaXZnJbHx
-q4ytu0eWz+5i68IYUSK69jJ1NWPM0T6SkqpB3KCAIv68VFm9PxqG1KmhSrQIVGVz
-dCBLZXmIuAQTAQIAIgUCTasU2gIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA
-CgkQO9o98PRieSoLhgQAkLEZex02Qt7vGhZzMwuN0R22w3VwyYyjBx+fM3JFETy1
-ut4xcLJoJfIaF5ZS38UplgakHG0FQ+b49i8dMij0aZmDqGxrew1m4kBfjXw9B/v+
-eIqpODryb6cOSwyQFH0lQkXC040pjq9YqDsO5w0WYNXYKDnzRV0p4H1pweo2VDid
-AdgETasU2gEEAN46UPeWRqKHvA99arOxee38fBt2CI08iiWyI8T3J6ivtFGixSqV
-bRcPxYO/qLpVe5l84Nb3X71GfVXlc9hyv7CD6tcowL59hg1E/DC5ydI8K8iEpUmK
-/UnHdIY5h8/kqgGxkY/T/hgp5fRQgW1ZoZxLajVlMRZ8W4tFtT0DeA+JABEBAAEA
-A/0bE1jaaZKj6ndqcw86jd+QtD1SF+Cf21CWRNeLKnUds4FRRvclzTyUMuWPkUeX
-TaNNsUOFqBsf6QQ2oHUBBK4VCHffHCW4ZEX2cd6umz7mpHW6XzN4DECEzOVksXtc
-lUC1j4UB91DC/RNQqwX1IV2QLSwssVotPMPqhOi0ZLNY7wIA3n7DWKInxYZZ4K+6
-rQ+POsz6brEoRHwr8x6XlHenq1Oki855pSa1yXIARoTrSJkBtn5oI+f8AzrnN0BN
-oyeQAwIA/7E++3HDi5aweWrViiul9cd3rcsS0dEnksPhvS0ozCJiHsq/6GFmy7J8
-QSHZPteedBnZyNp5jR+H7cIfVN3KgwH/Skq4PsuPhDq5TKK6i8Pc1WW8MA6DXTdU
-nLkX7RGmMwjC0DBf7KWAlPjFaONAX3a8ndnz//fy1q7u2l9AZwrj1qa1iJ8EGAEC
-AAkFAk2rFNoCGwwACgkQO9o98PRieSo2/QP/WTzr4ioINVsvN1akKuekmEMI3LAp
-BfHwatufxxP1U+3Si/6YIk7kuPB9Hs+pRqCXzbvPRrI8NHZBmc8qIGthishdCYad
-AHcVnXjtxrULkQFGbGvhKURLvS9WnzD/m1K2zzwxzkPTzT9/Yf06O6Mal5AdugPL
-VrM0m72/jnpKo04=
-=zNCn
------END PGP PRIVATE KEY BLOCK-----`
-
-const e2ePublicKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-Charset: UTF-8
-
-xv8AAABSBAAAAAATCCqGSM49AwEHAgME1LRoXSpOxtHXDUdmuvzchyg6005qIBJ4
-sfaSxX7QgH9RV2ONUhC+WiayCNADq+UMzuR/vunSr4aQffXvuGnR383/AAAAFDxk
-Z2lsQHlhaG9vLWluYy5jb20+wv8AAACGBBATCAA4/wAAAAWCVGvAG/8AAAACiwn/
-AAAACZC2VkQCOjdvYf8AAAAFlQgJCgv/AAAAA5YBAv8AAAACngEAAE1BAP0X8veD
-24IjmI5/C6ZAfVNXxgZZFhTAACFX75jUA3oD6AEAzoSwKf1aqH6oq62qhCN/pekX
-+WAsVMBhNwzLpqtCRjLO/wAAAFYEAAAAABIIKoZIzj0DAQcCAwT50ain7vXiIRv8
-B1DO3x3cE/aattZ5sHNixJzRCXi2vQIA5QmOxZ6b5jjUekNbdHG3SZi1a2Ak5mfX
-fRxC/5VGAwEIB8L/AAAAZQQYEwgAGP8AAAAFglRrwBz/AAAACZC2VkQCOjdvYQAA
-FJAA9isX3xtGyMLYwp2F3nXm7QEdY5bq5VUcD/RJlj792VwA/1wH0pCzVLl4Q9F9
-ex7En5r7rHR5xwX82Msc+Rq9dSyO
-=7MrZ
------END PGP PUBLIC KEY BLOCK-----`
-
-const dsaKeyWithSHA512 = `9901a2044f04b07f110400db244efecc7316553ee08d179972aab87bb1214de7692593fcf5b6feb1c80fba268722dd464748539b85b81d574cd2d7ad0ca2444de4d849b8756bad7768c486c83a824f9bba4af773d11742bdfb4ac3b89ef8cc9452d4aad31a37e4b630d33927bff68e879284a1672659b8b298222fc68f370f3e24dccacc4a862442b9438b00a0ea444a24088dc23e26df7daf8f43cba3bffc4fe703fe3d6cd7fdca199d54ed8ae501c30e3ec7871ea9cdd4cf63cfe6fc82281d70a5b8bb493f922cd99fba5f088935596af087c8d818d5ec4d0b9afa7f070b3d7c1dd32a84fca08d8280b4890c8da1dde334de8e3cad8450eed2a4a4fcc2db7b8e5528b869a74a7f0189e11ef097ef1253582348de072bb07a9fa8ab838e993cef0ee203ff49298723e2d1f549b00559f886cd417a41692ce58d0ac1307dc71d85a8af21b0cf6eaa14baf2922d3a70389bedf17cc514ba0febbd107675a372fe84b90162a9e88b14d4b1c6be855b96b33fb198c46f058568817780435b6936167ebb3724b680f32bf27382ada2e37a879b3d9de2abe0c3f399350afd1ad438883f4791e2e3b4184453412068617368207472756e636174696f6e207465737488620413110a002205024f04b07f021b03060b090807030206150802090a0b0416020301021e01021780000a0910ef20e0cefca131581318009e2bf3bf047a44d75a9bacd00161ee04d435522397009a03a60d51bd8a568c6c021c8d7cf1be8d990d6417b0020003`
-
-const unknownHashFunctionHex = `8a00000040040001990006050253863c24000a09103b4fe6acc0b21f32ffff0101010101010101010101010101010101010101010101010101010101010101010101010101`
-
-const rsaSignatureBadMPIlength = `8a00000040040001030006050253863c24000a09103b4fe6acc0b21f32ffff0101010101010101010101010101010101010101010101010101010101010101010101010101`
-
-const missingHashFunctionHex = `8a00000040040001030006050253863c24000a09103b4fe6acc0b21f32ffff0101010101010101010101010101010101010101010101010101010101010101010101010101`
-
-const campbellQuine = `a0b001000300fcffa0b001000d00f2ff000300fcffa0b001000d00f2ff8270a01c00000500faff8270a01c00000500faff000500faff001400ebff8270a01c00000500faff000500faff001400ebff428821c400001400ebff428821c400001400ebff428821c400001400ebff428821c400001400ebff428821c400000000ffff000000ffff000b00f4ff428821c400000000ffff000000ffff000b00f4ff0233214c40000100feff000233214c40000100feff0000`
-
-const keyV4forVerifyingSignedMessageV3 = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-Comment: GPGTools - https://gpgtools.org
-
-mI0EVfxoFQEEAMBIqmbDfYygcvP6Phr1wr1XI41IF7Qixqybs/foBF8qqblD9gIY
-BKpXjnBOtbkcVOJ0nljd3/sQIfH4E0vQwK5/4YRQSI59eKOqd6Fx+fWQOLG+uu6z
-tewpeCj9LLHvibx/Sc7VWRnrznia6ftrXxJ/wHMezSab3tnGC0YPVdGNABEBAAG0
-JEdvY3J5cHRvIFRlc3QgS2V5IDx0aGVtYXhAZ21haWwuY29tPoi5BBMBCgAjBQJV
-/GgVAhsDBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQeXnQmhdGW9PFVAP+
-K7TU0qX5ArvIONIxh/WAweyOk884c5cE8f+3NOPOOCRGyVy0FId5A7MmD5GOQh4H
-JseOZVEVCqlmngEvtHZb3U1VYtVGE5WZ+6rQhGsMcWP5qaT4soYwMBlSYxgYwQcx
-YhN9qOr292f9j2Y//TTIJmZT4Oa+lMxhWdqTfX+qMgG4jQRV/GgVAQQArhFSiij1
-b+hT3dnapbEU+23Z1yTu1DfF6zsxQ4XQWEV3eR8v+8mEDDNcz8oyyF56k6UQ3rXi
-UMTIwRDg4V6SbZmaFbZYCOwp/EmXJ3rfhm7z7yzXj2OFN22luuqbyVhuL7LRdB0M
-pxgmjXb4tTvfgKd26x34S+QqUJ7W6uprY4sAEQEAAYifBBgBCgAJBQJV/GgVAhsM
-AAoJEHl50JoXRlvT7y8D/02ckx4OMkKBZo7viyrBw0MLG92i+DC2bs35PooHR6zz
-786mitjOp5z2QWNLBvxC70S0qVfCIz8jKupO1J6rq6Z8CcbLF3qjm6h1omUBf8Nd
-EfXKD2/2HV6zMKVknnKzIEzauh+eCKS2CeJUSSSryap/QLVAjRnckaES/OsEWhNB
-=RZia
------END PGP PUBLIC KEY BLOCK-----
-`
-
-const signedMessageV3 = `-----BEGIN PGP MESSAGE-----
-Comment: GPGTools - https://gpgtools.org
-
-owGbwMvMwMVYWXlhlrhb9GXG03JJDKF/MtxDMjKLFYAoUaEktbhEITe1uDgxPVWP
-q5NhKjMrWAVcC9evD8z/bF/uWNjqtk/X3y5/38XGRQHm/57rrDRYuGnTw597Xqka
-uM3137/hH3Os+Jf2dc0fXOITKwJvXJvecPVs0ta+Vg7ZO1MLn8w58Xx+6L58mbka
-DGHyU9yTueZE8D+QF/Tz28Y78dqtF56R1VPn9Xw4uJqrWYdd7b3vIZ1V6R4Nh05d
-iT57d/OhWwA=
-=hG7R
------END PGP MESSAGE-----
-`
-
-// https://mailarchive.ietf.org/arch/msg/openpgp/9SheW_LENE0Kxf7haNllovPyAdY/
-const v5PrivKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-
-lGEFXJH05BYAAAAtCSsGAQQB2kcPAQEHQFhZlVcVVtwf+21xNQPX+ecMJJBL0MPd
-fj75iux+my8QAAAAAAAiAQCHZ1SnSUmWqxEsoI6facIVZQu6mph3cBFzzTvcm5lA
-Ng5ctBhlbW1hLmdvbGRtYW5AZXhhbXBsZS5uZXSIlgUTFggASCIhBRk0e8mHJGQC
-X5nfPsLgAA7ZiEiS4fez6kyUAJFZVptUBQJckfTkAhsDBQsJCAcCAyICAQYVCgkI
-CwIEFgIDAQIeBwIXgAAA9cAA/jiR3yMsZMeEQ40u6uzEoXa6UXeV/S3wwJAXRJy9
-M8s0AP9vuL/7AyTfFXwwzSjDnYmzS0qAhbLDQ643N+MXGBJ2BZxmBVyR9OQSAAAA
-MgorBgEEAZdVAQUBAQdA+nysrzml2UCweAqtpDuncSPlvrcBWKU0yfU0YvYWWAoD
-AQgHAAAAAAAiAP9OdAPppjU1WwpqjIItkxr+VPQRT8Zm/Riw7U3F6v3OiBFHiHoF
-GBYIACwiIQUZNHvJhyRkAl+Z3z7C4AAO2YhIkuH3s+pMlACRWVabVAUCXJH05AIb
-DAAAOSQBAP4BOOIR/sGLNMOfeb5fPs/02QMieoiSjIBnijhob2U5AQC+RtOHCHx7
-TcIYl5/Uyoi+FOvPLcNw4hOv2nwUzSSVAw==
-=IiS2
------END PGP PRIVATE KEY BLOCK-----`
-
-// See OpenPGP crypto refresh Section A.3.
-const v6PrivKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-
-xUsGY4d/4xsAAAAg+U2nu0jWCmHlZ3BqZYfQMxmZu52JGggkLq2EVD34laMAGXKB
-exK+cH6NX1hs5hNhIB00TrJmosgv3mg1ditlsLfCsQYfGwoAAABCBYJjh3/jAwsJ
-BwUVCg4IDAIWAAKbAwIeCSIhBssYbE8GCaaX5NUt+mxyKwwfHifBilZwj2Ul7Ce6
-2azJBScJAgcCAAAAAK0oIBA+LX0ifsDm185Ecds2v8lwgyU2kCcUmKfvBXbAf6rh
-RYWzuQOwEn7E/aLwIwRaLsdry0+VcallHhSu4RN6HWaEQsiPlR4zxP/TP7mhfVEe
-7XWPxtnMUMtf15OyA51YBMdLBmOHf+MZAAAAIIaTJINn+eUBXbki+PSAld2nhJh/
-LVmFsS+60WyvXkQ1AE1gCk95TUR3XFeibg/u/tVY6a//1q0NWC1X+yui3O24wpsG
-GBsKAAAALAWCY4d/4wKbDCIhBssYbE8GCaaX5NUt+mxyKwwfHifBilZwj2Ul7Ce6
-2azJAAAAAAQBIKbpGG2dWTX8j+VjFM21J0hqWlEg+bdiojWnKfA5AQpWUWtnNwDE
-M0g12vYxoWM8Y81W+bHBw805I8kWVkXU6vFOi+HWvv/ira7ofJu16NnoUkhclkUr
-k0mXubZvyl4GBg==
------END PGP PRIVATE KEY BLOCK-----`
-
-// See OpenPGP crypto refresh merge request:
-// https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/304
-const v6PrivKeyMsg = `-----BEGIN PGP MESSAGE-----
-
-wV0GIQYSyD8ecG9jCP4VGkF3Q6HwM3kOk+mXhIjR2zeNqZMIhRmHzxjV8bU/gXzO
-WgBM85PMiVi93AZfJfhK9QmxfdNnZBjeo1VDeVZheQHgaVf7yopqR6W1FT6NOrfS
-aQIHAgZhZBZTW+CwcW1g4FKlbExAf56zaw76/prQoN+bAzxpohup69LA7JW/Vp0l
-yZnuSj3hcFj0DfqLTGgr4/u717J+sPWbtQBfgMfG9AOIwwrUBqsFE9zW+f1zdlYo
-bhF30A+IitsxxA==
------END PGP MESSAGE-----`
-
-// See OpenPGP crypto refresh merge request:
-// https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/305
-const v6PrivKeyInlineSignMsg = `-----BEGIN PGP MESSAGE-----
-
-wV0GIQYSyD8ecG9jCP4VGkF3Q6HwM3kOk+mXhIjR2zeNqZMIhRmHzxjV8bU/gXzO
-WgBM85PMiVi93AZfJfhK9QmxfdNnZBjeo1VDeVZheQHgaVf7yopqR6W1FT6NOrfS
-aQIHAgZhZBZTW+CwcW1g4FKlbExAf56zaw76/prQoN+bAzxpohup69LA7JW/Vp0l
-yZnuSj3hcFj0DfqLTGgr4/u717J+sPWbtQBfgMfG9AOIwwrUBqsFE9zW+f1zdlYo
-bhF30A+IitsxxA==
------END PGP MESSAGE-----`
-
-// See https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/274
-// decryption password: "correct horse battery staple"
-const v6ArgonSealedPrivKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-
-xYIGY4d/4xsAAAAg+U2nu0jWCmHlZ3BqZYfQMxmZu52JGggkLq2EVD34laP9JgkC
-FARdb9ccngltHraRe25uHuyuAQQVtKipJ0+r5jL4dacGWSAheCWPpITYiyfyIOPS
-3gIDyg8f7strd1OB4+LZsUhcIjOMpVHgmiY/IutJkulneoBYwrEGHxsKAAAAQgWC
-Y4d/4wMLCQcFFQoOCAwCFgACmwMCHgkiIQbLGGxPBgmml+TVLfpscisMHx4nwYpW
-cI9lJewnutmsyQUnCQIHAgAAAACtKCAQPi19In7A5tfORHHbNr/JcIMlNpAnFJin
-7wV2wH+q4UWFs7kDsBJ+xP2i8CMEWi7Ha8tPlXGpZR4UruETeh1mhELIj5UeM8T/
-0z+5oX1RHu11j8bZzFDLX9eTsgOdWATHggZjh3/jGQAAACCGkySDZ/nlAV25Ivj0
-gJXdp4SYfy1ZhbEvutFsr15ENf0mCQIUBA5hhGgp2oaavg6mFUXcFMwBBBUuE8qf
-9Ock+xwusd+GAglBr5LVyr/lup3xxQvHXFSjjA2haXfoN6xUGRdDEHI6+uevKjVR
-v5oAxgu7eJpaXNjCmwYYGwoAAAAsBYJjh3/jApsMIiEGyxhsTwYJppfk1S36bHIr
-DB8eJ8GKVnCPZSXsJ7rZrMkAAAAABAEgpukYbZ1ZNfyP5WMUzbUnSGpaUSD5t2Ki
-Nacp8DkBClZRa2c3AMQzSDXa9jGhYzxjzVb5scHDzTkjyRZWRdTq8U6L4da+/+Kt
-ruh8m7Xo2ehSSFyWRSuTSZe5tm/KXgYG
------END PGP PRIVATE KEY BLOCK-----`
-
-const v4Key25519 = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-
-xUkEZB3qzRto01j2k2pwN5ux9w70stPinAdXULLr20CRW7U7h2GSeACch0M+
-qzQg8yjFQ8VBvu3uwgKH9senoHmj72lLSCLTmhFKzQR0ZXN0wogEEBsIAD4F
-gmQd6s0ECwkHCAmQIf45+TuC+xMDFQgKBBYAAgECGQECmwMCHgEWIQSWEzMi
-jJUHvyIbVKIh/jn5O4L7EwAAUhaHNlgudvxARdPPETUzVgjuWi+YIz8w1xIb
-lHQMvIrbe2sGCQIethpWofd0x7DHuv/ciHg+EoxJ/Td6h4pWtIoKx0kEZB3q
-zRm4CyA7quliq7yx08AoOqHTuuCgvpkSdEhpp3pEyejQOgBo0p6ywIiLPllY
-0t+jpNspHpAGfXID6oqjpYuJw3AfVRBlwnQEGBsIACoFgmQd6s0JkCH+Ofk7
-gvsTApsMFiEElhMzIoyVB78iG1SiIf45+TuC+xMAAGgQuN9G73446ykvJ/mL
-sCZ7zGFId2gBd1EnG0FTC4npfOKpck0X8dngByrCxU8LDSfvjsEp/xDAiKsQ
-aU71tdtNBQ==
-=e7jT
------END PGP PRIVATE KEY BLOCK-----`
-
-const keyWithExpiredCrossSig = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-
-xsDNBF2lnPIBDAC5cL9PQoQLTMuhjbYvb4Ncuuo0bfmgPRFywX53jPhoFf4Zg6mv
-/seOXpgecTdOcVttfzC8ycIKrt3aQTiwOG/ctaR4Bk/t6ayNFfdUNxHWk4WCKzdz
-/56fW2O0F23qIRd8UUJp5IIlN4RDdRCtdhVQIAuzvp2oVy/LaS2kxQoKvph/5pQ/
-5whqsyroEWDJoSV0yOb25B/iwk/pLUFoyhDG9bj0kIzDxrEqW+7Ba8nocQlecMF3
-X5KMN5kp2zraLv9dlBBpWW43XktjcCZgMy20SouraVma8Je/ECwUWYUiAZxLIlMv
-9CurEOtxUw6N3RdOtLmYZS9uEnn5y1UkF88o8Nku890uk6BrewFzJyLAx5wRZ4F0
-qV/yq36UWQ0JB/AUGhHVPdFf6pl6eaxBwT5GXvbBUibtf8YI2og5RsgTWtXfU7eb
-SGXrl5ZMpbA6mbfhd0R8aPxWfmDWiIOhBufhMCvUHh1sApMKVZnvIff9/0Dca3wb
-vLIwa3T4CyshfT0AEQEAAc0hQm9iIEJhYmJhZ2UgPGJvYkBvcGVucGdwLmV4YW1w
-bGU+wsEABBMBCgATBYJeO2eVAgsJAxUICgKbAQIeAQAhCRD7/MgqAV5zMBYhBNGm
-bhojsYLJmA94jPv8yCoBXnMwKWUMAJ3FKZfJ2mXvh+GFqgymvK4NoKkDRPB0CbUN
-aDdG7ZOizQrWXo7Da2MYIZ6eZUDqBKLdhZ5gZfVnisDfu/yeCgpENaKib1MPHpA8
-nZQjnPejbBDomNqY8HRzr5jvXNlwywBpjWGtegCKUY9xbSynjbfzIlMrWL4S+Rfl
-+bOOQKRyYJWXmECmVyqY8cz2VUYmETjNcwC8VCDUxQnhtcCJ7Aej22hfYwVEPb/J
-BsJBPq8WECCiGfJ9Y2y6TF+62KzG9Kfs5hqUeHhQy8V4TSi479ewwL7DH86XmIIK
-chSANBS+7iyMtctjNZfmF9zYdGJFvjI/mbBR/lK66E515Inuf75XnL8hqlXuwqvG
-ni+i03Aet1DzULZEIio4uIU6ioc1lGO9h7K2Xn4S7QQH1QoISNMWqXibUR0RCGjw
-FsEDTt2QwJl8XXxoJCooM7BCcCQo+rMNVUHDjIwrdoQjPld3YZsUQQRcqH6bLuln
-cfn5ufl8zTGWKydoj/iTz8KcjZ7w187AzQRdpZzyAQwA1jC/XGxjK6ddgrRfW9j+
-s/U00++EvIsgTs2kr3Rg0GP7FLWV0YNtR1mpl55/bEl7yAxCDTkOgPUMXcaKlnQh
-6zrlt6H53mF6Bvs3inOHQvOsGtU0dqvb1vkTF0juLiJgPlM7pWv+pNQ6IA39vKoQ
-sTMBv4v5vYNXP9GgKbg8inUNT17BxzZYHfw5+q63ectgDm2on1e8CIRCZ76oBVwz
-dkVxoy3gjh1eENlk2D4P0uJNZzF1Q8GV67yLANGMCDICE/OkWn6daipYDzW4iJQt
-YPUWP4hWhjdm+CK+hg6IQUEn2Vtvi16D2blRP8BpUNNa4fNuylWVuJV76rIHvsLZ
-1pbM3LHpRgE8s6jivS3Rz3WRs0TmWCNnvHPqWizQ3VTy+r3UQVJ5AmhJDrZdZq9i
-aUIuZ01PoE1+CHiJwuxPtWvVAxf2POcm1M/F1fK1J0e+lKlQuyonTXqXR22Y41wr
-fP2aPk3nPSTW2DUAf3vRMZg57ZpRxLEhEMxcM4/LMR+PABEBAAHCwrIEGAEKAAkF
-gl8sAVYCmwIB3QkQ+/zIKgFeczDA+qAEGQEKAAwFgl47Z5UFgwB4TOAAIQkQfC+q
-Tfk8N7IWIQQd3OFfCSF87i87N2B8L6pN+Tw3st58C/0exp0X2U4LqicSHEOSqHZj
-jiysdqIELHGyo5DSPv92UFPp36aqjF9OFgtNNwSa56fmAVCD4+hor/fKARRIeIjF
-qdIC5Y/9a4B10NQFJa5lsvB38x/d39LI2kEoglZnqWgdJskROo3vNQF4KlIcm6FH
-dn4WI8UkC5oUUcrpZVMSKoacIaxLwqnXT42nIVgYYuqrd/ZagZZjG5WlrTOd5+NI
-zi/l0fWProcPHGLjmAh4Thu8i7omtVw1nQaMnq9I77ffg3cPDgXknYrLL+q8xXh/
-0mEJyIhnmPwllWCSZuLv9DrD5pOexFfdlwXhf6cLzNpW6QhXD/Tf5KrqIPr9aOv8
-9xaEEXWh0vEby2kIsI2++ft+vfdIyxYw/wKqx0awTSnuBV1rG3z1dswX4BfoY66x
-Bz3KOVqlz9+mG/FTRQwrgPvR+qgLCHbuotxoGN7fzW+PI75hQG5JQAqhsC9sHjQH
-UrI21/VUNwzfw3v5pYsWuFb5bdQ3ASJetICQiMy7IW8WIQTRpm4aI7GCyZgPeIz7
-/MgqAV5zMG6/C/wLpPl/9e6Hf5wmXIUwpZNQbNZvpiCcyx9sXsHXaycOQVxn3McZ
-nYOUP9/mobl1tIeDQyTNbkxWjU0zzJl8XQsDZerb5098pg+x7oGIL7M1vn5s5JMl
-owROourqF88JEtOBxLMxlAM7X4hB48xKQ3Hu9hS1GdnqLKki4MqRGl4l5FUwyGOM
-GjyS3TzkfiDJNwQxybQiC9n57ij20ieNyLfuWCMLcNNnZUgZtnF6wCctoq/0ZIWu
-a7nvuA/XC2WW9YjEJJiWdy5109pqac+qWiY11HWy/nms4gpMdxVpT0RhrKGWq4o0
-M5q3ZElOoeN70UO3OSbU5EVrG7gB1GuwF9mTHUVlV0veSTw0axkta3FGT//XfSpD
-lRrCkyLzwq0M+UUHQAuYpAfobDlDdnxxOD2jm5GyTzak3GSVFfjW09QFVO6HlGp5
-01/jtzkUiS6nwoHHkfnyn0beZuR8X6KlcrzLB0VFgQFLmkSM9cSOgYhD0PTu9aHb
-hW1Hj9AO8lzggBQ=
-=Nt+N
------END PGP PUBLIC KEY BLOCK-----
-`
-
-const sigFromKeyWithExpiredCrossSig = `-----BEGIN PGP SIGNATURE-----
-
-wsDzBAABCgAGBYJfLAFsACEJEHwvqk35PDeyFiEEHdzhXwkhfO4vOzdgfC+qTfk8
-N7KiqwwAts4QGB7v9bABCC2qkTxJhmStC0wQMcHRcjL/qAiVnmasQWmvE9KVsdm3
-AaXd8mIx4a37/RRvr9dYrY2eE4uw72cMqPxNja2tvVXkHQvk1oEUqfkvbXs4ypKI
-NyeTWjXNOTZEbg0hbm3nMy+Wv7zgB1CEvAsEboLDJlhGqPcD+X8a6CJGrBGUBUrv
-KVmZr3U6vEzClz3DBLpoddCQseJRhT4YM1nKmBlZ5quh2LFgTSpajv5OsZheqt9y
-EZAPbqmLhDmWRQwGzkWHKceKS7nZ/ox2WK6OS7Ob8ZGZkM64iPo6/EGj5Yc19vQN
-AGiIaPEGszBBWlOpHTPhNm0LB0nMWqqaT87oNYwP8CQuuxDb6rKJ2lffCmZH27Lb
-UbQZcH8J+0UhpeaiadPZxH5ATJAcenmVtVVMLVOFnm+eIlxzov9ntpgGYt8hLdXB
-ITEG9mMgp3TGS9ZzSifMZ8UGtHdp9QdBg8NEVPFzDOMGxpc/Bftav7RRRuPiAER+
-7A5CBid5
-=aQkm
------END PGP SIGNATURE-----
-`
-
-const signedMessageWithCriticalNotation = `-----BEGIN PGP MESSAGE-----
-
-owGbwMvMwMH4oOW7S46CznTG09xJDDE3Wl1KUotLuDousDAwcjBYiSmyXL+48d6x
-U1PSGUxcj8IUszKBVMpMaWAAAgEGZpAeh9SKxNyCnFS95PzcytRiBi5OAZjyXXzM
-f8WYLqv7TXP61Sa4rqT12CI3xaN73YS2pt089f96odCKaEPnWJ3iSGmzJaW/ug10
-2Zo8Wj2k4s7t8wt4H3HtTu+y5UZfV3VOO+l//sdE/o+Lsub8FZH7/eOq7OnbNp4n
-vwjE8mqJXetNMfj8r2SCyvkEnlVRYR+/mnge+ib56FdJ8uKtqSxyvgA=
-=fRXs
------END PGP MESSAGE-----`
-
-const criticalNotationSigner = `-----BEGIN PGP PUBLIC KEY BLOCK-----
-
-mI0EUmEvTgEEANyWtQQMOybQ9JltDqmaX0WnNPJeLILIM36sw6zL0nfTQ5zXSS3+
-fIF6P29lJFxpblWk02PSID5zX/DYU9/zjM2xPO8Oa4xo0cVTOTLj++Ri5mtr//f5
-GLsIXxFrBJhD/ghFsL3Op0GXOeLJ9A5bsOn8th7x6JucNKuaRB6bQbSPABEBAAG0
-JFRlc3QgTWNUZXN0aW5ndG9uIDx0ZXN0QGV4YW1wbGUuY29tPoi5BBMBAgAjBQJS
-YS9OAhsvBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQSmNhOk1uQJQwDAP6
-AgrTyqkRlJVqz2pb46TfbDM2TDF7o9CBnBzIGoxBhlRwpqALz7z2kxBDmwpQa+ki
-Bq3jZN/UosY9y8bhwMAlnrDY9jP1gdCo+H0sD48CdXybblNwaYpwqC8VSpDdTndf
-9j2wE/weihGp/DAdy/2kyBCaiOY1sjhUfJ1GogF49rC4jQRSYS9OAQQA6R/PtBFa
-JaT4jq10yqASk4sqwVMsc6HcifM5lSdxzExFP74naUMMyEsKHP53QxTF0Grqusag
-Qg/ZtgT0CN1HUM152y7ACOdp1giKjpMzOTQClqCoclyvWOFB+L/SwGEIJf7LSCEr
-woBuJifJc8xAVr0XX0JthoW+uP91eTQ3XpsAEQEAAYkBPQQYAQIACQUCUmEvTgIb
-LgCoCRBKY2E6TW5AlJ0gBBkBAgAGBQJSYS9OAAoJEOCE90RsICyXuqIEANmmiRCA
-SF7YK7PvFkieJNwzeK0V3F2lGX+uu6Y3Q/Zxdtwc4xR+me/CSBmsURyXTO29OWhP
-GLszPH9zSJU9BdDi6v0yNprmFPX/1Ng0Abn/sCkwetvjxC1YIvTLFwtUL/7v6NS2
-bZpsUxRTg9+cSrMWWSNjiY9qUKajm1tuzPDZXAUEAMNmAN3xXN/Kjyvj2OK2ck0X
-W748sl/tc3qiKPMJ+0AkMF7Pjhmh9nxqE9+QCEl7qinFqqBLjuzgUhBU4QlwX1GD
-AtNTq6ihLMD5v1d82ZC7tNatdlDMGWnIdvEMCv2GZcuIqDQ9rXWs49e7tq1NncLY
-hz3tYjKhoFTKEIq3y3Pp
-=h/aX
------END PGP PUBLIC KEY BLOCK-----`
-
-const keyv5Test = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-Comment: Bob's OpenPGP Transferable Secret Key
-
-lQVYBF2lnPIBDAC5cL9PQoQLTMuhjbYvb4Ncuuo0bfmgPRFywX53jPhoFf4Zg6mv
-/seOXpgecTdOcVttfzC8ycIKrt3aQTiwOG/ctaR4Bk/t6ayNFfdUNxHWk4WCKzdz
-/56fW2O0F23qIRd8UUJp5IIlN4RDdRCtdhVQIAuzvp2oVy/LaS2kxQoKvph/5pQ/
-5whqsyroEWDJoSV0yOb25B/iwk/pLUFoyhDG9bj0kIzDxrEqW+7Ba8nocQlecMF3
-X5KMN5kp2zraLv9dlBBpWW43XktjcCZgMy20SouraVma8Je/ECwUWYUiAZxLIlMv
-9CurEOtxUw6N3RdOtLmYZS9uEnn5y1UkF88o8Nku890uk6BrewFzJyLAx5wRZ4F0
-qV/yq36UWQ0JB/AUGhHVPdFf6pl6eaxBwT5GXvbBUibtf8YI2og5RsgTWtXfU7eb
-SGXrl5ZMpbA6mbfhd0R8aPxWfmDWiIOhBufhMCvUHh1sApMKVZnvIff9/0Dca3wb
-vLIwa3T4CyshfT0AEQEAAQAL/RZqbJW2IqQDCnJi4Ozm++gPqBPiX1RhTWSjwxfM
-cJKUZfzLj414rMKm6Jh1cwwGY9jekROhB9WmwaaKT8HtcIgrZNAlYzANGRCM4TLK
-3VskxfSwKKna8l+s+mZglqbAjUg3wmFuf9Tj2xcUZYmyRm1DEmcN2ZzpvRtHgX7z
-Wn1mAKUlSDJZSQks0zjuMNbupcpyJokdlkUg2+wBznBOTKzgMxVNC9b2g5/tMPUs
-hGGWmF1UH+7AHMTaS6dlmr2ZBIyogdnfUqdNg5sZwsxSNrbglKP4sqe7X61uEAIQ
-bD7rT3LonLbhkrj3I8wilUD8usIwt5IecoHhd9HziqZjRCc1BUBkboUEoyedbDV4
-i4qfsFZ6CEWoLuD5pW7dEp0M+WeuHXO164Rc+LnH6i1VQrpb1Okl4qO6ejIpIjBI
-1t3GshtUu/mwGBBxs60KBX5g77mFQ9lLCRj8lSYqOsHRKBhUp4qM869VA+fD0BRP
-fqPT0I9IH4Oa/A3jYJcg622GwQYA1LhnP208Waf6PkQSJ6kyr8ymY1yVh9VBE/g6
-fRDYA+pkqKnw9wfH2Qho3ysAA+OmVOX8Hldg+Pc0Zs0e5pCavb0En8iFLvTA0Q2E
-LR5rLue9uD7aFuKFU/VdcddY9Ww/vo4k5p/tVGp7F8RYCFn9rSjIWbfvvZi1q5Tx
-+akoZbga+4qQ4WYzB/obdX6SCmi6BndcQ1QdjCCQU6gpYx0MddVERbIp9+2SXDyL
-hpxjSyz+RGsZi/9UAshT4txP4+MZBgDfK3ZqtW+h2/eMRxkANqOJpxSjMyLO/FXN
-WxzTDYeWtHNYiAlOwlQZEPOydZFty9IVzzNFQCIUCGjQ/nNyhw7adSgUk3+BXEx/
-MyJPYY0BYuhLxLYcrfQ9nrhaVKxRJj25SVHj2ASsiwGJRZW4CC3uw40OYxfKEvNC
-mer/VxM3kg8qqGf9KUzJ1dVdAvjyx2Hz6jY2qWCyRQ6IMjWHyd43C4r3jxooYKUC
-YnstRQyb/gCSKahveSEjo07CiXMr88UGALwzEr3npFAsPW3osGaFLj49y1oRe11E
-he9gCHFm+fuzbXrWmdPjYU5/ZdqdojzDqfu4ThfnipknpVUM1o6MQqkjM896FHm8
-zbKVFSMhEP6DPHSCexMFrrSgN03PdwHTO6iBaIBBFqmGY01tmJ03SxvSpiBPON9P
-NVvy/6UZFedTq8A07OUAxO62YUSNtT5pmK2vzs3SAZJmbFbMh+NN204TRI72GlqT
-t5hcfkuv8hrmwPS/ZR6q312mKQ6w/1pqO9qitCFCb2IgQmFiYmFnZSA8Ym9iQG9w
-ZW5wZ3AuZXhhbXBsZT6JAc4EEwEKADgCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgEC
-F4AWIQTRpm4aI7GCyZgPeIz7/MgqAV5zMAUCXaWe+gAKCRD7/MgqAV5zMG9sC/9U
-2T3RrqEbw533FPNfEflhEVRIZ8gDXKM8hU6cqqEzCmzZT6xYTe6sv4y+PJBGXJFX
-yhj0g6FDkSyboM5litOcTupURObVqMgA/Y4UKERznm4fzzH9qek85c4ljtLyNufe
-doL2pp3vkGtn7eD0QFRaLLmnxPKQ/TlZKdLE1G3u8Uot8QHicaR6GnAdc5UXQJE3
-BiV7jZuDyWmZ1cUNwJkKL6oRtp+ZNDOQCrLNLecKHcgCqrpjSQG5oouba1I1Q6Vl
-sP44dhA1nkmLHtxlTOzpeHj4jnk1FaXmyasurrrI5CgU/L2Oi39DGKTH/A/cywDN
-4ZplIQ9zR8enkbXquUZvFDe+Xz+6xRXtb5MwQyWODB3nHw85HocLwRoIN9WdQEI+
-L8a/56AuOwhs8llkSuiITjR7r9SgKJC2WlAHl7E8lhJ3VDW3ELC56KH308d6mwOG
-ZRAqIAKzM1T5FGjMBhq7ZV0eqdEntBh3EcOIfj2M8rg1MzJv+0mHZOIjByawikad
-BVgEXaWc8gEMANYwv1xsYyunXYK0X1vY/rP1NNPvhLyLIE7NpK90YNBj+xS1ldGD
-bUdZqZeef2xJe8gMQg05DoD1DF3GipZ0Ies65beh+d5hegb7N4pzh0LzrBrVNHar
-29b5ExdI7i4iYD5TO6Vr/qTUOiAN/byqELEzAb+L+b2DVz/RoCm4PIp1DU9ewcc2
-WB38Ofqut3nLYA5tqJ9XvAiEQme+qAVcM3ZFcaMt4I4dXhDZZNg+D9LiTWcxdUPB
-leu8iwDRjAgyAhPzpFp+nWoqWA81uIiULWD1Fj+IVoY3ZvgivoYOiEFBJ9lbb4te
-g9m5UT/AaVDTWuHzbspVlbiVe+qyB77C2daWzNyx6UYBPLOo4r0t0c91kbNE5lgj
-Z7xz6los0N1U8vq91EFSeQJoSQ62XWavYmlCLmdNT6BNfgh4icLsT7Vr1QMX9jzn
-JtTPxdXytSdHvpSpULsqJ016l0dtmONcK3z9mj5N5z0k1tg1AH970TGYOe2aUcSx
-IRDMXDOPyzEfjwARAQABAAv9F2CwsjS+Sjh1M1vegJbZjei4gF1HHpEM0K0PSXsp
-SfVvpR4AoSJ4He6CXSMWg0ot8XKtDuZoV9jnJaES5UL9pMAD7JwIOqZm/DYVJM5h
-OASCh1c356/wSbFbzRHPtUdZO9Q30WFNJM5pHbCJPjtNoRmRGkf71RxtvHBzy7np
-Ga+W6U/NVKHw0i0CYwMI0YlKDakYW3Pm+QL+gHZFvngGweTod0f9l2VLLAmeQR/c
-+EZs7lNumhuZ8mXcwhUc9JQIhOkpO+wreDysEFkAcsKbkQP3UDUsA1gFx9pbMzT0
-tr1oZq2a4QBtxShHzP/ph7KLpN+6qtjks3xB/yjTgaGmtrwM8tSe0wD1RwXS+/1o
-BHpXTnQ7TfeOGUAu4KCoOQLv6ELpKWbRBLWuiPwMdbGpvVFALO8+kvKAg9/r+/ny
-zM2GQHY+J3Jh5JxPiJnHfXNZjIKLbFbIPdSKNyJBuazXW8xIa//mEHMI5OcvsZBK
-clAIp7LXzjEjKXIwHwDcTn9pBgDpdOKTHOtJ3JUKx0rWVsDH6wq6iKV/FTVSY5jl
-zN+puOEsskF1Lfxn9JsJihAVO3yNsp6RvkKtyNlFazaCVKtDAmkjoh60XNxcNRqr
-gCnwdpbgdHP6v/hvZY54ZaJjz6L2e8unNEkYLxDt8cmAyGPgH2XgL7giHIp9jrsQ
-aS381gnYwNX6wE1aEikgtY91nqJjwPlibF9avSyYQoMtEqM/1UjTjB2KdD/MitK5
-fP0VpvuXpNYZedmyq4UOMwdkiNMGAOrfmOeT0olgLrTMT5H97Cn3Yxbk13uXHNu/
-ZUZZNe8s+QtuLfUlKAJtLEUutN33TlWQY522FV0m17S+b80xJib3yZVJteVurrh5
-HSWHAM+zghQAvCesg5CLXa2dNMkTCmZKgCBvfDLZuZbjFwnwCI6u/NhOY9egKuUf
-SA/je/RXaT8m5VxLYMxwqQXKApzD87fv0tLPlVIEvjEsaf992tFEFSNPcG1l/jpd
-5AVXw6kKuf85UkJtYR1x2MkQDrqY1QX/XMw00kt8y9kMZUre19aCArcmor+hDhRJ
-E3Gt4QJrD9z/bICESw4b4z2DbgD/Xz9IXsA/r9cKiM1h5QMtXvuhyfVeM01enhxM
-GbOH3gjqqGNKysx0UODGEwr6AV9hAd8RWXMchJLaExK9J5SRawSg671ObAU24SdY
-vMQ9Z4kAQ2+1ReUZzf3ogSMRZtMT+d18gT6L90/y+APZIaoArLPhebIAGq39HLmJ
-26x3z0WAgrpA1kNsjXEXkoiZGPLKIGoe3hqJAbYEGAEKACAWIQTRpm4aI7GCyZgP
-eIz7/MgqAV5zMAUCXaWc8gIbDAAKCRD7/MgqAV5zMOn/C/9ugt+HZIwX308zI+QX
-c5vDLReuzmJ3ieE0DMO/uNSC+K1XEioSIZP91HeZJ2kbT9nn9fuReuoff0T0Dief
-rbwcIQQHFFkrqSp1K3VWmUGp2JrUsXFVdjy/fkBIjTd7c5boWljv/6wAsSfiv2V0
-JSM8EFU6TYXxswGjFVfc6X97tJNeIrXL+mpSmPPqy2bztcCCHkWS5lNLWQw+R7Vg
-71Fe6yBSNVrqC2/imYG2J9zlowjx1XU63Wdgqp2Wxt0l8OmsB/W80S1fRF5G4SDH
-s9HXglXXqPsBRZJYfP+VStm9L5P/sKjCcX6WtZR7yS6G8zj/X767MLK/djANvpPd
-NVniEke6hM3CNBXYPAMhQBMWhCulcoz+0lxi8L34rMN+Dsbma96psdUrn7uLaB91
-6we0CTfF8qqm7BsVAgalon/UUiuMY80U3ueoj3okiSTiHIjD/YtpXSPioC8nMng7
-xqAY9Bwizt4FWgXuLm1a4+So4V9j1TRCXd12Uc2l2RNmgDE=
-=miES
------END PGP PRIVATE KEY BLOCK-----
-`
-
-const certv5Test = `-----BEGIN PGP PRIVATE KEY BLOCK-----
-
-lGEFXJH05BYAAAAtCSsGAQQB2kcPAQEHQFhZlVcVVtwf+21xNQPX+ecMJJBL0MPd
-fj75iux+my8QAAAAAAAiAQCHZ1SnSUmWqxEsoI6facIVZQu6mph3cBFzzTvcm5lA
-Ng5ctBhlbW1hLmdvbGRtYW5AZXhhbXBsZS5uZXSIlgUTFggASCIhBRk0e8mHJGQC
-X5nfPsLgAA7ZiEiS4fez6kyUAJFZVptUBQJckfTkAhsDBQsJCAcCAyICAQYVCgkI
-CwIEFgIDAQIeBwIXgAAA9cAA/jiR3yMsZMeEQ40u6uzEoXa6UXeV/S3wwJAXRJy9
-M8s0AP9vuL/7AyTfFXwwzSjDnYmzS0qAhbLDQ643N+MXGBJ2BZxmBVyR9OQSAAAA
-MgorBgEEAZdVAQUBAQdA+nysrzml2UCweAqtpDuncSPlvrcBWKU0yfU0YvYWWAoD
-AQgHAAAAAAAiAP9OdAPppjU1WwpqjIItkxr+VPQRT8Zm/Riw7U3F6v3OiBFHiHoF
-GBYIACwiIQUZNHvJhyRkAl+Z3z7C4AAO2YhIkuH3s+pMlACRWVabVAUCXJH05AIb
-DAAAOSQBAP4BOOIR/sGLNMOfeb5fPs/02QMieoiSjIBnijhob2U5AQC+RtOHCHx7
-TcIYl5/Uyoi+FOvPLcNw4hOv2nwUzSSVAw==
-=IiS2
------END PGP PRIVATE KEY BLOCK-----
-`
-
-const msgv5Test = `-----BEGIN PGP MESSAGE-----
-
-wcDMA3wvqk35PDeyAQv+PcQiLsoYTH30nJYQh3j3cJaO2+jErtVCrIQRIU0+
-rmgMddERYST4A9mA0DQIiTI4FQ0Lp440D3BWCgpq3LlNWewGzduaWwym5rN6
-cwHz5ccDqOcqbd9X0GXXGy/ZH/ljSgzuVMIytMAXKdF/vrRrVgH/+I7cxvm9
-HwnhjMN5dF0j4aEt996H2T7cbtzSr2GN9SWGW8Gyu7I8Zx73hgrGUI7gDiJB
-Afaff+P6hfkkHSGOItr94dde8J/7AUF4VEwwxdVVPvsNEFyvv6gRIbYtOCa2
-6RE6h1V/QTxW2O7zZgzWALrE2ui0oaYr9QuqQSssd9CdgExLfdPbI+3/ZAnE
-v31Idzpk3/6ILiakYHtXkElPXvf46mCNpobty8ysT34irF+fy3C1p3oGwAsx
-5VDV9OSFU6z5U+UPbSPYAy9rkc5ZssuIKxCER2oTvZ2L8Q5cfUvEUiJtRGGn
-CJlHrVDdp3FssKv2tlKgLkvxJLyoOjuEkj44H1qRk+D02FzmmUT/0sAHAYYx
-lTir6mjHeLpcGjn4waUuWIAJyph8SxUexP60bic0L0NBa6Qp5SxxijKsPIDb
-FPHxWwfJSDZRrgUyYT7089YFB/ZM4FHyH9TZcnxn0f0xIB7NS6YNDsxzN2zT
-EVEYf+De4qT/dQTsdww78Chtcv9JY9r2kDm77dk2MUGHL2j7n8jasbLtgA7h
-pn2DMIWLrGamMLWRmlwslolKr1sMV5x8w+5Ias6C33iBMl9phkg42an0gYmc
-byVJHvLO/XErtC+GNIJeMg==
-=liRq
------END PGP MESSAGE-----
-`
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k.go
deleted file mode 100644
index 6871b84fc9..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k.go
+++ /dev/null
@@ -1,436 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package s2k implements the various OpenPGP string-to-key transforms as
-// specified in RFC 4800 section 3.7.1, and Argon2 specified in
-// draft-ietf-openpgp-crypto-refresh-08 section 3.7.1.4.
-package s2k // import "github.com/ProtonMail/go-crypto/openpgp/s2k"
-
-import (
-	"crypto"
-	"hash"
-	"io"
-	"strconv"
-
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-	"golang.org/x/crypto/argon2"
-)
-
-type Mode uint8
-
-// Defines the default S2KMode constants
-//
-//	0 (simple), 1(salted), 3(iterated), 4(argon2)
-const (
-	SimpleS2K         Mode = 0
-	SaltedS2K         Mode = 1
-	IteratedSaltedS2K Mode = 3
-	Argon2S2K         Mode = 4
-	GnuS2K            Mode = 101
-)
-
-const Argon2SaltSize int = 16
-
-// Params contains all the parameters of the s2k packet
-type Params struct {
-	// mode is the mode of s2k function.
-	// It can be 0 (simple), 1(salted), 3(iterated)
-	// 2(reserved) 100-110(private/experimental).
-	mode Mode
-	// hashId is the ID of the hash function used in any of the modes
-	hashId byte
-	// salt is a byte array to use as a salt in hashing process or argon2
-	saltBytes [Argon2SaltSize]byte
-	// countByte is used to determine how many rounds of hashing are to
-	// be performed in s2k mode 3. See RFC 4880 Section 3.7.1.3.
-	countByte byte
-	// passes is a parameter in Argon2 to determine the number of iterations
-	// See RFC the crypto refresh Section 3.7.1.4.
-	passes byte
-	// parallelism is a parameter in Argon2 to determine the degree of paralellism
-	// See RFC the crypto refresh Section 3.7.1.4.
-	parallelism byte
-	// memoryExp is a parameter in Argon2 to determine the memory usage
-	// i.e., 2 ** memoryExp kibibytes
-	// See RFC the crypto refresh Section 3.7.1.4.
-	memoryExp byte
-}
-
-// encodeCount converts an iterative "count" in the range 1024 to
-// 65011712, inclusive, to an encoded count. The return value is the
-// octet that is actually stored in the GPG file. encodeCount panics
-// if i is not in the above range (encodedCount above takes care to
-// pass i in the correct range). See RFC 4880 Section 3.7.7.1.
-func encodeCount(i int) uint8 {
-	if i < 65536 || i > 65011712 {
-		panic("count arg i outside the required range")
-	}
-
-	for encoded := 96; encoded < 256; encoded++ {
-		count := decodeCount(uint8(encoded))
-		if count >= i {
-			return uint8(encoded)
-		}
-	}
-
-	return 255
-}
-
-// decodeCount returns the s2k mode 3 iterative "count" corresponding to
-// the encoded octet c.
-func decodeCount(c uint8) int {
-	return (16 + int(c&15)) << (uint32(c>>4) + 6)
-}
-
-// encodeMemory converts the Argon2 "memory" in the range parallelism*8 to
-// 2**31, inclusive, to an encoded memory. The return value is the
-// octet that is actually stored in the GPG file. encodeMemory panics
-// if is not in the above range
-// See OpenPGP crypto refresh Section 3.7.1.4.
-func encodeMemory(memory uint32, parallelism uint8) uint8 {
-	if memory < (8*uint32(parallelism)) || memory > uint32(2147483648) {
-		panic("Memory argument memory is outside the required range")
-	}
-
-	for exp := 3; exp < 31; exp++ {
-		compare := decodeMemory(uint8(exp))
-		if compare >= memory {
-			return uint8(exp)
-		}
-	}
-
-	return 31
-}
-
-// decodeMemory computes the decoded memory in kibibytes as 2**memoryExponent
-func decodeMemory(memoryExponent uint8) uint32 {
-	return uint32(1) << memoryExponent
-}
-
-// Simple writes to out the result of computing the Simple S2K function (RFC
-// 4880, section 3.7.1.1) using the given hash and input passphrase.
-func Simple(out []byte, h hash.Hash, in []byte) {
-	Salted(out, h, in, nil)
-}
-
-var zero [1]byte
-
-// Salted writes to out the result of computing the Salted S2K function (RFC
-// 4880, section 3.7.1.2) using the given hash, input passphrase and salt.
-func Salted(out []byte, h hash.Hash, in []byte, salt []byte) {
-	done := 0
-	var digest []byte
-
-	for i := 0; done < len(out); i++ {
-		h.Reset()
-		for j := 0; j < i; j++ {
-			h.Write(zero[:])
-		}
-		h.Write(salt)
-		h.Write(in)
-		digest = h.Sum(digest[:0])
-		n := copy(out[done:], digest)
-		done += n
-	}
-}
-
-// Iterated writes to out the result of computing the Iterated and Salted S2K
-// function (RFC 4880, section 3.7.1.3) using the given hash, input passphrase,
-// salt and iteration count.
-func Iterated(out []byte, h hash.Hash, in []byte, salt []byte, count int) {
-	combined := make([]byte, len(in)+len(salt))
-	copy(combined, salt)
-	copy(combined[len(salt):], in)
-
-	if count < len(combined) {
-		count = len(combined)
-	}
-
-	done := 0
-	var digest []byte
-	for i := 0; done < len(out); i++ {
-		h.Reset()
-		for j := 0; j < i; j++ {
-			h.Write(zero[:])
-		}
-		written := 0
-		for written < count {
-			if written+len(combined) > count {
-				todo := count - written
-				h.Write(combined[:todo])
-				written = count
-			} else {
-				h.Write(combined)
-				written += len(combined)
-			}
-		}
-		digest = h.Sum(digest[:0])
-		n := copy(out[done:], digest)
-		done += n
-	}
-}
-
-// Argon2 writes to out the key derived from the password (in) with the Argon2
-// function (the crypto refresh, section 3.7.1.4)
-func Argon2(out []byte, in []byte, salt []byte, passes uint8, paralellism uint8, memoryExp uint8) {
-	key := argon2.IDKey(in, salt, uint32(passes), decodeMemory(memoryExp), paralellism, uint32(len(out)))
-	copy(out[:], key)
-}
-
-// Generate generates valid parameters from given configuration.
-// It will enforce the Iterated and Salted or Argon2 S2K method.
-func Generate(rand io.Reader, c *Config) (*Params, error) {
-	var params *Params
-	if c != nil && c.Mode() == Argon2S2K {
-		// handle Argon2 case
-		argonConfig := c.Argon2()
-		params = &Params{
-			mode:        Argon2S2K,
-			passes:      argonConfig.Passes(),
-			parallelism: argonConfig.Parallelism(),
-			memoryExp:   argonConfig.EncodedMemory(),
-		}
-	} else if c != nil && c.PassphraseIsHighEntropy && c.Mode() == SaltedS2K { // Allow SaltedS2K if PassphraseIsHighEntropy
-		hashId, ok := algorithm.HashToHashId(c.hash())
-		if !ok {
-			return nil, errors.UnsupportedError("no such hash")
-		}
-
-		params = &Params{
-			mode:   SaltedS2K,
-			hashId: hashId,
-		}
-	} else { // Enforce IteratedSaltedS2K method otherwise
-		hashId, ok := algorithm.HashToHashId(c.hash())
-		if !ok {
-			return nil, errors.UnsupportedError("no such hash")
-		}
-		if c != nil {
-			c.S2KMode = IteratedSaltedS2K
-		}
-		params = &Params{
-			mode:      IteratedSaltedS2K,
-			hashId:    hashId,
-			countByte: c.EncodedCount(),
-		}
-	}
-	if _, err := io.ReadFull(rand, params.salt()); err != nil {
-		return nil, err
-	}
-	return params, nil
-}
-
-// Parse reads a binary specification for a string-to-key transformation from r
-// and returns a function which performs that transform. If the S2K is a special
-// GNU extension that indicates that the private key is missing, then the error
-// returned is errors.ErrDummyPrivateKey.
-func Parse(r io.Reader) (f func(out, in []byte), err error) {
-	params, err := ParseIntoParams(r)
-	if err != nil {
-		return nil, err
-	}
-
-	return params.Function()
-}
-
-// ParseIntoParams reads a binary specification for a string-to-key
-// transformation from r and returns a struct describing the s2k parameters.
-func ParseIntoParams(r io.Reader) (params *Params, err error) {
-	var buf [Argon2SaltSize + 3]byte
-
-	_, err = io.ReadFull(r, buf[:1])
-	if err != nil {
-		return
-	}
-
-	params = &Params{
-		mode: Mode(buf[0]),
-	}
-
-	switch params.mode {
-	case SimpleS2K:
-		_, err = io.ReadFull(r, buf[:1])
-		if err != nil {
-			return nil, err
-		}
-		params.hashId = buf[0]
-		return params, nil
-	case SaltedS2K:
-		_, err = io.ReadFull(r, buf[:9])
-		if err != nil {
-			return nil, err
-		}
-		params.hashId = buf[0]
-		copy(params.salt(), buf[1:9])
-		return params, nil
-	case IteratedSaltedS2K:
-		_, err = io.ReadFull(r, buf[:10])
-		if err != nil {
-			return nil, err
-		}
-		params.hashId = buf[0]
-		copy(params.salt(), buf[1:9])
-		params.countByte = buf[9]
-		return params, nil
-	case Argon2S2K:
-		_, err = io.ReadFull(r, buf[:Argon2SaltSize+3])
-		if err != nil {
-			return nil, err
-		}
-		copy(params.salt(), buf[:Argon2SaltSize])
-		params.passes = buf[Argon2SaltSize]
-		params.parallelism = buf[Argon2SaltSize+1]
-		params.memoryExp = buf[Argon2SaltSize+2]
-		if err := validateArgon2Params(params); err != nil {
-			return nil, err
-		}
-		return params, nil
-	case GnuS2K:
-		// This is a GNU extension. See
-		// https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=doc/DETAILS;h=fe55ae16ab4e26d8356dc574c9e8bc935e71aef1;hb=23191d7851eae2217ecdac6484349849a24fd94a#l1109
-		if _, err = io.ReadFull(r, buf[:5]); err != nil {
-			return nil, err
-		}
-		params.hashId = buf[0]
-		if buf[1] == 'G' && buf[2] == 'N' && buf[3] == 'U' && buf[4] == 1 {
-			return params, nil
-		}
-		return nil, errors.UnsupportedError("GNU S2K extension")
-	}
-
-	return nil, errors.UnsupportedError("S2K function")
-}
-
-func (params *Params) Mode() Mode {
-	return params.mode
-}
-
-func (params *Params) Dummy() bool {
-	return params != nil && params.mode == GnuS2K
-}
-
-func (params *Params) salt() []byte {
-	switch params.mode {
-	case SaltedS2K, IteratedSaltedS2K:
-		return params.saltBytes[:8]
-	case Argon2S2K:
-		return params.saltBytes[:Argon2SaltSize]
-	default:
-		return nil
-	}
-}
-
-func (params *Params) Function() (f func(out, in []byte), err error) {
-	if params.Dummy() {
-		return nil, errors.ErrDummyPrivateKey("dummy key found")
-	}
-	var hashObj crypto.Hash
-	if params.mode != Argon2S2K {
-		var ok bool
-		hashObj, ok = algorithm.HashIdToHashWithSha1(params.hashId)
-		if !ok {
-			return nil, errors.UnsupportedError("hash for S2K function: " + strconv.Itoa(int(params.hashId)))
-		}
-		if !hashObj.Available() {
-			return nil, errors.UnsupportedError("hash not available: " + strconv.Itoa(int(hashObj)))
-		}
-	}
-
-	switch params.mode {
-	case SimpleS2K:
-		f := func(out, in []byte) {
-			Simple(out, hashObj.New(), in)
-		}
-
-		return f, nil
-	case SaltedS2K:
-		f := func(out, in []byte) {
-			Salted(out, hashObj.New(), in, params.salt())
-		}
-
-		return f, nil
-	case IteratedSaltedS2K:
-		f := func(out, in []byte) {
-			Iterated(out, hashObj.New(), in, params.salt(), decodeCount(params.countByte))
-		}
-
-		return f, nil
-	case Argon2S2K:
-		f := func(out, in []byte) {
-			Argon2(out, in, params.salt(), params.passes, params.parallelism, params.memoryExp)
-		}
-		return f, nil
-	}
-
-	return nil, errors.UnsupportedError("S2K function")
-}
-
-func (params *Params) Serialize(w io.Writer) (err error) {
-	if _, err = w.Write([]byte{uint8(params.mode)}); err != nil {
-		return
-	}
-	if params.mode != Argon2S2K {
-		if _, err = w.Write([]byte{params.hashId}); err != nil {
-			return
-		}
-	}
-	if params.Dummy() {
-		_, err = w.Write(append([]byte("GNU"), 1))
-		return
-	}
-	if params.mode > 0 {
-		if _, err = w.Write(params.salt()); err != nil {
-			return
-		}
-		if params.mode == IteratedSaltedS2K {
-			_, err = w.Write([]byte{params.countByte})
-		}
-		if params.mode == Argon2S2K {
-			_, err = w.Write([]byte{params.passes, params.parallelism, params.memoryExp})
-		}
-	}
-	return
-}
-
-// Serialize salts and stretches the given passphrase and writes the
-// resulting key into key. It also serializes an S2K descriptor to
-// w. The key stretching can be configured with c, which may be
-// nil. In that case, sensible defaults will be used.
-func Serialize(w io.Writer, key []byte, rand io.Reader, passphrase []byte, c *Config) error {
-	params, err := Generate(rand, c)
-	if err != nil {
-		return err
-	}
-	err = params.Serialize(w)
-	if err != nil {
-		return err
-	}
-
-	f, err := params.Function()
-	if err != nil {
-		return err
-	}
-	f(key, passphrase)
-	return nil
-}
-
-// validateArgon2Params checks that the argon2 parameters are valid according to RFC9580.
-func validateArgon2Params(params *Params) error {
-	// The number of passes t and the degree of parallelism p MUST be non-zero.
-	if params.parallelism == 0 {
-		return errors.StructuralError("invalid argon2 params: parallelism is 0")
-	}
-	if params.passes == 0 {
-		return errors.StructuralError("invalid argon2 params: iterations is 0")
-	}
-
-	// The encoded memory size MUST be a value from 3+ceil(log2(p)) to 31,
-	// such that the decoded memory size m is a value from 8*p to 2^31.
-	if params.memoryExp > 31 || decodeMemory(params.memoryExp) < 8*uint32(params.parallelism) {
-		return errors.StructuralError("invalid argon2 params: memory is out of bounds")
-	}
-
-	return nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k_cache.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k_cache.go
deleted file mode 100644
index 616e0d12c6..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k_cache.go
+++ /dev/null
@@ -1,26 +0,0 @@
-package s2k
-
-// Cache stores keys derived with s2k functions from one passphrase
-// to avoid recomputation if multiple items are encrypted with
-// the same parameters.
-type Cache map[Params][]byte
-
-// GetOrComputeDerivedKey tries to retrieve the key
-// for the given s2k parameters from the cache.
-// If there is no hit, it derives the key with the s2k function from the passphrase,
-// updates the cache, and returns the key.
-func (c *Cache) GetOrComputeDerivedKey(passphrase []byte, params *Params, expectedKeySize int) ([]byte, error) {
-	key, found := (*c)[*params]
-	if !found || len(key) != expectedKeySize {
-		var err error
-		derivedKey := make([]byte, expectedKeySize)
-		s2k, err := params.Function()
-		if err != nil {
-			return nil, err
-		}
-		s2k(derivedKey, passphrase)
-		(*c)[*params] = key
-		return derivedKey, nil
-	}
-	return key, nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k_config.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k_config.go
deleted file mode 100644
index b93db1ab85..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k_config.go
+++ /dev/null
@@ -1,129 +0,0 @@
-package s2k
-
-import "crypto"
-
-// Config collects configuration parameters for s2k key-stretching
-// transformations. A nil *Config is valid and results in all default
-// values.
-type Config struct {
-	// S2K (String to Key) mode, used for key derivation in the context of secret key encryption
-	// and passphrase-encrypted data. Either s2k.Argon2S2K or s2k.IteratedSaltedS2K may be used.
-	// If the passphrase is a high-entropy key, indicated by setting PassphraseIsHighEntropy to true,
-	// s2k.SaltedS2K can also be used.
-	// Note: Argon2 is the strongest option but not all OpenPGP implementations are compatible with it
-	//(pending standardisation).
-	// 0 (simple), 1(salted), 3(iterated), 4(argon2)
-	// 2(reserved) 100-110(private/experimental).
-	S2KMode Mode
-	// Only relevant if S2KMode is not set to s2k.Argon2S2K.
-	// Hash is the default hash function to be used. If
-	// nil, SHA256 is used.
-	Hash crypto.Hash
-	// Argon2 parameters for S2K (String to Key).
-	// Only relevant if S2KMode is set to s2k.Argon2S2K.
-	// If nil, default parameters are used.
-	// For more details on the choice of parameters, see https://tools.ietf.org/html/rfc9106#section-4.
-	Argon2Config *Argon2Config
-	// Only relevant if S2KMode is set to s2k.IteratedSaltedS2K.
-	// Iteration count for Iterated S2K (String to Key). It
-	// determines the strength of the passphrase stretching when
-	// the said passphrase is hashed to produce a key. S2KCount
-	// should be between 65536 and 65011712, inclusive. If Config
-	// is nil or S2KCount is 0, the value 16777216 used. Not all
-	// values in the above range can be represented. S2KCount will
-	// be rounded up to the next representable value if it cannot
-	// be encoded exactly. When set, it is strongly encrouraged to
-	// use a value that is at least 65536. See RFC 4880 Section
-	// 3.7.1.3.
-	S2KCount int
-	// Indicates whether the passphrase passed by the application is a
-	// high-entropy key (e.g. it's randomly generated or derived from
-	// another passphrase using a strong key derivation function).
-	// When true, allows the S2KMode to be s2k.SaltedS2K.
-	// When the passphrase is not a high-entropy key, using SaltedS2K is
-	// insecure, and not allowed by draft-ietf-openpgp-crypto-refresh-08.
-	PassphraseIsHighEntropy bool
-}
-
-// Argon2Config stores the Argon2 parameters
-// A nil *Argon2Config is valid and results in all default
-type Argon2Config struct {
-	NumberOfPasses      uint8
-	DegreeOfParallelism uint8
-	// Memory specifies the desired Argon2 memory usage in kibibytes.
-	// For example memory=64*1024 sets the memory cost to ~64 MB.
-	Memory uint32
-}
-
-func (c *Config) Mode() Mode {
-	if c == nil {
-		return IteratedSaltedS2K
-	}
-	return c.S2KMode
-}
-
-func (c *Config) hash() crypto.Hash {
-	if c == nil || uint(c.Hash) == 0 {
-		return crypto.SHA256
-	}
-
-	return c.Hash
-}
-
-func (c *Config) Argon2() *Argon2Config {
-	if c == nil || c.Argon2Config == nil {
-		return nil
-	}
-	return c.Argon2Config
-}
-
-// EncodedCount get encoded count
-func (c *Config) EncodedCount() uint8 {
-	if c == nil || c.S2KCount == 0 {
-		return 224 // The common case. Corresponding to 16777216
-	}
-
-	i := c.S2KCount
-
-	switch {
-	case i < 65536:
-		i = 65536
-	case i > 65011712:
-		i = 65011712
-	}
-
-	return encodeCount(i)
-}
-
-func (c *Argon2Config) Passes() uint8 {
-	if c == nil || c.NumberOfPasses == 0 {
-		return 3
-	}
-	return c.NumberOfPasses
-}
-
-func (c *Argon2Config) Parallelism() uint8 {
-	if c == nil || c.DegreeOfParallelism == 0 {
-		return 4
-	}
-	return c.DegreeOfParallelism
-}
-
-func (c *Argon2Config) EncodedMemory() uint8 {
-	if c == nil || c.Memory == 0 {
-		return 16 // 64 MiB of RAM
-	}
-
-	memory := c.Memory
-	lowerBound := uint32(c.Parallelism()) * 8
-	upperBound := uint32(2147483648)
-
-	switch {
-	case memory < lowerBound:
-		memory = lowerBound
-	case memory > upperBound:
-		memory = upperBound
-	}
-
-	return encodeMemory(memory, c.Parallelism())
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/write.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/write.go
deleted file mode 100644
index b0f6ef7b09..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/write.go
+++ /dev/null
@@ -1,620 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package openpgp
-
-import (
-	"crypto"
-	"hash"
-	"io"
-	"strconv"
-	"time"
-
-	"github.com/ProtonMail/go-crypto/openpgp/armor"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
-	"github.com/ProtonMail/go-crypto/openpgp/packet"
-)
-
-// DetachSign signs message with the private key from signer (which must
-// already have been decrypted) and writes the signature to w.
-// If config is nil, sensible defaults will be used.
-func DetachSign(w io.Writer, signer *Entity, message io.Reader, config *packet.Config) error {
-	return detachSign(w, signer, message, packet.SigTypeBinary, config)
-}
-
-// ArmoredDetachSign signs message with the private key from signer (which
-// must already have been decrypted) and writes an armored signature to w.
-// If config is nil, sensible defaults will be used.
-func ArmoredDetachSign(w io.Writer, signer *Entity, message io.Reader, config *packet.Config) (err error) {
-	return armoredDetachSign(w, signer, message, packet.SigTypeBinary, config)
-}
-
-// DetachSignText signs message (after canonicalising the line endings) with
-// the private key from signer (which must already have been decrypted) and
-// writes the signature to w.
-// If config is nil, sensible defaults will be used.
-func DetachSignText(w io.Writer, signer *Entity, message io.Reader, config *packet.Config) error {
-	return detachSign(w, signer, message, packet.SigTypeText, config)
-}
-
-// ArmoredDetachSignText signs message (after canonicalising the line endings)
-// with the private key from signer (which must already have been decrypted)
-// and writes an armored signature to w.
-// If config is nil, sensible defaults will be used.
-func ArmoredDetachSignText(w io.Writer, signer *Entity, message io.Reader, config *packet.Config) error {
-	return armoredDetachSign(w, signer, message, packet.SigTypeText, config)
-}
-
-func armoredDetachSign(w io.Writer, signer *Entity, message io.Reader, sigType packet.SignatureType, config *packet.Config) (err error) {
-	out, err := armor.Encode(w, SignatureType, nil)
-	if err != nil {
-		return
-	}
-	err = detachSign(out, signer, message, sigType, config)
-	if err != nil {
-		return
-	}
-	return out.Close()
-}
-
-func detachSign(w io.Writer, signer *Entity, message io.Reader, sigType packet.SignatureType, config *packet.Config) (err error) {
-	signingKey, ok := signer.SigningKeyById(config.Now(), config.SigningKey())
-	if !ok {
-		return errors.InvalidArgumentError("no valid signing keys")
-	}
-	if signingKey.PrivateKey == nil {
-		return errors.InvalidArgumentError("signing key doesn't have a private key")
-	}
-	if signingKey.PrivateKey.Encrypted {
-		return errors.InvalidArgumentError("signing key is encrypted")
-	}
-	if _, ok := algorithm.HashToHashId(config.Hash()); !ok {
-		return errors.InvalidArgumentError("invalid hash function")
-	}
-
-	sig := createSignaturePacket(signingKey.PublicKey, sigType, config)
-
-	h, err := sig.PrepareSign(config)
-	if err != nil {
-		return
-	}
-	wrappedHash, err := wrapHashForSignature(h, sig.SigType)
-	if err != nil {
-		return
-	}
-	if _, err = io.Copy(wrappedHash, message); err != nil {
-		return err
-	}
-
-	err = sig.Sign(h, signingKey.PrivateKey, config)
-	if err != nil {
-		return
-	}
-
-	return sig.Serialize(w)
-}
-
-// FileHints contains metadata about encrypted files. This metadata is, itself,
-// encrypted.
-type FileHints struct {
-	// IsBinary can be set to hint that the contents are binary data.
-	IsBinary bool
-	// FileName hints at the name of the file that should be written. It's
-	// truncated to 255 bytes if longer. It may be empty to suggest that the
-	// file should not be written to disk. It may be equal to "_CONSOLE" to
-	// suggest the data should not be written to disk.
-	FileName string
-	// ModTime contains the modification time of the file, or the zero time if not applicable.
-	ModTime time.Time
-}
-
-// SymmetricallyEncrypt acts like gpg -c: it encrypts a file with a passphrase.
-// The resulting WriteCloser must be closed after the contents of the file have
-// been written.
-// If config is nil, sensible defaults will be used.
-func SymmetricallyEncrypt(ciphertext io.Writer, passphrase []byte, hints *FileHints, config *packet.Config) (plaintext io.WriteCloser, err error) {
-	if hints == nil {
-		hints = &FileHints{}
-	}
-
-	key, err := packet.SerializeSymmetricKeyEncrypted(ciphertext, passphrase, config)
-	if err != nil {
-		return
-	}
-
-	var w io.WriteCloser
-	cipherSuite := packet.CipherSuite{
-		Cipher: config.Cipher(),
-		Mode:   config.AEAD().Mode(),
-	}
-	w, err = packet.SerializeSymmetricallyEncrypted(ciphertext, config.Cipher(), config.AEAD() != nil, cipherSuite, key, config)
-	if err != nil {
-		return
-	}
-
-	literalData := w
-	if algo := config.Compression(); algo != packet.CompressionNone {
-		var compConfig *packet.CompressionConfig
-		if config != nil {
-			compConfig = config.CompressionConfig
-		}
-		literalData, err = packet.SerializeCompressed(w, algo, compConfig)
-		if err != nil {
-			return
-		}
-	}
-
-	var epochSeconds uint32
-	if !hints.ModTime.IsZero() {
-		epochSeconds = uint32(hints.ModTime.Unix())
-	}
-	return packet.SerializeLiteral(literalData, hints.IsBinary, hints.FileName, epochSeconds)
-}
-
-// intersectPreferences mutates and returns a prefix of a that contains only
-// the values in the intersection of a and b. The order of a is preserved.
-func intersectPreferences(a []uint8, b []uint8) (intersection []uint8) {
-	var j int
-	for _, v := range a {
-		for _, v2 := range b {
-			if v == v2 {
-				a[j] = v
-				j++
-				break
-			}
-		}
-	}
-
-	return a[:j]
-}
-
-// intersectPreferences mutates and returns a prefix of a that contains only
-// the values in the intersection of a and b. The order of a is preserved.
-func intersectCipherSuites(a [][2]uint8, b [][2]uint8) (intersection [][2]uint8) {
-	var j int
-	for _, v := range a {
-		for _, v2 := range b {
-			if v[0] == v2[0] && v[1] == v2[1] {
-				a[j] = v
-				j++
-				break
-			}
-		}
-	}
-
-	return a[:j]
-}
-
-func hashToHashId(h crypto.Hash) uint8 {
-	v, ok := algorithm.HashToHashId(h)
-	if !ok {
-		panic("tried to convert unknown hash")
-	}
-	return v
-}
-
-// EncryptText encrypts a message to a number of recipients and, optionally,
-// signs it. Optional information is contained in 'hints', also encrypted, that
-// aids the recipients in processing the message. The resulting WriteCloser
-// must be closed after the contents of the file have been written. If config
-// is nil, sensible defaults will be used. The signing is done in text mode.
-func EncryptText(ciphertext io.Writer, to []*Entity, signed *Entity, hints *FileHints, config *packet.Config) (plaintext io.WriteCloser, err error) {
-	return encrypt(ciphertext, ciphertext, to, signed, hints, packet.SigTypeText, config)
-}
-
-// Encrypt encrypts a message to a number of recipients and, optionally, signs
-// it. hints contains optional information, that is also encrypted, that aids
-// the recipients in processing the message. The resulting WriteCloser must
-// be closed after the contents of the file have been written.
-// If config is nil, sensible defaults will be used.
-func Encrypt(ciphertext io.Writer, to []*Entity, signed *Entity, hints *FileHints, config *packet.Config) (plaintext io.WriteCloser, err error) {
-	return encrypt(ciphertext, ciphertext, to, signed, hints, packet.SigTypeBinary, config)
-}
-
-// EncryptSplit encrypts a message to a number of recipients and, optionally, signs
-// it. hints contains optional information, that is also encrypted, that aids
-// the recipients in processing the message. The resulting WriteCloser must
-// be closed after the contents of the file have been written.
-// If config is nil, sensible defaults will be used.
-func EncryptSplit(keyWriter io.Writer, dataWriter io.Writer, to []*Entity, signed *Entity, hints *FileHints, config *packet.Config) (plaintext io.WriteCloser, err error) {
-	return encrypt(keyWriter, dataWriter, to, signed, hints, packet.SigTypeBinary, config)
-}
-
-// EncryptTextSplit encrypts a message to a number of recipients and, optionally, signs
-// it. hints contains optional information, that is also encrypted, that aids
-// the recipients in processing the message. The resulting WriteCloser must
-// be closed after the contents of the file have been written.
-// If config is nil, sensible defaults will be used.
-func EncryptTextSplit(keyWriter io.Writer, dataWriter io.Writer, to []*Entity, signed *Entity, hints *FileHints, config *packet.Config) (plaintext io.WriteCloser, err error) {
-	return encrypt(keyWriter, dataWriter, to, signed, hints, packet.SigTypeText, config)
-}
-
-// writeAndSign writes the data as a payload package and, optionally, signs
-// it. hints contains optional information, that is also encrypted,
-// that aids the recipients in processing the message. The resulting
-// WriteCloser must be closed after the contents of the file have been
-// written. If config is nil, sensible defaults will be used.
-func writeAndSign(payload io.WriteCloser, candidateHashes []uint8, signed *Entity, hints *FileHints, sigType packet.SignatureType, config *packet.Config) (plaintext io.WriteCloser, err error) {
-	var signer *packet.PrivateKey
-	if signed != nil {
-		signKey, ok := signed.SigningKeyById(config.Now(), config.SigningKey())
-		if !ok {
-			return nil, errors.InvalidArgumentError("no valid signing keys")
-		}
-		signer = signKey.PrivateKey
-		if signer == nil {
-			return nil, errors.InvalidArgumentError("no private key in signing key")
-		}
-		if signer.Encrypted {
-			return nil, errors.InvalidArgumentError("signing key must be decrypted")
-		}
-	}
-
-	var hash crypto.Hash
-	for _, hashId := range candidateHashes {
-		if h, ok := algorithm.HashIdToHash(hashId); ok && h.Available() {
-			hash = h
-			break
-		}
-	}
-
-	// If the hash specified by config is a candidate, we'll use that.
-	if configuredHash := config.Hash(); configuredHash.Available() {
-		for _, hashId := range candidateHashes {
-			if h, ok := algorithm.HashIdToHash(hashId); ok && h == configuredHash {
-				hash = h
-				break
-			}
-		}
-	}
-
-	if hash == 0 {
-		hashId := candidateHashes[0]
-		name, ok := algorithm.HashIdToString(hashId)
-		if !ok {
-			name = "#" + strconv.Itoa(int(hashId))
-		}
-		return nil, errors.InvalidArgumentError("cannot encrypt because no candidate hash functions are compiled in. (Wanted " + name + " in this case.)")
-	}
-
-	var salt []byte
-	if signer != nil {
-		var opsVersion = 3
-		if signer.Version == 6 {
-			opsVersion = signer.Version
-		}
-		ops := &packet.OnePassSignature{
-			Version:    opsVersion,
-			SigType:    sigType,
-			Hash:       hash,
-			PubKeyAlgo: signer.PubKeyAlgo,
-			KeyId:      signer.KeyId,
-			IsLast:     true,
-		}
-		if opsVersion == 6 {
-			ops.KeyFingerprint = signer.Fingerprint
-			salt, err = packet.SignatureSaltForHash(hash, config.Random())
-			if err != nil {
-				return nil, err
-			}
-			ops.Salt = salt
-		}
-		if err := ops.Serialize(payload); err != nil {
-			return nil, err
-		}
-	}
-
-	if hints == nil {
-		hints = &FileHints{}
-	}
-
-	w := payload
-	if signer != nil {
-		// If we need to write a signature packet after the literal
-		// data then we need to stop literalData from closing
-		// encryptedData.
-		w = noOpCloser{w}
-
-	}
-	var epochSeconds uint32
-	if !hints.ModTime.IsZero() {
-		epochSeconds = uint32(hints.ModTime.Unix())
-	}
-	literalData, err := packet.SerializeLiteral(w, hints.IsBinary, hints.FileName, epochSeconds)
-	if err != nil {
-		return nil, err
-	}
-
-	if signer != nil {
-		h, wrappedHash, err := hashForSignature(hash, sigType, salt)
-		if err != nil {
-			return nil, err
-		}
-		metadata := &packet.LiteralData{
-			Format:   'u',
-			FileName: hints.FileName,
-			Time:     epochSeconds,
-		}
-		if hints.IsBinary {
-			metadata.Format = 'b'
-		}
-		return signatureWriter{payload, literalData, hash, wrappedHash, h, salt, signer, sigType, config, metadata}, nil
-	}
-	return literalData, nil
-}
-
-// encrypt encrypts a message to a number of recipients and, optionally, signs
-// it. hints contains optional information, that is also encrypted, that aids
-// the recipients in processing the message. The resulting WriteCloser must
-// be closed after the contents of the file have been written.
-// If config is nil, sensible defaults will be used.
-func encrypt(keyWriter io.Writer, dataWriter io.Writer, to []*Entity, signed *Entity, hints *FileHints, sigType packet.SignatureType, config *packet.Config) (plaintext io.WriteCloser, err error) {
-	if len(to) == 0 {
-		return nil, errors.InvalidArgumentError("no encryption recipient provided")
-	}
-
-	// These are the possible ciphers that we'll use for the message.
-	candidateCiphers := []uint8{
-		uint8(packet.CipherAES256),
-		uint8(packet.CipherAES128),
-	}
-
-	// These are the possible hash functions that we'll use for the signature.
-	candidateHashes := []uint8{
-		hashToHashId(crypto.SHA256),
-		hashToHashId(crypto.SHA384),
-		hashToHashId(crypto.SHA512),
-		hashToHashId(crypto.SHA3_256),
-		hashToHashId(crypto.SHA3_512),
-	}
-
-	// Prefer GCM if everyone supports it
-	candidateCipherSuites := [][2]uint8{
-		{uint8(packet.CipherAES256), uint8(packet.AEADModeGCM)},
-		{uint8(packet.CipherAES256), uint8(packet.AEADModeEAX)},
-		{uint8(packet.CipherAES256), uint8(packet.AEADModeOCB)},
-		{uint8(packet.CipherAES128), uint8(packet.AEADModeGCM)},
-		{uint8(packet.CipherAES128), uint8(packet.AEADModeEAX)},
-		{uint8(packet.CipherAES128), uint8(packet.AEADModeOCB)},
-	}
-
-	candidateCompression := []uint8{
-		uint8(packet.CompressionNone),
-		uint8(packet.CompressionZIP),
-		uint8(packet.CompressionZLIB),
-	}
-
-	encryptKeys := make([]Key, len(to))
-
-	// AEAD is used only if config enables it and every key supports it
-	aeadSupported := config.AEAD() != nil
-
-	for i := range to {
-		var ok bool
-		encryptKeys[i], ok = to[i].EncryptionKey(config.Now())
-		if !ok {
-			return nil, errors.InvalidArgumentError("cannot encrypt a message to key id " + strconv.FormatUint(to[i].PrimaryKey.KeyId, 16) + " because it has no valid encryption keys")
-		}
-
-		primarySelfSignature, _ := to[i].PrimarySelfSignature()
-		if primarySelfSignature == nil {
-			return nil, errors.InvalidArgumentError("entity without a self-signature")
-		}
-
-		if !primarySelfSignature.SEIPDv2 {
-			aeadSupported = false
-		}
-
-		candidateCiphers = intersectPreferences(candidateCiphers, primarySelfSignature.PreferredSymmetric)
-		candidateHashes = intersectPreferences(candidateHashes, primarySelfSignature.PreferredHash)
-		candidateCipherSuites = intersectCipherSuites(candidateCipherSuites, primarySelfSignature.PreferredCipherSuites)
-		candidateCompression = intersectPreferences(candidateCompression, primarySelfSignature.PreferredCompression)
-	}
-
-	// In the event that the intersection of supported algorithms is empty we use the ones
-	// labelled as MUST that every implementation supports.
-	if len(candidateCiphers) == 0 {
-		// https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-9.3
-		candidateCiphers = []uint8{uint8(packet.CipherAES128)}
-	}
-	if len(candidateHashes) == 0 {
-		// https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#hash-algos
-		candidateHashes = []uint8{hashToHashId(crypto.SHA256)}
-	}
-	if len(candidateCipherSuites) == 0 {
-		// https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-9.6
-		candidateCipherSuites = [][2]uint8{{uint8(packet.CipherAES128), uint8(packet.AEADModeOCB)}}
-	}
-
-	cipher := packet.CipherFunction(candidateCiphers[0])
-	aeadCipherSuite := packet.CipherSuite{
-		Cipher: packet.CipherFunction(candidateCipherSuites[0][0]),
-		Mode:   packet.AEADMode(candidateCipherSuites[0][1]),
-	}
-
-	// If the cipher specified by config is a candidate, we'll use that.
-	configuredCipher := config.Cipher()
-	for _, c := range candidateCiphers {
-		cipherFunc := packet.CipherFunction(c)
-		if cipherFunc == configuredCipher {
-			cipher = cipherFunc
-			break
-		}
-	}
-
-	var symKey []byte
-	if aeadSupported {
-		symKey = make([]byte, aeadCipherSuite.Cipher.KeySize())
-	} else {
-		symKey = make([]byte, cipher.KeySize())
-	}
-
-	if _, err := io.ReadFull(config.Random(), symKey); err != nil {
-		return nil, err
-	}
-
-	for _, key := range encryptKeys {
-		if err := packet.SerializeEncryptedKeyAEAD(keyWriter, key.PublicKey, cipher, aeadSupported, symKey, config); err != nil {
-			return nil, err
-		}
-	}
-
-	var payload io.WriteCloser
-	payload, err = packet.SerializeSymmetricallyEncrypted(dataWriter, cipher, aeadSupported, aeadCipherSuite, symKey, config)
-	if err != nil {
-		return
-	}
-
-	payload, err = handleCompression(payload, candidateCompression, config)
-	if err != nil {
-		return nil, err
-	}
-
-	return writeAndSign(payload, candidateHashes, signed, hints, sigType, config)
-}
-
-// Sign signs a message. The resulting WriteCloser must be closed after the
-// contents of the file have been written.  hints contains optional information
-// that aids the recipients in processing the message.
-// If config is nil, sensible defaults will be used.
-func Sign(output io.Writer, signed *Entity, hints *FileHints, config *packet.Config) (input io.WriteCloser, err error) {
-	if signed == nil {
-		return nil, errors.InvalidArgumentError("no signer provided")
-	}
-
-	// These are the possible hash functions that we'll use for the signature.
-	candidateHashes := []uint8{
-		hashToHashId(crypto.SHA256),
-		hashToHashId(crypto.SHA384),
-		hashToHashId(crypto.SHA512),
-		hashToHashId(crypto.SHA3_256),
-		hashToHashId(crypto.SHA3_512),
-	}
-	defaultHashes := candidateHashes[0:1]
-	primarySelfSignature, _ := signed.PrimarySelfSignature()
-	if primarySelfSignature == nil {
-		return nil, errors.StructuralError("signed entity has no self-signature")
-	}
-	preferredHashes := primarySelfSignature.PreferredHash
-	if len(preferredHashes) == 0 {
-		preferredHashes = defaultHashes
-	}
-	candidateHashes = intersectPreferences(candidateHashes, preferredHashes)
-	if len(candidateHashes) == 0 {
-		return nil, errors.StructuralError("cannot sign because signing key shares no common algorithms with candidate hashes")
-	}
-
-	return writeAndSign(noOpCloser{output}, candidateHashes, signed, hints, packet.SigTypeBinary, config)
-}
-
-// signatureWriter hashes the contents of a message while passing it along to
-// literalData. When closed, it closes literalData, writes a signature packet
-// to encryptedData and then also closes encryptedData.
-type signatureWriter struct {
-	encryptedData io.WriteCloser
-	literalData   io.WriteCloser
-	hashType      crypto.Hash
-	wrappedHash   hash.Hash
-	h             hash.Hash
-	salt          []byte // v6 only
-	signer        *packet.PrivateKey
-	sigType       packet.SignatureType
-	config        *packet.Config
-	metadata      *packet.LiteralData // V5 signatures protect document metadata
-}
-
-func (s signatureWriter) Write(data []byte) (int, error) {
-	s.wrappedHash.Write(data)
-	switch s.sigType {
-	case packet.SigTypeBinary:
-		return s.literalData.Write(data)
-	case packet.SigTypeText:
-		flag := 0
-		return writeCanonical(s.literalData, data, &flag)
-	}
-	return 0, errors.UnsupportedError("unsupported signature type: " + strconv.Itoa(int(s.sigType)))
-}
-
-func (s signatureWriter) Close() error {
-	sig := createSignaturePacket(&s.signer.PublicKey, s.sigType, s.config)
-	sig.Hash = s.hashType
-	sig.Metadata = s.metadata
-
-	if err := sig.SetSalt(s.salt); err != nil {
-		return err
-	}
-
-	if err := sig.Sign(s.h, s.signer, s.config); err != nil {
-		return err
-	}
-	if err := s.literalData.Close(); err != nil {
-		return err
-	}
-	if err := sig.Serialize(s.encryptedData); err != nil {
-		return err
-	}
-	return s.encryptedData.Close()
-}
-
-func createSignaturePacket(signer *packet.PublicKey, sigType packet.SignatureType, config *packet.Config) *packet.Signature {
-	sigLifetimeSecs := config.SigLifetime()
-	return &packet.Signature{
-		Version:           signer.Version,
-		SigType:           sigType,
-		PubKeyAlgo:        signer.PubKeyAlgo,
-		Hash:              config.Hash(),
-		CreationTime:      config.Now(),
-		IssuerKeyId:       &signer.KeyId,
-		IssuerFingerprint: signer.Fingerprint,
-		Notations:         config.Notations(),
-		SigLifetimeSecs:   &sigLifetimeSecs,
-	}
-}
-
-// noOpCloser is like an ioutil.NopCloser, but for an io.Writer.
-// TODO: we have two of these in OpenPGP packages alone. This probably needs
-// to be promoted somewhere more common.
-type noOpCloser struct {
-	w io.Writer
-}
-
-func (c noOpCloser) Write(data []byte) (n int, err error) {
-	return c.w.Write(data)
-}
-
-func (c noOpCloser) Close() error {
-	return nil
-}
-
-func handleCompression(compressed io.WriteCloser, candidateCompression []uint8, config *packet.Config) (data io.WriteCloser, err error) {
-	data = compressed
-	confAlgo := config.Compression()
-	if confAlgo == packet.CompressionNone {
-		return
-	}
-
-	// Set algorithm labelled as MUST as fallback
-	// https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-9.4
-	finalAlgo := packet.CompressionNone
-	// if compression specified by config available we will use it
-	for _, c := range candidateCompression {
-		if uint8(confAlgo) == c {
-			finalAlgo = confAlgo
-			break
-		}
-	}
-
-	if finalAlgo != packet.CompressionNone {
-		var compConfig *packet.CompressionConfig
-		if config != nil {
-			compConfig = config.CompressionConfig
-		}
-		data, err = packet.SerializeCompressed(compressed, finalAlgo, compConfig)
-		if err != nil {
-			return
-		}
-	}
-	return data, nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/x25519/x25519.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/x25519/x25519.go
deleted file mode 100644
index 38afcc74fa..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/x25519/x25519.go
+++ /dev/null
@@ -1,221 +0,0 @@
-package x25519
-
-import (
-	"crypto/sha256"
-	"crypto/subtle"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/aes/keywrap"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	x25519lib "github.com/cloudflare/circl/dh/x25519"
-	"golang.org/x/crypto/hkdf"
-)
-
-const (
-	hkdfInfo      = "OpenPGP X25519"
-	aes128KeySize = 16
-	// The size of a public or private key in bytes.
-	KeySize = x25519lib.Size
-)
-
-type PublicKey struct {
-	// Point represents the encoded elliptic curve point of the public key.
-	Point []byte
-}
-
-type PrivateKey struct {
-	PublicKey
-	// Secret represents the secret of the private key.
-	Secret []byte
-}
-
-// NewPrivateKey creates a new empty private key including the public key.
-func NewPrivateKey(key PublicKey) *PrivateKey {
-	return &PrivateKey{
-		PublicKey: key,
-	}
-}
-
-// Validate validates that the provided public key matches the private key.
-func Validate(pk *PrivateKey) (err error) {
-	var expectedPublicKey, privateKey x25519lib.Key
-	subtle.ConstantTimeCopy(1, privateKey[:], pk.Secret)
-	x25519lib.KeyGen(&expectedPublicKey, &privateKey)
-	if subtle.ConstantTimeCompare(expectedPublicKey[:], pk.PublicKey.Point) == 0 {
-		return errors.KeyInvalidError("x25519: invalid key")
-	}
-	return nil
-}
-
-// GenerateKey generates a new x25519 key pair.
-func GenerateKey(rand io.Reader) (*PrivateKey, error) {
-	var privateKey, publicKey x25519lib.Key
-	privateKeyOut := new(PrivateKey)
-	err := generateKey(rand, &privateKey, &publicKey)
-	if err != nil {
-		return nil, err
-	}
-	privateKeyOut.PublicKey.Point = publicKey[:]
-	privateKeyOut.Secret = privateKey[:]
-	return privateKeyOut, nil
-}
-
-func generateKey(rand io.Reader, privateKey *x25519lib.Key, publicKey *x25519lib.Key) error {
-	maxRounds := 10
-	isZero := true
-	for round := 0; isZero; round++ {
-		if round == maxRounds {
-			return errors.InvalidArgumentError("x25519: zero keys only, randomness source might be corrupt")
-		}
-		_, err := io.ReadFull(rand, privateKey[:])
-		if err != nil {
-			return err
-		}
-		isZero = constantTimeIsZero(privateKey[:])
-	}
-	x25519lib.KeyGen(publicKey, privateKey)
-	return nil
-}
-
-// Encrypt encrypts a sessionKey with x25519 according to
-// the OpenPGP crypto refresh specification section 5.1.6. The function assumes that the
-// sessionKey has the correct format and padding according to the specification.
-func Encrypt(rand io.Reader, publicKey *PublicKey, sessionKey []byte) (ephemeralPublicKey *PublicKey, encryptedSessionKey []byte, err error) {
-	var ephemeralPrivate, ephemeralPublic, staticPublic, shared x25519lib.Key
-	// Check that the input static public key has 32 bytes
-	if len(publicKey.Point) != KeySize {
-		err = errors.KeyInvalidError("x25519: the public key has the wrong size")
-		return
-	}
-	copy(staticPublic[:], publicKey.Point)
-	// Generate ephemeral keyPair
-	err = generateKey(rand, &ephemeralPrivate, &ephemeralPublic)
-	if err != nil {
-		return
-	}
-	// Compute shared key
-	ok := x25519lib.Shared(&shared, &ephemeralPrivate, &staticPublic)
-	if !ok {
-		err = errors.KeyInvalidError("x25519: the public key is a low order point")
-		return
-	}
-	// Derive the encryption key from the shared secret
-	encryptionKey := applyHKDF(ephemeralPublic[:], publicKey.Point[:], shared[:])
-	ephemeralPublicKey = &PublicKey{
-		Point: ephemeralPublic[:],
-	}
-	// Encrypt the sessionKey with aes key wrapping
-	encryptedSessionKey, err = keywrap.Wrap(encryptionKey, sessionKey)
-	return
-}
-
-// Decrypt decrypts a session key stored in ciphertext with the provided x25519
-// private key and ephemeral public key.
-func Decrypt(privateKey *PrivateKey, ephemeralPublicKey *PublicKey, ciphertext []byte) (encodedSessionKey []byte, err error) {
-	var ephemeralPublic, staticPrivate, shared x25519lib.Key
-	// Check that the input ephemeral public key has 32 bytes
-	if len(ephemeralPublicKey.Point) != KeySize {
-		err = errors.KeyInvalidError("x25519: the public key has the wrong size")
-		return
-	}
-	copy(ephemeralPublic[:], ephemeralPublicKey.Point)
-	subtle.ConstantTimeCopy(1, staticPrivate[:], privateKey.Secret)
-	// Compute shared key
-	ok := x25519lib.Shared(&shared, &staticPrivate, &ephemeralPublic)
-	if !ok {
-		err = errors.KeyInvalidError("x25519: the ephemeral public key is a low order point")
-		return
-	}
-	// Derive the encryption key from the shared secret
-	encryptionKey := applyHKDF(ephemeralPublicKey.Point[:], privateKey.PublicKey.Point[:], shared[:])
-	// Decrypt the session key with aes key wrapping
-	encodedSessionKey, err = keywrap.Unwrap(encryptionKey, ciphertext)
-	return
-}
-
-func applyHKDF(ephemeralPublicKey []byte, publicKey []byte, sharedSecret []byte) []byte {
-	inputKey := make([]byte, 3*KeySize)
-	// ephemeral public key | recipient public key | shared secret
-	subtle.ConstantTimeCopy(1, inputKey[:KeySize], ephemeralPublicKey)
-	subtle.ConstantTimeCopy(1, inputKey[KeySize:2*KeySize], publicKey)
-	subtle.ConstantTimeCopy(1, inputKey[2*KeySize:], sharedSecret)
-	hkdfReader := hkdf.New(sha256.New, inputKey, []byte{}, []byte(hkdfInfo))
-	encryptionKey := make([]byte, aes128KeySize)
-	_, _ = io.ReadFull(hkdfReader, encryptionKey)
-	return encryptionKey
-}
-
-func constantTimeIsZero(bytes []byte) bool {
-	isZero := byte(0)
-	for _, b := range bytes {
-		isZero |= b
-	}
-	return isZero == 0
-}
-
-// ENCODING/DECODING ciphertexts:
-
-// EncodeFieldsLength returns the length of the ciphertext encoding
-// given the encrypted session key.
-func EncodedFieldsLength(encryptedSessionKey []byte, v6 bool) int {
-	lenCipherFunction := 0
-	if !v6 {
-		lenCipherFunction = 1
-	}
-	return KeySize + 1 + len(encryptedSessionKey) + lenCipherFunction
-}
-
-// EncodeField encodes x25519 session key encryption fields as
-// ephemeral x25519 public key | follow byte length | cipherFunction (v3 only) | encryptedSessionKey
-// and writes it to writer.
-func EncodeFields(writer io.Writer, ephemeralPublicKey *PublicKey, encryptedSessionKey []byte, cipherFunction byte, v6 bool) (err error) {
-	lenAlgorithm := 0
-	if !v6 {
-		lenAlgorithm = 1
-	}
-	if _, err = writer.Write(ephemeralPublicKey.Point); err != nil {
-		return err
-	}
-	if _, err = writer.Write([]byte{byte(len(encryptedSessionKey) + lenAlgorithm)}); err != nil {
-		return err
-	}
-	if !v6 {
-		if _, err = writer.Write([]byte{cipherFunction}); err != nil {
-			return err
-		}
-	}
-	_, err = writer.Write(encryptedSessionKey)
-	return err
-}
-
-// DecodeField decodes a x25519 session key encryption as
-// ephemeral x25519 public key | follow byte length | cipherFunction (v3 only) | encryptedSessionKey.
-func DecodeFields(reader io.Reader, v6 bool) (ephemeralPublicKey *PublicKey, encryptedSessionKey []byte, cipherFunction byte, err error) {
-	var buf [1]byte
-	ephemeralPublicKey = &PublicKey{
-		Point: make([]byte, KeySize),
-	}
-	// 32 octets representing an ephemeral x25519 public key.
-	if _, err = io.ReadFull(reader, ephemeralPublicKey.Point); err != nil {
-		return nil, nil, 0, err
-	}
-	// A one-octet size of the following fields.
-	if _, err = io.ReadFull(reader, buf[:]); err != nil {
-		return nil, nil, 0, err
-	}
-	followingLen := buf[0]
-	// The one-octet algorithm identifier, if it was passed (in the case of a v3 PKESK packet).
-	if !v6 {
-		if _, err = io.ReadFull(reader, buf[:]); err != nil {
-			return nil, nil, 0, err
-		}
-		cipherFunction = buf[0]
-		followingLen -= 1
-	}
-	// The encrypted session key.
-	encryptedSessionKey = make([]byte, followingLen)
-	if _, err = io.ReadFull(reader, encryptedSessionKey); err != nil {
-		return nil, nil, 0, err
-	}
-	return ephemeralPublicKey, encryptedSessionKey, cipherFunction, nil
-}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/x448/x448.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/x448/x448.go
deleted file mode 100644
index 65a082dabd..0000000000
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/x448/x448.go
+++ /dev/null
@@ -1,229 +0,0 @@
-package x448
-
-import (
-	"crypto/sha512"
-	"crypto/subtle"
-	"io"
-
-	"github.com/ProtonMail/go-crypto/openpgp/aes/keywrap"
-	"github.com/ProtonMail/go-crypto/openpgp/errors"
-	x448lib "github.com/cloudflare/circl/dh/x448"
-	"golang.org/x/crypto/hkdf"
-)
-
-const (
-	hkdfInfo      = "OpenPGP X448"
-	aes256KeySize = 32
-	// The size of a public or private key in bytes.
-	KeySize = x448lib.Size
-)
-
-type PublicKey struct {
-	// Point represents the encoded elliptic curve point of the public key.
-	Point []byte
-}
-
-type PrivateKey struct {
-	PublicKey
-	// Secret represents the secret of the private key.
-	Secret []byte
-}
-
-// NewPrivateKey creates a new empty private key including the public key.
-func NewPrivateKey(key PublicKey) *PrivateKey {
-	return &PrivateKey{
-		PublicKey: key,
-	}
-}
-
-// Validate validates that the provided public key matches
-// the private key.
-func Validate(pk *PrivateKey) (err error) {
-	var expectedPublicKey, privateKey x448lib.Key
-	subtle.ConstantTimeCopy(1, privateKey[:], pk.Secret)
-	x448lib.KeyGen(&expectedPublicKey, &privateKey)
-	if subtle.ConstantTimeCompare(expectedPublicKey[:], pk.PublicKey.Point) == 0 {
-		return errors.KeyInvalidError("x448: invalid key")
-	}
-	return nil
-}
-
-// GenerateKey generates a new x448 key pair.
-func GenerateKey(rand io.Reader) (*PrivateKey, error) {
-	var privateKey, publicKey x448lib.Key
-	privateKeyOut := new(PrivateKey)
-	err := generateKey(rand, &privateKey, &publicKey)
-	if err != nil {
-		return nil, err
-	}
-	privateKeyOut.PublicKey.Point = publicKey[:]
-	privateKeyOut.Secret = privateKey[:]
-	return privateKeyOut, nil
-}
-
-func generateKey(rand io.Reader, privateKey *x448lib.Key, publicKey *x448lib.Key) error {
-	maxRounds := 10
-	isZero := true
-	for round := 0; isZero; round++ {
-		if round == maxRounds {
-			return errors.InvalidArgumentError("x448: zero keys only, randomness source might be corrupt")
-		}
-		_, err := io.ReadFull(rand, privateKey[:])
-		if err != nil {
-			return err
-		}
-		isZero = constantTimeIsZero(privateKey[:])
-	}
-	x448lib.KeyGen(publicKey, privateKey)
-	return nil
-}
-
-// Encrypt encrypts a sessionKey with x448 according to
-// the OpenPGP crypto refresh specification section 5.1.7. The function assumes that the
-// sessionKey has the correct format and padding according to the specification.
-func Encrypt(rand io.Reader, publicKey *PublicKey, sessionKey []byte) (ephemeralPublicKey *PublicKey, encryptedSessionKey []byte, err error) {
-	var ephemeralPrivate, ephemeralPublic, staticPublic, shared x448lib.Key
-	// Check that the input static public key has 56 bytes.
-	if len(publicKey.Point) != KeySize {
-		err = errors.KeyInvalidError("x448: the public key has the wrong size")
-		return nil, nil, err
-	}
-	copy(staticPublic[:], publicKey.Point)
-	// Generate ephemeral keyPair.
-	if err = generateKey(rand, &ephemeralPrivate, &ephemeralPublic); err != nil {
-		return nil, nil, err
-	}
-	// Compute shared key.
-	ok := x448lib.Shared(&shared, &ephemeralPrivate, &staticPublic)
-	if !ok {
-		err = errors.KeyInvalidError("x448: the public key is a low order point")
-		return nil, nil, err
-	}
-	// Derive the encryption key from the shared secret.
-	encryptionKey := applyHKDF(ephemeralPublic[:], publicKey.Point[:], shared[:])
-	ephemeralPublicKey = &PublicKey{
-		Point: ephemeralPublic[:],
-	}
-	// Encrypt the sessionKey with aes key wrapping.
-	encryptedSessionKey, err = keywrap.Wrap(encryptionKey, sessionKey)
-	if err != nil {
-		return nil, nil, err
-	}
-	return ephemeralPublicKey, encryptedSessionKey, nil
-}
-
-// Decrypt decrypts a session key stored in ciphertext with the provided x448
-// private key and ephemeral public key.
-func Decrypt(privateKey *PrivateKey, ephemeralPublicKey *PublicKey, ciphertext []byte) (encodedSessionKey []byte, err error) {
-	var ephemeralPublic, staticPrivate, shared x448lib.Key
-	// Check that the input ephemeral public key has 56 bytes.
-	if len(ephemeralPublicKey.Point) != KeySize {
-		err = errors.KeyInvalidError("x448: the public key has the wrong size")
-		return nil, err
-	}
-	copy(ephemeralPublic[:], ephemeralPublicKey.Point)
-	subtle.ConstantTimeCopy(1, staticPrivate[:], privateKey.Secret)
-	// Compute shared key.
-	ok := x448lib.Shared(&shared, &staticPrivate, &ephemeralPublic)
-	if !ok {
-		err = errors.KeyInvalidError("x448: the ephemeral public key is a low order point")
-		return nil, err
-	}
-	// Derive the encryption key from the shared secret.
-	encryptionKey := applyHKDF(ephemeralPublicKey.Point[:], privateKey.PublicKey.Point[:], shared[:])
-	// Decrypt the session key with aes key wrapping.
-	encodedSessionKey, err = keywrap.Unwrap(encryptionKey, ciphertext)
-	if err != nil {
-		return nil, err
-	}
-	return encodedSessionKey, nil
-}
-
-func applyHKDF(ephemeralPublicKey []byte, publicKey []byte, sharedSecret []byte) []byte {
-	inputKey := make([]byte, 3*KeySize)
-	// ephemeral public key | recipient public key | shared secret.
-	subtle.ConstantTimeCopy(1, inputKey[:KeySize], ephemeralPublicKey)
-	subtle.ConstantTimeCopy(1, inputKey[KeySize:2*KeySize], publicKey)
-	subtle.ConstantTimeCopy(1, inputKey[2*KeySize:], sharedSecret)
-	hkdfReader := hkdf.New(sha512.New, inputKey, []byte{}, []byte(hkdfInfo))
-	encryptionKey := make([]byte, aes256KeySize)
-	_, _ = io.ReadFull(hkdfReader, encryptionKey)
-	return encryptionKey
-}
-
-func constantTimeIsZero(bytes []byte) bool {
-	isZero := byte(0)
-	for _, b := range bytes {
-		isZero |= b
-	}
-	return isZero == 0
-}
-
-// ENCODING/DECODING ciphertexts:
-
-// EncodeFieldsLength returns the length of the ciphertext encoding
-// given the encrypted session key.
-func EncodedFieldsLength(encryptedSessionKey []byte, v6 bool) int {
-	lenCipherFunction := 0
-	if !v6 {
-		lenCipherFunction = 1
-	}
-	return KeySize + 1 + len(encryptedSessionKey) + lenCipherFunction
-}
-
-// EncodeField encodes x448 session key encryption fields as
-// ephemeral x448 public key | follow byte length | cipherFunction (v3 only) | encryptedSessionKey
-// and writes it to writer.
-func EncodeFields(writer io.Writer, ephemeralPublicKey *PublicKey, encryptedSessionKey []byte, cipherFunction byte, v6 bool) (err error) {
-	lenAlgorithm := 0
-	if !v6 {
-		lenAlgorithm = 1
-	}
-	if _, err = writer.Write(ephemeralPublicKey.Point); err != nil {
-		return err
-	}
-	if _, err = writer.Write([]byte{byte(len(encryptedSessionKey) + lenAlgorithm)}); err != nil {
-		return err
-	}
-	if !v6 {
-		if _, err = writer.Write([]byte{cipherFunction}); err != nil {
-			return err
-		}
-	}
-	if _, err = writer.Write(encryptedSessionKey); err != nil {
-		return err
-	}
-	return nil
-}
-
-// DecodeField decodes a x448 session key encryption as
-// ephemeral x448 public key | follow byte length | cipherFunction (v3 only) | encryptedSessionKey.
-func DecodeFields(reader io.Reader, v6 bool) (ephemeralPublicKey *PublicKey, encryptedSessionKey []byte, cipherFunction byte, err error) {
-	var buf [1]byte
-	ephemeralPublicKey = &PublicKey{
-		Point: make([]byte, KeySize),
-	}
-	// 56 octets representing an ephemeral x448 public key.
-	if _, err = io.ReadFull(reader, ephemeralPublicKey.Point); err != nil {
-		return nil, nil, 0, err
-	}
-	// A one-octet size of the following fields.
-	if _, err = io.ReadFull(reader, buf[:]); err != nil {
-		return nil, nil, 0, err
-	}
-	followingLen := buf[0]
-	// The one-octet algorithm identifier, if it was passed (in the case of a v3 PKESK packet).
-	if !v6 {
-		if _, err = io.ReadFull(reader, buf[:]); err != nil {
-			return nil, nil, 0, err
-		}
-		cipherFunction = buf[0]
-		followingLen -= 1
-	}
-	// The encrypted session key.
-	encryptedSessionKey = make([]byte, followingLen)
-	if _, err = io.ReadFull(reader, encryptedSessionKey); err != nil {
-		return nil, nil, 0, err
-	}
-	return ephemeralPublicKey, encryptedSessionKey, cipherFunction, nil
-}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go
index 8e930fc6f8..fc102ab7e1 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go
@@ -3,4 +3,4 @@
 package aws
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.36.3"
+const goModuleVersion = "1.36.4"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/stream.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/stream.go
index 66aa2bd6ab..32875e0779 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/stream.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/stream.go
@@ -59,7 +59,7 @@ func (s *StreamSigner) GetSignature(ctx context.Context, headers, payload []byte
 
 	prevSignature := s.prevSignature
 
-	st := v4Internal.NewSigningTime(signingTime)
+	st := v4Internal.NewSigningTime(signingTime.UTC())
 
 	sigKey := s.signingKeyDeriver.DeriveKey(s.credentials, s.service, s.region, st)
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md
index 237292bb89..0416b30a4d 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md
+++ b/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md
@@ -1,3 +1,19 @@
+# v1.29.16 (2025-06-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.29.15 (2025-06-06)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.29.14 (2025-04-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.29.13 (2025-04-03)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
 # v1.29.12 (2025-03-27)
 
 * **Dependency Update**: Updated to the latest SDK module versions
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go
index 88b9c9d52c..8c30900142 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go
@@ -3,4 +3,4 @@
 package config
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.29.12"
+const goModuleVersion = "1.29.16"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md
index f622db4abd..d47d8629e0 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md
+++ b/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md
@@ -1,3 +1,19 @@
+# v1.17.69 (2025-06-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.17.68 (2025-06-06)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.17.67 (2025-04-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.17.66 (2025-04-03)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
 # v1.17.65 (2025-03-27)
 
 * **Dependency Update**: Updated to the latest SDK module versions
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go
index 5cf21cd8ab..3ec6470b41 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go
@@ -3,4 +3,4 @@
 package credentials
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.17.65"
+const goModuleVersion = "1.17.69"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md
index 1f69e820e7..4bd7a942fb 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md
+++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.16.31 (2025-06-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
 # v1.16.30 (2025-02-27)
 
 * **Dependency Update**: Updated to the latest SDK module versions
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go
index dba9ef600e..accba4083a 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go
@@ -3,4 +3,4 @@
 package imds
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.16.30"
+const goModuleVersion = "1.16.31"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md
index eae3e16af7..b4990deff2 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md
+++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.3.35 (2025-06-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
 # v1.3.34 (2025-02-27)
 
 * **Dependency Update**: Updated to the latest SDK module versions
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go
index eddabe6344..19fd284472 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go
@@ -3,4 +3,4 @@
 package configsources
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.3.34"
+const goModuleVersion = "1.3.35"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.json b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.json
index e19224f1b8..a2bfa6ead4 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.json
+++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.json
@@ -208,6 +208,9 @@
     },
     "regionRegex" : "^eu\\-isoe\\-\\w+\\-\\d+$",
     "regions" : {
+      "aws-iso-e-global" : {
+        "description" : "AWS ISOE (Europe) global region"
+      },
       "eu-isoe-west-1" : {
         "description" : "EU ISOE West"
       }
@@ -234,6 +237,22 @@
         "description" : "US ISOF SOUTH"
       }
     }
+  }, {
+    "id" : "aws-eusc",
+    "outputs" : {
+      "dnsSuffix" : "amazonaws.eu",
+      "dualStackDnsSuffix" : "amazonaws.eu",
+      "implicitGlobalRegion" : "eusc-de-east-1",
+      "name" : "aws-eusc",
+      "supportsDualStack" : false,
+      "supportsFIPS" : true
+    },
+    "regionRegex" : "^eusc\\-(de)\\-\\w+\\-\\d+$",
+    "regions" : {
+      "eusc-de-east-1" : {
+        "description" : "EU (Germany)"
+      }
+    }
   } ],
   "version" : "1.1"
 }
\ No newline at end of file
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md
index 83e5bd28a7..b56edee377 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md
+++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v2.6.35 (2025-06-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
 # v2.6.34 (2025-02-27)
 
 * **Dependency Update**: Updated to the latest SDK module versions
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go
index 735dba7ac7..e7ebb2f5fa 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go
@@ -3,4 +3,4 @@
 package endpoints
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "2.6.34"
+const goModuleVersion = "2.6.35"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md
index 2b5ceb4b51..ec8f6ce5b0 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md
@@ -1,3 +1,7 @@
+# v1.12.16 (2025-06-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
 # v1.12.15 (2025-02-27)
 
 * **Dependency Update**: Updated to the latest SDK module versions
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go
index a165a100f8..03377a3d9b 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go
@@ -3,4 +3,4 @@
 package presignedurl
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.12.15"
+const goModuleVersion = "1.12.16"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/CHANGELOG.md
index 50ec310bbd..aeda2b59fe 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/CHANGELOG.md
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/CHANGELOG.md
@@ -1,3 +1,27 @@
+# v1.41.0 (2025-06-12)
+
+* **Feature**: AWS KMS announces the support of ML-DSA key pairs that creates post-quantum safe digital signatures.
+
+# v1.40.1 (2025-06-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.40.0 (2025-06-06)
+
+* **Feature**: Remove unpopulated KeyMaterialId from Encrypt Response
+
+# v1.39.0 (2025-06-05)
+
+* **Feature**: AWS KMS announces the support for on-demand rotation of symmetric-encryption KMS keys with imported key material (EXTERNAL origin).
+
+# v1.38.3 (2025-04-10)
+
+* No change notes available for this release.
+
+# v1.38.2 (2025-04-03)
+
+* No change notes available for this release.
+
 # v1.38.1 (2025-03-04.2)
 
 * **Bug Fix**: Add assurance test for operation order.
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CancelKeyDeletion.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CancelKeyDeletion.go
index 8e26732934..7ed501c8be 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CancelKeyDeletion.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CancelKeyDeletion.go
@@ -32,7 +32,7 @@ import (
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [kms:CancelKeyDeletion]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [Deleting KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) CancelKeyDeletion(ctx context.Context, params *CancelKeyDeletionInput, optFns ...func(*Options)) (*CancelKeyDeletionOutput, error) {
 	if params == nil {
 		params = &CancelKeyDeletionInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ConnectCustomKeyStore.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ConnectCustomKeyStore.go
index e5abbb8fc7..7a12c3740e 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ConnectCustomKeyStore.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ConnectCustomKeyStore.go
@@ -26,9 +26,9 @@ import (
 // does not indicate that the custom key store is connected. To get the connection
 // state of the custom key store, use the DescribeCustomKeyStoresoperation.
 //
-// This operation is part of the [custom key stores] feature in KMS, which combines the convenience
-// and extensive integration of KMS with the isolation and control of a key store
-// that you own and manage.
+// This operation is part of the custom key stores feature in KMS, which combines
+// the convenience and extensive integration of KMS with the isolation and control
+// of a key store that you own and manage.
 //
 // The ConnectCustomKeyStore operation might fail for various reasons. To find the
 // reason, use the DescribeCustomKeyStoresoperation and see the ConnectionErrorCode in the response. For
@@ -95,14 +95,13 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [DescribeClusters]: https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html
-// [custom key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
-// [kmsuser crypto user]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser
+// [kmsuser crypto user]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-cloudhsm.html#concept-kmsuser
 // [Troubleshooting an CloudHSM key store]: https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html
 // [CreateHsm]: https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html
 // [kms:ConnectCustomKeyStore]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [Troubleshooting an external key store]: https://docs.aws.amazon.com/kms/latest/developerguide/xks-troubleshooting.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 func (c *Client) ConnectCustomKeyStore(ctx context.Context, params *ConnectCustomKeyStoreInput, optFns ...func(*Options)) (*ConnectCustomKeyStoreOutput, error) {
 	if params == nil {
 		params = &ConnectCustomKeyStoreInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateAlias.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateAlias.go
index 2966f7a21b..9ccf678de7 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateAlias.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateAlias.go
@@ -27,7 +27,7 @@ import (
 //
 // The alias must be unique in the account and Region, but you can have aliases
 // with the same name in different Regions. For detailed information about aliases,
-// see [Using aliases]in the Key Management Service Developer Guide.
+// see [Aliases in KMS]in the Key Management Service Developer Guide.
 //
 // This operation does not return a response. To get the alias that you created,
 // use the ListAliasesoperation.
@@ -60,12 +60,12 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
-// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
-// [Using aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html
+// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
 // [kms:CreateAlias]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
+// [Aliases in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html
 // [ABAC for KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/abac.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
-// [Controlling access to aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [Controlling access to aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/alias-access.html
 func (c *Client) CreateAlias(ctx context.Context, params *CreateAliasInput, optFns ...func(*Options)) (*CreateAliasOutput, error) {
 	if params == nil {
 		params = &CreateAliasInput{}
@@ -105,7 +105,7 @@ type CreateAliasInput struct {
 	// A valid key ID is required. If you supply a null or empty string value, this
 	// operation returns an error.
 	//
-	// For help finding the key ID and ARN, see [Finding the Key ID and ARN] in the Key Management Service
+	// For help finding the key ID and ARN, see [Find the key ID and key ARN] in the Key Management Service
 	// Developer Guide .
 	//
 	// Specify the key ID or key ARN of the KMS key.
@@ -120,7 +120,7 @@ type CreateAliasInput struct {
 	// To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
 	//
 	// [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
-	// [Finding the Key ID and ARN]: https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn
+	// [Find the key ID and key ARN]: https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html
 	//
 	// This member is required.
 	TargetKeyId *string
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateCustomKeyStore.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateCustomKeyStore.go
index 9f5146b47a..1f4292ed0f 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateCustomKeyStore.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateCustomKeyStore.go
@@ -17,9 +17,9 @@ import (
 // backed by an [CloudHSM cluster]and [external key stores] backed by an external key store proxy and external key
 // manager outside of Amazon Web Services.
 //
-// This operation is part of the [custom key stores] feature in KMS, which combines the convenience
-// and extensive integration of KMS with the isolation and control of a key store
-// that you own and manage.
+// This operation is part of the custom key stores feature in KMS, which combines
+// the convenience and extensive integration of KMS with the isolation and control
+// of a key store that you own and manage.
 //
 // Before you create the custom key store, the required elements must be in place
 // and operational. We recommend that you use the test tools that KMS provides to
@@ -61,8 +61,6 @@ import (
 // immediately, you might want to connect it to verify that all settings are
 // correct and then disconnect it until you are ready to use it.
 //
-// For help with failures, see [Troubleshooting a custom key store] in the Key Management Service Developer Guide.
-//
 // Cross-account use: No. You cannot perform this operation on a custom key store
 // in a different Amazon Web Services account.
 //
@@ -85,16 +83,14 @@ import (
 //
 // [CloudHSM key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-cloudhsm.html
 // [CloudHSM cluster]: https://docs.aws.amazon.com/cloudhsm/latest/userguide/clusters.html
-// [custom key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
 // [external key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html
 // [Troubleshooting an CloudHSM key store]: https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html
 // [Assemble the prerequisites (for CloudHSM key stores)]: https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore
 // [Assemble the prerequisites (for external key stores)]: https://docs.aws.amazon.com/kms/latest/developerguide/create-xks-keystore.html#xks-requirements
-// [Troubleshooting a custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html
 // [Troubleshooting an external key store]: https://docs.aws.amazon.com/kms/latest/developerguide/xks-troubleshooting.html
 // [kms:CreateCustomKeyStore]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 func (c *Client) CreateCustomKeyStore(ctx context.Context, params *CreateCustomKeyStoreInput, optFns ...func(*Options)) (*CreateCustomKeyStoreOutput, error) {
 	if params == nil {
 		params = &CreateCustomKeyStoreInput{}
@@ -151,7 +147,7 @@ type CreateCustomKeyStoreInput struct {
 	// This parameter tells KMS the kmsuser account password; it does not change the
 	// password in the CloudHSM cluster.
 	//
-	// [kmsuser crypto user (CU) account]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser
+	// [kmsuser crypto user (CU) account]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-cloudhsm.html#concept-kmsuser
 	KeyStorePassword *string
 
 	// Specifies the certificate for an CloudHSM key store. This parameter is required
@@ -201,7 +197,7 @@ type CreateCustomKeyStoreInput struct {
 	// proxy. Even if you choose a VPC endpoint service, the proxy can be hosted within
 	// the VPC or outside of Amazon Web Services such as in your corporate data center.
 	//
-	// [Choosing a connectivity option]: https://docs.aws.amazon.com/kms/latest/developerguide/plan-xks-keystore.html#choose-xks-connectivity
+	// [Choosing a connectivity option]: https://docs.aws.amazon.com/kms/latest/developerguide/choose-xks-connectivity.html
 	XksProxyConnectivity types.XksProxyConnectivityType
 
 	// Specifies the endpoint that KMS uses to send requests to the external key store
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateGrant.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateGrant.go
index bce9011a43..07fa25e581 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateGrant.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateGrant.go
@@ -21,8 +21,8 @@ import (
 // and delete it without changing your key policies or IAM policies.
 //
 // For detailed information about grants, including grant terminology, see [Grants in KMS] in the
-// Key Management Service Developer Guide . For examples of working with grants in
-// several programming languages, see [Programming grants].
+// Key Management Service Developer Guide . For examples of creating grants in
+// several programming languages, see [Use CreateGrant with an Amazon Web Services SDK or CLI].
 //
 // The CreateGrant operation returns a GrantToken and a GrantId .
 //
@@ -63,13 +63,13 @@ import (
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
-// [Programming grants]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [Grants in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html
 // [kms:CreateGrant]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [Use CreateGrant with an Amazon Web Services SDK or CLI]: https://docs.aws.amazon.com/kms/latest/developerguide/example_kms_CreateGrant_section.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 //
-// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 func (c *Client) CreateGrant(ctx context.Context, params *CreateGrantInput, optFns ...func(*Options)) (*CreateGrantOutput, error) {
 	if params == nil {
 		params = &CreateGrantInput{}
@@ -167,10 +167,10 @@ type CreateGrantInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// A list of grant tokens.
@@ -180,7 +180,7 @@ type CreateGrantInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	// A friendly name for the grant. Use this value to prevent the unintended
@@ -213,7 +213,7 @@ type CreateGrantInput struct {
 	//
 	// [IAM ARNs]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns
 	// [Amazon Resource Name (ARN)]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
-	// [Retiring and revoking grants]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete
+	// [Retiring and revoking grants]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-delete.html
 	RetiringPrincipal *string
 
 	noSmithyDocumentSerde
@@ -233,7 +233,7 @@ type CreateGrantOutput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantToken *string
 
 	// Metadata pertaining to the operation's result.
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateKey.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateKey.go
index 6ae27326f7..0972863fb8 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateKey.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_CreateKey.go
@@ -18,8 +18,7 @@ import (
 //
 // A KMS key is a logical representation of a cryptographic key. In addition to
 // the key material used in cryptographic operations, a KMS key includes metadata,
-// such as the key ID, key policy, creation date, description, and key state. For
-// details, see [Managing keys]in the Key Management Service Developer Guide
+// such as the key ID, key policy, creation date, description, and key state.
 //
 // Use the parameters of CreateKey to specify the type of KMS key, the source of
 // its key material, its key policy, description, tags, and other properties.
@@ -52,18 +51,19 @@ import (
 // or sign and verify. You can't change these properties after the KMS key is
 // created.
 //
-// Asymmetric KMS keys contain an RSA key pair, Elliptic Curve (ECC) key pair, or
-// an SM2 key pair (China Regions only). The private key in an asymmetric KMS key
-// never leaves KMS unencrypted. However, you can use the GetPublicKeyoperation to download
-// the public key so it can be used outside of KMS. Each KMS key can have only one
-// key usage. KMS keys with RSA key pairs can be used to encrypt and decrypt data
-// or sign and verify messages (but not both). KMS keys with NIST-recommended ECC
-// key pairs can be used to sign and verify messages or derive shared secrets (but
-// not both). KMS keys with ECC_SECG_P256K1 can be used only to sign and verify
-// messages. KMS keys with SM2 key pairs (China Regions only) can be used to either
-// encrypt and decrypt data, sign and verify messages, or derive shared secrets
-// (you must choose one key usage type). For information about asymmetric KMS keys,
-// see [Asymmetric KMS keys]in the Key Management Service Developer Guide.
+// Asymmetric KMS keys contain an RSA key pair, Elliptic Curve (ECC) key pair,
+// ML-DSA key pair or an SM2 key pair (China Regions only). The private key in an
+// asymmetric KMS key never leaves KMS unencrypted. However, you can use the GetPublicKey
+// operation to download the public key so it can be used outside of KMS. Each KMS
+// key can have only one key usage. KMS keys with RSA key pairs can be used to
+// encrypt and decrypt data or sign and verify messages (but not both). KMS keys
+// with NIST-recommended ECC key pairs can be used to sign and verify messages or
+// derive shared secrets (but not both). KMS keys with ECC_SECG_P256K1 can be used
+// only to sign and verify messages. KMS keys with ML-DSA key pairs can be used to
+// sign and verify messages. KMS keys with SM2 key pairs (China Regions only) can
+// be used to either encrypt and decrypt data, sign and verify messages, or derive
+// shared secrets (you must choose one key usage type). For information about
+// asymmetric KMS keys, see [Asymmetric KMS keys]in the Key Management Service Developer Guide.
 //
 // HMAC KMS key To create an HMAC KMS key, set the KeySpec parameter to a key spec
 // value for HMAC KMS keys. Then set the KeyUsage parameter to GENERATE_VERIFY_MAC
@@ -111,7 +111,7 @@ import (
 // To create a multi-Region primary key with imported key material, use the Origin
 // parameter of CreateKey with a value of EXTERNAL and the MultiRegion parameter
 // with a value of True . To create replicas of the multi-Region primary key, use
-// the ReplicateKeyoperation. For instructions, see [Importing key material into multi-Region keys]. For more information about multi-Region
+// the ReplicateKeyoperation. For instructions, see [Importing key material step 1]. For more information about multi-Region
 // keys, see [Multi-Region keys in KMS]in the Key Management Service Developer Guide.
 //
 // Custom key store A [custom key store] lets you protect your Amazon Web Services resources using
@@ -168,20 +168,19 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [CloudHSM key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-cloudhsm.html
-// [external key store]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html
+// [external key store]: https://docs.aws.amazon.com/kms/latest/developerguide/create-xks-keys.html
 // [external key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html
 // [Asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
 // [Multi-Region keys in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
-// [Managing keys]: https://docs.aws.amazon.com/kms/latest/developerguide/getting-started.html
+// [Importing key material step 1]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html
 // [KMS key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms-keys
-// [Allow a user to create KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html#iam-policy-example-create-key
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [Allow a user to create KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/customer-managed-policies.html#iam-policy-example-create-key
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [kms:TagResource]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [CloudHSM key store]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-cloudhsm.html
+// [CloudHSM key store]: https://docs.aws.amazon.com/kms/latest/developerguide/create-cmk-keystore.html
 // [kms:CreateKey]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [Importing key material into multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-import.html
 // [Importing Key Material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 func (c *Client) CreateKey(ctx context.Context, params *CreateKeyInput, optFns ...func(*Options)) (*CreateKeyOutput, error) {
 	if params == nil {
 		params = &CreateKeyInput{}
@@ -227,7 +226,7 @@ type CreateKeyInput struct {
 	// store, you must use the XksKeyId parameter to specify an external key that
 	// serves as key material for the KMS key.
 	//
-	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 	CustomKeyStoreId *string
 
 	// Instead, use the KeySpec parameter.
@@ -253,14 +252,14 @@ type CreateKeyInput struct {
 	// Specifies the type of KMS key to create. The default value, SYMMETRIC_DEFAULT ,
 	// creates a KMS key with a 256-bit AES-GCM key that is used for encryption and
 	// decryption, except in China Regions, where it creates a 128-bit symmetric key
-	// that uses SM4 encryption. For help choosing a key spec for your KMS key, see [Choosing a KMS key type]in
-	// the Key Management Service Developer Guide .
+	// that uses SM4 encryption. For a detailed description of all supported key specs,
+	// see [Key spec reference]in the Key Management Service Developer Guide .
 	//
 	// The KeySpec determines whether the KMS key contains a symmetric key or an
 	// asymmetric key pair. It also determines the algorithms that the KMS key
 	// supports. You can't change the KeySpec after the KMS key is created. To further
 	// restrict the algorithms that can be used with the KMS key, use a condition key
-	// in its key policy or IAM policy. For more information, see [kms:EncryptionAlgorithm], [kms:MacAlgorithm] or [kms:Signing Algorithm] in the Key
+	// in its key policy or IAM policy. For more information, see [kms:EncryptionAlgorithm], [kms:MacAlgorithm], [kms:KeyAgreementAlgorithm], or [kms:SigningAlgorithm] in the Key
 	// Management Service Developer Guide .
 	//
 	// [Amazon Web Services services that are integrated with KMS]use symmetric encryption KMS keys to protect your data. These services do not
@@ -304,15 +303,24 @@ type CreateKeyInput struct {
 	//
 	//   - ECC_SECG_P256K1 (secp256k1), commonly used for cryptocurrencies.
 	//
+	//   - Asymmetric ML-DSA key pairs (signing and verification)
+	//
+	//   - ML_DSA_44
+	//
+	//   - ML_DSA_65
+	//
+	//   - ML_DSA_87
+	//
 	//   - SM2 key pairs (encryption and decryption -or- signing and verification -or-
 	//   deriving shared secrets)
 	//
 	//   - SM2 (China Regions only)
 	//
-	// [kms:EncryptionAlgorithm]: https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm
-	// [kms:Signing Algorithm]: https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-signing-algorithm
-	// [kms:MacAlgorithm]: https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-mac-algorithm
-	// [Choosing a KMS key type]: https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html#symm-asymm-choose
+	// [Key spec reference]: https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose-key-spec.html
+	// [kms:EncryptionAlgorithm]: https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-encryption-algorithm
+	// [kms:SigningAlgorithm]: https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-signing-algorithm
+	// [kms:MacAlgorithm]: https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-mac-algorithm
+	// [kms:KeyAgreementAlgorithm]: https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-key-agreement-algorithm
 	// [Amazon Web Services services that are integrated with KMS]: http://aws.amazon.com/kms/features/#AWS_Service_Integration
 	KeySpec types.KeySpec
 
@@ -334,12 +342,14 @@ type CreateKeyInput struct {
 	//   - For asymmetric KMS keys with NIST-recommended elliptic curve key pairs,
 	//   specify SIGN_VERIFY or KEY_AGREEMENT .
 	//
-	//   - For asymmetric KMS keys with ECC_SECG_P256K1 key pairs specify SIGN_VERIFY .
+	//   - For asymmetric KMS keys with ECC_SECG_P256K1 key pairs, specify SIGN_VERIFY .
+	//
+	//   - For asymmetric KMS keys with ML-DSA key pairs, specify SIGN_VERIFY .
 	//
 	//   - For asymmetric KMS keys with SM2 key pairs (China Regions only), specify
 	//   ENCRYPT_DECRYPT , SIGN_VERIFY , or KEY_AGREEMENT .
 	//
-	// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
+	// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
 	KeyUsage types.KeyUsageType
 
 	// Creates a multi-Region primary key that you can replicate into other Amazon Web
@@ -407,17 +417,28 @@ type CreateKeyInput struct {
 	//   be immediately visible to KMS. For more information, see [Changes that I make are not always immediately visible]in the Amazon Web
 	//   Services Identity and Access Management User Guide.
 	//
+	// If either of the required Resource or Action elements are missing from a key
+	// policy statement, the policy statement has no effect. When a key policy
+	// statement is missing one of these elements, the KMS console correctly reports an
+	// error, but the CreateKey and PutKeyPolicy API requests succeed, even though the
+	// policy statement is ineffective.
+	//
+	// For more information on required key policy elements, see [Elements in a key policy] in the Key
+	// Management Service Developer Guide.
+	//
 	// If you do not provide a key policy, KMS attaches a default key policy to the
 	// KMS key. For more information, see [Default key policy]in the Key Management Service Developer
 	// Guide.
 	//
-	// The key policy size quota is 32 kilobytes (32768 bytes).
+	// If the key policy exceeds the length constraint, KMS returns a
+	// LimitExceededException .
 	//
 	// For help writing and formatting a JSON policy document, see the [IAM JSON Policy Reference] in the
 	// Identity and Access Management User Guide .
 	//
+	// [Elements in a key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-overview.html#key-policy-elements
 	// [IAM JSON Policy Reference]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html
-	// [Default key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default
+	// [Default key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html
 	// [Changes that I make are not always immediately visible]: https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency
 	Policy *string
 
@@ -440,11 +461,11 @@ type CreateKeyInput struct {
 	//
 	// When you add tags to an Amazon Web Services resource, Amazon Web Services
 	// generates a cost allocation report with usage and costs aggregated by tags. Tags
-	// can also be used to control access to a KMS key. For details, see [Tagging Keys].
+	// can also be used to control access to a KMS key. For details, see [Tags in KMS].
 	//
 	// [kms:TagResource]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-	// [Tagging Keys]: https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html
 	// [ABAC for KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/abac.html
+	// [Tags in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html
 	Tags []types.Tag
 
 	// Identifies the [external key] that serves as key material for the KMS key in an [external key store]. Specify the
@@ -472,7 +493,7 @@ type CreateKeyInput struct {
 	// [external key store]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html
 	// [Double encryption]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#concept-double-encryption
 	// [external key]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#concept-external-key
-	// [Requirements for a KMS key in an external key store]: https://docs.aws.amazon.com/create-xks-keys.html#xks-key-requirements
+	// [Requirements for a KMS key in an external key store]: https://docs.aws.amazon.com/kms/latest/developerguide/create-xks-keys.html#xks-key-requirements
 	// [external key store proxy]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#concept-xks-proxy
 	XksKeyId *string
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Decrypt.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Decrypt.go
index f0ed6b253d..27e045ae96 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Decrypt.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Decrypt.go
@@ -46,13 +46,13 @@ import (
 // operation fails. This practice ensures that you use the KMS key that you intend.
 //
 // Whenever possible, use key policies to give users permission to call the Decrypt
-// operation on a particular KMS key, instead of using &IAM; policies. Otherwise,
-// you might create an &IAM; policy that gives the user Decrypt permission on all
-// KMS keys. This user could decrypt ciphertext that was encrypted by KMS keys in
-// other accounts if the key policy for the cross-account KMS key permits it. If
-// you must use an IAM policy for Decrypt permissions, limit the user to
-// particular KMS keys or particular trusted accounts. For details, see [Best practices for IAM policies]in the Key
-// Management Service Developer Guide.
+// operation on a particular KMS key, instead of using IAM policies. Otherwise, you
+// might create an IAM policy that gives the user Decrypt permission on all KMS
+// keys. This user could decrypt ciphertext that was encrypted by KMS keys in other
+// accounts if the key policy for the cross-account KMS key permits it. If you must
+// use an IAM policy for Decrypt permissions, limit the user to particular KMS
+// keys or particular trusted accounts. For details, see [Best practices for IAM policies]in the Key Management
+// Service Developer Guide.
 //
 // Decrypt also supports [Amazon Web Services Nitro Enclaves], which provide an isolated compute environment in Amazon
 // EC2. To call Decrypt for a Nitro enclave, use the [Amazon Web Services Nitro Enclaves SDK] or any Amazon Web Services
@@ -93,7 +93,7 @@ import (
 // [Amazon S3 client-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html
 // [Best practices for IAM policies]: https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html#iam-policies-best-practices
 // [How Amazon Web Services Nitro Enclaves uses KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [Amazon Web Services Nitro Enclaves SDK]: https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk
 func (c *Client) Decrypt(ctx context.Context, params *DecryptInput, optFns ...func(*Options)) (*DecryptOutput, error) {
 	if params == nil {
@@ -119,10 +119,10 @@ type DecryptInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// Specifies the encryption algorithm that will be used to decrypt the ciphertext.
@@ -149,8 +149,8 @@ type DecryptInput struct {
 	//
 	// For more information, see [Encryption context] in the Key Management Service Developer Guide.
 	//
-	// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
-	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+	// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
+	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 	EncryptionContext map[string]string
 
 	// A list of grant tokens.
@@ -160,7 +160,7 @@ type DecryptInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	// Specifies the KMS key that KMS uses to decrypt the ciphertext.
@@ -240,6 +240,11 @@ type DecryptOutput struct {
 	// [key ARN]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN
 	KeyId *string
 
+	// The identifier of the key material used to decrypt the ciphertext. This field
+	// is present only when the operation uses a symmetric encryption KMS key. This
+	// field is omitted if the request includes the Recipient parameter.
+	KeyMaterialId *string
+
 	// Decrypted plaintext data. When you use the HTTP API or the Amazon Web Services
 	// CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.
 	//
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteAlias.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteAlias.go
index 434fff3d28..e377f5cb2a 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteAlias.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteAlias.go
@@ -50,7 +50,7 @@ import (
 //
 // [ABAC for KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/abac.html
 // [kms:DeleteAlias]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [Controlling access to aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access
 func (c *Client) DeleteAlias(ctx context.Context, params *DeleteAliasInput, optFns ...func(*Options)) (*DeleteAliasOutput, error) {
 	if params == nil {
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteCustomKeyStore.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteCustomKeyStore.go
index 49cc8a16ab..9a38c3ef47 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteCustomKeyStore.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteCustomKeyStore.go
@@ -16,9 +16,9 @@ import (
 // key store, it does not affect the external key store proxy, external key
 // manager, or any external keys.
 //
-// This operation is part of the [custom key stores] feature in KMS, which combines the convenience
-// and extensive integration of KMS with the isolation and control of a key store
-// that you own and manage.
+// This operation is part of the custom key stores feature in KMS, which combines
+// the convenience and extensive integration of KMS with the isolation and control
+// of a key store that you own and manage.
 //
 // The custom key store that you delete cannot contain any [KMS keys]. Before deleting the
 // key store, verify that you will never need to use any of the KMS keys in the key
@@ -63,12 +63,11 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [delete the orphaned key material]: https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key
-// [custom key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
 // [kms:DeleteCustomKeyStore]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
+// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
 // [KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 func (c *Client) DeleteCustomKeyStore(ctx context.Context, params *DeleteCustomKeyStoreInput, optFns ...func(*Options)) (*DeleteCustomKeyStoreOutput, error) {
 	if params == nil {
 		params = &DeleteCustomKeyStoreInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteImportedKeyMaterial.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteImportedKeyMaterial.go
index 5b85126521..c87556a9da 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteImportedKeyMaterial.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeleteImportedKeyMaterial.go
@@ -31,6 +31,8 @@ import (
 //
 // # GetParametersForImport
 //
+// # ListKeyRotations
+//
 // # ImportKeyMaterial
 //
 // Eventual consistency: The KMS API follows an eventual consistency model. For
@@ -39,7 +41,7 @@ import (
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [kms:DeleteImportedKeyMaterial]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [Importing Key Material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) DeleteImportedKeyMaterial(ctx context.Context, params *DeleteImportedKeyMaterialInput, optFns ...func(*Options)) (*DeleteImportedKeyMaterialOutput, error) {
 	if params == nil {
 		params = &DeleteImportedKeyMaterialInput{}
@@ -74,10 +76,27 @@ type DeleteImportedKeyMaterialInput struct {
 	// This member is required.
 	KeyId *string
 
+	// Identifies the imported key material you are deleting.
+	//
+	// If no KeyMaterialId is specified, KMS deletes the current key material.
+	//
+	// To get the list of key material IDs associated with a KMS key, use ListKeyRotations.
+	KeyMaterialId *string
+
 	noSmithyDocumentSerde
 }
 
 type DeleteImportedKeyMaterialOutput struct {
+
+	// The Amazon Resource Name ([key ARN] ) of the KMS key from which the key material was
+	// deleted.
+	//
+	// [key ARN]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN
+	KeyId *string
+
+	// Identifies the deleted key material.
+	KeyMaterialId *string
+
 	// Metadata pertaining to the operation's result.
 	ResultMetadata middleware.Metadata
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeriveSharedSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeriveSharedSecret.go
index 578c2c9ceb..952d7ed393 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeriveSharedSecret.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DeriveSharedSecret.go
@@ -91,7 +91,7 @@ import (
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [kms:DeriveSharedSecret]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [Elliptic Curve Cryptography Cofactor Diffie-Hellman Primitive]: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf#page=60
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [NIST recommendations for key derivation]: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf
 func (c *Client) DeriveSharedSecret(ctx context.Context, params *DeriveSharedSecretInput, optFns ...func(*Options)) (*DeriveSharedSecretOutput, error) {
 	if params == nil {
@@ -166,10 +166,10 @@ type DeriveSharedSecretInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// A list of grant tokens.
@@ -179,7 +179,7 @@ type DeriveSharedSecretInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	// A signed [attestation document] from an Amazon Web Services Nitro enclave and the encryption
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DescribeCustomKeyStores.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DescribeCustomKeyStores.go
index 78ec89e964..6e9f9cc1df 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DescribeCustomKeyStores.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DescribeCustomKeyStores.go
@@ -13,9 +13,9 @@ import (
 
 // Gets information about [custom key stores] in the account and Region.
 //
-// This operation is part of the [custom key stores] feature in KMS, which combines the convenience
-// and extensive integration of KMS with the isolation and control of a key store
-// that you own and manage.
+// This operation is part of the custom key stores feature in KMS, which combines
+// the convenience and extensive integration of KMS with the isolation and control
+// of a key store that you own and manage.
 //
 // By default, this operation returns information about all custom key stores in
 // the account and Region. To get only information about a particular custom key
@@ -62,10 +62,10 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [kms:DescribeCustomKeyStores]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [custom key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [custom key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 // [Troubleshooting CloudHSM key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html
 // [Troubleshooting external key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/xks-troubleshooting.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) DescribeCustomKeyStores(ctx context.Context, params *DescribeCustomKeyStoresInput, optFns ...func(*Options)) (*DescribeCustomKeyStoresOutput, error) {
 	if params == nil {
 		params = &DescribeCustomKeyStoresInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DescribeKey.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DescribeKey.go
index 1695eea257..e86fcc4ed6 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DescribeKey.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DescribeKey.go
@@ -32,7 +32,7 @@ import (
 //
 //   - Whether automatic key rotation is enabled on the KMS key. To get this
 //     information, use GetKeyRotationStatus. Also, some key states prevent a KMS key from being
-//     automatically rotated. For details, see [How Automatic Key Rotation Works]in the Key Management Service
+//     automatically rotated. For details, see [How key rotation works]in the Key Management Service
 //     Developer Guide.
 //
 //   - Tags on the KMS key. To get this information, use ListResourceTags.
@@ -71,12 +71,12 @@ import (
 //
 // [CloudHSM key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-cloudhsm.html
 // [external key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html
+// [How key rotation works]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-how-it-works
 // [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
 // [kms:DescribeKey]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [How Automatic Key Rotation Works]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-how-it-works
 // [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
 // [Amazon Web Services managed keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [Amazon Web Services managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
 func (c *Client) DescribeKey(ctx context.Context, params *DescribeKeyInput, optFns ...func(*Options)) (*DescribeKeyOutput, error) {
 	if params == nil {
@@ -131,7 +131,7 @@ type DescribeKeyInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	noSmithyDocumentSerde
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisableKey.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisableKey.go
index c20b99ffd7..d0be2426ff 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisableKey.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisableKey.go
@@ -13,11 +13,9 @@ import (
 // Sets the state of a KMS key to disabled. This change temporarily prevents use
 // of the KMS key for [cryptographic operations].
 //
-// For more information about how key state affects the use of a KMS key, see [Key states of KMS keys] in
-// the Key Management Service Developer Guide .
-//
 // The KMS key that you use for this operation must be in a compatible key state.
-// For details, see [Key states of KMS keys]in the Key Management Service Developer Guide.
+// For more information about how key state affects the use of a KMS key, see [Key states of KMS keys]in
+// the Key Management Service Developer Guide .
 //
 // Cross-account use: No. You cannot perform this operation on a KMS key in a
 // different Amazon Web Services account.
@@ -30,9 +28,9 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
-// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
+// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
 // [kms:DisableKey]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) DisableKey(ctx context.Context, params *DisableKeyInput, optFns ...func(*Options)) (*DisableKeyOutput, error) {
 	if params == nil {
 		params = &DisableKeyInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisableKeyRotation.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisableKeyRotation.go
index 00fda1fab6..051a923f43 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisableKeyRotation.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisableKeyRotation.go
@@ -49,14 +49,14 @@ import (
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [HMAC KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
 // [Amazon Web Services managed KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
-// [automatic rotation of the key material]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html
+// [automatic rotation of the key material]: https://docs.aws.amazon.com/kms/latest/developerguide/rotating-keys-enable-disable.html
 // [asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
 // [customer managed KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
 // [Amazon Web Services owned KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
 // [kms:DisableKeyRotation]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#multi-region-rotate
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 func (c *Client) DisableKeyRotation(ctx context.Context, params *DisableKeyRotationInput, optFns ...func(*Options)) (*DisableKeyRotationOutput, error) {
 	if params == nil {
 		params = &DisableKeyRotationInput{}
@@ -91,7 +91,7 @@ type DisableKeyRotationInput struct {
 	// [imported key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
 	// [HMAC KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
 	// [asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html#asymmetric-cmks
-	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 	//
 	// This member is required.
 	KeyId *string
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisconnectCustomKeyStore.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisconnectCustomKeyStore.go
index b1b0035ce8..6180c2f456 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisconnectCustomKeyStore.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_DisconnectCustomKeyStore.go
@@ -15,9 +15,9 @@ import (
 // external key store from the external key store proxy that communicates with your
 // external key manager.
 //
-// This operation is part of the [custom key stores] feature in KMS, which combines the convenience
-// and extensive integration of KMS with the isolation and control of a key store
-// that you own and manage.
+// This operation is part of the custom key stores feature in KMS, which combines
+// the convenience and extensive integration of KMS with the isolation and control
+// of a key store that you own and manage.
 //
 // While a custom key store is disconnected, you can manage the custom key store
 // and its KMS keys, but you cannot create or use its KMS keys. You can reconnect
@@ -53,11 +53,10 @@ import (
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
-// [custom key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
-// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
+// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
 // [kms:DisconnectCustomKeyStore]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 func (c *Client) DisconnectCustomKeyStore(ctx context.Context, params *DisconnectCustomKeyStoreInput, optFns ...func(*Options)) (*DisconnectCustomKeyStoreOutput, error) {
 	if params == nil {
 		params = &DisconnectCustomKeyStoreInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_EnableKey.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_EnableKey.go
index 3b61f6b88c..52d28ad919 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_EnableKey.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_EnableKey.go
@@ -28,8 +28,8 @@ import (
 //
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [kms:EnableKey]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) EnableKey(ctx context.Context, params *EnableKeyInput, optFns ...func(*Options)) (*EnableKeyOutput, error) {
 	if params == nil {
 		params = &EnableKeyInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_EnableKeyRotation.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_EnableKeyRotation.go
index 9a10a7e3b4..15705fa285 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_EnableKeyRotation.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_EnableKeyRotation.go
@@ -25,9 +25,10 @@ import (
 // in progress rotations. You can use the ListKeyRotationsoperation to view the details of
 // completed rotations.
 //
-// Automatic key rotation is supported only on [symmetric encryption KMS keys]. You cannot enable automatic
-// rotation of [asymmetric KMS keys], [HMAC KMS keys], KMS keys with [imported key material], or KMS keys in a [custom key store]. To enable or disable
-// automatic rotation of a set of related [multi-Region keys], set the property on the primary key.
+// Automatic key rotation is supported only on symmetric encryption KMS keys. You
+// cannot enable automatic rotation of [asymmetric KMS keys], [HMAC KMS keys], KMS keys with [imported key material], or KMS keys in a [custom key store]. To
+// enable or disable automatic rotation of a set of related [multi-Region keys], set the property on
+// the primary key.
 //
 // You cannot enable or disable automatic rotation of [Amazon Web Services managed KMS keys]. KMS always rotates the key
 // material of Amazon Web Services managed keys every year. Rotation of [Amazon Web Services owned KMS keys]is managed
@@ -69,18 +70,17 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [kms:EnableKeyRotation]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [Amazon Web Services owned KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
-// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
 // [imported key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [HMAC KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
 // [Amazon Web Services managed KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
 // [customer managed KMS key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
-// [automatic rotation of the key material]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotating-keys-enable-disable
+// [automatic rotation of the key material]: https://docs.aws.amazon.com/kms/latest/developerguide/rotating-keys-enable-disable.html
 // [asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
-// [symmetric encryption KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#symmetric-cmks
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [Amazon Web Services owned KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
+// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#multi-region-rotate
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 func (c *Client) EnableKeyRotation(ctx context.Context, params *EnableKeyRotationInput, optFns ...func(*Options)) (*EnableKeyRotationOutput, error) {
 	if params == nil {
 		params = &EnableKeyRotationInput{}
@@ -116,8 +116,8 @@ type EnableKeyRotationInput struct {
 	// [imported key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
 	// [HMAC KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
 	// [asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
-	// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate
-	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+	// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#multi-region-rotate
+	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 	//
 	// This member is required.
 	KeyId *string
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Encrypt.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Encrypt.go
index 421d3445f7..43be16d900 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Encrypt.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Encrypt.go
@@ -89,9 +89,9 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
-// [Encryption Context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+// [Encryption Context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 // [kms:Encrypt]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) Encrypt(ctx context.Context, params *EncryptInput, optFns ...func(*Options)) (*EncryptOutput, error) {
 	if params == nil {
 		params = &EncryptInput{}
@@ -141,10 +141,10 @@ type EncryptInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// Specifies the encryption algorithm that KMS will use to encrypt the plaintext
@@ -175,8 +175,8 @@ type EncryptInput struct {
 	//
 	// For more information, see [Encryption context] in the Key Management Service Developer Guide.
 	//
-	// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
-	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+	// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
+	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 	EncryptionContext map[string]string
 
 	// A list of grant tokens.
@@ -186,7 +186,7 @@ type EncryptInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	noSmithyDocumentSerde
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKey.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKey.go
index 5475f22dab..a7b6562b67 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKey.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKey.go
@@ -103,12 +103,12 @@ import (
 // [Amazon Web Services Encryption SDK]: https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/
 // [Amazon DynamoDB Encryption Client]: https://docs.aws.amazon.com/dynamodb-encryption-client/latest/devguide/
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
-// [Encryption Context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+// [Encryption Context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 // [Amazon Web Services Nitro Enclaves]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave.html
 // [Amazon S3 client-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html
 // [kms:GenerateDataKey]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [How Amazon Web Services Nitro Enclaves uses KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [Amazon Web Services Nitro Enclaves SDK]: https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk
 func (c *Client) GenerateDataKey(ctx context.Context, params *GenerateDataKeyInput, optFns ...func(*Options)) (*GenerateDataKeyOutput, error) {
 	if params == nil {
@@ -154,10 +154,10 @@ type GenerateDataKeyInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// Specifies the encryption context that will be used when encrypting the data key.
@@ -175,7 +175,7 @@ type GenerateDataKeyInput struct {
 	//
 	// For more information, see [Encryption context] in the Key Management Service Developer Guide.
 	//
-	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 	EncryptionContext map[string]string
 
 	// A list of grant tokens.
@@ -185,7 +185,7 @@ type GenerateDataKeyInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	// Specifies the length of the data key. Use AES_128 to generate a 128-bit
@@ -253,6 +253,10 @@ type GenerateDataKeyOutput struct {
 	// [key ARN]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN
 	KeyId *string
 
+	// The identifier of the key material used to encrypt the data key. This field is
+	// omitted if the request includes the Recipient parameter.
+	KeyMaterialId *string
+
 	// The plaintext data key. When you use the HTTP API or the Amazon Web Services
 	// CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. Use this
 	// data key to encrypt your data outside of KMS. Then, remove it from memory as
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyPair.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyPair.go
index 109eb02258..9a977048e3 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyPair.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyPair.go
@@ -94,12 +94,12 @@ import (
 //
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [RFC 5280]: https://tools.ietf.org/html/rfc5280
-// [Encryption Context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+// [Encryption Context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 // [Amazon Web Services Nitro Enclaves]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave.html
 // [RFC 5958]: https://tools.ietf.org/html/rfc5958
 // [How Amazon Web Services Nitro Enclaves uses KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html
 // [kms:GenerateDataKeyPair]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [Amazon Web Services Nitro Enclaves SDK]: https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk
 func (c *Client) GenerateDataKeyPair(ctx context.Context, params *GenerateDataKeyPairInput, optFns ...func(*Options)) (*GenerateDataKeyPairOutput, error) {
 	if params == nil {
@@ -146,20 +146,21 @@ type GenerateDataKeyPairInput struct {
 	// Determines the type of data key pair that is generated.
 	//
 	// The KMS rule that restricts the use of asymmetric RSA and SM2 KMS keys to
-	// encrypt and decrypt or to sign and verify (but not both), and the rule that
-	// permits you to use ECC KMS keys only to sign and verify, are not effective on
-	// data key pairs, which are used outside of KMS. The SM2 key spec is only
-	// available in China Regions.
+	// encrypt and decrypt or to sign and verify (but not both), the rule that permits
+	// you to use ECC KMS keys only to sign and verify, and the rule that permits you
+	// to use ML-DSA key pairs to sign and verify only are not effective on data key
+	// pairs, which are used outside of KMS. The SM2 key spec is only available in
+	// China Regions.
 	//
 	// This member is required.
 	KeyPairSpec types.DataKeyPairSpec
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// Specifies the encryption context that will be used when encrypting the private
@@ -178,7 +179,7 @@ type GenerateDataKeyPairInput struct {
 	//
 	// For more information, see [Encryption context] in the Key Management Service Developer Guide.
 	//
-	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 	EncryptionContext map[string]string
 
 	// A list of grant tokens.
@@ -188,7 +189,7 @@ type GenerateDataKeyPairInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	// A signed [attestation document] from an Amazon Web Services Nitro enclave and the encryption
@@ -240,6 +241,9 @@ type GenerateDataKeyPairOutput struct {
 	// [key ARN]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN
 	KeyId *string
 
+	// The identifier of the key material used to encrypt the private key.
+	KeyMaterialId *string
+
 	// The type of data key pair that was generated.
 	KeyPairSpec types.DataKeyPairSpec
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyPairWithoutPlaintext.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyPairWithoutPlaintext.go
index ec29b538cc..d56ed2123d 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyPairWithoutPlaintext.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyPairWithoutPlaintext.go
@@ -72,9 +72,9 @@ import (
 //
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [RFC 5280]: https://tools.ietf.org/html/rfc5280
-// [Encryption Context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+// [Encryption Context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 // [kms:GenerateDataKeyPairWithoutPlaintext]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) GenerateDataKeyPairWithoutPlaintext(ctx context.Context, params *GenerateDataKeyPairWithoutPlaintextInput, optFns ...func(*Options)) (*GenerateDataKeyPairWithoutPlaintextOutput, error) {
 	if params == nil {
 		params = &GenerateDataKeyPairWithoutPlaintextInput{}
@@ -120,20 +120,21 @@ type GenerateDataKeyPairWithoutPlaintextInput struct {
 	// Determines the type of data key pair that is generated.
 	//
 	// The KMS rule that restricts the use of asymmetric RSA and SM2 KMS keys to
-	// encrypt and decrypt or to sign and verify (but not both), and the rule that
-	// permits you to use ECC KMS keys only to sign and verify, are not effective on
-	// data key pairs, which are used outside of KMS. The SM2 key spec is only
-	// available in China Regions.
+	// encrypt and decrypt or to sign and verify (but not both), the rule that permits
+	// you to use ECC KMS keys only to sign and verify, and the rule that permits you
+	// to use ML-DSA key pairs to sign and verify only are not effective on data key
+	// pairs, which are used outside of KMS. The SM2 key spec is only available in
+	// China Regions.
 	//
 	// This member is required.
 	KeyPairSpec types.DataKeyPairSpec
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// Specifies the encryption context that will be used when encrypting the private
@@ -152,7 +153,7 @@ type GenerateDataKeyPairWithoutPlaintextInput struct {
 	//
 	// For more information, see [Encryption context] in the Key Management Service Developer Guide.
 	//
-	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 	EncryptionContext map[string]string
 
 	// A list of grant tokens.
@@ -162,7 +163,7 @@ type GenerateDataKeyPairWithoutPlaintextInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	noSmithyDocumentSerde
@@ -175,6 +176,9 @@ type GenerateDataKeyPairWithoutPlaintextOutput struct {
 	// [key ARN]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN
 	KeyId *string
 
+	// The identifier of the key material used to encrypt the private key.
+	KeyMaterialId *string
+
 	// The type of data key pair that was generated.
 	KeyPairSpec types.DataKeyPairSpec
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyWithoutPlaintext.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyWithoutPlaintext.go
index fc5e5a8b34..914f2b0e66 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyWithoutPlaintext.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateDataKeyWithoutPlaintext.go
@@ -82,9 +82,9 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
-// [Encryption Context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+// [Encryption Context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 // [kms:GenerateDataKeyWithoutPlaintext]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) GenerateDataKeyWithoutPlaintext(ctx context.Context, params *GenerateDataKeyWithoutPlaintextInput, optFns ...func(*Options)) (*GenerateDataKeyWithoutPlaintextOutput, error) {
 	if params == nil {
 		params = &GenerateDataKeyWithoutPlaintextInput{}
@@ -129,10 +129,10 @@ type GenerateDataKeyWithoutPlaintextInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// Specifies the encryption context that will be used when encrypting the data key.
@@ -150,7 +150,7 @@ type GenerateDataKeyWithoutPlaintextInput struct {
 	//
 	// For more information, see [Encryption context] in the Key Management Service Developer Guide.
 	//
-	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 	EncryptionContext map[string]string
 
 	// A list of grant tokens.
@@ -160,7 +160,7 @@ type GenerateDataKeyWithoutPlaintextInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	// The length of the data key. Use AES_128 to generate a 128-bit symmetric key, or
@@ -187,6 +187,9 @@ type GenerateDataKeyWithoutPlaintextOutput struct {
 	// [key ARN]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN
 	KeyId *string
 
+	// The identifier of the key material used to encrypt the data key.
+	KeyMaterialId *string
+
 	// Metadata pertaining to the operation's result.
 	ResultMetadata middleware.Metadata
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateMac.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateMac.go
index 8253e75f68..fce1275cc3 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateMac.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateMac.go
@@ -47,7 +47,7 @@ import (
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [kms:GenerateMac]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [RFC 2104]: https://datatracker.ietf.org/doc/html/rfc2104
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [HMAC keys in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
 func (c *Client) GenerateMac(ctx context.Context, params *GenerateMacInput, optFns ...func(*Options)) (*GenerateMacOutput, error) {
 	if params == nil {
@@ -97,10 +97,10 @@ type GenerateMacInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// A list of grant tokens.
@@ -110,7 +110,7 @@ type GenerateMacInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	noSmithyDocumentSerde
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateRandom.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateRandom.go
index 63e933451d..6e9aa4192f 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateRandom.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GenerateRandom.go
@@ -29,7 +29,8 @@ import (
 // Amazon Web Services Nitro Enclaves, see [How Amazon Web Services Nitro Enclaves uses KMS]in the Key Management Service Developer
 // Guide.
 //
-// For more information about entropy and random number generation, see [Key Management Service Cryptographic Details].
+// For more information about entropy and random number generation, see [Entropy and random number generation] in the
+// Key Management Service Developer Guide.
 //
 // Cross-account use: Not applicable. GenerateRandom does not use any
 // account-specific resources, such as KMS keys.
@@ -41,10 +42,10 @@ import (
 //
 // [kms:GenerateRandom]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [Amazon Web Services Nitro Enclaves]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave.html
-// [Key Management Service Cryptographic Details]: https://docs.aws.amazon.com/kms/latest/cryptographic-details/
 // [How Amazon Web Services Nitro Enclaves uses KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [Amazon Web Services Nitro Enclaves SDK]: https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk
+// [Entropy and random number generation]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#entropy-and-random-numbers
 func (c *Client) GenerateRandom(ctx context.Context, params *GenerateRandomInput, optFns ...func(*Options)) (*GenerateRandomOutput, error) {
 	if params == nil {
 		params = &GenerateRandomInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetKeyPolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetKeyPolicy.go
index bb91505acb..c91dc43430 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetKeyPolicy.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetKeyPolicy.go
@@ -24,7 +24,7 @@ import (
 //
 // [kms:GetKeyPolicy]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [PutKeyPolicy]: https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) GetKeyPolicy(ctx context.Context, params *GetKeyPolicyInput, optFns ...func(*Options)) (*GetKeyPolicyOutput, error) {
 	if params == nil {
 		params = &GetKeyPolicyInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetKeyRotationStatus.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetKeyRotationStatus.go
index 7f6684bc6d..032f8d4a98 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetKeyRotationStatus.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetKeyRotationStatus.go
@@ -15,9 +15,10 @@ import (
 // including whether [automatic rotation of the key material]is enabled for the specified KMS key, the [rotation period], and the next
 // scheduled rotation date.
 //
-// Automatic key rotation is supported only on [symmetric encryption KMS keys]. You cannot enable automatic
-// rotation of [asymmetric KMS keys], [HMAC KMS keys], KMS keys with [imported key material], or KMS keys in a [custom key store]. To enable or disable
-// automatic rotation of a set of related [multi-Region keys], set the property on the primary key..
+// Automatic key rotation is supported only on symmetric encryption KMS keys. You
+// cannot enable automatic rotation of [asymmetric KMS keys], [HMAC KMS keys], KMS keys with [imported key material], or KMS keys in a [custom key store]. To
+// enable or disable automatic rotation of a set of related [multi-Region keys], set the property on
+// the primary key.
 //
 // You can enable (EnableKeyRotation ) and disable automatic rotation (DisableKeyRotation ) of the key material in
 // customer managed KMS keys. Key material rotation of [Amazon Web Services managed KMS keys]is not configurable. KMS
@@ -74,12 +75,11 @@ import (
 // [rotation period]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotation-period
 // [Amazon Web Services managed KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
 // [kms:GetKeyRotationStatus]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [automatic rotation of the key material]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html
+// [automatic rotation of the key material]: https://docs.aws.amazon.com/kms/latest/developerguide/rotating-keys-enable-disable.html
 // [asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
-// [symmetric encryption KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#symmetric-cmks
-// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#multi-region-rotate
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 func (c *Client) GetKeyRotationStatus(ctx context.Context, params *GetKeyRotationStatusInput, optFns ...func(*Options)) (*GetKeyRotationStatusOutput, error) {
 	if params == nil {
 		params = &GetKeyRotationStatusInput{}
@@ -131,12 +131,11 @@ type GetKeyRotationStatusOutput struct {
 	// Identifies the date and time that an in progress on-demand rotation was
 	// initiated.
 	//
-	// The KMS API follows an [eventual consistency] model due to the distributed nature of the system. As a
-	// result, there might be a slight delay between initiating on-demand key rotation
-	// and the rotation's completion. Once the on-demand rotation is complete, use ListKeyRotationsto
-	// view the details of the on-demand rotation.
-	//
-	// [eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+	// KMS uses a background process to perform rotations. As a result, there might be
+	// a slight delay between initiating on-demand key rotation and the rotation's
+	// completion. Once the on-demand rotation is complete, KMS removes this field from
+	// the response. You can use ListKeyRotationsto view the details of the completed on-demand
+	// rotation.
 	OnDemandRotationStartDate *time.Time
 
 	// The number of days between each automatic rotation. The default value is 365
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetParametersForImport.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetParametersForImport.go
index 53d4dab403..411f555769 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetParametersForImport.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetParametersForImport.go
@@ -17,8 +17,7 @@ import (
 //
 // By default, KMS keys are created with key material that KMS generates. This
 // operation supports [Importing key material], an advanced feature that lets you generate and import the
-// cryptographic key material for a KMS key. For more information about importing
-// key material into KMS, see [Importing key material]in the Key Management Service Developer Guide.
+// cryptographic key material for a KMS key.
 //
 // Before calling GetParametersForImport , use the CreateKey operation with an Origin value
 // of EXTERNAL to create a KMS key with no key material. You can import key
@@ -80,10 +79,10 @@ import (
 // [Importing key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
 // [kms:GetParametersForImport]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
-// [reimport the original key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#reimport-key-material
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [reimport the original key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-import-key-material.html#reimport-key-material
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [multi-Region key]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 func (c *Client) GetParametersForImport(ctx context.Context, params *GetParametersForImportInput, optFns ...func(*Options)) (*GetParametersForImportOutput, error) {
 	if params == nil {
 		params = &GetParametersForImportInput{}
@@ -122,7 +121,7 @@ type GetParametersForImportInput struct {
 	KeyId *string
 
 	// The algorithm you will use with the RSA public key ( PublicKey ) in the response
-	// to protect your key material during import. For more information, see Select a wrapping algorithmin the
+	// to protect your key material during import. For more information, see [Select a wrapping algorithm]in the
 	// Key Management Service Developer Guide.
 	//
 	// For RSA_AES wrapping algorithms, you encrypt your key material with an AES key
@@ -153,6 +152,8 @@ type GetParametersForImportInput struct {
 	//   - RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, KMS does not
 	//   support the RSAES_PKCS1_V1_5 wrapping algorithm.
 	//
+	// [Select a wrapping algorithm]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-get-public-key-and-token.html#select-wrapping-algorithm
+	//
 	// This member is required.
 	WrappingAlgorithm types.AlgorithmSpec
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetPublicKey.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetPublicKey.go
index 673de8891b..faeb8c05b2 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetPublicKey.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_GetPublicKey.go
@@ -37,8 +37,8 @@ import (
 //     secret.
 //
 // [EncryptionAlgorithms]
-//   - or [SigningAlgorithms]: A list of the encryption algorithms or the signing algorithms for the
-//     key.
+//   - , [KeyAgreementAlgorithms], or [SigningAlgorithms]: A list of the encryption algorithms, key agreement algorithms, or
+//     signing algorithms for the key.
 //
 // Although KMS cannot enforce these restrictions on external operations, it is
 // crucial that you use this information to prevent the public key from being used
@@ -70,10 +70,11 @@ import (
 // [kms:GetPublicKey]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [EncryptionAlgorithms]: https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-EncryptionAlgorithms
 // [Asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
+// [KeyAgreementAlgorithms]: https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-KeyAgreementAlgorithms
 // [KeySpec]: https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-KeySpec
-// [Offline verification with SM2 key pairs]: https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-sm-offline-verification
+// [Offline verification with SM2 key pairs]: https://docs.aws.amazon.com/kms/latest/developerguide/offline-operations.html#key-spec-sm-offline-verification
 // [KeyUsage]: https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-KeyUsage
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) GetPublicKey(ctx context.Context, params *GetPublicKeyInput, optFns ...func(*Options)) (*GetPublicKeyOutput, error) {
 	if params == nil {
 		params = &GetPublicKeyInput{}
@@ -121,7 +122,7 @@ type GetPublicKeyInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	noSmithyDocumentSerde
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ImportKeyMaterial.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ImportKeyMaterial.go
index f5b2bed826..571afbbaa7 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ImportKeyMaterial.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ImportKeyMaterial.go
@@ -13,44 +13,42 @@ import (
 )
 
 // Imports or reimports key material into an existing KMS key that was created
-// without key material. ImportKeyMaterial also sets the expiration model and
-// expiration date of the imported key material.
+// without key material. You can also use this operation to set or update the
+// expiration model and expiration date of the imported key material.
 //
-// By default, KMS keys are created with key material that KMS generates. This
-// operation supports [Importing key material], an advanced feature that lets you generate and import the
-// cryptographic key material for a KMS key. For more information about importing
-// key material into KMS, see [Importing key material]in the Key Management Service Developer Guide.
+// By default, KMS creates KMS keys with key material that it generates. You can
+// also generate and import your own key material. For more information about
+// importing key material, see [Importing key material].
 //
-// After you successfully import key material into a KMS key, you can [reimport the same key material] into that
-// KMS key, but you cannot import different key material. You might reimport key
-// material to replace key material that expired or key material that you deleted.
-// You might also reimport key material to change the expiration model or
-// expiration date of the key material.
+// For asymmetric, HMAC and multi-Region keys, you cannot change the key material
+// after the initial import. You can import multiple key materials into
+// single-Region, symmetric encryption keys and rotate the key material on demand
+// using RotateKeyOnDemand .
+//
+// After you import key material, you can [reimport the same key material] into that KMS key or, if the key
+// supports on-demand rotation, import new key material. You can use the ImportType
+// parameter to indicate whether you are importing new key material or re-importing
+// previously imported key material. You might reimport key material to replace key
+// material that expired or key material that you deleted. You might also reimport
+// key material to change the expiration model or expiration date of the key
+// material.
 //
 // Each time you import key material into KMS, you can determine whether (
 // ExpirationModel ) and when ( ValidTo ) the key material expires. To change the
 // expiration of your key material, you must import it again, either by calling
-// ImportKeyMaterial or using the import features of the KMS console.
+// ImportKeyMaterial or using the [import features] of the KMS console.
 //
-// Before calling ImportKeyMaterial :
+// Before you call ImportKeyMaterial , complete these steps:
 //
-//   - Create or identify a KMS key with no key material. The KMS key must have an
-//     Origin value of EXTERNAL , which indicates that the KMS key is designed for
-//     imported key material.
+//   - Create or identify a KMS key with EXTERNAL origin, which indicates that the
+//     KMS key is designed for imported key material.
 //
-// To create an new KMS key for imported key material, call the CreateKeyoperation with an
+// To create a new KMS key for imported key material, call the CreateKeyoperation with an
 //
 //	Origin value of EXTERNAL . You can create a symmetric encryption KMS key, HMAC
-//	KMS key, asymmetric encryption KMS key, or asymmetric signing KMS key. You can
-//	also import key material into a multi-Region keyof any supported type. However, you can't
-//	import key material into a KMS key in a custom key store.
-//
-//	- Use the DescribeKeyoperation to verify that the KeyState of the KMS key is
-//	PendingImport , which indicates that the KMS key has no key material.
-//
-// If you are reimporting the same key material into an existing KMS key, you
-//
-//	might need to call the DeleteImportedKeyMaterialto delete its existing key material.
+//	KMS key, asymmetric encryption KMS key, asymmetric key agreement key, or
+//	asymmetric signing KMS key. You can also import key material into a [multi-Region key]of any
+//	supported type. However, you can't import key material into a KMS key in a [custom key store].
 //
 //	- Call the GetParametersForImportoperation to get a public key and import token set for importing
 //	key material.
@@ -63,7 +61,7 @@ import (
 //
 //   - The key ID or key ARN of the KMS key to associate with the imported key
 //     material. Its Origin must be EXTERNAL and its KeyState must be PendingImport .
-//     You cannot perform this operation on a KMS key in a custom key store, or on a KMS key in a
+//     You cannot perform this operation on a KMS key in a [custom key store], or on a KMS key in a
 //     different Amazon Web Services account. To get the Origin and KeyState of a KMS
 //     key, call DescribeKey.
 //
@@ -86,12 +84,15 @@ import (
 //
 // When this operation is successful, the key state of the KMS key changes from
 // PendingImport to Enabled , and you can use the KMS key in cryptographic
-// operations.
+// operations. For single-Region, symmetric encryption keys, you will need to
+// import all of the key materials associated with the KMS key to change its state
+// to Enabled . Use the ListKeyRotations operation to list the ID and import state
+// of each key material associated with a KMS key.
 //
 // If this operation fails, use the exception to help determine the problem. If
 // the error is related to the key material, the import token, or wrapping key, use
 // GetParametersForImportto get a new public key and import token for the KMS key and repeat the import
-// procedure. For help, see [How To Import Key Material]in the Key Management Service Developer Guide.
+// procedure. For help, see [Create a KMS key with imported key material]in the Key Management Service Developer Guide.
 //
 // The KMS key that you use for this operation must be in a compatible key state.
 // For details, see [Key states of KMS keys]in the Key Management Service Developer Guide.
@@ -107,16 +108,24 @@ import (
 //
 // # GetParametersForImport
 //
+// # ListKeyRotations
+//
+// # RotateKeyOnDemand
+//
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
 // [Importing key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
-// [How To Import Key Material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#importing-keys-overview
 // [kms:ImportKeyMaterial]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [reimport the same key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#reimport-key-material
-// [Setting an expiration time]: https://docs.aws.amazon.com/en_us/kms/latest/developerguide/importing-keys.html#importing-keys-expiration
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [reimport the same key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-import-key-material.html#reimport-key-material
+// [import features]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-import-key-material.html#importing-keys-import-key-material-console
+// [Create a KMS key with imported key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-conceptual.html
+// [Setting an expiration time]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-import-key-material.html#importing-keys-expiration
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
+//
+// [multi-Region key]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
 func (c *Client) ImportKeyMaterial(ctx context.Context, params *ImportKeyMaterialInput, optFns ...func(*Options)) (*ImportKeyMaterialOutput, error) {
 	if params == nil {
 		params = &ImportKeyMaterialInput{}
@@ -154,7 +163,7 @@ type ImportKeyMaterialInput struct {
 	// KeyState must be PendingImport .
 	//
 	// The KMS key can be a symmetric encryption KMS key, HMAC KMS key, asymmetric
-	// encryption KMS key, or asymmetric signing KMS key, including a multi-Region keyof any supported
+	// encryption KMS key, or asymmetric signing KMS key, including a [multi-Region key]of any supported
 	// type. You cannot perform this operation on a KMS key in a custom key store, or
 	// on a KMS key in a different Amazon Web Services account.
 	//
@@ -169,6 +178,8 @@ type ImportKeyMaterialInput struct {
 	//
 	// To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
 	//
+	// [multi-Region key]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
+	//
 	// This member is required.
 	KeyId *string
 
@@ -183,9 +194,38 @@ type ImportKeyMaterialInput struct {
 	// after the request completes. To change either value, you must reimport the key
 	// material.
 	//
-	// [Setting an expiration time]: https://docs.aws.amazon.com/en_us/kms/latest/developerguide/importing-keys.html#importing-keys-expiration
+	// [Setting an expiration time]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-import-key-material.html#importing-keys-expiration
 	ExpirationModel types.ExpirationModelType
 
+	// Indicates whether the key material being imported is previously associated with
+	// this KMS key or not. This parameter is optional and only usable with symmetric
+	// encryption keys. The default is EXISTING_KEY_MATERIAL . If no key material has
+	// ever been imported into the KMS key, and this parameter is omitted, the
+	// parameter defaults to NEW_KEY_MATERIAL .
+	ImportType types.ImportType
+
+	// Description for the key material being imported. This parameter is optional and
+	// only usable with symmetric encryption keys. If you do not specify a key material
+	// description, KMS retains the value you specified when you last imported the same
+	// key material into this KMS key.
+	KeyMaterialDescription *string
+
+	// Identifies the key material being imported. This parameter is optional and only
+	// usable with symmetric encryption keys. You cannot specify a key material ID with
+	// ImportType set to NEW_KEY_MATERIAL . Whenever you import key material into a
+	// symmetric encryption key, KMS assigns a unique identifier to the key material
+	// based on the KMS key ID and the imported key material. When you re-import key
+	// material with a specified key material ID, KMS:
+	//
+	//   - Computes the identifier for the key material
+	//
+	//   - Matches the computed identifier against the specified key material ID
+	//
+	//   - Verifies that the key material ID is already associated with the KMS key
+	//
+	// To get the list of key material IDs associated with a KMS key, use ListKeyRotations.
+	KeyMaterialId *string
+
 	// The date and time when the imported key material expires. This parameter is
 	// required when the value of the ExpirationModel parameter is KEY_MATERIAL_EXPIRES
 	// . Otherwise it is not valid.
@@ -206,6 +246,15 @@ type ImportKeyMaterialInput struct {
 }
 
 type ImportKeyMaterialOutput struct {
+
+	// The Amazon Resource Name ([key ARN] ) of the KMS key into which key material was imported.
+	//
+	// [key ARN]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN
+	KeyId *string
+
+	// Identifies the imported key material.
+	KeyMaterialId *string
+
 	// Metadata pertaining to the operation's result.
 	ResultMetadata middleware.Metadata
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListAliases.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListAliases.go
index 0dd0f922f4..c48e558f16 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListAliases.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListAliases.go
@@ -47,10 +47,10 @@ import (
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
-// [KMS aliases quota]: https://docs.aws.amazon.com/kms/latest/developerguide/limits.html#aliases-limit
+// [KMS aliases quota]: https://docs.aws.amazon.com/kms/latest/developerguide/resource-limits.html#aliases-per-key
 // [kms:ListAliases]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
-// [Controlling access to aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [Controlling access to aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/alias-access.html
 func (c *Client) ListAliases(ctx context.Context, params *ListAliasesInput, optFns ...func(*Options)) (*ListAliasesOutput, error) {
 	if params == nil {
 		params = &ListAliasesInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListGrants.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListGrants.go
index 086ae2a3aa..0cfe73532e 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListGrants.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListGrants.go
@@ -17,8 +17,8 @@ import (
 // grant ID or grantee principal.
 //
 // For detailed information about grants, including grant terminology, see [Grants in KMS] in the
-// Key Management Service Developer Guide . For examples of working with grants in
-// several programming languages, see [Programming grants].
+// Key Management Service Developer Guide . For examples of creating grants in
+// several programming languages, see [Use CreateGrant with an Amazon Web Services SDK or CLI].
 //
 // The GranteePrincipal field in the ListGrants response usually contains the user
 // or role designated as the grantee principal in the grant. However, when the
@@ -45,11 +45,11 @@ import (
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
-// [Programming grants]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html
 // [service principal]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services
 // [Grants in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html
+// [Use CreateGrant with an Amazon Web Services SDK or CLI]: https://docs.aws.amazon.com/kms/latest/developerguide/example_kms_CreateGrant_section.html
 // [kms:ListGrants]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) ListGrants(ctx context.Context, params *ListGrantsInput, optFns ...func(*Options)) (*ListGrantsOutput, error) {
 	if params == nil {
 		params = &ListGrantsInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeyPolicies.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeyPolicies.go
index 8de34587e7..ce74f3993e 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeyPolicies.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeyPolicies.go
@@ -30,7 +30,7 @@ import (
 //
 // [kms:ListKeyPolicies]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [PutKeyPolicy]: https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) ListKeyPolicies(ctx context.Context, params *ListKeyPoliciesInput, optFns ...func(*Options)) (*ListKeyPoliciesOutput, error) {
 	if params == nil {
 		params = &ListKeyPoliciesInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeyRotations.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeyRotations.go
index 57f5af80be..19a7da63f3 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeyRotations.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeyRotations.go
@@ -11,13 +11,14 @@ import (
 	smithyhttp "github.com/aws/smithy-go/transport/http"
 )
 
-// Returns information about all completed key material rotations for the
-// specified KMS key.
+// Returns information about the key materials associated with the specified KMS
+// key. You can use the optional IncludeKeyMaterial parameter to control which key
+// materials are included in the response.
 //
 // You must specify the KMS key in all requests. You can refine the key rotations
 // list by limiting the number of rotations returned.
 //
-// For detailed information about automatic and on-demand key rotations, see [Rotating KMS keys] in
+// For detailed information about automatic and on-demand key rotations, see [Rotate KMS keys] in
 // the Key Management Service Developer Guide.
 //
 // Cross-account use: No. You cannot perform this operation on a KMS key in a
@@ -29,18 +30,22 @@ import (
 //
 // # EnableKeyRotation
 //
+// # DeleteImportedKeyMaterial
+//
 // # DisableKeyRotation
 //
 // # GetKeyRotationStatus
 //
+// # ImportKeyMaterial
+//
 // # RotateKeyOnDemand
 //
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
-// [Rotating KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html
+// [Rotate KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html
 // [kms:ListKeyRotations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) ListKeyRotations(ctx context.Context, params *ListKeyRotationsInput, optFns ...func(*Options)) (*ListKeyRotationsOutput, error) {
 	if params == nil {
 		params = &ListKeyRotationsInput{}
@@ -74,6 +79,15 @@ type ListKeyRotationsInput struct {
 	// This member is required.
 	KeyId *string
 
+	// Use this optional parameter to control which key materials associated with this
+	// key are listed in the response. The default value of this parameter is
+	// ROTATIONS_ONLY . If you omit this parameter, KMS returns information on the key
+	// materials created by automatic or on-demand key rotation. When you specify a
+	// value of ALL_KEY_MATERIAL , KMS adds the first key material and any imported key
+	// material pending rotation to the response. This parameter can only be used with
+	// KMS keys that support automatic or on-demand key rotation.
+	IncludeKeyMaterial types.IncludeKeyMaterial
+
 	// Use this parameter to specify the maximum number of items to return. When this
 	// value is present, KMS does not return more than the specified number of items,
 	// but it might return fewer.
@@ -96,7 +110,9 @@ type ListKeyRotationsOutput struct {
 	// for the Marker parameter in a subsequent request.
 	NextMarker *string
 
-	// A list of completed key material rotations.
+	// A list of completed key material rotations. When the optional input parameter
+	// IncludeKeyMaterial is specified with a value of ALL_KEY_MATERIAL , this list
+	// includes the first key material and any imported key material pending rotation.
 	Rotations []types.RotationsListEntry
 
 	// A flag that indicates whether there are more items in the list. When this value
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeys.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeys.go
index 2133b6ccfc..9119d5ac0f 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeys.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListKeys.go
@@ -33,7 +33,7 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [kms:ListKeys]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) ListKeys(ctx context.Context, params *ListKeysInput, optFns ...func(*Options)) (*ListKeysOutput, error) {
 	if params == nil {
 		params = &ListKeysInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListResourceTags.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListResourceTags.go
index 5c77544bd0..fa54b4ebc4 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListResourceTags.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListResourceTags.go
@@ -15,7 +15,7 @@ import (
 //
 // For general information about tags, including the format and syntax, see [Tagging Amazon Web Services resources] in
 // the Amazon Web Services General Reference. For information about using tags in
-// KMS, see [Tagging keys].
+// KMS, see [Tags in KMS].
 //
 // Cross-account use: No. You cannot perform this operation on a KMS key in a
 // different Amazon Web Services account.
@@ -35,9 +35,9 @@ import (
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
-// [Tagging keys]: https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html
 // [kms:ListResourceTags]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [Tags in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [Tagging Amazon Web Services resources]: https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html
 func (c *Client) ListResourceTags(ctx context.Context, params *ListResourceTagsInput, optFns ...func(*Options)) (*ListResourceTagsOutput, error) {
 	if params == nil {
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListRetirableGrants.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListRetirableGrants.go
index a722cc3804..9244dbeaa0 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListRetirableGrants.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ListRetirableGrants.go
@@ -20,8 +20,8 @@ import (
 // determine which grants you may retire. To retire a grant, use the RetireGrantoperation.
 //
 // For detailed information about grants, including grant terminology, see [Grants in KMS] in the
-// Key Management Service Developer Guide . For examples of working with grants in
-// several programming languages, see [Programming grants].
+// Key Management Service Developer Guide . For examples of creating grants in
+// several programming languages, see [Use CreateGrant with an Amazon Web Services SDK or CLI].
 //
 // Cross-account use: You must specify a principal in your Amazon Web Services
 // account. This operation returns a list of grants where the retiring principal
@@ -52,10 +52,10 @@ import (
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
-// [Programming grants]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html
 // [kms:ListRetirableGrants]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [Grants in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [Use CreateGrant with an Amazon Web Services SDK or CLI]: https://docs.aws.amazon.com/kms/latest/developerguide/example_kms_CreateGrant_section.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) ListRetirableGrants(ctx context.Context, params *ListRetirableGrantsInput, optFns ...func(*Options)) (*ListRetirableGrantsOutput, error) {
 	if params == nil {
 		params = &ListRetirableGrantsInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_PutKeyPolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_PutKeyPolicy.go
index e1be982d7c..3280fb324c 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_PutKeyPolicy.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_PutKeyPolicy.go
@@ -15,7 +15,7 @@ import (
 // For more information about key policies, see [Key Policies] in the Key Management Service
 // Developer Guide. For help writing and formatting a JSON policy document, see the
 // [IAM JSON Policy Reference]in the Identity and Access Management User Guide . For examples of adding a key
-// policy in multiple programming languages, see [Setting a key policy]in the Key Management Service
+// policy in multiple programming languages, see [Use PutKeyPolicy with an Amazon Web Services SDK or CLI]in the Key Management Service
 // Developer Guide.
 //
 // Cross-account use: No. You cannot perform this operation on a KMS key in a
@@ -30,9 +30,9 @@ import (
 //
 // [IAM JSON Policy Reference]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html
 // [kms:PutKeyPolicy]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [Setting a key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-key-policies.html#put-policy
+// [Use PutKeyPolicy with an Amazon Web Services SDK or CLI]: https://docs.aws.amazon.com/kms/latest/developerguide/example_kms_PutKeyPolicy_section.html
 // [Key Policies]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) PutKeyPolicy(ctx context.Context, params *PutKeyPolicyInput, optFns ...func(*Options)) (*PutKeyPolicyOutput, error) {
 	if params == nil {
 		params = &PutKeyPolicyInput{}
@@ -83,6 +83,15 @@ type PutKeyPolicyInput struct {
 	//   be immediately visible to KMS. For more information, see [Changes that I make are not always immediately visible]in the Amazon Web
 	//   Services Identity and Access Management User Guide.
 	//
+	// If either of the required Resource or Action elements are missing from a key
+	// policy statement, the policy statement has no effect. When a key policy
+	// statement is missing one of these elements, the KMS console correctly reports an
+	// error, but the PutKeyPolicy API request succeeds, even though the policy
+	// statement is ineffective.
+	//
+	// For more information on required key policy elements, see [Elements in a key policy] in the Key
+	// Management Service Developer Guide.
+	//
 	// A key policy document can include only the following characters:
 	//
 	//   - Printable ASCII characters from the space character ( \u0020 ) through the
@@ -94,11 +103,15 @@ type PutKeyPolicyInput struct {
 	//   - The tab ( \u0009 ), line feed ( \u000A ), and carriage return ( \u000D )
 	//   special characters
 	//
+	// If the key policy exceeds the length constraint, KMS returns a
+	// LimitExceededException .
+	//
 	// For information about key policies, see [Key policies in KMS] in the Key Management Service
 	// Developer Guide.For help writing and formatting a JSON policy document, see the [IAM JSON Policy Reference]
 	// in the Identity and Access Management User Guide .
 	//
 	// [Key policies in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html
+	// [Elements in a key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-overview.html#key-policy-elements
 	// [IAM JSON Policy Reference]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html
 	// [Default key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key
 	// [Changes that I make are not always immediately visible]: https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ReEncrypt.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ReEncrypt.go
index dabcddcf4e..96c271930a 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ReEncrypt.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ReEncrypt.go
@@ -99,14 +99,14 @@ import (
 //
 // [Amazon Web Services Encryption SDK]: https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
-// [asymmetric KMS key]: https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#asymmetric-cmks
+// [asymmetric KMS key]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
 // [key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html
 // [Amazon S3 client-side encryption]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html
 // [kms:ReEncryptTo]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
-// [manually rotate]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-manually
+// [encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
+// [manually rotate]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys-manually.html
 // [kms:ReEncryptFrom]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) ReEncrypt(ctx context.Context, params *ReEncryptInput, optFns ...func(*Options)) (*ReEncryptOutput, error) {
 	if params == nil {
 		params = &ReEncryptInput{}
@@ -182,15 +182,15 @@ type ReEncryptInput struct {
 	//
 	// For more information, see [Encryption context] in the Key Management Service Developer Guide.
 	//
-	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 	DestinationEncryptionContext map[string]string
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// A list of grant tokens.
@@ -200,7 +200,7 @@ type ReEncryptInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	// Specifies the encryption algorithm that KMS will use to decrypt the ciphertext
@@ -227,7 +227,7 @@ type ReEncryptInput struct {
 	//
 	// For more information, see [Encryption context] in the Key Management Service Developer Guide.
 	//
-	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
+	// [Encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
 	SourceEncryptionContext map[string]string
 
 	// Specifies the KMS key that KMS will use to decrypt the ciphertext before it is
@@ -274,6 +274,10 @@ type ReEncryptOutput struct {
 	// The encryption algorithm that was used to reencrypt the data.
 	DestinationEncryptionAlgorithm types.EncryptionAlgorithmSpec
 
+	// The identifier of the key material used to reencrypt the data. This field is
+	// present only when data is reencrypted using a symmetric encryption KMS key.
+	DestinationKeyMaterialId *string
+
 	// The Amazon Resource Name ([key ARN] ) of the KMS key that was used to reencrypt the data.
 	//
 	// [key ARN]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN
@@ -286,6 +290,11 @@ type ReEncryptOutput struct {
 	// Unique identifier of the KMS key used to originally encrypt the data.
 	SourceKeyId *string
 
+	// The identifier of the key material used to originally encrypt the data. This
+	// field is present only when the original encryption used a symmetric encryption
+	// KMS key.
+	SourceKeyMaterialId *string
+
 	// Metadata pertaining to the operation's result.
 	ResultMetadata middleware.Metadata
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ReplicateKey.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ReplicateKey.go
index 3b0c48588e..f896669b94 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ReplicateKey.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ReplicateKey.go
@@ -28,10 +28,11 @@ import (
 // A replica key is a fully-functional KMS key that can be used independently of
 // its primary and peer replica keys. A primary key and its replica keys share
 // properties that make them interoperable. They have the same [key ID]and key material.
-// They also have the same [key spec], [key usage], [key material origin], and [automatic key rotation status]. KMS automatically synchronizes these shared
-// properties among related multi-Region keys. All other properties of a replica
-// key can differ, including its [key policy], [tags], [aliases], and [Key states of KMS keys]. KMS pricing and quotas for KMS keys
-// apply to each primary key and replica key.
+// They also have the same key spec, key usage, key material origin, and automatic
+// key rotation status. KMS automatically synchronizes these shared properties
+// among related multi-Region keys. All other properties of a replica key can
+// differ, including its [key policy], [tags], [aliases], and [key state]. KMS pricing and quotas for KMS keys apply to
+// each primary key and replica key.
 //
 // When this operation completes, the new replica key has a transient key state of
 // Creating . This key state changes to Enabled (or PendingImport ) after a few
@@ -54,8 +55,7 @@ import (
 //
 // If you replicate a multi-Region primary key with imported key material, the
 // replica key is created with no key material. You must import the same key
-// material that you imported into the primary key. For details, see [Importing key material into multi-Region keys]in the Key
-// Management Service Developer Guide.
+// material that you imported into the primary key.
 //
 // To convert a replica key to a primary key, use the UpdatePrimaryRegion operation.
 //
@@ -86,17 +86,13 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [key ID]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id
-// [automatic key rotation status]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html
+// [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html
-// [key usage]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-usage
 // [Multi-Region keys in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
 // [key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [key state]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [tags]: https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html
-// [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
-// [key spec]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-spec
-// [Importing key material into multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-import.html
-// [key material origin]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-origin
 // [shared properties]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html#mrk-sync-properties
 func (c *Client) ReplicateKey(ctx context.Context, params *ReplicateKeyInput, optFns ...func(*Options)) (*ReplicateKeyOutput, error) {
 	if params == nil {
@@ -139,12 +135,6 @@ type ReplicateKeyInput struct {
 	// Web Services Regions in which KMS is supported, see [KMS service endpoints]in the Amazon Web Services
 	// General Reference.
 	//
-	// HMAC KMS keys are not supported in all Amazon Web Services Regions. If you try
-	// to replicate an HMAC KMS key in an Amazon Web Services Region in which HMAC keys
-	// are not supported, the ReplicateKey operation returns an
-	// UnsupportedOperationException . For a list of Regions in which HMAC KMS keys are
-	// supported, see [HMAC keys in KMS]in the Key Management Service Developer Guide.
-	//
 	// The replica must be in a different Amazon Web Services Region than its primary
 	// key and other replicas of that primary key, but in the same Amazon Web Services
 	// partition. KMS must be available in the replica Region. If the Region is not
@@ -156,7 +146,6 @@ type ReplicateKeyInput struct {
 	// [Disabling a Region]: https://docs.aws.amazon.com/general/latest/gr/rande-manage.html#rande-manage-disable
 	// [Enabling a Region]: https://docs.aws.amazon.com/general/latest/gr/rande-manage.html#rande-manage-enable
 	// [KMS service endpoints]: https://docs.aws.amazon.com/general/latest/gr/kms.html#kms_region
-	// [HMAC keys in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
 	// [Amazon Resource Names (ARNs)]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
 	//
 	// This member is required.
@@ -226,7 +215,7 @@ type ReplicateKeyInput struct {
 	// [IAM JSON Policy Reference]in the Identity and Access Management User Guide .
 	//
 	// [Key policies in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html
-	// [default key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default
+	// [default key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html
 	// [IAM JSON Policy Reference]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html
 	// [Default key policy]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key
 	// [Changes that I make are not always immediately visible]: https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency
@@ -255,11 +244,11 @@ type ReplicateKeyInput struct {
 	//
 	// When you add tags to an Amazon Web Services resource, Amazon Web Services
 	// generates a cost allocation report with usage and costs aggregated by tags. Tags
-	// can also be used to control access to a KMS key. For details, see [Tagging Keys].
+	// can also be used to control access to a KMS key. For details, see [Tags in KMS].
 	//
 	// [kms:TagResource]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-	// [Tagging Keys]: https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html
 	// [ABAC for KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/abac.html
+	// [Tags in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html
 	Tags []types.Tag
 
 	noSmithyDocumentSerde
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RetireGrant.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RetireGrant.go
index 4ebab0d26d..353e6fa140 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RetireGrant.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RetireGrant.go
@@ -18,12 +18,11 @@ import (
 // This operation can be called by the retiring principal for a grant, by the
 // grantee principal if the grant allows the RetireGrant operation, and by the
 // Amazon Web Services account in which the grant is created. It can also be called
-// by principals to whom permission for retiring a grant is delegated. For details,
-// see [Retiring and revoking grants]in the Key Management Service Developer Guide.
+// by principals to whom permission for retiring a grant is delegated.
 //
 // For detailed information about grants, including grant terminology, see [Grants in KMS] in the
-// Key Management Service Developer Guide . For examples of working with grants in
-// several programming languages, see [Programming grants].
+// Key Management Service Developer Guide . For examples of creating grants in
+// several programming languages, see [Use CreateGrant with an Amazon Web Services SDK or CLI].
 //
 // Cross-account use: Yes. You can retire a grant on a KMS key in a different
 // Amazon Web Services account.
@@ -44,11 +43,11 @@ import (
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
-// [Programming grants]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html
 // [grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-// [Retiring and revoking grants]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete
+// [Retiring and revoking grants]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-delete.html
 // [Grants in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [Use CreateGrant with an Amazon Web Services SDK or CLI]: https://docs.aws.amazon.com/kms/latest/developerguide/example_kms_CreateGrant_section.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) RetireGrant(ctx context.Context, params *RetireGrantInput, optFns ...func(*Options)) (*RetireGrantOutput, error) {
 	if params == nil {
 		params = &RetireGrantInput{}
@@ -68,10 +67,10 @@ type RetireGrantInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// Identifies the grant to retire. To get the grant ID, use CreateGrant, ListGrants, or ListRetirableGrants.
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RevokeGrant.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RevokeGrant.go
index 242b66d7bd..346d074485 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RevokeGrant.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RevokeGrant.go
@@ -20,8 +20,8 @@ import (
 // Management Service Developer Guide .
 //
 // For detailed information about grants, including grant terminology, see [Grants in KMS] in the
-// Key Management Service Developer Guide . For examples of working with grants in
-// several programming languages, see [Programming grants].
+// Key Management Service Developer Guide . For examples of creating grants in
+// several programming languages, see [Use CreateGrant with an Amazon Web Services SDK or CLI].
 //
 // Cross-account use: Yes. To perform this operation on a KMS key in a different
 // Amazon Web Services account, specify the key ARN in the value of the KeyId
@@ -43,11 +43,11 @@ import (
 // more information, see [KMS eventual consistency].
 //
 // [Eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-eventual-consistency
-// [Programming grants]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html
 // [kms:RevokeGrant]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [Retiring and revoking grants]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete
+// [Retiring and revoking grants]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-delete.html
 // [Grants in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [Use CreateGrant with an Amazon Web Services SDK or CLI]: https://docs.aws.amazon.com/kms/latest/developerguide/example_kms_CreateGrant_section.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) RevokeGrant(ctx context.Context, params *RevokeGrantInput, optFns ...func(*Options)) (*RevokeGrantOutput, error) {
 	if params == nil {
 		params = &RevokeGrantInput{}
@@ -90,10 +90,10 @@ type RevokeGrantInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	noSmithyDocumentSerde
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RotateKeyOnDemand.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RotateKeyOnDemand.go
index abd8c33c04..049f651502 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RotateKeyOnDemand.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_RotateKeyOnDemand.go
@@ -30,9 +30,14 @@ import (
 // monitor rotation of the key material for your KMS keys in CloudTrail and Amazon
 // CloudWatch.
 //
-// On-demand key rotation is supported only on [symmetric encryption KMS keys]. You cannot perform on-demand
-// rotation of [asymmetric KMS keys], [HMAC KMS keys], KMS keys with [imported key material], or KMS keys in a [custom key store]. To perform on-demand
-// rotation of a set of related [multi-Region keys], invoke the on-demand rotation on the primary key.
+// On-demand key rotation is supported only on symmetric encryption KMS keys. You
+// cannot perform on-demand rotation of [asymmetric KMS keys], [HMAC KMS keys], multi-Region KMS keys with [imported key material], or KMS
+// keys in a [custom key store]. When you initiate on-demand key rotation on a symmetric encryption
+// KMS key with imported key material, you must have already imported [new key material]and that key
+// material's state should be PENDING_ROTATION . Use the ListKeyRotations
+// operation to check the state of all key materials associated with a KMS key. To
+// perform on-demand rotation of a set of related [multi-Region keys], invoke the on-demand rotation
+// on the primary key.
 //
 // You cannot initiate on-demand rotation of [Amazon Web Services managed KMS keys]. KMS always rotates the key material
 // of Amazon Web Services managed keys every year. Rotation of [Amazon Web Services owned KMS keys]is managed by the
@@ -54,24 +59,26 @@ import (
 //
 // # GetKeyRotationStatus
 //
+// # ImportKeyMaterial
+//
 // # ListKeyRotations
 //
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
-// [on-demand rotation]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotating-keys-on-demand
+// [new key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-import-key-material.html
+// [on-demand rotation]: https://docs.aws.amazon.com/kms/latest/developerguide/rotating-keys-on-demand.html
 // [Amazon Web Services owned KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
-// [automatic key rotation]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotating-keys-enable-disable
+// [automatic key rotation]: https://docs.aws.amazon.com/kms/latest/developerguide/rotating-keys-enable-disable.html
 // [kms:RotateKeyOnDemand]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#multi-region-rotate
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [imported key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [HMAC KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
 // [Amazon Web Services managed KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
 // [asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
-// [symmetric encryption KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#symmetric-cmks
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 func (c *Client) RotateKeyOnDemand(ctx context.Context, params *RotateKeyOnDemandInput, optFns ...func(*Options)) (*RotateKeyOnDemandOutput, error) {
 	if params == nil {
 		params = &RotateKeyOnDemandInput{}
@@ -90,8 +97,9 @@ func (c *Client) RotateKeyOnDemand(ctx context.Context, params *RotateKeyOnDeman
 type RotateKeyOnDemandInput struct {
 
 	// Identifies a symmetric encryption KMS key. You cannot perform on-demand
-	// rotation of [asymmetric KMS keys], [HMAC KMS keys], KMS keys with [imported key material], or KMS keys in a [custom key store]. To perform on-demand
-	// rotation of a set of related [multi-Region keys], invoke the on-demand rotation on the primary key.
+	// rotation of [asymmetric KMS keys], [HMAC KMS keys], multi-Region KMS keys with [imported key material], or KMS keys in a [custom key store]. To perform
+	// on-demand rotation of a set of related [multi-Region keys], invoke the on-demand rotation on the
+	// primary key.
 	//
 	// Specify the key ID or key ARN of the KMS key.
 	//
@@ -107,8 +115,8 @@ type RotateKeyOnDemandInput struct {
 	// [imported key material]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
 	// [HMAC KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
 	// [asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
-	// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate
-	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+	// [multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#multi-region-rotate
+	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 	//
 	// This member is required.
 	KeyId *string
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ScheduleKeyDeletion.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ScheduleKeyDeletion.go
index 9d6d8abbfd..2d3bba4545 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ScheduleKeyDeletion.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_ScheduleKeyDeletion.go
@@ -23,7 +23,7 @@ import (
 //
 // Deleting a KMS key is a destructive and potentially dangerous operation. When a
 // KMS key is deleted, all data that was encrypted under the KMS key is
-// unrecoverable. (The only exception is a [multi-Region replica key], or an asymmetric or HMAC KMS key with imported key material.) To prevent the use of a KMS
+// unrecoverable. (The only exception is a [multi-Region replica key], or an [asymmetric or HMAC KMS key with imported key material].) To prevent the use of a KMS
 // key without deleting it, use DisableKey.
 //
 // You can schedule the deletion of a multi-Region primary key and its replica
@@ -67,12 +67,13 @@ import (
 //
 // [delete the orphaned key material]: https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
-// [Deleting a KMS key from an external key store]: https://docs.aws.amazon.com/kms/latest/developerguide/delete-xks-key.html
-// [Deleting multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html
+// [Deleting a KMS key from an external key store]: https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html#delete-xks-key
+// [Deleting multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html#deleting-mrks
 // [Deleting KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html
 // [multi-Region replica key]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
-// [deletes a KMS key from an CloudHSM key store]: https://docs.aws.amazon.com/kms/latest/developerguide/delete-cmk-keystore.html
+// [asymmetric or HMAC KMS key with imported key material]: https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html#import-delete-key
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
+// [deletes a KMS key from an CloudHSM key store]: https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html#delete-cmk-keystore
 func (c *Client) ScheduleKeyDeletion(ctx context.Context, params *ScheduleKeyDeletionInput, optFns ...func(*Options)) (*ScheduleKeyDeletionOutput, error) {
 	if params == nil {
 		params = &ScheduleKeyDeletionInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Sign.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Sign.go
index 506e0902bd..72f9af4068 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Sign.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Sign.go
@@ -17,10 +17,11 @@ import (
 // about asymmetric KMS keys, see [Asymmetric KMS keys]in the Key Management Service Developer Guide.
 //
 // Digital signatures are generated and verified by using asymmetric key pair,
-// such as an RSA or ECC pair that is represented by an asymmetric KMS key. The key
-// owner (or an authorized user) uses their private key to sign a message. Anyone
-// with the public key can verify that the message was signed with that particular
-// private key and that the message hasn't changed since it was signed.
+// such as an RSA, ECC, or ML-DSA pair that is represented by an asymmetric KMS
+// key. The key owner (or an authorized user) uses their private key to sign a
+// message. Anyone with the public key can verify that the message was signed with
+// that particular private key and that the message hasn't changed since it was
+// signed.
 //
 // To use the Sign operation, provide the following information:
 //
@@ -31,8 +32,8 @@ import (
 //   - Use the Message parameter to specify the message or message digest to sign.
 //     You can submit messages of up to 4096 bytes. To sign a larger message, generate
 //     a hash digest of the message, and then provide the hash digest in the Message
-//     parameter. To indicate whether the message is a full message or a digest, use
-//     the MessageType parameter.
+//     parameter. To indicate whether the message is a full message, a digest, or an
+//     ML-DSA EXTERNAL_MU, use the MessageType parameter.
 //
 //   - Choose a signing algorithm that is compatible with the KMS key.
 //
@@ -67,7 +68,7 @@ import (
 // [digital signature]: https://en.wikipedia.org/wiki/Digital_signature
 // [Asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
 // [kms:Sign]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) Sign(ctx context.Context, params *SignInput, optFns ...func(*Options)) (*SignOutput, error) {
 	if params == nil {
 		params = &SignInput{}
@@ -131,10 +132,10 @@ type SignInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// A list of grant tokens.
@@ -144,29 +145,35 @@ type SignInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	// Tells KMS whether the value of the Message parameter should be hashed as part
 	// of the signing algorithm. Use RAW for unhashed messages; use DIGEST for message
-	// digests, which are already hashed.
+	// digests, which are already hashed; use EXTERNAL_MU for 64-byte representative μ
+	// used in ML-DSA signing as defined in NIST FIPS 204 Section 6.2.
 	//
 	// When the value of MessageType is RAW , KMS uses the standard signing algorithm,
 	// which begins with a hash function. When the value is DIGEST , KMS skips the
-	// hashing step in the signing algorithm.
+	// hashing step in the signing algorithm. When the value is EXTERNAL_MU KMS skips
+	// the concatenated hashing of the public key hash and the message done in the
+	// ML-DSA signing algorithm.
 	//
-	// Use the DIGEST value only when the value of the Message parameter is a message
-	// digest. If you use the DIGEST value with an unhashed message, the security of
-	// the signing operation can be compromised.
+	// Use the DIGEST or EXTERNAL_MU value only when the value of the Message
+	// parameter is a message digest. If you use the DIGEST value with an unhashed
+	// message, the security of the signing operation can be compromised.
 	//
 	// When the value of MessageType is DIGEST , the length of the Message value must
 	// match the length of hashed messages for the specified signing algorithm.
 	//
+	// When the value of MessageType is EXTERNAL_MU the length of the Message value
+	// must be 64 bytes.
+	//
 	// You can submit a message digest and omit the MessageType or specify RAW so the
 	// digest is hashed again while signing. However, this can cause verification
 	// failures when verifying with a system that assumes a single hash.
 	//
-	// The hashing algorithm in that Sign uses is based on the SigningAlgorithm value.
+	// The hashing algorithm that Sign uses is based on the SigningAlgorithm value.
 	//
 	//   - Signing algorithms that end in SHA_256 use the SHA_256 hashing algorithm.
 	//
@@ -174,9 +181,12 @@ type SignInput struct {
 	//
 	//   - Signing algorithms that end in SHA_512 use the SHA_512 hashing algorithm.
 	//
+	//   - Signing algorithms that end in SHAKE_256 use the SHAKE_256 hashing
+	//   algorithm.
+	//
 	//   - SM2DSA uses the SM3 hashing algorithm. For details, see [Offline verification with SM2 key pairs].
 	//
-	// [Offline verification with SM2 key pairs]: https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-sm-offline-verification
+	// [Offline verification with SM2 key pairs]: https://docs.aws.amazon.com/kms/latest/developerguide/offline-operations.html#key-spec-sm-offline-verification
 	MessageType types.MessageType
 
 	noSmithyDocumentSerde
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_TagResource.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_TagResource.go
index 713bf6f2dd..6a9d0dbbaa 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_TagResource.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_TagResource.go
@@ -55,11 +55,11 @@ import (
 // [kms:TagResource]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
 // [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
 // [Tagging keys]: https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html
-// [alias]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#alias-concept
+// [alias]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html
 // [ABAC for KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/abac.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [Amazon Web Services managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
-// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#keystore-concept
+// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 // [Tagging Amazon Web Services resources]: https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html
 func (c *Client) TagResource(ctx context.Context, params *TagResourceInput, optFns ...func(*Options)) (*TagResourceOutput, error) {
 	if params == nil {
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UntagResource.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UntagResource.go
index 62f7ff4038..3396eab1b3 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UntagResource.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UntagResource.go
@@ -50,7 +50,7 @@ import (
 // [customer managed key]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk
 // [Tagging keys]: https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html
 // [ABAC for KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/abac.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [Tagging Amazon Web Services resources]: https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html
 func (c *Client) UntagResource(ctx context.Context, params *UntagResourceInput, optFns ...func(*Options)) (*UntagResourceOutput, error) {
 	if params == nil {
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateAlias.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateAlias.go
index 90c763062a..041d8fdc6e 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateAlias.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateAlias.go
@@ -65,7 +65,7 @@ import (
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [ABAC for KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/abac.html
 // [kms:UpdateAlias]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [Controlling access to aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access
 func (c *Client) UpdateAlias(ctx context.Context, params *UpdateAliasInput, optFns ...func(*Options)) (*UpdateAliasOutput, error) {
 	if params == nil {
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateCustomKeyStore.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateCustomKeyStore.go
index 0e10b4421d..caf5e0aced 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateCustomKeyStore.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateCustomKeyStore.go
@@ -19,9 +19,9 @@ import (
 // does not return any property values. To verify the updated property values, use
 // the DescribeCustomKeyStoresoperation.
 //
-// This operation is part of the [custom key stores] feature in KMS, which combines the convenience
-// and extensive integration of KMS with the isolation and control of a key store
-// that you own and manage.
+// This operation is part of the custom key stores feature in KMS, which combines
+// the convenience and extensive integration of KMS with the isolation and control
+// of a key store that you own and manage.
 //
 // When updating the properties of an external key store, verify that the updated
 // settings connect your key store, via the external key store proxy, to the same
@@ -95,9 +95,8 @@ import (
 // Eventual consistency: The KMS API follows an eventual consistency model. For
 // more information, see [KMS eventual consistency].
 //
-// [custom key stores]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
 // [kms:UpdateCustomKeyStore]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) UpdateCustomKeyStore(ctx context.Context, params *UpdateCustomKeyStoreInput, optFns ...func(*Options)) (*UpdateCustomKeyStoreOutput, error) {
 	if params == nil {
 		params = &UpdateCustomKeyStoreInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateKeyDescription.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateKeyDescription.go
index 925fd0cd9c..9fb225c3bc 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateKeyDescription.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdateKeyDescription.go
@@ -32,7 +32,7 @@ import (
 //
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [kms:UpdateKeyDescription]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) UpdateKeyDescription(ctx context.Context, params *UpdateKeyDescriptionInput, optFns ...func(*Options)) (*UpdateKeyDescriptionOutput, error) {
 	if params == nil {
 		params = &UpdateKeyDescriptionInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdatePrimaryRegion.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdatePrimaryRegion.go
index d44b70592c..0064f84298 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdatePrimaryRegion.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_UpdatePrimaryRegion.go
@@ -17,7 +17,7 @@ import (
 // have a primary key in us-east-1 and a replica key in eu-west-2 . If you run
 // UpdatePrimaryRegion with a PrimaryRegion value of eu-west-2 , the primary key is
 // now the key in eu-west-2 , and the key in us-east-1 becomes a replica key. For
-// details, see [Updating the primary Region]in the Key Management Service Developer Guide.
+// details, see [Change the primary key in a set of multi-Region keys]in the Key Management Service Developer Guide.
 //
 // This operation supports multi-Region keys, an KMS feature that lets you create
 // multiple interoperable KMS keys in different Amazon Web Services Regions.
@@ -78,13 +78,13 @@ import (
 // [key ID]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [delete the primary key]: https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html
+// [Change the primary key in a set of multi-Region keys]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-update.html
 // [key usage]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-usage
-// [Updating the primary Region]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-update
 // [Multi-Region keys in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
 // [key spec]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-spec
 // [key material origin]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-origin
 // [automatic key rotation]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) UpdatePrimaryRegion(ctx context.Context, params *UpdatePrimaryRegionInput, optFns ...func(*Options)) (*UpdatePrimaryRegionOutput, error) {
 	if params == nil {
 		params = &UpdatePrimaryRegionInput{}
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Verify.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Verify.go
index b521f2350a..1a82529a13 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Verify.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_Verify.go
@@ -59,9 +59,9 @@ import (
 //
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [Asymmetric KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
-// [Offline verification with SM2 key pairs]: https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-sm-offline-verification
+// [Offline verification with SM2 key pairs]: https://docs.aws.amazon.com/kms/latest/developerguide/offline-operations.html#key-spec-sm-offline-verification
 // [kms:Verify]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 func (c *Client) Verify(ctx context.Context, params *VerifyInput, optFns ...func(*Options)) (*VerifyOutput, error) {
 	if params == nil {
 		params = &VerifyInput{}
@@ -128,10 +128,10 @@ type VerifyInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// A list of grant tokens.
@@ -141,31 +141,36 @@ type VerifyInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	// Tells KMS whether the value of the Message parameter should be hashed as part
 	// of the signing algorithm. Use RAW for unhashed messages; use DIGEST for message
-	// digests, which are already hashed.
+	// digests, which are already hashed; use EXTERNAL_MU for 64-byte representative μ
+	// used in ML-DSA signing as defined in NIST FIPS 204 Section 6.2.
 	//
 	// When the value of MessageType is RAW , KMS uses the standard signing algorithm,
 	// which begins with a hash function. When the value is DIGEST , KMS skips the
-	// hashing step in the signing algorithm.
+	// hashing step in the signing algorithm. When the value is EXTERNAL_MU KMS skips
+	// the concatenated hashing of the public key hash and the message done in the
+	// ML-DSA signing algorithm.
 	//
-	// Use the DIGEST value only when the value of the Message parameter is a message
-	// digest. If you use the DIGEST value with an unhashed message, the security of
-	// the verification operation can be compromised.
+	// Use the DIGEST or EXTERNAL_MU value only when the value of the Message
+	// parameter is a message digest. If you use the DIGEST value with an unhashed
+	// message, the security of the signing operation can be compromised.
 	//
 	// When the value of MessageType is DIGEST , the length of the Message value must
 	// match the length of hashed messages for the specified signing algorithm.
 	//
+	// When the value of MessageType is EXTERNAL_MU the length of the Message value
+	// must be 64 bytes.
+	//
 	// You can submit a message digest and omit the MessageType or specify RAW so the
 	// digest is hashed again while signing. However, if the signed message is hashed
 	// once while signing, but twice while verifying, verification fails, even when the
 	// message hasn't changed.
 	//
-	// The hashing algorithm in that Verify uses is based on the SigningAlgorithm
-	// value.
+	// The hashing algorithm that Verify uses is based on the SigningAlgorithm value.
 	//
 	//   - Signing algorithms that end in SHA_256 use the SHA_256 hashing algorithm.
 	//
@@ -173,9 +178,12 @@ type VerifyInput struct {
 	//
 	//   - Signing algorithms that end in SHA_512 use the SHA_512 hashing algorithm.
 	//
+	//   - Signing algorithms that end in SHAKE_256 use the SHAKE_256 hashing
+	//   algorithm.
+	//
 	//   - SM2DSA uses the SM3 hashing algorithm. For details, see [Offline verification with SM2 key pairs].
 	//
-	// [Offline verification with SM2 key pairs]: https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-sm-offline-verification
+	// [Offline verification with SM2 key pairs]: https://docs.aws.amazon.com/kms/latest/developerguide/offline-operations.html#key-spec-sm-offline-verification
 	MessageType types.MessageType
 
 	noSmithyDocumentSerde
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_VerifyMac.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_VerifyMac.go
index 2eab7e11c5..42a3447ef6 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_VerifyMac.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/api_op_VerifyMac.go
@@ -42,7 +42,7 @@ import (
 // [Key states of KMS keys]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
 // [RFC 2104]: https://datatracker.ietf.org/doc/html/rfc2104
 // [kms:VerifyMac]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
-// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+// [KMS eventual consistency]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
 // [HMAC keys in KMS]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
 func (c *Client) VerifyMac(ctx context.Context, params *VerifyMacInput, optFns ...func(*Options)) (*VerifyMacOutput, error) {
 	if params == nil {
@@ -95,10 +95,10 @@ type VerifyMacInput struct {
 
 	// Checks if your request will succeed. DryRun is an optional parameter.
 	//
-	// To learn more about how to use this parameter, see [Testing your KMS API calls] in the Key Management
+	// To learn more about how to use this parameter, see [Testing your permissions] in the Key Management
 	// Service Developer Guide.
 	//
-	// [Testing your KMS API calls]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-dryrun.html
+	// [Testing your permissions]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
 	DryRun *bool
 
 	// A list of grant tokens.
@@ -108,7 +108,7 @@ type VerifyMacInput struct {
 	// and [Using a grant token]in the Key Management Service Developer Guide.
 	//
 	// [Grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token
-	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token
+	// [Using a grant token]: https://docs.aws.amazon.com/kms/latest/developerguide/using-grant-token.html
 	GrantTokens []string
 
 	noSmithyDocumentSerde
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/deserializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/deserializers.go
index 4a408e0fff..1008c7e239 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/deserializers.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/deserializers.go
@@ -1214,10 +1214,32 @@ func (m *awsAwsjson11_deserializeOpDeleteImportedKeyMaterial) HandleDeserialize(
 	output := &DeleteImportedKeyMaterialOutput{}
 	out.Result = output
 
-	if _, err = io.Copy(ioutil.Discard, response.Body); err != nil {
-		return out, metadata, &smithy.DeserializationError{
-			Err: fmt.Errorf("failed to discard response body, %w", err),
+	var buff [1024]byte
+	ringBuffer := smithyio.NewRingBuffer(buff[:])
+
+	body := io.TeeReader(response.Body, ringBuffer)
+	decoder := json.NewDecoder(body)
+	decoder.UseNumber()
+	var shape interface{}
+	if err := decoder.Decode(&shape); err != nil && err != io.EOF {
+		var snapshot bytes.Buffer
+		io.Copy(&snapshot, ringBuffer)
+		err = &smithy.DeserializationError{
+			Err:      fmt.Errorf("failed to decode response body, %w", err),
+			Snapshot: snapshot.Bytes(),
+		}
+		return out, metadata, err
+	}
+
+	err = awsAwsjson11_deserializeOpDocumentDeleteImportedKeyMaterialOutput(&output, shape)
+	if err != nil {
+		var snapshot bytes.Buffer
+		io.Copy(&snapshot, ringBuffer)
+		err = &smithy.DeserializationError{
+			Err:      fmt.Errorf("failed to decode response body, %w", err),
+			Snapshot: snapshot.Bytes(),
 		}
+		return out, metadata, err
 	}
 
 	return out, metadata, err
@@ -10057,6 +10079,15 @@ func awsAwsjson11_deserializeDocumentKeyMetadata(v **types.KeyMetadata, value in
 				}
 			}
 
+		case "CurrentKeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdType to be of type string, got %T instead", value)
+				}
+				sv.CurrentKeyMaterialId = ptr.String(jtv)
+			}
+
 		case "CustomerMasterKeySpec":
 			if value != nil {
 				jtv, ok := value.(string)
@@ -10830,6 +10861,24 @@ func awsAwsjson11_deserializeDocumentRotationsListEntry(v **types.RotationsListE
 
 	for key, value := range shape {
 		switch key {
+		case "ExpirationModel":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected ExpirationModelType to be of type string, got %T instead", value)
+				}
+				sv.ExpirationModel = types.ExpirationModelType(jtv)
+			}
+
+		case "ImportState":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected ImportState to be of type string, got %T instead", value)
+				}
+				sv.ImportState = types.ImportState(jtv)
+			}
+
 		case "KeyId":
 			if value != nil {
 				jtv, ok := value.(string)
@@ -10839,6 +10888,33 @@ func awsAwsjson11_deserializeDocumentRotationsListEntry(v **types.RotationsListE
 				sv.KeyId = ptr.String(jtv)
 			}
 
+		case "KeyMaterialDescription":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected KeyMaterialDescriptionType to be of type string, got %T instead", value)
+				}
+				sv.KeyMaterialDescription = ptr.String(jtv)
+			}
+
+		case "KeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdType to be of type string, got %T instead", value)
+				}
+				sv.KeyMaterialId = ptr.String(jtv)
+			}
+
+		case "KeyMaterialState":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected KeyMaterialState to be of type string, got %T instead", value)
+				}
+				sv.KeyMaterialState = types.KeyMaterialState(jtv)
+			}
+
 		case "RotationDate":
 			if value != nil {
 				switch jtv := value.(type) {
@@ -10864,6 +10940,22 @@ func awsAwsjson11_deserializeDocumentRotationsListEntry(v **types.RotationsListE
 				sv.RotationType = types.RotationType(jtv)
 			}
 
+		case "ValidTo":
+			if value != nil {
+				switch jtv := value.(type) {
+				case json.Number:
+					f64, err := jtv.Float64()
+					if err != nil {
+						return err
+					}
+					sv.ValidTo = ptr.Time(smithytime.ParseEpochSeconds(f64))
+
+				default:
+					return fmt.Errorf("expected DateType to be a JSON Number, got %T instead", value)
+
+				}
+			}
+
 		default:
 			_, _ = key, value
 
@@ -11917,6 +12009,15 @@ func awsAwsjson11_deserializeOpDocumentDecryptOutput(v **DecryptOutput, value in
 				sv.KeyId = ptr.String(jtv)
 			}
 
+		case "KeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdType to be of type string, got %T instead", value)
+				}
+				sv.KeyMaterialId = ptr.String(jtv)
+			}
+
 		case "Plaintext":
 			if value != nil {
 				jtv, ok := value.(string)
@@ -11970,6 +12071,55 @@ func awsAwsjson11_deserializeOpDocumentDeleteCustomKeyStoreOutput(v **DeleteCust
 	return nil
 }
 
+func awsAwsjson11_deserializeOpDocumentDeleteImportedKeyMaterialOutput(v **DeleteImportedKeyMaterialOutput, value interface{}) error {
+	if v == nil {
+		return fmt.Errorf("unexpected nil of type %T", v)
+	}
+	if value == nil {
+		return nil
+	}
+
+	shape, ok := value.(map[string]interface{})
+	if !ok {
+		return fmt.Errorf("unexpected JSON type %v", value)
+	}
+
+	var sv *DeleteImportedKeyMaterialOutput
+	if *v == nil {
+		sv = &DeleteImportedKeyMaterialOutput{}
+	} else {
+		sv = *v
+	}
+
+	for key, value := range shape {
+		switch key {
+		case "KeyId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected KeyIdType to be of type string, got %T instead", value)
+				}
+				sv.KeyId = ptr.String(jtv)
+			}
+
+		case "KeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdResponseType to be of type string, got %T instead", value)
+				}
+				sv.KeyMaterialId = ptr.String(jtv)
+			}
+
+		default:
+			_, _ = key, value
+
+		}
+	}
+	*v = sv
+	return nil
+}
+
 func awsAwsjson11_deserializeOpDocumentDeriveSharedSecretOutput(v **DeriveSharedSecretOutput, value interface{}) error {
 	if v == nil {
 		return fmt.Errorf("unexpected nil of type %T", v)
@@ -12294,6 +12444,15 @@ func awsAwsjson11_deserializeOpDocumentGenerateDataKeyOutput(v **GenerateDataKey
 				sv.KeyId = ptr.String(jtv)
 			}
 
+		case "KeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdType to be of type string, got %T instead", value)
+				}
+				sv.KeyMaterialId = ptr.String(jtv)
+			}
+
 		case "Plaintext":
 			if value != nil {
 				jtv, ok := value.(string)
@@ -12360,6 +12519,15 @@ func awsAwsjson11_deserializeOpDocumentGenerateDataKeyPairOutput(v **GenerateDat
 				sv.KeyId = ptr.String(jtv)
 			}
 
+		case "KeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdType to be of type string, got %T instead", value)
+				}
+				sv.KeyMaterialId = ptr.String(jtv)
+			}
+
 		case "KeyPairSpec":
 			if value != nil {
 				jtv, ok := value.(string)
@@ -12448,6 +12616,15 @@ func awsAwsjson11_deserializeOpDocumentGenerateDataKeyPairWithoutPlaintextOutput
 				sv.KeyId = ptr.String(jtv)
 			}
 
+		case "KeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdType to be of type string, got %T instead", value)
+				}
+				sv.KeyMaterialId = ptr.String(jtv)
+			}
+
 		case "KeyPairSpec":
 			if value != nil {
 				jtv, ok := value.(string)
@@ -12536,6 +12713,15 @@ func awsAwsjson11_deserializeOpDocumentGenerateDataKeyWithoutPlaintextOutput(v *
 				sv.KeyId = ptr.String(jtv)
 			}
 
+		case "KeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdType to be of type string, got %T instead", value)
+				}
+				sv.KeyMaterialId = ptr.String(jtv)
+			}
+
 		default:
 			_, _ = key, value
 
@@ -13006,6 +13192,24 @@ func awsAwsjson11_deserializeOpDocumentImportKeyMaterialOutput(v **ImportKeyMate
 
 	for key, value := range shape {
 		switch key {
+		case "KeyId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected KeyIdType to be of type string, got %T instead", value)
+				}
+				sv.KeyId = ptr.String(jtv)
+			}
+
+		case "KeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdType to be of type string, got %T instead", value)
+				}
+				sv.KeyMaterialId = ptr.String(jtv)
+			}
+
 		default:
 			_, _ = key, value
 
@@ -13437,6 +13641,15 @@ func awsAwsjson11_deserializeOpDocumentReEncryptOutput(v **ReEncryptOutput, valu
 				sv.DestinationEncryptionAlgorithm = types.EncryptionAlgorithmSpec(jtv)
 			}
 
+		case "DestinationKeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdType to be of type string, got %T instead", value)
+				}
+				sv.DestinationKeyMaterialId = ptr.String(jtv)
+			}
+
 		case "KeyId":
 			if value != nil {
 				jtv, ok := value.(string)
@@ -13464,6 +13677,15 @@ func awsAwsjson11_deserializeOpDocumentReEncryptOutput(v **ReEncryptOutput, valu
 				sv.SourceKeyId = ptr.String(jtv)
 			}
 
+		case "SourceKeyMaterialId":
+			if value != nil {
+				jtv, ok := value.(string)
+				if !ok {
+					return fmt.Errorf("expected BackingKeyIdType to be of type string, got %T instead", value)
+				}
+				sv.SourceKeyMaterialId = ptr.String(jtv)
+			}
+
 		default:
 			_, _ = key, value
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/go_module_metadata.go
index 20c24d766a..4d79124866 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/go_module_metadata.go
@@ -3,4 +3,4 @@
 package kms
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.38.1"
+const goModuleVersion = "1.41.0"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/internal/endpoints/endpoints.go
index f8eccac0b9..ed69fe866b 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/internal/endpoints/endpoints.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/internal/endpoints/endpoints.go
@@ -87,6 +87,7 @@ func New() *Resolver {
 var partitionRegexp = struct {
 	Aws      *regexp.Regexp
 	AwsCn    *regexp.Regexp
+	AwsEusc  *regexp.Regexp
 	AwsIso   *regexp.Regexp
 	AwsIsoB  *regexp.Regexp
 	AwsIsoE  *regexp.Regexp
@@ -96,6 +97,7 @@ var partitionRegexp = struct {
 
 	Aws:      regexp.MustCompile("^(us|eu|ap|sa|ca|me|af|il|mx)\\-\\w+\\-\\d+$"),
 	AwsCn:    regexp.MustCompile("^cn\\-\\w+\\-\\d+$"),
+	AwsEusc:  regexp.MustCompile("^eusc\\-(de)\\-\\w+\\-\\d+$"),
 	AwsIso:   regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"),
 	AwsIsoB:  regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"),
 	AwsIsoE:  regexp.MustCompile("^eu\\-isoe\\-\\w+\\-\\d+$"),
@@ -184,6 +186,9 @@ var defaultPartitions = endpoints.Partitions{
 				},
 				Deprecated: aws.TrueTernary,
 			},
+			endpoints.EndpointKey{
+				Region: "ap-east-2",
+			}: endpoints.Endpoint{},
 			endpoints.EndpointKey{
 				Region: "ap-northeast-1",
 			}: endpoints.Endpoint{},
@@ -769,6 +774,27 @@ var defaultPartitions = endpoints.Partitions{
 			}: endpoints.Endpoint{},
 		},
 	},
+	{
+		ID: "aws-eusc",
+		Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+			{
+				Variant: endpoints.FIPSVariant,
+			}: {
+				Hostname:          "kms-fips.{region}.amazonaws.eu",
+				Protocols:         []string{"https"},
+				SignatureVersions: []string{"v4"},
+			},
+			{
+				Variant: 0,
+			}: {
+				Hostname:          "kms.{region}.amazonaws.eu",
+				Protocols:         []string{"https"},
+				SignatureVersions: []string{"v4"},
+			},
+		},
+		RegionRegex:    partitionRegexp.AwsEusc,
+		IsRegionalized: true,
+	},
 	{
 		ID: "aws-iso",
 		Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
@@ -907,6 +933,35 @@ var defaultPartitions = endpoints.Partitions{
 		},
 		RegionRegex:    partitionRegexp.AwsIsoE,
 		IsRegionalized: true,
+		Endpoints: endpoints.Endpoints{
+			endpoints.EndpointKey{
+				Region: "ProdFips",
+			}: endpoints.Endpoint{
+				Hostname: "kms-fips.eu-isoe-west-1.cloud.adc-e.uk",
+				CredentialScope: endpoints.CredentialScope{
+					Region: "eu-isoe-west-1",
+				},
+				Deprecated: aws.TrueTernary,
+			},
+			endpoints.EndpointKey{
+				Region: "eu-isoe-west-1",
+			}: endpoints.Endpoint{},
+			endpoints.EndpointKey{
+				Region:  "eu-isoe-west-1",
+				Variant: endpoints.FIPSVariant,
+			}: {
+				Hostname: "kms-fips.eu-isoe-west-1.cloud.adc-e.uk",
+			},
+			endpoints.EndpointKey{
+				Region: "eu-isoe-west-1-fips",
+			}: endpoints.Endpoint{
+				Hostname: "kms-fips.eu-isoe-west-1.cloud.adc-e.uk",
+				CredentialScope: endpoints.CredentialScope{
+					Region: "eu-isoe-west-1",
+				},
+				Deprecated: aws.TrueTernary,
+			},
+		},
 	},
 	{
 		ID: "aws-iso-f",
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/serializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/serializers.go
index 1f9dabb9c0..348a4d747c 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/serializers.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/serializers.go
@@ -3676,6 +3676,11 @@ func awsAwsjson11_serializeOpDocumentDeleteImportedKeyMaterialInput(v *DeleteImp
 		ok.String(*v.KeyId)
 	}
 
+	if v.KeyMaterialId != nil {
+		ok := object.Key("KeyMaterialId")
+		ok.String(*v.KeyMaterialId)
+	}
+
 	return nil
 }
 
@@ -4187,11 +4192,26 @@ func awsAwsjson11_serializeOpDocumentImportKeyMaterialInput(v *ImportKeyMaterial
 		ok.Base64EncodeBytes(v.ImportToken)
 	}
 
+	if len(v.ImportType) > 0 {
+		ok := object.Key("ImportType")
+		ok.String(string(v.ImportType))
+	}
+
 	if v.KeyId != nil {
 		ok := object.Key("KeyId")
 		ok.String(*v.KeyId)
 	}
 
+	if v.KeyMaterialDescription != nil {
+		ok := object.Key("KeyMaterialDescription")
+		ok.String(*v.KeyMaterialDescription)
+	}
+
+	if v.KeyMaterialId != nil {
+		ok := object.Key("KeyMaterialId")
+		ok.String(*v.KeyMaterialId)
+	}
+
 	if v.ValidTo != nil {
 		ok := object.Key("ValidTo")
 		ok.Double(smithytime.FormatEpochSeconds(*v.ValidTo))
@@ -4280,6 +4300,11 @@ func awsAwsjson11_serializeOpDocumentListKeyRotationsInput(v *ListKeyRotationsIn
 	object := value.Object()
 	defer object.Close()
 
+	if len(v.IncludeKeyMaterial) > 0 {
+		ok := object.Key("IncludeKeyMaterial")
+		ok.String(string(v.IncludeKeyMaterial))
+	}
+
 	if v.KeyId != nil {
 		ok := object.Key("KeyId")
 		ok.String(*v.KeyId)
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/enums.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/enums.go
index 9c111656d7..094ff4b978 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/enums.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/enums.go
@@ -306,6 +306,63 @@ func (GrantOperation) Values() []GrantOperation {
 	}
 }
 
+type ImportState string
+
+// Enum values for ImportState
+const (
+	ImportStateImported      ImportState = "IMPORTED"
+	ImportStatePendingImport ImportState = "PENDING_IMPORT"
+)
+
+// Values returns all known values for ImportState. Note that this can be expanded
+// in the future, and so it is only as up to date as the client.
+//
+// The ordering of this slice is not guaranteed to be stable across updates.
+func (ImportState) Values() []ImportState {
+	return []ImportState{
+		"IMPORTED",
+		"PENDING_IMPORT",
+	}
+}
+
+type ImportType string
+
+// Enum values for ImportType
+const (
+	ImportTypeNewKeyMaterial      ImportType = "NEW_KEY_MATERIAL"
+	ImportTypeExistingKeyMaterial ImportType = "EXISTING_KEY_MATERIAL"
+)
+
+// Values returns all known values for ImportType. Note that this can be expanded
+// in the future, and so it is only as up to date as the client.
+//
+// The ordering of this slice is not guaranteed to be stable across updates.
+func (ImportType) Values() []ImportType {
+	return []ImportType{
+		"NEW_KEY_MATERIAL",
+		"EXISTING_KEY_MATERIAL",
+	}
+}
+
+type IncludeKeyMaterial string
+
+// Enum values for IncludeKeyMaterial
+const (
+	IncludeKeyMaterialAllKeyMaterial IncludeKeyMaterial = "ALL_KEY_MATERIAL"
+	IncludeKeyMaterialRotationsOnly  IncludeKeyMaterial = "ROTATIONS_ONLY"
+)
+
+// Values returns all known values for IncludeKeyMaterial. Note that this can be
+// expanded in the future, and so it is only as up to date as the client.
+//
+// The ordering of this slice is not guaranteed to be stable across updates.
+func (IncludeKeyMaterial) Values() []IncludeKeyMaterial {
+	return []IncludeKeyMaterial{
+		"ALL_KEY_MATERIAL",
+		"ROTATIONS_ONLY",
+	}
+}
+
 type KeyAgreementAlgorithmSpec string
 
 // Enum values for KeyAgreementAlgorithmSpec
@@ -359,6 +416,27 @@ func (KeyManagerType) Values() []KeyManagerType {
 	}
 }
 
+type KeyMaterialState string
+
+// Enum values for KeyMaterialState
+const (
+	KeyMaterialStateNonCurrent      KeyMaterialState = "NON_CURRENT"
+	KeyMaterialStateCurrent         KeyMaterialState = "CURRENT"
+	KeyMaterialStatePendingRotation KeyMaterialState = "PENDING_ROTATION"
+)
+
+// Values returns all known values for KeyMaterialState. Note that this can be
+// expanded in the future, and so it is only as up to date as the client.
+//
+// The ordering of this slice is not guaranteed to be stable across updates.
+func (KeyMaterialState) Values() []KeyMaterialState {
+	return []KeyMaterialState{
+		"NON_CURRENT",
+		"CURRENT",
+		"PENDING_ROTATION",
+	}
+}
+
 type KeySpec string
 
 // Enum values for KeySpec
@@ -376,6 +454,9 @@ const (
 	KeySpecHmac384          KeySpec = "HMAC_384"
 	KeySpecHmac512          KeySpec = "HMAC_512"
 	KeySpecSm2              KeySpec = "SM2"
+	KeySpecMlDsa44          KeySpec = "ML_DSA_44"
+	KeySpecMlDsa65          KeySpec = "ML_DSA_65"
+	KeySpecMlDsa87          KeySpec = "ML_DSA_87"
 )
 
 // Values returns all known values for KeySpec. Note that this can be expanded in
@@ -397,6 +478,9 @@ func (KeySpec) Values() []KeySpec {
 		"HMAC_384",
 		"HMAC_512",
 		"SM2",
+		"ML_DSA_44",
+		"ML_DSA_65",
+		"ML_DSA_87",
 	}
 }
 
@@ -481,8 +565,9 @@ type MessageType string
 
 // Enum values for MessageType
 const (
-	MessageTypeRaw    MessageType = "RAW"
-	MessageTypeDigest MessageType = "DIGEST"
+	MessageTypeRaw        MessageType = "RAW"
+	MessageTypeDigest     MessageType = "DIGEST"
+	MessageTypeExternalMu MessageType = "EXTERNAL_MU"
 )
 
 // Values returns all known values for MessageType. Note that this can be expanded
@@ -493,6 +578,7 @@ func (MessageType) Values() []MessageType {
 	return []MessageType{
 		"RAW",
 		"DIGEST",
+		"EXTERNAL_MU",
 	}
 }
 
@@ -571,6 +657,7 @@ const (
 	SigningAlgorithmSpecEcdsaSha384          SigningAlgorithmSpec = "ECDSA_SHA_384"
 	SigningAlgorithmSpecEcdsaSha512          SigningAlgorithmSpec = "ECDSA_SHA_512"
 	SigningAlgorithmSpecSm2dsa               SigningAlgorithmSpec = "SM2DSA"
+	SigningAlgorithmSpecMlDsaShake256        SigningAlgorithmSpec = "ML_DSA_SHAKE_256"
 )
 
 // Values returns all known values for SigningAlgorithmSpec. Note that this can be
@@ -589,6 +676,7 @@ func (SigningAlgorithmSpec) Values() []SigningAlgorithmSpec {
 		"ECDSA_SHA_384",
 		"ECDSA_SHA_512",
 		"SM2DSA",
+		"ML_DSA_SHAKE_256",
 	}
 }
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/errors.go
index a68d1739e1..7082a81e01 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/errors.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/errors.go
@@ -525,8 +525,9 @@ func (e *IncorrectKeyException) ErrorCode() string {
 func (e *IncorrectKeyException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
 
 // The request was rejected because the key material in the request is, expired,
-// invalid, or is not the same key material that was previously imported into this
-// KMS key.
+// invalid, or does not meet expectations. For example, it is not the same key
+// material that was previously imported or KMS expected new key material but the
+// key material being imported is already associated with the KMS key.
 type IncorrectKeyMaterialException struct {
 	Message *string
 
@@ -968,8 +969,8 @@ func (e *KMSInvalidStateException) ErrorCode() string {
 }
 func (e *KMSInvalidStateException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient }
 
-// The request was rejected because a quota was exceeded. For more information,
-// see [Quotas]in the Key Management Service Developer Guide.
+// The request was rejected because a length constraint or quota was exceeded. For
+// more information, see [Quotas]in the Key Management Service Developer Guide.
 //
 // [Quotas]: https://docs.aws.amazon.com/kms/latest/developerguide/limits.html
 type LimitExceededException struct {
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/types.go
index 62a8f7f8b2..d5b848706f 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/types.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/kms/types/types.go
@@ -239,10 +239,10 @@ type CustomKeyStoresListEntry struct {
 // includes the specified [encryption context].
 //
 // KMS applies the grant constraints only to cryptographic operations that support
-// an encryption context, that is, all cryptographic operations with a [symmetric KMS key]. Grant
-// constraints are not applied to operations that do not support an encryption
-// context, such as cryptographic operations with asymmetric KMS keys and
-// management operations, such as DescribeKeyor RetireGrant.
+// an encryption context, that is, all cryptographic operations with a symmetric
+// KMS key. Grant constraints are not applied to operations that do not support an
+// encryption context, such as cryptographic operations with asymmetric KMS keys
+// and management operations, such as DescribeKeyor RetireGrant.
 //
 // In a cryptographic operation, the encryption context in the decryption
 // operation must be an exact, case-sensitive match for the keys and values in the
@@ -255,19 +255,18 @@ type CustomKeyStoresListEntry struct {
 // To avoid confusion, do not use multiple encryption context pairs that differ
 // only by case. To require a fully case-sensitive encryption context, use the
 // kms:EncryptionContext: and kms:EncryptionContextKeys conditions in an IAM or
-// key policy. For details, see [kms:EncryptionContext:]in the Key Management Service Developer Guide .
+// key policy. For details, see [kms:EncryptionContext:context-key]in the Key Management Service Developer Guide .
 //
-// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
-// [kms:EncryptionContext:]: https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-context
-// [encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context
-// [symmetric KMS key]: https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#symmetric-cmks
+// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
+// [encryption context]: https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html
+// [kms:EncryptionContext:context-key]: https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-encryption-context
 type GrantConstraints struct {
 
 	// A list of key-value pairs that must match the encryption context in the [cryptographic operation]
 	// request. The grant allows the operation only when the encryption context in the
 	// request is the same as the encryption context specified in this constraint.
 	//
-	// [cryptographic operation]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
+	// [cryptographic operation]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
 	EncryptionContextEquals map[string]string
 
 	// A list of key-value pairs that must be included in the encryption context of
@@ -275,7 +274,7 @@ type GrantConstraints struct {
 	// encryption context in the request includes the key-value pairs specified in this
 	// constraint, although it can include additional key-value pairs.
 	//
-	// [cryptographic operation]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
+	// [cryptographic operation]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
 	EncryptionContextSubset map[string]string
 
 	noSmithyDocumentSerde
@@ -361,16 +360,24 @@ type KeyMetadata struct {
 	// material for the KMS key in the associated CloudHSM cluster. This field is
 	// present only when the KMS key is created in an CloudHSM key store.
 	//
-	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 	CloudHsmClusterId *string
 
 	// The date and time when the KMS key was created.
 	CreationDate *time.Time
 
+	// Identifies the current key material. This value is present for symmetric
+	// encryption keys with AWS_KMS origin and single-Region, symmetric encryption
+	// keys with EXTERNAL origin. These KMS keys support automatic or on-demand key
+	// rotation and can have multiple key materials associated with them. KMS uses the
+	// current key material for both encryption and decryption, and the non-current key
+	// material for decryption operations only.
+	CurrentKeyMaterialId *string
+
 	// A unique identifier for the [custom key store] that contains the KMS key. This field is present
 	// only when the KMS key is created in a custom key store.
 	//
-	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+	// [custom key store]: https://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html
 	CustomKeyStoreId *string
 
 	// Instead, use the KeySpec field.
@@ -431,7 +438,7 @@ type KeyMetadata struct {
 
 	// The [cryptographic operations] for which you can use the KMS key.
 	//
-	// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations
+	// [cryptographic operations]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations
 	KeyUsage KeyUsageType
 
 	// The message authentication code (MAC) algorithm that the HMAC KMS key supports.
@@ -493,10 +500,11 @@ type KeyMetadata struct {
 	// This field appears only when the KeyUsage of the KMS key is SIGN_VERIFY .
 	SigningAlgorithms []SigningAlgorithmSpec
 
-	// The time at which the imported key material expires. When the key material
-	// expires, KMS deletes the key material and the KMS key becomes unusable. This
-	// value is present only for KMS keys whose Origin is EXTERNAL and whose
-	// ExpirationModel is KEY_MATERIAL_EXPIRES , otherwise this value is omitted.
+	// The earliest time at which any imported key material permanently associated
+	// with this KMS key expires. When a key material expires, KMS deletes the key
+	// material and the KMS key becomes unusable. This value is present only for KMS
+	// keys whose Origin is EXTERNAL and the ExpirationModel is KEY_MATERIAL_EXPIRES ,
+	// otherwise this value is omitted.
 	ValidTo *time.Time
 
 	// Information about the external key that is associated with a KMS key in an
@@ -566,21 +574,62 @@ type RecipientInfo struct {
 	noSmithyDocumentSerde
 }
 
-// Contains information about completed key material rotations.
+// Each entry contains information about one of the key materials associated with
+// a KMS key.
 type RotationsListEntry struct {
 
+	// Indicates if the key material is configured to automatically expire. There are
+	// two possible values for this field: KEY_MATERIAL_EXPIRES and
+	// KEY_MATERIAL_DOES_NOT_EXPIRE . For any key material that expires, the expiration
+	// date and time is indicated in ValidTo . This field is only present for symmetric
+	// encryption KMS keys with EXTERNAL origin.
+	ExpirationModel ExpirationModelType
+
+	// Indicates if the key material is currently imported into KMS. It has two
+	// possible values: IMPORTED or PENDING_IMPORT . This field is only present for
+	// symmetric encryption KMS keys with EXTERNAL origin.
+	ImportState ImportState
+
 	// Unique identifier of the key.
 	KeyId *string
 
+	// User-specified description of the key material. This field is only present for
+	// symmetric encryption KMS keys with EXTERNAL origin.
+	KeyMaterialDescription *string
+
+	// Unique identifier of the key material.
+	KeyMaterialId *string
+
+	// There are three possible values for this field: CURRENT , NON_CURRENT and
+	// PENDING_ROTATION . KMS uses CURRENT key material for both encryption and
+	// decryption and NON_CURRENT key material only for decryption. PENDING_ROTATION
+	// identifies key material that has been imported for on-demand key rotation but
+	// the rotation hasn't completed. Key material in PENDING_ROTATION is not
+	// permanently associated with the KMS key. You can delete this key material and
+	// import different key material in its place. The PENDING_ROTATION value is only
+	// used in symmetric encryption keys with imported key material. The other values,
+	// CURRENT and NON_CURRENT , are used for all KMS keys that support automatic or
+	// on-demand key rotation.
+	KeyMaterialState KeyMaterialState
+
 	// Date and time that the key material rotation completed. Formatted as Unix time.
+	// This field is not present for the first key material or an imported key material
+	// in PENDING_ROTATION state.
 	RotationDate *time.Time
 
-	// Identifies whether the key material rotation was a scheduled [automatic rotation] or an [on-demand rotation].
+	// Identifies whether the key material rotation was a scheduled [automatic rotation] or an [on-demand rotation]. This
+	// field is not present for the first key material or an imported key material in
+	// PENDING_ROTATION state.
 	//
-	// [automatic rotation]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotating-keys-enable-disable
-	// [on-demand rotation]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotating-keys-on-demand
+	// [automatic rotation]: https://docs.aws.amazon.com/kms/latest/developerguide/rotating-keys-enable-disable.html
+	// [on-demand rotation]: https://docs.aws.amazon.com/kms/latest/developerguide/rotating-keys-on-demand.html
 	RotationType RotationType
 
+	// Date and time at which the key material expires. This field is only present for
+	// symmetric encryption KMS keys with EXTERNAL origin in rotation list entries
+	// with an ExpirationModel value of KEY_MATERIAL_EXPIRES .
+	ValidTo *time.Time
+
 	noSmithyDocumentSerde
 }
 
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md
index f4c8cac68e..928ffc3901 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.25.4 (2025-06-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.25.3 (2025-04-03)
+
+* No change notes available for this release.
+
 # v1.25.2 (2025-03-25)
 
 * No change notes available for this release.
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go
index 6de25b907f..5bd6f00784 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go
@@ -3,4 +3,4 @@
 package sso
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.25.2"
+const goModuleVersion = "1.25.4"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go
index f4f531f250..04416606be 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go
@@ -87,6 +87,7 @@ func New() *Resolver {
 var partitionRegexp = struct {
 	Aws      *regexp.Regexp
 	AwsCn    *regexp.Regexp
+	AwsEusc  *regexp.Regexp
 	AwsIso   *regexp.Regexp
 	AwsIsoB  *regexp.Regexp
 	AwsIsoE  *regexp.Regexp
@@ -96,6 +97,7 @@ var partitionRegexp = struct {
 
 	Aws:      regexp.MustCompile("^(us|eu|ap|sa|ca|me|af|il|mx)\\-\\w+\\-\\d+$"),
 	AwsCn:    regexp.MustCompile("^cn\\-\\w+\\-\\d+$"),
+	AwsEusc:  regexp.MustCompile("^eusc\\-(de)\\-\\w+\\-\\d+$"),
 	AwsIso:   regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"),
 	AwsIsoB:  regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"),
 	AwsIsoE:  regexp.MustCompile("^eu\\-isoe\\-\\w+\\-\\d+$"),
@@ -434,6 +436,27 @@ var defaultPartitions = endpoints.Partitions{
 			},
 		},
 	},
+	{
+		ID: "aws-eusc",
+		Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+			{
+				Variant: endpoints.FIPSVariant,
+			}: {
+				Hostname:          "portal.sso-fips.{region}.amazonaws.eu",
+				Protocols:         []string{"https"},
+				SignatureVersions: []string{"v4"},
+			},
+			{
+				Variant: 0,
+			}: {
+				Hostname:          "portal.sso.{region}.amazonaws.eu",
+				Protocols:         []string{"https"},
+				SignatureVersions: []string{"v4"},
+			},
+		},
+		RegionRegex:    partitionRegexp.AwsEusc,
+		IsRegionalized: true,
+	},
 	{
 		ID: "aws-iso",
 		Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md
index be745460e9..e0d0da2b62 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.30.2 (2025-06-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.30.1 (2025-04-03)
+
+* No change notes available for this release.
+
 # v1.30.0 (2025-03-27)
 
 * **Feature**: This release adds AwsAdditionalDetails in the CreateTokenWithIAM API response.
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go
index 3c7150d8a0..ac4fcd9b6e 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go
@@ -3,4 +3,4 @@
 package ssooidc
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.30.0"
+const goModuleVersion = "1.30.2"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints/endpoints.go
index 35c04ff43a..ba7b4f9eb0 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints/endpoints.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints/endpoints.go
@@ -87,6 +87,7 @@ func New() *Resolver {
 var partitionRegexp = struct {
 	Aws      *regexp.Regexp
 	AwsCn    *regexp.Regexp
+	AwsEusc  *regexp.Regexp
 	AwsIso   *regexp.Regexp
 	AwsIsoB  *regexp.Regexp
 	AwsIsoE  *regexp.Regexp
@@ -96,6 +97,7 @@ var partitionRegexp = struct {
 
 	Aws:      regexp.MustCompile("^(us|eu|ap|sa|ca|me|af|il|mx)\\-\\w+\\-\\d+$"),
 	AwsCn:    regexp.MustCompile("^cn\\-\\w+\\-\\d+$"),
+	AwsEusc:  regexp.MustCompile("^eusc\\-(de)\\-\\w+\\-\\d+$"),
 	AwsIso:   regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"),
 	AwsIsoB:  regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"),
 	AwsIsoE:  regexp.MustCompile("^eu\\-isoe\\-\\w+\\-\\d+$"),
@@ -434,6 +436,27 @@ var defaultPartitions = endpoints.Partitions{
 			},
 		},
 	},
+	{
+		ID: "aws-eusc",
+		Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+			{
+				Variant: endpoints.FIPSVariant,
+			}: {
+				Hostname:          "oidc-fips.{region}.amazonaws.eu",
+				Protocols:         []string{"https"},
+				SignatureVersions: []string{"v4"},
+			},
+			{
+				Variant: 0,
+			}: {
+				Hostname:          "oidc.{region}.amazonaws.eu",
+				Protocols:         []string{"https"},
+				SignatureVersions: []string{"v4"},
+			},
+		},
+		RegionRegex:    partitionRegexp.AwsEusc,
+		IsRegionalized: true,
+	},
 	{
 		ID: "aws-iso",
 		Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md
index 79ff72d751..1492199249 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md
@@ -1,3 +1,19 @@
+# v1.33.21 (2025-06-10)
+
+* **Dependency Update**: Updated to the latest SDK module versions
+
+# v1.33.20 (2025-06-06)
+
+* No change notes available for this release.
+
+# v1.33.19 (2025-04-10)
+
+* No change notes available for this release.
+
+# v1.33.18 (2025-04-03)
+
+* No change notes available for this release.
+
 # v1.33.17 (2025-03-04.2)
 
 * **Bug Fix**: Add assurance test for operation order.
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go
index 18e1e47356..0b59c0fa3d 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go
@@ -3,4 +3,4 @@
 package sts
 
 // goModuleVersion is the tagged release for this module
-const goModuleVersion = "1.33.17"
+const goModuleVersion = "1.33.21"
diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints/endpoints.go
index 8fc2012a69..3dfa51e5f4 100644
--- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints/endpoints.go
+++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints/endpoints.go
@@ -87,6 +87,7 @@ func New() *Resolver {
 var partitionRegexp = struct {
 	Aws      *regexp.Regexp
 	AwsCn    *regexp.Regexp
+	AwsEusc  *regexp.Regexp
 	AwsIso   *regexp.Regexp
 	AwsIsoB  *regexp.Regexp
 	AwsIsoE  *regexp.Regexp
@@ -96,6 +97,7 @@ var partitionRegexp = struct {
 
 	Aws:      regexp.MustCompile("^(us|eu|ap|sa|ca|me|af|il|mx)\\-\\w+\\-\\d+$"),
 	AwsCn:    regexp.MustCompile("^cn\\-\\w+\\-\\d+$"),
+	AwsEusc:  regexp.MustCompile("^eusc\\-(de)\\-\\w+\\-\\d+$"),
 	AwsIso:   regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"),
 	AwsIsoB:  regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"),
 	AwsIsoE:  regexp.MustCompile("^eu\\-isoe\\-\\w+\\-\\d+$"),
@@ -145,6 +147,9 @@ var defaultPartitions = endpoints.Partitions{
 			endpoints.EndpointKey{
 				Region: "ap-east-1",
 			}: endpoints.Endpoint{},
+			endpoints.EndpointKey{
+				Region: "ap-east-2",
+			}: endpoints.Endpoint{},
 			endpoints.EndpointKey{
 				Region: "ap-northeast-1",
 			}: endpoints.Endpoint{},
@@ -348,6 +353,27 @@ var defaultPartitions = endpoints.Partitions{
 			}: endpoints.Endpoint{},
 		},
 	},
+	{
+		ID: "aws-eusc",
+		Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
+			{
+				Variant: endpoints.FIPSVariant,
+			}: {
+				Hostname:          "sts-fips.{region}.amazonaws.eu",
+				Protocols:         []string{"https"},
+				SignatureVersions: []string{"v4"},
+			},
+			{
+				Variant: 0,
+			}: {
+				Hostname:          "sts.{region}.amazonaws.eu",
+				Protocols:         []string{"https"},
+				SignatureVersions: []string{"v4"},
+			},
+		},
+		RegionRegex:    partitionRegexp.AwsEusc,
+		IsRegionalized: true,
+	},
 	{
 		ID: "aws-iso",
 		Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{
@@ -423,6 +449,11 @@ var defaultPartitions = endpoints.Partitions{
 		},
 		RegionRegex:    partitionRegexp.AwsIsoE,
 		IsRegionalized: true,
+		Endpoints: endpoints.Endpoints{
+			endpoints.EndpointKey{
+				Region: "eu-isoe-west-1",
+			}: endpoints.Endpoint{},
+		},
 	},
 	{
 		ID: "aws-iso-f",
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go
index 7ab65bae79..e72db4de1e 100644
--- a/vendor/github.com/aws/aws-sdk-go/aws/version.go
+++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go
@@ -5,4 +5,4 @@ package aws
 const SDKName = "aws-sdk-go"
 
 // SDKVersion is the version of this SDK
-const SDKVersion = "1.55.6"
+const SDKVersion = "1.55.7"
diff --git a/vendor/github.com/cenkalti/backoff/v5/.gitignore b/vendor/github.com/cenkalti/backoff/v5/.gitignore
new file mode 100644
index 0000000000..50d95c548b
--- /dev/null
+++ b/vendor/github.com/cenkalti/backoff/v5/.gitignore
@@ -0,0 +1,25 @@
+# Compiled Object files, Static and Dynamic libs (Shared Objects)
+*.o
+*.a
+*.so
+
+# Folders
+_obj
+_test
+
+# Architecture specific extensions/prefixes
+*.[568vq]
+[568vq].out
+
+*.cgo1.go
+*.cgo2.c
+_cgo_defun.c
+_cgo_gotypes.go
+_cgo_export.*
+
+_testmain.go
+
+*.exe
+
+# IDEs
+.idea/
diff --git a/vendor/github.com/cenkalti/backoff/v5/CHANGELOG.md b/vendor/github.com/cenkalti/backoff/v5/CHANGELOG.md
new file mode 100644
index 0000000000..658c37436d
--- /dev/null
+++ b/vendor/github.com/cenkalti/backoff/v5/CHANGELOG.md
@@ -0,0 +1,29 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [5.0.0] - 2024-12-19
+
+### Added
+
+- RetryAfterError can be returned from an operation to indicate how long to wait before the next retry.
+
+### Changed
+
+- Retry function now accepts additional options for specifying max number of tries and max elapsed time.
+- Retry function now accepts a context.Context.
+- Operation function signature changed to return result (any type) and error.
+
+### Removed
+
+- RetryNotify* and RetryWithData functions. Only single Retry function remains.
+- Optional arguments from ExponentialBackoff constructor.
+- Clock and Timer interfaces.
+
+### Fixed
+
+- The original error is returned from Retry if there's a PermanentError. (#144)
+- The Retry function respects the wrapped PermanentError. (#140)
diff --git a/vendor/github.com/cenkalti/backoff/v5/LICENSE b/vendor/github.com/cenkalti/backoff/v5/LICENSE
new file mode 100644
index 0000000000..89b8179965
--- /dev/null
+++ b/vendor/github.com/cenkalti/backoff/v5/LICENSE
@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Cenk Altı
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/vendor/github.com/cenkalti/backoff/v5/README.md b/vendor/github.com/cenkalti/backoff/v5/README.md
new file mode 100644
index 0000000000..4611b1d170
--- /dev/null
+++ b/vendor/github.com/cenkalti/backoff/v5/README.md
@@ -0,0 +1,31 @@
+# Exponential Backoff [![GoDoc][godoc image]][godoc]
+
+This is a Go port of the exponential backoff algorithm from [Google's HTTP Client Library for Java][google-http-java-client].
+
+[Exponential backoff][exponential backoff wiki]
+is an algorithm that uses feedback to multiplicatively decrease the rate of some process,
+in order to gradually find an acceptable rate.
+The retries exponentially increase and stop increasing when a certain threshold is met.
+
+## Usage
+
+Import path is `github.com/cenkalti/backoff/v5`. Please note the version part at the end.
+
+For most cases, use `Retry` function. See [example_test.go][example] for an example.
+
+If you have specific needs, copy `Retry` function (from [retry.go][retry-src]) into your code and modify it as needed.
+
+## Contributing
+
+* I would like to keep this library as small as possible.
+* Please don't send a PR without opening an issue and discussing it first.
+* If proposed change is not a common use case, I will probably not accept it.
+
+[godoc]: https://pkg.go.dev/github.com/cenkalti/backoff/v5
+[godoc image]: https://godoc.org/github.com/cenkalti/backoff?status.png
+
+[google-http-java-client]: https://github.com/google/google-http-java-client/blob/da1aa993e90285ec18579f1553339b00e19b3ab5/google-http-client/src/main/java/com/google/api/client/util/ExponentialBackOff.java
+[exponential backoff wiki]: http://en.wikipedia.org/wiki/Exponential_backoff
+
+[retry-src]: https://github.com/cenkalti/backoff/blob/v5/retry.go
+[example]: https://github.com/cenkalti/backoff/blob/v5/example_test.go
diff --git a/vendor/github.com/cenkalti/backoff/v5/backoff.go b/vendor/github.com/cenkalti/backoff/v5/backoff.go
new file mode 100644
index 0000000000..dd2b24ca73
--- /dev/null
+++ b/vendor/github.com/cenkalti/backoff/v5/backoff.go
@@ -0,0 +1,66 @@
+// Package backoff implements backoff algorithms for retrying operations.
+//
+// Use Retry function for retrying operations that may fail.
+// If Retry does not meet your needs,
+// copy/paste the function into your project and modify as you wish.
+//
+// There is also Ticker type similar to time.Ticker.
+// You can use it if you need to work with channels.
+//
+// See Examples section below for usage examples.
+package backoff
+
+import "time"
+
+// BackOff is a backoff policy for retrying an operation.
+type BackOff interface {
+	// NextBackOff returns the duration to wait before retrying the operation,
+	// backoff.Stop to indicate that no more retries should be made.
+	//
+	// Example usage:
+	//
+	//     duration := backoff.NextBackOff()
+	//     if duration == backoff.Stop {
+	//         // Do not retry operation.
+	//     } else {
+	//         // Sleep for duration and retry operation.
+	//     }
+	//
+	NextBackOff() time.Duration
+
+	// Reset to initial state.
+	Reset()
+}
+
+// Stop indicates that no more retries should be made for use in NextBackOff().
+const Stop time.Duration = -1
+
+// ZeroBackOff is a fixed backoff policy whose backoff time is always zero,
+// meaning that the operation is retried immediately without waiting, indefinitely.
+type ZeroBackOff struct{}
+
+func (b *ZeroBackOff) Reset() {}
+
+func (b *ZeroBackOff) NextBackOff() time.Duration { return 0 }
+
+// StopBackOff is a fixed backoff policy that always returns backoff.Stop for
+// NextBackOff(), meaning that the operation should never be retried.
+type StopBackOff struct{}
+
+func (b *StopBackOff) Reset() {}
+
+func (b *StopBackOff) NextBackOff() time.Duration { return Stop }
+
+// ConstantBackOff is a backoff policy that always returns the same backoff delay.
+// This is in contrast to an exponential backoff policy,
+// which returns a delay that grows longer as you call NextBackOff() over and over again.
+type ConstantBackOff struct {
+	Interval time.Duration
+}
+
+func (b *ConstantBackOff) Reset()                     {}
+func (b *ConstantBackOff) NextBackOff() time.Duration { return b.Interval }
+
+func NewConstantBackOff(d time.Duration) *ConstantBackOff {
+	return &ConstantBackOff{Interval: d}
+}
diff --git a/vendor/github.com/cenkalti/backoff/v5/error.go b/vendor/github.com/cenkalti/backoff/v5/error.go
new file mode 100644
index 0000000000..beb2b38a23
--- /dev/null
+++ b/vendor/github.com/cenkalti/backoff/v5/error.go
@@ -0,0 +1,46 @@
+package backoff
+
+import (
+	"fmt"
+	"time"
+)
+
+// PermanentError signals that the operation should not be retried.
+type PermanentError struct {
+	Err error
+}
+
+// Permanent wraps the given err in a *PermanentError.
+func Permanent(err error) error {
+	if err == nil {
+		return nil
+	}
+	return &PermanentError{
+		Err: err,
+	}
+}
+
+// Error returns a string representation of the Permanent error.
+func (e *PermanentError) Error() string {
+	return e.Err.Error()
+}
+
+// Unwrap returns the wrapped error.
+func (e *PermanentError) Unwrap() error {
+	return e.Err
+}
+
+// RetryAfterError signals that the operation should be retried after the given duration.
+type RetryAfterError struct {
+	Duration time.Duration
+}
+
+// RetryAfter returns a RetryAfter error that specifies how long to wait before retrying.
+func RetryAfter(seconds int) error {
+	return &RetryAfterError{Duration: time.Duration(seconds) * time.Second}
+}
+
+// Error returns a string representation of the RetryAfter error.
+func (e *RetryAfterError) Error() string {
+	return fmt.Sprintf("retry after %s", e.Duration)
+}
diff --git a/vendor/github.com/cenkalti/backoff/v5/exponential.go b/vendor/github.com/cenkalti/backoff/v5/exponential.go
new file mode 100644
index 0000000000..c1f3e442d3
--- /dev/null
+++ b/vendor/github.com/cenkalti/backoff/v5/exponential.go
@@ -0,0 +1,125 @@
+package backoff
+
+import (
+	"math/rand"
+	"time"
+)
+
+/*
+ExponentialBackOff is a backoff implementation that increases the backoff
+period for each retry attempt using a randomization function that grows exponentially.
+
+NextBackOff() is calculated using the following formula:
+
+	randomized interval =
+	    RetryInterval * (random value in range [1 - RandomizationFactor, 1 + RandomizationFactor])
+
+In other words NextBackOff() will range between the randomization factor
+percentage below and above the retry interval.
+
+For example, given the following parameters:
+
+	RetryInterval = 2
+	RandomizationFactor = 0.5
+	Multiplier = 2
+
+the actual backoff period used in the next retry attempt will range between 1 and 3 seconds,
+multiplied by the exponential, that is, between 2 and 6 seconds.
+
+Note: MaxInterval caps the RetryInterval and not the randomized interval.
+
+If the time elapsed since an ExponentialBackOff instance is created goes past the
+MaxElapsedTime, then the method NextBackOff() starts returning backoff.Stop.
+
+The elapsed time can be reset by calling Reset().
+
+Example: Given the following default arguments, for 10 tries the sequence will be,
+and assuming we go over the MaxElapsedTime on the 10th try:
+
+	Request #  RetryInterval (seconds)  Randomized Interval (seconds)
+
+	 1          0.5                     [0.25,   0.75]
+	 2          0.75                    [0.375,  1.125]
+	 3          1.125                   [0.562,  1.687]
+	 4          1.687                   [0.8435, 2.53]
+	 5          2.53                    [1.265,  3.795]
+	 6          3.795                   [1.897,  5.692]
+	 7          5.692                   [2.846,  8.538]
+	 8          8.538                   [4.269, 12.807]
+	 9         12.807                   [6.403, 19.210]
+	10         19.210                   backoff.Stop
+
+Note: Implementation is not thread-safe.
+*/
+type ExponentialBackOff struct {
+	InitialInterval     time.Duration
+	RandomizationFactor float64
+	Multiplier          float64
+	MaxInterval         time.Duration
+
+	currentInterval time.Duration
+}
+
+// Default values for ExponentialBackOff.
+const (
+	DefaultInitialInterval     = 500 * time.Millisecond
+	DefaultRandomizationFactor = 0.5
+	DefaultMultiplier          = 1.5
+	DefaultMaxInterval         = 60 * time.Second
+)
+
+// NewExponentialBackOff creates an instance of ExponentialBackOff using default values.
+func NewExponentialBackOff() *ExponentialBackOff {
+	return &ExponentialBackOff{
+		InitialInterval:     DefaultInitialInterval,
+		RandomizationFactor: DefaultRandomizationFactor,
+		Multiplier:          DefaultMultiplier,
+		MaxInterval:         DefaultMaxInterval,
+	}
+}
+
+// Reset the interval back to the initial retry interval and restarts the timer.
+// Reset must be called before using b.
+func (b *ExponentialBackOff) Reset() {
+	b.currentInterval = b.InitialInterval
+}
+
+// NextBackOff calculates the next backoff interval using the formula:
+//
+//	Randomized interval = RetryInterval * (1 ± RandomizationFactor)
+func (b *ExponentialBackOff) NextBackOff() time.Duration {
+	if b.currentInterval == 0 {
+		b.currentInterval = b.InitialInterval
+	}
+
+	next := getRandomValueFromInterval(b.RandomizationFactor, rand.Float64(), b.currentInterval)
+	b.incrementCurrentInterval()
+	return next
+}
+
+// Increments the current interval by multiplying it with the multiplier.
+func (b *ExponentialBackOff) incrementCurrentInterval() {
+	// Check for overflow, if overflow is detected set the current interval to the max interval.
+	if float64(b.currentInterval) >= float64(b.MaxInterval)/b.Multiplier {
+		b.currentInterval = b.MaxInterval
+	} else {
+		b.currentInterval = time.Duration(float64(b.currentInterval) * b.Multiplier)
+	}
+}
+
+// Returns a random value from the following interval:
+//
+//	[currentInterval - randomizationFactor * currentInterval, currentInterval + randomizationFactor * currentInterval].
+func getRandomValueFromInterval(randomizationFactor, random float64, currentInterval time.Duration) time.Duration {
+	if randomizationFactor == 0 {
+		return currentInterval // make sure no randomness is used when randomizationFactor is 0.
+	}
+	var delta = randomizationFactor * float64(currentInterval)
+	var minInterval = float64(currentInterval) - delta
+	var maxInterval = float64(currentInterval) + delta
+
+	// Get a random value from the range [minInterval, maxInterval].
+	// The formula used below has a +1 because if the minInterval is 1 and the maxInterval is 3 then
+	// we want a 33% chance for selecting either 1, 2 or 3.
+	return time.Duration(minInterval + (random * (maxInterval - minInterval + 1)))
+}
diff --git a/vendor/github.com/cenkalti/backoff/v5/retry.go b/vendor/github.com/cenkalti/backoff/v5/retry.go
new file mode 100644
index 0000000000..e43f47fb8a
--- /dev/null
+++ b/vendor/github.com/cenkalti/backoff/v5/retry.go
@@ -0,0 +1,139 @@
+package backoff
+
+import (
+	"context"
+	"errors"
+	"time"
+)
+
+// DefaultMaxElapsedTime sets a default limit for the total retry duration.
+const DefaultMaxElapsedTime = 15 * time.Minute
+
+// Operation is a function that attempts an operation and may be retried.
+type Operation[T any] func() (T, error)
+
+// Notify is a function called on operation error with the error and backoff duration.
+type Notify func(error, time.Duration)
+
+// retryOptions holds configuration settings for the retry mechanism.
+type retryOptions struct {
+	BackOff        BackOff       // Strategy for calculating backoff periods.
+	Timer          timer         // Timer to manage retry delays.
+	Notify         Notify        // Optional function to notify on each retry error.
+	MaxTries       uint          // Maximum number of retry attempts.
+	MaxElapsedTime time.Duration // Maximum total time for all retries.
+}
+
+type RetryOption func(*retryOptions)
+
+// WithBackOff configures a custom backoff strategy.
+func WithBackOff(b BackOff) RetryOption {
+	return func(args *retryOptions) {
+		args.BackOff = b
+	}
+}
+
+// withTimer sets a custom timer for managing delays between retries.
+func withTimer(t timer) RetryOption {
+	return func(args *retryOptions) {
+		args.Timer = t
+	}
+}
+
+// WithNotify sets a notification function to handle retry errors.
+func WithNotify(n Notify) RetryOption {
+	return func(args *retryOptions) {
+		args.Notify = n
+	}
+}
+
+// WithMaxTries limits the number of retry attempts.
+func WithMaxTries(n uint) RetryOption {
+	return func(args *retryOptions) {
+		args.MaxTries = n
+	}
+}
+
+// WithMaxElapsedTime limits the total duration for retry attempts.
+func WithMaxElapsedTime(d time.Duration) RetryOption {
+	return func(args *retryOptions) {
+		args.MaxElapsedTime = d
+	}
+}
+
+// Retry attempts the operation until success, a permanent error, or backoff completion.
+// It ensures the operation is executed at least once.
+//
+// Returns the operation result or error if retries are exhausted or context is cancelled.
+func Retry[T any](ctx context.Context, operation Operation[T], opts ...RetryOption) (T, error) {
+	// Initialize default retry options.
+	args := &retryOptions{
+		BackOff:        NewExponentialBackOff(),
+		Timer:          &defaultTimer{},
+		MaxElapsedTime: DefaultMaxElapsedTime,
+	}
+
+	// Apply user-provided options to the default settings.
+	for _, opt := range opts {
+		opt(args)
+	}
+
+	defer args.Timer.Stop()
+
+	startedAt := time.Now()
+	args.BackOff.Reset()
+	for numTries := uint(1); ; numTries++ {
+		// Execute the operation.
+		res, err := operation()
+		if err == nil {
+			return res, nil
+		}
+
+		// Stop retrying if maximum tries exceeded.
+		if args.MaxTries > 0 && numTries >= args.MaxTries {
+			return res, err
+		}
+
+		// Handle permanent errors without retrying.
+		var permanent *PermanentError
+		if errors.As(err, &permanent) {
+			return res, err
+		}
+
+		// Stop retrying if context is cancelled.
+		if cerr := context.Cause(ctx); cerr != nil {
+			return res, cerr
+		}
+
+		// Calculate next backoff duration.
+		next := args.BackOff.NextBackOff()
+		if next == Stop {
+			return res, err
+		}
+
+		// Reset backoff if RetryAfterError is encountered.
+		var retryAfter *RetryAfterError
+		if errors.As(err, &retryAfter) {
+			next = retryAfter.Duration
+			args.BackOff.Reset()
+		}
+
+		// Stop retrying if maximum elapsed time exceeded.
+		if args.MaxElapsedTime > 0 && time.Since(startedAt)+next > args.MaxElapsedTime {
+			return res, err
+		}
+
+		// Notify on error if a notifier function is provided.
+		if args.Notify != nil {
+			args.Notify(err, next)
+		}
+
+		// Wait for the next backoff period or context cancellation.
+		args.Timer.Start(next)
+		select {
+		case <-args.Timer.C():
+		case <-ctx.Done():
+			return res, context.Cause(ctx)
+		}
+	}
+}
diff --git a/vendor/github.com/cenkalti/backoff/v5/ticker.go b/vendor/github.com/cenkalti/backoff/v5/ticker.go
new file mode 100644
index 0000000000..f0d4b2ae72
--- /dev/null
+++ b/vendor/github.com/cenkalti/backoff/v5/ticker.go
@@ -0,0 +1,83 @@
+package backoff
+
+import (
+	"sync"
+	"time"
+)
+
+// Ticker holds a channel that delivers `ticks' of a clock at times reported by a BackOff.
+//
+// Ticks will continue to arrive when the previous operation is still running,
+// so operations that take a while to fail could run in quick succession.
+type Ticker struct {
+	C        <-chan time.Time
+	c        chan time.Time
+	b        BackOff
+	timer    timer
+	stop     chan struct{}
+	stopOnce sync.Once
+}
+
+// NewTicker returns a new Ticker containing a channel that will send
+// the time at times specified by the BackOff argument. Ticker is
+// guaranteed to tick at least once.  The channel is closed when Stop
+// method is called or BackOff stops. It is not safe to manipulate the
+// provided backoff policy (notably calling NextBackOff or Reset)
+// while the ticker is running.
+func NewTicker(b BackOff) *Ticker {
+	c := make(chan time.Time)
+	t := &Ticker{
+		C:     c,
+		c:     c,
+		b:     b,
+		timer: &defaultTimer{},
+		stop:  make(chan struct{}),
+	}
+	t.b.Reset()
+	go t.run()
+	return t
+}
+
+// Stop turns off a ticker. After Stop, no more ticks will be sent.
+func (t *Ticker) Stop() {
+	t.stopOnce.Do(func() { close(t.stop) })
+}
+
+func (t *Ticker) run() {
+	c := t.c
+	defer close(c)
+
+	// Ticker is guaranteed to tick at least once.
+	afterC := t.send(time.Now())
+
+	for {
+		if afterC == nil {
+			return
+		}
+
+		select {
+		case tick := <-afterC:
+			afterC = t.send(tick)
+		case <-t.stop:
+			t.c = nil // Prevent future ticks from being sent to the channel.
+			return
+		}
+	}
+}
+
+func (t *Ticker) send(tick time.Time) <-chan time.Time {
+	select {
+	case t.c <- tick:
+	case <-t.stop:
+		return nil
+	}
+
+	next := t.b.NextBackOff()
+	if next == Stop {
+		t.Stop()
+		return nil
+	}
+
+	t.timer.Start(next)
+	return t.timer.C()
+}
diff --git a/vendor/github.com/cenkalti/backoff/v5/timer.go b/vendor/github.com/cenkalti/backoff/v5/timer.go
new file mode 100644
index 0000000000..a895309747
--- /dev/null
+++ b/vendor/github.com/cenkalti/backoff/v5/timer.go
@@ -0,0 +1,35 @@
+package backoff
+
+import "time"
+
+type timer interface {
+	Start(duration time.Duration)
+	Stop()
+	C() <-chan time.Time
+}
+
+// defaultTimer implements Timer interface using time.Timer
+type defaultTimer struct {
+	timer *time.Timer
+}
+
+// C returns the timers channel which receives the current time when the timer fires.
+func (t *defaultTimer) C() <-chan time.Time {
+	return t.timer.C
+}
+
+// Start starts the timer to fire after the given duration
+func (t *defaultTimer) Start(duration time.Duration) {
+	if t.timer == nil {
+		t.timer = time.NewTimer(duration)
+	} else {
+		t.timer.Reset(duration)
+	}
+}
+
+// Stop is called when the timer is not used anymore and resources may be freed.
+func (t *defaultTimer) Stop() {
+	if t.timer != nil {
+		t.timer.Stop()
+	}
+}
diff --git a/vendor/github.com/cloudflare/circl/LICENSE b/vendor/github.com/cloudflare/circl/LICENSE
deleted file mode 100644
index 67edaa90a0..0000000000
--- a/vendor/github.com/cloudflare/circl/LICENSE
+++ /dev/null
@@ -1,57 +0,0 @@
-Copyright (c) 2019 Cloudflare. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-   * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-   * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-   * Neither the name of Cloudflare nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-========================================================================
-
-Copyright (c) 2009 The Go Authors. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-   * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-   * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-   * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/cloudflare/circl/dh/x25519/curve.go b/vendor/github.com/cloudflare/circl/dh/x25519/curve.go
deleted file mode 100644
index f9057c2b86..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x25519/curve.go
+++ /dev/null
@@ -1,96 +0,0 @@
-package x25519
-
-import (
-	fp "github.com/cloudflare/circl/math/fp25519"
-)
-
-// ladderJoye calculates a fixed-point multiplication with the generator point.
-// The algorithm is the right-to-left Joye's ladder as described
-// in "How to precompute a ladder" in SAC'2017.
-func ladderJoye(k *Key) {
-	w := [5]fp.Elt{} // [mu,x1,z1,x2,z2] order must be preserved.
-	fp.SetOne(&w[1]) // x1 = 1
-	fp.SetOne(&w[2]) // z1 = 1
-	w[3] = fp.Elt{   // x2 = G-S
-		0xbd, 0xaa, 0x2f, 0xc8, 0xfe, 0xe1, 0x94, 0x7e,
-		0xf8, 0xed, 0xb2, 0x14, 0xae, 0x95, 0xf0, 0xbb,
-		0xe2, 0x48, 0x5d, 0x23, 0xb9, 0xa0, 0xc7, 0xad,
-		0x34, 0xab, 0x7c, 0xe2, 0xee, 0xcd, 0xae, 0x1e,
-	}
-	fp.SetOne(&w[4]) // z2 = 1
-
-	const n = 255
-	const h = 3
-	swap := uint(1)
-	for s := 0; s < n-h; s++ {
-		i := (s + h) / 8
-		j := (s + h) % 8
-		bit := uint((k[i] >> uint(j)) & 1)
-		copy(w[0][:], tableGenerator[s*Size:(s+1)*Size])
-		diffAdd(&w, swap^bit)
-		swap = bit
-	}
-	for s := 0; s < h; s++ {
-		double(&w[1], &w[2])
-	}
-	toAffine((*[fp.Size]byte)(k), &w[1], &w[2])
-}
-
-// ladderMontgomery calculates a generic scalar point multiplication
-// The algorithm implemented is the left-to-right Montgomery's ladder.
-func ladderMontgomery(k, xP *Key) {
-	w := [5]fp.Elt{}      // [x1, x2, z2, x3, z3] order must be preserved.
-	w[0] = *(*fp.Elt)(xP) // x1 = xP
-	fp.SetOne(&w[1])      // x2 = 1
-	w[3] = *(*fp.Elt)(xP) // x3 = xP
-	fp.SetOne(&w[4])      // z3 = 1
-
-	move := uint(0)
-	for s := 255 - 1; s >= 0; s-- {
-		i := s / 8
-		j := s % 8
-		bit := uint((k[i] >> uint(j)) & 1)
-		ladderStep(&w, move^bit)
-		move = bit
-	}
-	toAffine((*[fp.Size]byte)(k), &w[1], &w[2])
-}
-
-func toAffine(k *[fp.Size]byte, x, z *fp.Elt) {
-	fp.Inv(z, z)
-	fp.Mul(x, x, z)
-	_ = fp.ToBytes(k[:], x)
-}
-
-var lowOrderPoints = [5]fp.Elt{
-	{ /* (0,_,1) point of order 2 on Curve25519 */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-	},
-	{ /* (1,_,1) point of order 4 on Curve25519 */
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-	},
-	{ /* (x,_,1) first point of order 8 on Curve25519 */
-		0xe0, 0xeb, 0x7a, 0x7c, 0x3b, 0x41, 0xb8, 0xae,
-		0x16, 0x56, 0xe3, 0xfa, 0xf1, 0x9f, 0xc4, 0x6a,
-		0xda, 0x09, 0x8d, 0xeb, 0x9c, 0x32, 0xb1, 0xfd,
-		0x86, 0x62, 0x05, 0x16, 0x5f, 0x49, 0xb8, 0x00,
-	},
-	{ /* (x,_,1) second point of order 8 on Curve25519 */
-		0x5f, 0x9c, 0x95, 0xbc, 0xa3, 0x50, 0x8c, 0x24,
-		0xb1, 0xd0, 0xb1, 0x55, 0x9c, 0x83, 0xef, 0x5b,
-		0x04, 0x44, 0x5c, 0xc4, 0x58, 0x1c, 0x8e, 0x86,
-		0xd8, 0x22, 0x4e, 0xdd, 0xd0, 0x9f, 0x11, 0x57,
-	},
-	{ /* (-1,_,1) a point of order 4 on the twist of Curve25519 */
-		0xec, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f,
-	},
-}
diff --git a/vendor/github.com/cloudflare/circl/dh/x25519/curve_amd64.go b/vendor/github.com/cloudflare/circl/dh/x25519/curve_amd64.go
deleted file mode 100644
index 8a3d54c570..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x25519/curve_amd64.go
+++ /dev/null
@@ -1,30 +0,0 @@
-//go:build amd64 && !purego
-// +build amd64,!purego
-
-package x25519
-
-import (
-	fp "github.com/cloudflare/circl/math/fp25519"
-	"golang.org/x/sys/cpu"
-)
-
-var hasBmi2Adx = cpu.X86.HasBMI2 && cpu.X86.HasADX
-
-var _ = hasBmi2Adx
-
-func double(x, z *fp.Elt)             { doubleAmd64(x, z) }
-func diffAdd(w *[5]fp.Elt, b uint)    { diffAddAmd64(w, b) }
-func ladderStep(w *[5]fp.Elt, b uint) { ladderStepAmd64(w, b) }
-func mulA24(z, x *fp.Elt)             { mulA24Amd64(z, x) }
-
-//go:noescape
-func ladderStepAmd64(w *[5]fp.Elt, b uint)
-
-//go:noescape
-func diffAddAmd64(w *[5]fp.Elt, b uint)
-
-//go:noescape
-func doubleAmd64(x, z *fp.Elt)
-
-//go:noescape
-func mulA24Amd64(z, x *fp.Elt)
diff --git a/vendor/github.com/cloudflare/circl/dh/x25519/curve_amd64.h b/vendor/github.com/cloudflare/circl/dh/x25519/curve_amd64.h
deleted file mode 100644
index 8c1ae4d0fb..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x25519/curve_amd64.h
+++ /dev/null
@@ -1,111 +0,0 @@
-#define ladderStepLeg          \
-    addSub(x2,z2)              \
-    addSub(x3,z3)              \
-    integerMulLeg(b0,x2,z3)    \
-    integerMulLeg(b1,x3,z2)    \
-    reduceFromDoubleLeg(t0,b0) \
-    reduceFromDoubleLeg(t1,b1) \
-    addSub(t0,t1)              \
-    cselect(x2,x3,regMove)     \
-    cselect(z2,z3,regMove)     \
-    integerSqrLeg(b0,t0)       \
-    integerSqrLeg(b1,t1)       \
-    reduceFromDoubleLeg(x3,b0) \
-    reduceFromDoubleLeg(z3,b1) \
-    integerMulLeg(b0,x1,z3)    \
-    reduceFromDoubleLeg(z3,b0) \
-    integerSqrLeg(b0,x2)       \
-    integerSqrLeg(b1,z2)       \
-    reduceFromDoubleLeg(x2,b0) \
-    reduceFromDoubleLeg(z2,b1) \
-    subtraction(t0,x2,z2)      \
-    multiplyA24Leg(t1,t0)      \
-    additionLeg(t1,t1,z2)      \
-    integerMulLeg(b0,x2,z2)    \
-    integerMulLeg(b1,t0,t1)    \
-    reduceFromDoubleLeg(x2,b0) \
-    reduceFromDoubleLeg(z2,b1)
-
-#define ladderStepBmi2Adx      \
-    addSub(x2,z2)              \
-    addSub(x3,z3)              \
-    integerMulAdx(b0,x2,z3)    \
-    integerMulAdx(b1,x3,z2)    \
-    reduceFromDoubleAdx(t0,b0) \
-    reduceFromDoubleAdx(t1,b1) \
-    addSub(t0,t1)              \
-    cselect(x2,x3,regMove)     \
-    cselect(z2,z3,regMove)     \
-    integerSqrAdx(b0,t0)       \
-    integerSqrAdx(b1,t1)       \
-    reduceFromDoubleAdx(x3,b0) \
-    reduceFromDoubleAdx(z3,b1) \
-    integerMulAdx(b0,x1,z3)    \
-    reduceFromDoubleAdx(z3,b0) \
-    integerSqrAdx(b0,x2)       \
-    integerSqrAdx(b1,z2)       \
-    reduceFromDoubleAdx(x2,b0) \
-    reduceFromDoubleAdx(z2,b1) \
-    subtraction(t0,x2,z2)      \
-    multiplyA24Adx(t1,t0)      \
-    additionAdx(t1,t1,z2)      \
-    integerMulAdx(b0,x2,z2)    \
-    integerMulAdx(b1,t0,t1)    \
-    reduceFromDoubleAdx(x2,b0) \
-    reduceFromDoubleAdx(z2,b1)
-
-#define difAddLeg              \
-    addSub(x1,z1)              \
-    integerMulLeg(b0,z1,ui)    \
-    reduceFromDoubleLeg(z1,b0) \
-    addSub(x1,z1)              \
-    integerSqrLeg(b0,x1)       \
-    integerSqrLeg(b1,z1)       \
-    reduceFromDoubleLeg(x1,b0) \
-    reduceFromDoubleLeg(z1,b1) \
-    integerMulLeg(b0,x1,z2)    \
-    integerMulLeg(b1,z1,x2)    \
-    reduceFromDoubleLeg(x1,b0) \
-    reduceFromDoubleLeg(z1,b1)
-
-#define difAddBmi2Adx          \
-    addSub(x1,z1)              \
-    integerMulAdx(b0,z1,ui)    \
-    reduceFromDoubleAdx(z1,b0) \
-    addSub(x1,z1)              \
-    integerSqrAdx(b0,x1)       \
-    integerSqrAdx(b1,z1)       \
-    reduceFromDoubleAdx(x1,b0) \
-    reduceFromDoubleAdx(z1,b1) \
-    integerMulAdx(b0,x1,z2)    \
-    integerMulAdx(b1,z1,x2)    \
-    reduceFromDoubleAdx(x1,b0) \
-    reduceFromDoubleAdx(z1,b1)
-
-#define doubleLeg              \
-    addSub(x1,z1)              \
-    integerSqrLeg(b0,x1)       \
-    integerSqrLeg(b1,z1)       \
-    reduceFromDoubleLeg(x1,b0) \
-    reduceFromDoubleLeg(z1,b1) \
-    subtraction(t0,x1,z1)      \
-    multiplyA24Leg(t1,t0)      \
-    additionLeg(t1,t1,z1)      \
-    integerMulLeg(b0,x1,z1)    \
-    integerMulLeg(b1,t0,t1)    \
-    reduceFromDoubleLeg(x1,b0) \
-    reduceFromDoubleLeg(z1,b1)
-
-#define doubleBmi2Adx          \
-    addSub(x1,z1)              \
-    integerSqrAdx(b0,x1)       \
-    integerSqrAdx(b1,z1)       \
-    reduceFromDoubleAdx(x1,b0) \
-    reduceFromDoubleAdx(z1,b1) \
-    subtraction(t0,x1,z1)      \
-    multiplyA24Adx(t1,t0)      \
-    additionAdx(t1,t1,z1)      \
-    integerMulAdx(b0,x1,z1)    \
-    integerMulAdx(b1,t0,t1)    \
-    reduceFromDoubleAdx(x1,b0) \
-    reduceFromDoubleAdx(z1,b1)
diff --git a/vendor/github.com/cloudflare/circl/dh/x25519/curve_amd64.s b/vendor/github.com/cloudflare/circl/dh/x25519/curve_amd64.s
deleted file mode 100644
index ce9f062894..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x25519/curve_amd64.s
+++ /dev/null
@@ -1,157 +0,0 @@
-//go:build amd64 && !purego
-// +build amd64,!purego
-
-#include "textflag.h"
-
-// Depends on circl/math/fp25519 package
-#include "../../math/fp25519/fp_amd64.h"
-#include "curve_amd64.h"
-
-// CTE_A24 is (A+2)/4 from Curve25519
-#define CTE_A24 121666
-
-#define Size 32
-
-// multiplyA24Leg multiplies x times CTE_A24 and stores in z
-// Uses: AX, DX, R8-R13, FLAGS
-// Instr: x86_64, cmov
-#define multiplyA24Leg(z,x) \
-    MOVL $CTE_A24, AX; MULQ  0+x; MOVQ AX,  R8; MOVQ DX,  R9; \
-    MOVL $CTE_A24, AX; MULQ  8+x; MOVQ AX, R12; MOVQ DX, R10; \
-    MOVL $CTE_A24, AX; MULQ 16+x; MOVQ AX, R13; MOVQ DX, R11; \
-    MOVL $CTE_A24, AX; MULQ 24+x; \
-    ADDQ R12,  R9; \
-    ADCQ R13, R10; \
-    ADCQ  AX, R11; \
-    ADCQ  $0,  DX; \
-    MOVL $38,  AX; /* 2*C = 38 = 2^256 MOD 2^255-19*/ \
-    IMULQ AX, DX; \
-    ADDQ DX, R8; \
-    ADCQ $0,  R9;  MOVQ  R9,  8+z; \
-    ADCQ $0, R10;  MOVQ R10, 16+z; \
-    ADCQ $0, R11;  MOVQ R11, 24+z; \
-    MOVQ $0, DX; \
-    CMOVQCS AX, DX; \
-    ADDQ DX, R8;  MOVQ  R8,   0+z;
-
-// multiplyA24Adx multiplies x times CTE_A24 and stores in z
-// Uses: AX, DX, R8-R12, FLAGS
-// Instr: x86_64, cmov, bmi2
-#define multiplyA24Adx(z,x) \
-    MOVQ  $CTE_A24, DX; \
-    MULXQ  0+x,  R8, R10; \
-    MULXQ  8+x,  R9, R11;  ADDQ R10,  R9; \
-    MULXQ 16+x, R10,  AX;  ADCQ R11, R10; \
-    MULXQ 24+x, R11, R12;  ADCQ  AX, R11; \
-    ;;;;;;;;;;;;;;;;;;;;;  ADCQ  $0, R12; \
-    MOVL $38,  DX; /* 2*C = 38 = 2^256 MOD 2^255-19*/ \
-    IMULQ DX, R12; \
-    ADDQ R12, R8; \
-    ADCQ $0,  R9;  MOVQ  R9,  8+z; \
-    ADCQ $0, R10;  MOVQ R10, 16+z; \
-    ADCQ $0, R11;  MOVQ R11, 24+z; \
-    MOVQ $0, R12; \
-    CMOVQCS DX, R12; \
-    ADDQ R12, R8;  MOVQ  R8,  0+z;
-
-#define mulA24Legacy \
-    multiplyA24Leg(0(DI),0(SI))
-#define mulA24Bmi2Adx \
-    multiplyA24Adx(0(DI),0(SI))
-
-// func mulA24Amd64(z, x *fp255.Elt)
-TEXT ·mulA24Amd64(SB),NOSPLIT,$0-16
-    MOVQ z+0(FP), DI
-    MOVQ x+8(FP), SI
-    CHECK_BMI2ADX(LMA24, mulA24Legacy, mulA24Bmi2Adx)
-
-
-// func ladderStepAmd64(w *[5]fp255.Elt, b uint)
-// ladderStepAmd64 calculates a point addition and doubling as follows:
-// (x2,z2) = 2*(x2,z2) and (x3,z3) = (x2,z2)+(x3,z3) using as a difference (x1,-).
-//  work  = (x1,x2,z2,x3,z3) are five fp255.Elt of 32 bytes.
-//  stack = (t0,t1) are two fp.Elt of fp.Size bytes, and
-//          (b0,b1) are two-double precision fp.Elt of 2*fp.Size bytes.
-TEXT ·ladderStepAmd64(SB),NOSPLIT,$192-16
-    // Parameters
-    #define regWork DI
-    #define regMove SI
-    #define x1 0*Size(regWork)
-    #define x2 1*Size(regWork)
-    #define z2 2*Size(regWork)
-    #define x3 3*Size(regWork)
-    #define z3 4*Size(regWork)
-    // Local variables
-    #define t0 0*Size(SP)
-    #define t1 1*Size(SP)
-    #define b0 2*Size(SP)
-    #define b1 4*Size(SP)
-    MOVQ w+0(FP), regWork
-    MOVQ b+8(FP), regMove
-    CHECK_BMI2ADX(LLADSTEP, ladderStepLeg, ladderStepBmi2Adx)
-    #undef regWork
-    #undef regMove
-    #undef x1
-    #undef x2
-    #undef z2
-    #undef x3
-    #undef z3
-    #undef t0
-    #undef t1
-    #undef b0
-    #undef b1
-
-// func diffAddAmd64(w *[5]fp255.Elt, b uint)
-// diffAddAmd64 calculates a differential point addition using a precomputed point.
-// (x1,z1) = (x1,z1)+(mu) using a difference point (x2,z2)
-//    w    = (mu,x1,z1,x2,z2) are five fp.Elt, and
-//   stack = (b0,b1) are two-double precision fp.Elt of 2*fp.Size bytes.
-TEXT ·diffAddAmd64(SB),NOSPLIT,$128-16
-    // Parameters
-    #define regWork DI
-    #define regSwap SI
-    #define ui 0*Size(regWork)
-    #define x1 1*Size(regWork)
-    #define z1 2*Size(regWork)
-    #define x2 3*Size(regWork)
-    #define z2 4*Size(regWork)
-    // Local variables
-    #define b0 0*Size(SP)
-    #define b1 2*Size(SP)
-    MOVQ w+0(FP), regWork
-    MOVQ b+8(FP), regSwap
-    cswap(x1,x2,regSwap)
-    cswap(z1,z2,regSwap)
-    CHECK_BMI2ADX(LDIFADD, difAddLeg, difAddBmi2Adx)
-    #undef regWork
-    #undef regSwap
-    #undef ui
-    #undef x1
-    #undef z1
-    #undef x2
-    #undef z2
-    #undef b0
-    #undef b1
-
-// func doubleAmd64(x, z *fp255.Elt)
-// doubleAmd64 calculates a point doubling (x1,z1) = 2*(x1,z1).
-//  stack = (t0,t1) are two fp.Elt of fp.Size bytes, and
-//          (b0,b1) are two-double precision fp.Elt of 2*fp.Size bytes.
-TEXT ·doubleAmd64(SB),NOSPLIT,$192-16
-    // Parameters
-    #define x1 0(DI)
-    #define z1 0(SI)
-    // Local variables
-    #define t0 0*Size(SP)
-    #define t1 1*Size(SP)
-    #define b0 2*Size(SP)
-    #define b1 4*Size(SP)
-    MOVQ x+0(FP), DI
-    MOVQ z+8(FP), SI
-    CHECK_BMI2ADX(LDOUB,doubleLeg,doubleBmi2Adx)
-    #undef x1
-    #undef z1
-    #undef t0
-    #undef t1
-    #undef b0
-    #undef b1
diff --git a/vendor/github.com/cloudflare/circl/dh/x25519/curve_generic.go b/vendor/github.com/cloudflare/circl/dh/x25519/curve_generic.go
deleted file mode 100644
index dae67ea37d..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x25519/curve_generic.go
+++ /dev/null
@@ -1,85 +0,0 @@
-package x25519
-
-import (
-	"encoding/binary"
-	"math/bits"
-
-	fp "github.com/cloudflare/circl/math/fp25519"
-)
-
-func doubleGeneric(x, z *fp.Elt) {
-	t0, t1 := &fp.Elt{}, &fp.Elt{}
-	fp.AddSub(x, z)
-	fp.Sqr(x, x)
-	fp.Sqr(z, z)
-	fp.Sub(t0, x, z)
-	mulA24Generic(t1, t0)
-	fp.Add(t1, t1, z)
-	fp.Mul(x, x, z)
-	fp.Mul(z, t0, t1)
-}
-
-func diffAddGeneric(w *[5]fp.Elt, b uint) {
-	mu, x1, z1, x2, z2 := &w[0], &w[1], &w[2], &w[3], &w[4]
-	fp.Cswap(x1, x2, b)
-	fp.Cswap(z1, z2, b)
-	fp.AddSub(x1, z1)
-	fp.Mul(z1, z1, mu)
-	fp.AddSub(x1, z1)
-	fp.Sqr(x1, x1)
-	fp.Sqr(z1, z1)
-	fp.Mul(x1, x1, z2)
-	fp.Mul(z1, z1, x2)
-}
-
-func ladderStepGeneric(w *[5]fp.Elt, b uint) {
-	x1, x2, z2, x3, z3 := &w[0], &w[1], &w[2], &w[3], &w[4]
-	t0 := &fp.Elt{}
-	t1 := &fp.Elt{}
-	fp.AddSub(x2, z2)
-	fp.AddSub(x3, z3)
-	fp.Mul(t0, x2, z3)
-	fp.Mul(t1, x3, z2)
-	fp.AddSub(t0, t1)
-	fp.Cmov(x2, x3, b)
-	fp.Cmov(z2, z3, b)
-	fp.Sqr(x3, t0)
-	fp.Sqr(z3, t1)
-	fp.Mul(z3, x1, z3)
-	fp.Sqr(x2, x2)
-	fp.Sqr(z2, z2)
-	fp.Sub(t0, x2, z2)
-	mulA24Generic(t1, t0)
-	fp.Add(t1, t1, z2)
-	fp.Mul(x2, x2, z2)
-	fp.Mul(z2, t0, t1)
-}
-
-func mulA24Generic(z, x *fp.Elt) {
-	const A24 = 121666
-	const n = 8
-	var xx [4]uint64
-	for i := range xx {
-		xx[i] = binary.LittleEndian.Uint64(x[i*n : (i+1)*n])
-	}
-
-	h0, l0 := bits.Mul64(xx[0], A24)
-	h1, l1 := bits.Mul64(xx[1], A24)
-	h2, l2 := bits.Mul64(xx[2], A24)
-	h3, l3 := bits.Mul64(xx[3], A24)
-
-	var c3 uint64
-	l1, c0 := bits.Add64(h0, l1, 0)
-	l2, c1 := bits.Add64(h1, l2, c0)
-	l3, c2 := bits.Add64(h2, l3, c1)
-	l4, _ := bits.Add64(h3, 0, c2)
-	_, l4 = bits.Mul64(l4, 38)
-	l0, c0 = bits.Add64(l0, l4, 0)
-	xx[1], c1 = bits.Add64(l1, 0, c0)
-	xx[2], c2 = bits.Add64(l2, 0, c1)
-	xx[3], c3 = bits.Add64(l3, 0, c2)
-	xx[0], _ = bits.Add64(l0, (-c3)&38, 0)
-	for i := range xx {
-		binary.LittleEndian.PutUint64(z[i*n:(i+1)*n], xx[i])
-	}
-}
diff --git a/vendor/github.com/cloudflare/circl/dh/x25519/curve_noasm.go b/vendor/github.com/cloudflare/circl/dh/x25519/curve_noasm.go
deleted file mode 100644
index 07fab97d2a..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x25519/curve_noasm.go
+++ /dev/null
@@ -1,11 +0,0 @@
-//go:build !amd64 || purego
-// +build !amd64 purego
-
-package x25519
-
-import fp "github.com/cloudflare/circl/math/fp25519"
-
-func double(x, z *fp.Elt)             { doubleGeneric(x, z) }
-func diffAdd(w *[5]fp.Elt, b uint)    { diffAddGeneric(w, b) }
-func ladderStep(w *[5]fp.Elt, b uint) { ladderStepGeneric(w, b) }
-func mulA24(z, x *fp.Elt)             { mulA24Generic(z, x) }
diff --git a/vendor/github.com/cloudflare/circl/dh/x25519/doc.go b/vendor/github.com/cloudflare/circl/dh/x25519/doc.go
deleted file mode 100644
index 3ce102d145..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x25519/doc.go
+++ /dev/null
@@ -1,19 +0,0 @@
-/*
-Package x25519 provides Diffie-Hellman functions as specified in RFC-7748.
-
-Validation of public keys.
-
-The Diffie-Hellman function, as described in RFC-7748 [1], works for any
-public key. However, if a different protocol requires contributory
-behaviour [2,3], then the public keys must be validated against low-order
-points [3,4]. To do that, the Shared function performs this validation
-internally and returns false when the public key is invalid (i.e., it
-is a low-order point).
-
-References:
-  - [1] RFC7748 by Langley, Hamburg, Turner (https://rfc-editor.org/rfc/rfc7748.txt)
-  - [2] Curve25519 by Bernstein (https://cr.yp.to/ecdh.html)
-  - [3] Bernstein (https://cr.yp.to/ecdh.html#validate)
-  - [4] Cremers&Jackson (https://eprint.iacr.org/2019/526)
-*/
-package x25519
diff --git a/vendor/github.com/cloudflare/circl/dh/x25519/key.go b/vendor/github.com/cloudflare/circl/dh/x25519/key.go
deleted file mode 100644
index c76f72ac7f..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x25519/key.go
+++ /dev/null
@@ -1,47 +0,0 @@
-package x25519
-
-import (
-	"crypto/subtle"
-
-	fp "github.com/cloudflare/circl/math/fp25519"
-)
-
-// Size is the length in bytes of a X25519 key.
-const Size = 32
-
-// Key represents a X25519 key.
-type Key [Size]byte
-
-func (k *Key) clamp(in *Key) *Key {
-	*k = *in
-	k[0] &= 248
-	k[31] = (k[31] & 127) | 64
-	return k
-}
-
-// isValidPubKey verifies if the public key is not a low-order point.
-func (k *Key) isValidPubKey() bool {
-	fp.Modp((*fp.Elt)(k))
-	var isLowOrder int
-	for _, P := range lowOrderPoints {
-		isLowOrder |= subtle.ConstantTimeCompare(P[:], k[:])
-	}
-	return isLowOrder == 0
-}
-
-// KeyGen obtains a public key given a secret key.
-func KeyGen(public, secret *Key) {
-	ladderJoye(public.clamp(secret))
-}
-
-// Shared calculates Alice's shared key from Alice's secret key and Bob's
-// public key returning true on success. A failure case happens when the public
-// key is a low-order point, thus the shared key is all-zeros and the function
-// returns false.
-func Shared(shared, secret, public *Key) bool {
-	validPk := *public
-	validPk[31] &= (1 << (255 % 8)) - 1
-	ok := validPk.isValidPubKey()
-	ladderMontgomery(shared.clamp(secret), &validPk)
-	return ok
-}
diff --git a/vendor/github.com/cloudflare/circl/dh/x25519/table.go b/vendor/github.com/cloudflare/circl/dh/x25519/table.go
deleted file mode 100644
index 28c8c4ac03..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x25519/table.go
+++ /dev/null
@@ -1,268 +0,0 @@
-package x25519
-
-import "github.com/cloudflare/circl/math/fp25519"
-
-// tableGenerator contains the set of points:
-//
-//	t[i] = (xi+1)/(xi-1),
-//
-// where (xi,yi) = 2^iG and G is the generator point
-// Size = (256)*(256/8) = 8192 bytes.
-var tableGenerator = [256 * fp25519.Size]byte{
-	/* (2^  0)P */ 0xf3, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x5f,
-	/* (2^  1)P */ 0x96, 0xfe, 0xaa, 0x16, 0xf4, 0x20, 0x82, 0x6b, 0x34, 0x6a, 0x56, 0x4f, 0x2b, 0xeb, 0xeb, 0x82, 0x0f, 0x95, 0xa5, 0x75, 0xb0, 0xa5, 0xa9, 0xd5, 0xf4, 0x88, 0x24, 0x4b, 0xcf, 0xb2, 0x42, 0x51,
-	/* (2^  2)P */ 0x0c, 0x68, 0x69, 0x00, 0x75, 0xbc, 0xae, 0x6a, 0x41, 0x9c, 0xf9, 0xa0, 0x20, 0x78, 0xcf, 0x89, 0xf4, 0xd0, 0x56, 0x3b, 0x18, 0xd9, 0x58, 0x2a, 0xa4, 0x11, 0x60, 0xe3, 0x80, 0xca, 0x5a, 0x4b,
-	/* (2^  3)P */ 0x5d, 0x74, 0x29, 0x8c, 0x34, 0x32, 0x91, 0x32, 0xd7, 0x2f, 0x64, 0xe1, 0x16, 0xe6, 0xa2, 0xf4, 0x34, 0xbc, 0x67, 0xff, 0x03, 0xbb, 0x45, 0x1e, 0x4a, 0x9b, 0x2a, 0xf4, 0xd0, 0x12, 0x69, 0x30,
-	/* (2^  4)P */ 0x54, 0x71, 0xaf, 0xe6, 0x07, 0x65, 0x88, 0xff, 0x2f, 0xc8, 0xee, 0xdf, 0x13, 0x0e, 0xf5, 0x04, 0xce, 0xb5, 0xba, 0x2a, 0xe8, 0x2f, 0x51, 0xaa, 0x22, 0xf2, 0xd5, 0x68, 0x1a, 0x25, 0x4e, 0x17,
-	/* (2^  5)P */ 0x98, 0x88, 0x02, 0x82, 0x0d, 0x70, 0x96, 0xcf, 0xc5, 0x02, 0x2c, 0x0a, 0x37, 0xe3, 0x43, 0x17, 0xaa, 0x6e, 0xe8, 0xb4, 0x98, 0xec, 0x9e, 0x37, 0x2e, 0x48, 0xe0, 0x51, 0x8a, 0x88, 0x59, 0x0c,
-	/* (2^  6)P */ 0x89, 0xd1, 0xb5, 0x99, 0xd6, 0xf1, 0xcb, 0xfb, 0x84, 0xdc, 0x9f, 0x8e, 0xd5, 0xf0, 0xae, 0xac, 0x14, 0x76, 0x1f, 0x23, 0x06, 0x0d, 0xc2, 0xc1, 0x72, 0xf9, 0x74, 0xa2, 0x8d, 0x21, 0x38, 0x29,
-	/* (2^  7)P */ 0x18, 0x7f, 0x1d, 0xff, 0xbe, 0x49, 0xaf, 0xf6, 0xc2, 0xc9, 0x7a, 0x38, 0x22, 0x1c, 0x54, 0xcc, 0x6b, 0xc5, 0x15, 0x40, 0xef, 0xc9, 0xfc, 0x96, 0xa9, 0x13, 0x09, 0x69, 0x7c, 0x62, 0xc1, 0x69,
-	/* (2^  8)P */ 0x0e, 0xdb, 0x33, 0x47, 0x2f, 0xfd, 0x86, 0x7a, 0xe9, 0x7d, 0x08, 0x9e, 0xf2, 0xc4, 0xb8, 0xfd, 0x29, 0xa2, 0xa2, 0x8e, 0x1a, 0x4b, 0x5e, 0x09, 0x79, 0x7a, 0xb3, 0x29, 0xc8, 0xa7, 0xd7, 0x1a,
-	/* (2^  9)P */ 0xc0, 0xa0, 0x7e, 0xd1, 0xca, 0x89, 0x2d, 0x34, 0x51, 0x20, 0xed, 0xcc, 0xa6, 0xdd, 0xbe, 0x67, 0x74, 0x2f, 0xb4, 0x2b, 0xbf, 0x31, 0xca, 0x19, 0xbb, 0xac, 0x80, 0x49, 0xc8, 0xb4, 0xf7, 0x3d,
-	/* (2^ 10)P */ 0x83, 0xd8, 0x0a, 0xc8, 0x4d, 0x44, 0xc6, 0xa8, 0x85, 0xab, 0xe3, 0x66, 0x03, 0x44, 0x1e, 0xb9, 0xd8, 0xf6, 0x64, 0x01, 0xa0, 0xcd, 0x15, 0xc2, 0x68, 0xe6, 0x47, 0xf2, 0x6e, 0x7c, 0x86, 0x3d,
-	/* (2^ 11)P */ 0x8c, 0x65, 0x3e, 0xcc, 0x2b, 0x58, 0xdd, 0xc7, 0x28, 0x55, 0x0e, 0xee, 0x48, 0x47, 0x2c, 0xfd, 0x71, 0x4f, 0x9f, 0xcc, 0x95, 0x9b, 0xfd, 0xa0, 0xdf, 0x5d, 0x67, 0xb0, 0x71, 0xd8, 0x29, 0x75,
-	/* (2^ 12)P */ 0x78, 0xbd, 0x3c, 0x2d, 0xb4, 0x68, 0xf5, 0xb8, 0x82, 0xda, 0xf3, 0x91, 0x1b, 0x01, 0x33, 0x12, 0x62, 0x3b, 0x7c, 0x4a, 0xcd, 0x6c, 0xce, 0x2d, 0x03, 0x86, 0x49, 0x9e, 0x8e, 0xfc, 0xe7, 0x75,
-	/* (2^ 13)P */ 0xec, 0xb6, 0xd0, 0xfc, 0xf1, 0x13, 0x4f, 0x2f, 0x45, 0x7a, 0xff, 0x29, 0x1f, 0xca, 0xa8, 0xf1, 0x9b, 0xe2, 0x81, 0x29, 0xa7, 0xc1, 0x49, 0xc2, 0x6a, 0xb5, 0x83, 0x8c, 0xbb, 0x0d, 0xbe, 0x6e,
-	/* (2^ 14)P */ 0x22, 0xb2, 0x0b, 0x17, 0x8d, 0xfa, 0x14, 0x71, 0x5f, 0x93, 0x93, 0xbf, 0xd5, 0xdc, 0xa2, 0x65, 0x9a, 0x97, 0x9c, 0xb5, 0x68, 0x1f, 0xc4, 0xbd, 0x89, 0x92, 0xce, 0xa2, 0x79, 0xef, 0x0e, 0x2f,
-	/* (2^ 15)P */ 0xce, 0x37, 0x3c, 0x08, 0x0c, 0xbf, 0xec, 0x42, 0x22, 0x63, 0x49, 0xec, 0x09, 0xbc, 0x30, 0x29, 0x0d, 0xac, 0xfe, 0x9c, 0xc1, 0xb0, 0x94, 0xf2, 0x80, 0xbb, 0xfa, 0xed, 0x4b, 0xaa, 0x80, 0x37,
-	/* (2^ 16)P */ 0x29, 0xd9, 0xea, 0x7c, 0x3e, 0x7d, 0xc1, 0x56, 0xc5, 0x22, 0x57, 0x2e, 0xeb, 0x4b, 0xcb, 0xe7, 0x5a, 0xe1, 0xbf, 0x2d, 0x73, 0x31, 0xe9, 0x0c, 0xf8, 0x52, 0x10, 0x62, 0xc7, 0x83, 0xb8, 0x41,
-	/* (2^ 17)P */ 0x50, 0x53, 0xd2, 0xc3, 0xa0, 0x5c, 0xf7, 0xdb, 0x51, 0xe3, 0xb1, 0x6e, 0x08, 0xbe, 0x36, 0x29, 0x12, 0xb2, 0xa9, 0xb4, 0x3c, 0xe0, 0x36, 0xc9, 0xaa, 0x25, 0x22, 0x32, 0x82, 0xbf, 0x45, 0x1d,
-	/* (2^ 18)P */ 0xc5, 0x4c, 0x02, 0x6a, 0x03, 0xb1, 0x1a, 0xe8, 0x72, 0x9a, 0x4c, 0x30, 0x1c, 0x20, 0x12, 0xe2, 0xfc, 0xb1, 0x32, 0x68, 0xba, 0x3f, 0xd7, 0xc5, 0x81, 0x95, 0x83, 0x4d, 0x5a, 0xdb, 0xff, 0x20,
-	/* (2^ 19)P */ 0xad, 0x0f, 0x5d, 0xbe, 0x67, 0xd3, 0x83, 0xa2, 0x75, 0x44, 0x16, 0x8b, 0xca, 0x25, 0x2b, 0x6c, 0x2e, 0xf2, 0xaa, 0x7c, 0x46, 0x35, 0x49, 0x9d, 0x49, 0xff, 0x85, 0xee, 0x8e, 0x40, 0x66, 0x51,
-	/* (2^ 20)P */ 0x61, 0xe3, 0xb4, 0xfa, 0xa2, 0xba, 0x67, 0x3c, 0xef, 0x5c, 0xf3, 0x7e, 0xc6, 0x33, 0xe4, 0xb3, 0x1c, 0x9b, 0x15, 0x41, 0x92, 0x72, 0x59, 0x52, 0x33, 0xab, 0xb0, 0xd5, 0x92, 0x18, 0x62, 0x6a,
-	/* (2^ 21)P */ 0xcb, 0xcd, 0x55, 0x75, 0x38, 0x4a, 0xb7, 0x20, 0x3f, 0x92, 0x08, 0x12, 0x0e, 0xa1, 0x2a, 0x53, 0xd1, 0x1d, 0x28, 0x62, 0x77, 0x7b, 0xa1, 0xea, 0xbf, 0x44, 0x5c, 0xf0, 0x43, 0x34, 0xab, 0x61,
-	/* (2^ 22)P */ 0xf8, 0xde, 0x24, 0x23, 0x42, 0x6c, 0x7a, 0x25, 0x7f, 0xcf, 0xe3, 0x17, 0x10, 0x6c, 0x1c, 0x13, 0x57, 0xa2, 0x30, 0xf6, 0x39, 0x87, 0x75, 0x23, 0x80, 0x85, 0xa7, 0x01, 0x7a, 0x40, 0x5a, 0x29,
-	/* (2^ 23)P */ 0xd9, 0xa8, 0x5d, 0x6d, 0x24, 0x43, 0xc4, 0xf8, 0x5d, 0xfa, 0x52, 0x0c, 0x45, 0x75, 0xd7, 0x19, 0x3d, 0xf8, 0x1b, 0x73, 0x92, 0xfc, 0xfc, 0x2a, 0x00, 0x47, 0x2b, 0x1b, 0xe8, 0xc8, 0x10, 0x7d,
-	/* (2^ 24)P */ 0x0b, 0xa2, 0xba, 0x70, 0x1f, 0x27, 0xe0, 0xc8, 0x57, 0x39, 0xa6, 0x7c, 0x86, 0x48, 0x37, 0x99, 0xbb, 0xd4, 0x7e, 0xcb, 0xb3, 0xef, 0x12, 0x54, 0x75, 0x29, 0xe6, 0x73, 0x61, 0xd3, 0x96, 0x31,
-	/* (2^ 25)P */ 0xfc, 0xdf, 0xc7, 0x41, 0xd1, 0xca, 0x5b, 0xde, 0x48, 0xc8, 0x95, 0xb3, 0xd2, 0x8c, 0xcc, 0x47, 0xcb, 0xf3, 0x1a, 0xe1, 0x42, 0xd9, 0x4c, 0xa3, 0xc2, 0xce, 0x4e, 0xd0, 0xf2, 0xdb, 0x56, 0x02,
-	/* (2^ 26)P */ 0x7f, 0x66, 0x0e, 0x4b, 0xe9, 0xb7, 0x5a, 0x87, 0x10, 0x0d, 0x85, 0xc0, 0x83, 0xdd, 0xd4, 0xca, 0x9f, 0xc7, 0x72, 0x4e, 0x8f, 0x2e, 0xf1, 0x47, 0x9b, 0xb1, 0x85, 0x8c, 0xbb, 0x87, 0x1a, 0x5f,
-	/* (2^ 27)P */ 0xb8, 0x51, 0x7f, 0x43, 0xb6, 0xd0, 0xe9, 0x7a, 0x65, 0x90, 0x87, 0x18, 0x55, 0xce, 0xc7, 0x12, 0xee, 0x7a, 0xf7, 0x5c, 0xfe, 0x09, 0xde, 0x2a, 0x27, 0x56, 0x2c, 0x7d, 0x2f, 0x5a, 0xa0, 0x23,
-	/* (2^ 28)P */ 0x9a, 0x16, 0x7c, 0xf1, 0x28, 0xe1, 0x08, 0x59, 0x2d, 0x85, 0xd0, 0x8a, 0xdd, 0x98, 0x74, 0xf7, 0x64, 0x2f, 0x10, 0xab, 0xce, 0xc4, 0xb4, 0x74, 0x45, 0x98, 0x13, 0x10, 0xdd, 0xba, 0x3a, 0x18,
-	/* (2^ 29)P */ 0xac, 0xaa, 0x92, 0xaa, 0x8d, 0xba, 0x65, 0xb1, 0x05, 0x67, 0x38, 0x99, 0x95, 0xef, 0xc5, 0xd5, 0xd1, 0x40, 0xfc, 0xf8, 0x0c, 0x8f, 0x2f, 0xbe, 0x14, 0x45, 0x20, 0xee, 0x35, 0xe6, 0x01, 0x27,
-	/* (2^ 30)P */ 0x14, 0x65, 0x15, 0x20, 0x00, 0xa8, 0x9f, 0x62, 0xce, 0xc1, 0xa8, 0x64, 0x87, 0x86, 0x23, 0xf2, 0x0e, 0x06, 0x3f, 0x0b, 0xff, 0x4f, 0x89, 0x5b, 0xfa, 0xa3, 0x08, 0xf7, 0x4c, 0x94, 0xd9, 0x60,
-	/* (2^ 31)P */ 0x1f, 0x20, 0x7a, 0x1c, 0x1a, 0x00, 0xea, 0xae, 0x63, 0xce, 0xe2, 0x3e, 0x63, 0x6a, 0xf1, 0xeb, 0xe1, 0x07, 0x7a, 0x4c, 0x59, 0x09, 0x77, 0x6f, 0xcb, 0x08, 0x02, 0x0d, 0x15, 0x58, 0xb9, 0x79,
-	/* (2^ 32)P */ 0xe7, 0x10, 0xd4, 0x01, 0x53, 0x5e, 0xb5, 0x24, 0x4d, 0xc8, 0xfd, 0xf3, 0xdf, 0x4e, 0xa3, 0xe3, 0xd8, 0x32, 0x40, 0x90, 0xe4, 0x68, 0x87, 0xd8, 0xec, 0xae, 0x3a, 0x7b, 0x42, 0x84, 0x13, 0x13,
-	/* (2^ 33)P */ 0x14, 0x4f, 0x23, 0x86, 0x12, 0xe5, 0x05, 0x84, 0x29, 0xc5, 0xb4, 0xad, 0x39, 0x47, 0xdc, 0x14, 0xfd, 0x4f, 0x63, 0x50, 0xb2, 0xb5, 0xa2, 0xb8, 0x93, 0xff, 0xa7, 0xd8, 0x4a, 0xa9, 0xe2, 0x2f,
-	/* (2^ 34)P */ 0xdd, 0xfa, 0x43, 0xe8, 0xef, 0x57, 0x5c, 0xec, 0x18, 0x99, 0xbb, 0xf0, 0x40, 0xce, 0x43, 0x28, 0x05, 0x63, 0x3d, 0xcf, 0xd6, 0x61, 0xb5, 0xa4, 0x7e, 0x77, 0xfb, 0xe8, 0xbd, 0x29, 0x36, 0x74,
-	/* (2^ 35)P */ 0x8f, 0x73, 0xaf, 0xbb, 0x46, 0xdd, 0x3e, 0x34, 0x51, 0xa6, 0x01, 0xb1, 0x28, 0x18, 0x98, 0xed, 0x7a, 0x79, 0x2c, 0x88, 0x0b, 0x76, 0x01, 0xa4, 0x30, 0x87, 0xc8, 0x8d, 0xe2, 0x23, 0xc2, 0x1f,
-	/* (2^ 36)P */ 0x0e, 0xba, 0x0f, 0xfc, 0x91, 0x4e, 0x60, 0x48, 0xa4, 0x6f, 0x2c, 0x05, 0x8f, 0xf7, 0x37, 0xb6, 0x9c, 0x23, 0xe9, 0x09, 0x3d, 0xac, 0xcc, 0x91, 0x7c, 0x68, 0x7a, 0x43, 0xd4, 0xee, 0xf7, 0x23,
-	/* (2^ 37)P */ 0x00, 0xd8, 0x9b, 0x8d, 0x11, 0xb1, 0x73, 0x51, 0xa7, 0xd4, 0x89, 0x31, 0xb6, 0x41, 0xd6, 0x29, 0x86, 0xc5, 0xbb, 0x88, 0x79, 0x17, 0xbf, 0xfd, 0xf5, 0x1d, 0xd8, 0xca, 0x4f, 0x89, 0x59, 0x29,
-	/* (2^ 38)P */ 0x99, 0xc8, 0xbb, 0xb4, 0xf3, 0x8e, 0xbc, 0xae, 0xb9, 0x92, 0x69, 0xb2, 0x5a, 0x99, 0x48, 0x41, 0xfb, 0x2c, 0xf9, 0x34, 0x01, 0x0b, 0xe2, 0x24, 0xe8, 0xde, 0x05, 0x4a, 0x89, 0x58, 0xd1, 0x40,
-	/* (2^ 39)P */ 0xf6, 0x76, 0xaf, 0x85, 0x11, 0x0b, 0xb0, 0x46, 0x79, 0x7a, 0x18, 0x73, 0x78, 0xc7, 0xba, 0x26, 0x5f, 0xff, 0x8f, 0xab, 0x95, 0xbf, 0xc0, 0x3d, 0xd7, 0x24, 0x55, 0x94, 0xd8, 0x8b, 0x60, 0x2a,
-	/* (2^ 40)P */ 0x02, 0x63, 0x44, 0xbd, 0x88, 0x95, 0x44, 0x26, 0x9c, 0x43, 0x88, 0x03, 0x1c, 0xc2, 0x4b, 0x7c, 0xb2, 0x11, 0xbd, 0x83, 0xf3, 0xa4, 0x98, 0x8e, 0xb9, 0x76, 0xd8, 0xc9, 0x7b, 0x8d, 0x21, 0x26,
-	/* (2^ 41)P */ 0x8a, 0x17, 0x7c, 0x99, 0x42, 0x15, 0x08, 0xe3, 0x6f, 0x60, 0xb6, 0x6f, 0xa8, 0x29, 0x2d, 0x3c, 0x74, 0x93, 0x27, 0xfa, 0x36, 0x77, 0x21, 0x5c, 0xfa, 0xb1, 0xfe, 0x4a, 0x73, 0x05, 0xde, 0x7d,
-	/* (2^ 42)P */ 0xab, 0x2b, 0xd4, 0x06, 0x39, 0x0e, 0xf1, 0x3b, 0x9c, 0x64, 0x80, 0x19, 0x3e, 0x80, 0xf7, 0xe4, 0x7a, 0xbf, 0x95, 0x95, 0xf8, 0x3b, 0x05, 0xe6, 0x30, 0x55, 0x24, 0xda, 0x38, 0xaf, 0x4f, 0x39,
-	/* (2^ 43)P */ 0xf4, 0x28, 0x69, 0x89, 0x58, 0xfb, 0x8e, 0x7a, 0x3c, 0x11, 0x6a, 0xcc, 0xe9, 0x78, 0xc7, 0xfb, 0x6f, 0x59, 0xaf, 0x30, 0xe3, 0x0c, 0x67, 0x72, 0xf7, 0x6c, 0x3d, 0x1d, 0xa8, 0x22, 0xf2, 0x48,
-	/* (2^ 44)P */ 0xa7, 0xca, 0x72, 0x0d, 0x41, 0xce, 0x1f, 0xf0, 0x95, 0x55, 0x3b, 0x21, 0xc7, 0xec, 0x20, 0x5a, 0x83, 0x14, 0xfa, 0xc1, 0x65, 0x11, 0xc2, 0x7b, 0x41, 0xa7, 0xa8, 0x1d, 0xe3, 0x9a, 0xf8, 0x07,
-	/* (2^ 45)P */ 0xf9, 0x0f, 0x83, 0xc6, 0xb4, 0xc2, 0xd2, 0x05, 0x93, 0x62, 0x31, 0xc6, 0x0f, 0x33, 0x3e, 0xd4, 0x04, 0xa9, 0xd3, 0x96, 0x0a, 0x59, 0xa5, 0xa5, 0xb6, 0x33, 0x53, 0xa6, 0x91, 0xdb, 0x5e, 0x70,
-	/* (2^ 46)P */ 0xf7, 0xa5, 0xb9, 0x0b, 0x5e, 0xe1, 0x8e, 0x04, 0x5d, 0xaf, 0x0a, 0x9e, 0xca, 0xcf, 0x40, 0x32, 0x0b, 0xa4, 0xc4, 0xed, 0xce, 0x71, 0x4b, 0x8f, 0x6d, 0x4a, 0x54, 0xde, 0xa3, 0x0d, 0x1c, 0x62,
-	/* (2^ 47)P */ 0x91, 0x40, 0x8c, 0xa0, 0x36, 0x28, 0x87, 0x92, 0x45, 0x14, 0xc9, 0x10, 0xb0, 0x75, 0x83, 0xce, 0x94, 0x63, 0x27, 0x4f, 0x52, 0xeb, 0x72, 0x8a, 0x35, 0x36, 0xc8, 0x7e, 0xfa, 0xfc, 0x67, 0x26,
-	/* (2^ 48)P */ 0x2a, 0x75, 0xe8, 0x45, 0x33, 0x17, 0x4c, 0x7f, 0xa5, 0x79, 0x70, 0xee, 0xfe, 0x47, 0x1b, 0x06, 0x34, 0xff, 0x86, 0x9f, 0xfa, 0x9a, 0xdd, 0x25, 0x9c, 0xc8, 0x5d, 0x42, 0xf5, 0xce, 0x80, 0x37,
-	/* (2^ 49)P */ 0xe9, 0xb4, 0x3b, 0x51, 0x5a, 0x03, 0x46, 0x1a, 0xda, 0x5a, 0x57, 0xac, 0x79, 0xf3, 0x1e, 0x3e, 0x50, 0x4b, 0xa2, 0x5f, 0x1c, 0x5f, 0x8c, 0xc7, 0x22, 0x9f, 0xfd, 0x34, 0x76, 0x96, 0x1a, 0x32,
-	/* (2^ 50)P */ 0xfa, 0x27, 0x6e, 0x82, 0xb8, 0x07, 0x67, 0x94, 0xd0, 0x6f, 0x50, 0x4c, 0xd6, 0x84, 0xca, 0x3d, 0x36, 0x14, 0xe9, 0x75, 0x80, 0x21, 0x89, 0xc1, 0x84, 0x84, 0x3b, 0x9b, 0x16, 0x84, 0x92, 0x6d,
-	/* (2^ 51)P */ 0xdf, 0x2d, 0x3f, 0x38, 0x40, 0xe8, 0x67, 0x3a, 0x75, 0x9b, 0x4f, 0x0c, 0xa3, 0xc9, 0xee, 0x33, 0x47, 0xef, 0x83, 0xa7, 0x6f, 0xc8, 0xc7, 0x3e, 0xc4, 0xfb, 0xc9, 0xba, 0x9f, 0x44, 0xec, 0x26,
-	/* (2^ 52)P */ 0x7d, 0x9e, 0x9b, 0xa0, 0xcb, 0x38, 0x0f, 0x5c, 0x8c, 0x47, 0xa3, 0x62, 0xc7, 0x8c, 0x16, 0x81, 0x1c, 0x12, 0xfc, 0x06, 0xd3, 0xb0, 0x23, 0x3e, 0xdd, 0xdc, 0xef, 0xa5, 0xa0, 0x8a, 0x23, 0x5a,
-	/* (2^ 53)P */ 0xff, 0x43, 0xea, 0xc4, 0x21, 0x61, 0xa2, 0x1b, 0xb5, 0x32, 0x88, 0x7c, 0x7f, 0xc7, 0xf8, 0x36, 0x9a, 0xf9, 0xdc, 0x0a, 0x0b, 0xea, 0xfb, 0x88, 0xf9, 0xeb, 0x5b, 0xc2, 0x8e, 0x93, 0xa9, 0x5c,
-	/* (2^ 54)P */ 0xa0, 0xcd, 0xfc, 0x51, 0x5e, 0x6a, 0x43, 0xd5, 0x3b, 0x89, 0xcd, 0xc2, 0x97, 0x47, 0xbc, 0x1d, 0x08, 0x4a, 0x22, 0xd3, 0x65, 0x6a, 0x34, 0x19, 0x66, 0xf4, 0x9a, 0x9b, 0xe4, 0x34, 0x50, 0x0f,
-	/* (2^ 55)P */ 0x6e, 0xb9, 0xe0, 0xa1, 0x67, 0x39, 0x3c, 0xf2, 0x88, 0x4d, 0x7a, 0x86, 0xfa, 0x08, 0x8b, 0xe5, 0x79, 0x16, 0x34, 0xa7, 0xc6, 0xab, 0x2f, 0xfb, 0x46, 0x69, 0x02, 0xb6, 0x1e, 0x38, 0x75, 0x2a,
-	/* (2^ 56)P */ 0xac, 0x20, 0x94, 0xc1, 0xe4, 0x3b, 0x0a, 0xc8, 0xdc, 0xb6, 0xf2, 0x81, 0xc6, 0xf6, 0xb1, 0x66, 0x88, 0x33, 0xe9, 0x61, 0x67, 0x03, 0xf7, 0x7c, 0xc4, 0xa4, 0x60, 0xa6, 0xd8, 0xbb, 0xab, 0x25,
-	/* (2^ 57)P */ 0x98, 0x51, 0xfd, 0x14, 0xba, 0x12, 0xea, 0x91, 0xa9, 0xff, 0x3c, 0x4a, 0xfc, 0x50, 0x49, 0x68, 0x28, 0xad, 0xf5, 0x30, 0x21, 0x84, 0x26, 0xf8, 0x41, 0xa4, 0x01, 0x53, 0xf7, 0x88, 0xa9, 0x3e,
-	/* (2^ 58)P */ 0x6f, 0x8c, 0x5f, 0x69, 0x9a, 0x10, 0x78, 0xc9, 0xf3, 0xc3, 0x30, 0x05, 0x4a, 0xeb, 0x46, 0x17, 0x95, 0x99, 0x45, 0xb4, 0x77, 0x6d, 0x4d, 0x44, 0xc7, 0x5c, 0x4e, 0x05, 0x8c, 0x2b, 0x95, 0x75,
-	/* (2^ 59)P */ 0xaa, 0xd6, 0xf4, 0x15, 0x79, 0x3f, 0x70, 0xa3, 0xd8, 0x47, 0x26, 0x2f, 0x20, 0x46, 0xc3, 0x66, 0x4b, 0x64, 0x1d, 0x81, 0xdf, 0x69, 0x14, 0xd0, 0x1f, 0xd7, 0xa5, 0x81, 0x7d, 0xa4, 0xfe, 0x77,
-	/* (2^ 60)P */ 0x81, 0xa3, 0x7c, 0xf5, 0x9e, 0x52, 0xe9, 0xc5, 0x1a, 0x88, 0x2f, 0xce, 0xb9, 0xb4, 0xee, 0x6e, 0xd6, 0x9b, 0x00, 0xe8, 0x28, 0x1a, 0xe9, 0xb6, 0xec, 0x3f, 0xfc, 0x9a, 0x3e, 0xbe, 0x80, 0x4b,
-	/* (2^ 61)P */ 0xc5, 0xd2, 0xae, 0x26, 0xc5, 0x73, 0x37, 0x7e, 0x9d, 0xa4, 0xc9, 0x53, 0xb4, 0xfc, 0x4a, 0x1b, 0x4d, 0xb2, 0xff, 0xba, 0xd7, 0xbd, 0x20, 0xa9, 0x0e, 0x40, 0x2d, 0x12, 0x9f, 0x69, 0x54, 0x7c,
-	/* (2^ 62)P */ 0xc8, 0x4b, 0xa9, 0x4f, 0xe1, 0xc8, 0x46, 0xef, 0x5e, 0xed, 0x52, 0x29, 0xce, 0x74, 0xb0, 0xe0, 0xd5, 0x85, 0xd8, 0xdb, 0xe1, 0x50, 0xa4, 0xbe, 0x2c, 0x71, 0x0f, 0x32, 0x49, 0x86, 0xb6, 0x61,
-	/* (2^ 63)P */ 0xd1, 0xbd, 0xcc, 0x09, 0x73, 0x5f, 0x48, 0x8a, 0x2d, 0x1a, 0x4d, 0x7d, 0x0d, 0x32, 0x06, 0xbd, 0xf4, 0xbe, 0x2d, 0x32, 0x73, 0x29, 0x23, 0x25, 0x70, 0xf7, 0x17, 0x8c, 0x75, 0xc4, 0x5d, 0x44,
-	/* (2^ 64)P */ 0x3c, 0x93, 0xc8, 0x7c, 0x17, 0x34, 0x04, 0xdb, 0x9f, 0x05, 0xea, 0x75, 0x21, 0xe8, 0x6f, 0xed, 0x34, 0xdb, 0x53, 0xc0, 0xfd, 0xbe, 0xfe, 0x1e, 0x99, 0xaf, 0x5d, 0xc6, 0x67, 0xe8, 0xdb, 0x4a,
-	/* (2^ 65)P */ 0xdf, 0x09, 0x06, 0xa9, 0xa2, 0x71, 0xcd, 0x3a, 0x50, 0x40, 0xd0, 0x6d, 0x85, 0x91, 0xe9, 0xe5, 0x3c, 0xc2, 0x57, 0x81, 0x68, 0x9b, 0xc6, 0x1e, 0x4d, 0xfe, 0x5c, 0x88, 0xf6, 0x27, 0x74, 0x69,
-	/* (2^ 66)P */ 0x51, 0xa8, 0xe1, 0x65, 0x9b, 0x7b, 0xbe, 0xd7, 0xdd, 0x36, 0xc5, 0x22, 0xd5, 0x28, 0x3d, 0xa0, 0x45, 0xb6, 0xd2, 0x8f, 0x65, 0x9d, 0x39, 0x28, 0xe1, 0x41, 0x26, 0x7c, 0xe1, 0xb7, 0xe5, 0x49,
-	/* (2^ 67)P */ 0xa4, 0x57, 0x04, 0x70, 0x98, 0x3a, 0x8c, 0x6f, 0x78, 0x67, 0xbb, 0x5e, 0xa2, 0xf0, 0x78, 0x50, 0x0f, 0x96, 0x82, 0xc3, 0xcb, 0x3c, 0x3c, 0xd1, 0xb1, 0x84, 0xdf, 0xa7, 0x58, 0x32, 0x00, 0x2e,
-	/* (2^ 68)P */ 0x1c, 0x6a, 0x29, 0xe6, 0x9b, 0xf3, 0xd1, 0x8a, 0xb2, 0xbf, 0x5f, 0x2a, 0x65, 0xaa, 0xee, 0xc1, 0xcb, 0xf3, 0x26, 0xfd, 0x73, 0x06, 0xee, 0x33, 0xcc, 0x2c, 0x9d, 0xa6, 0x73, 0x61, 0x25, 0x59,
-	/* (2^ 69)P */ 0x41, 0xfc, 0x18, 0x4e, 0xaa, 0x07, 0xea, 0x41, 0x1e, 0xa5, 0x87, 0x7c, 0x52, 0x19, 0xfc, 0xd9, 0x6f, 0xca, 0x31, 0x58, 0x80, 0xcb, 0xaa, 0xbd, 0x4f, 0x69, 0x16, 0xc9, 0x2d, 0x65, 0x5b, 0x44,
-	/* (2^ 70)P */ 0x15, 0x23, 0x17, 0xf2, 0xa7, 0xa3, 0x92, 0xce, 0x64, 0x99, 0x1b, 0xe1, 0x2d, 0x28, 0xdc, 0x1e, 0x4a, 0x31, 0x4c, 0xe0, 0xaf, 0x3a, 0x82, 0xa1, 0x86, 0xf5, 0x7c, 0x43, 0x94, 0x2d, 0x0a, 0x79,
-	/* (2^ 71)P */ 0x09, 0xe0, 0xf6, 0x93, 0xfb, 0x47, 0xc4, 0x71, 0x76, 0x52, 0x84, 0x22, 0x67, 0xa5, 0x22, 0x89, 0x69, 0x51, 0x4f, 0x20, 0x3b, 0x90, 0x70, 0xbf, 0xfe, 0x19, 0xa3, 0x1b, 0x89, 0x89, 0x7a, 0x2f,
-	/* (2^ 72)P */ 0x0c, 0x14, 0xe2, 0x77, 0xb5, 0x8e, 0xa0, 0x02, 0xf4, 0xdc, 0x7b, 0x42, 0xd4, 0x4e, 0x9a, 0xed, 0xd1, 0x3c, 0x32, 0xe4, 0x44, 0xec, 0x53, 0x52, 0x5b, 0x35, 0xe9, 0x14, 0x3c, 0x36, 0x88, 0x3e,
-	/* (2^ 73)P */ 0x8c, 0x0b, 0x11, 0x77, 0x42, 0xc1, 0x66, 0xaa, 0x90, 0x33, 0xa2, 0x10, 0x16, 0x39, 0xe0, 0x1a, 0xa2, 0xc2, 0x3f, 0xc9, 0x12, 0xbd, 0x30, 0x20, 0xab, 0xc7, 0x55, 0x95, 0x57, 0x41, 0xe1, 0x3e,
-	/* (2^ 74)P */ 0x41, 0x7d, 0x6e, 0x6d, 0x3a, 0xde, 0x14, 0x92, 0xfe, 0x7e, 0xf1, 0x07, 0x86, 0xd8, 0xcd, 0x3c, 0x17, 0x12, 0xe1, 0xf8, 0x88, 0x12, 0x4f, 0x67, 0xd0, 0x93, 0x9f, 0x32, 0x0f, 0x25, 0x82, 0x56,
-	/* (2^ 75)P */ 0x6e, 0x39, 0x2e, 0x6d, 0x13, 0x0b, 0xf0, 0x6c, 0xbf, 0xde, 0x14, 0x10, 0x6f, 0xf8, 0x4c, 0x6e, 0x83, 0x4e, 0xcc, 0xbf, 0xb5, 0xb1, 0x30, 0x59, 0xb6, 0x16, 0xba, 0x8a, 0xb4, 0x69, 0x70, 0x04,
-	/* (2^ 76)P */ 0x93, 0x07, 0xb2, 0x69, 0xab, 0xe4, 0x4c, 0x0d, 0x9e, 0xfb, 0xd0, 0x97, 0x1a, 0xb9, 0x4d, 0xb2, 0x1d, 0xd0, 0x00, 0x4e, 0xf5, 0x50, 0xfa, 0xcd, 0xb5, 0xdd, 0x8b, 0x36, 0x85, 0x10, 0x1b, 0x22,
-	/* (2^ 77)P */ 0xd2, 0xd8, 0xe3, 0xb1, 0x68, 0x94, 0xe5, 0xe7, 0x93, 0x2f, 0x12, 0xbd, 0x63, 0x65, 0xc5, 0x53, 0x09, 0x3f, 0x66, 0xe0, 0x03, 0xa9, 0xe8, 0xee, 0x42, 0x3d, 0xbe, 0xcb, 0x62, 0xa6, 0xef, 0x61,
-	/* (2^ 78)P */ 0x2a, 0xab, 0x6e, 0xde, 0xdd, 0xdd, 0xf8, 0x2c, 0x31, 0xf2, 0x35, 0x14, 0xd5, 0x0a, 0xf8, 0x9b, 0x73, 0x49, 0xf0, 0xc9, 0xce, 0xda, 0xea, 0x5d, 0x27, 0x9b, 0xd2, 0x41, 0x5d, 0x5b, 0x27, 0x29,
-	/* (2^ 79)P */ 0x4f, 0xf1, 0xeb, 0x95, 0x08, 0x0f, 0xde, 0xcf, 0xa7, 0x05, 0x49, 0x05, 0x6b, 0xb9, 0xaa, 0xb9, 0xfd, 0x20, 0xc4, 0xa1, 0xd9, 0x0d, 0xe8, 0xca, 0xc7, 0xbb, 0x73, 0x16, 0x2f, 0xbf, 0x63, 0x0a,
-	/* (2^ 80)P */ 0x8c, 0xbc, 0x8f, 0x95, 0x11, 0x6e, 0x2f, 0x09, 0xad, 0x2f, 0x82, 0x04, 0xe8, 0x81, 0x2a, 0x67, 0x17, 0x25, 0xd5, 0x60, 0x15, 0x35, 0xc8, 0xca, 0xf8, 0x92, 0xf1, 0xc8, 0x22, 0x77, 0x3f, 0x6f,
-	/* (2^ 81)P */ 0xb7, 0x94, 0xe8, 0xc2, 0xcc, 0x90, 0xba, 0xf8, 0x0d, 0x9f, 0xff, 0x38, 0xa4, 0x57, 0x75, 0x2c, 0x59, 0x23, 0xe5, 0x5a, 0x85, 0x1d, 0x4d, 0x89, 0x69, 0x3d, 0x74, 0x7b, 0x15, 0x22, 0xe1, 0x68,
-	/* (2^ 82)P */ 0xf3, 0x19, 0xb9, 0xcf, 0x70, 0x55, 0x7e, 0xd8, 0xb9, 0x8d, 0x79, 0x95, 0xcd, 0xde, 0x2c, 0x3f, 0xce, 0xa2, 0xc0, 0x10, 0x47, 0x15, 0x21, 0x21, 0xb2, 0xc5, 0x6d, 0x24, 0x15, 0xa1, 0x66, 0x3c,
-	/* (2^ 83)P */ 0x72, 0xcb, 0x4e, 0x29, 0x62, 0xc5, 0xed, 0xcb, 0x16, 0x0b, 0x28, 0x6a, 0xc3, 0x43, 0x71, 0xba, 0x67, 0x8b, 0x07, 0xd4, 0xef, 0xc2, 0x10, 0x96, 0x1e, 0x4b, 0x6a, 0x94, 0x5d, 0x73, 0x44, 0x61,
-	/* (2^ 84)P */ 0x50, 0x33, 0x5b, 0xd7, 0x1e, 0x11, 0x6f, 0x53, 0x1b, 0xd8, 0x41, 0x20, 0x8c, 0xdb, 0x11, 0x02, 0x3c, 0x41, 0x10, 0x0e, 0x00, 0xb1, 0x3c, 0xf9, 0x76, 0x88, 0x9e, 0x03, 0x3c, 0xfd, 0x9d, 0x14,
-	/* (2^ 85)P */ 0x5b, 0x15, 0x63, 0x6b, 0xe4, 0xdd, 0x79, 0xd4, 0x76, 0x79, 0x83, 0x3c, 0xe9, 0x15, 0x6e, 0xb6, 0x38, 0xe0, 0x13, 0x1f, 0x3b, 0xe4, 0xfd, 0xda, 0x35, 0x0b, 0x4b, 0x2e, 0x1a, 0xda, 0xaf, 0x5f,
-	/* (2^ 86)P */ 0x81, 0x75, 0x19, 0x17, 0xdf, 0xbb, 0x00, 0x36, 0xc2, 0xd2, 0x3c, 0xbe, 0x0b, 0x05, 0x72, 0x39, 0x86, 0xbe, 0xd5, 0xbd, 0x6d, 0x90, 0x38, 0x59, 0x0f, 0x86, 0x9b, 0x3f, 0xe4, 0xe5, 0xfc, 0x34,
-	/* (2^ 87)P */ 0x02, 0x4d, 0xd1, 0x42, 0xcd, 0xa4, 0xa8, 0x75, 0x65, 0xdf, 0x41, 0x34, 0xc5, 0xab, 0x8d, 0x82, 0xd3, 0x31, 0xe1, 0xd2, 0xed, 0xab, 0xdc, 0x33, 0x5f, 0xd2, 0x14, 0xb8, 0x6f, 0xd7, 0xba, 0x3e,
-	/* (2^ 88)P */ 0x0f, 0xe1, 0x70, 0x6f, 0x56, 0x6f, 0x90, 0xd4, 0x5a, 0x0f, 0x69, 0x51, 0xaa, 0xf7, 0x12, 0x5d, 0xf2, 0xfc, 0xce, 0x76, 0x6e, 0xb1, 0xad, 0x45, 0x99, 0x29, 0x23, 0xad, 0xae, 0x68, 0xf7, 0x01,
-	/* (2^ 89)P */ 0xbd, 0xfe, 0x48, 0x62, 0x7b, 0xc7, 0x6c, 0x2b, 0xfd, 0xaf, 0x3a, 0xec, 0x28, 0x06, 0xd3, 0x3c, 0x6a, 0x48, 0xef, 0xd4, 0x80, 0x0b, 0x1c, 0xce, 0x23, 0x6c, 0xf6, 0xa6, 0x2e, 0xff, 0x3b, 0x4c,
-	/* (2^ 90)P */ 0x5f, 0xeb, 0xea, 0x4a, 0x09, 0xc4, 0x2e, 0x3f, 0xa7, 0x2c, 0x37, 0x6e, 0x28, 0x9b, 0xb1, 0x61, 0x1d, 0x70, 0x2a, 0xde, 0x66, 0xa9, 0xef, 0x5e, 0xef, 0xe3, 0x55, 0xde, 0x65, 0x05, 0xb2, 0x23,
-	/* (2^ 91)P */ 0x57, 0x85, 0xd5, 0x79, 0x52, 0xca, 0x01, 0xe3, 0x4f, 0x87, 0xc2, 0x27, 0xce, 0xd4, 0xb2, 0x07, 0x67, 0x1d, 0xcf, 0x9d, 0x8a, 0xcd, 0x32, 0xa5, 0x56, 0xff, 0x2b, 0x3f, 0xe2, 0xfe, 0x52, 0x2a,
-	/* (2^ 92)P */ 0x3d, 0x66, 0xd8, 0x7c, 0xb3, 0xef, 0x24, 0x86, 0x94, 0x75, 0xbd, 0xff, 0x20, 0xac, 0xc7, 0xbb, 0x45, 0x74, 0xd3, 0x82, 0x9c, 0x5e, 0xb8, 0x57, 0x66, 0xec, 0xa6, 0x86, 0xcb, 0x52, 0x30, 0x7b,
-	/* (2^ 93)P */ 0x1e, 0xe9, 0x25, 0x25, 0xad, 0xf0, 0x82, 0x34, 0xa0, 0xdc, 0x8e, 0xd2, 0x43, 0x80, 0xb6, 0x2c, 0x3a, 0x00, 0x1b, 0x2e, 0x05, 0x6d, 0x4f, 0xaf, 0x0a, 0x1b, 0x78, 0x29, 0x25, 0x8c, 0x5f, 0x18,
-	/* (2^ 94)P */ 0xd6, 0xe0, 0x0c, 0xd8, 0x5b, 0xde, 0x41, 0xaa, 0xd6, 0xe9, 0x53, 0x68, 0x41, 0xb2, 0x07, 0x94, 0x3a, 0x4c, 0x7f, 0x35, 0x6e, 0xc3, 0x3e, 0x56, 0xce, 0x7b, 0x29, 0x0e, 0xdd, 0xb8, 0xc4, 0x4c,
-	/* (2^ 95)P */ 0x0e, 0x73, 0xb8, 0xff, 0x52, 0x1a, 0xfc, 0xa2, 0x37, 0x8e, 0x05, 0x67, 0x6e, 0xf1, 0x11, 0x18, 0xe1, 0x4e, 0xdf, 0xcd, 0x66, 0xa3, 0xf9, 0x10, 0x99, 0xf0, 0xb9, 0xa0, 0xc4, 0xa0, 0xf4, 0x72,
-	/* (2^ 96)P */ 0xa7, 0x4e, 0x3f, 0x66, 0x6f, 0xc0, 0x16, 0x8c, 0xba, 0x0f, 0x97, 0x4e, 0xf7, 0x3a, 0x3b, 0x69, 0x45, 0xc3, 0x9e, 0xd6, 0xf1, 0xe7, 0x02, 0x21, 0x89, 0x80, 0x8a, 0x96, 0xbc, 0x3c, 0xa5, 0x0b,
-	/* (2^ 97)P */ 0x37, 0x55, 0xa1, 0xfe, 0xc7, 0x9d, 0x3d, 0xca, 0x93, 0x64, 0x53, 0x51, 0xbb, 0x24, 0x68, 0x4c, 0xb1, 0x06, 0x40, 0x84, 0x14, 0x63, 0x88, 0xb9, 0x60, 0xcc, 0x54, 0xb4, 0x2a, 0xa7, 0xd2, 0x40,
-	/* (2^ 98)P */ 0x75, 0x09, 0x57, 0x12, 0xb7, 0xa1, 0x36, 0x59, 0x57, 0xa6, 0xbd, 0xde, 0x48, 0xd6, 0xb9, 0x91, 0xea, 0x30, 0x43, 0xb6, 0x4b, 0x09, 0x44, 0x33, 0xd0, 0x51, 0xee, 0x12, 0x0d, 0xa1, 0x6b, 0x00,
-	/* (2^ 99)P */ 0x58, 0x5d, 0xde, 0xf5, 0x68, 0x84, 0x22, 0x19, 0xb0, 0x05, 0xcc, 0x38, 0x4c, 0x2f, 0xb1, 0x0e, 0x90, 0x19, 0x60, 0xd5, 0x9d, 0x9f, 0x03, 0xa1, 0x0b, 0x0e, 0xff, 0x4f, 0xce, 0xd4, 0x02, 0x45,
-	/* (2^100)P */ 0x89, 0xc1, 0x37, 0x68, 0x10, 0x54, 0x20, 0xeb, 0x3c, 0xb9, 0xd3, 0x6d, 0x4c, 0x54, 0xf6, 0xd0, 0x4f, 0xd7, 0x16, 0xc4, 0x64, 0x70, 0x72, 0x40, 0xf0, 0x2e, 0x50, 0x4b, 0x11, 0xc6, 0x15, 0x6e,
-	/* (2^101)P */ 0x6b, 0xa7, 0xb1, 0xcf, 0x98, 0xa3, 0xf2, 0x4d, 0xb1, 0xf6, 0xf2, 0x19, 0x74, 0x6c, 0x25, 0x11, 0x43, 0x60, 0x6e, 0x06, 0x62, 0x79, 0x49, 0x4a, 0x44, 0x5b, 0x35, 0x41, 0xab, 0x3a, 0x5b, 0x70,
-	/* (2^102)P */ 0xd8, 0xb1, 0x97, 0xd7, 0x36, 0xf5, 0x5e, 0x36, 0xdb, 0xf0, 0xdd, 0x22, 0xd6, 0x6b, 0x07, 0x00, 0x88, 0x5a, 0x57, 0xe0, 0xb0, 0x33, 0xbf, 0x3b, 0x4d, 0xca, 0xe4, 0xc8, 0x05, 0xaa, 0x77, 0x37,
-	/* (2^103)P */ 0x5f, 0xdb, 0x78, 0x55, 0xc8, 0x45, 0x27, 0x39, 0xe2, 0x5a, 0xae, 0xdb, 0x49, 0x41, 0xda, 0x6f, 0x67, 0x98, 0xdc, 0x8a, 0x0b, 0xb0, 0xf0, 0xb1, 0xa3, 0x1d, 0x6f, 0xd3, 0x37, 0x34, 0x96, 0x09,
-	/* (2^104)P */ 0x53, 0x38, 0xdc, 0xa5, 0x90, 0x4e, 0x82, 0x7e, 0xbd, 0x5c, 0x13, 0x1f, 0x64, 0xf6, 0xb5, 0xcc, 0xcc, 0x8f, 0xce, 0x87, 0x6c, 0xd8, 0x36, 0x67, 0x9f, 0x24, 0x04, 0x66, 0xe2, 0x3c, 0x5f, 0x62,
-	/* (2^105)P */ 0x3f, 0xf6, 0x02, 0x95, 0x05, 0xc8, 0x8a, 0xaf, 0x69, 0x14, 0x35, 0x2e, 0x0a, 0xe7, 0x05, 0x0c, 0x05, 0x63, 0x4b, 0x76, 0x9c, 0x2e, 0x29, 0x35, 0xc3, 0x3a, 0xe2, 0xc7, 0x60, 0x43, 0x39, 0x1a,
-	/* (2^106)P */ 0x64, 0x32, 0x18, 0x51, 0x32, 0xd5, 0xc6, 0xd5, 0x4f, 0xb7, 0xc2, 0x43, 0xbd, 0x5a, 0x06, 0x62, 0x9b, 0x3f, 0x97, 0x3b, 0xd0, 0xf5, 0xfb, 0xb5, 0x5e, 0x6e, 0x20, 0x61, 0x36, 0xda, 0xa3, 0x13,
-	/* (2^107)P */ 0xe5, 0x94, 0x5d, 0x72, 0x37, 0x58, 0xbd, 0xc6, 0xc5, 0x16, 0x50, 0x20, 0x12, 0x09, 0xe3, 0x18, 0x68, 0x3c, 0x03, 0x70, 0x15, 0xce, 0x88, 0x20, 0x87, 0x79, 0x83, 0x5c, 0x49, 0x1f, 0xba, 0x7f,
-	/* (2^108)P */ 0x9d, 0x07, 0xf9, 0xf2, 0x23, 0x74, 0x8c, 0x5a, 0xc5, 0x3f, 0x02, 0x34, 0x7b, 0x15, 0x35, 0x17, 0x51, 0xb3, 0xfa, 0xd2, 0x9a, 0xb4, 0xf9, 0xe4, 0x3c, 0xe3, 0x78, 0xc8, 0x72, 0xff, 0x91, 0x66,
-	/* (2^109)P */ 0x3e, 0xff, 0x5e, 0xdc, 0xde, 0x2a, 0x2c, 0x12, 0xf4, 0x6c, 0x95, 0xd8, 0xf1, 0x4b, 0xdd, 0xf8, 0xda, 0x5b, 0x9e, 0x9e, 0x5d, 0x20, 0x86, 0xeb, 0x43, 0xc7, 0x75, 0xd9, 0xb9, 0x92, 0x9b, 0x04,
-	/* (2^110)P */ 0x5a, 0xc0, 0xf6, 0xb0, 0x30, 0x97, 0x37, 0xa5, 0x53, 0xa5, 0xf3, 0xc6, 0xac, 0xff, 0xa0, 0x72, 0x6d, 0xcd, 0x0d, 0xb2, 0x34, 0x2c, 0x03, 0xb0, 0x4a, 0x16, 0xd5, 0x88, 0xbc, 0x9d, 0x0e, 0x47,
-	/* (2^111)P */ 0x47, 0xc0, 0x37, 0xa2, 0x0c, 0xf1, 0x9c, 0xb1, 0xa2, 0x81, 0x6c, 0x1f, 0x71, 0x66, 0x54, 0xb6, 0x43, 0x0b, 0xd8, 0x6d, 0xd1, 0x1b, 0x32, 0xb3, 0x8e, 0xbe, 0x5f, 0x0c, 0x60, 0x4f, 0xc1, 0x48,
-	/* (2^112)P */ 0x03, 0xc8, 0xa6, 0x4a, 0x26, 0x1c, 0x45, 0x66, 0xa6, 0x7d, 0xfa, 0xa4, 0x04, 0x39, 0x6e, 0xb6, 0x95, 0x83, 0x12, 0xb3, 0xb0, 0x19, 0x5f, 0xd4, 0x10, 0xbc, 0xc9, 0xc3, 0x27, 0x26, 0x60, 0x31,
-	/* (2^113)P */ 0x0d, 0xe1, 0xe4, 0x32, 0x48, 0xdc, 0x20, 0x31, 0xf7, 0x17, 0xc7, 0x56, 0x67, 0xc4, 0x20, 0xeb, 0x94, 0x02, 0x28, 0x67, 0x3f, 0x2e, 0xf5, 0x00, 0x09, 0xc5, 0x30, 0x47, 0xc1, 0x4f, 0x6d, 0x56,
-	/* (2^114)P */ 0x06, 0x72, 0x83, 0xfd, 0x40, 0x5d, 0x3a, 0x7e, 0x7a, 0x54, 0x59, 0x71, 0xdc, 0x26, 0xe9, 0xc1, 0x95, 0x60, 0x8d, 0xa6, 0xfb, 0x30, 0x67, 0x21, 0xa7, 0xce, 0x69, 0x3f, 0x84, 0xc3, 0xe8, 0x22,
-	/* (2^115)P */ 0x2b, 0x4b, 0x0e, 0x93, 0xe8, 0x74, 0xd0, 0x33, 0x16, 0x58, 0xd1, 0x84, 0x0e, 0x35, 0xe4, 0xb6, 0x65, 0x23, 0xba, 0xd6, 0x6a, 0xc2, 0x34, 0x55, 0xf3, 0xf3, 0xf1, 0x89, 0x2f, 0xc1, 0x73, 0x77,
-	/* (2^116)P */ 0xaa, 0x62, 0x79, 0xa5, 0x4d, 0x40, 0xba, 0x8c, 0x56, 0xce, 0x99, 0x19, 0xa8, 0x97, 0x98, 0x5b, 0xfc, 0x92, 0x16, 0x12, 0x2f, 0x86, 0x8e, 0x50, 0x91, 0xc2, 0x93, 0xa0, 0x7f, 0x90, 0x81, 0x3a,
-	/* (2^117)P */ 0x10, 0xa5, 0x25, 0x47, 0xff, 0xd0, 0xde, 0x0d, 0x03, 0xc5, 0x3f, 0x67, 0x10, 0xcc, 0xd8, 0x10, 0x89, 0x4e, 0x1f, 0x9f, 0x1c, 0x15, 0x9d, 0x5b, 0x4c, 0xa4, 0x09, 0xcb, 0xd5, 0xc1, 0xa5, 0x32,
-	/* (2^118)P */ 0xfb, 0x41, 0x05, 0xb9, 0x42, 0xa4, 0x0a, 0x1e, 0xdb, 0x85, 0xb4, 0xc1, 0x7c, 0xeb, 0x85, 0x5f, 0xe5, 0xf2, 0x9d, 0x8a, 0xce, 0x95, 0xe5, 0xbe, 0x36, 0x22, 0x42, 0x22, 0xc7, 0x96, 0xe4, 0x25,
-	/* (2^119)P */ 0xb9, 0xe5, 0x0f, 0xcd, 0x46, 0x3c, 0xdf, 0x5e, 0x88, 0x33, 0xa4, 0xd2, 0x7e, 0x5a, 0xe7, 0x34, 0x52, 0xe3, 0x61, 0xd7, 0x11, 0xde, 0x88, 0xe4, 0x5c, 0x54, 0x85, 0xa0, 0x01, 0x8a, 0x87, 0x0e,
-	/* (2^120)P */ 0x04, 0xbb, 0x21, 0xe0, 0x77, 0x3c, 0x49, 0xba, 0x9a, 0x89, 0xdf, 0xc7, 0x43, 0x18, 0x4d, 0x2b, 0x67, 0x0d, 0xe8, 0x7a, 0x48, 0x7a, 0xa3, 0x9e, 0x94, 0x17, 0xe4, 0x11, 0x80, 0x95, 0xa9, 0x67,
-	/* (2^121)P */ 0x65, 0xb0, 0x97, 0x66, 0x1a, 0x05, 0x58, 0x4b, 0xd4, 0xa6, 0x6b, 0x8d, 0x7d, 0x3f, 0xe3, 0x47, 0xc1, 0x46, 0xca, 0x83, 0xd4, 0xa8, 0x4d, 0xbb, 0x0d, 0xdb, 0xc2, 0x81, 0xa1, 0xca, 0xbe, 0x68,
-	/* (2^122)P */ 0xa5, 0x9a, 0x98, 0x0b, 0xe9, 0x80, 0x89, 0x8d, 0x9b, 0xc9, 0x93, 0x2c, 0x4a, 0xb1, 0x5e, 0xf9, 0xa2, 0x73, 0x6e, 0x79, 0xc4, 0xc7, 0xc6, 0x51, 0x69, 0xb5, 0xef, 0xb5, 0x63, 0x83, 0x22, 0x6e,
-	/* (2^123)P */ 0xc8, 0x24, 0xd6, 0x2d, 0xb0, 0xc0, 0xbb, 0xc6, 0xee, 0x70, 0x81, 0xec, 0x7d, 0xb4, 0x7e, 0x77, 0xa9, 0xaf, 0xcf, 0x04, 0xa0, 0x15, 0xde, 0x3c, 0x9b, 0xbf, 0x60, 0x71, 0x08, 0xbc, 0xc6, 0x1d,
-	/* (2^124)P */ 0x02, 0x40, 0xc3, 0xee, 0x43, 0xe0, 0x07, 0x2e, 0x7f, 0xdc, 0x68, 0x7a, 0x67, 0xfc, 0xe9, 0x18, 0x9a, 0x5b, 0xd1, 0x8b, 0x18, 0x03, 0xda, 0xd8, 0x53, 0x82, 0x56, 0x00, 0xbb, 0xc3, 0xfb, 0x48,
-	/* (2^125)P */ 0xe1, 0x4c, 0x65, 0xfb, 0x4c, 0x7d, 0x54, 0x57, 0xad, 0xe2, 0x58, 0xa0, 0x82, 0x5b, 0x56, 0xd3, 0x78, 0x44, 0x15, 0xbf, 0x0b, 0xaf, 0x3e, 0xf6, 0x18, 0xbb, 0xdf, 0x14, 0xf1, 0x1e, 0x53, 0x47,
-	/* (2^126)P */ 0x87, 0xc5, 0x78, 0x42, 0x0a, 0x63, 0xec, 0xe1, 0xf3, 0x83, 0x8e, 0xca, 0x46, 0xd5, 0x07, 0x55, 0x2b, 0x0c, 0xdc, 0x3a, 0xc6, 0x35, 0xe1, 0x85, 0x4e, 0x84, 0x82, 0x56, 0xa8, 0xef, 0xa7, 0x0a,
-	/* (2^127)P */ 0x15, 0xf6, 0xe1, 0xb3, 0xa8, 0x1b, 0x69, 0x72, 0xfa, 0x3f, 0xbe, 0x1f, 0x70, 0xe9, 0xb4, 0x32, 0x68, 0x78, 0xbb, 0x39, 0x2e, 0xd9, 0xb6, 0x97, 0xe8, 0x39, 0x2e, 0xa0, 0xde, 0x53, 0xfe, 0x2c,
-	/* (2^128)P */ 0xb0, 0x52, 0xcd, 0x85, 0xcd, 0x92, 0x73, 0x68, 0x31, 0x98, 0xe2, 0x10, 0xc9, 0x66, 0xff, 0x27, 0x06, 0x2d, 0x83, 0xa9, 0x56, 0x45, 0x13, 0x97, 0xa0, 0xf8, 0x84, 0x0a, 0x36, 0xb0, 0x9b, 0x26,
-	/* (2^129)P */ 0x5c, 0xf8, 0x43, 0x76, 0x45, 0x55, 0x6e, 0x70, 0x1b, 0x7d, 0x59, 0x9b, 0x8c, 0xa4, 0x34, 0x37, 0x72, 0xa4, 0xef, 0xc6, 0xe8, 0x91, 0xee, 0x7a, 0xe0, 0xd9, 0xa9, 0x98, 0xc1, 0xab, 0xd6, 0x5c,
-	/* (2^130)P */ 0x1a, 0xe4, 0x3c, 0xcb, 0x06, 0xde, 0x04, 0x0e, 0x38, 0xe1, 0x02, 0x34, 0x89, 0xeb, 0xc6, 0xd8, 0x72, 0x37, 0x6e, 0x68, 0xbb, 0x59, 0x46, 0x90, 0xc8, 0xa8, 0x6b, 0x74, 0x71, 0xc3, 0x15, 0x72,
-	/* (2^131)P */ 0xd9, 0xa2, 0xe4, 0xea, 0x7e, 0xa9, 0x12, 0xfd, 0xc5, 0xf2, 0x94, 0x63, 0x51, 0xb7, 0x14, 0x95, 0x94, 0xf2, 0x08, 0x92, 0x80, 0xd5, 0x6f, 0x26, 0xb9, 0x26, 0x9a, 0x61, 0x85, 0x70, 0x84, 0x5c,
-	/* (2^132)P */ 0xea, 0x94, 0xd6, 0xfe, 0x10, 0x54, 0x98, 0x52, 0x54, 0xd2, 0x2e, 0x4a, 0x93, 0x5b, 0x90, 0x3c, 0x67, 0xe4, 0x3b, 0x2d, 0x69, 0x47, 0xbb, 0x10, 0xe1, 0xe9, 0xe5, 0x69, 0x2d, 0x3d, 0x3b, 0x06,
-	/* (2^133)P */ 0xeb, 0x7d, 0xa5, 0xdd, 0xee, 0x26, 0x27, 0x47, 0x91, 0x18, 0xf4, 0x10, 0xae, 0xc4, 0xb6, 0xef, 0x14, 0x76, 0x30, 0x7b, 0x91, 0x41, 0x16, 0x2b, 0x7c, 0x5b, 0xf4, 0xc4, 0x4f, 0x55, 0x7c, 0x11,
-	/* (2^134)P */ 0x12, 0x88, 0x9d, 0x8f, 0x11, 0xf3, 0x7c, 0xc0, 0x39, 0x79, 0x01, 0x50, 0x20, 0xd8, 0xdb, 0x01, 0x27, 0x28, 0x1b, 0x17, 0xf4, 0x03, 0xe8, 0xd7, 0xea, 0x25, 0xd2, 0x87, 0x74, 0xe8, 0x15, 0x10,
-	/* (2^135)P */ 0x4d, 0xcc, 0x3a, 0xd2, 0xfe, 0xe3, 0x8d, 0xc5, 0x2d, 0xbe, 0xa7, 0x94, 0xc2, 0x91, 0xdb, 0x50, 0x57, 0xf4, 0x9c, 0x1c, 0x3d, 0xd4, 0x94, 0x0b, 0x4a, 0x52, 0x37, 0x6e, 0xfa, 0x40, 0x16, 0x6b,
-	/* (2^136)P */ 0x09, 0x0d, 0xda, 0x5f, 0x6c, 0x34, 0x2f, 0x69, 0x51, 0x31, 0x4d, 0xfa, 0x59, 0x1c, 0x0b, 0x20, 0x96, 0xa2, 0x77, 0x07, 0x76, 0x6f, 0xc4, 0xb8, 0xcf, 0xfb, 0xfd, 0x3f, 0x5f, 0x39, 0x38, 0x4b,
-	/* (2^137)P */ 0x71, 0xd6, 0x54, 0xbe, 0x00, 0x5e, 0xd2, 0x18, 0xa6, 0xab, 0xc8, 0xbe, 0x82, 0x05, 0xd5, 0x60, 0x82, 0xb9, 0x78, 0x3b, 0x26, 0x8f, 0xad, 0x87, 0x32, 0x04, 0xda, 0x9c, 0x4e, 0xf6, 0xfd, 0x50,
-	/* (2^138)P */ 0xf0, 0xdc, 0x78, 0xc5, 0xaa, 0x67, 0xf5, 0x90, 0x3b, 0x13, 0xa3, 0xf2, 0x0e, 0x9b, 0x1e, 0xef, 0x71, 0xde, 0xd9, 0x42, 0x92, 0xba, 0xeb, 0x0e, 0xc7, 0x01, 0x31, 0xf0, 0x9b, 0x3c, 0x47, 0x15,
-	/* (2^139)P */ 0x95, 0x80, 0xb7, 0x56, 0xae, 0xe8, 0x77, 0x7c, 0x8e, 0x07, 0x6f, 0x6e, 0x66, 0xe7, 0x78, 0xb6, 0x1f, 0xba, 0x48, 0x53, 0x61, 0xb9, 0xa0, 0x2d, 0x0b, 0x3f, 0x73, 0xff, 0xc1, 0x31, 0xf9, 0x7c,
-	/* (2^140)P */ 0x6c, 0x36, 0x0a, 0x0a, 0xf5, 0x57, 0xb3, 0x26, 0x32, 0xd7, 0x87, 0x2b, 0xf4, 0x8c, 0x70, 0xe9, 0xc0, 0xb2, 0x1c, 0xf9, 0xa5, 0xee, 0x3a, 0xc1, 0x4c, 0xbb, 0x43, 0x11, 0x99, 0x0c, 0xd9, 0x35,
-	/* (2^141)P */ 0xdc, 0xd9, 0xa0, 0xa9, 0x04, 0xc4, 0xc1, 0x47, 0x51, 0xd2, 0x72, 0x19, 0x45, 0x58, 0x9e, 0x65, 0x31, 0x8c, 0xb3, 0x73, 0xc4, 0xa8, 0x75, 0x38, 0x24, 0x1f, 0x56, 0x79, 0xd3, 0x9e, 0xbd, 0x1f,
-	/* (2^142)P */ 0x8d, 0xc2, 0x1e, 0xd4, 0x6f, 0xbc, 0xfa, 0x11, 0xca, 0x2d, 0x2a, 0xcd, 0xe3, 0xdf, 0xf8, 0x7e, 0x95, 0x45, 0x40, 0x8c, 0x5d, 0x3b, 0xe7, 0x72, 0x27, 0x2f, 0xb7, 0x54, 0x49, 0xfa, 0x35, 0x61,
-	/* (2^143)P */ 0x9c, 0xb6, 0x24, 0xde, 0xa2, 0x32, 0xfc, 0xcc, 0x88, 0x5d, 0x09, 0x1f, 0x8c, 0x69, 0x55, 0x3f, 0x29, 0xf9, 0xc3, 0x5a, 0xed, 0x50, 0x33, 0xbe, 0xeb, 0x7e, 0x47, 0xca, 0x06, 0xf8, 0x9b, 0x5e,
-	/* (2^144)P */ 0x68, 0x9f, 0x30, 0x3c, 0xb6, 0x8f, 0xce, 0xe9, 0xf4, 0xf9, 0xe1, 0x65, 0x35, 0xf6, 0x76, 0x53, 0xf1, 0x93, 0x63, 0x5a, 0xb3, 0xcf, 0xaf, 0xd1, 0x06, 0x35, 0x62, 0xe5, 0xed, 0xa1, 0x32, 0x66,
-	/* (2^145)P */ 0x4c, 0xed, 0x2d, 0x0c, 0x39, 0x6c, 0x7d, 0x0b, 0x1f, 0xcb, 0x04, 0xdf, 0x81, 0x32, 0xcb, 0x56, 0xc7, 0xc3, 0xec, 0x49, 0x12, 0x5a, 0x30, 0x66, 0x2a, 0xa7, 0x8c, 0xa3, 0x60, 0x8b, 0x58, 0x5d,
-	/* (2^146)P */ 0x2d, 0xf4, 0xe5, 0xe8, 0x78, 0xbf, 0xec, 0xa6, 0xec, 0x3e, 0x8a, 0x3c, 0x4b, 0xb4, 0xee, 0x86, 0x04, 0x16, 0xd2, 0xfb, 0x48, 0x9c, 0x21, 0xec, 0x31, 0x67, 0xc3, 0x17, 0xf5, 0x1a, 0xaf, 0x1a,
-	/* (2^147)P */ 0xe7, 0xbd, 0x69, 0x67, 0x83, 0xa2, 0x06, 0xc3, 0xdb, 0x2a, 0x1e, 0x2b, 0x62, 0x80, 0x82, 0x20, 0xa6, 0x94, 0xff, 0xfb, 0x1f, 0xf5, 0x27, 0x80, 0x6b, 0xf2, 0x24, 0x11, 0xce, 0xa1, 0xcf, 0x76,
-	/* (2^148)P */ 0xb6, 0xab, 0x22, 0x24, 0x56, 0x00, 0xeb, 0x18, 0xc3, 0x29, 0x8c, 0x8f, 0xd5, 0xc4, 0x77, 0xf3, 0x1a, 0x56, 0x31, 0xf5, 0x07, 0xc2, 0xbb, 0x4d, 0x27, 0x8a, 0x12, 0x82, 0xf0, 0xb7, 0x53, 0x02,
-	/* (2^149)P */ 0xe0, 0x17, 0x2c, 0xb6, 0x1c, 0x09, 0x1f, 0x3d, 0xa9, 0x28, 0x46, 0xd6, 0xab, 0xe1, 0x60, 0x48, 0x53, 0x42, 0x9d, 0x30, 0x36, 0x74, 0xd1, 0x52, 0x76, 0xe5, 0xfa, 0x3e, 0xe1, 0x97, 0x6f, 0x35,
-	/* (2^150)P */ 0x5b, 0x53, 0x50, 0xa1, 0x1a, 0xe1, 0x51, 0xd3, 0xcc, 0x78, 0xd8, 0x1d, 0xbb, 0x45, 0x6b, 0x3e, 0x98, 0x2c, 0xd9, 0xbe, 0x28, 0x61, 0x77, 0x0c, 0xb8, 0x85, 0x28, 0x03, 0x93, 0xae, 0x34, 0x1d,
-	/* (2^151)P */ 0xc3, 0xa4, 0x5b, 0xa8, 0x8c, 0x48, 0xa0, 0x4b, 0xce, 0xe6, 0x9c, 0x3c, 0xc3, 0x48, 0x53, 0x98, 0x70, 0xa7, 0xbd, 0x97, 0x6f, 0x4c, 0x12, 0x66, 0x4a, 0x12, 0x54, 0x06, 0x29, 0xa0, 0x81, 0x0f,
-	/* (2^152)P */ 0xfd, 0x86, 0x9b, 0x56, 0xa6, 0x9c, 0xd0, 0x9e, 0x2d, 0x9a, 0xaf, 0x18, 0xfd, 0x09, 0x10, 0x81, 0x0a, 0xc2, 0xd8, 0x93, 0x3f, 0xd0, 0x08, 0xff, 0x6b, 0xf2, 0xae, 0x9f, 0x19, 0x48, 0xa1, 0x52,
-	/* (2^153)P */ 0x73, 0x1b, 0x8d, 0x2d, 0xdc, 0xf9, 0x03, 0x3e, 0x70, 0x1a, 0x96, 0x73, 0x18, 0x80, 0x05, 0x42, 0x70, 0x59, 0xa3, 0x41, 0xf0, 0x87, 0xd9, 0xc0, 0x49, 0xd5, 0xc0, 0xa1, 0x15, 0x1f, 0xaa, 0x07,
-	/* (2^154)P */ 0x24, 0x72, 0xd2, 0x8c, 0xe0, 0x6c, 0xd4, 0xdf, 0x39, 0x42, 0x4e, 0x93, 0x4f, 0x02, 0x0a, 0x6d, 0x59, 0x7b, 0x89, 0x99, 0x63, 0x7a, 0x8a, 0x80, 0xa2, 0x95, 0x3d, 0xe1, 0xe9, 0x56, 0x45, 0x0a,
-	/* (2^155)P */ 0x45, 0x30, 0xc1, 0xe9, 0x1f, 0x99, 0x1a, 0xd2, 0xb8, 0x51, 0x77, 0xfe, 0x48, 0x85, 0x0e, 0x9b, 0x35, 0x00, 0xf3, 0x4b, 0xcb, 0x43, 0xa6, 0x5d, 0x21, 0xf7, 0x40, 0x39, 0xd6, 0x28, 0xdb, 0x77,
-	/* (2^156)P */ 0x11, 0x90, 0xdc, 0x4a, 0x61, 0xeb, 0x5e, 0xfc, 0xeb, 0x11, 0xc4, 0xe8, 0x9a, 0x41, 0x29, 0x52, 0x74, 0xcf, 0x1d, 0x7d, 0x78, 0xe7, 0xc3, 0x9e, 0xb5, 0x4c, 0x6e, 0x21, 0x3e, 0x05, 0x0d, 0x34,
-	/* (2^157)P */ 0xb4, 0xf2, 0x8d, 0xb4, 0x39, 0xaf, 0xc7, 0xca, 0x94, 0x0a, 0xa1, 0x71, 0x28, 0xec, 0xfa, 0xc0, 0xed, 0x75, 0xa5, 0x5c, 0x24, 0x69, 0x0a, 0x14, 0x4c, 0x3a, 0x27, 0x34, 0x71, 0xc3, 0xf1, 0x0c,
-	/* (2^158)P */ 0xa5, 0xb8, 0x24, 0xc2, 0x6a, 0x30, 0xee, 0xc8, 0xb0, 0x30, 0x49, 0xcb, 0x7c, 0xee, 0xea, 0x57, 0x4f, 0xe7, 0xcb, 0xaa, 0xbd, 0x06, 0xe8, 0xa1, 0x7d, 0x65, 0xeb, 0x2e, 0x74, 0x62, 0x9a, 0x7d,
-	/* (2^159)P */ 0x30, 0x48, 0x6c, 0x54, 0xef, 0xb6, 0xb6, 0x9e, 0x2e, 0x6e, 0xb3, 0xdd, 0x1f, 0xca, 0x5c, 0x88, 0x05, 0x71, 0x0d, 0xef, 0x83, 0xf3, 0xb9, 0xe6, 0x12, 0x04, 0x2e, 0x9d, 0xef, 0x4f, 0x65, 0x58,
-	/* (2^160)P */ 0x26, 0x8e, 0x0e, 0xbe, 0xff, 0xc4, 0x05, 0xa9, 0x6e, 0x81, 0x31, 0x9b, 0xdf, 0xe5, 0x2d, 0x94, 0xe1, 0x88, 0x2e, 0x80, 0x3f, 0x72, 0x7d, 0x49, 0x8d, 0x40, 0x2f, 0x60, 0xea, 0x4d, 0x68, 0x30,
-	/* (2^161)P */ 0x34, 0xcb, 0xe6, 0xa3, 0x78, 0xa2, 0xe5, 0x21, 0xc4, 0x1d, 0x15, 0x5b, 0x6f, 0x6e, 0xfb, 0xae, 0x15, 0xca, 0x77, 0x9d, 0x04, 0x8e, 0x0b, 0xb3, 0x81, 0x89, 0xb9, 0x53, 0xcf, 0xc9, 0xc3, 0x28,
-	/* (2^162)P */ 0x2a, 0xdd, 0x6c, 0x55, 0x21, 0xb7, 0x7f, 0x28, 0x74, 0x22, 0x02, 0x97, 0xa8, 0x7c, 0x31, 0x0d, 0x58, 0x32, 0x54, 0x3a, 0x42, 0xc7, 0x68, 0x74, 0x2f, 0x64, 0xb5, 0x4e, 0x46, 0x11, 0x7f, 0x4a,
-	/* (2^163)P */ 0xa6, 0x3a, 0x19, 0x4d, 0x77, 0xa4, 0x37, 0xa2, 0xa1, 0x29, 0x21, 0xa9, 0x6e, 0x98, 0x65, 0xd8, 0x88, 0x1a, 0x7c, 0xf8, 0xec, 0x15, 0xc5, 0x24, 0xeb, 0xf5, 0x39, 0x5f, 0x57, 0x03, 0x40, 0x60,
-	/* (2^164)P */ 0x27, 0x9b, 0x0a, 0x57, 0x89, 0xf1, 0xb9, 0x47, 0x78, 0x4b, 0x5e, 0x46, 0xde, 0xce, 0x98, 0x2b, 0x20, 0x5c, 0xb8, 0xdb, 0x51, 0xf5, 0x6d, 0x02, 0x01, 0x19, 0xe2, 0x47, 0x10, 0xd9, 0xfc, 0x74,
-	/* (2^165)P */ 0xa3, 0xbf, 0xc1, 0x23, 0x0a, 0xa9, 0xe2, 0x13, 0xf6, 0x19, 0x85, 0x47, 0x4e, 0x07, 0xb0, 0x0c, 0x44, 0xcf, 0xf6, 0x3a, 0xbe, 0xcb, 0xf1, 0x5f, 0xbe, 0x2d, 0x81, 0xbe, 0x38, 0x54, 0xfe, 0x67,
-	/* (2^166)P */ 0xb0, 0x05, 0x0f, 0xa4, 0x4f, 0xf6, 0x3c, 0xd1, 0x87, 0x37, 0x28, 0x32, 0x2f, 0xfb, 0x4d, 0x05, 0xea, 0x2a, 0x0d, 0x7f, 0x5b, 0x91, 0x73, 0x41, 0x4e, 0x0d, 0x61, 0x1f, 0x4f, 0x14, 0x2f, 0x48,
-	/* (2^167)P */ 0x34, 0x82, 0x7f, 0xb4, 0x01, 0x02, 0x21, 0xf6, 0x90, 0xb9, 0x70, 0x9e, 0x92, 0xe1, 0x0a, 0x5d, 0x7c, 0x56, 0x49, 0xb0, 0x55, 0xf4, 0xd7, 0xdc, 0x01, 0x6f, 0x91, 0xf0, 0xf1, 0xd0, 0x93, 0x7e,
-	/* (2^168)P */ 0xfa, 0xb4, 0x7d, 0x8a, 0xf1, 0xcb, 0x79, 0xdd, 0x2f, 0xc6, 0x74, 0x6f, 0xbf, 0x91, 0x83, 0xbe, 0xbd, 0x91, 0x82, 0x4b, 0xd1, 0x45, 0x71, 0x02, 0x05, 0x17, 0xbf, 0x2c, 0xea, 0x73, 0x5a, 0x58,
-	/* (2^169)P */ 0xb2, 0x0d, 0x8a, 0x92, 0x3e, 0xa0, 0x5c, 0x48, 0xe7, 0x57, 0x28, 0x74, 0xa5, 0x01, 0xfc, 0x10, 0xa7, 0x51, 0xd5, 0xd6, 0xdb, 0x2e, 0x48, 0x2f, 0x8a, 0xdb, 0x8f, 0x04, 0xb5, 0x33, 0x04, 0x0f,
-	/* (2^170)P */ 0x47, 0x62, 0xdc, 0xd7, 0x8d, 0x2e, 0xda, 0x60, 0x9a, 0x81, 0xd4, 0x8c, 0xd3, 0xc9, 0xb4, 0x88, 0x97, 0x66, 0xf6, 0x01, 0xc0, 0x3a, 0x03, 0x13, 0x75, 0x7d, 0x36, 0x3b, 0xfe, 0x24, 0x3b, 0x27,
-	/* (2^171)P */ 0xd4, 0xb9, 0xb3, 0x31, 0x6a, 0xf6, 0xe8, 0xc6, 0xd5, 0x49, 0xdf, 0x94, 0xa4, 0x14, 0x15, 0x28, 0xa7, 0x3d, 0xb2, 0xc8, 0xdf, 0x6f, 0x72, 0xd1, 0x48, 0xe5, 0xde, 0x03, 0xd1, 0xe7, 0x3a, 0x4b,
-	/* (2^172)P */ 0x7e, 0x9d, 0x4b, 0xce, 0x19, 0x6e, 0x25, 0xc6, 0x1c, 0xc6, 0xe3, 0x86, 0xf1, 0x5c, 0x5c, 0xff, 0x45, 0xc1, 0x8e, 0x4b, 0xa3, 0x3c, 0xc6, 0xac, 0x74, 0x65, 0xe6, 0xfe, 0x88, 0x18, 0x62, 0x74,
-	/* (2^173)P */ 0x1e, 0x0a, 0x29, 0x45, 0x96, 0x40, 0x6f, 0x95, 0x2e, 0x96, 0x3a, 0x26, 0xe3, 0xf8, 0x0b, 0xef, 0x7b, 0x64, 0xc2, 0x5e, 0xeb, 0x50, 0x6a, 0xed, 0x02, 0x75, 0xca, 0x9d, 0x3a, 0x28, 0x94, 0x06,
-	/* (2^174)P */ 0xd1, 0xdc, 0xa2, 0x43, 0x36, 0x96, 0x9b, 0x76, 0x53, 0x53, 0xfc, 0x09, 0xea, 0xc8, 0xb7, 0x42, 0xab, 0x7e, 0x39, 0x13, 0xee, 0x2a, 0x00, 0x4f, 0x3a, 0xd6, 0xb7, 0x19, 0x2c, 0x5e, 0x00, 0x63,
-	/* (2^175)P */ 0xea, 0x3b, 0x02, 0x63, 0xda, 0x36, 0x67, 0xca, 0xb7, 0x99, 0x2a, 0xb1, 0x6d, 0x7f, 0x6c, 0x96, 0xe1, 0xc5, 0x37, 0xc5, 0x90, 0x93, 0xe0, 0xac, 0xee, 0x89, 0xaa, 0xa1, 0x63, 0x60, 0x69, 0x0b,
-	/* (2^176)P */ 0xe5, 0x56, 0x8c, 0x28, 0x97, 0x3e, 0xb0, 0xeb, 0xe8, 0x8b, 0x8c, 0x93, 0x9f, 0x9f, 0x2a, 0x43, 0x71, 0x7f, 0x71, 0x5b, 0x3d, 0xa9, 0xa5, 0xa6, 0x97, 0x9d, 0x8f, 0xe1, 0xc3, 0xb4, 0x5f, 0x1a,
-	/* (2^177)P */ 0xce, 0xcd, 0x60, 0x1c, 0xad, 0xe7, 0x94, 0x1c, 0xa0, 0xc4, 0x02, 0xfc, 0x43, 0x2a, 0x20, 0xee, 0x20, 0x6a, 0xc4, 0x67, 0xd8, 0xe4, 0xaf, 0x8d, 0x58, 0x7b, 0xc2, 0x8a, 0x3c, 0x26, 0x10, 0x0a,
-	/* (2^178)P */ 0x4a, 0x2a, 0x43, 0xe4, 0xdf, 0xa9, 0xde, 0xd0, 0xc5, 0x77, 0x92, 0xbe, 0x7b, 0xf8, 0x6a, 0x85, 0x1a, 0xc7, 0x12, 0xc2, 0xac, 0x72, 0x84, 0xce, 0x91, 0x1e, 0xbb, 0x9b, 0x6d, 0x1b, 0x15, 0x6f,
-	/* (2^179)P */ 0x6a, 0xd5, 0xee, 0x7c, 0x52, 0x6c, 0x77, 0x26, 0xec, 0xfa, 0xf8, 0xfb, 0xb7, 0x1c, 0x21, 0x7d, 0xcc, 0x09, 0x46, 0xfd, 0xa6, 0x66, 0xae, 0x37, 0x42, 0x0c, 0x77, 0xd2, 0x02, 0xb7, 0x81, 0x1f,
-	/* (2^180)P */ 0x92, 0x83, 0xc5, 0xea, 0x57, 0xb0, 0xb0, 0x2f, 0x9d, 0x4e, 0x74, 0x29, 0xfe, 0x89, 0xdd, 0xe1, 0xf8, 0xb4, 0xbe, 0x17, 0xeb, 0xf8, 0x64, 0xc9, 0x1e, 0xd4, 0xa2, 0xc9, 0x73, 0x10, 0x57, 0x29,
-	/* (2^181)P */ 0x54, 0xe2, 0xc0, 0x81, 0x89, 0xa1, 0x48, 0xa9, 0x30, 0x28, 0xb2, 0x65, 0x9b, 0x36, 0xf6, 0x2d, 0xc6, 0xd3, 0xcf, 0x5f, 0xd7, 0xb2, 0x3e, 0xa3, 0x1f, 0xa0, 0x99, 0x41, 0xec, 0xd6, 0x8c, 0x07,
-	/* (2^182)P */ 0x2f, 0x0d, 0x90, 0xad, 0x41, 0x4a, 0x58, 0x4a, 0x52, 0x4c, 0xc7, 0xe2, 0x78, 0x2b, 0x14, 0x32, 0x78, 0xc9, 0x31, 0x84, 0x33, 0xe8, 0xc4, 0x68, 0xc2, 0x9f, 0x68, 0x08, 0x90, 0xea, 0x69, 0x7f,
-	/* (2^183)P */ 0x65, 0x82, 0xa3, 0x46, 0x1e, 0xc8, 0xf2, 0x52, 0xfd, 0x32, 0xa8, 0x04, 0x2d, 0x07, 0x78, 0xfd, 0x94, 0x9e, 0x35, 0x25, 0xfa, 0xd5, 0xd7, 0x8c, 0xd2, 0x29, 0xcc, 0x54, 0x74, 0x1b, 0xe7, 0x4d,
-	/* (2^184)P */ 0xc9, 0x6a, 0xda, 0x1e, 0xad, 0x60, 0xeb, 0x42, 0x3a, 0x9c, 0xc0, 0xdb, 0xdf, 0x37, 0xad, 0x0a, 0x91, 0xc1, 0x3c, 0xe3, 0x71, 0x4b, 0x00, 0x81, 0x3c, 0x80, 0x22, 0x51, 0x34, 0xbe, 0xe6, 0x44,
-	/* (2^185)P */ 0xdb, 0x20, 0x19, 0xba, 0x88, 0x83, 0xfe, 0x03, 0x08, 0xb0, 0x0d, 0x15, 0x32, 0x7c, 0xd5, 0xf5, 0x29, 0x0c, 0xf6, 0x1a, 0x28, 0xc4, 0xc8, 0x49, 0xee, 0x1a, 0x70, 0xde, 0x18, 0xb5, 0xed, 0x21,
-	/* (2^186)P */ 0x99, 0xdc, 0x06, 0x8f, 0x41, 0x3e, 0xb6, 0x7f, 0xb8, 0xd7, 0x66, 0xc1, 0x99, 0x0d, 0x46, 0xa4, 0x83, 0x0a, 0x52, 0xce, 0x48, 0x52, 0xdd, 0x24, 0x58, 0x83, 0x92, 0x2b, 0x71, 0xad, 0xc3, 0x5e,
-	/* (2^187)P */ 0x0f, 0x93, 0x17, 0xbd, 0x5f, 0x2a, 0x02, 0x15, 0xe3, 0x70, 0x25, 0xd8, 0x77, 0x4a, 0xf6, 0xa4, 0x12, 0x37, 0x78, 0x15, 0x69, 0x8d, 0xbc, 0x12, 0xbb, 0x0a, 0x62, 0xfc, 0xc0, 0x94, 0x81, 0x49,
-	/* (2^188)P */ 0x82, 0x6c, 0x68, 0x55, 0xd2, 0xd9, 0xa2, 0x38, 0xf0, 0x21, 0x3e, 0x19, 0xd9, 0x6b, 0x5c, 0x78, 0x84, 0x54, 0x4a, 0xb2, 0x1a, 0xc8, 0xd5, 0xe4, 0x89, 0x09, 0xe2, 0xb2, 0x60, 0x78, 0x30, 0x56,
-	/* (2^189)P */ 0xc4, 0x74, 0x4d, 0x8b, 0xf7, 0x55, 0x9d, 0x42, 0x31, 0x01, 0x35, 0x43, 0x46, 0x83, 0xf1, 0x22, 0xff, 0x1f, 0xc7, 0x98, 0x45, 0xc2, 0x60, 0x1e, 0xef, 0x83, 0x99, 0x97, 0x14, 0xf0, 0xf2, 0x59,
-	/* (2^190)P */ 0x44, 0x4a, 0x49, 0xeb, 0x56, 0x7d, 0xa4, 0x46, 0x8e, 0xa1, 0x36, 0xd6, 0x54, 0xa8, 0x22, 0x3e, 0x3b, 0x1c, 0x49, 0x74, 0x52, 0xe1, 0x46, 0xb3, 0xe7, 0xcd, 0x90, 0x53, 0x4e, 0xfd, 0xea, 0x2c,
-	/* (2^191)P */ 0x75, 0x66, 0x0d, 0xbe, 0x38, 0x85, 0x8a, 0xba, 0x23, 0x8e, 0x81, 0x50, 0xbb, 0x74, 0x90, 0x4b, 0xc3, 0x04, 0xd3, 0x85, 0x90, 0xb8, 0xda, 0xcb, 0xc4, 0x92, 0x61, 0xe5, 0xe0, 0x4f, 0xa2, 0x61,
-	/* (2^192)P */ 0xcb, 0x5b, 0x52, 0xdb, 0xe6, 0x15, 0x76, 0xcb, 0xca, 0xe4, 0x67, 0xa5, 0x35, 0x8c, 0x7d, 0xdd, 0x69, 0xdd, 0xfc, 0xca, 0x3a, 0x15, 0xb4, 0xe6, 0x66, 0x97, 0x3c, 0x7f, 0x09, 0x8e, 0x66, 0x2d,
-	/* (2^193)P */ 0xf0, 0x5e, 0xe5, 0x5c, 0x26, 0x7e, 0x7e, 0xa5, 0x67, 0xb9, 0xd4, 0x7c, 0x52, 0x4e, 0x9f, 0x5d, 0xe5, 0xd1, 0x2f, 0x49, 0x06, 0x36, 0xc8, 0xfb, 0xae, 0xf7, 0xc3, 0xb7, 0xbe, 0x52, 0x0d, 0x09,
-	/* (2^194)P */ 0x7c, 0x4d, 0x7b, 0x1e, 0x5a, 0x51, 0xb9, 0x09, 0xc0, 0x44, 0xda, 0x99, 0x25, 0x6a, 0x26, 0x1f, 0x04, 0x55, 0xc5, 0xe2, 0x48, 0x95, 0xc4, 0xa1, 0xcc, 0x15, 0x6f, 0x12, 0x87, 0x42, 0xf0, 0x7e,
-	/* (2^195)P */ 0x15, 0xef, 0x30, 0xbd, 0x9d, 0x65, 0xd1, 0xfe, 0x7b, 0x27, 0xe0, 0xc4, 0xee, 0xb9, 0x4a, 0x8b, 0x91, 0x32, 0xdf, 0xa5, 0x36, 0x62, 0x4d, 0x88, 0x88, 0xf7, 0x5c, 0xbf, 0xa6, 0x6e, 0xd9, 0x1f,
-	/* (2^196)P */ 0x9a, 0x0d, 0x19, 0x1f, 0x98, 0x61, 0xa1, 0x42, 0xc1, 0x52, 0x60, 0x7e, 0x50, 0x49, 0xd8, 0x61, 0xd5, 0x2c, 0x5a, 0x28, 0xbf, 0x13, 0xe1, 0x9f, 0xd8, 0x85, 0xad, 0xdb, 0x76, 0xd6, 0x22, 0x7c,
-	/* (2^197)P */ 0x7d, 0xd2, 0xfb, 0x2b, 0xed, 0x70, 0xe7, 0x82, 0xa5, 0xf5, 0x96, 0xe9, 0xec, 0xb2, 0x05, 0x4c, 0x50, 0x01, 0x90, 0xb0, 0xc2, 0xa9, 0x40, 0xcd, 0x64, 0xbf, 0xd9, 0x13, 0x92, 0x31, 0x95, 0x58,
-	/* (2^198)P */ 0x08, 0x2e, 0xea, 0x3f, 0x70, 0x5d, 0xcc, 0xe7, 0x8c, 0x18, 0xe2, 0x58, 0x12, 0x49, 0x0c, 0xb5, 0xf0, 0x5b, 0x20, 0x48, 0xaa, 0x0b, 0xe3, 0xcc, 0x62, 0x2d, 0xa3, 0xcf, 0x9c, 0x65, 0x7c, 0x53,
-	/* (2^199)P */ 0x88, 0xc0, 0xcf, 0x98, 0x3a, 0x62, 0xb6, 0x37, 0xa4, 0xac, 0xd6, 0xa4, 0x1f, 0xed, 0x9b, 0xfe, 0xb0, 0xd1, 0xa8, 0x56, 0x8e, 0x9b, 0xd2, 0x04, 0x75, 0x95, 0x51, 0x0b, 0xc4, 0x71, 0x5f, 0x72,
-	/* (2^200)P */ 0xe6, 0x9c, 0x33, 0xd0, 0x9c, 0xf8, 0xc7, 0x28, 0x8b, 0xc1, 0xdd, 0x69, 0x44, 0xb1, 0x67, 0x83, 0x2c, 0x65, 0xa1, 0xa6, 0x83, 0xda, 0x3a, 0x88, 0x17, 0x6c, 0x4d, 0x03, 0x74, 0x19, 0x5f, 0x58,
-	/* (2^201)P */ 0x88, 0x91, 0xb1, 0xf1, 0x66, 0xb2, 0xcf, 0x89, 0x17, 0x52, 0xc3, 0xe7, 0x63, 0x48, 0x3b, 0xe6, 0x6a, 0x52, 0xc0, 0xb4, 0xa6, 0x9d, 0x8c, 0xd8, 0x35, 0x46, 0x95, 0xf0, 0x9d, 0x5c, 0x03, 0x3e,
-	/* (2^202)P */ 0x9d, 0xde, 0x45, 0xfb, 0x12, 0x54, 0x9d, 0xdd, 0x0d, 0xf4, 0xcf, 0xe4, 0x32, 0x45, 0x68, 0xdd, 0x1c, 0x67, 0x1d, 0x15, 0x9b, 0x99, 0x5c, 0x4b, 0x90, 0xf6, 0xe7, 0x11, 0xc8, 0x2c, 0x8c, 0x2d,
-	/* (2^203)P */ 0x40, 0x5d, 0x05, 0x90, 0x1d, 0xbe, 0x54, 0x7f, 0x40, 0xaf, 0x4a, 0x46, 0xdf, 0xc5, 0x64, 0xa4, 0xbe, 0x17, 0xe9, 0xf0, 0x24, 0x96, 0x97, 0x33, 0x30, 0x6b, 0x35, 0x27, 0xc5, 0x8d, 0x01, 0x2c,
-	/* (2^204)P */ 0xd4, 0xb3, 0x30, 0xe3, 0x24, 0x50, 0x41, 0xa5, 0xd3, 0x52, 0x16, 0x69, 0x96, 0x3d, 0xff, 0x73, 0xf1, 0x59, 0x9b, 0xef, 0xc4, 0x42, 0xec, 0x94, 0x5a, 0x8e, 0xd0, 0x18, 0x16, 0x20, 0x47, 0x07,
-	/* (2^205)P */ 0x53, 0x1c, 0x41, 0xca, 0x8a, 0xa4, 0x6c, 0x4d, 0x19, 0x61, 0xa6, 0xcf, 0x2f, 0x5f, 0x41, 0x66, 0xff, 0x27, 0xe2, 0x51, 0x00, 0xd4, 0x4d, 0x9c, 0xeb, 0xf7, 0x02, 0x9a, 0xc0, 0x0b, 0x81, 0x59,
-	/* (2^206)P */ 0x1d, 0x10, 0xdc, 0xb3, 0x71, 0xb1, 0x7e, 0x2a, 0x8e, 0xf6, 0xfe, 0x9f, 0xb9, 0x5a, 0x1c, 0x44, 0xea, 0x59, 0xb3, 0x93, 0x9b, 0x5c, 0x02, 0x32, 0x2f, 0x11, 0x9d, 0x1e, 0xa7, 0xe0, 0x8c, 0x5e,
-	/* (2^207)P */ 0xfd, 0x03, 0x95, 0x42, 0x92, 0xcb, 0xcc, 0xbf, 0x55, 0x5d, 0x09, 0x2f, 0x75, 0xba, 0x71, 0xd2, 0x1e, 0x09, 0x2d, 0x97, 0x5e, 0xad, 0x5e, 0x34, 0xba, 0x03, 0x31, 0xa8, 0x11, 0xdf, 0xc8, 0x18,
-	/* (2^208)P */ 0x4c, 0x0f, 0xed, 0x9a, 0x9a, 0x94, 0xcd, 0x90, 0x7e, 0xe3, 0x60, 0x66, 0xcb, 0xf4, 0xd1, 0xc5, 0x0b, 0x2e, 0xc5, 0x56, 0x2d, 0xc5, 0xca, 0xb8, 0x0d, 0x8e, 0x80, 0xc5, 0x00, 0xe4, 0x42, 0x6e,
-	/* (2^209)P */ 0x23, 0xfd, 0xae, 0xee, 0x66, 0x69, 0xb4, 0xa3, 0xca, 0xcd, 0x9e, 0xe3, 0x0b, 0x1f, 0x4f, 0x0c, 0x1d, 0xa5, 0x83, 0xd6, 0xc9, 0xc8, 0x9d, 0x18, 0x1b, 0x35, 0x09, 0x4c, 0x05, 0x7f, 0xf2, 0x51,
-	/* (2^210)P */ 0x82, 0x06, 0x32, 0x2a, 0xcd, 0x7c, 0x48, 0x4c, 0x96, 0x1c, 0xdf, 0xb3, 0x5b, 0xa9, 0x7e, 0x58, 0xe8, 0xb8, 0x5c, 0x55, 0x9e, 0xf7, 0xcc, 0xc8, 0x3d, 0xd7, 0x06, 0xa2, 0x29, 0xc8, 0x7d, 0x54,
-	/* (2^211)P */ 0x06, 0x9b, 0xc3, 0x80, 0xcd, 0xa6, 0x22, 0xb8, 0xc6, 0xd4, 0x00, 0x20, 0x73, 0x54, 0x6d, 0xe9, 0x4d, 0x3b, 0x46, 0x91, 0x6f, 0x5b, 0x53, 0x28, 0x1d, 0x6e, 0x48, 0xe2, 0x60, 0x46, 0x8f, 0x22,
-	/* (2^212)P */ 0xbf, 0x3a, 0x8d, 0xde, 0x38, 0x95, 0x79, 0x98, 0x6e, 0xca, 0xeb, 0x45, 0x00, 0x33, 0xd8, 0x8c, 0x38, 0xe7, 0x21, 0x82, 0x00, 0x2a, 0x95, 0x79, 0xbb, 0xd2, 0x5c, 0x53, 0xa7, 0xe1, 0x22, 0x43,
-	/* (2^213)P */ 0x1c, 0x80, 0xd1, 0x19, 0x18, 0xc1, 0x14, 0xb1, 0xc7, 0x5e, 0x3f, 0x4f, 0xd8, 0xe4, 0x16, 0x20, 0x4c, 0x0f, 0x26, 0x09, 0xf4, 0x2d, 0x0e, 0xdd, 0x66, 0x72, 0x5f, 0xae, 0xc0, 0x62, 0xc3, 0x5e,
-	/* (2^214)P */ 0xee, 0xb4, 0xb2, 0xb8, 0x18, 0x2b, 0x46, 0xc0, 0xfb, 0x1a, 0x4d, 0x27, 0x50, 0xd9, 0xc8, 0x7c, 0xd2, 0x02, 0x6b, 0x43, 0x05, 0x71, 0x5f, 0xf2, 0xd3, 0xcc, 0xf9, 0xbf, 0xdc, 0xf8, 0xbb, 0x43,
-	/* (2^215)P */ 0xdf, 0xe9, 0x39, 0xa0, 0x67, 0x17, 0xad, 0xb6, 0x83, 0x35, 0x9d, 0xf6, 0xa8, 0x4d, 0x71, 0xb0, 0xf5, 0x31, 0x29, 0xb4, 0x18, 0xfa, 0x55, 0x5e, 0x61, 0x09, 0xc6, 0x33, 0x8f, 0x55, 0xd5, 0x4e,
-	/* (2^216)P */ 0xdd, 0xa5, 0x47, 0xc6, 0x01, 0x79, 0xe3, 0x1f, 0x57, 0xd3, 0x81, 0x80, 0x1f, 0xdf, 0x3d, 0x59, 0xa6, 0xd7, 0x3f, 0x81, 0xfd, 0xa4, 0x49, 0x02, 0x61, 0xaf, 0x9c, 0x4e, 0x27, 0xca, 0xac, 0x69,
-	/* (2^217)P */ 0xc9, 0x21, 0x07, 0x33, 0xea, 0xa3, 0x7b, 0x04, 0xa0, 0x1e, 0x7e, 0x0e, 0xc2, 0x3f, 0x42, 0x83, 0x60, 0x4a, 0x31, 0x01, 0xaf, 0xc0, 0xf4, 0x1d, 0x27, 0x95, 0x28, 0x89, 0xab, 0x2d, 0xa6, 0x09,
-	/* (2^218)P */ 0x00, 0xcb, 0xc6, 0x9c, 0xa4, 0x25, 0xb3, 0xa5, 0xb6, 0x6c, 0xb5, 0x54, 0xc6, 0x5d, 0x4b, 0xe9, 0xa0, 0x94, 0xc9, 0xad, 0x79, 0x87, 0xe2, 0x3b, 0xad, 0x4a, 0x3a, 0xba, 0xf8, 0xe8, 0x96, 0x42,
-	/* (2^219)P */ 0xab, 0x1e, 0x45, 0x1e, 0x76, 0x89, 0x86, 0x32, 0x4a, 0x59, 0x59, 0xff, 0x8b, 0x59, 0x4d, 0x2e, 0x4a, 0x08, 0xa7, 0xd7, 0x53, 0x68, 0xb9, 0x49, 0xa8, 0x20, 0x14, 0x60, 0x19, 0xa3, 0x80, 0x49,
-	/* (2^220)P */ 0x42, 0x2c, 0x55, 0x2f, 0xe1, 0xb9, 0x65, 0x95, 0x96, 0xfe, 0x00, 0x71, 0xdb, 0x18, 0x53, 0x8a, 0xd7, 0xd0, 0xad, 0x43, 0x4d, 0x0b, 0xc9, 0x05, 0xda, 0x4e, 0x5d, 0x6a, 0xd6, 0x4c, 0x8b, 0x53,
-	/* (2^221)P */ 0x9f, 0x03, 0x9f, 0xe8, 0xc3, 0x4f, 0xe9, 0xf4, 0x45, 0x80, 0x61, 0x6f, 0xf2, 0x9a, 0x2c, 0x59, 0x50, 0x95, 0x4b, 0xfd, 0xb5, 0x6e, 0xa3, 0x08, 0x19, 0x14, 0xed, 0xc2, 0xf6, 0xfa, 0xff, 0x25,
-	/* (2^222)P */ 0x54, 0xd3, 0x79, 0xcc, 0x59, 0x44, 0x43, 0x34, 0x6b, 0x47, 0xd5, 0xb1, 0xb4, 0xbf, 0xec, 0xee, 0x99, 0x5d, 0x61, 0x61, 0xa0, 0x34, 0xeb, 0xdd, 0x73, 0xb7, 0x64, 0xeb, 0xcc, 0xce, 0x29, 0x51,
-	/* (2^223)P */ 0x20, 0x35, 0x99, 0x94, 0x58, 0x21, 0x43, 0xee, 0x3b, 0x0b, 0x4c, 0xf1, 0x7c, 0x9c, 0x2f, 0x77, 0xd5, 0xda, 0xbe, 0x06, 0xe3, 0xfc, 0xe2, 0xd2, 0x97, 0x6a, 0xf0, 0x46, 0xb5, 0x42, 0x5f, 0x71,
-	/* (2^224)P */ 0x1a, 0x5f, 0x5b, 0xda, 0xce, 0xcd, 0x4e, 0x43, 0xa9, 0x41, 0x97, 0xa4, 0x15, 0x71, 0xa1, 0x0d, 0x2e, 0xad, 0xed, 0x73, 0x7c, 0xd7, 0x0b, 0x68, 0x41, 0x90, 0xdd, 0x4e, 0x35, 0x02, 0x7c, 0x48,
-	/* (2^225)P */ 0xc4, 0xd9, 0x0e, 0xa7, 0xf3, 0xef, 0xef, 0xb8, 0x02, 0xe3, 0x57, 0xe8, 0xa3, 0x2a, 0xa3, 0x56, 0xa0, 0xa5, 0xa2, 0x48, 0xbd, 0x68, 0x3a, 0xdf, 0x44, 0xc4, 0x76, 0x31, 0xb7, 0x50, 0xf6, 0x07,
-	/* (2^226)P */ 0xb1, 0xcc, 0xe0, 0x26, 0x16, 0x9b, 0x8b, 0xe3, 0x36, 0xfb, 0x09, 0x8b, 0xc1, 0x53, 0xe0, 0x79, 0x64, 0x49, 0xf9, 0xc9, 0x19, 0x03, 0xd9, 0x56, 0xc4, 0xf5, 0x9f, 0xac, 0xe7, 0x41, 0xa9, 0x1c,
-	/* (2^227)P */ 0xbb, 0xa0, 0x2f, 0x16, 0x29, 0xdf, 0xc4, 0x49, 0x05, 0x33, 0xb3, 0x82, 0x32, 0xcf, 0x88, 0x84, 0x7d, 0x43, 0xbb, 0xca, 0x14, 0xda, 0xdf, 0x95, 0x86, 0xad, 0xd5, 0x64, 0x82, 0xf7, 0x91, 0x33,
-	/* (2^228)P */ 0x5d, 0x09, 0xb5, 0xe2, 0x6a, 0xe0, 0x9a, 0x72, 0x46, 0xa9, 0x59, 0x32, 0xd7, 0x58, 0x8a, 0xd5, 0xed, 0x21, 0x39, 0xd1, 0x62, 0x42, 0x83, 0xe9, 0x92, 0xb5, 0x4b, 0xa5, 0xfa, 0xda, 0xfe, 0x27,
-	/* (2^229)P */ 0xbb, 0x48, 0xad, 0x29, 0xb8, 0xc5, 0x9d, 0xa9, 0x60, 0xe2, 0x9e, 0x49, 0x42, 0x57, 0x02, 0x5f, 0xfd, 0x13, 0x75, 0x5d, 0xcd, 0x8e, 0x2c, 0x80, 0x38, 0xd9, 0x6d, 0x3f, 0xef, 0xb3, 0xce, 0x78,
-	/* (2^230)P */ 0x94, 0x5d, 0x13, 0x8a, 0x4f, 0xf4, 0x42, 0xc3, 0xa3, 0xdd, 0x8c, 0x82, 0x44, 0xdb, 0x9e, 0x7b, 0xe7, 0xcf, 0x37, 0x05, 0x1a, 0xd1, 0x36, 0x94, 0xc8, 0xb4, 0x1a, 0xec, 0x64, 0xb1, 0x64, 0x50,
-	/* (2^231)P */ 0xfc, 0xb2, 0x7e, 0xd3, 0xcf, 0xec, 0x20, 0x70, 0xfc, 0x25, 0x0d, 0xd9, 0x3e, 0xea, 0x31, 0x1f, 0x34, 0xbb, 0xa1, 0xdf, 0x7b, 0x0d, 0x93, 0x1b, 0x44, 0x30, 0x11, 0x48, 0x7a, 0x46, 0x44, 0x53,
-	/* (2^232)P */ 0xfb, 0x6d, 0x5e, 0xf2, 0x70, 0x31, 0x07, 0x70, 0xc8, 0x4c, 0x11, 0x50, 0x1a, 0xdc, 0x85, 0xe3, 0x00, 0x4f, 0xfc, 0xc8, 0x8a, 0x69, 0x48, 0x23, 0xd8, 0x40, 0xdd, 0x84, 0x52, 0xa5, 0x77, 0x2a,
-	/* (2^233)P */ 0xe4, 0x6c, 0x8c, 0xc9, 0xe0, 0xaf, 0x06, 0xfe, 0xe4, 0xd6, 0xdf, 0xdd, 0x96, 0xdf, 0x35, 0xc2, 0xd3, 0x1e, 0xbf, 0x33, 0x1e, 0xd0, 0x28, 0x14, 0xaf, 0xbd, 0x00, 0x93, 0xec, 0x68, 0x57, 0x78,
-	/* (2^234)P */ 0x3b, 0xb6, 0xde, 0x91, 0x7a, 0xe5, 0x02, 0x97, 0x80, 0x8b, 0xce, 0xe5, 0xbf, 0xb8, 0xbd, 0x61, 0xac, 0x58, 0x1d, 0x3d, 0x6f, 0x42, 0x5b, 0x64, 0xbc, 0x57, 0xa5, 0x27, 0x22, 0xa8, 0x04, 0x48,
-	/* (2^235)P */ 0x01, 0x26, 0x4d, 0xb4, 0x8a, 0x04, 0x57, 0x8e, 0x35, 0x69, 0x3a, 0x4b, 0x1a, 0x50, 0xd6, 0x68, 0x93, 0xc2, 0xe1, 0xf9, 0xc3, 0x9e, 0x9c, 0xc3, 0xe2, 0x63, 0xde, 0xd4, 0x57, 0xf2, 0x72, 0x41,
-	/* (2^236)P */ 0x01, 0x64, 0x0c, 0x33, 0x50, 0xb4, 0x68, 0xd3, 0x91, 0x23, 0x8f, 0x41, 0x17, 0x30, 0x0d, 0x04, 0x0d, 0xd9, 0xb7, 0x90, 0x60, 0xbb, 0x34, 0x2c, 0x1f, 0xd5, 0xdf, 0x8f, 0x22, 0x49, 0xf6, 0x16,
-	/* (2^237)P */ 0xf5, 0x8e, 0x92, 0x2b, 0x8e, 0x81, 0xa6, 0xbe, 0x72, 0x1e, 0xc1, 0xcd, 0x91, 0xcf, 0x8c, 0xe2, 0xcd, 0x36, 0x7a, 0xe7, 0x68, 0xaa, 0x4a, 0x59, 0x0f, 0xfd, 0x7f, 0x6c, 0x80, 0x34, 0x30, 0x31,
-	/* (2^238)P */ 0x65, 0xbd, 0x49, 0x22, 0xac, 0x27, 0x9d, 0x8a, 0x12, 0x95, 0x8e, 0x01, 0x64, 0xb4, 0xa3, 0x19, 0xc7, 0x7e, 0xb3, 0x52, 0xf3, 0xcf, 0x6c, 0xc2, 0x21, 0x7b, 0x79, 0x1d, 0x34, 0x68, 0x6f, 0x05,
-	/* (2^239)P */ 0x27, 0x23, 0xfd, 0x7e, 0x75, 0xd6, 0x79, 0x5e, 0x15, 0xfe, 0x3a, 0x55, 0xb6, 0xbc, 0xbd, 0xfa, 0x60, 0x5a, 0xaf, 0x6e, 0x2c, 0x22, 0xe7, 0xd3, 0x3b, 0x74, 0xae, 0x4d, 0x6d, 0xc7, 0x46, 0x70,
-	/* (2^240)P */ 0x55, 0x4a, 0x8d, 0xb1, 0x72, 0xe8, 0x0b, 0x66, 0x96, 0x14, 0x4e, 0x57, 0x18, 0x25, 0x99, 0x19, 0xbb, 0xdc, 0x2b, 0x30, 0x3a, 0x05, 0x03, 0xc1, 0x8e, 0x8e, 0x21, 0x0b, 0x80, 0xe9, 0xd8, 0x3e,
-	/* (2^241)P */ 0x3e, 0xe0, 0x75, 0xfa, 0x39, 0x92, 0x0b, 0x7b, 0x83, 0xc0, 0x33, 0x46, 0x68, 0xfb, 0xe9, 0xef, 0x93, 0x77, 0x1a, 0x39, 0xbe, 0x5f, 0xa3, 0x98, 0x34, 0xfe, 0xd0, 0xe2, 0x0f, 0x51, 0x65, 0x60,
-	/* (2^242)P */ 0x0c, 0xad, 0xab, 0x48, 0x85, 0x66, 0xcb, 0x55, 0x27, 0xe5, 0x87, 0xda, 0x48, 0x45, 0x58, 0xb4, 0xdd, 0xc1, 0x07, 0x01, 0xea, 0xec, 0x43, 0x2c, 0x35, 0xde, 0x72, 0x93, 0x80, 0x28, 0x60, 0x52,
-	/* (2^243)P */ 0x1f, 0x3b, 0x21, 0xf9, 0x6a, 0xc5, 0x15, 0x34, 0xdb, 0x98, 0x7e, 0x01, 0x4d, 0x1a, 0xee, 0x5b, 0x9b, 0x70, 0xcf, 0xb5, 0x05, 0xb1, 0xf6, 0x13, 0xb6, 0x9a, 0xb2, 0x82, 0x34, 0x0e, 0xf2, 0x5f,
-	/* (2^244)P */ 0x90, 0x6c, 0x2e, 0xcc, 0x75, 0x9c, 0xa2, 0x0a, 0x06, 0xe2, 0x70, 0x3a, 0xca, 0x73, 0x7d, 0xfc, 0x15, 0xc5, 0xb5, 0xc4, 0x8f, 0xc3, 0x9f, 0x89, 0x07, 0xc2, 0xff, 0x24, 0xb1, 0x86, 0x03, 0x25,
-	/* (2^245)P */ 0x56, 0x2b, 0x3d, 0xae, 0xd5, 0x28, 0xea, 0x54, 0xce, 0x60, 0xde, 0xd6, 0x9d, 0x14, 0x13, 0x99, 0xc1, 0xd6, 0x06, 0x8f, 0xc5, 0x4f, 0x69, 0x16, 0xc7, 0x8f, 0x01, 0xeb, 0x75, 0x39, 0xb2, 0x46,
-	/* (2^246)P */ 0xe2, 0xb4, 0xb7, 0xb4, 0x0f, 0x6a, 0x0a, 0x47, 0xde, 0x53, 0x72, 0x8f, 0x5a, 0x47, 0x92, 0x5d, 0xdb, 0x3a, 0xbd, 0x2f, 0xb5, 0xe5, 0xee, 0xab, 0x68, 0x69, 0x80, 0xa0, 0x01, 0x08, 0xa2, 0x7f,
-	/* (2^247)P */ 0xd2, 0x14, 0x77, 0x9f, 0xf1, 0xfa, 0xf3, 0x76, 0xc3, 0x60, 0x46, 0x2f, 0xc1, 0x40, 0xe8, 0xb3, 0x4e, 0x74, 0x12, 0xf2, 0x8d, 0xcd, 0xb4, 0x0f, 0xd2, 0x2d, 0x3a, 0x1d, 0x25, 0x5a, 0x06, 0x4b,
-	/* (2^248)P */ 0x4a, 0xcd, 0x77, 0x3d, 0x38, 0xde, 0xeb, 0x5c, 0xb1, 0x9c, 0x2c, 0x88, 0xdf, 0x39, 0xdf, 0x6a, 0x59, 0xf7, 0x9a, 0xb0, 0x2e, 0x24, 0xdd, 0xa2, 0x22, 0x64, 0x5f, 0x0e, 0xe5, 0xc0, 0x47, 0x31,
-	/* (2^249)P */ 0xdb, 0x50, 0x13, 0x1d, 0x10, 0xa5, 0x4c, 0x16, 0x62, 0xc9, 0x3f, 0xc3, 0x79, 0x34, 0xd1, 0xf8, 0x08, 0xda, 0xe5, 0x13, 0x4d, 0xce, 0x40, 0xe6, 0xba, 0xf8, 0x61, 0x50, 0xc4, 0xe0, 0xde, 0x4b,
-	/* (2^250)P */ 0xc9, 0xb1, 0xed, 0xa4, 0xc1, 0x6d, 0xc4, 0xd7, 0x8a, 0xd9, 0x7f, 0x43, 0xb6, 0xd7, 0x14, 0x55, 0x0b, 0xc0, 0xa1, 0xb2, 0x6b, 0x2f, 0x94, 0x58, 0x0e, 0x71, 0x70, 0x1d, 0xab, 0xb2, 0xff, 0x2d,
-	/* (2^251)P */ 0x68, 0x6d, 0x8b, 0xc1, 0x2f, 0xcf, 0xdf, 0xcc, 0x67, 0x61, 0x80, 0xb7, 0xa8, 0xcb, 0xeb, 0xa8, 0xe3, 0x37, 0x29, 0x5e, 0xf9, 0x97, 0x06, 0x98, 0x8c, 0x6e, 0x12, 0xd0, 0x1c, 0xba, 0xfb, 0x02,
-	/* (2^252)P */ 0x65, 0x45, 0xff, 0xad, 0x60, 0xc3, 0x98, 0xcb, 0x19, 0x15, 0xdb, 0x4b, 0xd2, 0x01, 0x71, 0x44, 0xd5, 0x15, 0xfb, 0x75, 0x74, 0xc8, 0xc4, 0x98, 0x7d, 0xa2, 0x22, 0x6e, 0x6d, 0xc7, 0xf8, 0x05,
-	/* (2^253)P */ 0x94, 0xf4, 0xb9, 0xfe, 0xdf, 0xe5, 0x69, 0xab, 0x75, 0x6b, 0x40, 0x18, 0x9d, 0xc7, 0x09, 0xae, 0x1d, 0x2d, 0xa4, 0x94, 0xfb, 0x45, 0x9b, 0x19, 0x84, 0xfa, 0x2a, 0xae, 0xeb, 0x0a, 0x71, 0x79,
-	/* (2^254)P */ 0xdf, 0xd2, 0x34, 0xf3, 0xa7, 0xed, 0xad, 0xa6, 0xb4, 0x57, 0x2a, 0xaf, 0x51, 0x9c, 0xde, 0x7b, 0xa8, 0xea, 0xdc, 0x86, 0x4f, 0xc6, 0x8f, 0xa9, 0x7b, 0xd0, 0x0e, 0xc2, 0x35, 0x03, 0xbe, 0x6b,
-	/* (2^255)P */ 0x44, 0x43, 0x98, 0x53, 0xbe, 0xdc, 0x7f, 0x66, 0xa8, 0x49, 0x59, 0x00, 0x1c, 0xbc, 0x72, 0x07, 0x8e, 0xd6, 0xbe, 0x4e, 0x9f, 0xa4, 0x07, 0xba, 0xbf, 0x30, 0xdf, 0xba, 0x85, 0xb0, 0xa7, 0x1f,
-}
diff --git a/vendor/github.com/cloudflare/circl/dh/x448/curve.go b/vendor/github.com/cloudflare/circl/dh/x448/curve.go
deleted file mode 100644
index d59564e4b4..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x448/curve.go
+++ /dev/null
@@ -1,104 +0,0 @@
-package x448
-
-import (
-	fp "github.com/cloudflare/circl/math/fp448"
-)
-
-// ladderJoye calculates a fixed-point multiplication with the generator point.
-// The algorithm is the right-to-left Joye's ladder as described
-// in "How to precompute a ladder" in SAC'2017.
-func ladderJoye(k *Key) {
-	w := [5]fp.Elt{} // [mu,x1,z1,x2,z2] order must be preserved.
-	w[1] = fp.Elt{   // x1 = S
-		0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	}
-	fp.SetOne(&w[2]) // z1 = 1
-	w[3] = fp.Elt{   // x2 = G-S
-		0x20, 0x27, 0x9d, 0xc9, 0x7d, 0x19, 0xb1, 0xac,
-		0xf8, 0xba, 0x69, 0x1c, 0xff, 0x33, 0xac, 0x23,
-		0x51, 0x1b, 0xce, 0x3a, 0x64, 0x65, 0xbd, 0xf1,
-		0x23, 0xf8, 0xc1, 0x84, 0x9d, 0x45, 0x54, 0x29,
-		0x67, 0xb9, 0x81, 0x1c, 0x03, 0xd1, 0xcd, 0xda,
-		0x7b, 0xeb, 0xff, 0x1a, 0x88, 0x03, 0xcf, 0x3a,
-		0x42, 0x44, 0x32, 0x01, 0x25, 0xb7, 0xfa, 0xf0,
-	}
-	fp.SetOne(&w[4]) // z2 = 1
-
-	const n = 448
-	const h = 2
-	swap := uint(1)
-	for s := 0; s < n-h; s++ {
-		i := (s + h) / 8
-		j := (s + h) % 8
-		bit := uint((k[i] >> uint(j)) & 1)
-		copy(w[0][:], tableGenerator[s*Size:(s+1)*Size])
-		diffAdd(&w, swap^bit)
-		swap = bit
-	}
-	for s := 0; s < h; s++ {
-		double(&w[1], &w[2])
-	}
-	toAffine((*[fp.Size]byte)(k), &w[1], &w[2])
-}
-
-// ladderMontgomery calculates a generic scalar point multiplication
-// The algorithm implemented is the left-to-right Montgomery's ladder.
-func ladderMontgomery(k, xP *Key) {
-	w := [5]fp.Elt{}      // [x1, x2, z2, x3, z3] order must be preserved.
-	w[0] = *(*fp.Elt)(xP) // x1 = xP
-	fp.SetOne(&w[1])      // x2 = 1
-	w[3] = *(*fp.Elt)(xP) // x3 = xP
-	fp.SetOne(&w[4])      // z3 = 1
-
-	move := uint(0)
-	for s := 448 - 1; s >= 0; s-- {
-		i := s / 8
-		j := s % 8
-		bit := uint((k[i] >> uint(j)) & 1)
-		ladderStep(&w, move^bit)
-		move = bit
-	}
-	toAffine((*[fp.Size]byte)(k), &w[1], &w[2])
-}
-
-func toAffine(k *[fp.Size]byte, x, z *fp.Elt) {
-	fp.Inv(z, z)
-	fp.Mul(x, x, z)
-	_ = fp.ToBytes(k[:], x)
-}
-
-var lowOrderPoints = [3]fp.Elt{
-	{ /* (0,_,1) point of order 2 on Curve448 */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-	},
-	{ /* (1,_,1) a point of order 4 on the twist of Curve448 */
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-	},
-	{ /* (-1,_,1) point of order 4 on Curve448 */
-		0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	},
-}
diff --git a/vendor/github.com/cloudflare/circl/dh/x448/curve_amd64.go b/vendor/github.com/cloudflare/circl/dh/x448/curve_amd64.go
deleted file mode 100644
index a062266613..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x448/curve_amd64.go
+++ /dev/null
@@ -1,30 +0,0 @@
-//go:build amd64 && !purego
-// +build amd64,!purego
-
-package x448
-
-import (
-	fp "github.com/cloudflare/circl/math/fp448"
-	"golang.org/x/sys/cpu"
-)
-
-var hasBmi2Adx = cpu.X86.HasBMI2 && cpu.X86.HasADX
-
-var _ = hasBmi2Adx
-
-func double(x, z *fp.Elt)             { doubleAmd64(x, z) }
-func diffAdd(w *[5]fp.Elt, b uint)    { diffAddAmd64(w, b) }
-func ladderStep(w *[5]fp.Elt, b uint) { ladderStepAmd64(w, b) }
-func mulA24(z, x *fp.Elt)             { mulA24Amd64(z, x) }
-
-//go:noescape
-func doubleAmd64(x, z *fp.Elt)
-
-//go:noescape
-func diffAddAmd64(w *[5]fp.Elt, b uint)
-
-//go:noescape
-func ladderStepAmd64(w *[5]fp.Elt, b uint)
-
-//go:noescape
-func mulA24Amd64(z, x *fp.Elt)
diff --git a/vendor/github.com/cloudflare/circl/dh/x448/curve_amd64.h b/vendor/github.com/cloudflare/circl/dh/x448/curve_amd64.h
deleted file mode 100644
index 8c1ae4d0fb..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x448/curve_amd64.h
+++ /dev/null
@@ -1,111 +0,0 @@
-#define ladderStepLeg          \
-    addSub(x2,z2)              \
-    addSub(x3,z3)              \
-    integerMulLeg(b0,x2,z3)    \
-    integerMulLeg(b1,x3,z2)    \
-    reduceFromDoubleLeg(t0,b0) \
-    reduceFromDoubleLeg(t1,b1) \
-    addSub(t0,t1)              \
-    cselect(x2,x3,regMove)     \
-    cselect(z2,z3,regMove)     \
-    integerSqrLeg(b0,t0)       \
-    integerSqrLeg(b1,t1)       \
-    reduceFromDoubleLeg(x3,b0) \
-    reduceFromDoubleLeg(z3,b1) \
-    integerMulLeg(b0,x1,z3)    \
-    reduceFromDoubleLeg(z3,b0) \
-    integerSqrLeg(b0,x2)       \
-    integerSqrLeg(b1,z2)       \
-    reduceFromDoubleLeg(x2,b0) \
-    reduceFromDoubleLeg(z2,b1) \
-    subtraction(t0,x2,z2)      \
-    multiplyA24Leg(t1,t0)      \
-    additionLeg(t1,t1,z2)      \
-    integerMulLeg(b0,x2,z2)    \
-    integerMulLeg(b1,t0,t1)    \
-    reduceFromDoubleLeg(x2,b0) \
-    reduceFromDoubleLeg(z2,b1)
-
-#define ladderStepBmi2Adx      \
-    addSub(x2,z2)              \
-    addSub(x3,z3)              \
-    integerMulAdx(b0,x2,z3)    \
-    integerMulAdx(b1,x3,z2)    \
-    reduceFromDoubleAdx(t0,b0) \
-    reduceFromDoubleAdx(t1,b1) \
-    addSub(t0,t1)              \
-    cselect(x2,x3,regMove)     \
-    cselect(z2,z3,regMove)     \
-    integerSqrAdx(b0,t0)       \
-    integerSqrAdx(b1,t1)       \
-    reduceFromDoubleAdx(x3,b0) \
-    reduceFromDoubleAdx(z3,b1) \
-    integerMulAdx(b0,x1,z3)    \
-    reduceFromDoubleAdx(z3,b0) \
-    integerSqrAdx(b0,x2)       \
-    integerSqrAdx(b1,z2)       \
-    reduceFromDoubleAdx(x2,b0) \
-    reduceFromDoubleAdx(z2,b1) \
-    subtraction(t0,x2,z2)      \
-    multiplyA24Adx(t1,t0)      \
-    additionAdx(t1,t1,z2)      \
-    integerMulAdx(b0,x2,z2)    \
-    integerMulAdx(b1,t0,t1)    \
-    reduceFromDoubleAdx(x2,b0) \
-    reduceFromDoubleAdx(z2,b1)
-
-#define difAddLeg              \
-    addSub(x1,z1)              \
-    integerMulLeg(b0,z1,ui)    \
-    reduceFromDoubleLeg(z1,b0) \
-    addSub(x1,z1)              \
-    integerSqrLeg(b0,x1)       \
-    integerSqrLeg(b1,z1)       \
-    reduceFromDoubleLeg(x1,b0) \
-    reduceFromDoubleLeg(z1,b1) \
-    integerMulLeg(b0,x1,z2)    \
-    integerMulLeg(b1,z1,x2)    \
-    reduceFromDoubleLeg(x1,b0) \
-    reduceFromDoubleLeg(z1,b1)
-
-#define difAddBmi2Adx          \
-    addSub(x1,z1)              \
-    integerMulAdx(b0,z1,ui)    \
-    reduceFromDoubleAdx(z1,b0) \
-    addSub(x1,z1)              \
-    integerSqrAdx(b0,x1)       \
-    integerSqrAdx(b1,z1)       \
-    reduceFromDoubleAdx(x1,b0) \
-    reduceFromDoubleAdx(z1,b1) \
-    integerMulAdx(b0,x1,z2)    \
-    integerMulAdx(b1,z1,x2)    \
-    reduceFromDoubleAdx(x1,b0) \
-    reduceFromDoubleAdx(z1,b1)
-
-#define doubleLeg              \
-    addSub(x1,z1)              \
-    integerSqrLeg(b0,x1)       \
-    integerSqrLeg(b1,z1)       \
-    reduceFromDoubleLeg(x1,b0) \
-    reduceFromDoubleLeg(z1,b1) \
-    subtraction(t0,x1,z1)      \
-    multiplyA24Leg(t1,t0)      \
-    additionLeg(t1,t1,z1)      \
-    integerMulLeg(b0,x1,z1)    \
-    integerMulLeg(b1,t0,t1)    \
-    reduceFromDoubleLeg(x1,b0) \
-    reduceFromDoubleLeg(z1,b1)
-
-#define doubleBmi2Adx          \
-    addSub(x1,z1)              \
-    integerSqrAdx(b0,x1)       \
-    integerSqrAdx(b1,z1)       \
-    reduceFromDoubleAdx(x1,b0) \
-    reduceFromDoubleAdx(z1,b1) \
-    subtraction(t0,x1,z1)      \
-    multiplyA24Adx(t1,t0)      \
-    additionAdx(t1,t1,z1)      \
-    integerMulAdx(b0,x1,z1)    \
-    integerMulAdx(b1,t0,t1)    \
-    reduceFromDoubleAdx(x1,b0) \
-    reduceFromDoubleAdx(z1,b1)
diff --git a/vendor/github.com/cloudflare/circl/dh/x448/curve_amd64.s b/vendor/github.com/cloudflare/circl/dh/x448/curve_amd64.s
deleted file mode 100644
index ed33ba3d03..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x448/curve_amd64.s
+++ /dev/null
@@ -1,194 +0,0 @@
-//go:build amd64 && !purego
-// +build amd64,!purego
-
-#include "textflag.h"
-
-// Depends on circl/math/fp448 package
-#include "../../math/fp448/fp_amd64.h"
-#include "curve_amd64.h"
-
-// CTE_A24 is (A+2)/4 from Curve448
-#define CTE_A24 39082
-
-#define Size 56
-
-// multiplyA24Leg multiplies x times CTE_A24 and stores in z
-// Uses: AX, DX, R8-R15, FLAGS
-// Instr: x86_64, cmov, adx
-#define multiplyA24Leg(z,x) \
-    MOVQ $CTE_A24, R15; \
-    MOVQ  0+x, AX; MULQ R15; MOVQ AX,  R8; ;;;;;;;;;;;;  MOVQ DX,  R9; \
-    MOVQ  8+x, AX; MULQ R15; ADDQ AX,  R9; ADCQ $0, DX;  MOVQ DX, R10; \
-    MOVQ 16+x, AX; MULQ R15; ADDQ AX, R10; ADCQ $0, DX;  MOVQ DX, R11; \
-    MOVQ 24+x, AX; MULQ R15; ADDQ AX, R11; ADCQ $0, DX;  MOVQ DX, R12; \
-    MOVQ 32+x, AX; MULQ R15; ADDQ AX, R12; ADCQ $0, DX;  MOVQ DX, R13; \
-    MOVQ 40+x, AX; MULQ R15; ADDQ AX, R13; ADCQ $0, DX;  MOVQ DX, R14; \
-    MOVQ 48+x, AX; MULQ R15; ADDQ AX, R14; ADCQ $0, DX; \
-    MOVQ DX,  AX; \
-    SHLQ $32, AX; \
-    ADDQ DX,  R8; MOVQ $0, DX; \
-    ADCQ $0,  R9; \
-    ADCQ $0, R10; \
-    ADCQ AX, R11; \
-    ADCQ $0, R12; \
-    ADCQ $0, R13; \
-    ADCQ $0, R14; \
-    ADCQ $0,  DX; \
-    MOVQ DX,  AX; \
-    SHLQ $32, AX; \
-    ADDQ DX,  R8; \
-    ADCQ $0,  R9; \
-    ADCQ $0, R10; \
-    ADCQ AX, R11; \
-    ADCQ $0, R12; \
-    ADCQ $0, R13; \
-    ADCQ $0, R14; \
-    MOVQ  R8,  0+z; \
-    MOVQ  R9,  8+z; \
-    MOVQ R10, 16+z; \
-    MOVQ R11, 24+z; \
-    MOVQ R12, 32+z; \
-    MOVQ R13, 40+z; \
-    MOVQ R14, 48+z;
-
-// multiplyA24Adx multiplies x times CTE_A24 and stores in z
-// Uses: AX, DX, R8-R14, FLAGS
-// Instr: x86_64, bmi2
-#define multiplyA24Adx(z,x) \
-    MOVQ $CTE_A24, DX; \
-    MULXQ  0+x, R8,  R9; \
-    MULXQ  8+x, AX, R10;  ADDQ AX,  R9; \
-    MULXQ 16+x, AX, R11;  ADCQ AX, R10; \
-    MULXQ 24+x, AX, R12;  ADCQ AX, R11; \
-    MULXQ 32+x, AX, R13;  ADCQ AX, R12; \
-    MULXQ 40+x, AX, R14;  ADCQ AX, R13; \
-    MULXQ 48+x, AX,  DX;  ADCQ AX, R14; \
-    ;;;;;;;;;;;;;;;;;;;;  ADCQ $0,  DX; \
-    MOVQ DX,  AX; \
-    SHLQ $32, AX; \
-    ADDQ DX,  R8; MOVQ $0, DX; \
-    ADCQ $0,  R9; \
-    ADCQ $0, R10; \
-    ADCQ AX, R11; \
-    ADCQ $0, R12; \
-    ADCQ $0, R13; \
-    ADCQ $0, R14; \
-    ADCQ $0,  DX; \
-    MOVQ DX,  AX; \
-    SHLQ $32, AX; \
-    ADDQ DX,  R8; \
-    ADCQ $0,  R9; \
-    ADCQ $0, R10; \
-    ADCQ AX, R11; \
-    ADCQ $0, R12; \
-    ADCQ $0, R13; \
-    ADCQ $0, R14; \
-    MOVQ  R8,  0+z; \
-    MOVQ  R9,  8+z; \
-    MOVQ R10, 16+z; \
-    MOVQ R11, 24+z; \
-    MOVQ R12, 32+z; \
-    MOVQ R13, 40+z; \
-    MOVQ R14, 48+z;
-
-#define mulA24Legacy \
-    multiplyA24Leg(0(DI),0(SI))
-#define mulA24Bmi2Adx \
-    multiplyA24Adx(0(DI),0(SI))
-
-// func mulA24Amd64(z, x *fp448.Elt)
-TEXT ·mulA24Amd64(SB),NOSPLIT,$0-16
-    MOVQ z+0(FP), DI
-    MOVQ x+8(FP), SI
-    CHECK_BMI2ADX(LMA24, mulA24Legacy, mulA24Bmi2Adx)
-
-// func ladderStepAmd64(w *[5]fp448.Elt, b uint)
-// ladderStepAmd64 calculates a point addition and doubling as follows:
-// (x2,z2) = 2*(x2,z2) and (x3,z3) = (x2,z2)+(x3,z3) using as a difference (x1,-).
-//    w    = {x1,x2,z2,x3,z4} are five fp255.Elt of 56 bytes.
-//  stack  = (t0,t1) are two fp.Elt of fp.Size bytes, and
-//           (b0,b1) are two-double precision fp.Elt of 2*fp.Size bytes.
-TEXT ·ladderStepAmd64(SB),NOSPLIT,$336-16
-    // Parameters
-    #define regWork DI
-    #define regMove SI
-    #define x1 0*Size(regWork)
-    #define x2 1*Size(regWork)
-    #define z2 2*Size(regWork)
-    #define x3 3*Size(regWork)
-    #define z3 4*Size(regWork)
-    // Local variables
-    #define t0 0*Size(SP)
-    #define t1 1*Size(SP)
-    #define b0 2*Size(SP)
-    #define b1 4*Size(SP)
-    MOVQ w+0(FP), regWork
-    MOVQ b+8(FP), regMove
-    CHECK_BMI2ADX(LLADSTEP, ladderStepLeg, ladderStepBmi2Adx)
-    #undef regWork
-    #undef regMove
-    #undef x1
-    #undef x2
-    #undef z2
-    #undef x3
-    #undef z3
-    #undef t0
-    #undef t1
-    #undef b0
-    #undef b1
-
-// func diffAddAmd64(work *[5]fp.Elt, swap uint)
-// diffAddAmd64 calculates a differential point addition using a precomputed point.
-// (x1,z1) = (x1,z1)+(mu) using a difference point (x2,z2)
-//    work = {mu,x1,z1,x2,z2} are five fp448.Elt of 56 bytes, and
-//   stack = (b0,b1) are two-double precision fp.Elt of 2*fp.Size bytes.
-// This is Equation 7 at https://eprint.iacr.org/2017/264.
-TEXT ·diffAddAmd64(SB),NOSPLIT,$224-16
-    // Parameters
-    #define regWork DI
-    #define regSwap SI
-    #define ui 0*Size(regWork)
-    #define x1 1*Size(regWork)
-    #define z1 2*Size(regWork)
-    #define x2 3*Size(regWork)
-    #define z2 4*Size(regWork)
-    // Local variables
-    #define b0 0*Size(SP)
-    #define b1 2*Size(SP)
-    MOVQ w+0(FP), regWork
-    MOVQ b+8(FP), regSwap
-    cswap(x1,x2,regSwap)
-    cswap(z1,z2,regSwap)
-    CHECK_BMI2ADX(LDIFADD, difAddLeg, difAddBmi2Adx)
-    #undef regWork
-    #undef regSwap
-    #undef ui
-    #undef x1
-    #undef z1
-    #undef x2
-    #undef z2
-    #undef b0
-    #undef b1
-
-// func doubleAmd64(x, z *fp448.Elt)
-// doubleAmd64 calculates a point doubling (x1,z1) = 2*(x1,z1).
-//  stack = (t0,t1) are two fp.Elt of fp.Size bytes, and
-//          (b0,b1) are two-double precision fp.Elt of 2*fp.Size bytes.
-TEXT ·doubleAmd64(SB),NOSPLIT,$336-16
-    // Parameters
-    #define x1 0(DI)
-    #define z1 0(SI)
-    // Local variables
-    #define t0 0*Size(SP)
-    #define t1 1*Size(SP)
-    #define b0 2*Size(SP)
-    #define b1 4*Size(SP)
-    MOVQ x+0(FP), DI
-    MOVQ z+8(FP), SI
-    CHECK_BMI2ADX(LDOUB,doubleLeg,doubleBmi2Adx)
-    #undef x1
-    #undef z1
-    #undef t0
-    #undef t1
-    #undef b0
-    #undef b1
diff --git a/vendor/github.com/cloudflare/circl/dh/x448/curve_generic.go b/vendor/github.com/cloudflare/circl/dh/x448/curve_generic.go
deleted file mode 100644
index b0b65ccf7e..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x448/curve_generic.go
+++ /dev/null
@@ -1,100 +0,0 @@
-package x448
-
-import (
-	"encoding/binary"
-	"math/bits"
-
-	"github.com/cloudflare/circl/math/fp448"
-)
-
-func doubleGeneric(x, z *fp448.Elt) {
-	t0, t1 := &fp448.Elt{}, &fp448.Elt{}
-	fp448.AddSub(x, z)
-	fp448.Sqr(x, x)
-	fp448.Sqr(z, z)
-	fp448.Sub(t0, x, z)
-	mulA24Generic(t1, t0)
-	fp448.Add(t1, t1, z)
-	fp448.Mul(x, x, z)
-	fp448.Mul(z, t0, t1)
-}
-
-func diffAddGeneric(w *[5]fp448.Elt, b uint) {
-	mu, x1, z1, x2, z2 := &w[0], &w[1], &w[2], &w[3], &w[4]
-	fp448.Cswap(x1, x2, b)
-	fp448.Cswap(z1, z2, b)
-	fp448.AddSub(x1, z1)
-	fp448.Mul(z1, z1, mu)
-	fp448.AddSub(x1, z1)
-	fp448.Sqr(x1, x1)
-	fp448.Sqr(z1, z1)
-	fp448.Mul(x1, x1, z2)
-	fp448.Mul(z1, z1, x2)
-}
-
-func ladderStepGeneric(w *[5]fp448.Elt, b uint) {
-	x1, x2, z2, x3, z3 := &w[0], &w[1], &w[2], &w[3], &w[4]
-	t0 := &fp448.Elt{}
-	t1 := &fp448.Elt{}
-	fp448.AddSub(x2, z2)
-	fp448.AddSub(x3, z3)
-	fp448.Mul(t0, x2, z3)
-	fp448.Mul(t1, x3, z2)
-	fp448.AddSub(t0, t1)
-	fp448.Cmov(x2, x3, b)
-	fp448.Cmov(z2, z3, b)
-	fp448.Sqr(x3, t0)
-	fp448.Sqr(z3, t1)
-	fp448.Mul(z3, x1, z3)
-	fp448.Sqr(x2, x2)
-	fp448.Sqr(z2, z2)
-	fp448.Sub(t0, x2, z2)
-	mulA24Generic(t1, t0)
-	fp448.Add(t1, t1, z2)
-	fp448.Mul(x2, x2, z2)
-	fp448.Mul(z2, t0, t1)
-}
-
-func mulA24Generic(z, x *fp448.Elt) {
-	const A24 = 39082
-	const n = 8
-	var xx [7]uint64
-	for i := range xx {
-		xx[i] = binary.LittleEndian.Uint64(x[i*n : (i+1)*n])
-	}
-	h0, l0 := bits.Mul64(xx[0], A24)
-	h1, l1 := bits.Mul64(xx[1], A24)
-	h2, l2 := bits.Mul64(xx[2], A24)
-	h3, l3 := bits.Mul64(xx[3], A24)
-	h4, l4 := bits.Mul64(xx[4], A24)
-	h5, l5 := bits.Mul64(xx[5], A24)
-	h6, l6 := bits.Mul64(xx[6], A24)
-
-	l1, c0 := bits.Add64(h0, l1, 0)
-	l2, c1 := bits.Add64(h1, l2, c0)
-	l3, c2 := bits.Add64(h2, l3, c1)
-	l4, c3 := bits.Add64(h3, l4, c2)
-	l5, c4 := bits.Add64(h4, l5, c3)
-	l6, c5 := bits.Add64(h5, l6, c4)
-	l7, _ := bits.Add64(h6, 0, c5)
-
-	l0, c0 = bits.Add64(l0, l7, 0)
-	l1, c1 = bits.Add64(l1, 0, c0)
-	l2, c2 = bits.Add64(l2, 0, c1)
-	l3, c3 = bits.Add64(l3, l7<<32, c2)
-	l4, c4 = bits.Add64(l4, 0, c3)
-	l5, c5 = bits.Add64(l5, 0, c4)
-	l6, l7 = bits.Add64(l6, 0, c5)
-
-	xx[0], c0 = bits.Add64(l0, l7, 0)
-	xx[1], c1 = bits.Add64(l1, 0, c0)
-	xx[2], c2 = bits.Add64(l2, 0, c1)
-	xx[3], c3 = bits.Add64(l3, l7<<32, c2)
-	xx[4], c4 = bits.Add64(l4, 0, c3)
-	xx[5], c5 = bits.Add64(l5, 0, c4)
-	xx[6], _ = bits.Add64(l6, 0, c5)
-
-	for i := range xx {
-		binary.LittleEndian.PutUint64(z[i*n:(i+1)*n], xx[i])
-	}
-}
diff --git a/vendor/github.com/cloudflare/circl/dh/x448/curve_noasm.go b/vendor/github.com/cloudflare/circl/dh/x448/curve_noasm.go
deleted file mode 100644
index 3755b7c83b..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x448/curve_noasm.go
+++ /dev/null
@@ -1,11 +0,0 @@
-//go:build !amd64 || purego
-// +build !amd64 purego
-
-package x448
-
-import fp "github.com/cloudflare/circl/math/fp448"
-
-func double(x, z *fp.Elt)             { doubleGeneric(x, z) }
-func diffAdd(w *[5]fp.Elt, b uint)    { diffAddGeneric(w, b) }
-func ladderStep(w *[5]fp.Elt, b uint) { ladderStepGeneric(w, b) }
-func mulA24(z, x *fp.Elt)             { mulA24Generic(z, x) }
diff --git a/vendor/github.com/cloudflare/circl/dh/x448/doc.go b/vendor/github.com/cloudflare/circl/dh/x448/doc.go
deleted file mode 100644
index c02904feda..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x448/doc.go
+++ /dev/null
@@ -1,19 +0,0 @@
-/*
-Package x448 provides Diffie-Hellman functions as specified in RFC-7748.
-
-Validation of public keys.
-
-The Diffie-Hellman function, as described in RFC-7748 [1], works for any
-public key. However, if a different protocol requires contributory
-behaviour [2,3], then the public keys must be validated against low-order
-points [3,4]. To do that, the Shared function performs this validation
-internally and returns false when the public key is invalid (i.e., it
-is a low-order point).
-
-References:
-  - [1] RFC7748 by Langley, Hamburg, Turner (https://rfc-editor.org/rfc/rfc7748.txt)
-  - [2] Curve25519 by Bernstein (https://cr.yp.to/ecdh.html)
-  - [3] Bernstein (https://cr.yp.to/ecdh.html#validate)
-  - [4] Cremers&Jackson (https://eprint.iacr.org/2019/526)
-*/
-package x448
diff --git a/vendor/github.com/cloudflare/circl/dh/x448/key.go b/vendor/github.com/cloudflare/circl/dh/x448/key.go
deleted file mode 100644
index 2fdde51168..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x448/key.go
+++ /dev/null
@@ -1,46 +0,0 @@
-package x448
-
-import (
-	"crypto/subtle"
-
-	fp "github.com/cloudflare/circl/math/fp448"
-)
-
-// Size is the length in bytes of a X448 key.
-const Size = 56
-
-// Key represents a X448 key.
-type Key [Size]byte
-
-func (k *Key) clamp(in *Key) *Key {
-	*k = *in
-	k[0] &= 252
-	k[55] |= 128
-	return k
-}
-
-// isValidPubKey verifies if the public key is not a low-order point.
-func (k *Key) isValidPubKey() bool {
-	fp.Modp((*fp.Elt)(k))
-	var isLowOrder int
-	for _, P := range lowOrderPoints {
-		isLowOrder |= subtle.ConstantTimeCompare(P[:], k[:])
-	}
-	return isLowOrder == 0
-}
-
-// KeyGen obtains a public key given a secret key.
-func KeyGen(public, secret *Key) {
-	ladderJoye(public.clamp(secret))
-}
-
-// Shared calculates Alice's shared key from Alice's secret key and Bob's
-// public key returning true on success. A failure case happens when the public
-// key is a low-order point, thus the shared key is all-zeros and the function
-// returns false.
-func Shared(shared, secret, public *Key) bool {
-	validPk := *public
-	ok := validPk.isValidPubKey()
-	ladderMontgomery(shared.clamp(secret), &validPk)
-	return ok
-}
diff --git a/vendor/github.com/cloudflare/circl/dh/x448/table.go b/vendor/github.com/cloudflare/circl/dh/x448/table.go
deleted file mode 100644
index eef53c30f8..0000000000
--- a/vendor/github.com/cloudflare/circl/dh/x448/table.go
+++ /dev/null
@@ -1,460 +0,0 @@
-package x448
-
-import fp "github.com/cloudflare/circl/math/fp448"
-
-// tableGenerator contains the set of points:
-//
-//	t[i] = (xi+1)/(xi-1),
-//
-// where (xi,yi) = 2^iG and G is the generator point
-// Size = (448)*(448/8) = 25088 bytes.
-var tableGenerator = [448 * fp.Size]byte{
-	/* (2^  0)P */ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f,
-	/* (2^  1)P */ 0x37, 0xfa, 0xaa, 0x0d, 0x86, 0xa6, 0x24, 0xe9, 0x6c, 0x95, 0x08, 0x34, 0xba, 0x1a, 0x81, 0x3a, 0xae, 0x01, 0xa5, 0xa7, 0x05, 0x85, 0x96, 0x00, 0x06, 0x5a, 0xd7, 0xff, 0xee, 0x8e, 0x8f, 0x94, 0xd2, 0xdc, 0xd7, 0xfc, 0xe7, 0xe5, 0x99, 0x1d, 0x05, 0x46, 0x43, 0xe8, 0xbc, 0x12, 0xb7, 0xeb, 0x30, 0x5e, 0x7a, 0x85, 0x68, 0xed, 0x9d, 0x28,
-	/* (2^  2)P */ 0xf1, 0x7d, 0x08, 0x2b, 0x32, 0x4a, 0x62, 0x80, 0x36, 0xe7, 0xa4, 0x76, 0x5a, 0x2a, 0x1e, 0xf7, 0x9e, 0x3c, 0x40, 0x46, 0x9a, 0x1b, 0x61, 0xc1, 0xbf, 0x1a, 0x1b, 0xae, 0x91, 0x80, 0xa3, 0x76, 0x6c, 0xd4, 0x8f, 0xa4, 0xee, 0x26, 0x39, 0x23, 0xa4, 0x80, 0xf4, 0x66, 0x92, 0xe4, 0xe1, 0x18, 0x76, 0xc5, 0xe2, 0x19, 0x87, 0xd5, 0xc3, 0xe8,
-	/* (2^  3)P */ 0xfb, 0xc9, 0xf0, 0x07, 0xf2, 0x93, 0xd8, 0x50, 0x36, 0xed, 0xfb, 0xbd, 0xb2, 0xd3, 0xfc, 0xdf, 0xd5, 0x2a, 0x6e, 0x26, 0x09, 0xce, 0xd4, 0x07, 0x64, 0x9f, 0x40, 0x74, 0xad, 0x98, 0x2f, 0x1c, 0xb6, 0xdc, 0x2d, 0x42, 0xff, 0xbf, 0x97, 0xd8, 0xdb, 0xef, 0x99, 0xca, 0x73, 0x99, 0x1a, 0x04, 0x3b, 0x56, 0x2c, 0x1f, 0x87, 0x9d, 0x9f, 0x03,
-	/* (2^  4)P */ 0x4c, 0x35, 0x97, 0xf7, 0x81, 0x2c, 0x84, 0xa6, 0xe0, 0xcb, 0xce, 0x37, 0x4c, 0x21, 0x1c, 0x67, 0xfa, 0xab, 0x18, 0x4d, 0xef, 0xd0, 0xf0, 0x44, 0xa9, 0xfb, 0xc0, 0x8e, 0xda, 0x57, 0xa1, 0xd8, 0xeb, 0x87, 0xf4, 0x17, 0xea, 0x66, 0x0f, 0x16, 0xea, 0xcd, 0x5f, 0x3e, 0x88, 0xea, 0x09, 0x68, 0x40, 0xdf, 0x43, 0xcc, 0x54, 0x61, 0x58, 0xaa,
-	/* (2^  5)P */ 0x8d, 0xe7, 0x59, 0xd7, 0x5e, 0x63, 0x37, 0xa7, 0x3f, 0xd1, 0x49, 0x85, 0x01, 0xdd, 0x5e, 0xb3, 0xe6, 0x29, 0xcb, 0x25, 0x93, 0xdd, 0x08, 0x96, 0x83, 0x52, 0x76, 0x85, 0xf5, 0x5d, 0x02, 0xbf, 0xe9, 0x6d, 0x15, 0x27, 0xc1, 0x09, 0xd1, 0x14, 0x4d, 0x6e, 0xe8, 0xaf, 0x59, 0x58, 0x34, 0x9d, 0x2a, 0x99, 0x85, 0x26, 0xbe, 0x4b, 0x1e, 0xb9,
-	/* (2^  6)P */ 0x8d, 0xce, 0x94, 0xe2, 0x18, 0x56, 0x0d, 0x82, 0x8e, 0xdf, 0x85, 0x01, 0x8f, 0x93, 0x3c, 0xc6, 0xbd, 0x61, 0xfb, 0xf4, 0x22, 0xc5, 0x16, 0x87, 0xd1, 0xb1, 0x9e, 0x09, 0xc5, 0x83, 0x2e, 0x4a, 0x07, 0x88, 0xee, 0xe0, 0x29, 0x8d, 0x2e, 0x1f, 0x88, 0xad, 0xfd, 0x18, 0x93, 0xb7, 0xed, 0x42, 0x86, 0x78, 0xf0, 0xb8, 0x70, 0xbe, 0x01, 0x67,
-	/* (2^  7)P */ 0xdf, 0x62, 0x2d, 0x94, 0xc7, 0x35, 0x23, 0xda, 0x27, 0xbb, 0x2b, 0xdb, 0x30, 0x80, 0x68, 0x16, 0xa3, 0xae, 0xd7, 0xd2, 0xa7, 0x7c, 0xbf, 0x6a, 0x1d, 0x83, 0xde, 0x96, 0x0a, 0x43, 0xb6, 0x30, 0x37, 0xd6, 0xee, 0x63, 0x59, 0x9a, 0xbf, 0xa3, 0x30, 0x6c, 0xaf, 0x0c, 0xee, 0x3d, 0xcb, 0x35, 0x4b, 0x55, 0x5f, 0x84, 0x85, 0xcb, 0x4f, 0x1e,
-	/* (2^  8)P */ 0x9d, 0x04, 0x68, 0x89, 0xa4, 0xa9, 0x0d, 0x87, 0xc1, 0x70, 0xf1, 0xeb, 0xfb, 0x47, 0x0a, 0xf0, 0xde, 0x67, 0xb7, 0x94, 0xcd, 0x36, 0x43, 0xa5, 0x49, 0x43, 0x67, 0xc3, 0xee, 0x3c, 0x6b, 0xec, 0xd0, 0x1a, 0xf4, 0xad, 0xef, 0x06, 0x4a, 0xe8, 0x46, 0x24, 0xd7, 0x93, 0xbf, 0xf0, 0xe3, 0x81, 0x61, 0xec, 0xea, 0x64, 0xfe, 0x67, 0xeb, 0xc7,
-	/* (2^  9)P */ 0x95, 0x45, 0x79, 0xcf, 0x2c, 0xfd, 0x9b, 0xfe, 0x84, 0x46, 0x4b, 0x8f, 0xa1, 0xcf, 0xc3, 0x04, 0x94, 0x78, 0xdb, 0xc9, 0xa6, 0x01, 0x75, 0xa4, 0xb4, 0x93, 0x72, 0x43, 0xa7, 0x7d, 0xda, 0x31, 0x38, 0x54, 0xab, 0x4e, 0x3f, 0x89, 0xa6, 0xab, 0x57, 0xc0, 0x16, 0x65, 0xdb, 0x92, 0x96, 0xe4, 0xc8, 0xae, 0xe7, 0x4c, 0x7a, 0xeb, 0xbb, 0x5a,
-	/* (2^ 10)P */ 0xbe, 0xfe, 0x86, 0xc3, 0x97, 0xe0, 0x6a, 0x18, 0x20, 0x21, 0xca, 0x22, 0x55, 0xa1, 0xeb, 0xf5, 0x74, 0xe5, 0xc9, 0x59, 0xa7, 0x92, 0x65, 0x15, 0x08, 0x71, 0xd1, 0x09, 0x7e, 0x83, 0xfc, 0xbc, 0x5a, 0x93, 0x38, 0x0d, 0x43, 0x42, 0xfd, 0x76, 0x30, 0xe8, 0x63, 0x60, 0x09, 0x8d, 0x6c, 0xd3, 0xf8, 0x56, 0x3d, 0x68, 0x47, 0xab, 0xa0, 0x1d,
-	/* (2^ 11)P */ 0x38, 0x50, 0x1c, 0xb1, 0xac, 0x88, 0x8f, 0x38, 0xe3, 0x69, 0xe6, 0xfc, 0x4f, 0x8f, 0xe1, 0x9b, 0xb1, 0x1a, 0x09, 0x39, 0x19, 0xdf, 0xcd, 0x98, 0x7b, 0x64, 0x42, 0xf6, 0x11, 0xea, 0xc7, 0xe8, 0x92, 0x65, 0x00, 0x2c, 0x75, 0xb5, 0x94, 0x1e, 0x5b, 0xa6, 0x66, 0x81, 0x77, 0xf3, 0x39, 0x94, 0xac, 0xbd, 0xe4, 0x2a, 0x66, 0x84, 0x9c, 0x60,
-	/* (2^ 12)P */ 0xb5, 0xb6, 0xd9, 0x03, 0x67, 0xa4, 0xa8, 0x0a, 0x4a, 0x2b, 0x9d, 0xfa, 0x13, 0xe1, 0x99, 0x25, 0x4a, 0x5c, 0x67, 0xb9, 0xb2, 0xb7, 0xdd, 0x1e, 0xaf, 0xeb, 0x63, 0x41, 0xb6, 0xb9, 0xa0, 0x87, 0x0a, 0xe0, 0x06, 0x07, 0xaa, 0x97, 0xf8, 0xf9, 0x38, 0x4f, 0xdf, 0x0c, 0x40, 0x7c, 0xc3, 0x98, 0xa9, 0x74, 0xf1, 0x5d, 0xda, 0xd1, 0xc0, 0x0a,
-	/* (2^ 13)P */ 0xf2, 0x0a, 0xab, 0xab, 0x94, 0x50, 0xf0, 0xa3, 0x6f, 0xc6, 0x66, 0xba, 0xa6, 0xdc, 0x44, 0xdd, 0xd6, 0x08, 0xf4, 0xd3, 0xed, 0xb1, 0x40, 0x93, 0xee, 0xf6, 0xb8, 0x8e, 0xb4, 0x7c, 0xb9, 0x82, 0xc9, 0x9d, 0x45, 0x3b, 0x8e, 0x10, 0xcb, 0x70, 0x1e, 0xba, 0x3c, 0x62, 0x50, 0xda, 0xa9, 0x93, 0xb5, 0xd7, 0xd0, 0x6f, 0x29, 0x52, 0x95, 0xae,
-	/* (2^ 14)P */ 0x14, 0x68, 0x69, 0x23, 0xa8, 0x44, 0x87, 0x9e, 0x22, 0x91, 0xe8, 0x92, 0xdf, 0xf7, 0xae, 0xba, 0x1c, 0x96, 0xe1, 0xc3, 0x94, 0xed, 0x6c, 0x95, 0xae, 0x96, 0xa7, 0x15, 0x9f, 0xf1, 0x17, 0x11, 0x92, 0x42, 0xd5, 0xcd, 0x18, 0xe7, 0xa9, 0xb5, 0x2f, 0xcd, 0xde, 0x6c, 0xc9, 0x7d, 0xfc, 0x7e, 0xbd, 0x7f, 0x10, 0x3d, 0x01, 0x00, 0x8d, 0x95,
-	/* (2^ 15)P */ 0x3b, 0x76, 0x72, 0xae, 0xaf, 0x84, 0xf2, 0xf7, 0xd1, 0x6d, 0x13, 0x9c, 0x47, 0xe1, 0xb7, 0xa3, 0x19, 0x16, 0xee, 0x75, 0x45, 0xf6, 0x1a, 0x7b, 0x78, 0x49, 0x79, 0x05, 0x86, 0xf0, 0x7f, 0x9f, 0xfc, 0xc4, 0xbd, 0x86, 0xf3, 0x41, 0xa7, 0xfe, 0x01, 0xd5, 0x67, 0x16, 0x10, 0x5b, 0xa5, 0x16, 0xf3, 0x7f, 0x60, 0xce, 0xd2, 0x0c, 0x8e, 0x4b,
-	/* (2^ 16)P */ 0x4a, 0x07, 0x99, 0x4a, 0x0f, 0x74, 0x91, 0x14, 0x68, 0xb9, 0x48, 0xb7, 0x44, 0x77, 0x9b, 0x4a, 0xe0, 0x68, 0x0e, 0x43, 0x4d, 0x98, 0x98, 0xbf, 0xa8, 0x3a, 0xb7, 0x6d, 0x2a, 0x9a, 0x77, 0x5f, 0x62, 0xf5, 0x6b, 0x4a, 0xb7, 0x7d, 0xe5, 0x09, 0x6b, 0xc0, 0x8b, 0x9c, 0x88, 0x37, 0x33, 0xf2, 0x41, 0xac, 0x22, 0x1f, 0xcf, 0x3b, 0x82, 0x34,
-	/* (2^ 17)P */ 0x00, 0xc3, 0x78, 0x42, 0x32, 0x2e, 0xdc, 0xda, 0xb1, 0x96, 0x21, 0xa4, 0xe4, 0xbb, 0xe9, 0x9d, 0xbb, 0x0f, 0x93, 0xed, 0x26, 0x3d, 0xb5, 0xdb, 0x94, 0x31, 0x37, 0x07, 0xa2, 0xb2, 0xd5, 0x99, 0x0d, 0x93, 0xe1, 0xce, 0x3f, 0x0b, 0x96, 0x82, 0x47, 0xfe, 0x60, 0x6f, 0x8f, 0x61, 0x88, 0xd7, 0x05, 0x95, 0x0b, 0x46, 0x06, 0xb7, 0x32, 0x06,
-	/* (2^ 18)P */ 0x44, 0xf5, 0x34, 0xdf, 0x2f, 0x9c, 0x5d, 0x9f, 0x53, 0x5c, 0x42, 0x8f, 0xc9, 0xdc, 0xd8, 0x40, 0xa2, 0xe7, 0x6a, 0x4a, 0x05, 0xf7, 0x86, 0x77, 0x2b, 0xae, 0x37, 0xed, 0x48, 0xfb, 0xf7, 0x62, 0x7c, 0x17, 0x59, 0x92, 0x41, 0x61, 0x93, 0x38, 0x30, 0xd1, 0xef, 0x54, 0x54, 0x03, 0x17, 0x57, 0x91, 0x15, 0x11, 0x33, 0xb5, 0xfa, 0xfb, 0x17,
-	/* (2^ 19)P */ 0x29, 0xbb, 0xd4, 0xb4, 0x9c, 0xf1, 0x72, 0x94, 0xce, 0x6a, 0x29, 0xa8, 0x89, 0x18, 0x19, 0xf7, 0xb7, 0xcc, 0xee, 0x9a, 0x02, 0xe3, 0xc0, 0xb1, 0xe0, 0xee, 0x83, 0x78, 0xb4, 0x9e, 0x07, 0x87, 0xdf, 0xb0, 0x82, 0x26, 0x4e, 0xa4, 0x0c, 0x33, 0xaf, 0x40, 0x59, 0xb6, 0xdd, 0x52, 0x45, 0xf0, 0xb4, 0xf6, 0xe8, 0x4e, 0x4e, 0x79, 0x1a, 0x5d,
-	/* (2^ 20)P */ 0x27, 0x33, 0x4d, 0x4c, 0x6b, 0x4f, 0x75, 0xb1, 0xbc, 0x1f, 0xab, 0x5b, 0x2b, 0xf0, 0x1c, 0x57, 0x86, 0xdd, 0xfd, 0x60, 0xb0, 0x8c, 0xe7, 0x9a, 0xe5, 0x5c, 0xeb, 0x11, 0x3a, 0xda, 0x22, 0x25, 0x99, 0x06, 0x8d, 0xf4, 0xaf, 0x29, 0x7a, 0xc9, 0xe5, 0xd2, 0x16, 0x9e, 0xd4, 0x63, 0x1d, 0x64, 0xa6, 0x47, 0x96, 0x37, 0x6f, 0x93, 0x2c, 0xcc,
-	/* (2^ 21)P */ 0xc1, 0x94, 0x74, 0x86, 0x75, 0xf2, 0x91, 0x58, 0x23, 0x85, 0x63, 0x76, 0x54, 0xc7, 0xb4, 0x8c, 0xbc, 0x4e, 0xc4, 0xa7, 0xba, 0xa0, 0x55, 0x26, 0x71, 0xd5, 0x33, 0x72, 0xc9, 0xad, 0x1e, 0xf9, 0x5d, 0x78, 0x70, 0x93, 0x4e, 0x85, 0xfc, 0x39, 0x06, 0x73, 0x76, 0xff, 0xe8, 0x64, 0x69, 0x42, 0x45, 0xb2, 0x69, 0xb5, 0x32, 0xe7, 0x2c, 0xde,
-	/* (2^ 22)P */ 0xde, 0x16, 0xd8, 0x33, 0x49, 0x32, 0xe9, 0x0e, 0x3a, 0x60, 0xee, 0x2e, 0x24, 0x75, 0xe3, 0x9c, 0x92, 0x07, 0xdb, 0xad, 0x92, 0xf5, 0x11, 0xdf, 0xdb, 0xb0, 0x17, 0x5c, 0xd6, 0x1a, 0x70, 0x00, 0xb7, 0xe2, 0x18, 0xec, 0xdc, 0xc2, 0x02, 0x93, 0xb3, 0xc8, 0x3f, 0x4f, 0x1b, 0x96, 0xe6, 0x33, 0x8c, 0xfb, 0xcc, 0xa5, 0x4e, 0xe8, 0xe7, 0x11,
-	/* (2^ 23)P */ 0x05, 0x7a, 0x74, 0x52, 0xf8, 0xdf, 0x0d, 0x7c, 0x6a, 0x1a, 0x4e, 0x9a, 0x02, 0x1d, 0xae, 0x77, 0xf8, 0x8e, 0xf9, 0xa2, 0x38, 0x54, 0x50, 0xb2, 0x2c, 0x08, 0x9d, 0x9b, 0x9f, 0xfb, 0x2b, 0x06, 0xde, 0x9d, 0xc2, 0x03, 0x0b, 0x22, 0x2b, 0x10, 0x5b, 0x3a, 0x73, 0x29, 0x8e, 0x3e, 0x37, 0x08, 0x2c, 0x3b, 0xf8, 0x80, 0xc1, 0x66, 0x1e, 0x98,
-	/* (2^ 24)P */ 0xd8, 0xd6, 0x3e, 0xcd, 0x63, 0x8c, 0x2b, 0x41, 0x81, 0xc0, 0x0c, 0x06, 0x87, 0xd6, 0xe7, 0x92, 0xfe, 0xf1, 0x0c, 0x4a, 0x84, 0x5b, 0xaf, 0x40, 0x53, 0x6f, 0x60, 0xd6, 0x6b, 0x76, 0x4b, 0xc2, 0xad, 0xc9, 0xb6, 0xb6, 0x6a, 0xa2, 0xb3, 0xf5, 0xf5, 0xc2, 0x55, 0x83, 0xb2, 0xd3, 0xe9, 0x41, 0x6c, 0x63, 0x51, 0xb8, 0x81, 0x74, 0xc8, 0x2c,
-	/* (2^ 25)P */ 0xb2, 0xaf, 0x1c, 0xee, 0x07, 0xb0, 0x58, 0xa8, 0x2c, 0x6a, 0xc9, 0x2d, 0x62, 0x28, 0x75, 0x0c, 0x40, 0xb6, 0x11, 0x33, 0x96, 0x80, 0x28, 0x6d, 0xd5, 0x9e, 0x87, 0x90, 0x01, 0x66, 0x1d, 0x1c, 0xf8, 0xb4, 0x92, 0xac, 0x38, 0x18, 0x05, 0xc2, 0x4c, 0x4b, 0x54, 0x7d, 0x80, 0x46, 0x87, 0x2d, 0x99, 0x8e, 0x70, 0x80, 0x69, 0x71, 0x8b, 0xed,
-	/* (2^ 26)P */ 0x37, 0xa7, 0x6b, 0x71, 0x36, 0x75, 0x8e, 0xff, 0x0f, 0x42, 0xda, 0x5a, 0x46, 0xa6, 0x97, 0x79, 0x7e, 0x30, 0xb3, 0x8f, 0xc7, 0x3a, 0xa0, 0xcb, 0x1d, 0x9c, 0x78, 0x77, 0x36, 0xc2, 0xe7, 0xf4, 0x2f, 0x29, 0x07, 0xb1, 0x07, 0xfd, 0xed, 0x1b, 0x39, 0x77, 0x06, 0x38, 0x77, 0x0f, 0x50, 0x31, 0x12, 0xbf, 0x92, 0xbf, 0x72, 0x79, 0x54, 0xa9,
-	/* (2^ 27)P */ 0xbd, 0x4d, 0x46, 0x6b, 0x1a, 0x80, 0x46, 0x2d, 0xed, 0xfd, 0x64, 0x6d, 0x94, 0xbc, 0x4a, 0x6e, 0x0c, 0x12, 0xf6, 0x12, 0xab, 0x54, 0x88, 0xd3, 0x85, 0xac, 0x51, 0xae, 0x6f, 0xca, 0xc4, 0xb7, 0xec, 0x22, 0x54, 0x6d, 0x80, 0xb2, 0x1c, 0x63, 0x33, 0x76, 0x6b, 0x8e, 0x6d, 0x59, 0xcd, 0x73, 0x92, 0x5f, 0xff, 0xad, 0x10, 0x35, 0x70, 0x5f,
-	/* (2^ 28)P */ 0xb3, 0x84, 0xde, 0xc8, 0x04, 0x43, 0x63, 0xfa, 0x29, 0xd9, 0xf0, 0x69, 0x65, 0x5a, 0x0c, 0xe8, 0x2e, 0x0b, 0xfe, 0xb0, 0x7a, 0x42, 0xb3, 0xc3, 0xfc, 0xe6, 0xb8, 0x92, 0x29, 0xae, 0xed, 0xec, 0xd5, 0xe8, 0x4a, 0xa1, 0xbd, 0x3b, 0xd3, 0xc0, 0x07, 0xab, 0x65, 0x65, 0x35, 0x9a, 0xa6, 0x5e, 0x78, 0x18, 0x76, 0x1c, 0x15, 0x49, 0xe6, 0x75,
-	/* (2^ 29)P */ 0x45, 0xb3, 0x92, 0xa9, 0xc3, 0xb8, 0x11, 0x68, 0x64, 0x3a, 0x83, 0x5d, 0xa8, 0x94, 0x6a, 0x9d, 0xaa, 0x27, 0x9f, 0x98, 0x5d, 0xc0, 0x29, 0xf0, 0xc0, 0x4b, 0x14, 0x3c, 0x05, 0xe7, 0xf8, 0xbd, 0x38, 0x22, 0x96, 0x75, 0x65, 0x5e, 0x0d, 0x3f, 0xbb, 0x6f, 0xe8, 0x3f, 0x96, 0x76, 0x9f, 0xba, 0xd9, 0x44, 0x92, 0x96, 0x22, 0xe7, 0x52, 0xe7,
-	/* (2^ 30)P */ 0xf4, 0xa3, 0x95, 0x90, 0x47, 0xdf, 0x7d, 0xdc, 0xf4, 0x13, 0x87, 0x67, 0x7d, 0x4f, 0x9d, 0xa0, 0x00, 0x46, 0x72, 0x08, 0xc3, 0xa2, 0x7a, 0x3e, 0xe7, 0x6d, 0x52, 0x7c, 0x11, 0x36, 0x50, 0x83, 0x89, 0x64, 0xcb, 0x1f, 0x08, 0x83, 0x46, 0xcb, 0xac, 0xa6, 0xd8, 0x9c, 0x1b, 0xe8, 0x05, 0x47, 0xc7, 0x26, 0x06, 0x83, 0x39, 0xe9, 0xb1, 0x1c,
-	/* (2^ 31)P */ 0x11, 0xe8, 0xc8, 0x42, 0xbf, 0x30, 0x9c, 0xa3, 0xf1, 0x85, 0x96, 0x95, 0x4f, 0x4f, 0x52, 0xa2, 0xf5, 0x8b, 0x68, 0x24, 0x16, 0xac, 0x9b, 0xa9, 0x27, 0x28, 0x0e, 0x84, 0x03, 0x46, 0x22, 0x5f, 0xf7, 0x0d, 0xa6, 0x85, 0x88, 0xc1, 0x45, 0x4b, 0x85, 0x1a, 0x10, 0x7f, 0xc9, 0x94, 0x20, 0xb0, 0x04, 0x28, 0x12, 0x30, 0xb9, 0xe6, 0x40, 0x6b,
-	/* (2^ 32)P */ 0xac, 0x1b, 0x57, 0xb6, 0x42, 0xdb, 0x81, 0x8d, 0x76, 0xfd, 0x9b, 0x1c, 0x29, 0x30, 0xd5, 0x3a, 0xcc, 0x53, 0xd9, 0x26, 0x7a, 0x0f, 0x9c, 0x2e, 0x79, 0xf5, 0x62, 0xeb, 0x61, 0x9d, 0x9b, 0x80, 0x39, 0xcd, 0x60, 0x2e, 0x1f, 0x08, 0x22, 0xbc, 0x19, 0xb3, 0x2a, 0x43, 0x44, 0xf2, 0x4e, 0x66, 0xf4, 0x36, 0xa6, 0xa7, 0xbc, 0xa4, 0x15, 0x7e,
-	/* (2^ 33)P */ 0xc1, 0x90, 0x8a, 0xde, 0xff, 0x78, 0xc3, 0x73, 0x16, 0xee, 0x76, 0xa0, 0x84, 0x60, 0x8d, 0xe6, 0x82, 0x0f, 0xde, 0x4e, 0xc5, 0x99, 0x34, 0x06, 0x90, 0x44, 0x55, 0xf8, 0x91, 0xd8, 0xe1, 0xe4, 0x2c, 0x8a, 0xde, 0x94, 0x1e, 0x78, 0x25, 0x3d, 0xfd, 0xd8, 0x59, 0x7d, 0xaf, 0x6e, 0xbe, 0x96, 0xbe, 0x3c, 0x16, 0x23, 0x0f, 0x4c, 0xa4, 0x28,
-	/* (2^ 34)P */ 0xba, 0x11, 0x35, 0x57, 0x03, 0xb6, 0xf4, 0x24, 0x89, 0xb8, 0x5a, 0x0d, 0x50, 0x9c, 0xaa, 0x51, 0x7f, 0xa4, 0x0e, 0xfc, 0x71, 0xb3, 0x3b, 0xf1, 0x96, 0x50, 0x23, 0x15, 0xf5, 0xf5, 0xd4, 0x23, 0xdc, 0x8b, 0x26, 0x9e, 0xae, 0xb7, 0x50, 0xcd, 0xc4, 0x25, 0xf6, 0x75, 0x40, 0x9c, 0x37, 0x79, 0x33, 0x60, 0xd4, 0x4b, 0x13, 0x32, 0xee, 0xe2,
-	/* (2^ 35)P */ 0x43, 0xb8, 0x56, 0x59, 0xf0, 0x68, 0x23, 0xb3, 0xea, 0x70, 0x58, 0x4c, 0x1e, 0x5a, 0x16, 0x54, 0x03, 0xb2, 0xf4, 0x73, 0xb6, 0xd9, 0x5c, 0x9c, 0x6f, 0xcf, 0x82, 0x2e, 0x54, 0x15, 0x46, 0x2c, 0xa3, 0xda, 0x4e, 0x87, 0xf5, 0x2b, 0xba, 0x91, 0xa3, 0xa0, 0x89, 0xba, 0x48, 0x2b, 0xfa, 0x64, 0x02, 0x7f, 0x78, 0x03, 0xd1, 0xe8, 0x3b, 0xe9,
-	/* (2^ 36)P */ 0x15, 0xa4, 0x71, 0xd4, 0x0c, 0x24, 0xe9, 0x07, 0xa1, 0x43, 0xf4, 0x7f, 0xbb, 0xa2, 0xa6, 0x6b, 0xfa, 0xb7, 0xea, 0x58, 0xd1, 0x96, 0xb0, 0x24, 0x5c, 0xc7, 0x37, 0x4e, 0x60, 0x0f, 0x40, 0xf2, 0x2f, 0x44, 0x70, 0xea, 0x80, 0x63, 0xfe, 0xfc, 0x46, 0x59, 0x12, 0x27, 0xb5, 0x27, 0xfd, 0xb7, 0x73, 0x0b, 0xca, 0x8b, 0xc2, 0xd3, 0x71, 0x08,
-	/* (2^ 37)P */ 0x26, 0x0e, 0xd7, 0x52, 0x6f, 0xf1, 0xf2, 0x9d, 0xb8, 0x3d, 0xbd, 0xd4, 0x75, 0x97, 0xd8, 0xbf, 0xa8, 0x86, 0x96, 0xa5, 0x80, 0xa0, 0x45, 0x75, 0xf6, 0x77, 0x71, 0xdb, 0x77, 0x96, 0x55, 0x99, 0x31, 0xd0, 0x4f, 0x34, 0xf4, 0x35, 0x39, 0x41, 0xd3, 0x7d, 0xf7, 0xe2, 0x74, 0xde, 0xbe, 0x5b, 0x1f, 0x39, 0x10, 0x21, 0xa3, 0x4d, 0x3b, 0xc8,
-	/* (2^ 38)P */ 0x04, 0x00, 0x2a, 0x45, 0xb2, 0xaf, 0x9b, 0x18, 0x6a, 0xeb, 0x96, 0x28, 0xa4, 0x77, 0xd0, 0x13, 0xcf, 0x17, 0x65, 0xe8, 0xc5, 0x81, 0x28, 0xad, 0x39, 0x7a, 0x0b, 0xaa, 0x55, 0x2b, 0xf3, 0xfc, 0x86, 0x40, 0xad, 0x0d, 0x1e, 0x28, 0xa2, 0x2d, 0xc5, 0xd6, 0x04, 0x15, 0xa2, 0x30, 0x3d, 0x12, 0x8e, 0xd6, 0xb5, 0xf7, 0x69, 0xbb, 0x84, 0x20,
-	/* (2^ 39)P */ 0xd7, 0x7a, 0x77, 0x2c, 0xfb, 0x81, 0x80, 0xe9, 0x1e, 0xc6, 0x36, 0x31, 0x79, 0xc3, 0x7c, 0xa9, 0x57, 0x6b, 0xb5, 0x70, 0xfb, 0xe4, 0xa1, 0xff, 0xfd, 0x21, 0xa5, 0x7c, 0xfa, 0x44, 0xba, 0x0d, 0x96, 0x3d, 0xc4, 0x5c, 0x39, 0x52, 0x87, 0xd7, 0x22, 0x0f, 0x52, 0x88, 0x91, 0x87, 0x96, 0xac, 0xfa, 0x3b, 0xdf, 0xdc, 0x83, 0x8c, 0x99, 0x29,
-	/* (2^ 40)P */ 0x98, 0x6b, 0x3a, 0x8d, 0x83, 0x17, 0xe1, 0x62, 0xd8, 0x80, 0x4c, 0x97, 0xce, 0x6b, 0xaa, 0x10, 0xa7, 0xc4, 0xe9, 0xeb, 0xa5, 0xfb, 0xc9, 0xdd, 0x2d, 0xeb, 0xfc, 0x9a, 0x71, 0xcd, 0x68, 0x6e, 0xc0, 0x35, 0x64, 0x62, 0x1b, 0x95, 0x12, 0xe8, 0x53, 0xec, 0xf0, 0xf4, 0x86, 0x86, 0x78, 0x18, 0xc4, 0xc6, 0xbc, 0x5a, 0x59, 0x8f, 0x7c, 0x7e,
-	/* (2^ 41)P */ 0x7f, 0xd7, 0x1e, 0xc5, 0x83, 0xdc, 0x1f, 0xbe, 0x0b, 0xcf, 0x2e, 0x01, 0x01, 0xed, 0xac, 0x17, 0x3b, 0xed, 0xa4, 0x30, 0x96, 0x0e, 0x14, 0x7e, 0x19, 0x2b, 0xa5, 0x67, 0x1e, 0xb3, 0x34, 0x03, 0xa8, 0xbb, 0x0a, 0x7d, 0x08, 0x2d, 0xd5, 0x53, 0x19, 0x6f, 0x13, 0xd5, 0xc0, 0x90, 0x8a, 0xcc, 0xc9, 0x5c, 0xab, 0x24, 0xd7, 0x03, 0xf6, 0x57,
-	/* (2^ 42)P */ 0x49, 0xcb, 0xb4, 0x96, 0x5f, 0xa6, 0xf8, 0x71, 0x6f, 0x59, 0xad, 0x05, 0x24, 0x2d, 0xaf, 0x67, 0xa8, 0xbe, 0x95, 0xdf, 0x0d, 0x28, 0x5a, 0x7f, 0x6e, 0x87, 0x8c, 0x6e, 0x67, 0x0c, 0xf4, 0xe0, 0x1c, 0x30, 0xc2, 0x66, 0xae, 0x20, 0xa1, 0x34, 0xec, 0x9c, 0xbc, 0xae, 0x3d, 0xa1, 0x28, 0x28, 0x95, 0x1d, 0xc9, 0x3a, 0xa8, 0xfd, 0xfc, 0xa1,
-	/* (2^ 43)P */ 0xe2, 0x2b, 0x9d, 0xed, 0x02, 0x99, 0x67, 0xbb, 0x2e, 0x16, 0x62, 0x05, 0x70, 0xc7, 0x27, 0xb9, 0x1c, 0x3f, 0xf2, 0x11, 0x01, 0xd8, 0x51, 0xa4, 0x18, 0x92, 0xa9, 0x5d, 0xfb, 0xa9, 0xe4, 0x42, 0xba, 0x38, 0x34, 0x1a, 0x4a, 0xc5, 0x6a, 0x37, 0xde, 0xa7, 0x0c, 0xb4, 0x7e, 0x7f, 0xde, 0xa6, 0xee, 0xcd, 0x55, 0x57, 0x05, 0x06, 0xfd, 0x5d,
-	/* (2^ 44)P */ 0x2f, 0x32, 0xcf, 0x2e, 0x2c, 0x7b, 0xbe, 0x9a, 0x0c, 0x57, 0x35, 0xf8, 0x87, 0xda, 0x9c, 0xec, 0x48, 0xf2, 0xbb, 0xe2, 0xda, 0x10, 0x58, 0x20, 0xc6, 0xd3, 0x87, 0xe9, 0xc7, 0x26, 0xd1, 0x9a, 0x46, 0x87, 0x90, 0xda, 0xdc, 0xde, 0xc3, 0xb3, 0xf2, 0xe8, 0x6f, 0x4a, 0xe6, 0xe8, 0x9d, 0x98, 0x36, 0x20, 0x03, 0x47, 0x15, 0x3f, 0x64, 0x59,
-	/* (2^ 45)P */ 0xd4, 0x71, 0x49, 0x0a, 0x67, 0x97, 0xaa, 0x3f, 0xf4, 0x1b, 0x3a, 0x6e, 0x5e, 0x17, 0xcc, 0x0a, 0x8f, 0x81, 0x6a, 0x41, 0x38, 0x77, 0x40, 0x8a, 0x11, 0x42, 0x62, 0xd2, 0x50, 0x32, 0x79, 0x78, 0x28, 0xc2, 0x2e, 0x10, 0x01, 0x94, 0x30, 0x4f, 0x7f, 0x18, 0x17, 0x56, 0x85, 0x4e, 0xad, 0xf7, 0xcb, 0x87, 0x3c, 0x3f, 0x50, 0x2c, 0xc0, 0xba,
-	/* (2^ 46)P */ 0xbc, 0x30, 0x8e, 0x65, 0x8e, 0x57, 0x5b, 0x38, 0x7a, 0xd4, 0x95, 0x52, 0x7a, 0x32, 0x59, 0x69, 0xcd, 0x9d, 0x47, 0x34, 0x5b, 0x55, 0xa5, 0x24, 0x60, 0xdd, 0xc0, 0xc1, 0x62, 0x73, 0x44, 0xae, 0x4c, 0x9c, 0x65, 0x55, 0x1b, 0x9d, 0x8a, 0x29, 0xb0, 0x1a, 0x52, 0xa8, 0xf1, 0xe6, 0x9a, 0xb3, 0xf6, 0xa3, 0xc9, 0x0a, 0x70, 0x7d, 0x0f, 0xee,
-	/* (2^ 47)P */ 0x77, 0xd3, 0xe5, 0x8e, 0xfa, 0x00, 0xeb, 0x1b, 0x7f, 0xdc, 0x68, 0x3f, 0x92, 0xbd, 0xb7, 0x0b, 0xb7, 0xb5, 0x24, 0xdf, 0xc5, 0x67, 0x53, 0xd4, 0x36, 0x79, 0xc4, 0x7b, 0x57, 0xbc, 0x99, 0x97, 0x60, 0xef, 0xe4, 0x01, 0xa1, 0xa7, 0xaa, 0x12, 0x36, 0x29, 0xb1, 0x03, 0xc2, 0x83, 0x1c, 0x2b, 0x83, 0xef, 0x2e, 0x2c, 0x23, 0x92, 0xfd, 0xd1,
-	/* (2^ 48)P */ 0x94, 0xef, 0x03, 0x59, 0xfa, 0x8a, 0x18, 0x76, 0xee, 0x58, 0x08, 0x4d, 0x44, 0xce, 0xf1, 0x52, 0x33, 0x49, 0xf6, 0x69, 0x71, 0xe3, 0xa9, 0xbc, 0x86, 0xe3, 0x43, 0xde, 0x33, 0x7b, 0x90, 0x8b, 0x3e, 0x7d, 0xd5, 0x4a, 0xf0, 0x23, 0x99, 0xa6, 0xea, 0x5f, 0x08, 0xe5, 0xb9, 0x49, 0x8b, 0x0d, 0x6a, 0x21, 0xab, 0x07, 0x62, 0xcd, 0xc4, 0xbe,
-	/* (2^ 49)P */ 0x61, 0xbf, 0x70, 0x14, 0xfa, 0x4e, 0x9e, 0x7c, 0x0c, 0xf8, 0xb2, 0x48, 0x71, 0x62, 0x83, 0xd6, 0xd1, 0xdc, 0x9c, 0x29, 0x66, 0xb1, 0x34, 0x9c, 0x8d, 0xe6, 0x88, 0xaf, 0xbe, 0xdc, 0x4d, 0xeb, 0xb0, 0xe7, 0x28, 0xae, 0xb2, 0x05, 0x56, 0xc6, 0x0e, 0x10, 0x26, 0xab, 0x2c, 0x59, 0x72, 0x03, 0x66, 0xfe, 0x8f, 0x2c, 0x51, 0x2d, 0xdc, 0xae,
-	/* (2^ 50)P */ 0xdc, 0x63, 0xf1, 0x8b, 0x5c, 0x65, 0x0b, 0xf1, 0xa6, 0x22, 0xe2, 0xd9, 0xdb, 0x49, 0xb1, 0x3c, 0x47, 0xc2, 0xfe, 0xac, 0x86, 0x07, 0x52, 0xec, 0xb0, 0x08, 0x69, 0xfb, 0xd1, 0x06, 0xdc, 0x48, 0x5c, 0x3d, 0xb2, 0x4d, 0xb8, 0x1a, 0x4e, 0xda, 0xb9, 0xc1, 0x2b, 0xab, 0x4b, 0x62, 0x81, 0x21, 0x9a, 0xfc, 0x3d, 0x39, 0x83, 0x11, 0x36, 0xeb,
-	/* (2^ 51)P */ 0x94, 0xf3, 0x17, 0xef, 0xf9, 0x60, 0x54, 0xc3, 0xd7, 0x27, 0x35, 0xc5, 0x98, 0x5e, 0xf6, 0x63, 0x6c, 0xa0, 0x4a, 0xd3, 0xa3, 0x98, 0xd9, 0x42, 0xe3, 0xf1, 0xf8, 0x81, 0x96, 0xa9, 0xea, 0x6d, 0x4b, 0x8e, 0x33, 0xca, 0x94, 0x0d, 0xa0, 0xf7, 0xbb, 0x64, 0xa3, 0x36, 0x6f, 0xdc, 0x5a, 0x94, 0x42, 0xca, 0x06, 0xb2, 0x2b, 0x9a, 0x9f, 0x71,
-	/* (2^ 52)P */ 0xec, 0xdb, 0xa6, 0x1f, 0xdf, 0x15, 0x36, 0xa3, 0xda, 0x8a, 0x7a, 0xb6, 0xa7, 0xe3, 0xaf, 0x52, 0xe0, 0x8d, 0xe8, 0xf2, 0x44, 0x20, 0xeb, 0xa1, 0x20, 0xc4, 0x65, 0x3c, 0x7c, 0x6c, 0x49, 0xed, 0x2f, 0x66, 0x23, 0x68, 0x61, 0x91, 0x40, 0x9f, 0x50, 0x19, 0xd1, 0x84, 0xa7, 0xe2, 0xed, 0x34, 0x37, 0xe3, 0xe4, 0x11, 0x7f, 0x87, 0x55, 0x0f,
-	/* (2^ 53)P */ 0xb3, 0xa1, 0x0f, 0xb0, 0x48, 0xc0, 0x4d, 0x96, 0xa7, 0xcf, 0x5a, 0x81, 0xb8, 0x4a, 0x46, 0xef, 0x0a, 0xd3, 0x40, 0x7e, 0x02, 0xe3, 0x63, 0xaa, 0x50, 0xd1, 0x2a, 0x37, 0x22, 0x4a, 0x7f, 0x4f, 0xb6, 0xf9, 0x01, 0x82, 0x78, 0x3d, 0x93, 0x14, 0x11, 0x8a, 0x90, 0x60, 0xcd, 0x45, 0x4e, 0x7b, 0x42, 0xb9, 0x3e, 0x6e, 0x68, 0x1f, 0x36, 0x41,
-	/* (2^ 54)P */ 0x13, 0x73, 0x0e, 0x4f, 0x79, 0x93, 0x9e, 0x29, 0x70, 0x7b, 0x4a, 0x59, 0x1a, 0x9a, 0xf4, 0x55, 0x08, 0xf0, 0xdb, 0x17, 0x58, 0xec, 0x64, 0xad, 0x7f, 0x29, 0xeb, 0x3f, 0x85, 0x4e, 0x60, 0x28, 0x98, 0x1f, 0x73, 0x4e, 0xe6, 0xa8, 0xab, 0xd5, 0xd6, 0xfc, 0xa1, 0x36, 0x6d, 0x15, 0xc6, 0x13, 0x83, 0xa0, 0xc2, 0x6e, 0xd9, 0xdb, 0xc9, 0xcc,
-	/* (2^ 55)P */ 0xff, 0xd8, 0x52, 0xa3, 0xdc, 0x99, 0xcf, 0x3e, 0x19, 0xb3, 0x68, 0xd0, 0xb5, 0x0d, 0xb8, 0xee, 0x3f, 0xef, 0x6e, 0xc0, 0x38, 0x28, 0x44, 0x92, 0x78, 0x91, 0x1a, 0x08, 0x78, 0x6c, 0x65, 0x24, 0xf3, 0xa2, 0x3d, 0xf2, 0xe5, 0x79, 0x62, 0x69, 0x29, 0xf4, 0x22, 0xc5, 0xdb, 0x6a, 0xae, 0xf4, 0x44, 0xa3, 0x6f, 0xc7, 0x86, 0xab, 0xef, 0xef,
-	/* (2^ 56)P */ 0xbf, 0x54, 0x9a, 0x09, 0x5d, 0x17, 0xd0, 0xde, 0xfb, 0xf5, 0xca, 0xff, 0x13, 0x20, 0x88, 0x82, 0x3a, 0xe2, 0xd0, 0x3b, 0xfb, 0x05, 0x76, 0xd1, 0xc0, 0x02, 0x71, 0x3b, 0x94, 0xe8, 0xc9, 0x84, 0xcf, 0xa4, 0xe9, 0x28, 0x7b, 0xf5, 0x09, 0xc3, 0x2b, 0x22, 0x40, 0xf1, 0x68, 0x24, 0x24, 0x7d, 0x9f, 0x6e, 0xcd, 0xfe, 0xb0, 0x19, 0x61, 0xf5,
-	/* (2^ 57)P */ 0xe8, 0x63, 0x51, 0xb3, 0x95, 0x6b, 0x7b, 0x74, 0x92, 0x52, 0x45, 0xa4, 0xed, 0xea, 0x0e, 0x0d, 0x2b, 0x01, 0x1e, 0x2c, 0xbc, 0x91, 0x06, 0x69, 0xdb, 0x1f, 0xb5, 0x77, 0x1d, 0x56, 0xf5, 0xb4, 0x02, 0x80, 0x49, 0x56, 0x12, 0xce, 0x86, 0x05, 0xc9, 0xd9, 0xae, 0xf3, 0x6d, 0xe6, 0x3f, 0x40, 0x52, 0xe9, 0x49, 0x2b, 0x31, 0x06, 0x86, 0x14,
-	/* (2^ 58)P */ 0xf5, 0x09, 0x3b, 0xd2, 0xff, 0xdf, 0x11, 0xa5, 0x1c, 0x99, 0xe8, 0x1b, 0xa4, 0x2c, 0x7d, 0x8e, 0xc8, 0xf7, 0x03, 0x46, 0xfa, 0xb6, 0xde, 0x73, 0x91, 0x7e, 0x5a, 0x7a, 0xd7, 0x9a, 0x5b, 0x80, 0x24, 0x62, 0x5e, 0x92, 0xf1, 0xa3, 0x45, 0xa3, 0x43, 0x92, 0x8a, 0x2a, 0x5b, 0x0c, 0xb4, 0xc8, 0xad, 0x1c, 0xb6, 0x6c, 0x5e, 0x81, 0x18, 0x91,
-	/* (2^ 59)P */ 0x96, 0xb3, 0xca, 0x2b, 0xe3, 0x7a, 0x59, 0x72, 0x17, 0x74, 0x29, 0x21, 0xe7, 0x78, 0x07, 0xad, 0xda, 0xb6, 0xcd, 0xf9, 0x27, 0x4d, 0xc8, 0xf2, 0x98, 0x22, 0xca, 0xf2, 0x33, 0x74, 0x7a, 0xdd, 0x1e, 0x71, 0xec, 0xe3, 0x3f, 0xe2, 0xa2, 0xd2, 0x38, 0x75, 0xb0, 0xd0, 0x0a, 0xcf, 0x7d, 0x36, 0xdc, 0x49, 0x38, 0x25, 0x34, 0x4f, 0x20, 0x9a,
-	/* (2^ 60)P */ 0x2b, 0x6e, 0x04, 0x0d, 0x4f, 0x3d, 0x3b, 0x24, 0xf6, 0x4e, 0x5e, 0x0a, 0xbd, 0x48, 0x96, 0xba, 0x81, 0x8f, 0x39, 0x82, 0x13, 0xe6, 0x72, 0xf3, 0x0f, 0xb6, 0x94, 0xf4, 0xc5, 0x90, 0x74, 0x91, 0xa8, 0xf2, 0xc9, 0xca, 0x9a, 0x4d, 0x98, 0xf2, 0xdf, 0x52, 0x4e, 0x97, 0x2f, 0xeb, 0x84, 0xd3, 0xaf, 0xc2, 0xcc, 0xfb, 0x4c, 0x26, 0x4b, 0xe4,
-	/* (2^ 61)P */ 0x12, 0x9e, 0xfb, 0x9d, 0x78, 0x79, 0x99, 0xdd, 0xb3, 0x0b, 0x2e, 0x56, 0x41, 0x8e, 0x3f, 0x39, 0xb8, 0x97, 0x89, 0x53, 0x9b, 0x8a, 0x3c, 0x40, 0x9d, 0xa4, 0x6c, 0x2e, 0x31, 0x71, 0xc6, 0x0a, 0x41, 0xd4, 0x95, 0x06, 0x5e, 0xc1, 0xab, 0xc2, 0x14, 0xc4, 0xc7, 0x15, 0x08, 0x3a, 0xad, 0x7a, 0xb4, 0x62, 0xa3, 0x0c, 0x90, 0xf4, 0x47, 0x08,
-	/* (2^ 62)P */ 0x7f, 0xec, 0x09, 0x82, 0xf5, 0x94, 0x09, 0x93, 0x32, 0xd3, 0xdc, 0x56, 0x80, 0x7b, 0x5b, 0x22, 0x80, 0x6a, 0x96, 0x72, 0xb1, 0xc2, 0xd9, 0xa1, 0x8b, 0x66, 0x42, 0x16, 0xe2, 0x07, 0xb3, 0x2d, 0xf1, 0x75, 0x35, 0x72, 0xc7, 0x98, 0xbe, 0x63, 0x3b, 0x20, 0x75, 0x05, 0xc1, 0x3e, 0x31, 0x5a, 0xf7, 0xaa, 0xae, 0x4b, 0xdb, 0x1d, 0xd0, 0x74,
-	/* (2^ 63)P */ 0x36, 0x5c, 0x74, 0xe6, 0x5d, 0x59, 0x3f, 0x15, 0x4b, 0x4d, 0x4e, 0x67, 0x41, 0xfe, 0x98, 0x1f, 0x49, 0x76, 0x91, 0x0f, 0x9b, 0xf4, 0xaf, 0x86, 0xaf, 0x66, 0x19, 0xed, 0x46, 0xf1, 0x05, 0x9a, 0xcc, 0xd1, 0x14, 0x1f, 0x82, 0x12, 0x8e, 0xe6, 0xf4, 0xc3, 0x42, 0x5c, 0x4e, 0x33, 0x93, 0xbe, 0x30, 0xe7, 0x64, 0xa9, 0x35, 0x00, 0x4d, 0xf9,
-	/* (2^ 64)P */ 0x1f, 0xc1, 0x1e, 0xb7, 0xe3, 0x7c, 0xfa, 0xa3, 0x6b, 0x76, 0xaf, 0x9c, 0x05, 0x85, 0x4a, 0xa9, 0xfb, 0xe3, 0x7e, 0xf2, 0x49, 0x56, 0xdc, 0x2f, 0x57, 0x10, 0xba, 0x37, 0xb2, 0x62, 0xf5, 0x6b, 0xe5, 0x8f, 0x0a, 0x87, 0xd1, 0x6a, 0xcb, 0x9d, 0x07, 0xd0, 0xf6, 0x38, 0x99, 0x2c, 0x61, 0x4a, 0x4e, 0xd8, 0xd2, 0x88, 0x29, 0x99, 0x11, 0x95,
-	/* (2^ 65)P */ 0x6f, 0xdc, 0xd5, 0xd6, 0xd6, 0xa7, 0x4c, 0x46, 0x93, 0x65, 0x62, 0x23, 0x95, 0x32, 0x9c, 0xde, 0x40, 0x41, 0x68, 0x2c, 0x18, 0x4e, 0x5a, 0x8c, 0xc0, 0xc5, 0xc5, 0xea, 0x5c, 0x45, 0x0f, 0x60, 0x78, 0x39, 0xb6, 0x36, 0x23, 0x12, 0xbc, 0x21, 0x9a, 0xf8, 0x91, 0xac, 0xc4, 0x70, 0xdf, 0x85, 0x8e, 0x3c, 0xec, 0x22, 0x04, 0x98, 0xa8, 0xaa,
-	/* (2^ 66)P */ 0xcc, 0x52, 0x10, 0x5b, 0x4b, 0x6c, 0xc5, 0xfa, 0x3e, 0xd4, 0xf8, 0x1c, 0x04, 0x14, 0x48, 0x33, 0xd9, 0xfc, 0x5f, 0xb0, 0xa5, 0x48, 0x8c, 0x45, 0x8a, 0xee, 0x3e, 0xa7, 0xc1, 0x2e, 0x34, 0xca, 0xf6, 0xc9, 0xeb, 0x10, 0xbb, 0xe1, 0x59, 0x84, 0x25, 0xe8, 0x81, 0x70, 0xc0, 0x09, 0x42, 0xa7, 0x3b, 0x0d, 0x33, 0x00, 0xb5, 0x77, 0xbe, 0x25,
-	/* (2^ 67)P */ 0xcd, 0x1f, 0xbc, 0x7d, 0xef, 0xe5, 0xca, 0x91, 0xaf, 0xa9, 0x59, 0x6a, 0x09, 0xca, 0xd6, 0x1b, 0x3d, 0x55, 0xde, 0xa2, 0x6a, 0x80, 0xd6, 0x95, 0x47, 0xe4, 0x5f, 0x68, 0x54, 0x08, 0xdf, 0x29, 0xba, 0x2a, 0x02, 0x84, 0xe8, 0xe9, 0x00, 0x77, 0x99, 0x36, 0x03, 0xf6, 0x4a, 0x3e, 0x21, 0x81, 0x7d, 0xb8, 0xa4, 0x8a, 0xa2, 0x05, 0xef, 0xbc,
-	/* (2^ 68)P */ 0x7c, 0x59, 0x5f, 0x66, 0xd9, 0xb7, 0x83, 0x43, 0x8a, 0xa1, 0x8d, 0x51, 0x70, 0xba, 0xf2, 0x9b, 0x95, 0xc0, 0x4b, 0x4c, 0xa0, 0x14, 0xd3, 0xa4, 0x5d, 0x4a, 0x37, 0x36, 0x97, 0x31, 0x1e, 0x12, 0xe7, 0xbb, 0x08, 0x67, 0xa5, 0x23, 0xd7, 0xfb, 0x97, 0xd8, 0x6a, 0x03, 0xb1, 0xf8, 0x7f, 0xda, 0x58, 0xd9, 0x3f, 0x73, 0x4a, 0x53, 0xe1, 0x7b,
-	/* (2^ 69)P */ 0x55, 0x83, 0x98, 0x78, 0x6c, 0x56, 0x5e, 0xed, 0xf7, 0x23, 0x3e, 0x4c, 0x7d, 0x09, 0x2d, 0x09, 0x9c, 0x58, 0x8b, 0x32, 0xca, 0xfe, 0xbf, 0x47, 0x03, 0xeb, 0x4d, 0xe7, 0xeb, 0x9c, 0x83, 0x05, 0x68, 0xaa, 0x80, 0x89, 0x44, 0xf9, 0xd4, 0xdc, 0xdb, 0xb1, 0xdb, 0x77, 0xac, 0xf9, 0x2a, 0xae, 0x35, 0xac, 0x74, 0xb5, 0x95, 0x62, 0x18, 0x85,
-	/* (2^ 70)P */ 0xab, 0x82, 0x7e, 0x10, 0xd7, 0xe6, 0x57, 0xd1, 0x66, 0x12, 0x31, 0x9c, 0x9c, 0xa6, 0x27, 0x59, 0x71, 0x2e, 0xeb, 0xa0, 0x68, 0xc5, 0x87, 0x51, 0xf4, 0xca, 0x3f, 0x98, 0x56, 0xb0, 0x89, 0xb1, 0xc7, 0x7b, 0x46, 0xb3, 0xae, 0x36, 0xf2, 0xee, 0x15, 0x1a, 0x60, 0xf4, 0x50, 0x76, 0x4f, 0xc4, 0x53, 0x0d, 0x36, 0x4d, 0x31, 0xb1, 0x20, 0x51,
-	/* (2^ 71)P */ 0xf7, 0x1d, 0x8c, 0x1b, 0x5e, 0xe5, 0x02, 0x6f, 0xc5, 0xa5, 0xe0, 0x5f, 0xc6, 0xb6, 0x63, 0x43, 0xaf, 0x3c, 0x19, 0x6c, 0xf4, 0xaf, 0xa4, 0x33, 0xb1, 0x0a, 0x37, 0x3d, 0xd9, 0x4d, 0xe2, 0x29, 0x24, 0x26, 0x94, 0x7c, 0x02, 0xe4, 0xe2, 0xf2, 0xbe, 0xbd, 0xac, 0x1b, 0x48, 0xb8, 0xdd, 0xe9, 0x0d, 0x9a, 0x50, 0x1a, 0x98, 0x71, 0x6e, 0xdc,
-	/* (2^ 72)P */ 0x9f, 0x40, 0xb1, 0xb3, 0x66, 0x28, 0x6c, 0xfe, 0xa6, 0x7d, 0xf8, 0x3e, 0xb8, 0xf3, 0xde, 0x52, 0x76, 0x52, 0xa3, 0x92, 0x98, 0x23, 0xab, 0x4f, 0x88, 0x97, 0xfc, 0x22, 0xe1, 0x6b, 0x67, 0xcd, 0x13, 0x95, 0xda, 0x65, 0xdd, 0x3b, 0x67, 0x3f, 0x5f, 0x4c, 0xf2, 0x8a, 0xad, 0x98, 0xa7, 0x94, 0x24, 0x45, 0x87, 0x11, 0x7c, 0x75, 0x79, 0x85,
-	/* (2^ 73)P */ 0x70, 0xbf, 0xf9, 0x3b, 0xa9, 0x44, 0x57, 0x72, 0x96, 0xc9, 0xa4, 0x98, 0x65, 0xbf, 0x87, 0xb3, 0x3a, 0x39, 0x12, 0xde, 0xe5, 0x39, 0x01, 0x4f, 0xf7, 0xc0, 0x71, 0x52, 0x36, 0x85, 0xb3, 0x18, 0xf8, 0x14, 0xc0, 0x6d, 0xae, 0x9e, 0x4f, 0xb0, 0x72, 0x87, 0xac, 0x5c, 0xd1, 0x6c, 0x41, 0x6c, 0x90, 0x9d, 0x22, 0x81, 0xe4, 0x2b, 0xea, 0xe5,
-	/* (2^ 74)P */ 0xfc, 0xea, 0x1a, 0x65, 0xd9, 0x49, 0x6a, 0x39, 0xb5, 0x96, 0x72, 0x7b, 0x32, 0xf1, 0xd0, 0xe9, 0x45, 0xd9, 0x31, 0x55, 0xc7, 0x34, 0xe9, 0x5a, 0xec, 0x73, 0x0b, 0x03, 0xc4, 0xb3, 0xe6, 0xc9, 0x5e, 0x0a, 0x17, 0xfe, 0x53, 0x66, 0x7f, 0x21, 0x18, 0x74, 0x54, 0x1b, 0xc9, 0x49, 0x16, 0xd2, 0x48, 0xaf, 0x5b, 0x47, 0x7b, 0xeb, 0xaa, 0xc9,
-	/* (2^ 75)P */ 0x47, 0x04, 0xf5, 0x5a, 0x87, 0x77, 0x9e, 0x21, 0x34, 0x4e, 0x83, 0x88, 0xaf, 0x02, 0x1d, 0xb0, 0x5a, 0x1d, 0x1d, 0x7d, 0x8d, 0x2c, 0xd3, 0x8d, 0x63, 0xa9, 0x45, 0xfb, 0x15, 0x6d, 0x86, 0x45, 0xcd, 0x38, 0x0e, 0xf7, 0x37, 0x79, 0xed, 0x6d, 0x5a, 0xbc, 0x32, 0xcc, 0x66, 0xf1, 0x3a, 0xb2, 0x87, 0x6f, 0x70, 0x71, 0xd9, 0xf2, 0xfa, 0x7b,
-	/* (2^ 76)P */ 0x68, 0x07, 0xdc, 0x61, 0x40, 0xe4, 0xec, 0x32, 0xc8, 0xbe, 0x66, 0x30, 0x54, 0x80, 0xfd, 0x13, 0x7a, 0xef, 0xae, 0xed, 0x2e, 0x00, 0x6d, 0x3f, 0xbd, 0xfc, 0x91, 0x24, 0x53, 0x7f, 0x63, 0x9d, 0x2e, 0xe3, 0x76, 0xe0, 0xf3, 0xe1, 0x8f, 0x7a, 0xc4, 0x77, 0x0c, 0x91, 0xc0, 0xc2, 0x18, 0x6b, 0x04, 0xad, 0xb6, 0x70, 0x9a, 0x64, 0xc5, 0x82,
-	/* (2^ 77)P */ 0x7f, 0xea, 0x13, 0xd8, 0x9e, 0xfc, 0x5b, 0x06, 0xb5, 0x4f, 0xda, 0x38, 0xe0, 0x9c, 0xd2, 0x3a, 0xc1, 0x1c, 0x62, 0x70, 0x7f, 0xc6, 0x24, 0x0a, 0x47, 0x04, 0x01, 0xc4, 0x55, 0x09, 0xd1, 0x7a, 0x07, 0xba, 0xa3, 0x80, 0x4f, 0xc1, 0x65, 0x36, 0x6d, 0xc0, 0x10, 0xcf, 0x94, 0xa9, 0xa2, 0x01, 0x44, 0xd1, 0xf9, 0x1c, 0x4c, 0xfb, 0xf8, 0x99,
-	/* (2^ 78)P */ 0x6c, 0xb9, 0x6b, 0xee, 0x43, 0x5b, 0xb9, 0xbb, 0xee, 0x2e, 0x52, 0xc1, 0xc6, 0xb9, 0x61, 0xd2, 0x93, 0xa5, 0xaf, 0x52, 0xf4, 0xa4, 0x1a, 0x51, 0x61, 0xa7, 0xcb, 0x9e, 0xbb, 0x56, 0x65, 0xe2, 0xbf, 0x75, 0xb9, 0x9c, 0x50, 0x96, 0x60, 0x81, 0x74, 0x47, 0xc0, 0x04, 0x88, 0x71, 0x76, 0x39, 0x9a, 0xa7, 0xb1, 0x4e, 0x43, 0x15, 0xe0, 0xbb,
-	/* (2^ 79)P */ 0xbb, 0xce, 0xe2, 0xbb, 0xf9, 0x17, 0x0f, 0x82, 0x40, 0xad, 0x73, 0xe3, 0xeb, 0x3b, 0x06, 0x1a, 0xcf, 0x8e, 0x6e, 0x28, 0xb8, 0x26, 0xd9, 0x5b, 0xb7, 0xb3, 0xcf, 0xb4, 0x6a, 0x1c, 0xbf, 0x7f, 0xb8, 0xb5, 0x79, 0xcf, 0x45, 0x68, 0x7d, 0xc5, 0xeb, 0xf3, 0xbe, 0x39, 0x40, 0xfc, 0x07, 0x90, 0x7a, 0x62, 0xad, 0x86, 0x08, 0x71, 0x25, 0xe1,
-	/* (2^ 80)P */ 0x9b, 0x46, 0xac, 0xef, 0xc1, 0x4e, 0xa1, 0x97, 0x95, 0x76, 0xf9, 0x1b, 0xc2, 0xb2, 0x6a, 0x41, 0xea, 0x80, 0x3d, 0xe9, 0x08, 0x52, 0x5a, 0xe3, 0xf2, 0x08, 0xc5, 0xea, 0x39, 0x3f, 0x44, 0x71, 0x4d, 0xea, 0x0d, 0x05, 0x23, 0xe4, 0x2e, 0x3c, 0x89, 0xfe, 0x12, 0x8a, 0x95, 0x42, 0x0a, 0x68, 0xea, 0x5a, 0x28, 0x06, 0x9e, 0xe3, 0x5f, 0xe0,
-	/* (2^ 81)P */ 0x00, 0x61, 0x6c, 0x98, 0x9b, 0xe7, 0xb9, 0x06, 0x1c, 0xc5, 0x1b, 0xed, 0xbe, 0xc8, 0xb3, 0xea, 0x87, 0xf0, 0xc4, 0x24, 0x7d, 0xbb, 0x5d, 0xa4, 0x1d, 0x7a, 0x16, 0x00, 0x55, 0x94, 0x67, 0x78, 0xbd, 0x58, 0x02, 0x82, 0x90, 0x53, 0x76, 0xd4, 0x72, 0x99, 0x51, 0x6f, 0x7b, 0xcf, 0x80, 0x30, 0x31, 0x3b, 0x01, 0xc7, 0xc1, 0xef, 0xe6, 0x42,
-	/* (2^ 82)P */ 0xe2, 0x35, 0xaf, 0x4b, 0x79, 0xc6, 0x12, 0x24, 0x99, 0xc0, 0x68, 0xb0, 0x43, 0x3e, 0xe5, 0xef, 0xe2, 0x29, 0xea, 0xb8, 0xb3, 0xbc, 0x6a, 0x53, 0x2c, 0x69, 0x18, 0x5a, 0xf9, 0x15, 0xae, 0x66, 0x58, 0x18, 0xd3, 0x2d, 0x4b, 0x00, 0xfd, 0x84, 0xab, 0x4f, 0xae, 0x70, 0x6b, 0x9e, 0x9a, 0xdf, 0x83, 0xfd, 0x2e, 0x3c, 0xcf, 0xf8, 0x88, 0x5b,
-	/* (2^ 83)P */ 0xa4, 0x90, 0x31, 0x85, 0x13, 0xcd, 0xdf, 0x64, 0xc9, 0xa1, 0x0b, 0xe7, 0xb6, 0x73, 0x8a, 0x1b, 0x22, 0x78, 0x4c, 0xd4, 0xae, 0x48, 0x18, 0x00, 0x00, 0xa8, 0x9f, 0x06, 0xf9, 0xfb, 0x2d, 0xc3, 0xb1, 0x2a, 0xbc, 0x13, 0x99, 0x57, 0xaf, 0xf0, 0x8d, 0x61, 0x54, 0x29, 0xd5, 0xf2, 0x72, 0x00, 0x96, 0xd1, 0x85, 0x12, 0x8a, 0xf0, 0x23, 0xfb,
-	/* (2^ 84)P */ 0x69, 0xc7, 0xdb, 0xd9, 0x92, 0x75, 0x08, 0x9b, 0xeb, 0xa5, 0x93, 0xd1, 0x1a, 0xf4, 0xf5, 0xaf, 0xe6, 0xc4, 0x4a, 0x0d, 0x35, 0x26, 0x39, 0x9d, 0xd3, 0x17, 0x3e, 0xae, 0x2d, 0xbf, 0x73, 0x9f, 0xb7, 0x74, 0x91, 0xd1, 0xd8, 0x5c, 0x14, 0xf9, 0x75, 0xdf, 0xeb, 0xc2, 0x22, 0xd8, 0x14, 0x8d, 0x86, 0x23, 0x4d, 0xd1, 0x2d, 0xdb, 0x6b, 0x42,
-	/* (2^ 85)P */ 0x8c, 0xda, 0xc6, 0xf8, 0x71, 0xba, 0x2b, 0x06, 0x78, 0xae, 0xcc, 0x3a, 0xe3, 0xe3, 0xa1, 0x8b, 0xe2, 0x34, 0x6d, 0x28, 0x9e, 0x46, 0x13, 0x4d, 0x9e, 0xa6, 0x73, 0x49, 0x65, 0x79, 0x88, 0xb9, 0x3a, 0xd1, 0x6d, 0x2f, 0x48, 0x2b, 0x0a, 0x7f, 0x58, 0x20, 0x37, 0xf4, 0x0e, 0xbb, 0x4a, 0x95, 0x58, 0x0c, 0x88, 0x30, 0xc4, 0x74, 0xdd, 0xfd,
-	/* (2^ 86)P */ 0x6d, 0x13, 0x4e, 0x89, 0x2d, 0xa9, 0xa3, 0xed, 0x09, 0xe3, 0x0e, 0x71, 0x3e, 0x4a, 0xab, 0x90, 0xde, 0x03, 0xeb, 0x56, 0x46, 0x60, 0x06, 0xf5, 0x71, 0xe5, 0xee, 0x9b, 0xef, 0xff, 0xc4, 0x2c, 0x9f, 0x37, 0x48, 0x45, 0x94, 0x12, 0x41, 0x81, 0x15, 0x70, 0x91, 0x99, 0x5e, 0x56, 0x6b, 0xf4, 0xa6, 0xc9, 0xf5, 0x69, 0x9d, 0x78, 0x37, 0x57,
-	/* (2^ 87)P */ 0xf3, 0x51, 0x57, 0x7e, 0x43, 0x6f, 0xc6, 0x67, 0x59, 0x0c, 0xcf, 0x94, 0xe6, 0x3d, 0xb5, 0x07, 0xc9, 0x77, 0x48, 0xc9, 0x68, 0x0d, 0x98, 0x36, 0x62, 0x35, 0x38, 0x1c, 0xf5, 0xc5, 0xec, 0x66, 0x78, 0xfe, 0x47, 0xab, 0x26, 0xd6, 0x44, 0xb6, 0x06, 0x0f, 0x89, 0xe3, 0x19, 0x40, 0x1a, 0xe7, 0xd8, 0x65, 0x55, 0xf7, 0x1a, 0xfc, 0xa3, 0x0e,
-	/* (2^ 88)P */ 0x0e, 0x30, 0xa6, 0xb7, 0x58, 0x60, 0x62, 0x2a, 0x6c, 0x13, 0xa8, 0x14, 0x9b, 0xb8, 0xf2, 0x70, 0xd8, 0xb1, 0x71, 0x88, 0x8c, 0x18, 0x31, 0x25, 0x93, 0x90, 0xb4, 0xc7, 0x49, 0xd8, 0xd4, 0xdb, 0x1e, 0x1e, 0x7f, 0xaa, 0xba, 0xc9, 0xf2, 0x5d, 0xa9, 0x3a, 0x43, 0xb4, 0x5c, 0xee, 0x7b, 0xc7, 0x97, 0xb7, 0x66, 0xd7, 0x23, 0xd9, 0x22, 0x59,
-	/* (2^ 89)P */ 0x28, 0x19, 0xa6, 0xf9, 0x89, 0x20, 0x78, 0xd4, 0x6d, 0xcb, 0x79, 0x8f, 0x61, 0x6f, 0xb2, 0x5c, 0x4f, 0xa6, 0x54, 0x84, 0x95, 0x24, 0x36, 0x64, 0xcb, 0x39, 0xe7, 0x8f, 0x97, 0x9c, 0x5c, 0x3c, 0xfb, 0x51, 0x11, 0x01, 0x17, 0xdb, 0xc9, 0x9b, 0x51, 0x03, 0x9a, 0xe9, 0xe5, 0x24, 0x1e, 0xf5, 0xda, 0xe0, 0x48, 0x02, 0x23, 0xd0, 0x2c, 0x81,
-	/* (2^ 90)P */ 0x42, 0x1b, 0xe4, 0x91, 0x85, 0x2a, 0x0c, 0xd2, 0x28, 0x66, 0x57, 0x9e, 0x33, 0x8d, 0x25, 0x71, 0x10, 0x65, 0x76, 0xa2, 0x8c, 0x21, 0x86, 0x81, 0x15, 0xc2, 0x27, 0xeb, 0x54, 0x2d, 0x4f, 0x6c, 0xe6, 0xd6, 0x24, 0x9c, 0x1a, 0x12, 0xb8, 0x81, 0xe2, 0x0a, 0xf3, 0xd3, 0xf0, 0xd3, 0xe1, 0x74, 0x1f, 0x9b, 0x11, 0x47, 0xd0, 0xcf, 0xb6, 0x54,
-	/* (2^ 91)P */ 0x26, 0x45, 0xa2, 0x10, 0xd4, 0x2d, 0xae, 0xc0, 0xb0, 0xe8, 0x86, 0xb3, 0xc7, 0xea, 0x70, 0x87, 0x61, 0xb5, 0xa5, 0x55, 0xbe, 0x88, 0x1d, 0x7a, 0xd9, 0x6f, 0xeb, 0x83, 0xe2, 0x44, 0x7f, 0x98, 0x04, 0xd6, 0x50, 0x9d, 0xa7, 0x86, 0x66, 0x09, 0x63, 0xe1, 0xed, 0x72, 0xb1, 0xe4, 0x1d, 0x3a, 0xfd, 0x47, 0xce, 0x1c, 0xaa, 0x3b, 0x8f, 0x1b,
-	/* (2^ 92)P */ 0xf4, 0x3c, 0x4a, 0xb6, 0xc2, 0x9c, 0xe0, 0x2e, 0xb7, 0x38, 0xea, 0x61, 0x35, 0x97, 0x10, 0x90, 0xae, 0x22, 0x48, 0xb3, 0xa9, 0xc6, 0x7a, 0xbb, 0x23, 0xf2, 0xf8, 0x1b, 0xa7, 0xa1, 0x79, 0xcc, 0xc4, 0xf8, 0x08, 0x76, 0x8a, 0x5a, 0x1c, 0x1b, 0xc5, 0x33, 0x91, 0xa9, 0xb8, 0xb9, 0xd3, 0xf8, 0x49, 0xcd, 0xe5, 0x82, 0x43, 0xf7, 0xca, 0x68,
-	/* (2^ 93)P */ 0x38, 0xba, 0xae, 0x44, 0xfe, 0x57, 0x64, 0x56, 0x7c, 0x0e, 0x9c, 0xca, 0xff, 0xa9, 0x82, 0xbb, 0x38, 0x4a, 0xa7, 0xf7, 0x47, 0xab, 0xbe, 0x6d, 0x23, 0x0b, 0x8a, 0xed, 0xc2, 0xb9, 0x8f, 0xf1, 0xec, 0x91, 0x44, 0x73, 0x64, 0xba, 0xd5, 0x8f, 0x37, 0x38, 0x0d, 0xd5, 0xf8, 0x73, 0x57, 0xb6, 0xc2, 0x45, 0xdc, 0x25, 0xb2, 0xb6, 0xea, 0xd9,
-	/* (2^ 94)P */ 0xbf, 0xe9, 0x1a, 0x40, 0x4d, 0xcc, 0xe6, 0x1d, 0x70, 0x1a, 0x65, 0xcc, 0x34, 0x2c, 0x37, 0x2c, 0x2d, 0x6b, 0x6d, 0xe5, 0x2f, 0x19, 0x9e, 0xe4, 0xe1, 0xaa, 0xd4, 0xab, 0x54, 0xf4, 0xa8, 0xe4, 0x69, 0x2d, 0x8e, 0x4d, 0xd7, 0xac, 0xb0, 0x5b, 0xfe, 0xe3, 0x26, 0x07, 0xc3, 0xf8, 0x1b, 0x43, 0xa8, 0x1d, 0x64, 0xa5, 0x25, 0x88, 0xbb, 0x77,
-	/* (2^ 95)P */ 0x92, 0xcd, 0x6e, 0xa0, 0x79, 0x04, 0x18, 0xf4, 0x11, 0x58, 0x48, 0xb5, 0x3c, 0x7b, 0xd1, 0xcc, 0xd3, 0x14, 0x2c, 0xa0, 0xdd, 0x04, 0x44, 0x11, 0xb3, 0x6d, 0x2f, 0x0d, 0xf5, 0x2a, 0x75, 0x5d, 0x1d, 0xda, 0x86, 0x8d, 0x7d, 0x6b, 0x32, 0x68, 0xb6, 0x6c, 0x64, 0x9e, 0xde, 0x80, 0x88, 0xce, 0x08, 0xbf, 0x0b, 0xe5, 0x8e, 0x4f, 0x1d, 0xfb,
-	/* (2^ 96)P */ 0xaf, 0xe8, 0x85, 0xbf, 0x7f, 0x37, 0x8d, 0x66, 0x7c, 0xd5, 0xd3, 0x96, 0xa5, 0x81, 0x67, 0x95, 0xff, 0x48, 0xde, 0xde, 0xd7, 0x7a, 0x46, 0x34, 0xb1, 0x13, 0x70, 0x29, 0xed, 0x87, 0x90, 0xb0, 0x40, 0x2c, 0xa6, 0x43, 0x6e, 0xb6, 0xbc, 0x48, 0x8a, 0xc1, 0xae, 0xb8, 0xd4, 0xe2, 0xc0, 0x32, 0xb2, 0xa6, 0x2a, 0x8f, 0xb5, 0x16, 0x9e, 0xc3,
-	/* (2^ 97)P */ 0xff, 0x4d, 0xd2, 0xd6, 0x74, 0xef, 0x2c, 0x96, 0xc1, 0x11, 0xa8, 0xb8, 0xfe, 0x94, 0x87, 0x3e, 0xa0, 0xfb, 0x57, 0xa3, 0xfc, 0x7a, 0x7e, 0x6a, 0x59, 0x6c, 0x54, 0xbb, 0xbb, 0xa2, 0x25, 0x38, 0x1b, 0xdf, 0x5d, 0x7b, 0x94, 0x14, 0xde, 0x07, 0x6e, 0xd3, 0xab, 0x02, 0x26, 0x74, 0x16, 0x12, 0xdf, 0x2e, 0x2a, 0xa7, 0xb0, 0xe8, 0x29, 0xc0,
-	/* (2^ 98)P */ 0x6a, 0x38, 0x0b, 0xd3, 0xba, 0x45, 0x23, 0xe0, 0x04, 0x3b, 0x83, 0x39, 0xc5, 0x11, 0xe6, 0xcf, 0x39, 0x0a, 0xb3, 0xb0, 0x3b, 0x27, 0x29, 0x63, 0x1c, 0xf3, 0x00, 0xe6, 0xd2, 0x55, 0x21, 0x1f, 0x84, 0x97, 0x9f, 0x01, 0x49, 0x43, 0x30, 0x5f, 0xe0, 0x1d, 0x24, 0xc4, 0x4e, 0xa0, 0x2b, 0x0b, 0x12, 0x55, 0xc3, 0x27, 0xae, 0x08, 0x83, 0x7c,
-	/* (2^ 99)P */ 0x5d, 0x1a, 0xb7, 0xa9, 0xf5, 0xfd, 0xec, 0xad, 0xb7, 0x87, 0x02, 0x5f, 0x0d, 0x30, 0x4d, 0xe2, 0x65, 0x87, 0xa4, 0x41, 0x45, 0x1d, 0x67, 0xe0, 0x30, 0x5c, 0x13, 0x87, 0xf6, 0x2e, 0x08, 0xc1, 0xc7, 0x12, 0x45, 0xc8, 0x9b, 0xad, 0xb8, 0xd5, 0x57, 0xbb, 0x5c, 0x48, 0x3a, 0xe1, 0x91, 0x5e, 0xf6, 0x4d, 0x8a, 0x63, 0x75, 0x69, 0x0c, 0x01,
-	/* (2^100)P */ 0x8f, 0x53, 0x2d, 0xa0, 0x71, 0x3d, 0xfc, 0x45, 0x10, 0x96, 0xcf, 0x56, 0xf9, 0xbb, 0x40, 0x3c, 0x86, 0x52, 0x76, 0xbe, 0x84, 0xf9, 0xa6, 0x9d, 0x3d, 0x27, 0xbe, 0xb4, 0x00, 0x49, 0x94, 0xf5, 0x5d, 0xe1, 0x62, 0x85, 0x66, 0xe5, 0xb8, 0x20, 0x2c, 0x09, 0x7d, 0x9d, 0x3d, 0x6e, 0x74, 0x39, 0xab, 0xad, 0xa0, 0x90, 0x97, 0x5f, 0xbb, 0xa7,
-	/* (2^101)P */ 0xdb, 0x2d, 0x99, 0x08, 0x16, 0x46, 0x83, 0x7a, 0xa8, 0xea, 0x3d, 0x28, 0x5b, 0x49, 0xfc, 0xb9, 0x6d, 0x00, 0x9e, 0x54, 0x4f, 0x47, 0x64, 0x9b, 0x58, 0x4d, 0x07, 0x0c, 0x6f, 0x29, 0x56, 0x0b, 0x00, 0x14, 0x85, 0x96, 0x41, 0x04, 0xb9, 0x5c, 0xa4, 0xf6, 0x16, 0x73, 0x6a, 0xc7, 0x62, 0x0c, 0x65, 0x2f, 0x93, 0xbf, 0xf7, 0xb9, 0xb7, 0xf1,
-	/* (2^102)P */ 0xeb, 0x6d, 0xb3, 0x46, 0x32, 0xd2, 0xcb, 0x08, 0x94, 0x14, 0xbf, 0x3f, 0xc5, 0xcb, 0x5f, 0x9f, 0x8a, 0x89, 0x0c, 0x1b, 0x45, 0xad, 0x4c, 0x50, 0xb4, 0xe1, 0xa0, 0x6b, 0x11, 0x92, 0xaf, 0x1f, 0x00, 0xcc, 0xe5, 0x13, 0x7e, 0xe4, 0x2e, 0xa0, 0x57, 0xf3, 0xa7, 0x84, 0x79, 0x7a, 0xc2, 0xb7, 0xb7, 0xfc, 0x5d, 0xa5, 0xa9, 0x64, 0xcc, 0xd8,
-	/* (2^103)P */ 0xa9, 0xc4, 0x12, 0x8b, 0x34, 0x78, 0x3e, 0x38, 0xfd, 0x3f, 0x87, 0xfa, 0x88, 0x94, 0xd5, 0xd9, 0x7f, 0xeb, 0x58, 0xff, 0xb9, 0x45, 0xdb, 0xa1, 0xed, 0x22, 0x28, 0x1d, 0x00, 0x6d, 0x79, 0x85, 0x7a, 0x75, 0x5d, 0xf0, 0xb1, 0x9e, 0x47, 0x28, 0x8c, 0x62, 0xdf, 0xfb, 0x4c, 0x7b, 0xc5, 0x1a, 0x42, 0x95, 0xef, 0x9a, 0xb7, 0x27, 0x7e, 0xda,
-	/* (2^104)P */ 0xca, 0xd5, 0xc0, 0x17, 0xa1, 0x66, 0x79, 0x9c, 0x2a, 0xb7, 0x0a, 0xfe, 0x62, 0xe4, 0x26, 0x78, 0x90, 0xa7, 0xcb, 0xb0, 0x4f, 0x6d, 0xf9, 0x8f, 0xf7, 0x7d, 0xac, 0xb8, 0x78, 0x1f, 0x41, 0xea, 0x97, 0x1e, 0x62, 0x97, 0x43, 0x80, 0x58, 0x80, 0xb6, 0x69, 0x7d, 0xee, 0x16, 0xd2, 0xa1, 0x81, 0xd7, 0xb1, 0x27, 0x03, 0x48, 0xda, 0xab, 0xec,
-	/* (2^105)P */ 0x5b, 0xed, 0x40, 0x8e, 0x8c, 0xc1, 0x66, 0x90, 0x7f, 0x0c, 0xb2, 0xfc, 0xbd, 0x16, 0xac, 0x7d, 0x4c, 0x6a, 0xf9, 0xae, 0xe7, 0x4e, 0x11, 0x12, 0xe9, 0xbe, 0x17, 0x09, 0xc6, 0xc1, 0x5e, 0xb5, 0x7b, 0x50, 0x5c, 0x27, 0xfb, 0x80, 0xab, 0x01, 0xfa, 0x5b, 0x9b, 0x75, 0x16, 0x6e, 0xb2, 0x5c, 0x8c, 0x2f, 0xa5, 0x6a, 0x1a, 0x68, 0xa6, 0x90,
-	/* (2^106)P */ 0x75, 0xfe, 0xb6, 0x96, 0x96, 0x87, 0x4c, 0x12, 0xa9, 0xd1, 0xd8, 0x03, 0xa3, 0xc1, 0x15, 0x96, 0xe8, 0xa0, 0x75, 0x82, 0xa0, 0x6d, 0xea, 0x54, 0xdc, 0x5f, 0x0d, 0x7e, 0xf6, 0x70, 0xb5, 0xdc, 0x7a, 0xf6, 0xc4, 0xd4, 0x21, 0x49, 0xf5, 0xd4, 0x14, 0x6d, 0x48, 0x1d, 0x7c, 0x99, 0x42, 0xdf, 0x78, 0x6b, 0x9d, 0xb9, 0x30, 0x3c, 0xd0, 0x29,
-	/* (2^107)P */ 0x85, 0xd6, 0xd8, 0xf3, 0x91, 0x74, 0xdd, 0xbd, 0x72, 0x96, 0x10, 0xe4, 0x76, 0x02, 0x5a, 0x72, 0x67, 0xd3, 0x17, 0x72, 0x14, 0x9a, 0x20, 0x5b, 0x0f, 0x8d, 0xed, 0x6d, 0x4e, 0xe3, 0xd9, 0x82, 0xc2, 0x99, 0xee, 0x39, 0x61, 0x69, 0x8a, 0x24, 0x01, 0x92, 0x15, 0xe7, 0xfc, 0xf9, 0x4d, 0xac, 0xf1, 0x30, 0x49, 0x01, 0x0b, 0x6e, 0x0f, 0x20,
-	/* (2^108)P */ 0xd8, 0x25, 0x94, 0x5e, 0x43, 0x29, 0xf5, 0xcc, 0xe8, 0xe3, 0x55, 0x41, 0x3c, 0x9f, 0x58, 0x5b, 0x00, 0xeb, 0xc5, 0xdf, 0xcf, 0xfb, 0xfd, 0x6e, 0x92, 0xec, 0x99, 0x30, 0xd6, 0x05, 0xdd, 0x80, 0x7a, 0x5d, 0x6d, 0x16, 0x85, 0xd8, 0x9d, 0x43, 0x65, 0xd8, 0x2c, 0x33, 0x2f, 0x5c, 0x41, 0xea, 0xb7, 0x95, 0x77, 0xf2, 0x9e, 0x59, 0x09, 0xe8,
-	/* (2^109)P */ 0x00, 0xa0, 0x03, 0x80, 0xcd, 0x60, 0xe5, 0x17, 0xd4, 0x15, 0x99, 0xdd, 0x4f, 0xbf, 0x66, 0xb8, 0xc0, 0xf5, 0xf9, 0xfc, 0x6d, 0x42, 0x18, 0x34, 0x1c, 0x7d, 0x5b, 0xb5, 0x09, 0xd0, 0x99, 0x57, 0x81, 0x0b, 0x62, 0xb3, 0xa2, 0xf9, 0x0b, 0xae, 0x95, 0xb8, 0xc2, 0x3b, 0x0d, 0x5b, 0x00, 0xf1, 0xed, 0xbc, 0x05, 0x9d, 0x61, 0xbc, 0x73, 0x9d,
-	/* (2^110)P */ 0xd4, 0xdb, 0x29, 0xe5, 0x85, 0xe9, 0xc6, 0x89, 0x2a, 0xa8, 0x54, 0xab, 0xb3, 0x7f, 0x88, 0xc0, 0x4d, 0xe0, 0xd1, 0x74, 0x6e, 0xa3, 0xa7, 0x39, 0xd5, 0xcc, 0xa1, 0x8a, 0xcb, 0x5b, 0x34, 0xad, 0x92, 0xb4, 0xd8, 0xd5, 0x17, 0xf6, 0x77, 0x18, 0x9e, 0xaf, 0x45, 0x3b, 0x03, 0xe2, 0xf8, 0x52, 0x60, 0xdc, 0x15, 0x20, 0x9e, 0xdf, 0xd8, 0x5d,
-	/* (2^111)P */ 0x02, 0xc1, 0xac, 0x1a, 0x15, 0x8e, 0x6c, 0xf5, 0x1e, 0x1e, 0xba, 0x7e, 0xc2, 0xda, 0x7d, 0x02, 0xda, 0x43, 0xae, 0x04, 0x70, 0x28, 0x54, 0x78, 0x94, 0xf5, 0x4f, 0x07, 0x84, 0x8f, 0xed, 0xaa, 0xc0, 0xb8, 0xcd, 0x7f, 0x7e, 0x33, 0xa3, 0xbe, 0x21, 0x29, 0xc8, 0x56, 0x34, 0xc0, 0x76, 0x87, 0x8f, 0xc7, 0x73, 0x58, 0x90, 0x16, 0xfc, 0xd6,
-	/* (2^112)P */ 0xb8, 0x3f, 0xe1, 0xdf, 0x3a, 0x91, 0x25, 0x0c, 0xf6, 0x47, 0xa8, 0x89, 0xc4, 0xc6, 0x61, 0xec, 0x86, 0x2c, 0xfd, 0xbe, 0xa4, 0x6f, 0xc2, 0xd4, 0x46, 0x19, 0x70, 0x5d, 0x09, 0x02, 0x86, 0xd3, 0x4b, 0xe9, 0x16, 0x7b, 0xf0, 0x0d, 0x6c, 0xff, 0x91, 0x05, 0xbf, 0x55, 0xb4, 0x00, 0x8d, 0xe5, 0x6d, 0x68, 0x20, 0x90, 0x12, 0xb5, 0x5c, 0x32,
-	/* (2^113)P */ 0x80, 0x45, 0xc8, 0x51, 0x87, 0xba, 0x1c, 0x5c, 0xcf, 0x5f, 0x4b, 0x3c, 0x9e, 0x3b, 0x36, 0xd2, 0x26, 0xa2, 0x7f, 0xab, 0xb7, 0xbf, 0xda, 0x68, 0x23, 0x8f, 0xc3, 0xa0, 0xfd, 0xad, 0xf1, 0x56, 0x3b, 0xd0, 0x75, 0x2b, 0x44, 0x61, 0xd8, 0xf4, 0xf1, 0x05, 0x49, 0x53, 0x07, 0xee, 0x47, 0xef, 0xc0, 0x7c, 0x9d, 0xe4, 0x15, 0x88, 0xc5, 0x47,
-	/* (2^114)P */ 0x2d, 0xb5, 0x09, 0x80, 0xb9, 0xd3, 0xd8, 0xfe, 0x4c, 0xd2, 0xa6, 0x6e, 0xd3, 0x75, 0xcf, 0xb0, 0x99, 0xcb, 0x50, 0x8d, 0xe9, 0x67, 0x9b, 0x20, 0xe8, 0x57, 0xd8, 0x14, 0x85, 0x73, 0x6a, 0x74, 0xe0, 0x99, 0xf0, 0x6b, 0x6e, 0x59, 0x30, 0x31, 0x33, 0x96, 0x5f, 0xa1, 0x0c, 0x1b, 0xf4, 0xca, 0x09, 0xe1, 0x9b, 0xb5, 0xcf, 0x6d, 0x0b, 0xeb,
-	/* (2^115)P */ 0x1a, 0xde, 0x50, 0xa9, 0xac, 0x3e, 0x10, 0x43, 0x4f, 0x82, 0x4f, 0xc0, 0xfe, 0x3f, 0x33, 0xd2, 0x64, 0x86, 0x50, 0xa9, 0x51, 0x76, 0x5e, 0x50, 0x97, 0x6c, 0x73, 0x8d, 0x77, 0xa3, 0x75, 0x03, 0xbc, 0xc9, 0xfb, 0x50, 0xd9, 0x6d, 0x16, 0xad, 0x5d, 0x32, 0x3d, 0xac, 0x44, 0xdf, 0x51, 0xf7, 0x19, 0xd4, 0x0b, 0x57, 0x78, 0x0b, 0x81, 0x4e,
-	/* (2^116)P */ 0x32, 0x24, 0xf1, 0x6c, 0x55, 0x62, 0x1d, 0xb3, 0x1f, 0xda, 0xfa, 0x6a, 0x8f, 0x98, 0x01, 0x16, 0xde, 0x44, 0x50, 0x0d, 0x2e, 0x6c, 0x0b, 0xa2, 0xd3, 0x74, 0x0e, 0xa9, 0xbf, 0x8d, 0xa9, 0xc8, 0xc8, 0x2f, 0x62, 0xc1, 0x35, 0x5e, 0xfd, 0x3a, 0xb3, 0x83, 0x2d, 0xee, 0x4e, 0xfd, 0x5c, 0x5e, 0xad, 0x85, 0xa5, 0x10, 0xb5, 0x4f, 0x34, 0xa7,
-	/* (2^117)P */ 0xd1, 0x58, 0x6f, 0xe6, 0x54, 0x2c, 0xc2, 0xcd, 0xcf, 0x83, 0xdc, 0x88, 0x0c, 0xb9, 0xb4, 0x62, 0x18, 0x89, 0x65, 0x28, 0xe9, 0x72, 0x4b, 0x65, 0xcf, 0xd6, 0x90, 0x88, 0xd7, 0x76, 0x17, 0x4f, 0x74, 0x64, 0x1e, 0xcb, 0xd3, 0xf5, 0x4b, 0xaa, 0x2e, 0x4d, 0x2d, 0x7c, 0x13, 0x1f, 0xfd, 0xd9, 0x60, 0x83, 0x7e, 0xda, 0x64, 0x1c, 0xdc, 0x9f,
-	/* (2^118)P */ 0xad, 0xef, 0xac, 0x1b, 0xc1, 0x30, 0x5a, 0x15, 0xc9, 0x1f, 0xac, 0xf1, 0xca, 0x44, 0x95, 0x95, 0xea, 0xf2, 0x22, 0xe7, 0x8d, 0x25, 0xf0, 0xff, 0xd8, 0x71, 0xf7, 0xf8, 0x8f, 0x8f, 0xcd, 0xf4, 0x1e, 0xfe, 0x6c, 0x68, 0x04, 0xb8, 0x78, 0xa1, 0x5f, 0xa6, 0x5d, 0x5e, 0xf9, 0x8d, 0xea, 0x80, 0xcb, 0xf3, 0x17, 0xa6, 0x03, 0xc9, 0x38, 0xd5,
-	/* (2^119)P */ 0x79, 0x14, 0x31, 0xc3, 0x38, 0xe5, 0xaa, 0xbf, 0x17, 0xa3, 0x04, 0x4e, 0x80, 0x59, 0x9c, 0x9f, 0x19, 0x39, 0xe4, 0x2d, 0x23, 0x54, 0x4a, 0x7f, 0x3e, 0xf3, 0xd9, 0xc7, 0xba, 0x6c, 0x8f, 0x6b, 0xfa, 0x34, 0xb5, 0x23, 0x17, 0x1d, 0xff, 0x1d, 0xea, 0x1f, 0xd7, 0xba, 0x61, 0xb2, 0xe0, 0x38, 0x6a, 0xe9, 0xcf, 0x48, 0x5d, 0x6a, 0x10, 0x9c,
-	/* (2^120)P */ 0xc8, 0xbb, 0x13, 0x1c, 0x3f, 0x3c, 0x34, 0xfd, 0xac, 0x37, 0x52, 0x44, 0x25, 0xa8, 0xde, 0x1d, 0x63, 0xf4, 0x81, 0x9a, 0xbe, 0x0b, 0x74, 0x2e, 0xc8, 0x51, 0x16, 0xd3, 0xac, 0x4a, 0xaf, 0xe2, 0x5f, 0x3a, 0x89, 0x32, 0xd1, 0x9b, 0x7c, 0x90, 0x0d, 0xac, 0xdc, 0x8b, 0x73, 0x45, 0x45, 0x97, 0xb1, 0x90, 0x2c, 0x1b, 0x31, 0xca, 0xb1, 0x94,
-	/* (2^121)P */ 0x07, 0x28, 0xdd, 0x10, 0x14, 0xa5, 0x95, 0x7e, 0xf3, 0xe4, 0xd4, 0x14, 0xb4, 0x7e, 0x76, 0xdb, 0x42, 0xd6, 0x94, 0x3e, 0xeb, 0x44, 0x64, 0x88, 0x0d, 0xec, 0xc1, 0x21, 0xf0, 0x79, 0xe0, 0x83, 0x67, 0x55, 0x53, 0xc2, 0xf6, 0xc5, 0xc5, 0x89, 0x39, 0xe8, 0x42, 0xd0, 0x17, 0xbd, 0xff, 0x35, 0x59, 0x0e, 0xc3, 0x06, 0x86, 0xd4, 0x64, 0xcf,
-	/* (2^122)P */ 0x91, 0xa8, 0xdb, 0x57, 0x9b, 0xe2, 0x96, 0x31, 0x10, 0x6e, 0xd7, 0x9a, 0x97, 0xb3, 0xab, 0xb5, 0x15, 0x66, 0xbe, 0xcc, 0x6d, 0x9a, 0xac, 0x06, 0xb3, 0x0d, 0xaa, 0x4b, 0x9c, 0x96, 0x79, 0x6c, 0x34, 0xee, 0x9e, 0x53, 0x4d, 0x6e, 0xbd, 0x88, 0x02, 0xbf, 0x50, 0x54, 0x12, 0x5d, 0x01, 0x02, 0x46, 0xc6, 0x74, 0x02, 0x8c, 0x24, 0xae, 0xb1,
-	/* (2^123)P */ 0xf5, 0x22, 0xea, 0xac, 0x7d, 0x9c, 0x33, 0x8a, 0xa5, 0x36, 0x79, 0x6a, 0x4f, 0xa4, 0xdc, 0xa5, 0x73, 0x64, 0xc4, 0x6f, 0x43, 0x02, 0x3b, 0x94, 0x66, 0xd2, 0x4b, 0x4f, 0xf6, 0x45, 0x33, 0x5d, 0x10, 0x33, 0x18, 0x1e, 0xa3, 0xfc, 0xf7, 0xd2, 0xb8, 0xc8, 0xa7, 0xe0, 0x76, 0x8a, 0xcd, 0xff, 0x4f, 0x99, 0x34, 0x47, 0x84, 0x91, 0x96, 0x9f,
-	/* (2^124)P */ 0x8a, 0x48, 0x3b, 0x48, 0x4a, 0xbc, 0xac, 0xe2, 0x80, 0xd6, 0xd2, 0x35, 0xde, 0xd0, 0x56, 0x42, 0x33, 0xb3, 0x56, 0x5a, 0xcd, 0xb8, 0x3d, 0xb5, 0x25, 0xc1, 0xed, 0xff, 0x87, 0x0b, 0x79, 0xff, 0xf2, 0x62, 0xe1, 0x76, 0xc6, 0xa2, 0x0f, 0xa8, 0x9b, 0x0d, 0xcc, 0x3f, 0x3d, 0x35, 0x27, 0x8d, 0x0b, 0x74, 0xb0, 0xc3, 0x78, 0x8c, 0xcc, 0xc8,
-	/* (2^125)P */ 0xfc, 0x9a, 0x0c, 0xa8, 0x49, 0x42, 0xb8, 0xdf, 0xcf, 0xb3, 0x19, 0xa6, 0x64, 0x57, 0xfe, 0xe8, 0xf8, 0xa6, 0x4b, 0x86, 0xa1, 0xd5, 0x83, 0x7f, 0x14, 0x99, 0x18, 0x0c, 0x7d, 0x5b, 0xf7, 0x3d, 0xf9, 0x4b, 0x79, 0xb1, 0x86, 0x30, 0xb4, 0x5e, 0x6a, 0xe8, 0x9d, 0xfa, 0x8a, 0x41, 0xc4, 0x30, 0xfc, 0x56, 0x74, 0x14, 0x42, 0xc8, 0x96, 0x0e,
-	/* (2^126)P */ 0xdf, 0x66, 0xec, 0xbc, 0x44, 0xdb, 0x19, 0xce, 0xd4, 0xb5, 0x49, 0x40, 0x07, 0x49, 0xe0, 0x3a, 0x61, 0x10, 0xfb, 0x7d, 0xba, 0xb1, 0xe0, 0x28, 0x5b, 0x99, 0x59, 0x96, 0xa2, 0xee, 0xe0, 0x23, 0x37, 0x39, 0x1f, 0xe6, 0x57, 0x9f, 0xf8, 0xf8, 0xdc, 0x74, 0xf6, 0x8f, 0x4f, 0x5e, 0x51, 0xa4, 0x12, 0xac, 0xbe, 0xe4, 0xf3, 0xd1, 0xf0, 0x24,
-	/* (2^127)P */ 0x1e, 0x3e, 0x9a, 0x5f, 0xdf, 0x9f, 0xd6, 0x4e, 0x8a, 0x28, 0xc3, 0xcd, 0x96, 0x9d, 0x57, 0xc7, 0x61, 0x81, 0x90, 0xff, 0xae, 0xb1, 0x4f, 0xc2, 0x96, 0x8b, 0x1a, 0x18, 0xf4, 0x50, 0xcb, 0x31, 0xe1, 0x57, 0xf4, 0x90, 0xa8, 0xea, 0xac, 0xe7, 0x61, 0x98, 0xb6, 0x15, 0xc1, 0x7b, 0x29, 0xa4, 0xc3, 0x18, 0xef, 0xb9, 0xd8, 0xdf, 0xf6, 0xac,
-	/* (2^128)P */ 0xca, 0xa8, 0x6c, 0xf1, 0xb4, 0xca, 0xfe, 0x31, 0xee, 0x48, 0x38, 0x8b, 0x0e, 0xbb, 0x7a, 0x30, 0xaa, 0xf9, 0xee, 0x27, 0x53, 0x24, 0xdc, 0x2e, 0x15, 0xa6, 0x48, 0x8f, 0xa0, 0x7e, 0xf1, 0xdc, 0x93, 0x87, 0x39, 0xeb, 0x7f, 0x38, 0x92, 0x92, 0x4c, 0x29, 0xe9, 0x57, 0xd8, 0x59, 0xfc, 0xe9, 0x9c, 0x44, 0xc0, 0x65, 0xcf, 0xac, 0x4b, 0xdc,
-	/* (2^129)P */ 0xa3, 0xd0, 0x37, 0x8f, 0x86, 0x2f, 0xc6, 0x47, 0x55, 0x46, 0x65, 0x26, 0x4b, 0x91, 0xe2, 0x18, 0x5c, 0x4f, 0x23, 0xc1, 0x37, 0x29, 0xb9, 0xc1, 0x27, 0xc5, 0x3c, 0xbf, 0x7e, 0x23, 0xdb, 0x73, 0x99, 0xbd, 0x1b, 0xb2, 0x31, 0x68, 0x3a, 0xad, 0xb7, 0xb0, 0x10, 0xc5, 0xe5, 0x11, 0x51, 0xba, 0xa7, 0x60, 0x66, 0x54, 0xf0, 0x08, 0xd7, 0x69,
-	/* (2^130)P */ 0x89, 0x41, 0x79, 0xcc, 0xeb, 0x0a, 0xf5, 0x4b, 0xa3, 0x4c, 0xce, 0x52, 0xb0, 0xa7, 0xe4, 0x41, 0x75, 0x7d, 0x04, 0xbb, 0x09, 0x4c, 0x50, 0x9f, 0xdf, 0xea, 0x74, 0x61, 0x02, 0xad, 0xb4, 0x9d, 0xb7, 0x05, 0xb9, 0xea, 0xeb, 0x91, 0x35, 0xe7, 0x49, 0xea, 0xd3, 0x4f, 0x3c, 0x60, 0x21, 0x7a, 0xde, 0xc7, 0xe2, 0x5a, 0xee, 0x8e, 0x93, 0xc7,
-	/* (2^131)P */ 0x00, 0xe8, 0xed, 0xd0, 0xb3, 0x0d, 0xaf, 0xb2, 0xde, 0x2c, 0xf6, 0x00, 0xe2, 0xea, 0x6d, 0xf8, 0x0e, 0xd9, 0x67, 0x59, 0xa9, 0x50, 0xbb, 0x17, 0x8f, 0xff, 0xb1, 0x9f, 0x17, 0xb6, 0xf2, 0xb5, 0xba, 0x80, 0xf7, 0x0f, 0xba, 0xd5, 0x09, 0x43, 0xaa, 0x4e, 0x3a, 0x67, 0x6a, 0x89, 0x9b, 0x18, 0x65, 0x35, 0xf8, 0x3a, 0x49, 0x91, 0x30, 0x51,
-	/* (2^132)P */ 0x8d, 0x25, 0xe9, 0x0e, 0x7d, 0x50, 0x76, 0xe4, 0x58, 0x7e, 0xb9, 0x33, 0xe6, 0x65, 0x90, 0xc2, 0x50, 0x9d, 0x50, 0x2e, 0x11, 0xad, 0xd5, 0x43, 0x52, 0x32, 0x41, 0x4f, 0x7b, 0xb6, 0xa0, 0xec, 0x81, 0x75, 0x36, 0x7c, 0x77, 0x85, 0x59, 0x70, 0xe4, 0xf9, 0xef, 0x66, 0x8d, 0x35, 0xc8, 0x2a, 0x6e, 0x5b, 0xc6, 0x0d, 0x0b, 0x29, 0x60, 0x68,
-	/* (2^133)P */ 0xf8, 0xce, 0xb0, 0x3a, 0x56, 0x7d, 0x51, 0x9a, 0x25, 0x73, 0xea, 0xdd, 0xe4, 0xe0, 0x0e, 0xf0, 0x07, 0xc0, 0x31, 0x00, 0x73, 0x35, 0xd0, 0x39, 0xc4, 0x9b, 0xb7, 0x95, 0xe0, 0x62, 0x70, 0x36, 0x0b, 0xcb, 0xa0, 0x42, 0xde, 0x51, 0xcf, 0x41, 0xe0, 0xb8, 0xb4, 0xc0, 0xe5, 0x46, 0x99, 0x9f, 0x02, 0x7f, 0x14, 0x8c, 0xc1, 0x4e, 0xef, 0xe8,
-	/* (2^134)P */ 0x10, 0x01, 0x57, 0x0a, 0xbe, 0x8b, 0x18, 0xc8, 0xca, 0x00, 0x28, 0x77, 0x4a, 0x9a, 0xc7, 0x55, 0x2a, 0xcc, 0x0c, 0x7b, 0xb9, 0xe9, 0xc8, 0x97, 0x7c, 0x02, 0xe3, 0x09, 0x2f, 0x62, 0x30, 0xb8, 0x40, 0x09, 0x65, 0xe9, 0x55, 0x63, 0xb5, 0x07, 0xca, 0x9f, 0x00, 0xdf, 0x9d, 0x5c, 0xc7, 0xee, 0x57, 0xa5, 0x90, 0x15, 0x1e, 0x22, 0xa0, 0x12,
-	/* (2^135)P */ 0x71, 0x2d, 0xc9, 0xef, 0x27, 0xb9, 0xd8, 0x12, 0x43, 0x6b, 0xa8, 0xce, 0x3b, 0x6d, 0x6e, 0x91, 0x43, 0x23, 0xbc, 0x32, 0xb3, 0xbf, 0xe1, 0xc7, 0x39, 0xcf, 0x7c, 0x42, 0x4c, 0xb1, 0x30, 0xe2, 0xdd, 0x69, 0x06, 0xe5, 0xea, 0xf0, 0x2a, 0x16, 0x50, 0x71, 0xca, 0x92, 0xdf, 0xc1, 0xcc, 0xec, 0xe6, 0x54, 0x07, 0xf3, 0x18, 0x8d, 0xd8, 0x29,
-	/* (2^136)P */ 0x98, 0x51, 0x48, 0x8f, 0xfa, 0x2e, 0x5e, 0x67, 0xb0, 0xc6, 0x17, 0x12, 0xb6, 0x7d, 0xc9, 0xad, 0x81, 0x11, 0xad, 0x0c, 0x1c, 0x2d, 0x45, 0xdf, 0xac, 0x66, 0xbd, 0x08, 0x6f, 0x7c, 0xc7, 0x06, 0x6e, 0x19, 0x08, 0x39, 0x64, 0xd7, 0xe4, 0xd1, 0x11, 0x5f, 0x1c, 0xf4, 0x67, 0xc3, 0x88, 0x6a, 0xe6, 0x07, 0xa3, 0x83, 0xd7, 0xfd, 0x2a, 0xf9,
-	/* (2^137)P */ 0x87, 0xed, 0xeb, 0xd9, 0xdf, 0xff, 0x43, 0x8b, 0xaa, 0x20, 0x58, 0xb0, 0xb4, 0x6b, 0x14, 0xb8, 0x02, 0xc5, 0x40, 0x20, 0x22, 0xbb, 0xf7, 0xb4, 0xf3, 0x05, 0x1e, 0x4d, 0x94, 0xff, 0xe3, 0xc5, 0x22, 0x82, 0xfe, 0xaf, 0x90, 0x42, 0x98, 0x6b, 0x76, 0x8b, 0x3e, 0x89, 0x3f, 0x42, 0x2a, 0xa7, 0x26, 0x00, 0xda, 0x5c, 0xa2, 0x2b, 0xec, 0xdd,
-	/* (2^138)P */ 0x5c, 0x21, 0x16, 0x0d, 0x46, 0xb8, 0xd0, 0xa7, 0x88, 0xe7, 0x25, 0xcb, 0x3e, 0x50, 0x73, 0x61, 0xe7, 0xaf, 0x5a, 0x3f, 0x47, 0x8b, 0x3d, 0x97, 0x79, 0x2c, 0xe6, 0x6d, 0x95, 0x74, 0x65, 0x70, 0x36, 0xfd, 0xd1, 0x9e, 0x13, 0x18, 0x63, 0xb1, 0x2d, 0x0b, 0xb5, 0x36, 0x3e, 0xe7, 0x35, 0x42, 0x3b, 0xe6, 0x1f, 0x4d, 0x9d, 0x59, 0xa2, 0x43,
-	/* (2^139)P */ 0x8c, 0x0c, 0x7c, 0x24, 0x9e, 0xe0, 0xf8, 0x05, 0x1c, 0x9e, 0x1f, 0x31, 0xc0, 0x70, 0xb3, 0xfb, 0x4e, 0xf8, 0x0a, 0x57, 0xb7, 0x49, 0xb5, 0x73, 0xa1, 0x5f, 0x9b, 0x6a, 0x07, 0x6c, 0x87, 0x71, 0x87, 0xd4, 0xbe, 0x98, 0x1e, 0x98, 0xee, 0x52, 0xc1, 0x7b, 0x95, 0x0f, 0x28, 0x32, 0x36, 0x28, 0xd0, 0x3a, 0x0f, 0x7d, 0x2a, 0xa9, 0x62, 0xb9,
-	/* (2^140)P */ 0x97, 0xe6, 0x18, 0x77, 0xf9, 0x34, 0xac, 0xbc, 0xe0, 0x62, 0x9f, 0x42, 0xde, 0xbd, 0x2f, 0xf7, 0x1f, 0xb7, 0x14, 0x52, 0x8a, 0x79, 0xb2, 0x3f, 0xd2, 0x95, 0x71, 0x01, 0xe8, 0xaf, 0x8c, 0xa4, 0xa4, 0xa7, 0x27, 0xf3, 0x5c, 0xdf, 0x3e, 0x57, 0x7a, 0xf1, 0x76, 0x49, 0xe6, 0x42, 0x3f, 0x8f, 0x1e, 0x63, 0x4a, 0x65, 0xb5, 0x41, 0xf5, 0x02,
-	/* (2^141)P */ 0x72, 0x85, 0xc5, 0x0b, 0xe1, 0x47, 0x64, 0x02, 0xc5, 0x4d, 0x81, 0x69, 0xb2, 0xcf, 0x0f, 0x6c, 0xd4, 0x6d, 0xd0, 0xc7, 0xb4, 0x1c, 0xd0, 0x32, 0x59, 0x89, 0xe2, 0xe0, 0x96, 0x8b, 0x12, 0x98, 0xbf, 0x63, 0x7a, 0x4c, 0x76, 0x7e, 0x58, 0x17, 0x8f, 0x5b, 0x0a, 0x59, 0x65, 0x75, 0xbc, 0x61, 0x1f, 0xbe, 0xc5, 0x6e, 0x0a, 0x57, 0x52, 0x70,
-	/* (2^142)P */ 0x92, 0x1c, 0x77, 0xbb, 0x62, 0x02, 0x6c, 0x25, 0x9c, 0x66, 0x07, 0x83, 0xab, 0xcc, 0x80, 0x5d, 0xd2, 0x76, 0x0c, 0xa4, 0xc5, 0xb4, 0x8a, 0x68, 0x23, 0x31, 0x32, 0x29, 0x8a, 0x47, 0x92, 0x12, 0x80, 0xb3, 0xfa, 0x18, 0xe4, 0x8d, 0xc0, 0x4d, 0xfe, 0x97, 0x5f, 0x72, 0x41, 0xb5, 0x5c, 0x7a, 0xbd, 0xf0, 0xcf, 0x5e, 0x97, 0xaa, 0x64, 0x32,
-	/* (2^143)P */ 0x35, 0x3f, 0x75, 0xc1, 0x7a, 0x75, 0x7e, 0xa9, 0xc6, 0x0b, 0x4e, 0x32, 0x62, 0xec, 0xe3, 0x5c, 0xfb, 0x01, 0x43, 0xb6, 0xd4, 0x5b, 0x75, 0xd2, 0xee, 0x7f, 0x5d, 0x23, 0x2b, 0xb3, 0x54, 0x34, 0x4c, 0xd3, 0xb4, 0x32, 0x84, 0x81, 0xb5, 0x09, 0x76, 0x19, 0xda, 0x58, 0xda, 0x7c, 0xdb, 0x2e, 0xdd, 0x4c, 0x8e, 0xdd, 0x5d, 0x89, 0x10, 0x10,
-	/* (2^144)P */ 0x57, 0x25, 0x6a, 0x08, 0x37, 0x92, 0xa8, 0xdf, 0x24, 0xef, 0x8f, 0x33, 0x34, 0x52, 0xa4, 0x4c, 0xf0, 0x77, 0x9f, 0x69, 0x77, 0xd5, 0x8f, 0xd2, 0x9a, 0xb3, 0xb6, 0x1d, 0x2d, 0xa6, 0xf7, 0x1f, 0xda, 0xd7, 0xcb, 0x75, 0x11, 0xc3, 0x6b, 0xc0, 0x38, 0xb1, 0xd5, 0x2d, 0x96, 0x84, 0x16, 0xfa, 0x26, 0xb9, 0xcc, 0x3f, 0x16, 0x47, 0x23, 0x74,
-	/* (2^145)P */ 0x9b, 0x61, 0x2a, 0x1c, 0xdd, 0x39, 0xa5, 0xfa, 0x1c, 0x7d, 0x63, 0x50, 0xca, 0xe6, 0x9d, 0xfa, 0xb7, 0xc4, 0x4c, 0x6a, 0x97, 0x5f, 0x36, 0x4e, 0x47, 0xdd, 0x17, 0xf7, 0xf9, 0x19, 0xce, 0x75, 0x17, 0xad, 0xce, 0x2a, 0xf3, 0xfe, 0x27, 0x8f, 0x3e, 0x48, 0xc0, 0x60, 0x87, 0x24, 0x19, 0xae, 0x59, 0xe4, 0x5a, 0x00, 0x2a, 0xba, 0xa2, 0x1f,
-	/* (2^146)P */ 0x26, 0x88, 0x42, 0x60, 0x9f, 0x6e, 0x2c, 0x7c, 0x39, 0x0f, 0x47, 0x6a, 0x0e, 0x02, 0xbb, 0x4b, 0x34, 0x29, 0x55, 0x18, 0x36, 0xcf, 0x3b, 0x47, 0xf1, 0x2e, 0xfc, 0x6e, 0x94, 0xff, 0xe8, 0x6b, 0x06, 0xd2, 0xba, 0x77, 0x5e, 0x60, 0xd7, 0x19, 0xef, 0x02, 0x9d, 0x3a, 0xc2, 0xb7, 0xa9, 0xd8, 0x57, 0xee, 0x7e, 0x2b, 0xf2, 0x6d, 0x28, 0xda,
-	/* (2^147)P */ 0xdf, 0xd9, 0x92, 0x11, 0x98, 0x23, 0xe2, 0x45, 0x2f, 0x74, 0x70, 0xee, 0x0e, 0x55, 0x65, 0x79, 0x86, 0x38, 0x17, 0x92, 0x85, 0x87, 0x99, 0x50, 0xd9, 0x7c, 0xdb, 0xa1, 0x10, 0xec, 0x30, 0xb7, 0x40, 0xa3, 0x23, 0x9b, 0x0e, 0x27, 0x49, 0x29, 0x03, 0x94, 0xff, 0x53, 0xdc, 0xd7, 0xed, 0x49, 0xa9, 0x5a, 0x3b, 0xee, 0xd7, 0xc7, 0x65, 0xaf,
-	/* (2^148)P */ 0xa0, 0xbd, 0xbe, 0x03, 0xee, 0x0c, 0xbe, 0x32, 0x00, 0x7b, 0x52, 0xcb, 0x92, 0x29, 0xbf, 0xa0, 0xc6, 0xd9, 0xd2, 0xd6, 0x15, 0xe8, 0x3a, 0x75, 0x61, 0x65, 0x56, 0xae, 0xad, 0x3c, 0x2a, 0x64, 0x14, 0x3f, 0x8e, 0xc1, 0x2d, 0x0c, 0x8d, 0x20, 0xdb, 0x58, 0x4b, 0xe5, 0x40, 0x15, 0x4b, 0xdc, 0xa8, 0xbd, 0xef, 0x08, 0xa7, 0xd1, 0xf4, 0xb0,
-	/* (2^149)P */ 0xa9, 0x0f, 0x05, 0x94, 0x66, 0xac, 0x1f, 0x65, 0x3f, 0xe1, 0xb8, 0xe1, 0x34, 0x5e, 0x1d, 0x8f, 0xe3, 0x93, 0x03, 0x15, 0xff, 0xb6, 0x65, 0xb6, 0x6e, 0xc0, 0x2f, 0xd4, 0x2e, 0xb9, 0x2c, 0x13, 0x3c, 0x99, 0x1c, 0xb5, 0x87, 0xba, 0x79, 0xcb, 0xf0, 0x18, 0x06, 0x86, 0x04, 0x14, 0x25, 0x09, 0xcd, 0x1c, 0x14, 0xda, 0x35, 0xd0, 0x38, 0x3b,
-	/* (2^150)P */ 0x1b, 0x04, 0xa3, 0x27, 0xb4, 0xd3, 0x37, 0x48, 0x1e, 0x8f, 0x69, 0xd3, 0x5a, 0x2f, 0x20, 0x02, 0x36, 0xbe, 0x06, 0x7b, 0x6b, 0x6c, 0x12, 0x5b, 0x80, 0x74, 0x44, 0xe6, 0xf8, 0xf5, 0x95, 0x59, 0x29, 0xab, 0x51, 0x47, 0x83, 0x28, 0xe0, 0xad, 0xde, 0xaa, 0xd3, 0xb1, 0x1a, 0xcb, 0xa3, 0xcd, 0x8b, 0x6a, 0xb1, 0xa7, 0x0a, 0xd1, 0xf9, 0xbe,
-	/* (2^151)P */ 0xce, 0x2f, 0x85, 0xca, 0x74, 0x6d, 0x49, 0xb8, 0xce, 0x80, 0x44, 0xe0, 0xda, 0x5b, 0xcf, 0x2f, 0x79, 0x74, 0xfe, 0xb4, 0x2c, 0x99, 0x20, 0x6e, 0x09, 0x04, 0xfb, 0x6d, 0x57, 0x5b, 0x95, 0x0c, 0x45, 0xda, 0x4f, 0x7f, 0x63, 0xcc, 0x85, 0x5a, 0x67, 0x50, 0x68, 0x71, 0xb4, 0x67, 0xb1, 0x2e, 0xc1, 0x1c, 0xdc, 0xff, 0x2a, 0x7c, 0x10, 0x5e,
-	/* (2^152)P */ 0xa6, 0xde, 0xf3, 0xd4, 0x22, 0x30, 0x24, 0x9e, 0x0b, 0x30, 0x54, 0x59, 0x7e, 0xa2, 0xeb, 0x89, 0x54, 0x65, 0x3e, 0x40, 0xd1, 0xde, 0xe6, 0xee, 0x4d, 0xbf, 0x5e, 0x40, 0x1d, 0xee, 0x4f, 0x68, 0xd9, 0xa7, 0x2f, 0xb3, 0x64, 0xb3, 0xf5, 0xc8, 0xd3, 0xaa, 0x70, 0x70, 0x3d, 0xef, 0xd3, 0x95, 0x54, 0xdb, 0x3e, 0x94, 0x95, 0x92, 0x1f, 0x45,
-	/* (2^153)P */ 0x22, 0x80, 0x1d, 0x9d, 0x96, 0xa5, 0x78, 0x6f, 0xe0, 0x1e, 0x1b, 0x66, 0x42, 0xc8, 0xae, 0x9e, 0x46, 0x45, 0x08, 0x41, 0xdf, 0x80, 0xae, 0x6f, 0xdb, 0x15, 0x5a, 0x21, 0x31, 0x7a, 0xd0, 0xf2, 0x54, 0x15, 0x88, 0xd3, 0x0f, 0x7f, 0x14, 0x5a, 0x14, 0x97, 0xab, 0xf4, 0x58, 0x6a, 0x9f, 0xea, 0x74, 0xe5, 0x6b, 0x90, 0x59, 0x2b, 0x48, 0xd9,
-	/* (2^154)P */ 0x12, 0x24, 0x04, 0xf5, 0x50, 0xc2, 0x8c, 0xb0, 0x7c, 0x46, 0x98, 0xd5, 0x24, 0xad, 0xf6, 0x72, 0xdc, 0x82, 0x1a, 0x60, 0xc1, 0xeb, 0x48, 0xef, 0x7f, 0x6e, 0xe6, 0xcc, 0xdb, 0x7b, 0xae, 0xbe, 0x5e, 0x1e, 0x5c, 0xe6, 0x0a, 0x70, 0xdf, 0xa4, 0xa3, 0x85, 0x1b, 0x1b, 0x7f, 0x72, 0xb9, 0x96, 0x6f, 0xdc, 0x03, 0x76, 0x66, 0xfb, 0xa0, 0x33,
-	/* (2^155)P */ 0x37, 0x40, 0xbb, 0xbc, 0x68, 0x58, 0x86, 0xca, 0xbb, 0xa5, 0x24, 0x76, 0x3d, 0x48, 0xd1, 0xad, 0xb4, 0xa8, 0xcf, 0xc3, 0xb6, 0xa8, 0xba, 0x1a, 0x3a, 0xbe, 0x33, 0x75, 0x04, 0x5c, 0x13, 0x8c, 0x0d, 0x70, 0x8d, 0xa6, 0x4e, 0x2a, 0xeb, 0x17, 0x3c, 0x22, 0xdd, 0x3e, 0x96, 0x40, 0x11, 0x9e, 0x4e, 0xae, 0x3d, 0xf8, 0x91, 0xd7, 0x50, 0xc8,
-	/* (2^156)P */ 0xd8, 0xca, 0xde, 0x19, 0xcf, 0x00, 0xe4, 0x73, 0x18, 0x7f, 0x9b, 0x9f, 0xf4, 0x5b, 0x49, 0x49, 0x99, 0xdc, 0xa4, 0x46, 0x21, 0xb5, 0xd7, 0x3e, 0xb7, 0x47, 0x1b, 0xa9, 0x9f, 0x4c, 0x69, 0x7d, 0xec, 0x33, 0xd6, 0x1c, 0x51, 0x7f, 0x47, 0x74, 0x7a, 0x6c, 0xf3, 0xd2, 0x2e, 0xbf, 0xdf, 0x6c, 0x9e, 0x77, 0x3b, 0x34, 0xf6, 0x73, 0x80, 0xed,
-	/* (2^157)P */ 0x16, 0xfb, 0x16, 0xc3, 0xc2, 0x83, 0xe4, 0xf4, 0x03, 0x7f, 0x52, 0xb0, 0x67, 0x51, 0x7b, 0x24, 0x5a, 0x51, 0xd3, 0xb6, 0x4e, 0x59, 0x76, 0xcd, 0x08, 0x7b, 0x1d, 0x7a, 0x9c, 0x65, 0xae, 0xce, 0xaa, 0xd2, 0x1c, 0x85, 0x66, 0x68, 0x06, 0x15, 0xa8, 0x06, 0xe6, 0x16, 0x37, 0xf4, 0x49, 0x9e, 0x0f, 0x50, 0x37, 0xb1, 0xb2, 0x93, 0x70, 0x43,
-	/* (2^158)P */ 0x18, 0x3a, 0x16, 0xe5, 0x8d, 0xc8, 0x35, 0xd6, 0x7b, 0x09, 0xec, 0x61, 0x5f, 0x5c, 0x2a, 0x19, 0x96, 0x2e, 0xc3, 0xfd, 0xab, 0xe6, 0x23, 0xae, 0xab, 0xc5, 0xcb, 0xb9, 0x7b, 0x2d, 0x34, 0x51, 0xb9, 0x41, 0x9e, 0x7d, 0xca, 0xda, 0x25, 0x45, 0x14, 0xb0, 0xc7, 0x4d, 0x26, 0x2b, 0xfe, 0x43, 0xb0, 0x21, 0x5e, 0xfa, 0xdc, 0x7c, 0xf9, 0x5a,
-	/* (2^159)P */ 0x94, 0xad, 0x42, 0x17, 0xf5, 0xcd, 0x1c, 0x0d, 0xf6, 0x41, 0xd2, 0x55, 0xbb, 0x50, 0xf1, 0xc6, 0xbc, 0xa6, 0xc5, 0x3a, 0xfd, 0x9b, 0x75, 0x3e, 0xf6, 0x1a, 0xa7, 0xb2, 0x6e, 0x64, 0x12, 0xdc, 0x3c, 0xe5, 0xf6, 0xfc, 0x3b, 0xfa, 0x43, 0x81, 0xd4, 0xa5, 0xee, 0xf5, 0x9c, 0x47, 0x2f, 0xd0, 0x9c, 0xde, 0xa1, 0x48, 0x91, 0x9a, 0x34, 0xc1,
-	/* (2^160)P */ 0x37, 0x1b, 0xb3, 0x88, 0xc9, 0x98, 0x4e, 0xfb, 0x84, 0x4f, 0x2b, 0x0a, 0xb6, 0x8f, 0x35, 0x15, 0xcd, 0x61, 0x7a, 0x5f, 0x5c, 0xa0, 0xca, 0x23, 0xa0, 0x93, 0x1f, 0xcc, 0x3c, 0x39, 0x3a, 0x24, 0xa7, 0x49, 0xad, 0x8d, 0x59, 0xcc, 0x94, 0x5a, 0x16, 0xf5, 0x70, 0xe8, 0x52, 0x1e, 0xee, 0x20, 0x30, 0x17, 0x7e, 0xf0, 0x4c, 0x93, 0x06, 0x5a,
-	/* (2^161)P */ 0x81, 0xba, 0x3b, 0xd7, 0x3e, 0xb4, 0x32, 0x3a, 0x22, 0x39, 0x2a, 0xfc, 0x19, 0xd9, 0xd2, 0xf6, 0xc5, 0x79, 0x6c, 0x0e, 0xde, 0xda, 0x01, 0xff, 0x52, 0xfb, 0xb6, 0x95, 0x4e, 0x7a, 0x10, 0xb8, 0x06, 0x86, 0x3c, 0xcd, 0x56, 0xd6, 0x15, 0xbf, 0x6e, 0x3e, 0x4f, 0x35, 0x5e, 0xca, 0xbc, 0xa5, 0x95, 0xa2, 0xdf, 0x2d, 0x1d, 0xaf, 0x59, 0xf9,
-	/* (2^162)P */ 0x69, 0xe5, 0xe2, 0xfa, 0xc9, 0x7f, 0xdd, 0x09, 0xf5, 0x6b, 0x4e, 0x2e, 0xbe, 0xb4, 0xbf, 0x3e, 0xb2, 0xf2, 0x81, 0x30, 0xe1, 0x07, 0xa8, 0x0d, 0x2b, 0xd2, 0x5a, 0x55, 0xbe, 0x4b, 0x86, 0x5d, 0xb0, 0x5e, 0x7c, 0x8f, 0xc1, 0x3c, 0x81, 0x4c, 0xf7, 0x6d, 0x7d, 0xe6, 0x4f, 0x8a, 0x85, 0xc2, 0x2f, 0x28, 0xef, 0x8c, 0x69, 0xc2, 0xc2, 0x1a,
-	/* (2^163)P */ 0xd9, 0xe4, 0x0e, 0x1e, 0xc2, 0xf7, 0x2f, 0x9f, 0xa1, 0x40, 0xfe, 0x46, 0x16, 0xaf, 0x2e, 0xd1, 0xec, 0x15, 0x9b, 0x61, 0x92, 0xce, 0xfc, 0x10, 0x43, 0x1d, 0x00, 0xf6, 0xbe, 0x20, 0x80, 0x80, 0x6f, 0x3c, 0x16, 0x94, 0x59, 0xba, 0x03, 0x53, 0x6e, 0xb6, 0xdd, 0x25, 0x7b, 0x86, 0xbf, 0x96, 0xf4, 0x2f, 0xa1, 0x96, 0x8d, 0xf9, 0xb3, 0x29,
-	/* (2^164)P */ 0x3b, 0x04, 0x60, 0x6e, 0xce, 0xab, 0xd2, 0x63, 0x18, 0x53, 0x88, 0x16, 0x4a, 0x6a, 0xab, 0x72, 0x03, 0x68, 0xa5, 0xd4, 0x0d, 0xb2, 0x82, 0x81, 0x1f, 0x2b, 0x5c, 0x75, 0xe8, 0xd2, 0x1d, 0x7f, 0xe7, 0x1b, 0x35, 0x02, 0xde, 0xec, 0xbd, 0xcb, 0xc7, 0x01, 0xd3, 0x95, 0x61, 0xfe, 0xb2, 0x7a, 0x66, 0x09, 0x4c, 0x6d, 0xfd, 0x39, 0xf7, 0x52,
-	/* (2^165)P */ 0x42, 0xc1, 0x5f, 0xf8, 0x35, 0x52, 0xc1, 0xfe, 0xc5, 0x11, 0x80, 0x1c, 0x11, 0x46, 0x31, 0x11, 0xbe, 0xd0, 0xc4, 0xb6, 0x07, 0x13, 0x38, 0xa0, 0x8d, 0x65, 0xf0, 0x56, 0x9e, 0x16, 0xbf, 0x9d, 0xcd, 0x51, 0x34, 0xf9, 0x08, 0x48, 0x7b, 0x76, 0x0c, 0x7b, 0x30, 0x07, 0xa8, 0x76, 0xaf, 0xa3, 0x29, 0x38, 0xb0, 0x58, 0xde, 0x72, 0x4b, 0x45,
-	/* (2^166)P */ 0xd4, 0x16, 0xa7, 0xc0, 0xb4, 0x9f, 0xdf, 0x1a, 0x37, 0xc8, 0x35, 0xed, 0xc5, 0x85, 0x74, 0x64, 0x09, 0x22, 0xef, 0xe9, 0x0c, 0xaf, 0x12, 0x4c, 0x9e, 0xf8, 0x47, 0x56, 0xe0, 0x7f, 0x4e, 0x24, 0x6b, 0x0c, 0xe7, 0xad, 0xc6, 0x47, 0x1d, 0xa4, 0x0d, 0x86, 0x89, 0x65, 0xe8, 0x5f, 0x71, 0xc7, 0xe9, 0xcd, 0xec, 0x6c, 0x62, 0xc7, 0xe3, 0xb3,
-	/* (2^167)P */ 0xb5, 0xea, 0x86, 0xe3, 0x15, 0x18, 0x3f, 0x6d, 0x7b, 0x05, 0x95, 0x15, 0x53, 0x26, 0x1c, 0xeb, 0xbe, 0x7e, 0x16, 0x42, 0x4b, 0xa2, 0x3d, 0xdd, 0x0e, 0xff, 0xba, 0x67, 0xb5, 0xae, 0x7a, 0x17, 0xde, 0x23, 0xad, 0x14, 0xcc, 0xd7, 0xaf, 0x57, 0x01, 0xe0, 0xdd, 0x48, 0xdd, 0xd7, 0xe3, 0xdf, 0xe9, 0x2d, 0xda, 0x67, 0xa4, 0x9f, 0x29, 0x04,
-	/* (2^168)P */ 0x16, 0x53, 0xe6, 0x9c, 0x4e, 0xe5, 0x1e, 0x70, 0x81, 0x25, 0x02, 0x9b, 0x47, 0x6d, 0xd2, 0x08, 0x73, 0xbe, 0x0a, 0xf1, 0x7b, 0xeb, 0x24, 0xeb, 0x38, 0x23, 0x5c, 0xb6, 0x3e, 0xce, 0x1e, 0xe3, 0xbc, 0x82, 0x35, 0x1f, 0xaf, 0x3a, 0x3a, 0xe5, 0x4e, 0xc1, 0xca, 0xbf, 0x47, 0xb4, 0xbb, 0xbc, 0x5f, 0xea, 0xc6, 0xca, 0xf3, 0xa0, 0xa2, 0x73,
-	/* (2^169)P */ 0xef, 0xa4, 0x7a, 0x4e, 0xe4, 0xc7, 0xb6, 0x43, 0x2e, 0xa5, 0xe4, 0xa5, 0xba, 0x1e, 0xa5, 0xfe, 0x9e, 0xce, 0xa9, 0x80, 0x04, 0xcb, 0x4f, 0xd8, 0x74, 0x05, 0x48, 0xfa, 0x99, 0x11, 0x5d, 0x97, 0x3b, 0x07, 0x0d, 0xdd, 0xe6, 0xb1, 0x74, 0x87, 0x1a, 0xd3, 0x26, 0xb7, 0x8f, 0xe1, 0x63, 0x3d, 0xec, 0x53, 0x93, 0xb0, 0x81, 0x78, 0x34, 0xa4,
-	/* (2^170)P */ 0xe1, 0xe7, 0xd4, 0x58, 0x9d, 0x0e, 0x8b, 0x65, 0x66, 0x37, 0x16, 0x48, 0x6f, 0xaa, 0x42, 0x37, 0x77, 0xad, 0xb1, 0x56, 0x48, 0xdf, 0x65, 0x36, 0x30, 0xb8, 0x00, 0x12, 0xd8, 0x32, 0x28, 0x7f, 0xc1, 0x71, 0xeb, 0x93, 0x0f, 0x48, 0x04, 0xe1, 0x5a, 0x6a, 0x96, 0xc1, 0xca, 0x89, 0x6d, 0x1b, 0x82, 0x4c, 0x18, 0x6d, 0x55, 0x4b, 0xea, 0xfd,
-	/* (2^171)P */ 0x62, 0x1a, 0x53, 0xb4, 0xb1, 0xbe, 0x6f, 0x15, 0x18, 0x88, 0xd4, 0x66, 0x61, 0xc7, 0x12, 0x69, 0x02, 0xbd, 0x03, 0x23, 0x2b, 0xef, 0xf9, 0x54, 0xa4, 0x85, 0xa8, 0xe3, 0xb7, 0xbd, 0xa9, 0xa3, 0xf3, 0x2a, 0xdd, 0xf1, 0xd4, 0x03, 0x0f, 0xa9, 0xa1, 0xd8, 0xa3, 0xcd, 0xb2, 0x71, 0x90, 0x4b, 0x35, 0x62, 0xf2, 0x2f, 0xce, 0x67, 0x1f, 0xaa,
-	/* (2^172)P */ 0x9e, 0x1e, 0xcd, 0x43, 0x7e, 0x87, 0x37, 0x94, 0x3a, 0x97, 0x4c, 0x7e, 0xee, 0xc9, 0x37, 0x85, 0xf1, 0xd9, 0x4f, 0xbf, 0xf9, 0x6f, 0x39, 0x9a, 0x39, 0x87, 0x2e, 0x25, 0x84, 0x42, 0xc3, 0x80, 0xcb, 0x07, 0x22, 0xae, 0x30, 0xd5, 0x50, 0xa1, 0x23, 0xcc, 0x31, 0x81, 0x9d, 0xf1, 0x30, 0xd9, 0x2b, 0x73, 0x41, 0x16, 0x50, 0xab, 0x2d, 0xa2,
-	/* (2^173)P */ 0xa4, 0x69, 0x4f, 0xa1, 0x4e, 0xb9, 0xbf, 0x14, 0xe8, 0x2b, 0x04, 0x93, 0xb7, 0x6e, 0x9f, 0x7d, 0x73, 0x0a, 0xc5, 0x14, 0xb8, 0xde, 0x8c, 0xc1, 0xfe, 0xc0, 0xa7, 0xa4, 0xcc, 0x42, 0x42, 0x81, 0x15, 0x65, 0x8a, 0x80, 0xb9, 0xde, 0x1f, 0x60, 0x33, 0x0e, 0xcb, 0xfc, 0xe0, 0xdb, 0x83, 0xa1, 0xe5, 0xd0, 0x16, 0x86, 0x2c, 0xe2, 0x87, 0xed,
-	/* (2^174)P */ 0x7a, 0xc0, 0xeb, 0x6b, 0xf6, 0x0d, 0x4c, 0x6d, 0x1e, 0xdb, 0xab, 0xe7, 0x19, 0x45, 0xc6, 0xe3, 0xb2, 0x06, 0xbb, 0xbc, 0x70, 0x99, 0x83, 0x33, 0xeb, 0x28, 0xc8, 0x77, 0xf6, 0x4d, 0x01, 0xb7, 0x59, 0xa0, 0xd2, 0xb3, 0x2a, 0x72, 0x30, 0xe7, 0x11, 0x39, 0xb6, 0x41, 0x29, 0x65, 0x5a, 0x14, 0xb9, 0x86, 0x08, 0xe0, 0x7d, 0x32, 0x8c, 0xf0,
-	/* (2^175)P */ 0x5c, 0x11, 0x30, 0x9e, 0x05, 0x27, 0xf5, 0x45, 0x0f, 0xb3, 0xc9, 0x75, 0xc3, 0xd7, 0xe1, 0x82, 0x3b, 0x8e, 0x87, 0x23, 0x00, 0x15, 0x19, 0x07, 0xd9, 0x21, 0x53, 0xc7, 0xf1, 0xa3, 0xbf, 0x70, 0x64, 0x15, 0x18, 0xca, 0x23, 0x9e, 0xd3, 0x08, 0xc3, 0x2a, 0x8b, 0xe5, 0x83, 0x04, 0x89, 0x14, 0xfd, 0x28, 0x25, 0x1c, 0xe3, 0x26, 0xa7, 0x22,
-	/* (2^176)P */ 0xdc, 0xd4, 0x75, 0x60, 0x99, 0x94, 0xea, 0x09, 0x8e, 0x8a, 0x3c, 0x1b, 0xf9, 0xbd, 0x33, 0x0d, 0x51, 0x3d, 0x12, 0x6f, 0x4e, 0x72, 0xe0, 0x17, 0x20, 0xe9, 0x75, 0xe6, 0x3a, 0xb2, 0x13, 0x83, 0x4e, 0x7a, 0x08, 0x9e, 0xd1, 0x04, 0x5f, 0x6b, 0x42, 0x0b, 0x76, 0x2a, 0x2d, 0x77, 0x53, 0x6c, 0x65, 0x6d, 0x8e, 0x25, 0x3c, 0xb6, 0x8b, 0x69,
-	/* (2^177)P */ 0xb9, 0x49, 0x28, 0xd0, 0xdc, 0x6c, 0x8f, 0x4c, 0xc9, 0x14, 0x8a, 0x38, 0xa3, 0xcb, 0xc4, 0x9d, 0x53, 0xcf, 0xe9, 0xe3, 0xcf, 0xe0, 0xb1, 0xf2, 0x1b, 0x4c, 0x7f, 0x83, 0x2a, 0x7a, 0xe9, 0x8b, 0x3b, 0x86, 0x61, 0x30, 0xe9, 0x99, 0xbd, 0xba, 0x19, 0x6e, 0x65, 0x2a, 0x12, 0x3e, 0x9c, 0xa8, 0xaf, 0xc3, 0xcf, 0xf8, 0x1f, 0x77, 0x86, 0xea,
-	/* (2^178)P */ 0x30, 0xde, 0xe7, 0xff, 0x54, 0xf7, 0xa2, 0x59, 0xf6, 0x0b, 0xfb, 0x7a, 0xf2, 0x39, 0xf0, 0xdb, 0x39, 0xbc, 0xf0, 0xfa, 0x60, 0xeb, 0x6b, 0x4f, 0x47, 0x17, 0xc8, 0x00, 0x65, 0x6d, 0x25, 0x1c, 0xd0, 0x48, 0x56, 0x53, 0x45, 0x11, 0x30, 0x02, 0x49, 0x20, 0x27, 0xac, 0xf2, 0x4c, 0xac, 0x64, 0x3d, 0x52, 0xb8, 0x89, 0xe0, 0x93, 0x16, 0x0f,
-	/* (2^179)P */ 0x84, 0x09, 0xba, 0x40, 0xb2, 0x2f, 0xa3, 0xa8, 0xc2, 0xba, 0x46, 0x33, 0x05, 0x9d, 0x62, 0xad, 0xa1, 0x3c, 0x33, 0xef, 0x0d, 0xeb, 0xf0, 0x77, 0x11, 0x5a, 0xb0, 0x21, 0x9c, 0xdf, 0x55, 0x24, 0x25, 0x35, 0x51, 0x61, 0x92, 0xf0, 0xb1, 0xce, 0xf5, 0xd4, 0x7b, 0x6c, 0x21, 0x9d, 0x56, 0x52, 0xf8, 0xa1, 0x4c, 0xe9, 0x27, 0x55, 0xac, 0x91,
-	/* (2^180)P */ 0x03, 0x3e, 0x30, 0xd2, 0x0a, 0xfa, 0x7d, 0x82, 0x3d, 0x1f, 0x8b, 0xcb, 0xb6, 0x04, 0x5c, 0xcc, 0x8b, 0xda, 0xe2, 0x68, 0x74, 0x08, 0x8c, 0x44, 0x83, 0x57, 0x6d, 0x6f, 0x80, 0xb0, 0x7e, 0xa9, 0x82, 0x91, 0x7b, 0x4c, 0x37, 0x97, 0xd1, 0x63, 0xd1, 0xbd, 0x45, 0xe6, 0x8a, 0x86, 0xd6, 0x89, 0x54, 0xfd, 0xd2, 0xb1, 0xd7, 0x54, 0xad, 0xaf,
-	/* (2^181)P */ 0x8b, 0x33, 0x62, 0x49, 0x9f, 0x63, 0xf9, 0x87, 0x42, 0x58, 0xbf, 0xb3, 0xe6, 0x68, 0x02, 0x60, 0x5c, 0x76, 0x62, 0xf7, 0x61, 0xd7, 0x36, 0x31, 0xf7, 0x9c, 0xb5, 0xe5, 0x13, 0x6c, 0xea, 0x78, 0xae, 0xcf, 0xde, 0xbf, 0xb6, 0xeb, 0x4f, 0xc8, 0x2a, 0xb4, 0x9a, 0x9f, 0xf3, 0xd1, 0x6a, 0xec, 0x0c, 0xbd, 0x85, 0x98, 0x40, 0x06, 0x1c, 0x2a,
-	/* (2^182)P */ 0x74, 0x3b, 0xe7, 0x81, 0xd5, 0xae, 0x54, 0x56, 0x03, 0xe8, 0x97, 0x16, 0x76, 0xcf, 0x24, 0x96, 0x96, 0x5b, 0xcc, 0x09, 0xab, 0x23, 0x6f, 0x54, 0xae, 0x8f, 0xe4, 0x12, 0xcb, 0xfd, 0xbc, 0xac, 0x93, 0x45, 0x3d, 0x68, 0x08, 0x22, 0x59, 0xc6, 0xf0, 0x47, 0x19, 0x8c, 0x79, 0x93, 0x1e, 0x0e, 0x30, 0xb0, 0x94, 0xfb, 0x17, 0x1d, 0x5a, 0x12,
-	/* (2^183)P */ 0x85, 0xff, 0x40, 0x18, 0x85, 0xff, 0x44, 0x37, 0x69, 0x23, 0x4d, 0x34, 0xe1, 0xeb, 0xa3, 0x1b, 0x55, 0x40, 0xc1, 0x64, 0xf4, 0xd4, 0x13, 0x0a, 0x9f, 0xb9, 0x19, 0xfc, 0x88, 0x7d, 0xc0, 0x72, 0xcf, 0x69, 0x2f, 0xd2, 0x0c, 0x82, 0x0f, 0xda, 0x08, 0xba, 0x0f, 0xaa, 0x3b, 0xe9, 0xe5, 0x83, 0x7a, 0x06, 0xe8, 0x1b, 0x38, 0x43, 0xc3, 0x54,
-	/* (2^184)P */ 0x14, 0xaa, 0xb3, 0x6e, 0xe6, 0x28, 0xee, 0xc5, 0x22, 0x6c, 0x7c, 0xf9, 0xa8, 0x71, 0xcc, 0xfe, 0x68, 0x7e, 0xd3, 0xb8, 0x37, 0x96, 0xca, 0x0b, 0xd9, 0xb6, 0x06, 0xa9, 0xf6, 0x71, 0xe8, 0x31, 0xf7, 0xd8, 0xf1, 0x5d, 0xab, 0xb9, 0xf0, 0x5c, 0x98, 0xcf, 0x22, 0xa2, 0x2a, 0xf6, 0xd0, 0x59, 0xf0, 0x9d, 0xd9, 0x6a, 0x4f, 0x59, 0x57, 0xad,
-	/* (2^185)P */ 0xd7, 0x2b, 0x3d, 0x38, 0x4c, 0x2e, 0x23, 0x4d, 0x49, 0xa2, 0x62, 0x62, 0xf9, 0x0f, 0xde, 0x08, 0xf3, 0x86, 0x71, 0xb6, 0xc7, 0xf9, 0x85, 0x9c, 0x33, 0xa1, 0xcf, 0x16, 0xaa, 0x60, 0xb9, 0xb7, 0xea, 0xed, 0x01, 0x1c, 0x59, 0xdb, 0x3f, 0x3f, 0x97, 0x2e, 0xf0, 0x09, 0x9f, 0x10, 0x85, 0x5f, 0x53, 0x39, 0xf3, 0x13, 0x40, 0x56, 0x95, 0xf9,
-	/* (2^186)P */ 0xb4, 0xe3, 0xda, 0xc6, 0x1f, 0x78, 0x8e, 0xac, 0xd4, 0x20, 0x1d, 0xa0, 0xbf, 0x4c, 0x09, 0x16, 0xa7, 0x30, 0xb5, 0x8d, 0x9e, 0xa1, 0x5f, 0x6d, 0x52, 0xf4, 0x71, 0xb6, 0x32, 0x2d, 0x21, 0x51, 0xc6, 0xfc, 0x2f, 0x08, 0xf4, 0x13, 0x6c, 0x55, 0xba, 0x72, 0x81, 0x24, 0x49, 0x0e, 0x4f, 0x06, 0x36, 0x39, 0x6a, 0xc5, 0x81, 0xfc, 0xeb, 0xb2,
-	/* (2^187)P */ 0x7d, 0x8d, 0xc8, 0x6c, 0xea, 0xb4, 0xb9, 0xe8, 0x40, 0xc9, 0x69, 0xc9, 0x30, 0x05, 0xfd, 0x34, 0x46, 0xfd, 0x94, 0x05, 0x16, 0xf5, 0x4b, 0x13, 0x3d, 0x24, 0x1a, 0xd6, 0x64, 0x2b, 0x9c, 0xe2, 0xa5, 0xd9, 0x98, 0xe0, 0xe8, 0xf4, 0xbc, 0x2c, 0xbd, 0xa2, 0x56, 0xe3, 0x9e, 0x14, 0xdb, 0xbf, 0x05, 0xbf, 0x9a, 0x13, 0x5d, 0xf7, 0x91, 0xa3,
-	/* (2^188)P */ 0x8b, 0xcb, 0x27, 0xf3, 0x15, 0x26, 0x05, 0x40, 0x0f, 0xa6, 0x15, 0x13, 0x71, 0x95, 0xa2, 0xc6, 0x38, 0x04, 0x67, 0xf8, 0x9a, 0x83, 0x06, 0xaa, 0x25, 0x36, 0x72, 0x01, 0x6f, 0x74, 0x5f, 0xe5, 0x6e, 0x44, 0x99, 0xce, 0x13, 0xbc, 0x82, 0xc2, 0x0d, 0xa4, 0x98, 0x50, 0x38, 0xf3, 0xa2, 0xc5, 0xe5, 0x24, 0x1f, 0x6f, 0x56, 0x3e, 0x07, 0xb2,
-	/* (2^189)P */ 0xbd, 0x0f, 0x32, 0x60, 0x07, 0xb1, 0xd7, 0x0b, 0x11, 0x07, 0x57, 0x02, 0x89, 0xe8, 0x8b, 0xe8, 0x5a, 0x1f, 0xee, 0x54, 0x6b, 0xff, 0xb3, 0x04, 0x07, 0x57, 0x13, 0x0b, 0x94, 0xa8, 0x4d, 0x81, 0xe2, 0x17, 0x16, 0x45, 0xd4, 0x4b, 0xf7, 0x7e, 0x64, 0x66, 0x20, 0xe8, 0x0b, 0x26, 0xfd, 0xa9, 0x8a, 0x47, 0x52, 0x89, 0x14, 0xd0, 0xd1, 0xa1,
-	/* (2^190)P */ 0xdc, 0x03, 0xe6, 0x20, 0x44, 0x47, 0x8f, 0x04, 0x16, 0x24, 0x22, 0xc1, 0x55, 0x5c, 0xbe, 0x43, 0xc3, 0x92, 0xc5, 0x54, 0x3d, 0x5d, 0xd1, 0x05, 0x9c, 0xc6, 0x7c, 0xbf, 0x23, 0x84, 0x1a, 0xba, 0x4f, 0x1f, 0xfc, 0xa1, 0xae, 0x1a, 0x64, 0x02, 0x51, 0xf1, 0xcb, 0x7a, 0x20, 0xce, 0xb2, 0x34, 0x3c, 0xca, 0xe0, 0xe4, 0xba, 0x22, 0xd4, 0x7b,
-	/* (2^191)P */ 0xca, 0xfd, 0xca, 0xd7, 0xde, 0x61, 0xae, 0xf0, 0x79, 0x0c, 0x20, 0xab, 0xbc, 0x6f, 0x4d, 0x61, 0xf0, 0xc7, 0x9c, 0x8d, 0x4b, 0x52, 0xf3, 0xb9, 0x48, 0x63, 0x0b, 0xb6, 0xd2, 0x25, 0x9a, 0x96, 0x72, 0xc1, 0x6b, 0x0c, 0xb5, 0xfb, 0x71, 0xaa, 0xad, 0x47, 0x5b, 0xe7, 0xc0, 0x0a, 0x55, 0xb2, 0xd4, 0x16, 0x2f, 0xb1, 0x01, 0xfd, 0xce, 0x27,
-	/* (2^192)P */ 0x64, 0x11, 0x4b, 0xab, 0x57, 0x09, 0xc6, 0x49, 0x4a, 0x37, 0xc3, 0x36, 0xc4, 0x7b, 0x81, 0x1f, 0x42, 0xed, 0xbb, 0xe0, 0xa0, 0x8d, 0x51, 0xe6, 0xca, 0x8b, 0xb9, 0xcd, 0x99, 0x2d, 0x91, 0x53, 0xa9, 0x47, 0xcb, 0x32, 0xc7, 0xa4, 0x92, 0xec, 0x46, 0x74, 0x44, 0x6d, 0x71, 0x9f, 0x6d, 0x0c, 0x69, 0xa4, 0xf8, 0xbe, 0x9f, 0x7f, 0xa0, 0xd7,
-	/* (2^193)P */ 0x5f, 0x33, 0xb6, 0x91, 0xc8, 0xa5, 0x3f, 0x5d, 0x7f, 0x38, 0x6e, 0x74, 0x20, 0x4a, 0xd6, 0x2b, 0x98, 0x2a, 0x41, 0x4b, 0x83, 0x64, 0x0b, 0x92, 0x7a, 0x06, 0x1e, 0xc6, 0x2c, 0xf6, 0xe4, 0x91, 0xe5, 0xb1, 0x2e, 0x6e, 0x4e, 0xa8, 0xc8, 0x14, 0x32, 0x57, 0x44, 0x1c, 0xe4, 0xb9, 0x7f, 0x54, 0x51, 0x08, 0x81, 0xaa, 0x4e, 0xce, 0xa1, 0x5d,
-	/* (2^194)P */ 0x5c, 0xd5, 0x9b, 0x5e, 0x7c, 0xb5, 0xb1, 0x52, 0x73, 0x00, 0x41, 0x56, 0x79, 0x08, 0x7e, 0x07, 0x28, 0x06, 0xa6, 0xfb, 0x7f, 0x69, 0xbd, 0x7a, 0x3c, 0xae, 0x9f, 0x39, 0xbb, 0x54, 0xa2, 0x79, 0xb9, 0x0e, 0x7f, 0xbb, 0xe0, 0xe6, 0xb7, 0x27, 0x64, 0x38, 0x45, 0xdb, 0x84, 0xe4, 0x61, 0x72, 0x3f, 0xe2, 0x24, 0xfe, 0x7a, 0x31, 0x9a, 0xc9,
-	/* (2^195)P */ 0xa1, 0xd2, 0xa4, 0xee, 0x24, 0x96, 0xe5, 0x5b, 0x79, 0x78, 0x3c, 0x7b, 0x82, 0x3b, 0x8b, 0x58, 0x0b, 0xa3, 0x63, 0x2d, 0xbc, 0x75, 0x46, 0xe8, 0x83, 0x1a, 0xc0, 0x2a, 0x92, 0x61, 0xa8, 0x75, 0x37, 0x3c, 0xbf, 0x0f, 0xef, 0x8f, 0x6c, 0x97, 0x75, 0x10, 0x05, 0x7a, 0xde, 0x23, 0xe8, 0x2a, 0x35, 0xeb, 0x41, 0x64, 0x7d, 0xcf, 0xe0, 0x52,
-	/* (2^196)P */ 0x4a, 0xd0, 0x49, 0x93, 0xae, 0xf3, 0x24, 0x8c, 0xe1, 0x09, 0x98, 0x45, 0xd8, 0xb9, 0xfe, 0x8e, 0x8c, 0xa8, 0x2c, 0xc9, 0x9f, 0xce, 0x01, 0xdc, 0x38, 0x11, 0xab, 0x85, 0xb9, 0xe8, 0x00, 0x51, 0xfd, 0x82, 0xe1, 0x9b, 0x4e, 0xfc, 0xb5, 0x2a, 0x0f, 0x8b, 0xda, 0x4e, 0x02, 0xca, 0xcc, 0xe3, 0x91, 0xc4, 0xe0, 0xcf, 0x7b, 0xd6, 0xe6, 0x6a,
-	/* (2^197)P */ 0xfe, 0x11, 0xd7, 0xaa, 0xe3, 0x0c, 0x52, 0x2e, 0x04, 0xe0, 0xe0, 0x61, 0xc8, 0x05, 0xd7, 0x31, 0x4c, 0xc3, 0x9b, 0x2d, 0xce, 0x59, 0xbe, 0x12, 0xb7, 0x30, 0x21, 0xfc, 0x81, 0xb8, 0x5e, 0x57, 0x73, 0xd0, 0xad, 0x8e, 0x9e, 0xe4, 0xeb, 0xcd, 0xcf, 0xd2, 0x0f, 0x01, 0x35, 0x16, 0xed, 0x7a, 0x43, 0x8e, 0x42, 0xdc, 0xea, 0x4c, 0xa8, 0x7c,
-	/* (2^198)P */ 0x37, 0x26, 0xcc, 0x76, 0x0b, 0xe5, 0x76, 0xdd, 0x3e, 0x19, 0x3c, 0xc4, 0x6c, 0x7f, 0xd0, 0x03, 0xc1, 0xb8, 0x59, 0x82, 0xca, 0x36, 0xc1, 0xe4, 0xc8, 0xb2, 0x83, 0x69, 0x9c, 0xc5, 0x9d, 0x12, 0x82, 0x1c, 0xea, 0xb2, 0x84, 0x9f, 0xf3, 0x52, 0x6b, 0xbb, 0xd8, 0x81, 0x56, 0x83, 0x04, 0x66, 0x05, 0x22, 0x49, 0x37, 0x93, 0xb1, 0xfd, 0xd5,
-	/* (2^199)P */ 0xaf, 0x96, 0xbf, 0x03, 0xbe, 0xe6, 0x5d, 0x78, 0x19, 0xba, 0x37, 0x46, 0x0a, 0x2b, 0x52, 0x7c, 0xd8, 0x51, 0x9e, 0x3d, 0x29, 0x42, 0xdb, 0x0e, 0x31, 0x20, 0x94, 0xf8, 0x43, 0x9a, 0x2d, 0x22, 0xd3, 0xe3, 0xa1, 0x79, 0x68, 0xfb, 0x2d, 0x7e, 0xd6, 0x79, 0xda, 0x0b, 0xc6, 0x5b, 0x76, 0x68, 0xf0, 0xfe, 0x72, 0x59, 0xbb, 0xa1, 0x9c, 0x74,
-	/* (2^200)P */ 0x0a, 0xd9, 0xec, 0xc5, 0xbd, 0xf0, 0xda, 0xcf, 0x82, 0xab, 0x46, 0xc5, 0x32, 0x13, 0xdc, 0x5b, 0xac, 0xc3, 0x53, 0x9a, 0x7f, 0xef, 0xa5, 0x40, 0x5a, 0x1f, 0xc1, 0x12, 0x91, 0x54, 0x83, 0x6a, 0xb0, 0x9a, 0x85, 0x4d, 0xbf, 0x36, 0x8e, 0xd3, 0xa2, 0x2b, 0xe5, 0xd6, 0xc6, 0xe1, 0x58, 0x5b, 0x82, 0x9b, 0xc8, 0xf2, 0x03, 0xba, 0xf5, 0x92,
-	/* (2^201)P */ 0xfb, 0x21, 0x7e, 0xde, 0xe7, 0xb4, 0xc0, 0x56, 0x86, 0x3a, 0x5b, 0x78, 0xf8, 0xf0, 0xf4, 0xe7, 0x5c, 0x00, 0xd2, 0xd7, 0xd6, 0xf8, 0x75, 0x5e, 0x0f, 0x3e, 0xd1, 0x4b, 0x77, 0xd8, 0xad, 0xb0, 0xc9, 0x8b, 0x59, 0x7d, 0x30, 0x76, 0x64, 0x7a, 0x76, 0xd9, 0x51, 0x69, 0xfc, 0xbd, 0x8e, 0xb5, 0x55, 0xe0, 0xd2, 0x07, 0x15, 0xa9, 0xf7, 0xa4,
-	/* (2^202)P */ 0xaa, 0x2d, 0x2f, 0x2b, 0x3c, 0x15, 0xdd, 0xcd, 0xe9, 0x28, 0x82, 0x4f, 0xa2, 0xaa, 0x31, 0x48, 0xcc, 0xfa, 0x07, 0x73, 0x8a, 0x34, 0x74, 0x0d, 0xab, 0x1a, 0xca, 0xd2, 0xbf, 0x3a, 0xdb, 0x1a, 0x5f, 0x50, 0x62, 0xf4, 0x6b, 0x83, 0x38, 0x43, 0x96, 0xee, 0x6b, 0x39, 0x1e, 0xf0, 0x17, 0x80, 0x1e, 0x9b, 0xed, 0x2b, 0x2f, 0xcc, 0x65, 0xf7,
-	/* (2^203)P */ 0x03, 0xb3, 0x23, 0x9c, 0x0d, 0xd1, 0xeb, 0x7e, 0x34, 0x17, 0x8a, 0x4c, 0xde, 0x54, 0x39, 0xc4, 0x11, 0x82, 0xd3, 0xa4, 0x00, 0x32, 0x95, 0x9c, 0xa6, 0x64, 0x76, 0x6e, 0xd6, 0x53, 0x27, 0xb4, 0x6a, 0x14, 0x8c, 0x54, 0xf6, 0x58, 0x9e, 0x22, 0x4a, 0x55, 0x18, 0x77, 0xd0, 0x08, 0x6b, 0x19, 0x8a, 0xb5, 0xe7, 0x19, 0xb8, 0x60, 0x92, 0xb1,
-	/* (2^204)P */ 0x66, 0xec, 0xf3, 0x12, 0xde, 0x67, 0x7f, 0xd4, 0x5b, 0xf6, 0x70, 0x64, 0x0a, 0xb5, 0xc2, 0xf9, 0xb3, 0x64, 0xab, 0x56, 0x46, 0xc7, 0x93, 0xc2, 0x8b, 0x2d, 0xd0, 0xd6, 0x39, 0x3b, 0x1f, 0xcd, 0xb3, 0xac, 0xcc, 0x2c, 0x27, 0x6a, 0xbc, 0xb3, 0x4b, 0xa8, 0x3c, 0x69, 0x20, 0xe2, 0x18, 0x35, 0x17, 0xe1, 0x8a, 0xd3, 0x11, 0x74, 0xaa, 0x4d,
-	/* (2^205)P */ 0x96, 0xc4, 0x16, 0x7e, 0xfd, 0xf5, 0xd0, 0x7d, 0x1f, 0x32, 0x1b, 0xdb, 0xa6, 0xfd, 0x51, 0x75, 0x4d, 0xd7, 0x00, 0xe5, 0x7f, 0x58, 0x5b, 0xeb, 0x4b, 0x6a, 0x78, 0xfe, 0xe5, 0xd6, 0x8f, 0x99, 0x17, 0xca, 0x96, 0x45, 0xf7, 0x52, 0xdf, 0x84, 0x06, 0x77, 0xb9, 0x05, 0x63, 0x5d, 0xe9, 0x91, 0xb1, 0x4b, 0x82, 0x5a, 0xdb, 0xd7, 0xca, 0x69,
-	/* (2^206)P */ 0x02, 0xd3, 0x38, 0x38, 0x87, 0xea, 0xbd, 0x9f, 0x11, 0xca, 0xf3, 0x21, 0xf1, 0x9b, 0x35, 0x97, 0x98, 0xff, 0x8e, 0x6d, 0x3d, 0xd6, 0xb2, 0xfa, 0x68, 0xcb, 0x7e, 0x62, 0x85, 0xbb, 0xc7, 0x5d, 0xee, 0x32, 0x30, 0x2e, 0x71, 0x96, 0x63, 0x43, 0x98, 0xc4, 0xa7, 0xde, 0x60, 0xb2, 0xd9, 0x43, 0x4a, 0xfa, 0x97, 0x2d, 0x5f, 0x21, 0xd4, 0xfe,
-	/* (2^207)P */ 0x3b, 0x20, 0x29, 0x07, 0x07, 0xb5, 0x78, 0xc3, 0xc7, 0xab, 0x56, 0xba, 0x40, 0xde, 0x1d, 0xcf, 0xc3, 0x00, 0x56, 0x21, 0x0c, 0xc8, 0x42, 0xd9, 0x0e, 0xcd, 0x02, 0x7c, 0x07, 0xb9, 0x11, 0xd7, 0x96, 0xaf, 0xff, 0xad, 0xc5, 0xba, 0x30, 0x6d, 0x82, 0x3a, 0xbf, 0xef, 0x7b, 0xf7, 0x0a, 0x74, 0xbd, 0x31, 0x0c, 0xe4, 0xec, 0x1a, 0xe5, 0xc5,
-	/* (2^208)P */ 0xcc, 0xf2, 0x28, 0x16, 0x12, 0xbf, 0xef, 0x85, 0xbc, 0xf7, 0xcb, 0x9f, 0xdb, 0xa8, 0xb2, 0x49, 0x53, 0x48, 0xa8, 0x24, 0xa8, 0x68, 0x8d, 0xbb, 0x21, 0x0a, 0x5a, 0xbd, 0xb2, 0x91, 0x61, 0x47, 0xc4, 0x43, 0x08, 0xa6, 0x19, 0xef, 0x8e, 0x88, 0x39, 0xc6, 0x33, 0x30, 0xf3, 0x0e, 0xc5, 0x92, 0x66, 0xd6, 0xfe, 0xc5, 0x12, 0xd9, 0x4c, 0x2d,
-	/* (2^209)P */ 0x30, 0x34, 0x07, 0xbf, 0x9c, 0x5a, 0x4e, 0x65, 0xf1, 0x39, 0x35, 0x38, 0xae, 0x7b, 0x55, 0xac, 0x6a, 0x92, 0x24, 0x7e, 0x50, 0xd3, 0xba, 0x78, 0x51, 0xfe, 0x4d, 0x32, 0x05, 0x11, 0xf5, 0x52, 0xf1, 0x31, 0x45, 0x39, 0x98, 0x7b, 0x28, 0x56, 0xc3, 0x5d, 0x4f, 0x07, 0x6f, 0x84, 0xb8, 0x1a, 0x58, 0x0b, 0xc4, 0x7c, 0xc4, 0x8d, 0x32, 0x8e,
-	/* (2^210)P */ 0x7e, 0xaf, 0x98, 0xce, 0xc5, 0x2b, 0x9d, 0xf6, 0xfa, 0x2c, 0xb6, 0x2a, 0x5a, 0x1d, 0xc0, 0x24, 0x8d, 0xa4, 0xce, 0xb1, 0x12, 0x01, 0xf9, 0x79, 0xc6, 0x79, 0x38, 0x0c, 0xd4, 0x07, 0xc9, 0xf7, 0x37, 0xa1, 0x0b, 0xfe, 0x72, 0xec, 0x5d, 0xd6, 0xb0, 0x1c, 0x70, 0xbe, 0x70, 0x01, 0x13, 0xe0, 0x86, 0x95, 0xc7, 0x2e, 0x12, 0x3b, 0xe6, 0xa6,
-	/* (2^211)P */ 0x24, 0x82, 0x67, 0xe0, 0x14, 0x7b, 0x56, 0x08, 0x38, 0x44, 0xdb, 0xa0, 0x3a, 0x05, 0x47, 0xb2, 0xc0, 0xac, 0xd1, 0xcc, 0x3f, 0x82, 0xb8, 0x8a, 0x88, 0xbc, 0xf5, 0x33, 0xa1, 0x35, 0x0f, 0xf6, 0xe2, 0xef, 0x6c, 0xf7, 0x37, 0x9e, 0xe8, 0x10, 0xca, 0xb0, 0x8e, 0x80, 0x86, 0x00, 0x23, 0xd0, 0x4a, 0x76, 0x9f, 0xf7, 0x2c, 0x52, 0x15, 0x0e,
-	/* (2^212)P */ 0x5e, 0x49, 0xe1, 0x2c, 0x9a, 0x01, 0x76, 0xa6, 0xb3, 0x07, 0x5b, 0xa4, 0x07, 0xef, 0x1d, 0xc3, 0x6a, 0xbb, 0x64, 0xbe, 0x71, 0x15, 0x6e, 0x32, 0x31, 0x46, 0x9a, 0x9e, 0x8f, 0x45, 0x73, 0xce, 0x0b, 0x94, 0x1a, 0x52, 0x07, 0xf4, 0x50, 0x30, 0x49, 0x53, 0x50, 0xfb, 0x71, 0x1f, 0x5a, 0x03, 0xa9, 0x76, 0xf2, 0x8f, 0x42, 0xff, 0xed, 0xed,
-	/* (2^213)P */ 0xed, 0x08, 0xdb, 0x91, 0x1c, 0xee, 0xa2, 0xb4, 0x47, 0xa2, 0xfa, 0xcb, 0x03, 0xd1, 0xff, 0x8c, 0xad, 0x64, 0x50, 0x61, 0xcd, 0xfc, 0x88, 0xa0, 0x31, 0x95, 0x30, 0xb9, 0x58, 0xdd, 0xd7, 0x43, 0xe4, 0x46, 0xc2, 0x16, 0xd9, 0x72, 0x4a, 0x56, 0x51, 0x70, 0x85, 0xf1, 0xa1, 0x80, 0x40, 0xd5, 0xba, 0x67, 0x81, 0xda, 0xcd, 0x03, 0xea, 0x51,
-	/* (2^214)P */ 0x42, 0x50, 0xf0, 0xef, 0x37, 0x61, 0x72, 0x85, 0xe1, 0xf1, 0xff, 0x6f, 0x3d, 0xe8, 0x7b, 0x21, 0x5c, 0xe5, 0x50, 0x03, 0xde, 0x00, 0xc1, 0xf7, 0x3a, 0x55, 0x12, 0x1c, 0x9e, 0x1e, 0xce, 0xd1, 0x2f, 0xaf, 0x05, 0x70, 0x5b, 0x47, 0xf2, 0x04, 0x7a, 0x89, 0xbc, 0x78, 0xa6, 0x65, 0x6c, 0xaa, 0x3c, 0xa2, 0x3c, 0x8b, 0x5c, 0xa9, 0x22, 0x48,
-	/* (2^215)P */ 0x7e, 0x8c, 0x8f, 0x2f, 0x60, 0xe3, 0x5a, 0x94, 0xd4, 0xce, 0xdd, 0x9d, 0x83, 0x3b, 0x77, 0x78, 0x43, 0x1d, 0xfd, 0x8f, 0xc8, 0xe8, 0x02, 0x90, 0xab, 0xf6, 0xc9, 0xfc, 0xf1, 0x63, 0xaa, 0x5f, 0x42, 0xf1, 0x78, 0x34, 0x64, 0x16, 0x75, 0x9c, 0x7d, 0xd0, 0xe4, 0x74, 0x5a, 0xa8, 0xfb, 0xcb, 0xac, 0x20, 0xa3, 0xc2, 0xa6, 0x20, 0xf8, 0x1b,
-	/* (2^216)P */ 0x00, 0x4f, 0x1e, 0x56, 0xb5, 0x34, 0xb2, 0x87, 0x31, 0xe5, 0xee, 0x8d, 0xf1, 0x41, 0x67, 0xb7, 0x67, 0x3a, 0x54, 0x86, 0x5c, 0xf0, 0x0b, 0x37, 0x2f, 0x1b, 0x92, 0x5d, 0x58, 0x93, 0xdc, 0xd8, 0x58, 0xcc, 0x9e, 0x67, 0xd0, 0x97, 0x3a, 0xaf, 0x49, 0x39, 0x2d, 0x3b, 0xd8, 0x98, 0xfb, 0x76, 0x6b, 0xe7, 0xaf, 0xc3, 0x45, 0x44, 0x53, 0x94,
-	/* (2^217)P */ 0x30, 0xbd, 0x90, 0x75, 0xd3, 0xbd, 0x3b, 0x58, 0x27, 0x14, 0x9f, 0x6b, 0xd4, 0x31, 0x99, 0xcd, 0xde, 0x3a, 0x21, 0x1e, 0xb4, 0x02, 0xe4, 0x33, 0x04, 0x02, 0xb0, 0x50, 0x66, 0x68, 0x90, 0xdd, 0x7b, 0x69, 0x31, 0xd9, 0xcf, 0x68, 0x73, 0xf1, 0x60, 0xdd, 0xc8, 0x1d, 0x5d, 0xe3, 0xd6, 0x5b, 0x2a, 0xa4, 0xea, 0xc4, 0x3f, 0x08, 0xcd, 0x9c,
-	/* (2^218)P */ 0x6b, 0x1a, 0xbf, 0x55, 0xc1, 0x1b, 0x0c, 0x05, 0x09, 0xdf, 0xf5, 0x5e, 0xa3, 0x77, 0x95, 0xe9, 0xdf, 0x19, 0xdd, 0xc7, 0x94, 0xcb, 0x06, 0x73, 0xd0, 0x88, 0x02, 0x33, 0x94, 0xca, 0x7a, 0x2f, 0x8e, 0x3d, 0x72, 0x61, 0x2d, 0x4d, 0xa6, 0x61, 0x1f, 0x32, 0x5e, 0x87, 0x53, 0x36, 0x11, 0x15, 0x20, 0xb3, 0x5a, 0x57, 0x51, 0x93, 0x20, 0xd8,
-	/* (2^219)P */ 0xb7, 0x56, 0xf4, 0xab, 0x7d, 0x0c, 0xfb, 0x99, 0x1a, 0x30, 0x29, 0xb0, 0x75, 0x2a, 0xf8, 0x53, 0x71, 0x23, 0xbd, 0xa7, 0xd8, 0x0a, 0xe2, 0x27, 0x65, 0xe9, 0x74, 0x26, 0x98, 0x4a, 0x69, 0x19, 0xb2, 0x4d, 0x0a, 0x17, 0x98, 0xb2, 0xa9, 0x57, 0x4e, 0xf6, 0x86, 0xc8, 0x01, 0xa4, 0xc6, 0x98, 0xad, 0x5a, 0x90, 0x2c, 0x05, 0x46, 0x64, 0xb7,
-	/* (2^220)P */ 0x7b, 0x91, 0xdf, 0xfc, 0xf8, 0x1c, 0x8c, 0x15, 0x9e, 0xf7, 0xd5, 0xa8, 0xe8, 0xe7, 0xe3, 0xa3, 0xb0, 0x04, 0x74, 0xfa, 0x78, 0xfb, 0x26, 0xbf, 0x67, 0x42, 0xf9, 0x8c, 0x9b, 0xb4, 0x69, 0x5b, 0x02, 0x13, 0x6d, 0x09, 0x6c, 0xd6, 0x99, 0x61, 0x7b, 0x89, 0x4a, 0x67, 0x75, 0xa3, 0x98, 0x13, 0x23, 0x1d, 0x18, 0x24, 0x0e, 0xef, 0x41, 0x79,
-	/* (2^221)P */ 0x86, 0x33, 0xab, 0x08, 0xcb, 0xbf, 0x1e, 0x76, 0x3c, 0x0b, 0xbd, 0x30, 0xdb, 0xe9, 0xa3, 0x35, 0x87, 0x1b, 0xe9, 0x07, 0x00, 0x66, 0x7f, 0x3b, 0x35, 0x0c, 0x8a, 0x3f, 0x61, 0xbc, 0xe0, 0xae, 0xf6, 0xcc, 0x54, 0xe1, 0x72, 0x36, 0x2d, 0xee, 0x93, 0x24, 0xf8, 0xd7, 0xc5, 0xf9, 0xcb, 0xb0, 0xe5, 0x88, 0x0d, 0x23, 0x4b, 0x76, 0x15, 0xa2,
-	/* (2^222)P */ 0x37, 0xdb, 0x83, 0xd5, 0x6d, 0x06, 0x24, 0x37, 0x1b, 0x15, 0x85, 0x15, 0xe2, 0xc0, 0x4e, 0x02, 0xa9, 0x6d, 0x0a, 0x3a, 0x94, 0x4a, 0x6f, 0x49, 0x00, 0x01, 0x72, 0xbb, 0x60, 0x14, 0x35, 0xae, 0xb4, 0xc6, 0x01, 0x0a, 0x00, 0x9e, 0xc3, 0x58, 0xc5, 0xd1, 0x5e, 0x30, 0x73, 0x96, 0x24, 0x85, 0x9d, 0xf0, 0xf9, 0xec, 0x09, 0xd3, 0xe7, 0x70,
-	/* (2^223)P */ 0xf3, 0xbd, 0x96, 0x87, 0xe9, 0x71, 0xbd, 0xd6, 0xa2, 0x45, 0xeb, 0x0a, 0xcd, 0x2c, 0xf1, 0x72, 0xa6, 0x31, 0xa9, 0x6f, 0x09, 0xa1, 0x5e, 0xdd, 0xc8, 0x8d, 0x0d, 0xbc, 0x5a, 0x8d, 0xb1, 0x2c, 0x9a, 0xcc, 0x37, 0x74, 0xc2, 0xa9, 0x4e, 0xd6, 0xc0, 0x3c, 0xa0, 0x23, 0xb0, 0xa0, 0x77, 0x14, 0x80, 0x45, 0x71, 0x6a, 0x2d, 0x41, 0xc3, 0x82,
-	/* (2^224)P */ 0x37, 0x44, 0xec, 0x8a, 0x3e, 0xc1, 0x0c, 0xa9, 0x12, 0x9c, 0x08, 0x88, 0xcb, 0xd9, 0xf8, 0xba, 0x00, 0xd6, 0xc3, 0xdf, 0xef, 0x7a, 0x44, 0x7e, 0x25, 0x69, 0xc9, 0xc1, 0x46, 0xe5, 0x20, 0x9e, 0xcc, 0x0b, 0x05, 0x3e, 0xf4, 0x78, 0x43, 0x0c, 0xa6, 0x2f, 0xc1, 0xfa, 0x70, 0xb2, 0x3c, 0x31, 0x7a, 0x63, 0x58, 0xab, 0x17, 0xcf, 0x4c, 0x4f,
-	/* (2^225)P */ 0x2b, 0x08, 0x31, 0x59, 0x75, 0x8b, 0xec, 0x0a, 0xa9, 0x79, 0x70, 0xdd, 0xf1, 0x11, 0xc3, 0x11, 0x1f, 0xab, 0x37, 0xaa, 0x26, 0xea, 0x53, 0xc4, 0x79, 0xa7, 0x91, 0x00, 0xaa, 0x08, 0x42, 0xeb, 0x8b, 0x8b, 0xe8, 0xc3, 0x2f, 0xb8, 0x78, 0x90, 0x38, 0x0e, 0x8a, 0x42, 0x0c, 0x0f, 0xbf, 0x3e, 0xf8, 0xd8, 0x07, 0xcf, 0x6a, 0x34, 0xc9, 0xfa,
-	/* (2^226)P */ 0x11, 0xe0, 0x76, 0x4d, 0x23, 0xc5, 0xa6, 0xcc, 0x9f, 0x9a, 0x2a, 0xde, 0x3a, 0xb5, 0x92, 0x39, 0x19, 0x8a, 0xf1, 0x8d, 0xf9, 0x4d, 0xc9, 0xb4, 0x39, 0x9f, 0x57, 0xd8, 0x72, 0xab, 0x1d, 0x61, 0x6a, 0xb2, 0xff, 0x52, 0xba, 0x54, 0x0e, 0xfb, 0x83, 0x30, 0x8a, 0xf7, 0x3b, 0xf4, 0xd8, 0xae, 0x1a, 0x94, 0x3a, 0xec, 0x63, 0xfe, 0x6e, 0x7c,
-	/* (2^227)P */ 0xdc, 0x70, 0x8e, 0x55, 0x44, 0xbf, 0xd2, 0x6a, 0xa0, 0x14, 0x61, 0x89, 0xd5, 0x55, 0x45, 0x3c, 0xf6, 0x40, 0x0d, 0x83, 0x85, 0x44, 0xb4, 0x62, 0x56, 0xfe, 0x60, 0xd7, 0x07, 0x1d, 0x47, 0x30, 0x3b, 0x73, 0xa4, 0xb5, 0xb7, 0xea, 0xac, 0xda, 0xf1, 0x17, 0xaa, 0x60, 0xdf, 0xe9, 0x84, 0xda, 0x31, 0x32, 0x61, 0xbf, 0xd0, 0x7e, 0x8a, 0x02,
-	/* (2^228)P */ 0xb9, 0x51, 0xb3, 0x89, 0x21, 0x5d, 0xa2, 0xfe, 0x79, 0x2a, 0xb3, 0x2a, 0x3b, 0xe6, 0x6f, 0x2b, 0x22, 0x03, 0xea, 0x7b, 0x1f, 0xaf, 0x85, 0xc3, 0x38, 0x55, 0x5b, 0x8e, 0xb4, 0xaa, 0x77, 0xfe, 0x03, 0x6e, 0xda, 0x91, 0x24, 0x0c, 0x48, 0x39, 0x27, 0x43, 0x16, 0xd2, 0x0a, 0x0d, 0x43, 0xa3, 0x0e, 0xca, 0x45, 0xd1, 0x7f, 0xf5, 0xd3, 0x16,
-	/* (2^229)P */ 0x3d, 0x32, 0x9b, 0x38, 0xf8, 0x06, 0x93, 0x78, 0x5b, 0x50, 0x2b, 0x06, 0xd8, 0x66, 0xfe, 0xab, 0x9b, 0x58, 0xc7, 0xd1, 0x4d, 0xd5, 0xf8, 0x3b, 0x10, 0x7e, 0x85, 0xde, 0x58, 0x4e, 0xdf, 0x53, 0xd9, 0x58, 0xe0, 0x15, 0x81, 0x9f, 0x1a, 0x78, 0xfc, 0x9f, 0x10, 0xc2, 0x23, 0xd6, 0x78, 0xd1, 0x9d, 0xd2, 0xd5, 0x1c, 0x53, 0xe2, 0xc9, 0x76,
-	/* (2^230)P */ 0x98, 0x1e, 0x38, 0x7b, 0x71, 0x18, 0x4b, 0x15, 0xaf, 0xa1, 0xa6, 0x98, 0xcb, 0x26, 0xa3, 0xc8, 0x07, 0x46, 0xda, 0x3b, 0x70, 0x65, 0xec, 0x7a, 0x2b, 0x34, 0x94, 0xa8, 0xb6, 0x14, 0xf8, 0x1a, 0xce, 0xf7, 0xc8, 0x60, 0xf3, 0x88, 0xf4, 0x33, 0x60, 0x7b, 0xd1, 0x02, 0xe7, 0xda, 0x00, 0x4a, 0xea, 0xd2, 0xfd, 0x88, 0xd2, 0x99, 0x28, 0xf3,
-	/* (2^231)P */ 0x28, 0x24, 0x1d, 0x26, 0xc2, 0xeb, 0x8b, 0x3b, 0xb4, 0x6b, 0xbe, 0x6b, 0x77, 0xff, 0xf3, 0x21, 0x3b, 0x26, 0x6a, 0x8c, 0x8e, 0x2a, 0x44, 0xa8, 0x01, 0x2b, 0x71, 0xea, 0x64, 0x30, 0xfd, 0xfd, 0x95, 0xcb, 0x39, 0x38, 0x48, 0xfa, 0x96, 0x97, 0x8c, 0x2f, 0x33, 0xca, 0x03, 0xe6, 0xd7, 0x94, 0x55, 0x6c, 0xc3, 0xb3, 0xa8, 0xf7, 0xae, 0x8c,
-	/* (2^232)P */ 0xea, 0x62, 0x8a, 0xb4, 0xeb, 0x74, 0xf7, 0xb8, 0xae, 0xc5, 0x20, 0x71, 0x06, 0xd6, 0x7c, 0x62, 0x9b, 0x69, 0x74, 0xef, 0xa7, 0x6d, 0xd6, 0x8c, 0x37, 0xb9, 0xbf, 0xcf, 0xeb, 0xe4, 0x2f, 0x04, 0x02, 0x21, 0x7d, 0x75, 0x6b, 0x92, 0x48, 0xf8, 0x70, 0xad, 0x69, 0xe2, 0xea, 0x0e, 0x88, 0x67, 0x72, 0xcc, 0x2d, 0x10, 0xce, 0x2d, 0xcf, 0x65,
-	/* (2^233)P */ 0x49, 0xf3, 0x57, 0x64, 0xe5, 0x5c, 0xc5, 0x65, 0x49, 0x97, 0xc4, 0x8a, 0xcc, 0xa9, 0xca, 0x94, 0x7b, 0x86, 0x88, 0xb6, 0x51, 0x27, 0x69, 0xa5, 0x0f, 0x8b, 0x06, 0x59, 0xa0, 0x94, 0xef, 0x63, 0x1a, 0x01, 0x9e, 0x4f, 0xd2, 0x5a, 0x93, 0xc0, 0x7c, 0xe6, 0x61, 0x77, 0xb6, 0xf5, 0x40, 0xd9, 0x98, 0x43, 0x5b, 0x56, 0x68, 0xe9, 0x37, 0x8f,
-	/* (2^234)P */ 0xee, 0x87, 0xd2, 0x05, 0x1b, 0x39, 0x89, 0x10, 0x07, 0x6d, 0xe8, 0xfd, 0x8b, 0x4d, 0xb2, 0xa7, 0x7b, 0x1e, 0xa0, 0x6c, 0x0d, 0x3d, 0x3d, 0x49, 0xba, 0x61, 0x36, 0x1f, 0xc2, 0x84, 0x4a, 0xcc, 0x87, 0xa9, 0x1b, 0x23, 0x04, 0xe2, 0x3e, 0x97, 0xe1, 0xdb, 0xd5, 0x5a, 0xe8, 0x41, 0x6b, 0xe5, 0x5a, 0xa1, 0x99, 0xe5, 0x7b, 0xa7, 0xe0, 0x3b,
-	/* (2^235)P */ 0xea, 0xa3, 0x6a, 0xdd, 0x77, 0x7f, 0x77, 0x41, 0xc5, 0x6a, 0xe4, 0xaf, 0x11, 0x5f, 0x88, 0xa5, 0x10, 0xee, 0xd0, 0x8c, 0x0c, 0xb4, 0xa5, 0x2a, 0xd0, 0xd8, 0x1d, 0x47, 0x06, 0xc0, 0xd5, 0xce, 0x51, 0x54, 0x9b, 0x2b, 0xe6, 0x2f, 0xe7, 0xe7, 0x31, 0x5f, 0x5c, 0x23, 0x81, 0x3e, 0x03, 0x93, 0xaa, 0x2d, 0x71, 0x84, 0xa0, 0x89, 0x32, 0xa6,
-	/* (2^236)P */ 0x55, 0xa3, 0x13, 0x92, 0x4e, 0x93, 0x7d, 0xec, 0xca, 0x57, 0xfb, 0x37, 0xae, 0xd2, 0x18, 0x2e, 0x54, 0x05, 0x6c, 0xd1, 0x28, 0xca, 0x90, 0x40, 0x82, 0x2e, 0x79, 0xc6, 0x5a, 0xc7, 0xdd, 0x84, 0x93, 0xdf, 0x15, 0xb8, 0x1f, 0xb1, 0xf9, 0xaf, 0x2c, 0xe5, 0x32, 0xcd, 0xc2, 0x99, 0x6d, 0xac, 0x85, 0x5c, 0x63, 0xd3, 0xe2, 0xff, 0x24, 0xda,
-	/* (2^237)P */ 0x2d, 0x8d, 0xfd, 0x65, 0xcc, 0xe5, 0x02, 0xa0, 0xe5, 0xb9, 0xec, 0x59, 0x09, 0x50, 0x27, 0xb7, 0x3d, 0x2a, 0x79, 0xb2, 0x76, 0x5d, 0x64, 0x95, 0xf8, 0xc5, 0xaf, 0x8a, 0x62, 0x11, 0x5c, 0x56, 0x1c, 0x05, 0x64, 0x9e, 0x5e, 0xbd, 0x54, 0x04, 0xe6, 0x9e, 0xab, 0xe6, 0x22, 0x7e, 0x42, 0x54, 0xb5, 0xa5, 0xd0, 0x8d, 0x28, 0x6b, 0x0f, 0x0b,
-	/* (2^238)P */ 0x2d, 0xb2, 0x8c, 0x59, 0x10, 0x37, 0x84, 0x3b, 0x9b, 0x65, 0x1b, 0x0f, 0x10, 0xf9, 0xea, 0x60, 0x1b, 0x02, 0xf5, 0xee, 0x8b, 0xe6, 0x32, 0x7d, 0x10, 0x7f, 0x5f, 0x8c, 0x72, 0x09, 0x4e, 0x1f, 0x29, 0xff, 0x65, 0xcb, 0x3e, 0x3a, 0xd2, 0x96, 0x50, 0x1e, 0xea, 0x64, 0x99, 0xb5, 0x4c, 0x7a, 0x69, 0xb8, 0x95, 0xae, 0x48, 0xc0, 0x7c, 0xb1,
-	/* (2^239)P */ 0xcd, 0x7c, 0x4f, 0x3e, 0xea, 0xf3, 0x90, 0xcb, 0x12, 0x76, 0xd1, 0x17, 0xdc, 0x0d, 0x13, 0x0f, 0xfd, 0x4d, 0xb5, 0x1f, 0xe4, 0xdd, 0xf2, 0x4d, 0x58, 0xea, 0xa5, 0x66, 0x92, 0xcf, 0xe5, 0x54, 0xea, 0x9b, 0x35, 0x83, 0x1a, 0x44, 0x8e, 0x62, 0x73, 0x45, 0x98, 0xa3, 0x89, 0x95, 0x52, 0x93, 0x1a, 0x8d, 0x63, 0x0f, 0xc2, 0x57, 0x3c, 0xb1,
-	/* (2^240)P */ 0x72, 0xb4, 0xdf, 0x51, 0xb7, 0xf6, 0x52, 0xa2, 0x14, 0x56, 0xe5, 0x0a, 0x2e, 0x75, 0x81, 0x02, 0xee, 0x93, 0x48, 0x0a, 0x92, 0x4e, 0x0c, 0x0f, 0xdf, 0x09, 0x89, 0x99, 0xf6, 0xf9, 0x22, 0xa2, 0x32, 0xf8, 0xb0, 0x76, 0x0c, 0xb2, 0x4d, 0x6e, 0xbe, 0x83, 0x35, 0x61, 0x44, 0xd2, 0x58, 0xc7, 0xdd, 0x14, 0xcf, 0xc3, 0x4b, 0x7c, 0x07, 0xee,
-	/* (2^241)P */ 0x8b, 0x03, 0xee, 0xcb, 0xa7, 0x2e, 0x28, 0xbd, 0x97, 0xd1, 0x4c, 0x2b, 0xd1, 0x92, 0x67, 0x5b, 0x5a, 0x12, 0xbf, 0x29, 0x17, 0xfc, 0x50, 0x09, 0x74, 0x76, 0xa2, 0xd4, 0x82, 0xfd, 0x2c, 0x0c, 0x90, 0xf7, 0xe7, 0xe5, 0x9a, 0x2c, 0x16, 0x40, 0xb9, 0x6c, 0xd9, 0xe0, 0x22, 0x9e, 0xf8, 0xdd, 0x73, 0xe4, 0x7b, 0x9e, 0xbe, 0x4f, 0x66, 0x22,
-	/* (2^242)P */ 0xa4, 0x10, 0xbe, 0xb8, 0x83, 0x3a, 0x77, 0x8e, 0xea, 0x0a, 0xc4, 0x97, 0x3e, 0xb6, 0x6c, 0x81, 0xd7, 0x65, 0xd9, 0xf7, 0xae, 0xe6, 0xbe, 0xab, 0x59, 0x81, 0x29, 0x4b, 0xff, 0xe1, 0x0f, 0xc3, 0x2b, 0xad, 0x4b, 0xef, 0xc4, 0x50, 0x9f, 0x88, 0x31, 0xf2, 0xde, 0x80, 0xd6, 0xf4, 0x20, 0x9c, 0x77, 0x9b, 0xbe, 0xbe, 0x08, 0xf5, 0xf0, 0x95,
-	/* (2^243)P */ 0x0e, 0x7c, 0x7b, 0x7c, 0xb3, 0xd8, 0x83, 0xfc, 0x8c, 0x75, 0x51, 0x74, 0x1b, 0xe1, 0x6d, 0x11, 0x05, 0x46, 0x24, 0x0d, 0xa4, 0x2b, 0x32, 0xfd, 0x2c, 0x4e, 0x21, 0xdf, 0x39, 0x6b, 0x96, 0xfc, 0xff, 0x92, 0xfc, 0x35, 0x0d, 0x9a, 0x4b, 0xc0, 0x70, 0x46, 0x32, 0x7d, 0xc0, 0xc4, 0x04, 0xe0, 0x2d, 0x83, 0xa7, 0x00, 0xc7, 0xcb, 0xb4, 0x8f,
-	/* (2^244)P */ 0xa9, 0x5a, 0x7f, 0x0e, 0xdd, 0x2c, 0x85, 0xaa, 0x4d, 0xac, 0xde, 0xb3, 0xb6, 0xaf, 0xe6, 0xd1, 0x06, 0x7b, 0x2c, 0xa4, 0x01, 0x19, 0x22, 0x7d, 0x78, 0xf0, 0x3a, 0xea, 0x89, 0xfe, 0x21, 0x61, 0x6d, 0xb8, 0xfe, 0xa5, 0x2a, 0xab, 0x0d, 0x7b, 0x51, 0x39, 0xb6, 0xde, 0xbc, 0xf0, 0xc5, 0x48, 0xd7, 0x09, 0x82, 0x6e, 0x66, 0x75, 0xc5, 0xcd,
-	/* (2^245)P */ 0xee, 0xdf, 0x2b, 0x6c, 0xa8, 0xde, 0x61, 0xe1, 0x27, 0xfa, 0x2a, 0x0f, 0x68, 0xe7, 0x7a, 0x9b, 0x13, 0xe9, 0x56, 0xd2, 0x1c, 0x3d, 0x2f, 0x3c, 0x7a, 0xf6, 0x6f, 0x45, 0xee, 0xe8, 0xf4, 0xa0, 0xa6, 0xe8, 0xa5, 0x27, 0xee, 0xf2, 0x85, 0xa9, 0xd5, 0x0e, 0xa9, 0x26, 0x60, 0xfe, 0xee, 0xc7, 0x59, 0x99, 0x5e, 0xa3, 0xdf, 0x23, 0x36, 0xd5,
-	/* (2^246)P */ 0x15, 0x66, 0x6f, 0xd5, 0x78, 0xa4, 0x0a, 0xf7, 0xb1, 0xe8, 0x75, 0x6b, 0x48, 0x7d, 0xa6, 0x4d, 0x3d, 0x36, 0x9b, 0xc7, 0xcc, 0x68, 0x9a, 0xfe, 0x2f, 0x39, 0x2a, 0x51, 0x31, 0x39, 0x7d, 0x73, 0x6f, 0xc8, 0x74, 0x72, 0x6f, 0x6e, 0xda, 0x5f, 0xad, 0x48, 0xc8, 0x40, 0xe1, 0x06, 0x01, 0x36, 0xa1, 0x88, 0xc8, 0x99, 0x9c, 0xd1, 0x11, 0x8f,
-	/* (2^247)P */ 0xab, 0xc5, 0xcb, 0xcf, 0xbd, 0x73, 0x21, 0xd0, 0x82, 0xb1, 0x2e, 0x2d, 0xd4, 0x36, 0x1b, 0xed, 0xa9, 0x8a, 0x26, 0x79, 0xc4, 0x17, 0xae, 0xe5, 0x09, 0x0a, 0x0c, 0xa4, 0x21, 0xa0, 0x6e, 0xdd, 0x62, 0x8e, 0x44, 0x62, 0xcc, 0x50, 0xff, 0x93, 0xb3, 0x9a, 0x72, 0x8c, 0x3f, 0xa1, 0xa6, 0x4d, 0x87, 0xd5, 0x1c, 0x5a, 0xc0, 0x0b, 0x1a, 0xd6,
-	/* (2^248)P */ 0x67, 0x36, 0x6a, 0x1f, 0x96, 0xe5, 0x80, 0x20, 0xa9, 0xe8, 0x0b, 0x0e, 0x21, 0x29, 0x3f, 0xc8, 0x0a, 0x6d, 0x27, 0x47, 0xca, 0xd9, 0x05, 0x55, 0xbf, 0x11, 0xcf, 0x31, 0x7a, 0x37, 0xc7, 0x90, 0xa9, 0xf4, 0x07, 0x5e, 0xd5, 0xc3, 0x92, 0xaa, 0x95, 0xc8, 0x23, 0x2a, 0x53, 0x45, 0xe3, 0x3a, 0x24, 0xe9, 0x67, 0x97, 0x3a, 0x82, 0xf9, 0xa6,
-	/* (2^249)P */ 0x92, 0x9e, 0x6d, 0x82, 0x67, 0xe9, 0xf9, 0x17, 0x96, 0x2c, 0xa7, 0xd3, 0x89, 0xf9, 0xdb, 0xd8, 0x20, 0xc6, 0x2e, 0xec, 0x4a, 0x76, 0x64, 0xbf, 0x27, 0x40, 0xe2, 0xb4, 0xdf, 0x1f, 0xa0, 0xef, 0x07, 0x80, 0xfb, 0x8e, 0x12, 0xf8, 0xb8, 0xe1, 0xc6, 0xdf, 0x7c, 0x69, 0x35, 0x5a, 0xe1, 0x8e, 0x5d, 0x69, 0x84, 0x56, 0xb6, 0x31, 0x1c, 0x0b,
-	/* (2^250)P */ 0xd6, 0x94, 0x5c, 0xef, 0xbb, 0x46, 0x45, 0x44, 0x5b, 0xa1, 0xae, 0x03, 0x65, 0xdd, 0xb5, 0x66, 0x88, 0x35, 0x29, 0x95, 0x16, 0x54, 0xa6, 0xf5, 0xc9, 0x78, 0x34, 0xe6, 0x0f, 0xc4, 0x2b, 0x5b, 0x79, 0x51, 0x68, 0x48, 0x3a, 0x26, 0x87, 0x05, 0x70, 0xaf, 0x8b, 0xa6, 0xc7, 0x2e, 0xb3, 0xa9, 0x10, 0x01, 0xb0, 0xb9, 0x31, 0xfd, 0xdc, 0x80,
-	/* (2^251)P */ 0x25, 0xf2, 0xad, 0xd6, 0x75, 0xa3, 0x04, 0x05, 0x64, 0x8a, 0x97, 0x60, 0x27, 0x2a, 0xe5, 0x6d, 0xb0, 0x73, 0xf4, 0x07, 0x2a, 0x9d, 0xe9, 0x46, 0xb4, 0x1c, 0x51, 0xf8, 0x63, 0x98, 0x7e, 0xe5, 0x13, 0x51, 0xed, 0x98, 0x65, 0x98, 0x4f, 0x8f, 0xe7, 0x7e, 0x72, 0xd7, 0x64, 0x11, 0x2f, 0xcd, 0x12, 0xf8, 0xc4, 0x63, 0x52, 0x0f, 0x7f, 0xc4,
-	/* (2^252)P */ 0x5c, 0xd9, 0x85, 0x63, 0xc7, 0x8a, 0x65, 0x9a, 0x25, 0x83, 0x31, 0x73, 0x49, 0xf0, 0x93, 0x96, 0x70, 0x67, 0x6d, 0xb1, 0xff, 0x95, 0x54, 0xe4, 0xf8, 0x15, 0x6c, 0x5f, 0xbd, 0xf6, 0x0f, 0x38, 0x7b, 0x68, 0x7d, 0xd9, 0x3d, 0xf0, 0xa9, 0xa0, 0xe4, 0xd1, 0xb6, 0x34, 0x6d, 0x14, 0x16, 0xc2, 0x4c, 0x30, 0x0e, 0x67, 0xd3, 0xbe, 0x2e, 0xc0,
-	/* (2^253)P */ 0x06, 0x6b, 0x52, 0xc8, 0x14, 0xcd, 0xae, 0x03, 0x93, 0xea, 0xc1, 0xf2, 0xf6, 0x8b, 0xc5, 0xb6, 0xdc, 0x82, 0x42, 0x29, 0x94, 0xe0, 0x25, 0x6c, 0x3f, 0x9f, 0x5d, 0xe4, 0x96, 0xf6, 0x8e, 0x3f, 0xf9, 0x72, 0xc4, 0x77, 0x60, 0x8b, 0xa4, 0xf9, 0xa8, 0xc3, 0x0a, 0x81, 0xb1, 0x97, 0x70, 0x18, 0xab, 0xea, 0x37, 0x8a, 0x08, 0xc7, 0xe2, 0x95,
-	/* (2^254)P */ 0x94, 0x49, 0xd9, 0x5f, 0x76, 0x72, 0x82, 0xad, 0x2d, 0x50, 0x1a, 0x7a, 0x5b, 0xe6, 0x95, 0x1e, 0x95, 0x65, 0x87, 0x1c, 0x52, 0xd7, 0x44, 0xe6, 0x9b, 0x56, 0xcd, 0x6f, 0x05, 0xff, 0x67, 0xc5, 0xdb, 0xa2, 0xac, 0xe4, 0xa2, 0x28, 0x63, 0x5f, 0xfb, 0x0c, 0x3b, 0xf1, 0x87, 0xc3, 0x36, 0x78, 0x3f, 0x77, 0xfa, 0x50, 0x85, 0xf9, 0xd7, 0x82,
-	/* (2^255)P */ 0x64, 0xc0, 0xe0, 0xd8, 0x2d, 0xed, 0xcb, 0x6a, 0xfd, 0xcd, 0xbc, 0x7e, 0x9f, 0xc8, 0x85, 0xe9, 0xc1, 0x7c, 0x0f, 0xe5, 0x18, 0xea, 0xd4, 0x51, 0xad, 0x59, 0x13, 0x75, 0xd9, 0x3d, 0xd4, 0x8a, 0xb2, 0xbe, 0x78, 0x52, 0x2b, 0x52, 0x94, 0x37, 0x41, 0xd6, 0xb4, 0xb6, 0x45, 0x20, 0x76, 0xe0, 0x1f, 0x31, 0xdb, 0xb1, 0xa1, 0x43, 0xf0, 0x18,
-	/* (2^256)P */ 0x74, 0xa9, 0xa4, 0xa9, 0xdd, 0x6e, 0x3e, 0x68, 0xe5, 0xc3, 0x2e, 0x92, 0x17, 0xa4, 0xcb, 0x80, 0xb1, 0xf0, 0x06, 0x93, 0xef, 0xe6, 0x00, 0xe6, 0x3b, 0xb1, 0x32, 0x65, 0x7b, 0x83, 0xb6, 0x8a, 0x49, 0x1b, 0x14, 0x89, 0xee, 0xba, 0xf5, 0x6a, 0x8d, 0x36, 0xef, 0xb0, 0xd8, 0xb2, 0x16, 0x99, 0x17, 0x35, 0x02, 0x16, 0x55, 0x58, 0xdd, 0x82,
-	/* (2^257)P */ 0x36, 0x95, 0xe8, 0xf4, 0x36, 0x42, 0xbb, 0xc5, 0x3e, 0xfa, 0x30, 0x84, 0x9e, 0x59, 0xfd, 0xd2, 0x95, 0x42, 0xf8, 0x64, 0xd9, 0xb9, 0x0e, 0x9f, 0xfa, 0xd0, 0x7b, 0x20, 0x31, 0x77, 0x48, 0x29, 0x4d, 0xd0, 0x32, 0x57, 0x56, 0x30, 0xa6, 0x17, 0x53, 0x04, 0xbf, 0x08, 0x28, 0xec, 0xb8, 0x46, 0xc1, 0x03, 0x89, 0xdc, 0xed, 0xa0, 0x35, 0x53,
-	/* (2^258)P */ 0xc5, 0x7f, 0x9e, 0xd8, 0xc5, 0xba, 0x5f, 0x68, 0xc8, 0x23, 0x75, 0xea, 0x0d, 0xd9, 0x5a, 0xfd, 0x61, 0x1a, 0xa3, 0x2e, 0x45, 0x63, 0x14, 0x55, 0x86, 0x21, 0x29, 0xbe, 0xef, 0x5e, 0x50, 0xe5, 0x18, 0x59, 0xe7, 0xe3, 0xce, 0x4d, 0x8c, 0x15, 0x8f, 0x89, 0x66, 0x44, 0x52, 0x3d, 0xfa, 0xc7, 0x9a, 0x59, 0x90, 0x8e, 0xc0, 0x06, 0x3f, 0xc9,
-	/* (2^259)P */ 0x8e, 0x04, 0xd9, 0x16, 0x50, 0x1d, 0x8c, 0x9f, 0xd5, 0xe3, 0xce, 0xfd, 0x47, 0x04, 0x27, 0x4d, 0xc2, 0xfa, 0x71, 0xd9, 0x0b, 0xb8, 0x65, 0xf4, 0x11, 0xf3, 0x08, 0xee, 0x81, 0xc8, 0x67, 0x99, 0x0b, 0x8d, 0x77, 0xa3, 0x4f, 0xb5, 0x9b, 0xdb, 0x26, 0xf1, 0x97, 0xeb, 0x04, 0x54, 0xeb, 0x80, 0x08, 0x1d, 0x1d, 0xf6, 0x3d, 0x1f, 0x5a, 0xb8,
-	/* (2^260)P */ 0xb7, 0x9c, 0x9d, 0xee, 0xb9, 0x5c, 0xad, 0x0d, 0x9e, 0xfd, 0x60, 0x3c, 0x27, 0x4e, 0xa2, 0x95, 0xfb, 0x64, 0x7e, 0x79, 0x64, 0x87, 0x10, 0xb4, 0x73, 0xe0, 0x9d, 0x46, 0x4d, 0x3d, 0xee, 0x83, 0xe4, 0x16, 0x88, 0x97, 0xe6, 0x4d, 0xba, 0x70, 0xb6, 0x96, 0x7b, 0xff, 0x4b, 0xc8, 0xcf, 0x72, 0x83, 0x3e, 0x5b, 0x24, 0x2e, 0x57, 0xf1, 0x82,
-	/* (2^261)P */ 0x30, 0x71, 0x40, 0x51, 0x4f, 0x44, 0xbb, 0xc7, 0xf0, 0x54, 0x6e, 0x9d, 0xeb, 0x15, 0xad, 0xf8, 0x61, 0x43, 0x5a, 0xef, 0xc0, 0xb1, 0x57, 0xae, 0x03, 0x40, 0xe8, 0x68, 0x6f, 0x03, 0x20, 0x4f, 0x8a, 0x51, 0x2a, 0x9e, 0xd2, 0x45, 0xaf, 0xb4, 0xf5, 0xd4, 0x95, 0x7f, 0x3d, 0x3d, 0xb7, 0xb6, 0x28, 0xc5, 0x08, 0x8b, 0x44, 0xd6, 0x3f, 0xe7,
-	/* (2^262)P */ 0xa9, 0x52, 0x04, 0x67, 0xcb, 0x20, 0x63, 0xf8, 0x18, 0x01, 0x44, 0x21, 0x6a, 0x8a, 0x83, 0x48, 0xd4, 0xaf, 0x23, 0x0f, 0x35, 0x8d, 0xe5, 0x5a, 0xc4, 0x7c, 0x55, 0x46, 0x19, 0x5f, 0x35, 0xe0, 0x5d, 0x97, 0x4c, 0x2d, 0x04, 0xed, 0x59, 0xd4, 0xb0, 0xb2, 0xc6, 0xe3, 0x51, 0xe1, 0x38, 0xc6, 0x30, 0x49, 0x8f, 0xae, 0x61, 0x64, 0xce, 0xa8,
-	/* (2^263)P */ 0x9b, 0x64, 0x83, 0x3c, 0xd3, 0xdf, 0xb9, 0x27, 0xe7, 0x5b, 0x7f, 0xeb, 0xf3, 0x26, 0xcf, 0xb1, 0x8f, 0xaf, 0x26, 0xc8, 0x48, 0xce, 0xa1, 0xac, 0x7d, 0x10, 0x34, 0x28, 0xe1, 0x1f, 0x69, 0x03, 0x64, 0x77, 0x61, 0xdd, 0x4a, 0x9b, 0x18, 0x47, 0xf8, 0xca, 0x63, 0xc9, 0x03, 0x2d, 0x20, 0x2a, 0x69, 0x6e, 0x42, 0xd0, 0xe7, 0xaa, 0xb5, 0xf3,
-	/* (2^264)P */ 0xea, 0x31, 0x0c, 0x57, 0x0f, 0x3e, 0xe3, 0x35, 0xd8, 0x30, 0xa5, 0x6f, 0xdd, 0x95, 0x43, 0xc6, 0x66, 0x07, 0x4f, 0x34, 0xc3, 0x7e, 0x04, 0x10, 0x2d, 0xc4, 0x1c, 0x94, 0x52, 0x2e, 0x5b, 0x9a, 0x65, 0x2f, 0x91, 0xaa, 0x4f, 0x3c, 0xdc, 0x23, 0x18, 0xe1, 0x4f, 0x85, 0xcd, 0xf4, 0x8c, 0x51, 0xf7, 0xab, 0x4f, 0xdc, 0x15, 0x5c, 0x9e, 0xc5,
-	/* (2^265)P */ 0x54, 0x57, 0x23, 0x17, 0xe7, 0x82, 0x2f, 0x04, 0x7d, 0xfe, 0xe7, 0x1f, 0xa2, 0x57, 0x79, 0xe9, 0x58, 0x9b, 0xbe, 0xc6, 0x16, 0x4a, 0x17, 0x50, 0x90, 0x4a, 0x34, 0x70, 0x87, 0x37, 0x01, 0x26, 0xd8, 0xa3, 0x5f, 0x07, 0x7c, 0xd0, 0x7d, 0x05, 0x8a, 0x93, 0x51, 0x2f, 0x99, 0xea, 0xcf, 0x00, 0xd8, 0xc7, 0xe6, 0x9b, 0x8c, 0x62, 0x45, 0x87,
-	/* (2^266)P */ 0xc3, 0xfd, 0x29, 0x66, 0xe7, 0x30, 0x29, 0x77, 0xe0, 0x0d, 0x63, 0x5b, 0xe6, 0x90, 0x1a, 0x1e, 0x99, 0xc2, 0xa7, 0xab, 0xff, 0xa7, 0xbd, 0x79, 0x01, 0x97, 0xfd, 0x27, 0x1b, 0x43, 0x2b, 0xe6, 0xfe, 0x5e, 0xf1, 0xb9, 0x35, 0x38, 0x08, 0x25, 0x55, 0x90, 0x68, 0x2e, 0xc3, 0x67, 0x39, 0x9f, 0x2b, 0x2c, 0x70, 0x48, 0x8c, 0x47, 0xee, 0x56,
-	/* (2^267)P */ 0xf7, 0x32, 0x70, 0xb5, 0xe6, 0x42, 0xfd, 0x0a, 0x39, 0x9b, 0x07, 0xfe, 0x0e, 0xf4, 0x47, 0xba, 0x6a, 0x3f, 0xf5, 0x2c, 0x15, 0xf3, 0x60, 0x3f, 0xb1, 0x83, 0x7b, 0x2e, 0x34, 0x58, 0x1a, 0x6e, 0x4a, 0x49, 0x05, 0x45, 0xca, 0xdb, 0x00, 0x01, 0x0c, 0x42, 0x5e, 0x60, 0x40, 0x5f, 0xd9, 0xc7, 0x3a, 0x9e, 0x1c, 0x8d, 0xab, 0x11, 0x55, 0x65,
-	/* (2^268)P */ 0x87, 0x40, 0xb7, 0x0d, 0xaa, 0x34, 0x89, 0x90, 0x75, 0x6d, 0xa2, 0xfe, 0x3b, 0x6d, 0x5c, 0x39, 0x98, 0x10, 0x9e, 0x15, 0xc5, 0x35, 0xa2, 0x27, 0x23, 0x0a, 0x2d, 0x60, 0xe2, 0xa8, 0x7f, 0x3e, 0x77, 0x8f, 0xcc, 0x44, 0xcc, 0x30, 0x28, 0xe2, 0xf0, 0x04, 0x8c, 0xee, 0xe4, 0x5f, 0x68, 0x8c, 0xdf, 0x70, 0xbf, 0x31, 0xee, 0x2a, 0xfc, 0xce,
-	/* (2^269)P */ 0x92, 0xf2, 0xa0, 0xd9, 0x58, 0x3b, 0x7c, 0x1a, 0x99, 0x46, 0x59, 0x54, 0x60, 0x06, 0x8d, 0x5e, 0xf0, 0x22, 0xa1, 0xed, 0x92, 0x8a, 0x4d, 0x76, 0x95, 0x05, 0x0b, 0xff, 0xfc, 0x9a, 0xd1, 0xcc, 0x05, 0xb9, 0x5e, 0x99, 0xe8, 0x2a, 0x76, 0x7b, 0xfd, 0xa6, 0xe2, 0xd1, 0x1a, 0xd6, 0x76, 0x9f, 0x2f, 0x0e, 0xd1, 0xa8, 0x77, 0x5a, 0x40, 0x5a,
-	/* (2^270)P */ 0xff, 0xf9, 0x3f, 0xa9, 0xa6, 0x6c, 0x6d, 0x03, 0x8b, 0xa7, 0x10, 0x5d, 0x3f, 0xec, 0x3e, 0x1c, 0x0b, 0x6b, 0xa2, 0x6a, 0x22, 0xa9, 0x28, 0xd0, 0x66, 0xc9, 0xc2, 0x3d, 0x47, 0x20, 0x7d, 0xa6, 0x1d, 0xd8, 0x25, 0xb5, 0xf2, 0xf9, 0x70, 0x19, 0x6b, 0xf8, 0x43, 0x36, 0xc5, 0x1f, 0xe4, 0x5a, 0x4c, 0x13, 0xe4, 0x6d, 0x08, 0x0b, 0x1d, 0xb1,
-	/* (2^271)P */ 0x3f, 0x20, 0x9b, 0xfb, 0xec, 0x7d, 0x31, 0xc5, 0xfc, 0x88, 0x0b, 0x30, 0xed, 0x36, 0xc0, 0x63, 0xb1, 0x7d, 0x10, 0xda, 0xb6, 0x2e, 0xad, 0xf3, 0xec, 0x94, 0xe7, 0xec, 0xb5, 0x9c, 0xfe, 0xf5, 0x35, 0xf0, 0xa2, 0x2d, 0x7f, 0xca, 0x6b, 0x67, 0x1a, 0xf6, 0xb3, 0xda, 0x09, 0x2a, 0xaa, 0xdf, 0xb1, 0xca, 0x9b, 0xfb, 0xeb, 0xb3, 0xcd, 0xc0,
-	/* (2^272)P */ 0xcd, 0x4d, 0x89, 0x00, 0xa4, 0x3b, 0x48, 0xf0, 0x76, 0x91, 0x35, 0xa5, 0xf8, 0xc9, 0xb6, 0x46, 0xbc, 0xf6, 0x9a, 0x45, 0x47, 0x17, 0x96, 0x80, 0x5b, 0x3a, 0x28, 0x33, 0xf9, 0x5a, 0xef, 0x43, 0x07, 0xfe, 0x3b, 0xf4, 0x8e, 0x19, 0xce, 0xd2, 0x94, 0x4b, 0x6d, 0x8e, 0x67, 0x20, 0xc7, 0x4f, 0x2f, 0x59, 0x8e, 0xe1, 0xa1, 0xa9, 0xf9, 0x0e,
-	/* (2^273)P */ 0xdc, 0x7b, 0xb5, 0x50, 0x2e, 0xe9, 0x7e, 0x8b, 0x78, 0xa1, 0x38, 0x96, 0x22, 0xc3, 0x61, 0x67, 0x6d, 0xc8, 0x58, 0xed, 0x41, 0x1d, 0x5d, 0x86, 0x98, 0x7f, 0x2f, 0x1b, 0x8d, 0x3e, 0xaa, 0xc1, 0xd2, 0x0a, 0xf3, 0xbf, 0x95, 0x04, 0xf3, 0x10, 0x3c, 0x2b, 0x7f, 0x90, 0x46, 0x04, 0xaa, 0x6a, 0xa9, 0x35, 0x76, 0xac, 0x49, 0xb5, 0x00, 0x45,
-	/* (2^274)P */ 0xb1, 0x93, 0x79, 0x84, 0x4a, 0x2a, 0x30, 0x78, 0x16, 0xaa, 0xc5, 0x74, 0x06, 0xce, 0xa5, 0xa7, 0x32, 0x86, 0xe0, 0xf9, 0x10, 0xd2, 0x58, 0x76, 0xfb, 0x66, 0x49, 0x76, 0x3a, 0x90, 0xba, 0xb5, 0xcc, 0x99, 0xcd, 0x09, 0xc1, 0x9a, 0x74, 0x23, 0xdf, 0x0c, 0xfe, 0x99, 0x52, 0x80, 0xa3, 0x7c, 0x1c, 0x71, 0x5f, 0x2c, 0x49, 0x57, 0xf4, 0xf9,
-	/* (2^275)P */ 0x6d, 0xbf, 0x52, 0xe6, 0x25, 0x98, 0xed, 0xcf, 0xe3, 0xbc, 0x08, 0xa2, 0x1a, 0x90, 0xae, 0xa0, 0xbf, 0x07, 0x15, 0xad, 0x0a, 0x9f, 0x3e, 0x47, 0x44, 0xc2, 0x10, 0x46, 0xa6, 0x7a, 0x9e, 0x2f, 0x57, 0xbc, 0xe2, 0xf0, 0x1d, 0xd6, 0x9a, 0x06, 0xed, 0xfc, 0x54, 0x95, 0x92, 0x15, 0xa2, 0xf7, 0x8d, 0x6b, 0xef, 0xb2, 0x05, 0xed, 0x5c, 0x63,
-	/* (2^276)P */ 0xbc, 0x0b, 0x27, 0x3a, 0x3a, 0xf8, 0xe1, 0x48, 0x02, 0x7e, 0x27, 0xe6, 0x81, 0x62, 0x07, 0x73, 0x74, 0xe5, 0x52, 0xd7, 0xf8, 0x26, 0xca, 0x93, 0x4d, 0x3e, 0x9b, 0x55, 0x09, 0x8e, 0xe3, 0xd7, 0xa6, 0xe3, 0xb6, 0x2a, 0xa9, 0xb3, 0xb0, 0xa0, 0x8c, 0x01, 0xbb, 0x07, 0x90, 0x78, 0x6d, 0x6d, 0xe9, 0xf0, 0x7a, 0x90, 0xbd, 0xdc, 0x0c, 0x36,
-	/* (2^277)P */ 0x7f, 0x20, 0x12, 0x0f, 0x40, 0x00, 0x53, 0xd8, 0x0c, 0x27, 0x47, 0x47, 0x22, 0x80, 0xfb, 0x62, 0xe4, 0xa7, 0xf7, 0xbd, 0x42, 0xa5, 0xc3, 0x2b, 0xb2, 0x7f, 0x50, 0xcc, 0xe2, 0xfb, 0xd5, 0xc0, 0x63, 0xdd, 0x24, 0x5f, 0x7c, 0x08, 0x91, 0xbf, 0x6e, 0x47, 0x44, 0xd4, 0x6a, 0xc0, 0xc3, 0x09, 0x39, 0x27, 0xdd, 0xc7, 0xca, 0x06, 0x29, 0x55,
-	/* (2^278)P */ 0x76, 0x28, 0x58, 0xb0, 0xd2, 0xf3, 0x0f, 0x04, 0xe9, 0xc9, 0xab, 0x66, 0x5b, 0x75, 0x51, 0xdc, 0xe5, 0x8f, 0xe8, 0x1f, 0xdb, 0x03, 0x0f, 0xb0, 0x7d, 0xf9, 0x20, 0x64, 0x89, 0xe9, 0xdc, 0xe6, 0x24, 0xc3, 0xd5, 0xd2, 0x41, 0xa6, 0xe4, 0xe3, 0xc4, 0x79, 0x7c, 0x0f, 0xa1, 0x61, 0x2f, 0xda, 0xa4, 0xc9, 0xfd, 0xad, 0x5c, 0x65, 0x6a, 0xf3,
-	/* (2^279)P */ 0xd5, 0xab, 0x72, 0x7a, 0x3b, 0x59, 0xea, 0xcf, 0xd5, 0x17, 0xd2, 0xb2, 0x5f, 0x2d, 0xab, 0xad, 0x9e, 0x88, 0x64, 0x55, 0x96, 0x6e, 0xf3, 0x44, 0xa9, 0x11, 0xf5, 0xf8, 0x3a, 0xf1, 0xcd, 0x79, 0x4c, 0x99, 0x6d, 0x23, 0x6a, 0xa0, 0xc2, 0x1a, 0x19, 0x45, 0xb5, 0xd8, 0x95, 0x2f, 0x49, 0xe9, 0x46, 0x39, 0x26, 0x60, 0x04, 0x15, 0x8b, 0xcc,
-	/* (2^280)P */ 0x66, 0x0c, 0xf0, 0x54, 0x41, 0x02, 0x91, 0xab, 0xe5, 0x85, 0x8a, 0x44, 0xa6, 0x34, 0x96, 0x32, 0xc0, 0xdf, 0x6c, 0x41, 0x39, 0xd4, 0xc6, 0xe1, 0xe3, 0x81, 0xb0, 0x4c, 0x34, 0x4f, 0xe5, 0xf4, 0x35, 0x46, 0x1f, 0xeb, 0x75, 0xfd, 0x43, 0x37, 0x50, 0x99, 0xab, 0xad, 0xb7, 0x8c, 0xa1, 0x57, 0xcb, 0xe6, 0xce, 0x16, 0x2e, 0x85, 0xcc, 0xf9,
-	/* (2^281)P */ 0x63, 0xd1, 0x3f, 0x9e, 0xa2, 0x17, 0x2e, 0x1d, 0x3e, 0xce, 0x48, 0x2d, 0xbb, 0x8f, 0x69, 0xc9, 0xa6, 0x3d, 0x4e, 0xfe, 0x09, 0x56, 0xb3, 0x02, 0x5f, 0x99, 0x97, 0x0c, 0x54, 0xda, 0x32, 0x97, 0x9b, 0xf4, 0x95, 0xf1, 0xad, 0xe3, 0x2b, 0x04, 0xa7, 0x9b, 0x3f, 0xbb, 0xe7, 0x87, 0x2e, 0x1f, 0x8b, 0x4b, 0x7a, 0xa4, 0x43, 0x0c, 0x0f, 0x35,
-	/* (2^282)P */ 0x05, 0xdc, 0xe0, 0x2c, 0xa1, 0xc1, 0xd0, 0xf1, 0x1f, 0x4e, 0xc0, 0x6c, 0x35, 0x7b, 0xca, 0x8f, 0x8b, 0x02, 0xb1, 0xf7, 0xd6, 0x2e, 0xe7, 0x93, 0x80, 0x85, 0x18, 0x88, 0x19, 0xb9, 0xb4, 0x4a, 0xbc, 0xeb, 0x5a, 0x78, 0x38, 0xed, 0xc6, 0x27, 0x2a, 0x74, 0x76, 0xf0, 0x1b, 0x79, 0x92, 0x2f, 0xd2, 0x81, 0x98, 0xdf, 0xa9, 0x50, 0x19, 0xeb,
-	/* (2^283)P */ 0xb5, 0xe7, 0xb4, 0x11, 0x3a, 0x81, 0xb6, 0xb4, 0xf8, 0xa2, 0xb3, 0x6c, 0xfc, 0x9d, 0xe0, 0xc0, 0xe0, 0x59, 0x7f, 0x05, 0x37, 0xef, 0x2c, 0xa9, 0x3a, 0x24, 0xac, 0x7b, 0x25, 0xa0, 0x55, 0xd2, 0x44, 0x82, 0x82, 0x6e, 0x64, 0xa3, 0x58, 0xc8, 0x67, 0xae, 0x26, 0xa7, 0x0f, 0x42, 0x63, 0xe1, 0x93, 0x01, 0x52, 0x19, 0xaf, 0x49, 0x3e, 0x33,
-	/* (2^284)P */ 0x05, 0x85, 0xe6, 0x66, 0xaf, 0x5f, 0xdf, 0xbf, 0x9d, 0x24, 0x62, 0x60, 0x90, 0xe2, 0x4c, 0x7d, 0x4e, 0xc3, 0x74, 0x5d, 0x4f, 0x53, 0xf3, 0x63, 0x13, 0xf4, 0x74, 0x28, 0x6b, 0x7d, 0x57, 0x0c, 0x9d, 0x84, 0xa7, 0x1a, 0xff, 0xa0, 0x79, 0xdf, 0xfc, 0x65, 0x98, 0x8e, 0x22, 0x0d, 0x62, 0x7e, 0xf2, 0x34, 0x60, 0x83, 0x05, 0x14, 0xb1, 0xc1,
-	/* (2^285)P */ 0x64, 0x22, 0xcc, 0xdf, 0x5c, 0xbc, 0x88, 0x68, 0x4c, 0xd9, 0xbc, 0x0e, 0xc9, 0x8b, 0xb4, 0x23, 0x52, 0xad, 0xb0, 0xb3, 0xf1, 0x17, 0xd8, 0x15, 0x04, 0x6b, 0x99, 0xf0, 0xc4, 0x7d, 0x48, 0x22, 0x4a, 0xf8, 0x6f, 0xaa, 0x88, 0x0d, 0xc5, 0x5e, 0xa9, 0x1c, 0x61, 0x3d, 0x95, 0xa9, 0x7b, 0x6a, 0x79, 0x33, 0x0a, 0x2b, 0x99, 0xe3, 0x4e, 0x48,
-	/* (2^286)P */ 0x6b, 0x9b, 0x6a, 0x2a, 0xf1, 0x60, 0x31, 0xb4, 0x73, 0xd1, 0x87, 0x45, 0x9c, 0x15, 0x58, 0x4b, 0x91, 0x6d, 0x94, 0x1c, 0x41, 0x11, 0x4a, 0x83, 0xec, 0xaf, 0x65, 0xbc, 0x34, 0xaa, 0x26, 0xe2, 0xaf, 0xed, 0x46, 0x05, 0x4e, 0xdb, 0xc6, 0x4e, 0x10, 0x28, 0x4e, 0x72, 0xe5, 0x31, 0xa3, 0x20, 0xd7, 0xb1, 0x96, 0x64, 0xf6, 0xce, 0x08, 0x08,
-	/* (2^287)P */ 0x16, 0xa9, 0x5c, 0x9f, 0x9a, 0xb4, 0xb8, 0xc8, 0x32, 0x78, 0xc0, 0x3a, 0xd9, 0x5f, 0x94, 0xac, 0x3a, 0x42, 0x1f, 0x43, 0xd6, 0x80, 0x47, 0x2c, 0xdc, 0x76, 0x27, 0xfa, 0x50, 0xe5, 0xa1, 0xe4, 0xc3, 0xcb, 0x61, 0x31, 0xe1, 0x2e, 0xde, 0x81, 0x3b, 0x77, 0x1c, 0x39, 0x3c, 0xdb, 0xda, 0x87, 0x4b, 0x84, 0x12, 0xeb, 0xdd, 0x54, 0xbf, 0xe7,
-	/* (2^288)P */ 0xbf, 0xcb, 0x73, 0x21, 0x3d, 0x7e, 0x13, 0x8c, 0xa6, 0x34, 0x21, 0x2b, 0xa5, 0xe4, 0x9f, 0x8e, 0x9c, 0x01, 0x9c, 0x43, 0xd9, 0xc7, 0xb9, 0xf1, 0xbe, 0x7f, 0x45, 0x51, 0x97, 0xa1, 0x8e, 0x01, 0xf8, 0xbd, 0xd2, 0xbf, 0x81, 0x3a, 0x8b, 0xab, 0xe4, 0x89, 0xb7, 0xbd, 0xf2, 0xcd, 0xa9, 0x8a, 0x8a, 0xde, 0xfb, 0x8a, 0x55, 0x12, 0x7b, 0x17,
-	/* (2^289)P */ 0x1b, 0x95, 0x58, 0x4d, 0xe6, 0x51, 0x31, 0x52, 0x1c, 0xd8, 0x15, 0x84, 0xb1, 0x0d, 0x36, 0x25, 0x88, 0x91, 0x46, 0x71, 0x42, 0x56, 0xe2, 0x90, 0x08, 0x9e, 0x77, 0x1b, 0xee, 0x22, 0x3f, 0xec, 0xee, 0x8c, 0x7b, 0x2e, 0x79, 0xc4, 0x6c, 0x07, 0xa1, 0x7e, 0x52, 0xf5, 0x26, 0x5c, 0x84, 0x2a, 0x50, 0x6e, 0x82, 0xb3, 0x76, 0xda, 0x35, 0x16,
-	/* (2^290)P */ 0x0a, 0x6f, 0x99, 0x87, 0xc0, 0x7d, 0x8a, 0xb2, 0xca, 0xae, 0xe8, 0x65, 0x98, 0x0f, 0xb3, 0x44, 0xe1, 0xdc, 0x52, 0x79, 0x75, 0xec, 0x8f, 0x95, 0x87, 0x45, 0xd1, 0x32, 0x18, 0x55, 0x15, 0xce, 0x64, 0x9b, 0x08, 0x4f, 0x2c, 0xea, 0xba, 0x1c, 0x57, 0x06, 0x63, 0xc8, 0xb1, 0xfd, 0xc5, 0x67, 0xe7, 0x1f, 0x87, 0x9e, 0xde, 0x72, 0x7d, 0xec,
-	/* (2^291)P */ 0x36, 0x8b, 0x4d, 0x2c, 0xc2, 0x46, 0xe8, 0x96, 0xac, 0x0b, 0x8c, 0xc5, 0x09, 0x10, 0xfc, 0xf2, 0xda, 0xea, 0x22, 0xb2, 0xd3, 0x89, 0xeb, 0xb2, 0x85, 0x0f, 0xff, 0x59, 0x50, 0x2c, 0x99, 0x5a, 0x1f, 0xec, 0x2a, 0x6f, 0xec, 0xcf, 0xe9, 0xce, 0x12, 0x6b, 0x19, 0xd8, 0xde, 0x9b, 0xce, 0x0e, 0x6a, 0xaa, 0xe1, 0x32, 0xea, 0x4c, 0xfe, 0x92,
-	/* (2^292)P */ 0x5f, 0x17, 0x70, 0x53, 0x26, 0x03, 0x0b, 0xab, 0xd1, 0xc1, 0x42, 0x0b, 0xab, 0x2b, 0x3d, 0x31, 0xa4, 0xd5, 0x2b, 0x5e, 0x00, 0xd5, 0x9a, 0x22, 0x34, 0xe0, 0x53, 0x3f, 0x59, 0x7f, 0x2c, 0x6d, 0x72, 0x9a, 0xa4, 0xbe, 0x3d, 0x42, 0x05, 0x1b, 0xf2, 0x7f, 0x88, 0x56, 0xd1, 0x7c, 0x7d, 0x6b, 0x9f, 0x43, 0xfe, 0x65, 0x19, 0xae, 0x9c, 0x4c,
-	/* (2^293)P */ 0xf3, 0x7c, 0x20, 0xa9, 0xfc, 0xf2, 0xf2, 0x3b, 0x3c, 0x57, 0x41, 0x94, 0xe5, 0xcc, 0x6a, 0x37, 0x5d, 0x09, 0xf2, 0xab, 0xc2, 0xca, 0x60, 0x38, 0x6b, 0x7a, 0xe1, 0x78, 0x2b, 0xc1, 0x1d, 0xe8, 0xfd, 0xbc, 0x3d, 0x5c, 0xa2, 0xdb, 0x49, 0x20, 0x79, 0xe6, 0x1b, 0x9b, 0x65, 0xd9, 0x6d, 0xec, 0x57, 0x1d, 0xd2, 0xe9, 0x90, 0xeb, 0x43, 0x7b,
-	/* (2^294)P */ 0x2a, 0x8b, 0x2e, 0x19, 0x18, 0x10, 0xb8, 0x83, 0xe7, 0x7d, 0x2d, 0x9a, 0x3a, 0xe5, 0xd1, 0xe4, 0x7c, 0x38, 0xe5, 0x59, 0x2a, 0x6e, 0xd9, 0x01, 0x29, 0x3d, 0x23, 0xf7, 0x52, 0xba, 0x61, 0x04, 0x9a, 0xde, 0xc4, 0x31, 0x50, 0xeb, 0x1b, 0xaa, 0xde, 0x39, 0x58, 0xd8, 0x1b, 0x1e, 0xfc, 0x57, 0x9a, 0x28, 0x43, 0x9e, 0x97, 0x5e, 0xaa, 0xa3,
-	/* (2^295)P */ 0x97, 0x0a, 0x74, 0xc4, 0x39, 0x99, 0x6b, 0x40, 0xc7, 0x3e, 0x8c, 0xa7, 0xb1, 0x4e, 0x9a, 0x59, 0x6e, 0x1c, 0xfe, 0xfc, 0x2a, 0x5e, 0x73, 0x2b, 0x8c, 0xa9, 0x71, 0xf5, 0xda, 0x6b, 0x15, 0xab, 0xf7, 0xbe, 0x2a, 0x44, 0x5f, 0xba, 0xae, 0x67, 0x93, 0xc5, 0x86, 0xc1, 0xb8, 0xdf, 0xdc, 0xcb, 0xd7, 0xff, 0xb1, 0x71, 0x7c, 0x6f, 0x88, 0xf8,
-	/* (2^296)P */ 0x3f, 0x89, 0xb1, 0xbf, 0x24, 0x16, 0xac, 0x56, 0xfe, 0xdf, 0x94, 0x71, 0xbf, 0xd6, 0x57, 0x0c, 0xb4, 0x77, 0x37, 0xaa, 0x2a, 0x70, 0x76, 0x49, 0xaf, 0x0c, 0x97, 0x8e, 0x78, 0x2a, 0x67, 0xc9, 0x3b, 0x3d, 0x5b, 0x01, 0x2f, 0xda, 0xd5, 0xa8, 0xde, 0x02, 0xa9, 0xac, 0x76, 0x00, 0x0b, 0x46, 0xc6, 0x2d, 0xdc, 0x08, 0xf4, 0x10, 0x2c, 0xbe,
-	/* (2^297)P */ 0xcb, 0x07, 0xf9, 0x91, 0xc6, 0xd5, 0x3e, 0x54, 0x63, 0xae, 0xfc, 0x10, 0xbe, 0x3a, 0x20, 0x73, 0x4e, 0x65, 0x0e, 0x2d, 0x86, 0x77, 0x83, 0x9d, 0xe2, 0x0a, 0xe9, 0xac, 0x22, 0x52, 0x76, 0xd4, 0x6e, 0xfa, 0xe0, 0x09, 0xef, 0x78, 0x82, 0x9f, 0x26, 0xf9, 0x06, 0xb5, 0xe7, 0x05, 0x0e, 0xf2, 0x46, 0x72, 0x93, 0xd3, 0x24, 0xbd, 0x87, 0x60,
-	/* (2^298)P */ 0x14, 0x55, 0x84, 0x7b, 0x6c, 0x60, 0x80, 0x73, 0x8c, 0xbe, 0x2d, 0xd6, 0x69, 0xd6, 0x17, 0x26, 0x44, 0x9f, 0x88, 0xa2, 0x39, 0x7c, 0x89, 0xbc, 0x6d, 0x9e, 0x46, 0xb6, 0x68, 0x66, 0xea, 0xdc, 0x31, 0xd6, 0x21, 0x51, 0x9f, 0x28, 0x28, 0xaf, 0x9e, 0x47, 0x2c, 0x4c, 0x8f, 0xf3, 0xaf, 0x1f, 0xe4, 0xab, 0xac, 0xe9, 0x0c, 0x91, 0x3a, 0x61,
-	/* (2^299)P */ 0xb0, 0x37, 0x55, 0x4b, 0xe9, 0xc3, 0xb1, 0xce, 0x42, 0xe6, 0xc5, 0x11, 0x7f, 0x2c, 0x11, 0xfc, 0x4e, 0x71, 0x17, 0x00, 0x74, 0x7f, 0xbf, 0x07, 0x4d, 0xfd, 0x40, 0xb2, 0x87, 0xb0, 0xef, 0x1f, 0x35, 0x2c, 0x2d, 0xd7, 0xe1, 0xe4, 0xad, 0x0e, 0x7f, 0x63, 0x66, 0x62, 0x23, 0x41, 0xf6, 0xc1, 0x14, 0xa6, 0xd7, 0xa9, 0x11, 0x56, 0x9d, 0x1b,
-	/* (2^300)P */ 0x02, 0x82, 0x42, 0x18, 0x4f, 0x1b, 0xc9, 0x5d, 0x78, 0x5f, 0xee, 0xed, 0x01, 0x49, 0x8f, 0xf2, 0xa0, 0xe2, 0x6e, 0xbb, 0x6b, 0x04, 0x8d, 0xb2, 0x41, 0xae, 0xc8, 0x1b, 0x59, 0x34, 0xb8, 0x2a, 0xdb, 0x1f, 0xd2, 0x52, 0xdf, 0x3f, 0x35, 0x00, 0x8b, 0x61, 0xbc, 0x97, 0xa0, 0xc4, 0x77, 0xd1, 0xe4, 0x2c, 0x59, 0x68, 0xff, 0x30, 0xf2, 0xe2,
-	/* (2^301)P */ 0x79, 0x08, 0xb1, 0xdb, 0x55, 0xae, 0xd0, 0xed, 0xda, 0xa0, 0xec, 0x6c, 0xae, 0x68, 0xf2, 0x0b, 0x61, 0xb3, 0xf5, 0x21, 0x69, 0x87, 0x0b, 0x03, 0xea, 0x8a, 0x15, 0xd9, 0x7e, 0xca, 0xf7, 0xcd, 0xf3, 0x33, 0xb3, 0x4c, 0x5b, 0x23, 0x4e, 0x6f, 0x90, 0xad, 0x91, 0x4b, 0x4f, 0x46, 0x37, 0xe5, 0xe8, 0xb7, 0xeb, 0xd5, 0xca, 0x34, 0x4e, 0x23,
-	/* (2^302)P */ 0x09, 0x02, 0xdd, 0xfd, 0x70, 0xac, 0x56, 0x80, 0x36, 0x5e, 0x49, 0xd0, 0x3f, 0xc2, 0xe0, 0xba, 0x46, 0x7f, 0x5c, 0xf7, 0xc5, 0xbd, 0xd5, 0x55, 0x7d, 0x3f, 0xd5, 0x7d, 0x06, 0xdf, 0x27, 0x20, 0x4f, 0xe9, 0x30, 0xec, 0x1b, 0xa0, 0x0c, 0xd4, 0x2c, 0xe1, 0x2b, 0x65, 0x73, 0xea, 0x75, 0x35, 0xe8, 0xe6, 0x56, 0xd6, 0x07, 0x15, 0x99, 0xdf,
-	/* (2^303)P */ 0x4e, 0x10, 0xb7, 0xd0, 0x63, 0x8c, 0xcf, 0x16, 0x00, 0x7c, 0x58, 0xdf, 0x86, 0xdc, 0x4e, 0xca, 0x9c, 0x40, 0x5a, 0x42, 0xfd, 0xec, 0x98, 0xa4, 0x42, 0x53, 0xae, 0x16, 0x9d, 0xfd, 0x75, 0x5a, 0x12, 0x56, 0x1e, 0xc6, 0x57, 0xcc, 0x79, 0x27, 0x96, 0x00, 0xcf, 0x80, 0x4f, 0x8a, 0x36, 0x5c, 0xbb, 0xe9, 0x12, 0xdb, 0xb6, 0x2b, 0xad, 0x96,
-	/* (2^304)P */ 0x92, 0x32, 0x1f, 0xfd, 0xc6, 0x02, 0x94, 0x08, 0x1b, 0x60, 0x6a, 0x9f, 0x8b, 0xd6, 0xc8, 0xad, 0xd5, 0x1b, 0x27, 0x4e, 0xa4, 0x4d, 0x4a, 0x00, 0x10, 0x5f, 0x86, 0x11, 0xf5, 0xe3, 0x14, 0x32, 0x43, 0xee, 0xb9, 0xc7, 0xab, 0xf4, 0x6f, 0xe5, 0x66, 0x0c, 0x06, 0x0d, 0x96, 0x79, 0x28, 0xaf, 0x45, 0x2b, 0x56, 0xbe, 0xe4, 0x4a, 0x52, 0xd6,
-	/* (2^305)P */ 0x15, 0x16, 0x69, 0xef, 0x60, 0xca, 0x82, 0x25, 0x0f, 0xc6, 0x30, 0xa0, 0x0a, 0xd1, 0x83, 0x29, 0xcd, 0xb6, 0x89, 0x6c, 0xf5, 0xb2, 0x08, 0x38, 0xe6, 0xca, 0x6b, 0x19, 0x93, 0xc6, 0x5f, 0x75, 0x8e, 0x60, 0x34, 0x23, 0xc4, 0x13, 0x17, 0x69, 0x55, 0xcc, 0x72, 0x9c, 0x2b, 0x6c, 0x80, 0xf4, 0x4b, 0x8b, 0xb6, 0x97, 0x65, 0x07, 0xb6, 0xfb,
-	/* (2^306)P */ 0x01, 0x99, 0x74, 0x28, 0xa6, 0x67, 0xa3, 0xe5, 0x25, 0xfb, 0xdf, 0x82, 0x93, 0xe7, 0x35, 0x74, 0xce, 0xe3, 0x15, 0x1c, 0x1d, 0x79, 0x52, 0x84, 0x08, 0x04, 0x2f, 0x5c, 0xb8, 0xcd, 0x7f, 0x89, 0xb0, 0x39, 0x93, 0x63, 0xc9, 0x5d, 0x06, 0x01, 0x59, 0xf7, 0x7e, 0xf1, 0x4c, 0x3d, 0x12, 0x8d, 0x69, 0x1d, 0xb7, 0x21, 0x5e, 0x88, 0x82, 0xa2,
-	/* (2^307)P */ 0x8e, 0x69, 0xaf, 0x9a, 0x41, 0x0d, 0x9d, 0xcf, 0x8e, 0x8d, 0x5c, 0x51, 0x6e, 0xde, 0x0e, 0x48, 0x23, 0x89, 0xe5, 0x37, 0x80, 0xd6, 0x9d, 0x72, 0x32, 0x26, 0x38, 0x2d, 0x63, 0xa0, 0xfa, 0xd3, 0x40, 0xc0, 0x8c, 0x68, 0x6f, 0x2b, 0x1e, 0x9a, 0x39, 0x51, 0x78, 0x74, 0x9a, 0x7b, 0x4a, 0x8f, 0x0c, 0xa0, 0x88, 0x60, 0xa5, 0x21, 0xcd, 0xc7,
-	/* (2^308)P */ 0x3a, 0x7f, 0x73, 0x14, 0xbf, 0x89, 0x6a, 0x4c, 0x09, 0x5d, 0xf2, 0x93, 0x20, 0x2d, 0xc4, 0x29, 0x86, 0x06, 0x95, 0xab, 0x22, 0x76, 0x4c, 0x54, 0xe1, 0x7e, 0x80, 0x6d, 0xab, 0x29, 0x61, 0x87, 0x77, 0xf6, 0xc0, 0x3e, 0xda, 0xab, 0x65, 0x7e, 0x39, 0x12, 0xa1, 0x6b, 0x42, 0xf7, 0xc5, 0x97, 0x77, 0xec, 0x6f, 0x22, 0xbe, 0x44, 0xc7, 0x03,
-	/* (2^309)P */ 0xa5, 0x23, 0x90, 0x41, 0xa3, 0xc5, 0x3e, 0xe0, 0xa5, 0x32, 0x49, 0x1f, 0x39, 0x78, 0xb1, 0xd8, 0x24, 0xea, 0xd4, 0x87, 0x53, 0x42, 0x51, 0xf4, 0xd9, 0x46, 0x25, 0x2f, 0x62, 0xa9, 0x90, 0x9a, 0x4a, 0x25, 0x8a, 0xd2, 0x10, 0xe7, 0x3c, 0xbc, 0x58, 0x8d, 0x16, 0x14, 0x96, 0xa4, 0x6f, 0xf8, 0x12, 0x69, 0x91, 0x73, 0xe2, 0xfa, 0xf4, 0x57,
-	/* (2^310)P */ 0x51, 0x45, 0x3f, 0x96, 0xdc, 0x97, 0x38, 0xa6, 0x01, 0x63, 0x09, 0xea, 0xc2, 0x13, 0x30, 0xb0, 0x00, 0xb8, 0x0a, 0xce, 0xd1, 0x8f, 0x3e, 0x69, 0x62, 0x46, 0x33, 0x9c, 0xbf, 0x4b, 0xcb, 0x0c, 0x90, 0x1c, 0x45, 0xcf, 0x37, 0x5b, 0xf7, 0x4b, 0x5e, 0x95, 0xc3, 0x28, 0x9f, 0x08, 0x83, 0x53, 0x74, 0xab, 0x0c, 0xb4, 0xc0, 0xa1, 0xbc, 0x89,
-	/* (2^311)P */ 0x06, 0xb1, 0x51, 0x15, 0x65, 0x60, 0x21, 0x17, 0x7a, 0x20, 0x65, 0xee, 0x12, 0x35, 0x4d, 0x46, 0xf4, 0xf8, 0xd0, 0xb1, 0xca, 0x09, 0x30, 0x08, 0x89, 0x23, 0x3b, 0xe7, 0xab, 0x8b, 0x77, 0xa6, 0xad, 0x25, 0xdd, 0xea, 0x3c, 0x7d, 0xa5, 0x24, 0xb3, 0xe8, 0xfa, 0xfb, 0xc9, 0xf2, 0x71, 0xe9, 0xfa, 0xf2, 0xdc, 0x54, 0xdd, 0x55, 0x2e, 0x2f,
-	/* (2^312)P */ 0x7f, 0x96, 0x96, 0xfb, 0x52, 0x86, 0xcf, 0xea, 0x62, 0x18, 0xf1, 0x53, 0x1f, 0x61, 0x2a, 0x9f, 0x8c, 0x51, 0xca, 0x2c, 0xde, 0x6d, 0xce, 0xab, 0x58, 0x32, 0x0b, 0x33, 0x9b, 0x99, 0xb4, 0x5c, 0x88, 0x2a, 0x76, 0xcc, 0x3e, 0x54, 0x1e, 0x9d, 0xa2, 0x89, 0xe4, 0x19, 0xba, 0x80, 0xc8, 0x39, 0x32, 0x7f, 0x0f, 0xc7, 0x84, 0xbb, 0x43, 0x56,
-	/* (2^313)P */ 0x9b, 0x07, 0xb4, 0x42, 0xa9, 0xa0, 0x78, 0x4f, 0x28, 0x70, 0x2b, 0x7e, 0x61, 0xe0, 0xdd, 0x02, 0x98, 0xfc, 0xed, 0x31, 0x80, 0xf1, 0x15, 0x52, 0x89, 0x23, 0xcd, 0x5d, 0x2b, 0xc5, 0x19, 0x32, 0xfb, 0x70, 0x50, 0x7a, 0x97, 0x6b, 0x42, 0xdb, 0xca, 0xdb, 0xc4, 0x59, 0x99, 0xe0, 0x12, 0x1f, 0x17, 0xba, 0x8b, 0xf0, 0xc4, 0x38, 0x5d, 0x27,
-	/* (2^314)P */ 0x29, 0x1d, 0xdc, 0x2b, 0xf6, 0x5b, 0x04, 0x61, 0x36, 0x76, 0xa0, 0x56, 0x36, 0x6e, 0xd7, 0x24, 0x4d, 0xe7, 0xef, 0x44, 0xd2, 0xd5, 0x07, 0xcd, 0xc4, 0x9d, 0x80, 0x48, 0xc3, 0x38, 0xcf, 0xd8, 0xa3, 0xdd, 0xb2, 0x5e, 0xb5, 0x70, 0x15, 0xbb, 0x36, 0x85, 0x8a, 0xd7, 0xfb, 0x56, 0x94, 0x73, 0x9c, 0x81, 0xbe, 0xb1, 0x44, 0x28, 0xf1, 0x37,
-	/* (2^315)P */ 0xbf, 0xcf, 0x5c, 0xd2, 0xe2, 0xea, 0xc2, 0xcd, 0x70, 0x7a, 0x9d, 0xcb, 0x81, 0xc1, 0xe9, 0xf1, 0x56, 0x71, 0x52, 0xf7, 0x1b, 0x87, 0xc6, 0xd8, 0xcc, 0xb2, 0x69, 0xf3, 0xb0, 0xbd, 0xba, 0x83, 0x12, 0x26, 0xc4, 0xce, 0x72, 0xde, 0x3b, 0x21, 0x28, 0x9e, 0x5a, 0x94, 0xf5, 0x04, 0xa3, 0xc8, 0x0f, 0x5e, 0xbc, 0x71, 0xf9, 0x0d, 0xce, 0xf5,
-	/* (2^316)P */ 0x93, 0x97, 0x00, 0x85, 0xf4, 0xb4, 0x40, 0xec, 0xd9, 0x2b, 0x6c, 0xd6, 0x63, 0x9e, 0x93, 0x0a, 0x5a, 0xf4, 0xa7, 0x9a, 0xe3, 0x3c, 0xf0, 0x55, 0xd1, 0x96, 0x6c, 0xf5, 0x2a, 0xce, 0xd7, 0x95, 0x72, 0xbf, 0xc5, 0x0c, 0xce, 0x79, 0xa2, 0x0a, 0x78, 0xe0, 0x72, 0xd0, 0x66, 0x28, 0x05, 0x75, 0xd3, 0x23, 0x09, 0x91, 0xed, 0x7e, 0xc4, 0xbc,
-	/* (2^317)P */ 0x77, 0xc2, 0x9a, 0xf7, 0xa6, 0xe6, 0x18, 0xb4, 0xe7, 0xf6, 0xda, 0xec, 0x44, 0x6d, 0xfb, 0x08, 0xee, 0x65, 0xa8, 0x92, 0x85, 0x1f, 0xba, 0x38, 0x93, 0x20, 0x5c, 0x4d, 0xd2, 0x18, 0x0f, 0x24, 0xbe, 0x1a, 0x96, 0x44, 0x7d, 0xeb, 0xb3, 0xda, 0x95, 0xf4, 0xaf, 0x6c, 0x06, 0x0f, 0x47, 0x37, 0xc8, 0x77, 0x63, 0xe1, 0x29, 0xef, 0xff, 0xa5,
-	/* (2^318)P */ 0x16, 0x12, 0xd9, 0x47, 0x90, 0x22, 0x9b, 0x05, 0xf2, 0xa5, 0x9a, 0xae, 0x83, 0x98, 0xb5, 0xac, 0xab, 0x29, 0xaa, 0xdc, 0x5f, 0xde, 0xcd, 0xf7, 0x42, 0xad, 0x3b, 0x96, 0xd6, 0x3e, 0x6e, 0x52, 0x47, 0xb1, 0xab, 0x51, 0xde, 0x49, 0x7c, 0x87, 0x8d, 0x86, 0xe2, 0x70, 0x13, 0x21, 0x51, 0x1c, 0x0c, 0x25, 0xc1, 0xb0, 0xe6, 0x19, 0xcf, 0x12,
-	/* (2^319)P */ 0xf0, 0xbc, 0x97, 0x8f, 0x4b, 0x2f, 0xd1, 0x1f, 0x8c, 0x57, 0xed, 0x3c, 0xf4, 0x26, 0x19, 0xbb, 0x60, 0xca, 0x24, 0xc5, 0xd9, 0x97, 0xe2, 0x5f, 0x76, 0x49, 0x39, 0x7e, 0x2d, 0x12, 0x21, 0x98, 0xda, 0xe6, 0xdb, 0xd2, 0xd8, 0x9f, 0x18, 0xd8, 0x83, 0x6c, 0xba, 0x89, 0x8d, 0x29, 0xfa, 0x46, 0x33, 0x8c, 0x28, 0xdf, 0x6a, 0xb3, 0x69, 0x28,
-	/* (2^320)P */ 0x86, 0x17, 0xbc, 0xd6, 0x7c, 0xba, 0x1e, 0x83, 0xbb, 0x84, 0xb5, 0x8c, 0xad, 0xdf, 0xa1, 0x24, 0x81, 0x70, 0x40, 0x0f, 0xad, 0xad, 0x3b, 0x23, 0xd0, 0x93, 0xa0, 0x49, 0x5c, 0x4b, 0x51, 0xbe, 0x20, 0x49, 0x4e, 0xda, 0x2d, 0xd3, 0xad, 0x1b, 0x74, 0x08, 0x41, 0xf0, 0xef, 0x19, 0xe9, 0x45, 0x5d, 0x02, 0xae, 0x26, 0x25, 0xd9, 0xd1, 0xc2,
-	/* (2^321)P */ 0x48, 0x81, 0x3e, 0xb2, 0x83, 0xf8, 0x4d, 0xb3, 0xd0, 0x4c, 0x75, 0xb3, 0xa0, 0x52, 0x26, 0xf2, 0xaf, 0x5d, 0x36, 0x70, 0x72, 0xd6, 0xb7, 0x88, 0x08, 0x69, 0xbd, 0x15, 0x25, 0xb1, 0x45, 0x1b, 0xb7, 0x0b, 0x5f, 0x71, 0x5d, 0x83, 0x49, 0xb9, 0x84, 0x3b, 0x7c, 0xc1, 0x50, 0x93, 0x05, 0x53, 0xe0, 0x61, 0xea, 0xc1, 0xef, 0xdb, 0x82, 0x97,
-	/* (2^322)P */ 0x00, 0xd5, 0xc3, 0x3a, 0x4d, 0x8a, 0x23, 0x7a, 0xef, 0xff, 0x37, 0xef, 0xf3, 0xbc, 0xa9, 0xb6, 0xae, 0xd7, 0x3a, 0x7b, 0xfd, 0x3e, 0x8e, 0x9b, 0xab, 0x44, 0x54, 0x60, 0x28, 0x6c, 0xbf, 0x15, 0x24, 0x4a, 0x56, 0x60, 0x7f, 0xa9, 0x7a, 0x28, 0x59, 0x2c, 0x8a, 0xd1, 0x7d, 0x6b, 0x00, 0xfd, 0xa5, 0xad, 0xbc, 0x19, 0x3f, 0xcb, 0x73, 0xe0,
-	/* (2^323)P */ 0xcf, 0x9e, 0x66, 0x06, 0x4d, 0x2b, 0xf5, 0x9c, 0xc2, 0x9d, 0x9e, 0xed, 0x5a, 0x5c, 0x2d, 0x00, 0xbf, 0x29, 0x90, 0x88, 0xe4, 0x5d, 0xfd, 0xe2, 0xf0, 0x38, 0xec, 0x4d, 0x26, 0xea, 0x54, 0xf0, 0x3c, 0x84, 0x10, 0x6a, 0xf9, 0x66, 0x9c, 0xe7, 0x21, 0xfd, 0x0f, 0xc7, 0x13, 0x50, 0x81, 0xb6, 0x50, 0xf9, 0x04, 0x7f, 0xa4, 0x37, 0x85, 0x14,
-	/* (2^324)P */ 0xdb, 0x87, 0x49, 0xc7, 0xa8, 0x39, 0x0c, 0x32, 0x98, 0x0c, 0xb9, 0x1a, 0x1b, 0x4d, 0xe0, 0x8a, 0x9a, 0x8e, 0x8f, 0xab, 0x5a, 0x17, 0x3d, 0x04, 0x21, 0xce, 0x3e, 0x2c, 0xf9, 0xa3, 0x97, 0xe4, 0x77, 0x95, 0x0e, 0xb6, 0xa5, 0x15, 0xad, 0x3a, 0x1e, 0x46, 0x53, 0x17, 0x09, 0x83, 0x71, 0x4e, 0x86, 0x38, 0xd5, 0x23, 0x44, 0x16, 0x8d, 0xc8,
-	/* (2^325)P */ 0x05, 0x5e, 0x99, 0x08, 0xbb, 0xc3, 0xc0, 0xb7, 0x6c, 0x12, 0xf2, 0xf3, 0xf4, 0x7c, 0x6a, 0x4d, 0x9e, 0xeb, 0x3d, 0xb9, 0x63, 0x94, 0xce, 0x81, 0xd8, 0x11, 0xcb, 0x55, 0x69, 0x4a, 0x20, 0x0b, 0x4c, 0x2e, 0x14, 0xb8, 0xd4, 0x6a, 0x7c, 0xf0, 0xed, 0xfc, 0x8f, 0xef, 0xa0, 0xeb, 0x6c, 0x01, 0xe2, 0xdc, 0x10, 0x22, 0xa2, 0x01, 0x85, 0x64,
-	/* (2^326)P */ 0x58, 0xe1, 0x9c, 0x27, 0x55, 0xc6, 0x25, 0xa6, 0x7d, 0x67, 0x88, 0x65, 0x99, 0x6c, 0xcb, 0xdb, 0x27, 0x4f, 0x44, 0x29, 0xf5, 0x4a, 0x23, 0x10, 0xbc, 0x03, 0x3f, 0x36, 0x1e, 0xef, 0xb0, 0xba, 0x75, 0xe8, 0x74, 0x5f, 0x69, 0x3e, 0x26, 0x40, 0xb4, 0x2f, 0xdc, 0x43, 0xbf, 0xa1, 0x8b, 0xbd, 0xca, 0x6e, 0xc1, 0x6e, 0x21, 0x79, 0xa0, 0xd0,
-	/* (2^327)P */ 0x78, 0x93, 0x4a, 0x2d, 0x22, 0x6e, 0x6e, 0x7d, 0x74, 0xd2, 0x66, 0x58, 0xce, 0x7b, 0x1d, 0x97, 0xb1, 0xf2, 0xda, 0x1c, 0x79, 0xfb, 0xba, 0xd1, 0xc0, 0xc5, 0x6e, 0xc9, 0x11, 0x89, 0xd2, 0x41, 0x8d, 0x70, 0xb9, 0xcc, 0xea, 0x6a, 0xb3, 0x45, 0xb6, 0x05, 0x2e, 0xf2, 0x17, 0xf1, 0x27, 0xb8, 0xed, 0x06, 0x1f, 0xdb, 0x9d, 0x1f, 0x69, 0x28,
-	/* (2^328)P */ 0x93, 0x12, 0xa8, 0x11, 0xe1, 0x92, 0x30, 0x8d, 0xac, 0xe1, 0x1c, 0x60, 0x7c, 0xed, 0x2d, 0x2e, 0xd3, 0x03, 0x5c, 0x9c, 0xc5, 0xbd, 0x64, 0x4a, 0x8c, 0xba, 0x76, 0xfe, 0xc6, 0xc1, 0xea, 0xc2, 0x4f, 0xbe, 0x70, 0x3d, 0x64, 0xcf, 0x8e, 0x18, 0xcb, 0xcd, 0x57, 0xa7, 0xf7, 0x36, 0xa9, 0x6b, 0x3e, 0xb8, 0x69, 0xee, 0x47, 0xa2, 0x7e, 0xb2,
-	/* (2^329)P */ 0x96, 0xaf, 0x3a, 0xf5, 0xed, 0xcd, 0xaf, 0xf7, 0x82, 0xaf, 0x59, 0x62, 0x0b, 0x36, 0x85, 0xf9, 0xaf, 0xd6, 0x38, 0xff, 0x87, 0x2e, 0x1d, 0x6c, 0x8b, 0xaf, 0x3b, 0xdf, 0x28, 0xa2, 0xd6, 0x4d, 0x80, 0x92, 0xc3, 0x0f, 0x34, 0xa8, 0xae, 0x69, 0x5d, 0x7b, 0x9d, 0xbc, 0xf5, 0xfd, 0x1d, 0xb1, 0x96, 0x55, 0x86, 0xe1, 0x5c, 0xb6, 0xac, 0xb9,
-	/* (2^330)P */ 0x50, 0x9e, 0x37, 0x28, 0x7d, 0xa8, 0x33, 0x63, 0xda, 0x3f, 0x20, 0x98, 0x0e, 0x09, 0xa8, 0x77, 0x3b, 0x7a, 0xfc, 0x16, 0x85, 0x44, 0x64, 0x77, 0x65, 0x68, 0x92, 0x41, 0xc6, 0x1f, 0xdf, 0x27, 0xf9, 0xec, 0xa0, 0x61, 0x22, 0xea, 0x19, 0xe7, 0x75, 0x8b, 0x4e, 0xe5, 0x0f, 0xb7, 0xf7, 0xd2, 0x53, 0xf4, 0xdd, 0x4a, 0xaa, 0x78, 0x40, 0xb7,
-	/* (2^331)P */ 0xd4, 0x89, 0xe3, 0x79, 0xba, 0xb6, 0xc3, 0xda, 0xe6, 0x78, 0x65, 0x7d, 0x6e, 0x22, 0x62, 0xb1, 0x3d, 0xea, 0x90, 0x84, 0x30, 0x5e, 0xd4, 0x39, 0x84, 0x78, 0xd9, 0x75, 0xd6, 0xce, 0x2a, 0x11, 0x29, 0x69, 0xa4, 0x5e, 0xaa, 0x2a, 0x98, 0x5a, 0xe5, 0x91, 0x8f, 0xb2, 0xfb, 0xda, 0x97, 0xe8, 0x83, 0x6f, 0x04, 0xb9, 0x5d, 0xaf, 0xe1, 0x9b,
-	/* (2^332)P */ 0x8b, 0xe4, 0xe1, 0x48, 0x9c, 0xc4, 0x83, 0x89, 0xdf, 0x65, 0xd3, 0x35, 0x55, 0x13, 0xf4, 0x1f, 0x36, 0x92, 0x33, 0x38, 0xcb, 0xed, 0x15, 0xe6, 0x60, 0x2d, 0x25, 0xf5, 0x36, 0x60, 0x3a, 0x37, 0x9b, 0x71, 0x9d, 0x42, 0xb0, 0x14, 0xc8, 0xba, 0x62, 0xa3, 0x49, 0xb0, 0x88, 0xc1, 0x72, 0x73, 0xdd, 0x62, 0x40, 0xa9, 0x62, 0x88, 0x99, 0xca,
-	/* (2^333)P */ 0x47, 0x7b, 0xea, 0xda, 0x46, 0x2f, 0x45, 0xc6, 0xe3, 0xb4, 0x4d, 0x8d, 0xac, 0x0b, 0x54, 0x22, 0x06, 0x31, 0x16, 0x66, 0x3e, 0xe4, 0x38, 0x12, 0xcd, 0xf3, 0xe7, 0x99, 0x37, 0xd9, 0x62, 0x24, 0x4b, 0x05, 0xf2, 0x58, 0xe6, 0x29, 0x4b, 0x0d, 0xf6, 0xc1, 0xba, 0xa0, 0x1e, 0x0f, 0xcb, 0x1f, 0xc6, 0x2b, 0x19, 0xfc, 0x82, 0x01, 0xd0, 0x86,
-	/* (2^334)P */ 0xa2, 0xae, 0x77, 0x20, 0xfb, 0xa8, 0x18, 0xb4, 0x61, 0xef, 0xe8, 0x52, 0x79, 0xbb, 0x86, 0x90, 0x5d, 0x2e, 0x76, 0xed, 0x66, 0x60, 0x5d, 0x00, 0xb5, 0xa4, 0x00, 0x40, 0x89, 0xec, 0xd1, 0xd2, 0x0d, 0x26, 0xb9, 0x30, 0xb2, 0xd2, 0xb8, 0xe8, 0x0e, 0x56, 0xf9, 0x67, 0x94, 0x2e, 0x62, 0xe1, 0x79, 0x48, 0x2b, 0xa9, 0xfa, 0xea, 0xdb, 0x28,
-	/* (2^335)P */ 0x35, 0xf1, 0xb0, 0x43, 0xbd, 0x27, 0xef, 0x18, 0x44, 0xa2, 0x04, 0xb4, 0x69, 0xa1, 0x97, 0x1f, 0x8c, 0x04, 0x82, 0x9b, 0x00, 0x6d, 0xf8, 0xbf, 0x7d, 0xc1, 0x5b, 0xab, 0xe8, 0xb2, 0x34, 0xbd, 0xaf, 0x7f, 0xb2, 0x0d, 0xf3, 0xed, 0xfc, 0x5b, 0x50, 0xee, 0xe7, 0x4a, 0x20, 0xd9, 0xf5, 0xc6, 0x9a, 0x97, 0x6d, 0x07, 0x2f, 0xb9, 0x31, 0x02,
-	/* (2^336)P */ 0xf9, 0x54, 0x4a, 0xc5, 0x61, 0x7e, 0x1d, 0xa6, 0x0e, 0x1a, 0xa8, 0xd3, 0x8c, 0x36, 0x7d, 0xf1, 0x06, 0xb1, 0xac, 0x93, 0xcd, 0xe9, 0x8f, 0x61, 0x6c, 0x5d, 0x03, 0x23, 0xdf, 0x85, 0x53, 0x39, 0x63, 0x5e, 0xeb, 0xf3, 0xd3, 0xd3, 0x75, 0x97, 0x9b, 0x62, 0x9b, 0x01, 0xb3, 0x19, 0xd8, 0x2b, 0x36, 0xf2, 0x2c, 0x2c, 0x6f, 0x36, 0xc6, 0x3c,
-	/* (2^337)P */ 0x05, 0x74, 0x43, 0x10, 0xb6, 0xb0, 0xf8, 0xbf, 0x02, 0x46, 0x9a, 0xee, 0xc1, 0xaf, 0xc1, 0xe5, 0x5a, 0x2e, 0xbb, 0xe1, 0xdc, 0xc6, 0xce, 0x51, 0x29, 0x50, 0xbf, 0x1b, 0xde, 0xff, 0xba, 0x4d, 0x8d, 0x8b, 0x7e, 0xe7, 0xbd, 0x5b, 0x8f, 0xbe, 0xe3, 0x75, 0x71, 0xff, 0x37, 0x05, 0x5a, 0x10, 0xeb, 0x54, 0x7e, 0x44, 0x72, 0x2c, 0xd4, 0xfc,
-	/* (2^338)P */ 0x03, 0x12, 0x1c, 0xb2, 0x08, 0x90, 0xa1, 0x2d, 0x50, 0xa0, 0xad, 0x7f, 0x8d, 0xa6, 0x97, 0xc1, 0xbd, 0xdc, 0xc3, 0xa7, 0xad, 0x31, 0xdf, 0xb8, 0x03, 0x84, 0xc3, 0xb9, 0x29, 0x3d, 0x92, 0x2e, 0xc3, 0x90, 0x07, 0xe8, 0xa7, 0xc7, 0xbc, 0x61, 0xe9, 0x3e, 0xa0, 0x35, 0xda, 0x1d, 0xab, 0x48, 0xfe, 0x50, 0xc9, 0x25, 0x59, 0x23, 0x69, 0x3f,
-	/* (2^339)P */ 0x8e, 0x91, 0xab, 0x6b, 0x91, 0x4f, 0x89, 0x76, 0x67, 0xad, 0xb2, 0x65, 0x9d, 0xad, 0x02, 0x36, 0xdc, 0xac, 0x96, 0x93, 0x97, 0x21, 0x14, 0xd0, 0xe8, 0x11, 0x60, 0x1e, 0xeb, 0x96, 0x06, 0xf2, 0x53, 0xf2, 0x6d, 0xb7, 0x93, 0x6f, 0x26, 0x91, 0x23, 0xe3, 0x34, 0x04, 0x92, 0x91, 0x37, 0x08, 0x50, 0xd6, 0x28, 0x09, 0x27, 0xa1, 0x0c, 0x00,
-	/* (2^340)P */ 0x1f, 0xbb, 0x21, 0x26, 0x33, 0xcb, 0xa4, 0xd1, 0xee, 0x85, 0xf9, 0xd9, 0x3c, 0x90, 0xc3, 0xd1, 0x26, 0xa2, 0x25, 0x93, 0x43, 0x61, 0xed, 0x91, 0x6e, 0x54, 0x03, 0x2e, 0x42, 0x9d, 0xf7, 0xa6, 0x02, 0x0f, 0x2f, 0x9c, 0x7a, 0x8d, 0x12, 0xc2, 0x18, 0xfc, 0x41, 0xff, 0x85, 0x26, 0x1a, 0x44, 0x55, 0x0b, 0x89, 0xab, 0x6f, 0x62, 0x33, 0x8c,
-	/* (2^341)P */ 0xe0, 0x3c, 0x5d, 0x70, 0x64, 0x87, 0x81, 0x35, 0xf2, 0x37, 0xa6, 0x24, 0x3e, 0xe0, 0x62, 0xd5, 0x71, 0xe7, 0x93, 0xfb, 0xac, 0xc3, 0xe7, 0xc7, 0x04, 0xe2, 0x70, 0xd3, 0x29, 0x5b, 0x21, 0xbf, 0xf4, 0x26, 0x5d, 0xf3, 0x95, 0xb4, 0x2a, 0x6a, 0x07, 0x55, 0xa6, 0x4b, 0x3b, 0x15, 0xf2, 0x25, 0x8a, 0x95, 0x3f, 0x63, 0x2f, 0x7a, 0x23, 0x96,
-	/* (2^342)P */ 0x0d, 0x3d, 0xd9, 0x13, 0xa7, 0xb3, 0x5e, 0x67, 0xf7, 0x02, 0x23, 0xee, 0x84, 0xff, 0x99, 0xda, 0xb9, 0x53, 0xf8, 0xf0, 0x0e, 0x39, 0x2f, 0x3c, 0x64, 0x34, 0xe3, 0x09, 0xfd, 0x2b, 0x33, 0xc7, 0xfe, 0x62, 0x2b, 0x84, 0xdf, 0x2b, 0xd2, 0x7c, 0x26, 0x01, 0x70, 0x66, 0x5b, 0x85, 0xc2, 0xbe, 0x88, 0x37, 0xf1, 0x30, 0xac, 0xb8, 0x76, 0xa3,
-	/* (2^343)P */ 0x6e, 0x01, 0xf0, 0x55, 0x35, 0xe4, 0xbd, 0x43, 0x62, 0x9d, 0xd6, 0x11, 0xef, 0x6f, 0xb8, 0x8c, 0xaa, 0x98, 0x87, 0xc6, 0x6d, 0xc4, 0xcc, 0x74, 0x92, 0x53, 0x4a, 0xdf, 0xe4, 0x08, 0x89, 0x17, 0xd0, 0x0f, 0xf4, 0x00, 0x60, 0x78, 0x08, 0x44, 0xb5, 0xda, 0x18, 0xed, 0x98, 0xc8, 0x61, 0x3d, 0x39, 0xdb, 0xcf, 0x1d, 0x49, 0x40, 0x65, 0x75,
-	/* (2^344)P */ 0x8e, 0x10, 0xae, 0x5f, 0x06, 0xd2, 0x95, 0xfd, 0x20, 0x16, 0x49, 0x5b, 0x57, 0xbe, 0x22, 0x8b, 0x43, 0xfb, 0xe6, 0xcc, 0x26, 0xa5, 0x5d, 0xd3, 0x68, 0xc5, 0xf9, 0x5a, 0x86, 0x24, 0x87, 0x27, 0x05, 0xfd, 0xe2, 0xff, 0xb3, 0xa3, 0x7b, 0x37, 0x59, 0xc5, 0x4e, 0x14, 0x94, 0xf9, 0x3b, 0xcb, 0x7c, 0xed, 0xca, 0x1d, 0xb2, 0xac, 0x05, 0x4a,
-	/* (2^345)P */ 0xf4, 0xd1, 0x81, 0xeb, 0x89, 0xbf, 0xfe, 0x1e, 0x41, 0x92, 0x29, 0xee, 0xe1, 0x43, 0xf5, 0x86, 0x1d, 0x2f, 0xbb, 0x1e, 0x84, 0x5d, 0x7b, 0x8d, 0xd5, 0xda, 0xee, 0x1e, 0x8a, 0xd0, 0x27, 0xf2, 0x60, 0x51, 0x59, 0x82, 0xf4, 0x84, 0x2b, 0x5b, 0x14, 0x2d, 0x81, 0x82, 0x3e, 0x2b, 0xb4, 0x6d, 0x51, 0x4f, 0xc5, 0xcb, 0xbf, 0x74, 0xe3, 0xb4,
-	/* (2^346)P */ 0x19, 0x2f, 0x22, 0xb3, 0x04, 0x5f, 0x81, 0xca, 0x05, 0x60, 0xb9, 0xaa, 0xee, 0x0e, 0x2f, 0x48, 0x38, 0xf9, 0x91, 0xb4, 0x66, 0xe4, 0x57, 0x28, 0x54, 0x10, 0xe9, 0x61, 0x9d, 0xd4, 0x90, 0x75, 0xb1, 0x39, 0x23, 0xb6, 0xfc, 0x82, 0xe0, 0xfa, 0xbb, 0x5c, 0x6e, 0xc3, 0x44, 0x13, 0x00, 0x83, 0x55, 0x9e, 0x8e, 0x10, 0x61, 0x81, 0x91, 0x04,
-	/* (2^347)P */ 0x5f, 0x2a, 0xd7, 0x81, 0xd9, 0x9c, 0xbb, 0x79, 0xbc, 0x62, 0x56, 0x98, 0x03, 0x5a, 0x18, 0x85, 0x2a, 0x9c, 0xd0, 0xfb, 0xd2, 0xb1, 0xaf, 0xef, 0x0d, 0x24, 0xc5, 0xfa, 0x39, 0xbb, 0x6b, 0xed, 0xa4, 0xdf, 0xe4, 0x87, 0xcd, 0x41, 0xd3, 0x72, 0x32, 0xc6, 0x28, 0x21, 0xb1, 0xba, 0x8b, 0xa3, 0x91, 0x79, 0x76, 0x22, 0x25, 0x10, 0x61, 0xd1,
-	/* (2^348)P */ 0x73, 0xb5, 0x32, 0x97, 0xdd, 0xeb, 0xdd, 0x22, 0x22, 0xf1, 0x33, 0x3c, 0x77, 0x56, 0x7d, 0x6b, 0x48, 0x2b, 0x05, 0x81, 0x03, 0x03, 0x91, 0x9a, 0xe3, 0x5e, 0xd4, 0xee, 0x3f, 0xf8, 0xbb, 0x50, 0x21, 0x32, 0x4c, 0x4a, 0x58, 0x49, 0xde, 0x0c, 0xde, 0x30, 0x82, 0x3d, 0x92, 0xf0, 0x6c, 0xcc, 0x32, 0x3e, 0xd2, 0x78, 0x8a, 0x6e, 0x2c, 0xd0,
-	/* (2^349)P */ 0xf0, 0xf7, 0xa1, 0x0b, 0xc1, 0x74, 0x85, 0xa8, 0xe9, 0xdd, 0x48, 0xa1, 0xc0, 0x16, 0xd8, 0x2b, 0x61, 0x08, 0xc2, 0x2b, 0x30, 0x26, 0x79, 0xce, 0x9e, 0xfd, 0x39, 0xd7, 0x81, 0xa4, 0x63, 0x8c, 0xd5, 0x74, 0xa0, 0x88, 0xfa, 0x03, 0x30, 0xe9, 0x7f, 0x2b, 0xc6, 0x02, 0xc9, 0x5e, 0xe4, 0xd5, 0x4d, 0x92, 0xd0, 0xf6, 0xf2, 0x5b, 0x79, 0x08,
-	/* (2^350)P */ 0x34, 0x89, 0x81, 0x43, 0xd1, 0x94, 0x2c, 0x10, 0x54, 0x9b, 0xa0, 0xe5, 0x44, 0xe8, 0xc2, 0x2f, 0x3e, 0x0e, 0x74, 0xae, 0xba, 0xe2, 0xac, 0x85, 0x6b, 0xd3, 0x5c, 0x97, 0xf7, 0x90, 0xf1, 0x12, 0xc0, 0x03, 0xc8, 0x1f, 0x37, 0x72, 0x8c, 0x9b, 0x9c, 0x17, 0x96, 0x9d, 0xc7, 0xbf, 0xa3, 0x3f, 0x44, 0x3d, 0x87, 0x81, 0xbd, 0x81, 0xa6, 0x5f,
-	/* (2^351)P */ 0xe4, 0xff, 0x78, 0x62, 0x82, 0x5b, 0x76, 0x58, 0xf5, 0x5b, 0xa6, 0xc4, 0x53, 0x11, 0x3b, 0x7b, 0xaa, 0x67, 0xf8, 0xea, 0x3b, 0x5d, 0x9a, 0x2e, 0x04, 0xeb, 0x4a, 0x24, 0xfb, 0x56, 0xf0, 0xa8, 0xd4, 0x14, 0xed, 0x0f, 0xfd, 0xc5, 0x26, 0x17, 0x2a, 0xf0, 0xb9, 0x13, 0x8c, 0xbd, 0x65, 0x14, 0x24, 0x95, 0x27, 0x12, 0x63, 0x2a, 0x09, 0x18,
-	/* (2^352)P */ 0xe1, 0x5c, 0xe7, 0xe0, 0x00, 0x6a, 0x96, 0xf2, 0x49, 0x6a, 0x39, 0xa5, 0xe0, 0x17, 0x79, 0x4a, 0x63, 0x07, 0x62, 0x09, 0x61, 0x1b, 0x6e, 0xa9, 0xb5, 0x62, 0xb7, 0xde, 0xdf, 0x80, 0x4c, 0x5a, 0x99, 0x73, 0x59, 0x9d, 0xfb, 0xb1, 0x5e, 0xbe, 0xb8, 0xb7, 0x63, 0x93, 0xe8, 0xad, 0x5e, 0x1f, 0xae, 0x59, 0x1c, 0xcd, 0xb4, 0xc2, 0xb3, 0x8a,
-	/* (2^353)P */ 0x78, 0x53, 0xa1, 0x4c, 0x70, 0x9c, 0x63, 0x7e, 0xb3, 0x12, 0x40, 0x5f, 0xbb, 0x23, 0xa7, 0xf7, 0x77, 0x96, 0x5b, 0x4d, 0x91, 0x10, 0x52, 0x85, 0x9e, 0xa5, 0x38, 0x0b, 0xfd, 0x25, 0x01, 0x4b, 0xfa, 0x4d, 0xd3, 0x3f, 0x78, 0x74, 0x42, 0xff, 0x62, 0x2d, 0x27, 0xdc, 0x9d, 0xd1, 0x29, 0x76, 0x2e, 0x78, 0xb3, 0x35, 0xfa, 0x15, 0xd5, 0x38,
-	/* (2^354)P */ 0x8b, 0xc7, 0x43, 0xce, 0xf0, 0x5e, 0xf1, 0x0d, 0x02, 0x38, 0xe8, 0x82, 0xc9, 0x25, 0xad, 0x2d, 0x27, 0xa4, 0x54, 0x18, 0xb2, 0x30, 0x73, 0xa4, 0x41, 0x08, 0xe4, 0x86, 0xe6, 0x8c, 0xe9, 0x2a, 0x34, 0xb3, 0xd6, 0x61, 0x8f, 0x66, 0x26, 0x08, 0xb6, 0x06, 0x33, 0xaa, 0x12, 0xac, 0x72, 0xec, 0x2e, 0x52, 0xa3, 0x25, 0x3e, 0xd7, 0x62, 0xe8,
-	/* (2^355)P */ 0xc4, 0xbb, 0x89, 0xc8, 0x40, 0xcc, 0x84, 0xec, 0x4a, 0xd9, 0xc4, 0x55, 0x78, 0x00, 0xcf, 0xd8, 0xe9, 0x24, 0x59, 0xdc, 0x5e, 0xf0, 0x66, 0xa1, 0x83, 0xae, 0x97, 0x18, 0xc5, 0x54, 0x27, 0xa2, 0x21, 0x52, 0x03, 0x31, 0x5b, 0x11, 0x67, 0xf6, 0x12, 0x00, 0x87, 0x2f, 0xff, 0x59, 0x70, 0x8f, 0x6d, 0x71, 0xab, 0xab, 0x24, 0xb8, 0xba, 0x35,
-	/* (2^356)P */ 0x69, 0x43, 0xa7, 0x14, 0x06, 0x96, 0xe9, 0xc2, 0xe3, 0x2b, 0x45, 0x22, 0xc0, 0xd0, 0x2f, 0x34, 0xd1, 0x01, 0x99, 0xfc, 0x99, 0x38, 0xa1, 0x25, 0x2e, 0x59, 0x6c, 0x27, 0xc9, 0xeb, 0x7b, 0xdc, 0x4e, 0x26, 0x68, 0xba, 0xfa, 0xec, 0x02, 0x05, 0x64, 0x80, 0x30, 0x20, 0x5c, 0x26, 0x7f, 0xaf, 0x95, 0x17, 0x3d, 0x5c, 0x9e, 0x96, 0x96, 0xaf,
-	/* (2^357)P */ 0xa6, 0xba, 0x21, 0x29, 0x32, 0xe2, 0x98, 0xde, 0x9b, 0x6d, 0x0b, 0x44, 0x91, 0xa8, 0x3e, 0xd4, 0xb8, 0x04, 0x6c, 0xf6, 0x04, 0x39, 0xbd, 0x52, 0x05, 0x15, 0x27, 0x78, 0x8e, 0x55, 0xac, 0x79, 0xc5, 0xe6, 0x00, 0x7f, 0x90, 0xa2, 0xdd, 0x07, 0x13, 0xe0, 0x24, 0x70, 0x5c, 0x0f, 0x4d, 0xa9, 0xf9, 0xae, 0xcb, 0x34, 0x10, 0x9d, 0x89, 0x9d,
-	/* (2^358)P */ 0x12, 0xe0, 0xb3, 0x9f, 0xc4, 0x96, 0x1d, 0xcf, 0xed, 0x99, 0x64, 0x28, 0x8d, 0xc7, 0x31, 0x82, 0xee, 0x5e, 0x75, 0x48, 0xff, 0x3a, 0xf2, 0x09, 0x34, 0x03, 0x93, 0x52, 0x19, 0xb2, 0xc5, 0x81, 0x93, 0x45, 0x5e, 0x59, 0x21, 0x2b, 0xec, 0x89, 0xba, 0x36, 0x6e, 0xf9, 0x82, 0x75, 0x7e, 0x82, 0x3f, 0xaa, 0xe2, 0xe3, 0x3b, 0x94, 0xfd, 0x98,
-	/* (2^359)P */ 0x7c, 0xdb, 0x75, 0x31, 0x61, 0xfb, 0x15, 0x28, 0x94, 0xd7, 0xc3, 0x5a, 0xa9, 0xa1, 0x0a, 0x66, 0x0f, 0x2b, 0x13, 0x3e, 0x42, 0xb5, 0x28, 0x3a, 0xca, 0x83, 0xf3, 0x61, 0x22, 0xf4, 0x40, 0xc5, 0xdf, 0xe7, 0x31, 0x9f, 0x7e, 0x51, 0x75, 0x06, 0x9d, 0x51, 0xc8, 0xe7, 0x9f, 0xc3, 0x71, 0x4f, 0x3d, 0x5b, 0xfb, 0xe9, 0x8e, 0x08, 0x40, 0x8e,
-	/* (2^360)P */ 0xf7, 0x31, 0xad, 0x50, 0x5d, 0x25, 0x93, 0x73, 0x68, 0xf6, 0x7c, 0x89, 0x5a, 0x3d, 0x9f, 0x9b, 0x05, 0x82, 0xe7, 0x70, 0x4b, 0x19, 0xaa, 0xcf, 0xff, 0xde, 0x50, 0x8f, 0x2f, 0x69, 0xd3, 0xf0, 0x99, 0x51, 0x6b, 0x9d, 0xb6, 0x56, 0x6f, 0xf8, 0x4c, 0x74, 0x8b, 0x4c, 0x91, 0xf9, 0xa9, 0xb1, 0x3e, 0x07, 0xdf, 0x0b, 0x27, 0x8a, 0xb1, 0xed,
-	/* (2^361)P */ 0xfb, 0x67, 0xd9, 0x48, 0xd2, 0xe4, 0x44, 0x9b, 0x43, 0x15, 0x8a, 0xeb, 0x00, 0x53, 0xad, 0x25, 0xc7, 0x7e, 0x19, 0x30, 0x87, 0xb7, 0xd5, 0x5f, 0x04, 0xf8, 0xaa, 0xdd, 0x57, 0xae, 0x34, 0x75, 0xe2, 0x84, 0x4b, 0x54, 0x60, 0x37, 0x95, 0xe4, 0xd3, 0xec, 0xac, 0xef, 0x47, 0x31, 0xa3, 0xc8, 0x31, 0x22, 0xdb, 0x26, 0xe7, 0x6a, 0xb5, 0xad,
-	/* (2^362)P */ 0x44, 0x09, 0x5c, 0x95, 0xe4, 0x72, 0x3c, 0x1a, 0xd1, 0xac, 0x42, 0x51, 0x99, 0x6f, 0xfa, 0x1f, 0xf2, 0x22, 0xbe, 0xff, 0x7b, 0x66, 0xf5, 0x6c, 0xb3, 0x66, 0xc7, 0x4d, 0x78, 0x31, 0x83, 0x80, 0xf5, 0x41, 0xe9, 0x7f, 0xbe, 0xf7, 0x23, 0x49, 0x6b, 0x84, 0x4e, 0x7e, 0x47, 0x07, 0x6e, 0x74, 0xdf, 0xe5, 0x9d, 0x9e, 0x56, 0x2a, 0xc0, 0xbc,
-	/* (2^363)P */ 0xac, 0x10, 0x80, 0x8c, 0x7c, 0xfa, 0x83, 0xdf, 0xb3, 0xd0, 0xc4, 0xbe, 0xfb, 0x9f, 0xac, 0xc9, 0xc3, 0x40, 0x95, 0x0b, 0x09, 0x23, 0xda, 0x63, 0x67, 0xcf, 0xe7, 0x9f, 0x7d, 0x7b, 0x6b, 0xe2, 0xe6, 0x6d, 0xdb, 0x87, 0x9e, 0xa6, 0xff, 0x6d, 0xab, 0xbd, 0xfb, 0x54, 0x84, 0x68, 0xcf, 0x89, 0xf1, 0xd0, 0xe2, 0x85, 0x61, 0xdc, 0x22, 0xd1,
-	/* (2^364)P */ 0xa8, 0x48, 0xfb, 0x8c, 0x6a, 0x63, 0x01, 0x72, 0x43, 0x43, 0xeb, 0x21, 0xa3, 0x00, 0x8a, 0xc0, 0x87, 0x51, 0x9e, 0x86, 0x75, 0x16, 0x79, 0xf9, 0x6b, 0x11, 0x80, 0x62, 0xc2, 0x9d, 0xb8, 0x8c, 0x30, 0x8e, 0x8d, 0x03, 0x52, 0x7e, 0x31, 0x59, 0x38, 0xf9, 0x25, 0xc7, 0x0f, 0xc7, 0xa8, 0x2b, 0x5c, 0x80, 0xfa, 0x90, 0xa2, 0x63, 0xca, 0xe7,
-	/* (2^365)P */ 0xf1, 0x5d, 0xb5, 0xd9, 0x20, 0x10, 0x7d, 0x0f, 0xc5, 0x50, 0x46, 0x07, 0xff, 0x02, 0x75, 0x2b, 0x4a, 0xf3, 0x39, 0x91, 0x72, 0xb7, 0xd5, 0xcc, 0x38, 0xb8, 0xe7, 0x36, 0x26, 0x5e, 0x11, 0x97, 0x25, 0xfb, 0x49, 0x68, 0xdc, 0xb4, 0x46, 0x87, 0x5c, 0xc2, 0x7f, 0xaa, 0x7d, 0x36, 0x23, 0xa6, 0xc6, 0x53, 0xec, 0xbc, 0x57, 0x47, 0xc1, 0x2b,
-	/* (2^366)P */ 0x25, 0x5d, 0x7d, 0x95, 0xda, 0x0b, 0x8f, 0x78, 0x1e, 0x19, 0x09, 0xfa, 0x67, 0xe0, 0xa0, 0x17, 0x24, 0x76, 0x6c, 0x30, 0x1f, 0x62, 0x3d, 0xbe, 0x45, 0x70, 0xcc, 0xb6, 0x1e, 0x68, 0x06, 0x25, 0x68, 0x16, 0x1a, 0x33, 0x3f, 0x90, 0xc7, 0x78, 0x2d, 0x98, 0x3c, 0x2f, 0xb9, 0x2d, 0x94, 0x0b, 0xfb, 0x49, 0x56, 0x30, 0xd7, 0xc1, 0xe6, 0x48,
-	/* (2^367)P */ 0x7a, 0xd1, 0xe0, 0x8e, 0x67, 0xfc, 0x0b, 0x50, 0x1f, 0x84, 0x98, 0xfa, 0xaf, 0xae, 0x2e, 0x31, 0x27, 0xcf, 0x3f, 0xf2, 0x6e, 0x8d, 0x81, 0x8f, 0xd2, 0x5f, 0xde, 0xd3, 0x5e, 0xe9, 0xe7, 0x13, 0x48, 0x83, 0x5a, 0x4e, 0x84, 0xd1, 0x58, 0xcf, 0x6b, 0x84, 0xdf, 0x13, 0x1d, 0x91, 0x85, 0xe8, 0xcb, 0x29, 0x79, 0xd2, 0xca, 0xac, 0x6a, 0x93,
-	/* (2^368)P */ 0x53, 0x82, 0xce, 0x61, 0x96, 0x88, 0x6f, 0xe1, 0x4a, 0x4c, 0x1e, 0x30, 0x73, 0xe8, 0x74, 0xde, 0x40, 0x2b, 0xe0, 0xc4, 0xb5, 0xd8, 0x7c, 0x15, 0xe7, 0xe1, 0xb1, 0xe0, 0xd6, 0x88, 0xb1, 0x6a, 0x57, 0x19, 0x6a, 0x22, 0x66, 0x57, 0xf6, 0x8d, 0xfd, 0xc0, 0xf2, 0xa3, 0x03, 0x56, 0xfb, 0x2e, 0x75, 0x5e, 0xc7, 0x8e, 0x22, 0x96, 0x5c, 0x06,
-	/* (2^369)P */ 0x98, 0x7e, 0xbf, 0x3e, 0xbf, 0x24, 0x9d, 0x15, 0xd3, 0xf6, 0xd3, 0xd2, 0xf0, 0x11, 0xf2, 0xdb, 0x36, 0x23, 0x38, 0xf7, 0x1d, 0x71, 0x20, 0xd2, 0x54, 0x7f, 0x1e, 0x24, 0x8f, 0xe2, 0xaa, 0xf7, 0x3f, 0x6b, 0x41, 0x4e, 0xdc, 0x0e, 0xec, 0xe8, 0x35, 0x0a, 0x08, 0x6d, 0x89, 0x5b, 0x32, 0x91, 0x01, 0xb6, 0xe0, 0x2c, 0xc6, 0xa1, 0xbe, 0xb4,
-	/* (2^370)P */ 0x29, 0xf2, 0x1e, 0x1c, 0xdc, 0x68, 0x8a, 0x43, 0x87, 0x2c, 0x48, 0xb3, 0x9e, 0xed, 0xd2, 0x82, 0x46, 0xac, 0x2f, 0xef, 0x93, 0x34, 0x37, 0xca, 0x64, 0x8d, 0xc9, 0x06, 0x90, 0xbb, 0x78, 0x0a, 0x3c, 0x4c, 0xcf, 0x35, 0x7a, 0x0f, 0xf7, 0xa7, 0xf4, 0x2f, 0x45, 0x69, 0x3f, 0xa9, 0x5d, 0xce, 0x7b, 0x8a, 0x84, 0xc3, 0xae, 0xf4, 0xda, 0xd5,
-	/* (2^371)P */ 0xca, 0xba, 0x95, 0x43, 0x05, 0x7b, 0x06, 0xd9, 0x5c, 0x0a, 0x18, 0x5f, 0x6a, 0x6a, 0xce, 0xc0, 0x3d, 0x95, 0x51, 0x0e, 0x1a, 0xbe, 0x85, 0x7a, 0xf2, 0x69, 0xec, 0xc0, 0x8c, 0xca, 0xa3, 0x32, 0x0a, 0x76, 0x50, 0xc6, 0x76, 0x61, 0x00, 0x89, 0xbf, 0x6e, 0x0f, 0x48, 0x90, 0x31, 0x93, 0xec, 0x34, 0x70, 0xf0, 0xc3, 0x8d, 0xf0, 0x0f, 0xb5,
-	/* (2^372)P */ 0xbe, 0x23, 0xe2, 0x18, 0x99, 0xf1, 0xed, 0x8a, 0xf6, 0xc9, 0xac, 0xb8, 0x1e, 0x9a, 0x3c, 0x15, 0xae, 0xd7, 0x6d, 0xb3, 0x04, 0xee, 0x5b, 0x0d, 0x1e, 0x79, 0xb7, 0xf9, 0xf9, 0x8d, 0xad, 0xf9, 0x8f, 0x5a, 0x6a, 0x7b, 0xd7, 0x9b, 0xca, 0x62, 0xfe, 0x9c, 0xc0, 0x6f, 0x6d, 0x9d, 0x76, 0xa3, 0x69, 0xb9, 0x4c, 0xa1, 0xc4, 0x0c, 0x76, 0xaa,
-	/* (2^373)P */ 0x1c, 0x06, 0xfe, 0x3f, 0x45, 0x70, 0xcd, 0x97, 0xa9, 0xa2, 0xb1, 0xd3, 0xf2, 0xa5, 0x0c, 0x49, 0x2c, 0x75, 0x73, 0x1f, 0xcf, 0x00, 0xaf, 0xd5, 0x2e, 0xde, 0x0d, 0x8f, 0x8f, 0x7c, 0xc4, 0x58, 0xce, 0xd4, 0xf6, 0x24, 0x19, 0x2e, 0xd8, 0xc5, 0x1d, 0x1a, 0x3f, 0xb8, 0x4f, 0xbc, 0x7d, 0xbd, 0x68, 0xe3, 0x81, 0x98, 0x1b, 0xa8, 0xc9, 0xd9,
-	/* (2^374)P */ 0x39, 0x95, 0x78, 0x24, 0x6c, 0x38, 0xe4, 0xe7, 0xd0, 0x8d, 0xb9, 0x38, 0x71, 0x5e, 0xc1, 0x62, 0x80, 0xcc, 0xcb, 0x8c, 0x97, 0xca, 0xf8, 0xb9, 0xd9, 0x9c, 0xce, 0x72, 0x7b, 0x70, 0xee, 0x5f, 0xea, 0xa2, 0xdf, 0xa9, 0x14, 0x10, 0xf9, 0x6e, 0x59, 0x9f, 0x9c, 0xe0, 0x0c, 0xb2, 0x07, 0x97, 0xcd, 0xd2, 0x89, 0x16, 0xfd, 0x9c, 0xa8, 0xa5,
-	/* (2^375)P */ 0x5a, 0x61, 0xf1, 0x59, 0x7c, 0x38, 0xda, 0xe2, 0x85, 0x99, 0x68, 0xe9, 0xc9, 0xf7, 0x32, 0x7e, 0xc4, 0xca, 0xb7, 0x11, 0x08, 0x69, 0x2b, 0x66, 0x02, 0xf7, 0x2e, 0x18, 0xc3, 0x8e, 0xe1, 0xf9, 0xc5, 0x19, 0x9a, 0x0a, 0x9c, 0x07, 0xba, 0xc7, 0x9c, 0x03, 0x34, 0x89, 0x99, 0x67, 0x0b, 0x16, 0x4b, 0x07, 0x36, 0x16, 0x36, 0x2c, 0xe2, 0xa1,
-	/* (2^376)P */ 0x70, 0x10, 0x91, 0x27, 0xa8, 0x24, 0x8e, 0x29, 0x04, 0x6f, 0x79, 0x1f, 0xd3, 0xa5, 0x68, 0xd3, 0x0b, 0x7d, 0x56, 0x4d, 0x14, 0x57, 0x7b, 0x2e, 0x00, 0x9f, 0x9a, 0xfd, 0x6c, 0x63, 0x18, 0x81, 0xdb, 0x9d, 0xb7, 0xd7, 0xa4, 0x1e, 0xe8, 0x40, 0xf1, 0x4c, 0xa3, 0x01, 0xd5, 0x4b, 0x75, 0xea, 0xdd, 0x97, 0xfd, 0x5b, 0xb2, 0x66, 0x6a, 0x24,
-	/* (2^377)P */ 0x72, 0x11, 0xfe, 0x73, 0x1b, 0xd3, 0xea, 0x7f, 0x93, 0x15, 0x15, 0x05, 0xfe, 0x40, 0xe8, 0x28, 0xd8, 0x50, 0x47, 0x66, 0xfa, 0xb7, 0xb5, 0x04, 0xba, 0x35, 0x1e, 0x32, 0x9f, 0x5f, 0x32, 0xba, 0x3d, 0xd1, 0xed, 0x9a, 0x76, 0xca, 0xa3, 0x3e, 0x77, 0xd8, 0xd8, 0x7c, 0x5f, 0x68, 0x42, 0xb5, 0x86, 0x7f, 0x3b, 0xc9, 0xc1, 0x89, 0x64, 0xda,
-	/* (2^378)P */ 0xd5, 0xd4, 0x17, 0x31, 0xfc, 0x6a, 0xfd, 0xb8, 0xe8, 0xe5, 0x3e, 0x39, 0x06, 0xe4, 0xd1, 0x90, 0x2a, 0xca, 0xf6, 0x54, 0x6c, 0x1b, 0x2f, 0x49, 0x97, 0xb1, 0x2a, 0x82, 0x43, 0x3d, 0x1f, 0x8b, 0xe2, 0x47, 0xc5, 0x24, 0xa8, 0xd5, 0x53, 0x29, 0x7d, 0xc6, 0x87, 0xa6, 0x25, 0x3a, 0x64, 0xdd, 0x71, 0x08, 0x9e, 0xcd, 0xe9, 0x45, 0xc7, 0xba,
-	/* (2^379)P */ 0x37, 0x72, 0x6d, 0x13, 0x7a, 0x8d, 0x04, 0x31, 0xe6, 0xe3, 0x9e, 0x36, 0x71, 0x3e, 0xc0, 0x1e, 0xe3, 0x71, 0xd3, 0x49, 0x4e, 0x4a, 0x36, 0x42, 0x68, 0x68, 0x61, 0xc7, 0x3c, 0xdb, 0x81, 0x49, 0xf7, 0x91, 0x4d, 0xea, 0x4c, 0x4f, 0x98, 0xc6, 0x7e, 0x60, 0x84, 0x4b, 0x6a, 0x37, 0xbb, 0x52, 0xf7, 0xce, 0x02, 0xe4, 0xad, 0xd1, 0x3c, 0xa7,
-	/* (2^380)P */ 0x51, 0x06, 0x2d, 0xf8, 0x08, 0xe8, 0xf1, 0x0c, 0xe5, 0xa9, 0xac, 0x29, 0x73, 0x3b, 0xed, 0x98, 0x5f, 0x55, 0x08, 0x38, 0x51, 0x44, 0x36, 0x5d, 0xea, 0xc3, 0xb8, 0x0e, 0xa0, 0x4f, 0xd2, 0x79, 0xe9, 0x98, 0xc3, 0xf5, 0x00, 0xb9, 0x26, 0x27, 0x42, 0xa8, 0x07, 0xc1, 0x12, 0x31, 0xc1, 0xc3, 0x3c, 0x3b, 0x7a, 0x72, 0x97, 0xc2, 0x70, 0x3a,
-	/* (2^381)P */ 0xf4, 0xb2, 0xba, 0x32, 0xbc, 0xa9, 0x2f, 0x87, 0xc7, 0x3c, 0x45, 0xcd, 0xae, 0xe2, 0x13, 0x6d, 0x3a, 0xf2, 0xf5, 0x66, 0x97, 0x29, 0xaf, 0x53, 0x9f, 0xda, 0xea, 0x14, 0xdf, 0x04, 0x98, 0x19, 0x95, 0x9e, 0x2a, 0x00, 0x5c, 0x9d, 0x1d, 0xf0, 0x39, 0x23, 0xff, 0xfc, 0xca, 0x36, 0xb7, 0xde, 0xdf, 0x37, 0x78, 0x52, 0x21, 0xfa, 0x19, 0x10,
-	/* (2^382)P */ 0x50, 0x20, 0x73, 0x74, 0x62, 0x21, 0xf2, 0xf7, 0x9b, 0x66, 0x85, 0x34, 0x74, 0xd4, 0x9d, 0x60, 0xd7, 0xbc, 0xc8, 0x46, 0x3b, 0xb8, 0x80, 0x42, 0x15, 0x0a, 0x6c, 0x35, 0x1a, 0x69, 0xf0, 0x1d, 0x4b, 0x29, 0x54, 0x5a, 0x9a, 0x48, 0xec, 0x9f, 0x37, 0x74, 0x91, 0xd0, 0xd1, 0x9e, 0x00, 0xc2, 0x76, 0x56, 0xd6, 0xa0, 0x15, 0x14, 0x83, 0x59,
-	/* (2^383)P */ 0xc2, 0xf8, 0x22, 0x20, 0x23, 0x07, 0xbd, 0x1d, 0x6f, 0x1e, 0x8c, 0x56, 0x06, 0x6a, 0x4b, 0x9f, 0xe2, 0xa9, 0x92, 0x46, 0x4b, 0x46, 0x59, 0xd7, 0xe1, 0xda, 0x14, 0x98, 0x07, 0x65, 0x7e, 0x28, 0x20, 0xf2, 0x9d, 0x4f, 0x36, 0x5c, 0x92, 0xe0, 0x9d, 0xfe, 0x3e, 0xda, 0xe4, 0x47, 0x19, 0x3c, 0x00, 0x7f, 0x22, 0xf2, 0x9e, 0x51, 0xae, 0x4d,
-	/* (2^384)P */ 0xbe, 0x8c, 0x1b, 0x10, 0xb6, 0xad, 0xcc, 0xcc, 0xd8, 0x5e, 0x21, 0xa6, 0xfb, 0xf1, 0xf6, 0xbd, 0x0a, 0x24, 0x67, 0xb4, 0x57, 0x7a, 0xbc, 0xe8, 0xe9, 0xff, 0xee, 0x0a, 0x1f, 0xee, 0xbd, 0xc8, 0x44, 0xed, 0x2b, 0xbb, 0x55, 0x1f, 0xdd, 0x7c, 0xb3, 0xeb, 0x3f, 0x63, 0xa1, 0x28, 0x91, 0x21, 0xab, 0x71, 0xc6, 0x4c, 0xd0, 0xe9, 0xb0, 0x21,
-	/* (2^385)P */ 0xad, 0xc9, 0x77, 0x2b, 0xee, 0x89, 0xa4, 0x7b, 0xfd, 0xf9, 0xf6, 0x14, 0xe4, 0xed, 0x1a, 0x16, 0x9b, 0x78, 0x41, 0x43, 0xa8, 0x83, 0x72, 0x06, 0x2e, 0x7c, 0xdf, 0xeb, 0x7e, 0xdd, 0xd7, 0x8b, 0xea, 0x9a, 0x2b, 0x03, 0xba, 0x57, 0xf3, 0xf1, 0xd9, 0xe5, 0x09, 0xc5, 0x98, 0x61, 0x1c, 0x51, 0x6d, 0x5d, 0x6e, 0xfb, 0x5e, 0x95, 0x9f, 0xb5,
-	/* (2^386)P */ 0x23, 0xe2, 0x1e, 0x95, 0xa3, 0x5e, 0x42, 0x10, 0xc7, 0xc3, 0x70, 0xbf, 0x4b, 0x6b, 0x83, 0x36, 0x93, 0xb7, 0x68, 0x47, 0x88, 0x3a, 0x10, 0x88, 0x48, 0x7f, 0x8c, 0xae, 0x54, 0x10, 0x02, 0xa4, 0x52, 0x8f, 0x8d, 0xf7, 0x26, 0x4f, 0x50, 0xc3, 0x6a, 0xe2, 0x4e, 0x3b, 0x4c, 0xb9, 0x8a, 0x14, 0x15, 0x6d, 0x21, 0x29, 0xb3, 0x6e, 0x4e, 0xd0,
-	/* (2^387)P */ 0x4c, 0x8a, 0x18, 0x3f, 0xb7, 0x20, 0xfd, 0x3e, 0x54, 0xca, 0x68, 0x3c, 0xea, 0x6f, 0xf4, 0x6b, 0xa2, 0xbd, 0x01, 0xbd, 0xfe, 0x08, 0xa8, 0xd8, 0xc2, 0x20, 0x36, 0x05, 0xcd, 0xe9, 0xf3, 0x9e, 0xfa, 0x85, 0x66, 0x8f, 0x4b, 0x1d, 0x8c, 0x64, 0x4f, 0xb8, 0xc6, 0x0f, 0x5b, 0x57, 0xd8, 0x24, 0x19, 0x5a, 0x14, 0x4b, 0x92, 0xd3, 0x96, 0xbc,
-	/* (2^388)P */ 0xa9, 0x3f, 0xc9, 0x6c, 0xca, 0x64, 0x1e, 0x6f, 0xdf, 0x65, 0x7f, 0x9a, 0x47, 0x6b, 0x8a, 0x60, 0x31, 0xa6, 0x06, 0xac, 0x69, 0x30, 0xe6, 0xea, 0x63, 0x42, 0x26, 0x5f, 0xdb, 0xd0, 0xf2, 0x8e, 0x34, 0x0a, 0x3a, 0xeb, 0xf3, 0x79, 0xc8, 0xb7, 0x60, 0x56, 0x5c, 0x37, 0x95, 0x71, 0xf8, 0x7f, 0x49, 0x3e, 0x9e, 0x01, 0x26, 0x1e, 0x80, 0x9f,
-	/* (2^389)P */ 0xf8, 0x16, 0x9a, 0xaa, 0xb0, 0x28, 0xb5, 0x8e, 0xd0, 0x60, 0xe5, 0x26, 0xa9, 0x47, 0xc4, 0x5c, 0xa9, 0x39, 0xfe, 0x0a, 0xd8, 0x07, 0x2b, 0xb3, 0xce, 0xf1, 0xea, 0x1a, 0xf4, 0x7b, 0x98, 0x31, 0x3d, 0x13, 0x29, 0x80, 0xe8, 0x0d, 0xcf, 0x56, 0x39, 0x86, 0x50, 0x0c, 0xb3, 0x18, 0xf4, 0xc5, 0xca, 0xf2, 0x6f, 0xcd, 0x8d, 0xd5, 0x02, 0xb0,
-	/* (2^390)P */ 0xbf, 0x39, 0x3f, 0xac, 0x6d, 0x1a, 0x6a, 0xe4, 0x42, 0x24, 0xd6, 0x41, 0x9d, 0xb9, 0x5b, 0x46, 0x73, 0x93, 0x76, 0xaa, 0xb7, 0x37, 0x36, 0xa6, 0x09, 0xe5, 0x04, 0x3b, 0x66, 0xc4, 0x29, 0x3e, 0x41, 0xc2, 0xcb, 0xe5, 0x17, 0xd7, 0x34, 0x67, 0x1d, 0x2c, 0x12, 0xec, 0x24, 0x7a, 0x40, 0xa2, 0x45, 0x41, 0xf0, 0x75, 0xed, 0x43, 0x30, 0xc9,
-	/* (2^391)P */ 0x80, 0xf6, 0x47, 0x5b, 0xad, 0x54, 0x02, 0xbc, 0xdd, 0xa4, 0xb2, 0xd7, 0x42, 0x95, 0xf2, 0x0d, 0x1b, 0xef, 0x37, 0xa7, 0xb4, 0x34, 0x04, 0x08, 0x71, 0x1b, 0xd3, 0xdf, 0xa1, 0xf0, 0x2b, 0xfa, 0xc0, 0x1f, 0xf3, 0x44, 0xb5, 0xc6, 0x47, 0x3d, 0x65, 0x67, 0x45, 0x4d, 0x2f, 0xde, 0x52, 0x73, 0xfc, 0x30, 0x01, 0x6b, 0xc1, 0x03, 0xd8, 0xd7,
-	/* (2^392)P */ 0x1c, 0x67, 0x55, 0x3e, 0x01, 0x17, 0x0f, 0x3e, 0xe5, 0x34, 0x58, 0xfc, 0xcb, 0x71, 0x24, 0x74, 0x5d, 0x36, 0x1e, 0x89, 0x2a, 0x63, 0xf8, 0xf8, 0x9f, 0x50, 0x9f, 0x32, 0x92, 0x29, 0xd8, 0x1a, 0xec, 0x76, 0x57, 0x6c, 0x67, 0x12, 0x6a, 0x6e, 0xef, 0x97, 0x1f, 0xc3, 0x77, 0x60, 0x3c, 0x22, 0xcb, 0xc7, 0x04, 0x1a, 0x89, 0x2d, 0x10, 0xa6,
-	/* (2^393)P */ 0x12, 0xf5, 0xa9, 0x26, 0x16, 0xd9, 0x3c, 0x65, 0x5d, 0x83, 0xab, 0xd1, 0x70, 0x6b, 0x1c, 0xdb, 0xe7, 0x86, 0x0d, 0xfb, 0xe7, 0xf8, 0x2a, 0x58, 0x6e, 0x7a, 0x66, 0x13, 0x53, 0x3a, 0x6f, 0x8d, 0x43, 0x5f, 0x14, 0x23, 0x14, 0xff, 0x3d, 0x52, 0x7f, 0xee, 0xbd, 0x7a, 0x34, 0x8b, 0x35, 0x24, 0xc3, 0x7a, 0xdb, 0xcf, 0x22, 0x74, 0x9a, 0x8f,
-	/* (2^394)P */ 0xdb, 0x20, 0xfc, 0xe5, 0x39, 0x4e, 0x7d, 0x78, 0xee, 0x0b, 0xbf, 0x1d, 0x80, 0xd4, 0x05, 0x4f, 0xb9, 0xd7, 0x4e, 0x94, 0x88, 0x9a, 0x50, 0x78, 0x1a, 0x70, 0x8c, 0xcc, 0x25, 0xb6, 0x61, 0x09, 0xdc, 0x7b, 0xea, 0x3f, 0x7f, 0xea, 0x2a, 0x0d, 0x47, 0x1c, 0x8e, 0xa6, 0x5b, 0xd2, 0xa3, 0x61, 0x93, 0x3c, 0x68, 0x9f, 0x8b, 0xea, 0xb0, 0xcb,
-	/* (2^395)P */ 0xff, 0x54, 0x02, 0x19, 0xae, 0x8b, 0x4c, 0x2c, 0x3a, 0xe0, 0xe4, 0xac, 0x87, 0xf7, 0x51, 0x45, 0x41, 0x43, 0xdc, 0xaa, 0xcd, 0xcb, 0xdc, 0x40, 0xe3, 0x44, 0x3b, 0x1d, 0x9e, 0x3d, 0xb9, 0x82, 0xcc, 0x7a, 0xc5, 0x12, 0xf8, 0x1e, 0xdd, 0xdb, 0x8d, 0xb0, 0x2a, 0xe8, 0xe6, 0x6c, 0x94, 0x3b, 0xb7, 0x2d, 0xba, 0x79, 0x3b, 0xb5, 0x86, 0xfb,
-	/* (2^396)P */ 0x82, 0x88, 0x13, 0xdd, 0x6c, 0xcd, 0x85, 0x2b, 0x90, 0x86, 0xb7, 0xac, 0x16, 0xa6, 0x6e, 0x6a, 0x94, 0xd8, 0x1e, 0x4e, 0x41, 0x0f, 0xce, 0x81, 0x6a, 0xa8, 0x26, 0x56, 0x43, 0x52, 0x52, 0xe6, 0xff, 0x88, 0xcf, 0x47, 0x05, 0x1d, 0xff, 0xf3, 0xa0, 0x10, 0xb2, 0x97, 0x87, 0xeb, 0x47, 0xbb, 0xfa, 0x1f, 0xe8, 0x4c, 0xce, 0xc4, 0xcd, 0x93,
-	/* (2^397)P */ 0xf4, 0x11, 0xf5, 0x8d, 0x89, 0x29, 0x79, 0xb3, 0x59, 0x0b, 0x29, 0x7d, 0x9c, 0x12, 0x4a, 0x65, 0x72, 0x3a, 0xf9, 0xec, 0x37, 0x18, 0x86, 0xef, 0x44, 0x07, 0x25, 0x74, 0x76, 0x53, 0xed, 0x51, 0x01, 0xc6, 0x28, 0xc5, 0xc3, 0x4a, 0x0f, 0x99, 0xec, 0xc8, 0x40, 0x5a, 0x83, 0x30, 0x79, 0xa2, 0x3e, 0x63, 0x09, 0x2d, 0x6f, 0x23, 0x54, 0x1c,
-	/* (2^398)P */ 0x5c, 0x6f, 0x3b, 0x1c, 0x30, 0x77, 0x7e, 0x87, 0x66, 0x83, 0x2e, 0x7e, 0x85, 0x50, 0xfd, 0xa0, 0x7a, 0xc2, 0xf5, 0x0f, 0xc1, 0x64, 0xe7, 0x0b, 0xbd, 0x59, 0xa7, 0xe7, 0x65, 0x53, 0xc3, 0xf5, 0x55, 0x5b, 0xe1, 0x82, 0x30, 0x5a, 0x61, 0xcd, 0xa0, 0x89, 0x32, 0xdb, 0x87, 0xfc, 0x21, 0x8a, 0xab, 0x6d, 0x82, 0xa8, 0x42, 0x81, 0x4f, 0xf2,
-	/* (2^399)P */ 0xb3, 0xeb, 0x88, 0x18, 0xf6, 0x56, 0x96, 0xbf, 0xba, 0x5d, 0x71, 0xa1, 0x5a, 0xd1, 0x04, 0x7b, 0xd5, 0x46, 0x01, 0x74, 0xfe, 0x15, 0x25, 0xb7, 0xff, 0x0c, 0x24, 0x47, 0xac, 0xfd, 0xab, 0x47, 0x32, 0xe1, 0x6a, 0x4e, 0xca, 0xcf, 0x7f, 0xdd, 0xf8, 0xd2, 0x4b, 0x3b, 0xf5, 0x17, 0xba, 0xba, 0x8b, 0xa1, 0xec, 0x28, 0x3f, 0x97, 0xab, 0x2a,
-	/* (2^400)P */ 0x51, 0x38, 0xc9, 0x5e, 0xc6, 0xb3, 0x64, 0xf2, 0x24, 0x4d, 0x04, 0x7d, 0xc8, 0x39, 0x0c, 0x4a, 0xc9, 0x73, 0x74, 0x1b, 0x5c, 0xb2, 0xc5, 0x41, 0x62, 0xa0, 0x4c, 0x6d, 0x8d, 0x91, 0x9a, 0x7b, 0x88, 0xab, 0x9c, 0x7e, 0x23, 0xdb, 0x6f, 0xb5, 0x72, 0xd6, 0x47, 0x40, 0xef, 0x22, 0x58, 0x62, 0x19, 0x6c, 0x38, 0xba, 0x5b, 0x00, 0x30, 0x9f,
-	/* (2^401)P */ 0x65, 0xbb, 0x3b, 0x9b, 0xe9, 0xae, 0xbf, 0xbe, 0xe4, 0x13, 0x95, 0xf3, 0xe3, 0x77, 0xcb, 0xe4, 0x9a, 0x22, 0xb5, 0x4a, 0x08, 0x9d, 0xb3, 0x9e, 0x27, 0xe0, 0x15, 0x6c, 0x9f, 0x7e, 0x9a, 0x5e, 0x15, 0x45, 0x25, 0x8d, 0x01, 0x0a, 0xd2, 0x2b, 0xbd, 0x48, 0x06, 0x0d, 0x18, 0x97, 0x4b, 0xdc, 0xbc, 0xf0, 0xcd, 0xb2, 0x52, 0x3c, 0xac, 0xf5,
-	/* (2^402)P */ 0x3e, 0xed, 0x47, 0x6b, 0x5c, 0xf6, 0x76, 0xd0, 0xe9, 0x15, 0xa3, 0xcb, 0x36, 0x00, 0x21, 0xa3, 0x79, 0x20, 0xa5, 0x3e, 0x88, 0x03, 0xcb, 0x7e, 0x63, 0xbb, 0xed, 0xa9, 0x13, 0x35, 0x16, 0xaf, 0x2e, 0xb4, 0x70, 0x14, 0x93, 0xfb, 0xc4, 0x9b, 0xd8, 0xb1, 0xbe, 0x43, 0xd1, 0x85, 0xb8, 0x97, 0xef, 0xea, 0x88, 0xa1, 0x25, 0x52, 0x62, 0x75,
-	/* (2^403)P */ 0x8e, 0x4f, 0xaa, 0x23, 0x62, 0x7e, 0x2b, 0x37, 0x89, 0x00, 0x11, 0x30, 0xc5, 0x33, 0x4a, 0x89, 0x8a, 0xe2, 0xfc, 0x5c, 0x6a, 0x75, 0xe5, 0xf7, 0x02, 0x4a, 0x9b, 0xf7, 0xb5, 0x6a, 0x85, 0x31, 0xd3, 0x5a, 0xcf, 0xc3, 0xf8, 0xde, 0x2f, 0xcf, 0xb5, 0x24, 0xf4, 0xe3, 0xa1, 0xad, 0x42, 0xae, 0x09, 0xb9, 0x2e, 0x04, 0x2d, 0x01, 0x22, 0x3f,
-	/* (2^404)P */ 0x41, 0x16, 0xfb, 0x7d, 0x50, 0xfd, 0xb5, 0xba, 0x88, 0x24, 0xba, 0xfd, 0x3d, 0xb2, 0x90, 0x15, 0xb7, 0xfa, 0xa2, 0xe1, 0x4c, 0x7d, 0xb9, 0xc6, 0xff, 0x81, 0x57, 0xb6, 0xc2, 0x9e, 0xcb, 0xc4, 0x35, 0xbd, 0x01, 0xb7, 0xaa, 0xce, 0xd0, 0xe9, 0xb5, 0xd6, 0x72, 0xbf, 0xd2, 0xee, 0xc7, 0xac, 0x94, 0xff, 0x29, 0x57, 0x02, 0x49, 0x09, 0xad,
-	/* (2^405)P */ 0x27, 0xa5, 0x78, 0x1b, 0xbf, 0x6b, 0xaf, 0x0b, 0x8c, 0xd9, 0xa8, 0x37, 0xb0, 0x67, 0x18, 0xb6, 0xc7, 0x05, 0x8a, 0x67, 0x03, 0x30, 0x62, 0x6e, 0x56, 0x82, 0xa9, 0x54, 0x3e, 0x0c, 0x4e, 0x07, 0xe1, 0x5a, 0x38, 0xed, 0xfa, 0xc8, 0x55, 0x6b, 0x08, 0xa3, 0x6b, 0x64, 0x2a, 0x15, 0xd6, 0x39, 0x6f, 0x47, 0x99, 0x42, 0x3f, 0x33, 0x84, 0x8f,
-	/* (2^406)P */ 0xbc, 0x45, 0x29, 0x81, 0x0e, 0xa4, 0xc5, 0x72, 0x3a, 0x10, 0xe1, 0xc4, 0x1e, 0xda, 0xc3, 0xfe, 0xb0, 0xce, 0xd2, 0x13, 0x34, 0x67, 0x21, 0xc6, 0x7e, 0xf9, 0x8c, 0xff, 0x39, 0x50, 0xae, 0x92, 0x60, 0x35, 0x2f, 0x8b, 0x6e, 0xc9, 0xc1, 0x27, 0x3a, 0x94, 0x66, 0x3e, 0x26, 0x84, 0x93, 0xc8, 0x6c, 0xcf, 0xd2, 0x03, 0xa1, 0x10, 0xcf, 0xb7,
-	/* (2^407)P */ 0x64, 0xda, 0x19, 0xf6, 0xc5, 0x73, 0x17, 0x44, 0x88, 0x81, 0x07, 0x0d, 0x34, 0xb2, 0x75, 0xf9, 0xd9, 0xe2, 0xe0, 0x8b, 0x71, 0xcf, 0x72, 0x34, 0x83, 0xb4, 0xce, 0xfc, 0xd7, 0x29, 0x09, 0x5a, 0x98, 0xbf, 0x14, 0xac, 0x77, 0x55, 0x38, 0x47, 0x5b, 0x0f, 0x40, 0x24, 0xe5, 0xa5, 0xa6, 0xac, 0x2d, 0xa6, 0xff, 0x9c, 0x73, 0xfe, 0x5c, 0x7e,
-	/* (2^408)P */ 0x1e, 0x33, 0xcc, 0x68, 0xb2, 0xbc, 0x8c, 0x93, 0xaf, 0xcc, 0x38, 0xf8, 0xd9, 0x16, 0x72, 0x50, 0xac, 0xd9, 0xb5, 0x0b, 0x9a, 0xbe, 0x46, 0x7a, 0xf1, 0xee, 0xf1, 0xad, 0xec, 0x5b, 0x59, 0x27, 0x9c, 0x05, 0xa3, 0x87, 0xe0, 0x37, 0x2c, 0x83, 0xce, 0xb3, 0x65, 0x09, 0x8e, 0xc3, 0x9c, 0xbf, 0x6a, 0xa2, 0x00, 0xcc, 0x12, 0x36, 0xc5, 0x95,
-	/* (2^409)P */ 0x36, 0x11, 0x02, 0x14, 0x9c, 0x3c, 0xeb, 0x2f, 0x23, 0x5b, 0x6b, 0x2b, 0x08, 0x54, 0x53, 0xac, 0xb2, 0xa3, 0xe0, 0x26, 0x62, 0x3c, 0xe4, 0xe1, 0x81, 0xee, 0x13, 0x3e, 0xa4, 0x97, 0xef, 0xf9, 0x92, 0x27, 0x01, 0xce, 0x54, 0x8b, 0x3e, 0x31, 0xbe, 0xa7, 0x88, 0xcf, 0x47, 0x99, 0x3c, 0x10, 0x6f, 0x60, 0xb3, 0x06, 0x4e, 0xee, 0x1b, 0xf0,
-	/* (2^410)P */ 0x59, 0x49, 0x66, 0xcf, 0x22, 0xe6, 0xf6, 0x73, 0xfe, 0xa3, 0x1c, 0x09, 0xfa, 0x5f, 0x65, 0xa8, 0xf0, 0x82, 0xc2, 0xef, 0x16, 0x63, 0x6e, 0x79, 0x69, 0x51, 0x39, 0x07, 0x65, 0xc4, 0x81, 0xec, 0x73, 0x0f, 0x15, 0x93, 0xe1, 0x30, 0x33, 0xe9, 0x37, 0x86, 0x42, 0x4c, 0x1f, 0x9b, 0xad, 0xee, 0x3f, 0xf1, 0x2a, 0x8e, 0x6a, 0xa3, 0xc8, 0x35,
-	/* (2^411)P */ 0x1e, 0x49, 0xf1, 0xdd, 0xd2, 0x9c, 0x8e, 0x78, 0xb2, 0x06, 0xe4, 0x6a, 0xab, 0x3a, 0xdc, 0xcd, 0xf4, 0xeb, 0xe1, 0xe7, 0x2f, 0xaa, 0xeb, 0x40, 0x31, 0x9f, 0xb9, 0xab, 0x13, 0xa9, 0x78, 0xbf, 0x38, 0x89, 0x0e, 0x85, 0x14, 0x8b, 0x46, 0x76, 0x14, 0xda, 0xcf, 0x33, 0xc8, 0x79, 0xd3, 0xd5, 0xa3, 0x6a, 0x69, 0x45, 0x70, 0x34, 0xc3, 0xe9,
-	/* (2^412)P */ 0x5e, 0xe7, 0x78, 0xe9, 0x24, 0xcc, 0xe9, 0xf4, 0xc8, 0x6b, 0xe0, 0xfb, 0x3a, 0xbe, 0xcc, 0x42, 0x4a, 0x00, 0x22, 0xf8, 0xe6, 0x32, 0xbe, 0x6d, 0x18, 0x55, 0x60, 0xe9, 0x72, 0x69, 0x50, 0x56, 0xca, 0x04, 0x18, 0x38, 0xa1, 0xee, 0xd8, 0x38, 0x3c, 0xa7, 0x70, 0xe2, 0xb9, 0x4c, 0xa0, 0xc8, 0x89, 0x72, 0xcf, 0x49, 0x7f, 0xdf, 0xbc, 0x67,
-	/* (2^413)P */ 0x1d, 0x17, 0xcb, 0x0b, 0xbd, 0xb2, 0x36, 0xe3, 0xa8, 0x99, 0x31, 0xb6, 0x26, 0x9c, 0x0c, 0x74, 0xaf, 0x4d, 0x24, 0x61, 0xcf, 0x31, 0x7b, 0xed, 0xdd, 0xc3, 0xf6, 0x32, 0x70, 0xfe, 0x17, 0xf6, 0x51, 0x37, 0x65, 0xce, 0x5d, 0xaf, 0xa5, 0x2f, 0x2a, 0xfe, 0x00, 0x71, 0x7c, 0x50, 0xbe, 0x21, 0xc7, 0xed, 0xc6, 0xfc, 0x67, 0xcf, 0x9c, 0xdd,
-	/* (2^414)P */ 0x26, 0x3e, 0xf8, 0xbb, 0xd0, 0xb1, 0x01, 0xd8, 0xeb, 0x0b, 0x62, 0x87, 0x35, 0x4c, 0xde, 0xca, 0x99, 0x9c, 0x6d, 0xf7, 0xb6, 0xf0, 0x57, 0x0a, 0x52, 0x29, 0x6a, 0x3f, 0x26, 0x31, 0x04, 0x07, 0x2a, 0xc9, 0xfa, 0x9b, 0x0e, 0x62, 0x8e, 0x72, 0xf2, 0xad, 0xce, 0xb6, 0x35, 0x7a, 0xc1, 0xae, 0x35, 0xc7, 0xa3, 0x14, 0xcf, 0x0c, 0x28, 0xb7,
-	/* (2^415)P */ 0xa6, 0xf1, 0x32, 0x3a, 0x20, 0xd2, 0x24, 0x97, 0xcf, 0x5d, 0x37, 0x99, 0xaf, 0x33, 0x7a, 0x5b, 0x7a, 0xcc, 0x4e, 0x41, 0x38, 0xb1, 0x4e, 0xad, 0xc9, 0xd9, 0x71, 0x7e, 0xb2, 0xf5, 0xd5, 0x01, 0x6c, 0x4d, 0xfd, 0xa1, 0xda, 0x03, 0x38, 0x9b, 0x3d, 0x92, 0x92, 0xf2, 0xca, 0xbf, 0x1f, 0x24, 0xa4, 0xbb, 0x30, 0x6a, 0x74, 0x56, 0xc8, 0xce,
-	/* (2^416)P */ 0x27, 0xf4, 0xed, 0xc9, 0xc3, 0xb1, 0x79, 0x85, 0xbe, 0xf6, 0xeb, 0xf3, 0x55, 0xc7, 0xaa, 0xa6, 0xe9, 0x07, 0x5d, 0xf4, 0xeb, 0xa6, 0x81, 0xe3, 0x0e, 0xcf, 0xa3, 0xc1, 0xef, 0xe7, 0x34, 0xb2, 0x03, 0x73, 0x8a, 0x91, 0xf1, 0xad, 0x05, 0xc7, 0x0b, 0x43, 0x99, 0x12, 0x31, 0xc8, 0xc7, 0xc5, 0xa4, 0x3d, 0xcd, 0xe5, 0x4e, 0x6d, 0x24, 0xdd,
-	/* (2^417)P */ 0x61, 0x54, 0xd0, 0x95, 0x2c, 0x45, 0x75, 0xac, 0xb5, 0x1a, 0x9d, 0x11, 0xeb, 0xed, 0x6b, 0x57, 0xa3, 0xe6, 0xcd, 0x77, 0xd4, 0x83, 0x8e, 0x39, 0xf1, 0x0f, 0x98, 0xcb, 0x40, 0x02, 0x6e, 0x10, 0x82, 0x9e, 0xb4, 0x93, 0x76, 0xd7, 0x97, 0xa3, 0x53, 0x12, 0x86, 0xc6, 0x15, 0x78, 0x73, 0x93, 0xe7, 0x7f, 0xcf, 0x1f, 0xbf, 0xcd, 0xd2, 0x7a,
-	/* (2^418)P */ 0xc2, 0x21, 0xdc, 0xd5, 0x69, 0xff, 0xca, 0x49, 0x3a, 0xe1, 0xc3, 0x69, 0x41, 0x56, 0xc1, 0x76, 0x63, 0x24, 0xbd, 0x64, 0x1b, 0x3d, 0x92, 0xf9, 0x13, 0x04, 0x25, 0xeb, 0x27, 0xa6, 0xef, 0x39, 0x3a, 0x80, 0xe0, 0xf8, 0x27, 0xee, 0xc9, 0x49, 0x77, 0xef, 0x3f, 0x29, 0x3d, 0x5e, 0xe6, 0x66, 0x83, 0xd1, 0xf6, 0xfe, 0x9d, 0xbc, 0xf1, 0x96,
-	/* (2^419)P */ 0x6b, 0xc6, 0x99, 0x26, 0x3c, 0xf3, 0x63, 0xf9, 0xc7, 0x29, 0x8c, 0x52, 0x62, 0x2d, 0xdc, 0x8a, 0x66, 0xce, 0x2c, 0xa7, 0xe4, 0xf0, 0xd7, 0x37, 0x17, 0x1e, 0xe4, 0xa3, 0x53, 0x7b, 0x29, 0x8e, 0x60, 0x99, 0xf9, 0x0c, 0x7c, 0x6f, 0xa2, 0xcc, 0x9f, 0x80, 0xdd, 0x5e, 0x46, 0xaa, 0x0d, 0x6c, 0xc9, 0x6c, 0xf7, 0x78, 0x5b, 0x38, 0xe3, 0x24,
-	/* (2^420)P */ 0x4b, 0x75, 0x6a, 0x2f, 0x08, 0xe1, 0x72, 0x76, 0xab, 0x82, 0x96, 0xdf, 0x3b, 0x1f, 0x9b, 0xd8, 0xed, 0xdb, 0xcd, 0x15, 0x09, 0x5a, 0x1e, 0xb7, 0xc5, 0x26, 0x72, 0x07, 0x0c, 0x50, 0xcd, 0x3b, 0x4d, 0x3f, 0xa2, 0x67, 0xc2, 0x02, 0x61, 0x2e, 0x68, 0xe9, 0x6f, 0xf0, 0x21, 0x2a, 0xa7, 0x3b, 0x88, 0x04, 0x11, 0x64, 0x49, 0x0d, 0xb4, 0x46,
-	/* (2^421)P */ 0x63, 0x85, 0xf3, 0xc5, 0x2b, 0x5a, 0x9f, 0xf0, 0x17, 0xcb, 0x45, 0x0a, 0xf3, 0x6e, 0x7e, 0xb0, 0x7c, 0xbc, 0xf0, 0x4f, 0x3a, 0xb0, 0xbc, 0x36, 0x36, 0x52, 0x51, 0xcb, 0xfe, 0x9a, 0xcb, 0xe8, 0x7e, 0x4b, 0x06, 0x7f, 0xaa, 0x35, 0xc8, 0x0e, 0x7a, 0x30, 0xa3, 0xb1, 0x09, 0xbb, 0x86, 0x4c, 0xbe, 0xb8, 0xbd, 0xe0, 0x32, 0xa5, 0xd4, 0xf7,
-	/* (2^422)P */ 0x7d, 0x50, 0x37, 0x68, 0x4e, 0x22, 0xb2, 0x2c, 0xd5, 0x0f, 0x2b, 0x6d, 0xb1, 0x51, 0xf2, 0x82, 0xe9, 0x98, 0x7c, 0x50, 0xc7, 0x96, 0x7e, 0x0e, 0xdc, 0xb1, 0x0e, 0xb2, 0x63, 0x8c, 0x30, 0x37, 0x72, 0x21, 0x9c, 0x61, 0xc2, 0xa7, 0x33, 0xd9, 0xb2, 0x63, 0x93, 0xd1, 0x6b, 0x6a, 0x73, 0xa5, 0x58, 0x80, 0xff, 0x04, 0xc7, 0x83, 0x21, 0x29,
-	/* (2^423)P */ 0x29, 0x04, 0xbc, 0x99, 0x39, 0xc9, 0x58, 0xc9, 0x6b, 0x17, 0xe8, 0x90, 0xb3, 0xe6, 0xa9, 0xb6, 0x28, 0x9b, 0xcb, 0x3b, 0x28, 0x90, 0x68, 0x71, 0xff, 0xcf, 0x08, 0x78, 0xc9, 0x8d, 0xa8, 0x4e, 0x43, 0xd1, 0x1c, 0x9e, 0xa4, 0xe3, 0xdf, 0xbf, 0x92, 0xf4, 0xf9, 0x41, 0xba, 0x4d, 0x1c, 0xf9, 0xdd, 0x74, 0x76, 0x1c, 0x6e, 0x3e, 0x94, 0x87,
-	/* (2^424)P */ 0xe4, 0xda, 0xc5, 0xd7, 0xfb, 0x87, 0xc5, 0x4d, 0x6b, 0x19, 0xaa, 0xb9, 0xbc, 0x8c, 0xf2, 0x8a, 0xd8, 0x5d, 0xdb, 0x4d, 0xef, 0xa6, 0xf2, 0x65, 0xf1, 0x22, 0x9c, 0xf1, 0x46, 0x30, 0x71, 0x7c, 0xe4, 0x53, 0x8e, 0x55, 0x2e, 0x9c, 0x9a, 0x31, 0x2a, 0xc3, 0xab, 0x0f, 0xde, 0xe4, 0xbe, 0xd8, 0x96, 0x50, 0x6e, 0x0c, 0x54, 0x49, 0xe6, 0xec,
-	/* (2^425)P */ 0x3c, 0x1d, 0x5a, 0xa5, 0xda, 0xad, 0xdd, 0xc2, 0xae, 0xac, 0x6f, 0x86, 0x75, 0x31, 0x91, 0x64, 0x45, 0x9d, 0xa4, 0xf0, 0x81, 0xf1, 0x0e, 0xba, 0x74, 0xaf, 0x7b, 0xcd, 0x6f, 0xfe, 0xac, 0x4e, 0xdb, 0x4e, 0x45, 0x35, 0x36, 0xc5, 0xc0, 0x6c, 0x3d, 0x64, 0xf4, 0xd8, 0x07, 0x62, 0xd1, 0xec, 0xf3, 0xfc, 0x93, 0xc9, 0x28, 0x0c, 0x2c, 0xf3,
-	/* (2^426)P */ 0x0c, 0x69, 0x2b, 0x5c, 0xb6, 0x41, 0x69, 0xf1, 0xa4, 0xf1, 0x5b, 0x75, 0x4c, 0x42, 0x8b, 0x47, 0xeb, 0x69, 0xfb, 0xa8, 0xe6, 0xf9, 0x7b, 0x48, 0x50, 0xaf, 0xd3, 0xda, 0xb2, 0x35, 0x10, 0xb5, 0x5b, 0x40, 0x90, 0x39, 0xc9, 0x07, 0x06, 0x73, 0x26, 0x20, 0x95, 0x01, 0xa4, 0x2d, 0xf0, 0xe7, 0x2e, 0x00, 0x7d, 0x41, 0x09, 0x68, 0x13, 0xc4,
-	/* (2^427)P */ 0xbe, 0x38, 0x78, 0xcf, 0xc9, 0x4f, 0x36, 0xca, 0x09, 0x61, 0x31, 0x3c, 0x57, 0x2e, 0xec, 0x17, 0xa4, 0x7d, 0x19, 0x2b, 0x9b, 0x5b, 0xbe, 0x8f, 0xd6, 0xc5, 0x2f, 0x86, 0xf2, 0x64, 0x76, 0x17, 0x00, 0x6e, 0x1a, 0x8c, 0x67, 0x1b, 0x68, 0xeb, 0x15, 0xa2, 0xd6, 0x09, 0x91, 0xdd, 0x23, 0x0d, 0x98, 0xb2, 0x10, 0x19, 0x55, 0x9b, 0x63, 0xf2,
-	/* (2^428)P */ 0x51, 0x1f, 0x93, 0xea, 0x2a, 0x3a, 0xfa, 0x41, 0xc0, 0x57, 0xfb, 0x74, 0xa6, 0x65, 0x09, 0x56, 0x14, 0xb6, 0x12, 0xaa, 0xb3, 0x1a, 0x8d, 0x3b, 0x76, 0x91, 0x7a, 0x23, 0x56, 0x9c, 0x6a, 0xc0, 0xe0, 0x3c, 0x3f, 0xb5, 0x1a, 0xf4, 0x57, 0x71, 0x93, 0x2b, 0xb1, 0xa7, 0x70, 0x57, 0x22, 0x80, 0xf5, 0xb8, 0x07, 0x77, 0x87, 0x0c, 0xbe, 0x83,
-	/* (2^429)P */ 0x07, 0x9b, 0x0e, 0x52, 0x38, 0x63, 0x13, 0x86, 0x6a, 0xa6, 0xb4, 0xd2, 0x60, 0x68, 0x9a, 0x99, 0x82, 0x0a, 0x04, 0x5f, 0x89, 0x7a, 0x1a, 0x2a, 0xae, 0x2d, 0x35, 0x0c, 0x1e, 0xad, 0xef, 0x4f, 0x9a, 0xfc, 0xc8, 0xd9, 0xcf, 0x9d, 0x48, 0x71, 0xa5, 0x55, 0x79, 0x73, 0x39, 0x1b, 0xd8, 0x73, 0xec, 0x9b, 0x03, 0x16, 0xd8, 0x82, 0xf7, 0x67,
-	/* (2^430)P */ 0x52, 0x67, 0x42, 0x21, 0xc9, 0x40, 0x78, 0x82, 0x2b, 0x95, 0x2d, 0x20, 0x92, 0xd1, 0xe2, 0x61, 0x25, 0xb0, 0xc6, 0x9c, 0x20, 0x59, 0x8e, 0x28, 0x6f, 0xf3, 0xfd, 0xd3, 0xc1, 0x32, 0x43, 0xc9, 0xa6, 0x08, 0x7a, 0x77, 0x9c, 0x4c, 0x8c, 0x33, 0x71, 0x13, 0x69, 0xe3, 0x52, 0x30, 0xa7, 0xf5, 0x07, 0x67, 0xac, 0xad, 0x46, 0x8a, 0x26, 0x25,
-	/* (2^431)P */ 0xda, 0x86, 0xc4, 0xa2, 0x71, 0x56, 0xdd, 0xd2, 0x48, 0xd3, 0xde, 0x42, 0x63, 0x01, 0xa7, 0x2c, 0x92, 0x83, 0x6f, 0x2e, 0xd8, 0x1e, 0x3f, 0xc1, 0xc5, 0x42, 0x4e, 0x34, 0x19, 0x54, 0x6e, 0x35, 0x2c, 0x51, 0x2e, 0xfd, 0x0f, 0x9a, 0x45, 0x66, 0x5e, 0x4a, 0x83, 0xda, 0x0a, 0x53, 0x68, 0x63, 0xfa, 0xce, 0x47, 0x20, 0xd3, 0x34, 0xba, 0x0d,
-	/* (2^432)P */ 0xd0, 0xe9, 0x64, 0xa4, 0x61, 0x4b, 0x86, 0xe5, 0x93, 0x6f, 0xda, 0x0e, 0x31, 0x7e, 0x6e, 0xe3, 0xc6, 0x73, 0xd8, 0xa3, 0x08, 0x57, 0x52, 0xcd, 0x51, 0x63, 0x1d, 0x9f, 0x93, 0x00, 0x62, 0x91, 0x26, 0x21, 0xa7, 0xdd, 0x25, 0x0f, 0x09, 0x0d, 0x35, 0xad, 0xcf, 0x11, 0x8e, 0x6e, 0xe8, 0xae, 0x1d, 0x95, 0xcb, 0x88, 0xf8, 0x70, 0x7b, 0x91,
-	/* (2^433)P */ 0x0c, 0x19, 0x5c, 0xd9, 0x8d, 0xda, 0x9d, 0x2c, 0x90, 0x54, 0x65, 0xe8, 0xb6, 0x35, 0x50, 0xae, 0xea, 0xae, 0x43, 0xb7, 0x1e, 0x99, 0x8b, 0x4c, 0x36, 0x4e, 0xe4, 0x1e, 0xc4, 0x64, 0x43, 0xb6, 0xeb, 0xd4, 0xe9, 0x60, 0x22, 0xee, 0xcf, 0xb8, 0x52, 0x1b, 0xf0, 0x04, 0xce, 0xbc, 0x2b, 0xf0, 0xbe, 0xcd, 0x44, 0x74, 0x1e, 0x1f, 0x63, 0xf9,
-	/* (2^434)P */ 0xe1, 0x3f, 0x95, 0x94, 0xb2, 0xb6, 0x31, 0xa9, 0x1b, 0xdb, 0xfd, 0x0e, 0xdb, 0xdd, 0x1a, 0x22, 0x78, 0x60, 0x9f, 0x75, 0x5f, 0x93, 0x06, 0x0c, 0xd8, 0xbb, 0xa2, 0x85, 0x2b, 0x5e, 0xc0, 0x9b, 0xa8, 0x5d, 0xaf, 0x93, 0x91, 0x91, 0x47, 0x41, 0x1a, 0xfc, 0xb4, 0x51, 0x85, 0xad, 0x69, 0x4d, 0x73, 0x69, 0xd5, 0x4e, 0x82, 0xfb, 0x66, 0xcb,
-	/* (2^435)P */ 0x7c, 0xbe, 0xc7, 0x51, 0xc4, 0x74, 0x6e, 0xab, 0xfd, 0x41, 0x4f, 0x76, 0x4f, 0x24, 0x03, 0xd6, 0x2a, 0xb7, 0x42, 0xb4, 0xda, 0x41, 0x2c, 0x82, 0x48, 0x4c, 0x7f, 0x6f, 0x25, 0x5d, 0x36, 0xd4, 0x69, 0xf5, 0xef, 0x02, 0x81, 0xea, 0x6f, 0x19, 0x69, 0xe8, 0x6f, 0x5b, 0x2f, 0x14, 0x0e, 0x6f, 0x89, 0xb4, 0xb5, 0xd8, 0xae, 0xef, 0x7b, 0x87,
-	/* (2^436)P */ 0xe9, 0x91, 0xa0, 0x8b, 0xc9, 0xe0, 0x01, 0x90, 0x37, 0xc1, 0x6f, 0xdc, 0x5e, 0xf7, 0xbf, 0x43, 0x00, 0xaa, 0x10, 0x76, 0x76, 0x18, 0x6e, 0x19, 0x1e, 0x94, 0x50, 0x11, 0x0a, 0xd1, 0xe2, 0xdb, 0x08, 0x21, 0xa0, 0x1f, 0xdb, 0x54, 0xfe, 0xea, 0x6e, 0xa3, 0x68, 0x56, 0x87, 0x0b, 0x22, 0x4e, 0x66, 0xf3, 0x82, 0x82, 0x00, 0xcd, 0xd4, 0x12,
-	/* (2^437)P */ 0x25, 0x8e, 0x24, 0x77, 0x64, 0x4c, 0xe0, 0xf8, 0x18, 0xc0, 0xdc, 0xc7, 0x1b, 0x35, 0x65, 0xde, 0x67, 0x41, 0x5e, 0x6f, 0x90, 0x82, 0xa7, 0x2e, 0x6d, 0xf1, 0x47, 0xb4, 0x92, 0x9c, 0xfd, 0x6a, 0x9a, 0x41, 0x36, 0x20, 0x24, 0x58, 0xc3, 0x59, 0x07, 0x9a, 0xfa, 0x9f, 0x03, 0xcb, 0xc7, 0x69, 0x37, 0x60, 0xe1, 0xab, 0x13, 0x72, 0xee, 0xa2,
-	/* (2^438)P */ 0x74, 0x78, 0xfb, 0x13, 0xcb, 0x8e, 0x37, 0x1a, 0xf6, 0x1d, 0x17, 0x83, 0x06, 0xd4, 0x27, 0x06, 0x21, 0xe8, 0xda, 0xdf, 0x6b, 0xf3, 0x83, 0x6b, 0x34, 0x8a, 0x8c, 0xee, 0x01, 0x05, 0x5b, 0xed, 0xd3, 0x1b, 0xc9, 0x64, 0x83, 0xc9, 0x49, 0xc2, 0x57, 0x1b, 0xdd, 0xcf, 0xf1, 0x9d, 0x63, 0xee, 0x1c, 0x0d, 0xa0, 0x0a, 0x73, 0x1f, 0x5b, 0x32,
-	/* (2^439)P */ 0x29, 0xce, 0x1e, 0xc0, 0x6a, 0xf5, 0xeb, 0x99, 0x5a, 0x39, 0x23, 0xe9, 0xdd, 0xac, 0x44, 0x88, 0xbc, 0x80, 0x22, 0xde, 0x2c, 0xcb, 0xa8, 0x3b, 0xff, 0xf7, 0x6f, 0xc7, 0x71, 0x72, 0xa8, 0xa3, 0xf6, 0x4d, 0xc6, 0x75, 0xda, 0x80, 0xdc, 0xd9, 0x30, 0xd9, 0x07, 0x50, 0x5a, 0x54, 0x7d, 0xda, 0x39, 0x6f, 0x78, 0x94, 0xbf, 0x25, 0x98, 0xdc,
-	/* (2^440)P */ 0x01, 0x26, 0x62, 0x44, 0xfb, 0x0f, 0x11, 0x72, 0x73, 0x0a, 0x16, 0xc7, 0x16, 0x9c, 0x9b, 0x37, 0xd8, 0xff, 0x4f, 0xfe, 0x57, 0xdb, 0xae, 0xef, 0x7d, 0x94, 0x30, 0x04, 0x70, 0x83, 0xde, 0x3c, 0xd4, 0xb5, 0x70, 0xda, 0xa7, 0x55, 0xc8, 0x19, 0xe1, 0x36, 0x15, 0x61, 0xe7, 0x3b, 0x7d, 0x85, 0xbb, 0xf3, 0x42, 0x5a, 0x94, 0xf4, 0x53, 0x2a,
-	/* (2^441)P */ 0x14, 0x60, 0xa6, 0x0b, 0x83, 0xe1, 0x23, 0x77, 0xc0, 0xce, 0x50, 0xed, 0x35, 0x8d, 0x98, 0x99, 0x7d, 0xf5, 0x8d, 0xce, 0x94, 0x25, 0xc8, 0x0f, 0x6d, 0xfa, 0x4a, 0xa4, 0x3a, 0x1f, 0x66, 0xfb, 0x5a, 0x64, 0xaf, 0x8b, 0x54, 0x54, 0x44, 0x3f, 0x5b, 0x88, 0x61, 0xe4, 0x48, 0x45, 0x26, 0x20, 0xbe, 0x0d, 0x06, 0xbb, 0x65, 0x59, 0xe1, 0x36,
-	/* (2^442)P */ 0xb7, 0x98, 0xce, 0xa3, 0xe3, 0xee, 0x11, 0x1b, 0x9e, 0x24, 0x59, 0x75, 0x31, 0x37, 0x44, 0x6f, 0x6b, 0x9e, 0xec, 0xb7, 0x44, 0x01, 0x7e, 0xab, 0xbb, 0x69, 0x5d, 0x11, 0xb0, 0x30, 0x64, 0xea, 0x91, 0xb4, 0x7a, 0x8c, 0x02, 0x4c, 0xb9, 0x10, 0xa7, 0xc7, 0x79, 0xe6, 0xdc, 0x77, 0xe3, 0xc8, 0xef, 0x3e, 0xf9, 0x38, 0x81, 0xce, 0x9a, 0xb2,
-	/* (2^443)P */ 0x91, 0x12, 0x76, 0xd0, 0x10, 0xb4, 0xaf, 0xe1, 0x89, 0x3a, 0x93, 0x6b, 0x5c, 0x19, 0x5f, 0x24, 0xed, 0x04, 0x92, 0xc7, 0xf0, 0x00, 0x08, 0xc1, 0x92, 0xff, 0x90, 0xdb, 0xb2, 0xbf, 0xdf, 0x49, 0xcd, 0xbd, 0x5c, 0x6e, 0xbf, 0x16, 0xbb, 0x61, 0xf9, 0x20, 0x33, 0x35, 0x93, 0x11, 0xbc, 0x59, 0x69, 0xce, 0x18, 0x9f, 0xf8, 0x7b, 0xa1, 0x6e,
-	/* (2^444)P */ 0xa1, 0xf4, 0xaf, 0xad, 0xf8, 0xe6, 0x99, 0xd2, 0xa1, 0x4d, 0xde, 0x56, 0xc9, 0x7b, 0x0b, 0x11, 0x3e, 0xbf, 0x89, 0x1a, 0x9a, 0x90, 0xe5, 0xe2, 0xa6, 0x37, 0x88, 0xa1, 0x68, 0x59, 0xae, 0x8c, 0xec, 0x02, 0x14, 0x8d, 0xb7, 0x2e, 0x25, 0x75, 0x7f, 0x76, 0x1a, 0xd3, 0x4d, 0xad, 0x8a, 0x00, 0x6c, 0x96, 0x49, 0xa4, 0xc3, 0x2e, 0x5c, 0x7b,
-	/* (2^445)P */ 0x26, 0x53, 0xf7, 0xda, 0xa8, 0x01, 0x14, 0xb1, 0x63, 0xe3, 0xc3, 0x89, 0x88, 0xb0, 0x85, 0x40, 0x2b, 0x26, 0x9a, 0x10, 0x1a, 0x70, 0x33, 0xf4, 0x50, 0x9d, 0x4d, 0xd8, 0x64, 0xc6, 0x0f, 0xe1, 0x17, 0xc8, 0x10, 0x4b, 0xfc, 0xa0, 0xc9, 0xba, 0x2c, 0x98, 0x09, 0xf5, 0x84, 0xb6, 0x7c, 0x4e, 0xa3, 0xe3, 0x81, 0x1b, 0x32, 0x60, 0x02, 0xdd,
-	/* (2^446)P */ 0xa3, 0xe5, 0x86, 0xd4, 0x43, 0xa8, 0xd1, 0x98, 0x9d, 0x9d, 0xdb, 0x04, 0xcf, 0x6e, 0x35, 0x05, 0x30, 0x53, 0x3b, 0xbc, 0x90, 0x00, 0x4a, 0xc5, 0x40, 0x2a, 0x0f, 0xde, 0x1a, 0xd7, 0x36, 0x27, 0x44, 0x62, 0xa6, 0xac, 0x9d, 0xd2, 0x70, 0x69, 0x14, 0x39, 0x9b, 0xd1, 0xc3, 0x0a, 0x3a, 0x82, 0x0e, 0xf1, 0x94, 0xd7, 0x42, 0x94, 0xd5, 0x7d,
-	/* (2^447)P */ 0x04, 0xc0, 0x6e, 0x12, 0x90, 0x70, 0xf9, 0xdf, 0xf7, 0xc9, 0x86, 0xc0, 0xe6, 0x92, 0x8b, 0x0a, 0xa1, 0xc1, 0x3b, 0xcc, 0x33, 0xb7, 0xf0, 0xeb, 0x51, 0x50, 0x80, 0x20, 0x69, 0x1c, 0x4f, 0x89, 0x05, 0x1e, 0xe4, 0x7a, 0x0a, 0xc2, 0xf0, 0xf5, 0x78, 0x91, 0x76, 0x34, 0x45, 0xdc, 0x24, 0x53, 0x24, 0x98, 0xe2, 0x73, 0x6f, 0xe6, 0x46, 0x67,
-}
diff --git a/vendor/github.com/cloudflare/circl/ecc/goldilocks/constants.go b/vendor/github.com/cloudflare/circl/ecc/goldilocks/constants.go
deleted file mode 100644
index b6b236e5d3..0000000000
--- a/vendor/github.com/cloudflare/circl/ecc/goldilocks/constants.go
+++ /dev/null
@@ -1,71 +0,0 @@
-package goldilocks
-
-import fp "github.com/cloudflare/circl/math/fp448"
-
-var (
-	// genX is the x-coordinate of the generator of Goldilocks curve.
-	genX = fp.Elt{
-		0x5e, 0xc0, 0x0c, 0xc7, 0x2b, 0xa8, 0x26, 0x26,
-		0x8e, 0x93, 0x00, 0x8b, 0xe1, 0x80, 0x3b, 0x43,
-		0x11, 0x65, 0xb6, 0x2a, 0xf7, 0x1a, 0xae, 0x12,
-		0x64, 0xa4, 0xd3, 0xa3, 0x24, 0xe3, 0x6d, 0xea,
-		0x67, 0x17, 0x0f, 0x47, 0x70, 0x65, 0x14, 0x9e,
-		0xda, 0x36, 0xbf, 0x22, 0xa6, 0x15, 0x1d, 0x22,
-		0xed, 0x0d, 0xed, 0x6b, 0xc6, 0x70, 0x19, 0x4f,
-	}
-	// genY is the y-coordinate of the generator of Goldilocks curve.
-	genY = fp.Elt{
-		0x14, 0xfa, 0x30, 0xf2, 0x5b, 0x79, 0x08, 0x98,
-		0xad, 0xc8, 0xd7, 0x4e, 0x2c, 0x13, 0xbd, 0xfd,
-		0xc4, 0x39, 0x7c, 0xe6, 0x1c, 0xff, 0xd3, 0x3a,
-		0xd7, 0xc2, 0xa0, 0x05, 0x1e, 0x9c, 0x78, 0x87,
-		0x40, 0x98, 0xa3, 0x6c, 0x73, 0x73, 0xea, 0x4b,
-		0x62, 0xc7, 0xc9, 0x56, 0x37, 0x20, 0x76, 0x88,
-		0x24, 0xbc, 0xb6, 0x6e, 0x71, 0x46, 0x3f, 0x69,
-	}
-	// paramD is -39081 in Fp.
-	paramD = fp.Elt{
-		0x56, 0x67, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	}
-	// order is 2^446-0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d,
-	// which is the number of points in the prime subgroup.
-	order = Scalar{
-		0xf3, 0x44, 0x58, 0xab, 0x92, 0xc2, 0x78, 0x23,
-		0x55, 0x8f, 0xc5, 0x8d, 0x72, 0xc2, 0x6c, 0x21,
-		0x90, 0x36, 0xd6, 0xae, 0x49, 0xdb, 0x4e, 0xc4,
-		0xe9, 0x23, 0xca, 0x7c, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f,
-	}
-	// residue448 is 2^448 mod order.
-	residue448 = [4]uint64{
-		0x721cf5b5529eec34, 0x7a4cf635c8e9c2ab, 0xeec492d944a725bf, 0x20cd77058,
-	}
-	// invFour is 1/4 mod order.
-	invFour = Scalar{
-		0x3d, 0x11, 0xd6, 0xaa, 0xa4, 0x30, 0xde, 0x48,
-		0xd5, 0x63, 0x71, 0xa3, 0x9c, 0x30, 0x5b, 0x08,
-		0xa4, 0x8d, 0xb5, 0x6b, 0xd2, 0xb6, 0x13, 0x71,
-		0xfa, 0x88, 0x32, 0xdf, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x0f,
-	}
-	// paramDTwist is -39082 in Fp. The D parameter of the twist curve.
-	paramDTwist = fp.Elt{
-		0x55, 0x67, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	}
-)
diff --git a/vendor/github.com/cloudflare/circl/ecc/goldilocks/curve.go b/vendor/github.com/cloudflare/circl/ecc/goldilocks/curve.go
deleted file mode 100644
index 1f165141a9..0000000000
--- a/vendor/github.com/cloudflare/circl/ecc/goldilocks/curve.go
+++ /dev/null
@@ -1,84 +0,0 @@
-// Package goldilocks provides elliptic curve operations over the goldilocks curve.
-package goldilocks
-
-import fp "github.com/cloudflare/circl/math/fp448"
-
-// Curve is the Goldilocks curve x^2+y^2=z^2-39081x^2y^2.
-type Curve struct{}
-
-// Identity returns the identity point.
-func (Curve) Identity() *Point {
-	return &Point{
-		y: fp.One(),
-		z: fp.One(),
-	}
-}
-
-// IsOnCurve returns true if the point lies on the curve.
-func (Curve) IsOnCurve(P *Point) bool {
-	x2, y2, t, t2, z2 := &fp.Elt{}, &fp.Elt{}, &fp.Elt{}, &fp.Elt{}, &fp.Elt{}
-	rhs, lhs := &fp.Elt{}, &fp.Elt{}
-	// Check z != 0
-	eq0 := !fp.IsZero(&P.z)
-
-	fp.Mul(t, &P.ta, &P.tb)  // t = ta*tb
-	fp.Sqr(x2, &P.x)         // x^2
-	fp.Sqr(y2, &P.y)         // y^2
-	fp.Sqr(z2, &P.z)         // z^2
-	fp.Sqr(t2, t)            // t^2
-	fp.Add(lhs, x2, y2)      // x^2 + y^2
-	fp.Mul(rhs, t2, &paramD) // dt^2
-	fp.Add(rhs, rhs, z2)     // z^2 + dt^2
-	fp.Sub(lhs, lhs, rhs)    // x^2 + y^2 - (z^2 + dt^2)
-	eq1 := fp.IsZero(lhs)
-
-	fp.Mul(lhs, &P.x, &P.y) // xy
-	fp.Mul(rhs, t, &P.z)    // tz
-	fp.Sub(lhs, lhs, rhs)   // xy - tz
-	eq2 := fp.IsZero(lhs)
-
-	return eq0 && eq1 && eq2
-}
-
-// Generator returns the generator point.
-func (Curve) Generator() *Point {
-	return &Point{
-		x:  genX,
-		y:  genY,
-		z:  fp.One(),
-		ta: genX,
-		tb: genY,
-	}
-}
-
-// Order returns the number of points in the prime subgroup.
-func (Curve) Order() Scalar { return order }
-
-// Double returns 2P.
-func (Curve) Double(P *Point) *Point { R := *P; R.Double(); return &R }
-
-// Add returns P+Q.
-func (Curve) Add(P, Q *Point) *Point { R := *P; R.Add(Q); return &R }
-
-// ScalarMult returns kP. This function runs in constant time.
-func (e Curve) ScalarMult(k *Scalar, P *Point) *Point {
-	k4 := &Scalar{}
-	k4.divBy4(k)
-	return e.pull(twistCurve{}.ScalarMult(k4, e.push(P)))
-}
-
-// ScalarBaseMult returns kG where G is the generator point. This function runs in constant time.
-func (e Curve) ScalarBaseMult(k *Scalar) *Point {
-	k4 := &Scalar{}
-	k4.divBy4(k)
-	return e.pull(twistCurve{}.ScalarBaseMult(k4))
-}
-
-// CombinedMult returns mG+nP, where G is the generator point. This function is non-constant time.
-func (e Curve) CombinedMult(m, n *Scalar, P *Point) *Point {
-	m4 := &Scalar{}
-	n4 := &Scalar{}
-	m4.divBy4(m)
-	n4.divBy4(n)
-	return e.pull(twistCurve{}.CombinedMult(m4, n4, twistCurve{}.pull(P)))
-}
diff --git a/vendor/github.com/cloudflare/circl/ecc/goldilocks/isogeny.go b/vendor/github.com/cloudflare/circl/ecc/goldilocks/isogeny.go
deleted file mode 100644
index b1daab851c..0000000000
--- a/vendor/github.com/cloudflare/circl/ecc/goldilocks/isogeny.go
+++ /dev/null
@@ -1,52 +0,0 @@
-package goldilocks
-
-import fp "github.com/cloudflare/circl/math/fp448"
-
-func (Curve) pull(P *twistPoint) *Point      { return twistCurve{}.push(P) }
-func (twistCurve) pull(P *Point) *twistPoint { return Curve{}.push(P) }
-
-// push sends a point on the Goldilocks curve to a point on the twist curve.
-func (Curve) push(P *Point) *twistPoint {
-	Q := &twistPoint{}
-	Px, Py, Pz := &P.x, &P.y, &P.z
-	a, b, c, d, e, f, g, h := &Q.x, &Q.y, &Q.z, &fp.Elt{}, &Q.ta, &Q.x, &Q.y, &Q.tb
-	fp.Add(e, Px, Py)  // x+y
-	fp.Sqr(a, Px)      // A = x^2
-	fp.Sqr(b, Py)      // B = y^2
-	fp.Sqr(c, Pz)      // z^2
-	fp.Add(c, c, c)    // C = 2*z^2
-	*d = *a            // D = A
-	fp.Sqr(e, e)       // (x+y)^2
-	fp.Sub(e, e, a)    // (x+y)^2-A
-	fp.Sub(e, e, b)    // E = (x+y)^2-A-B
-	fp.Add(h, b, d)    // H = B+D
-	fp.Sub(g, b, d)    // G = B-D
-	fp.Sub(f, c, h)    // F = C-H
-	fp.Mul(&Q.z, f, g) // Z = F * G
-	fp.Mul(&Q.x, e, f) // X = E * F
-	fp.Mul(&Q.y, g, h) // Y = G * H, // T = E * H
-	return Q
-}
-
-// push sends a point on the twist curve to a point on the Goldilocks curve.
-func (twistCurve) push(P *twistPoint) *Point {
-	Q := &Point{}
-	Px, Py, Pz := &P.x, &P.y, &P.z
-	a, b, c, d, e, f, g, h := &Q.x, &Q.y, &Q.z, &fp.Elt{}, &Q.ta, &Q.x, &Q.y, &Q.tb
-	fp.Add(e, Px, Py)  // x+y
-	fp.Sqr(a, Px)      // A = x^2
-	fp.Sqr(b, Py)      // B = y^2
-	fp.Sqr(c, Pz)      // z^2
-	fp.Add(c, c, c)    // C = 2*z^2
-	fp.Neg(d, a)       // D = -A
-	fp.Sqr(e, e)       // (x+y)^2
-	fp.Sub(e, e, a)    // (x+y)^2-A
-	fp.Sub(e, e, b)    // E = (x+y)^2-A-B
-	fp.Add(h, b, d)    // H = B+D
-	fp.Sub(g, b, d)    // G = B-D
-	fp.Sub(f, c, h)    // F = C-H
-	fp.Mul(&Q.z, f, g) // Z = F * G
-	fp.Mul(&Q.x, e, f) // X = E * F
-	fp.Mul(&Q.y, g, h) // Y = G * H, // T = E * H
-	return Q
-}
diff --git a/vendor/github.com/cloudflare/circl/ecc/goldilocks/point.go b/vendor/github.com/cloudflare/circl/ecc/goldilocks/point.go
deleted file mode 100644
index 11f73de054..0000000000
--- a/vendor/github.com/cloudflare/circl/ecc/goldilocks/point.go
+++ /dev/null
@@ -1,171 +0,0 @@
-package goldilocks
-
-import (
-	"errors"
-	"fmt"
-
-	fp "github.com/cloudflare/circl/math/fp448"
-)
-
-// Point is a point on the Goldilocks Curve.
-type Point struct{ x, y, z, ta, tb fp.Elt }
-
-func (P Point) String() string {
-	return fmt.Sprintf("x: %v\ny: %v\nz: %v\nta: %v\ntb: %v", P.x, P.y, P.z, P.ta, P.tb)
-}
-
-// FromAffine creates a point from affine coordinates.
-func FromAffine(x, y *fp.Elt) (*Point, error) {
-	P := &Point{
-		x:  *x,
-		y:  *y,
-		z:  fp.One(),
-		ta: *x,
-		tb: *y,
-	}
-	if !(Curve{}).IsOnCurve(P) {
-		return P, errors.New("point not on curve")
-	}
-	return P, nil
-}
-
-// isLessThan returns true if 0 <= x < y, and assumes that slices are of the
-// same length and are interpreted in little-endian order.
-func isLessThan(x, y []byte) bool {
-	i := len(x) - 1
-	for i > 0 && x[i] == y[i] {
-		i--
-	}
-	return x[i] < y[i]
-}
-
-// FromBytes returns a point from the input buffer.
-func FromBytes(in []byte) (*Point, error) {
-	if len(in) < fp.Size+1 {
-		return nil, errors.New("wrong input length")
-	}
-	err := errors.New("invalid decoding")
-	P := &Point{}
-	signX := in[fp.Size] >> 7
-	copy(P.y[:], in[:fp.Size])
-	p := fp.P()
-	if !isLessThan(P.y[:], p[:]) {
-		return nil, err
-	}
-
-	u, v := &fp.Elt{}, &fp.Elt{}
-	one := fp.One()
-	fp.Sqr(u, &P.y)                // u = y^2
-	fp.Mul(v, u, &paramD)          // v = dy^2
-	fp.Sub(u, u, &one)             // u = y^2-1
-	fp.Sub(v, v, &one)             // v = dy^2-1
-	isQR := fp.InvSqrt(&P.x, u, v) // x = sqrt(u/v)
-	if !isQR {
-		return nil, err
-	}
-	fp.Modp(&P.x) // x = x mod p
-	if fp.IsZero(&P.x) && signX == 1 {
-		return nil, err
-	}
-	if signX != (P.x[0] & 1) {
-		fp.Neg(&P.x, &P.x)
-	}
-	P.ta = P.x
-	P.tb = P.y
-	P.z = fp.One()
-	return P, nil
-}
-
-// IsIdentity returns true is P is the identity Point.
-func (P *Point) IsIdentity() bool {
-	return fp.IsZero(&P.x) && !fp.IsZero(&P.y) && !fp.IsZero(&P.z) && P.y == P.z
-}
-
-// IsEqual returns true if P is equivalent to Q.
-func (P *Point) IsEqual(Q *Point) bool {
-	l, r := &fp.Elt{}, &fp.Elt{}
-	fp.Mul(l, &P.x, &Q.z)
-	fp.Mul(r, &Q.x, &P.z)
-	fp.Sub(l, l, r)
-	b := fp.IsZero(l)
-	fp.Mul(l, &P.y, &Q.z)
-	fp.Mul(r, &Q.y, &P.z)
-	fp.Sub(l, l, r)
-	b = b && fp.IsZero(l)
-	fp.Mul(l, &P.ta, &P.tb)
-	fp.Mul(l, l, &Q.z)
-	fp.Mul(r, &Q.ta, &Q.tb)
-	fp.Mul(r, r, &P.z)
-	fp.Sub(l, l, r)
-	b = b && fp.IsZero(l)
-	return b
-}
-
-// Neg obtains the inverse of the Point.
-func (P *Point) Neg() { fp.Neg(&P.x, &P.x); fp.Neg(&P.ta, &P.ta) }
-
-// ToAffine returns the x,y affine coordinates of P.
-func (P *Point) ToAffine() (x, y fp.Elt) {
-	fp.Inv(&P.z, &P.z)       // 1/z
-	fp.Mul(&P.x, &P.x, &P.z) // x/z
-	fp.Mul(&P.y, &P.y, &P.z) // y/z
-	fp.Modp(&P.x)
-	fp.Modp(&P.y)
-	fp.SetOne(&P.z)
-	P.ta = P.x
-	P.tb = P.y
-	return P.x, P.y
-}
-
-// ToBytes stores P into a slice of bytes.
-func (P *Point) ToBytes(out []byte) error {
-	if len(out) < fp.Size+1 {
-		return errors.New("invalid decoding")
-	}
-	x, y := P.ToAffine()
-	out[fp.Size] = (x[0] & 1) << 7
-	return fp.ToBytes(out[:fp.Size], &y)
-}
-
-// MarshalBinary encodes the receiver into a binary form and returns the result.
-func (P *Point) MarshalBinary() (data []byte, err error) {
-	data = make([]byte, fp.Size+1)
-	err = P.ToBytes(data[:fp.Size+1])
-	return data, err
-}
-
-// UnmarshalBinary must be able to decode the form generated by MarshalBinary.
-func (P *Point) UnmarshalBinary(data []byte) error { Q, err := FromBytes(data); *P = *Q; return err }
-
-// Double sets P = 2Q.
-func (P *Point) Double() { P.Add(P) }
-
-// Add sets P =P+Q..
-func (P *Point) Add(Q *Point) {
-	// This is formula (5) from "Twisted Edwards Curves Revisited" by
-	// Hisil H., Wong K.KH., Carter G., Dawson E. (2008)
-	// https://doi.org/10.1007/978-3-540-89255-7_20
-	x1, y1, z1, ta1, tb1 := &P.x, &P.y, &P.z, &P.ta, &P.tb
-	x2, y2, z2, ta2, tb2 := &Q.x, &Q.y, &Q.z, &Q.ta, &Q.tb
-	x3, y3, z3, E, H := &P.x, &P.y, &P.z, &P.ta, &P.tb
-	A, B, C, D := &fp.Elt{}, &fp.Elt{}, &fp.Elt{}, &fp.Elt{}
-	t1, t2, F, G := C, D, &fp.Elt{}, &fp.Elt{}
-	fp.Mul(t1, ta1, tb1)  // t1 = ta1*tb1
-	fp.Mul(t2, ta2, tb2)  // t2 = ta2*tb2
-	fp.Mul(A, x1, x2)     // A = x1*x2
-	fp.Mul(B, y1, y2)     // B = y1*y2
-	fp.Mul(C, t1, t2)     // t1*t2
-	fp.Mul(C, C, &paramD) // C = d*t1*t2
-	fp.Mul(D, z1, z2)     // D = z1*z2
-	fp.Add(F, x1, y1)     // x1+y1
-	fp.Add(E, x2, y2)     // x2+y2
-	fp.Mul(E, E, F)       // (x1+y1)*(x2+y2)
-	fp.Sub(E, E, A)       // (x1+y1)*(x2+y2)-A
-	fp.Sub(E, E, B)       // E = (x1+y1)*(x2+y2)-A-B
-	fp.Sub(F, D, C)       // F = D-C
-	fp.Add(G, D, C)       // G = D+C
-	fp.Sub(H, B, A)       // H = B-A
-	fp.Mul(z3, F, G)      // Z = F * G
-	fp.Mul(x3, E, F)      // X = E * F
-	fp.Mul(y3, G, H)      // Y = G * H, T = E * H
-}
diff --git a/vendor/github.com/cloudflare/circl/ecc/goldilocks/scalar.go b/vendor/github.com/cloudflare/circl/ecc/goldilocks/scalar.go
deleted file mode 100644
index f98117b252..0000000000
--- a/vendor/github.com/cloudflare/circl/ecc/goldilocks/scalar.go
+++ /dev/null
@@ -1,203 +0,0 @@
-package goldilocks
-
-import (
-	"encoding/binary"
-	"math/bits"
-)
-
-// ScalarSize is the size (in bytes) of scalars.
-const ScalarSize = 56 // 448 / 8
-
-// _N is the number of 64-bit words to store scalars.
-const _N = 7 // 448 / 64
-
-// Scalar represents a positive integer stored in little-endian order.
-type Scalar [ScalarSize]byte
-
-type scalar64 [_N]uint64
-
-func (z *scalar64) fromScalar(x *Scalar) {
-	z[0] = binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	z[1] = binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	z[2] = binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	z[3] = binary.LittleEndian.Uint64(x[3*8 : 4*8])
-	z[4] = binary.LittleEndian.Uint64(x[4*8 : 5*8])
-	z[5] = binary.LittleEndian.Uint64(x[5*8 : 6*8])
-	z[6] = binary.LittleEndian.Uint64(x[6*8 : 7*8])
-}
-
-func (z *scalar64) toScalar(x *Scalar) {
-	binary.LittleEndian.PutUint64(x[0*8:1*8], z[0])
-	binary.LittleEndian.PutUint64(x[1*8:2*8], z[1])
-	binary.LittleEndian.PutUint64(x[2*8:3*8], z[2])
-	binary.LittleEndian.PutUint64(x[3*8:4*8], z[3])
-	binary.LittleEndian.PutUint64(x[4*8:5*8], z[4])
-	binary.LittleEndian.PutUint64(x[5*8:6*8], z[5])
-	binary.LittleEndian.PutUint64(x[6*8:7*8], z[6])
-}
-
-// add calculates z = x + y. Assumes len(z) > max(len(x),len(y)).
-func add(z, x, y []uint64) uint64 {
-	l, L, zz := len(x), len(y), y
-	if l > L {
-		l, L, zz = L, l, x
-	}
-	c := uint64(0)
-	for i := 0; i < l; i++ {
-		z[i], c = bits.Add64(x[i], y[i], c)
-	}
-	for i := l; i < L; i++ {
-		z[i], c = bits.Add64(zz[i], 0, c)
-	}
-	return c
-}
-
-// sub calculates z = x - y. Assumes len(z) > max(len(x),len(y)).
-func sub(z, x, y []uint64) uint64 {
-	l, L, zz := len(x), len(y), y
-	if l > L {
-		l, L, zz = L, l, x
-	}
-	c := uint64(0)
-	for i := 0; i < l; i++ {
-		z[i], c = bits.Sub64(x[i], y[i], c)
-	}
-	for i := l; i < L; i++ {
-		z[i], c = bits.Sub64(zz[i], 0, c)
-	}
-	return c
-}
-
-// mulWord calculates z = x * y. Assumes len(z) >= len(x)+1.
-func mulWord(z, x []uint64, y uint64) {
-	for i := range z {
-		z[i] = 0
-	}
-	carry := uint64(0)
-	for i := range x {
-		hi, lo := bits.Mul64(x[i], y)
-		lo, cc := bits.Add64(lo, z[i], 0)
-		hi, _ = bits.Add64(hi, 0, cc)
-		z[i], cc = bits.Add64(lo, carry, 0)
-		carry, _ = bits.Add64(hi, 0, cc)
-	}
-	z[len(x)] = carry
-}
-
-// Cmov moves x into z if b=1.
-func (z *scalar64) Cmov(b uint64, x *scalar64) {
-	m := uint64(0) - b
-	for i := range z {
-		z[i] = (z[i] &^ m) | (x[i] & m)
-	}
-}
-
-// leftShift shifts to the left the words of z returning the more significant word.
-func (z *scalar64) leftShift(low uint64) uint64 {
-	high := z[_N-1]
-	for i := _N - 1; i > 0; i-- {
-		z[i] = z[i-1]
-	}
-	z[0] = low
-	return high
-}
-
-// reduceOneWord calculates z = z + 2^448*x such that the result fits in a Scalar.
-func (z *scalar64) reduceOneWord(x uint64) {
-	prod := (&scalar64{})[:]
-	mulWord(prod, residue448[:], x)
-	cc := add(z[:], z[:], prod)
-	mulWord(prod, residue448[:], cc)
-	add(z[:], z[:], prod)
-}
-
-// modOrder reduces z mod order.
-func (z *scalar64) modOrder() {
-	var o64, x scalar64
-	o64.fromScalar(&order)
-	// Performs: while (z >= order) { z = z-order }
-	// At most 8 (eight) iterations reduce 3 bits by subtracting.
-	for i := 0; i < 8; i++ {
-		c := sub(x[:], z[:], o64[:]) // (c || x) = z-order
-		z.Cmov(1-c, &x)              // if c != 0 { z = x }
-	}
-}
-
-// FromBytes stores z = x mod order, where x is a number stored in little-endian order.
-func (z *Scalar) FromBytes(x []byte) {
-	n := len(x)
-	nCeil := (n + 7) >> 3
-	for i := range z {
-		z[i] = 0
-	}
-	if nCeil < _N {
-		copy(z[:], x)
-		return
-	}
-	copy(z[:], x[8*(nCeil-_N):])
-	var z64 scalar64
-	z64.fromScalar(z)
-	for i := nCeil - _N - 1; i >= 0; i-- {
-		low := binary.LittleEndian.Uint64(x[8*i:])
-		high := z64.leftShift(low)
-		z64.reduceOneWord(high)
-	}
-	z64.modOrder()
-	z64.toScalar(z)
-}
-
-// divBy4 calculates z = x/4 mod order.
-func (z *Scalar) divBy4(x *Scalar) { z.Mul(x, &invFour) }
-
-// Red reduces z mod order.
-func (z *Scalar) Red() { var t scalar64; t.fromScalar(z); t.modOrder(); t.toScalar(z) }
-
-// Neg calculates z = -z mod order.
-func (z *Scalar) Neg() { z.Sub(&order, z) }
-
-// Add calculates z = x+y mod order.
-func (z *Scalar) Add(x, y *Scalar) {
-	var z64, x64, y64, t scalar64
-	x64.fromScalar(x)
-	y64.fromScalar(y)
-	c := add(z64[:], x64[:], y64[:])
-	add(t[:], z64[:], residue448[:])
-	z64.Cmov(c, &t)
-	z64.modOrder()
-	z64.toScalar(z)
-}
-
-// Sub calculates z = x-y mod order.
-func (z *Scalar) Sub(x, y *Scalar) {
-	var z64, x64, y64, t scalar64
-	x64.fromScalar(x)
-	y64.fromScalar(y)
-	c := sub(z64[:], x64[:], y64[:])
-	sub(t[:], z64[:], residue448[:])
-	z64.Cmov(c, &t)
-	z64.modOrder()
-	z64.toScalar(z)
-}
-
-// Mul calculates z = x*y mod order.
-func (z *Scalar) Mul(x, y *Scalar) {
-	var z64, x64, y64 scalar64
-	prod := (&[_N + 1]uint64{})[:]
-	x64.fromScalar(x)
-	y64.fromScalar(y)
-	mulWord(prod, x64[:], y64[_N-1])
-	copy(z64[:], prod[:_N])
-	z64.reduceOneWord(prod[_N])
-	for i := _N - 2; i >= 0; i-- {
-		h := z64.leftShift(0)
-		z64.reduceOneWord(h)
-		mulWord(prod, x64[:], y64[i])
-		c := add(z64[:], z64[:], prod[:_N])
-		z64.reduceOneWord(prod[_N] + c)
-	}
-	z64.modOrder()
-	z64.toScalar(z)
-}
-
-// IsZero returns true if z=0.
-func (z *Scalar) IsZero() bool { z.Red(); return *z == Scalar{} }
diff --git a/vendor/github.com/cloudflare/circl/ecc/goldilocks/twist.go b/vendor/github.com/cloudflare/circl/ecc/goldilocks/twist.go
deleted file mode 100644
index 83d7cdadd3..0000000000
--- a/vendor/github.com/cloudflare/circl/ecc/goldilocks/twist.go
+++ /dev/null
@@ -1,138 +0,0 @@
-package goldilocks
-
-import (
-	"crypto/subtle"
-	"math/bits"
-
-	"github.com/cloudflare/circl/internal/conv"
-	"github.com/cloudflare/circl/math"
-	fp "github.com/cloudflare/circl/math/fp448"
-)
-
-// twistCurve is -x^2+y^2=1-39082x^2y^2 and is 4-isogenous to Goldilocks.
-type twistCurve struct{}
-
-// Identity returns the identity point.
-func (twistCurve) Identity() *twistPoint {
-	return &twistPoint{
-		y: fp.One(),
-		z: fp.One(),
-	}
-}
-
-// subYDiv16 update x = (x - y) / 16.
-func subYDiv16(x *scalar64, y int64) {
-	s := uint64(y >> 63)
-	x0, b0 := bits.Sub64((*x)[0], uint64(y), 0)
-	x1, b1 := bits.Sub64((*x)[1], s, b0)
-	x2, b2 := bits.Sub64((*x)[2], s, b1)
-	x3, b3 := bits.Sub64((*x)[3], s, b2)
-	x4, b4 := bits.Sub64((*x)[4], s, b3)
-	x5, b5 := bits.Sub64((*x)[5], s, b4)
-	x6, _ := bits.Sub64((*x)[6], s, b5)
-	x[0] = (x0 >> 4) | (x1 << 60)
-	x[1] = (x1 >> 4) | (x2 << 60)
-	x[2] = (x2 >> 4) | (x3 << 60)
-	x[3] = (x3 >> 4) | (x4 << 60)
-	x[4] = (x4 >> 4) | (x5 << 60)
-	x[5] = (x5 >> 4) | (x6 << 60)
-	x[6] = (x6 >> 4)
-}
-
-func recodeScalar(d *[113]int8, k *Scalar) {
-	var k64 scalar64
-	k64.fromScalar(k)
-	for i := 0; i < 112; i++ {
-		d[i] = int8((k64[0] & 0x1f) - 16)
-		subYDiv16(&k64, int64(d[i]))
-	}
-	d[112] = int8(k64[0])
-}
-
-// ScalarMult returns kP.
-func (e twistCurve) ScalarMult(k *Scalar, P *twistPoint) *twistPoint {
-	var TabP [8]preTwistPointProy
-	var S preTwistPointProy
-	var d [113]int8
-
-	var isZero int
-	if k.IsZero() {
-		isZero = 1
-	}
-	subtle.ConstantTimeCopy(isZero, k[:], order[:])
-
-	minusK := *k
-	isEven := 1 - int(k[0]&0x1)
-	minusK.Neg()
-	subtle.ConstantTimeCopy(isEven, k[:], minusK[:])
-	recodeScalar(&d, k)
-
-	P.oddMultiples(TabP[:])
-	Q := e.Identity()
-	for i := 112; i >= 0; i-- {
-		Q.Double()
-		Q.Double()
-		Q.Double()
-		Q.Double()
-		mask := d[i] >> 7
-		absDi := (d[i] + mask) ^ mask
-		inx := int32((absDi - 1) >> 1)
-		sig := int((d[i] >> 7) & 0x1)
-		for j := range TabP {
-			S.cmov(&TabP[j], uint(subtle.ConstantTimeEq(inx, int32(j))))
-		}
-		S.cneg(sig)
-		Q.mixAdd(&S)
-	}
-	Q.cneg(uint(isEven))
-	return Q
-}
-
-const (
-	omegaFix = 7
-	omegaVar = 5
-)
-
-// CombinedMult returns mG+nP.
-func (e twistCurve) CombinedMult(m, n *Scalar, P *twistPoint) *twistPoint {
-	nafFix := math.OmegaNAF(conv.BytesLe2BigInt(m[:]), omegaFix)
-	nafVar := math.OmegaNAF(conv.BytesLe2BigInt(n[:]), omegaVar)
-
-	if len(nafFix) > len(nafVar) {
-		nafVar = append(nafVar, make([]int32, len(nafFix)-len(nafVar))...)
-	} else if len(nafFix) < len(nafVar) {
-		nafFix = append(nafFix, make([]int32, len(nafVar)-len(nafFix))...)
-	}
-
-	var TabQ [1 << (omegaVar - 2)]preTwistPointProy
-	P.oddMultiples(TabQ[:])
-	Q := e.Identity()
-	for i := len(nafFix) - 1; i >= 0; i-- {
-		Q.Double()
-		// Generator point
-		if nafFix[i] != 0 {
-			idxM := absolute(nafFix[i]) >> 1
-			R := tabVerif[idxM]
-			if nafFix[i] < 0 {
-				R.neg()
-			}
-			Q.mixAddZ1(&R)
-		}
-		// Variable input point
-		if nafVar[i] != 0 {
-			idxN := absolute(nafVar[i]) >> 1
-			S := TabQ[idxN]
-			if nafVar[i] < 0 {
-				S.neg()
-			}
-			Q.mixAdd(&S)
-		}
-	}
-	return Q
-}
-
-// absolute returns always a positive value.
-func absolute(x int32) int32 {
-	mask := x >> 31
-	return (x + mask) ^ mask
-}
diff --git a/vendor/github.com/cloudflare/circl/ecc/goldilocks/twistPoint.go b/vendor/github.com/cloudflare/circl/ecc/goldilocks/twistPoint.go
deleted file mode 100644
index c55db77b06..0000000000
--- a/vendor/github.com/cloudflare/circl/ecc/goldilocks/twistPoint.go
+++ /dev/null
@@ -1,135 +0,0 @@
-package goldilocks
-
-import (
-	"fmt"
-
-	fp "github.com/cloudflare/circl/math/fp448"
-)
-
-type twistPoint struct{ x, y, z, ta, tb fp.Elt }
-
-type preTwistPointAffine struct{ addYX, subYX, dt2 fp.Elt }
-
-type preTwistPointProy struct {
-	preTwistPointAffine
-	z2 fp.Elt
-}
-
-func (P *twistPoint) String() string {
-	return fmt.Sprintf("x: %v\ny: %v\nz: %v\nta: %v\ntb: %v", P.x, P.y, P.z, P.ta, P.tb)
-}
-
-// cneg conditionally negates the point if b=1.
-func (P *twistPoint) cneg(b uint) {
-	t := &fp.Elt{}
-	fp.Neg(t, &P.x)
-	fp.Cmov(&P.x, t, b)
-	fp.Neg(t, &P.ta)
-	fp.Cmov(&P.ta, t, b)
-}
-
-// Double updates P with 2P.
-func (P *twistPoint) Double() {
-	// This is formula (7) from "Twisted Edwards Curves Revisited" by
-	// Hisil H., Wong K.KH., Carter G., Dawson E. (2008)
-	// https://doi.org/10.1007/978-3-540-89255-7_20
-	Px, Py, Pz, Pta, Ptb := &P.x, &P.y, &P.z, &P.ta, &P.tb
-	a, b, c, e, f, g, h := Px, Py, Pz, Pta, Px, Py, Ptb
-	fp.Add(e, Px, Py) // x+y
-	fp.Sqr(a, Px)     // A = x^2
-	fp.Sqr(b, Py)     // B = y^2
-	fp.Sqr(c, Pz)     // z^2
-	fp.Add(c, c, c)   // C = 2*z^2
-	fp.Add(h, a, b)   // H = A+B
-	fp.Sqr(e, e)      // (x+y)^2
-	fp.Sub(e, e, h)   // E = (x+y)^2-A-B
-	fp.Sub(g, b, a)   // G = B-A
-	fp.Sub(f, c, g)   // F = C-G
-	fp.Mul(Pz, f, g)  // Z = F * G
-	fp.Mul(Px, e, f)  // X = E * F
-	fp.Mul(Py, g, h)  // Y = G * H, T = E * H
-}
-
-// mixAdd calculates P= P+Q, where Q is a precomputed point with Z_Q = 1.
-func (P *twistPoint) mixAddZ1(Q *preTwistPointAffine) {
-	fp.Add(&P.z, &P.z, &P.z) // D = 2*z1 (z2=1)
-	P.coreAddition(Q)
-}
-
-// coreAddition calculates P=P+Q for curves with A=-1.
-func (P *twistPoint) coreAddition(Q *preTwistPointAffine) {
-	// This is the formula following (5) from "Twisted Edwards Curves Revisited" by
-	// Hisil H., Wong K.KH., Carter G., Dawson E. (2008)
-	// https://doi.org/10.1007/978-3-540-89255-7_20
-	Px, Py, Pz, Pta, Ptb := &P.x, &P.y, &P.z, &P.ta, &P.tb
-	addYX2, subYX2, dt2 := &Q.addYX, &Q.subYX, &Q.dt2
-	a, b, c, d, e, f, g, h := Px, Py, &fp.Elt{}, Pz, Pta, Px, Py, Ptb
-	fp.Mul(c, Pta, Ptb)  // t1 = ta*tb
-	fp.Sub(h, Py, Px)    // y1-x1
-	fp.Add(b, Py, Px)    // y1+x1
-	fp.Mul(a, h, subYX2) // A = (y1-x1)*(y2-x2)
-	fp.Mul(b, b, addYX2) // B = (y1+x1)*(y2+x2)
-	fp.Mul(c, c, dt2)    // C = 2*D*t1*t2
-	fp.Sub(e, b, a)      // E = B-A
-	fp.Add(h, b, a)      // H = B+A
-	fp.Sub(f, d, c)      // F = D-C
-	fp.Add(g, d, c)      // G = D+C
-	fp.Mul(Pz, f, g)     // Z = F * G
-	fp.Mul(Px, e, f)     // X = E * F
-	fp.Mul(Py, g, h)     // Y = G * H, T = E * H
-}
-
-func (P *preTwistPointAffine) neg() {
-	P.addYX, P.subYX = P.subYX, P.addYX
-	fp.Neg(&P.dt2, &P.dt2)
-}
-
-func (P *preTwistPointAffine) cneg(b int) {
-	t := &fp.Elt{}
-	fp.Cswap(&P.addYX, &P.subYX, uint(b))
-	fp.Neg(t, &P.dt2)
-	fp.Cmov(&P.dt2, t, uint(b))
-}
-
-func (P *preTwistPointAffine) cmov(Q *preTwistPointAffine, b uint) {
-	fp.Cmov(&P.addYX, &Q.addYX, b)
-	fp.Cmov(&P.subYX, &Q.subYX, b)
-	fp.Cmov(&P.dt2, &Q.dt2, b)
-}
-
-// mixAdd calculates P= P+Q, where Q is a precomputed point with Z_Q != 1.
-func (P *twistPoint) mixAdd(Q *preTwistPointProy) {
-	fp.Mul(&P.z, &P.z, &Q.z2) // D = 2*z1*z2
-	P.coreAddition(&Q.preTwistPointAffine)
-}
-
-// oddMultiples calculates T[i] = (2*i-1)P for 0 < i < len(T).
-func (P *twistPoint) oddMultiples(T []preTwistPointProy) {
-	if n := len(T); n > 0 {
-		T[0].FromTwistPoint(P)
-		_2P := *P
-		_2P.Double()
-		R := &preTwistPointProy{}
-		R.FromTwistPoint(&_2P)
-		for i := 1; i < n; i++ {
-			P.mixAdd(R)
-			T[i].FromTwistPoint(P)
-		}
-	}
-}
-
-// cmov conditionally moves Q into P if b=1.
-func (P *preTwistPointProy) cmov(Q *preTwistPointProy, b uint) {
-	P.preTwistPointAffine.cmov(&Q.preTwistPointAffine, b)
-	fp.Cmov(&P.z2, &Q.z2, b)
-}
-
-// FromTwistPoint precomputes some coordinates of Q for missed addition.
-func (P *preTwistPointProy) FromTwistPoint(Q *twistPoint) {
-	fp.Add(&P.addYX, &Q.y, &Q.x)         // addYX = X + Y
-	fp.Sub(&P.subYX, &Q.y, &Q.x)         // subYX = Y - X
-	fp.Mul(&P.dt2, &Q.ta, &Q.tb)         // T = ta*tb
-	fp.Mul(&P.dt2, &P.dt2, &paramDTwist) // D*T
-	fp.Add(&P.dt2, &P.dt2, &P.dt2)       // dt2 = 2*D*T
-	fp.Add(&P.z2, &Q.z, &Q.z)            // z2 = 2*Z
-}
diff --git a/vendor/github.com/cloudflare/circl/ecc/goldilocks/twistTables.go b/vendor/github.com/cloudflare/circl/ecc/goldilocks/twistTables.go
deleted file mode 100644
index ed432e02c7..0000000000
--- a/vendor/github.com/cloudflare/circl/ecc/goldilocks/twistTables.go
+++ /dev/null
@@ -1,216 +0,0 @@
-package goldilocks
-
-import fp "github.com/cloudflare/circl/math/fp448"
-
-var tabFixMult = [fxV][fx2w1]preTwistPointAffine{
-	{
-		{
-			addYX: fp.Elt{0x65, 0x4a, 0xdd, 0xdf, 0xb4, 0x79, 0x60, 0xc8, 0xa1, 0x70, 0xb4, 0x3a, 0x1e, 0x0c, 0x9b, 0x19, 0xe5, 0x48, 0x3f, 0xd7, 0x44, 0x18, 0x18, 0x14, 0x14, 0x27, 0x45, 0xd0, 0x2b, 0x24, 0xd5, 0x93, 0xc3, 0x74, 0x4c, 0x50, 0x70, 0x43, 0x26, 0x05, 0x08, 0x24, 0xca, 0x78, 0x30, 0xc1, 0x06, 0x8d, 0xd4, 0x86, 0x42, 0xf0, 0x14, 0xde, 0x08, 0x05},
-			subYX: fp.Elt{0x64, 0x4a, 0xdd, 0xdf, 0xb4, 0x79, 0x60, 0xc8, 0xa1, 0x70, 0xb4, 0x3a, 0x1e, 0x0c, 0x9b, 0x19, 0xe5, 0x48, 0x3f, 0xd7, 0x44, 0x18, 0x18, 0x14, 0x14, 0x27, 0x45, 0xd0, 0x2d, 0x24, 0xd5, 0x93, 0xc3, 0x74, 0x4c, 0x50, 0x70, 0x43, 0x26, 0x05, 0x08, 0x24, 0xca, 0x78, 0x30, 0xc1, 0x06, 0x8d, 0xd4, 0x86, 0x42, 0xf0, 0x14, 0xde, 0x08, 0x05},
-			dt2:   fp.Elt{0x1a, 0x33, 0xea, 0x64, 0x45, 0x1c, 0xdf, 0x17, 0x1d, 0x16, 0x34, 0x28, 0xd6, 0x61, 0x19, 0x67, 0x79, 0xb4, 0x13, 0xcf, 0x3e, 0x7c, 0x0e, 0x72, 0xda, 0xf1, 0x5f, 0xda, 0xe6, 0xcf, 0x42, 0xd3, 0xb6, 0x17, 0xc2, 0x68, 0x13, 0x2d, 0xd9, 0x60, 0x3e, 0xae, 0xf0, 0x5b, 0x96, 0xf0, 0xcd, 0xaf, 0xea, 0xb7, 0x0d, 0x59, 0x16, 0xa7, 0xff, 0x55},
-		},
-		{
-			addYX: fp.Elt{0xca, 0xd8, 0x7d, 0x86, 0x1a, 0xef, 0xad, 0x11, 0xe3, 0x27, 0x41, 0x7e, 0x7f, 0x3e, 0xa9, 0xd2, 0xb5, 0x4e, 0x50, 0xe0, 0x77, 0x91, 0xc2, 0x13, 0x52, 0x73, 0x41, 0x09, 0xa6, 0x57, 0x9a, 0xc8, 0xa8, 0x90, 0x9d, 0x26, 0x14, 0xbb, 0xa1, 0x2a, 0xf7, 0x45, 0x43, 0x4e, 0xea, 0x35, 0x62, 0xe1, 0x08, 0x85, 0x46, 0xb8, 0x24, 0x05, 0x2d, 0xab},
-			subYX: fp.Elt{0x9b, 0xe6, 0xd3, 0xe5, 0xfe, 0x50, 0x36, 0x3c, 0x3c, 0x6d, 0x74, 0x1d, 0x74, 0xc0, 0xde, 0x5b, 0x45, 0x27, 0xe5, 0x12, 0xee, 0x63, 0x35, 0x6b, 0x13, 0xe2, 0x41, 0x6b, 0x3a, 0x05, 0x2b, 0xb1, 0x89, 0x26, 0xb6, 0xc6, 0xd1, 0x84, 0xff, 0x0e, 0x9b, 0xa3, 0xfb, 0x21, 0x36, 0x6b, 0x01, 0xf7, 0x9f, 0x7c, 0xeb, 0xf5, 0x18, 0x7a, 0x2a, 0x70},
-			dt2:   fp.Elt{0x09, 0xad, 0x99, 0x1a, 0x38, 0xd3, 0xdf, 0x22, 0x37, 0x32, 0x61, 0x8b, 0xf3, 0x19, 0x48, 0x08, 0xe8, 0x49, 0xb6, 0x4a, 0xa7, 0xed, 0xa4, 0xa2, 0xee, 0x86, 0xd7, 0x31, 0x5e, 0xce, 0x95, 0x76, 0x86, 0x42, 0x1c, 0x9d, 0x07, 0x14, 0x8c, 0x34, 0x18, 0x9c, 0x6d, 0x3a, 0xdf, 0xa9, 0xe8, 0x36, 0x7e, 0xe4, 0x95, 0xbe, 0xb5, 0x09, 0xf8, 0x9c},
-		},
-		{
-			addYX: fp.Elt{0x51, 0xdb, 0x49, 0xa8, 0x9f, 0xe3, 0xd7, 0xec, 0x0d, 0x0f, 0x49, 0xe8, 0xb6, 0xc5, 0x0f, 0x5a, 0x1c, 0xce, 0x54, 0x0d, 0xb1, 0x8d, 0x5b, 0xbf, 0xf4, 0xaa, 0x34, 0x77, 0xc4, 0x5d, 0x59, 0xb6, 0xc5, 0x0e, 0x5a, 0xd8, 0x5b, 0x30, 0xc2, 0x1d, 0xec, 0x85, 0x1c, 0x42, 0xbe, 0x24, 0x2e, 0x50, 0x55, 0x44, 0xb2, 0x3a, 0x01, 0xaa, 0x98, 0xfb},
-			subYX: fp.Elt{0xe7, 0x29, 0xb7, 0xd0, 0xaa, 0x4f, 0x32, 0x53, 0x56, 0xde, 0xbc, 0xd1, 0x92, 0x5d, 0x19, 0xbe, 0xa3, 0xe3, 0x75, 0x48, 0xe0, 0x7a, 0x1b, 0x54, 0x7a, 0xb7, 0x41, 0x77, 0x84, 0x38, 0xdd, 0x14, 0x9f, 0xca, 0x3f, 0xa3, 0xc8, 0xa7, 0x04, 0x70, 0xf1, 0x4d, 0x3d, 0xb3, 0x84, 0x79, 0xcb, 0xdb, 0xe4, 0xc5, 0x42, 0x9b, 0x57, 0x19, 0xf1, 0x2d},
-			dt2:   fp.Elt{0x20, 0xb4, 0x94, 0x9e, 0xdf, 0x31, 0x44, 0x0b, 0xc9, 0x7b, 0x75, 0x40, 0x9d, 0xd1, 0x96, 0x39, 0x70, 0x71, 0x15, 0xc8, 0x93, 0xd5, 0xc5, 0xe5, 0xba, 0xfe, 0xee, 0x08, 0x6a, 0x98, 0x0a, 0x1b, 0xb2, 0xaa, 0x3a, 0xf4, 0xa4, 0x79, 0xf9, 0x8e, 0x4d, 0x65, 0x10, 0x9b, 0x3a, 0x6e, 0x7c, 0x87, 0x94, 0x92, 0x11, 0x65, 0xbf, 0x1a, 0x09, 0xde},
-		},
-		{
-			addYX: fp.Elt{0xf3, 0x84, 0x76, 0x77, 0xa5, 0x6b, 0x27, 0x3b, 0x83, 0x3d, 0xdf, 0xa0, 0xeb, 0x32, 0x6d, 0x58, 0x81, 0x57, 0x64, 0xc2, 0x21, 0x7c, 0x9b, 0xea, 0xe6, 0xb0, 0x93, 0xf9, 0xe7, 0xc3, 0xed, 0x5a, 0x8e, 0xe2, 0xb4, 0x72, 0x76, 0x66, 0x0f, 0x22, 0x29, 0x94, 0x3e, 0x63, 0x48, 0x5e, 0x80, 0xcb, 0xac, 0xfa, 0x95, 0xb6, 0x4b, 0xc4, 0x95, 0x33},
-			subYX: fp.Elt{0x0c, 0x55, 0xd1, 0x5e, 0x5f, 0xbf, 0xbf, 0xe2, 0x4c, 0xfc, 0x37, 0x4a, 0xc4, 0xb1, 0xf4, 0x83, 0x61, 0x93, 0x60, 0x8e, 0x9f, 0x31, 0xf0, 0xa0, 0x41, 0xff, 0x1d, 0xe2, 0x7f, 0xca, 0x40, 0xd6, 0x88, 0xe8, 0x91, 0x61, 0xe2, 0x11, 0x18, 0x83, 0xf3, 0x25, 0x2f, 0x3f, 0x49, 0x40, 0xd4, 0x83, 0xe2, 0xd7, 0x74, 0x6a, 0x16, 0x86, 0x4e, 0xab},
-			dt2:   fp.Elt{0xdd, 0x58, 0x65, 0xd8, 0x9f, 0xdd, 0x70, 0x7f, 0x0f, 0xec, 0xbd, 0x5c, 0x5c, 0x9b, 0x7e, 0x1b, 0x9f, 0x79, 0x36, 0x1f, 0xfd, 0x79, 0x10, 0x1c, 0x52, 0xf3, 0x22, 0xa4, 0x1f, 0x71, 0x6e, 0x63, 0x14, 0xf4, 0xa7, 0x3e, 0xbe, 0xad, 0x43, 0x30, 0x38, 0x8c, 0x29, 0xc6, 0xcf, 0x50, 0x75, 0x21, 0xe5, 0x78, 0xfd, 0xb0, 0x9a, 0xc4, 0x6d, 0xd4},
-		},
-	},
-	{
-		{
-			addYX: fp.Elt{0x7a, 0xa1, 0x38, 0xa6, 0xfd, 0x0e, 0x96, 0xd5, 0x26, 0x76, 0x86, 0x70, 0x80, 0x30, 0xa6, 0x67, 0xeb, 0xf4, 0x39, 0xdb, 0x22, 0xf5, 0x9f, 0x98, 0xe4, 0xb5, 0x3a, 0x0c, 0x59, 0xbf, 0x85, 0xc6, 0xf0, 0x0b, 0x1c, 0x41, 0x38, 0x09, 0x01, 0xdb, 0xd6, 0x3c, 0xb7, 0xf1, 0x08, 0x6b, 0x4b, 0x9e, 0x63, 0x53, 0x83, 0xd3, 0xab, 0xa3, 0x72, 0x0d},
-			subYX: fp.Elt{0x84, 0x68, 0x25, 0xe8, 0xe9, 0x8f, 0x91, 0xbf, 0xf7, 0xa4, 0x30, 0xae, 0xea, 0x9f, 0xdd, 0x56, 0x64, 0x09, 0xc9, 0x54, 0x68, 0x4e, 0x33, 0xc5, 0x6f, 0x7b, 0x2d, 0x52, 0x2e, 0x42, 0xbe, 0xbe, 0xf5, 0x64, 0xbf, 0x77, 0x54, 0xdf, 0xb0, 0x10, 0xd2, 0x16, 0x5d, 0xce, 0xaf, 0x9f, 0xfb, 0xa3, 0x63, 0x50, 0xcb, 0xc0, 0xd0, 0x88, 0x44, 0xa3},
-			dt2:   fp.Elt{0xc3, 0x8b, 0xa5, 0xf1, 0x44, 0xe4, 0x41, 0xcd, 0x75, 0xe3, 0x17, 0x69, 0x5b, 0xb9, 0xbb, 0xee, 0x82, 0xbb, 0xce, 0x57, 0xdf, 0x2a, 0x9c, 0x12, 0xab, 0x66, 0x08, 0x68, 0x05, 0x1b, 0x87, 0xee, 0x5d, 0x1e, 0x18, 0x14, 0x22, 0x4b, 0x99, 0x61, 0x75, 0x28, 0xe7, 0x65, 0x1c, 0x36, 0xb6, 0x18, 0x09, 0xa8, 0xdf, 0xef, 0x30, 0x35, 0xbc, 0x58},
-		},
-		{
-			addYX: fp.Elt{0xc5, 0xd3, 0x0e, 0x6f, 0xaf, 0x06, 0x69, 0xc4, 0x07, 0x9e, 0x58, 0x6e, 0x3f, 0x49, 0xd9, 0x0a, 0x3c, 0x2c, 0x37, 0xcd, 0x27, 0x4d, 0x87, 0x91, 0x7a, 0xb0, 0x28, 0xad, 0x2f, 0x68, 0x92, 0x05, 0x97, 0xf1, 0x30, 0x5f, 0x4c, 0x10, 0x20, 0x30, 0xd3, 0x08, 0x3f, 0xc1, 0xc6, 0xb7, 0xb5, 0xd1, 0x71, 0x7b, 0xa8, 0x0a, 0xd8, 0xf5, 0x17, 0xcf},
-			subYX: fp.Elt{0x64, 0xd4, 0x8f, 0x91, 0x40, 0xab, 0x6e, 0x1a, 0x62, 0x83, 0xdc, 0xd7, 0x30, 0x1a, 0x4a, 0x2a, 0x4c, 0x54, 0x86, 0x19, 0x81, 0x5d, 0x04, 0x52, 0xa3, 0xca, 0x82, 0x38, 0xdc, 0x1e, 0xf0, 0x7a, 0x78, 0x76, 0x49, 0x4f, 0x71, 0xc4, 0x74, 0x2f, 0xf0, 0x5b, 0x2e, 0x5e, 0xac, 0xef, 0x17, 0xe4, 0x8e, 0x6e, 0xed, 0x43, 0x23, 0x61, 0x99, 0x49},
-			dt2:   fp.Elt{0x64, 0x90, 0x72, 0x76, 0xf8, 0x2c, 0x7d, 0x57, 0xf9, 0x30, 0x5e, 0x7a, 0x10, 0x74, 0x19, 0x39, 0xd9, 0xaf, 0x0a, 0xf1, 0x43, 0xed, 0x88, 0x9c, 0x8b, 0xdc, 0x9b, 0x1c, 0x90, 0xe7, 0xf7, 0xa3, 0xa5, 0x0d, 0xc6, 0xbc, 0x30, 0xfb, 0x91, 0x1a, 0x51, 0xba, 0x2d, 0xbe, 0x89, 0xdf, 0x1d, 0xdc, 0x53, 0xa8, 0x82, 0x8a, 0xd3, 0x8d, 0x16, 0x68},
-		},
-		{
-			addYX: fp.Elt{0xef, 0x5c, 0xe3, 0x74, 0xbf, 0x13, 0x4a, 0xbf, 0x66, 0x73, 0x64, 0xb7, 0xd4, 0xce, 0x98, 0x82, 0x05, 0xfa, 0x98, 0x0c, 0x0a, 0xae, 0xe5, 0x6b, 0x9f, 0xac, 0xbb, 0x6e, 0x1f, 0xcf, 0xff, 0xa6, 0x71, 0x9a, 0xa8, 0x7a, 0x9e, 0x64, 0x1f, 0x20, 0x4a, 0x61, 0xa2, 0xd6, 0x50, 0xe3, 0xba, 0x81, 0x0c, 0x50, 0x59, 0x69, 0x59, 0x15, 0x55, 0xdb},
-			subYX: fp.Elt{0xe8, 0x77, 0x4d, 0xe8, 0x66, 0x3d, 0xc1, 0x00, 0x3c, 0xf2, 0x25, 0x00, 0xdc, 0xb2, 0xe5, 0x9b, 0x12, 0x89, 0xf3, 0xd6, 0xea, 0x85, 0x60, 0xfe, 0x67, 0x91, 0xfd, 0x04, 0x7c, 0xe0, 0xf1, 0x86, 0x06, 0x11, 0x66, 0xee, 0xd4, 0xd5, 0xbe, 0x3b, 0x0f, 0xe3, 0x59, 0xb3, 0x4f, 0x00, 0xb6, 0xce, 0x80, 0xc1, 0x61, 0xf7, 0xaf, 0x04, 0x6a, 0x3c},
-			dt2:   fp.Elt{0x00, 0xd7, 0x32, 0x93, 0x67, 0x70, 0x6f, 0xd7, 0x69, 0xab, 0xb1, 0xd3, 0xdc, 0xd6, 0xa8, 0xdd, 0x35, 0x25, 0xca, 0xd3, 0x8a, 0x6d, 0xce, 0xfb, 0xfd, 0x2b, 0x83, 0xf0, 0xd4, 0xac, 0x66, 0xfb, 0x72, 0x87, 0x7e, 0x55, 0xb7, 0x91, 0x58, 0x10, 0xc3, 0x11, 0x7e, 0x15, 0xfe, 0x7c, 0x55, 0x90, 0xa3, 0x9e, 0xed, 0x9a, 0x7f, 0xa7, 0xb7, 0xeb},
-		},
-		{
-			addYX: fp.Elt{0x25, 0x0f, 0xc2, 0x09, 0x9c, 0x10, 0xc8, 0x7c, 0x93, 0xa7, 0xbe, 0xe9, 0x26, 0x25, 0x7c, 0x21, 0xfe, 0xe7, 0x5f, 0x3c, 0x02, 0x83, 0xa7, 0x9e, 0xdf, 0xc0, 0x94, 0x2b, 0x7d, 0x1a, 0xd0, 0x1d, 0xcc, 0x2e, 0x7d, 0xd4, 0x85, 0xe7, 0xc1, 0x15, 0x66, 0xd6, 0xd6, 0x32, 0xb8, 0xf7, 0x63, 0xaa, 0x3b, 0xa5, 0xea, 0x49, 0xad, 0x88, 0x9b, 0x66},
-			subYX: fp.Elt{0x09, 0x97, 0x79, 0x36, 0x41, 0x56, 0x9b, 0xdf, 0x15, 0xd8, 0x43, 0x28, 0x17, 0x5b, 0x96, 0xc9, 0xcf, 0x39, 0x1f, 0x13, 0xf7, 0x4d, 0x1d, 0x1f, 0xda, 0x51, 0x56, 0xe7, 0x0a, 0x5a, 0x65, 0xb6, 0x2a, 0x87, 0x49, 0x86, 0xc2, 0x2b, 0xcd, 0xfe, 0x07, 0xf6, 0x4c, 0xe2, 0x1d, 0x9b, 0xd8, 0x82, 0x09, 0x5b, 0x11, 0x10, 0x62, 0x56, 0x89, 0xbd},
-			dt2:   fp.Elt{0xd9, 0x15, 0x73, 0xf2, 0x96, 0x35, 0x53, 0xb0, 0xe7, 0xa8, 0x0b, 0x93, 0x35, 0x0b, 0x3a, 0x00, 0xf5, 0x18, 0xb1, 0xc3, 0x12, 0x3f, 0x91, 0x17, 0xc1, 0x4c, 0x15, 0x5a, 0x86, 0x92, 0x11, 0xbd, 0x44, 0x40, 0x5a, 0x7b, 0x15, 0x89, 0xba, 0xc1, 0xc1, 0xbc, 0x43, 0x45, 0xe6, 0x52, 0x02, 0x73, 0x0a, 0xd0, 0x2a, 0x19, 0xda, 0x47, 0xa8, 0xff},
-		},
-	},
-}
-
-// tabVerif contains the odd multiples of P. The entry T[i] = (2i+1)P, where
-// P = phi(G) and G is the generator of the Goldilocks curve, and phi is a
-// 4-degree isogeny.
-var tabVerif = [1 << (omegaFix - 2)]preTwistPointAffine{
-	{ /* 1P*/
-		addYX: fp.Elt{0x65, 0x4a, 0xdd, 0xdf, 0xb4, 0x79, 0x60, 0xc8, 0xa1, 0x70, 0xb4, 0x3a, 0x1e, 0x0c, 0x9b, 0x19, 0xe5, 0x48, 0x3f, 0xd7, 0x44, 0x18, 0x18, 0x14, 0x14, 0x27, 0x45, 0xd0, 0x2b, 0x24, 0xd5, 0x93, 0xc3, 0x74, 0x4c, 0x50, 0x70, 0x43, 0x26, 0x05, 0x08, 0x24, 0xca, 0x78, 0x30, 0xc1, 0x06, 0x8d, 0xd4, 0x86, 0x42, 0xf0, 0x14, 0xde, 0x08, 0x05},
-		subYX: fp.Elt{0x64, 0x4a, 0xdd, 0xdf, 0xb4, 0x79, 0x60, 0xc8, 0xa1, 0x70, 0xb4, 0x3a, 0x1e, 0x0c, 0x9b, 0x19, 0xe5, 0x48, 0x3f, 0xd7, 0x44, 0x18, 0x18, 0x14, 0x14, 0x27, 0x45, 0xd0, 0x2d, 0x24, 0xd5, 0x93, 0xc3, 0x74, 0x4c, 0x50, 0x70, 0x43, 0x26, 0x05, 0x08, 0x24, 0xca, 0x78, 0x30, 0xc1, 0x06, 0x8d, 0xd4, 0x86, 0x42, 0xf0, 0x14, 0xde, 0x08, 0x05},
-		dt2:   fp.Elt{0x1a, 0x33, 0xea, 0x64, 0x45, 0x1c, 0xdf, 0x17, 0x1d, 0x16, 0x34, 0x28, 0xd6, 0x61, 0x19, 0x67, 0x79, 0xb4, 0x13, 0xcf, 0x3e, 0x7c, 0x0e, 0x72, 0xda, 0xf1, 0x5f, 0xda, 0xe6, 0xcf, 0x42, 0xd3, 0xb6, 0x17, 0xc2, 0x68, 0x13, 0x2d, 0xd9, 0x60, 0x3e, 0xae, 0xf0, 0x5b, 0x96, 0xf0, 0xcd, 0xaf, 0xea, 0xb7, 0x0d, 0x59, 0x16, 0xa7, 0xff, 0x55},
-	},
-	{ /* 3P*/
-		addYX: fp.Elt{0xd1, 0xe9, 0xa8, 0x33, 0x20, 0x76, 0x18, 0x08, 0x45, 0x2a, 0xc9, 0x67, 0x2a, 0xc3, 0x15, 0x24, 0xf9, 0x74, 0x21, 0x30, 0x99, 0x59, 0x8b, 0xb2, 0xf0, 0xa4, 0x07, 0xe2, 0x6a, 0x36, 0x8d, 0xd9, 0xd2, 0x4a, 0x7f, 0x73, 0x50, 0x39, 0x3d, 0xaa, 0xa7, 0x51, 0x73, 0x0d, 0x2b, 0x8b, 0x96, 0x47, 0xac, 0x3c, 0x5d, 0xaa, 0x39, 0x9c, 0xcf, 0xd5},
-		subYX: fp.Elt{0x6b, 0x11, 0x5d, 0x1a, 0xf9, 0x41, 0x9d, 0xc5, 0x30, 0x3e, 0xad, 0x25, 0x2c, 0x04, 0x45, 0xea, 0xcc, 0x67, 0x07, 0x85, 0xe9, 0xda, 0x0e, 0xb5, 0x40, 0xb7, 0x32, 0xb4, 0x49, 0xdd, 0xff, 0xaa, 0xfc, 0xbb, 0x19, 0xca, 0x8b, 0x79, 0x2b, 0x8f, 0x8d, 0x00, 0x33, 0xc2, 0xad, 0xe9, 0xd3, 0x12, 0xa8, 0xaa, 0x87, 0x62, 0xad, 0x2d, 0xff, 0xa4},
-		dt2:   fp.Elt{0xb0, 0xaf, 0x3b, 0xea, 0xf0, 0x42, 0x0b, 0x5e, 0x88, 0xd3, 0x98, 0x08, 0x87, 0x59, 0x72, 0x0a, 0xc2, 0xdf, 0xcb, 0x7f, 0x59, 0xb5, 0x4c, 0x63, 0x68, 0xe8, 0x41, 0x38, 0x67, 0x4f, 0xe9, 0xc6, 0xb2, 0x6b, 0x08, 0xa7, 0xf7, 0x0e, 0xcd, 0xea, 0xca, 0x3d, 0xaf, 0x8e, 0xda, 0x4b, 0x2e, 0xd2, 0x88, 0x64, 0x8d, 0xc5, 0x5f, 0x76, 0x0f, 0x3d},
-	},
-	{ /* 5P*/
-		addYX: fp.Elt{0xe5, 0x65, 0xc9, 0xe2, 0x75, 0xf0, 0x7d, 0x1a, 0xba, 0xa4, 0x40, 0x4b, 0x93, 0x12, 0xa2, 0x80, 0x95, 0x0d, 0x03, 0x93, 0xe8, 0xa5, 0x4d, 0xe2, 0x3d, 0x81, 0xf5, 0xce, 0xd4, 0x2d, 0x25, 0x59, 0x16, 0x5c, 0xe7, 0xda, 0xc7, 0x45, 0xd2, 0x7e, 0x2c, 0x38, 0xd4, 0x37, 0x64, 0xb2, 0xc2, 0x28, 0xc5, 0x72, 0x16, 0x32, 0x45, 0x36, 0x6f, 0x9f},
-		subYX: fp.Elt{0x09, 0xf4, 0x7e, 0xbd, 0x89, 0xdb, 0x19, 0x58, 0xe1, 0x08, 0x00, 0x8a, 0xf4, 0x5f, 0x2a, 0x32, 0x40, 0xf0, 0x2c, 0x3f, 0x5d, 0xe4, 0xfc, 0x89, 0x11, 0x24, 0xb4, 0x2f, 0x97, 0xad, 0xac, 0x8f, 0x19, 0xab, 0xfa, 0x12, 0xe5, 0xf9, 0x50, 0x4e, 0x50, 0x6f, 0x32, 0x30, 0x88, 0xa6, 0xe5, 0x48, 0x28, 0xa2, 0x1b, 0x9f, 0xcd, 0xe2, 0x43, 0x38},
-		dt2:   fp.Elt{0xa9, 0xcc, 0x53, 0x39, 0x86, 0x02, 0x60, 0x75, 0x34, 0x99, 0x57, 0xbd, 0xfc, 0x5a, 0x8e, 0xce, 0x5e, 0x98, 0x22, 0xd0, 0xa5, 0x24, 0xff, 0x90, 0x28, 0x9f, 0x58, 0xf3, 0x39, 0xe9, 0xba, 0x36, 0x23, 0xfb, 0x7f, 0x41, 0xcc, 0x2b, 0x5a, 0x25, 0x3f, 0x4c, 0x2a, 0xf1, 0x52, 0x6f, 0x2f, 0x07, 0xe3, 0x88, 0x81, 0x77, 0xdd, 0x7c, 0x88, 0x82},
-	},
-	{ /* 7P*/
-		addYX: fp.Elt{0xf7, 0xee, 0x88, 0xfd, 0x3a, 0xbf, 0x7e, 0x28, 0x39, 0x23, 0x79, 0xe6, 0x5c, 0x56, 0xcb, 0xb5, 0x48, 0x6a, 0x80, 0x6d, 0x37, 0x60, 0x6c, 0x10, 0x35, 0x49, 0x4b, 0x46, 0x60, 0xd4, 0x79, 0xd4, 0x53, 0xd3, 0x67, 0x88, 0xd0, 0x41, 0xd5, 0x43, 0x85, 0xc8, 0x71, 0xe3, 0x1c, 0xb6, 0xda, 0x22, 0x64, 0x8f, 0x80, 0xac, 0xad, 0x7d, 0xd5, 0x82},
-		subYX: fp.Elt{0x92, 0x40, 0xc1, 0x83, 0x21, 0x9b, 0xd5, 0x7d, 0x3f, 0x29, 0xb6, 0x26, 0xef, 0x12, 0xb9, 0x27, 0x39, 0x42, 0x37, 0x97, 0x09, 0x9a, 0x08, 0xe1, 0x68, 0xb6, 0x7a, 0x3f, 0x9f, 0x45, 0xf8, 0x37, 0x19, 0x83, 0x97, 0xe6, 0x73, 0x30, 0x32, 0x35, 0xcf, 0xae, 0x5c, 0x12, 0x68, 0xdf, 0x6e, 0x2b, 0xde, 0x83, 0xa0, 0x44, 0x74, 0x2e, 0x4a, 0xe9},
-		dt2:   fp.Elt{0xcb, 0x22, 0x0a, 0xda, 0x6b, 0xc1, 0x8a, 0x29, 0xa1, 0xac, 0x8b, 0x5b, 0x8b, 0x32, 0x20, 0xf2, 0x21, 0xae, 0x0c, 0x43, 0xc4, 0xd7, 0x19, 0x37, 0x3d, 0x79, 0x25, 0x98, 0x6c, 0x9c, 0x22, 0x31, 0x2a, 0x55, 0x9f, 0xda, 0x5e, 0xa8, 0x13, 0xdb, 0x8e, 0x2e, 0x16, 0x39, 0xf4, 0x91, 0x6f, 0xec, 0x71, 0x71, 0xc9, 0x10, 0xf2, 0xa4, 0x8f, 0x11},
-	},
-	{ /* 9P*/
-		addYX: fp.Elt{0x85, 0xdd, 0x37, 0x62, 0x74, 0x8e, 0x33, 0x5b, 0x25, 0x12, 0x1b, 0xe7, 0xdf, 0x47, 0xe5, 0x12, 0xfd, 0x3a, 0x3a, 0xf5, 0x5d, 0x4c, 0xa2, 0x29, 0x3c, 0x5c, 0x2f, 0xee, 0x18, 0x19, 0x0a, 0x2b, 0xef, 0x67, 0x50, 0x7a, 0x0d, 0x29, 0xae, 0x55, 0x82, 0xcd, 0xd6, 0x41, 0x90, 0xb4, 0x13, 0x31, 0x5d, 0x11, 0xb8, 0xaa, 0x12, 0x86, 0x08, 0xac},
-		subYX: fp.Elt{0xcc, 0x37, 0x8d, 0x83, 0x5f, 0xfd, 0xde, 0xd5, 0xf7, 0xf1, 0xae, 0x0a, 0xa7, 0x0b, 0xeb, 0x6d, 0x19, 0x8a, 0xb6, 0x1a, 0x59, 0xd8, 0xff, 0x3c, 0xbc, 0xbc, 0xef, 0x9c, 0xda, 0x7b, 0x75, 0x12, 0xaf, 0x80, 0x8f, 0x2c, 0x3c, 0xaa, 0x0b, 0x17, 0x86, 0x36, 0x78, 0x18, 0xc8, 0x8a, 0xf6, 0xb8, 0x2c, 0x2f, 0x57, 0x2c, 0x62, 0x57, 0xf6, 0x90},
-		dt2:   fp.Elt{0x83, 0xbc, 0xa2, 0x07, 0xa5, 0x38, 0x96, 0xea, 0xfe, 0x11, 0x46, 0x1d, 0x3b, 0xcd, 0x42, 0xc5, 0xee, 0x67, 0x04, 0x72, 0x08, 0xd8, 0xd9, 0x96, 0x07, 0xf7, 0xac, 0xc3, 0x64, 0xf1, 0x98, 0x2c, 0x55, 0xd7, 0x7d, 0xc8, 0x6c, 0xbd, 0x2c, 0xff, 0x15, 0xd6, 0x6e, 0xb8, 0x17, 0x8e, 0xa8, 0x27, 0x66, 0xb1, 0x73, 0x79, 0x96, 0xff, 0x29, 0x10},
-	},
-	{ /* 11P*/
-		addYX: fp.Elt{0x76, 0xcb, 0x9b, 0x0c, 0x5b, 0xfe, 0xe1, 0x2a, 0xdd, 0x6f, 0x6c, 0xdd, 0x6f, 0xb4, 0xc0, 0xc2, 0x1b, 0x4b, 0x38, 0xe8, 0x66, 0x8c, 0x1e, 0x31, 0x63, 0xb9, 0x94, 0xcd, 0xc3, 0x8c, 0x44, 0x25, 0x7b, 0xd5, 0x39, 0x80, 0xfc, 0x01, 0xaa, 0xf7, 0x2a, 0x61, 0x8a, 0x25, 0xd2, 0x5f, 0xc5, 0x66, 0x38, 0xa4, 0x17, 0xcf, 0x3e, 0x11, 0x0f, 0xa3},
-		subYX: fp.Elt{0xe0, 0xb6, 0xd1, 0x9c, 0x71, 0x49, 0x2e, 0x7b, 0xde, 0x00, 0xda, 0x6b, 0xf1, 0xec, 0xe6, 0x7a, 0x15, 0x38, 0x71, 0xe9, 0x7b, 0xdb, 0xf8, 0x98, 0xc0, 0x91, 0x2e, 0x53, 0xee, 0x92, 0x87, 0x25, 0xc9, 0xb0, 0xbb, 0x33, 0x15, 0x46, 0x7f, 0xfd, 0x4f, 0x8b, 0x77, 0x05, 0x96, 0xb6, 0xe2, 0x08, 0xdb, 0x0d, 0x09, 0xee, 0x5b, 0xd1, 0x2a, 0x63},
-		dt2:   fp.Elt{0x8f, 0x7b, 0x57, 0x8c, 0xbf, 0x06, 0x0d, 0x43, 0x21, 0x92, 0x94, 0x2d, 0x6a, 0x38, 0x07, 0x0f, 0xa0, 0xf1, 0xe3, 0xd8, 0x2a, 0xbf, 0x46, 0xc6, 0x9e, 0x1f, 0x8f, 0x2b, 0x46, 0x84, 0x0b, 0x74, 0xed, 0xff, 0xf8, 0xa5, 0x94, 0xae, 0xf1, 0x67, 0xb1, 0x9b, 0xdd, 0x4a, 0xd0, 0xdb, 0xc2, 0xb5, 0x58, 0x49, 0x0c, 0xa9, 0x1d, 0x7d, 0xa9, 0xd3},
-	},
-	{ /* 13P*/
-		addYX: fp.Elt{0x73, 0x84, 0x2e, 0x31, 0x1f, 0xdc, 0xed, 0x9f, 0x74, 0xfa, 0xe0, 0x35, 0xb1, 0x85, 0x6a, 0x8d, 0x86, 0xd0, 0xff, 0xd6, 0x08, 0x43, 0x73, 0x1a, 0xd5, 0xf8, 0x43, 0xd4, 0xb3, 0xe5, 0x3f, 0xa8, 0x84, 0x17, 0x59, 0x65, 0x4e, 0xe6, 0xee, 0x54, 0x9c, 0xda, 0x5e, 0x7e, 0x98, 0x29, 0x6d, 0x73, 0x34, 0x1f, 0x99, 0x80, 0x54, 0x54, 0x81, 0x0b},
-		subYX: fp.Elt{0xb1, 0xe5, 0xbb, 0x80, 0x22, 0x9c, 0x81, 0x6d, 0xaf, 0x27, 0x65, 0x6f, 0x7e, 0x9c, 0xb6, 0x8d, 0x35, 0x5c, 0x2e, 0x20, 0x48, 0x7a, 0x28, 0xf0, 0x97, 0xfe, 0xb7, 0x71, 0xce, 0xd6, 0xad, 0x3a, 0x81, 0xf6, 0x74, 0x5e, 0xf3, 0xfd, 0x1b, 0xd4, 0x1e, 0x7c, 0xc2, 0xb7, 0xc8, 0xa6, 0xc9, 0x89, 0x03, 0x47, 0xec, 0x24, 0xd6, 0x0e, 0xec, 0x9c},
-		dt2:   fp.Elt{0x91, 0x0a, 0x43, 0x34, 0x20, 0xc2, 0x64, 0xf7, 0x4e, 0x48, 0xc8, 0xd2, 0x95, 0x83, 0xd1, 0xa4, 0xfb, 0x4e, 0x41, 0x3b, 0x0d, 0xd5, 0x07, 0xd9, 0xf1, 0x13, 0x16, 0x78, 0x54, 0x57, 0xd0, 0xf1, 0x4f, 0x20, 0xac, 0xcf, 0x9c, 0x3b, 0x33, 0x0b, 0x99, 0x54, 0xc3, 0x7f, 0x3e, 0x57, 0x26, 0x86, 0xd5, 0xa5, 0x2b, 0x8d, 0xe3, 0x19, 0x36, 0xf7},
-	},
-	{ /* 15P*/
-		addYX: fp.Elt{0x23, 0x69, 0x47, 0x14, 0xf9, 0x9a, 0x50, 0xff, 0x64, 0xd1, 0x50, 0x35, 0xc3, 0x11, 0xd3, 0x19, 0xcf, 0x87, 0xda, 0x30, 0x0b, 0x50, 0xda, 0xc0, 0xe0, 0x25, 0x00, 0xe5, 0x68, 0x93, 0x04, 0xc2, 0xaf, 0xbd, 0x2f, 0x36, 0x5f, 0x47, 0x96, 0x10, 0xa8, 0xbd, 0xe4, 0x88, 0xac, 0x80, 0x52, 0x61, 0x73, 0xe9, 0x63, 0xdd, 0x99, 0xad, 0x20, 0x5b},
-		subYX: fp.Elt{0x1b, 0x5e, 0xa2, 0x2a, 0x25, 0x0f, 0x86, 0xc0, 0xb1, 0x2e, 0x0c, 0x13, 0x40, 0x8d, 0xf0, 0xe6, 0x00, 0x55, 0x08, 0xc5, 0x7d, 0xf4, 0xc9, 0x31, 0x25, 0x3a, 0x99, 0x69, 0xdd, 0x67, 0x63, 0x9a, 0xd6, 0x89, 0x2e, 0xa1, 0x19, 0xca, 0x2c, 0xd9, 0x59, 0x5f, 0x5d, 0xc3, 0x6e, 0x62, 0x36, 0x12, 0x59, 0x15, 0xe1, 0xdc, 0xa4, 0xad, 0xc9, 0xd0},
-		dt2:   fp.Elt{0xbc, 0xea, 0xfc, 0xaf, 0x66, 0x23, 0xb7, 0x39, 0x6b, 0x2a, 0x96, 0xa8, 0x54, 0x43, 0xe9, 0xaa, 0x32, 0x40, 0x63, 0x92, 0x5e, 0xdf, 0x35, 0xc2, 0x9f, 0x24, 0x0c, 0xed, 0xfc, 0xde, 0x73, 0x8f, 0xa7, 0xd5, 0xa3, 0x2b, 0x18, 0x1f, 0xb0, 0xf8, 0xeb, 0x55, 0xd9, 0xc3, 0xfd, 0x28, 0x7c, 0x4f, 0xce, 0x0d, 0xf7, 0xae, 0xc2, 0x83, 0xc3, 0x78},
-	},
-	{ /* 17P*/
-		addYX: fp.Elt{0x71, 0xe6, 0x60, 0x93, 0x37, 0xdb, 0x01, 0xa5, 0x4c, 0xba, 0xe8, 0x8e, 0xd5, 0xf9, 0xd3, 0x98, 0xe5, 0xeb, 0xab, 0x3a, 0x15, 0x8b, 0x35, 0x60, 0xbe, 0xe5, 0x9c, 0x2d, 0x10, 0x9b, 0x2e, 0xcf, 0x65, 0x64, 0xea, 0x8f, 0x72, 0xce, 0xf5, 0x18, 0xe5, 0xe2, 0xf0, 0x0e, 0xae, 0x04, 0xec, 0xa0, 0x20, 0x65, 0x63, 0x07, 0xb1, 0x9f, 0x03, 0x97},
-		subYX: fp.Elt{0x9e, 0x41, 0x64, 0x30, 0x95, 0x7f, 0x3a, 0x89, 0x7b, 0x0a, 0x79, 0x59, 0x23, 0x9a, 0x3b, 0xfe, 0xa4, 0x13, 0x08, 0xb2, 0x2e, 0x04, 0x50, 0x10, 0x30, 0xcd, 0x2e, 0xa4, 0x91, 0x71, 0x50, 0x36, 0x4a, 0x02, 0xf4, 0x8d, 0xa3, 0x36, 0x1b, 0xf4, 0x52, 0xba, 0x15, 0x04, 0x8b, 0x80, 0x25, 0xd9, 0xae, 0x67, 0x20, 0xd9, 0x88, 0x8f, 0x97, 0xa6},
-		dt2:   fp.Elt{0xb5, 0xe7, 0x46, 0xbd, 0x55, 0x23, 0xa0, 0x68, 0xc0, 0x12, 0xd9, 0xf1, 0x0a, 0x75, 0xe2, 0xda, 0xf4, 0x6b, 0xca, 0x14, 0xe4, 0x9f, 0x0f, 0xb5, 0x3c, 0xa6, 0xa5, 0xa2, 0x63, 0x94, 0xd1, 0x1c, 0x39, 0x58, 0x57, 0x02, 0x27, 0x98, 0xb6, 0x47, 0xc6, 0x61, 0x4b, 0x5c, 0xab, 0x6f, 0x2d, 0xab, 0xe3, 0xc1, 0x69, 0xf9, 0x12, 0xb0, 0xc8, 0xd5},
-	},
-	{ /* 19P*/
-		addYX: fp.Elt{0x19, 0x7d, 0xd5, 0xac, 0x79, 0xa2, 0x82, 0x9b, 0x28, 0x31, 0x22, 0xc0, 0x73, 0x02, 0x76, 0x17, 0x10, 0x70, 0x79, 0x57, 0xc9, 0x84, 0x62, 0x8e, 0x04, 0x04, 0x61, 0x67, 0x08, 0x48, 0xb4, 0x4b, 0xde, 0x53, 0x8c, 0xff, 0x36, 0x1b, 0x62, 0x86, 0x5d, 0xe1, 0x9b, 0xb1, 0xe5, 0xe8, 0x44, 0x64, 0xa1, 0x68, 0x3f, 0xa8, 0x45, 0x52, 0x91, 0xed},
-		subYX: fp.Elt{0x42, 0x1a, 0x36, 0x1f, 0x90, 0x15, 0x24, 0x8d, 0x24, 0x80, 0xe6, 0xfe, 0x1e, 0xf0, 0xad, 0xaf, 0x6a, 0x93, 0xf0, 0xa6, 0x0d, 0x5d, 0xea, 0xf6, 0x62, 0x96, 0x7a, 0x05, 0x76, 0x85, 0x74, 0x32, 0xc7, 0xc8, 0x64, 0x53, 0x62, 0xe7, 0x54, 0x84, 0xe0, 0x40, 0x66, 0x19, 0x70, 0x40, 0x95, 0x35, 0x68, 0x64, 0x43, 0xcd, 0xba, 0x29, 0x32, 0xa8},
-		dt2:   fp.Elt{0x3e, 0xf6, 0xd6, 0xe4, 0x99, 0xeb, 0x20, 0x66, 0x08, 0x2e, 0x26, 0x64, 0xd7, 0x76, 0xf3, 0xb4, 0xc5, 0xa4, 0x35, 0x92, 0xd2, 0x99, 0x70, 0x5a, 0x1a, 0xe9, 0xe9, 0x3d, 0x3b, 0xe1, 0xcd, 0x0e, 0xee, 0x24, 0x13, 0x03, 0x22, 0xd6, 0xd6, 0x72, 0x08, 0x2b, 0xde, 0xfd, 0x93, 0xed, 0x0c, 0x7f, 0x5e, 0x31, 0x22, 0x4d, 0x80, 0x78, 0xc0, 0x48},
-	},
-	{ /* 21P*/
-		addYX: fp.Elt{0x8f, 0x72, 0xd2, 0x9e, 0xc4, 0xcd, 0x2c, 0xbf, 0xa8, 0xd3, 0x24, 0x62, 0x28, 0xee, 0x39, 0x0a, 0x19, 0x3a, 0x58, 0xff, 0x21, 0x2e, 0x69, 0x6c, 0x6e, 0x18, 0xd0, 0xcd, 0x61, 0xc1, 0x18, 0x02, 0x5a, 0xe9, 0xe3, 0xef, 0x1f, 0x8e, 0x10, 0xe8, 0x90, 0x2b, 0x48, 0xcd, 0xee, 0x38, 0xbd, 0x3a, 0xca, 0xbc, 0x2d, 0xe2, 0x3a, 0x03, 0x71, 0x02},
-		subYX: fp.Elt{0xf8, 0xa4, 0x32, 0x26, 0x66, 0xaf, 0x3b, 0x53, 0xe7, 0xb0, 0x91, 0x92, 0xf5, 0x3c, 0x74, 0xce, 0xf2, 0xdd, 0x68, 0xa9, 0xf4, 0xcd, 0x5f, 0x60, 0xab, 0x71, 0xdf, 0xcd, 0x5c, 0x5d, 0x51, 0x72, 0x3a, 0x96, 0xea, 0xd6, 0xde, 0x54, 0x8e, 0x55, 0x4c, 0x08, 0x4c, 0x60, 0xdd, 0x34, 0xa9, 0x6f, 0xf3, 0x04, 0x02, 0xa8, 0xa6, 0x4e, 0x4d, 0x62},
-		dt2:   fp.Elt{0x76, 0x4a, 0xae, 0x38, 0x62, 0x69, 0x72, 0xdc, 0xe8, 0x43, 0xbe, 0x1d, 0x61, 0xde, 0x31, 0xc3, 0x42, 0x8f, 0x33, 0x9d, 0xca, 0xc7, 0x9c, 0xec, 0x6a, 0xe2, 0xaa, 0x01, 0x49, 0x78, 0x8d, 0x72, 0x4f, 0x38, 0xea, 0x52, 0xc2, 0xd3, 0xc9, 0x39, 0x71, 0xba, 0xb9, 0x09, 0x9b, 0xa3, 0x7f, 0x45, 0x43, 0x65, 0x36, 0x29, 0xca, 0xe7, 0x5c, 0x5f},
-	},
-	{ /* 23P*/
-		addYX: fp.Elt{0x89, 0x42, 0x35, 0x48, 0x6d, 0x74, 0xe5, 0x1f, 0xc3, 0xdd, 0x28, 0x5b, 0x84, 0x41, 0x33, 0x9f, 0x42, 0xf3, 0x1d, 0x5d, 0x15, 0x6d, 0x76, 0x33, 0x36, 0xaf, 0xe9, 0xdd, 0xfa, 0x63, 0x4f, 0x7a, 0x9c, 0xeb, 0x1c, 0x4f, 0x34, 0x65, 0x07, 0x54, 0xbb, 0x4c, 0x8b, 0x62, 0x9d, 0xd0, 0x06, 0x99, 0xb3, 0xe9, 0xda, 0x85, 0x19, 0xb0, 0x3d, 0x3c},
-		subYX: fp.Elt{0xbb, 0x99, 0xf6, 0xbf, 0xaf, 0x2c, 0x22, 0x0d, 0x7a, 0xaa, 0x98, 0x6f, 0x01, 0x82, 0x99, 0xcf, 0x88, 0xbd, 0x0e, 0x3a, 0x89, 0xe0, 0x9c, 0x8c, 0x17, 0x20, 0xc4, 0xe0, 0xcf, 0x43, 0x7a, 0xef, 0x0d, 0x9f, 0x87, 0xd4, 0xfb, 0xf2, 0x96, 0xb8, 0x03, 0xe8, 0xcb, 0x5c, 0xec, 0x65, 0x5f, 0x49, 0xa4, 0x7c, 0x85, 0xb4, 0xf6, 0xc7, 0xdb, 0xa3},
-		dt2:   fp.Elt{0x11, 0xf3, 0x32, 0xa3, 0xa7, 0xb2, 0x7d, 0x51, 0x82, 0x44, 0xeb, 0xa2, 0x7d, 0x72, 0xcb, 0xc6, 0xf6, 0xc7, 0xb2, 0x38, 0x0e, 0x0f, 0x4f, 0x29, 0x00, 0xe4, 0x5b, 0x94, 0x46, 0x86, 0x66, 0xa1, 0x83, 0xb3, 0xeb, 0x15, 0xb6, 0x31, 0x50, 0x28, 0xeb, 0xed, 0x0d, 0x32, 0x39, 0xe9, 0x23, 0x81, 0x99, 0x3e, 0xff, 0x17, 0x4c, 0x11, 0x43, 0xd1},
-	},
-	{ /* 25P*/
-		addYX: fp.Elt{0xce, 0xe7, 0xf8, 0x94, 0x8f, 0x96, 0xf8, 0x96, 0xe6, 0x72, 0x20, 0x44, 0x2c, 0xa7, 0xfc, 0xba, 0xc8, 0xe1, 0xbb, 0xc9, 0x16, 0x85, 0xcd, 0x0b, 0xe5, 0xb5, 0x5a, 0x7f, 0x51, 0x43, 0x63, 0x8b, 0x23, 0x8e, 0x1d, 0x31, 0xff, 0x46, 0x02, 0x66, 0xcc, 0x9e, 0x4d, 0xa2, 0xca, 0xe2, 0xc7, 0xfd, 0x22, 0xb1, 0xdb, 0xdf, 0x6f, 0xe6, 0xa5, 0x82},
-		subYX: fp.Elt{0xd0, 0xf5, 0x65, 0x40, 0xec, 0x8e, 0x65, 0x42, 0x78, 0xc1, 0x65, 0xe4, 0x10, 0xc8, 0x0b, 0x1b, 0xdd, 0x96, 0x68, 0xce, 0xee, 0x45, 0x55, 0xd8, 0x6e, 0xd3, 0xe6, 0x77, 0x19, 0xae, 0xc2, 0x8d, 0x8d, 0x3e, 0x14, 0x3f, 0x6d, 0x00, 0x2f, 0x9b, 0xd1, 0x26, 0x60, 0x28, 0x0f, 0x3a, 0x47, 0xb3, 0xe6, 0x68, 0x28, 0x24, 0x25, 0xca, 0xc8, 0x06},
-		dt2:   fp.Elt{0x54, 0xbb, 0x60, 0x92, 0xdb, 0x8f, 0x0f, 0x38, 0xe0, 0xe6, 0xe4, 0xc9, 0xcc, 0x14, 0x62, 0x01, 0xc4, 0x2b, 0x0f, 0xcf, 0xed, 0x7d, 0x8e, 0xa4, 0xd9, 0x73, 0x0b, 0xba, 0x0c, 0xaf, 0x0c, 0xf9, 0xe2, 0xeb, 0x29, 0x2a, 0x53, 0xdf, 0x2c, 0x5a, 0xfa, 0x8f, 0xc1, 0x01, 0xd7, 0xb1, 0x45, 0x73, 0x92, 0x32, 0x83, 0x85, 0x12, 0x74, 0x89, 0x44},
-	},
-	{ /* 27P*/
-		addYX: fp.Elt{0x0b, 0x73, 0x3c, 0xc2, 0xb1, 0x2e, 0xe1, 0xa7, 0xf5, 0xc9, 0x7a, 0xfb, 0x3d, 0x2d, 0xac, 0x59, 0xdb, 0xfa, 0x36, 0x11, 0xd1, 0x13, 0x04, 0x51, 0x1d, 0xab, 0x9b, 0x6b, 0x93, 0xfe, 0xda, 0xb0, 0x8e, 0xb4, 0x79, 0x11, 0x21, 0x0f, 0x65, 0xb9, 0xbb, 0x79, 0x96, 0x2a, 0xfd, 0x30, 0xe0, 0xb4, 0x2d, 0x9a, 0x55, 0x25, 0x5d, 0xd4, 0xad, 0x2a},
-		subYX: fp.Elt{0x9e, 0xc5, 0x04, 0xfe, 0xec, 0x3c, 0x64, 0x1c, 0xed, 0x95, 0xed, 0xae, 0xaf, 0x5c, 0x6e, 0x08, 0x9e, 0x02, 0x29, 0x59, 0x7e, 0x5f, 0xc4, 0x9a, 0xd5, 0x32, 0x72, 0x86, 0xe1, 0x4e, 0x3c, 0xce, 0x99, 0x69, 0x3b, 0xc4, 0xdd, 0x4d, 0xb7, 0xbb, 0xda, 0x3b, 0x1a, 0x99, 0xaa, 0x62, 0x15, 0xc1, 0xf0, 0xb6, 0x6c, 0xec, 0x56, 0xc1, 0xff, 0x0c},
-		dt2:   fp.Elt{0x2f, 0xf1, 0x3f, 0x7a, 0x2d, 0x56, 0x19, 0x7f, 0xea, 0xbe, 0x59, 0x2e, 0x13, 0x67, 0x81, 0xfb, 0xdb, 0xc8, 0xa3, 0x1d, 0xd5, 0xe9, 0x13, 0x8b, 0x29, 0xdf, 0xcf, 0x9f, 0xe7, 0xd9, 0x0b, 0x70, 0xd3, 0x15, 0x57, 0x4a, 0xe9, 0x50, 0x12, 0x1b, 0x81, 0x4b, 0x98, 0x98, 0xa8, 0x31, 0x1d, 0x27, 0x47, 0x38, 0xed, 0x57, 0x99, 0x26, 0xb2, 0xee},
-	},
-	{ /* 29P*/
-		addYX: fp.Elt{0x1c, 0xb2, 0xb2, 0x67, 0x3b, 0x8b, 0x3d, 0x5a, 0x30, 0x7e, 0x38, 0x7e, 0x3c, 0x3d, 0x28, 0x56, 0x59, 0xd8, 0x87, 0x53, 0x8b, 0xe6, 0x6c, 0x5d, 0xe5, 0x0a, 0x33, 0x10, 0xce, 0xa2, 0x17, 0x0d, 0xe8, 0x76, 0xee, 0x68, 0xa8, 0x72, 0x54, 0xbd, 0xa6, 0x24, 0x94, 0x6e, 0x77, 0xc7, 0x53, 0xb7, 0x89, 0x1c, 0x7a, 0xe9, 0x78, 0x9a, 0x74, 0x5f},
-		subYX: fp.Elt{0x76, 0x96, 0x1c, 0xcf, 0x08, 0x55, 0xd8, 0x1e, 0x0d, 0xa3, 0x59, 0x95, 0x32, 0xf4, 0xc2, 0x8e, 0x84, 0x5e, 0x4b, 0x04, 0xda, 0x71, 0xc9, 0x78, 0x52, 0xde, 0x14, 0xb4, 0x31, 0xf4, 0xd4, 0xb8, 0x58, 0xc5, 0x20, 0xe8, 0xdd, 0x15, 0xb5, 0xee, 0xea, 0x61, 0xe0, 0xf5, 0xd6, 0xae, 0x55, 0x59, 0x05, 0x3e, 0xaf, 0x74, 0xac, 0x1f, 0x17, 0x82},
-		dt2:   fp.Elt{0x59, 0x24, 0xcd, 0xfc, 0x11, 0x7e, 0x85, 0x18, 0x3d, 0x69, 0xf7, 0x71, 0x31, 0x66, 0x98, 0x42, 0x95, 0x00, 0x8c, 0xb2, 0xae, 0x39, 0x7e, 0x85, 0xd6, 0xb0, 0x02, 0xec, 0xce, 0xfc, 0x25, 0xb2, 0xe3, 0x99, 0x8e, 0x5b, 0x61, 0x96, 0x2e, 0x6d, 0x96, 0x57, 0x71, 0xa5, 0x93, 0x41, 0x0e, 0x6f, 0xfd, 0x0a, 0xbf, 0xa9, 0xf7, 0x56, 0xa9, 0x3e},
-	},
-	{ /* 31P*/
-		addYX: fp.Elt{0xa2, 0x2e, 0x0c, 0x17, 0x4d, 0xcc, 0x85, 0x2c, 0x18, 0xa0, 0xd2, 0x08, 0xba, 0x11, 0xfa, 0x47, 0x71, 0x86, 0xaf, 0x36, 0x6a, 0xd7, 0xfe, 0xb9, 0xb0, 0x2f, 0x89, 0x98, 0x49, 0x69, 0xf8, 0x6a, 0xad, 0x27, 0x5e, 0x0a, 0x22, 0x60, 0x5e, 0x5d, 0xca, 0x06, 0x51, 0x27, 0x99, 0x29, 0x85, 0x68, 0x98, 0xe1, 0xc4, 0x21, 0x50, 0xa0, 0xe9, 0xc1},
-		subYX: fp.Elt{0x4d, 0x70, 0xee, 0x91, 0x92, 0x3f, 0xb7, 0xd3, 0x1d, 0xdb, 0x8d, 0x6e, 0x16, 0xf5, 0x65, 0x7d, 0x5f, 0xb5, 0x6c, 0x59, 0x26, 0x70, 0x4b, 0xf2, 0xfc, 0xe7, 0xdf, 0x86, 0xfe, 0xa5, 0xa7, 0xa6, 0x5d, 0xfb, 0x06, 0xe9, 0xf9, 0xcc, 0xc0, 0x37, 0xcc, 0xd8, 0x09, 0x04, 0xd2, 0xa5, 0x1d, 0xd7, 0xb7, 0xce, 0x92, 0xac, 0x3c, 0xad, 0xfb, 0xae},
-		dt2:   fp.Elt{0x17, 0xa3, 0x9a, 0xc7, 0x86, 0x2a, 0x51, 0xf7, 0x96, 0x79, 0x49, 0x22, 0x2e, 0x5a, 0x01, 0x5c, 0xb5, 0x95, 0xd4, 0xe8, 0xcb, 0x00, 0xca, 0x2d, 0x55, 0xb6, 0x34, 0x36, 0x0b, 0x65, 0x46, 0xf0, 0x49, 0xfc, 0x87, 0x86, 0xe5, 0xc3, 0x15, 0xdb, 0x32, 0xcd, 0xf2, 0xd3, 0x82, 0x4c, 0xe6, 0x61, 0x8a, 0xaf, 0xd4, 0x9e, 0x0f, 0x5a, 0xf2, 0x81},
-	},
-	{ /* 33P*/
-		addYX: fp.Elt{0x88, 0x10, 0xc0, 0xcb, 0xf5, 0x77, 0xae, 0xa5, 0xbe, 0xf6, 0xcd, 0x2e, 0x8b, 0x7e, 0xbd, 0x79, 0x62, 0x4a, 0xeb, 0x69, 0xc3, 0x28, 0xaa, 0x72, 0x87, 0xa9, 0x25, 0x87, 0x46, 0xea, 0x0e, 0x62, 0xa3, 0x6a, 0x1a, 0xe2, 0xba, 0xdc, 0x81, 0x10, 0x33, 0x01, 0xf6, 0x16, 0x89, 0x80, 0xc6, 0xcd, 0xdb, 0xdc, 0xba, 0x0e, 0x09, 0x4a, 0x35, 0x4a},
-		subYX: fp.Elt{0x86, 0xb2, 0x2b, 0xd0, 0xb8, 0x4a, 0x6d, 0x66, 0x7b, 0x32, 0xdf, 0x3b, 0x1a, 0x19, 0x1f, 0x63, 0xee, 0x1f, 0x3d, 0x1c, 0x5c, 0x14, 0x60, 0x5b, 0x72, 0x49, 0x07, 0xb1, 0x0d, 0x72, 0xc6, 0x35, 0xf0, 0xbc, 0x5e, 0xda, 0x80, 0x6b, 0x64, 0x5b, 0xe5, 0x34, 0x54, 0x39, 0xdd, 0xe6, 0x3c, 0xcb, 0xe5, 0x29, 0x32, 0x06, 0xc6, 0xb1, 0x96, 0x34},
-		dt2:   fp.Elt{0x85, 0x86, 0xf5, 0x84, 0x86, 0xe6, 0x77, 0x8a, 0x71, 0x85, 0x0c, 0x4f, 0x81, 0x5b, 0x29, 0x06, 0xb5, 0x2e, 0x26, 0x71, 0x07, 0x78, 0x07, 0xae, 0xbc, 0x95, 0x46, 0xc3, 0x65, 0xac, 0xe3, 0x76, 0x51, 0x7d, 0xd4, 0x85, 0x31, 0xe3, 0x43, 0xf3, 0x1b, 0x7c, 0xf7, 0x6b, 0x2c, 0xf8, 0x1c, 0xbb, 0x8d, 0xca, 0xab, 0x4b, 0xba, 0x7f, 0xa4, 0xe2},
-	},
-	{ /* 35P*/
-		addYX: fp.Elt{0x1a, 0xee, 0xe7, 0xa4, 0x8a, 0x9d, 0x53, 0x80, 0xc6, 0xb8, 0x4e, 0xdc, 0x89, 0xe0, 0xc4, 0x2b, 0x60, 0x52, 0x6f, 0xec, 0x81, 0xd2, 0x55, 0x6b, 0x1b, 0x6f, 0x17, 0x67, 0x8e, 0x42, 0x26, 0x4c, 0x65, 0x23, 0x29, 0xc6, 0x7b, 0xcd, 0x9f, 0xad, 0x4b, 0x42, 0xd3, 0x0c, 0x75, 0xc3, 0x8a, 0xf5, 0xbe, 0x9e, 0x55, 0xf7, 0x47, 0x5d, 0xbd, 0x3a},
-		subYX: fp.Elt{0x0d, 0xa8, 0x3b, 0xf9, 0xc7, 0x7e, 0xc6, 0x86, 0x94, 0xc0, 0x01, 0xff, 0x27, 0xce, 0x43, 0xac, 0xe5, 0xe1, 0xd2, 0x8d, 0xc1, 0x22, 0x31, 0xbe, 0xe1, 0xaf, 0xf9, 0x4a, 0x78, 0xa1, 0x0c, 0xaa, 0xd4, 0x80, 0xe4, 0x09, 0x8d, 0xfb, 0x1d, 0x52, 0xc8, 0x60, 0x2d, 0xf2, 0xa2, 0x89, 0x02, 0x56, 0x3d, 0x56, 0x27, 0x85, 0xc7, 0xf0, 0x2b, 0x9a},
-		dt2:   fp.Elt{0x62, 0x7c, 0xc7, 0x6b, 0x2c, 0x9d, 0x0a, 0x7c, 0xe5, 0x50, 0x3c, 0xe6, 0x87, 0x1c, 0x82, 0x30, 0x67, 0x3c, 0x39, 0xb6, 0xa0, 0x31, 0xfb, 0x03, 0x7b, 0xa1, 0x58, 0xdf, 0x12, 0x76, 0x5d, 0x5d, 0x0a, 0x8f, 0x9b, 0x37, 0x32, 0xc3, 0x60, 0x33, 0xea, 0x9f, 0x0a, 0x99, 0xfa, 0x20, 0xd0, 0x33, 0x21, 0xc3, 0x94, 0xd4, 0x86, 0x49, 0x7c, 0x4e},
-	},
-	{ /* 37P*/
-		addYX: fp.Elt{0xc7, 0x0c, 0x71, 0xfe, 0x55, 0xd1, 0x95, 0x8f, 0x43, 0xbb, 0x6b, 0x74, 0x30, 0xbd, 0xe8, 0x6f, 0x1c, 0x1b, 0x06, 0x62, 0xf5, 0xfc, 0x65, 0xa0, 0xeb, 0x81, 0x12, 0xc9, 0x64, 0x66, 0x61, 0xde, 0xf3, 0x6d, 0xd4, 0xae, 0x8e, 0xb1, 0x72, 0xe0, 0xcd, 0x37, 0x01, 0x28, 0x52, 0xd7, 0x39, 0x46, 0x0c, 0x55, 0xcf, 0x47, 0x70, 0xef, 0xa1, 0x17},
-		subYX: fp.Elt{0x8d, 0x58, 0xde, 0x83, 0x88, 0x16, 0x0e, 0x12, 0x42, 0x03, 0x50, 0x60, 0x4b, 0xdf, 0xbf, 0x95, 0xcc, 0x7d, 0x18, 0x17, 0x7e, 0x31, 0x5d, 0x8a, 0x66, 0xc1, 0xcf, 0x14, 0xea, 0xf4, 0xf4, 0xe5, 0x63, 0x2d, 0x32, 0x86, 0x9b, 0xed, 0x1f, 0x4f, 0x03, 0xaf, 0x33, 0x92, 0xcb, 0xaf, 0x9c, 0x05, 0x0d, 0x47, 0x1b, 0x42, 0xba, 0x13, 0x22, 0x98},
-		dt2:   fp.Elt{0xb5, 0x48, 0xeb, 0x7d, 0x3d, 0x10, 0x9f, 0x59, 0xde, 0xf8, 0x1c, 0x4f, 0x7d, 0x9d, 0x40, 0x4d, 0x9e, 0x13, 0x24, 0xb5, 0x21, 0x09, 0xb7, 0xee, 0x98, 0x5c, 0x56, 0xbc, 0x5e, 0x2b, 0x78, 0x38, 0x06, 0xac, 0xe3, 0xe0, 0xfa, 0x2e, 0xde, 0x4f, 0xd2, 0xb3, 0xfb, 0x2d, 0x71, 0x84, 0xd1, 0x9d, 0x12, 0x5b, 0x35, 0xc8, 0x03, 0x68, 0x67, 0xc7},
-	},
-	{ /* 39P*/
-		addYX: fp.Elt{0xb6, 0x65, 0xfb, 0xa7, 0x06, 0x35, 0xbb, 0xe0, 0x31, 0x8d, 0x91, 0x40, 0x98, 0xab, 0x30, 0xe4, 0xca, 0x12, 0x59, 0x89, 0xed, 0x65, 0x5d, 0x7f, 0xae, 0x69, 0xa0, 0xa4, 0xfa, 0x78, 0xb4, 0xf7, 0xed, 0xae, 0x86, 0x78, 0x79, 0x64, 0x24, 0xa6, 0xd4, 0xe1, 0xf6, 0xd3, 0xa0, 0x89, 0xba, 0x20, 0xf4, 0x54, 0x0d, 0x8f, 0xdb, 0x1a, 0x79, 0xdb},
-		subYX: fp.Elt{0xe1, 0x82, 0x0c, 0x4d, 0xde, 0x9f, 0x40, 0xf0, 0xc1, 0xbd, 0x8b, 0xd3, 0x24, 0x03, 0xcd, 0xf2, 0x92, 0x7d, 0xe2, 0x68, 0x7f, 0xf1, 0xbe, 0x69, 0xde, 0x34, 0x67, 0x4c, 0x85, 0x3b, 0xec, 0x98, 0xcc, 0x4d, 0x3e, 0xc0, 0x96, 0x27, 0xe6, 0x75, 0xfc, 0xdf, 0x37, 0xc0, 0x1e, 0x27, 0xe0, 0xf6, 0xc2, 0xbd, 0xbc, 0x3d, 0x9b, 0x39, 0xdc, 0xe2},
-		dt2:   fp.Elt{0xd8, 0x29, 0xa7, 0x39, 0xe3, 0x9f, 0x2f, 0x0e, 0x4b, 0x24, 0x21, 0x70, 0xef, 0xfd, 0x91, 0xea, 0xbf, 0xe1, 0x72, 0x90, 0xcc, 0xc9, 0x84, 0x0e, 0xad, 0xd5, 0xe6, 0xbb, 0xc5, 0x99, 0x7f, 0xa4, 0xf0, 0x2e, 0xcc, 0x95, 0x64, 0x27, 0x19, 0xd8, 0x4c, 0x27, 0x0d, 0xff, 0xb6, 0x29, 0xe2, 0x6c, 0xfa, 0xbb, 0x4d, 0x9c, 0xbb, 0xaf, 0xa5, 0xec},
-	},
-	{ /* 41P*/
-		addYX: fp.Elt{0xd6, 0x33, 0x3f, 0x9f, 0xcf, 0xfd, 0x4c, 0xd1, 0xfe, 0xe5, 0xeb, 0x64, 0x27, 0xae, 0x7a, 0xa2, 0x82, 0x50, 0x6d, 0xaa, 0xe3, 0x5d, 0xe2, 0x48, 0x60, 0xb3, 0x76, 0x04, 0xd9, 0x19, 0xa7, 0xa1, 0x73, 0x8d, 0x38, 0xa9, 0xaf, 0x45, 0xb5, 0xb2, 0x62, 0x9b, 0xf1, 0x35, 0x7b, 0x84, 0x66, 0xeb, 0x06, 0xef, 0xf1, 0xb2, 0x2d, 0x6a, 0x61, 0x15},
-		subYX: fp.Elt{0x86, 0x50, 0x42, 0xf7, 0xda, 0x59, 0xb2, 0xcf, 0x0d, 0x3d, 0xee, 0x8e, 0x53, 0x5d, 0xf7, 0x9e, 0x6a, 0x26, 0x2d, 0xc7, 0x8c, 0x8e, 0x18, 0x50, 0x6d, 0xb7, 0x51, 0x4c, 0xa7, 0x52, 0x6e, 0x0e, 0x0a, 0x16, 0x74, 0xb2, 0x81, 0x8b, 0x56, 0x27, 0x22, 0x84, 0xf4, 0x56, 0xc5, 0x06, 0xe1, 0x8b, 0xca, 0x2d, 0xdb, 0x9a, 0xf6, 0x10, 0x9c, 0x51},
-		dt2:   fp.Elt{0x1f, 0x16, 0xa2, 0x78, 0x96, 0x1b, 0x85, 0x9c, 0x76, 0x49, 0xd4, 0x0f, 0xac, 0xb0, 0xf4, 0xd0, 0x06, 0x2c, 0x7e, 0x6d, 0x6e, 0x8e, 0xc7, 0x9f, 0x18, 0xad, 0xfc, 0x88, 0x0c, 0x0c, 0x09, 0x05, 0x05, 0xa0, 0x79, 0x72, 0x32, 0x72, 0x87, 0x0f, 0x49, 0x87, 0x0c, 0xb4, 0x12, 0xc2, 0x09, 0xf8, 0x9f, 0x30, 0x72, 0xa9, 0x47, 0x13, 0x93, 0x49},
-	},
-	{ /* 43P*/
-		addYX: fp.Elt{0xcc, 0xb1, 0x4c, 0xd3, 0xc0, 0x9e, 0x9e, 0x4d, 0x6d, 0x28, 0x0b, 0xa5, 0x94, 0xa7, 0x2e, 0xc2, 0xc7, 0xaf, 0x29, 0x73, 0xc9, 0x68, 0xea, 0x0f, 0x34, 0x37, 0x8d, 0x96, 0x8f, 0x3a, 0x3d, 0x73, 0x1e, 0x6d, 0x9f, 0xcf, 0x8d, 0x83, 0xb5, 0x71, 0xb9, 0xe1, 0x4b, 0x67, 0x71, 0xea, 0xcf, 0x56, 0xe5, 0xeb, 0x72, 0x15, 0x2f, 0x9e, 0xa8, 0xaa},
-		subYX: fp.Elt{0xf4, 0x3e, 0x85, 0x1c, 0x1a, 0xef, 0x50, 0xd1, 0xb4, 0x20, 0xb2, 0x60, 0x05, 0x98, 0xfe, 0x47, 0x3b, 0xc1, 0x76, 0xca, 0x2c, 0x4e, 0x5a, 0x42, 0xa3, 0xf7, 0x20, 0xaa, 0x57, 0x39, 0xee, 0x34, 0x1f, 0xe1, 0x68, 0xd3, 0x7e, 0x06, 0xc4, 0x6c, 0xc7, 0x76, 0x2b, 0xe4, 0x1c, 0x48, 0x44, 0xe6, 0xe5, 0x44, 0x24, 0x8d, 0xb3, 0xb6, 0x88, 0x32},
-		dt2:   fp.Elt{0x18, 0xa7, 0xba, 0xd0, 0x44, 0x6f, 0x33, 0x31, 0x00, 0xf8, 0xf6, 0x12, 0xe3, 0xc5, 0xc7, 0xb5, 0x91, 0x9c, 0x91, 0xb5, 0x75, 0x18, 0x18, 0x8a, 0xab, 0xed, 0x24, 0x11, 0x2e, 0xce, 0x5a, 0x0f, 0x94, 0x5f, 0x2e, 0xca, 0xd3, 0x80, 0xea, 0xe5, 0x34, 0x96, 0x67, 0x8b, 0x6a, 0x26, 0x5e, 0xc8, 0x9d, 0x2c, 0x5e, 0x6c, 0xa2, 0x0c, 0xbf, 0xf0},
-	},
-	{ /* 45P*/
-		addYX: fp.Elt{0xb3, 0xbf, 0xa3, 0x85, 0xee, 0xf6, 0x58, 0x02, 0x78, 0xc4, 0x30, 0xd6, 0x57, 0x59, 0x8c, 0x88, 0x08, 0x7c, 0xbc, 0xbe, 0x0a, 0x74, 0xa9, 0xde, 0x69, 0xe7, 0x41, 0xd8, 0xbf, 0x66, 0x8d, 0x3d, 0x28, 0x00, 0x8c, 0x47, 0x65, 0x34, 0xfe, 0x86, 0x9e, 0x6a, 0xf2, 0x41, 0x6a, 0x94, 0xc4, 0x88, 0x75, 0x23, 0x0d, 0x52, 0x69, 0xee, 0x07, 0x89},
-		subYX: fp.Elt{0x22, 0x3c, 0xa1, 0x70, 0x58, 0x97, 0x93, 0xbe, 0x59, 0xa8, 0x0b, 0x8a, 0x46, 0x2a, 0x38, 0x1e, 0x08, 0x6b, 0x61, 0x9f, 0xf2, 0x4a, 0x8b, 0x80, 0x68, 0x6e, 0xc8, 0x92, 0x60, 0xf3, 0xc9, 0x89, 0xb2, 0x6d, 0x63, 0xb0, 0xeb, 0x83, 0x15, 0x63, 0x0e, 0x64, 0xbb, 0xb8, 0xfe, 0xb4, 0x81, 0x90, 0x01, 0x28, 0x10, 0xb9, 0x74, 0x6e, 0xde, 0xa4},
-		dt2:   fp.Elt{0x1a, 0x23, 0x45, 0xa8, 0x6f, 0x4e, 0xa7, 0x4a, 0x0c, 0xeb, 0xb0, 0x43, 0xf9, 0xef, 0x99, 0x60, 0x5b, 0xdb, 0x66, 0xc0, 0x86, 0x71, 0x43, 0xb1, 0x22, 0x7b, 0x1c, 0xe7, 0x8d, 0x09, 0x1d, 0x83, 0x76, 0x9c, 0xd3, 0x5a, 0xdd, 0x42, 0xd9, 0x2f, 0x2d, 0xba, 0x7a, 0xc2, 0xd9, 0x6b, 0xd4, 0x7a, 0xf1, 0xd5, 0x5f, 0x6b, 0x85, 0xbf, 0x0b, 0xf1},
-	},
-	{ /* 47P*/
-		addYX: fp.Elt{0xb2, 0x83, 0xfa, 0x1f, 0xd2, 0xce, 0xb6, 0xf2, 0x2d, 0xea, 0x1b, 0xe5, 0x29, 0xa5, 0x72, 0xf9, 0x25, 0x48, 0x4e, 0xf2, 0x50, 0x1b, 0x39, 0xda, 0x34, 0xc5, 0x16, 0x13, 0xb4, 0x0c, 0xa1, 0x00, 0x79, 0x7a, 0xf5, 0x8b, 0xf3, 0x70, 0x14, 0xb6, 0xfc, 0x9a, 0x47, 0x68, 0x1e, 0x42, 0x70, 0x64, 0x2a, 0x84, 0x3e, 0x3d, 0x20, 0x58, 0xf9, 0x6a},
-		subYX: fp.Elt{0xd9, 0xee, 0xc0, 0xc4, 0xf5, 0xc2, 0x86, 0xaf, 0x45, 0xd2, 0xd2, 0x87, 0x1b, 0x64, 0xd5, 0xe0, 0x8c, 0x44, 0x00, 0x4f, 0x43, 0x89, 0x04, 0x48, 0x4a, 0x0b, 0xca, 0x94, 0x06, 0x2f, 0x23, 0x5b, 0x6c, 0x8d, 0x44, 0x66, 0x53, 0xf5, 0x5a, 0x20, 0x72, 0x28, 0x58, 0x84, 0xcc, 0x73, 0x22, 0x5e, 0xd1, 0x0b, 0x56, 0x5e, 0x6a, 0xa3, 0x11, 0x91},
-		dt2:   fp.Elt{0x6e, 0x9f, 0x88, 0xa8, 0x68, 0x2f, 0x12, 0x37, 0x88, 0xfc, 0x92, 0x8f, 0x24, 0xeb, 0x5b, 0x2a, 0x2a, 0xd0, 0x14, 0x40, 0x4c, 0xa9, 0xa4, 0x03, 0x0c, 0x45, 0x48, 0x13, 0xe8, 0xa6, 0x37, 0xab, 0xc0, 0x06, 0x38, 0x6c, 0x96, 0x73, 0x40, 0x6c, 0xc6, 0xea, 0x56, 0xc6, 0xe9, 0x1a, 0x69, 0xeb, 0x7a, 0xd1, 0x33, 0x69, 0x58, 0x2b, 0xea, 0x2f},
-	},
-	{ /* 49P*/
-		addYX: fp.Elt{0x58, 0xa8, 0x05, 0x41, 0x00, 0x9d, 0xaa, 0xd9, 0x98, 0xcf, 0xb9, 0x41, 0xb5, 0x4a, 0x8d, 0xe2, 0xe7, 0xc0, 0x72, 0xef, 0xc8, 0x28, 0x6b, 0x68, 0x9d, 0xc9, 0xdf, 0x05, 0x8b, 0xd0, 0x04, 0x74, 0x79, 0x45, 0x52, 0x05, 0xa3, 0x6e, 0x35, 0x3a, 0xe3, 0xef, 0xb2, 0xdc, 0x08, 0x6f, 0x4e, 0x76, 0x85, 0x67, 0xba, 0x23, 0x8f, 0xdd, 0xaf, 0x09},
-		subYX: fp.Elt{0xb4, 0x38, 0xc8, 0xff, 0x4f, 0x65, 0x2a, 0x7e, 0xad, 0xb1, 0xc6, 0xb9, 0x3d, 0xd6, 0xf7, 0x14, 0xcf, 0xf6, 0x98, 0x75, 0xbb, 0x47, 0x83, 0x90, 0xe7, 0xe1, 0xf6, 0x14, 0x99, 0x7e, 0xfa, 0xe4, 0x77, 0x24, 0xe3, 0xe7, 0xf0, 0x1e, 0xdb, 0x27, 0x4e, 0x16, 0x04, 0xf2, 0x08, 0x52, 0xfc, 0xec, 0x55, 0xdb, 0x2e, 0x67, 0xe1, 0x94, 0x32, 0x89},
-		dt2:   fp.Elt{0x00, 0xad, 0x03, 0x35, 0x1a, 0xb1, 0x88, 0xf0, 0xc9, 0x11, 0xe4, 0x12, 0x52, 0x61, 0xfd, 0x8a, 0x1b, 0x6a, 0x0a, 0x4c, 0x42, 0x46, 0x22, 0x0e, 0xa5, 0xf9, 0xe2, 0x50, 0xf2, 0xb2, 0x1f, 0x20, 0x78, 0x10, 0xf6, 0xbf, 0x7f, 0x0c, 0x9c, 0xad, 0x40, 0x8b, 0x82, 0xd4, 0xba, 0x69, 0x09, 0xac, 0x4b, 0x6d, 0xc4, 0x49, 0x17, 0x81, 0x57, 0x3b},
-	},
-	{ /* 51P*/
-		addYX: fp.Elt{0x0d, 0xfe, 0xb4, 0x35, 0x11, 0xbd, 0x1d, 0x6b, 0xc2, 0xc5, 0x3b, 0xd2, 0x23, 0x2c, 0x72, 0xe3, 0x48, 0xb1, 0x48, 0x73, 0xfb, 0xa3, 0x21, 0x6e, 0xc0, 0x09, 0x69, 0xac, 0xe1, 0x60, 0xbc, 0x24, 0x03, 0x99, 0x63, 0x0a, 0x00, 0xf0, 0x75, 0xf6, 0x92, 0xc5, 0xd6, 0xdb, 0x51, 0xd4, 0x7d, 0xe6, 0xf4, 0x11, 0x79, 0xd7, 0xc3, 0xaf, 0x48, 0xd0},
-		subYX: fp.Elt{0xf4, 0x4f, 0xaf, 0x31, 0xe3, 0x10, 0x89, 0x95, 0xf0, 0x8a, 0xf6, 0x31, 0x9f, 0x48, 0x02, 0xba, 0x42, 0x2b, 0x3c, 0x22, 0x8b, 0xcc, 0x12, 0x98, 0x6e, 0x7a, 0x64, 0x3a, 0xc4, 0xca, 0x32, 0x2a, 0x72, 0xf8, 0x2c, 0xcf, 0x78, 0x5e, 0x7a, 0x75, 0x6e, 0x72, 0x46, 0x48, 0x62, 0x28, 0xac, 0x58, 0x1a, 0xc6, 0x59, 0x88, 0x2a, 0x44, 0x9e, 0x83},
-		dt2:   fp.Elt{0xb3, 0xde, 0x36, 0xfd, 0xeb, 0x1b, 0xd4, 0x24, 0x1b, 0x08, 0x8c, 0xfe, 0xa9, 0x41, 0xa1, 0x64, 0xf2, 0x6d, 0xdb, 0xf9, 0x94, 0xae, 0x86, 0x71, 0xab, 0x10, 0xbf, 0xa3, 0xb2, 0xa0, 0xdf, 0x10, 0x8c, 0x74, 0xce, 0xb3, 0xfc, 0xdb, 0xba, 0x15, 0xf6, 0x91, 0x7a, 0x9c, 0x36, 0x1e, 0x45, 0x07, 0x3c, 0xec, 0x1a, 0x61, 0x26, 0x93, 0xe3, 0x50},
-	},
-	{ /* 53P*/
-		addYX: fp.Elt{0xc5, 0x50, 0xc5, 0x83, 0xb0, 0xbd, 0xd9, 0xf6, 0x6d, 0x15, 0x5e, 0xc1, 0x1a, 0x33, 0xa0, 0xce, 0x13, 0x70, 0x3b, 0xe1, 0x31, 0xc6, 0xc4, 0x02, 0xec, 0x8c, 0xd5, 0x9c, 0x97, 0xd3, 0x12, 0xc4, 0xa2, 0xf9, 0xd5, 0xfb, 0x22, 0x69, 0x94, 0x09, 0x2f, 0x59, 0xce, 0xdb, 0xf2, 0xf2, 0x00, 0xe0, 0xa9, 0x08, 0x44, 0x2e, 0x8b, 0x6b, 0xf5, 0xb3},
-		subYX: fp.Elt{0x90, 0xdd, 0xec, 0xa2, 0x65, 0xb7, 0x61, 0xbc, 0xaa, 0x70, 0xa2, 0x15, 0xd8, 0xb0, 0xf8, 0x8e, 0x23, 0x3d, 0x9f, 0x46, 0xa3, 0x29, 0x20, 0xd1, 0xa1, 0x15, 0x81, 0xc6, 0xb6, 0xde, 0xbe, 0x60, 0x63, 0x24, 0xac, 0x15, 0xfb, 0xeb, 0xd3, 0xea, 0x57, 0x13, 0x86, 0x38, 0x1e, 0x22, 0xf4, 0x8c, 0x5d, 0xaf, 0x1b, 0x27, 0x21, 0x4f, 0xa3, 0x63},
-		dt2:   fp.Elt{0x07, 0x15, 0x87, 0xc4, 0xfd, 0xa1, 0x97, 0x7a, 0x07, 0x1f, 0x56, 0xcc, 0xe3, 0x6a, 0x01, 0x90, 0xce, 0xf9, 0xfa, 0x50, 0xb2, 0xe0, 0x87, 0x8b, 0x6c, 0x63, 0x6c, 0xf6, 0x2a, 0x09, 0xef, 0xef, 0xd2, 0x31, 0x40, 0x25, 0xf6, 0x84, 0xcb, 0xe0, 0xc4, 0x23, 0xc1, 0xcb, 0xe2, 0x02, 0x83, 0x2d, 0xed, 0x74, 0x74, 0x8b, 0xf8, 0x7c, 0x81, 0x18},
-	},
-	{ /* 55P*/
-		addYX: fp.Elt{0x9e, 0xe5, 0x59, 0x95, 0x63, 0x2e, 0xac, 0x8b, 0x03, 0x3c, 0xc1, 0x8e, 0xe1, 0x5b, 0x56, 0x3c, 0x16, 0x41, 0xe4, 0xc2, 0x60, 0x0c, 0x6d, 0x65, 0x9f, 0xfc, 0x27, 0x68, 0x43, 0x44, 0x05, 0x12, 0x6c, 0xda, 0x04, 0xef, 0xcf, 0xcf, 0xdc, 0x0a, 0x1a, 0x7f, 0x12, 0xd3, 0xeb, 0x02, 0xb6, 0x04, 0xca, 0xd6, 0xcb, 0xf0, 0x22, 0xba, 0x35, 0x6d},
-		subYX: fp.Elt{0x09, 0x6d, 0xf9, 0x64, 0x4c, 0xe6, 0x41, 0xff, 0x01, 0x4d, 0xce, 0x1e, 0xfa, 0x38, 0xa2, 0x25, 0x62, 0xff, 0x03, 0x39, 0x18, 0x91, 0xbb, 0x9d, 0xce, 0x02, 0xf0, 0xf1, 0x3c, 0x55, 0x18, 0xa9, 0xab, 0x4d, 0xd2, 0x35, 0xfd, 0x8d, 0xa9, 0xb2, 0xad, 0xb7, 0x06, 0x6e, 0xc6, 0x69, 0x49, 0xd6, 0x98, 0x98, 0x0b, 0x22, 0x81, 0x6b, 0xbd, 0xa0},
-		dt2:   fp.Elt{0x22, 0xf4, 0x85, 0x5d, 0x2b, 0xf1, 0x55, 0xa5, 0xd6, 0x27, 0x86, 0x57, 0x12, 0x1f, 0x16, 0x0a, 0x5a, 0x9b, 0xf2, 0x38, 0xb6, 0x28, 0xd8, 0x99, 0x0c, 0x89, 0x1d, 0x7f, 0xca, 0x21, 0x17, 0x1a, 0x0b, 0x02, 0x5f, 0x77, 0x2f, 0x73, 0x30, 0x7c, 0xc8, 0xd7, 0x2b, 0xcc, 0xe7, 0xf3, 0x21, 0xac, 0x53, 0xa7, 0x11, 0x5d, 0xd8, 0x1d, 0x9b, 0xf5},
-	},
-	{ /* 57P*/
-		addYX: fp.Elt{0x94, 0x63, 0x5d, 0xef, 0xfd, 0x6d, 0x25, 0x4e, 0x6d, 0x29, 0x03, 0xed, 0x24, 0x28, 0x27, 0x57, 0x47, 0x3e, 0x6a, 0x1a, 0xfe, 0x37, 0xee, 0x5f, 0x83, 0x29, 0x14, 0xfd, 0x78, 0x25, 0x8a, 0xe1, 0x02, 0x38, 0xd8, 0xca, 0x65, 0x55, 0x40, 0x7d, 0x48, 0x2c, 0x7c, 0x7e, 0x60, 0xb6, 0x0c, 0x6d, 0xf7, 0xe8, 0xb3, 0x62, 0x53, 0xd6, 0x9c, 0x2b},
-		subYX: fp.Elt{0x47, 0x25, 0x70, 0x62, 0xf5, 0x65, 0x93, 0x62, 0x08, 0xac, 0x59, 0x66, 0xdb, 0x08, 0xd9, 0x1a, 0x19, 0xaf, 0xf4, 0xef, 0x02, 0xa2, 0x78, 0xa9, 0x55, 0x1c, 0xfa, 0x08, 0x11, 0xcb, 0xa3, 0x71, 0x74, 0xb1, 0x62, 0xe7, 0xc7, 0xf3, 0x5a, 0xb5, 0x8b, 0xd4, 0xf6, 0x10, 0x57, 0x79, 0x72, 0x2f, 0x13, 0x86, 0x7b, 0x44, 0x5f, 0x48, 0xfd, 0x88},
-		dt2:   fp.Elt{0x10, 0x02, 0xcd, 0x05, 0x9a, 0xc3, 0x32, 0x6d, 0x10, 0x3a, 0x74, 0xba, 0x06, 0xc4, 0x3b, 0x34, 0xbc, 0x36, 0xed, 0xa3, 0xba, 0x9a, 0xdb, 0x6d, 0xd4, 0x69, 0x99, 0x97, 0xd0, 0xe4, 0xdd, 0xf5, 0xd4, 0x7c, 0xd3, 0x4e, 0xab, 0xd1, 0x3b, 0xbb, 0xe9, 0xc7, 0x6a, 0x94, 0x25, 0x61, 0xf0, 0x06, 0xc5, 0x12, 0xa8, 0x86, 0xe5, 0x35, 0x46, 0xeb},
-	},
-	{ /* 59P*/
-		addYX: fp.Elt{0x9e, 0x95, 0x11, 0xc6, 0xc7, 0xe8, 0xee, 0x5a, 0x26, 0xa0, 0x72, 0x72, 0x59, 0x91, 0x59, 0x16, 0x49, 0x99, 0x7e, 0xbb, 0xd7, 0x15, 0xb4, 0xf2, 0x40, 0xf9, 0x5a, 0x4d, 0xc8, 0xa0, 0xe2, 0x34, 0x7b, 0x34, 0xf3, 0x99, 0xbf, 0xa9, 0xf3, 0x79, 0xc1, 0x1a, 0x0c, 0xf4, 0x86, 0x74, 0x4e, 0xcb, 0xbc, 0x90, 0xad, 0xb6, 0x51, 0x6d, 0xaa, 0x33},
-		subYX: fp.Elt{0x9f, 0xd1, 0xc5, 0xa2, 0x6c, 0x24, 0x88, 0x15, 0x71, 0x68, 0xf6, 0x07, 0x45, 0x02, 0xc4, 0x73, 0x7e, 0x75, 0x87, 0xca, 0x7c, 0xf0, 0x92, 0x00, 0x75, 0xd6, 0x5a, 0xdd, 0xe0, 0x64, 0x16, 0x9d, 0x62, 0x80, 0x33, 0x9f, 0xf4, 0x8e, 0x1a, 0x15, 0x1c, 0xd3, 0x0f, 0x4d, 0x4f, 0x62, 0x2d, 0xd7, 0xa5, 0x77, 0xe3, 0xea, 0xf0, 0xfb, 0x1a, 0xdb},
-		dt2:   fp.Elt{0x6a, 0xa2, 0xb1, 0xaa, 0xfb, 0x5a, 0x32, 0x4e, 0xff, 0x47, 0x06, 0xd5, 0x9a, 0x4f, 0xce, 0x83, 0x5b, 0x82, 0x34, 0x3e, 0x47, 0xb8, 0xf8, 0xe9, 0x7c, 0x67, 0x69, 0x8d, 0x9c, 0xb7, 0xde, 0x57, 0xf4, 0x88, 0x41, 0x56, 0x0c, 0x87, 0x1e, 0xc9, 0x2f, 0x54, 0xbf, 0x5c, 0x68, 0x2c, 0xd9, 0xc4, 0xef, 0x53, 0x73, 0x1e, 0xa6, 0x38, 0x02, 0x10},
-	},
-	{ /* 61P*/
-		addYX: fp.Elt{0x08, 0x80, 0x4a, 0xc9, 0xb7, 0xa8, 0x88, 0xd9, 0xfc, 0x6a, 0xc0, 0x3e, 0xc2, 0x33, 0x4d, 0x2b, 0x2a, 0xa3, 0x6d, 0x72, 0x3e, 0xdc, 0x34, 0x68, 0x08, 0xbf, 0x27, 0xef, 0xf4, 0xff, 0xe2, 0x0c, 0x31, 0x0c, 0xa2, 0x0a, 0x1f, 0x65, 0xc1, 0x4c, 0x61, 0xd3, 0x1b, 0xbc, 0x25, 0xb1, 0xd0, 0xd4, 0x89, 0xb2, 0x53, 0xfb, 0x43, 0xa5, 0xaf, 0x04},
-		subYX: fp.Elt{0xe3, 0xe1, 0x37, 0xad, 0x58, 0xa9, 0x55, 0x81, 0xee, 0x64, 0x21, 0xb9, 0xf5, 0x4c, 0x35, 0xea, 0x4a, 0xd3, 0x26, 0xaa, 0x90, 0xd4, 0x60, 0x46, 0x09, 0x4b, 0x4a, 0x62, 0xf9, 0xcd, 0xe1, 0xee, 0xbb, 0xc2, 0x09, 0x0b, 0xb0, 0x96, 0x8e, 0x43, 0x77, 0xaf, 0x25, 0x20, 0x5e, 0x47, 0xe4, 0x1d, 0x50, 0x69, 0x74, 0x08, 0xd7, 0xb9, 0x90, 0x13},
-		dt2:   fp.Elt{0x51, 0x91, 0x95, 0x64, 0x03, 0x16, 0xfd, 0x6e, 0x26, 0x94, 0x6b, 0x61, 0xe7, 0xd9, 0xe0, 0x4a, 0x6d, 0x7c, 0xfa, 0xc0, 0xe2, 0x43, 0x23, 0x53, 0x70, 0xf5, 0x6f, 0x73, 0x8b, 0x81, 0xb0, 0x0c, 0xee, 0x2e, 0x46, 0xf2, 0x8d, 0xa6, 0xfb, 0xb5, 0x1c, 0x33, 0xbf, 0x90, 0x59, 0xc9, 0x7c, 0xb8, 0x6f, 0xad, 0x75, 0x02, 0x90, 0x8e, 0x59, 0x75},
-	},
-	{ /* 63P*/
-		addYX: fp.Elt{0x36, 0x4d, 0x77, 0x04, 0xb8, 0x7d, 0x4a, 0xd1, 0xc5, 0xbb, 0x7b, 0x50, 0x5f, 0x8d, 0x9d, 0x62, 0x0f, 0x66, 0x71, 0xec, 0x87, 0xc5, 0x80, 0x82, 0xc8, 0xf4, 0x6a, 0x94, 0x92, 0x5b, 0xb0, 0x16, 0x9b, 0xb2, 0xc9, 0x6f, 0x2b, 0x2d, 0xee, 0x95, 0x73, 0x2e, 0xc2, 0x1b, 0xc5, 0x55, 0x36, 0x86, 0x24, 0xf8, 0x20, 0x05, 0x0d, 0x93, 0xd7, 0x76},
-		subYX: fp.Elt{0x7f, 0x01, 0xeb, 0x2e, 0x48, 0x4d, 0x1d, 0xf1, 0x06, 0x7e, 0x7c, 0x2a, 0x43, 0xbf, 0x28, 0xac, 0xe9, 0x58, 0x13, 0xc8, 0xbf, 0x8e, 0xc0, 0xef, 0xe8, 0x4f, 0x46, 0x8a, 0xe7, 0xc0, 0xf6, 0x0f, 0x0a, 0x03, 0x48, 0x91, 0x55, 0x39, 0x2a, 0xe3, 0xdc, 0xf6, 0x22, 0x9d, 0x4d, 0x71, 0x55, 0x68, 0x25, 0x6e, 0x95, 0x52, 0xee, 0x4c, 0xd9, 0x01},
-		dt2:   fp.Elt{0xac, 0x33, 0x3f, 0x7c, 0x27, 0x35, 0x15, 0x91, 0x33, 0x8d, 0xf9, 0xc4, 0xf4, 0xf3, 0x90, 0x09, 0x75, 0x69, 0x62, 0x9f, 0x61, 0x35, 0x83, 0x92, 0x04, 0xef, 0x96, 0x38, 0x80, 0x9e, 0x88, 0xb3, 0x67, 0x95, 0xbe, 0x79, 0x3c, 0x35, 0xd8, 0xdc, 0xb2, 0x3e, 0x2d, 0xe6, 0x46, 0xbe, 0x81, 0xf3, 0x32, 0x0e, 0x37, 0x23, 0x75, 0x2a, 0x3d, 0xa0},
-	},
-}
diff --git a/vendor/github.com/cloudflare/circl/ecc/goldilocks/twist_basemult.go b/vendor/github.com/cloudflare/circl/ecc/goldilocks/twist_basemult.go
deleted file mode 100644
index f6ac5edbbb..0000000000
--- a/vendor/github.com/cloudflare/circl/ecc/goldilocks/twist_basemult.go
+++ /dev/null
@@ -1,62 +0,0 @@
-package goldilocks
-
-import (
-	"crypto/subtle"
-
-	mlsb "github.com/cloudflare/circl/math/mlsbset"
-)
-
-const (
-	// MLSBRecoding parameters
-	fxT   = 448
-	fxV   = 2
-	fxW   = 3
-	fx2w1 = 1 << (uint(fxW) - 1)
-)
-
-// ScalarBaseMult returns kG where G is the generator point.
-func (e twistCurve) ScalarBaseMult(k *Scalar) *twistPoint {
-	m, err := mlsb.New(fxT, fxV, fxW)
-	if err != nil {
-		panic(err)
-	}
-	if m.IsExtended() {
-		panic("not extended")
-	}
-
-	var isZero int
-	if k.IsZero() {
-		isZero = 1
-	}
-	subtle.ConstantTimeCopy(isZero, k[:], order[:])
-
-	minusK := *k
-	isEven := 1 - int(k[0]&0x1)
-	minusK.Neg()
-	subtle.ConstantTimeCopy(isEven, k[:], minusK[:])
-	c, err := m.Encode(k[:])
-	if err != nil {
-		panic(err)
-	}
-
-	gP := c.Exp(groupMLSB{})
-	P := gP.(*twistPoint)
-	P.cneg(uint(isEven))
-	return P
-}
-
-type groupMLSB struct{}
-
-func (e groupMLSB) ExtendedEltP() mlsb.EltP      { return nil }
-func (e groupMLSB) Sqr(x mlsb.EltG)              { x.(*twistPoint).Double() }
-func (e groupMLSB) Mul(x mlsb.EltG, y mlsb.EltP) { x.(*twistPoint).mixAddZ1(y.(*preTwistPointAffine)) }
-func (e groupMLSB) Identity() mlsb.EltG          { return twistCurve{}.Identity() }
-func (e groupMLSB) NewEltP() mlsb.EltP           { return &preTwistPointAffine{} }
-func (e groupMLSB) Lookup(a mlsb.EltP, v uint, s, u int32) {
-	Tabj := &tabFixMult[v]
-	P := a.(*preTwistPointAffine)
-	for k := range Tabj {
-		P.cmov(&Tabj[k], uint(subtle.ConstantTimeEq(int32(k), u)))
-	}
-	P.cneg(int(s >> 31))
-}
diff --git a/vendor/github.com/cloudflare/circl/internal/conv/conv.go b/vendor/github.com/cloudflare/circl/internal/conv/conv.go
deleted file mode 100644
index 3fd0df496f..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/conv/conv.go
+++ /dev/null
@@ -1,173 +0,0 @@
-package conv
-
-import (
-	"encoding/binary"
-	"fmt"
-	"math/big"
-	"strings"
-
-	"golang.org/x/crypto/cryptobyte"
-)
-
-// BytesLe2Hex returns an hexadecimal string of a number stored in a
-// little-endian order slice x.
-func BytesLe2Hex(x []byte) string {
-	b := &strings.Builder{}
-	b.Grow(2*len(x) + 2)
-	fmt.Fprint(b, "0x")
-	if len(x) == 0 {
-		fmt.Fprint(b, "00")
-	}
-	for i := len(x) - 1; i >= 0; i-- {
-		fmt.Fprintf(b, "%02x", x[i])
-	}
-	return b.String()
-}
-
-// BytesLe2BigInt converts a little-endian slice x into a big-endian
-// math/big.Int.
-func BytesLe2BigInt(x []byte) *big.Int {
-	n := len(x)
-	b := new(big.Int)
-	if len(x) > 0 {
-		y := make([]byte, n)
-		for i := 0; i < n; i++ {
-			y[n-1-i] = x[i]
-		}
-		b.SetBytes(y)
-	}
-	return b
-}
-
-// BytesBe2Uint64Le converts a big-endian slice x to a little-endian slice of uint64.
-func BytesBe2Uint64Le(x []byte) []uint64 {
-	l := len(x)
-	z := make([]uint64, (l+7)/8)
-	blocks := l / 8
-	for i := 0; i < blocks; i++ {
-		z[i] = binary.BigEndian.Uint64(x[l-8*(i+1):])
-	}
-	remBytes := l % 8
-	for i := 0; i < remBytes; i++ {
-		z[blocks] |= uint64(x[l-1-8*blocks-i]) << uint(8*i)
-	}
-	return z
-}
-
-// BigInt2BytesLe stores a positive big.Int number x into a little-endian slice z.
-// The slice is modified if the bitlength of x <= 8*len(z) (padding with zeros).
-// If x does not fit in the slice or is negative, z is not modified.
-func BigInt2BytesLe(z []byte, x *big.Int) {
-	xLen := (x.BitLen() + 7) >> 3
-	zLen := len(z)
-	if zLen >= xLen && x.Sign() >= 0 {
-		y := x.Bytes()
-		for i := 0; i < xLen; i++ {
-			z[i] = y[xLen-1-i]
-		}
-		for i := xLen; i < zLen; i++ {
-			z[i] = 0
-		}
-	}
-}
-
-// Uint64Le2BigInt converts a little-endian slice x into a big number.
-func Uint64Le2BigInt(x []uint64) *big.Int {
-	n := len(x)
-	b := new(big.Int)
-	var bi big.Int
-	for i := n - 1; i >= 0; i-- {
-		bi.SetUint64(x[i])
-		b.Lsh(b, 64)
-		b.Add(b, &bi)
-	}
-	return b
-}
-
-// Uint64Le2BytesLe converts a little-endian slice x to a little-endian slice of bytes.
-func Uint64Le2BytesLe(x []uint64) []byte {
-	b := make([]byte, 8*len(x))
-	n := len(x)
-	for i := 0; i < n; i++ {
-		binary.LittleEndian.PutUint64(b[i*8:], x[i])
-	}
-	return b
-}
-
-// Uint64Le2BytesBe converts a little-endian slice x to a big-endian slice of bytes.
-func Uint64Le2BytesBe(x []uint64) []byte {
-	b := make([]byte, 8*len(x))
-	n := len(x)
-	for i := 0; i < n; i++ {
-		binary.BigEndian.PutUint64(b[i*8:], x[n-1-i])
-	}
-	return b
-}
-
-// Uint64Le2Hex returns an hexadecimal string of a number stored in a
-// little-endian order slice x.
-func Uint64Le2Hex(x []uint64) string {
-	b := new(strings.Builder)
-	b.Grow(16*len(x) + 2)
-	fmt.Fprint(b, "0x")
-	if len(x) == 0 {
-		fmt.Fprint(b, "00")
-	}
-	for i := len(x) - 1; i >= 0; i-- {
-		fmt.Fprintf(b, "%016x", x[i])
-	}
-	return b.String()
-}
-
-// BigInt2Uint64Le stores a positive big.Int number x into a little-endian slice z.
-// The slice is modified if the bitlength of x <= 8*len(z) (padding with zeros).
-// If x does not fit in the slice or is negative, z is not modified.
-func BigInt2Uint64Le(z []uint64, x *big.Int) {
-	xLen := (x.BitLen() + 63) >> 6 // number of 64-bit words
-	zLen := len(z)
-	if zLen >= xLen && x.Sign() > 0 {
-		var y, yi big.Int
-		y.Set(x)
-		two64 := big.NewInt(1)
-		two64.Lsh(two64, 64).Sub(two64, big.NewInt(1))
-		for i := 0; i < xLen; i++ {
-			yi.And(&y, two64)
-			z[i] = yi.Uint64()
-			y.Rsh(&y, 64)
-		}
-	}
-	for i := xLen; i < zLen; i++ {
-		z[i] = 0
-	}
-}
-
-// MarshalBinary encodes a value into a byte array in a format readable by UnmarshalBinary.
-func MarshalBinary(v cryptobyte.MarshalingValue) ([]byte, error) {
-	const DefaultSize = 32
-	b := cryptobyte.NewBuilder(make([]byte, 0, DefaultSize))
-	b.AddValue(v)
-	return b.Bytes()
-}
-
-// MarshalBinaryLen encodes a value into an array of n bytes in a format readable by UnmarshalBinary.
-func MarshalBinaryLen(v cryptobyte.MarshalingValue, length uint) ([]byte, error) {
-	b := cryptobyte.NewFixedBuilder(make([]byte, 0, length))
-	b.AddValue(v)
-	return b.Bytes()
-}
-
-// A UnmarshalingValue decodes itself from a cryptobyte.String and advances the pointer.
-// It reports whether the read was successful.
-type UnmarshalingValue interface {
-	Unmarshal(*cryptobyte.String) bool
-}
-
-// UnmarshalBinary recovers a value from a byte array.
-// It returns an error if the read was unsuccessful.
-func UnmarshalBinary(v UnmarshalingValue, data []byte) (err error) {
-	s := cryptobyte.String(data)
-	if data == nil || !v.Unmarshal(&s) || !s.Empty() {
-		err = fmt.Errorf("cannot read %T from input string", v)
-	}
-	return
-}
diff --git a/vendor/github.com/cloudflare/circl/internal/sha3/doc.go b/vendor/github.com/cloudflare/circl/internal/sha3/doc.go
deleted file mode 100644
index 7e02309070..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/sha3/doc.go
+++ /dev/null
@@ -1,62 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package sha3 implements the SHA-3 fixed-output-length hash functions and
-// the SHAKE variable-output-length hash functions defined by FIPS-202.
-//
-// Both types of hash function use the "sponge" construction and the Keccak
-// permutation. For a detailed specification see http://keccak.noekeon.org/
-//
-// # Guidance
-//
-// If you aren't sure what function you need, use SHAKE256 with at least 64
-// bytes of output. The SHAKE instances are faster than the SHA3 instances;
-// the latter have to allocate memory to conform to the hash.Hash interface.
-//
-// If you need a secret-key MAC (message authentication code), prepend the
-// secret key to the input, hash with SHAKE256 and read at least 32 bytes of
-// output.
-//
-// # Security strengths
-//
-// The SHA3-x (x equals 224, 256, 384, or 512) functions have a security
-// strength against preimage attacks of x bits. Since they only produce "x"
-// bits of output, their collision-resistance is only "x/2" bits.
-//
-// The SHAKE-256 and -128 functions have a generic security strength of 256 and
-// 128 bits against all attacks, provided that at least 2x bits of their output
-// is used.  Requesting more than 64 or 32 bytes of output, respectively, does
-// not increase the collision-resistance of the SHAKE functions.
-//
-// # The sponge construction
-//
-// A sponge builds a pseudo-random function from a public pseudo-random
-// permutation, by applying the permutation to a state of "rate + capacity"
-// bytes, but hiding "capacity" of the bytes.
-//
-// A sponge starts out with a zero state. To hash an input using a sponge, up
-// to "rate" bytes of the input are XORed into the sponge's state. The sponge
-// is then "full" and the permutation is applied to "empty" it. This process is
-// repeated until all the input has been "absorbed". The input is then padded.
-// The digest is "squeezed" from the sponge in the same way, except that output
-// is copied out instead of input being XORed in.
-//
-// A sponge is parameterized by its generic security strength, which is equal
-// to half its capacity; capacity + rate is equal to the permutation's width.
-// Since the KeccakF-1600 permutation is 1600 bits (200 bytes) wide, this means
-// that the security strength of a sponge instance is equal to (1600 - bitrate) / 2.
-//
-// # Recommendations
-//
-// The SHAKE functions are recommended for most new uses. They can produce
-// output of arbitrary length. SHAKE256, with an output length of at least
-// 64 bytes, provides 256-bit security against all attacks.  The Keccak team
-// recommends it for most applications upgrading from SHA2-512. (NIST chose a
-// much stronger, but much slower, sponge instance for SHA3-512.)
-//
-// The SHA-3 functions are "drop-in" replacements for the SHA-2 functions.
-// They produce output of the same length, with the same security strengths
-// against all attacks. This means, in particular, that SHA3-256 only has
-// 128-bit collision resistance, because its output length is 32 bytes.
-package sha3
diff --git a/vendor/github.com/cloudflare/circl/internal/sha3/hashes.go b/vendor/github.com/cloudflare/circl/internal/sha3/hashes.go
deleted file mode 100644
index 7d2365a76e..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/sha3/hashes.go
+++ /dev/null
@@ -1,69 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package sha3
-
-// This file provides functions for creating instances of the SHA-3
-// and SHAKE hash functions, as well as utility functions for hashing
-// bytes.
-
-// New224 creates a new SHA3-224 hash.
-// Its generic security strength is 224 bits against preimage attacks,
-// and 112 bits against collision attacks.
-func New224() State {
-	return State{rate: 144, outputLen: 28, dsbyte: 0x06}
-}
-
-// New256 creates a new SHA3-256 hash.
-// Its generic security strength is 256 bits against preimage attacks,
-// and 128 bits against collision attacks.
-func New256() State {
-	return State{rate: 136, outputLen: 32, dsbyte: 0x06}
-}
-
-// New384 creates a new SHA3-384 hash.
-// Its generic security strength is 384 bits against preimage attacks,
-// and 192 bits against collision attacks.
-func New384() State {
-	return State{rate: 104, outputLen: 48, dsbyte: 0x06}
-}
-
-// New512 creates a new SHA3-512 hash.
-// Its generic security strength is 512 bits against preimage attacks,
-// and 256 bits against collision attacks.
-func New512() State {
-	return State{rate: 72, outputLen: 64, dsbyte: 0x06}
-}
-
-// Sum224 returns the SHA3-224 digest of the data.
-func Sum224(data []byte) (digest [28]byte) {
-	h := New224()
-	_, _ = h.Write(data)
-	h.Sum(digest[:0])
-	return
-}
-
-// Sum256 returns the SHA3-256 digest of the data.
-func Sum256(data []byte) (digest [32]byte) {
-	h := New256()
-	_, _ = h.Write(data)
-	h.Sum(digest[:0])
-	return
-}
-
-// Sum384 returns the SHA3-384 digest of the data.
-func Sum384(data []byte) (digest [48]byte) {
-	h := New384()
-	_, _ = h.Write(data)
-	h.Sum(digest[:0])
-	return
-}
-
-// Sum512 returns the SHA3-512 digest of the data.
-func Sum512(data []byte) (digest [64]byte) {
-	h := New512()
-	_, _ = h.Write(data)
-	h.Sum(digest[:0])
-	return
-}
diff --git a/vendor/github.com/cloudflare/circl/internal/sha3/keccakf.go b/vendor/github.com/cloudflare/circl/internal/sha3/keccakf.go
deleted file mode 100644
index 1755fd1e6d..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/sha3/keccakf.go
+++ /dev/null
@@ -1,391 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package sha3
-
-// KeccakF1600 applies the Keccak permutation to a 1600b-wide
-// state represented as a slice of 25 uint64s.
-// If turbo is true, applies the 12-round variant instead of the
-// regular 24-round variant.
-// nolint:funlen
-func KeccakF1600(a *[25]uint64, turbo bool) {
-	// Implementation translated from Keccak-inplace.c
-	// in the keccak reference code.
-	var t, bc0, bc1, bc2, bc3, bc4, d0, d1, d2, d3, d4 uint64
-
-	i := 0
-
-	if turbo {
-		i = 12
-	}
-
-	for ; i < 24; i += 4 {
-		// Combines the 5 steps in each round into 2 steps.
-		// Unrolls 4 rounds per loop and spreads some steps across rounds.
-
-		// Round 1
-		bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20]
-		bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21]
-		bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22]
-		bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23]
-		bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24]
-		d0 = bc4 ^ (bc1<<1 | bc1>>63)
-		d1 = bc0 ^ (bc2<<1 | bc2>>63)
-		d2 = bc1 ^ (bc3<<1 | bc3>>63)
-		d3 = bc2 ^ (bc4<<1 | bc4>>63)
-		d4 = bc3 ^ (bc0<<1 | bc0>>63)
-
-		bc0 = a[0] ^ d0
-		t = a[6] ^ d1
-		bc1 = t<<44 | t>>(64-44)
-		t = a[12] ^ d2
-		bc2 = t<<43 | t>>(64-43)
-		t = a[18] ^ d3
-		bc3 = t<<21 | t>>(64-21)
-		t = a[24] ^ d4
-		bc4 = t<<14 | t>>(64-14)
-		a[0] = bc0 ^ (bc2 &^ bc1) ^ RC[i]
-		a[6] = bc1 ^ (bc3 &^ bc2)
-		a[12] = bc2 ^ (bc4 &^ bc3)
-		a[18] = bc3 ^ (bc0 &^ bc4)
-		a[24] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[10] ^ d0
-		bc2 = t<<3 | t>>(64-3)
-		t = a[16] ^ d1
-		bc3 = t<<45 | t>>(64-45)
-		t = a[22] ^ d2
-		bc4 = t<<61 | t>>(64-61)
-		t = a[3] ^ d3
-		bc0 = t<<28 | t>>(64-28)
-		t = a[9] ^ d4
-		bc1 = t<<20 | t>>(64-20)
-		a[10] = bc0 ^ (bc2 &^ bc1)
-		a[16] = bc1 ^ (bc3 &^ bc2)
-		a[22] = bc2 ^ (bc4 &^ bc3)
-		a[3] = bc3 ^ (bc0 &^ bc4)
-		a[9] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[20] ^ d0
-		bc4 = t<<18 | t>>(64-18)
-		t = a[1] ^ d1
-		bc0 = t<<1 | t>>(64-1)
-		t = a[7] ^ d2
-		bc1 = t<<6 | t>>(64-6)
-		t = a[13] ^ d3
-		bc2 = t<<25 | t>>(64-25)
-		t = a[19] ^ d4
-		bc3 = t<<8 | t>>(64-8)
-		a[20] = bc0 ^ (bc2 &^ bc1)
-		a[1] = bc1 ^ (bc3 &^ bc2)
-		a[7] = bc2 ^ (bc4 &^ bc3)
-		a[13] = bc3 ^ (bc0 &^ bc4)
-		a[19] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[5] ^ d0
-		bc1 = t<<36 | t>>(64-36)
-		t = a[11] ^ d1
-		bc2 = t<<10 | t>>(64-10)
-		t = a[17] ^ d2
-		bc3 = t<<15 | t>>(64-15)
-		t = a[23] ^ d3
-		bc4 = t<<56 | t>>(64-56)
-		t = a[4] ^ d4
-		bc0 = t<<27 | t>>(64-27)
-		a[5] = bc0 ^ (bc2 &^ bc1)
-		a[11] = bc1 ^ (bc3 &^ bc2)
-		a[17] = bc2 ^ (bc4 &^ bc3)
-		a[23] = bc3 ^ (bc0 &^ bc4)
-		a[4] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[15] ^ d0
-		bc3 = t<<41 | t>>(64-41)
-		t = a[21] ^ d1
-		bc4 = t<<2 | t>>(64-2)
-		t = a[2] ^ d2
-		bc0 = t<<62 | t>>(64-62)
-		t = a[8] ^ d3
-		bc1 = t<<55 | t>>(64-55)
-		t = a[14] ^ d4
-		bc2 = t<<39 | t>>(64-39)
-		a[15] = bc0 ^ (bc2 &^ bc1)
-		a[21] = bc1 ^ (bc3 &^ bc2)
-		a[2] = bc2 ^ (bc4 &^ bc3)
-		a[8] = bc3 ^ (bc0 &^ bc4)
-		a[14] = bc4 ^ (bc1 &^ bc0)
-
-		// Round 2
-		bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20]
-		bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21]
-		bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22]
-		bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23]
-		bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24]
-		d0 = bc4 ^ (bc1<<1 | bc1>>63)
-		d1 = bc0 ^ (bc2<<1 | bc2>>63)
-		d2 = bc1 ^ (bc3<<1 | bc3>>63)
-		d3 = bc2 ^ (bc4<<1 | bc4>>63)
-		d4 = bc3 ^ (bc0<<1 | bc0>>63)
-
-		bc0 = a[0] ^ d0
-		t = a[16] ^ d1
-		bc1 = t<<44 | t>>(64-44)
-		t = a[7] ^ d2
-		bc2 = t<<43 | t>>(64-43)
-		t = a[23] ^ d3
-		bc3 = t<<21 | t>>(64-21)
-		t = a[14] ^ d4
-		bc4 = t<<14 | t>>(64-14)
-		a[0] = bc0 ^ (bc2 &^ bc1) ^ RC[i+1]
-		a[16] = bc1 ^ (bc3 &^ bc2)
-		a[7] = bc2 ^ (bc4 &^ bc3)
-		a[23] = bc3 ^ (bc0 &^ bc4)
-		a[14] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[20] ^ d0
-		bc2 = t<<3 | t>>(64-3)
-		t = a[11] ^ d1
-		bc3 = t<<45 | t>>(64-45)
-		t = a[2] ^ d2
-		bc4 = t<<61 | t>>(64-61)
-		t = a[18] ^ d3
-		bc0 = t<<28 | t>>(64-28)
-		t = a[9] ^ d4
-		bc1 = t<<20 | t>>(64-20)
-		a[20] = bc0 ^ (bc2 &^ bc1)
-		a[11] = bc1 ^ (bc3 &^ bc2)
-		a[2] = bc2 ^ (bc4 &^ bc3)
-		a[18] = bc3 ^ (bc0 &^ bc4)
-		a[9] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[15] ^ d0
-		bc4 = t<<18 | t>>(64-18)
-		t = a[6] ^ d1
-		bc0 = t<<1 | t>>(64-1)
-		t = a[22] ^ d2
-		bc1 = t<<6 | t>>(64-6)
-		t = a[13] ^ d3
-		bc2 = t<<25 | t>>(64-25)
-		t = a[4] ^ d4
-		bc3 = t<<8 | t>>(64-8)
-		a[15] = bc0 ^ (bc2 &^ bc1)
-		a[6] = bc1 ^ (bc3 &^ bc2)
-		a[22] = bc2 ^ (bc4 &^ bc3)
-		a[13] = bc3 ^ (bc0 &^ bc4)
-		a[4] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[10] ^ d0
-		bc1 = t<<36 | t>>(64-36)
-		t = a[1] ^ d1
-		bc2 = t<<10 | t>>(64-10)
-		t = a[17] ^ d2
-		bc3 = t<<15 | t>>(64-15)
-		t = a[8] ^ d3
-		bc4 = t<<56 | t>>(64-56)
-		t = a[24] ^ d4
-		bc0 = t<<27 | t>>(64-27)
-		a[10] = bc0 ^ (bc2 &^ bc1)
-		a[1] = bc1 ^ (bc3 &^ bc2)
-		a[17] = bc2 ^ (bc4 &^ bc3)
-		a[8] = bc3 ^ (bc0 &^ bc4)
-		a[24] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[5] ^ d0
-		bc3 = t<<41 | t>>(64-41)
-		t = a[21] ^ d1
-		bc4 = t<<2 | t>>(64-2)
-		t = a[12] ^ d2
-		bc0 = t<<62 | t>>(64-62)
-		t = a[3] ^ d3
-		bc1 = t<<55 | t>>(64-55)
-		t = a[19] ^ d4
-		bc2 = t<<39 | t>>(64-39)
-		a[5] = bc0 ^ (bc2 &^ bc1)
-		a[21] = bc1 ^ (bc3 &^ bc2)
-		a[12] = bc2 ^ (bc4 &^ bc3)
-		a[3] = bc3 ^ (bc0 &^ bc4)
-		a[19] = bc4 ^ (bc1 &^ bc0)
-
-		// Round 3
-		bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20]
-		bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21]
-		bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22]
-		bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23]
-		bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24]
-		d0 = bc4 ^ (bc1<<1 | bc1>>63)
-		d1 = bc0 ^ (bc2<<1 | bc2>>63)
-		d2 = bc1 ^ (bc3<<1 | bc3>>63)
-		d3 = bc2 ^ (bc4<<1 | bc4>>63)
-		d4 = bc3 ^ (bc0<<1 | bc0>>63)
-
-		bc0 = a[0] ^ d0
-		t = a[11] ^ d1
-		bc1 = t<<44 | t>>(64-44)
-		t = a[22] ^ d2
-		bc2 = t<<43 | t>>(64-43)
-		t = a[8] ^ d3
-		bc3 = t<<21 | t>>(64-21)
-		t = a[19] ^ d4
-		bc4 = t<<14 | t>>(64-14)
-		a[0] = bc0 ^ (bc2 &^ bc1) ^ RC[i+2]
-		a[11] = bc1 ^ (bc3 &^ bc2)
-		a[22] = bc2 ^ (bc4 &^ bc3)
-		a[8] = bc3 ^ (bc0 &^ bc4)
-		a[19] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[15] ^ d0
-		bc2 = t<<3 | t>>(64-3)
-		t = a[1] ^ d1
-		bc3 = t<<45 | t>>(64-45)
-		t = a[12] ^ d2
-		bc4 = t<<61 | t>>(64-61)
-		t = a[23] ^ d3
-		bc0 = t<<28 | t>>(64-28)
-		t = a[9] ^ d4
-		bc1 = t<<20 | t>>(64-20)
-		a[15] = bc0 ^ (bc2 &^ bc1)
-		a[1] = bc1 ^ (bc3 &^ bc2)
-		a[12] = bc2 ^ (bc4 &^ bc3)
-		a[23] = bc3 ^ (bc0 &^ bc4)
-		a[9] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[5] ^ d0
-		bc4 = t<<18 | t>>(64-18)
-		t = a[16] ^ d1
-		bc0 = t<<1 | t>>(64-1)
-		t = a[2] ^ d2
-		bc1 = t<<6 | t>>(64-6)
-		t = a[13] ^ d3
-		bc2 = t<<25 | t>>(64-25)
-		t = a[24] ^ d4
-		bc3 = t<<8 | t>>(64-8)
-		a[5] = bc0 ^ (bc2 &^ bc1)
-		a[16] = bc1 ^ (bc3 &^ bc2)
-		a[2] = bc2 ^ (bc4 &^ bc3)
-		a[13] = bc3 ^ (bc0 &^ bc4)
-		a[24] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[20] ^ d0
-		bc1 = t<<36 | t>>(64-36)
-		t = a[6] ^ d1
-		bc2 = t<<10 | t>>(64-10)
-		t = a[17] ^ d2
-		bc3 = t<<15 | t>>(64-15)
-		t = a[3] ^ d3
-		bc4 = t<<56 | t>>(64-56)
-		t = a[14] ^ d4
-		bc0 = t<<27 | t>>(64-27)
-		a[20] = bc0 ^ (bc2 &^ bc1)
-		a[6] = bc1 ^ (bc3 &^ bc2)
-		a[17] = bc2 ^ (bc4 &^ bc3)
-		a[3] = bc3 ^ (bc0 &^ bc4)
-		a[14] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[10] ^ d0
-		bc3 = t<<41 | t>>(64-41)
-		t = a[21] ^ d1
-		bc4 = t<<2 | t>>(64-2)
-		t = a[7] ^ d2
-		bc0 = t<<62 | t>>(64-62)
-		t = a[18] ^ d3
-		bc1 = t<<55 | t>>(64-55)
-		t = a[4] ^ d4
-		bc2 = t<<39 | t>>(64-39)
-		a[10] = bc0 ^ (bc2 &^ bc1)
-		a[21] = bc1 ^ (bc3 &^ bc2)
-		a[7] = bc2 ^ (bc4 &^ bc3)
-		a[18] = bc3 ^ (bc0 &^ bc4)
-		a[4] = bc4 ^ (bc1 &^ bc0)
-
-		// Round 4
-		bc0 = a[0] ^ a[5] ^ a[10] ^ a[15] ^ a[20]
-		bc1 = a[1] ^ a[6] ^ a[11] ^ a[16] ^ a[21]
-		bc2 = a[2] ^ a[7] ^ a[12] ^ a[17] ^ a[22]
-		bc3 = a[3] ^ a[8] ^ a[13] ^ a[18] ^ a[23]
-		bc4 = a[4] ^ a[9] ^ a[14] ^ a[19] ^ a[24]
-		d0 = bc4 ^ (bc1<<1 | bc1>>63)
-		d1 = bc0 ^ (bc2<<1 | bc2>>63)
-		d2 = bc1 ^ (bc3<<1 | bc3>>63)
-		d3 = bc2 ^ (bc4<<1 | bc4>>63)
-		d4 = bc3 ^ (bc0<<1 | bc0>>63)
-
-		bc0 = a[0] ^ d0
-		t = a[1] ^ d1
-		bc1 = t<<44 | t>>(64-44)
-		t = a[2] ^ d2
-		bc2 = t<<43 | t>>(64-43)
-		t = a[3] ^ d3
-		bc3 = t<<21 | t>>(64-21)
-		t = a[4] ^ d4
-		bc4 = t<<14 | t>>(64-14)
-		a[0] = bc0 ^ (bc2 &^ bc1) ^ RC[i+3]
-		a[1] = bc1 ^ (bc3 &^ bc2)
-		a[2] = bc2 ^ (bc4 &^ bc3)
-		a[3] = bc3 ^ (bc0 &^ bc4)
-		a[4] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[5] ^ d0
-		bc2 = t<<3 | t>>(64-3)
-		t = a[6] ^ d1
-		bc3 = t<<45 | t>>(64-45)
-		t = a[7] ^ d2
-		bc4 = t<<61 | t>>(64-61)
-		t = a[8] ^ d3
-		bc0 = t<<28 | t>>(64-28)
-		t = a[9] ^ d4
-		bc1 = t<<20 | t>>(64-20)
-		a[5] = bc0 ^ (bc2 &^ bc1)
-		a[6] = bc1 ^ (bc3 &^ bc2)
-		a[7] = bc2 ^ (bc4 &^ bc3)
-		a[8] = bc3 ^ (bc0 &^ bc4)
-		a[9] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[10] ^ d0
-		bc4 = t<<18 | t>>(64-18)
-		t = a[11] ^ d1
-		bc0 = t<<1 | t>>(64-1)
-		t = a[12] ^ d2
-		bc1 = t<<6 | t>>(64-6)
-		t = a[13] ^ d3
-		bc2 = t<<25 | t>>(64-25)
-		t = a[14] ^ d4
-		bc3 = t<<8 | t>>(64-8)
-		a[10] = bc0 ^ (bc2 &^ bc1)
-		a[11] = bc1 ^ (bc3 &^ bc2)
-		a[12] = bc2 ^ (bc4 &^ bc3)
-		a[13] = bc3 ^ (bc0 &^ bc4)
-		a[14] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[15] ^ d0
-		bc1 = t<<36 | t>>(64-36)
-		t = a[16] ^ d1
-		bc2 = t<<10 | t>>(64-10)
-		t = a[17] ^ d2
-		bc3 = t<<15 | t>>(64-15)
-		t = a[18] ^ d3
-		bc4 = t<<56 | t>>(64-56)
-		t = a[19] ^ d4
-		bc0 = t<<27 | t>>(64-27)
-		a[15] = bc0 ^ (bc2 &^ bc1)
-		a[16] = bc1 ^ (bc3 &^ bc2)
-		a[17] = bc2 ^ (bc4 &^ bc3)
-		a[18] = bc3 ^ (bc0 &^ bc4)
-		a[19] = bc4 ^ (bc1 &^ bc0)
-
-		t = a[20] ^ d0
-		bc3 = t<<41 | t>>(64-41)
-		t = a[21] ^ d1
-		bc4 = t<<2 | t>>(64-2)
-		t = a[22] ^ d2
-		bc0 = t<<62 | t>>(64-62)
-		t = a[23] ^ d3
-		bc1 = t<<55 | t>>(64-55)
-		t = a[24] ^ d4
-		bc2 = t<<39 | t>>(64-39)
-		a[20] = bc0 ^ (bc2 &^ bc1)
-		a[21] = bc1 ^ (bc3 &^ bc2)
-		a[22] = bc2 ^ (bc4 &^ bc3)
-		a[23] = bc3 ^ (bc0 &^ bc4)
-		a[24] = bc4 ^ (bc1 &^ bc0)
-	}
-}
diff --git a/vendor/github.com/cloudflare/circl/internal/sha3/rc.go b/vendor/github.com/cloudflare/circl/internal/sha3/rc.go
deleted file mode 100644
index 6a3df42f30..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/sha3/rc.go
+++ /dev/null
@@ -1,29 +0,0 @@
-package sha3
-
-// RC stores the round constants for use in the ι step.
-var RC = [24]uint64{
-	0x0000000000000001,
-	0x0000000000008082,
-	0x800000000000808A,
-	0x8000000080008000,
-	0x000000000000808B,
-	0x0000000080000001,
-	0x8000000080008081,
-	0x8000000000008009,
-	0x000000000000008A,
-	0x0000000000000088,
-	0x0000000080008009,
-	0x000000008000000A,
-	0x000000008000808B,
-	0x800000000000008B,
-	0x8000000000008089,
-	0x8000000000008003,
-	0x8000000000008002,
-	0x8000000000000080,
-	0x000000000000800A,
-	0x800000008000000A,
-	0x8000000080008081,
-	0x8000000000008080,
-	0x0000000080000001,
-	0x8000000080008008,
-}
diff --git a/vendor/github.com/cloudflare/circl/internal/sha3/sha3.go b/vendor/github.com/cloudflare/circl/internal/sha3/sha3.go
deleted file mode 100644
index a0df5aa6c5..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/sha3/sha3.go
+++ /dev/null
@@ -1,200 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package sha3
-
-// spongeDirection indicates the direction bytes are flowing through the sponge.
-type spongeDirection int
-
-const (
-	// spongeAbsorbing indicates that the sponge is absorbing input.
-	spongeAbsorbing spongeDirection = iota
-	// spongeSqueezing indicates that the sponge is being squeezed.
-	spongeSqueezing
-)
-
-const (
-	// maxRate is the maximum size of the internal buffer. SHAKE-256
-	// currently needs the largest buffer.
-	maxRate = 168
-)
-
-func (d *State) buf() []byte {
-	return d.storage.asBytes()[d.bufo:d.bufe]
-}
-
-type State struct {
-	// Generic sponge components.
-	a    [25]uint64 // main state of the hash
-	rate int        // the number of bytes of state to use
-
-	bufo int // offset of buffer in storage
-	bufe int // end of buffer in storage
-
-	// dsbyte contains the "domain separation" bits and the first bit of
-	// the padding. Sections 6.1 and 6.2 of [1] separate the outputs of the
-	// SHA-3 and SHAKE functions by appending bitstrings to the message.
-	// Using a little-endian bit-ordering convention, these are "01" for SHA-3
-	// and "1111" for SHAKE, or 00000010b and 00001111b, respectively. Then the
-	// padding rule from section 5.1 is applied to pad the message to a multiple
-	// of the rate, which involves adding a "1" bit, zero or more "0" bits, and
-	// a final "1" bit. We merge the first "1" bit from the padding into dsbyte,
-	// giving 00000110b (0x06) and 00011111b (0x1f).
-	// [1] http://csrc.nist.gov/publications/drafts/fips-202/fips_202_draft.pdf
-	//     "Draft FIPS 202: SHA-3 Standard: Permutation-Based Hash and
-	//      Extendable-Output Functions (May 2014)"
-	dsbyte byte
-
-	storage storageBuf
-
-	// Specific to SHA-3 and SHAKE.
-	outputLen int             // the default output size in bytes
-	state     spongeDirection // whether the sponge is absorbing or squeezing
-	turbo     bool            // Whether we're using 12 rounds instead of 24
-}
-
-// BlockSize returns the rate of sponge underlying this hash function.
-func (d *State) BlockSize() int { return d.rate }
-
-// Size returns the output size of the hash function in bytes.
-func (d *State) Size() int { return d.outputLen }
-
-// Reset clears the internal state by zeroing the sponge state and
-// the byte buffer, and setting Sponge.state to absorbing.
-func (d *State) Reset() {
-	// Zero the permutation's state.
-	for i := range d.a {
-		d.a[i] = 0
-	}
-	d.state = spongeAbsorbing
-	d.bufo = 0
-	d.bufe = 0
-}
-
-func (d *State) clone() *State {
-	ret := *d
-	return &ret
-}
-
-// permute applies the KeccakF-1600 permutation. It handles
-// any input-output buffering.
-func (d *State) permute() {
-	switch d.state {
-	case spongeAbsorbing:
-		// If we're absorbing, we need to xor the input into the state
-		// before applying the permutation.
-		xorIn(d, d.buf())
-		d.bufe = 0
-		d.bufo = 0
-		KeccakF1600(&d.a, d.turbo)
-	case spongeSqueezing:
-		// If we're squeezing, we need to apply the permutation before
-		// copying more output.
-		KeccakF1600(&d.a, d.turbo)
-		d.bufe = d.rate
-		d.bufo = 0
-		copyOut(d, d.buf())
-	}
-}
-
-// pads appends the domain separation bits in dsbyte, applies
-// the multi-bitrate 10..1 padding rule, and permutes the state.
-func (d *State) padAndPermute(dsbyte byte) {
-	// Pad with this instance's domain-separator bits. We know that there's
-	// at least one byte of space in d.buf() because, if it were full,
-	// permute would have been called to empty it. dsbyte also contains the
-	// first one bit for the padding. See the comment in the state struct.
-	zerosStart := d.bufe + 1
-	d.bufe = d.rate
-	buf := d.buf()
-	buf[zerosStart-1] = dsbyte
-	for i := zerosStart; i < d.rate; i++ {
-		buf[i] = 0
-	}
-	// This adds the final one bit for the padding. Because of the way that
-	// bits are numbered from the LSB upwards, the final bit is the MSB of
-	// the last byte.
-	buf[d.rate-1] ^= 0x80
-	// Apply the permutation
-	d.permute()
-	d.state = spongeSqueezing
-	d.bufe = d.rate
-	copyOut(d, buf)
-}
-
-// Write absorbs more data into the hash's state. It produces an error
-// if more data is written to the ShakeHash after writing
-func (d *State) Write(p []byte) (written int, err error) {
-	if d.state != spongeAbsorbing {
-		panic("sha3: write to sponge after read")
-	}
-	written = len(p)
-
-	for len(p) > 0 {
-		bufl := d.bufe - d.bufo
-		if bufl == 0 && len(p) >= d.rate {
-			// The fast path; absorb a full "rate" bytes of input and apply the permutation.
-			xorIn(d, p[:d.rate])
-			p = p[d.rate:]
-			KeccakF1600(&d.a, d.turbo)
-		} else {
-			// The slow path; buffer the input until we can fill the sponge, and then xor it in.
-			todo := d.rate - bufl
-			if todo > len(p) {
-				todo = len(p)
-			}
-			d.bufe += todo
-			buf := d.buf()
-			copy(buf[bufl:], p[:todo])
-			p = p[todo:]
-
-			// If the sponge is full, apply the permutation.
-			if d.bufe == d.rate {
-				d.permute()
-			}
-		}
-	}
-
-	return written, nil
-}
-
-// Read squeezes an arbitrary number of bytes from the sponge.
-func (d *State) Read(out []byte) (n int, err error) {
-	// If we're still absorbing, pad and apply the permutation.
-	if d.state == spongeAbsorbing {
-		d.padAndPermute(d.dsbyte)
-	}
-
-	n = len(out)
-
-	// Now, do the squeezing.
-	for len(out) > 0 {
-		buf := d.buf()
-		n := copy(out, buf)
-		d.bufo += n
-		out = out[n:]
-
-		// Apply the permutation if we've squeezed the sponge dry.
-		if d.bufo == d.bufe {
-			d.permute()
-		}
-	}
-
-	return
-}
-
-// Sum applies padding to the hash state and then squeezes out the desired
-// number of output bytes.
-func (d *State) Sum(in []byte) []byte {
-	// Make a copy of the original hash so that caller can keep writing
-	// and summing.
-	dup := d.clone()
-	hash := make([]byte, dup.outputLen)
-	_, _ = dup.Read(hash)
-	return append(in, hash...)
-}
-
-func (d *State) IsAbsorbing() bool {
-	return d.state == spongeAbsorbing
-}
diff --git a/vendor/github.com/cloudflare/circl/internal/sha3/sha3_s390x.s b/vendor/github.com/cloudflare/circl/internal/sha3/sha3_s390x.s
deleted file mode 100644
index 8a4458f63f..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/sha3/sha3_s390x.s
+++ /dev/null
@@ -1,33 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !gccgo,!appengine
-
-#include "textflag.h"
-
-// func kimd(function code, chain *[200]byte, src []byte)
-TEXT ·kimd(SB), NOFRAME|NOSPLIT, $0-40
-	MOVD function+0(FP), R0
-	MOVD chain+8(FP), R1
-	LMG  src+16(FP), R2, R3 // R2=base, R3=len
-
-continue:
-	WORD $0xB93E0002 // KIMD --, R2
-	BVS  continue    // continue if interrupted
-	MOVD $0, R0      // reset R0 for pre-go1.8 compilers
-	RET
-
-// func klmd(function code, chain *[200]byte, dst, src []byte)
-TEXT ·klmd(SB), NOFRAME|NOSPLIT, $0-64
-	// TODO: SHAKE support
-	MOVD function+0(FP), R0
-	MOVD chain+8(FP), R1
-	LMG  dst+16(FP), R2, R3 // R2=base, R3=len
-	LMG  src+40(FP), R4, R5 // R4=base, R5=len
-
-continue:
-	WORD $0xB93F0024 // KLMD R2, R4
-	BVS  continue    // continue if interrupted
-	MOVD $0, R0      // reset R0 for pre-go1.8 compilers
-	RET
diff --git a/vendor/github.com/cloudflare/circl/internal/sha3/shake.go b/vendor/github.com/cloudflare/circl/internal/sha3/shake.go
deleted file mode 100644
index 77817f758c..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/sha3/shake.go
+++ /dev/null
@@ -1,119 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package sha3
-
-// This file defines the ShakeHash interface, and provides
-// functions for creating SHAKE and cSHAKE instances, as well as utility
-// functions for hashing bytes to arbitrary-length output.
-//
-//
-// SHAKE implementation is based on FIPS PUB 202 [1]
-// cSHAKE implementations is based on NIST SP 800-185 [2]
-//
-// [1] https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf
-// [2] https://doi.org/10.6028/NIST.SP.800-185
-
-import (
-	"io"
-)
-
-// ShakeHash defines the interface to hash functions that
-// support arbitrary-length output.
-type ShakeHash interface {
-	// Write absorbs more data into the hash's state. It panics if input is
-	// written to it after output has been read from it.
-	io.Writer
-
-	// Read reads more output from the hash; reading affects the hash's
-	// state. (ShakeHash.Read is thus very different from Hash.Sum)
-	// It never returns an error.
-	io.Reader
-
-	// Clone returns a copy of the ShakeHash in its current state.
-	Clone() ShakeHash
-
-	// Reset resets the ShakeHash to its initial state.
-	Reset()
-}
-
-// Consts for configuring initial SHA-3 state
-const (
-	dsbyteShake = 0x1f
-	rate128     = 168
-	rate256     = 136
-)
-
-// Clone returns copy of SHAKE context within its current state.
-func (d *State) Clone() ShakeHash {
-	return d.clone()
-}
-
-// NewShake128 creates a new SHAKE128 variable-output-length ShakeHash.
-// Its generic security strength is 128 bits against all attacks if at
-// least 32 bytes of its output are used.
-func NewShake128() State {
-	return State{rate: rate128, dsbyte: dsbyteShake}
-}
-
-// NewTurboShake128 creates a new TurboSHAKE128 variable-output-length ShakeHash.
-// Its generic security strength is 128 bits against all attacks if at
-// least 32 bytes of its output are used.
-// D is the domain separation byte and must be between 0x01 and 0x7f inclusive.
-func NewTurboShake128(D byte) State {
-	if D == 0 || D > 0x7f {
-		panic("turboshake: D out of range")
-	}
-	return State{rate: rate128, dsbyte: D, turbo: true}
-}
-
-// NewShake256 creates a new SHAKE256 variable-output-length ShakeHash.
-// Its generic security strength is 256 bits against all attacks if
-// at least 64 bytes of its output are used.
-func NewShake256() State {
-	return State{rate: rate256, dsbyte: dsbyteShake}
-}
-
-// NewTurboShake256 creates a new TurboSHAKE256 variable-output-length ShakeHash.
-// Its generic security strength is 256 bits against all attacks if
-// at least 64 bytes of its output are used.
-// D is the domain separation byte and must be between 0x01 and 0x7f inclusive.
-func NewTurboShake256(D byte) State {
-	if D == 0 || D > 0x7f {
-		panic("turboshake: D out of range")
-	}
-	return State{rate: rate256, dsbyte: D, turbo: true}
-}
-
-// ShakeSum128 writes an arbitrary-length digest of data into hash.
-func ShakeSum128(hash, data []byte) {
-	h := NewShake128()
-	_, _ = h.Write(data)
-	_, _ = h.Read(hash)
-}
-
-// ShakeSum256 writes an arbitrary-length digest of data into hash.
-func ShakeSum256(hash, data []byte) {
-	h := NewShake256()
-	_, _ = h.Write(data)
-	_, _ = h.Read(hash)
-}
-
-// TurboShakeSum128 writes an arbitrary-length digest of data into hash.
-func TurboShakeSum128(hash, data []byte, D byte) {
-	h := NewTurboShake128(D)
-	_, _ = h.Write(data)
-	_, _ = h.Read(hash)
-}
-
-// TurboShakeSum256 writes an arbitrary-length digest of data into hash.
-func TurboShakeSum256(hash, data []byte, D byte) {
-	h := NewTurboShake256(D)
-	_, _ = h.Write(data)
-	_, _ = h.Read(hash)
-}
-
-func (d *State) SwitchDS(D byte) {
-	d.dsbyte = D
-}
diff --git a/vendor/github.com/cloudflare/circl/internal/sha3/xor.go b/vendor/github.com/cloudflare/circl/internal/sha3/xor.go
deleted file mode 100644
index 1e21337454..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/sha3/xor.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build (!amd64 && !386 && !ppc64le) || appengine
-// +build !amd64,!386,!ppc64le appengine
-
-package sha3
-
-// A storageBuf is an aligned array of maxRate bytes.
-type storageBuf [maxRate]byte
-
-func (b *storageBuf) asBytes() *[maxRate]byte {
-	return (*[maxRate]byte)(b)
-}
diff --git a/vendor/github.com/cloudflare/circl/internal/sha3/xor_generic.go b/vendor/github.com/cloudflare/circl/internal/sha3/xor_generic.go
deleted file mode 100644
index 2b0c661790..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/sha3/xor_generic.go
+++ /dev/null
@@ -1,33 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build (!amd64 || appengine) && (!386 || appengine) && (!ppc64le || appengine)
-// +build !amd64 appengine
-// +build !386 appengine
-// +build !ppc64le appengine
-
-package sha3
-
-import "encoding/binary"
-
-// xorIn xors the bytes in buf into the state; it
-// makes no non-portable assumptions about memory layout
-// or alignment.
-func xorIn(d *State, buf []byte) {
-	n := len(buf) / 8
-
-	for i := 0; i < n; i++ {
-		a := binary.LittleEndian.Uint64(buf)
-		d.a[i] ^= a
-		buf = buf[8:]
-	}
-}
-
-// copyOut copies ulint64s to a byte buffer.
-func copyOut(d *State, b []byte) {
-	for i := 0; len(b) >= 8; i++ {
-		binary.LittleEndian.PutUint64(b, d.a[i])
-		b = b[8:]
-	}
-}
diff --git a/vendor/github.com/cloudflare/circl/internal/sha3/xor_unaligned.go b/vendor/github.com/cloudflare/circl/internal/sha3/xor_unaligned.go
deleted file mode 100644
index 052fc8d32d..0000000000
--- a/vendor/github.com/cloudflare/circl/internal/sha3/xor_unaligned.go
+++ /dev/null
@@ -1,61 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build (amd64 || 386 || ppc64le) && !appengine
-// +build amd64 386 ppc64le
-// +build !appengine
-
-package sha3
-
-import "unsafe"
-
-// A storageBuf is an aligned array of maxRate bytes.
-type storageBuf [maxRate / 8]uint64
-
-func (b *storageBuf) asBytes() *[maxRate]byte {
-	return (*[maxRate]byte)(unsafe.Pointer(b))
-}
-
-// xorInuses unaligned reads and writes to update d.a to contain d.a
-// XOR buf.
-func xorIn(d *State, buf []byte) {
-	n := len(buf)
-	bw := (*[maxRate / 8]uint64)(unsafe.Pointer(&buf[0]))[: n/8 : n/8]
-	if n >= 72 {
-		d.a[0] ^= bw[0]
-		d.a[1] ^= bw[1]
-		d.a[2] ^= bw[2]
-		d.a[3] ^= bw[3]
-		d.a[4] ^= bw[4]
-		d.a[5] ^= bw[5]
-		d.a[6] ^= bw[6]
-		d.a[7] ^= bw[7]
-		d.a[8] ^= bw[8]
-	}
-	if n >= 104 {
-		d.a[9] ^= bw[9]
-		d.a[10] ^= bw[10]
-		d.a[11] ^= bw[11]
-		d.a[12] ^= bw[12]
-	}
-	if n >= 136 {
-		d.a[13] ^= bw[13]
-		d.a[14] ^= bw[14]
-		d.a[15] ^= bw[15]
-		d.a[16] ^= bw[16]
-	}
-	if n >= 144 {
-		d.a[17] ^= bw[17]
-	}
-	if n >= 168 {
-		d.a[18] ^= bw[18]
-		d.a[19] ^= bw[19]
-		d.a[20] ^= bw[20]
-	}
-}
-
-func copyOut(d *State, buf []byte) {
-	ab := (*[maxRate]uint8)(unsafe.Pointer(&d.a[0]))
-	copy(buf, ab[:])
-}
diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp.go b/vendor/github.com/cloudflare/circl/math/fp25519/fp.go
deleted file mode 100644
index 57a50ff5e9..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp25519/fp.go
+++ /dev/null
@@ -1,205 +0,0 @@
-// Package fp25519 provides prime field arithmetic over GF(2^255-19).
-package fp25519
-
-import (
-	"errors"
-
-	"github.com/cloudflare/circl/internal/conv"
-)
-
-// Size in bytes of an element.
-const Size = 32
-
-// Elt is a prime field element.
-type Elt [Size]byte
-
-func (e Elt) String() string { return conv.BytesLe2Hex(e[:]) }
-
-// p is the prime modulus 2^255-19.
-var p = Elt{
-	0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f,
-}
-
-// P returns the prime modulus 2^255-19.
-func P() Elt { return p }
-
-// ToBytes stores in b the little-endian byte representation of x.
-func ToBytes(b []byte, x *Elt) error {
-	if len(b) != Size {
-		return errors.New("wrong size")
-	}
-	Modp(x)
-	copy(b, x[:])
-	return nil
-}
-
-// IsZero returns true if x is equal to 0.
-func IsZero(x *Elt) bool { Modp(x); return *x == Elt{} }
-
-// SetOne assigns x=1.
-func SetOne(x *Elt) { *x = Elt{}; x[0] = 1 }
-
-// Neg calculates z = -x.
-func Neg(z, x *Elt) { Sub(z, &p, x) }
-
-// InvSqrt calculates z = sqrt(x/y) iff x/y is a quadratic-residue, which is
-// indicated by returning isQR = true. Otherwise, when x/y is a quadratic
-// non-residue, z will have an undetermined value and isQR = false.
-func InvSqrt(z, x, y *Elt) (isQR bool) {
-	sqrtMinusOne := &Elt{
-		0xb0, 0xa0, 0x0e, 0x4a, 0x27, 0x1b, 0xee, 0xc4,
-		0x78, 0xe4, 0x2f, 0xad, 0x06, 0x18, 0x43, 0x2f,
-		0xa7, 0xd7, 0xfb, 0x3d, 0x99, 0x00, 0x4d, 0x2b,
-		0x0b, 0xdf, 0xc1, 0x4f, 0x80, 0x24, 0x83, 0x2b,
-	}
-	t0, t1, t2, t3 := &Elt{}, &Elt{}, &Elt{}, &Elt{}
-
-	Mul(t0, x, y)   // t0 = u*v
-	Sqr(t1, y)      // t1 = v^2
-	Mul(t2, t0, t1) // t2 = u*v^3
-	Sqr(t0, t1)     // t0 = v^4
-	Mul(t1, t0, t2) // t1 = u*v^7
-
-	var Tab [4]*Elt
-	Tab[0] = &Elt{}
-	Tab[1] = &Elt{}
-	Tab[2] = t3
-	Tab[3] = t1
-
-	*Tab[0] = *t1
-	Sqr(Tab[0], Tab[0])
-	Sqr(Tab[1], Tab[0])
-	Sqr(Tab[1], Tab[1])
-	Mul(Tab[1], Tab[1], Tab[3])
-	Mul(Tab[0], Tab[0], Tab[1])
-	Sqr(Tab[0], Tab[0])
-	Mul(Tab[0], Tab[0], Tab[1])
-	Sqr(Tab[1], Tab[0])
-	for i := 0; i < 4; i++ {
-		Sqr(Tab[1], Tab[1])
-	}
-	Mul(Tab[1], Tab[1], Tab[0])
-	Sqr(Tab[2], Tab[1])
-	for i := 0; i < 4; i++ {
-		Sqr(Tab[2], Tab[2])
-	}
-	Mul(Tab[2], Tab[2], Tab[0])
-	Sqr(Tab[1], Tab[2])
-	for i := 0; i < 14; i++ {
-		Sqr(Tab[1], Tab[1])
-	}
-	Mul(Tab[1], Tab[1], Tab[2])
-	Sqr(Tab[2], Tab[1])
-	for i := 0; i < 29; i++ {
-		Sqr(Tab[2], Tab[2])
-	}
-	Mul(Tab[2], Tab[2], Tab[1])
-	Sqr(Tab[1], Tab[2])
-	for i := 0; i < 59; i++ {
-		Sqr(Tab[1], Tab[1])
-	}
-	Mul(Tab[1], Tab[1], Tab[2])
-	for i := 0; i < 5; i++ {
-		Sqr(Tab[1], Tab[1])
-	}
-	Mul(Tab[1], Tab[1], Tab[0])
-	Sqr(Tab[2], Tab[1])
-	for i := 0; i < 124; i++ {
-		Sqr(Tab[2], Tab[2])
-	}
-	Mul(Tab[2], Tab[2], Tab[1])
-	Sqr(Tab[2], Tab[2])
-	Sqr(Tab[2], Tab[2])
-	Mul(Tab[2], Tab[2], Tab[3])
-
-	Mul(z, t3, t2) // z = xy^(p+3)/8 = xy^3*(xy^7)^(p-5)/8
-	// Checking whether y z^2 == x
-	Sqr(t0, z)     // t0 = z^2
-	Mul(t0, t0, y) // t0 = yz^2
-	Sub(t1, t0, x) // t1 = t0-u
-	Add(t2, t0, x) // t2 = t0+u
-	if IsZero(t1) {
-		return true
-	} else if IsZero(t2) {
-		Mul(z, z, sqrtMinusOne) // z = z*sqrt(-1)
-		return true
-	} else {
-		return false
-	}
-}
-
-// Inv calculates z = 1/x mod p.
-func Inv(z, x *Elt) {
-	x0, x1, x2 := &Elt{}, &Elt{}, &Elt{}
-	Sqr(x1, x)
-	Sqr(x0, x1)
-	Sqr(x0, x0)
-	Mul(x0, x0, x)
-	Mul(z, x0, x1)
-	Sqr(x1, z)
-	Mul(x0, x0, x1)
-	Sqr(x1, x0)
-	for i := 0; i < 4; i++ {
-		Sqr(x1, x1)
-	}
-	Mul(x0, x0, x1)
-	Sqr(x1, x0)
-	for i := 0; i < 9; i++ {
-		Sqr(x1, x1)
-	}
-	Mul(x1, x1, x0)
-	Sqr(x2, x1)
-	for i := 0; i < 19; i++ {
-		Sqr(x2, x2)
-	}
-	Mul(x2, x2, x1)
-	for i := 0; i < 10; i++ {
-		Sqr(x2, x2)
-	}
-	Mul(x2, x2, x0)
-	Sqr(x0, x2)
-	for i := 0; i < 49; i++ {
-		Sqr(x0, x0)
-	}
-	Mul(x0, x0, x2)
-	Sqr(x1, x0)
-	for i := 0; i < 99; i++ {
-		Sqr(x1, x1)
-	}
-	Mul(x1, x1, x0)
-	for i := 0; i < 50; i++ {
-		Sqr(x1, x1)
-	}
-	Mul(x1, x1, x2)
-	for i := 0; i < 5; i++ {
-		Sqr(x1, x1)
-	}
-	Mul(z, z, x1)
-}
-
-// Cmov assigns y to x if n is 1.
-func Cmov(x, y *Elt, n uint) { cmov(x, y, n) }
-
-// Cswap interchanges x and y if n is 1.
-func Cswap(x, y *Elt, n uint) { cswap(x, y, n) }
-
-// Add calculates z = x+y mod p.
-func Add(z, x, y *Elt) { add(z, x, y) }
-
-// Sub calculates z = x-y mod p.
-func Sub(z, x, y *Elt) { sub(z, x, y) }
-
-// AddSub calculates (x,y) = (x+y mod p, x-y mod p).
-func AddSub(x, y *Elt) { addsub(x, y) }
-
-// Mul calculates z = x*y mod p.
-func Mul(z, x, y *Elt) { mul(z, x, y) }
-
-// Sqr calculates z = x^2 mod p.
-func Sqr(z, x *Elt) { sqr(z, x) }
-
-// Modp ensures that z is between [0,p-1].
-func Modp(z *Elt) { modp(z) }
diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go b/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go
deleted file mode 100644
index 057f0d2803..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go
+++ /dev/null
@@ -1,45 +0,0 @@
-//go:build amd64 && !purego
-// +build amd64,!purego
-
-package fp25519
-
-import (
-	"golang.org/x/sys/cpu"
-)
-
-var hasBmi2Adx = cpu.X86.HasBMI2 && cpu.X86.HasADX
-
-var _ = hasBmi2Adx
-
-func cmov(x, y *Elt, n uint)  { cmovAmd64(x, y, n) }
-func cswap(x, y *Elt, n uint) { cswapAmd64(x, y, n) }
-func add(z, x, y *Elt)        { addAmd64(z, x, y) }
-func sub(z, x, y *Elt)        { subAmd64(z, x, y) }
-func addsub(x, y *Elt)        { addsubAmd64(x, y) }
-func mul(z, x, y *Elt)        { mulAmd64(z, x, y) }
-func sqr(z, x *Elt)           { sqrAmd64(z, x) }
-func modp(z *Elt)             { modpAmd64(z) }
-
-//go:noescape
-func cmovAmd64(x, y *Elt, n uint)
-
-//go:noescape
-func cswapAmd64(x, y *Elt, n uint)
-
-//go:noescape
-func addAmd64(z, x, y *Elt)
-
-//go:noescape
-func subAmd64(z, x, y *Elt)
-
-//go:noescape
-func addsubAmd64(x, y *Elt)
-
-//go:noescape
-func mulAmd64(z, x, y *Elt)
-
-//go:noescape
-func sqrAmd64(z, x *Elt)
-
-//go:noescape
-func modpAmd64(z *Elt)
diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h b/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h
deleted file mode 100644
index b884b584ab..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h
+++ /dev/null
@@ -1,351 +0,0 @@
-// This code was imported from https://github.com/armfazh/rfc7748_precomputed
-
-// CHECK_BMI2ADX triggers bmi2adx if supported,
-// otherwise it fallbacks to legacy code.
-#define CHECK_BMI2ADX(label, legacy, bmi2adx) \
-    CMPB ·hasBmi2Adx(SB), $0  \
-    JE label                  \
-    bmi2adx                   \
-    RET                       \
-    label:                    \
-    legacy                    \
-    RET
-
-// cselect is a conditional move
-// if b=1: it copies y into x;
-// if b=0: x remains with the same value;
-// if b<> 0,1: undefined.
-// Uses: AX, DX, FLAGS
-// Instr: x86_64, cmov
-#define cselect(x,y,b) \
-    TESTQ b, b \
-    MOVQ  0+x, AX; MOVQ  0+y, DX; CMOVQNE DX, AX; MOVQ AX,  0+x; \
-    MOVQ  8+x, AX; MOVQ  8+y, DX; CMOVQNE DX, AX; MOVQ AX,  8+x; \
-    MOVQ 16+x, AX; MOVQ 16+y, DX; CMOVQNE DX, AX; MOVQ AX, 16+x; \
-    MOVQ 24+x, AX; MOVQ 24+y, DX; CMOVQNE DX, AX; MOVQ AX, 24+x;
-
-// cswap is a conditional swap
-// if b=1: x,y <- y,x;
-// if b=0: x,y remain with the same values;
-// if b<> 0,1: undefined.
-// Uses: AX, DX, R8, FLAGS
-// Instr: x86_64, cmov
-#define cswap(x,y,b) \
-    TESTQ b, b \
-    MOVQ  0+x, AX; MOVQ AX, R8; MOVQ  0+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX,  0+x; MOVQ DX,  0+y; \
-    MOVQ  8+x, AX; MOVQ AX, R8; MOVQ  8+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX,  8+x; MOVQ DX,  8+y; \
-    MOVQ 16+x, AX; MOVQ AX, R8; MOVQ 16+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 16+x; MOVQ DX, 16+y; \
-    MOVQ 24+x, AX; MOVQ AX, R8; MOVQ 24+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 24+x; MOVQ DX, 24+y;
-
-// additionLeg adds x and y and stores in z
-// Uses: AX, DX, R8-R11, FLAGS
-// Instr: x86_64, cmov
-#define additionLeg(z,x,y) \
-    MOVL $38, AX; \
-    MOVL  $0, DX; \
-    MOVQ  0+x,  R8;  ADDQ  0+y,  R8; \
-    MOVQ  8+x,  R9;  ADCQ  8+y,  R9; \
-    MOVQ 16+x, R10;  ADCQ 16+y, R10; \
-    MOVQ 24+x, R11;  ADCQ 24+y, R11; \
-    CMOVQCS AX, DX;    \
-    ADDQ DX,  R8; \
-    ADCQ $0,  R9;  MOVQ  R9,  8+z; \
-    ADCQ $0, R10;  MOVQ R10, 16+z; \
-    ADCQ $0, R11;  MOVQ R11, 24+z; \
-    MOVL $0,  DX; \
-    CMOVQCS AX, DX; \
-    ADDQ DX,  R8;  MOVQ  R8,  0+z;
-
-// additionAdx adds x and y and stores in z
-// Uses: AX, DX, R8-R11, FLAGS
-// Instr: x86_64, cmov, adx
-#define additionAdx(z,x,y) \
-    MOVL $38, AX; \
-    XORL  DX, DX; \
-    MOVQ  0+x,  R8;  ADCXQ  0+y,  R8; \
-    MOVQ  8+x,  R9;  ADCXQ  8+y,  R9; \
-    MOVQ 16+x, R10;  ADCXQ 16+y, R10; \
-    MOVQ 24+x, R11;  ADCXQ 24+y, R11; \
-    CMOVQCS AX, DX ; \
-    XORL  AX,  AX; \
-    ADCXQ DX,  R8; \
-    ADCXQ AX,  R9;  MOVQ  R9,  8+z; \
-    ADCXQ AX, R10;  MOVQ R10, 16+z; \
-    ADCXQ AX, R11;  MOVQ R11, 24+z; \
-    MOVL $38,  DX; \
-    CMOVQCS DX, AX; \
-    ADDQ  AX,  R8;  MOVQ  R8,  0+z;
-
-// subtraction subtracts y from x and stores in z
-// Uses: AX, DX, R8-R11, FLAGS
-// Instr: x86_64, cmov
-#define subtraction(z,x,y) \
-    MOVL   $38,  AX; \
-    MOVQ  0+x,  R8;  SUBQ  0+y,  R8; \
-    MOVQ  8+x,  R9;  SBBQ  8+y,  R9; \
-    MOVQ 16+x, R10;  SBBQ 16+y, R10; \
-    MOVQ 24+x, R11;  SBBQ 24+y, R11; \
-    MOVL $0, DX; \
-    CMOVQCS AX, DX; \
-    SUBQ  DX,  R8; \
-    SBBQ  $0,  R9;  MOVQ  R9,  8+z; \
-    SBBQ  $0, R10;  MOVQ R10, 16+z; \
-    SBBQ  $0, R11;  MOVQ R11, 24+z; \
-    MOVL  $0,  DX; \
-    CMOVQCS AX, DX; \
-    SUBQ  DX,  R8;  MOVQ  R8,  0+z;
-
-// integerMulAdx multiplies x and y and stores in z
-// Uses: AX, DX, R8-R15, FLAGS
-// Instr: x86_64, bmi2, adx
-#define integerMulAdx(z,x,y) \
-    MOVL    $0,R15; \
-    MOVQ   0+y, DX;       XORL  AX,  AX; \
-    MULXQ  0+x, AX,  R8;  MOVQ  AX, 0+z; \
-    MULXQ  8+x, AX,  R9;  ADCXQ AX,  R8; \
-    MULXQ 16+x, AX, R10;  ADCXQ AX,  R9; \
-    MULXQ 24+x, AX, R11;  ADCXQ AX, R10; \
-    MOVL $0, AX;;;;;;;;;  ADCXQ AX, R11; \
-    MOVQ   8+y, DX;       XORL   AX,  AX; \
-    MULXQ  0+x, AX, R12;  ADCXQ  R8,  AX;  MOVQ  AX,  8+z; \
-    MULXQ  8+x, AX, R13;  ADCXQ  R9, R12;  ADOXQ AX, R12; \
-    MULXQ 16+x, AX, R14;  ADCXQ R10, R13;  ADOXQ AX, R13; \
-    MULXQ 24+x, AX, R15;  ADCXQ R11, R14;  ADOXQ AX, R14; \
-    MOVL $0, AX;;;;;;;;;  ADCXQ  AX, R15;  ADOXQ AX, R15; \
-    MOVQ  16+y, DX;       XORL   AX,  AX; \
-    MULXQ  0+x, AX,  R8;  ADCXQ R12,  AX;  MOVQ  AX, 16+z; \
-    MULXQ  8+x, AX,  R9;  ADCXQ R13,  R8;  ADOXQ AX,  R8; \
-    MULXQ 16+x, AX, R10;  ADCXQ R14,  R9;  ADOXQ AX,  R9; \
-    MULXQ 24+x, AX, R11;  ADCXQ R15, R10;  ADOXQ AX, R10; \
-    MOVL $0, AX;;;;;;;;;  ADCXQ  AX, R11;  ADOXQ AX, R11; \
-    MOVQ  24+y, DX;       XORL   AX,  AX; \
-    MULXQ  0+x, AX, R12;  ADCXQ  R8,  AX;  MOVQ  AX, 24+z; \
-    MULXQ  8+x, AX, R13;  ADCXQ  R9, R12;  ADOXQ AX, R12;  MOVQ R12, 32+z; \
-    MULXQ 16+x, AX, R14;  ADCXQ R10, R13;  ADOXQ AX, R13;  MOVQ R13, 40+z; \
-    MULXQ 24+x, AX, R15;  ADCXQ R11, R14;  ADOXQ AX, R14;  MOVQ R14, 48+z; \
-    MOVL $0, AX;;;;;;;;;  ADCXQ  AX, R15;  ADOXQ AX, R15;  MOVQ R15, 56+z;
-
-// integerMulLeg multiplies x and y and stores in z
-// Uses: AX, DX, R8-R15, FLAGS
-// Instr: x86_64
-#define integerMulLeg(z,x,y) \
-    MOVQ  0+y, R8; \
-    MOVQ  0+x, AX; MULQ R8; MOVQ AX, 0+z; MOVQ DX, R15; \
-    MOVQ  8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \
-    MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \
-    MOVQ 24+x, AX; MULQ R8; \
-    ADDQ R13, R15; \
-    ADCQ R14, R10;  MOVQ R10, 16+z; \
-    ADCQ  AX, R11;  MOVQ R11, 24+z; \
-    ADCQ  $0,  DX;  MOVQ  DX, 32+z; \
-    MOVQ  8+y, R8; \
-    MOVQ  0+x, AX; MULQ R8; MOVQ AX, R12; MOVQ DX,  R9; \
-    MOVQ  8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \
-    MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \
-    MOVQ 24+x, AX; MULQ R8; \
-    ADDQ R12, R15; MOVQ R15,  8+z; \
-    ADCQ R13,  R9; \
-    ADCQ R14, R10; \
-    ADCQ  AX, R11; \
-    ADCQ  $0,  DX; \
-    ADCQ 16+z,  R9;  MOVQ  R9,  R15; \
-    ADCQ 24+z, R10;  MOVQ R10, 24+z; \
-    ADCQ 32+z, R11;  MOVQ R11, 32+z; \
-    ADCQ   $0,  DX;  MOVQ  DX, 40+z; \
-    MOVQ 16+y, R8; \
-    MOVQ  0+x, AX; MULQ R8; MOVQ AX, R12; MOVQ DX,  R9; \
-    MOVQ  8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \
-    MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \
-    MOVQ 24+x, AX; MULQ R8; \
-    ADDQ R12, R15;  MOVQ R15, 16+z; \
-    ADCQ R13,  R9; \
-    ADCQ R14, R10; \
-    ADCQ  AX, R11; \
-    ADCQ  $0,  DX; \
-    ADCQ 24+z,  R9;  MOVQ  R9,  R15; \
-    ADCQ 32+z, R10;  MOVQ R10, 32+z; \
-    ADCQ 40+z, R11;  MOVQ R11, 40+z; \
-    ADCQ   $0,  DX;  MOVQ  DX, 48+z; \
-    MOVQ 24+y, R8; \
-    MOVQ  0+x, AX; MULQ R8; MOVQ AX, R12; MOVQ DX,  R9; \
-    MOVQ  8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \
-    MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \
-    MOVQ 24+x, AX; MULQ R8; \
-    ADDQ R12, R15; MOVQ R15, 24+z; \
-    ADCQ R13,  R9; \
-    ADCQ R14, R10; \
-    ADCQ  AX, R11; \
-    ADCQ  $0,  DX; \
-    ADCQ 32+z,  R9;  MOVQ  R9, 32+z; \
-    ADCQ 40+z, R10;  MOVQ R10, 40+z; \
-    ADCQ 48+z, R11;  MOVQ R11, 48+z; \
-    ADCQ   $0,  DX;  MOVQ  DX, 56+z;
-
-// integerSqrLeg squares x and stores in z
-// Uses: AX, CX, DX, R8-R15, FLAGS
-// Instr: x86_64
-#define integerSqrLeg(z,x) \
-    MOVQ  0+x, R8; \
-    MOVQ  8+x, AX; MULQ R8; MOVQ AX,  R9; MOVQ DX, R10; /* A[0]*A[1] */ \
-    MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; /* A[0]*A[2] */ \
-    MOVQ 24+x, AX; MULQ R8; MOVQ AX, R15; MOVQ DX, R12; /* A[0]*A[3] */ \
-    MOVQ 24+x, R8; \
-    MOVQ  8+x, AX; MULQ R8; MOVQ AX,  CX; MOVQ DX, R13; /* A[3]*A[1] */ \
-    MOVQ 16+x, AX; MULQ R8; /* A[3]*A[2] */ \
-    \
-    ADDQ R14, R10;\
-    ADCQ R15, R11; MOVL $0, R15;\
-    ADCQ  CX, R12;\
-    ADCQ  AX, R13;\
-    ADCQ  $0,  DX; MOVQ DX, R14;\
-    MOVQ 8+x, AX; MULQ 16+x;\
-    \
-    ADDQ AX, R11;\
-    ADCQ DX, R12;\
-    ADCQ $0, R13;\
-    ADCQ $0, R14;\
-    ADCQ $0, R15;\
-    \
-    SHLQ $1, R14, R15; MOVQ R15, 56+z;\
-    SHLQ $1, R13, R14; MOVQ R14, 48+z;\
-    SHLQ $1, R12, R13; MOVQ R13, 40+z;\
-    SHLQ $1, R11, R12; MOVQ R12, 32+z;\
-    SHLQ $1, R10, R11; MOVQ R11, 24+z;\
-    SHLQ $1,  R9, R10; MOVQ R10, 16+z;\
-    SHLQ $1,  R9;      MOVQ  R9,  8+z;\
-    \
-    MOVQ  0+x,AX; MULQ AX; MOVQ AX, 0+z; MOVQ DX,  R9;\
-    MOVQ  8+x,AX; MULQ AX; MOVQ AX, R10; MOVQ DX, R11;\
-    MOVQ 16+x,AX; MULQ AX; MOVQ AX, R12; MOVQ DX, R13;\
-    MOVQ 24+x,AX; MULQ AX; MOVQ AX, R14; MOVQ DX, R15;\
-    \
-    ADDQ  8+z,  R9; MOVQ  R9,  8+z;\
-    ADCQ 16+z, R10; MOVQ R10, 16+z;\
-    ADCQ 24+z, R11; MOVQ R11, 24+z;\
-    ADCQ 32+z, R12; MOVQ R12, 32+z;\
-    ADCQ 40+z, R13; MOVQ R13, 40+z;\
-    ADCQ 48+z, R14; MOVQ R14, 48+z;\
-    ADCQ 56+z, R15; MOVQ R15, 56+z;
-
-// integerSqrAdx squares x and stores in z
-// Uses: AX, CX, DX, R8-R15, FLAGS
-// Instr: x86_64, bmi2, adx
-#define integerSqrAdx(z,x) \
-    MOVQ   0+x,  DX; /* A[0] */ \
-    MULXQ  8+x,  R8, R14; /* A[1]*A[0] */  XORL  R15, R15; \
-    MULXQ 16+x,  R9, R10; /* A[2]*A[0] */  ADCXQ R14,  R9; \
-    MULXQ 24+x,  AX,  CX; /* A[3]*A[0] */  ADCXQ  AX, R10; \
-    MOVQ  24+x,  DX; /* A[3] */ \
-    MULXQ  8+x, R11, R12; /* A[1]*A[3] */  ADCXQ  CX, R11; \
-    MULXQ 16+x,  AX, R13; /* A[2]*A[3] */  ADCXQ  AX, R12; \
-    MOVQ   8+x,  DX; /* A[1] */            ADCXQ R15, R13; \
-    MULXQ 16+x,  AX,  CX; /* A[2]*A[1] */  MOVL   $0, R14; \
-    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;  ADCXQ R15, R14; \
-    XORL  R15, R15; \
-    ADOXQ  AX, R10;  ADCXQ  R8,  R8; \
-    ADOXQ  CX, R11;  ADCXQ  R9,  R9; \
-    ADOXQ R15, R12;  ADCXQ R10, R10; \
-    ADOXQ R15, R13;  ADCXQ R11, R11; \
-    ADOXQ R15, R14;  ADCXQ R12, R12; \
-    ;;;;;;;;;;;;;;;  ADCXQ R13, R13; \
-    ;;;;;;;;;;;;;;;  ADCXQ R14, R14; \
-    MOVQ  0+x, DX;  MULXQ DX, AX, CX; /* A[0]^2 */ \
-    ;;;;;;;;;;;;;;;  MOVQ  AX,  0+z; \
-    ADDQ CX,  R8;    MOVQ  R8,  8+z; \
-    MOVQ  8+x, DX;  MULXQ DX, AX, CX; /* A[1]^2 */ \
-    ADCQ AX,  R9;    MOVQ  R9, 16+z; \
-    ADCQ CX, R10;    MOVQ R10, 24+z; \
-    MOVQ 16+x, DX;  MULXQ DX, AX, CX; /* A[2]^2 */ \
-    ADCQ AX, R11;    MOVQ R11, 32+z; \
-    ADCQ CX, R12;    MOVQ R12, 40+z; \
-    MOVQ 24+x, DX;  MULXQ DX, AX, CX; /* A[3]^2 */ \
-    ADCQ AX, R13;    MOVQ R13, 48+z; \
-    ADCQ CX, R14;    MOVQ R14, 56+z;
-
-// reduceFromDouble finds z congruent to x modulo p such that 0<z<2^256
-// Uses: AX, DX, R8-R13, FLAGS
-// Instr: x86_64
-#define reduceFromDoubleLeg(z,x) \
-    /* 2*C = 38 = 2^256 */ \
-    MOVL $38, AX; MULQ 32+x; MOVQ AX,  R8; MOVQ DX,  R9; /* C*C[4] */ \
-    MOVL $38, AX; MULQ 40+x; MOVQ AX, R12; MOVQ DX, R10; /* C*C[5] */ \
-    MOVL $38, AX; MULQ 48+x; MOVQ AX, R13; MOVQ DX, R11; /* C*C[6] */ \
-    MOVL $38, AX; MULQ 56+x; /* C*C[7] */ \
-    ADDQ R12,  R9; \
-    ADCQ R13, R10; \
-    ADCQ  AX, R11; \
-    ADCQ  $0,  DX; \
-    ADDQ  0+x,  R8; \
-    ADCQ  8+x,  R9; \
-    ADCQ 16+x, R10; \
-    ADCQ 24+x, R11; \
-    ADCQ    $0, DX; \
-    MOVL $38, AX; \
-    IMULQ AX, DX; /* C*C[4], CF=0, OF=0 */ \
-    ADDQ DX,  R8; \
-    ADCQ $0,  R9; MOVQ  R9,  8+z; \
-    ADCQ $0, R10; MOVQ R10, 16+z; \
-    ADCQ $0, R11; MOVQ R11, 24+z; \
-    MOVL $0,  DX; \
-    CMOVQCS AX, DX; \
-    ADDQ DX,  R8; MOVQ  R8,  0+z;
-
-// reduceFromDoubleAdx finds z congruent to x modulo p such that 0<z<2^256
-// Uses: AX, DX, R8-R13, FLAGS
-// Instr: x86_64, bmi2, adx
-#define reduceFromDoubleAdx(z,x) \
-    MOVL    $38,  DX; /* 2*C = 38 = 2^256 */ \
-    MULXQ 32+x,  R8, R10; /* C*C[4] */  XORL AX, AX;     ADOXQ  0+x,  R8; \
-    MULXQ 40+x,  R9, R11; /* C*C[5] */  ADCXQ R10,  R9;  ADOXQ  8+x,  R9; \
-    MULXQ 48+x, R10, R13; /* C*C[6] */  ADCXQ R11, R10;  ADOXQ 16+x, R10; \
-    MULXQ 56+x, R11, R12; /* C*C[7] */  ADCXQ R13, R11;  ADOXQ 24+x, R11; \
-    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;  ADCXQ  AX, R12;  ADOXQ   AX, R12; \
-    IMULQ  DX, R12; /* C*C[4], CF=0, OF=0 */ \
-    ADCXQ R12, R8; \
-    ADCXQ AX,  R9; MOVQ  R9,  8+z; \
-    ADCXQ AX, R10; MOVQ R10, 16+z; \
-    ADCXQ AX, R11; MOVQ R11, 24+z; \
-    MOVL  $0, R12; \
-    CMOVQCS DX, R12; \
-    ADDQ R12,  R8; MOVQ  R8,  0+z;
-
-// addSub calculates two operations: x,y = x+y,x-y
-// Uses: AX, DX, R8-R15, FLAGS
-#define addSub(x,y) \
-    MOVL $38, AX; \
-    XORL  DX, DX; \
-    MOVQ  0+x,  R8;  MOVQ  R8, R12;  ADDQ  0+y,  R8; \
-    MOVQ  8+x,  R9;  MOVQ  R9, R13;  ADCQ  8+y,  R9; \
-    MOVQ 16+x, R10;  MOVQ R10, R14;  ADCQ 16+y, R10; \
-    MOVQ 24+x, R11;  MOVQ R11, R15;  ADCQ 24+y, R11; \
-    CMOVQCS AX, DX; \
-    XORL AX,  AX; \
-    ADDQ DX,  R8; \
-    ADCQ $0,  R9; \
-    ADCQ $0, R10; \
-    ADCQ $0, R11; \
-    MOVL $38, DX; \
-    CMOVQCS DX, AX; \
-    ADDQ  AX, R8; \
-    MOVL $38, AX; \
-    SUBQ  0+y, R12; \
-    SBBQ  8+y, R13; \
-    SBBQ 16+y, R14; \
-    SBBQ 24+y, R15; \
-    MOVL $0, DX; \
-    CMOVQCS AX, DX; \
-    SUBQ DX, R12; \
-    SBBQ $0, R13; \
-    SBBQ $0, R14; \
-    SBBQ $0, R15; \
-    MOVL $0,  DX; \
-    CMOVQCS AX, DX; \
-    SUBQ DX, R12; \
-    MOVQ  R8,  0+x; \
-    MOVQ  R9,  8+x; \
-    MOVQ R10, 16+x; \
-    MOVQ R11, 24+x; \
-    MOVQ R12,  0+y; \
-    MOVQ R13,  8+y; \
-    MOVQ R14, 16+y; \
-    MOVQ R15, 24+y;
diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.s b/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.s
deleted file mode 100644
index 1fcc2dee17..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.s
+++ /dev/null
@@ -1,112 +0,0 @@
-//go:build amd64 && !purego
-// +build amd64,!purego
-
-#include "textflag.h"
-#include "fp_amd64.h"
-
-// func cmovAmd64(x, y *Elt, n uint)
-TEXT ·cmovAmd64(SB),NOSPLIT,$0-24
-    MOVQ x+0(FP), DI
-    MOVQ y+8(FP), SI
-    MOVQ n+16(FP), BX
-    cselect(0(DI),0(SI),BX)
-    RET
-
-// func cswapAmd64(x, y *Elt, n uint)
-TEXT ·cswapAmd64(SB),NOSPLIT,$0-24
-    MOVQ x+0(FP), DI
-    MOVQ y+8(FP), SI
-    MOVQ n+16(FP), BX
-    cswap(0(DI),0(SI),BX)
-    RET
-
-// func subAmd64(z, x, y *Elt)
-TEXT ·subAmd64(SB),NOSPLIT,$0-24
-    MOVQ z+0(FP), DI
-    MOVQ x+8(FP), SI
-    MOVQ y+16(FP), BX
-    subtraction(0(DI),0(SI),0(BX))
-    RET
-
-// func addsubAmd64(x, y *Elt)
-TEXT ·addsubAmd64(SB),NOSPLIT,$0-16
-    MOVQ x+0(FP), DI
-    MOVQ y+8(FP), SI
-    addSub(0(DI),0(SI))
-    RET
-
-#define addLegacy \
-    additionLeg(0(DI),0(SI),0(BX))
-#define addBmi2Adx \
-    additionAdx(0(DI),0(SI),0(BX))
-
-#define mulLegacy \
-    integerMulLeg(0(SP),0(SI),0(BX)) \
-    reduceFromDoubleLeg(0(DI),0(SP))
-#define mulBmi2Adx \
-    integerMulAdx(0(SP),0(SI),0(BX)) \
-    reduceFromDoubleAdx(0(DI),0(SP))
-
-#define sqrLegacy \
-    integerSqrLeg(0(SP),0(SI)) \
-    reduceFromDoubleLeg(0(DI),0(SP))
-#define sqrBmi2Adx \
-    integerSqrAdx(0(SP),0(SI)) \
-    reduceFromDoubleAdx(0(DI),0(SP))
-
-// func addAmd64(z, x, y *Elt)
-TEXT ·addAmd64(SB),NOSPLIT,$0-24
-    MOVQ z+0(FP), DI
-    MOVQ x+8(FP), SI
-    MOVQ y+16(FP), BX
-    CHECK_BMI2ADX(LADD, addLegacy, addBmi2Adx)
-
-// func mulAmd64(z, x, y *Elt)
-TEXT ·mulAmd64(SB),NOSPLIT,$64-24
-    MOVQ z+0(FP), DI
-    MOVQ x+8(FP), SI
-    MOVQ y+16(FP), BX
-    CHECK_BMI2ADX(LMUL, mulLegacy, mulBmi2Adx)
-
-// func sqrAmd64(z, x *Elt)
-TEXT ·sqrAmd64(SB),NOSPLIT,$64-16
-    MOVQ z+0(FP), DI
-    MOVQ x+8(FP), SI
-    CHECK_BMI2ADX(LSQR, sqrLegacy, sqrBmi2Adx)
-
-// func modpAmd64(z *Elt)
-TEXT ·modpAmd64(SB),NOSPLIT,$0-8
-    MOVQ z+0(FP), DI
-
-    MOVQ   (DI),  R8
-    MOVQ  8(DI),  R9
-    MOVQ 16(DI), R10
-    MOVQ 24(DI), R11
-
-    MOVL $19, AX
-    MOVL $38, CX
-
-    BTRQ $63, R11 // PUT BIT 255 IN CARRY FLAG AND CLEAR
-    CMOVLCC AX, CX // C[255] ? 38 : 19
-
-    // ADD EITHER 19 OR 38 TO C
-    ADDQ CX,  R8
-    ADCQ $0,  R9
-    ADCQ $0, R10
-    ADCQ $0, R11
-
-    // TEST FOR BIT 255 AGAIN; ONLY TRIGGERED ON OVERFLOW MODULO 2^255-19
-    MOVL     $0,  CX
-    CMOVLPL  AX,  CX // C[255] ? 0 : 19
-    BTRQ    $63, R11 // CLEAR BIT 255
-
-    // SUBTRACT 19 IF NECESSARY
-    SUBQ CX,  R8
-    MOVQ  R8,   (DI)
-    SBBQ $0,  R9
-    MOVQ  R9,  8(DI)
-    SBBQ $0, R10
-    MOVQ R10, 16(DI)
-    SBBQ $0, R11
-    MOVQ R11, 24(DI)
-    RET
diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_generic.go b/vendor/github.com/cloudflare/circl/math/fp25519/fp_generic.go
deleted file mode 100644
index 32bc582a25..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp25519/fp_generic.go
+++ /dev/null
@@ -1,317 +0,0 @@
-package fp25519
-
-import (
-	"encoding/binary"
-	"math/bits"
-)
-
-func cmovGeneric(x, y *Elt, n uint) {
-	m := -uint64(n & 0x1)
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-
-	y0 := binary.LittleEndian.Uint64(y[0*8 : 1*8])
-	y1 := binary.LittleEndian.Uint64(y[1*8 : 2*8])
-	y2 := binary.LittleEndian.Uint64(y[2*8 : 3*8])
-	y3 := binary.LittleEndian.Uint64(y[3*8 : 4*8])
-
-	x0 = (x0 &^ m) | (y0 & m)
-	x1 = (x1 &^ m) | (y1 & m)
-	x2 = (x2 &^ m) | (y2 & m)
-	x3 = (x3 &^ m) | (y3 & m)
-
-	binary.LittleEndian.PutUint64(x[0*8:1*8], x0)
-	binary.LittleEndian.PutUint64(x[1*8:2*8], x1)
-	binary.LittleEndian.PutUint64(x[2*8:3*8], x2)
-	binary.LittleEndian.PutUint64(x[3*8:4*8], x3)
-}
-
-func cswapGeneric(x, y *Elt, n uint) {
-	m := -uint64(n & 0x1)
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-
-	y0 := binary.LittleEndian.Uint64(y[0*8 : 1*8])
-	y1 := binary.LittleEndian.Uint64(y[1*8 : 2*8])
-	y2 := binary.LittleEndian.Uint64(y[2*8 : 3*8])
-	y3 := binary.LittleEndian.Uint64(y[3*8 : 4*8])
-
-	t0 := m & (x0 ^ y0)
-	t1 := m & (x1 ^ y1)
-	t2 := m & (x2 ^ y2)
-	t3 := m & (x3 ^ y3)
-	x0 ^= t0
-	x1 ^= t1
-	x2 ^= t2
-	x3 ^= t3
-	y0 ^= t0
-	y1 ^= t1
-	y2 ^= t2
-	y3 ^= t3
-
-	binary.LittleEndian.PutUint64(x[0*8:1*8], x0)
-	binary.LittleEndian.PutUint64(x[1*8:2*8], x1)
-	binary.LittleEndian.PutUint64(x[2*8:3*8], x2)
-	binary.LittleEndian.PutUint64(x[3*8:4*8], x3)
-
-	binary.LittleEndian.PutUint64(y[0*8:1*8], y0)
-	binary.LittleEndian.PutUint64(y[1*8:2*8], y1)
-	binary.LittleEndian.PutUint64(y[2*8:3*8], y2)
-	binary.LittleEndian.PutUint64(y[3*8:4*8], y3)
-}
-
-func addGeneric(z, x, y *Elt) {
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-
-	y0 := binary.LittleEndian.Uint64(y[0*8 : 1*8])
-	y1 := binary.LittleEndian.Uint64(y[1*8 : 2*8])
-	y2 := binary.LittleEndian.Uint64(y[2*8 : 3*8])
-	y3 := binary.LittleEndian.Uint64(y[3*8 : 4*8])
-
-	z0, c0 := bits.Add64(x0, y0, 0)
-	z1, c1 := bits.Add64(x1, y1, c0)
-	z2, c2 := bits.Add64(x2, y2, c1)
-	z3, c3 := bits.Add64(x3, y3, c2)
-
-	z0, c0 = bits.Add64(z0, (-c3)&38, 0)
-	z1, c1 = bits.Add64(z1, 0, c0)
-	z2, c2 = bits.Add64(z2, 0, c1)
-	z3, c3 = bits.Add64(z3, 0, c2)
-	z0, _ = bits.Add64(z0, (-c3)&38, 0)
-
-	binary.LittleEndian.PutUint64(z[0*8:1*8], z0)
-	binary.LittleEndian.PutUint64(z[1*8:2*8], z1)
-	binary.LittleEndian.PutUint64(z[2*8:3*8], z2)
-	binary.LittleEndian.PutUint64(z[3*8:4*8], z3)
-}
-
-func subGeneric(z, x, y *Elt) {
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-
-	y0 := binary.LittleEndian.Uint64(y[0*8 : 1*8])
-	y1 := binary.LittleEndian.Uint64(y[1*8 : 2*8])
-	y2 := binary.LittleEndian.Uint64(y[2*8 : 3*8])
-	y3 := binary.LittleEndian.Uint64(y[3*8 : 4*8])
-
-	z0, c0 := bits.Sub64(x0, y0, 0)
-	z1, c1 := bits.Sub64(x1, y1, c0)
-	z2, c2 := bits.Sub64(x2, y2, c1)
-	z3, c3 := bits.Sub64(x3, y3, c2)
-
-	z0, c0 = bits.Sub64(z0, (-c3)&38, 0)
-	z1, c1 = bits.Sub64(z1, 0, c0)
-	z2, c2 = bits.Sub64(z2, 0, c1)
-	z3, c3 = bits.Sub64(z3, 0, c2)
-	z0, _ = bits.Sub64(z0, (-c3)&38, 0)
-
-	binary.LittleEndian.PutUint64(z[0*8:1*8], z0)
-	binary.LittleEndian.PutUint64(z[1*8:2*8], z1)
-	binary.LittleEndian.PutUint64(z[2*8:3*8], z2)
-	binary.LittleEndian.PutUint64(z[3*8:4*8], z3)
-}
-
-func addsubGeneric(x, y *Elt) {
-	z := &Elt{}
-	addGeneric(z, x, y)
-	subGeneric(y, x, y)
-	*x = *z
-}
-
-func mulGeneric(z, x, y *Elt) {
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-
-	y0 := binary.LittleEndian.Uint64(y[0*8 : 1*8])
-	y1 := binary.LittleEndian.Uint64(y[1*8 : 2*8])
-	y2 := binary.LittleEndian.Uint64(y[2*8 : 3*8])
-	y3 := binary.LittleEndian.Uint64(y[3*8 : 4*8])
-
-	yi := y0
-	h0, l0 := bits.Mul64(x0, yi)
-	h1, l1 := bits.Mul64(x1, yi)
-	h2, l2 := bits.Mul64(x2, yi)
-	h3, l3 := bits.Mul64(x3, yi)
-
-	z0 := l0
-	a0, c0 := bits.Add64(h0, l1, 0)
-	a1, c1 := bits.Add64(h1, l2, c0)
-	a2, c2 := bits.Add64(h2, l3, c1)
-	a3, _ := bits.Add64(h3, 0, c2)
-
-	yi = y1
-	h0, l0 = bits.Mul64(x0, yi)
-	h1, l1 = bits.Mul64(x1, yi)
-	h2, l2 = bits.Mul64(x2, yi)
-	h3, l3 = bits.Mul64(x3, yi)
-
-	z1, c0 := bits.Add64(a0, l0, 0)
-	h0, c1 = bits.Add64(h0, l1, c0)
-	h1, c2 = bits.Add64(h1, l2, c1)
-	h2, c3 := bits.Add64(h2, l3, c2)
-	h3, _ = bits.Add64(h3, 0, c3)
-
-	a0, c0 = bits.Add64(a1, h0, 0)
-	a1, c1 = bits.Add64(a2, h1, c0)
-	a2, c2 = bits.Add64(a3, h2, c1)
-	a3, _ = bits.Add64(0, h3, c2)
-
-	yi = y2
-	h0, l0 = bits.Mul64(x0, yi)
-	h1, l1 = bits.Mul64(x1, yi)
-	h2, l2 = bits.Mul64(x2, yi)
-	h3, l3 = bits.Mul64(x3, yi)
-
-	z2, c0 := bits.Add64(a0, l0, 0)
-	h0, c1 = bits.Add64(h0, l1, c0)
-	h1, c2 = bits.Add64(h1, l2, c1)
-	h2, c3 = bits.Add64(h2, l3, c2)
-	h3, _ = bits.Add64(h3, 0, c3)
-
-	a0, c0 = bits.Add64(a1, h0, 0)
-	a1, c1 = bits.Add64(a2, h1, c0)
-	a2, c2 = bits.Add64(a3, h2, c1)
-	a3, _ = bits.Add64(0, h3, c2)
-
-	yi = y3
-	h0, l0 = bits.Mul64(x0, yi)
-	h1, l1 = bits.Mul64(x1, yi)
-	h2, l2 = bits.Mul64(x2, yi)
-	h3, l3 = bits.Mul64(x3, yi)
-
-	z3, c0 := bits.Add64(a0, l0, 0)
-	h0, c1 = bits.Add64(h0, l1, c0)
-	h1, c2 = bits.Add64(h1, l2, c1)
-	h2, c3 = bits.Add64(h2, l3, c2)
-	h3, _ = bits.Add64(h3, 0, c3)
-
-	z4, c0 := bits.Add64(a1, h0, 0)
-	z5, c1 := bits.Add64(a2, h1, c0)
-	z6, c2 := bits.Add64(a3, h2, c1)
-	z7, _ := bits.Add64(0, h3, c2)
-
-	red64(z, z0, z1, z2, z3, z4, z5, z6, z7)
-}
-
-func sqrGeneric(z, x *Elt) {
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-
-	h0, a0 := bits.Mul64(x0, x1)
-	h1, l1 := bits.Mul64(x0, x2)
-	h2, l2 := bits.Mul64(x0, x3)
-	h3, l3 := bits.Mul64(x3, x1)
-	h4, l4 := bits.Mul64(x3, x2)
-	h, l := bits.Mul64(x1, x2)
-
-	a1, c0 := bits.Add64(l1, h0, 0)
-	a2, c1 := bits.Add64(l2, h1, c0)
-	a3, c2 := bits.Add64(l3, h2, c1)
-	a4, c3 := bits.Add64(l4, h3, c2)
-	a5, _ := bits.Add64(h4, 0, c3)
-
-	a2, c0 = bits.Add64(a2, l, 0)
-	a3, c1 = bits.Add64(a3, h, c0)
-	a4, c2 = bits.Add64(a4, 0, c1)
-	a5, c3 = bits.Add64(a5, 0, c2)
-	a6, _ := bits.Add64(0, 0, c3)
-
-	a0, c0 = bits.Add64(a0, a0, 0)
-	a1, c1 = bits.Add64(a1, a1, c0)
-	a2, c2 = bits.Add64(a2, a2, c1)
-	a3, c3 = bits.Add64(a3, a3, c2)
-	a4, c4 := bits.Add64(a4, a4, c3)
-	a5, c5 := bits.Add64(a5, a5, c4)
-	a6, _ = bits.Add64(a6, a6, c5)
-
-	b1, b0 := bits.Mul64(x0, x0)
-	b3, b2 := bits.Mul64(x1, x1)
-	b5, b4 := bits.Mul64(x2, x2)
-	b7, b6 := bits.Mul64(x3, x3)
-
-	b1, c0 = bits.Add64(b1, a0, 0)
-	b2, c1 = bits.Add64(b2, a1, c0)
-	b3, c2 = bits.Add64(b3, a2, c1)
-	b4, c3 = bits.Add64(b4, a3, c2)
-	b5, c4 = bits.Add64(b5, a4, c3)
-	b6, c5 = bits.Add64(b6, a5, c4)
-	b7, _ = bits.Add64(b7, a6, c5)
-
-	red64(z, b0, b1, b2, b3, b4, b5, b6, b7)
-}
-
-func modpGeneric(x *Elt) {
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-
-	// CX = C[255] ? 38 : 19
-	cx := uint64(19) << (x3 >> 63)
-	// PUT BIT 255 IN CARRY FLAG AND CLEAR
-	x3 &^= 1 << 63
-
-	x0, c0 := bits.Add64(x0, cx, 0)
-	x1, c1 := bits.Add64(x1, 0, c0)
-	x2, c2 := bits.Add64(x2, 0, c1)
-	x3, _ = bits.Add64(x3, 0, c2)
-
-	// TEST FOR BIT 255 AGAIN; ONLY TRIGGERED ON OVERFLOW MODULO 2^255-19
-	// cx = C[255] ? 0 : 19
-	cx = uint64(19) &^ (-(x3 >> 63))
-	// CLEAR BIT 255
-	x3 &^= 1 << 63
-
-	x0, c0 = bits.Sub64(x0, cx, 0)
-	x1, c1 = bits.Sub64(x1, 0, c0)
-	x2, c2 = bits.Sub64(x2, 0, c1)
-	x3, _ = bits.Sub64(x3, 0, c2)
-
-	binary.LittleEndian.PutUint64(x[0*8:1*8], x0)
-	binary.LittleEndian.PutUint64(x[1*8:2*8], x1)
-	binary.LittleEndian.PutUint64(x[2*8:3*8], x2)
-	binary.LittleEndian.PutUint64(x[3*8:4*8], x3)
-}
-
-func red64(z *Elt, x0, x1, x2, x3, x4, x5, x6, x7 uint64) {
-	h0, l0 := bits.Mul64(x4, 38)
-	h1, l1 := bits.Mul64(x5, 38)
-	h2, l2 := bits.Mul64(x6, 38)
-	h3, l3 := bits.Mul64(x7, 38)
-
-	l1, c0 := bits.Add64(h0, l1, 0)
-	l2, c1 := bits.Add64(h1, l2, c0)
-	l3, c2 := bits.Add64(h2, l3, c1)
-	l4, _ := bits.Add64(h3, 0, c2)
-
-	l0, c0 = bits.Add64(l0, x0, 0)
-	l1, c1 = bits.Add64(l1, x1, c0)
-	l2, c2 = bits.Add64(l2, x2, c1)
-	l3, c3 := bits.Add64(l3, x3, c2)
-	l4, _ = bits.Add64(l4, 0, c3)
-
-	_, l4 = bits.Mul64(l4, 38)
-	l0, c0 = bits.Add64(l0, l4, 0)
-	z1, c1 := bits.Add64(l1, 0, c0)
-	z2, c2 := bits.Add64(l2, 0, c1)
-	z3, c3 := bits.Add64(l3, 0, c2)
-	z0, _ := bits.Add64(l0, (-c3)&38, 0)
-
-	binary.LittleEndian.PutUint64(z[0*8:1*8], z0)
-	binary.LittleEndian.PutUint64(z[1*8:2*8], z1)
-	binary.LittleEndian.PutUint64(z[2*8:3*8], z2)
-	binary.LittleEndian.PutUint64(z[3*8:4*8], z3)
-}
diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go b/vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go
deleted file mode 100644
index 26ca4d01b7..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go
+++ /dev/null
@@ -1,13 +0,0 @@
-//go:build !amd64 || purego
-// +build !amd64 purego
-
-package fp25519
-
-func cmov(x, y *Elt, n uint)  { cmovGeneric(x, y, n) }
-func cswap(x, y *Elt, n uint) { cswapGeneric(x, y, n) }
-func add(z, x, y *Elt)        { addGeneric(z, x, y) }
-func sub(z, x, y *Elt)        { subGeneric(z, x, y) }
-func addsub(x, y *Elt)        { addsubGeneric(x, y) }
-func mul(z, x, y *Elt)        { mulGeneric(z, x, y) }
-func sqr(z, x *Elt)           { sqrGeneric(z, x) }
-func modp(z *Elt)             { modpGeneric(z) }
diff --git a/vendor/github.com/cloudflare/circl/math/fp448/fp.go b/vendor/github.com/cloudflare/circl/math/fp448/fp.go
deleted file mode 100644
index a5e36600bb..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp448/fp.go
+++ /dev/null
@@ -1,164 +0,0 @@
-// Package fp448 provides prime field arithmetic over GF(2^448-2^224-1).
-package fp448
-
-import (
-	"errors"
-
-	"github.com/cloudflare/circl/internal/conv"
-)
-
-// Size in bytes of an element.
-const Size = 56
-
-// Elt is a prime field element.
-type Elt [Size]byte
-
-func (e Elt) String() string { return conv.BytesLe2Hex(e[:]) }
-
-// p is the prime modulus 2^448-2^224-1.
-var p = Elt{
-	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xff,
-	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-}
-
-// P returns the prime modulus 2^448-2^224-1.
-func P() Elt { return p }
-
-// ToBytes stores in b the little-endian byte representation of x.
-func ToBytes(b []byte, x *Elt) error {
-	if len(b) != Size {
-		return errors.New("wrong size")
-	}
-	Modp(x)
-	copy(b, x[:])
-	return nil
-}
-
-// IsZero returns true if x is equal to 0.
-func IsZero(x *Elt) bool { Modp(x); return *x == Elt{} }
-
-// IsOne returns true if x is equal to 1.
-func IsOne(x *Elt) bool { Modp(x); return *x == Elt{1} }
-
-// SetOne assigns x=1.
-func SetOne(x *Elt) { *x = Elt{1} }
-
-// One returns the 1 element.
-func One() (x Elt) { x = Elt{1}; return }
-
-// Neg calculates z = -x.
-func Neg(z, x *Elt) { Sub(z, &p, x) }
-
-// Modp ensures that z is between [0,p-1].
-func Modp(z *Elt) { Sub(z, z, &p) }
-
-// InvSqrt calculates z = sqrt(x/y) iff x/y is a quadratic-residue. If so,
-// isQR = true; otherwise, isQR = false, since x/y is a quadratic non-residue,
-// and z = sqrt(-x/y).
-func InvSqrt(z, x, y *Elt) (isQR bool) {
-	// First note that x^(2(k+1)) = x^(p-1)/2 * x = legendre(x) * x
-	// so that's x if x is a quadratic residue and -x otherwise.
-	// Next, y^(6k+3) = y^(4k+2) * y^(2k+1) = y^(p-1) * y^((p-1)/2) = legendre(y).
-	// So the z we compute satisfies z^2 y = x^(2(k+1)) y^(6k+3) = legendre(x)*legendre(y).
-	// Thus if x and y are quadratic residues, then z is indeed sqrt(x/y).
-	t0, t1 := &Elt{}, &Elt{}
-	Mul(t0, x, y)         // x*y
-	Sqr(t1, y)            // y^2
-	Mul(t1, t0, t1)       // x*y^3
-	powPminus3div4(z, t1) // (x*y^3)^k
-	Mul(z, z, t0)         // z = x*y*(x*y^3)^k = x^(k+1) * y^(3k+1)
-
-	// Check if x/y is a quadratic residue
-	Sqr(t0, z)     // z^2
-	Mul(t0, t0, y) // y*z^2
-	Sub(t0, t0, x) // y*z^2-x
-	return IsZero(t0)
-}
-
-// Inv calculates z = 1/x mod p.
-func Inv(z, x *Elt) {
-	// Calculates z = x^(4k+1) = x^(p-3+1) = x^(p-2) = x^-1, where k = (p-3)/4.
-	t := &Elt{}
-	powPminus3div4(t, x) // t = x^k
-	Sqr(t, t)            // t = x^2k
-	Sqr(t, t)            // t = x^4k
-	Mul(z, t, x)         // z = x^(4k+1)
-}
-
-// powPminus3div4 calculates z = x^k mod p, where k = (p-3)/4.
-func powPminus3div4(z, x *Elt) {
-	x0, x1 := &Elt{}, &Elt{}
-	Sqr(z, x)
-	Mul(z, z, x)
-	Sqr(x0, z)
-	Mul(x0, x0, x)
-	Sqr(z, x0)
-	Sqr(z, z)
-	Sqr(z, z)
-	Mul(z, z, x0)
-	Sqr(x1, z)
-	for i := 0; i < 5; i++ {
-		Sqr(x1, x1)
-	}
-	Mul(x1, x1, z)
-	Sqr(z, x1)
-	for i := 0; i < 11; i++ {
-		Sqr(z, z)
-	}
-	Mul(z, z, x1)
-	Sqr(z, z)
-	Sqr(z, z)
-	Sqr(z, z)
-	Mul(z, z, x0)
-	Sqr(x1, z)
-	for i := 0; i < 26; i++ {
-		Sqr(x1, x1)
-	}
-	Mul(x1, x1, z)
-	Sqr(z, x1)
-	for i := 0; i < 53; i++ {
-		Sqr(z, z)
-	}
-	Mul(z, z, x1)
-	Sqr(z, z)
-	Sqr(z, z)
-	Sqr(z, z)
-	Mul(z, z, x0)
-	Sqr(x1, z)
-	for i := 0; i < 110; i++ {
-		Sqr(x1, x1)
-	}
-	Mul(x1, x1, z)
-	Sqr(z, x1)
-	Mul(z, z, x)
-	for i := 0; i < 223; i++ {
-		Sqr(z, z)
-	}
-	Mul(z, z, x1)
-}
-
-// Cmov assigns y to x if n is 1.
-func Cmov(x, y *Elt, n uint) { cmov(x, y, n) }
-
-// Cswap interchanges x and y if n is 1.
-func Cswap(x, y *Elt, n uint) { cswap(x, y, n) }
-
-// Add calculates z = x+y mod p.
-func Add(z, x, y *Elt) { add(z, x, y) }
-
-// Sub calculates z = x-y mod p.
-func Sub(z, x, y *Elt) { sub(z, x, y) }
-
-// AddSub calculates (x,y) = (x+y mod p, x-y mod p).
-func AddSub(x, y *Elt) { addsub(x, y) }
-
-// Mul calculates z = x*y mod p.
-func Mul(z, x, y *Elt) { mul(z, x, y) }
-
-// Sqr calculates z = x^2 mod p.
-func Sqr(z, x *Elt) { sqr(z, x) }
diff --git a/vendor/github.com/cloudflare/circl/math/fp448/fp_amd64.go b/vendor/github.com/cloudflare/circl/math/fp448/fp_amd64.go
deleted file mode 100644
index 6a12209a70..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp448/fp_amd64.go
+++ /dev/null
@@ -1,43 +0,0 @@
-//go:build amd64 && !purego
-// +build amd64,!purego
-
-package fp448
-
-import (
-	"golang.org/x/sys/cpu"
-)
-
-var hasBmi2Adx = cpu.X86.HasBMI2 && cpu.X86.HasADX
-
-var _ = hasBmi2Adx
-
-func cmov(x, y *Elt, n uint)  { cmovAmd64(x, y, n) }
-func cswap(x, y *Elt, n uint) { cswapAmd64(x, y, n) }
-func add(z, x, y *Elt)        { addAmd64(z, x, y) }
-func sub(z, x, y *Elt)        { subAmd64(z, x, y) }
-func addsub(x, y *Elt)        { addsubAmd64(x, y) }
-func mul(z, x, y *Elt)        { mulAmd64(z, x, y) }
-func sqr(z, x *Elt)           { sqrAmd64(z, x) }
-
-/* Functions defined in fp_amd64.s */
-
-//go:noescape
-func cmovAmd64(x, y *Elt, n uint)
-
-//go:noescape
-func cswapAmd64(x, y *Elt, n uint)
-
-//go:noescape
-func addAmd64(z, x, y *Elt)
-
-//go:noescape
-func subAmd64(z, x, y *Elt)
-
-//go:noescape
-func addsubAmd64(x, y *Elt)
-
-//go:noescape
-func mulAmd64(z, x, y *Elt)
-
-//go:noescape
-func sqrAmd64(z, x *Elt)
diff --git a/vendor/github.com/cloudflare/circl/math/fp448/fp_amd64.h b/vendor/github.com/cloudflare/circl/math/fp448/fp_amd64.h
deleted file mode 100644
index 536fe5bdfe..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp448/fp_amd64.h
+++ /dev/null
@@ -1,591 +0,0 @@
-// This code was imported from https://github.com/armfazh/rfc7748_precomputed
-
-// CHECK_BMI2ADX triggers bmi2adx if supported,
-// otherwise it fallbacks to legacy code.
-#define CHECK_BMI2ADX(label, legacy, bmi2adx) \
-    CMPB ·hasBmi2Adx(SB), $0  \
-    JE label                  \
-    bmi2adx                   \
-    RET                       \
-    label:                    \
-    legacy                    \
-    RET
-
-// cselect is a conditional move
-// if b=1: it copies y into x;
-// if b=0: x remains with the same value;
-// if b<> 0,1: undefined.
-// Uses: AX, DX, FLAGS
-// Instr: x86_64, cmov
-#define cselect(x,y,b) \
-    TESTQ b, b \
-    MOVQ  0+x, AX; MOVQ  0+y, DX; CMOVQNE DX, AX; MOVQ AX,  0+x; \
-    MOVQ  8+x, AX; MOVQ  8+y, DX; CMOVQNE DX, AX; MOVQ AX,  8+x; \
-    MOVQ 16+x, AX; MOVQ 16+y, DX; CMOVQNE DX, AX; MOVQ AX, 16+x; \
-    MOVQ 24+x, AX; MOVQ 24+y, DX; CMOVQNE DX, AX; MOVQ AX, 24+x; \
-    MOVQ 32+x, AX; MOVQ 32+y, DX; CMOVQNE DX, AX; MOVQ AX, 32+x; \
-    MOVQ 40+x, AX; MOVQ 40+y, DX; CMOVQNE DX, AX; MOVQ AX, 40+x; \
-    MOVQ 48+x, AX; MOVQ 48+y, DX; CMOVQNE DX, AX; MOVQ AX, 48+x;
-
-// cswap is a conditional swap
-// if b=1: x,y <- y,x;
-// if b=0: x,y remain with the same values;
-// if b<> 0,1: undefined.
-// Uses: AX, DX, R8, FLAGS
-// Instr: x86_64, cmov
-#define cswap(x,y,b) \
-    TESTQ b, b \
-    MOVQ  0+x, AX; MOVQ AX, R8; MOVQ  0+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX,  0+x; MOVQ DX,  0+y; \
-    MOVQ  8+x, AX; MOVQ AX, R8; MOVQ  8+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX,  8+x; MOVQ DX,  8+y; \
-    MOVQ 16+x, AX; MOVQ AX, R8; MOVQ 16+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 16+x; MOVQ DX, 16+y; \
-    MOVQ 24+x, AX; MOVQ AX, R8; MOVQ 24+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 24+x; MOVQ DX, 24+y; \
-    MOVQ 32+x, AX; MOVQ AX, R8; MOVQ 32+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 32+x; MOVQ DX, 32+y; \
-    MOVQ 40+x, AX; MOVQ AX, R8; MOVQ 40+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 40+x; MOVQ DX, 40+y; \
-    MOVQ 48+x, AX; MOVQ AX, R8; MOVQ 48+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 48+x; MOVQ DX, 48+y;
-
-// additionLeg adds x and y and stores in z
-// Uses: AX, DX, R8-R14, FLAGS
-// Instr: x86_64
-#define additionLeg(z,x,y) \
-    MOVQ  0+x,  R8;  ADDQ  0+y,  R8; \
-    MOVQ  8+x,  R9;  ADCQ  8+y,  R9; \
-    MOVQ 16+x, R10;  ADCQ 16+y, R10; \
-    MOVQ 24+x, R11;  ADCQ 24+y, R11; \
-    MOVQ 32+x, R12;  ADCQ 32+y, R12; \
-    MOVQ 40+x, R13;  ADCQ 40+y, R13; \
-    MOVQ 48+x, R14;  ADCQ 48+y, R14; \
-    MOVQ   $0,  AX;  ADCQ   $0,  AX; \
-    MOVQ AX,  DX; \
-    SHLQ $32, DX; \
-    ADDQ AX,  R8; MOVQ  $0, AX; \
-    ADCQ $0,  R9; \
-    ADCQ $0, R10; \
-    ADCQ DX, R11; \
-    ADCQ $0, R12; \
-    ADCQ $0, R13; \
-    ADCQ $0, R14; \
-    ADCQ $0,  AX; \
-    MOVQ AX,  DX; \
-    SHLQ $32, DX; \
-    ADDQ AX,  R8;  MOVQ  R8,  0+z; \
-    ADCQ $0,  R9;  MOVQ  R9,  8+z; \
-    ADCQ $0, R10;  MOVQ R10, 16+z; \
-    ADCQ DX, R11;  MOVQ R11, 24+z; \
-    ADCQ $0, R12;  MOVQ R12, 32+z; \
-    ADCQ $0, R13;  MOVQ R13, 40+z; \
-    ADCQ $0, R14;  MOVQ R14, 48+z;
-
-
-// additionAdx adds x and y and stores in z
-// Uses: AX, DX, R8-R15, FLAGS
-// Instr: x86_64, adx
-#define additionAdx(z,x,y) \
-    MOVL $32, R15; \
-    XORL DX, DX; \
-    MOVQ  0+x,  R8;  ADCXQ  0+y,  R8; \
-    MOVQ  8+x,  R9;  ADCXQ  8+y,  R9; \
-    MOVQ 16+x, R10;  ADCXQ 16+y, R10; \
-    MOVQ 24+x, R11;  ADCXQ 24+y, R11; \
-    MOVQ 32+x, R12;  ADCXQ 32+y, R12; \
-    MOVQ 40+x, R13;  ADCXQ 40+y, R13; \
-    MOVQ 48+x, R14;  ADCXQ 48+y, R14; \
-    ;;;;;;;;;;;;;;;  ADCXQ   DX,  DX; \
-    XORL AX, AX; \
-    ADCXQ DX,  R8; SHLXQ R15, DX, DX; \
-    ADCXQ AX,  R9; \
-    ADCXQ AX, R10; \
-    ADCXQ DX, R11; \
-    ADCXQ AX, R12; \
-    ADCXQ AX, R13; \
-    ADCXQ AX, R14; \
-    ADCXQ AX,  AX; \
-    XORL  DX,  DX; \
-    ADCXQ AX,  R8;  MOVQ  R8,  0+z; SHLXQ R15, AX, AX; \
-    ADCXQ DX,  R9;  MOVQ  R9,  8+z; \
-    ADCXQ DX, R10;  MOVQ R10, 16+z; \
-    ADCXQ AX, R11;  MOVQ R11, 24+z; \
-    ADCXQ DX, R12;  MOVQ R12, 32+z; \
-    ADCXQ DX, R13;  MOVQ R13, 40+z; \
-    ADCXQ DX, R14;  MOVQ R14, 48+z;
-
-// subtraction subtracts y from x and stores in z
-// Uses: AX, DX, R8-R14, FLAGS
-// Instr: x86_64
-#define subtraction(z,x,y) \
-    MOVQ  0+x,  R8;  SUBQ  0+y,  R8; \
-    MOVQ  8+x,  R9;  SBBQ  8+y,  R9; \
-    MOVQ 16+x, R10;  SBBQ 16+y, R10; \
-    MOVQ 24+x, R11;  SBBQ 24+y, R11; \
-    MOVQ 32+x, R12;  SBBQ 32+y, R12; \
-    MOVQ 40+x, R13;  SBBQ 40+y, R13; \
-    MOVQ 48+x, R14;  SBBQ 48+y, R14; \
-    MOVQ   $0,  AX;  SETCS AX; \
-    MOVQ AX,  DX; \
-    SHLQ $32, DX; \
-    SUBQ AX,  R8; MOVQ  $0, AX; \
-    SBBQ $0,  R9; \
-    SBBQ $0, R10; \
-    SBBQ DX, R11; \
-    SBBQ $0, R12; \
-    SBBQ $0, R13; \
-    SBBQ $0, R14; \
-    SETCS AX; \
-    MOVQ AX,  DX; \
-    SHLQ $32, DX; \
-    SUBQ AX,  R8;  MOVQ  R8,  0+z; \
-    SBBQ $0,  R9;  MOVQ  R9,  8+z; \
-    SBBQ $0, R10;  MOVQ R10, 16+z; \
-    SBBQ DX, R11;  MOVQ R11, 24+z; \
-    SBBQ $0, R12;  MOVQ R12, 32+z; \
-    SBBQ $0, R13;  MOVQ R13, 40+z; \
-    SBBQ $0, R14;  MOVQ R14, 48+z;
-
-// maddBmi2Adx multiplies x and y and accumulates in z
-// Uses: AX, DX, R15, FLAGS
-// Instr: x86_64, bmi2, adx
-#define maddBmi2Adx(z,x,y,i,r0,r1,r2,r3,r4,r5,r6) \
-    MOVQ   i+y, DX; XORL AX, AX; \
-    MULXQ  0+x, AX, R8;  ADOXQ AX, r0;  ADCXQ R8, r1; MOVQ r0,i+z; \
-    MULXQ  8+x, AX, r0;  ADOXQ AX, r1;  ADCXQ r0, r2; MOVQ $0, R8; \
-    MULXQ 16+x, AX, r0;  ADOXQ AX, r2;  ADCXQ r0, r3; \
-    MULXQ 24+x, AX, r0;  ADOXQ AX, r3;  ADCXQ r0, r4; \
-    MULXQ 32+x, AX, r0;  ADOXQ AX, r4;  ADCXQ r0, r5; \
-    MULXQ 40+x, AX, r0;  ADOXQ AX, r5;  ADCXQ r0, r6; \
-    MULXQ 48+x, AX, r0;  ADOXQ AX, r6;  ADCXQ R8, r0; \
-    ;;;;;;;;;;;;;;;;;;;  ADOXQ R8, r0;
-
-// integerMulAdx multiplies x and y and stores in z
-// Uses: AX, DX, R8-R15, FLAGS
-// Instr: x86_64, bmi2, adx
-#define integerMulAdx(z,x,y) \
-    MOVL    $0,R15; \
-    MOVQ   0+y, DX;  XORL AX, AX;  MOVQ $0, R8; \
-    MULXQ  0+x, AX,  R9;  MOVQ  AX, 0+z; \
-    MULXQ  8+x, AX, R10;  ADCXQ AX,  R9; \
-    MULXQ 16+x, AX, R11;  ADCXQ AX, R10; \
-    MULXQ 24+x, AX, R12;  ADCXQ AX, R11; \
-    MULXQ 32+x, AX, R13;  ADCXQ AX, R12; \
-    MULXQ 40+x, AX, R14;  ADCXQ AX, R13; \
-    MULXQ 48+x, AX, R15;  ADCXQ AX, R14; \
-    ;;;;;;;;;;;;;;;;;;;;  ADCXQ R8, R15; \
-    maddBmi2Adx(z,x,y, 8, R9,R10,R11,R12,R13,R14,R15) \
-    maddBmi2Adx(z,x,y,16,R10,R11,R12,R13,R14,R15, R9) \
-    maddBmi2Adx(z,x,y,24,R11,R12,R13,R14,R15, R9,R10) \
-    maddBmi2Adx(z,x,y,32,R12,R13,R14,R15, R9,R10,R11) \
-    maddBmi2Adx(z,x,y,40,R13,R14,R15, R9,R10,R11,R12) \
-    maddBmi2Adx(z,x,y,48,R14,R15, R9,R10,R11,R12,R13) \
-    MOVQ R15,  56+z; \
-    MOVQ  R9,  64+z; \
-    MOVQ R10,  72+z; \
-    MOVQ R11,  80+z; \
-    MOVQ R12,  88+z; \
-    MOVQ R13,  96+z; \
-    MOVQ R14, 104+z;
-
-// maddLegacy multiplies x and y and accumulates in z
-// Uses: AX, DX, R15, FLAGS
-// Instr: x86_64
-#define maddLegacy(z,x,y,i) \
-    MOVQ  i+y, R15; \
-    MOVQ  0+x, AX; MULQ R15; MOVQ AX,  R8; ;;;;;;;;;;;; MOVQ DX,  R9; \
-    MOVQ  8+x, AX; MULQ R15; ADDQ AX,  R9; ADCQ $0, DX; MOVQ DX, R10; \
-    MOVQ 16+x, AX; MULQ R15; ADDQ AX, R10; ADCQ $0, DX; MOVQ DX, R11; \
-    MOVQ 24+x, AX; MULQ R15; ADDQ AX, R11; ADCQ $0, DX; MOVQ DX, R12; \
-    MOVQ 32+x, AX; MULQ R15; ADDQ AX, R12; ADCQ $0, DX; MOVQ DX, R13; \
-    MOVQ 40+x, AX; MULQ R15; ADDQ AX, R13; ADCQ $0, DX; MOVQ DX, R14; \
-    MOVQ 48+x, AX; MULQ R15; ADDQ AX, R14; ADCQ $0, DX; \
-    ADDQ  0+i+z,  R8; MOVQ  R8,  0+i+z; \
-    ADCQ  8+i+z,  R9; MOVQ  R9,  8+i+z; \
-    ADCQ 16+i+z, R10; MOVQ R10, 16+i+z; \
-    ADCQ 24+i+z, R11; MOVQ R11, 24+i+z; \
-    ADCQ 32+i+z, R12; MOVQ R12, 32+i+z; \
-    ADCQ 40+i+z, R13; MOVQ R13, 40+i+z; \
-    ADCQ 48+i+z, R14; MOVQ R14, 48+i+z; \
-    ADCQ     $0,  DX; MOVQ  DX, 56+i+z;
-
-// integerMulLeg multiplies x and y and stores in z
-// Uses: AX, DX, R8-R15, FLAGS
-// Instr: x86_64
-#define integerMulLeg(z,x,y) \
-    MOVQ  0+y, R15; \
-    MOVQ  0+x, AX; MULQ R15; MOVQ AX, 0+z; ;;;;;;;;;;;; MOVQ DX,  R8; \
-    MOVQ  8+x, AX; MULQ R15; ADDQ AX,  R8; ADCQ $0, DX; MOVQ DX,  R9; MOVQ  R8,  8+z; \
-    MOVQ 16+x, AX; MULQ R15; ADDQ AX,  R9; ADCQ $0, DX; MOVQ DX, R10; MOVQ  R9, 16+z; \
-    MOVQ 24+x, AX; MULQ R15; ADDQ AX, R10; ADCQ $0, DX; MOVQ DX, R11; MOVQ R10, 24+z; \
-    MOVQ 32+x, AX; MULQ R15; ADDQ AX, R11; ADCQ $0, DX; MOVQ DX, R12; MOVQ R11, 32+z; \
-    MOVQ 40+x, AX; MULQ R15; ADDQ AX, R12; ADCQ $0, DX; MOVQ DX, R13; MOVQ R12, 40+z; \
-    MOVQ 48+x, AX; MULQ R15; ADDQ AX, R13; ADCQ $0, DX; MOVQ DX,56+z; MOVQ R13, 48+z; \
-    maddLegacy(z,x,y, 8) \
-    maddLegacy(z,x,y,16) \
-    maddLegacy(z,x,y,24) \
-    maddLegacy(z,x,y,32) \
-    maddLegacy(z,x,y,40) \
-    maddLegacy(z,x,y,48)
-
-// integerSqrLeg squares x and stores in z
-// Uses: AX, CX, DX, R8-R15, FLAGS
-// Instr: x86_64
-#define integerSqrLeg(z,x) \
-    XORL R15, R15; \
-    MOVQ  0+x, CX; \
-    MOVQ   CX, AX; MULQ CX; MOVQ AX, 0+z; MOVQ DX, R8; \
-    ADDQ   CX, CX; ADCQ $0, R15; \
-    MOVQ  8+x, AX; MULQ CX; ADDQ AX,  R8; ADCQ $0, DX; MOVQ DX,  R9; MOVQ R8, 8+z; \
-    MOVQ 16+x, AX; MULQ CX; ADDQ AX,  R9; ADCQ $0, DX; MOVQ DX, R10; \
-    MOVQ 24+x, AX; MULQ CX; ADDQ AX, R10; ADCQ $0, DX; MOVQ DX, R11; \
-    MOVQ 32+x, AX; MULQ CX; ADDQ AX, R11; ADCQ $0, DX; MOVQ DX, R12; \
-    MOVQ 40+x, AX; MULQ CX; ADDQ AX, R12; ADCQ $0, DX; MOVQ DX, R13; \
-    MOVQ 48+x, AX; MULQ CX; ADDQ AX, R13; ADCQ $0, DX; MOVQ DX, R14; \
-    \
-    MOVQ  8+x, CX; \
-    MOVQ   CX, AX; ADDQ R15, CX; MOVQ $0, R15; ADCQ $0, R15; \
-    ;;;;;;;;;;;;;; MULQ CX; ADDQ  AX, R9; ADCQ $0, DX; MOVQ R9,16+z; \
-    MOVQ  R15, AX; NEGQ AX; ANDQ 8+x, AX; ADDQ AX, DX; ADCQ $0, R11; MOVQ DX, R8; \
-    ADDQ  8+x, CX; ADCQ $0, R15; \
-    MOVQ 16+x, AX; MULQ CX; ADDQ AX, R10; ADCQ $0, DX; ADDQ R8, R10; ADCQ $0, DX; MOVQ DX, R8; MOVQ R10, 24+z; \
-    MOVQ 24+x, AX; MULQ CX; ADDQ AX, R11; ADCQ $0, DX; ADDQ R8, R11; ADCQ $0, DX; MOVQ DX, R8; \
-    MOVQ 32+x, AX; MULQ CX; ADDQ AX, R12; ADCQ $0, DX; ADDQ R8, R12; ADCQ $0, DX; MOVQ DX, R8; \
-    MOVQ 40+x, AX; MULQ CX; ADDQ AX, R13; ADCQ $0, DX; ADDQ R8, R13; ADCQ $0, DX; MOVQ DX, R8; \
-    MOVQ 48+x, AX; MULQ CX; ADDQ AX, R14; ADCQ $0, DX; ADDQ R8, R14; ADCQ $0, DX; MOVQ DX, R9; \
-    \
-    MOVQ 16+x, CX; \
-    MOVQ   CX, AX; ADDQ R15, CX; MOVQ $0, R15; ADCQ $0, R15; \
-    ;;;;;;;;;;;;;; MULQ CX; ADDQ AX, R11; ADCQ $0, DX; MOVQ R11, 32+z; \
-    MOVQ  R15, AX; NEGQ AX; ANDQ 16+x,AX; ADDQ AX, DX; ADCQ $0, R13; MOVQ DX, R8; \
-    ADDQ 16+x, CX; ADCQ $0, R15; \
-    MOVQ 24+x, AX; MULQ CX; ADDQ AX, R12; ADCQ $0, DX; ADDQ R8, R12; ADCQ $0, DX; MOVQ DX, R8; MOVQ R12, 40+z; \
-    MOVQ 32+x, AX; MULQ CX; ADDQ AX, R13; ADCQ $0, DX; ADDQ R8, R13; ADCQ $0, DX; MOVQ DX, R8; \
-    MOVQ 40+x, AX; MULQ CX; ADDQ AX, R14; ADCQ $0, DX; ADDQ R8, R14; ADCQ $0, DX; MOVQ DX, R8; \
-    MOVQ 48+x, AX; MULQ CX; ADDQ AX,  R9; ADCQ $0, DX; ADDQ R8,  R9; ADCQ $0, DX; MOVQ DX,R10; \
-    \
-    MOVQ 24+x, CX; \
-    MOVQ   CX, AX; ADDQ R15, CX; MOVQ $0, R15; ADCQ $0, R15; \
-    ;;;;;;;;;;;;;; MULQ CX; ADDQ AX, R13; ADCQ $0, DX; MOVQ R13, 48+z; \
-    MOVQ  R15, AX; NEGQ AX; ANDQ 24+x,AX; ADDQ AX, DX; ADCQ $0,  R9; MOVQ DX, R8; \
-    ADDQ 24+x, CX; ADCQ $0, R15; \
-    MOVQ 32+x, AX; MULQ CX; ADDQ AX, R14; ADCQ $0, DX; ADDQ R8, R14; ADCQ $0, DX; MOVQ DX, R8; MOVQ R14, 56+z; \
-    MOVQ 40+x, AX; MULQ CX; ADDQ AX,  R9; ADCQ $0, DX; ADDQ R8,  R9; ADCQ $0, DX; MOVQ DX, R8; \
-    MOVQ 48+x, AX; MULQ CX; ADDQ AX, R10; ADCQ $0, DX; ADDQ R8, R10; ADCQ $0, DX; MOVQ DX,R11; \
-    \
-    MOVQ 32+x, CX; \
-    MOVQ   CX, AX; ADDQ R15, CX; MOVQ $0, R15; ADCQ $0, R15; \
-    ;;;;;;;;;;;;;; MULQ CX; ADDQ AX,  R9; ADCQ $0, DX; MOVQ R9, 64+z; \
-    MOVQ  R15, AX; NEGQ AX; ANDQ 32+x,AX; ADDQ AX, DX; ADCQ $0, R11; MOVQ DX, R8; \
-    ADDQ 32+x, CX; ADCQ $0, R15; \
-    MOVQ 40+x, AX; MULQ CX; ADDQ AX, R10; ADCQ $0, DX; ADDQ R8, R10; ADCQ $0, DX; MOVQ DX, R8; MOVQ R10, 72+z; \
-    MOVQ 48+x, AX; MULQ CX; ADDQ AX, R11; ADCQ $0, DX; ADDQ R8, R11; ADCQ $0, DX; MOVQ DX,R12; \
-    \
-    XORL R13, R13; \
-    XORL R14, R14; \
-    MOVQ 40+x, CX; \
-    MOVQ   CX, AX; ADDQ R15, CX; MOVQ $0, R15; ADCQ $0, R15; \
-    ;;;;;;;;;;;;;; MULQ CX; ADDQ AX, R11; ADCQ $0, DX; MOVQ R11, 80+z; \
-    MOVQ  R15, AX; NEGQ AX; ANDQ 40+x,AX; ADDQ AX, DX; ADCQ $0, R13; MOVQ DX, R8; \
-    ADDQ 40+x, CX; ADCQ $0, R15; \
-    MOVQ 48+x, AX; MULQ CX; ADDQ AX, R12; ADCQ $0, DX; ADDQ R8, R12; ADCQ $0, DX; MOVQ DX, R8; MOVQ R12, 88+z; \
-    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ADDQ R8, R13; ADCQ $0,R14; \
-    \
-    XORL   R9, R9; \
-    MOVQ 48+x, CX; \
-    MOVQ   CX, AX; ADDQ R15, CX; MOVQ $0, R15; ADCQ $0, R15; \
-    ;;;;;;;;;;;;;; MULQ CX; ADDQ AX, R13; ADCQ $0, DX; MOVQ R13, 96+z; \
-    MOVQ  R15, AX; NEGQ AX; ANDQ 48+x,AX; ADDQ AX, DX; ADCQ $0, R9; MOVQ DX, R8; \
-    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ADDQ R8,R14; ADCQ $0, R9; MOVQ R14, 104+z;
-
-
-// integerSqrAdx squares x and stores in z
-// Uses: AX, CX, DX, R8-R15, FLAGS
-// Instr: x86_64, bmi2, adx
-#define integerSqrAdx(z,x) \
-    XORL R15, R15; \
-    MOVQ  0+x, DX; \
-    ;;;;;;;;;;;;;; MULXQ DX, AX, R8; MOVQ AX, 0+z; \
-    ADDQ   DX, DX; ADCQ $0, R15; CLC; \
-    MULXQ  8+x, AX,  R9; ADCXQ AX,  R8; MOVQ R8, 8+z; \
-    MULXQ 16+x, AX, R10; ADCXQ AX,  R9; MOVQ $0, R8;\
-    MULXQ 24+x, AX, R11; ADCXQ AX, R10; \
-    MULXQ 32+x, AX, R12; ADCXQ AX, R11; \
-    MULXQ 40+x, AX, R13; ADCXQ AX, R12; \
-    MULXQ 48+x, AX, R14; ADCXQ AX, R13; \
-    ;;;;;;;;;;;;;;;;;;;; ADCXQ R8, R14; \
-    \
-    MOVQ  8+x, DX; \
-    MOVQ   DX, AX; ADDQ R15, DX; MOVQ $0, R15; ADCQ  $0, R15; \
-    MULXQ AX,  AX, CX; \
-    MOVQ R15,  R8; NEGQ R8; ANDQ 8+x, R8; \
-    ADDQ AX,  R9; MOVQ R9, 16+z; \
-    ADCQ CX,  R8; \
-    ADCQ $0, R11; \
-    ADDQ  8+x,  DX; \
-    ADCQ   $0, R15; \
-    XORL R9, R9; ;;;;;;;;;;;;;;;;;;;;; ADOXQ R8, R10; \
-    MULXQ 16+x, AX, CX; ADCXQ AX, R10; ADOXQ CX, R11; MOVQ R10, 24+z; \
-    MULXQ 24+x, AX, CX; ADCXQ AX, R11; ADOXQ CX, R12; MOVQ  $0, R10; \
-    MULXQ 32+x, AX, CX; ADCXQ AX, R12; ADOXQ CX, R13; \
-    MULXQ 40+x, AX, CX; ADCXQ AX, R13; ADOXQ CX, R14; \
-    MULXQ 48+x, AX, CX; ADCXQ AX, R14; ADOXQ CX,  R9; \
-    ;;;;;;;;;;;;;;;;;;; ADCXQ R10, R9; \
-    \
-    MOVQ 16+x, DX; \
-    MOVQ   DX, AX; ADDQ R15, DX; MOVQ $0, R15; ADCQ  $0, R15; \
-    MULXQ AX,  AX, CX; \
-    MOVQ R15,  R8; NEGQ R8; ANDQ 16+x, R8; \
-    ADDQ AX, R11; MOVQ R11, 32+z; \
-    ADCQ CX,  R8; \
-    ADCQ $0, R13; \
-    ADDQ 16+x,  DX; \
-    ADCQ   $0, R15; \
-    XORL R11, R11; ;;;;;;;;;;;;;;;;;;; ADOXQ R8, R12; \
-    MULXQ 24+x, AX, CX; ADCXQ AX, R12; ADOXQ CX, R13; MOVQ R12, 40+z; \
-    MULXQ 32+x, AX, CX; ADCXQ AX, R13; ADOXQ CX, R14; MOVQ  $0, R12; \
-    MULXQ 40+x, AX, CX; ADCXQ AX, R14; ADOXQ CX,  R9; \
-    MULXQ 48+x, AX, CX; ADCXQ AX,  R9; ADOXQ CX, R10; \
-    ;;;;;;;;;;;;;;;;;;; ADCXQ R11,R10; \
-    \
-    MOVQ 24+x, DX; \
-    MOVQ   DX, AX; ADDQ R15, DX; MOVQ $0, R15; ADCQ  $0, R15; \
-    MULXQ AX,  AX, CX; \
-    MOVQ R15,  R8; NEGQ R8; ANDQ 24+x, R8; \
-    ADDQ AX, R13; MOVQ R13, 48+z; \
-    ADCQ CX,  R8; \
-    ADCQ $0,  R9; \
-    ADDQ 24+x,  DX; \
-    ADCQ   $0, R15; \
-    XORL R13, R13; ;;;;;;;;;;;;;;;;;;; ADOXQ R8, R14; \
-    MULXQ 32+x, AX, CX; ADCXQ AX, R14; ADOXQ CX,  R9; MOVQ R14, 56+z; \
-    MULXQ 40+x, AX, CX; ADCXQ AX,  R9; ADOXQ CX, R10; MOVQ  $0, R14; \
-    MULXQ 48+x, AX, CX; ADCXQ AX, R10; ADOXQ CX, R11; \
-    ;;;;;;;;;;;;;;;;;;; ADCXQ R12,R11; \
-    \
-    MOVQ 32+x, DX; \
-    MOVQ   DX, AX; ADDQ R15, DX; MOVQ $0, R15; ADCQ  $0, R15; \
-    MULXQ AX,  AX, CX; \
-    MOVQ R15,  R8; NEGQ R8; ANDQ 32+x, R8; \
-    ADDQ AX,  R9; MOVQ R9, 64+z; \
-    ADCQ CX,  R8; \
-    ADCQ $0, R11; \
-    ADDQ 32+x,  DX; \
-    ADCQ   $0, R15; \
-    XORL R9, R9; ;;;;;;;;;;;;;;;;;;;;; ADOXQ R8, R10; \
-    MULXQ 40+x, AX, CX; ADCXQ AX, R10; ADOXQ CX, R11; MOVQ R10, 72+z; \
-    MULXQ 48+x, AX, CX; ADCXQ AX, R11; ADOXQ CX, R12; \
-    ;;;;;;;;;;;;;;;;;;; ADCXQ R13,R12; \
-    \
-    MOVQ 40+x, DX; \
-    MOVQ   DX, AX; ADDQ R15, DX; MOVQ $0, R15; ADCQ  $0, R15; \
-    MULXQ AX,  AX, CX; \
-    MOVQ R15,  R8; NEGQ R8; ANDQ 40+x, R8; \
-    ADDQ AX, R11; MOVQ R11, 80+z; \
-    ADCQ CX,  R8; \
-    ADCQ $0, R13; \
-    ADDQ 40+x,  DX; \
-    ADCQ   $0, R15; \
-    XORL R11, R11; ;;;;;;;;;;;;;;;;;;; ADOXQ R8, R12; \
-    MULXQ 48+x, AX, CX; ADCXQ AX, R12; ADOXQ CX, R13; MOVQ R12, 88+z; \
-    ;;;;;;;;;;;;;;;;;;; ADCXQ R14,R13; \
-    \
-    MOVQ 48+x, DX; \
-    MOVQ   DX, AX; ADDQ R15, DX; MOVQ $0, R15; ADCQ  $0, R15; \
-    MULXQ AX,  AX, CX; \
-    MOVQ R15,  R8; NEGQ R8; ANDQ 48+x, R8; \
-    XORL R10, R10; ;;;;;;;;;;;;;; ADOXQ CX, R14; \
-    ;;;;;;;;;;;;;; ADCXQ AX, R13; ;;;;;;;;;;;;;; MOVQ R13, 96+z; \
-    ;;;;;;;;;;;;;; ADCXQ R8, R14; MOVQ R14, 104+z;
-
-// reduceFromDoubleLeg finds a z=x modulo p such that z<2^448 and stores in z
-// Uses: AX, R8-R15, FLAGS
-// Instr: x86_64
-#define reduceFromDoubleLeg(z,x) \
-    /* (   ,2C13,2C12,2C11,2C10|C10,C9,C8, C7) + (C6,...,C0) */ \
-    /* (r14, r13, r12, r11,     r10,r9,r8,r15) */ \
-    MOVQ 80+x,AX; MOVQ AX,R10; \
-    MOVQ $0xFFFFFFFF00000000, R8; \
-    ANDQ R8,R10; \
-    \
-    MOVQ $0,R14; \
-    MOVQ 104+x,R13; SHLQ $1,R13,R14; \
-    MOVQ  96+x,R12; SHLQ $1,R12,R13; \
-    MOVQ  88+x,R11; SHLQ $1,R11,R12; \
-    MOVQ  72+x, R9; SHLQ $1,R10,R11; \
-    MOVQ  64+x, R8; SHLQ $1,R10; \
-    MOVQ $0xFFFFFFFF,R15; ANDQ R15,AX; ORQ AX,R10; \
-    MOVQ  56+x,R15; \
-    \
-    ADDQ  0+x,R15; MOVQ R15, 0+z; MOVQ  56+x,R15; \
-    ADCQ  8+x, R8; MOVQ  R8, 8+z; MOVQ  64+x, R8; \
-    ADCQ 16+x, R9; MOVQ  R9,16+z; MOVQ  72+x, R9; \
-    ADCQ 24+x,R10; MOVQ R10,24+z; MOVQ  80+x,R10; \
-    ADCQ 32+x,R11; MOVQ R11,32+z; MOVQ  88+x,R11; \
-    ADCQ 40+x,R12; MOVQ R12,40+z; MOVQ  96+x,R12; \
-    ADCQ 48+x,R13; MOVQ R13,48+z; MOVQ 104+x,R13; \
-    ADCQ   $0,R14; \
-    /* (c10c9,c9c8,c8c7,c7c13,c13c12,c12c11,c11c10) + (c6,...,c0) */ \
-    /* (   r9,  r8, r15,  r13,   r12,   r11,   r10) */ \
-    MOVQ R10, AX; \
-    SHRQ $32,R11,R10; \
-    SHRQ $32,R12,R11; \
-    SHRQ $32,R13,R12; \
-    SHRQ $32,R15,R13; \
-    SHRQ $32, R8,R15; \
-    SHRQ $32, R9, R8; \
-    SHRQ $32, AX, R9; \
-    \
-    ADDQ  0+z,R10; \
-    ADCQ  8+z,R11; \
-    ADCQ 16+z,R12; \
-    ADCQ 24+z,R13; \
-    ADCQ 32+z,R15; \
-    ADCQ 40+z, R8; \
-    ADCQ 48+z, R9; \
-    ADCQ   $0,R14; \
-    /* ( c7) + (c6,...,c0) */ \
-    /* (r14) */ \
-    MOVQ R14, AX; SHLQ $32, AX; \
-    ADDQ R14,R10; MOVQ  $0,R14; \
-    ADCQ  $0,R11; \
-    ADCQ  $0,R12; \
-    ADCQ  AX,R13; \
-    ADCQ  $0,R15; \
-    ADCQ  $0, R8; \
-    ADCQ  $0, R9; \
-    ADCQ  $0,R14; \
-    /* ( c7) + (c6,...,c0) */ \
-    /* (r14) */ \
-    MOVQ R14, AX; SHLQ $32,AX; \
-    ADDQ R14,R10; MOVQ R10, 0+z; \
-    ADCQ  $0,R11; MOVQ R11, 8+z; \
-    ADCQ  $0,R12; MOVQ R12,16+z; \
-    ADCQ  AX,R13; MOVQ R13,24+z; \
-    ADCQ  $0,R15; MOVQ R15,32+z; \
-    ADCQ  $0, R8; MOVQ  R8,40+z; \
-    ADCQ  $0, R9; MOVQ  R9,48+z;
-
-// reduceFromDoubleAdx finds a z=x modulo p such that z<2^448 and stores in z
-// Uses: AX, R8-R15, FLAGS
-// Instr: x86_64, adx
-#define reduceFromDoubleAdx(z,x) \
-    /* (   ,2C13,2C12,2C11,2C10|C10,C9,C8, C7) + (C6,...,C0) */ \
-    /* (r14, r13, r12, r11,     r10,r9,r8,r15) */ \
-    MOVQ 80+x,AX; MOVQ AX,R10; \
-    MOVQ $0xFFFFFFFF00000000, R8; \
-    ANDQ R8,R10; \
-    \
-    MOVQ $0,R14; \
-    MOVQ 104+x,R13; SHLQ $1,R13,R14; \
-    MOVQ  96+x,R12; SHLQ $1,R12,R13; \
-    MOVQ  88+x,R11; SHLQ $1,R11,R12; \
-    MOVQ  72+x, R9; SHLQ $1,R10,R11; \
-    MOVQ  64+x, R8; SHLQ $1,R10; \
-    MOVQ $0xFFFFFFFF,R15; ANDQ R15,AX; ORQ AX,R10; \
-    MOVQ  56+x,R15; \
-    \
-    XORL AX,AX; \
-    ADCXQ  0+x,R15; MOVQ R15, 0+z; MOVQ  56+x,R15; \
-    ADCXQ  8+x, R8; MOVQ  R8, 8+z; MOVQ  64+x, R8; \
-    ADCXQ 16+x, R9; MOVQ  R9,16+z; MOVQ  72+x, R9; \
-    ADCXQ 24+x,R10; MOVQ R10,24+z; MOVQ  80+x,R10; \
-    ADCXQ 32+x,R11; MOVQ R11,32+z; MOVQ  88+x,R11; \
-    ADCXQ 40+x,R12; MOVQ R12,40+z; MOVQ  96+x,R12; \
-    ADCXQ 48+x,R13; MOVQ R13,48+z; MOVQ 104+x,R13; \
-    ADCXQ   AX,R14; \
-    /* (c10c9,c9c8,c8c7,c7c13,c13c12,c12c11,c11c10) + (c6,...,c0) */ \
-    /* (   r9,  r8, r15,  r13,   r12,   r11,   r10) */ \
-    MOVQ R10, AX; \
-    SHRQ $32,R11,R10; \
-    SHRQ $32,R12,R11; \
-    SHRQ $32,R13,R12; \
-    SHRQ $32,R15,R13; \
-    SHRQ $32, R8,R15; \
-    SHRQ $32, R9, R8; \
-    SHRQ $32, AX, R9; \
-    \
-    XORL AX,AX; \
-    ADCXQ  0+z,R10; \
-    ADCXQ  8+z,R11; \
-    ADCXQ 16+z,R12; \
-    ADCXQ 24+z,R13; \
-    ADCXQ 32+z,R15; \
-    ADCXQ 40+z, R8; \
-    ADCXQ 48+z, R9; \
-    ADCXQ   AX,R14; \
-    /* ( c7) + (c6,...,c0) */ \
-    /* (r14) */ \
-    MOVQ R14, AX; SHLQ $32, AX; \
-    CLC; \
-    ADCXQ R14,R10; MOVQ $0,R14; \
-    ADCXQ R14,R11; \
-    ADCXQ R14,R12; \
-    ADCXQ  AX,R13; \
-    ADCXQ R14,R15; \
-    ADCXQ R14, R8; \
-    ADCXQ R14, R9; \
-    ADCXQ R14,R14; \
-    /* ( c7) + (c6,...,c0) */ \
-    /* (r14) */ \
-    MOVQ R14, AX; SHLQ $32, AX; \
-    CLC; \
-    ADCXQ R14,R10; MOVQ R10, 0+z; MOVQ $0,R14; \
-    ADCXQ R14,R11; MOVQ R11, 8+z; \
-    ADCXQ R14,R12; MOVQ R12,16+z; \
-    ADCXQ  AX,R13; MOVQ R13,24+z; \
-    ADCXQ R14,R15; MOVQ R15,32+z; \
-    ADCXQ R14, R8; MOVQ  R8,40+z; \
-    ADCXQ R14, R9; MOVQ  R9,48+z;
-
-// addSub calculates two operations: x,y = x+y,x-y
-// Uses: AX, DX, R8-R15, FLAGS
-#define addSub(x,y) \
-    MOVQ  0+x,  R8;  ADDQ  0+y,  R8; \
-    MOVQ  8+x,  R9;  ADCQ  8+y,  R9; \
-    MOVQ 16+x, R10;  ADCQ 16+y, R10; \
-    MOVQ 24+x, R11;  ADCQ 24+y, R11; \
-    MOVQ 32+x, R12;  ADCQ 32+y, R12; \
-    MOVQ 40+x, R13;  ADCQ 40+y, R13; \
-    MOVQ 48+x, R14;  ADCQ 48+y, R14; \
-    MOVQ   $0,  AX;  ADCQ   $0,  AX; \
-    MOVQ AX,  DX; \
-    SHLQ $32, DX; \
-    ADDQ AX,  R8; MOVQ  $0, AX; \
-    ADCQ $0,  R9; \
-    ADCQ $0, R10; \
-    ADCQ DX, R11; \
-    ADCQ $0, R12; \
-    ADCQ $0, R13; \
-    ADCQ $0, R14; \
-    ADCQ $0,  AX; \
-    MOVQ AX,  DX; \
-    SHLQ $32, DX; \
-    ADDQ AX,  R8;  MOVQ  0+x,AX; MOVQ  R8,  0+x; MOVQ AX,  R8; \
-    ADCQ $0,  R9;  MOVQ  8+x,AX; MOVQ  R9,  8+x; MOVQ AX,  R9; \
-    ADCQ $0, R10;  MOVQ 16+x,AX; MOVQ R10, 16+x; MOVQ AX, R10; \
-    ADCQ DX, R11;  MOVQ 24+x,AX; MOVQ R11, 24+x; MOVQ AX, R11; \
-    ADCQ $0, R12;  MOVQ 32+x,AX; MOVQ R12, 32+x; MOVQ AX, R12; \
-    ADCQ $0, R13;  MOVQ 40+x,AX; MOVQ R13, 40+x; MOVQ AX, R13; \
-    ADCQ $0, R14;  MOVQ 48+x,AX; MOVQ R14, 48+x; MOVQ AX, R14; \
-    SUBQ  0+y,  R8; \
-    SBBQ  8+y,  R9; \
-    SBBQ 16+y, R10; \
-    SBBQ 24+y, R11; \
-    SBBQ 32+y, R12; \
-    SBBQ 40+y, R13; \
-    SBBQ 48+y, R14; \
-    MOVQ   $0,  AX;  SETCS AX; \
-    MOVQ AX,  DX; \
-    SHLQ $32, DX; \
-    SUBQ AX,  R8; MOVQ  $0, AX; \
-    SBBQ $0,  R9; \
-    SBBQ $0, R10; \
-    SBBQ DX, R11; \
-    SBBQ $0, R12; \
-    SBBQ $0, R13; \
-    SBBQ $0, R14; \
-    SETCS AX; \
-    MOVQ AX,  DX; \
-    SHLQ $32, DX; \
-    SUBQ AX,  R8;  MOVQ  R8,  0+y; \
-    SBBQ $0,  R9;  MOVQ  R9,  8+y; \
-    SBBQ $0, R10;  MOVQ R10, 16+y; \
-    SBBQ DX, R11;  MOVQ R11, 24+y; \
-    SBBQ $0, R12;  MOVQ R12, 32+y; \
-    SBBQ $0, R13;  MOVQ R13, 40+y; \
-    SBBQ $0, R14;  MOVQ R14, 48+y;
diff --git a/vendor/github.com/cloudflare/circl/math/fp448/fp_amd64.s b/vendor/github.com/cloudflare/circl/math/fp448/fp_amd64.s
deleted file mode 100644
index 3f1f07c986..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp448/fp_amd64.s
+++ /dev/null
@@ -1,75 +0,0 @@
-//go:build amd64 && !purego
-// +build amd64,!purego
-
-#include "textflag.h"
-#include "fp_amd64.h"
-
-// func cmovAmd64(x, y *Elt, n uint)
-TEXT ·cmovAmd64(SB),NOSPLIT,$0-24
-    MOVQ x+0(FP), DI
-    MOVQ y+8(FP), SI
-    MOVQ n+16(FP), BX
-    cselect(0(DI),0(SI),BX)
-    RET
-
-// func cswapAmd64(x, y *Elt, n uint)
-TEXT ·cswapAmd64(SB),NOSPLIT,$0-24
-    MOVQ x+0(FP), DI
-    MOVQ y+8(FP), SI
-    MOVQ n+16(FP), BX
-    cswap(0(DI),0(SI),BX)
-    RET
-
-// func subAmd64(z, x, y *Elt)
-TEXT ·subAmd64(SB),NOSPLIT,$0-24
-    MOVQ z+0(FP), DI
-    MOVQ x+8(FP), SI
-    MOVQ y+16(FP), BX
-    subtraction(0(DI),0(SI),0(BX))
-    RET
-
-// func addsubAmd64(x, y *Elt)
-TEXT ·addsubAmd64(SB),NOSPLIT,$0-16
-    MOVQ x+0(FP), DI
-    MOVQ y+8(FP), SI
-    addSub(0(DI),0(SI))
-    RET
-
-#define addLegacy \
-    additionLeg(0(DI),0(SI),0(BX))
-#define addBmi2Adx \
-    additionAdx(0(DI),0(SI),0(BX))
-
-#define mulLegacy \
-    integerMulLeg(0(SP),0(SI),0(BX)) \
-    reduceFromDoubleLeg(0(DI),0(SP))
-#define mulBmi2Adx \
-    integerMulAdx(0(SP),0(SI),0(BX)) \
-    reduceFromDoubleAdx(0(DI),0(SP))
-
-#define sqrLegacy \
-    integerSqrLeg(0(SP),0(SI)) \
-    reduceFromDoubleLeg(0(DI),0(SP))
-#define sqrBmi2Adx \
-    integerSqrAdx(0(SP),0(SI)) \
-    reduceFromDoubleAdx(0(DI),0(SP))
-
-// func addAmd64(z, x, y *Elt)
-TEXT ·addAmd64(SB),NOSPLIT,$0-24
-    MOVQ z+0(FP), DI
-    MOVQ x+8(FP), SI
-    MOVQ y+16(FP), BX
-    CHECK_BMI2ADX(LADD, addLegacy, addBmi2Adx)
-
-// func mulAmd64(z, x, y *Elt)
-TEXT ·mulAmd64(SB),NOSPLIT,$112-24
-    MOVQ z+0(FP), DI
-    MOVQ x+8(FP), SI
-    MOVQ y+16(FP), BX
-    CHECK_BMI2ADX(LMUL, mulLegacy, mulBmi2Adx)
-
-// func sqrAmd64(z, x *Elt)
-TEXT ·sqrAmd64(SB),NOSPLIT,$112-16
-    MOVQ z+0(FP), DI
-    MOVQ x+8(FP), SI
-    CHECK_BMI2ADX(LSQR, sqrLegacy, sqrBmi2Adx)
diff --git a/vendor/github.com/cloudflare/circl/math/fp448/fp_generic.go b/vendor/github.com/cloudflare/circl/math/fp448/fp_generic.go
deleted file mode 100644
index 47a0b63205..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp448/fp_generic.go
+++ /dev/null
@@ -1,339 +0,0 @@
-package fp448
-
-import (
-	"encoding/binary"
-	"math/bits"
-)
-
-func cmovGeneric(x, y *Elt, n uint) {
-	m := -uint64(n & 0x1)
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-	x4 := binary.LittleEndian.Uint64(x[4*8 : 5*8])
-	x5 := binary.LittleEndian.Uint64(x[5*8 : 6*8])
-	x6 := binary.LittleEndian.Uint64(x[6*8 : 7*8])
-
-	y0 := binary.LittleEndian.Uint64(y[0*8 : 1*8])
-	y1 := binary.LittleEndian.Uint64(y[1*8 : 2*8])
-	y2 := binary.LittleEndian.Uint64(y[2*8 : 3*8])
-	y3 := binary.LittleEndian.Uint64(y[3*8 : 4*8])
-	y4 := binary.LittleEndian.Uint64(y[4*8 : 5*8])
-	y5 := binary.LittleEndian.Uint64(y[5*8 : 6*8])
-	y6 := binary.LittleEndian.Uint64(y[6*8 : 7*8])
-
-	x0 = (x0 &^ m) | (y0 & m)
-	x1 = (x1 &^ m) | (y1 & m)
-	x2 = (x2 &^ m) | (y2 & m)
-	x3 = (x3 &^ m) | (y3 & m)
-	x4 = (x4 &^ m) | (y4 & m)
-	x5 = (x5 &^ m) | (y5 & m)
-	x6 = (x6 &^ m) | (y6 & m)
-
-	binary.LittleEndian.PutUint64(x[0*8:1*8], x0)
-	binary.LittleEndian.PutUint64(x[1*8:2*8], x1)
-	binary.LittleEndian.PutUint64(x[2*8:3*8], x2)
-	binary.LittleEndian.PutUint64(x[3*8:4*8], x3)
-	binary.LittleEndian.PutUint64(x[4*8:5*8], x4)
-	binary.LittleEndian.PutUint64(x[5*8:6*8], x5)
-	binary.LittleEndian.PutUint64(x[6*8:7*8], x6)
-}
-
-func cswapGeneric(x, y *Elt, n uint) {
-	m := -uint64(n & 0x1)
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-	x4 := binary.LittleEndian.Uint64(x[4*8 : 5*8])
-	x5 := binary.LittleEndian.Uint64(x[5*8 : 6*8])
-	x6 := binary.LittleEndian.Uint64(x[6*8 : 7*8])
-
-	y0 := binary.LittleEndian.Uint64(y[0*8 : 1*8])
-	y1 := binary.LittleEndian.Uint64(y[1*8 : 2*8])
-	y2 := binary.LittleEndian.Uint64(y[2*8 : 3*8])
-	y3 := binary.LittleEndian.Uint64(y[3*8 : 4*8])
-	y4 := binary.LittleEndian.Uint64(y[4*8 : 5*8])
-	y5 := binary.LittleEndian.Uint64(y[5*8 : 6*8])
-	y6 := binary.LittleEndian.Uint64(y[6*8 : 7*8])
-
-	t0 := m & (x0 ^ y0)
-	t1 := m & (x1 ^ y1)
-	t2 := m & (x2 ^ y2)
-	t3 := m & (x3 ^ y3)
-	t4 := m & (x4 ^ y4)
-	t5 := m & (x5 ^ y5)
-	t6 := m & (x6 ^ y6)
-	x0 ^= t0
-	x1 ^= t1
-	x2 ^= t2
-	x3 ^= t3
-	x4 ^= t4
-	x5 ^= t5
-	x6 ^= t6
-	y0 ^= t0
-	y1 ^= t1
-	y2 ^= t2
-	y3 ^= t3
-	y4 ^= t4
-	y5 ^= t5
-	y6 ^= t6
-
-	binary.LittleEndian.PutUint64(x[0*8:1*8], x0)
-	binary.LittleEndian.PutUint64(x[1*8:2*8], x1)
-	binary.LittleEndian.PutUint64(x[2*8:3*8], x2)
-	binary.LittleEndian.PutUint64(x[3*8:4*8], x3)
-	binary.LittleEndian.PutUint64(x[4*8:5*8], x4)
-	binary.LittleEndian.PutUint64(x[5*8:6*8], x5)
-	binary.LittleEndian.PutUint64(x[6*8:7*8], x6)
-
-	binary.LittleEndian.PutUint64(y[0*8:1*8], y0)
-	binary.LittleEndian.PutUint64(y[1*8:2*8], y1)
-	binary.LittleEndian.PutUint64(y[2*8:3*8], y2)
-	binary.LittleEndian.PutUint64(y[3*8:4*8], y3)
-	binary.LittleEndian.PutUint64(y[4*8:5*8], y4)
-	binary.LittleEndian.PutUint64(y[5*8:6*8], y5)
-	binary.LittleEndian.PutUint64(y[6*8:7*8], y6)
-}
-
-func addGeneric(z, x, y *Elt) {
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-	x4 := binary.LittleEndian.Uint64(x[4*8 : 5*8])
-	x5 := binary.LittleEndian.Uint64(x[5*8 : 6*8])
-	x6 := binary.LittleEndian.Uint64(x[6*8 : 7*8])
-
-	y0 := binary.LittleEndian.Uint64(y[0*8 : 1*8])
-	y1 := binary.LittleEndian.Uint64(y[1*8 : 2*8])
-	y2 := binary.LittleEndian.Uint64(y[2*8 : 3*8])
-	y3 := binary.LittleEndian.Uint64(y[3*8 : 4*8])
-	y4 := binary.LittleEndian.Uint64(y[4*8 : 5*8])
-	y5 := binary.LittleEndian.Uint64(y[5*8 : 6*8])
-	y6 := binary.LittleEndian.Uint64(y[6*8 : 7*8])
-
-	z0, c0 := bits.Add64(x0, y0, 0)
-	z1, c1 := bits.Add64(x1, y1, c0)
-	z2, c2 := bits.Add64(x2, y2, c1)
-	z3, c3 := bits.Add64(x3, y3, c2)
-	z4, c4 := bits.Add64(x4, y4, c3)
-	z5, c5 := bits.Add64(x5, y5, c4)
-	z6, z7 := bits.Add64(x6, y6, c5)
-
-	z0, c0 = bits.Add64(z0, z7, 0)
-	z1, c1 = bits.Add64(z1, 0, c0)
-	z2, c2 = bits.Add64(z2, 0, c1)
-	z3, c3 = bits.Add64(z3, z7<<32, c2)
-	z4, c4 = bits.Add64(z4, 0, c3)
-	z5, c5 = bits.Add64(z5, 0, c4)
-	z6, z7 = bits.Add64(z6, 0, c5)
-
-	z0, c0 = bits.Add64(z0, z7, 0)
-	z1, c1 = bits.Add64(z1, 0, c0)
-	z2, c2 = bits.Add64(z2, 0, c1)
-	z3, c3 = bits.Add64(z3, z7<<32, c2)
-	z4, c4 = bits.Add64(z4, 0, c3)
-	z5, c5 = bits.Add64(z5, 0, c4)
-	z6, _ = bits.Add64(z6, 0, c5)
-
-	binary.LittleEndian.PutUint64(z[0*8:1*8], z0)
-	binary.LittleEndian.PutUint64(z[1*8:2*8], z1)
-	binary.LittleEndian.PutUint64(z[2*8:3*8], z2)
-	binary.LittleEndian.PutUint64(z[3*8:4*8], z3)
-	binary.LittleEndian.PutUint64(z[4*8:5*8], z4)
-	binary.LittleEndian.PutUint64(z[5*8:6*8], z5)
-	binary.LittleEndian.PutUint64(z[6*8:7*8], z6)
-}
-
-func subGeneric(z, x, y *Elt) {
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-	x4 := binary.LittleEndian.Uint64(x[4*8 : 5*8])
-	x5 := binary.LittleEndian.Uint64(x[5*8 : 6*8])
-	x6 := binary.LittleEndian.Uint64(x[6*8 : 7*8])
-
-	y0 := binary.LittleEndian.Uint64(y[0*8 : 1*8])
-	y1 := binary.LittleEndian.Uint64(y[1*8 : 2*8])
-	y2 := binary.LittleEndian.Uint64(y[2*8 : 3*8])
-	y3 := binary.LittleEndian.Uint64(y[3*8 : 4*8])
-	y4 := binary.LittleEndian.Uint64(y[4*8 : 5*8])
-	y5 := binary.LittleEndian.Uint64(y[5*8 : 6*8])
-	y6 := binary.LittleEndian.Uint64(y[6*8 : 7*8])
-
-	z0, c0 := bits.Sub64(x0, y0, 0)
-	z1, c1 := bits.Sub64(x1, y1, c0)
-	z2, c2 := bits.Sub64(x2, y2, c1)
-	z3, c3 := bits.Sub64(x3, y3, c2)
-	z4, c4 := bits.Sub64(x4, y4, c3)
-	z5, c5 := bits.Sub64(x5, y5, c4)
-	z6, z7 := bits.Sub64(x6, y6, c5)
-
-	z0, c0 = bits.Sub64(z0, z7, 0)
-	z1, c1 = bits.Sub64(z1, 0, c0)
-	z2, c2 = bits.Sub64(z2, 0, c1)
-	z3, c3 = bits.Sub64(z3, z7<<32, c2)
-	z4, c4 = bits.Sub64(z4, 0, c3)
-	z5, c5 = bits.Sub64(z5, 0, c4)
-	z6, z7 = bits.Sub64(z6, 0, c5)
-
-	z0, c0 = bits.Sub64(z0, z7, 0)
-	z1, c1 = bits.Sub64(z1, 0, c0)
-	z2, c2 = bits.Sub64(z2, 0, c1)
-	z3, c3 = bits.Sub64(z3, z7<<32, c2)
-	z4, c4 = bits.Sub64(z4, 0, c3)
-	z5, c5 = bits.Sub64(z5, 0, c4)
-	z6, _ = bits.Sub64(z6, 0, c5)
-
-	binary.LittleEndian.PutUint64(z[0*8:1*8], z0)
-	binary.LittleEndian.PutUint64(z[1*8:2*8], z1)
-	binary.LittleEndian.PutUint64(z[2*8:3*8], z2)
-	binary.LittleEndian.PutUint64(z[3*8:4*8], z3)
-	binary.LittleEndian.PutUint64(z[4*8:5*8], z4)
-	binary.LittleEndian.PutUint64(z[5*8:6*8], z5)
-	binary.LittleEndian.PutUint64(z[6*8:7*8], z6)
-}
-
-func addsubGeneric(x, y *Elt) {
-	z := &Elt{}
-	addGeneric(z, x, y)
-	subGeneric(y, x, y)
-	*x = *z
-}
-
-func mulGeneric(z, x, y *Elt) {
-	x0 := binary.LittleEndian.Uint64(x[0*8 : 1*8])
-	x1 := binary.LittleEndian.Uint64(x[1*8 : 2*8])
-	x2 := binary.LittleEndian.Uint64(x[2*8 : 3*8])
-	x3 := binary.LittleEndian.Uint64(x[3*8 : 4*8])
-	x4 := binary.LittleEndian.Uint64(x[4*8 : 5*8])
-	x5 := binary.LittleEndian.Uint64(x[5*8 : 6*8])
-	x6 := binary.LittleEndian.Uint64(x[6*8 : 7*8])
-
-	y0 := binary.LittleEndian.Uint64(y[0*8 : 1*8])
-	y1 := binary.LittleEndian.Uint64(y[1*8 : 2*8])
-	y2 := binary.LittleEndian.Uint64(y[2*8 : 3*8])
-	y3 := binary.LittleEndian.Uint64(y[3*8 : 4*8])
-	y4 := binary.LittleEndian.Uint64(y[4*8 : 5*8])
-	y5 := binary.LittleEndian.Uint64(y[5*8 : 6*8])
-	y6 := binary.LittleEndian.Uint64(y[6*8 : 7*8])
-
-	yy := [7]uint64{y0, y1, y2, y3, y4, y5, y6}
-	zz := [7]uint64{}
-
-	yi := yy[0]
-	h0, l0 := bits.Mul64(x0, yi)
-	h1, l1 := bits.Mul64(x1, yi)
-	h2, l2 := bits.Mul64(x2, yi)
-	h3, l3 := bits.Mul64(x3, yi)
-	h4, l4 := bits.Mul64(x4, yi)
-	h5, l5 := bits.Mul64(x5, yi)
-	h6, l6 := bits.Mul64(x6, yi)
-
-	zz[0] = l0
-	a0, c0 := bits.Add64(h0, l1, 0)
-	a1, c1 := bits.Add64(h1, l2, c0)
-	a2, c2 := bits.Add64(h2, l3, c1)
-	a3, c3 := bits.Add64(h3, l4, c2)
-	a4, c4 := bits.Add64(h4, l5, c3)
-	a5, c5 := bits.Add64(h5, l6, c4)
-	a6, _ := bits.Add64(h6, 0, c5)
-
-	for i := 1; i < 7; i++ {
-		yi = yy[i]
-		h0, l0 = bits.Mul64(x0, yi)
-		h1, l1 = bits.Mul64(x1, yi)
-		h2, l2 = bits.Mul64(x2, yi)
-		h3, l3 = bits.Mul64(x3, yi)
-		h4, l4 = bits.Mul64(x4, yi)
-		h5, l5 = bits.Mul64(x5, yi)
-		h6, l6 = bits.Mul64(x6, yi)
-
-		zz[i], c0 = bits.Add64(a0, l0, 0)
-		a0, c1 = bits.Add64(a1, l1, c0)
-		a1, c2 = bits.Add64(a2, l2, c1)
-		a2, c3 = bits.Add64(a3, l3, c2)
-		a3, c4 = bits.Add64(a4, l4, c3)
-		a4, c5 = bits.Add64(a5, l5, c4)
-		a5, a6 = bits.Add64(a6, l6, c5)
-
-		a0, c0 = bits.Add64(a0, h0, 0)
-		a1, c1 = bits.Add64(a1, h1, c0)
-		a2, c2 = bits.Add64(a2, h2, c1)
-		a3, c3 = bits.Add64(a3, h3, c2)
-		a4, c4 = bits.Add64(a4, h4, c3)
-		a5, c5 = bits.Add64(a5, h5, c4)
-		a6, _ = bits.Add64(a6, h6, c5)
-	}
-	red64(z, &zz, &[7]uint64{a0, a1, a2, a3, a4, a5, a6})
-}
-
-func sqrGeneric(z, x *Elt) { mulGeneric(z, x, x) }
-
-func red64(z *Elt, l, h *[7]uint64) {
-	/* (2C13, 2C12, 2C11, 2C10|C10, C9, C8, C7) + (C6,...,C0) */
-	h0 := h[0]
-	h1 := h[1]
-	h2 := h[2]
-	h3 := ((h[3] & (0xFFFFFFFF << 32)) << 1) | (h[3] & 0xFFFFFFFF)
-	h4 := (h[3] >> 63) | (h[4] << 1)
-	h5 := (h[4] >> 63) | (h[5] << 1)
-	h6 := (h[5] >> 63) | (h[6] << 1)
-	h7 := (h[6] >> 63)
-
-	l0, c0 := bits.Add64(h0, l[0], 0)
-	l1, c1 := bits.Add64(h1, l[1], c0)
-	l2, c2 := bits.Add64(h2, l[2], c1)
-	l3, c3 := bits.Add64(h3, l[3], c2)
-	l4, c4 := bits.Add64(h4, l[4], c3)
-	l5, c5 := bits.Add64(h5, l[5], c4)
-	l6, c6 := bits.Add64(h6, l[6], c5)
-	l7, _ := bits.Add64(h7, 0, c6)
-
-	/* (C10C9, C9C8,C8C7,C7C13,C13C12,C12C11,C11C10) + (C6,...,C0) */
-	h0 = (h[3] >> 32) | (h[4] << 32)
-	h1 = (h[4] >> 32) | (h[5] << 32)
-	h2 = (h[5] >> 32) | (h[6] << 32)
-	h3 = (h[6] >> 32) | (h[0] << 32)
-	h4 = (h[0] >> 32) | (h[1] << 32)
-	h5 = (h[1] >> 32) | (h[2] << 32)
-	h6 = (h[2] >> 32) | (h[3] << 32)
-
-	l0, c0 = bits.Add64(l0, h0, 0)
-	l1, c1 = bits.Add64(l1, h1, c0)
-	l2, c2 = bits.Add64(l2, h2, c1)
-	l3, c3 = bits.Add64(l3, h3, c2)
-	l4, c4 = bits.Add64(l4, h4, c3)
-	l5, c5 = bits.Add64(l5, h5, c4)
-	l6, c6 = bits.Add64(l6, h6, c5)
-	l7, _ = bits.Add64(l7, 0, c6)
-
-	/* (C7) + (C6,...,C0) */
-	l0, c0 = bits.Add64(l0, l7, 0)
-	l1, c1 = bits.Add64(l1, 0, c0)
-	l2, c2 = bits.Add64(l2, 0, c1)
-	l3, c3 = bits.Add64(l3, l7<<32, c2)
-	l4, c4 = bits.Add64(l4, 0, c3)
-	l5, c5 = bits.Add64(l5, 0, c4)
-	l6, l7 = bits.Add64(l6, 0, c5)
-
-	/* (C7) + (C6,...,C0) */
-	l0, c0 = bits.Add64(l0, l7, 0)
-	l1, c1 = bits.Add64(l1, 0, c0)
-	l2, c2 = bits.Add64(l2, 0, c1)
-	l3, c3 = bits.Add64(l3, l7<<32, c2)
-	l4, c4 = bits.Add64(l4, 0, c3)
-	l5, c5 = bits.Add64(l5, 0, c4)
-	l6, _ = bits.Add64(l6, 0, c5)
-
-	binary.LittleEndian.PutUint64(z[0*8:1*8], l0)
-	binary.LittleEndian.PutUint64(z[1*8:2*8], l1)
-	binary.LittleEndian.PutUint64(z[2*8:3*8], l2)
-	binary.LittleEndian.PutUint64(z[3*8:4*8], l3)
-	binary.LittleEndian.PutUint64(z[4*8:5*8], l4)
-	binary.LittleEndian.PutUint64(z[5*8:6*8], l5)
-	binary.LittleEndian.PutUint64(z[6*8:7*8], l6)
-}
diff --git a/vendor/github.com/cloudflare/circl/math/fp448/fp_noasm.go b/vendor/github.com/cloudflare/circl/math/fp448/fp_noasm.go
deleted file mode 100644
index a62225d296..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp448/fp_noasm.go
+++ /dev/null
@@ -1,12 +0,0 @@
-//go:build !amd64 || purego
-// +build !amd64 purego
-
-package fp448
-
-func cmov(x, y *Elt, n uint)  { cmovGeneric(x, y, n) }
-func cswap(x, y *Elt, n uint) { cswapGeneric(x, y, n) }
-func add(z, x, y *Elt)        { addGeneric(z, x, y) }
-func sub(z, x, y *Elt)        { subGeneric(z, x, y) }
-func addsub(x, y *Elt)        { addsubGeneric(x, y) }
-func mul(z, x, y *Elt)        { mulGeneric(z, x, y) }
-func sqr(z, x *Elt)           { sqrGeneric(z, x) }
diff --git a/vendor/github.com/cloudflare/circl/math/fp448/fuzzer.go b/vendor/github.com/cloudflare/circl/math/fp448/fuzzer.go
deleted file mode 100644
index 2d7afc8059..0000000000
--- a/vendor/github.com/cloudflare/circl/math/fp448/fuzzer.go
+++ /dev/null
@@ -1,75 +0,0 @@
-//go:build gofuzz
-// +build gofuzz
-
-// How to run the fuzzer:
-//
-//	$ go get -u github.com/dvyukov/go-fuzz/go-fuzz
-//	$ go get -u github.com/dvyukov/go-fuzz/go-fuzz-build
-//	$ go-fuzz-build -libfuzzer -func FuzzReduction -o lib.a
-//	$ clang -fsanitize=fuzzer lib.a -o fu.exe
-//	$ ./fu.exe
-package fp448
-
-import (
-	"encoding/binary"
-	"fmt"
-	"math/big"
-
-	"github.com/cloudflare/circl/internal/conv"
-)
-
-// FuzzReduction is a fuzzer target for red64 function, which reduces t
-// (112 bits) to a number t' (56 bits) congruent modulo p448.
-func FuzzReduction(data []byte) int {
-	if len(data) != 2*Size {
-		return -1
-	}
-	var got, want Elt
-	var lo, hi [7]uint64
-	a := data[:Size]
-	b := data[Size:]
-	lo[0] = binary.LittleEndian.Uint64(a[0*8 : 1*8])
-	lo[1] = binary.LittleEndian.Uint64(a[1*8 : 2*8])
-	lo[2] = binary.LittleEndian.Uint64(a[2*8 : 3*8])
-	lo[3] = binary.LittleEndian.Uint64(a[3*8 : 4*8])
-	lo[4] = binary.LittleEndian.Uint64(a[4*8 : 5*8])
-	lo[5] = binary.LittleEndian.Uint64(a[5*8 : 6*8])
-	lo[6] = binary.LittleEndian.Uint64(a[6*8 : 7*8])
-
-	hi[0] = binary.LittleEndian.Uint64(b[0*8 : 1*8])
-	hi[1] = binary.LittleEndian.Uint64(b[1*8 : 2*8])
-	hi[2] = binary.LittleEndian.Uint64(b[2*8 : 3*8])
-	hi[3] = binary.LittleEndian.Uint64(b[3*8 : 4*8])
-	hi[4] = binary.LittleEndian.Uint64(b[4*8 : 5*8])
-	hi[5] = binary.LittleEndian.Uint64(b[5*8 : 6*8])
-	hi[6] = binary.LittleEndian.Uint64(b[6*8 : 7*8])
-
-	red64(&got, &lo, &hi)
-
-	t := conv.BytesLe2BigInt(data[:2*Size])
-
-	two448 := big.NewInt(1)
-	two448.Lsh(two448, 448) // 2^448
-	mask448 := big.NewInt(1)
-	mask448.Sub(two448, mask448) // 2^448-1
-	two224plus1 := big.NewInt(1)
-	two224plus1.Lsh(two224plus1, 224)
-	two224plus1.Add(two224plus1, big.NewInt(1)) // 2^224+1
-
-	var loBig, hiBig big.Int
-	for t.Cmp(two448) >= 0 {
-		loBig.And(t, mask448)
-		hiBig.Rsh(t, 448)
-		t.Mul(&hiBig, two224plus1)
-		t.Add(t, &loBig)
-	}
-	conv.BigInt2BytesLe(want[:], t)
-
-	if got != want {
-		fmt.Printf("in:   %v\n", conv.BytesLe2BigInt(data[:2*Size]))
-		fmt.Printf("got:  %v\n", got)
-		fmt.Printf("want: %v\n", want)
-		panic("error found")
-	}
-	return 1
-}
diff --git a/vendor/github.com/cloudflare/circl/math/integer.go b/vendor/github.com/cloudflare/circl/math/integer.go
deleted file mode 100644
index 9c80c23b59..0000000000
--- a/vendor/github.com/cloudflare/circl/math/integer.go
+++ /dev/null
@@ -1,16 +0,0 @@
-package math
-
-import "math/bits"
-
-// NextPow2 finds the next power of two (N=2^k, k>=0) greater than n.
-// If n is already a power of two, then this function returns n, and log2(n).
-func NextPow2(n uint) (N uint, k uint) {
-	if bits.OnesCount(n) == 1 {
-		k = uint(bits.TrailingZeros(n))
-		N = n
-	} else {
-		k = uint(bits.Len(n))
-		N = uint(1) << k
-	}
-	return
-}
diff --git a/vendor/github.com/cloudflare/circl/math/mlsbset/mlsbset.go b/vendor/github.com/cloudflare/circl/math/mlsbset/mlsbset.go
deleted file mode 100644
index a43851b8bb..0000000000
--- a/vendor/github.com/cloudflare/circl/math/mlsbset/mlsbset.go
+++ /dev/null
@@ -1,122 +0,0 @@
-// Package mlsbset provides a constant-time exponentiation method with precomputation.
-//
-// References: "Efficient and secure algorithms for GLV-based scalar
-// multiplication and their implementation on GLV–GLS curves" by (Faz-Hernandez et al.)
-//   - https://doi.org/10.1007/s13389-014-0085-7
-//   - https://eprint.iacr.org/2013/158
-package mlsbset
-
-import (
-	"errors"
-	"fmt"
-	"math/big"
-
-	"github.com/cloudflare/circl/internal/conv"
-)
-
-// EltG is a group element.
-type EltG interface{}
-
-// EltP is a precomputed group element.
-type EltP interface{}
-
-// Group defines the operations required by MLSBSet exponentiation method.
-type Group interface {
-	Identity() EltG                    // Returns the identity of the group.
-	Sqr(x EltG)                        // Calculates x = x^2.
-	Mul(x EltG, y EltP)                // Calculates x = x*y.
-	NewEltP() EltP                     // Returns an arbitrary precomputed element.
-	ExtendedEltP() EltP                // Returns the precomputed element x^(2^(w*d)).
-	Lookup(a EltP, v uint, s, u int32) // Sets a = s*T[v][u].
-}
-
-// Params contains the parameters of the encoding.
-type Params struct {
-	T uint // T is the maximum size (in bits) of exponents.
-	V uint // V is the number of tables.
-	W uint // W is the window size.
-	E uint // E is the number of digits per table.
-	D uint // D is the number of digits in total.
-	L uint // L is the length of the code.
-}
-
-// Encoder allows to convert integers into valid powers.
-type Encoder struct{ p Params }
-
-// New produces an encoder of the MLSBSet algorithm.
-func New(t, v, w uint) (Encoder, error) {
-	if !(t > 1 && v >= 1 && w >= 2) {
-		return Encoder{}, errors.New("t>1, v>=1, w>=2")
-	}
-	e := (t + w*v - 1) / (w * v)
-	d := e * v
-	l := d * w
-	return Encoder{Params{t, v, w, e, d, l}}, nil
-}
-
-// Encode converts an odd integer k into a valid power for exponentiation.
-func (m Encoder) Encode(k []byte) (*Power, error) {
-	if len(k) == 0 {
-		return nil, errors.New("empty slice")
-	}
-	if !(len(k) <= int(m.p.L+7)>>3) {
-		return nil, errors.New("k too big")
-	}
-	if k[0]%2 == 0 {
-		return nil, errors.New("k must be odd")
-	}
-	ap := int((m.p.L+7)/8) - len(k)
-	k = append(k, make([]byte, ap)...)
-	s := m.signs(k)
-	b := make([]int32, m.p.L-m.p.D)
-	c := conv.BytesLe2BigInt(k)
-	c.Rsh(c, m.p.D)
-	var bi big.Int
-	for i := m.p.D; i < m.p.L; i++ {
-		c0 := int32(c.Bit(0))
-		b[i-m.p.D] = s[i%m.p.D] * c0
-		bi.SetInt64(int64(b[i-m.p.D] >> 1))
-		c.Rsh(c, 1)
-		c.Sub(c, &bi)
-	}
-	carry := int(c.Int64())
-	return &Power{m, s, b, carry}, nil
-}
-
-// signs calculates the set of signs.
-func (m Encoder) signs(k []byte) []int32 {
-	s := make([]int32, m.p.D)
-	s[m.p.D-1] = 1
-	for i := uint(1); i < m.p.D; i++ {
-		ki := int32((k[i>>3] >> (i & 0x7)) & 0x1)
-		s[i-1] = 2*ki - 1
-	}
-	return s
-}
-
-// GetParams returns the complementary parameters of the encoding.
-func (m Encoder) GetParams() Params { return m.p }
-
-// tableSize returns the size of each table.
-func (m Encoder) tableSize() uint { return 1 << (m.p.W - 1) }
-
-// Elts returns the total number of elements that must be precomputed.
-func (m Encoder) Elts() uint { return m.p.V * m.tableSize() }
-
-// IsExtended returns true if the element x^(2^(wd)) must be calculated.
-func (m Encoder) IsExtended() bool { q := m.p.T / (m.p.V * m.p.W); return m.p.T == q*m.p.V*m.p.W }
-
-// Ops returns the number of squares and multiplications executed during an exponentiation.
-func (m Encoder) Ops() (S uint, M uint) {
-	S = m.p.E
-	M = m.p.E * m.p.V
-	if m.IsExtended() {
-		M++
-	}
-	return
-}
-
-func (m Encoder) String() string {
-	return fmt.Sprintf("T: %v W: %v V: %v e: %v d: %v l: %v wv|t: %v",
-		m.p.T, m.p.W, m.p.V, m.p.E, m.p.D, m.p.L, m.IsExtended())
-}
diff --git a/vendor/github.com/cloudflare/circl/math/mlsbset/power.go b/vendor/github.com/cloudflare/circl/math/mlsbset/power.go
deleted file mode 100644
index 3f214c3046..0000000000
--- a/vendor/github.com/cloudflare/circl/math/mlsbset/power.go
+++ /dev/null
@@ -1,64 +0,0 @@
-package mlsbset
-
-import "fmt"
-
-// Power is a valid exponent produced by the MLSBSet encoding algorithm.
-type Power struct {
-	set Encoder // parameters of code.
-	s   []int32 // set of signs.
-	b   []int32 // set of digits.
-	c   int     // carry is {0,1}.
-}
-
-// Exp is calculates x^k, where x is a predetermined element of a group G.
-func (p *Power) Exp(G Group) EltG {
-	a, b := G.Identity(), G.NewEltP()
-	for e := int(p.set.p.E - 1); e >= 0; e-- {
-		G.Sqr(a)
-		for v := uint(0); v < p.set.p.V; v++ {
-			sgnElt, idElt := p.Digit(v, uint(e))
-			G.Lookup(b, v, sgnElt, idElt)
-			G.Mul(a, b)
-		}
-	}
-	if p.set.IsExtended() && p.c == 1 {
-		G.Mul(a, G.ExtendedEltP())
-	}
-	return a
-}
-
-// Digit returns the (v,e)-th digit and its sign.
-func (p *Power) Digit(v, e uint) (sgn, dig int32) {
-	sgn = p.bit(0, v, e)
-	dig = 0
-	for i := p.set.p.W - 1; i > 0; i-- {
-		dig = 2*dig + p.bit(i, v, e)
-	}
-	mask := dig >> 31
-	dig = (dig + mask) ^ mask
-	return sgn, dig
-}
-
-// bit returns the (w,v,e)-th bit of the code.
-func (p *Power) bit(w, v, e uint) int32 {
-	if !(w < p.set.p.W &&
-		v < p.set.p.V &&
-		e < p.set.p.E) {
-		panic(fmt.Errorf("indexes outside (%v,%v,%v)", w, v, e))
-	}
-	if w == 0 {
-		return p.s[p.set.p.E*v+e]
-	}
-	return p.b[p.set.p.D*(w-1)+p.set.p.E*v+e]
-}
-
-func (p *Power) String() string {
-	dig := ""
-	for j := uint(0); j < p.set.p.V; j++ {
-		for i := uint(0); i < p.set.p.E; i++ {
-			s, d := p.Digit(j, i)
-			dig += fmt.Sprintf("(%2v,%2v) = %+2v %+2v\n", j, i, s, d)
-		}
-	}
-	return fmt.Sprintf("len: %v\ncarry: %v\ndigits:\n%v", len(p.b)+len(p.s), p.c, dig)
-}
diff --git a/vendor/github.com/cloudflare/circl/math/primes.go b/vendor/github.com/cloudflare/circl/math/primes.go
deleted file mode 100644
index 158fd83a7a..0000000000
--- a/vendor/github.com/cloudflare/circl/math/primes.go
+++ /dev/null
@@ -1,34 +0,0 @@
-package math
-
-import (
-	"crypto/rand"
-	"io"
-	"math/big"
-)
-
-// IsSafePrime reports whether p is (probably) a safe prime.
-// The prime p=2*q+1 is safe prime if both p and q are primes.
-// Note that ProbablyPrime is not suitable for judging primes
-// that an adversary may have crafted to fool the test.
-func IsSafePrime(p *big.Int) bool {
-	pdiv2 := new(big.Int).Rsh(p, 1)
-	return p.ProbablyPrime(20) && pdiv2.ProbablyPrime(20)
-}
-
-// SafePrime returns a number of the given bit length that is a safe prime with high probability.
-// The number returned p=2*q+1 is a safe prime if both p and q are primes.
-// SafePrime will return error for any error returned by rand.Read or if bits < 2.
-func SafePrime(random io.Reader, bits int) (*big.Int, error) {
-	one := big.NewInt(1)
-	p := new(big.Int)
-	for {
-		q, err := rand.Prime(random, bits-1)
-		if err != nil {
-			return nil, err
-		}
-		p.Lsh(q, 1).Add(p, one)
-		if p.ProbablyPrime(20) {
-			return p, nil
-		}
-	}
-}
diff --git a/vendor/github.com/cloudflare/circl/math/wnaf.go b/vendor/github.com/cloudflare/circl/math/wnaf.go
deleted file mode 100644
index 94a1ec5042..0000000000
--- a/vendor/github.com/cloudflare/circl/math/wnaf.go
+++ /dev/null
@@ -1,84 +0,0 @@
-// Package math provides some utility functions for big integers.
-package math
-
-import "math/big"
-
-// SignedDigit obtains the signed-digit recoding of n and returns a list L of
-// digits such that n = sum( L[i]*2^(i*(w-1)) ), and each L[i] is an odd number
-// in the set {±1, ±3, ..., ±2^(w-1)-1}. The third parameter ensures that the
-// output has ceil(l/(w-1)) digits.
-//
-// Restrictions:
-//   - n is odd and n > 0.
-//   - 1 < w < 32.
-//   - l >= bit length of n.
-//
-// References:
-//   - Alg.6 in "Exponent Recoding and Regular Exponentiation Algorithms"
-//     by Joye-Tunstall. http://doi.org/10.1007/978-3-642-02384-2_21
-//   - Alg.6 in "Selecting Elliptic Curves for Cryptography: An Efficiency and
-//     Security Analysis" by Bos et al. http://doi.org/10.1007/s13389-015-0097-y
-func SignedDigit(n *big.Int, w, l uint) []int32 {
-	if n.Sign() <= 0 || n.Bit(0) == 0 {
-		panic("n must be non-zero, odd, and positive")
-	}
-	if w <= 1 || w >= 32 {
-		panic("Verify that 1 < w < 32")
-	}
-	if uint(n.BitLen()) > l {
-		panic("n is too big to fit in l digits")
-	}
-	lenN := (l + (w - 1) - 1) / (w - 1) // ceil(l/(w-1))
-	L := make([]int32, lenN+1)
-	var k, v big.Int
-	k.Set(n)
-
-	var i uint
-	for i = 0; i < lenN; i++ {
-		words := k.Bits()
-		value := int32(words[0] & ((1 << w) - 1))
-		value -= int32(1) << (w - 1)
-		L[i] = value
-		v.SetInt64(int64(value))
-		k.Sub(&k, &v)
-		k.Rsh(&k, w-1)
-	}
-	L[i] = int32(k.Int64())
-	return L
-}
-
-// OmegaNAF obtains the window-w Non-Adjacent Form of a positive number n and
-// 1 < w < 32. The returned slice L holds n = sum( L[i]*2^i ).
-//
-// Reference:
-//   - Alg.9 "Efficient arithmetic on Koblitz curves" by Solinas.
-//     http://doi.org/10.1023/A:1008306223194
-func OmegaNAF(n *big.Int, w uint) (L []int32) {
-	if n.Sign() < 0 {
-		panic("n must be positive")
-	}
-	if w <= 1 || w >= 32 {
-		panic("Verify that 1 < w < 32")
-	}
-
-	L = make([]int32, n.BitLen()+1)
-	var k, v big.Int
-	k.Set(n)
-
-	i := 0
-	for ; k.Sign() > 0; i++ {
-		value := int32(0)
-		if k.Bit(0) == 1 {
-			words := k.Bits()
-			value = int32(words[0] & ((1 << w) - 1))
-			if value >= (int32(1) << (w - 1)) {
-				value -= int32(1) << w
-			}
-			v.SetInt64(int64(value))
-			k.Sub(&k, &v)
-		}
-		L[i] = value
-		k.Rsh(&k, 1)
-	}
-	return L[:i]
-}
diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go b/vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go
deleted file mode 100644
index 2c73c26fb1..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go
+++ /dev/null
@@ -1,453 +0,0 @@
-// Package ed25519 implements Ed25519 signature scheme as described in RFC-8032.
-//
-// This package provides optimized implementations of the three signature
-// variants and maintaining closer compatibility with crypto/ed25519.
-//
-//	| Scheme Name | Sign Function     | Verification  | Context           |
-//	|-------------|-------------------|---------------|-------------------|
-//	| Ed25519     | Sign              | Verify        | None              |
-//	| Ed25519Ph   | SignPh            | VerifyPh      | Yes, can be empty |
-//	| Ed25519Ctx  | SignWithCtx       | VerifyWithCtx | Yes, non-empty    |
-//	| All above   | (PrivateKey).Sign | VerifyAny     | As above          |
-//
-// Specific functions for sign and verify are defined. A generic signing
-// function for all schemes is available through the crypto.Signer interface,
-// which is implemented by the PrivateKey type. A correspond all-in-one
-// verification method is provided by the VerifyAny function.
-//
-// Signing with Ed25519Ph or Ed25519Ctx requires a context string for domain
-// separation. This parameter is passed using a SignerOptions struct defined
-// in this package. While Ed25519Ph accepts an empty context, Ed25519Ctx
-// enforces non-empty context strings.
-//
-// # Compatibility with crypto.ed25519
-//
-// These functions are compatible with the “Ed25519” function defined in
-// RFC-8032. However, unlike RFC 8032's formulation, this package's private
-// key representation includes a public key suffix to make multiple signing
-// operations with the same key more efficient. This package refers to the
-// RFC-8032 private key as the “seed”.
-//
-// References
-//
-//   - RFC-8032: https://rfc-editor.org/rfc/rfc8032.txt
-//   - Ed25519: https://ed25519.cr.yp.to/
-//   - EdDSA: High-speed high-security signatures. https://doi.org/10.1007/s13389-012-0027-1
-package ed25519
-
-import (
-	"bytes"
-	"crypto"
-	cryptoRand "crypto/rand"
-	"crypto/sha512"
-	"crypto/subtle"
-	"errors"
-	"fmt"
-	"io"
-	"strconv"
-
-	"github.com/cloudflare/circl/sign"
-)
-
-const (
-	// ContextMaxSize is the maximum length (in bytes) allowed for context.
-	ContextMaxSize = 255
-	// PublicKeySize is the size, in bytes, of public keys as used in this package.
-	PublicKeySize = 32
-	// PrivateKeySize is the size, in bytes, of private keys as used in this package.
-	PrivateKeySize = 64
-	// SignatureSize is the size, in bytes, of signatures generated and verified by this package.
-	SignatureSize = 64
-	// SeedSize is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032.
-	SeedSize = 32
-)
-
-const (
-	paramB = 256 / 8 // Size of keys in bytes.
-)
-
-// SignerOptions implements crypto.SignerOpts and augments with parameters
-// that are specific to the Ed25519 signature schemes.
-type SignerOptions struct {
-	// Hash must be crypto.Hash(0) for Ed25519/Ed25519ctx, or crypto.SHA512
-	// for Ed25519ph.
-	crypto.Hash
-
-	// Context is an optional domain separation string for Ed25519ph and a
-	// must for Ed25519ctx. Its length must be less or equal than 255 bytes.
-	Context string
-
-	// Scheme is an identifier for choosing a signature scheme. The zero value
-	// is ED25519.
-	Scheme SchemeID
-}
-
-// SchemeID is an identifier for each signature scheme.
-type SchemeID uint
-
-const (
-	ED25519 SchemeID = iota
-	ED25519Ph
-	ED25519Ctx
-)
-
-// PrivateKey is the type of Ed25519 private keys. It implements crypto.Signer.
-type PrivateKey []byte
-
-// Equal reports whether priv and x have the same value.
-func (priv PrivateKey) Equal(x crypto.PrivateKey) bool {
-	xx, ok := x.(PrivateKey)
-	return ok && subtle.ConstantTimeCompare(priv, xx) == 1
-}
-
-// Public returns the PublicKey corresponding to priv.
-func (priv PrivateKey) Public() crypto.PublicKey {
-	publicKey := make(PublicKey, PublicKeySize)
-	copy(publicKey, priv[SeedSize:])
-	return publicKey
-}
-
-// Seed returns the private key seed corresponding to priv. It is provided for
-// interoperability with RFC 8032. RFC 8032's private keys correspond to seeds
-// in this package.
-func (priv PrivateKey) Seed() []byte {
-	seed := make([]byte, SeedSize)
-	copy(seed, priv[:SeedSize])
-	return seed
-}
-
-func (priv PrivateKey) Scheme() sign.Scheme { return sch }
-
-func (pub PublicKey) Scheme() sign.Scheme { return sch }
-
-func (priv PrivateKey) MarshalBinary() (data []byte, err error) {
-	privateKey := make(PrivateKey, PrivateKeySize)
-	copy(privateKey, priv)
-	return privateKey, nil
-}
-
-func (pub PublicKey) MarshalBinary() (data []byte, err error) {
-	publicKey := make(PublicKey, PublicKeySize)
-	copy(publicKey, pub)
-	return publicKey, nil
-}
-
-// Equal reports whether pub and x have the same value.
-func (pub PublicKey) Equal(x crypto.PublicKey) bool {
-	xx, ok := x.(PublicKey)
-	return ok && bytes.Equal(pub, xx)
-}
-
-// Sign creates a signature of a message with priv key.
-// This function is compatible with crypto.ed25519 and also supports the
-// three signature variants defined in RFC-8032, namely Ed25519 (or pure
-// EdDSA), Ed25519Ph, and Ed25519Ctx.
-// The opts.HashFunc() must return zero to specify either Ed25519 or Ed25519Ctx
-// variant. This can be achieved by passing crypto.Hash(0) as the value for
-// opts.
-// The opts.HashFunc() must return SHA512 to specify the Ed25519Ph variant.
-// This can be achieved by passing crypto.SHA512 as the value for opts.
-// Use a SignerOptions struct (defined in this package) to pass a context
-// string for signing.
-func (priv PrivateKey) Sign(
-	rand io.Reader,
-	message []byte,
-	opts crypto.SignerOpts,
-) (signature []byte, err error) {
-	var ctx string
-	var scheme SchemeID
-	if o, ok := opts.(SignerOptions); ok {
-		ctx = o.Context
-		scheme = o.Scheme
-	}
-
-	switch true {
-	case scheme == ED25519 && opts.HashFunc() == crypto.Hash(0):
-		return Sign(priv, message), nil
-	case scheme == ED25519Ph && opts.HashFunc() == crypto.SHA512:
-		return SignPh(priv, message, ctx), nil
-	case scheme == ED25519Ctx && opts.HashFunc() == crypto.Hash(0) && len(ctx) > 0:
-		return SignWithCtx(priv, message, ctx), nil
-	default:
-		return nil, errors.New("ed25519: bad hash algorithm")
-	}
-}
-
-// GenerateKey generates a public/private key pair using entropy from rand.
-// If rand is nil, crypto/rand.Reader will be used.
-func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error) {
-	if rand == nil {
-		rand = cryptoRand.Reader
-	}
-
-	seed := make([]byte, SeedSize)
-	if _, err := io.ReadFull(rand, seed); err != nil {
-		return nil, nil, err
-	}
-
-	privateKey := NewKeyFromSeed(seed)
-	publicKey := make(PublicKey, PublicKeySize)
-	copy(publicKey, privateKey[SeedSize:])
-
-	return publicKey, privateKey, nil
-}
-
-// NewKeyFromSeed calculates a private key from a seed. It will panic if
-// len(seed) is not SeedSize. This function is provided for interoperability
-// with RFC 8032. RFC 8032's private keys correspond to seeds in this
-// package.
-func NewKeyFromSeed(seed []byte) PrivateKey {
-	privateKey := make(PrivateKey, PrivateKeySize)
-	newKeyFromSeed(privateKey, seed)
-	return privateKey
-}
-
-func newKeyFromSeed(privateKey, seed []byte) {
-	if l := len(seed); l != SeedSize {
-		panic("ed25519: bad seed length: " + strconv.Itoa(l))
-	}
-	var P pointR1
-	k := sha512.Sum512(seed)
-	clamp(k[:])
-	reduceModOrder(k[:paramB], false)
-	P.fixedMult(k[:paramB])
-	copy(privateKey[:SeedSize], seed)
-	_ = P.ToBytes(privateKey[SeedSize:])
-}
-
-func signAll(signature []byte, privateKey PrivateKey, message, ctx []byte, preHash bool) {
-	if l := len(privateKey); l != PrivateKeySize {
-		panic("ed25519: bad private key length: " + strconv.Itoa(l))
-	}
-
-	H := sha512.New()
-	var PHM []byte
-
-	if preHash {
-		_, _ = H.Write(message)
-		PHM = H.Sum(nil)
-		H.Reset()
-	} else {
-		PHM = message
-	}
-
-	// 1.  Hash the 32-byte private key using SHA-512.
-	_, _ = H.Write(privateKey[:SeedSize])
-	h := H.Sum(nil)
-	clamp(h[:])
-	prefix, s := h[paramB:], h[:paramB]
-
-	// 2.  Compute SHA-512(dom2(F, C) || prefix || PH(M))
-	H.Reset()
-
-	writeDom(H, ctx, preHash)
-
-	_, _ = H.Write(prefix)
-	_, _ = H.Write(PHM)
-	r := H.Sum(nil)
-	reduceModOrder(r[:], true)
-
-	// 3.  Compute the point [r]B.
-	var P pointR1
-	P.fixedMult(r[:paramB])
-	R := (&[paramB]byte{})[:]
-	if err := P.ToBytes(R); err != nil {
-		panic(err)
-	}
-
-	// 4.  Compute SHA512(dom2(F, C) || R || A || PH(M)).
-	H.Reset()
-
-	writeDom(H, ctx, preHash)
-
-	_, _ = H.Write(R)
-	_, _ = H.Write(privateKey[SeedSize:])
-	_, _ = H.Write(PHM)
-	hRAM := H.Sum(nil)
-
-	reduceModOrder(hRAM[:], true)
-
-	// 5.  Compute S = (r + k * s) mod order.
-	S := (&[paramB]byte{})[:]
-	calculateS(S, r[:paramB], hRAM[:paramB], s)
-
-	// 6.  The signature is the concatenation of R and S.
-	copy(signature[:paramB], R[:])
-	copy(signature[paramB:], S[:])
-}
-
-// Sign signs the message with privateKey and returns a signature.
-// This function supports the signature variant defined in RFC-8032: Ed25519,
-// also known as the pure version of EdDSA.
-// It will panic if len(privateKey) is not PrivateKeySize.
-func Sign(privateKey PrivateKey, message []byte) []byte {
-	signature := make([]byte, SignatureSize)
-	signAll(signature, privateKey, message, []byte(""), false)
-	return signature
-}
-
-// SignPh creates a signature of a message with private key and context.
-// This function supports the signature variant defined in RFC-8032: Ed25519ph,
-// meaning it internally hashes the message using SHA-512, and optionally
-// accepts a context string.
-// It will panic if len(privateKey) is not PrivateKeySize.
-// Context could be passed to this function, which length should be no more than
-// ContextMaxSize=255. It can be empty.
-func SignPh(privateKey PrivateKey, message []byte, ctx string) []byte {
-	if len(ctx) > ContextMaxSize {
-		panic(fmt.Errorf("ed25519: bad context length: %v", len(ctx)))
-	}
-
-	signature := make([]byte, SignatureSize)
-	signAll(signature, privateKey, message, []byte(ctx), true)
-	return signature
-}
-
-// SignWithCtx creates a signature of a message with private key and context.
-// This function supports the signature variant defined in RFC-8032: Ed25519ctx,
-// meaning it accepts a non-empty context string.
-// It will panic if len(privateKey) is not PrivateKeySize.
-// Context must be passed to this function, which length should be no more than
-// ContextMaxSize=255 and cannot be empty.
-func SignWithCtx(privateKey PrivateKey, message []byte, ctx string) []byte {
-	if len(ctx) == 0 || len(ctx) > ContextMaxSize {
-		panic(fmt.Errorf("ed25519: bad context length: %v > %v", len(ctx), ContextMaxSize))
-	}
-
-	signature := make([]byte, SignatureSize)
-	signAll(signature, privateKey, message, []byte(ctx), false)
-	return signature
-}
-
-func verify(public PublicKey, message, signature, ctx []byte, preHash bool) bool {
-	if len(public) != PublicKeySize ||
-		len(signature) != SignatureSize ||
-		!isLessThanOrder(signature[paramB:]) {
-		return false
-	}
-
-	var P pointR1
-	if ok := P.FromBytes(public); !ok {
-		return false
-	}
-
-	H := sha512.New()
-	var PHM []byte
-
-	if preHash {
-		_, _ = H.Write(message)
-		PHM = H.Sum(nil)
-		H.Reset()
-	} else {
-		PHM = message
-	}
-
-	R := signature[:paramB]
-
-	writeDom(H, ctx, preHash)
-
-	_, _ = H.Write(R)
-	_, _ = H.Write(public)
-	_, _ = H.Write(PHM)
-	hRAM := H.Sum(nil)
-	reduceModOrder(hRAM[:], true)
-
-	var Q pointR1
-	encR := (&[paramB]byte{})[:]
-	P.neg()
-	Q.doubleMult(&P, signature[paramB:], hRAM[:paramB])
-	_ = Q.ToBytes(encR)
-	return bytes.Equal(R, encR)
-}
-
-// VerifyAny returns true if the signature is valid. Failure cases are invalid
-// signature, or when the public key cannot be decoded.
-// This function supports all the three signature variants defined in RFC-8032,
-// namely Ed25519 (or pure EdDSA), Ed25519Ph, and Ed25519Ctx.
-// The opts.HashFunc() must return zero to specify either Ed25519 or Ed25519Ctx
-// variant. This can be achieved by passing crypto.Hash(0) as the value for opts.
-// The opts.HashFunc() must return SHA512 to specify the Ed25519Ph variant.
-// This can be achieved by passing crypto.SHA512 as the value for opts.
-// Use a SignerOptions struct to pass a context string for signing.
-func VerifyAny(public PublicKey, message, signature []byte, opts crypto.SignerOpts) bool {
-	var ctx string
-	var scheme SchemeID
-	if o, ok := opts.(SignerOptions); ok {
-		ctx = o.Context
-		scheme = o.Scheme
-	}
-
-	switch true {
-	case scheme == ED25519 && opts.HashFunc() == crypto.Hash(0):
-		return Verify(public, message, signature)
-	case scheme == ED25519Ph && opts.HashFunc() == crypto.SHA512:
-		return VerifyPh(public, message, signature, ctx)
-	case scheme == ED25519Ctx && opts.HashFunc() == crypto.Hash(0) && len(ctx) > 0:
-		return VerifyWithCtx(public, message, signature, ctx)
-	default:
-		return false
-	}
-}
-
-// Verify returns true if the signature is valid. Failure cases are invalid
-// signature, or when the public key cannot be decoded.
-// This function supports the signature variant defined in RFC-8032: Ed25519,
-// also known as the pure version of EdDSA.
-func Verify(public PublicKey, message, signature []byte) bool {
-	return verify(public, message, signature, []byte(""), false)
-}
-
-// VerifyPh returns true if the signature is valid. Failure cases are invalid
-// signature, or when the public key cannot be decoded.
-// This function supports the signature variant defined in RFC-8032: Ed25519ph,
-// meaning it internally hashes the message using SHA-512.
-// Context could be passed to this function, which length should be no more than
-// 255. It can be empty.
-func VerifyPh(public PublicKey, message, signature []byte, ctx string) bool {
-	return verify(public, message, signature, []byte(ctx), true)
-}
-
-// VerifyWithCtx returns true if the signature is valid. Failure cases are invalid
-// signature, or when the public key cannot be decoded, or when context is
-// not provided.
-// This function supports the signature variant defined in RFC-8032: Ed25519ctx,
-// meaning it does not handle prehashed messages. Non-empty context string must be
-// provided, and must not be more than 255 of length.
-func VerifyWithCtx(public PublicKey, message, signature []byte, ctx string) bool {
-	if len(ctx) == 0 || len(ctx) > ContextMaxSize {
-		return false
-	}
-
-	return verify(public, message, signature, []byte(ctx), false)
-}
-
-func clamp(k []byte) {
-	k[0] &= 248
-	k[paramB-1] = (k[paramB-1] & 127) | 64
-}
-
-// isLessThanOrder returns true if 0 <= x < order.
-func isLessThanOrder(x []byte) bool {
-	i := len(order) - 1
-	for i > 0 && x[i] == order[i] {
-		i--
-	}
-	return x[i] < order[i]
-}
-
-func writeDom(h io.Writer, ctx []byte, preHash bool) {
-	dom2 := "SigEd25519 no Ed25519 collisions"
-
-	if len(ctx) > 0 {
-		_, _ = h.Write([]byte(dom2))
-		if preHash {
-			_, _ = h.Write([]byte{byte(0x01), byte(len(ctx))})
-		} else {
-			_, _ = h.Write([]byte{byte(0x00), byte(len(ctx))})
-		}
-		_, _ = h.Write(ctx)
-	} else if preHash {
-		_, _ = h.Write([]byte(dom2))
-		_, _ = h.Write([]byte{0x01, 0x00})
-	}
-}
diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/modular.go b/vendor/github.com/cloudflare/circl/sign/ed25519/modular.go
deleted file mode 100644
index 10efafdcaf..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/ed25519/modular.go
+++ /dev/null
@@ -1,175 +0,0 @@
-package ed25519
-
-import (
-	"encoding/binary"
-	"math/bits"
-)
-
-var order = [paramB]byte{
-	0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
-	0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
-	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10,
-}
-
-// isLessThan returns true if 0 <= x < y, and assumes that slices have the same length.
-func isLessThan(x, y []byte) bool {
-	i := len(x) - 1
-	for i > 0 && x[i] == y[i] {
-		i--
-	}
-	return x[i] < y[i]
-}
-
-// reduceModOrder calculates k = k mod order of the curve.
-func reduceModOrder(k []byte, is512Bit bool) {
-	var X [((2 * paramB) * 8) / 64]uint64
-	numWords := len(k) >> 3
-	for i := 0; i < numWords; i++ {
-		X[i] = binary.LittleEndian.Uint64(k[i*8 : (i+1)*8])
-	}
-	red512(&X, is512Bit)
-	for i := 0; i < numWords; i++ {
-		binary.LittleEndian.PutUint64(k[i*8:(i+1)*8], X[i])
-	}
-}
-
-// red512 calculates x = x mod Order of the curve.
-func red512(x *[8]uint64, full bool) {
-	// Implementation of Algs.(14.47)+(14.52) of Handbook of Applied
-	// Cryptography, by A. Menezes, P. van Oorschot, and S. Vanstone.
-	const (
-		ell0   = uint64(0x5812631a5cf5d3ed)
-		ell1   = uint64(0x14def9dea2f79cd6)
-		ell160 = uint64(0x812631a5cf5d3ed0)
-		ell161 = uint64(0x4def9dea2f79cd65)
-		ell162 = uint64(0x0000000000000001)
-	)
-
-	var c0, c1, c2, c3 uint64
-	r0, r1, r2, r3, r4 := x[0], x[1], x[2], x[3], uint64(0)
-
-	if full {
-		q0, q1, q2, q3 := x[4], x[5], x[6], x[7]
-
-		for i := 0; i < 3; i++ {
-			h0, s0 := bits.Mul64(q0, ell160)
-			h1, s1 := bits.Mul64(q1, ell160)
-			h2, s2 := bits.Mul64(q2, ell160)
-			h3, s3 := bits.Mul64(q3, ell160)
-
-			s1, c0 = bits.Add64(h0, s1, 0)
-			s2, c1 = bits.Add64(h1, s2, c0)
-			s3, c2 = bits.Add64(h2, s3, c1)
-			s4, _ := bits.Add64(h3, 0, c2)
-
-			h0, l0 := bits.Mul64(q0, ell161)
-			h1, l1 := bits.Mul64(q1, ell161)
-			h2, l2 := bits.Mul64(q2, ell161)
-			h3, l3 := bits.Mul64(q3, ell161)
-
-			l1, c0 = bits.Add64(h0, l1, 0)
-			l2, c1 = bits.Add64(h1, l2, c0)
-			l3, c2 = bits.Add64(h2, l3, c1)
-			l4, _ := bits.Add64(h3, 0, c2)
-
-			s1, c0 = bits.Add64(s1, l0, 0)
-			s2, c1 = bits.Add64(s2, l1, c0)
-			s3, c2 = bits.Add64(s3, l2, c1)
-			s4, c3 = bits.Add64(s4, l3, c2)
-			s5, s6 := bits.Add64(l4, 0, c3)
-
-			s2, c0 = bits.Add64(s2, q0, 0)
-			s3, c1 = bits.Add64(s3, q1, c0)
-			s4, c2 = bits.Add64(s4, q2, c1)
-			s5, c3 = bits.Add64(s5, q3, c2)
-			s6, s7 := bits.Add64(s6, 0, c3)
-
-			q := q0 | q1 | q2 | q3
-			m := -((q | -q) >> 63) // if q=0 then m=0...0 else m=1..1
-			s0 &= m
-			s1 &= m
-			s2 &= m
-			s3 &= m
-			q0, q1, q2, q3 = s4, s5, s6, s7
-
-			if (i+1)%2 == 0 {
-				r0, c0 = bits.Add64(r0, s0, 0)
-				r1, c1 = bits.Add64(r1, s1, c0)
-				r2, c2 = bits.Add64(r2, s2, c1)
-				r3, c3 = bits.Add64(r3, s3, c2)
-				r4, _ = bits.Add64(r4, 0, c3)
-			} else {
-				r0, c0 = bits.Sub64(r0, s0, 0)
-				r1, c1 = bits.Sub64(r1, s1, c0)
-				r2, c2 = bits.Sub64(r2, s2, c1)
-				r3, c3 = bits.Sub64(r3, s3, c2)
-				r4, _ = bits.Sub64(r4, 0, c3)
-			}
-		}
-
-		m := -(r4 >> 63)
-		r0, c0 = bits.Add64(r0, m&ell160, 0)
-		r1, c1 = bits.Add64(r1, m&ell161, c0)
-		r2, c2 = bits.Add64(r2, m&ell162, c1)
-		r3, c3 = bits.Add64(r3, 0, c2)
-		r4, _ = bits.Add64(r4, m&1, c3)
-		x[4], x[5], x[6], x[7] = 0, 0, 0, 0
-	}
-
-	q0 := (r4 << 4) | (r3 >> 60)
-	r3 &= (uint64(1) << 60) - 1
-
-	h0, s0 := bits.Mul64(ell0, q0)
-	h1, s1 := bits.Mul64(ell1, q0)
-	s1, c0 = bits.Add64(h0, s1, 0)
-	s2, _ := bits.Add64(h1, 0, c0)
-
-	r0, c0 = bits.Sub64(r0, s0, 0)
-	r1, c1 = bits.Sub64(r1, s1, c0)
-	r2, c2 = bits.Sub64(r2, s2, c1)
-	r3, _ = bits.Sub64(r3, 0, c2)
-
-	x[0], x[1], x[2], x[3] = r0, r1, r2, r3
-}
-
-// calculateS performs s = r+k*a mod Order of the curve.
-func calculateS(s, r, k, a []byte) {
-	K := [4]uint64{
-		binary.LittleEndian.Uint64(k[0*8 : 1*8]),
-		binary.LittleEndian.Uint64(k[1*8 : 2*8]),
-		binary.LittleEndian.Uint64(k[2*8 : 3*8]),
-		binary.LittleEndian.Uint64(k[3*8 : 4*8]),
-	}
-	S := [8]uint64{
-		binary.LittleEndian.Uint64(r[0*8 : 1*8]),
-		binary.LittleEndian.Uint64(r[1*8 : 2*8]),
-		binary.LittleEndian.Uint64(r[2*8 : 3*8]),
-		binary.LittleEndian.Uint64(r[3*8 : 4*8]),
-	}
-	var c3 uint64
-	for i := range K {
-		ai := binary.LittleEndian.Uint64(a[i*8 : (i+1)*8])
-
-		h0, l0 := bits.Mul64(K[0], ai)
-		h1, l1 := bits.Mul64(K[1], ai)
-		h2, l2 := bits.Mul64(K[2], ai)
-		h3, l3 := bits.Mul64(K[3], ai)
-
-		l1, c0 := bits.Add64(h0, l1, 0)
-		l2, c1 := bits.Add64(h1, l2, c0)
-		l3, c2 := bits.Add64(h2, l3, c1)
-		l4, _ := bits.Add64(h3, 0, c2)
-
-		S[i+0], c0 = bits.Add64(S[i+0], l0, 0)
-		S[i+1], c1 = bits.Add64(S[i+1], l1, c0)
-		S[i+2], c2 = bits.Add64(S[i+2], l2, c1)
-		S[i+3], c3 = bits.Add64(S[i+3], l3, c2)
-		S[i+4], _ = bits.Add64(S[i+4], l4, c3)
-	}
-	red512(&S, true)
-	binary.LittleEndian.PutUint64(s[0*8:1*8], S[0])
-	binary.LittleEndian.PutUint64(s[1*8:2*8], S[1])
-	binary.LittleEndian.PutUint64(s[2*8:3*8], S[2])
-	binary.LittleEndian.PutUint64(s[3*8:4*8], S[3])
-}
diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/mult.go b/vendor/github.com/cloudflare/circl/sign/ed25519/mult.go
deleted file mode 100644
index 3216aae303..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/ed25519/mult.go
+++ /dev/null
@@ -1,180 +0,0 @@
-package ed25519
-
-import (
-	"crypto/subtle"
-	"encoding/binary"
-	"math/bits"
-
-	"github.com/cloudflare/circl/internal/conv"
-	"github.com/cloudflare/circl/math"
-	fp "github.com/cloudflare/circl/math/fp25519"
-)
-
-var paramD = fp.Elt{
-	0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75,
-	0xab, 0xd8, 0x41, 0x41, 0x4d, 0x0a, 0x70, 0x00,
-	0x98, 0xe8, 0x79, 0x77, 0x79, 0x40, 0xc7, 0x8c,
-	0x73, 0xfe, 0x6f, 0x2b, 0xee, 0x6c, 0x03, 0x52,
-}
-
-// mLSBRecoding parameters.
-const (
-	fxT        = 257
-	fxV        = 2
-	fxW        = 3
-	fx2w1      = 1 << (uint(fxW) - 1)
-	numWords64 = (paramB * 8 / 64)
-)
-
-// mLSBRecoding is the odd-only modified LSB-set.
-//
-// Reference:
-//
-//	"Efficient and secure algorithms for GLV-based scalar multiplication and
-//	 their implementation on GLV–GLS curves" by (Faz-Hernandez et al.)
-//	 http://doi.org/10.1007/s13389-014-0085-7.
-func mLSBRecoding(L []int8, k []byte) {
-	const ee = (fxT + fxW*fxV - 1) / (fxW * fxV)
-	const dd = ee * fxV
-	const ll = dd * fxW
-	if len(L) == (ll + 1) {
-		var m [numWords64 + 1]uint64
-		for i := 0; i < numWords64; i++ {
-			m[i] = binary.LittleEndian.Uint64(k[8*i : 8*i+8])
-		}
-		condAddOrderN(&m)
-		L[dd-1] = 1
-		for i := 0; i < dd-1; i++ {
-			kip1 := (m[(i+1)/64] >> (uint(i+1) % 64)) & 0x1
-			L[i] = int8(kip1<<1) - 1
-		}
-		{ // right-shift by d
-			right := uint(dd % 64)
-			left := uint(64) - right
-			lim := ((numWords64+1)*64 - dd) / 64
-			j := dd / 64
-			for i := 0; i < lim; i++ {
-				m[i] = (m[i+j] >> right) | (m[i+j+1] << left)
-			}
-			m[lim] = m[lim+j] >> right
-		}
-		for i := dd; i < ll; i++ {
-			L[i] = L[i%dd] * int8(m[0]&0x1)
-			div2subY(m[:], int64(L[i]>>1), numWords64)
-		}
-		L[ll] = int8(m[0])
-	}
-}
-
-// absolute returns always a positive value.
-func absolute(x int32) int32 {
-	mask := x >> 31
-	return (x + mask) ^ mask
-}
-
-// condAddOrderN updates x = x+order if x is even, otherwise x remains unchanged.
-func condAddOrderN(x *[numWords64 + 1]uint64) {
-	isOdd := (x[0] & 0x1) - 1
-	c := uint64(0)
-	for i := 0; i < numWords64; i++ {
-		orderWord := binary.LittleEndian.Uint64(order[8*i : 8*i+8])
-		o := isOdd & orderWord
-		x0, c0 := bits.Add64(x[i], o, c)
-		x[i] = x0
-		c = c0
-	}
-	x[numWords64], _ = bits.Add64(x[numWords64], 0, c)
-}
-
-// div2subY update x = (x/2) - y.
-func div2subY(x []uint64, y int64, l int) {
-	s := uint64(y >> 63)
-	for i := 0; i < l-1; i++ {
-		x[i] = (x[i] >> 1) | (x[i+1] << 63)
-	}
-	x[l-1] = (x[l-1] >> 1)
-
-	b := uint64(0)
-	x0, b0 := bits.Sub64(x[0], uint64(y), b)
-	x[0] = x0
-	b = b0
-	for i := 1; i < l-1; i++ {
-		x0, b0 := bits.Sub64(x[i], s, b)
-		x[i] = x0
-		b = b0
-	}
-	x[l-1], _ = bits.Sub64(x[l-1], s, b)
-}
-
-func (P *pointR1) fixedMult(scalar []byte) {
-	if len(scalar) != paramB {
-		panic("wrong scalar size")
-	}
-	const ee = (fxT + fxW*fxV - 1) / (fxW * fxV)
-	const dd = ee * fxV
-	const ll = dd * fxW
-
-	L := make([]int8, ll+1)
-	mLSBRecoding(L[:], scalar)
-	S := &pointR3{}
-	P.SetIdentity()
-	for ii := ee - 1; ii >= 0; ii-- {
-		P.double()
-		for j := 0; j < fxV; j++ {
-			dig := L[fxW*dd-j*ee+ii-ee]
-			for i := (fxW-1)*dd - j*ee + ii - ee; i >= (2*dd - j*ee + ii - ee); i = i - dd {
-				dig = 2*dig + L[i]
-			}
-			idx := absolute(int32(dig))
-			sig := L[dd-j*ee+ii-ee]
-			Tabj := &tabSign[fxV-j-1]
-			for k := 0; k < fx2w1; k++ {
-				S.cmov(&Tabj[k], subtle.ConstantTimeEq(int32(k), idx))
-			}
-			S.cneg(subtle.ConstantTimeEq(int32(sig), -1))
-			P.mixAdd(S)
-		}
-	}
-}
-
-const (
-	omegaFix = 7
-	omegaVar = 5
-)
-
-// doubleMult returns P=mG+nQ.
-func (P *pointR1) doubleMult(Q *pointR1, m, n []byte) {
-	nafFix := math.OmegaNAF(conv.BytesLe2BigInt(m), omegaFix)
-	nafVar := math.OmegaNAF(conv.BytesLe2BigInt(n), omegaVar)
-
-	if len(nafFix) > len(nafVar) {
-		nafVar = append(nafVar, make([]int32, len(nafFix)-len(nafVar))...)
-	} else if len(nafFix) < len(nafVar) {
-		nafFix = append(nafFix, make([]int32, len(nafVar)-len(nafFix))...)
-	}
-
-	var TabQ [1 << (omegaVar - 2)]pointR2
-	Q.oddMultiples(TabQ[:])
-	P.SetIdentity()
-	for i := len(nafFix) - 1; i >= 0; i-- {
-		P.double()
-		// Generator point
-		if nafFix[i] != 0 {
-			idxM := absolute(nafFix[i]) >> 1
-			R := tabVerif[idxM]
-			if nafFix[i] < 0 {
-				R.neg()
-			}
-			P.mixAdd(&R)
-		}
-		// Variable input point
-		if nafVar[i] != 0 {
-			idxN := absolute(nafVar[i]) >> 1
-			S := TabQ[idxN]
-			if nafVar[i] < 0 {
-				S.neg()
-			}
-			P.add(&S)
-		}
-	}
-}
diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/point.go b/vendor/github.com/cloudflare/circl/sign/ed25519/point.go
deleted file mode 100644
index d1c3b146b7..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/ed25519/point.go
+++ /dev/null
@@ -1,195 +0,0 @@
-package ed25519
-
-import fp "github.com/cloudflare/circl/math/fp25519"
-
-type (
-	pointR1 struct{ x, y, z, ta, tb fp.Elt }
-	pointR2 struct {
-		pointR3
-		z2 fp.Elt
-	}
-)
-type pointR3 struct{ addYX, subYX, dt2 fp.Elt }
-
-func (P *pointR1) neg() {
-	fp.Neg(&P.x, &P.x)
-	fp.Neg(&P.ta, &P.ta)
-}
-
-func (P *pointR1) SetIdentity() {
-	P.x = fp.Elt{}
-	fp.SetOne(&P.y)
-	fp.SetOne(&P.z)
-	P.ta = fp.Elt{}
-	P.tb = fp.Elt{}
-}
-
-func (P *pointR1) toAffine() {
-	fp.Inv(&P.z, &P.z)
-	fp.Mul(&P.x, &P.x, &P.z)
-	fp.Mul(&P.y, &P.y, &P.z)
-	fp.Modp(&P.x)
-	fp.Modp(&P.y)
-	fp.SetOne(&P.z)
-	P.ta = P.x
-	P.tb = P.y
-}
-
-func (P *pointR1) ToBytes(k []byte) error {
-	P.toAffine()
-	var x [fp.Size]byte
-	err := fp.ToBytes(k[:fp.Size], &P.y)
-	if err != nil {
-		return err
-	}
-	err = fp.ToBytes(x[:], &P.x)
-	if err != nil {
-		return err
-	}
-	b := x[0] & 1
-	k[paramB-1] = k[paramB-1] | (b << 7)
-	return nil
-}
-
-func (P *pointR1) FromBytes(k []byte) bool {
-	if len(k) != paramB {
-		panic("wrong size")
-	}
-	signX := k[paramB-1] >> 7
-	copy(P.y[:], k[:fp.Size])
-	P.y[fp.Size-1] &= 0x7F
-	p := fp.P()
-	if !isLessThan(P.y[:], p[:]) {
-		return false
-	}
-
-	one, u, v := &fp.Elt{}, &fp.Elt{}, &fp.Elt{}
-	fp.SetOne(one)
-	fp.Sqr(u, &P.y)                // u = y^2
-	fp.Mul(v, u, &paramD)          // v = dy^2
-	fp.Sub(u, u, one)              // u = y^2-1
-	fp.Add(v, v, one)              // v = dy^2+1
-	isQR := fp.InvSqrt(&P.x, u, v) // x = sqrt(u/v)
-	if !isQR {
-		return false
-	}
-	fp.Modp(&P.x) // x = x mod p
-	if fp.IsZero(&P.x) && signX == 1 {
-		return false
-	}
-	if signX != (P.x[0] & 1) {
-		fp.Neg(&P.x, &P.x)
-	}
-	P.ta = P.x
-	P.tb = P.y
-	fp.SetOne(&P.z)
-	return true
-}
-
-// double calculates 2P for curves with A=-1.
-func (P *pointR1) double() {
-	Px, Py, Pz, Pta, Ptb := &P.x, &P.y, &P.z, &P.ta, &P.tb
-	a, b, c, e, f, g, h := Px, Py, Pz, Pta, Px, Py, Ptb
-	fp.Add(e, Px, Py) // x+y
-	fp.Sqr(a, Px)     // A = x^2
-	fp.Sqr(b, Py)     // B = y^2
-	fp.Sqr(c, Pz)     // z^2
-	fp.Add(c, c, c)   // C = 2*z^2
-	fp.Add(h, a, b)   // H = A+B
-	fp.Sqr(e, e)      // (x+y)^2
-	fp.Sub(e, e, h)   // E = (x+y)^2-A-B
-	fp.Sub(g, b, a)   // G = B-A
-	fp.Sub(f, c, g)   // F = C-G
-	fp.Mul(Pz, f, g)  // Z = F * G
-	fp.Mul(Px, e, f)  // X = E * F
-	fp.Mul(Py, g, h)  // Y = G * H, T = E * H
-}
-
-func (P *pointR1) mixAdd(Q *pointR3) {
-	fp.Add(&P.z, &P.z, &P.z) // D = 2*z1
-	P.coreAddition(Q)
-}
-
-func (P *pointR1) add(Q *pointR2) {
-	fp.Mul(&P.z, &P.z, &Q.z2) // D = 2*z1*z2
-	P.coreAddition(&Q.pointR3)
-}
-
-// coreAddition calculates P=P+Q for curves with A=-1.
-func (P *pointR1) coreAddition(Q *pointR3) {
-	Px, Py, Pz, Pta, Ptb := &P.x, &P.y, &P.z, &P.ta, &P.tb
-	addYX2, subYX2, dt2 := &Q.addYX, &Q.subYX, &Q.dt2
-	a, b, c, d, e, f, g, h := Px, Py, &fp.Elt{}, Pz, Pta, Px, Py, Ptb
-	fp.Mul(c, Pta, Ptb)  // t1 = ta*tb
-	fp.Sub(h, Py, Px)    // y1-x1
-	fp.Add(b, Py, Px)    // y1+x1
-	fp.Mul(a, h, subYX2) // A = (y1-x1)*(y2-x2)
-	fp.Mul(b, b, addYX2) // B = (y1+x1)*(y2+x2)
-	fp.Mul(c, c, dt2)    // C = 2*D*t1*t2
-	fp.Sub(e, b, a)      // E = B-A
-	fp.Add(h, b, a)      // H = B+A
-	fp.Sub(f, d, c)      // F = D-C
-	fp.Add(g, d, c)      // G = D+C
-	fp.Mul(Pz, f, g)     // Z = F * G
-	fp.Mul(Px, e, f)     // X = E * F
-	fp.Mul(Py, g, h)     // Y = G * H, T = E * H
-}
-
-func (P *pointR1) oddMultiples(T []pointR2) {
-	var R pointR2
-	n := len(T)
-	T[0].fromR1(P)
-	_2P := *P
-	_2P.double()
-	R.fromR1(&_2P)
-	for i := 1; i < n; i++ {
-		P.add(&R)
-		T[i].fromR1(P)
-	}
-}
-
-func (P *pointR1) isEqual(Q *pointR1) bool {
-	l, r := &fp.Elt{}, &fp.Elt{}
-	fp.Mul(l, &P.x, &Q.z)
-	fp.Mul(r, &Q.x, &P.z)
-	fp.Sub(l, l, r)
-	b := fp.IsZero(l)
-	fp.Mul(l, &P.y, &Q.z)
-	fp.Mul(r, &Q.y, &P.z)
-	fp.Sub(l, l, r)
-	b = b && fp.IsZero(l)
-	fp.Mul(l, &P.ta, &P.tb)
-	fp.Mul(l, l, &Q.z)
-	fp.Mul(r, &Q.ta, &Q.tb)
-	fp.Mul(r, r, &P.z)
-	fp.Sub(l, l, r)
-	b = b && fp.IsZero(l)
-	return b && !fp.IsZero(&P.z) && !fp.IsZero(&Q.z)
-}
-
-func (P *pointR3) neg() {
-	P.addYX, P.subYX = P.subYX, P.addYX
-	fp.Neg(&P.dt2, &P.dt2)
-}
-
-func (P *pointR2) fromR1(Q *pointR1) {
-	fp.Add(&P.addYX, &Q.y, &Q.x)
-	fp.Sub(&P.subYX, &Q.y, &Q.x)
-	fp.Mul(&P.dt2, &Q.ta, &Q.tb)
-	fp.Mul(&P.dt2, &P.dt2, &paramD)
-	fp.Add(&P.dt2, &P.dt2, &P.dt2)
-	fp.Add(&P.z2, &Q.z, &Q.z)
-}
-
-func (P *pointR3) cneg(b int) {
-	t := &fp.Elt{}
-	fp.Cswap(&P.addYX, &P.subYX, uint(b))
-	fp.Neg(t, &P.dt2)
-	fp.Cmov(&P.dt2, t, uint(b))
-}
-
-func (P *pointR3) cmov(Q *pointR3, b int) {
-	fp.Cmov(&P.addYX, &Q.addYX, uint(b))
-	fp.Cmov(&P.subYX, &Q.subYX, uint(b))
-	fp.Cmov(&P.dt2, &Q.dt2, uint(b))
-}
diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/pubkey.go b/vendor/github.com/cloudflare/circl/sign/ed25519/pubkey.go
deleted file mode 100644
index c3505b67ac..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/ed25519/pubkey.go
+++ /dev/null
@@ -1,9 +0,0 @@
-//go:build go1.13
-// +build go1.13
-
-package ed25519
-
-import cryptoEd25519 "crypto/ed25519"
-
-// PublicKey is the type of Ed25519 public keys.
-type PublicKey cryptoEd25519.PublicKey
diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/pubkey112.go b/vendor/github.com/cloudflare/circl/sign/ed25519/pubkey112.go
deleted file mode 100644
index d57d86eff0..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/ed25519/pubkey112.go
+++ /dev/null
@@ -1,7 +0,0 @@
-//go:build !go1.13
-// +build !go1.13
-
-package ed25519
-
-// PublicKey is the type of Ed25519 public keys.
-type PublicKey []byte
diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/signapi.go b/vendor/github.com/cloudflare/circl/sign/ed25519/signapi.go
deleted file mode 100644
index e4520f5203..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/ed25519/signapi.go
+++ /dev/null
@@ -1,87 +0,0 @@
-package ed25519
-
-import (
-	"crypto/rand"
-	"encoding/asn1"
-
-	"github.com/cloudflare/circl/sign"
-)
-
-var sch sign.Scheme = &scheme{}
-
-// Scheme returns a signature interface.
-func Scheme() sign.Scheme { return sch }
-
-type scheme struct{}
-
-func (*scheme) Name() string          { return "Ed25519" }
-func (*scheme) PublicKeySize() int    { return PublicKeySize }
-func (*scheme) PrivateKeySize() int   { return PrivateKeySize }
-func (*scheme) SignatureSize() int    { return SignatureSize }
-func (*scheme) SeedSize() int         { return SeedSize }
-func (*scheme) TLSIdentifier() uint   { return 0x0807 }
-func (*scheme) SupportsContext() bool { return false }
-func (*scheme) Oid() asn1.ObjectIdentifier {
-	return asn1.ObjectIdentifier{1, 3, 101, 112}
-}
-
-func (*scheme) GenerateKey() (sign.PublicKey, sign.PrivateKey, error) {
-	return GenerateKey(rand.Reader)
-}
-
-func (*scheme) Sign(
-	sk sign.PrivateKey,
-	message []byte,
-	opts *sign.SignatureOpts,
-) []byte {
-	priv, ok := sk.(PrivateKey)
-	if !ok {
-		panic(sign.ErrTypeMismatch)
-	}
-	if opts != nil && opts.Context != "" {
-		panic(sign.ErrContextNotSupported)
-	}
-	return Sign(priv, message)
-}
-
-func (*scheme) Verify(
-	pk sign.PublicKey,
-	message, signature []byte,
-	opts *sign.SignatureOpts,
-) bool {
-	pub, ok := pk.(PublicKey)
-	if !ok {
-		panic(sign.ErrTypeMismatch)
-	}
-	if opts != nil {
-		if opts.Context != "" {
-			panic(sign.ErrContextNotSupported)
-		}
-	}
-	return Verify(pub, message, signature)
-}
-
-func (*scheme) DeriveKey(seed []byte) (sign.PublicKey, sign.PrivateKey) {
-	privateKey := NewKeyFromSeed(seed)
-	publicKey := make(PublicKey, PublicKeySize)
-	copy(publicKey, privateKey[SeedSize:])
-	return publicKey, privateKey
-}
-
-func (*scheme) UnmarshalBinaryPublicKey(buf []byte) (sign.PublicKey, error) {
-	if len(buf) < PublicKeySize {
-		return nil, sign.ErrPubKeySize
-	}
-	pub := make(PublicKey, PublicKeySize)
-	copy(pub, buf[:PublicKeySize])
-	return pub, nil
-}
-
-func (*scheme) UnmarshalBinaryPrivateKey(buf []byte) (sign.PrivateKey, error) {
-	if len(buf) < PrivateKeySize {
-		return nil, sign.ErrPrivKeySize
-	}
-	priv := make(PrivateKey, PrivateKeySize)
-	copy(priv, buf[:PrivateKeySize])
-	return priv, nil
-}
diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/tables.go b/vendor/github.com/cloudflare/circl/sign/ed25519/tables.go
deleted file mode 100644
index 8763b426fc..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/ed25519/tables.go
+++ /dev/null
@@ -1,213 +0,0 @@
-package ed25519
-
-import fp "github.com/cloudflare/circl/math/fp25519"
-
-var tabSign = [fxV][fx2w1]pointR3{
-	{
-		pointR3{
-			addYX: fp.Elt{0x85, 0x3b, 0x8c, 0xf5, 0xc6, 0x93, 0xbc, 0x2f, 0x19, 0x0e, 0x8c, 0xfb, 0xc6, 0x2d, 0x93, 0xcf, 0xc2, 0x42, 0x3d, 0x64, 0x98, 0x48, 0x0b, 0x27, 0x65, 0xba, 0xd4, 0x33, 0x3a, 0x9d, 0xcf, 0x07},
-			subYX: fp.Elt{0x3e, 0x91, 0x40, 0xd7, 0x05, 0x39, 0x10, 0x9d, 0xb3, 0xbe, 0x40, 0xd1, 0x05, 0x9f, 0x39, 0xfd, 0x09, 0x8a, 0x8f, 0x68, 0x34, 0x84, 0xc1, 0xa5, 0x67, 0x12, 0xf8, 0x98, 0x92, 0x2f, 0xfd, 0x44},
-			dt2:   fp.Elt{0x68, 0xaa, 0x7a, 0x87, 0x05, 0x12, 0xc9, 0xab, 0x9e, 0xc4, 0xaa, 0xcc, 0x23, 0xe8, 0xd9, 0x26, 0x8c, 0x59, 0x43, 0xdd, 0xcb, 0x7d, 0x1b, 0x5a, 0xa8, 0x65, 0x0c, 0x9f, 0x68, 0x7b, 0x11, 0x6f},
-		},
-		{
-			addYX: fp.Elt{0x7c, 0xb0, 0x9e, 0xe6, 0xc5, 0xbf, 0xfa, 0x13, 0x8e, 0x0d, 0x22, 0xde, 0xc8, 0xd1, 0xce, 0x52, 0x02, 0xd5, 0x62, 0x31, 0x71, 0x0e, 0x8e, 0x9d, 0xb0, 0xd6, 0x00, 0xa5, 0x5a, 0x0e, 0xce, 0x72},
-			subYX: fp.Elt{0x1a, 0x8e, 0x5c, 0xdc, 0xa4, 0xb3, 0x6c, 0x51, 0x18, 0xa0, 0x09, 0x80, 0x9a, 0x46, 0x33, 0xd5, 0xe0, 0x3c, 0x4d, 0x3b, 0xfc, 0x49, 0xa2, 0x43, 0x29, 0xe1, 0x29, 0xa9, 0x93, 0xea, 0x7c, 0x35},
-			dt2:   fp.Elt{0x08, 0x46, 0x6f, 0x68, 0x7f, 0x0b, 0x7c, 0x9e, 0xad, 0xba, 0x07, 0x61, 0x74, 0x83, 0x2f, 0xfc, 0x26, 0xd6, 0x09, 0xb9, 0x00, 0x34, 0x36, 0x4f, 0x01, 0xf3, 0x48, 0xdb, 0x43, 0xba, 0x04, 0x44},
-		},
-		{
-			addYX: fp.Elt{0x4c, 0xda, 0x0d, 0x13, 0x66, 0xfd, 0x82, 0x84, 0x9f, 0x75, 0x5b, 0xa2, 0x17, 0xfe, 0x34, 0xbf, 0x1f, 0xcb, 0xba, 0x90, 0x55, 0x80, 0x83, 0xfd, 0x63, 0xb9, 0x18, 0xf8, 0x5b, 0x5d, 0x94, 0x1e},
-			subYX: fp.Elt{0xb9, 0xdb, 0x6c, 0x04, 0x88, 0x22, 0xd8, 0x79, 0x83, 0x2f, 0x8d, 0x65, 0x6b, 0xd2, 0xab, 0x1b, 0xdd, 0x65, 0xe5, 0x93, 0x63, 0xf8, 0xa2, 0xd8, 0x3c, 0xf1, 0x4b, 0xc5, 0x99, 0xd1, 0xf2, 0x12},
-			dt2:   fp.Elt{0x05, 0x4c, 0xb8, 0x3b, 0xfe, 0xf5, 0x9f, 0x2e, 0xd1, 0xb2, 0xb8, 0xff, 0xfe, 0x6d, 0xd9, 0x37, 0xe0, 0xae, 0xb4, 0x5a, 0x51, 0x80, 0x7e, 0x9b, 0x1d, 0xd1, 0x8d, 0x8c, 0x56, 0xb1, 0x84, 0x35},
-		},
-		{
-			addYX: fp.Elt{0x39, 0x71, 0x43, 0x34, 0xe3, 0x42, 0x45, 0xa1, 0xf2, 0x68, 0x71, 0xa7, 0xe8, 0x23, 0xfd, 0x9f, 0x86, 0x48, 0xff, 0xe5, 0x96, 0x74, 0xcf, 0x05, 0x49, 0xe2, 0xb3, 0x6c, 0x17, 0x77, 0x2f, 0x6d},
-			subYX: fp.Elt{0x73, 0x3f, 0xc1, 0xc7, 0x6a, 0x66, 0xa1, 0x20, 0xdd, 0x11, 0xfb, 0x7a, 0x6e, 0xa8, 0x51, 0xb8, 0x3f, 0x9d, 0xa2, 0x97, 0x84, 0xb5, 0xc7, 0x90, 0x7c, 0xab, 0x48, 0xd6, 0x84, 0xa3, 0xd5, 0x1a},
-			dt2:   fp.Elt{0x63, 0x27, 0x3c, 0x49, 0x4b, 0xfc, 0x22, 0xf2, 0x0b, 0x50, 0xc2, 0x0f, 0xb4, 0x1f, 0x31, 0x0c, 0x2f, 0x53, 0xab, 0xaa, 0x75, 0x6f, 0xe0, 0x69, 0x39, 0x56, 0xe0, 0x3b, 0xb7, 0xa8, 0xbf, 0x45},
-		},
-	},
-	{
-		{
-			addYX: fp.Elt{0x00, 0x45, 0xd9, 0x0d, 0x58, 0x03, 0xfc, 0x29, 0x93, 0xec, 0xbb, 0x6f, 0xa4, 0x7a, 0xd2, 0xec, 0xf8, 0xa7, 0xe2, 0xc2, 0x5f, 0x15, 0x0a, 0x13, 0xd5, 0xa1, 0x06, 0xb7, 0x1a, 0x15, 0x6b, 0x41},
-			subYX: fp.Elt{0x85, 0x8c, 0xb2, 0x17, 0xd6, 0x3b, 0x0a, 0xd3, 0xea, 0x3b, 0x77, 0x39, 0xb7, 0x77, 0xd3, 0xc5, 0xbf, 0x5c, 0x6a, 0x1e, 0x8c, 0xe7, 0xc6, 0xc6, 0xc4, 0xb7, 0x2a, 0x8b, 0xf7, 0xb8, 0x61, 0x0d},
-			dt2:   fp.Elt{0xb0, 0x36, 0xc1, 0xe9, 0xef, 0xd7, 0xa8, 0x56, 0x20, 0x4b, 0xe4, 0x58, 0xcd, 0xe5, 0x07, 0xbd, 0xab, 0xe0, 0x57, 0x1b, 0xda, 0x2f, 0xe6, 0xaf, 0xd2, 0xe8, 0x77, 0x42, 0xf7, 0x2a, 0x1a, 0x19},
-		},
-		{
-			addYX: fp.Elt{0x6a, 0x6d, 0x6d, 0xd1, 0xfa, 0xf5, 0x03, 0x30, 0xbd, 0x6d, 0xc2, 0xc8, 0xf5, 0x38, 0x80, 0x4f, 0xb2, 0xbe, 0xa1, 0x76, 0x50, 0x1a, 0x73, 0xf2, 0x78, 0x2b, 0x8e, 0x3a, 0x1e, 0x34, 0x47, 0x7b},
-			subYX: fp.Elt{0xc3, 0x2c, 0x36, 0xdc, 0xc5, 0x45, 0xbc, 0xef, 0x1b, 0x64, 0xd6, 0x65, 0x28, 0xe9, 0xda, 0x84, 0x13, 0xbe, 0x27, 0x8e, 0x3f, 0x98, 0x2a, 0x37, 0xee, 0x78, 0x97, 0xd6, 0xc0, 0x6f, 0xb4, 0x53},
-			dt2:   fp.Elt{0x58, 0x5d, 0xa7, 0xa3, 0x68, 0xbb, 0x20, 0x30, 0x2e, 0x03, 0xe9, 0xb1, 0xd4, 0x90, 0x72, 0xe3, 0x71, 0xb2, 0x36, 0x3e, 0x73, 0xa0, 0x2e, 0x3d, 0xd1, 0x85, 0x33, 0x62, 0x4e, 0xa7, 0x7b, 0x31},
-		},
-		{
-			addYX: fp.Elt{0xbf, 0xc4, 0x38, 0x53, 0xfb, 0x68, 0xa9, 0x77, 0xce, 0x55, 0xf9, 0x05, 0xcb, 0xeb, 0xfb, 0x8c, 0x46, 0xc2, 0x32, 0x7c, 0xf0, 0xdb, 0xd7, 0x2c, 0x62, 0x8e, 0xdd, 0x54, 0x75, 0xcf, 0x3f, 0x33},
-			subYX: fp.Elt{0x49, 0x50, 0x1f, 0x4e, 0x6e, 0x55, 0x55, 0xde, 0x8c, 0x4e, 0x77, 0x96, 0x38, 0x3b, 0xfe, 0xb6, 0x43, 0x3c, 0x86, 0x69, 0xc2, 0x72, 0x66, 0x1f, 0x6b, 0xf9, 0x87, 0xbc, 0x4f, 0x37, 0x3e, 0x3c},
-			dt2:   fp.Elt{0xd2, 0x2f, 0x06, 0x6b, 0x08, 0x07, 0x69, 0x77, 0xc0, 0x94, 0xcc, 0xae, 0x43, 0x00, 0x59, 0x6e, 0xa3, 0x63, 0xa8, 0xdd, 0xfa, 0x24, 0x18, 0xd0, 0x35, 0xc7, 0x78, 0xf7, 0x0d, 0xd4, 0x5a, 0x1e},
-		},
-		{
-			addYX: fp.Elt{0x45, 0xc1, 0x17, 0x51, 0xf8, 0xed, 0x7e, 0xc7, 0xa9, 0x1a, 0x11, 0x6e, 0x2d, 0xef, 0x0b, 0xd5, 0x3f, 0x98, 0xb0, 0xa3, 0x9d, 0x65, 0xf1, 0xcd, 0x53, 0x4a, 0x8a, 0x18, 0x70, 0x0a, 0x7f, 0x23},
-			subYX: fp.Elt{0xdd, 0xef, 0xbe, 0x3a, 0x31, 0xe0, 0xbc, 0xbe, 0x6d, 0x5d, 0x79, 0x87, 0xd6, 0xbe, 0x68, 0xe3, 0x59, 0x76, 0x8c, 0x86, 0x0e, 0x7a, 0x92, 0x13, 0x14, 0x8f, 0x67, 0xb3, 0xcb, 0x1a, 0x76, 0x76},
-			dt2:   fp.Elt{0x56, 0x7a, 0x1c, 0x9d, 0xca, 0x96, 0xf9, 0xf9, 0x03, 0x21, 0xd4, 0xe8, 0xb3, 0xd5, 0xe9, 0x52, 0xc8, 0x54, 0x1e, 0x1b, 0x13, 0xb6, 0xfd, 0x47, 0x7d, 0x02, 0x32, 0x33, 0x27, 0xe2, 0x1f, 0x19},
-		},
-	},
-}
-
-var tabVerif = [1 << (omegaFix - 2)]pointR3{
-	{ /* 1P */
-		addYX: fp.Elt{0x85, 0x3b, 0x8c, 0xf5, 0xc6, 0x93, 0xbc, 0x2f, 0x19, 0x0e, 0x8c, 0xfb, 0xc6, 0x2d, 0x93, 0xcf, 0xc2, 0x42, 0x3d, 0x64, 0x98, 0x48, 0x0b, 0x27, 0x65, 0xba, 0xd4, 0x33, 0x3a, 0x9d, 0xcf, 0x07},
-		subYX: fp.Elt{0x3e, 0x91, 0x40, 0xd7, 0x05, 0x39, 0x10, 0x9d, 0xb3, 0xbe, 0x40, 0xd1, 0x05, 0x9f, 0x39, 0xfd, 0x09, 0x8a, 0x8f, 0x68, 0x34, 0x84, 0xc1, 0xa5, 0x67, 0x12, 0xf8, 0x98, 0x92, 0x2f, 0xfd, 0x44},
-		dt2:   fp.Elt{0x68, 0xaa, 0x7a, 0x87, 0x05, 0x12, 0xc9, 0xab, 0x9e, 0xc4, 0xaa, 0xcc, 0x23, 0xe8, 0xd9, 0x26, 0x8c, 0x59, 0x43, 0xdd, 0xcb, 0x7d, 0x1b, 0x5a, 0xa8, 0x65, 0x0c, 0x9f, 0x68, 0x7b, 0x11, 0x6f},
-	},
-	{ /* 3P */
-		addYX: fp.Elt{0x30, 0x97, 0xee, 0x4c, 0xa8, 0xb0, 0x25, 0xaf, 0x8a, 0x4b, 0x86, 0xe8, 0x30, 0x84, 0x5a, 0x02, 0x32, 0x67, 0x01, 0x9f, 0x02, 0x50, 0x1b, 0xc1, 0xf4, 0xf8, 0x80, 0x9a, 0x1b, 0x4e, 0x16, 0x7a},
-		subYX: fp.Elt{0x65, 0xd2, 0xfc, 0xa4, 0xe8, 0x1f, 0x61, 0x56, 0x7d, 0xba, 0xc1, 0xe5, 0xfd, 0x53, 0xd3, 0x3b, 0xbd, 0xd6, 0x4b, 0x21, 0x1a, 0xf3, 0x31, 0x81, 0x62, 0xda, 0x5b, 0x55, 0x87, 0x15, 0xb9, 0x2a},
-		dt2:   fp.Elt{0x89, 0xd8, 0xd0, 0x0d, 0x3f, 0x93, 0xae, 0x14, 0x62, 0xda, 0x35, 0x1c, 0x22, 0x23, 0x94, 0x58, 0x4c, 0xdb, 0xf2, 0x8c, 0x45, 0xe5, 0x70, 0xd1, 0xc6, 0xb4, 0xb9, 0x12, 0xaf, 0x26, 0x28, 0x5a},
-	},
-	{ /* 5P */
-		addYX: fp.Elt{0x33, 0xbb, 0xa5, 0x08, 0x44, 0xbc, 0x12, 0xa2, 0x02, 0xed, 0x5e, 0xc7, 0xc3, 0x48, 0x50, 0x8d, 0x44, 0xec, 0xbf, 0x5a, 0x0c, 0xeb, 0x1b, 0xdd, 0xeb, 0x06, 0xe2, 0x46, 0xf1, 0xcc, 0x45, 0x29},
-		subYX: fp.Elt{0xba, 0xd6, 0x47, 0xa4, 0xc3, 0x82, 0x91, 0x7f, 0xb7, 0x29, 0x27, 0x4b, 0xd1, 0x14, 0x00, 0xd5, 0x87, 0xa0, 0x64, 0xb8, 0x1c, 0xf1, 0x3c, 0xe3, 0xf3, 0x55, 0x1b, 0xeb, 0x73, 0x7e, 0x4a, 0x15},
-		dt2:   fp.Elt{0x85, 0x82, 0x2a, 0x81, 0xf1, 0xdb, 0xbb, 0xbc, 0xfc, 0xd1, 0xbd, 0xd0, 0x07, 0x08, 0x0e, 0x27, 0x2d, 0xa7, 0xbd, 0x1b, 0x0b, 0x67, 0x1b, 0xb4, 0x9a, 0xb6, 0x3b, 0x6b, 0x69, 0xbe, 0xaa, 0x43},
-	},
-	{ /* 7P */
-		addYX: fp.Elt{0xbf, 0xa3, 0x4e, 0x94, 0xd0, 0x5c, 0x1a, 0x6b, 0xd2, 0xc0, 0x9d, 0xb3, 0x3a, 0x35, 0x70, 0x74, 0x49, 0x2e, 0x54, 0x28, 0x82, 0x52, 0xb2, 0x71, 0x7e, 0x92, 0x3c, 0x28, 0x69, 0xea, 0x1b, 0x46},
-		subYX: fp.Elt{0xb1, 0x21, 0x32, 0xaa, 0x9a, 0x2c, 0x6f, 0xba, 0xa7, 0x23, 0xba, 0x3b, 0x53, 0x21, 0xa0, 0x6c, 0x3a, 0x2c, 0x19, 0x92, 0x4f, 0x76, 0xea, 0x9d, 0xe0, 0x17, 0x53, 0x2e, 0x5d, 0xdd, 0x6e, 0x1d},
-		dt2:   fp.Elt{0xa2, 0xb3, 0xb8, 0x01, 0xc8, 0x6d, 0x83, 0xf1, 0x9a, 0xa4, 0x3e, 0x05, 0x47, 0x5f, 0x03, 0xb3, 0xf3, 0xad, 0x77, 0x58, 0xba, 0x41, 0x9c, 0x52, 0xa7, 0x90, 0x0f, 0x6a, 0x1c, 0xbb, 0x9f, 0x7a},
-	},
-	{ /* 9P */
-		addYX: fp.Elt{0x2f, 0x63, 0xa8, 0xa6, 0x8a, 0x67, 0x2e, 0x9b, 0xc5, 0x46, 0xbc, 0x51, 0x6f, 0x9e, 0x50, 0xa6, 0xb5, 0xf5, 0x86, 0xc6, 0xc9, 0x33, 0xb2, 0xce, 0x59, 0x7f, 0xdd, 0x8a, 0x33, 0xed, 0xb9, 0x34},
-		subYX: fp.Elt{0x64, 0x80, 0x9d, 0x03, 0x7e, 0x21, 0x6e, 0xf3, 0x9b, 0x41, 0x20, 0xf5, 0xb6, 0x81, 0xa0, 0x98, 0x44, 0xb0, 0x5e, 0xe7, 0x08, 0xc6, 0xcb, 0x96, 0x8f, 0x9c, 0xdc, 0xfa, 0x51, 0x5a, 0xc0, 0x49},
-		dt2:   fp.Elt{0x1b, 0xaf, 0x45, 0x90, 0xbf, 0xe8, 0xb4, 0x06, 0x2f, 0xd2, 0x19, 0xa7, 0xe8, 0x83, 0xff, 0xe2, 0x16, 0xcf, 0xd4, 0x93, 0x29, 0xfc, 0xf6, 0xaa, 0x06, 0x8b, 0x00, 0x1b, 0x02, 0x72, 0xc1, 0x73},
-	},
-	{ /* 11P */
-		addYX: fp.Elt{0xde, 0x2a, 0x80, 0x8a, 0x84, 0x00, 0xbf, 0x2f, 0x27, 0x2e, 0x30, 0x02, 0xcf, 0xfe, 0xd9, 0xe5, 0x06, 0x34, 0x70, 0x17, 0x71, 0x84, 0x3e, 0x11, 0xaf, 0x8f, 0x6d, 0x54, 0xe2, 0xaa, 0x75, 0x42},
-		subYX: fp.Elt{0x48, 0x43, 0x86, 0x49, 0x02, 0x5b, 0x5f, 0x31, 0x81, 0x83, 0x08, 0x77, 0x69, 0xb3, 0xd6, 0x3e, 0x95, 0xeb, 0x8d, 0x6a, 0x55, 0x75, 0xa0, 0xa3, 0x7f, 0xc7, 0xd5, 0x29, 0x80, 0x59, 0xab, 0x18},
-		dt2:   fp.Elt{0xe9, 0x89, 0x60, 0xfd, 0xc5, 0x2c, 0x2b, 0xd8, 0xa4, 0xe4, 0x82, 0x32, 0xa1, 0xb4, 0x1e, 0x03, 0x22, 0x86, 0x1a, 0xb5, 0x99, 0x11, 0x31, 0x44, 0x48, 0xf9, 0x3d, 0xb5, 0x22, 0x55, 0xc6, 0x3d},
-	},
-	{ /* 13P */
-		addYX: fp.Elt{0x6d, 0x7f, 0x00, 0xa2, 0x22, 0xc2, 0x70, 0xbf, 0xdb, 0xde, 0xbc, 0xb5, 0x9a, 0xb3, 0x84, 0xbf, 0x07, 0xba, 0x07, 0xfb, 0x12, 0x0e, 0x7a, 0x53, 0x41, 0xf2, 0x46, 0xc3, 0xee, 0xd7, 0x4f, 0x23},
-		subYX: fp.Elt{0x93, 0xbf, 0x7f, 0x32, 0x3b, 0x01, 0x6f, 0x50, 0x6b, 0x6f, 0x77, 0x9b, 0xc9, 0xeb, 0xfc, 0xae, 0x68, 0x59, 0xad, 0xaa, 0x32, 0xb2, 0x12, 0x9d, 0xa7, 0x24, 0x60, 0x17, 0x2d, 0x88, 0x67, 0x02},
-		dt2:   fp.Elt{0x78, 0xa3, 0x2e, 0x73, 0x19, 0xa1, 0x60, 0x53, 0x71, 0xd4, 0x8d, 0xdf, 0xb1, 0xe6, 0x37, 0x24, 0x33, 0xe5, 0xa7, 0x91, 0xf8, 0x37, 0xef, 0xa2, 0x63, 0x78, 0x09, 0xaa, 0xfd, 0xa6, 0x7b, 0x49},
-	},
-	{ /* 15P */
-		addYX: fp.Elt{0xa0, 0xea, 0xcf, 0x13, 0x03, 0xcc, 0xce, 0x24, 0x6d, 0x24, 0x9c, 0x18, 0x8d, 0xc2, 0x48, 0x86, 0xd0, 0xd4, 0xf2, 0xc1, 0xfa, 0xbd, 0xbd, 0x2d, 0x2b, 0xe7, 0x2d, 0xf1, 0x17, 0x29, 0xe2, 0x61},
-		subYX: fp.Elt{0x0b, 0xcf, 0x8c, 0x46, 0x86, 0xcd, 0x0b, 0x04, 0xd6, 0x10, 0x99, 0x2a, 0xa4, 0x9b, 0x82, 0xd3, 0x92, 0x51, 0xb2, 0x07, 0x08, 0x30, 0x08, 0x75, 0xbf, 0x5e, 0xd0, 0x18, 0x42, 0xcd, 0xb5, 0x43},
-		dt2:   fp.Elt{0x16, 0xb5, 0xd0, 0x9b, 0x2f, 0x76, 0x9a, 0x5d, 0xee, 0xde, 0x3f, 0x37, 0x4e, 0xaf, 0x38, 0xeb, 0x70, 0x42, 0xd6, 0x93, 0x7d, 0x5a, 0x2e, 0x03, 0x42, 0xd8, 0xe4, 0x0a, 0x21, 0x61, 0x1d, 0x51},
-	},
-	{ /* 17P */
-		addYX: fp.Elt{0x81, 0x9d, 0x0e, 0x95, 0xef, 0x76, 0xc6, 0x92, 0x4f, 0x04, 0xd7, 0xc0, 0xcd, 0x20, 0x46, 0xa5, 0x48, 0x12, 0x8f, 0x6f, 0x64, 0x36, 0x9b, 0xaa, 0xe3, 0x55, 0xb8, 0xdd, 0x24, 0x59, 0x32, 0x6d},
-		subYX: fp.Elt{0x87, 0xde, 0x20, 0x44, 0x48, 0x86, 0x13, 0x08, 0xb4, 0xed, 0x92, 0xb5, 0x16, 0xf0, 0x1c, 0x8a, 0x25, 0x2d, 0x94, 0x29, 0x27, 0x4e, 0xfa, 0x39, 0x10, 0x28, 0x48, 0xe2, 0x6f, 0xfe, 0xa7, 0x71},
-		dt2:   fp.Elt{0x54, 0xc8, 0xc8, 0xa5, 0xb8, 0x82, 0x71, 0x6c, 0x03, 0x2a, 0x5f, 0xfe, 0x79, 0x14, 0xfd, 0x33, 0x0c, 0x8d, 0x77, 0x83, 0x18, 0x59, 0xcf, 0x72, 0xa9, 0xea, 0x9e, 0x55, 0xb6, 0xc4, 0x46, 0x47},
-	},
-	{ /* 19P */
-		addYX: fp.Elt{0x2b, 0x9a, 0xc6, 0x6d, 0x3c, 0x7b, 0x77, 0xd3, 0x17, 0xf6, 0x89, 0x6f, 0x27, 0xb2, 0xfa, 0xde, 0xb5, 0x16, 0x3a, 0xb5, 0xf7, 0x1c, 0x65, 0x45, 0xb7, 0x9f, 0xfe, 0x34, 0xde, 0x51, 0x9a, 0x5c},
-		subYX: fp.Elt{0x47, 0x11, 0x74, 0x64, 0xc8, 0x46, 0x85, 0x34, 0x49, 0xc8, 0xfc, 0x0e, 0xdd, 0xae, 0x35, 0x7d, 0x32, 0xa3, 0x72, 0x06, 0x76, 0x9a, 0x93, 0xff, 0xd6, 0xe6, 0xb5, 0x7d, 0x49, 0x63, 0x96, 0x21},
-		dt2:   fp.Elt{0x67, 0x0e, 0xf1, 0x79, 0xcf, 0xf1, 0x10, 0xf5, 0x5b, 0x51, 0x58, 0xe6, 0xa1, 0xda, 0xdd, 0xff, 0x77, 0x22, 0x14, 0x10, 0x17, 0xa7, 0xc3, 0x09, 0xbb, 0x23, 0x82, 0x60, 0x3c, 0x50, 0x04, 0x48},
-	},
-	{ /* 21P */
-		addYX: fp.Elt{0xc7, 0x7f, 0xa3, 0x2c, 0xd0, 0x9e, 0x24, 0xc4, 0xab, 0xac, 0x15, 0xa6, 0xe3, 0xa0, 0x59, 0xa0, 0x23, 0x0e, 0x6e, 0xc9, 0xd7, 0x6e, 0xa9, 0x88, 0x6d, 0x69, 0x50, 0x16, 0xa5, 0x98, 0x33, 0x55},
-		subYX: fp.Elt{0x75, 0xd1, 0x36, 0x3a, 0xd2, 0x21, 0x68, 0x3b, 0x32, 0x9e, 0x9b, 0xe9, 0xa7, 0x0a, 0xb4, 0xbb, 0x47, 0x8a, 0x83, 0x20, 0xe4, 0x5c, 0x9e, 0x5d, 0x5e, 0x4c, 0xde, 0x58, 0x88, 0x09, 0x1e, 0x77},
-		dt2:   fp.Elt{0xdf, 0x1e, 0x45, 0x78, 0xd2, 0xf5, 0x12, 0x9a, 0xcb, 0x9c, 0x89, 0x85, 0x79, 0x5d, 0xda, 0x3a, 0x08, 0x95, 0xa5, 0x9f, 0x2d, 0x4a, 0x7f, 0x47, 0x11, 0xa6, 0xf5, 0x8f, 0xd6, 0xd1, 0x5e, 0x5a},
-	},
-	{ /* 23P */
-		addYX: fp.Elt{0x83, 0x0e, 0x15, 0xfe, 0x2a, 0x12, 0x95, 0x11, 0xd8, 0x35, 0x4b, 0x7e, 0x25, 0x9a, 0x20, 0xcf, 0x20, 0x1e, 0x71, 0x1e, 0x29, 0xf8, 0x87, 0x73, 0xf0, 0x92, 0xbf, 0xd8, 0x97, 0xb8, 0xac, 0x44},
-		subYX: fp.Elt{0x59, 0x73, 0x52, 0x58, 0xc5, 0xe0, 0xe5, 0xba, 0x7e, 0x9d, 0xdb, 0xca, 0x19, 0x5c, 0x2e, 0x39, 0xe9, 0xab, 0x1c, 0xda, 0x1e, 0x3c, 0x65, 0x28, 0x44, 0xdc, 0xef, 0x5f, 0x13, 0x60, 0x9b, 0x01},
-		dt2:   fp.Elt{0x83, 0x4b, 0x13, 0x5e, 0x14, 0x68, 0x60, 0x1e, 0x16, 0x4c, 0x30, 0x24, 0x4f, 0xe6, 0xf5, 0xc4, 0xd7, 0x3e, 0x1a, 0xfc, 0xa8, 0x88, 0x6e, 0x50, 0x92, 0x2f, 0xad, 0xe6, 0xfd, 0x49, 0x0c, 0x15},
-	},
-	{ /* 25P */
-		addYX: fp.Elt{0x38, 0x11, 0x47, 0x09, 0x95, 0xf2, 0x7b, 0x8e, 0x51, 0xa6, 0x75, 0x4f, 0x39, 0xef, 0x6f, 0x5d, 0xad, 0x08, 0xa7, 0x25, 0xc4, 0x79, 0xaf, 0x10, 0x22, 0x99, 0xb9, 0x5b, 0x07, 0x5a, 0x2b, 0x6b},
-		subYX: fp.Elt{0x68, 0xa8, 0xdc, 0x9c, 0x3c, 0x86, 0x49, 0xb8, 0xd0, 0x4a, 0x71, 0xb8, 0xdb, 0x44, 0x3f, 0xc8, 0x8d, 0x16, 0x36, 0x0c, 0x56, 0xe3, 0x3e, 0xfe, 0xc1, 0xfb, 0x05, 0x1e, 0x79, 0xd7, 0xa6, 0x78},
-		dt2:   fp.Elt{0x76, 0xb9, 0xa0, 0x47, 0x4b, 0x70, 0xbf, 0x58, 0xd5, 0x48, 0x17, 0x74, 0x55, 0xb3, 0x01, 0xa6, 0x90, 0xf5, 0x42, 0xd5, 0xb1, 0x1f, 0x2b, 0xaa, 0x00, 0x5d, 0xd5, 0x4a, 0xfc, 0x7f, 0x5c, 0x72},
-	},
-	{ /* 27P */
-		addYX: fp.Elt{0xb2, 0x99, 0xcf, 0xd1, 0x15, 0x67, 0x42, 0xe4, 0x34, 0x0d, 0xa2, 0x02, 0x11, 0xd5, 0x52, 0x73, 0x9f, 0x10, 0x12, 0x8b, 0x7b, 0x15, 0xd1, 0x23, 0xa3, 0xf3, 0xb1, 0x7c, 0x27, 0xc9, 0x4c, 0x79},
-		subYX: fp.Elt{0xc0, 0x98, 0xd0, 0x1c, 0xf7, 0x2b, 0x80, 0x91, 0x66, 0x63, 0x5e, 0xed, 0xa4, 0x6c, 0x41, 0xfe, 0x4c, 0x99, 0x02, 0x49, 0x71, 0x5d, 0x58, 0xdf, 0xe7, 0xfa, 0x55, 0xf8, 0x25, 0x46, 0xd5, 0x4c},
-		dt2:   fp.Elt{0x53, 0x50, 0xac, 0xc2, 0x26, 0xc4, 0xf6, 0x4a, 0x58, 0x72, 0xf6, 0x32, 0xad, 0xed, 0x9a, 0xbc, 0x21, 0x10, 0x31, 0x0a, 0xf1, 0x32, 0xd0, 0x2a, 0x85, 0x8e, 0xcc, 0x6f, 0x7b, 0x35, 0x08, 0x70},
-	},
-	{ /* 29P */
-		addYX: fp.Elt{0x01, 0x3f, 0x77, 0x38, 0x27, 0x67, 0x88, 0x0b, 0xfb, 0xcc, 0xfb, 0x95, 0xfa, 0xc8, 0xcc, 0xb8, 0xb6, 0x29, 0xad, 0xb9, 0xa3, 0xd5, 0x2d, 0x8d, 0x6a, 0x0f, 0xad, 0x51, 0x98, 0x7e, 0xef, 0x06},
-		subYX: fp.Elt{0x34, 0x4a, 0x58, 0x82, 0xbb, 0x9f, 0x1b, 0xd0, 0x2b, 0x79, 0xb4, 0xd2, 0x63, 0x64, 0xab, 0x47, 0x02, 0x62, 0x53, 0x48, 0x9c, 0x63, 0x31, 0xb6, 0x28, 0xd4, 0xd6, 0x69, 0x36, 0x2a, 0xa9, 0x13},
-		dt2:   fp.Elt{0xe5, 0x7d, 0x57, 0xc0, 0x1c, 0x77, 0x93, 0xca, 0x5c, 0xdc, 0x35, 0x50, 0x1e, 0xe4, 0x40, 0x75, 0x71, 0xe0, 0x02, 0xd8, 0x01, 0x0f, 0x68, 0x24, 0x6a, 0xf8, 0x2a, 0x8a, 0xdf, 0x6d, 0x29, 0x3c},
-	},
-	{ /* 31P */
-		addYX: fp.Elt{0x13, 0xa7, 0x14, 0xd9, 0xf9, 0x15, 0xad, 0xae, 0x12, 0xf9, 0x8f, 0x8c, 0xf9, 0x7b, 0x2f, 0xa9, 0x30, 0xd7, 0x53, 0x9f, 0x17, 0x23, 0xf8, 0xaf, 0xba, 0x77, 0x0c, 0x49, 0x93, 0xd3, 0x99, 0x7a},
-		subYX: fp.Elt{0x41, 0x25, 0x1f, 0xbb, 0x2e, 0x4d, 0xeb, 0xfc, 0x1f, 0xb9, 0xad, 0x40, 0xc7, 0x10, 0x95, 0xb8, 0x05, 0xad, 0xa1, 0xd0, 0x7d, 0xa3, 0x71, 0xfc, 0x7b, 0x71, 0x47, 0x07, 0x70, 0x2c, 0x89, 0x0a},
-		dt2:   fp.Elt{0xe8, 0xa3, 0xbd, 0x36, 0x24, 0xed, 0x52, 0x8f, 0x94, 0x07, 0xe8, 0x57, 0x41, 0xc8, 0xa8, 0x77, 0xe0, 0x9c, 0x2f, 0x26, 0x63, 0x65, 0xa9, 0xa5, 0xd2, 0xf7, 0x02, 0x83, 0xd2, 0x62, 0x67, 0x28},
-	},
-	{ /* 33P */
-		addYX: fp.Elt{0x25, 0x5b, 0xe3, 0x3c, 0x09, 0x36, 0x78, 0x4e, 0x97, 0xaa, 0x6b, 0xb2, 0x1d, 0x18, 0xe1, 0x82, 0x3f, 0xb8, 0xc7, 0xcb, 0xd3, 0x92, 0xc1, 0x0c, 0x3a, 0x9d, 0x9d, 0x6a, 0x04, 0xda, 0xf1, 0x32},
-		subYX: fp.Elt{0xbd, 0xf5, 0x2e, 0xce, 0x2b, 0x8e, 0x55, 0x7c, 0x63, 0xbc, 0x47, 0x67, 0xb4, 0x6c, 0x98, 0xe4, 0xb8, 0x89, 0xbb, 0x3b, 0x9f, 0x17, 0x4a, 0x15, 0x7a, 0x76, 0xf1, 0xd6, 0xa3, 0xf2, 0x86, 0x76},
-		dt2:   fp.Elt{0x6a, 0x7c, 0x59, 0x6d, 0xa6, 0x12, 0x8d, 0xaa, 0x2b, 0x85, 0xd3, 0x04, 0x03, 0x93, 0x11, 0x8f, 0x22, 0xb0, 0x09, 0xc2, 0x73, 0xdc, 0x91, 0x3f, 0xa6, 0x28, 0xad, 0xa9, 0xf8, 0x05, 0x13, 0x56},
-	},
-	{ /* 35P */
-		addYX: fp.Elt{0xd1, 0xae, 0x92, 0xec, 0x8d, 0x97, 0x0c, 0x10, 0xe5, 0x73, 0x6d, 0x4d, 0x43, 0xd5, 0x43, 0xca, 0x48, 0xba, 0x47, 0xd8, 0x22, 0x1b, 0x13, 0x83, 0x2c, 0x4d, 0x5d, 0xe3, 0x53, 0xec, 0xaa},
-		subYX: fp.Elt{0xd5, 0xc0, 0xb0, 0xe7, 0x28, 0xcc, 0x22, 0x67, 0x53, 0x5c, 0x07, 0xdb, 0xbb, 0xe9, 0x9d, 0x70, 0x61, 0x0a, 0x01, 0xd7, 0xa7, 0x8d, 0xf6, 0xca, 0x6c, 0xcc, 0x57, 0x2c, 0xef, 0x1a, 0x0a, 0x03},
-		dt2:   fp.Elt{0xaa, 0xd2, 0x3a, 0x00, 0x73, 0xf7, 0xb1, 0x7b, 0x08, 0x66, 0x21, 0x2b, 0x80, 0x29, 0x3f, 0x0b, 0x3e, 0xd2, 0x0e, 0x52, 0x86, 0xdc, 0x21, 0x78, 0x80, 0x54, 0x06, 0x24, 0x1c, 0x9c, 0xbe, 0x20},
-	},
-	{ /* 37P */
-		addYX: fp.Elt{0xa6, 0x73, 0x96, 0x24, 0xd8, 0x87, 0x53, 0xe1, 0x93, 0xe4, 0x46, 0xf5, 0x2d, 0xbc, 0x43, 0x59, 0xb5, 0x63, 0x6f, 0xc3, 0x81, 0x9a, 0x7f, 0x1c, 0xde, 0xc1, 0x0a, 0x1f, 0x36, 0xb3, 0x0a, 0x75},
-		subYX: fp.Elt{0x60, 0x5e, 0x02, 0xe2, 0x4a, 0xe4, 0xe0, 0x20, 0x38, 0xb9, 0xdc, 0xcb, 0x2f, 0x3b, 0x3b, 0xb0, 0x1c, 0x0d, 0x5a, 0xf9, 0x9c, 0x63, 0x5d, 0x10, 0x11, 0xe3, 0x67, 0x50, 0x54, 0x4c, 0x76, 0x69},
-		dt2:   fp.Elt{0x37, 0x10, 0xf8, 0xa2, 0x83, 0x32, 0x8a, 0x1e, 0xf1, 0xcb, 0x7f, 0xbd, 0x23, 0xda, 0x2e, 0x6f, 0x63, 0x25, 0x2e, 0xac, 0x5b, 0xd1, 0x2f, 0xb7, 0x40, 0x50, 0x07, 0xb7, 0x3f, 0x6b, 0xf9, 0x54},
-	},
-	{ /* 39P */
-		addYX: fp.Elt{0x79, 0x92, 0x66, 0x29, 0x04, 0xf2, 0xad, 0x0f, 0x4a, 0x72, 0x7d, 0x7d, 0x04, 0xa2, 0xdd, 0x3a, 0xf1, 0x60, 0x57, 0x8c, 0x82, 0x94, 0x3d, 0x6f, 0x9e, 0x53, 0xb7, 0x2b, 0xc5, 0xe9, 0x7f, 0x3d},
-		subYX: fp.Elt{0xcd, 0x1e, 0xb1, 0x16, 0xc6, 0xaf, 0x7d, 0x17, 0x79, 0x64, 0x57, 0xfa, 0x9c, 0x4b, 0x76, 0x89, 0x85, 0xe7, 0xec, 0xe6, 0x10, 0xa1, 0xa8, 0xb7, 0xf0, 0xdb, 0x85, 0xbe, 0x9f, 0x83, 0xe6, 0x78},
-		dt2:   fp.Elt{0x6b, 0x85, 0xb8, 0x37, 0xf7, 0x2d, 0x33, 0x70, 0x8a, 0x17, 0x1a, 0x04, 0x43, 0x5d, 0xd0, 0x75, 0x22, 0x9e, 0xe5, 0xa0, 0x4a, 0xf7, 0x0f, 0x32, 0x42, 0x82, 0x08, 0x50, 0xf3, 0x68, 0xf2, 0x70},
-	},
-	{ /* 41P */
-		addYX: fp.Elt{0x47, 0x5f, 0x80, 0xb1, 0x83, 0x45, 0x86, 0x66, 0x19, 0x7c, 0xdd, 0x60, 0xd1, 0xc5, 0x35, 0xf5, 0x06, 0xb0, 0x4c, 0x1e, 0xb7, 0x4e, 0x87, 0xe9, 0xd9, 0x89, 0xd8, 0xfa, 0x5c, 0x34, 0x0d, 0x7c},
-		subYX: fp.Elt{0x55, 0xf3, 0xdc, 0x70, 0x20, 0x11, 0x24, 0x23, 0x17, 0xe1, 0xfc, 0xe7, 0x7e, 0xc9, 0x0c, 0x38, 0x98, 0xb6, 0x52, 0x35, 0xed, 0xde, 0x1d, 0xb3, 0xb9, 0xc4, 0xb8, 0x39, 0xc0, 0x56, 0x4e, 0x40},
-		dt2:   fp.Elt{0x8a, 0x33, 0x78, 0x8c, 0x4b, 0x1f, 0x1f, 0x59, 0xe1, 0xb5, 0xe0, 0x67, 0xb1, 0x6a, 0x36, 0xa0, 0x44, 0x3d, 0x5f, 0xb4, 0x52, 0x41, 0xbc, 0x5c, 0x77, 0xc7, 0xae, 0x2a, 0x76, 0x54, 0xd7, 0x20},
-	},
-	{ /* 43P */
-		addYX: fp.Elt{0x58, 0xb7, 0x3b, 0xc7, 0x6f, 0xc3, 0x8f, 0x5e, 0x9a, 0xbb, 0x3c, 0x36, 0xa5, 0x43, 0xe5, 0xac, 0x22, 0xc9, 0x3b, 0x90, 0x7d, 0x4a, 0x93, 0xa9, 0x62, 0xec, 0xce, 0xf3, 0x46, 0x1e, 0x8f, 0x2b},
-		subYX: fp.Elt{0x43, 0xf5, 0xb9, 0x35, 0xb1, 0xfe, 0x74, 0x9d, 0x6c, 0x95, 0x8c, 0xde, 0xf1, 0x7d, 0xb3, 0x84, 0xa9, 0x8b, 0x13, 0x57, 0x07, 0x2b, 0x32, 0xe9, 0xe1, 0x4c, 0x0b, 0x79, 0xa8, 0xad, 0xb8, 0x38},
-		dt2:   fp.Elt{0x5d, 0xf9, 0x51, 0xdf, 0x9c, 0x4a, 0xc0, 0xb5, 0xac, 0xde, 0x1f, 0xcb, 0xae, 0x52, 0x39, 0x2b, 0xda, 0x66, 0x8b, 0x32, 0x8b, 0x6d, 0x10, 0x1d, 0x53, 0x19, 0xba, 0xce, 0x32, 0xeb, 0x9a, 0x04},
-	},
-	{ /* 45P */
-		addYX: fp.Elt{0x31, 0x79, 0xfc, 0x75, 0x0b, 0x7d, 0x50, 0xaa, 0xd3, 0x25, 0x67, 0x7a, 0x4b, 0x92, 0xef, 0x0f, 0x30, 0x39, 0x6b, 0x39, 0x2b, 0x54, 0x82, 0x1d, 0xfc, 0x74, 0xf6, 0x30, 0x75, 0xe1, 0x5e, 0x79},
-		subYX: fp.Elt{0x7e, 0xfe, 0xdc, 0x63, 0x3c, 0x7d, 0x76, 0xd7, 0x40, 0x6e, 0x85, 0x97, 0x48, 0x59, 0x9c, 0x20, 0x13, 0x7c, 0x4f, 0xe1, 0x61, 0x68, 0x67, 0xb6, 0xfc, 0x25, 0xd6, 0xc8, 0xe0, 0x65, 0xc6, 0x51},
-		dt2:   fp.Elt{0x81, 0xbd, 0xec, 0x52, 0x0a, 0x5b, 0x4a, 0x25, 0xe7, 0xaf, 0x34, 0xe0, 0x6e, 0x1f, 0x41, 0x5d, 0x31, 0x4a, 0xee, 0xca, 0x0d, 0x4d, 0xa2, 0xe6, 0x77, 0x44, 0xc5, 0x9d, 0xf4, 0x9b, 0xd1, 0x6c},
-	},
-	{ /* 47P */
-		addYX: fp.Elt{0x86, 0xc3, 0xaf, 0x65, 0x21, 0x61, 0xfe, 0x1f, 0x10, 0x1b, 0xd5, 0xb8, 0x88, 0x2a, 0x2a, 0x08, 0xaa, 0x0b, 0x99, 0x20, 0x7e, 0x62, 0xf6, 0x76, 0xe7, 0x43, 0x9e, 0x42, 0xa7, 0xb3, 0x01, 0x5e},
-		subYX: fp.Elt{0xa3, 0x9c, 0x17, 0x52, 0x90, 0x61, 0x87, 0x7e, 0x85, 0x9f, 0x2c, 0x0b, 0x06, 0x0a, 0x1d, 0x57, 0x1e, 0x71, 0x99, 0x84, 0xa8, 0xba, 0xa2, 0x80, 0x38, 0xe6, 0xb2, 0x40, 0xdb, 0xf3, 0x20, 0x75},
-		dt2:   fp.Elt{0xa1, 0x57, 0x93, 0xd3, 0xe3, 0x0b, 0xb5, 0x3d, 0xa5, 0x94, 0x9e, 0x59, 0xdd, 0x6c, 0x7b, 0x96, 0x6e, 0x1e, 0x31, 0xdf, 0x64, 0x9a, 0x30, 0x1a, 0x86, 0xc9, 0xf3, 0xce, 0x9c, 0x2c, 0x09, 0x71},
-	},
-	{ /* 49P */
-		addYX: fp.Elt{0xcf, 0x1d, 0x05, 0x74, 0xac, 0xd8, 0x6b, 0x85, 0x1e, 0xaa, 0xb7, 0x55, 0x08, 0xa4, 0xf6, 0x03, 0xeb, 0x3c, 0x74, 0xc9, 0xcb, 0xe7, 0x4a, 0x3a, 0xde, 0xab, 0x37, 0x71, 0xbb, 0xa5, 0x73, 0x41},
-		subYX: fp.Elt{0x8c, 0x91, 0x64, 0x03, 0x3f, 0x52, 0xd8, 0x53, 0x1c, 0x6b, 0xab, 0x3f, 0xf4, 0x04, 0xb4, 0xa2, 0xa4, 0xe5, 0x81, 0x66, 0x9e, 0x4a, 0x0b, 0x08, 0xa7, 0x7b, 0x25, 0xd0, 0x03, 0x5b, 0xa1, 0x0e},
-		dt2:   fp.Elt{0x8a, 0x21, 0xf9, 0xf0, 0x31, 0x6e, 0xc5, 0x17, 0x08, 0x47, 0xfc, 0x1a, 0x2b, 0x6e, 0x69, 0x5a, 0x76, 0xf1, 0xb2, 0xf4, 0x68, 0x16, 0x93, 0xf7, 0x67, 0x3a, 0x4e, 0x4a, 0x61, 0x65, 0xc5, 0x5f},
-	},
-	{ /* 51P */
-		addYX: fp.Elt{0x8e, 0x98, 0x90, 0x77, 0xe6, 0xe1, 0x92, 0x48, 0x22, 0xd7, 0x5c, 0x1c, 0x0f, 0x95, 0xd5, 0x01, 0xed, 0x3e, 0x92, 0xe5, 0x9a, 0x81, 0xb0, 0xe3, 0x1b, 0x65, 0x46, 0x9d, 0x40, 0xc7, 0x14, 0x32},
-		subYX: fp.Elt{0xe5, 0x7a, 0x6d, 0xc4, 0x0d, 0x57, 0x6e, 0x13, 0x8f, 0xdc, 0xf8, 0x54, 0xcc, 0xaa, 0xd0, 0x0f, 0x86, 0xad, 0x0d, 0x31, 0x03, 0x9f, 0x54, 0x59, 0xa1, 0x4a, 0x45, 0x4c, 0x41, 0x1c, 0x71, 0x62},
-		dt2:   fp.Elt{0x70, 0x17, 0x65, 0x06, 0x74, 0x82, 0x29, 0x13, 0x36, 0x94, 0x27, 0x8a, 0x66, 0xa0, 0xa4, 0x3b, 0x3c, 0x22, 0x5d, 0x18, 0xec, 0xb8, 0xb6, 0xd9, 0x3c, 0x83, 0xcb, 0x3e, 0x07, 0x94, 0xea, 0x5b},
-	},
-	{ /* 53P */
-		addYX: fp.Elt{0xf8, 0xd2, 0x43, 0xf3, 0x63, 0xce, 0x70, 0xb4, 0xf1, 0xe8, 0x43, 0x05, 0x8f, 0xba, 0x67, 0x00, 0x6f, 0x7b, 0x11, 0xa2, 0xa1, 0x51, 0xda, 0x35, 0x2f, 0xbd, 0xf1, 0x44, 0x59, 0x78, 0xd0, 0x4a},
-		subYX: fp.Elt{0xe4, 0x9b, 0xc8, 0x12, 0x09, 0xbf, 0x1d, 0x64, 0x9c, 0x57, 0x6e, 0x7d, 0x31, 0x8b, 0xf3, 0xac, 0x65, 0xb0, 0x97, 0xf6, 0x02, 0x9e, 0xfe, 0xab, 0xec, 0x1e, 0xf6, 0x48, 0xc1, 0xd5, 0xac, 0x3a},
-		dt2:   fp.Elt{0x01, 0x83, 0x31, 0xc3, 0x34, 0x3b, 0x8e, 0x85, 0x26, 0x68, 0x31, 0x07, 0x47, 0xc0, 0x99, 0xdc, 0x8c, 0xa8, 0x9d, 0xd3, 0x2e, 0x5b, 0x08, 0x34, 0x3d, 0x85, 0x02, 0xd9, 0xb1, 0x0c, 0xff, 0x3a},
-	},
-	{ /* 55P */
-		addYX: fp.Elt{0x05, 0x35, 0xc5, 0xf4, 0x0b, 0x43, 0x26, 0x92, 0x83, 0x22, 0x1f, 0x26, 0x13, 0x9c, 0xe4, 0x68, 0xc6, 0x27, 0xd3, 0x8f, 0x78, 0x33, 0xef, 0x09, 0x7f, 0x9e, 0xd9, 0x2b, 0x73, 0x9f, 0xcf, 0x2c},
-		subYX: fp.Elt{0x5e, 0x40, 0x20, 0x3a, 0xeb, 0xc7, 0xc5, 0x87, 0xc9, 0x56, 0xad, 0xed, 0xef, 0x11, 0xe3, 0x8e, 0xf9, 0xd5, 0x29, 0xad, 0x48, 0x2e, 0x25, 0x29, 0x1d, 0x25, 0xcd, 0xf4, 0x86, 0x7e, 0x0e, 0x11},
-		dt2:   fp.Elt{0xe4, 0xf5, 0x03, 0xd6, 0x9e, 0xd8, 0xc0, 0x57, 0x0c, 0x20, 0xb0, 0xf0, 0x28, 0x86, 0x88, 0x12, 0xb7, 0x3b, 0x2e, 0xa0, 0x09, 0x27, 0x17, 0x53, 0x37, 0x3a, 0x69, 0xb9, 0xe0, 0x57, 0xc5, 0x05},
-	},
-	{ /* 57P */
-		addYX: fp.Elt{0xb0, 0x0e, 0xc2, 0x89, 0xb0, 0xbb, 0x76, 0xf7, 0x5c, 0xd8, 0x0f, 0xfa, 0xf6, 0x5b, 0xf8, 0x61, 0xfb, 0x21, 0x44, 0x63, 0x4e, 0x3f, 0xb9, 0xb6, 0x05, 0x12, 0x86, 0x41, 0x08, 0xef, 0x9f, 0x28},
-		subYX: fp.Elt{0x6f, 0x7e, 0xc9, 0x1f, 0x31, 0xce, 0xf9, 0xd8, 0xae, 0xfd, 0xf9, 0x11, 0x30, 0x26, 0x3f, 0x7a, 0xdd, 0x25, 0xed, 0x8b, 0xa0, 0x7e, 0x5b, 0xe1, 0x5a, 0x87, 0xe9, 0x8f, 0x17, 0x4c, 0x15, 0x6e},
-		dt2:   fp.Elt{0xbf, 0x9a, 0xd6, 0xfe, 0x36, 0x63, 0x61, 0xcf, 0x4f, 0xc9, 0x35, 0x83, 0xe7, 0xe4, 0x16, 0x9b, 0xe7, 0x7f, 0x3a, 0x75, 0x65, 0x97, 0x78, 0x13, 0x19, 0xa3, 0x5c, 0xa9, 0x42, 0xf6, 0xfb, 0x6a},
-	},
-	{ /* 59P */
-		addYX: fp.Elt{0xcc, 0xa8, 0x13, 0xf9, 0x70, 0x50, 0xe5, 0x5d, 0x61, 0xf5, 0x0c, 0x2b, 0x7b, 0x16, 0x1d, 0x7d, 0x89, 0xd4, 0xea, 0x90, 0xb6, 0x56, 0x29, 0xda, 0xd9, 0x1e, 0x80, 0xdb, 0xce, 0x93, 0xc0, 0x12},
-		subYX: fp.Elt{0xc1, 0xd2, 0xf5, 0x62, 0x0c, 0xde, 0xa8, 0x7d, 0x9a, 0x7b, 0x0e, 0xb0, 0xa4, 0x3d, 0xfc, 0x98, 0xe0, 0x70, 0xad, 0x0d, 0xda, 0x6a, 0xeb, 0x7d, 0xc4, 0x38, 0x50, 0xb9, 0x51, 0xb8, 0xb4, 0x0d},
-		dt2:   fp.Elt{0x0f, 0x19, 0xb8, 0x08, 0x93, 0x7f, 0x14, 0xfc, 0x10, 0xe3, 0x1a, 0xa1, 0xa0, 0x9d, 0x96, 0x06, 0xfd, 0xd7, 0xc7, 0xda, 0x72, 0x55, 0xe7, 0xce, 0xe6, 0x5c, 0x63, 0xc6, 0x99, 0x87, 0xaa, 0x33},
-	},
-	{ /* 61P */
-		addYX: fp.Elt{0xb1, 0x6c, 0x15, 0xfc, 0x88, 0xf5, 0x48, 0x83, 0x27, 0x6d, 0x0a, 0x1a, 0x9b, 0xba, 0xa2, 0x6d, 0xb6, 0x5a, 0xca, 0x87, 0x5c, 0x2d, 0x26, 0xe2, 0xa6, 0x89, 0xd5, 0xc8, 0xc1, 0xd0, 0x2c, 0x21},
-		subYX: fp.Elt{0xf2, 0x5c, 0x08, 0xbd, 0x1e, 0xf5, 0x0f, 0xaf, 0x1f, 0x3f, 0xd3, 0x67, 0x89, 0x1a, 0xf5, 0x78, 0x3c, 0x03, 0x60, 0x50, 0xe1, 0xbf, 0xc2, 0x6e, 0x86, 0x1a, 0xe2, 0xe8, 0x29, 0x6f, 0x3c, 0x23},
-		dt2:   fp.Elt{0x81, 0xc7, 0x18, 0x7f, 0x10, 0xd5, 0xf4, 0xd2, 0x28, 0x9d, 0x7e, 0x52, 0xf2, 0xcd, 0x2e, 0x12, 0x41, 0x33, 0x3d, 0x3d, 0x2a, 0x86, 0x0a, 0xa7, 0xe3, 0x4c, 0x91, 0x11, 0x89, 0x77, 0xb7, 0x1d},
-	},
-	{ /* 63P */
-		addYX: fp.Elt{0xb6, 0x1a, 0x70, 0xdd, 0x69, 0x47, 0x39, 0xb3, 0xa5, 0x8d, 0xcf, 0x19, 0xd4, 0xde, 0xb8, 0xe2, 0x52, 0xc8, 0x2a, 0xfd, 0x61, 0x41, 0xdf, 0x15, 0xbe, 0x24, 0x7d, 0x01, 0x8a, 0xca, 0xe2, 0x7a},
-		subYX: fp.Elt{0x6f, 0xc2, 0x6b, 0x7c, 0x39, 0x52, 0xf3, 0xdd, 0x13, 0x01, 0xd5, 0x53, 0xcc, 0xe2, 0x97, 0x7a, 0x30, 0xa3, 0x79, 0xbf, 0x3a, 0xf4, 0x74, 0x7c, 0xfc, 0xad, 0xe2, 0x26, 0xad, 0x97, 0xad, 0x31},
-		dt2:   fp.Elt{0x62, 0xb9, 0x20, 0x09, 0xed, 0x17, 0xe8, 0xb7, 0x9d, 0xda, 0x19, 0x3f, 0xcc, 0x18, 0x85, 0x1e, 0x64, 0x0a, 0x56, 0x25, 0x4f, 0xc1, 0x91, 0xe4, 0x83, 0x2c, 0x62, 0xa6, 0x53, 0xfc, 0xd1, 0x1e},
-	},
-}
diff --git a/vendor/github.com/cloudflare/circl/sign/ed448/ed448.go b/vendor/github.com/cloudflare/circl/sign/ed448/ed448.go
deleted file mode 100644
index c368b181b4..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/ed448/ed448.go
+++ /dev/null
@@ -1,411 +0,0 @@
-// Package ed448 implements Ed448 signature scheme as described in RFC-8032.
-//
-// This package implements two signature variants.
-//
-//	| Scheme Name | Sign Function     | Verification  | Context           |
-//	|-------------|-------------------|---------------|-------------------|
-//	| Ed448       | Sign              | Verify        | Yes, can be empty |
-//	| Ed448Ph     | SignPh            | VerifyPh      | Yes, can be empty |
-//	| All above   | (PrivateKey).Sign | VerifyAny     | As above          |
-//
-// Specific functions for sign and verify are defined. A generic signing
-// function for all schemes is available through the crypto.Signer interface,
-// which is implemented by the PrivateKey type. A correspond all-in-one
-// verification method is provided by the VerifyAny function.
-//
-// Both schemes require a context string for domain separation. This parameter
-// is passed using a SignerOptions struct defined in this package.
-//
-// References:
-//
-//   - RFC8032: https://rfc-editor.org/rfc/rfc8032.txt
-//   - EdDSA for more curves: https://eprint.iacr.org/2015/677
-//   - High-speed high-security signatures: https://doi.org/10.1007/s13389-012-0027-1
-package ed448
-
-import (
-	"bytes"
-	"crypto"
-	cryptoRand "crypto/rand"
-	"crypto/subtle"
-	"errors"
-	"fmt"
-	"io"
-	"strconv"
-
-	"github.com/cloudflare/circl/ecc/goldilocks"
-	"github.com/cloudflare/circl/internal/sha3"
-	"github.com/cloudflare/circl/sign"
-)
-
-const (
-	// ContextMaxSize is the maximum length (in bytes) allowed for context.
-	ContextMaxSize = 255
-	// PublicKeySize is the length in bytes of Ed448 public keys.
-	PublicKeySize = 57
-	// PrivateKeySize is the length in bytes of Ed448 private keys.
-	PrivateKeySize = 114
-	// SignatureSize is the length in bytes of signatures.
-	SignatureSize = 114
-	// SeedSize is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032.
-	SeedSize = 57
-)
-
-const (
-	paramB   = 456 / 8    // Size of keys in bytes.
-	hashSize = 2 * paramB // Size of the hash function's output.
-)
-
-// SignerOptions implements crypto.SignerOpts and augments with parameters
-// that are specific to the Ed448 signature schemes.
-type SignerOptions struct {
-	// Hash must be crypto.Hash(0) for both Ed448 and Ed448Ph.
-	crypto.Hash
-
-	// Context is an optional domain separation string for signing.
-	// Its length must be less or equal than 255 bytes.
-	Context string
-
-	// Scheme is an identifier for choosing a signature scheme.
-	Scheme SchemeID
-}
-
-// SchemeID is an identifier for each signature scheme.
-type SchemeID uint
-
-const (
-	ED448 SchemeID = iota
-	ED448Ph
-)
-
-// PublicKey is the type of Ed448 public keys.
-type PublicKey []byte
-
-// Equal reports whether pub and x have the same value.
-func (pub PublicKey) Equal(x crypto.PublicKey) bool {
-	xx, ok := x.(PublicKey)
-	return ok && bytes.Equal(pub, xx)
-}
-
-// PrivateKey is the type of Ed448 private keys. It implements crypto.Signer.
-type PrivateKey []byte
-
-// Equal reports whether priv and x have the same value.
-func (priv PrivateKey) Equal(x crypto.PrivateKey) bool {
-	xx, ok := x.(PrivateKey)
-	return ok && subtle.ConstantTimeCompare(priv, xx) == 1
-}
-
-// Public returns the PublicKey corresponding to priv.
-func (priv PrivateKey) Public() crypto.PublicKey {
-	publicKey := make([]byte, PublicKeySize)
-	copy(publicKey, priv[SeedSize:])
-	return PublicKey(publicKey)
-}
-
-// Seed returns the private key seed corresponding to priv. It is provided for
-// interoperability with RFC 8032. RFC 8032's private keys correspond to seeds
-// in this package.
-func (priv PrivateKey) Seed() []byte {
-	seed := make([]byte, SeedSize)
-	copy(seed, priv[:SeedSize])
-	return seed
-}
-
-func (priv PrivateKey) Scheme() sign.Scheme { return sch }
-
-func (pub PublicKey) Scheme() sign.Scheme { return sch }
-
-func (priv PrivateKey) MarshalBinary() (data []byte, err error) {
-	privateKey := make(PrivateKey, PrivateKeySize)
-	copy(privateKey, priv)
-	return privateKey, nil
-}
-
-func (pub PublicKey) MarshalBinary() (data []byte, err error) {
-	publicKey := make(PublicKey, PublicKeySize)
-	copy(publicKey, pub)
-	return publicKey, nil
-}
-
-// Sign creates a signature of a message given a key pair.
-// This function supports all the two signature variants defined in RFC-8032,
-// namely Ed448 (or pure EdDSA) and Ed448Ph.
-// The opts.HashFunc() must return zero to the specify Ed448 variant. This can
-// be achieved by passing crypto.Hash(0) as the value for opts.
-// Use an Options struct to pass a bool indicating that the ed448Ph variant
-// should be used.
-// The struct can also be optionally used to pass a context string for signing.
-func (priv PrivateKey) Sign(
-	rand io.Reader,
-	message []byte,
-	opts crypto.SignerOpts,
-) (signature []byte, err error) {
-	var ctx string
-	var scheme SchemeID
-
-	if o, ok := opts.(SignerOptions); ok {
-		ctx = o.Context
-		scheme = o.Scheme
-	}
-
-	switch true {
-	case scheme == ED448 && opts.HashFunc() == crypto.Hash(0):
-		return Sign(priv, message, ctx), nil
-	case scheme == ED448Ph && opts.HashFunc() == crypto.Hash(0):
-		return SignPh(priv, message, ctx), nil
-	default:
-		return nil, errors.New("ed448: bad hash algorithm")
-	}
-}
-
-// GenerateKey generates a public/private key pair using entropy from rand.
-// If rand is nil, crypto/rand.Reader will be used.
-func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error) {
-	if rand == nil {
-		rand = cryptoRand.Reader
-	}
-
-	seed := make(PrivateKey, SeedSize)
-	if _, err := io.ReadFull(rand, seed); err != nil {
-		return nil, nil, err
-	}
-
-	privateKey := NewKeyFromSeed(seed)
-	publicKey := make([]byte, PublicKeySize)
-	copy(publicKey, privateKey[SeedSize:])
-
-	return publicKey, privateKey, nil
-}
-
-// NewKeyFromSeed calculates a private key from a seed. It will panic if
-// len(seed) is not SeedSize. This function is provided for interoperability
-// with RFC 8032. RFC 8032's private keys correspond to seeds in this
-// package.
-func NewKeyFromSeed(seed []byte) PrivateKey {
-	privateKey := make([]byte, PrivateKeySize)
-	newKeyFromSeed(privateKey, seed)
-	return privateKey
-}
-
-func newKeyFromSeed(privateKey, seed []byte) {
-	if l := len(seed); l != SeedSize {
-		panic("ed448: bad seed length: " + strconv.Itoa(l))
-	}
-
-	var h [hashSize]byte
-	H := sha3.NewShake256()
-	_, _ = H.Write(seed)
-	_, _ = H.Read(h[:])
-	s := &goldilocks.Scalar{}
-	deriveSecretScalar(s, h[:paramB])
-
-	copy(privateKey[:SeedSize], seed)
-	_ = goldilocks.Curve{}.ScalarBaseMult(s).ToBytes(privateKey[SeedSize:])
-}
-
-func signAll(signature []byte, privateKey PrivateKey, message, ctx []byte, preHash bool) {
-	if len(ctx) > ContextMaxSize {
-		panic(fmt.Errorf("ed448: bad context length: %v", len(ctx)))
-	}
-
-	H := sha3.NewShake256()
-	var PHM []byte
-
-	if preHash {
-		var h [64]byte
-		_, _ = H.Write(message)
-		_, _ = H.Read(h[:])
-		PHM = h[:]
-		H.Reset()
-	} else {
-		PHM = message
-	}
-
-	// 1.  Hash the 57-byte private key using SHAKE256(x, 114).
-	var h [hashSize]byte
-	_, _ = H.Write(privateKey[:SeedSize])
-	_, _ = H.Read(h[:])
-	s := &goldilocks.Scalar{}
-	deriveSecretScalar(s, h[:paramB])
-	prefix := h[paramB:]
-
-	// 2.  Compute SHAKE256(dom4(F, C) || prefix || PH(M), 114).
-	var rPM [hashSize]byte
-	H.Reset()
-
-	writeDom(&H, ctx, preHash)
-
-	_, _ = H.Write(prefix)
-	_, _ = H.Write(PHM)
-	_, _ = H.Read(rPM[:])
-
-	// 3.  Compute the point [r]B.
-	r := &goldilocks.Scalar{}
-	r.FromBytes(rPM[:])
-	R := (&[paramB]byte{})[:]
-	if err := (goldilocks.Curve{}.ScalarBaseMult(r).ToBytes(R)); err != nil {
-		panic(err)
-	}
-	// 4.  Compute SHAKE256(dom4(F, C) || R || A || PH(M), 114)
-	var hRAM [hashSize]byte
-	H.Reset()
-
-	writeDom(&H, ctx, preHash)
-
-	_, _ = H.Write(R)
-	_, _ = H.Write(privateKey[SeedSize:])
-	_, _ = H.Write(PHM)
-	_, _ = H.Read(hRAM[:])
-
-	// 5.  Compute S = (r + k * s) mod order.
-	k := &goldilocks.Scalar{}
-	k.FromBytes(hRAM[:])
-	S := &goldilocks.Scalar{}
-	S.Mul(k, s)
-	S.Add(S, r)
-
-	// 6.  The signature is the concatenation of R and S.
-	copy(signature[:paramB], R[:])
-	copy(signature[paramB:], S[:])
-}
-
-// Sign signs the message with privateKey and returns a signature.
-// This function supports the signature variant defined in RFC-8032: Ed448,
-// also known as the pure version of EdDSA.
-// It will panic if len(privateKey) is not PrivateKeySize.
-func Sign(priv PrivateKey, message []byte, ctx string) []byte {
-	signature := make([]byte, SignatureSize)
-	signAll(signature, priv, message, []byte(ctx), false)
-	return signature
-}
-
-// SignPh creates a signature of a message given a keypair.
-// This function supports the signature variant defined in RFC-8032: Ed448ph,
-// meaning it internally hashes the message using SHAKE-256.
-// Context could be passed to this function, which length should be no more than
-// 255. It can be empty.
-func SignPh(priv PrivateKey, message []byte, ctx string) []byte {
-	signature := make([]byte, SignatureSize)
-	signAll(signature, priv, message, []byte(ctx), true)
-	return signature
-}
-
-func verify(public PublicKey, message, signature, ctx []byte, preHash bool) bool {
-	if len(public) != PublicKeySize ||
-		len(signature) != SignatureSize ||
-		len(ctx) > ContextMaxSize ||
-		!isLessThanOrder(signature[paramB:]) {
-		return false
-	}
-
-	P, err := goldilocks.FromBytes(public)
-	if err != nil {
-		return false
-	}
-
-	H := sha3.NewShake256()
-	var PHM []byte
-
-	if preHash {
-		var h [64]byte
-		_, _ = H.Write(message)
-		_, _ = H.Read(h[:])
-		PHM = h[:]
-		H.Reset()
-	} else {
-		PHM = message
-	}
-
-	var hRAM [hashSize]byte
-	R := signature[:paramB]
-
-	writeDom(&H, ctx, preHash)
-
-	_, _ = H.Write(R)
-	_, _ = H.Write(public)
-	_, _ = H.Write(PHM)
-	_, _ = H.Read(hRAM[:])
-
-	k := &goldilocks.Scalar{}
-	k.FromBytes(hRAM[:])
-	S := &goldilocks.Scalar{}
-	S.FromBytes(signature[paramB:])
-
-	encR := (&[paramB]byte{})[:]
-	P.Neg()
-	_ = goldilocks.Curve{}.CombinedMult(S, k, P).ToBytes(encR)
-	return bytes.Equal(R, encR)
-}
-
-// VerifyAny returns true if the signature is valid. Failure cases are invalid
-// signature, or when the public key cannot be decoded.
-// This function supports all the two signature variants defined in RFC-8032,
-// namely Ed448 (or pure EdDSA) and Ed448Ph.
-// The opts.HashFunc() must return zero, this can be achieved by passing
-// crypto.Hash(0) as the value for opts.
-// Use a SignerOptions struct to pass a context string for signing.
-func VerifyAny(public PublicKey, message, signature []byte, opts crypto.SignerOpts) bool {
-	var ctx string
-	var scheme SchemeID
-	if o, ok := opts.(SignerOptions); ok {
-		ctx = o.Context
-		scheme = o.Scheme
-	}
-
-	switch true {
-	case scheme == ED448 && opts.HashFunc() == crypto.Hash(0):
-		return Verify(public, message, signature, ctx)
-	case scheme == ED448Ph && opts.HashFunc() == crypto.Hash(0):
-		return VerifyPh(public, message, signature, ctx)
-	default:
-		return false
-	}
-}
-
-// Verify returns true if the signature is valid. Failure cases are invalid
-// signature, or when the public key cannot be decoded.
-// This function supports the signature variant defined in RFC-8032: Ed448,
-// also known as the pure version of EdDSA.
-func Verify(public PublicKey, message, signature []byte, ctx string) bool {
-	return verify(public, message, signature, []byte(ctx), false)
-}
-
-// VerifyPh returns true if the signature is valid. Failure cases are invalid
-// signature, or when the public key cannot be decoded.
-// This function supports the signature variant defined in RFC-8032: Ed448ph,
-// meaning it internally hashes the message using SHAKE-256.
-// Context could be passed to this function, which length should be no more than
-// 255. It can be empty.
-func VerifyPh(public PublicKey, message, signature []byte, ctx string) bool {
-	return verify(public, message, signature, []byte(ctx), true)
-}
-
-func deriveSecretScalar(s *goldilocks.Scalar, h []byte) {
-	h[0] &= 0xFC        // The two least significant bits of the first octet are cleared,
-	h[paramB-1] = 0x00  // all eight bits the last octet are cleared, and
-	h[paramB-2] |= 0x80 // the highest bit of the second to last octet is set.
-	s.FromBytes(h[:paramB])
-}
-
-// isLessThanOrder returns true if 0 <= x < order and if the last byte of x is zero.
-func isLessThanOrder(x []byte) bool {
-	order := goldilocks.Curve{}.Order()
-	i := len(order) - 1
-	for i > 0 && x[i] == order[i] {
-		i--
-	}
-	return x[paramB-1] == 0 && x[i] < order[i]
-}
-
-func writeDom(h io.Writer, ctx []byte, preHash bool) {
-	dom4 := "SigEd448"
-	_, _ = h.Write([]byte(dom4))
-
-	if preHash {
-		_, _ = h.Write([]byte{byte(0x01), byte(len(ctx))})
-	} else {
-		_, _ = h.Write([]byte{byte(0x00), byte(len(ctx))})
-	}
-	_, _ = h.Write(ctx)
-}
diff --git a/vendor/github.com/cloudflare/circl/sign/ed448/signapi.go b/vendor/github.com/cloudflare/circl/sign/ed448/signapi.go
deleted file mode 100644
index 22da8bc0a5..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/ed448/signapi.go
+++ /dev/null
@@ -1,87 +0,0 @@
-package ed448
-
-import (
-	"crypto/rand"
-	"encoding/asn1"
-
-	"github.com/cloudflare/circl/sign"
-)
-
-var sch sign.Scheme = &scheme{}
-
-// Scheme returns a signature interface.
-func Scheme() sign.Scheme { return sch }
-
-type scheme struct{}
-
-func (*scheme) Name() string          { return "Ed448" }
-func (*scheme) PublicKeySize() int    { return PublicKeySize }
-func (*scheme) PrivateKeySize() int   { return PrivateKeySize }
-func (*scheme) SignatureSize() int    { return SignatureSize }
-func (*scheme) SeedSize() int         { return SeedSize }
-func (*scheme) TLSIdentifier() uint   { return 0x0808 }
-func (*scheme) SupportsContext() bool { return true }
-func (*scheme) Oid() asn1.ObjectIdentifier {
-	return asn1.ObjectIdentifier{1, 3, 101, 113}
-}
-
-func (*scheme) GenerateKey() (sign.PublicKey, sign.PrivateKey, error) {
-	return GenerateKey(rand.Reader)
-}
-
-func (*scheme) Sign(
-	sk sign.PrivateKey,
-	message []byte,
-	opts *sign.SignatureOpts,
-) []byte {
-	priv, ok := sk.(PrivateKey)
-	if !ok {
-		panic(sign.ErrTypeMismatch)
-	}
-	ctx := ""
-	if opts != nil {
-		ctx = opts.Context
-	}
-	return Sign(priv, message, ctx)
-}
-
-func (*scheme) Verify(
-	pk sign.PublicKey,
-	message, signature []byte,
-	opts *sign.SignatureOpts,
-) bool {
-	pub, ok := pk.(PublicKey)
-	if !ok {
-		panic(sign.ErrTypeMismatch)
-	}
-	ctx := ""
-	if opts != nil {
-		ctx = opts.Context
-	}
-	return Verify(pub, message, signature, ctx)
-}
-
-func (*scheme) DeriveKey(seed []byte) (sign.PublicKey, sign.PrivateKey) {
-	privateKey := NewKeyFromSeed(seed)
-	publicKey := make(PublicKey, PublicKeySize)
-	copy(publicKey, privateKey[SeedSize:])
-	return publicKey, privateKey
-}
-
-func (*scheme) UnmarshalBinaryPublicKey(buf []byte) (sign.PublicKey, error) {
-	if len(buf) < PublicKeySize {
-		return nil, sign.ErrPubKeySize
-	}
-	pub := make(PublicKey, PublicKeySize)
-	copy(pub, buf[:PublicKeySize])
-	return pub, nil
-}
-
-func (*scheme) UnmarshalBinaryPrivateKey(buf []byte) (sign.PrivateKey, error) {
-	if len(buf) < PrivateKeySize {
-		return nil, sign.ErrPrivKeySize
-	}
-	priv := make(PrivateKey, PrivateKeySize)
-	copy(priv, buf[:PrivateKeySize])
-	return priv, nil
-}
diff --git a/vendor/github.com/cloudflare/circl/sign/sign.go b/vendor/github.com/cloudflare/circl/sign/sign.go
deleted file mode 100644
index 557d6f0960..0000000000
--- a/vendor/github.com/cloudflare/circl/sign/sign.go
+++ /dev/null
@@ -1,113 +0,0 @@
-// Package sign provides unified interfaces for signature schemes.
-//
-// A register of schemes is available in the package
-//
-//	github.com/cloudflare/circl/sign/schemes
-package sign
-
-import (
-	"crypto"
-	"encoding"
-	"errors"
-)
-
-type SignatureOpts struct {
-	// If non-empty, includes the given context in the signature if supported
-	// and will cause an error during signing otherwise.
-	Context string
-}
-
-// A public key is used to verify a signature set by the corresponding private
-// key.
-type PublicKey interface {
-	// Returns the signature scheme for this public key.
-	Scheme() Scheme
-	Equal(crypto.PublicKey) bool
-	encoding.BinaryMarshaler
-	crypto.PublicKey
-}
-
-// A private key allows one to create signatures.
-type PrivateKey interface {
-	// Returns the signature scheme for this private key.
-	Scheme() Scheme
-	Equal(crypto.PrivateKey) bool
-	// For compatibility with Go standard library
-	crypto.Signer
-	crypto.PrivateKey
-	encoding.BinaryMarshaler
-}
-
-// A Scheme represents a specific instance of a signature scheme.
-type Scheme interface {
-	// Name of the scheme.
-	Name() string
-
-	// GenerateKey creates a new key-pair.
-	GenerateKey() (PublicKey, PrivateKey, error)
-
-	// Creates a signature using the PrivateKey on the given message and
-	// returns the signature. opts are additional options which can be nil.
-	//
-	// Panics if key is nil or wrong type or opts context is not supported.
-	Sign(sk PrivateKey, message []byte, opts *SignatureOpts) []byte
-
-	// Checks whether the given signature is a valid signature set by
-	// the private key corresponding to the given public key on the
-	// given message. opts are additional options which can be nil.
-	//
-	// Panics if key is nil or wrong type or opts context is not supported.
-	Verify(pk PublicKey, message []byte, signature []byte, opts *SignatureOpts) bool
-
-	// Deterministically derives a keypair from a seed. If you're unsure,
-	// you're better off using GenerateKey().
-	//
-	// Panics if seed is not of length SeedSize().
-	DeriveKey(seed []byte) (PublicKey, PrivateKey)
-
-	// Unmarshals a PublicKey from the provided buffer.
-	UnmarshalBinaryPublicKey([]byte) (PublicKey, error)
-
-	// Unmarshals a PublicKey from the provided buffer.
-	UnmarshalBinaryPrivateKey([]byte) (PrivateKey, error)
-
-	// Size of binary marshalled public keys.
-	PublicKeySize() int
-
-	// Size of binary marshalled public keys.
-	PrivateKeySize() int
-
-	// Size of signatures.
-	SignatureSize() int
-
-	// Size of seeds.
-	SeedSize() int
-
-	// Returns whether contexts are supported.
-	SupportsContext() bool
-}
-
-var (
-	// ErrTypeMismatch is the error used if types of, for instance, private
-	// and public keys don't match.
-	ErrTypeMismatch = errors.New("types mismatch")
-
-	// ErrSeedSize is the error used if the provided seed is of the wrong
-	// size.
-	ErrSeedSize = errors.New("wrong seed size")
-
-	// ErrPubKeySize is the error used if the provided public key is of
-	// the wrong size.
-	ErrPubKeySize = errors.New("wrong size for public key")
-
-	// ErrPrivKeySize is the error used if the provided private key is of
-	// the wrong size.
-	ErrPrivKeySize = errors.New("wrong size for private key")
-
-	// ErrContextNotSupported is the error used if a context is not
-	// supported.
-	ErrContextNotSupported = errors.New("context not supported")
-
-	// ErrContextTooLong is the error used if the context string is too long.
-	ErrContextTooLong = errors.New("context string too long")
-)
diff --git a/vendor/github.com/docker/docker-credential-helpers/client/command.go b/vendor/github.com/docker/docker-credential-helpers/client/command.go
index 1936234bef..93863480ba 100644
--- a/vendor/github.com/docker/docker-credential-helpers/client/command.go
+++ b/vendor/github.com/docker/docker-credential-helpers/client/command.go
@@ -15,27 +15,30 @@ type Program interface {
 // ProgramFunc is a type of function that initializes programs based on arguments.
 type ProgramFunc func(args ...string) Program
 
-// NewShellProgramFunc creates programs that are executed in a Shell.
-func NewShellProgramFunc(name string) ProgramFunc {
-	return NewShellProgramFuncWithEnv(name, nil)
+// NewShellProgramFunc creates a [ProgramFunc] to run command in a [Shell].
+func NewShellProgramFunc(command string) ProgramFunc {
+	return func(args ...string) Program {
+		return createProgramCmdRedirectErr(command, args, nil)
+	}
 }
 
-// NewShellProgramFuncWithEnv creates programs that are executed in a Shell with environment variables
-func NewShellProgramFuncWithEnv(name string, env *map[string]string) ProgramFunc {
+// NewShellProgramFuncWithEnv creates a [ProgramFunc] tu run command
+// in a [Shell] with the given environment variables.
+func NewShellProgramFuncWithEnv(command string, env *map[string]string) ProgramFunc {
 	return func(args ...string) Program {
-		return &Shell{cmd: createProgramCmdRedirectErr(name, args, env)}
+		return createProgramCmdRedirectErr(command, args, env)
 	}
 }
 
-func createProgramCmdRedirectErr(commandName string, args []string, env *map[string]string) *exec.Cmd {
-	programCmd := exec.Command(commandName, args...)
+func createProgramCmdRedirectErr(command string, args []string, env *map[string]string) *Shell {
+	ec := exec.Command(command, args...)
 	if env != nil {
 		for k, v := range *env {
-			programCmd.Env = append(programCmd.Environ(), k+"="+v)
+			ec.Env = append(ec.Environ(), k+"="+v)
 		}
 	}
-	programCmd.Stderr = os.Stderr
-	return programCmd
+	ec.Stderr = os.Stderr
+	return &Shell{cmd: ec}
 }
 
 // Shell invokes shell commands to talk with a remote credentials-helper.
diff --git a/vendor/github.com/go-logr/logr/.golangci.yaml b/vendor/github.com/go-logr/logr/.golangci.yaml
index 0cffafa7bf..0ed62c1a18 100644
--- a/vendor/github.com/go-logr/logr/.golangci.yaml
+++ b/vendor/github.com/go-logr/logr/.golangci.yaml
@@ -1,26 +1,28 @@
+version: "2"
+
 run:
   timeout: 1m
   tests: true
 
 linters:
-  disable-all: true
-  enable:
+  default: none
+  enable: # please keep this alphabetized
+    - asasalint
     - asciicheck
+    - copyloopvar
+    - dupl
     - errcheck
     - forcetypeassert
+    - goconst
     - gocritic
-    - gofmt
-    - goimports
-    - gosimple
     - govet
     - ineffassign
     - misspell
+    - musttag
     - revive
     - staticcheck
-    - typecheck
     - unused
 
 issues:
-  exclude-use-default: false
   max-issues-per-linter: 0
   max-same-issues: 10
diff --git a/vendor/github.com/go-logr/logr/funcr/funcr.go b/vendor/github.com/go-logr/logr/funcr/funcr.go
index 30568e768d..b22c57d713 100644
--- a/vendor/github.com/go-logr/logr/funcr/funcr.go
+++ b/vendor/github.com/go-logr/logr/funcr/funcr.go
@@ -77,7 +77,7 @@ func newSink(fn func(prefix, args string), formatter Formatter) logr.LogSink {
 		write:     fn,
 	}
 	// For skipping fnlogger.Info and fnlogger.Error.
-	l.Formatter.AddCallDepth(1)
+	l.AddCallDepth(1) // via Formatter
 	return l
 }
 
@@ -164,17 +164,17 @@ type fnlogger struct {
 }
 
 func (l fnlogger) WithName(name string) logr.LogSink {
-	l.Formatter.AddName(name)
+	l.AddName(name) // via Formatter
 	return &l
 }
 
 func (l fnlogger) WithValues(kvList ...any) logr.LogSink {
-	l.Formatter.AddValues(kvList)
+	l.AddValues(kvList) // via Formatter
 	return &l
 }
 
 func (l fnlogger) WithCallDepth(depth int) logr.LogSink {
-	l.Formatter.AddCallDepth(depth)
+	l.AddCallDepth(depth) // via Formatter
 	return &l
 }
 
diff --git a/vendor/github.com/golang/protobuf/proto/buffer.go b/vendor/github.com/golang/protobuf/proto/buffer.go
deleted file mode 100644
index e810e6fea1..0000000000
--- a/vendor/github.com/golang/protobuf/proto/buffer.go
+++ /dev/null
@@ -1,324 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"errors"
-	"fmt"
-
-	"google.golang.org/protobuf/encoding/prototext"
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/runtime/protoimpl"
-)
-
-const (
-	WireVarint     = 0
-	WireFixed32    = 5
-	WireFixed64    = 1
-	WireBytes      = 2
-	WireStartGroup = 3
-	WireEndGroup   = 4
-)
-
-// EncodeVarint returns the varint encoded bytes of v.
-func EncodeVarint(v uint64) []byte {
-	return protowire.AppendVarint(nil, v)
-}
-
-// SizeVarint returns the length of the varint encoded bytes of v.
-// This is equal to len(EncodeVarint(v)).
-func SizeVarint(v uint64) int {
-	return protowire.SizeVarint(v)
-}
-
-// DecodeVarint parses a varint encoded integer from b,
-// returning the integer value and the length of the varint.
-// It returns (0, 0) if there is a parse error.
-func DecodeVarint(b []byte) (uint64, int) {
-	v, n := protowire.ConsumeVarint(b)
-	if n < 0 {
-		return 0, 0
-	}
-	return v, n
-}
-
-// Buffer is a buffer for encoding and decoding the protobuf wire format.
-// It may be reused between invocations to reduce memory usage.
-type Buffer struct {
-	buf           []byte
-	idx           int
-	deterministic bool
-}
-
-// NewBuffer allocates a new Buffer initialized with buf,
-// where the contents of buf are considered the unread portion of the buffer.
-func NewBuffer(buf []byte) *Buffer {
-	return &Buffer{buf: buf}
-}
-
-// SetDeterministic specifies whether to use deterministic serialization.
-//
-// Deterministic serialization guarantees that for a given binary, equal
-// messages will always be serialized to the same bytes. This implies:
-//
-//   - Repeated serialization of a message will return the same bytes.
-//   - Different processes of the same binary (which may be executing on
-//     different machines) will serialize equal messages to the same bytes.
-//
-// Note that the deterministic serialization is NOT canonical across
-// languages. It is not guaranteed to remain stable over time. It is unstable
-// across different builds with schema changes due to unknown fields.
-// Users who need canonical serialization (e.g., persistent storage in a
-// canonical form, fingerprinting, etc.) should define their own
-// canonicalization specification and implement their own serializer rather
-// than relying on this API.
-//
-// If deterministic serialization is requested, map entries will be sorted
-// by keys in lexographical order. This is an implementation detail and
-// subject to change.
-func (b *Buffer) SetDeterministic(deterministic bool) {
-	b.deterministic = deterministic
-}
-
-// SetBuf sets buf as the internal buffer,
-// where the contents of buf are considered the unread portion of the buffer.
-func (b *Buffer) SetBuf(buf []byte) {
-	b.buf = buf
-	b.idx = 0
-}
-
-// Reset clears the internal buffer of all written and unread data.
-func (b *Buffer) Reset() {
-	b.buf = b.buf[:0]
-	b.idx = 0
-}
-
-// Bytes returns the internal buffer.
-func (b *Buffer) Bytes() []byte {
-	return b.buf
-}
-
-// Unread returns the unread portion of the buffer.
-func (b *Buffer) Unread() []byte {
-	return b.buf[b.idx:]
-}
-
-// Marshal appends the wire-format encoding of m to the buffer.
-func (b *Buffer) Marshal(m Message) error {
-	var err error
-	b.buf, err = marshalAppend(b.buf, m, b.deterministic)
-	return err
-}
-
-// Unmarshal parses the wire-format message in the buffer and
-// places the decoded results in m.
-// It does not reset m before unmarshaling.
-func (b *Buffer) Unmarshal(m Message) error {
-	err := UnmarshalMerge(b.Unread(), m)
-	b.idx = len(b.buf)
-	return err
-}
-
-type unknownFields struct{ XXX_unrecognized protoimpl.UnknownFields }
-
-func (m *unknownFields) String() string { panic("not implemented") }
-func (m *unknownFields) Reset()         { panic("not implemented") }
-func (m *unknownFields) ProtoMessage()  { panic("not implemented") }
-
-// DebugPrint dumps the encoded bytes of b with a header and footer including s
-// to stdout. This is only intended for debugging.
-func (*Buffer) DebugPrint(s string, b []byte) {
-	m := MessageReflect(new(unknownFields))
-	m.SetUnknown(b)
-	b, _ = prototext.MarshalOptions{AllowPartial: true, Indent: "\t"}.Marshal(m.Interface())
-	fmt.Printf("==== %s ====\n%s==== %s ====\n", s, b, s)
-}
-
-// EncodeVarint appends an unsigned varint encoding to the buffer.
-func (b *Buffer) EncodeVarint(v uint64) error {
-	b.buf = protowire.AppendVarint(b.buf, v)
-	return nil
-}
-
-// EncodeZigzag32 appends a 32-bit zig-zag varint encoding to the buffer.
-func (b *Buffer) EncodeZigzag32(v uint64) error {
-	return b.EncodeVarint(uint64((uint32(v) << 1) ^ uint32((int32(v) >> 31))))
-}
-
-// EncodeZigzag64 appends a 64-bit zig-zag varint encoding to the buffer.
-func (b *Buffer) EncodeZigzag64(v uint64) error {
-	return b.EncodeVarint(uint64((uint64(v) << 1) ^ uint64((int64(v) >> 63))))
-}
-
-// EncodeFixed32 appends a 32-bit little-endian integer to the buffer.
-func (b *Buffer) EncodeFixed32(v uint64) error {
-	b.buf = protowire.AppendFixed32(b.buf, uint32(v))
-	return nil
-}
-
-// EncodeFixed64 appends a 64-bit little-endian integer to the buffer.
-func (b *Buffer) EncodeFixed64(v uint64) error {
-	b.buf = protowire.AppendFixed64(b.buf, uint64(v))
-	return nil
-}
-
-// EncodeRawBytes appends a length-prefixed raw bytes to the buffer.
-func (b *Buffer) EncodeRawBytes(v []byte) error {
-	b.buf = protowire.AppendBytes(b.buf, v)
-	return nil
-}
-
-// EncodeStringBytes appends a length-prefixed raw bytes to the buffer.
-// It does not validate whether v contains valid UTF-8.
-func (b *Buffer) EncodeStringBytes(v string) error {
-	b.buf = protowire.AppendString(b.buf, v)
-	return nil
-}
-
-// EncodeMessage appends a length-prefixed encoded message to the buffer.
-func (b *Buffer) EncodeMessage(m Message) error {
-	var err error
-	b.buf = protowire.AppendVarint(b.buf, uint64(Size(m)))
-	b.buf, err = marshalAppend(b.buf, m, b.deterministic)
-	return err
-}
-
-// DecodeVarint consumes an encoded unsigned varint from the buffer.
-func (b *Buffer) DecodeVarint() (uint64, error) {
-	v, n := protowire.ConsumeVarint(b.buf[b.idx:])
-	if n < 0 {
-		return 0, protowire.ParseError(n)
-	}
-	b.idx += n
-	return uint64(v), nil
-}
-
-// DecodeZigzag32 consumes an encoded 32-bit zig-zag varint from the buffer.
-func (b *Buffer) DecodeZigzag32() (uint64, error) {
-	v, err := b.DecodeVarint()
-	if err != nil {
-		return 0, err
-	}
-	return uint64((uint32(v) >> 1) ^ uint32((int32(v&1)<<31)>>31)), nil
-}
-
-// DecodeZigzag64 consumes an encoded 64-bit zig-zag varint from the buffer.
-func (b *Buffer) DecodeZigzag64() (uint64, error) {
-	v, err := b.DecodeVarint()
-	if err != nil {
-		return 0, err
-	}
-	return uint64((uint64(v) >> 1) ^ uint64((int64(v&1)<<63)>>63)), nil
-}
-
-// DecodeFixed32 consumes a 32-bit little-endian integer from the buffer.
-func (b *Buffer) DecodeFixed32() (uint64, error) {
-	v, n := protowire.ConsumeFixed32(b.buf[b.idx:])
-	if n < 0 {
-		return 0, protowire.ParseError(n)
-	}
-	b.idx += n
-	return uint64(v), nil
-}
-
-// DecodeFixed64 consumes a 64-bit little-endian integer from the buffer.
-func (b *Buffer) DecodeFixed64() (uint64, error) {
-	v, n := protowire.ConsumeFixed64(b.buf[b.idx:])
-	if n < 0 {
-		return 0, protowire.ParseError(n)
-	}
-	b.idx += n
-	return uint64(v), nil
-}
-
-// DecodeRawBytes consumes a length-prefixed raw bytes from the buffer.
-// If alloc is specified, it returns a copy the raw bytes
-// rather than a sub-slice of the buffer.
-func (b *Buffer) DecodeRawBytes(alloc bool) ([]byte, error) {
-	v, n := protowire.ConsumeBytes(b.buf[b.idx:])
-	if n < 0 {
-		return nil, protowire.ParseError(n)
-	}
-	b.idx += n
-	if alloc {
-		v = append([]byte(nil), v...)
-	}
-	return v, nil
-}
-
-// DecodeStringBytes consumes a length-prefixed raw bytes from the buffer.
-// It does not validate whether the raw bytes contain valid UTF-8.
-func (b *Buffer) DecodeStringBytes() (string, error) {
-	v, n := protowire.ConsumeString(b.buf[b.idx:])
-	if n < 0 {
-		return "", protowire.ParseError(n)
-	}
-	b.idx += n
-	return v, nil
-}
-
-// DecodeMessage consumes a length-prefixed message from the buffer.
-// It does not reset m before unmarshaling.
-func (b *Buffer) DecodeMessage(m Message) error {
-	v, err := b.DecodeRawBytes(false)
-	if err != nil {
-		return err
-	}
-	return UnmarshalMerge(v, m)
-}
-
-// DecodeGroup consumes a message group from the buffer.
-// It assumes that the start group marker has already been consumed and
-// consumes all bytes until (and including the end group marker).
-// It does not reset m before unmarshaling.
-func (b *Buffer) DecodeGroup(m Message) error {
-	v, n, err := consumeGroup(b.buf[b.idx:])
-	if err != nil {
-		return err
-	}
-	b.idx += n
-	return UnmarshalMerge(v, m)
-}
-
-// consumeGroup parses b until it finds an end group marker, returning
-// the raw bytes of the message (excluding the end group marker) and the
-// the total length of the message (including the end group marker).
-func consumeGroup(b []byte) ([]byte, int, error) {
-	b0 := b
-	depth := 1 // assume this follows a start group marker
-	for {
-		_, wtyp, tagLen := protowire.ConsumeTag(b)
-		if tagLen < 0 {
-			return nil, 0, protowire.ParseError(tagLen)
-		}
-		b = b[tagLen:]
-
-		var valLen int
-		switch wtyp {
-		case protowire.VarintType:
-			_, valLen = protowire.ConsumeVarint(b)
-		case protowire.Fixed32Type:
-			_, valLen = protowire.ConsumeFixed32(b)
-		case protowire.Fixed64Type:
-			_, valLen = protowire.ConsumeFixed64(b)
-		case protowire.BytesType:
-			_, valLen = protowire.ConsumeBytes(b)
-		case protowire.StartGroupType:
-			depth++
-		case protowire.EndGroupType:
-			depth--
-		default:
-			return nil, 0, errors.New("proto: cannot parse reserved wire type")
-		}
-		if valLen < 0 {
-			return nil, 0, protowire.ParseError(valLen)
-		}
-		b = b[valLen:]
-
-		if depth == 0 {
-			return b0[:len(b0)-len(b)-tagLen], len(b0) - len(b), nil
-		}
-	}
-}
diff --git a/vendor/github.com/golang/protobuf/proto/defaults.go b/vendor/github.com/golang/protobuf/proto/defaults.go
deleted file mode 100644
index d399bf069c..0000000000
--- a/vendor/github.com/golang/protobuf/proto/defaults.go
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"google.golang.org/protobuf/reflect/protoreflect"
-)
-
-// SetDefaults sets unpopulated scalar fields to their default values.
-// Fields within a oneof are not set even if they have a default value.
-// SetDefaults is recursively called upon any populated message fields.
-func SetDefaults(m Message) {
-	if m != nil {
-		setDefaults(MessageReflect(m))
-	}
-}
-
-func setDefaults(m protoreflect.Message) {
-	fds := m.Descriptor().Fields()
-	for i := 0; i < fds.Len(); i++ {
-		fd := fds.Get(i)
-		if !m.Has(fd) {
-			if fd.HasDefault() && fd.ContainingOneof() == nil {
-				v := fd.Default()
-				if fd.Kind() == protoreflect.BytesKind {
-					v = protoreflect.ValueOf(append([]byte(nil), v.Bytes()...)) // copy the default bytes
-				}
-				m.Set(fd, v)
-			}
-			continue
-		}
-	}
-
-	m.Range(func(fd protoreflect.FieldDescriptor, v protoreflect.Value) bool {
-		switch {
-		// Handle singular message.
-		case fd.Cardinality() != protoreflect.Repeated:
-			if fd.Message() != nil {
-				setDefaults(m.Get(fd).Message())
-			}
-		// Handle list of messages.
-		case fd.IsList():
-			if fd.Message() != nil {
-				ls := m.Get(fd).List()
-				for i := 0; i < ls.Len(); i++ {
-					setDefaults(ls.Get(i).Message())
-				}
-			}
-		// Handle map of messages.
-		case fd.IsMap():
-			if fd.MapValue().Message() != nil {
-				ms := m.Get(fd).Map()
-				ms.Range(func(_ protoreflect.MapKey, v protoreflect.Value) bool {
-					setDefaults(v.Message())
-					return true
-				})
-			}
-		}
-		return true
-	})
-}
diff --git a/vendor/github.com/golang/protobuf/proto/deprecated.go b/vendor/github.com/golang/protobuf/proto/deprecated.go
deleted file mode 100644
index e8db57e097..0000000000
--- a/vendor/github.com/golang/protobuf/proto/deprecated.go
+++ /dev/null
@@ -1,113 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"strconv"
-
-	protoV2 "google.golang.org/protobuf/proto"
-)
-
-var (
-	// Deprecated: No longer returned.
-	ErrNil = errors.New("proto: Marshal called with nil")
-
-	// Deprecated: No longer returned.
-	ErrTooLarge = errors.New("proto: message encodes to over 2 GB")
-
-	// Deprecated: No longer returned.
-	ErrInternalBadWireType = errors.New("proto: internal error: bad wiretype for oneof")
-)
-
-// Deprecated: Do not use.
-type Stats struct{ Emalloc, Dmalloc, Encode, Decode, Chit, Cmiss, Size uint64 }
-
-// Deprecated: Do not use.
-func GetStats() Stats { return Stats{} }
-
-// Deprecated: Do not use.
-func MarshalMessageSet(interface{}) ([]byte, error) {
-	return nil, errors.New("proto: not implemented")
-}
-
-// Deprecated: Do not use.
-func UnmarshalMessageSet([]byte, interface{}) error {
-	return errors.New("proto: not implemented")
-}
-
-// Deprecated: Do not use.
-func MarshalMessageSetJSON(interface{}) ([]byte, error) {
-	return nil, errors.New("proto: not implemented")
-}
-
-// Deprecated: Do not use.
-func UnmarshalMessageSetJSON([]byte, interface{}) error {
-	return errors.New("proto: not implemented")
-}
-
-// Deprecated: Do not use.
-func RegisterMessageSetType(Message, int32, string) {}
-
-// Deprecated: Do not use.
-func EnumName(m map[int32]string, v int32) string {
-	s, ok := m[v]
-	if ok {
-		return s
-	}
-	return strconv.Itoa(int(v))
-}
-
-// Deprecated: Do not use.
-func UnmarshalJSONEnum(m map[string]int32, data []byte, enumName string) (int32, error) {
-	if data[0] == '"' {
-		// New style: enums are strings.
-		var repr string
-		if err := json.Unmarshal(data, &repr); err != nil {
-			return -1, err
-		}
-		val, ok := m[repr]
-		if !ok {
-			return 0, fmt.Errorf("unrecognized enum %s value %q", enumName, repr)
-		}
-		return val, nil
-	}
-	// Old style: enums are ints.
-	var val int32
-	if err := json.Unmarshal(data, &val); err != nil {
-		return 0, fmt.Errorf("cannot unmarshal %#q into enum %s", data, enumName)
-	}
-	return val, nil
-}
-
-// Deprecated: Do not use; this type existed for intenal-use only.
-type InternalMessageInfo struct{}
-
-// Deprecated: Do not use; this method existed for intenal-use only.
-func (*InternalMessageInfo) DiscardUnknown(m Message) {
-	DiscardUnknown(m)
-}
-
-// Deprecated: Do not use; this method existed for intenal-use only.
-func (*InternalMessageInfo) Marshal(b []byte, m Message, deterministic bool) ([]byte, error) {
-	return protoV2.MarshalOptions{Deterministic: deterministic}.MarshalAppend(b, MessageV2(m))
-}
-
-// Deprecated: Do not use; this method existed for intenal-use only.
-func (*InternalMessageInfo) Merge(dst, src Message) {
-	protoV2.Merge(MessageV2(dst), MessageV2(src))
-}
-
-// Deprecated: Do not use; this method existed for intenal-use only.
-func (*InternalMessageInfo) Size(m Message) int {
-	return protoV2.Size(MessageV2(m))
-}
-
-// Deprecated: Do not use; this method existed for intenal-use only.
-func (*InternalMessageInfo) Unmarshal(m Message, b []byte) error {
-	return protoV2.UnmarshalOptions{Merge: true}.Unmarshal(b, MessageV2(m))
-}
diff --git a/vendor/github.com/golang/protobuf/proto/discard.go b/vendor/github.com/golang/protobuf/proto/discard.go
deleted file mode 100644
index 2187e877fa..0000000000
--- a/vendor/github.com/golang/protobuf/proto/discard.go
+++ /dev/null
@@ -1,58 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"google.golang.org/protobuf/reflect/protoreflect"
-)
-
-// DiscardUnknown recursively discards all unknown fields from this message
-// and all embedded messages.
-//
-// When unmarshaling a message with unrecognized fields, the tags and values
-// of such fields are preserved in the Message. This allows a later call to
-// marshal to be able to produce a message that continues to have those
-// unrecognized fields. To avoid this, DiscardUnknown is used to
-// explicitly clear the unknown fields after unmarshaling.
-func DiscardUnknown(m Message) {
-	if m != nil {
-		discardUnknown(MessageReflect(m))
-	}
-}
-
-func discardUnknown(m protoreflect.Message) {
-	m.Range(func(fd protoreflect.FieldDescriptor, val protoreflect.Value) bool {
-		switch {
-		// Handle singular message.
-		case fd.Cardinality() != protoreflect.Repeated:
-			if fd.Message() != nil {
-				discardUnknown(m.Get(fd).Message())
-			}
-		// Handle list of messages.
-		case fd.IsList():
-			if fd.Message() != nil {
-				ls := m.Get(fd).List()
-				for i := 0; i < ls.Len(); i++ {
-					discardUnknown(ls.Get(i).Message())
-				}
-			}
-		// Handle map of messages.
-		case fd.IsMap():
-			if fd.MapValue().Message() != nil {
-				ms := m.Get(fd).Map()
-				ms.Range(func(_ protoreflect.MapKey, v protoreflect.Value) bool {
-					discardUnknown(v.Message())
-					return true
-				})
-			}
-		}
-		return true
-	})
-
-	// Discard unknown fields.
-	if len(m.GetUnknown()) > 0 {
-		m.SetUnknown(nil)
-	}
-}
diff --git a/vendor/github.com/golang/protobuf/proto/extensions.go b/vendor/github.com/golang/protobuf/proto/extensions.go
deleted file mode 100644
index 42fc120c97..0000000000
--- a/vendor/github.com/golang/protobuf/proto/extensions.go
+++ /dev/null
@@ -1,356 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"errors"
-	"fmt"
-	"reflect"
-
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/reflect/protoregistry"
-	"google.golang.org/protobuf/runtime/protoiface"
-	"google.golang.org/protobuf/runtime/protoimpl"
-)
-
-type (
-	// ExtensionDesc represents an extension descriptor and
-	// is used to interact with an extension field in a message.
-	//
-	// Variables of this type are generated in code by protoc-gen-go.
-	ExtensionDesc = protoimpl.ExtensionInfo
-
-	// ExtensionRange represents a range of message extensions.
-	// Used in code generated by protoc-gen-go.
-	ExtensionRange = protoiface.ExtensionRangeV1
-
-	// Deprecated: Do not use; this is an internal type.
-	Extension = protoimpl.ExtensionFieldV1
-
-	// Deprecated: Do not use; this is an internal type.
-	XXX_InternalExtensions = protoimpl.ExtensionFields
-)
-
-// ErrMissingExtension reports whether the extension was not present.
-var ErrMissingExtension = errors.New("proto: missing extension")
-
-var errNotExtendable = errors.New("proto: not an extendable proto.Message")
-
-// HasExtension reports whether the extension field is present in m
-// either as an explicitly populated field or as an unknown field.
-func HasExtension(m Message, xt *ExtensionDesc) (has bool) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return false
-	}
-
-	// Check whether any populated known field matches the field number.
-	xtd := xt.TypeDescriptor()
-	if isValidExtension(mr.Descriptor(), xtd) {
-		has = mr.Has(xtd)
-	} else {
-		mr.Range(func(fd protoreflect.FieldDescriptor, _ protoreflect.Value) bool {
-			has = int32(fd.Number()) == xt.Field
-			return !has
-		})
-	}
-
-	// Check whether any unknown field matches the field number.
-	for b := mr.GetUnknown(); !has && len(b) > 0; {
-		num, _, n := protowire.ConsumeField(b)
-		has = int32(num) == xt.Field
-		b = b[n:]
-	}
-	return has
-}
-
-// ClearExtension removes the extension field from m
-// either as an explicitly populated field or as an unknown field.
-func ClearExtension(m Message, xt *ExtensionDesc) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return
-	}
-
-	xtd := xt.TypeDescriptor()
-	if isValidExtension(mr.Descriptor(), xtd) {
-		mr.Clear(xtd)
-	} else {
-		mr.Range(func(fd protoreflect.FieldDescriptor, _ protoreflect.Value) bool {
-			if int32(fd.Number()) == xt.Field {
-				mr.Clear(fd)
-				return false
-			}
-			return true
-		})
-	}
-	clearUnknown(mr, fieldNum(xt.Field))
-}
-
-// ClearAllExtensions clears all extensions from m.
-// This includes populated fields and unknown fields in the extension range.
-func ClearAllExtensions(m Message) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return
-	}
-
-	mr.Range(func(fd protoreflect.FieldDescriptor, _ protoreflect.Value) bool {
-		if fd.IsExtension() {
-			mr.Clear(fd)
-		}
-		return true
-	})
-	clearUnknown(mr, mr.Descriptor().ExtensionRanges())
-}
-
-// GetExtension retrieves a proto2 extended field from m.
-//
-// If the descriptor is type complete (i.e., ExtensionDesc.ExtensionType is non-nil),
-// then GetExtension parses the encoded field and returns a Go value of the specified type.
-// If the field is not present, then the default value is returned (if one is specified),
-// otherwise ErrMissingExtension is reported.
-//
-// If the descriptor is type incomplete (i.e., ExtensionDesc.ExtensionType is nil),
-// then GetExtension returns the raw encoded bytes for the extension field.
-func GetExtension(m Message, xt *ExtensionDesc) (interface{}, error) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() || mr.Descriptor().ExtensionRanges().Len() == 0 {
-		return nil, errNotExtendable
-	}
-
-	// Retrieve the unknown fields for this extension field.
-	var bo protoreflect.RawFields
-	for bi := mr.GetUnknown(); len(bi) > 0; {
-		num, _, n := protowire.ConsumeField(bi)
-		if int32(num) == xt.Field {
-			bo = append(bo, bi[:n]...)
-		}
-		bi = bi[n:]
-	}
-
-	// For type incomplete descriptors, only retrieve the unknown fields.
-	if xt.ExtensionType == nil {
-		return []byte(bo), nil
-	}
-
-	// If the extension field only exists as unknown fields, unmarshal it.
-	// This is rarely done since proto.Unmarshal eagerly unmarshals extensions.
-	xtd := xt.TypeDescriptor()
-	if !isValidExtension(mr.Descriptor(), xtd) {
-		return nil, fmt.Errorf("proto: bad extended type; %T does not extend %T", xt.ExtendedType, m)
-	}
-	if !mr.Has(xtd) && len(bo) > 0 {
-		m2 := mr.New()
-		if err := (proto.UnmarshalOptions{
-			Resolver: extensionResolver{xt},
-		}.Unmarshal(bo, m2.Interface())); err != nil {
-			return nil, err
-		}
-		if m2.Has(xtd) {
-			mr.Set(xtd, m2.Get(xtd))
-			clearUnknown(mr, fieldNum(xt.Field))
-		}
-	}
-
-	// Check whether the message has the extension field set or a default.
-	var pv protoreflect.Value
-	switch {
-	case mr.Has(xtd):
-		pv = mr.Get(xtd)
-	case xtd.HasDefault():
-		pv = xtd.Default()
-	default:
-		return nil, ErrMissingExtension
-	}
-
-	v := xt.InterfaceOf(pv)
-	rv := reflect.ValueOf(v)
-	if isScalarKind(rv.Kind()) {
-		rv2 := reflect.New(rv.Type())
-		rv2.Elem().Set(rv)
-		v = rv2.Interface()
-	}
-	return v, nil
-}
-
-// extensionResolver is a custom extension resolver that stores a single
-// extension type that takes precedence over the global registry.
-type extensionResolver struct{ xt protoreflect.ExtensionType }
-
-func (r extensionResolver) FindExtensionByName(field protoreflect.FullName) (protoreflect.ExtensionType, error) {
-	if xtd := r.xt.TypeDescriptor(); xtd.FullName() == field {
-		return r.xt, nil
-	}
-	return protoregistry.GlobalTypes.FindExtensionByName(field)
-}
-
-func (r extensionResolver) FindExtensionByNumber(message protoreflect.FullName, field protoreflect.FieldNumber) (protoreflect.ExtensionType, error) {
-	if xtd := r.xt.TypeDescriptor(); xtd.ContainingMessage().FullName() == message && xtd.Number() == field {
-		return r.xt, nil
-	}
-	return protoregistry.GlobalTypes.FindExtensionByNumber(message, field)
-}
-
-// GetExtensions returns a list of the extensions values present in m,
-// corresponding with the provided list of extension descriptors, xts.
-// If an extension is missing in m, the corresponding value is nil.
-func GetExtensions(m Message, xts []*ExtensionDesc) ([]interface{}, error) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return nil, errNotExtendable
-	}
-
-	vs := make([]interface{}, len(xts))
-	for i, xt := range xts {
-		v, err := GetExtension(m, xt)
-		if err != nil {
-			if err == ErrMissingExtension {
-				continue
-			}
-			return vs, err
-		}
-		vs[i] = v
-	}
-	return vs, nil
-}
-
-// SetExtension sets an extension field in m to the provided value.
-func SetExtension(m Message, xt *ExtensionDesc, v interface{}) error {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() || mr.Descriptor().ExtensionRanges().Len() == 0 {
-		return errNotExtendable
-	}
-
-	rv := reflect.ValueOf(v)
-	if reflect.TypeOf(v) != reflect.TypeOf(xt.ExtensionType) {
-		return fmt.Errorf("proto: bad extension value type. got: %T, want: %T", v, xt.ExtensionType)
-	}
-	if rv.Kind() == reflect.Ptr {
-		if rv.IsNil() {
-			return fmt.Errorf("proto: SetExtension called with nil value of type %T", v)
-		}
-		if isScalarKind(rv.Elem().Kind()) {
-			v = rv.Elem().Interface()
-		}
-	}
-
-	xtd := xt.TypeDescriptor()
-	if !isValidExtension(mr.Descriptor(), xtd) {
-		return fmt.Errorf("proto: bad extended type; %T does not extend %T", xt.ExtendedType, m)
-	}
-	mr.Set(xtd, xt.ValueOf(v))
-	clearUnknown(mr, fieldNum(xt.Field))
-	return nil
-}
-
-// SetRawExtension inserts b into the unknown fields of m.
-//
-// Deprecated: Use Message.ProtoReflect.SetUnknown instead.
-func SetRawExtension(m Message, fnum int32, b []byte) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return
-	}
-
-	// Verify that the raw field is valid.
-	for b0 := b; len(b0) > 0; {
-		num, _, n := protowire.ConsumeField(b0)
-		if int32(num) != fnum {
-			panic(fmt.Sprintf("mismatching field number: got %d, want %d", num, fnum))
-		}
-		b0 = b0[n:]
-	}
-
-	ClearExtension(m, &ExtensionDesc{Field: fnum})
-	mr.SetUnknown(append(mr.GetUnknown(), b...))
-}
-
-// ExtensionDescs returns a list of extension descriptors found in m,
-// containing descriptors for both populated extension fields in m and
-// also unknown fields of m that are in the extension range.
-// For the later case, an type incomplete descriptor is provided where only
-// the ExtensionDesc.Field field is populated.
-// The order of the extension descriptors is undefined.
-func ExtensionDescs(m Message) ([]*ExtensionDesc, error) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() || mr.Descriptor().ExtensionRanges().Len() == 0 {
-		return nil, errNotExtendable
-	}
-
-	// Collect a set of known extension descriptors.
-	extDescs := make(map[protoreflect.FieldNumber]*ExtensionDesc)
-	mr.Range(func(fd protoreflect.FieldDescriptor, v protoreflect.Value) bool {
-		if fd.IsExtension() {
-			xt := fd.(protoreflect.ExtensionTypeDescriptor)
-			if xd, ok := xt.Type().(*ExtensionDesc); ok {
-				extDescs[fd.Number()] = xd
-			}
-		}
-		return true
-	})
-
-	// Collect a set of unknown extension descriptors.
-	extRanges := mr.Descriptor().ExtensionRanges()
-	for b := mr.GetUnknown(); len(b) > 0; {
-		num, _, n := protowire.ConsumeField(b)
-		if extRanges.Has(num) && extDescs[num] == nil {
-			extDescs[num] = nil
-		}
-		b = b[n:]
-	}
-
-	// Transpose the set of descriptors into a list.
-	var xts []*ExtensionDesc
-	for num, xt := range extDescs {
-		if xt == nil {
-			xt = &ExtensionDesc{Field: int32(num)}
-		}
-		xts = append(xts, xt)
-	}
-	return xts, nil
-}
-
-// isValidExtension reports whether xtd is a valid extension descriptor for md.
-func isValidExtension(md protoreflect.MessageDescriptor, xtd protoreflect.ExtensionTypeDescriptor) bool {
-	return xtd.ContainingMessage() == md && md.ExtensionRanges().Has(xtd.Number())
-}
-
-// isScalarKind reports whether k is a protobuf scalar kind (except bytes).
-// This function exists for historical reasons since the representation of
-// scalars differs between v1 and v2, where v1 uses *T and v2 uses T.
-func isScalarKind(k reflect.Kind) bool {
-	switch k {
-	case reflect.Bool, reflect.Int32, reflect.Int64, reflect.Uint32, reflect.Uint64, reflect.Float32, reflect.Float64, reflect.String:
-		return true
-	default:
-		return false
-	}
-}
-
-// clearUnknown removes unknown fields from m where remover.Has reports true.
-func clearUnknown(m protoreflect.Message, remover interface {
-	Has(protoreflect.FieldNumber) bool
-}) {
-	var bo protoreflect.RawFields
-	for bi := m.GetUnknown(); len(bi) > 0; {
-		num, _, n := protowire.ConsumeField(bi)
-		if !remover.Has(num) {
-			bo = append(bo, bi[:n]...)
-		}
-		bi = bi[n:]
-	}
-	if bi := m.GetUnknown(); len(bi) != len(bo) {
-		m.SetUnknown(bo)
-	}
-}
-
-type fieldNum protoreflect.FieldNumber
-
-func (n1 fieldNum) Has(n2 protoreflect.FieldNumber) bool {
-	return protoreflect.FieldNumber(n1) == n2
-}
diff --git a/vendor/github.com/golang/protobuf/proto/properties.go b/vendor/github.com/golang/protobuf/proto/properties.go
deleted file mode 100644
index dcdc2202fa..0000000000
--- a/vendor/github.com/golang/protobuf/proto/properties.go
+++ /dev/null
@@ -1,306 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"fmt"
-	"reflect"
-	"strconv"
-	"strings"
-	"sync"
-
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/runtime/protoimpl"
-)
-
-// StructProperties represents protocol buffer type information for a
-// generated protobuf message in the open-struct API.
-//
-// Deprecated: Do not use.
-type StructProperties struct {
-	// Prop are the properties for each field.
-	//
-	// Fields belonging to a oneof are stored in OneofTypes instead, with a
-	// single Properties representing the parent oneof held here.
-	//
-	// The order of Prop matches the order of fields in the Go struct.
-	// Struct fields that are not related to protobufs have a "XXX_" prefix
-	// in the Properties.Name and must be ignored by the user.
-	Prop []*Properties
-
-	// OneofTypes contains information about the oneof fields in this message.
-	// It is keyed by the protobuf field name.
-	OneofTypes map[string]*OneofProperties
-}
-
-// Properties represents the type information for a protobuf message field.
-//
-// Deprecated: Do not use.
-type Properties struct {
-	// Name is a placeholder name with little meaningful semantic value.
-	// If the name has an "XXX_" prefix, the entire Properties must be ignored.
-	Name string
-	// OrigName is the protobuf field name or oneof name.
-	OrigName string
-	// JSONName is the JSON name for the protobuf field.
-	JSONName string
-	// Enum is a placeholder name for enums.
-	// For historical reasons, this is neither the Go name for the enum,
-	// nor the protobuf name for the enum.
-	Enum string // Deprecated: Do not use.
-	// Weak contains the full name of the weakly referenced message.
-	Weak string
-	// Wire is a string representation of the wire type.
-	Wire string
-	// WireType is the protobuf wire type for the field.
-	WireType int
-	// Tag is the protobuf field number.
-	Tag int
-	// Required reports whether this is a required field.
-	Required bool
-	// Optional reports whether this is a optional field.
-	Optional bool
-	// Repeated reports whether this is a repeated field.
-	Repeated bool
-	// Packed reports whether this is a packed repeated field of scalars.
-	Packed bool
-	// Proto3 reports whether this field operates under the proto3 syntax.
-	Proto3 bool
-	// Oneof reports whether this field belongs within a oneof.
-	Oneof bool
-
-	// Default is the default value in string form.
-	Default string
-	// HasDefault reports whether the field has a default value.
-	HasDefault bool
-
-	// MapKeyProp is the properties for the key field for a map field.
-	MapKeyProp *Properties
-	// MapValProp is the properties for the value field for a map field.
-	MapValProp *Properties
-}
-
-// OneofProperties represents the type information for a protobuf oneof.
-//
-// Deprecated: Do not use.
-type OneofProperties struct {
-	// Type is a pointer to the generated wrapper type for the field value.
-	// This is nil for messages that are not in the open-struct API.
-	Type reflect.Type
-	// Field is the index into StructProperties.Prop for the containing oneof.
-	Field int
-	// Prop is the properties for the field.
-	Prop *Properties
-}
-
-// String formats the properties in the protobuf struct field tag style.
-func (p *Properties) String() string {
-	s := p.Wire
-	s += "," + strconv.Itoa(p.Tag)
-	if p.Required {
-		s += ",req"
-	}
-	if p.Optional {
-		s += ",opt"
-	}
-	if p.Repeated {
-		s += ",rep"
-	}
-	if p.Packed {
-		s += ",packed"
-	}
-	s += ",name=" + p.OrigName
-	if p.JSONName != "" {
-		s += ",json=" + p.JSONName
-	}
-	if len(p.Enum) > 0 {
-		s += ",enum=" + p.Enum
-	}
-	if len(p.Weak) > 0 {
-		s += ",weak=" + p.Weak
-	}
-	if p.Proto3 {
-		s += ",proto3"
-	}
-	if p.Oneof {
-		s += ",oneof"
-	}
-	if p.HasDefault {
-		s += ",def=" + p.Default
-	}
-	return s
-}
-
-// Parse populates p by parsing a string in the protobuf struct field tag style.
-func (p *Properties) Parse(tag string) {
-	// For example: "bytes,49,opt,name=foo,def=hello!"
-	for len(tag) > 0 {
-		i := strings.IndexByte(tag, ',')
-		if i < 0 {
-			i = len(tag)
-		}
-		switch s := tag[:i]; {
-		case strings.HasPrefix(s, "name="):
-			p.OrigName = s[len("name="):]
-		case strings.HasPrefix(s, "json="):
-			p.JSONName = s[len("json="):]
-		case strings.HasPrefix(s, "enum="):
-			p.Enum = s[len("enum="):]
-		case strings.HasPrefix(s, "weak="):
-			p.Weak = s[len("weak="):]
-		case strings.Trim(s, "0123456789") == "":
-			n, _ := strconv.ParseUint(s, 10, 32)
-			p.Tag = int(n)
-		case s == "opt":
-			p.Optional = true
-		case s == "req":
-			p.Required = true
-		case s == "rep":
-			p.Repeated = true
-		case s == "varint" || s == "zigzag32" || s == "zigzag64":
-			p.Wire = s
-			p.WireType = WireVarint
-		case s == "fixed32":
-			p.Wire = s
-			p.WireType = WireFixed32
-		case s == "fixed64":
-			p.Wire = s
-			p.WireType = WireFixed64
-		case s == "bytes":
-			p.Wire = s
-			p.WireType = WireBytes
-		case s == "group":
-			p.Wire = s
-			p.WireType = WireStartGroup
-		case s == "packed":
-			p.Packed = true
-		case s == "proto3":
-			p.Proto3 = true
-		case s == "oneof":
-			p.Oneof = true
-		case strings.HasPrefix(s, "def="):
-			// The default tag is special in that everything afterwards is the
-			// default regardless of the presence of commas.
-			p.HasDefault = true
-			p.Default, i = tag[len("def="):], len(tag)
-		}
-		tag = strings.TrimPrefix(tag[i:], ",")
-	}
-}
-
-// Init populates the properties from a protocol buffer struct tag.
-//
-// Deprecated: Do not use.
-func (p *Properties) Init(typ reflect.Type, name, tag string, f *reflect.StructField) {
-	p.Name = name
-	p.OrigName = name
-	if tag == "" {
-		return
-	}
-	p.Parse(tag)
-
-	if typ != nil && typ.Kind() == reflect.Map {
-		p.MapKeyProp = new(Properties)
-		p.MapKeyProp.Init(nil, "Key", f.Tag.Get("protobuf_key"), nil)
-		p.MapValProp = new(Properties)
-		p.MapValProp.Init(nil, "Value", f.Tag.Get("protobuf_val"), nil)
-	}
-}
-
-var propertiesCache sync.Map // map[reflect.Type]*StructProperties
-
-// GetProperties returns the list of properties for the type represented by t,
-// which must be a generated protocol buffer message in the open-struct API,
-// where protobuf message fields are represented by exported Go struct fields.
-//
-// Deprecated: Use protobuf reflection instead.
-func GetProperties(t reflect.Type) *StructProperties {
-	if p, ok := propertiesCache.Load(t); ok {
-		return p.(*StructProperties)
-	}
-	p, _ := propertiesCache.LoadOrStore(t, newProperties(t))
-	return p.(*StructProperties)
-}
-
-func newProperties(t reflect.Type) *StructProperties {
-	if t.Kind() != reflect.Struct {
-		panic(fmt.Sprintf("%v is not a generated message in the open-struct API", t))
-	}
-
-	var hasOneof bool
-	prop := new(StructProperties)
-
-	// Construct a list of properties for each field in the struct.
-	for i := 0; i < t.NumField(); i++ {
-		p := new(Properties)
-		f := t.Field(i)
-		tagField := f.Tag.Get("protobuf")
-		p.Init(f.Type, f.Name, tagField, &f)
-
-		tagOneof := f.Tag.Get("protobuf_oneof")
-		if tagOneof != "" {
-			hasOneof = true
-			p.OrigName = tagOneof
-		}
-
-		// Rename unrelated struct fields with the "XXX_" prefix since so much
-		// user code simply checks for this to exclude special fields.
-		if tagField == "" && tagOneof == "" && !strings.HasPrefix(p.Name, "XXX_") {
-			p.Name = "XXX_" + p.Name
-			p.OrigName = "XXX_" + p.OrigName
-		} else if p.Weak != "" {
-			p.Name = p.OrigName // avoid possible "XXX_" prefix on weak field
-		}
-
-		prop.Prop = append(prop.Prop, p)
-	}
-
-	// Construct a mapping of oneof field names to properties.
-	if hasOneof {
-		var oneofWrappers []interface{}
-		if fn, ok := reflect.PtrTo(t).MethodByName("XXX_OneofFuncs"); ok {
-			oneofWrappers = fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))})[3].Interface().([]interface{})
-		}
-		if fn, ok := reflect.PtrTo(t).MethodByName("XXX_OneofWrappers"); ok {
-			oneofWrappers = fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))})[0].Interface().([]interface{})
-		}
-		if m, ok := reflect.Zero(reflect.PtrTo(t)).Interface().(protoreflect.ProtoMessage); ok {
-			if m, ok := m.ProtoReflect().(interface{ ProtoMessageInfo() *protoimpl.MessageInfo }); ok {
-				oneofWrappers = m.ProtoMessageInfo().OneofWrappers
-			}
-		}
-
-		prop.OneofTypes = make(map[string]*OneofProperties)
-		for _, wrapper := range oneofWrappers {
-			p := &OneofProperties{
-				Type: reflect.ValueOf(wrapper).Type(), // *T
-				Prop: new(Properties),
-			}
-			f := p.Type.Elem().Field(0)
-			p.Prop.Name = f.Name
-			p.Prop.Parse(f.Tag.Get("protobuf"))
-
-			// Determine the struct field that contains this oneof.
-			// Each wrapper is assignable to exactly one parent field.
-			var foundOneof bool
-			for i := 0; i < t.NumField() && !foundOneof; i++ {
-				if p.Type.AssignableTo(t.Field(i).Type) {
-					p.Field = i
-					foundOneof = true
-				}
-			}
-			if !foundOneof {
-				panic(fmt.Sprintf("%v is not a generated message in the open-struct API", t))
-			}
-			prop.OneofTypes[p.Prop.OrigName] = p
-		}
-	}
-
-	return prop
-}
-
-func (sp *StructProperties) Len() int           { return len(sp.Prop) }
-func (sp *StructProperties) Less(i, j int) bool { return false }
-func (sp *StructProperties) Swap(i, j int)      { return }
diff --git a/vendor/github.com/golang/protobuf/proto/proto.go b/vendor/github.com/golang/protobuf/proto/proto.go
deleted file mode 100644
index 5aee89c323..0000000000
--- a/vendor/github.com/golang/protobuf/proto/proto.go
+++ /dev/null
@@ -1,167 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package proto provides functionality for handling protocol buffer messages.
-// In particular, it provides marshaling and unmarshaling between a protobuf
-// message and the binary wire format.
-//
-// See https://developers.google.com/protocol-buffers/docs/gotutorial for
-// more information.
-//
-// Deprecated: Use the "google.golang.org/protobuf/proto" package instead.
-package proto
-
-import (
-	protoV2 "google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/runtime/protoiface"
-	"google.golang.org/protobuf/runtime/protoimpl"
-)
-
-const (
-	ProtoPackageIsVersion1 = true
-	ProtoPackageIsVersion2 = true
-	ProtoPackageIsVersion3 = true
-	ProtoPackageIsVersion4 = true
-)
-
-// GeneratedEnum is any enum type generated by protoc-gen-go
-// which is a named int32 kind.
-// This type exists for documentation purposes.
-type GeneratedEnum interface{}
-
-// GeneratedMessage is any message type generated by protoc-gen-go
-// which is a pointer to a named struct kind.
-// This type exists for documentation purposes.
-type GeneratedMessage interface{}
-
-// Message is a protocol buffer message.
-//
-// This is the v1 version of the message interface and is marginally better
-// than an empty interface as it lacks any method to programatically interact
-// with the contents of the message.
-//
-// A v2 message is declared in "google.golang.org/protobuf/proto".Message and
-// exposes protobuf reflection as a first-class feature of the interface.
-//
-// To convert a v1 message to a v2 message, use the MessageV2 function.
-// To convert a v2 message to a v1 message, use the MessageV1 function.
-type Message = protoiface.MessageV1
-
-// MessageV1 converts either a v1 or v2 message to a v1 message.
-// It returns nil if m is nil.
-func MessageV1(m GeneratedMessage) protoiface.MessageV1 {
-	return protoimpl.X.ProtoMessageV1Of(m)
-}
-
-// MessageV2 converts either a v1 or v2 message to a v2 message.
-// It returns nil if m is nil.
-func MessageV2(m GeneratedMessage) protoV2.Message {
-	return protoimpl.X.ProtoMessageV2Of(m)
-}
-
-// MessageReflect returns a reflective view for a message.
-// It returns nil if m is nil.
-func MessageReflect(m Message) protoreflect.Message {
-	return protoimpl.X.MessageOf(m)
-}
-
-// Marshaler is implemented by messages that can marshal themselves.
-// This interface is used by the following functions: Size, Marshal,
-// Buffer.Marshal, and Buffer.EncodeMessage.
-//
-// Deprecated: Do not implement.
-type Marshaler interface {
-	// Marshal formats the encoded bytes of the message.
-	// It should be deterministic and emit valid protobuf wire data.
-	// The caller takes ownership of the returned buffer.
-	Marshal() ([]byte, error)
-}
-
-// Unmarshaler is implemented by messages that can unmarshal themselves.
-// This interface is used by the following functions: Unmarshal, UnmarshalMerge,
-// Buffer.Unmarshal, Buffer.DecodeMessage, and Buffer.DecodeGroup.
-//
-// Deprecated: Do not implement.
-type Unmarshaler interface {
-	// Unmarshal parses the encoded bytes of the protobuf wire input.
-	// The provided buffer is only valid for during method call.
-	// It should not reset the receiver message.
-	Unmarshal([]byte) error
-}
-
-// Merger is implemented by messages that can merge themselves.
-// This interface is used by the following functions: Clone and Merge.
-//
-// Deprecated: Do not implement.
-type Merger interface {
-	// Merge merges the contents of src into the receiver message.
-	// It clones all data structures in src such that it aliases no mutable
-	// memory referenced by src.
-	Merge(src Message)
-}
-
-// RequiredNotSetError is an error type returned when
-// marshaling or unmarshaling a message with missing required fields.
-type RequiredNotSetError struct {
-	err error
-}
-
-func (e *RequiredNotSetError) Error() string {
-	if e.err != nil {
-		return e.err.Error()
-	}
-	return "proto: required field not set"
-}
-func (e *RequiredNotSetError) RequiredNotSet() bool {
-	return true
-}
-
-func checkRequiredNotSet(m protoV2.Message) error {
-	if err := protoV2.CheckInitialized(m); err != nil {
-		return &RequiredNotSetError{err: err}
-	}
-	return nil
-}
-
-// Clone returns a deep copy of src.
-func Clone(src Message) Message {
-	return MessageV1(protoV2.Clone(MessageV2(src)))
-}
-
-// Merge merges src into dst, which must be messages of the same type.
-//
-// Populated scalar fields in src are copied to dst, while populated
-// singular messages in src are merged into dst by recursively calling Merge.
-// The elements of every list field in src is appended to the corresponded
-// list fields in dst. The entries of every map field in src is copied into
-// the corresponding map field in dst, possibly replacing existing entries.
-// The unknown fields of src are appended to the unknown fields of dst.
-func Merge(dst, src Message) {
-	protoV2.Merge(MessageV2(dst), MessageV2(src))
-}
-
-// Equal reports whether two messages are equal.
-// If two messages marshal to the same bytes under deterministic serialization,
-// then Equal is guaranteed to report true.
-//
-// Two messages are equal if they are the same protobuf message type,
-// have the same set of populated known and extension field values,
-// and the same set of unknown fields values.
-//
-// Scalar values are compared with the equivalent of the == operator in Go,
-// except bytes values which are compared using bytes.Equal and
-// floating point values which specially treat NaNs as equal.
-// Message values are compared by recursively calling Equal.
-// Lists are equal if each element value is also equal.
-// Maps are equal if they have the same set of keys, where the pair of values
-// for each key is also equal.
-func Equal(x, y Message) bool {
-	return protoV2.Equal(MessageV2(x), MessageV2(y))
-}
-
-func isMessageSet(md protoreflect.MessageDescriptor) bool {
-	ms, ok := md.(interface{ IsMessageSet() bool })
-	return ok && ms.IsMessageSet()
-}
diff --git a/vendor/github.com/golang/protobuf/proto/registry.go b/vendor/github.com/golang/protobuf/proto/registry.go
deleted file mode 100644
index 066b4323b4..0000000000
--- a/vendor/github.com/golang/protobuf/proto/registry.go
+++ /dev/null
@@ -1,317 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"bytes"
-	"compress/gzip"
-	"fmt"
-	"io/ioutil"
-	"reflect"
-	"strings"
-	"sync"
-
-	"google.golang.org/protobuf/reflect/protodesc"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/reflect/protoregistry"
-	"google.golang.org/protobuf/runtime/protoimpl"
-)
-
-// filePath is the path to the proto source file.
-type filePath = string // e.g., "google/protobuf/descriptor.proto"
-
-// fileDescGZIP is the compressed contents of the encoded FileDescriptorProto.
-type fileDescGZIP = []byte
-
-var fileCache sync.Map // map[filePath]fileDescGZIP
-
-// RegisterFile is called from generated code to register the compressed
-// FileDescriptorProto with the file path for a proto source file.
-//
-// Deprecated: Use protoregistry.GlobalFiles.RegisterFile instead.
-func RegisterFile(s filePath, d fileDescGZIP) {
-	// Decompress the descriptor.
-	zr, err := gzip.NewReader(bytes.NewReader(d))
-	if err != nil {
-		panic(fmt.Sprintf("proto: invalid compressed file descriptor: %v", err))
-	}
-	b, err := ioutil.ReadAll(zr)
-	if err != nil {
-		panic(fmt.Sprintf("proto: invalid compressed file descriptor: %v", err))
-	}
-
-	// Construct a protoreflect.FileDescriptor from the raw descriptor.
-	// Note that DescBuilder.Build automatically registers the constructed
-	// file descriptor with the v2 registry.
-	protoimpl.DescBuilder{RawDescriptor: b}.Build()
-
-	// Locally cache the raw descriptor form for the file.
-	fileCache.Store(s, d)
-}
-
-// FileDescriptor returns the compressed FileDescriptorProto given the file path
-// for a proto source file. It returns nil if not found.
-//
-// Deprecated: Use protoregistry.GlobalFiles.FindFileByPath instead.
-func FileDescriptor(s filePath) fileDescGZIP {
-	if v, ok := fileCache.Load(s); ok {
-		return v.(fileDescGZIP)
-	}
-
-	// Find the descriptor in the v2 registry.
-	var b []byte
-	if fd, _ := protoregistry.GlobalFiles.FindFileByPath(s); fd != nil {
-		b, _ = Marshal(protodesc.ToFileDescriptorProto(fd))
-	}
-
-	// Locally cache the raw descriptor form for the file.
-	if len(b) > 0 {
-		v, _ := fileCache.LoadOrStore(s, protoimpl.X.CompressGZIP(b))
-		return v.(fileDescGZIP)
-	}
-	return nil
-}
-
-// enumName is the name of an enum. For historical reasons, the enum name is
-// neither the full Go name nor the full protobuf name of the enum.
-// The name is the dot-separated combination of just the proto package that the
-// enum is declared within followed by the Go type name of the generated enum.
-type enumName = string // e.g., "my.proto.package.GoMessage_GoEnum"
-
-// enumsByName maps enum values by name to their numeric counterpart.
-type enumsByName = map[string]int32
-
-// enumsByNumber maps enum values by number to their name counterpart.
-type enumsByNumber = map[int32]string
-
-var enumCache sync.Map     // map[enumName]enumsByName
-var numFilesCache sync.Map // map[protoreflect.FullName]int
-
-// RegisterEnum is called from the generated code to register the mapping of
-// enum value names to enum numbers for the enum identified by s.
-//
-// Deprecated: Use protoregistry.GlobalTypes.RegisterEnum instead.
-func RegisterEnum(s enumName, _ enumsByNumber, m enumsByName) {
-	if _, ok := enumCache.Load(s); ok {
-		panic("proto: duplicate enum registered: " + s)
-	}
-	enumCache.Store(s, m)
-
-	// This does not forward registration to the v2 registry since this API
-	// lacks sufficient information to construct a complete v2 enum descriptor.
-}
-
-// EnumValueMap returns the mapping from enum value names to enum numbers for
-// the enum of the given name. It returns nil if not found.
-//
-// Deprecated: Use protoregistry.GlobalTypes.FindEnumByName instead.
-func EnumValueMap(s enumName) enumsByName {
-	if v, ok := enumCache.Load(s); ok {
-		return v.(enumsByName)
-	}
-
-	// Check whether the cache is stale. If the number of files in the current
-	// package differs, then it means that some enums may have been recently
-	// registered upstream that we do not know about.
-	var protoPkg protoreflect.FullName
-	if i := strings.LastIndexByte(s, '.'); i >= 0 {
-		protoPkg = protoreflect.FullName(s[:i])
-	}
-	v, _ := numFilesCache.Load(protoPkg)
-	numFiles, _ := v.(int)
-	if protoregistry.GlobalFiles.NumFilesByPackage(protoPkg) == numFiles {
-		return nil // cache is up-to-date; was not found earlier
-	}
-
-	// Update the enum cache for all enums declared in the given proto package.
-	numFiles = 0
-	protoregistry.GlobalFiles.RangeFilesByPackage(protoPkg, func(fd protoreflect.FileDescriptor) bool {
-		walkEnums(fd, func(ed protoreflect.EnumDescriptor) {
-			name := protoimpl.X.LegacyEnumName(ed)
-			if _, ok := enumCache.Load(name); !ok {
-				m := make(enumsByName)
-				evs := ed.Values()
-				for i := evs.Len() - 1; i >= 0; i-- {
-					ev := evs.Get(i)
-					m[string(ev.Name())] = int32(ev.Number())
-				}
-				enumCache.LoadOrStore(name, m)
-			}
-		})
-		numFiles++
-		return true
-	})
-	numFilesCache.Store(protoPkg, numFiles)
-
-	// Check cache again for enum map.
-	if v, ok := enumCache.Load(s); ok {
-		return v.(enumsByName)
-	}
-	return nil
-}
-
-// walkEnums recursively walks all enums declared in d.
-func walkEnums(d interface {
-	Enums() protoreflect.EnumDescriptors
-	Messages() protoreflect.MessageDescriptors
-}, f func(protoreflect.EnumDescriptor)) {
-	eds := d.Enums()
-	for i := eds.Len() - 1; i >= 0; i-- {
-		f(eds.Get(i))
-	}
-	mds := d.Messages()
-	for i := mds.Len() - 1; i >= 0; i-- {
-		walkEnums(mds.Get(i), f)
-	}
-}
-
-// messageName is the full name of protobuf message.
-type messageName = string
-
-var messageTypeCache sync.Map // map[messageName]reflect.Type
-
-// RegisterType is called from generated code to register the message Go type
-// for a message of the given name.
-//
-// Deprecated: Use protoregistry.GlobalTypes.RegisterMessage instead.
-func RegisterType(m Message, s messageName) {
-	mt := protoimpl.X.LegacyMessageTypeOf(m, protoreflect.FullName(s))
-	if err := protoregistry.GlobalTypes.RegisterMessage(mt); err != nil {
-		panic(err)
-	}
-	messageTypeCache.Store(s, reflect.TypeOf(m))
-}
-
-// RegisterMapType is called from generated code to register the Go map type
-// for a protobuf message representing a map entry.
-//
-// Deprecated: Do not use.
-func RegisterMapType(m interface{}, s messageName) {
-	t := reflect.TypeOf(m)
-	if t.Kind() != reflect.Map {
-		panic(fmt.Sprintf("invalid map kind: %v", t))
-	}
-	if _, ok := messageTypeCache.Load(s); ok {
-		panic(fmt.Errorf("proto: duplicate proto message registered: %s", s))
-	}
-	messageTypeCache.Store(s, t)
-}
-
-// MessageType returns the message type for a named message.
-// It returns nil if not found.
-//
-// Deprecated: Use protoregistry.GlobalTypes.FindMessageByName instead.
-func MessageType(s messageName) reflect.Type {
-	if v, ok := messageTypeCache.Load(s); ok {
-		return v.(reflect.Type)
-	}
-
-	// Derive the message type from the v2 registry.
-	var t reflect.Type
-	if mt, _ := protoregistry.GlobalTypes.FindMessageByName(protoreflect.FullName(s)); mt != nil {
-		t = messageGoType(mt)
-	}
-
-	// If we could not get a concrete type, it is possible that it is a
-	// pseudo-message for a map entry.
-	if t == nil {
-		d, _ := protoregistry.GlobalFiles.FindDescriptorByName(protoreflect.FullName(s))
-		if md, _ := d.(protoreflect.MessageDescriptor); md != nil && md.IsMapEntry() {
-			kt := goTypeForField(md.Fields().ByNumber(1))
-			vt := goTypeForField(md.Fields().ByNumber(2))
-			t = reflect.MapOf(kt, vt)
-		}
-	}
-
-	// Locally cache the message type for the given name.
-	if t != nil {
-		v, _ := messageTypeCache.LoadOrStore(s, t)
-		return v.(reflect.Type)
-	}
-	return nil
-}
-
-func goTypeForField(fd protoreflect.FieldDescriptor) reflect.Type {
-	switch k := fd.Kind(); k {
-	case protoreflect.EnumKind:
-		if et, _ := protoregistry.GlobalTypes.FindEnumByName(fd.Enum().FullName()); et != nil {
-			return enumGoType(et)
-		}
-		return reflect.TypeOf(protoreflect.EnumNumber(0))
-	case protoreflect.MessageKind, protoreflect.GroupKind:
-		if mt, _ := protoregistry.GlobalTypes.FindMessageByName(fd.Message().FullName()); mt != nil {
-			return messageGoType(mt)
-		}
-		return reflect.TypeOf((*protoreflect.Message)(nil)).Elem()
-	default:
-		return reflect.TypeOf(fd.Default().Interface())
-	}
-}
-
-func enumGoType(et protoreflect.EnumType) reflect.Type {
-	return reflect.TypeOf(et.New(0))
-}
-
-func messageGoType(mt protoreflect.MessageType) reflect.Type {
-	return reflect.TypeOf(MessageV1(mt.Zero().Interface()))
-}
-
-// MessageName returns the full protobuf name for the given message type.
-//
-// Deprecated: Use protoreflect.MessageDescriptor.FullName instead.
-func MessageName(m Message) messageName {
-	if m == nil {
-		return ""
-	}
-	if m, ok := m.(interface{ XXX_MessageName() messageName }); ok {
-		return m.XXX_MessageName()
-	}
-	return messageName(protoimpl.X.MessageDescriptorOf(m).FullName())
-}
-
-// RegisterExtension is called from the generated code to register
-// the extension descriptor.
-//
-// Deprecated: Use protoregistry.GlobalTypes.RegisterExtension instead.
-func RegisterExtension(d *ExtensionDesc) {
-	if err := protoregistry.GlobalTypes.RegisterExtension(d); err != nil {
-		panic(err)
-	}
-}
-
-type extensionsByNumber = map[int32]*ExtensionDesc
-
-var extensionCache sync.Map // map[messageName]extensionsByNumber
-
-// RegisteredExtensions returns a map of the registered extensions for the
-// provided protobuf message, indexed by the extension field number.
-//
-// Deprecated: Use protoregistry.GlobalTypes.RangeExtensionsByMessage instead.
-func RegisteredExtensions(m Message) extensionsByNumber {
-	// Check whether the cache is stale. If the number of extensions for
-	// the given message differs, then it means that some extensions were
-	// recently registered upstream that we do not know about.
-	s := MessageName(m)
-	v, _ := extensionCache.Load(s)
-	xs, _ := v.(extensionsByNumber)
-	if protoregistry.GlobalTypes.NumExtensionsByMessage(protoreflect.FullName(s)) == len(xs) {
-		return xs // cache is up-to-date
-	}
-
-	// Cache is stale, re-compute the extensions map.
-	xs = make(extensionsByNumber)
-	protoregistry.GlobalTypes.RangeExtensionsByMessage(protoreflect.FullName(s), func(xt protoreflect.ExtensionType) bool {
-		if xd, ok := xt.(*ExtensionDesc); ok {
-			xs[int32(xt.TypeDescriptor().Number())] = xd
-		} else {
-			// TODO: This implies that the protoreflect.ExtensionType is a
-			// custom type not generated by protoc-gen-go. We could try and
-			// convert the type to an ExtensionDesc.
-		}
-		return true
-	})
-	extensionCache.Store(s, xs)
-	return xs
-}
diff --git a/vendor/github.com/golang/protobuf/proto/text_decode.go b/vendor/github.com/golang/protobuf/proto/text_decode.go
deleted file mode 100644
index 47eb3e4450..0000000000
--- a/vendor/github.com/golang/protobuf/proto/text_decode.go
+++ /dev/null
@@ -1,801 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"encoding"
-	"errors"
-	"fmt"
-	"reflect"
-	"strconv"
-	"strings"
-	"unicode/utf8"
-
-	"google.golang.org/protobuf/encoding/prototext"
-	protoV2 "google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/reflect/protoregistry"
-)
-
-const wrapTextUnmarshalV2 = false
-
-// ParseError is returned by UnmarshalText.
-type ParseError struct {
-	Message string
-
-	// Deprecated: Do not use.
-	Line, Offset int
-}
-
-func (e *ParseError) Error() string {
-	if wrapTextUnmarshalV2 {
-		return e.Message
-	}
-	if e.Line == 1 {
-		return fmt.Sprintf("line 1.%d: %v", e.Offset, e.Message)
-	}
-	return fmt.Sprintf("line %d: %v", e.Line, e.Message)
-}
-
-// UnmarshalText parses a proto text formatted string into m.
-func UnmarshalText(s string, m Message) error {
-	if u, ok := m.(encoding.TextUnmarshaler); ok {
-		return u.UnmarshalText([]byte(s))
-	}
-
-	m.Reset()
-	mi := MessageV2(m)
-
-	if wrapTextUnmarshalV2 {
-		err := prototext.UnmarshalOptions{
-			AllowPartial: true,
-		}.Unmarshal([]byte(s), mi)
-		if err != nil {
-			return &ParseError{Message: err.Error()}
-		}
-		return checkRequiredNotSet(mi)
-	} else {
-		if err := newTextParser(s).unmarshalMessage(mi.ProtoReflect(), ""); err != nil {
-			return err
-		}
-		return checkRequiredNotSet(mi)
-	}
-}
-
-type textParser struct {
-	s            string // remaining input
-	done         bool   // whether the parsing is finished (success or error)
-	backed       bool   // whether back() was called
-	offset, line int
-	cur          token
-}
-
-type token struct {
-	value    string
-	err      *ParseError
-	line     int    // line number
-	offset   int    // byte number from start of input, not start of line
-	unquoted string // the unquoted version of value, if it was a quoted string
-}
-
-func newTextParser(s string) *textParser {
-	p := new(textParser)
-	p.s = s
-	p.line = 1
-	p.cur.line = 1
-	return p
-}
-
-func (p *textParser) unmarshalMessage(m protoreflect.Message, terminator string) (err error) {
-	md := m.Descriptor()
-	fds := md.Fields()
-
-	// A struct is a sequence of "name: value", terminated by one of
-	// '>' or '}', or the end of the input.  A name may also be
-	// "[extension]" or "[type/url]".
-	//
-	// The whole struct can also be an expanded Any message, like:
-	// [type/url] < ... struct contents ... >
-	seen := make(map[protoreflect.FieldNumber]bool)
-	for {
-		tok := p.next()
-		if tok.err != nil {
-			return tok.err
-		}
-		if tok.value == terminator {
-			break
-		}
-		if tok.value == "[" {
-			if err := p.unmarshalExtensionOrAny(m, seen); err != nil {
-				return err
-			}
-			continue
-		}
-
-		// This is a normal, non-extension field.
-		name := protoreflect.Name(tok.value)
-		fd := fds.ByName(name)
-		switch {
-		case fd == nil:
-			gd := fds.ByName(protoreflect.Name(strings.ToLower(string(name))))
-			if gd != nil && gd.Kind() == protoreflect.GroupKind && gd.Message().Name() == name {
-				fd = gd
-			}
-		case fd.Kind() == protoreflect.GroupKind && fd.Message().Name() != name:
-			fd = nil
-		case fd.IsWeak() && fd.Message().IsPlaceholder():
-			fd = nil
-		}
-		if fd == nil {
-			typeName := string(md.FullName())
-			if m, ok := m.Interface().(Message); ok {
-				t := reflect.TypeOf(m)
-				if t.Kind() == reflect.Ptr {
-					typeName = t.Elem().String()
-				}
-			}
-			return p.errorf("unknown field name %q in %v", name, typeName)
-		}
-		if od := fd.ContainingOneof(); od != nil && m.WhichOneof(od) != nil {
-			return p.errorf("field '%s' would overwrite already parsed oneof '%s'", name, od.Name())
-		}
-		if fd.Cardinality() != protoreflect.Repeated && seen[fd.Number()] {
-			return p.errorf("non-repeated field %q was repeated", fd.Name())
-		}
-		seen[fd.Number()] = true
-
-		// Consume any colon.
-		if err := p.checkForColon(fd); err != nil {
-			return err
-		}
-
-		// Parse into the field.
-		v := m.Get(fd)
-		if !m.Has(fd) && (fd.IsList() || fd.IsMap() || fd.Message() != nil) {
-			v = m.Mutable(fd)
-		}
-		if v, err = p.unmarshalValue(v, fd); err != nil {
-			return err
-		}
-		m.Set(fd, v)
-
-		if err := p.consumeOptionalSeparator(); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (p *textParser) unmarshalExtensionOrAny(m protoreflect.Message, seen map[protoreflect.FieldNumber]bool) error {
-	name, err := p.consumeExtensionOrAnyName()
-	if err != nil {
-		return err
-	}
-
-	// If it contains a slash, it's an Any type URL.
-	if slashIdx := strings.LastIndex(name, "/"); slashIdx >= 0 {
-		tok := p.next()
-		if tok.err != nil {
-			return tok.err
-		}
-		// consume an optional colon
-		if tok.value == ":" {
-			tok = p.next()
-			if tok.err != nil {
-				return tok.err
-			}
-		}
-
-		var terminator string
-		switch tok.value {
-		case "<":
-			terminator = ">"
-		case "{":
-			terminator = "}"
-		default:
-			return p.errorf("expected '{' or '<', found %q", tok.value)
-		}
-
-		mt, err := protoregistry.GlobalTypes.FindMessageByURL(name)
-		if err != nil {
-			return p.errorf("unrecognized message %q in google.protobuf.Any", name[slashIdx+len("/"):])
-		}
-		m2 := mt.New()
-		if err := p.unmarshalMessage(m2, terminator); err != nil {
-			return err
-		}
-		b, err := protoV2.Marshal(m2.Interface())
-		if err != nil {
-			return p.errorf("failed to marshal message of type %q: %v", name[slashIdx+len("/"):], err)
-		}
-
-		urlFD := m.Descriptor().Fields().ByName("type_url")
-		valFD := m.Descriptor().Fields().ByName("value")
-		if seen[urlFD.Number()] {
-			return p.errorf("Any message unpacked multiple times, or %q already set", urlFD.Name())
-		}
-		if seen[valFD.Number()] {
-			return p.errorf("Any message unpacked multiple times, or %q already set", valFD.Name())
-		}
-		m.Set(urlFD, protoreflect.ValueOfString(name))
-		m.Set(valFD, protoreflect.ValueOfBytes(b))
-		seen[urlFD.Number()] = true
-		seen[valFD.Number()] = true
-		return nil
-	}
-
-	xname := protoreflect.FullName(name)
-	xt, _ := protoregistry.GlobalTypes.FindExtensionByName(xname)
-	if xt == nil && isMessageSet(m.Descriptor()) {
-		xt, _ = protoregistry.GlobalTypes.FindExtensionByName(xname.Append("message_set_extension"))
-	}
-	if xt == nil {
-		return p.errorf("unrecognized extension %q", name)
-	}
-	fd := xt.TypeDescriptor()
-	if fd.ContainingMessage().FullName() != m.Descriptor().FullName() {
-		return p.errorf("extension field %q does not extend message %q", name, m.Descriptor().FullName())
-	}
-
-	if err := p.checkForColon(fd); err != nil {
-		return err
-	}
-
-	v := m.Get(fd)
-	if !m.Has(fd) && (fd.IsList() || fd.IsMap() || fd.Message() != nil) {
-		v = m.Mutable(fd)
-	}
-	v, err = p.unmarshalValue(v, fd)
-	if err != nil {
-		return err
-	}
-	m.Set(fd, v)
-	return p.consumeOptionalSeparator()
-}
-
-func (p *textParser) unmarshalValue(v protoreflect.Value, fd protoreflect.FieldDescriptor) (protoreflect.Value, error) {
-	tok := p.next()
-	if tok.err != nil {
-		return v, tok.err
-	}
-	if tok.value == "" {
-		return v, p.errorf("unexpected EOF")
-	}
-
-	switch {
-	case fd.IsList():
-		lv := v.List()
-		var err error
-		if tok.value == "[" {
-			// Repeated field with list notation, like [1,2,3].
-			for {
-				vv := lv.NewElement()
-				vv, err = p.unmarshalSingularValue(vv, fd)
-				if err != nil {
-					return v, err
-				}
-				lv.Append(vv)
-
-				tok := p.next()
-				if tok.err != nil {
-					return v, tok.err
-				}
-				if tok.value == "]" {
-					break
-				}
-				if tok.value != "," {
-					return v, p.errorf("Expected ']' or ',' found %q", tok.value)
-				}
-			}
-			return v, nil
-		}
-
-		// One value of the repeated field.
-		p.back()
-		vv := lv.NewElement()
-		vv, err = p.unmarshalSingularValue(vv, fd)
-		if err != nil {
-			return v, err
-		}
-		lv.Append(vv)
-		return v, nil
-	case fd.IsMap():
-		// The map entry should be this sequence of tokens:
-		//	< key : KEY value : VALUE >
-		// However, implementations may omit key or value, and technically
-		// we should support them in any order.
-		var terminator string
-		switch tok.value {
-		case "<":
-			terminator = ">"
-		case "{":
-			terminator = "}"
-		default:
-			return v, p.errorf("expected '{' or '<', found %q", tok.value)
-		}
-
-		keyFD := fd.MapKey()
-		valFD := fd.MapValue()
-
-		mv := v.Map()
-		kv := keyFD.Default()
-		vv := mv.NewValue()
-		for {
-			tok := p.next()
-			if tok.err != nil {
-				return v, tok.err
-			}
-			if tok.value == terminator {
-				break
-			}
-			var err error
-			switch tok.value {
-			case "key":
-				if err := p.consumeToken(":"); err != nil {
-					return v, err
-				}
-				if kv, err = p.unmarshalSingularValue(kv, keyFD); err != nil {
-					return v, err
-				}
-				if err := p.consumeOptionalSeparator(); err != nil {
-					return v, err
-				}
-			case "value":
-				if err := p.checkForColon(valFD); err != nil {
-					return v, err
-				}
-				if vv, err = p.unmarshalSingularValue(vv, valFD); err != nil {
-					return v, err
-				}
-				if err := p.consumeOptionalSeparator(); err != nil {
-					return v, err
-				}
-			default:
-				p.back()
-				return v, p.errorf(`expected "key", "value", or %q, found %q`, terminator, tok.value)
-			}
-		}
-		mv.Set(kv.MapKey(), vv)
-		return v, nil
-	default:
-		p.back()
-		return p.unmarshalSingularValue(v, fd)
-	}
-}
-
-func (p *textParser) unmarshalSingularValue(v protoreflect.Value, fd protoreflect.FieldDescriptor) (protoreflect.Value, error) {
-	tok := p.next()
-	if tok.err != nil {
-		return v, tok.err
-	}
-	if tok.value == "" {
-		return v, p.errorf("unexpected EOF")
-	}
-
-	switch fd.Kind() {
-	case protoreflect.BoolKind:
-		switch tok.value {
-		case "true", "1", "t", "True":
-			return protoreflect.ValueOfBool(true), nil
-		case "false", "0", "f", "False":
-			return protoreflect.ValueOfBool(false), nil
-		}
-	case protoreflect.Int32Kind, protoreflect.Sint32Kind, protoreflect.Sfixed32Kind:
-		if x, err := strconv.ParseInt(tok.value, 0, 32); err == nil {
-			return protoreflect.ValueOfInt32(int32(x)), nil
-		}
-
-		// The C++ parser accepts large positive hex numbers that uses
-		// two's complement arithmetic to represent negative numbers.
-		// This feature is here for backwards compatibility with C++.
-		if strings.HasPrefix(tok.value, "0x") {
-			if x, err := strconv.ParseUint(tok.value, 0, 32); err == nil {
-				return protoreflect.ValueOfInt32(int32(-(int64(^x) + 1))), nil
-			}
-		}
-	case protoreflect.Int64Kind, protoreflect.Sint64Kind, protoreflect.Sfixed64Kind:
-		if x, err := strconv.ParseInt(tok.value, 0, 64); err == nil {
-			return protoreflect.ValueOfInt64(int64(x)), nil
-		}
-
-		// The C++ parser accepts large positive hex numbers that uses
-		// two's complement arithmetic to represent negative numbers.
-		// This feature is here for backwards compatibility with C++.
-		if strings.HasPrefix(tok.value, "0x") {
-			if x, err := strconv.ParseUint(tok.value, 0, 64); err == nil {
-				return protoreflect.ValueOfInt64(int64(-(int64(^x) + 1))), nil
-			}
-		}
-	case protoreflect.Uint32Kind, protoreflect.Fixed32Kind:
-		if x, err := strconv.ParseUint(tok.value, 0, 32); err == nil {
-			return protoreflect.ValueOfUint32(uint32(x)), nil
-		}
-	case protoreflect.Uint64Kind, protoreflect.Fixed64Kind:
-		if x, err := strconv.ParseUint(tok.value, 0, 64); err == nil {
-			return protoreflect.ValueOfUint64(uint64(x)), nil
-		}
-	case protoreflect.FloatKind:
-		// Ignore 'f' for compatibility with output generated by C++,
-		// but don't remove 'f' when the value is "-inf" or "inf".
-		v := tok.value
-		if strings.HasSuffix(v, "f") && v != "-inf" && v != "inf" {
-			v = v[:len(v)-len("f")]
-		}
-		if x, err := strconv.ParseFloat(v, 32); err == nil {
-			return protoreflect.ValueOfFloat32(float32(x)), nil
-		}
-	case protoreflect.DoubleKind:
-		// Ignore 'f' for compatibility with output generated by C++,
-		// but don't remove 'f' when the value is "-inf" or "inf".
-		v := tok.value
-		if strings.HasSuffix(v, "f") && v != "-inf" && v != "inf" {
-			v = v[:len(v)-len("f")]
-		}
-		if x, err := strconv.ParseFloat(v, 64); err == nil {
-			return protoreflect.ValueOfFloat64(float64(x)), nil
-		}
-	case protoreflect.StringKind:
-		if isQuote(tok.value[0]) {
-			return protoreflect.ValueOfString(tok.unquoted), nil
-		}
-	case protoreflect.BytesKind:
-		if isQuote(tok.value[0]) {
-			return protoreflect.ValueOfBytes([]byte(tok.unquoted)), nil
-		}
-	case protoreflect.EnumKind:
-		if x, err := strconv.ParseInt(tok.value, 0, 32); err == nil {
-			return protoreflect.ValueOfEnum(protoreflect.EnumNumber(x)), nil
-		}
-		vd := fd.Enum().Values().ByName(protoreflect.Name(tok.value))
-		if vd != nil {
-			return protoreflect.ValueOfEnum(vd.Number()), nil
-		}
-	case protoreflect.MessageKind, protoreflect.GroupKind:
-		var terminator string
-		switch tok.value {
-		case "{":
-			terminator = "}"
-		case "<":
-			terminator = ">"
-		default:
-			return v, p.errorf("expected '{' or '<', found %q", tok.value)
-		}
-		err := p.unmarshalMessage(v.Message(), terminator)
-		return v, err
-	default:
-		panic(fmt.Sprintf("invalid kind %v", fd.Kind()))
-	}
-	return v, p.errorf("invalid %v: %v", fd.Kind(), tok.value)
-}
-
-// Consume a ':' from the input stream (if the next token is a colon),
-// returning an error if a colon is needed but not present.
-func (p *textParser) checkForColon(fd protoreflect.FieldDescriptor) *ParseError {
-	tok := p.next()
-	if tok.err != nil {
-		return tok.err
-	}
-	if tok.value != ":" {
-		if fd.Message() == nil {
-			return p.errorf("expected ':', found %q", tok.value)
-		}
-		p.back()
-	}
-	return nil
-}
-
-// consumeExtensionOrAnyName consumes an extension name or an Any type URL and
-// the following ']'. It returns the name or URL consumed.
-func (p *textParser) consumeExtensionOrAnyName() (string, error) {
-	tok := p.next()
-	if tok.err != nil {
-		return "", tok.err
-	}
-
-	// If extension name or type url is quoted, it's a single token.
-	if len(tok.value) > 2 && isQuote(tok.value[0]) && tok.value[len(tok.value)-1] == tok.value[0] {
-		name, err := unquoteC(tok.value[1:len(tok.value)-1], rune(tok.value[0]))
-		if err != nil {
-			return "", err
-		}
-		return name, p.consumeToken("]")
-	}
-
-	// Consume everything up to "]"
-	var parts []string
-	for tok.value != "]" {
-		parts = append(parts, tok.value)
-		tok = p.next()
-		if tok.err != nil {
-			return "", p.errorf("unrecognized type_url or extension name: %s", tok.err)
-		}
-		if p.done && tok.value != "]" {
-			return "", p.errorf("unclosed type_url or extension name")
-		}
-	}
-	return strings.Join(parts, ""), nil
-}
-
-// consumeOptionalSeparator consumes an optional semicolon or comma.
-// It is used in unmarshalMessage to provide backward compatibility.
-func (p *textParser) consumeOptionalSeparator() error {
-	tok := p.next()
-	if tok.err != nil {
-		return tok.err
-	}
-	if tok.value != ";" && tok.value != "," {
-		p.back()
-	}
-	return nil
-}
-
-func (p *textParser) errorf(format string, a ...interface{}) *ParseError {
-	pe := &ParseError{fmt.Sprintf(format, a...), p.cur.line, p.cur.offset}
-	p.cur.err = pe
-	p.done = true
-	return pe
-}
-
-func (p *textParser) skipWhitespace() {
-	i := 0
-	for i < len(p.s) && (isWhitespace(p.s[i]) || p.s[i] == '#') {
-		if p.s[i] == '#' {
-			// comment; skip to end of line or input
-			for i < len(p.s) && p.s[i] != '\n' {
-				i++
-			}
-			if i == len(p.s) {
-				break
-			}
-		}
-		if p.s[i] == '\n' {
-			p.line++
-		}
-		i++
-	}
-	p.offset += i
-	p.s = p.s[i:len(p.s)]
-	if len(p.s) == 0 {
-		p.done = true
-	}
-}
-
-func (p *textParser) advance() {
-	// Skip whitespace
-	p.skipWhitespace()
-	if p.done {
-		return
-	}
-
-	// Start of non-whitespace
-	p.cur.err = nil
-	p.cur.offset, p.cur.line = p.offset, p.line
-	p.cur.unquoted = ""
-	switch p.s[0] {
-	case '<', '>', '{', '}', ':', '[', ']', ';', ',', '/':
-		// Single symbol
-		p.cur.value, p.s = p.s[0:1], p.s[1:len(p.s)]
-	case '"', '\'':
-		// Quoted string
-		i := 1
-		for i < len(p.s) && p.s[i] != p.s[0] && p.s[i] != '\n' {
-			if p.s[i] == '\\' && i+1 < len(p.s) {
-				// skip escaped char
-				i++
-			}
-			i++
-		}
-		if i >= len(p.s) || p.s[i] != p.s[0] {
-			p.errorf("unmatched quote")
-			return
-		}
-		unq, err := unquoteC(p.s[1:i], rune(p.s[0]))
-		if err != nil {
-			p.errorf("invalid quoted string %s: %v", p.s[0:i+1], err)
-			return
-		}
-		p.cur.value, p.s = p.s[0:i+1], p.s[i+1:len(p.s)]
-		p.cur.unquoted = unq
-	default:
-		i := 0
-		for i < len(p.s) && isIdentOrNumberChar(p.s[i]) {
-			i++
-		}
-		if i == 0 {
-			p.errorf("unexpected byte %#x", p.s[0])
-			return
-		}
-		p.cur.value, p.s = p.s[0:i], p.s[i:len(p.s)]
-	}
-	p.offset += len(p.cur.value)
-}
-
-// Back off the parser by one token. Can only be done between calls to next().
-// It makes the next advance() a no-op.
-func (p *textParser) back() { p.backed = true }
-
-// Advances the parser and returns the new current token.
-func (p *textParser) next() *token {
-	if p.backed || p.done {
-		p.backed = false
-		return &p.cur
-	}
-	p.advance()
-	if p.done {
-		p.cur.value = ""
-	} else if len(p.cur.value) > 0 && isQuote(p.cur.value[0]) {
-		// Look for multiple quoted strings separated by whitespace,
-		// and concatenate them.
-		cat := p.cur
-		for {
-			p.skipWhitespace()
-			if p.done || !isQuote(p.s[0]) {
-				break
-			}
-			p.advance()
-			if p.cur.err != nil {
-				return &p.cur
-			}
-			cat.value += " " + p.cur.value
-			cat.unquoted += p.cur.unquoted
-		}
-		p.done = false // parser may have seen EOF, but we want to return cat
-		p.cur = cat
-	}
-	return &p.cur
-}
-
-func (p *textParser) consumeToken(s string) error {
-	tok := p.next()
-	if tok.err != nil {
-		return tok.err
-	}
-	if tok.value != s {
-		p.back()
-		return p.errorf("expected %q, found %q", s, tok.value)
-	}
-	return nil
-}
-
-var errBadUTF8 = errors.New("proto: bad UTF-8")
-
-func unquoteC(s string, quote rune) (string, error) {
-	// This is based on C++'s tokenizer.cc.
-	// Despite its name, this is *not* parsing C syntax.
-	// For instance, "\0" is an invalid quoted string.
-
-	// Avoid allocation in trivial cases.
-	simple := true
-	for _, r := range s {
-		if r == '\\' || r == quote {
-			simple = false
-			break
-		}
-	}
-	if simple {
-		return s, nil
-	}
-
-	buf := make([]byte, 0, 3*len(s)/2)
-	for len(s) > 0 {
-		r, n := utf8.DecodeRuneInString(s)
-		if r == utf8.RuneError && n == 1 {
-			return "", errBadUTF8
-		}
-		s = s[n:]
-		if r != '\\' {
-			if r < utf8.RuneSelf {
-				buf = append(buf, byte(r))
-			} else {
-				buf = append(buf, string(r)...)
-			}
-			continue
-		}
-
-		ch, tail, err := unescape(s)
-		if err != nil {
-			return "", err
-		}
-		buf = append(buf, ch...)
-		s = tail
-	}
-	return string(buf), nil
-}
-
-func unescape(s string) (ch string, tail string, err error) {
-	r, n := utf8.DecodeRuneInString(s)
-	if r == utf8.RuneError && n == 1 {
-		return "", "", errBadUTF8
-	}
-	s = s[n:]
-	switch r {
-	case 'a':
-		return "\a", s, nil
-	case 'b':
-		return "\b", s, nil
-	case 'f':
-		return "\f", s, nil
-	case 'n':
-		return "\n", s, nil
-	case 'r':
-		return "\r", s, nil
-	case 't':
-		return "\t", s, nil
-	case 'v':
-		return "\v", s, nil
-	case '?':
-		return "?", s, nil // trigraph workaround
-	case '\'', '"', '\\':
-		return string(r), s, nil
-	case '0', '1', '2', '3', '4', '5', '6', '7':
-		if len(s) < 2 {
-			return "", "", fmt.Errorf(`\%c requires 2 following digits`, r)
-		}
-		ss := string(r) + s[:2]
-		s = s[2:]
-		i, err := strconv.ParseUint(ss, 8, 8)
-		if err != nil {
-			return "", "", fmt.Errorf(`\%s contains non-octal digits`, ss)
-		}
-		return string([]byte{byte(i)}), s, nil
-	case 'x', 'X', 'u', 'U':
-		var n int
-		switch r {
-		case 'x', 'X':
-			n = 2
-		case 'u':
-			n = 4
-		case 'U':
-			n = 8
-		}
-		if len(s) < n {
-			return "", "", fmt.Errorf(`\%c requires %d following digits`, r, n)
-		}
-		ss := s[:n]
-		s = s[n:]
-		i, err := strconv.ParseUint(ss, 16, 64)
-		if err != nil {
-			return "", "", fmt.Errorf(`\%c%s contains non-hexadecimal digits`, r, ss)
-		}
-		if r == 'x' || r == 'X' {
-			return string([]byte{byte(i)}), s, nil
-		}
-		if i > utf8.MaxRune {
-			return "", "", fmt.Errorf(`\%c%s is not a valid Unicode code point`, r, ss)
-		}
-		return string(rune(i)), s, nil
-	}
-	return "", "", fmt.Errorf(`unknown escape \%c`, r)
-}
-
-func isIdentOrNumberChar(c byte) bool {
-	switch {
-	case 'A' <= c && c <= 'Z', 'a' <= c && c <= 'z':
-		return true
-	case '0' <= c && c <= '9':
-		return true
-	}
-	switch c {
-	case '-', '+', '.', '_':
-		return true
-	}
-	return false
-}
-
-func isWhitespace(c byte) bool {
-	switch c {
-	case ' ', '\t', '\n', '\r':
-		return true
-	}
-	return false
-}
-
-func isQuote(c byte) bool {
-	switch c {
-	case '"', '\'':
-		return true
-	}
-	return false
-}
diff --git a/vendor/github.com/golang/protobuf/proto/text_encode.go b/vendor/github.com/golang/protobuf/proto/text_encode.go
deleted file mode 100644
index a31134eeb3..0000000000
--- a/vendor/github.com/golang/protobuf/proto/text_encode.go
+++ /dev/null
@@ -1,560 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"bytes"
-	"encoding"
-	"fmt"
-	"io"
-	"math"
-	"sort"
-	"strings"
-
-	"google.golang.org/protobuf/encoding/prototext"
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/reflect/protoregistry"
-)
-
-const wrapTextMarshalV2 = false
-
-// TextMarshaler is a configurable text format marshaler.
-type TextMarshaler struct {
-	Compact   bool // use compact text format (one line)
-	ExpandAny bool // expand google.protobuf.Any messages of known types
-}
-
-// Marshal writes the proto text format of m to w.
-func (tm *TextMarshaler) Marshal(w io.Writer, m Message) error {
-	b, err := tm.marshal(m)
-	if len(b) > 0 {
-		if _, err := w.Write(b); err != nil {
-			return err
-		}
-	}
-	return err
-}
-
-// Text returns a proto text formatted string of m.
-func (tm *TextMarshaler) Text(m Message) string {
-	b, _ := tm.marshal(m)
-	return string(b)
-}
-
-func (tm *TextMarshaler) marshal(m Message) ([]byte, error) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return []byte("<nil>"), nil
-	}
-
-	if wrapTextMarshalV2 {
-		if m, ok := m.(encoding.TextMarshaler); ok {
-			return m.MarshalText()
-		}
-
-		opts := prototext.MarshalOptions{
-			AllowPartial: true,
-			EmitUnknown:  true,
-		}
-		if !tm.Compact {
-			opts.Indent = "  "
-		}
-		if !tm.ExpandAny {
-			opts.Resolver = (*protoregistry.Types)(nil)
-		}
-		return opts.Marshal(mr.Interface())
-	} else {
-		w := &textWriter{
-			compact:   tm.Compact,
-			expandAny: tm.ExpandAny,
-			complete:  true,
-		}
-
-		if m, ok := m.(encoding.TextMarshaler); ok {
-			b, err := m.MarshalText()
-			if err != nil {
-				return nil, err
-			}
-			w.Write(b)
-			return w.buf, nil
-		}
-
-		err := w.writeMessage(mr)
-		return w.buf, err
-	}
-}
-
-var (
-	defaultTextMarshaler = TextMarshaler{}
-	compactTextMarshaler = TextMarshaler{Compact: true}
-)
-
-// MarshalText writes the proto text format of m to w.
-func MarshalText(w io.Writer, m Message) error { return defaultTextMarshaler.Marshal(w, m) }
-
-// MarshalTextString returns a proto text formatted string of m.
-func MarshalTextString(m Message) string { return defaultTextMarshaler.Text(m) }
-
-// CompactText writes the compact proto text format of m to w.
-func CompactText(w io.Writer, m Message) error { return compactTextMarshaler.Marshal(w, m) }
-
-// CompactTextString returns a compact proto text formatted string of m.
-func CompactTextString(m Message) string { return compactTextMarshaler.Text(m) }
-
-var (
-	newline         = []byte("\n")
-	endBraceNewline = []byte("}\n")
-	posInf          = []byte("inf")
-	negInf          = []byte("-inf")
-	nan             = []byte("nan")
-)
-
-// textWriter is an io.Writer that tracks its indentation level.
-type textWriter struct {
-	compact   bool // same as TextMarshaler.Compact
-	expandAny bool // same as TextMarshaler.ExpandAny
-	complete  bool // whether the current position is a complete line
-	indent    int  // indentation level; never negative
-	buf       []byte
-}
-
-func (w *textWriter) Write(p []byte) (n int, _ error) {
-	newlines := bytes.Count(p, newline)
-	if newlines == 0 {
-		if !w.compact && w.complete {
-			w.writeIndent()
-		}
-		w.buf = append(w.buf, p...)
-		w.complete = false
-		return len(p), nil
-	}
-
-	frags := bytes.SplitN(p, newline, newlines+1)
-	if w.compact {
-		for i, frag := range frags {
-			if i > 0 {
-				w.buf = append(w.buf, ' ')
-				n++
-			}
-			w.buf = append(w.buf, frag...)
-			n += len(frag)
-		}
-		return n, nil
-	}
-
-	for i, frag := range frags {
-		if w.complete {
-			w.writeIndent()
-		}
-		w.buf = append(w.buf, frag...)
-		n += len(frag)
-		if i+1 < len(frags) {
-			w.buf = append(w.buf, '\n')
-			n++
-		}
-	}
-	w.complete = len(frags[len(frags)-1]) == 0
-	return n, nil
-}
-
-func (w *textWriter) WriteByte(c byte) error {
-	if w.compact && c == '\n' {
-		c = ' '
-	}
-	if !w.compact && w.complete {
-		w.writeIndent()
-	}
-	w.buf = append(w.buf, c)
-	w.complete = c == '\n'
-	return nil
-}
-
-func (w *textWriter) writeName(fd protoreflect.FieldDescriptor) {
-	if !w.compact && w.complete {
-		w.writeIndent()
-	}
-	w.complete = false
-
-	if fd.Kind() != protoreflect.GroupKind {
-		w.buf = append(w.buf, fd.Name()...)
-		w.WriteByte(':')
-	} else {
-		// Use message type name for group field name.
-		w.buf = append(w.buf, fd.Message().Name()...)
-	}
-
-	if !w.compact {
-		w.WriteByte(' ')
-	}
-}
-
-func requiresQuotes(u string) bool {
-	// When type URL contains any characters except [0-9A-Za-z./\-]*, it must be quoted.
-	for _, ch := range u {
-		switch {
-		case ch == '.' || ch == '/' || ch == '_':
-			continue
-		case '0' <= ch && ch <= '9':
-			continue
-		case 'A' <= ch && ch <= 'Z':
-			continue
-		case 'a' <= ch && ch <= 'z':
-			continue
-		default:
-			return true
-		}
-	}
-	return false
-}
-
-// writeProto3Any writes an expanded google.protobuf.Any message.
-//
-// It returns (false, nil) if sv value can't be unmarshaled (e.g. because
-// required messages are not linked in).
-//
-// It returns (true, error) when sv was written in expanded format or an error
-// was encountered.
-func (w *textWriter) writeProto3Any(m protoreflect.Message) (bool, error) {
-	md := m.Descriptor()
-	fdURL := md.Fields().ByName("type_url")
-	fdVal := md.Fields().ByName("value")
-
-	url := m.Get(fdURL).String()
-	mt, err := protoregistry.GlobalTypes.FindMessageByURL(url)
-	if err != nil {
-		return false, nil
-	}
-
-	b := m.Get(fdVal).Bytes()
-	m2 := mt.New()
-	if err := proto.Unmarshal(b, m2.Interface()); err != nil {
-		return false, nil
-	}
-	w.Write([]byte("["))
-	if requiresQuotes(url) {
-		w.writeQuotedString(url)
-	} else {
-		w.Write([]byte(url))
-	}
-	if w.compact {
-		w.Write([]byte("]:<"))
-	} else {
-		w.Write([]byte("]: <\n"))
-		w.indent++
-	}
-	if err := w.writeMessage(m2); err != nil {
-		return true, err
-	}
-	if w.compact {
-		w.Write([]byte("> "))
-	} else {
-		w.indent--
-		w.Write([]byte(">\n"))
-	}
-	return true, nil
-}
-
-func (w *textWriter) writeMessage(m protoreflect.Message) error {
-	md := m.Descriptor()
-	if w.expandAny && md.FullName() == "google.protobuf.Any" {
-		if canExpand, err := w.writeProto3Any(m); canExpand {
-			return err
-		}
-	}
-
-	fds := md.Fields()
-	for i := 0; i < fds.Len(); {
-		fd := fds.Get(i)
-		if od := fd.ContainingOneof(); od != nil {
-			fd = m.WhichOneof(od)
-			i += od.Fields().Len()
-		} else {
-			i++
-		}
-		if fd == nil || !m.Has(fd) {
-			continue
-		}
-
-		switch {
-		case fd.IsList():
-			lv := m.Get(fd).List()
-			for j := 0; j < lv.Len(); j++ {
-				w.writeName(fd)
-				v := lv.Get(j)
-				if err := w.writeSingularValue(v, fd); err != nil {
-					return err
-				}
-				w.WriteByte('\n')
-			}
-		case fd.IsMap():
-			kfd := fd.MapKey()
-			vfd := fd.MapValue()
-			mv := m.Get(fd).Map()
-
-			type entry struct{ key, val protoreflect.Value }
-			var entries []entry
-			mv.Range(func(k protoreflect.MapKey, v protoreflect.Value) bool {
-				entries = append(entries, entry{k.Value(), v})
-				return true
-			})
-			sort.Slice(entries, func(i, j int) bool {
-				switch kfd.Kind() {
-				case protoreflect.BoolKind:
-					return !entries[i].key.Bool() && entries[j].key.Bool()
-				case protoreflect.Int32Kind, protoreflect.Sint32Kind, protoreflect.Sfixed32Kind, protoreflect.Int64Kind, protoreflect.Sint64Kind, protoreflect.Sfixed64Kind:
-					return entries[i].key.Int() < entries[j].key.Int()
-				case protoreflect.Uint32Kind, protoreflect.Fixed32Kind, protoreflect.Uint64Kind, protoreflect.Fixed64Kind:
-					return entries[i].key.Uint() < entries[j].key.Uint()
-				case protoreflect.StringKind:
-					return entries[i].key.String() < entries[j].key.String()
-				default:
-					panic("invalid kind")
-				}
-			})
-			for _, entry := range entries {
-				w.writeName(fd)
-				w.WriteByte('<')
-				if !w.compact {
-					w.WriteByte('\n')
-				}
-				w.indent++
-				w.writeName(kfd)
-				if err := w.writeSingularValue(entry.key, kfd); err != nil {
-					return err
-				}
-				w.WriteByte('\n')
-				w.writeName(vfd)
-				if err := w.writeSingularValue(entry.val, vfd); err != nil {
-					return err
-				}
-				w.WriteByte('\n')
-				w.indent--
-				w.WriteByte('>')
-				w.WriteByte('\n')
-			}
-		default:
-			w.writeName(fd)
-			if err := w.writeSingularValue(m.Get(fd), fd); err != nil {
-				return err
-			}
-			w.WriteByte('\n')
-		}
-	}
-
-	if b := m.GetUnknown(); len(b) > 0 {
-		w.writeUnknownFields(b)
-	}
-	return w.writeExtensions(m)
-}
-
-func (w *textWriter) writeSingularValue(v protoreflect.Value, fd protoreflect.FieldDescriptor) error {
-	switch fd.Kind() {
-	case protoreflect.FloatKind, protoreflect.DoubleKind:
-		switch vf := v.Float(); {
-		case math.IsInf(vf, +1):
-			w.Write(posInf)
-		case math.IsInf(vf, -1):
-			w.Write(negInf)
-		case math.IsNaN(vf):
-			w.Write(nan)
-		default:
-			fmt.Fprint(w, v.Interface())
-		}
-	case protoreflect.StringKind:
-		// NOTE: This does not validate UTF-8 for historical reasons.
-		w.writeQuotedString(string(v.String()))
-	case protoreflect.BytesKind:
-		w.writeQuotedString(string(v.Bytes()))
-	case protoreflect.MessageKind, protoreflect.GroupKind:
-		var bra, ket byte = '<', '>'
-		if fd.Kind() == protoreflect.GroupKind {
-			bra, ket = '{', '}'
-		}
-		w.WriteByte(bra)
-		if !w.compact {
-			w.WriteByte('\n')
-		}
-		w.indent++
-		m := v.Message()
-		if m2, ok := m.Interface().(encoding.TextMarshaler); ok {
-			b, err := m2.MarshalText()
-			if err != nil {
-				return err
-			}
-			w.Write(b)
-		} else {
-			w.writeMessage(m)
-		}
-		w.indent--
-		w.WriteByte(ket)
-	case protoreflect.EnumKind:
-		if ev := fd.Enum().Values().ByNumber(v.Enum()); ev != nil {
-			fmt.Fprint(w, ev.Name())
-		} else {
-			fmt.Fprint(w, v.Enum())
-		}
-	default:
-		fmt.Fprint(w, v.Interface())
-	}
-	return nil
-}
-
-// writeQuotedString writes a quoted string in the protocol buffer text format.
-func (w *textWriter) writeQuotedString(s string) {
-	w.WriteByte('"')
-	for i := 0; i < len(s); i++ {
-		switch c := s[i]; c {
-		case '\n':
-			w.buf = append(w.buf, `\n`...)
-		case '\r':
-			w.buf = append(w.buf, `\r`...)
-		case '\t':
-			w.buf = append(w.buf, `\t`...)
-		case '"':
-			w.buf = append(w.buf, `\"`...)
-		case '\\':
-			w.buf = append(w.buf, `\\`...)
-		default:
-			if isPrint := c >= 0x20 && c < 0x7f; isPrint {
-				w.buf = append(w.buf, c)
-			} else {
-				w.buf = append(w.buf, fmt.Sprintf(`\%03o`, c)...)
-			}
-		}
-	}
-	w.WriteByte('"')
-}
-
-func (w *textWriter) writeUnknownFields(b []byte) {
-	if !w.compact {
-		fmt.Fprintf(w, "/* %d unknown bytes */\n", len(b))
-	}
-
-	for len(b) > 0 {
-		num, wtyp, n := protowire.ConsumeTag(b)
-		if n < 0 {
-			return
-		}
-		b = b[n:]
-
-		if wtyp == protowire.EndGroupType {
-			w.indent--
-			w.Write(endBraceNewline)
-			continue
-		}
-		fmt.Fprint(w, num)
-		if wtyp != protowire.StartGroupType {
-			w.WriteByte(':')
-		}
-		if !w.compact || wtyp == protowire.StartGroupType {
-			w.WriteByte(' ')
-		}
-		switch wtyp {
-		case protowire.VarintType:
-			v, n := protowire.ConsumeVarint(b)
-			if n < 0 {
-				return
-			}
-			b = b[n:]
-			fmt.Fprint(w, v)
-		case protowire.Fixed32Type:
-			v, n := protowire.ConsumeFixed32(b)
-			if n < 0 {
-				return
-			}
-			b = b[n:]
-			fmt.Fprint(w, v)
-		case protowire.Fixed64Type:
-			v, n := protowire.ConsumeFixed64(b)
-			if n < 0 {
-				return
-			}
-			b = b[n:]
-			fmt.Fprint(w, v)
-		case protowire.BytesType:
-			v, n := protowire.ConsumeBytes(b)
-			if n < 0 {
-				return
-			}
-			b = b[n:]
-			fmt.Fprintf(w, "%q", v)
-		case protowire.StartGroupType:
-			w.WriteByte('{')
-			w.indent++
-		default:
-			fmt.Fprintf(w, "/* unknown wire type %d */", wtyp)
-		}
-		w.WriteByte('\n')
-	}
-}
-
-// writeExtensions writes all the extensions in m.
-func (w *textWriter) writeExtensions(m protoreflect.Message) error {
-	md := m.Descriptor()
-	if md.ExtensionRanges().Len() == 0 {
-		return nil
-	}
-
-	type ext struct {
-		desc protoreflect.FieldDescriptor
-		val  protoreflect.Value
-	}
-	var exts []ext
-	m.Range(func(fd protoreflect.FieldDescriptor, v protoreflect.Value) bool {
-		if fd.IsExtension() {
-			exts = append(exts, ext{fd, v})
-		}
-		return true
-	})
-	sort.Slice(exts, func(i, j int) bool {
-		return exts[i].desc.Number() < exts[j].desc.Number()
-	})
-
-	for _, ext := range exts {
-		// For message set, use the name of the message as the extension name.
-		name := string(ext.desc.FullName())
-		if isMessageSet(ext.desc.ContainingMessage()) {
-			name = strings.TrimSuffix(name, ".message_set_extension")
-		}
-
-		if !ext.desc.IsList() {
-			if err := w.writeSingularExtension(name, ext.val, ext.desc); err != nil {
-				return err
-			}
-		} else {
-			lv := ext.val.List()
-			for i := 0; i < lv.Len(); i++ {
-				if err := w.writeSingularExtension(name, lv.Get(i), ext.desc); err != nil {
-					return err
-				}
-			}
-		}
-	}
-	return nil
-}
-
-func (w *textWriter) writeSingularExtension(name string, v protoreflect.Value, fd protoreflect.FieldDescriptor) error {
-	fmt.Fprintf(w, "[%s]:", name)
-	if !w.compact {
-		w.WriteByte(' ')
-	}
-	if err := w.writeSingularValue(v, fd); err != nil {
-		return err
-	}
-	w.WriteByte('\n')
-	return nil
-}
-
-func (w *textWriter) writeIndent() {
-	if !w.complete {
-		return
-	}
-	for i := 0; i < w.indent*2; i++ {
-		w.buf = append(w.buf, ' ')
-	}
-	w.complete = false
-}
diff --git a/vendor/github.com/golang/protobuf/proto/wire.go b/vendor/github.com/golang/protobuf/proto/wire.go
deleted file mode 100644
index d7c28da5a7..0000000000
--- a/vendor/github.com/golang/protobuf/proto/wire.go
+++ /dev/null
@@ -1,78 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	protoV2 "google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/runtime/protoiface"
-)
-
-// Size returns the size in bytes of the wire-format encoding of m.
-func Size(m Message) int {
-	if m == nil {
-		return 0
-	}
-	mi := MessageV2(m)
-	return protoV2.Size(mi)
-}
-
-// Marshal returns the wire-format encoding of m.
-func Marshal(m Message) ([]byte, error) {
-	b, err := marshalAppend(nil, m, false)
-	if b == nil {
-		b = zeroBytes
-	}
-	return b, err
-}
-
-var zeroBytes = make([]byte, 0, 0)
-
-func marshalAppend(buf []byte, m Message, deterministic bool) ([]byte, error) {
-	if m == nil {
-		return nil, ErrNil
-	}
-	mi := MessageV2(m)
-	nbuf, err := protoV2.MarshalOptions{
-		Deterministic: deterministic,
-		AllowPartial:  true,
-	}.MarshalAppend(buf, mi)
-	if err != nil {
-		return buf, err
-	}
-	if len(buf) == len(nbuf) {
-		if !mi.ProtoReflect().IsValid() {
-			return buf, ErrNil
-		}
-	}
-	return nbuf, checkRequiredNotSet(mi)
-}
-
-// Unmarshal parses a wire-format message in b and places the decoded results in m.
-//
-// Unmarshal resets m before starting to unmarshal, so any existing data in m is always
-// removed. Use UnmarshalMerge to preserve and append to existing data.
-func Unmarshal(b []byte, m Message) error {
-	m.Reset()
-	return UnmarshalMerge(b, m)
-}
-
-// UnmarshalMerge parses a wire-format message in b and places the decoded results in m.
-func UnmarshalMerge(b []byte, m Message) error {
-	mi := MessageV2(m)
-	out, err := protoV2.UnmarshalOptions{
-		AllowPartial: true,
-		Merge:        true,
-	}.UnmarshalState(protoiface.UnmarshalInput{
-		Buf:     b,
-		Message: mi.ProtoReflect(),
-	})
-	if err != nil {
-		return err
-	}
-	if out.Flags&protoiface.UnmarshalInitialized > 0 {
-		return nil
-	}
-	return checkRequiredNotSet(mi)
-}
diff --git a/vendor/github.com/golang/protobuf/proto/wrappers.go b/vendor/github.com/golang/protobuf/proto/wrappers.go
deleted file mode 100644
index 398e348599..0000000000
--- a/vendor/github.com/golang/protobuf/proto/wrappers.go
+++ /dev/null
@@ -1,34 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-// Bool stores v in a new bool value and returns a pointer to it.
-func Bool(v bool) *bool { return &v }
-
-// Int stores v in a new int32 value and returns a pointer to it.
-//
-// Deprecated: Use Int32 instead.
-func Int(v int) *int32 { return Int32(int32(v)) }
-
-// Int32 stores v in a new int32 value and returns a pointer to it.
-func Int32(v int32) *int32 { return &v }
-
-// Int64 stores v in a new int64 value and returns a pointer to it.
-func Int64(v int64) *int64 { return &v }
-
-// Uint32 stores v in a new uint32 value and returns a pointer to it.
-func Uint32(v uint32) *uint32 { return &v }
-
-// Uint64 stores v in a new uint64 value and returns a pointer to it.
-func Uint64(v uint64) *uint64 { return &v }
-
-// Float32 stores v in a new float32 value and returns a pointer to it.
-func Float32(v float32) *float32 { return &v }
-
-// Float64 stores v in a new float64 value and returns a pointer to it.
-func Float64(v float64) *float64 { return &v }
-
-// String stores v in a new string value and returns a pointer to it.
-func String(v string) *string { return &v }
diff --git a/vendor/github.com/google/certificate-transparency-go/.golangci.yaml b/vendor/github.com/google/certificate-transparency-go/.golangci.yaml
index 405740a1f1..e9b683b2bd 100644
--- a/vendor/github.com/google/certificate-transparency-go/.golangci.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/.golangci.yaml
@@ -1,28 +1,39 @@
-run:
-  deadline: 90s
-  skip-dirs:
-    - (^|/)x509($|/)
-    - (^|/)x509util($|/)
-    - (^|/)asn1($|/)
-
-linters-settings:
-  gocyclo:
-    min-complexity: 25
-  depguard:
-    list-type: blacklist
-    packages:
-      - ^golang.org/x/net/context$
-      - github.com/gogo/protobuf/proto
-      - encoding/asn1
-      - crypto/x509
-
-issues:
-  exclude-use-default: false
-  exclude-rules:
-    # The following grpc linters are excluded because grpc.Dial, grpc.DialContext and grpc.WithBlock will be supported throughout 1.x.
-    - linters: [staticcheck]
-      text: 'SA1019: grpc.Dial is deprecated: use NewClient instead'
-    - linters: [staticcheck]
-      text: 'SA1019: grpc.DialContext is deprecated: use NewClient instead'
-    - linters: [staticcheck]
-      text: 'SA1019: grpc.WithBlock is deprecated: this DialOption is not supported by NewClient'
+version: "2"
+linters:
+  settings:
+    depguard:
+      rules:
+        main:
+          deny:
+            - pkg: ^golang.org/x/net/context$
+            - pkg: github.com/gogo/protobuf/proto
+            - pkg: encoding/asn1
+            - pkg: crypto/x509
+    gocyclo:
+      min-complexity: 25
+  exclusions:
+    generated: lax
+    rules:
+      - linters:
+          - staticcheck
+        text: 'SA1019: grpc.Dial is deprecated: use NewClient instead'
+      - linters:
+          - staticcheck
+        text: 'SA1019: grpc.DialContext is deprecated: use NewClient instead'
+      - linters:
+          - staticcheck
+        text: 'SA1019: grpc.WithBlock is deprecated: this DialOption is not supported by NewClient'
+    paths:
+      - (^|/)x509($|/)
+      - (^|/)x509util($|/)
+      - (^|/)asn1($|/)
+      - third_party$
+      - builtin$
+      - examples$
+formatters:
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
diff --git a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
index 5cb7b7d433..0206cfe124 100644
--- a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
+++ b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
@@ -2,6 +2,77 @@
 
 ## HEAD
 
+## v1.3.2
+
+### Misc
+
+* [migrillian] remove etcd support in #1699
+* Bump golangci-lint from 1.55.1 to 1.61.0 (developers should update to this version).
+* Update ctclient tool to support SCT extensions field by @liweitianux in https://github.com/google/certificate-transparency-go/pull/1645
+* Bump go to 1.23
+* [ct_hammer] support HTTPS and Bearer token for Authentication.
+* [preloader] support Bearer token Authentication for non temporal logs.
+* [preloader] support end indexes
+* [CTFE] Short cache max-age when get-entries returns fewer entries than requested by @robstradling in https://github.com/google/certificate-transparency-go/pull/1707
+* [CTFE] Disalllow mismatching signature algorithm identifiers in #702.
+* [jsonclient] surface HTTP Do and Read errors #1695 by @FiloSottile 
+
+### CTFE Storage Saving: Extra Data Issuance Chain Deduplication
+
+* Suppress unnecessary duplicate key errors in the IssuanceChainStorage PostgreSQL implementation by @robstradling in https://github.com/google/certificate-transparency-go/pull/1678
+* Only store IssuanceChain if not cached by @robstradling in https://github.com/google/certificate-transparency-go/pull/1679
+
+### CTFE Rate Limiting Of Non-Fresh Submissions
+
+To protect a log from being flooded with requests for "old" certificates, optional rate limiting for "non-fresh submissions" can be configured by providing the following flags:
+
+- `non_fresh_submission_age`
+- `non_fresh_submission_burst`
+- `non_fresh_submission_limit`
+
+This can help to ensure that the log maintains its ability to (1) accept "fresh" submissions and (2) distribute all log entries to monitors.
+
+* [CTFE] Configurable mechanism to rate-limit non-fresh submissions by @robstradling in https://github.com/google/certificate-transparency-go/pull/1698
+
+### Dependency updates
+
+*  Bump the docker-deps group across 5 directories with 3 updates (#1705)
+*  Bump google.golang.org/grpc from 1.72.1 to 1.72.2 in the all-deps group (#1704)
+*  Bump github.com/go-jose/go-jose/v4 in the go_modules group (#1700)
+*  Bump the all-deps group with 7 updates (#1701)
+*  Bump the all-deps group with 7 updates (#1693)
+*  Bump the docker-deps group across 4 directories with 1 update (#1694)
+*  Bump github/codeql-action from 3.28.13 to 3.28.16 in the all-deps group (#1692)
+*  Bump the all-deps group across 1 directory with 7 updates (#1688)
+*  Bump distroless/base-debian12 (#1686)
+*  Bump golangci/golangci-lint-action from 6.5.1 to 7.0.0 in the all-deps group (#1685)
+*  Bump the all-deps group with 4 updates (#1681)
+*  Bump the all-deps group with 6 updates (#1683)
+*  Bump the docker-deps group across 4 directories with 2 updates (#1682)
+*  Bump github.com/golang-jwt/jwt/v4 in the go_modules group (#1680)
+*  Bump golangci/golangci-lint-action in the all-deps group (#1676)
+*  Bump the all-deps group with 2 updates (#1677)
+*  Bump github/codeql-action from 3.28.10 to 3.28.11 in the all-deps group (#1670)
+*  Bump the all-deps group with 8 updates (#1672)
+*  Bump the docker-deps group across 4 directories with 1 update (#1671)
+*  Bump the docker-deps group across 4 directories with 1 update (#1668)
+*  Bump the all-deps group with 4 updates (#1666)
+*  Bump golangci-lint from 1.55.1 to 1.61.0 (#1667)
+*  Bump the all-deps group with 3 updates (#1665)
+*  Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 in the all-deps group (#1660)
+*  Bump the docker-deps group across 5 directories with 2 updates (#1661)
+*  Bump golangci/golangci-lint-action in the all-deps group (#1662)
+*  Bump the docker-deps group across 4 directories with 1 update (#1656)
+*  Bump the all-deps group with 2 updates (#1654)
+*  Bump the all-deps group with 4 updates (#1657)
+*  Bump github/codeql-action from 3.28.5 to 3.28.8 in the all-deps group (#1652)
+*  Bump github.com/spf13/pflag from 1.0.5 to 1.0.6 in the all-deps group (#1651)
+*  Bump the all-deps group with 2 updates (#1649)
+*  Bump the all-deps group with 5 updates (#1650)
+*  Bump the docker-deps group across 5 directories with 3 updates (#1648)
+*  Bump google.golang.org/protobuf in the all-deps group (#1647)
+*  Bump golangci/golangci-lint-action in the all-deps group (#1646)
+
 ## v1.3.1
 
 * Add AllLogListSignatureURL by @AlexLaroche in https://github.com/google/certificate-transparency-go/pull/1634
diff --git a/vendor/github.com/google/certificate-transparency-go/README.md b/vendor/github.com/google/certificate-transparency-go/README.md
index b528c55755..bade700508 100644
--- a/vendor/github.com/google/certificate-transparency-go/README.md
+++ b/vendor/github.com/google/certificate-transparency-go/README.md
@@ -6,7 +6,7 @@
 
 This repository holds Go code related to
 [Certificate Transparency](https://www.certificate-transparency.org/) (CT).  The
-repository requires Go version 1.22.
+repository requires Go version 1.23.
 
  - [Repository Structure](#repository-structure)
  - [Trillian CT Personality](#trillian-ct-personality)
@@ -85,7 +85,7 @@ pull requests for review.
 
 ```bash
 # Install golangci-lint
-go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.55.1
+go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.61.0
 
 # Run code generation, build, test and linters
 ./scripts/presubmit.sh
diff --git a/vendor/github.com/google/certificate-transparency-go/client/logclient.go b/vendor/github.com/google/certificate-transparency-go/client/logclient.go
index 7842c8e288..0e90c1077f 100644
--- a/vendor/github.com/google/certificate-transparency-go/client/logclient.go
+++ b/vendor/github.com/google/certificate-transparency-go/client/logclient.go
@@ -160,6 +160,7 @@ func (c *LogClient) VerifySCTSignature(sct ct.SignedCertificateTimestamp, ctype
 	if err != nil {
 		return fmt.Errorf("failed to build MerkleTreeLeaf: %v", err)
 	}
+	leaf.TimestampedEntry.Extensions = sct.Extensions
 	entry := ct.LogEntry{Leaf: *leaf}
 	return c.Verifier.VerifySCTSignature(sct, entry)
 }
diff --git a/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go b/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
index 1dee4cb601..edb8f919af 100644
--- a/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
+++ b/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
@@ -34,8 +34,6 @@ import (
 
 	ct "github.com/google/certificate-transparency-go"
 	"github.com/google/certificate-transparency-go/x509"
-	"golang.org/x/net/context/ctxhttp"
-	"k8s.io/klog/v2"
 )
 
 const maxJitter = 250 * time.Millisecond
@@ -56,12 +54,13 @@ type backoffer interface {
 // JSONClient provides common functionality for interacting with a JSON server
 // that uses cryptographic signatures.
 type JSONClient struct {
-	uri        string                // the base URI of the server. e.g. https://ct.googleapis/pilot
-	httpClient *http.Client          // used to interact with the server via HTTP
-	Verifier   *ct.SignatureVerifier // nil for no verification (e.g. no public key available)
-	logger     Logger                // interface to use for logging warnings and errors
-	backoff    backoffer             // object used to store and calculate backoff information
-	userAgent  string                // If set, this is sent as the UserAgent header.
+	uri           string                // the base URI of the server. e.g. https://ct.googleapis/pilot
+	httpClient    *http.Client          // used to interact with the server via HTTP
+	Verifier      *ct.SignatureVerifier // nil for no verification (e.g. no public key available)
+	logger        Logger                // interface to use for logging warnings and errors
+	backoff       backoffer             // object used to store and calculate backoff information
+	userAgent     string                // If set, this is sent as the UserAgent header.
+	authorization string                // If set, this is sent as the Authorization header.
 }
 
 // Logger is a simple logging interface used to log internal errors and warnings
@@ -81,6 +80,8 @@ type Options struct {
 	PublicKeyDER []byte
 	// UserAgent, if set, will be sent as the User-Agent header with each request.
 	UserAgent string
+	// If set, this is sent as the Authorization header with each request.
+	Authorization string
 }
 
 // ParsePublicKey parses and returns the public key contained in opts.
@@ -150,12 +151,13 @@ func New(uri string, hc *http.Client, opts Options) (*JSONClient, error) {
 		logger = &basicLogger{}
 	}
 	return &JSONClient{
-		uri:        strings.TrimRight(uri, "/"),
-		httpClient: hc,
-		Verifier:   verifier,
-		logger:     logger,
-		backoff:    &backoff{},
-		userAgent:  opts.UserAgent,
+		uri:           strings.TrimRight(uri, "/"),
+		httpClient:    hc,
+		Verifier:      verifier,
+		logger:        logger,
+		backoff:       &backoff{},
+		userAgent:     opts.UserAgent,
+		authorization: opts.Authorization,
 	}, nil
 }
 
@@ -167,7 +169,8 @@ func (c *JSONClient) BaseURI() string {
 // GetAndParse makes a HTTP GET call to the given path, and attempts to parse
 // the response as a JSON representation of the rsp structure.  Returns the
 // http.Response, the body of the response, and an error (which may be of
-// type RspError if the HTTP response was available).
+// type RspError if the HTTP response was available). It returns an error
+// if the response status code is not 200 OK.
 func (c *JSONClient) GetAndParse(ctx context.Context, path string, params map[string]string, rsp interface{}) (*http.Response, []byte, error) {
 	if ctx == nil {
 		return nil, nil, errors.New("context.Context required")
@@ -178,29 +181,28 @@ func (c *JSONClient) GetAndParse(ctx context.Context, path string, params map[st
 		vals.Add(k, v)
 	}
 	fullURI := fmt.Sprintf("%s%s?%s", c.uri, path, vals.Encode())
-	klog.V(2).Infof("GET %s", fullURI)
-	httpReq, err := http.NewRequest(http.MethodGet, fullURI, nil)
+	httpReq, err := http.NewRequestWithContext(ctx, http.MethodGet, fullURI, nil)
 	if err != nil {
 		return nil, nil, err
 	}
 	if len(c.userAgent) != 0 {
 		httpReq.Header.Set("User-Agent", c.userAgent)
 	}
+	if len(c.authorization) != 0 {
+		httpReq.Header.Add("Authorization", c.authorization)
+	}
 
-	httpRsp, err := ctxhttp.Do(ctx, c.httpClient, httpReq)
+	httpRsp, err := c.httpClient.Do(httpReq)
 	if err != nil {
 		return nil, nil, err
 	}
-
-	// Read everything now so http.Client can reuse the connection.
 	body, err := io.ReadAll(httpRsp.Body)
-	if err := httpRsp.Body.Close(); err != nil {
-		return nil, nil, err
-	}
 	if err != nil {
-		return nil, nil, RspError{Err: fmt.Errorf("failed to read response body: %v", err), StatusCode: httpRsp.StatusCode, Body: body}
+		return nil, nil, RspError{Err: fmt.Errorf("failed to read response body: %w", err), StatusCode: httpRsp.StatusCode, Body: body}
+	}
+	if err := httpRsp.Body.Close(); err != nil {
+		return nil, nil, RspError{Err: fmt.Errorf("failed to close response body: %w", err), StatusCode: httpRsp.StatusCode, Body: body}
 	}
-
 	if httpRsp.StatusCode != http.StatusOK {
 		return nil, nil, RspError{Err: fmt.Errorf("got HTTP Status %q", httpRsp.Status), StatusCode: httpRsp.StatusCode, Body: body}
 	}
@@ -216,6 +218,7 @@ func (c *JSONClient) GetAndParse(ctx context.Context, path string, params map[st
 // parameters, and attempts to parse the response as a JSON representation of
 // the rsp structure. Returns the http.Response, the body of the response, and
 // an error (which may be of type RspError if the HTTP response was available).
+// It does NOT return an error if the response status code is not 200 OK.
 func (c *JSONClient) PostAndParse(ctx context.Context, path string, req, rsp interface{}) (*http.Response, []byte, error) {
 	if ctx == nil {
 		return nil, nil, errors.New("context.Context required")
@@ -226,30 +229,28 @@ func (c *JSONClient) PostAndParse(ctx context.Context, path string, req, rsp int
 		return nil, nil, err
 	}
 	fullURI := fmt.Sprintf("%s%s", c.uri, path)
-	klog.V(2).Infof("POST %s", fullURI)
-	httpReq, err := http.NewRequest(http.MethodPost, fullURI, bytes.NewReader(postBody))
+	httpReq, err := http.NewRequestWithContext(ctx, http.MethodPost, fullURI, bytes.NewReader(postBody))
 	if err != nil {
 		return nil, nil, err
 	}
 	if len(c.userAgent) != 0 {
 		httpReq.Header.Set("User-Agent", c.userAgent)
 	}
+	if len(c.authorization) != 0 {
+		httpReq.Header.Add("Authorization", c.authorization)
+	}
 	httpReq.Header.Set("Content-Type", "application/json")
 
-	httpRsp, err := ctxhttp.Do(ctx, c.httpClient, httpReq)
-
-	// Read all of the body, if there is one, so that the http.Client can do Keep-Alive.
-	var body []byte
-	if httpRsp != nil {
-		body, err = io.ReadAll(httpRsp.Body)
-		if err := httpRsp.Body.Close(); err != nil {
-			return nil, nil, err
-		}
+	httpRsp, err := c.httpClient.Do(httpReq)
+	if err != nil {
+		return nil, nil, err
 	}
+	body, err := io.ReadAll(httpRsp.Body)
 	if err != nil {
-		if httpRsp != nil {
-			return nil, nil, RspError{StatusCode: httpRsp.StatusCode, Body: body, Err: err}
-		}
+		_ = httpRsp.Body.Close()
+		return nil, nil, err
+	}
+	if err := httpRsp.Body.Close(); err != nil {
 		return nil, nil, err
 	}
 	if httpRsp.Request.Method != http.MethodPost {
@@ -258,7 +259,7 @@ func (c *JSONClient) PostAndParse(ctx context.Context, path string, req, rsp int
 	}
 
 	if httpRsp.StatusCode == http.StatusOK {
-		if err = json.Unmarshal(body, &rsp); err != nil {
+		if err := json.Unmarshal(body, &rsp); err != nil {
 			return nil, nil, RspError{StatusCode: httpRsp.StatusCode, Body: body, Err: err}
 		}
 	}
@@ -292,21 +293,21 @@ func (c *JSONClient) PostAndParseWithRetry(ctx context.Context, path string, req
 		httpRsp, body, err := c.PostAndParse(ctx, path, req, rsp)
 		if err != nil {
 			// Don't retry context errors.
-			if err == context.Canceled || err == context.DeadlineExceeded {
+			if errors.Is(err, context.Canceled) || errors.Is(err, context.DeadlineExceeded) {
 				return nil, nil, err
 			}
 			wait := c.backoff.set(nil)
 			c.logger.Printf("Request to %s failed, backing-off %s: %s", c.uri, wait, err)
 		} else {
-			switch {
-			case httpRsp.StatusCode == http.StatusOK:
+			switch httpRsp.StatusCode {
+			case http.StatusOK:
 				return httpRsp, body, nil
-			case httpRsp.StatusCode == http.StatusRequestTimeout:
+			case http.StatusRequestTimeout:
 				// Request timeout, retry immediately
 				c.logger.Printf("Request to %s timed out, retrying immediately", c.uri)
-			case httpRsp.StatusCode == http.StatusServiceUnavailable:
+			case http.StatusServiceUnavailable:
 				fallthrough
-			case httpRsp.StatusCode == http.StatusTooManyRequests:
+			case http.StatusTooManyRequests:
 				var backoff *time.Duration
 				// Retry-After may be either a number of seconds as a int or a RFC 1123
 				// date string (RFC 7231 Section 7.1.3)
diff --git a/vendor/github.com/google/certificate-transparency-go/loglist3/logfilter.go b/vendor/github.com/google/certificate-transparency-go/loglist3/logfilter.go
index 34949be057..9ac54bae91 100644
--- a/vendor/github.com/google/certificate-transparency-go/loglist3/logfilter.go
+++ b/vendor/github.com/google/certificate-transparency-go/loglist3/logfilter.go
@@ -17,7 +17,6 @@ package loglist3
 import (
 	"github.com/google/certificate-transparency-go/x509"
 	"github.com/google/certificate-transparency-go/x509util"
-	"k8s.io/klog/v2"
 )
 
 // LogRoots maps Log-URLs (stated at LogList) to the pools of their accepted
@@ -68,7 +67,8 @@ func (ll *LogList) RootCompatible(certRoot *x509.Certificate, roots LogRoots) Lo
 
 	// Check whether root is a CA-cert.
 	if certRoot != nil && !certRoot.IsCA {
-		klog.Warningf("Compatible method expects fully rooted chain, while last cert of the chain provided is not root")
+		// Compatible method expects fully rooted chain, while last cert of the chain provided is not root.
+		// Proceed anyway.
 		return compatible
 	}
 
diff --git a/vendor/github.com/google/certificate-transparency-go/x509/pkix/pkix.go b/vendor/github.com/google/certificate-transparency-go/x509/pkix/pkix.go
index 843fa1f2cd..1716f908ab 100644
--- a/vendor/github.com/google/certificate-transparency-go/x509/pkix/pkix.go
+++ b/vendor/github.com/google/certificate-transparency-go/x509/pkix/pkix.go
@@ -18,6 +18,7 @@ import (
 // AlgorithmIdentifier represents the ASN.1 structure of the same name. See RFC
 // 5280, section 4.1.1.2.
 type AlgorithmIdentifier struct {
+	Raw        asn1.RawContent
 	Algorithm  asn1.ObjectIdentifier
 	Parameters asn1.RawValue `asn1:"optional"`
 }
diff --git a/vendor/github.com/google/certificate-transparency-go/x509/x509.go b/vendor/github.com/google/certificate-transparency-go/x509/x509.go
index 3059a6facc..917d78779f 100644
--- a/vendor/github.com/google/certificate-transparency-go/x509/x509.go
+++ b/vendor/github.com/google/certificate-transparency-go/x509/x509.go
@@ -11,40 +11,40 @@
 // This is a fork of the Go library crypto/x509 package, primarily adapted for
 // use with Certificate Transparency.  Main areas of difference are:
 //
-//   - Life as a fork:
-//   - Rename OS-specific cgo code so it doesn't clash with main Go library.
-//   - Use local library imports (asn1, pkix) throughout.
-//   - Add version-specific wrappers for Go version-incompatible code (in
-//     ptr_*_windows.go).
-//   - Laxer certificate parsing:
-//   - Add options to disable various validation checks (times, EKUs etc).
-//   - Use NonFatalErrors type for some errors and continue parsing; this
-//     can be checked with IsFatal(err).
-//   - Support for short bitlength ECDSA curves (in curves.go).
-//   - Certificate Transparency specific function:
-//   - Parsing and marshaling of SCTList extension.
-//   - RemoveSCTList() function for rebuilding CT leaf entry.
-//   - Pre-certificate processing (RemoveCTPoison(), BuildPrecertTBS(),
-//     ParseTBSCertificate(), IsPrecertificate()).
-//   - Revocation list processing:
-//   - Detailed CRL parsing (in revoked.go)
-//   - Detailed error recording mechanism (in error.go, errors.go)
-//   - Factor out parseDistributionPoints() for reuse.
-//   - Factor out and generalize GeneralNames parsing (in names.go)
-//   - Fix CRL commenting.
-//   - RPKI support:
-//   - Support for SubjectInfoAccess extension
-//   - Support for RFC3779 extensions (in rpki.go)
-//   - RSAES-OAEP support:
-//   - Support for parsing RSASES-OAEP public keys from certificates
-//   - Ed25519 support:
-//   - Support for parsing and marshaling Ed25519 keys
-//   - General improvements:
-//   - Export and use OID values throughout.
-//   - Export OIDFromNamedCurve().
-//   - Export SignatureAlgorithmFromAI().
-//   - Add OID value to UnhandledCriticalExtension error.
-//   - Minor typo/lint fixes.
+//	Life as a fork:
+//	- Rename OS-specific cgo code so it doesn't clash with main Go library.
+//	- Use local library imports (asn1, pkix) throughout.
+//	- Add version-specific wrappers for Go version-incompatible code (in
+//	  ptr_*_windows.go).
+//	Laxer certificate parsing:
+//	- Add options to disable various validation checks (times, EKUs etc).
+//	- Use NonFatalErrors type for some errors and continue parsing; this
+//	  can be checked with IsFatal(err).
+//	- Support for short bitlength ECDSA curves (in curves.go).
+//	Certificate Transparency specific function:
+//	- Parsing and marshaling of SCTList extension.
+//	- RemoveSCTList() function for rebuilding CT leaf entry.
+//	- Pre-certificate processing (RemoveCTPoison(), BuildPrecertTBS(),
+//	  ParseTBSCertificate(), IsPrecertificate()).
+//	Revocation list processing:
+//	- Detailed CRL parsing (in revoked.go)
+//	- Detailed error recording mechanism (in error.go, errors.go)
+//	- Factor out parseDistributionPoints() for reuse.
+//	- Factor out and generalize GeneralNames parsing (in names.go)
+//	- Fix CRL commenting.
+//	RPKI support:
+//	- Support for SubjectInfoAccess extension
+//	- Support for RFC3779 extensions (in rpki.go)
+//	RSAES-OAEP support:
+//	- Support for parsing RSASES-OAEP public keys from certificates
+//	Ed25519 support:
+//	- Support for parsing and marshaling Ed25519 keys
+//	General improvements:
+//	- Export and use OID values throughout.
+//	- Export OIDFromNamedCurve().
+//	- Export SignatureAlgorithmFromAI().
+//	- Add OID value to UnhandledCriticalExtension error.
+//	- Minor typo/lint fixes.
 package x509
 
 import (
@@ -1813,9 +1813,25 @@ func parseNameConstraintsExtension(out *Certificate, e pkix.Extension, nfe *NonF
 	return unhandled, nil
 }
 
-func parseCertificate(in *certificate) (*Certificate, error) {
+func parseCertificate(in *certificate, tbsOnly bool) (*Certificate, error) {
 	var nfe NonFatalErrors
 
+	// Certificates contain two signature algorithm identifier fields,
+	// one in the inner signed tbsCertificate structure and one in the
+	// outer unsigned certificate structure. RFC 5280 requires these
+	// fields match, but golang doesn't impose this restriction. Because
+	// the outer structure is not covered by the signature the algorithm
+	// field is entirely malleable. This allows a user to bypass the
+	// leaf data uniqueness check that happens in trillian by altering
+	// the unbounded OID or parameter fields of the algorithmIdentifier
+	// structure and submit an infinite number of duplicate but slightly
+	// different looking certificates to a log. To avoid this directly
+	// compare the bytes of the two algorithmIdentifier structures
+	// and reject the certificate if they do not match.
+	if !tbsOnly && !bytes.Equal(in.SignatureAlgorithm.Raw, in.TBSCertificate.SignatureAlgorithm.Raw) {
+		return nil, errors.New("x509: mismatching signature algorithm identifiers")
+	}
+
 	out := new(Certificate)
 	out.Raw = in.Raw
 	out.RawTBSCertificate = in.TBSCertificate.Raw
@@ -2095,7 +2111,7 @@ func ParseTBSCertificate(asn1Data []byte) (*Certificate, error) {
 	}
 	ret, err := parseCertificate(&certificate{
 		Raw:            tbsCert.Raw,
-		TBSCertificate: tbsCert})
+		TBSCertificate: tbsCert}, true)
 	if err != nil {
 		errs, ok := err.(NonFatalErrors)
 		if !ok {
@@ -2127,7 +2143,7 @@ func ParseCertificate(asn1Data []byte) (*Certificate, error) {
 	if len(rest) > 0 {
 		return nil, asn1.SyntaxError{Msg: "trailing data"}
 	}
-	ret, err := parseCertificate(&cert)
+	ret, err := parseCertificate(&cert, false)
 	if err != nil {
 		errs, ok := err.(NonFatalErrors)
 		if !ok {
@@ -2166,7 +2182,7 @@ func ParseCertificates(asn1Data []byte) ([]*Certificate, error) {
 
 	ret := make([]*Certificate, len(v))
 	for i, ci := range v {
-		cert, err := parseCertificate(ci)
+		cert, err := parseCertificate(ci, false)
 		if err != nil {
 			errs, ok := err.(NonFatalErrors)
 			if !ok {
diff --git a/vendor/github.com/google/certificate-transparency-go/x509util/pem_cert_pool.go b/vendor/github.com/google/certificate-transparency-go/x509util/pem_cert_pool.go
index e419659fa9..c21bd65058 100644
--- a/vendor/github.com/google/certificate-transparency-go/x509util/pem_cert_pool.go
+++ b/vendor/github.com/google/certificate-transparency-go/x509util/pem_cert_pool.go
@@ -22,7 +22,6 @@ import (
 	"os"
 
 	"github.com/google/certificate-transparency-go/x509"
-	"k8s.io/klog/v2"
 )
 
 // String for certificate blocks in BEGIN / END PEM headers
@@ -80,7 +79,6 @@ func (p *PEMCertPool) AppendCertsFromPEM(pemCerts []byte) (ok bool) {
 
 		cert, err := x509.ParseCertificate(block.Bytes)
 		if x509.IsFatal(err) {
-			klog.Warningf("error parsing PEM certificate: %v", err)
 			return false
 		}
 
diff --git a/vendor/github.com/google/go-containerregistry/pkg/name/digest.go b/vendor/github.com/google/go-containerregistry/pkg/name/digest.go
index 28f6967ba7..5b8eb4ff46 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/name/digest.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/name/digest.go
@@ -17,6 +17,7 @@ package name
 import (
 	// nolint: depguard
 	_ "crypto/sha256" // Recommended by go-digest.
+	"encoding"
 	"encoding/json"
 	"strings"
 
@@ -32,8 +33,11 @@ type Digest struct {
 	original string
 }
 
-// Ensure Digest implements Reference
 var _ Reference = (*Digest)(nil)
+var _ encoding.TextMarshaler = (*Digest)(nil)
+var _ encoding.TextUnmarshaler = (*Digest)(nil)
+var _ json.Marshaler = (*Digest)(nil)
+var _ json.Unmarshaler = (*Digest)(nil)
 
 // Context implements Reference.
 func (d Digest) Context() Repository {
@@ -79,6 +83,21 @@ func (d *Digest) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
+// MarshalText formats the digest into a string for text serialization.
+func (d Digest) MarshalText() ([]byte, error) {
+	return []byte(d.String()), nil
+}
+
+// UnmarshalText parses a text string into a Digest.
+func (d *Digest) UnmarshalText(data []byte) error {
+	n, err := NewDigest(string(data))
+	if err != nil {
+		return err
+	}
+	*d = n
+	return nil
+}
+
 // NewDigest returns a new Digest representing the given name.
 func NewDigest(name string, opts ...Option) (Digest, error) {
 	// Split on "@"
diff --git a/vendor/github.com/google/go-containerregistry/pkg/name/registry.go b/vendor/github.com/google/go-containerregistry/pkg/name/registry.go
index 5b0d01769c..5e6b6e62a0 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/name/registry.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/name/registry.go
@@ -15,6 +15,8 @@
 package name
 
 import (
+	"encoding"
+	"encoding/json"
 	"net"
 	"net/url"
 	"path"
@@ -37,6 +39,11 @@ type Registry struct {
 	registry string
 }
 
+var _ encoding.TextMarshaler = (*Registry)(nil)
+var _ encoding.TextUnmarshaler = (*Registry)(nil)
+var _ json.Marshaler = (*Registry)(nil)
+var _ json.Unmarshaler = (*Registry)(nil)
+
 // RegistryStr returns the registry component of the Registry.
 func (r Registry) RegistryStr() string {
 	return r.registry
@@ -140,3 +147,33 @@ func NewInsecureRegistry(name string, opts ...Option) (Registry, error) {
 	opts = append(opts, Insecure)
 	return NewRegistry(name, opts...)
 }
+
+// MarshalJSON formats the Registry into a string for JSON serialization.
+func (r Registry) MarshalJSON() ([]byte, error) { return json.Marshal(r.String()) }
+
+// UnmarshalJSON parses a JSON string into a Registry.
+func (r *Registry) UnmarshalJSON(data []byte) error {
+	var s string
+	if err := json.Unmarshal(data, &s); err != nil {
+		return err
+	}
+	n, err := NewRegistry(s)
+	if err != nil {
+		return err
+	}
+	*r = n
+	return nil
+}
+
+// MarshalText formats the registry into a string for text serialization.
+func (r Registry) MarshalText() ([]byte, error) { return []byte(r.String()), nil }
+
+// UnmarshalText parses a text string into a Registry.
+func (r *Registry) UnmarshalText(data []byte) error {
+	n, err := NewRegistry(string(data))
+	if err != nil {
+		return err
+	}
+	*r = n
+	return nil
+}
diff --git a/vendor/github.com/google/go-containerregistry/pkg/name/repository.go b/vendor/github.com/google/go-containerregistry/pkg/name/repository.go
index 9250e36252..290797575e 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/name/repository.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/name/repository.go
@@ -15,6 +15,8 @@
 package name
 
 import (
+	"encoding"
+	"encoding/json"
 	"fmt"
 	"strings"
 )
@@ -31,6 +33,11 @@ type Repository struct {
 	repository string
 }
 
+var _ encoding.TextMarshaler = (*Repository)(nil)
+var _ encoding.TextUnmarshaler = (*Repository)(nil)
+var _ json.Marshaler = (*Repository)(nil)
+var _ json.Unmarshaler = (*Repository)(nil)
+
 // See https://docs.docker.com/docker-hub/official_repos
 func hasImplicitNamespace(repo string, reg Registry) bool {
 	return !strings.ContainsRune(repo, '/') && reg.RegistryStr() == DefaultRegistry
@@ -119,3 +126,33 @@ func (r Repository) Digest(identifier string) Digest {
 	d.original = d.Name()
 	return d
 }
+
+// MarshalJSON formats the Repository into a string for JSON serialization.
+func (r Repository) MarshalJSON() ([]byte, error) { return json.Marshal(r.String()) }
+
+// UnmarshalJSON parses a JSON string into a Repository.
+func (r *Repository) UnmarshalJSON(data []byte) error {
+	var s string
+	if err := json.Unmarshal(data, &s); err != nil {
+		return err
+	}
+	n, err := NewRepository(s)
+	if err != nil {
+		return err
+	}
+	*r = n
+	return nil
+}
+
+// MarshalText formats the repository name into a string for text serialization.
+func (r Repository) MarshalText() ([]byte, error) { return []byte(r.String()), nil }
+
+// UnmarshalText parses a text string into a Repository.
+func (r *Repository) UnmarshalText(data []byte) error {
+	n, err := NewRepository(string(data))
+	if err != nil {
+		return err
+	}
+	*r = n
+	return nil
+}
diff --git a/vendor/github.com/google/go-containerregistry/pkg/name/tag.go b/vendor/github.com/google/go-containerregistry/pkg/name/tag.go
index 66bd1bec3d..cfa923f59d 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/name/tag.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/name/tag.go
@@ -15,6 +15,8 @@
 package name
 
 import (
+	"encoding"
+	"encoding/json"
 	"strings"
 )
 
@@ -31,8 +33,11 @@ type Tag struct {
 	original string
 }
 
-// Ensure Tag implements Reference
 var _ Reference = (*Tag)(nil)
+var _ encoding.TextMarshaler = (*Tag)(nil)
+var _ encoding.TextUnmarshaler = (*Tag)(nil)
+var _ json.Marshaler = (*Tag)(nil)
+var _ json.Unmarshaler = (*Tag)(nil)
 
 // Context implements Reference.
 func (t Tag) Context() Repository {
@@ -80,6 +85,9 @@ func NewTag(name string, opts ...Option) (Tag, error) {
 	if len(parts) > 1 && !strings.Contains(parts[len(parts)-1], regRepoDelimiter) {
 		base = strings.Join(parts[:len(parts)-1], tagDelim)
 		tag = parts[len(parts)-1]
+		if tag == "" {
+			return Tag{}, newErrBadName("%s must specify a tag name after the colon", name)
+		}
 	}
 
 	// We don't require a tag, but if we get one check it's valid,
@@ -106,3 +114,33 @@ func NewTag(name string, opts ...Option) (Tag, error) {
 		original:   name,
 	}, nil
 }
+
+// MarshalJSON formats the Tag into a string for JSON serialization.
+func (t Tag) MarshalJSON() ([]byte, error) { return json.Marshal(t.String()) }
+
+// UnmarshalJSON parses a JSON string into a Tag.
+func (t *Tag) UnmarshalJSON(data []byte) error {
+	var s string
+	if err := json.Unmarshal(data, &s); err != nil {
+		return err
+	}
+	n, err := NewTag(s)
+	if err != nil {
+		return err
+	}
+	*t = n
+	return nil
+}
+
+// MarshalText formats the tag into a string for text serialization.
+func (t Tag) MarshalText() ([]byte, error) { return []byte(t.String()), nil }
+
+// UnmarshalText parses a text string into a Tag.
+func (t *Tag) UnmarshalText(data []byte) error {
+	n, err := NewTag(string(data))
+	if err != nil {
+		return err
+	}
+	*t = n
+	return nil
+}
diff --git a/vendor/github.com/google/go-containerregistry/pkg/v1/google/list.go b/vendor/github.com/google/go-containerregistry/pkg/v1/google/list.go
index 8a5906c235..cfb7143472 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/google/list.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/google/list.go
@@ -89,8 +89,8 @@ func newLister(repo name.Repository, options ...Option) (*lister, error) {
 
 func (l *lister) list(repo name.Repository) (*Tags, error) {
 	uri := &url.URL{
-		Scheme:   repo.Registry.Scheme(),
-		Host:     repo.Registry.RegistryStr(),
+		Scheme:   repo.Scheme(),
+		Host:     repo.RegistryStr(),
 		Path:     fmt.Sprintf("/v2/%s/tags/list", repo.RepositoryStr()),
 		RawQuery: "n=10000",
 	}
diff --git a/vendor/github.com/google/go-containerregistry/pkg/v1/hash.go b/vendor/github.com/google/go-containerregistry/pkg/v1/hash.go
index f78a5fa89e..d81593bd59 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/hash.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/hash.go
@@ -16,12 +16,12 @@ package v1
 
 import (
 	"crypto"
+	"encoding"
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"hash"
 	"io"
-	"strconv"
 	"strings"
 )
 
@@ -34,6 +34,11 @@ type Hash struct {
 	Hex string
 }
 
+var _ encoding.TextMarshaler = (*Hash)(nil)
+var _ encoding.TextUnmarshaler = (*Hash)(nil)
+var _ json.Marshaler = (*Hash)(nil)
+var _ json.Unmarshaler = (*Hash)(nil)
+
 // String reverses NewHash returning the string-form of the hash.
 func (h Hash) String() string {
 	return fmt.Sprintf("%s:%s", h.Algorithm, h.Hex)
@@ -49,14 +54,12 @@ func NewHash(s string) (Hash, error) {
 }
 
 // MarshalJSON implements json.Marshaler
-func (h Hash) MarshalJSON() ([]byte, error) {
-	return json.Marshal(h.String())
-}
+func (h Hash) MarshalJSON() ([]byte, error) { return json.Marshal(h.String()) }
 
 // UnmarshalJSON implements json.Unmarshaler
 func (h *Hash) UnmarshalJSON(data []byte) error {
-	s, err := strconv.Unquote(string(data))
-	if err != nil {
+	var s string
+	if err := json.Unmarshal(data, &s); err != nil {
 		return err
 	}
 	return h.parse(s)
@@ -64,15 +67,11 @@ func (h *Hash) UnmarshalJSON(data []byte) error {
 
 // MarshalText implements encoding.TextMarshaler. This is required to use
 // v1.Hash as a key in a map when marshalling JSON.
-func (h Hash) MarshalText() (text []byte, err error) {
-	return []byte(h.String()), nil
-}
+func (h Hash) MarshalText() ([]byte, error) { return []byte(h.String()), nil }
 
 // UnmarshalText implements encoding.TextUnmarshaler. This is required to use
 // v1.Hash as a key in a map when unmarshalling JSON.
-func (h *Hash) UnmarshalText(text []byte) error {
-	return h.parse(string(text))
-}
+func (h *Hash) UnmarshalText(text []byte) error { return h.parse(string(text)) }
 
 // Hasher returns a hash.Hash for the named algorithm (e.g. "sha256")
 func Hasher(name string) (hash.Hash, error) {
diff --git a/vendor/github.com/google/go-containerregistry/pkg/v1/layout/write.go b/vendor/github.com/google/go-containerregistry/pkg/v1/layout/write.go
index 19e4d1db8a..df583d029d 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/layout/write.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/layout/write.go
@@ -126,13 +126,13 @@ func (l Path) ReplaceIndex(ii v1.ImageIndex, matcher match.Matcher, options ...O
 
 // replaceDescriptor adds a descriptor to the index.json of the Path, replacing
 // any one matching matcher, if found.
-func (l Path) replaceDescriptor(append mutate.Appendable, matcher match.Matcher, options ...Option) error {
+func (l Path) replaceDescriptor(appendable mutate.Appendable, matcher match.Matcher, options ...Option) error {
 	ii, err := l.ImageIndex()
 	if err != nil {
 		return err
 	}
 
-	desc, err := partial.Descriptor(append)
+	desc, err := partial.Descriptor(appendable)
 	if err != nil {
 		return err
 	}
@@ -143,7 +143,7 @@ func (l Path) replaceDescriptor(append mutate.Appendable, matcher match.Matcher,
 	}
 
 	add := mutate.IndexAddendum{
-		Add:        append,
+		Add:        appendable,
 		Descriptor: *desc,
 	}
 	ii = mutate.AppendManifests(mutate.RemoveManifests(ii, matcher), add)
diff --git a/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/index.go b/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/index.go
index 512effef67..a6fdaceed5 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/index.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/index.go
@@ -35,26 +35,26 @@ func computeDescriptor(ia IndexAddendum) (*v1.Descriptor, error) {
 	}
 
 	// The IndexAddendum allows overriding Descriptor values.
-	if ia.Descriptor.Size != 0 {
-		desc.Size = ia.Descriptor.Size
+	if ia.Size != 0 {
+		desc.Size = ia.Size
 	}
-	if string(ia.Descriptor.MediaType) != "" {
-		desc.MediaType = ia.Descriptor.MediaType
+	if string(ia.MediaType) != "" {
+		desc.MediaType = ia.MediaType
 	}
-	if ia.Descriptor.Digest != (v1.Hash{}) {
-		desc.Digest = ia.Descriptor.Digest
+	if ia.Digest != (v1.Hash{}) {
+		desc.Digest = ia.Digest
 	}
-	if ia.Descriptor.Platform != nil {
-		desc.Platform = ia.Descriptor.Platform
+	if ia.Platform != nil {
+		desc.Platform = ia.Platform
 	}
-	if len(ia.Descriptor.URLs) != 0 {
-		desc.URLs = ia.Descriptor.URLs
+	if len(ia.URLs) != 0 {
+		desc.URLs = ia.URLs
 	}
-	if len(ia.Descriptor.Annotations) != 0 {
-		desc.Annotations = ia.Descriptor.Annotations
+	if len(ia.Annotations) != 0 {
+		desc.Annotations = ia.Annotations
 	}
-	if ia.Descriptor.Data != nil {
-		desc.Data = ia.Descriptor.Data
+	if ia.Data != nil {
+		desc.Data = ia.Data
 	}
 
 	return desc, nil
diff --git a/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/mutate.go b/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/mutate.go
index 4207740c35..c044796004 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/mutate.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/mutate.go
@@ -328,7 +328,7 @@ func extract(img v1.Image, w io.Writer) error {
 
 			// mark file as handled. non-directory implicitly tombstones
 			// any entries with a matching (or child) name
-			fileMap[name] = tombstone || !(header.Typeflag == tar.TypeDir)
+			fileMap[name] = tombstone || (header.Typeflag != tar.TypeDir)
 			if !tombstone {
 				if err := tarWriter.WriteHeader(header); err != nil {
 					return err
@@ -345,10 +345,7 @@ func extract(img v1.Image, w io.Writer) error {
 }
 
 func inWhiteoutDir(fileMap map[string]bool, file string) bool {
-	for {
-		if file == "" {
-			break
-		}
+	for file != "" {
 		dirname := filepath.Dir(file)
 		if file == dirname {
 			break
@@ -361,13 +358,6 @@ func inWhiteoutDir(fileMap map[string]bool, file string) bool {
 	return false
 }
 
-func max(a, b int) int {
-	if a > b {
-		return a
-	}
-	return b
-}
-
 // Time sets all timestamps in an image to the given timestamp.
 func Time(img v1.Image, t time.Time) (v1.Image, error) {
 	newImage := empty.Image
diff --git a/vendor/github.com/google/go-containerregistry/pkg/v1/remote/pusher.go b/vendor/github.com/google/go-containerregistry/pkg/v1/remote/pusher.go
index 332d8ca0ad..47e3b806ee 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/remote/pusher.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/remote/pusher.go
@@ -162,7 +162,7 @@ func (p *Pusher) Delete(ctx context.Context, ref name.Reference) error {
 	}
 
 	u := url.URL{
-		Scheme: ref.Context().Registry.Scheme(),
+		Scheme: ref.Context().Scheme(),
 		Host:   ref.Context().RegistryStr(),
 		Path:   fmt.Sprintf("/v2/%s/manifests/%s", ref.Context().RepositoryStr(), ref.Identifier()),
 	}
diff --git a/vendor/github.com/google/go-containerregistry/pkg/v1/remote/write.go b/vendor/github.com/google/go-containerregistry/pkg/v1/remote/write.go
index 1167cb793a..94d207de1a 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/remote/write.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/remote/write.go
@@ -101,7 +101,7 @@ func makeWriter(ctx context.Context, repo name.Repository, ls []v1.Layer, o *opt
 // url returns a url.Url for the specified path in the context of this remote image reference.
 func (w *writer) url(path string) url.URL {
 	return url.URL{
-		Scheme: w.repo.Registry.Scheme(),
+		Scheme: w.repo.Scheme(),
 		Host:   w.repo.RegistryStr(),
 		Path:   path,
 	}
@@ -394,7 +394,7 @@ func (w *writer) uploadOne(ctx context.Context, l v1.Layer) error {
 			return err
 		}
 		smt := string(mt)
-		if !(strings.HasSuffix(smt, "+json") || strings.HasSuffix(smt, "+yaml")) {
+		if !strings.HasSuffix(smt, "+json") && !strings.HasSuffix(smt, "+yaml") {
 			ctx = redact.NewContext(ctx, "omitting binary blobs from logs")
 		}
 
diff --git a/vendor/github.com/google/go-github/v55/github/actions_required_workflows.go b/vendor/github.com/google/go-github/v55/github/actions_required_workflows.go
deleted file mode 100644
index 3566eb9d20..0000000000
--- a/vendor/github.com/google/go-github/v55/github/actions_required_workflows.go
+++ /dev/null
@@ -1,247 +0,0 @@
-// Copyright 2023 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// OrgRequiredWorkflow represents a required workflow object at the org level.
-type OrgRequiredWorkflow struct {
-	ID                      *int64      `json:"id,omitempty"`
-	Name                    *string     `json:"name,omitempty"`
-	Path                    *string     `json:"path,omitempty"`
-	Scope                   *string     `json:"scope,omitempty"`
-	Ref                     *string     `json:"ref,omitempty"`
-	State                   *string     `json:"state,omitempty"`
-	SelectedRepositoriesURL *string     `json:"selected_repositories_url,omitempty"`
-	CreatedAt               *Timestamp  `json:"created_at,omitempty"`
-	UpdatedAt               *Timestamp  `json:"updated_at,omitempty"`
-	Repository              *Repository `json:"repository,omitempty"`
-}
-
-// OrgRequiredWorkflows represents the required workflows for the org.
-type OrgRequiredWorkflows struct {
-	TotalCount        *int                   `json:"total_count,omitempty"`
-	RequiredWorkflows []*OrgRequiredWorkflow `json:"required_workflows,omitempty"`
-}
-
-// CreateUpdateRequiredWorkflowOptions represents the input object used to create or update required workflows.
-type CreateUpdateRequiredWorkflowOptions struct {
-	WorkflowFilePath      *string          `json:"workflow_file_path,omitempty"`
-	RepositoryID          *int64           `json:"repository_id,omitempty"`
-	Scope                 *string          `json:"scope,omitempty"`
-	SelectedRepositoryIDs *SelectedRepoIDs `json:"selected_repository_ids,omitempty"`
-}
-
-// RequiredWorkflowSelectedRepos represents the repos that a required workflow is applied to.
-type RequiredWorkflowSelectedRepos struct {
-	TotalCount   *int          `json:"total_count,omitempty"`
-	Repositories []*Repository `json:"repositories,omitempty"`
-}
-
-// RepoRequiredWorkflow represents a required workflow object at the repo level.
-type RepoRequiredWorkflow struct {
-	ID               *int64      `json:"id,omitempty"`
-	NodeID           *string     `json:"node_id,omitempty"`
-	Name             *string     `json:"name,omitempty"`
-	Path             *string     `json:"path,omitempty"`
-	State            *string     `json:"state,omitempty"`
-	URL              *string     `json:"url,omitempty"`
-	HTMLURL          *string     `json:"html_url,omitempty"`
-	BadgeURL         *string     `json:"badge_url,omitempty"`
-	CreatedAt        *Timestamp  `json:"created_at,omitempty"`
-	UpdatedAt        *Timestamp  `json:"updated_at,omitempty"`
-	SourceRepository *Repository `json:"source_repository,omitempty"`
-}
-
-// RepoRequiredWorkflows represents the required workflows for a repo.
-type RepoRequiredWorkflows struct {
-	TotalCount        *int                    `json:"total_count,omitempty"`
-	RequiredWorkflows []*RepoRequiredWorkflow `json:"required_workflows,omitempty"`
-}
-
-// ListOrgRequiredWorkflows lists the RequiredWorkflows for an org.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/required-workflows?apiVersion=2022-11-28#list-required-workflows
-func (s *ActionsService) ListOrgRequiredWorkflows(ctx context.Context, org string, opts *ListOptions) (*OrgRequiredWorkflows, *Response, error) {
-	url := fmt.Sprintf("orgs/%v/actions/required_workflows", org)
-	u, err := addOptions(url, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	requiredWorkflows := new(OrgRequiredWorkflows)
-	resp, err := s.client.Do(ctx, req, &requiredWorkflows)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return requiredWorkflows, resp, nil
-}
-
-// CreateRequiredWorkflow creates the required workflow in an org.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/required-workflows?apiVersion=2022-11-28#create-a-required-workflow
-func (s *ActionsService) CreateRequiredWorkflow(ctx context.Context, org string, createRequiredWorkflowOptions *CreateUpdateRequiredWorkflowOptions) (*OrgRequiredWorkflow, *Response, error) {
-	url := fmt.Sprintf("orgs/%v/actions/required_workflows", org)
-	req, err := s.client.NewRequest("POST", url, createRequiredWorkflowOptions)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	orgRequiredWorkflow := new(OrgRequiredWorkflow)
-	resp, err := s.client.Do(ctx, req, orgRequiredWorkflow)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return orgRequiredWorkflow, resp, nil
-}
-
-// GetRequiredWorkflowByID get the RequiredWorkflows for an org by its ID.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/required-workflows?apiVersion=2022-11-28#list-required-workflows
-func (s *ActionsService) GetRequiredWorkflowByID(ctx context.Context, owner string, requiredWorkflowID int64) (*OrgRequiredWorkflow, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/required_workflows/%v", owner, requiredWorkflowID)
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	requiredWorkflow := new(OrgRequiredWorkflow)
-	resp, err := s.client.Do(ctx, req, &requiredWorkflow)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return requiredWorkflow, resp, nil
-}
-
-// UpdateRequiredWorkflow updates a required workflow in an org.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/required-workflows?apiVersion=2022-11-28#update-a-required-workflow
-func (s *ActionsService) UpdateRequiredWorkflow(ctx context.Context, org string, requiredWorkflowID int64, updateRequiredWorkflowOptions *CreateUpdateRequiredWorkflowOptions) (*OrgRequiredWorkflow, *Response, error) {
-	url := fmt.Sprintf("orgs/%v/actions/required_workflows/%v", org, requiredWorkflowID)
-	req, err := s.client.NewRequest("PATCH", url, updateRequiredWorkflowOptions)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	orgRequiredWorkflow := new(OrgRequiredWorkflow)
-	resp, err := s.client.Do(ctx, req, orgRequiredWorkflow)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return orgRequiredWorkflow, resp, nil
-}
-
-// DeleteRequiredWorkflow deletes a required workflow in an org.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/required-workflows?apiVersion=2022-11-28#update-a-required-workflow
-func (s *ActionsService) DeleteRequiredWorkflow(ctx context.Context, org string, requiredWorkflowID int64) (*Response, error) {
-	url := fmt.Sprintf("orgs/%v/actions/required_workflows/%v", org, requiredWorkflowID)
-	req, err := s.client.NewRequest("DELETE", url, nil)
-	if err != nil {
-		return nil, err
-	}
-	return s.client.Do(ctx, req, nil)
-}
-
-// ListRequiredWorkflowSelectedRepos lists the Repositories selected for a workflow.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/required-workflows?apiVersion=2022-11-28#list-selected-repositories-for-a-required-workflow
-func (s *ActionsService) ListRequiredWorkflowSelectedRepos(ctx context.Context, org string, requiredWorkflowID int64, opts *ListOptions) (*RequiredWorkflowSelectedRepos, *Response, error) {
-	url := fmt.Sprintf("orgs/%v/actions/required_workflows/%v/repositories", org, requiredWorkflowID)
-	u, err := addOptions(url, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	requiredWorkflowRepos := new(RequiredWorkflowSelectedRepos)
-	resp, err := s.client.Do(ctx, req, &requiredWorkflowRepos)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return requiredWorkflowRepos, resp, nil
-}
-
-// SetRequiredWorkflowSelectedRepos sets the Repositories selected for a workflow.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/required-workflows?apiVersion=2022-11-28#sets-repositories-for-a-required-workflow
-func (s *ActionsService) SetRequiredWorkflowSelectedRepos(ctx context.Context, org string, requiredWorkflowID int64, ids SelectedRepoIDs) (*Response, error) {
-	type repoIDs struct {
-		SelectedIDs SelectedRepoIDs `json:"selected_repository_ids"`
-	}
-	url := fmt.Sprintf("orgs/%v/actions/required_workflows/%v/repositories", org, requiredWorkflowID)
-	req, err := s.client.NewRequest("PUT", url, repoIDs{SelectedIDs: ids})
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// AddRepoToRequiredWorkflow adds the Repository to a required workflow.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/required-workflows?apiVersion=2022-11-28#add-a-repository-to-a-required-workflow
-func (s *ActionsService) AddRepoToRequiredWorkflow(ctx context.Context, org string, requiredWorkflowID, repoID int64) (*Response, error) {
-	url := fmt.Sprintf("orgs/%v/actions/required_workflows/%v/repositories/%v", org, requiredWorkflowID, repoID)
-	req, err := s.client.NewRequest("PUT", url, nil)
-	if err != nil {
-		return nil, err
-	}
-	return s.client.Do(ctx, req, nil)
-}
-
-// RemoveRepoFromRequiredWorkflow removes the Repository from a required workflow.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/required-workflows?apiVersion=2022-11-28#add-a-repository-to-a-required-workflow
-func (s *ActionsService) RemoveRepoFromRequiredWorkflow(ctx context.Context, org string, requiredWorkflowID, repoID int64) (*Response, error) {
-	url := fmt.Sprintf("orgs/%v/actions/required_workflows/%v/repositories/%v", org, requiredWorkflowID, repoID)
-	req, err := s.client.NewRequest("DELETE", url, nil)
-	if err != nil {
-		return nil, err
-	}
-	return s.client.Do(ctx, req, nil)
-}
-
-// ListRepoRequiredWorkflows lists the RequiredWorkflows for a repo.
-//
-// Github API docs:https://docs.github.com/en/rest/actions/required-workflows?apiVersion=2022-11-28#list-repository-required-workflows
-func (s *ActionsService) ListRepoRequiredWorkflows(ctx context.Context, owner, repo string, opts *ListOptions) (*RepoRequiredWorkflows, *Response, error) {
-	url := fmt.Sprintf("repos/%v/%v/actions/required_workflows", owner, repo)
-	u, err := addOptions(url, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	requiredWorkflows := new(RepoRequiredWorkflows)
-	resp, err := s.client.Do(ctx, req, &requiredWorkflows)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return requiredWorkflows, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/actions_workflow_runs.go b/vendor/github.com/google/go-github/v55/github/actions_workflow_runs.go
deleted file mode 100644
index 0022108611..0000000000
--- a/vendor/github.com/google/go-github/v55/github/actions_workflow_runs.go
+++ /dev/null
@@ -1,373 +0,0 @@
-// Copyright 2020 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-	"net/http"
-	"net/url"
-)
-
-// WorkflowRun represents a repository action workflow run.
-type WorkflowRun struct {
-	ID                 *int64         `json:"id,omitempty"`
-	Name               *string        `json:"name,omitempty"`
-	NodeID             *string        `json:"node_id,omitempty"`
-	HeadBranch         *string        `json:"head_branch,omitempty"`
-	HeadSHA            *string        `json:"head_sha,omitempty"`
-	RunNumber          *int           `json:"run_number,omitempty"`
-	RunAttempt         *int           `json:"run_attempt,omitempty"`
-	Event              *string        `json:"event,omitempty"`
-	DisplayTitle       *string        `json:"display_title,omitempty"`
-	Status             *string        `json:"status,omitempty"`
-	Conclusion         *string        `json:"conclusion,omitempty"`
-	WorkflowID         *int64         `json:"workflow_id,omitempty"`
-	CheckSuiteID       *int64         `json:"check_suite_id,omitempty"`
-	CheckSuiteNodeID   *string        `json:"check_suite_node_id,omitempty"`
-	URL                *string        `json:"url,omitempty"`
-	HTMLURL            *string        `json:"html_url,omitempty"`
-	PullRequests       []*PullRequest `json:"pull_requests,omitempty"`
-	CreatedAt          *Timestamp     `json:"created_at,omitempty"`
-	UpdatedAt          *Timestamp     `json:"updated_at,omitempty"`
-	RunStartedAt       *Timestamp     `json:"run_started_at,omitempty"`
-	JobsURL            *string        `json:"jobs_url,omitempty"`
-	LogsURL            *string        `json:"logs_url,omitempty"`
-	CheckSuiteURL      *string        `json:"check_suite_url,omitempty"`
-	ArtifactsURL       *string        `json:"artifacts_url,omitempty"`
-	CancelURL          *string        `json:"cancel_url,omitempty"`
-	RerunURL           *string        `json:"rerun_url,omitempty"`
-	PreviousAttemptURL *string        `json:"previous_attempt_url,omitempty"`
-	HeadCommit         *HeadCommit    `json:"head_commit,omitempty"`
-	WorkflowURL        *string        `json:"workflow_url,omitempty"`
-	Repository         *Repository    `json:"repository,omitempty"`
-	HeadRepository     *Repository    `json:"head_repository,omitempty"`
-	Actor              *User          `json:"actor,omitempty"`
-	TriggeringActor    *User          `json:"triggering_actor,omitempty"`
-}
-
-// WorkflowRuns represents a slice of repository action workflow run.
-type WorkflowRuns struct {
-	TotalCount   *int           `json:"total_count,omitempty"`
-	WorkflowRuns []*WorkflowRun `json:"workflow_runs,omitempty"`
-}
-
-// ListWorkflowRunsOptions specifies optional parameters to ListWorkflowRuns.
-type ListWorkflowRunsOptions struct {
-	Actor               string `url:"actor,omitempty"`
-	Branch              string `url:"branch,omitempty"`
-	Event               string `url:"event,omitempty"`
-	Status              string `url:"status,omitempty"`
-	Created             string `url:"created,omitempty"`
-	HeadSHA             string `url:"head_sha,omitempty"`
-	ExcludePullRequests bool   `url:"exclude_pull_requests,omitempty"`
-	CheckSuiteID        int64  `url:"check_suite_id,omitempty"`
-	ListOptions
-}
-
-// WorkflowRunUsage represents a usage of a specific workflow run.
-type WorkflowRunUsage struct {
-	Billable      *WorkflowRunBillMap `json:"billable,omitempty"`
-	RunDurationMS *int64              `json:"run_duration_ms,omitempty"`
-}
-
-// WorkflowRunBillMap represents different runner environments available for a workflow run.
-// Its key is the name of its environment, e.g. "UBUNTU", "MACOS", "WINDOWS", etc.
-type WorkflowRunBillMap map[string]*WorkflowRunBill
-
-// WorkflowRunBill specifies billable time for a specific environment in a workflow run.
-type WorkflowRunBill struct {
-	TotalMS *int64               `json:"total_ms,omitempty"`
-	Jobs    *int                 `json:"jobs,omitempty"`
-	JobRuns []*WorkflowRunJobRun `json:"job_runs,omitempty"`
-}
-
-// WorkflowRunJobRun represents a usage of individual jobs of a specific workflow run.
-type WorkflowRunJobRun struct {
-	JobID      *int   `json:"job_id,omitempty"`
-	DurationMS *int64 `json:"duration_ms,omitempty"`
-}
-
-// WorkflowRunAttemptOptions specifies optional parameters to GetWorkflowRunAttempt.
-type WorkflowRunAttemptOptions struct {
-	ExcludePullRequests *bool `url:"exclude_pull_requests,omitempty"`
-}
-
-// PendingDeploymentsRequest specifies body parameters to PendingDeployments.
-type PendingDeploymentsRequest struct {
-	EnvironmentIDs []int64 `json:"environment_ids"`
-	// State can be one of: "approved", "rejected".
-	State   string `json:"state"`
-	Comment string `json:"comment"`
-}
-
-func (s *ActionsService) listWorkflowRuns(ctx context.Context, endpoint string, opts *ListWorkflowRunsOptions) (*WorkflowRuns, *Response, error) {
-	u, err := addOptions(endpoint, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	runs := new(WorkflowRuns)
-	resp, err := s.client.Do(ctx, req, &runs)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return runs, resp, nil
-}
-
-// ListWorkflowRunsByID lists all workflow runs by workflow ID.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#list-workflow-runs
-func (s *ActionsService) ListWorkflowRunsByID(ctx context.Context, owner, repo string, workflowID int64, opts *ListWorkflowRunsOptions) (*WorkflowRuns, *Response, error) {
-	u := fmt.Sprintf("repos/%s/%s/actions/workflows/%v/runs", owner, repo, workflowID)
-	return s.listWorkflowRuns(ctx, u, opts)
-}
-
-// ListWorkflowRunsByFileName lists all workflow runs by workflow file name.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#list-workflow-runs
-func (s *ActionsService) ListWorkflowRunsByFileName(ctx context.Context, owner, repo, workflowFileName string, opts *ListWorkflowRunsOptions) (*WorkflowRuns, *Response, error) {
-	u := fmt.Sprintf("repos/%s/%s/actions/workflows/%v/runs", owner, repo, workflowFileName)
-	return s.listWorkflowRuns(ctx, u, opts)
-}
-
-// ListRepositoryWorkflowRuns lists all workflow runs for a repository.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#list-workflow-runs-for-a-repository
-func (s *ActionsService) ListRepositoryWorkflowRuns(ctx context.Context, owner, repo string, opts *ListWorkflowRunsOptions) (*WorkflowRuns, *Response, error) {
-	u := fmt.Sprintf("repos/%s/%s/actions/runs", owner, repo)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	runs := new(WorkflowRuns)
-	resp, err := s.client.Do(ctx, req, &runs)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return runs, resp, nil
-}
-
-// GetWorkflowRunByID gets a specific workflow run by ID.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#get-a-workflow-run
-func (s *ActionsService) GetWorkflowRunByID(ctx context.Context, owner, repo string, runID int64) (*WorkflowRun, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v", owner, repo, runID)
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	run := new(WorkflowRun)
-	resp, err := s.client.Do(ctx, req, run)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return run, resp, nil
-}
-
-// GetWorkflowRunAttempt gets a specific workflow run attempt.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#get-a-workflow-run-attempt
-func (s *ActionsService) GetWorkflowRunAttempt(ctx context.Context, owner, repo string, runID int64, attemptNumber int, opts *WorkflowRunAttemptOptions) (*WorkflowRun, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/attempts/%v", owner, repo, runID, attemptNumber)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	run := new(WorkflowRun)
-	resp, err := s.client.Do(ctx, req, run)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return run, resp, nil
-}
-
-// GetWorkflowRunAttemptLogs gets a redirect URL to download a plain text file of logs for a workflow run for attempt number.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#download-workflow-run-attempt-logs
-func (s *ActionsService) GetWorkflowRunAttemptLogs(ctx context.Context, owner, repo string, runID int64, attemptNumber int, followRedirects bool) (*url.URL, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/attempts/%v/logs", owner, repo, runID, attemptNumber)
-
-	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, followRedirects)
-	if err != nil {
-		return nil, nil, err
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode != http.StatusFound {
-		return nil, newResponse(resp), fmt.Errorf("unexpected status code: %s", resp.Status)
-	}
-
-	parsedURL, err := url.Parse(resp.Header.Get("Location"))
-	return parsedURL, newResponse(resp), err
-}
-
-// RerunWorkflowByID re-runs a workflow by ID.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#re-run-a-workflow
-func (s *ActionsService) RerunWorkflowByID(ctx context.Context, owner, repo string, runID int64) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/rerun", owner, repo, runID)
-
-	req, err := s.client.NewRequest("POST", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// RerunFailedJobsByID re-runs all of the failed jobs and their dependent jobs in a workflow run by ID.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#re-run-failed-jobs-from-a-workflow-run
-func (s *ActionsService) RerunFailedJobsByID(ctx context.Context, owner, repo string, runID int64) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/rerun-failed-jobs", owner, repo, runID)
-
-	req, err := s.client.NewRequest("POST", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// RerunJobByID re-runs a job and its dependent jobs in a workflow run by ID.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#re-run-a-job-from-a-workflow-run
-func (s *ActionsService) RerunJobByID(ctx context.Context, owner, repo string, jobID int64) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/jobs/%v/rerun", owner, repo, jobID)
-
-	req, err := s.client.NewRequest("POST", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// CancelWorkflowRunByID cancels a workflow run by ID.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#cancel-a-workflow-run
-func (s *ActionsService) CancelWorkflowRunByID(ctx context.Context, owner, repo string, runID int64) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/cancel", owner, repo, runID)
-
-	req, err := s.client.NewRequest("POST", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// GetWorkflowRunLogs gets a redirect URL to download a plain text file of logs for a workflow run.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#download-workflow-run-logs
-func (s *ActionsService) GetWorkflowRunLogs(ctx context.Context, owner, repo string, runID int64, followRedirects bool) (*url.URL, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/logs", owner, repo, runID)
-
-	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, followRedirects)
-	if err != nil {
-		return nil, nil, err
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode != http.StatusFound {
-		return nil, newResponse(resp), fmt.Errorf("unexpected status code: %s", resp.Status)
-	}
-
-	parsedURL, err := url.Parse(resp.Header.Get("Location"))
-	return parsedURL, newResponse(resp), err
-}
-
-// DeleteWorkflowRun deletes a workflow run by ID.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#delete-a-workflow-run
-func (s *ActionsService) DeleteWorkflowRun(ctx context.Context, owner, repo string, runID int64) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v", owner, repo, runID)
-
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// DeleteWorkflowRunLogs deletes all logs for a workflow run.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#delete-workflow-run-logs
-func (s *ActionsService) DeleteWorkflowRunLogs(ctx context.Context, owner, repo string, runID int64) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/logs", owner, repo, runID)
-
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// GetWorkflowRunUsageByID gets a specific workflow usage run by run ID in the unit of billable milliseconds.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#get-workflow-run-usage
-func (s *ActionsService) GetWorkflowRunUsageByID(ctx context.Context, owner, repo string, runID int64) (*WorkflowRunUsage, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/timing", owner, repo, runID)
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	workflowRunUsage := new(WorkflowRunUsage)
-	resp, err := s.client.Do(ctx, req, workflowRunUsage)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return workflowRunUsage, resp, nil
-}
-
-// PendingDeployments approve or reject pending deployments that are waiting on approval by a required reviewer.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-runs#review-pending-deployments-for-a-workflow-run
-func (s *ActionsService) PendingDeployments(ctx context.Context, owner, repo string, runID int64, request *PendingDeploymentsRequest) ([]*Deployment, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/pending_deployments", owner, repo, runID)
-
-	req, err := s.client.NewRequest("POST", u, request)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var deployments []*Deployment
-	resp, err := s.client.Do(ctx, req, &deployments)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return deployments, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/apps.go b/vendor/github.com/google/go-github/v55/github/apps.go
deleted file mode 100644
index ab83d59ab2..0000000000
--- a/vendor/github.com/google/go-github/v55/github/apps.go
+++ /dev/null
@@ -1,359 +0,0 @@
-// Copyright 2016 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// AppsService provides access to the installation related functions
-// in the GitHub API.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/
-type AppsService service
-
-// App represents a GitHub App.
-type App struct {
-	ID                 *int64                   `json:"id,omitempty"`
-	Slug               *string                  `json:"slug,omitempty"`
-	NodeID             *string                  `json:"node_id,omitempty"`
-	Owner              *User                    `json:"owner,omitempty"`
-	Name               *string                  `json:"name,omitempty"`
-	Description        *string                  `json:"description,omitempty"`
-	ExternalURL        *string                  `json:"external_url,omitempty"`
-	HTMLURL            *string                  `json:"html_url,omitempty"`
-	CreatedAt          *Timestamp               `json:"created_at,omitempty"`
-	UpdatedAt          *Timestamp               `json:"updated_at,omitempty"`
-	Permissions        *InstallationPermissions `json:"permissions,omitempty"`
-	Events             []string                 `json:"events,omitempty"`
-	InstallationsCount *int                     `json:"installations_count,omitempty"`
-}
-
-// InstallationToken represents an installation token.
-type InstallationToken struct {
-	Token        *string                  `json:"token,omitempty"`
-	ExpiresAt    *Timestamp               `json:"expires_at,omitempty"`
-	Permissions  *InstallationPermissions `json:"permissions,omitempty"`
-	Repositories []*Repository            `json:"repositories,omitempty"`
-}
-
-// InstallationTokenOptions allow restricting a token's access to specific repositories.
-type InstallationTokenOptions struct {
-	// The IDs of the repositories that the installation token can access.
-	// Providing repository IDs restricts the access of an installation token to specific repositories.
-	RepositoryIDs []int64 `json:"repository_ids,omitempty"`
-
-	// The names of the repositories that the installation token can access.
-	// Providing repository names restricts the access of an installation token to specific repositories.
-	Repositories []string `json:"repositories,omitempty"`
-
-	// The permissions granted to the access token.
-	// The permissions object includes the permission names and their access type.
-	Permissions *InstallationPermissions `json:"permissions,omitempty"`
-}
-
-// InstallationPermissions lists the repository and organization permissions for an installation.
-//
-// Permission names taken from:
-//
-//	https://docs.github.com/en/enterprise-server@3.0/rest/apps#create-an-installation-access-token-for-an-app
-//	https://docs.github.com/en/rest/apps#create-an-installation-access-token-for-an-app
-type InstallationPermissions struct {
-	Actions                       *string `json:"actions,omitempty"`
-	Administration                *string `json:"administration,omitempty"`
-	Blocking                      *string `json:"blocking,omitempty"`
-	Checks                        *string `json:"checks,omitempty"`
-	Contents                      *string `json:"contents,omitempty"`
-	ContentReferences             *string `json:"content_references,omitempty"`
-	Deployments                   *string `json:"deployments,omitempty"`
-	Emails                        *string `json:"emails,omitempty"`
-	Environments                  *string `json:"environments,omitempty"`
-	Followers                     *string `json:"followers,omitempty"`
-	Issues                        *string `json:"issues,omitempty"`
-	Metadata                      *string `json:"metadata,omitempty"`
-	Members                       *string `json:"members,omitempty"`
-	OrganizationAdministration    *string `json:"organization_administration,omitempty"`
-	OrganizationCustomRoles       *string `json:"organization_custom_roles,omitempty"`
-	OrganizationHooks             *string `json:"organization_hooks,omitempty"`
-	OrganizationPackages          *string `json:"organization_packages,omitempty"`
-	OrganizationPlan              *string `json:"organization_plan,omitempty"`
-	OrganizationPreReceiveHooks   *string `json:"organization_pre_receive_hooks,omitempty"`
-	OrganizationProjects          *string `json:"organization_projects,omitempty"`
-	OrganizationSecrets           *string `json:"organization_secrets,omitempty"`
-	OrganizationSelfHostedRunners *string `json:"organization_self_hosted_runners,omitempty"`
-	OrganizationUserBlocking      *string `json:"organization_user_blocking,omitempty"`
-	Packages                      *string `json:"packages,omitempty"`
-	Pages                         *string `json:"pages,omitempty"`
-	PullRequests                  *string `json:"pull_requests,omitempty"`
-	RepositoryHooks               *string `json:"repository_hooks,omitempty"`
-	RepositoryProjects            *string `json:"repository_projects,omitempty"`
-	RepositoryPreReceiveHooks     *string `json:"repository_pre_receive_hooks,omitempty"`
-	Secrets                       *string `json:"secrets,omitempty"`
-	SecretScanningAlerts          *string `json:"secret_scanning_alerts,omitempty"`
-	SecurityEvents                *string `json:"security_events,omitempty"`
-	SingleFile                    *string `json:"single_file,omitempty"`
-	Statuses                      *string `json:"statuses,omitempty"`
-	TeamDiscussions               *string `json:"team_discussions,omitempty"`
-	VulnerabilityAlerts           *string `json:"vulnerability_alerts,omitempty"`
-	Workflows                     *string `json:"workflows,omitempty"`
-}
-
-// Installation represents a GitHub Apps installation.
-type Installation struct {
-	ID                     *int64                   `json:"id,omitempty"`
-	NodeID                 *string                  `json:"node_id,omitempty"`
-	AppID                  *int64                   `json:"app_id,omitempty"`
-	AppSlug                *string                  `json:"app_slug,omitempty"`
-	TargetID               *int64                   `json:"target_id,omitempty"`
-	Account                *User                    `json:"account,omitempty"`
-	AccessTokensURL        *string                  `json:"access_tokens_url,omitempty"`
-	RepositoriesURL        *string                  `json:"repositories_url,omitempty"`
-	HTMLURL                *string                  `json:"html_url,omitempty"`
-	TargetType             *string                  `json:"target_type,omitempty"`
-	SingleFileName         *string                  `json:"single_file_name,omitempty"`
-	RepositorySelection    *string                  `json:"repository_selection,omitempty"`
-	Events                 []string                 `json:"events,omitempty"`
-	SingleFilePaths        []string                 `json:"single_file_paths,omitempty"`
-	Permissions            *InstallationPermissions `json:"permissions,omitempty"`
-	CreatedAt              *Timestamp               `json:"created_at,omitempty"`
-	UpdatedAt              *Timestamp               `json:"updated_at,omitempty"`
-	HasMultipleSingleFiles *bool                    `json:"has_multiple_single_files,omitempty"`
-	SuspendedBy            *User                    `json:"suspended_by,omitempty"`
-	SuspendedAt            *Timestamp               `json:"suspended_at,omitempty"`
-}
-
-// Attachment represents a GitHub Apps attachment.
-type Attachment struct {
-	ID    *int64  `json:"id,omitempty"`
-	Title *string `json:"title,omitempty"`
-	Body  *string `json:"body,omitempty"`
-}
-
-// ContentReference represents a reference to a URL in an issue or pull request.
-type ContentReference struct {
-	ID        *int64  `json:"id,omitempty"`
-	NodeID    *string `json:"node_id,omitempty"`
-	Reference *string `json:"reference,omitempty"`
-}
-
-func (i Installation) String() string {
-	return Stringify(i)
-}
-
-// Get a single GitHub App. Passing the empty string will get
-// the authenticated GitHub App.
-//
-// Note: appSlug is just the URL-friendly name of your GitHub App.
-// You can find this on the settings page for your GitHub App
-// (e.g., https://github.com/settings/apps/:app_slug).
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#get-the-authenticated-app
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#get-an-app
-func (s *AppsService) Get(ctx context.Context, appSlug string) (*App, *Response, error) {
-	var u string
-	if appSlug != "" {
-		u = fmt.Sprintf("apps/%v", appSlug)
-	} else {
-		u = "app"
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	app := new(App)
-	resp, err := s.client.Do(ctx, req, app)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return app, resp, nil
-}
-
-// ListInstallations lists the installations that the current GitHub App has.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#list-installations-for-the-authenticated-app
-func (s *AppsService) ListInstallations(ctx context.Context, opts *ListOptions) ([]*Installation, *Response, error) {
-	u, err := addOptions("app/installations", opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var i []*Installation
-	resp, err := s.client.Do(ctx, req, &i)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return i, resp, nil
-}
-
-// GetInstallation returns the specified installation.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#get-an-installation-for-the-authenticated-app
-func (s *AppsService) GetInstallation(ctx context.Context, id int64) (*Installation, *Response, error) {
-	return s.getInstallation(ctx, fmt.Sprintf("app/installations/%v", id))
-}
-
-// ListUserInstallations lists installations that are accessible to the authenticated user.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/installations#list-app-installations-accessible-to-the-user-access-token
-func (s *AppsService) ListUserInstallations(ctx context.Context, opts *ListOptions) ([]*Installation, *Response, error) {
-	u, err := addOptions("user/installations", opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var i struct {
-		Installations []*Installation `json:"installations"`
-	}
-	resp, err := s.client.Do(ctx, req, &i)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return i.Installations, resp, nil
-}
-
-// SuspendInstallation suspends the specified installation.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#suspend-an-app-installation
-func (s *AppsService) SuspendInstallation(ctx context.Context, id int64) (*Response, error) {
-	u := fmt.Sprintf("app/installations/%v/suspended", id)
-
-	req, err := s.client.NewRequest("PUT", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// UnsuspendInstallation unsuspends the specified installation.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#unsuspend-an-app-installation
-func (s *AppsService) UnsuspendInstallation(ctx context.Context, id int64) (*Response, error) {
-	u := fmt.Sprintf("app/installations/%v/suspended", id)
-
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// DeleteInstallation deletes the specified installation.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#delete-an-installation-for-the-authenticated-app
-func (s *AppsService) DeleteInstallation(ctx context.Context, id int64) (*Response, error) {
-	u := fmt.Sprintf("app/installations/%v", id)
-
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// CreateInstallationToken creates a new installation token.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#create-an-installation-access-token-for-an-app
-func (s *AppsService) CreateInstallationToken(ctx context.Context, id int64, opts *InstallationTokenOptions) (*InstallationToken, *Response, error) {
-	u := fmt.Sprintf("app/installations/%v/access_tokens", id)
-
-	req, err := s.client.NewRequest("POST", u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	t := new(InstallationToken)
-	resp, err := s.client.Do(ctx, req, t)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return t, resp, nil
-}
-
-// CreateAttachment creates a new attachment on user comment containing a url.
-//
-// TODO: Find GitHub API docs.
-func (s *AppsService) CreateAttachment(ctx context.Context, contentReferenceID int64, title, body string) (*Attachment, *Response, error) {
-	u := fmt.Sprintf("content_references/%v/attachments", contentReferenceID)
-	payload := &Attachment{Title: String(title), Body: String(body)}
-	req, err := s.client.NewRequest("POST", u, payload)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeContentAttachmentsPreview)
-
-	m := &Attachment{}
-	resp, err := s.client.Do(ctx, req, m)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return m, resp, nil
-}
-
-// FindOrganizationInstallation finds the organization's installation information.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#get-an-organization-installation-for-the-authenticated-app
-func (s *AppsService) FindOrganizationInstallation(ctx context.Context, org string) (*Installation, *Response, error) {
-	return s.getInstallation(ctx, fmt.Sprintf("orgs/%v/installation", org))
-}
-
-// FindRepositoryInstallation finds the repository's installation information.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#get-a-repository-installation-for-the-authenticated-app
-func (s *AppsService) FindRepositoryInstallation(ctx context.Context, owner, repo string) (*Installation, *Response, error) {
-	return s.getInstallation(ctx, fmt.Sprintf("repos/%v/%v/installation", owner, repo))
-}
-
-// FindRepositoryInstallationByID finds the repository's installation information.
-//
-// Note: FindRepositoryInstallationByID uses the undocumented GitHub API endpoint /repositories/:id/installation.
-func (s *AppsService) FindRepositoryInstallationByID(ctx context.Context, id int64) (*Installation, *Response, error) {
-	return s.getInstallation(ctx, fmt.Sprintf("repositories/%d/installation", id))
-}
-
-// FindUserInstallation finds the user's installation information.
-//
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#get-a-user-installation-for-the-authenticated-app
-func (s *AppsService) FindUserInstallation(ctx context.Context, user string) (*Installation, *Response, error) {
-	return s.getInstallation(ctx, fmt.Sprintf("users/%v/installation", user))
-}
-
-func (s *AppsService) getInstallation(ctx context.Context, url string) (*Installation, *Response, error) {
-	req, err := s.client.NewRequest("GET", url, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	i := new(Installation)
-	resp, err := s.client.Do(ctx, req, i)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return i, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/enterprise_actions_runners.go b/vendor/github.com/google/go-github/v55/github/enterprise_actions_runners.go
deleted file mode 100644
index daafc5e628..0000000000
--- a/vendor/github.com/google/go-github/v55/github/enterprise_actions_runners.go
+++ /dev/null
@@ -1,88 +0,0 @@
-// Copyright 2020 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// ListRunnerApplicationDownloads lists self-hosted runner application binaries that can be downloaded and run.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#list-runner-applications-for-an-enterprise
-func (s *EnterpriseService) ListRunnerApplicationDownloads(ctx context.Context, enterprise string) ([]*RunnerApplicationDownload, *Response, error) {
-	u := fmt.Sprintf("enterprises/%v/actions/runners/downloads", enterprise)
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var rads []*RunnerApplicationDownload
-	resp, err := s.client.Do(ctx, req, &rads)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return rads, resp, nil
-}
-
-// CreateRegistrationToken creates a token that can be used to add a self-hosted runner.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#create-a-registration-token-for-an-enterprise
-func (s *EnterpriseService) CreateRegistrationToken(ctx context.Context, enterprise string) (*RegistrationToken, *Response, error) {
-	u := fmt.Sprintf("enterprises/%v/actions/runners/registration-token", enterprise)
-
-	req, err := s.client.NewRequest("POST", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	registrationToken := new(RegistrationToken)
-	resp, err := s.client.Do(ctx, req, registrationToken)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return registrationToken, resp, nil
-}
-
-// ListRunners lists all the self-hosted runners for a enterprise.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#list-self-hosted-runners-for-an-enterprise
-func (s *EnterpriseService) ListRunners(ctx context.Context, enterprise string, opts *ListOptions) (*Runners, *Response, error) {
-	u := fmt.Sprintf("enterprises/%v/actions/runners", enterprise)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	runners := &Runners{}
-	resp, err := s.client.Do(ctx, req, &runners)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return runners, resp, nil
-}
-
-// RemoveRunner forces the removal of a self-hosted runner from an enterprise using the runner id.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#delete-a-self-hosted-runner-from-an-enterprise
-func (s *EnterpriseService) RemoveRunner(ctx context.Context, enterprise string, runnerID int64) (*Response, error) {
-	u := fmt.Sprintf("enterprises/%v/actions/runners/%v", enterprise, runnerID)
-
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
diff --git a/vendor/github.com/google/go-github/v55/github/misc.go b/vendor/github.com/google/go-github/v55/github/misc.go
deleted file mode 100644
index 8961524157..0000000000
--- a/vendor/github.com/google/go-github/v55/github/misc.go
+++ /dev/null
@@ -1,279 +0,0 @@
-// Copyright 2014 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"bytes"
-	"context"
-	"fmt"
-	"net/url"
-)
-
-// MarkdownOptions specifies optional parameters to the Markdown method.
-type MarkdownOptions struct {
-	// Mode identifies the rendering mode. Possible values are:
-	//   markdown - render a document as plain Markdown, just like
-	//   README files are rendered.
-	//
-	//   gfm - to render a document as user-content, e.g. like user
-	//   comments or issues are rendered. In GFM mode, hard line breaks are
-	//   always taken into account, and issue and user mentions are linked
-	//   accordingly.
-	//
-	// Default is "markdown".
-	Mode string
-
-	// Context identifies the repository context. Only taken into account
-	// when rendering as "gfm".
-	Context string
-}
-
-type markdownRequest struct {
-	Text    *string `json:"text,omitempty"`
-	Mode    *string `json:"mode,omitempty"`
-	Context *string `json:"context,omitempty"`
-}
-
-// Markdown renders an arbitrary Markdown document.
-//
-// GitHub API docs: https://docs.github.com/en/rest/markdown/
-func (c *Client) Markdown(ctx context.Context, text string, opts *MarkdownOptions) (string, *Response, error) {
-	request := &markdownRequest{Text: String(text)}
-	if opts != nil {
-		if opts.Mode != "" {
-			request.Mode = String(opts.Mode)
-		}
-		if opts.Context != "" {
-			request.Context = String(opts.Context)
-		}
-	}
-
-	req, err := c.NewRequest("POST", "markdown", request)
-	if err != nil {
-		return "", nil, err
-	}
-
-	buf := new(bytes.Buffer)
-	resp, err := c.Do(ctx, req, buf)
-	if err != nil {
-		return "", resp, err
-	}
-
-	return buf.String(), resp, nil
-}
-
-// ListEmojis returns the emojis available to use on GitHub.
-//
-// GitHub API docs: https://docs.github.com/en/rest/emojis/
-func (c *Client) ListEmojis(ctx context.Context) (map[string]string, *Response, error) {
-	req, err := c.NewRequest("GET", "emojis", nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var emoji map[string]string
-	resp, err := c.Do(ctx, req, &emoji)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return emoji, resp, nil
-}
-
-// CodeOfConduct represents a code of conduct.
-type CodeOfConduct struct {
-	Name *string `json:"name,omitempty"`
-	Key  *string `json:"key,omitempty"`
-	URL  *string `json:"url,omitempty"`
-	Body *string `json:"body,omitempty"`
-}
-
-func (c *CodeOfConduct) String() string {
-	return Stringify(c)
-}
-
-// ListCodesOfConduct returns all codes of conduct.
-//
-// GitHub API docs: https://docs.github.com/en/rest/codes_of_conduct/#list-all-codes-of-conduct
-func (c *Client) ListCodesOfConduct(ctx context.Context) ([]*CodeOfConduct, *Response, error) {
-	req, err := c.NewRequest("GET", "codes_of_conduct", nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeCodesOfConductPreview)
-
-	var cs []*CodeOfConduct
-	resp, err := c.Do(ctx, req, &cs)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return cs, resp, nil
-}
-
-// GetCodeOfConduct returns an individual code of conduct.
-//
-// https://docs.github.com/en/rest/codes_of_conduct/#get-an-individual-code-of-conduct
-func (c *Client) GetCodeOfConduct(ctx context.Context, key string) (*CodeOfConduct, *Response, error) {
-	u := fmt.Sprintf("codes_of_conduct/%s", key)
-	req, err := c.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeCodesOfConductPreview)
-
-	coc := new(CodeOfConduct)
-	resp, err := c.Do(ctx, req, coc)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return coc, resp, nil
-}
-
-// APIMeta represents metadata about the GitHub API.
-type APIMeta struct {
-	// An Array of IP addresses in CIDR format specifying the addresses
-	// that incoming service hooks will originate from on GitHub.com.
-	Hooks []string `json:"hooks,omitempty"`
-
-	// An Array of IP addresses in CIDR format specifying the Git servers
-	// for GitHub.com.
-	Git []string `json:"git,omitempty"`
-
-	// Whether authentication with username and password is supported.
-	// (GitHub Enterprise instances using CAS or OAuth for authentication
-	// will return false. Features like Basic Authentication with a
-	// username and password, sudo mode, and two-factor authentication are
-	// not supported on these servers.)
-	VerifiablePasswordAuthentication *bool `json:"verifiable_password_authentication,omitempty"`
-
-	// An array of IP addresses in CIDR format specifying the addresses
-	// which serve GitHub Pages websites.
-	Pages []string `json:"pages,omitempty"`
-
-	// An Array of IP addresses specifying the addresses that source imports
-	// will originate from on GitHub.com.
-	Importer []string `json:"importer,omitempty"`
-
-	// An array of IP addresses in CIDR format specifying the IP addresses
-	// GitHub Actions will originate from.
-	Actions []string `json:"actions,omitempty"`
-
-	// An array of IP addresses in CIDR format specifying the IP addresses
-	// Dependabot will originate from.
-	Dependabot []string `json:"dependabot,omitempty"`
-
-	// A map of algorithms to SSH key fingerprints.
-	SSHKeyFingerprints map[string]string `json:"ssh_key_fingerprints,omitempty"`
-
-	// An array of SSH keys.
-	SSHKeys []string `json:"ssh_keys,omitempty"`
-
-	// An array of IP addresses in CIDR format specifying the addresses
-	// which serve GitHub websites.
-	Web []string `json:"web,omitempty"`
-
-	// An array of IP addresses in CIDR format specifying the addresses
-	// which serve GitHub APIs.
-	API []string `json:"api,omitempty"`
-}
-
-// APIMeta returns information about GitHub.com, the service. Or, if you access
-// this endpoint on your organization’s GitHub Enterprise installation, this
-// endpoint provides information about that installation.
-//
-// GitHub API docs: https://docs.github.com/en/rest/meta#get-github-meta-information
-func (c *Client) APIMeta(ctx context.Context) (*APIMeta, *Response, error) {
-	req, err := c.NewRequest("GET", "meta", nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	meta := new(APIMeta)
-	resp, err := c.Do(ctx, req, meta)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return meta, resp, nil
-}
-
-// Octocat returns an ASCII art octocat with the specified message in a speech
-// bubble. If message is empty, a random zen phrase is used.
-func (c *Client) Octocat(ctx context.Context, message string) (string, *Response, error) {
-	u := "octocat"
-	if message != "" {
-		u = fmt.Sprintf("%s?s=%s", u, url.QueryEscape(message))
-	}
-
-	req, err := c.NewRequest("GET", u, nil)
-	if err != nil {
-		return "", nil, err
-	}
-
-	buf := new(bytes.Buffer)
-	resp, err := c.Do(ctx, req, buf)
-	if err != nil {
-		return "", resp, err
-	}
-
-	return buf.String(), resp, nil
-}
-
-// Zen returns a random line from The Zen of GitHub.
-//
-// see also: http://warpspire.com/posts/taste/
-func (c *Client) Zen(ctx context.Context) (string, *Response, error) {
-	req, err := c.NewRequest("GET", "zen", nil)
-	if err != nil {
-		return "", nil, err
-	}
-
-	buf := new(bytes.Buffer)
-	resp, err := c.Do(ctx, req, buf)
-	if err != nil {
-		return "", resp, err
-	}
-
-	return buf.String(), resp, nil
-}
-
-// ServiceHook represents a hook that has configuration settings, a list of
-// available events, and default events.
-type ServiceHook struct {
-	Name            *string    `json:"name,omitempty"`
-	Events          []string   `json:"events,omitempty"`
-	SupportedEvents []string   `json:"supported_events,omitempty"`
-	Schema          [][]string `json:"schema,omitempty"`
-}
-
-func (s *ServiceHook) String() string {
-	return Stringify(s)
-}
-
-// ListServiceHooks lists all of the available service hooks.
-//
-// GitHub API docs: https://developer.github.com/webhooks/#services
-func (c *Client) ListServiceHooks(ctx context.Context) ([]*ServiceHook, *Response, error) {
-	u := "hooks"
-	req, err := c.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var hooks []*ServiceHook
-	resp, err := c.Do(ctx, req, &hooks)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return hooks, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_actions_allowed.go b/vendor/github.com/google/go-github/v55/github/orgs_actions_allowed.go
deleted file mode 100644
index e3b35b1df1..0000000000
--- a/vendor/github.com/google/go-github/v55/github/orgs_actions_allowed.go
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright 2021 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// ActionsAllowed represents selected actions that are allowed.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions
-type ActionsAllowed struct {
-	GithubOwnedAllowed *bool    `json:"github_owned_allowed,omitempty"`
-	VerifiedAllowed    *bool    `json:"verified_allowed,omitempty"`
-	PatternsAllowed    []string `json:"patterns_allowed,omitempty"`
-}
-
-func (a ActionsAllowed) String() string {
-	return Stringify(a)
-}
-
-// GetActionsAllowed gets the actions that are allowed in an organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#get-allowed-actions-and-reusable-workflows-for-an-organization
-func (s *OrganizationsService) GetActionsAllowed(ctx context.Context, org string) (*ActionsAllowed, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/permissions/selected-actions", org)
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	actionsAllowed := new(ActionsAllowed)
-	resp, err := s.client.Do(ctx, req, actionsAllowed)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return actionsAllowed, resp, nil
-}
-
-// EditActionsAllowed sets the actions that are allowed in an organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-allowed-actions-and-reusable-workflows-for-an-organization
-func (s *OrganizationsService) EditActionsAllowed(ctx context.Context, org string, actionsAllowed ActionsAllowed) (*ActionsAllowed, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/permissions/selected-actions", org)
-	req, err := s.client.NewRequest("PUT", u, actionsAllowed)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	p := new(ActionsAllowed)
-	resp, err := s.client.Do(ctx, req, p)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return p, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_actions_permissions.go b/vendor/github.com/google/go-github/v55/github/orgs_actions_permissions.go
deleted file mode 100644
index 6d1db2ee0a..0000000000
--- a/vendor/github.com/google/go-github/v55/github/orgs_actions_permissions.go
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright 2021 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// ActionsPermissions represents a policy for repositories and allowed actions in an organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions
-type ActionsPermissions struct {
-	EnabledRepositories *string `json:"enabled_repositories,omitempty"`
-	AllowedActions      *string `json:"allowed_actions,omitempty"`
-	SelectedActionsURL  *string `json:"selected_actions_url,omitempty"`
-}
-
-func (a ActionsPermissions) String() string {
-	return Stringify(a)
-}
-
-// GetActionsPermissions gets the GitHub Actions permissions policy for repositories and allowed actions in an organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#get-github-actions-permissions-for-an-organization
-func (s *OrganizationsService) GetActionsPermissions(ctx context.Context, org string) (*ActionsPermissions, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/permissions", org)
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	permissions := new(ActionsPermissions)
-	resp, err := s.client.Do(ctx, req, permissions)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return permissions, resp, nil
-}
-
-// EditActionsPermissions sets the permissions policy for repositories and allowed actions in an organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-github-actions-permissions-for-an-organization
-func (s *OrganizationsService) EditActionsPermissions(ctx context.Context, org string, actionsPermissions ActionsPermissions) (*ActionsPermissions, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/permissions", org)
-	req, err := s.client.NewRequest("PUT", u, actionsPermissions)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	p := new(ActionsPermissions)
-	resp, err := s.client.Do(ctx, req, p)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return p, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_audit_log.go b/vendor/github.com/google/go-github/v55/github/orgs_audit_log.go
deleted file mode 100644
index 4c34445fa1..0000000000
--- a/vendor/github.com/google/go-github/v55/github/orgs_audit_log.go
+++ /dev/null
@@ -1,156 +0,0 @@
-// Copyright 2021 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// GetAuditLogOptions sets up optional parameters to query audit-log endpoint.
-type GetAuditLogOptions struct {
-	Phrase  *string `url:"phrase,omitempty"`  // A search phrase. (Optional.)
-	Include *string `url:"include,omitempty"` // Event type includes. Can be one of "web", "git", "all". Default: "web". (Optional.)
-	Order   *string `url:"order,omitempty"`   // The order of audit log events. Can be one of "asc" or "desc". Default: "desc". (Optional.)
-
-	ListCursorOptions
-}
-
-// HookConfig describes metadata about a webhook configuration.
-type HookConfig struct {
-	ContentType *string `json:"content_type,omitempty"`
-	InsecureSSL *string `json:"insecure_ssl,omitempty"`
-	URL         *string `json:"url,omitempty"`
-
-	// Secret is returned obfuscated by GitHub, but it can be set for outgoing requests.
-	Secret *string `json:"secret,omitempty"`
-}
-
-// ActorLocation contains information about reported location for an actor.
-type ActorLocation struct {
-	CountryCode *string `json:"country_code,omitempty"`
-}
-
-// PolicyOverrideReason contains user-supplied information about why a policy was overridden.
-type PolicyOverrideReason struct {
-	Code    *string `json:"code,omitempty"`
-	Message *string `json:"message,omitempty"`
-}
-
-// AuditEntry describes the fields that may be represented by various audit-log "action" entries.
-// For a list of actions see - https://docs.github.com/en/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization#audit-log-actions
-type AuditEntry struct {
-	ActorIP                *string                 `json:"actor_ip,omitempty"`
-	Action                 *string                 `json:"action,omitempty"` // The name of the action that was performed, for example `user.login` or `repo.create`.
-	Active                 *bool                   `json:"active,omitempty"`
-	ActiveWas              *bool                   `json:"active_was,omitempty"`
-	Actor                  *string                 `json:"actor,omitempty"` // The actor who performed the action.
-	ActorLocation          *ActorLocation          `json:"actor_location,omitempty"`
-	BlockedUser            *string                 `json:"blocked_user,omitempty"`
-	Business               *string                 `json:"business,omitempty"`
-	CancelledAt            *Timestamp              `json:"cancelled_at,omitempty"`
-	CompletedAt            *Timestamp              `json:"completed_at,omitempty"`
-	Conclusion             *string                 `json:"conclusion,omitempty"`
-	Config                 *HookConfig             `json:"config,omitempty"`
-	ConfigWas              *HookConfig             `json:"config_was,omitempty"`
-	ContentType            *string                 `json:"content_type,omitempty"`
-	CreatedAt              *Timestamp              `json:"created_at,omitempty"`
-	DeployKeyFingerprint   *string                 `json:"deploy_key_fingerprint,omitempty"`
-	DocumentID             *string                 `json:"_document_id,omitempty"`
-	Emoji                  *string                 `json:"emoji,omitempty"`
-	EnvironmentName        *string                 `json:"environment_name,omitempty"`
-	Event                  *string                 `json:"event,omitempty"`
-	Events                 []string                `json:"events,omitempty"`
-	EventsWere             []string                `json:"events_were,omitempty"`
-	Explanation            *string                 `json:"explanation,omitempty"`
-	Fingerprint            *string                 `json:"fingerprint,omitempty"`
-	HashedToken            *string                 `json:"hashed_token,omitempty"`
-	HeadBranch             *string                 `json:"head_branch,omitempty"`
-	HeadSHA                *string                 `json:"head_sha,omitempty"`
-	HookID                 *int64                  `json:"hook_id,omitempty"`
-	IsHostedRunner         *bool                   `json:"is_hosted_runner,omitempty"`
-	JobName                *string                 `json:"job_name,omitempty"`
-	JobWorkflowRef         *string                 `json:"job_workflow_ref,omitempty"`
-	LimitedAvailability    *bool                   `json:"limited_availability,omitempty"`
-	Message                *string                 `json:"message,omitempty"`
-	Name                   *string                 `json:"name,omitempty"`
-	OAuthApplicationID     *int64                  `json:"oauth_application_id,omitempty"`
-	OldUser                *string                 `json:"old_user,omitempty"`
-	OldPermission          *string                 `json:"old_permission,omitempty"` // The permission level for membership changes, for example `admin` or `read`.
-	OpenSSHPublicKey       *string                 `json:"openssh_public_key,omitempty"`
-	OperationType          *string                 `json:"operation_type,omitempty"`
-	Org                    *string                 `json:"org,omitempty"`
-	OrgID                  *int64                  `json:"org_id,omitempty"`
-	OverriddenCodes        []string                `json:"overridden_codes,omitempty"`
-	Permission             *string                 `json:"permission,omitempty"` // The permission level for membership changes, for example `admin` or `read`.
-	PreviousVisibility     *string                 `json:"previous_visibility,omitempty"`
-	ProgrammaticAccessType *string                 `json:"programmatic_access_type,omitempty"`
-	PullRequestID          *int64                  `json:"pull_request_id,omitempty"`
-	PullRequestTitle       *string                 `json:"pull_request_title,omitempty"`
-	PullRequestURL         *string                 `json:"pull_request_url,omitempty"`
-	ReadOnly               *string                 `json:"read_only,omitempty"`
-	Reasons                []*PolicyOverrideReason `json:"reasons,omitempty"`
-	Repo                   *string                 `json:"repo,omitempty"`
-	Repository             *string                 `json:"repository,omitempty"`
-	RepositoryPublic       *bool                   `json:"repository_public,omitempty"`
-	RunAttempt             *int64                  `json:"run_attempt,omitempty"`
-	RunnerGroupID          *int64                  `json:"runner_group_id,omitempty"`
-	RunnerGroupName        *string                 `json:"runner_group_name,omitempty"`
-	RunnerID               *int64                  `json:"runner_id,omitempty"`
-	RunnerLabels           []string                `json:"runner_labels,omitempty"`
-	RunnerName             *string                 `json:"runner_name,omitempty"`
-	RunNumber              *int64                  `json:"run_number,omitempty"`
-	SecretsPassed          []string                `json:"secrets_passed,omitempty"`
-	SourceVersion          *string                 `json:"source_version,omitempty"`
-	StartedAt              *Timestamp              `json:"started_at,omitempty"`
-	TargetLogin            *string                 `json:"target_login,omitempty"`
-	TargetVersion          *string                 `json:"target_version,omitempty"`
-	Team                   *string                 `json:"team,omitempty"`
-	Timestamp              *Timestamp              `json:"@timestamp,omitempty"` // The time the audit log event occurred, given as a [Unix timestamp](http://en.wikipedia.org/wiki/Unix_time).
-	TokenID                *int64                  `json:"token_id,omitempty"`
-	TokenScopes            *string                 `json:"token_scopes,omitempty"`
-	Topic                  *string                 `json:"topic,omitempty"`
-	TransportProtocolName  *string                 `json:"transport_protocol_name,omitempty"` // A human readable name for the protocol (for example, HTTP or SSH) used to transfer Git data.
-	TransportProtocol      *int                    `json:"transport_protocol,omitempty"`      // The type of protocol (for example, HTTP=1 or SSH=2) used to transfer Git data.
-	TriggerID              *int64                  `json:"trigger_id,omitempty"`
-	User                   *string                 `json:"user,omitempty"` // The user that was affected by the action performed (if available).
-	UserAgent              *string                 `json:"user_agent,omitempty"`
-	Visibility             *string                 `json:"visibility,omitempty"` // The repository visibility, for example `public` or `private`.
-	WorkflowID             *int64                  `json:"workflow_id,omitempty"`
-	WorkflowRunID          *int64                  `json:"workflow_run_id,omitempty"`
-
-	Data *AuditEntryData `json:"data,omitempty"`
-}
-
-// AuditEntryData represents additional information stuffed into a `data` field.
-type AuditEntryData struct {
-	OldName  *string `json:"old_name,omitempty"`  // The previous name of the repository, for a name change
-	OldLogin *string `json:"old_login,omitempty"` // The previous name of the organization, for a name change
-}
-
-// GetAuditLog gets the audit-log entries for an organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/orgs/orgs#get-the-audit-log-for-an-organization
-func (s *OrganizationsService) GetAuditLog(ctx context.Context, org string, opts *GetAuditLogOptions) ([]*AuditEntry, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/audit-log", org)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var auditEntries []*AuditEntry
-	resp, err := s.client.Do(ctx, req, &auditEntries)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return auditEntries, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_personal_access_tokens.go b/vendor/github.com/google/go-github/v55/github/orgs_personal_access_tokens.go
deleted file mode 100644
index c30ff2843e..0000000000
--- a/vendor/github.com/google/go-github/v55/github/orgs_personal_access_tokens.go
+++ /dev/null
@@ -1,34 +0,0 @@
-// Copyright 2023 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-	"net/http"
-)
-
-// ReviewPersonalAccessTokenRequestOptions specifies the parameters to the ReviewPersonalAccessTokenRequest method.
-type ReviewPersonalAccessTokenRequestOptions struct {
-	Action string  `json:"action"`
-	Reason *string `json:"reason,omitempty"`
-}
-
-// ReviewPersonalAccessTokenRequest approves or denies a pending request to access organization resources via a fine-grained personal access token.
-// Only GitHub Apps can call this API, using the `organization_personal_access_token_requests: write` permission.
-// `action` can be one of `approve` or `deny`.
-//
-// GitHub API docs: https://docs.github.com/en/rest/orgs/personal-access-tokens?apiVersion=2022-11-28#review-a-request-to-access-organization-resources-with-a-fine-grained-personal-access-token
-func (s *OrganizationsService) ReviewPersonalAccessTokenRequest(ctx context.Context, org string, requestID int64, opts ReviewPersonalAccessTokenRequestOptions) (*Response, error) {
-	u := fmt.Sprintf("orgs/%v/personal-access-token-requests/%v", org, requestID)
-
-	req, err := s.client.NewRequest(http.MethodPost, u, &opts)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_projects.go b/vendor/github.com/google/go-github/v55/github/orgs_projects.go
deleted file mode 100644
index d49eae54dc..0000000000
--- a/vendor/github.com/google/go-github/v55/github/orgs_projects.go
+++ /dev/null
@@ -1,60 +0,0 @@
-// Copyright 2017 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// ListProjects lists the projects for an organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/projects#list-organization-projects
-func (s *OrganizationsService) ListProjects(ctx context.Context, org string, opts *ProjectListOptions) ([]*Project, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/projects", org)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	var projects []*Project
-	resp, err := s.client.Do(ctx, req, &projects)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return projects, resp, nil
-}
-
-// CreateProject creates a GitHub Project for the specified organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/projects#create-an-organization-project
-func (s *OrganizationsService) CreateProject(ctx context.Context, org string, opts *ProjectOptions) (*Project, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/projects", org)
-	req, err := s.client.NewRequest("POST", u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	project := &Project{}
-	resp, err := s.client.Do(ctx, req, project)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return project, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_rules.go b/vendor/github.com/google/go-github/v55/github/orgs_rules.go
deleted file mode 100644
index a3905af8fb..0000000000
--- a/vendor/github.com/google/go-github/v55/github/orgs_rules.go
+++ /dev/null
@@ -1,105 +0,0 @@
-// Copyright 2023 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// GetAllOrganizationRulesets gets all the rulesets for the specified organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/orgs/rules#get-all-organization-repository-rulesets
-func (s *OrganizationsService) GetAllOrganizationRulesets(ctx context.Context, org string) ([]*Ruleset, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/rulesets", org)
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var rulesets []*Ruleset
-	resp, err := s.client.Do(ctx, req, &rulesets)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return rulesets, resp, nil
-}
-
-// CreateOrganizationRuleset creates a ruleset for the specified organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/orgs/rules#create-an-organization-repository-ruleset
-func (s *OrganizationsService) CreateOrganizationRuleset(ctx context.Context, org string, rs *Ruleset) (*Ruleset, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/rulesets", org)
-
-	req, err := s.client.NewRequest("POST", u, rs)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var ruleset *Ruleset
-	resp, err := s.client.Do(ctx, req, &ruleset)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return ruleset, resp, nil
-}
-
-// GetOrganizationRuleset gets a ruleset from the specified organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/orgs/rules#get-an-organization-repository-ruleset
-func (s *OrganizationsService) GetOrganizationRuleset(ctx context.Context, org string, rulesetID int64) (*Ruleset, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/rulesets/%v", org, rulesetID)
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var ruleset *Ruleset
-	resp, err := s.client.Do(ctx, req, &ruleset)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return ruleset, resp, nil
-}
-
-// UpdateOrganizationRuleset updates a ruleset from the specified organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/orgs/rules#update-an-organization-repository-ruleset
-func (s *OrganizationsService) UpdateOrganizationRuleset(ctx context.Context, org string, rulesetID int64, rs *Ruleset) (*Ruleset, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/rulesets/%v", org, rulesetID)
-
-	req, err := s.client.NewRequest("PUT", u, rs)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var ruleset *Ruleset
-	resp, err := s.client.Do(ctx, req, &ruleset)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return ruleset, resp, nil
-}
-
-// DeleteOrganizationRuleset deletes a ruleset from the specified organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/orgs/rules#delete-an-organization-repository-ruleset
-func (s *OrganizationsService) DeleteOrganizationRuleset(ctx context.Context, org string, rulesetID int64) (*Response, error) {
-	u := fmt.Sprintf("orgs/%v/rulesets/%v", org, rulesetID)
-
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
diff --git a/vendor/github.com/google/go-github/v55/github/packages.go b/vendor/github.com/google/go-github/v55/github/packages.go
deleted file mode 100644
index ef7df07405..0000000000
--- a/vendor/github.com/google/go-github/v55/github/packages.go
+++ /dev/null
@@ -1,143 +0,0 @@
-// Copyright 2020 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-// Package represents a GitHub package.
-type Package struct {
-	ID             *int64           `json:"id,omitempty"`
-	Name           *string          `json:"name,omitempty"`
-	PackageType    *string          `json:"package_type,omitempty"`
-	HTMLURL        *string          `json:"html_url,omitempty"`
-	CreatedAt      *Timestamp       `json:"created_at,omitempty"`
-	UpdatedAt      *Timestamp       `json:"updated_at,omitempty"`
-	Owner          *User            `json:"owner,omitempty"`
-	PackageVersion *PackageVersion  `json:"package_version,omitempty"`
-	Registry       *PackageRegistry `json:"registry,omitempty"`
-	URL            *string          `json:"url,omitempty"`
-	VersionCount   *int64           `json:"version_count,omitempty"`
-	Visibility     *string          `json:"visibility,omitempty"`
-	Repository     *Repository      `json:"repository,omitempty"`
-}
-
-func (p Package) String() string {
-	return Stringify(p)
-}
-
-// PackageVersion represents a GitHub package version.
-type PackageVersion struct {
-	ID                  *int64           `json:"id,omitempty"`
-	Version             *string          `json:"version,omitempty"`
-	Summary             *string          `json:"summary,omitempty"`
-	Body                *string          `json:"body,omitempty"`
-	BodyHTML            *string          `json:"body_html,omitempty"`
-	Release             *PackageRelease  `json:"release,omitempty"`
-	Manifest            *string          `json:"manifest,omitempty"`
-	HTMLURL             *string          `json:"html_url,omitempty"`
-	TagName             *string          `json:"tag_name,omitempty"`
-	TargetCommitish     *string          `json:"target_commitish,omitempty"`
-	TargetOID           *string          `json:"target_oid,omitempty"`
-	Draft               *bool            `json:"draft,omitempty"`
-	Prerelease          *bool            `json:"prerelease,omitempty"`
-	CreatedAt           *Timestamp       `json:"created_at,omitempty"`
-	UpdatedAt           *Timestamp       `json:"updated_at,omitempty"`
-	PackageFiles        []*PackageFile   `json:"package_files,omitempty"`
-	Author              *User            `json:"author,omitempty"`
-	InstallationCommand *string          `json:"installation_command,omitempty"`
-	Metadata            *PackageMetadata `json:"metadata,omitempty"`
-	PackageHTMLURL      *string          `json:"package_html_url,omitempty"`
-	Name                *string          `json:"name,omitempty"`
-	URL                 *string          `json:"url,omitempty"`
-}
-
-func (pv PackageVersion) String() string {
-	return Stringify(pv)
-}
-
-// PackageRelease represents a GitHub package version release.
-type PackageRelease struct {
-	URL             *string    `json:"url,omitempty"`
-	HTMLURL         *string    `json:"html_url,omitempty"`
-	ID              *int64     `json:"id,omitempty"`
-	TagName         *string    `json:"tag_name,omitempty"`
-	TargetCommitish *string    `json:"target_commitish,omitempty"`
-	Name            *string    `json:"name,omitempty"`
-	Draft           *bool      `json:"draft,omitempty"`
-	Author          *User      `json:"author,omitempty"`
-	Prerelease      *bool      `json:"prerelease,omitempty"`
-	CreatedAt       *Timestamp `json:"created_at,omitempty"`
-	PublishedAt     *Timestamp `json:"published_at,omitempty"`
-}
-
-func (r PackageRelease) String() string {
-	return Stringify(r)
-}
-
-// PackageFile represents a GitHub package version release file.
-type PackageFile struct {
-	DownloadURL *string    `json:"download_url,omitempty"`
-	ID          *int64     `json:"id,omitempty"`
-	Name        *string    `json:"name,omitempty"`
-	SHA256      *string    `json:"sha256,omitempty"`
-	SHA1        *string    `json:"sha1,omitempty"`
-	MD5         *string    `json:"md5,omitempty"`
-	ContentType *string    `json:"content_type,omitempty"`
-	State       *string    `json:"state,omitempty"`
-	Author      *User      `json:"author,omitempty"`
-	Size        *int64     `json:"size,omitempty"`
-	CreatedAt   *Timestamp `json:"created_at,omitempty"`
-	UpdatedAt   *Timestamp `json:"updated_at,omitempty"`
-}
-
-func (pf PackageFile) String() string {
-	return Stringify(pf)
-}
-
-// PackageRegistry represents a GitHub package registry.
-type PackageRegistry struct {
-	AboutURL *string `json:"about_url,omitempty"`
-	Name     *string `json:"name,omitempty"`
-	Type     *string `json:"type,omitempty"`
-	URL      *string `json:"url,omitempty"`
-	Vendor   *string `json:"vendor,omitempty"`
-}
-
-func (r PackageRegistry) String() string {
-	return Stringify(r)
-}
-
-// PackageListOptions represents the optional list options for a package.
-type PackageListOptions struct {
-	// Visibility of packages "public", "internal" or "private".
-	Visibility *string `url:"visibility,omitempty"`
-
-	// PackageType represents the type of package.
-	// It can be one of "npm", "maven", "rubygems", "nuget", "docker", or "container".
-	PackageType *string `url:"package_type,omitempty"`
-
-	// State of package either "active" or "deleted".
-	State *string `url:"state,omitempty"`
-
-	ListOptions
-}
-
-// PackageMetadata represents metadata from a package.
-type PackageMetadata struct {
-	PackageType *string                   `json:"package_type,omitempty"`
-	Container   *PackageContainerMetadata `json:"container,omitempty"`
-}
-
-func (r PackageMetadata) String() string {
-	return Stringify(r)
-}
-
-// PackageContainerMetadata represents container metadata for docker container packages.
-type PackageContainerMetadata struct {
-	Tags []string `json:"tags,omitempty"`
-}
-
-func (r PackageContainerMetadata) String() string {
-	return Stringify(r)
-}
diff --git a/vendor/github.com/google/go-github/v55/github/projects.go b/vendor/github.com/google/go-github/v55/github/projects.go
deleted file mode 100644
index df7ad6cd97..0000000000
--- a/vendor/github.com/google/go-github/v55/github/projects.go
+++ /dev/null
@@ -1,596 +0,0 @@
-// Copyright 2016 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// ProjectsService provides access to the projects functions in the
-// GitHub API.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects
-type ProjectsService service
-
-// Project represents a GitHub Project.
-type Project struct {
-	ID                     *int64     `json:"id,omitempty"`
-	URL                    *string    `json:"url,omitempty"`
-	HTMLURL                *string    `json:"html_url,omitempty"`
-	ColumnsURL             *string    `json:"columns_url,omitempty"`
-	OwnerURL               *string    `json:"owner_url,omitempty"`
-	Name                   *string    `json:"name,omitempty"`
-	Body                   *string    `json:"body,omitempty"`
-	Number                 *int       `json:"number,omitempty"`
-	State                  *string    `json:"state,omitempty"`
-	CreatedAt              *Timestamp `json:"created_at,omitempty"`
-	UpdatedAt              *Timestamp `json:"updated_at,omitempty"`
-	NodeID                 *string    `json:"node_id,omitempty"`
-	OrganizationPermission *string    `json:"organization_permission,omitempty"`
-	Private                *bool      `json:"private,omitempty"`
-
-	// The User object that generated the project.
-	Creator *User `json:"creator,omitempty"`
-}
-
-func (p Project) String() string {
-	return Stringify(p)
-}
-
-// GetProject gets a GitHub Project for a repo.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/projects#get-a-project
-func (s *ProjectsService) GetProject(ctx context.Context, id int64) (*Project, *Response, error) {
-	u := fmt.Sprintf("projects/%v", id)
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	project := &Project{}
-	resp, err := s.client.Do(ctx, req, project)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return project, resp, nil
-}
-
-// ProjectOptions specifies the parameters to the
-// RepositoriesService.CreateProject and
-// ProjectsService.UpdateProject methods.
-type ProjectOptions struct {
-	// The name of the project. (Required for creation; optional for update.)
-	Name *string `json:"name,omitempty"`
-	// The body of the project. (Optional.)
-	Body *string `json:"body,omitempty"`
-
-	// The following field(s) are only applicable for update.
-	// They should be left with zero values for creation.
-
-	// State of the project. Either "open" or "closed". (Optional.)
-	State *string `json:"state,omitempty"`
-	// The permission level that all members of the project's organization
-	// will have on this project.
-	// Setting the organization permission is only available
-	// for organization projects. (Optional.)
-	OrganizationPermission *string `json:"organization_permission,omitempty"`
-	// Sets visibility of the project within the organization.
-	// Setting visibility is only available
-	// for organization projects.(Optional.)
-	Private *bool `json:"private,omitempty"`
-}
-
-// UpdateProject updates a repository project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/projects#update-a-project
-func (s *ProjectsService) UpdateProject(ctx context.Context, id int64, opts *ProjectOptions) (*Project, *Response, error) {
-	u := fmt.Sprintf("projects/%v", id)
-	req, err := s.client.NewRequest("PATCH", u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	project := &Project{}
-	resp, err := s.client.Do(ctx, req, project)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return project, resp, nil
-}
-
-// DeleteProject deletes a GitHub Project from a repository.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/projects#delete-a-project
-func (s *ProjectsService) DeleteProject(ctx context.Context, id int64) (*Response, error) {
-	u := fmt.Sprintf("projects/%v", id)
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// ProjectColumn represents a column of a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/repos/projects/
-type ProjectColumn struct {
-	ID         *int64     `json:"id,omitempty"`
-	Name       *string    `json:"name,omitempty"`
-	URL        *string    `json:"url,omitempty"`
-	ProjectURL *string    `json:"project_url,omitempty"`
-	CardsURL   *string    `json:"cards_url,omitempty"`
-	CreatedAt  *Timestamp `json:"created_at,omitempty"`
-	UpdatedAt  *Timestamp `json:"updated_at,omitempty"`
-	NodeID     *string    `json:"node_id,omitempty"`
-}
-
-// ListProjectColumns lists the columns of a GitHub Project for a repo.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/columns#list-project-columns
-func (s *ProjectsService) ListProjectColumns(ctx context.Context, projectID int64, opts *ListOptions) ([]*ProjectColumn, *Response, error) {
-	u := fmt.Sprintf("projects/%v/columns", projectID)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	columns := []*ProjectColumn{}
-	resp, err := s.client.Do(ctx, req, &columns)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return columns, resp, nil
-}
-
-// GetProjectColumn gets a column of a GitHub Project for a repo.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/columns#get-a-project-column
-func (s *ProjectsService) GetProjectColumn(ctx context.Context, id int64) (*ProjectColumn, *Response, error) {
-	u := fmt.Sprintf("projects/columns/%v", id)
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	column := &ProjectColumn{}
-	resp, err := s.client.Do(ctx, req, column)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return column, resp, nil
-}
-
-// ProjectColumnOptions specifies the parameters to the
-// ProjectsService.CreateProjectColumn and
-// ProjectsService.UpdateProjectColumn methods.
-type ProjectColumnOptions struct {
-	// The name of the project column. (Required for creation and update.)
-	Name string `json:"name"`
-}
-
-// CreateProjectColumn creates a column for the specified (by number) project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/columns#create-a-project-column
-func (s *ProjectsService) CreateProjectColumn(ctx context.Context, projectID int64, opts *ProjectColumnOptions) (*ProjectColumn, *Response, error) {
-	u := fmt.Sprintf("projects/%v/columns", projectID)
-	req, err := s.client.NewRequest("POST", u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	column := &ProjectColumn{}
-	resp, err := s.client.Do(ctx, req, column)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return column, resp, nil
-}
-
-// UpdateProjectColumn updates a column of a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/columns#update-an-existing-project-column
-func (s *ProjectsService) UpdateProjectColumn(ctx context.Context, columnID int64, opts *ProjectColumnOptions) (*ProjectColumn, *Response, error) {
-	u := fmt.Sprintf("projects/columns/%v", columnID)
-	req, err := s.client.NewRequest("PATCH", u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	column := &ProjectColumn{}
-	resp, err := s.client.Do(ctx, req, column)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return column, resp, nil
-}
-
-// DeleteProjectColumn deletes a column from a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/columns#delete-a-project-column
-func (s *ProjectsService) DeleteProjectColumn(ctx context.Context, columnID int64) (*Response, error) {
-	u := fmt.Sprintf("projects/columns/%v", columnID)
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// ProjectColumnMoveOptions specifies the parameters to the
-// ProjectsService.MoveProjectColumn method.
-type ProjectColumnMoveOptions struct {
-	// Position can be one of "first", "last", or "after:<column-id>", where
-	// <column-id> is the ID of a column in the same project. (Required.)
-	Position string `json:"position"`
-}
-
-// MoveProjectColumn moves a column within a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/columns#move-a-project-column
-func (s *ProjectsService) MoveProjectColumn(ctx context.Context, columnID int64, opts *ProjectColumnMoveOptions) (*Response, error) {
-	u := fmt.Sprintf("projects/columns/%v/moves", columnID)
-	req, err := s.client.NewRequest("POST", u, opts)
-	if err != nil {
-		return nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// ProjectCard represents a card in a column of a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/cards/#get-a-project-card
-type ProjectCard struct {
-	URL        *string    `json:"url,omitempty"`
-	ColumnURL  *string    `json:"column_url,omitempty"`
-	ContentURL *string    `json:"content_url,omitempty"`
-	ID         *int64     `json:"id,omitempty"`
-	Note       *string    `json:"note,omitempty"`
-	Creator    *User      `json:"creator,omitempty"`
-	CreatedAt  *Timestamp `json:"created_at,omitempty"`
-	UpdatedAt  *Timestamp `json:"updated_at,omitempty"`
-	NodeID     *string    `json:"node_id,omitempty"`
-	Archived   *bool      `json:"archived,omitempty"`
-
-	// The following fields are only populated by Webhook events.
-	ColumnID *int64 `json:"column_id,omitempty"`
-
-	// The following fields are only populated by Events API.
-	ProjectID          *int64  `json:"project_id,omitempty"`
-	ProjectURL         *string `json:"project_url,omitempty"`
-	ColumnName         *string `json:"column_name,omitempty"`
-	PreviousColumnName *string `json:"previous_column_name,omitempty"` // Populated in "moved_columns_in_project" event deliveries.
-}
-
-// ProjectCardListOptions specifies the optional parameters to the
-// ProjectsService.ListProjectCards method.
-type ProjectCardListOptions struct {
-	// ArchivedState is used to list all, archived, or not_archived project cards.
-	// Defaults to not_archived when you omit this parameter.
-	ArchivedState *string `url:"archived_state,omitempty"`
-
-	ListOptions
-}
-
-// ListProjectCards lists the cards in a column of a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/cards#list-project-cards
-func (s *ProjectsService) ListProjectCards(ctx context.Context, columnID int64, opts *ProjectCardListOptions) ([]*ProjectCard, *Response, error) {
-	u := fmt.Sprintf("projects/columns/%v/cards", columnID)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	cards := []*ProjectCard{}
-	resp, err := s.client.Do(ctx, req, &cards)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return cards, resp, nil
-}
-
-// GetProjectCard gets a card in a column of a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/cards#get-a-project-card
-func (s *ProjectsService) GetProjectCard(ctx context.Context, cardID int64) (*ProjectCard, *Response, error) {
-	u := fmt.Sprintf("projects/columns/cards/%v", cardID)
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	card := &ProjectCard{}
-	resp, err := s.client.Do(ctx, req, card)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return card, resp, nil
-}
-
-// ProjectCardOptions specifies the parameters to the
-// ProjectsService.CreateProjectCard and
-// ProjectsService.UpdateProjectCard methods.
-type ProjectCardOptions struct {
-	// The note of the card. Note and ContentID are mutually exclusive.
-	Note string `json:"note,omitempty"`
-	// The ID (not Number) of the Issue to associate with this card.
-	// Note and ContentID are mutually exclusive.
-	ContentID int64 `json:"content_id,omitempty"`
-	// The type of content to associate with this card. Possible values are: "Issue" and "PullRequest".
-	ContentType string `json:"content_type,omitempty"`
-	// Use true to archive a project card.
-	// Specify false if you need to restore a previously archived project card.
-	Archived *bool `json:"archived,omitempty"`
-}
-
-// CreateProjectCard creates a card in the specified column of a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/cards#create-a-project-card
-func (s *ProjectsService) CreateProjectCard(ctx context.Context, columnID int64, opts *ProjectCardOptions) (*ProjectCard, *Response, error) {
-	u := fmt.Sprintf("projects/columns/%v/cards", columnID)
-	req, err := s.client.NewRequest("POST", u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	card := &ProjectCard{}
-	resp, err := s.client.Do(ctx, req, card)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return card, resp, nil
-}
-
-// UpdateProjectCard updates a card of a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/cards#update-an-existing-project-card
-func (s *ProjectsService) UpdateProjectCard(ctx context.Context, cardID int64, opts *ProjectCardOptions) (*ProjectCard, *Response, error) {
-	u := fmt.Sprintf("projects/columns/cards/%v", cardID)
-	req, err := s.client.NewRequest("PATCH", u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	card := &ProjectCard{}
-	resp, err := s.client.Do(ctx, req, card)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return card, resp, nil
-}
-
-// DeleteProjectCard deletes a card from a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/cards#delete-a-project-card
-func (s *ProjectsService) DeleteProjectCard(ctx context.Context, cardID int64) (*Response, error) {
-	u := fmt.Sprintf("projects/columns/cards/%v", cardID)
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// ProjectCardMoveOptions specifies the parameters to the
-// ProjectsService.MoveProjectCard method.
-type ProjectCardMoveOptions struct {
-	// Position can be one of "top", "bottom", or "after:<card-id>", where
-	// <card-id> is the ID of a card in the same project.
-	Position string `json:"position"`
-	// ColumnID is the ID of a column in the same project. Note that ColumnID
-	// is required when using Position "after:<card-id>" when that card is in
-	// another column; otherwise it is optional.
-	ColumnID int64 `json:"column_id,omitempty"`
-}
-
-// MoveProjectCard moves a card within a GitHub Project.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/cards#move-a-project-card
-func (s *ProjectsService) MoveProjectCard(ctx context.Context, cardID int64, opts *ProjectCardMoveOptions) (*Response, error) {
-	u := fmt.Sprintf("projects/columns/cards/%v/moves", cardID)
-	req, err := s.client.NewRequest("POST", u, opts)
-	if err != nil {
-		return nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// ProjectCollaboratorOptions specifies the optional parameters to the
-// ProjectsService.AddProjectCollaborator method.
-type ProjectCollaboratorOptions struct {
-	// Permission specifies the permission to grant to the collaborator.
-	// Possible values are:
-	//     "read" - can read, but not write to or administer this project.
-	//     "write" - can read and write, but not administer this project.
-	//     "admin" - can read, write and administer this project.
-	//
-	// Default value is "write"
-	Permission *string `json:"permission,omitempty"`
-}
-
-// AddProjectCollaborator adds a collaborator to an organization project and sets
-// their permission level. You must be an organization owner or a project admin to add a collaborator.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/collaborators#add-project-collaborator
-func (s *ProjectsService) AddProjectCollaborator(ctx context.Context, id int64, username string, opts *ProjectCollaboratorOptions) (*Response, error) {
-	u := fmt.Sprintf("projects/%v/collaborators/%v", id, username)
-	req, err := s.client.NewRequest("PUT", u, opts)
-	if err != nil {
-		return nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// RemoveProjectCollaborator removes a collaborator from an organization project.
-// You must be an organization owner or a project admin to remove a collaborator.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/collaborators#remove-user-as-a-collaborator
-func (s *ProjectsService) RemoveProjectCollaborator(ctx context.Context, id int64, username string) (*Response, error) {
-	u := fmt.Sprintf("projects/%v/collaborators/%v", id, username)
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	return s.client.Do(ctx, req, nil)
-}
-
-// ListCollaboratorOptions specifies the optional parameters to the
-// ProjectsService.ListProjectCollaborators method.
-type ListCollaboratorOptions struct {
-	// Affiliation specifies how collaborators should be filtered by their affiliation.
-	// Possible values are:
-	//     "outside" - All outside collaborators of an organization-owned repository
-	//     "direct" - All collaborators with permissions to an organization-owned repository,
-	//              regardless of organization membership status
-	//     "all" - All collaborators the authenticated user can see
-	//
-	// Default value is "all".
-	Affiliation *string `url:"affiliation,omitempty"`
-
-	ListOptions
-}
-
-// ListProjectCollaborators lists the collaborators for an organization project. For a project,
-// the list of collaborators includes outside collaborators, organization members that are direct
-// collaborators, organization members with access through team memberships, organization members
-// with access through default organization permissions, and organization owners. You must be an
-// organization owner or a project admin to list collaborators.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/collaborators#list-project-collaborators
-func (s *ProjectsService) ListProjectCollaborators(ctx context.Context, id int64, opts *ListCollaboratorOptions) ([]*User, *Response, error) {
-	u := fmt.Sprintf("projects/%v/collaborators", id)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	var users []*User
-	resp, err := s.client.Do(ctx, req, &users)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return users, resp, nil
-}
-
-// ProjectPermissionLevel represents the permission level an organization
-// member has for a given project.
-type ProjectPermissionLevel struct {
-	// Possible values: "admin", "write", "read", "none"
-	Permission *string `json:"permission,omitempty"`
-
-	User *User `json:"user,omitempty"`
-}
-
-// ReviewProjectCollaboratorPermission returns the collaborator's permission level for an organization
-// project. Possible values for the permission key: "admin", "write", "read", "none".
-// You must be an organization owner or a project admin to review a user's permission level.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/collaborators#get-project-permission-for-a-user
-func (s *ProjectsService) ReviewProjectCollaboratorPermission(ctx context.Context, id int64, username string) (*ProjectPermissionLevel, *Response, error) {
-	u := fmt.Sprintf("projects/%v/collaborators/%v/permission", id, username)
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	ppl := new(ProjectPermissionLevel)
-	resp, err := s.client.Do(ctx, req, ppl)
-	if err != nil {
-		return nil, resp, err
-	}
-	return ppl, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/repos_actions_permissions.go b/vendor/github.com/google/go-github/v55/github/repos_actions_permissions.go
deleted file mode 100644
index 45f844cec0..0000000000
--- a/vendor/github.com/google/go-github/v55/github/repos_actions_permissions.go
+++ /dev/null
@@ -1,62 +0,0 @@
-// Copyright 2022 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// ActionsPermissionsRepository represents a policy for repositories and allowed actions in a repository.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions
-type ActionsPermissionsRepository struct {
-	Enabled            *bool   `json:"enabled,omitempty"`
-	AllowedActions     *string `json:"allowed_actions,omitempty"`
-	SelectedActionsURL *string `json:"selected_actions_url,omitempty"`
-}
-
-func (a ActionsPermissionsRepository) String() string {
-	return Stringify(a)
-}
-
-// GetActionsPermissions gets the GitHub Actions permissions policy for repositories and allowed actions in a repository.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#get-github-actions-permissions-for-a-repository
-func (s *RepositoriesService) GetActionsPermissions(ctx context.Context, owner, repo string) (*ActionsPermissionsRepository, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/permissions", owner, repo)
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	permissions := new(ActionsPermissionsRepository)
-	resp, err := s.client.Do(ctx, req, permissions)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return permissions, resp, nil
-}
-
-// EditActionsPermissions sets the permissions policy for repositories and allowed actions in a repository.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-github-actions-permissions-for-a-repository
-func (s *RepositoriesService) EditActionsPermissions(ctx context.Context, owner, repo string, actionsPermissionsRepository ActionsPermissionsRepository) (*ActionsPermissionsRepository, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/actions/permissions", owner, repo)
-	req, err := s.client.NewRequest("PUT", u, actionsPermissionsRepository)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	permissions := new(ActionsPermissionsRepository)
-	resp, err := s.client.Do(ctx, req, permissions)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return permissions, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/repos_projects.go b/vendor/github.com/google/go-github/v55/github/repos_projects.go
deleted file mode 100644
index a3001dee98..0000000000
--- a/vendor/github.com/google/go-github/v55/github/repos_projects.go
+++ /dev/null
@@ -1,69 +0,0 @@
-// Copyright 2017 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// ProjectListOptions specifies the optional parameters to the
-// OrganizationsService.ListProjects and RepositoriesService.ListProjects methods.
-type ProjectListOptions struct {
-	// Indicates the state of the projects to return. Can be either open, closed, or all. Default: open
-	State string `url:"state,omitempty"`
-
-	ListOptions
-}
-
-// ListProjects lists the projects for a repo.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/projects#list-repository-projects
-func (s *RepositoriesService) ListProjects(ctx context.Context, owner, repo string, opts *ProjectListOptions) ([]*Project, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/projects", owner, repo)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	var projects []*Project
-	resp, err := s.client.Do(ctx, req, &projects)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return projects, resp, nil
-}
-
-// CreateProject creates a GitHub Project for the specified repository.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/projects#create-a-repository-project
-func (s *RepositoriesService) CreateProject(ctx context.Context, owner, repo string, opts *ProjectOptions) (*Project, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/projects", owner, repo)
-	req, err := s.client.NewRequest("POST", u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept headers when APIs fully launch.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	project := &Project{}
-	resp, err := s.client.Do(ctx, req, project)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return project, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/repos_rules.go b/vendor/github.com/google/go-github/v55/github/repos_rules.go
deleted file mode 100644
index 7f964fe665..0000000000
--- a/vendor/github.com/google/go-github/v55/github/repos_rules.go
+++ /dev/null
@@ -1,464 +0,0 @@
-// Copyright 2023 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-)
-
-// BypassActor represents the bypass actors from a ruleset.
-type BypassActor struct {
-	ActorID *int64 `json:"actor_id,omitempty"`
-	// Possible values for ActorType are: RepositoryRole, Team, Integration, OrganizationAdmin
-	ActorType *string `json:"actor_type,omitempty"`
-	// Possible values for BypassMode are: always, pull_request
-	BypassMode *string `json:"bypass_mode,omitempty"`
-}
-
-// RulesetLink represents a single link object from GitHub ruleset request _links.
-type RulesetLink struct {
-	HRef *string `json:"href,omitempty"`
-}
-
-// RulesetLinks represents the "_links" object in a Ruleset.
-type RulesetLinks struct {
-	Self *RulesetLink `json:"self,omitempty"`
-}
-
-// RulesetRefConditionParameters represents the conditions object for ref_names.
-type RulesetRefConditionParameters struct {
-	Include []string `json:"include"`
-	Exclude []string `json:"exclude"`
-}
-
-// RulesetRepositoryNamesConditionParameters represents the conditions object for repository_names.
-type RulesetRepositoryNamesConditionParameters struct {
-	Include   []string `json:"include"`
-	Exclude   []string `json:"exclude"`
-	Protected *bool    `json:"protected,omitempty"`
-}
-
-// RulesetRepositoryIDsConditionParameters represents the conditions object for repository_ids.
-type RulesetRepositoryIDsConditionParameters struct {
-	RepositoryIDs []int64 `json:"repository_ids,omitempty"`
-}
-
-// RulesetCondition represents the conditions object in a ruleset.
-// Set either RepositoryName or RepositoryID, not both.
-type RulesetConditions struct {
-	RefName        *RulesetRefConditionParameters             `json:"ref_name,omitempty"`
-	RepositoryName *RulesetRepositoryNamesConditionParameters `json:"repository_name,omitempty"`
-	RepositoryID   *RulesetRepositoryIDsConditionParameters   `json:"repository_id,omitempty"`
-}
-
-// RulePatternParameters represents the rule pattern parameters.
-type RulePatternParameters struct {
-	Name *string `json:"name,omitempty"`
-	// If Negate is true, the rule will fail if the pattern matches.
-	Negate *bool `json:"negate,omitempty"`
-	// Possible values for Operator are: starts_with, ends_with, contains, regex
-	Operator string `json:"operator"`
-	Pattern  string `json:"pattern"`
-}
-
-// UpdateAllowsFetchAndMergeRuleParameters represents the update rule parameters.
-type UpdateAllowsFetchAndMergeRuleParameters struct {
-	UpdateAllowsFetchAndMerge bool `json:"update_allows_fetch_and_merge"`
-}
-
-// RequiredDeploymentEnvironmentsRuleParameters represents the required_deployments rule parameters.
-type RequiredDeploymentEnvironmentsRuleParameters struct {
-	RequiredDeploymentEnvironments []string `json:"required_deployment_environments"`
-}
-
-// PullRequestRuleParameters represents the pull_request rule parameters.
-type PullRequestRuleParameters struct {
-	DismissStaleReviewsOnPush      bool `json:"dismiss_stale_reviews_on_push"`
-	RequireCodeOwnerReview         bool `json:"require_code_owner_review"`
-	RequireLastPushApproval        bool `json:"require_last_push_approval"`
-	RequiredApprovingReviewCount   int  `json:"required_approving_review_count"`
-	RequiredReviewThreadResolution bool `json:"required_review_thread_resolution"`
-}
-
-// RuleRequiredStatusChecks represents the RequiredStatusChecks for the RequiredStatusChecksRuleParameters object.
-type RuleRequiredStatusChecks struct {
-	Context       string `json:"context"`
-	IntegrationID *int64 `json:"integration_id,omitempty"`
-}
-
-// RequiredStatusChecksRuleParameters represents the required_status_checks rule parameters.
-type RequiredStatusChecksRuleParameters struct {
-	RequiredStatusChecks             []RuleRequiredStatusChecks `json:"required_status_checks"`
-	StrictRequiredStatusChecksPolicy bool                       `json:"strict_required_status_checks_policy"`
-}
-
-// RepositoryRule represents a GitHub Rule.
-type RepositoryRule struct {
-	Type       string           `json:"type"`
-	Parameters *json.RawMessage `json:"parameters,omitempty"`
-}
-
-// UnmarshalJSON implements the json.Unmarshaler interface.
-// This helps us handle the fact that RepositoryRule parameter field can be of numerous types.
-func (r *RepositoryRule) UnmarshalJSON(data []byte) error {
-	type rule RepositoryRule
-	var RepositoryRule rule
-	if err := json.Unmarshal(data, &RepositoryRule); err != nil {
-		return err
-	}
-
-	r.Type = RepositoryRule.Type
-
-	switch RepositoryRule.Type {
-	case "creation", "deletion", "required_linear_history", "required_signatures", "non_fast_forward":
-		r.Parameters = nil
-	case "update":
-		if RepositoryRule.Parameters == nil {
-			r.Parameters = nil
-			return nil
-		}
-		params := UpdateAllowsFetchAndMergeRuleParameters{}
-		if err := json.Unmarshal(*RepositoryRule.Parameters, &params); err != nil {
-			return err
-		}
-
-		bytes, _ := json.Marshal(params)
-		rawParams := json.RawMessage(bytes)
-
-		r.Parameters = &rawParams
-
-	case "required_deployments":
-		params := RequiredDeploymentEnvironmentsRuleParameters{}
-		if err := json.Unmarshal(*RepositoryRule.Parameters, &params); err != nil {
-			return err
-		}
-
-		bytes, _ := json.Marshal(params)
-		rawParams := json.RawMessage(bytes)
-
-		r.Parameters = &rawParams
-	case "commit_message_pattern", "commit_author_email_pattern", "committer_email_pattern", "branch_name_pattern", "tag_name_pattern":
-		params := RulePatternParameters{}
-		if err := json.Unmarshal(*RepositoryRule.Parameters, &params); err != nil {
-			return err
-		}
-
-		bytes, _ := json.Marshal(params)
-		rawParams := json.RawMessage(bytes)
-
-		r.Parameters = &rawParams
-	case "pull_request":
-		params := PullRequestRuleParameters{}
-		if err := json.Unmarshal(*RepositoryRule.Parameters, &params); err != nil {
-			return err
-		}
-
-		bytes, _ := json.Marshal(params)
-		rawParams := json.RawMessage(bytes)
-
-		r.Parameters = &rawParams
-	case "required_status_checks":
-		params := RequiredStatusChecksRuleParameters{}
-		if err := json.Unmarshal(*RepositoryRule.Parameters, &params); err != nil {
-			return err
-		}
-
-		bytes, _ := json.Marshal(params)
-		rawParams := json.RawMessage(bytes)
-
-		r.Parameters = &rawParams
-	default:
-		r.Type = ""
-		r.Parameters = nil
-		return fmt.Errorf("RepositoryRule.Type %T is not yet implemented, unable to unmarshal", RepositoryRule.Type)
-	}
-
-	return nil
-}
-
-// NewCreationRule creates a rule to only allow users with bypass permission to create matching refs.
-func NewCreationRule() (rule *RepositoryRule) {
-	return &RepositoryRule{
-		Type: "creation",
-	}
-}
-
-// NewUpdateRule creates a rule to only allow users with bypass permission to update matching refs.
-func NewUpdateRule(params *UpdateAllowsFetchAndMergeRuleParameters) (rule *RepositoryRule) {
-	if params != nil {
-		bytes, _ := json.Marshal(params)
-
-		rawParams := json.RawMessage(bytes)
-
-		return &RepositoryRule{
-			Type:       "update",
-			Parameters: &rawParams,
-		}
-	}
-	return &RepositoryRule{
-		Type: "update",
-	}
-}
-
-// NewDeletionRule creates a rule to only allow users with bypass permissions to delete matching refs.
-func NewDeletionRule() (rule *RepositoryRule) {
-	return &RepositoryRule{
-		Type: "deletion",
-	}
-}
-
-// NewRequiredLinearHistoryRule creates a rule to prevent merge commits from being pushed to matching branches.
-func NewRequiredLinearHistoryRule() (rule *RepositoryRule) {
-	return &RepositoryRule{
-		Type: "required_linear_history",
-	}
-}
-
-// NewRequiredDeploymentsRule creates a rule to require environments to be successfully deployed before they can be merged into the matching branches.
-func NewRequiredDeploymentsRule(params *RequiredDeploymentEnvironmentsRuleParameters) (rule *RepositoryRule) {
-	bytes, _ := json.Marshal(params)
-
-	rawParams := json.RawMessage(bytes)
-
-	return &RepositoryRule{
-		Type:       "required_deployments",
-		Parameters: &rawParams,
-	}
-}
-
-// NewRequiredSignaturesRule creates a rule a to require commits pushed to matching branches to have verified signatures.
-func NewRequiredSignaturesRule() (rule *RepositoryRule) {
-	return &RepositoryRule{
-		Type: "required_signatures",
-	}
-}
-
-// NewPullRequestRule creates a rule to require all commits be made to a non-target branch and submitted via a pull request before they can be merged.
-func NewPullRequestRule(params *PullRequestRuleParameters) (rule *RepositoryRule) {
-	bytes, _ := json.Marshal(params)
-
-	rawParams := json.RawMessage(bytes)
-
-	return &RepositoryRule{
-		Type:       "pull_request",
-		Parameters: &rawParams,
-	}
-}
-
-// NewRequiredStatusChecksRule creates a rule to require which status checks must pass before branches can be merged into a branch rule.
-func NewRequiredStatusChecksRule(params *RequiredStatusChecksRuleParameters) (rule *RepositoryRule) {
-	bytes, _ := json.Marshal(params)
-
-	rawParams := json.RawMessage(bytes)
-
-	return &RepositoryRule{
-		Type:       "required_status_checks",
-		Parameters: &rawParams,
-	}
-}
-
-// NewNonFastForwardRule creates a rule as part to prevent users with push access from force pushing to matching branches.
-func NewNonFastForwardRule() (rule *RepositoryRule) {
-	return &RepositoryRule{
-		Type: "non_fast_forward",
-	}
-}
-
-// NewCommitMessagePatternRule creates a rule to restrict commit message patterns being pushed to matching branches.
-func NewCommitMessagePatternRule(params *RulePatternParameters) (rule *RepositoryRule) {
-	bytes, _ := json.Marshal(params)
-
-	rawParams := json.RawMessage(bytes)
-
-	return &RepositoryRule{
-		Type:       "commit_message_pattern",
-		Parameters: &rawParams,
-	}
-}
-
-// NewCommitAuthorEmailPatternRule creates a rule to restrict commits with author email patterns being merged into matching branches.
-func NewCommitAuthorEmailPatternRule(params *RulePatternParameters) (rule *RepositoryRule) {
-	bytes, _ := json.Marshal(params)
-
-	rawParams := json.RawMessage(bytes)
-
-	return &RepositoryRule{
-		Type:       "commit_author_email_pattern",
-		Parameters: &rawParams,
-	}
-}
-
-// NewCommitterEmailPatternRule creates a rule to restrict commits with committer email patterns being merged into matching branches.
-func NewCommitterEmailPatternRule(params *RulePatternParameters) (rule *RepositoryRule) {
-	bytes, _ := json.Marshal(params)
-
-	rawParams := json.RawMessage(bytes)
-
-	return &RepositoryRule{
-		Type:       "committer_email_pattern",
-		Parameters: &rawParams,
-	}
-}
-
-// NewBranchNamePatternRule creates a rule to restrict branch patterns from being merged into matching branches.
-func NewBranchNamePatternRule(params *RulePatternParameters) (rule *RepositoryRule) {
-	bytes, _ := json.Marshal(params)
-
-	rawParams := json.RawMessage(bytes)
-
-	return &RepositoryRule{
-		Type:       "branch_name_pattern",
-		Parameters: &rawParams,
-	}
-}
-
-// NewTagNamePatternRule creates a rule to restrict tag patterns contained in non-target branches from being merged into matching branches.
-func NewTagNamePatternRule(params *RulePatternParameters) (rule *RepositoryRule) {
-	bytes, _ := json.Marshal(params)
-
-	rawParams := json.RawMessage(bytes)
-
-	return &RepositoryRule{
-		Type:       "tag_name_pattern",
-		Parameters: &rawParams,
-	}
-}
-
-// Ruleset represents a GitHub ruleset object.
-type Ruleset struct {
-	ID   *int64 `json:"id,omitempty"`
-	Name string `json:"name"`
-	// Possible values for Target are branch, tag
-	Target *string `json:"target,omitempty"`
-	// Possible values for SourceType are: Repository, Organization
-	SourceType *string `json:"source_type,omitempty"`
-	Source     string  `json:"source"`
-	// Possible values for Enforcement are: disabled, active, evaluate
-	Enforcement  string             `json:"enforcement"`
-	BypassActors []*BypassActor     `json:"bypass_actors,omitempty"`
-	NodeID       *string            `json:"node_id,omitempty"`
-	Links        *RulesetLinks      `json:"_links,omitempty"`
-	Conditions   *RulesetConditions `json:"conditions,omitempty"`
-	Rules        []*RepositoryRule  `json:"rules,omitempty"`
-}
-
-// GetRulesForBranch gets all the rules that apply to the specified branch.
-//
-// GitHub API docs: https://docs.github.com/en/rest/repos/rules#get-rules-for-a-branch
-func (s *RepositoriesService) GetRulesForBranch(ctx context.Context, owner, repo, branch string) ([]*RepositoryRule, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/rules/branches/%v", owner, repo, branch)
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var rules []*RepositoryRule
-	resp, err := s.client.Do(ctx, req, &rules)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return rules, resp, nil
-}
-
-// GetAllRulesets gets all the rules that apply to the specified repository.
-// If includesParents is true, rulesets configured at the organization level that apply to the repository will be returned.
-//
-// GitHub API docs: https://docs.github.com/en/rest/repos/rules#get-all-repository-rulesets
-func (s *RepositoriesService) GetAllRulesets(ctx context.Context, owner, repo string, includesParents bool) ([]*Ruleset, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/rulesets?includes_parents=%v", owner, repo, includesParents)
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var ruleset []*Ruleset
-	resp, err := s.client.Do(ctx, req, &ruleset)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return ruleset, resp, nil
-}
-
-// CreateRuleset creates a ruleset for the specified repository.
-//
-// GitHub API docs: https://docs.github.com/en/rest/repos/rules#create-a-repository-ruleset
-func (s *RepositoriesService) CreateRuleset(ctx context.Context, owner, repo string, rs *Ruleset) (*Ruleset, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/rulesets", owner, repo)
-
-	req, err := s.client.NewRequest("POST", u, rs)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var ruleset *Ruleset
-	resp, err := s.client.Do(ctx, req, &ruleset)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return ruleset, resp, nil
-}
-
-// GetRuleset gets a ruleset for the specified repository.
-// If includesParents is true, rulesets configured at the organization level that apply to the repository will be returned.
-//
-// GitHub API docs: https://docs.github.com/en/rest/repos/rules#get-a-repository-ruleset
-func (s *RepositoriesService) GetRuleset(ctx context.Context, owner, repo string, rulesetID int64, includesParents bool) (*Ruleset, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/rulesets/%v?includes_parents=%v", owner, repo, rulesetID, includesParents)
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var ruleset *Ruleset
-	resp, err := s.client.Do(ctx, req, &ruleset)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return ruleset, resp, nil
-}
-
-// UpdateRuleset updates a ruleset for the specified repository.
-//
-// GitHub API docs: https://docs.github.com/en/rest/repos/rules#update-a-repository-ruleset
-func (s *RepositoriesService) UpdateRuleset(ctx context.Context, owner, repo string, rulesetID int64, rs *Ruleset) (*Ruleset, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/rulesets/%v", owner, repo, rulesetID)
-
-	req, err := s.client.NewRequest("PUT", u, rs)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var ruleset *Ruleset
-	resp, err := s.client.Do(ctx, req, &ruleset)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return ruleset, resp, nil
-}
-
-// DeleteRuleset deletes a ruleset for the specified repository.
-//
-// GitHub API docs: https://docs.github.com/en/rest/repos/rules#delete-a-repository-ruleset
-func (s *RepositoriesService) DeleteRuleset(ctx context.Context, owner, repo string, rulesetID int64) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/rulesets/%v", owner, repo, rulesetID)
-
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(ctx, req, nil)
-}
diff --git a/vendor/github.com/google/go-github/v55/github/security_advisories.go b/vendor/github.com/google/go-github/v55/github/security_advisories.go
deleted file mode 100644
index a75fce54d9..0000000000
--- a/vendor/github.com/google/go-github/v55/github/security_advisories.go
+++ /dev/null
@@ -1,37 +0,0 @@
-// Copyright 2023 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-type SecurityAdvisoriesService service
-
-// RequestCVE requests a Common Vulnerabilities and Exposures (CVE) for a repository security advisory.
-// The ghsaID is the GitHub Security Advisory identifier of the advisory.
-//
-// GitHub API docs: https://docs.github.com/en/rest/security-advisories/repository-advisories#request-a-cve-for-a-repository-security-advisory
-func (s *SecurityAdvisoriesService) RequestCVE(ctx context.Context, owner, repo, ghsaID string) (*Response, error) {
-	url := fmt.Sprintf("repos/%v/%v/security-advisories/%v/cve", owner, repo, ghsaID)
-
-	req, err := s.client.NewRequest("POST", url, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	resp, err := s.client.Do(ctx, req, nil)
-	if err != nil {
-		if _, ok := err.(*AcceptedError); ok {
-			return resp, nil
-		}
-
-		return resp, err
-	}
-
-	return resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/github/users_projects.go b/vendor/github.com/google/go-github/v55/github/users_projects.go
deleted file mode 100644
index 0cbd61f923..0000000000
--- a/vendor/github.com/google/go-github/v55/github/users_projects.go
+++ /dev/null
@@ -1,68 +0,0 @@
-// Copyright 2019 The go-github AUTHORS. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package github
-
-import (
-	"context"
-	"fmt"
-)
-
-// ListProjects lists the projects for the specified user.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/projects#list-user-projects
-func (s *UsersService) ListProjects(ctx context.Context, user string, opts *ProjectListOptions) ([]*Project, *Response, error) {
-	u := fmt.Sprintf("users/%v/projects", user)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	var projects []*Project
-	resp, err := s.client.Do(ctx, req, &projects)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return projects, resp, nil
-}
-
-// CreateUserProjectOptions specifies the parameters to the UsersService.CreateProject method.
-type CreateUserProjectOptions struct {
-	// The name of the project. (Required.)
-	Name string `json:"name"`
-	// The description of the project. (Optional.)
-	Body *string `json:"body,omitempty"`
-}
-
-// CreateProject creates a GitHub Project for the current user.
-//
-// GitHub API docs: https://docs.github.com/en/rest/projects/projects#create-a-user-project
-func (s *UsersService) CreateProject(ctx context.Context, opts *CreateUserProjectOptions) (*Project, *Response, error) {
-	u := "user/projects"
-	req, err := s.client.NewRequest("POST", u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// TODO: remove custom Accept header when this API fully launches.
-	req.Header.Set("Accept", mediaTypeProjectsPreview)
-
-	project := &Project{}
-	resp, err := s.client.Do(ctx, req, project)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return project, resp, nil
-}
diff --git a/vendor/github.com/google/go-github/v55/AUTHORS b/vendor/github.com/google/go-github/v72/AUTHORS
similarity index 88%
rename from vendor/github.com/google/go-github/v55/AUTHORS
rename to vendor/github.com/google/go-github/v72/AUTHORS
index 74a21dc604..a6104ffa9a 100644
--- a/vendor/github.com/google/go-github/v55/AUTHORS
+++ b/vendor/github.com/google/go-github/v72/AUTHORS
@@ -13,10 +13,14 @@
 413x <dedifferentiator@gmail.com>
 6543 <6543@obermui.de>
 Abed Kibbe <abed.kibbe@gmail.com>
+Abhijit Hota <abhihota025@gmail.com>
 Abhinav Gupta <mail@abhinavg.net>
+abhishek <abhishek@exaforce.com>
+Abhishek Sharma <abhishekbiyala@gmail.com>
 Abhishek Veeramalla <abhishek.veeramalla@gmail.com>
 aboy <b1011211@gmail.com>
 Adam Kohring <ajkohring@gmail.com>
+Aditya Mahendrakar <a.mahendrakar@yahoo.com>
 adrienzieba <adrien.zieba@appdirect.com>
 afdesk <work@afdesk.com>
 Ahmad Nurus S <ahmadnurus.sh@gmail.com>
@@ -35,19 +39,26 @@ Alex Orr <Alexorr.CSE@gmail.com>
 Alex Su <alexsu@17.media>
 Alex Unger <zyxancf@gmail.com>
 Alexander Harkness <me@bearbin.net>
+Alexey Alekhin <laughedelic@gmail.com>
+Alexis Couvreur <alexiscouvreur.pro@gmail.com>
 Alexis Gauthiez <alexis.gauthiez@gmail.com>
 Ali Farooq <ali.farooq0@pm.me>
+Alin Balutoiu <alinbalutoiu@gmail.com>
 Allan Guwatudde <guwats10@gmail.com>
 Allen Sun <shlallen1990@gmail.com>
 Amey Sakhadeo <me@ameyms.com>
 Anders Janmyr <anders@janmyr.com>
+Andreas Deininger <andreas@deininger.net>
 Andreas Garnæs <https://github.com/andreas>
+Andrew Gillis <gillis.andrew@gmail.com>
 Andrew Ryabchun <aryabchun@mail.ua>
 Andrew Svoboda <svoboda.andrew@gmail.com>
+Andriyun <andriy.yun@gmail.com>
 Andy Grunwald <andygrunwald@gmail.com>
 Andy Hume <andyhume@gmail.com>
 Andy Lindeman <andy@lindeman.io>
 angie pinilla <angelinepinilla@gmail.com>
+Anish Rajan <anishrajan2708@gmail.com>
 anjanashenoy <anjanashenoy1@gmail.com>
 Anshuman Bhartiya <anshuman.bhartiya@gmail.com>
 Antoine <antoine.tu@mail.mcgill.ca>
@@ -59,6 +70,7 @@ aprp <doelaudi@gmail.com>
 apurwaj2 <apurwaj2@gmail.com>
 Aravind <aravindkp@outlook.in>
 Arda Kuyumcu <kuyumcuarda@gmail.com>
+Ary <arylmoraesn@hotmail.com>
 Arıl Bozoluk <arilbozoluk@hotmail.com>
 Asier Marruedo <asiermarruedo@gmail.com>
 Austin Burdine <acburdine@gmail.com>
@@ -66,9 +78,11 @@ Austin Dizzy <dizzy@wow.com>
 Azuka Okuleye <azuka@zatechcorp.com>
 Ben Batha <bhbatha@gmail.com>
 Benjamen Keroack <benjamen@dollarshaveclub.com>
+Benjamin Nater <benjamin@nater.net>
 Berkay Tacyildiz <berkaytacyildiz@gmail.com>
 Beshr Kayali <beshrkayali@gmail.com>
 Beyang Liu <beyang.liu@gmail.com>
+billnapier <napier@pobox.com>
 Billy Keyes <bluekeyes@gmail.com>
 Billy Lynch <wlynch92@gmail.com>
 Bingtan Lu <lubingtan@126.com>
@@ -93,11 +107,13 @@ Cami Diez <diezcami@gmail.com>
 Carl Johnson <me@carlmjohnson.net>
 Carlos Alexandro Becker <caarlos0@gmail.com>
 Carlos Tadeu Panato Junior <ctadeu@gmail.com>
+Casey <casey.duquette@snapchat.com>
 ChandanChainani <chainanichan@gmail.com>
 chandresh-pancholi <chandreshpancholi007@gmail.com>
 Charles Fenwick Elliott <Charles@FenwickElliott.io>
 Charlie Yan <charlieyan08@gmail.com>
 Chmouel Boudjnah <chmouel@chmouel.com>
+Chris Allen Lane <chris@chris-allen-lane.com>
 Chris King <chriskingnet@gmail.com>
 Chris Mc <prince.chrismc@gmail.com>
 Chris Raborg <craborg57@gmail.com>
@@ -109,6 +125,7 @@ Christian Muehlhaeuser <muesli@gmail.com>
 Christoph Jerolimov <jerolimov@gmail.com>
 Christoph Sassenberg <defsprite@gmail.com>
 CI Monk <ci-monk@protonmail.com>
+Clemens W <Clemens.wijnekus@nordnet.se>
 Colin Misare <github.com/cmisare>
 Craig Gumbley <craiggumbley@gmail.com>
 Craig Peterson <cpeterson@stackoverflow.com>
@@ -137,6 +154,7 @@ DeviousLab <deviouslab@gmail.com>
 Dhi Aurrahman <diorahman@rockybars.com>
 Diego Lapiduz <diego.lapiduz@cfpb.gov>
 Diogo Vilela <be0x74a@gmail.com>
+Dion Gionet Mallet <dionmallet@hotmail.com>
 Dmitri Shuralyov <shurcooL@gmail.com>
 dmnlk <seikima2demon@gmail.com>
 Don Petersen <don@donpetersen.net>
@@ -149,10 +167,14 @@ Eli Uriegas <seemethere101@gmail.com>
 Elliott Beach <elliott2.71828@gmail.com>
 Emerson Wood <emersonwood94@gmail.com>
 Emil V <emil.vaagland@schibsted.com>
+Emma Sax <esselbach_briley@simplelogin.com>
 Eng Zer Jun <engzerjun@gmail.com>
+Enrico Candino <enrico.candino@gmail.com>
 eperm <staffordworrell@gmail.com>
 Erick Fejta <erick@fejta.com>
+Erik Elkins <erik.elkins@outlook.com>
 Erik Nobel <hendrik.nobel@transferwise.com>
+Erwan Finot <finot.erwan@gmail.com>
 erwinvaneyk <erwinvaneyk@gmail.com>
 Evan Anderson <evan.k.anderson@gmail.com>
 Evan Elias <evanjelias@gmail.com>
@@ -163,6 +185,7 @@ Federico Di Pierro <nierro92@gmail.com>
 Felix Geisendörfer <felix@debuggable.com>
 Filippo Valsorda <hi@filippo.io>
 Florian Forster <ff@octo.it>
+Florian Maier <florianmaier101178@gmail.com>
 Florian Wagner <h2floh@github.com>
 Francesc Gil <xescugil@gmail.com>
 Francis <hello@francismakes.com>
@@ -178,6 +201,7 @@ Glen Mailer <glenjamin@gmail.com>
 Gnahz <p@oath.pl>
 Google Inc.
 Grachev Mikhail <work@mgrachev.com>
+Gregory Oschwald <oschwald@gmail.com>
 griffin_stewie <panterathefamilyguy@gmail.com>
 guangwu <guoguangwu@magic-shield.com>
 Guillaume Jacquet <guillaume.jacquet@gmail.com>
@@ -188,6 +212,7 @@ Hari haran <hariharan.uno@gmail.com>
 Harikesh00 <prajapatiharikesh16@gmail.com>
 haya14busa <haya14busa@gmail.com>
 haya14busa <hayabusa1419@gmail.com>
+Henrik Lundström <henrik94lundstrom@gmail.com>
 Hiroki Ito <hiroki.ito.dev@gmail.com>
 Hubot Jr <rreichel3@github.com>
 Huy Tr <kingbazoka@gmail.com>
@@ -200,8 +225,10 @@ Ioannis Georgoulas <igeorgoulas21@gmail.com>
 Isao Jonas <isao.jonas@gmail.com>
 ishan upadhyay <ishanupadhyay412@gmail.com>
 isqua <isqua@isqua.ru>
+Ivan Martos <martos.ivan@gmail.com>
 Jacob Valdemar <jan@lunar.app>
 Jake Krammer <jake.krammer1@gmail.com>
+Jake Scaltreto <jake.scaltreto@circle.com>
 Jake White <jake@jwhite.network>
 Jameel Haffejee <RC1140@republiccommandos.co.za>
 James Bowes <jbowes@repl.ca>
@@ -210,6 +237,7 @@ James Loh <github@jloh.co>
 James Maguire <jvm986@gmail.com>
 James Turley <jamesturley1905@googlemail.com>
 Jamie West <jamieianwest@hotmail.com>
+Jan Guth <Jan.Guth@gmail.com>
 Jan Kosecki <jan.kosecki91@gmail.com>
 Jan Švábík <jansvabik@jansvabik.cz>
 Jason Field <Jason@avon-lea.co.uk>
@@ -224,6 +252,7 @@ Jihoon Chung <j.c@navercorp.com>
 Jille Timmermans <jille@quis.cx>
 Jimmi Dyson <jimmidyson@gmail.com>
 Joan Saum <joan.saum@epitech.eu>
+JoannaaKL <joannaakl@github.com>
 Joe Tsai <joetsai@digital-static.net>
 John Barton <jrbarton@gmail.com>
 John Engelman <john.r.engelman@gmail.com>
@@ -232,6 +261,7 @@ John Liu <john.liu@mongodb.com>
 Jordan Brockopp <jdbro94@gmail.com>
 Jordan Burandt <jordanburandt@gmail.com>
 Jordan Sussman <jordansail22@gmail.com>
+Jorge Ferrero <jorgeferrerolinacero@gmail.com>
 Jorge Gómez Reus <j-g1996@live.com>
 Joshua Bezaleel Abednego <joshua.bezaleel@gmail.com>
 João Cerqueira <joao@cerqueira.io>
@@ -240,6 +270,7 @@ jpbelanger-mtl <jp.belanger@gmail.com>
 Juan <juan.rios.28@gmail.com>
 Juan Basso <jrbasso@gmail.com>
 Julien Garcia Gonzalez <garciagonzalez.julien@gmail.com>
+Julien Midedji <Julien.Midedji@gmail.com>
 Julien Rostand <jrostand@users.noreply.github.com>
 Junya Kono <junya03dance@gmail.com>
 Justin Abrahms <justin@abrah.ms>
@@ -257,6 +288,7 @@ Kevin Burke <kev@inburke.com>
 Kevin Wang <kwangsan@gmail.com>
 Kevin Zhao <kzhao@lyft.com>
 kgalli <mail@kgalli.de>
+Khanh Ngo <k@ndk.name>
 Kirill <g4s8.public@gmail.com>
 Konrad Malawski <konrad.malawski@project13.pl>
 Kookheon Kwon <kucuny@gmail.com>
@@ -266,10 +298,12 @@ Kshitij Saraogi <KshitijSaraogi@gmail.com>
 Kumar Saurabh <itsksaurabh@gmail.com>
 Kyle Kurz <kyle@doublekaudio.com>
 kyokomi <kyoko1220adword@gmail.com>
+Lachlan Cooper <lachlancooper@gmail.com>
 Lars Lehtonen <lars.lehtonen@gmail.com>
 Laurent Verdoïa <verdoialaurent@gmail.com>
 leopoldwang <leopold.wang@gmail.com>
 Liam Galvin <liam@liam-galvin.co.uk>
+Liam Stanley <liam@liam.sh>
 Lluis Campos <lluis.campos@northern.tech>
 Lovro Mažgon <lovro.mazgon@gmail.com>
 Loïs Postula <lois@postu.la>
@@ -283,6 +317,8 @@ Luke Kysow <lkysow@gmail.com>
 Luke Roberts <email@luke-roberts.co.uk>
 Luke Young <luke@hydrantlabs.org>
 lynn [they] <lynncyrin@gmail.com>
+Léo Salé <leo.sale@datadoghq.com>
+M. Ryan Rigdon <mr.rigdon@gmail.com>
 Magnus Kulke <mkulke@gmail.com>
 Maksim Zhylinski <uzzable@gmail.com>
 Marc Binder <marcandrebinder@gmail.com>
@@ -294,6 +330,7 @@ Martins Sipenko <martins.sipenko@gmail.com>
 Marwan Sulaiman <marwan.sameer@gmail.com>
 Masayuki Izumi <m@izum.in>
 Mat Geist <matgeist@gmail.com>
+Matheus Santos Araújo <wenked.matheus@yahoo.com.br>
 Matija Horvat <horvat2112@gmail.com>
 Matin Rahmanian <itsmatinx@gmail.com>
 Matt <alpmatthew@gmail.com>
@@ -301,8 +338,10 @@ Matt Brender <mjbrender@gmail.com>
 Matt Dainty <matt@bodgit-n-scarper.com>
 Matt Gaunt <matt@gauntface.co.uk>
 Matt Landis <landis.matt@gmail.com>
+Matt Mencel <matt@techminer.net>
 Matt Moore <mattmoor@vmware.com>
 Matt Simons <mattsimons@ntlworld.com>
+Matthew Reidy <matthewreidy5@gmail.com>
 Maxime Bury <maxime.bury@gmail.com>
 Michael Meng <mmeng@lyft.com>
 Michael Spiegel <michael.m.spiegel@gmail.com>
@@ -311,8 +350,12 @@ Michał Glapa <michal.glapa@gmail.com>
 Michelangelo Morrillo <michelangelo@morrillo.it>
 Miguel Elias dos Santos <migueleliasweb@gmail.com>
 Mike Chen <mchen300@gmail.com>
+Miles Crabill <miles@milescrabill.com>
+Mishin Nikolai <sanduku.default@gmail.com>
 mohammad ali <2018cs92@student.uet.edu.pk>
 Mohammed AlDujaili <avainer11@gmail.com>
+Mohammed Nafees <hello@mnafees.me>
+Mudit <zeusdeux@gmail.com>
 Mukundan Senthil <mukundan314@gmail.com>
 Munia Balayil <munia.247@gmail.com>
 Mustafa Abban <mustafaabban@utexas.edu>
@@ -320,20 +363,25 @@ Nadav Kaner <nadavkaner1@gmail.com>
 Naoki Kanatani <k12naoki@gmail.com>
 Nathan VanBenschoten <nvanbenschoten@gmail.com>
 Navaneeth Suresh <navaneeths1998@gmail.com>
+Nayeem Hasan <nayeemhasan.nh01@gmail.com>
 Neal Caffery <neal1991@sina.com>
 Neil O'Toole <neilotoole@apache.org>
+Nicholas Herring <oss@hakshak.com>
 Nick Miyake <nmiyake@palantir.com>
 Nick Platt <hello@nickplatt.co.uk>
 Nick Spragg <nick.spragg@bbc.co.uk>
 Nicolas Chapurlat <nc@coorganix.com>
 Nikhita Raghunath <nikitaraghunath@gmail.com>
+Nikita Pivkin <nikita.pivkin@smartforce.io>
 Nilesh Singh <nilesh.singh24@outlook.com>
 Noah Hanjun Lee <noah.lee@buzzvil.com>
 Noah Zoschke <noah+sso2@convox.com>
+Noble Varghese <noblekvarghese96@gmail.com>
 ns-cweber <cweber@narrativescience.com>
 nxya <nathacutlan@gmail.com>
 Ole Orhagen <ole.orhagen@northern.tech>
 Oleg Kovalov <iamolegkovalov@gmail.com>
+Oleksandr Redko <oleksandr.red+github@gmail.com>
 Ondřej Kupka <ondra.cap@gmail.com>
 Ori Talmor <talmorori@gmail.com>
 Osama Faqhruldin <onfaqhru@gmail.com>
@@ -357,6 +405,7 @@ Pierce McEntagart <pierce@nightfall.ai>
 Pierre Carrier <pierre@meteor.com>
 Piotr Zurek <p.zurek@gmail.com>
 Piyush Chugh <piyushchugh1993@gmail.com>
+Pj Meyer <peej.meyer@gmail.com>
 Pratik Mallya <pratik.mallya@gmail.com>
 Qais Patankar <qaisjp@gmail.com>
 Quang Le Hong <iamquang95@gmail.com>
@@ -369,6 +418,7 @@ Rafael Aramizu Gomes <rafael.aramizu@mercadolivre.com>
 Rajat Jindal <rajatjindal83@gmail.com>
 Rajendra arora <rajendraarora16@yahoo.com>
 Rajkumar <princegosavi12@gmail.com>
+Ramesh Gaikwad <rameshgkwd05@gmail.com>
 Ranbir Singh <binkkatal.r@gmail.com>
 Ravi Shekhar Jethani <rsjethani@gmail.com>
 RaviTeja Pothana <ravi-teja@live.com>
@@ -378,18 +428,23 @@ Reetuparna Mukherjee <reetuparna.1988@gmail.com>
 reeves122 <reeves122@gmail.com>
 Reinier Timmer <reinier.timmer@ah.nl>
 Renjith R <renjithr201097@gmail.com>
+Rez Moss <hi@rezmoss.com>
+Riaje <francois@mbfr.fr>
 Ricco Førgaard <ricco@fiskeben.dk>
 Richard de Vries <richard.de.vries@topicus.nl>
 Rob Figueiredo <robfig@yext.com>
 Rohit Upadhyay <urohit011@gmail.com>
 Rojan Dinc <rojand94@gmail.com>
+Roming22 <roming22@gmail.com>
 Ronak Jain <ronakjain@outlook.in>
 Ronan Pelliard <ronan.pelliard@datadoghq.com>
 Ross Gustafson <srgustafson8@icloud.com>
 Ruben Vereecken <rubenvereecken@gmail.com>
+Rufina Talalaeva <rufusnorbert14@gmail.com>
 Russell Boley <raboley@gmail.com>
 Ryan Leung <rleungx@gmail.com>
 Ryan Lower <rpjlower@gmail.com>
+Ryan Skidmore <github@ryanskidmore.co.uk>
 Ryo Nakao <nakabonne@gmail.com>
 Saaarah <sarah.liusy@gmail.com>
 Safwan Olaimat <safwan.olaimat@gmail.com>
@@ -426,10 +481,12 @@ SoundCloud, Ltd.
 Sridhar Mocherla <srmocher@microsoft.com>
 SriVignessh Pss <sriknowledge@gmail.com>
 Stefan Sedich <stefan.sedich@gmail.com>
+Steve Hipwell <steve.hipwell@gmail.com>
 Steve Teuber <github@steveteuber.com>
 Stian Eikeland <stian@eikeland.se>
 Suhaib Mujahid <suhaibmujahid@gmail.com>
 sushmita wable <sw09007@gmail.com>
+Sven Palberg <oss@palberg.de>
 Szymon Kodrebski <simonkey007@gmail.com>
 Søren Hansen <soren@dinero.dk>
 T.J. Corrigan <tjcorr@github.com>
@@ -450,6 +507,9 @@ Tingluo Huang <tingluohuang@github.com>
 tkhandel <tarunkhandelwal.iitr@gmail.com>
 Tobias Gesellchen <tobias@gesellix.de>
 Tom Payne <twpayne@gmail.com>
+Tomasz Adam Skrzypczak <tomasz.adam.skrzypczak@protonmail.com>
+tomfeigin <tom.feigin@gmail.com>
+Travis Tomsu <travis.tomsu@gmail.com>
 Trey Tacon <ttacon@gmail.com>
 tsbkw <tsbkw0@gmail.com>
 ttacon <ttacon@gmail.com>
@@ -481,6 +541,7 @@ Yurii Soldak <ysoldak@gmail.com>
 Yusef Mohamadi <yuseferi@gmail.com>
 Yusuke Kuoka <ykuoka@gmail.com>
 Zach Latta <zach@zachlatta.com>
+Ze Peng <zehui.peng@circle.com>
 zhouhaibing089 <zhouhaibing089@gmail.com>
 六开箱 <lkxed@outlook.com>
 缘生 <i@ysicing.me>
diff --git a/vendor/github.com/google/go-github/v55/LICENSE b/vendor/github.com/google/go-github/v72/LICENSE
similarity index 100%
rename from vendor/github.com/google/go-github/v55/LICENSE
rename to vendor/github.com/google/go-github/v72/LICENSE
diff --git a/vendor/github.com/google/go-github/v55/github/actions.go b/vendor/github.com/google/go-github/v72/github/actions.go
similarity index 83%
rename from vendor/github.com/google/go-github/v55/github/actions.go
rename to vendor/github.com/google/go-github/v72/github/actions.go
index 8d552f2d0d..4b88a1e114 100644
--- a/vendor/github.com/google/go-github/v55/github/actions.go
+++ b/vendor/github.com/google/go-github/v72/github/actions.go
@@ -8,5 +8,5 @@ package github
 // ActionsService handles communication with the actions related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/
+// GitHub API docs: https://docs.github.com/rest/actions/
 type ActionsService service
diff --git a/vendor/github.com/google/go-github/v55/github/actions_artifacts.go b/vendor/github.com/google/go-github/v72/github/actions_artifacts.go
similarity index 64%
rename from vendor/github.com/google/go-github/v55/github/actions_artifacts.go
rename to vendor/github.com/google/go-github/v72/github/actions_artifacts.go
index 441a53910e..2b560fa05d 100644
--- a/vendor/github.com/google/go-github/v55/github/actions_artifacts.go
+++ b/vendor/github.com/google/go-github/v72/github/actions_artifacts.go
@@ -14,7 +14,7 @@ import (
 
 // ArtifactWorkflowRun represents a GitHub artifact's workflow run.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/artifacts
+// GitHub API docs: https://docs.github.com/rest/actions/artifacts
 type ArtifactWorkflowRun struct {
 	ID               *int64  `json:"id,omitempty"`
 	RepositoryID     *int64  `json:"repository_id,omitempty"`
@@ -27,7 +27,7 @@ type ArtifactWorkflowRun struct {
 // data between jobs in a workflow and provide storage for data
 // once a workflow is complete.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/artifacts
+// GitHub API docs: https://docs.github.com/rest/actions/artifacts
 type Artifact struct {
 	ID                 *int64               `json:"id,omitempty"`
 	NodeID             *string              `json:"node_id,omitempty"`
@@ -44,16 +44,28 @@ type Artifact struct {
 
 // ArtifactList represents a list of GitHub artifacts.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/artifacts#artifacts
+// GitHub API docs: https://docs.github.com/rest/actions/artifacts#artifacts
 type ArtifactList struct {
 	TotalCount *int64      `json:"total_count,omitempty"`
 	Artifacts  []*Artifact `json:"artifacts,omitempty"`
 }
 
+// ListArtifactsOptions specifies the optional parameters to the
+// ActionsService.ListArtifacts method.
+type ListArtifactsOptions struct {
+	// Name represents the name field of an artifact.
+	// When specified, only artifacts with this name will be returned.
+	Name *string `url:"name,omitempty"`
+
+	ListOptions
+}
+
 // ListArtifacts lists all artifacts that belong to a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/artifacts#list-artifacts-for-a-repository
-func (s *ActionsService) ListArtifacts(ctx context.Context, owner, repo string, opts *ListOptions) (*ArtifactList, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/actions/artifacts#list-artifacts-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/artifacts
+func (s *ActionsService) ListArtifacts(ctx context.Context, owner, repo string, opts *ListArtifactsOptions) (*ArtifactList, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/artifacts", owner, repo)
 	u, err := addOptions(u, opts)
 	if err != nil {
@@ -76,7 +88,9 @@ func (s *ActionsService) ListArtifacts(ctx context.Context, owner, repo string,
 
 // ListWorkflowRunArtifacts lists all artifacts that belong to a workflow run.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/artifacts#list-workflow-run-artifacts
+// GitHub API docs: https://docs.github.com/rest/actions/artifacts#list-workflow-run-artifacts
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runs/{run_id}/artifacts
 func (s *ActionsService) ListWorkflowRunArtifacts(ctx context.Context, owner, repo string, runID int64, opts *ListOptions) (*ArtifactList, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/artifacts", owner, repo, runID)
 	u, err := addOptions(u, opts)
@@ -100,7 +114,9 @@ func (s *ActionsService) ListWorkflowRunArtifacts(ctx context.Context, owner, re
 
 // GetArtifact gets a specific artifact for a workflow run.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/artifacts#get-an-artifact
+// GitHub API docs: https://docs.github.com/rest/actions/artifacts#get-an-artifact
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/artifacts/{artifact_id}
 func (s *ActionsService) GetArtifact(ctx context.Context, owner, repo string, artifactID int64) (*Artifact, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/artifacts/%v", owner, repo, artifactID)
 
@@ -120,18 +136,28 @@ func (s *ActionsService) GetArtifact(ctx context.Context, owner, repo string, ar
 
 // DownloadArtifact gets a redirect URL to download an archive for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/artifacts#download-an-artifact
-func (s *ActionsService) DownloadArtifact(ctx context.Context, owner, repo string, artifactID int64, followRedirects bool) (*url.URL, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/actions/artifacts#download-an-artifact
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/artifacts/{artifact_id}/{archive_format}
+func (s *ActionsService) DownloadArtifact(ctx context.Context, owner, repo string, artifactID int64, maxRedirects int) (*url.URL, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/artifacts/%v/zip", owner, repo, artifactID)
 
-	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, followRedirects)
+	if s.client.RateLimitRedirectionalEndpoints {
+		return s.downloadArtifactWithRateLimit(ctx, u, maxRedirects)
+	}
+
+	return s.downloadArtifactWithoutRateLimit(ctx, u, maxRedirects)
+}
+
+func (s *ActionsService) downloadArtifactWithoutRateLimit(ctx context.Context, u string, maxRedirects int) (*url.URL, *Response, error) {
+	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, maxRedirects)
 	if err != nil {
 		return nil, nil, err
 	}
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusFound {
-		return nil, newResponse(resp), fmt.Errorf("unexpected status code: %s", resp.Status)
+		return nil, newResponse(resp), fmt.Errorf("unexpected status code: %v", resp.Status)
 	}
 
 	parsedURL, err := url.Parse(resp.Header.Get("Location"))
@@ -142,9 +168,31 @@ func (s *ActionsService) DownloadArtifact(ctx context.Context, owner, repo strin
 	return parsedURL, newResponse(resp), nil
 }
 
+func (s *ActionsService) downloadArtifactWithRateLimit(ctx context.Context, u string, maxRedirects int) (*url.URL, *Response, error) {
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	url, resp, err := s.client.bareDoUntilFound(ctx, req, maxRedirects)
+	if err != nil {
+		return nil, resp, err
+	}
+	defer resp.Body.Close()
+
+	// If we didn't receive a valid Location in a 302 response
+	if url == nil {
+		return nil, resp, fmt.Errorf("unexpected status code: %v", resp.Status)
+	}
+
+	return url, resp, nil
+}
+
 // DeleteArtifact deletes a workflow run artifact.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/artifacts#delete-an-artifact
+// GitHub API docs: https://docs.github.com/rest/actions/artifacts#delete-an-artifact
+//
+//meta:operation DELETE /repos/{owner}/{repo}/actions/artifacts/{artifact_id}
 func (s *ActionsService) DeleteArtifact(ctx context.Context, owner, repo string, artifactID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/artifacts/%v", owner, repo, artifactID)
 
diff --git a/vendor/github.com/google/go-github/v55/github/actions_cache.go b/vendor/github.com/google/go-github/v72/github/actions_cache.go
similarity index 79%
rename from vendor/github.com/google/go-github/v55/github/actions_cache.go
rename to vendor/github.com/google/go-github/v72/github/actions_cache.go
index 9592d9ab62..852e9860f1 100644
--- a/vendor/github.com/google/go-github/v55/github/actions_cache.go
+++ b/vendor/github.com/google/go-github/v72/github/actions_cache.go
@@ -12,7 +12,7 @@ import (
 
 // ActionsCache represents a GitHub action cache.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#about-the-cache-api
+// GitHub API docs: https://docs.github.com/rest/actions/cache#about-the-cache-api
 type ActionsCache struct {
 	ID             *int64     `json:"id,omitempty" url:"-"`
 	Ref            *string    `json:"ref,omitempty" url:"ref"`
@@ -25,7 +25,7 @@ type ActionsCache struct {
 
 // ActionsCacheList represents a list of GitHub actions Cache.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#list-github-actions-caches-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/cache#list-github-actions-caches-for-a-repository
 type ActionsCacheList struct {
 	TotalCount    int             `json:"total_count"`
 	ActionsCaches []*ActionsCache `json:"actions_caches,omitempty"`
@@ -33,7 +33,7 @@ type ActionsCacheList struct {
 
 // ActionsCacheUsage represents a GitHub Actions Cache Usage object.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#get-github-actions-cache-usage-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/cache#get-github-actions-cache-usage-for-a-repository
 type ActionsCacheUsage struct {
 	FullName                string `json:"full_name"`
 	ActiveCachesSizeInBytes int64  `json:"active_caches_size_in_bytes"`
@@ -42,7 +42,7 @@ type ActionsCacheUsage struct {
 
 // ActionsCacheUsageList represents a list of repositories with GitHub Actions cache usage for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#get-github-actions-cache-usage-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/cache#get-github-actions-cache-usage-for-a-repository
 type ActionsCacheUsageList struct {
 	TotalCount     int                  `json:"total_count"`
 	RepoCacheUsage []*ActionsCacheUsage `json:"repository_cache_usages,omitempty"`
@@ -50,7 +50,7 @@ type ActionsCacheUsageList struct {
 
 // TotalCacheUsage represents total GitHub actions cache usage of an organization or enterprise.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#get-github-actions-cache-usage-for-an-enterprise
+// GitHub API docs: https://docs.github.com/rest/actions/cache#get-github-actions-cache-usage-for-an-enterprise
 type TotalCacheUsage struct {
 	TotalActiveCachesUsageSizeInBytes int64 `json:"total_active_caches_size_in_bytes"`
 	TotalActiveCachesCount            int   `json:"total_active_caches_count"`
@@ -58,7 +58,7 @@ type TotalCacheUsage struct {
 
 // ActionsCacheListOptions represents a list of all possible optional Query parameters for ListCaches method.
 //
-// GitHub API docs:  https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#list-github-actions-caches-for-a-repository
+// GitHub API docs:  https://docs.github.com/rest/actions/cache#list-github-actions-caches-for-a-repository
 type ActionsCacheListOptions struct {
 	ListOptions
 	// The Git reference for the results you want to list.
@@ -77,7 +77,9 @@ type ActionsCacheListOptions struct {
 //
 // Permissions: must have the actions:read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#list-github-actions-caches-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/cache#list-github-actions-caches-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/caches
 func (s *ActionsService) ListCaches(ctx context.Context, owner, repo string, opts *ActionsCacheListOptions) (*ActionsCacheList, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/caches", owner, repo)
 	u, err := addOptions(u, opts)
@@ -107,7 +109,9 @@ func (s *ActionsService) ListCaches(ctx context.Context, owner, repo string, opt
 //
 // Permissions: You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#delete-github-actions-caches-for-a-repository-using-a-cache-key
+// GitHub API docs: https://docs.github.com/rest/actions/cache#delete-github-actions-caches-for-a-repository-using-a-cache-key
+//
+//meta:operation DELETE /repos/{owner}/{repo}/actions/caches
 func (s *ActionsService) DeleteCachesByKey(ctx context.Context, owner, repo, key string, ref *string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/caches", owner, repo)
 	u, err := addOptions(u, ActionsCache{Key: &key, Ref: ref})
@@ -127,7 +131,9 @@ func (s *ActionsService) DeleteCachesByKey(ctx context.Context, owner, repo, key
 //
 // Permissions: You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have the actions:write permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#delete-a-github-actions-cache-for-a-repository-using-a-cache-id
+// GitHub API docs: https://docs.github.com/rest/actions/cache#delete-a-github-actions-cache-for-a-repository-using-a-cache-id
+//
+//meta:operation DELETE /repos/{owner}/{repo}/actions/caches/{cache_id}
 func (s *ActionsService) DeleteCachesByID(ctx context.Context, owner, repo string, cacheID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/caches/%v", owner, repo, cacheID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -144,7 +150,9 @@ func (s *ActionsService) DeleteCachesByID(ctx context.Context, owner, repo strin
 // Permissions: Anyone with read access to the repository can use this endpoint. If the repository is private, you must use an
 // access token with the repo scope. GitHub Apps must have the actions:read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#get-github-actions-cache-usage-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/cache#get-github-actions-cache-usage-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/cache/usage
 func (s *ActionsService) GetCacheUsageForRepo(ctx context.Context, owner, repo string) (*ActionsCacheUsage, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/cache/usage", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -165,9 +173,11 @@ func (s *ActionsService) GetCacheUsageForRepo(ctx context.Context, owner, repo s
 // refreshed approximately every 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.
 //
 // Permissions: You must authenticate using an access token with the read:org scope to use this endpoint.
-// GitHub Apps must have the organization_admistration:read permission to use this endpoint.
+// GitHub Apps must have the organization_administration:read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#list-repositories-with-github-actions-cache-usage-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/cache#list-repositories-with-github-actions-cache-usage-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/cache/usage-by-repository
 func (s *ActionsService) ListCacheUsageByRepoForOrg(ctx context.Context, org string, opts *ListOptions) (*ActionsCacheUsageList, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/cache/usage-by-repository", org)
 	u, err := addOptions(u, opts)
@@ -193,9 +203,11 @@ func (s *ActionsService) ListCacheUsageByRepoForOrg(ctx context.Context, org str
 // 5 minutes, so values returned from this endpoint may take at least 5 minutes to get updated.
 //
 // Permissions: You must authenticate using an access token with the read:org scope to use this endpoint.
-// GitHub Apps must have the organization_admistration:read permission to use this endpoint.
+// GitHub Apps must have the organization_administration:read permission to use this endpoint.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/cache#get-github-actions-cache-usage-for-an-organization
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#get-github-actions-cache-usage-for-an-organization
+//meta:operation GET /orgs/{org}/actions/cache/usage
 func (s *ActionsService) GetTotalCacheUsageForOrg(ctx context.Context, org string) (*TotalCacheUsage, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/cache/usage", org)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -217,7 +229,9 @@ func (s *ActionsService) GetTotalCacheUsageForOrg(ctx context.Context, org strin
 //
 // Permissions: You must authenticate using an access token with the "admin:enterprise" scope to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#get-github-actions-cache-usage-for-an-enterprise
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/cache#get-github-actions-cache-usage-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/cache/usage
 func (s *ActionsService) GetTotalCacheUsageForEnterprise(ctx context.Context, enterprise string) (*TotalCacheUsage, *Response, error) {
 	u := fmt.Sprintf("enterprises/%v/actions/cache/usage", enterprise)
 	req, err := s.client.NewRequest("GET", u, nil)
diff --git a/vendor/github.com/google/go-github/v72/github/actions_hosted_runners.go b/vendor/github.com/google/go-github/v72/github/actions_hosted_runners.go
new file mode 100644
index 0000000000..dbe1f6b5b1
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/actions_hosted_runners.go
@@ -0,0 +1,376 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"errors"
+	"fmt"
+)
+
+// HostedRunnerPublicIP represents the details of a public IP for GitHub-hosted runner.
+type HostedRunnerPublicIP struct {
+	Enabled bool   `json:"enabled"` // Whether public IP is enabled.
+	Prefix  string `json:"prefix"`  // The prefix for the public IP. Example: 20.80.208.150
+	Length  int    `json:"length"`  // The length of the IP prefix. Example: 28
+}
+
+// HostedRunnerMachineSpec represents the details of a particular machine specification for GitHub-hosted runner.
+type HostedRunnerMachineSpec struct {
+	ID        string `json:"id"`         // The ID used for the `size` parameter when creating a new runner. Example: 8-core
+	CPUCores  int    `json:"cpu_cores"`  // The number of cores. Example: 8
+	MemoryGB  int    `json:"memory_gb"`  // The available RAM for the machine spec. Example: 32
+	StorageGB int    `json:"storage_gb"` // The available SSD storage for the machine spec. Example: 300
+}
+
+// HostedRunner represents a single GitHub-hosted runner with additional details.
+type HostedRunner struct {
+	ID                 *int64                   `json:"id,omitempty"`
+	Name               *string                  `json:"name,omitempty"`
+	RunnerGroupID      *int64                   `json:"runner_group_id,omitempty"`
+	Platform           *string                  `json:"platform,omitempty"`
+	ImageDetails       *HostedRunnerImageDetail `json:"image_details,omitempty"`
+	MachineSizeDetails *HostedRunnerMachineSpec `json:"machine_size_details,omitempty"`
+	Status             *string                  `json:"status,omitempty"`
+	MaximumRunners     *int64                   `json:"maximum_runners,omitempty"`
+	PublicIPEnabled    *bool                    `json:"public_ip_enabled,omitempty"`
+	PublicIPs          []*HostedRunnerPublicIP  `json:"public_ips,omitempty"`
+	LastActiveOn       *Timestamp               `json:"last_active_on,omitempty"`
+}
+
+// HostedRunnerImageDetail represents the image details of a GitHub-hosted runners.
+type HostedRunnerImageDetail struct {
+	ID          *string `json:"id"`           // The ID of the image. Use this ID for the `image` parameter when creating a new larger runner. Example: ubuntu-20.04
+	SizeGB      *int64  `json:"size_gb"`      // Image size in GB. Example: 86
+	DisplayName *string `json:"display_name"` // Display name for this image. Example: 20.04
+	Source      *string `json:"source"`       // The image provider. Example: github, partner, custom
+	Version     *string `json:"version"`      // The image version of the hosted runner pool. Example: latest
+}
+
+// HostedRunners represents a collection of GitHub-hosted runners for an organization.
+type HostedRunners struct {
+	TotalCount int             `json:"total_count"`
+	Runners    []*HostedRunner `json:"runners"`
+}
+
+// ListHostedRunners lists all the GitHub-hosted runners for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/hosted-runners#list-github-hosted-runners-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/hosted-runners
+func (s *ActionsService) ListHostedRunners(ctx context.Context, org string, opts *ListOptions) (*HostedRunners, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/hosted-runners", org)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runners := &HostedRunners{}
+	resp, err := s.client.Do(ctx, req, &runners)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runners, resp, nil
+}
+
+// HostedRunnerImage represents the image of GitHub-hosted runners.
+// To list all available images, use GET /actions/hosted-runners/images/github-owned or GET /actions/hosted-runners/images/partner.
+type HostedRunnerImage struct {
+	ID      string `json:"id"`
+	Source  string `json:"source"`
+	Version string `json:"version"`
+}
+
+// HostedRunnerRequest specifies body parameters to Hosted Runner configuration.
+type HostedRunnerRequest struct {
+	Name           string            `json:"name,omitempty"`
+	Image          HostedRunnerImage `json:"image,omitempty"`
+	RunnerGroupID  int64             `json:"runner_group_id,omitempty"`
+	Size           string            `json:"size,omitempty"`
+	MaximumRunners int64             `json:"maximum_runners,omitempty"`
+	EnableStaticIP bool              `json:"enable_static_ip,omitempty"`
+	ImageVersion   string            `json:"image_version,omitempty"`
+}
+
+// validateCreateHostedRunnerRequest validates the provided HostedRunnerRequest to ensure
+// that all required fields are properly set and that no invalid fields are present for hosted runner create request.
+//
+// If any of these conditions are violated, an appropriate error message is returned.
+// Otherwise, nil is returned, indicating the request is valid.
+func validateCreateHostedRunnerRequest(request *HostedRunnerRequest) error {
+	if request.Size == "" {
+		return errors.New("size is required for creating a hosted runner")
+	}
+	if request.Image == (HostedRunnerImage{}) {
+		return errors.New("image is required for creating a hosted runner")
+	}
+	if request.Name == "" {
+		return errors.New("name is required for creating a hosted runner")
+	}
+	if request.RunnerGroupID == 0 {
+		return errors.New("runner group ID is required for creating a hosted runner")
+	}
+	if request.ImageVersion != "" {
+		return errors.New("imageVersion should not be set directly; use the Image struct to specify image details")
+	}
+	return nil
+}
+
+// CreateHostedRunner creates a GitHub-hosted runner for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/hosted-runners#create-a-github-hosted-runner-for-an-organization
+//
+//meta:operation POST /orgs/{org}/actions/hosted-runners
+func (s *ActionsService) CreateHostedRunner(ctx context.Context, org string, request *HostedRunnerRequest) (*HostedRunner, *Response, error) {
+	if err := validateCreateHostedRunnerRequest(request); err != nil {
+		return nil, nil, fmt.Errorf("validation failed: %w", err)
+	}
+
+	u := fmt.Sprintf("orgs/%v/actions/hosted-runners", org)
+	req, err := s.client.NewRequest("POST", u, request)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunner := new(HostedRunner)
+	resp, err := s.client.Do(ctx, req, hostedRunner)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunner, resp, nil
+}
+
+// HostedRunnerImageSpecs represents the details of a GitHub-hosted runner image.
+type HostedRunnerImageSpecs struct {
+	ID          string `json:"id"`
+	Platform    string `json:"platform"`
+	SizeGB      int    `json:"size_gb"`
+	DisplayName string `json:"display_name"`
+	Source      string `json:"source"`
+}
+
+// HostedRunnerImages represents the response containing the total count and details of runner images.
+type HostedRunnerImages struct {
+	TotalCount int                       `json:"total_count"`
+	Images     []*HostedRunnerImageSpecs `json:"images"`
+}
+
+// GetHostedRunnerGitHubOwnedImages gets the list of GitHub-owned images available for GitHub-hosted runners for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/hosted-runners#get-github-owned-images-for-github-hosted-runners-in-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/hosted-runners/images/github-owned
+func (s *ActionsService) GetHostedRunnerGitHubOwnedImages(ctx context.Context, org string) (*HostedRunnerImages, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/hosted-runners/images/github-owned", org)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunnerImages := new(HostedRunnerImages)
+	resp, err := s.client.Do(ctx, req, hostedRunnerImages)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunnerImages, resp, nil
+}
+
+// GetHostedRunnerPartnerImages gets the list of partner images available for GitHub-hosted runners for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/hosted-runners#get-partner-images-for-github-hosted-runners-in-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/hosted-runners/images/partner
+func (s *ActionsService) GetHostedRunnerPartnerImages(ctx context.Context, org string) (*HostedRunnerImages, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/hosted-runners/images/partner", org)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunnerImages := new(HostedRunnerImages)
+	resp, err := s.client.Do(ctx, req, hostedRunnerImages)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunnerImages, resp, nil
+}
+
+// HostedRunnerPublicIPLimits represents the static public IP limits for GitHub-hosted runners.
+type HostedRunnerPublicIPLimits struct {
+	PublicIPs *PublicIPUsage `json:"public_ips"`
+}
+
+// PublicIPUsage provides details of static public IP limits for GitHub-hosted runners.
+type PublicIPUsage struct {
+	Maximum      int64 `json:"maximum"`       // The maximum number of static public IP addresses that can be used for Hosted Runners. Example: 50
+	CurrentUsage int64 `json:"current_usage"` // The current number of static public IP addresses in use by Hosted Runners. Example: 17
+}
+
+// GetHostedRunnerLimits gets the GitHub-hosted runners Static public IP Limits for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/hosted-runners#get-limits-on-github-hosted-runners-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/hosted-runners/limits
+func (s *ActionsService) GetHostedRunnerLimits(ctx context.Context, org string) (*HostedRunnerPublicIPLimits, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/hosted-runners/limits", org)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	publicIPLimits := new(HostedRunnerPublicIPLimits)
+	resp, err := s.client.Do(ctx, req, publicIPLimits)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return publicIPLimits, resp, nil
+}
+
+// HostedRunnerMachineSpecs represents the response containing the total count and details of machine specs for GitHub-hosted runners.
+type HostedRunnerMachineSpecs struct {
+	TotalCount   int                        `json:"total_count"`
+	MachineSpecs []*HostedRunnerMachineSpec `json:"machine_specs"`
+}
+
+// GetHostedRunnerMachineSpecs gets the list of machine specs available for GitHub-hosted runners for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/hosted-runners#get-github-hosted-runners-machine-specs-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/hosted-runners/machine-sizes
+func (s *ActionsService) GetHostedRunnerMachineSpecs(ctx context.Context, org string) (*HostedRunnerMachineSpecs, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/hosted-runners/machine-sizes", org)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	machineSpecs := new(HostedRunnerMachineSpecs)
+	resp, err := s.client.Do(ctx, req, machineSpecs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return machineSpecs, resp, nil
+}
+
+// HostedRunnerPlatforms represents the response containing the total count and platforms for GitHub-hosted runners.
+type HostedRunnerPlatforms struct {
+	TotalCount int      `json:"total_count"`
+	Platforms  []string `json:"platforms"`
+}
+
+// GetHostedRunnerPlatforms gets list of platforms available for GitHub-hosted runners for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/hosted-runners#get-platforms-for-github-hosted-runners-in-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/hosted-runners/platforms
+func (s *ActionsService) GetHostedRunnerPlatforms(ctx context.Context, org string) (*HostedRunnerPlatforms, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/hosted-runners/platforms", org)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	platforms := new(HostedRunnerPlatforms)
+	resp, err := s.client.Do(ctx, req, platforms)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return platforms, resp, nil
+}
+
+// GetHostedRunner gets a GitHub-hosted runner in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/hosted-runners#get-a-github-hosted-runner-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/hosted-runners/{hosted_runner_id}
+func (s *ActionsService) GetHostedRunner(ctx context.Context, org string, runnerID int64) (*HostedRunner, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/hosted-runners/%v", org, runnerID)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunner := new(HostedRunner)
+	resp, err := s.client.Do(ctx, req, hostedRunner)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunner, resp, nil
+}
+
+// validateUpdateHostedRunnerRequest validates the provided HostedRunnerRequest to ensure
+// that no disallowed updates are made for a hosted runner update request.
+//
+// If any of these conditions are violated, an appropriate error message is returned.
+// Otherwise, nil is returned, indicating the request is valid for an update.
+func validateUpdateHostedRunnerRequest(request *HostedRunnerRequest) error {
+	if request.Size != "" {
+		return errors.New("size cannot be updated, API does not support updating size")
+	}
+	if request.Image != (HostedRunnerImage{}) {
+		return errors.New("image struct should not be set directly; use the ImageVersion to specify version details")
+	}
+	return nil
+}
+
+// UpdateHostedRunner updates a GitHub-hosted runner for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/hosted-runners#update-a-github-hosted-runner-for-an-organization
+//
+//meta:operation PATCH /orgs/{org}/actions/hosted-runners/{hosted_runner_id}
+func (s *ActionsService) UpdateHostedRunner(ctx context.Context, org string, runnerID int64, updateReq HostedRunnerRequest) (*HostedRunner, *Response, error) {
+	if err := validateUpdateHostedRunnerRequest(&updateReq); err != nil {
+		return nil, nil, fmt.Errorf("validation failed: %w", err)
+	}
+
+	u := fmt.Sprintf("orgs/%v/actions/hosted-runners/%v", org, runnerID)
+	req, err := s.client.NewRequest("PATCH", u, updateReq)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunner := new(HostedRunner)
+	resp, err := s.client.Do(ctx, req, hostedRunner)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunner, resp, nil
+}
+
+// DeleteHostedRunner deletes GitHub-hosted runner from an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/hosted-runners#delete-a-github-hosted-runner-for-an-organization
+//
+//meta:operation DELETE /orgs/{org}/actions/hosted-runners/{hosted_runner_id}
+func (s *ActionsService) DeleteHostedRunner(ctx context.Context, org string, runnerID int64) (*HostedRunner, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/hosted-runners/%v", org, runnerID)
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunner := new(HostedRunner)
+	resp, err := s.client.Do(ctx, req, hostedRunner)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunner, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/actions_oidc.go b/vendor/github.com/google/go-github/v72/github/actions_oidc.go
similarity index 76%
rename from vendor/github.com/google/go-github/v55/github/actions_oidc.go
rename to vendor/github.com/google/go-github/v72/github/actions_oidc.go
index b7f2d26ae9..596aa9d981 100644
--- a/vendor/github.com/google/go-github/v55/github/actions_oidc.go
+++ b/vendor/github.com/google/go-github/v72/github/actions_oidc.go
@@ -18,7 +18,9 @@ type OIDCSubjectClaimCustomTemplate struct {
 
 // GetOrgOIDCSubjectClaimCustomTemplate gets the subject claim customization template for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/oidc#get-the-customization-template-for-an-oidc-subject-claim-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/oidc#get-the-customization-template-for-an-oidc-subject-claim-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/oidc/customization/sub
 func (s *ActionsService) GetOrgOIDCSubjectClaimCustomTemplate(ctx context.Context, org string) (*OIDCSubjectClaimCustomTemplate, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/oidc/customization/sub", org)
 	return s.getOIDCSubjectClaimCustomTemplate(ctx, u)
@@ -26,7 +28,9 @@ func (s *ActionsService) GetOrgOIDCSubjectClaimCustomTemplate(ctx context.Contex
 
 // GetRepoOIDCSubjectClaimCustomTemplate gets the subject claim customization template for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/oidc#get-the-customization-template-for-an-oidc-subject-claim-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/oidc#get-the-customization-template-for-an-oidc-subject-claim-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/oidc/customization/sub
 func (s *ActionsService) GetRepoOIDCSubjectClaimCustomTemplate(ctx context.Context, owner, repo string) (*OIDCSubjectClaimCustomTemplate, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/oidc/customization/sub", owner, repo)
 	return s.getOIDCSubjectClaimCustomTemplate(ctx, u)
@@ -49,7 +53,9 @@ func (s *ActionsService) getOIDCSubjectClaimCustomTemplate(ctx context.Context,
 
 // SetOrgOIDCSubjectClaimCustomTemplate sets the subject claim customization for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/oidc/customization/sub
 func (s *ActionsService) SetOrgOIDCSubjectClaimCustomTemplate(ctx context.Context, org string, template *OIDCSubjectClaimCustomTemplate) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/oidc/customization/sub", org)
 	return s.setOIDCSubjectClaimCustomTemplate(ctx, u, template)
@@ -57,7 +63,9 @@ func (s *ActionsService) SetOrgOIDCSubjectClaimCustomTemplate(ctx context.Contex
 
 // SetRepoOIDCSubjectClaimCustomTemplate sets the subject claim customization for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-a-repository
+//
+//meta:operation PUT /repos/{owner}/{repo}/actions/oidc/customization/sub
 func (s *ActionsService) SetRepoOIDCSubjectClaimCustomTemplate(ctx context.Context, owner, repo string, template *OIDCSubjectClaimCustomTemplate) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/oidc/customization/sub", owner, repo)
 	return s.setOIDCSubjectClaimCustomTemplate(ctx, u, template)
diff --git a/vendor/github.com/google/go-github/v72/github/actions_permissions_enterprise.go b/vendor/github.com/google/go-github/v72/github/actions_permissions_enterprise.go
new file mode 100644
index 0000000000..a6a85aa32a
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/actions_permissions_enterprise.go
@@ -0,0 +1,258 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ActionsEnabledOnEnterpriseRepos represents all the repositories in an enterprise for which Actions is enabled.
+type ActionsEnabledOnEnterpriseRepos struct {
+	TotalCount    int             `json:"total_count"`
+	Organizations []*Organization `json:"organizations"`
+}
+
+// ActionsPermissionsEnterprise represents a policy for allowed actions in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions
+type ActionsPermissionsEnterprise struct {
+	EnabledOrganizations *string `json:"enabled_organizations,omitempty"`
+	AllowedActions       *string `json:"allowed_actions,omitempty"`
+	SelectedActionsURL   *string `json:"selected_actions_url,omitempty"`
+}
+
+func (a ActionsPermissionsEnterprise) String() string {
+	return Stringify(a)
+}
+
+// DefaultWorkflowPermissionEnterprise represents the default permissions for GitHub Actions workflows for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions
+type DefaultWorkflowPermissionEnterprise struct {
+	DefaultWorkflowPermissions   *string `json:"default_workflow_permissions,omitempty"`
+	CanApprovePullRequestReviews *bool   `json:"can_approve_pull_request_reviews,omitempty"`
+}
+
+// GetActionsPermissionsInEnterprise gets the GitHub Actions permissions policy for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#get-github-actions-permissions-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/permissions
+func (s *ActionsService) GetActionsPermissionsInEnterprise(ctx context.Context, enterprise string) (*ActionsPermissionsEnterprise, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/permissions", enterprise)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	permissions := new(ActionsPermissionsEnterprise)
+	resp, err := s.client.Do(ctx, req, permissions)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return permissions, resp, nil
+}
+
+// EditActionsPermissionsInEnterprise sets the permissions policy in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#set-github-actions-permissions-for-an-enterprise
+//
+//meta:operation PUT /enterprises/{enterprise}/actions/permissions
+func (s *ActionsService) EditActionsPermissionsInEnterprise(ctx context.Context, enterprise string, actionsPermissionsEnterprise ActionsPermissionsEnterprise) (*ActionsPermissionsEnterprise, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/permissions", enterprise)
+	req, err := s.client.NewRequest("PUT", u, actionsPermissionsEnterprise)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	p := new(ActionsPermissionsEnterprise)
+	resp, err := s.client.Do(ctx, req, p)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return p, resp, nil
+}
+
+// ListEnabledOrgsInEnterprise lists the selected organizations that are enabled for GitHub Actions in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#list-selected-organizations-enabled-for-github-actions-in-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/permissions/organizations
+func (s *ActionsService) ListEnabledOrgsInEnterprise(ctx context.Context, owner string, opts *ListOptions) (*ActionsEnabledOnEnterpriseRepos, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations", owner)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	orgs := &ActionsEnabledOnEnterpriseRepos{}
+	resp, err := s.client.Do(ctx, req, orgs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return orgs, resp, nil
+}
+
+// SetEnabledOrgsInEnterprise replaces the list of selected organizations that are enabled for GitHub Actions in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#set-selected-organizations-enabled-for-github-actions-in-an-enterprise
+//
+//meta:operation PUT /enterprises/{enterprise}/actions/permissions/organizations
+func (s *ActionsService) SetEnabledOrgsInEnterprise(ctx context.Context, owner string, organizationIDs []int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations", owner)
+
+	req, err := s.client.NewRequest("PUT", u, struct {
+		IDs []int64 `json:"selected_organization_ids"`
+	}{IDs: organizationIDs})
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// AddEnabledOrgInEnterprise adds an organization to the list of selected organizations that are enabled for GitHub Actions in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#enable-a-selected-organization-for-github-actions-in-an-enterprise
+//
+//meta:operation PUT /enterprises/{enterprise}/actions/permissions/organizations/{org_id}
+func (s *ActionsService) AddEnabledOrgInEnterprise(ctx context.Context, owner string, organizationID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations/%v", owner, organizationID)
+
+	req, err := s.client.NewRequest("PUT", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// RemoveEnabledOrgInEnterprise removes an organization from the list of selected organizations that are enabled for GitHub Actions in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#disable-a-selected-organization-for-github-actions-in-an-enterprise
+//
+//meta:operation DELETE /enterprises/{enterprise}/actions/permissions/organizations/{org_id}
+func (s *ActionsService) RemoveEnabledOrgInEnterprise(ctx context.Context, owner string, organizationID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations/%v", owner, organizationID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// GetActionsAllowedInEnterprise gets the actions that are allowed in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#get-allowed-actions-and-reusable-workflows-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/permissions/selected-actions
+func (s *ActionsService) GetActionsAllowedInEnterprise(ctx context.Context, enterprise string) (*ActionsAllowed, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/permissions/selected-actions", enterprise)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	actionsAllowed := new(ActionsAllowed)
+	resp, err := s.client.Do(ctx, req, actionsAllowed)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return actionsAllowed, resp, nil
+}
+
+// EditActionsAllowedInEnterprise sets the actions that are allowed in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#set-allowed-actions-and-reusable-workflows-for-an-enterprise
+//
+//meta:operation PUT /enterprises/{enterprise}/actions/permissions/selected-actions
+func (s *ActionsService) EditActionsAllowedInEnterprise(ctx context.Context, enterprise string, actionsAllowed ActionsAllowed) (*ActionsAllowed, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/permissions/selected-actions", enterprise)
+	req, err := s.client.NewRequest("PUT", u, actionsAllowed)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	p := new(ActionsAllowed)
+	resp, err := s.client.Do(ctx, req, p)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return p, resp, nil
+}
+
+// GetDefaultWorkflowPermissionsInEnterprise gets the GitHub Actions default workflow permissions for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#get-default-workflow-permissions-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/permissions/workflow
+func (s *ActionsService) GetDefaultWorkflowPermissionsInEnterprise(ctx context.Context, enterprise string) (*DefaultWorkflowPermissionEnterprise, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/permissions/workflow", enterprise)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	permissions := new(DefaultWorkflowPermissionEnterprise)
+	resp, err := s.client.Do(ctx, req, permissions)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return permissions, resp, nil
+}
+
+// EditDefaultWorkflowPermissionsInEnterprise sets the GitHub Actions default workflow permissions for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#set-default-workflow-permissions-for-an-enterprise
+//
+//meta:operation PUT /enterprises/{enterprise}/actions/permissions/workflow
+func (s *ActionsService) EditDefaultWorkflowPermissionsInEnterprise(ctx context.Context, enterprise string, permissions DefaultWorkflowPermissionEnterprise) (*DefaultWorkflowPermissionEnterprise, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/permissions/workflow", enterprise)
+	req, err := s.client.NewRequest("PUT", u, permissions)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	p := new(DefaultWorkflowPermissionEnterprise)
+	resp, err := s.client.Do(ctx, req, p)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return p, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/actions_permissions_orgs.go b/vendor/github.com/google/go-github/v72/github/actions_permissions_orgs.go
new file mode 100644
index 0000000000..2f555f2493
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/actions_permissions_orgs.go
@@ -0,0 +1,271 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ActionsPermissions represents a policy for repositories and allowed actions in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions
+type ActionsPermissions struct {
+	EnabledRepositories *string `json:"enabled_repositories,omitempty"`
+	AllowedActions      *string `json:"allowed_actions,omitempty"`
+	SelectedActionsURL  *string `json:"selected_actions_url,omitempty"`
+}
+
+func (a ActionsPermissions) String() string {
+	return Stringify(a)
+}
+
+// ActionsEnabledOnOrgRepos represents all the repositories in an organization for which Actions is enabled.
+type ActionsEnabledOnOrgRepos struct {
+	TotalCount   int           `json:"total_count"`
+	Repositories []*Repository `json:"repositories"`
+}
+
+// ActionsAllowed represents selected actions that are allowed.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions
+type ActionsAllowed struct {
+	GithubOwnedAllowed *bool    `json:"github_owned_allowed,omitempty"`
+	VerifiedAllowed    *bool    `json:"verified_allowed,omitempty"`
+	PatternsAllowed    []string `json:"patterns_allowed,omitempty"`
+}
+
+func (a ActionsAllowed) String() string {
+	return Stringify(a)
+}
+
+// DefaultWorkflowPermissionOrganization represents the default permissions for GitHub Actions workflows for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions
+type DefaultWorkflowPermissionOrganization struct {
+	DefaultWorkflowPermissions   *string `json:"default_workflow_permissions,omitempty"`
+	CanApprovePullRequestReviews *bool   `json:"can_approve_pull_request_reviews,omitempty"`
+}
+
+// GetActionsPermissions gets the GitHub Actions permissions policy for repositories and allowed actions in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#get-github-actions-permissions-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/permissions
+func (s *ActionsService) GetActionsPermissions(ctx context.Context, org string) (*ActionsPermissions, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/permissions", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	permissions := new(ActionsPermissions)
+	resp, err := s.client.Do(ctx, req, permissions)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return permissions, resp, nil
+}
+
+// EditActionsPermissions sets the permissions policy for repositories and allowed actions in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-github-actions-permissions-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/permissions
+func (s *ActionsService) EditActionsPermissions(ctx context.Context, org string, actionsPermissions ActionsPermissions) (*ActionsPermissions, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/permissions", org)
+	req, err := s.client.NewRequest("PUT", u, actionsPermissions)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	p := new(ActionsPermissions)
+	resp, err := s.client.Do(ctx, req, p)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return p, resp, nil
+}
+
+// ListEnabledReposInOrg lists the selected repositories that are enabled for GitHub Actions in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#list-selected-repositories-enabled-for-github-actions-in-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/permissions/repositories
+func (s *ActionsService) ListEnabledReposInOrg(ctx context.Context, owner string, opts *ListOptions) (*ActionsEnabledOnOrgRepos, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/permissions/repositories", owner)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	repos := &ActionsEnabledOnOrgRepos{}
+	resp, err := s.client.Do(ctx, req, repos)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return repos, resp, nil
+}
+
+// SetEnabledReposInOrg replaces the list of selected repositories that are enabled for GitHub Actions in an organization..
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-selected-repositories-enabled-for-github-actions-in-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/permissions/repositories
+func (s *ActionsService) SetEnabledReposInOrg(ctx context.Context, owner string, repositoryIDs []int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/permissions/repositories", owner)
+
+	req, err := s.client.NewRequest("PUT", u, struct {
+		IDs []int64 `json:"selected_repository_ids"`
+	}{IDs: repositoryIDs})
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// AddEnabledReposInOrg adds a repository to the list of selected repositories that are enabled for GitHub Actions in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#enable-a-selected-repository-for-github-actions-in-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/permissions/repositories/{repository_id}
+func (s *ActionsService) AddEnabledReposInOrg(ctx context.Context, owner string, repositoryID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/permissions/repositories/%v", owner, repositoryID)
+
+	req, err := s.client.NewRequest("PUT", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// RemoveEnabledReposInOrg removes a single repository from the list of enabled repos for GitHub Actions in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#disable-a-selected-repository-for-github-actions-in-an-organization
+//
+//meta:operation DELETE /orgs/{org}/actions/permissions/repositories/{repository_id}
+func (s *ActionsService) RemoveEnabledReposInOrg(ctx context.Context, owner string, repositoryID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/permissions/repositories/%v", owner, repositoryID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// GetActionsAllowed gets the actions that are allowed in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#get-allowed-actions-and-reusable-workflows-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/permissions/selected-actions
+func (s *ActionsService) GetActionsAllowed(ctx context.Context, org string) (*ActionsAllowed, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/permissions/selected-actions", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	actionsAllowed := new(ActionsAllowed)
+	resp, err := s.client.Do(ctx, req, actionsAllowed)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return actionsAllowed, resp, nil
+}
+
+// EditActionsAllowed sets the actions that are allowed in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-allowed-actions-and-reusable-workflows-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/permissions/selected-actions
+func (s *ActionsService) EditActionsAllowed(ctx context.Context, org string, actionsAllowed ActionsAllowed) (*ActionsAllowed, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/permissions/selected-actions", org)
+	req, err := s.client.NewRequest("PUT", u, actionsAllowed)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	p := new(ActionsAllowed)
+	resp, err := s.client.Do(ctx, req, p)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return p, resp, nil
+}
+
+// GetDefaultWorkflowPermissionsInOrganization gets the GitHub Actions default workflow permissions for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#get-default-workflow-permissions-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/permissions/workflow
+func (s *ActionsService) GetDefaultWorkflowPermissionsInOrganization(ctx context.Context, org string) (*DefaultWorkflowPermissionOrganization, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/permissions/workflow", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	permissions := new(DefaultWorkflowPermissionOrganization)
+	resp, err := s.client.Do(ctx, req, permissions)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return permissions, resp, nil
+}
+
+// EditDefaultWorkflowPermissionsInOrganization sets the GitHub Actions default workflow permissions for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-default-workflow-permissions-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/permissions/workflow
+func (s *ActionsService) EditDefaultWorkflowPermissionsInOrganization(ctx context.Context, org string, permissions DefaultWorkflowPermissionOrganization) (*DefaultWorkflowPermissionOrganization, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/permissions/workflow", org)
+	req, err := s.client.NewRequest("PUT", u, permissions)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	p := new(DefaultWorkflowPermissionOrganization)
+	resp, err := s.client.Do(ctx, req, p)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return p, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/actions_runner_groups.go b/vendor/github.com/google/go-github/v72/github/actions_runner_groups.go
similarity index 79%
rename from vendor/github.com/google/go-github/v55/github/actions_runner_groups.go
rename to vendor/github.com/google/go-github/v72/github/actions_runner_groups.go
index 00b9b6ce09..b2ee32f614 100644
--- a/vendor/github.com/google/go-github/v55/github/actions_runner_groups.go
+++ b/vendor/github.com/google/go-github/v72/github/actions_runner_groups.go
@@ -80,7 +80,9 @@ type ListOrgRunnerGroupOptions struct {
 
 // ListOrganizationRunnerGroups lists all self-hosted runner groups configured in an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#list-self-hosted-runner-groups-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#list-self-hosted-runner-groups-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/runner-groups
 func (s *ActionsService) ListOrganizationRunnerGroups(ctx context.Context, org string, opts *ListOrgRunnerGroupOptions) (*RunnerGroups, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups", org)
 	u, err := addOptions(u, opts)
@@ -104,7 +106,9 @@ func (s *ActionsService) ListOrganizationRunnerGroups(ctx context.Context, org s
 
 // GetOrganizationRunnerGroup gets a specific self-hosted runner group for an organization using its RunnerGroup ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#get-a-self-hosted-runner-group-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#get-a-self-hosted-runner-group-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/runner-groups/{runner_group_id}
 func (s *ActionsService) GetOrganizationRunnerGroup(ctx context.Context, org string, groupID int64) (*RunnerGroup, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v", org, groupID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -123,7 +127,9 @@ func (s *ActionsService) GetOrganizationRunnerGroup(ctx context.Context, org str
 
 // DeleteOrganizationRunnerGroup deletes a self-hosted runner group from an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#delete-a-self-hosted-runner-group-from-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#delete-a-self-hosted-runner-group-from-an-organization
+//
+//meta:operation DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}
 func (s *ActionsService) DeleteOrganizationRunnerGroup(ctx context.Context, org string, groupID int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v", org, groupID)
 
@@ -137,7 +143,9 @@ func (s *ActionsService) DeleteOrganizationRunnerGroup(ctx context.Context, org
 
 // CreateOrganizationRunnerGroup creates a new self-hosted runner group for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#create-a-self-hosted-runner-group-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#create-a-self-hosted-runner-group-for-an-organization
+//
+//meta:operation POST /orgs/{org}/actions/runner-groups
 func (s *ActionsService) CreateOrganizationRunnerGroup(ctx context.Context, org string, createReq CreateRunnerGroupRequest) (*RunnerGroup, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups", org)
 	req, err := s.client.NewRequest("POST", u, createReq)
@@ -156,7 +164,9 @@ func (s *ActionsService) CreateOrganizationRunnerGroup(ctx context.Context, org
 
 // UpdateOrganizationRunnerGroup updates a self-hosted runner group for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#update-a-self-hosted-runner-group-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#update-a-self-hosted-runner-group-for-an-organization
+//
+//meta:operation PATCH /orgs/{org}/actions/runner-groups/{runner_group_id}
 func (s *ActionsService) UpdateOrganizationRunnerGroup(ctx context.Context, org string, groupID int64, updateReq UpdateRunnerGroupRequest) (*RunnerGroup, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v", org, groupID)
 	req, err := s.client.NewRequest("PATCH", u, updateReq)
@@ -175,7 +185,9 @@ func (s *ActionsService) UpdateOrganizationRunnerGroup(ctx context.Context, org
 
 // ListRepositoryAccessRunnerGroup lists the repositories with access to a self-hosted runner group configured in an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#list-repository-access-to-a-self-hosted-runner-group-in-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#list-repository-access-to-a-self-hosted-runner-group-in-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories
 func (s *ActionsService) ListRepositoryAccessRunnerGroup(ctx context.Context, org string, groupID int64, opts *ListOptions) (*ListRepositories, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v/repositories", org, groupID)
 	u, err := addOptions(u, opts)
@@ -200,7 +212,9 @@ func (s *ActionsService) ListRepositoryAccessRunnerGroup(ctx context.Context, or
 // SetRepositoryAccessRunnerGroup replaces the list of repositories that have access to a self-hosted runner group configured in an organization
 // with a new List of repositories.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#set-repository-access-for-a-self-hosted-runner-group-in-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#set-repository-access-for-a-self-hosted-runner-group-in-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories
 func (s *ActionsService) SetRepositoryAccessRunnerGroup(ctx context.Context, org string, groupID int64, ids SetRepoAccessRunnerGroupRequest) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v/repositories", org, groupID)
 
@@ -215,7 +229,9 @@ func (s *ActionsService) SetRepositoryAccessRunnerGroup(ctx context.Context, org
 // AddRepositoryAccessRunnerGroup adds a repository to the list of selected repositories that can access a self-hosted runner group.
 // The runner group must have visibility set to 'selected'.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#add-repository-access-to-a-self-hosted-runner-group-in-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#add-repository-access-to-a-self-hosted-runner-group-in-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}
 func (s *ActionsService) AddRepositoryAccessRunnerGroup(ctx context.Context, org string, groupID, repoID int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v/repositories/%v", org, groupID, repoID)
 
@@ -230,7 +246,9 @@ func (s *ActionsService) AddRepositoryAccessRunnerGroup(ctx context.Context, org
 // RemoveRepositoryAccessRunnerGroup removes a repository from the list of selected repositories that can access a self-hosted runner group.
 // The runner group must have visibility set to 'selected'.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#remove-repository-access-to-a-self-hosted-runner-group-in-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#remove-repository-access-to-a-self-hosted-runner-group-in-an-organization
+//
+//meta:operation DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}
 func (s *ActionsService) RemoveRepositoryAccessRunnerGroup(ctx context.Context, org string, groupID, repoID int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v/repositories/%v", org, groupID, repoID)
 
@@ -244,7 +262,9 @@ func (s *ActionsService) RemoveRepositoryAccessRunnerGroup(ctx context.Context,
 
 // ListRunnerGroupRunners lists self-hosted runners that are in a specific organization group.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#list-self-hosted-runners-in-a-group-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#list-self-hosted-runners-in-a-group-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/runner-groups/{runner_group_id}/runners
 func (s *ActionsService) ListRunnerGroupRunners(ctx context.Context, org string, groupID int64, opts *ListOptions) (*Runners, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v/runners", org, groupID)
 	u, err := addOptions(u, opts)
@@ -269,7 +289,9 @@ func (s *ActionsService) ListRunnerGroupRunners(ctx context.Context, org string,
 // SetRunnerGroupRunners replaces the list of self-hosted runners that are part of an organization runner group
 // with a new list of runners.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#set-self-hosted-runners-in-a-group-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#set-self-hosted-runners-in-a-group-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/runners
 func (s *ActionsService) SetRunnerGroupRunners(ctx context.Context, org string, groupID int64, ids SetRunnerGroupRunnersRequest) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v/runners", org, groupID)
 
@@ -283,7 +305,9 @@ func (s *ActionsService) SetRunnerGroupRunners(ctx context.Context, org string,
 
 // AddRunnerGroupRunners adds a self-hosted runner to a runner group configured in an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#add-a-self-hosted-runner-to-a-group-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#add-a-self-hosted-runner-to-a-group-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}
 func (s *ActionsService) AddRunnerGroupRunners(ctx context.Context, org string, groupID, runnerID int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v/runners/%v", org, groupID, runnerID)
 
@@ -298,7 +322,9 @@ func (s *ActionsService) AddRunnerGroupRunners(ctx context.Context, org string,
 // RemoveRunnerGroupRunners removes a self-hosted runner from a group configured in an organization.
 // The runner is then returned to the default group.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runner-groups#remove-a-self-hosted-runner-from-a-group-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runner-groups#remove-a-self-hosted-runner-from-a-group-for-an-organization
+//
+//meta:operation DELETE /orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}
 func (s *ActionsService) RemoveRunnerGroupRunners(ctx context.Context, org string, groupID, runnerID int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/actions/runner-groups/%v/runners/%v", org, groupID, runnerID)
 
diff --git a/vendor/github.com/google/go-github/v55/github/actions_runners.go b/vendor/github.com/google/go-github/v72/github/actions_runners.go
similarity index 61%
rename from vendor/github.com/google/go-github/v55/github/actions_runners.go
rename to vendor/github.com/google/go-github/v72/github/actions_runners.go
index 7427451ccf..c4ae48232e 100644
--- a/vendor/github.com/google/go-github/v55/github/actions_runners.go
+++ b/vendor/github.com/google/go-github/v72/github/actions_runners.go
@@ -20,15 +20,11 @@ type RunnerApplicationDownload struct {
 	SHA256Checksum    *string `json:"sha256_checksum,omitempty"`
 }
 
-// ActionsEnabledOnOrgRepos represents all the repositories in an organization for which Actions is enabled.
-type ActionsEnabledOnOrgRepos struct {
-	TotalCount   int           `json:"total_count"`
-	Repositories []*Repository `json:"repositories"`
-}
-
 // ListRunnerApplicationDownloads lists self-hosted runner application binaries that can be downloaded and run.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#list-runner-applications-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#list-runner-applications-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runners/downloads
 func (s *ActionsService) ListRunnerApplicationDownloads(ctx context.Context, owner, repo string) ([]*RunnerApplicationDownload, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/runners/downloads", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -64,9 +60,11 @@ type JITRunnerConfig struct {
 
 // GenerateOrgJITConfig generate a just-in-time configuration for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners?apiVersion=2022-11-28#create-configuration-for-a-just-in-time-runner-for-an-organization
-func (s *ActionsService) GenerateOrgJITConfig(ctx context.Context, owner string, request *GenerateJITConfigRequest) (*JITRunnerConfig, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/runners/generate-jitconfig", owner)
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-organization
+//
+//meta:operation POST /orgs/{org}/actions/runners/generate-jitconfig
+func (s *ActionsService) GenerateOrgJITConfig(ctx context.Context, org string, request *GenerateJITConfigRequest) (*JITRunnerConfig, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/runners/generate-jitconfig", org)
 	req, err := s.client.NewRequest("POST", u, request)
 	if err != nil {
 		return nil, nil, err
@@ -83,7 +81,9 @@ func (s *ActionsService) GenerateOrgJITConfig(ctx context.Context, owner string,
 
 // GenerateRepoJITConfig generates a just-in-time configuration for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners?apiVersion=2022-11-28#create-configuration-for-a-just-in-time-runner-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-a-repository
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/runners/generate-jitconfig
 func (s *ActionsService) GenerateRepoJITConfig(ctx context.Context, owner, repo string, request *GenerateJITConfigRequest) (*JITRunnerConfig, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/runners/generate-jitconfig", owner, repo)
 	req, err := s.client.NewRequest("POST", u, request)
@@ -108,7 +108,9 @@ type RegistrationToken struct {
 
 // CreateRegistrationToken creates a token that can be used to add a self-hosted runner.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#create-a-registration-token-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#create-a-registration-token-for-a-repository
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/runners/registration-token
 func (s *ActionsService) CreateRegistrationToken(ctx context.Context, owner, repo string) (*RegistrationToken, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/runners/registration-token", owner, repo)
 
@@ -149,10 +151,18 @@ type Runners struct {
 	Runners    []*Runner `json:"runners"`
 }
 
+// ListRunnersOptions specifies the optional parameters to the ListRunners and ListOrganizationRunners methods.
+type ListRunnersOptions struct {
+	Name *string `url:"name,omitempty"`
+	ListOptions
+}
+
 // ListRunners lists all the self-hosted runners for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#list-self-hosted-runners-for-a-repository
-func (s *ActionsService) ListRunners(ctx context.Context, owner, repo string, opts *ListOptions) (*Runners, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#list-self-hosted-runners-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runners
+func (s *ActionsService) ListRunners(ctx context.Context, owner, repo string, opts *ListRunnersOptions) (*Runners, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/runners", owner, repo)
 	u, err := addOptions(u, opts)
 	if err != nil {
@@ -175,7 +185,9 @@ func (s *ActionsService) ListRunners(ctx context.Context, owner, repo string, op
 
 // GetRunner gets a specific self-hosted runner for a repository using its runner ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#get-a-self-hosted-runner-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#get-a-self-hosted-runner-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runners/{runner_id}
 func (s *ActionsService) GetRunner(ctx context.Context, owner, repo string, runnerID int64) (*Runner, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/runners/%v", owner, repo, runnerID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -200,7 +212,9 @@ type RemoveToken struct {
 
 // CreateRemoveToken creates a token that can be used to remove a self-hosted runner from a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#create-a-remove-token-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#create-a-remove-token-for-a-repository
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/runners/remove-token
 func (s *ActionsService) CreateRemoveToken(ctx context.Context, owner, repo string) (*RemoveToken, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/runners/remove-token", owner, repo)
 
@@ -220,7 +234,9 @@ func (s *ActionsService) CreateRemoveToken(ctx context.Context, owner, repo stri
 
 // RemoveRunner forces the removal of a self-hosted runner in a repository using the runner id.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#delete-a-self-hosted-runner-from-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#delete-a-self-hosted-runner-from-a-repository
+//
+//meta:operation DELETE /repos/{owner}/{repo}/actions/runners/{runner_id}
 func (s *ActionsService) RemoveRunner(ctx context.Context, owner, repo string, runnerID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/runners/%v", owner, repo, runnerID)
 
@@ -234,9 +250,11 @@ func (s *ActionsService) RemoveRunner(ctx context.Context, owner, repo string, r
 
 // ListOrganizationRunnerApplicationDownloads lists self-hosted runner application binaries that can be downloaded and run.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#list-runner-applications-for-an-organization
-func (s *ActionsService) ListOrganizationRunnerApplicationDownloads(ctx context.Context, owner string) ([]*RunnerApplicationDownload, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/runners/downloads", owner)
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#list-runner-applications-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/runners/downloads
+func (s *ActionsService) ListOrganizationRunnerApplicationDownloads(ctx context.Context, org string) ([]*RunnerApplicationDownload, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/runners/downloads", org)
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -253,9 +271,11 @@ func (s *ActionsService) ListOrganizationRunnerApplicationDownloads(ctx context.
 
 // CreateOrganizationRegistrationToken creates a token that can be used to add a self-hosted runner to an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#create-a-registration-token-for-an-organization
-func (s *ActionsService) CreateOrganizationRegistrationToken(ctx context.Context, owner string) (*RegistrationToken, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/runners/registration-token", owner)
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#create-a-registration-token-for-an-organization
+//
+//meta:operation POST /orgs/{org}/actions/runners/registration-token
+func (s *ActionsService) CreateOrganizationRegistrationToken(ctx context.Context, org string) (*RegistrationToken, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/runners/registration-token", org)
 
 	req, err := s.client.NewRequest("POST", u, nil)
 	if err != nil {
@@ -273,9 +293,11 @@ func (s *ActionsService) CreateOrganizationRegistrationToken(ctx context.Context
 
 // ListOrganizationRunners lists all the self-hosted runners for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#list-self-hosted-runners-for-an-organization
-func (s *ActionsService) ListOrganizationRunners(ctx context.Context, owner string, opts *ListOptions) (*Runners, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/runners", owner)
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#list-self-hosted-runners-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/runners
+func (s *ActionsService) ListOrganizationRunners(ctx context.Context, org string, opts *ListRunnersOptions) (*Runners, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/runners", org)
 	u, err := addOptions(u, opts)
 	if err != nil {
 		return nil, nil, err
@@ -295,94 +317,13 @@ func (s *ActionsService) ListOrganizationRunners(ctx context.Context, owner stri
 	return runners, resp, nil
 }
 
-// ListEnabledReposInOrg lists the selected repositories that are enabled for GitHub Actions in an organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#list-selected-repositories-enabled-for-github-actions-in-an-organization
-func (s *ActionsService) ListEnabledReposInOrg(ctx context.Context, owner string, opts *ListOptions) (*ActionsEnabledOnOrgRepos, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/permissions/repositories", owner)
-	u, err := addOptions(u, opts)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	req, err := s.client.NewRequest("GET", u, nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	repos := &ActionsEnabledOnOrgRepos{}
-	resp, err := s.client.Do(ctx, req, repos)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return repos, resp, nil
-}
-
-// SetEnabledReposInOrg replaces the list of selected repositories that are enabled for GitHub Actions in an organization..
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-selected-repositories-enabled-for-github-actions-in-an-organization
-func (s *ActionsService) SetEnabledReposInOrg(ctx context.Context, owner string, repositoryIDs []int64) (*Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/permissions/repositories", owner)
-
-	req, err := s.client.NewRequest("PUT", u, struct {
-		IDs []int64 `json:"selected_repository_ids"`
-	}{IDs: repositoryIDs})
-	if err != nil {
-		return nil, err
-	}
-
-	resp, err := s.client.Do(ctx, req, nil)
-	if err != nil {
-		return resp, err
-	}
-
-	return resp, nil
-}
-
-// AddEnabledReposInOrg adds a repository to the list of selected repositories that are enabled for GitHub Actions in an organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#enable-a-selected-repository-for-github-actions-in-an-organization
-func (s *ActionsService) AddEnabledReposInOrg(ctx context.Context, owner string, repositoryID int64) (*Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/permissions/repositories/%v", owner, repositoryID)
-
-	req, err := s.client.NewRequest("PUT", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	resp, err := s.client.Do(ctx, req, nil)
-	if err != nil {
-		return resp, err
-	}
-
-	return resp, nil
-}
-
-// RemoveEnabledRepoInOrg removes a single repository from the list of enabled repos for GitHub Actions in an organization.
-//
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#disable-a-selected-repository-for-github-actions-in-an-organization
-func (s *ActionsService) RemoveEnabledRepoInOrg(ctx context.Context, owner string, repositoryID int64) (*Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/permissions/repositories/%v", owner, repositoryID)
-
-	req, err := s.client.NewRequest("DELETE", u, nil)
-	if err != nil {
-		return nil, err
-	}
-
-	resp, err := s.client.Do(ctx, req, nil)
-	if err != nil {
-		return resp, err
-	}
-
-	return resp, nil
-}
-
 // GetOrganizationRunner gets a specific self-hosted runner for an organization using its runner ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#get-a-self-hosted-runner-for-an-organization
-func (s *ActionsService) GetOrganizationRunner(ctx context.Context, owner string, runnerID int64) (*Runner, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/runners/%v", owner, runnerID)
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#get-a-self-hosted-runner-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/runners/{runner_id}
+func (s *ActionsService) GetOrganizationRunner(ctx context.Context, org string, runnerID int64) (*Runner, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/runners/%v", org, runnerID)
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -399,9 +340,11 @@ func (s *ActionsService) GetOrganizationRunner(ctx context.Context, owner string
 
 // CreateOrganizationRemoveToken creates a token that can be used to remove a self-hosted runner from an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#create-a-remove-token-for-an-organization
-func (s *ActionsService) CreateOrganizationRemoveToken(ctx context.Context, owner string) (*RemoveToken, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/runners/remove-token", owner)
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#create-a-remove-token-for-an-organization
+//
+//meta:operation POST /orgs/{org}/actions/runners/remove-token
+func (s *ActionsService) CreateOrganizationRemoveToken(ctx context.Context, org string) (*RemoveToken, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/runners/remove-token", org)
 
 	req, err := s.client.NewRequest("POST", u, nil)
 	if err != nil {
@@ -419,9 +362,11 @@ func (s *ActionsService) CreateOrganizationRemoveToken(ctx context.Context, owne
 
 // RemoveOrganizationRunner forces the removal of a self-hosted runner from an organization using the runner id.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/self-hosted-runners#delete-a-self-hosted-runner-from-an-organization
-func (s *ActionsService) RemoveOrganizationRunner(ctx context.Context, owner string, runnerID int64) (*Response, error) {
-	u := fmt.Sprintf("orgs/%v/actions/runners/%v", owner, runnerID)
+// GitHub API docs: https://docs.github.com/rest/actions/self-hosted-runners#delete-a-self-hosted-runner-from-an-organization
+//
+//meta:operation DELETE /orgs/{org}/actions/runners/{runner_id}
+func (s *ActionsService) RemoveOrganizationRunner(ctx context.Context, org string, runnerID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/actions/runners/%v", org, runnerID)
 
 	req, err := s.client.NewRequest("DELETE", u, nil)
 	if err != nil {
diff --git a/vendor/github.com/google/go-github/v55/github/actions_secrets.go b/vendor/github.com/google/go-github/v72/github/actions_secrets.go
similarity index 73%
rename from vendor/github.com/google/go-github/v55/github/actions_secrets.go
rename to vendor/github.com/google/go-github/v72/github/actions_secrets.go
index 316badb70d..cba85c1004 100644
--- a/vendor/github.com/google/go-github/v55/github/actions_secrets.go
+++ b/vendor/github.com/google/go-github/v72/github/actions_secrets.go
@@ -23,7 +23,7 @@ type PublicKey struct {
 // do not error out when unmarshaling.
 func (p *PublicKey) UnmarshalJSON(data []byte) error {
 	var pk struct {
-		KeyID interface{} `json:"key_id,string"`
+		KeyID interface{} `json:"key_id"`
 		Key   *string     `json:"key"`
 	}
 
@@ -39,7 +39,7 @@ func (p *PublicKey) UnmarshalJSON(data []byte) error {
 	case string:
 		p.KeyID = &v
 	case float64:
-		p.KeyID = String(strconv.FormatFloat(v, 'f', -1, 64))
+		p.KeyID = Ptr(strconv.FormatFloat(v, 'f', -1, 64))
 	default:
 		return fmt.Errorf("unable to unmarshal %T as a string", v)
 	}
@@ -64,7 +64,9 @@ func (s *ActionsService) getPublicKey(ctx context.Context, url string) (*PublicK
 
 // GetRepoPublicKey gets a public key that should be used for secret encryption.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#get-a-repository-public-key
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#get-a-repository-public-key
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/secrets/public-key
 func (s *ActionsService) GetRepoPublicKey(ctx context.Context, owner, repo string) (*PublicKey, *Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/actions/secrets/public-key", owner, repo)
 	return s.getPublicKey(ctx, url)
@@ -72,7 +74,9 @@ func (s *ActionsService) GetRepoPublicKey(ctx context.Context, owner, repo strin
 
 // GetOrgPublicKey gets a public key that should be used for secret encryption.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#get-an-organization-public-key
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#get-an-organization-public-key
+//
+//meta:operation GET /orgs/{org}/actions/secrets/public-key
 func (s *ActionsService) GetOrgPublicKey(ctx context.Context, org string) (*PublicKey, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/secrets/public-key", org)
 	return s.getPublicKey(ctx, url)
@@ -80,7 +84,9 @@ func (s *ActionsService) GetOrgPublicKey(ctx context.Context, org string) (*Publ
 
 // GetEnvPublicKey gets a public key that should be used for secret encryption.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#get-an-environment-public-key
+// GitHub API docs: https://docs.github.com/enterprise-server@3.7/rest/actions/secrets#get-an-environment-public-key
+//
+//meta:operation GET /repositories/{repository_id}/environments/{environment_name}/secrets/public-key
 func (s *ActionsService) GetEnvPublicKey(ctx context.Context, repoID int, env string) (*PublicKey, *Response, error) {
 	url := fmt.Sprintf("repositories/%v/environments/%v/secrets/public-key", repoID, env)
 	return s.getPublicKey(ctx, url)
@@ -124,16 +130,31 @@ func (s *ActionsService) listSecrets(ctx context.Context, url string, opts *List
 // ListRepoSecrets lists all secrets available in a repository
 // without revealing their encrypted values.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#list-repository-secrets
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#list-repository-secrets
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/secrets
 func (s *ActionsService) ListRepoSecrets(ctx context.Context, owner, repo string, opts *ListOptions) (*Secrets, *Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/actions/secrets", owner, repo)
 	return s.listSecrets(ctx, url, opts)
 }
 
+// ListRepoOrgSecrets lists all organization secrets available in a repository
+// without revealing their encrypted values.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#list-repository-organization-secrets
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/organization-secrets
+func (s *ActionsService) ListRepoOrgSecrets(ctx context.Context, owner, repo string, opts *ListOptions) (*Secrets, *Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/actions/organization-secrets", owner, repo)
+	return s.listSecrets(ctx, url, opts)
+}
+
 // ListOrgSecrets lists all secrets available in an organization
 // without revealing their encrypted values.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#list-organization-secrets
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#list-organization-secrets
+//
+//meta:operation GET /orgs/{org}/actions/secrets
 func (s *ActionsService) ListOrgSecrets(ctx context.Context, org string, opts *ListOptions) (*Secrets, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/secrets", org)
 	return s.listSecrets(ctx, url, opts)
@@ -141,7 +162,9 @@ func (s *ActionsService) ListOrgSecrets(ctx context.Context, org string, opts *L
 
 // ListEnvSecrets lists all secrets available in an environment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#list-environment-secrets
+// GitHub API docs: https://docs.github.com/enterprise-server@3.7/rest/actions/secrets#list-environment-secrets
+//
+//meta:operation GET /repositories/{repository_id}/environments/{environment_name}/secrets
 func (s *ActionsService) ListEnvSecrets(ctx context.Context, repoID int, env string, opts *ListOptions) (*Secrets, *Response, error) {
 	url := fmt.Sprintf("repositories/%v/environments/%v/secrets", repoID, env)
 	return s.listSecrets(ctx, url, opts)
@@ -164,7 +187,9 @@ func (s *ActionsService) getSecret(ctx context.Context, url string) (*Secret, *R
 
 // GetRepoSecret gets a single repository secret without revealing its encrypted value.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#get-a-repository-secret
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#get-a-repository-secret
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/secrets/{secret_name}
 func (s *ActionsService) GetRepoSecret(ctx context.Context, owner, repo, name string) (*Secret, *Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/actions/secrets/%v", owner, repo, name)
 	return s.getSecret(ctx, url)
@@ -172,7 +197,9 @@ func (s *ActionsService) GetRepoSecret(ctx context.Context, owner, repo, name st
 
 // GetOrgSecret gets a single organization secret without revealing its encrypted value.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#get-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#get-an-organization-secret
+//
+//meta:operation GET /orgs/{org}/actions/secrets/{secret_name}
 func (s *ActionsService) GetOrgSecret(ctx context.Context, org, name string) (*Secret, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/secrets/%v", org, name)
 	return s.getSecret(ctx, url)
@@ -180,7 +207,9 @@ func (s *ActionsService) GetOrgSecret(ctx context.Context, org, name string) (*S
 
 // GetEnvSecret gets a single environment secret without revealing its encrypted value.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#get-an-environment-secret
+// GitHub API docs: https://docs.github.com/enterprise-server@3.7/rest/actions/secrets#get-an-environment-secret
+//
+//meta:operation GET /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}
 func (s *ActionsService) GetEnvSecret(ctx context.Context, repoID int, env, secretName string) (*Secret, *Response, error) {
 	url := fmt.Sprintf("repositories/%v/environments/%v/secrets/%v", repoID, env, secretName)
 	return s.getSecret(ctx, url)
@@ -213,7 +242,9 @@ func (s *ActionsService) putSecret(ctx context.Context, url string, eSecret *Enc
 
 // CreateOrUpdateRepoSecret creates or updates a repository secret with an encrypted value.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#create-or-update-a-repository-secret
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#create-or-update-a-repository-secret
+//
+//meta:operation PUT /repos/{owner}/{repo}/actions/secrets/{secret_name}
 func (s *ActionsService) CreateOrUpdateRepoSecret(ctx context.Context, owner, repo string, eSecret *EncryptedSecret) (*Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/actions/secrets/%v", owner, repo, eSecret.Name)
 	return s.putSecret(ctx, url, eSecret)
@@ -221,7 +252,9 @@ func (s *ActionsService) CreateOrUpdateRepoSecret(ctx context.Context, owner, re
 
 // CreateOrUpdateOrgSecret creates or updates an organization secret with an encrypted value.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#create-or-update-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#create-or-update-an-organization-secret
+//
+//meta:operation PUT /orgs/{org}/actions/secrets/{secret_name}
 func (s *ActionsService) CreateOrUpdateOrgSecret(ctx context.Context, org string, eSecret *EncryptedSecret) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/secrets/%v", org, eSecret.Name)
 	return s.putSecret(ctx, url, eSecret)
@@ -229,7 +262,9 @@ func (s *ActionsService) CreateOrUpdateOrgSecret(ctx context.Context, org string
 
 // CreateOrUpdateEnvSecret creates or updates a single environment secret with an encrypted value.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#create-or-update-an-environment-secret
+// GitHub API docs: https://docs.github.com/enterprise-server@3.7/rest/actions/secrets#create-or-update-an-environment-secret
+//
+//meta:operation PUT /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}
 func (s *ActionsService) CreateOrUpdateEnvSecret(ctx context.Context, repoID int, env string, eSecret *EncryptedSecret) (*Response, error) {
 	url := fmt.Sprintf("repositories/%v/environments/%v/secrets/%v", repoID, env, eSecret.Name)
 	return s.putSecret(ctx, url, eSecret)
@@ -246,7 +281,9 @@ func (s *ActionsService) deleteSecret(ctx context.Context, url string) (*Respons
 
 // DeleteRepoSecret deletes a secret in a repository using the secret name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#delete-a-repository-secret
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#delete-a-repository-secret
+//
+//meta:operation DELETE /repos/{owner}/{repo}/actions/secrets/{secret_name}
 func (s *ActionsService) DeleteRepoSecret(ctx context.Context, owner, repo, name string) (*Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/actions/secrets/%v", owner, repo, name)
 	return s.deleteSecret(ctx, url)
@@ -254,7 +291,9 @@ func (s *ActionsService) DeleteRepoSecret(ctx context.Context, owner, repo, name
 
 // DeleteOrgSecret deletes a secret in an organization using the secret name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#delete-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#delete-an-organization-secret
+//
+//meta:operation DELETE /orgs/{org}/actions/secrets/{secret_name}
 func (s *ActionsService) DeleteOrgSecret(ctx context.Context, org, name string) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/secrets/%v", org, name)
 	return s.deleteSecret(ctx, url)
@@ -262,7 +301,9 @@ func (s *ActionsService) DeleteOrgSecret(ctx context.Context, org, name string)
 
 // DeleteEnvSecret deletes a secret in an environment using the secret name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#delete-an-environment-secret
+// GitHub API docs: https://docs.github.com/enterprise-server@3.7/rest/actions/secrets#delete-an-environment-secret
+//
+//meta:operation DELETE /repositories/{repository_id}/environments/{environment_name}/secrets/{secret_name}
 func (s *ActionsService) DeleteEnvSecret(ctx context.Context, repoID int, env, secretName string) (*Response, error) {
 	url := fmt.Sprintf("repositories/%v/environments/%v/secrets/%v", repoID, env, secretName)
 	return s.deleteSecret(ctx, url)
@@ -296,7 +337,9 @@ func (s *ActionsService) listSelectedReposForSecret(ctx context.Context, url str
 
 // ListSelectedReposForOrgSecret lists all repositories that have access to a secret.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#list-selected-repositories-for-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#list-selected-repositories-for-an-organization-secret
+//
+//meta:operation GET /orgs/{org}/actions/secrets/{secret_name}/repositories
 func (s *ActionsService) ListSelectedReposForOrgSecret(ctx context.Context, org, name string, opts *ListOptions) (*SelectedReposList, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/secrets/%v/repositories", org, name)
 	return s.listSelectedReposForSecret(ctx, url, opts)
@@ -317,7 +360,9 @@ func (s *ActionsService) setSelectedReposForSecret(ctx context.Context, url stri
 
 // SetSelectedReposForOrgSecret sets the repositories that have access to a secret.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#set-selected-repositories-for-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#set-selected-repositories-for-an-organization-secret
+//
+//meta:operation PUT /orgs/{org}/actions/secrets/{secret_name}/repositories
 func (s *ActionsService) SetSelectedReposForOrgSecret(ctx context.Context, org, name string, ids SelectedRepoIDs) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/secrets/%v/repositories", org, name)
 	return s.setSelectedReposForSecret(ctx, url, ids)
@@ -334,7 +379,9 @@ func (s *ActionsService) addSelectedRepoToSecret(ctx context.Context, url string
 
 // AddSelectedRepoToOrgSecret adds a repository to an organization secret.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#add-selected-repository-to-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#add-selected-repository-to-an-organization-secret
+//
+//meta:operation PUT /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}
 func (s *ActionsService) AddSelectedRepoToOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/secrets/%v/repositories/%v", org, name, *repo.ID)
 	return s.addSelectedRepoToSecret(ctx, url)
@@ -351,7 +398,9 @@ func (s *ActionsService) removeSelectedRepoFromSecret(ctx context.Context, url s
 
 // RemoveSelectedRepoFromOrgSecret removes a repository from an organization secret.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/secrets#remove-selected-repository-from-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/actions/secrets#remove-selected-repository-from-an-organization-secret
+//
+//meta:operation DELETE /orgs/{org}/actions/secrets/{secret_name}/repositories/{repository_id}
 func (s *ActionsService) RemoveSelectedRepoFromOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/secrets/%v/repositories/%v", org, name, *repo.ID)
 	return s.removeSelectedRepoFromSecret(ctx, url)
diff --git a/vendor/github.com/google/go-github/v55/github/actions_variables.go b/vendor/github.com/google/go-github/v72/github/actions_variables.go
similarity index 65%
rename from vendor/github.com/google/go-github/v55/github/actions_variables.go
rename to vendor/github.com/google/go-github/v72/github/actions_variables.go
index 29445edd04..bca46b6df6 100644
--- a/vendor/github.com/google/go-github/v55/github/actions_variables.go
+++ b/vendor/github.com/google/go-github/v72/github/actions_variables.go
@@ -51,15 +51,29 @@ func (s *ActionsService) listVariables(ctx context.Context, url string, opts *Li
 
 // ListRepoVariables lists all variables available in a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#list-repository-variables
+// GitHub API docs: https://docs.github.com/rest/actions/variables#list-repository-variables
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/variables
 func (s *ActionsService) ListRepoVariables(ctx context.Context, owner, repo string, opts *ListOptions) (*ActionsVariables, *Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/actions/variables", owner, repo)
 	return s.listVariables(ctx, url, opts)
 }
 
+// ListRepoOrgVariables lists all organization variables available in a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/variables#list-repository-organization-variables
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/organization-variables
+func (s *ActionsService) ListRepoOrgVariables(ctx context.Context, owner, repo string, opts *ListOptions) (*ActionsVariables, *Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/actions/organization-variables", owner, repo)
+	return s.listVariables(ctx, url, opts)
+}
+
 // ListOrgVariables lists all variables available in an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#list-organization-variables
+// GitHub API docs: https://docs.github.com/rest/actions/variables#list-organization-variables
+//
+//meta:operation GET /orgs/{org}/actions/variables
 func (s *ActionsService) ListOrgVariables(ctx context.Context, org string, opts *ListOptions) (*ActionsVariables, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/variables", org)
 	return s.listVariables(ctx, url, opts)
@@ -67,9 +81,11 @@ func (s *ActionsService) ListOrgVariables(ctx context.Context, org string, opts
 
 // ListEnvVariables lists all variables available in an environment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#list-environment-variables
-func (s *ActionsService) ListEnvVariables(ctx context.Context, repoID int, env string, opts *ListOptions) (*ActionsVariables, *Response, error) {
-	url := fmt.Sprintf("repositories/%v/environments/%v/variables", repoID, env)
+// GitHub API docs: https://docs.github.com/rest/actions/variables#list-environment-variables
+//
+//meta:operation GET /repos/{owner}/{repo}/environments/{environment_name}/variables
+func (s *ActionsService) ListEnvVariables(ctx context.Context, owner, repo, env string, opts *ListOptions) (*ActionsVariables, *Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/environments/%v/variables", owner, repo, env)
 	return s.listVariables(ctx, url, opts)
 }
 
@@ -90,7 +106,9 @@ func (s *ActionsService) getVariable(ctx context.Context, url string) (*ActionsV
 
 // GetRepoVariable gets a single repository variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#get-a-repository-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#get-a-repository-variable
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/variables/{name}
 func (s *ActionsService) GetRepoVariable(ctx context.Context, owner, repo, name string) (*ActionsVariable, *Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/actions/variables/%v", owner, repo, name)
 	return s.getVariable(ctx, url)
@@ -98,7 +116,9 @@ func (s *ActionsService) GetRepoVariable(ctx context.Context, owner, repo, name
 
 // GetOrgVariable gets a single organization variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#get-an-organization-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#get-an-organization-variable
+//
+//meta:operation GET /orgs/{org}/actions/variables/{name}
 func (s *ActionsService) GetOrgVariable(ctx context.Context, org, name string) (*ActionsVariable, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/variables/%v", org, name)
 	return s.getVariable(ctx, url)
@@ -106,9 +126,11 @@ func (s *ActionsService) GetOrgVariable(ctx context.Context, org, name string) (
 
 // GetEnvVariable gets a single environment variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#get-an-environment-variable
-func (s *ActionsService) GetEnvVariable(ctx context.Context, repoID int, env, variableName string) (*ActionsVariable, *Response, error) {
-	url := fmt.Sprintf("repositories/%v/environments/%v/variables/%v", repoID, env, variableName)
+// GitHub API docs: https://docs.github.com/rest/actions/variables#get-an-environment-variable
+//
+//meta:operation GET /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}
+func (s *ActionsService) GetEnvVariable(ctx context.Context, owner, repo, env, variableName string) (*ActionsVariable, *Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/environments/%v/variables/%v", owner, repo, env, variableName)
 	return s.getVariable(ctx, url)
 }
 
@@ -122,7 +144,9 @@ func (s *ActionsService) postVariable(ctx context.Context, url string, variable
 
 // CreateRepoVariable creates a repository variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#create-a-repository-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#create-a-repository-variable
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/variables
 func (s *ActionsService) CreateRepoVariable(ctx context.Context, owner, repo string, variable *ActionsVariable) (*Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/actions/variables", owner, repo)
 	return s.postVariable(ctx, url, variable)
@@ -130,7 +154,9 @@ func (s *ActionsService) CreateRepoVariable(ctx context.Context, owner, repo str
 
 // CreateOrgVariable creates an organization variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#create-an-organization-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#create-an-organization-variable
+//
+//meta:operation POST /orgs/{org}/actions/variables
 func (s *ActionsService) CreateOrgVariable(ctx context.Context, org string, variable *ActionsVariable) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/variables", org)
 	return s.postVariable(ctx, url, variable)
@@ -138,9 +164,11 @@ func (s *ActionsService) CreateOrgVariable(ctx context.Context, org string, vari
 
 // CreateEnvVariable creates an environment variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#create-an-environment-variable
-func (s *ActionsService) CreateEnvVariable(ctx context.Context, repoID int, env string, variable *ActionsVariable) (*Response, error) {
-	url := fmt.Sprintf("repositories/%v/environments/%v/variables", repoID, env)
+// GitHub API docs: https://docs.github.com/rest/actions/variables#create-an-environment-variable
+//
+//meta:operation POST /repos/{owner}/{repo}/environments/{environment_name}/variables
+func (s *ActionsService) CreateEnvVariable(ctx context.Context, owner, repo, env string, variable *ActionsVariable) (*Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/environments/%v/variables", owner, repo, env)
 	return s.postVariable(ctx, url, variable)
 }
 
@@ -154,7 +182,9 @@ func (s *ActionsService) patchVariable(ctx context.Context, url string, variable
 
 // UpdateRepoVariable updates a repository variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#update-a-repository-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#update-a-repository-variable
+//
+//meta:operation PATCH /repos/{owner}/{repo}/actions/variables/{name}
 func (s *ActionsService) UpdateRepoVariable(ctx context.Context, owner, repo string, variable *ActionsVariable) (*Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/actions/variables/%v", owner, repo, variable.Name)
 	return s.patchVariable(ctx, url, variable)
@@ -162,7 +192,9 @@ func (s *ActionsService) UpdateRepoVariable(ctx context.Context, owner, repo str
 
 // UpdateOrgVariable updates an organization variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#update-an-organization-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#update-an-organization-variable
+//
+//meta:operation PATCH /orgs/{org}/actions/variables/{name}
 func (s *ActionsService) UpdateOrgVariable(ctx context.Context, org string, variable *ActionsVariable) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/variables/%v", org, variable.Name)
 	return s.patchVariable(ctx, url, variable)
@@ -170,9 +202,11 @@ func (s *ActionsService) UpdateOrgVariable(ctx context.Context, org string, vari
 
 // UpdateEnvVariable updates an environment variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#create-an-environment-variable
-func (s *ActionsService) UpdateEnvVariable(ctx context.Context, repoID int, env string, variable *ActionsVariable) (*Response, error) {
-	url := fmt.Sprintf("repositories/%v/environments/%v/variables/%v", repoID, env, variable.Name)
+// GitHub API docs: https://docs.github.com/rest/actions/variables#update-an-environment-variable
+//
+//meta:operation PATCH /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}
+func (s *ActionsService) UpdateEnvVariable(ctx context.Context, owner, repo, env string, variable *ActionsVariable) (*Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/environments/%v/variables/%v", owner, repo, env, variable.Name)
 	return s.patchVariable(ctx, url, variable)
 }
 
@@ -187,7 +221,9 @@ func (s *ActionsService) deleteVariable(ctx context.Context, url string) (*Respo
 
 // DeleteRepoVariable deletes a variable in a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#delete-a-repository-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#delete-a-repository-variable
+//
+//meta:operation DELETE /repos/{owner}/{repo}/actions/variables/{name}
 func (s *ActionsService) DeleteRepoVariable(ctx context.Context, owner, repo, name string) (*Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/actions/variables/%v", owner, repo, name)
 	return s.deleteVariable(ctx, url)
@@ -195,7 +231,9 @@ func (s *ActionsService) DeleteRepoVariable(ctx context.Context, owner, repo, na
 
 // DeleteOrgVariable deletes a variable in an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#delete-an-organization-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#delete-an-organization-variable
+//
+//meta:operation DELETE /orgs/{org}/actions/variables/{name}
 func (s *ActionsService) DeleteOrgVariable(ctx context.Context, org, name string) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/variables/%v", org, name)
 	return s.deleteVariable(ctx, url)
@@ -203,9 +241,11 @@ func (s *ActionsService) DeleteOrgVariable(ctx context.Context, org, name string
 
 // DeleteEnvVariable deletes a variable in an environment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#delete-an-environment-variable
-func (s *ActionsService) DeleteEnvVariable(ctx context.Context, repoID int, env, variableName string) (*Response, error) {
-	url := fmt.Sprintf("repositories/%v/environments/%v/variables/%v", repoID, env, variableName)
+// GitHub API docs: https://docs.github.com/rest/actions/variables#delete-an-environment-variable
+//
+//meta:operation DELETE /repos/{owner}/{repo}/environments/{environment_name}/variables/{name}
+func (s *ActionsService) DeleteEnvVariable(ctx context.Context, owner, repo, env, variableName string) (*Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/environments/%v/variables/%v", owner, repo, env, variableName)
 	return s.deleteVariable(ctx, url)
 }
 
@@ -231,7 +271,9 @@ func (s *ActionsService) listSelectedReposForVariable(ctx context.Context, url s
 
 // ListSelectedReposForOrgVariable lists all repositories that have access to a variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#list-selected-repositories-for-an-organization-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#list-selected-repositories-for-an-organization-variable
+//
+//meta:operation GET /orgs/{org}/actions/variables/{name}/repositories
 func (s *ActionsService) ListSelectedReposForOrgVariable(ctx context.Context, org, name string, opts *ListOptions) (*SelectedReposList, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/variables/%v/repositories", org, name)
 	return s.listSelectedReposForVariable(ctx, url, opts)
@@ -252,7 +294,9 @@ func (s *ActionsService) setSelectedReposForVariable(ctx context.Context, url st
 
 // SetSelectedReposForOrgVariable sets the repositories that have access to a variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#set-selected-repositories-for-an-organization-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#set-selected-repositories-for-an-organization-variable
+//
+//meta:operation PUT /orgs/{org}/actions/variables/{name}/repositories
 func (s *ActionsService) SetSelectedReposForOrgVariable(ctx context.Context, org, name string, ids SelectedRepoIDs) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/variables/%v/repositories", org, name)
 	return s.setSelectedReposForVariable(ctx, url, ids)
@@ -269,7 +313,9 @@ func (s *ActionsService) addSelectedRepoToVariable(ctx context.Context, url stri
 
 // AddSelectedRepoToOrgVariable adds a repository to an organization variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#add-selected-repository-to-an-organization-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#add-selected-repository-to-an-organization-variable
+//
+//meta:operation PUT /orgs/{org}/actions/variables/{name}/repositories/{repository_id}
 func (s *ActionsService) AddSelectedRepoToOrgVariable(ctx context.Context, org, name string, repo *Repository) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/variables/%v/repositories/%v", org, name, *repo.ID)
 	return s.addSelectedRepoToVariable(ctx, url)
@@ -286,7 +332,9 @@ func (s *ActionsService) removeSelectedRepoFromVariable(ctx context.Context, url
 
 // RemoveSelectedRepoFromOrgVariable removes a repository from an organization variable.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/variables#remove-selected-repository-from-an-organization-variable
+// GitHub API docs: https://docs.github.com/rest/actions/variables#remove-selected-repository-from-an-organization-variable
+//
+//meta:operation DELETE /orgs/{org}/actions/variables/{name}/repositories/{repository_id}
 func (s *ActionsService) RemoveSelectedRepoFromOrgVariable(ctx context.Context, org, name string, repo *Repository) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/actions/variables/%v/repositories/%v", org, name, *repo.ID)
 	return s.removeSelectedRepoFromVariable(ctx, url)
diff --git a/vendor/github.com/google/go-github/v55/github/actions_workflow_jobs.go b/vendor/github.com/google/go-github/v72/github/actions_workflow_jobs.go
similarity index 65%
rename from vendor/github.com/google/go-github/v55/github/actions_workflow_jobs.go
rename to vendor/github.com/google/go-github/v72/github/actions_workflow_jobs.go
index 1f018b3e48..10067c8b26 100644
--- a/vendor/github.com/google/go-github/v55/github/actions_workflow_jobs.go
+++ b/vendor/github.com/google/go-github/v72/github/actions_workflow_jobs.go
@@ -70,7 +70,9 @@ type ListWorkflowJobsOptions struct {
 
 // ListWorkflowJobs lists all jobs for a workflow run.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-jobs#list-jobs-for-a-workflow-run
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-jobs#list-jobs-for-a-workflow-run
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runs/{run_id}/jobs
 func (s *ActionsService) ListWorkflowJobs(ctx context.Context, owner, repo string, runID int64, opts *ListWorkflowJobsOptions) (*Jobs, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/actions/runs/%v/jobs", owner, repo, runID)
 	u, err := addOptions(u, opts)
@@ -92,9 +94,37 @@ func (s *ActionsService) ListWorkflowJobs(ctx context.Context, owner, repo strin
 	return jobs, resp, nil
 }
 
+// ListWorkflowJobsAttempt lists jobs for a workflow run Attempt.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-jobs#list-jobs-for-a-workflow-run-attempt
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/jobs
+func (s *ActionsService) ListWorkflowJobsAttempt(ctx context.Context, owner, repo string, runID, attemptNumber int64, opts *ListOptions) (*Jobs, *Response, error) {
+	u := fmt.Sprintf("repos/%s/%s/actions/runs/%v/attempts/%v/jobs", owner, repo, runID, attemptNumber)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	jobs := new(Jobs)
+	resp, err := s.client.Do(ctx, req, &jobs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return jobs, resp, nil
+}
+
 // GetWorkflowJobByID gets a specific job in a workflow run by ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-jobs#get-a-job-for-a-workflow-run
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-jobs#get-a-job-for-a-workflow-run
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/jobs/{job_id}
 func (s *ActionsService) GetWorkflowJobByID(ctx context.Context, owner, repo string, jobID int64) (*WorkflowJob, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/jobs/%v", owner, repo, jobID)
 
@@ -114,20 +144,50 @@ func (s *ActionsService) GetWorkflowJobByID(ctx context.Context, owner, repo str
 
 // GetWorkflowJobLogs gets a redirect URL to download a plain text file of logs for a workflow job.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflow-jobs#download-job-logs-for-a-workflow-run
-func (s *ActionsService) GetWorkflowJobLogs(ctx context.Context, owner, repo string, jobID int64, followRedirects bool) (*url.URL, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-jobs#download-job-logs-for-a-workflow-run
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/jobs/{job_id}/logs
+func (s *ActionsService) GetWorkflowJobLogs(ctx context.Context, owner, repo string, jobID int64, maxRedirects int) (*url.URL, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/jobs/%v/logs", owner, repo, jobID)
 
-	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, followRedirects)
+	if s.client.RateLimitRedirectionalEndpoints {
+		return s.getWorkflowJobLogsWithRateLimit(ctx, u, maxRedirects)
+	}
+
+	return s.getWorkflowJobLogsWithoutRateLimit(ctx, u, maxRedirects)
+}
+
+func (s *ActionsService) getWorkflowJobLogsWithoutRateLimit(ctx context.Context, u string, maxRedirects int) (*url.URL, *Response, error) {
+	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, maxRedirects)
 	if err != nil {
 		return nil, nil, err
 	}
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusFound {
-		return nil, newResponse(resp), fmt.Errorf("unexpected status code: %s", resp.Status)
+		return nil, newResponse(resp), fmt.Errorf("unexpected status code: %v", resp.Status)
 	}
 
 	parsedURL, err := url.Parse(resp.Header.Get("Location"))
 	return parsedURL, newResponse(resp), err
 }
+
+func (s *ActionsService) getWorkflowJobLogsWithRateLimit(ctx context.Context, u string, maxRedirects int) (*url.URL, *Response, error) {
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	url, resp, err := s.client.bareDoUntilFound(ctx, req, maxRedirects)
+	if err != nil {
+		return nil, resp, err
+	}
+	defer resp.Body.Close()
+
+	// If we didn't receive a valid Location in a 302 response
+	if url == nil {
+		return nil, resp, fmt.Errorf("unexpected status code: %v", resp.Status)
+	}
+
+	return url, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/actions_workflow_runs.go b/vendor/github.com/google/go-github/v72/github/actions_workflow_runs.go
new file mode 100644
index 0000000000..20b9cfcd50
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/actions_workflow_runs.go
@@ -0,0 +1,546 @@
+// Copyright 2020 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"net/url"
+)
+
+// WorkflowRun represents a repository action workflow run.
+type WorkflowRun struct {
+	ID                  *int64                `json:"id,omitempty"`
+	Name                *string               `json:"name,omitempty"`
+	NodeID              *string               `json:"node_id,omitempty"`
+	HeadBranch          *string               `json:"head_branch,omitempty"`
+	HeadSHA             *string               `json:"head_sha,omitempty"`
+	Path                *string               `json:"path,omitempty"`
+	RunNumber           *int                  `json:"run_number,omitempty"`
+	RunAttempt          *int                  `json:"run_attempt,omitempty"`
+	Event               *string               `json:"event,omitempty"`
+	DisplayTitle        *string               `json:"display_title,omitempty"`
+	Status              *string               `json:"status,omitempty"`
+	Conclusion          *string               `json:"conclusion,omitempty"`
+	WorkflowID          *int64                `json:"workflow_id,omitempty"`
+	CheckSuiteID        *int64                `json:"check_suite_id,omitempty"`
+	CheckSuiteNodeID    *string               `json:"check_suite_node_id,omitempty"`
+	URL                 *string               `json:"url,omitempty"`
+	HTMLURL             *string               `json:"html_url,omitempty"`
+	PullRequests        []*PullRequest        `json:"pull_requests,omitempty"`
+	CreatedAt           *Timestamp            `json:"created_at,omitempty"`
+	UpdatedAt           *Timestamp            `json:"updated_at,omitempty"`
+	RunStartedAt        *Timestamp            `json:"run_started_at,omitempty"`
+	JobsURL             *string               `json:"jobs_url,omitempty"`
+	LogsURL             *string               `json:"logs_url,omitempty"`
+	CheckSuiteURL       *string               `json:"check_suite_url,omitempty"`
+	ArtifactsURL        *string               `json:"artifacts_url,omitempty"`
+	CancelURL           *string               `json:"cancel_url,omitempty"`
+	RerunURL            *string               `json:"rerun_url,omitempty"`
+	PreviousAttemptURL  *string               `json:"previous_attempt_url,omitempty"`
+	HeadCommit          *HeadCommit           `json:"head_commit,omitempty"`
+	WorkflowURL         *string               `json:"workflow_url,omitempty"`
+	Repository          *Repository           `json:"repository,omitempty"`
+	HeadRepository      *Repository           `json:"head_repository,omitempty"`
+	Actor               *User                 `json:"actor,omitempty"`
+	TriggeringActor     *User                 `json:"triggering_actor,omitempty"`
+	ReferencedWorkflows []*ReferencedWorkflow `json:"referenced_workflows,omitempty"`
+}
+
+// WorkflowRuns represents a slice of repository action workflow run.
+type WorkflowRuns struct {
+	TotalCount   *int           `json:"total_count,omitempty"`
+	WorkflowRuns []*WorkflowRun `json:"workflow_runs,omitempty"`
+}
+
+// ListWorkflowRunsOptions specifies optional parameters to ListWorkflowRuns.
+type ListWorkflowRunsOptions struct {
+	Actor               string `url:"actor,omitempty"`
+	Branch              string `url:"branch,omitempty"`
+	Event               string `url:"event,omitempty"`
+	Status              string `url:"status,omitempty"`
+	Created             string `url:"created,omitempty"`
+	HeadSHA             string `url:"head_sha,omitempty"`
+	ExcludePullRequests bool   `url:"exclude_pull_requests,omitempty"`
+	CheckSuiteID        int64  `url:"check_suite_id,omitempty"`
+	ListOptions
+}
+
+// WorkflowRunUsage represents a usage of a specific workflow run.
+type WorkflowRunUsage struct {
+	Billable      *WorkflowRunBillMap `json:"billable,omitempty"`
+	RunDurationMS *int64              `json:"run_duration_ms,omitempty"`
+}
+
+// WorkflowRunBillMap represents different runner environments available for a workflow run.
+// Its key is the name of its environment, e.g. "UBUNTU", "MACOS", "WINDOWS", etc.
+type WorkflowRunBillMap map[string]*WorkflowRunBill
+
+// WorkflowRunBill specifies billable time for a specific environment in a workflow run.
+type WorkflowRunBill struct {
+	TotalMS *int64               `json:"total_ms,omitempty"`
+	Jobs    *int                 `json:"jobs,omitempty"`
+	JobRuns []*WorkflowRunJobRun `json:"job_runs,omitempty"`
+}
+
+// WorkflowRunJobRun represents a usage of individual jobs of a specific workflow run.
+type WorkflowRunJobRun struct {
+	JobID      *int   `json:"job_id,omitempty"`
+	DurationMS *int64 `json:"duration_ms,omitempty"`
+}
+
+// WorkflowRunAttemptOptions specifies optional parameters to GetWorkflowRunAttempt.
+type WorkflowRunAttemptOptions struct {
+	ExcludePullRequests *bool `url:"exclude_pull_requests,omitempty"`
+}
+
+// PendingDeploymentsRequest specifies body parameters to PendingDeployments.
+type PendingDeploymentsRequest struct {
+	EnvironmentIDs []int64 `json:"environment_ids"`
+	// State can be one of: "approved", "rejected".
+	State   string `json:"state"`
+	Comment string `json:"comment"`
+}
+
+type ReferencedWorkflow struct {
+	Path *string `json:"path,omitempty"`
+	SHA  *string `json:"sha,omitempty"`
+	Ref  *string `json:"ref,omitempty"`
+}
+
+// PendingDeployment represents the pending_deployments response.
+type PendingDeployment struct {
+	Environment           *PendingDeploymentEnvironment `json:"environment,omitempty"`
+	WaitTimer             *int64                        `json:"wait_timer,omitempty"`
+	WaitTimerStartedAt    *Timestamp                    `json:"wait_timer_started_at,omitempty"`
+	CurrentUserCanApprove *bool                         `json:"current_user_can_approve,omitempty"`
+	Reviewers             []*RequiredReviewer           `json:"reviewers,omitempty"`
+}
+
+// PendingDeploymentEnvironment represents pending deployment environment properties.
+type PendingDeploymentEnvironment struct {
+	ID      *int64  `json:"id,omitempty"`
+	NodeID  *string `json:"node_id,omitempty"`
+	Name    *string `json:"name,omitempty"`
+	URL     *string `json:"url,omitempty"`
+	HTMLURL *string `json:"html_url,omitempty"`
+}
+
+// ReviewCustomDeploymentProtectionRuleRequest specifies the parameters to ReviewCustomDeploymentProtectionRule.
+type ReviewCustomDeploymentProtectionRuleRequest struct {
+	EnvironmentName string `json:"environment_name"`
+	State           string `json:"state"`
+	Comment         string `json:"comment"`
+}
+
+func (s *ActionsService) listWorkflowRuns(ctx context.Context, endpoint string, opts *ListWorkflowRunsOptions) (*WorkflowRuns, *Response, error) {
+	u, err := addOptions(endpoint, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runs := new(WorkflowRuns)
+	resp, err := s.client.Do(ctx, req, &runs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runs, resp, nil
+}
+
+// ListWorkflowRunsByID lists all workflow runs by workflow ID.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#list-workflow-runs-for-a-workflow
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs
+func (s *ActionsService) ListWorkflowRunsByID(ctx context.Context, owner, repo string, workflowID int64, opts *ListWorkflowRunsOptions) (*WorkflowRuns, *Response, error) {
+	u := fmt.Sprintf("repos/%s/%s/actions/workflows/%v/runs", owner, repo, workflowID)
+	return s.listWorkflowRuns(ctx, u, opts)
+}
+
+// ListWorkflowRunsByFileName lists all workflow runs by workflow file name.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#list-workflow-runs-for-a-workflow
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs
+func (s *ActionsService) ListWorkflowRunsByFileName(ctx context.Context, owner, repo, workflowFileName string, opts *ListWorkflowRunsOptions) (*WorkflowRuns, *Response, error) {
+	u := fmt.Sprintf("repos/%s/%s/actions/workflows/%v/runs", owner, repo, workflowFileName)
+	return s.listWorkflowRuns(ctx, u, opts)
+}
+
+// ListRepositoryWorkflowRuns lists all workflow runs for a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#list-workflow-runs-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runs
+func (s *ActionsService) ListRepositoryWorkflowRuns(ctx context.Context, owner, repo string, opts *ListWorkflowRunsOptions) (*WorkflowRuns, *Response, error) {
+	u := fmt.Sprintf("repos/%s/%s/actions/runs", owner, repo)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runs := new(WorkflowRuns)
+	resp, err := s.client.Do(ctx, req, &runs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runs, resp, nil
+}
+
+// GetWorkflowRunByID gets a specific workflow run by ID.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#get-a-workflow-run
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runs/{run_id}
+func (s *ActionsService) GetWorkflowRunByID(ctx context.Context, owner, repo string, runID int64) (*WorkflowRun, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v", owner, repo, runID)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	run := new(WorkflowRun)
+	resp, err := s.client.Do(ctx, req, run)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return run, resp, nil
+}
+
+// GetWorkflowRunAttempt gets a specific workflow run attempt.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#get-a-workflow-run-attempt
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}
+func (s *ActionsService) GetWorkflowRunAttempt(ctx context.Context, owner, repo string, runID int64, attemptNumber int, opts *WorkflowRunAttemptOptions) (*WorkflowRun, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/attempts/%v", owner, repo, runID, attemptNumber)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	run := new(WorkflowRun)
+	resp, err := s.client.Do(ctx, req, run)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return run, resp, nil
+}
+
+// GetWorkflowRunAttemptLogs gets a redirect URL to download a plain text file of logs for a workflow run for attempt number.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve a workflow run ID from the DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#download-workflow-run-attempt-logs
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runs/{run_id}/attempts/{attempt_number}/logs
+func (s *ActionsService) GetWorkflowRunAttemptLogs(ctx context.Context, owner, repo string, runID int64, attemptNumber int, maxRedirects int) (*url.URL, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/attempts/%v/logs", owner, repo, runID, attemptNumber)
+
+	if s.client.RateLimitRedirectionalEndpoints {
+		return s.getWorkflowRunAttemptLogsWithRateLimit(ctx, u, maxRedirects)
+	}
+
+	return s.getWorkflowRunAttemptLogsWithoutRateLimit(ctx, u, maxRedirects)
+}
+
+func (s *ActionsService) getWorkflowRunAttemptLogsWithoutRateLimit(ctx context.Context, u string, maxRedirects int) (*url.URL, *Response, error) {
+	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, maxRedirects)
+	if err != nil {
+		return nil, nil, err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusFound {
+		return nil, newResponse(resp), fmt.Errorf("unexpected status code: %v", resp.Status)
+	}
+
+	parsedURL, err := url.Parse(resp.Header.Get("Location"))
+	return parsedURL, newResponse(resp), err
+}
+
+func (s *ActionsService) getWorkflowRunAttemptLogsWithRateLimit(ctx context.Context, u string, maxRedirects int) (*url.URL, *Response, error) {
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	url, resp, err := s.client.bareDoUntilFound(ctx, req, maxRedirects)
+	if err != nil {
+		return nil, resp, err
+	}
+	defer resp.Body.Close()
+
+	// If we didn't receive a valid Location in a 302 response
+	if url == nil {
+		return nil, resp, fmt.Errorf("unexpected status code: %v", resp.Status)
+	}
+
+	return url, resp, nil
+}
+
+// RerunWorkflowByID re-runs a workflow by ID.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID a the DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#re-run-a-workflow
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun
+func (s *ActionsService) RerunWorkflowByID(ctx context.Context, owner, repo string, runID int64) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/rerun", owner, repo, runID)
+
+	req, err := s.client.NewRequest("POST", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// RerunFailedJobsByID re-runs all of the failed jobs and their dependent jobs in a workflow run by ID.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#re-run-failed-jobs-from-a-workflow-run
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/runs/{run_id}/rerun-failed-jobs
+func (s *ActionsService) RerunFailedJobsByID(ctx context.Context, owner, repo string, runID int64) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/rerun-failed-jobs", owner, repo, runID)
+
+	req, err := s.client.NewRequest("POST", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// RerunJobByID re-runs a job and its dependent jobs in a workflow run by ID.
+//
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#re-run-a-job-from-a-workflow-run
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/jobs/{job_id}/rerun
+func (s *ActionsService) RerunJobByID(ctx context.Context, owner, repo string, jobID int64) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/jobs/%v/rerun", owner, repo, jobID)
+
+	req, err := s.client.NewRequest("POST", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// CancelWorkflowRunByID cancels a workflow run by ID.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#cancel-a-workflow-run
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/runs/{run_id}/cancel
+func (s *ActionsService) CancelWorkflowRunByID(ctx context.Context, owner, repo string, runID int64) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/cancel", owner, repo, runID)
+
+	req, err := s.client.NewRequest("POST", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// GetWorkflowRunLogs gets a redirect URL to download a plain text file of logs for a workflow run.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#download-workflow-run-logs
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runs/{run_id}/logs
+func (s *ActionsService) GetWorkflowRunLogs(ctx context.Context, owner, repo string, runID int64, maxRedirects int) (*url.URL, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/logs", owner, repo, runID)
+
+	if s.client.RateLimitRedirectionalEndpoints {
+		return s.getWorkflowRunLogsWithRateLimit(ctx, u, maxRedirects)
+	}
+
+	return s.getWorkflowRunLogsWithoutRateLimit(ctx, u, maxRedirects)
+}
+
+func (s *ActionsService) getWorkflowRunLogsWithoutRateLimit(ctx context.Context, u string, maxRedirects int) (*url.URL, *Response, error) {
+	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, maxRedirects)
+	if err != nil {
+		return nil, nil, err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusFound {
+		return nil, newResponse(resp), fmt.Errorf("unexpected status code: %s", resp.Status)
+	}
+
+	parsedURL, err := url.Parse(resp.Header.Get("Location"))
+	return parsedURL, newResponse(resp), err
+}
+
+func (s *ActionsService) getWorkflowRunLogsWithRateLimit(ctx context.Context, u string, maxRedirects int) (*url.URL, *Response, error) {
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	url, resp, err := s.client.bareDoUntilFound(ctx, req, maxRedirects)
+	if err != nil {
+		return nil, resp, err
+	}
+	defer resp.Body.Close()
+
+	// If we didn't receive a valid Location in a 302 response
+	if url == nil {
+		return nil, resp, fmt.Errorf("unexpected status code: %v", resp.Status)
+	}
+
+	return url, resp, nil
+}
+
+// DeleteWorkflowRun deletes a workflow run by ID.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#delete-a-workflow-run
+//
+//meta:operation DELETE /repos/{owner}/{repo}/actions/runs/{run_id}
+func (s *ActionsService) DeleteWorkflowRun(ctx context.Context, owner, repo string, runID int64) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v", owner, repo, runID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// DeleteWorkflowRunLogs deletes all logs for a workflow run.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#delete-workflow-run-logs
+//
+//meta:operation DELETE /repos/{owner}/{repo}/actions/runs/{run_id}/logs
+func (s *ActionsService) DeleteWorkflowRunLogs(ctx context.Context, owner, repo string, runID int64) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/logs", owner, repo, runID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// GetWorkflowRunUsageByID gets a specific workflow usage run by run ID in the unit of billable milliseconds.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#get-workflow-run-usage
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runs/{run_id}/timing
+func (s *ActionsService) GetWorkflowRunUsageByID(ctx context.Context, owner, repo string, runID int64) (*WorkflowRunUsage, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/timing", owner, repo, runID)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	workflowRunUsage := new(WorkflowRunUsage)
+	resp, err := s.client.Do(ctx, req, workflowRunUsage)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return workflowRunUsage, resp, nil
+}
+
+// GetPendingDeployments get all deployment environments for a workflow run that are waiting for protection rules to pass.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#get-pending-deployments-for-a-workflow-run
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments
+func (s *ActionsService) GetPendingDeployments(ctx context.Context, owner, repo string, runID int64) ([]*PendingDeployment, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/pending_deployments", owner, repo, runID)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var deployments []*PendingDeployment
+	resp, err := s.client.Do(ctx, req, &deployments)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return deployments, resp, nil
+}
+
+// PendingDeployments approve or reject pending deployments that are waiting on approval by a required reviewer.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#review-pending-deployments-for-a-workflow-run
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/runs/{run_id}/pending_deployments
+func (s *ActionsService) PendingDeployments(ctx context.Context, owner, repo string, runID int64, request *PendingDeploymentsRequest) ([]*Deployment, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/pending_deployments", owner, repo, runID)
+
+	req, err := s.client.NewRequest("POST", u, request)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var deployments []*Deployment
+	resp, err := s.client.Do(ctx, req, &deployments)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return deployments, resp, nil
+}
+
+// ReviewCustomDeploymentProtectionRule approves or rejects custom deployment protection rules provided by a GitHub App for a workflow run.
+// You can use the helper function *DeploymentProtectionRuleEvent.GetRunID() to easily retrieve the workflow run ID from a DeploymentProtectionRuleEvent.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/workflow-runs#review-custom-deployment-protection-rules-for-a-workflow-run
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/runs/{run_id}/deployment_protection_rule
+func (s *ActionsService) ReviewCustomDeploymentProtectionRule(ctx context.Context, owner, repo string, runID int64, request *ReviewCustomDeploymentProtectionRuleRequest) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/runs/%v/deployment_protection_rule", owner, repo, runID)
+
+	req, err := s.client.NewRequest("POST", u, request)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	return resp, err
+}
diff --git a/vendor/github.com/google/go-github/v55/github/actions_workflows.go b/vendor/github.com/google/go-github/v72/github/actions_workflows.go
similarity index 80%
rename from vendor/github.com/google/go-github/v55/github/actions_workflows.go
rename to vendor/github.com/google/go-github/v72/github/actions_workflows.go
index c9b47ed4be..0214e6abff 100644
--- a/vendor/github.com/google/go-github/v55/github/actions_workflows.go
+++ b/vendor/github.com/google/go-github/v72/github/actions_workflows.go
@@ -58,7 +58,9 @@ type CreateWorkflowDispatchEventRequest struct {
 
 // ListWorkflows lists all workflows in a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#list-repository-workflows
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#list-repository-workflows
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/workflows
 func (s *ActionsService) ListWorkflows(ctx context.Context, owner, repo string, opts *ListOptions) (*Workflows, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/actions/workflows", owner, repo)
 	u, err := addOptions(u, opts)
@@ -82,7 +84,9 @@ func (s *ActionsService) ListWorkflows(ctx context.Context, owner, repo string,
 
 // GetWorkflowByID gets a specific workflow by ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#get-a-workflow
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#get-a-workflow
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}
 func (s *ActionsService) GetWorkflowByID(ctx context.Context, owner, repo string, workflowID int64) (*Workflow, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/workflows/%v", owner, repo, workflowID)
 
@@ -91,7 +95,9 @@ func (s *ActionsService) GetWorkflowByID(ctx context.Context, owner, repo string
 
 // GetWorkflowByFileName gets a specific workflow by file name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#get-a-workflow
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#get-a-workflow
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}
 func (s *ActionsService) GetWorkflowByFileName(ctx context.Context, owner, repo, workflowFileName string) (*Workflow, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/workflows/%v", owner, repo, workflowFileName)
 
@@ -115,7 +121,9 @@ func (s *ActionsService) getWorkflow(ctx context.Context, url string) (*Workflow
 
 // GetWorkflowUsageByID gets a specific workflow usage by ID in the unit of billable milliseconds.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#get-workflow-usage
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#get-workflow-usage
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/timing
 func (s *ActionsService) GetWorkflowUsageByID(ctx context.Context, owner, repo string, workflowID int64) (*WorkflowUsage, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/workflows/%v/timing", owner, repo, workflowID)
 
@@ -124,7 +132,9 @@ func (s *ActionsService) GetWorkflowUsageByID(ctx context.Context, owner, repo s
 
 // GetWorkflowUsageByFileName gets a specific workflow usage by file name in the unit of billable milliseconds.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#get-workflow-usage
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#get-workflow-usage
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/timing
 func (s *ActionsService) GetWorkflowUsageByFileName(ctx context.Context, owner, repo, workflowFileName string) (*WorkflowUsage, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/workflows/%v/timing", owner, repo, workflowFileName)
 
@@ -148,7 +158,9 @@ func (s *ActionsService) getWorkflowUsage(ctx context.Context, url string) (*Wor
 
 // CreateWorkflowDispatchEventByID manually triggers a GitHub Actions workflow run.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#create-a-workflow-dispatch-event
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#create-a-workflow-dispatch-event
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches
 func (s *ActionsService) CreateWorkflowDispatchEventByID(ctx context.Context, owner, repo string, workflowID int64, event CreateWorkflowDispatchEventRequest) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/workflows/%v/dispatches", owner, repo, workflowID)
 
@@ -157,7 +169,9 @@ func (s *ActionsService) CreateWorkflowDispatchEventByID(ctx context.Context, ow
 
 // CreateWorkflowDispatchEventByFileName manually triggers a GitHub Actions workflow run.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#create-a-workflow-dispatch-event
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#create-a-workflow-dispatch-event
+//
+//meta:operation POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches
 func (s *ActionsService) CreateWorkflowDispatchEventByFileName(ctx context.Context, owner, repo, workflowFileName string, event CreateWorkflowDispatchEventRequest) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/workflows/%v/dispatches", owner, repo, workflowFileName)
 
@@ -175,7 +189,9 @@ func (s *ActionsService) createWorkflowDispatchEvent(ctx context.Context, url st
 
 // EnableWorkflowByID enables a workflow and sets the state of the workflow to "active".
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#enable-a-workflow
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#enable-a-workflow
+//
+//meta:operation PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/enable
 func (s *ActionsService) EnableWorkflowByID(ctx context.Context, owner, repo string, workflowID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/workflows/%v/enable", owner, repo, workflowID)
 	return s.doNewPutRequest(ctx, u)
@@ -183,7 +199,9 @@ func (s *ActionsService) EnableWorkflowByID(ctx context.Context, owner, repo str
 
 // EnableWorkflowByFileName enables a workflow and sets the state of the workflow to "active".
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#enable-a-workflow
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#enable-a-workflow
+//
+//meta:operation PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/enable
 func (s *ActionsService) EnableWorkflowByFileName(ctx context.Context, owner, repo, workflowFileName string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/workflows/%v/enable", owner, repo, workflowFileName)
 	return s.doNewPutRequest(ctx, u)
@@ -191,7 +209,9 @@ func (s *ActionsService) EnableWorkflowByFileName(ctx context.Context, owner, re
 
 // DisableWorkflowByID disables a workflow and sets the state of the workflow to "disabled_manually".
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#disable-a-workflow
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#disable-a-workflow
+//
+//meta:operation PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/disable
 func (s *ActionsService) DisableWorkflowByID(ctx context.Context, owner, repo string, workflowID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/workflows/%v/disable", owner, repo, workflowID)
 	return s.doNewPutRequest(ctx, u)
@@ -199,7 +219,9 @@ func (s *ActionsService) DisableWorkflowByID(ctx context.Context, owner, repo st
 
 // DisableWorkflowByFileName disables a workflow and sets the state of the workflow to "disabled_manually".
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/workflows#disable-a-workflow
+// GitHub API docs: https://docs.github.com/rest/actions/workflows#disable-a-workflow
+//
+//meta:operation PUT /repos/{owner}/{repo}/actions/workflows/{workflow_id}/disable
 func (s *ActionsService) DisableWorkflowByFileName(ctx context.Context, owner, repo, workflowFileName string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/workflows/%v/disable", owner, repo, workflowFileName)
 	return s.doNewPutRequest(ctx, u)
diff --git a/vendor/github.com/google/go-github/v55/github/activity.go b/vendor/github.com/google/go-github/v72/github/activity.go
similarity index 94%
rename from vendor/github.com/google/go-github/v55/github/activity.go
rename to vendor/github.com/google/go-github/v72/github/activity.go
index 9cd9f9b71d..edf8cc4397 100644
--- a/vendor/github.com/google/go-github/v55/github/activity.go
+++ b/vendor/github.com/google/go-github/v72/github/activity.go
@@ -10,7 +10,7 @@ import "context"
 // ActivityService handles communication with the activity related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/
+// GitHub API docs: https://docs.github.com/rest/activity/
 type ActivityService service
 
 // FeedLink represents a link to a related resource.
@@ -57,6 +57,10 @@ type FeedLinks struct {
 //
 // Note: Private feeds are only returned when authenticating via Basic Auth
 // since current feed URIs use the older, non revocable auth tokens.
+//
+// GitHub API docs: https://docs.github.com/rest/activity/feeds#get-feeds
+//
+//meta:operation GET /feeds
 func (s *ActivityService) ListFeeds(ctx context.Context) (*Feeds, *Response, error) {
 	req, err := s.client.NewRequest("GET", "feeds", nil)
 	if err != nil {
diff --git a/vendor/github.com/google/go-github/v55/github/activity_events.go b/vendor/github.com/google/go-github/v72/github/activity_events.go
similarity index 76%
rename from vendor/github.com/google/go-github/v55/github/activity_events.go
rename to vendor/github.com/google/go-github/v72/github/activity_events.go
index d6f0f043b0..b12baa99e6 100644
--- a/vendor/github.com/google/go-github/v55/github/activity_events.go
+++ b/vendor/github.com/google/go-github/v72/github/activity_events.go
@@ -12,7 +12,9 @@ import (
 
 // ListEvents drinks from the firehose of all public events across GitHub.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/events#list-public-events
+// GitHub API docs: https://docs.github.com/rest/activity/events#list-public-events
+//
+//meta:operation GET /events
 func (s *ActivityService) ListEvents(ctx context.Context, opts *ListOptions) ([]*Event, *Response, error) {
 	u, err := addOptions("events", opts)
 	if err != nil {
@@ -35,7 +37,9 @@ func (s *ActivityService) ListEvents(ctx context.Context, opts *ListOptions) ([]
 
 // ListRepositoryEvents lists events for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/events#list-repository-events
+// GitHub API docs: https://docs.github.com/rest/activity/events#list-repository-events
+//
+//meta:operation GET /repos/{owner}/{repo}/events
 func (s *ActivityService) ListRepositoryEvents(ctx context.Context, owner, repo string, opts *ListOptions) ([]*Event, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/events", owner, repo)
 	u, err := addOptions(u, opts)
@@ -59,7 +63,9 @@ func (s *ActivityService) ListRepositoryEvents(ctx context.Context, owner, repo
 
 // ListIssueEventsForRepository lists issue events for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/events#list-issue-events-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/issues/events#list-issue-events-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/events
 func (s *ActivityService) ListIssueEventsForRepository(ctx context.Context, owner, repo string, opts *ListOptions) ([]*IssueEvent, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/events", owner, repo)
 	u, err := addOptions(u, opts)
@@ -83,7 +89,9 @@ func (s *ActivityService) ListIssueEventsForRepository(ctx context.Context, owne
 
 // ListEventsForRepoNetwork lists public events for a network of repositories.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/events#list-public-events-for-a-network-of-repositories
+// GitHub API docs: https://docs.github.com/rest/activity/events#list-public-events-for-a-network-of-repositories
+//
+//meta:operation GET /networks/{owner}/{repo}/events
 func (s *ActivityService) ListEventsForRepoNetwork(ctx context.Context, owner, repo string, opts *ListOptions) ([]*Event, *Response, error) {
 	u := fmt.Sprintf("networks/%v/%v/events", owner, repo)
 	u, err := addOptions(u, opts)
@@ -107,7 +115,9 @@ func (s *ActivityService) ListEventsForRepoNetwork(ctx context.Context, owner, r
 
 // ListEventsForOrganization lists public events for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/events#list-public-organization-events
+// GitHub API docs: https://docs.github.com/rest/activity/events#list-public-organization-events
+//
+//meta:operation GET /orgs/{org}/events
 func (s *ActivityService) ListEventsForOrganization(ctx context.Context, org string, opts *ListOptions) ([]*Event, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/events", org)
 	u, err := addOptions(u, opts)
@@ -132,8 +142,11 @@ func (s *ActivityService) ListEventsForOrganization(ctx context.Context, org str
 // ListEventsPerformedByUser lists the events performed by a user. If publicOnly is
 // true, only public events will be returned.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/events#list-events-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/activity/events#list-public-events-for-a-user
+// GitHub API docs: https://docs.github.com/rest/activity/events#list-events-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/activity/events#list-public-events-for-a-user
+//
+//meta:operation GET /users/{username}/events
+//meta:operation GET /users/{username}/events/public
 func (s *ActivityService) ListEventsPerformedByUser(ctx context.Context, user string, publicOnly bool, opts *ListOptions) ([]*Event, *Response, error) {
 	var u string
 	if publicOnly {
@@ -163,8 +176,11 @@ func (s *ActivityService) ListEventsPerformedByUser(ctx context.Context, user st
 // ListEventsReceivedByUser lists the events received by a user. If publicOnly is
 // true, only public events will be returned.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/events#list-events-received-by-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/activity/events#list-public-events-received-by-a-user
+// GitHub API docs: https://docs.github.com/rest/activity/events#list-events-received-by-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/activity/events#list-public-events-received-by-a-user
+//
+//meta:operation GET /users/{username}/received_events
+//meta:operation GET /users/{username}/received_events/public
 func (s *ActivityService) ListEventsReceivedByUser(ctx context.Context, user string, publicOnly bool, opts *ListOptions) ([]*Event, *Response, error) {
 	var u string
 	if publicOnly {
@@ -194,7 +210,9 @@ func (s *ActivityService) ListEventsReceivedByUser(ctx context.Context, user str
 // ListUserEventsForOrganization provides the user’s organization dashboard. You
 // must be authenticated as the user to view this.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/events#list-organization-events-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/activity/events#list-organization-events-for-the-authenticated-user
+//
+//meta:operation GET /users/{username}/events/orgs/{org}
 func (s *ActivityService) ListUserEventsForOrganization(ctx context.Context, org, user string, opts *ListOptions) ([]*Event, *Response, error) {
 	u := fmt.Sprintf("users/%v/events/orgs/%v", user, org)
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v55/github/activity_notifications.go b/vendor/github.com/google/go-github/v72/github/activity_notifications.go
similarity index 73%
rename from vendor/github.com/google/go-github/v55/github/activity_notifications.go
rename to vendor/github.com/google/go-github/v72/github/activity_notifications.go
index 03476c2e2c..e712323ed4 100644
--- a/vendor/github.com/google/go-github/v55/github/activity_notifications.go
+++ b/vendor/github.com/google/go-github/v72/github/activity_notifications.go
@@ -19,7 +19,7 @@ type Notification struct {
 
 	// Reason identifies the event that triggered the notification.
 	//
-	// GitHub API docs: https://docs.github.com/en/rest/activity#notification-reasons
+	// GitHub API docs: https://docs.github.com/rest/activity#notification-reasons
 	Reason *string `json:"reason,omitempty"`
 
 	Unread     *bool      `json:"unread,omitempty"`
@@ -49,7 +49,9 @@ type NotificationListOptions struct {
 
 // ListNotifications lists all notifications for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/notifications#list-notifications-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/activity/notifications#list-notifications-for-the-authenticated-user
+//
+//meta:operation GET /notifications
 func (s *ActivityService) ListNotifications(ctx context.Context, opts *NotificationListOptions) ([]*Notification, *Response, error) {
 	u := "notifications"
 	u, err := addOptions(u, opts)
@@ -74,7 +76,9 @@ func (s *ActivityService) ListNotifications(ctx context.Context, opts *Notificat
 // ListRepositoryNotifications lists all notifications in a given repository
 // for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/notifications#list-repository-notifications-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/activity/notifications#list-repository-notifications-for-the-authenticated-user
+//
+//meta:operation GET /repos/{owner}/{repo}/notifications
 func (s *ActivityService) ListRepositoryNotifications(ctx context.Context, owner, repo string, opts *NotificationListOptions) ([]*Notification, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/notifications", owner, repo)
 	u, err := addOptions(u, opts)
@@ -102,7 +106,9 @@ type markReadOptions struct {
 
 // MarkNotificationsRead marks all notifications up to lastRead as read.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity#mark-as-read
+// GitHub API docs: https://docs.github.com/rest/activity/notifications#mark-notifications-as-read
+//
+//meta:operation PUT /notifications
 func (s *ActivityService) MarkNotificationsRead(ctx context.Context, lastRead Timestamp) (*Response, error) {
 	opts := &markReadOptions{
 		LastReadAt: lastRead,
@@ -118,7 +124,9 @@ func (s *ActivityService) MarkNotificationsRead(ctx context.Context, lastRead Ti
 // MarkRepositoryNotificationsRead marks all notifications up to lastRead in
 // the specified repository as read.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/notifications#mark-repository-notifications-as-read
+// GitHub API docs: https://docs.github.com/rest/activity/notifications#mark-repository-notifications-as-read
+//
+//meta:operation PUT /repos/{owner}/{repo}/notifications
 func (s *ActivityService) MarkRepositoryNotificationsRead(ctx context.Context, owner, repo string, lastRead Timestamp) (*Response, error) {
 	opts := &markReadOptions{
 		LastReadAt: lastRead,
@@ -134,7 +142,9 @@ func (s *ActivityService) MarkRepositoryNotificationsRead(ctx context.Context, o
 
 // GetThread gets the specified notification thread.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/notifications#get-a-thread
+// GitHub API docs: https://docs.github.com/rest/activity/notifications#get-a-thread
+//
+//meta:operation GET /notifications/threads/{thread_id}
 func (s *ActivityService) GetThread(ctx context.Context, id string) (*Notification, *Response, error) {
 	u := fmt.Sprintf("notifications/threads/%v", id)
 
@@ -154,7 +164,9 @@ func (s *ActivityService) GetThread(ctx context.Context, id string) (*Notificati
 
 // MarkThreadRead marks the specified thread as read.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/notifications#mark-a-thread-as-read
+// GitHub API docs: https://docs.github.com/rest/activity/notifications#mark-a-thread-as-read
+//
+//meta:operation PATCH /notifications/threads/{thread_id}
 func (s *ActivityService) MarkThreadRead(ctx context.Context, id string) (*Response, error) {
 	u := fmt.Sprintf("notifications/threads/%v", id)
 
@@ -166,10 +178,29 @@ func (s *ActivityService) MarkThreadRead(ctx context.Context, id string) (*Respo
 	return s.client.Do(ctx, req, nil)
 }
 
+// MarkThreadDone marks the specified thread as done.
+// Marking a thread as "done" is equivalent to marking a notification in your notification inbox on GitHub as done.
+//
+// GitHub API docs: https://docs.github.com/rest/activity/notifications#mark-a-thread-as-done
+//
+//meta:operation DELETE /notifications/threads/{thread_id}
+func (s *ActivityService) MarkThreadDone(ctx context.Context, id int64) (*Response, error) {
+	u := fmt.Sprintf("notifications/threads/%v", id)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
 // GetThreadSubscription checks to see if the authenticated user is subscribed
 // to a thread.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/notifications#get-a-thread-subscription-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/activity/notifications#get-a-thread-subscription-for-the-authenticated-user
+//
+//meta:operation GET /notifications/threads/{thread_id}/subscription
 func (s *ActivityService) GetThreadSubscription(ctx context.Context, id string) (*Subscription, *Response, error) {
 	u := fmt.Sprintf("notifications/threads/%v/subscription", id)
 
@@ -190,7 +221,9 @@ func (s *ActivityService) GetThreadSubscription(ctx context.Context, id string)
 // SetThreadSubscription sets the subscription for the specified thread for the
 // authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/notifications#set-a-thread-subscription
+// GitHub API docs: https://docs.github.com/rest/activity/notifications#set-a-thread-subscription
+//
+//meta:operation PUT /notifications/threads/{thread_id}/subscription
 func (s *ActivityService) SetThreadSubscription(ctx context.Context, id string, subscription *Subscription) (*Subscription, *Response, error) {
 	u := fmt.Sprintf("notifications/threads/%v/subscription", id)
 
@@ -211,7 +244,9 @@ func (s *ActivityService) SetThreadSubscription(ctx context.Context, id string,
 // DeleteThreadSubscription deletes the subscription for the specified thread
 // for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/notifications#delete-a-thread-subscription
+// GitHub API docs: https://docs.github.com/rest/activity/notifications#delete-a-thread-subscription
+//
+//meta:operation DELETE /notifications/threads/{thread_id}/subscription
 func (s *ActivityService) DeleteThreadSubscription(ctx context.Context, id string) (*Response, error) {
 	u := fmt.Sprintf("notifications/threads/%v/subscription", id)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/activity_star.go b/vendor/github.com/google/go-github/v72/github/activity_star.go
similarity index 79%
rename from vendor/github.com/google/go-github/v55/github/activity_star.go
rename to vendor/github.com/google/go-github/v72/github/activity_star.go
index 65a316f532..cebdacf76a 100644
--- a/vendor/github.com/google/go-github/v55/github/activity_star.go
+++ b/vendor/github.com/google/go-github/v72/github/activity_star.go
@@ -25,7 +25,9 @@ type Stargazer struct {
 
 // ListStargazers lists people who have starred the specified repo.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/starring#list-stargazers
+// GitHub API docs: https://docs.github.com/rest/activity/starring#list-stargazers
+//
+//meta:operation GET /repos/{owner}/{repo}/stargazers
 func (s *ActivityService) ListStargazers(ctx context.Context, owner, repo string, opts *ListOptions) ([]*Stargazer, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/stargazers", owner, repo)
 	u, err := addOptions(u, opts)
@@ -67,8 +69,11 @@ type ActivityListStarredOptions struct {
 // ListStarred lists all the repos starred by a user. Passing the empty string
 // will list the starred repositories for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/starring#list-repositories-starred-by-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/activity/starring#list-repositories-starred-by-a-user
+// GitHub API docs: https://docs.github.com/rest/activity/starring#list-repositories-starred-by-a-user
+// GitHub API docs: https://docs.github.com/rest/activity/starring#list-repositories-starred-by-the-authenticated-user
+//
+//meta:operation GET /user/starred
+//meta:operation GET /users/{username}/starred
 func (s *ActivityService) ListStarred(ctx context.Context, user string, opts *ActivityListStarredOptions) ([]*StarredRepository, *Response, error) {
 	var u string
 	if user != "" {
@@ -101,7 +106,9 @@ func (s *ActivityService) ListStarred(ctx context.Context, user string, opts *Ac
 
 // IsStarred checks if a repository is starred by authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/starring#check-if-a-repository-is-starred-by-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/activity/starring#check-if-a-repository-is-starred-by-the-authenticated-user
+//
+//meta:operation GET /user/starred/{owner}/{repo}
 func (s *ActivityService) IsStarred(ctx context.Context, owner, repo string) (bool, *Response, error) {
 	u := fmt.Sprintf("user/starred/%v/%v", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -116,7 +123,9 @@ func (s *ActivityService) IsStarred(ctx context.Context, owner, repo string) (bo
 
 // Star a repository as the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/starring#star-a-repository-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/activity/starring#star-a-repository-for-the-authenticated-user
+//
+//meta:operation PUT /user/starred/{owner}/{repo}
 func (s *ActivityService) Star(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("user/starred/%v/%v", owner, repo)
 	req, err := s.client.NewRequest("PUT", u, nil)
@@ -129,7 +138,9 @@ func (s *ActivityService) Star(ctx context.Context, owner, repo string) (*Respon
 
 // Unstar a repository as the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/starring#unstar-a-repository-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/activity/starring#unstar-a-repository-for-the-authenticated-user
+//
+//meta:operation DELETE /user/starred/{owner}/{repo}
 func (s *ActivityService) Unstar(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("user/starred/%v/%v", owner, repo)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/activity_watching.go b/vendor/github.com/google/go-github/v72/github/activity_watching.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/activity_watching.go
rename to vendor/github.com/google/go-github/v72/github/activity_watching.go
index 2d6fafcc79..348590057b 100644
--- a/vendor/github.com/google/go-github/v55/github/activity_watching.go
+++ b/vendor/github.com/google/go-github/v72/github/activity_watching.go
@@ -27,7 +27,9 @@ type Subscription struct {
 
 // ListWatchers lists watchers of a particular repo.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/watching#list-watchers
+// GitHub API docs: https://docs.github.com/rest/activity/watching#list-watchers
+//
+//meta:operation GET /repos/{owner}/{repo}/subscribers
 func (s *ActivityService) ListWatchers(ctx context.Context, owner, repo string, opts *ListOptions) ([]*User, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/subscribers", owner, repo)
 	u, err := addOptions(u, opts)
@@ -52,8 +54,11 @@ func (s *ActivityService) ListWatchers(ctx context.Context, owner, repo string,
 // ListWatched lists the repositories the specified user is watching. Passing
 // the empty string will fetch watched repos for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/watching#list-repositories-watched-by-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/activity/watching#list-repositories-watched-by-a-user
+// GitHub API docs: https://docs.github.com/rest/activity/watching#list-repositories-watched-by-a-user
+// GitHub API docs: https://docs.github.com/rest/activity/watching#list-repositories-watched-by-the-authenticated-user
+//
+//meta:operation GET /user/subscriptions
+//meta:operation GET /users/{username}/subscriptions
 func (s *ActivityService) ListWatched(ctx context.Context, user string, opts *ListOptions) ([]*Repository, *Response, error) {
 	var u string
 	if user != "" {
@@ -84,7 +89,9 @@ func (s *ActivityService) ListWatched(ctx context.Context, user string, opts *Li
 // repository for the authenticated user. If the authenticated user is not
 // watching the repository, a nil Subscription is returned.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/watching#get-a-repository-subscription
+// GitHub API docs: https://docs.github.com/rest/activity/watching#get-a-repository-subscription
+//
+//meta:operation GET /repos/{owner}/{repo}/subscription
 func (s *ActivityService) GetRepositorySubscription(ctx context.Context, owner, repo string) (*Subscription, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/subscription", owner, repo)
 
@@ -111,7 +118,9 @@ func (s *ActivityService) GetRepositorySubscription(ctx context.Context, owner,
 // To ignore notifications made within a repository, set subscription.Ignored to true.
 // To stop watching a repository, use DeleteRepositorySubscription.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/watching#set-a-repository-subscription
+// GitHub API docs: https://docs.github.com/rest/activity/watching#set-a-repository-subscription
+//
+//meta:operation PUT /repos/{owner}/{repo}/subscription
 func (s *ActivityService) SetRepositorySubscription(ctx context.Context, owner, repo string, subscription *Subscription) (*Subscription, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/subscription", owner, repo)
 
@@ -135,7 +144,9 @@ func (s *ActivityService) SetRepositorySubscription(ctx context.Context, owner,
 // This is used to stop watching a repository. To control whether or not to
 // receive notifications from a repository, use SetRepositorySubscription.
 //
-// GitHub API docs: https://docs.github.com/en/rest/activity/watching#delete-a-repository-subscription
+// GitHub API docs: https://docs.github.com/rest/activity/watching#delete-a-repository-subscription
+//
+//meta:operation DELETE /repos/{owner}/{repo}/subscription
 func (s *ActivityService) DeleteRepositorySubscription(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/subscription", owner, repo)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/admin.go b/vendor/github.com/google/go-github/v72/github/admin.go
similarity index 89%
rename from vendor/github.com/google/go-github/v55/github/admin.go
rename to vendor/github.com/google/go-github/v72/github/admin.go
index 1b28ef64c7..c15c413c57 100644
--- a/vendor/github.com/google/go-github/v55/github/admin.go
+++ b/vendor/github.com/google/go-github/v72/github/admin.go
@@ -14,7 +14,7 @@ import (
 // GitHub API. These API routes are normally only accessible for GitHub
 // Enterprise installations.
 //
-// GitHub API docs: https://docs.github.com/en/rest/enterprise-admin
+// GitHub API docs: https://docs.github.com/rest/enterprise-admin
 type AdminService service
 
 // TeamLDAPMapping represents the mapping between a GitHub team and an LDAP group.
@@ -82,7 +82,9 @@ func (m Enterprise) String() string {
 
 // UpdateUserLDAPMapping updates the mapping between a GitHub user and an LDAP user.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-server/rest/enterprise-admin/ldap#update-ldap-mapping-for-a-user
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/ldap#update-ldap-mapping-for-a-user
+//
+//meta:operation PATCH /admin/ldap/users/{username}/mapping
 func (s *AdminService) UpdateUserLDAPMapping(ctx context.Context, user string, mapping *UserLDAPMapping) (*UserLDAPMapping, *Response, error) {
 	u := fmt.Sprintf("admin/ldap/users/%v/mapping", user)
 	req, err := s.client.NewRequest("PATCH", u, mapping)
@@ -101,7 +103,9 @@ func (s *AdminService) UpdateUserLDAPMapping(ctx context.Context, user string, m
 
 // UpdateTeamLDAPMapping updates the mapping between a GitHub team and an LDAP group.
 //
-// GitHub API docs: https://docs.github.com/en/rest/enterprise/ldap/#update-ldap-mapping-for-a-team
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/ldap#update-ldap-mapping-for-a-team
+//
+//meta:operation PATCH /admin/ldap/teams/{team_id}/mapping
 func (s *AdminService) UpdateTeamLDAPMapping(ctx context.Context, team int64, mapping *TeamLDAPMapping) (*TeamLDAPMapping, *Response, error) {
 	u := fmt.Sprintf("admin/ldap/teams/%v/mapping", team)
 	req, err := s.client.NewRequest("PATCH", u, mapping)
diff --git a/vendor/github.com/google/go-github/v55/github/admin_orgs.go b/vendor/github.com/google/go-github/v72/github/admin_orgs.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/admin_orgs.go
rename to vendor/github.com/google/go-github/v72/github/admin_orgs.go
index 448e51f631..200834508d 100644
--- a/vendor/github.com/google/go-github/v55/github/admin_orgs.go
+++ b/vendor/github.com/google/go-github/v72/github/admin_orgs.go
@@ -22,7 +22,9 @@ type createOrgRequest struct {
 // Note that only a subset of the org fields are used and org must
 // not be nil.
 //
-// GitHub Enterprise API docs: https://developer.github.com/enterprise/v3/enterprise-admin/orgs/#create-an-organization
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/orgs#create-an-organization
+//
+//meta:operation POST /admin/organizations
 func (s *AdminService) CreateOrg(ctx context.Context, org *Organization, admin string) (*Organization, *Response, error) {
 	u := "admin/organizations"
 
@@ -59,14 +61,18 @@ type RenameOrgResponse struct {
 
 // RenameOrg renames an organization in GitHub Enterprise.
 //
-// GitHub Enterprise API docs: https://developer.github.com/enterprise/v3/enterprise-admin/orgs/#rename-an-organization
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/orgs#update-an-organization-name
+//
+//meta:operation PATCH /admin/organizations/{org}
 func (s *AdminService) RenameOrg(ctx context.Context, org *Organization, newName string) (*RenameOrgResponse, *Response, error) {
 	return s.RenameOrgByName(ctx, *org.Login, newName)
 }
 
 // RenameOrgByName renames an organization in GitHub Enterprise using its current name.
 //
-// GitHub Enterprise API docs: https://developer.github.com/enterprise/v3/enterprise-admin/orgs/#rename-an-organization
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/orgs#update-an-organization-name
+//
+//meta:operation PATCH /admin/organizations/{org}
 func (s *AdminService) RenameOrgByName(ctx context.Context, org, newName string) (*RenameOrgResponse, *Response, error) {
 	u := fmt.Sprintf("admin/organizations/%v", org)
 
diff --git a/vendor/github.com/google/go-github/v55/github/admin_stats.go b/vendor/github.com/google/go-github/v72/github/admin_stats.go
similarity index 91%
rename from vendor/github.com/google/go-github/v55/github/admin_stats.go
rename to vendor/github.com/google/go-github/v72/github/admin_stats.go
index 17e568f62b..bdf51a66ce 100644
--- a/vendor/github.com/google/go-github/v55/github/admin_stats.go
+++ b/vendor/github.com/google/go-github/v72/github/admin_stats.go
@@ -118,13 +118,13 @@ func (s GistStats) String() string {
 	return Stringify(s)
 }
 
-// PullStats represents the number of total, merged, mergable and unmergeable
+// PullStats represents the number of total, merged, mergeable and unmergeable
 // pull-requests.
 type PullStats struct {
-	TotalPulls      *int `json:"total_pulls,omitempty"`
-	MergedPulls     *int `json:"merged_pulls,omitempty"`
-	MergablePulls   *int `json:"mergeable_pulls,omitempty"`
-	UnmergablePulls *int `json:"unmergeable_pulls,omitempty"`
+	TotalPulls       *int `json:"total_pulls,omitempty"`
+	MergedPulls      *int `json:"merged_pulls,omitempty"`
+	MergeablePulls   *int `json:"mergeable_pulls,omitempty"`
+	UnmergeablePulls *int `json:"unmergeable_pulls,omitempty"`
 }
 
 func (s PullStats) String() string {
@@ -152,7 +152,9 @@ func (s RepoStats) String() string {
 // Please note that this is only available to site administrators,
 // otherwise it will error with a 404 not found (instead of 401 or 403).
 //
-// GitHub API docs: https://docs.github.com/en/rest/enterprise-admin/admin_stats/
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/admin-stats#get-all-statistics
+//
+//meta:operation GET /enterprise/stats/all
 func (s *AdminService) GetAdminStats(ctx context.Context) (*AdminStats, *Response, error) {
 	u := "enterprise/stats/all"
 	req, err := s.client.NewRequest("GET", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/admin_users.go b/vendor/github.com/google/go-github/v72/github/admin_users.go
similarity index 73%
rename from vendor/github.com/google/go-github/v55/github/admin_users.go
rename to vendor/github.com/google/go-github/v72/github/admin_users.go
index d756a77e20..70a7b30044 100644
--- a/vendor/github.com/google/go-github/v55/github/admin_users.go
+++ b/vendor/github.com/google/go-github/v72/github/admin_users.go
@@ -10,24 +10,22 @@ import (
 	"fmt"
 )
 
-// createUserRequest is a subset of User and is used internally
-// by CreateUser to pass only the known fields for the endpoint.
-type createUserRequest struct {
-	Login *string `json:"login,omitempty"`
-	Email *string `json:"email,omitempty"`
+// CreateUserRequest represents the fields sent to the `CreateUser` endpoint.
+// Note that `Login` is a required field.
+type CreateUserRequest struct {
+	Login     string  `json:"login"`
+	Email     *string `json:"email,omitempty"`
+	Suspended *bool   `json:"suspended,omitempty"`
 }
 
 // CreateUser creates a new user in GitHub Enterprise.
 //
-// GitHub Enterprise API docs: https://developer.github.com/enterprise/v3/enterprise-admin/users/#create-a-new-user
-func (s *AdminService) CreateUser(ctx context.Context, login, email string) (*User, *Response, error) {
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/users#create-a-user
+//
+//meta:operation POST /admin/users
+func (s *AdminService) CreateUser(ctx context.Context, userReq CreateUserRequest) (*User, *Response, error) {
 	u := "admin/users"
 
-	userReq := &createUserRequest{
-		Login: &login,
-		Email: &email,
-	}
-
 	req, err := s.client.NewRequest("POST", u, userReq)
 	if err != nil {
 		return nil, nil, err
@@ -44,7 +42,9 @@ func (s *AdminService) CreateUser(ctx context.Context, login, email string) (*Us
 
 // DeleteUser deletes a user in GitHub Enterprise.
 //
-// GitHub Enterprise API docs: https://developer.github.com/enterprise/v3/enterprise-admin/users/#delete-a-user
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/users#delete-a-user
+//
+//meta:operation DELETE /admin/users/{username}
 func (s *AdminService) DeleteUser(ctx context.Context, username string) (*Response, error) {
 	u := "admin/users/" + username
 
@@ -95,7 +95,9 @@ type UserAuthorization struct {
 
 // CreateUserImpersonation creates an impersonation OAuth token.
 //
-// GitHub Enterprise API docs: https://developer.github.com/enterprise/v3/enterprise-admin/users/#create-an-impersonation-oauth-token
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/users#create-an-impersonation-oauth-token
+//
+//meta:operation POST /admin/users/{username}/authorizations
 func (s *AdminService) CreateUserImpersonation(ctx context.Context, username string, opts *ImpersonateUserOptions) (*UserAuthorization, *Response, error) {
 	u := fmt.Sprintf("admin/users/%s/authorizations", username)
 
@@ -115,7 +117,9 @@ func (s *AdminService) CreateUserImpersonation(ctx context.Context, username str
 
 // DeleteUserImpersonation deletes an impersonation OAuth token.
 //
-// GitHub Enterprise API docs: https://developer.github.com/enterprise/v3/enterprise-admin/users/#delete-an-impersonation-oauth-token
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/users#delete-an-impersonation-oauth-token
+//
+//meta:operation DELETE /admin/users/{username}/authorizations
 func (s *AdminService) DeleteUserImpersonation(ctx context.Context, username string) (*Response, error) {
 	u := fmt.Sprintf("admin/users/%s/authorizations", username)
 
diff --git a/vendor/github.com/google/go-github/v72/github/apps.go b/vendor/github.com/google/go-github/v72/github/apps.go
new file mode 100644
index 0000000000..3dd392d083
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/apps.go
@@ -0,0 +1,495 @@
+// Copyright 2016 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// AppsService provides access to the installation related functions
+// in the GitHub API.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/
+type AppsService service
+
+// App represents a GitHub App.
+type App struct {
+	ID                 *int64                   `json:"id,omitempty"`
+	Slug               *string                  `json:"slug,omitempty"`
+	NodeID             *string                  `json:"node_id,omitempty"`
+	Owner              *User                    `json:"owner,omitempty"`
+	Name               *string                  `json:"name,omitempty"`
+	Description        *string                  `json:"description,omitempty"`
+	ExternalURL        *string                  `json:"external_url,omitempty"`
+	HTMLURL            *string                  `json:"html_url,omitempty"`
+	CreatedAt          *Timestamp               `json:"created_at,omitempty"`
+	UpdatedAt          *Timestamp               `json:"updated_at,omitempty"`
+	Permissions        *InstallationPermissions `json:"permissions,omitempty"`
+	Events             []string                 `json:"events,omitempty"`
+	InstallationsCount *int                     `json:"installations_count,omitempty"`
+}
+
+// InstallationToken represents an installation token.
+type InstallationToken struct {
+	Token        *string                  `json:"token,omitempty"`
+	ExpiresAt    *Timestamp               `json:"expires_at,omitempty"`
+	Permissions  *InstallationPermissions `json:"permissions,omitempty"`
+	Repositories []*Repository            `json:"repositories,omitempty"`
+}
+
+// InstallationTokenOptions allow restricting a token's access to specific repositories.
+type InstallationTokenOptions struct {
+	// The IDs of the repositories that the installation token can access.
+	// Providing repository IDs restricts the access of an installation token to specific repositories.
+	RepositoryIDs []int64 `json:"repository_ids,omitempty"`
+
+	// The names of the repositories that the installation token can access.
+	// Providing repository names restricts the access of an installation token to specific repositories.
+	Repositories []string `json:"repositories,omitempty"`
+
+	// The permissions granted to the access token.
+	// The permissions object includes the permission names and their access type.
+	Permissions *InstallationPermissions `json:"permissions,omitempty"`
+}
+
+type InstallationTokenListRepoOptions struct {
+	// The IDs of the repositories that the installation token can access.
+	// Providing repository IDs restricts the access of an installation token to specific repositories.
+	RepositoryIDs []int64 `json:"repository_ids"`
+
+	// The names of the repositories that the installation token can access.
+	// Providing repository names restricts the access of an installation token to specific repositories.
+	Repositories []string `json:"repositories,omitempty"`
+
+	// The permissions granted to the access token.
+	// The permissions object includes the permission names and their access type.
+	Permissions *InstallationPermissions `json:"permissions,omitempty"`
+}
+
+// InstallationPermissions lists the repository and organization permissions for an installation.
+//
+// Permission names taken from:
+//
+//	https://docs.github.com/enterprise-server@3.0/rest/apps#create-an-installation-access-token-for-an-app
+//	https://docs.github.com/rest/apps#create-an-installation-access-token-for-an-app
+type InstallationPermissions struct {
+	Actions                                 *string `json:"actions,omitempty"`
+	ActionsVariables                        *string `json:"actions_variables,omitempty"`
+	Administration                          *string `json:"administration,omitempty"`
+	Attestations                            *string `json:"attestations,omitempty"`
+	Blocking                                *string `json:"blocking,omitempty"`
+	Checks                                  *string `json:"checks,omitempty"`
+	Codespaces                              *string `json:"codespaces,omitempty"`
+	CodespacesLifecycleAdmin                *string `json:"codespaces_lifecycle_admin,omitempty"`
+	CodespacesMetadata                      *string `json:"codespaces_metadata,omitempty"`
+	CodespacesSecrets                       *string `json:"codespaces_secrets,omitempty"`
+	CodespacesUserSecrets                   *string `json:"codespaces_user_secrets,omitempty"`
+	Contents                                *string `json:"contents,omitempty"`
+	ContentReferences                       *string `json:"content_references,omitempty"`
+	CopilotMessages                         *string `json:"copilot_messages,omitempty"`
+	DependabotSecrets                       *string `json:"dependabot_secrets,omitempty"`
+	Deployments                             *string `json:"deployments,omitempty"`
+	Discussions                             *string `json:"discussions,omitempty"`
+	Emails                                  *string `json:"emails,omitempty"`
+	Environments                            *string `json:"environments,omitempty"`
+	Followers                               *string `json:"followers,omitempty"`
+	Gists                                   *string `json:"gists,omitempty"`
+	GitSigningSSHPublicKeys                 *string `json:"git_signing_ssh_public_keys,omitempty"`
+	GPGKeys                                 *string `json:"gpg_keys,omitempty"`
+	InteractionLimits                       *string `json:"interaction_limits,omitempty"`
+	Issues                                  *string `json:"issues,omitempty"`
+	Keys                                    *string `json:"keys,omitempty"`
+	Metadata                                *string `json:"metadata,omitempty"`
+	Members                                 *string `json:"members,omitempty"`
+	MergeQueues                             *string `json:"merge_queues,omitempty"`
+	OrganizationActionsVariables            *string `json:"organization_actions_variables,omitempty"`
+	OrganizationAdministration              *string `json:"organization_administration,omitempty"`
+	OrganizationAnnouncementBanners         *string `json:"organization_announcement_banners,omitempty"`
+	OrganizationAPIInsights                 *string `json:"organization_api_insights,omitempty"`
+	OrganizationCodespaces                  *string `json:"organization_codespaces,omitempty"`
+	OrganizationCodespacesSecrets           *string `json:"organization_codespaces_secrets,omitempty"`
+	OrganizationCodespacesSettings          *string `json:"organization_codespaces_settings,omitempty"`
+	OrganizationCopilotSeatManagement       *string `json:"organization_copilot_seat_management,omitempty"`
+	OrganizationCustomProperties            *string `json:"organization_custom_properties,omitempty"`
+	OrganizationCustomRoles                 *string `json:"organization_custom_roles,omitempty"`
+	OrganizationCustomOrgRoles              *string `json:"organization_custom_org_roles,omitempty"`
+	OrganizationDependabotSecrets           *string `json:"organization_dependabot_secrets,omitempty"`
+	OrganizationEvents                      *string `json:"organization_events,omitempty"`
+	OrganizationHooks                       *string `json:"organization_hooks,omitempty"`
+	OrganizationKnowledgeBases              *string `json:"organization_knowledge_bases,omitempty"`
+	OrganizationPackages                    *string `json:"organization_packages,omitempty"`
+	OrganizationPersonalAccessTokens        *string `json:"organization_personal_access_tokens,omitempty"`
+	OrganizationPersonalAccessTokenRequests *string `json:"organization_personal_access_token_requests,omitempty"`
+	OrganizationPlan                        *string `json:"organization_plan,omitempty"`
+	OrganizationPreReceiveHooks             *string `json:"organization_pre_receive_hooks,omitempty"`
+	OrganizationProjects                    *string `json:"organization_projects,omitempty"`
+	OrganizationSecrets                     *string `json:"organization_secrets,omitempty"`
+	OrganizationSelfHostedRunners           *string `json:"organization_self_hosted_runners,omitempty"`
+	OrganizationUserBlocking                *string `json:"organization_user_blocking,omitempty"`
+	Packages                                *string `json:"packages,omitempty"`
+	Pages                                   *string `json:"pages,omitempty"`
+	Plan                                    *string `json:"plan,omitempty"`
+	Profile                                 *string `json:"profile,omitempty"`
+	PullRequests                            *string `json:"pull_requests,omitempty"`
+	RepositoryAdvisories                    *string `json:"repository_advisories,omitempty"`
+	RepositoryCustomProperties              *string `json:"repository_custom_properties,omitempty"`
+	RepositoryHooks                         *string `json:"repository_hooks,omitempty"`
+	RepositoryProjects                      *string `json:"repository_projects,omitempty"`
+	RepositoryPreReceiveHooks               *string `json:"repository_pre_receive_hooks,omitempty"`
+	Secrets                                 *string `json:"secrets,omitempty"`
+	SecretScanningAlerts                    *string `json:"secret_scanning_alerts,omitempty"`
+	SecurityEvents                          *string `json:"security_events,omitempty"`
+	SingleFile                              *string `json:"single_file,omitempty"`
+	Starring                                *string `json:"starring,omitempty"`
+	Statuses                                *string `json:"statuses,omitempty"`
+	TeamDiscussions                         *string `json:"team_discussions,omitempty"`
+	UserEvents                              *string `json:"user_events,omitempty"`
+	VulnerabilityAlerts                     *string `json:"vulnerability_alerts,omitempty"`
+	Watching                                *string `json:"watching,omitempty"`
+	Workflows                               *string `json:"workflows,omitempty"`
+}
+
+// InstallationRequest represents a pending GitHub App installation request.
+type InstallationRequest struct {
+	ID        *int64     `json:"id,omitempty"`
+	NodeID    *string    `json:"node_id,omitempty"`
+	Account   *User      `json:"account,omitempty"`
+	Requester *User      `json:"requester,omitempty"`
+	CreatedAt *Timestamp `json:"created_at,omitempty"`
+}
+
+// Installation represents a GitHub Apps installation.
+type Installation struct {
+	ID                     *int64                   `json:"id,omitempty"`
+	NodeID                 *string                  `json:"node_id,omitempty"`
+	AppID                  *int64                   `json:"app_id,omitempty"`
+	AppSlug                *string                  `json:"app_slug,omitempty"`
+	TargetID               *int64                   `json:"target_id,omitempty"`
+	Account                *User                    `json:"account,omitempty"`
+	AccessTokensURL        *string                  `json:"access_tokens_url,omitempty"`
+	RepositoriesURL        *string                  `json:"repositories_url,omitempty"`
+	HTMLURL                *string                  `json:"html_url,omitempty"`
+	TargetType             *string                  `json:"target_type,omitempty"`
+	SingleFileName         *string                  `json:"single_file_name,omitempty"`
+	RepositorySelection    *string                  `json:"repository_selection,omitempty"`
+	Events                 []string                 `json:"events,omitempty"`
+	SingleFilePaths        []string                 `json:"single_file_paths,omitempty"`
+	Permissions            *InstallationPermissions `json:"permissions,omitempty"`
+	CreatedAt              *Timestamp               `json:"created_at,omitempty"`
+	UpdatedAt              *Timestamp               `json:"updated_at,omitempty"`
+	HasMultipleSingleFiles *bool                    `json:"has_multiple_single_files,omitempty"`
+	SuspendedBy            *User                    `json:"suspended_by,omitempty"`
+	SuspendedAt            *Timestamp               `json:"suspended_at,omitempty"`
+}
+
+// Attachment represents a GitHub Apps attachment.
+type Attachment struct {
+	ID    *int64  `json:"id,omitempty"`
+	Title *string `json:"title,omitempty"`
+	Body  *string `json:"body,omitempty"`
+}
+
+// ContentReference represents a reference to a URL in an issue or pull request.
+type ContentReference struct {
+	ID        *int64  `json:"id,omitempty"`
+	NodeID    *string `json:"node_id,omitempty"`
+	Reference *string `json:"reference,omitempty"`
+}
+
+func (i Installation) String() string {
+	return Stringify(i)
+}
+
+// Get a single GitHub App. Passing the empty string will get
+// the authenticated GitHub App.
+//
+// Note: appSlug is just the URL-friendly name of your GitHub App.
+// You can find this on the settings page for your GitHub App
+// (e.g., https://github.com/settings/apps/:app_slug).
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#get-an-app
+// GitHub API docs: https://docs.github.com/rest/apps/apps#get-the-authenticated-app
+//
+//meta:operation GET /app
+//meta:operation GET /apps/{app_slug}
+func (s *AppsService) Get(ctx context.Context, appSlug string) (*App, *Response, error) {
+	var u string
+	if appSlug != "" {
+		u = fmt.Sprintf("apps/%v", appSlug)
+	} else {
+		u = "app"
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	app := new(App)
+	resp, err := s.client.Do(ctx, req, app)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return app, resp, nil
+}
+
+// ListInstallationRequests lists the pending installation requests that the current GitHub App has.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#list-installation-requests-for-the-authenticated-app
+//
+//meta:operation GET /app/installation-requests
+func (s *AppsService) ListInstallationRequests(ctx context.Context, opts *ListOptions) ([]*InstallationRequest, *Response, error) {
+	u, err := addOptions("app/installation-requests", opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var i []*InstallationRequest
+	resp, err := s.client.Do(ctx, req, &i)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return i, resp, nil
+}
+
+// ListInstallations lists the installations that the current GitHub App has.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#list-installations-for-the-authenticated-app
+//
+//meta:operation GET /app/installations
+func (s *AppsService) ListInstallations(ctx context.Context, opts *ListOptions) ([]*Installation, *Response, error) {
+	u, err := addOptions("app/installations", opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var i []*Installation
+	resp, err := s.client.Do(ctx, req, &i)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return i, resp, nil
+}
+
+// GetInstallation returns the specified installation.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#get-an-installation-for-the-authenticated-app
+//
+//meta:operation GET /app/installations/{installation_id}
+func (s *AppsService) GetInstallation(ctx context.Context, id int64) (*Installation, *Response, error) {
+	return s.getInstallation(ctx, fmt.Sprintf("app/installations/%v", id))
+}
+
+// ListUserInstallations lists installations that are accessible to the authenticated user.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/installations#list-app-installations-accessible-to-the-user-access-token
+//
+//meta:operation GET /user/installations
+func (s *AppsService) ListUserInstallations(ctx context.Context, opts *ListOptions) ([]*Installation, *Response, error) {
+	u, err := addOptions("user/installations", opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var i struct {
+		Installations []*Installation `json:"installations"`
+	}
+	resp, err := s.client.Do(ctx, req, &i)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return i.Installations, resp, nil
+}
+
+// SuspendInstallation suspends the specified installation.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#suspend-an-app-installation
+//
+//meta:operation PUT /app/installations/{installation_id}/suspended
+func (s *AppsService) SuspendInstallation(ctx context.Context, id int64) (*Response, error) {
+	u := fmt.Sprintf("app/installations/%v/suspended", id)
+
+	req, err := s.client.NewRequest("PUT", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// UnsuspendInstallation unsuspends the specified installation.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#unsuspend-an-app-installation
+//
+//meta:operation DELETE /app/installations/{installation_id}/suspended
+func (s *AppsService) UnsuspendInstallation(ctx context.Context, id int64) (*Response, error) {
+	u := fmt.Sprintf("app/installations/%v/suspended", id)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// DeleteInstallation deletes the specified installation.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#delete-an-installation-for-the-authenticated-app
+//
+//meta:operation DELETE /app/installations/{installation_id}
+func (s *AppsService) DeleteInstallation(ctx context.Context, id int64) (*Response, error) {
+	u := fmt.Sprintf("app/installations/%v", id)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// CreateInstallationToken creates a new installation token.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#create-an-installation-access-token-for-an-app
+//
+//meta:operation POST /app/installations/{installation_id}/access_tokens
+func (s *AppsService) CreateInstallationToken(ctx context.Context, id int64, opts *InstallationTokenOptions) (*InstallationToken, *Response, error) {
+	u := fmt.Sprintf("app/installations/%v/access_tokens", id)
+
+	req, err := s.client.NewRequest("POST", u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	t := new(InstallationToken)
+	resp, err := s.client.Do(ctx, req, t)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return t, resp, nil
+}
+
+// CreateInstallationTokenListRepos creates a new installation token with a list of all repositories in an installation which is not possible with CreateInstallationToken.
+//
+// It differs from CreateInstallationToken by taking InstallationTokenListRepoOptions as a parameter which does not omit RepositoryIDs if that field is nil or an empty array.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#create-an-installation-access-token-for-an-app
+//
+//meta:operation POST /app/installations/{installation_id}/access_tokens
+func (s *AppsService) CreateInstallationTokenListRepos(ctx context.Context, id int64, opts *InstallationTokenListRepoOptions) (*InstallationToken, *Response, error) {
+	u := fmt.Sprintf("app/installations/%v/access_tokens", id)
+
+	req, err := s.client.NewRequest("POST", u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	t := new(InstallationToken)
+	resp, err := s.client.Do(ctx, req, t)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return t, resp, nil
+}
+
+// CreateAttachment creates a new attachment on user comment containing a url.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.3/rest/reference/apps#create-a-content-attachment
+//
+//meta:operation POST /repos/{owner}/{repo}/content_references/{content_reference_id}/attachments
+func (s *AppsService) CreateAttachment(ctx context.Context, contentReferenceID int64, title, body string) (*Attachment, *Response, error) {
+	u := fmt.Sprintf("content_references/%v/attachments", contentReferenceID)
+	payload := &Attachment{Title: Ptr(title), Body: Ptr(body)}
+	req, err := s.client.NewRequest("POST", u, payload)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// TODO: remove custom Accept headers when APIs fully launch.
+	req.Header.Set("Accept", mediaTypeContentAttachmentsPreview)
+
+	m := &Attachment{}
+	resp, err := s.client.Do(ctx, req, m)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return m, resp, nil
+}
+
+// FindOrganizationInstallation finds the organization's installation information.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#get-an-organization-installation-for-the-authenticated-app
+//
+//meta:operation GET /orgs/{org}/installation
+func (s *AppsService) FindOrganizationInstallation(ctx context.Context, org string) (*Installation, *Response, error) {
+	return s.getInstallation(ctx, fmt.Sprintf("orgs/%v/installation", org))
+}
+
+// FindRepositoryInstallation finds the repository's installation information.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#get-a-repository-installation-for-the-authenticated-app
+//
+//meta:operation GET /repos/{owner}/{repo}/installation
+func (s *AppsService) FindRepositoryInstallation(ctx context.Context, owner, repo string) (*Installation, *Response, error) {
+	return s.getInstallation(ctx, fmt.Sprintf("repos/%v/%v/installation", owner, repo))
+}
+
+// FindRepositoryInstallationByID finds the repository's installation information.
+//
+// Note: FindRepositoryInstallationByID uses the undocumented GitHub API endpoint "GET /repositories/{repository_id}/installation".
+//
+//meta:operation GET /repositories/{repository_id}/installation
+func (s *AppsService) FindRepositoryInstallationByID(ctx context.Context, id int64) (*Installation, *Response, error) {
+	return s.getInstallation(ctx, fmt.Sprintf("repositories/%d/installation", id))
+}
+
+// FindUserInstallation finds the user's installation information.
+//
+// GitHub API docs: https://docs.github.com/rest/apps/apps#get-a-user-installation-for-the-authenticated-app
+//
+//meta:operation GET /users/{username}/installation
+func (s *AppsService) FindUserInstallation(ctx context.Context, user string) (*Installation, *Response, error) {
+	return s.getInstallation(ctx, fmt.Sprintf("users/%v/installation", user))
+}
+
+func (s *AppsService) getInstallation(ctx context.Context, url string) (*Installation, *Response, error) {
+	req, err := s.client.NewRequest("GET", url, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	i := new(Installation)
+	resp, err := s.client.Do(ctx, req, i)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return i, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/apps_hooks.go b/vendor/github.com/google/go-github/v72/github/apps_hooks.go
similarity index 80%
rename from vendor/github.com/google/go-github/v55/github/apps_hooks.go
rename to vendor/github.com/google/go-github/v72/github/apps_hooks.go
index e3bd2afc03..6046827ef0 100644
--- a/vendor/github.com/google/go-github/v55/github/apps_hooks.go
+++ b/vendor/github.com/google/go-github/v72/github/apps_hooks.go
@@ -12,7 +12,9 @@ import (
 // GetHookConfig returns the webhook configuration for a GitHub App.
 // The underlying transport must be authenticated as an app.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps#get-a-webhook-configuration-for-an-app
+// GitHub API docs: https://docs.github.com/rest/apps/webhooks#get-a-webhook-configuration-for-an-app
+//
+//meta:operation GET /app/hook/config
 func (s *AppsService) GetHookConfig(ctx context.Context) (*HookConfig, *Response, error) {
 	req, err := s.client.NewRequest("GET", "app/hook/config", nil)
 	if err != nil {
@@ -31,7 +33,9 @@ func (s *AppsService) GetHookConfig(ctx context.Context) (*HookConfig, *Response
 // UpdateHookConfig updates the webhook configuration for a GitHub App.
 // The underlying transport must be authenticated as an app.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps#update-a-webhook-configuration-for-an-app
+// GitHub API docs: https://docs.github.com/rest/apps/webhooks#update-a-webhook-configuration-for-an-app
+//
+//meta:operation PATCH /app/hook/config
 func (s *AppsService) UpdateHookConfig(ctx context.Context, config *HookConfig) (*HookConfig, *Response, error) {
 	req, err := s.client.NewRequest("PATCH", "app/hook/config", config)
 	if err != nil {
diff --git a/vendor/github.com/google/go-github/v55/github/apps_hooks_deliveries.go b/vendor/github.com/google/go-github/v72/github/apps_hooks_deliveries.go
similarity index 78%
rename from vendor/github.com/google/go-github/v55/github/apps_hooks_deliveries.go
rename to vendor/github.com/google/go-github/v72/github/apps_hooks_deliveries.go
index 33102f36d2..59800a0ae4 100644
--- a/vendor/github.com/google/go-github/v55/github/apps_hooks_deliveries.go
+++ b/vendor/github.com/google/go-github/v72/github/apps_hooks_deliveries.go
@@ -12,7 +12,9 @@ import (
 
 // ListHookDeliveries lists deliveries of an App webhook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/webhooks#list-deliveries-for-an-app-webhook
+// GitHub API docs: https://docs.github.com/rest/apps/webhooks#list-deliveries-for-an-app-webhook
+//
+//meta:operation GET /app/hook/deliveries
 func (s *AppsService) ListHookDeliveries(ctx context.Context, opts *ListCursorOptions) ([]*HookDelivery, *Response, error) {
 	u, err := addOptions("app/hook/deliveries", opts)
 	if err != nil {
@@ -35,7 +37,9 @@ func (s *AppsService) ListHookDeliveries(ctx context.Context, opts *ListCursorOp
 
 // GetHookDelivery returns the App webhook delivery with the specified ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/webhooks#get-a-delivery-for-an-app-webhook
+// GitHub API docs: https://docs.github.com/rest/apps/webhooks#get-a-delivery-for-an-app-webhook
+//
+//meta:operation GET /app/hook/deliveries/{delivery_id}
 func (s *AppsService) GetHookDelivery(ctx context.Context, deliveryID int64) (*HookDelivery, *Response, error) {
 	u := fmt.Sprintf("app/hook/deliveries/%v", deliveryID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -54,7 +58,9 @@ func (s *AppsService) GetHookDelivery(ctx context.Context, deliveryID int64) (*H
 
 // RedeliverHookDelivery redelivers a delivery for an App webhook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/webhooks#redeliver-a-delivery-for-an-app-webhook
+// GitHub API docs: https://docs.github.com/rest/apps/webhooks#redeliver-a-delivery-for-an-app-webhook
+//
+//meta:operation POST /app/hook/deliveries/{delivery_id}/attempts
 func (s *AppsService) RedeliverHookDelivery(ctx context.Context, deliveryID int64) (*HookDelivery, *Response, error) {
 	u := fmt.Sprintf("app/hook/deliveries/%v/attempts", deliveryID)
 	req, err := s.client.NewRequest("POST", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/apps_installation.go b/vendor/github.com/google/go-github/v72/github/apps_installation.go
similarity index 77%
rename from vendor/github.com/google/go-github/v55/github/apps_installation.go
rename to vendor/github.com/google/go-github/v72/github/apps_installation.go
index b619080713..d430511d07 100644
--- a/vendor/github.com/google/go-github/v55/github/apps_installation.go
+++ b/vendor/github.com/google/go-github/v72/github/apps_installation.go
@@ -19,7 +19,9 @@ type ListRepositories struct {
 
 // ListRepos lists the repositories that are accessible to the authenticated installation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/installations#list-repositories-accessible-to-the-app-installation
+// GitHub API docs: https://docs.github.com/rest/apps/installations#list-repositories-accessible-to-the-app-installation
+//
+//meta:operation GET /installation/repositories
 func (s *AppsService) ListRepos(ctx context.Context, opts *ListOptions) (*ListRepositories, *Response, error) {
 	u, err := addOptions("installation/repositories", opts)
 	if err != nil {
@@ -52,7 +54,9 @@ func (s *AppsService) ListRepos(ctx context.Context, opts *ListOptions) (*ListRe
 // ListUserRepos lists repositories that are accessible
 // to the authenticated user for an installation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/installations#list-repositories-accessible-to-the-user-access-token
+// GitHub API docs: https://docs.github.com/rest/apps/installations#list-repositories-accessible-to-the-user-access-token
+//
+//meta:operation GET /user/installations/{installation_id}/repositories
 func (s *AppsService) ListUserRepos(ctx context.Context, id int64, opts *ListOptions) (*ListRepositories, *Response, error) {
 	u := fmt.Sprintf("user/installations/%v/repositories", id)
 	u, err := addOptions(u, opts)
@@ -84,7 +88,9 @@ func (s *AppsService) ListUserRepos(ctx context.Context, id int64, opts *ListOpt
 
 // AddRepository adds a single repository to an installation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/installations#add-a-repository-to-an-app-installation
+// GitHub API docs: https://docs.github.com/rest/apps/installations#add-a-repository-to-an-app-installation
+//
+//meta:operation PUT /user/installations/{installation_id}/repositories/{repository_id}
 func (s *AppsService) AddRepository(ctx context.Context, instID, repoID int64) (*Repository, *Response, error) {
 	u := fmt.Sprintf("user/installations/%v/repositories/%v", instID, repoID)
 	req, err := s.client.NewRequest("PUT", u, nil)
@@ -103,7 +109,9 @@ func (s *AppsService) AddRepository(ctx context.Context, instID, repoID int64) (
 
 // RemoveRepository removes a single repository from an installation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/installations#remove-a-repository-from-an-app-installation
+// GitHub API docs: https://docs.github.com/rest/apps/installations#remove-a-repository-from-an-app-installation
+//
+//meta:operation DELETE /user/installations/{installation_id}/repositories/{repository_id}
 func (s *AppsService) RemoveRepository(ctx context.Context, instID, repoID int64) (*Response, error) {
 	u := fmt.Sprintf("user/installations/%v/repositories/%v", instID, repoID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -116,7 +124,9 @@ func (s *AppsService) RemoveRepository(ctx context.Context, instID, repoID int64
 
 // RevokeInstallationToken revokes an installation token.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/installations#revoke-an-installation-access-token
+// GitHub API docs: https://docs.github.com/rest/apps/installations#revoke-an-installation-access-token
+//
+//meta:operation DELETE /installation/token
 func (s *AppsService) RevokeInstallationToken(ctx context.Context) (*Response, error) {
 	u := "installation/token"
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/apps_manifest.go b/vendor/github.com/google/go-github/v72/github/apps_manifest.go
similarity index 90%
rename from vendor/github.com/google/go-github/v55/github/apps_manifest.go
rename to vendor/github.com/google/go-github/v72/github/apps_manifest.go
index fa4c85379c..5b6ff9af41 100644
--- a/vendor/github.com/google/go-github/v55/github/apps_manifest.go
+++ b/vendor/github.com/google/go-github/v72/github/apps_manifest.go
@@ -31,7 +31,9 @@ type AppConfig struct {
 // CompleteAppManifest completes the App manifest handshake flow for the given
 // code.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/apps#create-a-github-app-from-a-manifest
+// GitHub API docs: https://docs.github.com/rest/apps/apps#create-a-github-app-from-a-manifest
+//
+//meta:operation POST /app-manifests/{code}/conversions
 func (s *AppsService) CompleteAppManifest(ctx context.Context, code string) (*AppConfig, *Response, error) {
 	u := fmt.Sprintf("app-manifests/%s/conversions", code)
 	req, err := s.client.NewRequest("POST", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/apps_marketplace.go b/vendor/github.com/google/go-github/v72/github/apps_marketplace.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/apps_marketplace.go
rename to vendor/github.com/google/go-github/v72/github/apps_marketplace.go
index 32889abd24..976775a79a 100644
--- a/vendor/github.com/google/go-github/v55/github/apps_marketplace.go
+++ b/vendor/github.com/google/go-github/v72/github/apps_marketplace.go
@@ -13,7 +13,7 @@ import (
 // MarketplaceService handles communication with the marketplace related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps#marketplace
+// GitHub API docs: https://docs.github.com/rest/apps#marketplace
 type MarketplaceService struct {
 	client *Client
 	// Stubbed controls whether endpoints that return stubbed data are used
@@ -21,7 +21,7 @@ type MarketplaceService struct {
 	// for testing your GitHub Apps. Stubbed data is hard-coded and will not
 	// change based on actual subscriptions.
 	//
-	// GitHub API docs: https://docs.github.com/en/rest/apps#testing-with-stubbed-endpoints
+	// GitHub API docs: https://docs.github.com/rest/apps#testing-with-stubbed-endpoints
 	Stubbed bool
 }
 
@@ -89,7 +89,11 @@ type MarketplacePurchaseAccount struct {
 
 // ListPlans lists all plans for your Marketplace listing.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps#list-plans
+// GitHub API docs: https://docs.github.com/rest/apps/marketplace#list-plans
+// GitHub API docs: https://docs.github.com/rest/apps/marketplace#list-plans-stubbed
+//
+//meta:operation GET /marketplace_listing/plans
+//meta:operation GET /marketplace_listing/stubbed/plans
 func (s *MarketplaceService) ListPlans(ctx context.Context, opts *ListOptions) ([]*MarketplacePlan, *Response, error) {
 	uri := s.marketplaceURI("plans")
 	u, err := addOptions(uri, opts)
@@ -113,7 +117,11 @@ func (s *MarketplaceService) ListPlans(ctx context.Context, opts *ListOptions) (
 
 // ListPlanAccountsForPlan lists all GitHub accounts (user or organization) on a specific plan.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps#list-accounts-for-a-plan
+// GitHub API docs: https://docs.github.com/rest/apps/marketplace#list-accounts-for-a-plan
+// GitHub API docs: https://docs.github.com/rest/apps/marketplace#list-accounts-for-a-plan-stubbed
+//
+//meta:operation GET /marketplace_listing/plans/{plan_id}/accounts
+//meta:operation GET /marketplace_listing/stubbed/plans/{plan_id}/accounts
 func (s *MarketplaceService) ListPlanAccountsForPlan(ctx context.Context, planID int64, opts *ListOptions) ([]*MarketplacePlanAccount, *Response, error) {
 	uri := s.marketplaceURI(fmt.Sprintf("plans/%v/accounts", planID))
 	u, err := addOptions(uri, opts)
@@ -137,7 +145,11 @@ func (s *MarketplaceService) ListPlanAccountsForPlan(ctx context.Context, planID
 
 // GetPlanAccountForAccount get GitHub account (user or organization) associated with an account.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps#get-a-subscription-plan-for-an-account
+// GitHub API docs: https://docs.github.com/rest/apps/marketplace#get-a-subscription-plan-for-an-account
+// GitHub API docs: https://docs.github.com/rest/apps/marketplace#get-a-subscription-plan-for-an-account-stubbed
+//
+//meta:operation GET /marketplace_listing/accounts/{account_id}
+//meta:operation GET /marketplace_listing/stubbed/accounts/{account_id}
 func (s *MarketplaceService) GetPlanAccountForAccount(ctx context.Context, accountID int64) (*MarketplacePlanAccount, *Response, error) {
 	uri := s.marketplaceURI(fmt.Sprintf("accounts/%v", accountID))
 
@@ -157,8 +169,11 @@ func (s *MarketplaceService) GetPlanAccountForAccount(ctx context.Context, accou
 
 // ListMarketplacePurchasesForUser lists all GitHub marketplace purchases made by a user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/marketplace#list-subscriptions-for-the-authenticated-user-stubbed
-// GitHub API docs: https://docs.github.com/en/rest/apps/marketplace#list-subscriptions-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/apps/marketplace#list-subscriptions-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/apps/marketplace#list-subscriptions-for-the-authenticated-user-stubbed
+//
+//meta:operation GET /user/marketplace_purchases
+//meta:operation GET /user/marketplace_purchases/stubbed
 func (s *MarketplaceService) ListMarketplacePurchasesForUser(ctx context.Context, opts *ListOptions) ([]*MarketplacePurchase, *Response, error) {
 	uri := "user/marketplace_purchases"
 	if s.Stubbed {
diff --git a/vendor/github.com/google/go-github/v72/github/attestations.go b/vendor/github.com/google/go-github/v72/github/attestations.go
new file mode 100644
index 0000000000..618d5d73f6
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/attestations.go
@@ -0,0 +1,27 @@
+// Copyright 2024 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"encoding/json"
+)
+
+// Attestation represents an artifact attestation associated with a repository.
+// The provided bundle can be used to verify the provenance of artifacts.
+//
+// https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds
+type Attestation struct {
+	// The attestation's Sigstore Bundle.
+	// Refer to the sigstore bundle specification for more info:
+	// https://github.com/sigstore/protobuf-specs/blob/main/protos/sigstore_bundle.proto
+	Bundle       json.RawMessage `json:"bundle"`
+	RepositoryID int64           `json:"repository_id"`
+}
+
+// AttestationsResponse represents a collection of artifact attestations.
+type AttestationsResponse struct {
+	Attestations []*Attestation `json:"attestations"`
+}
diff --git a/vendor/github.com/google/go-github/v55/github/authorizations.go b/vendor/github.com/google/go-github/v72/github/authorizations.go
similarity index 87%
rename from vendor/github.com/google/go-github/v55/github/authorizations.go
rename to vendor/github.com/google/go-github/v72/github/authorizations.go
index ea0897e362..7db4555329 100644
--- a/vendor/github.com/google/go-github/v55/github/authorizations.go
+++ b/vendor/github.com/google/go-github/v72/github/authorizations.go
@@ -12,10 +12,10 @@ import (
 
 // Scope models a GitHub authorization scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/oauth/#scopes
+// GitHub API docs: https://docs.github.com/rest/oauth/#scopes
 type Scope string
 
-// This is the set of scopes for GitHub API V3
+// This is the set of scopes for GitHub API V3.
 const (
 	ScopeNone           Scope = "(no scope)" // REVISIT: is this actually returned, or just a documentation artifact?
 	ScopeUser           Scope = "user"
@@ -50,7 +50,7 @@ const (
 // This service requires HTTP Basic Authentication; it cannot be accessed using
 // an OAuth token.
 //
-// GitHub API docs: https://docs.github.com/en/rest/oauth-authorizations
+// GitHub API docs: https://docs.github.com/rest/oauth-authorizations
 type AuthorizationsService service
 
 // Authorization represents an individual GitHub authorization.
@@ -121,7 +121,7 @@ func (a AuthorizationRequest) String() string {
 // fields. That is, you may provide only one of "Scopes", or "AddScopes", or
 // "RemoveScopes".
 //
-// GitHub API docs: https://docs.github.com/en/rest/oauth-authorizations#update-an-existing-authorization
+// GitHub API docs: https://docs.github.com/rest/oauth-authorizations#update-an-existing-authorization
 type AuthorizationUpdateRequest struct {
 	Scopes       []string `json:"scopes,omitempty"`
 	AddScopes    []string `json:"add_scopes,omitempty"`
@@ -143,7 +143,9 @@ func (a AuthorizationUpdateRequest) String() string {
 //
 // The returned Authorization.User field will be populated.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/oauth-applications#check-a-token
+// GitHub API docs: https://docs.github.com/rest/apps/oauth-applications#check-a-token
+//
+//meta:operation POST /applications/{client_id}/token
 func (s *AuthorizationsService) Check(ctx context.Context, clientID, accessToken string) (*Authorization, *Response, error) {
 	u := fmt.Sprintf("applications/%v/token", clientID)
 
@@ -176,7 +178,9 @@ func (s *AuthorizationsService) Check(ctx context.Context, clientID, accessToken
 //
 // The returned Authorization.User field will be populated.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/oauth-applications#reset-a-token
+// GitHub API docs: https://docs.github.com/rest/apps/oauth-applications#reset-a-token
+//
+//meta:operation PATCH /applications/{client_id}/token
 func (s *AuthorizationsService) Reset(ctx context.Context, clientID, accessToken string) (*Authorization, *Response, error) {
 	u := fmt.Sprintf("applications/%v/token", clientID)
 
@@ -205,7 +209,9 @@ func (s *AuthorizationsService) Reset(ctx context.Context, clientID, accessToken
 // username is the OAuth application clientID, and the password is its
 // clientSecret. Invalid tokens will return a 404 Not Found.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/oauth-applications#delete-an-app-token
+// GitHub API docs: https://docs.github.com/rest/apps/oauth-applications#delete-an-app-token
+//
+//meta:operation DELETE /applications/{client_id}/token
 func (s *AuthorizationsService) Revoke(ctx context.Context, clientID, accessToken string) (*Response, error) {
 	u := fmt.Sprintf("applications/%v/token", clientID)
 
@@ -226,7 +232,9 @@ func (s *AuthorizationsService) Revoke(ctx context.Context, clientID, accessToke
 // grant will also delete all OAuth tokens associated with the application for
 // the user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/apps/oauth-applications#delete-an-app-authorization
+// GitHub API docs: https://docs.github.com/rest/apps/oauth-applications#delete-an-app-authorization
+//
+//meta:operation DELETE /applications/{client_id}/grant
 func (s *AuthorizationsService) DeleteGrant(ctx context.Context, clientID, accessToken string) (*Response, error) {
 	u := fmt.Sprintf("applications/%v/grant", clientID)
 
@@ -249,7 +257,9 @@ func (s *AuthorizationsService) DeleteGrant(ctx context.Context, clientID, acces
 // you can e.g. create or delete a user's public SSH key. NOTE: creating a
 // new token automatically revokes an existing one.
 //
-// GitHub API docs: https://developer.github.com/enterprise/v3/enterprise-admin/users/#create-an-impersonation-oauth-token
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/users#create-an-impersonation-oauth-token
+//
+//meta:operation POST /admin/users/{username}/authorizations
 func (s *AuthorizationsService) CreateImpersonation(ctx context.Context, username string, authReq *AuthorizationRequest) (*Authorization, *Response, error) {
 	u := fmt.Sprintf("admin/users/%v/authorizations", username)
 	req, err := s.client.NewRequest("POST", u, authReq)
@@ -269,7 +279,9 @@ func (s *AuthorizationsService) CreateImpersonation(ctx context.Context, usernam
 //
 // NOTE: there can be only one at a time.
 //
-// GitHub API docs: https://developer.github.com/enterprise/v3/enterprise-admin/users/#delete-an-impersonation-oauth-token
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/users#delete-an-impersonation-oauth-token
+//
+//meta:operation DELETE /admin/users/{username}/authorizations
 func (s *AuthorizationsService) DeleteImpersonation(ctx context.Context, username string) (*Response, error) {
 	u := fmt.Sprintf("admin/users/%v/authorizations", username)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/billing.go b/vendor/github.com/google/go-github/v72/github/billing.go
similarity index 78%
rename from vendor/github.com/google/go-github/v55/github/billing.go
rename to vendor/github.com/google/go-github/v72/github/billing.go
index 7a76bf86fd..09b1a5d017 100644
--- a/vendor/github.com/google/go-github/v55/github/billing.go
+++ b/vendor/github.com/google/go-github/v72/github/billing.go
@@ -13,7 +13,7 @@ import (
 // BillingService provides access to the billing related functions
 // in the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/billing
+// GitHub API docs: https://docs.github.com/rest/billing
 type BillingService service
 
 // ActionBilling represents a GitHub Action billing.
@@ -43,8 +43,11 @@ type StorageBilling struct {
 
 // ActiveCommitters represents the total active committers across all repositories in an Organization.
 type ActiveCommitters struct {
-	TotalAdvancedSecurityCommitters int                           `json:"total_advanced_security_committers"`
-	Repositories                    []*RepositoryActiveCommitters `json:"repositories,omitempty"`
+	TotalAdvancedSecurityCommitters     int                           `json:"total_advanced_security_committers"`
+	TotalCount                          int                           `json:"total_count"`
+	MaximumAdvancedSecurityCommitters   int                           `json:"maximum_advanced_security_committers"`
+	PurchasedAdvancedSecurityCommitters int                           `json:"purchased_advanced_security_committers"`
+	Repositories                        []*RepositoryActiveCommitters `json:"repositories,omitempty"`
 }
 
 // RepositoryActiveCommitters represents active committers on each repository.
@@ -62,7 +65,9 @@ type AdvancedSecurityCommittersBreakdown struct {
 
 // GetActionsBillingOrg returns the summary of the free and paid GitHub Actions minutes used for an Org.
 //
-// GitHub API docs: https://docs.github.com/en/rest/billing#get-github-actions-billing-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/billing/billing#get-github-actions-billing-for-an-organization
+//
+//meta:operation GET /orgs/{org}/settings/billing/actions
 func (s *BillingService) GetActionsBillingOrg(ctx context.Context, org string) (*ActionBilling, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/settings/billing/actions", org)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -81,7 +86,9 @@ func (s *BillingService) GetActionsBillingOrg(ctx context.Context, org string) (
 
 // GetPackagesBillingOrg returns the free and paid storage used for GitHub Packages in gigabytes for an Org.
 //
-// GitHub API docs: https://docs.github.com/en/rest/billing#get-github-packages-billing-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/billing/billing#get-github-packages-billing-for-an-organization
+//
+//meta:operation GET /orgs/{org}/settings/billing/packages
 func (s *BillingService) GetPackagesBillingOrg(ctx context.Context, org string) (*PackageBilling, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/settings/billing/packages", org)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -101,7 +108,9 @@ func (s *BillingService) GetPackagesBillingOrg(ctx context.Context, org string)
 // GetStorageBillingOrg returns the estimated paid and estimated total storage used for GitHub Actions
 // and GitHub Packages in gigabytes for an Org.
 //
-// GitHub API docs: https://docs.github.com/en/rest/billing#get-shared-storage-billing-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/billing/billing#get-shared-storage-billing-for-an-organization
+//
+//meta:operation GET /orgs/{org}/settings/billing/shared-storage
 func (s *BillingService) GetStorageBillingOrg(ctx context.Context, org string) (*StorageBilling, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/settings/billing/shared-storage", org)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -120,7 +129,9 @@ func (s *BillingService) GetStorageBillingOrg(ctx context.Context, org string) (
 
 // GetAdvancedSecurityActiveCommittersOrg returns the GitHub Advanced Security active committers for an organization per repository.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/billing?apiVersion=2022-11-28#get-github-advanced-security-active-committers-for-an-organization
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/billing/billing#get-github-advanced-security-active-committers-for-an-organization
+//
+//meta:operation GET /orgs/{org}/settings/billing/advanced-security
 func (s *BillingService) GetAdvancedSecurityActiveCommittersOrg(ctx context.Context, org string, opts *ListOptions) (*ActiveCommitters, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/settings/billing/advanced-security", org)
 	u, err := addOptions(u, opts)
@@ -144,7 +155,9 @@ func (s *BillingService) GetAdvancedSecurityActiveCommittersOrg(ctx context.Cont
 
 // GetActionsBillingUser returns the summary of the free and paid GitHub Actions minutes used for a user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/billing#get-github-actions-billing-for-a-user
+// GitHub API docs: https://docs.github.com/rest/billing/billing#get-github-actions-billing-for-a-user
+//
+//meta:operation GET /users/{username}/settings/billing/actions
 func (s *BillingService) GetActionsBillingUser(ctx context.Context, user string) (*ActionBilling, *Response, error) {
 	u := fmt.Sprintf("users/%v/settings/billing/actions", user)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -163,7 +176,9 @@ func (s *BillingService) GetActionsBillingUser(ctx context.Context, user string)
 
 // GetPackagesBillingUser returns the free and paid storage used for GitHub Packages in gigabytes for a user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/billing#get-github-packages-billing-for-a-user
+// GitHub API docs: https://docs.github.com/rest/billing/billing#get-github-packages-billing-for-a-user
+//
+//meta:operation GET /users/{username}/settings/billing/packages
 func (s *BillingService) GetPackagesBillingUser(ctx context.Context, user string) (*PackageBilling, *Response, error) {
 	u := fmt.Sprintf("users/%v/settings/billing/packages", user)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -183,7 +198,9 @@ func (s *BillingService) GetPackagesBillingUser(ctx context.Context, user string
 // GetStorageBillingUser returns the estimated paid and estimated total storage used for GitHub Actions
 // and GitHub Packages in gigabytes for a user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/billing#get-shared-storage-billing-for-a-user
+// GitHub API docs: https://docs.github.com/rest/billing/billing#get-shared-storage-billing-for-a-user
+//
+//meta:operation GET /users/{username}/settings/billing/shared-storage
 func (s *BillingService) GetStorageBillingUser(ctx context.Context, user string) (*StorageBilling, *Response, error) {
 	u := fmt.Sprintf("users/%v/settings/billing/shared-storage", user)
 	req, err := s.client.NewRequest("GET", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/checks.go b/vendor/github.com/google/go-github/v72/github/checks.go
similarity index 88%
rename from vendor/github.com/google/go-github/v55/github/checks.go
rename to vendor/github.com/google/go-github/v72/github/checks.go
index 12d08530ca..2f0f65bf92 100644
--- a/vendor/github.com/google/go-github/v55/github/checks.go
+++ b/vendor/github.com/google/go-github/v72/github/checks.go
@@ -13,7 +13,7 @@ import (
 // ChecksService provides access to the Checks API in the
 // GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/
+// GitHub API docs: https://docs.github.com/rest/checks/
 type ChecksService service
 
 // CheckRun represents a GitHub check run on a repository associated with a GitHub app.
@@ -85,7 +85,10 @@ type CheckSuite struct {
 	PullRequests []*PullRequest `json:"pull_requests,omitempty"`
 
 	// The following fields are only populated by Webhook events.
-	HeadCommit *Commit `json:"head_commit,omitempty"`
+	HeadCommit           *Commit `json:"head_commit,omitempty"`
+	LatestCheckRunsCount *int64  `json:"latest_check_runs_count,omitempty"`
+	Rerequestable        *bool   `json:"rerequestable,omitempty"`
+	RunsRerequestable    *bool   `json:"runs_rerequestable,omitempty"`
 }
 
 func (c CheckRun) String() string {
@@ -98,7 +101,9 @@ func (c CheckSuite) String() string {
 
 // GetCheckRun gets a check-run for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/runs#get-a-check-run
+// GitHub API docs: https://docs.github.com/rest/checks/runs#get-a-check-run
+//
+//meta:operation GET /repos/{owner}/{repo}/check-runs/{check_run_id}
 func (s *ChecksService) GetCheckRun(ctx context.Context, owner, repo string, checkRunID int64) (*CheckRun, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/check-runs/%v", owner, repo, checkRunID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -119,7 +124,9 @@ func (s *ChecksService) GetCheckRun(ctx context.Context, owner, repo string, che
 
 // GetCheckSuite gets a single check suite.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/suites#get-a-check-suite
+// GitHub API docs: https://docs.github.com/rest/checks/suites#get-a-check-suite
+//
+//meta:operation GET /repos/{owner}/{repo}/check-suites/{check_suite_id}
 func (s *ChecksService) GetCheckSuite(ctx context.Context, owner, repo string, checkSuiteID int64) (*CheckSuite, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/check-suites/%v", owner, repo, checkSuiteID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -161,7 +168,9 @@ type CheckRunAction struct {
 
 // CreateCheckRun creates a check run for repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/runs#create-a-check-run
+// GitHub API docs: https://docs.github.com/rest/checks/runs#create-a-check-run
+//
+//meta:operation POST /repos/{owner}/{repo}/check-runs
 func (s *ChecksService) CreateCheckRun(ctx context.Context, owner, repo string, opts CreateCheckRunOptions) (*CheckRun, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/check-runs", owner, repo)
 	req, err := s.client.NewRequest("POST", u, opts)
@@ -194,7 +203,9 @@ type UpdateCheckRunOptions struct {
 
 // UpdateCheckRun updates a check run for a specific commit in a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/runs#update-a-check-run
+// GitHub API docs: https://docs.github.com/rest/checks/runs#update-a-check-run
+//
+//meta:operation PATCH /repos/{owner}/{repo}/check-runs/{check_run_id}
 func (s *ChecksService) UpdateCheckRun(ctx context.Context, owner, repo string, checkRunID int64, opts UpdateCheckRunOptions) (*CheckRun, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/check-runs/%v", owner, repo, checkRunID)
 	req, err := s.client.NewRequest("PATCH", u, opts)
@@ -215,7 +226,9 @@ func (s *ChecksService) UpdateCheckRun(ctx context.Context, owner, repo string,
 
 // ListCheckRunAnnotations lists the annotations for a check run.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/runs#list-check-run-annotations
+// GitHub API docs: https://docs.github.com/rest/checks/runs#list-check-run-annotations
+//
+//meta:operation GET /repos/{owner}/{repo}/check-runs/{check_run_id}/annotations
 func (s *ChecksService) ListCheckRunAnnotations(ctx context.Context, owner, repo string, checkRunID int64, opts *ListOptions) ([]*CheckRunAnnotation, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/check-runs/%v/annotations", owner, repo, checkRunID)
 	u, err := addOptions(u, opts)
@@ -257,7 +270,9 @@ type ListCheckRunsResults struct {
 
 // ListCheckRunsForRef lists check runs for a specific ref.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/runs#list-check-runs-for-a-git-reference
+// GitHub API docs: https://docs.github.com/rest/checks/runs#list-check-runs-for-a-git-reference
+//
+//meta:operation GET /repos/{owner}/{repo}/commits/{ref}/check-runs
 func (s *ChecksService) ListCheckRunsForRef(ctx context.Context, owner, repo, ref string, opts *ListCheckRunsOptions) (*ListCheckRunsResults, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v/check-runs", owner, repo, refURLEscape(ref))
 	u, err := addOptions(u, opts)
@@ -283,7 +298,9 @@ func (s *ChecksService) ListCheckRunsForRef(ctx context.Context, owner, repo, re
 
 // ListCheckRunsCheckSuite lists check runs for a check suite.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/runs#list-check-runs-in-a-check-suite
+// GitHub API docs: https://docs.github.com/rest/checks/runs#list-check-runs-in-a-check-suite
+//
+//meta:operation GET /repos/{owner}/{repo}/check-suites/{check_suite_id}/check-runs
 func (s *ChecksService) ListCheckRunsCheckSuite(ctx context.Context, owner, repo string, checkSuiteID int64, opts *ListCheckRunsOptions) (*ListCheckRunsResults, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/check-suites/%v/check-runs", owner, repo, checkSuiteID)
 	u, err := addOptions(u, opts)
@@ -309,7 +326,9 @@ func (s *ChecksService) ListCheckRunsCheckSuite(ctx context.Context, owner, repo
 
 // ReRequestCheckRun triggers GitHub to rerequest an existing check run.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/runs#rerequest-a-check-run
+// GitHub API docs: https://docs.github.com/rest/checks/runs#rerequest-a-check-run
+//
+//meta:operation POST /repos/{owner}/{repo}/check-runs/{check_run_id}/rerequest
 func (s *ChecksService) ReRequestCheckRun(ctx context.Context, owner, repo string, checkRunID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/check-runs/%v/rerequest", owner, repo, checkRunID)
 
@@ -339,7 +358,9 @@ type ListCheckSuiteResults struct {
 
 // ListCheckSuitesForRef lists check suite for a specific ref.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/suites#list-check-suites-for-a-git-reference
+// GitHub API docs: https://docs.github.com/rest/checks/suites#list-check-suites-for-a-git-reference
+//
+//meta:operation GET /repos/{owner}/{repo}/commits/{ref}/check-suites
 func (s *ChecksService) ListCheckSuitesForRef(ctx context.Context, owner, repo, ref string, opts *ListCheckSuiteOptions) (*ListCheckSuiteResults, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v/check-suites", owner, repo, refURLEscape(ref))
 	u, err := addOptions(u, opts)
@@ -380,14 +401,16 @@ type CheckSuitePreferenceResults struct {
 	Repository  *Repository     `json:"repository,omitempty"`
 }
 
-// PreferenceList represents a list of auto trigger checks for repository
+// PreferenceList represents a list of auto trigger checks for repository.
 type PreferenceList struct {
 	AutoTriggerChecks []*AutoTriggerCheck `json:"auto_trigger_checks,omitempty"` // A slice of auto trigger checks that can be set for a check suite in a repository.
 }
 
 // SetCheckSuitePreferences changes the default automatic flow when creating check suites.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/suites#update-repository-preferences-for-check-suites
+// GitHub API docs: https://docs.github.com/rest/checks/suites#update-repository-preferences-for-check-suites
+//
+//meta:operation PATCH /repos/{owner}/{repo}/check-suites/preferences
 func (s *ChecksService) SetCheckSuitePreferences(ctx context.Context, owner, repo string, opts CheckSuitePreferenceOptions) (*CheckSuitePreferenceResults, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/check-suites/preferences", owner, repo)
 	req, err := s.client.NewRequest("PATCH", u, opts)
@@ -406,7 +429,7 @@ func (s *ChecksService) SetCheckSuitePreferences(ctx context.Context, owner, rep
 	return checkSuitePrefResults, resp, nil
 }
 
-// CreateCheckSuiteOptions sets up parameters to manually create a check suites
+// CreateCheckSuiteOptions sets up parameters to manually create a check suites.
 type CreateCheckSuiteOptions struct {
 	HeadSHA    string  `json:"head_sha"`              // The sha of the head commit. (Required.)
 	HeadBranch *string `json:"head_branch,omitempty"` // The name of the head branch where the code changes are implemented.
@@ -414,7 +437,9 @@ type CreateCheckSuiteOptions struct {
 
 // CreateCheckSuite manually creates a check suite for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/suites#create-a-check-suite
+// GitHub API docs: https://docs.github.com/rest/checks/suites#create-a-check-suite
+//
+//meta:operation POST /repos/{owner}/{repo}/check-suites
 func (s *ChecksService) CreateCheckSuite(ctx context.Context, owner, repo string, opts CreateCheckSuiteOptions) (*CheckSuite, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/check-suites", owner, repo)
 	req, err := s.client.NewRequest("POST", u, opts)
@@ -435,7 +460,9 @@ func (s *ChecksService) CreateCheckSuite(ctx context.Context, owner, repo string
 
 // ReRequestCheckSuite triggers GitHub to rerequest an existing check suite, without pushing new code to a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/checks/suites#rerequest-a-check-suite
+// GitHub API docs: https://docs.github.com/rest/checks/suites#rerequest-a-check-suite
+//
+//meta:operation POST /repos/{owner}/{repo}/check-suites/{check_suite_id}/rerequest
 func (s *ChecksService) ReRequestCheckSuite(ctx context.Context, owner, repo string, checkSuiteID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/check-suites/%v/rerequest", owner, repo, checkSuiteID)
 
diff --git a/vendor/github.com/google/go-github/v55/github/code-scanning.go b/vendor/github.com/google/go-github/v72/github/code_scanning.go
similarity index 84%
rename from vendor/github.com/google/go-github/v55/github/code-scanning.go
rename to vendor/github.com/google/go-github/v72/github/code_scanning.go
index 0ae269be67..19a88241d3 100644
--- a/vendor/github.com/google/go-github/v55/github/code-scanning.go
+++ b/vendor/github.com/google/go-github/v72/github/code_scanning.go
@@ -7,6 +7,8 @@ package github
 
 import (
 	"context"
+	"encoding/json"
+	"errors"
 	"fmt"
 	"strconv"
 	"strings"
@@ -15,7 +17,7 @@ import (
 // CodeScanningService handles communication with the code scanning related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning
+// GitHub API docs: https://docs.github.com/rest/code-scanning
 type CodeScanningService service
 
 // Rule represents the complete details of GitHub Code Scanning alert type.
@@ -67,7 +69,7 @@ type Tool struct {
 
 // Alert represents an individual GitHub Code Scanning Alert on a single repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning
+// GitHub API docs: https://docs.github.com/rest/code-scanning
 type Alert struct {
 	Number             *int                  `json:"number,omitempty"`
 	Repository         *Repository           `json:"repository,omitempty"`
@@ -139,6 +141,15 @@ type AlertListOptions struct {
 	// The name of a code scanning tool. Only results by this tool will be listed.
 	ToolName string `url:"tool_name,omitempty"`
 
+	// The GUID of a code scanning tool. Only results by this tool will be listed.
+	ToolGUID string `url:"tool_guid,omitempty"`
+
+	// The direction to sort the results by. Possible values are: asc, desc. Default: desc.
+	Direction string `url:"direction,omitempty"`
+
+	// The property by which to sort the results. Possible values are: created, updated. Default: created.
+	Sort string `url:"sort,omitempty"`
+
 	ListCursorOptions
 
 	// Add ListOptions so offset pagination with integer type "page" query parameter is accepted
@@ -160,7 +171,7 @@ type AnalysesListOptions struct {
 
 // CodeQLDatabase represents a metadata about the CodeQL database.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning
+// GitHub API docs: https://docs.github.com/rest/code-scanning
 type CodeQLDatabase struct {
 	ID          *int64     `json:"id,omitempty"`
 	Name        *string    `json:"name,omitempty"`
@@ -175,7 +186,7 @@ type CodeQLDatabase struct {
 
 // ScanningAnalysis represents an individual GitHub Code Scanning ScanningAnalysis on a single repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning
+// GitHub API docs: https://docs.github.com/rest/code-scanning
 type ScanningAnalysis struct {
 	ID           *int64     `json:"id,omitempty"`
 	Ref          *string    `json:"ref,omitempty"`
@@ -196,7 +207,7 @@ type ScanningAnalysis struct {
 
 // SarifAnalysis specifies the results of a code scanning job.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning
+// GitHub API docs: https://docs.github.com/rest/code-scanning
 type SarifAnalysis struct {
 	CommitSHA   *string    `json:"commit_sha,omitempty"`
 	Ref         *string    `json:"ref,omitempty"`
@@ -208,7 +219,7 @@ type SarifAnalysis struct {
 
 // CodeScanningAlertState specifies the state of a code scanning alert.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning
+// GitHub API docs: https://docs.github.com/rest/code-scanning
 type CodeScanningAlertState struct {
 	// State sets the state of the code scanning alert and is a required field.
 	// You must also provide DismissedReason when you set the state to "dismissed".
@@ -224,7 +235,7 @@ type CodeScanningAlertState struct {
 
 // SarifID identifies a sarif analysis upload.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning
+// GitHub API docs: https://docs.github.com/rest/code-scanning
 type SarifID struct {
 	ID  *string `json:"id,omitempty"`
 	URL *string `json:"url,omitempty"`
@@ -235,7 +246,9 @@ type SarifID struct {
 // You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events
 // read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#list-code-scanning-alerts-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#list-code-scanning-alerts-for-an-organization
+//
+//meta:operation GET /orgs/{org}/code-scanning/alerts
 func (s *CodeScanningService) ListAlertsForOrg(ctx context.Context, org string, opts *AlertListOptions) ([]*Alert, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/code-scanning/alerts", org)
 	u, err := addOptions(u, opts)
@@ -263,7 +276,9 @@ func (s *CodeScanningService) ListAlertsForOrg(ctx context.Context, org string,
 // You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events
 // read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#list-code-scanning-alerts-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#list-code-scanning-alerts-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/code-scanning/alerts
 func (s *CodeScanningService) ListAlertsForRepo(ctx context.Context, owner, repo string, opts *AlertListOptions) ([]*Alert, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts", owner, repo)
 	u, err := addOptions(u, opts)
@@ -292,7 +307,9 @@ func (s *CodeScanningService) ListAlertsForRepo(ctx context.Context, owner, repo
 //
 // The security alert_id is the number at the end of the security alert's URL.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#get-a-code-scanning-alert
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-a-code-scanning-alert
+//
+//meta:operation GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}
 func (s *CodeScanningService) GetAlert(ctx context.Context, owner, repo string, id int64) (*Alert, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts/%v", owner, repo, id)
 
@@ -317,7 +334,9 @@ func (s *CodeScanningService) GetAlert(ctx context.Context, owner, repo string,
 //
 // The security alert_id is the number at the end of the security alert's URL.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning?apiVersion=2022-11-28#update-a-code-scanning-alert
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#update-a-code-scanning-alert
+//
+//meta:operation PATCH /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}
 func (s *CodeScanningService) UpdateAlert(ctx context.Context, owner, repo string, id int64, stateInfo *CodeScanningAlertState) (*Alert, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts/%v", owner, repo, id)
 
@@ -340,7 +359,9 @@ func (s *CodeScanningService) UpdateAlert(ctx context.Context, owner, repo strin
 // You must use an access token with the security_events scope to use this endpoint.
 // GitHub Apps must have the security_events read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#list-instances-of-a-code-scanning-alert
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#list-instances-of-a-code-scanning-alert
+//
+//meta:operation GET /repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/instances
 func (s *CodeScanningService) ListAlertInstances(ctx context.Context, owner, repo string, id int64, opts *AlertInstancesListOptions) ([]*MostRecentInstance, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/alerts/%v/instances", owner, repo, id)
 	u, err := addOptions(u, opts)
@@ -368,7 +389,9 @@ func (s *CodeScanningService) ListAlertInstances(ctx context.Context, owner, rep
 // You must use an access token with the security_events scope to use this endpoint. GitHub Apps must have the security_events
 // write permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#upload-an-analysis-as-sarif-data
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#upload-an-analysis-as-sarif-data
+//
+//meta:operation POST /repos/{owner}/{repo}/code-scanning/sarifs
 func (s *CodeScanningService) UploadSarif(ctx context.Context, owner, repo string, sarif *SarifAnalysis) (*SarifID, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/sarifs", owner, repo)
 
@@ -377,11 +400,21 @@ func (s *CodeScanningService) UploadSarif(ctx context.Context, owner, repo strin
 		return nil, nil, err
 	}
 
-	sarifID := new(SarifID)
-	resp, err := s.client.Do(ctx, req, sarifID)
-	if err != nil {
+	// This will always return an error without unmarshaling the data
+	resp, err := s.client.Do(ctx, req, nil)
+	// Even though there was an error, we still return the response
+	// in case the caller wants to inspect it further.
+	// However, if the error is AcceptedError, decode it below before
+	// returning from this function and closing the response body.
+	var acceptedError *AcceptedError
+	if !errors.As(err, &acceptedError) {
 		return nil, resp, err
 	}
+	sarifID := new(SarifID)
+	decErr := json.Unmarshal(acceptedError.Raw, sarifID)
+	if decErr != nil {
+		return nil, resp, decErr
+	}
 
 	return sarifID, resp, nil
 }
@@ -400,7 +433,9 @@ type SARIFUpload struct {
 // You must use an access token with the security_events scope to use this endpoint.
 // GitHub Apps must have the security_events read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#get-information-about-a-sarif-upload
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-information-about-a-sarif-upload
+//
+//meta:operation GET /repos/{owner}/{repo}/code-scanning/sarifs/{sarif_id}
 func (s *CodeScanningService) GetSARIF(ctx context.Context, owner, repo, sarifID string) (*SARIFUpload, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/sarifs/%v", owner, repo, sarifID)
 
@@ -424,7 +459,9 @@ func (s *CodeScanningService) GetSARIF(ctx context.Context, owner, repo, sarifID
 // You must use an access token with the security_events scope to use this endpoint.
 // GitHub Apps must have the security_events read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#list-code-scanning-analyses-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#list-code-scanning-analyses-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/code-scanning/analyses
 func (s *CodeScanningService) ListAnalysesForRepo(ctx context.Context, owner, repo string, opts *AnalysesListOptions) ([]*ScanningAnalysis, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/analyses", owner, repo)
 	u, err := addOptions(u, opts)
@@ -453,7 +490,9 @@ func (s *CodeScanningService) ListAnalysesForRepo(ctx context.Context, owner, re
 //
 // The security analysis_id is the ID of the analysis, as returned from the ListAnalysesForRepo operation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#get-a-code-scanning-analysis-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-a-code-scanning-analysis-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}
 func (s *CodeScanningService) GetAnalysis(ctx context.Context, owner, repo string, id int64) (*ScanningAnalysis, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/analyses/%v", owner, repo, id)
 
@@ -486,7 +525,9 @@ type DeleteAnalysis struct {
 //
 // The security analysis_id is the ID of the analysis, as returned from the ListAnalysesForRepo operation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#delete-a-code-scanning-analysis-from-a-repository
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#delete-a-code-scanning-analysis-from-a-repository
+//
+//meta:operation DELETE /repos/{owner}/{repo}/code-scanning/analyses/{analysis_id}
 func (s *CodeScanningService) DeleteAnalysis(ctx context.Context, owner, repo string, id int64) (*DeleteAnalysis, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/analyses/%v", owner, repo, id)
 
@@ -509,7 +550,9 @@ func (s *CodeScanningService) DeleteAnalysis(ctx context.Context, owner, repo st
 // You must use an access token with the security_events scope to use this endpoint.
 // GitHub Apps must have the contents read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#list-codeql-databases-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#list-codeql-databases-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/code-scanning/codeql/databases
 func (s *CodeScanningService) ListCodeQLDatabases(ctx context.Context, owner, repo string) ([]*CodeQLDatabase, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/codeql/databases", owner, repo)
 
@@ -532,7 +575,9 @@ func (s *CodeScanningService) ListCodeQLDatabases(ctx context.Context, owner, re
 // You must use an access token with the security_events scope to use this endpoint.
 // GitHub Apps must have the contents read permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#get-a-codeql-database-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-a-codeql-database-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/code-scanning/codeql/databases/{language}
 func (s *CodeScanningService) GetCodeQLDatabase(ctx context.Context, owner, repo, language string) (*CodeQLDatabase, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/code-scanning/codeql/databases/%v", owner, repo, language)
 
@@ -564,7 +609,9 @@ type DefaultSetupConfiguration struct {
 // endpoint with private repos or the public_repo scope for public repos. GitHub Apps must have the repo write
 // permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#get-a-code-scanning-default-setup-configuration
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-a-code-scanning-default-setup-configuration
+//
+//meta:operation GET /repos/{owner}/{repo}/code-scanning/default-setup
 func (s *CodeScanningService) GetDefaultSetupConfiguration(ctx context.Context, owner, repo string) (*DefaultSetupConfiguration, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/code-scanning/default-setup", owner, repo)
 
@@ -605,7 +652,9 @@ type UpdateDefaultSetupConfigurationResponse struct {
 // This method might return an AcceptedError and a status code of 202. This is because this is the status that GitHub
 // returns to signify that it has now scheduled the update of the pull request branch in a background task.
 //
-// GitHub API docs: https://docs.github.com/en/rest/code-scanning/code-scanning#update-a-code-scanning-default-setup-configuration
+// GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#update-a-code-scanning-default-setup-configuration
+//
+//meta:operation PATCH /repos/{owner}/{repo}/code-scanning/default-setup
 func (s *CodeScanningService) UpdateDefaultSetupConfiguration(ctx context.Context, owner, repo string, options *UpdateDefaultSetupConfigurationOptions) (*UpdateDefaultSetupConfigurationResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/code-scanning/default-setup", owner, repo)
 
diff --git a/vendor/github.com/google/go-github/v72/github/codesofconduct.go b/vendor/github.com/google/go-github/v72/github/codesofconduct.go
new file mode 100644
index 0000000000..aba0574171
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/codesofconduct.go
@@ -0,0 +1,87 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// CodesOfConductService provides access to code-of-conduct-related functions in the GitHub API.
+type CodesOfConductService service
+
+// CodeOfConduct represents a code of conduct.
+type CodeOfConduct struct {
+	Name *string `json:"name,omitempty"`
+	Key  *string `json:"key,omitempty"`
+	URL  *string `json:"url,omitempty"`
+	Body *string `json:"body,omitempty"`
+}
+
+func (c *CodeOfConduct) String() string {
+	return Stringify(c)
+}
+
+// List returns all codes of conduct.
+//
+// GitHub API docs: https://docs.github.com/rest/codes-of-conduct/codes-of-conduct#get-all-codes-of-conduct
+//
+//meta:operation GET /codes_of_conduct
+func (s *CodesOfConductService) List(ctx context.Context) ([]*CodeOfConduct, *Response, error) {
+	req, err := s.client.NewRequest("GET", "codes_of_conduct", nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// TODO: remove custom Accept header when this API fully launches.
+	req.Header.Set("Accept", mediaTypeCodesOfConductPreview)
+
+	var cs []*CodeOfConduct
+	resp, err := s.client.Do(ctx, req, &cs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return cs, resp, nil
+}
+
+// ListCodesOfConduct returns all codes of conduct.
+//
+// Deprecated: Use CodesOfConductService.List instead.
+func (c *Client) ListCodesOfConduct(ctx context.Context) ([]*CodeOfConduct, *Response, error) {
+	return c.CodesOfConduct.List(ctx)
+}
+
+// Get returns an individual code of conduct.
+//
+// GitHub API docs: https://docs.github.com/rest/codes-of-conduct/codes-of-conduct#get-a-code-of-conduct
+//
+//meta:operation GET /codes_of_conduct/{key}
+func (s *CodesOfConductService) Get(ctx context.Context, key string) (*CodeOfConduct, *Response, error) {
+	u := fmt.Sprintf("codes_of_conduct/%s", key)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// TODO: remove custom Accept header when this API fully launches.
+	req.Header.Set("Accept", mediaTypeCodesOfConductPreview)
+
+	coc := new(CodeOfConduct)
+	resp, err := s.client.Do(ctx, req, coc)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return coc, resp, nil
+}
+
+// GetCodeOfConduct returns an individual code of conduct.
+//
+// Deprecated: Use CodesOfConductService.Get instead.
+func (c *Client) GetCodeOfConduct(ctx context.Context, key string) (*CodeOfConduct, *Response, error) {
+	return c.CodesOfConduct.Get(ctx, key)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/codespaces.go b/vendor/github.com/google/go-github/v72/github/codespaces.go
similarity index 89%
rename from vendor/github.com/google/go-github/v55/github/codespaces.go
rename to vendor/github.com/google/go-github/v72/github/codespaces.go
index cd8b0e5bee..608370503f 100644
--- a/vendor/github.com/google/go-github/v55/github/codespaces.go
+++ b/vendor/github.com/google/go-github/v72/github/codespaces.go
@@ -13,12 +13,12 @@ import (
 // CodespacesService handles communication with the Codespaces related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/
+// GitHub API docs: https://docs.github.com/rest/codespaces/
 type CodespacesService service
 
 // Codespace represents a codespace.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces
+// GitHub API docs: https://docs.github.com/rest/codespaces
 type Codespace struct {
 	ID                             *int64                        `json:"id,omitempty"`
 	Name                           *string                       `json:"name,omitempty"`
@@ -90,7 +90,9 @@ type ListCodespaces struct {
 // You must authenticate using an access token with the codespace scope to use this endpoint.
 // GitHub Apps must have read access to the codespaces repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/codespaces?apiVersion=2022-11-28#list-codespaces-in-a-repository-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/codespaces/codespaces#list-codespaces-in-a-repository-for-the-authenticated-user
+//
+//meta:operation GET /repos/{owner}/{repo}/codespaces
 func (s *CodespacesService) ListInRepo(ctx context.Context, owner, repo string, opts *ListOptions) (*ListCodespaces, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/codespaces", owner, repo)
 	u, err := addOptions(u, opts)
@@ -112,7 +114,7 @@ func (s *CodespacesService) ListInRepo(ctx context.Context, owner, repo string,
 	return codespaces, resp, nil
 }
 
-// ListOptions represents the options for listing codespaces for a user.
+// ListCodespacesOptions represents the options for listing codespaces for a user.
 type ListCodespacesOptions struct {
 	ListOptions
 	RepositoryID int64 `url:"repository_id,omitempty"`
@@ -124,7 +126,9 @@ type ListCodespacesOptions struct {
 // You must authenticate using an access token with the codespace scope to use this endpoint.
 // GitHub Apps must have read access to the codespaces repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/codespaces?apiVersion=2022-11-28#list-codespaces-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/codespaces/codespaces#list-codespaces-for-the-authenticated-user
+//
+//meta:operation GET /user/codespaces
 func (s *CodespacesService) List(ctx context.Context, opts *ListCodespacesOptions) (*ListCodespaces, *Response, error) {
 	u := "user/codespaces"
 	u, err := addOptions(u, opts)
@@ -172,7 +176,9 @@ type CreateCodespaceOptions struct {
 // You must authenticate using an access token with the codespace scope to use this endpoint.
 // GitHub Apps must have write access to the codespaces repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/codespaces?apiVersion=2022-11-28#create-a-codespace-in-a-repository
+// GitHub API docs: https://docs.github.com/rest/codespaces/codespaces#create-a-codespace-in-a-repository
+//
+//meta:operation POST /repos/{owner}/{repo}/codespaces
 func (s *CodespacesService) CreateInRepo(ctx context.Context, owner, repo string, request *CreateCodespaceOptions) (*Codespace, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/codespaces", owner, repo)
 
@@ -195,7 +201,9 @@ func (s *CodespacesService) CreateInRepo(ctx context.Context, owner, repo string
 // You must authenticate using an access token with the codespace scope to use this endpoint.
 // GitHub Apps must have write access to the codespaces_lifecycle_admin repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/codespaces?apiVersion=2022-11-28#start-a-codespace-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/codespaces/codespaces#start-a-codespace-for-the-authenticated-user
+//
+//meta:operation POST /user/codespaces/{codespace_name}/start
 func (s *CodespacesService) Start(ctx context.Context, codespaceName string) (*Codespace, *Response, error) {
 	u := fmt.Sprintf("user/codespaces/%v/start", codespaceName)
 
@@ -218,7 +226,9 @@ func (s *CodespacesService) Start(ctx context.Context, codespaceName string) (*C
 // You must authenticate using an access token with the codespace scope to use this endpoint.
 // GitHub Apps must have write access to the codespaces_lifecycle_admin repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/codespaces?apiVersion=2022-11-28#stop-a-codespace-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/codespaces/codespaces#stop-a-codespace-for-the-authenticated-user
+//
+//meta:operation POST /user/codespaces/{codespace_name}/stop
 func (s *CodespacesService) Stop(ctx context.Context, codespaceName string) (*Codespace, *Response, error) {
 	u := fmt.Sprintf("user/codespaces/%v/stop", codespaceName)
 
@@ -241,7 +251,9 @@ func (s *CodespacesService) Stop(ctx context.Context, codespaceName string) (*Co
 // You must authenticate using an access token with the codespace scope to use this endpoint.
 // GitHub Apps must have write access to the codespaces repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/codespaces?apiVersion=2022-11-28#delete-a-codespace-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/codespaces/codespaces#delete-a-codespace-for-the-authenticated-user
+//
+//meta:operation DELETE /user/codespaces/{codespace_name}
 func (s *CodespacesService) Delete(ctx context.Context, codespaceName string) (*Response, error) {
 	u := fmt.Sprintf("user/codespaces/%v", codespaceName)
 
diff --git a/vendor/github.com/google/go-github/v55/github/codespaces_secrets.go b/vendor/github.com/google/go-github/v72/github/codespaces_secrets.go
similarity index 80%
rename from vendor/github.com/google/go-github/v55/github/codespaces_secrets.go
rename to vendor/github.com/google/go-github/v72/github/codespaces_secrets.go
index e11c679c66..438c27f8ff 100644
--- a/vendor/github.com/google/go-github/v55/github/codespaces_secrets.go
+++ b/vendor/github.com/google/go-github/v72/github/codespaces_secrets.go
@@ -16,7 +16,9 @@ import (
 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint
 // GitHub Apps must have read access to the codespaces_user_secrets user permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#list-secrets-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/codespaces/secrets#list-secrets-for-the-authenticated-user
+//
+//meta:operation GET /user/codespaces/secrets
 func (s *CodespacesService) ListUserSecrets(ctx context.Context, opts *ListOptions) (*Secrets, *Response, error) {
 	u, err := addOptions("user/codespaces/secrets", opts)
 	if err != nil {
@@ -29,7 +31,9 @@ func (s *CodespacesService) ListUserSecrets(ctx context.Context, opts *ListOptio
 //
 // Lists all Codespaces secrets available at the organization-level without revealing their encrypted values. You must authenticate using an access token with the admin:org scope to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#list-organization-secrets
+// GitHub API docs: https://docs.github.com/rest/codespaces/organization-secrets#list-organization-secrets
+//
+//meta:operation GET /orgs/{org}/codespaces/secrets
 func (s *CodespacesService) ListOrgSecrets(ctx context.Context, org string, opts *ListOptions) (*Secrets, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/codespaces/secrets", org)
 	u, err := addOptions(u, opts)
@@ -43,7 +47,9 @@ func (s *CodespacesService) ListOrgSecrets(ctx context.Context, org string, opts
 //
 // Lists all secrets available in a repository without revealing their encrypted values. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have write access to the codespaces_secrets repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/repository-secrets?apiVersion=2022-11-28#list-repository-secrets
+// GitHub API docs: https://docs.github.com/rest/codespaces/repository-secrets#list-repository-secrets
+//
+//meta:operation GET /repos/{owner}/{repo}/codespaces/secrets
 func (s *CodespacesService) ListRepoSecrets(ctx context.Context, owner, repo string, opts *ListOptions) (*Secrets, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/codespaces/secrets", owner, repo)
 	u, err := addOptions(u, opts)
@@ -74,7 +80,9 @@ func (s *CodespacesService) listSecrets(ctx context.Context, url string) (*Secre
 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.
 // GitHub Apps must have read access to the codespaces_user_secrets user permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#get-public-key-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/codespaces/secrets#get-public-key-for-the-authenticated-user
+//
+//meta:operation GET /user/codespaces/secrets/public-key
 func (s *CodespacesService) GetUserPublicKey(ctx context.Context) (*PublicKey, *Response, error) {
 	return s.getPublicKey(ctx, "user/codespaces/secrets/public-key")
 }
@@ -83,7 +91,9 @@ func (s *CodespacesService) GetUserPublicKey(ctx context.Context) (*PublicKey, *
 //
 // Gets a public key for an organization, which is required in order to encrypt secrets. You need to encrypt the value of a secret before you can create or update secrets. You must authenticate using an access token with the admin:org scope to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#get-an-organization-public-key
+// GitHub API docs: https://docs.github.com/rest/codespaces/organization-secrets#get-an-organization-public-key
+//
+//meta:operation GET /orgs/{org}/codespaces/secrets/public-key
 func (s *CodespacesService) GetOrgPublicKey(ctx context.Context, org string) (*PublicKey, *Response, error) {
 	return s.getPublicKey(ctx, fmt.Sprintf("orgs/%v/codespaces/secrets/public-key", org))
 }
@@ -92,7 +102,9 @@ func (s *CodespacesService) GetOrgPublicKey(ctx context.Context, org string) (*P
 //
 // Gets your public key, which you need to encrypt secrets. You need to encrypt a secret before you can create or update secrets. Anyone with read access to the repository can use this endpoint. If the repository is private you must use an access token with the repo scope. GitHub Apps must have write access to the codespaces_secrets repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/repository-secrets?apiVersion=2022-11-28#get-a-repository-public-key
+// GitHub API docs: https://docs.github.com/rest/codespaces/repository-secrets#get-a-repository-public-key
+//
+//meta:operation GET /repos/{owner}/{repo}/codespaces/secrets/public-key
 func (s *CodespacesService) GetRepoPublicKey(ctx context.Context, owner, repo string) (*PublicKey, *Response, error) {
 	return s.getPublicKey(ctx, fmt.Sprintf("repos/%v/%v/codespaces/secrets/public-key", owner, repo))
 }
@@ -118,7 +130,9 @@ func (s *CodespacesService) getPublicKey(ctx context.Context, url string) (*Publ
 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.
 // GitHub Apps must have read access to the codespaces_user_secrets user permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#get-a-secret-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/codespaces/secrets#get-a-secret-for-the-authenticated-user
+//
+//meta:operation GET /user/codespaces/secrets/{secret_name}
 func (s *CodespacesService) GetUserSecret(ctx context.Context, name string) (*Secret, *Response, error) {
 	u := fmt.Sprintf("user/codespaces/secrets/%v", name)
 	return s.getSecret(ctx, u)
@@ -128,7 +142,9 @@ func (s *CodespacesService) GetUserSecret(ctx context.Context, name string) (*Se
 //
 // Gets an organization secret without revealing its encrypted value. You must authenticate using an access token with the admin:org scope to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#get-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/organization-secrets#get-an-organization-secret
+//
+//meta:operation GET /orgs/{org}/codespaces/secrets/{secret_name}
 func (s *CodespacesService) GetOrgSecret(ctx context.Context, org, name string) (*Secret, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v", org, name)
 	return s.getSecret(ctx, u)
@@ -138,7 +154,9 @@ func (s *CodespacesService) GetOrgSecret(ctx context.Context, org, name string)
 //
 // Gets a single repository secret without revealing its encrypted value. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have write access to the codespaces_secrets repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/repository-secrets?apiVersion=2022-11-28#get-a-repository-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/repository-secrets#get-a-repository-secret
+//
+//meta:operation GET /repos/{owner}/{repo}/codespaces/secrets/{secret_name}
 func (s *CodespacesService) GetRepoSecret(ctx context.Context, owner, repo, name string) (*Secret, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/codespaces/secrets/%v", owner, repo, name)
 	return s.getSecret(ctx, u)
@@ -165,7 +183,9 @@ func (s *CodespacesService) getSecret(ctx context.Context, url string) (*Secret,
 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must also have Codespaces access to use this endpoint.
 // GitHub Apps must have write access to the codespaces_user_secrets user permission and codespaces_secrets repository permission on all referenced repositories to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#create-or-update-a-secret-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/codespaces/secrets#create-or-update-a-secret-for-the-authenticated-user
+//
+//meta:operation PUT /user/codespaces/secrets/{secret_name}
 func (s *CodespacesService) CreateOrUpdateUserSecret(ctx context.Context, eSecret *EncryptedSecret) (*Response, error) {
 	u := fmt.Sprintf("user/codespaces/secrets/%v", eSecret.Name)
 	return s.createOrUpdateSecret(ctx, u, eSecret)
@@ -175,7 +195,9 @@ func (s *CodespacesService) CreateOrUpdateUserSecret(ctx context.Context, eSecre
 //
 // Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the admin:org scope to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#create-or-update-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/organization-secrets#create-or-update-an-organization-secret
+//
+//meta:operation PUT /orgs/{org}/codespaces/secrets/{secret_name}
 func (s *CodespacesService) CreateOrUpdateOrgSecret(ctx context.Context, org string, eSecret *EncryptedSecret) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v", org, eSecret.Name)
 	return s.createOrUpdateSecret(ctx, u, eSecret)
@@ -185,7 +207,9 @@ func (s *CodespacesService) CreateOrUpdateOrgSecret(ctx context.Context, org str
 //
 // Creates or updates a repository secret with an encrypted value. Encrypt your secret using LibSodium. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have write access to the codespaces_secrets repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/repository-secrets?apiVersion=2022-11-28#create-or-update-a-repository-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/repository-secrets#create-or-update-a-repository-secret
+//
+//meta:operation PUT /repos/{owner}/{repo}/codespaces/secrets/{secret_name}
 func (s *CodespacesService) CreateOrUpdateRepoSecret(ctx context.Context, owner, repo string, eSecret *EncryptedSecret) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/codespaces/secrets/%v", owner, repo, eSecret.Name)
 	return s.createOrUpdateSecret(ctx, u, eSecret)
@@ -211,7 +235,9 @@ func (s *CodespacesService) createOrUpdateSecret(ctx context.Context, url string
 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.
 // GitHub Apps must have write access to the codespaces_user_secrets user permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#delete-a-secret-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/codespaces/secrets#delete-a-secret-for-the-authenticated-user
+//
+//meta:operation DELETE /user/codespaces/secrets/{secret_name}
 func (s *CodespacesService) DeleteUserSecret(ctx context.Context, name string) (*Response, error) {
 	u := fmt.Sprintf("user/codespaces/secrets/%v", name)
 	return s.deleteSecret(ctx, u)
@@ -221,7 +247,9 @@ func (s *CodespacesService) DeleteUserSecret(ctx context.Context, name string) (
 //
 // Deletes an organization secret using the secret name. You must authenticate using an access token with the admin:org scope to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#delete-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/organization-secrets#delete-an-organization-secret
+//
+//meta:operation DELETE /orgs/{org}/codespaces/secrets/{secret_name}
 func (s *CodespacesService) DeleteOrgSecret(ctx context.Context, org, name string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v", org, name)
 	return s.deleteSecret(ctx, u)
@@ -231,7 +259,9 @@ func (s *CodespacesService) DeleteOrgSecret(ctx context.Context, org, name strin
 //
 // Deletes a secret in a repository using the secret name. You must authenticate using an access token with the repo scope to use this endpoint. GitHub Apps must have write access to the codespaces_secrets repository permission to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/repository-secrets?apiVersion=2022-11-28#delete-a-repository-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/repository-secrets#delete-a-repository-secret
+//
+//meta:operation DELETE /repos/{owner}/{repo}/codespaces/secrets/{secret_name}
 func (s *CodespacesService) DeleteRepoSecret(ctx context.Context, owner, repo, name string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/codespaces/secrets/%v", owner, repo, name)
 	return s.deleteSecret(ctx, u)
@@ -256,7 +286,9 @@ func (s *CodespacesService) deleteSecret(ctx context.Context, url string) (*Resp
 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.
 // GitHub Apps must have read access to the codespaces_user_secrets user permission and write access to the codespaces_secrets repository permission on all referenced repositories to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#list-selected-repositories-for-a-user-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/secrets#list-selected-repositories-for-a-user-secret
+//
+//meta:operation GET /user/codespaces/secrets/{secret_name}/repositories
 func (s *CodespacesService) ListSelectedReposForUserSecret(ctx context.Context, name string, opts *ListOptions) (*SelectedReposList, *Response, error) {
 	u := fmt.Sprintf("user/codespaces/secrets/%v/repositories", name)
 	u, err := addOptions(u, opts)
@@ -271,7 +303,9 @@ func (s *CodespacesService) ListSelectedReposForUserSecret(ctx context.Context,
 //
 // Lists all repositories that have been selected when the visibility for repository access to a secret is set to selected. You must authenticate using an access token with the admin:org scope to use this endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#list-selected-repositories-for-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/organization-secrets#list-selected-repositories-for-an-organization-secret
+//
+//meta:operation GET /orgs/{org}/codespaces/secrets/{secret_name}/repositories
 func (s *CodespacesService) ListSelectedReposForOrgSecret(ctx context.Context, org, name string, opts *ListOptions) (*SelectedReposList, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v/repositories", org, name)
 	u, err := addOptions(u, opts)
@@ -302,7 +336,9 @@ func (s *CodespacesService) listSelectedReposForSecret(ctx context.Context, url
 // You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint.
 // GitHub Apps must have write access to the codespaces_user_secrets user permission and write access to the codespaces_secrets repository permission on all referenced repositories to use this endpoint.
 //
-// Github API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#set-selected-repositories-for-a-user-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/secrets#set-selected-repositories-for-a-user-secret
+//
+//meta:operation PUT /user/codespaces/secrets/{secret_name}/repositories
 func (s *CodespacesService) SetSelectedReposForUserSecret(ctx context.Context, name string, ids SelectedRepoIDs) (*Response, error) {
 	u := fmt.Sprintf("user/codespaces/secrets/%v/repositories", name)
 	return s.setSelectedRepoForSecret(ctx, u, ids)
@@ -312,7 +348,9 @@ func (s *CodespacesService) SetSelectedReposForUserSecret(ctx context.Context, n
 //
 // Replaces all repositories for an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint.
 //
-// Github API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#set-selected-repositories-for-a-user-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/organization-secrets#set-selected-repositories-for-an-organization-secret
+//
+//meta:operation PUT /orgs/{org}/codespaces/secrets/{secret_name}/repositories
 func (s *CodespacesService) SetSelectedReposForOrgSecret(ctx context.Context, org, name string, ids SelectedRepoIDs) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v/repositories", org, name)
 	return s.setSelectedRepoForSecret(ctx, u, ids)
@@ -340,7 +378,9 @@ func (s *CodespacesService) setSelectedRepoForSecret(ctx context.Context, url st
 //
 // Adds a repository to the selected repositories for a user's codespace secret. You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. GitHub Apps must have write access to the codespaces_user_secrets user permission and write access to the codespaces_secrets repository permission on the referenced repository to use this endpoint.
 //
-// Github API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#add-a-selected-repository-to-a-user-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/secrets#add-a-selected-repository-to-a-user-secret
+//
+//meta:operation PUT /user/codespaces/secrets/{secret_name}/repositories/{repository_id}
 func (s *CodespacesService) AddSelectedRepoToUserSecret(ctx context.Context, name string, repo *Repository) (*Response, error) {
 	u := fmt.Sprintf("user/codespaces/secrets/%v/repositories/%v", name, *repo.ID)
 	return s.addSelectedRepoToSecret(ctx, u)
@@ -350,7 +390,9 @@ func (s *CodespacesService) AddSelectedRepoToUserSecret(ctx context.Context, nam
 //
 // Adds a repository to an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint.
 //
-// Github API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#add-selected-repository-to-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/organization-secrets#add-selected-repository-to-an-organization-secret
+//
+//meta:operation PUT /orgs/{org}/codespaces/secrets/{secret_name}/repositories/{repository_id}
 func (s *CodespacesService) AddSelectedRepoToOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v/repositories/%v", org, name, *repo.ID)
 	return s.addSelectedRepoToSecret(ctx, u)
@@ -374,7 +416,9 @@ func (s *CodespacesService) addSelectedRepoToSecret(ctx context.Context, url str
 //
 // Removes a repository from the selected repositories for a user's codespace secret. You must authenticate using an access token with the codespace or codespace:secrets scope to use this endpoint. User must have Codespaces access to use this endpoint. GitHub Apps must have write access to the codespaces_user_secrets user permission to use this endpoint.
 //
-// Github API docs: https://docs.github.com/en/rest/codespaces/secrets?apiVersion=2022-11-28#remove-a-selected-repository-from-a-user-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/secrets#remove-a-selected-repository-from-a-user-secret
+//
+//meta:operation DELETE /user/codespaces/secrets/{secret_name}/repositories/{repository_id}
 func (s *CodespacesService) RemoveSelectedRepoFromUserSecret(ctx context.Context, name string, repo *Repository) (*Response, error) {
 	u := fmt.Sprintf("user/codespaces/secrets/%v/repositories/%v", name, *repo.ID)
 	return s.removeSelectedRepoFromSecret(ctx, u)
@@ -384,7 +428,9 @@ func (s *CodespacesService) RemoveSelectedRepoFromUserSecret(ctx context.Context
 //
 // Removes a repository from an organization secret when the visibility for repository access is set to selected. The visibility is set when you Create or update an organization secret. You must authenticate using an access token with the admin:org scope to use this endpoint.
 //
-// Github API docs: https://docs.github.com/en/rest/codespaces/organization-secrets?apiVersion=2022-11-28#remove-selected-repository-from-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/codespaces/organization-secrets#remove-selected-repository-from-an-organization-secret
+//
+//meta:operation DELETE /orgs/{org}/codespaces/secrets/{secret_name}/repositories/{repository_id}
 func (s *CodespacesService) RemoveSelectedRepoFromOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/codespaces/secrets/%v/repositories/%v", org, name, *repo.ID)
 	return s.removeSelectedRepoFromSecret(ctx, u)
diff --git a/vendor/github.com/google/go-github/v72/github/copilot.go b/vendor/github.com/google/go-github/v72/github/copilot.go
new file mode 100644
index 0000000000..b9adfcb4ee
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/copilot.go
@@ -0,0 +1,570 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"time"
+)
+
+// CopilotService provides access to the Copilot-related functions
+// in the GitHub API.
+//
+// GitHub API docs: https://docs.github.com/en/rest/copilot/
+type CopilotService service
+
+// CopilotOrganizationDetails represents the details of an organization's Copilot for Business subscription.
+type CopilotOrganizationDetails struct {
+	SeatBreakdown         *CopilotSeatBreakdown `json:"seat_breakdown"`
+	PublicCodeSuggestions string                `json:"public_code_suggestions"`
+	CopilotChat           string                `json:"copilot_chat"`
+	SeatManagementSetting string                `json:"seat_management_setting"`
+}
+
+// CopilotSeatBreakdown represents the breakdown of Copilot for Business seats for the organization.
+type CopilotSeatBreakdown struct {
+	Total               int `json:"total"`
+	AddedThisCycle      int `json:"added_this_cycle"`
+	PendingCancellation int `json:"pending_cancellation"`
+	PendingInvitation   int `json:"pending_invitation"`
+	ActiveThisCycle     int `json:"active_this_cycle"`
+	InactiveThisCycle   int `json:"inactive_this_cycle"`
+}
+
+// ListCopilotSeatsResponse represents the Copilot for Business seat assignments for an organization.
+type ListCopilotSeatsResponse struct {
+	TotalSeats int64                 `json:"total_seats"`
+	Seats      []*CopilotSeatDetails `json:"seats"`
+}
+
+// CopilotSeatDetails represents the details of a Copilot for Business seat.
+type CopilotSeatDetails struct {
+	// Assignee can either be a User, Team, or Organization.
+	Assignee                interface{} `json:"assignee"`
+	AssigningTeam           *Team       `json:"assigning_team,omitempty"`
+	PendingCancellationDate *string     `json:"pending_cancellation_date,omitempty"`
+	LastActivityAt          *Timestamp  `json:"last_activity_at,omitempty"`
+	LastActivityEditor      *string     `json:"last_activity_editor,omitempty"`
+	CreatedAt               *Timestamp  `json:"created_at"`
+	UpdatedAt               *Timestamp  `json:"updated_at,omitempty"`
+	PlanType                *string     `json:"plan_type,omitempty"`
+}
+
+// SeatAssignments represents the number of seats assigned.
+type SeatAssignments struct {
+	SeatsCreated int `json:"seats_created"`
+}
+
+// SeatCancellations represents the number of seats cancelled.
+type SeatCancellations struct {
+	SeatsCancelled int `json:"seats_cancelled"`
+}
+
+// CopilotMetricsListOptions represents the optional parameters to the CopilotService get metrics methods.
+type CopilotMetricsListOptions struct {
+	Since *time.Time `url:"since,omitempty"`
+	Until *time.Time `url:"until,omitempty"`
+
+	ListOptions
+}
+
+// CopilotIDECodeCompletionsLanguage represents Copilot usage metrics for completions in the IDE for a language.
+type CopilotIDECodeCompletionsLanguage struct {
+	Name              string `json:"name"`
+	TotalEngagedUsers int    `json:"total_engaged_users"`
+}
+
+// CopilotIDECodeCompletionsModelLanguage represents Copilot usage metrics for completions in the IDE for a model and language.
+type CopilotIDECodeCompletionsModelLanguage struct {
+	Name                    string `json:"name"`
+	TotalEngagedUsers       int    `json:"total_engaged_users"`
+	TotalCodeSuggestions    int    `json:"total_code_suggestions"`
+	TotalCodeAcceptances    int    `json:"total_code_acceptances"`
+	TotalCodeLinesSuggested int    `json:"total_code_lines_suggested"`
+	TotalCodeLinesAccepted  int    `json:"total_code_lines_accepted"`
+}
+
+// CopilotIDECodeCompletionsModel represents Copilot usage metrics for completions in the IDE for a model.
+type CopilotIDECodeCompletionsModel struct {
+	Name                    string                                    `json:"name"`
+	IsCustomModel           bool                                      `json:"is_custom_model"`
+	CustomModelTrainingDate *string                                   `json:"custom_model_training_date,omitempty"`
+	TotalEngagedUsers       int                                       `json:"total_engaged_users"`
+	Languages               []*CopilotIDECodeCompletionsModelLanguage `json:"languages"`
+}
+
+// CopilotIDECodeCompletionsEditor represents Copilot usage metrics for completions in the IDE for an editor.
+type CopilotIDECodeCompletionsEditor struct {
+	Name              string                            `json:"name"`
+	TotalEngagedUsers int                               `json:"total_engaged_users"`
+	Models            []*CopilotIDECodeCompletionsModel `json:"models"`
+}
+
+// CopilotIDECodeCompletions represents Copilot usage metrics for Copilot code completions in the IDE, categorized by editor, model and language.
+type CopilotIDECodeCompletions struct {
+	TotalEngagedUsers int                                  `json:"total_engaged_users"`
+	Languages         []*CopilotIDECodeCompletionsLanguage `json:"languages"`
+	Editors           []*CopilotIDECodeCompletionsEditor   `json:"editors"`
+}
+
+// CopilotIDEChatModel represents Copilot usage metrics for chatting with a model in the IDE.
+type CopilotIDEChatModel struct {
+	Name                     string  `json:"name"`
+	IsCustomModel            bool    `json:"is_custom_model"`
+	CustomModelTrainingDate  *string `json:"custom_model_training_date,omitempty"`
+	TotalEngagedUsers        int     `json:"total_engaged_users"`
+	TotalChats               int     `json:"total_chats"`
+	TotalChatInsertionEvents int     `json:"total_chat_insertion_events"`
+	TotalChatCopyEvents      int     `json:"total_chat_copy_events"`
+}
+
+// CopilotIDEChatEditor represents Copilot usage metrics for chatting with a model in the IDE, categorized by editor and model.
+type CopilotIDEChatEditor struct {
+	Name              string                 `json:"name"`
+	TotalEngagedUsers int                    `json:"total_engaged_users"`
+	Models            []*CopilotIDEChatModel `json:"models"`
+}
+
+// CopilotIDEChat represents Copilot usage metrics for Copilot Chat in the IDE, categorized by editor and model.
+type CopilotIDEChat struct {
+	TotalEngagedUsers int                     `json:"total_engaged_users"`
+	Editors           []*CopilotIDEChatEditor `json:"editors"`
+}
+
+// CopilotDotcomChatModel represents Copilot usage metrics for chatting with a model in the webbrowser.
+type CopilotDotcomChatModel struct {
+	Name                    string  `json:"name"`
+	IsCustomModel           bool    `json:"is_custom_model"`
+	CustomModelTrainingDate *string `json:"custom_model_training_date,omitempty"`
+	TotalEngagedUsers       int     `json:"total_engaged_users"`
+	TotalChats              int     `json:"total_chats"`
+}
+
+// CopilotDotcomChat represents Copilot usage metrics for Copilot Chat in the webbrowser, categorized by model.
+type CopilotDotcomChat struct {
+	TotalEngagedUsers int                       `json:"total_engaged_users"`
+	Models            []*CopilotDotcomChatModel `json:"models"`
+}
+
+// CopilotDotcomPullRequestsModel represents Copilot usage metrics for pull requests in the webbrowser, categorized by model.
+type CopilotDotcomPullRequestsModel struct {
+	Name                    string  `json:"name"`
+	IsCustomModel           bool    `json:"is_custom_model"`
+	CustomModelTrainingDate *string `json:"custom_model_training_date,omitempty"`
+	TotalPRSummariesCreated int     `json:"total_pr_summaries_created"`
+	TotalEngagedUsers       int     `json:"total_engaged_users"`
+}
+
+// CopilotDotcomPullRequestsRepository represents Copilot usage metrics for pull requests in the webbrowser, categorized by repository.
+type CopilotDotcomPullRequestsRepository struct {
+	Name              string                            `json:"name"`
+	TotalEngagedUsers int                               `json:"total_engaged_users"`
+	Models            []*CopilotDotcomPullRequestsModel `json:"models"`
+}
+
+// CopilotDotcomPullRequests represents Copilot usage metrics for pull requests in the webbrowser, categorized by repository and model.
+type CopilotDotcomPullRequests struct {
+	TotalEngagedUsers int                                    `json:"total_engaged_users"`
+	Repositories      []*CopilotDotcomPullRequestsRepository `json:"repositories"`
+}
+
+// CopilotMetrics represents Copilot usage metrics for a given day.
+type CopilotMetrics struct {
+	Date                      string                     `json:"date"`
+	TotalActiveUsers          *int                       `json:"total_active_users,omitempty"`
+	TotalEngagedUsers         *int                       `json:"total_engaged_users,omitempty"`
+	CopilotIDECodeCompletions *CopilotIDECodeCompletions `json:"copilot_ide_code_completions,omitempty"`
+	CopilotIDEChat            *CopilotIDEChat            `json:"copilot_ide_chat,omitempty"`
+	CopilotDotcomChat         *CopilotDotcomChat         `json:"copilot_dotcom_chat,omitempty"`
+	CopilotDotcomPullRequests *CopilotDotcomPullRequests `json:"copilot_dotcom_pull_requests,omitempty"`
+}
+
+func (cp *CopilotSeatDetails) UnmarshalJSON(data []byte) error {
+	// Using an alias to avoid infinite recursion when calling json.Unmarshal
+	type alias CopilotSeatDetails
+	var seatDetail alias
+
+	if err := json.Unmarshal(data, &seatDetail); err != nil {
+		return err
+	}
+
+	cp.AssigningTeam = seatDetail.AssigningTeam
+	cp.PendingCancellationDate = seatDetail.PendingCancellationDate
+	cp.LastActivityAt = seatDetail.LastActivityAt
+	cp.LastActivityEditor = seatDetail.LastActivityEditor
+	cp.CreatedAt = seatDetail.CreatedAt
+	cp.UpdatedAt = seatDetail.UpdatedAt
+	cp.PlanType = seatDetail.PlanType
+
+	switch v := seatDetail.Assignee.(type) {
+	case map[string]interface{}:
+		jsonData, err := json.Marshal(seatDetail.Assignee)
+		if err != nil {
+			return err
+		}
+
+		if v["type"] == nil {
+			return errors.New("assignee type field is not set")
+		}
+
+		if t, ok := v["type"].(string); ok && t == "User" {
+			user := &User{}
+			if err := json.Unmarshal(jsonData, user); err != nil {
+				return err
+			}
+			cp.Assignee = user
+		} else if t, ok := v["type"].(string); ok && t == "Team" {
+			team := &Team{}
+			if err := json.Unmarshal(jsonData, team); err != nil {
+				return err
+			}
+			cp.Assignee = team
+		} else if t, ok := v["type"].(string); ok && t == "Organization" {
+			organization := &Organization{}
+			if err := json.Unmarshal(jsonData, organization); err != nil {
+				return err
+			}
+			cp.Assignee = organization
+		} else {
+			return fmt.Errorf("unsupported assignee type %v", v["type"])
+		}
+	default:
+		return fmt.Errorf("unsupported assignee type %T", v)
+	}
+
+	return nil
+}
+
+// GetUser gets the User from the CopilotSeatDetails if the assignee is a user.
+func (cp *CopilotSeatDetails) GetUser() (*User, bool) { u, ok := cp.Assignee.(*User); return u, ok }
+
+// GetTeam gets the Team from the CopilotSeatDetails if the assignee is a team.
+func (cp *CopilotSeatDetails) GetTeam() (*Team, bool) { t, ok := cp.Assignee.(*Team); return t, ok }
+
+// GetOrganization gets the Organization from the CopilotSeatDetails if the assignee is an organization.
+func (cp *CopilotSeatDetails) GetOrganization() (*Organization, bool) {
+	o, ok := cp.Assignee.(*Organization)
+	return o, ok
+}
+
+// GetCopilotBilling gets Copilot for Business billing information and settings for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/copilot/copilot-user-management#get-copilot-seat-information-and-settings-for-an-organization
+//
+//meta:operation GET /orgs/{org}/copilot/billing
+func (s *CopilotService) GetCopilotBilling(ctx context.Context, org string) (*CopilotOrganizationDetails, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/copilot/billing", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var copilotDetails *CopilotOrganizationDetails
+	resp, err := s.client.Do(ctx, req, &copilotDetails)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return copilotDetails, resp, nil
+}
+
+// ListCopilotSeats lists Copilot for Business seat assignments for an organization.
+//
+// To paginate through all seats, populate 'Page' with the number of the last page.
+//
+// GitHub API docs: https://docs.github.com/rest/copilot/copilot-user-management#list-all-copilot-seat-assignments-for-an-organization
+//
+//meta:operation GET /orgs/{org}/copilot/billing/seats
+func (s *CopilotService) ListCopilotSeats(ctx context.Context, org string, opts *ListOptions) (*ListCopilotSeatsResponse, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/copilot/billing/seats", org)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var copilotSeats *ListCopilotSeatsResponse
+	resp, err := s.client.Do(ctx, req, &copilotSeats)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return copilotSeats, resp, nil
+}
+
+// ListCopilotEnterpriseSeats lists Copilot for Business seat assignments for an enterprise.
+//
+// To paginate through all seats, populate 'Page' with the number of the last page.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/copilot/copilot-user-management#list-all-copilot-seat-assignments-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/copilot/billing/seats
+func (s *CopilotService) ListCopilotEnterpriseSeats(ctx context.Context, enterprise string, opts *ListOptions) (*ListCopilotSeatsResponse, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/copilot/billing/seats", enterprise)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var copilotSeats *ListCopilotSeatsResponse
+	resp, err := s.client.Do(ctx, req, &copilotSeats)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return copilotSeats, resp, nil
+}
+
+// AddCopilotTeams adds teams to the Copilot for Business subscription for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/copilot/copilot-user-management#add-teams-to-the-copilot-subscription-for-an-organization
+//
+//meta:operation POST /orgs/{org}/copilot/billing/selected_teams
+func (s *CopilotService) AddCopilotTeams(ctx context.Context, org string, teamNames []string) (*SeatAssignments, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/copilot/billing/selected_teams", org)
+
+	body := struct {
+		SelectedTeams []string `json:"selected_teams"`
+	}{
+		SelectedTeams: teamNames,
+	}
+
+	req, err := s.client.NewRequest("POST", u, body)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var seatAssignments *SeatAssignments
+	resp, err := s.client.Do(ctx, req, &seatAssignments)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return seatAssignments, resp, nil
+}
+
+// RemoveCopilotTeams removes teams from the Copilot for Business subscription for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/copilot/copilot-user-management#remove-teams-from-the-copilot-subscription-for-an-organization
+//
+//meta:operation DELETE /orgs/{org}/copilot/billing/selected_teams
+func (s *CopilotService) RemoveCopilotTeams(ctx context.Context, org string, teamNames []string) (*SeatCancellations, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/copilot/billing/selected_teams", org)
+
+	body := struct {
+		SelectedTeams []string `json:"selected_teams"`
+	}{
+		SelectedTeams: teamNames,
+	}
+
+	req, err := s.client.NewRequest("DELETE", u, body)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var seatCancellations *SeatCancellations
+	resp, err := s.client.Do(ctx, req, &seatCancellations)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return seatCancellations, resp, nil
+}
+
+// AddCopilotUsers adds users to the Copilot for Business subscription for an organization
+//
+// GitHub API docs: https://docs.github.com/rest/copilot/copilot-user-management#add-users-to-the-copilot-subscription-for-an-organization
+//
+//meta:operation POST /orgs/{org}/copilot/billing/selected_users
+func (s *CopilotService) AddCopilotUsers(ctx context.Context, org string, users []string) (*SeatAssignments, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/copilot/billing/selected_users", org)
+
+	body := struct {
+		SelectedUsernames []string `json:"selected_usernames"`
+	}{
+		SelectedUsernames: users,
+	}
+
+	req, err := s.client.NewRequest("POST", u, body)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var seatAssignments *SeatAssignments
+	resp, err := s.client.Do(ctx, req, &seatAssignments)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return seatAssignments, resp, nil
+}
+
+// RemoveCopilotUsers removes users from the Copilot for Business subscription for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/copilot/copilot-user-management#remove-users-from-the-copilot-subscription-for-an-organization
+//
+//meta:operation DELETE /orgs/{org}/copilot/billing/selected_users
+func (s *CopilotService) RemoveCopilotUsers(ctx context.Context, org string, users []string) (*SeatCancellations, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/copilot/billing/selected_users", org)
+
+	body := struct {
+		SelectedUsernames []string `json:"selected_usernames"`
+	}{
+		SelectedUsernames: users,
+	}
+
+	req, err := s.client.NewRequest("DELETE", u, body)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var seatCancellations *SeatCancellations
+	resp, err := s.client.Do(ctx, req, &seatCancellations)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return seatCancellations, resp, nil
+}
+
+// GetSeatDetails gets Copilot for Business seat assignment details for a user.
+//
+// GitHub API docs: https://docs.github.com/rest/copilot/copilot-user-management#get-copilot-seat-assignment-details-for-a-user
+//
+//meta:operation GET /orgs/{org}/members/{username}/copilot
+func (s *CopilotService) GetSeatDetails(ctx context.Context, org, user string) (*CopilotSeatDetails, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/members/%v/copilot", org, user)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var seatDetails *CopilotSeatDetails
+	resp, err := s.client.Do(ctx, req, &seatDetails)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return seatDetails, resp, nil
+}
+
+// GetEnterpriseMetrics gets Copilot usage metrics for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/copilot/copilot-metrics#get-copilot-metrics-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/copilot/metrics
+func (s *CopilotService) GetEnterpriseMetrics(ctx context.Context, enterprise string, opts *CopilotMetricsListOptions) ([]*CopilotMetrics, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/copilot/metrics", enterprise)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var metrics []*CopilotMetrics
+	resp, err := s.client.Do(ctx, req, &metrics)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return metrics, resp, nil
+}
+
+// GetEnterpriseTeamMetrics gets Copilot usage metrics for an enterprise team.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/copilot/copilot-metrics#get-copilot-metrics-for-an-enterprise-team
+//
+//meta:operation GET /enterprises/{enterprise}/team/{team_slug}/copilot/metrics
+func (s *CopilotService) GetEnterpriseTeamMetrics(ctx context.Context, enterprise, team string, opts *CopilotMetricsListOptions) ([]*CopilotMetrics, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/team/%v/copilot/metrics", enterprise, team)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var metrics []*CopilotMetrics
+	resp, err := s.client.Do(ctx, req, &metrics)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return metrics, resp, nil
+}
+
+// GetOrganizationMetrics gets Copilot usage metrics for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/copilot/copilot-metrics#get-copilot-metrics-for-an-organization
+//
+//meta:operation GET /orgs/{org}/copilot/metrics
+func (s *CopilotService) GetOrganizationMetrics(ctx context.Context, org string, opts *CopilotMetricsListOptions) ([]*CopilotMetrics, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/copilot/metrics", org)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var metrics []*CopilotMetrics
+	resp, err := s.client.Do(ctx, req, &metrics)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return metrics, resp, nil
+}
+
+// GetOrganizationTeamMetrics gets Copilot usage metrics for an organization team.
+//
+// GitHub API docs: https://docs.github.com/rest/copilot/copilot-metrics#get-copilot-metrics-for-a-team
+//
+//meta:operation GET /orgs/{org}/team/{team_slug}/copilot/metrics
+func (s *CopilotService) GetOrganizationTeamMetrics(ctx context.Context, org, team string, opts *CopilotMetricsListOptions) ([]*CopilotMetrics, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/team/%v/copilot/metrics", org, team)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var metrics []*CopilotMetrics
+	resp, err := s.client.Do(ctx, req, &metrics)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return metrics, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/dependabot.go b/vendor/github.com/google/go-github/v72/github/dependabot.go
similarity index 83%
rename from vendor/github.com/google/go-github/v55/github/dependabot.go
rename to vendor/github.com/google/go-github/v72/github/dependabot.go
index 07e68b506a..2a11a9c956 100644
--- a/vendor/github.com/google/go-github/v55/github/dependabot.go
+++ b/vendor/github.com/google/go-github/v72/github/dependabot.go
@@ -8,5 +8,5 @@ package github
 // DependabotService handles communication with the Dependabot related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/
+// GitHub API docs: https://docs.github.com/rest/dependabot/
 type DependabotService service
diff --git a/vendor/github.com/google/go-github/v55/github/dependabot_alerts.go b/vendor/github.com/google/go-github/v72/github/dependabot_alerts.go
similarity index 69%
rename from vendor/github.com/google/go-github/v55/github/dependabot_alerts.go
rename to vendor/github.com/google/go-github/v72/github/dependabot_alerts.go
index 177316b1dc..67e624c9e8 100644
--- a/vendor/github.com/google/go-github/v55/github/dependabot_alerts.go
+++ b/vendor/github.com/google/go-github/v72/github/dependabot_alerts.go
@@ -10,7 +10,7 @@ import (
 	"fmt"
 )
 
-// Dependency reprensents the vulnerable dependency.
+// Dependency represents the vulnerable dependency.
 type Dependency struct {
 	Package      *VulnerabilityPackage `json:"package,omitempty"`
 	ManifestPath *string               `json:"manifest_path,omitempty"`
@@ -23,12 +23,21 @@ type AdvisoryCVSS struct {
 	VectorString *string  `json:"vector_string,omitempty"`
 }
 
-// AdvisoryCWEs reprensent the advisory pertaining to Common Weakness Enumeration.
+// AdvisoryCWEs represent the advisory pertaining to Common Weakness Enumeration.
 type AdvisoryCWEs struct {
 	CWEID *string `json:"cwe_id,omitempty"`
 	Name  *string `json:"name,omitempty"`
 }
 
+// AdvisoryEPSS represents the advisory pertaining to the Exploit Prediction Scoring System.
+//
+// For more information, see:
+// https://github.blog/changelog/2024-10-10-epss-scores-in-the-github-advisory-database/
+type AdvisoryEPSS struct {
+	Percentage float64 `json:"percentage"`
+	Percentile float64 `json:"percentile"`
+}
+
 // DependabotSecurityAdvisory represents the GitHub Security Advisory.
 type DependabotSecurityAdvisory struct {
 	GHSAID          *string                  `json:"ghsa_id,omitempty"`
@@ -39,6 +48,7 @@ type DependabotSecurityAdvisory struct {
 	Severity        *string                  `json:"severity,omitempty"`
 	CVSS            *AdvisoryCVSS            `json:"cvss,omitempty"`
 	CWEs            []*AdvisoryCWEs          `json:"cwes,omitempty"`
+	EPSS            *AdvisoryEPSS            `json:"epss,omitempty"`
 	Identifiers     []*AdvisoryIdentifier    `json:"identifiers,omitempty"`
 	References      []*AdvisoryReference     `json:"references,omitempty"`
 	PublishedAt     *Timestamp               `json:"published_at,omitempty"`
@@ -67,6 +77,17 @@ type DependabotAlert struct {
 	Repository *Repository `json:"repository,omitempty"`
 }
 
+// DependabotAlertState represents the state of a Dependabot alert to update.
+type DependabotAlertState struct {
+	// The state of the Dependabot alert. A dismissed_reason must be provided when setting the state to dismissed.
+	State string `json:"state"`
+	// Required when state is dismissed. A reason for dismissing the alert.
+	// Can be one of: fix_started, inaccurate, no_bandwidth, not_used, tolerable_risk
+	DismissedReason *string `json:"dismissed_reason,omitempty"`
+	// An optional comment associated with dismissing the alert.
+	DismissedComment *string `json:"dismissed_comment,omitempty"`
+}
+
 // ListAlertsOptions specifies the optional parameters to the DependabotService.ListRepoAlerts
 // and DependabotService.ListOrgAlerts methods.
 type ListAlertsOptions struct {
@@ -104,7 +125,9 @@ func (s *DependabotService) listAlerts(ctx context.Context, url string, opts *Li
 
 // ListRepoAlerts lists all Dependabot alerts of a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/alerts#list-dependabot-alerts-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/dependabot/alerts#list-dependabot-alerts-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/dependabot/alerts
 func (s *DependabotService) ListRepoAlerts(ctx context.Context, owner, repo string, opts *ListAlertsOptions) ([]*DependabotAlert, *Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/dependabot/alerts", owner, repo)
 	return s.listAlerts(ctx, url, opts)
@@ -112,7 +135,9 @@ func (s *DependabotService) ListRepoAlerts(ctx context.Context, owner, repo stri
 
 // ListOrgAlerts lists all Dependabot alerts of an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/alerts#list-dependabot-alerts-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/dependabot/alerts#list-dependabot-alerts-for-an-organization
+//
+//meta:operation GET /orgs/{org}/dependabot/alerts
 func (s *DependabotService) ListOrgAlerts(ctx context.Context, org string, opts *ListAlertsOptions) ([]*DependabotAlert, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/dependabot/alerts", org)
 	return s.listAlerts(ctx, url, opts)
@@ -120,7 +145,9 @@ func (s *DependabotService) ListOrgAlerts(ctx context.Context, org string, opts
 
 // GetRepoAlert gets a single repository Dependabot alert.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/alerts#get-a-dependabot-alert
+// GitHub API docs: https://docs.github.com/rest/dependabot/alerts#get-a-dependabot-alert
+//
+//meta:operation GET /repos/{owner}/{repo}/dependabot/alerts/{alert_number}
 func (s *DependabotService) GetRepoAlert(ctx context.Context, owner, repo string, number int) (*DependabotAlert, *Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/dependabot/alerts/%v", owner, repo, number)
 	req, err := s.client.NewRequest("GET", url, nil)
@@ -136,3 +163,24 @@ func (s *DependabotService) GetRepoAlert(ctx context.Context, owner, repo string
 
 	return alert, resp, nil
 }
+
+// UpdateAlert updates a Dependabot alert.
+//
+// GitHub API docs: https://docs.github.com/rest/dependabot/alerts#update-a-dependabot-alert
+//
+//meta:operation PATCH /repos/{owner}/{repo}/dependabot/alerts/{alert_number}
+func (s *DependabotService) UpdateAlert(ctx context.Context, owner, repo string, number int, stateInfo *DependabotAlertState) (*DependabotAlert, *Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/dependabot/alerts/%v", owner, repo, number)
+	req, err := s.client.NewRequest("PATCH", url, stateInfo)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	alert := new(DependabotAlert)
+	resp, err := s.client.Do(ctx, req, alert)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return alert, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/dependabot_secrets.go b/vendor/github.com/google/go-github/v72/github/dependabot_secrets.go
similarity index 77%
rename from vendor/github.com/google/go-github/v55/github/dependabot_secrets.go
rename to vendor/github.com/google/go-github/v72/github/dependabot_secrets.go
index 685f7bea8e..e85c805a63 100644
--- a/vendor/github.com/google/go-github/v55/github/dependabot_secrets.go
+++ b/vendor/github.com/google/go-github/v72/github/dependabot_secrets.go
@@ -27,7 +27,9 @@ func (s *DependabotService) getPublicKey(ctx context.Context, url string) (*Publ
 
 // GetRepoPublicKey gets a public key that should be used for Dependabot secret encryption.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#get-a-repository-public-key
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#get-a-repository-public-key
+//
+//meta:operation GET /repos/{owner}/{repo}/dependabot/secrets/public-key
 func (s *DependabotService) GetRepoPublicKey(ctx context.Context, owner, repo string) (*PublicKey, *Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/dependabot/secrets/public-key", owner, repo)
 	return s.getPublicKey(ctx, url)
@@ -35,7 +37,9 @@ func (s *DependabotService) GetRepoPublicKey(ctx context.Context, owner, repo st
 
 // GetOrgPublicKey gets a public key that should be used for Dependabot secret encryption.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#get-an-organization-public-key
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#get-an-organization-public-key
+//
+//meta:operation GET /orgs/{org}/dependabot/secrets/public-key
 func (s *DependabotService) GetOrgPublicKey(ctx context.Context, org string) (*PublicKey, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/dependabot/secrets/public-key", org)
 	return s.getPublicKey(ctx, url)
@@ -64,7 +68,9 @@ func (s *DependabotService) listSecrets(ctx context.Context, url string, opts *L
 // ListRepoSecrets lists all Dependabot secrets available in a repository
 // without revealing their encrypted values.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#list-repository-secrets
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#list-repository-secrets
+//
+//meta:operation GET /repos/{owner}/{repo}/dependabot/secrets
 func (s *DependabotService) ListRepoSecrets(ctx context.Context, owner, repo string, opts *ListOptions) (*Secrets, *Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/dependabot/secrets", owner, repo)
 	return s.listSecrets(ctx, url, opts)
@@ -73,7 +79,9 @@ func (s *DependabotService) ListRepoSecrets(ctx context.Context, owner, repo str
 // ListOrgSecrets lists all Dependabot secrets available in an organization
 // without revealing their encrypted values.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#list-organization-secrets
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#list-organization-secrets
+//
+//meta:operation GET /orgs/{org}/dependabot/secrets
 func (s *DependabotService) ListOrgSecrets(ctx context.Context, org string, opts *ListOptions) (*Secrets, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/dependabot/secrets", org)
 	return s.listSecrets(ctx, url, opts)
@@ -96,7 +104,9 @@ func (s *DependabotService) getSecret(ctx context.Context, url string) (*Secret,
 
 // GetRepoSecret gets a single repository Dependabot secret without revealing its encrypted value.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#get-a-repository-secret
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#get-a-repository-secret
+//
+//meta:operation GET /repos/{owner}/{repo}/dependabot/secrets/{secret_name}
 func (s *DependabotService) GetRepoSecret(ctx context.Context, owner, repo, name string) (*Secret, *Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/dependabot/secrets/%v", owner, repo, name)
 	return s.getSecret(ctx, url)
@@ -104,7 +114,9 @@ func (s *DependabotService) GetRepoSecret(ctx context.Context, owner, repo, name
 
 // GetOrgSecret gets a single organization Dependabot secret without revealing its encrypted value.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#get-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#get-an-organization-secret
+//
+//meta:operation GET /orgs/{org}/dependabot/secrets/{secret_name}
 func (s *DependabotService) GetOrgSecret(ctx context.Context, org, name string) (*Secret, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v", org, name)
 	return s.getSecret(ctx, url)
@@ -134,7 +146,9 @@ func (s *DependabotService) putSecret(ctx context.Context, url string, eSecret *
 
 // CreateOrUpdateRepoSecret creates or updates a repository Dependabot secret with an encrypted value.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#create-or-update-a-repository-secret
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#create-or-update-a-repository-secret
+//
+//meta:operation PUT /repos/{owner}/{repo}/dependabot/secrets/{secret_name}
 func (s *DependabotService) CreateOrUpdateRepoSecret(ctx context.Context, owner, repo string, eSecret *DependabotEncryptedSecret) (*Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/dependabot/secrets/%v", owner, repo, eSecret.Name)
 	return s.putSecret(ctx, url, eSecret)
@@ -142,7 +156,9 @@ func (s *DependabotService) CreateOrUpdateRepoSecret(ctx context.Context, owner,
 
 // CreateOrUpdateOrgSecret creates or updates an organization Dependabot secret with an encrypted value.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#create-or-update-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#create-or-update-an-organization-secret
+//
+//meta:operation PUT /orgs/{org}/dependabot/secrets/{secret_name}
 func (s *DependabotService) CreateOrUpdateOrgSecret(ctx context.Context, org string, eSecret *DependabotEncryptedSecret) (*Response, error) {
 	repoIDs := make([]string, len(eSecret.SelectedRepositoryIDs))
 	for i, secret := range eSecret.SelectedRepositoryIDs {
@@ -176,7 +192,9 @@ func (s *DependabotService) deleteSecret(ctx context.Context, url string) (*Resp
 
 // DeleteRepoSecret deletes a Dependabot secret in a repository using the secret name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#delete-a-repository-secret
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#delete-a-repository-secret
+//
+//meta:operation DELETE /repos/{owner}/{repo}/dependabot/secrets/{secret_name}
 func (s *DependabotService) DeleteRepoSecret(ctx context.Context, owner, repo, name string) (*Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/dependabot/secrets/%v", owner, repo, name)
 	return s.deleteSecret(ctx, url)
@@ -184,7 +202,9 @@ func (s *DependabotService) DeleteRepoSecret(ctx context.Context, owner, repo, n
 
 // DeleteOrgSecret deletes a Dependabot secret in an organization using the secret name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#delete-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#delete-an-organization-secret
+//
+//meta:operation DELETE /orgs/{org}/dependabot/secrets/{secret_name}
 func (s *DependabotService) DeleteOrgSecret(ctx context.Context, org, name string) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v", org, name)
 	return s.deleteSecret(ctx, url)
@@ -192,7 +212,9 @@ func (s *DependabotService) DeleteOrgSecret(ctx context.Context, org, name strin
 
 // ListSelectedReposForOrgSecret lists all repositories that have access to a Dependabot secret.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#list-selected-repositories-for-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#list-selected-repositories-for-an-organization-secret
+//
+//meta:operation GET /orgs/{org}/dependabot/secrets/{secret_name}/repositories
 func (s *DependabotService) ListSelectedReposForOrgSecret(ctx context.Context, org, name string, opts *ListOptions) (*SelectedReposList, *Response, error) {
 	url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v/repositories", org, name)
 	u, err := addOptions(url, opts)
@@ -219,7 +241,9 @@ type DependabotSecretsSelectedRepoIDs []int64
 
 // SetSelectedReposForOrgSecret sets the repositories that have access to a Dependabot secret.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#set-selected-repositories-for-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#set-selected-repositories-for-an-organization-secret
+//
+//meta:operation PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories
 func (s *DependabotService) SetSelectedReposForOrgSecret(ctx context.Context, org, name string, ids DependabotSecretsSelectedRepoIDs) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v/repositories", org, name)
 	type repoIDs struct {
@@ -236,7 +260,9 @@ func (s *DependabotService) SetSelectedReposForOrgSecret(ctx context.Context, or
 
 // AddSelectedRepoToOrgSecret adds a repository to an organization Dependabot secret.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#add-selected-repository-to-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#add-selected-repository-to-an-organization-secret
+//
+//meta:operation PUT /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}
 func (s *DependabotService) AddSelectedRepoToOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v/repositories/%v", org, name, *repo.ID)
 	req, err := s.client.NewRequest("PUT", url, nil)
@@ -249,7 +275,9 @@ func (s *DependabotService) AddSelectedRepoToOrgSecret(ctx context.Context, org,
 
 // RemoveSelectedRepoFromOrgSecret removes a repository from an organization Dependabot secret.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependabot/secrets#remove-selected-repository-from-an-organization-secret
+// GitHub API docs: https://docs.github.com/rest/dependabot/secrets#remove-selected-repository-from-an-organization-secret
+//
+//meta:operation DELETE /orgs/{org}/dependabot/secrets/{secret_name}/repositories/{repository_id}
 func (s *DependabotService) RemoveSelectedRepoFromOrgSecret(ctx context.Context, org, name string, repo *Repository) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/dependabot/secrets/%v/repositories/%v", org, name, *repo.ID)
 	req, err := s.client.NewRequest("DELETE", url, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/dependency_graph.go b/vendor/github.com/google/go-github/v72/github/dependency_graph.go
similarity index 92%
rename from vendor/github.com/google/go-github/v55/github/dependency_graph.go
rename to vendor/github.com/google/go-github/v72/github/dependency_graph.go
index e578965cc1..86a1fe48b9 100644
--- a/vendor/github.com/google/go-github/v55/github/dependency_graph.go
+++ b/vendor/github.com/google/go-github/v72/github/dependency_graph.go
@@ -61,7 +61,9 @@ func (s SBOM) String() string {
 
 // GetSBOM fetches the software bill of materials for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/dependency-graph/sboms
+// GitHub API docs: https://docs.github.com/rest/dependency-graph/sboms#export-a-software-bill-of-materials-sbom-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/dependency-graph/sbom
 func (s *DependencyGraphService) GetSBOM(ctx context.Context, owner, repo string) (*SBOM, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/dependency-graph/sbom", owner, repo)
 
diff --git a/vendor/github.com/google/go-github/v72/github/dependency_graph_snapshots.go b/vendor/github.com/google/go-github/v72/github/dependency_graph_snapshots.go
new file mode 100644
index 0000000000..0606b98151
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/dependency_graph_snapshots.go
@@ -0,0 +1,113 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// DependencyGraphSnapshotResolvedDependency represents a resolved dependency in a dependency graph snapshot.
+//
+// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
+type DependencyGraphSnapshotResolvedDependency struct {
+	PackageURL *string `json:"package_url,omitempty"`
+	// Represents whether the dependency is requested directly by the manifest or is a dependency of another dependency.
+	// Can have the following values:
+	//   - "direct": indicates that the dependency is requested directly by the manifest.
+	//   - "indirect": indicates that the dependency is a dependency of another dependency.
+	Relationship *string `json:"relationship,omitempty"`
+	// Represents whether the dependency is required for the primary build artifact or is only used for development.
+	// Can have the following values:
+	//   - "runtime": indicates that the dependency is required for the primary build artifact.
+	//   - "development": indicates that the dependency is only used for development.
+	Scope        *string  `json:"scope,omitempty"`
+	Dependencies []string `json:"dependencies,omitempty"`
+}
+
+// DependencyGraphSnapshotJob represents the job that created the snapshot.
+//
+// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
+type DependencyGraphSnapshotJob struct {
+	Correlator *string `json:"correlator,omitempty"`
+	ID         *string `json:"id,omitempty"`
+	HTMLURL    *string `json:"html_url,omitempty"`
+}
+
+// DependencyGraphSnapshotDetector represents a description of the detector used.
+//
+// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
+type DependencyGraphSnapshotDetector struct {
+	Name    *string `json:"name,omitempty"`
+	Version *string `json:"version,omitempty"`
+	URL     *string `json:"url,omitempty"`
+}
+
+// DependencyGraphSnapshotManifestFile represents the file declaring the repository's dependencies.
+//
+// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
+type DependencyGraphSnapshotManifestFile struct {
+	SourceLocation *string `json:"source_location,omitempty"`
+}
+
+// DependencyGraphSnapshotManifest represents a collection of related dependencies declared in a file or representing a logical group of dependencies.
+//
+// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
+type DependencyGraphSnapshotManifest struct {
+	Name     *string                                               `json:"name,omitempty"`
+	File     *DependencyGraphSnapshotManifestFile                  `json:"file,omitempty"`
+	Resolved map[string]*DependencyGraphSnapshotResolvedDependency `json:"resolved,omitempty"`
+}
+
+// DependencyGraphSnapshot represent a snapshot of a repository's dependencies.
+//
+// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
+type DependencyGraphSnapshot struct {
+	Version   int                                         `json:"version"`
+	Sha       *string                                     `json:"sha,omitempty"`
+	Ref       *string                                     `json:"ref,omitempty"`
+	Job       *DependencyGraphSnapshotJob                 `json:"job,omitempty"`
+	Detector  *DependencyGraphSnapshotDetector            `json:"detector,omitempty"`
+	Scanned   *Timestamp                                  `json:"scanned,omitempty"`
+	Manifests map[string]*DependencyGraphSnapshotManifest `json:"manifests,omitempty"`
+}
+
+// DependencyGraphSnapshotCreationData represents the dependency snapshot's creation result.
+//
+// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
+type DependencyGraphSnapshotCreationData struct {
+	ID        int64      `json:"id"`
+	CreatedAt *Timestamp `json:"created_at,omitempty"`
+	Message   *string    `json:"message,omitempty"`
+	// Represents the snapshot creation result.
+	// Can have the following values:
+	//   - "SUCCESS": indicates that the snapshot was successfully created and the repository's dependencies were updated.
+	//   - "ACCEPTED": indicates that the snapshot was successfully created, but the repository's dependencies were not updated.
+	//   - "INVALID": indicates that the snapshot was malformed.
+	Result *string `json:"result,omitempty"`
+}
+
+// CreateSnapshot creates a new snapshot of a repository's dependencies.
+//
+// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
+//
+//meta:operation POST /repos/{owner}/{repo}/dependency-graph/snapshots
+func (s *DependencyGraphService) CreateSnapshot(ctx context.Context, owner, repo string, dependencyGraphSnapshot *DependencyGraphSnapshot) (*DependencyGraphSnapshotCreationData, *Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/dependency-graph/snapshots", owner, repo)
+
+	req, err := s.client.NewRequest("POST", url, dependencyGraphSnapshot)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var snapshotCreationData *DependencyGraphSnapshotCreationData
+	resp, err := s.client.Do(ctx, req, &snapshotCreationData)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return snapshotCreationData, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/doc.go b/vendor/github.com/google/go-github/v72/github/doc.go
similarity index 85%
rename from vendor/github.com/google/go-github/v55/github/doc.go
rename to vendor/github.com/google/go-github/v72/github/doc.go
index bace6fb3c6..8a6112fe9e 100644
--- a/vendor/github.com/google/go-github/v55/github/doc.go
+++ b/vendor/github.com/google/go-github/v72/github/doc.go
@@ -8,7 +8,7 @@ Package github provides a client for using the GitHub API.
 
 Usage:
 
-	import "github.com/google/go-github/v55/github"	// with go modules enabled (GO111MODULE=on or outside GOPATH)
+	import "github.com/google/go-github/v72/github"	// with go modules enabled (GO111MODULE=on or outside GOPATH)
 	import "github.com/google/go-github/github"     // with go modules disabled
 
 Construct a new GitHub client, then use the various services on the client to
@@ -29,9 +29,9 @@ Some API methods have optional parameters that can be passed. For example:
 
 The services of a client divide the API into logical chunks and correspond to
 the structure of the GitHub API documentation at
-https://docs.github.com/en/rest .
+https://docs.github.com/rest .
 
-NOTE: Using the https://godoc.org/context package, one can easily
+NOTE: Using the https://pkg.go.dev/context package, one can easily
 pass cancelation signals and deadlines to various services of the client for
 handling a request. In case there is no context available, then context.Background()
 can be used as a starting point.
@@ -119,7 +119,7 @@ For secondary rate limits, you can check if its type is *github.AbuseRateLimitEr
 	}
 
 Learn more about GitHub rate limiting at
-https://docs.github.com/en/rest/rate-limit .
+https://docs.github.com/rest/rate-limit .
 
 # Accepted Status
 
@@ -138,14 +138,20 @@ To detect this condition of error, you can check if its type is
 
 # Conditional Requests
 
-The GitHub API has good support for conditional requests which will help
-prevent you from burning through your rate limit, as well as help speed up your
-application. go-github does not handle conditional requests directly, but is
-instead designed to work with a caching http.Transport. We recommend using
-https://github.com/gregjones/httpcache for that.
+The GitHub REST API has good support for conditional HTTP requests
+via the ETag header which will help prevent you from burning through your
+rate limit, as well as help speed up your application. go-github does not
+handle conditional requests directly, but is instead designed to work with a
+caching http.Transport.
+
+Typically, an RFC 7234 compliant HTTP cache such as https://github.com/gregjones/httpcache
+is recommended. Alternatively, the https://github.com/bored-engineer/github-conditional-http-transport
+package relies on (undocumented) GitHub specific cache logic and is
+recommended when making requests using short-lived credentials such as a
+GitHub App installation token.
 
 Learn more about GitHub conditional requests at
-https://docs.github.com/en/rest/overview/resources-in-the-rest-api#conditional-requests.
+https://docs.github.com/rest/overview/resources-in-the-rest-api#conditional-requests.
 
 # Creating and Updating Resources
 
@@ -156,8 +162,8 @@ bool, and int values. For example:
 
 	// create a new private repository named "foo"
 	repo := &github.Repository{
-		Name:    github.String("foo"),
-		Private: github.Bool(true),
+		Name:    github.Ptr("foo"),
+		Private: github.Ptr(true),
 	}
 	client.Repositories.Create(ctx, "", repo)
 
diff --git a/vendor/github.com/google/go-github/v72/github/emojis.go b/vendor/github.com/google/go-github/v72/github/emojis.go
new file mode 100644
index 0000000000..b7a03dd98c
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/emojis.go
@@ -0,0 +1,40 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+)
+
+// EmojisService provides access to emoji-related functions in the GitHub API.
+type EmojisService service
+
+// List returns the emojis available to use on GitHub.
+//
+// GitHub API docs: https://docs.github.com/rest/emojis/emojis#get-emojis
+//
+//meta:operation GET /emojis
+func (s *EmojisService) List(ctx context.Context) (map[string]string, *Response, error) {
+	req, err := s.client.NewRequest("GET", "emojis", nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var emoji map[string]string
+	resp, err := s.client.Do(ctx, req, &emoji)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return emoji, resp, nil
+}
+
+// ListEmojis returns the emojis available to use on GitHub.
+//
+// Deprecated: Use EmojisService.List instead.
+func (c *Client) ListEmojis(ctx context.Context) (map[string]string, *Response, error) {
+	return c.Emojis.List(ctx)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/enterprise.go b/vendor/github.com/google/go-github/v72/github/enterprise.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/enterprise.go
rename to vendor/github.com/google/go-github/v72/github/enterprise.go
index 1c9b069566..2036f8bc75 100644
--- a/vendor/github.com/google/go-github/v55/github/enterprise.go
+++ b/vendor/github.com/google/go-github/v72/github/enterprise.go
@@ -8,5 +8,5 @@ package github
 // EnterpriseService provides access to the enterprise related functions
 // in the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/enterprise-admin/
+// GitHub API docs: https://docs.github.com/rest/enterprise-admin/
 type EnterpriseService service
diff --git a/vendor/github.com/google/go-github/v72/github/enterprise_actions_hosted_runners.go b/vendor/github.com/google/go-github/v72/github/enterprise_actions_hosted_runners.go
new file mode 100644
index 0000000000..e82ba9b806
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_actions_hosted_runners.go
@@ -0,0 +1,234 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ListHostedRunners lists all the GitHub-hosted runners for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/hosted-runners#list-github-hosted-runners-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/hosted-runners
+func (s *EnterpriseService) ListHostedRunners(ctx context.Context, enterprise string, opts *ListOptions) (*HostedRunners, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/hosted-runners", enterprise)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runners := &HostedRunners{}
+	resp, err := s.client.Do(ctx, req, &runners)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runners, resp, nil
+}
+
+// CreateHostedRunner creates a GitHub-hosted runner for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/hosted-runners#create-a-github-hosted-runner-for-an-enterprise
+//
+//meta:operation POST /enterprises/{enterprise}/actions/hosted-runners
+func (s *EnterpriseService) CreateHostedRunner(ctx context.Context, enterprise string, request *HostedRunnerRequest) (*HostedRunner, *Response, error) {
+	if err := validateCreateHostedRunnerRequest(request); err != nil {
+		return nil, nil, fmt.Errorf("validation failed: %w", err)
+	}
+
+	u := fmt.Sprintf("enterprises/%v/actions/hosted-runners", enterprise)
+	req, err := s.client.NewRequest("POST", u, request)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunner := new(HostedRunner)
+	resp, err := s.client.Do(ctx, req, hostedRunner)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunner, resp, nil
+}
+
+// GetHostedRunnerGitHubOwnedImages gets the list of GitHub-owned images available for GitHub-hosted runners for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/hosted-runners#get-github-owned-images-for-github-hosted-runners-in-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/hosted-runners/images/github-owned
+func (s *EnterpriseService) GetHostedRunnerGitHubOwnedImages(ctx context.Context, enterprise string) (*HostedRunnerImages, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/hosted-runners/images/github-owned", enterprise)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunnerImages := new(HostedRunnerImages)
+	resp, err := s.client.Do(ctx, req, hostedRunnerImages)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunnerImages, resp, nil
+}
+
+// GetHostedRunnerPartnerImages gets the list of partner images available for GitHub-hosted runners for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/hosted-runners#get-partner-images-for-github-hosted-runners-in-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/hosted-runners/images/partner
+func (s *EnterpriseService) GetHostedRunnerPartnerImages(ctx context.Context, enterprise string) (*HostedRunnerImages, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/hosted-runners/images/partner", enterprise)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunnerImages := new(HostedRunnerImages)
+	resp, err := s.client.Do(ctx, req, hostedRunnerImages)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunnerImages, resp, nil
+}
+
+// GetHostedRunnerLimits gets the GitHub-hosted runners Static public IP Limits for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/hosted-runners#get-limits-on-github-hosted-runners-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/hosted-runners/limits
+func (s *EnterpriseService) GetHostedRunnerLimits(ctx context.Context, enterprise string) (*HostedRunnerPublicIPLimits, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/hosted-runners/limits", enterprise)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	publicIPLimits := new(HostedRunnerPublicIPLimits)
+	resp, err := s.client.Do(ctx, req, publicIPLimits)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return publicIPLimits, resp, nil
+}
+
+// GetHostedRunnerMachineSpecs gets the list of machine specs available for GitHub-hosted runners for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/hosted-runners#get-github-hosted-runners-machine-specs-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/hosted-runners/machine-sizes
+func (s *EnterpriseService) GetHostedRunnerMachineSpecs(ctx context.Context, enterprise string) (*HostedRunnerMachineSpecs, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/hosted-runners/machine-sizes", enterprise)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	machineSpecs := new(HostedRunnerMachineSpecs)
+	resp, err := s.client.Do(ctx, req, machineSpecs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return machineSpecs, resp, nil
+}
+
+// GetHostedRunnerPlatforms gets list of platforms available for GitHub-hosted runners for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/hosted-runners#get-platforms-for-github-hosted-runners-in-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/hosted-runners/platforms
+func (s *EnterpriseService) GetHostedRunnerPlatforms(ctx context.Context, enterprise string) (*HostedRunnerPlatforms, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/hosted-runners/platforms", enterprise)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	platforms := new(HostedRunnerPlatforms)
+	resp, err := s.client.Do(ctx, req, platforms)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return platforms, resp, nil
+}
+
+// GetHostedRunner gets a GitHub-hosted runner in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/hosted-runners#get-a-github-hosted-runner-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/hosted-runners/{hosted_runner_id}
+func (s *EnterpriseService) GetHostedRunner(ctx context.Context, enterprise string, runnerID int64) (*HostedRunner, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/hosted-runners/%v", enterprise, runnerID)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunner := new(HostedRunner)
+	resp, err := s.client.Do(ctx, req, hostedRunner)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunner, resp, nil
+}
+
+// UpdateHostedRunner updates a GitHub-hosted runner for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/hosted-runners#update-a-github-hosted-runner-for-an-enterprise
+//
+//meta:operation PATCH /enterprises/{enterprise}/actions/hosted-runners/{hosted_runner_id}
+func (s *EnterpriseService) UpdateHostedRunner(ctx context.Context, enterprise string, runnerID int64, updateReq HostedRunnerRequest) (*HostedRunner, *Response, error) {
+	if err := validateUpdateHostedRunnerRequest(&updateReq); err != nil {
+		return nil, nil, fmt.Errorf("validation failed: %w", err)
+	}
+
+	u := fmt.Sprintf("enterprises/%v/actions/hosted-runners/%v", enterprise, runnerID)
+	req, err := s.client.NewRequest("PATCH", u, updateReq)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunner := new(HostedRunner)
+	resp, err := s.client.Do(ctx, req, hostedRunner)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunner, resp, nil
+}
+
+// DeleteHostedRunner deletes GitHub-hosted runner from an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/hosted-runners#delete-a-github-hosted-runner-for-an-enterprise
+//
+//meta:operation DELETE /enterprises/{enterprise}/actions/hosted-runners/{hosted_runner_id}
+func (s *EnterpriseService) DeleteHostedRunner(ctx context.Context, enterprise string, runnerID int64) (*HostedRunner, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/hosted-runners/%v", enterprise, runnerID)
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	hostedRunner := new(HostedRunner)
+	resp, err := s.client.Do(ctx, req, hostedRunner)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return hostedRunner, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/enterprise_actions_runner_groups.go b/vendor/github.com/google/go-github/v72/github/enterprise_actions_runner_groups.go
new file mode 100644
index 0000000000..f171df7573
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_actions_runner_groups.go
@@ -0,0 +1,336 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ListOrganizations represents the response from the list orgs endpoints.
+type ListOrganizations struct {
+	TotalCount    *int            `json:"total_count,omitempty"`
+	Organizations []*Organization `json:"organizations"`
+}
+
+// EnterpriseRunnerGroup represents a self-hosted runner group configured in an enterprise.
+type EnterpriseRunnerGroup struct {
+	ID                           *int64   `json:"id,omitempty"`
+	Name                         *string  `json:"name,omitempty"`
+	Visibility                   *string  `json:"visibility,omitempty"`
+	Default                      *bool    `json:"default,omitempty"`
+	SelectedOrganizationsURL     *string  `json:"selected_organizations_url,omitempty"`
+	RunnersURL                   *string  `json:"runners_url,omitempty"`
+	Inherited                    *bool    `json:"inherited,omitempty"`
+	AllowsPublicRepositories     *bool    `json:"allows_public_repositories,omitempty"`
+	RestrictedToWorkflows        *bool    `json:"restricted_to_workflows,omitempty"`
+	SelectedWorkflows            []string `json:"selected_workflows,omitempty"`
+	WorkflowRestrictionsReadOnly *bool    `json:"workflow_restrictions_read_only,omitempty"`
+}
+
+// EnterpriseRunnerGroups represents a collection of self-hosted runner groups configured for an enterprise.
+type EnterpriseRunnerGroups struct {
+	TotalCount   *int                     `json:"total_count,omitempty"`
+	RunnerGroups []*EnterpriseRunnerGroup `json:"runner_groups"`
+}
+
+// CreateEnterpriseRunnerGroupRequest represents a request to create a Runner group for an enterprise.
+type CreateEnterpriseRunnerGroupRequest struct {
+	Name       *string `json:"name,omitempty"`
+	Visibility *string `json:"visibility,omitempty"`
+	// List of organization IDs that can access the runner group.
+	SelectedOrganizationIDs []int64 `json:"selected_organization_ids,omitempty"`
+	// Runners represent a list of runner IDs to add to the runner group.
+	Runners []int64 `json:"runners,omitempty"`
+	// If set to True, public repos can use this runner group
+	AllowsPublicRepositories *bool `json:"allows_public_repositories,omitempty"`
+	// If true, the runner group will be restricted to running only the workflows specified in the SelectedWorkflows slice.
+	RestrictedToWorkflows *bool `json:"restricted_to_workflows,omitempty"`
+	// List of workflows the runner group should be allowed to run. This setting will be ignored unless RestrictedToWorkflows is set to true.
+	SelectedWorkflows []string `json:"selected_workflows,omitempty"`
+}
+
+// UpdateEnterpriseRunnerGroupRequest represents a request to update a Runner group for an enterprise.
+type UpdateEnterpriseRunnerGroupRequest struct {
+	Name                     *string  `json:"name,omitempty"`
+	Visibility               *string  `json:"visibility,omitempty"`
+	AllowsPublicRepositories *bool    `json:"allows_public_repositories,omitempty"`
+	RestrictedToWorkflows    *bool    `json:"restricted_to_workflows,omitempty"`
+	SelectedWorkflows        []string `json:"selected_workflows,omitempty"`
+}
+
+// SetOrgAccessRunnerGroupRequest represents a request to replace the list of organizations
+// that can access a self-hosted runner group configured in an enterprise.
+type SetOrgAccessRunnerGroupRequest struct {
+	// Updated list of organization IDs that should be given access to the runner group.
+	SelectedOrganizationIDs []int64 `json:"selected_organization_ids"`
+}
+
+// ListEnterpriseRunnerGroupOptions extend ListOptions to have the optional parameters VisibleToOrganization.
+type ListEnterpriseRunnerGroupOptions struct {
+	ListOptions
+
+	// Only return runner groups that are allowed to be used by this organization.
+	VisibleToOrganization string `url:"visible_to_organization,omitempty"`
+}
+
+// ListRunnerGroups lists all self-hosted runner groups configured in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#list-self-hosted-runner-groups-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/runner-groups
+func (s *EnterpriseService) ListRunnerGroups(ctx context.Context, enterprise string, opts *ListEnterpriseRunnerGroupOptions) (*EnterpriseRunnerGroups, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups", enterprise)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	groups := &EnterpriseRunnerGroups{}
+	resp, err := s.client.Do(ctx, req, &groups)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return groups, resp, nil
+}
+
+// GetEnterpriseRunnerGroup gets a specific self-hosted runner group for an enterprise using its RunnerGroup ID.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#get-a-self-hosted-runner-group-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}
+func (s *EnterpriseService) GetEnterpriseRunnerGroup(ctx context.Context, enterprise string, groupID int64) (*EnterpriseRunnerGroup, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v", enterprise, groupID)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runnerGroup := new(EnterpriseRunnerGroup)
+	resp, err := s.client.Do(ctx, req, runnerGroup)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runnerGroup, resp, nil
+}
+
+// DeleteEnterpriseRunnerGroup deletes a self-hosted runner group from an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#delete-a-self-hosted-runner-group-from-an-enterprise
+//
+//meta:operation DELETE /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}
+func (s *EnterpriseService) DeleteEnterpriseRunnerGroup(ctx context.Context, enterprise string, groupID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v", enterprise, groupID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// CreateEnterpriseRunnerGroup creates a new self-hosted runner group for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#create-a-self-hosted-runner-group-for-an-enterprise
+//
+//meta:operation POST /enterprises/{enterprise}/actions/runner-groups
+func (s *EnterpriseService) CreateEnterpriseRunnerGroup(ctx context.Context, enterprise string, createReq CreateEnterpriseRunnerGroupRequest) (*EnterpriseRunnerGroup, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups", enterprise)
+	req, err := s.client.NewRequest("POST", u, createReq)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runnerGroup := new(EnterpriseRunnerGroup)
+	resp, err := s.client.Do(ctx, req, runnerGroup)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runnerGroup, resp, nil
+}
+
+// UpdateEnterpriseRunnerGroup updates a self-hosted runner group for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#update-a-self-hosted-runner-group-for-an-enterprise
+//
+//meta:operation PATCH /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}
+func (s *EnterpriseService) UpdateEnterpriseRunnerGroup(ctx context.Context, enterprise string, groupID int64, updateReq UpdateEnterpriseRunnerGroupRequest) (*EnterpriseRunnerGroup, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v", enterprise, groupID)
+	req, err := s.client.NewRequest("PATCH", u, updateReq)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runnerGroup := new(EnterpriseRunnerGroup)
+	resp, err := s.client.Do(ctx, req, runnerGroup)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runnerGroup, resp, nil
+}
+
+// ListOrganizationAccessRunnerGroup lists the organizations with access to a self-hosted runner group configured in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#list-organization-access-to-a-self-hosted-runner-group-in-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations
+func (s *EnterpriseService) ListOrganizationAccessRunnerGroup(ctx context.Context, enterprise string, groupID int64, opts *ListOptions) (*ListOrganizations, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/organizations", enterprise, groupID)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	orgs := &ListOrganizations{}
+	resp, err := s.client.Do(ctx, req, &orgs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return orgs, resp, nil
+}
+
+// SetOrganizationAccessRunnerGroup replaces the list of organizations that have access to a self-hosted runner group configured in an enterprise
+// with a new List of organizations.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#set-organization-access-for-a-self-hosted-runner-group-in-an-enterprise
+//
+//meta:operation PUT /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations
+func (s *EnterpriseService) SetOrganizationAccessRunnerGroup(ctx context.Context, enterprise string, groupID int64, ids SetOrgAccessRunnerGroupRequest) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/organizations", enterprise, groupID)
+
+	req, err := s.client.NewRequest("PUT", u, ids)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// AddOrganizationAccessRunnerGroup adds an organization to the list of selected organizations that can access a self-hosted runner group.
+// The runner group must have visibility set to 'selected'.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#add-organization-access-to-a-self-hosted-runner-group-in-an-enterprise
+//
+//meta:operation PUT /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations/{org_id}
+func (s *EnterpriseService) AddOrganizationAccessRunnerGroup(ctx context.Context, enterprise string, groupID, orgID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/organizations/%v", enterprise, groupID, orgID)
+
+	req, err := s.client.NewRequest("PUT", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// RemoveOrganizationAccessRunnerGroup removes an organization from the list of selected organizations that can access a self-hosted runner group.
+// The runner group must have visibility set to 'selected'.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#remove-organization-access-to-a-self-hosted-runner-group-in-an-enterprise
+//
+//meta:operation DELETE /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/organizations/{org_id}
+func (s *EnterpriseService) RemoveOrganizationAccessRunnerGroup(ctx context.Context, enterprise string, groupID, orgID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/organizations/%v", enterprise, groupID, orgID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// ListRunnerGroupRunners lists self-hosted runners that are in a specific enterprise group.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#list-self-hosted-runners-in-a-group-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners
+func (s *EnterpriseService) ListRunnerGroupRunners(ctx context.Context, enterprise string, groupID int64, opts *ListOptions) (*Runners, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/runners", enterprise, groupID)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runners := &Runners{}
+	resp, err := s.client.Do(ctx, req, &runners)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runners, resp, nil
+}
+
+// SetRunnerGroupRunners replaces the list of self-hosted runners that are part of an enterprise runner group
+// with a new list of runners.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#set-self-hosted-runners-in-a-group-for-an-enterprise
+//
+//meta:operation PUT /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners
+func (s *EnterpriseService) SetRunnerGroupRunners(ctx context.Context, enterprise string, groupID int64, ids SetRunnerGroupRunnersRequest) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/runners", enterprise, groupID)
+
+	req, err := s.client.NewRequest("PUT", u, ids)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// AddRunnerGroupRunners adds a self-hosted runner to a runner group configured in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#add-a-self-hosted-runner-to-a-group-for-an-enterprise
+//
+//meta:operation PUT /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners/{runner_id}
+func (s *EnterpriseService) AddRunnerGroupRunners(ctx context.Context, enterprise string, groupID, runnerID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/runners/%v", enterprise, groupID, runnerID)
+
+	req, err := s.client.NewRequest("PUT", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// RemoveRunnerGroupRunners removes a self-hosted runner from a group configured in an enterprise.
+// The runner is then returned to the default group.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runner-groups#remove-a-self-hosted-runner-from-a-group-for-an-enterprise
+//
+//meta:operation DELETE /enterprises/{enterprise}/actions/runner-groups/{runner_group_id}/runners/{runner_id}
+func (s *EnterpriseService) RemoveRunnerGroupRunners(ctx context.Context, enterprise string, groupID, runnerID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runner-groups/%v/runners/%v", enterprise, groupID, runnerID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/vendor/github.com/google/go-github/v72/github/enterprise_actions_runners.go b/vendor/github.com/google/go-github/v72/github/enterprise_actions_runners.go
new file mode 100644
index 0000000000..fa345aea8a
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_actions_runners.go
@@ -0,0 +1,139 @@
+// Copyright 2020 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ListRunnerApplicationDownloads lists self-hosted runner application binaries that can be downloaded and run.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runners#list-runner-applications-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/runners/downloads
+func (s *EnterpriseService) ListRunnerApplicationDownloads(ctx context.Context, enterprise string) ([]*RunnerApplicationDownload, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runners/downloads", enterprise)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var rads []*RunnerApplicationDownload
+	resp, err := s.client.Do(ctx, req, &rads)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rads, resp, nil
+}
+
+// GenerateEnterpriseJITConfig generates a just-in-time configuration for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runners#create-configuration-for-a-just-in-time-runner-for-an-enterprise
+//
+//meta:operation POST /enterprises/{enterprise}/actions/runners/generate-jitconfig
+func (s *EnterpriseService) GenerateEnterpriseJITConfig(ctx context.Context, enterprise string, request *GenerateJITConfigRequest) (*JITRunnerConfig, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runners/generate-jitconfig", enterprise)
+
+	req, err := s.client.NewRequest("POST", u, request)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	jitConfig := new(JITRunnerConfig)
+	resp, err := s.client.Do(ctx, req, jitConfig)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return jitConfig, resp, nil
+}
+
+// CreateRegistrationToken creates a token that can be used to add a self-hosted runner.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runners#create-a-registration-token-for-an-enterprise
+//
+//meta:operation POST /enterprises/{enterprise}/actions/runners/registration-token
+func (s *EnterpriseService) CreateRegistrationToken(ctx context.Context, enterprise string) (*RegistrationToken, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runners/registration-token", enterprise)
+
+	req, err := s.client.NewRequest("POST", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	registrationToken := new(RegistrationToken)
+	resp, err := s.client.Do(ctx, req, registrationToken)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return registrationToken, resp, nil
+}
+
+// ListRunners lists all the self-hosted runners for a enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runners#list-self-hosted-runners-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/runners
+func (s *EnterpriseService) ListRunners(ctx context.Context, enterprise string, opts *ListRunnersOptions) (*Runners, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runners", enterprise)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runners := &Runners{}
+	resp, err := s.client.Do(ctx, req, &runners)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runners, resp, nil
+}
+
+// GetRunner gets a specific self-hosted runner configured in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runners#get-a-self-hosted-runner-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/actions/runners/{runner_id}
+func (s *EnterpriseService) GetRunner(ctx context.Context, enterprise string, runnerID int64) (*Runner, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runners/%v", enterprise, runnerID)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	runner := new(Runner)
+	resp, err := s.client.Do(ctx, req, runner)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return runner, resp, nil
+}
+
+// RemoveRunner forces the removal of a self-hosted runner from an enterprise using the runner id.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/self-hosted-runners#delete-a-self-hosted-runner-from-an-enterprise
+//
+//meta:operation DELETE /enterprises/{enterprise}/actions/runners/{runner_id}
+func (s *EnterpriseService) RemoveRunner(ctx context.Context, enterprise string, runnerID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/actions/runners/%v", enterprise, runnerID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/enterprise_audit_log.go b/vendor/github.com/google/go-github/v72/github/enterprise_audit_log.go
similarity index 80%
rename from vendor/github.com/google/go-github/v55/github/enterprise_audit_log.go
rename to vendor/github.com/google/go-github/v72/github/enterprise_audit_log.go
index 4064867338..058a7d1778 100644
--- a/vendor/github.com/google/go-github/v55/github/enterprise_audit_log.go
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_audit_log.go
@@ -12,7 +12,9 @@ import (
 
 // GetAuditLog gets the audit-log entries for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/enterprise-admin/audit-log#get-the-audit-log-for-an-enterprise
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/audit-log#get-the-audit-log-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/audit-log
 func (s *EnterpriseService) GetAuditLog(ctx context.Context, enterprise string, opts *GetAuditLogOptions) ([]*AuditEntry, *Response, error) {
 	u := fmt.Sprintf("enterprises/%v/audit-log", enterprise)
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v55/github/enterprise_code_security_and_analysis.go b/vendor/github.com/google/go-github/v72/github/enterprise_code_security_and_analysis.go
similarity index 75%
rename from vendor/github.com/google/go-github/v55/github/enterprise_code_security_and_analysis.go
rename to vendor/github.com/google/go-github/v72/github/enterprise_code_security_and_analysis.go
index 3980a86aa4..159aeae4dc 100644
--- a/vendor/github.com/google/go-github/v55/github/enterprise_code_security_and_analysis.go
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_code_security_and_analysis.go
@@ -16,11 +16,14 @@ type EnterpriseSecurityAnalysisSettings struct {
 	SecretScanningEnabledForNewRepositories               *bool   `json:"secret_scanning_enabled_for_new_repositories,omitempty"`
 	SecretScanningPushProtectionEnabledForNewRepositories *bool   `json:"secret_scanning_push_protection_enabled_for_new_repositories,omitempty"`
 	SecretScanningPushProtectionCustomLink                *string `json:"secret_scanning_push_protection_custom_link,omitempty"`
+	SecretScanningValidityChecksEnabled                   *bool   `json:"secret_scanning_validity_checks_enabled,omitempty"`
 }
 
 // GetCodeSecurityAndAnalysis gets code security and analysis features for an enterprise.
 //
-// GitHub API docs: https://docs.github.com/en/rest/enterprise-admin/code-security-and-analysis?apiVersion=2022-11-28#get-code-security-and-analysis-features-for-an-enterprise
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/code-security-and-analysis#get-code-security-and-analysis-features-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/code_security_and_analysis
 func (s *EnterpriseService) GetCodeSecurityAndAnalysis(ctx context.Context, enterprise string) (*EnterpriseSecurityAnalysisSettings, *Response, error) {
 	u := fmt.Sprintf("enterprises/%v/code_security_and_analysis", enterprise)
 
@@ -40,7 +43,9 @@ func (s *EnterpriseService) GetCodeSecurityAndAnalysis(ctx context.Context, ente
 
 // UpdateCodeSecurityAndAnalysis updates code security and analysis features for new repositories in an enterprise.
 //
-// GitHub API docs: https://docs.github.com/en/rest/enterprise-admin/code-security-and-analysis?apiVersion=2022-11-28#update-code-security-and-analysis-features-for-an-enterprise
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/code-security-and-analysis#update-code-security-and-analysis-features-for-an-enterprise
+//
+//meta:operation PATCH /enterprises/{enterprise}/code_security_and_analysis
 func (s *EnterpriseService) UpdateCodeSecurityAndAnalysis(ctx context.Context, enterprise string, settings *EnterpriseSecurityAnalysisSettings) (*Response, error) {
 	u := fmt.Sprintf("enterprises/%v/code_security_and_analysis", enterprise)
 	req, err := s.client.NewRequest("PATCH", u, settings)
@@ -61,7 +66,9 @@ func (s *EnterpriseService) UpdateCodeSecurityAndAnalysis(ctx context.Context, e
 // Valid values for securityProduct: "advanced_security", "secret_scanning", "secret_scanning_push_protection".
 // Valid values for enablement:  "enable_all", "disable_all".
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/enterprise-admin/code-security-and-analysis?apiVersion=2022-11-28#enable-or-disable-a-security-feature
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/code-security-and-analysis#enable-or-disable-a-security-feature
+//
+//meta:operation POST /enterprises/{enterprise}/{security_product}/{enablement}
 func (s *EnterpriseService) EnableDisableSecurityFeature(ctx context.Context, enterprise, securityProduct, enablement string) (*Response, error) {
 	u := fmt.Sprintf("enterprises/%v/%v/%v", enterprise, securityProduct, enablement)
 	req, err := s.client.NewRequest("POST", u, nil)
diff --git a/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes.go b/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes.go
new file mode 100644
index 0000000000..a796791c42
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes.go
@@ -0,0 +1,163 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+)
+
+// NodeQueryOptions specifies the optional parameters to the EnterpriseService
+// Node management APIs.
+type NodeQueryOptions struct {
+	// UUID filters issues based on the node UUID.
+	UUID *string `url:"uuid,omitempty"`
+
+	// ClusterRoles filters the cluster roles from the cluster configuration file.
+	ClusterRoles *string `url:"cluster_roles,omitempty"`
+}
+
+// ClusterStatus represents a response from the ClusterStatus and ReplicationStatus methods.
+type ClusterStatus struct {
+	Status *string              `json:"status,omitempty"`
+	Nodes  []*ClusterStatusNode `json:"nodes"`
+}
+
+// ClusterStatusNode represents the status of a cluster node.
+type ClusterStatusNode struct {
+	Hostname *string                         `json:"hostname,omitempty"`
+	Status   *string                         `json:"status,omitempty"`
+	Services []*ClusterStatusNodeServiceItem `json:"services"`
+}
+
+// ClusterStatusNodeServiceItem represents the status of a service running on a cluster node.
+type ClusterStatusNodeServiceItem struct {
+	Status  *string `json:"status,omitempty"`
+	Name    *string `json:"name,omitempty"`
+	Details *string `json:"details,omitempty"`
+}
+
+// SystemRequirements represents a response from the CheckSystemRequirements method.
+type SystemRequirements struct {
+	Status *string                   `json:"status,omitempty"`
+	Nodes  []*SystemRequirementsNode `json:"nodes"`
+}
+
+// SystemRequirementsNode represents the status of a system node.
+type SystemRequirementsNode struct {
+	Hostname    *string                             `json:"hostname,omitempty"`
+	Status      *string                             `json:"status,omitempty"`
+	RolesStatus []*SystemRequirementsNodeRoleStatus `json:"roles_status"`
+}
+
+// SystemRequirementsNodeRoleStatus represents the status of a role on a system node.
+type SystemRequirementsNodeRoleStatus struct {
+	Status *string `json:"status,omitempty"`
+	Role   *string `json:"role,omitempty"`
+}
+
+// NodeReleaseVersion represents a response from the GetNodeReleaseVersions method.
+type NodeReleaseVersion struct {
+	Hostname *string         `json:"hostname,omitempty"`
+	Version  *ReleaseVersion `json:"version"`
+}
+
+// ReleaseVersion holds the release version information of the node.
+type ReleaseVersion struct {
+	Version   *string `json:"version,omitempty"`
+	Platform  *string `json:"platform,omitempty"`
+	BuildID   *string `json:"build_id,omitempty"`
+	BuildDate *string `json:"build_date,omitempty"`
+}
+
+// CheckSystemRequirements checks if GHES system nodes meet the system requirements.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#get-the-system-requirement-check-results-for-configured-cluster-nodes
+//
+//meta:operation GET /manage/v1/checks/system-requirements
+func (s *EnterpriseService) CheckSystemRequirements(ctx context.Context) (*SystemRequirements, *Response, error) {
+	u := "manage/v1/checks/system-requirements"
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	systemRequirements := new(SystemRequirements)
+	resp, err := s.client.Do(ctx, req, systemRequirements)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return systemRequirements, resp, nil
+}
+
+// ClusterStatus gets the status of all services running on each cluster node.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#get-the-status-of-services-running-on-all-cluster-nodes
+//
+//meta:operation GET /manage/v1/cluster/status
+func (s *EnterpriseService) ClusterStatus(ctx context.Context) (*ClusterStatus, *Response, error) {
+	u := "manage/v1/cluster/status"
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	clusterStatus := new(ClusterStatus)
+	resp, err := s.client.Do(ctx, req, clusterStatus)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return clusterStatus, resp, nil
+}
+
+// ReplicationStatus gets the status of all services running on each replica node.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#get-the-status-of-services-running-on-all-replica-nodes
+//
+//meta:operation GET /manage/v1/replication/status
+func (s *EnterpriseService) ReplicationStatus(ctx context.Context, opts *NodeQueryOptions) (*ClusterStatus, *Response, error) {
+	u, err := addOptions("manage/v1/replication/status", opts)
+	if err != nil {
+		return nil, nil, err
+	}
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	status := new(ClusterStatus)
+	resp, err := s.client.Do(ctx, req, status)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return status, resp, nil
+}
+
+// GetNodeReleaseVersions gets the version information deployed to each node.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#get-all-ghes-release-versions-for-all-nodes
+//
+//meta:operation GET /manage/v1/version
+func (s *EnterpriseService) GetNodeReleaseVersions(ctx context.Context, opts *NodeQueryOptions) ([]*NodeReleaseVersion, *Response, error) {
+	u, err := addOptions("manage/v1/version", opts)
+	if err != nil {
+		return nil, nil, err
+	}
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var releaseVersions []*NodeReleaseVersion
+	resp, err := s.client.Do(ctx, req, &releaseVersions)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return releaseVersions, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes_config.go b/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes_config.go
new file mode 100644
index 0000000000..d675aeca07
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes_config.go
@@ -0,0 +1,516 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"errors"
+)
+
+// ConfigApplyOptions is a struct to hold the options for the ConfigApply API and the response.
+type ConfigApplyOptions struct {
+	// RunID is the ID of the run to get the status of. If empty a random one will be generated.
+	RunID *string `json:"run_id,omitempty"`
+}
+
+// ConfigApplyStatus is a struct to hold the response from the ConfigApply API.
+type ConfigApplyStatus struct {
+	Running    *bool                    `json:"running,omitempty"`
+	Successful *bool                    `json:"successful,omitempty"`
+	Nodes      []*ConfigApplyStatusNode `json:"nodes"`
+}
+
+// ConfigApplyStatusNode is a struct to hold the response from the ConfigApply API.
+type ConfigApplyStatusNode struct {
+	Hostname   *string `json:"hostname,omitempty"`
+	Running    *bool   `json:"running,omitempty"`
+	Successful *bool   `json:"successful,omitempty"`
+	RunID      *string `json:"run_id,omitempty"`
+}
+
+// ConfigApplyEventsOptions is used to enable pagination.
+type ConfigApplyEventsOptions struct {
+	LastRequestID *string `url:"last_request_id,omitempty"`
+}
+
+// ConfigApplyEvents is a struct to hold the response from the ConfigApplyEvents API.
+type ConfigApplyEvents struct {
+	Nodes []*ConfigApplyEventsNode `json:"nodes"`
+}
+
+// ConfigApplyEventsNode is a struct to hold the response from the ConfigApplyEvents API.
+type ConfigApplyEventsNode struct {
+	Node          *string                       `json:"node,omitempty"`
+	LastRequestID *string                       `json:"last_request_id,omitempty"`
+	Events        []*ConfigApplyEventsNodeEvent `json:"events"`
+}
+
+// ConfigApplyEventsNodeEvent is a struct to hold the response from the ConfigApplyEvents API.
+type ConfigApplyEventsNodeEvent struct {
+	Timestamp    *Timestamp `json:"timestamp,omitempty"`
+	SeverityText *string    `json:"severity_text,omitempty"`
+	Body         *string    `json:"body,omitempty"`
+	EventName    *string    `json:"event_name,omitempty"`
+	Topology     *string    `json:"topology,omitempty"`
+	Hostname     *string    `json:"hostname,omitempty"`
+	ConfigRunID  *string    `json:"config_run_id,omitempty"`
+	TraceID      *string    `json:"trace_id,omitempty"`
+	SpanID       *string    `json:"span_id,omitempty"`
+	SpanParentID *int64     `json:"span_parent_id,omitempty"`
+	SpanDepth    *int       `json:"span_depth,omitempty"`
+}
+
+// InitialConfigOptions is a struct to hold the options for the InitialConfig API.
+type InitialConfigOptions struct {
+	License  string `url:"license"`
+	Password string `url:"password"`
+}
+
+// LicenseStatus is a struct to hold the response from the License API.
+type LicenseStatus struct {
+	AdvancedSecurityEnabled      *bool      `json:"advancedSecurityEnabled,omitempty"`
+	AdvancedSecuritySeats        *int       `json:"advancedSecuritySeats,omitempty"`
+	ClusterSupport               *bool      `json:"clusterSupport,omitempty"`
+	Company                      *string    `json:"company,omitempty"`
+	CroquetSupport               *bool      `json:"croquetSupport,omitempty"`
+	CustomTerms                  *bool      `json:"customTerms,omitempty"`
+	Evaluation                   *bool      `json:"evaluation,omitempty"`
+	ExpireAt                     *Timestamp `json:"expireAt,omitempty"`
+	InsightsEnabled              *bool      `json:"insightsEnabled,omitempty"`
+	InsightsExpireAt             *Timestamp `json:"insightsExpireAt,omitempty"`
+	LearningLabEvaluationExpires *Timestamp `json:"learningLabEvaluationExpires,omitempty"`
+	LearningLabSeats             *int       `json:"learningLabSeats,omitempty"`
+	Perpetual                    *bool      `json:"perpetual,omitempty"`
+	ReferenceNumber              *string    `json:"referenceNumber,omitempty"`
+	Seats                        *int       `json:"seats,omitempty"`
+	SSHAllowed                   *bool      `json:"sshAllowed,omitempty"`
+	SupportKey                   *string    `json:"supportKey,omitempty"`
+	UnlimitedSeating             *bool      `json:"unlimitedSeating,omitempty"`
+}
+
+// UploadLicenseOptions is a struct to hold the options for the UploadLicense API.
+type UploadLicenseOptions struct {
+	License string `url:"license"`
+}
+
+// LicenseCheck is a struct to hold the response from the LicenseStatus API.
+type LicenseCheck struct {
+	Status *string `json:"status,omitempty"`
+}
+
+// ConfigSettings is a struct to hold the response from the Settings API.
+// There are many fields that link to other structs.
+type ConfigSettings struct {
+	PrivateMode           *bool                          `json:"private_mode,omitempty"`
+	PublicPages           *bool                          `json:"public_pages,omitempty"`
+	SubdomainIsolation    *bool                          `json:"subdomain_isolation,omitempty"`
+	SignupEnabled         *bool                          `json:"signup_enabled,omitempty"`
+	GithubHostname        *string                        `json:"github_hostname,omitempty"`
+	IdenticonsHost        *string                        `json:"identicons_host,omitempty"`
+	HTTPProxy             *string                        `json:"http_proxy,omitempty"`
+	AuthMode              *string                        `json:"auth_mode,omitempty"`
+	ExpireSessions        *bool                          `json:"expire_sessions,omitempty"`
+	AdminPassword         *string                        `json:"admin_password,omitempty"`
+	ConfigurationID       *int64                         `json:"configuration_id,omitempty"`
+	ConfigurationRunCount *int                           `json:"configuration_run_count,omitempty"`
+	Avatar                *ConfigSettingsAvatar          `json:"avatar,omitempty"`
+	Customer              *ConfigSettingsCustomer        `json:"customer,omitempty"`
+	License               *ConfigSettingsLicenseSettings `json:"license,omitempty"`
+	GithubSSL             *ConfigSettingsGithubSSL       `json:"github_ssl,omitempty"`
+	LDAP                  *ConfigSettingsLDAP            `json:"ldap,omitempty"`
+	CAS                   *ConfigSettingsCAS             `json:"cas,omitempty"`
+	SAML                  *ConfigSettingsSAML            `json:"saml,omitempty"`
+	GithubOAuth           *ConfigSettingsGithubOAuth     `json:"github_oauth,omitempty"`
+	SMTP                  *ConfigSettingsSMTP            `json:"smtp,omitempty"`
+	NTP                   *ConfigSettingsNTP             `json:"ntp,omitempty"`
+	Timezone              *string                        `json:"timezone,omitempty"`
+	SNMP                  *ConfigSettingsSNMP            `json:"snmp,omitempty"`
+	Syslog                *ConfigSettingsSyslog          `json:"syslog,omitempty"`
+	Assets                *string                        `json:"assets,omitempty"`
+	Pages                 *ConfigSettingsPagesSettings   `json:"pages,omitempty"`
+	Collectd              *ConfigSettingsCollectd        `json:"collectd,omitempty"`
+	Mapping               *ConfigSettingsMapping         `json:"mapping,omitempty"`
+	LoadBalancer          *string                        `json:"load_balancer,omitempty"`
+}
+
+// ConfigSettingsAvatar is a struct to hold the response from the Settings API.
+type ConfigSettingsAvatar struct {
+	Enabled *bool   `json:"enabled,omitempty"`
+	URI     *string `json:"uri,omitempty"`
+}
+
+// ConfigSettingsCustomer is a struct to hold the response from the Settings API.
+type ConfigSettingsCustomer struct {
+	Name          *string `json:"name,omitempty"`
+	Email         *string `json:"email,omitempty"`
+	UUID          *string `json:"uuid,omitempty"`
+	Secret        *string `json:"secret,omitempty"`
+	PublicKeyData *string `json:"public_key_data,omitempty"`
+}
+
+// ConfigSettingsLicenseSettings is a struct to hold the response from the Settings API.
+type ConfigSettingsLicenseSettings struct {
+	Seats            *int       `json:"seats,omitempty"`
+	Evaluation       *bool      `json:"evaluation,omitempty"`
+	Perpetual        *bool      `json:"perpetual,omitempty"`
+	UnlimitedSeating *bool      `json:"unlimited_seating,omitempty"`
+	SupportKey       *string    `json:"support_key,omitempty"`
+	SSHAllowed       *bool      `json:"ssh_allowed,omitempty"`
+	ClusterSupport   *bool      `json:"cluster_support,omitempty"`
+	ExpireAt         *Timestamp `json:"expire_at,omitempty"`
+}
+
+// ConfigSettingsGithubSSL is a struct to hold the response from the Settings API.
+type ConfigSettingsGithubSSL struct {
+	Enabled *bool   `json:"enabled,omitempty"`
+	Cert    *string `json:"cert,omitempty"`
+	Key     *string `json:"key,omitempty"`
+}
+
+// ConfigSettingsLDAP is a struct to hold the response from the Settings API.
+type ConfigSettingsLDAP struct {
+	Host                    *string                           `json:"host,omitempty"`
+	Port                    *int                              `json:"port,omitempty"`
+	Base                    []string                          `json:"base,omitempty"`
+	UID                     *string                           `json:"uid,omitempty"`
+	BindDN                  *string                           `json:"bind_dn,omitempty"`
+	Password                *string                           `json:"password,omitempty"`
+	Method                  *string                           `json:"method,omitempty"`
+	SearchStrategy          *string                           `json:"search_strategy,omitempty"`
+	UserGroups              []string                          `json:"user_groups,omitempty"`
+	AdminGroup              *string                           `json:"admin_group,omitempty"`
+	VirtualAttributeEnabled *bool                             `json:"virtual_attribute_enabled,omitempty"`
+	RecursiveGroupSearch    *bool                             `json:"recursive_group_search,omitempty"`
+	PosixSupport            *bool                             `json:"posix_support,omitempty"`
+	UserSyncEmails          *bool                             `json:"user_sync_emails,omitempty"`
+	UserSyncKeys            *bool                             `json:"user_sync_keys,omitempty"`
+	UserSyncInterval        *int                              `json:"user_sync_interval,omitempty"`
+	TeamSyncInterval        *int                              `json:"team_sync_interval,omitempty"`
+	SyncEnabled             *bool                             `json:"sync_enabled,omitempty"`
+	Reconciliation          *ConfigSettingsLDAPReconciliation `json:"reconciliation,omitempty"`
+	Profile                 *ConfigSettingsLDAPProfile        `json:"profile,omitempty"`
+}
+
+// ConfigSettingsLDAPReconciliation is part of the ConfigSettingsLDAP struct.
+type ConfigSettingsLDAPReconciliation struct {
+	User *string `json:"user,omitempty"`
+	Org  *string `json:"org,omitempty"`
+}
+
+// ConfigSettingsLDAPProfile is part of the ConfigSettingsLDAP struct.
+type ConfigSettingsLDAPProfile struct {
+	UID  *string `json:"uid,omitempty"`
+	Name *string `json:"name,omitempty"`
+	Mail *string `json:"mail,omitempty"`
+	Key  *string `json:"key,omitempty"`
+}
+
+// ConfigSettingsCAS is a struct to hold the response from the Settings API.
+type ConfigSettingsCAS struct {
+	URL *string `json:"url,omitempty"`
+}
+
+// ConfigSettingsSAML is a struct to hold the response from the Settings API.
+type ConfigSettingsSAML struct {
+	SSOURL             *string `json:"sso_url,omitempty"`
+	Certificate        *string `json:"certificate,omitempty"`
+	CertificatePath    *string `json:"certificate_path,omitempty"`
+	Issuer             *string `json:"issuer,omitempty"`
+	IDPInitiatedSSO    *bool   `json:"idp_initiated_sso,omitempty"`
+	DisableAdminDemote *bool   `json:"disable_admin_demote,omitempty"`
+}
+
+// ConfigSettingsGithubOAuth is a struct to hold the response from the Settings API.
+type ConfigSettingsGithubOAuth struct {
+	ClientID         *string `json:"client_id,omitempty"`
+	ClientSecret     *string `json:"client_secret,omitempty"`
+	OrganizationName *string `json:"organization_name,omitempty"`
+	OrganizationTeam *string `json:"organization_team,omitempty"`
+}
+
+// ConfigSettingsSMTP is a struct to hold the response from the Settings API.
+type ConfigSettingsSMTP struct {
+	Enabled                 *bool   `json:"enabled,omitempty"`
+	Address                 *string `json:"address,omitempty"`
+	Authentication          *string `json:"authentication,omitempty"`
+	Port                    *string `json:"port,omitempty"`
+	Domain                  *string `json:"domain,omitempty"`
+	Username                *string `json:"username,omitempty"`
+	UserName                *string `json:"user_name,omitempty"`
+	EnableStarttlsAuto      *bool   `json:"enable_starttls_auto,omitempty"`
+	Password                *string `json:"password,omitempty"`
+	DiscardToNoreplyAddress *bool   `json:"discard-to-noreply-address,omitempty"`
+	SupportAddress          *string `json:"support_address,omitempty"`
+	SupportAddressType      *string `json:"support_address_type,omitempty"`
+	NoreplyAddress          *string `json:"noreply_address,omitempty"`
+}
+
+// ConfigSettingsNTP is a struct to hold the response from the Settings API.
+type ConfigSettingsNTP struct {
+	PrimaryServer   *string `json:"primary_server,omitempty"`
+	SecondaryServer *string `json:"secondary_server,omitempty"`
+}
+
+// ConfigSettingsSNMP is a struct to hold the response from the Settings API.
+type ConfigSettingsSNMP struct {
+	Enabled   *bool   `json:"enabled,omitempty"`
+	Community *string `json:"community,omitempty"`
+}
+
+// ConfigSettingsSyslog is a struct to hold the response from the Settings API.
+type ConfigSettingsSyslog struct {
+	Enabled      *bool   `json:"enabled,omitempty"`
+	Server       *string `json:"server,omitempty"`
+	ProtocolName *string `json:"protocol_name,omitempty"`
+}
+
+// ConfigSettingsPagesSettings is a struct to hold the response from the Settings API.
+type ConfigSettingsPagesSettings struct {
+	Enabled *bool `json:"enabled,omitempty"`
+}
+
+// ConfigSettingsCollectd is a struct to hold the response from the Settings API.
+type ConfigSettingsCollectd struct {
+	Enabled    *bool   `json:"enabled,omitempty"`
+	Server     *string `json:"server,omitempty"`
+	Port       *int    `json:"port,omitempty"`
+	Encryption *string `json:"encryption,omitempty"`
+	Username   *string `json:"username,omitempty"`
+	Password   *string `json:"password,omitempty"`
+}
+
+// ConfigSettingsMapping is a struct to hold the response from the Settings API.
+type ConfigSettingsMapping struct {
+	Enabled    *bool   `json:"enabled,omitempty"`
+	Tileserver *string `json:"tileserver,omitempty"`
+	Basemap    *string `json:"basemap,omitempty"`
+	Token      *string `json:"token,omitempty"`
+}
+
+// NodeMetadataStatus is a struct to hold the response from the NodeMetadata API.
+type NodeMetadataStatus struct {
+	Topology *string        `json:"topology,omitempty"`
+	Nodes    []*NodeDetails `json:"nodes"`
+}
+
+// NodeDetails is a struct to hold the response from the NodeMetadata API.
+type NodeDetails struct {
+	Hostname     *string  `json:"hostname,omitempty"`
+	UUID         *string  `json:"uuid,omitempty"`
+	ClusterRoles []string `json:"cluster_roles,omitempty"`
+}
+
+// ConfigApplyEvents gets events from the command ghe-config-apply.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#list-events-from-ghe-config-apply
+//
+//meta:operation GET /manage/v1/config/apply/events
+func (s *EnterpriseService) ConfigApplyEvents(ctx context.Context, opts *ConfigApplyEventsOptions) (*ConfigApplyEvents, *Response, error) {
+	u, err := addOptions("manage/v1/config/apply/events", opts)
+	if err != nil {
+		return nil, nil, err
+	}
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	configApplyEvents := new(ConfigApplyEvents)
+	resp, err := s.client.Do(ctx, req, configApplyEvents)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return configApplyEvents, resp, nil
+}
+
+// InitialConfig initializes the GitHub Enterprise instance with a license and password.
+// After initializing the instance, you need to run an apply to apply the configuration.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#initialize-instance-configuration-with-license-and-password
+//
+//meta:operation POST /manage/v1/config/init
+func (s *EnterpriseService) InitialConfig(ctx context.Context, license, password string) (*Response, error) {
+	u := "manage/v1/config/init"
+
+	opts := &InitialConfigOptions{
+		License:  license,
+		Password: password,
+	}
+
+	req, err := s.client.NewRequest("POST", u, opts)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// License gets the current license information for the GitHub Enterprise instance.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#get-the-enterprise-license-information
+//
+//meta:operation GET /manage/v1/config/license
+func (s *EnterpriseService) License(ctx context.Context) ([]*LicenseStatus, *Response, error) {
+	u := "manage/v1/config/license"
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var licenseStatus []*LicenseStatus
+	resp, err := s.client.Do(ctx, req, &licenseStatus)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return licenseStatus, resp, nil
+}
+
+// UploadLicense uploads a new license to the GitHub Enterprise instance.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#upload-an-enterprise-license
+//
+//meta:operation PUT /manage/v1/config/license
+func (s *EnterpriseService) UploadLicense(ctx context.Context, license string) (*Response, error) {
+	u := "manage/v1/config/license"
+	opts := &UploadLicenseOptions{
+		License: license,
+	}
+	req, err := s.client.NewRequest("PUT", u, opts)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// LicenseStatus gets the current license status for the GitHub Enterprise instance.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#check-a-license
+//
+//meta:operation GET /manage/v1/config/license/check
+func (s *EnterpriseService) LicenseStatus(ctx context.Context) ([]*LicenseCheck, *Response, error) {
+	u := "manage/v1/config/license/check"
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var checks []*LicenseCheck
+	resp, err := s.client.Do(ctx, req, &checks)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return checks, resp, nil
+}
+
+// NodeMetadata gets the metadata for all nodes in the GitHub Enterprise instance.
+// This is required for clustered setups.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#get-ghes-node-metadata-for-all-nodes
+//
+//meta:operation GET /manage/v1/config/nodes
+func (s *EnterpriseService) NodeMetadata(ctx context.Context, opts *NodeQueryOptions) (*NodeMetadataStatus, *Response, error) {
+	u, err := addOptions("manage/v1/config/nodes", opts)
+	if err != nil {
+		return nil, nil, err
+	}
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	status := new(NodeMetadataStatus)
+	resp, err := s.client.Do(ctx, req, status)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return status, resp, nil
+}
+
+// Settings gets the current configuration settings for the GitHub Enterprise instance.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#get-the-ghes-settings
+//
+//meta:operation GET /manage/v1/config/settings
+func (s *EnterpriseService) Settings(ctx context.Context) (*ConfigSettings, *Response, error) {
+	u := "manage/v1/config/settings"
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	configSettings := new(ConfigSettings)
+	resp, err := s.client.Do(ctx, req, configSettings)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return configSettings, resp, nil
+}
+
+// UpdateSettings updates the configuration settings for the GitHub Enterprise instance.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#set-settings
+//
+//meta:operation PUT /manage/v1/config/settings
+func (s *EnterpriseService) UpdateSettings(ctx context.Context, opts *ConfigSettings) (*Response, error) {
+	u := "manage/v1/config/settings"
+
+	if opts == nil {
+		return nil, errors.New("opts should not be nil")
+	}
+	req, err := s.client.NewRequest("PUT", u, opts)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// ConfigApply triggers a configuration apply run on the GitHub Enterprise instance.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#trigger-a-ghe-config-apply-run
+//
+//meta:operation POST /manage/v1/config/apply
+func (s *EnterpriseService) ConfigApply(ctx context.Context, opts *ConfigApplyOptions) (*ConfigApplyOptions, *Response, error) {
+	u := "manage/v1/config/apply"
+	req, err := s.client.NewRequest("POST", u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	configApplyOptions := new(ConfigApplyOptions)
+	resp, err := s.client.Do(ctx, req, configApplyOptions)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configApplyOptions, resp, nil
+}
+
+// ConfigApplyStatus gets the status of a ghe-config-apply run on the GitHub Enterprise instance.
+// You can request lat one or specific id one.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#get-the-status-of-a-ghe-config-apply-run
+//
+//meta:operation GET /manage/v1/config/apply
+func (s *EnterpriseService) ConfigApplyStatus(ctx context.Context, opts *ConfigApplyOptions) (*ConfigApplyStatus, *Response, error) {
+	u := "manage/v1/config/apply"
+	req, err := s.client.NewRequest("GET", u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	status := new(ConfigApplyStatus)
+	resp, err := s.client.Do(ctx, req, status)
+	if err != nil {
+		return nil, resp, err
+	}
+	return status, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes_maintenance.go b/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes_maintenance.go
new file mode 100644
index 0000000000..2d7e76b4a1
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes_maintenance.go
@@ -0,0 +1,94 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+)
+
+// MaintenanceOperationStatus represents the message to be displayed when the instance gets a maintenance operation request.
+type MaintenanceOperationStatus struct {
+	Hostname *string `json:"hostname,omitempty"`
+	UUID     *string `json:"uuid,omitempty"`
+	Message  *string `json:"message,omitempty"`
+}
+
+// MaintenanceStatus represents the status of maintenance mode for all nodes.
+type MaintenanceStatus struct {
+	Hostname               *string                  `json:"hostname,omitempty"`
+	UUID                   *string                  `json:"uuid,omitempty"`
+	Status                 *string                  `json:"status,omitempty"`
+	ScheduledTime          *Timestamp               `json:"scheduled_time,omitempty"`
+	ConnectionServices     []*ConnectionServiceItem `json:"connection_services,omitempty"`
+	CanUnsetMaintenance    *bool                    `json:"can_unset_maintenance,omitempty"`
+	IPExceptionList        []string                 `json:"ip_exception_list,omitempty"`
+	MaintenanceModeMessage *string                  `json:"maintenance_mode_message,omitempty"`
+}
+
+// ConnectionServiceItem represents the connection services for the maintenance status.
+type ConnectionServiceItem struct {
+	Name   *string `json:"name,omitempty"`
+	Number *int    `json:"number,omitempty"`
+}
+
+// MaintenanceOptions represents the options for setting the maintenance mode for the instance.
+// When can be a string, so we can't use a Timestamp type.
+type MaintenanceOptions struct {
+	Enabled                bool     `json:"enabled"`
+	UUID                   *string  `json:"uuid,omitempty"`
+	When                   *string  `json:"when,omitempty"`
+	IPExceptionList        []string `json:"ip_exception_list,omitempty"`
+	MaintenanceModeMessage *string  `json:"maintenance_mode_message,omitempty"`
+}
+
+// GetMaintenanceStatus gets the status of maintenance mode for all nodes.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#get-the-status-of-maintenance-mode
+//
+//meta:operation GET /manage/v1/maintenance
+func (s *EnterpriseService) GetMaintenanceStatus(ctx context.Context, opts *NodeQueryOptions) ([]*MaintenanceStatus, *Response, error) {
+	u, err := addOptions("manage/v1/maintenance", opts)
+	if err != nil {
+		return nil, nil, err
+	}
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var status []*MaintenanceStatus
+	resp, err := s.client.Do(ctx, req, &status)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return status, resp, nil
+}
+
+// CreateMaintenance sets the maintenance mode for the instance.
+// With the enable parameter we can control to put instance into maintenance mode or not. With false we can disable the maintenance mode.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#set-the-status-of-maintenance-mode
+//
+//meta:operation POST /manage/v1/maintenance
+func (s *EnterpriseService) CreateMaintenance(ctx context.Context, enable bool, opts *MaintenanceOptions) ([]*MaintenanceOperationStatus, *Response, error) {
+	u := "manage/v1/maintenance"
+
+	opts.Enabled = enable
+
+	req, err := s.client.NewRequest("POST", u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var i []*MaintenanceOperationStatus
+	resp, err := s.client.Do(ctx, req, &i)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return i, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes_ssh.go b/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes_ssh.go
new file mode 100644
index 0000000000..e1f20a5c06
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_manage_ghes_ssh.go
@@ -0,0 +1,99 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+)
+
+// SSHKeyStatus represents the status of a SSH key operation.
+type SSHKeyStatus struct {
+	Hostname *string `json:"hostname,omitempty"`
+	UUID     *string `json:"uuid,omitempty"`
+	Message  *string `json:"message,omitempty"`
+	Modified *bool   `json:"modified,omitempty"`
+}
+
+// SSHKeyOptions specifies the parameters to the SSH create and delete functions.
+type SSHKeyOptions struct {
+	// Key is the SSH key to add to the instance.
+	Key string `json:"key"`
+}
+
+// ClusterSSHKey represents the SSH keys configured for the instance.
+type ClusterSSHKey struct {
+	Key         *string `json:"key,omitempty"`
+	Fingerprint *string `json:"fingerprint,omitempty"`
+}
+
+// DeleteSSHKey deletes the SSH key from the instance.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#delete-a-ssh-key
+//
+//meta:operation DELETE /manage/v1/access/ssh
+func (s *EnterpriseService) DeleteSSHKey(ctx context.Context, key string) ([]*SSHKeyStatus, *Response, error) {
+	u := "manage/v1/access/ssh"
+	opts := &SSHKeyOptions{
+		Key: key,
+	}
+	req, err := s.client.NewRequest("DELETE", u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var sshStatus []*SSHKeyStatus
+	resp, err := s.client.Do(ctx, req, &sshStatus)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return sshStatus, resp, nil
+}
+
+// GetSSHKey gets the SSH keys configured for the instance.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#get-the-configured-ssh-keys
+//
+//meta:operation GET /manage/v1/access/ssh
+func (s *EnterpriseService) GetSSHKey(ctx context.Context) ([]*ClusterSSHKey, *Response, error) {
+	u := "manage/v1/access/ssh"
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var sshKeys []*ClusterSSHKey
+	resp, err := s.client.Do(ctx, req, &sshKeys)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return sshKeys, resp, nil
+}
+
+// CreateSSHKey adds a new SSH key to the instance.
+//
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/manage-ghes#set-a-new-ssh-key
+//
+//meta:operation POST /manage/v1/access/ssh
+func (s *EnterpriseService) CreateSSHKey(ctx context.Context, key string) ([]*SSHKeyStatus, *Response, error) {
+	u := "manage/v1/access/ssh"
+	opts := &SSHKeyOptions{
+		Key: key,
+	}
+	req, err := s.client.NewRequest("POST", u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var sshKeyResponse []*SSHKeyStatus
+	resp, err := s.client.Do(ctx, req, &sshKeyResponse)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return sshKeyResponse, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/enterprise_network_configurations.go b/vendor/github.com/google/go-github/v72/github/enterprise_network_configurations.go
new file mode 100644
index 0000000000..a6a690d786
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_network_configurations.go
@@ -0,0 +1,139 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ListEnterpriseNetworkConfigurations lists all hosted compute network configurations configured in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/network-configurations#list-hosted-compute-network-configurations-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/network-configurations
+func (s *EnterpriseService) ListEnterpriseNetworkConfigurations(ctx context.Context, enterprise string, opts *ListOptions) (*NetworkConfigurations, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/network-configurations", enterprise)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	networks := &NetworkConfigurations{}
+	resp, err := s.client.Do(ctx, req, networks)
+	if err != nil {
+		return nil, resp, err
+	}
+	return networks, resp, nil
+}
+
+// CreateEnterpriseNetworkConfiguration creates a hosted compute network configuration for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/network-configurations#create-a-hosted-compute-network-configuration-for-an-enterprise
+//
+//meta:operation POST /enterprises/{enterprise}/network-configurations
+func (s *EnterpriseService) CreateEnterpriseNetworkConfiguration(ctx context.Context, enterprise string, createReq NetworkConfigurationRequest) (*NetworkConfiguration, *Response, error) {
+	if err := validateNetworkConfigurationRequest(createReq); err != nil {
+		return nil, nil, fmt.Errorf("validation failed: %w", err)
+	}
+
+	u := fmt.Sprintf("enterprises/%v/network-configurations", enterprise)
+	req, err := s.client.NewRequest("POST", u, createReq)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	network := &NetworkConfiguration{}
+	resp, err := s.client.Do(ctx, req, network)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return network, resp, nil
+}
+
+// GetEnterpriseNetworkConfiguration gets a hosted compute network configuration configured in an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/network-configurations#get-a-hosted-compute-network-configuration-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/network-configurations/{network_configuration_id}
+func (s *EnterpriseService) GetEnterpriseNetworkConfiguration(ctx context.Context, enterprise, networkID string) (*NetworkConfiguration, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/network-configurations/%v", enterprise, networkID)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	network := &NetworkConfiguration{}
+	resp, err := s.client.Do(ctx, req, network)
+	if err != nil {
+		return nil, resp, err
+	}
+	return network, resp, nil
+}
+
+// UpdateEnterpriseNetworkConfiguration updates a hosted compute network configuration for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/network-configurations#update-a-hosted-compute-network-configuration-for-an-enterprise
+//
+//meta:operation PATCH /enterprises/{enterprise}/network-configurations/{network_configuration_id}
+func (s *EnterpriseService) UpdateEnterpriseNetworkConfiguration(ctx context.Context, enterprise, networkID string, updateReq NetworkConfigurationRequest) (*NetworkConfiguration, *Response, error) {
+	if err := validateNetworkConfigurationRequest(updateReq); err != nil {
+		return nil, nil, fmt.Errorf("validation failed: %w", err)
+	}
+
+	u := fmt.Sprintf("enterprises/%v/network-configurations/%v", enterprise, networkID)
+	req, err := s.client.NewRequest("PATCH", u, updateReq)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	network := &NetworkConfiguration{}
+	resp, err := s.client.Do(ctx, req, network)
+	if err != nil {
+		return nil, resp, err
+	}
+	return network, resp, nil
+}
+
+// DeleteEnterpriseNetworkConfiguration deletes a hosted compute network configuration from an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/network-configurations#delete-a-hosted-compute-network-configuration-from-an-enterprise
+//
+//meta:operation DELETE /enterprises/{enterprise}/network-configurations/{network_configuration_id}
+func (s *EnterpriseService) DeleteEnterpriseNetworkConfiguration(ctx context.Context, enterprise, networkID string) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/network-configurations/%v", enterprise, networkID)
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+	return s.client.Do(ctx, req, nil)
+}
+
+// GetEnterpriseNetworkSettingsResource gets a hosted compute network settings resource configured for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/network-configurations#get-a-hosted-compute-network-settings-resource-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/network-settings/{network_settings_id}
+func (s *EnterpriseService) GetEnterpriseNetworkSettingsResource(ctx context.Context, enterprise, networkID string) (*NetworkSettingsResource, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/network-settings/%v", enterprise, networkID)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	resource := &NetworkSettingsResource{}
+	resp, err := s.client.Do(ctx, req, resource)
+	if err != nil {
+		return nil, resp, err
+	}
+	return resource, resp, err
+}
diff --git a/vendor/github.com/google/go-github/v72/github/enterprise_properties.go b/vendor/github.com/google/go-github/v72/github/enterprise_properties.go
new file mode 100644
index 0000000000..bc5ab55a3a
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_properties.go
@@ -0,0 +1,121 @@
+// Copyright 2024 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// GetAllCustomProperties gets all custom properties that are defined for the specified enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/custom-properties#get-custom-properties-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/properties/schema
+func (s *EnterpriseService) GetAllCustomProperties(ctx context.Context, enterprise string) ([]*CustomProperty, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/properties/schema", enterprise)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var customProperties []*CustomProperty
+	resp, err := s.client.Do(ctx, req, &customProperties)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return customProperties, resp, nil
+}
+
+// CreateOrUpdateCustomProperties creates new or updates existing custom properties that are defined for the specified enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/custom-properties#create-or-update-custom-properties-for-an-enterprise
+//
+//meta:operation PATCH /enterprises/{enterprise}/properties/schema
+func (s *EnterpriseService) CreateOrUpdateCustomProperties(ctx context.Context, enterprise string, properties []*CustomProperty) ([]*CustomProperty, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/properties/schema", enterprise)
+
+	params := struct {
+		Properties []*CustomProperty `json:"properties"`
+	}{
+		Properties: properties,
+	}
+
+	req, err := s.client.NewRequest("PATCH", u, params)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var customProperties []*CustomProperty
+	resp, err := s.client.Do(ctx, req, &customProperties)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return customProperties, resp, nil
+}
+
+// GetCustomProperty gets a custom property that is defined for the specified enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/custom-properties#get-a-custom-property-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/properties/schema/{custom_property_name}
+func (s *EnterpriseService) GetCustomProperty(ctx context.Context, enterprise, customPropertyName string) (*CustomProperty, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/properties/schema/%v", enterprise, customPropertyName)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var customProperty *CustomProperty
+	resp, err := s.client.Do(ctx, req, &customProperty)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return customProperty, resp, nil
+}
+
+// CreateOrUpdateCustomProperty creates a new or updates an existing custom property that is defined for the specified enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/custom-properties#create-or-update-a-custom-property-for-an-enterprise
+//
+//meta:operation PUT /enterprises/{enterprise}/properties/schema/{custom_property_name}
+func (s *EnterpriseService) CreateOrUpdateCustomProperty(ctx context.Context, enterprise, customPropertyName string, property *CustomProperty) (*CustomProperty, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/properties/schema/%v", enterprise, customPropertyName)
+
+	req, err := s.client.NewRequest("PUT", u, property)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var customProperty *CustomProperty
+	resp, err := s.client.Do(ctx, req, &customProperty)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return customProperty, resp, nil
+}
+
+// RemoveCustomProperty removes a custom property that is defined for the specified enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/custom-properties#remove-a-custom-property-for-an-enterprise
+//
+//meta:operation DELETE /enterprises/{enterprise}/properties/schema/{custom_property_name}
+func (s *EnterpriseService) RemoveCustomProperty(ctx context.Context, enterprise, customPropertyName string) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/properties/schema/%v", enterprise, customPropertyName)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/vendor/github.com/google/go-github/v72/github/enterprise_rules.go b/vendor/github.com/google/go-github/v72/github/enterprise_rules.go
new file mode 100644
index 0000000000..f438223370
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/enterprise_rules.go
@@ -0,0 +1,118 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// CreateRepositoryRuleset creates a repository ruleset for the specified enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/rules#create-an-enterprise-repository-ruleset
+//
+//meta:operation POST /enterprises/{enterprise}/rulesets
+func (s *EnterpriseService) CreateRepositoryRuleset(ctx context.Context, enterprise string, ruleset RepositoryRuleset) (*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/rulesets", enterprise)
+
+	req, err := s.client.NewRequest("POST", u, ruleset)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var rs *RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &rs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rs, resp, nil
+}
+
+// GetRepositoryRuleset gets a repository ruleset for the specified enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/rules#get-an-enterprise-repository-ruleset
+//
+//meta:operation GET /enterprises/{enterprise}/rulesets/{ruleset_id}
+func (s *EnterpriseService) GetRepositoryRuleset(ctx context.Context, enterprise string, rulesetID int64) (*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/rulesets/%v", enterprise, rulesetID)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var ruleset *RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &ruleset)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return ruleset, resp, nil
+}
+
+// UpdateRepositoryRuleset updates a repository ruleset for the specified enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/rules#update-an-enterprise-repository-ruleset
+//
+//meta:operation PUT /enterprises/{enterprise}/rulesets/{ruleset_id}
+func (s *EnterpriseService) UpdateRepositoryRuleset(ctx context.Context, enterprise string, rulesetID int64, ruleset RepositoryRuleset) (*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("enterprises/%v/rulesets/%v", enterprise, rulesetID)
+
+	req, err := s.client.NewRequest("PUT", u, ruleset)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var rs *RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &rs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rs, resp, nil
+}
+
+// UpdateRepositoryRulesetClearBypassActor clears the bypass actors for a repository ruleset for the specified enterprise.
+//
+// This function is necessary as the UpdateRepositoryRuleset function does not marshal ByPassActor if passed as an empty array.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/rules#update-an-enterprise-repository-ruleset
+//
+//meta:operation PUT /enterprises/{enterprise}/rulesets/{ruleset_id}
+func (s *EnterpriseService) UpdateRepositoryRulesetClearBypassActor(ctx context.Context, enterprise string, rulesetID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/rulesets/%v", enterprise, rulesetID)
+
+	rsClearBypassActor := rulesetClearBypassActors{}
+
+	req, err := s.client.NewRequest("PUT", u, rsClearBypassActor)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// DeleteRepositoryRuleset deletes a repository ruleset from the specified enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/rules#delete-an-enterprise-repository-ruleset
+//
+//meta:operation DELETE /enterprises/{enterprise}/rulesets/{ruleset_id}
+func (s *EnterpriseService) DeleteRepositoryRuleset(ctx context.Context, enterprise string, rulesetID int64) (*Response, error) {
+	u := fmt.Sprintf("enterprises/%v/rulesets/%v", enterprise, rulesetID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/event.go b/vendor/github.com/google/go-github/v72/github/event.go
similarity index 100%
rename from vendor/github.com/google/go-github/v55/github/event.go
rename to vendor/github.com/google/go-github/v72/github/event.go
diff --git a/vendor/github.com/google/go-github/v55/github/event_types.go b/vendor/github.com/google/go-github/v72/github/event_types.go
similarity index 69%
rename from vendor/github.com/google/go-github/v55/github/event_types.go
rename to vendor/github.com/google/go-github/v72/github/event_types.go
index 1a403da9b9..b536986560 100644
--- a/vendor/github.com/google/go-github/v55/github/event_types.go
+++ b/vendor/github.com/google/go-github/v72/github/event_types.go
@@ -18,7 +18,7 @@ type RequestedAction struct {
 // BranchProtectionRuleEvent triggered when a check suite is "created", "edited", or "deleted".
 // The Webhook event name is "branch_protection_rule".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#branch_protection_rule
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#branch_protection_rule
 type BranchProtectionRuleEvent struct {
 	Action       *string               `json:"action,omitempty"`
 	Rule         *BranchProtectionRule `json:"rule,omitempty"`
@@ -29,10 +29,23 @@ type BranchProtectionRuleEvent struct {
 	Installation *Installation         `json:"installation,omitempty"`
 }
 
+// BranchProtectionConfigurationEvent is triggered when there is a change to branch protection configurations for a repository.
+// The Webhook event name is "branch_protection_configuration".
+//
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#branch_protection_configuration
+type BranchProtectionConfigurationEvent struct {
+	Action       *string       `json:"action,omitempty"`
+	Repo         *Repository   `json:"repository,omitempty"`
+	Org          *Organization `json:"organization,omitempty"`
+	Enterprise   *Enterprise   `json:"enterprise,omitempty"`
+	Sender       *User         `json:"sender,omitempty"`
+	Installation *Installation `json:"installation,omitempty"`
+}
+
 // CheckRunEvent is triggered when a check run is "created", "completed", or "rerequested".
 // The Webhook event name is "check_run".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#check_run
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#check_run
 type CheckRunEvent struct {
 	CheckRun *CheckRun `json:"check_run,omitempty"`
 	// The action performed. Possible values are: "created", "completed", "rerequested" or "requested_action".
@@ -51,7 +64,7 @@ type CheckRunEvent struct {
 // CheckSuiteEvent is triggered when a check suite is "completed", "requested", or "rerequested".
 // The Webhook event name is "check_suite".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#check_suite
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#check_suite
 type CheckSuiteEvent struct {
 	CheckSuite *CheckSuite `json:"check_suite,omitempty"`
 	// The action performed. Possible values are: "completed", "requested" or "rerequested".
@@ -67,7 +80,7 @@ type CheckSuiteEvent struct {
 // CommitCommentEvent is triggered when a commit comment is created.
 // The Webhook event name is "commit_comment".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#commit_comment
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#commit_comment
 type CommitCommentEvent struct {
 	Comment *RepositoryComment `json:"comment,omitempty"`
 
@@ -76,6 +89,10 @@ type CommitCommentEvent struct {
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // ContentReferenceEvent is triggered when the body or comment of an issue or
@@ -99,7 +116,7 @@ type ContentReferenceEvent struct {
 // Additionally, webhooks will not receive this event for tags if more
 // than three tags are pushed at once.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/github-event-types#createevent
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/github-event-types#createevent
 type CreateEvent struct {
 	Ref *string `json:"ref,omitempty"`
 	// RefType is the object that was created. Possible values are: "repository", "branch", "tag".
@@ -115,13 +132,50 @@ type CreateEvent struct {
 	Installation *Installation `json:"installation,omitempty"`
 }
 
+// CustomPropertyEvent represents a created, deleted or updated custom property.
+// The Webhook event name is "custom_property".
+//
+// Note: this is related to custom property configuration at the enterprise or organization level.
+// See CustomPropertyValuesEvent for activity related to custom property values for a repository.
+//
+// GitHub API docs: https://docs.github.com/en/webhooks/webhook-events-and-payloads#custom_property
+type CustomPropertyEvent struct {
+	// Action possible values are: "created", "deleted", "updated".
+	Action     *string         `json:"action,omitempty"`
+	Definition *CustomProperty `json:"definition,omitempty"`
+
+	// The following fields are only populated by Webhook events.
+	Enterprise   *Enterprise   `json:"enterprise,omitempty"`
+	Installation *Installation `json:"installation,omitempty"`
+	Org          *Organization `json:"organization,omitempty"`
+	Sender       *User         `json:"sender,omitempty"`
+}
+
+// CustomPropertyValuesEvent represents an update to a custom property.
+// The Webhook event name is "custom_property_values".
+//
+// GitHub API docs: https://docs.github.com/en/webhooks/webhook-events-and-payloads#custom_property_values
+type CustomPropertyValuesEvent struct {
+	// Action possible values are: "updated".
+	Action            *string                `json:"action,omitempty"`
+	NewPropertyValues []*CustomPropertyValue `json:"new_property_values,omitempty"`
+	OldPropertyValues []*CustomPropertyValue `json:"old_property_values,omitempty"`
+
+	// The following fields are only populated by Webhook events.
+	Enterprise   *Enterprise   `json:"enterprise,omitempty"`
+	Installation *Installation `json:"installation,omitempty"`
+	Repo         *Repository   `json:"repository,omitempty"`
+	Org          *Organization `json:"organization,omitempty"`
+	Sender       *User         `json:"sender,omitempty"`
+}
+
 // DeleteEvent represents a deleted branch or tag.
 // The Webhook event name is "delete".
 //
 // Note: webhooks will not receive this event for tags if more than three tags
 // are deleted at once.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/github-event-types#deleteevent
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/github-event-types#deleteevent
 type DeleteEvent struct {
 	Ref *string `json:"ref,omitempty"`
 	// RefType is the object that was deleted. Possible values are: "branch", "tag".
@@ -132,12 +186,16 @@ type DeleteEvent struct {
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // DependabotAlertEvent is triggered when there is activity relating to Dependabot alerts.
 // The Webhook event name is "dependabot_alert".
 //
-// GitHub API docs: https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#dependabot_alert
+// GitHub API docs: https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#dependabot_alert
 type DependabotAlertEvent struct {
 	Action *string          `json:"action,omitempty"`
 	Alert  *DependabotAlert `json:"alert,omitempty"`
@@ -156,7 +214,7 @@ type DependabotAlertEvent struct {
 // DeployKeyEvent is triggered when a deploy key is added or removed from a repository.
 // The Webhook event name is "deploy_key".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#deploy_key
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#deploy_key
 type DeployKeyEvent struct {
 	// Action is the action that was performed. Possible values are:
 	// "created" or "deleted".
@@ -182,7 +240,7 @@ type DeployKeyEvent struct {
 //
 // Events of this type are not visible in timelines, they are only used to trigger hooks.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#deployment
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#deployment
 type DeploymentEvent struct {
 	Deployment  *Deployment  `json:"deployment,omitempty"`
 	Repo        *Repository  `json:"repository,omitempty"`
@@ -192,6 +250,10 @@ type DeploymentEvent struct {
 	// The following fields are only populated by Webhook events.
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // DeploymentProtectionRuleEvent represents a deployment protection rule event.
@@ -213,13 +275,54 @@ type DeploymentProtectionRuleEvent struct {
 	Installation          *Installation  `json:"installation,omitempty"`
 }
 
+// DeploymentReviewEvent represents a deployment review event.
+// The Webhook event name is "deployment_review".
+//
+// GitHub API docs: https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads?#deployment_review
+type DeploymentReviewEvent struct {
+	// The action performed. Possible values are: "requested", "approved", or "rejected".
+	Action *string `json:"action,omitempty"`
+
+	// The following will be populated only if requested.
+	Requester   *User   `json:"requester,omitempty"`
+	Environment *string `json:"environment,omitempty"`
+
+	// The following will be populated only if approved or rejected.
+	Approver        *User             `json:"approver,omitempty"`
+	Comment         *string           `json:"comment,omitempty"`
+	WorkflowJobRuns []*WorkflowJobRun `json:"workflow_job_runs,omitempty"`
+
+	Enterprise     *Enterprise         `json:"enterprise,omitempty"`
+	Installation   *Installation       `json:"installation,omitempty"`
+	Organization   *Organization       `json:"organization,omitempty"`
+	Repo           *Repository         `json:"repository,omitempty"`
+	Reviewers      []*RequiredReviewer `json:"reviewers,omitempty"`
+	Sender         *User               `json:"sender,omitempty"`
+	Since          *string             `json:"since,omitempty"`
+	WorkflowJobRun *WorkflowJobRun     `json:"workflow_job_run,omitempty"`
+	WorkflowRun    *WorkflowRun        `json:"workflow_run,omitempty"`
+}
+
+// WorkflowJobRun represents a workflow_job_run in a GitHub DeploymentReviewEvent.
+type WorkflowJobRun struct {
+	Conclusion  *string    `json:"conclusion,omitempty"`
+	CreatedAt   *Timestamp `json:"created_at,omitempty"`
+	Environment *string    `json:"environment,omitempty"`
+	HTMLURL     *string    `json:"html_url,omitempty"`
+	ID          *int64     `json:"id,omitempty"`
+	Name        *string    `json:"name,omitempty"`
+	Status      *string    `json:"status,omitempty"`
+	UpdatedAt   *Timestamp `json:"updated_at,omitempty"`
+}
+
 // DeploymentStatusEvent represents a deployment status.
 // The Webhook event name is "deployment_status".
 //
 // Events of this type are not visible in timelines, they are only used to trigger hooks.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#deployment_status
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#deployment_status
 type DeploymentStatusEvent struct {
+	Action           *string           `json:"action,omitempty"`
 	Deployment       *Deployment       `json:"deployment,omitempty"`
 	DeploymentStatus *DeploymentStatus `json:"deployment_status,omitempty"`
 	Repo             *Repository       `json:"repository,omitempty"`
@@ -227,6 +330,10 @@ type DeploymentStatusEvent struct {
 	// The following fields are only populated by Webhook events.
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // DiscussionCommentEvent represents a webhook event for a comment on discussion.
@@ -265,7 +372,7 @@ type CommentDiscussion struct {
 // DiscussionEvent represents a webhook event for a discussion.
 // The Webhook event name is "discussion".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#discussion
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#discussion
 type DiscussionEvent struct {
 	// Action is the action that was performed. Possible values are:
 	// created, edited, deleted, pinned, unpinned, locked, unlocked,
@@ -318,7 +425,7 @@ type DiscussionCategory struct {
 // ForkEvent is triggered when a user forks a repository.
 // The Webhook event name is "fork".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#fork
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#fork
 type ForkEvent struct {
 	// Forkee is the created repository.
 	Forkee *Repository `json:"forkee,omitempty"`
@@ -332,7 +439,7 @@ type ForkEvent struct {
 // GitHubAppAuthorizationEvent is triggered when a user's authorization for a
 // GitHub Application is revoked.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#github_app_authorization
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#github_app_authorization
 type GitHubAppAuthorizationEvent struct {
 	// The action performed. Possible value is: "revoked".
 	Action *string `json:"action,omitempty"`
@@ -355,7 +462,7 @@ type Page struct {
 // GollumEvent is triggered when a Wiki page is created or updated.
 // The Webhook event name is "gollum".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#gollum
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#gollum
 type GollumEvent struct {
 	Pages []*Page `json:"pages,omitempty"`
 
@@ -363,16 +470,22 @@ type GollumEvent struct {
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // EditChange represents the changes when an issue, pull request, comment,
 // or repository has been edited.
 type EditChange struct {
-	Title *EditTitle `json:"title,omitempty"`
-	Body  *EditBody  `json:"body,omitempty"`
-	Base  *EditBase  `json:"base,omitempty"`
-	Repo  *EditRepo  `json:"repository,omitempty"`
-	Owner *EditOwner `json:"owner,omitempty"`
+	Title         *EditTitle         `json:"title,omitempty"`
+	Body          *EditBody          `json:"body,omitempty"`
+	Base          *EditBase          `json:"base,omitempty"`
+	Repo          *EditRepo          `json:"repository,omitempty"`
+	Owner         *EditOwner         `json:"owner,omitempty"`
+	DefaultBranch *EditDefaultBranch `json:"default_branch,omitempty"`
+	Topics        *EditTopics        `json:"topics,omitempty"`
 }
 
 // EditTitle represents a pull-request title change.
@@ -417,11 +530,21 @@ type RepoName struct {
 	From *string `json:"from,omitempty"`
 }
 
+// EditTopics represents a change of repository topics.
+type EditTopics struct {
+	From []string `json:"from,omitempty"`
+}
+
 // EditSHA represents a sha change of a pull-request.
 type EditSHA struct {
 	From *string `json:"from,omitempty"`
 }
 
+// EditDefaultBranch represents a change of repository's default branch name.
+type EditDefaultBranch struct {
+	From *string `json:"from,omitempty"`
+}
+
 // ProjectChange represents the changes when a project has been edited.
 type ProjectChange struct {
 	Name *ProjectName `json:"name,omitempty"`
@@ -502,7 +625,7 @@ type TeamPermissionsFrom struct {
 // or new permissions have been accepted.
 // The Webhook event name is "installation".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#installation
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#installation
 type InstallationEvent struct {
 	// The action that was performed. Can be either "created", "deleted", "suspend", "unsuspend" or "new_permissions_accepted".
 	Action       *string       `json:"action,omitempty"`
@@ -510,12 +633,16 @@ type InstallationEvent struct {
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
 	Requester    *User         `json:"requester,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // InstallationRepositoriesEvent is triggered when a repository is added or
 // removed from an installation. The Webhook event name is "installation_repositories".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#installation_repositories
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#installation_repositories
 type InstallationRepositoriesEvent struct {
 	// The action that was performed. Can be either "added" or "removed".
 	Action              *string       `json:"action,omitempty"`
@@ -524,6 +651,10 @@ type InstallationRepositoriesEvent struct {
 	RepositorySelection *string       `json:"repository_selection,omitempty"`
 	Sender              *User         `json:"sender,omitempty"`
 	Installation        *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // InstallationLoginChange represents a change in login on an installation.
@@ -545,7 +676,7 @@ type InstallationChanges struct {
 // InstallationTargetEvent is triggered when there is activity on an installation from a user or organization account.
 // The Webhook event name is "installation_target".
 //
-// GitHub API docs: https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#installation_target
+// GitHub API docs: https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#installation_target
 type InstallationTargetEvent struct {
 	Account      *User                `json:"account,omitempty"`
 	Action       *string              `json:"action,omitempty"`
@@ -562,7 +693,7 @@ type InstallationTargetEvent struct {
 // or pull request.
 // The Webhook event name is "issue_comment".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#issue_comment
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#issue_comment
 type IssueCommentEvent struct {
 	// Action is the action that was performed on the comment.
 	// Possible values are: "created", "edited", "deleted".
@@ -586,7 +717,7 @@ type IssueCommentEvent struct {
 // locked, unlocked, milestoned, or demilestoned.
 // The Webhook event name is "issues".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#issues
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#issues
 type IssuesEvent struct {
 	// Action is the action that was performed. Possible values are: "opened",
 	// "edited", "deleted", "transferred", "pinned", "unpinned", "closed", "reopened",
@@ -603,12 +734,16 @@ type IssuesEvent struct {
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
 	Milestone    *Milestone    `json:"milestone,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // LabelEvent is triggered when a repository's label is created, edited, or deleted.
 // The Webhook event name is "label"
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#label
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#label
 type LabelEvent struct {
 	// Action is the action that was performed. Possible values are:
 	// "created", "edited", "deleted"
@@ -627,7 +762,7 @@ type LabelEvent struct {
 // their GitHub Marketplace plan.
 // Webhook event name "marketplace_purchase".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#marketplace_purchase
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#marketplace_purchase
 type MarketplacePurchaseEvent struct {
 	// Action is the action that was performed. Possible values are:
 	// "purchased", "cancelled", "pending_change", "pending_change_cancelled", "changed".
@@ -639,21 +774,48 @@ type MarketplacePurchaseEvent struct {
 	PreviousMarketplacePurchase *MarketplacePurchase `json:"previous_marketplace_purchase,omitempty"`
 	Sender                      *User                `json:"sender,omitempty"`
 	Installation                *Installation        `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
+}
+
+// MemberChangesPermission represents changes to a repository collaborator's permissions.
+type MemberChangesPermission struct {
+	From *string `json:"from,omitempty"`
+	To   *string `json:"to,omitempty"`
 }
 
-// MemberEvent is triggered when a user is added as a collaborator to a repository.
+// MemberChangesRoleName represents changes to a repository collaborator's role.
+type MemberChangesRoleName struct {
+	From *string `json:"from,omitempty"`
+	To   *string `json:"to,omitempty"`
+}
+
+// MemberChanges represents changes to a repository collaborator's role or permission.
+type MemberChanges struct {
+	Permission *MemberChangesPermission `json:"permission,omitempty"`
+	RoleName   *MemberChangesRoleName   `json:"role_name,omitempty"`
+}
+
+// MemberEvent is triggered when a user's membership as a collaborator to a repository changes.
 // The Webhook event name is "member".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#member
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#member
 type MemberEvent struct {
-	// Action is the action that was performed. Possible value is: "added".
-	Action *string `json:"action,omitempty"`
-	Member *User   `json:"member,omitempty"`
+	// Action is the action that was performed. Possible values are: "added", "edited", "removed".
+	Action  *string        `json:"action,omitempty"`
+	Member  *User          `json:"member,omitempty"`
+	Changes *MemberChanges `json:"changes,omitempty"`
 
 	// The following fields are only populated by Webhook events.
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // MembershipEvent is triggered when a user is added or removed from a team.
@@ -662,7 +824,7 @@ type MemberEvent struct {
 // Events of this type are not visible in timelines, they are only used to
 // trigger organization webhooks.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#membership
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#membership
 type MembershipEvent struct {
 	// Action is the action that was performed. Possible values are: "added", "removed".
 	Action *string `json:"action,omitempty"`
@@ -694,10 +856,12 @@ type MergeGroup struct {
 // MergeGroupEvent represents activity related to merge groups in a merge queue. The type of activity is specified
 // in the action property of the payload object.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#merge_group
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#merge_group
 type MergeGroupEvent struct {
-	// The action that was performed. Currently, can only be checks_requested.
+	// The action that was performed. Possible values are: "checks_requested", "destroyed".
 	Action *string `json:"action,omitempty"`
+	// Reason is populated when the action is "destroyed". Possible values: "merged", "invalidated", "dequeued".
+	Reason *string `json:"reason,omitempty"`
 	// The merge group.
 	MergeGroup *MergeGroup `json:"merge_group,omitempty"`
 
@@ -713,7 +877,7 @@ type MergeGroupEvent struct {
 // Therefore, it must be selected for each hook that you'd like to receive meta events for.
 // The Webhook event name is "meta".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#meta
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#meta
 type MetaEvent struct {
 	// Action is the action that was performed. Possible value is: "deleted".
 	Action *string `json:"action,omitempty"`
@@ -734,7 +898,7 @@ type MetaEvent struct {
 // MilestoneEvent is triggered when a milestone is created, closed, opened, edited, or deleted.
 // The Webhook event name is "milestone".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#milestone
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#milestone
 type MilestoneEvent struct {
 	// Action is the action that was performed. Possible values are:
 	// "created", "closed", "opened", "edited", "deleted"
@@ -754,7 +918,7 @@ type MilestoneEvent struct {
 // Events of this type are not visible in timelines. These events are only used to trigger organization hooks.
 // Webhook event name is "organization".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#organization
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#organization
 type OrganizationEvent struct {
 	// Action is the action that was performed.
 	// Possible values are: "deleted", "renamed", "member_added", "member_removed", or "member_invited".
@@ -775,7 +939,7 @@ type OrganizationEvent struct {
 // OrgBlockEvent is triggered when an organization blocks or unblocks a user.
 // The Webhook event name is "org_block".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#org_block
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#org_block
 type OrgBlockEvent struct {
 	// Action is the action that was performed.
 	// Can be "blocked" or "unblocked".
@@ -816,7 +980,7 @@ type PackageEvent struct {
 //
 // Events of this type are not visible in timelines, they are only used to trigger hooks.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#page_build
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#page_build
 type PageBuildEvent struct {
 	Build *PagesBuild `json:"build,omitempty"`
 
@@ -825,6 +989,10 @@ type PageBuildEvent struct {
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // PersonalAccessTokenRequestEvent occurs when there is activity relating to a
@@ -832,7 +1000,7 @@ type PageBuildEvent struct {
 // belong to a resource owner that requires approval for token access.
 // The webhook event name is "personal_access_token_request".
 //
-// GitHub API docs: https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#personal_access_token_request
+// GitHub API docs: https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#personal_access_token_request
 type PersonalAccessTokenRequestEvent struct {
 	// Action is the action that was performed. Possible values are:
 	// "approved", "cancelled", "created" or "denied"
@@ -885,6 +1053,10 @@ type PersonalAccessTokenRequest struct {
 
 	// Date and time when the associated fine-grained personal access token was last used for authentication.
 	TokenLastUsedAt *Timestamp `json:"token_last_used_at,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // PersonalAccessTokenPermissions represents the original or newly requested
@@ -913,63 +1085,13 @@ type PingEvent struct {
 	Installation *Installation `json:"installation,omitempty"`
 }
 
-// ProjectEvent is triggered when project is created, modified or deleted.
-// The webhook event name is "project".
-//
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#project
-type ProjectEvent struct {
-	Action  *string        `json:"action,omitempty"`
-	Changes *ProjectChange `json:"changes,omitempty"`
-	Project *Project       `json:"project,omitempty"`
-
-	// The following fields are only populated by Webhook events.
-	Repo         *Repository   `json:"repository,omitempty"`
-	Org          *Organization `json:"organization,omitempty"`
-	Sender       *User         `json:"sender,omitempty"`
-	Installation *Installation `json:"installation,omitempty"`
-}
-
-// ProjectCardEvent is triggered when a project card is created, updated, moved, converted to an issue, or deleted.
-// The webhook event name is "project_card".
-//
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#project_card
-type ProjectCardEvent struct {
-	Action      *string            `json:"action,omitempty"`
-	Changes     *ProjectCardChange `json:"changes,omitempty"`
-	AfterID     *int64             `json:"after_id,omitempty"`
-	ProjectCard *ProjectCard       `json:"project_card,omitempty"`
-
-	// The following fields are only populated by Webhook events.
-	Repo         *Repository   `json:"repository,omitempty"`
-	Org          *Organization `json:"organization,omitempty"`
-	Sender       *User         `json:"sender,omitempty"`
-	Installation *Installation `json:"installation,omitempty"`
-}
-
-// ProjectColumnEvent is triggered when a project column is created, updated, moved, or deleted.
-// The webhook event name is "project_column".
-//
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#project_column
-type ProjectColumnEvent struct {
-	Action        *string              `json:"action,omitempty"`
-	Changes       *ProjectColumnChange `json:"changes,omitempty"`
-	AfterID       *int64               `json:"after_id,omitempty"`
-	ProjectColumn *ProjectColumn       `json:"project_column,omitempty"`
-
-	// The following fields are only populated by Webhook events.
-	Repo         *Repository   `json:"repository,omitempty"`
-	Org          *Organization `json:"organization,omitempty"`
-	Sender       *User         `json:"sender,omitempty"`
-	Installation *Installation `json:"installation,omitempty"`
-}
-
 // ProjectV2Event is triggered when there is activity relating to an organization-level project.
 // The Webhook event name is "projects_v2".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#projects_v2
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#projects_v2
 type ProjectV2Event struct {
-	Action     *string     `json:"action,omitempty"`
-	ProjectsV2 *ProjectsV2 `json:"projects_v2,omitempty"`
+	Action     *string    `json:"action,omitempty"`
+	ProjectsV2 *ProjectV2 `json:"projects_v2,omitempty"`
 
 	// The following fields are only populated by Webhook events.
 	Installation *Installation `json:"installation,omitempty"`
@@ -977,8 +1099,8 @@ type ProjectV2Event struct {
 	Sender       *User         `json:"sender,omitempty"`
 }
 
-// ProjectsV2 represents a projects v2 project.
-type ProjectsV2 struct {
+// ProjectV2 represents a v2 project.
+type ProjectV2 struct {
 	ID               *int64     `json:"id,omitempty"`
 	NodeID           *string    `json:"node_id,omitempty"`
 	Owner            *User      `json:"owner,omitempty"`
@@ -993,12 +1115,23 @@ type ProjectsV2 struct {
 	Number           *int       `json:"number,omitempty"`
 	ShortDescription *string    `json:"short_description,omitempty"`
 	DeletedBy        *User      `json:"deleted_by,omitempty"`
+
+	// Fields migrated from the Project (classic) struct:
+	URL                    *string `json:"url,omitempty"`
+	HTMLURL                *string `json:"html_url,omitempty"`
+	ColumnsURL             *string `json:"columns_url,omitempty"`
+	OwnerURL               *string `json:"owner_url,omitempty"`
+	Name                   *string `json:"name,omitempty"`
+	Body                   *string `json:"body,omitempty"`
+	State                  *string `json:"state,omitempty"`
+	OrganizationPermission *string `json:"organization_permission,omitempty"`
+	Private                *bool   `json:"private,omitempty"`
 }
 
 // ProjectV2ItemEvent is triggered when there is activity relating to an item on an organization-level project.
 // The Webhook event name is "projects_v2_item".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#projects_v2_item
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#projects_v2_item
 type ProjectV2ItemEvent struct {
 	Action        *string              `json:"action,omitempty"`
 	Changes       *ProjectV2ItemChange `json:"changes,omitempty"`
@@ -1021,7 +1154,7 @@ type ArchivedAt struct {
 	To   *Timestamp `json:"to,omitempty"`
 }
 
-// ProjectsV2 represents an item belonging to a project.
+// ProjectV2Item represents an item belonging to a project.
 type ProjectV2Item struct {
 	ID            *int64     `json:"id,omitempty"`
 	NodeID        *string    `json:"node_id,omitempty"`
@@ -1038,12 +1171,16 @@ type ProjectV2Item struct {
 // According to GitHub: "Without a doubt: the best GitHub event."
 // The Webhook event name is "public".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#public
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#public
 type PublicEvent struct {
 	// The following fields are only populated by Webhook events.
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // PullRequestEvent is triggered when a pull request is assigned, unassigned, labeled,
@@ -1051,7 +1188,7 @@ type PublicEvent struct {
 // locked, unlocked, a pull request review is requested, or a review request is removed.
 // The Webhook event name is "pull_request".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/github-event-types#pullrequestevent
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/github-event-types#pullrequestevent
 type PullRequestEvent struct {
 	// Action is the action that was performed. Possible values are:
 	// "assigned", "unassigned", "review_requested", "review_request_removed", "labeled", "unlabeled",
@@ -1086,13 +1223,16 @@ type PullRequestEvent struct {
 	// The following fields are only populated when the Action is "synchronize".
 	Before *string `json:"before,omitempty"`
 	After  *string `json:"after,omitempty"`
+
+	// The following will be populated if the event was performed by an App
+	PerformedViaGithubApp *App `json:"performed_via_github_app,omitempty"`
 }
 
 // PullRequestReviewEvent is triggered when a review is submitted on a pull
 // request.
 // The Webhook event name is "pull_request_review".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#pull_request_review
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#pull_request_review
 type PullRequestReviewEvent struct {
 	// Action is always "submitted".
 	Action      *string            `json:"action,omitempty"`
@@ -1113,7 +1253,7 @@ type PullRequestReviewEvent struct {
 // portion of the unified diff of a pull request.
 // The Webhook event name is "pull_request_review_comment".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#pull_request_review_comment
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#pull_request_review_comment
 type PullRequestReviewCommentEvent struct {
 	// Action is the action that was performed on the comment.
 	// Possible values are: "created", "edited", "deleted".
@@ -1126,13 +1266,17 @@ type PullRequestReviewCommentEvent struct {
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // PullRequestReviewThreadEvent is triggered when a comment made as part of a
 // review of a pull request is marked resolved or unresolved.
 // The Webhook event name is "pull_request_review_thread".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#pull_request_review_thread
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#pull_request_review_thread
 type PullRequestReviewThreadEvent struct {
 	// Action is the action that was performed on the comment.
 	// Possible values are: "resolved", "unresolved".
@@ -1144,6 +1288,10 @@ type PullRequestReviewThreadEvent struct {
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // PullRequestTargetEvent is triggered when a pull request is assigned, unassigned, labeled,
@@ -1151,7 +1299,7 @@ type PullRequestReviewThreadEvent struct {
 // locked, unlocked, a pull request review is requested, or a review request is removed.
 // The Webhook event name is "pull_request_target".
 //
-// GitHub API docs: https://docs.github.com/en/actions/events-that-trigger-workflows#pull_request_target
+// GitHub API docs: https://docs.github.com/actions/events-that-trigger-workflows#pull_request_target
 type PullRequestTargetEvent struct {
 	// Action is the action that was performed. Possible values are:
 	// "assigned", "unassigned", "labeled", "unlabeled", "opened", "edited", "closed", "reopened",
@@ -1186,11 +1334,14 @@ type PullRequestTargetEvent struct {
 	// The following fields are only populated when the Action is "synchronize".
 	Before *string `json:"before,omitempty"`
 	After  *string `json:"after,omitempty"`
+
+	// The following will be populated if the event was performed by an App
+	PerformedViaGithubApp *App `json:"performed_via_github_app,omitempty"`
 }
 
 // PushEvent represents a git push to a GitHub repository.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#push
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#push
 type PushEvent struct {
 	PushID       *int64        `json:"push_id,omitempty"`
 	Head         *string       `json:"head,omitempty"`
@@ -1210,7 +1361,7 @@ type PushEvent struct {
 	Compare      *string              `json:"compare,omitempty"`
 	Repo         *PushEventRepository `json:"repository,omitempty"`
 	HeadCommit   *HeadCommit          `json:"head_commit,omitempty"`
-	Pusher       *User                `json:"pusher,omitempty"`
+	Pusher       *CommitAuthor        `json:"pusher,omitempty"`
 	Sender       *User                `json:"sender,omitempty"`
 	Installation *Installation        `json:"installation,omitempty"`
 
@@ -1249,43 +1400,44 @@ func (h HeadCommit) String() string {
 
 // PushEventRepository represents the repo object in a PushEvent payload.
 type PushEventRepository struct {
-	ID              *int64     `json:"id,omitempty"`
-	NodeID          *string    `json:"node_id,omitempty"`
-	Name            *string    `json:"name,omitempty"`
-	FullName        *string    `json:"full_name,omitempty"`
-	Owner           *User      `json:"owner,omitempty"`
-	Private         *bool      `json:"private,omitempty"`
-	Description     *string    `json:"description,omitempty"`
-	Fork            *bool      `json:"fork,omitempty"`
-	CreatedAt       *Timestamp `json:"created_at,omitempty"`
-	PushedAt        *Timestamp `json:"pushed_at,omitempty"`
-	UpdatedAt       *Timestamp `json:"updated_at,omitempty"`
-	Homepage        *string    `json:"homepage,omitempty"`
-	PullsURL        *string    `json:"pulls_url,omitempty"`
-	Size            *int       `json:"size,omitempty"`
-	StargazersCount *int       `json:"stargazers_count,omitempty"`
-	WatchersCount   *int       `json:"watchers_count,omitempty"`
-	Language        *string    `json:"language,omitempty"`
-	HasIssues       *bool      `json:"has_issues,omitempty"`
-	HasDownloads    *bool      `json:"has_downloads,omitempty"`
-	HasWiki         *bool      `json:"has_wiki,omitempty"`
-	HasPages        *bool      `json:"has_pages,omitempty"`
-	ForksCount      *int       `json:"forks_count,omitempty"`
-	Archived        *bool      `json:"archived,omitempty"`
-	Disabled        *bool      `json:"disabled,omitempty"`
-	OpenIssuesCount *int       `json:"open_issues_count,omitempty"`
-	DefaultBranch   *string    `json:"default_branch,omitempty"`
-	MasterBranch    *string    `json:"master_branch,omitempty"`
-	Organization    *string    `json:"organization,omitempty"`
-	URL             *string    `json:"url,omitempty"`
-	ArchiveURL      *string    `json:"archive_url,omitempty"`
-	HTMLURL         *string    `json:"html_url,omitempty"`
-	StatusesURL     *string    `json:"statuses_url,omitempty"`
-	GitURL          *string    `json:"git_url,omitempty"`
-	SSHURL          *string    `json:"ssh_url,omitempty"`
-	CloneURL        *string    `json:"clone_url,omitempty"`
-	SVNURL          *string    `json:"svn_url,omitempty"`
-	Topics          []string   `json:"topics,omitempty"`
+	ID               *int64                 `json:"id,omitempty"`
+	NodeID           *string                `json:"node_id,omitempty"`
+	Name             *string                `json:"name,omitempty"`
+	FullName         *string                `json:"full_name,omitempty"`
+	Owner            *User                  `json:"owner,omitempty"`
+	Private          *bool                  `json:"private,omitempty"`
+	Description      *string                `json:"description,omitempty"`
+	Fork             *bool                  `json:"fork,omitempty"`
+	CreatedAt        *Timestamp             `json:"created_at,omitempty"`
+	PushedAt         *Timestamp             `json:"pushed_at,omitempty"`
+	UpdatedAt        *Timestamp             `json:"updated_at,omitempty"`
+	Homepage         *string                `json:"homepage,omitempty"`
+	PullsURL         *string                `json:"pulls_url,omitempty"`
+	Size             *int                   `json:"size,omitempty"`
+	StargazersCount  *int                   `json:"stargazers_count,omitempty"`
+	WatchersCount    *int                   `json:"watchers_count,omitempty"`
+	Language         *string                `json:"language,omitempty"`
+	HasIssues        *bool                  `json:"has_issues,omitempty"`
+	HasDownloads     *bool                  `json:"has_downloads,omitempty"`
+	HasWiki          *bool                  `json:"has_wiki,omitempty"`
+	HasPages         *bool                  `json:"has_pages,omitempty"`
+	ForksCount       *int                   `json:"forks_count,omitempty"`
+	Archived         *bool                  `json:"archived,omitempty"`
+	Disabled         *bool                  `json:"disabled,omitempty"`
+	OpenIssuesCount  *int                   `json:"open_issues_count,omitempty"`
+	DefaultBranch    *string                `json:"default_branch,omitempty"`
+	MasterBranch     *string                `json:"master_branch,omitempty"`
+	Organization     *string                `json:"organization,omitempty"`
+	URL              *string                `json:"url,omitempty"`
+	ArchiveURL       *string                `json:"archive_url,omitempty"`
+	HTMLURL          *string                `json:"html_url,omitempty"`
+	StatusesURL      *string                `json:"statuses_url,omitempty"`
+	GitURL           *string                `json:"git_url,omitempty"`
+	SSHURL           *string                `json:"ssh_url,omitempty"`
+	CloneURL         *string                `json:"clone_url,omitempty"`
+	SVNURL           *string                `json:"svn_url,omitempty"`
+	Topics           []string               `json:"topics,omitempty"`
+	CustomProperties map[string]interface{} `json:"custom_properties,omitempty"`
 }
 
 // PushEventRepoOwner is a basic representation of user/org in a PushEvent payload.
@@ -1294,11 +1446,31 @@ type PushEventRepoOwner struct {
 	Email *string `json:"email,omitempty"`
 }
 
+// RegistryPackageEvent represents activity related to GitHub Packages.
+// The Webhook event name is "registry_package".
+//
+// This event is triggered when a GitHub Package is published or updated.
+//
+// GitHub API docs: https://docs.github.com/en/webhooks/webhook-events-and-payloads#registry_package
+type RegistryPackageEvent struct {
+	// Action is the action that was performed.
+	// Can be "published" or "updated".
+	Action          *string       `json:"action,omitempty"`
+	RegistryPackage *Package      `json:"registry_package,omitempty"`
+	Repository      *Repository   `json:"repository,omitempty"`
+	Organization    *Organization `json:"organization,omitempty"`
+	Enterprise      *Enterprise   `json:"enterprise,omitempty"`
+	Sender          *User         `json:"sender,omitempty"`
+
+	// The following fields are only populated by Webhook events.
+	Installation *Installation `json:"installation,omitempty"`
+}
+
 // ReleaseEvent is triggered when a release is published, unpublished, created,
 // edited, deleted, or prereleased.
 // The Webhook event name is "release".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#release
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#release
 type ReleaseEvent struct {
 	// Action is the action that was performed. Possible values are: "published", "unpublished",
 	// "created", "edited", "deleted", or "prereleased".
@@ -1309,17 +1481,21 @@ type ReleaseEvent struct {
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // RepositoryEvent is triggered when a repository is created, archived, unarchived,
 // renamed, edited, transferred, made public, or made private. Organization hooks are
-// also trigerred when a repository is deleted.
+// also triggered when a repository is deleted.
 // The Webhook event name is "repository".
 //
 // Events of this type are not visible in timelines, they are only used to
 // trigger organization webhooks.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#repository
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#repository
 type RepositoryEvent struct {
 	// Action is the action that was performed. Possible values are: "created",
 	// "deleted" (organization hooks only), "archived", "unarchived", "edited", "renamed",
@@ -1336,7 +1512,7 @@ type RepositoryEvent struct {
 
 // RepositoryDispatchEvent is triggered when a client sends a POST request to the repository dispatch event endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#repository_dispatch
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#repository_dispatch
 type RepositoryDispatchEvent struct {
 	// Action is the event_type that submitted with the repository dispatch payload. Value can be any string.
 	Action        *string         `json:"action,omitempty"`
@@ -1352,7 +1528,7 @@ type RepositoryDispatchEvent struct {
 
 // RepositoryImportEvent represents the activity related to a repository being imported to GitHub.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#repository_import
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#repository_import
 type RepositoryImportEvent struct {
 	// Status represents the final state of the import. This can be one of "success", "cancelled", or "failure".
 	Status *string       `json:"status,omitempty"`
@@ -1361,9 +1537,84 @@ type RepositoryImportEvent struct {
 	Sender *User         `json:"sender,omitempty"`
 }
 
+// RepositoryRulesetEvent triggers whenever there is a change to the repository's ruleset configuration.
+//
+// This can include updates to protection rules, required status checks, code owners, or other related configurations.
+//
+// GitHub API docs: https://docs.github.com/en/webhooks/webhook-events-and-payloads#repository_ruleset
+type RepositoryRulesetEvent struct {
+	Action            *string                   `json:"action,omitempty"`
+	Enterprise        *Enterprise               `json:"enterprise,omitempty"`
+	Installation      *Installation             `json:"installation,omitempty"`
+	Organization      *Organization             `json:"organization,omitempty"`
+	Repository        *Repository               `json:"repository,omitempty"`
+	RepositoryRuleset *RepositoryRuleset        `json:"repository_ruleset"`
+	Changes           *RepositoryRulesetChanges `json:"changes,omitempty"`
+	Sender            *User                     `json:"sender"`
+}
+
+// RepositoryRulesetChanges represents the changes made to a repository ruleset.
+type RepositoryRulesetChanges struct {
+	Name        *RepositoryRulesetChangeSource      `json:"name,omitempty"`
+	Enforcement *RepositoryRulesetChangeSource      `json:"enforcement,omitempty"`
+	Conditions  *RepositoryRulesetChangedConditions `json:"conditions,omitempty"`
+	Rules       *RepositoryRulesetChangedRules      `json:"rules,omitempty"`
+}
+
+// RepositoryRulesetChangeSource represents a source change for the ruleset.
+type RepositoryRulesetChangeSource struct {
+	From *string `json:"from,omitempty"`
+}
+
+// RepositoryRulesetChangeSources represents multiple source changes for the ruleset.
+type RepositoryRulesetChangeSources struct {
+	From []string `json:"from,omitempty"`
+}
+
+// RepositoryRulesetChangedConditions holds changes to conditions in a ruleset.
+type RepositoryRulesetChangedConditions struct {
+	Added   []*RepositoryRulesetConditions        `json:"added,omitempty"`
+	Deleted []*RepositoryRulesetConditions        `json:"deleted,omitempty"`
+	Updated []*RepositoryRulesetUpdatedConditions `json:"updated,omitempty"`
+}
+
+// RepositoryRulesetUpdatedConditions represents the edited updates to conditions in a ruleset.
+type RepositoryRulesetUpdatedConditions struct {
+	Condition *RepositoryRulesetConditions       `json:"condition,omitempty"`
+	Changes   *RepositoryRulesetUpdatedCondition `json:"changes,omitempty"`
+}
+
+// RepositoryRulesetUpdatedCondition represents the changes to a condition in a ruleset.
+type RepositoryRulesetUpdatedCondition struct {
+	ConditionType *RepositoryRulesetChangeSource  `json:"condition_type,omitempty"`
+	Target        *RepositoryRulesetChangeSource  `json:"target,omitempty"`
+	Include       *RepositoryRulesetChangeSources `json:"include,omitempty"`
+	Exclude       *RepositoryRulesetChangeSources `json:"exclude,omitempty"`
+}
+
+// RepositoryRulesetChangedRules holds changes to rules in a ruleset.
+type RepositoryRulesetChangedRules struct {
+	Added   []*RepositoryRule                `json:"added,omitempty"`
+	Deleted []*RepositoryRule                `json:"deleted,omitempty"`
+	Updated []*RepositoryRulesetUpdatedRules `json:"updated,omitempty"`
+}
+
+// RepositoryRulesetUpdatedRules holds updates to rules in a ruleset.
+type RepositoryRulesetUpdatedRules struct {
+	Rule    *RepositoryRule               `json:"rule,omitempty"`
+	Changes *RepositoryRulesetChangedRule `json:"changes,omitempty"`
+}
+
+// RepositoryRulesetChangedRule holds changes made to a rule in a ruleset.
+type RepositoryRulesetChangedRule struct {
+	Configuration *RepositoryRulesetChangeSource `json:"configuration,omitempty"`
+	RuleType      *RepositoryRulesetChangeSource `json:"rule_type,omitempty"`
+	Pattern       *RepositoryRulesetChangeSource `json:"pattern,omitempty"`
+}
+
 // RepositoryVulnerabilityAlertEvent is triggered when a security alert is created, dismissed, or resolved.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#repository_vulnerability_alert
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#repository_vulnerability_alert
 type RepositoryVulnerabilityAlertEvent struct {
 	// Action is the action that was performed. Possible values are: "create", "dismiss", "resolve".
 	Action *string `json:"action,omitempty"`
@@ -1379,6 +1630,10 @@ type RepositoryVulnerabilityAlertEvent struct {
 
 	// The user that triggered the event.
 	Sender *User `json:"sender,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // RepositoryVulnerabilityAlert represents a repository security alert.
@@ -1400,7 +1655,7 @@ type RepositoryVulnerabilityAlert struct {
 // SecretScanningAlertEvent is triggered when a secret scanning alert occurs in a repository.
 // The Webhook name is secret_scanning_alert.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#secret_scanning_alert
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#secret_scanning_alert
 type SecretScanningAlertEvent struct {
 	// Action is the action that was performed. Possible values are: "created", "resolved", or "reopened".
 	Action *string `json:"action,omitempty"`
@@ -1417,10 +1672,24 @@ type SecretScanningAlertEvent struct {
 	Installation *Installation `json:"installation,omitempty"`
 }
 
+// SecretScanningAlertLocationEvent is triggered when there is activity relating to the locations of a secret in a secret scanning alert.
+// The Webhook event name is "secret_scanning_alert_location".
+//
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#secret_scanning_alert_location
+type SecretScanningAlertLocationEvent struct {
+	Action       *string                      `json:"action,omitempty"`
+	Alert        *SecretScanningAlert         `json:"alert,omitempty"`
+	Installation *Installation                `json:"installation,omitempty"`
+	Location     *SecretScanningAlertLocation `json:"location,omitempty"`
+	Organization *Organization                `json:"organization,omitempty"`
+	Repo         *Repository                  `json:"repository,omitempty"`
+	Sender       *User                        `json:"sender,omitempty"`
+}
+
 // SecurityAndAnalysisEvent is triggered when code security and analysis features
 // are enabled or disabled for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/webhooks-and-events/webhooks/webhook-events-and-payloads#security_and_analysis
+// GitHub API docs: https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#security_and_analysis
 type SecurityAndAnalysisEvent struct {
 	Changes      *SecurityAndAnalysisChange `json:"changes,omitempty"`
 	Enterprise   *Enterprise                `json:"enterprise,omitempty"`
@@ -1445,7 +1714,7 @@ type SecurityAndAnalysisChangeFrom struct {
 // StarEvent is triggered when a star is added or removed from a repository.
 // The Webhook event name is "star".
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#star
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#star
 type StarEvent struct {
 	// Action is the action that was performed. Possible values are: "created" or "deleted".
 	Action *string `json:"action,omitempty"`
@@ -1466,7 +1735,7 @@ type StarEvent struct {
 // Events of this type are not visible in timelines, they are only used to
 // trigger hooks.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#status
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#status
 type StatusEvent struct {
 	SHA *string `json:"sha,omitempty"`
 	// State is the new state. Possible values are: "pending", "success", "failure", "error".
@@ -1485,6 +1754,10 @@ type StatusEvent struct {
 	Repo         *Repository       `json:"repository,omitempty"`
 	Sender       *User             `json:"sender,omitempty"`
 	Installation *Installation     `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // TeamEvent is triggered when an organization's team is created, modified or deleted.
@@ -1493,7 +1766,7 @@ type StatusEvent struct {
 // Events of this type are not visible in timelines. These events are only used
 // to trigger hooks.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#team
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#team
 type TeamEvent struct {
 	Action  *string     `json:"action,omitempty"`
 	Team    *Team       `json:"team,omitempty"`
@@ -1512,7 +1785,7 @@ type TeamEvent struct {
 // Events of this type are not visible in timelines. These events are only used
 // to trigger hooks.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#team_add
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#team_add
 type TeamAddEvent struct {
 	Team *Team       `json:"team,omitempty"`
 	Repo *Repository `json:"repository,omitempty"`
@@ -1546,7 +1819,7 @@ type UserEvent struct {
 // The event’s actor is the user who starred a repository, and the event’s
 // repository is the repository that was starred.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#watch
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#watch
 type WatchEvent struct {
 	// Action is the action that was performed. Possible value is: "started".
 	Action *string `json:"action,omitempty"`
@@ -1555,12 +1828,16 @@ type WatchEvent struct {
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+
+	// The following field is only present when the webhook is triggered on
+	// a repository belonging to an organization.
+	Org *Organization `json:"organization,omitempty"`
 }
 
 // WorkflowDispatchEvent is triggered when someone triggers a workflow run on GitHub or
 // sends a POST request to the create a workflow dispatch event endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#workflow_dispatch
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#workflow_dispatch
 type WorkflowDispatchEvent struct {
 	Inputs   json.RawMessage `json:"inputs,omitempty"`
 	Ref      *string         `json:"ref,omitempty"`
@@ -1575,7 +1852,7 @@ type WorkflowDispatchEvent struct {
 
 // WorkflowJobEvent is triggered when a job is queued, started or completed.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_job
 type WorkflowJobEvent struct {
 	WorkflowJob *WorkflowJob `json:"workflow_job,omitempty"`
 
@@ -1589,11 +1866,12 @@ type WorkflowJobEvent struct {
 	Repo         *Repository   `json:"repository,omitempty"`
 	Sender       *User         `json:"sender,omitempty"`
 	Installation *Installation `json:"installation,omitempty"`
+	Deployment   *Deployment   `json:"deployment,omitempty"`
 }
 
 // WorkflowRunEvent is triggered when a GitHub Actions workflow run is requested or completed.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhook-events-and-payloads#workflow_run
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhook-events-and-payloads#workflow_run
 type WorkflowRunEvent struct {
 	Action      *string      `json:"action,omitempty"`
 	Workflow    *Workflow    `json:"workflow,omitempty"`
@@ -1608,20 +1886,35 @@ type WorkflowRunEvent struct {
 
 // SecurityAdvisory represents the advisory object in SecurityAdvisoryEvent payload.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#security_advisory
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#security_advisory
 type SecurityAdvisory struct {
-	CVSS            *AdvisoryCVSS            `json:"cvss,omitempty"`
-	CWEs            []*AdvisoryCWEs          `json:"cwes,omitempty"`
-	GHSAID          *string                  `json:"ghsa_id,omitempty"`
-	Summary         *string                  `json:"summary,omitempty"`
-	Description     *string                  `json:"description,omitempty"`
-	Severity        *string                  `json:"severity,omitempty"`
-	Identifiers     []*AdvisoryIdentifier    `json:"identifiers,omitempty"`
-	References      []*AdvisoryReference     `json:"references,omitempty"`
-	PublishedAt     *Timestamp               `json:"published_at,omitempty"`
-	UpdatedAt       *Timestamp               `json:"updated_at,omitempty"`
-	WithdrawnAt     *Timestamp               `json:"withdrawn_at,omitempty"`
-	Vulnerabilities []*AdvisoryVulnerability `json:"vulnerabilities,omitempty"`
+	CVSS               *AdvisoryCVSS                 `json:"cvss,omitempty"`
+	CWEs               []*AdvisoryCWEs               `json:"cwes,omitempty"`
+	GHSAID             *string                       `json:"ghsa_id,omitempty"`
+	Summary            *string                       `json:"summary,omitempty"`
+	Description        *string                       `json:"description,omitempty"`
+	Severity           *string                       `json:"severity,omitempty"`
+	Identifiers        []*AdvisoryIdentifier         `json:"identifiers,omitempty"`
+	References         []*AdvisoryReference          `json:"references,omitempty"`
+	PublishedAt        *Timestamp                    `json:"published_at,omitempty"`
+	UpdatedAt          *Timestamp                    `json:"updated_at,omitempty"`
+	WithdrawnAt        *Timestamp                    `json:"withdrawn_at,omitempty"`
+	Vulnerabilities    []*AdvisoryVulnerability      `json:"vulnerabilities,omitempty"`
+	CVEID              *string                       `json:"cve_id,omitempty"`
+	URL                *string                       `json:"url,omitempty"`
+	HTMLURL            *string                       `json:"html_url,omitempty"`
+	Author             *User                         `json:"author,omitempty"`
+	Publisher          *User                         `json:"publisher,omitempty"`
+	State              *string                       `json:"state,omitempty"`
+	CreatedAt          *Timestamp                    `json:"created_at,omitempty"`
+	ClosedAt           *Timestamp                    `json:"closed_at,omitempty"`
+	Submission         *SecurityAdvisorySubmission   `json:"submission,omitempty"`
+	CWEIDs             []string                      `json:"cwe_ids,omitempty"`
+	Credits            []*RepoAdvisoryCredit         `json:"credits,omitempty"`
+	CreditsDetailed    []*RepoAdvisoryCreditDetailed `json:"credits_detailed,omitempty"`
+	CollaboratingUsers []*User                       `json:"collaborating_users,omitempty"`
+	CollaboratingTeams []*Team                       `json:"collaborating_teams,omitempty"`
+	PrivateFork        *Repository                   `json:"private_fork,omitempty"`
 }
 
 // AdvisoryIdentifier represents the identifier for a Security Advisory.
@@ -1641,6 +1934,12 @@ type AdvisoryVulnerability struct {
 	Severity               *string               `json:"severity,omitempty"`
 	VulnerableVersionRange *string               `json:"vulnerable_version_range,omitempty"`
 	FirstPatchedVersion    *FirstPatchedVersion  `json:"first_patched_version,omitempty"`
+
+	// PatchedVersions and VulnerableFunctions are used in the following APIs:
+	// - https://docs.github.com/rest/security-advisories/repository-advisories#list-repository-security-advisories-for-an-organization
+	// - https://docs.github.com/rest/security-advisories/repository-advisories#list-repository-security-advisories
+	PatchedVersions     *string  `json:"patched_versions,omitempty"`
+	VulnerableFunctions []string `json:"vulnerable_functions,omitempty"`
 }
 
 // VulnerabilityPackage represents the package object for an Advisory Vulnerability.
@@ -1656,7 +1955,7 @@ type FirstPatchedVersion struct {
 
 // SecurityAdvisoryEvent is triggered when a security-related vulnerability is found in software on GitHub.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#security_advisory
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#security_advisory
 type SecurityAdvisoryEvent struct {
 	Action           *string           `json:"action,omitempty"`
 	SecurityAdvisory *SecurityAdvisory `json:"security_advisory,omitempty"`
@@ -1671,7 +1970,7 @@ type SecurityAdvisoryEvent struct {
 
 // CodeScanningAlertEvent is triggered when a code scanning finds a potential vulnerability or error in your code.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#code_scanning_alert
 type CodeScanningAlertEvent struct {
 	Action *string `json:"action,omitempty"`
 	Alert  *Alert  `json:"alert,omitempty"`
@@ -1684,3 +1983,27 @@ type CodeScanningAlertEvent struct {
 
 	Installation *Installation `json:"installation,omitempty"`
 }
+
+// SponsorshipEvent represents a sponsorship event in GitHub.
+//
+// GitHub API docs: https://docs.github.com/en/rest/overview/github-event-types?apiVersion=2022-11-28#sponsorshipevent
+type SponsorshipEvent struct {
+	Action        *string             `json:"action,omitempty"`
+	EffectiveDate *string             `json:"effective_date,omitempty"`
+	Changes       *SponsorshipChanges `json:"changes,omitempty"`
+	Repository    *Repository         `json:"repository,omitempty"`
+	Organization  *Organization       `json:"organization,omitempty"`
+	Sender        *User               `json:"sender,omitempty"`
+	Installation  *Installation       `json:"installation,omitempty"`
+}
+
+// SponsorshipChanges represents changes made to the sponsorship.
+type SponsorshipChanges struct {
+	Tier         *SponsorshipTier `json:"tier,omitempty"`
+	PrivacyLevel *string          `json:"privacy_level,omitempty"`
+}
+
+// SponsorshipTier represents the tier information of a sponsorship.
+type SponsorshipTier struct {
+	From *string `json:"from,omitempty"`
+}
diff --git a/vendor/github.com/google/go-github/v55/github/gists.go b/vendor/github.com/google/go-github/v72/github/gists.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/gists.go
rename to vendor/github.com/google/go-github/v72/github/gists.go
index 80961fcb90..ee4314b986 100644
--- a/vendor/github.com/google/go-github/v55/github/gists.go
+++ b/vendor/github.com/google/go-github/v72/github/gists.go
@@ -1,6 +1,6 @@
 // Copyright 2013 The go-github AUTHORS. All rights reserved.
 //
-// Use of this source code is governed by BSD-style
+// Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
 package github
@@ -14,7 +14,7 @@ import (
 // GistsService handles communication with the Gist related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists
+// GitHub API docs: https://docs.github.com/rest/gists
 type GistsService service
 
 // Gist represents a GitHub's gist.
@@ -96,8 +96,11 @@ type GistListOptions struct {
 // is authenticated, it will returns all gists for the authenticated
 // user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#list-gists-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#list-gists-for-a-user
+// GitHub API docs: https://docs.github.com/rest/gists/gists#list-gists-for-a-user
+// GitHub API docs: https://docs.github.com/rest/gists/gists#list-gists-for-the-authenticated-user
+//
+//meta:operation GET /gists
+//meta:operation GET /users/{username}/gists
 func (s *GistsService) List(ctx context.Context, user string, opts *GistListOptions) ([]*Gist, *Response, error) {
 	var u string
 	if user != "" {
@@ -126,7 +129,9 @@ func (s *GistsService) List(ctx context.Context, user string, opts *GistListOpti
 
 // ListAll lists all public gists.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#list-public-gists
+// GitHub API docs: https://docs.github.com/rest/gists/gists#list-public-gists
+//
+//meta:operation GET /gists/public
 func (s *GistsService) ListAll(ctx context.Context, opts *GistListOptions) ([]*Gist, *Response, error) {
 	u, err := addOptions("gists/public", opts)
 	if err != nil {
@@ -149,7 +154,9 @@ func (s *GistsService) ListAll(ctx context.Context, opts *GistListOptions) ([]*G
 
 // ListStarred lists starred gists of authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#list-starred-gists
+// GitHub API docs: https://docs.github.com/rest/gists/gists#list-starred-gists
+//
+//meta:operation GET /gists/starred
 func (s *GistsService) ListStarred(ctx context.Context, opts *GistListOptions) ([]*Gist, *Response, error) {
 	u, err := addOptions("gists/starred", opts)
 	if err != nil {
@@ -172,7 +179,9 @@ func (s *GistsService) ListStarred(ctx context.Context, opts *GistListOptions) (
 
 // Get a single gist.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#get-a-gist
+// GitHub API docs: https://docs.github.com/rest/gists/gists#get-a-gist
+//
+//meta:operation GET /gists/{gist_id}
 func (s *GistsService) Get(ctx context.Context, id string) (*Gist, *Response, error) {
 	u := fmt.Sprintf("gists/%v", id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -191,7 +200,9 @@ func (s *GistsService) Get(ctx context.Context, id string) (*Gist, *Response, er
 
 // GetRevision gets a specific revision of a gist.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#get-a-gist-revision
+// GitHub API docs: https://docs.github.com/rest/gists/gists#get-a-gist-revision
+//
+//meta:operation GET /gists/{gist_id}/{sha}
 func (s *GistsService) GetRevision(ctx context.Context, id, sha string) (*Gist, *Response, error) {
 	u := fmt.Sprintf("gists/%v/%v", id, sha)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -210,7 +221,9 @@ func (s *GistsService) GetRevision(ctx context.Context, id, sha string) (*Gist,
 
 // Create a gist for authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#create-a-gist
+// GitHub API docs: https://docs.github.com/rest/gists/gists#create-a-gist
+//
+//meta:operation POST /gists
 func (s *GistsService) Create(ctx context.Context, gist *Gist) (*Gist, *Response, error) {
 	u := "gists"
 	req, err := s.client.NewRequest("POST", u, gist)
@@ -229,7 +242,9 @@ func (s *GistsService) Create(ctx context.Context, gist *Gist) (*Gist, *Response
 
 // Edit a gist.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#update-a-gist
+// GitHub API docs: https://docs.github.com/rest/gists/gists#update-a-gist
+//
+//meta:operation PATCH /gists/{gist_id}
 func (s *GistsService) Edit(ctx context.Context, id string, gist *Gist) (*Gist, *Response, error) {
 	u := fmt.Sprintf("gists/%v", id)
 	req, err := s.client.NewRequest("PATCH", u, gist)
@@ -248,7 +263,9 @@ func (s *GistsService) Edit(ctx context.Context, id string, gist *Gist) (*Gist,
 
 // ListCommits lists commits of a gist.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#list-gist-commits
+// GitHub API docs: https://docs.github.com/rest/gists/gists#list-gist-commits
+//
+//meta:operation GET /gists/{gist_id}/commits
 func (s *GistsService) ListCommits(ctx context.Context, id string, opts *ListOptions) ([]*GistCommit, *Response, error) {
 	u := fmt.Sprintf("gists/%v/commits", id)
 	u, err := addOptions(u, opts)
@@ -272,7 +289,9 @@ func (s *GistsService) ListCommits(ctx context.Context, id string, opts *ListOpt
 
 // Delete a gist.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#delete-a-gist
+// GitHub API docs: https://docs.github.com/rest/gists/gists#delete-a-gist
+//
+//meta:operation DELETE /gists/{gist_id}
 func (s *GistsService) Delete(ctx context.Context, id string) (*Response, error) {
 	u := fmt.Sprintf("gists/%v", id)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -285,7 +304,9 @@ func (s *GistsService) Delete(ctx context.Context, id string) (*Response, error)
 
 // Star a gist on behalf of authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#star-a-gist
+// GitHub API docs: https://docs.github.com/rest/gists/gists#star-a-gist
+//
+//meta:operation PUT /gists/{gist_id}/star
 func (s *GistsService) Star(ctx context.Context, id string) (*Response, error) {
 	u := fmt.Sprintf("gists/%v/star", id)
 	req, err := s.client.NewRequest("PUT", u, nil)
@@ -298,7 +319,9 @@ func (s *GistsService) Star(ctx context.Context, id string) (*Response, error) {
 
 // Unstar a gist on a behalf of authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#unstar-a-gist
+// GitHub API docs: https://docs.github.com/rest/gists/gists#unstar-a-gist
+//
+//meta:operation DELETE /gists/{gist_id}/star
 func (s *GistsService) Unstar(ctx context.Context, id string) (*Response, error) {
 	u := fmt.Sprintf("gists/%v/star", id)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -311,7 +334,9 @@ func (s *GistsService) Unstar(ctx context.Context, id string) (*Response, error)
 
 // IsStarred checks if a gist is starred by authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#check-if-a-gist-is-starred
+// GitHub API docs: https://docs.github.com/rest/gists/gists#check-if-a-gist-is-starred
+//
+//meta:operation GET /gists/{gist_id}/star
 func (s *GistsService) IsStarred(ctx context.Context, id string) (bool, *Response, error) {
 	u := fmt.Sprintf("gists/%v/star", id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -326,7 +351,9 @@ func (s *GistsService) IsStarred(ctx context.Context, id string) (bool, *Respons
 
 // Fork a gist.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#fork-a-gist
+// GitHub API docs: https://docs.github.com/rest/gists/gists#fork-a-gist
+//
+//meta:operation POST /gists/{gist_id}/forks
 func (s *GistsService) Fork(ctx context.Context, id string) (*Gist, *Response, error) {
 	u := fmt.Sprintf("gists/%v/forks", id)
 	req, err := s.client.NewRequest("POST", u, nil)
@@ -345,7 +372,9 @@ func (s *GistsService) Fork(ctx context.Context, id string) (*Gist, *Response, e
 
 // ListForks lists forks of a gist.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/gists#list-gist-forks
+// GitHub API docs: https://docs.github.com/rest/gists/gists#list-gist-forks
+//
+//meta:operation GET /gists/{gist_id}/forks
 func (s *GistsService) ListForks(ctx context.Context, id string, opts *ListOptions) ([]*GistFork, *Response, error) {
 	u := fmt.Sprintf("gists/%v/forks", id)
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v55/github/gists_comments.go b/vendor/github.com/google/go-github/v72/github/gists_comments.go
similarity index 79%
rename from vendor/github.com/google/go-github/v55/github/gists_comments.go
rename to vendor/github.com/google/go-github/v72/github/gists_comments.go
index ee0fbfa45f..5e0614231b 100644
--- a/vendor/github.com/google/go-github/v55/github/gists_comments.go
+++ b/vendor/github.com/google/go-github/v72/github/gists_comments.go
@@ -25,7 +25,9 @@ func (g GistComment) String() string {
 
 // ListComments lists all comments for a gist.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/comments#list-gist-comments
+// GitHub API docs: https://docs.github.com/rest/gists/comments#list-gist-comments
+//
+//meta:operation GET /gists/{gist_id}/comments
 func (s *GistsService) ListComments(ctx context.Context, gistID string, opts *ListOptions) ([]*GistComment, *Response, error) {
 	u := fmt.Sprintf("gists/%v/comments", gistID)
 	u, err := addOptions(u, opts)
@@ -49,7 +51,9 @@ func (s *GistsService) ListComments(ctx context.Context, gistID string, opts *Li
 
 // GetComment retrieves a single comment from a gist.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/comments#get-a-gist-comment
+// GitHub API docs: https://docs.github.com/rest/gists/comments#get-a-gist-comment
+//
+//meta:operation GET /gists/{gist_id}/comments/{comment_id}
 func (s *GistsService) GetComment(ctx context.Context, gistID string, commentID int64) (*GistComment, *Response, error) {
 	u := fmt.Sprintf("gists/%v/comments/%v", gistID, commentID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -68,7 +72,9 @@ func (s *GistsService) GetComment(ctx context.Context, gistID string, commentID
 
 // CreateComment creates a comment for a gist.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/comments#create-a-gist-comment
+// GitHub API docs: https://docs.github.com/rest/gists/comments#create-a-gist-comment
+//
+//meta:operation POST /gists/{gist_id}/comments
 func (s *GistsService) CreateComment(ctx context.Context, gistID string, comment *GistComment) (*GistComment, *Response, error) {
 	u := fmt.Sprintf("gists/%v/comments", gistID)
 	req, err := s.client.NewRequest("POST", u, comment)
@@ -87,7 +93,9 @@ func (s *GistsService) CreateComment(ctx context.Context, gistID string, comment
 
 // EditComment edits an existing gist comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/comments#update-a-gist-comment
+// GitHub API docs: https://docs.github.com/rest/gists/comments#update-a-gist-comment
+//
+//meta:operation PATCH /gists/{gist_id}/comments/{comment_id}
 func (s *GistsService) EditComment(ctx context.Context, gistID string, commentID int64, comment *GistComment) (*GistComment, *Response, error) {
 	u := fmt.Sprintf("gists/%v/comments/%v", gistID, commentID)
 	req, err := s.client.NewRequest("PATCH", u, comment)
@@ -106,7 +114,9 @@ func (s *GistsService) EditComment(ctx context.Context, gistID string, commentID
 
 // DeleteComment deletes a gist comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gists/comments#delete-a-gist-comment
+// GitHub API docs: https://docs.github.com/rest/gists/comments#delete-a-gist-comment
+//
+//meta:operation DELETE /gists/{gist_id}/comments/{comment_id}
 func (s *GistsService) DeleteComment(ctx context.Context, gistID string, commentID int64) (*Response, error) {
 	u := fmt.Sprintf("gists/%v/comments/%v", gistID, commentID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/git.go b/vendor/github.com/google/go-github/v72/github/git.go
similarity index 84%
rename from vendor/github.com/google/go-github/v55/github/git.go
rename to vendor/github.com/google/go-github/v72/github/git.go
index 8960de7b14..2ca835e1b5 100644
--- a/vendor/github.com/google/go-github/v55/github/git.go
+++ b/vendor/github.com/google/go-github/v72/github/git.go
@@ -8,5 +8,5 @@ package github
 // GitService handles communication with the git data related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/
+// GitHub API docs: https://docs.github.com/rest/git/
 type GitService service
diff --git a/vendor/github.com/google/go-github/v55/github/git_blobs.go b/vendor/github.com/google/go-github/v72/github/git_blobs.go
similarity index 83%
rename from vendor/github.com/google/go-github/v55/github/git_blobs.go
rename to vendor/github.com/google/go-github/v72/github/git_blobs.go
index da0485ccbe..d890428889 100644
--- a/vendor/github.com/google/go-github/v55/github/git_blobs.go
+++ b/vendor/github.com/google/go-github/v72/github/git_blobs.go
@@ -23,7 +23,9 @@ type Blob struct {
 
 // GetBlob fetches a blob from a repo given a SHA.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/blobs#get-a-blob
+// GitHub API docs: https://docs.github.com/rest/git/blobs#get-a-blob
+//
+//meta:operation GET /repos/{owner}/{repo}/git/blobs/{file_sha}
 func (s *GitService) GetBlob(ctx context.Context, owner string, repo string, sha string) (*Blob, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/git/blobs/%v", owner, repo, sha)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -43,7 +45,9 @@ func (s *GitService) GetBlob(ctx context.Context, owner string, repo string, sha
 // GetBlobRaw fetches a blob's contents from a repo.
 // Unlike GetBlob, it returns the raw bytes rather than the base64-encoded data.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/blobs#get-a-blob
+// GitHub API docs: https://docs.github.com/rest/git/blobs#get-a-blob
+//
+//meta:operation GET /repos/{owner}/{repo}/git/blobs/{file_sha}
 func (s *GitService) GetBlobRaw(ctx context.Context, owner, repo, sha string) ([]byte, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/git/blobs/%v", owner, repo, sha)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -64,7 +68,9 @@ func (s *GitService) GetBlobRaw(ctx context.Context, owner, repo, sha string) ([
 
 // CreateBlob creates a blob object.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/blobs#create-a-blob
+// GitHub API docs: https://docs.github.com/rest/git/blobs#create-a-blob
+//
+//meta:operation POST /repos/{owner}/{repo}/git/blobs
 func (s *GitService) CreateBlob(ctx context.Context, owner string, repo string, blob *Blob) (*Blob, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/git/blobs", owner, repo)
 	req, err := s.client.NewRequest("POST", u, blob)
diff --git a/vendor/github.com/google/go-github/v55/github/git_commits.go b/vendor/github.com/google/go-github/v72/github/git_commits.go
similarity index 75%
rename from vendor/github.com/google/go-github/v55/github/git_commits.go
rename to vendor/github.com/google/go-github/v72/github/git_commits.go
index 862837c0d5..d7ed3ecbec 100644
--- a/vendor/github.com/google/go-github/v55/github/git_commits.go
+++ b/vendor/github.com/google/go-github/v72/github/git_commits.go
@@ -10,9 +10,8 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"io"
 	"strings"
-
-	"github.com/ProtonMail/go-crypto/openpgp"
 )
 
 // SignatureVerification represents GPG signature verification.
@@ -23,6 +22,25 @@ type SignatureVerification struct {
 	Payload   *string `json:"payload,omitempty"`
 }
 
+// MessageSigner is used by GitService.CreateCommit to sign a commit.
+//
+// To create a MessageSigner that signs a commit with a [golang.org/x/crypto/openpgp.Entity],
+// or [github.com/ProtonMail/go-crypto/openpgp.Entity], use:
+//
+//	commit.Signer = github.MessageSignerFunc(func(w io.Writer, r io.Reader) error {
+//		return openpgp.ArmoredDetachSign(w, openpgpEntity, r, nil)
+//	})
+type MessageSigner interface {
+	Sign(w io.Writer, r io.Reader) error
+}
+
+// MessageSignerFunc is a single function implementation of MessageSigner.
+type MessageSignerFunc func(w io.Writer, r io.Reader) error
+
+func (f MessageSignerFunc) Sign(w io.Writer, r io.Reader) error {
+	return f(w, r)
+}
+
 // Commit represents a GitHub commit.
 type Commit struct {
 	SHA          *string                `json:"sha,omitempty"`
@@ -31,7 +49,6 @@ type Commit struct {
 	Message      *string                `json:"message,omitempty"`
 	Tree         *Tree                  `json:"tree,omitempty"`
 	Parents      []*Commit              `json:"parents,omitempty"`
-	Stats        *CommitStats           `json:"stats,omitempty"`
 	HTMLURL      *string                `json:"html_url,omitempty"`
 	URL          *string                `json:"url,omitempty"`
 	Verification *SignatureVerification `json:"verification,omitempty"`
@@ -41,11 +58,6 @@ type Commit struct {
 	// is only populated for requests that fetch GitHub data like
 	// Pulls.ListCommits, Repositories.ListCommits, etc.
 	CommentCount *int `json:"comment_count,omitempty"`
-
-	// SigningKey denotes a key to sign the commit with. If not nil this key will
-	// be used to sign the commit. The private key must be present and already
-	// decrypted. Ignored if Verification.Signature is defined.
-	SigningKey *openpgp.Entity `json:"-"`
 }
 
 func (c Commit) String() string {
@@ -69,7 +81,9 @@ func (c CommitAuthor) String() string {
 
 // GetCommit fetches the Commit object for a given SHA.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/commits#get-a-commit
+// GitHub API docs: https://docs.github.com/rest/git/commits#get-a-commit-object
+//
+//meta:operation GET /repos/{owner}/{repo}/git/commits/{commit_sha}
 func (s *GitService) GetCommit(ctx context.Context, owner string, repo string, sha string) (*Commit, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/git/commits/%v", owner, repo, sha)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -96,6 +110,12 @@ type createCommit struct {
 	Signature *string       `json:"signature,omitempty"`
 }
 
+type CreateCommitOptions struct {
+	// CreateCommit will sign the commit with this signer. See MessageSigner doc for more details.
+	// Ignored on commits where Verification.Signature is defined.
+	Signer MessageSigner
+}
+
 // CreateCommit creates a new commit in a repository.
 // commit must not be nil.
 //
@@ -103,10 +123,15 @@ type createCommit struct {
 // data if omitted. If the commit.Author is omitted, it will be filled in with
 // the authenticated user’s information and the current date.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/commits#create-a-commit
-func (s *GitService) CreateCommit(ctx context.Context, owner string, repo string, commit *Commit) (*Commit, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/git/commits#create-a-commit
+//
+//meta:operation POST /repos/{owner}/{repo}/git/commits
+func (s *GitService) CreateCommit(ctx context.Context, owner string, repo string, commit *Commit, opts *CreateCommitOptions) (*Commit, *Response, error) {
 	if commit == nil {
-		return nil, nil, fmt.Errorf("commit must be provided")
+		return nil, nil, errors.New("commit must be provided")
+	}
+	if opts == nil {
+		opts = &CreateCommitOptions{}
 	}
 
 	u := fmt.Sprintf("repos/%v/%v/git/commits", owner, repo)
@@ -125,16 +150,16 @@ func (s *GitService) CreateCommit(ctx context.Context, owner string, repo string
 	if commit.Tree != nil {
 		body.Tree = commit.Tree.SHA
 	}
-	if commit.SigningKey != nil {
-		signature, err := createSignature(commit.SigningKey, body)
+	switch {
+	case commit.Verification != nil:
+		body.Signature = commit.Verification.Signature
+	case opts.Signer != nil:
+		signature, err := createSignature(opts.Signer, body)
 		if err != nil {
 			return nil, nil, err
 		}
 		body.Signature = &signature
 	}
-	if commit.Verification != nil {
-		body.Signature = commit.Verification.Signature
-	}
 
 	req, err := s.client.NewRequest("POST", u, body)
 	if err != nil {
@@ -150,8 +175,8 @@ func (s *GitService) CreateCommit(ctx context.Context, owner string, repo string
 	return c, resp, nil
 }
 
-func createSignature(signingKey *openpgp.Entity, commit *createCommit) (string, error) {
-	if signingKey == nil || commit == nil {
+func createSignature(signer MessageSigner, commit *createCommit) (string, error) {
+	if signer == nil {
 		return "", errors.New("createSignature: invalid parameters")
 	}
 
@@ -160,9 +185,9 @@ func createSignature(signingKey *openpgp.Entity, commit *createCommit) (string,
 		return "", err
 	}
 
-	writer := new(bytes.Buffer)
-	reader := bytes.NewReader([]byte(message))
-	if err := openpgp.ArmoredDetachSign(writer, signingKey, reader, nil); err != nil {
+	var writer bytes.Buffer
+	err = signer.Sign(&writer, strings.NewReader(message))
+	if err != nil {
 		return "", err
 	}
 
diff --git a/vendor/github.com/google/go-github/v55/github/git_refs.go b/vendor/github.com/google/go-github/v72/github/git_refs.go
similarity index 85%
rename from vendor/github.com/google/go-github/v55/github/git_refs.go
rename to vendor/github.com/google/go-github/v72/github/git_refs.go
index e839c30f66..91eb6dd43f 100644
--- a/vendor/github.com/google/go-github/v55/github/git_refs.go
+++ b/vendor/github.com/google/go-github/v72/github/git_refs.go
@@ -49,7 +49,9 @@ type updateRefRequest struct {
 
 // GetRef fetches a single reference in a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/refs#get-a-reference
+// GitHub API docs: https://docs.github.com/rest/git/refs#get-a-reference
+//
+//meta:operation GET /repos/{owner}/{repo}/git/ref/{ref}
 func (s *GitService) GetRef(ctx context.Context, owner string, repo string, ref string) (*Reference, *Response, error) {
 	ref = strings.TrimPrefix(ref, "refs/")
 	u := fmt.Sprintf("repos/%v/%v/git/ref/%v", owner, repo, refURLEscape(ref))
@@ -88,7 +90,9 @@ type ReferenceListOptions struct {
 // ListMatchingRefs lists references in a repository that match a supplied ref.
 // Use an empty ref to list all references.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/refs#list-matching-references
+// GitHub API docs: https://docs.github.com/rest/git/refs#list-matching-references
+//
+//meta:operation GET /repos/{owner}/{repo}/git/matching-refs/{ref}
 func (s *GitService) ListMatchingRefs(ctx context.Context, owner, repo string, opts *ReferenceListOptions) ([]*Reference, *Response, error) {
 	var ref string
 	if opts != nil {
@@ -116,12 +120,14 @@ func (s *GitService) ListMatchingRefs(ctx context.Context, owner, repo string, o
 
 // CreateRef creates a new ref in a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/refs#create-a-reference
+// GitHub API docs: https://docs.github.com/rest/git/refs#create-a-reference
+//
+//meta:operation POST /repos/{owner}/{repo}/git/refs
 func (s *GitService) CreateRef(ctx context.Context, owner string, repo string, ref *Reference) (*Reference, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/git/refs", owner, repo)
 	req, err := s.client.NewRequest("POST", u, &createRefRequest{
 		// back-compat with previous behavior that didn't require 'refs/' prefix
-		Ref: String("refs/" + strings.TrimPrefix(*ref.Ref, "refs/")),
+		Ref: Ptr("refs/" + strings.TrimPrefix(*ref.Ref, "refs/")),
 		SHA: ref.Object.SHA,
 	})
 	if err != nil {
@@ -139,7 +145,9 @@ func (s *GitService) CreateRef(ctx context.Context, owner string, repo string, r
 
 // UpdateRef updates an existing ref in a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/refs#update-a-reference
+// GitHub API docs: https://docs.github.com/rest/git/refs#update-a-reference
+//
+//meta:operation PATCH /repos/{owner}/{repo}/git/refs/{ref}
 func (s *GitService) UpdateRef(ctx context.Context, owner string, repo string, ref *Reference, force bool) (*Reference, *Response, error) {
 	refPath := strings.TrimPrefix(*ref.Ref, "refs/")
 	u := fmt.Sprintf("repos/%v/%v/git/refs/%v", owner, repo, refURLEscape(refPath))
@@ -162,7 +170,9 @@ func (s *GitService) UpdateRef(ctx context.Context, owner string, repo string, r
 
 // DeleteRef deletes a ref from a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/refs#delete-a-reference
+// GitHub API docs: https://docs.github.com/rest/git/refs#delete-a-reference
+//
+//meta:operation DELETE /repos/{owner}/{repo}/git/refs/{ref}
 func (s *GitService) DeleteRef(ctx context.Context, owner string, repo string, ref string) (*Response, error) {
 	ref = strings.TrimPrefix(ref, "refs/")
 	u := fmt.Sprintf("repos/%v/%v/git/refs/%v", owner, repo, refURLEscape(ref))
diff --git a/vendor/github.com/google/go-github/v55/github/git_tags.go b/vendor/github.com/google/go-github/v72/github/git_tags.go
similarity index 89%
rename from vendor/github.com/google/go-github/v55/github/git_tags.go
rename to vendor/github.com/google/go-github/v72/github/git_tags.go
index 30d7b2c2d2..67321566f7 100644
--- a/vendor/github.com/google/go-github/v55/github/git_tags.go
+++ b/vendor/github.com/google/go-github/v72/github/git_tags.go
@@ -35,7 +35,9 @@ type createTagRequest struct {
 
 // GetTag fetches a tag from a repo given a SHA.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/tags#get-a-tag
+// GitHub API docs: https://docs.github.com/rest/git/tags#get-a-tag
+//
+//meta:operation GET /repos/{owner}/{repo}/git/tags/{tag_sha}
 func (s *GitService) GetTag(ctx context.Context, owner string, repo string, sha string) (*Tag, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/git/tags/%v", owner, repo, sha)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -54,7 +56,9 @@ func (s *GitService) GetTag(ctx context.Context, owner string, repo string, sha
 
 // CreateTag creates a tag object.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/tags#create-a-tag-object
+// GitHub API docs: https://docs.github.com/rest/git/tags#create-a-tag-object
+//
+//meta:operation POST /repos/{owner}/{repo}/git/tags
 func (s *GitService) CreateTag(ctx context.Context, owner string, repo string, tag *Tag) (*Tag, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/git/tags", owner, repo)
 
diff --git a/vendor/github.com/google/go-github/v55/github/git_trees.go b/vendor/github.com/google/go-github/v72/github/git_trees.go
similarity index 94%
rename from vendor/github.com/google/go-github/v55/github/git_trees.go
rename to vendor/github.com/google/go-github/v72/github/git_trees.go
index db28976e03..b8eed58e13 100644
--- a/vendor/github.com/google/go-github/v55/github/git_trees.go
+++ b/vendor/github.com/google/go-github/v72/github/git_trees.go
@@ -93,7 +93,9 @@ func (t *TreeEntry) MarshalJSON() ([]byte, error) {
 
 // GetTree fetches the Tree object for a given sha hash from a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/trees#get-a-tree
+// GitHub API docs: https://docs.github.com/rest/git/trees#get-a-tree
+//
+//meta:operation GET /repos/{owner}/{repo}/git/trees/{tree_sha}
 func (s *GitService) GetTree(ctx context.Context, owner string, repo string, sha string, recursive bool) (*Tree, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/git/trees/%v", owner, repo, sha)
 	if recursive {
@@ -124,7 +126,9 @@ type createTree struct {
 // path modifying that tree are specified, it will overwrite the contents of
 // that tree with the new path contents and write a new tree out.
 //
-// GitHub API docs: https://docs.github.com/en/rest/git/trees#create-a-tree
+// GitHub API docs: https://docs.github.com/rest/git/trees#create-a-tree
+//
+//meta:operation POST /repos/{owner}/{repo}/git/trees
 func (s *GitService) CreateTree(ctx context.Context, owner string, repo string, baseTree string, entries []*TreeEntry) (*Tree, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/git/trees", owner, repo)
 
diff --git a/vendor/github.com/google/go-github/v55/github/github-accessors.go b/vendor/github.com/google/go-github/v72/github/github-accessors.go
similarity index 79%
rename from vendor/github.com/google/go-github/v55/github/github-accessors.go
rename to vendor/github.com/google/go-github/v72/github/github-accessors.go
index 560e0892ed..6378b40b44 100644
--- a/vendor/github.com/google/go-github/v55/github/github-accessors.go
+++ b/vendor/github.com/google/go-github/v72/github/github-accessors.go
@@ -150,6 +150,30 @@ func (a *ActionsPermissions) GetSelectedActionsURL() string {
 	return *a.SelectedActionsURL
 }
 
+// GetAllowedActions returns the AllowedActions field if it's non-nil, zero value otherwise.
+func (a *ActionsPermissionsEnterprise) GetAllowedActions() string {
+	if a == nil || a.AllowedActions == nil {
+		return ""
+	}
+	return *a.AllowedActions
+}
+
+// GetEnabledOrganizations returns the EnabledOrganizations field if it's non-nil, zero value otherwise.
+func (a *ActionsPermissionsEnterprise) GetEnabledOrganizations() string {
+	if a == nil || a.EnabledOrganizations == nil {
+		return ""
+	}
+	return *a.EnabledOrganizations
+}
+
+// GetSelectedActionsURL returns the SelectedActionsURL field if it's non-nil, zero value otherwise.
+func (a *ActionsPermissionsEnterprise) GetSelectedActionsURL() string {
+	if a == nil || a.SelectedActionsURL == nil {
+		return ""
+	}
+	return *a.SelectedActionsURL
+}
+
 // GetAllowedActions returns the AllowedActions field if it's non-nil, zero value otherwise.
 func (a *ActionsPermissionsRepository) GetAllowedActions() string {
 	if a == nil || a.AllowedActions == nil {
@@ -414,6 +438,14 @@ func (a *AdvisoryVulnerability) GetPackage() *VulnerabilityPackage {
 	return a.Package
 }
 
+// GetPatchedVersions returns the PatchedVersions field if it's non-nil, zero value otherwise.
+func (a *AdvisoryVulnerability) GetPatchedVersions() string {
+	if a == nil || a.PatchedVersions == nil {
+		return ""
+	}
+	return *a.PatchedVersions
+}
+
 // GetSeverity returns the Severity field if it's non-nil, zero value otherwise.
 func (a *AdvisoryVulnerability) GetSeverity() string {
 	if a == nil || a.Severity == nil {
@@ -630,6 +662,14 @@ func (a *AnalysesListOptions) GetSarifID() string {
 	return *a.SarifID
 }
 
+// GetDomains returns the Domains field.
+func (a *APIMeta) GetDomains() *APIMetaDomains {
+	if a == nil {
+		return nil
+	}
+	return a.Domains
+}
+
 // GetSSHKeyFingerprints returns the SSHKeyFingerprints map if it's non-nil, an empty map otherwise.
 func (a *APIMeta) GetSSHKeyFingerprints() map[string]string {
 	if a == nil || a.SSHKeyFingerprints == nil {
@@ -646,6 +686,14 @@ func (a *APIMeta) GetVerifiablePasswordAuthentication() bool {
 	return *a.VerifiablePasswordAuthentication
 }
 
+// GetArtifactAttestations returns the ArtifactAttestations field.
+func (a *APIMetaDomains) GetArtifactAttestations() *APIMetaArtifactAttestations {
+	if a == nil {
+		return nil
+	}
+	return a.ArtifactAttestations
+}
+
 // GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
 func (a *App) GetCreatedAt() Timestamp {
 	if a == nil || a.CreatedAt == nil {
@@ -1038,22 +1086,6 @@ func (a *AuditEntry) GetAction() string {
 	return *a.Action
 }
 
-// GetActive returns the Active field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetActive() bool {
-	if a == nil || a.Active == nil {
-		return false
-	}
-	return *a.Active
-}
-
-// GetActiveWas returns the ActiveWas field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetActiveWas() bool {
-	if a == nil || a.ActiveWas == nil {
-		return false
-	}
-	return *a.ActiveWas
-}
-
 // GetActor returns the Actor field if it's non-nil, zero value otherwise.
 func (a *AuditEntry) GetActor() string {
 	if a == nil || a.Actor == nil {
@@ -1062,12 +1094,12 @@ func (a *AuditEntry) GetActor() string {
 	return *a.Actor
 }
 
-// GetActorIP returns the ActorIP field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetActorIP() string {
-	if a == nil || a.ActorIP == nil {
-		return ""
+// GetActorID returns the ActorID field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetActorID() int64 {
+	if a == nil || a.ActorID == nil {
+		return 0
 	}
-	return *a.ActorIP
+	return *a.ActorID
 }
 
 // GetActorLocation returns the ActorLocation field.
@@ -1078,14 +1110,6 @@ func (a *AuditEntry) GetActorLocation() *ActorLocation {
 	return a.ActorLocation
 }
 
-// GetBlockedUser returns the BlockedUser field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetBlockedUser() string {
-	if a == nil || a.BlockedUser == nil {
-		return ""
-	}
-	return *a.BlockedUser
-}
-
 // GetBusiness returns the Business field if it's non-nil, zero value otherwise.
 func (a *AuditEntry) GetBusiness() string {
 	if a == nil || a.Business == nil {
@@ -1094,120 +1118,128 @@ func (a *AuditEntry) GetBusiness() string {
 	return *a.Business
 }
 
-// GetCancelledAt returns the CancelledAt field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetCancelledAt() Timestamp {
-	if a == nil || a.CancelledAt == nil {
-		return Timestamp{}
+// GetBusinessID returns the BusinessID field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetBusinessID() int64 {
+	if a == nil || a.BusinessID == nil {
+		return 0
 	}
-	return *a.CancelledAt
+	return *a.BusinessID
 }
 
-// GetCompletedAt returns the CompletedAt field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetCompletedAt() Timestamp {
-	if a == nil || a.CompletedAt == nil {
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetCreatedAt() Timestamp {
+	if a == nil || a.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *a.CompletedAt
+	return *a.CreatedAt
 }
 
-// GetConclusion returns the Conclusion field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetConclusion() string {
-	if a == nil || a.Conclusion == nil {
+// GetDocumentID returns the DocumentID field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetDocumentID() string {
+	if a == nil || a.DocumentID == nil {
 		return ""
 	}
-	return *a.Conclusion
+	return *a.DocumentID
 }
 
-// GetConfig returns the Config field.
-func (a *AuditEntry) GetConfig() *HookConfig {
-	if a == nil {
-		return nil
+// GetExternalIdentityNameID returns the ExternalIdentityNameID field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetExternalIdentityNameID() string {
+	if a == nil || a.ExternalIdentityNameID == nil {
+		return ""
 	}
-	return a.Config
+	return *a.ExternalIdentityNameID
 }
 
-// GetConfigWas returns the ConfigWas field.
-func (a *AuditEntry) GetConfigWas() *HookConfig {
-	if a == nil {
-		return nil
+// GetExternalIdentityUsername returns the ExternalIdentityUsername field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetExternalIdentityUsername() string {
+	if a == nil || a.ExternalIdentityUsername == nil {
+		return ""
 	}
-	return a.ConfigWas
+	return *a.ExternalIdentityUsername
 }
 
-// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetContentType() string {
-	if a == nil || a.ContentType == nil {
+// GetHashedToken returns the HashedToken field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetHashedToken() string {
+	if a == nil || a.HashedToken == nil {
 		return ""
 	}
-	return *a.ContentType
+	return *a.HashedToken
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetCreatedAt() Timestamp {
-	if a == nil || a.CreatedAt == nil {
-		return Timestamp{}
+// GetOrg returns the Org field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetOrg() string {
+	if a == nil || a.Org == nil {
+		return ""
 	}
-	return *a.CreatedAt
+	return *a.Org
 }
 
-// GetData returns the Data field.
-func (a *AuditEntry) GetData() *AuditEntryData {
-	if a == nil {
-		return nil
+// GetOrgID returns the OrgID field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetOrgID() int64 {
+	if a == nil || a.OrgID == nil {
+		return 0
 	}
-	return a.Data
+	return *a.OrgID
 }
 
-// GetDeployKeyFingerprint returns the DeployKeyFingerprint field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetDeployKeyFingerprint() string {
-	if a == nil || a.DeployKeyFingerprint == nil {
-		return ""
+// GetTimestamp returns the Timestamp field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetTimestamp() Timestamp {
+	if a == nil || a.Timestamp == nil {
+		return Timestamp{}
 	}
-	return *a.DeployKeyFingerprint
+	return *a.Timestamp
 }
 
-// GetDocumentID returns the DocumentID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetDocumentID() string {
-	if a == nil || a.DocumentID == nil {
-		return ""
+// GetTokenID returns the TokenID field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetTokenID() int64 {
+	if a == nil || a.TokenID == nil {
+		return 0
 	}
-	return *a.DocumentID
+	return *a.TokenID
 }
 
-// GetEmoji returns the Emoji field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetEmoji() string {
-	if a == nil || a.Emoji == nil {
+// GetTokenScopes returns the TokenScopes field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetTokenScopes() string {
+	if a == nil || a.TokenScopes == nil {
 		return ""
 	}
-	return *a.Emoji
+	return *a.TokenScopes
 }
 
-// GetEnvironmentName returns the EnvironmentName field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetEnvironmentName() string {
-	if a == nil || a.EnvironmentName == nil {
+// GetUser returns the User field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetUser() string {
+	if a == nil || a.User == nil {
 		return ""
 	}
-	return *a.EnvironmentName
+	return *a.User
 }
 
-// GetEvent returns the Event field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetEvent() string {
-	if a == nil || a.Event == nil {
-		return ""
+// GetUserID returns the UserID field if it's non-nil, zero value otherwise.
+func (a *AuditEntry) GetUserID() int64 {
+	if a == nil || a.UserID == nil {
+		return 0
 	}
-	return *a.Event
+	return *a.UserID
 }
 
-// GetExplanation returns the Explanation field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetExplanation() string {
-	if a == nil || a.Explanation == nil {
-		return ""
+// GetApp returns the App field.
+func (a *Authorization) GetApp() *AuthorizationApp {
+	if a == nil {
+		return nil
+	}
+	return a.App
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (a *Authorization) GetCreatedAt() Timestamp {
+	if a == nil || a.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *a.Explanation
+	return *a.CreatedAt
 }
 
 // GetFingerprint returns the Fingerprint field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetFingerprint() string {
+func (a *Authorization) GetFingerprint() string {
 	if a == nil || a.Fingerprint == nil {
 		return ""
 	}
@@ -1215,1827 +1247,1715 @@ func (a *AuditEntry) GetFingerprint() string {
 }
 
 // GetHashedToken returns the HashedToken field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetHashedToken() string {
+func (a *Authorization) GetHashedToken() string {
 	if a == nil || a.HashedToken == nil {
 		return ""
 	}
 	return *a.HashedToken
 }
 
-// GetHeadBranch returns the HeadBranch field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetHeadBranch() string {
-	if a == nil || a.HeadBranch == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (a *Authorization) GetID() int64 {
+	if a == nil || a.ID == nil {
+		return 0
 	}
-	return *a.HeadBranch
+	return *a.ID
 }
 
-// GetHeadSHA returns the HeadSHA field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetHeadSHA() string {
-	if a == nil || a.HeadSHA == nil {
+// GetNote returns the Note field if it's non-nil, zero value otherwise.
+func (a *Authorization) GetNote() string {
+	if a == nil || a.Note == nil {
 		return ""
 	}
-	return *a.HeadSHA
+	return *a.Note
 }
 
-// GetHookID returns the HookID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetHookID() int64 {
-	if a == nil || a.HookID == nil {
-		return 0
+// GetNoteURL returns the NoteURL field if it's non-nil, zero value otherwise.
+func (a *Authorization) GetNoteURL() string {
+	if a == nil || a.NoteURL == nil {
+		return ""
 	}
-	return *a.HookID
+	return *a.NoteURL
 }
 
-// GetIsHostedRunner returns the IsHostedRunner field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetIsHostedRunner() bool {
-	if a == nil || a.IsHostedRunner == nil {
-		return false
+// GetToken returns the Token field if it's non-nil, zero value otherwise.
+func (a *Authorization) GetToken() string {
+	if a == nil || a.Token == nil {
+		return ""
 	}
-	return *a.IsHostedRunner
+	return *a.Token
 }
 
-// GetJobName returns the JobName field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetJobName() string {
-	if a == nil || a.JobName == nil {
+// GetTokenLastEight returns the TokenLastEight field if it's non-nil, zero value otherwise.
+func (a *Authorization) GetTokenLastEight() string {
+	if a == nil || a.TokenLastEight == nil {
 		return ""
 	}
-	return *a.JobName
+	return *a.TokenLastEight
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (a *Authorization) GetUpdatedAt() Timestamp {
+	if a == nil || a.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *a.UpdatedAt
 }
 
-// GetJobWorkflowRef returns the JobWorkflowRef field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetJobWorkflowRef() string {
-	if a == nil || a.JobWorkflowRef == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (a *Authorization) GetURL() string {
+	if a == nil || a.URL == nil {
 		return ""
 	}
-	return *a.JobWorkflowRef
+	return *a.URL
 }
 
-// GetLimitedAvailability returns the LimitedAvailability field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetLimitedAvailability() bool {
-	if a == nil || a.LimitedAvailability == nil {
-		return false
+// GetUser returns the User field.
+func (a *Authorization) GetUser() *User {
+	if a == nil {
+		return nil
 	}
-	return *a.LimitedAvailability
+	return a.User
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetMessage() string {
-	if a == nil || a.Message == nil {
+// GetClientID returns the ClientID field if it's non-nil, zero value otherwise.
+func (a *AuthorizationApp) GetClientID() string {
+	if a == nil || a.ClientID == nil {
 		return ""
 	}
-	return *a.Message
+	return *a.ClientID
 }
 
 // GetName returns the Name field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetName() string {
+func (a *AuthorizationApp) GetName() string {
 	if a == nil || a.Name == nil {
 		return ""
 	}
 	return *a.Name
 }
 
-// GetOAuthApplicationID returns the OAuthApplicationID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetOAuthApplicationID() int64 {
-	if a == nil || a.OAuthApplicationID == nil {
-		return 0
-	}
-	return *a.OAuthApplicationID
-}
-
-// GetOldPermission returns the OldPermission field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetOldPermission() string {
-	if a == nil || a.OldPermission == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (a *AuthorizationApp) GetURL() string {
+	if a == nil || a.URL == nil {
 		return ""
 	}
-	return *a.OldPermission
+	return *a.URL
 }
 
-// GetOldUser returns the OldUser field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetOldUser() string {
-	if a == nil || a.OldUser == nil {
+// GetClientID returns the ClientID field if it's non-nil, zero value otherwise.
+func (a *AuthorizationRequest) GetClientID() string {
+	if a == nil || a.ClientID == nil {
 		return ""
 	}
-	return *a.OldUser
+	return *a.ClientID
 }
 
-// GetOpenSSHPublicKey returns the OpenSSHPublicKey field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetOpenSSHPublicKey() string {
-	if a == nil || a.OpenSSHPublicKey == nil {
+// GetClientSecret returns the ClientSecret field if it's non-nil, zero value otherwise.
+func (a *AuthorizationRequest) GetClientSecret() string {
+	if a == nil || a.ClientSecret == nil {
 		return ""
 	}
-	return *a.OpenSSHPublicKey
+	return *a.ClientSecret
 }
 
-// GetOperationType returns the OperationType field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetOperationType() string {
-	if a == nil || a.OperationType == nil {
+// GetFingerprint returns the Fingerprint field if it's non-nil, zero value otherwise.
+func (a *AuthorizationRequest) GetFingerprint() string {
+	if a == nil || a.Fingerprint == nil {
 		return ""
 	}
-	return *a.OperationType
+	return *a.Fingerprint
 }
 
-// GetOrg returns the Org field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetOrg() string {
-	if a == nil || a.Org == nil {
+// GetNote returns the Note field if it's non-nil, zero value otherwise.
+func (a *AuthorizationRequest) GetNote() string {
+	if a == nil || a.Note == nil {
 		return ""
 	}
-	return *a.Org
+	return *a.Note
 }
 
-// GetOrgID returns the OrgID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetOrgID() int64 {
-	if a == nil || a.OrgID == nil {
-		return 0
+// GetNoteURL returns the NoteURL field if it's non-nil, zero value otherwise.
+func (a *AuthorizationRequest) GetNoteURL() string {
+	if a == nil || a.NoteURL == nil {
+		return ""
 	}
-	return *a.OrgID
+	return *a.NoteURL
 }
 
-// GetPermission returns the Permission field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetPermission() string {
-	if a == nil || a.Permission == nil {
+// GetFingerprint returns the Fingerprint field if it's non-nil, zero value otherwise.
+func (a *AuthorizationUpdateRequest) GetFingerprint() string {
+	if a == nil || a.Fingerprint == nil {
 		return ""
 	}
-	return *a.Permission
+	return *a.Fingerprint
 }
 
-// GetPreviousVisibility returns the PreviousVisibility field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetPreviousVisibility() string {
-	if a == nil || a.PreviousVisibility == nil {
+// GetNote returns the Note field if it's non-nil, zero value otherwise.
+func (a *AuthorizationUpdateRequest) GetNote() string {
+	if a == nil || a.Note == nil {
 		return ""
 	}
-	return *a.PreviousVisibility
+	return *a.Note
 }
 
-// GetProgrammaticAccessType returns the ProgrammaticAccessType field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetProgrammaticAccessType() string {
-	if a == nil || a.ProgrammaticAccessType == nil {
+// GetNoteURL returns the NoteURL field if it's non-nil, zero value otherwise.
+func (a *AuthorizationUpdateRequest) GetNoteURL() string {
+	if a == nil || a.NoteURL == nil {
 		return ""
 	}
-	return *a.ProgrammaticAccessType
+	return *a.NoteURL
 }
 
-// GetPullRequestID returns the PullRequestID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetPullRequestID() int64 {
-	if a == nil || a.PullRequestID == nil {
-		return 0
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (a *AuthorizedActorsOnly) GetFrom() bool {
+	if a == nil || a.From == nil {
+		return false
 	}
-	return *a.PullRequestID
+	return *a.From
 }
 
-// GetPullRequestTitle returns the PullRequestTitle field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetPullRequestTitle() string {
-	if a == nil || a.PullRequestTitle == nil {
-		return ""
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (a *AuthorizedDismissalActorsOnlyChanges) GetFrom() bool {
+	if a == nil || a.From == nil {
+		return false
 	}
-	return *a.PullRequestTitle
+	return *a.From
 }
 
-// GetPullRequestURL returns the PullRequestURL field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetPullRequestURL() string {
-	if a == nil || a.PullRequestURL == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (a *Autolink) GetID() int64 {
+	if a == nil || a.ID == nil {
+		return 0
 	}
-	return *a.PullRequestURL
+	return *a.ID
 }
 
-// GetReadOnly returns the ReadOnly field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetReadOnly() string {
-	if a == nil || a.ReadOnly == nil {
-		return ""
+// GetIsAlphanumeric returns the IsAlphanumeric field if it's non-nil, zero value otherwise.
+func (a *Autolink) GetIsAlphanumeric() bool {
+	if a == nil || a.IsAlphanumeric == nil {
+		return false
 	}
-	return *a.ReadOnly
+	return *a.IsAlphanumeric
 }
 
-// GetRepo returns the Repo field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetRepo() string {
-	if a == nil || a.Repo == nil {
+// GetKeyPrefix returns the KeyPrefix field if it's non-nil, zero value otherwise.
+func (a *Autolink) GetKeyPrefix() string {
+	if a == nil || a.KeyPrefix == nil {
 		return ""
 	}
-	return *a.Repo
+	return *a.KeyPrefix
 }
 
-// GetRepository returns the Repository field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetRepository() string {
-	if a == nil || a.Repository == nil {
+// GetURLTemplate returns the URLTemplate field if it's non-nil, zero value otherwise.
+func (a *Autolink) GetURLTemplate() string {
+	if a == nil || a.URLTemplate == nil {
 		return ""
 	}
-	return *a.Repository
+	return *a.URLTemplate
 }
 
-// GetRepositoryPublic returns the RepositoryPublic field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetRepositoryPublic() bool {
-	if a == nil || a.RepositoryPublic == nil {
+// GetIsAlphanumeric returns the IsAlphanumeric field if it's non-nil, zero value otherwise.
+func (a *AutolinkOptions) GetIsAlphanumeric() bool {
+	if a == nil || a.IsAlphanumeric == nil {
 		return false
 	}
-	return *a.RepositoryPublic
+	return *a.IsAlphanumeric
 }
 
-// GetRunAttempt returns the RunAttempt field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetRunAttempt() int64 {
-	if a == nil || a.RunAttempt == nil {
-		return 0
+// GetKeyPrefix returns the KeyPrefix field if it's non-nil, zero value otherwise.
+func (a *AutolinkOptions) GetKeyPrefix() string {
+	if a == nil || a.KeyPrefix == nil {
+		return ""
 	}
-	return *a.RunAttempt
+	return *a.KeyPrefix
 }
 
-// GetRunnerGroupID returns the RunnerGroupID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetRunnerGroupID() int64 {
-	if a == nil || a.RunnerGroupID == nil {
-		return 0
+// GetURLTemplate returns the URLTemplate field if it's non-nil, zero value otherwise.
+func (a *AutolinkOptions) GetURLTemplate() string {
+	if a == nil || a.URLTemplate == nil {
+		return ""
 	}
-	return *a.RunnerGroupID
+	return *a.URLTemplate
 }
 
-// GetRunnerGroupName returns the RunnerGroupName field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetRunnerGroupName() string {
-	if a == nil || a.RunnerGroupName == nil {
-		return ""
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (a *AutomatedSecurityFixes) GetEnabled() bool {
+	if a == nil || a.Enabled == nil {
+		return false
 	}
-	return *a.RunnerGroupName
+	return *a.Enabled
 }
 
-// GetRunnerID returns the RunnerID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetRunnerID() int64 {
-	if a == nil || a.RunnerID == nil {
-		return 0
+// GetPaused returns the Paused field if it's non-nil, zero value otherwise.
+func (a *AutomatedSecurityFixes) GetPaused() bool {
+	if a == nil || a.Paused == nil {
+		return false
 	}
-	return *a.RunnerID
+	return *a.Paused
 }
 
-// GetRunnerName returns the RunnerName field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetRunnerName() string {
-	if a == nil || a.RunnerName == nil {
-		return ""
+// GetAppID returns the AppID field if it's non-nil, zero value otherwise.
+func (a *AutoTriggerCheck) GetAppID() int64 {
+	if a == nil || a.AppID == nil {
+		return 0
 	}
-	return *a.RunnerName
+	return *a.AppID
 }
 
-// GetRunNumber returns the RunNumber field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetRunNumber() int64 {
-	if a == nil || a.RunNumber == nil {
-		return 0
+// GetSetting returns the Setting field if it's non-nil, zero value otherwise.
+func (a *AutoTriggerCheck) GetSetting() bool {
+	if a == nil || a.Setting == nil {
+		return false
 	}
-	return *a.RunNumber
+	return *a.Setting
 }
 
-// GetSourceVersion returns the SourceVersion field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetSourceVersion() string {
-	if a == nil || a.SourceVersion == nil {
+// GetContent returns the Content field if it's non-nil, zero value otherwise.
+func (b *Blob) GetContent() string {
+	if b == nil || b.Content == nil {
 		return ""
 	}
-	return *a.SourceVersion
+	return *b.Content
 }
 
-// GetStartedAt returns the StartedAt field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetStartedAt() Timestamp {
-	if a == nil || a.StartedAt == nil {
-		return Timestamp{}
+// GetEncoding returns the Encoding field if it's non-nil, zero value otherwise.
+func (b *Blob) GetEncoding() string {
+	if b == nil || b.Encoding == nil {
+		return ""
 	}
-	return *a.StartedAt
+	return *b.Encoding
 }
 
-// GetTargetLogin returns the TargetLogin field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetTargetLogin() string {
-	if a == nil || a.TargetLogin == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (b *Blob) GetNodeID() string {
+	if b == nil || b.NodeID == nil {
 		return ""
 	}
-	return *a.TargetLogin
+	return *b.NodeID
 }
 
-// GetTargetVersion returns the TargetVersion field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetTargetVersion() string {
-	if a == nil || a.TargetVersion == nil {
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (b *Blob) GetSHA() string {
+	if b == nil || b.SHA == nil {
 		return ""
 	}
-	return *a.TargetVersion
+	return *b.SHA
 }
 
-// GetTeam returns the Team field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetTeam() string {
-	if a == nil || a.Team == nil {
-		return ""
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (b *Blob) GetSize() int {
+	if b == nil || b.Size == nil {
+		return 0
 	}
-	return *a.Team
+	return *b.Size
 }
 
-// GetTimestamp returns the Timestamp field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetTimestamp() Timestamp {
-	if a == nil || a.Timestamp == nil {
-		return Timestamp{}
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (b *Blob) GetURL() string {
+	if b == nil || b.URL == nil {
+		return ""
 	}
-	return *a.Timestamp
+	return *b.URL
 }
 
-// GetTokenID returns the TokenID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetTokenID() int64 {
-	if a == nil || a.TokenID == nil {
-		return 0
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (b *BlockCreations) GetEnabled() bool {
+	if b == nil || b.Enabled == nil {
+		return false
 	}
-	return *a.TokenID
+	return *b.Enabled
 }
 
-// GetTokenScopes returns the TokenScopes field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetTokenScopes() string {
-	if a == nil || a.TokenScopes == nil {
-		return ""
+// GetCommit returns the Commit field.
+func (b *Branch) GetCommit() *RepositoryCommit {
+	if b == nil {
+		return nil
 	}
-	return *a.TokenScopes
+	return b.Commit
 }
 
-// GetTopic returns the Topic field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetTopic() string {
-	if a == nil || a.Topic == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (b *Branch) GetName() string {
+	if b == nil || b.Name == nil {
 		return ""
 	}
-	return *a.Topic
+	return *b.Name
 }
 
-// GetTransportProtocol returns the TransportProtocol field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetTransportProtocol() int {
-	if a == nil || a.TransportProtocol == nil {
-		return 0
+// GetProtected returns the Protected field if it's non-nil, zero value otherwise.
+func (b *Branch) GetProtected() bool {
+	if b == nil || b.Protected == nil {
+		return false
 	}
-	return *a.TransportProtocol
+	return *b.Protected
 }
 
-// GetTransportProtocolName returns the TransportProtocolName field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetTransportProtocolName() string {
-	if a == nil || a.TransportProtocolName == nil {
-		return ""
+// GetProtection returns the Protection field.
+func (b *Branch) GetProtection() *Protection {
+	if b == nil {
+		return nil
 	}
-	return *a.TransportProtocolName
+	return b.Protection
 }
 
-// GetTriggerID returns the TriggerID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetTriggerID() int64 {
-	if a == nil || a.TriggerID == nil {
-		return 0
+// GetCommit returns the Commit field.
+func (b *BranchCommit) GetCommit() *Commit {
+	if b == nil {
+		return nil
 	}
-	return *a.TriggerID
+	return b.Commit
 }
 
-// GetUser returns the User field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetUser() string {
-	if a == nil || a.User == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (b *BranchCommit) GetName() string {
+	if b == nil || b.Name == nil {
 		return ""
 	}
-	return *a.User
+	return *b.Name
 }
 
-// GetUserAgent returns the UserAgent field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetUserAgent() string {
-	if a == nil || a.UserAgent == nil {
-		return ""
+// GetProtected returns the Protected field if it's non-nil, zero value otherwise.
+func (b *BranchCommit) GetProtected() bool {
+	if b == nil || b.Protected == nil {
+		return false
 	}
-	return *a.UserAgent
+	return *b.Protected
 }
 
-// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetVisibility() string {
-	if a == nil || a.Visibility == nil {
-		return ""
+// GetProtected returns the Protected field if it's non-nil, zero value otherwise.
+func (b *BranchListOptions) GetProtected() bool {
+	if b == nil || b.Protected == nil {
+		return false
 	}
-	return *a.Visibility
+	return *b.Protected
 }
 
-// GetWorkflowID returns the WorkflowID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetWorkflowID() int64 {
-	if a == nil || a.WorkflowID == nil {
-		return 0
+// GetCustomBranchPolicies returns the CustomBranchPolicies field if it's non-nil, zero value otherwise.
+func (b *BranchPolicy) GetCustomBranchPolicies() bool {
+	if b == nil || b.CustomBranchPolicies == nil {
+		return false
 	}
-	return *a.WorkflowID
+	return *b.CustomBranchPolicies
 }
 
-// GetWorkflowRunID returns the WorkflowRunID field if it's non-nil, zero value otherwise.
-func (a *AuditEntry) GetWorkflowRunID() int64 {
-	if a == nil || a.WorkflowRunID == nil {
-		return 0
+// GetProtectedBranches returns the ProtectedBranches field if it's non-nil, zero value otherwise.
+func (b *BranchPolicy) GetProtectedBranches() bool {
+	if b == nil || b.ProtectedBranches == nil {
+		return false
 	}
-	return *a.WorkflowRunID
+	return *b.ProtectedBranches
 }
 
-// GetOldLogin returns the OldLogin field if it's non-nil, zero value otherwise.
-func (a *AuditEntryData) GetOldLogin() string {
-	if a == nil || a.OldLogin == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionConfigurationEvent) GetAction() string {
+	if b == nil || b.Action == nil {
 		return ""
 	}
-	return *a.OldLogin
+	return *b.Action
 }
 
-// GetOldName returns the OldName field if it's non-nil, zero value otherwise.
-func (a *AuditEntryData) GetOldName() string {
-	if a == nil || a.OldName == nil {
-		return ""
+// GetEnterprise returns the Enterprise field.
+func (b *BranchProtectionConfigurationEvent) GetEnterprise() *Enterprise {
+	if b == nil {
+		return nil
 	}
-	return *a.OldName
+	return b.Enterprise
 }
 
-// GetApp returns the App field.
-func (a *Authorization) GetApp() *AuthorizationApp {
-	if a == nil {
+// GetInstallation returns the Installation field.
+func (b *BranchProtectionConfigurationEvent) GetInstallation() *Installation {
+	if b == nil {
 		return nil
 	}
-	return a.App
+	return b.Installation
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (a *Authorization) GetCreatedAt() Timestamp {
-	if a == nil || a.CreatedAt == nil {
-		return Timestamp{}
+// GetOrg returns the Org field.
+func (b *BranchProtectionConfigurationEvent) GetOrg() *Organization {
+	if b == nil {
+		return nil
 	}
-	return *a.CreatedAt
+	return b.Org
 }
 
-// GetFingerprint returns the Fingerprint field if it's non-nil, zero value otherwise.
-func (a *Authorization) GetFingerprint() string {
-	if a == nil || a.Fingerprint == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (b *BranchProtectionConfigurationEvent) GetRepo() *Repository {
+	if b == nil {
+		return nil
 	}
-	return *a.Fingerprint
+	return b.Repo
 }
 
-// GetHashedToken returns the HashedToken field if it's non-nil, zero value otherwise.
-func (a *Authorization) GetHashedToken() string {
-	if a == nil || a.HashedToken == nil {
-		return ""
+// GetSender returns the Sender field.
+func (b *BranchProtectionConfigurationEvent) GetSender() *User {
+	if b == nil {
+		return nil
 	}
-	return *a.HashedToken
+	return b.Sender
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (a *Authorization) GetID() int64 {
-	if a == nil || a.ID == nil {
-		return 0
+// GetAdminEnforced returns the AdminEnforced field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetAdminEnforced() bool {
+	if b == nil || b.AdminEnforced == nil {
+		return false
 	}
-	return *a.ID
+	return *b.AdminEnforced
 }
 
-// GetNote returns the Note field if it's non-nil, zero value otherwise.
-func (a *Authorization) GetNote() string {
-	if a == nil || a.Note == nil {
+// GetAllowDeletionsEnforcementLevel returns the AllowDeletionsEnforcementLevel field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetAllowDeletionsEnforcementLevel() string {
+	if b == nil || b.AllowDeletionsEnforcementLevel == nil {
 		return ""
 	}
-	return *a.Note
+	return *b.AllowDeletionsEnforcementLevel
 }
 
-// GetNoteURL returns the NoteURL field if it's non-nil, zero value otherwise.
-func (a *Authorization) GetNoteURL() string {
-	if a == nil || a.NoteURL == nil {
+// GetAllowForcePushesEnforcementLevel returns the AllowForcePushesEnforcementLevel field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetAllowForcePushesEnforcementLevel() string {
+	if b == nil || b.AllowForcePushesEnforcementLevel == nil {
 		return ""
 	}
-	return *a.NoteURL
+	return *b.AllowForcePushesEnforcementLevel
 }
 
-// GetToken returns the Token field if it's non-nil, zero value otherwise.
-func (a *Authorization) GetToken() string {
-	if a == nil || a.Token == nil {
-		return ""
+// GetAuthorizedActorsOnly returns the AuthorizedActorsOnly field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetAuthorizedActorsOnly() bool {
+	if b == nil || b.AuthorizedActorsOnly == nil {
+		return false
 	}
-	return *a.Token
+	return *b.AuthorizedActorsOnly
 }
 
-// GetTokenLastEight returns the TokenLastEight field if it's non-nil, zero value otherwise.
-func (a *Authorization) GetTokenLastEight() string {
-	if a == nil || a.TokenLastEight == nil {
-		return ""
+// GetAuthorizedDismissalActorsOnly returns the AuthorizedDismissalActorsOnly field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetAuthorizedDismissalActorsOnly() bool {
+	if b == nil || b.AuthorizedDismissalActorsOnly == nil {
+		return false
 	}
-	return *a.TokenLastEight
+	return *b.AuthorizedDismissalActorsOnly
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (a *Authorization) GetUpdatedAt() Timestamp {
-	if a == nil || a.UpdatedAt == nil {
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetCreatedAt() Timestamp {
+	if b == nil || b.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *a.UpdatedAt
+	return *b.CreatedAt
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (a *Authorization) GetURL() string {
-	if a == nil || a.URL == nil {
-		return ""
+// GetDismissStaleReviewsOnPush returns the DismissStaleReviewsOnPush field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetDismissStaleReviewsOnPush() bool {
+	if b == nil || b.DismissStaleReviewsOnPush == nil {
+		return false
 	}
-	return *a.URL
+	return *b.DismissStaleReviewsOnPush
 }
 
-// GetUser returns the User field.
-func (a *Authorization) GetUser() *User {
-	if a == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetID() int64 {
+	if b == nil || b.ID == nil {
+		return 0
 	}
-	return a.User
+	return *b.ID
 }
 
-// GetClientID returns the ClientID field if it's non-nil, zero value otherwise.
-func (a *AuthorizationApp) GetClientID() string {
-	if a == nil || a.ClientID == nil {
-		return ""
+// GetIgnoreApprovalsFromContributors returns the IgnoreApprovalsFromContributors field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetIgnoreApprovalsFromContributors() bool {
+	if b == nil || b.IgnoreApprovalsFromContributors == nil {
+		return false
 	}
-	return *a.ClientID
+	return *b.IgnoreApprovalsFromContributors
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (a *AuthorizationApp) GetName() string {
-	if a == nil || a.Name == nil {
+// GetLinearHistoryRequirementEnforcementLevel returns the LinearHistoryRequirementEnforcementLevel field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetLinearHistoryRequirementEnforcementLevel() string {
+	if b == nil || b.LinearHistoryRequirementEnforcementLevel == nil {
 		return ""
 	}
-	return *a.Name
+	return *b.LinearHistoryRequirementEnforcementLevel
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (a *AuthorizationApp) GetURL() string {
-	if a == nil || a.URL == nil {
+// GetMergeQueueEnforcementLevel returns the MergeQueueEnforcementLevel field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetMergeQueueEnforcementLevel() string {
+	if b == nil || b.MergeQueueEnforcementLevel == nil {
 		return ""
 	}
-	return *a.URL
+	return *b.MergeQueueEnforcementLevel
 }
 
-// GetClientID returns the ClientID field if it's non-nil, zero value otherwise.
-func (a *AuthorizationRequest) GetClientID() string {
-	if a == nil || a.ClientID == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetName() string {
+	if b == nil || b.Name == nil {
 		return ""
 	}
-	return *a.ClientID
+	return *b.Name
 }
 
-// GetClientSecret returns the ClientSecret field if it's non-nil, zero value otherwise.
-func (a *AuthorizationRequest) GetClientSecret() string {
-	if a == nil || a.ClientSecret == nil {
+// GetPullRequestReviewsEnforcementLevel returns the PullRequestReviewsEnforcementLevel field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetPullRequestReviewsEnforcementLevel() string {
+	if b == nil || b.PullRequestReviewsEnforcementLevel == nil {
 		return ""
 	}
-	return *a.ClientSecret
+	return *b.PullRequestReviewsEnforcementLevel
 }
 
-// GetFingerprint returns the Fingerprint field if it's non-nil, zero value otherwise.
-func (a *AuthorizationRequest) GetFingerprint() string {
-	if a == nil || a.Fingerprint == nil {
-		return ""
+// GetRepositoryID returns the RepositoryID field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetRepositoryID() int64 {
+	if b == nil || b.RepositoryID == nil {
+		return 0
 	}
-	return *a.Fingerprint
+	return *b.RepositoryID
 }
 
-// GetNote returns the Note field if it's non-nil, zero value otherwise.
-func (a *AuthorizationRequest) GetNote() string {
-	if a == nil || a.Note == nil {
-		return ""
+// GetRequireCodeOwnerReview returns the RequireCodeOwnerReview field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetRequireCodeOwnerReview() bool {
+	if b == nil || b.RequireCodeOwnerReview == nil {
+		return false
 	}
-	return *a.Note
+	return *b.RequireCodeOwnerReview
 }
 
-// GetNoteURL returns the NoteURL field if it's non-nil, zero value otherwise.
-func (a *AuthorizationRequest) GetNoteURL() string {
-	if a == nil || a.NoteURL == nil {
-		return ""
+// GetRequiredApprovingReviewCount returns the RequiredApprovingReviewCount field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetRequiredApprovingReviewCount() int {
+	if b == nil || b.RequiredApprovingReviewCount == nil {
+		return 0
 	}
-	return *a.NoteURL
+	return *b.RequiredApprovingReviewCount
 }
 
-// GetFingerprint returns the Fingerprint field if it's non-nil, zero value otherwise.
-func (a *AuthorizationUpdateRequest) GetFingerprint() string {
-	if a == nil || a.Fingerprint == nil {
+// GetRequiredConversationResolutionLevel returns the RequiredConversationResolutionLevel field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetRequiredConversationResolutionLevel() string {
+	if b == nil || b.RequiredConversationResolutionLevel == nil {
 		return ""
 	}
-	return *a.Fingerprint
+	return *b.RequiredConversationResolutionLevel
 }
 
-// GetNote returns the Note field if it's non-nil, zero value otherwise.
-func (a *AuthorizationUpdateRequest) GetNote() string {
-	if a == nil || a.Note == nil {
+// GetRequiredDeploymentsEnforcementLevel returns the RequiredDeploymentsEnforcementLevel field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetRequiredDeploymentsEnforcementLevel() string {
+	if b == nil || b.RequiredDeploymentsEnforcementLevel == nil {
 		return ""
 	}
-	return *a.Note
+	return *b.RequiredDeploymentsEnforcementLevel
 }
 
-// GetNoteURL returns the NoteURL field if it's non-nil, zero value otherwise.
-func (a *AuthorizationUpdateRequest) GetNoteURL() string {
-	if a == nil || a.NoteURL == nil {
+// GetRequiredStatusChecksEnforcementLevel returns the RequiredStatusChecksEnforcementLevel field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetRequiredStatusChecksEnforcementLevel() string {
+	if b == nil || b.RequiredStatusChecksEnforcementLevel == nil {
 		return ""
 	}
-	return *a.NoteURL
+	return *b.RequiredStatusChecksEnforcementLevel
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (a *AuthorizedActorsOnly) GetFrom() bool {
-	if a == nil || a.From == nil {
-		return false
+// GetSignatureRequirementEnforcementLevel returns the SignatureRequirementEnforcementLevel field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetSignatureRequirementEnforcementLevel() string {
+	if b == nil || b.SignatureRequirementEnforcementLevel == nil {
+		return ""
 	}
-	return *a.From
+	return *b.SignatureRequirementEnforcementLevel
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (a *AuthorizedDismissalActorsOnlyChanges) GetFrom() bool {
-	if a == nil || a.From == nil {
+// GetStrictRequiredStatusChecksPolicy returns the StrictRequiredStatusChecksPolicy field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetStrictRequiredStatusChecksPolicy() bool {
+	if b == nil || b.StrictRequiredStatusChecksPolicy == nil {
 		return false
 	}
-	return *a.From
+	return *b.StrictRequiredStatusChecksPolicy
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (a *Autolink) GetID() int64 {
-	if a == nil || a.ID == nil {
-		return 0
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRule) GetUpdatedAt() Timestamp {
+	if b == nil || b.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *a.ID
+	return *b.UpdatedAt
 }
 
-// GetIsAlphanumeric returns the IsAlphanumeric field if it's non-nil, zero value otherwise.
-func (a *Autolink) GetIsAlphanumeric() bool {
-	if a == nil || a.IsAlphanumeric == nil {
-		return false
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (b *BranchProtectionRuleEvent) GetAction() string {
+	if b == nil || b.Action == nil {
+		return ""
 	}
-	return *a.IsAlphanumeric
+	return *b.Action
 }
 
-// GetKeyPrefix returns the KeyPrefix field if it's non-nil, zero value otherwise.
-func (a *Autolink) GetKeyPrefix() string {
-	if a == nil || a.KeyPrefix == nil {
-		return ""
+// GetChanges returns the Changes field.
+func (b *BranchProtectionRuleEvent) GetChanges() *ProtectionChanges {
+	if b == nil {
+		return nil
 	}
-	return *a.KeyPrefix
+	return b.Changes
 }
 
-// GetURLTemplate returns the URLTemplate field if it's non-nil, zero value otherwise.
-func (a *Autolink) GetURLTemplate() string {
-	if a == nil || a.URLTemplate == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (b *BranchProtectionRuleEvent) GetInstallation() *Installation {
+	if b == nil {
+		return nil
 	}
-	return *a.URLTemplate
+	return b.Installation
 }
 
-// GetIsAlphanumeric returns the IsAlphanumeric field if it's non-nil, zero value otherwise.
-func (a *AutolinkOptions) GetIsAlphanumeric() bool {
-	if a == nil || a.IsAlphanumeric == nil {
-		return false
+// GetOrg returns the Org field.
+func (b *BranchProtectionRuleEvent) GetOrg() *Organization {
+	if b == nil {
+		return nil
 	}
-	return *a.IsAlphanumeric
+	return b.Org
 }
 
-// GetKeyPrefix returns the KeyPrefix field if it's non-nil, zero value otherwise.
-func (a *AutolinkOptions) GetKeyPrefix() string {
-	if a == nil || a.KeyPrefix == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (b *BranchProtectionRuleEvent) GetRepo() *Repository {
+	if b == nil {
+		return nil
 	}
-	return *a.KeyPrefix
+	return b.Repo
 }
 
-// GetURLTemplate returns the URLTemplate field if it's non-nil, zero value otherwise.
-func (a *AutolinkOptions) GetURLTemplate() string {
-	if a == nil || a.URLTemplate == nil {
-		return ""
+// GetRule returns the Rule field.
+func (b *BranchProtectionRuleEvent) GetRule() *BranchProtectionRule {
+	if b == nil {
+		return nil
 	}
-	return *a.URLTemplate
+	return b.Rule
 }
 
-// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
-func (a *AutomatedSecurityFixes) GetEnabled() bool {
-	if a == nil || a.Enabled == nil {
-		return false
+// GetSender returns the Sender field.
+func (b *BranchProtectionRuleEvent) GetSender() *User {
+	if b == nil {
+		return nil
 	}
-	return *a.Enabled
+	return b.Sender
 }
 
-// GetPaused returns the Paused field if it's non-nil, zero value otherwise.
-func (a *AutomatedSecurityFixes) GetPaused() bool {
-	if a == nil || a.Paused == nil {
-		return false
+// GetActorID returns the ActorID field if it's non-nil, zero value otherwise.
+func (b *BypassActor) GetActorID() int64 {
+	if b == nil || b.ActorID == nil {
+		return 0
 	}
-	return *a.Paused
+	return *b.ActorID
 }
 
-// GetAppID returns the AppID field if it's non-nil, zero value otherwise.
-func (a *AutoTriggerCheck) GetAppID() int64 {
-	if a == nil || a.AppID == nil {
-		return 0
+// GetActorType returns the ActorType field.
+func (b *BypassActor) GetActorType() *BypassActorType {
+	if b == nil {
+		return nil
 	}
-	return *a.AppID
+	return b.ActorType
 }
 
-// GetSetting returns the Setting field if it's non-nil, zero value otherwise.
-func (a *AutoTriggerCheck) GetSetting() bool {
-	if a == nil || a.Setting == nil {
-		return false
+// GetBypassMode returns the BypassMode field.
+func (b *BypassActor) GetBypassMode() *BypassMode {
+	if b == nil {
+		return nil
 	}
-	return *a.Setting
+	return b.BypassMode
 }
 
-// GetContent returns the Content field if it's non-nil, zero value otherwise.
-func (b *Blob) GetContent() string {
-	if b == nil || b.Content == nil {
-		return ""
+// GetApp returns the App field.
+func (c *CheckRun) GetApp() *App {
+	if c == nil {
+		return nil
 	}
-	return *b.Content
+	return c.App
 }
 
-// GetEncoding returns the Encoding field if it's non-nil, zero value otherwise.
-func (b *Blob) GetEncoding() string {
-	if b == nil || b.Encoding == nil {
-		return ""
+// GetCheckSuite returns the CheckSuite field.
+func (c *CheckRun) GetCheckSuite() *CheckSuite {
+	if c == nil {
+		return nil
 	}
-	return *b.Encoding
+	return c.CheckSuite
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (b *Blob) GetNodeID() string {
-	if b == nil || b.NodeID == nil {
+// GetCompletedAt returns the CompletedAt field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetCompletedAt() Timestamp {
+	if c == nil || c.CompletedAt == nil {
+		return Timestamp{}
+	}
+	return *c.CompletedAt
+}
+
+// GetConclusion returns the Conclusion field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetConclusion() string {
+	if c == nil || c.Conclusion == nil {
 		return ""
 	}
-	return *b.NodeID
+	return *c.Conclusion
 }
 
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (b *Blob) GetSHA() string {
-	if b == nil || b.SHA == nil {
+// GetDetailsURL returns the DetailsURL field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetDetailsURL() string {
+	if c == nil || c.DetailsURL == nil {
 		return ""
 	}
-	return *b.SHA
+	return *c.DetailsURL
 }
 
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (b *Blob) GetSize() int {
-	if b == nil || b.Size == nil {
-		return 0
+// GetExternalID returns the ExternalID field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetExternalID() string {
+	if c == nil || c.ExternalID == nil {
+		return ""
 	}
-	return *b.Size
+	return *c.ExternalID
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (b *Blob) GetURL() string {
-	if b == nil || b.URL == nil {
+// GetHeadSHA returns the HeadSHA field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetHeadSHA() string {
+	if c == nil || c.HeadSHA == nil {
 		return ""
 	}
-	return *b.URL
+	return *c.HeadSHA
 }
 
-// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
-func (b *BlockCreations) GetEnabled() bool {
-	if b == nil || b.Enabled == nil {
-		return false
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetHTMLURL() string {
+	if c == nil || c.HTMLURL == nil {
+		return ""
 	}
-	return *b.Enabled
+	return *c.HTMLURL
 }
 
-// GetCommit returns the Commit field.
-func (b *Branch) GetCommit() *RepositoryCommit {
-	if b == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
 	}
-	return b.Commit
+	return *c.ID
 }
 
 // GetName returns the Name field if it's non-nil, zero value otherwise.
-func (b *Branch) GetName() string {
-	if b == nil || b.Name == nil {
+func (c *CheckRun) GetName() string {
+	if c == nil || c.Name == nil {
 		return ""
 	}
-	return *b.Name
+	return *c.Name
 }
 
-// GetProtected returns the Protected field if it's non-nil, zero value otherwise.
-func (b *Branch) GetProtected() bool {
-	if b == nil || b.Protected == nil {
-		return false
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetNodeID() string {
+	if c == nil || c.NodeID == nil {
+		return ""
 	}
-	return *b.Protected
+	return *c.NodeID
 }
 
-// GetCommit returns the Commit field.
-func (b *BranchCommit) GetCommit() *Commit {
-	if b == nil {
+// GetOutput returns the Output field.
+func (c *CheckRun) GetOutput() *CheckRunOutput {
+	if c == nil {
 		return nil
 	}
-	return b.Commit
+	return c.Output
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (b *BranchCommit) GetName() string {
-	if b == nil || b.Name == nil {
-		return ""
+// GetStartedAt returns the StartedAt field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetStartedAt() Timestamp {
+	if c == nil || c.StartedAt == nil {
+		return Timestamp{}
 	}
-	return *b.Name
+	return *c.StartedAt
 }
 
-// GetProtected returns the Protected field if it's non-nil, zero value otherwise.
-func (b *BranchCommit) GetProtected() bool {
-	if b == nil || b.Protected == nil {
-		return false
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetStatus() string {
+	if c == nil || c.Status == nil {
+		return ""
 	}
-	return *b.Protected
+	return *c.Status
 }
 
-// GetProtected returns the Protected field if it's non-nil, zero value otherwise.
-func (b *BranchListOptions) GetProtected() bool {
-	if b == nil || b.Protected == nil {
-		return false
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (c *CheckRun) GetURL() string {
+	if c == nil || c.URL == nil {
+		return ""
 	}
-	return *b.Protected
+	return *c.URL
 }
 
-// GetCustomBranchPolicies returns the CustomBranchPolicies field if it's non-nil, zero value otherwise.
-func (b *BranchPolicy) GetCustomBranchPolicies() bool {
-	if b == nil || b.CustomBranchPolicies == nil {
-		return false
+// GetAnnotationLevel returns the AnnotationLevel field if it's non-nil, zero value otherwise.
+func (c *CheckRunAnnotation) GetAnnotationLevel() string {
+	if c == nil || c.AnnotationLevel == nil {
+		return ""
 	}
-	return *b.CustomBranchPolicies
+	return *c.AnnotationLevel
 }
 
-// GetProtectedBranches returns the ProtectedBranches field if it's non-nil, zero value otherwise.
-func (b *BranchPolicy) GetProtectedBranches() bool {
-	if b == nil || b.ProtectedBranches == nil {
-		return false
+// GetEndColumn returns the EndColumn field if it's non-nil, zero value otherwise.
+func (c *CheckRunAnnotation) GetEndColumn() int {
+	if c == nil || c.EndColumn == nil {
+		return 0
 	}
-	return *b.ProtectedBranches
+	return *c.EndColumn
 }
 
-// GetAdminEnforced returns the AdminEnforced field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetAdminEnforced() bool {
-	if b == nil || b.AdminEnforced == nil {
-		return false
+// GetEndLine returns the EndLine field if it's non-nil, zero value otherwise.
+func (c *CheckRunAnnotation) GetEndLine() int {
+	if c == nil || c.EndLine == nil {
+		return 0
 	}
-	return *b.AdminEnforced
+	return *c.EndLine
 }
 
-// GetAllowDeletionsEnforcementLevel returns the AllowDeletionsEnforcementLevel field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetAllowDeletionsEnforcementLevel() string {
-	if b == nil || b.AllowDeletionsEnforcementLevel == nil {
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (c *CheckRunAnnotation) GetMessage() string {
+	if c == nil || c.Message == nil {
 		return ""
 	}
-	return *b.AllowDeletionsEnforcementLevel
+	return *c.Message
 }
 
-// GetAllowForcePushesEnforcementLevel returns the AllowForcePushesEnforcementLevel field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetAllowForcePushesEnforcementLevel() string {
-	if b == nil || b.AllowForcePushesEnforcementLevel == nil {
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (c *CheckRunAnnotation) GetPath() string {
+	if c == nil || c.Path == nil {
 		return ""
 	}
-	return *b.AllowForcePushesEnforcementLevel
+	return *c.Path
 }
 
-// GetAuthorizedActorsOnly returns the AuthorizedActorsOnly field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetAuthorizedActorsOnly() bool {
-	if b == nil || b.AuthorizedActorsOnly == nil {
-		return false
+// GetRawDetails returns the RawDetails field if it's non-nil, zero value otherwise.
+func (c *CheckRunAnnotation) GetRawDetails() string {
+	if c == nil || c.RawDetails == nil {
+		return ""
 	}
-	return *b.AuthorizedActorsOnly
+	return *c.RawDetails
 }
 
-// GetAuthorizedDismissalActorsOnly returns the AuthorizedDismissalActorsOnly field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetAuthorizedDismissalActorsOnly() bool {
-	if b == nil || b.AuthorizedDismissalActorsOnly == nil {
-		return false
+// GetStartColumn returns the StartColumn field if it's non-nil, zero value otherwise.
+func (c *CheckRunAnnotation) GetStartColumn() int {
+	if c == nil || c.StartColumn == nil {
+		return 0
 	}
-	return *b.AuthorizedDismissalActorsOnly
+	return *c.StartColumn
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetCreatedAt() Timestamp {
-	if b == nil || b.CreatedAt == nil {
-		return Timestamp{}
+// GetStartLine returns the StartLine field if it's non-nil, zero value otherwise.
+func (c *CheckRunAnnotation) GetStartLine() int {
+	if c == nil || c.StartLine == nil {
+		return 0
 	}
-	return *b.CreatedAt
+	return *c.StartLine
 }
 
-// GetDismissStaleReviewsOnPush returns the DismissStaleReviewsOnPush field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetDismissStaleReviewsOnPush() bool {
-	if b == nil || b.DismissStaleReviewsOnPush == nil {
-		return false
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (c *CheckRunAnnotation) GetTitle() string {
+	if c == nil || c.Title == nil {
+		return ""
 	}
-	return *b.DismissStaleReviewsOnPush
+	return *c.Title
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetID() int64 {
-	if b == nil || b.ID == nil {
-		return 0
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (c *CheckRunEvent) GetAction() string {
+	if c == nil || c.Action == nil {
+		return ""
 	}
-	return *b.ID
+	return *c.Action
 }
 
-// GetIgnoreApprovalsFromContributors returns the IgnoreApprovalsFromContributors field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetIgnoreApprovalsFromContributors() bool {
-	if b == nil || b.IgnoreApprovalsFromContributors == nil {
-		return false
+// GetCheckRun returns the CheckRun field.
+func (c *CheckRunEvent) GetCheckRun() *CheckRun {
+	if c == nil {
+		return nil
 	}
-	return *b.IgnoreApprovalsFromContributors
+	return c.CheckRun
 }
 
-// GetLinearHistoryRequirementEnforcementLevel returns the LinearHistoryRequirementEnforcementLevel field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetLinearHistoryRequirementEnforcementLevel() string {
-	if b == nil || b.LinearHistoryRequirementEnforcementLevel == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (c *CheckRunEvent) GetInstallation() *Installation {
+	if c == nil {
+		return nil
 	}
-	return *b.LinearHistoryRequirementEnforcementLevel
+	return c.Installation
 }
 
-// GetMergeQueueEnforcementLevel returns the MergeQueueEnforcementLevel field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetMergeQueueEnforcementLevel() string {
-	if b == nil || b.MergeQueueEnforcementLevel == nil {
-		return ""
-	}
-	return *b.MergeQueueEnforcementLevel
+// GetOrg returns the Org field.
+func (c *CheckRunEvent) GetOrg() *Organization {
+	if c == nil {
+		return nil
+	}
+	return c.Org
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetName() string {
-	if b == nil || b.Name == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (c *CheckRunEvent) GetRepo() *Repository {
+	if c == nil {
+		return nil
 	}
-	return *b.Name
+	return c.Repo
 }
 
-// GetPullRequestReviewsEnforcementLevel returns the PullRequestReviewsEnforcementLevel field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetPullRequestReviewsEnforcementLevel() string {
-	if b == nil || b.PullRequestReviewsEnforcementLevel == nil {
-		return ""
+// GetRequestedAction returns the RequestedAction field.
+func (c *CheckRunEvent) GetRequestedAction() *RequestedAction {
+	if c == nil {
+		return nil
 	}
-	return *b.PullRequestReviewsEnforcementLevel
+	return c.RequestedAction
 }
 
-// GetRepositoryID returns the RepositoryID field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetRepositoryID() int64 {
-	if b == nil || b.RepositoryID == nil {
-		return 0
+// GetSender returns the Sender field.
+func (c *CheckRunEvent) GetSender() *User {
+	if c == nil {
+		return nil
 	}
-	return *b.RepositoryID
+	return c.Sender
 }
 
-// GetRequireCodeOwnerReview returns the RequireCodeOwnerReview field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetRequireCodeOwnerReview() bool {
-	if b == nil || b.RequireCodeOwnerReview == nil {
-		return false
+// GetAlt returns the Alt field if it's non-nil, zero value otherwise.
+func (c *CheckRunImage) GetAlt() string {
+	if c == nil || c.Alt == nil {
+		return ""
 	}
-	return *b.RequireCodeOwnerReview
+	return *c.Alt
 }
 
-// GetRequiredApprovingReviewCount returns the RequiredApprovingReviewCount field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetRequiredApprovingReviewCount() int {
-	if b == nil || b.RequiredApprovingReviewCount == nil {
-		return 0
+// GetCaption returns the Caption field if it's non-nil, zero value otherwise.
+func (c *CheckRunImage) GetCaption() string {
+	if c == nil || c.Caption == nil {
+		return ""
 	}
-	return *b.RequiredApprovingReviewCount
+	return *c.Caption
 }
 
-// GetRequiredConversationResolutionLevel returns the RequiredConversationResolutionLevel field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetRequiredConversationResolutionLevel() string {
-	if b == nil || b.RequiredConversationResolutionLevel == nil {
+// GetImageURL returns the ImageURL field if it's non-nil, zero value otherwise.
+func (c *CheckRunImage) GetImageURL() string {
+	if c == nil || c.ImageURL == nil {
 		return ""
 	}
-	return *b.RequiredConversationResolutionLevel
+	return *c.ImageURL
 }
 
-// GetRequiredDeploymentsEnforcementLevel returns the RequiredDeploymentsEnforcementLevel field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetRequiredDeploymentsEnforcementLevel() string {
-	if b == nil || b.RequiredDeploymentsEnforcementLevel == nil {
-		return ""
+// GetAnnotationsCount returns the AnnotationsCount field if it's non-nil, zero value otherwise.
+func (c *CheckRunOutput) GetAnnotationsCount() int {
+	if c == nil || c.AnnotationsCount == nil {
+		return 0
 	}
-	return *b.RequiredDeploymentsEnforcementLevel
+	return *c.AnnotationsCount
 }
 
-// GetRequiredStatusChecksEnforcementLevel returns the RequiredStatusChecksEnforcementLevel field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetRequiredStatusChecksEnforcementLevel() string {
-	if b == nil || b.RequiredStatusChecksEnforcementLevel == nil {
+// GetAnnotationsURL returns the AnnotationsURL field if it's non-nil, zero value otherwise.
+func (c *CheckRunOutput) GetAnnotationsURL() string {
+	if c == nil || c.AnnotationsURL == nil {
 		return ""
 	}
-	return *b.RequiredStatusChecksEnforcementLevel
+	return *c.AnnotationsURL
 }
 
-// GetSignatureRequirementEnforcementLevel returns the SignatureRequirementEnforcementLevel field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetSignatureRequirementEnforcementLevel() string {
-	if b == nil || b.SignatureRequirementEnforcementLevel == nil {
+// GetSummary returns the Summary field if it's non-nil, zero value otherwise.
+func (c *CheckRunOutput) GetSummary() string {
+	if c == nil || c.Summary == nil {
 		return ""
 	}
-	return *b.SignatureRequirementEnforcementLevel
+	return *c.Summary
 }
 
-// GetStrictRequiredStatusChecksPolicy returns the StrictRequiredStatusChecksPolicy field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetStrictRequiredStatusChecksPolicy() bool {
-	if b == nil || b.StrictRequiredStatusChecksPolicy == nil {
-		return false
+// GetText returns the Text field if it's non-nil, zero value otherwise.
+func (c *CheckRunOutput) GetText() string {
+	if c == nil || c.Text == nil {
+		return ""
 	}
-	return *b.StrictRequiredStatusChecksPolicy
+	return *c.Text
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRule) GetUpdatedAt() Timestamp {
-	if b == nil || b.UpdatedAt == nil {
-		return Timestamp{}
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (c *CheckRunOutput) GetTitle() string {
+	if c == nil || c.Title == nil {
+		return ""
 	}
-	return *b.UpdatedAt
+	return *c.Title
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (b *BranchProtectionRuleEvent) GetAction() string {
-	if b == nil || b.Action == nil {
+// GetAfterSHA returns the AfterSHA field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetAfterSHA() string {
+	if c == nil || c.AfterSHA == nil {
 		return ""
 	}
-	return *b.Action
+	return *c.AfterSHA
 }
 
-// GetChanges returns the Changes field.
-func (b *BranchProtectionRuleEvent) GetChanges() *ProtectionChanges {
-	if b == nil {
+// GetApp returns the App field.
+func (c *CheckSuite) GetApp() *App {
+	if c == nil {
 		return nil
 	}
-	return b.Changes
+	return c.App
 }
 
-// GetInstallation returns the Installation field.
-func (b *BranchProtectionRuleEvent) GetInstallation() *Installation {
-	if b == nil {
-		return nil
+// GetBeforeSHA returns the BeforeSHA field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetBeforeSHA() string {
+	if c == nil || c.BeforeSHA == nil {
+		return ""
 	}
-	return b.Installation
+	return *c.BeforeSHA
 }
 
-// GetOrg returns the Org field.
-func (b *BranchProtectionRuleEvent) GetOrg() *Organization {
-	if b == nil {
-		return nil
+// GetConclusion returns the Conclusion field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetConclusion() string {
+	if c == nil || c.Conclusion == nil {
+		return ""
 	}
-	return b.Org
+	return *c.Conclusion
 }
 
-// GetRepo returns the Repo field.
-func (b *BranchProtectionRuleEvent) GetRepo() *Repository {
-	if b == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetCreatedAt() Timestamp {
+	if c == nil || c.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return b.Repo
+	return *c.CreatedAt
 }
 
-// GetRule returns the Rule field.
-func (b *BranchProtectionRuleEvent) GetRule() *BranchProtectionRule {
-	if b == nil {
-		return nil
+// GetHeadBranch returns the HeadBranch field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetHeadBranch() string {
+	if c == nil || c.HeadBranch == nil {
+		return ""
 	}
-	return b.Rule
+	return *c.HeadBranch
 }
 
-// GetSender returns the Sender field.
-func (b *BranchProtectionRuleEvent) GetSender() *User {
-	if b == nil {
+// GetHeadCommit returns the HeadCommit field.
+func (c *CheckSuite) GetHeadCommit() *Commit {
+	if c == nil {
 		return nil
 	}
-	return b.Sender
+	return c.HeadCommit
 }
 
-// GetActorID returns the ActorID field if it's non-nil, zero value otherwise.
-func (b *BypassActor) GetActorID() int64 {
-	if b == nil || b.ActorID == nil {
-		return 0
+// GetHeadSHA returns the HeadSHA field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetHeadSHA() string {
+	if c == nil || c.HeadSHA == nil {
+		return ""
 	}
-	return *b.ActorID
+	return *c.HeadSHA
 }
 
-// GetActorType returns the ActorType field if it's non-nil, zero value otherwise.
-func (b *BypassActor) GetActorType() string {
-	if b == nil || b.ActorType == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
 	}
-	return *b.ActorType
+	return *c.ID
 }
 
-// GetBypassMode returns the BypassMode field if it's non-nil, zero value otherwise.
-func (b *BypassActor) GetBypassMode() string {
-	if b == nil || b.BypassMode == nil {
-		return ""
+// GetLatestCheckRunsCount returns the LatestCheckRunsCount field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetLatestCheckRunsCount() int64 {
+	if c == nil || c.LatestCheckRunsCount == nil {
+		return 0
 	}
-	return *b.BypassMode
+	return *c.LatestCheckRunsCount
 }
 
-// GetApp returns the App field.
-func (c *CheckRun) GetApp() *App {
-	if c == nil {
-		return nil
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetNodeID() string {
+	if c == nil || c.NodeID == nil {
+		return ""
 	}
-	return c.App
+	return *c.NodeID
 }
 
-// GetCheckSuite returns the CheckSuite field.
-func (c *CheckRun) GetCheckSuite() *CheckSuite {
+// GetRepository returns the Repository field.
+func (c *CheckSuite) GetRepository() *Repository {
 	if c == nil {
 		return nil
 	}
-	return c.CheckSuite
+	return c.Repository
 }
 
-// GetCompletedAt returns the CompletedAt field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetCompletedAt() Timestamp {
-	if c == nil || c.CompletedAt == nil {
-		return Timestamp{}
+// GetRerequestable returns the Rerequestable field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetRerequestable() bool {
+	if c == nil || c.Rerequestable == nil {
+		return false
 	}
-	return *c.CompletedAt
+	return *c.Rerequestable
 }
 
-// GetConclusion returns the Conclusion field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetConclusion() string {
-	if c == nil || c.Conclusion == nil {
-		return ""
+// GetRunsRerequestable returns the RunsRerequestable field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetRunsRerequestable() bool {
+	if c == nil || c.RunsRerequestable == nil {
+		return false
 	}
-	return *c.Conclusion
+	return *c.RunsRerequestable
 }
 
-// GetDetailsURL returns the DetailsURL field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetDetailsURL() string {
-	if c == nil || c.DetailsURL == nil {
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetStatus() string {
+	if c == nil || c.Status == nil {
 		return ""
 	}
-	return *c.DetailsURL
+	return *c.Status
 }
 
-// GetExternalID returns the ExternalID field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetExternalID() string {
-	if c == nil || c.ExternalID == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetUpdatedAt() Timestamp {
+	if c == nil || c.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *c.ExternalID
+	return *c.UpdatedAt
 }
 
-// GetHeadSHA returns the HeadSHA field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetHeadSHA() string {
-	if c == nil || c.HeadSHA == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (c *CheckSuite) GetURL() string {
+	if c == nil || c.URL == nil {
 		return ""
 	}
-	return *c.HeadSHA
+	return *c.URL
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetHTMLURL() string {
-	if c == nil || c.HTMLURL == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (c *CheckSuiteEvent) GetAction() string {
+	if c == nil || c.Action == nil {
 		return ""
 	}
-	return *c.HTMLURL
+	return *c.Action
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetID() int64 {
-	if c == nil || c.ID == nil {
-		return 0
+// GetCheckSuite returns the CheckSuite field.
+func (c *CheckSuiteEvent) GetCheckSuite() *CheckSuite {
+	if c == nil {
+		return nil
 	}
-	return *c.ID
+	return c.CheckSuite
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetName() string {
-	if c == nil || c.Name == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (c *CheckSuiteEvent) GetInstallation() *Installation {
+	if c == nil {
+		return nil
 	}
-	return *c.Name
+	return c.Installation
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetNodeID() string {
-	if c == nil || c.NodeID == nil {
-		return ""
+// GetOrg returns the Org field.
+func (c *CheckSuiteEvent) GetOrg() *Organization {
+	if c == nil {
+		return nil
 	}
-	return *c.NodeID
+	return c.Org
 }
 
-// GetOutput returns the Output field.
-func (c *CheckRun) GetOutput() *CheckRunOutput {
+// GetRepo returns the Repo field.
+func (c *CheckSuiteEvent) GetRepo() *Repository {
 	if c == nil {
 		return nil
 	}
-	return c.Output
+	return c.Repo
 }
 
-// GetStartedAt returns the StartedAt field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetStartedAt() Timestamp {
-	if c == nil || c.StartedAt == nil {
-		return Timestamp{}
+// GetSender returns the Sender field.
+func (c *CheckSuiteEvent) GetSender() *User {
+	if c == nil {
+		return nil
 	}
-	return *c.StartedAt
+	return c.Sender
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetStatus() string {
-	if c == nil || c.Status == nil {
-		return ""
+// GetPreferences returns the Preferences field.
+func (c *CheckSuitePreferenceResults) GetPreferences() *PreferenceList {
+	if c == nil {
+		return nil
 	}
-	return *c.Status
+	return c.Preferences
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (c *CheckRun) GetURL() string {
-	if c == nil || c.URL == nil {
-		return ""
+// GetRepository returns the Repository field.
+func (c *CheckSuitePreferenceResults) GetRepository() *Repository {
+	if c == nil {
+		return nil
 	}
-	return *c.URL
+	return c.Repository
 }
 
-// GetAnnotationLevel returns the AnnotationLevel field if it's non-nil, zero value otherwise.
-func (c *CheckRunAnnotation) GetAnnotationLevel() string {
-	if c == nil || c.AnnotationLevel == nil {
+// GetFingerprint returns the Fingerprint field if it's non-nil, zero value otherwise.
+func (c *ClusterSSHKey) GetFingerprint() string {
+	if c == nil || c.Fingerprint == nil {
 		return ""
 	}
-	return *c.AnnotationLevel
+	return *c.Fingerprint
 }
 
-// GetEndColumn returns the EndColumn field if it's non-nil, zero value otherwise.
-func (c *CheckRunAnnotation) GetEndColumn() int {
-	if c == nil || c.EndColumn == nil {
-		return 0
+// GetKey returns the Key field if it's non-nil, zero value otherwise.
+func (c *ClusterSSHKey) GetKey() string {
+	if c == nil || c.Key == nil {
+		return ""
 	}
-	return *c.EndColumn
+	return *c.Key
 }
 
-// GetEndLine returns the EndLine field if it's non-nil, zero value otherwise.
-func (c *CheckRunAnnotation) GetEndLine() int {
-	if c == nil || c.EndLine == nil {
-		return 0
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (c *ClusterStatus) GetStatus() string {
+	if c == nil || c.Status == nil {
+		return ""
 	}
-	return *c.EndLine
+	return *c.Status
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (c *CheckRunAnnotation) GetMessage() string {
-	if c == nil || c.Message == nil {
+// GetHostname returns the Hostname field if it's non-nil, zero value otherwise.
+func (c *ClusterStatusNode) GetHostname() string {
+	if c == nil || c.Hostname == nil {
 		return ""
 	}
-	return *c.Message
+	return *c.Hostname
 }
 
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (c *CheckRunAnnotation) GetPath() string {
-	if c == nil || c.Path == nil {
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (c *ClusterStatusNode) GetStatus() string {
+	if c == nil || c.Status == nil {
 		return ""
 	}
-	return *c.Path
+	return *c.Status
 }
 
-// GetRawDetails returns the RawDetails field if it's non-nil, zero value otherwise.
-func (c *CheckRunAnnotation) GetRawDetails() string {
-	if c == nil || c.RawDetails == nil {
+// GetDetails returns the Details field if it's non-nil, zero value otherwise.
+func (c *ClusterStatusNodeServiceItem) GetDetails() string {
+	if c == nil || c.Details == nil {
 		return ""
 	}
-	return *c.RawDetails
+	return *c.Details
 }
 
-// GetStartColumn returns the StartColumn field if it's non-nil, zero value otherwise.
-func (c *CheckRunAnnotation) GetStartColumn() int {
-	if c == nil || c.StartColumn == nil {
-		return 0
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *ClusterStatusNodeServiceItem) GetName() string {
+	if c == nil || c.Name == nil {
+		return ""
 	}
-	return *c.StartColumn
+	return *c.Name
 }
 
-// GetStartLine returns the StartLine field if it's non-nil, zero value otherwise.
-func (c *CheckRunAnnotation) GetStartLine() int {
-	if c == nil || c.StartLine == nil {
-		return 0
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (c *ClusterStatusNodeServiceItem) GetStatus() string {
+	if c == nil || c.Status == nil {
+		return ""
 	}
-	return *c.StartLine
+	return *c.Status
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (c *CheckRunAnnotation) GetTitle() string {
-	if c == nil || c.Title == nil {
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (c *CodeOfConduct) GetBody() string {
+	if c == nil || c.Body == nil {
 		return ""
 	}
-	return *c.Title
+	return *c.Body
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (c *CheckRunEvent) GetAction() string {
-	if c == nil || c.Action == nil {
+// GetKey returns the Key field if it's non-nil, zero value otherwise.
+func (c *CodeOfConduct) GetKey() string {
+	if c == nil || c.Key == nil {
 		return ""
 	}
-	return *c.Action
+	return *c.Key
 }
 
-// GetCheckRun returns the CheckRun field.
-func (c *CheckRunEvent) GetCheckRun() *CheckRun {
-	if c == nil {
-		return nil
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CodeOfConduct) GetName() string {
+	if c == nil || c.Name == nil {
+		return ""
 	}
-	return c.CheckRun
+	return *c.Name
 }
 
-// GetInstallation returns the Installation field.
-func (c *CheckRunEvent) GetInstallation() *Installation {
-	if c == nil {
-		return nil
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (c *CodeOfConduct) GetURL() string {
+	if c == nil || c.URL == nil {
+		return ""
 	}
-	return c.Installation
+	return *c.URL
 }
 
-// GetOrg returns the Org field.
-func (c *CheckRunEvent) GetOrg() *Organization {
-	if c == nil {
-		return nil
+// GetSuggestion returns the Suggestion field if it's non-nil, zero value otherwise.
+func (c *CodeownersError) GetSuggestion() string {
+	if c == nil || c.Suggestion == nil {
+		return ""
 	}
-	return c.Org
+	return *c.Suggestion
 }
 
-// GetRepo returns the Repo field.
-func (c *CheckRunEvent) GetRepo() *Repository {
-	if c == nil {
-		return nil
+// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetContentType() string {
+	if c == nil || c.ContentType == nil {
+		return ""
 	}
-	return c.Repo
+	return *c.ContentType
 }
 
-// GetRequestedAction returns the RequestedAction field.
-func (c *CheckRunEvent) GetRequestedAction() *RequestedAction {
-	if c == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetCreatedAt() Timestamp {
+	if c == nil || c.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return c.RequestedAction
+	return *c.CreatedAt
 }
 
-// GetSender returns the Sender field.
-func (c *CheckRunEvent) GetSender() *User {
-	if c == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
 	}
-	return c.Sender
+	return *c.ID
 }
 
-// GetAlt returns the Alt field if it's non-nil, zero value otherwise.
-func (c *CheckRunImage) GetAlt() string {
-	if c == nil || c.Alt == nil {
+// GetLanguage returns the Language field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetLanguage() string {
+	if c == nil || c.Language == nil {
 		return ""
 	}
-	return *c.Alt
+	return *c.Language
 }
 
-// GetCaption returns the Caption field if it's non-nil, zero value otherwise.
-func (c *CheckRunImage) GetCaption() string {
-	if c == nil || c.Caption == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetName() string {
+	if c == nil || c.Name == nil {
 		return ""
 	}
-	return *c.Caption
+	return *c.Name
 }
 
-// GetImageURL returns the ImageURL field if it's non-nil, zero value otherwise.
-func (c *CheckRunImage) GetImageURL() string {
-	if c == nil || c.ImageURL == nil {
-		return ""
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetSize() int64 {
+	if c == nil || c.Size == nil {
+		return 0
 	}
-	return *c.ImageURL
+	return *c.Size
 }
 
-// GetAnnotationsCount returns the AnnotationsCount field if it's non-nil, zero value otherwise.
-func (c *CheckRunOutput) GetAnnotationsCount() int {
-	if c == nil || c.AnnotationsCount == nil {
-		return 0
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetUpdatedAt() Timestamp {
+	if c == nil || c.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *c.AnnotationsCount
+	return *c.UpdatedAt
 }
 
-// GetAnnotationsURL returns the AnnotationsURL field if it's non-nil, zero value otherwise.
-func (c *CheckRunOutput) GetAnnotationsURL() string {
-	if c == nil || c.AnnotationsURL == nil {
-		return ""
+// GetUploader returns the Uploader field.
+func (c *CodeQLDatabase) GetUploader() *User {
+	if c == nil {
+		return nil
 	}
-	return *c.AnnotationsURL
+	return c.Uploader
 }
 
-// GetSummary returns the Summary field if it's non-nil, zero value otherwise.
-func (c *CheckRunOutput) GetSummary() string {
-	if c == nil || c.Summary == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (c *CodeQLDatabase) GetURL() string {
+	if c == nil || c.URL == nil {
 		return ""
 	}
-	return *c.Summary
+	return *c.URL
 }
 
-// GetText returns the Text field if it's non-nil, zero value otherwise.
-func (c *CheckRunOutput) GetText() string {
-	if c == nil || c.Text == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (c *CodeResult) GetHTMLURL() string {
+	if c == nil || c.HTMLURL == nil {
 		return ""
 	}
-	return *c.Text
+	return *c.HTMLURL
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (c *CheckRunOutput) GetTitle() string {
-	if c == nil || c.Title == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CodeResult) GetName() string {
+	if c == nil || c.Name == nil {
 		return ""
 	}
-	return *c.Title
+	return *c.Name
 }
 
-// GetAfterSHA returns the AfterSHA field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetAfterSHA() string {
-	if c == nil || c.AfterSHA == nil {
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (c *CodeResult) GetPath() string {
+	if c == nil || c.Path == nil {
 		return ""
 	}
-	return *c.AfterSHA
+	return *c.Path
 }
 
-// GetApp returns the App field.
-func (c *CheckSuite) GetApp() *App {
+// GetRepository returns the Repository field.
+func (c *CodeResult) GetRepository() *Repository {
 	if c == nil {
 		return nil
 	}
-	return c.App
+	return c.Repository
 }
 
-// GetBeforeSHA returns the BeforeSHA field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetBeforeSHA() string {
-	if c == nil || c.BeforeSHA == nil {
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (c *CodeResult) GetSHA() string {
+	if c == nil || c.SHA == nil {
 		return ""
 	}
-	return *c.BeforeSHA
+	return *c.SHA
 }
 
-// GetConclusion returns the Conclusion field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetConclusion() string {
-	if c == nil || c.Conclusion == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (c *CodeScanningAlertEvent) GetAction() string {
+	if c == nil || c.Action == nil {
 		return ""
 	}
-	return *c.Conclusion
+	return *c.Action
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetCreatedAt() Timestamp {
-	if c == nil || c.CreatedAt == nil {
-		return Timestamp{}
+// GetAlert returns the Alert field.
+func (c *CodeScanningAlertEvent) GetAlert() *Alert {
+	if c == nil {
+		return nil
 	}
-	return *c.CreatedAt
+	return c.Alert
 }
 
-// GetHeadBranch returns the HeadBranch field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetHeadBranch() string {
-	if c == nil || c.HeadBranch == nil {
+// GetCommitOID returns the CommitOID field if it's non-nil, zero value otherwise.
+func (c *CodeScanningAlertEvent) GetCommitOID() string {
+	if c == nil || c.CommitOID == nil {
 		return ""
 	}
-	return *c.HeadBranch
+	return *c.CommitOID
 }
 
-// GetHeadCommit returns the HeadCommit field.
-func (c *CheckSuite) GetHeadCommit() *Commit {
+// GetInstallation returns the Installation field.
+func (c *CodeScanningAlertEvent) GetInstallation() *Installation {
 	if c == nil {
 		return nil
 	}
-	return c.HeadCommit
+	return c.Installation
 }
 
-// GetHeadSHA returns the HeadSHA field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetHeadSHA() string {
-	if c == nil || c.HeadSHA == nil {
-		return ""
+// GetOrg returns the Org field.
+func (c *CodeScanningAlertEvent) GetOrg() *Organization {
+	if c == nil {
+		return nil
 	}
-	return *c.HeadSHA
+	return c.Org
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetID() int64 {
-	if c == nil || c.ID == nil {
-		return 0
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (c *CodeScanningAlertEvent) GetRef() string {
+	if c == nil || c.Ref == nil {
+		return ""
 	}
-	return *c.ID
+	return *c.Ref
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetNodeID() string {
-	if c == nil || c.NodeID == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (c *CodeScanningAlertEvent) GetRepo() *Repository {
+	if c == nil {
+		return nil
 	}
-	return *c.NodeID
+	return c.Repo
 }
 
-// GetRepository returns the Repository field.
-func (c *CheckSuite) GetRepository() *Repository {
+// GetSender returns the Sender field.
+func (c *CodeScanningAlertEvent) GetSender() *User {
 	if c == nil {
 		return nil
 	}
-	return c.Repository
+	return c.Sender
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetStatus() string {
-	if c == nil || c.Status == nil {
+// GetDismissedComment returns the DismissedComment field if it's non-nil, zero value otherwise.
+func (c *CodeScanningAlertState) GetDismissedComment() string {
+	if c == nil || c.DismissedComment == nil {
 		return ""
 	}
-	return *c.Status
+	return *c.DismissedComment
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetUpdatedAt() Timestamp {
-	if c == nil || c.UpdatedAt == nil {
-		return Timestamp{}
+// GetDismissedReason returns the DismissedReason field if it's non-nil, zero value otherwise.
+func (c *CodeScanningAlertState) GetDismissedReason() string {
+	if c == nil || c.DismissedReason == nil {
+		return ""
 	}
-	return *c.UpdatedAt
+	return *c.DismissedReason
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (c *CheckSuite) GetURL() string {
-	if c == nil || c.URL == nil {
-		return ""
+// GetIncompleteResults returns the IncompleteResults field if it's non-nil, zero value otherwise.
+func (c *CodeSearchResult) GetIncompleteResults() bool {
+	if c == nil || c.IncompleteResults == nil {
+		return false
 	}
-	return *c.URL
+	return *c.IncompleteResults
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (c *CheckSuiteEvent) GetAction() string {
-	if c == nil || c.Action == nil {
+// GetTotal returns the Total field if it's non-nil, zero value otherwise.
+func (c *CodeSearchResult) GetTotal() int {
+	if c == nil || c.Total == nil {
+		return 0
+	}
+	return *c.Total
+}
+
+// GetAdvancedSecurity returns the AdvancedSecurity field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetAdvancedSecurity() string {
+	if c == nil || c.AdvancedSecurity == nil {
 		return ""
 	}
-	return *c.Action
+	return *c.AdvancedSecurity
 }
 
-// GetCheckSuite returns the CheckSuite field.
-func (c *CheckSuiteEvent) GetCheckSuite() *CheckSuite {
-	if c == nil {
-		return nil
+// GetCodeScanningDefaultSetup returns the CodeScanningDefaultSetup field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetCodeScanningDefaultSetup() string {
+	if c == nil || c.CodeScanningDefaultSetup == nil {
+		return ""
 	}
-	return c.CheckSuite
+	return *c.CodeScanningDefaultSetup
 }
 
-// GetInstallation returns the Installation field.
-func (c *CheckSuiteEvent) GetInstallation() *Installation {
-	if c == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetCreatedAt() Timestamp {
+	if c == nil || c.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return c.Installation
+	return *c.CreatedAt
 }
 
-// GetOrg returns the Org field.
-func (c *CheckSuiteEvent) GetOrg() *Organization {
-	if c == nil {
-		return nil
+// GetDependabotAlerts returns the DependabotAlerts field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetDependabotAlerts() string {
+	if c == nil || c.DependabotAlerts == nil {
+		return ""
 	}
-	return c.Org
+	return *c.DependabotAlerts
 }
 
-// GetRepo returns the Repo field.
-func (c *CheckSuiteEvent) GetRepo() *Repository {
-	if c == nil {
-		return nil
+// GetDependabotSecurityUpdates returns the DependabotSecurityUpdates field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetDependabotSecurityUpdates() string {
+	if c == nil || c.DependabotSecurityUpdates == nil {
+		return ""
 	}
-	return c.Repo
+	return *c.DependabotSecurityUpdates
 }
 
-// GetSender returns the Sender field.
-func (c *CheckSuiteEvent) GetSender() *User {
-	if c == nil {
-		return nil
+// GetDependencyGraph returns the DependencyGraph field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetDependencyGraph() string {
+	if c == nil || c.DependencyGraph == nil {
+		return ""
 	}
-	return c.Sender
+	return *c.DependencyGraph
 }
 
-// GetPreferences returns the Preferences field.
-func (c *CheckSuitePreferenceResults) GetPreferences() *PreferenceList {
-	if c == nil {
-		return nil
+// GetDependencyGraphAutosubmitAction returns the DependencyGraphAutosubmitAction field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetDependencyGraphAutosubmitAction() string {
+	if c == nil || c.DependencyGraphAutosubmitAction == nil {
+		return ""
 	}
-	return c.Preferences
+	return *c.DependencyGraphAutosubmitAction
 }
 
-// GetRepository returns the Repository field.
-func (c *CheckSuitePreferenceResults) GetRepository() *Repository {
+// GetDependencyGraphAutosubmitActionOptions returns the DependencyGraphAutosubmitActionOptions field.
+func (c *CodeSecurityConfiguration) GetDependencyGraphAutosubmitActionOptions() *DependencyGraphAutosubmitActionOptions {
 	if c == nil {
 		return nil
 	}
-	return c.Repository
+	return c.DependencyGraphAutosubmitActionOptions
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (c *CodeOfConduct) GetBody() string {
-	if c == nil || c.Body == nil {
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetDescription() string {
+	if c == nil || c.Description == nil {
 		return ""
 	}
-	return *c.Body
+	return *c.Description
 }
 
-// GetKey returns the Key field if it's non-nil, zero value otherwise.
-func (c *CodeOfConduct) GetKey() string {
-	if c == nil || c.Key == nil {
+// GetEnforcement returns the Enforcement field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetEnforcement() string {
+	if c == nil || c.Enforcement == nil {
 		return ""
 	}
-	return *c.Key
+	return *c.Enforcement
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (c *CodeOfConduct) GetName() string {
-	if c == nil || c.Name == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetHTMLURL() string {
+	if c == nil || c.HTMLURL == nil {
 		return ""
 	}
-	return *c.Name
+	return *c.HTMLURL
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (c *CodeOfConduct) GetURL() string {
-	if c == nil || c.URL == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
 	}
-	return *c.URL
+	return *c.ID
 }
 
-// GetSuggestion returns the Suggestion field if it's non-nil, zero value otherwise.
-func (c *CodeownersError) GetSuggestion() string {
-	if c == nil || c.Suggestion == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetName() string {
+	if c == nil || c.Name == nil {
 		return ""
 	}
-	return *c.Suggestion
+	return *c.Name
 }
 
-// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
-func (c *CodeQLDatabase) GetContentType() string {
-	if c == nil || c.ContentType == nil {
+// GetPrivateVulnerabilityReporting returns the PrivateVulnerabilityReporting field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetPrivateVulnerabilityReporting() string {
+	if c == nil || c.PrivateVulnerabilityReporting == nil {
 		return ""
 	}
-	return *c.ContentType
+	return *c.PrivateVulnerabilityReporting
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (c *CodeQLDatabase) GetCreatedAt() Timestamp {
-	if c == nil || c.CreatedAt == nil {
-		return Timestamp{}
+// GetSecretScanning returns the SecretScanning field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetSecretScanning() string {
+	if c == nil || c.SecretScanning == nil {
+		return ""
 	}
-	return *c.CreatedAt
+	return *c.SecretScanning
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (c *CodeQLDatabase) GetID() int64 {
-	if c == nil || c.ID == nil {
-		return 0
+// GetSecretScanningNonProviderPatterns returns the SecretScanningNonProviderPatterns field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetSecretScanningNonProviderPatterns() string {
+	if c == nil || c.SecretScanningNonProviderPatterns == nil {
+		return ""
 	}
-	return *c.ID
+	return *c.SecretScanningNonProviderPatterns
 }
 
-// GetLanguage returns the Language field if it's non-nil, zero value otherwise.
-func (c *CodeQLDatabase) GetLanguage() string {
-	if c == nil || c.Language == nil {
+// GetSecretScanningPushProtection returns the SecretScanningPushProtection field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetSecretScanningPushProtection() string {
+	if c == nil || c.SecretScanningPushProtection == nil {
 		return ""
 	}
-	return *c.Language
+	return *c.SecretScanningPushProtection
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (c *CodeQLDatabase) GetName() string {
-	if c == nil || c.Name == nil {
+// GetSecretScanningValidityChecks returns the SecretScanningValidityChecks field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetSecretScanningValidityChecks() string {
+	if c == nil || c.SecretScanningValidityChecks == nil {
 		return ""
 	}
-	return *c.Name
+	return *c.SecretScanningValidityChecks
 }
 
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (c *CodeQLDatabase) GetSize() int64 {
-	if c == nil || c.Size == nil {
-		return 0
+// GetTargetType returns the TargetType field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetTargetType() string {
+	if c == nil || c.TargetType == nil {
+		return ""
 	}
-	return *c.Size
+	return *c.TargetType
 }
 
 // GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (c *CodeQLDatabase) GetUpdatedAt() Timestamp {
+func (c *CodeSecurityConfiguration) GetUpdatedAt() Timestamp {
 	if c == nil || c.UpdatedAt == nil {
 		return Timestamp{}
 	}
 	return *c.UpdatedAt
 }
 
-// GetUploader returns the Uploader field.
-func (c *CodeQLDatabase) GetUploader() *User {
-	if c == nil {
-		return nil
-	}
-	return c.Uploader
-}
-
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (c *CodeQLDatabase) GetURL() string {
+func (c *CodeSecurityConfiguration) GetURL() string {
 	if c == nil || c.URL == nil {
 		return ""
 	}
 	return *c.URL
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (c *CodeResult) GetHTMLURL() string {
-	if c == nil || c.HTMLURL == nil {
-		return ""
-	}
-	return *c.HTMLURL
-}
-
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (c *CodeResult) GetName() string {
-	if c == nil || c.Name == nil {
-		return ""
-	}
-	return *c.Name
-}
-
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (c *CodeResult) GetPath() string {
-	if c == nil || c.Path == nil {
-		return ""
-	}
-	return *c.Path
-}
-
-// GetRepository returns the Repository field.
-func (c *CodeResult) GetRepository() *Repository {
-	if c == nil {
-		return nil
-	}
-	return c.Repository
-}
-
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (c *CodeResult) GetSHA() string {
-	if c == nil || c.SHA == nil {
-		return ""
-	}
-	return *c.SHA
-}
-
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (c *CodeScanningAlertEvent) GetAction() string {
-	if c == nil || c.Action == nil {
-		return ""
-	}
-	return *c.Action
-}
-
-// GetAlert returns the Alert field.
-func (c *CodeScanningAlertEvent) GetAlert() *Alert {
-	if c == nil {
-		return nil
-	}
-	return c.Alert
-}
-
-// GetCommitOID returns the CommitOID field if it's non-nil, zero value otherwise.
-func (c *CodeScanningAlertEvent) GetCommitOID() string {
-	if c == nil || c.CommitOID == nil {
-		return ""
-	}
-	return *c.CommitOID
-}
-
-// GetInstallation returns the Installation field.
-func (c *CodeScanningAlertEvent) GetInstallation() *Installation {
-	if c == nil {
-		return nil
-	}
-	return c.Installation
-}
-
-// GetOrg returns the Org field.
-func (c *CodeScanningAlertEvent) GetOrg() *Organization {
-	if c == nil {
-		return nil
-	}
-	return c.Org
-}
-
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (c *CodeScanningAlertEvent) GetRef() string {
-	if c == nil || c.Ref == nil {
-		return ""
-	}
-	return *c.Ref
-}
-
-// GetRepo returns the Repo field.
-func (c *CodeScanningAlertEvent) GetRepo() *Repository {
-	if c == nil {
-		return nil
-	}
-	return c.Repo
-}
-
-// GetSender returns the Sender field.
-func (c *CodeScanningAlertEvent) GetSender() *User {
+// GetConfiguration returns the Configuration field.
+func (c *CodeSecurityConfigurationWithDefaultForNewRepos) GetConfiguration() *CodeSecurityConfiguration {
 	if c == nil {
 		return nil
 	}
-	return c.Sender
-}
-
-// GetDismissedComment returns the DismissedComment field if it's non-nil, zero value otherwise.
-func (c *CodeScanningAlertState) GetDismissedComment() string {
-	if c == nil || c.DismissedComment == nil {
-		return ""
-	}
-	return *c.DismissedComment
+	return c.Configuration
 }
 
-// GetDismissedReason returns the DismissedReason field if it's non-nil, zero value otherwise.
-func (c *CodeScanningAlertState) GetDismissedReason() string {
-	if c == nil || c.DismissedReason == nil {
+// GetDefaultForNewRepos returns the DefaultForNewRepos field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfigurationWithDefaultForNewRepos) GetDefaultForNewRepos() string {
+	if c == nil || c.DefaultForNewRepos == nil {
 		return ""
 	}
-	return *c.DismissedReason
-}
-
-// GetIncompleteResults returns the IncompleteResults field if it's non-nil, zero value otherwise.
-func (c *CodeSearchResult) GetIncompleteResults() bool {
-	if c == nil || c.IncompleteResults == nil {
-		return false
-	}
-	return *c.IncompleteResults
-}
-
-// GetTotal returns the Total field if it's non-nil, zero value otherwise.
-func (c *CodeSearchResult) GetTotal() int {
-	if c == nil || c.Total == nil {
-		return 0
-	}
-	return *c.Total
+	return *c.DefaultForNewRepos
 }
 
 // GetBillableOwner returns the BillableOwner field.
@@ -3686,14 +3606,6 @@ func (c *Commit) GetSHA() string {
 	return *c.SHA
 }
 
-// GetStats returns the Stats field.
-func (c *Commit) GetStats() *CommitStats {
-	if c == nil {
-		return nil
-	}
-	return c.Stats
-}
-
 // GetTree returns the Tree field.
 func (c *Commit) GetTree() *Tree {
 	if c == nil {
@@ -3774,6 +3686,14 @@ func (c *CommitCommentEvent) GetInstallation() *Installation {
 	return c.Installation
 }
 
+// GetOrg returns the Org field.
+func (c *CommitCommentEvent) GetOrg() *Organization {
+	if c == nil {
+		return nil
+	}
+	return c.Org
+}
+
 // GetRepo returns the Repo field.
 func (c *CommitCommentEvent) GetRepo() *Repository {
 	if c == nil {
@@ -4182,8280 +4102,12424 @@ func (c *CommunityHealthMetrics) GetUpdatedAt() Timestamp {
 	return *c.UpdatedAt
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (c *ContentReference) GetID() int64 {
-	if c == nil || c.ID == nil {
-		return 0
+// GetLastRequestID returns the LastRequestID field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNode) GetLastRequestID() string {
+	if c == nil || c.LastRequestID == nil {
+		return ""
 	}
-	return *c.ID
+	return *c.LastRequestID
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (c *ContentReference) GetNodeID() string {
-	if c == nil || c.NodeID == nil {
+// GetNode returns the Node field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNode) GetNode() string {
+	if c == nil || c.Node == nil {
 		return ""
 	}
-	return *c.NodeID
+	return *c.Node
 }
 
-// GetReference returns the Reference field if it's non-nil, zero value otherwise.
-func (c *ContentReference) GetReference() string {
-	if c == nil || c.Reference == nil {
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetBody() string {
+	if c == nil || c.Body == nil {
 		return ""
 	}
-	return *c.Reference
+	return *c.Body
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (c *ContentReferenceEvent) GetAction() string {
-	if c == nil || c.Action == nil {
+// GetConfigRunID returns the ConfigRunID field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetConfigRunID() string {
+	if c == nil || c.ConfigRunID == nil {
 		return ""
 	}
-	return *c.Action
+	return *c.ConfigRunID
 }
 
-// GetContentReference returns the ContentReference field.
-func (c *ContentReferenceEvent) GetContentReference() *ContentReference {
-	if c == nil {
-		return nil
+// GetEventName returns the EventName field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetEventName() string {
+	if c == nil || c.EventName == nil {
+		return ""
 	}
-	return c.ContentReference
+	return *c.EventName
 }
 
-// GetInstallation returns the Installation field.
-func (c *ContentReferenceEvent) GetInstallation() *Installation {
-	if c == nil {
-		return nil
+// GetHostname returns the Hostname field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetHostname() string {
+	if c == nil || c.Hostname == nil {
+		return ""
 	}
-	return c.Installation
+	return *c.Hostname
 }
 
-// GetRepo returns the Repo field.
-func (c *ContentReferenceEvent) GetRepo() *Repository {
-	if c == nil {
-		return nil
+// GetSeverityText returns the SeverityText field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetSeverityText() string {
+	if c == nil || c.SeverityText == nil {
+		return ""
 	}
-	return c.Repo
+	return *c.SeverityText
 }
 
-// GetSender returns the Sender field.
-func (c *ContentReferenceEvent) GetSender() *User {
-	if c == nil {
-		return nil
+// GetSpanDepth returns the SpanDepth field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetSpanDepth() int {
+	if c == nil || c.SpanDepth == nil {
+		return 0
 	}
-	return c.Sender
+	return *c.SpanDepth
 }
 
-// GetAvatarURL returns the AvatarURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetAvatarURL() string {
-	if c == nil || c.AvatarURL == nil {
+// GetSpanID returns the SpanID field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetSpanID() string {
+	if c == nil || c.SpanID == nil {
 		return ""
 	}
-	return *c.AvatarURL
+	return *c.SpanID
 }
 
-// GetContributions returns the Contributions field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetContributions() int {
-	if c == nil || c.Contributions == nil {
+// GetSpanParentID returns the SpanParentID field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetSpanParentID() int64 {
+	if c == nil || c.SpanParentID == nil {
 		return 0
 	}
-	return *c.Contributions
+	return *c.SpanParentID
 }
 
-// GetEmail returns the Email field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetEmail() string {
-	if c == nil || c.Email == nil {
-		return ""
+// GetTimestamp returns the Timestamp field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetTimestamp() Timestamp {
+	if c == nil || c.Timestamp == nil {
+		return Timestamp{}
 	}
-	return *c.Email
+	return *c.Timestamp
 }
 
-// GetEventsURL returns the EventsURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetEventsURL() string {
-	if c == nil || c.EventsURL == nil {
+// GetTopology returns the Topology field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetTopology() string {
+	if c == nil || c.Topology == nil {
 		return ""
 	}
-	return *c.EventsURL
+	return *c.Topology
 }
 
-// GetFollowersURL returns the FollowersURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetFollowersURL() string {
-	if c == nil || c.FollowersURL == nil {
+// GetTraceID returns the TraceID field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsNodeEvent) GetTraceID() string {
+	if c == nil || c.TraceID == nil {
 		return ""
 	}
-	return *c.FollowersURL
+	return *c.TraceID
 }
 
-// GetFollowingURL returns the FollowingURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetFollowingURL() string {
-	if c == nil || c.FollowingURL == nil {
+// GetLastRequestID returns the LastRequestID field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyEventsOptions) GetLastRequestID() string {
+	if c == nil || c.LastRequestID == nil {
 		return ""
 	}
-	return *c.FollowingURL
+	return *c.LastRequestID
 }
 
-// GetGistsURL returns the GistsURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetGistsURL() string {
-	if c == nil || c.GistsURL == nil {
+// GetRunID returns the RunID field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyOptions) GetRunID() string {
+	if c == nil || c.RunID == nil {
 		return ""
 	}
-	return *c.GistsURL
+	return *c.RunID
 }
 
-// GetGravatarID returns the GravatarID field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetGravatarID() string {
-	if c == nil || c.GravatarID == nil {
+// GetRunning returns the Running field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyStatus) GetRunning() bool {
+	if c == nil || c.Running == nil {
+		return false
+	}
+	return *c.Running
+}
+
+// GetSuccessful returns the Successful field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyStatus) GetSuccessful() bool {
+	if c == nil || c.Successful == nil {
+		return false
+	}
+	return *c.Successful
+}
+
+// GetHostname returns the Hostname field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyStatusNode) GetHostname() string {
+	if c == nil || c.Hostname == nil {
 		return ""
 	}
-	return *c.GravatarID
+	return *c.Hostname
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetHTMLURL() string {
-	if c == nil || c.HTMLURL == nil {
+// GetRunID returns the RunID field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyStatusNode) GetRunID() string {
+	if c == nil || c.RunID == nil {
 		return ""
 	}
-	return *c.HTMLURL
+	return *c.RunID
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetID() int64 {
-	if c == nil || c.ID == nil {
-		return 0
+// GetRunning returns the Running field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyStatusNode) GetRunning() bool {
+	if c == nil || c.Running == nil {
+		return false
 	}
-	return *c.ID
+	return *c.Running
 }
 
-// GetLogin returns the Login field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetLogin() string {
-	if c == nil || c.Login == nil {
-		return ""
+// GetSuccessful returns the Successful field if it's non-nil, zero value otherwise.
+func (c *ConfigApplyStatusNode) GetSuccessful() bool {
+	if c == nil || c.Successful == nil {
+		return false
 	}
-	return *c.Login
+	return *c.Successful
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetName() string {
-	if c == nil || c.Name == nil {
+// GetAdminPassword returns the AdminPassword field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetAdminPassword() string {
+	if c == nil || c.AdminPassword == nil {
 		return ""
 	}
-	return *c.Name
+	return *c.AdminPassword
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetNodeID() string {
-	if c == nil || c.NodeID == nil {
+// GetAssets returns the Assets field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetAssets() string {
+	if c == nil || c.Assets == nil {
 		return ""
 	}
-	return *c.NodeID
+	return *c.Assets
 }
 
-// GetOrganizationsURL returns the OrganizationsURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetOrganizationsURL() string {
-	if c == nil || c.OrganizationsURL == nil {
+// GetAuthMode returns the AuthMode field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetAuthMode() string {
+	if c == nil || c.AuthMode == nil {
 		return ""
 	}
-	return *c.OrganizationsURL
+	return *c.AuthMode
 }
 
-// GetReceivedEventsURL returns the ReceivedEventsURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetReceivedEventsURL() string {
-	if c == nil || c.ReceivedEventsURL == nil {
-		return ""
+// GetAvatar returns the Avatar field.
+func (c *ConfigSettings) GetAvatar() *ConfigSettingsAvatar {
+	if c == nil {
+		return nil
 	}
-	return *c.ReceivedEventsURL
+	return c.Avatar
 }
 
-// GetReposURL returns the ReposURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetReposURL() string {
-	if c == nil || c.ReposURL == nil {
-		return ""
+// GetCAS returns the CAS field.
+func (c *ConfigSettings) GetCAS() *ConfigSettingsCAS {
+	if c == nil {
+		return nil
 	}
-	return *c.ReposURL
+	return c.CAS
 }
 
-// GetSiteAdmin returns the SiteAdmin field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetSiteAdmin() bool {
-	if c == nil || c.SiteAdmin == nil {
-		return false
+// GetCollectd returns the Collectd field.
+func (c *ConfigSettings) GetCollectd() *ConfigSettingsCollectd {
+	if c == nil {
+		return nil
 	}
-	return *c.SiteAdmin
+	return c.Collectd
 }
 
-// GetStarredURL returns the StarredURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetStarredURL() string {
-	if c == nil || c.StarredURL == nil {
-		return ""
+// GetConfigurationID returns the ConfigurationID field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetConfigurationID() int64 {
+	if c == nil || c.ConfigurationID == nil {
+		return 0
 	}
-	return *c.StarredURL
+	return *c.ConfigurationID
 }
 
-// GetSubscriptionsURL returns the SubscriptionsURL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetSubscriptionsURL() string {
-	if c == nil || c.SubscriptionsURL == nil {
-		return ""
+// GetConfigurationRunCount returns the ConfigurationRunCount field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetConfigurationRunCount() int {
+	if c == nil || c.ConfigurationRunCount == nil {
+		return 0
 	}
-	return *c.SubscriptionsURL
+	return *c.ConfigurationRunCount
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetType() string {
-	if c == nil || c.Type == nil {
-		return ""
+// GetCustomer returns the Customer field.
+func (c *ConfigSettings) GetCustomer() *ConfigSettingsCustomer {
+	if c == nil {
+		return nil
 	}
-	return *c.Type
+	return c.Customer
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (c *Contributor) GetURL() string {
-	if c == nil || c.URL == nil {
-		return ""
+// GetExpireSessions returns the ExpireSessions field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetExpireSessions() bool {
+	if c == nil || c.ExpireSessions == nil {
+		return false
 	}
-	return *c.URL
+	return *c.ExpireSessions
 }
 
-// GetAuthor returns the Author field.
-func (c *ContributorStats) GetAuthor() *Contributor {
-	if c == nil {
-		return nil
+// GetGithubHostname returns the GithubHostname field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetGithubHostname() string {
+	if c == nil || c.GithubHostname == nil {
+		return ""
 	}
-	return c.Author
+	return *c.GithubHostname
 }
 
-// GetTotal returns the Total field if it's non-nil, zero value otherwise.
-func (c *ContributorStats) GetTotal() int {
-	if c == nil || c.Total == nil {
-		return 0
+// GetGithubOAuth returns the GithubOAuth field.
+func (c *ConfigSettings) GetGithubOAuth() *ConfigSettingsGithubOAuth {
+	if c == nil {
+		return nil
 	}
-	return *c.Total
+	return c.GithubOAuth
 }
 
-// GetCompletedAt returns the CompletedAt field if it's non-nil, zero value otherwise.
-func (c *CreateCheckRunOptions) GetCompletedAt() Timestamp {
-	if c == nil || c.CompletedAt == nil {
-		return Timestamp{}
+// GetGithubSSL returns the GithubSSL field.
+func (c *ConfigSettings) GetGithubSSL() *ConfigSettingsGithubSSL {
+	if c == nil {
+		return nil
 	}
-	return *c.CompletedAt
+	return c.GithubSSL
 }
 
-// GetConclusion returns the Conclusion field if it's non-nil, zero value otherwise.
-func (c *CreateCheckRunOptions) GetConclusion() string {
-	if c == nil || c.Conclusion == nil {
+// GetHTTPProxy returns the HTTPProxy field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetHTTPProxy() string {
+	if c == nil || c.HTTPProxy == nil {
 		return ""
 	}
-	return *c.Conclusion
+	return *c.HTTPProxy
 }
 
-// GetDetailsURL returns the DetailsURL field if it's non-nil, zero value otherwise.
-func (c *CreateCheckRunOptions) GetDetailsURL() string {
-	if c == nil || c.DetailsURL == nil {
+// GetIdenticonsHost returns the IdenticonsHost field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetIdenticonsHost() string {
+	if c == nil || c.IdenticonsHost == nil {
 		return ""
 	}
-	return *c.DetailsURL
+	return *c.IdenticonsHost
 }
 
-// GetExternalID returns the ExternalID field if it's non-nil, zero value otherwise.
-func (c *CreateCheckRunOptions) GetExternalID() string {
-	if c == nil || c.ExternalID == nil {
-		return ""
+// GetLDAP returns the LDAP field.
+func (c *ConfigSettings) GetLDAP() *ConfigSettingsLDAP {
+	if c == nil {
+		return nil
 	}
-	return *c.ExternalID
+	return c.LDAP
 }
 
-// GetOutput returns the Output field.
-func (c *CreateCheckRunOptions) GetOutput() *CheckRunOutput {
+// GetLicense returns the License field.
+func (c *ConfigSettings) GetLicense() *ConfigSettingsLicenseSettings {
 	if c == nil {
 		return nil
 	}
-	return c.Output
+	return c.License
 }
 
-// GetStartedAt returns the StartedAt field if it's non-nil, zero value otherwise.
-func (c *CreateCheckRunOptions) GetStartedAt() Timestamp {
-	if c == nil || c.StartedAt == nil {
-		return Timestamp{}
+// GetLoadBalancer returns the LoadBalancer field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetLoadBalancer() string {
+	if c == nil || c.LoadBalancer == nil {
+		return ""
 	}
-	return *c.StartedAt
+	return *c.LoadBalancer
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (c *CreateCheckRunOptions) GetStatus() string {
-	if c == nil || c.Status == nil {
-		return ""
+// GetMapping returns the Mapping field.
+func (c *ConfigSettings) GetMapping() *ConfigSettingsMapping {
+	if c == nil {
+		return nil
 	}
-	return *c.Status
+	return c.Mapping
 }
 
-// GetHeadBranch returns the HeadBranch field if it's non-nil, zero value otherwise.
-func (c *CreateCheckSuiteOptions) GetHeadBranch() string {
-	if c == nil || c.HeadBranch == nil {
-		return ""
+// GetNTP returns the NTP field.
+func (c *ConfigSettings) GetNTP() *ConfigSettingsNTP {
+	if c == nil {
+		return nil
 	}
-	return *c.HeadBranch
+	return c.NTP
 }
 
-// GetClientIP returns the ClientIP field if it's non-nil, zero value otherwise.
-func (c *CreateCodespaceOptions) GetClientIP() string {
-	if c == nil || c.ClientIP == nil {
-		return ""
+// GetPages returns the Pages field.
+func (c *ConfigSettings) GetPages() *ConfigSettingsPagesSettings {
+	if c == nil {
+		return nil
 	}
-	return *c.ClientIP
+	return c.Pages
 }
 
-// GetDevcontainerPath returns the DevcontainerPath field if it's non-nil, zero value otherwise.
-func (c *CreateCodespaceOptions) GetDevcontainerPath() string {
-	if c == nil || c.DevcontainerPath == nil {
-		return ""
+// GetPrivateMode returns the PrivateMode field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetPrivateMode() bool {
+	if c == nil || c.PrivateMode == nil {
+		return false
 	}
-	return *c.DevcontainerPath
+	return *c.PrivateMode
 }
 
-// GetDisplayName returns the DisplayName field if it's non-nil, zero value otherwise.
-func (c *CreateCodespaceOptions) GetDisplayName() string {
-	if c == nil || c.DisplayName == nil {
-		return ""
+// GetPublicPages returns the PublicPages field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetPublicPages() bool {
+	if c == nil || c.PublicPages == nil {
+		return false
 	}
-	return *c.DisplayName
+	return *c.PublicPages
 }
 
-// GetGeo returns the Geo field if it's non-nil, zero value otherwise.
-func (c *CreateCodespaceOptions) GetGeo() string {
-	if c == nil || c.Geo == nil {
-		return ""
+// GetSAML returns the SAML field.
+func (c *ConfigSettings) GetSAML() *ConfigSettingsSAML {
+	if c == nil {
+		return nil
 	}
-	return *c.Geo
+	return c.SAML
 }
 
-// GetIdleTimeoutMinutes returns the IdleTimeoutMinutes field if it's non-nil, zero value otherwise.
-func (c *CreateCodespaceOptions) GetIdleTimeoutMinutes() int {
-	if c == nil || c.IdleTimeoutMinutes == nil {
-		return 0
+// GetSignupEnabled returns the SignupEnabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetSignupEnabled() bool {
+	if c == nil || c.SignupEnabled == nil {
+		return false
 	}
-	return *c.IdleTimeoutMinutes
+	return *c.SignupEnabled
 }
 
-// GetMachine returns the Machine field if it's non-nil, zero value otherwise.
-func (c *CreateCodespaceOptions) GetMachine() string {
-	if c == nil || c.Machine == nil {
-		return ""
+// GetSMTP returns the SMTP field.
+func (c *ConfigSettings) GetSMTP() *ConfigSettingsSMTP {
+	if c == nil {
+		return nil
 	}
-	return *c.Machine
+	return c.SMTP
 }
 
-// GetMultiRepoPermissionsOptOut returns the MultiRepoPermissionsOptOut field if it's non-nil, zero value otherwise.
-func (c *CreateCodespaceOptions) GetMultiRepoPermissionsOptOut() bool {
-	if c == nil || c.MultiRepoPermissionsOptOut == nil {
-		return false
+// GetSNMP returns the SNMP field.
+func (c *ConfigSettings) GetSNMP() *ConfigSettingsSNMP {
+	if c == nil {
+		return nil
 	}
-	return *c.MultiRepoPermissionsOptOut
+	return c.SNMP
 }
 
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (c *CreateCodespaceOptions) GetRef() string {
-	if c == nil || c.Ref == nil {
-		return ""
+// GetSubdomainIsolation returns the SubdomainIsolation field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetSubdomainIsolation() bool {
+	if c == nil || c.SubdomainIsolation == nil {
+		return false
 	}
-	return *c.Ref
+	return *c.SubdomainIsolation
 }
 
-// GetRetentionPeriodMinutes returns the RetentionPeriodMinutes field if it's non-nil, zero value otherwise.
-func (c *CreateCodespaceOptions) GetRetentionPeriodMinutes() int {
-	if c == nil || c.RetentionPeriodMinutes == nil {
-		return 0
+// GetSyslog returns the Syslog field.
+func (c *ConfigSettings) GetSyslog() *ConfigSettingsSyslog {
+	if c == nil {
+		return nil
 	}
-	return *c.RetentionPeriodMinutes
+	return c.Syslog
 }
 
-// GetWorkingDirectory returns the WorkingDirectory field if it's non-nil, zero value otherwise.
-func (c *CreateCodespaceOptions) GetWorkingDirectory() string {
-	if c == nil || c.WorkingDirectory == nil {
+// GetTimezone returns the Timezone field if it's non-nil, zero value otherwise.
+func (c *ConfigSettings) GetTimezone() string {
+	if c == nil || c.Timezone == nil {
 		return ""
 	}
-	return *c.WorkingDirectory
+	return *c.Timezone
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (c *CreateEvent) GetDescription() string {
-	if c == nil || c.Description == nil {
-		return ""
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsAvatar) GetEnabled() bool {
+	if c == nil || c.Enabled == nil {
+		return false
 	}
-	return *c.Description
+	return *c.Enabled
 }
 
-// GetInstallation returns the Installation field.
-func (c *CreateEvent) GetInstallation() *Installation {
-	if c == nil {
-		return nil
+// GetURI returns the URI field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsAvatar) GetURI() string {
+	if c == nil || c.URI == nil {
+		return ""
 	}
-	return c.Installation
+	return *c.URI
 }
 
-// GetMasterBranch returns the MasterBranch field if it's non-nil, zero value otherwise.
-func (c *CreateEvent) GetMasterBranch() string {
-	if c == nil || c.MasterBranch == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCAS) GetURL() string {
+	if c == nil || c.URL == nil {
 		return ""
 	}
-	return *c.MasterBranch
+	return *c.URL
 }
 
-// GetOrg returns the Org field.
-func (c *CreateEvent) GetOrg() *Organization {
-	if c == nil {
-		return nil
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCollectd) GetEnabled() bool {
+	if c == nil || c.Enabled == nil {
+		return false
 	}
-	return c.Org
+	return *c.Enabled
 }
 
-// GetPusherType returns the PusherType field if it's non-nil, zero value otherwise.
-func (c *CreateEvent) GetPusherType() string {
-	if c == nil || c.PusherType == nil {
+// GetEncryption returns the Encryption field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCollectd) GetEncryption() string {
+	if c == nil || c.Encryption == nil {
 		return ""
 	}
-	return *c.PusherType
+	return *c.Encryption
 }
 
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (c *CreateEvent) GetRef() string {
-	if c == nil || c.Ref == nil {
+// GetPassword returns the Password field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCollectd) GetPassword() string {
+	if c == nil || c.Password == nil {
 		return ""
 	}
-	return *c.Ref
+	return *c.Password
 }
 
-// GetRefType returns the RefType field if it's non-nil, zero value otherwise.
-func (c *CreateEvent) GetRefType() string {
-	if c == nil || c.RefType == nil {
-		return ""
+// GetPort returns the Port field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCollectd) GetPort() int {
+	if c == nil || c.Port == nil {
+		return 0
 	}
-	return *c.RefType
+	return *c.Port
 }
 
-// GetRepo returns the Repo field.
-func (c *CreateEvent) GetRepo() *Repository {
-	if c == nil {
-		return nil
+// GetServer returns the Server field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCollectd) GetServer() string {
+	if c == nil || c.Server == nil {
+		return ""
 	}
-	return c.Repo
+	return *c.Server
 }
 
-// GetSender returns the Sender field.
-func (c *CreateEvent) GetSender() *User {
-	if c == nil {
-		return nil
+// GetUsername returns the Username field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCollectd) GetUsername() string {
+	if c == nil || c.Username == nil {
+		return ""
 	}
-	return c.Sender
+	return *c.Username
 }
 
 // GetEmail returns the Email field if it's non-nil, zero value otherwise.
-func (c *CreateOrgInvitationOptions) GetEmail() string {
+func (c *ConfigSettingsCustomer) GetEmail() string {
 	if c == nil || c.Email == nil {
 		return ""
 	}
 	return *c.Email
 }
 
-// GetInviteeID returns the InviteeID field if it's non-nil, zero value otherwise.
-func (c *CreateOrgInvitationOptions) GetInviteeID() int64 {
-	if c == nil || c.InviteeID == nil {
-		return 0
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCustomer) GetName() string {
+	if c == nil || c.Name == nil {
+		return ""
 	}
-	return *c.InviteeID
+	return *c.Name
 }
 
-// GetRole returns the Role field if it's non-nil, zero value otherwise.
-func (c *CreateOrgInvitationOptions) GetRole() string {
-	if c == nil || c.Role == nil {
+// GetPublicKeyData returns the PublicKeyData field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCustomer) GetPublicKeyData() string {
+	if c == nil || c.PublicKeyData == nil {
 		return ""
 	}
-	return *c.Role
+	return *c.PublicKeyData
 }
 
-// GetBaseRole returns the BaseRole field if it's non-nil, zero value otherwise.
-func (c *CreateOrUpdateCustomRoleOptions) GetBaseRole() string {
-	if c == nil || c.BaseRole == nil {
+// GetSecret returns the Secret field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCustomer) GetSecret() string {
+	if c == nil || c.Secret == nil {
 		return ""
 	}
-	return *c.BaseRole
+	return *c.Secret
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (c *CreateOrUpdateCustomRoleOptions) GetDescription() string {
-	if c == nil || c.Description == nil {
+// GetUUID returns the UUID field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsCustomer) GetUUID() string {
+	if c == nil || c.UUID == nil {
 		return ""
 	}
-	return *c.Description
+	return *c.UUID
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (c *CreateOrUpdateCustomRoleOptions) GetName() string {
-	if c == nil || c.Name == nil {
+// GetClientID returns the ClientID field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsGithubOAuth) GetClientID() string {
+	if c == nil || c.ClientID == nil {
 		return ""
 	}
-	return *c.Name
+	return *c.ClientID
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (c *CreateProtectedChanges) GetFrom() bool {
-	if c == nil || c.From == nil {
-		return false
+// GetClientSecret returns the ClientSecret field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsGithubOAuth) GetClientSecret() string {
+	if c == nil || c.ClientSecret == nil {
+		return ""
 	}
-	return *c.From
+	return *c.ClientSecret
 }
 
-// GetAllowsPublicRepositories returns the AllowsPublicRepositories field if it's non-nil, zero value otherwise.
-func (c *CreateRunnerGroupRequest) GetAllowsPublicRepositories() bool {
-	if c == nil || c.AllowsPublicRepositories == nil {
-		return false
+// GetOrganizationName returns the OrganizationName field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsGithubOAuth) GetOrganizationName() string {
+	if c == nil || c.OrganizationName == nil {
+		return ""
 	}
-	return *c.AllowsPublicRepositories
+	return *c.OrganizationName
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (c *CreateRunnerGroupRequest) GetName() string {
-	if c == nil || c.Name == nil {
+// GetOrganizationTeam returns the OrganizationTeam field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsGithubOAuth) GetOrganizationTeam() string {
+	if c == nil || c.OrganizationTeam == nil {
 		return ""
 	}
-	return *c.Name
+	return *c.OrganizationTeam
 }
 
-// GetRestrictedToWorkflows returns the RestrictedToWorkflows field if it's non-nil, zero value otherwise.
-func (c *CreateRunnerGroupRequest) GetRestrictedToWorkflows() bool {
-	if c == nil || c.RestrictedToWorkflows == nil {
+// GetCert returns the Cert field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsGithubSSL) GetCert() string {
+	if c == nil || c.Cert == nil {
+		return ""
+	}
+	return *c.Cert
+}
+
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsGithubSSL) GetEnabled() bool {
+	if c == nil || c.Enabled == nil {
 		return false
 	}
-	return *c.RestrictedToWorkflows
+	return *c.Enabled
 }
 
-// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
-func (c *CreateRunnerGroupRequest) GetVisibility() string {
-	if c == nil || c.Visibility == nil {
+// GetKey returns the Key field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsGithubSSL) GetKey() string {
+	if c == nil || c.Key == nil {
 		return ""
 	}
-	return *c.Visibility
+	return *c.Key
 }
 
-// GetCanAdminsBypass returns the CanAdminsBypass field if it's non-nil, zero value otherwise.
-func (c *CreateUpdateEnvironment) GetCanAdminsBypass() bool {
-	if c == nil || c.CanAdminsBypass == nil {
-		return false
+// GetAdminGroup returns the AdminGroup field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetAdminGroup() string {
+	if c == nil || c.AdminGroup == nil {
+		return ""
 	}
-	return *c.CanAdminsBypass
+	return *c.AdminGroup
 }
 
-// GetDeploymentBranchPolicy returns the DeploymentBranchPolicy field.
-func (c *CreateUpdateEnvironment) GetDeploymentBranchPolicy() *BranchPolicy {
-	if c == nil {
-		return nil
+// GetBindDN returns the BindDN field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetBindDN() string {
+	if c == nil || c.BindDN == nil {
+		return ""
 	}
-	return c.DeploymentBranchPolicy
+	return *c.BindDN
 }
 
-// GetWaitTimer returns the WaitTimer field if it's non-nil, zero value otherwise.
-func (c *CreateUpdateEnvironment) GetWaitTimer() int {
-	if c == nil || c.WaitTimer == nil {
-		return 0
+// GetHost returns the Host field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetHost() string {
+	if c == nil || c.Host == nil {
+		return ""
 	}
-	return *c.WaitTimer
+	return *c.Host
 }
 
-// GetRepositoryID returns the RepositoryID field if it's non-nil, zero value otherwise.
-func (c *CreateUpdateRequiredWorkflowOptions) GetRepositoryID() int64 {
-	if c == nil || c.RepositoryID == nil {
-		return 0
+// GetMethod returns the Method field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetMethod() string {
+	if c == nil || c.Method == nil {
+		return ""
 	}
-	return *c.RepositoryID
+	return *c.Method
 }
 
-// GetScope returns the Scope field if it's non-nil, zero value otherwise.
-func (c *CreateUpdateRequiredWorkflowOptions) GetScope() string {
-	if c == nil || c.Scope == nil {
+// GetPassword returns the Password field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetPassword() string {
+	if c == nil || c.Password == nil {
 		return ""
 	}
-	return *c.Scope
+	return *c.Password
 }
 
-// GetSelectedRepositoryIDs returns the SelectedRepositoryIDs field.
-func (c *CreateUpdateRequiredWorkflowOptions) GetSelectedRepositoryIDs() *SelectedRepoIDs {
+// GetPort returns the Port field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetPort() int {
+	if c == nil || c.Port == nil {
+		return 0
+	}
+	return *c.Port
+}
+
+// GetPosixSupport returns the PosixSupport field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetPosixSupport() bool {
+	if c == nil || c.PosixSupport == nil {
+		return false
+	}
+	return *c.PosixSupport
+}
+
+// GetProfile returns the Profile field.
+func (c *ConfigSettingsLDAP) GetProfile() *ConfigSettingsLDAPProfile {
 	if c == nil {
 		return nil
 	}
-	return c.SelectedRepositoryIDs
+	return c.Profile
 }
 
-// GetWorkflowFilePath returns the WorkflowFilePath field if it's non-nil, zero value otherwise.
-func (c *CreateUpdateRequiredWorkflowOptions) GetWorkflowFilePath() string {
-	if c == nil || c.WorkflowFilePath == nil {
-		return ""
+// GetReconciliation returns the Reconciliation field.
+func (c *ConfigSettingsLDAP) GetReconciliation() *ConfigSettingsLDAPReconciliation {
+	if c == nil {
+		return nil
 	}
-	return *c.WorkflowFilePath
+	return c.Reconciliation
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (c *CreateUserProjectOptions) GetBody() string {
-	if c == nil || c.Body == nil {
-		return ""
+// GetRecursiveGroupSearch returns the RecursiveGroupSearch field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetRecursiveGroupSearch() bool {
+	if c == nil || c.RecursiveGroupSearch == nil {
+		return false
 	}
-	return *c.Body
+	return *c.RecursiveGroupSearch
 }
 
-// GetCreated returns the Created field if it's non-nil, zero value otherwise.
-func (c *CreationInfo) GetCreated() Timestamp {
-	if c == nil || c.Created == nil {
-		return Timestamp{}
+// GetSearchStrategy returns the SearchStrategy field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetSearchStrategy() string {
+	if c == nil || c.SearchStrategy == nil {
+		return ""
 	}
-	return *c.Created
+	return *c.SearchStrategy
 }
 
-// GetAuthorizedCredentialExpiresAt returns the AuthorizedCredentialExpiresAt field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetAuthorizedCredentialExpiresAt() Timestamp {
-	if c == nil || c.AuthorizedCredentialExpiresAt == nil {
-		return Timestamp{}
+// GetSyncEnabled returns the SyncEnabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetSyncEnabled() bool {
+	if c == nil || c.SyncEnabled == nil {
+		return false
 	}
-	return *c.AuthorizedCredentialExpiresAt
+	return *c.SyncEnabled
 }
 
-// GetAuthorizedCredentialID returns the AuthorizedCredentialID field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetAuthorizedCredentialID() int64 {
-	if c == nil || c.AuthorizedCredentialID == nil {
+// GetTeamSyncInterval returns the TeamSyncInterval field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetTeamSyncInterval() int {
+	if c == nil || c.TeamSyncInterval == nil {
 		return 0
 	}
-	return *c.AuthorizedCredentialID
+	return *c.TeamSyncInterval
 }
 
-// GetAuthorizedCredentialNote returns the AuthorizedCredentialNote field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetAuthorizedCredentialNote() string {
-	if c == nil || c.AuthorizedCredentialNote == nil {
+// GetUID returns the UID field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetUID() string {
+	if c == nil || c.UID == nil {
 		return ""
 	}
-	return *c.AuthorizedCredentialNote
+	return *c.UID
 }
 
-// GetAuthorizedCredentialTitle returns the AuthorizedCredentialTitle field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetAuthorizedCredentialTitle() string {
-	if c == nil || c.AuthorizedCredentialTitle == nil {
-		return ""
+// GetUserSyncEmails returns the UserSyncEmails field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetUserSyncEmails() bool {
+	if c == nil || c.UserSyncEmails == nil {
+		return false
 	}
-	return *c.AuthorizedCredentialTitle
+	return *c.UserSyncEmails
 }
 
-// GetCredentialAccessedAt returns the CredentialAccessedAt field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetCredentialAccessedAt() Timestamp {
-	if c == nil || c.CredentialAccessedAt == nil {
-		return Timestamp{}
+// GetUserSyncInterval returns the UserSyncInterval field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetUserSyncInterval() int {
+	if c == nil || c.UserSyncInterval == nil {
+		return 0
 	}
-	return *c.CredentialAccessedAt
+	return *c.UserSyncInterval
 }
 
-// GetCredentialAuthorizedAt returns the CredentialAuthorizedAt field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetCredentialAuthorizedAt() Timestamp {
-	if c == nil || c.CredentialAuthorizedAt == nil {
-		return Timestamp{}
+// GetUserSyncKeys returns the UserSyncKeys field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetUserSyncKeys() bool {
+	if c == nil || c.UserSyncKeys == nil {
+		return false
 	}
-	return *c.CredentialAuthorizedAt
+	return *c.UserSyncKeys
 }
 
-// GetCredentialID returns the CredentialID field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetCredentialID() int64 {
-	if c == nil || c.CredentialID == nil {
-		return 0
+// GetVirtualAttributeEnabled returns the VirtualAttributeEnabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAP) GetVirtualAttributeEnabled() bool {
+	if c == nil || c.VirtualAttributeEnabled == nil {
+		return false
 	}
-	return *c.CredentialID
+	return *c.VirtualAttributeEnabled
 }
 
-// GetCredentialType returns the CredentialType field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetCredentialType() string {
-	if c == nil || c.CredentialType == nil {
+// GetKey returns the Key field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAPProfile) GetKey() string {
+	if c == nil || c.Key == nil {
 		return ""
 	}
-	return *c.CredentialType
+	return *c.Key
 }
 
-// GetFingerprint returns the Fingerprint field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetFingerprint() string {
-	if c == nil || c.Fingerprint == nil {
+// GetMail returns the Mail field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAPProfile) GetMail() string {
+	if c == nil || c.Mail == nil {
 		return ""
 	}
-	return *c.Fingerprint
+	return *c.Mail
 }
 
-// GetLogin returns the Login field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetLogin() string {
-	if c == nil || c.Login == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAPProfile) GetName() string {
+	if c == nil || c.Name == nil {
 		return ""
 	}
-	return *c.Login
+	return *c.Name
 }
 
-// GetTokenLastEight returns the TokenLastEight field if it's non-nil, zero value otherwise.
-func (c *CredentialAuthorization) GetTokenLastEight() string {
-	if c == nil || c.TokenLastEight == nil {
+// GetUID returns the UID field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAPProfile) GetUID() string {
+	if c == nil || c.UID == nil {
 		return ""
 	}
-	return *c.TokenLastEight
+	return *c.UID
 }
 
-// GetBaseRole returns the BaseRole field if it's non-nil, zero value otherwise.
-func (c *CustomRepoRoles) GetBaseRole() string {
-	if c == nil || c.BaseRole == nil {
+// GetOrg returns the Org field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAPReconciliation) GetOrg() string {
+	if c == nil || c.Org == nil {
 		return ""
 	}
-	return *c.BaseRole
+	return *c.Org
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (c *CustomRepoRoles) GetDescription() string {
-	if c == nil || c.Description == nil {
+// GetUser returns the User field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLDAPReconciliation) GetUser() string {
+	if c == nil || c.User == nil {
 		return ""
 	}
-	return *c.Description
+	return *c.User
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (c *CustomRepoRoles) GetID() int64 {
-	if c == nil || c.ID == nil {
-		return 0
+// GetClusterSupport returns the ClusterSupport field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLicenseSettings) GetClusterSupport() bool {
+	if c == nil || c.ClusterSupport == nil {
+		return false
 	}
-	return *c.ID
+	return *c.ClusterSupport
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (c *CustomRepoRoles) GetName() string {
-	if c == nil || c.Name == nil {
-		return ""
+// GetEvaluation returns the Evaluation field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLicenseSettings) GetEvaluation() bool {
+	if c == nil || c.Evaluation == nil {
+		return false
 	}
-	return *c.Name
+	return *c.Evaluation
 }
 
-// GetQuerySuite returns the QuerySuite field if it's non-nil, zero value otherwise.
-func (d *DefaultSetupConfiguration) GetQuerySuite() string {
-	if d == nil || d.QuerySuite == nil {
-		return ""
+// GetExpireAt returns the ExpireAt field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLicenseSettings) GetExpireAt() Timestamp {
+	if c == nil || c.ExpireAt == nil {
+		return Timestamp{}
 	}
-	return *d.QuerySuite
+	return *c.ExpireAt
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (d *DefaultSetupConfiguration) GetState() string {
-	if d == nil || d.State == nil {
-		return ""
+// GetPerpetual returns the Perpetual field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLicenseSettings) GetPerpetual() bool {
+	if c == nil || c.Perpetual == nil {
+		return false
 	}
-	return *d.State
+	return *c.Perpetual
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (d *DefaultSetupConfiguration) GetUpdatedAt() Timestamp {
-	if d == nil || d.UpdatedAt == nil {
-		return Timestamp{}
+// GetSeats returns the Seats field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLicenseSettings) GetSeats() int {
+	if c == nil || c.Seats == nil {
+		return 0
 	}
-	return *d.UpdatedAt
+	return *c.Seats
 }
 
-// GetConfirmDeleteURL returns the ConfirmDeleteURL field if it's non-nil, zero value otherwise.
-func (d *DeleteAnalysis) GetConfirmDeleteURL() string {
-	if d == nil || d.ConfirmDeleteURL == nil {
-		return ""
+// GetSSHAllowed returns the SSHAllowed field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLicenseSettings) GetSSHAllowed() bool {
+	if c == nil || c.SSHAllowed == nil {
+		return false
 	}
-	return *d.ConfirmDeleteURL
+	return *c.SSHAllowed
 }
 
-// GetNextAnalysisURL returns the NextAnalysisURL field if it's non-nil, zero value otherwise.
-func (d *DeleteAnalysis) GetNextAnalysisURL() string {
-	if d == nil || d.NextAnalysisURL == nil {
+// GetSupportKey returns the SupportKey field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLicenseSettings) GetSupportKey() string {
+	if c == nil || c.SupportKey == nil {
 		return ""
 	}
-	return *d.NextAnalysisURL
+	return *c.SupportKey
 }
 
-// GetInstallation returns the Installation field.
-func (d *DeleteEvent) GetInstallation() *Installation {
-	if d == nil {
-		return nil
+// GetUnlimitedSeating returns the UnlimitedSeating field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsLicenseSettings) GetUnlimitedSeating() bool {
+	if c == nil || c.UnlimitedSeating == nil {
+		return false
 	}
-	return d.Installation
+	return *c.UnlimitedSeating
 }
 
-// GetPusherType returns the PusherType field if it's non-nil, zero value otherwise.
-func (d *DeleteEvent) GetPusherType() string {
-	if d == nil || d.PusherType == nil {
+// GetBasemap returns the Basemap field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsMapping) GetBasemap() string {
+	if c == nil || c.Basemap == nil {
 		return ""
 	}
-	return *d.PusherType
+	return *c.Basemap
 }
 
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (d *DeleteEvent) GetRef() string {
-	if d == nil || d.Ref == nil {
-		return ""
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsMapping) GetEnabled() bool {
+	if c == nil || c.Enabled == nil {
+		return false
 	}
-	return *d.Ref
+	return *c.Enabled
 }
 
-// GetRefType returns the RefType field if it's non-nil, zero value otherwise.
-func (d *DeleteEvent) GetRefType() string {
-	if d == nil || d.RefType == nil {
+// GetTileserver returns the Tileserver field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsMapping) GetTileserver() string {
+	if c == nil || c.Tileserver == nil {
 		return ""
 	}
-	return *d.RefType
+	return *c.Tileserver
 }
 
-// GetRepo returns the Repo field.
-func (d *DeleteEvent) GetRepo() *Repository {
-	if d == nil {
-		return nil
+// GetToken returns the Token field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsMapping) GetToken() string {
+	if c == nil || c.Token == nil {
+		return ""
 	}
-	return d.Repo
+	return *c.Token
 }
 
-// GetSender returns the Sender field.
-func (d *DeleteEvent) GetSender() *User {
-	if d == nil {
-		return nil
+// GetPrimaryServer returns the PrimaryServer field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsNTP) GetPrimaryServer() string {
+	if c == nil || c.PrimaryServer == nil {
+		return ""
 	}
-	return d.Sender
+	return *c.PrimaryServer
 }
 
-// GetAutoDismissedAt returns the AutoDismissedAt field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetAutoDismissedAt() Timestamp {
-	if d == nil || d.AutoDismissedAt == nil {
-		return Timestamp{}
+// GetSecondaryServer returns the SecondaryServer field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsNTP) GetSecondaryServer() string {
+	if c == nil || c.SecondaryServer == nil {
+		return ""
 	}
-	return *d.AutoDismissedAt
+	return *c.SecondaryServer
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetCreatedAt() Timestamp {
-	if d == nil || d.CreatedAt == nil {
-		return Timestamp{}
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsPagesSettings) GetEnabled() bool {
+	if c == nil || c.Enabled == nil {
+		return false
 	}
-	return *d.CreatedAt
+	return *c.Enabled
 }
 
-// GetDependency returns the Dependency field.
-func (d *DependabotAlert) GetDependency() *Dependency {
-	if d == nil {
-		return nil
+// GetCertificate returns the Certificate field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSAML) GetCertificate() string {
+	if c == nil || c.Certificate == nil {
+		return ""
 	}
-	return d.Dependency
+	return *c.Certificate
 }
 
-// GetDismissedAt returns the DismissedAt field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetDismissedAt() Timestamp {
-	if d == nil || d.DismissedAt == nil {
-		return Timestamp{}
+// GetCertificatePath returns the CertificatePath field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSAML) GetCertificatePath() string {
+	if c == nil || c.CertificatePath == nil {
+		return ""
 	}
-	return *d.DismissedAt
+	return *c.CertificatePath
 }
 
-// GetDismissedBy returns the DismissedBy field.
-func (d *DependabotAlert) GetDismissedBy() *User {
-	if d == nil {
-		return nil
+// GetDisableAdminDemote returns the DisableAdminDemote field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSAML) GetDisableAdminDemote() bool {
+	if c == nil || c.DisableAdminDemote == nil {
+		return false
 	}
-	return d.DismissedBy
+	return *c.DisableAdminDemote
 }
 
-// GetDismissedComment returns the DismissedComment field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetDismissedComment() string {
-	if d == nil || d.DismissedComment == nil {
+// GetIDPInitiatedSSO returns the IDPInitiatedSSO field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSAML) GetIDPInitiatedSSO() bool {
+	if c == nil || c.IDPInitiatedSSO == nil {
+		return false
+	}
+	return *c.IDPInitiatedSSO
+}
+
+// GetIssuer returns the Issuer field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSAML) GetIssuer() string {
+	if c == nil || c.Issuer == nil {
 		return ""
 	}
-	return *d.DismissedComment
+	return *c.Issuer
 }
 
-// GetDismissedReason returns the DismissedReason field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetDismissedReason() string {
-	if d == nil || d.DismissedReason == nil {
+// GetSSOURL returns the SSOURL field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSAML) GetSSOURL() string {
+	if c == nil || c.SSOURL == nil {
 		return ""
 	}
-	return *d.DismissedReason
+	return *c.SSOURL
 }
 
-// GetFixedAt returns the FixedAt field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetFixedAt() Timestamp {
-	if d == nil || d.FixedAt == nil {
-		return Timestamp{}
+// GetAddress returns the Address field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetAddress() string {
+	if c == nil || c.Address == nil {
+		return ""
 	}
-	return *d.FixedAt
+	return *c.Address
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetHTMLURL() string {
-	if d == nil || d.HTMLURL == nil {
+// GetAuthentication returns the Authentication field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetAuthentication() string {
+	if c == nil || c.Authentication == nil {
 		return ""
 	}
-	return *d.HTMLURL
+	return *c.Authentication
 }
 
-// GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetNumber() int {
-	if d == nil || d.Number == nil {
-		return 0
+// GetDiscardToNoreplyAddress returns the DiscardToNoreplyAddress field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetDiscardToNoreplyAddress() bool {
+	if c == nil || c.DiscardToNoreplyAddress == nil {
+		return false
 	}
-	return *d.Number
+	return *c.DiscardToNoreplyAddress
 }
 
-// GetRepository returns the Repository field.
-func (d *DependabotAlert) GetRepository() *Repository {
-	if d == nil {
-		return nil
+// GetDomain returns the Domain field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetDomain() string {
+	if c == nil || c.Domain == nil {
+		return ""
 	}
-	return d.Repository
+	return *c.Domain
 }
 
-// GetSecurityAdvisory returns the SecurityAdvisory field.
-func (d *DependabotAlert) GetSecurityAdvisory() *DependabotSecurityAdvisory {
-	if d == nil {
-		return nil
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetEnabled() bool {
+	if c == nil || c.Enabled == nil {
+		return false
 	}
-	return d.SecurityAdvisory
+	return *c.Enabled
 }
 
-// GetSecurityVulnerability returns the SecurityVulnerability field.
-func (d *DependabotAlert) GetSecurityVulnerability() *AdvisoryVulnerability {
-	if d == nil {
-		return nil
+// GetEnableStarttlsAuto returns the EnableStarttlsAuto field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetEnableStarttlsAuto() bool {
+	if c == nil || c.EnableStarttlsAuto == nil {
+		return false
 	}
-	return d.SecurityVulnerability
+	return *c.EnableStarttlsAuto
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetState() string {
-	if d == nil || d.State == nil {
+// GetNoreplyAddress returns the NoreplyAddress field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetNoreplyAddress() string {
+	if c == nil || c.NoreplyAddress == nil {
 		return ""
 	}
-	return *d.State
+	return *c.NoreplyAddress
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetUpdatedAt() Timestamp {
-	if d == nil || d.UpdatedAt == nil {
-		return Timestamp{}
+// GetPassword returns the Password field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetPassword() string {
+	if c == nil || c.Password == nil {
+		return ""
 	}
-	return *d.UpdatedAt
+	return *c.Password
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (d *DependabotAlert) GetURL() string {
-	if d == nil || d.URL == nil {
+// GetPort returns the Port field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetPort() string {
+	if c == nil || c.Port == nil {
 		return ""
 	}
-	return *d.URL
+	return *c.Port
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (d *DependabotAlertEvent) GetAction() string {
-	if d == nil || d.Action == nil {
+// GetSupportAddress returns the SupportAddress field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetSupportAddress() string {
+	if c == nil || c.SupportAddress == nil {
 		return ""
 	}
-	return *d.Action
+	return *c.SupportAddress
 }
 
-// GetAlert returns the Alert field.
-func (d *DependabotAlertEvent) GetAlert() *DependabotAlert {
-	if d == nil {
-		return nil
+// GetSupportAddressType returns the SupportAddressType field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetSupportAddressType() string {
+	if c == nil || c.SupportAddressType == nil {
+		return ""
 	}
-	return d.Alert
+	return *c.SupportAddressType
 }
 
-// GetEnterprise returns the Enterprise field.
-func (d *DependabotAlertEvent) GetEnterprise() *Enterprise {
-	if d == nil {
-		return nil
+// GetUsername returns the Username field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetUsername() string {
+	if c == nil || c.Username == nil {
+		return ""
 	}
-	return d.Enterprise
+	return *c.Username
 }
 
-// GetInstallation returns the Installation field.
-func (d *DependabotAlertEvent) GetInstallation() *Installation {
-	if d == nil {
-		return nil
+// GetUserName returns the UserName field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSMTP) GetUserName() string {
+	if c == nil || c.UserName == nil {
+		return ""
 	}
-	return d.Installation
+	return *c.UserName
 }
 
-// GetOrganization returns the Organization field.
-func (d *DependabotAlertEvent) GetOrganization() *Organization {
-	if d == nil {
-		return nil
+// GetCommunity returns the Community field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSNMP) GetCommunity() string {
+	if c == nil || c.Community == nil {
+		return ""
 	}
-	return d.Organization
+	return *c.Community
 }
 
-// GetRepo returns the Repo field.
-func (d *DependabotAlertEvent) GetRepo() *Repository {
-	if d == nil {
-		return nil
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSNMP) GetEnabled() bool {
+	if c == nil || c.Enabled == nil {
+		return false
 	}
-	return d.Repo
+	return *c.Enabled
 }
 
-// GetSender returns the Sender field.
-func (d *DependabotAlertEvent) GetSender() *User {
-	if d == nil {
-		return nil
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSyslog) GetEnabled() bool {
+	if c == nil || c.Enabled == nil {
+		return false
 	}
-	return d.Sender
+	return *c.Enabled
 }
 
-// GetCVEID returns the CVEID field if it's non-nil, zero value otherwise.
-func (d *DependabotSecurityAdvisory) GetCVEID() string {
-	if d == nil || d.CVEID == nil {
+// GetProtocolName returns the ProtocolName field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSyslog) GetProtocolName() string {
+	if c == nil || c.ProtocolName == nil {
 		return ""
 	}
-	return *d.CVEID
+	return *c.ProtocolName
 }
 
-// GetCVSS returns the CVSS field.
-func (d *DependabotSecurityAdvisory) GetCVSS() *AdvisoryCVSS {
-	if d == nil {
-		return nil
+// GetServer returns the Server field if it's non-nil, zero value otherwise.
+func (c *ConfigSettingsSyslog) GetServer() string {
+	if c == nil || c.Server == nil {
+		return ""
 	}
-	return d.CVSS
+	return *c.Server
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (d *DependabotSecurityAdvisory) GetDescription() string {
-	if d == nil || d.Description == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *ConnectionServiceItem) GetName() string {
+	if c == nil || c.Name == nil {
 		return ""
 	}
-	return *d.Description
+	return *c.Name
 }
 
-// GetGHSAID returns the GHSAID field if it's non-nil, zero value otherwise.
-func (d *DependabotSecurityAdvisory) GetGHSAID() string {
-	if d == nil || d.GHSAID == nil {
-		return ""
+// GetNumber returns the Number field if it's non-nil, zero value otherwise.
+func (c *ConnectionServiceItem) GetNumber() int {
+	if c == nil || c.Number == nil {
+		return 0
 	}
-	return *d.GHSAID
+	return *c.Number
 }
 
-// GetPublishedAt returns the PublishedAt field if it's non-nil, zero value otherwise.
-func (d *DependabotSecurityAdvisory) GetPublishedAt() Timestamp {
-	if d == nil || d.PublishedAt == nil {
-		return Timestamp{}
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *ContentReference) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
 	}
-	return *d.PublishedAt
+	return *c.ID
 }
 
-// GetSeverity returns the Severity field if it's non-nil, zero value otherwise.
-func (d *DependabotSecurityAdvisory) GetSeverity() string {
-	if d == nil || d.Severity == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (c *ContentReference) GetNodeID() string {
+	if c == nil || c.NodeID == nil {
 		return ""
 	}
-	return *d.Severity
+	return *c.NodeID
 }
 
-// GetSummary returns the Summary field if it's non-nil, zero value otherwise.
-func (d *DependabotSecurityAdvisory) GetSummary() string {
-	if d == nil || d.Summary == nil {
+// GetReference returns the Reference field if it's non-nil, zero value otherwise.
+func (c *ContentReference) GetReference() string {
+	if c == nil || c.Reference == nil {
 		return ""
 	}
-	return *d.Summary
+	return *c.Reference
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (d *DependabotSecurityAdvisory) GetUpdatedAt() Timestamp {
-	if d == nil || d.UpdatedAt == nil {
-		return Timestamp{}
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (c *ContentReferenceEvent) GetAction() string {
+	if c == nil || c.Action == nil {
+		return ""
 	}
-	return *d.UpdatedAt
+	return *c.Action
 }
 
-// GetWithdrawnAt returns the WithdrawnAt field if it's non-nil, zero value otherwise.
-func (d *DependabotSecurityAdvisory) GetWithdrawnAt() Timestamp {
-	if d == nil || d.WithdrawnAt == nil {
-		return Timestamp{}
+// GetContentReference returns the ContentReference field.
+func (c *ContentReferenceEvent) GetContentReference() *ContentReference {
+	if c == nil {
+		return nil
 	}
-	return *d.WithdrawnAt
+	return c.ContentReference
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (d *DependabotSecurityUpdates) GetStatus() string {
-	if d == nil || d.Status == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (c *ContentReferenceEvent) GetInstallation() *Installation {
+	if c == nil {
+		return nil
 	}
-	return *d.Status
+	return c.Installation
 }
 
-// GetManifestPath returns the ManifestPath field if it's non-nil, zero value otherwise.
-func (d *Dependency) GetManifestPath() string {
-	if d == nil || d.ManifestPath == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (c *ContentReferenceEvent) GetRepo() *Repository {
+	if c == nil {
+		return nil
 	}
-	return *d.ManifestPath
+	return c.Repo
 }
 
-// GetPackage returns the Package field.
-func (d *Dependency) GetPackage() *VulnerabilityPackage {
-	if d == nil {
+// GetSender returns the Sender field.
+func (c *ContentReferenceEvent) GetSender() *User {
+	if c == nil {
 		return nil
 	}
-	return d.Package
+	return c.Sender
 }
 
-// GetScope returns the Scope field if it's non-nil, zero value otherwise.
-func (d *Dependency) GetScope() string {
-	if d == nil || d.Scope == nil {
+// GetAvatarURL returns the AvatarURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetAvatarURL() string {
+	if c == nil || c.AvatarURL == nil {
 		return ""
 	}
-	return *d.Scope
+	return *c.AvatarURL
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (d *DeployKeyEvent) GetAction() string {
-	if d == nil || d.Action == nil {
-		return ""
+// GetContributions returns the Contributions field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetContributions() int {
+	if c == nil || c.Contributions == nil {
+		return 0
 	}
-	return *d.Action
+	return *c.Contributions
 }
 
-// GetInstallation returns the Installation field.
-func (d *DeployKeyEvent) GetInstallation() *Installation {
-	if d == nil {
-		return nil
+// GetEmail returns the Email field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetEmail() string {
+	if c == nil || c.Email == nil {
+		return ""
 	}
-	return d.Installation
+	return *c.Email
 }
 
-// GetKey returns the Key field.
-func (d *DeployKeyEvent) GetKey() *Key {
-	if d == nil {
-		return nil
+// GetEventsURL returns the EventsURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetEventsURL() string {
+	if c == nil || c.EventsURL == nil {
+		return ""
 	}
-	return d.Key
+	return *c.EventsURL
 }
 
-// GetOrganization returns the Organization field.
-func (d *DeployKeyEvent) GetOrganization() *Organization {
-	if d == nil {
-		return nil
+// GetFollowersURL returns the FollowersURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetFollowersURL() string {
+	if c == nil || c.FollowersURL == nil {
+		return ""
 	}
-	return d.Organization
+	return *c.FollowersURL
 }
 
-// GetRepo returns the Repo field.
-func (d *DeployKeyEvent) GetRepo() *Repository {
-	if d == nil {
-		return nil
+// GetFollowingURL returns the FollowingURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetFollowingURL() string {
+	if c == nil || c.FollowingURL == nil {
+		return ""
 	}
-	return d.Repo
+	return *c.FollowingURL
 }
 
-// GetSender returns the Sender field.
-func (d *DeployKeyEvent) GetSender() *User {
-	if d == nil {
-		return nil
+// GetGistsURL returns the GistsURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetGistsURL() string {
+	if c == nil || c.GistsURL == nil {
+		return ""
 	}
-	return d.Sender
+	return *c.GistsURL
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetCreatedAt() Timestamp {
-	if d == nil || d.CreatedAt == nil {
-		return Timestamp{}
+// GetGravatarID returns the GravatarID field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetGravatarID() string {
+	if c == nil || c.GravatarID == nil {
+		return ""
 	}
-	return *d.CreatedAt
+	return *c.GravatarID
 }
 
-// GetCreator returns the Creator field.
-func (d *Deployment) GetCreator() *User {
-	if d == nil {
-		return nil
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetHTMLURL() string {
+	if c == nil || c.HTMLURL == nil {
+		return ""
 	}
-	return d.Creator
+	return *c.HTMLURL
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetDescription() string {
-	if d == nil || d.Description == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
 	}
-	return *d.Description
+	return *c.ID
 }
 
-// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetEnvironment() string {
-	if d == nil || d.Environment == nil {
+// GetLogin returns the Login field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetLogin() string {
+	if c == nil || c.Login == nil {
 		return ""
 	}
-	return *d.Environment
+	return *c.Login
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetID() int64 {
-	if d == nil || d.ID == nil {
-		return 0
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetName() string {
+	if c == nil || c.Name == nil {
+		return ""
 	}
-	return *d.ID
+	return *c.Name
 }
 
 // GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetNodeID() string {
-	if d == nil || d.NodeID == nil {
+func (c *Contributor) GetNodeID() string {
+	if c == nil || c.NodeID == nil {
 		return ""
 	}
-	return *d.NodeID
+	return *c.NodeID
 }
 
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetRef() string {
-	if d == nil || d.Ref == nil {
+// GetOrganizationsURL returns the OrganizationsURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetOrganizationsURL() string {
+	if c == nil || c.OrganizationsURL == nil {
 		return ""
 	}
-	return *d.Ref
+	return *c.OrganizationsURL
 }
 
-// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetRepositoryURL() string {
-	if d == nil || d.RepositoryURL == nil {
+// GetReceivedEventsURL returns the ReceivedEventsURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetReceivedEventsURL() string {
+	if c == nil || c.ReceivedEventsURL == nil {
 		return ""
 	}
-	return *d.RepositoryURL
+	return *c.ReceivedEventsURL
 }
 
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetSHA() string {
-	if d == nil || d.SHA == nil {
+// GetReposURL returns the ReposURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetReposURL() string {
+	if c == nil || c.ReposURL == nil {
 		return ""
 	}
-	return *d.SHA
+	return *c.ReposURL
 }
 
-// GetStatusesURL returns the StatusesURL field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetStatusesURL() string {
-	if d == nil || d.StatusesURL == nil {
+// GetSiteAdmin returns the SiteAdmin field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetSiteAdmin() bool {
+	if c == nil || c.SiteAdmin == nil {
+		return false
+	}
+	return *c.SiteAdmin
+}
+
+// GetStarredURL returns the StarredURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetStarredURL() string {
+	if c == nil || c.StarredURL == nil {
 		return ""
 	}
-	return *d.StatusesURL
+	return *c.StarredURL
 }
 
-// GetTask returns the Task field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetTask() string {
-	if d == nil || d.Task == nil {
+// GetSubscriptionsURL returns the SubscriptionsURL field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetSubscriptionsURL() string {
+	if c == nil || c.SubscriptionsURL == nil {
 		return ""
 	}
-	return *d.Task
+	return *c.SubscriptionsURL
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetUpdatedAt() Timestamp {
-	if d == nil || d.UpdatedAt == nil {
-		return Timestamp{}
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (c *Contributor) GetType() string {
+	if c == nil || c.Type == nil {
+		return ""
 	}
-	return *d.UpdatedAt
+	return *c.Type
 }
 
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (d *Deployment) GetURL() string {
-	if d == nil || d.URL == nil {
+func (c *Contributor) GetURL() string {
+	if c == nil || c.URL == nil {
 		return ""
 	}
-	return *d.URL
+	return *c.URL
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (d *DeploymentBranchPolicy) GetID() int64 {
-	if d == nil || d.ID == nil {
+// GetAuthor returns the Author field.
+func (c *ContributorStats) GetAuthor() *Contributor {
+	if c == nil {
+		return nil
+	}
+	return c.Author
+}
+
+// GetTotal returns the Total field if it's non-nil, zero value otherwise.
+func (c *ContributorStats) GetTotal() int {
+	if c == nil || c.Total == nil {
 		return 0
 	}
-	return *d.ID
+	return *c.Total
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (d *DeploymentBranchPolicy) GetName() string {
-	if d == nil || d.Name == nil {
+// GetCustomModelTrainingDate returns the CustomModelTrainingDate field if it's non-nil, zero value otherwise.
+func (c *CopilotDotcomChatModel) GetCustomModelTrainingDate() string {
+	if c == nil || c.CustomModelTrainingDate == nil {
 		return ""
 	}
-	return *d.Name
+	return *c.CustomModelTrainingDate
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (d *DeploymentBranchPolicy) GetNodeID() string {
-	if d == nil || d.NodeID == nil {
+// GetCustomModelTrainingDate returns the CustomModelTrainingDate field if it's non-nil, zero value otherwise.
+func (c *CopilotDotcomPullRequestsModel) GetCustomModelTrainingDate() string {
+	if c == nil || c.CustomModelTrainingDate == nil {
 		return ""
 	}
-	return *d.NodeID
+	return *c.CustomModelTrainingDate
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (d *DeploymentBranchPolicyRequest) GetName() string {
-	if d == nil || d.Name == nil {
+// GetCustomModelTrainingDate returns the CustomModelTrainingDate field if it's non-nil, zero value otherwise.
+func (c *CopilotIDEChatModel) GetCustomModelTrainingDate() string {
+	if c == nil || c.CustomModelTrainingDate == nil {
 		return ""
 	}
-	return *d.Name
+	return *c.CustomModelTrainingDate
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (d *DeploymentBranchPolicyResponse) GetTotalCount() int {
-	if d == nil || d.TotalCount == nil {
-		return 0
+// GetCustomModelTrainingDate returns the CustomModelTrainingDate field if it's non-nil, zero value otherwise.
+func (c *CopilotIDECodeCompletionsModel) GetCustomModelTrainingDate() string {
+	if c == nil || c.CustomModelTrainingDate == nil {
+		return ""
 	}
-	return *d.TotalCount
+	return *c.CustomModelTrainingDate
 }
 
-// GetDeployment returns the Deployment field.
-func (d *DeploymentEvent) GetDeployment() *Deployment {
-	if d == nil {
+// GetCopilotDotcomChat returns the CopilotDotcomChat field.
+func (c *CopilotMetrics) GetCopilotDotcomChat() *CopilotDotcomChat {
+	if c == nil {
 		return nil
 	}
-	return d.Deployment
+	return c.CopilotDotcomChat
 }
 
-// GetInstallation returns the Installation field.
-func (d *DeploymentEvent) GetInstallation() *Installation {
-	if d == nil {
+// GetCopilotDotcomPullRequests returns the CopilotDotcomPullRequests field.
+func (c *CopilotMetrics) GetCopilotDotcomPullRequests() *CopilotDotcomPullRequests {
+	if c == nil {
 		return nil
 	}
-	return d.Installation
+	return c.CopilotDotcomPullRequests
 }
 
-// GetRepo returns the Repo field.
-func (d *DeploymentEvent) GetRepo() *Repository {
-	if d == nil {
+// GetCopilotIDEChat returns the CopilotIDEChat field.
+func (c *CopilotMetrics) GetCopilotIDEChat() *CopilotIDEChat {
+	if c == nil {
 		return nil
 	}
-	return d.Repo
+	return c.CopilotIDEChat
 }
 
-// GetSender returns the Sender field.
-func (d *DeploymentEvent) GetSender() *User {
-	if d == nil {
+// GetCopilotIDECodeCompletions returns the CopilotIDECodeCompletions field.
+func (c *CopilotMetrics) GetCopilotIDECodeCompletions() *CopilotIDECodeCompletions {
+	if c == nil {
 		return nil
 	}
-	return d.Sender
+	return c.CopilotIDECodeCompletions
 }
 
-// GetWorkflow returns the Workflow field.
-func (d *DeploymentEvent) GetWorkflow() *Workflow {
-	if d == nil {
-		return nil
+// GetTotalActiveUsers returns the TotalActiveUsers field if it's non-nil, zero value otherwise.
+func (c *CopilotMetrics) GetTotalActiveUsers() int {
+	if c == nil || c.TotalActiveUsers == nil {
+		return 0
 	}
-	return d.Workflow
+	return *c.TotalActiveUsers
 }
 
-// GetWorkflowRun returns the WorkflowRun field.
-func (d *DeploymentEvent) GetWorkflowRun() *WorkflowRun {
-	if d == nil {
-		return nil
+// GetTotalEngagedUsers returns the TotalEngagedUsers field if it's non-nil, zero value otherwise.
+func (c *CopilotMetrics) GetTotalEngagedUsers() int {
+	if c == nil || c.TotalEngagedUsers == nil {
+		return 0
 	}
-	return d.WorkflowRun
+	return *c.TotalEngagedUsers
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (d *DeploymentProtectionRuleEvent) GetAction() string {
-	if d == nil || d.Action == nil {
-		return ""
+// GetSince returns the Since field if it's non-nil, zero value otherwise.
+func (c *CopilotMetricsListOptions) GetSince() time.Time {
+	if c == nil || c.Since == nil {
+		return time.Time{}
 	}
-	return *d.Action
+	return *c.Since
 }
 
-// GetDeployment returns the Deployment field.
-func (d *DeploymentProtectionRuleEvent) GetDeployment() *Deployment {
-	if d == nil {
-		return nil
+// GetUntil returns the Until field if it's non-nil, zero value otherwise.
+func (c *CopilotMetricsListOptions) GetUntil() time.Time {
+	if c == nil || c.Until == nil {
+		return time.Time{}
 	}
-	return d.Deployment
+	return *c.Until
 }
 
-// GetDeploymentCallbackURL returns the DeploymentCallbackURL field if it's non-nil, zero value otherwise.
-func (d *DeploymentProtectionRuleEvent) GetDeploymentCallbackURL() string {
-	if d == nil || d.DeploymentCallbackURL == nil {
-		return ""
+// GetSeatBreakdown returns the SeatBreakdown field.
+func (c *CopilotOrganizationDetails) GetSeatBreakdown() *CopilotSeatBreakdown {
+	if c == nil {
+		return nil
 	}
-	return *d.DeploymentCallbackURL
+	return c.SeatBreakdown
 }
 
-// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
-func (d *DeploymentProtectionRuleEvent) GetEnvironment() string {
-	if d == nil || d.Environment == nil {
-		return ""
+// GetAssigningTeam returns the AssigningTeam field.
+func (c *CopilotSeatDetails) GetAssigningTeam() *Team {
+	if c == nil {
+		return nil
 	}
-	return *d.Environment
+	return c.AssigningTeam
 }
 
-// GetEvent returns the Event field if it's non-nil, zero value otherwise.
-func (d *DeploymentProtectionRuleEvent) GetEvent() string {
-	if d == nil || d.Event == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (c *CopilotSeatDetails) GetCreatedAt() Timestamp {
+	if c == nil || c.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *d.Event
+	return *c.CreatedAt
 }
 
-// GetInstallation returns the Installation field.
-func (d *DeploymentProtectionRuleEvent) GetInstallation() *Installation {
-	if d == nil {
-		return nil
+// GetLastActivityAt returns the LastActivityAt field if it's non-nil, zero value otherwise.
+func (c *CopilotSeatDetails) GetLastActivityAt() Timestamp {
+	if c == nil || c.LastActivityAt == nil {
+		return Timestamp{}
 	}
-	return d.Installation
+	return *c.LastActivityAt
 }
 
-// GetOrganization returns the Organization field.
-func (d *DeploymentProtectionRuleEvent) GetOrganization() *Organization {
-	if d == nil {
-		return nil
+// GetLastActivityEditor returns the LastActivityEditor field if it's non-nil, zero value otherwise.
+func (c *CopilotSeatDetails) GetLastActivityEditor() string {
+	if c == nil || c.LastActivityEditor == nil {
+		return ""
 	}
-	return d.Organization
+	return *c.LastActivityEditor
 }
 
-// GetRepo returns the Repo field.
-func (d *DeploymentProtectionRuleEvent) GetRepo() *Repository {
-	if d == nil {
-		return nil
+// GetPendingCancellationDate returns the PendingCancellationDate field if it's non-nil, zero value otherwise.
+func (c *CopilotSeatDetails) GetPendingCancellationDate() string {
+	if c == nil || c.PendingCancellationDate == nil {
+		return ""
 	}
-	return d.Repo
+	return *c.PendingCancellationDate
 }
 
-// GetSender returns the Sender field.
-func (d *DeploymentProtectionRuleEvent) GetSender() *User {
-	if d == nil {
-		return nil
+// GetPlanType returns the PlanType field if it's non-nil, zero value otherwise.
+func (c *CopilotSeatDetails) GetPlanType() string {
+	if c == nil || c.PlanType == nil {
+		return ""
 	}
-	return d.Sender
+	return *c.PlanType
 }
 
-// GetAutoMerge returns the AutoMerge field if it's non-nil, zero value otherwise.
-func (d *DeploymentRequest) GetAutoMerge() bool {
-	if d == nil || d.AutoMerge == nil {
-		return false
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (c *CopilotSeatDetails) GetUpdatedAt() Timestamp {
+	if c == nil || c.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *d.AutoMerge
+	return *c.UpdatedAt
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (d *DeploymentRequest) GetDescription() string {
-	if d == nil || d.Description == nil {
-		return ""
+// GetCompletedAt returns the CompletedAt field if it's non-nil, zero value otherwise.
+func (c *CreateCheckRunOptions) GetCompletedAt() Timestamp {
+	if c == nil || c.CompletedAt == nil {
+		return Timestamp{}
 	}
-	return *d.Description
+	return *c.CompletedAt
 }
 
-// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
-func (d *DeploymentRequest) GetEnvironment() string {
-	if d == nil || d.Environment == nil {
+// GetConclusion returns the Conclusion field if it's non-nil, zero value otherwise.
+func (c *CreateCheckRunOptions) GetConclusion() string {
+	if c == nil || c.Conclusion == nil {
 		return ""
 	}
-	return *d.Environment
+	return *c.Conclusion
 }
 
-// GetProductionEnvironment returns the ProductionEnvironment field if it's non-nil, zero value otherwise.
-func (d *DeploymentRequest) GetProductionEnvironment() bool {
-	if d == nil || d.ProductionEnvironment == nil {
-		return false
+// GetDetailsURL returns the DetailsURL field if it's non-nil, zero value otherwise.
+func (c *CreateCheckRunOptions) GetDetailsURL() string {
+	if c == nil || c.DetailsURL == nil {
+		return ""
 	}
-	return *d.ProductionEnvironment
+	return *c.DetailsURL
 }
 
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (d *DeploymentRequest) GetRef() string {
-	if d == nil || d.Ref == nil {
+// GetExternalID returns the ExternalID field if it's non-nil, zero value otherwise.
+func (c *CreateCheckRunOptions) GetExternalID() string {
+	if c == nil || c.ExternalID == nil {
 		return ""
 	}
-	return *d.Ref
+	return *c.ExternalID
 }
 
-// GetRequiredContexts returns the RequiredContexts field if it's non-nil, zero value otherwise.
-func (d *DeploymentRequest) GetRequiredContexts() []string {
-	if d == nil || d.RequiredContexts == nil {
+// GetOutput returns the Output field.
+func (c *CreateCheckRunOptions) GetOutput() *CheckRunOutput {
+	if c == nil {
 		return nil
 	}
-	return *d.RequiredContexts
-}
-
-// GetTask returns the Task field if it's non-nil, zero value otherwise.
-func (d *DeploymentRequest) GetTask() string {
-	if d == nil || d.Task == nil {
-		return ""
-	}
-	return *d.Task
+	return c.Output
 }
 
-// GetTransientEnvironment returns the TransientEnvironment field if it's non-nil, zero value otherwise.
-func (d *DeploymentRequest) GetTransientEnvironment() bool {
-	if d == nil || d.TransientEnvironment == nil {
-		return false
+// GetStartedAt returns the StartedAt field if it's non-nil, zero value otherwise.
+func (c *CreateCheckRunOptions) GetStartedAt() Timestamp {
+	if c == nil || c.StartedAt == nil {
+		return Timestamp{}
 	}
-	return *d.TransientEnvironment
+	return *c.StartedAt
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetCreatedAt() Timestamp {
-	if d == nil || d.CreatedAt == nil {
-		return Timestamp{}
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (c *CreateCheckRunOptions) GetStatus() string {
+	if c == nil || c.Status == nil {
+		return ""
 	}
-	return *d.CreatedAt
+	return *c.Status
 }
 
-// GetCreator returns the Creator field.
-func (d *DeploymentStatus) GetCreator() *User {
-	if d == nil {
-		return nil
+// GetHeadBranch returns the HeadBranch field if it's non-nil, zero value otherwise.
+func (c *CreateCheckSuiteOptions) GetHeadBranch() string {
+	if c == nil || c.HeadBranch == nil {
+		return ""
 	}
-	return d.Creator
+	return *c.HeadBranch
 }
 
-// GetDeploymentURL returns the DeploymentURL field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetDeploymentURL() string {
-	if d == nil || d.DeploymentURL == nil {
+// GetClientIP returns the ClientIP field if it's non-nil, zero value otherwise.
+func (c *CreateCodespaceOptions) GetClientIP() string {
+	if c == nil || c.ClientIP == nil {
 		return ""
 	}
-	return *d.DeploymentURL
+	return *c.ClientIP
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetDescription() string {
-	if d == nil || d.Description == nil {
+// GetDevcontainerPath returns the DevcontainerPath field if it's non-nil, zero value otherwise.
+func (c *CreateCodespaceOptions) GetDevcontainerPath() string {
+	if c == nil || c.DevcontainerPath == nil {
 		return ""
 	}
-	return *d.Description
+	return *c.DevcontainerPath
 }
 
-// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetEnvironment() string {
-	if d == nil || d.Environment == nil {
+// GetDisplayName returns the DisplayName field if it's non-nil, zero value otherwise.
+func (c *CreateCodespaceOptions) GetDisplayName() string {
+	if c == nil || c.DisplayName == nil {
 		return ""
 	}
-	return *d.Environment
+	return *c.DisplayName
 }
 
-// GetEnvironmentURL returns the EnvironmentURL field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetEnvironmentURL() string {
-	if d == nil || d.EnvironmentURL == nil {
+// GetGeo returns the Geo field if it's non-nil, zero value otherwise.
+func (c *CreateCodespaceOptions) GetGeo() string {
+	if c == nil || c.Geo == nil {
 		return ""
 	}
-	return *d.EnvironmentURL
+	return *c.Geo
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetID() int64 {
-	if d == nil || d.ID == nil {
+// GetIdleTimeoutMinutes returns the IdleTimeoutMinutes field if it's non-nil, zero value otherwise.
+func (c *CreateCodespaceOptions) GetIdleTimeoutMinutes() int {
+	if c == nil || c.IdleTimeoutMinutes == nil {
 		return 0
 	}
-	return *d.ID
+	return *c.IdleTimeoutMinutes
 }
 
-// GetLogURL returns the LogURL field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetLogURL() string {
-	if d == nil || d.LogURL == nil {
+// GetMachine returns the Machine field if it's non-nil, zero value otherwise.
+func (c *CreateCodespaceOptions) GetMachine() string {
+	if c == nil || c.Machine == nil {
 		return ""
 	}
-	return *d.LogURL
+	return *c.Machine
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetNodeID() string {
-	if d == nil || d.NodeID == nil {
-		return ""
+// GetMultiRepoPermissionsOptOut returns the MultiRepoPermissionsOptOut field if it's non-nil, zero value otherwise.
+func (c *CreateCodespaceOptions) GetMultiRepoPermissionsOptOut() bool {
+	if c == nil || c.MultiRepoPermissionsOptOut == nil {
+		return false
 	}
-	return *d.NodeID
+	return *c.MultiRepoPermissionsOptOut
 }
 
-// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetRepositoryURL() string {
-	if d == nil || d.RepositoryURL == nil {
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (c *CreateCodespaceOptions) GetRef() string {
+	if c == nil || c.Ref == nil {
 		return ""
 	}
-	return *d.RepositoryURL
+	return *c.Ref
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetState() string {
-	if d == nil || d.State == nil {
-		return ""
+// GetRetentionPeriodMinutes returns the RetentionPeriodMinutes field if it's non-nil, zero value otherwise.
+func (c *CreateCodespaceOptions) GetRetentionPeriodMinutes() int {
+	if c == nil || c.RetentionPeriodMinutes == nil {
+		return 0
 	}
-	return *d.State
+	return *c.RetentionPeriodMinutes
 }
 
-// GetTargetURL returns the TargetURL field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetTargetURL() string {
-	if d == nil || d.TargetURL == nil {
+// GetWorkingDirectory returns the WorkingDirectory field if it's non-nil, zero value otherwise.
+func (c *CreateCodespaceOptions) GetWorkingDirectory() string {
+	if c == nil || c.WorkingDirectory == nil {
 		return ""
 	}
-	return *d.TargetURL
+	return *c.WorkingDirectory
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetUpdatedAt() Timestamp {
-	if d == nil || d.UpdatedAt == nil {
-		return Timestamp{}
+// GetAllowsPublicRepositories returns the AllowsPublicRepositories field if it's non-nil, zero value otherwise.
+func (c *CreateEnterpriseRunnerGroupRequest) GetAllowsPublicRepositories() bool {
+	if c == nil || c.AllowsPublicRepositories == nil {
+		return false
 	}
-	return *d.UpdatedAt
+	return *c.AllowsPublicRepositories
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatus) GetURL() string {
-	if d == nil || d.URL == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CreateEnterpriseRunnerGroupRequest) GetName() string {
+	if c == nil || c.Name == nil {
 		return ""
 	}
-	return *d.URL
+	return *c.Name
 }
 
-// GetDeployment returns the Deployment field.
-func (d *DeploymentStatusEvent) GetDeployment() *Deployment {
-	if d == nil {
-		return nil
+// GetRestrictedToWorkflows returns the RestrictedToWorkflows field if it's non-nil, zero value otherwise.
+func (c *CreateEnterpriseRunnerGroupRequest) GetRestrictedToWorkflows() bool {
+	if c == nil || c.RestrictedToWorkflows == nil {
+		return false
 	}
-	return d.Deployment
+	return *c.RestrictedToWorkflows
 }
 
-// GetDeploymentStatus returns the DeploymentStatus field.
-func (d *DeploymentStatusEvent) GetDeploymentStatus() *DeploymentStatus {
-	if d == nil {
-		return nil
+// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
+func (c *CreateEnterpriseRunnerGroupRequest) GetVisibility() string {
+	if c == nil || c.Visibility == nil {
+		return ""
 	}
-	return d.DeploymentStatus
+	return *c.Visibility
 }
 
-// GetInstallation returns the Installation field.
-func (d *DeploymentStatusEvent) GetInstallation() *Installation {
-	if d == nil {
-		return nil
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (c *CreateEvent) GetDescription() string {
+	if c == nil || c.Description == nil {
+		return ""
 	}
-	return d.Installation
+	return *c.Description
 }
 
-// GetRepo returns the Repo field.
-func (d *DeploymentStatusEvent) GetRepo() *Repository {
-	if d == nil {
+// GetInstallation returns the Installation field.
+func (c *CreateEvent) GetInstallation() *Installation {
+	if c == nil {
 		return nil
 	}
-	return d.Repo
+	return c.Installation
 }
 
-// GetSender returns the Sender field.
-func (d *DeploymentStatusEvent) GetSender() *User {
-	if d == nil {
-		return nil
+// GetMasterBranch returns the MasterBranch field if it's non-nil, zero value otherwise.
+func (c *CreateEvent) GetMasterBranch() string {
+	if c == nil || c.MasterBranch == nil {
+		return ""
 	}
-	return d.Sender
+	return *c.MasterBranch
 }
 
-// GetAutoInactive returns the AutoInactive field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatusRequest) GetAutoInactive() bool {
-	if d == nil || d.AutoInactive == nil {
-		return false
+// GetOrg returns the Org field.
+func (c *CreateEvent) GetOrg() *Organization {
+	if c == nil {
+		return nil
 	}
-	return *d.AutoInactive
+	return c.Org
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatusRequest) GetDescription() string {
-	if d == nil || d.Description == nil {
+// GetPusherType returns the PusherType field if it's non-nil, zero value otherwise.
+func (c *CreateEvent) GetPusherType() string {
+	if c == nil || c.PusherType == nil {
 		return ""
 	}
-	return *d.Description
+	return *c.PusherType
 }
 
-// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatusRequest) GetEnvironment() string {
-	if d == nil || d.Environment == nil {
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (c *CreateEvent) GetRef() string {
+	if c == nil || c.Ref == nil {
 		return ""
 	}
-	return *d.Environment
+	return *c.Ref
 }
 
-// GetEnvironmentURL returns the EnvironmentURL field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatusRequest) GetEnvironmentURL() string {
-	if d == nil || d.EnvironmentURL == nil {
+// GetRefType returns the RefType field if it's non-nil, zero value otherwise.
+func (c *CreateEvent) GetRefType() string {
+	if c == nil || c.RefType == nil {
 		return ""
 	}
-	return *d.EnvironmentURL
+	return *c.RefType
 }
 
-// GetLogURL returns the LogURL field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatusRequest) GetLogURL() string {
-	if d == nil || d.LogURL == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (c *CreateEvent) GetRepo() *Repository {
+	if c == nil {
+		return nil
 	}
-	return *d.LogURL
+	return c.Repo
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (d *DeploymentStatusRequest) GetState() string {
-	if d == nil || d.State == nil {
-		return ""
+// GetSender returns the Sender field.
+func (c *CreateEvent) GetSender() *User {
+	if c == nil {
+		return nil
 	}
-	return *d.State
+	return c.Sender
 }
 
-// GetActiveLockReason returns the ActiveLockReason field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetActiveLockReason() string {
-	if d == nil || d.ActiveLockReason == nil {
+// GetEmail returns the Email field if it's non-nil, zero value otherwise.
+func (c *CreateOrgInvitationOptions) GetEmail() string {
+	if c == nil || c.Email == nil {
 		return ""
 	}
-	return *d.ActiveLockReason
+	return *c.Email
 }
 
-// GetAnswerChosenAt returns the AnswerChosenAt field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetAnswerChosenAt() Timestamp {
-	if d == nil || d.AnswerChosenAt == nil {
-		return Timestamp{}
+// GetInviteeID returns the InviteeID field if it's non-nil, zero value otherwise.
+func (c *CreateOrgInvitationOptions) GetInviteeID() int64 {
+	if c == nil || c.InviteeID == nil {
+		return 0
 	}
-	return *d.AnswerChosenAt
+	return *c.InviteeID
 }
 
-// GetAnswerChosenBy returns the AnswerChosenBy field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetAnswerChosenBy() string {
-	if d == nil || d.AnswerChosenBy == nil {
+// GetRole returns the Role field if it's non-nil, zero value otherwise.
+func (c *CreateOrgInvitationOptions) GetRole() string {
+	if c == nil || c.Role == nil {
 		return ""
 	}
-	return *d.AnswerChosenBy
+	return *c.Role
 }
 
-// GetAnswerHTMLURL returns the AnswerHTMLURL field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetAnswerHTMLURL() string {
-	if d == nil || d.AnswerHTMLURL == nil {
+// GetBaseRole returns the BaseRole field if it's non-nil, zero value otherwise.
+func (c *CreateOrUpdateCustomRepoRoleOptions) GetBaseRole() string {
+	if c == nil || c.BaseRole == nil {
 		return ""
 	}
-	return *d.AnswerHTMLURL
+	return *c.BaseRole
 }
 
-// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetAuthorAssociation() string {
-	if d == nil || d.AuthorAssociation == nil {
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (c *CreateOrUpdateCustomRepoRoleOptions) GetDescription() string {
+	if c == nil || c.Description == nil {
 		return ""
 	}
-	return *d.AuthorAssociation
+	return *c.Description
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetBody() string {
-	if d == nil || d.Body == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CreateOrUpdateCustomRepoRoleOptions) GetName() string {
+	if c == nil || c.Name == nil {
 		return ""
 	}
-	return *d.Body
+	return *c.Name
 }
 
-// GetComments returns the Comments field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetComments() int {
-	if d == nil || d.Comments == nil {
-		return 0
+// GetColor returns the Color field if it's non-nil, zero value otherwise.
+func (c *CreateOrUpdateIssueTypesOptions) GetColor() string {
+	if c == nil || c.Color == nil {
+		return ""
 	}
-	return *d.Comments
+	return *c.Color
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetCreatedAt() Timestamp {
-	if d == nil || d.CreatedAt == nil {
-		return Timestamp{}
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (c *CreateOrUpdateIssueTypesOptions) GetDescription() string {
+	if c == nil || c.Description == nil {
+		return ""
 	}
-	return *d.CreatedAt
+	return *c.Description
 }
 
-// GetDiscussionCategory returns the DiscussionCategory field.
-func (d *Discussion) GetDiscussionCategory() *DiscussionCategory {
-	if d == nil {
-		return nil
+// GetIsPrivate returns the IsPrivate field if it's non-nil, zero value otherwise.
+func (c *CreateOrUpdateIssueTypesOptions) GetIsPrivate() bool {
+	if c == nil || c.IsPrivate == nil {
+		return false
 	}
-	return d.DiscussionCategory
+	return *c.IsPrivate
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetHTMLURL() string {
-	if d == nil || d.HTMLURL == nil {
+// GetBaseRole returns the BaseRole field if it's non-nil, zero value otherwise.
+func (c *CreateOrUpdateOrgRoleOptions) GetBaseRole() string {
+	if c == nil || c.BaseRole == nil {
 		return ""
 	}
-	return *d.HTMLURL
+	return *c.BaseRole
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetID() int64 {
-	if d == nil || d.ID == nil {
-		return 0
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (c *CreateOrUpdateOrgRoleOptions) GetDescription() string {
+	if c == nil || c.Description == nil {
+		return ""
 	}
-	return *d.ID
+	return *c.Description
 }
 
-// GetLocked returns the Locked field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetLocked() bool {
-	if d == nil || d.Locked == nil {
-		return false
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CreateOrUpdateOrgRoleOptions) GetName() string {
+	if c == nil || c.Name == nil {
+		return ""
 	}
-	return *d.Locked
+	return *c.Name
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetNodeID() string {
-	if d == nil || d.NodeID == nil {
-		return ""
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (c *CreateProtectedChanges) GetFrom() bool {
+	if c == nil || c.From == nil {
+		return false
 	}
-	return *d.NodeID
+	return *c.From
 }
 
-// GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetNumber() int {
-	if d == nil || d.Number == nil {
-		return 0
+// GetAllowsPublicRepositories returns the AllowsPublicRepositories field if it's non-nil, zero value otherwise.
+func (c *CreateRunnerGroupRequest) GetAllowsPublicRepositories() bool {
+	if c == nil || c.AllowsPublicRepositories == nil {
+		return false
 	}
-	return *d.Number
+	return *c.AllowsPublicRepositories
 }
 
-// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetRepositoryURL() string {
-	if d == nil || d.RepositoryURL == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CreateRunnerGroupRequest) GetName() string {
+	if c == nil || c.Name == nil {
 		return ""
 	}
-	return *d.RepositoryURL
+	return *c.Name
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetState() string {
-	if d == nil || d.State == nil {
-		return ""
+// GetRestrictedToWorkflows returns the RestrictedToWorkflows field if it's non-nil, zero value otherwise.
+func (c *CreateRunnerGroupRequest) GetRestrictedToWorkflows() bool {
+	if c == nil || c.RestrictedToWorkflows == nil {
+		return false
 	}
-	return *d.State
+	return *c.RestrictedToWorkflows
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetTitle() string {
-	if d == nil || d.Title == nil {
+// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
+func (c *CreateRunnerGroupRequest) GetVisibility() string {
+	if c == nil || c.Visibility == nil {
 		return ""
 	}
-	return *d.Title
+	return *c.Visibility
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (d *Discussion) GetUpdatedAt() Timestamp {
-	if d == nil || d.UpdatedAt == nil {
-		return Timestamp{}
+// GetCanAdminsBypass returns the CanAdminsBypass field if it's non-nil, zero value otherwise.
+func (c *CreateUpdateEnvironment) GetCanAdminsBypass() bool {
+	if c == nil || c.CanAdminsBypass == nil {
+		return false
 	}
-	return *d.UpdatedAt
+	return *c.CanAdminsBypass
 }
 
-// GetUser returns the User field.
-func (d *Discussion) GetUser() *User {
-	if d == nil {
+// GetDeploymentBranchPolicy returns the DeploymentBranchPolicy field.
+func (c *CreateUpdateEnvironment) GetDeploymentBranchPolicy() *BranchPolicy {
+	if c == nil {
 		return nil
 	}
-	return d.User
+	return c.DeploymentBranchPolicy
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (d *DiscussionCategory) GetCreatedAt() Timestamp {
-	if d == nil || d.CreatedAt == nil {
-		return Timestamp{}
+// GetPreventSelfReview returns the PreventSelfReview field if it's non-nil, zero value otherwise.
+func (c *CreateUpdateEnvironment) GetPreventSelfReview() bool {
+	if c == nil || c.PreventSelfReview == nil {
+		return false
 	}
-	return *d.CreatedAt
+	return *c.PreventSelfReview
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (d *DiscussionCategory) GetDescription() string {
-	if d == nil || d.Description == nil {
-		return ""
+// GetWaitTimer returns the WaitTimer field if it's non-nil, zero value otherwise.
+func (c *CreateUpdateEnvironment) GetWaitTimer() int {
+	if c == nil || c.WaitTimer == nil {
+		return 0
 	}
-	return *d.Description
+	return *c.WaitTimer
 }
 
-// GetEmoji returns the Emoji field if it's non-nil, zero value otherwise.
-func (d *DiscussionCategory) GetEmoji() string {
-	if d == nil || d.Emoji == nil {
+// GetEmail returns the Email field if it's non-nil, zero value otherwise.
+func (c *CreateUserRequest) GetEmail() string {
+	if c == nil || c.Email == nil {
 		return ""
 	}
-	return *d.Emoji
-}
-
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (d *DiscussionCategory) GetID() int64 {
-	if d == nil || d.ID == nil {
-		return 0
-	}
-	return *d.ID
+	return *c.Email
 }
 
-// GetIsAnswerable returns the IsAnswerable field if it's non-nil, zero value otherwise.
-func (d *DiscussionCategory) GetIsAnswerable() bool {
-	if d == nil || d.IsAnswerable == nil {
+// GetSuspended returns the Suspended field if it's non-nil, zero value otherwise.
+func (c *CreateUserRequest) GetSuspended() bool {
+	if c == nil || c.Suspended == nil {
 		return false
 	}
-	return *d.IsAnswerable
+	return *c.Suspended
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (d *DiscussionCategory) GetName() string {
-	if d == nil || d.Name == nil {
-		return ""
+// GetCreated returns the Created field if it's non-nil, zero value otherwise.
+func (c *CreationInfo) GetCreated() Timestamp {
+	if c == nil || c.Created == nil {
+		return Timestamp{}
 	}
-	return *d.Name
+	return *c.Created
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (d *DiscussionCategory) GetNodeID() string {
-	if d == nil || d.NodeID == nil {
-		return ""
+// GetAuthorizedCredentialExpiresAt returns the AuthorizedCredentialExpiresAt field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetAuthorizedCredentialExpiresAt() Timestamp {
+	if c == nil || c.AuthorizedCredentialExpiresAt == nil {
+		return Timestamp{}
 	}
-	return *d.NodeID
+	return *c.AuthorizedCredentialExpiresAt
 }
 
-// GetRepositoryID returns the RepositoryID field if it's non-nil, zero value otherwise.
-func (d *DiscussionCategory) GetRepositoryID() int64 {
-	if d == nil || d.RepositoryID == nil {
+// GetAuthorizedCredentialID returns the AuthorizedCredentialID field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetAuthorizedCredentialID() int64 {
+	if c == nil || c.AuthorizedCredentialID == nil {
 		return 0
 	}
-	return *d.RepositoryID
+	return *c.AuthorizedCredentialID
 }
 
-// GetSlug returns the Slug field if it's non-nil, zero value otherwise.
-func (d *DiscussionCategory) GetSlug() string {
-	if d == nil || d.Slug == nil {
+// GetAuthorizedCredentialNote returns the AuthorizedCredentialNote field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetAuthorizedCredentialNote() string {
+	if c == nil || c.AuthorizedCredentialNote == nil {
 		return ""
 	}
-	return *d.Slug
+	return *c.AuthorizedCredentialNote
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (d *DiscussionCategory) GetUpdatedAt() Timestamp {
-	if d == nil || d.UpdatedAt == nil {
-		return Timestamp{}
+// GetAuthorizedCredentialTitle returns the AuthorizedCredentialTitle field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetAuthorizedCredentialTitle() string {
+	if c == nil || c.AuthorizedCredentialTitle == nil {
+		return ""
 	}
-	return *d.UpdatedAt
+	return *c.AuthorizedCredentialTitle
 }
 
-// GetAuthor returns the Author field.
-func (d *DiscussionComment) GetAuthor() *User {
-	if d == nil {
-		return nil
+// GetCredentialAccessedAt returns the CredentialAccessedAt field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetCredentialAccessedAt() Timestamp {
+	if c == nil || c.CredentialAccessedAt == nil {
+		return Timestamp{}
 	}
-	return d.Author
+	return *c.CredentialAccessedAt
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetBody() string {
-	if d == nil || d.Body == nil {
-		return ""
+// GetCredentialAuthorizedAt returns the CredentialAuthorizedAt field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetCredentialAuthorizedAt() Timestamp {
+	if c == nil || c.CredentialAuthorizedAt == nil {
+		return Timestamp{}
 	}
-	return *d.Body
+	return *c.CredentialAuthorizedAt
 }
 
-// GetBodyHTML returns the BodyHTML field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetBodyHTML() string {
-	if d == nil || d.BodyHTML == nil {
-		return ""
+// GetCredentialID returns the CredentialID field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetCredentialID() int64 {
+	if c == nil || c.CredentialID == nil {
+		return 0
 	}
-	return *d.BodyHTML
+	return *c.CredentialID
 }
 
-// GetBodyVersion returns the BodyVersion field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetBodyVersion() string {
-	if d == nil || d.BodyVersion == nil {
+// GetCredentialType returns the CredentialType field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetCredentialType() string {
+	if c == nil || c.CredentialType == nil {
 		return ""
 	}
-	return *d.BodyVersion
+	return *c.CredentialType
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetCreatedAt() Timestamp {
-	if d == nil || d.CreatedAt == nil {
-		return Timestamp{}
+// GetFingerprint returns the Fingerprint field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetFingerprint() string {
+	if c == nil || c.Fingerprint == nil {
+		return ""
 	}
-	return *d.CreatedAt
+	return *c.Fingerprint
 }
 
-// GetDiscussionURL returns the DiscussionURL field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetDiscussionURL() string {
-	if d == nil || d.DiscussionURL == nil {
+// GetLogin returns the Login field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetLogin() string {
+	if c == nil || c.Login == nil {
 		return ""
 	}
-	return *d.DiscussionURL
+	return *c.Login
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetHTMLURL() string {
-	if d == nil || d.HTMLURL == nil {
+// GetTokenLastEight returns the TokenLastEight field if it's non-nil, zero value otherwise.
+func (c *CredentialAuthorization) GetTokenLastEight() string {
+	if c == nil || c.TokenLastEight == nil {
 		return ""
 	}
-	return *d.HTMLURL
+	return *c.TokenLastEight
 }
 
-// GetLastEditedAt returns the LastEditedAt field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetLastEditedAt() Timestamp {
-	if d == nil || d.LastEditedAt == nil {
-		return Timestamp{}
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (c *Credit) GetType() string {
+	if c == nil || c.Type == nil {
+		return ""
 	}
-	return *d.LastEditedAt
+	return *c.Type
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetNodeID() string {
-	if d == nil || d.NodeID == nil {
-		return ""
+// GetUser returns the User field.
+func (c *Credit) GetUser() *User {
+	if c == nil {
+		return nil
 	}
-	return *d.NodeID
+	return c.User
 }
 
-// GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetNumber() int {
-	if d == nil || d.Number == nil {
-		return 0
+// GetApp returns the App field.
+func (c *CustomDeploymentProtectionRule) GetApp() *CustomDeploymentProtectionRuleApp {
+	if c == nil {
+		return nil
 	}
-	return *d.Number
+	return c.App
 }
 
-// GetReactions returns the Reactions field.
-func (d *DiscussionComment) GetReactions() *Reactions {
-	if d == nil {
-		return nil
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (c *CustomDeploymentProtectionRule) GetEnabled() bool {
+	if c == nil || c.Enabled == nil {
+		return false
 	}
-	return d.Reactions
+	return *c.Enabled
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetUpdatedAt() Timestamp {
-	if d == nil || d.UpdatedAt == nil {
-		return Timestamp{}
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *CustomDeploymentProtectionRule) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
 	}
-	return *d.UpdatedAt
+	return *c.ID
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (d *DiscussionComment) GetURL() string {
-	if d == nil || d.URL == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (c *CustomDeploymentProtectionRule) GetNodeID() string {
+	if c == nil || c.NodeID == nil {
 		return ""
 	}
-	return *d.URL
+	return *c.NodeID
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (d *DiscussionCommentEvent) GetAction() string {
-	if d == nil || d.Action == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *CustomDeploymentProtectionRuleApp) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
 	}
-	return *d.Action
+	return *c.ID
 }
 
-// GetComment returns the Comment field.
-func (d *DiscussionCommentEvent) GetComment() *CommentDiscussion {
-	if d == nil {
-		return nil
+// GetIntegrationURL returns the IntegrationURL field if it's non-nil, zero value otherwise.
+func (c *CustomDeploymentProtectionRuleApp) GetIntegrationURL() string {
+	if c == nil || c.IntegrationURL == nil {
+		return ""
 	}
-	return d.Comment
+	return *c.IntegrationURL
 }
 
-// GetDiscussion returns the Discussion field.
-func (d *DiscussionCommentEvent) GetDiscussion() *Discussion {
-	if d == nil {
-		return nil
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (c *CustomDeploymentProtectionRuleApp) GetNodeID() string {
+	if c == nil || c.NodeID == nil {
+		return ""
 	}
-	return d.Discussion
+	return *c.NodeID
 }
 
-// GetInstallation returns the Installation field.
-func (d *DiscussionCommentEvent) GetInstallation() *Installation {
-	if d == nil {
-		return nil
+// GetSlug returns the Slug field if it's non-nil, zero value otherwise.
+func (c *CustomDeploymentProtectionRuleApp) GetSlug() string {
+	if c == nil || c.Slug == nil {
+		return ""
 	}
-	return d.Installation
+	return *c.Slug
 }
 
-// GetOrg returns the Org field.
-func (d *DiscussionCommentEvent) GetOrg() *Organization {
-	if d == nil {
-		return nil
+// GetIntegrationID returns the IntegrationID field if it's non-nil, zero value otherwise.
+func (c *CustomDeploymentProtectionRuleRequest) GetIntegrationID() int64 {
+	if c == nil || c.IntegrationID == nil {
+		return 0
 	}
-	return d.Org
+	return *c.IntegrationID
 }
 
-// GetRepo returns the Repo field.
-func (d *DiscussionCommentEvent) GetRepo() *Repository {
-	if d == nil {
-		return nil
+// GetBaseRole returns the BaseRole field if it's non-nil, zero value otherwise.
+func (c *CustomOrgRoles) GetBaseRole() string {
+	if c == nil || c.BaseRole == nil {
+		return ""
 	}
-	return d.Repo
+	return *c.BaseRole
 }
 
-// GetSender returns the Sender field.
-func (d *DiscussionCommentEvent) GetSender() *User {
-	if d == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (c *CustomOrgRoles) GetCreatedAt() Timestamp {
+	if c == nil || c.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return d.Sender
+	return *c.CreatedAt
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (d *DiscussionEvent) GetAction() string {
-	if d == nil || d.Action == nil {
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (c *CustomOrgRoles) GetDescription() string {
+	if c == nil || c.Description == nil {
 		return ""
 	}
-	return *d.Action
+	return *c.Description
 }
 
-// GetDiscussion returns the Discussion field.
-func (d *DiscussionEvent) GetDiscussion() *Discussion {
-	if d == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *CustomOrgRoles) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
 	}
-	return d.Discussion
+	return *c.ID
 }
 
-// GetInstallation returns the Installation field.
-func (d *DiscussionEvent) GetInstallation() *Installation {
-	if d == nil {
-		return nil
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CustomOrgRoles) GetName() string {
+	if c == nil || c.Name == nil {
+		return ""
 	}
-	return d.Installation
+	return *c.Name
 }
 
 // GetOrg returns the Org field.
-func (d *DiscussionEvent) GetOrg() *Organization {
-	if d == nil {
+func (c *CustomOrgRoles) GetOrg() *Organization {
+	if c == nil {
 		return nil
 	}
-	return d.Org
+	return c.Org
 }
 
-// GetRepo returns the Repo field.
-func (d *DiscussionEvent) GetRepo() *Repository {
-	if d == nil {
-		return nil
+// GetSource returns the Source field if it's non-nil, zero value otherwise.
+func (c *CustomOrgRoles) GetSource() string {
+	if c == nil || c.Source == nil {
+		return ""
 	}
-	return d.Repo
+	return *c.Source
 }
 
-// GetSender returns the Sender field.
-func (d *DiscussionEvent) GetSender() *User {
-	if d == nil {
-		return nil
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (c *CustomOrgRoles) GetUpdatedAt() Timestamp {
+	if c == nil || c.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return d.Sender
+	return *c.UpdatedAt
 }
 
-// GetApps returns the Apps field if it's non-nil, zero value otherwise.
-func (d *DismissalRestrictionsRequest) GetApps() []string {
-	if d == nil || d.Apps == nil {
-		return nil
+// GetDefaultValue returns the DefaultValue field if it's non-nil, zero value otherwise.
+func (c *CustomProperty) GetDefaultValue() string {
+	if c == nil || c.DefaultValue == nil {
+		return ""
 	}
-	return *d.Apps
+	return *c.DefaultValue
 }
 
-// GetTeams returns the Teams field if it's non-nil, zero value otherwise.
-func (d *DismissalRestrictionsRequest) GetTeams() []string {
-	if d == nil || d.Teams == nil {
-		return nil
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (c *CustomProperty) GetDescription() string {
+	if c == nil || c.Description == nil {
+		return ""
 	}
-	return *d.Teams
+	return *c.Description
 }
 
-// GetUsers returns the Users field if it's non-nil, zero value otherwise.
-func (d *DismissalRestrictionsRequest) GetUsers() []string {
-	if d == nil || d.Users == nil {
-		return nil
+// GetPropertyName returns the PropertyName field if it's non-nil, zero value otherwise.
+func (c *CustomProperty) GetPropertyName() string {
+	if c == nil || c.PropertyName == nil {
+		return ""
 	}
-	return *d.Users
+	return *c.PropertyName
 }
 
-// GetDismissalCommitID returns the DismissalCommitID field if it's non-nil, zero value otherwise.
-func (d *DismissedReview) GetDismissalCommitID() string {
-	if d == nil || d.DismissalCommitID == nil {
-		return ""
+// GetRequired returns the Required field if it's non-nil, zero value otherwise.
+func (c *CustomProperty) GetRequired() bool {
+	if c == nil || c.Required == nil {
+		return false
 	}
-	return *d.DismissalCommitID
+	return *c.Required
 }
 
-// GetDismissalMessage returns the DismissalMessage field if it's non-nil, zero value otherwise.
-func (d *DismissedReview) GetDismissalMessage() string {
-	if d == nil || d.DismissalMessage == nil {
+// GetSourceType returns the SourceType field if it's non-nil, zero value otherwise.
+func (c *CustomProperty) GetSourceType() string {
+	if c == nil || c.SourceType == nil {
 		return ""
 	}
-	return *d.DismissalMessage
-}
-
-// GetReviewID returns the ReviewID field if it's non-nil, zero value otherwise.
-func (d *DismissedReview) GetReviewID() int64 {
-	if d == nil || d.ReviewID == nil {
-		return 0
-	}
-	return *d.ReviewID
+	return *c.SourceType
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (d *DismissedReview) GetState() string {
-	if d == nil || d.State == nil {
+// GetValuesEditableBy returns the ValuesEditableBy field if it's non-nil, zero value otherwise.
+func (c *CustomProperty) GetValuesEditableBy() string {
+	if c == nil || c.ValuesEditableBy == nil {
 		return ""
 	}
-	return *d.State
-}
-
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (d *DismissStaleReviewsOnPushChanges) GetFrom() bool {
-	if d == nil || d.From == nil {
-		return false
-	}
-	return *d.From
-}
-
-// GetClientPayload returns the ClientPayload field if it's non-nil, zero value otherwise.
-func (d *DispatchRequestOptions) GetClientPayload() json.RawMessage {
-	if d == nil || d.ClientPayload == nil {
-		return json.RawMessage{}
-	}
-	return *d.ClientPayload
+	return *c.ValuesEditableBy
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (d *DraftReviewComment) GetBody() string {
-	if d == nil || d.Body == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (c *CustomPropertyEvent) GetAction() string {
+	if c == nil || c.Action == nil {
 		return ""
 	}
-	return *d.Body
+	return *c.Action
 }
 
-// GetLine returns the Line field if it's non-nil, zero value otherwise.
-func (d *DraftReviewComment) GetLine() int {
-	if d == nil || d.Line == nil {
-		return 0
+// GetDefinition returns the Definition field.
+func (c *CustomPropertyEvent) GetDefinition() *CustomProperty {
+	if c == nil {
+		return nil
 	}
-	return *d.Line
+	return c.Definition
 }
 
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (d *DraftReviewComment) GetPath() string {
-	if d == nil || d.Path == nil {
-		return ""
+// GetEnterprise returns the Enterprise field.
+func (c *CustomPropertyEvent) GetEnterprise() *Enterprise {
+	if c == nil {
+		return nil
 	}
-	return *d.Path
+	return c.Enterprise
 }
 
-// GetPosition returns the Position field if it's non-nil, zero value otherwise.
-func (d *DraftReviewComment) GetPosition() int {
-	if d == nil || d.Position == nil {
-		return 0
+// GetInstallation returns the Installation field.
+func (c *CustomPropertyEvent) GetInstallation() *Installation {
+	if c == nil {
+		return nil
 	}
-	return *d.Position
+	return c.Installation
 }
 
-// GetSide returns the Side field if it's non-nil, zero value otherwise.
-func (d *DraftReviewComment) GetSide() string {
-	if d == nil || d.Side == nil {
-		return ""
+// GetOrg returns the Org field.
+func (c *CustomPropertyEvent) GetOrg() *Organization {
+	if c == nil {
+		return nil
 	}
-	return *d.Side
+	return c.Org
 }
 
-// GetStartLine returns the StartLine field if it's non-nil, zero value otherwise.
-func (d *DraftReviewComment) GetStartLine() int {
-	if d == nil || d.StartLine == nil {
-		return 0
+// GetSender returns the Sender field.
+func (c *CustomPropertyEvent) GetSender() *User {
+	if c == nil {
+		return nil
 	}
-	return *d.StartLine
+	return c.Sender
 }
 
-// GetStartSide returns the StartSide field if it's non-nil, zero value otherwise.
-func (d *DraftReviewComment) GetStartSide() string {
-	if d == nil || d.StartSide == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (c *CustomPropertyValuesEvent) GetAction() string {
+	if c == nil || c.Action == nil {
 		return ""
 	}
-	return *d.StartSide
+	return *c.Action
 }
 
-// GetRef returns the Ref field.
-func (e *EditBase) GetRef() *EditRef {
-	if e == nil {
+// GetEnterprise returns the Enterprise field.
+func (c *CustomPropertyValuesEvent) GetEnterprise() *Enterprise {
+	if c == nil {
 		return nil
 	}
-	return e.Ref
+	return c.Enterprise
 }
 
-// GetSHA returns the SHA field.
-func (e *EditBase) GetSHA() *EditSHA {
-	if e == nil {
+// GetInstallation returns the Installation field.
+func (c *CustomPropertyValuesEvent) GetInstallation() *Installation {
+	if c == nil {
 		return nil
 	}
-	return e.SHA
+	return c.Installation
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (e *EditBody) GetFrom() string {
-	if e == nil || e.From == nil {
-		return ""
+// GetOrg returns the Org field.
+func (c *CustomPropertyValuesEvent) GetOrg() *Organization {
+	if c == nil {
+		return nil
 	}
-	return *e.From
+	return c.Org
 }
 
-// GetBase returns the Base field.
-func (e *EditChange) GetBase() *EditBase {
-	if e == nil {
+// GetRepo returns the Repo field.
+func (c *CustomPropertyValuesEvent) GetRepo() *Repository {
+	if c == nil {
 		return nil
 	}
-	return e.Base
+	return c.Repo
 }
 
-// GetBody returns the Body field.
-func (e *EditChange) GetBody() *EditBody {
-	if e == nil {
+// GetSender returns the Sender field.
+func (c *CustomPropertyValuesEvent) GetSender() *User {
+	if c == nil {
 		return nil
 	}
-	return e.Body
+	return c.Sender
 }
 
-// GetOwner returns the Owner field.
-func (e *EditChange) GetOwner() *EditOwner {
-	if e == nil {
-		return nil
+// GetBaseRole returns the BaseRole field if it's non-nil, zero value otherwise.
+func (c *CustomRepoRoles) GetBaseRole() string {
+	if c == nil || c.BaseRole == nil {
+		return ""
 	}
-	return e.Owner
+	return *c.BaseRole
 }
 
-// GetRepo returns the Repo field.
-func (e *EditChange) GetRepo() *EditRepo {
-	if e == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (c *CustomRepoRoles) GetCreatedAt() Timestamp {
+	if c == nil || c.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return e.Repo
+	return *c.CreatedAt
 }
 
-// GetTitle returns the Title field.
-func (e *EditChange) GetTitle() *EditTitle {
-	if e == nil {
-		return nil
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (c *CustomRepoRoles) GetDescription() string {
+	if c == nil || c.Description == nil {
+		return ""
 	}
-	return e.Title
+	return *c.Description
 }
 
-// GetOwnerInfo returns the OwnerInfo field.
-func (e *EditOwner) GetOwnerInfo() *OwnerInfo {
-	if e == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *CustomRepoRoles) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
 	}
-	return e.OwnerInfo
+	return *c.ID
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (e *EditRef) GetFrom() string {
-	if e == nil || e.From == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CustomRepoRoles) GetName() string {
+	if c == nil || c.Name == nil {
 		return ""
 	}
-	return *e.From
+	return *c.Name
 }
 
-// GetName returns the Name field.
-func (e *EditRepo) GetName() *RepoName {
-	if e == nil {
+// GetOrg returns the Org field.
+func (c *CustomRepoRoles) GetOrg() *Organization {
+	if c == nil {
 		return nil
 	}
-	return e.Name
+	return c.Org
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (e *EditSHA) GetFrom() string {
-	if e == nil || e.From == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (c *CustomRepoRoles) GetUpdatedAt() Timestamp {
+	if c == nil || c.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *e.From
+	return *c.UpdatedAt
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (e *EditTitle) GetFrom() string {
-	if e == nil || e.From == nil {
+// GetQuerySuite returns the QuerySuite field if it's non-nil, zero value otherwise.
+func (d *DefaultSetupConfiguration) GetQuerySuite() string {
+	if d == nil || d.QuerySuite == nil {
 		return ""
 	}
-	return *e.From
+	return *d.QuerySuite
 }
 
-// GetAvatarURL returns the AvatarURL field if it's non-nil, zero value otherwise.
-func (e *Enterprise) GetAvatarURL() string {
-	if e == nil || e.AvatarURL == nil {
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (d *DefaultSetupConfiguration) GetState() string {
+	if d == nil || d.State == nil {
 		return ""
 	}
-	return *e.AvatarURL
+	return *d.State
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (e *Enterprise) GetCreatedAt() Timestamp {
-	if e == nil || e.CreatedAt == nil {
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (d *DefaultSetupConfiguration) GetUpdatedAt() Timestamp {
+	if d == nil || d.UpdatedAt == nil {
 		return Timestamp{}
 	}
-	return *e.CreatedAt
+	return *d.UpdatedAt
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (e *Enterprise) GetDescription() string {
-	if e == nil || e.Description == nil {
-		return ""
+// GetCanApprovePullRequestReviews returns the CanApprovePullRequestReviews field if it's non-nil, zero value otherwise.
+func (d *DefaultWorkflowPermissionEnterprise) GetCanApprovePullRequestReviews() bool {
+	if d == nil || d.CanApprovePullRequestReviews == nil {
+		return false
 	}
-	return *e.Description
+	return *d.CanApprovePullRequestReviews
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (e *Enterprise) GetHTMLURL() string {
-	if e == nil || e.HTMLURL == nil {
+// GetDefaultWorkflowPermissions returns the DefaultWorkflowPermissions field if it's non-nil, zero value otherwise.
+func (d *DefaultWorkflowPermissionEnterprise) GetDefaultWorkflowPermissions() string {
+	if d == nil || d.DefaultWorkflowPermissions == nil {
 		return ""
 	}
-	return *e.HTMLURL
+	return *d.DefaultWorkflowPermissions
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (e *Enterprise) GetID() int {
-	if e == nil || e.ID == nil {
-		return 0
+// GetCanApprovePullRequestReviews returns the CanApprovePullRequestReviews field if it's non-nil, zero value otherwise.
+func (d *DefaultWorkflowPermissionOrganization) GetCanApprovePullRequestReviews() bool {
+	if d == nil || d.CanApprovePullRequestReviews == nil {
+		return false
 	}
-	return *e.ID
+	return *d.CanApprovePullRequestReviews
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (e *Enterprise) GetName() string {
-	if e == nil || e.Name == nil {
+// GetDefaultWorkflowPermissions returns the DefaultWorkflowPermissions field if it's non-nil, zero value otherwise.
+func (d *DefaultWorkflowPermissionOrganization) GetDefaultWorkflowPermissions() string {
+	if d == nil || d.DefaultWorkflowPermissions == nil {
 		return ""
 	}
-	return *e.Name
+	return *d.DefaultWorkflowPermissions
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (e *Enterprise) GetNodeID() string {
-	if e == nil || e.NodeID == nil {
-		return ""
+// GetCanApprovePullRequestReviews returns the CanApprovePullRequestReviews field if it's non-nil, zero value otherwise.
+func (d *DefaultWorkflowPermissionRepository) GetCanApprovePullRequestReviews() bool {
+	if d == nil || d.CanApprovePullRequestReviews == nil {
+		return false
 	}
-	return *e.NodeID
+	return *d.CanApprovePullRequestReviews
 }
 
-// GetSlug returns the Slug field if it's non-nil, zero value otherwise.
-func (e *Enterprise) GetSlug() string {
-	if e == nil || e.Slug == nil {
+// GetDefaultWorkflowPermissions returns the DefaultWorkflowPermissions field if it's non-nil, zero value otherwise.
+func (d *DefaultWorkflowPermissionRepository) GetDefaultWorkflowPermissions() string {
+	if d == nil || d.DefaultWorkflowPermissions == nil {
 		return ""
 	}
-	return *e.Slug
+	return *d.DefaultWorkflowPermissions
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (e *Enterprise) GetUpdatedAt() Timestamp {
-	if e == nil || e.UpdatedAt == nil {
-		return Timestamp{}
+// GetConfirmDeleteURL returns the ConfirmDeleteURL field if it's non-nil, zero value otherwise.
+func (d *DeleteAnalysis) GetConfirmDeleteURL() string {
+	if d == nil || d.ConfirmDeleteURL == nil {
+		return ""
 	}
-	return *e.UpdatedAt
+	return *d.ConfirmDeleteURL
 }
 
-// GetWebsiteURL returns the WebsiteURL field if it's non-nil, zero value otherwise.
-func (e *Enterprise) GetWebsiteURL() string {
-	if e == nil || e.WebsiteURL == nil {
+// GetNextAnalysisURL returns the NextAnalysisURL field if it's non-nil, zero value otherwise.
+func (d *DeleteAnalysis) GetNextAnalysisURL() string {
+	if d == nil || d.NextAnalysisURL == nil {
 		return ""
 	}
-	return *e.WebsiteURL
+	return *d.NextAnalysisURL
 }
 
-// GetAdvancedSecurityEnabledForNewRepositories returns the AdvancedSecurityEnabledForNewRepositories field if it's non-nil, zero value otherwise.
-func (e *EnterpriseSecurityAnalysisSettings) GetAdvancedSecurityEnabledForNewRepositories() bool {
-	if e == nil || e.AdvancedSecurityEnabledForNewRepositories == nil {
-		return false
+// GetInstallation returns the Installation field.
+func (d *DeleteEvent) GetInstallation() *Installation {
+	if d == nil {
+		return nil
 	}
-	return *e.AdvancedSecurityEnabledForNewRepositories
+	return d.Installation
 }
 
-// GetSecretScanningEnabledForNewRepositories returns the SecretScanningEnabledForNewRepositories field if it's non-nil, zero value otherwise.
-func (e *EnterpriseSecurityAnalysisSettings) GetSecretScanningEnabledForNewRepositories() bool {
-	if e == nil || e.SecretScanningEnabledForNewRepositories == nil {
-		return false
+// GetOrg returns the Org field.
+func (d *DeleteEvent) GetOrg() *Organization {
+	if d == nil {
+		return nil
 	}
-	return *e.SecretScanningEnabledForNewRepositories
+	return d.Org
 }
 
-// GetSecretScanningPushProtectionCustomLink returns the SecretScanningPushProtectionCustomLink field if it's non-nil, zero value otherwise.
-func (e *EnterpriseSecurityAnalysisSettings) GetSecretScanningPushProtectionCustomLink() string {
-	if e == nil || e.SecretScanningPushProtectionCustomLink == nil {
+// GetPusherType returns the PusherType field if it's non-nil, zero value otherwise.
+func (d *DeleteEvent) GetPusherType() string {
+	if d == nil || d.PusherType == nil {
 		return ""
 	}
-	return *e.SecretScanningPushProtectionCustomLink
+	return *d.PusherType
 }
 
-// GetSecretScanningPushProtectionEnabledForNewRepositories returns the SecretScanningPushProtectionEnabledForNewRepositories field if it's non-nil, zero value otherwise.
-func (e *EnterpriseSecurityAnalysisSettings) GetSecretScanningPushProtectionEnabledForNewRepositories() bool {
-	if e == nil || e.SecretScanningPushProtectionEnabledForNewRepositories == nil {
-		return false
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (d *DeleteEvent) GetRef() string {
+	if d == nil || d.Ref == nil {
+		return ""
 	}
-	return *e.SecretScanningPushProtectionEnabledForNewRepositories
+	return *d.Ref
 }
 
-// GetCanAdminsBypass returns the CanAdminsBypass field if it's non-nil, zero value otherwise.
-func (e *Environment) GetCanAdminsBypass() bool {
-	if e == nil || e.CanAdminsBypass == nil {
-		return false
+// GetRefType returns the RefType field if it's non-nil, zero value otherwise.
+func (d *DeleteEvent) GetRefType() string {
+	if d == nil || d.RefType == nil {
+		return ""
 	}
-	return *e.CanAdminsBypass
+	return *d.RefType
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (e *Environment) GetCreatedAt() Timestamp {
-	if e == nil || e.CreatedAt == nil {
-		return Timestamp{}
+// GetRepo returns the Repo field.
+func (d *DeleteEvent) GetRepo() *Repository {
+	if d == nil {
+		return nil
 	}
-	return *e.CreatedAt
+	return d.Repo
 }
 
-// GetDeploymentBranchPolicy returns the DeploymentBranchPolicy field.
-func (e *Environment) GetDeploymentBranchPolicy() *BranchPolicy {
-	if e == nil {
+// GetSender returns the Sender field.
+func (d *DeleteEvent) GetSender() *User {
+	if d == nil {
 		return nil
 	}
-	return e.DeploymentBranchPolicy
+	return d.Sender
 }
 
-// GetEnvironmentName returns the EnvironmentName field if it's non-nil, zero value otherwise.
-func (e *Environment) GetEnvironmentName() string {
-	if e == nil || e.EnvironmentName == nil {
-		return ""
+// GetAutoDismissedAt returns the AutoDismissedAt field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetAutoDismissedAt() Timestamp {
+	if d == nil || d.AutoDismissedAt == nil {
+		return Timestamp{}
 	}
-	return *e.EnvironmentName
+	return *d.AutoDismissedAt
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (e *Environment) GetHTMLURL() string {
-	if e == nil || e.HTMLURL == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetCreatedAt() Timestamp {
+	if d == nil || d.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *e.HTMLURL
+	return *d.CreatedAt
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (e *Environment) GetID() int64 {
-	if e == nil || e.ID == nil {
-		return 0
+// GetDependency returns the Dependency field.
+func (d *DependabotAlert) GetDependency() *Dependency {
+	if d == nil {
+		return nil
 	}
-	return *e.ID
+	return d.Dependency
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (e *Environment) GetName() string {
-	if e == nil || e.Name == nil {
-		return ""
+// GetDismissedAt returns the DismissedAt field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetDismissedAt() Timestamp {
+	if d == nil || d.DismissedAt == nil {
+		return Timestamp{}
 	}
-	return *e.Name
+	return *d.DismissedAt
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (e *Environment) GetNodeID() string {
-	if e == nil || e.NodeID == nil {
-		return ""
+// GetDismissedBy returns the DismissedBy field.
+func (d *DependabotAlert) GetDismissedBy() *User {
+	if d == nil {
+		return nil
 	}
-	return *e.NodeID
+	return d.DismissedBy
 }
 
-// GetOwner returns the Owner field if it's non-nil, zero value otherwise.
-func (e *Environment) GetOwner() string {
-	if e == nil || e.Owner == nil {
+// GetDismissedComment returns the DismissedComment field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetDismissedComment() string {
+	if d == nil || d.DismissedComment == nil {
 		return ""
 	}
-	return *e.Owner
+	return *d.DismissedComment
 }
 
-// GetRepo returns the Repo field if it's non-nil, zero value otherwise.
-func (e *Environment) GetRepo() string {
-	if e == nil || e.Repo == nil {
+// GetDismissedReason returns the DismissedReason field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetDismissedReason() string {
+	if d == nil || d.DismissedReason == nil {
 		return ""
 	}
-	return *e.Repo
+	return *d.DismissedReason
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (e *Environment) GetUpdatedAt() Timestamp {
-	if e == nil || e.UpdatedAt == nil {
+// GetFixedAt returns the FixedAt field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetFixedAt() Timestamp {
+	if d == nil || d.FixedAt == nil {
 		return Timestamp{}
 	}
-	return *e.UpdatedAt
+	return *d.FixedAt
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (e *Environment) GetURL() string {
-	if e == nil || e.URL == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetHTMLURL() string {
+	if d == nil || d.HTMLURL == nil {
 		return ""
 	}
-	return *e.URL
+	return *d.HTMLURL
 }
 
-// GetWaitTimer returns the WaitTimer field if it's non-nil, zero value otherwise.
-func (e *Environment) GetWaitTimer() int {
-	if e == nil || e.WaitTimer == nil {
+// GetNumber returns the Number field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetNumber() int {
+	if d == nil || d.Number == nil {
 		return 0
 	}
-	return *e.WaitTimer
+	return *d.Number
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (e *EnvResponse) GetTotalCount() int {
-	if e == nil || e.TotalCount == nil {
-		return 0
+// GetRepository returns the Repository field.
+func (d *DependabotAlert) GetRepository() *Repository {
+	if d == nil {
+		return nil
 	}
-	return *e.TotalCount
+	return d.Repository
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (e *EnvReviewers) GetID() int64 {
-	if e == nil || e.ID == nil {
-		return 0
+// GetSecurityAdvisory returns the SecurityAdvisory field.
+func (d *DependabotAlert) GetSecurityAdvisory() *DependabotSecurityAdvisory {
+	if d == nil {
+		return nil
 	}
-	return *e.ID
+	return d.SecurityAdvisory
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (e *EnvReviewers) GetType() string {
-	if e == nil || e.Type == nil {
+// GetSecurityVulnerability returns the SecurityVulnerability field.
+func (d *DependabotAlert) GetSecurityVulnerability() *AdvisoryVulnerability {
+	if d == nil {
+		return nil
+	}
+	return d.SecurityVulnerability
+}
+
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetState() string {
+	if d == nil || d.State == nil {
 		return ""
 	}
-	return *e.Type
+	return *d.State
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (e *ErrorBlock) GetCreatedAt() Timestamp {
-	if e == nil || e.CreatedAt == nil {
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetUpdatedAt() Timestamp {
+	if d == nil || d.UpdatedAt == nil {
 		return Timestamp{}
 	}
-	return *e.CreatedAt
+	return *d.UpdatedAt
 }
 
-// GetBlock returns the Block field.
-func (e *ErrorResponse) GetBlock() *ErrorBlock {
-	if e == nil {
-		return nil
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (d *DependabotAlert) GetURL() string {
+	if d == nil || d.URL == nil {
+		return ""
 	}
-	return e.Block
+	return *d.URL
 }
 
-// GetActor returns the Actor field.
-func (e *Event) GetActor() *User {
-	if e == nil {
-		return nil
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (d *DependabotAlertEvent) GetAction() string {
+	if d == nil || d.Action == nil {
+		return ""
 	}
-	return e.Actor
+	return *d.Action
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (e *Event) GetCreatedAt() Timestamp {
-	if e == nil || e.CreatedAt == nil {
-		return Timestamp{}
+// GetAlert returns the Alert field.
+func (d *DependabotAlertEvent) GetAlert() *DependabotAlert {
+	if d == nil {
+		return nil
 	}
-	return *e.CreatedAt
+	return d.Alert
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (e *Event) GetID() string {
-	if e == nil || e.ID == nil {
-		return ""
+// GetEnterprise returns the Enterprise field.
+func (d *DependabotAlertEvent) GetEnterprise() *Enterprise {
+	if d == nil {
+		return nil
 	}
-	return *e.ID
+	return d.Enterprise
 }
 
-// GetOrg returns the Org field.
-func (e *Event) GetOrg() *Organization {
-	if e == nil {
+// GetInstallation returns the Installation field.
+func (d *DependabotAlertEvent) GetInstallation() *Installation {
+	if d == nil {
 		return nil
 	}
-	return e.Org
+	return d.Installation
 }
 
-// GetPublic returns the Public field if it's non-nil, zero value otherwise.
-func (e *Event) GetPublic() bool {
-	if e == nil || e.Public == nil {
-		return false
+// GetOrganization returns the Organization field.
+func (d *DependabotAlertEvent) GetOrganization() *Organization {
+	if d == nil {
+		return nil
 	}
-	return *e.Public
+	return d.Organization
 }
 
-// GetRawPayload returns the RawPayload field if it's non-nil, zero value otherwise.
-func (e *Event) GetRawPayload() json.RawMessage {
-	if e == nil || e.RawPayload == nil {
-		return json.RawMessage{}
+// GetRepo returns the Repo field.
+func (d *DependabotAlertEvent) GetRepo() *Repository {
+	if d == nil {
+		return nil
 	}
-	return *e.RawPayload
+	return d.Repo
 }
 
-// GetRepo returns the Repo field.
-func (e *Event) GetRepo() *Repository {
-	if e == nil {
+// GetSender returns the Sender field.
+func (d *DependabotAlertEvent) GetSender() *User {
+	if d == nil {
 		return nil
 	}
-	return e.Repo
+	return d.Sender
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (e *Event) GetType() string {
-	if e == nil || e.Type == nil {
+// GetDismissedComment returns the DismissedComment field if it's non-nil, zero value otherwise.
+func (d *DependabotAlertState) GetDismissedComment() string {
+	if d == nil || d.DismissedComment == nil {
 		return ""
 	}
-	return *e.Type
+	return *d.DismissedComment
 }
 
-// GetGroupID returns the GroupID field if it's non-nil, zero value otherwise.
-func (e *ExternalGroup) GetGroupID() int64 {
-	if e == nil || e.GroupID == nil {
-		return 0
+// GetDismissedReason returns the DismissedReason field if it's non-nil, zero value otherwise.
+func (d *DependabotAlertState) GetDismissedReason() string {
+	if d == nil || d.DismissedReason == nil {
+		return ""
 	}
-	return *e.GroupID
+	return *d.DismissedReason
 }
 
-// GetGroupName returns the GroupName field if it's non-nil, zero value otherwise.
-func (e *ExternalGroup) GetGroupName() string {
-	if e == nil || e.GroupName == nil {
+// GetCVEID returns the CVEID field if it's non-nil, zero value otherwise.
+func (d *DependabotSecurityAdvisory) GetCVEID() string {
+	if d == nil || d.CVEID == nil {
 		return ""
 	}
-	return *e.GroupName
+	return *d.CVEID
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (e *ExternalGroup) GetUpdatedAt() Timestamp {
-	if e == nil || e.UpdatedAt == nil {
-		return Timestamp{}
+// GetCVSS returns the CVSS field.
+func (d *DependabotSecurityAdvisory) GetCVSS() *AdvisoryCVSS {
+	if d == nil {
+		return nil
 	}
-	return *e.UpdatedAt
+	return d.CVSS
 }
 
-// GetMemberEmail returns the MemberEmail field if it's non-nil, zero value otherwise.
-func (e *ExternalGroupMember) GetMemberEmail() string {
-	if e == nil || e.MemberEmail == nil {
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (d *DependabotSecurityAdvisory) GetDescription() string {
+	if d == nil || d.Description == nil {
 		return ""
 	}
-	return *e.MemberEmail
+	return *d.Description
 }
 
-// GetMemberID returns the MemberID field if it's non-nil, zero value otherwise.
-func (e *ExternalGroupMember) GetMemberID() int64 {
-	if e == nil || e.MemberID == nil {
-		return 0
+// GetEPSS returns the EPSS field.
+func (d *DependabotSecurityAdvisory) GetEPSS() *AdvisoryEPSS {
+	if d == nil {
+		return nil
 	}
-	return *e.MemberID
+	return d.EPSS
 }
 
-// GetMemberLogin returns the MemberLogin field if it's non-nil, zero value otherwise.
-func (e *ExternalGroupMember) GetMemberLogin() string {
-	if e == nil || e.MemberLogin == nil {
+// GetGHSAID returns the GHSAID field if it's non-nil, zero value otherwise.
+func (d *DependabotSecurityAdvisory) GetGHSAID() string {
+	if d == nil || d.GHSAID == nil {
 		return ""
 	}
-	return *e.MemberLogin
+	return *d.GHSAID
 }
 
-// GetMemberName returns the MemberName field if it's non-nil, zero value otherwise.
-func (e *ExternalGroupMember) GetMemberName() string {
-	if e == nil || e.MemberName == nil {
-		return ""
+// GetPublishedAt returns the PublishedAt field if it's non-nil, zero value otherwise.
+func (d *DependabotSecurityAdvisory) GetPublishedAt() Timestamp {
+	if d == nil || d.PublishedAt == nil {
+		return Timestamp{}
 	}
-	return *e.MemberName
+	return *d.PublishedAt
 }
 
-// GetTeamID returns the TeamID field if it's non-nil, zero value otherwise.
-func (e *ExternalGroupTeam) GetTeamID() int64 {
-	if e == nil || e.TeamID == nil {
-		return 0
+// GetSeverity returns the Severity field if it's non-nil, zero value otherwise.
+func (d *DependabotSecurityAdvisory) GetSeverity() string {
+	if d == nil || d.Severity == nil {
+		return ""
 	}
-	return *e.TeamID
+	return *d.Severity
 }
 
-// GetTeamName returns the TeamName field if it's non-nil, zero value otherwise.
-func (e *ExternalGroupTeam) GetTeamName() string {
-	if e == nil || e.TeamName == nil {
+// GetSummary returns the Summary field if it's non-nil, zero value otherwise.
+func (d *DependabotSecurityAdvisory) GetSummary() string {
+	if d == nil || d.Summary == nil {
 		return ""
 	}
-	return *e.TeamName
+	return *d.Summary
 }
 
-// GetHRef returns the HRef field if it's non-nil, zero value otherwise.
-func (f *FeedLink) GetHRef() string {
-	if f == nil || f.HRef == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (d *DependabotSecurityAdvisory) GetUpdatedAt() Timestamp {
+	if d == nil || d.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *f.HRef
+	return *d.UpdatedAt
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (f *FeedLink) GetType() string {
-	if f == nil || f.Type == nil {
+// GetWithdrawnAt returns the WithdrawnAt field if it's non-nil, zero value otherwise.
+func (d *DependabotSecurityAdvisory) GetWithdrawnAt() Timestamp {
+	if d == nil || d.WithdrawnAt == nil {
+		return Timestamp{}
+	}
+	return *d.WithdrawnAt
+}
+
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (d *DependabotSecurityUpdates) GetStatus() string {
+	if d == nil || d.Status == nil {
 		return ""
 	}
-	return *f.Type
+	return *d.Status
 }
 
-// GetCurrentUser returns the CurrentUser field.
-func (f *FeedLinks) GetCurrentUser() *FeedLink {
-	if f == nil {
-		return nil
+// GetManifestPath returns the ManifestPath field if it's non-nil, zero value otherwise.
+func (d *Dependency) GetManifestPath() string {
+	if d == nil || d.ManifestPath == nil {
+		return ""
 	}
-	return f.CurrentUser
+	return *d.ManifestPath
 }
 
-// GetCurrentUserActor returns the CurrentUserActor field.
-func (f *FeedLinks) GetCurrentUserActor() *FeedLink {
-	if f == nil {
+// GetPackage returns the Package field.
+func (d *Dependency) GetPackage() *VulnerabilityPackage {
+	if d == nil {
 		return nil
 	}
-	return f.CurrentUserActor
+	return d.Package
 }
 
-// GetCurrentUserOrganization returns the CurrentUserOrganization field.
-func (f *FeedLinks) GetCurrentUserOrganization() *FeedLink {
-	if f == nil {
-		return nil
+// GetScope returns the Scope field if it's non-nil, zero value otherwise.
+func (d *Dependency) GetScope() string {
+	if d == nil || d.Scope == nil {
+		return ""
 	}
-	return f.CurrentUserOrganization
+	return *d.Scope
 }
 
-// GetCurrentUserPublic returns the CurrentUserPublic field.
-func (f *FeedLinks) GetCurrentUserPublic() *FeedLink {
-	if f == nil {
-		return nil
+// GetLabeledRunners returns the LabeledRunners field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphAutosubmitActionOptions) GetLabeledRunners() bool {
+	if d == nil || d.LabeledRunners == nil {
+		return false
 	}
-	return f.CurrentUserPublic
+	return *d.LabeledRunners
 }
 
-// GetTimeline returns the Timeline field.
-func (f *FeedLinks) GetTimeline() *FeedLink {
-	if f == nil {
+// GetDetector returns the Detector field.
+func (d *DependencyGraphSnapshot) GetDetector() *DependencyGraphSnapshotDetector {
+	if d == nil {
 		return nil
 	}
-	return f.Timeline
+	return d.Detector
 }
 
-// GetUser returns the User field.
-func (f *FeedLinks) GetUser() *FeedLink {
-	if f == nil {
+// GetJob returns the Job field.
+func (d *DependencyGraphSnapshot) GetJob() *DependencyGraphSnapshotJob {
+	if d == nil {
 		return nil
 	}
-	return f.User
+	return d.Job
 }
 
-// GetCurrentUserActorURL returns the CurrentUserActorURL field if it's non-nil, zero value otherwise.
-func (f *Feeds) GetCurrentUserActorURL() string {
-	if f == nil || f.CurrentUserActorURL == nil {
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshot) GetRef() string {
+	if d == nil || d.Ref == nil {
 		return ""
 	}
-	return *f.CurrentUserActorURL
+	return *d.Ref
 }
 
-// GetCurrentUserOrganizationURL returns the CurrentUserOrganizationURL field if it's non-nil, zero value otherwise.
-func (f *Feeds) GetCurrentUserOrganizationURL() string {
-	if f == nil || f.CurrentUserOrganizationURL == nil {
-		return ""
+// GetScanned returns the Scanned field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshot) GetScanned() Timestamp {
+	if d == nil || d.Scanned == nil {
+		return Timestamp{}
 	}
-	return *f.CurrentUserOrganizationURL
+	return *d.Scanned
 }
 
-// GetCurrentUserPublicURL returns the CurrentUserPublicURL field if it's non-nil, zero value otherwise.
-func (f *Feeds) GetCurrentUserPublicURL() string {
-	if f == nil || f.CurrentUserPublicURL == nil {
+// GetSha returns the Sha field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshot) GetSha() string {
+	if d == nil || d.Sha == nil {
 		return ""
 	}
-	return *f.CurrentUserPublicURL
+	return *d.Sha
 }
 
-// GetCurrentUserURL returns the CurrentUserURL field if it's non-nil, zero value otherwise.
-func (f *Feeds) GetCurrentUserURL() string {
-	if f == nil || f.CurrentUserURL == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotCreationData) GetCreatedAt() Timestamp {
+	if d == nil || d.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *f.CurrentUserURL
+	return *d.CreatedAt
 }
 
-// GetLinks returns the Links field.
-func (f *Feeds) GetLinks() *FeedLinks {
-	if f == nil {
-		return nil
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotCreationData) GetMessage() string {
+	if d == nil || d.Message == nil {
+		return ""
 	}
-	return f.Links
+	return *d.Message
 }
 
-// GetTimelineURL returns the TimelineURL field if it's non-nil, zero value otherwise.
-func (f *Feeds) GetTimelineURL() string {
-	if f == nil || f.TimelineURL == nil {
+// GetResult returns the Result field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotCreationData) GetResult() string {
+	if d == nil || d.Result == nil {
 		return ""
 	}
-	return *f.TimelineURL
+	return *d.Result
 }
 
-// GetUserURL returns the UserURL field if it's non-nil, zero value otherwise.
-func (f *Feeds) GetUserURL() string {
-	if f == nil || f.UserURL == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotDetector) GetName() string {
+	if d == nil || d.Name == nil {
 		return ""
 	}
-	return *f.UserURL
+	return *d.Name
 }
 
-// GetIdentifier returns the Identifier field if it's non-nil, zero value otherwise.
-func (f *FirstPatchedVersion) GetIdentifier() string {
-	if f == nil || f.Identifier == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotDetector) GetURL() string {
+	if d == nil || d.URL == nil {
 		return ""
 	}
-	return *f.Identifier
+	return *d.URL
 }
 
-// GetForkee returns the Forkee field.
-func (f *ForkEvent) GetForkee() *Repository {
-	if f == nil {
-		return nil
+// GetVersion returns the Version field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotDetector) GetVersion() string {
+	if d == nil || d.Version == nil {
+		return ""
 	}
-	return f.Forkee
+	return *d.Version
 }
 
-// GetInstallation returns the Installation field.
-func (f *ForkEvent) GetInstallation() *Installation {
-	if f == nil {
-		return nil
+// GetCorrelator returns the Correlator field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotJob) GetCorrelator() string {
+	if d == nil || d.Correlator == nil {
+		return ""
 	}
-	return f.Installation
+	return *d.Correlator
 }
 
-// GetRepo returns the Repo field.
-func (f *ForkEvent) GetRepo() *Repository {
-	if f == nil {
-		return nil
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotJob) GetHTMLURL() string {
+	if d == nil || d.HTMLURL == nil {
+		return ""
 	}
-	return f.Repo
+	return *d.HTMLURL
 }
 
-// GetSender returns the Sender field.
-func (f *ForkEvent) GetSender() *User {
-	if f == nil {
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotJob) GetID() string {
+	if d == nil || d.ID == nil {
+		return ""
+	}
+	return *d.ID
+}
+
+// GetFile returns the File field.
+func (d *DependencyGraphSnapshotManifest) GetFile() *DependencyGraphSnapshotManifestFile {
+	if d == nil {
 		return nil
 	}
-	return f.Sender
+	return d.File
 }
 
-// GetWorkFolder returns the WorkFolder field if it's non-nil, zero value otherwise.
-func (g *GenerateJITConfigRequest) GetWorkFolder() string {
-	if g == nil || g.WorkFolder == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotManifest) GetName() string {
+	if d == nil || d.Name == nil {
 		return ""
 	}
-	return *g.WorkFolder
+	return *d.Name
 }
 
-// GetPreviousTagName returns the PreviousTagName field if it's non-nil, zero value otherwise.
-func (g *GenerateNotesOptions) GetPreviousTagName() string {
-	if g == nil || g.PreviousTagName == nil {
+// GetSourceLocation returns the SourceLocation field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotManifestFile) GetSourceLocation() string {
+	if d == nil || d.SourceLocation == nil {
 		return ""
 	}
-	return *g.PreviousTagName
+	return *d.SourceLocation
 }
 
-// GetTargetCommitish returns the TargetCommitish field if it's non-nil, zero value otherwise.
-func (g *GenerateNotesOptions) GetTargetCommitish() string {
-	if g == nil || g.TargetCommitish == nil {
+// GetPackageURL returns the PackageURL field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotResolvedDependency) GetPackageURL() string {
+	if d == nil || d.PackageURL == nil {
 		return ""
 	}
-	return *g.TargetCommitish
+	return *d.PackageURL
 }
 
-// GetInclude returns the Include field if it's non-nil, zero value otherwise.
-func (g *GetAuditLogOptions) GetInclude() string {
-	if g == nil || g.Include == nil {
+// GetRelationship returns the Relationship field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotResolvedDependency) GetRelationship() string {
+	if d == nil || d.Relationship == nil {
 		return ""
 	}
-	return *g.Include
+	return *d.Relationship
 }
 
-// GetOrder returns the Order field if it's non-nil, zero value otherwise.
-func (g *GetAuditLogOptions) GetOrder() string {
-	if g == nil || g.Order == nil {
+// GetScope returns the Scope field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphSnapshotResolvedDependency) GetScope() string {
+	if d == nil || d.Scope == nil {
 		return ""
 	}
-	return *g.Order
+	return *d.Scope
 }
 
-// GetPhrase returns the Phrase field if it's non-nil, zero value otherwise.
-func (g *GetAuditLogOptions) GetPhrase() string {
-	if g == nil || g.Phrase == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (d *DeployKeyEvent) GetAction() string {
+	if d == nil || d.Action == nil {
 		return ""
 	}
-	return *g.Phrase
+	return *d.Action
 }
 
-// GetComments returns the Comments field if it's non-nil, zero value otherwise.
-func (g *Gist) GetComments() int {
-	if g == nil || g.Comments == nil {
-		return 0
+// GetInstallation returns the Installation field.
+func (d *DeployKeyEvent) GetInstallation() *Installation {
+	if d == nil {
+		return nil
 	}
-	return *g.Comments
+	return d.Installation
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (g *Gist) GetCreatedAt() Timestamp {
-	if g == nil || g.CreatedAt == nil {
-		return Timestamp{}
+// GetKey returns the Key field.
+func (d *DeployKeyEvent) GetKey() *Key {
+	if d == nil {
+		return nil
 	}
-	return *g.CreatedAt
+	return d.Key
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (g *Gist) GetDescription() string {
-	if g == nil || g.Description == nil {
-		return ""
+// GetOrganization returns the Organization field.
+func (d *DeployKeyEvent) GetOrganization() *Organization {
+	if d == nil {
+		return nil
 	}
-	return *g.Description
+	return d.Organization
 }
 
-// GetFiles returns the Files map if it's non-nil, an empty map otherwise.
-func (g *Gist) GetFiles() map[GistFilename]GistFile {
-	if g == nil || g.Files == nil {
-		return map[GistFilename]GistFile{}
+// GetRepo returns the Repo field.
+func (d *DeployKeyEvent) GetRepo() *Repository {
+	if d == nil {
+		return nil
 	}
-	return g.Files
+	return d.Repo
 }
 
-// GetGitPullURL returns the GitPullURL field if it's non-nil, zero value otherwise.
-func (g *Gist) GetGitPullURL() string {
-	if g == nil || g.GitPullURL == nil {
-		return ""
+// GetSender returns the Sender field.
+func (d *DeployKeyEvent) GetSender() *User {
+	if d == nil {
+		return nil
 	}
-	return *g.GitPullURL
+	return d.Sender
 }
 
-// GetGitPushURL returns the GitPushURL field if it's non-nil, zero value otherwise.
-func (g *Gist) GetGitPushURL() string {
-	if g == nil || g.GitPushURL == nil {
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (d *Deployment) GetCreatedAt() Timestamp {
+	if d == nil || d.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *d.CreatedAt
+}
+
+// GetCreator returns the Creator field.
+func (d *Deployment) GetCreator() *User {
+	if d == nil {
+		return nil
+	}
+	return d.Creator
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (d *Deployment) GetDescription() string {
+	if d == nil || d.Description == nil {
 		return ""
 	}
-	return *g.GitPushURL
+	return *d.Description
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (g *Gist) GetHTMLURL() string {
-	if g == nil || g.HTMLURL == nil {
+// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
+func (d *Deployment) GetEnvironment() string {
+	if d == nil || d.Environment == nil {
 		return ""
 	}
-	return *g.HTMLURL
+	return *d.Environment
 }
 
 // GetID returns the ID field if it's non-nil, zero value otherwise.
-func (g *Gist) GetID() string {
-	if g == nil || g.ID == nil {
-		return ""
+func (d *Deployment) GetID() int64 {
+	if d == nil || d.ID == nil {
+		return 0
 	}
-	return *g.ID
+	return *d.ID
 }
 
 // GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (g *Gist) GetNodeID() string {
-	if g == nil || g.NodeID == nil {
+func (d *Deployment) GetNodeID() string {
+	if d == nil || d.NodeID == nil {
 		return ""
 	}
-	return *g.NodeID
+	return *d.NodeID
 }
 
-// GetOwner returns the Owner field.
-func (g *Gist) GetOwner() *User {
-	if g == nil {
-		return nil
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (d *Deployment) GetRef() string {
+	if d == nil || d.Ref == nil {
+		return ""
 	}
-	return g.Owner
+	return *d.Ref
 }
 
-// GetPublic returns the Public field if it's non-nil, zero value otherwise.
-func (g *Gist) GetPublic() bool {
-	if g == nil || g.Public == nil {
-		return false
+// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
+func (d *Deployment) GetRepositoryURL() string {
+	if d == nil || d.RepositoryURL == nil {
+		return ""
 	}
-	return *g.Public
+	return *d.RepositoryURL
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (g *Gist) GetUpdatedAt() Timestamp {
-	if g == nil || g.UpdatedAt == nil {
-		return Timestamp{}
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (d *Deployment) GetSHA() string {
+	if d == nil || d.SHA == nil {
+		return ""
 	}
-	return *g.UpdatedAt
+	return *d.SHA
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (g *GistComment) GetBody() string {
-	if g == nil || g.Body == nil {
+// GetStatusesURL returns the StatusesURL field if it's non-nil, zero value otherwise.
+func (d *Deployment) GetStatusesURL() string {
+	if d == nil || d.StatusesURL == nil {
 		return ""
 	}
-	return *g.Body
+	return *d.StatusesURL
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (g *GistComment) GetCreatedAt() Timestamp {
-	if g == nil || g.CreatedAt == nil {
-		return Timestamp{}
+// GetTask returns the Task field if it's non-nil, zero value otherwise.
+func (d *Deployment) GetTask() string {
+	if d == nil || d.Task == nil {
+		return ""
 	}
-	return *g.CreatedAt
+	return *d.Task
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (g *GistComment) GetID() int64 {
-	if g == nil || g.ID == nil {
-		return 0
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (d *Deployment) GetUpdatedAt() Timestamp {
+	if d == nil || d.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *g.ID
+	return *d.UpdatedAt
 }
 
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (g *GistComment) GetURL() string {
-	if g == nil || g.URL == nil {
+func (d *Deployment) GetURL() string {
+	if d == nil || d.URL == nil {
 		return ""
 	}
-	return *g.URL
+	return *d.URL
 }
 
-// GetUser returns the User field.
-func (g *GistComment) GetUser() *User {
-	if g == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (d *DeploymentBranchPolicy) GetID() int64 {
+	if d == nil || d.ID == nil {
+		return 0
 	}
-	return g.User
+	return *d.ID
 }
 
-// GetChangeStatus returns the ChangeStatus field.
-func (g *GistCommit) GetChangeStatus() *CommitStats {
-	if g == nil {
-		return nil
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (d *DeploymentBranchPolicy) GetName() string {
+	if d == nil || d.Name == nil {
+		return ""
 	}
-	return g.ChangeStatus
+	return *d.Name
 }
 
-// GetCommittedAt returns the CommittedAt field if it's non-nil, zero value otherwise.
-func (g *GistCommit) GetCommittedAt() Timestamp {
-	if g == nil || g.CommittedAt == nil {
-		return Timestamp{}
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (d *DeploymentBranchPolicy) GetNodeID() string {
+	if d == nil || d.NodeID == nil {
+		return ""
 	}
-	return *g.CommittedAt
+	return *d.NodeID
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (g *GistCommit) GetNodeID() string {
-	if g == nil || g.NodeID == nil {
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (d *DeploymentBranchPolicy) GetType() string {
+	if d == nil || d.Type == nil {
 		return ""
 	}
-	return *g.NodeID
+	return *d.Type
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (g *GistCommit) GetURL() string {
-	if g == nil || g.URL == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (d *DeploymentBranchPolicyRequest) GetName() string {
+	if d == nil || d.Name == nil {
 		return ""
 	}
-	return *g.URL
+	return *d.Name
 }
 
-// GetUser returns the User field.
-func (g *GistCommit) GetUser() *User {
-	if g == nil {
-		return nil
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (d *DeploymentBranchPolicyRequest) GetType() string {
+	if d == nil || d.Type == nil {
+		return ""
 	}
-	return g.User
+	return *d.Type
 }
 
-// GetVersion returns the Version field if it's non-nil, zero value otherwise.
-func (g *GistCommit) GetVersion() string {
-	if g == nil || g.Version == nil {
-		return ""
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (d *DeploymentBranchPolicyResponse) GetTotalCount() int {
+	if d == nil || d.TotalCount == nil {
+		return 0
 	}
-	return *g.Version
+	return *d.TotalCount
 }
 
-// GetContent returns the Content field if it's non-nil, zero value otherwise.
-func (g *GistFile) GetContent() string {
-	if g == nil || g.Content == nil {
-		return ""
+// GetDeployment returns the Deployment field.
+func (d *DeploymentEvent) GetDeployment() *Deployment {
+	if d == nil {
+		return nil
 	}
-	return *g.Content
+	return d.Deployment
 }
 
-// GetFilename returns the Filename field if it's non-nil, zero value otherwise.
-func (g *GistFile) GetFilename() string {
-	if g == nil || g.Filename == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (d *DeploymentEvent) GetInstallation() *Installation {
+	if d == nil {
+		return nil
 	}
-	return *g.Filename
+	return d.Installation
 }
 
-// GetLanguage returns the Language field if it's non-nil, zero value otherwise.
-func (g *GistFile) GetLanguage() string {
-	if g == nil || g.Language == nil {
-		return ""
+// GetOrg returns the Org field.
+func (d *DeploymentEvent) GetOrg() *Organization {
+	if d == nil {
+		return nil
 	}
-	return *g.Language
+	return d.Org
 }
 
-// GetRawURL returns the RawURL field if it's non-nil, zero value otherwise.
-func (g *GistFile) GetRawURL() string {
-	if g == nil || g.RawURL == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (d *DeploymentEvent) GetRepo() *Repository {
+	if d == nil {
+		return nil
 	}
-	return *g.RawURL
+	return d.Repo
 }
 
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (g *GistFile) GetSize() int {
-	if g == nil || g.Size == nil {
-		return 0
+// GetSender returns the Sender field.
+func (d *DeploymentEvent) GetSender() *User {
+	if d == nil {
+		return nil
 	}
-	return *g.Size
+	return d.Sender
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (g *GistFile) GetType() string {
-	if g == nil || g.Type == nil {
-		return ""
+// GetWorkflow returns the Workflow field.
+func (d *DeploymentEvent) GetWorkflow() *Workflow {
+	if d == nil {
+		return nil
 	}
-	return *g.Type
+	return d.Workflow
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (g *GistFork) GetCreatedAt() Timestamp {
-	if g == nil || g.CreatedAt == nil {
-		return Timestamp{}
+// GetWorkflowRun returns the WorkflowRun field.
+func (d *DeploymentEvent) GetWorkflowRun() *WorkflowRun {
+	if d == nil {
+		return nil
 	}
-	return *g.CreatedAt
+	return d.WorkflowRun
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (g *GistFork) GetID() string {
-	if g == nil || g.ID == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (d *DeploymentProtectionRuleEvent) GetAction() string {
+	if d == nil || d.Action == nil {
 		return ""
 	}
-	return *g.ID
+	return *d.Action
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (g *GistFork) GetNodeID() string {
-	if g == nil || g.NodeID == nil {
+// GetDeployment returns the Deployment field.
+func (d *DeploymentProtectionRuleEvent) GetDeployment() *Deployment {
+	if d == nil {
+		return nil
+	}
+	return d.Deployment
+}
+
+// GetDeploymentCallbackURL returns the DeploymentCallbackURL field if it's non-nil, zero value otherwise.
+func (d *DeploymentProtectionRuleEvent) GetDeploymentCallbackURL() string {
+	if d == nil || d.DeploymentCallbackURL == nil {
 		return ""
 	}
-	return *g.NodeID
+	return *d.DeploymentCallbackURL
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (g *GistFork) GetUpdatedAt() Timestamp {
-	if g == nil || g.UpdatedAt == nil {
-		return Timestamp{}
+// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
+func (d *DeploymentProtectionRuleEvent) GetEnvironment() string {
+	if d == nil || d.Environment == nil {
+		return ""
 	}
-	return *g.UpdatedAt
+	return *d.Environment
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (g *GistFork) GetURL() string {
-	if g == nil || g.URL == nil {
+// GetEvent returns the Event field if it's non-nil, zero value otherwise.
+func (d *DeploymentProtectionRuleEvent) GetEvent() string {
+	if d == nil || d.Event == nil {
 		return ""
 	}
-	return *g.URL
+	return *d.Event
 }
 
-// GetUser returns the User field.
-func (g *GistFork) GetUser() *User {
-	if g == nil {
+// GetInstallation returns the Installation field.
+func (d *DeploymentProtectionRuleEvent) GetInstallation() *Installation {
+	if d == nil {
 		return nil
 	}
-	return g.User
+	return d.Installation
 }
 
-// GetPrivateGists returns the PrivateGists field if it's non-nil, zero value otherwise.
-func (g *GistStats) GetPrivateGists() int {
-	if g == nil || g.PrivateGists == nil {
-		return 0
+// GetOrganization returns the Organization field.
+func (d *DeploymentProtectionRuleEvent) GetOrganization() *Organization {
+	if d == nil {
+		return nil
 	}
-	return *g.PrivateGists
+	return d.Organization
 }
 
-// GetPublicGists returns the PublicGists field if it's non-nil, zero value otherwise.
-func (g *GistStats) GetPublicGists() int {
-	if g == nil || g.PublicGists == nil {
-		return 0
+// GetRepo returns the Repo field.
+func (d *DeploymentProtectionRuleEvent) GetRepo() *Repository {
+	if d == nil {
+		return nil
 	}
-	return *g.PublicGists
+	return d.Repo
 }
 
-// GetTotalGists returns the TotalGists field if it's non-nil, zero value otherwise.
-func (g *GistStats) GetTotalGists() int {
-	if g == nil || g.TotalGists == nil {
-		return 0
+// GetSender returns the Sender field.
+func (d *DeploymentProtectionRuleEvent) GetSender() *User {
+	if d == nil {
+		return nil
 	}
-	return *g.TotalGists
+	return d.Sender
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (g *GitHubAppAuthorizationEvent) GetAction() string {
-	if g == nil || g.Action == nil {
+// GetAutoMerge returns the AutoMerge field if it's non-nil, zero value otherwise.
+func (d *DeploymentRequest) GetAutoMerge() bool {
+	if d == nil || d.AutoMerge == nil {
+		return false
+	}
+	return *d.AutoMerge
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (d *DeploymentRequest) GetDescription() string {
+	if d == nil || d.Description == nil {
 		return ""
 	}
-	return *g.Action
+	return *d.Description
 }
 
-// GetInstallation returns the Installation field.
-func (g *GitHubAppAuthorizationEvent) GetInstallation() *Installation {
-	if g == nil {
-		return nil
+// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
+func (d *DeploymentRequest) GetEnvironment() string {
+	if d == nil || d.Environment == nil {
+		return ""
 	}
-	return g.Installation
+	return *d.Environment
 }
 
-// GetSender returns the Sender field.
-func (g *GitHubAppAuthorizationEvent) GetSender() *User {
-	if g == nil {
-		return nil
+// GetProductionEnvironment returns the ProductionEnvironment field if it's non-nil, zero value otherwise.
+func (d *DeploymentRequest) GetProductionEnvironment() bool {
+	if d == nil || d.ProductionEnvironment == nil {
+		return false
 	}
-	return g.Sender
+	return *d.ProductionEnvironment
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (g *Gitignore) GetName() string {
-	if g == nil || g.Name == nil {
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (d *DeploymentRequest) GetRef() string {
+	if d == nil || d.Ref == nil {
 		return ""
 	}
-	return *g.Name
+	return *d.Ref
 }
 
-// GetSource returns the Source field if it's non-nil, zero value otherwise.
-func (g *Gitignore) GetSource() string {
-	if g == nil || g.Source == nil {
-		return ""
+// GetRequiredContexts returns the RequiredContexts field if it's non-nil, zero value otherwise.
+func (d *DeploymentRequest) GetRequiredContexts() []string {
+	if d == nil || d.RequiredContexts == nil {
+		return nil
 	}
-	return *g.Source
+	return *d.RequiredContexts
 }
 
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (g *GitObject) GetSHA() string {
-	if g == nil || g.SHA == nil {
+// GetTask returns the Task field if it's non-nil, zero value otherwise.
+func (d *DeploymentRequest) GetTask() string {
+	if d == nil || d.Task == nil {
 		return ""
 	}
-	return *g.SHA
+	return *d.Task
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (g *GitObject) GetType() string {
-	if g == nil || g.Type == nil {
-		return ""
+// GetTransientEnvironment returns the TransientEnvironment field if it's non-nil, zero value otherwise.
+func (d *DeploymentRequest) GetTransientEnvironment() bool {
+	if d == nil || d.TransientEnvironment == nil {
+		return false
 	}
-	return *g.Type
+	return *d.TransientEnvironment
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (g *GitObject) GetURL() string {
-	if g == nil || g.URL == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (d *DeploymentReviewEvent) GetAction() string {
+	if d == nil || d.Action == nil {
 		return ""
 	}
-	return *g.URL
+	return *d.Action
 }
 
-// GetInstallation returns the Installation field.
-func (g *GollumEvent) GetInstallation() *Installation {
-	if g == nil {
+// GetApprover returns the Approver field.
+func (d *DeploymentReviewEvent) GetApprover() *User {
+	if d == nil {
 		return nil
 	}
-	return g.Installation
+	return d.Approver
 }
 
-// GetRepo returns the Repo field.
-func (g *GollumEvent) GetRepo() *Repository {
-	if g == nil {
-		return nil
+// GetComment returns the Comment field if it's non-nil, zero value otherwise.
+func (d *DeploymentReviewEvent) GetComment() string {
+	if d == nil || d.Comment == nil {
+		return ""
 	}
-	return g.Repo
+	return *d.Comment
 }
 
-// GetSender returns the Sender field.
-func (g *GollumEvent) GetSender() *User {
-	if g == nil {
+// GetEnterprise returns the Enterprise field.
+func (d *DeploymentReviewEvent) GetEnterprise() *Enterprise {
+	if d == nil {
 		return nil
 	}
-	return g.Sender
+	return d.Enterprise
 }
 
-// GetEmail returns the Email field if it's non-nil, zero value otherwise.
-func (g *GPGEmail) GetEmail() string {
-	if g == nil || g.Email == nil {
+// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
+func (d *DeploymentReviewEvent) GetEnvironment() string {
+	if d == nil || d.Environment == nil {
 		return ""
 	}
-	return *g.Email
+	return *d.Environment
 }
 
-// GetVerified returns the Verified field if it's non-nil, zero value otherwise.
-func (g *GPGEmail) GetVerified() bool {
-	if g == nil || g.Verified == nil {
-		return false
+// GetInstallation returns the Installation field.
+func (d *DeploymentReviewEvent) GetInstallation() *Installation {
+	if d == nil {
+		return nil
 	}
-	return *g.Verified
+	return d.Installation
 }
 
-// GetCanCertify returns the CanCertify field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetCanCertify() bool {
-	if g == nil || g.CanCertify == nil {
-		return false
+// GetOrganization returns the Organization field.
+func (d *DeploymentReviewEvent) GetOrganization() *Organization {
+	if d == nil {
+		return nil
 	}
-	return *g.CanCertify
+	return d.Organization
 }
 
-// GetCanEncryptComms returns the CanEncryptComms field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetCanEncryptComms() bool {
-	if g == nil || g.CanEncryptComms == nil {
-		return false
+// GetRepo returns the Repo field.
+func (d *DeploymentReviewEvent) GetRepo() *Repository {
+	if d == nil {
+		return nil
 	}
-	return *g.CanEncryptComms
+	return d.Repo
 }
 
-// GetCanEncryptStorage returns the CanEncryptStorage field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetCanEncryptStorage() bool {
-	if g == nil || g.CanEncryptStorage == nil {
-		return false
+// GetRequester returns the Requester field.
+func (d *DeploymentReviewEvent) GetRequester() *User {
+	if d == nil {
+		return nil
 	}
-	return *g.CanEncryptStorage
+	return d.Requester
 }
 
-// GetCanSign returns the CanSign field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetCanSign() bool {
-	if g == nil || g.CanSign == nil {
-		return false
+// GetSender returns the Sender field.
+func (d *DeploymentReviewEvent) GetSender() *User {
+	if d == nil {
+		return nil
 	}
-	return *g.CanSign
+	return d.Sender
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetCreatedAt() Timestamp {
-	if g == nil || g.CreatedAt == nil {
-		return Timestamp{}
+// GetSince returns the Since field if it's non-nil, zero value otherwise.
+func (d *DeploymentReviewEvent) GetSince() string {
+	if d == nil || d.Since == nil {
+		return ""
 	}
-	return *g.CreatedAt
+	return *d.Since
 }
 
-// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetExpiresAt() Timestamp {
-	if g == nil || g.ExpiresAt == nil {
-		return Timestamp{}
+// GetWorkflowJobRun returns the WorkflowJobRun field.
+func (d *DeploymentReviewEvent) GetWorkflowJobRun() *WorkflowJobRun {
+	if d == nil {
+		return nil
 	}
-	return *g.ExpiresAt
+	return d.WorkflowJobRun
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetID() int64 {
-	if g == nil || g.ID == nil {
-		return 0
+// GetWorkflowRun returns the WorkflowRun field.
+func (d *DeploymentReviewEvent) GetWorkflowRun() *WorkflowRun {
+	if d == nil {
+		return nil
 	}
-	return *g.ID
+	return d.WorkflowRun
 }
 
-// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetKeyID() string {
-	if g == nil || g.KeyID == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetCreatedAt() Timestamp {
+	if d == nil || d.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *g.KeyID
+	return *d.CreatedAt
 }
 
-// GetPrimaryKeyID returns the PrimaryKeyID field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetPrimaryKeyID() int64 {
-	if g == nil || g.PrimaryKeyID == nil {
-		return 0
+// GetCreator returns the Creator field.
+func (d *DeploymentStatus) GetCreator() *User {
+	if d == nil {
+		return nil
 	}
-	return *g.PrimaryKeyID
+	return d.Creator
 }
 
-// GetPublicKey returns the PublicKey field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetPublicKey() string {
-	if g == nil || g.PublicKey == nil {
+// GetDeploymentURL returns the DeploymentURL field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetDeploymentURL() string {
+	if d == nil || d.DeploymentURL == nil {
 		return ""
 	}
-	return *g.PublicKey
+	return *d.DeploymentURL
 }
 
-// GetRawKey returns the RawKey field if it's non-nil, zero value otherwise.
-func (g *GPGKey) GetRawKey() string {
-	if g == nil || g.RawKey == nil {
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetDescription() string {
+	if d == nil || d.Description == nil {
 		return ""
 	}
-	return *g.RawKey
+	return *d.Description
 }
 
-// GetApp returns the App field.
-func (g *Grant) GetApp() *AuthorizationApp {
-	if g == nil {
-		return nil
+// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetEnvironment() string {
+	if d == nil || d.Environment == nil {
+		return ""
 	}
-	return g.App
+	return *d.Environment
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (g *Grant) GetCreatedAt() Timestamp {
-	if g == nil || g.CreatedAt == nil {
-		return Timestamp{}
+// GetEnvironmentURL returns the EnvironmentURL field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetEnvironmentURL() string {
+	if d == nil || d.EnvironmentURL == nil {
+		return ""
 	}
-	return *g.CreatedAt
+	return *d.EnvironmentURL
 }
 
 // GetID returns the ID field if it's non-nil, zero value otherwise.
-func (g *Grant) GetID() int64 {
-	if g == nil || g.ID == nil {
+func (d *DeploymentStatus) GetID() int64 {
+	if d == nil || d.ID == nil {
 		return 0
 	}
-	return *g.ID
-}
-
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (g *Grant) GetUpdatedAt() Timestamp {
-	if g == nil || g.UpdatedAt == nil {
-		return Timestamp{}
-	}
-	return *g.UpdatedAt
+	return *d.ID
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (g *Grant) GetURL() string {
-	if g == nil || g.URL == nil {
+// GetLogURL returns the LogURL field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetLogURL() string {
+	if d == nil || d.LogURL == nil {
 		return ""
 	}
-	return *g.URL
-}
-
-// GetAuthor returns the Author field.
-func (h *HeadCommit) GetAuthor() *CommitAuthor {
-	if h == nil {
-		return nil
-	}
-	return h.Author
-}
-
-// GetCommitter returns the Committer field.
-func (h *HeadCommit) GetCommitter() *CommitAuthor {
-	if h == nil {
-		return nil
-	}
-	return h.Committer
+	return *d.LogURL
 }
 
-// GetDistinct returns the Distinct field if it's non-nil, zero value otherwise.
-func (h *HeadCommit) GetDistinct() bool {
-	if h == nil || h.Distinct == nil {
-		return false
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetNodeID() string {
+	if d == nil || d.NodeID == nil {
+		return ""
 	}
-	return *h.Distinct
+	return *d.NodeID
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (h *HeadCommit) GetID() string {
-	if h == nil || h.ID == nil {
+// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetRepositoryURL() string {
+	if d == nil || d.RepositoryURL == nil {
 		return ""
 	}
-	return *h.ID
+	return *d.RepositoryURL
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (h *HeadCommit) GetMessage() string {
-	if h == nil || h.Message == nil {
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetState() string {
+	if d == nil || d.State == nil {
 		return ""
 	}
-	return *h.Message
+	return *d.State
 }
 
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (h *HeadCommit) GetSHA() string {
-	if h == nil || h.SHA == nil {
+// GetTargetURL returns the TargetURL field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetTargetURL() string {
+	if d == nil || d.TargetURL == nil {
 		return ""
 	}
-	return *h.SHA
+	return *d.TargetURL
 }
 
-// GetTimestamp returns the Timestamp field if it's non-nil, zero value otherwise.
-func (h *HeadCommit) GetTimestamp() Timestamp {
-	if h == nil || h.Timestamp == nil {
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetUpdatedAt() Timestamp {
+	if d == nil || d.UpdatedAt == nil {
 		return Timestamp{}
 	}
-	return *h.Timestamp
+	return *d.UpdatedAt
 }
 
-// GetTreeID returns the TreeID field if it's non-nil, zero value otherwise.
-func (h *HeadCommit) GetTreeID() string {
-	if h == nil || h.TreeID == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatus) GetURL() string {
+	if d == nil || d.URL == nil {
 		return ""
 	}
-	return *h.TreeID
+	return *d.URL
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (h *HeadCommit) GetURL() string {
-	if h == nil || h.URL == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatusEvent) GetAction() string {
+	if d == nil || d.Action == nil {
 		return ""
 	}
-	return *h.URL
+	return *d.Action
 }
 
-// GetActive returns the Active field if it's non-nil, zero value otherwise.
-func (h *Hook) GetActive() bool {
-	if h == nil || h.Active == nil {
-		return false
+// GetDeployment returns the Deployment field.
+func (d *DeploymentStatusEvent) GetDeployment() *Deployment {
+	if d == nil {
+		return nil
 	}
-	return *h.Active
+	return d.Deployment
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (h *Hook) GetCreatedAt() Timestamp {
-	if h == nil || h.CreatedAt == nil {
-		return Timestamp{}
+// GetDeploymentStatus returns the DeploymentStatus field.
+func (d *DeploymentStatusEvent) GetDeploymentStatus() *DeploymentStatus {
+	if d == nil {
+		return nil
 	}
-	return *h.CreatedAt
+	return d.DeploymentStatus
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (h *Hook) GetID() int64 {
-	if h == nil || h.ID == nil {
-		return 0
+// GetInstallation returns the Installation field.
+func (d *DeploymentStatusEvent) GetInstallation() *Installation {
+	if d == nil {
+		return nil
 	}
-	return *h.ID
+	return d.Installation
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (h *Hook) GetName() string {
-	if h == nil || h.Name == nil {
-		return ""
+// GetOrg returns the Org field.
+func (d *DeploymentStatusEvent) GetOrg() *Organization {
+	if d == nil {
+		return nil
 	}
-	return *h.Name
+	return d.Org
 }
 
-// GetPingURL returns the PingURL field if it's non-nil, zero value otherwise.
-func (h *Hook) GetPingURL() string {
-	if h == nil || h.PingURL == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (d *DeploymentStatusEvent) GetRepo() *Repository {
+	if d == nil {
+		return nil
 	}
-	return *h.PingURL
+	return d.Repo
 }
 
-// GetTestURL returns the TestURL field if it's non-nil, zero value otherwise.
-func (h *Hook) GetTestURL() string {
-	if h == nil || h.TestURL == nil {
-		return ""
+// GetSender returns the Sender field.
+func (d *DeploymentStatusEvent) GetSender() *User {
+	if d == nil {
+		return nil
 	}
-	return *h.TestURL
+	return d.Sender
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (h *Hook) GetType() string {
-	if h == nil || h.Type == nil {
-		return ""
+// GetAutoInactive returns the AutoInactive field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatusRequest) GetAutoInactive() bool {
+	if d == nil || d.AutoInactive == nil {
+		return false
 	}
-	return *h.Type
+	return *d.AutoInactive
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (h *Hook) GetUpdatedAt() Timestamp {
-	if h == nil || h.UpdatedAt == nil {
-		return Timestamp{}
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatusRequest) GetDescription() string {
+	if d == nil || d.Description == nil {
+		return ""
 	}
-	return *h.UpdatedAt
+	return *d.Description
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (h *Hook) GetURL() string {
-	if h == nil || h.URL == nil {
+// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatusRequest) GetEnvironment() string {
+	if d == nil || d.Environment == nil {
 		return ""
 	}
-	return *h.URL
+	return *d.Environment
 }
 
-// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
-func (h *HookConfig) GetContentType() string {
-	if h == nil || h.ContentType == nil {
+// GetEnvironmentURL returns the EnvironmentURL field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatusRequest) GetEnvironmentURL() string {
+	if d == nil || d.EnvironmentURL == nil {
 		return ""
 	}
-	return *h.ContentType
+	return *d.EnvironmentURL
 }
 
-// GetInsecureSSL returns the InsecureSSL field if it's non-nil, zero value otherwise.
-func (h *HookConfig) GetInsecureSSL() string {
-	if h == nil || h.InsecureSSL == nil {
+// GetLogURL returns the LogURL field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatusRequest) GetLogURL() string {
+	if d == nil || d.LogURL == nil {
 		return ""
 	}
-	return *h.InsecureSSL
+	return *d.LogURL
 }
 
-// GetSecret returns the Secret field if it's non-nil, zero value otherwise.
-func (h *HookConfig) GetSecret() string {
-	if h == nil || h.Secret == nil {
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (d *DeploymentStatusRequest) GetState() string {
+	if d == nil || d.State == nil {
 		return ""
 	}
-	return *h.Secret
+	return *d.State
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (h *HookConfig) GetURL() string {
-	if h == nil || h.URL == nil {
+// GetActiveLockReason returns the ActiveLockReason field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetActiveLockReason() string {
+	if d == nil || d.ActiveLockReason == nil {
 		return ""
 	}
-	return *h.URL
+	return *d.ActiveLockReason
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (h *HookDelivery) GetAction() string {
-	if h == nil || h.Action == nil {
-		return ""
+// GetAnswerChosenAt returns the AnswerChosenAt field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetAnswerChosenAt() Timestamp {
+	if d == nil || d.AnswerChosenAt == nil {
+		return Timestamp{}
 	}
-	return *h.Action
+	return *d.AnswerChosenAt
 }
 
-// GetDeliveredAt returns the DeliveredAt field if it's non-nil, zero value otherwise.
-func (h *HookDelivery) GetDeliveredAt() Timestamp {
-	if h == nil || h.DeliveredAt == nil {
-		return Timestamp{}
+// GetAnswerChosenBy returns the AnswerChosenBy field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetAnswerChosenBy() string {
+	if d == nil || d.AnswerChosenBy == nil {
+		return ""
 	}
-	return *h.DeliveredAt
+	return *d.AnswerChosenBy
 }
 
-// GetDuration returns the Duration field.
-func (h *HookDelivery) GetDuration() *float64 {
-	if h == nil {
-		return nil
+// GetAnswerHTMLURL returns the AnswerHTMLURL field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetAnswerHTMLURL() string {
+	if d == nil || d.AnswerHTMLURL == nil {
+		return ""
 	}
-	return h.Duration
+	return *d.AnswerHTMLURL
 }
 
-// GetEvent returns the Event field if it's non-nil, zero value otherwise.
-func (h *HookDelivery) GetEvent() string {
-	if h == nil || h.Event == nil {
+// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetAuthorAssociation() string {
+	if d == nil || d.AuthorAssociation == nil {
 		return ""
 	}
-	return *h.Event
+	return *d.AuthorAssociation
 }
 
-// GetGUID returns the GUID field if it's non-nil, zero value otherwise.
-func (h *HookDelivery) GetGUID() string {
-	if h == nil || h.GUID == nil {
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetBody() string {
+	if d == nil || d.Body == nil {
 		return ""
 	}
-	return *h.GUID
+	return *d.Body
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (h *HookDelivery) GetID() int64 {
-	if h == nil || h.ID == nil {
+// GetComments returns the Comments field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetComments() int {
+	if d == nil || d.Comments == nil {
 		return 0
 	}
-	return *h.ID
+	return *d.Comments
 }
 
-// GetInstallationID returns the InstallationID field if it's non-nil, zero value otherwise.
-func (h *HookDelivery) GetInstallationID() int64 {
-	if h == nil || h.InstallationID == nil {
-		return 0
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetCreatedAt() Timestamp {
+	if d == nil || d.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *h.InstallationID
+	return *d.CreatedAt
 }
 
-// GetRedelivery returns the Redelivery field if it's non-nil, zero value otherwise.
-func (h *HookDelivery) GetRedelivery() bool {
-	if h == nil || h.Redelivery == nil {
-		return false
+// GetDiscussionCategory returns the DiscussionCategory field.
+func (d *Discussion) GetDiscussionCategory() *DiscussionCategory {
+	if d == nil {
+		return nil
 	}
-	return *h.Redelivery
+	return d.DiscussionCategory
 }
 
-// GetRepositoryID returns the RepositoryID field if it's non-nil, zero value otherwise.
-func (h *HookDelivery) GetRepositoryID() int64 {
-	if h == nil || h.RepositoryID == nil {
-		return 0
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetHTMLURL() string {
+	if d == nil || d.HTMLURL == nil {
+		return ""
 	}
-	return *h.RepositoryID
+	return *d.HTMLURL
 }
 
-// GetRequest returns the Request field.
-func (h *HookDelivery) GetRequest() *HookRequest {
-	if h == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetID() int64 {
+	if d == nil || d.ID == nil {
+		return 0
 	}
-	return h.Request
+	return *d.ID
 }
 
-// GetResponse returns the Response field.
-func (h *HookDelivery) GetResponse() *HookResponse {
-	if h == nil {
-		return nil
+// GetLocked returns the Locked field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetLocked() bool {
+	if d == nil || d.Locked == nil {
+		return false
 	}
-	return h.Response
+	return *d.Locked
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (h *HookDelivery) GetStatus() string {
-	if h == nil || h.Status == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetNodeID() string {
+	if d == nil || d.NodeID == nil {
 		return ""
 	}
-	return *h.Status
+	return *d.NodeID
 }
 
-// GetStatusCode returns the StatusCode field if it's non-nil, zero value otherwise.
-func (h *HookDelivery) GetStatusCode() int {
-	if h == nil || h.StatusCode == nil {
+// GetNumber returns the Number field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetNumber() int {
+	if d == nil || d.Number == nil {
 		return 0
 	}
-	return *h.StatusCode
+	return *d.Number
 }
 
-// GetHeaders returns the Headers map if it's non-nil, an empty map otherwise.
-func (h *HookRequest) GetHeaders() map[string]string {
-	if h == nil || h.Headers == nil {
-		return map[string]string{}
+// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetRepositoryURL() string {
+	if d == nil || d.RepositoryURL == nil {
+		return ""
 	}
-	return h.Headers
+	return *d.RepositoryURL
 }
 
-// GetRawPayload returns the RawPayload field if it's non-nil, zero value otherwise.
-func (h *HookRequest) GetRawPayload() json.RawMessage {
-	if h == nil || h.RawPayload == nil {
-		return json.RawMessage{}
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetState() string {
+	if d == nil || d.State == nil {
+		return ""
 	}
-	return *h.RawPayload
+	return *d.State
 }
 
-// GetHeaders returns the Headers map if it's non-nil, an empty map otherwise.
-func (h *HookResponse) GetHeaders() map[string]string {
-	if h == nil || h.Headers == nil {
-		return map[string]string{}
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetTitle() string {
+	if d == nil || d.Title == nil {
+		return ""
 	}
-	return h.Headers
+	return *d.Title
 }
 
-// GetRawPayload returns the RawPayload field if it's non-nil, zero value otherwise.
-func (h *HookResponse) GetRawPayload() json.RawMessage {
-	if h == nil || h.RawPayload == nil {
-		return json.RawMessage{}
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (d *Discussion) GetUpdatedAt() Timestamp {
+	if d == nil || d.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *h.RawPayload
+	return *d.UpdatedAt
 }
 
-// GetActiveHooks returns the ActiveHooks field if it's non-nil, zero value otherwise.
-func (h *HookStats) GetActiveHooks() int {
-	if h == nil || h.ActiveHooks == nil {
-		return 0
+// GetUser returns the User field.
+func (d *Discussion) GetUser() *User {
+	if d == nil {
+		return nil
 	}
-	return *h.ActiveHooks
+	return d.User
 }
 
-// GetInactiveHooks returns the InactiveHooks field if it's non-nil, zero value otherwise.
-func (h *HookStats) GetInactiveHooks() int {
-	if h == nil || h.InactiveHooks == nil {
-		return 0
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (d *DiscussionCategory) GetCreatedAt() Timestamp {
+	if d == nil || d.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *h.InactiveHooks
+	return *d.CreatedAt
 }
 
-// GetTotalHooks returns the TotalHooks field if it's non-nil, zero value otherwise.
-func (h *HookStats) GetTotalHooks() int {
-	if h == nil || h.TotalHooks == nil {
-		return 0
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (d *DiscussionCategory) GetDescription() string {
+	if d == nil || d.Description == nil {
+		return ""
 	}
-	return *h.TotalHooks
+	return *d.Description
 }
 
-// GetGroupDescription returns the GroupDescription field if it's non-nil, zero value otherwise.
-func (i *IDPGroup) GetGroupDescription() string {
-	if i == nil || i.GroupDescription == nil {
+// GetEmoji returns the Emoji field if it's non-nil, zero value otherwise.
+func (d *DiscussionCategory) GetEmoji() string {
+	if d == nil || d.Emoji == nil {
 		return ""
 	}
-	return *i.GroupDescription
+	return *d.Emoji
 }
 
-// GetGroupID returns the GroupID field if it's non-nil, zero value otherwise.
-func (i *IDPGroup) GetGroupID() string {
-	if i == nil || i.GroupID == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (d *DiscussionCategory) GetID() int64 {
+	if d == nil || d.ID == nil {
+		return 0
 	}
-	return *i.GroupID
+	return *d.ID
 }
 
-// GetGroupName returns the GroupName field if it's non-nil, zero value otherwise.
-func (i *IDPGroup) GetGroupName() string {
-	if i == nil || i.GroupName == nil {
-		return ""
+// GetIsAnswerable returns the IsAnswerable field if it's non-nil, zero value otherwise.
+func (d *DiscussionCategory) GetIsAnswerable() bool {
+	if d == nil || d.IsAnswerable == nil {
+		return false
 	}
-	return *i.GroupName
+	return *d.IsAnswerable
 }
 
-// GetAuthorsCount returns the AuthorsCount field if it's non-nil, zero value otherwise.
-func (i *Import) GetAuthorsCount() int {
-	if i == nil || i.AuthorsCount == nil {
-		return 0
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (d *DiscussionCategory) GetName() string {
+	if d == nil || d.Name == nil {
+		return ""
 	}
-	return *i.AuthorsCount
+	return *d.Name
 }
 
-// GetAuthorsURL returns the AuthorsURL field if it's non-nil, zero value otherwise.
-func (i *Import) GetAuthorsURL() string {
-	if i == nil || i.AuthorsURL == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (d *DiscussionCategory) GetNodeID() string {
+	if d == nil || d.NodeID == nil {
 		return ""
 	}
-	return *i.AuthorsURL
+	return *d.NodeID
 }
 
-// GetCommitCount returns the CommitCount field if it's non-nil, zero value otherwise.
-func (i *Import) GetCommitCount() int {
-	if i == nil || i.CommitCount == nil {
+// GetRepositoryID returns the RepositoryID field if it's non-nil, zero value otherwise.
+func (d *DiscussionCategory) GetRepositoryID() int64 {
+	if d == nil || d.RepositoryID == nil {
 		return 0
 	}
-	return *i.CommitCount
+	return *d.RepositoryID
 }
 
-// GetFailedStep returns the FailedStep field if it's non-nil, zero value otherwise.
-func (i *Import) GetFailedStep() string {
-	if i == nil || i.FailedStep == nil {
+// GetSlug returns the Slug field if it's non-nil, zero value otherwise.
+func (d *DiscussionCategory) GetSlug() string {
+	if d == nil || d.Slug == nil {
 		return ""
 	}
-	return *i.FailedStep
+	return *d.Slug
 }
 
-// GetHasLargeFiles returns the HasLargeFiles field if it's non-nil, zero value otherwise.
-func (i *Import) GetHasLargeFiles() bool {
-	if i == nil || i.HasLargeFiles == nil {
-		return false
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (d *DiscussionCategory) GetUpdatedAt() Timestamp {
+	if d == nil || d.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *i.HasLargeFiles
+	return *d.UpdatedAt
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (i *Import) GetHTMLURL() string {
-	if i == nil || i.HTMLURL == nil {
+// GetAuthor returns the Author field.
+func (d *DiscussionComment) GetAuthor() *User {
+	if d == nil {
+		return nil
+	}
+	return d.Author
+}
+
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (d *DiscussionComment) GetBody() string {
+	if d == nil || d.Body == nil {
 		return ""
 	}
-	return *i.HTMLURL
+	return *d.Body
 }
 
-// GetHumanName returns the HumanName field if it's non-nil, zero value otherwise.
-func (i *Import) GetHumanName() string {
-	if i == nil || i.HumanName == nil {
+// GetBodyHTML returns the BodyHTML field if it's non-nil, zero value otherwise.
+func (d *DiscussionComment) GetBodyHTML() string {
+	if d == nil || d.BodyHTML == nil {
 		return ""
 	}
-	return *i.HumanName
+	return *d.BodyHTML
 }
 
-// GetLargeFilesCount returns the LargeFilesCount field if it's non-nil, zero value otherwise.
-func (i *Import) GetLargeFilesCount() int {
-	if i == nil || i.LargeFilesCount == nil {
-		return 0
+// GetBodyVersion returns the BodyVersion field if it's non-nil, zero value otherwise.
+func (d *DiscussionComment) GetBodyVersion() string {
+	if d == nil || d.BodyVersion == nil {
+		return ""
 	}
-	return *i.LargeFilesCount
+	return *d.BodyVersion
 }
 
-// GetLargeFilesSize returns the LargeFilesSize field if it's non-nil, zero value otherwise.
-func (i *Import) GetLargeFilesSize() int {
-	if i == nil || i.LargeFilesSize == nil {
-		return 0
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (d *DiscussionComment) GetCreatedAt() Timestamp {
+	if d == nil || d.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *i.LargeFilesSize
+	return *d.CreatedAt
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (i *Import) GetMessage() string {
-	if i == nil || i.Message == nil {
+// GetDiscussionURL returns the DiscussionURL field if it's non-nil, zero value otherwise.
+func (d *DiscussionComment) GetDiscussionURL() string {
+	if d == nil || d.DiscussionURL == nil {
 		return ""
 	}
-	return *i.Message
+	return *d.DiscussionURL
 }
 
-// GetPercent returns the Percent field if it's non-nil, zero value otherwise.
-func (i *Import) GetPercent() int {
-	if i == nil || i.Percent == nil {
-		return 0
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (d *DiscussionComment) GetHTMLURL() string {
+	if d == nil || d.HTMLURL == nil {
+		return ""
 	}
-	return *i.Percent
+	return *d.HTMLURL
 }
 
-// GetPushPercent returns the PushPercent field if it's non-nil, zero value otherwise.
-func (i *Import) GetPushPercent() int {
-	if i == nil || i.PushPercent == nil {
-		return 0
+// GetLastEditedAt returns the LastEditedAt field if it's non-nil, zero value otherwise.
+func (d *DiscussionComment) GetLastEditedAt() Timestamp {
+	if d == nil || d.LastEditedAt == nil {
+		return Timestamp{}
 	}
-	return *i.PushPercent
+	return *d.LastEditedAt
 }
 
-// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
-func (i *Import) GetRepositoryURL() string {
-	if i == nil || i.RepositoryURL == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (d *DiscussionComment) GetNodeID() string {
+	if d == nil || d.NodeID == nil {
 		return ""
 	}
-	return *i.RepositoryURL
+	return *d.NodeID
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (i *Import) GetStatus() string {
-	if i == nil || i.Status == nil {
-		return ""
+// GetNumber returns the Number field if it's non-nil, zero value otherwise.
+func (d *DiscussionComment) GetNumber() int {
+	if d == nil || d.Number == nil {
+		return 0
 	}
-	return *i.Status
+	return *d.Number
 }
 
-// GetStatusText returns the StatusText field if it's non-nil, zero value otherwise.
-func (i *Import) GetStatusText() string {
-	if i == nil || i.StatusText == nil {
-		return ""
+// GetReactions returns the Reactions field.
+func (d *DiscussionComment) GetReactions() *Reactions {
+	if d == nil {
+		return nil
 	}
-	return *i.StatusText
+	return d.Reactions
 }
 
-// GetTFVCProject returns the TFVCProject field if it's non-nil, zero value otherwise.
-func (i *Import) GetTFVCProject() string {
-	if i == nil || i.TFVCProject == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (d *DiscussionComment) GetUpdatedAt() Timestamp {
+	if d == nil || d.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *i.TFVCProject
+	return *d.UpdatedAt
 }
 
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (i *Import) GetURL() string {
-	if i == nil || i.URL == nil {
+func (d *DiscussionComment) GetURL() string {
+	if d == nil || d.URL == nil {
 		return ""
 	}
-	return *i.URL
+	return *d.URL
 }
 
-// GetUseLFS returns the UseLFS field if it's non-nil, zero value otherwise.
-func (i *Import) GetUseLFS() string {
-	if i == nil || i.UseLFS == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (d *DiscussionCommentEvent) GetAction() string {
+	if d == nil || d.Action == nil {
 		return ""
 	}
-	return *i.UseLFS
+	return *d.Action
 }
 
-// GetVCS returns the VCS field if it's non-nil, zero value otherwise.
-func (i *Import) GetVCS() string {
-	if i == nil || i.VCS == nil {
-		return ""
+// GetComment returns the Comment field.
+func (d *DiscussionCommentEvent) GetComment() *CommentDiscussion {
+	if d == nil {
+		return nil
 	}
-	return *i.VCS
+	return d.Comment
 }
 
-// GetVCSPassword returns the VCSPassword field if it's non-nil, zero value otherwise.
-func (i *Import) GetVCSPassword() string {
-	if i == nil || i.VCSPassword == nil {
-		return ""
+// GetDiscussion returns the Discussion field.
+func (d *DiscussionCommentEvent) GetDiscussion() *Discussion {
+	if d == nil {
+		return nil
 	}
-	return *i.VCSPassword
+	return d.Discussion
 }
 
-// GetVCSURL returns the VCSURL field if it's non-nil, zero value otherwise.
-func (i *Import) GetVCSURL() string {
-	if i == nil || i.VCSURL == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (d *DiscussionCommentEvent) GetInstallation() *Installation {
+	if d == nil {
+		return nil
 	}
-	return *i.VCSURL
+	return d.Installation
 }
 
-// GetVCSUsername returns the VCSUsername field if it's non-nil, zero value otherwise.
-func (i *Import) GetVCSUsername() string {
-	if i == nil || i.VCSUsername == nil {
-		return ""
+// GetOrg returns the Org field.
+func (d *DiscussionCommentEvent) GetOrg() *Organization {
+	if d == nil {
+		return nil
 	}
-	return *i.VCSUsername
+	return d.Org
 }
 
-// GetAccessTokensURL returns the AccessTokensURL field if it's non-nil, zero value otherwise.
-func (i *Installation) GetAccessTokensURL() string {
-	if i == nil || i.AccessTokensURL == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (d *DiscussionCommentEvent) GetRepo() *Repository {
+	if d == nil {
+		return nil
 	}
-	return *i.AccessTokensURL
+	return d.Repo
 }
 
-// GetAccount returns the Account field.
-func (i *Installation) GetAccount() *User {
-	if i == nil {
+// GetSender returns the Sender field.
+func (d *DiscussionCommentEvent) GetSender() *User {
+	if d == nil {
 		return nil
 	}
-	return i.Account
+	return d.Sender
 }
 
-// GetAppID returns the AppID field if it's non-nil, zero value otherwise.
-func (i *Installation) GetAppID() int64 {
-	if i == nil || i.AppID == nil {
-		return 0
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (d *DiscussionEvent) GetAction() string {
+	if d == nil || d.Action == nil {
+		return ""
 	}
-	return *i.AppID
+	return *d.Action
 }
 
-// GetAppSlug returns the AppSlug field if it's non-nil, zero value otherwise.
-func (i *Installation) GetAppSlug() string {
-	if i == nil || i.AppSlug == nil {
-		return ""
+// GetDiscussion returns the Discussion field.
+func (d *DiscussionEvent) GetDiscussion() *Discussion {
+	if d == nil {
+		return nil
 	}
-	return *i.AppSlug
+	return d.Discussion
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (i *Installation) GetCreatedAt() Timestamp {
-	if i == nil || i.CreatedAt == nil {
-		return Timestamp{}
+// GetInstallation returns the Installation field.
+func (d *DiscussionEvent) GetInstallation() *Installation {
+	if d == nil {
+		return nil
 	}
-	return *i.CreatedAt
+	return d.Installation
 }
 
-// GetHasMultipleSingleFiles returns the HasMultipleSingleFiles field if it's non-nil, zero value otherwise.
-func (i *Installation) GetHasMultipleSingleFiles() bool {
-	if i == nil || i.HasMultipleSingleFiles == nil {
-		return false
+// GetOrg returns the Org field.
+func (d *DiscussionEvent) GetOrg() *Organization {
+	if d == nil {
+		return nil
 	}
-	return *i.HasMultipleSingleFiles
+	return d.Org
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (i *Installation) GetHTMLURL() string {
-	if i == nil || i.HTMLURL == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (d *DiscussionEvent) GetRepo() *Repository {
+	if d == nil {
+		return nil
 	}
-	return *i.HTMLURL
+	return d.Repo
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (i *Installation) GetID() int64 {
-	if i == nil || i.ID == nil {
-		return 0
+// GetSender returns the Sender field.
+func (d *DiscussionEvent) GetSender() *User {
+	if d == nil {
+		return nil
 	}
-	return *i.ID
+	return d.Sender
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (i *Installation) GetNodeID() string {
-	if i == nil || i.NodeID == nil {
-		return ""
+// GetApps returns the Apps field if it's non-nil, zero value otherwise.
+func (d *DismissalRestrictionsRequest) GetApps() []string {
+	if d == nil || d.Apps == nil {
+		return nil
 	}
-	return *i.NodeID
+	return *d.Apps
 }
 
-// GetPermissions returns the Permissions field.
-func (i *Installation) GetPermissions() *InstallationPermissions {
-	if i == nil {
+// GetTeams returns the Teams field if it's non-nil, zero value otherwise.
+func (d *DismissalRestrictionsRequest) GetTeams() []string {
+	if d == nil || d.Teams == nil {
 		return nil
 	}
-	return i.Permissions
+	return *d.Teams
 }
 
-// GetRepositoriesURL returns the RepositoriesURL field if it's non-nil, zero value otherwise.
-func (i *Installation) GetRepositoriesURL() string {
-	if i == nil || i.RepositoriesURL == nil {
-		return ""
+// GetUsers returns the Users field if it's non-nil, zero value otherwise.
+func (d *DismissalRestrictionsRequest) GetUsers() []string {
+	if d == nil || d.Users == nil {
+		return nil
 	}
-	return *i.RepositoriesURL
+	return *d.Users
 }
 
-// GetRepositorySelection returns the RepositorySelection field if it's non-nil, zero value otherwise.
-func (i *Installation) GetRepositorySelection() string {
-	if i == nil || i.RepositorySelection == nil {
+// GetDismissalCommitID returns the DismissalCommitID field if it's non-nil, zero value otherwise.
+func (d *DismissedReview) GetDismissalCommitID() string {
+	if d == nil || d.DismissalCommitID == nil {
 		return ""
 	}
-	return *i.RepositorySelection
+	return *d.DismissalCommitID
 }
 
-// GetSingleFileName returns the SingleFileName field if it's non-nil, zero value otherwise.
-func (i *Installation) GetSingleFileName() string {
-	if i == nil || i.SingleFileName == nil {
+// GetDismissalMessage returns the DismissalMessage field if it's non-nil, zero value otherwise.
+func (d *DismissedReview) GetDismissalMessage() string {
+	if d == nil || d.DismissalMessage == nil {
 		return ""
 	}
-	return *i.SingleFileName
+	return *d.DismissalMessage
 }
 
-// GetSuspendedAt returns the SuspendedAt field if it's non-nil, zero value otherwise.
-func (i *Installation) GetSuspendedAt() Timestamp {
-	if i == nil || i.SuspendedAt == nil {
-		return Timestamp{}
+// GetReviewID returns the ReviewID field if it's non-nil, zero value otherwise.
+func (d *DismissedReview) GetReviewID() int64 {
+	if d == nil || d.ReviewID == nil {
+		return 0
 	}
-	return *i.SuspendedAt
+	return *d.ReviewID
 }
 
-// GetSuspendedBy returns the SuspendedBy field.
-func (i *Installation) GetSuspendedBy() *User {
-	if i == nil {
-		return nil
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (d *DismissedReview) GetState() string {
+	if d == nil || d.State == nil {
+		return ""
 	}
-	return i.SuspendedBy
+	return *d.State
 }
 
-// GetTargetID returns the TargetID field if it's non-nil, zero value otherwise.
-func (i *Installation) GetTargetID() int64 {
-	if i == nil || i.TargetID == nil {
-		return 0
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (d *DismissStaleReviewsOnPushChanges) GetFrom() bool {
+	if d == nil || d.From == nil {
+		return false
 	}
-	return *i.TargetID
+	return *d.From
 }
 
-// GetTargetType returns the TargetType field if it's non-nil, zero value otherwise.
-func (i *Installation) GetTargetType() string {
-	if i == nil || i.TargetType == nil {
+// GetClientPayload returns the ClientPayload field if it's non-nil, zero value otherwise.
+func (d *DispatchRequestOptions) GetClientPayload() json.RawMessage {
+	if d == nil || d.ClientPayload == nil {
+		return json.RawMessage{}
+	}
+	return *d.ClientPayload
+}
+
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (d *DraftReviewComment) GetBody() string {
+	if d == nil || d.Body == nil {
 		return ""
 	}
-	return *i.TargetType
+	return *d.Body
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (i *Installation) GetUpdatedAt() Timestamp {
-	if i == nil || i.UpdatedAt == nil {
-		return Timestamp{}
+// GetLine returns the Line field if it's non-nil, zero value otherwise.
+func (d *DraftReviewComment) GetLine() int {
+	if d == nil || d.Line == nil {
+		return 0
 	}
-	return *i.UpdatedAt
+	return *d.Line
 }
 
-// GetLogin returns the Login field.
-func (i *InstallationChanges) GetLogin() *InstallationLoginChange {
-	if i == nil {
-		return nil
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (d *DraftReviewComment) GetPath() string {
+	if d == nil || d.Path == nil {
+		return ""
 	}
-	return i.Login
+	return *d.Path
 }
 
-// GetSlug returns the Slug field.
-func (i *InstallationChanges) GetSlug() *InstallationSlugChange {
-	if i == nil {
-		return nil
+// GetPosition returns the Position field if it's non-nil, zero value otherwise.
+func (d *DraftReviewComment) GetPosition() int {
+	if d == nil || d.Position == nil {
+		return 0
 	}
-	return i.Slug
+	return *d.Position
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (i *InstallationEvent) GetAction() string {
-	if i == nil || i.Action == nil {
+// GetSide returns the Side field if it's non-nil, zero value otherwise.
+func (d *DraftReviewComment) GetSide() string {
+	if d == nil || d.Side == nil {
 		return ""
 	}
-	return *i.Action
+	return *d.Side
 }
 
-// GetInstallation returns the Installation field.
-func (i *InstallationEvent) GetInstallation() *Installation {
-	if i == nil {
-		return nil
+// GetStartLine returns the StartLine field if it's non-nil, zero value otherwise.
+func (d *DraftReviewComment) GetStartLine() int {
+	if d == nil || d.StartLine == nil {
+		return 0
 	}
-	return i.Installation
+	return *d.StartLine
 }
 
-// GetRequester returns the Requester field.
-func (i *InstallationEvent) GetRequester() *User {
-	if i == nil {
-		return nil
+// GetStartSide returns the StartSide field if it's non-nil, zero value otherwise.
+func (d *DraftReviewComment) GetStartSide() string {
+	if d == nil || d.StartSide == nil {
+		return ""
 	}
-	return i.Requester
+	return *d.StartSide
 }
 
-// GetSender returns the Sender field.
-func (i *InstallationEvent) GetSender() *User {
-	if i == nil {
+// GetRef returns the Ref field.
+func (e *EditBase) GetRef() *EditRef {
+	if e == nil {
 		return nil
 	}
-	return i.Sender
+	return e.Ref
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (i *InstallationLoginChange) GetFrom() string {
-	if i == nil || i.From == nil {
-		return ""
+// GetSHA returns the SHA field.
+func (e *EditBase) GetSHA() *EditSHA {
+	if e == nil {
+		return nil
 	}
-	return *i.From
+	return e.SHA
 }
 
-// GetActions returns the Actions field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetActions() string {
-	if i == nil || i.Actions == nil {
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (e *EditBody) GetFrom() string {
+	if e == nil || e.From == nil {
 		return ""
 	}
-	return *i.Actions
+	return *e.From
 }
 
-// GetAdministration returns the Administration field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetAdministration() string {
-	if i == nil || i.Administration == nil {
-		return ""
+// GetBase returns the Base field.
+func (e *EditChange) GetBase() *EditBase {
+	if e == nil {
+		return nil
 	}
-	return *i.Administration
+	return e.Base
 }
 
-// GetBlocking returns the Blocking field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetBlocking() string {
-	if i == nil || i.Blocking == nil {
-		return ""
+// GetBody returns the Body field.
+func (e *EditChange) GetBody() *EditBody {
+	if e == nil {
+		return nil
 	}
-	return *i.Blocking
+	return e.Body
 }
 
-// GetChecks returns the Checks field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetChecks() string {
-	if i == nil || i.Checks == nil {
-		return ""
+// GetDefaultBranch returns the DefaultBranch field.
+func (e *EditChange) GetDefaultBranch() *EditDefaultBranch {
+	if e == nil {
+		return nil
 	}
-	return *i.Checks
+	return e.DefaultBranch
 }
 
-// GetContentReferences returns the ContentReferences field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetContentReferences() string {
-	if i == nil || i.ContentReferences == nil {
-		return ""
+// GetOwner returns the Owner field.
+func (e *EditChange) GetOwner() *EditOwner {
+	if e == nil {
+		return nil
 	}
-	return *i.ContentReferences
+	return e.Owner
 }
 
-// GetContents returns the Contents field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetContents() string {
-	if i == nil || i.Contents == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (e *EditChange) GetRepo() *EditRepo {
+	if e == nil {
+		return nil
 	}
-	return *i.Contents
+	return e.Repo
 }
 
-// GetDeployments returns the Deployments field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetDeployments() string {
-	if i == nil || i.Deployments == nil {
-		return ""
+// GetTitle returns the Title field.
+func (e *EditChange) GetTitle() *EditTitle {
+	if e == nil {
+		return nil
 	}
-	return *i.Deployments
+	return e.Title
 }
 
-// GetEmails returns the Emails field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetEmails() string {
-	if i == nil || i.Emails == nil {
-		return ""
+// GetTopics returns the Topics field.
+func (e *EditChange) GetTopics() *EditTopics {
+	if e == nil {
+		return nil
 	}
-	return *i.Emails
+	return e.Topics
 }
 
-// GetEnvironments returns the Environments field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetEnvironments() string {
-	if i == nil || i.Environments == nil {
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (e *EditDefaultBranch) GetFrom() string {
+	if e == nil || e.From == nil {
 		return ""
 	}
-	return *i.Environments
+	return *e.From
 }
 
-// GetFollowers returns the Followers field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetFollowers() string {
-	if i == nil || i.Followers == nil {
-		return ""
+// GetOwnerInfo returns the OwnerInfo field.
+func (e *EditOwner) GetOwnerInfo() *OwnerInfo {
+	if e == nil {
+		return nil
 	}
-	return *i.Followers
+	return e.OwnerInfo
 }
 
-// GetIssues returns the Issues field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetIssues() string {
-	if i == nil || i.Issues == nil {
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (e *EditRef) GetFrom() string {
+	if e == nil || e.From == nil {
 		return ""
 	}
-	return *i.Issues
+	return *e.From
 }
 
-// GetMembers returns the Members field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetMembers() string {
-	if i == nil || i.Members == nil {
-		return ""
+// GetName returns the Name field.
+func (e *EditRepo) GetName() *RepoName {
+	if e == nil {
+		return nil
 	}
-	return *i.Members
+	return e.Name
 }
 
-// GetMetadata returns the Metadata field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetMetadata() string {
-	if i == nil || i.Metadata == nil {
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (e *EditSHA) GetFrom() string {
+	if e == nil || e.From == nil {
 		return ""
 	}
-	return *i.Metadata
+	return *e.From
 }
 
-// GetOrganizationAdministration returns the OrganizationAdministration field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetOrganizationAdministration() string {
-	if i == nil || i.OrganizationAdministration == nil {
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (e *EditTitle) GetFrom() string {
+	if e == nil || e.From == nil {
 		return ""
 	}
-	return *i.OrganizationAdministration
+	return *e.From
 }
 
-// GetOrganizationCustomRoles returns the OrganizationCustomRoles field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetOrganizationCustomRoles() string {
-	if i == nil || i.OrganizationCustomRoles == nil {
+// GetAvatarURL returns the AvatarURL field if it's non-nil, zero value otherwise.
+func (e *Enterprise) GetAvatarURL() string {
+	if e == nil || e.AvatarURL == nil {
 		return ""
 	}
-	return *i.OrganizationCustomRoles
+	return *e.AvatarURL
 }
 
-// GetOrganizationHooks returns the OrganizationHooks field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetOrganizationHooks() string {
-	if i == nil || i.OrganizationHooks == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (e *Enterprise) GetCreatedAt() Timestamp {
+	if e == nil || e.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *i.OrganizationHooks
+	return *e.CreatedAt
 }
 
-// GetOrganizationPackages returns the OrganizationPackages field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetOrganizationPackages() string {
-	if i == nil || i.OrganizationPackages == nil {
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (e *Enterprise) GetDescription() string {
+	if e == nil || e.Description == nil {
 		return ""
 	}
-	return *i.OrganizationPackages
+	return *e.Description
 }
 
-// GetOrganizationPlan returns the OrganizationPlan field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetOrganizationPlan() string {
-	if i == nil || i.OrganizationPlan == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (e *Enterprise) GetHTMLURL() string {
+	if e == nil || e.HTMLURL == nil {
 		return ""
 	}
-	return *i.OrganizationPlan
+	return *e.HTMLURL
 }
 
-// GetOrganizationPreReceiveHooks returns the OrganizationPreReceiveHooks field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetOrganizationPreReceiveHooks() string {
-	if i == nil || i.OrganizationPreReceiveHooks == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (e *Enterprise) GetID() int {
+	if e == nil || e.ID == nil {
+		return 0
 	}
-	return *i.OrganizationPreReceiveHooks
+	return *e.ID
 }
 
-// GetOrganizationProjects returns the OrganizationProjects field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetOrganizationProjects() string {
-	if i == nil || i.OrganizationProjects == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (e *Enterprise) GetName() string {
+	if e == nil || e.Name == nil {
 		return ""
 	}
-	return *i.OrganizationProjects
+	return *e.Name
 }
 
-// GetOrganizationSecrets returns the OrganizationSecrets field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetOrganizationSecrets() string {
-	if i == nil || i.OrganizationSecrets == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (e *Enterprise) GetNodeID() string {
+	if e == nil || e.NodeID == nil {
 		return ""
 	}
-	return *i.OrganizationSecrets
+	return *e.NodeID
 }
 
-// GetOrganizationSelfHostedRunners returns the OrganizationSelfHostedRunners field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetOrganizationSelfHostedRunners() string {
-	if i == nil || i.OrganizationSelfHostedRunners == nil {
+// GetSlug returns the Slug field if it's non-nil, zero value otherwise.
+func (e *Enterprise) GetSlug() string {
+	if e == nil || e.Slug == nil {
 		return ""
 	}
-	return *i.OrganizationSelfHostedRunners
+	return *e.Slug
 }
 
-// GetOrganizationUserBlocking returns the OrganizationUserBlocking field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetOrganizationUserBlocking() string {
-	if i == nil || i.OrganizationUserBlocking == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (e *Enterprise) GetUpdatedAt() Timestamp {
+	if e == nil || e.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *i.OrganizationUserBlocking
+	return *e.UpdatedAt
 }
 
-// GetPackages returns the Packages field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetPackages() string {
-	if i == nil || i.Packages == nil {
+// GetWebsiteURL returns the WebsiteURL field if it's non-nil, zero value otherwise.
+func (e *Enterprise) GetWebsiteURL() string {
+	if e == nil || e.WebsiteURL == nil {
 		return ""
 	}
-	return *i.Packages
+	return *e.WebsiteURL
 }
 
-// GetPages returns the Pages field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetPages() string {
-	if i == nil || i.Pages == nil {
-		return ""
+// GetAllowsPublicRepositories returns the AllowsPublicRepositories field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetAllowsPublicRepositories() bool {
+	if e == nil || e.AllowsPublicRepositories == nil {
+		return false
 	}
-	return *i.Pages
+	return *e.AllowsPublicRepositories
 }
 
-// GetPullRequests returns the PullRequests field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetPullRequests() string {
-	if i == nil || i.PullRequests == nil {
-		return ""
+// GetDefault returns the Default field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetDefault() bool {
+	if e == nil || e.Default == nil {
+		return false
 	}
-	return *i.PullRequests
+	return *e.Default
 }
 
-// GetRepositoryHooks returns the RepositoryHooks field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetRepositoryHooks() string {
-	if i == nil || i.RepositoryHooks == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetID() int64 {
+	if e == nil || e.ID == nil {
+		return 0
 	}
-	return *i.RepositoryHooks
+	return *e.ID
 }
 
-// GetRepositoryPreReceiveHooks returns the RepositoryPreReceiveHooks field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetRepositoryPreReceiveHooks() string {
-	if i == nil || i.RepositoryPreReceiveHooks == nil {
-		return ""
+// GetInherited returns the Inherited field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetInherited() bool {
+	if e == nil || e.Inherited == nil {
+		return false
 	}
-	return *i.RepositoryPreReceiveHooks
+	return *e.Inherited
 }
 
-// GetRepositoryProjects returns the RepositoryProjects field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetRepositoryProjects() string {
-	if i == nil || i.RepositoryProjects == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetName() string {
+	if e == nil || e.Name == nil {
 		return ""
 	}
-	return *i.RepositoryProjects
+	return *e.Name
 }
 
-// GetSecrets returns the Secrets field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetSecrets() string {
-	if i == nil || i.Secrets == nil {
-		return ""
+// GetRestrictedToWorkflows returns the RestrictedToWorkflows field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetRestrictedToWorkflows() bool {
+	if e == nil || e.RestrictedToWorkflows == nil {
+		return false
 	}
-	return *i.Secrets
+	return *e.RestrictedToWorkflows
 }
 
-// GetSecretScanningAlerts returns the SecretScanningAlerts field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetSecretScanningAlerts() string {
-	if i == nil || i.SecretScanningAlerts == nil {
+// GetRunnersURL returns the RunnersURL field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetRunnersURL() string {
+	if e == nil || e.RunnersURL == nil {
 		return ""
 	}
-	return *i.SecretScanningAlerts
+	return *e.RunnersURL
 }
 
-// GetSecurityEvents returns the SecurityEvents field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetSecurityEvents() string {
-	if i == nil || i.SecurityEvents == nil {
+// GetSelectedOrganizationsURL returns the SelectedOrganizationsURL field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetSelectedOrganizationsURL() string {
+	if e == nil || e.SelectedOrganizationsURL == nil {
 		return ""
 	}
-	return *i.SecurityEvents
+	return *e.SelectedOrganizationsURL
 }
 
-// GetSingleFile returns the SingleFile field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetSingleFile() string {
-	if i == nil || i.SingleFile == nil {
+// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetVisibility() string {
+	if e == nil || e.Visibility == nil {
 		return ""
 	}
-	return *i.SingleFile
+	return *e.Visibility
 }
 
-// GetStatuses returns the Statuses field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetStatuses() string {
-	if i == nil || i.Statuses == nil {
-		return ""
+// GetWorkflowRestrictionsReadOnly returns the WorkflowRestrictionsReadOnly field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroup) GetWorkflowRestrictionsReadOnly() bool {
+	if e == nil || e.WorkflowRestrictionsReadOnly == nil {
+		return false
 	}
-	return *i.Statuses
+	return *e.WorkflowRestrictionsReadOnly
 }
 
-// GetTeamDiscussions returns the TeamDiscussions field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetTeamDiscussions() string {
-	if i == nil || i.TeamDiscussions == nil {
-		return ""
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (e *EnterpriseRunnerGroups) GetTotalCount() int {
+	if e == nil || e.TotalCount == nil {
+		return 0
 	}
-	return *i.TeamDiscussions
+	return *e.TotalCount
 }
 
-// GetVulnerabilityAlerts returns the VulnerabilityAlerts field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetVulnerabilityAlerts() string {
-	if i == nil || i.VulnerabilityAlerts == nil {
-		return ""
+// GetAdvancedSecurityEnabledForNewRepositories returns the AdvancedSecurityEnabledForNewRepositories field if it's non-nil, zero value otherwise.
+func (e *EnterpriseSecurityAnalysisSettings) GetAdvancedSecurityEnabledForNewRepositories() bool {
+	if e == nil || e.AdvancedSecurityEnabledForNewRepositories == nil {
+		return false
 	}
-	return *i.VulnerabilityAlerts
+	return *e.AdvancedSecurityEnabledForNewRepositories
 }
 
-// GetWorkflows returns the Workflows field if it's non-nil, zero value otherwise.
-func (i *InstallationPermissions) GetWorkflows() string {
-	if i == nil || i.Workflows == nil {
-		return ""
+// GetSecretScanningEnabledForNewRepositories returns the SecretScanningEnabledForNewRepositories field if it's non-nil, zero value otherwise.
+func (e *EnterpriseSecurityAnalysisSettings) GetSecretScanningEnabledForNewRepositories() bool {
+	if e == nil || e.SecretScanningEnabledForNewRepositories == nil {
+		return false
 	}
-	return *i.Workflows
+	return *e.SecretScanningEnabledForNewRepositories
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (i *InstallationRepositoriesEvent) GetAction() string {
-	if i == nil || i.Action == nil {
+// GetSecretScanningPushProtectionCustomLink returns the SecretScanningPushProtectionCustomLink field if it's non-nil, zero value otherwise.
+func (e *EnterpriseSecurityAnalysisSettings) GetSecretScanningPushProtectionCustomLink() string {
+	if e == nil || e.SecretScanningPushProtectionCustomLink == nil {
 		return ""
 	}
-	return *i.Action
+	return *e.SecretScanningPushProtectionCustomLink
 }
 
-// GetInstallation returns the Installation field.
-func (i *InstallationRepositoriesEvent) GetInstallation() *Installation {
-	if i == nil {
-		return nil
+// GetSecretScanningPushProtectionEnabledForNewRepositories returns the SecretScanningPushProtectionEnabledForNewRepositories field if it's non-nil, zero value otherwise.
+func (e *EnterpriseSecurityAnalysisSettings) GetSecretScanningPushProtectionEnabledForNewRepositories() bool {
+	if e == nil || e.SecretScanningPushProtectionEnabledForNewRepositories == nil {
+		return false
 	}
-	return i.Installation
+	return *e.SecretScanningPushProtectionEnabledForNewRepositories
 }
 
-// GetRepositorySelection returns the RepositorySelection field if it's non-nil, zero value otherwise.
-func (i *InstallationRepositoriesEvent) GetRepositorySelection() string {
-	if i == nil || i.RepositorySelection == nil {
-		return ""
+// GetSecretScanningValidityChecksEnabled returns the SecretScanningValidityChecksEnabled field if it's non-nil, zero value otherwise.
+func (e *EnterpriseSecurityAnalysisSettings) GetSecretScanningValidityChecksEnabled() bool {
+	if e == nil || e.SecretScanningValidityChecksEnabled == nil {
+		return false
 	}
-	return *i.RepositorySelection
+	return *e.SecretScanningValidityChecksEnabled
 }
 
-// GetSender returns the Sender field.
-func (i *InstallationRepositoriesEvent) GetSender() *User {
-	if i == nil {
-		return nil
+// GetCanAdminsBypass returns the CanAdminsBypass field if it's non-nil, zero value otherwise.
+func (e *Environment) GetCanAdminsBypass() bool {
+	if e == nil || e.CanAdminsBypass == nil {
+		return false
 	}
-	return i.Sender
+	return *e.CanAdminsBypass
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (i *InstallationSlugChange) GetFrom() string {
-	if i == nil || i.From == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (e *Environment) GetCreatedAt() Timestamp {
+	if e == nil || e.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *i.From
+	return *e.CreatedAt
 }
 
-// GetAccount returns the Account field.
-func (i *InstallationTargetEvent) GetAccount() *User {
-	if i == nil {
+// GetDeploymentBranchPolicy returns the DeploymentBranchPolicy field.
+func (e *Environment) GetDeploymentBranchPolicy() *BranchPolicy {
+	if e == nil {
 		return nil
 	}
-	return i.Account
+	return e.DeploymentBranchPolicy
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (i *InstallationTargetEvent) GetAction() string {
-	if i == nil || i.Action == nil {
+// GetEnvironmentName returns the EnvironmentName field if it's non-nil, zero value otherwise.
+func (e *Environment) GetEnvironmentName() string {
+	if e == nil || e.EnvironmentName == nil {
 		return ""
 	}
-	return *i.Action
+	return *e.EnvironmentName
 }
 
-// GetChanges returns the Changes field.
-func (i *InstallationTargetEvent) GetChanges() *InstallationChanges {
-	if i == nil {
-		return nil
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (e *Environment) GetHTMLURL() string {
+	if e == nil || e.HTMLURL == nil {
+		return ""
 	}
-	return i.Changes
+	return *e.HTMLURL
 }
 
-// GetEnterprise returns the Enterprise field.
-func (i *InstallationTargetEvent) GetEnterprise() *Enterprise {
-	if i == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (e *Environment) GetID() int64 {
+	if e == nil || e.ID == nil {
+		return 0
 	}
-	return i.Enterprise
+	return *e.ID
 }
 
-// GetInstallation returns the Installation field.
-func (i *InstallationTargetEvent) GetInstallation() *Installation {
-	if i == nil {
-		return nil
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (e *Environment) GetName() string {
+	if e == nil || e.Name == nil {
+		return ""
 	}
-	return i.Installation
+	return *e.Name
 }
 
-// GetOrganization returns the Organization field.
-func (i *InstallationTargetEvent) GetOrganization() *Organization {
-	if i == nil {
-		return nil
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (e *Environment) GetNodeID() string {
+	if e == nil || e.NodeID == nil {
+		return ""
 	}
-	return i.Organization
+	return *e.NodeID
 }
 
-// GetRepository returns the Repository field.
-func (i *InstallationTargetEvent) GetRepository() *Repository {
-	if i == nil {
-		return nil
+// GetOwner returns the Owner field if it's non-nil, zero value otherwise.
+func (e *Environment) GetOwner() string {
+	if e == nil || e.Owner == nil {
+		return ""
 	}
-	return i.Repository
+	return *e.Owner
 }
 
-// GetSender returns the Sender field.
-func (i *InstallationTargetEvent) GetSender() *User {
-	if i == nil {
-		return nil
+// GetRepo returns the Repo field if it's non-nil, zero value otherwise.
+func (e *Environment) GetRepo() string {
+	if e == nil || e.Repo == nil {
+		return ""
 	}
-	return i.Sender
+	return *e.Repo
 }
 
-// GetTargetType returns the TargetType field if it's non-nil, zero value otherwise.
-func (i *InstallationTargetEvent) GetTargetType() string {
-	if i == nil || i.TargetType == nil {
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (e *Environment) GetUpdatedAt() Timestamp {
+	if e == nil || e.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *e.UpdatedAt
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (e *Environment) GetURL() string {
+	if e == nil || e.URL == nil {
 		return ""
 	}
-	return *i.TargetType
+	return *e.URL
 }
 
-// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
-func (i *InstallationToken) GetExpiresAt() Timestamp {
-	if i == nil || i.ExpiresAt == nil {
-		return Timestamp{}
+// GetWaitTimer returns the WaitTimer field if it's non-nil, zero value otherwise.
+func (e *Environment) GetWaitTimer() int {
+	if e == nil || e.WaitTimer == nil {
+		return 0
 	}
-	return *i.ExpiresAt
+	return *e.WaitTimer
 }
 
-// GetPermissions returns the Permissions field.
-func (i *InstallationToken) GetPermissions() *InstallationPermissions {
-	if i == nil {
-		return nil
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (e *EnvResponse) GetTotalCount() int {
+	if e == nil || e.TotalCount == nil {
+		return 0
 	}
-	return i.Permissions
+	return *e.TotalCount
 }
 
-// GetToken returns the Token field if it's non-nil, zero value otherwise.
-func (i *InstallationToken) GetToken() string {
-	if i == nil || i.Token == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (e *EnvReviewers) GetID() int64 {
+	if e == nil || e.ID == nil {
+		return 0
 	}
-	return *i.Token
+	return *e.ID
 }
 
-// GetPermissions returns the Permissions field.
-func (i *InstallationTokenOptions) GetPermissions() *InstallationPermissions {
-	if i == nil {
-		return nil
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (e *EnvReviewers) GetType() string {
+	if e == nil || e.Type == nil {
+		return ""
 	}
-	return i.Permissions
+	return *e.Type
 }
 
-// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
-func (i *InteractionRestriction) GetExpiresAt() Timestamp {
-	if i == nil || i.ExpiresAt == nil {
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (e *ErrorBlock) GetCreatedAt() Timestamp {
+	if e == nil || e.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *i.ExpiresAt
+	return *e.CreatedAt
 }
 
-// GetLimit returns the Limit field if it's non-nil, zero value otherwise.
-func (i *InteractionRestriction) GetLimit() string {
-	if i == nil || i.Limit == nil {
-		return ""
+// GetBlock returns the Block field.
+func (e *ErrorResponse) GetBlock() *ErrorBlock {
+	if e == nil {
+		return nil
 	}
-	return *i.Limit
+	return e.Block
 }
 
-// GetOrigin returns the Origin field if it's non-nil, zero value otherwise.
-func (i *InteractionRestriction) GetOrigin() string {
-	if i == nil || i.Origin == nil {
-		return ""
+// GetActor returns the Actor field.
+func (e *Event) GetActor() *User {
+	if e == nil {
+		return nil
 	}
-	return *i.Origin
+	return e.Actor
 }
 
 // GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (i *Invitation) GetCreatedAt() Timestamp {
-	if i == nil || i.CreatedAt == nil {
+func (e *Event) GetCreatedAt() Timestamp {
+	if e == nil || e.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *i.CreatedAt
+	return *e.CreatedAt
 }
 
-// GetEmail returns the Email field if it's non-nil, zero value otherwise.
-func (i *Invitation) GetEmail() string {
-	if i == nil || i.Email == nil {
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (e *Event) GetID() string {
+	if e == nil || e.ID == nil {
 		return ""
 	}
-	return *i.Email
+	return *e.ID
 }
 
-// GetFailedAt returns the FailedAt field if it's non-nil, zero value otherwise.
-func (i *Invitation) GetFailedAt() Timestamp {
-	if i == nil || i.FailedAt == nil {
-		return Timestamp{}
+// GetOrg returns the Org field.
+func (e *Event) GetOrg() *Organization {
+	if e == nil {
+		return nil
 	}
-	return *i.FailedAt
+	return e.Org
 }
 
-// GetFailedReason returns the FailedReason field if it's non-nil, zero value otherwise.
-func (i *Invitation) GetFailedReason() string {
-	if i == nil || i.FailedReason == nil {
+// GetPublic returns the Public field if it's non-nil, zero value otherwise.
+func (e *Event) GetPublic() bool {
+	if e == nil || e.Public == nil {
+		return false
+	}
+	return *e.Public
+}
+
+// GetRawPayload returns the RawPayload field if it's non-nil, zero value otherwise.
+func (e *Event) GetRawPayload() json.RawMessage {
+	if e == nil || e.RawPayload == nil {
+		return json.RawMessage{}
+	}
+	return *e.RawPayload
+}
+
+// GetRepo returns the Repo field.
+func (e *Event) GetRepo() *Repository {
+	if e == nil {
+		return nil
+	}
+	return e.Repo
+}
+
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (e *Event) GetType() string {
+	if e == nil || e.Type == nil {
 		return ""
 	}
-	return *i.FailedReason
+	return *e.Type
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (i *Invitation) GetID() int64 {
-	if i == nil || i.ID == nil {
+// GetGroupID returns the GroupID field if it's non-nil, zero value otherwise.
+func (e *ExternalGroup) GetGroupID() int64 {
+	if e == nil || e.GroupID == nil {
 		return 0
 	}
-	return *i.ID
+	return *e.GroupID
 }
 
-// GetInvitationTeamURL returns the InvitationTeamURL field if it's non-nil, zero value otherwise.
-func (i *Invitation) GetInvitationTeamURL() string {
-	if i == nil || i.InvitationTeamURL == nil {
+// GetGroupName returns the GroupName field if it's non-nil, zero value otherwise.
+func (e *ExternalGroup) GetGroupName() string {
+	if e == nil || e.GroupName == nil {
 		return ""
 	}
-	return *i.InvitationTeamURL
+	return *e.GroupName
 }
 
-// GetInviter returns the Inviter field.
-func (i *Invitation) GetInviter() *User {
-	if i == nil {
-		return nil
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (e *ExternalGroup) GetUpdatedAt() Timestamp {
+	if e == nil || e.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return i.Inviter
+	return *e.UpdatedAt
 }
 
-// GetLogin returns the Login field if it's non-nil, zero value otherwise.
-func (i *Invitation) GetLogin() string {
-	if i == nil || i.Login == nil {
+// GetMemberEmail returns the MemberEmail field if it's non-nil, zero value otherwise.
+func (e *ExternalGroupMember) GetMemberEmail() string {
+	if e == nil || e.MemberEmail == nil {
 		return ""
 	}
-	return *i.Login
+	return *e.MemberEmail
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (i *Invitation) GetNodeID() string {
-	if i == nil || i.NodeID == nil {
+// GetMemberID returns the MemberID field if it's non-nil, zero value otherwise.
+func (e *ExternalGroupMember) GetMemberID() int64 {
+	if e == nil || e.MemberID == nil {
+		return 0
+	}
+	return *e.MemberID
+}
+
+// GetMemberLogin returns the MemberLogin field if it's non-nil, zero value otherwise.
+func (e *ExternalGroupMember) GetMemberLogin() string {
+	if e == nil || e.MemberLogin == nil {
 		return ""
 	}
-	return *i.NodeID
+	return *e.MemberLogin
 }
 
-// GetRole returns the Role field if it's non-nil, zero value otherwise.
-func (i *Invitation) GetRole() string {
-	if i == nil || i.Role == nil {
+// GetMemberName returns the MemberName field if it's non-nil, zero value otherwise.
+func (e *ExternalGroupMember) GetMemberName() string {
+	if e == nil || e.MemberName == nil {
 		return ""
 	}
-	return *i.Role
+	return *e.MemberName
 }
 
-// GetTeamCount returns the TeamCount field if it's non-nil, zero value otherwise.
-func (i *Invitation) GetTeamCount() int {
-	if i == nil || i.TeamCount == nil {
+// GetTeamID returns the TeamID field if it's non-nil, zero value otherwise.
+func (e *ExternalGroupTeam) GetTeamID() int64 {
+	if e == nil || e.TeamID == nil {
 		return 0
 	}
-	return *i.TeamCount
+	return *e.TeamID
 }
 
-// GetActiveLockReason returns the ActiveLockReason field if it's non-nil, zero value otherwise.
-func (i *Issue) GetActiveLockReason() string {
-	if i == nil || i.ActiveLockReason == nil {
+// GetTeamName returns the TeamName field if it's non-nil, zero value otherwise.
+func (e *ExternalGroupTeam) GetTeamName() string {
+	if e == nil || e.TeamName == nil {
 		return ""
 	}
-	return *i.ActiveLockReason
+	return *e.TeamName
 }
 
-// GetAssignee returns the Assignee field.
-func (i *Issue) GetAssignee() *User {
-	if i == nil {
-		return nil
+// GetHRef returns the HRef field if it's non-nil, zero value otherwise.
+func (f *FeedLink) GetHRef() string {
+	if f == nil || f.HRef == nil {
+		return ""
 	}
-	return i.Assignee
+	return *f.HRef
 }
 
-// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
-func (i *Issue) GetAuthorAssociation() string {
-	if i == nil || i.AuthorAssociation == nil {
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (f *FeedLink) GetType() string {
+	if f == nil || f.Type == nil {
 		return ""
 	}
-	return *i.AuthorAssociation
+	return *f.Type
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (i *Issue) GetBody() string {
-	if i == nil || i.Body == nil {
-		return ""
+// GetCurrentUser returns the CurrentUser field.
+func (f *FeedLinks) GetCurrentUser() *FeedLink {
+	if f == nil {
+		return nil
 	}
-	return *i.Body
+	return f.CurrentUser
 }
 
-// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
-func (i *Issue) GetClosedAt() Timestamp {
-	if i == nil || i.ClosedAt == nil {
-		return Timestamp{}
+// GetCurrentUserActor returns the CurrentUserActor field.
+func (f *FeedLinks) GetCurrentUserActor() *FeedLink {
+	if f == nil {
+		return nil
 	}
-	return *i.ClosedAt
+	return f.CurrentUserActor
 }
 
-// GetClosedBy returns the ClosedBy field.
-func (i *Issue) GetClosedBy() *User {
-	if i == nil {
+// GetCurrentUserOrganization returns the CurrentUserOrganization field.
+func (f *FeedLinks) GetCurrentUserOrganization() *FeedLink {
+	if f == nil {
 		return nil
 	}
-	return i.ClosedBy
+	return f.CurrentUserOrganization
 }
 
-// GetComments returns the Comments field if it's non-nil, zero value otherwise.
-func (i *Issue) GetComments() int {
-	if i == nil || i.Comments == nil {
-		return 0
+// GetCurrentUserPublic returns the CurrentUserPublic field.
+func (f *FeedLinks) GetCurrentUserPublic() *FeedLink {
+	if f == nil {
+		return nil
 	}
-	return *i.Comments
+	return f.CurrentUserPublic
 }
 
-// GetCommentsURL returns the CommentsURL field if it's non-nil, zero value otherwise.
-func (i *Issue) GetCommentsURL() string {
-	if i == nil || i.CommentsURL == nil {
-		return ""
+// GetTimeline returns the Timeline field.
+func (f *FeedLinks) GetTimeline() *FeedLink {
+	if f == nil {
+		return nil
 	}
-	return *i.CommentsURL
+	return f.Timeline
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (i *Issue) GetCreatedAt() Timestamp {
-	if i == nil || i.CreatedAt == nil {
-		return Timestamp{}
+// GetUser returns the User field.
+func (f *FeedLinks) GetUser() *FeedLink {
+	if f == nil {
+		return nil
 	}
-	return *i.CreatedAt
+	return f.User
 }
 
-// GetEventsURL returns the EventsURL field if it's non-nil, zero value otherwise.
-func (i *Issue) GetEventsURL() string {
-	if i == nil || i.EventsURL == nil {
+// GetCurrentUserActorURL returns the CurrentUserActorURL field if it's non-nil, zero value otherwise.
+func (f *Feeds) GetCurrentUserActorURL() string {
+	if f == nil || f.CurrentUserActorURL == nil {
 		return ""
 	}
-	return *i.EventsURL
+	return *f.CurrentUserActorURL
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (i *Issue) GetHTMLURL() string {
-	if i == nil || i.HTMLURL == nil {
+// GetCurrentUserOrganizationURL returns the CurrentUserOrganizationURL field if it's non-nil, zero value otherwise.
+func (f *Feeds) GetCurrentUserOrganizationURL() string {
+	if f == nil || f.CurrentUserOrganizationURL == nil {
 		return ""
 	}
-	return *i.HTMLURL
+	return *f.CurrentUserOrganizationURL
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (i *Issue) GetID() int64 {
-	if i == nil || i.ID == nil {
-		return 0
+// GetCurrentUserPublicURL returns the CurrentUserPublicURL field if it's non-nil, zero value otherwise.
+func (f *Feeds) GetCurrentUserPublicURL() string {
+	if f == nil || f.CurrentUserPublicURL == nil {
+		return ""
 	}
-	return *i.ID
+	return *f.CurrentUserPublicURL
 }
 
-// GetLabelsURL returns the LabelsURL field if it's non-nil, zero value otherwise.
-func (i *Issue) GetLabelsURL() string {
-	if i == nil || i.LabelsURL == nil {
+// GetCurrentUserURL returns the CurrentUserURL field if it's non-nil, zero value otherwise.
+func (f *Feeds) GetCurrentUserURL() string {
+	if f == nil || f.CurrentUserURL == nil {
 		return ""
 	}
-	return *i.LabelsURL
+	return *f.CurrentUserURL
 }
 
-// GetLocked returns the Locked field if it's non-nil, zero value otherwise.
-func (i *Issue) GetLocked() bool {
-	if i == nil || i.Locked == nil {
-		return false
+// GetLinks returns the Links field.
+func (f *Feeds) GetLinks() *FeedLinks {
+	if f == nil {
+		return nil
 	}
-	return *i.Locked
+	return f.Links
 }
 
-// GetMilestone returns the Milestone field.
-func (i *Issue) GetMilestone() *Milestone {
-	if i == nil {
-		return nil
+// GetTimelineURL returns the TimelineURL field if it's non-nil, zero value otherwise.
+func (f *Feeds) GetTimelineURL() string {
+	if f == nil || f.TimelineURL == nil {
+		return ""
 	}
-	return i.Milestone
+	return *f.TimelineURL
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (i *Issue) GetNodeID() string {
-	if i == nil || i.NodeID == nil {
+// GetUserURL returns the UserURL field if it's non-nil, zero value otherwise.
+func (f *Feeds) GetUserURL() string {
+	if f == nil || f.UserURL == nil {
 		return ""
 	}
-	return *i.NodeID
+	return *f.UserURL
 }
 
-// GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (i *Issue) GetNumber() int {
-	if i == nil || i.Number == nil {
-		return 0
+// GetIdentifier returns the Identifier field if it's non-nil, zero value otherwise.
+func (f *FirstPatchedVersion) GetIdentifier() string {
+	if f == nil || f.Identifier == nil {
+		return ""
 	}
-	return *i.Number
+	return *f.Identifier
 }
 
-// GetPullRequestLinks returns the PullRequestLinks field.
-func (i *Issue) GetPullRequestLinks() *PullRequestLinks {
-	if i == nil {
+// GetForkee returns the Forkee field.
+func (f *ForkEvent) GetForkee() *Repository {
+	if f == nil {
 		return nil
 	}
-	return i.PullRequestLinks
+	return f.Forkee
 }
 
-// GetReactions returns the Reactions field.
-func (i *Issue) GetReactions() *Reactions {
-	if i == nil {
+// GetInstallation returns the Installation field.
+func (f *ForkEvent) GetInstallation() *Installation {
+	if f == nil {
 		return nil
 	}
-	return i.Reactions
+	return f.Installation
 }
 
-// GetRepository returns the Repository field.
-func (i *Issue) GetRepository() *Repository {
-	if i == nil {
+// GetRepo returns the Repo field.
+func (f *ForkEvent) GetRepo() *Repository {
+	if f == nil {
 		return nil
 	}
-	return i.Repository
+	return f.Repo
 }
 
-// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
-func (i *Issue) GetRepositoryURL() string {
-	if i == nil || i.RepositoryURL == nil {
-		return ""
+// GetSender returns the Sender field.
+func (f *ForkEvent) GetSender() *User {
+	if f == nil {
+		return nil
 	}
-	return *i.RepositoryURL
+	return f.Sender
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (i *Issue) GetState() string {
-	if i == nil || i.State == nil {
+// GetWorkFolder returns the WorkFolder field if it's non-nil, zero value otherwise.
+func (g *GenerateJITConfigRequest) GetWorkFolder() string {
+	if g == nil || g.WorkFolder == nil {
 		return ""
 	}
-	return *i.State
+	return *g.WorkFolder
 }
 
-// GetStateReason returns the StateReason field if it's non-nil, zero value otherwise.
-func (i *Issue) GetStateReason() string {
-	if i == nil || i.StateReason == nil {
+// GetPreviousTagName returns the PreviousTagName field if it's non-nil, zero value otherwise.
+func (g *GenerateNotesOptions) GetPreviousTagName() string {
+	if g == nil || g.PreviousTagName == nil {
 		return ""
 	}
-	return *i.StateReason
+	return *g.PreviousTagName
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (i *Issue) GetTitle() string {
-	if i == nil || i.Title == nil {
+// GetTargetCommitish returns the TargetCommitish field if it's non-nil, zero value otherwise.
+func (g *GenerateNotesOptions) GetTargetCommitish() string {
+	if g == nil || g.TargetCommitish == nil {
 		return ""
 	}
-	return *i.Title
-}
-
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (i *Issue) GetUpdatedAt() Timestamp {
-	if i == nil || i.UpdatedAt == nil {
-		return Timestamp{}
-	}
-	return *i.UpdatedAt
+	return *g.TargetCommitish
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (i *Issue) GetURL() string {
-	if i == nil || i.URL == nil {
+// GetInclude returns the Include field if it's non-nil, zero value otherwise.
+func (g *GetAuditLogOptions) GetInclude() string {
+	if g == nil || g.Include == nil {
 		return ""
 	}
-	return *i.URL
+	return *g.Include
 }
 
-// GetUser returns the User field.
-func (i *Issue) GetUser() *User {
-	if i == nil {
-		return nil
+// GetOrder returns the Order field if it's non-nil, zero value otherwise.
+func (g *GetAuditLogOptions) GetOrder() string {
+	if g == nil || g.Order == nil {
+		return ""
 	}
-	return i.User
+	return *g.Order
 }
 
-// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
-func (i *IssueComment) GetAuthorAssociation() string {
-	if i == nil || i.AuthorAssociation == nil {
+// GetPhrase returns the Phrase field if it's non-nil, zero value otherwise.
+func (g *GetAuditLogOptions) GetPhrase() string {
+	if g == nil || g.Phrase == nil {
 		return ""
 	}
-	return *i.AuthorAssociation
+	return *g.Phrase
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (i *IssueComment) GetBody() string {
-	if i == nil || i.Body == nil {
-		return ""
+// GetComments returns the Comments field if it's non-nil, zero value otherwise.
+func (g *Gist) GetComments() int {
+	if g == nil || g.Comments == nil {
+		return 0
 	}
-	return *i.Body
+	return *g.Comments
 }
 
 // GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (i *IssueComment) GetCreatedAt() Timestamp {
-	if i == nil || i.CreatedAt == nil {
+func (g *Gist) GetCreatedAt() Timestamp {
+	if g == nil || g.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *i.CreatedAt
+	return *g.CreatedAt
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (i *IssueComment) GetHTMLURL() string {
-	if i == nil || i.HTMLURL == nil {
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (g *Gist) GetDescription() string {
+	if g == nil || g.Description == nil {
 		return ""
 	}
-	return *i.HTMLURL
+	return *g.Description
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (i *IssueComment) GetID() int64 {
-	if i == nil || i.ID == nil {
-		return 0
+// GetFiles returns the Files map if it's non-nil, an empty map otherwise.
+func (g *Gist) GetFiles() map[GistFilename]GistFile {
+	if g == nil || g.Files == nil {
+		return map[GistFilename]GistFile{}
 	}
-	return *i.ID
+	return g.Files
 }
 
-// GetIssueURL returns the IssueURL field if it's non-nil, zero value otherwise.
-func (i *IssueComment) GetIssueURL() string {
-	if i == nil || i.IssueURL == nil {
+// GetGitPullURL returns the GitPullURL field if it's non-nil, zero value otherwise.
+func (g *Gist) GetGitPullURL() string {
+	if g == nil || g.GitPullURL == nil {
 		return ""
 	}
-	return *i.IssueURL
+	return *g.GitPullURL
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (i *IssueComment) GetNodeID() string {
-	if i == nil || i.NodeID == nil {
+// GetGitPushURL returns the GitPushURL field if it's non-nil, zero value otherwise.
+func (g *Gist) GetGitPushURL() string {
+	if g == nil || g.GitPushURL == nil {
 		return ""
 	}
-	return *i.NodeID
+	return *g.GitPushURL
 }
 
-// GetReactions returns the Reactions field.
-func (i *IssueComment) GetReactions() *Reactions {
-	if i == nil {
-		return nil
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (g *Gist) GetHTMLURL() string {
+	if g == nil || g.HTMLURL == nil {
+		return ""
 	}
-	return i.Reactions
+	return *g.HTMLURL
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (i *IssueComment) GetUpdatedAt() Timestamp {
-	if i == nil || i.UpdatedAt == nil {
-		return Timestamp{}
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (g *Gist) GetID() string {
+	if g == nil || g.ID == nil {
+		return ""
 	}
-	return *i.UpdatedAt
+	return *g.ID
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (i *IssueComment) GetURL() string {
-	if i == nil || i.URL == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (g *Gist) GetNodeID() string {
+	if g == nil || g.NodeID == nil {
 		return ""
 	}
-	return *i.URL
+	return *g.NodeID
 }
 
-// GetUser returns the User field.
-func (i *IssueComment) GetUser() *User {
-	if i == nil {
+// GetOwner returns the Owner field.
+func (g *Gist) GetOwner() *User {
+	if g == nil {
 		return nil
 	}
-	return i.User
+	return g.Owner
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (i *IssueCommentEvent) GetAction() string {
-	if i == nil || i.Action == nil {
-		return ""
+// GetPublic returns the Public field if it's non-nil, zero value otherwise.
+func (g *Gist) GetPublic() bool {
+	if g == nil || g.Public == nil {
+		return false
 	}
-	return *i.Action
+	return *g.Public
 }
 
-// GetChanges returns the Changes field.
-func (i *IssueCommentEvent) GetChanges() *EditChange {
-	if i == nil {
-		return nil
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (g *Gist) GetUpdatedAt() Timestamp {
+	if g == nil || g.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return i.Changes
+	return *g.UpdatedAt
 }
 
-// GetComment returns the Comment field.
-func (i *IssueCommentEvent) GetComment() *IssueComment {
-	if i == nil {
-		return nil
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (g *GistComment) GetBody() string {
+	if g == nil || g.Body == nil {
+		return ""
 	}
-	return i.Comment
+	return *g.Body
 }
 
-// GetInstallation returns the Installation field.
-func (i *IssueCommentEvent) GetInstallation() *Installation {
-	if i == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (g *GistComment) GetCreatedAt() Timestamp {
+	if g == nil || g.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return i.Installation
+	return *g.CreatedAt
 }
 
-// GetIssue returns the Issue field.
-func (i *IssueCommentEvent) GetIssue() *Issue {
-	if i == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (g *GistComment) GetID() int64 {
+	if g == nil || g.ID == nil {
+		return 0
 	}
-	return i.Issue
+	return *g.ID
 }
 
-// GetOrganization returns the Organization field.
-func (i *IssueCommentEvent) GetOrganization() *Organization {
-	if i == nil {
-		return nil
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (g *GistComment) GetURL() string {
+	if g == nil || g.URL == nil {
+		return ""
 	}
-	return i.Organization
+	return *g.URL
 }
 
-// GetRepo returns the Repo field.
-func (i *IssueCommentEvent) GetRepo() *Repository {
-	if i == nil {
+// GetUser returns the User field.
+func (g *GistComment) GetUser() *User {
+	if g == nil {
 		return nil
 	}
-	return i.Repo
+	return g.User
 }
 
-// GetSender returns the Sender field.
-func (i *IssueCommentEvent) GetSender() *User {
-	if i == nil {
-		return nil
-	}
-	return i.Sender
-}
-
-// GetActor returns the Actor field.
-func (i *IssueEvent) GetActor() *User {
-	if i == nil {
+// GetChangeStatus returns the ChangeStatus field.
+func (g *GistCommit) GetChangeStatus() *CommitStats {
+	if g == nil {
 		return nil
 	}
-	return i.Actor
+	return g.ChangeStatus
 }
 
-// GetAssignee returns the Assignee field.
-func (i *IssueEvent) GetAssignee() *User {
-	if i == nil {
-		return nil
+// GetCommittedAt returns the CommittedAt field if it's non-nil, zero value otherwise.
+func (g *GistCommit) GetCommittedAt() Timestamp {
+	if g == nil || g.CommittedAt == nil {
+		return Timestamp{}
 	}
-	return i.Assignee
+	return *g.CommittedAt
 }
 
-// GetAssigner returns the Assigner field.
-func (i *IssueEvent) GetAssigner() *User {
-	if i == nil {
-		return nil
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (g *GistCommit) GetNodeID() string {
+	if g == nil || g.NodeID == nil {
+		return ""
 	}
-	return i.Assigner
+	return *g.NodeID
 }
 
-// GetCommitID returns the CommitID field if it's non-nil, zero value otherwise.
-func (i *IssueEvent) GetCommitID() string {
-	if i == nil || i.CommitID == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (g *GistCommit) GetURL() string {
+	if g == nil || g.URL == nil {
 		return ""
 	}
-	return *i.CommitID
+	return *g.URL
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (i *IssueEvent) GetCreatedAt() Timestamp {
-	if i == nil || i.CreatedAt == nil {
-		return Timestamp{}
+// GetUser returns the User field.
+func (g *GistCommit) GetUser() *User {
+	if g == nil {
+		return nil
 	}
-	return *i.CreatedAt
+	return g.User
 }
 
-// GetDismissedReview returns the DismissedReview field.
-func (i *IssueEvent) GetDismissedReview() *DismissedReview {
-	if i == nil {
-		return nil
+// GetVersion returns the Version field if it's non-nil, zero value otherwise.
+func (g *GistCommit) GetVersion() string {
+	if g == nil || g.Version == nil {
+		return ""
 	}
-	return i.DismissedReview
+	return *g.Version
 }
 
-// GetEvent returns the Event field if it's non-nil, zero value otherwise.
-func (i *IssueEvent) GetEvent() string {
-	if i == nil || i.Event == nil {
+// GetContent returns the Content field if it's non-nil, zero value otherwise.
+func (g *GistFile) GetContent() string {
+	if g == nil || g.Content == nil {
 		return ""
 	}
-	return *i.Event
+	return *g.Content
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (i *IssueEvent) GetID() int64 {
-	if i == nil || i.ID == nil {
-		return 0
+// GetFilename returns the Filename field if it's non-nil, zero value otherwise.
+func (g *GistFile) GetFilename() string {
+	if g == nil || g.Filename == nil {
+		return ""
 	}
-	return *i.ID
+	return *g.Filename
 }
 
-// GetIssue returns the Issue field.
-func (i *IssueEvent) GetIssue() *Issue {
-	if i == nil {
-		return nil
+// GetLanguage returns the Language field if it's non-nil, zero value otherwise.
+func (g *GistFile) GetLanguage() string {
+	if g == nil || g.Language == nil {
+		return ""
 	}
-	return i.Issue
+	return *g.Language
 }
 
-// GetLabel returns the Label field.
-func (i *IssueEvent) GetLabel() *Label {
-	if i == nil {
-		return nil
+// GetRawURL returns the RawURL field if it's non-nil, zero value otherwise.
+func (g *GistFile) GetRawURL() string {
+	if g == nil || g.RawURL == nil {
+		return ""
 	}
-	return i.Label
+	return *g.RawURL
 }
 
-// GetLockReason returns the LockReason field if it's non-nil, zero value otherwise.
-func (i *IssueEvent) GetLockReason() string {
-	if i == nil || i.LockReason == nil {
-		return ""
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (g *GistFile) GetSize() int {
+	if g == nil || g.Size == nil {
+		return 0
 	}
-	return *i.LockReason
+	return *g.Size
 }
 
-// GetMilestone returns the Milestone field.
-func (i *IssueEvent) GetMilestone() *Milestone {
-	if i == nil {
-		return nil
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (g *GistFile) GetType() string {
+	if g == nil || g.Type == nil {
+		return ""
 	}
-	return i.Milestone
+	return *g.Type
 }
 
-// GetProjectCard returns the ProjectCard field.
-func (i *IssueEvent) GetProjectCard() *ProjectCard {
-	if i == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (g *GistFork) GetCreatedAt() Timestamp {
+	if g == nil || g.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return i.ProjectCard
+	return *g.CreatedAt
 }
 
-// GetRename returns the Rename field.
-func (i *IssueEvent) GetRename() *Rename {
-	if i == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (g *GistFork) GetID() string {
+	if g == nil || g.ID == nil {
+		return ""
 	}
-	return i.Rename
+	return *g.ID
 }
 
-// GetRequestedReviewer returns the RequestedReviewer field.
-func (i *IssueEvent) GetRequestedReviewer() *User {
-	if i == nil {
-		return nil
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (g *GistFork) GetNodeID() string {
+	if g == nil || g.NodeID == nil {
+		return ""
 	}
-	return i.RequestedReviewer
+	return *g.NodeID
 }
 
-// GetReviewRequester returns the ReviewRequester field.
-func (i *IssueEvent) GetReviewRequester() *User {
-	if i == nil {
-		return nil
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (g *GistFork) GetUpdatedAt() Timestamp {
+	if g == nil || g.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return i.ReviewRequester
+	return *g.UpdatedAt
 }
 
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (i *IssueEvent) GetURL() string {
-	if i == nil || i.URL == nil {
+func (g *GistFork) GetURL() string {
+	if g == nil || g.URL == nil {
 		return ""
 	}
-	return *i.URL
+	return *g.URL
 }
 
-// GetAssignee returns the Assignee field if it's non-nil, zero value otherwise.
-func (i *IssueImport) GetAssignee() string {
-	if i == nil || i.Assignee == nil {
-		return ""
+// GetUser returns the User field.
+func (g *GistFork) GetUser() *User {
+	if g == nil {
+		return nil
 	}
-	return *i.Assignee
+	return g.User
 }
 
-// GetClosed returns the Closed field if it's non-nil, zero value otherwise.
-func (i *IssueImport) GetClosed() bool {
-	if i == nil || i.Closed == nil {
-		return false
+// GetPrivateGists returns the PrivateGists field if it's non-nil, zero value otherwise.
+func (g *GistStats) GetPrivateGists() int {
+	if g == nil || g.PrivateGists == nil {
+		return 0
 	}
-	return *i.Closed
+	return *g.PrivateGists
 }
 
-// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
-func (i *IssueImport) GetClosedAt() Timestamp {
-	if i == nil || i.ClosedAt == nil {
-		return Timestamp{}
+// GetPublicGists returns the PublicGists field if it's non-nil, zero value otherwise.
+func (g *GistStats) GetPublicGists() int {
+	if g == nil || g.PublicGists == nil {
+		return 0
 	}
-	return *i.ClosedAt
+	return *g.PublicGists
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (i *IssueImport) GetCreatedAt() Timestamp {
-	if i == nil || i.CreatedAt == nil {
-		return Timestamp{}
+// GetTotalGists returns the TotalGists field if it's non-nil, zero value otherwise.
+func (g *GistStats) GetTotalGists() int {
+	if g == nil || g.TotalGists == nil {
+		return 0
 	}
-	return *i.CreatedAt
+	return *g.TotalGists
 }
 
-// GetMilestone returns the Milestone field if it's non-nil, zero value otherwise.
-func (i *IssueImport) GetMilestone() int {
-	if i == nil || i.Milestone == nil {
-		return 0
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (g *GitHubAppAuthorizationEvent) GetAction() string {
+	if g == nil || g.Action == nil {
+		return ""
 	}
-	return *i.Milestone
+	return *g.Action
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (i *IssueImport) GetUpdatedAt() Timestamp {
-	if i == nil || i.UpdatedAt == nil {
-		return Timestamp{}
+// GetInstallation returns the Installation field.
+func (g *GitHubAppAuthorizationEvent) GetInstallation() *Installation {
+	if g == nil {
+		return nil
 	}
-	return *i.UpdatedAt
+	return g.Installation
 }
 
-// GetCode returns the Code field if it's non-nil, zero value otherwise.
-func (i *IssueImportError) GetCode() string {
-	if i == nil || i.Code == nil {
-		return ""
+// GetSender returns the Sender field.
+func (g *GitHubAppAuthorizationEvent) GetSender() *User {
+	if g == nil {
+		return nil
 	}
-	return *i.Code
+	return g.Sender
 }
 
-// GetField returns the Field field if it's non-nil, zero value otherwise.
-func (i *IssueImportError) GetField() string {
-	if i == nil || i.Field == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (g *Gitignore) GetName() string {
+	if g == nil || g.Name == nil {
 		return ""
 	}
-	return *i.Field
+	return *g.Name
 }
 
-// GetLocation returns the Location field if it's non-nil, zero value otherwise.
-func (i *IssueImportError) GetLocation() string {
-	if i == nil || i.Location == nil {
+// GetSource returns the Source field if it's non-nil, zero value otherwise.
+func (g *Gitignore) GetSource() string {
+	if g == nil || g.Source == nil {
 		return ""
 	}
-	return *i.Location
+	return *g.Source
 }
 
-// GetResource returns the Resource field if it's non-nil, zero value otherwise.
-func (i *IssueImportError) GetResource() string {
-	if i == nil || i.Resource == nil {
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (g *GitObject) GetSHA() string {
+	if g == nil || g.SHA == nil {
 		return ""
 	}
-	return *i.Resource
+	return *g.SHA
 }
 
-// GetValue returns the Value field if it's non-nil, zero value otherwise.
-func (i *IssueImportError) GetValue() string {
-	if i == nil || i.Value == nil {
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (g *GitObject) GetType() string {
+	if g == nil || g.Type == nil {
 		return ""
 	}
-	return *i.Value
+	return *g.Type
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (i *IssueImportResponse) GetCreatedAt() Timestamp {
-	if i == nil || i.CreatedAt == nil {
-		return Timestamp{}
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (g *GitObject) GetURL() string {
+	if g == nil || g.URL == nil {
+		return ""
 	}
-	return *i.CreatedAt
+	return *g.URL
 }
 
-// GetDocumentationURL returns the DocumentationURL field if it's non-nil, zero value otherwise.
-func (i *IssueImportResponse) GetDocumentationURL() string {
-	if i == nil || i.DocumentationURL == nil {
-		return ""
+// GetGithubReviewedAt returns the GithubReviewedAt field if it's non-nil, zero value otherwise.
+func (g *GlobalSecurityAdvisory) GetGithubReviewedAt() Timestamp {
+	if g == nil || g.GithubReviewedAt == nil {
+		return Timestamp{}
 	}
-	return *i.DocumentationURL
+	return *g.GithubReviewedAt
 }
 
 // GetID returns the ID field if it's non-nil, zero value otherwise.
-func (i *IssueImportResponse) GetID() int {
-	if i == nil || i.ID == nil {
+func (g *GlobalSecurityAdvisory) GetID() int64 {
+	if g == nil || g.ID == nil {
 		return 0
 	}
-	return *i.ID
+	return *g.ID
 }
 
-// GetImportIssuesURL returns the ImportIssuesURL field if it's non-nil, zero value otherwise.
-func (i *IssueImportResponse) GetImportIssuesURL() string {
-	if i == nil || i.ImportIssuesURL == nil {
-		return ""
+// GetNVDPublishedAt returns the NVDPublishedAt field if it's non-nil, zero value otherwise.
+func (g *GlobalSecurityAdvisory) GetNVDPublishedAt() Timestamp {
+	if g == nil || g.NVDPublishedAt == nil {
+		return Timestamp{}
 	}
-	return *i.ImportIssuesURL
+	return *g.NVDPublishedAt
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (i *IssueImportResponse) GetMessage() string {
-	if i == nil || i.Message == nil {
+// GetRepositoryAdvisoryURL returns the RepositoryAdvisoryURL field if it's non-nil, zero value otherwise.
+func (g *GlobalSecurityAdvisory) GetRepositoryAdvisoryURL() string {
+	if g == nil || g.RepositoryAdvisoryURL == nil {
 		return ""
 	}
-	return *i.Message
+	return *g.RepositoryAdvisoryURL
 }
 
-// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
-func (i *IssueImportResponse) GetRepositoryURL() string {
-	if i == nil || i.RepositoryURL == nil {
+// GetSourceCodeLocation returns the SourceCodeLocation field if it's non-nil, zero value otherwise.
+func (g *GlobalSecurityAdvisory) GetSourceCodeLocation() string {
+	if g == nil || g.SourceCodeLocation == nil {
 		return ""
 	}
-	return *i.RepositoryURL
+	return *g.SourceCodeLocation
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (i *IssueImportResponse) GetStatus() string {
-	if i == nil || i.Status == nil {
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (g *GlobalSecurityAdvisory) GetType() string {
+	if g == nil || g.Type == nil {
 		return ""
 	}
-	return *i.Status
+	return *g.Type
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (i *IssueImportResponse) GetUpdatedAt() Timestamp {
-	if i == nil || i.UpdatedAt == nil {
-		return Timestamp{}
+// GetFirstPatchedVersion returns the FirstPatchedVersion field if it's non-nil, zero value otherwise.
+func (g *GlobalSecurityVulnerability) GetFirstPatchedVersion() string {
+	if g == nil || g.FirstPatchedVersion == nil {
+		return ""
 	}
-	return *i.UpdatedAt
+	return *g.FirstPatchedVersion
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (i *IssueImportResponse) GetURL() string {
-	if i == nil || i.URL == nil {
-		return ""
+// GetPackage returns the Package field.
+func (g *GlobalSecurityVulnerability) GetPackage() *VulnerabilityPackage {
+	if g == nil {
+		return nil
 	}
-	return *i.URL
+	return g.Package
 }
 
-// GetDirection returns the Direction field if it's non-nil, zero value otherwise.
-func (i *IssueListCommentsOptions) GetDirection() string {
-	if i == nil || i.Direction == nil {
+// GetVulnerableVersionRange returns the VulnerableVersionRange field if it's non-nil, zero value otherwise.
+func (g *GlobalSecurityVulnerability) GetVulnerableVersionRange() string {
+	if g == nil || g.VulnerableVersionRange == nil {
 		return ""
 	}
-	return *i.Direction
+	return *g.VulnerableVersionRange
 }
 
-// GetSince returns the Since field if it's non-nil, zero value otherwise.
-func (i *IssueListCommentsOptions) GetSince() time.Time {
-	if i == nil || i.Since == nil {
-		return time.Time{}
+// GetInstallation returns the Installation field.
+func (g *GollumEvent) GetInstallation() *Installation {
+	if g == nil {
+		return nil
 	}
-	return *i.Since
+	return g.Installation
 }
 
-// GetSort returns the Sort field if it's non-nil, zero value otherwise.
-func (i *IssueListCommentsOptions) GetSort() string {
-	if i == nil || i.Sort == nil {
-		return ""
+// GetOrg returns the Org field.
+func (g *GollumEvent) GetOrg() *Organization {
+	if g == nil {
+		return nil
 	}
-	return *i.Sort
+	return g.Org
 }
 
-// GetAssignee returns the Assignee field if it's non-nil, zero value otherwise.
-func (i *IssueRequest) GetAssignee() string {
-	if i == nil || i.Assignee == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (g *GollumEvent) GetRepo() *Repository {
+	if g == nil {
+		return nil
 	}
-	return *i.Assignee
+	return g.Repo
 }
 
-// GetAssignees returns the Assignees field if it's non-nil, zero value otherwise.
-func (i *IssueRequest) GetAssignees() []string {
-	if i == nil || i.Assignees == nil {
+// GetSender returns the Sender field.
+func (g *GollumEvent) GetSender() *User {
+	if g == nil {
 		return nil
 	}
-	return *i.Assignees
+	return g.Sender
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (i *IssueRequest) GetBody() string {
-	if i == nil || i.Body == nil {
+// GetEmail returns the Email field if it's non-nil, zero value otherwise.
+func (g *GPGEmail) GetEmail() string {
+	if g == nil || g.Email == nil {
 		return ""
 	}
-	return *i.Body
+	return *g.Email
 }
 
-// GetLabels returns the Labels field if it's non-nil, zero value otherwise.
-func (i *IssueRequest) GetLabels() []string {
-	if i == nil || i.Labels == nil {
-		return nil
+// GetVerified returns the Verified field if it's non-nil, zero value otherwise.
+func (g *GPGEmail) GetVerified() bool {
+	if g == nil || g.Verified == nil {
+		return false
 	}
-	return *i.Labels
+	return *g.Verified
 }
 
-// GetMilestone returns the Milestone field if it's non-nil, zero value otherwise.
-func (i *IssueRequest) GetMilestone() int {
-	if i == nil || i.Milestone == nil {
-		return 0
+// GetCanCertify returns the CanCertify field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetCanCertify() bool {
+	if g == nil || g.CanCertify == nil {
+		return false
 	}
-	return *i.Milestone
+	return *g.CanCertify
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (i *IssueRequest) GetState() string {
-	if i == nil || i.State == nil {
-		return ""
+// GetCanEncryptComms returns the CanEncryptComms field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetCanEncryptComms() bool {
+	if g == nil || g.CanEncryptComms == nil {
+		return false
 	}
-	return *i.State
+	return *g.CanEncryptComms
 }
 
-// GetStateReason returns the StateReason field if it's non-nil, zero value otherwise.
-func (i *IssueRequest) GetStateReason() string {
-	if i == nil || i.StateReason == nil {
-		return ""
+// GetCanEncryptStorage returns the CanEncryptStorage field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetCanEncryptStorage() bool {
+	if g == nil || g.CanEncryptStorage == nil {
+		return false
 	}
-	return *i.StateReason
+	return *g.CanEncryptStorage
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (i *IssueRequest) GetTitle() string {
-	if i == nil || i.Title == nil {
-		return ""
+// GetCanSign returns the CanSign field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetCanSign() bool {
+	if g == nil || g.CanSign == nil {
+		return false
 	}
-	return *i.Title
+	return *g.CanSign
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (i *IssuesEvent) GetAction() string {
-	if i == nil || i.Action == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetCreatedAt() Timestamp {
+	if g == nil || g.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *i.Action
+	return *g.CreatedAt
 }
 
-// GetAssignee returns the Assignee field.
-func (i *IssuesEvent) GetAssignee() *User {
-	if i == nil {
-		return nil
+// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetExpiresAt() Timestamp {
+	if g == nil || g.ExpiresAt == nil {
+		return Timestamp{}
 	}
-	return i.Assignee
+	return *g.ExpiresAt
 }
 
-// GetChanges returns the Changes field.
-func (i *IssuesEvent) GetChanges() *EditChange {
-	if i == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetID() int64 {
+	if g == nil || g.ID == nil {
+		return 0
 	}
-	return i.Changes
+	return *g.ID
 }
 
-// GetInstallation returns the Installation field.
-func (i *IssuesEvent) GetInstallation() *Installation {
-	if i == nil {
-		return nil
+// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetKeyID() string {
+	if g == nil || g.KeyID == nil {
+		return ""
 	}
-	return i.Installation
+	return *g.KeyID
 }
 
-// GetIssue returns the Issue field.
-func (i *IssuesEvent) GetIssue() *Issue {
-	if i == nil {
-		return nil
+// GetPrimaryKeyID returns the PrimaryKeyID field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetPrimaryKeyID() int64 {
+	if g == nil || g.PrimaryKeyID == nil {
+		return 0
 	}
-	return i.Issue
+	return *g.PrimaryKeyID
 }
 
-// GetLabel returns the Label field.
-func (i *IssuesEvent) GetLabel() *Label {
-	if i == nil {
-		return nil
+// GetPublicKey returns the PublicKey field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetPublicKey() string {
+	if g == nil || g.PublicKey == nil {
+		return ""
 	}
-	return i.Label
+	return *g.PublicKey
 }
 
-// GetMilestone returns the Milestone field.
-func (i *IssuesEvent) GetMilestone() *Milestone {
-	if i == nil {
-		return nil
+// GetRawKey returns the RawKey field if it's non-nil, zero value otherwise.
+func (g *GPGKey) GetRawKey() string {
+	if g == nil || g.RawKey == nil {
+		return ""
 	}
-	return i.Milestone
+	return *g.RawKey
 }
 
-// GetRepo returns the Repo field.
-func (i *IssuesEvent) GetRepo() *Repository {
-	if i == nil {
+// GetApp returns the App field.
+func (g *Grant) GetApp() *AuthorizationApp {
+	if g == nil {
 		return nil
 	}
-	return i.Repo
+	return g.App
 }
 
-// GetSender returns the Sender field.
-func (i *IssuesEvent) GetSender() *User {
-	if i == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (g *Grant) GetCreatedAt() Timestamp {
+	if g == nil || g.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return i.Sender
+	return *g.CreatedAt
 }
 
-// GetIncompleteResults returns the IncompleteResults field if it's non-nil, zero value otherwise.
-func (i *IssuesSearchResult) GetIncompleteResults() bool {
-	if i == nil || i.IncompleteResults == nil {
-		return false
-	}
-	return *i.IncompleteResults
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (g *Grant) GetID() int64 {
+	if g == nil || g.ID == nil {
+		return 0
+	}
+	return *g.ID
 }
 
-// GetTotal returns the Total field if it's non-nil, zero value otherwise.
-func (i *IssuesSearchResult) GetTotal() int {
-	if i == nil || i.Total == nil {
-		return 0
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (g *Grant) GetUpdatedAt() Timestamp {
+	if g == nil || g.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *i.Total
+	return *g.UpdatedAt
 }
 
-// GetClosedIssues returns the ClosedIssues field if it's non-nil, zero value otherwise.
-func (i *IssueStats) GetClosedIssues() int {
-	if i == nil || i.ClosedIssues == nil {
-		return 0
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (g *Grant) GetURL() string {
+	if g == nil || g.URL == nil {
+		return ""
 	}
-	return *i.ClosedIssues
+	return *g.URL
 }
 
-// GetOpenIssues returns the OpenIssues field if it's non-nil, zero value otherwise.
-func (i *IssueStats) GetOpenIssues() int {
-	if i == nil || i.OpenIssues == nil {
-		return 0
+// GetAuthor returns the Author field.
+func (h *HeadCommit) GetAuthor() *CommitAuthor {
+	if h == nil {
+		return nil
 	}
-	return *i.OpenIssues
+	return h.Author
 }
 
-// GetTotalIssues returns the TotalIssues field if it's non-nil, zero value otherwise.
-func (i *IssueStats) GetTotalIssues() int {
-	if i == nil || i.TotalIssues == nil {
-		return 0
+// GetCommitter returns the Committer field.
+func (h *HeadCommit) GetCommitter() *CommitAuthor {
+	if h == nil {
+		return nil
 	}
-	return *i.TotalIssues
+	return h.Committer
 }
 
-// GetEncodedJITConfig returns the EncodedJITConfig field if it's non-nil, zero value otherwise.
-func (j *JITRunnerConfig) GetEncodedJITConfig() string {
-	if j == nil || j.EncodedJITConfig == nil {
-		return ""
+// GetDistinct returns the Distinct field if it's non-nil, zero value otherwise.
+func (h *HeadCommit) GetDistinct() bool {
+	if h == nil || h.Distinct == nil {
+		return false
 	}
-	return *j.EncodedJITConfig
+	return *h.Distinct
 }
 
-// GetRunner returns the Runner field.
-func (j *JITRunnerConfig) GetRunner() *Runner {
-	if j == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (h *HeadCommit) GetID() string {
+	if h == nil || h.ID == nil {
+		return ""
 	}
-	return j.Runner
+	return *h.ID
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (j *Jobs) GetTotalCount() int {
-	if j == nil || j.TotalCount == nil {
-		return 0
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (h *HeadCommit) GetMessage() string {
+	if h == nil || h.Message == nil {
+		return ""
 	}
-	return *j.TotalCount
+	return *h.Message
 }
 
-// GetAddedBy returns the AddedBy field if it's non-nil, zero value otherwise.
-func (k *Key) GetAddedBy() string {
-	if k == nil || k.AddedBy == nil {
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (h *HeadCommit) GetSHA() string {
+	if h == nil || h.SHA == nil {
 		return ""
 	}
-	return *k.AddedBy
+	return *h.SHA
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (k *Key) GetCreatedAt() Timestamp {
-	if k == nil || k.CreatedAt == nil {
+// GetTimestamp returns the Timestamp field if it's non-nil, zero value otherwise.
+func (h *HeadCommit) GetTimestamp() Timestamp {
+	if h == nil || h.Timestamp == nil {
 		return Timestamp{}
 	}
-	return *k.CreatedAt
+	return *h.Timestamp
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (k *Key) GetID() int64 {
-	if k == nil || k.ID == nil {
-		return 0
+// GetTreeID returns the TreeID field if it's non-nil, zero value otherwise.
+func (h *HeadCommit) GetTreeID() string {
+	if h == nil || h.TreeID == nil {
+		return ""
 	}
-	return *k.ID
+	return *h.TreeID
 }
 
-// GetKey returns the Key field if it's non-nil, zero value otherwise.
-func (k *Key) GetKey() string {
-	if k == nil || k.Key == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (h *HeadCommit) GetURL() string {
+	if h == nil || h.URL == nil {
 		return ""
 	}
-	return *k.Key
+	return *h.URL
 }
 
-// GetLastUsed returns the LastUsed field if it's non-nil, zero value otherwise.
-func (k *Key) GetLastUsed() Timestamp {
-	if k == nil || k.LastUsed == nil {
+// GetActive returns the Active field if it's non-nil, zero value otherwise.
+func (h *Hook) GetActive() bool {
+	if h == nil || h.Active == nil {
+		return false
+	}
+	return *h.Active
+}
+
+// GetConfig returns the Config field.
+func (h *Hook) GetConfig() *HookConfig {
+	if h == nil {
+		return nil
+	}
+	return h.Config
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (h *Hook) GetCreatedAt() Timestamp {
+	if h == nil || h.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *k.LastUsed
+	return *h.CreatedAt
 }
 
-// GetReadOnly returns the ReadOnly field if it's non-nil, zero value otherwise.
-func (k *Key) GetReadOnly() bool {
-	if k == nil || k.ReadOnly == nil {
-		return false
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (h *Hook) GetID() int64 {
+	if h == nil || h.ID == nil {
+		return 0
 	}
-	return *k.ReadOnly
+	return *h.ID
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (k *Key) GetTitle() string {
-	if k == nil || k.Title == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (h *Hook) GetName() string {
+	if h == nil || h.Name == nil {
 		return ""
 	}
-	return *k.Title
+	return *h.Name
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (k *Key) GetURL() string {
-	if k == nil || k.URL == nil {
+// GetPingURL returns the PingURL field if it's non-nil, zero value otherwise.
+func (h *Hook) GetPingURL() string {
+	if h == nil || h.PingURL == nil {
 		return ""
 	}
-	return *k.URL
+	return *h.PingURL
 }
 
-// GetVerified returns the Verified field if it's non-nil, zero value otherwise.
-func (k *Key) GetVerified() bool {
-	if k == nil || k.Verified == nil {
-		return false
+// GetTestURL returns the TestURL field if it's non-nil, zero value otherwise.
+func (h *Hook) GetTestURL() string {
+	if h == nil || h.TestURL == nil {
+		return ""
 	}
-	return *k.Verified
+	return *h.TestURL
 }
 
-// GetColor returns the Color field if it's non-nil, zero value otherwise.
-func (l *Label) GetColor() string {
-	if l == nil || l.Color == nil {
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (h *Hook) GetType() string {
+	if h == nil || h.Type == nil {
 		return ""
 	}
-	return *l.Color
+	return *h.Type
 }
 
-// GetDefault returns the Default field if it's non-nil, zero value otherwise.
-func (l *Label) GetDefault() bool {
-	if l == nil || l.Default == nil {
-		return false
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (h *Hook) GetUpdatedAt() Timestamp {
+	if h == nil || h.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *l.Default
+	return *h.UpdatedAt
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (l *Label) GetDescription() string {
-	if l == nil || l.Description == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (h *Hook) GetURL() string {
+	if h == nil || h.URL == nil {
 		return ""
 	}
-	return *l.Description
+	return *h.URL
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (l *Label) GetID() int64 {
-	if l == nil || l.ID == nil {
-		return 0
+// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
+func (h *HookConfig) GetContentType() string {
+	if h == nil || h.ContentType == nil {
+		return ""
 	}
-	return *l.ID
+	return *h.ContentType
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (l *Label) GetName() string {
-	if l == nil || l.Name == nil {
+// GetInsecureSSL returns the InsecureSSL field if it's non-nil, zero value otherwise.
+func (h *HookConfig) GetInsecureSSL() string {
+	if h == nil || h.InsecureSSL == nil {
 		return ""
 	}
-	return *l.Name
+	return *h.InsecureSSL
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (l *Label) GetNodeID() string {
-	if l == nil || l.NodeID == nil {
+// GetSecret returns the Secret field if it's non-nil, zero value otherwise.
+func (h *HookConfig) GetSecret() string {
+	if h == nil || h.Secret == nil {
 		return ""
 	}
-	return *l.NodeID
+	return *h.Secret
 }
 
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (l *Label) GetURL() string {
-	if l == nil || l.URL == nil {
+func (h *HookConfig) GetURL() string {
+	if h == nil || h.URL == nil {
 		return ""
 	}
-	return *l.URL
+	return *h.URL
 }
 
 // GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (l *LabelEvent) GetAction() string {
-	if l == nil || l.Action == nil {
+func (h *HookDelivery) GetAction() string {
+	if h == nil || h.Action == nil {
 		return ""
 	}
-	return *l.Action
+	return *h.Action
 }
 
-// GetChanges returns the Changes field.
-func (l *LabelEvent) GetChanges() *EditChange {
-	if l == nil {
-		return nil
+// GetDeliveredAt returns the DeliveredAt field if it's non-nil, zero value otherwise.
+func (h *HookDelivery) GetDeliveredAt() Timestamp {
+	if h == nil || h.DeliveredAt == nil {
+		return Timestamp{}
 	}
-	return l.Changes
+	return *h.DeliveredAt
 }
 
-// GetInstallation returns the Installation field.
-func (l *LabelEvent) GetInstallation() *Installation {
-	if l == nil {
+// GetDuration returns the Duration field.
+func (h *HookDelivery) GetDuration() *float64 {
+	if h == nil {
 		return nil
 	}
-	return l.Installation
+	return h.Duration
 }
 
-// GetLabel returns the Label field.
-func (l *LabelEvent) GetLabel() *Label {
-	if l == nil {
-		return nil
-	}
-	return l.Label
+// GetEvent returns the Event field if it's non-nil, zero value otherwise.
+func (h *HookDelivery) GetEvent() string {
+	if h == nil || h.Event == nil {
+		return ""
+	}
+	return *h.Event
 }
 
-// GetOrg returns the Org field.
-func (l *LabelEvent) GetOrg() *Organization {
-	if l == nil {
-		return nil
+// GetGUID returns the GUID field if it's non-nil, zero value otherwise.
+func (h *HookDelivery) GetGUID() string {
+	if h == nil || h.GUID == nil {
+		return ""
 	}
-	return l.Org
+	return *h.GUID
 }
 
-// GetRepo returns the Repo field.
-func (l *LabelEvent) GetRepo() *Repository {
-	if l == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (h *HookDelivery) GetID() int64 {
+	if h == nil || h.ID == nil {
+		return 0
 	}
-	return l.Repo
+	return *h.ID
 }
 
-// GetSender returns the Sender field.
-func (l *LabelEvent) GetSender() *User {
-	if l == nil {
-		return nil
+// GetInstallationID returns the InstallationID field if it's non-nil, zero value otherwise.
+func (h *HookDelivery) GetInstallationID() int64 {
+	if h == nil || h.InstallationID == nil {
+		return 0
 	}
-	return l.Sender
+	return *h.InstallationID
 }
 
-// GetColor returns the Color field if it's non-nil, zero value otherwise.
-func (l *LabelResult) GetColor() string {
-	if l == nil || l.Color == nil {
-		return ""
+// GetRedelivery returns the Redelivery field if it's non-nil, zero value otherwise.
+func (h *HookDelivery) GetRedelivery() bool {
+	if h == nil || h.Redelivery == nil {
+		return false
 	}
-	return *l.Color
+	return *h.Redelivery
 }
 
-// GetDefault returns the Default field if it's non-nil, zero value otherwise.
-func (l *LabelResult) GetDefault() bool {
-	if l == nil || l.Default == nil {
-		return false
+// GetRepositoryID returns the RepositoryID field if it's non-nil, zero value otherwise.
+func (h *HookDelivery) GetRepositoryID() int64 {
+	if h == nil || h.RepositoryID == nil {
+		return 0
 	}
-	return *l.Default
+	return *h.RepositoryID
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (l *LabelResult) GetDescription() string {
-	if l == nil || l.Description == nil {
-		return ""
+// GetRequest returns the Request field.
+func (h *HookDelivery) GetRequest() *HookRequest {
+	if h == nil {
+		return nil
 	}
-	return *l.Description
+	return h.Request
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (l *LabelResult) GetID() int64 {
-	if l == nil || l.ID == nil {
-		return 0
+// GetResponse returns the Response field.
+func (h *HookDelivery) GetResponse() *HookResponse {
+	if h == nil {
+		return nil
 	}
-	return *l.ID
+	return h.Response
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (l *LabelResult) GetName() string {
-	if l == nil || l.Name == nil {
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (h *HookDelivery) GetStatus() string {
+	if h == nil || h.Status == nil {
 		return ""
 	}
-	return *l.Name
+	return *h.Status
 }
 
-// GetScore returns the Score field.
-func (l *LabelResult) GetScore() *float64 {
-	if l == nil {
-		return nil
+// GetStatusCode returns the StatusCode field if it's non-nil, zero value otherwise.
+func (h *HookDelivery) GetStatusCode() int {
+	if h == nil || h.StatusCode == nil {
+		return 0
 	}
-	return l.Score
+	return *h.StatusCode
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (l *LabelResult) GetURL() string {
-	if l == nil || l.URL == nil {
-		return ""
+// GetHeaders returns the Headers map if it's non-nil, an empty map otherwise.
+func (h *HookRequest) GetHeaders() map[string]string {
+	if h == nil || h.Headers == nil {
+		return map[string]string{}
 	}
-	return *l.URL
+	return h.Headers
 }
 
-// GetIncompleteResults returns the IncompleteResults field if it's non-nil, zero value otherwise.
-func (l *LabelsSearchResult) GetIncompleteResults() bool {
-	if l == nil || l.IncompleteResults == nil {
-		return false
+// GetRawPayload returns the RawPayload field if it's non-nil, zero value otherwise.
+func (h *HookRequest) GetRawPayload() json.RawMessage {
+	if h == nil || h.RawPayload == nil {
+		return json.RawMessage{}
 	}
-	return *l.IncompleteResults
+	return *h.RawPayload
 }
 
-// GetTotal returns the Total field if it's non-nil, zero value otherwise.
-func (l *LabelsSearchResult) GetTotal() int {
-	if l == nil || l.Total == nil {
-		return 0
+// GetHeaders returns the Headers map if it's non-nil, an empty map otherwise.
+func (h *HookResponse) GetHeaders() map[string]string {
+	if h == nil || h.Headers == nil {
+		return map[string]string{}
 	}
-	return *l.Total
+	return h.Headers
 }
 
-// GetOID returns the OID field if it's non-nil, zero value otherwise.
-func (l *LargeFile) GetOID() string {
-	if l == nil || l.OID == nil {
-		return ""
+// GetRawPayload returns the RawPayload field if it's non-nil, zero value otherwise.
+func (h *HookResponse) GetRawPayload() json.RawMessage {
+	if h == nil || h.RawPayload == nil {
+		return json.RawMessage{}
 	}
-	return *l.OID
+	return *h.RawPayload
 }
 
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (l *LargeFile) GetPath() string {
-	if l == nil || l.Path == nil {
-		return ""
+// GetActiveHooks returns the ActiveHooks field if it's non-nil, zero value otherwise.
+func (h *HookStats) GetActiveHooks() int {
+	if h == nil || h.ActiveHooks == nil {
+		return 0
 	}
-	return *l.Path
+	return *h.ActiveHooks
 }
 
-// GetRefName returns the RefName field if it's non-nil, zero value otherwise.
-func (l *LargeFile) GetRefName() string {
-	if l == nil || l.RefName == nil {
-		return ""
+// GetInactiveHooks returns the InactiveHooks field if it's non-nil, zero value otherwise.
+func (h *HookStats) GetInactiveHooks() int {
+	if h == nil || h.InactiveHooks == nil {
+		return 0
 	}
-	return *l.RefName
+	return *h.InactiveHooks
 }
 
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (l *LargeFile) GetSize() int {
-	if l == nil || l.Size == nil {
+// GetTotalHooks returns the TotalHooks field if it's non-nil, zero value otherwise.
+func (h *HookStats) GetTotalHooks() int {
+	if h == nil || h.TotalHooks == nil {
 		return 0
 	}
-	return *l.Size
+	return *h.TotalHooks
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (l *License) GetBody() string {
-	if l == nil || l.Body == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (h *HostedRunner) GetID() int64 {
+	if h == nil || h.ID == nil {
+		return 0
 	}
-	return *l.Body
+	return *h.ID
 }
 
-// GetConditions returns the Conditions field if it's non-nil, zero value otherwise.
-func (l *License) GetConditions() []string {
-	if l == nil || l.Conditions == nil {
+// GetImageDetails returns the ImageDetails field.
+func (h *HostedRunner) GetImageDetails() *HostedRunnerImageDetail {
+	if h == nil {
 		return nil
 	}
-	return *l.Conditions
+	return h.ImageDetails
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (l *License) GetDescription() string {
-	if l == nil || l.Description == nil {
-		return ""
+// GetLastActiveOn returns the LastActiveOn field if it's non-nil, zero value otherwise.
+func (h *HostedRunner) GetLastActiveOn() Timestamp {
+	if h == nil || h.LastActiveOn == nil {
+		return Timestamp{}
 	}
-	return *l.Description
+	return *h.LastActiveOn
 }
 
-// GetFeatured returns the Featured field if it's non-nil, zero value otherwise.
-func (l *License) GetFeatured() bool {
-	if l == nil || l.Featured == nil {
-		return false
+// GetMachineSizeDetails returns the MachineSizeDetails field.
+func (h *HostedRunner) GetMachineSizeDetails() *HostedRunnerMachineSpec {
+	if h == nil {
+		return nil
 	}
-	return *l.Featured
+	return h.MachineSizeDetails
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (l *License) GetHTMLURL() string {
-	if l == nil || l.HTMLURL == nil {
-		return ""
+// GetMaximumRunners returns the MaximumRunners field if it's non-nil, zero value otherwise.
+func (h *HostedRunner) GetMaximumRunners() int64 {
+	if h == nil || h.MaximumRunners == nil {
+		return 0
 	}
-	return *l.HTMLURL
+	return *h.MaximumRunners
 }
 
-// GetImplementation returns the Implementation field if it's non-nil, zero value otherwise.
-func (l *License) GetImplementation() string {
-	if l == nil || l.Implementation == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (h *HostedRunner) GetName() string {
+	if h == nil || h.Name == nil {
 		return ""
 	}
-	return *l.Implementation
+	return *h.Name
 }
 
-// GetKey returns the Key field if it's non-nil, zero value otherwise.
-func (l *License) GetKey() string {
-	if l == nil || l.Key == nil {
+// GetPlatform returns the Platform field if it's non-nil, zero value otherwise.
+func (h *HostedRunner) GetPlatform() string {
+	if h == nil || h.Platform == nil {
 		return ""
 	}
-	return *l.Key
+	return *h.Platform
 }
 
-// GetLimitations returns the Limitations field if it's non-nil, zero value otherwise.
-func (l *License) GetLimitations() []string {
-	if l == nil || l.Limitations == nil {
-		return nil
+// GetPublicIPEnabled returns the PublicIPEnabled field if it's non-nil, zero value otherwise.
+func (h *HostedRunner) GetPublicIPEnabled() bool {
+	if h == nil || h.PublicIPEnabled == nil {
+		return false
 	}
-	return *l.Limitations
+	return *h.PublicIPEnabled
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (l *License) GetName() string {
-	if l == nil || l.Name == nil {
-		return ""
+// GetRunnerGroupID returns the RunnerGroupID field if it's non-nil, zero value otherwise.
+func (h *HostedRunner) GetRunnerGroupID() int64 {
+	if h == nil || h.RunnerGroupID == nil {
+		return 0
 	}
-	return *l.Name
+	return *h.RunnerGroupID
 }
 
-// GetPermissions returns the Permissions field if it's non-nil, zero value otherwise.
-func (l *License) GetPermissions() []string {
-	if l == nil || l.Permissions == nil {
-		return nil
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (h *HostedRunner) GetStatus() string {
+	if h == nil || h.Status == nil {
+		return ""
 	}
-	return *l.Permissions
+	return *h.Status
 }
 
-// GetSPDXID returns the SPDXID field if it's non-nil, zero value otherwise.
-func (l *License) GetSPDXID() string {
-	if l == nil || l.SPDXID == nil {
+// GetDisplayName returns the DisplayName field if it's non-nil, zero value otherwise.
+func (h *HostedRunnerImageDetail) GetDisplayName() string {
+	if h == nil || h.DisplayName == nil {
 		return ""
 	}
-	return *l.SPDXID
+	return *h.DisplayName
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (l *License) GetURL() string {
-	if l == nil || l.URL == nil {
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (h *HostedRunnerImageDetail) GetID() string {
+	if h == nil || h.ID == nil {
 		return ""
 	}
-	return *l.URL
+	return *h.ID
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (l *LinearHistoryRequirementEnforcementLevelChanges) GetFrom() string {
-	if l == nil || l.From == nil {
-		return ""
+// GetSizeGB returns the SizeGB field if it's non-nil, zero value otherwise.
+func (h *HostedRunnerImageDetail) GetSizeGB() int64 {
+	if h == nil || h.SizeGB == nil {
+		return 0
 	}
-	return *l.From
+	return *h.SizeGB
 }
 
-// GetDirection returns the Direction field if it's non-nil, zero value otherwise.
-func (l *ListAlertsOptions) GetDirection() string {
-	if l == nil || l.Direction == nil {
+// GetSource returns the Source field if it's non-nil, zero value otherwise.
+func (h *HostedRunnerImageDetail) GetSource() string {
+	if h == nil || h.Source == nil {
 		return ""
 	}
-	return *l.Direction
+	return *h.Source
 }
 
-// GetEcosystem returns the Ecosystem field if it's non-nil, zero value otherwise.
-func (l *ListAlertsOptions) GetEcosystem() string {
-	if l == nil || l.Ecosystem == nil {
+// GetVersion returns the Version field if it's non-nil, zero value otherwise.
+func (h *HostedRunnerImageDetail) GetVersion() string {
+	if h == nil || h.Version == nil {
 		return ""
 	}
-	return *l.Ecosystem
+	return *h.Version
 }
 
-// GetPackage returns the Package field if it's non-nil, zero value otherwise.
-func (l *ListAlertsOptions) GetPackage() string {
-	if l == nil || l.Package == nil {
-		return ""
+// GetPublicIPs returns the PublicIPs field.
+func (h *HostedRunnerPublicIPLimits) GetPublicIPs() *PublicIPUsage {
+	if h == nil {
+		return nil
 	}
-	return *l.Package
+	return h.PublicIPs
 }
 
-// GetScope returns the Scope field if it's non-nil, zero value otherwise.
-func (l *ListAlertsOptions) GetScope() string {
-	if l == nil || l.Scope == nil {
+// GetGroupDescription returns the GroupDescription field if it's non-nil, zero value otherwise.
+func (i *IDPGroup) GetGroupDescription() string {
+	if i == nil || i.GroupDescription == nil {
 		return ""
 	}
-	return *l.Scope
+	return *i.GroupDescription
 }
 
-// GetSeverity returns the Severity field if it's non-nil, zero value otherwise.
-func (l *ListAlertsOptions) GetSeverity() string {
-	if l == nil || l.Severity == nil {
+// GetGroupID returns the GroupID field if it's non-nil, zero value otherwise.
+func (i *IDPGroup) GetGroupID() string {
+	if i == nil || i.GroupID == nil {
 		return ""
 	}
-	return *l.Severity
+	return *i.GroupID
 }
 
-// GetSort returns the Sort field if it's non-nil, zero value otherwise.
-func (l *ListAlertsOptions) GetSort() string {
-	if l == nil || l.Sort == nil {
+// GetGroupName returns the GroupName field if it's non-nil, zero value otherwise.
+func (i *IDPGroup) GetGroupName() string {
+	if i == nil || i.GroupName == nil {
 		return ""
 	}
-	return *l.Sort
+	return *i.GroupName
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (l *ListAlertsOptions) GetState() string {
-	if l == nil || l.State == nil {
+// GetAuthorsCount returns the AuthorsCount field if it's non-nil, zero value otherwise.
+func (i *Import) GetAuthorsCount() int {
+	if i == nil || i.AuthorsCount == nil {
+		return 0
+	}
+	return *i.AuthorsCount
+}
+
+// GetAuthorsURL returns the AuthorsURL field if it's non-nil, zero value otherwise.
+func (i *Import) GetAuthorsURL() string {
+	if i == nil || i.AuthorsURL == nil {
 		return ""
 	}
-	return *l.State
+	return *i.AuthorsURL
 }
 
-// GetAppID returns the AppID field if it's non-nil, zero value otherwise.
-func (l *ListCheckRunsOptions) GetAppID() int64 {
-	if l == nil || l.AppID == nil {
+// GetCommitCount returns the CommitCount field if it's non-nil, zero value otherwise.
+func (i *Import) GetCommitCount() int {
+	if i == nil || i.CommitCount == nil {
 		return 0
 	}
-	return *l.AppID
+	return *i.CommitCount
 }
 
-// GetCheckName returns the CheckName field if it's non-nil, zero value otherwise.
-func (l *ListCheckRunsOptions) GetCheckName() string {
-	if l == nil || l.CheckName == nil {
+// GetFailedStep returns the FailedStep field if it's non-nil, zero value otherwise.
+func (i *Import) GetFailedStep() string {
+	if i == nil || i.FailedStep == nil {
 		return ""
 	}
-	return *l.CheckName
+	return *i.FailedStep
 }
 
-// GetFilter returns the Filter field if it's non-nil, zero value otherwise.
-func (l *ListCheckRunsOptions) GetFilter() string {
-	if l == nil || l.Filter == nil {
+// GetHasLargeFiles returns the HasLargeFiles field if it's non-nil, zero value otherwise.
+func (i *Import) GetHasLargeFiles() bool {
+	if i == nil || i.HasLargeFiles == nil {
+		return false
+	}
+	return *i.HasLargeFiles
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (i *Import) GetHTMLURL() string {
+	if i == nil || i.HTMLURL == nil {
 		return ""
 	}
-	return *l.Filter
+	return *i.HTMLURL
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (l *ListCheckRunsOptions) GetStatus() string {
-	if l == nil || l.Status == nil {
+// GetHumanName returns the HumanName field if it's non-nil, zero value otherwise.
+func (i *Import) GetHumanName() string {
+	if i == nil || i.HumanName == nil {
 		return ""
 	}
-	return *l.Status
+	return *i.HumanName
 }
 
-// GetTotal returns the Total field if it's non-nil, zero value otherwise.
-func (l *ListCheckRunsResults) GetTotal() int {
-	if l == nil || l.Total == nil {
+// GetLargeFilesCount returns the LargeFilesCount field if it's non-nil, zero value otherwise.
+func (i *Import) GetLargeFilesCount() int {
+	if i == nil || i.LargeFilesCount == nil {
 		return 0
 	}
-	return *l.Total
+	return *i.LargeFilesCount
 }
 
-// GetAppID returns the AppID field if it's non-nil, zero value otherwise.
-func (l *ListCheckSuiteOptions) GetAppID() int {
-	if l == nil || l.AppID == nil {
+// GetLargeFilesSize returns the LargeFilesSize field if it's non-nil, zero value otherwise.
+func (i *Import) GetLargeFilesSize() int {
+	if i == nil || i.LargeFilesSize == nil {
 		return 0
 	}
-	return *l.AppID
+	return *i.LargeFilesSize
 }
 
-// GetCheckName returns the CheckName field if it's non-nil, zero value otherwise.
-func (l *ListCheckSuiteOptions) GetCheckName() string {
-	if l == nil || l.CheckName == nil {
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (i *Import) GetMessage() string {
+	if i == nil || i.Message == nil {
 		return ""
 	}
-	return *l.CheckName
+	return *i.Message
 }
 
-// GetTotal returns the Total field if it's non-nil, zero value otherwise.
-func (l *ListCheckSuiteResults) GetTotal() int {
-	if l == nil || l.Total == nil {
+// GetPercent returns the Percent field if it's non-nil, zero value otherwise.
+func (i *Import) GetPercent() int {
+	if i == nil || i.Percent == nil {
 		return 0
 	}
-	return *l.Total
+	return *i.Percent
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (l *ListCodespaces) GetTotalCount() int {
-	if l == nil || l.TotalCount == nil {
+// GetPushPercent returns the PushPercent field if it's non-nil, zero value otherwise.
+func (i *Import) GetPushPercent() int {
+	if i == nil || i.PushPercent == nil {
 		return 0
 	}
-	return *l.TotalCount
+	return *i.PushPercent
 }
 
-// GetAffiliation returns the Affiliation field if it's non-nil, zero value otherwise.
-func (l *ListCollaboratorOptions) GetAffiliation() string {
-	if l == nil || l.Affiliation == nil {
+// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
+func (i *Import) GetRepositoryURL() string {
+	if i == nil || i.RepositoryURL == nil {
 		return ""
 	}
-	return *l.Affiliation
+	return *i.RepositoryURL
 }
 
-// GetDisplayName returns the DisplayName field if it's non-nil, zero value otherwise.
-func (l *ListExternalGroupsOptions) GetDisplayName() string {
-	if l == nil || l.DisplayName == nil {
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (i *Import) GetStatus() string {
+	if i == nil || i.Status == nil {
 		return ""
 	}
-	return *l.DisplayName
+	return *i.Status
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (l *ListRepositories) GetTotalCount() int {
-	if l == nil || l.TotalCount == nil {
-		return 0
+// GetStatusText returns the StatusText field if it's non-nil, zero value otherwise.
+func (i *Import) GetStatusText() string {
+	if i == nil || i.StatusText == nil {
+		return ""
 	}
-	return *l.TotalCount
+	return *i.StatusText
 }
 
-// GetCount returns the Count field if it's non-nil, zero value otherwise.
-func (l *ListSCIMProvisionedIdentitiesOptions) GetCount() int {
-	if l == nil || l.Count == nil {
-		return 0
+// GetTFVCProject returns the TFVCProject field if it's non-nil, zero value otherwise.
+func (i *Import) GetTFVCProject() string {
+	if i == nil || i.TFVCProject == nil {
+		return ""
 	}
-	return *l.Count
+	return *i.TFVCProject
 }
 
-// GetFilter returns the Filter field if it's non-nil, zero value otherwise.
-func (l *ListSCIMProvisionedIdentitiesOptions) GetFilter() string {
-	if l == nil || l.Filter == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (i *Import) GetURL() string {
+	if i == nil || i.URL == nil {
 		return ""
 	}
-	return *l.Filter
+	return *i.URL
 }
 
-// GetStartIndex returns the StartIndex field if it's non-nil, zero value otherwise.
-func (l *ListSCIMProvisionedIdentitiesOptions) GetStartIndex() int {
-	if l == nil || l.StartIndex == nil {
-		return 0
+// GetUseLFS returns the UseLFS field if it's non-nil, zero value otherwise.
+func (i *Import) GetUseLFS() string {
+	if i == nil || i.UseLFS == nil {
+		return ""
 	}
-	return *l.StartIndex
+	return *i.UseLFS
 }
 
-// GetEndColumn returns the EndColumn field if it's non-nil, zero value otherwise.
-func (l *Location) GetEndColumn() int {
-	if l == nil || l.EndColumn == nil {
-		return 0
+// GetVCS returns the VCS field if it's non-nil, zero value otherwise.
+func (i *Import) GetVCS() string {
+	if i == nil || i.VCS == nil {
+		return ""
 	}
-	return *l.EndColumn
+	return *i.VCS
 }
 
-// GetEndLine returns the EndLine field if it's non-nil, zero value otherwise.
-func (l *Location) GetEndLine() int {
-	if l == nil || l.EndLine == nil {
-		return 0
+// GetVCSPassword returns the VCSPassword field if it's non-nil, zero value otherwise.
+func (i *Import) GetVCSPassword() string {
+	if i == nil || i.VCSPassword == nil {
+		return ""
 	}
-	return *l.EndLine
+	return *i.VCSPassword
 }
 
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (l *Location) GetPath() string {
-	if l == nil || l.Path == nil {
+// GetVCSURL returns the VCSURL field if it's non-nil, zero value otherwise.
+func (i *Import) GetVCSURL() string {
+	if i == nil || i.VCSURL == nil {
 		return ""
 	}
-	return *l.Path
+	return *i.VCSURL
 }
 
-// GetStartColumn returns the StartColumn field if it's non-nil, zero value otherwise.
-func (l *Location) GetStartColumn() int {
-	if l == nil || l.StartColumn == nil {
-		return 0
+// GetVCSUsername returns the VCSUsername field if it's non-nil, zero value otherwise.
+func (i *Import) GetVCSUsername() string {
+	if i == nil || i.VCSUsername == nil {
+		return ""
 	}
-	return *l.StartColumn
+	return *i.VCSUsername
 }
 
-// GetStartLine returns the StartLine field if it's non-nil, zero value otherwise.
-func (l *Location) GetStartLine() int {
-	if l == nil || l.StartLine == nil {
-		return 0
+// GetAccessTokensURL returns the AccessTokensURL field if it's non-nil, zero value otherwise.
+func (i *Installation) GetAccessTokensURL() string {
+	if i == nil || i.AccessTokensURL == nil {
+		return ""
 	}
-	return *l.StartLine
+	return *i.AccessTokensURL
 }
 
-// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
-func (l *LockBranch) GetEnabled() bool {
-	if l == nil || l.Enabled == nil {
-		return false
+// GetAccount returns the Account field.
+func (i *Installation) GetAccount() *User {
+	if i == nil {
+		return nil
 	}
-	return *l.Enabled
+	return i.Account
 }
 
-// GetEffectiveDate returns the EffectiveDate field if it's non-nil, zero value otherwise.
-func (m *MarketplacePendingChange) GetEffectiveDate() Timestamp {
-	if m == nil || m.EffectiveDate == nil {
-		return Timestamp{}
+// GetAppID returns the AppID field if it's non-nil, zero value otherwise.
+func (i *Installation) GetAppID() int64 {
+	if i == nil || i.AppID == nil {
+		return 0
 	}
-	return *m.EffectiveDate
+	return *i.AppID
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (m *MarketplacePendingChange) GetID() int64 {
-	if m == nil || m.ID == nil {
-		return 0
+// GetAppSlug returns the AppSlug field if it's non-nil, zero value otherwise.
+func (i *Installation) GetAppSlug() string {
+	if i == nil || i.AppSlug == nil {
+		return ""
 	}
-	return *m.ID
+	return *i.AppSlug
 }
 
-// GetPlan returns the Plan field.
-func (m *MarketplacePendingChange) GetPlan() *MarketplacePlan {
-	if m == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (i *Installation) GetCreatedAt() Timestamp {
+	if i == nil || i.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return m.Plan
+	return *i.CreatedAt
 }
 
-// GetUnitCount returns the UnitCount field if it's non-nil, zero value otherwise.
-func (m *MarketplacePendingChange) GetUnitCount() int {
-	if m == nil || m.UnitCount == nil {
+// GetHasMultipleSingleFiles returns the HasMultipleSingleFiles field if it's non-nil, zero value otherwise.
+func (i *Installation) GetHasMultipleSingleFiles() bool {
+	if i == nil || i.HasMultipleSingleFiles == nil {
+		return false
+	}
+	return *i.HasMultipleSingleFiles
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (i *Installation) GetHTMLURL() string {
+	if i == nil || i.HTMLURL == nil {
+		return ""
+	}
+	return *i.HTMLURL
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (i *Installation) GetID() int64 {
+	if i == nil || i.ID == nil {
 		return 0
 	}
-	return *m.UnitCount
+	return *i.ID
 }
 
-// GetAccountsURL returns the AccountsURL field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetAccountsURL() string {
-	if m == nil || m.AccountsURL == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (i *Installation) GetNodeID() string {
+	if i == nil || i.NodeID == nil {
 		return ""
 	}
-	return *m.AccountsURL
+	return *i.NodeID
 }
 
-// GetBullets returns the Bullets field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetBullets() []string {
-	if m == nil || m.Bullets == nil {
+// GetPermissions returns the Permissions field.
+func (i *Installation) GetPermissions() *InstallationPermissions {
+	if i == nil {
 		return nil
 	}
-	return *m.Bullets
+	return i.Permissions
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetDescription() string {
-	if m == nil || m.Description == nil {
+// GetRepositoriesURL returns the RepositoriesURL field if it's non-nil, zero value otherwise.
+func (i *Installation) GetRepositoriesURL() string {
+	if i == nil || i.RepositoriesURL == nil {
 		return ""
 	}
-	return *m.Description
+	return *i.RepositoriesURL
 }
 
-// GetHasFreeTrial returns the HasFreeTrial field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetHasFreeTrial() bool {
-	if m == nil || m.HasFreeTrial == nil {
-		return false
+// GetRepositorySelection returns the RepositorySelection field if it's non-nil, zero value otherwise.
+func (i *Installation) GetRepositorySelection() string {
+	if i == nil || i.RepositorySelection == nil {
+		return ""
 	}
-	return *m.HasFreeTrial
+	return *i.RepositorySelection
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetID() int64 {
-	if m == nil || m.ID == nil {
-		return 0
+// GetSingleFileName returns the SingleFileName field if it's non-nil, zero value otherwise.
+func (i *Installation) GetSingleFileName() string {
+	if i == nil || i.SingleFileName == nil {
+		return ""
 	}
-	return *m.ID
+	return *i.SingleFileName
 }
 
-// GetMonthlyPriceInCents returns the MonthlyPriceInCents field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetMonthlyPriceInCents() int {
-	if m == nil || m.MonthlyPriceInCents == nil {
-		return 0
+// GetSuspendedAt returns the SuspendedAt field if it's non-nil, zero value otherwise.
+func (i *Installation) GetSuspendedAt() Timestamp {
+	if i == nil || i.SuspendedAt == nil {
+		return Timestamp{}
 	}
-	return *m.MonthlyPriceInCents
+	return *i.SuspendedAt
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetName() string {
-	if m == nil || m.Name == nil {
-		return ""
+// GetSuspendedBy returns the SuspendedBy field.
+func (i *Installation) GetSuspendedBy() *User {
+	if i == nil {
+		return nil
 	}
-	return *m.Name
+	return i.SuspendedBy
 }
 
-// GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetNumber() int {
-	if m == nil || m.Number == nil {
+// GetTargetID returns the TargetID field if it's non-nil, zero value otherwise.
+func (i *Installation) GetTargetID() int64 {
+	if i == nil || i.TargetID == nil {
 		return 0
 	}
-	return *m.Number
+	return *i.TargetID
 }
 
-// GetPriceModel returns the PriceModel field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetPriceModel() string {
-	if m == nil || m.PriceModel == nil {
+// GetTargetType returns the TargetType field if it's non-nil, zero value otherwise.
+func (i *Installation) GetTargetType() string {
+	if i == nil || i.TargetType == nil {
 		return ""
 	}
-	return *m.PriceModel
+	return *i.TargetType
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetState() string {
-	if m == nil || m.State == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (i *Installation) GetUpdatedAt() Timestamp {
+	if i == nil || i.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *m.State
+	return *i.UpdatedAt
 }
 
-// GetUnitName returns the UnitName field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetUnitName() string {
-	if m == nil || m.UnitName == nil {
-		return ""
+// GetLogin returns the Login field.
+func (i *InstallationChanges) GetLogin() *InstallationLoginChange {
+	if i == nil {
+		return nil
 	}
-	return *m.UnitName
+	return i.Login
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetURL() string {
-	if m == nil || m.URL == nil {
-		return ""
+// GetSlug returns the Slug field.
+func (i *InstallationChanges) GetSlug() *InstallationSlugChange {
+	if i == nil {
+		return nil
 	}
-	return *m.URL
+	return i.Slug
 }
 
-// GetYearlyPriceInCents returns the YearlyPriceInCents field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlan) GetYearlyPriceInCents() int {
-	if m == nil || m.YearlyPriceInCents == nil {
-		return 0
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (i *InstallationEvent) GetAction() string {
+	if i == nil || i.Action == nil {
+		return ""
 	}
-	return *m.YearlyPriceInCents
+	return *i.Action
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlanAccount) GetID() int64 {
-	if m == nil || m.ID == nil {
-		return 0
+// GetInstallation returns the Installation field.
+func (i *InstallationEvent) GetInstallation() *Installation {
+	if i == nil {
+		return nil
 	}
-	return *m.ID
+	return i.Installation
 }
 
-// GetLogin returns the Login field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlanAccount) GetLogin() string {
-	if m == nil || m.Login == nil {
-		return ""
+// GetOrg returns the Org field.
+func (i *InstallationEvent) GetOrg() *Organization {
+	if i == nil {
+		return nil
 	}
-	return *m.Login
+	return i.Org
 }
 
-// GetMarketplacePendingChange returns the MarketplacePendingChange field.
-func (m *MarketplacePlanAccount) GetMarketplacePendingChange() *MarketplacePendingChange {
-	if m == nil {
+// GetRequester returns the Requester field.
+func (i *InstallationEvent) GetRequester() *User {
+	if i == nil {
 		return nil
 	}
-	return m.MarketplacePendingChange
+	return i.Requester
 }
 
-// GetMarketplacePurchase returns the MarketplacePurchase field.
-func (m *MarketplacePlanAccount) GetMarketplacePurchase() *MarketplacePurchase {
-	if m == nil {
+// GetSender returns the Sender field.
+func (i *InstallationEvent) GetSender() *User {
+	if i == nil {
 		return nil
 	}
-	return m.MarketplacePurchase
+	return i.Sender
 }
 
-// GetOrganizationBillingEmail returns the OrganizationBillingEmail field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlanAccount) GetOrganizationBillingEmail() string {
-	if m == nil || m.OrganizationBillingEmail == nil {
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (i *InstallationLoginChange) GetFrom() string {
+	if i == nil || i.From == nil {
 		return ""
 	}
-	return *m.OrganizationBillingEmail
+	return *i.From
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlanAccount) GetType() string {
-	if m == nil || m.Type == nil {
+// GetActions returns the Actions field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetActions() string {
+	if i == nil || i.Actions == nil {
 		return ""
 	}
-	return *m.Type
+	return *i.Actions
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (m *MarketplacePlanAccount) GetURL() string {
-	if m == nil || m.URL == nil {
+// GetActionsVariables returns the ActionsVariables field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetActionsVariables() string {
+	if i == nil || i.ActionsVariables == nil {
 		return ""
 	}
-	return *m.URL
+	return *i.ActionsVariables
 }
 
-// GetAccount returns the Account field.
-func (m *MarketplacePurchase) GetAccount() *MarketplacePurchaseAccount {
-	if m == nil {
-		return nil
+// GetAdministration returns the Administration field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetAdministration() string {
+	if i == nil || i.Administration == nil {
+		return ""
 	}
-	return m.Account
+	return *i.Administration
 }
 
-// GetBillingCycle returns the BillingCycle field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchase) GetBillingCycle() string {
-	if m == nil || m.BillingCycle == nil {
+// GetAttestations returns the Attestations field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetAttestations() string {
+	if i == nil || i.Attestations == nil {
 		return ""
 	}
-	return *m.BillingCycle
+	return *i.Attestations
 }
 
-// GetFreeTrialEndsOn returns the FreeTrialEndsOn field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchase) GetFreeTrialEndsOn() Timestamp {
-	if m == nil || m.FreeTrialEndsOn == nil {
-		return Timestamp{}
+// GetBlocking returns the Blocking field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetBlocking() string {
+	if i == nil || i.Blocking == nil {
+		return ""
 	}
-	return *m.FreeTrialEndsOn
+	return *i.Blocking
 }
 
-// GetNextBillingDate returns the NextBillingDate field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchase) GetNextBillingDate() Timestamp {
-	if m == nil || m.NextBillingDate == nil {
-		return Timestamp{}
+// GetChecks returns the Checks field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetChecks() string {
+	if i == nil || i.Checks == nil {
+		return ""
 	}
-	return *m.NextBillingDate
+	return *i.Checks
 }
 
-// GetOnFreeTrial returns the OnFreeTrial field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchase) GetOnFreeTrial() bool {
-	if m == nil || m.OnFreeTrial == nil {
-		return false
+// GetCodespaces returns the Codespaces field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetCodespaces() string {
+	if i == nil || i.Codespaces == nil {
+		return ""
 	}
-	return *m.OnFreeTrial
+	return *i.Codespaces
 }
 
-// GetPlan returns the Plan field.
-func (m *MarketplacePurchase) GetPlan() *MarketplacePlan {
-	if m == nil {
-		return nil
+// GetCodespacesLifecycleAdmin returns the CodespacesLifecycleAdmin field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetCodespacesLifecycleAdmin() string {
+	if i == nil || i.CodespacesLifecycleAdmin == nil {
+		return ""
 	}
-	return m.Plan
+	return *i.CodespacesLifecycleAdmin
 }
 
-// GetUnitCount returns the UnitCount field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchase) GetUnitCount() int {
-	if m == nil || m.UnitCount == nil {
-		return 0
+// GetCodespacesMetadata returns the CodespacesMetadata field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetCodespacesMetadata() string {
+	if i == nil || i.CodespacesMetadata == nil {
+		return ""
 	}
-	return *m.UnitCount
+	return *i.CodespacesMetadata
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchase) GetUpdatedAt() Timestamp {
-	if m == nil || m.UpdatedAt == nil {
-		return Timestamp{}
+// GetCodespacesSecrets returns the CodespacesSecrets field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetCodespacesSecrets() string {
+	if i == nil || i.CodespacesSecrets == nil {
+		return ""
 	}
-	return *m.UpdatedAt
+	return *i.CodespacesSecrets
 }
 
-// GetEmail returns the Email field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchaseAccount) GetEmail() string {
-	if m == nil || m.Email == nil {
+// GetCodespacesUserSecrets returns the CodespacesUserSecrets field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetCodespacesUserSecrets() string {
+	if i == nil || i.CodespacesUserSecrets == nil {
 		return ""
 	}
-	return *m.Email
+	return *i.CodespacesUserSecrets
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchaseAccount) GetID() int64 {
-	if m == nil || m.ID == nil {
-		return 0
+// GetContentReferences returns the ContentReferences field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetContentReferences() string {
+	if i == nil || i.ContentReferences == nil {
+		return ""
 	}
-	return *m.ID
+	return *i.ContentReferences
 }
 
-// GetLogin returns the Login field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchaseAccount) GetLogin() string {
-	if m == nil || m.Login == nil {
+// GetContents returns the Contents field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetContents() string {
+	if i == nil || i.Contents == nil {
 		return ""
 	}
-	return *m.Login
+	return *i.Contents
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchaseAccount) GetNodeID() string {
-	if m == nil || m.NodeID == nil {
+// GetCopilotMessages returns the CopilotMessages field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetCopilotMessages() string {
+	if i == nil || i.CopilotMessages == nil {
 		return ""
 	}
-	return *m.NodeID
+	return *i.CopilotMessages
 }
 
-// GetOrganizationBillingEmail returns the OrganizationBillingEmail field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchaseAccount) GetOrganizationBillingEmail() string {
-	if m == nil || m.OrganizationBillingEmail == nil {
+// GetDependabotSecrets returns the DependabotSecrets field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetDependabotSecrets() string {
+	if i == nil || i.DependabotSecrets == nil {
 		return ""
 	}
-	return *m.OrganizationBillingEmail
+	return *i.DependabotSecrets
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchaseAccount) GetType() string {
-	if m == nil || m.Type == nil {
+// GetDeployments returns the Deployments field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetDeployments() string {
+	if i == nil || i.Deployments == nil {
 		return ""
 	}
-	return *m.Type
+	return *i.Deployments
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchaseAccount) GetURL() string {
-	if m == nil || m.URL == nil {
+// GetDiscussions returns the Discussions field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetDiscussions() string {
+	if i == nil || i.Discussions == nil {
 		return ""
 	}
-	return *m.URL
+	return *i.Discussions
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchaseEvent) GetAction() string {
-	if m == nil || m.Action == nil {
+// GetEmails returns the Emails field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetEmails() string {
+	if i == nil || i.Emails == nil {
 		return ""
 	}
-	return *m.Action
+	return *i.Emails
 }
 
-// GetEffectiveDate returns the EffectiveDate field if it's non-nil, zero value otherwise.
-func (m *MarketplacePurchaseEvent) GetEffectiveDate() Timestamp {
-	if m == nil || m.EffectiveDate == nil {
-		return Timestamp{}
+// GetEnvironments returns the Environments field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetEnvironments() string {
+	if i == nil || i.Environments == nil {
+		return ""
 	}
-	return *m.EffectiveDate
+	return *i.Environments
 }
 
-// GetInstallation returns the Installation field.
-func (m *MarketplacePurchaseEvent) GetInstallation() *Installation {
-	if m == nil {
-		return nil
+// GetFollowers returns the Followers field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetFollowers() string {
+	if i == nil || i.Followers == nil {
+		return ""
 	}
-	return m.Installation
+	return *i.Followers
 }
 
-// GetMarketplacePurchase returns the MarketplacePurchase field.
-func (m *MarketplacePurchaseEvent) GetMarketplacePurchase() *MarketplacePurchase {
-	if m == nil {
-		return nil
+// GetGists returns the Gists field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetGists() string {
+	if i == nil || i.Gists == nil {
+		return ""
 	}
-	return m.MarketplacePurchase
+	return *i.Gists
 }
 
-// GetPreviousMarketplacePurchase returns the PreviousMarketplacePurchase field.
-func (m *MarketplacePurchaseEvent) GetPreviousMarketplacePurchase() *MarketplacePurchase {
-	if m == nil {
-		return nil
+// GetGitSigningSSHPublicKeys returns the GitSigningSSHPublicKeys field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetGitSigningSSHPublicKeys() string {
+	if i == nil || i.GitSigningSSHPublicKeys == nil {
+		return ""
 	}
-	return m.PreviousMarketplacePurchase
+	return *i.GitSigningSSHPublicKeys
 }
 
-// GetSender returns the Sender field.
-func (m *MarketplacePurchaseEvent) GetSender() *User {
-	if m == nil {
-		return nil
+// GetGPGKeys returns the GPGKeys field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetGPGKeys() string {
+	if i == nil || i.GPGKeys == nil {
+		return ""
 	}
-	return m.Sender
+	return *i.GPGKeys
 }
 
-// GetText returns the Text field if it's non-nil, zero value otherwise.
-func (m *Match) GetText() string {
-	if m == nil || m.Text == nil {
+// GetInteractionLimits returns the InteractionLimits field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetInteractionLimits() string {
+	if i == nil || i.InteractionLimits == nil {
 		return ""
 	}
-	return *m.Text
+	return *i.InteractionLimits
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (m *MemberEvent) GetAction() string {
-	if m == nil || m.Action == nil {
+// GetIssues returns the Issues field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetIssues() string {
+	if i == nil || i.Issues == nil {
 		return ""
 	}
-	return *m.Action
+	return *i.Issues
 }
 
-// GetInstallation returns the Installation field.
-func (m *MemberEvent) GetInstallation() *Installation {
-	if m == nil {
-		return nil
+// GetKeys returns the Keys field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetKeys() string {
+	if i == nil || i.Keys == nil {
+		return ""
 	}
-	return m.Installation
+	return *i.Keys
 }
 
-// GetMember returns the Member field.
-func (m *MemberEvent) GetMember() *User {
-	if m == nil {
-		return nil
+// GetMembers returns the Members field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetMembers() string {
+	if i == nil || i.Members == nil {
+		return ""
 	}
-	return m.Member
+	return *i.Members
 }
 
-// GetRepo returns the Repo field.
-func (m *MemberEvent) GetRepo() *Repository {
-	if m == nil {
-		return nil
+// GetMergeQueues returns the MergeQueues field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetMergeQueues() string {
+	if i == nil || i.MergeQueues == nil {
+		return ""
 	}
-	return m.Repo
+	return *i.MergeQueues
 }
 
-// GetSender returns the Sender field.
-func (m *MemberEvent) GetSender() *User {
-	if m == nil {
-		return nil
+// GetMetadata returns the Metadata field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetMetadata() string {
+	if i == nil || i.Metadata == nil {
+		return ""
 	}
-	return m.Sender
+	return *i.Metadata
 }
 
-// GetOrganization returns the Organization field.
-func (m *Membership) GetOrganization() *Organization {
-	if m == nil {
-		return nil
+// GetOrganizationActionsVariables returns the OrganizationActionsVariables field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationActionsVariables() string {
+	if i == nil || i.OrganizationActionsVariables == nil {
+		return ""
 	}
-	return m.Organization
+	return *i.OrganizationActionsVariables
 }
 
-// GetOrganizationURL returns the OrganizationURL field if it's non-nil, zero value otherwise.
-func (m *Membership) GetOrganizationURL() string {
-	if m == nil || m.OrganizationURL == nil {
+// GetOrganizationAdministration returns the OrganizationAdministration field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationAdministration() string {
+	if i == nil || i.OrganizationAdministration == nil {
 		return ""
 	}
-	return *m.OrganizationURL
+	return *i.OrganizationAdministration
 }
 
-// GetRole returns the Role field if it's non-nil, zero value otherwise.
-func (m *Membership) GetRole() string {
-	if m == nil || m.Role == nil {
+// GetOrganizationAnnouncementBanners returns the OrganizationAnnouncementBanners field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationAnnouncementBanners() string {
+	if i == nil || i.OrganizationAnnouncementBanners == nil {
 		return ""
 	}
-	return *m.Role
+	return *i.OrganizationAnnouncementBanners
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (m *Membership) GetState() string {
-	if m == nil || m.State == nil {
+// GetOrganizationAPIInsights returns the OrganizationAPIInsights field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationAPIInsights() string {
+	if i == nil || i.OrganizationAPIInsights == nil {
 		return ""
 	}
-	return *m.State
+	return *i.OrganizationAPIInsights
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (m *Membership) GetURL() string {
-	if m == nil || m.URL == nil {
+// GetOrganizationCodespaces returns the OrganizationCodespaces field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationCodespaces() string {
+	if i == nil || i.OrganizationCodespaces == nil {
 		return ""
 	}
-	return *m.URL
+	return *i.OrganizationCodespaces
 }
 
-// GetUser returns the User field.
-func (m *Membership) GetUser() *User {
-	if m == nil {
-		return nil
+// GetOrganizationCodespacesSecrets returns the OrganizationCodespacesSecrets field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationCodespacesSecrets() string {
+	if i == nil || i.OrganizationCodespacesSecrets == nil {
+		return ""
 	}
-	return m.User
+	return *i.OrganizationCodespacesSecrets
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (m *MembershipEvent) GetAction() string {
-	if m == nil || m.Action == nil {
+// GetOrganizationCodespacesSettings returns the OrganizationCodespacesSettings field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationCodespacesSettings() string {
+	if i == nil || i.OrganizationCodespacesSettings == nil {
 		return ""
 	}
-	return *m.Action
+	return *i.OrganizationCodespacesSettings
 }
 
-// GetInstallation returns the Installation field.
-func (m *MembershipEvent) GetInstallation() *Installation {
-	if m == nil {
-		return nil
+// GetOrganizationCopilotSeatManagement returns the OrganizationCopilotSeatManagement field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationCopilotSeatManagement() string {
+	if i == nil || i.OrganizationCopilotSeatManagement == nil {
+		return ""
 	}
-	return m.Installation
+	return *i.OrganizationCopilotSeatManagement
 }
 
-// GetMember returns the Member field.
-func (m *MembershipEvent) GetMember() *User {
-	if m == nil {
-		return nil
+// GetOrganizationCustomOrgRoles returns the OrganizationCustomOrgRoles field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationCustomOrgRoles() string {
+	if i == nil || i.OrganizationCustomOrgRoles == nil {
+		return ""
 	}
-	return m.Member
+	return *i.OrganizationCustomOrgRoles
 }
 
-// GetOrg returns the Org field.
-func (m *MembershipEvent) GetOrg() *Organization {
-	if m == nil {
-		return nil
+// GetOrganizationCustomProperties returns the OrganizationCustomProperties field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationCustomProperties() string {
+	if i == nil || i.OrganizationCustomProperties == nil {
+		return ""
 	}
-	return m.Org
+	return *i.OrganizationCustomProperties
 }
 
-// GetScope returns the Scope field if it's non-nil, zero value otherwise.
-func (m *MembershipEvent) GetScope() string {
-	if m == nil || m.Scope == nil {
+// GetOrganizationCustomRoles returns the OrganizationCustomRoles field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationCustomRoles() string {
+	if i == nil || i.OrganizationCustomRoles == nil {
 		return ""
 	}
-	return *m.Scope
+	return *i.OrganizationCustomRoles
 }
 
-// GetSender returns the Sender field.
-func (m *MembershipEvent) GetSender() *User {
-	if m == nil {
-		return nil
+// GetOrganizationDependabotSecrets returns the OrganizationDependabotSecrets field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationDependabotSecrets() string {
+	if i == nil || i.OrganizationDependabotSecrets == nil {
+		return ""
 	}
-	return m.Sender
+	return *i.OrganizationDependabotSecrets
 }
 
-// GetTeam returns the Team field.
-func (m *MembershipEvent) GetTeam() *Team {
-	if m == nil {
-		return nil
+// GetOrganizationEvents returns the OrganizationEvents field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationEvents() string {
+	if i == nil || i.OrganizationEvents == nil {
+		return ""
 	}
-	return m.Team
+	return *i.OrganizationEvents
 }
 
-// GetBaseRef returns the BaseRef field if it's non-nil, zero value otherwise.
-func (m *MergeGroup) GetBaseRef() string {
-	if m == nil || m.BaseRef == nil {
+// GetOrganizationHooks returns the OrganizationHooks field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationHooks() string {
+	if i == nil || i.OrganizationHooks == nil {
 		return ""
 	}
-	return *m.BaseRef
+	return *i.OrganizationHooks
 }
 
-// GetBaseSHA returns the BaseSHA field if it's non-nil, zero value otherwise.
-func (m *MergeGroup) GetBaseSHA() string {
-	if m == nil || m.BaseSHA == nil {
+// GetOrganizationKnowledgeBases returns the OrganizationKnowledgeBases field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationKnowledgeBases() string {
+	if i == nil || i.OrganizationKnowledgeBases == nil {
 		return ""
 	}
-	return *m.BaseSHA
+	return *i.OrganizationKnowledgeBases
 }
 
-// GetHeadCommit returns the HeadCommit field.
-func (m *MergeGroup) GetHeadCommit() *Commit {
-	if m == nil {
-		return nil
+// GetOrganizationPackages returns the OrganizationPackages field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationPackages() string {
+	if i == nil || i.OrganizationPackages == nil {
+		return ""
 	}
-	return m.HeadCommit
+	return *i.OrganizationPackages
 }
 
-// GetHeadRef returns the HeadRef field if it's non-nil, zero value otherwise.
-func (m *MergeGroup) GetHeadRef() string {
-	if m == nil || m.HeadRef == nil {
+// GetOrganizationPersonalAccessTokenRequests returns the OrganizationPersonalAccessTokenRequests field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationPersonalAccessTokenRequests() string {
+	if i == nil || i.OrganizationPersonalAccessTokenRequests == nil {
 		return ""
 	}
-	return *m.HeadRef
+	return *i.OrganizationPersonalAccessTokenRequests
 }
 
-// GetHeadSHA returns the HeadSHA field if it's non-nil, zero value otherwise.
-func (m *MergeGroup) GetHeadSHA() string {
-	if m == nil || m.HeadSHA == nil {
+// GetOrganizationPersonalAccessTokens returns the OrganizationPersonalAccessTokens field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationPersonalAccessTokens() string {
+	if i == nil || i.OrganizationPersonalAccessTokens == nil {
 		return ""
 	}
-	return *m.HeadSHA
+	return *i.OrganizationPersonalAccessTokens
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (m *MergeGroupEvent) GetAction() string {
-	if m == nil || m.Action == nil {
+// GetOrganizationPlan returns the OrganizationPlan field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationPlan() string {
+	if i == nil || i.OrganizationPlan == nil {
 		return ""
 	}
-	return *m.Action
+	return *i.OrganizationPlan
 }
 
-// GetInstallation returns the Installation field.
-func (m *MergeGroupEvent) GetInstallation() *Installation {
-	if m == nil {
-		return nil
+// GetOrganizationPreReceiveHooks returns the OrganizationPreReceiveHooks field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationPreReceiveHooks() string {
+	if i == nil || i.OrganizationPreReceiveHooks == nil {
+		return ""
 	}
-	return m.Installation
+	return *i.OrganizationPreReceiveHooks
 }
 
-// GetMergeGroup returns the MergeGroup field.
-func (m *MergeGroupEvent) GetMergeGroup() *MergeGroup {
-	if m == nil {
-		return nil
+// GetOrganizationProjects returns the OrganizationProjects field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationProjects() string {
+	if i == nil || i.OrganizationProjects == nil {
+		return ""
 	}
-	return m.MergeGroup
+	return *i.OrganizationProjects
 }
 
-// GetOrg returns the Org field.
-func (m *MergeGroupEvent) GetOrg() *Organization {
-	if m == nil {
-		return nil
+// GetOrganizationSecrets returns the OrganizationSecrets field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationSecrets() string {
+	if i == nil || i.OrganizationSecrets == nil {
+		return ""
 	}
-	return m.Org
+	return *i.OrganizationSecrets
 }
 
-// GetRepo returns the Repo field.
-func (m *MergeGroupEvent) GetRepo() *Repository {
-	if m == nil {
-		return nil
+// GetOrganizationSelfHostedRunners returns the OrganizationSelfHostedRunners field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationSelfHostedRunners() string {
+	if i == nil || i.OrganizationSelfHostedRunners == nil {
+		return ""
 	}
-	return m.Repo
+	return *i.OrganizationSelfHostedRunners
 }
 
-// GetSender returns the Sender field.
-func (m *MergeGroupEvent) GetSender() *User {
-	if m == nil {
-		return nil
+// GetOrganizationUserBlocking returns the OrganizationUserBlocking field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetOrganizationUserBlocking() string {
+	if i == nil || i.OrganizationUserBlocking == nil {
+		return ""
 	}
-	return m.Sender
+	return *i.OrganizationUserBlocking
 }
 
-// GetText returns the Text field if it's non-nil, zero value otherwise.
-func (m *Message) GetText() string {
-	if m == nil || m.Text == nil {
+// GetPackages returns the Packages field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetPackages() string {
+	if i == nil || i.Packages == nil {
 		return ""
 	}
-	return *m.Text
+	return *i.Packages
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (m *MetaEvent) GetAction() string {
-	if m == nil || m.Action == nil {
+// GetPages returns the Pages field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetPages() string {
+	if i == nil || i.Pages == nil {
 		return ""
 	}
-	return *m.Action
+	return *i.Pages
 }
 
-// GetHook returns the Hook field.
-func (m *MetaEvent) GetHook() *Hook {
-	if m == nil {
-		return nil
+// GetPlan returns the Plan field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetPlan() string {
+	if i == nil || i.Plan == nil {
+		return ""
 	}
-	return m.Hook
+	return *i.Plan
 }
 
-// GetHookID returns the HookID field if it's non-nil, zero value otherwise.
-func (m *MetaEvent) GetHookID() int64 {
-	if m == nil || m.HookID == nil {
-		return 0
+// GetProfile returns the Profile field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetProfile() string {
+	if i == nil || i.Profile == nil {
+		return ""
 	}
-	return *m.HookID
+	return *i.Profile
 }
 
-// GetInstallation returns the Installation field.
-func (m *MetaEvent) GetInstallation() *Installation {
-	if m == nil {
-		return nil
+// GetPullRequests returns the PullRequests field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetPullRequests() string {
+	if i == nil || i.PullRequests == nil {
+		return ""
 	}
-	return m.Installation
+	return *i.PullRequests
 }
 
-// GetOrg returns the Org field.
-func (m *MetaEvent) GetOrg() *Organization {
-	if m == nil {
-		return nil
+// GetRepositoryAdvisories returns the RepositoryAdvisories field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetRepositoryAdvisories() string {
+	if i == nil || i.RepositoryAdvisories == nil {
+		return ""
 	}
-	return m.Org
+	return *i.RepositoryAdvisories
 }
 
-// GetRepo returns the Repo field.
-func (m *MetaEvent) GetRepo() *Repository {
-	if m == nil {
-		return nil
+// GetRepositoryCustomProperties returns the RepositoryCustomProperties field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetRepositoryCustomProperties() string {
+	if i == nil || i.RepositoryCustomProperties == nil {
+		return ""
 	}
-	return m.Repo
+	return *i.RepositoryCustomProperties
 }
 
-// GetSender returns the Sender field.
-func (m *MetaEvent) GetSender() *User {
-	if m == nil {
-		return nil
+// GetRepositoryHooks returns the RepositoryHooks field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetRepositoryHooks() string {
+	if i == nil || i.RepositoryHooks == nil {
+		return ""
 	}
-	return m.Sender
+	return *i.RepositoryHooks
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (m *Metric) GetHTMLURL() string {
-	if m == nil || m.HTMLURL == nil {
+// GetRepositoryPreReceiveHooks returns the RepositoryPreReceiveHooks field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetRepositoryPreReceiveHooks() string {
+	if i == nil || i.RepositoryPreReceiveHooks == nil {
 		return ""
 	}
-	return *m.HTMLURL
+	return *i.RepositoryPreReceiveHooks
 }
 
-// GetKey returns the Key field if it's non-nil, zero value otherwise.
-func (m *Metric) GetKey() string {
-	if m == nil || m.Key == nil {
+// GetRepositoryProjects returns the RepositoryProjects field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetRepositoryProjects() string {
+	if i == nil || i.RepositoryProjects == nil {
 		return ""
 	}
-	return *m.Key
+	return *i.RepositoryProjects
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (m *Metric) GetName() string {
-	if m == nil || m.Name == nil {
+// GetSecrets returns the Secrets field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetSecrets() string {
+	if i == nil || i.Secrets == nil {
 		return ""
 	}
-	return *m.Name
+	return *i.Secrets
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (m *Metric) GetNodeID() string {
-	if m == nil || m.NodeID == nil {
+// GetSecretScanningAlerts returns the SecretScanningAlerts field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetSecretScanningAlerts() string {
+	if i == nil || i.SecretScanningAlerts == nil {
 		return ""
 	}
-	return *m.NodeID
+	return *i.SecretScanningAlerts
 }
 
-// GetSPDXID returns the SPDXID field if it's non-nil, zero value otherwise.
-func (m *Metric) GetSPDXID() string {
-	if m == nil || m.SPDXID == nil {
+// GetSecurityEvents returns the SecurityEvents field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetSecurityEvents() string {
+	if i == nil || i.SecurityEvents == nil {
 		return ""
 	}
-	return *m.SPDXID
+	return *i.SecurityEvents
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (m *Metric) GetURL() string {
-	if m == nil || m.URL == nil {
+// GetSingleFile returns the SingleFile field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetSingleFile() string {
+	if i == nil || i.SingleFile == nil {
 		return ""
 	}
-	return *m.URL
+	return *i.SingleFile
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (m *Migration) GetCreatedAt() string {
-	if m == nil || m.CreatedAt == nil {
+// GetStarring returns the Starring field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetStarring() string {
+	if i == nil || i.Starring == nil {
 		return ""
 	}
-	return *m.CreatedAt
+	return *i.Starring
 }
 
-// GetExcludeAttachments returns the ExcludeAttachments field if it's non-nil, zero value otherwise.
-func (m *Migration) GetExcludeAttachments() bool {
-	if m == nil || m.ExcludeAttachments == nil {
-		return false
+// GetStatuses returns the Statuses field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetStatuses() string {
+	if i == nil || i.Statuses == nil {
+		return ""
 	}
-	return *m.ExcludeAttachments
+	return *i.Statuses
 }
 
-// GetGUID returns the GUID field if it's non-nil, zero value otherwise.
-func (m *Migration) GetGUID() string {
-	if m == nil || m.GUID == nil {
+// GetTeamDiscussions returns the TeamDiscussions field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetTeamDiscussions() string {
+	if i == nil || i.TeamDiscussions == nil {
 		return ""
 	}
-	return *m.GUID
+	return *i.TeamDiscussions
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (m *Migration) GetID() int64 {
-	if m == nil || m.ID == nil {
-		return 0
+// GetUserEvents returns the UserEvents field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetUserEvents() string {
+	if i == nil || i.UserEvents == nil {
+		return ""
 	}
-	return *m.ID
+	return *i.UserEvents
 }
 
-// GetLockRepositories returns the LockRepositories field if it's non-nil, zero value otherwise.
-func (m *Migration) GetLockRepositories() bool {
-	if m == nil || m.LockRepositories == nil {
-		return false
+// GetVulnerabilityAlerts returns the VulnerabilityAlerts field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetVulnerabilityAlerts() string {
+	if i == nil || i.VulnerabilityAlerts == nil {
+		return ""
 	}
-	return *m.LockRepositories
+	return *i.VulnerabilityAlerts
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (m *Migration) GetState() string {
-	if m == nil || m.State == nil {
+// GetWatching returns the Watching field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetWatching() string {
+	if i == nil || i.Watching == nil {
 		return ""
 	}
-	return *m.State
+	return *i.Watching
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (m *Migration) GetUpdatedAt() string {
-	if m == nil || m.UpdatedAt == nil {
+// GetWorkflows returns the Workflows field if it's non-nil, zero value otherwise.
+func (i *InstallationPermissions) GetWorkflows() string {
+	if i == nil || i.Workflows == nil {
 		return ""
 	}
-	return *m.UpdatedAt
+	return *i.Workflows
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (m *Migration) GetURL() string {
-	if m == nil || m.URL == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (i *InstallationRepositoriesEvent) GetAction() string {
+	if i == nil || i.Action == nil {
 		return ""
 	}
-	return *m.URL
+	return *i.Action
 }
 
-// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetClosedAt() Timestamp {
-	if m == nil || m.ClosedAt == nil {
-		return Timestamp{}
+// GetInstallation returns the Installation field.
+func (i *InstallationRepositoriesEvent) GetInstallation() *Installation {
+	if i == nil {
+		return nil
 	}
-	return *m.ClosedAt
+	return i.Installation
 }
 
-// GetClosedIssues returns the ClosedIssues field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetClosedIssues() int {
-	if m == nil || m.ClosedIssues == nil {
-		return 0
+// GetOrg returns the Org field.
+func (i *InstallationRepositoriesEvent) GetOrg() *Organization {
+	if i == nil {
+		return nil
 	}
-	return *m.ClosedIssues
+	return i.Org
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetCreatedAt() Timestamp {
-	if m == nil || m.CreatedAt == nil {
-		return Timestamp{}
+// GetRepositorySelection returns the RepositorySelection field if it's non-nil, zero value otherwise.
+func (i *InstallationRepositoriesEvent) GetRepositorySelection() string {
+	if i == nil || i.RepositorySelection == nil {
+		return ""
 	}
-	return *m.CreatedAt
+	return *i.RepositorySelection
 }
 
-// GetCreator returns the Creator field.
-func (m *Milestone) GetCreator() *User {
-	if m == nil {
+// GetSender returns the Sender field.
+func (i *InstallationRepositoriesEvent) GetSender() *User {
+	if i == nil {
 		return nil
 	}
-	return m.Creator
+	return i.Sender
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetDescription() string {
-	if m == nil || m.Description == nil {
-		return ""
-	}
-	return *m.Description
-}
-
-// GetDueOn returns the DueOn field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetDueOn() Timestamp {
-	if m == nil || m.DueOn == nil {
-		return Timestamp{}
+// GetAccount returns the Account field.
+func (i *InstallationRequest) GetAccount() *User {
+	if i == nil {
+		return nil
 	}
-	return *m.DueOn
+	return i.Account
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetHTMLURL() string {
-	if m == nil || m.HTMLURL == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (i *InstallationRequest) GetCreatedAt() Timestamp {
+	if i == nil || i.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *m.HTMLURL
+	return *i.CreatedAt
 }
 
 // GetID returns the ID field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetID() int64 {
-	if m == nil || m.ID == nil {
+func (i *InstallationRequest) GetID() int64 {
+	if i == nil || i.ID == nil {
 		return 0
 	}
-	return *m.ID
-}
-
-// GetLabelsURL returns the LabelsURL field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetLabelsURL() string {
-	if m == nil || m.LabelsURL == nil {
-		return ""
-	}
-	return *m.LabelsURL
+	return *i.ID
 }
 
 // GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetNodeID() string {
-	if m == nil || m.NodeID == nil {
+func (i *InstallationRequest) GetNodeID() string {
+	if i == nil || i.NodeID == nil {
 		return ""
 	}
-	return *m.NodeID
-}
-
-// GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetNumber() int {
-	if m == nil || m.Number == nil {
-		return 0
-	}
-	return *m.Number
-}
-
-// GetOpenIssues returns the OpenIssues field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetOpenIssues() int {
-	if m == nil || m.OpenIssues == nil {
-		return 0
-	}
-	return *m.OpenIssues
+	return *i.NodeID
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetState() string {
-	if m == nil || m.State == nil {
-		return ""
+// GetRequester returns the Requester field.
+func (i *InstallationRequest) GetRequester() *User {
+	if i == nil {
+		return nil
 	}
-	return *m.State
+	return i.Requester
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetTitle() string {
-	if m == nil || m.Title == nil {
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (i *InstallationSlugChange) GetFrom() string {
+	if i == nil || i.From == nil {
 		return ""
 	}
-	return *m.Title
-}
-
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetUpdatedAt() Timestamp {
-	if m == nil || m.UpdatedAt == nil {
-		return Timestamp{}
-	}
-	return *m.UpdatedAt
+	return *i.From
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (m *Milestone) GetURL() string {
-	if m == nil || m.URL == nil {
-		return ""
+// GetAccount returns the Account field.
+func (i *InstallationTargetEvent) GetAccount() *User {
+	if i == nil {
+		return nil
 	}
-	return *m.URL
+	return i.Account
 }
 
 // GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (m *MilestoneEvent) GetAction() string {
-	if m == nil || m.Action == nil {
+func (i *InstallationTargetEvent) GetAction() string {
+	if i == nil || i.Action == nil {
 		return ""
 	}
-	return *m.Action
+	return *i.Action
 }
 
 // GetChanges returns the Changes field.
-func (m *MilestoneEvent) GetChanges() *EditChange {
-	if m == nil {
+func (i *InstallationTargetEvent) GetChanges() *InstallationChanges {
+	if i == nil {
 		return nil
 	}
-	return m.Changes
+	return i.Changes
 }
 
-// GetInstallation returns the Installation field.
-func (m *MilestoneEvent) GetInstallation() *Installation {
-	if m == nil {
+// GetEnterprise returns the Enterprise field.
+func (i *InstallationTargetEvent) GetEnterprise() *Enterprise {
+	if i == nil {
 		return nil
 	}
-	return m.Installation
+	return i.Enterprise
 }
 
-// GetMilestone returns the Milestone field.
-func (m *MilestoneEvent) GetMilestone() *Milestone {
-	if m == nil {
+// GetInstallation returns the Installation field.
+func (i *InstallationTargetEvent) GetInstallation() *Installation {
+	if i == nil {
 		return nil
 	}
-	return m.Milestone
+	return i.Installation
 }
 
-// GetOrg returns the Org field.
-func (m *MilestoneEvent) GetOrg() *Organization {
-	if m == nil {
+// GetOrganization returns the Organization field.
+func (i *InstallationTargetEvent) GetOrganization() *Organization {
+	if i == nil {
 		return nil
 	}
-	return m.Org
+	return i.Organization
 }
 
-// GetRepo returns the Repo field.
-func (m *MilestoneEvent) GetRepo() *Repository {
-	if m == nil {
+// GetRepository returns the Repository field.
+func (i *InstallationTargetEvent) GetRepository() *Repository {
+	if i == nil {
 		return nil
 	}
-	return m.Repo
+	return i.Repository
 }
 
 // GetSender returns the Sender field.
-func (m *MilestoneEvent) GetSender() *User {
-	if m == nil {
+func (i *InstallationTargetEvent) GetSender() *User {
+	if i == nil {
 		return nil
 	}
-	return m.Sender
+	return i.Sender
 }
 
-// GetClosedMilestones returns the ClosedMilestones field if it's non-nil, zero value otherwise.
-func (m *MilestoneStats) GetClosedMilestones() int {
-	if m == nil || m.ClosedMilestones == nil {
-		return 0
+// GetTargetType returns the TargetType field if it's non-nil, zero value otherwise.
+func (i *InstallationTargetEvent) GetTargetType() string {
+	if i == nil || i.TargetType == nil {
+		return ""
 	}
-	return *m.ClosedMilestones
+	return *i.TargetType
 }
 
-// GetOpenMilestones returns the OpenMilestones field if it's non-nil, zero value otherwise.
-func (m *MilestoneStats) GetOpenMilestones() int {
-	if m == nil || m.OpenMilestones == nil {
-		return 0
+// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
+func (i *InstallationToken) GetExpiresAt() Timestamp {
+	if i == nil || i.ExpiresAt == nil {
+		return Timestamp{}
 	}
-	return *m.OpenMilestones
+	return *i.ExpiresAt
 }
 
-// GetTotalMilestones returns the TotalMilestones field if it's non-nil, zero value otherwise.
-func (m *MilestoneStats) GetTotalMilestones() int {
-	if m == nil || m.TotalMilestones == nil {
-		return 0
+// GetPermissions returns the Permissions field.
+func (i *InstallationToken) GetPermissions() *InstallationPermissions {
+	if i == nil {
+		return nil
 	}
-	return *m.TotalMilestones
+	return i.Permissions
 }
 
-// GetAnalysisKey returns the AnalysisKey field if it's non-nil, zero value otherwise.
-func (m *MostRecentInstance) GetAnalysisKey() string {
-	if m == nil || m.AnalysisKey == nil {
+// GetToken returns the Token field if it's non-nil, zero value otherwise.
+func (i *InstallationToken) GetToken() string {
+	if i == nil || i.Token == nil {
 		return ""
 	}
-	return *m.AnalysisKey
+	return *i.Token
 }
 
-// GetCategory returns the Category field if it's non-nil, zero value otherwise.
-func (m *MostRecentInstance) GetCategory() string {
-	if m == nil || m.Category == nil {
-		return ""
+// GetPermissions returns the Permissions field.
+func (i *InstallationTokenListRepoOptions) GetPermissions() *InstallationPermissions {
+	if i == nil {
+		return nil
 	}
-	return *m.Category
+	return i.Permissions
 }
 
-// GetCommitSHA returns the CommitSHA field if it's non-nil, zero value otherwise.
-func (m *MostRecentInstance) GetCommitSHA() string {
-	if m == nil || m.CommitSHA == nil {
-		return ""
+// GetPermissions returns the Permissions field.
+func (i *InstallationTokenOptions) GetPermissions() *InstallationPermissions {
+	if i == nil {
+		return nil
 	}
-	return *m.CommitSHA
+	return i.Permissions
 }
 
-// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
-func (m *MostRecentInstance) GetEnvironment() string {
-	if m == nil || m.Environment == nil {
-		return ""
+// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
+func (i *InteractionRestriction) GetExpiresAt() Timestamp {
+	if i == nil || i.ExpiresAt == nil {
+		return Timestamp{}
 	}
-	return *m.Environment
+	return *i.ExpiresAt
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (m *MostRecentInstance) GetHTMLURL() string {
-	if m == nil || m.HTMLURL == nil {
+// GetLimit returns the Limit field if it's non-nil, zero value otherwise.
+func (i *InteractionRestriction) GetLimit() string {
+	if i == nil || i.Limit == nil {
 		return ""
 	}
-	return *m.HTMLURL
+	return *i.Limit
 }
 
-// GetLocation returns the Location field.
-func (m *MostRecentInstance) GetLocation() *Location {
-	if m == nil {
-		return nil
+// GetOrigin returns the Origin field if it's non-nil, zero value otherwise.
+func (i *InteractionRestriction) GetOrigin() string {
+	if i == nil || i.Origin == nil {
+		return ""
 	}
-	return m.Location
+	return *i.Origin
 }
 
-// GetMessage returns the Message field.
-func (m *MostRecentInstance) GetMessage() *Message {
-	if m == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (i *Invitation) GetCreatedAt() Timestamp {
+	if i == nil || i.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return m.Message
+	return *i.CreatedAt
 }
 
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (m *MostRecentInstance) GetRef() string {
-	if m == nil || m.Ref == nil {
+// GetEmail returns the Email field if it's non-nil, zero value otherwise.
+func (i *Invitation) GetEmail() string {
+	if i == nil || i.Email == nil {
 		return ""
 	}
-	return *m.Ref
+	return *i.Email
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (m *MostRecentInstance) GetState() string {
-	if m == nil || m.State == nil {
-		return ""
+// GetFailedAt returns the FailedAt field if it's non-nil, zero value otherwise.
+func (i *Invitation) GetFailedAt() Timestamp {
+	if i == nil || i.FailedAt == nil {
+		return Timestamp{}
 	}
-	return *m.State
+	return *i.FailedAt
 }
 
-// GetBase returns the Base field if it's non-nil, zero value otherwise.
-func (n *NewPullRequest) GetBase() string {
-	if n == nil || n.Base == nil {
-		return ""
-	}
-	return *n.Base
-}
-
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (n *NewPullRequest) GetBody() string {
-	if n == nil || n.Body == nil {
+// GetFailedReason returns the FailedReason field if it's non-nil, zero value otherwise.
+func (i *Invitation) GetFailedReason() string {
+	if i == nil || i.FailedReason == nil {
 		return ""
 	}
-	return *n.Body
-}
-
-// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
-func (n *NewPullRequest) GetDraft() bool {
-	if n == nil || n.Draft == nil {
-		return false
-	}
-	return *n.Draft
+	return *i.FailedReason
 }
 
-// GetHead returns the Head field if it's non-nil, zero value otherwise.
-func (n *NewPullRequest) GetHead() string {
-	if n == nil || n.Head == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (i *Invitation) GetID() int64 {
+	if i == nil || i.ID == nil {
+		return 0
 	}
-	return *n.Head
+	return *i.ID
 }
 
-// GetHeadRepo returns the HeadRepo field if it's non-nil, zero value otherwise.
-func (n *NewPullRequest) GetHeadRepo() string {
-	if n == nil || n.HeadRepo == nil {
+// GetInvitationTeamURL returns the InvitationTeamURL field if it's non-nil, zero value otherwise.
+func (i *Invitation) GetInvitationTeamURL() string {
+	if i == nil || i.InvitationTeamURL == nil {
 		return ""
 	}
-	return *n.HeadRepo
-}
-
-// GetIssue returns the Issue field if it's non-nil, zero value otherwise.
-func (n *NewPullRequest) GetIssue() int {
-	if n == nil || n.Issue == nil {
-		return 0
-	}
-	return *n.Issue
+	return *i.InvitationTeamURL
 }
 
-// GetMaintainerCanModify returns the MaintainerCanModify field if it's non-nil, zero value otherwise.
-func (n *NewPullRequest) GetMaintainerCanModify() bool {
-	if n == nil || n.MaintainerCanModify == nil {
-		return false
+// GetInviter returns the Inviter field.
+func (i *Invitation) GetInviter() *User {
+	if i == nil {
+		return nil
 	}
-	return *n.MaintainerCanModify
+	return i.Inviter
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (n *NewPullRequest) GetTitle() string {
-	if n == nil || n.Title == nil {
+// GetLogin returns the Login field if it's non-nil, zero value otherwise.
+func (i *Invitation) GetLogin() string {
+	if i == nil || i.Login == nil {
 		return ""
 	}
-	return *n.Title
+	return *i.Login
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (n *NewTeam) GetDescription() string {
-	if n == nil || n.Description == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (i *Invitation) GetNodeID() string {
+	if i == nil || i.NodeID == nil {
 		return ""
 	}
-	return *n.Description
+	return *i.NodeID
 }
 
-// GetLDAPDN returns the LDAPDN field if it's non-nil, zero value otherwise.
-func (n *NewTeam) GetLDAPDN() string {
-	if n == nil || n.LDAPDN == nil {
+// GetRole returns the Role field if it's non-nil, zero value otherwise.
+func (i *Invitation) GetRole() string {
+	if i == nil || i.Role == nil {
 		return ""
 	}
-	return *n.LDAPDN
+	return *i.Role
 }
 
-// GetParentTeamID returns the ParentTeamID field if it's non-nil, zero value otherwise.
-func (n *NewTeam) GetParentTeamID() int64 {
-	if n == nil || n.ParentTeamID == nil {
+// GetTeamCount returns the TeamCount field if it's non-nil, zero value otherwise.
+func (i *Invitation) GetTeamCount() int {
+	if i == nil || i.TeamCount == nil {
 		return 0
 	}
-	return *n.ParentTeamID
+	return *i.TeamCount
 }
 
-// GetPermission returns the Permission field if it's non-nil, zero value otherwise.
-func (n *NewTeam) GetPermission() string {
-	if n == nil || n.Permission == nil {
+// GetActiveLockReason returns the ActiveLockReason field if it's non-nil, zero value otherwise.
+func (i *Issue) GetActiveLockReason() string {
+	if i == nil || i.ActiveLockReason == nil {
 		return ""
 	}
-	return *n.Permission
+	return *i.ActiveLockReason
 }
 
-// GetPrivacy returns the Privacy field if it's non-nil, zero value otherwise.
-func (n *NewTeam) GetPrivacy() string {
-	if n == nil || n.Privacy == nil {
-		return ""
+// GetAssignee returns the Assignee field.
+func (i *Issue) GetAssignee() *User {
+	if i == nil {
+		return nil
 	}
-	return *n.Privacy
+	return i.Assignee
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (n *Notification) GetID() string {
-	if n == nil || n.ID == nil {
+// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
+func (i *Issue) GetAuthorAssociation() string {
+	if i == nil || i.AuthorAssociation == nil {
 		return ""
 	}
-	return *n.ID
+	return *i.AuthorAssociation
 }
 
-// GetLastReadAt returns the LastReadAt field if it's non-nil, zero value otherwise.
-func (n *Notification) GetLastReadAt() Timestamp {
-	if n == nil || n.LastReadAt == nil {
-		return Timestamp{}
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (i *Issue) GetBody() string {
+	if i == nil || i.Body == nil {
+		return ""
 	}
-	return *n.LastReadAt
+	return *i.Body
 }
 
-// GetReason returns the Reason field if it's non-nil, zero value otherwise.
-func (n *Notification) GetReason() string {
-	if n == nil || n.Reason == nil {
-		return ""
+// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
+func (i *Issue) GetClosedAt() Timestamp {
+	if i == nil || i.ClosedAt == nil {
+		return Timestamp{}
 	}
-	return *n.Reason
+	return *i.ClosedAt
 }
 
-// GetRepository returns the Repository field.
-func (n *Notification) GetRepository() *Repository {
-	if n == nil {
+// GetClosedBy returns the ClosedBy field.
+func (i *Issue) GetClosedBy() *User {
+	if i == nil {
 		return nil
 	}
-	return n.Repository
+	return i.ClosedBy
 }
 
-// GetSubject returns the Subject field.
-func (n *Notification) GetSubject() *NotificationSubject {
-	if n == nil {
-		return nil
+// GetComments returns the Comments field if it's non-nil, zero value otherwise.
+func (i *Issue) GetComments() int {
+	if i == nil || i.Comments == nil {
+		return 0
 	}
-	return n.Subject
+	return *i.Comments
 }
 
-// GetUnread returns the Unread field if it's non-nil, zero value otherwise.
-func (n *Notification) GetUnread() bool {
-	if n == nil || n.Unread == nil {
-		return false
+// GetCommentsURL returns the CommentsURL field if it's non-nil, zero value otherwise.
+func (i *Issue) GetCommentsURL() string {
+	if i == nil || i.CommentsURL == nil {
+		return ""
 	}
-	return *n.Unread
+	return *i.CommentsURL
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (n *Notification) GetUpdatedAt() Timestamp {
-	if n == nil || n.UpdatedAt == nil {
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (i *Issue) GetCreatedAt() Timestamp {
+	if i == nil || i.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *n.UpdatedAt
+	return *i.CreatedAt
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (n *Notification) GetURL() string {
-	if n == nil || n.URL == nil {
-		return ""
+// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
+func (i *Issue) GetDraft() bool {
+	if i == nil || i.Draft == nil {
+		return false
 	}
-	return *n.URL
+	return *i.Draft
 }
 
-// GetLatestCommentURL returns the LatestCommentURL field if it's non-nil, zero value otherwise.
-func (n *NotificationSubject) GetLatestCommentURL() string {
-	if n == nil || n.LatestCommentURL == nil {
+// GetEventsURL returns the EventsURL field if it's non-nil, zero value otherwise.
+func (i *Issue) GetEventsURL() string {
+	if i == nil || i.EventsURL == nil {
 		return ""
 	}
-	return *n.LatestCommentURL
+	return *i.EventsURL
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (n *NotificationSubject) GetTitle() string {
-	if n == nil || n.Title == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (i *Issue) GetHTMLURL() string {
+	if i == nil || i.HTMLURL == nil {
 		return ""
 	}
-	return *n.Title
+	return *i.HTMLURL
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (n *NotificationSubject) GetType() string {
-	if n == nil || n.Type == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (i *Issue) GetID() int64 {
+	if i == nil || i.ID == nil {
+		return 0
 	}
-	return *n.Type
+	return *i.ID
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (n *NotificationSubject) GetURL() string {
-	if n == nil || n.URL == nil {
+// GetLabelsURL returns the LabelsURL field if it's non-nil, zero value otherwise.
+func (i *Issue) GetLabelsURL() string {
+	if i == nil || i.LabelsURL == nil {
 		return ""
 	}
-	return *n.URL
+	return *i.LabelsURL
 }
 
-// GetClientID returns the ClientID field if it's non-nil, zero value otherwise.
-func (o *OAuthAPP) GetClientID() string {
-	if o == nil || o.ClientID == nil {
-		return ""
+// GetLocked returns the Locked field if it's non-nil, zero value otherwise.
+func (i *Issue) GetLocked() bool {
+	if i == nil || i.Locked == nil {
+		return false
 	}
-	return *o.ClientID
+	return *i.Locked
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (o *OAuthAPP) GetName() string {
-	if o == nil || o.Name == nil {
-		return ""
+// GetMilestone returns the Milestone field.
+func (i *Issue) GetMilestone() *Milestone {
+	if i == nil {
+		return nil
 	}
-	return *o.Name
+	return i.Milestone
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (o *OAuthAPP) GetURL() string {
-	if o == nil || o.URL == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (i *Issue) GetNodeID() string {
+	if i == nil || i.NodeID == nil {
 		return ""
 	}
-	return *o.URL
+	return *i.NodeID
 }
 
-// GetUseDefault returns the UseDefault field if it's non-nil, zero value otherwise.
-func (o *OIDCSubjectClaimCustomTemplate) GetUseDefault() bool {
-	if o == nil || o.UseDefault == nil {
-		return false
+// GetNumber returns the Number field if it's non-nil, zero value otherwise.
+func (i *Issue) GetNumber() int {
+	if i == nil || i.Number == nil {
+		return 0
 	}
-	return *o.UseDefault
+	return *i.Number
 }
 
-// GetAdvancedSecurityEnabledForNewRepos returns the AdvancedSecurityEnabledForNewRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetAdvancedSecurityEnabledForNewRepos() bool {
-	if o == nil || o.AdvancedSecurityEnabledForNewRepos == nil {
-		return false
-	}
-	return *o.AdvancedSecurityEnabledForNewRepos
-}
-
-// GetAvatarURL returns the AvatarURL field if it's non-nil, zero value otherwise.
-func (o *Organization) GetAvatarURL() string {
-	if o == nil || o.AvatarURL == nil {
-		return ""
+// GetPullRequestLinks returns the PullRequestLinks field.
+func (i *Issue) GetPullRequestLinks() *PullRequestLinks {
+	if i == nil {
+		return nil
 	}
-	return *o.AvatarURL
+	return i.PullRequestLinks
 }
 
-// GetBillingEmail returns the BillingEmail field if it's non-nil, zero value otherwise.
-func (o *Organization) GetBillingEmail() string {
-	if o == nil || o.BillingEmail == nil {
-		return ""
+// GetReactions returns the Reactions field.
+func (i *Issue) GetReactions() *Reactions {
+	if i == nil {
+		return nil
 	}
-	return *o.BillingEmail
+	return i.Reactions
 }
 
-// GetBlog returns the Blog field if it's non-nil, zero value otherwise.
-func (o *Organization) GetBlog() string {
-	if o == nil || o.Blog == nil {
-		return ""
+// GetRepository returns the Repository field.
+func (i *Issue) GetRepository() *Repository {
+	if i == nil {
+		return nil
 	}
-	return *o.Blog
+	return i.Repository
 }
 
-// GetCollaborators returns the Collaborators field if it's non-nil, zero value otherwise.
-func (o *Organization) GetCollaborators() int {
-	if o == nil || o.Collaborators == nil {
-		return 0
+// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
+func (i *Issue) GetRepositoryURL() string {
+	if i == nil || i.RepositoryURL == nil {
+		return ""
 	}
-	return *o.Collaborators
+	return *i.RepositoryURL
 }
 
-// GetCompany returns the Company field if it's non-nil, zero value otherwise.
-func (o *Organization) GetCompany() string {
-	if o == nil || o.Company == nil {
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (i *Issue) GetState() string {
+	if i == nil || i.State == nil {
 		return ""
 	}
-	return *o.Company
+	return *i.State
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (o *Organization) GetCreatedAt() Timestamp {
-	if o == nil || o.CreatedAt == nil {
-		return Timestamp{}
+// GetStateReason returns the StateReason field if it's non-nil, zero value otherwise.
+func (i *Issue) GetStateReason() string {
+	if i == nil || i.StateReason == nil {
+		return ""
 	}
-	return *o.CreatedAt
+	return *i.StateReason
 }
 
-// GetDefaultRepoPermission returns the DefaultRepoPermission field if it's non-nil, zero value otherwise.
-func (o *Organization) GetDefaultRepoPermission() string {
-	if o == nil || o.DefaultRepoPermission == nil {
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (i *Issue) GetTitle() string {
+	if i == nil || i.Title == nil {
 		return ""
 	}
-	return *o.DefaultRepoPermission
+	return *i.Title
 }
 
-// GetDefaultRepoSettings returns the DefaultRepoSettings field if it's non-nil, zero value otherwise.
-func (o *Organization) GetDefaultRepoSettings() string {
-	if o == nil || o.DefaultRepoSettings == nil {
-		return ""
+// GetType returns the Type field.
+func (i *Issue) GetType() *IssueType {
+	if i == nil {
+		return nil
 	}
-	return *o.DefaultRepoSettings
+	return i.Type
 }
 
-// GetDependabotAlertsEnabledForNewRepos returns the DependabotAlertsEnabledForNewRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetDependabotAlertsEnabledForNewRepos() bool {
-	if o == nil || o.DependabotAlertsEnabledForNewRepos == nil {
-		return false
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (i *Issue) GetUpdatedAt() Timestamp {
+	if i == nil || i.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *o.DependabotAlertsEnabledForNewRepos
+	return *i.UpdatedAt
 }
 
-// GetDependabotSecurityUpdatesEnabledForNewRepos returns the DependabotSecurityUpdatesEnabledForNewRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetDependabotSecurityUpdatesEnabledForNewRepos() bool {
-	if o == nil || o.DependabotSecurityUpdatesEnabledForNewRepos == nil {
-		return false
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (i *Issue) GetURL() string {
+	if i == nil || i.URL == nil {
+		return ""
 	}
-	return *o.DependabotSecurityUpdatesEnabledForNewRepos
+	return *i.URL
 }
 
-// GetDependencyGraphEnabledForNewRepos returns the DependencyGraphEnabledForNewRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetDependencyGraphEnabledForNewRepos() bool {
-	if o == nil || o.DependencyGraphEnabledForNewRepos == nil {
-		return false
+// GetUser returns the User field.
+func (i *Issue) GetUser() *User {
+	if i == nil {
+		return nil
 	}
-	return *o.DependencyGraphEnabledForNewRepos
+	return i.User
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (o *Organization) GetDescription() string {
-	if o == nil || o.Description == nil {
+// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
+func (i *IssueComment) GetAuthorAssociation() string {
+	if i == nil || i.AuthorAssociation == nil {
 		return ""
 	}
-	return *o.Description
+	return *i.AuthorAssociation
 }
 
-// GetDiskUsage returns the DiskUsage field if it's non-nil, zero value otherwise.
-func (o *Organization) GetDiskUsage() int {
-	if o == nil || o.DiskUsage == nil {
-		return 0
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (i *IssueComment) GetBody() string {
+	if i == nil || i.Body == nil {
+		return ""
 	}
-	return *o.DiskUsage
+	return *i.Body
 }
 
-// GetEmail returns the Email field if it's non-nil, zero value otherwise.
-func (o *Organization) GetEmail() string {
-	if o == nil || o.Email == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (i *IssueComment) GetCreatedAt() Timestamp {
+	if i == nil || i.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *o.Email
+	return *i.CreatedAt
 }
 
-// GetEventsURL returns the EventsURL field if it's non-nil, zero value otherwise.
-func (o *Organization) GetEventsURL() string {
-	if o == nil || o.EventsURL == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (i *IssueComment) GetHTMLURL() string {
+	if i == nil || i.HTMLURL == nil {
 		return ""
 	}
-	return *o.EventsURL
+	return *i.HTMLURL
 }
 
-// GetFollowers returns the Followers field if it's non-nil, zero value otherwise.
-func (o *Organization) GetFollowers() int {
-	if o == nil || o.Followers == nil {
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (i *IssueComment) GetID() int64 {
+	if i == nil || i.ID == nil {
 		return 0
 	}
-	return *o.Followers
+	return *i.ID
 }
 
-// GetFollowing returns the Following field if it's non-nil, zero value otherwise.
-func (o *Organization) GetFollowing() int {
-	if o == nil || o.Following == nil {
-		return 0
+// GetIssueURL returns the IssueURL field if it's non-nil, zero value otherwise.
+func (i *IssueComment) GetIssueURL() string {
+	if i == nil || i.IssueURL == nil {
+		return ""
 	}
-	return *o.Following
+	return *i.IssueURL
 }
 
-// GetHasOrganizationProjects returns the HasOrganizationProjects field if it's non-nil, zero value otherwise.
-func (o *Organization) GetHasOrganizationProjects() bool {
-	if o == nil || o.HasOrganizationProjects == nil {
-		return false
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (i *IssueComment) GetNodeID() string {
+	if i == nil || i.NodeID == nil {
+		return ""
 	}
-	return *o.HasOrganizationProjects
+	return *i.NodeID
 }
 
-// GetHasRepositoryProjects returns the HasRepositoryProjects field if it's non-nil, zero value otherwise.
-func (o *Organization) GetHasRepositoryProjects() bool {
-	if o == nil || o.HasRepositoryProjects == nil {
-		return false
+// GetReactions returns the Reactions field.
+func (i *IssueComment) GetReactions() *Reactions {
+	if i == nil {
+		return nil
 	}
-	return *o.HasRepositoryProjects
+	return i.Reactions
 }
 
-// GetHooksURL returns the HooksURL field if it's non-nil, zero value otherwise.
-func (o *Organization) GetHooksURL() string {
-	if o == nil || o.HooksURL == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (i *IssueComment) GetUpdatedAt() Timestamp {
+	if i == nil || i.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *o.HooksURL
+	return *i.UpdatedAt
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (o *Organization) GetHTMLURL() string {
-	if o == nil || o.HTMLURL == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (i *IssueComment) GetURL() string {
+	if i == nil || i.URL == nil {
 		return ""
 	}
-	return *o.HTMLURL
+	return *i.URL
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (o *Organization) GetID() int64 {
-	if o == nil || o.ID == nil {
-		return 0
+// GetUser returns the User field.
+func (i *IssueComment) GetUser() *User {
+	if i == nil {
+		return nil
 	}
-	return *o.ID
+	return i.User
 }
 
-// GetIssuesURL returns the IssuesURL field if it's non-nil, zero value otherwise.
-func (o *Organization) GetIssuesURL() string {
-	if o == nil || o.IssuesURL == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (i *IssueCommentEvent) GetAction() string {
+	if i == nil || i.Action == nil {
 		return ""
 	}
-	return *o.IssuesURL
+	return *i.Action
 }
 
-// GetIsVerified returns the IsVerified field if it's non-nil, zero value otherwise.
-func (o *Organization) GetIsVerified() bool {
-	if o == nil || o.IsVerified == nil {
-		return false
+// GetChanges returns the Changes field.
+func (i *IssueCommentEvent) GetChanges() *EditChange {
+	if i == nil {
+		return nil
 	}
-	return *o.IsVerified
+	return i.Changes
 }
 
-// GetLocation returns the Location field if it's non-nil, zero value otherwise.
-func (o *Organization) GetLocation() string {
-	if o == nil || o.Location == nil {
-		return ""
+// GetComment returns the Comment field.
+func (i *IssueCommentEvent) GetComment() *IssueComment {
+	if i == nil {
+		return nil
 	}
-	return *o.Location
+	return i.Comment
 }
 
-// GetLogin returns the Login field if it's non-nil, zero value otherwise.
-func (o *Organization) GetLogin() string {
-	if o == nil || o.Login == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (i *IssueCommentEvent) GetInstallation() *Installation {
+	if i == nil {
+		return nil
 	}
-	return *o.Login
+	return i.Installation
 }
 
-// GetMembersAllowedRepositoryCreationType returns the MembersAllowedRepositoryCreationType field if it's non-nil, zero value otherwise.
-func (o *Organization) GetMembersAllowedRepositoryCreationType() string {
-	if o == nil || o.MembersAllowedRepositoryCreationType == nil {
-		return ""
+// GetIssue returns the Issue field.
+func (i *IssueCommentEvent) GetIssue() *Issue {
+	if i == nil {
+		return nil
 	}
-	return *o.MembersAllowedRepositoryCreationType
+	return i.Issue
 }
 
-// GetMembersCanCreateInternalRepos returns the MembersCanCreateInternalRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetMembersCanCreateInternalRepos() bool {
-	if o == nil || o.MembersCanCreateInternalRepos == nil {
+// GetOrganization returns the Organization field.
+func (i *IssueCommentEvent) GetOrganization() *Organization {
+	if i == nil {
+		return nil
+	}
+	return i.Organization
+}
+
+// GetRepo returns the Repo field.
+func (i *IssueCommentEvent) GetRepo() *Repository {
+	if i == nil {
+		return nil
+	}
+	return i.Repo
+}
+
+// GetSender returns the Sender field.
+func (i *IssueCommentEvent) GetSender() *User {
+	if i == nil {
+		return nil
+	}
+	return i.Sender
+}
+
+// GetActor returns the Actor field.
+func (i *IssueEvent) GetActor() *User {
+	if i == nil {
+		return nil
+	}
+	return i.Actor
+}
+
+// GetAssignee returns the Assignee field.
+func (i *IssueEvent) GetAssignee() *User {
+	if i == nil {
+		return nil
+	}
+	return i.Assignee
+}
+
+// GetAssigner returns the Assigner field.
+func (i *IssueEvent) GetAssigner() *User {
+	if i == nil {
+		return nil
+	}
+	return i.Assigner
+}
+
+// GetCommitID returns the CommitID field if it's non-nil, zero value otherwise.
+func (i *IssueEvent) GetCommitID() string {
+	if i == nil || i.CommitID == nil {
+		return ""
+	}
+	return *i.CommitID
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (i *IssueEvent) GetCreatedAt() Timestamp {
+	if i == nil || i.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *i.CreatedAt
+}
+
+// GetDismissedReview returns the DismissedReview field.
+func (i *IssueEvent) GetDismissedReview() *DismissedReview {
+	if i == nil {
+		return nil
+	}
+	return i.DismissedReview
+}
+
+// GetEvent returns the Event field if it's non-nil, zero value otherwise.
+func (i *IssueEvent) GetEvent() string {
+	if i == nil || i.Event == nil {
+		return ""
+	}
+	return *i.Event
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (i *IssueEvent) GetID() int64 {
+	if i == nil || i.ID == nil {
+		return 0
+	}
+	return *i.ID
+}
+
+// GetIssue returns the Issue field.
+func (i *IssueEvent) GetIssue() *Issue {
+	if i == nil {
+		return nil
+	}
+	return i.Issue
+}
+
+// GetLabel returns the Label field.
+func (i *IssueEvent) GetLabel() *Label {
+	if i == nil {
+		return nil
+	}
+	return i.Label
+}
+
+// GetLockReason returns the LockReason field if it's non-nil, zero value otherwise.
+func (i *IssueEvent) GetLockReason() string {
+	if i == nil || i.LockReason == nil {
+		return ""
+	}
+	return *i.LockReason
+}
+
+// GetMilestone returns the Milestone field.
+func (i *IssueEvent) GetMilestone() *Milestone {
+	if i == nil {
+		return nil
+	}
+	return i.Milestone
+}
+
+// GetPerformedViaGithubApp returns the PerformedViaGithubApp field.
+func (i *IssueEvent) GetPerformedViaGithubApp() *App {
+	if i == nil {
+		return nil
+	}
+	return i.PerformedViaGithubApp
+}
+
+// GetRename returns the Rename field.
+func (i *IssueEvent) GetRename() *Rename {
+	if i == nil {
+		return nil
+	}
+	return i.Rename
+}
+
+// GetRepository returns the Repository field.
+func (i *IssueEvent) GetRepository() *Repository {
+	if i == nil {
+		return nil
+	}
+	return i.Repository
+}
+
+// GetRequestedReviewer returns the RequestedReviewer field.
+func (i *IssueEvent) GetRequestedReviewer() *User {
+	if i == nil {
+		return nil
+	}
+	return i.RequestedReviewer
+}
+
+// GetRequestedTeam returns the RequestedTeam field.
+func (i *IssueEvent) GetRequestedTeam() *Team {
+	if i == nil {
+		return nil
+	}
+	return i.RequestedTeam
+}
+
+// GetReviewRequester returns the ReviewRequester field.
+func (i *IssueEvent) GetReviewRequester() *User {
+	if i == nil {
+		return nil
+	}
+	return i.ReviewRequester
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (i *IssueEvent) GetURL() string {
+	if i == nil || i.URL == nil {
+		return ""
+	}
+	return *i.URL
+}
+
+// GetAssignee returns the Assignee field if it's non-nil, zero value otherwise.
+func (i *IssueImport) GetAssignee() string {
+	if i == nil || i.Assignee == nil {
+		return ""
+	}
+	return *i.Assignee
+}
+
+// GetClosed returns the Closed field if it's non-nil, zero value otherwise.
+func (i *IssueImport) GetClosed() bool {
+	if i == nil || i.Closed == nil {
 		return false
 	}
-	return *o.MembersCanCreateInternalRepos
+	return *i.Closed
+}
+
+// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
+func (i *IssueImport) GetClosedAt() Timestamp {
+	if i == nil || i.ClosedAt == nil {
+		return Timestamp{}
+	}
+	return *i.ClosedAt
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (i *IssueImport) GetCreatedAt() Timestamp {
+	if i == nil || i.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *i.CreatedAt
+}
+
+// GetMilestone returns the Milestone field if it's non-nil, zero value otherwise.
+func (i *IssueImport) GetMilestone() int {
+	if i == nil || i.Milestone == nil {
+		return 0
+	}
+	return *i.Milestone
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (i *IssueImport) GetUpdatedAt() Timestamp {
+	if i == nil || i.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *i.UpdatedAt
+}
+
+// GetCode returns the Code field if it's non-nil, zero value otherwise.
+func (i *IssueImportError) GetCode() string {
+	if i == nil || i.Code == nil {
+		return ""
+	}
+	return *i.Code
+}
+
+// GetField returns the Field field if it's non-nil, zero value otherwise.
+func (i *IssueImportError) GetField() string {
+	if i == nil || i.Field == nil {
+		return ""
+	}
+	return *i.Field
+}
+
+// GetLocation returns the Location field if it's non-nil, zero value otherwise.
+func (i *IssueImportError) GetLocation() string {
+	if i == nil || i.Location == nil {
+		return ""
+	}
+	return *i.Location
+}
+
+// GetResource returns the Resource field if it's non-nil, zero value otherwise.
+func (i *IssueImportError) GetResource() string {
+	if i == nil || i.Resource == nil {
+		return ""
+	}
+	return *i.Resource
+}
+
+// GetValue returns the Value field if it's non-nil, zero value otherwise.
+func (i *IssueImportError) GetValue() string {
+	if i == nil || i.Value == nil {
+		return ""
+	}
+	return *i.Value
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (i *IssueImportResponse) GetCreatedAt() Timestamp {
+	if i == nil || i.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *i.CreatedAt
+}
+
+// GetDocumentationURL returns the DocumentationURL field if it's non-nil, zero value otherwise.
+func (i *IssueImportResponse) GetDocumentationURL() string {
+	if i == nil || i.DocumentationURL == nil {
+		return ""
+	}
+	return *i.DocumentationURL
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (i *IssueImportResponse) GetID() int {
+	if i == nil || i.ID == nil {
+		return 0
+	}
+	return *i.ID
+}
+
+// GetImportIssuesURL returns the ImportIssuesURL field if it's non-nil, zero value otherwise.
+func (i *IssueImportResponse) GetImportIssuesURL() string {
+	if i == nil || i.ImportIssuesURL == nil {
+		return ""
+	}
+	return *i.ImportIssuesURL
+}
+
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (i *IssueImportResponse) GetMessage() string {
+	if i == nil || i.Message == nil {
+		return ""
+	}
+	return *i.Message
+}
+
+// GetRepositoryURL returns the RepositoryURL field if it's non-nil, zero value otherwise.
+func (i *IssueImportResponse) GetRepositoryURL() string {
+	if i == nil || i.RepositoryURL == nil {
+		return ""
+	}
+	return *i.RepositoryURL
+}
+
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (i *IssueImportResponse) GetStatus() string {
+	if i == nil || i.Status == nil {
+		return ""
+	}
+	return *i.Status
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (i *IssueImportResponse) GetUpdatedAt() Timestamp {
+	if i == nil || i.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *i.UpdatedAt
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (i *IssueImportResponse) GetURL() string {
+	if i == nil || i.URL == nil {
+		return ""
+	}
+	return *i.URL
+}
+
+// GetDirection returns the Direction field if it's non-nil, zero value otherwise.
+func (i *IssueListCommentsOptions) GetDirection() string {
+	if i == nil || i.Direction == nil {
+		return ""
+	}
+	return *i.Direction
+}
+
+// GetSince returns the Since field if it's non-nil, zero value otherwise.
+func (i *IssueListCommentsOptions) GetSince() time.Time {
+	if i == nil || i.Since == nil {
+		return time.Time{}
+	}
+	return *i.Since
+}
+
+// GetSort returns the Sort field if it's non-nil, zero value otherwise.
+func (i *IssueListCommentsOptions) GetSort() string {
+	if i == nil || i.Sort == nil {
+		return ""
+	}
+	return *i.Sort
+}
+
+// GetAssignee returns the Assignee field if it's non-nil, zero value otherwise.
+func (i *IssueRequest) GetAssignee() string {
+	if i == nil || i.Assignee == nil {
+		return ""
+	}
+	return *i.Assignee
+}
+
+// GetAssignees returns the Assignees field if it's non-nil, zero value otherwise.
+func (i *IssueRequest) GetAssignees() []string {
+	if i == nil || i.Assignees == nil {
+		return nil
+	}
+	return *i.Assignees
+}
+
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (i *IssueRequest) GetBody() string {
+	if i == nil || i.Body == nil {
+		return ""
+	}
+	return *i.Body
+}
+
+// GetLabels returns the Labels field if it's non-nil, zero value otherwise.
+func (i *IssueRequest) GetLabels() []string {
+	if i == nil || i.Labels == nil {
+		return nil
+	}
+	return *i.Labels
+}
+
+// GetMilestone returns the Milestone field if it's non-nil, zero value otherwise.
+func (i *IssueRequest) GetMilestone() int {
+	if i == nil || i.Milestone == nil {
+		return 0
+	}
+	return *i.Milestone
+}
+
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (i *IssueRequest) GetState() string {
+	if i == nil || i.State == nil {
+		return ""
+	}
+	return *i.State
+}
+
+// GetStateReason returns the StateReason field if it's non-nil, zero value otherwise.
+func (i *IssueRequest) GetStateReason() string {
+	if i == nil || i.StateReason == nil {
+		return ""
+	}
+	return *i.StateReason
+}
+
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (i *IssueRequest) GetTitle() string {
+	if i == nil || i.Title == nil {
+		return ""
+	}
+	return *i.Title
+}
+
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (i *IssueRequest) GetType() string {
+	if i == nil || i.Type == nil {
+		return ""
+	}
+	return *i.Type
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (i *IssuesEvent) GetAction() string {
+	if i == nil || i.Action == nil {
+		return ""
+	}
+	return *i.Action
+}
+
+// GetAssignee returns the Assignee field.
+func (i *IssuesEvent) GetAssignee() *User {
+	if i == nil {
+		return nil
+	}
+	return i.Assignee
+}
+
+// GetChanges returns the Changes field.
+func (i *IssuesEvent) GetChanges() *EditChange {
+	if i == nil {
+		return nil
+	}
+	return i.Changes
+}
+
+// GetInstallation returns the Installation field.
+func (i *IssuesEvent) GetInstallation() *Installation {
+	if i == nil {
+		return nil
+	}
+	return i.Installation
+}
+
+// GetIssue returns the Issue field.
+func (i *IssuesEvent) GetIssue() *Issue {
+	if i == nil {
+		return nil
+	}
+	return i.Issue
+}
+
+// GetLabel returns the Label field.
+func (i *IssuesEvent) GetLabel() *Label {
+	if i == nil {
+		return nil
+	}
+	return i.Label
+}
+
+// GetMilestone returns the Milestone field.
+func (i *IssuesEvent) GetMilestone() *Milestone {
+	if i == nil {
+		return nil
+	}
+	return i.Milestone
+}
+
+// GetOrg returns the Org field.
+func (i *IssuesEvent) GetOrg() *Organization {
+	if i == nil {
+		return nil
+	}
+	return i.Org
+}
+
+// GetRepo returns the Repo field.
+func (i *IssuesEvent) GetRepo() *Repository {
+	if i == nil {
+		return nil
+	}
+	return i.Repo
+}
+
+// GetSender returns the Sender field.
+func (i *IssuesEvent) GetSender() *User {
+	if i == nil {
+		return nil
+	}
+	return i.Sender
+}
+
+// GetIncompleteResults returns the IncompleteResults field if it's non-nil, zero value otherwise.
+func (i *IssuesSearchResult) GetIncompleteResults() bool {
+	if i == nil || i.IncompleteResults == nil {
+		return false
+	}
+	return *i.IncompleteResults
+}
+
+// GetTotal returns the Total field if it's non-nil, zero value otherwise.
+func (i *IssuesSearchResult) GetTotal() int {
+	if i == nil || i.Total == nil {
+		return 0
+	}
+	return *i.Total
+}
+
+// GetClosedIssues returns the ClosedIssues field if it's non-nil, zero value otherwise.
+func (i *IssueStats) GetClosedIssues() int {
+	if i == nil || i.ClosedIssues == nil {
+		return 0
+	}
+	return *i.ClosedIssues
+}
+
+// GetOpenIssues returns the OpenIssues field if it's non-nil, zero value otherwise.
+func (i *IssueStats) GetOpenIssues() int {
+	if i == nil || i.OpenIssues == nil {
+		return 0
+	}
+	return *i.OpenIssues
+}
+
+// GetTotalIssues returns the TotalIssues field if it's non-nil, zero value otherwise.
+func (i *IssueStats) GetTotalIssues() int {
+	if i == nil || i.TotalIssues == nil {
+		return 0
+	}
+	return *i.TotalIssues
+}
+
+// GetColor returns the Color field if it's non-nil, zero value otherwise.
+func (i *IssueType) GetColor() string {
+	if i == nil || i.Color == nil {
+		return ""
+	}
+	return *i.Color
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (i *IssueType) GetCreatedAt() Timestamp {
+	if i == nil || i.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *i.CreatedAt
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (i *IssueType) GetDescription() string {
+	if i == nil || i.Description == nil {
+		return ""
+	}
+	return *i.Description
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (i *IssueType) GetID() int64 {
+	if i == nil || i.ID == nil {
+		return 0
+	}
+	return *i.ID
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (i *IssueType) GetName() string {
+	if i == nil || i.Name == nil {
+		return ""
+	}
+	return *i.Name
+}
+
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (i *IssueType) GetNodeID() string {
+	if i == nil || i.NodeID == nil {
+		return ""
+	}
+	return *i.NodeID
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (i *IssueType) GetUpdatedAt() Timestamp {
+	if i == nil || i.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *i.UpdatedAt
+}
+
+// GetEncodedJITConfig returns the EncodedJITConfig field if it's non-nil, zero value otherwise.
+func (j *JITRunnerConfig) GetEncodedJITConfig() string {
+	if j == nil || j.EncodedJITConfig == nil {
+		return ""
+	}
+	return *j.EncodedJITConfig
+}
+
+// GetRunner returns the Runner field.
+func (j *JITRunnerConfig) GetRunner() *Runner {
+	if j == nil {
+		return nil
+	}
+	return j.Runner
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (j *Jobs) GetTotalCount() int {
+	if j == nil || j.TotalCount == nil {
+		return 0
+	}
+	return *j.TotalCount
+}
+
+// GetAddedBy returns the AddedBy field if it's non-nil, zero value otherwise.
+func (k *Key) GetAddedBy() string {
+	if k == nil || k.AddedBy == nil {
+		return ""
+	}
+	return *k.AddedBy
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (k *Key) GetCreatedAt() Timestamp {
+	if k == nil || k.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *k.CreatedAt
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (k *Key) GetID() int64 {
+	if k == nil || k.ID == nil {
+		return 0
+	}
+	return *k.ID
+}
+
+// GetKey returns the Key field if it's non-nil, zero value otherwise.
+func (k *Key) GetKey() string {
+	if k == nil || k.Key == nil {
+		return ""
+	}
+	return *k.Key
+}
+
+// GetLastUsed returns the LastUsed field if it's non-nil, zero value otherwise.
+func (k *Key) GetLastUsed() Timestamp {
+	if k == nil || k.LastUsed == nil {
+		return Timestamp{}
+	}
+	return *k.LastUsed
+}
+
+// GetReadOnly returns the ReadOnly field if it's non-nil, zero value otherwise.
+func (k *Key) GetReadOnly() bool {
+	if k == nil || k.ReadOnly == nil {
+		return false
+	}
+	return *k.ReadOnly
+}
+
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (k *Key) GetTitle() string {
+	if k == nil || k.Title == nil {
+		return ""
+	}
+	return *k.Title
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (k *Key) GetURL() string {
+	if k == nil || k.URL == nil {
+		return ""
+	}
+	return *k.URL
+}
+
+// GetVerified returns the Verified field if it's non-nil, zero value otherwise.
+func (k *Key) GetVerified() bool {
+	if k == nil || k.Verified == nil {
+		return false
+	}
+	return *k.Verified
+}
+
+// GetColor returns the Color field if it's non-nil, zero value otherwise.
+func (l *Label) GetColor() string {
+	if l == nil || l.Color == nil {
+		return ""
+	}
+	return *l.Color
+}
+
+// GetDefault returns the Default field if it's non-nil, zero value otherwise.
+func (l *Label) GetDefault() bool {
+	if l == nil || l.Default == nil {
+		return false
+	}
+	return *l.Default
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (l *Label) GetDescription() string {
+	if l == nil || l.Description == nil {
+		return ""
+	}
+	return *l.Description
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (l *Label) GetID() int64 {
+	if l == nil || l.ID == nil {
+		return 0
+	}
+	return *l.ID
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (l *Label) GetName() string {
+	if l == nil || l.Name == nil {
+		return ""
+	}
+	return *l.Name
+}
+
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (l *Label) GetNodeID() string {
+	if l == nil || l.NodeID == nil {
+		return ""
+	}
+	return *l.NodeID
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (l *Label) GetURL() string {
+	if l == nil || l.URL == nil {
+		return ""
+	}
+	return *l.URL
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (l *LabelEvent) GetAction() string {
+	if l == nil || l.Action == nil {
+		return ""
+	}
+	return *l.Action
+}
+
+// GetChanges returns the Changes field.
+func (l *LabelEvent) GetChanges() *EditChange {
+	if l == nil {
+		return nil
+	}
+	return l.Changes
+}
+
+// GetInstallation returns the Installation field.
+func (l *LabelEvent) GetInstallation() *Installation {
+	if l == nil {
+		return nil
+	}
+	return l.Installation
+}
+
+// GetLabel returns the Label field.
+func (l *LabelEvent) GetLabel() *Label {
+	if l == nil {
+		return nil
+	}
+	return l.Label
+}
+
+// GetOrg returns the Org field.
+func (l *LabelEvent) GetOrg() *Organization {
+	if l == nil {
+		return nil
+	}
+	return l.Org
+}
+
+// GetRepo returns the Repo field.
+func (l *LabelEvent) GetRepo() *Repository {
+	if l == nil {
+		return nil
+	}
+	return l.Repo
+}
+
+// GetSender returns the Sender field.
+func (l *LabelEvent) GetSender() *User {
+	if l == nil {
+		return nil
+	}
+	return l.Sender
+}
+
+// GetColor returns the Color field if it's non-nil, zero value otherwise.
+func (l *LabelResult) GetColor() string {
+	if l == nil || l.Color == nil {
+		return ""
+	}
+	return *l.Color
+}
+
+// GetDefault returns the Default field if it's non-nil, zero value otherwise.
+func (l *LabelResult) GetDefault() bool {
+	if l == nil || l.Default == nil {
+		return false
+	}
+	return *l.Default
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (l *LabelResult) GetDescription() string {
+	if l == nil || l.Description == nil {
+		return ""
+	}
+	return *l.Description
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (l *LabelResult) GetID() int64 {
+	if l == nil || l.ID == nil {
+		return 0
+	}
+	return *l.ID
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (l *LabelResult) GetName() string {
+	if l == nil || l.Name == nil {
+		return ""
+	}
+	return *l.Name
+}
+
+// GetScore returns the Score field.
+func (l *LabelResult) GetScore() *float64 {
+	if l == nil {
+		return nil
+	}
+	return l.Score
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (l *LabelResult) GetURL() string {
+	if l == nil || l.URL == nil {
+		return ""
+	}
+	return *l.URL
+}
+
+// GetIncompleteResults returns the IncompleteResults field if it's non-nil, zero value otherwise.
+func (l *LabelsSearchResult) GetIncompleteResults() bool {
+	if l == nil || l.IncompleteResults == nil {
+		return false
+	}
+	return *l.IncompleteResults
+}
+
+// GetTotal returns the Total field if it's non-nil, zero value otherwise.
+func (l *LabelsSearchResult) GetTotal() int {
+	if l == nil || l.Total == nil {
+		return 0
+	}
+	return *l.Total
+}
+
+// GetOID returns the OID field if it's non-nil, zero value otherwise.
+func (l *LargeFile) GetOID() string {
+	if l == nil || l.OID == nil {
+		return ""
+	}
+	return *l.OID
+}
+
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (l *LargeFile) GetPath() string {
+	if l == nil || l.Path == nil {
+		return ""
+	}
+	return *l.Path
+}
+
+// GetRefName returns the RefName field if it's non-nil, zero value otherwise.
+func (l *LargeFile) GetRefName() string {
+	if l == nil || l.RefName == nil {
+		return ""
+	}
+	return *l.RefName
+}
+
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (l *LargeFile) GetSize() int {
+	if l == nil || l.Size == nil {
+		return 0
+	}
+	return *l.Size
+}
+
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (l *License) GetBody() string {
+	if l == nil || l.Body == nil {
+		return ""
+	}
+	return *l.Body
+}
+
+// GetConditions returns the Conditions field if it's non-nil, zero value otherwise.
+func (l *License) GetConditions() []string {
+	if l == nil || l.Conditions == nil {
+		return nil
+	}
+	return *l.Conditions
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (l *License) GetDescription() string {
+	if l == nil || l.Description == nil {
+		return ""
+	}
+	return *l.Description
+}
+
+// GetFeatured returns the Featured field if it's non-nil, zero value otherwise.
+func (l *License) GetFeatured() bool {
+	if l == nil || l.Featured == nil {
+		return false
+	}
+	return *l.Featured
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (l *License) GetHTMLURL() string {
+	if l == nil || l.HTMLURL == nil {
+		return ""
+	}
+	return *l.HTMLURL
+}
+
+// GetImplementation returns the Implementation field if it's non-nil, zero value otherwise.
+func (l *License) GetImplementation() string {
+	if l == nil || l.Implementation == nil {
+		return ""
+	}
+	return *l.Implementation
+}
+
+// GetKey returns the Key field if it's non-nil, zero value otherwise.
+func (l *License) GetKey() string {
+	if l == nil || l.Key == nil {
+		return ""
+	}
+	return *l.Key
+}
+
+// GetLimitations returns the Limitations field if it's non-nil, zero value otherwise.
+func (l *License) GetLimitations() []string {
+	if l == nil || l.Limitations == nil {
+		return nil
+	}
+	return *l.Limitations
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (l *License) GetName() string {
+	if l == nil || l.Name == nil {
+		return ""
+	}
+	return *l.Name
+}
+
+// GetPermissions returns the Permissions field if it's non-nil, zero value otherwise.
+func (l *License) GetPermissions() []string {
+	if l == nil || l.Permissions == nil {
+		return nil
+	}
+	return *l.Permissions
+}
+
+// GetSPDXID returns the SPDXID field if it's non-nil, zero value otherwise.
+func (l *License) GetSPDXID() string {
+	if l == nil || l.SPDXID == nil {
+		return ""
+	}
+	return *l.SPDXID
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (l *License) GetURL() string {
+	if l == nil || l.URL == nil {
+		return ""
+	}
+	return *l.URL
+}
+
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (l *LicenseCheck) GetStatus() string {
+	if l == nil || l.Status == nil {
+		return ""
+	}
+	return *l.Status
+}
+
+// GetAdvancedSecurityEnabled returns the AdvancedSecurityEnabled field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetAdvancedSecurityEnabled() bool {
+	if l == nil || l.AdvancedSecurityEnabled == nil {
+		return false
+	}
+	return *l.AdvancedSecurityEnabled
+}
+
+// GetAdvancedSecuritySeats returns the AdvancedSecuritySeats field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetAdvancedSecuritySeats() int {
+	if l == nil || l.AdvancedSecuritySeats == nil {
+		return 0
+	}
+	return *l.AdvancedSecuritySeats
+}
+
+// GetClusterSupport returns the ClusterSupport field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetClusterSupport() bool {
+	if l == nil || l.ClusterSupport == nil {
+		return false
+	}
+	return *l.ClusterSupport
+}
+
+// GetCompany returns the Company field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetCompany() string {
+	if l == nil || l.Company == nil {
+		return ""
+	}
+	return *l.Company
+}
+
+// GetCroquetSupport returns the CroquetSupport field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetCroquetSupport() bool {
+	if l == nil || l.CroquetSupport == nil {
+		return false
+	}
+	return *l.CroquetSupport
+}
+
+// GetCustomTerms returns the CustomTerms field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetCustomTerms() bool {
+	if l == nil || l.CustomTerms == nil {
+		return false
+	}
+	return *l.CustomTerms
+}
+
+// GetEvaluation returns the Evaluation field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetEvaluation() bool {
+	if l == nil || l.Evaluation == nil {
+		return false
+	}
+	return *l.Evaluation
+}
+
+// GetExpireAt returns the ExpireAt field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetExpireAt() Timestamp {
+	if l == nil || l.ExpireAt == nil {
+		return Timestamp{}
+	}
+	return *l.ExpireAt
+}
+
+// GetInsightsEnabled returns the InsightsEnabled field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetInsightsEnabled() bool {
+	if l == nil || l.InsightsEnabled == nil {
+		return false
+	}
+	return *l.InsightsEnabled
+}
+
+// GetInsightsExpireAt returns the InsightsExpireAt field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetInsightsExpireAt() Timestamp {
+	if l == nil || l.InsightsExpireAt == nil {
+		return Timestamp{}
+	}
+	return *l.InsightsExpireAt
+}
+
+// GetLearningLabEvaluationExpires returns the LearningLabEvaluationExpires field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetLearningLabEvaluationExpires() Timestamp {
+	if l == nil || l.LearningLabEvaluationExpires == nil {
+		return Timestamp{}
+	}
+	return *l.LearningLabEvaluationExpires
+}
+
+// GetLearningLabSeats returns the LearningLabSeats field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetLearningLabSeats() int {
+	if l == nil || l.LearningLabSeats == nil {
+		return 0
+	}
+	return *l.LearningLabSeats
+}
+
+// GetPerpetual returns the Perpetual field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetPerpetual() bool {
+	if l == nil || l.Perpetual == nil {
+		return false
+	}
+	return *l.Perpetual
+}
+
+// GetReferenceNumber returns the ReferenceNumber field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetReferenceNumber() string {
+	if l == nil || l.ReferenceNumber == nil {
+		return ""
+	}
+	return *l.ReferenceNumber
+}
+
+// GetSeats returns the Seats field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetSeats() int {
+	if l == nil || l.Seats == nil {
+		return 0
+	}
+	return *l.Seats
+}
+
+// GetSSHAllowed returns the SSHAllowed field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetSSHAllowed() bool {
+	if l == nil || l.SSHAllowed == nil {
+		return false
+	}
+	return *l.SSHAllowed
+}
+
+// GetSupportKey returns the SupportKey field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetSupportKey() string {
+	if l == nil || l.SupportKey == nil {
+		return ""
+	}
+	return *l.SupportKey
+}
+
+// GetUnlimitedSeating returns the UnlimitedSeating field if it's non-nil, zero value otherwise.
+func (l *LicenseStatus) GetUnlimitedSeating() bool {
+	if l == nil || l.UnlimitedSeating == nil {
+		return false
+	}
+	return *l.UnlimitedSeating
+}
+
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (l *LinearHistoryRequirementEnforcementLevelChanges) GetFrom() string {
+	if l == nil || l.From == nil {
+		return ""
+	}
+	return *l.From
+}
+
+// GetDirection returns the Direction field if it's non-nil, zero value otherwise.
+func (l *ListAlertsOptions) GetDirection() string {
+	if l == nil || l.Direction == nil {
+		return ""
+	}
+	return *l.Direction
+}
+
+// GetEcosystem returns the Ecosystem field if it's non-nil, zero value otherwise.
+func (l *ListAlertsOptions) GetEcosystem() string {
+	if l == nil || l.Ecosystem == nil {
+		return ""
+	}
+	return *l.Ecosystem
+}
+
+// GetPackage returns the Package field if it's non-nil, zero value otherwise.
+func (l *ListAlertsOptions) GetPackage() string {
+	if l == nil || l.Package == nil {
+		return ""
+	}
+	return *l.Package
+}
+
+// GetScope returns the Scope field if it's non-nil, zero value otherwise.
+func (l *ListAlertsOptions) GetScope() string {
+	if l == nil || l.Scope == nil {
+		return ""
+	}
+	return *l.Scope
+}
+
+// GetSeverity returns the Severity field if it's non-nil, zero value otherwise.
+func (l *ListAlertsOptions) GetSeverity() string {
+	if l == nil || l.Severity == nil {
+		return ""
+	}
+	return *l.Severity
+}
+
+// GetSort returns the Sort field if it's non-nil, zero value otherwise.
+func (l *ListAlertsOptions) GetSort() string {
+	if l == nil || l.Sort == nil {
+		return ""
+	}
+	return *l.Sort
+}
+
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (l *ListAlertsOptions) GetState() string {
+	if l == nil || l.State == nil {
+		return ""
+	}
+	return *l.State
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (l *ListArtifactsOptions) GetName() string {
+	if l == nil || l.Name == nil {
+		return ""
+	}
+	return *l.Name
+}
+
+// GetAppID returns the AppID field if it's non-nil, zero value otherwise.
+func (l *ListCheckRunsOptions) GetAppID() int64 {
+	if l == nil || l.AppID == nil {
+		return 0
+	}
+	return *l.AppID
+}
+
+// GetCheckName returns the CheckName field if it's non-nil, zero value otherwise.
+func (l *ListCheckRunsOptions) GetCheckName() string {
+	if l == nil || l.CheckName == nil {
+		return ""
+	}
+	return *l.CheckName
+}
+
+// GetFilter returns the Filter field if it's non-nil, zero value otherwise.
+func (l *ListCheckRunsOptions) GetFilter() string {
+	if l == nil || l.Filter == nil {
+		return ""
+	}
+	return *l.Filter
+}
+
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (l *ListCheckRunsOptions) GetStatus() string {
+	if l == nil || l.Status == nil {
+		return ""
+	}
+	return *l.Status
+}
+
+// GetTotal returns the Total field if it's non-nil, zero value otherwise.
+func (l *ListCheckRunsResults) GetTotal() int {
+	if l == nil || l.Total == nil {
+		return 0
+	}
+	return *l.Total
+}
+
+// GetAppID returns the AppID field if it's non-nil, zero value otherwise.
+func (l *ListCheckSuiteOptions) GetAppID() int {
+	if l == nil || l.AppID == nil {
+		return 0
+	}
+	return *l.AppID
+}
+
+// GetCheckName returns the CheckName field if it's non-nil, zero value otherwise.
+func (l *ListCheckSuiteOptions) GetCheckName() string {
+	if l == nil || l.CheckName == nil {
+		return ""
+	}
+	return *l.CheckName
+}
+
+// GetTotal returns the Total field if it's non-nil, zero value otherwise.
+func (l *ListCheckSuiteResults) GetTotal() int {
+	if l == nil || l.Total == nil {
+		return 0
+	}
+	return *l.Total
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (l *ListCodespaces) GetTotalCount() int {
+	if l == nil || l.TotalCount == nil {
+		return 0
+	}
+	return *l.TotalCount
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (l *ListCustomDeploymentRuleIntegrationsResponse) GetTotalCount() int {
+	if l == nil || l.TotalCount == nil {
+		return 0
+	}
+	return *l.TotalCount
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (l *ListDeploymentProtectionRuleResponse) GetTotalCount() int {
+	if l == nil || l.TotalCount == nil {
+		return 0
+	}
+	return *l.TotalCount
+}
+
+// GetDisplayName returns the DisplayName field if it's non-nil, zero value otherwise.
+func (l *ListExternalGroupsOptions) GetDisplayName() string {
+	if l == nil || l.DisplayName == nil {
+		return ""
+	}
+	return *l.DisplayName
+}
+
+// GetAffects returns the Affects field if it's non-nil, zero value otherwise.
+func (l *ListGlobalSecurityAdvisoriesOptions) GetAffects() string {
+	if l == nil || l.Affects == nil {
+		return ""
+	}
+	return *l.Affects
+}
+
+// GetCVEID returns the CVEID field if it's non-nil, zero value otherwise.
+func (l *ListGlobalSecurityAdvisoriesOptions) GetCVEID() string {
+	if l == nil || l.CVEID == nil {
+		return ""
+	}
+	return *l.CVEID
+}
+
+// GetEcosystem returns the Ecosystem field if it's non-nil, zero value otherwise.
+func (l *ListGlobalSecurityAdvisoriesOptions) GetEcosystem() string {
+	if l == nil || l.Ecosystem == nil {
+		return ""
+	}
+	return *l.Ecosystem
+}
+
+// GetGHSAID returns the GHSAID field if it's non-nil, zero value otherwise.
+func (l *ListGlobalSecurityAdvisoriesOptions) GetGHSAID() string {
+	if l == nil || l.GHSAID == nil {
+		return ""
+	}
+	return *l.GHSAID
+}
+
+// GetIsWithdrawn returns the IsWithdrawn field if it's non-nil, zero value otherwise.
+func (l *ListGlobalSecurityAdvisoriesOptions) GetIsWithdrawn() bool {
+	if l == nil || l.IsWithdrawn == nil {
+		return false
+	}
+	return *l.IsWithdrawn
+}
+
+// GetModified returns the Modified field if it's non-nil, zero value otherwise.
+func (l *ListGlobalSecurityAdvisoriesOptions) GetModified() string {
+	if l == nil || l.Modified == nil {
+		return ""
+	}
+	return *l.Modified
+}
+
+// GetPublished returns the Published field if it's non-nil, zero value otherwise.
+func (l *ListGlobalSecurityAdvisoriesOptions) GetPublished() string {
+	if l == nil || l.Published == nil {
+		return ""
+	}
+	return *l.Published
+}
+
+// GetSeverity returns the Severity field if it's non-nil, zero value otherwise.
+func (l *ListGlobalSecurityAdvisoriesOptions) GetSeverity() string {
+	if l == nil || l.Severity == nil {
+		return ""
+	}
+	return *l.Severity
+}
+
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (l *ListGlobalSecurityAdvisoriesOptions) GetType() string {
+	if l == nil || l.Type == nil {
+		return ""
+	}
+	return *l.Type
+}
+
+// GetUpdated returns the Updated field if it's non-nil, zero value otherwise.
+func (l *ListGlobalSecurityAdvisoriesOptions) GetUpdated() string {
+	if l == nil || l.Updated == nil {
+		return ""
+	}
+	return *l.Updated
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (l *ListOrganizations) GetTotalCount() int {
+	if l == nil || l.TotalCount == nil {
+		return 0
+	}
+	return *l.TotalCount
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (l *ListRepositories) GetTotalCount() int {
+	if l == nil || l.TotalCount == nil {
+		return 0
+	}
+	return *l.TotalCount
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (l *ListRunnersOptions) GetName() string {
+	if l == nil || l.Name == nil {
+		return ""
+	}
+	return *l.Name
+}
+
+// GetCount returns the Count field if it's non-nil, zero value otherwise.
+func (l *ListSCIMProvisionedIdentitiesOptions) GetCount() int {
+	if l == nil || l.Count == nil {
+		return 0
+	}
+	return *l.Count
+}
+
+// GetFilter returns the Filter field if it's non-nil, zero value otherwise.
+func (l *ListSCIMProvisionedIdentitiesOptions) GetFilter() string {
+	if l == nil || l.Filter == nil {
+		return ""
+	}
+	return *l.Filter
+}
+
+// GetStartIndex returns the StartIndex field if it's non-nil, zero value otherwise.
+func (l *ListSCIMProvisionedIdentitiesOptions) GetStartIndex() int {
+	if l == nil || l.StartIndex == nil {
+		return 0
+	}
+	return *l.StartIndex
+}
+
+// GetEndColumn returns the EndColumn field if it's non-nil, zero value otherwise.
+func (l *Location) GetEndColumn() int {
+	if l == nil || l.EndColumn == nil {
+		return 0
+	}
+	return *l.EndColumn
+}
+
+// GetEndLine returns the EndLine field if it's non-nil, zero value otherwise.
+func (l *Location) GetEndLine() int {
+	if l == nil || l.EndLine == nil {
+		return 0
+	}
+	return *l.EndLine
+}
+
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (l *Location) GetPath() string {
+	if l == nil || l.Path == nil {
+		return ""
+	}
+	return *l.Path
+}
+
+// GetStartColumn returns the StartColumn field if it's non-nil, zero value otherwise.
+func (l *Location) GetStartColumn() int {
+	if l == nil || l.StartColumn == nil {
+		return 0
+	}
+	return *l.StartColumn
+}
+
+// GetStartLine returns the StartLine field if it's non-nil, zero value otherwise.
+func (l *Location) GetStartLine() int {
+	if l == nil || l.StartLine == nil {
+		return 0
+	}
+	return *l.StartLine
+}
+
+// GetEnabled returns the Enabled field if it's non-nil, zero value otherwise.
+func (l *LockBranch) GetEnabled() bool {
+	if l == nil || l.Enabled == nil {
+		return false
+	}
+	return *l.Enabled
+}
+
+// GetHostname returns the Hostname field if it's non-nil, zero value otherwise.
+func (m *MaintenanceOperationStatus) GetHostname() string {
+	if m == nil || m.Hostname == nil {
+		return ""
+	}
+	return *m.Hostname
+}
+
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (m *MaintenanceOperationStatus) GetMessage() string {
+	if m == nil || m.Message == nil {
+		return ""
+	}
+	return *m.Message
+}
+
+// GetUUID returns the UUID field if it's non-nil, zero value otherwise.
+func (m *MaintenanceOperationStatus) GetUUID() string {
+	if m == nil || m.UUID == nil {
+		return ""
+	}
+	return *m.UUID
+}
+
+// GetMaintenanceModeMessage returns the MaintenanceModeMessage field if it's non-nil, zero value otherwise.
+func (m *MaintenanceOptions) GetMaintenanceModeMessage() string {
+	if m == nil || m.MaintenanceModeMessage == nil {
+		return ""
+	}
+	return *m.MaintenanceModeMessage
+}
+
+// GetUUID returns the UUID field if it's non-nil, zero value otherwise.
+func (m *MaintenanceOptions) GetUUID() string {
+	if m == nil || m.UUID == nil {
+		return ""
+	}
+	return *m.UUID
+}
+
+// GetWhen returns the When field if it's non-nil, zero value otherwise.
+func (m *MaintenanceOptions) GetWhen() string {
+	if m == nil || m.When == nil {
+		return ""
+	}
+	return *m.When
+}
+
+// GetCanUnsetMaintenance returns the CanUnsetMaintenance field if it's non-nil, zero value otherwise.
+func (m *MaintenanceStatus) GetCanUnsetMaintenance() bool {
+	if m == nil || m.CanUnsetMaintenance == nil {
+		return false
+	}
+	return *m.CanUnsetMaintenance
+}
+
+// GetHostname returns the Hostname field if it's non-nil, zero value otherwise.
+func (m *MaintenanceStatus) GetHostname() string {
+	if m == nil || m.Hostname == nil {
+		return ""
+	}
+	return *m.Hostname
+}
+
+// GetMaintenanceModeMessage returns the MaintenanceModeMessage field if it's non-nil, zero value otherwise.
+func (m *MaintenanceStatus) GetMaintenanceModeMessage() string {
+	if m == nil || m.MaintenanceModeMessage == nil {
+		return ""
+	}
+	return *m.MaintenanceModeMessage
+}
+
+// GetScheduledTime returns the ScheduledTime field if it's non-nil, zero value otherwise.
+func (m *MaintenanceStatus) GetScheduledTime() Timestamp {
+	if m == nil || m.ScheduledTime == nil {
+		return Timestamp{}
+	}
+	return *m.ScheduledTime
+}
+
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (m *MaintenanceStatus) GetStatus() string {
+	if m == nil || m.Status == nil {
+		return ""
+	}
+	return *m.Status
+}
+
+// GetUUID returns the UUID field if it's non-nil, zero value otherwise.
+func (m *MaintenanceStatus) GetUUID() string {
+	if m == nil || m.UUID == nil {
+		return ""
+	}
+	return *m.UUID
+}
+
+// GetEffectiveDate returns the EffectiveDate field if it's non-nil, zero value otherwise.
+func (m *MarketplacePendingChange) GetEffectiveDate() Timestamp {
+	if m == nil || m.EffectiveDate == nil {
+		return Timestamp{}
+	}
+	return *m.EffectiveDate
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (m *MarketplacePendingChange) GetID() int64 {
+	if m == nil || m.ID == nil {
+		return 0
+	}
+	return *m.ID
+}
+
+// GetPlan returns the Plan field.
+func (m *MarketplacePendingChange) GetPlan() *MarketplacePlan {
+	if m == nil {
+		return nil
+	}
+	return m.Plan
+}
+
+// GetUnitCount returns the UnitCount field if it's non-nil, zero value otherwise.
+func (m *MarketplacePendingChange) GetUnitCount() int {
+	if m == nil || m.UnitCount == nil {
+		return 0
+	}
+	return *m.UnitCount
+}
+
+// GetAccountsURL returns the AccountsURL field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetAccountsURL() string {
+	if m == nil || m.AccountsURL == nil {
+		return ""
+	}
+	return *m.AccountsURL
+}
+
+// GetBullets returns the Bullets field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetBullets() []string {
+	if m == nil || m.Bullets == nil {
+		return nil
+	}
+	return *m.Bullets
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetDescription() string {
+	if m == nil || m.Description == nil {
+		return ""
+	}
+	return *m.Description
+}
+
+// GetHasFreeTrial returns the HasFreeTrial field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetHasFreeTrial() bool {
+	if m == nil || m.HasFreeTrial == nil {
+		return false
+	}
+	return *m.HasFreeTrial
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetID() int64 {
+	if m == nil || m.ID == nil {
+		return 0
+	}
+	return *m.ID
+}
+
+// GetMonthlyPriceInCents returns the MonthlyPriceInCents field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetMonthlyPriceInCents() int {
+	if m == nil || m.MonthlyPriceInCents == nil {
+		return 0
+	}
+	return *m.MonthlyPriceInCents
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetName() string {
+	if m == nil || m.Name == nil {
+		return ""
+	}
+	return *m.Name
+}
+
+// GetNumber returns the Number field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetNumber() int {
+	if m == nil || m.Number == nil {
+		return 0
+	}
+	return *m.Number
+}
+
+// GetPriceModel returns the PriceModel field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetPriceModel() string {
+	if m == nil || m.PriceModel == nil {
+		return ""
+	}
+	return *m.PriceModel
+}
+
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetState() string {
+	if m == nil || m.State == nil {
+		return ""
+	}
+	return *m.State
+}
+
+// GetUnitName returns the UnitName field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetUnitName() string {
+	if m == nil || m.UnitName == nil {
+		return ""
+	}
+	return *m.UnitName
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetURL() string {
+	if m == nil || m.URL == nil {
+		return ""
+	}
+	return *m.URL
+}
+
+// GetYearlyPriceInCents returns the YearlyPriceInCents field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlan) GetYearlyPriceInCents() int {
+	if m == nil || m.YearlyPriceInCents == nil {
+		return 0
+	}
+	return *m.YearlyPriceInCents
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlanAccount) GetID() int64 {
+	if m == nil || m.ID == nil {
+		return 0
+	}
+	return *m.ID
+}
+
+// GetLogin returns the Login field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlanAccount) GetLogin() string {
+	if m == nil || m.Login == nil {
+		return ""
+	}
+	return *m.Login
+}
+
+// GetMarketplacePendingChange returns the MarketplacePendingChange field.
+func (m *MarketplacePlanAccount) GetMarketplacePendingChange() *MarketplacePendingChange {
+	if m == nil {
+		return nil
+	}
+	return m.MarketplacePendingChange
+}
+
+// GetMarketplacePurchase returns the MarketplacePurchase field.
+func (m *MarketplacePlanAccount) GetMarketplacePurchase() *MarketplacePurchase {
+	if m == nil {
+		return nil
+	}
+	return m.MarketplacePurchase
+}
+
+// GetOrganizationBillingEmail returns the OrganizationBillingEmail field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlanAccount) GetOrganizationBillingEmail() string {
+	if m == nil || m.OrganizationBillingEmail == nil {
+		return ""
+	}
+	return *m.OrganizationBillingEmail
+}
+
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlanAccount) GetType() string {
+	if m == nil || m.Type == nil {
+		return ""
+	}
+	return *m.Type
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (m *MarketplacePlanAccount) GetURL() string {
+	if m == nil || m.URL == nil {
+		return ""
+	}
+	return *m.URL
+}
+
+// GetAccount returns the Account field.
+func (m *MarketplacePurchase) GetAccount() *MarketplacePurchaseAccount {
+	if m == nil {
+		return nil
+	}
+	return m.Account
+}
+
+// GetBillingCycle returns the BillingCycle field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchase) GetBillingCycle() string {
+	if m == nil || m.BillingCycle == nil {
+		return ""
+	}
+	return *m.BillingCycle
+}
+
+// GetFreeTrialEndsOn returns the FreeTrialEndsOn field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchase) GetFreeTrialEndsOn() Timestamp {
+	if m == nil || m.FreeTrialEndsOn == nil {
+		return Timestamp{}
+	}
+	return *m.FreeTrialEndsOn
+}
+
+// GetNextBillingDate returns the NextBillingDate field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchase) GetNextBillingDate() Timestamp {
+	if m == nil || m.NextBillingDate == nil {
+		return Timestamp{}
+	}
+	return *m.NextBillingDate
+}
+
+// GetOnFreeTrial returns the OnFreeTrial field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchase) GetOnFreeTrial() bool {
+	if m == nil || m.OnFreeTrial == nil {
+		return false
+	}
+	return *m.OnFreeTrial
+}
+
+// GetPlan returns the Plan field.
+func (m *MarketplacePurchase) GetPlan() *MarketplacePlan {
+	if m == nil {
+		return nil
+	}
+	return m.Plan
+}
+
+// GetUnitCount returns the UnitCount field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchase) GetUnitCount() int {
+	if m == nil || m.UnitCount == nil {
+		return 0
+	}
+	return *m.UnitCount
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchase) GetUpdatedAt() Timestamp {
+	if m == nil || m.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *m.UpdatedAt
+}
+
+// GetEmail returns the Email field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchaseAccount) GetEmail() string {
+	if m == nil || m.Email == nil {
+		return ""
+	}
+	return *m.Email
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchaseAccount) GetID() int64 {
+	if m == nil || m.ID == nil {
+		return 0
+	}
+	return *m.ID
+}
+
+// GetLogin returns the Login field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchaseAccount) GetLogin() string {
+	if m == nil || m.Login == nil {
+		return ""
+	}
+	return *m.Login
+}
+
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchaseAccount) GetNodeID() string {
+	if m == nil || m.NodeID == nil {
+		return ""
+	}
+	return *m.NodeID
+}
+
+// GetOrganizationBillingEmail returns the OrganizationBillingEmail field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchaseAccount) GetOrganizationBillingEmail() string {
+	if m == nil || m.OrganizationBillingEmail == nil {
+		return ""
+	}
+	return *m.OrganizationBillingEmail
+}
+
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchaseAccount) GetType() string {
+	if m == nil || m.Type == nil {
+		return ""
+	}
+	return *m.Type
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchaseAccount) GetURL() string {
+	if m == nil || m.URL == nil {
+		return ""
+	}
+	return *m.URL
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchaseEvent) GetAction() string {
+	if m == nil || m.Action == nil {
+		return ""
+	}
+	return *m.Action
+}
+
+// GetEffectiveDate returns the EffectiveDate field if it's non-nil, zero value otherwise.
+func (m *MarketplacePurchaseEvent) GetEffectiveDate() Timestamp {
+	if m == nil || m.EffectiveDate == nil {
+		return Timestamp{}
+	}
+	return *m.EffectiveDate
+}
+
+// GetInstallation returns the Installation field.
+func (m *MarketplacePurchaseEvent) GetInstallation() *Installation {
+	if m == nil {
+		return nil
+	}
+	return m.Installation
+}
+
+// GetMarketplacePurchase returns the MarketplacePurchase field.
+func (m *MarketplacePurchaseEvent) GetMarketplacePurchase() *MarketplacePurchase {
+	if m == nil {
+		return nil
+	}
+	return m.MarketplacePurchase
+}
+
+// GetOrg returns the Org field.
+func (m *MarketplacePurchaseEvent) GetOrg() *Organization {
+	if m == nil {
+		return nil
+	}
+	return m.Org
+}
+
+// GetPreviousMarketplacePurchase returns the PreviousMarketplacePurchase field.
+func (m *MarketplacePurchaseEvent) GetPreviousMarketplacePurchase() *MarketplacePurchase {
+	if m == nil {
+		return nil
+	}
+	return m.PreviousMarketplacePurchase
+}
+
+// GetSender returns the Sender field.
+func (m *MarketplacePurchaseEvent) GetSender() *User {
+	if m == nil {
+		return nil
+	}
+	return m.Sender
+}
+
+// GetText returns the Text field if it's non-nil, zero value otherwise.
+func (m *Match) GetText() string {
+	if m == nil || m.Text == nil {
+		return ""
+	}
+	return *m.Text
+}
+
+// GetPermission returns the Permission field.
+func (m *MemberChanges) GetPermission() *MemberChangesPermission {
+	if m == nil {
+		return nil
+	}
+	return m.Permission
+}
+
+// GetRoleName returns the RoleName field.
+func (m *MemberChanges) GetRoleName() *MemberChangesRoleName {
+	if m == nil {
+		return nil
+	}
+	return m.RoleName
+}
+
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (m *MemberChangesPermission) GetFrom() string {
+	if m == nil || m.From == nil {
+		return ""
+	}
+	return *m.From
+}
+
+// GetTo returns the To field if it's non-nil, zero value otherwise.
+func (m *MemberChangesPermission) GetTo() string {
+	if m == nil || m.To == nil {
+		return ""
+	}
+	return *m.To
+}
+
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (m *MemberChangesRoleName) GetFrom() string {
+	if m == nil || m.From == nil {
+		return ""
+	}
+	return *m.From
+}
+
+// GetTo returns the To field if it's non-nil, zero value otherwise.
+func (m *MemberChangesRoleName) GetTo() string {
+	if m == nil || m.To == nil {
+		return ""
+	}
+	return *m.To
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (m *MemberEvent) GetAction() string {
+	if m == nil || m.Action == nil {
+		return ""
+	}
+	return *m.Action
+}
+
+// GetChanges returns the Changes field.
+func (m *MemberEvent) GetChanges() *MemberChanges {
+	if m == nil {
+		return nil
+	}
+	return m.Changes
+}
+
+// GetInstallation returns the Installation field.
+func (m *MemberEvent) GetInstallation() *Installation {
+	if m == nil {
+		return nil
+	}
+	return m.Installation
+}
+
+// GetMember returns the Member field.
+func (m *MemberEvent) GetMember() *User {
+	if m == nil {
+		return nil
+	}
+	return m.Member
+}
+
+// GetOrg returns the Org field.
+func (m *MemberEvent) GetOrg() *Organization {
+	if m == nil {
+		return nil
+	}
+	return m.Org
+}
+
+// GetRepo returns the Repo field.
+func (m *MemberEvent) GetRepo() *Repository {
+	if m == nil {
+		return nil
+	}
+	return m.Repo
+}
+
+// GetSender returns the Sender field.
+func (m *MemberEvent) GetSender() *User {
+	if m == nil {
+		return nil
+	}
+	return m.Sender
+}
+
+// GetOrganization returns the Organization field.
+func (m *Membership) GetOrganization() *Organization {
+	if m == nil {
+		return nil
+	}
+	return m.Organization
+}
+
+// GetOrganizationURL returns the OrganizationURL field if it's non-nil, zero value otherwise.
+func (m *Membership) GetOrganizationURL() string {
+	if m == nil || m.OrganizationURL == nil {
+		return ""
+	}
+	return *m.OrganizationURL
+}
+
+// GetRole returns the Role field if it's non-nil, zero value otherwise.
+func (m *Membership) GetRole() string {
+	if m == nil || m.Role == nil {
+		return ""
+	}
+	return *m.Role
+}
+
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (m *Membership) GetState() string {
+	if m == nil || m.State == nil {
+		return ""
+	}
+	return *m.State
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (m *Membership) GetURL() string {
+	if m == nil || m.URL == nil {
+		return ""
+	}
+	return *m.URL
+}
+
+// GetUser returns the User field.
+func (m *Membership) GetUser() *User {
+	if m == nil {
+		return nil
+	}
+	return m.User
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (m *MembershipEvent) GetAction() string {
+	if m == nil || m.Action == nil {
+		return ""
+	}
+	return *m.Action
+}
+
+// GetInstallation returns the Installation field.
+func (m *MembershipEvent) GetInstallation() *Installation {
+	if m == nil {
+		return nil
+	}
+	return m.Installation
+}
+
+// GetMember returns the Member field.
+func (m *MembershipEvent) GetMember() *User {
+	if m == nil {
+		return nil
+	}
+	return m.Member
+}
+
+// GetOrg returns the Org field.
+func (m *MembershipEvent) GetOrg() *Organization {
+	if m == nil {
+		return nil
+	}
+	return m.Org
+}
+
+// GetScope returns the Scope field if it's non-nil, zero value otherwise.
+func (m *MembershipEvent) GetScope() string {
+	if m == nil || m.Scope == nil {
+		return ""
+	}
+	return *m.Scope
+}
+
+// GetSender returns the Sender field.
+func (m *MembershipEvent) GetSender() *User {
+	if m == nil {
+		return nil
+	}
+	return m.Sender
+}
+
+// GetTeam returns the Team field.
+func (m *MembershipEvent) GetTeam() *Team {
+	if m == nil {
+		return nil
+	}
+	return m.Team
+}
+
+// GetBaseRef returns the BaseRef field if it's non-nil, zero value otherwise.
+func (m *MergeGroup) GetBaseRef() string {
+	if m == nil || m.BaseRef == nil {
+		return ""
+	}
+	return *m.BaseRef
+}
+
+// GetBaseSHA returns the BaseSHA field if it's non-nil, zero value otherwise.
+func (m *MergeGroup) GetBaseSHA() string {
+	if m == nil || m.BaseSHA == nil {
+		return ""
+	}
+	return *m.BaseSHA
+}
+
+// GetHeadCommit returns the HeadCommit field.
+func (m *MergeGroup) GetHeadCommit() *Commit {
+	if m == nil {
+		return nil
+	}
+	return m.HeadCommit
+}
+
+// GetHeadRef returns the HeadRef field if it's non-nil, zero value otherwise.
+func (m *MergeGroup) GetHeadRef() string {
+	if m == nil || m.HeadRef == nil {
+		return ""
+	}
+	return *m.HeadRef
+}
+
+// GetHeadSHA returns the HeadSHA field if it's non-nil, zero value otherwise.
+func (m *MergeGroup) GetHeadSHA() string {
+	if m == nil || m.HeadSHA == nil {
+		return ""
+	}
+	return *m.HeadSHA
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (m *MergeGroupEvent) GetAction() string {
+	if m == nil || m.Action == nil {
+		return ""
+	}
+	return *m.Action
+}
+
+// GetInstallation returns the Installation field.
+func (m *MergeGroupEvent) GetInstallation() *Installation {
+	if m == nil {
+		return nil
+	}
+	return m.Installation
+}
+
+// GetMergeGroup returns the MergeGroup field.
+func (m *MergeGroupEvent) GetMergeGroup() *MergeGroup {
+	if m == nil {
+		return nil
+	}
+	return m.MergeGroup
+}
+
+// GetOrg returns the Org field.
+func (m *MergeGroupEvent) GetOrg() *Organization {
+	if m == nil {
+		return nil
+	}
+	return m.Org
+}
+
+// GetReason returns the Reason field if it's non-nil, zero value otherwise.
+func (m *MergeGroupEvent) GetReason() string {
+	if m == nil || m.Reason == nil {
+		return ""
+	}
+	return *m.Reason
+}
+
+// GetRepo returns the Repo field.
+func (m *MergeGroupEvent) GetRepo() *Repository {
+	if m == nil {
+		return nil
+	}
+	return m.Repo
+}
+
+// GetSender returns the Sender field.
+func (m *MergeGroupEvent) GetSender() *User {
+	if m == nil {
+		return nil
+	}
+	return m.Sender
+}
+
+// GetText returns the Text field if it's non-nil, zero value otherwise.
+func (m *Message) GetText() string {
+	if m == nil || m.Text == nil {
+		return ""
+	}
+	return *m.Text
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (m *MetaEvent) GetAction() string {
+	if m == nil || m.Action == nil {
+		return ""
+	}
+	return *m.Action
+}
+
+// GetHook returns the Hook field.
+func (m *MetaEvent) GetHook() *Hook {
+	if m == nil {
+		return nil
+	}
+	return m.Hook
+}
+
+// GetHookID returns the HookID field if it's non-nil, zero value otherwise.
+func (m *MetaEvent) GetHookID() int64 {
+	if m == nil || m.HookID == nil {
+		return 0
+	}
+	return *m.HookID
+}
+
+// GetInstallation returns the Installation field.
+func (m *MetaEvent) GetInstallation() *Installation {
+	if m == nil {
+		return nil
+	}
+	return m.Installation
+}
+
+// GetOrg returns the Org field.
+func (m *MetaEvent) GetOrg() *Organization {
+	if m == nil {
+		return nil
+	}
+	return m.Org
+}
+
+// GetRepo returns the Repo field.
+func (m *MetaEvent) GetRepo() *Repository {
+	if m == nil {
+		return nil
+	}
+	return m.Repo
+}
+
+// GetSender returns the Sender field.
+func (m *MetaEvent) GetSender() *User {
+	if m == nil {
+		return nil
+	}
+	return m.Sender
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (m *Metric) GetHTMLURL() string {
+	if m == nil || m.HTMLURL == nil {
+		return ""
+	}
+	return *m.HTMLURL
+}
+
+// GetKey returns the Key field if it's non-nil, zero value otherwise.
+func (m *Metric) GetKey() string {
+	if m == nil || m.Key == nil {
+		return ""
+	}
+	return *m.Key
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (m *Metric) GetName() string {
+	if m == nil || m.Name == nil {
+		return ""
+	}
+	return *m.Name
+}
+
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (m *Metric) GetNodeID() string {
+	if m == nil || m.NodeID == nil {
+		return ""
+	}
+	return *m.NodeID
+}
+
+// GetSPDXID returns the SPDXID field if it's non-nil, zero value otherwise.
+func (m *Metric) GetSPDXID() string {
+	if m == nil || m.SPDXID == nil {
+		return ""
+	}
+	return *m.SPDXID
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (m *Metric) GetURL() string {
+	if m == nil || m.URL == nil {
+		return ""
+	}
+	return *m.URL
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (m *Migration) GetCreatedAt() string {
+	if m == nil || m.CreatedAt == nil {
+		return ""
+	}
+	return *m.CreatedAt
+}
+
+// GetExcludeAttachments returns the ExcludeAttachments field if it's non-nil, zero value otherwise.
+func (m *Migration) GetExcludeAttachments() bool {
+	if m == nil || m.ExcludeAttachments == nil {
+		return false
+	}
+	return *m.ExcludeAttachments
+}
+
+// GetGUID returns the GUID field if it's non-nil, zero value otherwise.
+func (m *Migration) GetGUID() string {
+	if m == nil || m.GUID == nil {
+		return ""
+	}
+	return *m.GUID
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (m *Migration) GetID() int64 {
+	if m == nil || m.ID == nil {
+		return 0
+	}
+	return *m.ID
+}
+
+// GetLockRepositories returns the LockRepositories field if it's non-nil, zero value otherwise.
+func (m *Migration) GetLockRepositories() bool {
+	if m == nil || m.LockRepositories == nil {
+		return false
+	}
+	return *m.LockRepositories
+}
+
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (m *Migration) GetState() string {
+	if m == nil || m.State == nil {
+		return ""
+	}
+	return *m.State
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (m *Migration) GetUpdatedAt() string {
+	if m == nil || m.UpdatedAt == nil {
+		return ""
+	}
+	return *m.UpdatedAt
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (m *Migration) GetURL() string {
+	if m == nil || m.URL == nil {
+		return ""
+	}
+	return *m.URL
+}
+
+// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetClosedAt() Timestamp {
+	if m == nil || m.ClosedAt == nil {
+		return Timestamp{}
+	}
+	return *m.ClosedAt
+}
+
+// GetClosedIssues returns the ClosedIssues field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetClosedIssues() int {
+	if m == nil || m.ClosedIssues == nil {
+		return 0
+	}
+	return *m.ClosedIssues
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetCreatedAt() Timestamp {
+	if m == nil || m.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *m.CreatedAt
+}
+
+// GetCreator returns the Creator field.
+func (m *Milestone) GetCreator() *User {
+	if m == nil {
+		return nil
+	}
+	return m.Creator
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetDescription() string {
+	if m == nil || m.Description == nil {
+		return ""
+	}
+	return *m.Description
+}
+
+// GetDueOn returns the DueOn field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetDueOn() Timestamp {
+	if m == nil || m.DueOn == nil {
+		return Timestamp{}
+	}
+	return *m.DueOn
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetHTMLURL() string {
+	if m == nil || m.HTMLURL == nil {
+		return ""
+	}
+	return *m.HTMLURL
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetID() int64 {
+	if m == nil || m.ID == nil {
+		return 0
+	}
+	return *m.ID
+}
+
+// GetLabelsURL returns the LabelsURL field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetLabelsURL() string {
+	if m == nil || m.LabelsURL == nil {
+		return ""
+	}
+	return *m.LabelsURL
+}
+
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetNodeID() string {
+	if m == nil || m.NodeID == nil {
+		return ""
+	}
+	return *m.NodeID
+}
+
+// GetNumber returns the Number field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetNumber() int {
+	if m == nil || m.Number == nil {
+		return 0
+	}
+	return *m.Number
+}
+
+// GetOpenIssues returns the OpenIssues field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetOpenIssues() int {
+	if m == nil || m.OpenIssues == nil {
+		return 0
+	}
+	return *m.OpenIssues
+}
+
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetState() string {
+	if m == nil || m.State == nil {
+		return ""
+	}
+	return *m.State
+}
+
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetTitle() string {
+	if m == nil || m.Title == nil {
+		return ""
+	}
+	return *m.Title
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetUpdatedAt() Timestamp {
+	if m == nil || m.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *m.UpdatedAt
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (m *Milestone) GetURL() string {
+	if m == nil || m.URL == nil {
+		return ""
+	}
+	return *m.URL
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (m *MilestoneEvent) GetAction() string {
+	if m == nil || m.Action == nil {
+		return ""
+	}
+	return *m.Action
+}
+
+// GetChanges returns the Changes field.
+func (m *MilestoneEvent) GetChanges() *EditChange {
+	if m == nil {
+		return nil
+	}
+	return m.Changes
+}
+
+// GetInstallation returns the Installation field.
+func (m *MilestoneEvent) GetInstallation() *Installation {
+	if m == nil {
+		return nil
+	}
+	return m.Installation
+}
+
+// GetMilestone returns the Milestone field.
+func (m *MilestoneEvent) GetMilestone() *Milestone {
+	if m == nil {
+		return nil
+	}
+	return m.Milestone
+}
+
+// GetOrg returns the Org field.
+func (m *MilestoneEvent) GetOrg() *Organization {
+	if m == nil {
+		return nil
+	}
+	return m.Org
+}
+
+// GetRepo returns the Repo field.
+func (m *MilestoneEvent) GetRepo() *Repository {
+	if m == nil {
+		return nil
+	}
+	return m.Repo
+}
+
+// GetSender returns the Sender field.
+func (m *MilestoneEvent) GetSender() *User {
+	if m == nil {
+		return nil
+	}
+	return m.Sender
+}
+
+// GetClosedMilestones returns the ClosedMilestones field if it's non-nil, zero value otherwise.
+func (m *MilestoneStats) GetClosedMilestones() int {
+	if m == nil || m.ClosedMilestones == nil {
+		return 0
+	}
+	return *m.ClosedMilestones
+}
+
+// GetOpenMilestones returns the OpenMilestones field if it's non-nil, zero value otherwise.
+func (m *MilestoneStats) GetOpenMilestones() int {
+	if m == nil || m.OpenMilestones == nil {
+		return 0
+	}
+	return *m.OpenMilestones
+}
+
+// GetTotalMilestones returns the TotalMilestones field if it's non-nil, zero value otherwise.
+func (m *MilestoneStats) GetTotalMilestones() int {
+	if m == nil || m.TotalMilestones == nil {
+		return 0
+	}
+	return *m.TotalMilestones
+}
+
+// GetAnalysisKey returns the AnalysisKey field if it's non-nil, zero value otherwise.
+func (m *MostRecentInstance) GetAnalysisKey() string {
+	if m == nil || m.AnalysisKey == nil {
+		return ""
+	}
+	return *m.AnalysisKey
+}
+
+// GetCategory returns the Category field if it's non-nil, zero value otherwise.
+func (m *MostRecentInstance) GetCategory() string {
+	if m == nil || m.Category == nil {
+		return ""
+	}
+	return *m.Category
+}
+
+// GetCommitSHA returns the CommitSHA field if it's non-nil, zero value otherwise.
+func (m *MostRecentInstance) GetCommitSHA() string {
+	if m == nil || m.CommitSHA == nil {
+		return ""
+	}
+	return *m.CommitSHA
+}
+
+// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
+func (m *MostRecentInstance) GetEnvironment() string {
+	if m == nil || m.Environment == nil {
+		return ""
+	}
+	return *m.Environment
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (m *MostRecentInstance) GetHTMLURL() string {
+	if m == nil || m.HTMLURL == nil {
+		return ""
+	}
+	return *m.HTMLURL
+}
+
+// GetLocation returns the Location field.
+func (m *MostRecentInstance) GetLocation() *Location {
+	if m == nil {
+		return nil
+	}
+	return m.Location
+}
+
+// GetMessage returns the Message field.
+func (m *MostRecentInstance) GetMessage() *Message {
+	if m == nil {
+		return nil
+	}
+	return m.Message
+}
+
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (m *MostRecentInstance) GetRef() string {
+	if m == nil || m.Ref == nil {
+		return ""
+	}
+	return *m.Ref
+}
+
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (m *MostRecentInstance) GetState() string {
+	if m == nil || m.State == nil {
+		return ""
+	}
+	return *m.State
+}
+
+// GetComputeService returns the ComputeService field.
+func (n *NetworkConfiguration) GetComputeService() *ComputeService {
+	if n == nil {
+		return nil
+	}
+	return n.ComputeService
+}
+
+// GetCreatedOn returns the CreatedOn field if it's non-nil, zero value otherwise.
+func (n *NetworkConfiguration) GetCreatedOn() Timestamp {
+	if n == nil || n.CreatedOn == nil {
+		return Timestamp{}
+	}
+	return *n.CreatedOn
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (n *NetworkConfiguration) GetID() string {
+	if n == nil || n.ID == nil {
+		return ""
+	}
+	return *n.ID
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (n *NetworkConfiguration) GetName() string {
+	if n == nil || n.Name == nil {
+		return ""
+	}
+	return *n.Name
+}
+
+// GetComputeService returns the ComputeService field.
+func (n *NetworkConfigurationRequest) GetComputeService() *ComputeService {
+	if n == nil {
+		return nil
+	}
+	return n.ComputeService
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (n *NetworkConfigurationRequest) GetName() string {
+	if n == nil || n.Name == nil {
+		return ""
+	}
+	return *n.Name
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (n *NetworkConfigurations) GetTotalCount() int64 {
+	if n == nil || n.TotalCount == nil {
+		return 0
+	}
+	return *n.TotalCount
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (n *NetworkSettingsResource) GetID() string {
+	if n == nil || n.ID == nil {
+		return ""
+	}
+	return *n.ID
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (n *NetworkSettingsResource) GetName() string {
+	if n == nil || n.Name == nil {
+		return ""
+	}
+	return *n.Name
+}
+
+// GetNetworkConfigurationID returns the NetworkConfigurationID field if it's non-nil, zero value otherwise.
+func (n *NetworkSettingsResource) GetNetworkConfigurationID() string {
+	if n == nil || n.NetworkConfigurationID == nil {
+		return ""
+	}
+	return *n.NetworkConfigurationID
+}
+
+// GetRegion returns the Region field if it's non-nil, zero value otherwise.
+func (n *NetworkSettingsResource) GetRegion() string {
+	if n == nil || n.Region == nil {
+		return ""
+	}
+	return *n.Region
+}
+
+// GetSubnetID returns the SubnetID field if it's non-nil, zero value otherwise.
+func (n *NetworkSettingsResource) GetSubnetID() string {
+	if n == nil || n.SubnetID == nil {
+		return ""
+	}
+	return *n.SubnetID
+}
+
+// GetBase returns the Base field if it's non-nil, zero value otherwise.
+func (n *NewPullRequest) GetBase() string {
+	if n == nil || n.Base == nil {
+		return ""
+	}
+	return *n.Base
+}
+
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (n *NewPullRequest) GetBody() string {
+	if n == nil || n.Body == nil {
+		return ""
+	}
+	return *n.Body
+}
+
+// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
+func (n *NewPullRequest) GetDraft() bool {
+	if n == nil || n.Draft == nil {
+		return false
+	}
+	return *n.Draft
+}
+
+// GetHead returns the Head field if it's non-nil, zero value otherwise.
+func (n *NewPullRequest) GetHead() string {
+	if n == nil || n.Head == nil {
+		return ""
+	}
+	return *n.Head
+}
+
+// GetHeadRepo returns the HeadRepo field if it's non-nil, zero value otherwise.
+func (n *NewPullRequest) GetHeadRepo() string {
+	if n == nil || n.HeadRepo == nil {
+		return ""
+	}
+	return *n.HeadRepo
+}
+
+// GetIssue returns the Issue field if it's non-nil, zero value otherwise.
+func (n *NewPullRequest) GetIssue() int {
+	if n == nil || n.Issue == nil {
+		return 0
+	}
+	return *n.Issue
+}
+
+// GetMaintainerCanModify returns the MaintainerCanModify field if it's non-nil, zero value otherwise.
+func (n *NewPullRequest) GetMaintainerCanModify() bool {
+	if n == nil || n.MaintainerCanModify == nil {
+		return false
+	}
+	return *n.MaintainerCanModify
+}
+
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (n *NewPullRequest) GetTitle() string {
+	if n == nil || n.Title == nil {
+		return ""
+	}
+	return *n.Title
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (n *NewTeam) GetDescription() string {
+	if n == nil || n.Description == nil {
+		return ""
+	}
+	return *n.Description
+}
+
+// GetLDAPDN returns the LDAPDN field if it's non-nil, zero value otherwise.
+func (n *NewTeam) GetLDAPDN() string {
+	if n == nil || n.LDAPDN == nil {
+		return ""
+	}
+	return *n.LDAPDN
+}
+
+// GetNotificationSetting returns the NotificationSetting field if it's non-nil, zero value otherwise.
+func (n *NewTeam) GetNotificationSetting() string {
+	if n == nil || n.NotificationSetting == nil {
+		return ""
+	}
+	return *n.NotificationSetting
+}
+
+// GetParentTeamID returns the ParentTeamID field if it's non-nil, zero value otherwise.
+func (n *NewTeam) GetParentTeamID() int64 {
+	if n == nil || n.ParentTeamID == nil {
+		return 0
+	}
+	return *n.ParentTeamID
+}
+
+// GetPermission returns the Permission field if it's non-nil, zero value otherwise.
+func (n *NewTeam) GetPermission() string {
+	if n == nil || n.Permission == nil {
+		return ""
+	}
+	return *n.Permission
+}
+
+// GetPrivacy returns the Privacy field if it's non-nil, zero value otherwise.
+func (n *NewTeam) GetPrivacy() string {
+	if n == nil || n.Privacy == nil {
+		return ""
+	}
+	return *n.Privacy
+}
+
+// GetHostname returns the Hostname field if it's non-nil, zero value otherwise.
+func (n *NodeDetails) GetHostname() string {
+	if n == nil || n.Hostname == nil {
+		return ""
+	}
+	return *n.Hostname
+}
+
+// GetUUID returns the UUID field if it's non-nil, zero value otherwise.
+func (n *NodeDetails) GetUUID() string {
+	if n == nil || n.UUID == nil {
+		return ""
+	}
+	return *n.UUID
+}
+
+// GetTopology returns the Topology field if it's non-nil, zero value otherwise.
+func (n *NodeMetadataStatus) GetTopology() string {
+	if n == nil || n.Topology == nil {
+		return ""
+	}
+	return *n.Topology
+}
+
+// GetClusterRoles returns the ClusterRoles field if it's non-nil, zero value otherwise.
+func (n *NodeQueryOptions) GetClusterRoles() string {
+	if n == nil || n.ClusterRoles == nil {
+		return ""
+	}
+	return *n.ClusterRoles
+}
+
+// GetUUID returns the UUID field if it's non-nil, zero value otherwise.
+func (n *NodeQueryOptions) GetUUID() string {
+	if n == nil || n.UUID == nil {
+		return ""
+	}
+	return *n.UUID
+}
+
+// GetHostname returns the Hostname field if it's non-nil, zero value otherwise.
+func (n *NodeReleaseVersion) GetHostname() string {
+	if n == nil || n.Hostname == nil {
+		return ""
+	}
+	return *n.Hostname
+}
+
+// GetVersion returns the Version field.
+func (n *NodeReleaseVersion) GetVersion() *ReleaseVersion {
+	if n == nil {
+		return nil
+	}
+	return n.Version
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (n *Notification) GetID() string {
+	if n == nil || n.ID == nil {
+		return ""
+	}
+	return *n.ID
+}
+
+// GetLastReadAt returns the LastReadAt field if it's non-nil, zero value otherwise.
+func (n *Notification) GetLastReadAt() Timestamp {
+	if n == nil || n.LastReadAt == nil {
+		return Timestamp{}
+	}
+	return *n.LastReadAt
+}
+
+// GetReason returns the Reason field if it's non-nil, zero value otherwise.
+func (n *Notification) GetReason() string {
+	if n == nil || n.Reason == nil {
+		return ""
+	}
+	return *n.Reason
+}
+
+// GetRepository returns the Repository field.
+func (n *Notification) GetRepository() *Repository {
+	if n == nil {
+		return nil
+	}
+	return n.Repository
+}
+
+// GetSubject returns the Subject field.
+func (n *Notification) GetSubject() *NotificationSubject {
+	if n == nil {
+		return nil
+	}
+	return n.Subject
+}
+
+// GetUnread returns the Unread field if it's non-nil, zero value otherwise.
+func (n *Notification) GetUnread() bool {
+	if n == nil || n.Unread == nil {
+		return false
+	}
+	return *n.Unread
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (n *Notification) GetUpdatedAt() Timestamp {
+	if n == nil || n.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *n.UpdatedAt
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (n *Notification) GetURL() string {
+	if n == nil || n.URL == nil {
+		return ""
+	}
+	return *n.URL
+}
+
+// GetLatestCommentURL returns the LatestCommentURL field if it's non-nil, zero value otherwise.
+func (n *NotificationSubject) GetLatestCommentURL() string {
+	if n == nil || n.LatestCommentURL == nil {
+		return ""
+	}
+	return *n.LatestCommentURL
+}
+
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (n *NotificationSubject) GetTitle() string {
+	if n == nil || n.Title == nil {
+		return ""
+	}
+	return *n.Title
+}
+
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (n *NotificationSubject) GetType() string {
+	if n == nil || n.Type == nil {
+		return ""
+	}
+	return *n.Type
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (n *NotificationSubject) GetURL() string {
+	if n == nil || n.URL == nil {
+		return ""
+	}
+	return *n.URL
+}
+
+// GetClientID returns the ClientID field if it's non-nil, zero value otherwise.
+func (o *OAuthAPP) GetClientID() string {
+	if o == nil || o.ClientID == nil {
+		return ""
+	}
+	return *o.ClientID
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (o *OAuthAPP) GetName() string {
+	if o == nil || o.Name == nil {
+		return ""
+	}
+	return *o.Name
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (o *OAuthAPP) GetURL() string {
+	if o == nil || o.URL == nil {
+		return ""
+	}
+	return *o.URL
+}
+
+// GetUseDefault returns the UseDefault field if it's non-nil, zero value otherwise.
+func (o *OIDCSubjectClaimCustomTemplate) GetUseDefault() bool {
+	if o == nil || o.UseDefault == nil {
+		return false
+	}
+	return *o.UseDefault
+}
+
+// GetAdvancedSecurityEnabledForNewRepos returns the AdvancedSecurityEnabledForNewRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetAdvancedSecurityEnabledForNewRepos() bool {
+	if o == nil || o.AdvancedSecurityEnabledForNewRepos == nil {
+		return false
+	}
+	return *o.AdvancedSecurityEnabledForNewRepos
+}
+
+// GetAvatarURL returns the AvatarURL field if it's non-nil, zero value otherwise.
+func (o *Organization) GetAvatarURL() string {
+	if o == nil || o.AvatarURL == nil {
+		return ""
+	}
+	return *o.AvatarURL
+}
+
+// GetBillingEmail returns the BillingEmail field if it's non-nil, zero value otherwise.
+func (o *Organization) GetBillingEmail() string {
+	if o == nil || o.BillingEmail == nil {
+		return ""
+	}
+	return *o.BillingEmail
+}
+
+// GetBlog returns the Blog field if it's non-nil, zero value otherwise.
+func (o *Organization) GetBlog() string {
+	if o == nil || o.Blog == nil {
+		return ""
+	}
+	return *o.Blog
+}
+
+// GetCollaborators returns the Collaborators field if it's non-nil, zero value otherwise.
+func (o *Organization) GetCollaborators() int {
+	if o == nil || o.Collaborators == nil {
+		return 0
+	}
+	return *o.Collaborators
+}
+
+// GetCompany returns the Company field if it's non-nil, zero value otherwise.
+func (o *Organization) GetCompany() string {
+	if o == nil || o.Company == nil {
+		return ""
+	}
+	return *o.Company
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (o *Organization) GetCreatedAt() Timestamp {
+	if o == nil || o.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *o.CreatedAt
+}
+
+// GetDefaultRepoPermission returns the DefaultRepoPermission field if it's non-nil, zero value otherwise.
+func (o *Organization) GetDefaultRepoPermission() string {
+	if o == nil || o.DefaultRepoPermission == nil {
+		return ""
+	}
+	return *o.DefaultRepoPermission
+}
+
+// GetDefaultRepoSettings returns the DefaultRepoSettings field if it's non-nil, zero value otherwise.
+func (o *Organization) GetDefaultRepoSettings() string {
+	if o == nil || o.DefaultRepoSettings == nil {
+		return ""
+	}
+	return *o.DefaultRepoSettings
+}
+
+// GetDependabotAlertsEnabledForNewRepos returns the DependabotAlertsEnabledForNewRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetDependabotAlertsEnabledForNewRepos() bool {
+	if o == nil || o.DependabotAlertsEnabledForNewRepos == nil {
+		return false
+	}
+	return *o.DependabotAlertsEnabledForNewRepos
+}
+
+// GetDependabotSecurityUpdatesEnabledForNewRepos returns the DependabotSecurityUpdatesEnabledForNewRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetDependabotSecurityUpdatesEnabledForNewRepos() bool {
+	if o == nil || o.DependabotSecurityUpdatesEnabledForNewRepos == nil {
+		return false
+	}
+	return *o.DependabotSecurityUpdatesEnabledForNewRepos
+}
+
+// GetDependencyGraphEnabledForNewRepos returns the DependencyGraphEnabledForNewRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetDependencyGraphEnabledForNewRepos() bool {
+	if o == nil || o.DependencyGraphEnabledForNewRepos == nil {
+		return false
+	}
+	return *o.DependencyGraphEnabledForNewRepos
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (o *Organization) GetDescription() string {
+	if o == nil || o.Description == nil {
+		return ""
+	}
+	return *o.Description
+}
+
+// GetDiskUsage returns the DiskUsage field if it's non-nil, zero value otherwise.
+func (o *Organization) GetDiskUsage() int {
+	if o == nil || o.DiskUsage == nil {
+		return 0
+	}
+	return *o.DiskUsage
+}
+
+// GetEmail returns the Email field if it's non-nil, zero value otherwise.
+func (o *Organization) GetEmail() string {
+	if o == nil || o.Email == nil {
+		return ""
+	}
+	return *o.Email
+}
+
+// GetEventsURL returns the EventsURL field if it's non-nil, zero value otherwise.
+func (o *Organization) GetEventsURL() string {
+	if o == nil || o.EventsURL == nil {
+		return ""
+	}
+	return *o.EventsURL
+}
+
+// GetFollowers returns the Followers field if it's non-nil, zero value otherwise.
+func (o *Organization) GetFollowers() int {
+	if o == nil || o.Followers == nil {
+		return 0
+	}
+	return *o.Followers
+}
+
+// GetFollowing returns the Following field if it's non-nil, zero value otherwise.
+func (o *Organization) GetFollowing() int {
+	if o == nil || o.Following == nil {
+		return 0
+	}
+	return *o.Following
+}
+
+// GetHasOrganizationProjects returns the HasOrganizationProjects field if it's non-nil, zero value otherwise.
+func (o *Organization) GetHasOrganizationProjects() bool {
+	if o == nil || o.HasOrganizationProjects == nil {
+		return false
+	}
+	return *o.HasOrganizationProjects
+}
+
+// GetHasRepositoryProjects returns the HasRepositoryProjects field if it's non-nil, zero value otherwise.
+func (o *Organization) GetHasRepositoryProjects() bool {
+	if o == nil || o.HasRepositoryProjects == nil {
+		return false
+	}
+	return *o.HasRepositoryProjects
+}
+
+// GetHooksURL returns the HooksURL field if it's non-nil, zero value otherwise.
+func (o *Organization) GetHooksURL() string {
+	if o == nil || o.HooksURL == nil {
+		return ""
+	}
+	return *o.HooksURL
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (o *Organization) GetHTMLURL() string {
+	if o == nil || o.HTMLURL == nil {
+		return ""
+	}
+	return *o.HTMLURL
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (o *Organization) GetID() int64 {
+	if o == nil || o.ID == nil {
+		return 0
+	}
+	return *o.ID
+}
+
+// GetIssuesURL returns the IssuesURL field if it's non-nil, zero value otherwise.
+func (o *Organization) GetIssuesURL() string {
+	if o == nil || o.IssuesURL == nil {
+		return ""
+	}
+	return *o.IssuesURL
+}
+
+// GetIsVerified returns the IsVerified field if it's non-nil, zero value otherwise.
+func (o *Organization) GetIsVerified() bool {
+	if o == nil || o.IsVerified == nil {
+		return false
+	}
+	return *o.IsVerified
+}
+
+// GetLocation returns the Location field if it's non-nil, zero value otherwise.
+func (o *Organization) GetLocation() string {
+	if o == nil || o.Location == nil {
+		return ""
+	}
+	return *o.Location
+}
+
+// GetLogin returns the Login field if it's non-nil, zero value otherwise.
+func (o *Organization) GetLogin() string {
+	if o == nil || o.Login == nil {
+		return ""
+	}
+	return *o.Login
+}
+
+// GetMembersAllowedRepositoryCreationType returns the MembersAllowedRepositoryCreationType field if it's non-nil, zero value otherwise.
+func (o *Organization) GetMembersAllowedRepositoryCreationType() string {
+	if o == nil || o.MembersAllowedRepositoryCreationType == nil {
+		return ""
+	}
+	return *o.MembersAllowedRepositoryCreationType
+}
+
+// GetMembersCanCreateInternalRepos returns the MembersCanCreateInternalRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetMembersCanCreateInternalRepos() bool {
+	if o == nil || o.MembersCanCreateInternalRepos == nil {
+		return false
+	}
+	return *o.MembersCanCreateInternalRepos
+}
+
+// GetMembersCanCreatePages returns the MembersCanCreatePages field if it's non-nil, zero value otherwise.
+func (o *Organization) GetMembersCanCreatePages() bool {
+	if o == nil || o.MembersCanCreatePages == nil {
+		return false
+	}
+	return *o.MembersCanCreatePages
+}
+
+// GetMembersCanCreatePrivatePages returns the MembersCanCreatePrivatePages field if it's non-nil, zero value otherwise.
+func (o *Organization) GetMembersCanCreatePrivatePages() bool {
+	if o == nil || o.MembersCanCreatePrivatePages == nil {
+		return false
+	}
+	return *o.MembersCanCreatePrivatePages
+}
+
+// GetMembersCanCreatePrivateRepos returns the MembersCanCreatePrivateRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetMembersCanCreatePrivateRepos() bool {
+	if o == nil || o.MembersCanCreatePrivateRepos == nil {
+		return false
+	}
+	return *o.MembersCanCreatePrivateRepos
+}
+
+// GetMembersCanCreatePublicPages returns the MembersCanCreatePublicPages field if it's non-nil, zero value otherwise.
+func (o *Organization) GetMembersCanCreatePublicPages() bool {
+	if o == nil || o.MembersCanCreatePublicPages == nil {
+		return false
+	}
+	return *o.MembersCanCreatePublicPages
+}
+
+// GetMembersCanCreatePublicRepos returns the MembersCanCreatePublicRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetMembersCanCreatePublicRepos() bool {
+	if o == nil || o.MembersCanCreatePublicRepos == nil {
+		return false
+	}
+	return *o.MembersCanCreatePublicRepos
+}
+
+// GetMembersCanCreateRepos returns the MembersCanCreateRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetMembersCanCreateRepos() bool {
+	if o == nil || o.MembersCanCreateRepos == nil {
+		return false
+	}
+	return *o.MembersCanCreateRepos
+}
+
+// GetMembersCanForkPrivateRepos returns the MembersCanForkPrivateRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetMembersCanForkPrivateRepos() bool {
+	if o == nil || o.MembersCanForkPrivateRepos == nil {
+		return false
+	}
+	return *o.MembersCanForkPrivateRepos
+}
+
+// GetMembersURL returns the MembersURL field if it's non-nil, zero value otherwise.
+func (o *Organization) GetMembersURL() string {
+	if o == nil || o.MembersURL == nil {
+		return ""
+	}
+	return *o.MembersURL
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (o *Organization) GetName() string {
+	if o == nil || o.Name == nil {
+		return ""
+	}
+	return *o.Name
+}
+
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (o *Organization) GetNodeID() string {
+	if o == nil || o.NodeID == nil {
+		return ""
+	}
+	return *o.NodeID
+}
+
+// GetOwnedPrivateRepos returns the OwnedPrivateRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetOwnedPrivateRepos() int64 {
+	if o == nil || o.OwnedPrivateRepos == nil {
+		return 0
+	}
+	return *o.OwnedPrivateRepos
+}
+
+// GetPlan returns the Plan field.
+func (o *Organization) GetPlan() *Plan {
+	if o == nil {
+		return nil
+	}
+	return o.Plan
+}
+
+// GetPrivateGists returns the PrivateGists field if it's non-nil, zero value otherwise.
+func (o *Organization) GetPrivateGists() int {
+	if o == nil || o.PrivateGists == nil {
+		return 0
+	}
+	return *o.PrivateGists
+}
+
+// GetPublicGists returns the PublicGists field if it's non-nil, zero value otherwise.
+func (o *Organization) GetPublicGists() int {
+	if o == nil || o.PublicGists == nil {
+		return 0
+	}
+	return *o.PublicGists
+}
+
+// GetPublicMembersURL returns the PublicMembersURL field if it's non-nil, zero value otherwise.
+func (o *Organization) GetPublicMembersURL() string {
+	if o == nil || o.PublicMembersURL == nil {
+		return ""
+	}
+	return *o.PublicMembersURL
+}
+
+// GetPublicRepos returns the PublicRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetPublicRepos() int {
+	if o == nil || o.PublicRepos == nil {
+		return 0
+	}
+	return *o.PublicRepos
+}
+
+// GetReposURL returns the ReposURL field if it's non-nil, zero value otherwise.
+func (o *Organization) GetReposURL() string {
+	if o == nil || o.ReposURL == nil {
+		return ""
+	}
+	return *o.ReposURL
+}
+
+// GetSecretScanningEnabledForNewRepos returns the SecretScanningEnabledForNewRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetSecretScanningEnabledForNewRepos() bool {
+	if o == nil || o.SecretScanningEnabledForNewRepos == nil {
+		return false
+	}
+	return *o.SecretScanningEnabledForNewRepos
+}
+
+// GetSecretScanningPushProtectionEnabledForNewRepos returns the SecretScanningPushProtectionEnabledForNewRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetSecretScanningPushProtectionEnabledForNewRepos() bool {
+	if o == nil || o.SecretScanningPushProtectionEnabledForNewRepos == nil {
+		return false
+	}
+	return *o.SecretScanningPushProtectionEnabledForNewRepos
+}
+
+// GetSecretScanningValidityChecksEnabled returns the SecretScanningValidityChecksEnabled field if it's non-nil, zero value otherwise.
+func (o *Organization) GetSecretScanningValidityChecksEnabled() bool {
+	if o == nil || o.SecretScanningValidityChecksEnabled == nil {
+		return false
+	}
+	return *o.SecretScanningValidityChecksEnabled
+}
+
+// GetTotalPrivateRepos returns the TotalPrivateRepos field if it's non-nil, zero value otherwise.
+func (o *Organization) GetTotalPrivateRepos() int64 {
+	if o == nil || o.TotalPrivateRepos == nil {
+		return 0
+	}
+	return *o.TotalPrivateRepos
+}
+
+// GetTwitterUsername returns the TwitterUsername field if it's non-nil, zero value otherwise.
+func (o *Organization) GetTwitterUsername() string {
+	if o == nil || o.TwitterUsername == nil {
+		return ""
+	}
+	return *o.TwitterUsername
+}
+
+// GetTwoFactorRequirementEnabled returns the TwoFactorRequirementEnabled field if it's non-nil, zero value otherwise.
+func (o *Organization) GetTwoFactorRequirementEnabled() bool {
+	if o == nil || o.TwoFactorRequirementEnabled == nil {
+		return false
+	}
+	return *o.TwoFactorRequirementEnabled
+}
+
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (o *Organization) GetType() string {
+	if o == nil || o.Type == nil {
+		return ""
+	}
+	return *o.Type
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (o *Organization) GetUpdatedAt() Timestamp {
+	if o == nil || o.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *o.UpdatedAt
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (o *Organization) GetURL() string {
+	if o == nil || o.URL == nil {
+		return ""
+	}
+	return *o.URL
+}
+
+// GetWebCommitSignoffRequired returns the WebCommitSignoffRequired field if it's non-nil, zero value otherwise.
+func (o *Organization) GetWebCommitSignoffRequired() bool {
+	if o == nil || o.WebCommitSignoffRequired == nil {
+		return false
+	}
+	return *o.WebCommitSignoffRequired
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (o *OrganizationCustomRepoRoles) GetTotalCount() int {
+	if o == nil || o.TotalCount == nil {
+		return 0
+	}
+	return *o.TotalCount
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (o *OrganizationCustomRoles) GetTotalCount() int {
+	if o == nil || o.TotalCount == nil {
+		return 0
+	}
+	return *o.TotalCount
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (o *OrganizationEvent) GetAction() string {
+	if o == nil || o.Action == nil {
+		return ""
+	}
+	return *o.Action
+}
+
+// GetInstallation returns the Installation field.
+func (o *OrganizationEvent) GetInstallation() *Installation {
+	if o == nil {
+		return nil
+	}
+	return o.Installation
+}
+
+// GetInvitation returns the Invitation field.
+func (o *OrganizationEvent) GetInvitation() *Invitation {
+	if o == nil {
+		return nil
+	}
+	return o.Invitation
+}
+
+// GetMembership returns the Membership field.
+func (o *OrganizationEvent) GetMembership() *Membership {
+	if o == nil {
+		return nil
+	}
+	return o.Membership
+}
+
+// GetOrganization returns the Organization field.
+func (o *OrganizationEvent) GetOrganization() *Organization {
+	if o == nil {
+		return nil
+	}
+	return o.Organization
+}
+
+// GetSender returns the Sender field.
+func (o *OrganizationEvent) GetSender() *User {
+	if o == nil {
+		return nil
+	}
+	return o.Sender
+}
+
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (o *OrganizationInstallations) GetTotalCount() int {
+	if o == nil || o.TotalCount == nil {
+		return 0
+	}
+	return *o.TotalCount
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (o *OrgBlockEvent) GetAction() string {
+	if o == nil || o.Action == nil {
+		return ""
+	}
+	return *o.Action
+}
+
+// GetBlockedUser returns the BlockedUser field.
+func (o *OrgBlockEvent) GetBlockedUser() *User {
+	if o == nil {
+		return nil
+	}
+	return o.BlockedUser
+}
+
+// GetInstallation returns the Installation field.
+func (o *OrgBlockEvent) GetInstallation() *Installation {
+	if o == nil {
+		return nil
+	}
+	return o.Installation
+}
+
+// GetOrganization returns the Organization field.
+func (o *OrgBlockEvent) GetOrganization() *Organization {
+	if o == nil {
+		return nil
+	}
+	return o.Organization
+}
+
+// GetSender returns the Sender field.
+func (o *OrgBlockEvent) GetSender() *User {
+	if o == nil {
+		return nil
+	}
+	return o.Sender
+}
+
+// GetDisabledOrgs returns the DisabledOrgs field if it's non-nil, zero value otherwise.
+func (o *OrgStats) GetDisabledOrgs() int {
+	if o == nil || o.DisabledOrgs == nil {
+		return 0
+	}
+	return *o.DisabledOrgs
+}
+
+// GetTotalOrgs returns the TotalOrgs field if it's non-nil, zero value otherwise.
+func (o *OrgStats) GetTotalOrgs() int {
+	if o == nil || o.TotalOrgs == nil {
+		return 0
+	}
+	return *o.TotalOrgs
+}
+
+// GetTotalTeamMembers returns the TotalTeamMembers field if it's non-nil, zero value otherwise.
+func (o *OrgStats) GetTotalTeamMembers() int {
+	if o == nil || o.TotalTeamMembers == nil {
+		return 0
+	}
+	return *o.TotalTeamMembers
+}
+
+// GetTotalTeams returns the TotalTeams field if it's non-nil, zero value otherwise.
+func (o *OrgStats) GetTotalTeams() int {
+	if o == nil || o.TotalTeams == nil {
+		return 0
+	}
+	return *o.TotalTeams
+}
+
+// GetOrg returns the Org field.
+func (o *OwnerInfo) GetOrg() *User {
+	if o == nil {
+		return nil
+	}
+	return o.Org
+}
+
+// GetUser returns the User field.
+func (o *OwnerInfo) GetUser() *User {
+	if o == nil {
+		return nil
+	}
+	return o.User
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (p *Package) GetCreatedAt() Timestamp {
+	if p == nil || p.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *p.CreatedAt
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (p *Package) GetDescription() string {
+	if p == nil || p.Description == nil {
+		return ""
+	}
+	return *p.Description
+}
+
+// GetEcosystem returns the Ecosystem field if it's non-nil, zero value otherwise.
+func (p *Package) GetEcosystem() string {
+	if p == nil || p.Ecosystem == nil {
+		return ""
+	}
+	return *p.Ecosystem
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *Package) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
+		return ""
+	}
+	return *p.HTMLURL
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *Package) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
+	}
+	return *p.ID
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *Package) GetName() string {
+	if p == nil || p.Name == nil {
+		return ""
+	}
+	return *p.Name
+}
+
+// GetNamespace returns the Namespace field if it's non-nil, zero value otherwise.
+func (p *Package) GetNamespace() string {
+	if p == nil || p.Namespace == nil {
+		return ""
+	}
+	return *p.Namespace
+}
+
+// GetOwner returns the Owner field.
+func (p *Package) GetOwner() *User {
+	if p == nil {
+		return nil
+	}
+	return p.Owner
+}
+
+// GetPackageType returns the PackageType field if it's non-nil, zero value otherwise.
+func (p *Package) GetPackageType() string {
+	if p == nil || p.PackageType == nil {
+		return ""
+	}
+	return *p.PackageType
+}
+
+// GetPackageVersion returns the PackageVersion field.
+func (p *Package) GetPackageVersion() *PackageVersion {
+	if p == nil {
+		return nil
+	}
+	return p.PackageVersion
+}
+
+// GetRegistry returns the Registry field.
+func (p *Package) GetRegistry() *PackageRegistry {
+	if p == nil {
+		return nil
+	}
+	return p.Registry
+}
+
+// GetRepository returns the Repository field.
+func (p *Package) GetRepository() *Repository {
+	if p == nil {
+		return nil
+	}
+	return p.Repository
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (p *Package) GetUpdatedAt() Timestamp {
+	if p == nil || p.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *p.UpdatedAt
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (p *Package) GetURL() string {
+	if p == nil || p.URL == nil {
+		return ""
+	}
+	return *p.URL
+}
+
+// GetVersionCount returns the VersionCount field if it's non-nil, zero value otherwise.
+func (p *Package) GetVersionCount() int64 {
+	if p == nil || p.VersionCount == nil {
+		return 0
+	}
+	return *p.VersionCount
+}
+
+// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
+func (p *Package) GetVisibility() string {
+	if p == nil || p.Visibility == nil {
+		return ""
+	}
+	return *p.Visibility
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (p *PackageEvent) GetAction() string {
+	if p == nil || p.Action == nil {
+		return ""
+	}
+	return *p.Action
+}
+
+// GetInstallation returns the Installation field.
+func (p *PackageEvent) GetInstallation() *Installation {
+	if p == nil {
+		return nil
+	}
+	return p.Installation
+}
+
+// GetOrg returns the Org field.
+func (p *PackageEvent) GetOrg() *Organization {
+	if p == nil {
+		return nil
+	}
+	return p.Org
+}
+
+// GetPackage returns the Package field.
+func (p *PackageEvent) GetPackage() *Package {
+	if p == nil {
+		return nil
+	}
+	return p.Package
+}
+
+// GetRepo returns the Repo field.
+func (p *PackageEvent) GetRepo() *Repository {
+	if p == nil {
+		return nil
+	}
+	return p.Repo
+}
+
+// GetSender returns the Sender field.
+func (p *PackageEvent) GetSender() *User {
+	if p == nil {
+		return nil
+	}
+	return p.Sender
+}
+
+// GetLabels returns the Labels map if it's non-nil, an empty map otherwise.
+func (p *PackageEventContainerMetadata) GetLabels() map[string]any {
+	if p == nil || p.Labels == nil {
+		return map[string]any{}
+	}
+	return p.Labels
+}
+
+// GetManifest returns the Manifest map if it's non-nil, an empty map otherwise.
+func (p *PackageEventContainerMetadata) GetManifest() map[string]any {
+	if p == nil || p.Manifest == nil {
+		return map[string]any{}
+	}
+	return p.Manifest
+}
+
+// GetTag returns the Tag field.
+func (p *PackageEventContainerMetadata) GetTag() *PackageEventContainerMetadataTag {
+	if p == nil {
+		return nil
+	}
+	return p.Tag
+}
+
+// GetDigest returns the Digest field if it's non-nil, zero value otherwise.
+func (p *PackageEventContainerMetadataTag) GetDigest() string {
+	if p == nil || p.Digest == nil {
+		return ""
+	}
+	return *p.Digest
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PackageEventContainerMetadataTag) GetName() string {
+	if p == nil || p.Name == nil {
+		return ""
+	}
+	return *p.Name
+}
+
+// GetAuthor returns the Author field.
+func (p *PackageFile) GetAuthor() *User {
+	if p == nil {
+		return nil
+	}
+	return p.Author
+}
+
+// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetContentType() string {
+	if p == nil || p.ContentType == nil {
+		return ""
+	}
+	return *p.ContentType
 }
 
-// GetMembersCanCreatePages returns the MembersCanCreatePages field if it's non-nil, zero value otherwise.
-func (o *Organization) GetMembersCanCreatePages() bool {
-	if o == nil || o.MembersCanCreatePages == nil {
-		return false
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetCreatedAt() Timestamp {
+	if p == nil || p.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *o.MembersCanCreatePages
+	return *p.CreatedAt
 }
 
-// GetMembersCanCreatePrivatePages returns the MembersCanCreatePrivatePages field if it's non-nil, zero value otherwise.
-func (o *Organization) GetMembersCanCreatePrivatePages() bool {
-	if o == nil || o.MembersCanCreatePrivatePages == nil {
-		return false
+// GetDownloadURL returns the DownloadURL field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetDownloadURL() string {
+	if p == nil || p.DownloadURL == nil {
+		return ""
 	}
-	return *o.MembersCanCreatePrivatePages
+	return *p.DownloadURL
 }
 
-// GetMembersCanCreatePrivateRepos returns the MembersCanCreatePrivateRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetMembersCanCreatePrivateRepos() bool {
-	if o == nil || o.MembersCanCreatePrivateRepos == nil {
-		return false
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
 	}
-	return *o.MembersCanCreatePrivateRepos
+	return *p.ID
 }
 
-// GetMembersCanCreatePublicPages returns the MembersCanCreatePublicPages field if it's non-nil, zero value otherwise.
-func (o *Organization) GetMembersCanCreatePublicPages() bool {
-	if o == nil || o.MembersCanCreatePublicPages == nil {
-		return false
+// GetMD5 returns the MD5 field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetMD5() string {
+	if p == nil || p.MD5 == nil {
+		return ""
 	}
-	return *o.MembersCanCreatePublicPages
+	return *p.MD5
 }
 
-// GetMembersCanCreatePublicRepos returns the MembersCanCreatePublicRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetMembersCanCreatePublicRepos() bool {
-	if o == nil || o.MembersCanCreatePublicRepos == nil {
-		return false
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetName() string {
+	if p == nil || p.Name == nil {
+		return ""
 	}
-	return *o.MembersCanCreatePublicRepos
+	return *p.Name
 }
 
-// GetMembersCanCreateRepos returns the MembersCanCreateRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetMembersCanCreateRepos() bool {
-	if o == nil || o.MembersCanCreateRepos == nil {
-		return false
+// GetSHA1 returns the SHA1 field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetSHA1() string {
+	if p == nil || p.SHA1 == nil {
+		return ""
 	}
-	return *o.MembersCanCreateRepos
+	return *p.SHA1
 }
 
-// GetMembersCanForkPrivateRepos returns the MembersCanForkPrivateRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetMembersCanForkPrivateRepos() bool {
-	if o == nil || o.MembersCanForkPrivateRepos == nil {
-		return false
+// GetSHA256 returns the SHA256 field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetSHA256() string {
+	if p == nil || p.SHA256 == nil {
+		return ""
 	}
-	return *o.MembersCanForkPrivateRepos
+	return *p.SHA256
 }
 
-// GetMembersURL returns the MembersURL field if it's non-nil, zero value otherwise.
-func (o *Organization) GetMembersURL() string {
-	if o == nil || o.MembersURL == nil {
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetSize() int64 {
+	if p == nil || p.Size == nil {
+		return 0
+	}
+	return *p.Size
+}
+
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetState() string {
+	if p == nil || p.State == nil {
 		return ""
 	}
-	return *o.MembersURL
+	return *p.State
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (o *Organization) GetName() string {
-	if o == nil || o.Name == nil {
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (p *PackageFile) GetUpdatedAt() Timestamp {
+	if p == nil || p.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *p.UpdatedAt
+}
+
+// GetPackageType returns the PackageType field if it's non-nil, zero value otherwise.
+func (p *PackageListOptions) GetPackageType() string {
+	if p == nil || p.PackageType == nil {
 		return ""
 	}
-	return *o.Name
+	return *p.PackageType
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (o *Organization) GetNodeID() string {
-	if o == nil || o.NodeID == nil {
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (p *PackageListOptions) GetState() string {
+	if p == nil || p.State == nil {
 		return ""
 	}
-	return *o.NodeID
+	return *p.State
 }
 
-// GetOwnedPrivateRepos returns the OwnedPrivateRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetOwnedPrivateRepos() int64 {
-	if o == nil || o.OwnedPrivateRepos == nil {
-		return 0
+// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
+func (p *PackageListOptions) GetVisibility() string {
+	if p == nil || p.Visibility == nil {
+		return ""
 	}
-	return *o.OwnedPrivateRepos
+	return *p.Visibility
 }
 
-// GetPlan returns the Plan field.
-func (o *Organization) GetPlan() *Plan {
-	if o == nil {
+// GetContainer returns the Container field.
+func (p *PackageMetadata) GetContainer() *PackageContainerMetadata {
+	if p == nil {
 		return nil
 	}
-	return o.Plan
+	return p.Container
 }
 
-// GetPrivateGists returns the PrivateGists field if it's non-nil, zero value otherwise.
-func (o *Organization) GetPrivateGists() int {
-	if o == nil || o.PrivateGists == nil {
-		return 0
+// GetPackageType returns the PackageType field if it's non-nil, zero value otherwise.
+func (p *PackageMetadata) GetPackageType() string {
+	if p == nil || p.PackageType == nil {
+		return ""
 	}
-	return *o.PrivateGists
+	return *p.PackageType
 }
 
-// GetPublicGists returns the PublicGists field if it's non-nil, zero value otherwise.
-func (o *Organization) GetPublicGists() int {
-	if o == nil || o.PublicGists == nil {
-		return 0
+// GetAuthor returns the Author map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetAuthor() map[string]string {
+	if p == nil || p.Author == nil {
+		return map[string]string{}
 	}
-	return *o.PublicGists
+	return p.Author
 }
 
-// GetPublicMembersURL returns the PublicMembersURL field if it's non-nil, zero value otherwise.
-func (o *Organization) GetPublicMembersURL() string {
-	if o == nil || o.PublicMembersURL == nil {
+// GetBin returns the Bin map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetBin() map[string]any {
+	if p == nil || p.Bin == nil {
+		return map[string]any{}
+	}
+	return p.Bin
+}
+
+// GetBugs returns the Bugs map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetBugs() map[string]string {
+	if p == nil || p.Bugs == nil {
+		return map[string]string{}
+	}
+	return p.Bugs
+}
+
+// GetCommitOID returns the CommitOID field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetCommitOID() string {
+	if p == nil || p.CommitOID == nil {
 		return ""
 	}
-	return *o.PublicMembersURL
+	return *p.CommitOID
 }
 
-// GetPublicRepos returns the PublicRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetPublicRepos() int {
-	if o == nil || o.PublicRepos == nil {
+// GetDeletedByID returns the DeletedByID field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetDeletedByID() int64 {
+	if p == nil || p.DeletedByID == nil {
 		return 0
 	}
-	return *o.PublicRepos
+	return *p.DeletedByID
 }
 
-// GetReposURL returns the ReposURL field if it's non-nil, zero value otherwise.
-func (o *Organization) GetReposURL() string {
-	if o == nil || o.ReposURL == nil {
+// GetDependencies returns the Dependencies map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetDependencies() map[string]string {
+	if p == nil || p.Dependencies == nil {
+		return map[string]string{}
+	}
+	return p.Dependencies
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetDescription() string {
+	if p == nil || p.Description == nil {
 		return ""
 	}
-	return *o.ReposURL
+	return *p.Description
 }
 
-// GetSecretScanningEnabledForNewRepos returns the SecretScanningEnabledForNewRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetSecretScanningEnabledForNewRepos() bool {
-	if o == nil || o.SecretScanningEnabledForNewRepos == nil {
-		return false
+// GetDevDependencies returns the DevDependencies map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetDevDependencies() map[string]string {
+	if p == nil || p.DevDependencies == nil {
+		return map[string]string{}
 	}
-	return *o.SecretScanningEnabledForNewRepos
+	return p.DevDependencies
 }
 
-// GetSecretScanningPushProtectionEnabledForNewRepos returns the SecretScanningPushProtectionEnabledForNewRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetSecretScanningPushProtectionEnabledForNewRepos() bool {
-	if o == nil || o.SecretScanningPushProtectionEnabledForNewRepos == nil {
-		return false
+// GetDirectories returns the Directories map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetDirectories() map[string]string {
+	if p == nil || p.Directories == nil {
+		return map[string]string{}
 	}
-	return *o.SecretScanningPushProtectionEnabledForNewRepos
+	return p.Directories
 }
 
-// GetTotalPrivateRepos returns the TotalPrivateRepos field if it's non-nil, zero value otherwise.
-func (o *Organization) GetTotalPrivateRepos() int64 {
-	if o == nil || o.TotalPrivateRepos == nil {
-		return 0
+// GetDist returns the Dist map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetDist() map[string]string {
+	if p == nil || p.Dist == nil {
+		return map[string]string{}
 	}
-	return *o.TotalPrivateRepos
+	return p.Dist
 }
 
-// GetTwitterUsername returns the TwitterUsername field if it's non-nil, zero value otherwise.
-func (o *Organization) GetTwitterUsername() string {
-	if o == nil || o.TwitterUsername == nil {
+// GetEngines returns the Engines map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetEngines() map[string]string {
+	if p == nil || p.Engines == nil {
+		return map[string]string{}
+	}
+	return p.Engines
+}
+
+// GetGitHead returns the GitHead field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetGitHead() string {
+	if p == nil || p.GitHead == nil {
 		return ""
 	}
-	return *o.TwitterUsername
+	return *p.GitHead
 }
 
-// GetTwoFactorRequirementEnabled returns the TwoFactorRequirementEnabled field if it's non-nil, zero value otherwise.
-func (o *Organization) GetTwoFactorRequirementEnabled() bool {
-	if o == nil || o.TwoFactorRequirementEnabled == nil {
+// GetHasShrinkwrap returns the HasShrinkwrap field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetHasShrinkwrap() bool {
+	if p == nil || p.HasShrinkwrap == nil {
 		return false
 	}
-	return *o.TwoFactorRequirementEnabled
+	return *p.HasShrinkwrap
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (o *Organization) GetType() string {
-	if o == nil || o.Type == nil {
+// GetHomepage returns the Homepage field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetHomepage() string {
+	if p == nil || p.Homepage == nil {
 		return ""
 	}
-	return *o.Type
+	return *p.Homepage
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetID() string {
+	if p == nil || p.ID == nil {
+		return ""
+	}
+	return *p.ID
+}
+
+// GetInstallationCommand returns the InstallationCommand field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetInstallationCommand() string {
+	if p == nil || p.InstallationCommand == nil {
+		return ""
+	}
+	return *p.InstallationCommand
+}
+
+// GetLicense returns the License field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetLicense() string {
+	if p == nil || p.License == nil {
+		return ""
+	}
+	return *p.License
+}
+
+// GetMain returns the Main field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetMain() string {
+	if p == nil || p.Main == nil {
+		return ""
+	}
+	return *p.Main
+}
+
+// GetMan returns the Man map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetMan() map[string]any {
+	if p == nil || p.Man == nil {
+		return map[string]any{}
+	}
+	return p.Man
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetName() string {
+	if p == nil || p.Name == nil {
+		return ""
+	}
+	return *p.Name
+}
+
+// GetNodeVersion returns the NodeVersion field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetNodeVersion() string {
+	if p == nil || p.NodeVersion == nil {
+		return ""
+	}
+	return *p.NodeVersion
+}
+
+// GetNPMUser returns the NPMUser field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetNPMUser() string {
+	if p == nil || p.NPMUser == nil {
+		return ""
+	}
+	return *p.NPMUser
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (o *Organization) GetUpdatedAt() Timestamp {
-	if o == nil || o.UpdatedAt == nil {
-		return Timestamp{}
+// GetNPMVersion returns the NPMVersion field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetNPMVersion() string {
+	if p == nil || p.NPMVersion == nil {
+		return ""
 	}
-	return *o.UpdatedAt
+	return *p.NPMVersion
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (o *Organization) GetURL() string {
-	if o == nil || o.URL == nil {
-		return ""
+// GetOptionalDependencies returns the OptionalDependencies map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetOptionalDependencies() map[string]string {
+	if p == nil || p.OptionalDependencies == nil {
+		return map[string]string{}
 	}
-	return *o.URL
+	return p.OptionalDependencies
 }
 
-// GetWebCommitSignoffRequired returns the WebCommitSignoffRequired field if it's non-nil, zero value otherwise.
-func (o *Organization) GetWebCommitSignoffRequired() bool {
-	if o == nil || o.WebCommitSignoffRequired == nil {
-		return false
+// GetPeerDependencies returns the PeerDependencies map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetPeerDependencies() map[string]string {
+	if p == nil || p.PeerDependencies == nil {
+		return map[string]string{}
 	}
-	return *o.WebCommitSignoffRequired
+	return p.PeerDependencies
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (o *OrganizationCustomRepoRoles) GetTotalCount() int {
-	if o == nil || o.TotalCount == nil {
-		return 0
+// GetPublishedViaActions returns the PublishedViaActions field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetPublishedViaActions() bool {
+	if p == nil || p.PublishedViaActions == nil {
+		return false
 	}
-	return *o.TotalCount
+	return *p.PublishedViaActions
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (o *OrganizationEvent) GetAction() string {
-	if o == nil || o.Action == nil {
+// GetReadme returns the Readme field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetReadme() string {
+	if p == nil || p.Readme == nil {
 		return ""
 	}
-	return *o.Action
+	return *p.Readme
 }
 
-// GetInstallation returns the Installation field.
-func (o *OrganizationEvent) GetInstallation() *Installation {
-	if o == nil {
-		return nil
+// GetReleaseID returns the ReleaseID field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetReleaseID() int64 {
+	if p == nil || p.ReleaseID == nil {
+		return 0
 	}
-	return o.Installation
+	return *p.ReleaseID
 }
 
-// GetInvitation returns the Invitation field.
-func (o *OrganizationEvent) GetInvitation() *Invitation {
-	if o == nil {
-		return nil
+// GetRepository returns the Repository map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetRepository() map[string]string {
+	if p == nil || p.Repository == nil {
+		return map[string]string{}
 	}
-	return o.Invitation
+	return p.Repository
 }
 
-// GetMembership returns the Membership field.
-func (o *OrganizationEvent) GetMembership() *Membership {
-	if o == nil {
-		return nil
+// GetScripts returns the Scripts map if it's non-nil, an empty map otherwise.
+func (p *PackageNPMMetadata) GetScripts() map[string]any {
+	if p == nil || p.Scripts == nil {
+		return map[string]any{}
 	}
-	return o.Membership
+	return p.Scripts
 }
 
-// GetOrganization returns the Organization field.
-func (o *OrganizationEvent) GetOrganization() *Organization {
-	if o == nil {
-		return nil
+// GetVersion returns the Version field if it's non-nil, zero value otherwise.
+func (p *PackageNPMMetadata) GetVersion() string {
+	if p == nil || p.Version == nil {
+		return ""
 	}
-	return o.Organization
+	return *p.Version
 }
 
-// GetSender returns the Sender field.
-func (o *OrganizationEvent) GetSender() *User {
-	if o == nil {
-		return nil
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PackageNugetMetadata) GetName() string {
+	if p == nil || p.Name == nil {
+		return ""
 	}
-	return o.Sender
+	return *p.Name
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (o *OrganizationInstallations) GetTotalCount() int {
-	if o == nil || o.TotalCount == nil {
-		return 0
+// GetAboutURL returns the AboutURL field if it's non-nil, zero value otherwise.
+func (p *PackageRegistry) GetAboutURL() string {
+	if p == nil || p.AboutURL == nil {
+		return ""
 	}
-	return *o.TotalCount
+	return *p.AboutURL
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (o *OrgBlockEvent) GetAction() string {
-	if o == nil || o.Action == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PackageRegistry) GetName() string {
+	if p == nil || p.Name == nil {
 		return ""
 	}
-	return *o.Action
+	return *p.Name
 }
 
-// GetBlockedUser returns the BlockedUser field.
-func (o *OrgBlockEvent) GetBlockedUser() *User {
-	if o == nil {
-		return nil
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (p *PackageRegistry) GetType() string {
+	if p == nil || p.Type == nil {
+		return ""
 	}
-	return o.BlockedUser
+	return *p.Type
 }
 
-// GetInstallation returns the Installation field.
-func (o *OrgBlockEvent) GetInstallation() *Installation {
-	if o == nil {
-		return nil
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (p *PackageRegistry) GetURL() string {
+	if p == nil || p.URL == nil {
+		return ""
 	}
-	return o.Installation
+	return *p.URL
 }
 
-// GetOrganization returns the Organization field.
-func (o *OrgBlockEvent) GetOrganization() *Organization {
-	if o == nil {
-		return nil
+// GetVendor returns the Vendor field if it's non-nil, zero value otherwise.
+func (p *PackageRegistry) GetVendor() string {
+	if p == nil || p.Vendor == nil {
+		return ""
 	}
-	return o.Organization
+	return *p.Vendor
 }
 
-// GetSender returns the Sender field.
-func (o *OrgBlockEvent) GetSender() *User {
-	if o == nil {
+// GetAuthor returns the Author field.
+func (p *PackageRelease) GetAuthor() *User {
+	if p == nil {
 		return nil
 	}
-	return o.Sender
+	return p.Author
 }
 
 // GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (o *OrgRequiredWorkflow) GetCreatedAt() Timestamp {
-	if o == nil || o.CreatedAt == nil {
+func (p *PackageRelease) GetCreatedAt() Timestamp {
+	if p == nil || p.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *o.CreatedAt
+	return *p.CreatedAt
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (o *OrgRequiredWorkflow) GetID() int64 {
-	if o == nil || o.ID == nil {
-		return 0
+// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
+func (p *PackageRelease) GetDraft() bool {
+	if p == nil || p.Draft == nil {
+		return false
 	}
-	return *o.ID
+	return *p.Draft
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (o *OrgRequiredWorkflow) GetName() string {
-	if o == nil || o.Name == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *PackageRelease) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
 		return ""
 	}
-	return *o.Name
+	return *p.HTMLURL
 }
 
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (o *OrgRequiredWorkflow) GetPath() string {
-	if o == nil || o.Path == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PackageRelease) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
 	}
-	return *o.Path
+	return *p.ID
 }
 
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (o *OrgRequiredWorkflow) GetRef() string {
-	if o == nil || o.Ref == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PackageRelease) GetName() string {
+	if p == nil || p.Name == nil {
 		return ""
 	}
-	return *o.Ref
+	return *p.Name
 }
 
-// GetRepository returns the Repository field.
-func (o *OrgRequiredWorkflow) GetRepository() *Repository {
-	if o == nil {
-		return nil
+// GetPrerelease returns the Prerelease field if it's non-nil, zero value otherwise.
+func (p *PackageRelease) GetPrerelease() bool {
+	if p == nil || p.Prerelease == nil {
+		return false
 	}
-	return o.Repository
+	return *p.Prerelease
 }
 
-// GetScope returns the Scope field if it's non-nil, zero value otherwise.
-func (o *OrgRequiredWorkflow) GetScope() string {
-	if o == nil || o.Scope == nil {
-		return ""
+// GetPublishedAt returns the PublishedAt field if it's non-nil, zero value otherwise.
+func (p *PackageRelease) GetPublishedAt() Timestamp {
+	if p == nil || p.PublishedAt == nil {
+		return Timestamp{}
 	}
-	return *o.Scope
+	return *p.PublishedAt
 }
 
-// GetSelectedRepositoriesURL returns the SelectedRepositoriesURL field if it's non-nil, zero value otherwise.
-func (o *OrgRequiredWorkflow) GetSelectedRepositoriesURL() string {
-	if o == nil || o.SelectedRepositoriesURL == nil {
+// GetTagName returns the TagName field if it's non-nil, zero value otherwise.
+func (p *PackageRelease) GetTagName() string {
+	if p == nil || p.TagName == nil {
 		return ""
 	}
-	return *o.SelectedRepositoriesURL
+	return *p.TagName
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (o *OrgRequiredWorkflow) GetState() string {
-	if o == nil || o.State == nil {
+// GetTargetCommitish returns the TargetCommitish field if it's non-nil, zero value otherwise.
+func (p *PackageRelease) GetTargetCommitish() string {
+	if p == nil || p.TargetCommitish == nil {
 		return ""
 	}
-	return *o.State
-}
-
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (o *OrgRequiredWorkflow) GetUpdatedAt() Timestamp {
-	if o == nil || o.UpdatedAt == nil {
-		return Timestamp{}
-	}
-	return *o.UpdatedAt
+	return *p.TargetCommitish
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (o *OrgRequiredWorkflows) GetTotalCount() int {
-	if o == nil || o.TotalCount == nil {
-		return 0
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (p *PackageRelease) GetURL() string {
+	if p == nil || p.URL == nil {
+		return ""
 	}
-	return *o.TotalCount
+	return *p.URL
 }
 
-// GetDisabledOrgs returns the DisabledOrgs field if it's non-nil, zero value otherwise.
-func (o *OrgStats) GetDisabledOrgs() int {
-	if o == nil || o.DisabledOrgs == nil {
-		return 0
+// GetAuthor returns the Author field.
+func (p *PackageVersion) GetAuthor() *User {
+	if p == nil {
+		return nil
 	}
-	return *o.DisabledOrgs
+	return p.Author
 }
 
-// GetTotalOrgs returns the TotalOrgs field if it's non-nil, zero value otherwise.
-func (o *OrgStats) GetTotalOrgs() int {
-	if o == nil || o.TotalOrgs == nil {
-		return 0
+// GetBodyHTML returns the BodyHTML field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetBodyHTML() string {
+	if p == nil || p.BodyHTML == nil {
+		return ""
 	}
-	return *o.TotalOrgs
+	return *p.BodyHTML
 }
 
-// GetTotalTeamMembers returns the TotalTeamMembers field if it's non-nil, zero value otherwise.
-func (o *OrgStats) GetTotalTeamMembers() int {
-	if o == nil || o.TotalTeamMembers == nil {
-		return 0
+// GetContainerMetadata returns the ContainerMetadata field.
+func (p *PackageVersion) GetContainerMetadata() *PackageEventContainerMetadata {
+	if p == nil {
+		return nil
 	}
-	return *o.TotalTeamMembers
+	return p.ContainerMetadata
 }
 
-// GetTotalTeams returns the TotalTeams field if it's non-nil, zero value otherwise.
-func (o *OrgStats) GetTotalTeams() int {
-	if o == nil || o.TotalTeams == nil {
-		return 0
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetCreatedAt() Timestamp {
+	if p == nil || p.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *o.TotalTeams
+	return *p.CreatedAt
 }
 
-// GetOrg returns the Org field.
-func (o *OwnerInfo) GetOrg() *User {
-	if o == nil {
-		return nil
+// GetDeletedAt returns the DeletedAt field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetDeletedAt() Timestamp {
+	if p == nil || p.DeletedAt == nil {
+		return Timestamp{}
 	}
-	return o.Org
+	return *p.DeletedAt
 }
 
-// GetUser returns the User field.
-func (o *OwnerInfo) GetUser() *User {
-	if o == nil {
-		return nil
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetDescription() string {
+	if p == nil || p.Description == nil {
+		return ""
 	}
-	return o.User
+	return *p.Description
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *Package) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
+// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetDraft() bool {
+	if p == nil || p.Draft == nil {
+		return false
 	}
-	return *p.CreatedAt
+	return *p.Draft
 }
 
 // GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *Package) GetHTMLURL() string {
+func (p *PackageVersion) GetHTMLURL() string {
 	if p == nil || p.HTMLURL == nil {
 		return ""
 	}
@@ -12463,663 +16527,767 @@ func (p *Package) GetHTMLURL() string {
 }
 
 // GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *Package) GetID() int64 {
+func (p *PackageVersion) GetID() int64 {
 	if p == nil || p.ID == nil {
 		return 0
 	}
 	return *p.ID
 }
 
+// GetInstallationCommand returns the InstallationCommand field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetInstallationCommand() string {
+	if p == nil || p.InstallationCommand == nil {
+		return ""
+	}
+	return *p.InstallationCommand
+}
+
+// GetLicense returns the License field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetLicense() string {
+	if p == nil || p.License == nil {
+		return ""
+	}
+	return *p.License
+}
+
+// GetManifest returns the Manifest field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetManifest() string {
+	if p == nil || p.Manifest == nil {
+		return ""
+	}
+	return *p.Manifest
+}
+
 // GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *Package) GetName() string {
+func (p *PackageVersion) GetName() string {
 	if p == nil || p.Name == nil {
 		return ""
 	}
 	return *p.Name
 }
 
-// GetOwner returns the Owner field.
-func (p *Package) GetOwner() *User {
+// GetNPMMetadata returns the NPMMetadata field.
+func (p *PackageVersion) GetNPMMetadata() *PackageNPMMetadata {
 	if p == nil {
 		return nil
 	}
-	return p.Owner
+	return p.NPMMetadata
 }
 
-// GetPackageType returns the PackageType field if it's non-nil, zero value otherwise.
-func (p *Package) GetPackageType() string {
-	if p == nil || p.PackageType == nil {
+// GetPackageHTMLURL returns the PackageHTMLURL field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetPackageHTMLURL() string {
+	if p == nil || p.PackageHTMLURL == nil {
 		return ""
 	}
-	return *p.PackageType
+	return *p.PackageHTMLURL
 }
 
-// GetPackageVersion returns the PackageVersion field.
-func (p *Package) GetPackageVersion() *PackageVersion {
-	if p == nil {
-		return nil
+// GetPackageURL returns the PackageURL field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetPackageURL() string {
+	if p == nil || p.PackageURL == nil {
+		return ""
 	}
-	return p.PackageVersion
+	return *p.PackageURL
 }
 
-// GetRegistry returns the Registry field.
-func (p *Package) GetRegistry() *PackageRegistry {
-	if p == nil {
-		return nil
+// GetPrerelease returns the Prerelease field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetPrerelease() bool {
+	if p == nil || p.Prerelease == nil {
+		return false
 	}
-	return p.Registry
+	return *p.Prerelease
 }
 
-// GetRepository returns the Repository field.
-func (p *Package) GetRepository() *Repository {
+// GetRelease returns the Release field.
+func (p *PackageVersion) GetRelease() *PackageRelease {
 	if p == nil {
 		return nil
 	}
-	return p.Repository
+	return p.Release
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *Package) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetRubyMetadata returns the RubyMetadata map if it's non-nil, an empty map otherwise.
+func (p *PackageVersion) GetRubyMetadata() map[string]any {
+	if p == nil || p.RubyMetadata == nil {
+		return map[string]any{}
 	}
-	return *p.UpdatedAt
+	return p.RubyMetadata
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *Package) GetURL() string {
-	if p == nil || p.URL == nil {
+// GetSourceURL returns the SourceURL field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetSourceURL() string {
+	if p == nil || p.SourceURL == nil {
 		return ""
 	}
-	return *p.URL
+	return *p.SourceURL
 }
 
-// GetVersionCount returns the VersionCount field if it's non-nil, zero value otherwise.
-func (p *Package) GetVersionCount() int64 {
-	if p == nil || p.VersionCount == nil {
-		return 0
+// GetSummary returns the Summary field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetSummary() string {
+	if p == nil || p.Summary == nil {
+		return ""
 	}
-	return *p.VersionCount
+	return *p.Summary
 }
 
-// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
-func (p *Package) GetVisibility() string {
-	if p == nil || p.Visibility == nil {
+// GetTagName returns the TagName field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetTagName() string {
+	if p == nil || p.TagName == nil {
 		return ""
 	}
-	return *p.Visibility
+	return *p.TagName
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *PackageEvent) GetAction() string {
-	if p == nil || p.Action == nil {
+// GetTargetCommitish returns the TargetCommitish field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetTargetCommitish() string {
+	if p == nil || p.TargetCommitish == nil {
 		return ""
 	}
-	return *p.Action
+	return *p.TargetCommitish
 }
 
-// GetInstallation returns the Installation field.
-func (p *PackageEvent) GetInstallation() *Installation {
-	if p == nil {
-		return nil
+// GetTargetOID returns the TargetOID field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetTargetOID() string {
+	if p == nil || p.TargetOID == nil {
+		return ""
 	}
-	return p.Installation
+	return *p.TargetOID
 }
 
-// GetOrg returns the Org field.
-func (p *PackageEvent) GetOrg() *Organization {
-	if p == nil {
-		return nil
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetUpdatedAt() Timestamp {
+	if p == nil || p.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return p.Org
+	return *p.UpdatedAt
 }
 
-// GetPackage returns the Package field.
-func (p *PackageEvent) GetPackage() *Package {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetURL() string {
+	if p == nil || p.URL == nil {
+		return ""
+	}
+	return *p.URL
+}
+
+// GetVersion returns the Version field if it's non-nil, zero value otherwise.
+func (p *PackageVersion) GetVersion() string {
+	if p == nil || p.Version == nil {
+		return ""
+	}
+	return *p.Version
+}
+
+// GetInfo returns the Info field.
+func (p *PackageVersionBody) GetInfo() *PackageVersionBodyInfo {
 	if p == nil {
 		return nil
 	}
-	return p.Package
+	return p.Info
 }
 
 // GetRepo returns the Repo field.
-func (p *PackageEvent) GetRepo() *Repository {
+func (p *PackageVersionBody) GetRepo() *Repository {
 	if p == nil {
 		return nil
 	}
 	return p.Repo
 }
 
-// GetSender returns the Sender field.
-func (p *PackageEvent) GetSender() *User {
-	if p == nil {
-		return nil
+// GetCollection returns the Collection field if it's non-nil, zero value otherwise.
+func (p *PackageVersionBodyInfo) GetCollection() bool {
+	if p == nil || p.Collection == nil {
+		return false
 	}
-	return p.Sender
+	return *p.Collection
 }
 
-// GetAuthor returns the Author field.
-func (p *PackageFile) GetAuthor() *User {
-	if p == nil {
-		return nil
+// GetMode returns the Mode field if it's non-nil, zero value otherwise.
+func (p *PackageVersionBodyInfo) GetMode() int64 {
+	if p == nil || p.Mode == nil {
+		return 0
 	}
-	return p.Author
+	return *p.Mode
 }
 
-// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetContentType() string {
-	if p == nil || p.ContentType == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PackageVersionBodyInfo) GetName() string {
+	if p == nil || p.Name == nil {
 		return ""
 	}
-	return *p.ContentType
+	return *p.Name
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
+// GetOID returns the OID field if it's non-nil, zero value otherwise.
+func (p *PackageVersionBodyInfo) GetOID() string {
+	if p == nil || p.OID == nil {
+		return ""
 	}
-	return *p.CreatedAt
+	return *p.OID
 }
 
-// GetDownloadURL returns the DownloadURL field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetDownloadURL() string {
-	if p == nil || p.DownloadURL == nil {
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (p *PackageVersionBodyInfo) GetPath() string {
+	if p == nil || p.Path == nil {
 		return ""
 	}
-	return *p.DownloadURL
+	return *p.Path
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetID() int64 {
-	if p == nil || p.ID == nil {
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (p *PackageVersionBodyInfo) GetSize() int64 {
+	if p == nil || p.Size == nil {
 		return 0
 	}
-	return *p.ID
+	return *p.Size
 }
 
-// GetMD5 returns the MD5 field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetMD5() string {
-	if p == nil || p.MD5 == nil {
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (p *PackageVersionBodyInfo) GetType() string {
+	if p == nil || p.Type == nil {
 		return ""
 	}
-	return *p.MD5
+	return *p.Type
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetName() string {
-	if p == nil || p.Name == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (p *Page) GetAction() string {
+	if p == nil || p.Action == nil {
 		return ""
 	}
-	return *p.Name
+	return *p.Action
 }
 
-// GetSHA1 returns the SHA1 field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetSHA1() string {
-	if p == nil || p.SHA1 == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *Page) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
 		return ""
 	}
-	return *p.SHA1
+	return *p.HTMLURL
+}
+
+// GetPageName returns the PageName field if it's non-nil, zero value otherwise.
+func (p *Page) GetPageName() string {
+	if p == nil || p.PageName == nil {
+		return ""
+	}
+	return *p.PageName
+}
+
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (p *Page) GetSHA() string {
+	if p == nil || p.SHA == nil {
+		return ""
+	}
+	return *p.SHA
+}
+
+// GetSummary returns the Summary field if it's non-nil, zero value otherwise.
+func (p *Page) GetSummary() string {
+	if p == nil || p.Summary == nil {
+		return ""
+	}
+	return *p.Summary
+}
+
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (p *Page) GetTitle() string {
+	if p == nil || p.Title == nil {
+		return ""
+	}
+	return *p.Title
+}
+
+// GetBuild returns the Build field.
+func (p *PageBuildEvent) GetBuild() *PagesBuild {
+	if p == nil {
+		return nil
+	}
+	return p.Build
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PageBuildEvent) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
+	}
+	return *p.ID
+}
+
+// GetInstallation returns the Installation field.
+func (p *PageBuildEvent) GetInstallation() *Installation {
+	if p == nil {
+		return nil
+	}
+	return p.Installation
 }
 
-// GetSHA256 returns the SHA256 field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetSHA256() string {
-	if p == nil || p.SHA256 == nil {
-		return ""
+// GetOrg returns the Org field.
+func (p *PageBuildEvent) GetOrg() *Organization {
+	if p == nil {
+		return nil
 	}
-	return *p.SHA256
+	return p.Org
 }
 
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetSize() int64 {
-	if p == nil || p.Size == nil {
-		return 0
+// GetRepo returns the Repo field.
+func (p *PageBuildEvent) GetRepo() *Repository {
+	if p == nil {
+		return nil
 	}
-	return *p.Size
+	return p.Repo
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetState() string {
-	if p == nil || p.State == nil {
-		return ""
+// GetSender returns the Sender field.
+func (p *PageBuildEvent) GetSender() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.State
+	return p.Sender
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *PackageFile) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetBuildType returns the BuildType field if it's non-nil, zero value otherwise.
+func (p *Pages) GetBuildType() string {
+	if p == nil || p.BuildType == nil {
+		return ""
 	}
-	return *p.UpdatedAt
+	return *p.BuildType
 }
 
-// GetPackageType returns the PackageType field if it's non-nil, zero value otherwise.
-func (p *PackageListOptions) GetPackageType() string {
-	if p == nil || p.PackageType == nil {
+// GetCNAME returns the CNAME field if it's non-nil, zero value otherwise.
+func (p *Pages) GetCNAME() string {
+	if p == nil || p.CNAME == nil {
 		return ""
 	}
-	return *p.PackageType
+	return *p.CNAME
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (p *PackageListOptions) GetState() string {
-	if p == nil || p.State == nil {
-		return ""
+// GetCustom404 returns the Custom404 field if it's non-nil, zero value otherwise.
+func (p *Pages) GetCustom404() bool {
+	if p == nil || p.Custom404 == nil {
+		return false
 	}
-	return *p.State
+	return *p.Custom404
 }
 
-// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
-func (p *PackageListOptions) GetVisibility() string {
-	if p == nil || p.Visibility == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *Pages) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
 		return ""
 	}
-	return *p.Visibility
+	return *p.HTMLURL
 }
 
-// GetContainer returns the Container field.
-func (p *PackageMetadata) GetContainer() *PackageContainerMetadata {
+// GetHTTPSCertificate returns the HTTPSCertificate field.
+func (p *Pages) GetHTTPSCertificate() *PagesHTTPSCertificate {
 	if p == nil {
 		return nil
 	}
-	return p.Container
+	return p.HTTPSCertificate
 }
 
-// GetPackageType returns the PackageType field if it's non-nil, zero value otherwise.
-func (p *PackageMetadata) GetPackageType() string {
-	if p == nil || p.PackageType == nil {
-		return ""
+// GetHTTPSEnforced returns the HTTPSEnforced field if it's non-nil, zero value otherwise.
+func (p *Pages) GetHTTPSEnforced() bool {
+	if p == nil || p.HTTPSEnforced == nil {
+		return false
 	}
-	return *p.PackageType
+	return *p.HTTPSEnforced
 }
 
-// GetAboutURL returns the AboutURL field if it's non-nil, zero value otherwise.
-func (p *PackageRegistry) GetAboutURL() string {
-	if p == nil || p.AboutURL == nil {
-		return ""
+// GetPublic returns the Public field if it's non-nil, zero value otherwise.
+func (p *Pages) GetPublic() bool {
+	if p == nil || p.Public == nil {
+		return false
 	}
-	return *p.AboutURL
+	return *p.Public
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *PackageRegistry) GetName() string {
-	if p == nil || p.Name == nil {
-		return ""
+// GetSource returns the Source field.
+func (p *Pages) GetSource() *PagesSource {
+	if p == nil {
+		return nil
 	}
-	return *p.Name
+	return p.Source
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (p *PackageRegistry) GetType() string {
-	if p == nil || p.Type == nil {
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (p *Pages) GetStatus() string {
+	if p == nil || p.Status == nil {
 		return ""
 	}
-	return *p.Type
+	return *p.Status
 }
 
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *PackageRegistry) GetURL() string {
+func (p *Pages) GetURL() string {
 	if p == nil || p.URL == nil {
 		return ""
 	}
 	return *p.URL
 }
 
-// GetVendor returns the Vendor field if it's non-nil, zero value otherwise.
-func (p *PackageRegistry) GetVendor() string {
-	if p == nil || p.Vendor == nil {
+// GetCommit returns the Commit field if it's non-nil, zero value otherwise.
+func (p *PagesBuild) GetCommit() string {
+	if p == nil || p.Commit == nil {
 		return ""
 	}
-	return *p.Vendor
-}
-
-// GetAuthor returns the Author field.
-func (p *PackageRelease) GetAuthor() *User {
-	if p == nil {
-		return nil
-	}
-	return p.Author
+	return *p.Commit
 }
 
 // GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *PackageRelease) GetCreatedAt() Timestamp {
+func (p *PagesBuild) GetCreatedAt() Timestamp {
 	if p == nil || p.CreatedAt == nil {
 		return Timestamp{}
 	}
 	return *p.CreatedAt
 }
 
-// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
-func (p *PackageRelease) GetDraft() bool {
-	if p == nil || p.Draft == nil {
-		return false
+// GetDuration returns the Duration field if it's non-nil, zero value otherwise.
+func (p *PagesBuild) GetDuration() int {
+	if p == nil || p.Duration == nil {
+		return 0
 	}
-	return *p.Draft
+	return *p.Duration
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *PackageRelease) GetHTMLURL() string {
-	if p == nil || p.HTMLURL == nil {
-		return ""
+// GetError returns the Error field.
+func (p *PagesBuild) GetError() *PagesError {
+	if p == nil {
+		return nil
 	}
-	return *p.HTMLURL
+	return p.Error
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PackageRelease) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetPusher returns the Pusher field.
+func (p *PagesBuild) GetPusher() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.ID
+	return p.Pusher
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *PackageRelease) GetName() string {
-	if p == nil || p.Name == nil {
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (p *PagesBuild) GetStatus() string {
+	if p == nil || p.Status == nil {
 		return ""
 	}
-	return *p.Name
+	return *p.Status
 }
 
-// GetPrerelease returns the Prerelease field if it's non-nil, zero value otherwise.
-func (p *PackageRelease) GetPrerelease() bool {
-	if p == nil || p.Prerelease == nil {
-		return false
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (p *PagesBuild) GetUpdatedAt() Timestamp {
+	if p == nil || p.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *p.Prerelease
+	return *p.UpdatedAt
 }
 
-// GetPublishedAt returns the PublishedAt field if it's non-nil, zero value otherwise.
-func (p *PackageRelease) GetPublishedAt() Timestamp {
-	if p == nil || p.PublishedAt == nil {
-		return Timestamp{}
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (p *PagesBuild) GetURL() string {
+	if p == nil || p.URL == nil {
+		return ""
 	}
-	return *p.PublishedAt
+	return *p.URL
 }
 
-// GetTagName returns the TagName field if it's non-nil, zero value otherwise.
-func (p *PackageRelease) GetTagName() string {
-	if p == nil || p.TagName == nil {
+// GetCAAError returns the CAAError field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetCAAError() string {
+	if p == nil || p.CAAError == nil {
 		return ""
 	}
-	return *p.TagName
+	return *p.CAAError
 }
 
-// GetTargetCommitish returns the TargetCommitish field if it's non-nil, zero value otherwise.
-func (p *PackageRelease) GetTargetCommitish() string {
-	if p == nil || p.TargetCommitish == nil {
-		return ""
+// GetDNSResolves returns the DNSResolves field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetDNSResolves() bool {
+	if p == nil || p.DNSResolves == nil {
+		return false
 	}
-	return *p.TargetCommitish
+	return *p.DNSResolves
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *PackageRelease) GetURL() string {
-	if p == nil || p.URL == nil {
-		return ""
+// GetEnforcesHTTPS returns the EnforcesHTTPS field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetEnforcesHTTPS() bool {
+	if p == nil || p.EnforcesHTTPS == nil {
+		return false
 	}
-	return *p.URL
+	return *p.EnforcesHTTPS
 }
 
-// GetAuthor returns the Author field.
-func (p *PackageVersion) GetAuthor() *User {
-	if p == nil {
-		return nil
+// GetHasCNAMERecord returns the HasCNAMERecord field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetHasCNAMERecord() bool {
+	if p == nil || p.HasCNAMERecord == nil {
+		return false
 	}
-	return p.Author
+	return *p.HasCNAMERecord
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetBody() string {
-	if p == nil || p.Body == nil {
+// GetHasMXRecordsPresent returns the HasMXRecordsPresent field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetHasMXRecordsPresent() bool {
+	if p == nil || p.HasMXRecordsPresent == nil {
+		return false
+	}
+	return *p.HasMXRecordsPresent
+}
+
+// GetHost returns the Host field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetHost() string {
+	if p == nil || p.Host == nil {
 		return ""
 	}
-	return *p.Body
+	return *p.Host
 }
 
-// GetBodyHTML returns the BodyHTML field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetBodyHTML() string {
-	if p == nil || p.BodyHTML == nil {
+// GetHTTPSError returns the HTTPSError field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetHTTPSError() string {
+	if p == nil || p.HTTPSError == nil {
 		return ""
 	}
-	return *p.BodyHTML
+	return *p.HTTPSError
+}
+
+// GetIsApexDomain returns the IsApexDomain field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsApexDomain() bool {
+	if p == nil || p.IsApexDomain == nil {
+		return false
+	}
+	return *p.IsApexDomain
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
+// GetIsARecord returns the IsARecord field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsARecord() bool {
+	if p == nil || p.IsARecord == nil {
+		return false
 	}
-	return *p.CreatedAt
+	return *p.IsARecord
 }
 
-// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetDraft() bool {
-	if p == nil || p.Draft == nil {
+// GetIsCloudflareIP returns the IsCloudflareIP field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsCloudflareIP() bool {
+	if p == nil || p.IsCloudflareIP == nil {
 		return false
 	}
-	return *p.Draft
+	return *p.IsCloudflareIP
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetHTMLURL() string {
-	if p == nil || p.HTMLURL == nil {
-		return ""
+// GetIsCNAMEToFastly returns the IsCNAMEToFastly field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsCNAMEToFastly() bool {
+	if p == nil || p.IsCNAMEToFastly == nil {
+		return false
 	}
-	return *p.HTMLURL
+	return *p.IsCNAMEToFastly
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetIsCNAMEToGithubUserDomain returns the IsCNAMEToGithubUserDomain field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsCNAMEToGithubUserDomain() bool {
+	if p == nil || p.IsCNAMEToGithubUserDomain == nil {
+		return false
 	}
-	return *p.ID
+	return *p.IsCNAMEToGithubUserDomain
 }
 
-// GetInstallationCommand returns the InstallationCommand field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetInstallationCommand() string {
-	if p == nil || p.InstallationCommand == nil {
-		return ""
+// GetIsCNAMEToPagesDotGithubDotCom returns the IsCNAMEToPagesDotGithubDotCom field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsCNAMEToPagesDotGithubDotCom() bool {
+	if p == nil || p.IsCNAMEToPagesDotGithubDotCom == nil {
+		return false
 	}
-	return *p.InstallationCommand
+	return *p.IsCNAMEToPagesDotGithubDotCom
 }
 
-// GetManifest returns the Manifest field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetManifest() string {
-	if p == nil || p.Manifest == nil {
-		return ""
+// GetIsFastlyIP returns the IsFastlyIP field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsFastlyIP() bool {
+	if p == nil || p.IsFastlyIP == nil {
+		return false
 	}
-	return *p.Manifest
+	return *p.IsFastlyIP
 }
 
-// GetMetadata returns the Metadata field.
-func (p *PackageVersion) GetMetadata() *PackageMetadata {
-	if p == nil {
-		return nil
+// GetIsHTTPSEligible returns the IsHTTPSEligible field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsHTTPSEligible() bool {
+	if p == nil || p.IsHTTPSEligible == nil {
+		return false
 	}
-	return p.Metadata
+	return *p.IsHTTPSEligible
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetName() string {
-	if p == nil || p.Name == nil {
-		return ""
+// GetIsNonGithubPagesIPPresent returns the IsNonGithubPagesIPPresent field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsNonGithubPagesIPPresent() bool {
+	if p == nil || p.IsNonGithubPagesIPPresent == nil {
+		return false
 	}
-	return *p.Name
+	return *p.IsNonGithubPagesIPPresent
 }
 
-// GetPackageHTMLURL returns the PackageHTMLURL field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetPackageHTMLURL() string {
-	if p == nil || p.PackageHTMLURL == nil {
-		return ""
+// GetIsOldIPAddress returns the IsOldIPAddress field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsOldIPAddress() bool {
+	if p == nil || p.IsOldIPAddress == nil {
+		return false
 	}
-	return *p.PackageHTMLURL
+	return *p.IsOldIPAddress
 }
 
-// GetPrerelease returns the Prerelease field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetPrerelease() bool {
-	if p == nil || p.Prerelease == nil {
+// GetIsPagesDomain returns the IsPagesDomain field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsPagesDomain() bool {
+	if p == nil || p.IsPagesDomain == nil {
 		return false
 	}
-	return *p.Prerelease
+	return *p.IsPagesDomain
 }
 
-// GetRelease returns the Release field.
-func (p *PackageVersion) GetRelease() *PackageRelease {
-	if p == nil {
-		return nil
+// GetIsPointedToGithubPagesIP returns the IsPointedToGithubPagesIP field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsPointedToGithubPagesIP() bool {
+	if p == nil || p.IsPointedToGithubPagesIP == nil {
+		return false
 	}
-	return p.Release
+	return *p.IsPointedToGithubPagesIP
 }
 
-// GetSummary returns the Summary field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetSummary() string {
-	if p == nil || p.Summary == nil {
-		return ""
+// GetIsProxied returns the IsProxied field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsProxied() bool {
+	if p == nil || p.IsProxied == nil {
+		return false
 	}
-	return *p.Summary
+	return *p.IsProxied
 }
 
-// GetTagName returns the TagName field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetTagName() string {
-	if p == nil || p.TagName == nil {
-		return ""
+// GetIsServedByPages returns the IsServedByPages field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsServedByPages() bool {
+	if p == nil || p.IsServedByPages == nil {
+		return false
 	}
-	return *p.TagName
+	return *p.IsServedByPages
 }
 
-// GetTargetCommitish returns the TargetCommitish field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetTargetCommitish() string {
-	if p == nil || p.TargetCommitish == nil {
-		return ""
+// GetIsValid returns the IsValid field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsValid() bool {
+	if p == nil || p.IsValid == nil {
+		return false
 	}
-	return *p.TargetCommitish
+	return *p.IsValid
 }
 
-// GetTargetOID returns the TargetOID field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetTargetOID() string {
-	if p == nil || p.TargetOID == nil {
-		return ""
+// GetIsValidDomain returns the IsValidDomain field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetIsValidDomain() bool {
+	if p == nil || p.IsValidDomain == nil {
+		return false
 	}
-	return *p.TargetOID
+	return *p.IsValidDomain
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetNameservers returns the Nameservers field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetNameservers() string {
+	if p == nil || p.Nameservers == nil {
+		return ""
 	}
-	return *p.UpdatedAt
+	return *p.Nameservers
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetURL() string {
-	if p == nil || p.URL == nil {
+// GetReason returns the Reason field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetReason() string {
+	if p == nil || p.Reason == nil {
 		return ""
 	}
-	return *p.URL
+	return *p.Reason
 }
 
-// GetVersion returns the Version field if it's non-nil, zero value otherwise.
-func (p *PackageVersion) GetVersion() string {
-	if p == nil || p.Version == nil {
-		return ""
+// GetRespondsToHTTPS returns the RespondsToHTTPS field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetRespondsToHTTPS() bool {
+	if p == nil || p.RespondsToHTTPS == nil {
+		return false
 	}
-	return *p.Version
+	return *p.RespondsToHTTPS
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *Page) GetAction() string {
-	if p == nil || p.Action == nil {
-		return ""
+// GetShouldBeARecord returns the ShouldBeARecord field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetShouldBeARecord() bool {
+	if p == nil || p.ShouldBeARecord == nil {
+		return false
 	}
-	return *p.Action
+	return *p.ShouldBeARecord
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *Page) GetHTMLURL() string {
-	if p == nil || p.HTMLURL == nil {
+// GetURI returns the URI field if it's non-nil, zero value otherwise.
+func (p *PagesDomain) GetURI() string {
+	if p == nil || p.URI == nil {
 		return ""
 	}
-	return *p.HTMLURL
+	return *p.URI
 }
 
-// GetPageName returns the PageName field if it's non-nil, zero value otherwise.
-func (p *Page) GetPageName() string {
-	if p == nil || p.PageName == nil {
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (p *PagesError) GetMessage() string {
+	if p == nil || p.Message == nil {
 		return ""
 	}
-	return *p.PageName
+	return *p.Message
 }
 
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (p *Page) GetSHA() string {
-	if p == nil || p.SHA == nil {
-		return ""
+// GetAltDomain returns the AltDomain field.
+func (p *PagesHealthCheckResponse) GetAltDomain() *PagesDomain {
+	if p == nil {
+		return nil
 	}
-	return *p.SHA
+	return p.AltDomain
 }
 
-// GetSummary returns the Summary field if it's non-nil, zero value otherwise.
-func (p *Page) GetSummary() string {
-	if p == nil || p.Summary == nil {
-		return ""
+// GetDomain returns the Domain field.
+func (p *PagesHealthCheckResponse) GetDomain() *PagesDomain {
+	if p == nil {
+		return nil
 	}
-	return *p.Summary
+	return p.Domain
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (p *Page) GetTitle() string {
-	if p == nil || p.Title == nil {
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (p *PagesHTTPSCertificate) GetDescription() string {
+	if p == nil || p.Description == nil {
 		return ""
 	}
-	return *p.Title
+	return *p.Description
 }
 
-// GetBuild returns the Build field.
-func (p *PageBuildEvent) GetBuild() *PagesBuild {
-	if p == nil {
-		return nil
+// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
+func (p *PagesHTTPSCertificate) GetExpiresAt() string {
+	if p == nil || p.ExpiresAt == nil {
+		return ""
 	}
-	return p.Build
+	return *p.ExpiresAt
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PageBuildEvent) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (p *PagesHTTPSCertificate) GetState() string {
+	if p == nil || p.State == nil {
+		return ""
 	}
-	return *p.ID
+	return *p.State
 }
 
-// GetInstallation returns the Installation field.
-func (p *PageBuildEvent) GetInstallation() *Installation {
-	if p == nil {
-		return nil
+// GetBranch returns the Branch field if it's non-nil, zero value otherwise.
+func (p *PagesSource) GetBranch() string {
+	if p == nil || p.Branch == nil {
+		return ""
 	}
-	return p.Installation
+	return *p.Branch
 }
 
-// GetRepo returns the Repo field.
-func (p *PageBuildEvent) GetRepo() *Repository {
-	if p == nil {
-		return nil
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (p *PagesSource) GetPath() string {
+	if p == nil || p.Path == nil {
+		return ""
 	}
-	return p.Repo
+	return *p.Path
 }
 
-// GetSender returns the Sender field.
-func (p *PageBuildEvent) GetSender() *User {
-	if p == nil {
-		return nil
+// GetTotalPages returns the TotalPages field if it's non-nil, zero value otherwise.
+func (p *PageStats) GetTotalPages() int {
+	if p == nil || p.TotalPages == nil {
+		return 0
 	}
-	return p.Sender
+	return *p.TotalPages
 }
 
 // GetBuildType returns the BuildType field if it's non-nil, zero value otherwise.
-func (p *Pages) GetBuildType() string {
+func (p *PagesUpdate) GetBuildType() string {
 	if p == nil || p.BuildType == nil {
 		return ""
 	}
@@ -13127,39 +17295,47 @@ func (p *Pages) GetBuildType() string {
 }
 
 // GetCNAME returns the CNAME field if it's non-nil, zero value otherwise.
-func (p *Pages) GetCNAME() string {
+func (p *PagesUpdate) GetCNAME() string {
 	if p == nil || p.CNAME == nil {
 		return ""
 	}
 	return *p.CNAME
 }
 
-// GetCustom404 returns the Custom404 field if it's non-nil, zero value otherwise.
-func (p *Pages) GetCustom404() bool {
-	if p == nil || p.Custom404 == nil {
+// GetHTTPSEnforced returns the HTTPSEnforced field if it's non-nil, zero value otherwise.
+func (p *PagesUpdate) GetHTTPSEnforced() bool {
+	if p == nil || p.HTTPSEnforced == nil {
 		return false
 	}
-	return *p.Custom404
+	return *p.HTTPSEnforced
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *Pages) GetHTMLURL() string {
-	if p == nil || p.HTMLURL == nil {
-		return ""
+// GetPublic returns the Public field if it's non-nil, zero value otherwise.
+func (p *PagesUpdate) GetPublic() bool {
+	if p == nil || p.Public == nil {
+		return false
 	}
-	return *p.HTMLURL
+	return *p.Public
 }
 
-// GetHTTPSCertificate returns the HTTPSCertificate field.
-func (p *Pages) GetHTTPSCertificate() *PagesHTTPSCertificate {
+// GetSource returns the Source field.
+func (p *PagesUpdate) GetSource() *PagesSource {
 	if p == nil {
 		return nil
 	}
-	return p.HTTPSCertificate
+	return p.Source
+}
+
+// GetBuildType returns the BuildType field if it's non-nil, zero value otherwise.
+func (p *PagesUpdateWithoutCNAME) GetBuildType() string {
+	if p == nil || p.BuildType == nil {
+		return ""
+	}
+	return *p.BuildType
 }
 
 // GetHTTPSEnforced returns the HTTPSEnforced field if it's non-nil, zero value otherwise.
-func (p *Pages) GetHTTPSEnforced() bool {
+func (p *PagesUpdateWithoutCNAME) GetHTTPSEnforced() bool {
 	if p == nil || p.HTTPSEnforced == nil {
 		return false
 	}
@@ -13167,7 +17343,7 @@ func (p *Pages) GetHTTPSEnforced() bool {
 }
 
 // GetPublic returns the Public field if it's non-nil, zero value otherwise.
-func (p *Pages) GetPublic() bool {
+func (p *PagesUpdateWithoutCNAME) GetPublic() bool {
 	if p == nil || p.Public == nil {
 		return false
 	}
@@ -13175,823 +17351,871 @@ func (p *Pages) GetPublic() bool {
 }
 
 // GetSource returns the Source field.
-func (p *Pages) GetSource() *PagesSource {
+func (p *PagesUpdateWithoutCNAME) GetSource() *PagesSource {
 	if p == nil {
 		return nil
 	}
 	return p.Source
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (p *Pages) GetStatus() string {
-	if p == nil || p.Status == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PatternRuleParameters) GetName() string {
+	if p == nil || p.Name == nil {
 		return ""
 	}
-	return *p.Status
+	return *p.Name
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *Pages) GetURL() string {
-	if p == nil || p.URL == nil {
-		return ""
+// GetNegate returns the Negate field if it's non-nil, zero value otherwise.
+func (p *PatternRuleParameters) GetNegate() bool {
+	if p == nil || p.Negate == nil {
+		return false
 	}
-	return *p.URL
+	return *p.Negate
 }
 
-// GetCommit returns the Commit field if it's non-nil, zero value otherwise.
-func (p *PagesBuild) GetCommit() string {
-	if p == nil || p.Commit == nil {
-		return ""
+// GetCurrentUserCanApprove returns the CurrentUserCanApprove field if it's non-nil, zero value otherwise.
+func (p *PendingDeployment) GetCurrentUserCanApprove() bool {
+	if p == nil || p.CurrentUserCanApprove == nil {
+		return false
 	}
-	return *p.Commit
+	return *p.CurrentUserCanApprove
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *PagesBuild) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
+// GetEnvironment returns the Environment field.
+func (p *PendingDeployment) GetEnvironment() *PendingDeploymentEnvironment {
+	if p == nil {
+		return nil
 	}
-	return *p.CreatedAt
+	return p.Environment
 }
 
-// GetDuration returns the Duration field if it's non-nil, zero value otherwise.
-func (p *PagesBuild) GetDuration() int {
-	if p == nil || p.Duration == nil {
+// GetWaitTimer returns the WaitTimer field if it's non-nil, zero value otherwise.
+func (p *PendingDeployment) GetWaitTimer() int64 {
+	if p == nil || p.WaitTimer == nil {
 		return 0
 	}
-	return *p.Duration
+	return *p.WaitTimer
 }
 
-// GetError returns the Error field.
-func (p *PagesBuild) GetError() *PagesError {
-	if p == nil {
-		return nil
+// GetWaitTimerStartedAt returns the WaitTimerStartedAt field if it's non-nil, zero value otherwise.
+func (p *PendingDeployment) GetWaitTimerStartedAt() Timestamp {
+	if p == nil || p.WaitTimerStartedAt == nil {
+		return Timestamp{}
 	}
-	return p.Error
+	return *p.WaitTimerStartedAt
 }
 
-// GetPusher returns the Pusher field.
-func (p *PagesBuild) GetPusher() *User {
-	if p == nil {
-		return nil
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *PendingDeploymentEnvironment) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
+		return ""
 	}
-	return p.Pusher
+	return *p.HTMLURL
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (p *PagesBuild) GetStatus() string {
-	if p == nil || p.Status == nil {
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PendingDeploymentEnvironment) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
+	}
+	return *p.ID
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PendingDeploymentEnvironment) GetName() string {
+	if p == nil || p.Name == nil {
 		return ""
 	}
-	return *p.Status
+	return *p.Name
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *PagesBuild) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (p *PendingDeploymentEnvironment) GetNodeID() string {
+	if p == nil || p.NodeID == nil {
+		return ""
 	}
-	return *p.UpdatedAt
+	return *p.NodeID
 }
 
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *PagesBuild) GetURL() string {
+func (p *PendingDeploymentEnvironment) GetURL() string {
 	if p == nil || p.URL == nil {
 		return ""
 	}
 	return *p.URL
 }
 
-// GetCAAError returns the CAAError field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetCAAError() string {
-	if p == nil || p.CAAError == nil {
-		return ""
+// GetAccessGrantedAt returns the AccessGrantedAt field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessToken) GetAccessGrantedAt() Timestamp {
+	if p == nil || p.AccessGrantedAt == nil {
+		return Timestamp{}
 	}
-	return *p.CAAError
+	return *p.AccessGrantedAt
 }
 
-// GetDNSResolves returns the DNSResolves field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetDNSResolves() bool {
-	if p == nil || p.DNSResolves == nil {
-		return false
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessToken) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
 	}
-	return *p.DNSResolves
+	return *p.ID
 }
 
-// GetEnforcesHTTPS returns the EnforcesHTTPS field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetEnforcesHTTPS() bool {
-	if p == nil || p.EnforcesHTTPS == nil {
-		return false
+// GetOwner returns the Owner field.
+func (p *PersonalAccessToken) GetOwner() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.EnforcesHTTPS
+	return p.Owner
 }
 
-// GetHasCNAMERecord returns the HasCNAMERecord field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetHasCNAMERecord() bool {
-	if p == nil || p.HasCNAMERecord == nil {
-		return false
+// GetPermissions returns the Permissions field.
+func (p *PersonalAccessToken) GetPermissions() *PersonalAccessTokenPermissions {
+	if p == nil {
+		return nil
 	}
-	return *p.HasCNAMERecord
+	return p.Permissions
 }
 
-// GetHasMXRecordsPresent returns the HasMXRecordsPresent field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetHasMXRecordsPresent() bool {
-	if p == nil || p.HasMXRecordsPresent == nil {
-		return false
+// GetRepositoriesURL returns the RepositoriesURL field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessToken) GetRepositoriesURL() string {
+	if p == nil || p.RepositoriesURL == nil {
+		return ""
 	}
-	return *p.HasMXRecordsPresent
+	return *p.RepositoriesURL
 }
 
-// GetHost returns the Host field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetHost() string {
-	if p == nil || p.Host == nil {
+// GetRepositorySelection returns the RepositorySelection field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessToken) GetRepositorySelection() string {
+	if p == nil || p.RepositorySelection == nil {
 		return ""
 	}
-	return *p.Host
+	return *p.RepositorySelection
 }
 
-// GetHTTPSError returns the HTTPSError field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetHTTPSError() string {
-	if p == nil || p.HTTPSError == nil {
-		return ""
+// GetTokenExpired returns the TokenExpired field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessToken) GetTokenExpired() bool {
+	if p == nil || p.TokenExpired == nil {
+		return false
 	}
-	return *p.HTTPSError
+	return *p.TokenExpired
 }
 
-// GetIsApexDomain returns the IsApexDomain field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsApexDomain() bool {
-	if p == nil || p.IsApexDomain == nil {
-		return false
+// GetTokenExpiresAt returns the TokenExpiresAt field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessToken) GetTokenExpiresAt() Timestamp {
+	if p == nil || p.TokenExpiresAt == nil {
+		return Timestamp{}
 	}
-	return *p.IsApexDomain
+	return *p.TokenExpiresAt
 }
 
-// GetIsARecord returns the IsARecord field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsARecord() bool {
-	if p == nil || p.IsARecord == nil {
-		return false
+// GetTokenID returns the TokenID field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessToken) GetTokenID() int64 {
+	if p == nil || p.TokenID == nil {
+		return 0
 	}
-	return *p.IsARecord
+	return *p.TokenID
 }
 
-// GetIsCloudflareIP returns the IsCloudflareIP field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsCloudflareIP() bool {
-	if p == nil || p.IsCloudflareIP == nil {
-		return false
+// GetTokenLastUsedAt returns the TokenLastUsedAt field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessToken) GetTokenLastUsedAt() Timestamp {
+	if p == nil || p.TokenLastUsedAt == nil {
+		return Timestamp{}
 	}
-	return *p.IsCloudflareIP
+	return *p.TokenLastUsedAt
 }
 
-// GetIsCNAMEToFastly returns the IsCNAMEToFastly field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsCNAMEToFastly() bool {
-	if p == nil || p.IsCNAMEToFastly == nil {
-		return false
+// GetTokenName returns the TokenName field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessToken) GetTokenName() string {
+	if p == nil || p.TokenName == nil {
+		return ""
 	}
-	return *p.IsCNAMEToFastly
+	return *p.TokenName
 }
 
-// GetIsCNAMEToGithubUserDomain returns the IsCNAMEToGithubUserDomain field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsCNAMEToGithubUserDomain() bool {
-	if p == nil || p.IsCNAMEToGithubUserDomain == nil {
-		return false
+// GetOrg returns the Org map if it's non-nil, an empty map otherwise.
+func (p *PersonalAccessTokenPermissions) GetOrg() map[string]string {
+	if p == nil || p.Org == nil {
+		return map[string]string{}
 	}
-	return *p.IsCNAMEToGithubUserDomain
+	return p.Org
 }
 
-// GetIsCNAMEToPagesDotGithubDotCom returns the IsCNAMEToPagesDotGithubDotCom field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsCNAMEToPagesDotGithubDotCom() bool {
-	if p == nil || p.IsCNAMEToPagesDotGithubDotCom == nil {
-		return false
+// GetOther returns the Other map if it's non-nil, an empty map otherwise.
+func (p *PersonalAccessTokenPermissions) GetOther() map[string]string {
+	if p == nil || p.Other == nil {
+		return map[string]string{}
 	}
-	return *p.IsCNAMEToPagesDotGithubDotCom
+	return p.Other
 }
 
-// GetIsFastlyIP returns the IsFastlyIP field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsFastlyIP() bool {
-	if p == nil || p.IsFastlyIP == nil {
-		return false
+// GetRepo returns the Repo map if it's non-nil, an empty map otherwise.
+func (p *PersonalAccessTokenPermissions) GetRepo() map[string]string {
+	if p == nil || p.Repo == nil {
+		return map[string]string{}
+	}
+	return p.Repo
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessTokenRequest) GetCreatedAt() Timestamp {
+	if p == nil || p.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *p.CreatedAt
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessTokenRequest) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
 	}
-	return *p.IsFastlyIP
+	return *p.ID
 }
 
-// GetIsHTTPSEligible returns the IsHTTPSEligible field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsHTTPSEligible() bool {
-	if p == nil || p.IsHTTPSEligible == nil {
-		return false
+// GetOrg returns the Org field.
+func (p *PersonalAccessTokenRequest) GetOrg() *Organization {
+	if p == nil {
+		return nil
 	}
-	return *p.IsHTTPSEligible
+	return p.Org
 }
 
-// GetIsNonGithubPagesIPPresent returns the IsNonGithubPagesIPPresent field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsNonGithubPagesIPPresent() bool {
-	if p == nil || p.IsNonGithubPagesIPPresent == nil {
-		return false
+// GetOwner returns the Owner field.
+func (p *PersonalAccessTokenRequest) GetOwner() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.IsNonGithubPagesIPPresent
+	return p.Owner
 }
 
-// GetIsOldIPAddress returns the IsOldIPAddress field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsOldIPAddress() bool {
-	if p == nil || p.IsOldIPAddress == nil {
-		return false
+// GetPermissionsAdded returns the PermissionsAdded field.
+func (p *PersonalAccessTokenRequest) GetPermissionsAdded() *PersonalAccessTokenPermissions {
+	if p == nil {
+		return nil
 	}
-	return *p.IsOldIPAddress
+	return p.PermissionsAdded
 }
 
-// GetIsPagesDomain returns the IsPagesDomain field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsPagesDomain() bool {
-	if p == nil || p.IsPagesDomain == nil {
-		return false
+// GetPermissionsResult returns the PermissionsResult field.
+func (p *PersonalAccessTokenRequest) GetPermissionsResult() *PersonalAccessTokenPermissions {
+	if p == nil {
+		return nil
 	}
-	return *p.IsPagesDomain
+	return p.PermissionsResult
 }
 
-// GetIsPointedToGithubPagesIP returns the IsPointedToGithubPagesIP field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsPointedToGithubPagesIP() bool {
-	if p == nil || p.IsPointedToGithubPagesIP == nil {
-		return false
+// GetPermissionsUpgraded returns the PermissionsUpgraded field.
+func (p *PersonalAccessTokenRequest) GetPermissionsUpgraded() *PersonalAccessTokenPermissions {
+	if p == nil {
+		return nil
 	}
-	return *p.IsPointedToGithubPagesIP
+	return p.PermissionsUpgraded
 }
 
-// GetIsProxied returns the IsProxied field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsProxied() bool {
-	if p == nil || p.IsProxied == nil {
-		return false
+// GetRepositoryCount returns the RepositoryCount field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessTokenRequest) GetRepositoryCount() int64 {
+	if p == nil || p.RepositoryCount == nil {
+		return 0
 	}
-	return *p.IsProxied
+	return *p.RepositoryCount
 }
 
-// GetIsServedByPages returns the IsServedByPages field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsServedByPages() bool {
-	if p == nil || p.IsServedByPages == nil {
-		return false
+// GetRepositorySelection returns the RepositorySelection field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessTokenRequest) GetRepositorySelection() string {
+	if p == nil || p.RepositorySelection == nil {
+		return ""
 	}
-	return *p.IsServedByPages
+	return *p.RepositorySelection
 }
 
-// GetIsValid returns the IsValid field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsValid() bool {
-	if p == nil || p.IsValid == nil {
+// GetTokenExpired returns the TokenExpired field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessTokenRequest) GetTokenExpired() bool {
+	if p == nil || p.TokenExpired == nil {
 		return false
 	}
-	return *p.IsValid
+	return *p.TokenExpired
 }
 
-// GetIsValidDomain returns the IsValidDomain field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetIsValidDomain() bool {
-	if p == nil || p.IsValidDomain == nil {
-		return false
+// GetTokenExpiresAt returns the TokenExpiresAt field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessTokenRequest) GetTokenExpiresAt() Timestamp {
+	if p == nil || p.TokenExpiresAt == nil {
+		return Timestamp{}
 	}
-	return *p.IsValidDomain
+	return *p.TokenExpiresAt
 }
 
-// GetNameservers returns the Nameservers field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetNameservers() string {
-	if p == nil || p.Nameservers == nil {
-		return ""
+// GetTokenLastUsedAt returns the TokenLastUsedAt field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessTokenRequest) GetTokenLastUsedAt() Timestamp {
+	if p == nil || p.TokenLastUsedAt == nil {
+		return Timestamp{}
 	}
-	return *p.Nameservers
+	return *p.TokenLastUsedAt
 }
 
-// GetReason returns the Reason field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetReason() string {
-	if p == nil || p.Reason == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (p *PersonalAccessTokenRequestEvent) GetAction() string {
+	if p == nil || p.Action == nil {
 		return ""
 	}
-	return *p.Reason
+	return *p.Action
 }
 
-// GetRespondsToHTTPS returns the RespondsToHTTPS field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetRespondsToHTTPS() bool {
-	if p == nil || p.RespondsToHTTPS == nil {
-		return false
+// GetInstallation returns the Installation field.
+func (p *PersonalAccessTokenRequestEvent) GetInstallation() *Installation {
+	if p == nil {
+		return nil
 	}
-	return *p.RespondsToHTTPS
+	return p.Installation
 }
 
-// GetShouldBeARecord returns the ShouldBeARecord field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetShouldBeARecord() bool {
-	if p == nil || p.ShouldBeARecord == nil {
-		return false
+// GetOrg returns the Org field.
+func (p *PersonalAccessTokenRequestEvent) GetOrg() *Organization {
+	if p == nil {
+		return nil
 	}
-	return *p.ShouldBeARecord
+	return p.Org
 }
 
-// GetURI returns the URI field if it's non-nil, zero value otherwise.
-func (p *PagesDomain) GetURI() string {
-	if p == nil || p.URI == nil {
-		return ""
+// GetPersonalAccessTokenRequest returns the PersonalAccessTokenRequest field.
+func (p *PersonalAccessTokenRequestEvent) GetPersonalAccessTokenRequest() *PersonalAccessTokenRequest {
+	if p == nil {
+		return nil
 	}
-	return *p.URI
+	return p.PersonalAccessTokenRequest
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (p *PagesError) GetMessage() string {
-	if p == nil || p.Message == nil {
-		return ""
+// GetSender returns the Sender field.
+func (p *PersonalAccessTokenRequestEvent) GetSender() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.Message
+	return p.Sender
 }
 
-// GetAltDomain returns the AltDomain field.
-func (p *PagesHealthCheckResponse) GetAltDomain() *PagesDomain {
+// GetHook returns the Hook field.
+func (p *PingEvent) GetHook() *Hook {
 	if p == nil {
 		return nil
 	}
-	return p.AltDomain
+	return p.Hook
 }
 
-// GetDomain returns the Domain field.
-func (p *PagesHealthCheckResponse) GetDomain() *PagesDomain {
+// GetHookID returns the HookID field if it's non-nil, zero value otherwise.
+func (p *PingEvent) GetHookID() int64 {
+	if p == nil || p.HookID == nil {
+		return 0
+	}
+	return *p.HookID
+}
+
+// GetInstallation returns the Installation field.
+func (p *PingEvent) GetInstallation() *Installation {
 	if p == nil {
 		return nil
 	}
-	return p.Domain
+	return p.Installation
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (p *PagesHTTPSCertificate) GetDescription() string {
-	if p == nil || p.Description == nil {
-		return ""
+// GetOrg returns the Org field.
+func (p *PingEvent) GetOrg() *Organization {
+	if p == nil {
+		return nil
 	}
-	return *p.Description
+	return p.Org
 }
 
-// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
-func (p *PagesHTTPSCertificate) GetExpiresAt() string {
-	if p == nil || p.ExpiresAt == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (p *PingEvent) GetRepo() *Repository {
+	if p == nil {
+		return nil
 	}
-	return *p.ExpiresAt
+	return p.Repo
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (p *PagesHTTPSCertificate) GetState() string {
-	if p == nil || p.State == nil {
-		return ""
+// GetSender returns the Sender field.
+func (p *PingEvent) GetSender() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.State
+	return p.Sender
 }
 
-// GetBranch returns the Branch field if it's non-nil, zero value otherwise.
-func (p *PagesSource) GetBranch() string {
-	if p == nil || p.Branch == nil {
+// GetZen returns the Zen field if it's non-nil, zero value otherwise.
+func (p *PingEvent) GetZen() string {
+	if p == nil || p.Zen == nil {
 		return ""
 	}
-	return *p.Branch
+	return *p.Zen
 }
 
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (p *PagesSource) GetPath() string {
-	if p == nil || p.Path == nil {
-		return ""
+// GetCollaborators returns the Collaborators field if it's non-nil, zero value otherwise.
+func (p *Plan) GetCollaborators() int {
+	if p == nil || p.Collaborators == nil {
+		return 0
 	}
-	return *p.Path
+	return *p.Collaborators
 }
 
-// GetTotalPages returns the TotalPages field if it's non-nil, zero value otherwise.
-func (p *PageStats) GetTotalPages() int {
-	if p == nil || p.TotalPages == nil {
+// GetFilledSeats returns the FilledSeats field if it's non-nil, zero value otherwise.
+func (p *Plan) GetFilledSeats() int {
+	if p == nil || p.FilledSeats == nil {
 		return 0
 	}
-	return *p.TotalPages
+	return *p.FilledSeats
 }
 
-// GetBuildType returns the BuildType field if it's non-nil, zero value otherwise.
-func (p *PagesUpdate) GetBuildType() string {
-	if p == nil || p.BuildType == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *Plan) GetName() string {
+	if p == nil || p.Name == nil {
 		return ""
 	}
-	return *p.BuildType
+	return *p.Name
 }
 
-// GetCNAME returns the CNAME field if it's non-nil, zero value otherwise.
-func (p *PagesUpdate) GetCNAME() string {
-	if p == nil || p.CNAME == nil {
-		return ""
+// GetPrivateRepos returns the PrivateRepos field if it's non-nil, zero value otherwise.
+func (p *Plan) GetPrivateRepos() int64 {
+	if p == nil || p.PrivateRepos == nil {
+		return 0
 	}
-	return *p.CNAME
+	return *p.PrivateRepos
 }
 
-// GetHTTPSEnforced returns the HTTPSEnforced field if it's non-nil, zero value otherwise.
-func (p *PagesUpdate) GetHTTPSEnforced() bool {
-	if p == nil || p.HTTPSEnforced == nil {
-		return false
+// GetSeats returns the Seats field if it's non-nil, zero value otherwise.
+func (p *Plan) GetSeats() int {
+	if p == nil || p.Seats == nil {
+		return 0
 	}
-	return *p.HTTPSEnforced
+	return *p.Seats
 }
 
-// GetPublic returns the Public field if it's non-nil, zero value otherwise.
-func (p *PagesUpdate) GetPublic() bool {
-	if p == nil || p.Public == nil {
-		return false
+// GetSpace returns the Space field if it's non-nil, zero value otherwise.
+func (p *Plan) GetSpace() int {
+	if p == nil || p.Space == nil {
+		return 0
 	}
-	return *p.Public
+	return *p.Space
 }
 
-// GetSource returns the Source field.
-func (p *PagesUpdate) GetSource() *PagesSource {
-	if p == nil {
-		return nil
+// GetConfigURL returns the ConfigURL field if it's non-nil, zero value otherwise.
+func (p *PreReceiveHook) GetConfigURL() string {
+	if p == nil || p.ConfigURL == nil {
+		return ""
 	}
-	return p.Source
+	return *p.ConfigURL
 }
 
-// GetOrg returns the Org map if it's non-nil, an empty map otherwise.
-func (p *PersonalAccessTokenPermissions) GetOrg() map[string]string {
-	if p == nil || p.Org == nil {
-		return map[string]string{}
+// GetEnforcement returns the Enforcement field if it's non-nil, zero value otherwise.
+func (p *PreReceiveHook) GetEnforcement() string {
+	if p == nil || p.Enforcement == nil {
+		return ""
 	}
-	return p.Org
+	return *p.Enforcement
 }
 
-// GetOther returns the Other map if it's non-nil, an empty map otherwise.
-func (p *PersonalAccessTokenPermissions) GetOther() map[string]string {
-	if p == nil || p.Other == nil {
-		return map[string]string{}
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PreReceiveHook) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
 	}
-	return p.Other
+	return *p.ID
 }
 
-// GetRepo returns the Repo map if it's non-nil, an empty map otherwise.
-func (p *PersonalAccessTokenPermissions) GetRepo() map[string]string {
-	if p == nil || p.Repo == nil {
-		return map[string]string{}
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PreReceiveHook) GetName() string {
+	if p == nil || p.Name == nil {
+		return ""
 	}
-	return p.Repo
+	return *p.Name
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *PersonalAccessTokenRequest) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
+// GetHRef returns the HRef field if it's non-nil, zero value otherwise.
+func (p *PRLink) GetHRef() string {
+	if p == nil || p.HRef == nil {
+		return ""
 	}
-	return *p.CreatedAt
+	return *p.HRef
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PersonalAccessTokenRequest) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetComments returns the Comments field.
+func (p *PRLinks) GetComments() *PRLink {
+	if p == nil {
+		return nil
 	}
-	return *p.ID
+	return p.Comments
 }
 
-// GetOwner returns the Owner field.
-func (p *PersonalAccessTokenRequest) GetOwner() *User {
+// GetCommits returns the Commits field.
+func (p *PRLinks) GetCommits() *PRLink {
 	if p == nil {
 		return nil
 	}
-	return p.Owner
+	return p.Commits
 }
 
-// GetPermissionsAdded returns the PermissionsAdded field.
-func (p *PersonalAccessTokenRequest) GetPermissionsAdded() *PersonalAccessTokenPermissions {
+// GetHTML returns the HTML field.
+func (p *PRLinks) GetHTML() *PRLink {
 	if p == nil {
 		return nil
 	}
-	return p.PermissionsAdded
+	return p.HTML
 }
 
-// GetPermissionsResult returns the PermissionsResult field.
-func (p *PersonalAccessTokenRequest) GetPermissionsResult() *PersonalAccessTokenPermissions {
+// GetIssue returns the Issue field.
+func (p *PRLinks) GetIssue() *PRLink {
 	if p == nil {
 		return nil
 	}
-	return p.PermissionsResult
+	return p.Issue
 }
 
-// GetPermissionsUpgraded returns the PermissionsUpgraded field.
-func (p *PersonalAccessTokenRequest) GetPermissionsUpgraded() *PersonalAccessTokenPermissions {
+// GetReviewComment returns the ReviewComment field.
+func (p *PRLinks) GetReviewComment() *PRLink {
 	if p == nil {
 		return nil
 	}
-	return p.PermissionsUpgraded
+	return p.ReviewComment
 }
 
-// GetRepositoryCount returns the RepositoryCount field if it's non-nil, zero value otherwise.
-func (p *PersonalAccessTokenRequest) GetRepositoryCount() int64 {
-	if p == nil || p.RepositoryCount == nil {
-		return 0
+// GetReviewComments returns the ReviewComments field.
+func (p *PRLinks) GetReviewComments() *PRLink {
+	if p == nil {
+		return nil
 	}
-	return *p.RepositoryCount
+	return p.ReviewComments
 }
 
-// GetRepositorySelection returns the RepositorySelection field if it's non-nil, zero value otherwise.
-func (p *PersonalAccessTokenRequest) GetRepositorySelection() string {
-	if p == nil || p.RepositorySelection == nil {
-		return ""
+// GetSelf returns the Self field.
+func (p *PRLinks) GetSelf() *PRLink {
+	if p == nil {
+		return nil
 	}
-	return *p.RepositorySelection
+	return p.Self
 }
 
-// GetTokenExpired returns the TokenExpired field if it's non-nil, zero value otherwise.
-func (p *PersonalAccessTokenRequest) GetTokenExpired() bool {
-	if p == nil || p.TokenExpired == nil {
-		return false
+// GetStatuses returns the Statuses field.
+func (p *PRLinks) GetStatuses() *PRLink {
+	if p == nil {
+		return nil
 	}
-	return *p.TokenExpired
+	return p.Statuses
 }
 
-// GetTokenExpiresAt returns the TokenExpiresAt field if it's non-nil, zero value otherwise.
-func (p *PersonalAccessTokenRequest) GetTokenExpiresAt() Timestamp {
-	if p == nil || p.TokenExpiresAt == nil {
-		return Timestamp{}
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (p *ProjectBody) GetFrom() string {
+	if p == nil || p.From == nil {
+		return ""
 	}
-	return *p.TokenExpiresAt
+	return *p.From
 }
 
-// GetTokenLastUsedAt returns the TokenLastUsedAt field if it's non-nil, zero value otherwise.
-func (p *PersonalAccessTokenRequest) GetTokenLastUsedAt() Timestamp {
-	if p == nil || p.TokenLastUsedAt == nil {
-		return Timestamp{}
+// GetNote returns the Note field.
+func (p *ProjectCardChange) GetNote() *ProjectCardNote {
+	if p == nil {
+		return nil
 	}
-	return *p.TokenLastUsedAt
+	return p.Note
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *PersonalAccessTokenRequestEvent) GetAction() string {
-	if p == nil || p.Action == nil {
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (p *ProjectCardNote) GetFrom() string {
+	if p == nil || p.From == nil {
 		return ""
 	}
-	return *p.Action
+	return *p.From
 }
 
-// GetInstallation returns the Installation field.
-func (p *PersonalAccessTokenRequestEvent) GetInstallation() *Installation {
+// GetBody returns the Body field.
+func (p *ProjectChange) GetBody() *ProjectBody {
 	if p == nil {
 		return nil
 	}
-	return p.Installation
+	return p.Body
 }
 
-// GetOrg returns the Org field.
-func (p *PersonalAccessTokenRequestEvent) GetOrg() *Organization {
+// GetName returns the Name field.
+func (p *ProjectChange) GetName() *ProjectName {
 	if p == nil {
 		return nil
 	}
-	return p.Org
+	return p.Name
 }
 
-// GetPersonalAccessTokenRequest returns the PersonalAccessTokenRequest field.
-func (p *PersonalAccessTokenRequestEvent) GetPersonalAccessTokenRequest() *PersonalAccessTokenRequest {
+// GetName returns the Name field.
+func (p *ProjectColumnChange) GetName() *ProjectColumnName {
 	if p == nil {
 		return nil
 	}
-	return p.PersonalAccessTokenRequest
+	return p.Name
 }
 
-// GetSender returns the Sender field.
-func (p *PersonalAccessTokenRequestEvent) GetSender() *User {
-	if p == nil {
-		return nil
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (p *ProjectColumnName) GetFrom() string {
+	if p == nil || p.From == nil {
+		return ""
 	}
-	return p.Sender
+	return *p.From
 }
 
-// GetHook returns the Hook field.
-func (p *PingEvent) GetHook() *Hook {
-	if p == nil {
-		return nil
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (p *ProjectName) GetFrom() string {
+	if p == nil || p.From == nil {
+		return ""
 	}
-	return p.Hook
+	return *p.From
 }
 
-// GetHookID returns the HookID field if it's non-nil, zero value otherwise.
-func (p *PingEvent) GetHookID() int64 {
-	if p == nil || p.HookID == nil {
-		return 0
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetBody() string {
+	if p == nil || p.Body == nil {
+		return ""
 	}
-	return *p.HookID
+	return *p.Body
 }
 
-// GetInstallation returns the Installation field.
-func (p *PingEvent) GetInstallation() *Installation {
-	if p == nil {
-		return nil
+// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetClosedAt() Timestamp {
+	if p == nil || p.ClosedAt == nil {
+		return Timestamp{}
 	}
-	return p.Installation
+	return *p.ClosedAt
 }
 
-// GetOrg returns the Org field.
-func (p *PingEvent) GetOrg() *Organization {
-	if p == nil {
-		return nil
+// GetColumnsURL returns the ColumnsURL field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetColumnsURL() string {
+	if p == nil || p.ColumnsURL == nil {
+		return ""
 	}
-	return p.Org
+	return *p.ColumnsURL
 }
 
-// GetRepo returns the Repo field.
-func (p *PingEvent) GetRepo() *Repository {
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetCreatedAt() Timestamp {
+	if p == nil || p.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *p.CreatedAt
+}
+
+// GetCreator returns the Creator field.
+func (p *ProjectV2) GetCreator() *User {
 	if p == nil {
 		return nil
 	}
-	return p.Repo
+	return p.Creator
 }
 
-// GetSender returns the Sender field.
-func (p *PingEvent) GetSender() *User {
+// GetDeletedAt returns the DeletedAt field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetDeletedAt() Timestamp {
+	if p == nil || p.DeletedAt == nil {
+		return Timestamp{}
+	}
+	return *p.DeletedAt
+}
+
+// GetDeletedBy returns the DeletedBy field.
+func (p *ProjectV2) GetDeletedBy() *User {
 	if p == nil {
 		return nil
 	}
-	return p.Sender
+	return p.DeletedBy
 }
 
-// GetZen returns the Zen field if it's non-nil, zero value otherwise.
-func (p *PingEvent) GetZen() string {
-	if p == nil || p.Zen == nil {
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetDescription() string {
+	if p == nil || p.Description == nil {
 		return ""
 	}
-	return *p.Zen
+	return *p.Description
 }
 
-// GetCollaborators returns the Collaborators field if it's non-nil, zero value otherwise.
-func (p *Plan) GetCollaborators() int {
-	if p == nil || p.Collaborators == nil {
-		return 0
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
+		return ""
 	}
-	return *p.Collaborators
+	return *p.HTMLURL
 }
 
-// GetFilledSeats returns the FilledSeats field if it's non-nil, zero value otherwise.
-func (p *Plan) GetFilledSeats() int {
-	if p == nil || p.FilledSeats == nil {
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetID() int64 {
+	if p == nil || p.ID == nil {
 		return 0
 	}
-	return *p.FilledSeats
+	return *p.ID
 }
 
 // GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *Plan) GetName() string {
+func (p *ProjectV2) GetName() string {
 	if p == nil || p.Name == nil {
 		return ""
 	}
 	return *p.Name
 }
 
-// GetPrivateRepos returns the PrivateRepos field if it's non-nil, zero value otherwise.
-func (p *Plan) GetPrivateRepos() int64 {
-	if p == nil || p.PrivateRepos == nil {
-		return 0
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetNodeID() string {
+	if p == nil || p.NodeID == nil {
+		return ""
 	}
-	return *p.PrivateRepos
+	return *p.NodeID
 }
 
-// GetSeats returns the Seats field if it's non-nil, zero value otherwise.
-func (p *Plan) GetSeats() int {
-	if p == nil || p.Seats == nil {
+// GetNumber returns the Number field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetNumber() int {
+	if p == nil || p.Number == nil {
 		return 0
 	}
-	return *p.Seats
+	return *p.Number
 }
 
-// GetSpace returns the Space field if it's non-nil, zero value otherwise.
-func (p *Plan) GetSpace() int {
-	if p == nil || p.Space == nil {
-		return 0
+// GetOrganizationPermission returns the OrganizationPermission field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetOrganizationPermission() string {
+	if p == nil || p.OrganizationPermission == nil {
+		return ""
 	}
-	return *p.Space
+	return *p.OrganizationPermission
 }
 
-// GetCode returns the Code field if it's non-nil, zero value otherwise.
-func (p *PolicyOverrideReason) GetCode() string {
-	if p == nil || p.Code == nil {
-		return ""
+// GetOwner returns the Owner field.
+func (p *ProjectV2) GetOwner() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.Code
+	return p.Owner
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (p *PolicyOverrideReason) GetMessage() string {
-	if p == nil || p.Message == nil {
+// GetOwnerURL returns the OwnerURL field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetOwnerURL() string {
+	if p == nil || p.OwnerURL == nil {
 		return ""
 	}
-	return *p.Message
+	return *p.OwnerURL
 }
 
-// GetConfigURL returns the ConfigURL field if it's non-nil, zero value otherwise.
-func (p *PreReceiveHook) GetConfigURL() string {
-	if p == nil || p.ConfigURL == nil {
-		return ""
+// GetPrivate returns the Private field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetPrivate() bool {
+	if p == nil || p.Private == nil {
+		return false
 	}
-	return *p.ConfigURL
+	return *p.Private
 }
 
-// GetEnforcement returns the Enforcement field if it's non-nil, zero value otherwise.
-func (p *PreReceiveHook) GetEnforcement() string {
-	if p == nil || p.Enforcement == nil {
-		return ""
+// GetPublic returns the Public field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetPublic() bool {
+	if p == nil || p.Public == nil {
+		return false
 	}
-	return *p.Enforcement
+	return *p.Public
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PreReceiveHook) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetShortDescription returns the ShortDescription field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetShortDescription() string {
+	if p == nil || p.ShortDescription == nil {
+		return ""
 	}
-	return *p.ID
+	return *p.ShortDescription
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *PreReceiveHook) GetName() string {
-	if p == nil || p.Name == nil {
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetState() string {
+	if p == nil || p.State == nil {
 		return ""
 	}
-	return *p.Name
+	return *p.State
 }
 
-// GetHRef returns the HRef field if it's non-nil, zero value otherwise.
-func (p *PRLink) GetHRef() string {
-	if p == nil || p.HRef == nil {
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetTitle() string {
+	if p == nil || p.Title == nil {
 		return ""
 	}
-	return *p.HRef
+	return *p.Title
 }
 
-// GetComments returns the Comments field.
-func (p *PRLinks) GetComments() *PRLink {
-	if p == nil {
-		return nil
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetUpdatedAt() Timestamp {
+	if p == nil || p.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return p.Comments
+	return *p.UpdatedAt
 }
 
-// GetCommits returns the Commits field.
-func (p *PRLinks) GetCommits() *PRLink {
-	if p == nil {
-		return nil
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (p *ProjectV2) GetURL() string {
+	if p == nil || p.URL == nil {
+		return ""
 	}
-	return p.Commits
+	return *p.URL
 }
 
-// GetHTML returns the HTML field.
-func (p *PRLinks) GetHTML() *PRLink {
-	if p == nil {
-		return nil
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (p *ProjectV2Event) GetAction() string {
+	if p == nil || p.Action == nil {
+		return ""
 	}
-	return p.HTML
+	return *p.Action
 }
 
-// GetIssue returns the Issue field.
-func (p *PRLinks) GetIssue() *PRLink {
+// GetInstallation returns the Installation field.
+func (p *ProjectV2Event) GetInstallation() *Installation {
 	if p == nil {
 		return nil
 	}
-	return p.Issue
+	return p.Installation
 }
 
-// GetReviewComment returns the ReviewComment field.
-func (p *PRLinks) GetReviewComment() *PRLink {
+// GetOrg returns the Org field.
+func (p *ProjectV2Event) GetOrg() *Organization {
 	if p == nil {
 		return nil
 	}
-	return p.ReviewComment
+	return p.Org
 }
 
-// GetReviewComments returns the ReviewComments field.
-func (p *PRLinks) GetReviewComments() *PRLink {
+// GetProjectsV2 returns the ProjectsV2 field.
+func (p *ProjectV2Event) GetProjectsV2() *ProjectV2 {
 	if p == nil {
 		return nil
 	}
-	return p.ReviewComments
+	return p.ProjectsV2
 }
 
-// GetSelf returns the Self field.
-func (p *PRLinks) GetSelf() *PRLink {
+// GetSender returns the Sender field.
+func (p *ProjectV2Event) GetSender() *User {
 	if p == nil {
 		return nil
 	}
-	return p.Self
+	return p.Sender
 }
 
-// GetStatuses returns the Statuses field.
-func (p *PRLinks) GetStatuses() *PRLink {
-	if p == nil {
-		return nil
+// GetArchivedAt returns the ArchivedAt field if it's non-nil, zero value otherwise.
+func (p *ProjectV2Item) GetArchivedAt() Timestamp {
+	if p == nil || p.ArchivedAt == nil {
+		return Timestamp{}
 	}
-	return p.Statuses
+	return *p.ArchivedAt
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (p *Project) GetBody() string {
-	if p == nil || p.Body == nil {
+// GetContentNodeID returns the ContentNodeID field if it's non-nil, zero value otherwise.
+func (p *ProjectV2Item) GetContentNodeID() string {
+	if p == nil || p.ContentNodeID == nil {
 		return ""
 	}
-	return *p.Body
+	return *p.ContentNodeID
 }
 
-// GetColumnsURL returns the ColumnsURL field if it's non-nil, zero value otherwise.
-func (p *Project) GetColumnsURL() string {
-	if p == nil || p.ColumnsURL == nil {
+// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
+func (p *ProjectV2Item) GetContentType() string {
+	if p == nil || p.ContentType == nil {
 		return ""
 	}
-	return *p.ColumnsURL
+	return *p.ContentType
 }
 
 // GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *Project) GetCreatedAt() Timestamp {
+func (p *ProjectV2Item) GetCreatedAt() Timestamp {
 	if p == nil || p.CreatedAt == nil {
 		return Timestamp{}
 	}
@@ -13999,511 +18223,447 @@ func (p *Project) GetCreatedAt() Timestamp {
 }
 
 // GetCreator returns the Creator field.
-func (p *Project) GetCreator() *User {
+func (p *ProjectV2Item) GetCreator() *User {
 	if p == nil {
 		return nil
 	}
 	return p.Creator
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *Project) GetHTMLURL() string {
-	if p == nil || p.HTMLURL == nil {
-		return ""
-	}
-	return *p.HTMLURL
-}
-
 // GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *Project) GetID() int64 {
+func (p *ProjectV2Item) GetID() int64 {
 	if p == nil || p.ID == nil {
 		return 0
 	}
 	return *p.ID
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *Project) GetName() string {
-	if p == nil || p.Name == nil {
-		return ""
-	}
-	return *p.Name
-}
-
 // GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *Project) GetNodeID() string {
+func (p *ProjectV2Item) GetNodeID() string {
 	if p == nil || p.NodeID == nil {
 		return ""
 	}
 	return *p.NodeID
 }
 
-// GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (p *Project) GetNumber() int {
-	if p == nil || p.Number == nil {
-		return 0
-	}
-	return *p.Number
-}
-
-// GetOrganizationPermission returns the OrganizationPermission field if it's non-nil, zero value otherwise.
-func (p *Project) GetOrganizationPermission() string {
-	if p == nil || p.OrganizationPermission == nil {
+// GetProjectNodeID returns the ProjectNodeID field if it's non-nil, zero value otherwise.
+func (p *ProjectV2Item) GetProjectNodeID() string {
+	if p == nil || p.ProjectNodeID == nil {
 		return ""
 	}
-	return *p.OrganizationPermission
+	return *p.ProjectNodeID
 }
 
-// GetOwnerURL returns the OwnerURL field if it's non-nil, zero value otherwise.
-func (p *Project) GetOwnerURL() string {
-	if p == nil || p.OwnerURL == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (p *ProjectV2Item) GetUpdatedAt() Timestamp {
+	if p == nil || p.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *p.OwnerURL
+	return *p.UpdatedAt
 }
 
-// GetPrivate returns the Private field if it's non-nil, zero value otherwise.
-func (p *Project) GetPrivate() bool {
-	if p == nil || p.Private == nil {
-		return false
+// GetArchivedAt returns the ArchivedAt field.
+func (p *ProjectV2ItemChange) GetArchivedAt() *ArchivedAt {
+	if p == nil {
+		return nil
 	}
-	return *p.Private
+	return p.ArchivedAt
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (p *Project) GetState() string {
-	if p == nil || p.State == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (p *ProjectV2ItemEvent) GetAction() string {
+	if p == nil || p.Action == nil {
 		return ""
 	}
-	return *p.State
+	return *p.Action
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *Project) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetChanges returns the Changes field.
+func (p *ProjectV2ItemEvent) GetChanges() *ProjectV2ItemChange {
+	if p == nil {
+		return nil
 	}
-	return *p.UpdatedAt
+	return p.Changes
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *Project) GetURL() string {
-	if p == nil || p.URL == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (p *ProjectV2ItemEvent) GetInstallation() *Installation {
+	if p == nil {
+		return nil
 	}
-	return *p.URL
+	return p.Installation
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (p *ProjectBody) GetFrom() string {
-	if p == nil || p.From == nil {
-		return ""
+// GetOrg returns the Org field.
+func (p *ProjectV2ItemEvent) GetOrg() *Organization {
+	if p == nil {
+		return nil
 	}
-	return *p.From
+	return p.Org
 }
 
-// GetArchived returns the Archived field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetArchived() bool {
-	if p == nil || p.Archived == nil {
-		return false
+// GetProjectV2Item returns the ProjectV2Item field.
+func (p *ProjectV2ItemEvent) GetProjectV2Item() *ProjectV2Item {
+	if p == nil {
+		return nil
 	}
-	return *p.Archived
+	return p.ProjectV2Item
 }
 
-// GetColumnID returns the ColumnID field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetColumnID() int64 {
-	if p == nil || p.ColumnID == nil {
-		return 0
+// GetSender returns the Sender field.
+func (p *ProjectV2ItemEvent) GetSender() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.ColumnID
+	return p.Sender
 }
 
-// GetColumnName returns the ColumnName field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetColumnName() string {
-	if p == nil || p.ColumnName == nil {
-		return ""
+// GetAllowDeletions returns the AllowDeletions field.
+func (p *Protection) GetAllowDeletions() *AllowDeletions {
+	if p == nil {
+		return nil
 	}
-	return *p.ColumnName
+	return p.AllowDeletions
 }
 
-// GetColumnURL returns the ColumnURL field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetColumnURL() string {
-	if p == nil || p.ColumnURL == nil {
-		return ""
+// GetAllowForcePushes returns the AllowForcePushes field.
+func (p *Protection) GetAllowForcePushes() *AllowForcePushes {
+	if p == nil {
+		return nil
 	}
-	return *p.ColumnURL
+	return p.AllowForcePushes
 }
 
-// GetContentURL returns the ContentURL field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetContentURL() string {
-	if p == nil || p.ContentURL == nil {
-		return ""
+// GetAllowForkSyncing returns the AllowForkSyncing field.
+func (p *Protection) GetAllowForkSyncing() *AllowForkSyncing {
+	if p == nil {
+		return nil
 	}
-	return *p.ContentURL
+	return p.AllowForkSyncing
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
+// GetBlockCreations returns the BlockCreations field.
+func (p *Protection) GetBlockCreations() *BlockCreations {
+	if p == nil {
+		return nil
 	}
-	return *p.CreatedAt
+	return p.BlockCreations
 }
 
-// GetCreator returns the Creator field.
-func (p *ProjectCard) GetCreator() *User {
+// GetEnforceAdmins returns the EnforceAdmins field.
+func (p *Protection) GetEnforceAdmins() *AdminEnforcement {
 	if p == nil {
 		return nil
 	}
-	return p.Creator
+	return p.EnforceAdmins
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetLockBranch returns the LockBranch field.
+func (p *Protection) GetLockBranch() *LockBranch {
+	if p == nil {
+		return nil
 	}
-	return *p.ID
+	return p.LockBranch
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
-		return ""
+// GetRequiredConversationResolution returns the RequiredConversationResolution field.
+func (p *Protection) GetRequiredConversationResolution() *RequiredConversationResolution {
+	if p == nil {
+		return nil
 	}
-	return *p.NodeID
+	return p.RequiredConversationResolution
 }
 
-// GetNote returns the Note field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetNote() string {
-	if p == nil || p.Note == nil {
-		return ""
+// GetRequiredPullRequestReviews returns the RequiredPullRequestReviews field.
+func (p *Protection) GetRequiredPullRequestReviews() *PullRequestReviewsEnforcement {
+	if p == nil {
+		return nil
 	}
-	return *p.Note
+	return p.RequiredPullRequestReviews
 }
 
-// GetPreviousColumnName returns the PreviousColumnName field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetPreviousColumnName() string {
-	if p == nil || p.PreviousColumnName == nil {
-		return ""
+// GetRequiredSignatures returns the RequiredSignatures field.
+func (p *Protection) GetRequiredSignatures() *SignaturesProtectedBranch {
+	if p == nil {
+		return nil
 	}
-	return *p.PreviousColumnName
+	return p.RequiredSignatures
 }
 
-// GetProjectID returns the ProjectID field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetProjectID() int64 {
-	if p == nil || p.ProjectID == nil {
-		return 0
+// GetRequiredStatusChecks returns the RequiredStatusChecks field.
+func (p *Protection) GetRequiredStatusChecks() *RequiredStatusChecks {
+	if p == nil {
+		return nil
 	}
-	return *p.ProjectID
+	return p.RequiredStatusChecks
 }
 
-// GetProjectURL returns the ProjectURL field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetProjectURL() string {
-	if p == nil || p.ProjectURL == nil {
-		return ""
+// GetRequireLinearHistory returns the RequireLinearHistory field.
+func (p *Protection) GetRequireLinearHistory() *RequireLinearHistory {
+	if p == nil {
+		return nil
 	}
-	return *p.ProjectURL
+	return p.RequireLinearHistory
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetRestrictions returns the Restrictions field.
+func (p *Protection) GetRestrictions() *BranchRestrictions {
+	if p == nil {
+		return nil
 	}
-	return *p.UpdatedAt
+	return p.Restrictions
 }
 
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *ProjectCard) GetURL() string {
+func (p *Protection) GetURL() string {
 	if p == nil || p.URL == nil {
 		return ""
 	}
 	return *p.URL
 }
 
-// GetNote returns the Note field.
-func (p *ProjectCardChange) GetNote() *ProjectCardNote {
+// GetAdminEnforced returns the AdminEnforced field.
+func (p *ProtectionChanges) GetAdminEnforced() *AdminEnforcedChanges {
 	if p == nil {
 		return nil
 	}
-	return p.Note
-}
-
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *ProjectCardEvent) GetAction() string {
-	if p == nil || p.Action == nil {
-		return ""
-	}
-	return *p.Action
-}
-
-// GetAfterID returns the AfterID field if it's non-nil, zero value otherwise.
-func (p *ProjectCardEvent) GetAfterID() int64 {
-	if p == nil || p.AfterID == nil {
-		return 0
-	}
-	return *p.AfterID
+	return p.AdminEnforced
 }
 
-// GetChanges returns the Changes field.
-func (p *ProjectCardEvent) GetChanges() *ProjectCardChange {
+// GetAllowDeletionsEnforcementLevel returns the AllowDeletionsEnforcementLevel field.
+func (p *ProtectionChanges) GetAllowDeletionsEnforcementLevel() *AllowDeletionsEnforcementLevelChanges {
 	if p == nil {
 		return nil
 	}
-	return p.Changes
+	return p.AllowDeletionsEnforcementLevel
 }
 
-// GetInstallation returns the Installation field.
-func (p *ProjectCardEvent) GetInstallation() *Installation {
+// GetAuthorizedActorNames returns the AuthorizedActorNames field.
+func (p *ProtectionChanges) GetAuthorizedActorNames() *AuthorizedActorNames {
 	if p == nil {
 		return nil
 	}
-	return p.Installation
+	return p.AuthorizedActorNames
 }
 
-// GetOrg returns the Org field.
-func (p *ProjectCardEvent) GetOrg() *Organization {
+// GetAuthorizedActorsOnly returns the AuthorizedActorsOnly field.
+func (p *ProtectionChanges) GetAuthorizedActorsOnly() *AuthorizedActorsOnly {
 	if p == nil {
 		return nil
 	}
-	return p.Org
+	return p.AuthorizedActorsOnly
 }
 
-// GetProjectCard returns the ProjectCard field.
-func (p *ProjectCardEvent) GetProjectCard() *ProjectCard {
+// GetAuthorizedDismissalActorsOnly returns the AuthorizedDismissalActorsOnly field.
+func (p *ProtectionChanges) GetAuthorizedDismissalActorsOnly() *AuthorizedDismissalActorsOnlyChanges {
 	if p == nil {
 		return nil
 	}
-	return p.ProjectCard
+	return p.AuthorizedDismissalActorsOnly
 }
 
-// GetRepo returns the Repo field.
-func (p *ProjectCardEvent) GetRepo() *Repository {
+// GetCreateProtected returns the CreateProtected field.
+func (p *ProtectionChanges) GetCreateProtected() *CreateProtectedChanges {
 	if p == nil {
 		return nil
 	}
-	return p.Repo
+	return p.CreateProtected
 }
 
-// GetSender returns the Sender field.
-func (p *ProjectCardEvent) GetSender() *User {
+// GetDismissStaleReviewsOnPush returns the DismissStaleReviewsOnPush field.
+func (p *ProtectionChanges) GetDismissStaleReviewsOnPush() *DismissStaleReviewsOnPushChanges {
 	if p == nil {
 		return nil
 	}
-	return p.Sender
-}
-
-// GetArchivedState returns the ArchivedState field if it's non-nil, zero value otherwise.
-func (p *ProjectCardListOptions) GetArchivedState() string {
-	if p == nil || p.ArchivedState == nil {
-		return ""
-	}
-	return *p.ArchivedState
-}
-
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (p *ProjectCardNote) GetFrom() string {
-	if p == nil || p.From == nil {
-		return ""
-	}
-	return *p.From
-}
-
-// GetArchived returns the Archived field if it's non-nil, zero value otherwise.
-func (p *ProjectCardOptions) GetArchived() bool {
-	if p == nil || p.Archived == nil {
-		return false
-	}
-	return *p.Archived
+	return p.DismissStaleReviewsOnPush
 }
 
-// GetBody returns the Body field.
-func (p *ProjectChange) GetBody() *ProjectBody {
+// GetLinearHistoryRequirementEnforcementLevel returns the LinearHistoryRequirementEnforcementLevel field.
+func (p *ProtectionChanges) GetLinearHistoryRequirementEnforcementLevel() *LinearHistoryRequirementEnforcementLevelChanges {
 	if p == nil {
 		return nil
 	}
-	return p.Body
+	return p.LinearHistoryRequirementEnforcementLevel
 }
 
-// GetName returns the Name field.
-func (p *ProjectChange) GetName() *ProjectName {
+// GetPullRequestReviewsEnforcementLevel returns the PullRequestReviewsEnforcementLevel field.
+func (p *ProtectionChanges) GetPullRequestReviewsEnforcementLevel() *PullRequestReviewsEnforcementLevelChanges {
 	if p == nil {
 		return nil
 	}
-	return p.Name
+	return p.PullRequestReviewsEnforcementLevel
 }
 
-// GetPermission returns the Permission field if it's non-nil, zero value otherwise.
-func (p *ProjectCollaboratorOptions) GetPermission() string {
-	if p == nil || p.Permission == nil {
-		return ""
+// GetRequireCodeOwnerReview returns the RequireCodeOwnerReview field.
+func (p *ProtectionChanges) GetRequireCodeOwnerReview() *RequireCodeOwnerReviewChanges {
+	if p == nil {
+		return nil
 	}
-	return *p.Permission
+	return p.RequireCodeOwnerReview
 }
 
-// GetCardsURL returns the CardsURL field if it's non-nil, zero value otherwise.
-func (p *ProjectColumn) GetCardsURL() string {
-	if p == nil || p.CardsURL == nil {
-		return ""
+// GetRequiredConversationResolutionLevel returns the RequiredConversationResolutionLevel field.
+func (p *ProtectionChanges) GetRequiredConversationResolutionLevel() *RequiredConversationResolutionLevelChanges {
+	if p == nil {
+		return nil
 	}
-	return *p.CardsURL
+	return p.RequiredConversationResolutionLevel
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectColumn) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
+// GetRequiredDeploymentsEnforcementLevel returns the RequiredDeploymentsEnforcementLevel field.
+func (p *ProtectionChanges) GetRequiredDeploymentsEnforcementLevel() *RequiredDeploymentsEnforcementLevelChanges {
+	if p == nil {
+		return nil
 	}
-	return *p.CreatedAt
+	return p.RequiredDeploymentsEnforcementLevel
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *ProjectColumn) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetRequiredStatusChecks returns the RequiredStatusChecks field.
+func (p *ProtectionChanges) GetRequiredStatusChecks() *RequiredStatusChecksChanges {
+	if p == nil {
+		return nil
 	}
-	return *p.ID
+	return p.RequiredStatusChecks
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *ProjectColumn) GetName() string {
-	if p == nil || p.Name == nil {
-		return ""
+// GetRequiredStatusChecksEnforcementLevel returns the RequiredStatusChecksEnforcementLevel field.
+func (p *ProtectionChanges) GetRequiredStatusChecksEnforcementLevel() *RequiredStatusChecksEnforcementLevelChanges {
+	if p == nil {
+		return nil
 	}
-	return *p.Name
+	return p.RequiredStatusChecksEnforcementLevel
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *ProjectColumn) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
-		return ""
+// GetSignatureRequirementEnforcementLevel returns the SignatureRequirementEnforcementLevel field.
+func (p *ProtectionChanges) GetSignatureRequirementEnforcementLevel() *SignatureRequirementEnforcementLevelChanges {
+	if p == nil {
+		return nil
 	}
-	return *p.NodeID
+	return p.SignatureRequirementEnforcementLevel
 }
 
-// GetProjectURL returns the ProjectURL field if it's non-nil, zero value otherwise.
-func (p *ProjectColumn) GetProjectURL() string {
-	if p == nil || p.ProjectURL == nil {
-		return ""
+// GetAllowDeletions returns the AllowDeletions field if it's non-nil, zero value otherwise.
+func (p *ProtectionRequest) GetAllowDeletions() bool {
+	if p == nil || p.AllowDeletions == nil {
+		return false
 	}
-	return *p.ProjectURL
+	return *p.AllowDeletions
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectColumn) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetAllowForcePushes returns the AllowForcePushes field if it's non-nil, zero value otherwise.
+func (p *ProtectionRequest) GetAllowForcePushes() bool {
+	if p == nil || p.AllowForcePushes == nil {
+		return false
 	}
-	return *p.UpdatedAt
+	return *p.AllowForcePushes
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *ProjectColumn) GetURL() string {
-	if p == nil || p.URL == nil {
-		return ""
+// GetAllowForkSyncing returns the AllowForkSyncing field if it's non-nil, zero value otherwise.
+func (p *ProtectionRequest) GetAllowForkSyncing() bool {
+	if p == nil || p.AllowForkSyncing == nil {
+		return false
 	}
-	return *p.URL
+	return *p.AllowForkSyncing
 }
 
-// GetName returns the Name field.
-func (p *ProjectColumnChange) GetName() *ProjectColumnName {
-	if p == nil {
-		return nil
+// GetBlockCreations returns the BlockCreations field if it's non-nil, zero value otherwise.
+func (p *ProtectionRequest) GetBlockCreations() bool {
+	if p == nil || p.BlockCreations == nil {
+		return false
 	}
-	return p.Name
+	return *p.BlockCreations
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *ProjectColumnEvent) GetAction() string {
-	if p == nil || p.Action == nil {
-		return ""
+// GetLockBranch returns the LockBranch field if it's non-nil, zero value otherwise.
+func (p *ProtectionRequest) GetLockBranch() bool {
+	if p == nil || p.LockBranch == nil {
+		return false
 	}
-	return *p.Action
+	return *p.LockBranch
 }
 
-// GetAfterID returns the AfterID field if it's non-nil, zero value otherwise.
-func (p *ProjectColumnEvent) GetAfterID() int64 {
-	if p == nil || p.AfterID == nil {
-		return 0
+// GetRequiredConversationResolution returns the RequiredConversationResolution field if it's non-nil, zero value otherwise.
+func (p *ProtectionRequest) GetRequiredConversationResolution() bool {
+	if p == nil || p.RequiredConversationResolution == nil {
+		return false
 	}
-	return *p.AfterID
+	return *p.RequiredConversationResolution
 }
 
-// GetChanges returns the Changes field.
-func (p *ProjectColumnEvent) GetChanges() *ProjectColumnChange {
+// GetRequiredPullRequestReviews returns the RequiredPullRequestReviews field.
+func (p *ProtectionRequest) GetRequiredPullRequestReviews() *PullRequestReviewsEnforcementRequest {
 	if p == nil {
 		return nil
 	}
-	return p.Changes
+	return p.RequiredPullRequestReviews
 }
 
-// GetInstallation returns the Installation field.
-func (p *ProjectColumnEvent) GetInstallation() *Installation {
+// GetRequiredStatusChecks returns the RequiredStatusChecks field.
+func (p *ProtectionRequest) GetRequiredStatusChecks() *RequiredStatusChecks {
 	if p == nil {
 		return nil
 	}
-	return p.Installation
+	return p.RequiredStatusChecks
 }
 
-// GetOrg returns the Org field.
-func (p *ProjectColumnEvent) GetOrg() *Organization {
-	if p == nil {
-		return nil
+// GetRequireLinearHistory returns the RequireLinearHistory field if it's non-nil, zero value otherwise.
+func (p *ProtectionRequest) GetRequireLinearHistory() bool {
+	if p == nil || p.RequireLinearHistory == nil {
+		return false
 	}
-	return p.Org
+	return *p.RequireLinearHistory
 }
 
-// GetProjectColumn returns the ProjectColumn field.
-func (p *ProjectColumnEvent) GetProjectColumn() *ProjectColumn {
+// GetRestrictions returns the Restrictions field.
+func (p *ProtectionRequest) GetRestrictions() *BranchRestrictionsRequest {
 	if p == nil {
 		return nil
 	}
-	return p.ProjectColumn
+	return p.Restrictions
 }
 
-// GetRepo returns the Repo field.
-func (p *ProjectColumnEvent) GetRepo() *Repository {
-	if p == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *ProtectionRule) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
 	}
-	return p.Repo
+	return *p.ID
 }
 
-// GetSender returns the Sender field.
-func (p *ProjectColumnEvent) GetSender() *User {
-	if p == nil {
-		return nil
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (p *ProtectionRule) GetNodeID() string {
+	if p == nil || p.NodeID == nil {
+		return ""
 	}
-	return p.Sender
+	return *p.NodeID
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (p *ProjectColumnName) GetFrom() string {
-	if p == nil || p.From == nil {
-		return ""
+// GetPreventSelfReview returns the PreventSelfReview field if it's non-nil, zero value otherwise.
+func (p *ProtectionRule) GetPreventSelfReview() bool {
+	if p == nil || p.PreventSelfReview == nil {
+		return false
 	}
-	return *p.From
+	return *p.PreventSelfReview
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *ProjectEvent) GetAction() string {
-	if p == nil || p.Action == nil {
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (p *ProtectionRule) GetType() string {
+	if p == nil || p.Type == nil {
 		return ""
 	}
-	return *p.Action
+	return *p.Type
 }
 
-// GetChanges returns the Changes field.
-func (p *ProjectEvent) GetChanges() *ProjectChange {
-	if p == nil {
-		return nil
+// GetWaitTimer returns the WaitTimer field if it's non-nil, zero value otherwise.
+func (p *ProtectionRule) GetWaitTimer() int {
+	if p == nil || p.WaitTimer == nil {
+		return 0
 	}
-	return p.Changes
+	return *p.WaitTimer
 }
 
 // GetInstallation returns the Installation field.
-func (p *ProjectEvent) GetInstallation() *Installation {
+func (p *PublicEvent) GetInstallation() *Installation {
 	if p == nil {
 		return nil
 	}
@@ -14511,23 +18671,15 @@ func (p *ProjectEvent) GetInstallation() *Installation {
 }
 
 // GetOrg returns the Org field.
-func (p *ProjectEvent) GetOrg() *Organization {
+func (p *PublicEvent) GetOrg() *Organization {
 	if p == nil {
 		return nil
 	}
 	return p.Org
 }
 
-// GetProject returns the Project field.
-func (p *ProjectEvent) GetProject() *Project {
-	if p == nil {
-		return nil
-	}
-	return p.Project
-}
-
 // GetRepo returns the Repo field.
-func (p *ProjectEvent) GetRepo() *Repository {
+func (p *PublicEvent) GetRepo() *Repository {
 	if p == nil {
 		return nil
 	}
@@ -14535,1191 +18687,1079 @@ func (p *ProjectEvent) GetRepo() *Repository {
 }
 
 // GetSender returns the Sender field.
-func (p *ProjectEvent) GetSender() *User {
+func (p *PublicEvent) GetSender() *User {
 	if p == nil {
 		return nil
 	}
 	return p.Sender
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (p *ProjectName) GetFrom() string {
-	if p == nil || p.From == nil {
-		return ""
-	}
-	return *p.From
-}
-
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (p *ProjectOptions) GetBody() string {
-	if p == nil || p.Body == nil {
-		return ""
-	}
-	return *p.Body
-}
-
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *ProjectOptions) GetName() string {
-	if p == nil || p.Name == nil {
+// GetKey returns the Key field if it's non-nil, zero value otherwise.
+func (p *PublicKey) GetKey() string {
+	if p == nil || p.Key == nil {
 		return ""
 	}
-	return *p.Name
+	return *p.Key
 }
 
-// GetOrganizationPermission returns the OrganizationPermission field if it's non-nil, zero value otherwise.
-func (p *ProjectOptions) GetOrganizationPermission() string {
-	if p == nil || p.OrganizationPermission == nil {
+// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise.
+func (p *PublicKey) GetKeyID() string {
+	if p == nil || p.KeyID == nil {
 		return ""
 	}
-	return *p.OrganizationPermission
-}
-
-// GetPrivate returns the Private field if it's non-nil, zero value otherwise.
-func (p *ProjectOptions) GetPrivate() bool {
-	if p == nil || p.Private == nil {
-		return false
-	}
-	return *p.Private
+	return *p.KeyID
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (p *ProjectOptions) GetState() string {
-	if p == nil || p.State == nil {
+// GetActiveLockReason returns the ActiveLockReason field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetActiveLockReason() string {
+	if p == nil || p.ActiveLockReason == nil {
 		return ""
 	}
-	return *p.State
+	return *p.ActiveLockReason
 }
 
-// GetPermission returns the Permission field if it's non-nil, zero value otherwise.
-func (p *ProjectPermissionLevel) GetPermission() string {
-	if p == nil || p.Permission == nil {
-		return ""
+// GetAdditions returns the Additions field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetAdditions() int {
+	if p == nil || p.Additions == nil {
+		return 0
 	}
-	return *p.Permission
+	return *p.Additions
 }
 
-// GetUser returns the User field.
-func (p *ProjectPermissionLevel) GetUser() *User {
+// GetAssignee returns the Assignee field.
+func (p *PullRequest) GetAssignee() *User {
 	if p == nil {
 		return nil
 	}
-	return p.User
-}
-
-// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetClosedAt() Timestamp {
-	if p == nil || p.ClosedAt == nil {
-		return Timestamp{}
-	}
-	return *p.ClosedAt
+	return p.Assignee
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
+// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetAuthorAssociation() string {
+	if p == nil || p.AuthorAssociation == nil {
+		return ""
 	}
-	return *p.CreatedAt
+	return *p.AuthorAssociation
 }
 
-// GetCreator returns the Creator field.
-func (p *ProjectsV2) GetCreator() *User {
+// GetAutoMerge returns the AutoMerge field.
+func (p *PullRequest) GetAutoMerge() *PullRequestAutoMerge {
 	if p == nil {
 		return nil
 	}
-	return p.Creator
-}
-
-// GetDeletedAt returns the DeletedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetDeletedAt() Timestamp {
-	if p == nil || p.DeletedAt == nil {
-		return Timestamp{}
-	}
-	return *p.DeletedAt
+	return p.AutoMerge
 }
 
-// GetDeletedBy returns the DeletedBy field.
-func (p *ProjectsV2) GetDeletedBy() *User {
+// GetBase returns the Base field.
+func (p *PullRequest) GetBase() *PullRequestBranch {
 	if p == nil {
 		return nil
 	}
-	return p.DeletedBy
+	return p.Base
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetDescription() string {
-	if p == nil || p.Description == nil {
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetBody() string {
+	if p == nil || p.Body == nil {
 		return ""
 	}
-	return *p.Description
+	return *p.Body
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetID() int64 {
-	if p == nil || p.ID == nil {
+// GetChangedFiles returns the ChangedFiles field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetChangedFiles() int {
+	if p == nil || p.ChangedFiles == nil {
 		return 0
 	}
-	return *p.ID
+	return *p.ChangedFiles
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
-		return ""
+// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetClosedAt() Timestamp {
+	if p == nil || p.ClosedAt == nil {
+		return Timestamp{}
 	}
-	return *p.NodeID
+	return *p.ClosedAt
 }
 
-// GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetNumber() int {
-	if p == nil || p.Number == nil {
+// GetComments returns the Comments field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetComments() int {
+	if p == nil || p.Comments == nil {
 		return 0
 	}
-	return *p.Number
-}
-
-// GetOwner returns the Owner field.
-func (p *ProjectsV2) GetOwner() *User {
-	if p == nil {
-		return nil
-	}
-	return p.Owner
-}
-
-// GetPublic returns the Public field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetPublic() bool {
-	if p == nil || p.Public == nil {
-		return false
-	}
-	return *p.Public
-}
-
-// GetShortDescription returns the ShortDescription field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetShortDescription() string {
-	if p == nil || p.ShortDescription == nil {
-		return ""
-	}
-	return *p.ShortDescription
-}
-
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetTitle() string {
-	if p == nil || p.Title == nil {
-		return ""
-	}
-	return *p.Title
-}
-
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectsV2) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
-	}
-	return *p.UpdatedAt
+	return *p.Comments
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *ProjectV2Event) GetAction() string {
-	if p == nil || p.Action == nil {
+// GetCommentsURL returns the CommentsURL field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetCommentsURL() string {
+	if p == nil || p.CommentsURL == nil {
 		return ""
 	}
-	return *p.Action
-}
-
-// GetInstallation returns the Installation field.
-func (p *ProjectV2Event) GetInstallation() *Installation {
-	if p == nil {
-		return nil
-	}
-	return p.Installation
-}
-
-// GetOrg returns the Org field.
-func (p *ProjectV2Event) GetOrg() *Organization {
-	if p == nil {
-		return nil
-	}
-	return p.Org
+	return *p.CommentsURL
 }
 
-// GetProjectsV2 returns the ProjectsV2 field.
-func (p *ProjectV2Event) GetProjectsV2() *ProjectsV2 {
-	if p == nil {
-		return nil
+// GetCommits returns the Commits field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetCommits() int {
+	if p == nil || p.Commits == nil {
+		return 0
 	}
-	return p.ProjectsV2
+	return *p.Commits
 }
 
-// GetSender returns the Sender field.
-func (p *ProjectV2Event) GetSender() *User {
-	if p == nil {
-		return nil
+// GetCommitsURL returns the CommitsURL field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetCommitsURL() string {
+	if p == nil || p.CommitsURL == nil {
+		return ""
 	}
-	return p.Sender
+	return *p.CommitsURL
 }
 
-// GetArchivedAt returns the ArchivedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectV2Item) GetArchivedAt() Timestamp {
-	if p == nil || p.ArchivedAt == nil {
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetCreatedAt() Timestamp {
+	if p == nil || p.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *p.ArchivedAt
+	return *p.CreatedAt
 }
 
-// GetContentNodeID returns the ContentNodeID field if it's non-nil, zero value otherwise.
-func (p *ProjectV2Item) GetContentNodeID() string {
-	if p == nil || p.ContentNodeID == nil {
-		return ""
+// GetDeletions returns the Deletions field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetDeletions() int {
+	if p == nil || p.Deletions == nil {
+		return 0
 	}
-	return *p.ContentNodeID
+	return *p.Deletions
 }
 
-// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
-func (p *ProjectV2Item) GetContentType() string {
-	if p == nil || p.ContentType == nil {
+// GetDiffURL returns the DiffURL field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetDiffURL() string {
+	if p == nil || p.DiffURL == nil {
 		return ""
 	}
-	return *p.ContentType
+	return *p.DiffURL
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectV2Item) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
+// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetDraft() bool {
+	if p == nil || p.Draft == nil {
+		return false
 	}
-	return *p.CreatedAt
+	return *p.Draft
 }
 
-// GetCreator returns the Creator field.
-func (p *ProjectV2Item) GetCreator() *User {
+// GetHead returns the Head field.
+func (p *PullRequest) GetHead() *PullRequestBranch {
 	if p == nil {
 		return nil
 	}
-	return p.Creator
+	return p.Head
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
+		return ""
+	}
+	return *p.HTMLURL
 }
 
 // GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *ProjectV2Item) GetID() int64 {
+func (p *PullRequest) GetID() int64 {
 	if p == nil || p.ID == nil {
 		return 0
 	}
 	return *p.ID
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *ProjectV2Item) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
+// GetIssueURL returns the IssueURL field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetIssueURL() string {
+	if p == nil || p.IssueURL == nil {
 		return ""
 	}
-	return *p.NodeID
+	return *p.IssueURL
 }
 
-// GetProjectNodeID returns the ProjectNodeID field if it's non-nil, zero value otherwise.
-func (p *ProjectV2Item) GetProjectNodeID() string {
-	if p == nil || p.ProjectNodeID == nil {
-		return ""
+// GetLinks returns the Links field.
+func (p *PullRequest) GetLinks() *PRLinks {
+	if p == nil {
+		return nil
 	}
-	return *p.ProjectNodeID
+	return p.Links
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *ProjectV2Item) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetLocked returns the Locked field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetLocked() bool {
+	if p == nil || p.Locked == nil {
+		return false
 	}
-	return *p.UpdatedAt
+	return *p.Locked
 }
 
-// GetArchivedAt returns the ArchivedAt field.
-func (p *ProjectV2ItemChange) GetArchivedAt() *ArchivedAt {
-	if p == nil {
-		return nil
+// GetMaintainerCanModify returns the MaintainerCanModify field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetMaintainerCanModify() bool {
+	if p == nil || p.MaintainerCanModify == nil {
+		return false
 	}
-	return p.ArchivedAt
+	return *p.MaintainerCanModify
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *ProjectV2ItemEvent) GetAction() string {
-	if p == nil || p.Action == nil {
-		return ""
+// GetMergeable returns the Mergeable field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetMergeable() bool {
+	if p == nil || p.Mergeable == nil {
+		return false
 	}
-	return *p.Action
+	return *p.Mergeable
 }
 
-// GetChanges returns the Changes field.
-func (p *ProjectV2ItemEvent) GetChanges() *ProjectV2ItemChange {
-	if p == nil {
-		return nil
+// GetMergeableState returns the MergeableState field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetMergeableState() string {
+	if p == nil || p.MergeableState == nil {
+		return ""
 	}
-	return p.Changes
+	return *p.MergeableState
 }
 
-// GetInstallation returns the Installation field.
-func (p *ProjectV2ItemEvent) GetInstallation() *Installation {
-	if p == nil {
-		return nil
+// GetMergeCommitSHA returns the MergeCommitSHA field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetMergeCommitSHA() string {
+	if p == nil || p.MergeCommitSHA == nil {
+		return ""
 	}
-	return p.Installation
+	return *p.MergeCommitSHA
 }
 
-// GetOrg returns the Org field.
-func (p *ProjectV2ItemEvent) GetOrg() *Organization {
-	if p == nil {
-		return nil
+// GetMerged returns the Merged field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetMerged() bool {
+	if p == nil || p.Merged == nil {
+		return false
 	}
-	return p.Org
+	return *p.Merged
 }
 
-// GetProjectV2Item returns the ProjectV2Item field.
-func (p *ProjectV2ItemEvent) GetProjectV2Item() *ProjectV2Item {
-	if p == nil {
-		return nil
+// GetMergedAt returns the MergedAt field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetMergedAt() Timestamp {
+	if p == nil || p.MergedAt == nil {
+		return Timestamp{}
 	}
-	return p.ProjectV2Item
+	return *p.MergedAt
 }
 
-// GetSender returns the Sender field.
-func (p *ProjectV2ItemEvent) GetSender() *User {
+// GetMergedBy returns the MergedBy field.
+func (p *PullRequest) GetMergedBy() *User {
 	if p == nil {
 		return nil
 	}
-	return p.Sender
+	return p.MergedBy
 }
 
-// GetAllowDeletions returns the AllowDeletions field.
-func (p *Protection) GetAllowDeletions() *AllowDeletions {
+// GetMilestone returns the Milestone field.
+func (p *PullRequest) GetMilestone() *Milestone {
 	if p == nil {
 		return nil
 	}
-	return p.AllowDeletions
+	return p.Milestone
 }
 
-// GetAllowForcePushes returns the AllowForcePushes field.
-func (p *Protection) GetAllowForcePushes() *AllowForcePushes {
-	if p == nil {
-		return nil
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetNodeID() string {
+	if p == nil || p.NodeID == nil {
+		return ""
 	}
-	return p.AllowForcePushes
+	return *p.NodeID
 }
 
-// GetAllowForkSyncing returns the AllowForkSyncing field.
-func (p *Protection) GetAllowForkSyncing() *AllowForkSyncing {
-	if p == nil {
-		return nil
+// GetNumber returns the Number field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetNumber() int {
+	if p == nil || p.Number == nil {
+		return 0
 	}
-	return p.AllowForkSyncing
+	return *p.Number
 }
 
-// GetBlockCreations returns the BlockCreations field.
-func (p *Protection) GetBlockCreations() *BlockCreations {
-	if p == nil {
-		return nil
+// GetPatchURL returns the PatchURL field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetPatchURL() string {
+	if p == nil || p.PatchURL == nil {
+		return ""
 	}
-	return p.BlockCreations
+	return *p.PatchURL
 }
 
-// GetEnforceAdmins returns the EnforceAdmins field.
-func (p *Protection) GetEnforceAdmins() *AdminEnforcement {
-	if p == nil {
-		return nil
+// GetRebaseable returns the Rebaseable field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetRebaseable() bool {
+	if p == nil || p.Rebaseable == nil {
+		return false
 	}
-	return p.EnforceAdmins
+	return *p.Rebaseable
 }
 
-// GetLockBranch returns the LockBranch field.
-func (p *Protection) GetLockBranch() *LockBranch {
-	if p == nil {
-		return nil
+// GetReviewComments returns the ReviewComments field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetReviewComments() int {
+	if p == nil || p.ReviewComments == nil {
+		return 0
 	}
-	return p.LockBranch
+	return *p.ReviewComments
 }
 
-// GetRequiredConversationResolution returns the RequiredConversationResolution field.
-func (p *Protection) GetRequiredConversationResolution() *RequiredConversationResolution {
-	if p == nil {
-		return nil
+// GetReviewCommentsURL returns the ReviewCommentsURL field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetReviewCommentsURL() string {
+	if p == nil || p.ReviewCommentsURL == nil {
+		return ""
 	}
-	return p.RequiredConversationResolution
+	return *p.ReviewCommentsURL
 }
 
-// GetRequiredPullRequestReviews returns the RequiredPullRequestReviews field.
-func (p *Protection) GetRequiredPullRequestReviews() *PullRequestReviewsEnforcement {
-	if p == nil {
-		return nil
+// GetReviewCommentURL returns the ReviewCommentURL field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetReviewCommentURL() string {
+	if p == nil || p.ReviewCommentURL == nil {
+		return ""
 	}
-	return p.RequiredPullRequestReviews
+	return *p.ReviewCommentURL
 }
 
-// GetRequiredSignatures returns the RequiredSignatures field.
-func (p *Protection) GetRequiredSignatures() *SignaturesProtectedBranch {
-	if p == nil {
-		return nil
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetState() string {
+	if p == nil || p.State == nil {
+		return ""
 	}
-	return p.RequiredSignatures
+	return *p.State
 }
 
-// GetRequiredStatusChecks returns the RequiredStatusChecks field.
-func (p *Protection) GetRequiredStatusChecks() *RequiredStatusChecks {
-	if p == nil {
-		return nil
+// GetStatusesURL returns the StatusesURL field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetStatusesURL() string {
+	if p == nil || p.StatusesURL == nil {
+		return ""
 	}
-	return p.RequiredStatusChecks
+	return *p.StatusesURL
 }
 
-// GetRequireLinearHistory returns the RequireLinearHistory field.
-func (p *Protection) GetRequireLinearHistory() *RequireLinearHistory {
-	if p == nil {
-		return nil
+// GetTitle returns the Title field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetTitle() string {
+	if p == nil || p.Title == nil {
+		return ""
 	}
-	return p.RequireLinearHistory
+	return *p.Title
 }
 
-// GetRestrictions returns the Restrictions field.
-func (p *Protection) GetRestrictions() *BranchRestrictions {
-	if p == nil {
-		return nil
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (p *PullRequest) GetUpdatedAt() Timestamp {
+	if p == nil || p.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return p.Restrictions
+	return *p.UpdatedAt
 }
 
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *Protection) GetURL() string {
+func (p *PullRequest) GetURL() string {
 	if p == nil || p.URL == nil {
 		return ""
 	}
 	return *p.URL
 }
 
-// GetAdminEnforced returns the AdminEnforced field.
-func (p *ProtectionChanges) GetAdminEnforced() *AdminEnforcedChanges {
+// GetUser returns the User field.
+func (p *PullRequest) GetUser() *User {
 	if p == nil {
 		return nil
 	}
-	return p.AdminEnforced
+	return p.User
 }
 
-// GetAllowDeletionsEnforcementLevel returns the AllowDeletionsEnforcementLevel field.
-func (p *ProtectionChanges) GetAllowDeletionsEnforcementLevel() *AllowDeletionsEnforcementLevelChanges {
-	if p == nil {
-		return nil
+// GetCommitMessage returns the CommitMessage field if it's non-nil, zero value otherwise.
+func (p *PullRequestAutoMerge) GetCommitMessage() string {
+	if p == nil || p.CommitMessage == nil {
+		return ""
 	}
-	return p.AllowDeletionsEnforcementLevel
+	return *p.CommitMessage
 }
 
-// GetAuthorizedActorNames returns the AuthorizedActorNames field.
-func (p *ProtectionChanges) GetAuthorizedActorNames() *AuthorizedActorNames {
-	if p == nil {
-		return nil
+// GetCommitTitle returns the CommitTitle field if it's non-nil, zero value otherwise.
+func (p *PullRequestAutoMerge) GetCommitTitle() string {
+	if p == nil || p.CommitTitle == nil {
+		return ""
 	}
-	return p.AuthorizedActorNames
+	return *p.CommitTitle
 }
 
-// GetAuthorizedActorsOnly returns the AuthorizedActorsOnly field.
-func (p *ProtectionChanges) GetAuthorizedActorsOnly() *AuthorizedActorsOnly {
+// GetEnabledBy returns the EnabledBy field.
+func (p *PullRequestAutoMerge) GetEnabledBy() *User {
 	if p == nil {
 		return nil
 	}
-	return p.AuthorizedActorsOnly
+	return p.EnabledBy
 }
 
-// GetAuthorizedDismissalActorsOnly returns the AuthorizedDismissalActorsOnly field.
-func (p *ProtectionChanges) GetAuthorizedDismissalActorsOnly() *AuthorizedDismissalActorsOnlyChanges {
-	if p == nil {
-		return nil
+// GetMergeMethod returns the MergeMethod field if it's non-nil, zero value otherwise.
+func (p *PullRequestAutoMerge) GetMergeMethod() string {
+	if p == nil || p.MergeMethod == nil {
+		return ""
 	}
-	return p.AuthorizedDismissalActorsOnly
+	return *p.MergeMethod
 }
 
-// GetCreateProtected returns the CreateProtected field.
-func (p *ProtectionChanges) GetCreateProtected() *CreateProtectedChanges {
-	if p == nil {
-		return nil
+// GetLabel returns the Label field if it's non-nil, zero value otherwise.
+func (p *PullRequestBranch) GetLabel() string {
+	if p == nil || p.Label == nil {
+		return ""
 	}
-	return p.CreateProtected
+	return *p.Label
 }
 
-// GetDismissStaleReviewsOnPush returns the DismissStaleReviewsOnPush field.
-func (p *ProtectionChanges) GetDismissStaleReviewsOnPush() *DismissStaleReviewsOnPushChanges {
-	if p == nil {
-		return nil
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (p *PullRequestBranch) GetRef() string {
+	if p == nil || p.Ref == nil {
+		return ""
 	}
-	return p.DismissStaleReviewsOnPush
+	return *p.Ref
 }
 
-// GetLinearHistoryRequirementEnforcementLevel returns the LinearHistoryRequirementEnforcementLevel field.
-func (p *ProtectionChanges) GetLinearHistoryRequirementEnforcementLevel() *LinearHistoryRequirementEnforcementLevelChanges {
+// GetRepo returns the Repo field.
+func (p *PullRequestBranch) GetRepo() *Repository {
 	if p == nil {
 		return nil
 	}
-	return p.LinearHistoryRequirementEnforcementLevel
+	return p.Repo
 }
 
-// GetPullRequestReviewsEnforcementLevel returns the PullRequestReviewsEnforcementLevel field.
-func (p *ProtectionChanges) GetPullRequestReviewsEnforcementLevel() *PullRequestReviewsEnforcementLevelChanges {
-	if p == nil {
-		return nil
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (p *PullRequestBranch) GetSHA() string {
+	if p == nil || p.SHA == nil {
+		return ""
 	}
-	return p.PullRequestReviewsEnforcementLevel
+	return *p.SHA
 }
 
-// GetRequireCodeOwnerReview returns the RequireCodeOwnerReview field.
-func (p *ProtectionChanges) GetRequireCodeOwnerReview() *RequireCodeOwnerReviewChanges {
+// GetUser returns the User field.
+func (p *PullRequestBranch) GetUser() *User {
 	if p == nil {
 		return nil
 	}
-	return p.RequireCodeOwnerReview
+	return p.User
 }
 
-// GetRequiredConversationResolutionLevel returns the RequiredConversationResolutionLevel field.
-func (p *ProtectionChanges) GetRequiredConversationResolutionLevel() *RequiredConversationResolutionLevelChanges {
-	if p == nil {
-		return nil
+// GetExpectedHeadSHA returns the ExpectedHeadSHA field if it's non-nil, zero value otherwise.
+func (p *PullRequestBranchUpdateOptions) GetExpectedHeadSHA() string {
+	if p == nil || p.ExpectedHeadSHA == nil {
+		return ""
 	}
-	return p.RequiredConversationResolutionLevel
+	return *p.ExpectedHeadSHA
 }
 
-// GetRequiredDeploymentsEnforcementLevel returns the RequiredDeploymentsEnforcementLevel field.
-func (p *ProtectionChanges) GetRequiredDeploymentsEnforcementLevel() *RequiredDeploymentsEnforcementLevelChanges {
-	if p == nil {
-		return nil
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (p *PullRequestBranchUpdateResponse) GetMessage() string {
+	if p == nil || p.Message == nil {
+		return ""
 	}
-	return p.RequiredDeploymentsEnforcementLevel
+	return *p.Message
 }
 
-// GetRequiredStatusChecks returns the RequiredStatusChecks field.
-func (p *ProtectionChanges) GetRequiredStatusChecks() *RequiredStatusChecksChanges {
-	if p == nil {
-		return nil
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (p *PullRequestBranchUpdateResponse) GetURL() string {
+	if p == nil || p.URL == nil {
+		return ""
 	}
-	return p.RequiredStatusChecks
+	return *p.URL
 }
 
-// GetRequiredStatusChecksEnforcementLevel returns the RequiredStatusChecksEnforcementLevel field.
-func (p *ProtectionChanges) GetRequiredStatusChecksEnforcementLevel() *RequiredStatusChecksEnforcementLevelChanges {
-	if p == nil {
-		return nil
+// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetAuthorAssociation() string {
+	if p == nil || p.AuthorAssociation == nil {
+		return ""
 	}
-	return p.RequiredStatusChecksEnforcementLevel
+	return *p.AuthorAssociation
 }
 
-// GetSignatureRequirementEnforcementLevel returns the SignatureRequirementEnforcementLevel field.
-func (p *ProtectionChanges) GetSignatureRequirementEnforcementLevel() *SignatureRequirementEnforcementLevelChanges {
-	if p == nil {
-		return nil
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetBody() string {
+	if p == nil || p.Body == nil {
+		return ""
 	}
-	return p.SignatureRequirementEnforcementLevel
+	return *p.Body
 }
 
-// GetAllowDeletions returns the AllowDeletions field if it's non-nil, zero value otherwise.
-func (p *ProtectionRequest) GetAllowDeletions() bool {
-	if p == nil || p.AllowDeletions == nil {
-		return false
+// GetCommitID returns the CommitID field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetCommitID() string {
+	if p == nil || p.CommitID == nil {
+		return ""
 	}
-	return *p.AllowDeletions
+	return *p.CommitID
 }
 
-// GetAllowForcePushes returns the AllowForcePushes field if it's non-nil, zero value otherwise.
-func (p *ProtectionRequest) GetAllowForcePushes() bool {
-	if p == nil || p.AllowForcePushes == nil {
-		return false
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetCreatedAt() Timestamp {
+	if p == nil || p.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *p.AllowForcePushes
+	return *p.CreatedAt
 }
 
-// GetAllowForkSyncing returns the AllowForkSyncing field if it's non-nil, zero value otherwise.
-func (p *ProtectionRequest) GetAllowForkSyncing() bool {
-	if p == nil || p.AllowForkSyncing == nil {
-		return false
+// GetDiffHunk returns the DiffHunk field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetDiffHunk() string {
+	if p == nil || p.DiffHunk == nil {
+		return ""
 	}
-	return *p.AllowForkSyncing
+	return *p.DiffHunk
 }
 
-// GetBlockCreations returns the BlockCreations field if it's non-nil, zero value otherwise.
-func (p *ProtectionRequest) GetBlockCreations() bool {
-	if p == nil || p.BlockCreations == nil {
-		return false
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
+		return ""
 	}
-	return *p.BlockCreations
+	return *p.HTMLURL
 }
 
-// GetLockBranch returns the LockBranch field if it's non-nil, zero value otherwise.
-func (p *ProtectionRequest) GetLockBranch() bool {
-	if p == nil || p.LockBranch == nil {
-		return false
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
 	}
-	return *p.LockBranch
+	return *p.ID
 }
 
-// GetRequiredConversationResolution returns the RequiredConversationResolution field if it's non-nil, zero value otherwise.
-func (p *ProtectionRequest) GetRequiredConversationResolution() bool {
-	if p == nil || p.RequiredConversationResolution == nil {
-		return false
+// GetInReplyTo returns the InReplyTo field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetInReplyTo() int64 {
+	if p == nil || p.InReplyTo == nil {
+		return 0
 	}
-	return *p.RequiredConversationResolution
+	return *p.InReplyTo
 }
 
-// GetRequiredPullRequestReviews returns the RequiredPullRequestReviews field.
-func (p *ProtectionRequest) GetRequiredPullRequestReviews() *PullRequestReviewsEnforcementRequest {
-	if p == nil {
-		return nil
+// GetLine returns the Line field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetLine() int {
+	if p == nil || p.Line == nil {
+		return 0
 	}
-	return p.RequiredPullRequestReviews
+	return *p.Line
 }
 
-// GetRequiredStatusChecks returns the RequiredStatusChecks field.
-func (p *ProtectionRequest) GetRequiredStatusChecks() *RequiredStatusChecks {
-	if p == nil {
-		return nil
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetNodeID() string {
+	if p == nil || p.NodeID == nil {
+		return ""
 	}
-	return p.RequiredStatusChecks
+	return *p.NodeID
 }
 
-// GetRequireLinearHistory returns the RequireLinearHistory field if it's non-nil, zero value otherwise.
-func (p *ProtectionRequest) GetRequireLinearHistory() bool {
-	if p == nil || p.RequireLinearHistory == nil {
-		return false
+// GetOriginalCommitID returns the OriginalCommitID field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetOriginalCommitID() string {
+	if p == nil || p.OriginalCommitID == nil {
+		return ""
 	}
-	return *p.RequireLinearHistory
+	return *p.OriginalCommitID
 }
 
-// GetRestrictions returns the Restrictions field.
-func (p *ProtectionRequest) GetRestrictions() *BranchRestrictionsRequest {
-	if p == nil {
-		return nil
+// GetOriginalLine returns the OriginalLine field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetOriginalLine() int {
+	if p == nil || p.OriginalLine == nil {
+		return 0
 	}
-	return p.Restrictions
+	return *p.OriginalLine
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *ProtectionRule) GetID() int64 {
-	if p == nil || p.ID == nil {
+// GetOriginalPosition returns the OriginalPosition field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetOriginalPosition() int {
+	if p == nil || p.OriginalPosition == nil {
 		return 0
 	}
-	return *p.ID
+	return *p.OriginalPosition
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *ProtectionRule) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
-		return ""
+// GetOriginalStartLine returns the OriginalStartLine field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetOriginalStartLine() int {
+	if p == nil || p.OriginalStartLine == nil {
+		return 0
 	}
-	return *p.NodeID
+	return *p.OriginalStartLine
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (p *ProtectionRule) GetType() string {
-	if p == nil || p.Type == nil {
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetPath() string {
+	if p == nil || p.Path == nil {
 		return ""
 	}
-	return *p.Type
+	return *p.Path
 }
 
-// GetWaitTimer returns the WaitTimer field if it's non-nil, zero value otherwise.
-func (p *ProtectionRule) GetWaitTimer() int {
-	if p == nil || p.WaitTimer == nil {
+// GetPosition returns the Position field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetPosition() int {
+	if p == nil || p.Position == nil {
 		return 0
 	}
-	return *p.WaitTimer
+	return *p.Position
 }
 
-// GetInstallation returns the Installation field.
-func (p *PublicEvent) GetInstallation() *Installation {
-	if p == nil {
-		return nil
+// GetPullRequestReviewID returns the PullRequestReviewID field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetPullRequestReviewID() int64 {
+	if p == nil || p.PullRequestReviewID == nil {
+		return 0
 	}
-	return p.Installation
+	return *p.PullRequestReviewID
 }
 
-// GetRepo returns the Repo field.
-func (p *PublicEvent) GetRepo() *Repository {
-	if p == nil {
-		return nil
+// GetPullRequestURL returns the PullRequestURL field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetPullRequestURL() string {
+	if p == nil || p.PullRequestURL == nil {
+		return ""
 	}
-	return p.Repo
+	return *p.PullRequestURL
 }
 
-// GetSender returns the Sender field.
-func (p *PublicEvent) GetSender() *User {
+// GetReactions returns the Reactions field.
+func (p *PullRequestComment) GetReactions() *Reactions {
 	if p == nil {
 		return nil
 	}
-	return p.Sender
+	return p.Reactions
 }
 
-// GetKey returns the Key field if it's non-nil, zero value otherwise.
-func (p *PublicKey) GetKey() string {
-	if p == nil || p.Key == nil {
+// GetSide returns the Side field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetSide() string {
+	if p == nil || p.Side == nil {
 		return ""
 	}
-	return *p.Key
+	return *p.Side
 }
 
-// GetKeyID returns the KeyID field if it's non-nil, zero value otherwise.
-func (p *PublicKey) GetKeyID() string {
-	if p == nil || p.KeyID == nil {
-		return ""
+// GetStartLine returns the StartLine field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetStartLine() int {
+	if p == nil || p.StartLine == nil {
+		return 0
 	}
-	return *p.KeyID
+	return *p.StartLine
 }
 
-// GetActiveLockReason returns the ActiveLockReason field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetActiveLockReason() string {
-	if p == nil || p.ActiveLockReason == nil {
+// GetStartSide returns the StartSide field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetStartSide() string {
+	if p == nil || p.StartSide == nil {
 		return ""
 	}
-	return *p.ActiveLockReason
+	return *p.StartSide
 }
 
-// GetAdditions returns the Additions field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetAdditions() int {
-	if p == nil || p.Additions == nil {
-		return 0
+// GetSubjectType returns the SubjectType field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetSubjectType() string {
+	if p == nil || p.SubjectType == nil {
+		return ""
 	}
-	return *p.Additions
+	return *p.SubjectType
 }
 
-// GetAssignee returns the Assignee field.
-func (p *PullRequest) GetAssignee() *User {
-	if p == nil {
-		return nil
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetUpdatedAt() Timestamp {
+	if p == nil || p.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return p.Assignee
+	return *p.UpdatedAt
 }
 
-// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetAuthorAssociation() string {
-	if p == nil || p.AuthorAssociation == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (p *PullRequestComment) GetURL() string {
+	if p == nil || p.URL == nil {
 		return ""
 	}
-	return *p.AuthorAssociation
-}
-
-// GetAutoMerge returns the AutoMerge field.
-func (p *PullRequest) GetAutoMerge() *PullRequestAutoMerge {
-	if p == nil {
-		return nil
-	}
-	return p.AutoMerge
+	return *p.URL
 }
 
-// GetBase returns the Base field.
-func (p *PullRequest) GetBase() *PullRequestBranch {
+// GetUser returns the User field.
+func (p *PullRequestComment) GetUser() *User {
 	if p == nil {
 		return nil
 	}
-	return p.Base
+	return p.User
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetBody() string {
-	if p == nil || p.Body == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (p *PullRequestEvent) GetAction() string {
+	if p == nil || p.Action == nil {
 		return ""
 	}
-	return *p.Body
-}
-
-// GetChangedFiles returns the ChangedFiles field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetChangedFiles() int {
-	if p == nil || p.ChangedFiles == nil {
-		return 0
-	}
-	return *p.ChangedFiles
+	return *p.Action
 }
 
-// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetClosedAt() Timestamp {
-	if p == nil || p.ClosedAt == nil {
-		return Timestamp{}
+// GetAfter returns the After field if it's non-nil, zero value otherwise.
+func (p *PullRequestEvent) GetAfter() string {
+	if p == nil || p.After == nil {
+		return ""
 	}
-	return *p.ClosedAt
+	return *p.After
 }
 
-// GetComments returns the Comments field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetComments() int {
-	if p == nil || p.Comments == nil {
-		return 0
+// GetAssignee returns the Assignee field.
+func (p *PullRequestEvent) GetAssignee() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.Comments
+	return p.Assignee
 }
 
-// GetCommentsURL returns the CommentsURL field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetCommentsURL() string {
-	if p == nil || p.CommentsURL == nil {
+// GetBefore returns the Before field if it's non-nil, zero value otherwise.
+func (p *PullRequestEvent) GetBefore() string {
+	if p == nil || p.Before == nil {
 		return ""
 	}
-	return *p.CommentsURL
+	return *p.Before
 }
 
-// GetCommits returns the Commits field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetCommits() int {
-	if p == nil || p.Commits == nil {
-		return 0
+// GetChanges returns the Changes field.
+func (p *PullRequestEvent) GetChanges() *EditChange {
+	if p == nil {
+		return nil
 	}
-	return *p.Commits
+	return p.Changes
 }
 
-// GetCommitsURL returns the CommitsURL field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetCommitsURL() string {
-	if p == nil || p.CommitsURL == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (p *PullRequestEvent) GetInstallation() *Installation {
+	if p == nil {
+		return nil
 	}
-	return *p.CommitsURL
+	return p.Installation
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
+// GetLabel returns the Label field.
+func (p *PullRequestEvent) GetLabel() *Label {
+	if p == nil {
+		return nil
 	}
-	return *p.CreatedAt
+	return p.Label
 }
 
-// GetDeletions returns the Deletions field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetDeletions() int {
-	if p == nil || p.Deletions == nil {
+// GetNumber returns the Number field if it's non-nil, zero value otherwise.
+func (p *PullRequestEvent) GetNumber() int {
+	if p == nil || p.Number == nil {
 		return 0
 	}
-	return *p.Deletions
+	return *p.Number
 }
 
-// GetDiffURL returns the DiffURL field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetDiffURL() string {
-	if p == nil || p.DiffURL == nil {
-		return ""
+// GetOrganization returns the Organization field.
+func (p *PullRequestEvent) GetOrganization() *Organization {
+	if p == nil {
+		return nil
 	}
-	return *p.DiffURL
+	return p.Organization
 }
 
-// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetDraft() bool {
-	if p == nil || p.Draft == nil {
-		return false
+// GetPerformedViaGithubApp returns the PerformedViaGithubApp field.
+func (p *PullRequestEvent) GetPerformedViaGithubApp() *App {
+	if p == nil {
+		return nil
 	}
-	return *p.Draft
+	return p.PerformedViaGithubApp
 }
 
-// GetHead returns the Head field.
-func (p *PullRequest) GetHead() *PullRequestBranch {
+// GetPullRequest returns the PullRequest field.
+func (p *PullRequestEvent) GetPullRequest() *PullRequest {
 	if p == nil {
 		return nil
 	}
-	return p.Head
+	return p.PullRequest
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetHTMLURL() string {
-	if p == nil || p.HTMLURL == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (p *PullRequestEvent) GetRepo() *Repository {
+	if p == nil {
+		return nil
 	}
-	return *p.HTMLURL
+	return p.Repo
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetRequestedReviewer returns the RequestedReviewer field.
+func (p *PullRequestEvent) GetRequestedReviewer() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.ID
+	return p.RequestedReviewer
 }
 
-// GetIssueURL returns the IssueURL field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetIssueURL() string {
-	if p == nil || p.IssueURL == nil {
-		return ""
+// GetRequestedTeam returns the RequestedTeam field.
+func (p *PullRequestEvent) GetRequestedTeam() *Team {
+	if p == nil {
+		return nil
 	}
-	return *p.IssueURL
+	return p.RequestedTeam
 }
 
-// GetLinks returns the Links field.
-func (p *PullRequest) GetLinks() *PRLinks {
+// GetSender returns the Sender field.
+func (p *PullRequestEvent) GetSender() *User {
 	if p == nil {
 		return nil
 	}
-	return p.Links
+	return p.Sender
 }
 
-// GetLocked returns the Locked field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetLocked() bool {
-	if p == nil || p.Locked == nil {
-		return false
+// GetDiffURL returns the DiffURL field if it's non-nil, zero value otherwise.
+func (p *PullRequestLinks) GetDiffURL() string {
+	if p == nil || p.DiffURL == nil {
+		return ""
 	}
-	return *p.Locked
+	return *p.DiffURL
 }
 
-// GetMaintainerCanModify returns the MaintainerCanModify field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetMaintainerCanModify() bool {
-	if p == nil || p.MaintainerCanModify == nil {
-		return false
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *PullRequestLinks) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
+		return ""
 	}
-	return *p.MaintainerCanModify
+	return *p.HTMLURL
 }
 
-// GetMergeable returns the Mergeable field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetMergeable() bool {
-	if p == nil || p.Mergeable == nil {
-		return false
+// GetMergedAt returns the MergedAt field if it's non-nil, zero value otherwise.
+func (p *PullRequestLinks) GetMergedAt() Timestamp {
+	if p == nil || p.MergedAt == nil {
+		return Timestamp{}
 	}
-	return *p.Mergeable
+	return *p.MergedAt
 }
 
-// GetMergeableState returns the MergeableState field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetMergeableState() string {
-	if p == nil || p.MergeableState == nil {
+// GetPatchURL returns the PatchURL field if it's non-nil, zero value otherwise.
+func (p *PullRequestLinks) GetPatchURL() string {
+	if p == nil || p.PatchURL == nil {
 		return ""
 	}
-	return *p.MergeableState
+	return *p.PatchURL
 }
 
-// GetMergeCommitSHA returns the MergeCommitSHA field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetMergeCommitSHA() string {
-	if p == nil || p.MergeCommitSHA == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (p *PullRequestLinks) GetURL() string {
+	if p == nil || p.URL == nil {
 		return ""
 	}
-	return *p.MergeCommitSHA
+	return *p.URL
 }
 
 // GetMerged returns the Merged field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetMerged() bool {
+func (p *PullRequestMergeResult) GetMerged() bool {
 	if p == nil || p.Merged == nil {
 		return false
 	}
 	return *p.Merged
 }
 
-// GetMergedAt returns the MergedAt field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetMergedAt() Timestamp {
-	if p == nil || p.MergedAt == nil {
-		return Timestamp{}
-	}
-	return *p.MergedAt
-}
-
-// GetMergedBy returns the MergedBy field.
-func (p *PullRequest) GetMergedBy() *User {
-	if p == nil {
-		return nil
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (p *PullRequestMergeResult) GetMessage() string {
+	if p == nil || p.Message == nil {
+		return ""
 	}
-	return p.MergedBy
+	return *p.Message
 }
 
-// GetMilestone returns the Milestone field.
-func (p *PullRequest) GetMilestone() *Milestone {
-	if p == nil {
-		return nil
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (p *PullRequestMergeResult) GetSHA() string {
+	if p == nil || p.SHA == nil {
+		return ""
 	}
-	return p.Milestone
+	return *p.SHA
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
+// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
+func (p *PullRequestReview) GetAuthorAssociation() string {
+	if p == nil || p.AuthorAssociation == nil {
 		return ""
 	}
-	return *p.NodeID
+	return *p.AuthorAssociation
 }
 
-// GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetNumber() int {
-	if p == nil || p.Number == nil {
-		return 0
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (p *PullRequestReview) GetBody() string {
+	if p == nil || p.Body == nil {
+		return ""
 	}
-	return *p.Number
+	return *p.Body
 }
 
-// GetPatchURL returns the PatchURL field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetPatchURL() string {
-	if p == nil || p.PatchURL == nil {
+// GetCommitID returns the CommitID field if it's non-nil, zero value otherwise.
+func (p *PullRequestReview) GetCommitID() string {
+	if p == nil || p.CommitID == nil {
 		return ""
 	}
-	return *p.PatchURL
+	return *p.CommitID
 }
 
-// GetRebaseable returns the Rebaseable field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetRebaseable() bool {
-	if p == nil || p.Rebaseable == nil {
-		return false
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *PullRequestReview) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
+		return ""
 	}
-	return *p.Rebaseable
+	return *p.HTMLURL
 }
 
-// GetReviewComments returns the ReviewComments field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetReviewComments() int {
-	if p == nil || p.ReviewComments == nil {
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PullRequestReview) GetID() int64 {
+	if p == nil || p.ID == nil {
 		return 0
 	}
-	return *p.ReviewComments
+	return *p.ID
 }
 
-// GetReviewCommentsURL returns the ReviewCommentsURL field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetReviewCommentsURL() string {
-	if p == nil || p.ReviewCommentsURL == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (p *PullRequestReview) GetNodeID() string {
+	if p == nil || p.NodeID == nil {
 		return ""
 	}
-	return *p.ReviewCommentsURL
+	return *p.NodeID
 }
 
-// GetReviewCommentURL returns the ReviewCommentURL field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetReviewCommentURL() string {
-	if p == nil || p.ReviewCommentURL == nil {
+// GetPullRequestURL returns the PullRequestURL field if it's non-nil, zero value otherwise.
+func (p *PullRequestReview) GetPullRequestURL() string {
+	if p == nil || p.PullRequestURL == nil {
 		return ""
 	}
-	return *p.ReviewCommentURL
+	return *p.PullRequestURL
 }
 
 // GetState returns the State field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetState() string {
+func (p *PullRequestReview) GetState() string {
 	if p == nil || p.State == nil {
 		return ""
 	}
 	return *p.State
 }
 
-// GetStatusesURL returns the StatusesURL field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetStatusesURL() string {
-	if p == nil || p.StatusesURL == nil {
-		return ""
+// GetSubmittedAt returns the SubmittedAt field if it's non-nil, zero value otherwise.
+func (p *PullRequestReview) GetSubmittedAt() Timestamp {
+	if p == nil || p.SubmittedAt == nil {
+		return Timestamp{}
 	}
-	return *p.StatusesURL
+	return *p.SubmittedAt
 }
 
-// GetTitle returns the Title field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetTitle() string {
-	if p == nil || p.Title == nil {
+// GetUser returns the User field.
+func (p *PullRequestReview) GetUser() *User {
+	if p == nil {
+		return nil
+	}
+	return p.User
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewCommentEvent) GetAction() string {
+	if p == nil || p.Action == nil {
 		return ""
 	}
-	return *p.Title
+	return *p.Action
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetChanges returns the Changes field.
+func (p *PullRequestReviewCommentEvent) GetChanges() *EditChange {
+	if p == nil {
+		return nil
 	}
-	return *p.UpdatedAt
+	return p.Changes
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *PullRequest) GetURL() string {
-	if p == nil || p.URL == nil {
-		return ""
+// GetComment returns the Comment field.
+func (p *PullRequestReviewCommentEvent) GetComment() *PullRequestComment {
+	if p == nil {
+		return nil
 	}
-	return *p.URL
+	return p.Comment
 }
 
-// GetUser returns the User field.
-func (p *PullRequest) GetUser() *User {
+// GetInstallation returns the Installation field.
+func (p *PullRequestReviewCommentEvent) GetInstallation() *Installation {
 	if p == nil {
 		return nil
 	}
-	return p.User
+	return p.Installation
 }
 
-// GetCommitMessage returns the CommitMessage field if it's non-nil, zero value otherwise.
-func (p *PullRequestAutoMerge) GetCommitMessage() string {
-	if p == nil || p.CommitMessage == nil {
-		return ""
+// GetOrg returns the Org field.
+func (p *PullRequestReviewCommentEvent) GetOrg() *Organization {
+	if p == nil {
+		return nil
 	}
-	return *p.CommitMessage
+	return p.Org
 }
 
-// GetCommitTitle returns the CommitTitle field if it's non-nil, zero value otherwise.
-func (p *PullRequestAutoMerge) GetCommitTitle() string {
-	if p == nil || p.CommitTitle == nil {
-		return ""
+// GetPullRequest returns the PullRequest field.
+func (p *PullRequestReviewCommentEvent) GetPullRequest() *PullRequest {
+	if p == nil {
+		return nil
 	}
-	return *p.CommitTitle
+	return p.PullRequest
 }
 
-// GetEnabledBy returns the EnabledBy field.
-func (p *PullRequestAutoMerge) GetEnabledBy() *User {
+// GetRepo returns the Repo field.
+func (p *PullRequestReviewCommentEvent) GetRepo() *Repository {
 	if p == nil {
 		return nil
 	}
-	return p.EnabledBy
+	return p.Repo
 }
 
-// GetMergeMethod returns the MergeMethod field if it's non-nil, zero value otherwise.
-func (p *PullRequestAutoMerge) GetMergeMethod() string {
-	if p == nil || p.MergeMethod == nil {
-		return ""
+// GetSender returns the Sender field.
+func (p *PullRequestReviewCommentEvent) GetSender() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.MergeMethod
+	return p.Sender
 }
 
-// GetLabel returns the Label field if it's non-nil, zero value otherwise.
-func (p *PullRequestBranch) GetLabel() string {
-	if p == nil || p.Label == nil {
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewDismissalRequest) GetMessage() string {
+	if p == nil || p.Message == nil {
 		return ""
 	}
-	return *p.Label
+	return *p.Message
 }
 
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (p *PullRequestBranch) GetRef() string {
-	if p == nil || p.Ref == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewEvent) GetAction() string {
+	if p == nil || p.Action == nil {
 		return ""
 	}
-	return *p.Ref
+	return *p.Action
 }
 
-// GetRepo returns the Repo field.
-func (p *PullRequestBranch) GetRepo() *Repository {
+// GetInstallation returns the Installation field.
+func (p *PullRequestReviewEvent) GetInstallation() *Installation {
 	if p == nil {
 		return nil
 	}
-	return p.Repo
-}
-
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (p *PullRequestBranch) GetSHA() string {
-	if p == nil || p.SHA == nil {
-		return ""
-	}
-	return *p.SHA
+	return p.Installation
 }
 
-// GetUser returns the User field.
-func (p *PullRequestBranch) GetUser() *User {
+// GetOrganization returns the Organization field.
+func (p *PullRequestReviewEvent) GetOrganization() *Organization {
 	if p == nil {
 		return nil
 	}
-	return p.User
+	return p.Organization
 }
 
-// GetExpectedHeadSHA returns the ExpectedHeadSHA field if it's non-nil, zero value otherwise.
-func (p *PullRequestBranchUpdateOptions) GetExpectedHeadSHA() string {
-	if p == nil || p.ExpectedHeadSHA == nil {
-		return ""
+// GetPullRequest returns the PullRequest field.
+func (p *PullRequestReviewEvent) GetPullRequest() *PullRequest {
+	if p == nil {
+		return nil
 	}
-	return *p.ExpectedHeadSHA
+	return p.PullRequest
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (p *PullRequestBranchUpdateResponse) GetMessage() string {
-	if p == nil || p.Message == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (p *PullRequestReviewEvent) GetRepo() *Repository {
+	if p == nil {
+		return nil
 	}
-	return *p.Message
+	return p.Repo
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *PullRequestBranchUpdateResponse) GetURL() string {
-	if p == nil || p.URL == nil {
-		return ""
+// GetReview returns the Review field.
+func (p *PullRequestReviewEvent) GetReview() *PullRequestReview {
+	if p == nil {
+		return nil
 	}
-	return *p.URL
+	return p.Review
 }
 
-// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetAuthorAssociation() string {
-	if p == nil || p.AuthorAssociation == nil {
-		return ""
+// GetSender returns the Sender field.
+func (p *PullRequestReviewEvent) GetSender() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.AuthorAssociation
+	return p.Sender
 }
 
 // GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetBody() string {
+func (p *PullRequestReviewRequest) GetBody() string {
 	if p == nil || p.Body == nil {
 		return ""
 	}
@@ -15727,199 +19767,183 @@ func (p *PullRequestComment) GetBody() string {
 }
 
 // GetCommitID returns the CommitID field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetCommitID() string {
+func (p *PullRequestReviewRequest) GetCommitID() string {
 	if p == nil || p.CommitID == nil {
 		return ""
 	}
 	return *p.CommitID
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
-		return Timestamp{}
-	}
-	return *p.CreatedAt
-}
-
-// GetDiffHunk returns the DiffHunk field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetDiffHunk() string {
-	if p == nil || p.DiffHunk == nil {
+// GetEvent returns the Event field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewRequest) GetEvent() string {
+	if p == nil || p.Event == nil {
 		return ""
 	}
-	return *p.DiffHunk
+	return *p.Event
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetHTMLURL() string {
-	if p == nil || p.HTMLURL == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewRequest) GetNodeID() string {
+	if p == nil || p.NodeID == nil {
 		return ""
 	}
-	return *p.HTMLURL
+	return *p.NodeID
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetBypassPullRequestAllowances returns the BypassPullRequestAllowances field.
+func (p *PullRequestReviewsEnforcement) GetBypassPullRequestAllowances() *BypassPullRequestAllowances {
+	if p == nil {
+		return nil
 	}
-	return *p.ID
+	return p.BypassPullRequestAllowances
 }
 
-// GetInReplyTo returns the InReplyTo field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetInReplyTo() int64 {
-	if p == nil || p.InReplyTo == nil {
-		return 0
+// GetDismissalRestrictions returns the DismissalRestrictions field.
+func (p *PullRequestReviewsEnforcement) GetDismissalRestrictions() *DismissalRestrictions {
+	if p == nil {
+		return nil
 	}
-	return *p.InReplyTo
+	return p.DismissalRestrictions
 }
 
-// GetLine returns the Line field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetLine() int {
-	if p == nil || p.Line == nil {
-		return 0
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewsEnforcementLevelChanges) GetFrom() string {
+	if p == nil || p.From == nil {
+		return ""
 	}
-	return *p.Line
+	return *p.From
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
-		return ""
+// GetBypassPullRequestAllowancesRequest returns the BypassPullRequestAllowancesRequest field.
+func (p *PullRequestReviewsEnforcementRequest) GetBypassPullRequestAllowancesRequest() *BypassPullRequestAllowancesRequest {
+	if p == nil {
+		return nil
 	}
-	return *p.NodeID
+	return p.BypassPullRequestAllowancesRequest
 }
 
-// GetOriginalCommitID returns the OriginalCommitID field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetOriginalCommitID() string {
-	if p == nil || p.OriginalCommitID == nil {
-		return ""
+// GetDismissalRestrictionsRequest returns the DismissalRestrictionsRequest field.
+func (p *PullRequestReviewsEnforcementRequest) GetDismissalRestrictionsRequest() *DismissalRestrictionsRequest {
+	if p == nil {
+		return nil
 	}
-	return *p.OriginalCommitID
+	return p.DismissalRestrictionsRequest
 }
 
-// GetOriginalLine returns the OriginalLine field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetOriginalLine() int {
-	if p == nil || p.OriginalLine == nil {
-		return 0
+// GetRequireLastPushApproval returns the RequireLastPushApproval field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewsEnforcementRequest) GetRequireLastPushApproval() bool {
+	if p == nil || p.RequireLastPushApproval == nil {
+		return false
 	}
-	return *p.OriginalLine
+	return *p.RequireLastPushApproval
 }
 
-// GetOriginalPosition returns the OriginalPosition field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetOriginalPosition() int {
-	if p == nil || p.OriginalPosition == nil {
-		return 0
+// GetBypassPullRequestAllowancesRequest returns the BypassPullRequestAllowancesRequest field.
+func (p *PullRequestReviewsEnforcementUpdate) GetBypassPullRequestAllowancesRequest() *BypassPullRequestAllowancesRequest {
+	if p == nil {
+		return nil
 	}
-	return *p.OriginalPosition
+	return p.BypassPullRequestAllowancesRequest
 }
 
-// GetOriginalStartLine returns the OriginalStartLine field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetOriginalStartLine() int {
-	if p == nil || p.OriginalStartLine == nil {
-		return 0
+// GetDismissalRestrictionsRequest returns the DismissalRestrictionsRequest field.
+func (p *PullRequestReviewsEnforcementUpdate) GetDismissalRestrictionsRequest() *DismissalRestrictionsRequest {
+	if p == nil {
+		return nil
 	}
-	return *p.OriginalStartLine
+	return p.DismissalRestrictionsRequest
 }
 
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetPath() string {
-	if p == nil || p.Path == nil {
-		return ""
+// GetDismissStaleReviews returns the DismissStaleReviews field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewsEnforcementUpdate) GetDismissStaleReviews() bool {
+	if p == nil || p.DismissStaleReviews == nil {
+		return false
 	}
-	return *p.Path
+	return *p.DismissStaleReviews
 }
 
-// GetPosition returns the Position field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetPosition() int {
-	if p == nil || p.Position == nil {
-		return 0
+// GetRequireCodeOwnerReviews returns the RequireCodeOwnerReviews field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewsEnforcementUpdate) GetRequireCodeOwnerReviews() bool {
+	if p == nil || p.RequireCodeOwnerReviews == nil {
+		return false
 	}
-	return *p.Position
+	return *p.RequireCodeOwnerReviews
 }
 
-// GetPullRequestReviewID returns the PullRequestReviewID field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetPullRequestReviewID() int64 {
-	if p == nil || p.PullRequestReviewID == nil {
-		return 0
+// GetRequireLastPushApproval returns the RequireLastPushApproval field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewsEnforcementUpdate) GetRequireLastPushApproval() bool {
+	if p == nil || p.RequireLastPushApproval == nil {
+		return false
 	}
-	return *p.PullRequestReviewID
+	return *p.RequireLastPushApproval
 }
 
-// GetPullRequestURL returns the PullRequestURL field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetPullRequestURL() string {
-	if p == nil || p.PullRequestURL == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (p *PullRequestReviewThreadEvent) GetAction() string {
+	if p == nil || p.Action == nil {
 		return ""
 	}
-	return *p.PullRequestURL
+	return *p.Action
 }
 
-// GetReactions returns the Reactions field.
-func (p *PullRequestComment) GetReactions() *Reactions {
+// GetInstallation returns the Installation field.
+func (p *PullRequestReviewThreadEvent) GetInstallation() *Installation {
 	if p == nil {
 		return nil
 	}
-	return p.Reactions
-}
-
-// GetSide returns the Side field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetSide() string {
-	if p == nil || p.Side == nil {
-		return ""
-	}
-	return *p.Side
-}
-
-// GetStartLine returns the StartLine field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetStartLine() int {
-	if p == nil || p.StartLine == nil {
-		return 0
-	}
-	return *p.StartLine
+	return p.Installation
 }
 
-// GetStartSide returns the StartSide field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetStartSide() string {
-	if p == nil || p.StartSide == nil {
-		return ""
+// GetOrg returns the Org field.
+func (p *PullRequestReviewThreadEvent) GetOrg() *Organization {
+	if p == nil {
+		return nil
 	}
-	return *p.StartSide
+	return p.Org
 }
 
-// GetSubjectType returns the SubjectType field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetSubjectType() string {
-	if p == nil || p.SubjectType == nil {
-		return ""
+// GetPullRequest returns the PullRequest field.
+func (p *PullRequestReviewThreadEvent) GetPullRequest() *PullRequest {
+	if p == nil {
+		return nil
 	}
-	return *p.SubjectType
+	return p.PullRequest
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetRepo returns the Repo field.
+func (p *PullRequestReviewThreadEvent) GetRepo() *Repository {
+	if p == nil {
+		return nil
 	}
-	return *p.UpdatedAt
+	return p.Repo
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *PullRequestComment) GetURL() string {
-	if p == nil || p.URL == nil {
-		return ""
+// GetSender returns the Sender field.
+func (p *PullRequestReviewThreadEvent) GetSender() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.URL
+	return p.Sender
 }
 
-// GetUser returns the User field.
-func (p *PullRequestComment) GetUser() *User {
+// GetThread returns the Thread field.
+func (p *PullRequestReviewThreadEvent) GetThread() *PullRequestThread {
 	if p == nil {
 		return nil
 	}
-	return p.User
+	return p.Thread
+}
+
+// GetAutomaticCopilotCodeReviewEnabled returns the AutomaticCopilotCodeReviewEnabled field if it's non-nil, zero value otherwise.
+func (p *PullRequestRuleParameters) GetAutomaticCopilotCodeReviewEnabled() bool {
+	if p == nil || p.AutomaticCopilotCodeReviewEnabled == nil {
+		return false
+	}
+	return *p.AutomaticCopilotCodeReviewEnabled
 }
 
 // GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *PullRequestEvent) GetAction() string {
+func (p *PullRequestTargetEvent) GetAction() string {
 	if p == nil || p.Action == nil {
 		return ""
 	}
@@ -15927,7 +19951,7 @@ func (p *PullRequestEvent) GetAction() string {
 }
 
 // GetAfter returns the After field if it's non-nil, zero value otherwise.
-func (p *PullRequestEvent) GetAfter() string {
+func (p *PullRequestTargetEvent) GetAfter() string {
 	if p == nil || p.After == nil {
 		return ""
 	}
@@ -15935,7 +19959,7 @@ func (p *PullRequestEvent) GetAfter() string {
 }
 
 // GetAssignee returns the Assignee field.
-func (p *PullRequestEvent) GetAssignee() *User {
+func (p *PullRequestTargetEvent) GetAssignee() *User {
 	if p == nil {
 		return nil
 	}
@@ -15943,7 +19967,7 @@ func (p *PullRequestEvent) GetAssignee() *User {
 }
 
 // GetBefore returns the Before field if it's non-nil, zero value otherwise.
-func (p *PullRequestEvent) GetBefore() string {
+func (p *PullRequestTargetEvent) GetBefore() string {
 	if p == nil || p.Before == nil {
 		return ""
 	}
@@ -15951,7 +19975,7 @@ func (p *PullRequestEvent) GetBefore() string {
 }
 
 // GetChanges returns the Changes field.
-func (p *PullRequestEvent) GetChanges() *EditChange {
+func (p *PullRequestTargetEvent) GetChanges() *EditChange {
 	if p == nil {
 		return nil
 	}
@@ -15959,7 +19983,7 @@ func (p *PullRequestEvent) GetChanges() *EditChange {
 }
 
 // GetInstallation returns the Installation field.
-func (p *PullRequestEvent) GetInstallation() *Installation {
+func (p *PullRequestTargetEvent) GetInstallation() *Installation {
 	if p == nil {
 		return nil
 	}
@@ -15967,7 +19991,7 @@ func (p *PullRequestEvent) GetInstallation() *Installation {
 }
 
 // GetLabel returns the Label field.
-func (p *PullRequestEvent) GetLabel() *Label {
+func (p *PullRequestTargetEvent) GetLabel() *Label {
 	if p == nil {
 		return nil
 	}
@@ -15975,7 +19999,7 @@ func (p *PullRequestEvent) GetLabel() *Label {
 }
 
 // GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (p *PullRequestEvent) GetNumber() int {
+func (p *PullRequestTargetEvent) GetNumber() int {
 	if p == nil || p.Number == nil {
 		return 0
 	}
@@ -15983,15 +20007,23 @@ func (p *PullRequestEvent) GetNumber() int {
 }
 
 // GetOrganization returns the Organization field.
-func (p *PullRequestEvent) GetOrganization() *Organization {
+func (p *PullRequestTargetEvent) GetOrganization() *Organization {
 	if p == nil {
 		return nil
 	}
 	return p.Organization
 }
 
+// GetPerformedViaGithubApp returns the PerformedViaGithubApp field.
+func (p *PullRequestTargetEvent) GetPerformedViaGithubApp() *App {
+	if p == nil {
+		return nil
+	}
+	return p.PerformedViaGithubApp
+}
+
 // GetPullRequest returns the PullRequest field.
-func (p *PullRequestEvent) GetPullRequest() *PullRequest {
+func (p *PullRequestTargetEvent) GetPullRequest() *PullRequest {
 	if p == nil {
 		return nil
 	}
@@ -15999,7 +20031,7 @@ func (p *PullRequestEvent) GetPullRequest() *PullRequest {
 }
 
 // GetRepo returns the Repo field.
-func (p *PullRequestEvent) GetRepo() *Repository {
+func (p *PullRequestTargetEvent) GetRepo() *Repository {
 	if p == nil {
 		return nil
 	}
@@ -16007,7 +20039,7 @@ func (p *PullRequestEvent) GetRepo() *Repository {
 }
 
 // GetRequestedReviewer returns the RequestedReviewer field.
-func (p *PullRequestEvent) GetRequestedReviewer() *User {
+func (p *PullRequestTargetEvent) GetRequestedReviewer() *User {
 	if p == nil {
 		return nil
 	}
@@ -16015,7 +20047,7 @@ func (p *PullRequestEvent) GetRequestedReviewer() *User {
 }
 
 // GetRequestedTeam returns the RequestedTeam field.
-func (p *PullRequestEvent) GetRequestedTeam() *Team {
+func (p *PullRequestTargetEvent) GetRequestedTeam() *Team {
 	if p == nil {
 		return nil
 	}
@@ -16023,2071 +20055,2159 @@ func (p *PullRequestEvent) GetRequestedTeam() *Team {
 }
 
 // GetSender returns the Sender field.
-func (p *PullRequestEvent) GetSender() *User {
+func (p *PullRequestTargetEvent) GetSender() *User {
 	if p == nil {
 		return nil
 	}
 	return p.Sender
 }
 
-// GetDiffURL returns the DiffURL field if it's non-nil, zero value otherwise.
-func (p *PullRequestLinks) GetDiffURL() string {
-	if p == nil || p.DiffURL == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PullRequestThread) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
 	}
-	return *p.DiffURL
+	return *p.ID
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *PullRequestLinks) GetHTMLURL() string {
-	if p == nil || p.HTMLURL == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (p *PullRequestThread) GetNodeID() string {
+	if p == nil || p.NodeID == nil {
 		return ""
 	}
-	return *p.HTMLURL
+	return *p.NodeID
 }
 
-// GetPatchURL returns the PatchURL field if it's non-nil, zero value otherwise.
-func (p *PullRequestLinks) GetPatchURL() string {
-	if p == nil || p.PatchURL == nil {
-		return ""
+// GetMergeablePulls returns the MergeablePulls field if it's non-nil, zero value otherwise.
+func (p *PullStats) GetMergeablePulls() int {
+	if p == nil || p.MergeablePulls == nil {
+		return 0
 	}
-	return *p.PatchURL
+	return *p.MergeablePulls
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *PullRequestLinks) GetURL() string {
-	if p == nil || p.URL == nil {
+// GetMergedPulls returns the MergedPulls field if it's non-nil, zero value otherwise.
+func (p *PullStats) GetMergedPulls() int {
+	if p == nil || p.MergedPulls == nil {
+		return 0
+	}
+	return *p.MergedPulls
+}
+
+// GetTotalPulls returns the TotalPulls field if it's non-nil, zero value otherwise.
+func (p *PullStats) GetTotalPulls() int {
+	if p == nil || p.TotalPulls == nil {
+		return 0
+	}
+	return *p.TotalPulls
+}
+
+// GetUnmergeablePulls returns the UnmergeablePulls field if it's non-nil, zero value otherwise.
+func (p *PullStats) GetUnmergeablePulls() int {
+	if p == nil || p.UnmergeablePulls == nil {
+		return 0
+	}
+	return *p.UnmergeablePulls
+}
+
+// GetCommits returns the Commits field if it's non-nil, zero value otherwise.
+func (p *PunchCard) GetCommits() int {
+	if p == nil || p.Commits == nil {
+		return 0
+	}
+	return *p.Commits
+}
+
+// GetDay returns the Day field if it's non-nil, zero value otherwise.
+func (p *PunchCard) GetDay() int {
+	if p == nil || p.Day == nil {
+		return 0
+	}
+	return *p.Day
+}
+
+// GetHour returns the Hour field if it's non-nil, zero value otherwise.
+func (p *PunchCard) GetHour() int {
+	if p == nil || p.Hour == nil {
+		return 0
+	}
+	return *p.Hour
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetAction() string {
+	if p == nil || p.Action == nil {
 		return ""
 	}
-	return *p.URL
+	return *p.Action
 }
 
-// GetMerged returns the Merged field if it's non-nil, zero value otherwise.
-func (p *PullRequestMergeResult) GetMerged() bool {
-	if p == nil || p.Merged == nil {
-		return false
+// GetAfter returns the After field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetAfter() string {
+	if p == nil || p.After == nil {
+		return ""
 	}
-	return *p.Merged
+	return *p.After
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (p *PullRequestMergeResult) GetMessage() string {
-	if p == nil || p.Message == nil {
+// GetBaseRef returns the BaseRef field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetBaseRef() string {
+	if p == nil || p.BaseRef == nil {
 		return ""
 	}
-	return *p.Message
+	return *p.BaseRef
 }
 
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (p *PullRequestMergeResult) GetSHA() string {
-	if p == nil || p.SHA == nil {
+// GetBefore returns the Before field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetBefore() string {
+	if p == nil || p.Before == nil {
 		return ""
 	}
-	return *p.SHA
+	return *p.Before
 }
 
-// GetAuthorAssociation returns the AuthorAssociation field if it's non-nil, zero value otherwise.
-func (p *PullRequestReview) GetAuthorAssociation() string {
-	if p == nil || p.AuthorAssociation == nil {
+// GetCommits returns the Commits slice if it's non-nil, nil otherwise.
+func (p *PushEvent) GetCommits() []*HeadCommit {
+	if p == nil || p.Commits == nil {
+		return nil
+	}
+	return p.Commits
+}
+
+// GetCompare returns the Compare field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetCompare() string {
+	if p == nil || p.Compare == nil {
 		return ""
 	}
-	return *p.AuthorAssociation
+	return *p.Compare
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (p *PullRequestReview) GetBody() string {
-	if p == nil || p.Body == nil {
+// GetCreated returns the Created field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetCreated() bool {
+	if p == nil || p.Created == nil {
+		return false
+	}
+	return *p.Created
+}
+
+// GetDeleted returns the Deleted field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetDeleted() bool {
+	if p == nil || p.Deleted == nil {
+		return false
+	}
+	return *p.Deleted
+}
+
+// GetDistinctSize returns the DistinctSize field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetDistinctSize() int {
+	if p == nil || p.DistinctSize == nil {
+		return 0
+	}
+	return *p.DistinctSize
+}
+
+// GetForced returns the Forced field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetForced() bool {
+	if p == nil || p.Forced == nil {
+		return false
+	}
+	return *p.Forced
+}
+
+// GetHead returns the Head field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetHead() string {
+	if p == nil || p.Head == nil {
 		return ""
 	}
-	return *p.Body
+	return *p.Head
 }
 
-// GetCommitID returns the CommitID field if it's non-nil, zero value otherwise.
-func (p *PullRequestReview) GetCommitID() string {
-	if p == nil || p.CommitID == nil {
+// GetHeadCommit returns the HeadCommit field.
+func (p *PushEvent) GetHeadCommit() *HeadCommit {
+	if p == nil {
+		return nil
+	}
+	return p.HeadCommit
+}
+
+// GetInstallation returns the Installation field.
+func (p *PushEvent) GetInstallation() *Installation {
+	if p == nil {
+		return nil
+	}
+	return p.Installation
+}
+
+// GetOrganization returns the Organization field.
+func (p *PushEvent) GetOrganization() *Organization {
+	if p == nil {
+		return nil
+	}
+	return p.Organization
+}
+
+// GetPusher returns the Pusher field.
+func (p *PushEvent) GetPusher() *CommitAuthor {
+	if p == nil {
+		return nil
+	}
+	return p.Pusher
+}
+
+// GetPushID returns the PushID field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetPushID() int64 {
+	if p == nil || p.PushID == nil {
+		return 0
+	}
+	return *p.PushID
+}
+
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetRef() string {
+	if p == nil || p.Ref == nil {
 		return ""
 	}
-	return *p.CommitID
+	return *p.Ref
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *PullRequestReview) GetHTMLURL() string {
-	if p == nil || p.HTMLURL == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (p *PushEvent) GetRepo() *PushEventRepository {
+	if p == nil {
+		return nil
 	}
-	return *p.HTMLURL
+	return p.Repo
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PullRequestReview) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetSender returns the Sender field.
+func (p *PushEvent) GetSender() *User {
+	if p == nil {
+		return nil
 	}
-	return *p.ID
+	return p.Sender
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *PullRequestReview) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
-		return ""
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (p *PushEvent) GetSize() int {
+	if p == nil || p.Size == nil {
+		return 0
 	}
-	return *p.NodeID
+	return *p.Size
 }
 
-// GetPullRequestURL returns the PullRequestURL field if it's non-nil, zero value otherwise.
-func (p *PullRequestReview) GetPullRequestURL() string {
-	if p == nil || p.PullRequestURL == nil {
+// GetEmail returns the Email field if it's non-nil, zero value otherwise.
+func (p *PushEventRepoOwner) GetEmail() string {
+	if p == nil || p.Email == nil {
 		return ""
 	}
-	return *p.PullRequestURL
+	return *p.Email
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (p *PullRequestReview) GetState() string {
-	if p == nil || p.State == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PushEventRepoOwner) GetName() string {
+	if p == nil || p.Name == nil {
 		return ""
 	}
-	return *p.State
+	return *p.Name
 }
 
-// GetSubmittedAt returns the SubmittedAt field if it's non-nil, zero value otherwise.
-func (p *PullRequestReview) GetSubmittedAt() Timestamp {
-	if p == nil || p.SubmittedAt == nil {
-		return Timestamp{}
+// GetArchived returns the Archived field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetArchived() bool {
+	if p == nil || p.Archived == nil {
+		return false
 	}
-	return *p.SubmittedAt
+	return *p.Archived
 }
 
-// GetUser returns the User field.
-func (p *PullRequestReview) GetUser() *User {
-	if p == nil {
-		return nil
+// GetArchiveURL returns the ArchiveURL field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetArchiveURL() string {
+	if p == nil || p.ArchiveURL == nil {
+		return ""
 	}
-	return p.User
+	return *p.ArchiveURL
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewCommentEvent) GetAction() string {
-	if p == nil || p.Action == nil {
+// GetCloneURL returns the CloneURL field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetCloneURL() string {
+	if p == nil || p.CloneURL == nil {
 		return ""
 	}
-	return *p.Action
+	return *p.CloneURL
 }
 
-// GetChanges returns the Changes field.
-func (p *PullRequestReviewCommentEvent) GetChanges() *EditChange {
-	if p == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetCreatedAt() Timestamp {
+	if p == nil || p.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return p.Changes
+	return *p.CreatedAt
 }
 
-// GetComment returns the Comment field.
-func (p *PullRequestReviewCommentEvent) GetComment() *PullRequestComment {
-	if p == nil {
-		return nil
+// GetDefaultBranch returns the DefaultBranch field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetDefaultBranch() string {
+	if p == nil || p.DefaultBranch == nil {
+		return ""
 	}
-	return p.Comment
+	return *p.DefaultBranch
 }
 
-// GetInstallation returns the Installation field.
-func (p *PullRequestReviewCommentEvent) GetInstallation() *Installation {
-	if p == nil {
-		return nil
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetDescription() string {
+	if p == nil || p.Description == nil {
+		return ""
 	}
-	return p.Installation
+	return *p.Description
 }
 
-// GetPullRequest returns the PullRequest field.
-func (p *PullRequestReviewCommentEvent) GetPullRequest() *PullRequest {
-	if p == nil {
-		return nil
+// GetDisabled returns the Disabled field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetDisabled() bool {
+	if p == nil || p.Disabled == nil {
+		return false
 	}
-	return p.PullRequest
+	return *p.Disabled
 }
 
-// GetRepo returns the Repo field.
-func (p *PullRequestReviewCommentEvent) GetRepo() *Repository {
-	if p == nil {
-		return nil
+// GetFork returns the Fork field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetFork() bool {
+	if p == nil || p.Fork == nil {
+		return false
 	}
-	return p.Repo
+	return *p.Fork
 }
 
-// GetSender returns the Sender field.
-func (p *PullRequestReviewCommentEvent) GetSender() *User {
-	if p == nil {
-		return nil
+// GetForksCount returns the ForksCount field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetForksCount() int {
+	if p == nil || p.ForksCount == nil {
+		return 0
 	}
-	return p.Sender
+	return *p.ForksCount
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewDismissalRequest) GetMessage() string {
-	if p == nil || p.Message == nil {
+// GetFullName returns the FullName field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetFullName() string {
+	if p == nil || p.FullName == nil {
 		return ""
 	}
-	return *p.Message
+	return *p.FullName
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewEvent) GetAction() string {
-	if p == nil || p.Action == nil {
+// GetGitURL returns the GitURL field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetGitURL() string {
+	if p == nil || p.GitURL == nil {
 		return ""
 	}
-	return *p.Action
+	return *p.GitURL
 }
 
-// GetInstallation returns the Installation field.
-func (p *PullRequestReviewEvent) GetInstallation() *Installation {
-	if p == nil {
-		return nil
+// GetHasDownloads returns the HasDownloads field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetHasDownloads() bool {
+	if p == nil || p.HasDownloads == nil {
+		return false
 	}
-	return p.Installation
+	return *p.HasDownloads
 }
 
-// GetOrganization returns the Organization field.
-func (p *PullRequestReviewEvent) GetOrganization() *Organization {
-	if p == nil {
-		return nil
+// GetHasIssues returns the HasIssues field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetHasIssues() bool {
+	if p == nil || p.HasIssues == nil {
+		return false
 	}
-	return p.Organization
+	return *p.HasIssues
 }
 
-// GetPullRequest returns the PullRequest field.
-func (p *PullRequestReviewEvent) GetPullRequest() *PullRequest {
-	if p == nil {
-		return nil
+// GetHasPages returns the HasPages field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetHasPages() bool {
+	if p == nil || p.HasPages == nil {
+		return false
 	}
-	return p.PullRequest
+	return *p.HasPages
 }
 
-// GetRepo returns the Repo field.
-func (p *PullRequestReviewEvent) GetRepo() *Repository {
-	if p == nil {
-		return nil
+// GetHasWiki returns the HasWiki field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetHasWiki() bool {
+	if p == nil || p.HasWiki == nil {
+		return false
 	}
-	return p.Repo
+	return *p.HasWiki
 }
 
-// GetReview returns the Review field.
-func (p *PullRequestReviewEvent) GetReview() *PullRequestReview {
-	if p == nil {
-		return nil
+// GetHomepage returns the Homepage field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetHomepage() string {
+	if p == nil || p.Homepage == nil {
+		return ""
 	}
-	return p.Review
+	return *p.Homepage
 }
 
-// GetSender returns the Sender field.
-func (p *PullRequestReviewEvent) GetSender() *User {
-	if p == nil {
-		return nil
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetHTMLURL() string {
+	if p == nil || p.HTMLURL == nil {
+		return ""
 	}
-	return p.Sender
+	return *p.HTMLURL
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewRequest) GetBody() string {
-	if p == nil || p.Body == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetID() int64 {
+	if p == nil || p.ID == nil {
+		return 0
 	}
-	return *p.Body
+	return *p.ID
 }
 
-// GetCommitID returns the CommitID field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewRequest) GetCommitID() string {
-	if p == nil || p.CommitID == nil {
+// GetLanguage returns the Language field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetLanguage() string {
+	if p == nil || p.Language == nil {
 		return ""
 	}
-	return *p.CommitID
+	return *p.Language
 }
 
-// GetEvent returns the Event field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewRequest) GetEvent() string {
-	if p == nil || p.Event == nil {
+// GetMasterBranch returns the MasterBranch field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetMasterBranch() string {
+	if p == nil || p.MasterBranch == nil {
 		return ""
 	}
-	return *p.Event
+	return *p.MasterBranch
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewRequest) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetName() string {
+	if p == nil || p.Name == nil {
 		return ""
 	}
-	return *p.NodeID
+	return *p.Name
 }
 
-// GetBypassPullRequestAllowances returns the BypassPullRequestAllowances field.
-func (p *PullRequestReviewsEnforcement) GetBypassPullRequestAllowances() *BypassPullRequestAllowances {
-	if p == nil {
-		return nil
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetNodeID() string {
+	if p == nil || p.NodeID == nil {
+		return ""
 	}
-	return p.BypassPullRequestAllowances
+	return *p.NodeID
 }
 
-// GetDismissalRestrictions returns the DismissalRestrictions field.
-func (p *PullRequestReviewsEnforcement) GetDismissalRestrictions() *DismissalRestrictions {
-	if p == nil {
-		return nil
+// GetOpenIssuesCount returns the OpenIssuesCount field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetOpenIssuesCount() int {
+	if p == nil || p.OpenIssuesCount == nil {
+		return 0
 	}
-	return p.DismissalRestrictions
+	return *p.OpenIssuesCount
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewsEnforcementLevelChanges) GetFrom() string {
-	if p == nil || p.From == nil {
+// GetOrganization returns the Organization field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetOrganization() string {
+	if p == nil || p.Organization == nil {
 		return ""
 	}
-	return *p.From
+	return *p.Organization
 }
 
-// GetBypassPullRequestAllowancesRequest returns the BypassPullRequestAllowancesRequest field.
-func (p *PullRequestReviewsEnforcementRequest) GetBypassPullRequestAllowancesRequest() *BypassPullRequestAllowancesRequest {
+// GetOwner returns the Owner field.
+func (p *PushEventRepository) GetOwner() *User {
 	if p == nil {
 		return nil
 	}
-	return p.BypassPullRequestAllowancesRequest
+	return p.Owner
 }
 
-// GetDismissalRestrictionsRequest returns the DismissalRestrictionsRequest field.
-func (p *PullRequestReviewsEnforcementRequest) GetDismissalRestrictionsRequest() *DismissalRestrictionsRequest {
-	if p == nil {
-		return nil
+// GetPrivate returns the Private field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetPrivate() bool {
+	if p == nil || p.Private == nil {
+		return false
 	}
-	return p.DismissalRestrictionsRequest
+	return *p.Private
 }
 
-// GetRequireLastPushApproval returns the RequireLastPushApproval field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewsEnforcementRequest) GetRequireLastPushApproval() bool {
-	if p == nil || p.RequireLastPushApproval == nil {
-		return false
+// GetPullsURL returns the PullsURL field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetPullsURL() string {
+	if p == nil || p.PullsURL == nil {
+		return ""
 	}
-	return *p.RequireLastPushApproval
+	return *p.PullsURL
 }
 
-// GetBypassPullRequestAllowancesRequest returns the BypassPullRequestAllowancesRequest field.
-func (p *PullRequestReviewsEnforcementUpdate) GetBypassPullRequestAllowancesRequest() *BypassPullRequestAllowancesRequest {
-	if p == nil {
-		return nil
+// GetPushedAt returns the PushedAt field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetPushedAt() Timestamp {
+	if p == nil || p.PushedAt == nil {
+		return Timestamp{}
 	}
-	return p.BypassPullRequestAllowancesRequest
+	return *p.PushedAt
 }
 
-// GetDismissalRestrictionsRequest returns the DismissalRestrictionsRequest field.
-func (p *PullRequestReviewsEnforcementUpdate) GetDismissalRestrictionsRequest() *DismissalRestrictionsRequest {
-	if p == nil {
-		return nil
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetSize() int {
+	if p == nil || p.Size == nil {
+		return 0
 	}
-	return p.DismissalRestrictionsRequest
+	return *p.Size
 }
 
-// GetDismissStaleReviews returns the DismissStaleReviews field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewsEnforcementUpdate) GetDismissStaleReviews() bool {
-	if p == nil || p.DismissStaleReviews == nil {
-		return false
+// GetSSHURL returns the SSHURL field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetSSHURL() string {
+	if p == nil || p.SSHURL == nil {
+		return ""
 	}
-	return *p.DismissStaleReviews
+	return *p.SSHURL
 }
 
-// GetRequireCodeOwnerReviews returns the RequireCodeOwnerReviews field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewsEnforcementUpdate) GetRequireCodeOwnerReviews() bool {
-	if p == nil || p.RequireCodeOwnerReviews == nil {
-		return false
+// GetStargazersCount returns the StargazersCount field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetStargazersCount() int {
+	if p == nil || p.StargazersCount == nil {
+		return 0
 	}
-	return *p.RequireCodeOwnerReviews
+	return *p.StargazersCount
 }
 
-// GetRequireLastPushApproval returns the RequireLastPushApproval field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewsEnforcementUpdate) GetRequireLastPushApproval() bool {
-	if p == nil || p.RequireLastPushApproval == nil {
-		return false
+// GetStatusesURL returns the StatusesURL field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetStatusesURL() string {
+	if p == nil || p.StatusesURL == nil {
+		return ""
 	}
-	return *p.RequireLastPushApproval
+	return *p.StatusesURL
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *PullRequestReviewThreadEvent) GetAction() string {
-	if p == nil || p.Action == nil {
+// GetSVNURL returns the SVNURL field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetSVNURL() string {
+	if p == nil || p.SVNURL == nil {
 		return ""
 	}
-	return *p.Action
+	return *p.SVNURL
 }
 
-// GetInstallation returns the Installation field.
-func (p *PullRequestReviewThreadEvent) GetInstallation() *Installation {
-	if p == nil {
-		return nil
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetUpdatedAt() Timestamp {
+	if p == nil || p.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return p.Installation
+	return *p.UpdatedAt
 }
 
-// GetPullRequest returns the PullRequest field.
-func (p *PullRequestReviewThreadEvent) GetPullRequest() *PullRequest {
-	if p == nil {
-		return nil
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetURL() string {
+	if p == nil || p.URL == nil {
+		return ""
 	}
-	return p.PullRequest
+	return *p.URL
 }
 
-// GetRepo returns the Repo field.
-func (p *PullRequestReviewThreadEvent) GetRepo() *Repository {
-	if p == nil {
-		return nil
+// GetWatchersCount returns the WatchersCount field if it's non-nil, zero value otherwise.
+func (p *PushEventRepository) GetWatchersCount() int {
+	if p == nil || p.WatchersCount == nil {
+		return 0
 	}
-	return p.Repo
+	return *p.WatchersCount
 }
 
-// GetSender returns the Sender field.
-func (p *PullRequestReviewThreadEvent) GetSender() *User {
-	if p == nil {
+// GetActionsRunnerRegistration returns the ActionsRunnerRegistration field.
+func (r *RateLimits) GetActionsRunnerRegistration() *Rate {
+	if r == nil {
 		return nil
 	}
-	return p.Sender
+	return r.ActionsRunnerRegistration
 }
 
-// GetThread returns the Thread field.
-func (p *PullRequestReviewThreadEvent) GetThread() *PullRequestThread {
-	if p == nil {
+// GetAuditLog returns the AuditLog field.
+func (r *RateLimits) GetAuditLog() *Rate {
+	if r == nil {
 		return nil
 	}
-	return p.Thread
+	return r.AuditLog
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *PullRequestTargetEvent) GetAction() string {
-	if p == nil || p.Action == nil {
-		return ""
+// GetCodeScanningUpload returns the CodeScanningUpload field.
+func (r *RateLimits) GetCodeScanningUpload() *Rate {
+	if r == nil {
+		return nil
 	}
-	return *p.Action
+	return r.CodeScanningUpload
 }
 
-// GetAfter returns the After field if it's non-nil, zero value otherwise.
-func (p *PullRequestTargetEvent) GetAfter() string {
-	if p == nil || p.After == nil {
-		return ""
+// GetCodeSearch returns the CodeSearch field.
+func (r *RateLimits) GetCodeSearch() *Rate {
+	if r == nil {
+		return nil
 	}
-	return *p.After
+	return r.CodeSearch
 }
 
-// GetAssignee returns the Assignee field.
-func (p *PullRequestTargetEvent) GetAssignee() *User {
-	if p == nil {
+// GetCore returns the Core field.
+func (r *RateLimits) GetCore() *Rate {
+	if r == nil {
 		return nil
 	}
-	return p.Assignee
+	return r.Core
 }
 
-// GetBefore returns the Before field if it's non-nil, zero value otherwise.
-func (p *PullRequestTargetEvent) GetBefore() string {
-	if p == nil || p.Before == nil {
-		return ""
+// GetDependencySnapshots returns the DependencySnapshots field.
+func (r *RateLimits) GetDependencySnapshots() *Rate {
+	if r == nil {
+		return nil
 	}
-	return *p.Before
+	return r.DependencySnapshots
 }
 
-// GetChanges returns the Changes field.
-func (p *PullRequestTargetEvent) GetChanges() *EditChange {
-	if p == nil {
+// GetGraphQL returns the GraphQL field.
+func (r *RateLimits) GetGraphQL() *Rate {
+	if r == nil {
 		return nil
 	}
-	return p.Changes
+	return r.GraphQL
 }
 
-// GetInstallation returns the Installation field.
-func (p *PullRequestTargetEvent) GetInstallation() *Installation {
-	if p == nil {
+// GetIntegrationManifest returns the IntegrationManifest field.
+func (r *RateLimits) GetIntegrationManifest() *Rate {
+	if r == nil {
 		return nil
 	}
-	return p.Installation
+	return r.IntegrationManifest
 }
 
-// GetLabel returns the Label field.
-func (p *PullRequestTargetEvent) GetLabel() *Label {
-	if p == nil {
+// GetSCIM returns the SCIM field.
+func (r *RateLimits) GetSCIM() *Rate {
+	if r == nil {
 		return nil
 	}
-	return p.Label
+	return r.SCIM
 }
 
-// GetNumber returns the Number field if it's non-nil, zero value otherwise.
-func (p *PullRequestTargetEvent) GetNumber() int {
-	if p == nil || p.Number == nil {
-		return 0
+// GetSearch returns the Search field.
+func (r *RateLimits) GetSearch() *Rate {
+	if r == nil {
+		return nil
 	}
-	return *p.Number
+	return r.Search
 }
 
-// GetOrganization returns the Organization field.
-func (p *PullRequestTargetEvent) GetOrganization() *Organization {
-	if p == nil {
+// GetSourceImport returns the SourceImport field.
+func (r *RateLimits) GetSourceImport() *Rate {
+	if r == nil {
 		return nil
 	}
-	return p.Organization
+	return r.SourceImport
 }
 
-// GetPullRequest returns the PullRequest field.
-func (p *PullRequestTargetEvent) GetPullRequest() *PullRequest {
-	if p == nil {
-		return nil
+// GetContent returns the Content field if it's non-nil, zero value otherwise.
+func (r *Reaction) GetContent() string {
+	if r == nil || r.Content == nil {
+		return ""
 	}
-	return p.PullRequest
+	return *r.Content
 }
 
-// GetRepo returns the Repo field.
-func (p *PullRequestTargetEvent) GetRepo() *Repository {
-	if p == nil {
-		return nil
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (r *Reaction) GetCreatedAt() Timestamp {
+	if r == nil || r.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return p.Repo
+	return *r.CreatedAt
 }
 
-// GetRequestedReviewer returns the RequestedReviewer field.
-func (p *PullRequestTargetEvent) GetRequestedReviewer() *User {
-	if p == nil {
-		return nil
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (r *Reaction) GetID() int64 {
+	if r == nil || r.ID == nil {
+		return 0
 	}
-	return p.RequestedReviewer
+	return *r.ID
 }
-
-// GetRequestedTeam returns the RequestedTeam field.
-func (p *PullRequestTargetEvent) GetRequestedTeam() *Team {
-	if p == nil {
-		return nil
+
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (r *Reaction) GetNodeID() string {
+	if r == nil || r.NodeID == nil {
+		return ""
 	}
-	return p.RequestedTeam
+	return *r.NodeID
 }
 
-// GetSender returns the Sender field.
-func (p *PullRequestTargetEvent) GetSender() *User {
-	if p == nil {
+// GetUser returns the User field.
+func (r *Reaction) GetUser() *User {
+	if r == nil {
 		return nil
 	}
-	return p.Sender
+	return r.User
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PullRequestThread) GetID() int64 {
-	if p == nil || p.ID == nil {
+// GetConfused returns the Confused field if it's non-nil, zero value otherwise.
+func (r *Reactions) GetConfused() int {
+	if r == nil || r.Confused == nil {
 		return 0
 	}
-	return *p.ID
+	return *r.Confused
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *PullRequestThread) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
-		return ""
+// GetEyes returns the Eyes field if it's non-nil, zero value otherwise.
+func (r *Reactions) GetEyes() int {
+	if r == nil || r.Eyes == nil {
+		return 0
 	}
-	return *p.NodeID
+	return *r.Eyes
 }
 
-// GetMergablePulls returns the MergablePulls field if it's non-nil, zero value otherwise.
-func (p *PullStats) GetMergablePulls() int {
-	if p == nil || p.MergablePulls == nil {
+// GetHeart returns the Heart field if it's non-nil, zero value otherwise.
+func (r *Reactions) GetHeart() int {
+	if r == nil || r.Heart == nil {
 		return 0
 	}
-	return *p.MergablePulls
+	return *r.Heart
 }
 
-// GetMergedPulls returns the MergedPulls field if it's non-nil, zero value otherwise.
-func (p *PullStats) GetMergedPulls() int {
-	if p == nil || p.MergedPulls == nil {
+// GetHooray returns the Hooray field if it's non-nil, zero value otherwise.
+func (r *Reactions) GetHooray() int {
+	if r == nil || r.Hooray == nil {
 		return 0
 	}
-	return *p.MergedPulls
+	return *r.Hooray
 }
 
-// GetTotalPulls returns the TotalPulls field if it's non-nil, zero value otherwise.
-func (p *PullStats) GetTotalPulls() int {
-	if p == nil || p.TotalPulls == nil {
+// GetLaugh returns the Laugh field if it's non-nil, zero value otherwise.
+func (r *Reactions) GetLaugh() int {
+	if r == nil || r.Laugh == nil {
 		return 0
 	}
-	return *p.TotalPulls
+	return *r.Laugh
 }
 
-// GetUnmergablePulls returns the UnmergablePulls field if it's non-nil, zero value otherwise.
-func (p *PullStats) GetUnmergablePulls() int {
-	if p == nil || p.UnmergablePulls == nil {
+// GetMinusOne returns the MinusOne field if it's non-nil, zero value otherwise.
+func (r *Reactions) GetMinusOne() int {
+	if r == nil || r.MinusOne == nil {
 		return 0
 	}
-	return *p.UnmergablePulls
+	return *r.MinusOne
 }
 
-// GetCommits returns the Commits field if it's non-nil, zero value otherwise.
-func (p *PunchCard) GetCommits() int {
-	if p == nil || p.Commits == nil {
+// GetPlusOne returns the PlusOne field if it's non-nil, zero value otherwise.
+func (r *Reactions) GetPlusOne() int {
+	if r == nil || r.PlusOne == nil {
 		return 0
 	}
-	return *p.Commits
+	return *r.PlusOne
 }
 
-// GetDay returns the Day field if it's non-nil, zero value otherwise.
-func (p *PunchCard) GetDay() int {
-	if p == nil || p.Day == nil {
+// GetRocket returns the Rocket field if it's non-nil, zero value otherwise.
+func (r *Reactions) GetRocket() int {
+	if r == nil || r.Rocket == nil {
 		return 0
 	}
-	return *p.Day
+	return *r.Rocket
 }
 
-// GetHour returns the Hour field if it's non-nil, zero value otherwise.
-func (p *PunchCard) GetHour() int {
-	if p == nil || p.Hour == nil {
+// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
+func (r *Reactions) GetTotalCount() int {
+	if r == nil || r.TotalCount == nil {
 		return 0
 	}
-	return *p.Hour
+	return *r.TotalCount
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetAction() string {
-	if p == nil || p.Action == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (r *Reactions) GetURL() string {
+	if r == nil || r.URL == nil {
 		return ""
 	}
-	return *p.Action
+	return *r.URL
 }
 
-// GetAfter returns the After field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetAfter() string {
-	if p == nil || p.After == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (r *Reference) GetNodeID() string {
+	if r == nil || r.NodeID == nil {
 		return ""
 	}
-	return *p.After
+	return *r.NodeID
 }
 
-// GetBaseRef returns the BaseRef field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetBaseRef() string {
-	if p == nil || p.BaseRef == nil {
-		return ""
+// GetObject returns the Object field.
+func (r *Reference) GetObject() *GitObject {
+	if r == nil {
+		return nil
 	}
-	return *p.BaseRef
+	return r.Object
 }
 
-// GetBefore returns the Before field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetBefore() string {
-	if p == nil || p.Before == nil {
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (r *Reference) GetRef() string {
+	if r == nil || r.Ref == nil {
 		return ""
 	}
-	return *p.Before
+	return *r.Ref
 }
 
-// GetCommits returns the Commits slice if it's non-nil, nil otherwise.
-func (p *PushEvent) GetCommits() []*HeadCommit {
-	if p == nil || p.Commits == nil {
-		return nil
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (r *Reference) GetURL() string {
+	if r == nil || r.URL == nil {
+		return ""
 	}
-	return p.Commits
+	return *r.URL
 }
 
-// GetCompare returns the Compare field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetCompare() string {
-	if p == nil || p.Compare == nil {
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (r *ReferencedWorkflow) GetPath() string {
+	if r == nil || r.Path == nil {
 		return ""
 	}
-	return *p.Compare
+	return *r.Path
 }
 
-// GetCreated returns the Created field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetCreated() bool {
-	if p == nil || p.Created == nil {
-		return false
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (r *ReferencedWorkflow) GetRef() string {
+	if r == nil || r.Ref == nil {
+		return ""
 	}
-	return *p.Created
+	return *r.Ref
 }
 
-// GetDeleted returns the Deleted field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetDeleted() bool {
-	if p == nil || p.Deleted == nil {
-		return false
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (r *ReferencedWorkflow) GetSHA() string {
+	if r == nil || r.SHA == nil {
+		return ""
 	}
-	return *p.Deleted
+	return *r.SHA
 }
 
-// GetDistinctSize returns the DistinctSize field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetDistinctSize() int {
-	if p == nil || p.DistinctSize == nil {
-		return 0
+// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
+func (r *RegistrationToken) GetExpiresAt() Timestamp {
+	if r == nil || r.ExpiresAt == nil {
+		return Timestamp{}
 	}
-	return *p.DistinctSize
+	return *r.ExpiresAt
 }
 
-// GetForced returns the Forced field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetForced() bool {
-	if p == nil || p.Forced == nil {
-		return false
+// GetToken returns the Token field if it's non-nil, zero value otherwise.
+func (r *RegistrationToken) GetToken() string {
+	if r == nil || r.Token == nil {
+		return ""
 	}
-	return *p.Forced
+	return *r.Token
 }
 
-// GetHead returns the Head field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetHead() string {
-	if p == nil || p.Head == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (r *RegistryPackageEvent) GetAction() string {
+	if r == nil || r.Action == nil {
 		return ""
 	}
-	return *p.Head
+	return *r.Action
 }
 
-// GetHeadCommit returns the HeadCommit field.
-func (p *PushEvent) GetHeadCommit() *HeadCommit {
-	if p == nil {
+// GetEnterprise returns the Enterprise field.
+func (r *RegistryPackageEvent) GetEnterprise() *Enterprise {
+	if r == nil {
 		return nil
 	}
-	return p.HeadCommit
+	return r.Enterprise
 }
 
 // GetInstallation returns the Installation field.
-func (p *PushEvent) GetInstallation() *Installation {
-	if p == nil {
+func (r *RegistryPackageEvent) GetInstallation() *Installation {
+	if r == nil {
 		return nil
 	}
-	return p.Installation
+	return r.Installation
 }
 
 // GetOrganization returns the Organization field.
-func (p *PushEvent) GetOrganization() *Organization {
-	if p == nil {
+func (r *RegistryPackageEvent) GetOrganization() *Organization {
+	if r == nil {
 		return nil
 	}
-	return p.Organization
+	return r.Organization
 }
 
-// GetPusher returns the Pusher field.
-func (p *PushEvent) GetPusher() *User {
-	if p == nil {
+// GetRegistryPackage returns the RegistryPackage field.
+func (r *RegistryPackageEvent) GetRegistryPackage() *Package {
+	if r == nil {
 		return nil
 	}
-	return p.Pusher
-}
-
-// GetPushID returns the PushID field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetPushID() int64 {
-	if p == nil || p.PushID == nil {
-		return 0
-	}
-	return *p.PushID
-}
-
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetRef() string {
-	if p == nil || p.Ref == nil {
-		return ""
-	}
-	return *p.Ref
+	return r.RegistryPackage
 }
 
-// GetRepo returns the Repo field.
-func (p *PushEvent) GetRepo() *PushEventRepository {
-	if p == nil {
+// GetRepository returns the Repository field.
+func (r *RegistryPackageEvent) GetRepository() *Repository {
+	if r == nil {
 		return nil
 	}
-	return p.Repo
+	return r.Repository
 }
 
 // GetSender returns the Sender field.
-func (p *PushEvent) GetSender() *User {
-	if p == nil {
+func (r *RegistryPackageEvent) GetSender() *User {
+	if r == nil {
 		return nil
 	}
-	return p.Sender
-}
-
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (p *PushEvent) GetSize() int {
-	if p == nil || p.Size == nil {
-		return 0
-	}
-	return *p.Size
-}
-
-// GetEmail returns the Email field if it's non-nil, zero value otherwise.
-func (p *PushEventRepoOwner) GetEmail() string {
-	if p == nil || p.Email == nil {
-		return ""
-	}
-	return *p.Email
-}
-
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *PushEventRepoOwner) GetName() string {
-	if p == nil || p.Name == nil {
-		return ""
-	}
-	return *p.Name
-}
-
-// GetArchived returns the Archived field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetArchived() bool {
-	if p == nil || p.Archived == nil {
-		return false
-	}
-	return *p.Archived
+	return r.Sender
 }
 
-// GetArchiveURL returns the ArchiveURL field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetArchiveURL() string {
-	if p == nil || p.ArchiveURL == nil {
+// GetBrowserDownloadURL returns the BrowserDownloadURL field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetBrowserDownloadURL() string {
+	if r == nil || r.BrowserDownloadURL == nil {
 		return ""
 	}
-	return *p.ArchiveURL
+	return *r.BrowserDownloadURL
 }
 
-// GetCloneURL returns the CloneURL field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetCloneURL() string {
-	if p == nil || p.CloneURL == nil {
+// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetContentType() string {
+	if r == nil || r.ContentType == nil {
 		return ""
 	}
-	return *p.CloneURL
+	return *r.ContentType
 }
 
 // GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetCreatedAt() Timestamp {
-	if p == nil || p.CreatedAt == nil {
+func (r *ReleaseAsset) GetCreatedAt() Timestamp {
+	if r == nil || r.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *p.CreatedAt
+	return *r.CreatedAt
 }
 
-// GetDefaultBranch returns the DefaultBranch field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetDefaultBranch() string {
-	if p == nil || p.DefaultBranch == nil {
-		return ""
+// GetDownloadCount returns the DownloadCount field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetDownloadCount() int {
+	if r == nil || r.DownloadCount == nil {
+		return 0
 	}
-	return *p.DefaultBranch
+	return *r.DownloadCount
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetDescription() string {
-	if p == nil || p.Description == nil {
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetID() int64 {
+	if r == nil || r.ID == nil {
+		return 0
+	}
+	return *r.ID
+}
+
+// GetLabel returns the Label field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetLabel() string {
+	if r == nil || r.Label == nil {
 		return ""
 	}
-	return *p.Description
+	return *r.Label
 }
 
-// GetDisabled returns the Disabled field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetDisabled() bool {
-	if p == nil || p.Disabled == nil {
-		return false
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetName() string {
+	if r == nil || r.Name == nil {
+		return ""
 	}
-	return *p.Disabled
+	return *r.Name
 }
 
-// GetFork returns the Fork field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetFork() bool {
-	if p == nil || p.Fork == nil {
-		return false
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetNodeID() string {
+	if r == nil || r.NodeID == nil {
+		return ""
 	}
-	return *p.Fork
+	return *r.NodeID
 }
 
-// GetForksCount returns the ForksCount field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetForksCount() int {
-	if p == nil || p.ForksCount == nil {
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetSize() int {
+	if r == nil || r.Size == nil {
 		return 0
 	}
-	return *p.ForksCount
+	return *r.Size
 }
 
-// GetFullName returns the FullName field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetFullName() string {
-	if p == nil || p.FullName == nil {
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetState() string {
+	if r == nil || r.State == nil {
 		return ""
 	}
-	return *p.FullName
+	return *r.State
 }
 
-// GetGitURL returns the GitURL field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetGitURL() string {
-	if p == nil || p.GitURL == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetUpdatedAt() Timestamp {
+	if r == nil || r.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *p.GitURL
+	return *r.UpdatedAt
 }
 
-// GetHasDownloads returns the HasDownloads field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetHasDownloads() bool {
-	if p == nil || p.HasDownloads == nil {
-		return false
+// GetUploader returns the Uploader field.
+func (r *ReleaseAsset) GetUploader() *User {
+	if r == nil {
+		return nil
 	}
-	return *p.HasDownloads
+	return r.Uploader
 }
 
-// GetHasIssues returns the HasIssues field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetHasIssues() bool {
-	if p == nil || p.HasIssues == nil {
-		return false
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (r *ReleaseAsset) GetURL() string {
+	if r == nil || r.URL == nil {
+		return ""
 	}
-	return *p.HasIssues
+	return *r.URL
 }
 
-// GetHasPages returns the HasPages field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetHasPages() bool {
-	if p == nil || p.HasPages == nil {
-		return false
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (r *ReleaseEvent) GetAction() string {
+	if r == nil || r.Action == nil {
+		return ""
 	}
-	return *p.HasPages
+	return *r.Action
 }
 
-// GetHasWiki returns the HasWiki field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetHasWiki() bool {
-	if p == nil || p.HasWiki == nil {
-		return false
+// GetInstallation returns the Installation field.
+func (r *ReleaseEvent) GetInstallation() *Installation {
+	if r == nil {
+		return nil
 	}
-	return *p.HasWiki
+	return r.Installation
 }
 
-// GetHomepage returns the Homepage field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetHomepage() string {
-	if p == nil || p.Homepage == nil {
-		return ""
+// GetOrg returns the Org field.
+func (r *ReleaseEvent) GetOrg() *Organization {
+	if r == nil {
+		return nil
 	}
-	return *p.Homepage
+	return r.Org
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetHTMLURL() string {
-	if p == nil || p.HTMLURL == nil {
-		return ""
+// GetRelease returns the Release field.
+func (r *ReleaseEvent) GetRelease() *RepositoryRelease {
+	if r == nil {
+		return nil
 	}
-	return *p.HTMLURL
+	return r.Release
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetID() int64 {
-	if p == nil || p.ID == nil {
-		return 0
+// GetRepo returns the Repo field.
+func (r *ReleaseEvent) GetRepo() *Repository {
+	if r == nil {
+		return nil
 	}
-	return *p.ID
+	return r.Repo
 }
 
-// GetLanguage returns the Language field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetLanguage() string {
-	if p == nil || p.Language == nil {
+// GetSender returns the Sender field.
+func (r *ReleaseEvent) GetSender() *User {
+	if r == nil {
+		return nil
+	}
+	return r.Sender
+}
+
+// GetBuildDate returns the BuildDate field if it's non-nil, zero value otherwise.
+func (r *ReleaseVersion) GetBuildDate() string {
+	if r == nil || r.BuildDate == nil {
 		return ""
 	}
-	return *p.Language
+	return *r.BuildDate
 }
 
-// GetMasterBranch returns the MasterBranch field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetMasterBranch() string {
-	if p == nil || p.MasterBranch == nil {
+// GetBuildID returns the BuildID field if it's non-nil, zero value otherwise.
+func (r *ReleaseVersion) GetBuildID() string {
+	if r == nil || r.BuildID == nil {
 		return ""
 	}
-	return *p.MasterBranch
+	return *r.BuildID
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetName() string {
-	if p == nil || p.Name == nil {
+// GetPlatform returns the Platform field if it's non-nil, zero value otherwise.
+func (r *ReleaseVersion) GetPlatform() string {
+	if r == nil || r.Platform == nil {
 		return ""
 	}
-	return *p.Name
+	return *r.Platform
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetNodeID() string {
-	if p == nil || p.NodeID == nil {
+// GetVersion returns the Version field if it's non-nil, zero value otherwise.
+func (r *ReleaseVersion) GetVersion() string {
+	if r == nil || r.Version == nil {
 		return ""
 	}
-	return *p.NodeID
+	return *r.Version
 }
 
-// GetOpenIssuesCount returns the OpenIssuesCount field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetOpenIssuesCount() int {
-	if p == nil || p.OpenIssuesCount == nil {
-		return 0
+// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
+func (r *RemoveToken) GetExpiresAt() Timestamp {
+	if r == nil || r.ExpiresAt == nil {
+		return Timestamp{}
 	}
-	return *p.OpenIssuesCount
+	return *r.ExpiresAt
 }
 
-// GetOrganization returns the Organization field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetOrganization() string {
-	if p == nil || p.Organization == nil {
+// GetToken returns the Token field if it's non-nil, zero value otherwise.
+func (r *RemoveToken) GetToken() string {
+	if r == nil || r.Token == nil {
 		return ""
 	}
-	return *p.Organization
+	return *r.Token
 }
 
-// GetOwner returns the Owner field.
-func (p *PushEventRepository) GetOwner() *User {
-	if p == nil {
-		return nil
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (r *Rename) GetFrom() string {
+	if r == nil || r.From == nil {
+		return ""
 	}
-	return p.Owner
+	return *r.From
 }
 
-// GetPrivate returns the Private field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetPrivate() bool {
-	if p == nil || p.Private == nil {
-		return false
+// GetTo returns the To field if it's non-nil, zero value otherwise.
+func (r *Rename) GetTo() string {
+	if r == nil || r.To == nil {
+		return ""
 	}
-	return *p.Private
+	return *r.To
 }
 
-// GetPullsURL returns the PullsURL field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetPullsURL() string {
-	if p == nil || p.PullsURL == nil {
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (r *RenameOrgResponse) GetMessage() string {
+	if r == nil || r.Message == nil {
 		return ""
 	}
-	return *p.PullsURL
+	return *r.Message
 }
 
-// GetPushedAt returns the PushedAt field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetPushedAt() Timestamp {
-	if p == nil || p.PushedAt == nil {
-		return Timestamp{}
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (r *RenameOrgResponse) GetURL() string {
+	if r == nil || r.URL == nil {
+		return ""
 	}
-	return *p.PushedAt
+	return *r.URL
 }
 
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetSize() int {
-	if p == nil || p.Size == nil {
-		return 0
+// GetLogin returns the Login field if it's non-nil, zero value otherwise.
+func (r *RepoAdvisoryCredit) GetLogin() string {
+	if r == nil || r.Login == nil {
+		return ""
+	}
+	return *r.Login
+}
+
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (r *RepoAdvisoryCredit) GetType() string {
+	if r == nil || r.Type == nil {
+		return ""
 	}
-	return *p.Size
+	return *r.Type
 }
 
-// GetSSHURL returns the SSHURL field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetSSHURL() string {
-	if p == nil || p.SSHURL == nil {
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (r *RepoAdvisoryCreditDetailed) GetState() string {
+	if r == nil || r.State == nil {
 		return ""
 	}
-	return *p.SSHURL
+	return *r.State
 }
 
-// GetStargazersCount returns the StargazersCount field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetStargazersCount() int {
-	if p == nil || p.StargazersCount == nil {
-		return 0
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (r *RepoAdvisoryCreditDetailed) GetType() string {
+	if r == nil || r.Type == nil {
+		return ""
 	}
-	return *p.StargazersCount
+	return *r.Type
 }
 
-// GetStatusesURL returns the StatusesURL field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetStatusesURL() string {
-	if p == nil || p.StatusesURL == nil {
-		return ""
+// GetUser returns the User field.
+func (r *RepoAdvisoryCreditDetailed) GetUser() *User {
+	if r == nil {
+		return nil
 	}
-	return *p.StatusesURL
+	return r.User
 }
 
-// GetSVNURL returns the SVNURL field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetSVNURL() string {
-	if p == nil || p.SVNURL == nil {
+// GetDownloadLocation returns the DownloadLocation field if it's non-nil, zero value otherwise.
+func (r *RepoDependencies) GetDownloadLocation() string {
+	if r == nil || r.DownloadLocation == nil {
 		return ""
 	}
-	return *p.SVNURL
+	return *r.DownloadLocation
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetUpdatedAt() Timestamp {
-	if p == nil || p.UpdatedAt == nil {
-		return Timestamp{}
+// GetFilesAnalyzed returns the FilesAnalyzed field if it's non-nil, zero value otherwise.
+func (r *RepoDependencies) GetFilesAnalyzed() bool {
+	if r == nil || r.FilesAnalyzed == nil {
+		return false
 	}
-	return *p.UpdatedAt
+	return *r.FilesAnalyzed
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetURL() string {
-	if p == nil || p.URL == nil {
+// GetLicenseConcluded returns the LicenseConcluded field if it's non-nil, zero value otherwise.
+func (r *RepoDependencies) GetLicenseConcluded() string {
+	if r == nil || r.LicenseConcluded == nil {
 		return ""
 	}
-	return *p.URL
+	return *r.LicenseConcluded
 }
 
-// GetWatchersCount returns the WatchersCount field if it's non-nil, zero value otherwise.
-func (p *PushEventRepository) GetWatchersCount() int {
-	if p == nil || p.WatchersCount == nil {
-		return 0
+// GetLicenseDeclared returns the LicenseDeclared field if it's non-nil, zero value otherwise.
+func (r *RepoDependencies) GetLicenseDeclared() string {
+	if r == nil || r.LicenseDeclared == nil {
+		return ""
 	}
-	return *p.WatchersCount
+	return *r.LicenseDeclared
 }
 
-// GetActionsRunnerRegistration returns the ActionsRunnerRegistration field.
-func (r *RateLimits) GetActionsRunnerRegistration() *Rate {
-	if r == nil {
-		return nil
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (r *RepoDependencies) GetName() string {
+	if r == nil || r.Name == nil {
+		return ""
 	}
-	return r.ActionsRunnerRegistration
+	return *r.Name
 }
 
-// GetCodeScanningUpload returns the CodeScanningUpload field.
-func (r *RateLimits) GetCodeScanningUpload() *Rate {
-	if r == nil {
-		return nil
+// GetSPDXID returns the SPDXID field if it's non-nil, zero value otherwise.
+func (r *RepoDependencies) GetSPDXID() string {
+	if r == nil || r.SPDXID == nil {
+		return ""
 	}
-	return r.CodeScanningUpload
+	return *r.SPDXID
 }
 
-// GetCore returns the Core field.
-func (r *RateLimits) GetCore() *Rate {
-	if r == nil {
-		return nil
+// GetVersionInfo returns the VersionInfo field if it's non-nil, zero value otherwise.
+func (r *RepoDependencies) GetVersionInfo() string {
+	if r == nil || r.VersionInfo == nil {
+		return ""
 	}
-	return r.Core
+	return *r.VersionInfo
 }
 
-// GetGraphQL returns the GraphQL field.
-func (r *RateLimits) GetGraphQL() *Rate {
-	if r == nil {
-		return nil
+// GetBranch returns the Branch field if it's non-nil, zero value otherwise.
+func (r *RepoMergeUpstreamRequest) GetBranch() string {
+	if r == nil || r.Branch == nil {
+		return ""
 	}
-	return r.GraphQL
+	return *r.Branch
 }
 
-// GetIntegrationManifest returns the IntegrationManifest field.
-func (r *RateLimits) GetIntegrationManifest() *Rate {
-	if r == nil {
-		return nil
+// GetBaseBranch returns the BaseBranch field if it's non-nil, zero value otherwise.
+func (r *RepoMergeUpstreamResult) GetBaseBranch() string {
+	if r == nil || r.BaseBranch == nil {
+		return ""
 	}
-	return r.IntegrationManifest
+	return *r.BaseBranch
 }
 
-// GetSCIM returns the SCIM field.
-func (r *RateLimits) GetSCIM() *Rate {
-	if r == nil {
-		return nil
+// GetMergeType returns the MergeType field if it's non-nil, zero value otherwise.
+func (r *RepoMergeUpstreamResult) GetMergeType() string {
+	if r == nil || r.MergeType == nil {
+		return ""
 	}
-	return r.SCIM
+	return *r.MergeType
 }
 
-// GetSearch returns the Search field.
-func (r *RateLimits) GetSearch() *Rate {
-	if r == nil {
-		return nil
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (r *RepoMergeUpstreamResult) GetMessage() string {
+	if r == nil || r.Message == nil {
+		return ""
 	}
-	return r.Search
+	return *r.Message
 }
 
-// GetSourceImport returns the SourceImport field.
-func (r *RateLimits) GetSourceImport() *Rate {
-	if r == nil {
-		return nil
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (r *RepoName) GetFrom() string {
+	if r == nil || r.From == nil {
+		return ""
 	}
-	return r.SourceImport
+	return *r.From
 }
 
-// GetContent returns the Content field if it's non-nil, zero value otherwise.
-func (r *Reaction) GetContent() string {
-	if r == nil || r.Content == nil {
-		return ""
+// GetIncompleteResults returns the IncompleteResults field if it's non-nil, zero value otherwise.
+func (r *RepositoriesSearchResult) GetIncompleteResults() bool {
+	if r == nil || r.IncompleteResults == nil {
+		return false
 	}
-	return *r.Content
+	return *r.IncompleteResults
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (r *Reaction) GetID() int64 {
-	if r == nil || r.ID == nil {
+// GetTotal returns the Total field if it's non-nil, zero value otherwise.
+func (r *RepositoriesSearchResult) GetTotal() int {
+	if r == nil || r.Total == nil {
 		return 0
 	}
-	return *r.ID
+	return *r.Total
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (r *Reaction) GetNodeID() string {
-	if r == nil || r.NodeID == nil {
-		return ""
+// GetAllowAutoMerge returns the AllowAutoMerge field if it's non-nil, zero value otherwise.
+func (r *Repository) GetAllowAutoMerge() bool {
+	if r == nil || r.AllowAutoMerge == nil {
+		return false
 	}
-	return *r.NodeID
+	return *r.AllowAutoMerge
 }
 
-// GetUser returns the User field.
-func (r *Reaction) GetUser() *User {
-	if r == nil {
-		return nil
+// GetAllowForking returns the AllowForking field if it's non-nil, zero value otherwise.
+func (r *Repository) GetAllowForking() bool {
+	if r == nil || r.AllowForking == nil {
+		return false
 	}
-	return r.User
+	return *r.AllowForking
 }
 
-// GetConfused returns the Confused field if it's non-nil, zero value otherwise.
-func (r *Reactions) GetConfused() int {
-	if r == nil || r.Confused == nil {
-		return 0
+// GetAllowMergeCommit returns the AllowMergeCommit field if it's non-nil, zero value otherwise.
+func (r *Repository) GetAllowMergeCommit() bool {
+	if r == nil || r.AllowMergeCommit == nil {
+		return false
 	}
-	return *r.Confused
+	return *r.AllowMergeCommit
 }
 
-// GetEyes returns the Eyes field if it's non-nil, zero value otherwise.
-func (r *Reactions) GetEyes() int {
-	if r == nil || r.Eyes == nil {
-		return 0
+// GetAllowRebaseMerge returns the AllowRebaseMerge field if it's non-nil, zero value otherwise.
+func (r *Repository) GetAllowRebaseMerge() bool {
+	if r == nil || r.AllowRebaseMerge == nil {
+		return false
 	}
-	return *r.Eyes
+	return *r.AllowRebaseMerge
 }
 
-// GetHeart returns the Heart field if it's non-nil, zero value otherwise.
-func (r *Reactions) GetHeart() int {
-	if r == nil || r.Heart == nil {
-		return 0
+// GetAllowSquashMerge returns the AllowSquashMerge field if it's non-nil, zero value otherwise.
+func (r *Repository) GetAllowSquashMerge() bool {
+	if r == nil || r.AllowSquashMerge == nil {
+		return false
 	}
-	return *r.Heart
+	return *r.AllowSquashMerge
 }
 
-// GetHooray returns the Hooray field if it's non-nil, zero value otherwise.
-func (r *Reactions) GetHooray() int {
-	if r == nil || r.Hooray == nil {
-		return 0
+// GetAllowUpdateBranch returns the AllowUpdateBranch field if it's non-nil, zero value otherwise.
+func (r *Repository) GetAllowUpdateBranch() bool {
+	if r == nil || r.AllowUpdateBranch == nil {
+		return false
 	}
-	return *r.Hooray
+	return *r.AllowUpdateBranch
 }
 
-// GetLaugh returns the Laugh field if it's non-nil, zero value otherwise.
-func (r *Reactions) GetLaugh() int {
-	if r == nil || r.Laugh == nil {
-		return 0
+// GetArchived returns the Archived field if it's non-nil, zero value otherwise.
+func (r *Repository) GetArchived() bool {
+	if r == nil || r.Archived == nil {
+		return false
 	}
-	return *r.Laugh
+	return *r.Archived
 }
 
-// GetMinusOne returns the MinusOne field if it's non-nil, zero value otherwise.
-func (r *Reactions) GetMinusOne() int {
-	if r == nil || r.MinusOne == nil {
-		return 0
+// GetArchiveURL returns the ArchiveURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetArchiveURL() string {
+	if r == nil || r.ArchiveURL == nil {
+		return ""
 	}
-	return *r.MinusOne
+	return *r.ArchiveURL
 }
 
-// GetPlusOne returns the PlusOne field if it's non-nil, zero value otherwise.
-func (r *Reactions) GetPlusOne() int {
-	if r == nil || r.PlusOne == nil {
-		return 0
+// GetAssigneesURL returns the AssigneesURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetAssigneesURL() string {
+	if r == nil || r.AssigneesURL == nil {
+		return ""
 	}
-	return *r.PlusOne
+	return *r.AssigneesURL
 }
 
-// GetRocket returns the Rocket field if it's non-nil, zero value otherwise.
-func (r *Reactions) GetRocket() int {
-	if r == nil || r.Rocket == nil {
-		return 0
+// GetAutoInit returns the AutoInit field if it's non-nil, zero value otherwise.
+func (r *Repository) GetAutoInit() bool {
+	if r == nil || r.AutoInit == nil {
+		return false
 	}
-	return *r.Rocket
+	return *r.AutoInit
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (r *Reactions) GetTotalCount() int {
-	if r == nil || r.TotalCount == nil {
-		return 0
+// GetBlobsURL returns the BlobsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetBlobsURL() string {
+	if r == nil || r.BlobsURL == nil {
+		return ""
 	}
-	return *r.TotalCount
+	return *r.BlobsURL
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *Reactions) GetURL() string {
-	if r == nil || r.URL == nil {
+// GetBranchesURL returns the BranchesURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetBranchesURL() string {
+	if r == nil || r.BranchesURL == nil {
 		return ""
 	}
-	return *r.URL
+	return *r.BranchesURL
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (r *Reference) GetNodeID() string {
-	if r == nil || r.NodeID == nil {
+// GetCloneURL returns the CloneURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetCloneURL() string {
+	if r == nil || r.CloneURL == nil {
 		return ""
 	}
-	return *r.NodeID
+	return *r.CloneURL
 }
 
-// GetObject returns the Object field.
-func (r *Reference) GetObject() *GitObject {
+// GetCodeOfConduct returns the CodeOfConduct field.
+func (r *Repository) GetCodeOfConduct() *CodeOfConduct {
 	if r == nil {
 		return nil
 	}
-	return r.Object
+	return r.CodeOfConduct
 }
 
-// GetRef returns the Ref field if it's non-nil, zero value otherwise.
-func (r *Reference) GetRef() string {
-	if r == nil || r.Ref == nil {
+// GetCollaboratorsURL returns the CollaboratorsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetCollaboratorsURL() string {
+	if r == nil || r.CollaboratorsURL == nil {
 		return ""
 	}
-	return *r.Ref
+	return *r.CollaboratorsURL
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *Reference) GetURL() string {
-	if r == nil || r.URL == nil {
+// GetCommentsURL returns the CommentsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetCommentsURL() string {
+	if r == nil || r.CommentsURL == nil {
 		return ""
 	}
-	return *r.URL
+	return *r.CommentsURL
 }
 
-// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
-func (r *RegistrationToken) GetExpiresAt() Timestamp {
-	if r == nil || r.ExpiresAt == nil {
-		return Timestamp{}
+// GetCommitsURL returns the CommitsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetCommitsURL() string {
+	if r == nil || r.CommitsURL == nil {
+		return ""
 	}
-	return *r.ExpiresAt
+	return *r.CommitsURL
 }
 
-// GetToken returns the Token field if it's non-nil, zero value otherwise.
-func (r *RegistrationToken) GetToken() string {
-	if r == nil || r.Token == nil {
+// GetCompareURL returns the CompareURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetCompareURL() string {
+	if r == nil || r.CompareURL == nil {
 		return ""
 	}
-	return *r.Token
+	return *r.CompareURL
 }
 
-// GetBrowserDownloadURL returns the BrowserDownloadURL field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetBrowserDownloadURL() string {
-	if r == nil || r.BrowserDownloadURL == nil {
+// GetContentsURL returns the ContentsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetContentsURL() string {
+	if r == nil || r.ContentsURL == nil {
 		return ""
 	}
-	return *r.BrowserDownloadURL
+	return *r.ContentsURL
 }
 
-// GetContentType returns the ContentType field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetContentType() string {
-	if r == nil || r.ContentType == nil {
+// GetContributorsURL returns the ContributorsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetContributorsURL() string {
+	if r == nil || r.ContributorsURL == nil {
 		return ""
 	}
-	return *r.ContentType
+	return *r.ContributorsURL
 }
 
 // GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetCreatedAt() Timestamp {
+func (r *Repository) GetCreatedAt() Timestamp {
 	if r == nil || r.CreatedAt == nil {
 		return Timestamp{}
 	}
 	return *r.CreatedAt
 }
 
-// GetDownloadCount returns the DownloadCount field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetDownloadCount() int {
-	if r == nil || r.DownloadCount == nil {
-		return 0
+// GetDefaultBranch returns the DefaultBranch field if it's non-nil, zero value otherwise.
+func (r *Repository) GetDefaultBranch() string {
+	if r == nil || r.DefaultBranch == nil {
+		return ""
 	}
-	return *r.DownloadCount
+	return *r.DefaultBranch
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetID() int64 {
-	if r == nil || r.ID == nil {
-		return 0
+// GetDeleteBranchOnMerge returns the DeleteBranchOnMerge field if it's non-nil, zero value otherwise.
+func (r *Repository) GetDeleteBranchOnMerge() bool {
+	if r == nil || r.DeleteBranchOnMerge == nil {
+		return false
 	}
-	return *r.ID
+	return *r.DeleteBranchOnMerge
 }
 
-// GetLabel returns the Label field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetLabel() string {
-	if r == nil || r.Label == nil {
+// GetDeploymentsURL returns the DeploymentsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetDeploymentsURL() string {
+	if r == nil || r.DeploymentsURL == nil {
 		return ""
 	}
-	return *r.Label
+	return *r.DeploymentsURL
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetName() string {
-	if r == nil || r.Name == nil {
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (r *Repository) GetDescription() string {
+	if r == nil || r.Description == nil {
 		return ""
 	}
-	return *r.Name
+	return *r.Description
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetNodeID() string {
-	if r == nil || r.NodeID == nil {
-		return ""
+// GetDisabled returns the Disabled field if it's non-nil, zero value otherwise.
+func (r *Repository) GetDisabled() bool {
+	if r == nil || r.Disabled == nil {
+		return false
 	}
-	return *r.NodeID
+	return *r.Disabled
 }
 
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetSize() int {
-	if r == nil || r.Size == nil {
-		return 0
+// GetDownloadsURL returns the DownloadsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetDownloadsURL() string {
+	if r == nil || r.DownloadsURL == nil {
+		return ""
 	}
-	return *r.Size
+	return *r.DownloadsURL
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetState() string {
-	if r == nil || r.State == nil {
+// GetEventsURL returns the EventsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetEventsURL() string {
+	if r == nil || r.EventsURL == nil {
 		return ""
 	}
-	return *r.State
+	return *r.EventsURL
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetUpdatedAt() Timestamp {
-	if r == nil || r.UpdatedAt == nil {
-		return Timestamp{}
+// GetFork returns the Fork field if it's non-nil, zero value otherwise.
+func (r *Repository) GetFork() bool {
+	if r == nil || r.Fork == nil {
+		return false
 	}
-	return *r.UpdatedAt
+	return *r.Fork
 }
 
-// GetUploader returns the Uploader field.
-func (r *ReleaseAsset) GetUploader() *User {
-	if r == nil {
-		return nil
+// GetForksCount returns the ForksCount field if it's non-nil, zero value otherwise.
+func (r *Repository) GetForksCount() int {
+	if r == nil || r.ForksCount == nil {
+		return 0
 	}
-	return r.Uploader
+	return *r.ForksCount
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *ReleaseAsset) GetURL() string {
-	if r == nil || r.URL == nil {
+// GetForksURL returns the ForksURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetForksURL() string {
+	if r == nil || r.ForksURL == nil {
 		return ""
 	}
-	return *r.URL
+	return *r.ForksURL
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (r *ReleaseEvent) GetAction() string {
-	if r == nil || r.Action == nil {
+// GetFullName returns the FullName field if it's non-nil, zero value otherwise.
+func (r *Repository) GetFullName() string {
+	if r == nil || r.FullName == nil {
 		return ""
 	}
-	return *r.Action
-}
-
-// GetInstallation returns the Installation field.
-func (r *ReleaseEvent) GetInstallation() *Installation {
-	if r == nil {
-		return nil
-	}
-	return r.Installation
-}
-
-// GetRelease returns the Release field.
-func (r *ReleaseEvent) GetRelease() *RepositoryRelease {
-	if r == nil {
-		return nil
-	}
-	return r.Release
-}
-
-// GetRepo returns the Repo field.
-func (r *ReleaseEvent) GetRepo() *Repository {
-	if r == nil {
-		return nil
-	}
-	return r.Repo
+	return *r.FullName
 }
 
-// GetSender returns the Sender field.
-func (r *ReleaseEvent) GetSender() *User {
-	if r == nil {
-		return nil
+// GetGitCommitsURL returns the GitCommitsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetGitCommitsURL() string {
+	if r == nil || r.GitCommitsURL == nil {
+		return ""
 	}
-	return r.Sender
+	return *r.GitCommitsURL
 }
 
-// GetExpiresAt returns the ExpiresAt field if it's non-nil, zero value otherwise.
-func (r *RemoveToken) GetExpiresAt() Timestamp {
-	if r == nil || r.ExpiresAt == nil {
-		return Timestamp{}
+// GetGitignoreTemplate returns the GitignoreTemplate field if it's non-nil, zero value otherwise.
+func (r *Repository) GetGitignoreTemplate() string {
+	if r == nil || r.GitignoreTemplate == nil {
+		return ""
 	}
-	return *r.ExpiresAt
+	return *r.GitignoreTemplate
 }
 
-// GetToken returns the Token field if it's non-nil, zero value otherwise.
-func (r *RemoveToken) GetToken() string {
-	if r == nil || r.Token == nil {
+// GetGitRefsURL returns the GitRefsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetGitRefsURL() string {
+	if r == nil || r.GitRefsURL == nil {
 		return ""
 	}
-	return *r.Token
+	return *r.GitRefsURL
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (r *Rename) GetFrom() string {
-	if r == nil || r.From == nil {
+// GetGitTagsURL returns the GitTagsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetGitTagsURL() string {
+	if r == nil || r.GitTagsURL == nil {
 		return ""
 	}
-	return *r.From
+	return *r.GitTagsURL
 }
 
-// GetTo returns the To field if it's non-nil, zero value otherwise.
-func (r *Rename) GetTo() string {
-	if r == nil || r.To == nil {
+// GetGitURL returns the GitURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetGitURL() string {
+	if r == nil || r.GitURL == nil {
 		return ""
 	}
-	return *r.To
+	return *r.GitURL
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (r *RenameOrgResponse) GetMessage() string {
-	if r == nil || r.Message == nil {
-		return ""
+// GetHasDiscussions returns the HasDiscussions field if it's non-nil, zero value otherwise.
+func (r *Repository) GetHasDiscussions() bool {
+	if r == nil || r.HasDiscussions == nil {
+		return false
 	}
-	return *r.Message
+	return *r.HasDiscussions
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *RenameOrgResponse) GetURL() string {
-	if r == nil || r.URL == nil {
-		return ""
+// GetHasDownloads returns the HasDownloads field if it's non-nil, zero value otherwise.
+func (r *Repository) GetHasDownloads() bool {
+	if r == nil || r.HasDownloads == nil {
+		return false
 	}
-	return *r.URL
+	return *r.HasDownloads
 }
 
-// GetDownloadLocation returns the DownloadLocation field if it's non-nil, zero value otherwise.
-func (r *RepoDependencies) GetDownloadLocation() string {
-	if r == nil || r.DownloadLocation == nil {
-		return ""
+// GetHasIssues returns the HasIssues field if it's non-nil, zero value otherwise.
+func (r *Repository) GetHasIssues() bool {
+	if r == nil || r.HasIssues == nil {
+		return false
 	}
-	return *r.DownloadLocation
+	return *r.HasIssues
 }
 
-// GetFilesAnalyzed returns the FilesAnalyzed field if it's non-nil, zero value otherwise.
-func (r *RepoDependencies) GetFilesAnalyzed() bool {
-	if r == nil || r.FilesAnalyzed == nil {
+// GetHasPages returns the HasPages field if it's non-nil, zero value otherwise.
+func (r *Repository) GetHasPages() bool {
+	if r == nil || r.HasPages == nil {
 		return false
 	}
-	return *r.FilesAnalyzed
+	return *r.HasPages
 }
 
-// GetLicenseConcluded returns the LicenseConcluded field if it's non-nil, zero value otherwise.
-func (r *RepoDependencies) GetLicenseConcluded() string {
-	if r == nil || r.LicenseConcluded == nil {
-		return ""
+// GetHasProjects returns the HasProjects field if it's non-nil, zero value otherwise.
+func (r *Repository) GetHasProjects() bool {
+	if r == nil || r.HasProjects == nil {
+		return false
 	}
-	return *r.LicenseConcluded
+	return *r.HasProjects
 }
 
-// GetLicenseDeclared returns the LicenseDeclared field if it's non-nil, zero value otherwise.
-func (r *RepoDependencies) GetLicenseDeclared() string {
-	if r == nil || r.LicenseDeclared == nil {
-		return ""
+// GetHasWiki returns the HasWiki field if it's non-nil, zero value otherwise.
+func (r *Repository) GetHasWiki() bool {
+	if r == nil || r.HasWiki == nil {
+		return false
 	}
-	return *r.LicenseDeclared
+	return *r.HasWiki
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (r *RepoDependencies) GetName() string {
-	if r == nil || r.Name == nil {
+// GetHomepage returns the Homepage field if it's non-nil, zero value otherwise.
+func (r *Repository) GetHomepage() string {
+	if r == nil || r.Homepage == nil {
 		return ""
 	}
-	return *r.Name
+	return *r.Homepage
 }
 
-// GetSPDXID returns the SPDXID field if it's non-nil, zero value otherwise.
-func (r *RepoDependencies) GetSPDXID() string {
-	if r == nil || r.SPDXID == nil {
+// GetHooksURL returns the HooksURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetHooksURL() string {
+	if r == nil || r.HooksURL == nil {
 		return ""
 	}
-	return *r.SPDXID
+	return *r.HooksURL
 }
 
-// GetVersionInfo returns the VersionInfo field if it's non-nil, zero value otherwise.
-func (r *RepoDependencies) GetVersionInfo() string {
-	if r == nil || r.VersionInfo == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetHTMLURL() string {
+	if r == nil || r.HTMLURL == nil {
 		return ""
 	}
-	return *r.VersionInfo
+	return *r.HTMLURL
 }
 
-// GetBranch returns the Branch field if it's non-nil, zero value otherwise.
-func (r *RepoMergeUpstreamRequest) GetBranch() string {
-	if r == nil || r.Branch == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (r *Repository) GetID() int64 {
+	if r == nil || r.ID == nil {
+		return 0
 	}
-	return *r.Branch
+	return *r.ID
 }
 
-// GetBaseBranch returns the BaseBranch field if it's non-nil, zero value otherwise.
-func (r *RepoMergeUpstreamResult) GetBaseBranch() string {
-	if r == nil || r.BaseBranch == nil {
+// GetIssueCommentURL returns the IssueCommentURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetIssueCommentURL() string {
+	if r == nil || r.IssueCommentURL == nil {
 		return ""
 	}
-	return *r.BaseBranch
+	return *r.IssueCommentURL
 }
 
-// GetMergeType returns the MergeType field if it's non-nil, zero value otherwise.
-func (r *RepoMergeUpstreamResult) GetMergeType() string {
-	if r == nil || r.MergeType == nil {
+// GetIssueEventsURL returns the IssueEventsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetIssueEventsURL() string {
+	if r == nil || r.IssueEventsURL == nil {
 		return ""
 	}
-	return *r.MergeType
+	return *r.IssueEventsURL
 }
 
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (r *RepoMergeUpstreamResult) GetMessage() string {
-	if r == nil || r.Message == nil {
+// GetIssuesURL returns the IssuesURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetIssuesURL() string {
+	if r == nil || r.IssuesURL == nil {
 		return ""
 	}
-	return *r.Message
+	return *r.IssuesURL
 }
 
-// GetFrom returns the From field if it's non-nil, zero value otherwise.
-func (r *RepoName) GetFrom() string {
-	if r == nil || r.From == nil {
-		return ""
+// GetIsTemplate returns the IsTemplate field if it's non-nil, zero value otherwise.
+func (r *Repository) GetIsTemplate() bool {
+	if r == nil || r.IsTemplate == nil {
+		return false
 	}
-	return *r.From
+	return *r.IsTemplate
 }
 
-// GetBadgeURL returns the BadgeURL field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflow) GetBadgeURL() string {
-	if r == nil || r.BadgeURL == nil {
+// GetKeysURL returns the KeysURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetKeysURL() string {
+	if r == nil || r.KeysURL == nil {
 		return ""
 	}
-	return *r.BadgeURL
+	return *r.KeysURL
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflow) GetCreatedAt() Timestamp {
-	if r == nil || r.CreatedAt == nil {
-		return Timestamp{}
+// GetLabelsURL returns the LabelsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetLabelsURL() string {
+	if r == nil || r.LabelsURL == nil {
+		return ""
 	}
-	return *r.CreatedAt
+	return *r.LabelsURL
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflow) GetHTMLURL() string {
-	if r == nil || r.HTMLURL == nil {
+// GetLanguage returns the Language field if it's non-nil, zero value otherwise.
+func (r *Repository) GetLanguage() string {
+	if r == nil || r.Language == nil {
 		return ""
 	}
-	return *r.HTMLURL
+	return *r.Language
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflow) GetID() int64 {
-	if r == nil || r.ID == nil {
-		return 0
+// GetLanguagesURL returns the LanguagesURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetLanguagesURL() string {
+	if r == nil || r.LanguagesURL == nil {
+		return ""
 	}
-	return *r.ID
+	return *r.LanguagesURL
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflow) GetName() string {
-	if r == nil || r.Name == nil {
-		return ""
+// GetLicense returns the License field.
+func (r *Repository) GetLicense() *License {
+	if r == nil {
+		return nil
 	}
-	return *r.Name
+	return r.License
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflow) GetNodeID() string {
-	if r == nil || r.NodeID == nil {
+// GetLicenseTemplate returns the LicenseTemplate field if it's non-nil, zero value otherwise.
+func (r *Repository) GetLicenseTemplate() string {
+	if r == nil || r.LicenseTemplate == nil {
 		return ""
 	}
-	return *r.NodeID
+	return *r.LicenseTemplate
 }
 
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflow) GetPath() string {
-	if r == nil || r.Path == nil {
+// GetMasterBranch returns the MasterBranch field if it's non-nil, zero value otherwise.
+func (r *Repository) GetMasterBranch() string {
+	if r == nil || r.MasterBranch == nil {
 		return ""
 	}
-	return *r.Path
+	return *r.MasterBranch
 }
 
-// GetSourceRepository returns the SourceRepository field.
-func (r *RepoRequiredWorkflow) GetSourceRepository() *Repository {
-	if r == nil {
-		return nil
+// GetMergeCommitMessage returns the MergeCommitMessage field if it's non-nil, zero value otherwise.
+func (r *Repository) GetMergeCommitMessage() string {
+	if r == nil || r.MergeCommitMessage == nil {
+		return ""
 	}
-	return r.SourceRepository
+	return *r.MergeCommitMessage
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflow) GetState() string {
-	if r == nil || r.State == nil {
+// GetMergeCommitTitle returns the MergeCommitTitle field if it's non-nil, zero value otherwise.
+func (r *Repository) GetMergeCommitTitle() string {
+	if r == nil || r.MergeCommitTitle == nil {
 		return ""
 	}
-	return *r.State
+	return *r.MergeCommitTitle
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflow) GetUpdatedAt() Timestamp {
-	if r == nil || r.UpdatedAt == nil {
-		return Timestamp{}
+// GetMergesURL returns the MergesURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetMergesURL() string {
+	if r == nil || r.MergesURL == nil {
+		return ""
 	}
-	return *r.UpdatedAt
+	return *r.MergesURL
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflow) GetURL() string {
-	if r == nil || r.URL == nil {
+// GetMilestonesURL returns the MilestonesURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetMilestonesURL() string {
+	if r == nil || r.MilestonesURL == nil {
 		return ""
 	}
-	return *r.URL
+	return *r.MilestonesURL
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (r *RepoRequiredWorkflows) GetTotalCount() int {
-	if r == nil || r.TotalCount == nil {
-		return 0
+// GetMirrorURL returns the MirrorURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetMirrorURL() string {
+	if r == nil || r.MirrorURL == nil {
+		return ""
 	}
-	return *r.TotalCount
+	return *r.MirrorURL
 }
 
-// GetIncompleteResults returns the IncompleteResults field if it's non-nil, zero value otherwise.
-func (r *RepositoriesSearchResult) GetIncompleteResults() bool {
-	if r == nil || r.IncompleteResults == nil {
-		return false
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (r *Repository) GetName() string {
+	if r == nil || r.Name == nil {
+		return ""
 	}
-	return *r.IncompleteResults
+	return *r.Name
 }
 
-// GetTotal returns the Total field if it's non-nil, zero value otherwise.
-func (r *RepositoriesSearchResult) GetTotal() int {
-	if r == nil || r.Total == nil {
+// GetNetworkCount returns the NetworkCount field if it's non-nil, zero value otherwise.
+func (r *Repository) GetNetworkCount() int {
+	if r == nil || r.NetworkCount == nil {
 		return 0
 	}
-	return *r.Total
+	return *r.NetworkCount
 }
 
-// GetAllowAutoMerge returns the AllowAutoMerge field if it's non-nil, zero value otherwise.
-func (r *Repository) GetAllowAutoMerge() bool {
-	if r == nil || r.AllowAutoMerge == nil {
-		return false
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (r *Repository) GetNodeID() string {
+	if r == nil || r.NodeID == nil {
+		return ""
 	}
-	return *r.AllowAutoMerge
+	return *r.NodeID
 }
 
-// GetAllowForking returns the AllowForking field if it's non-nil, zero value otherwise.
-func (r *Repository) GetAllowForking() bool {
-	if r == nil || r.AllowForking == nil {
-		return false
+// GetNotificationsURL returns the NotificationsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetNotificationsURL() string {
+	if r == nil || r.NotificationsURL == nil {
+		return ""
 	}
-	return *r.AllowForking
+	return *r.NotificationsURL
 }
 
-// GetAllowMergeCommit returns the AllowMergeCommit field if it's non-nil, zero value otherwise.
-func (r *Repository) GetAllowMergeCommit() bool {
-	if r == nil || r.AllowMergeCommit == nil {
-		return false
+// GetOpenIssues returns the OpenIssues field if it's non-nil, zero value otherwise.
+func (r *Repository) GetOpenIssues() int {
+	if r == nil || r.OpenIssues == nil {
+		return 0
 	}
-	return *r.AllowMergeCommit
+	return *r.OpenIssues
 }
 
-// GetAllowRebaseMerge returns the AllowRebaseMerge field if it's non-nil, zero value otherwise.
-func (r *Repository) GetAllowRebaseMerge() bool {
-	if r == nil || r.AllowRebaseMerge == nil {
-		return false
+// GetOpenIssuesCount returns the OpenIssuesCount field if it's non-nil, zero value otherwise.
+func (r *Repository) GetOpenIssuesCount() int {
+	if r == nil || r.OpenIssuesCount == nil {
+		return 0
 	}
-	return *r.AllowRebaseMerge
+	return *r.OpenIssuesCount
 }
 
-// GetAllowSquashMerge returns the AllowSquashMerge field if it's non-nil, zero value otherwise.
-func (r *Repository) GetAllowSquashMerge() bool {
-	if r == nil || r.AllowSquashMerge == nil {
-		return false
+// GetOrganization returns the Organization field.
+func (r *Repository) GetOrganization() *Organization {
+	if r == nil {
+		return nil
 	}
-	return *r.AllowSquashMerge
+	return r.Organization
 }
 
-// GetAllowUpdateBranch returns the AllowUpdateBranch field if it's non-nil, zero value otherwise.
-func (r *Repository) GetAllowUpdateBranch() bool {
-	if r == nil || r.AllowUpdateBranch == nil {
-		return false
+// GetOwner returns the Owner field.
+func (r *Repository) GetOwner() *User {
+	if r == nil {
+		return nil
 	}
-	return *r.AllowUpdateBranch
+	return r.Owner
 }
 
-// GetArchived returns the Archived field if it's non-nil, zero value otherwise.
-func (r *Repository) GetArchived() bool {
-	if r == nil || r.Archived == nil {
-		return false
+// GetParent returns the Parent field.
+func (r *Repository) GetParent() *Repository {
+	if r == nil {
+		return nil
 	}
-	return *r.Archived
+	return r.Parent
 }
 
-// GetArchiveURL returns the ArchiveURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetArchiveURL() string {
-	if r == nil || r.ArchiveURL == nil {
-		return ""
+// GetPermissions returns the Permissions map if it's non-nil, an empty map otherwise.
+func (r *Repository) GetPermissions() map[string]bool {
+	if r == nil || r.Permissions == nil {
+		return map[string]bool{}
 	}
-	return *r.ArchiveURL
+	return r.Permissions
 }
 
-// GetAssigneesURL returns the AssigneesURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetAssigneesURL() string {
-	if r == nil || r.AssigneesURL == nil {
-		return ""
+// GetPrivate returns the Private field if it's non-nil, zero value otherwise.
+func (r *Repository) GetPrivate() bool {
+	if r == nil || r.Private == nil {
+		return false
 	}
-	return *r.AssigneesURL
+	return *r.Private
 }
 
-// GetAutoInit returns the AutoInit field if it's non-nil, zero value otherwise.
-func (r *Repository) GetAutoInit() bool {
-	if r == nil || r.AutoInit == nil {
-		return false
+// GetPullsURL returns the PullsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetPullsURL() string {
+	if r == nil || r.PullsURL == nil {
+		return ""
 	}
-	return *r.AutoInit
+	return *r.PullsURL
 }
 
-// GetBlobsURL returns the BlobsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetBlobsURL() string {
-	if r == nil || r.BlobsURL == nil {
-		return ""
+// GetPushedAt returns the PushedAt field if it's non-nil, zero value otherwise.
+func (r *Repository) GetPushedAt() Timestamp {
+	if r == nil || r.PushedAt == nil {
+		return Timestamp{}
 	}
-	return *r.BlobsURL
+	return *r.PushedAt
 }
 
-// GetBranchesURL returns the BranchesURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetBranchesURL() string {
-	if r == nil || r.BranchesURL == nil {
+// GetReleasesURL returns the ReleasesURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetReleasesURL() string {
+	if r == nil || r.ReleasesURL == nil {
 		return ""
 	}
-	return *r.BranchesURL
+	return *r.ReleasesURL
 }
 
-// GetCloneURL returns the CloneURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetCloneURL() string {
-	if r == nil || r.CloneURL == nil {
+// GetRoleName returns the RoleName field if it's non-nil, zero value otherwise.
+func (r *Repository) GetRoleName() string {
+	if r == nil || r.RoleName == nil {
 		return ""
 	}
-	return *r.CloneURL
+	return *r.RoleName
 }
 
-// GetCodeOfConduct returns the CodeOfConduct field.
-func (r *Repository) GetCodeOfConduct() *CodeOfConduct {
+// GetSecurityAndAnalysis returns the SecurityAndAnalysis field.
+func (r *Repository) GetSecurityAndAnalysis() *SecurityAndAnalysis {
 	if r == nil {
 		return nil
 	}
-	return r.CodeOfConduct
+	return r.SecurityAndAnalysis
 }
 
-// GetCollaboratorsURL returns the CollaboratorsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetCollaboratorsURL() string {
-	if r == nil || r.CollaboratorsURL == nil {
-		return ""
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (r *Repository) GetSize() int {
+	if r == nil || r.Size == nil {
+		return 0
 	}
-	return *r.CollaboratorsURL
+	return *r.Size
 }
 
-// GetCommentsURL returns the CommentsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetCommentsURL() string {
-	if r == nil || r.CommentsURL == nil {
-		return ""
+// GetSource returns the Source field.
+func (r *Repository) GetSource() *Repository {
+	if r == nil {
+		return nil
 	}
-	return *r.CommentsURL
+	return r.Source
 }
 
-// GetCommitsURL returns the CommitsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetCommitsURL() string {
-	if r == nil || r.CommitsURL == nil {
+// GetSquashMergeCommitMessage returns the SquashMergeCommitMessage field if it's non-nil, zero value otherwise.
+func (r *Repository) GetSquashMergeCommitMessage() string {
+	if r == nil || r.SquashMergeCommitMessage == nil {
 		return ""
 	}
-	return *r.CommitsURL
+	return *r.SquashMergeCommitMessage
 }
 
-// GetCompareURL returns the CompareURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetCompareURL() string {
-	if r == nil || r.CompareURL == nil {
+// GetSquashMergeCommitTitle returns the SquashMergeCommitTitle field if it's non-nil, zero value otherwise.
+func (r *Repository) GetSquashMergeCommitTitle() string {
+	if r == nil || r.SquashMergeCommitTitle == nil {
 		return ""
 	}
-	return *r.CompareURL
+	return *r.SquashMergeCommitTitle
 }
 
-// GetContentsURL returns the ContentsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetContentsURL() string {
-	if r == nil || r.ContentsURL == nil {
+// GetSSHURL returns the SSHURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetSSHURL() string {
+	if r == nil || r.SSHURL == nil {
 		return ""
 	}
-	return *r.ContentsURL
+	return *r.SSHURL
 }
 
-// GetContributorsURL returns the ContributorsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetContributorsURL() string {
-	if r == nil || r.ContributorsURL == nil {
-		return ""
+// GetStargazersCount returns the StargazersCount field if it's non-nil, zero value otherwise.
+func (r *Repository) GetStargazersCount() int {
+	if r == nil || r.StargazersCount == nil {
+		return 0
 	}
-	return *r.ContributorsURL
+	return *r.StargazersCount
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (r *Repository) GetCreatedAt() Timestamp {
-	if r == nil || r.CreatedAt == nil {
-		return Timestamp{}
+// GetStargazersURL returns the StargazersURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetStargazersURL() string {
+	if r == nil || r.StargazersURL == nil {
+		return ""
 	}
-	return *r.CreatedAt
+	return *r.StargazersURL
 }
 
-// GetDefaultBranch returns the DefaultBranch field if it's non-nil, zero value otherwise.
-func (r *Repository) GetDefaultBranch() string {
-	if r == nil || r.DefaultBranch == nil {
+// GetStatusesURL returns the StatusesURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetStatusesURL() string {
+	if r == nil || r.StatusesURL == nil {
 		return ""
 	}
-	return *r.DefaultBranch
+	return *r.StatusesURL
 }
 
-// GetDeleteBranchOnMerge returns the DeleteBranchOnMerge field if it's non-nil, zero value otherwise.
-func (r *Repository) GetDeleteBranchOnMerge() bool {
-	if r == nil || r.DeleteBranchOnMerge == nil {
-		return false
+// GetSubscribersCount returns the SubscribersCount field if it's non-nil, zero value otherwise.
+func (r *Repository) GetSubscribersCount() int {
+	if r == nil || r.SubscribersCount == nil {
+		return 0
 	}
-	return *r.DeleteBranchOnMerge
+	return *r.SubscribersCount
 }
 
-// GetDeploymentsURL returns the DeploymentsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetDeploymentsURL() string {
-	if r == nil || r.DeploymentsURL == nil {
+// GetSubscribersURL returns the SubscribersURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetSubscribersURL() string {
+	if r == nil || r.SubscribersURL == nil {
 		return ""
 	}
-	return *r.DeploymentsURL
+	return *r.SubscribersURL
 }
 
-// GetDescription returns the Description field if it's non-nil, zero value otherwise.
-func (r *Repository) GetDescription() string {
-	if r == nil || r.Description == nil {
+// GetSubscriptionURL returns the SubscriptionURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetSubscriptionURL() string {
+	if r == nil || r.SubscriptionURL == nil {
 		return ""
 	}
-	return *r.Description
+	return *r.SubscriptionURL
 }
 
-// GetDisabled returns the Disabled field if it's non-nil, zero value otherwise.
-func (r *Repository) GetDisabled() bool {
-	if r == nil || r.Disabled == nil {
-		return false
+// GetSVNURL returns the SVNURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetSVNURL() string {
+	if r == nil || r.SVNURL == nil {
+		return ""
 	}
-	return *r.Disabled
+	return *r.SVNURL
 }
 
-// GetDownloadsURL returns the DownloadsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetDownloadsURL() string {
-	if r == nil || r.DownloadsURL == nil {
+// GetTagsURL returns the TagsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetTagsURL() string {
+	if r == nil || r.TagsURL == nil {
 		return ""
 	}
-	return *r.DownloadsURL
+	return *r.TagsURL
 }
 
-// GetEventsURL returns the EventsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetEventsURL() string {
-	if r == nil || r.EventsURL == nil {
-		return ""
+// GetTeamID returns the TeamID field if it's non-nil, zero value otherwise.
+func (r *Repository) GetTeamID() int64 {
+	if r == nil || r.TeamID == nil {
+		return 0
 	}
-	return *r.EventsURL
+	return *r.TeamID
 }
 
-// GetFork returns the Fork field if it's non-nil, zero value otherwise.
-func (r *Repository) GetFork() bool {
-	if r == nil || r.Fork == nil {
-		return false
+// GetTeamsURL returns the TeamsURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetTeamsURL() string {
+	if r == nil || r.TeamsURL == nil {
+		return ""
 	}
-	return *r.Fork
+	return *r.TeamsURL
 }
 
-// GetForksCount returns the ForksCount field if it's non-nil, zero value otherwise.
-func (r *Repository) GetForksCount() int {
-	if r == nil || r.ForksCount == nil {
-		return 0
+// GetTemplateRepository returns the TemplateRepository field.
+func (r *Repository) GetTemplateRepository() *Repository {
+	if r == nil {
+		return nil
 	}
-	return *r.ForksCount
+	return r.TemplateRepository
 }
 
-// GetForksURL returns the ForksURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetForksURL() string {
-	if r == nil || r.ForksURL == nil {
+// GetTreesURL returns the TreesURL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetTreesURL() string {
+	if r == nil || r.TreesURL == nil {
 		return ""
 	}
-	return *r.ForksURL
+	return *r.TreesURL
 }
 
-// GetFullName returns the FullName field if it's non-nil, zero value otherwise.
-func (r *Repository) GetFullName() string {
-	if r == nil || r.FullName == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (r *Repository) GetUpdatedAt() Timestamp {
+	if r == nil || r.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *r.FullName
+	return *r.UpdatedAt
 }
 
-// GetGitCommitsURL returns the GitCommitsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetGitCommitsURL() string {
-	if r == nil || r.GitCommitsURL == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (r *Repository) GetURL() string {
+	if r == nil || r.URL == nil {
 		return ""
 	}
-	return *r.GitCommitsURL
+	return *r.URL
 }
 
-// GetGitignoreTemplate returns the GitignoreTemplate field if it's non-nil, zero value otherwise.
-func (r *Repository) GetGitignoreTemplate() string {
-	if r == nil || r.GitignoreTemplate == nil {
-		return ""
+// GetUseSquashPRTitleAsDefault returns the UseSquashPRTitleAsDefault field if it's non-nil, zero value otherwise.
+func (r *Repository) GetUseSquashPRTitleAsDefault() bool {
+	if r == nil || r.UseSquashPRTitleAsDefault == nil {
+		return false
 	}
-	return *r.GitignoreTemplate
+	return *r.UseSquashPRTitleAsDefault
 }
 
-// GetGitRefsURL returns the GitRefsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetGitRefsURL() string {
-	if r == nil || r.GitRefsURL == nil {
+// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
+func (r *Repository) GetVisibility() string {
+	if r == nil || r.Visibility == nil {
 		return ""
 	}
-	return *r.GitRefsURL
+	return *r.Visibility
 }
 
-// GetGitTagsURL returns the GitTagsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetGitTagsURL() string {
-	if r == nil || r.GitTagsURL == nil {
-		return ""
+// GetWatchers returns the Watchers field if it's non-nil, zero value otherwise.
+func (r *Repository) GetWatchers() int {
+	if r == nil || r.Watchers == nil {
+		return 0
 	}
-	return *r.GitTagsURL
+	return *r.Watchers
 }
 
-// GetGitURL returns the GitURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetGitURL() string {
-	if r == nil || r.GitURL == nil {
-		return ""
+// GetWatchersCount returns the WatchersCount field if it's non-nil, zero value otherwise.
+func (r *Repository) GetWatchersCount() int {
+	if r == nil || r.WatchersCount == nil {
+		return 0
 	}
-	return *r.GitURL
+	return *r.WatchersCount
 }
 
-// GetHasDiscussions returns the HasDiscussions field if it's non-nil, zero value otherwise.
-func (r *Repository) GetHasDiscussions() bool {
-	if r == nil || r.HasDiscussions == nil {
+// GetWebCommitSignoffRequired returns the WebCommitSignoffRequired field if it's non-nil, zero value otherwise.
+func (r *Repository) GetWebCommitSignoffRequired() bool {
+	if r == nil || r.WebCommitSignoffRequired == nil {
 		return false
 	}
-	return *r.HasDiscussions
+	return *r.WebCommitSignoffRequired
 }
 
-// GetHasDownloads returns the HasDownloads field if it's non-nil, zero value otherwise.
-func (r *Repository) GetHasDownloads() bool {
-	if r == nil || r.HasDownloads == nil {
-		return false
+// GetAccessLevel returns the AccessLevel field if it's non-nil, zero value otherwise.
+func (r *RepositoryActionsAccessLevel) GetAccessLevel() string {
+	if r == nil || r.AccessLevel == nil {
+		return ""
 	}
-	return *r.HasDownloads
+	return *r.AccessLevel
 }
 
-// GetHasIssues returns the HasIssues field if it's non-nil, zero value otherwise.
-func (r *Repository) GetHasIssues() bool {
-	if r == nil || r.HasIssues == nil {
-		return false
+// GetAdvancedSecurityCommitters returns the AdvancedSecurityCommitters field if it's non-nil, zero value otherwise.
+func (r *RepositoryActiveCommitters) GetAdvancedSecurityCommitters() int {
+	if r == nil || r.AdvancedSecurityCommitters == nil {
+		return 0
 	}
-	return *r.HasIssues
+	return *r.AdvancedSecurityCommitters
 }
 
-// GetHasPages returns the HasPages field if it's non-nil, zero value otherwise.
-func (r *Repository) GetHasPages() bool {
-	if r == nil || r.HasPages == nil {
-		return false
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (r *RepositoryActiveCommitters) GetName() string {
+	if r == nil || r.Name == nil {
+		return ""
 	}
-	return *r.HasPages
+	return *r.Name
 }
 
-// GetHasProjects returns the HasProjects field if it's non-nil, zero value otherwise.
-func (r *Repository) GetHasProjects() bool {
-	if r == nil || r.HasProjects == nil {
-		return false
+// GetConfiguration returns the Configuration field.
+func (r *RepositoryCodeSecurityConfiguration) GetConfiguration() *CodeSecurityConfiguration {
+	if r == nil {
+		return nil
 	}
-	return *r.HasProjects
+	return r.Configuration
 }
 
-// GetHasWiki returns the HasWiki field if it's non-nil, zero value otherwise.
-func (r *Repository) GetHasWiki() bool {
-	if r == nil || r.HasWiki == nil {
-		return false
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (r *RepositoryCodeSecurityConfiguration) GetState() string {
+	if r == nil || r.State == nil {
+		return ""
 	}
-	return *r.HasWiki
+	return *r.State
 }
 
-// GetHomepage returns the Homepage field if it's non-nil, zero value otherwise.
-func (r *Repository) GetHomepage() string {
-	if r == nil || r.Homepage == nil {
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (r *RepositoryComment) GetBody() string {
+	if r == nil || r.Body == nil {
 		return ""
 	}
-	return *r.Homepage
+	return *r.Body
 }
 
-// GetHooksURL returns the HooksURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetHooksURL() string {
-	if r == nil || r.HooksURL == nil {
+// GetCommitID returns the CommitID field if it's non-nil, zero value otherwise.
+func (r *RepositoryComment) GetCommitID() string {
+	if r == nil || r.CommitID == nil {
 		return ""
 	}
-	return *r.HooksURL
+	return *r.CommitID
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (r *RepositoryComment) GetCreatedAt() Timestamp {
+	if r == nil || r.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *r.CreatedAt
 }
 
 // GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetHTMLURL() string {
+func (r *RepositoryComment) GetHTMLURL() string {
 	if r == nil || r.HTMLURL == nil {
 		return ""
 	}
@@ -18095,1291 +22215,1323 @@ func (r *Repository) GetHTMLURL() string {
 }
 
 // GetID returns the ID field if it's non-nil, zero value otherwise.
-func (r *Repository) GetID() int64 {
+func (r *RepositoryComment) GetID() int64 {
 	if r == nil || r.ID == nil {
 		return 0
 	}
 	return *r.ID
 }
 
-// GetIssueCommentURL returns the IssueCommentURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetIssueCommentURL() string {
-	if r == nil || r.IssueCommentURL == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (r *RepositoryComment) GetNodeID() string {
+	if r == nil || r.NodeID == nil {
 		return ""
 	}
-	return *r.IssueCommentURL
+	return *r.NodeID
 }
 
-// GetIssueEventsURL returns the IssueEventsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetIssueEventsURL() string {
-	if r == nil || r.IssueEventsURL == nil {
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (r *RepositoryComment) GetPath() string {
+	if r == nil || r.Path == nil {
 		return ""
 	}
-	return *r.IssueEventsURL
+	return *r.Path
 }
 
-// GetIssuesURL returns the IssuesURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetIssuesURL() string {
-	if r == nil || r.IssuesURL == nil {
+// GetPosition returns the Position field if it's non-nil, zero value otherwise.
+func (r *RepositoryComment) GetPosition() int {
+	if r == nil || r.Position == nil {
+		return 0
+	}
+	return *r.Position
+}
+
+// GetReactions returns the Reactions field.
+func (r *RepositoryComment) GetReactions() *Reactions {
+	if r == nil {
+		return nil
+	}
+	return r.Reactions
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (r *RepositoryComment) GetUpdatedAt() Timestamp {
+	if r == nil || r.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *r.UpdatedAt
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (r *RepositoryComment) GetURL() string {
+	if r == nil || r.URL == nil {
 		return ""
 	}
-	return *r.IssuesURL
+	return *r.URL
 }
 
-// GetIsTemplate returns the IsTemplate field if it's non-nil, zero value otherwise.
-func (r *Repository) GetIsTemplate() bool {
-	if r == nil || r.IsTemplate == nil {
-		return false
+// GetUser returns the User field.
+func (r *RepositoryComment) GetUser() *User {
+	if r == nil {
+		return nil
 	}
-	return *r.IsTemplate
+	return r.User
 }
 
-// GetKeysURL returns the KeysURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetKeysURL() string {
-	if r == nil || r.KeysURL == nil {
+// GetAuthor returns the Author field.
+func (r *RepositoryCommit) GetAuthor() *User {
+	if r == nil {
+		return nil
+	}
+	return r.Author
+}
+
+// GetCommentsURL returns the CommentsURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryCommit) GetCommentsURL() string {
+	if r == nil || r.CommentsURL == nil {
 		return ""
 	}
-	return *r.KeysURL
+	return *r.CommentsURL
 }
 
-// GetLabelsURL returns the LabelsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetLabelsURL() string {
-	if r == nil || r.LabelsURL == nil {
+// GetCommit returns the Commit field.
+func (r *RepositoryCommit) GetCommit() *Commit {
+	if r == nil {
+		return nil
+	}
+	return r.Commit
+}
+
+// GetCommitter returns the Committer field.
+func (r *RepositoryCommit) GetCommitter() *User {
+	if r == nil {
+		return nil
+	}
+	return r.Committer
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryCommit) GetHTMLURL() string {
+	if r == nil || r.HTMLURL == nil {
 		return ""
 	}
-	return *r.LabelsURL
+	return *r.HTMLURL
 }
 
-// GetLanguage returns the Language field if it's non-nil, zero value otherwise.
-func (r *Repository) GetLanguage() string {
-	if r == nil || r.Language == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (r *RepositoryCommit) GetNodeID() string {
+	if r == nil || r.NodeID == nil {
 		return ""
 	}
-	return *r.Language
+	return *r.NodeID
 }
 
-// GetLanguagesURL returns the LanguagesURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetLanguagesURL() string {
-	if r == nil || r.LanguagesURL == nil {
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (r *RepositoryCommit) GetSHA() string {
+	if r == nil || r.SHA == nil {
 		return ""
 	}
-	return *r.LanguagesURL
+	return *r.SHA
 }
 
-// GetLicense returns the License field.
-func (r *Repository) GetLicense() *License {
+// GetStats returns the Stats field.
+func (r *RepositoryCommit) GetStats() *CommitStats {
 	if r == nil {
 		return nil
 	}
-	return r.License
+	return r.Stats
 }
 
-// GetLicenseTemplate returns the LicenseTemplate field if it's non-nil, zero value otherwise.
-func (r *Repository) GetLicenseTemplate() string {
-	if r == nil || r.LicenseTemplate == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (r *RepositoryCommit) GetURL() string {
+	if r == nil || r.URL == nil {
 		return ""
 	}
-	return *r.LicenseTemplate
+	return *r.URL
 }
 
-// GetMasterBranch returns the MasterBranch field if it's non-nil, zero value otherwise.
-func (r *Repository) GetMasterBranch() string {
-	if r == nil || r.MasterBranch == nil {
+// GetDownloadURL returns the DownloadURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetDownloadURL() string {
+	if r == nil || r.DownloadURL == nil {
 		return ""
 	}
-	return *r.MasterBranch
+	return *r.DownloadURL
 }
 
-// GetMergeCommitMessage returns the MergeCommitMessage field if it's non-nil, zero value otherwise.
-func (r *Repository) GetMergeCommitMessage() string {
-	if r == nil || r.MergeCommitMessage == nil {
+// GetEncoding returns the Encoding field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetEncoding() string {
+	if r == nil || r.Encoding == nil {
 		return ""
 	}
-	return *r.MergeCommitMessage
+	return *r.Encoding
 }
 
-// GetMergeCommitTitle returns the MergeCommitTitle field if it's non-nil, zero value otherwise.
-func (r *Repository) GetMergeCommitTitle() string {
-	if r == nil || r.MergeCommitTitle == nil {
+// GetGitURL returns the GitURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetGitURL() string {
+	if r == nil || r.GitURL == nil {
 		return ""
 	}
-	return *r.MergeCommitTitle
+	return *r.GitURL
 }
 
-// GetMergesURL returns the MergesURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetMergesURL() string {
-	if r == nil || r.MergesURL == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetHTMLURL() string {
+	if r == nil || r.HTMLURL == nil {
 		return ""
 	}
-	return *r.MergesURL
+	return *r.HTMLURL
 }
 
-// GetMilestonesURL returns the MilestonesURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetMilestonesURL() string {
-	if r == nil || r.MilestonesURL == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetName() string {
+	if r == nil || r.Name == nil {
 		return ""
 	}
-	return *r.MilestonesURL
+	return *r.Name
 }
 
-// GetMirrorURL returns the MirrorURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetMirrorURL() string {
-	if r == nil || r.MirrorURL == nil {
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetPath() string {
+	if r == nil || r.Path == nil {
 		return ""
 	}
-	return *r.MirrorURL
+	return *r.Path
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (r *Repository) GetName() string {
-	if r == nil || r.Name == nil {
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetSHA() string {
+	if r == nil || r.SHA == nil {
 		return ""
 	}
-	return *r.Name
+	return *r.SHA
 }
 
-// GetNetworkCount returns the NetworkCount field if it's non-nil, zero value otherwise.
-func (r *Repository) GetNetworkCount() int {
-	if r == nil || r.NetworkCount == nil {
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetSize() int {
+	if r == nil || r.Size == nil {
 		return 0
 	}
-	return *r.NetworkCount
+	return *r.Size
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (r *Repository) GetNodeID() string {
-	if r == nil || r.NodeID == nil {
+// GetSubmoduleGitURL returns the SubmoduleGitURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetSubmoduleGitURL() string {
+	if r == nil || r.SubmoduleGitURL == nil {
 		return ""
 	}
-	return *r.NodeID
+	return *r.SubmoduleGitURL
 }
 
-// GetNotificationsURL returns the NotificationsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetNotificationsURL() string {
-	if r == nil || r.NotificationsURL == nil {
+// GetTarget returns the Target field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetTarget() string {
+	if r == nil || r.Target == nil {
 		return ""
 	}
-	return *r.NotificationsURL
+	return *r.Target
 }
 
-// GetOpenIssues returns the OpenIssues field if it's non-nil, zero value otherwise.
-func (r *Repository) GetOpenIssues() int {
-	if r == nil || r.OpenIssues == nil {
-		return 0
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetType() string {
+	if r == nil || r.Type == nil {
+		return ""
 	}
-	return *r.OpenIssues
+	return *r.Type
 }
 
-// GetOpenIssuesCount returns the OpenIssuesCount field if it's non-nil, zero value otherwise.
-func (r *Repository) GetOpenIssuesCount() int {
-	if r == nil || r.OpenIssuesCount == nil {
-		return 0
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (r *RepositoryContent) GetURL() string {
+	if r == nil || r.URL == nil {
+		return ""
 	}
-	return *r.OpenIssuesCount
+	return *r.URL
 }
 
-// GetOrganization returns the Organization field.
-func (r *Repository) GetOrganization() *Organization {
+// GetAuthor returns the Author field.
+func (r *RepositoryContentFileOptions) GetAuthor() *CommitAuthor {
 	if r == nil {
 		return nil
 	}
-	return r.Organization
+	return r.Author
 }
 
-// GetOwner returns the Owner field.
-func (r *Repository) GetOwner() *User {
-	if r == nil {
-		return nil
+// GetBranch returns the Branch field if it's non-nil, zero value otherwise.
+func (r *RepositoryContentFileOptions) GetBranch() string {
+	if r == nil || r.Branch == nil {
+		return ""
 	}
-	return r.Owner
+	return *r.Branch
 }
 
-// GetParent returns the Parent field.
-func (r *Repository) GetParent() *Repository {
+// GetCommitter returns the Committer field.
+func (r *RepositoryContentFileOptions) GetCommitter() *CommitAuthor {
 	if r == nil {
 		return nil
 	}
-	return r.Parent
-}
-
-// GetPermissions returns the Permissions map if it's non-nil, an empty map otherwise.
-func (r *Repository) GetPermissions() map[string]bool {
-	if r == nil || r.Permissions == nil {
-		return map[string]bool{}
-	}
-	return r.Permissions
+	return r.Committer
 }
 
-// GetPrivate returns the Private field if it's non-nil, zero value otherwise.
-func (r *Repository) GetPrivate() bool {
-	if r == nil || r.Private == nil {
-		return false
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (r *RepositoryContentFileOptions) GetMessage() string {
+	if r == nil || r.Message == nil {
+		return ""
 	}
-	return *r.Private
+	return *r.Message
 }
 
-// GetPullsURL returns the PullsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetPullsURL() string {
-	if r == nil || r.PullsURL == nil {
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (r *RepositoryContentFileOptions) GetSHA() string {
+	if r == nil || r.SHA == nil {
 		return ""
 	}
-	return *r.PullsURL
+	return *r.SHA
 }
 
-// GetPushedAt returns the PushedAt field if it's non-nil, zero value otherwise.
-func (r *Repository) GetPushedAt() Timestamp {
-	if r == nil || r.PushedAt == nil {
-		return Timestamp{}
+// GetContent returns the Content field.
+func (r *RepositoryContentResponse) GetContent() *RepositoryContent {
+	if r == nil {
+		return nil
 	}
-	return *r.PushedAt
+	return r.Content
 }
 
-// GetReleasesURL returns the ReleasesURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetReleasesURL() string {
-	if r == nil || r.ReleasesURL == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (r *RepositoryDispatchEvent) GetAction() string {
+	if r == nil || r.Action == nil {
 		return ""
 	}
-	return *r.ReleasesURL
+	return *r.Action
 }
 
-// GetRoleName returns the RoleName field if it's non-nil, zero value otherwise.
-func (r *Repository) GetRoleName() string {
-	if r == nil || r.RoleName == nil {
+// GetBranch returns the Branch field if it's non-nil, zero value otherwise.
+func (r *RepositoryDispatchEvent) GetBranch() string {
+	if r == nil || r.Branch == nil {
 		return ""
 	}
-	return *r.RoleName
+	return *r.Branch
 }
 
-// GetSecurityAndAnalysis returns the SecurityAndAnalysis field.
-func (r *Repository) GetSecurityAndAnalysis() *SecurityAndAnalysis {
+// GetInstallation returns the Installation field.
+func (r *RepositoryDispatchEvent) GetInstallation() *Installation {
 	if r == nil {
 		return nil
 	}
-	return r.SecurityAndAnalysis
-}
-
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (r *Repository) GetSize() int {
-	if r == nil || r.Size == nil {
-		return 0
-	}
-	return *r.Size
+	return r.Installation
 }
 
-// GetSource returns the Source field.
-func (r *Repository) GetSource() *Repository {
+// GetOrg returns the Org field.
+func (r *RepositoryDispatchEvent) GetOrg() *Organization {
 	if r == nil {
 		return nil
 	}
-	return r.Source
-}
-
-// GetSquashMergeCommitMessage returns the SquashMergeCommitMessage field if it's non-nil, zero value otherwise.
-func (r *Repository) GetSquashMergeCommitMessage() string {
-	if r == nil || r.SquashMergeCommitMessage == nil {
-		return ""
-	}
-	return *r.SquashMergeCommitMessage
-}
-
-// GetSquashMergeCommitTitle returns the SquashMergeCommitTitle field if it's non-nil, zero value otherwise.
-func (r *Repository) GetSquashMergeCommitTitle() string {
-	if r == nil || r.SquashMergeCommitTitle == nil {
-		return ""
-	}
-	return *r.SquashMergeCommitTitle
-}
-
-// GetSSHURL returns the SSHURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetSSHURL() string {
-	if r == nil || r.SSHURL == nil {
-		return ""
-	}
-	return *r.SSHURL
+	return r.Org
 }
 
-// GetStargazersCount returns the StargazersCount field if it's non-nil, zero value otherwise.
-func (r *Repository) GetStargazersCount() int {
-	if r == nil || r.StargazersCount == nil {
-		return 0
+// GetRepo returns the Repo field.
+func (r *RepositoryDispatchEvent) GetRepo() *Repository {
+	if r == nil {
+		return nil
 	}
-	return *r.StargazersCount
-}
-
-// GetStargazersURL returns the StargazersURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetStargazersURL() string {
-	if r == nil || r.StargazersURL == nil {
-		return ""
+	return r.Repo
+}
+
+// GetSender returns the Sender field.
+func (r *RepositoryDispatchEvent) GetSender() *User {
+	if r == nil {
+		return nil
 	}
-	return *r.StargazersURL
+	return r.Sender
 }
 
-// GetStatusesURL returns the StatusesURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetStatusesURL() string {
-	if r == nil || r.StatusesURL == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (r *RepositoryEvent) GetAction() string {
+	if r == nil || r.Action == nil {
 		return ""
 	}
-	return *r.StatusesURL
+	return *r.Action
 }
 
-// GetSubscribersCount returns the SubscribersCount field if it's non-nil, zero value otherwise.
-func (r *Repository) GetSubscribersCount() int {
-	if r == nil || r.SubscribersCount == nil {
-		return 0
+// GetChanges returns the Changes field.
+func (r *RepositoryEvent) GetChanges() *EditChange {
+	if r == nil {
+		return nil
 	}
-	return *r.SubscribersCount
+	return r.Changes
 }
 
-// GetSubscribersURL returns the SubscribersURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetSubscribersURL() string {
-	if r == nil || r.SubscribersURL == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (r *RepositoryEvent) GetInstallation() *Installation {
+	if r == nil {
+		return nil
 	}
-	return *r.SubscribersURL
+	return r.Installation
 }
 
-// GetSubscriptionURL returns the SubscriptionURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetSubscriptionURL() string {
-	if r == nil || r.SubscriptionURL == nil {
-		return ""
+// GetOrg returns the Org field.
+func (r *RepositoryEvent) GetOrg() *Organization {
+	if r == nil {
+		return nil
 	}
-	return *r.SubscriptionURL
+	return r.Org
 }
 
-// GetSVNURL returns the SVNURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetSVNURL() string {
-	if r == nil || r.SVNURL == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (r *RepositoryEvent) GetRepo() *Repository {
+	if r == nil {
+		return nil
 	}
-	return *r.SVNURL
+	return r.Repo
 }
 
-// GetTagsURL returns the TagsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetTagsURL() string {
-	if r == nil || r.TagsURL == nil {
-		return ""
+// GetSender returns the Sender field.
+func (r *RepositoryEvent) GetSender() *User {
+	if r == nil {
+		return nil
 	}
-	return *r.TagsURL
+	return r.Sender
 }
 
-// GetTeamID returns the TeamID field if it's non-nil, zero value otherwise.
-func (r *Repository) GetTeamID() int64 {
-	if r == nil || r.TeamID == nil {
-		return 0
+// GetOrg returns the Org field.
+func (r *RepositoryImportEvent) GetOrg() *Organization {
+	if r == nil {
+		return nil
 	}
-	return *r.TeamID
+	return r.Org
 }
 
-// GetTeamsURL returns the TeamsURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetTeamsURL() string {
-	if r == nil || r.TeamsURL == nil {
-		return ""
+// GetRepo returns the Repo field.
+func (r *RepositoryImportEvent) GetRepo() *Repository {
+	if r == nil {
+		return nil
 	}
-	return *r.TeamsURL
+	return r.Repo
 }
 
-// GetTemplateRepository returns the TemplateRepository field.
-func (r *Repository) GetTemplateRepository() *Repository {
+// GetSender returns the Sender field.
+func (r *RepositoryImportEvent) GetSender() *User {
 	if r == nil {
 		return nil
 	}
-	return r.TemplateRepository
+	return r.Sender
 }
 
-// GetTreesURL returns the TreesURL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetTreesURL() string {
-	if r == nil || r.TreesURL == nil {
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (r *RepositoryImportEvent) GetStatus() string {
+	if r == nil || r.Status == nil {
 		return ""
 	}
-	return *r.TreesURL
+	return *r.Status
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (r *Repository) GetUpdatedAt() Timestamp {
-	if r == nil || r.UpdatedAt == nil {
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (r *RepositoryInvitation) GetCreatedAt() Timestamp {
+	if r == nil || r.CreatedAt == nil {
 		return Timestamp{}
 	}
-	return *r.UpdatedAt
-}
-
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *Repository) GetURL() string {
-	if r == nil || r.URL == nil {
-		return ""
-	}
-	return *r.URL
+	return *r.CreatedAt
 }
 
-// GetUseSquashPRTitleAsDefault returns the UseSquashPRTitleAsDefault field if it's non-nil, zero value otherwise.
-func (r *Repository) GetUseSquashPRTitleAsDefault() bool {
-	if r == nil || r.UseSquashPRTitleAsDefault == nil {
+// GetExpired returns the Expired field if it's non-nil, zero value otherwise.
+func (r *RepositoryInvitation) GetExpired() bool {
+	if r == nil || r.Expired == nil {
 		return false
 	}
-	return *r.UseSquashPRTitleAsDefault
+	return *r.Expired
 }
 
-// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
-func (r *Repository) GetVisibility() string {
-	if r == nil || r.Visibility == nil {
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryInvitation) GetHTMLURL() string {
+	if r == nil || r.HTMLURL == nil {
 		return ""
 	}
-	return *r.Visibility
+	return *r.HTMLURL
 }
 
-// GetWatchers returns the Watchers field if it's non-nil, zero value otherwise.
-func (r *Repository) GetWatchers() int {
-	if r == nil || r.Watchers == nil {
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (r *RepositoryInvitation) GetID() int64 {
+	if r == nil || r.ID == nil {
 		return 0
 	}
-	return *r.Watchers
+	return *r.ID
 }
 
-// GetWatchersCount returns the WatchersCount field if it's non-nil, zero value otherwise.
-func (r *Repository) GetWatchersCount() int {
-	if r == nil || r.WatchersCount == nil {
-		return 0
+// GetInvitee returns the Invitee field.
+func (r *RepositoryInvitation) GetInvitee() *User {
+	if r == nil {
+		return nil
 	}
-	return *r.WatchersCount
+	return r.Invitee
 }
 
-// GetWebCommitSignoffRequired returns the WebCommitSignoffRequired field if it's non-nil, zero value otherwise.
-func (r *Repository) GetWebCommitSignoffRequired() bool {
-	if r == nil || r.WebCommitSignoffRequired == nil {
-		return false
+// GetInviter returns the Inviter field.
+func (r *RepositoryInvitation) GetInviter() *User {
+	if r == nil {
+		return nil
 	}
-	return *r.WebCommitSignoffRequired
+	return r.Inviter
 }
 
-// GetAccessLevel returns the AccessLevel field if it's non-nil, zero value otherwise.
-func (r *RepositoryActionsAccessLevel) GetAccessLevel() string {
-	if r == nil || r.AccessLevel == nil {
+// GetPermissions returns the Permissions field if it's non-nil, zero value otherwise.
+func (r *RepositoryInvitation) GetPermissions() string {
+	if r == nil || r.Permissions == nil {
 		return ""
 	}
-	return *r.AccessLevel
+	return *r.Permissions
 }
 
-// GetAdvancedSecurityCommitters returns the AdvancedSecurityCommitters field if it's non-nil, zero value otherwise.
-func (r *RepositoryActiveCommitters) GetAdvancedSecurityCommitters() int {
-	if r == nil || r.AdvancedSecurityCommitters == nil {
-		return 0
+// GetRepo returns the Repo field.
+func (r *RepositoryInvitation) GetRepo() *Repository {
+	if r == nil {
+		return nil
 	}
-	return *r.AdvancedSecurityCommitters
+	return r.Repo
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (r *RepositoryActiveCommitters) GetName() string {
-	if r == nil || r.Name == nil {
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (r *RepositoryInvitation) GetURL() string {
+	if r == nil || r.URL == nil {
 		return ""
 	}
-	return *r.Name
+	return *r.URL
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (r *RepositoryComment) GetBody() string {
-	if r == nil || r.Body == nil {
+// GetContent returns the Content field if it's non-nil, zero value otherwise.
+func (r *RepositoryLicense) GetContent() string {
+	if r == nil || r.Content == nil {
 		return ""
 	}
-	return *r.Body
+	return *r.Content
 }
 
-// GetCommitID returns the CommitID field if it's non-nil, zero value otherwise.
-func (r *RepositoryComment) GetCommitID() string {
-	if r == nil || r.CommitID == nil {
+// GetDownloadURL returns the DownloadURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryLicense) GetDownloadURL() string {
+	if r == nil || r.DownloadURL == nil {
 		return ""
 	}
-	return *r.CommitID
+	return *r.DownloadURL
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (r *RepositoryComment) GetCreatedAt() Timestamp {
-	if r == nil || r.CreatedAt == nil {
-		return Timestamp{}
+// GetEncoding returns the Encoding field if it's non-nil, zero value otherwise.
+func (r *RepositoryLicense) GetEncoding() string {
+	if r == nil || r.Encoding == nil {
+		return ""
 	}
-	return *r.CreatedAt
+	return *r.Encoding
+}
+
+// GetGitURL returns the GitURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryLicense) GetGitURL() string {
+	if r == nil || r.GitURL == nil {
+		return ""
+	}
+	return *r.GitURL
 }
 
 // GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryComment) GetHTMLURL() string {
+func (r *RepositoryLicense) GetHTMLURL() string {
 	if r == nil || r.HTMLURL == nil {
 		return ""
 	}
 	return *r.HTMLURL
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (r *RepositoryComment) GetID() int64 {
-	if r == nil || r.ID == nil {
-		return 0
+// GetLicense returns the License field.
+func (r *RepositoryLicense) GetLicense() *License {
+	if r == nil {
+		return nil
 	}
-	return *r.ID
+	return r.License
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (r *RepositoryComment) GetNodeID() string {
-	if r == nil || r.NodeID == nil {
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (r *RepositoryLicense) GetName() string {
+	if r == nil || r.Name == nil {
 		return ""
 	}
-	return *r.NodeID
+	return *r.Name
 }
 
 // GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (r *RepositoryComment) GetPath() string {
+func (r *RepositoryLicense) GetPath() string {
 	if r == nil || r.Path == nil {
 		return ""
 	}
 	return *r.Path
 }
 
-// GetPosition returns the Position field if it's non-nil, zero value otherwise.
-func (r *RepositoryComment) GetPosition() int {
-	if r == nil || r.Position == nil {
-		return 0
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (r *RepositoryLicense) GetSHA() string {
+	if r == nil || r.SHA == nil {
+		return ""
 	}
-	return *r.Position
+	return *r.SHA
 }
 
-// GetReactions returns the Reactions field.
-func (r *RepositoryComment) GetReactions() *Reactions {
-	if r == nil {
-		return nil
+// GetSize returns the Size field if it's non-nil, zero value otherwise.
+func (r *RepositoryLicense) GetSize() int {
+	if r == nil || r.Size == nil {
+		return 0
 	}
-	return r.Reactions
+	return *r.Size
 }
 
-// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
-func (r *RepositoryComment) GetUpdatedAt() Timestamp {
-	if r == nil || r.UpdatedAt == nil {
-		return Timestamp{}
+// GetType returns the Type field if it's non-nil, zero value otherwise.
+func (r *RepositoryLicense) GetType() string {
+	if r == nil || r.Type == nil {
+		return ""
 	}
-	return *r.UpdatedAt
+	return *r.Type
 }
 
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *RepositoryComment) GetURL() string {
+func (r *RepositoryLicense) GetURL() string {
 	if r == nil || r.URL == nil {
 		return ""
 	}
 	return *r.URL
 }
 
-// GetUser returns the User field.
-func (r *RepositoryComment) GetUser() *User {
-	if r == nil {
-		return nil
+// GetIncludesParents returns the IncludesParents field if it's non-nil, zero value otherwise.
+func (r *RepositoryListRulesetsOptions) GetIncludesParents() bool {
+	if r == nil || r.IncludesParents == nil {
+		return false
 	}
-	return r.User
+	return *r.IncludesParents
 }
 
-// GetAuthor returns the Author field.
-func (r *RepositoryCommit) GetAuthor() *User {
-	if r == nil {
-		return nil
+// GetBase returns the Base field if it's non-nil, zero value otherwise.
+func (r *RepositoryMergeRequest) GetBase() string {
+	if r == nil || r.Base == nil {
+		return ""
 	}
-	return r.Author
+	return *r.Base
 }
 
-// GetCommentsURL returns the CommentsURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryCommit) GetCommentsURL() string {
-	if r == nil || r.CommentsURL == nil {
+// GetCommitMessage returns the CommitMessage field if it's non-nil, zero value otherwise.
+func (r *RepositoryMergeRequest) GetCommitMessage() string {
+	if r == nil || r.CommitMessage == nil {
 		return ""
 	}
-	return *r.CommentsURL
+	return *r.CommitMessage
 }
 
-// GetCommit returns the Commit field.
-func (r *RepositoryCommit) GetCommit() *Commit {
-	if r == nil {
-		return nil
+// GetHead returns the Head field if it's non-nil, zero value otherwise.
+func (r *RepositoryMergeRequest) GetHead() string {
+	if r == nil || r.Head == nil {
+		return ""
 	}
-	return r.Commit
+	return *r.Head
 }
 
-// GetCommitter returns the Committer field.
-func (r *RepositoryCommit) GetCommitter() *User {
-	if r == nil {
-		return nil
+// GetPermission returns the Permission field if it's non-nil, zero value otherwise.
+func (r *RepositoryPermissionLevel) GetPermission() string {
+	if r == nil || r.Permission == nil {
+		return ""
 	}
-	return r.Committer
+	return *r.Permission
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryCommit) GetHTMLURL() string {
-	if r == nil || r.HTMLURL == nil {
+// GetRoleName returns the RoleName field if it's non-nil, zero value otherwise.
+func (r *RepositoryPermissionLevel) GetRoleName() string {
+	if r == nil || r.RoleName == nil {
 		return ""
 	}
-	return *r.HTMLURL
+	return *r.RoleName
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (r *RepositoryCommit) GetNodeID() string {
-	if r == nil || r.NodeID == nil {
-		return ""
+// GetUser returns the User field.
+func (r *RepositoryPermissionLevel) GetUser() *User {
+	if r == nil {
+		return nil
 	}
-	return *r.NodeID
+	return r.User
 }
 
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (r *RepositoryCommit) GetSHA() string {
-	if r == nil || r.SHA == nil {
+// GetAssetsURL returns the AssetsURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetAssetsURL() string {
+	if r == nil || r.AssetsURL == nil {
 		return ""
 	}
-	return *r.SHA
+	return *r.AssetsURL
 }
 
-// GetStats returns the Stats field.
-func (r *RepositoryCommit) GetStats() *CommitStats {
+// GetAuthor returns the Author field.
+func (r *RepositoryRelease) GetAuthor() *User {
 	if r == nil {
 		return nil
 	}
-	return r.Stats
+	return r.Author
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *RepositoryCommit) GetURL() string {
-	if r == nil || r.URL == nil {
+// GetBody returns the Body field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetBody() string {
+	if r == nil || r.Body == nil {
 		return ""
 	}
-	return *r.URL
+	return *r.Body
 }
 
-// GetDownloadURL returns the DownloadURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetDownloadURL() string {
-	if r == nil || r.DownloadURL == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetCreatedAt() Timestamp {
+	if r == nil || r.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *r.DownloadURL
+	return *r.CreatedAt
 }
 
-// GetEncoding returns the Encoding field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetEncoding() string {
-	if r == nil || r.Encoding == nil {
+// GetDiscussionCategoryName returns the DiscussionCategoryName field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetDiscussionCategoryName() string {
+	if r == nil || r.DiscussionCategoryName == nil {
 		return ""
 	}
-	return *r.Encoding
+	return *r.DiscussionCategoryName
 }
 
-// GetGitURL returns the GitURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetGitURL() string {
-	if r == nil || r.GitURL == nil {
-		return ""
+// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetDraft() bool {
+	if r == nil || r.Draft == nil {
+		return false
 	}
-	return *r.GitURL
+	return *r.Draft
+}
+
+// GetGenerateReleaseNotes returns the GenerateReleaseNotes field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetGenerateReleaseNotes() bool {
+	if r == nil || r.GenerateReleaseNotes == nil {
+		return false
+	}
+	return *r.GenerateReleaseNotes
 }
 
 // GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetHTMLURL() string {
+func (r *RepositoryRelease) GetHTMLURL() string {
 	if r == nil || r.HTMLURL == nil {
 		return ""
 	}
 	return *r.HTMLURL
 }
 
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetID() int64 {
+	if r == nil || r.ID == nil {
+		return 0
+	}
+	return *r.ID
+}
+
+// GetMakeLatest returns the MakeLatest field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetMakeLatest() string {
+	if r == nil || r.MakeLatest == nil {
+		return ""
+	}
+	return *r.MakeLatest
+}
+
 // GetName returns the Name field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetName() string {
+func (r *RepositoryRelease) GetName() string {
 	if r == nil || r.Name == nil {
 		return ""
 	}
 	return *r.Name
 }
 
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetPath() string {
-	if r == nil || r.Path == nil {
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetNodeID() string {
+	if r == nil || r.NodeID == nil {
 		return ""
 	}
-	return *r.Path
+	return *r.NodeID
 }
 
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetSHA() string {
-	if r == nil || r.SHA == nil {
-		return ""
+// GetPrerelease returns the Prerelease field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetPrerelease() bool {
+	if r == nil || r.Prerelease == nil {
+		return false
 	}
-	return *r.SHA
+	return *r.Prerelease
 }
 
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetSize() int {
-	if r == nil || r.Size == nil {
-		return 0
+// GetPublishedAt returns the PublishedAt field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetPublishedAt() Timestamp {
+	if r == nil || r.PublishedAt == nil {
+		return Timestamp{}
 	}
-	return *r.Size
+	return *r.PublishedAt
 }
 
-// GetSubmoduleGitURL returns the SubmoduleGitURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetSubmoduleGitURL() string {
-	if r == nil || r.SubmoduleGitURL == nil {
+// GetTagName returns the TagName field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetTagName() string {
+	if r == nil || r.TagName == nil {
 		return ""
 	}
-	return *r.SubmoduleGitURL
+	return *r.TagName
 }
 
-// GetTarget returns the Target field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetTarget() string {
-	if r == nil || r.Target == nil {
+// GetTarballURL returns the TarballURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetTarballURL() string {
+	if r == nil || r.TarballURL == nil {
 		return ""
 	}
-	return *r.Target
+	return *r.TarballURL
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetType() string {
-	if r == nil || r.Type == nil {
+// GetTargetCommitish returns the TargetCommitish field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetTargetCommitish() string {
+	if r == nil || r.TargetCommitish == nil {
 		return ""
 	}
-	return *r.Type
+	return *r.TargetCommitish
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *RepositoryContent) GetURL() string {
-	if r == nil || r.URL == nil {
+// GetUploadURL returns the UploadURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetUploadURL() string {
+	if r == nil || r.UploadURL == nil {
 		return ""
 	}
-	return *r.URL
+	return *r.UploadURL
 }
 
-// GetAuthor returns the Author field.
-func (r *RepositoryContentFileOptions) GetAuthor() *CommitAuthor {
-	if r == nil {
-		return nil
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetURL() string {
+	if r == nil || r.URL == nil {
+		return ""
 	}
-	return r.Author
+	return *r.URL
 }
 
-// GetBranch returns the Branch field if it's non-nil, zero value otherwise.
-func (r *RepositoryContentFileOptions) GetBranch() string {
-	if r == nil || r.Branch == nil {
+// GetZipballURL returns the ZipballURL field if it's non-nil, zero value otherwise.
+func (r *RepositoryRelease) GetZipballURL() string {
+	if r == nil || r.ZipballURL == nil {
 		return ""
 	}
-	return *r.Branch
+	return *r.ZipballURL
 }
 
-// GetCommitter returns the Committer field.
-func (r *RepositoryContentFileOptions) GetCommitter() *CommitAuthor {
+// GetConditions returns the Conditions field.
+func (r *RepositoryRuleset) GetConditions() *RepositoryRulesetConditions {
 	if r == nil {
 		return nil
 	}
-	return r.Committer
-}
-
-// GetMessage returns the Message field if it's non-nil, zero value otherwise.
-func (r *RepositoryContentFileOptions) GetMessage() string {
-	if r == nil || r.Message == nil {
-		return ""
-	}
-	return *r.Message
+	return r.Conditions
 }
 
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (r *RepositoryContentFileOptions) GetSHA() string {
-	if r == nil || r.SHA == nil {
-		return ""
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (r *RepositoryRuleset) GetCreatedAt() Timestamp {
+	if r == nil || r.CreatedAt == nil {
+		return Timestamp{}
 	}
-	return *r.SHA
+	return *r.CreatedAt
 }
 
-// GetContent returns the Content field.
-func (r *RepositoryContentResponse) GetContent() *RepositoryContent {
+// GetCurrentUserCanBypass returns the CurrentUserCanBypass field.
+func (r *RepositoryRuleset) GetCurrentUserCanBypass() *BypassMode {
 	if r == nil {
 		return nil
 	}
-	return r.Content
+	return r.CurrentUserCanBypass
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (r *RepositoryDispatchEvent) GetAction() string {
-	if r == nil || r.Action == nil {
-		return ""
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (r *RepositoryRuleset) GetID() int64 {
+	if r == nil || r.ID == nil {
+		return 0
 	}
-	return *r.Action
+	return *r.ID
 }
 
-// GetBranch returns the Branch field if it's non-nil, zero value otherwise.
-func (r *RepositoryDispatchEvent) GetBranch() string {
-	if r == nil || r.Branch == nil {
-		return ""
+// GetLinks returns the Links field.
+func (r *RepositoryRuleset) GetLinks() *RepositoryRulesetLinks {
+	if r == nil {
+		return nil
 	}
-	return *r.Branch
+	return r.Links
 }
 
-// GetInstallation returns the Installation field.
-func (r *RepositoryDispatchEvent) GetInstallation() *Installation {
-	if r == nil {
-		return nil
+// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
+func (r *RepositoryRuleset) GetNodeID() string {
+	if r == nil || r.NodeID == nil {
+		return ""
 	}
-	return r.Installation
+	return *r.NodeID
 }
 
-// GetOrg returns the Org field.
-func (r *RepositoryDispatchEvent) GetOrg() *Organization {
+// GetRules returns the Rules field.
+func (r *RepositoryRuleset) GetRules() *RepositoryRulesetRules {
 	if r == nil {
 		return nil
 	}
-	return r.Org
+	return r.Rules
 }
 
-// GetRepo returns the Repo field.
-func (r *RepositoryDispatchEvent) GetRepo() *Repository {
+// GetSourceType returns the SourceType field.
+func (r *RepositoryRuleset) GetSourceType() *RulesetSourceType {
 	if r == nil {
 		return nil
 	}
-	return r.Repo
+	return r.SourceType
 }
 
-// GetSender returns the Sender field.
-func (r *RepositoryDispatchEvent) GetSender() *User {
+// GetTarget returns the Target field.
+func (r *RepositoryRuleset) GetTarget() *RulesetTarget {
 	if r == nil {
 		return nil
 	}
-	return r.Sender
+	return r.Target
 }
 
-// GetAction returns the Action field if it's non-nil, zero value otherwise.
-func (r *RepositoryEvent) GetAction() string {
-	if r == nil || r.Action == nil {
-		return ""
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (r *RepositoryRuleset) GetUpdatedAt() Timestamp {
+	if r == nil || r.UpdatedAt == nil {
+		return Timestamp{}
 	}
-	return *r.Action
+	return *r.UpdatedAt
 }
 
-// GetChanges returns the Changes field.
-func (r *RepositoryEvent) GetChanges() *EditChange {
+// GetConfiguration returns the Configuration field.
+func (r *RepositoryRulesetChangedRule) GetConfiguration() *RepositoryRulesetChangeSource {
 	if r == nil {
 		return nil
 	}
-	return r.Changes
+	return r.Configuration
 }
 
-// GetInstallation returns the Installation field.
-func (r *RepositoryEvent) GetInstallation() *Installation {
+// GetPattern returns the Pattern field.
+func (r *RepositoryRulesetChangedRule) GetPattern() *RepositoryRulesetChangeSource {
 	if r == nil {
 		return nil
 	}
-	return r.Installation
+	return r.Pattern
 }
 
-// GetOrg returns the Org field.
-func (r *RepositoryEvent) GetOrg() *Organization {
+// GetRuleType returns the RuleType field.
+func (r *RepositoryRulesetChangedRule) GetRuleType() *RepositoryRulesetChangeSource {
 	if r == nil {
 		return nil
 	}
-	return r.Org
+	return r.RuleType
 }
 
-// GetRepo returns the Repo field.
-func (r *RepositoryEvent) GetRepo() *Repository {
+// GetConditions returns the Conditions field.
+func (r *RepositoryRulesetChanges) GetConditions() *RepositoryRulesetChangedConditions {
 	if r == nil {
 		return nil
 	}
-	return r.Repo
+	return r.Conditions
 }
 
-// GetSender returns the Sender field.
-func (r *RepositoryEvent) GetSender() *User {
+// GetEnforcement returns the Enforcement field.
+func (r *RepositoryRulesetChanges) GetEnforcement() *RepositoryRulesetChangeSource {
 	if r == nil {
 		return nil
 	}
-	return r.Sender
+	return r.Enforcement
 }
 
-// GetOrg returns the Org field.
-func (r *RepositoryImportEvent) GetOrg() *Organization {
+// GetName returns the Name field.
+func (r *RepositoryRulesetChanges) GetName() *RepositoryRulesetChangeSource {
 	if r == nil {
 		return nil
 	}
-	return r.Org
+	return r.Name
 }
 
-// GetRepo returns the Repo field.
-func (r *RepositoryImportEvent) GetRepo() *Repository {
+// GetRules returns the Rules field.
+func (r *RepositoryRulesetChanges) GetRules() *RepositoryRulesetChangedRules {
 	if r == nil {
 		return nil
 	}
-	return r.Repo
+	return r.Rules
 }
 
-// GetSender returns the Sender field.
-func (r *RepositoryImportEvent) GetSender() *User {
-	if r == nil {
-		return nil
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (r *RepositoryRulesetChangeSource) GetFrom() string {
+	if r == nil || r.From == nil {
+		return ""
 	}
-	return r.Sender
+	return *r.From
 }
 
-// GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (r *RepositoryImportEvent) GetStatus() string {
-	if r == nil || r.Status == nil {
-		return ""
+// GetOrganizationID returns the OrganizationID field.
+func (r *RepositoryRulesetConditions) GetOrganizationID() *RepositoryRulesetOrganizationIDsConditionParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.Status
+	return r.OrganizationID
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (r *RepositoryInvitation) GetCreatedAt() Timestamp {
-	if r == nil || r.CreatedAt == nil {
-		return Timestamp{}
+// GetOrganizationName returns the OrganizationName field.
+func (r *RepositoryRulesetConditions) GetOrganizationName() *RepositoryRulesetOrganizationNamesConditionParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.CreatedAt
+	return r.OrganizationName
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryInvitation) GetHTMLURL() string {
-	if r == nil || r.HTMLURL == nil {
-		return ""
+// GetRefName returns the RefName field.
+func (r *RepositoryRulesetConditions) GetRefName() *RepositoryRulesetRefConditionParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.HTMLURL
+	return r.RefName
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (r *RepositoryInvitation) GetID() int64 {
-	if r == nil || r.ID == nil {
-		return 0
+// GetRepositoryID returns the RepositoryID field.
+func (r *RepositoryRulesetConditions) GetRepositoryID() *RepositoryRulesetRepositoryIDsConditionParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.ID
+	return r.RepositoryID
 }
 
-// GetInvitee returns the Invitee field.
-func (r *RepositoryInvitation) GetInvitee() *User {
+// GetRepositoryName returns the RepositoryName field.
+func (r *RepositoryRulesetConditions) GetRepositoryName() *RepositoryRulesetRepositoryNamesConditionParameters {
 	if r == nil {
 		return nil
 	}
-	return r.Invitee
+	return r.RepositoryName
 }
 
-// GetInviter returns the Inviter field.
-func (r *RepositoryInvitation) GetInviter() *User {
+// GetRepositoryProperty returns the RepositoryProperty field.
+func (r *RepositoryRulesetConditions) GetRepositoryProperty() *RepositoryRulesetRepositoryPropertyConditionParameters {
 	if r == nil {
 		return nil
 	}
-	return r.Inviter
+	return r.RepositoryProperty
 }
 
-// GetPermissions returns the Permissions field if it's non-nil, zero value otherwise.
-func (r *RepositoryInvitation) GetPermissions() string {
-	if r == nil || r.Permissions == nil {
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (r *RepositoryRulesetEvent) GetAction() string {
+	if r == nil || r.Action == nil {
 		return ""
 	}
-	return *r.Permissions
+	return *r.Action
 }
 
-// GetRepo returns the Repo field.
-func (r *RepositoryInvitation) GetRepo() *Repository {
+// GetChanges returns the Changes field.
+func (r *RepositoryRulesetEvent) GetChanges() *RepositoryRulesetChanges {
 	if r == nil {
 		return nil
 	}
-	return r.Repo
+	return r.Changes
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *RepositoryInvitation) GetURL() string {
-	if r == nil || r.URL == nil {
-		return ""
+// GetEnterprise returns the Enterprise field.
+func (r *RepositoryRulesetEvent) GetEnterprise() *Enterprise {
+	if r == nil {
+		return nil
 	}
-	return *r.URL
+	return r.Enterprise
 }
 
-// GetContent returns the Content field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetContent() string {
-	if r == nil || r.Content == nil {
-		return ""
+// GetInstallation returns the Installation field.
+func (r *RepositoryRulesetEvent) GetInstallation() *Installation {
+	if r == nil {
+		return nil
 	}
-	return *r.Content
+	return r.Installation
 }
 
-// GetDownloadURL returns the DownloadURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetDownloadURL() string {
-	if r == nil || r.DownloadURL == nil {
-		return ""
+// GetOrganization returns the Organization field.
+func (r *RepositoryRulesetEvent) GetOrganization() *Organization {
+	if r == nil {
+		return nil
 	}
-	return *r.DownloadURL
+	return r.Organization
 }
 
-// GetEncoding returns the Encoding field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetEncoding() string {
-	if r == nil || r.Encoding == nil {
-		return ""
+// GetRepository returns the Repository field.
+func (r *RepositoryRulesetEvent) GetRepository() *Repository {
+	if r == nil {
+		return nil
 	}
-	return *r.Encoding
+	return r.Repository
 }
 
-// GetGitURL returns the GitURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetGitURL() string {
-	if r == nil || r.GitURL == nil {
-		return ""
+// GetRepositoryRuleset returns the RepositoryRuleset field.
+func (r *RepositoryRulesetEvent) GetRepositoryRuleset() *RepositoryRuleset {
+	if r == nil {
+		return nil
 	}
-	return *r.GitURL
+	return r.RepositoryRuleset
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetHTMLURL() string {
-	if r == nil || r.HTMLURL == nil {
+// GetSender returns the Sender field.
+func (r *RepositoryRulesetEvent) GetSender() *User {
+	if r == nil {
+		return nil
+	}
+	return r.Sender
+}
+
+// GetHRef returns the HRef field if it's non-nil, zero value otherwise.
+func (r *RepositoryRulesetLink) GetHRef() string {
+	if r == nil || r.HRef == nil {
 		return ""
 	}
-	return *r.HTMLURL
+	return *r.HRef
 }
 
-// GetLicense returns the License field.
-func (r *RepositoryLicense) GetLicense() *License {
+// GetHTML returns the HTML field.
+func (r *RepositoryRulesetLinks) GetHTML() *RepositoryRulesetLink {
 	if r == nil {
 		return nil
 	}
-	return r.License
+	return r.HTML
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetName() string {
-	if r == nil || r.Name == nil {
-		return ""
+// GetSelf returns the Self field.
+func (r *RepositoryRulesetLinks) GetSelf() *RepositoryRulesetLink {
+	if r == nil {
+		return nil
 	}
-	return *r.Name
+	return r.Self
 }
 
-// GetPath returns the Path field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetPath() string {
-	if r == nil || r.Path == nil {
-		return ""
+// GetProtected returns the Protected field if it's non-nil, zero value otherwise.
+func (r *RepositoryRulesetRepositoryNamesConditionParameters) GetProtected() bool {
+	if r == nil || r.Protected == nil {
+		return false
 	}
-	return *r.Path
+	return *r.Protected
 }
 
-// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetSHA() string {
-	if r == nil || r.SHA == nil {
+// GetSource returns the Source field if it's non-nil, zero value otherwise.
+func (r *RepositoryRulesetRepositoryPropertyTargetParameters) GetSource() string {
+	if r == nil || r.Source == nil {
 		return ""
 	}
-	return *r.SHA
+	return *r.Source
 }
 
-// GetSize returns the Size field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetSize() int {
-	if r == nil || r.Size == nil {
-		return 0
+// GetBranchNamePattern returns the BranchNamePattern field.
+func (r *RepositoryRulesetRules) GetBranchNamePattern() *PatternRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.Size
+	return r.BranchNamePattern
 }
 
-// GetType returns the Type field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetType() string {
-	if r == nil || r.Type == nil {
-		return ""
+// GetCodeScanning returns the CodeScanning field.
+func (r *RepositoryRulesetRules) GetCodeScanning() *CodeScanningRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.Type
+	return r.CodeScanning
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *RepositoryLicense) GetURL() string {
-	if r == nil || r.URL == nil {
-		return ""
+// GetCommitAuthorEmailPattern returns the CommitAuthorEmailPattern field.
+func (r *RepositoryRulesetRules) GetCommitAuthorEmailPattern() *PatternRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.URL
+	return r.CommitAuthorEmailPattern
 }
 
-// GetBase returns the Base field if it's non-nil, zero value otherwise.
-func (r *RepositoryMergeRequest) GetBase() string {
-	if r == nil || r.Base == nil {
-		return ""
+// GetCommitMessagePattern returns the CommitMessagePattern field.
+func (r *RepositoryRulesetRules) GetCommitMessagePattern() *PatternRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.Base
+	return r.CommitMessagePattern
 }
 
-// GetCommitMessage returns the CommitMessage field if it's non-nil, zero value otherwise.
-func (r *RepositoryMergeRequest) GetCommitMessage() string {
-	if r == nil || r.CommitMessage == nil {
-		return ""
+// GetCommitterEmailPattern returns the CommitterEmailPattern field.
+func (r *RepositoryRulesetRules) GetCommitterEmailPattern() *PatternRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.CommitMessage
+	return r.CommitterEmailPattern
 }
 
-// GetHead returns the Head field if it's non-nil, zero value otherwise.
-func (r *RepositoryMergeRequest) GetHead() string {
-	if r == nil || r.Head == nil {
-		return ""
+// GetCreation returns the Creation field.
+func (r *RepositoryRulesetRules) GetCreation() *EmptyRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.Head
+	return r.Creation
 }
 
-// GetPermission returns the Permission field if it's non-nil, zero value otherwise.
-func (r *RepositoryPermissionLevel) GetPermission() string {
-	if r == nil || r.Permission == nil {
-		return ""
+// GetDeletion returns the Deletion field.
+func (r *RepositoryRulesetRules) GetDeletion() *EmptyRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.Permission
+	return r.Deletion
 }
 
-// GetUser returns the User field.
-func (r *RepositoryPermissionLevel) GetUser() *User {
+// GetFileExtensionRestriction returns the FileExtensionRestriction field.
+func (r *RepositoryRulesetRules) GetFileExtensionRestriction() *FileExtensionRestrictionRuleParameters {
 	if r == nil {
 		return nil
 	}
-	return r.User
+	return r.FileExtensionRestriction
 }
 
-// GetAssetsURL returns the AssetsURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetAssetsURL() string {
-	if r == nil || r.AssetsURL == nil {
-		return ""
+// GetFilePathRestriction returns the FilePathRestriction field.
+func (r *RepositoryRulesetRules) GetFilePathRestriction() *FilePathRestrictionRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.AssetsURL
+	return r.FilePathRestriction
 }
 
-// GetAuthor returns the Author field.
-func (r *RepositoryRelease) GetAuthor() *User {
+// GetMaxFilePathLength returns the MaxFilePathLength field.
+func (r *RepositoryRulesetRules) GetMaxFilePathLength() *MaxFilePathLengthRuleParameters {
 	if r == nil {
 		return nil
 	}
-	return r.Author
+	return r.MaxFilePathLength
 }
 
-// GetBody returns the Body field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetBody() string {
-	if r == nil || r.Body == nil {
-		return ""
+// GetMaxFileSize returns the MaxFileSize field.
+func (r *RepositoryRulesetRules) GetMaxFileSize() *MaxFileSizeRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.Body
+	return r.MaxFileSize
 }
 
-// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetCreatedAt() Timestamp {
-	if r == nil || r.CreatedAt == nil {
-		return Timestamp{}
+// GetMergeQueue returns the MergeQueue field.
+func (r *RepositoryRulesetRules) GetMergeQueue() *MergeQueueRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.CreatedAt
+	return r.MergeQueue
 }
 
-// GetDiscussionCategoryName returns the DiscussionCategoryName field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetDiscussionCategoryName() string {
-	if r == nil || r.DiscussionCategoryName == nil {
-		return ""
+// GetNonFastForward returns the NonFastForward field.
+func (r *RepositoryRulesetRules) GetNonFastForward() *EmptyRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.DiscussionCategoryName
+	return r.NonFastForward
 }
 
-// GetDraft returns the Draft field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetDraft() bool {
-	if r == nil || r.Draft == nil {
-		return false
+// GetPullRequest returns the PullRequest field.
+func (r *RepositoryRulesetRules) GetPullRequest() *PullRequestRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.Draft
+	return r.PullRequest
 }
 
-// GetGenerateReleaseNotes returns the GenerateReleaseNotes field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetGenerateReleaseNotes() bool {
-	if r == nil || r.GenerateReleaseNotes == nil {
-		return false
+// GetRequiredDeployments returns the RequiredDeployments field.
+func (r *RepositoryRulesetRules) GetRequiredDeployments() *RequiredDeploymentsRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.GenerateReleaseNotes
+	return r.RequiredDeployments
 }
 
-// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetHTMLURL() string {
-	if r == nil || r.HTMLURL == nil {
-		return ""
+// GetRequiredLinearHistory returns the RequiredLinearHistory field.
+func (r *RepositoryRulesetRules) GetRequiredLinearHistory() *EmptyRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.HTMLURL
+	return r.RequiredLinearHistory
 }
 
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetID() int64 {
-	if r == nil || r.ID == nil {
-		return 0
+// GetRequiredSignatures returns the RequiredSignatures field.
+func (r *RepositoryRulesetRules) GetRequiredSignatures() *EmptyRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.ID
+	return r.RequiredSignatures
 }
 
-// GetMakeLatest returns the MakeLatest field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetMakeLatest() string {
-	if r == nil || r.MakeLatest == nil {
-		return ""
+// GetRequiredStatusChecks returns the RequiredStatusChecks field.
+func (r *RepositoryRulesetRules) GetRequiredStatusChecks() *RequiredStatusChecksRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.MakeLatest
+	return r.RequiredStatusChecks
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetName() string {
-	if r == nil || r.Name == nil {
-		return ""
+// GetTagNamePattern returns the TagNamePattern field.
+func (r *RepositoryRulesetRules) GetTagNamePattern() *PatternRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.Name
+	return r.TagNamePattern
 }
 
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetNodeID() string {
-	if r == nil || r.NodeID == nil {
-		return ""
+// GetUpdate returns the Update field.
+func (r *RepositoryRulesetRules) GetUpdate() *UpdateRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.NodeID
+	return r.Update
 }
 
-// GetPrerelease returns the Prerelease field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetPrerelease() bool {
-	if r == nil || r.Prerelease == nil {
-		return false
+// GetWorkflows returns the Workflows field.
+func (r *RepositoryRulesetRules) GetWorkflows() *WorkflowsRuleParameters {
+	if r == nil {
+		return nil
 	}
-	return *r.Prerelease
+	return r.Workflows
 }
 
-// GetPublishedAt returns the PublishedAt field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetPublishedAt() Timestamp {
-	if r == nil || r.PublishedAt == nil {
-		return Timestamp{}
+// GetConditionType returns the ConditionType field.
+func (r *RepositoryRulesetUpdatedCondition) GetConditionType() *RepositoryRulesetChangeSource {
+	if r == nil {
+		return nil
 	}
-	return *r.PublishedAt
+	return r.ConditionType
 }
 
-// GetTagName returns the TagName field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetTagName() string {
-	if r == nil || r.TagName == nil {
-		return ""
+// GetExclude returns the Exclude field.
+func (r *RepositoryRulesetUpdatedCondition) GetExclude() *RepositoryRulesetChangeSources {
+	if r == nil {
+		return nil
 	}
-	return *r.TagName
+	return r.Exclude
 }
 
-// GetTarballURL returns the TarballURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetTarballURL() string {
-	if r == nil || r.TarballURL == nil {
-		return ""
+// GetInclude returns the Include field.
+func (r *RepositoryRulesetUpdatedCondition) GetInclude() *RepositoryRulesetChangeSources {
+	if r == nil {
+		return nil
 	}
-	return *r.TarballURL
+	return r.Include
 }
 
-// GetTargetCommitish returns the TargetCommitish field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetTargetCommitish() string {
-	if r == nil || r.TargetCommitish == nil {
-		return ""
+// GetTarget returns the Target field.
+func (r *RepositoryRulesetUpdatedCondition) GetTarget() *RepositoryRulesetChangeSource {
+	if r == nil {
+		return nil
 	}
-	return *r.TargetCommitish
+	return r.Target
 }
 
-// GetUploadURL returns the UploadURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetUploadURL() string {
-	if r == nil || r.UploadURL == nil {
-		return ""
+// GetChanges returns the Changes field.
+func (r *RepositoryRulesetUpdatedConditions) GetChanges() *RepositoryRulesetUpdatedCondition {
+	if r == nil {
+		return nil
 	}
-	return *r.UploadURL
+	return r.Changes
 }
 
-// GetURL returns the URL field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetURL() string {
-	if r == nil || r.URL == nil {
-		return ""
+// GetCondition returns the Condition field.
+func (r *RepositoryRulesetUpdatedConditions) GetCondition() *RepositoryRulesetConditions {
+	if r == nil {
+		return nil
 	}
-	return *r.URL
+	return r.Condition
 }
 
-// GetZipballURL returns the ZipballURL field if it's non-nil, zero value otherwise.
-func (r *RepositoryRelease) GetZipballURL() string {
-	if r == nil || r.ZipballURL == nil {
-		return ""
+// GetChanges returns the Changes field.
+func (r *RepositoryRulesetUpdatedRules) GetChanges() *RepositoryRulesetChangedRule {
+	if r == nil {
+		return nil
 	}
-	return *r.ZipballURL
+	return r.Changes
 }
 
-// GetParameters returns the Parameters field if it's non-nil, zero value otherwise.
-func (r *RepositoryRule) GetParameters() json.RawMessage {
-	if r == nil || r.Parameters == nil {
-		return json.RawMessage{}
+// GetRule returns the Rule field.
+func (r *RepositoryRulesetUpdatedRules) GetRule() *RepositoryRule {
+	if r == nil {
+		return nil
 	}
-	return *r.Parameters
+	return r.Rule
 }
 
 // GetCommit returns the Commit field.
@@ -19534,6 +23686,14 @@ func (r *RepositoryVulnerabilityAlertEvent) GetInstallation() *Installation {
 	return r.Installation
 }
 
+// GetOrg returns the Org field.
+func (r *RepositoryVulnerabilityAlertEvent) GetOrg() *Organization {
+	if r == nil {
+		return nil
+	}
+	return r.Org
+}
+
 // GetRepository returns the Repository field.
 func (r *RepositoryVulnerabilityAlertEvent) GetRepository() *Repository {
 	if r == nil {
@@ -19726,6 +23886,22 @@ func (r *RequiredStatusCheck) GetAppID() int64 {
 	return *r.AppID
 }
 
+// GetChecks returns the Checks field if it's non-nil, zero value otherwise.
+func (r *RequiredStatusChecks) GetChecks() []*RequiredStatusCheck {
+	if r == nil || r.Checks == nil {
+		return nil
+	}
+	return *r.Checks
+}
+
+// GetContexts returns the Contexts field if it's non-nil, zero value otherwise.
+func (r *RequiredStatusChecks) GetContexts() []string {
+	if r == nil || r.Contexts == nil {
+		return nil
+	}
+	return *r.Contexts
+}
+
 // GetContextsURL returns the ContextsURL field if it's non-nil, zero value otherwise.
 func (r *RequiredStatusChecks) GetContextsURL() string {
 	if r == nil || r.ContextsURL == nil {
@@ -19758,12 +23934,12 @@ func (r *RequiredStatusChecksRequest) GetStrict() bool {
 	return *r.Strict
 }
 
-// GetTotalCount returns the TotalCount field if it's non-nil, zero value otherwise.
-func (r *RequiredWorkflowSelectedRepos) GetTotalCount() int {
-	if r == nil || r.TotalCount == nil {
-		return 0
+// GetDoNotEnforceOnCreate returns the DoNotEnforceOnCreate field if it's non-nil, zero value otherwise.
+func (r *RequiredStatusChecksRuleParameters) GetDoNotEnforceOnCreate() bool {
+	if r == nil || r.DoNotEnforceOnCreate == nil {
+		return false
 	}
-	return *r.TotalCount
+	return *r.DoNotEnforceOnCreate
 }
 
 // GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
@@ -19836,126 +24012,38 @@ func (r *Rule) GetSeverity() string {
 		return ""
 	}
 	return *r.Severity
-}
-
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (r *RulePatternParameters) GetName() string {
-	if r == nil || r.Name == nil {
-		return ""
-	}
-	return *r.Name
-}
-
-// GetNegate returns the Negate field if it's non-nil, zero value otherwise.
-func (r *RulePatternParameters) GetNegate() bool {
-	if r == nil || r.Negate == nil {
-		return false
-	}
-	return *r.Negate
-}
-
-// GetIntegrationID returns the IntegrationID field if it's non-nil, zero value otherwise.
-func (r *RuleRequiredStatusChecks) GetIntegrationID() int64 {
-	if r == nil || r.IntegrationID == nil {
-		return 0
-	}
-	return *r.IntegrationID
-}
-
-// GetConditions returns the Conditions field.
-func (r *Ruleset) GetConditions() *RulesetConditions {
-	if r == nil {
-		return nil
-	}
-	return r.Conditions
-}
-
-// GetID returns the ID field if it's non-nil, zero value otherwise.
-func (r *Ruleset) GetID() int64 {
-	if r == nil || r.ID == nil {
-		return 0
-	}
-	return *r.ID
-}
-
-// GetLinks returns the Links field.
-func (r *Ruleset) GetLinks() *RulesetLinks {
-	if r == nil {
-		return nil
-	}
-	return r.Links
-}
-
-// GetNodeID returns the NodeID field if it's non-nil, zero value otherwise.
-func (r *Ruleset) GetNodeID() string {
-	if r == nil || r.NodeID == nil {
-		return ""
-	}
-	return *r.NodeID
-}
-
-// GetSourceType returns the SourceType field if it's non-nil, zero value otherwise.
-func (r *Ruleset) GetSourceType() string {
-	if r == nil || r.SourceType == nil {
-		return ""
-	}
-	return *r.SourceType
-}
-
-// GetTarget returns the Target field if it's non-nil, zero value otherwise.
-func (r *Ruleset) GetTarget() string {
-	if r == nil || r.Target == nil {
-		return ""
-	}
-	return *r.Target
-}
-
-// GetRefName returns the RefName field.
-func (r *RulesetConditions) GetRefName() *RulesetRefConditionParameters {
-	if r == nil {
-		return nil
-	}
-	return r.RefName
-}
-
-// GetRepositoryID returns the RepositoryID field.
-func (r *RulesetConditions) GetRepositoryID() *RulesetRepositoryIDsConditionParameters {
-	if r == nil {
-		return nil
-	}
-	return r.RepositoryID
-}
-
-// GetRepositoryName returns the RepositoryName field.
-func (r *RulesetConditions) GetRepositoryName() *RulesetRepositoryNamesConditionParameters {
-	if r == nil {
-		return nil
+}
+
+// GetIntegrationID returns the IntegrationID field if it's non-nil, zero value otherwise.
+func (r *RuleStatusCheck) GetIntegrationID() int64 {
+	if r == nil || r.IntegrationID == nil {
+		return 0
 	}
-	return r.RepositoryName
+	return *r.IntegrationID
 }
 
-// GetHRef returns the HRef field if it's non-nil, zero value otherwise.
-func (r *RulesetLink) GetHRef() string {
-	if r == nil || r.HRef == nil {
+// GetRef returns the Ref field if it's non-nil, zero value otherwise.
+func (r *RuleWorkflow) GetRef() string {
+	if r == nil || r.Ref == nil {
 		return ""
 	}
-	return *r.HRef
+	return *r.Ref
 }
 
-// GetSelf returns the Self field.
-func (r *RulesetLinks) GetSelf() *RulesetLink {
-	if r == nil {
-		return nil
+// GetRepositoryID returns the RepositoryID field if it's non-nil, zero value otherwise.
+func (r *RuleWorkflow) GetRepositoryID() int64 {
+	if r == nil || r.RepositoryID == nil {
+		return 0
 	}
-	return r.Self
+	return *r.RepositoryID
 }
 
-// GetProtected returns the Protected field if it's non-nil, zero value otherwise.
-func (r *RulesetRepositoryNamesConditionParameters) GetProtected() bool {
-	if r == nil || r.Protected == nil {
-		return false
+// GetSHA returns the SHA field if it's non-nil, zero value otherwise.
+func (r *RuleWorkflow) GetSHA() string {
+	if r == nil || r.SHA == nil {
+		return ""
 	}
-	return *r.Protected
+	return *r.SHA
 }
 
 // GetBusy returns the Busy field if it's non-nil, zero value otherwise.
@@ -20406,6 +24494,46 @@ func (s *ScanningAnalysis) GetWarning() string {
 	return *s.Warning
 }
 
+// GetDisplay returns the Display field if it's non-nil, zero value otherwise.
+func (s *SCIMDisplayReference) GetDisplay() string {
+	if s == nil || s.Display == nil {
+		return ""
+	}
+	return *s.Display
+}
+
+// GetDisplayName returns the DisplayName field if it's non-nil, zero value otherwise.
+func (s *SCIMGroupAttributes) GetDisplayName() string {
+	if s == nil || s.DisplayName == nil {
+		return ""
+	}
+	return *s.DisplayName
+}
+
+// GetExternalID returns the ExternalID field if it's non-nil, zero value otherwise.
+func (s *SCIMGroupAttributes) GetExternalID() string {
+	if s == nil || s.ExternalID == nil {
+		return ""
+	}
+	return *s.ExternalID
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (s *SCIMGroupAttributes) GetID() string {
+	if s == nil || s.ID == nil {
+		return ""
+	}
+	return *s.ID
+}
+
+// GetMeta returns the Meta field.
+func (s *SCIMGroupAttributes) GetMeta() *SCIMMeta {
+	if s == nil {
+		return nil
+	}
+	return s.Meta
+}
+
 // GetCreated returns the Created field if it's non-nil, zero value otherwise.
 func (s *SCIMMeta) GetCreated() Timestamp {
 	if s == nil || s.Created == nil {
@@ -20438,6 +24566,30 @@ func (s *SCIMMeta) GetResourceType() string {
 	return *s.ResourceType
 }
 
+// GetItemsPerPage returns the ItemsPerPage field if it's non-nil, zero value otherwise.
+func (s *SCIMProvisionedGroups) GetItemsPerPage() int {
+	if s == nil || s.ItemsPerPage == nil {
+		return 0
+	}
+	return *s.ItemsPerPage
+}
+
+// GetStartIndex returns the StartIndex field if it's non-nil, zero value otherwise.
+func (s *SCIMProvisionedGroups) GetStartIndex() int {
+	if s == nil || s.StartIndex == nil {
+		return 0
+	}
+	return *s.StartIndex
+}
+
+// GetTotalResults returns the TotalResults field if it's non-nil, zero value otherwise.
+func (s *SCIMProvisionedGroups) GetTotalResults() int {
+	if s == nil || s.TotalResults == nil {
+		return 0
+	}
+	return *s.TotalResults
+}
+
 // GetItemsPerPage returns the ItemsPerPage field if it's non-nil, zero value otherwise.
 func (s *SCIMProvisionedIdentities) GetItemsPerPage() int {
 	if s == nil || s.ItemsPerPage == nil {
@@ -20550,6 +24702,14 @@ func (s *SecretScanningAlert) GetHTMLURL() string {
 	return *s.HTMLURL
 }
 
+// GetIsBase64Encoded returns the IsBase64Encoded field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetIsBase64Encoded() bool {
+	if s == nil || s.IsBase64Encoded == nil {
+		return false
+	}
+	return *s.IsBase64Encoded
+}
+
 // GetLocationsURL returns the LocationsURL field if it's non-nil, zero value otherwise.
 func (s *SecretScanningAlert) GetLocationsURL() string {
 	if s == nil || s.LocationsURL == nil {
@@ -20558,6 +24718,14 @@ func (s *SecretScanningAlert) GetLocationsURL() string {
 	return *s.LocationsURL
 }
 
+// GetMultiRepo returns the MultiRepo field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetMultiRepo() bool {
+	if s == nil || s.MultiRepo == nil {
+		return false
+	}
+	return *s.MultiRepo
+}
+
 // GetNumber returns the Number field if it's non-nil, zero value otherwise.
 func (s *SecretScanningAlert) GetNumber() int {
 	if s == nil || s.Number == nil {
@@ -20566,6 +24734,70 @@ func (s *SecretScanningAlert) GetNumber() int {
 	return *s.Number
 }
 
+// GetPubliclyLeaked returns the PubliclyLeaked field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetPubliclyLeaked() bool {
+	if s == nil || s.PubliclyLeaked == nil {
+		return false
+	}
+	return *s.PubliclyLeaked
+}
+
+// GetPushProtectionBypassed returns the PushProtectionBypassed field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetPushProtectionBypassed() bool {
+	if s == nil || s.PushProtectionBypassed == nil {
+		return false
+	}
+	return *s.PushProtectionBypassed
+}
+
+// GetPushProtectionBypassedAt returns the PushProtectionBypassedAt field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetPushProtectionBypassedAt() Timestamp {
+	if s == nil || s.PushProtectionBypassedAt == nil {
+		return Timestamp{}
+	}
+	return *s.PushProtectionBypassedAt
+}
+
+// GetPushProtectionBypassedBy returns the PushProtectionBypassedBy field.
+func (s *SecretScanningAlert) GetPushProtectionBypassedBy() *User {
+	if s == nil {
+		return nil
+	}
+	return s.PushProtectionBypassedBy
+}
+
+// GetPushProtectionBypassRequestComment returns the PushProtectionBypassRequestComment field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetPushProtectionBypassRequestComment() string {
+	if s == nil || s.PushProtectionBypassRequestComment == nil {
+		return ""
+	}
+	return *s.PushProtectionBypassRequestComment
+}
+
+// GetPushProtectionBypassRequestHTMLURL returns the PushProtectionBypassRequestHTMLURL field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetPushProtectionBypassRequestHTMLURL() string {
+	if s == nil || s.PushProtectionBypassRequestHTMLURL == nil {
+		return ""
+	}
+	return *s.PushProtectionBypassRequestHTMLURL
+}
+
+// GetPushProtectionBypassRequestReviewer returns the PushProtectionBypassRequestReviewer field.
+func (s *SecretScanningAlert) GetPushProtectionBypassRequestReviewer() *User {
+	if s == nil {
+		return nil
+	}
+	return s.PushProtectionBypassRequestReviewer
+}
+
+// GetPushProtectionBypassRequestReviewerComment returns the PushProtectionBypassRequestReviewerComment field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetPushProtectionBypassRequestReviewerComment() string {
+	if s == nil || s.PushProtectionBypassRequestReviewerComment == nil {
+		return ""
+	}
+	return *s.PushProtectionBypassRequestReviewerComment
+}
+
 // GetRepository returns the Repository field.
 func (s *SecretScanningAlert) GetRepository() *Repository {
 	if s == nil {
@@ -20582,6 +24814,14 @@ func (s *SecretScanningAlert) GetResolution() string {
 	return *s.Resolution
 }
 
+// GetResolutionComment returns the ResolutionComment field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetResolutionComment() string {
+	if s == nil || s.ResolutionComment == nil {
+		return ""
+	}
+	return *s.ResolutionComment
+}
+
 // GetResolvedAt returns the ResolvedAt field if it's non-nil, zero value otherwise.
 func (s *SecretScanningAlert) GetResolvedAt() Timestamp {
 	if s == nil || s.ResolvedAt == nil {
@@ -20630,6 +24870,14 @@ func (s *SecretScanningAlert) GetState() string {
 	return *s.State
 }
 
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetUpdatedAt() Timestamp {
+	if s == nil || s.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *s.UpdatedAt
+}
+
 // GetURL returns the URL field if it's non-nil, zero value otherwise.
 func (s *SecretScanningAlert) GetURL() string {
 	if s == nil || s.URL == nil {
@@ -20638,6 +24886,14 @@ func (s *SecretScanningAlert) GetURL() string {
 	return *s.URL
 }
 
+// GetValidity returns the Validity field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlert) GetValidity() string {
+	if s == nil || s.Validity == nil {
+		return ""
+	}
+	return *s.Validity
+}
+
 // GetAction returns the Action field if it's non-nil, zero value otherwise.
 func (s *SecretScanningAlertEvent) GetAction() string {
 	if s == nil || s.Action == nil {
@@ -20766,6 +25022,14 @@ func (s *SecretScanningAlertLocationDetails) GetPath() string {
 	return *s.Path
 }
 
+// GetPullRequestCommentURL returns the PullRequestCommentURL field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlertLocationDetails) GetPullRequestCommentURL() string {
+	if s == nil || s.PullRequestCommentURL == nil {
+		return ""
+	}
+	return *s.PullRequestCommentURL
+}
+
 // GetStartColumn returns the StartColumn field if it's non-nil, zero value otherwise.
 func (s *SecretScanningAlertLocationDetails) GetStartColumn() int {
 	if s == nil || s.StartColumn == nil {
@@ -20782,6 +25046,62 @@ func (s *SecretScanningAlertLocationDetails) GetStartline() int {
 	return *s.Startline
 }
 
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlertLocationEvent) GetAction() string {
+	if s == nil || s.Action == nil {
+		return ""
+	}
+	return *s.Action
+}
+
+// GetAlert returns the Alert field.
+func (s *SecretScanningAlertLocationEvent) GetAlert() *SecretScanningAlert {
+	if s == nil {
+		return nil
+	}
+	return s.Alert
+}
+
+// GetInstallation returns the Installation field.
+func (s *SecretScanningAlertLocationEvent) GetInstallation() *Installation {
+	if s == nil {
+		return nil
+	}
+	return s.Installation
+}
+
+// GetLocation returns the Location field.
+func (s *SecretScanningAlertLocationEvent) GetLocation() *SecretScanningAlertLocation {
+	if s == nil {
+		return nil
+	}
+	return s.Location
+}
+
+// GetOrganization returns the Organization field.
+func (s *SecretScanningAlertLocationEvent) GetOrganization() *Organization {
+	if s == nil {
+		return nil
+	}
+	return s.Organization
+}
+
+// GetRepo returns the Repo field.
+func (s *SecretScanningAlertLocationEvent) GetRepo() *Repository {
+	if s == nil {
+		return nil
+	}
+	return s.Repo
+}
+
+// GetSender returns the Sender field.
+func (s *SecretScanningAlertLocationEvent) GetSender() *User {
+	if s == nil {
+		return nil
+	}
+	return s.Sender
+}
+
 // GetResolution returns the Resolution field if it's non-nil, zero value otherwise.
 func (s *SecretScanningAlertUpdateOptions) GetResolution() string {
 	if s == nil || s.Resolution == nil {
@@ -20790,30 +25110,62 @@ func (s *SecretScanningAlertUpdateOptions) GetResolution() string {
 	return *s.Resolution
 }
 
-// GetSecretType returns the SecretType field if it's non-nil, zero value otherwise.
-func (s *SecretScanningAlertUpdateOptions) GetSecretType() string {
-	if s == nil || s.SecretType == nil {
+// GetResolutionComment returns the ResolutionComment field if it's non-nil, zero value otherwise.
+func (s *SecretScanningAlertUpdateOptions) GetResolutionComment() string {
+	if s == nil || s.ResolutionComment == nil {
 		return ""
 	}
-	return *s.SecretType
+	return *s.ResolutionComment
 }
 
-// GetState returns the State field if it's non-nil, zero value otherwise.
-func (s *SecretScanningAlertUpdateOptions) GetState() string {
-	if s == nil || s.State == nil {
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (s *SecretScanningPushProtection) GetStatus() string {
+	if s == nil || s.Status == nil {
 		return ""
 	}
-	return *s.State
+	return *s.Status
 }
 
 // GetStatus returns the Status field if it's non-nil, zero value otherwise.
-func (s *SecretScanningPushProtection) GetStatus() string {
+func (s *SecretScanningValidityChecks) GetStatus() string {
 	if s == nil || s.Status == nil {
 		return ""
 	}
 	return *s.Status
 }
 
+// GetAuthor returns the Author field.
+func (s *SecurityAdvisory) GetAuthor() *User {
+	if s == nil {
+		return nil
+	}
+	return s.Author
+}
+
+// GetClosedAt returns the ClosedAt field if it's non-nil, zero value otherwise.
+func (s *SecurityAdvisory) GetClosedAt() Timestamp {
+	if s == nil || s.ClosedAt == nil {
+		return Timestamp{}
+	}
+	return *s.ClosedAt
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (s *SecurityAdvisory) GetCreatedAt() Timestamp {
+	if s == nil || s.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *s.CreatedAt
+}
+
+// GetCVEID returns the CVEID field if it's non-nil, zero value otherwise.
+func (s *SecurityAdvisory) GetCVEID() string {
+	if s == nil || s.CVEID == nil {
+		return ""
+	}
+	return *s.CVEID
+}
+
 // GetCVSS returns the CVSS field.
 func (s *SecurityAdvisory) GetCVSS() *AdvisoryCVSS {
 	if s == nil {
@@ -20838,6 +25190,22 @@ func (s *SecurityAdvisory) GetGHSAID() string {
 	return *s.GHSAID
 }
 
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (s *SecurityAdvisory) GetHTMLURL() string {
+	if s == nil || s.HTMLURL == nil {
+		return ""
+	}
+	return *s.HTMLURL
+}
+
+// GetPrivateFork returns the PrivateFork field.
+func (s *SecurityAdvisory) GetPrivateFork() *Repository {
+	if s == nil {
+		return nil
+	}
+	return s.PrivateFork
+}
+
 // GetPublishedAt returns the PublishedAt field if it's non-nil, zero value otherwise.
 func (s *SecurityAdvisory) GetPublishedAt() Timestamp {
 	if s == nil || s.PublishedAt == nil {
@@ -20846,6 +25214,14 @@ func (s *SecurityAdvisory) GetPublishedAt() Timestamp {
 	return *s.PublishedAt
 }
 
+// GetPublisher returns the Publisher field.
+func (s *SecurityAdvisory) GetPublisher() *User {
+	if s == nil {
+		return nil
+	}
+	return s.Publisher
+}
+
 // GetSeverity returns the Severity field if it's non-nil, zero value otherwise.
 func (s *SecurityAdvisory) GetSeverity() string {
 	if s == nil || s.Severity == nil {
@@ -20854,6 +25230,22 @@ func (s *SecurityAdvisory) GetSeverity() string {
 	return *s.Severity
 }
 
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (s *SecurityAdvisory) GetState() string {
+	if s == nil || s.State == nil {
+		return ""
+	}
+	return *s.State
+}
+
+// GetSubmission returns the Submission field.
+func (s *SecurityAdvisory) GetSubmission() *SecurityAdvisorySubmission {
+	if s == nil {
+		return nil
+	}
+	return s.Submission
+}
+
 // GetSummary returns the Summary field if it's non-nil, zero value otherwise.
 func (s *SecurityAdvisory) GetSummary() string {
 	if s == nil || s.Summary == nil {
@@ -20867,7 +25259,15 @@ func (s *SecurityAdvisory) GetUpdatedAt() Timestamp {
 	if s == nil || s.UpdatedAt == nil {
 		return Timestamp{}
 	}
-	return *s.UpdatedAt
+	return *s.UpdatedAt
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (s *SecurityAdvisory) GetURL() string {
+	if s == nil || s.URL == nil {
+		return ""
+	}
+	return *s.URL
 }
 
 // GetWithdrawnAt returns the WithdrawnAt field if it's non-nil, zero value otherwise.
@@ -20934,6 +25334,14 @@ func (s *SecurityAdvisoryEvent) GetSender() *User {
 	return s.Sender
 }
 
+// GetAccepted returns the Accepted field if it's non-nil, zero value otherwise.
+func (s *SecurityAdvisorySubmission) GetAccepted() bool {
+	if s == nil || s.Accepted == nil {
+		return false
+	}
+	return *s.Accepted
+}
+
 // GetAdvancedSecurity returns the AdvancedSecurity field.
 func (s *SecurityAndAnalysis) GetAdvancedSecurity() *AdvancedSecurity {
 	if s == nil {
@@ -20966,6 +25374,14 @@ func (s *SecurityAndAnalysis) GetSecretScanningPushProtection() *SecretScanningP
 	return s.SecretScanningPushProtection
 }
 
+// GetSecretScanningValidityChecks returns the SecretScanningValidityChecks field.
+func (s *SecurityAndAnalysis) GetSecretScanningValidityChecks() *SecretScanningValidityChecks {
+	if s == nil {
+		return nil
+	}
+	return s.SecretScanningValidityChecks
+}
+
 // GetFrom returns the From field.
 func (s *SecurityAndAnalysisChange) GetFrom() *SecurityAndAnalysisChangeFrom {
 	if s == nil {
@@ -21038,14 +25454,6 @@ func (s *SelectedReposList) GetTotalCount() int {
 	return *s.TotalCount
 }
 
-// GetName returns the Name field if it's non-nil, zero value otherwise.
-func (s *ServiceHook) GetName() string {
-	if s == nil || s.Name == nil {
-		return ""
-	}
-	return *s.Name
-}
-
 // GetFrom returns the From field if it's non-nil, zero value otherwise.
 func (s *SignatureRequirementEnforcementLevelChanges) GetFrom() string {
 	if s == nil || s.From == nil {
@@ -21198,6 +25606,118 @@ func (s *SourceImportAuthor) GetURL() string {
 	return *s.URL
 }
 
+// GetPrivacyLevel returns the PrivacyLevel field if it's non-nil, zero value otherwise.
+func (s *SponsorshipChanges) GetPrivacyLevel() string {
+	if s == nil || s.PrivacyLevel == nil {
+		return ""
+	}
+	return *s.PrivacyLevel
+}
+
+// GetTier returns the Tier field.
+func (s *SponsorshipChanges) GetTier() *SponsorshipTier {
+	if s == nil {
+		return nil
+	}
+	return s.Tier
+}
+
+// GetAction returns the Action field if it's non-nil, zero value otherwise.
+func (s *SponsorshipEvent) GetAction() string {
+	if s == nil || s.Action == nil {
+		return ""
+	}
+	return *s.Action
+}
+
+// GetChanges returns the Changes field.
+func (s *SponsorshipEvent) GetChanges() *SponsorshipChanges {
+	if s == nil {
+		return nil
+	}
+	return s.Changes
+}
+
+// GetEffectiveDate returns the EffectiveDate field if it's non-nil, zero value otherwise.
+func (s *SponsorshipEvent) GetEffectiveDate() string {
+	if s == nil || s.EffectiveDate == nil {
+		return ""
+	}
+	return *s.EffectiveDate
+}
+
+// GetInstallation returns the Installation field.
+func (s *SponsorshipEvent) GetInstallation() *Installation {
+	if s == nil {
+		return nil
+	}
+	return s.Installation
+}
+
+// GetOrganization returns the Organization field.
+func (s *SponsorshipEvent) GetOrganization() *Organization {
+	if s == nil {
+		return nil
+	}
+	return s.Organization
+}
+
+// GetRepository returns the Repository field.
+func (s *SponsorshipEvent) GetRepository() *Repository {
+	if s == nil {
+		return nil
+	}
+	return s.Repository
+}
+
+// GetSender returns the Sender field.
+func (s *SponsorshipEvent) GetSender() *User {
+	if s == nil {
+		return nil
+	}
+	return s.Sender
+}
+
+// GetFrom returns the From field if it's non-nil, zero value otherwise.
+func (s *SponsorshipTier) GetFrom() string {
+	if s == nil || s.From == nil {
+		return ""
+	}
+	return *s.From
+}
+
+// GetHostname returns the Hostname field if it's non-nil, zero value otherwise.
+func (s *SSHKeyStatus) GetHostname() string {
+	if s == nil || s.Hostname == nil {
+		return ""
+	}
+	return *s.Hostname
+}
+
+// GetMessage returns the Message field if it's non-nil, zero value otherwise.
+func (s *SSHKeyStatus) GetMessage() string {
+	if s == nil || s.Message == nil {
+		return ""
+	}
+	return *s.Message
+}
+
+// GetModified returns the Modified field if it's non-nil, zero value otherwise.
+func (s *SSHKeyStatus) GetModified() bool {
+	if s == nil || s.Modified == nil {
+		return false
+	}
+	return *s.Modified
+}
+
+// GetUUID returns the UUID field if it's non-nil, zero value otherwise.
+func (s *SSHKeyStatus) GetUUID() string {
+	if s == nil || s.UUID == nil {
+		return ""
+	}
+	return *s.UUID
+}
+
 // GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
 func (s *SSHSigningKey) GetCreatedAt() Timestamp {
 	if s == nil || s.CreatedAt == nil {
@@ -21366,6 +25886,14 @@ func (s *StatusEvent) GetName() string {
 	return *s.Name
 }
 
+// GetOrg returns the Org field.
+func (s *StatusEvent) GetOrg() *Organization {
+	if s == nil {
+		return nil
+	}
+	return s.Org
+}
+
 // GetRepo returns the Repo field.
 func (s *StatusEvent) GetRepo() *Repository {
 	if s == nil {
@@ -21470,6 +25998,46 @@ func (s *Subscription) GetURL() string {
 	return *s.URL
 }
 
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (s *SystemRequirements) GetStatus() string {
+	if s == nil || s.Status == nil {
+		return ""
+	}
+	return *s.Status
+}
+
+// GetHostname returns the Hostname field if it's non-nil, zero value otherwise.
+func (s *SystemRequirementsNode) GetHostname() string {
+	if s == nil || s.Hostname == nil {
+		return ""
+	}
+	return *s.Hostname
+}
+
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (s *SystemRequirementsNode) GetStatus() string {
+	if s == nil || s.Status == nil {
+		return ""
+	}
+	return *s.Status
+}
+
+// GetRole returns the Role field if it's non-nil, zero value otherwise.
+func (s *SystemRequirementsNodeRoleStatus) GetRole() string {
+	if s == nil || s.Role == nil {
+		return ""
+	}
+	return *s.Role
+}
+
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (s *SystemRequirementsNodeRoleStatus) GetStatus() string {
+	if s == nil || s.Status == nil {
+		return ""
+	}
+	return *s.Status
+}
+
 // GetMessage returns the Message field if it's non-nil, zero value otherwise.
 func (t *Tag) GetMessage() string {
 	if t == nil || t.Message == nil {
@@ -21598,6 +26166,14 @@ func (t *TaskStep) GetStatus() string {
 	return *t.Status
 }
 
+// GetAssignment returns the Assignment field if it's non-nil, zero value otherwise.
+func (t *Team) GetAssignment() string {
+	if t == nil || t.Assignment == nil {
+		return ""
+	}
+	return *t.Assignment
+}
+
 // GetDescription returns the Description field if it's non-nil, zero value otherwise.
 func (t *Team) GetDescription() string {
 	if t == nil || t.Description == nil {
@@ -21662,6 +26238,14 @@ func (t *Team) GetNodeID() string {
 	return *t.NodeID
 }
 
+// GetNotificationSetting returns the NotificationSetting field if it's non-nil, zero value otherwise.
+func (t *Team) GetNotificationSetting() string {
+	if t == nil || t.NotificationSetting == nil {
+		return ""
+	}
+	return *t.NotificationSetting
+}
+
 // GetOrganization returns the Organization field.
 func (t *Team) GetOrganization() *Organization {
 	if t == nil {
@@ -22342,12 +26926,12 @@ func (t *Timeline) GetMilestone() *Milestone {
 	return t.Milestone
 }
 
-// GetProjectCard returns the ProjectCard field.
-func (t *Timeline) GetProjectCard() *ProjectCard {
+// GetPerformedViaGithubApp returns the PerformedViaGithubApp field.
+func (t *Timeline) GetPerformedViaGithubApp() *App {
 	if t == nil {
 		return nil
 	}
-	return t.ProjectCard
+	return t.PerformedViaGithubApp
 }
 
 // GetRename returns the Rename field.
@@ -22822,6 +27406,38 @@ func (u *UpdateDefaultSetupConfigurationResponse) GetRunURL() string {
 	return *u.RunURL
 }
 
+// GetAllowsPublicRepositories returns the AllowsPublicRepositories field if it's non-nil, zero value otherwise.
+func (u *UpdateEnterpriseRunnerGroupRequest) GetAllowsPublicRepositories() bool {
+	if u == nil || u.AllowsPublicRepositories == nil {
+		return false
+	}
+	return *u.AllowsPublicRepositories
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (u *UpdateEnterpriseRunnerGroupRequest) GetName() string {
+	if u == nil || u.Name == nil {
+		return ""
+	}
+	return *u.Name
+}
+
+// GetRestrictedToWorkflows returns the RestrictedToWorkflows field if it's non-nil, zero value otherwise.
+func (u *UpdateEnterpriseRunnerGroupRequest) GetRestrictedToWorkflows() bool {
+	if u == nil || u.RestrictedToWorkflows == nil {
+		return false
+	}
+	return *u.RestrictedToWorkflows
+}
+
+// GetVisibility returns the Visibility field if it's non-nil, zero value otherwise.
+func (u *UpdateEnterpriseRunnerGroupRequest) GetVisibility() string {
+	if u == nil || u.Visibility == nil {
+		return ""
+	}
+	return *u.Visibility
+}
+
 // GetAllowsPublicRepositories returns the AllowsPublicRepositories field if it's non-nil, zero value otherwise.
 func (u *UpdateRunnerGroupRequest) GetAllowsPublicRepositories() bool {
 	if u == nil || u.AllowsPublicRepositories == nil {
@@ -22854,6 +27470,14 @@ func (u *UpdateRunnerGroupRequest) GetVisibility() string {
 	return *u.Visibility
 }
 
+// GetAssignment returns the Assignment field if it's non-nil, zero value otherwise.
+func (u *User) GetAssignment() string {
+	if u == nil || u.Assignment == nil {
+		return ""
+	}
+	return *u.Assignment
+}
+
 // GetAvatarURL returns the AvatarURL field if it's non-nil, zero value otherwise.
 func (u *User) GetAvatarURL() string {
 	if u == nil || u.AvatarURL == nil {
@@ -23654,6 +28278,14 @@ func (w *WatchEvent) GetInstallation() *Installation {
 	return w.Installation
 }
 
+// GetOrg returns the Org field.
+func (w *WatchEvent) GetOrg() *Organization {
+	if w == nil {
+		return nil
+	}
+	return w.Org
+}
+
 // GetRepo returns the Repo field.
 func (w *WatchEvent) GetRepo() *Repository {
 	if w == nil {
@@ -24030,6 +28662,14 @@ func (w *WorkflowJobEvent) GetAction() string {
 	return *w.Action
 }
 
+// GetDeployment returns the Deployment field.
+func (w *WorkflowJobEvent) GetDeployment() *Deployment {
+	if w == nil {
+		return nil
+	}
+	return w.Deployment
+}
+
 // GetInstallation returns the Installation field.
 func (w *WorkflowJobEvent) GetInstallation() *Installation {
 	if w == nil {
@@ -24070,6 +28710,70 @@ func (w *WorkflowJobEvent) GetWorkflowJob() *WorkflowJob {
 	return w.WorkflowJob
 }
 
+// GetConclusion returns the Conclusion field if it's non-nil, zero value otherwise.
+func (w *WorkflowJobRun) GetConclusion() string {
+	if w == nil || w.Conclusion == nil {
+		return ""
+	}
+	return *w.Conclusion
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (w *WorkflowJobRun) GetCreatedAt() Timestamp {
+	if w == nil || w.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *w.CreatedAt
+}
+
+// GetEnvironment returns the Environment field if it's non-nil, zero value otherwise.
+func (w *WorkflowJobRun) GetEnvironment() string {
+	if w == nil || w.Environment == nil {
+		return ""
+	}
+	return *w.Environment
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (w *WorkflowJobRun) GetHTMLURL() string {
+	if w == nil || w.HTMLURL == nil {
+		return ""
+	}
+	return *w.HTMLURL
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (w *WorkflowJobRun) GetID() int64 {
+	if w == nil || w.ID == nil {
+		return 0
+	}
+	return *w.ID
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (w *WorkflowJobRun) GetName() string {
+	if w == nil || w.Name == nil {
+		return ""
+	}
+	return *w.Name
+}
+
+// GetStatus returns the Status field if it's non-nil, zero value otherwise.
+func (w *WorkflowJobRun) GetStatus() string {
+	if w == nil || w.Status == nil {
+		return ""
+	}
+	return *w.Status
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (w *WorkflowJobRun) GetUpdatedAt() Timestamp {
+	if w == nil || w.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *w.UpdatedAt
+}
+
 // GetActor returns the Actor field.
 func (w *WorkflowRun) GetActor() *User {
 	if w == nil {
@@ -24230,6 +28934,14 @@ func (w *WorkflowRun) GetNodeID() string {
 	return *w.NodeID
 }
 
+// GetPath returns the Path field if it's non-nil, zero value otherwise.
+func (w *WorkflowRun) GetPath() string {
+	if w == nil || w.Path == nil {
+		return ""
+	}
+	return *w.Path
+}
+
 // GetPreviousAttemptURL returns the PreviousAttemptURL field if it's non-nil, zero value otherwise.
 func (w *WorkflowRun) GetPreviousAttemptURL() string {
 	if w == nil || w.PreviousAttemptURL == nil {
@@ -24454,6 +29166,14 @@ func (w *Workflows) GetTotalCount() int {
 	return *w.TotalCount
 }
 
+// GetDoNotEnforceOnCreate returns the DoNotEnforceOnCreate field if it's non-nil, zero value otherwise.
+func (w *WorkflowsRuleParameters) GetDoNotEnforceOnCreate() bool {
+	if w == nil || w.DoNotEnforceOnCreate == nil {
+		return false
+	}
+	return *w.DoNotEnforceOnCreate
+}
+
 // GetBillable returns the Billable field.
 func (w *WorkflowUsage) GetBillable() *WorkflowBillMap {
 	if w == nil {
diff --git a/vendor/github.com/google/go-github/v55/github/github.go b/vendor/github.com/google/go-github/v72/github/github.go
similarity index 76%
rename from vendor/github.com/google/go-github/v55/github/github.go
rename to vendor/github.com/google/go-github/v72/github/github.go
index df01144460..a3b1941eac 100644
--- a/vendor/github.com/google/go-github/v55/github/github.go
+++ b/vendor/github.com/google/go-github/v72/github/github.go
@@ -5,6 +5,7 @@
 
 //go:generate go run gen-accessors.go
 //go:generate go run gen-stringify-test.go
+//go:generate ../script/metadata.sh update-go
 
 package github
 
@@ -18,6 +19,7 @@ import (
 	"net/http"
 	"net/url"
 	"reflect"
+	"regexp"
 	"strconv"
 	"strings"
 	"sync"
@@ -27,21 +29,23 @@ import (
 )
 
 const (
-	Version = "v55.0.0"
+	Version = "v72.0.0"
 
 	defaultAPIVersion = "2022-11-28"
 	defaultBaseURL    = "https://api.github.com/"
 	defaultUserAgent  = "go-github" + "/" + Version
 	uploadBaseURL     = "https://uploads.github.com/"
 
-	headerAPIVersion    = "X-GitHub-Api-Version"
-	headerRateLimit     = "X-RateLimit-Limit"
-	headerRateRemaining = "X-RateLimit-Remaining"
-	headerRateReset     = "X-RateLimit-Reset"
-	headerOTP           = "X-GitHub-OTP"
+	headerAPIVersion    = "X-Github-Api-Version"
+	headerRateLimit     = "X-Ratelimit-Limit"
+	headerRateRemaining = "X-Ratelimit-Remaining"
+	headerRateUsed      = "X-Ratelimit-Used"
+	headerRateReset     = "X-Ratelimit-Reset"
+	headerRateResource  = "X-Ratelimit-Resource"
+	headerOTP           = "X-Github-Otp"
 	headerRetryAfter    = "Retry-After"
 
-	headerTokenExpiration = "GitHub-Authentication-Token-Expiration"
+	headerTokenExpiration = "Github-Authentication-Token-Expiration"
 
 	mediaTypeV3                = "application/vnd.github.v3+json"
 	defaultMediaType           = "application/octet-stream"
@@ -131,10 +135,10 @@ const (
 	// https://developer.github.com/changes/2019-04-11-pulls-branches-for-commit/
 	mediaTypeListPullsOrBranchesForCommitPreview = "application/vnd.github.groot-preview+json"
 
-	// https://docs.github.com/en/rest/previews/#repository-creation-permissions
+	// https://docs.github.com/rest/previews/#repository-creation-permissions
 	mediaTypeMemberAllowedRepoCreationTypePreview = "application/vnd.github.surtur-preview+json"
 
-	// https://docs.github.com/en/rest/previews/#create-and-use-repository-templates
+	// https://docs.github.com/rest/previews/#create-and-use-repository-templates
 	mediaTypeRepositoryTemplatePreview = "application/vnd.github.baptiste-preview+json"
 
 	// https://developer.github.com/changes/2019-10-03-multi-line-comments/
@@ -154,8 +158,9 @@ var errNonNilContext = errors.New("context must be non-nil")
 
 // A Client manages communication with the GitHub API.
 type Client struct {
-	clientMu sync.Mutex   // clientMu protects the client during calls that modify the CheckRedirect func.
-	client   *http.Client // HTTP client used to communicate with the API.
+	clientMu              sync.Mutex   // clientMu protects the client during calls that modify the CheckRedirect func.
+	client                *http.Client // HTTP client used to communicate with the API.
+	clientIgnoreRedirects *http.Client // HTTP client used to communicate with the API on endpoints where we don't want to follow redirects.
 
 	// Base URL for API requests. Defaults to the public GitHub API, but can be
 	// set to a domain endpoint to use with GitHub Enterprise. BaseURL should
@@ -169,9 +174,16 @@ type Client struct {
 	UserAgent string
 
 	rateMu                  sync.Mutex
-	rateLimits              [categories]Rate // Rate limits for the client as determined by the most recent API calls.
+	rateLimits              [Categories]Rate // Rate limits for the client as determined by the most recent API calls.
 	secondaryRateLimitReset time.Time        // Secondary rate limit reset for the client as determined by the most recent API calls.
 
+	// If specified, Client will block requests for at most this duration in case of reaching a secondary
+	// rate limit
+	MaxSecondaryRateLimitRetryAfterDuration time.Duration
+
+	// Whether to respect rate limit headers on endpoints that return 302 redirections to artifacts
+	RateLimitRedirectionalEndpoints bool
+
 	common service // Reuse a single struct instead of allocating one for each service on the heap.
 
 	// Services used for talking to different parts of the GitHub API.
@@ -183,9 +195,12 @@ type Client struct {
 	Billing            *BillingService
 	Checks             *ChecksService
 	CodeScanning       *CodeScanningService
+	CodesOfConduct     *CodesOfConductService
 	Codespaces         *CodespacesService
+	Copilot            *CopilotService
 	Dependabot         *DependabotService
 	DependencyGraph    *DependencyGraphService
+	Emojis             *EmojisService
 	Enterprise         *EnterpriseService
 	Gists              *GistsService
 	Git                *GitService
@@ -194,11 +209,13 @@ type Client struct {
 	IssueImport        *IssueImportService
 	Issues             *IssuesService
 	Licenses           *LicensesService
+	Markdown           *MarkdownService
 	Marketplace        *MarketplaceService
+	Meta               *MetaService
 	Migrations         *MigrationService
 	Organizations      *OrganizationsService
-	Projects           *ProjectsService
 	PullRequests       *PullRequestsService
+	RateLimit          *RateLimitService
 	Reactions          *ReactionsService
 	Repositories       *RepositoriesService
 	SCIM               *SCIMService
@@ -214,6 +231,8 @@ type service struct {
 }
 
 // Client returns the http.Client used by this GitHub client.
+// This should only be used for requests to the GitHub API because
+// request headers will contain an authorization token.
 func (c *Client) Client() *http.Client {
 	c.clientMu.Lock()
 	defer c.clientMu.Unlock()
@@ -309,7 +328,11 @@ func addOptions(s string, opts interface{}) (string, error) {
 // an http.Client that will perform the authentication for you (such as that
 // provided by the golang.org/x/oauth2 library).
 func NewClient(httpClient *http.Client) *Client {
-	c := &Client{client: httpClient}
+	if httpClient == nil {
+		httpClient = &http.Client{}
+	}
+	httpClient2 := *httpClient
+	c := &Client{client: &httpClient2}
 	c.initialize()
 	return c
 }
@@ -382,6 +405,14 @@ func (c *Client) initialize() {
 	if c.client == nil {
 		c.client = &http.Client{}
 	}
+	// Copy the main http client into the IgnoreRedirects one, overriding the `CheckRedirect` func
+	c.clientIgnoreRedirects = &http.Client{}
+	c.clientIgnoreRedirects.Transport = c.client.Transport
+	c.clientIgnoreRedirects.Timeout = c.client.Timeout
+	c.clientIgnoreRedirects.Jar = c.client.Jar
+	c.clientIgnoreRedirects.CheckRedirect = func(req *http.Request, via []*http.Request) error {
+		return http.ErrUseLastResponse
+	}
 	if c.BaseURL == nil {
 		c.BaseURL, _ = url.Parse(defaultBaseURL)
 	}
@@ -401,8 +432,11 @@ func (c *Client) initialize() {
 	c.Checks = (*ChecksService)(&c.common)
 	c.CodeScanning = (*CodeScanningService)(&c.common)
 	c.Codespaces = (*CodespacesService)(&c.common)
+	c.CodesOfConduct = (*CodesOfConductService)(&c.common)
+	c.Copilot = (*CopilotService)(&c.common)
 	c.Dependabot = (*DependabotService)(&c.common)
 	c.DependencyGraph = (*DependencyGraphService)(&c.common)
+	c.Emojis = (*EmojisService)(&c.common)
 	c.Enterprise = (*EnterpriseService)(&c.common)
 	c.Gists = (*GistsService)(&c.common)
 	c.Git = (*GitService)(&c.common)
@@ -411,11 +445,13 @@ func (c *Client) initialize() {
 	c.IssueImport = (*IssueImportService)(&c.common)
 	c.Issues = (*IssuesService)(&c.common)
 	c.Licenses = (*LicensesService)(&c.common)
+	c.Markdown = (*MarkdownService)(&c.common)
 	c.Marketplace = &MarketplaceService{client: c}
+	c.Meta = (*MetaService)(&c.common)
 	c.Migrations = (*MigrationService)(&c.common)
 	c.Organizations = (*OrganizationsService)(&c.common)
-	c.Projects = (*ProjectsService)(&c.common)
 	c.PullRequests = (*PullRequestsService)(&c.common)
+	c.RateLimit = (*RateLimitService)(&c.common)
 	c.Reactions = (*ReactionsService)(&c.common)
 	c.Repositories = (*RepositoriesService)(&c.common)
 	c.SCIM = (*SCIMService)(&c.common)
@@ -431,15 +467,19 @@ func (c *Client) copy() *Client {
 	c.clientMu.Lock()
 	// can't use *c here because that would copy mutexes by value.
 	clone := Client{
-		client:                  c.client,
-		UserAgent:               c.UserAgent,
-		BaseURL:                 c.BaseURL,
-		UploadURL:               c.UploadURL,
-		secondaryRateLimitReset: c.secondaryRateLimitReset,
+		client:                          &http.Client{},
+		UserAgent:                       c.UserAgent,
+		BaseURL:                         c.BaseURL,
+		UploadURL:                       c.UploadURL,
+		RateLimitRedirectionalEndpoints: c.RateLimitRedirectionalEndpoints,
+		secondaryRateLimitReset:         c.secondaryRateLimitReset,
 	}
 	c.clientMu.Unlock()
-	if clone.client == nil {
-		clone.client = &http.Client{}
+	if c.client != nil {
+		clone.client.Transport = c.client.Transport
+		clone.client.CheckRedirect = c.client.CheckRedirect
+		clone.client.Jar = c.client.Jar
+		clone.client.Timeout = c.client.Timeout
 	}
 	c.rateMu.Lock()
 	copy(clone.rateLimits[:], c.rateLimits[:])
@@ -462,7 +502,7 @@ func NewTokenClient(_ context.Context, token string) *Client {
 // NewEnterpriseClient returns a new GitHub API client with provided
 // base URL and upload URL (often is your GitHub Enterprise hostname).
 //
-// Deprecated: Use NewClient(httpClient).WithOptions(WithEnterpriseURLs(baseURL, uploadURL)) instead.
+// Deprecated: Use NewClient(httpClient).WithEnterpriseURLs(baseURL, uploadURL) instead.
 func NewEnterpriseClient(baseURL, uploadURL string, httpClient *http.Client) (*Client, error) {
 	return NewClient(httpClient).WithEnterpriseURLs(baseURL, uploadURL)
 }
@@ -486,7 +526,7 @@ func WithVersion(version string) RequestOption {
 // request body.
 func (c *Client) NewRequest(method, urlStr string, body interface{}, opts ...RequestOption) (*http.Request, error) {
 	if !strings.HasSuffix(c.BaseURL.Path, "/") {
-		return nil, fmt.Errorf("BaseURL must have a trailing slash, but %q does not", c.BaseURL)
+		return nil, fmt.Errorf("baseURL must have a trailing slash, but %q does not", c.BaseURL)
 	}
 
 	u, err := c.BaseURL.Parse(urlStr)
@@ -532,7 +572,7 @@ func (c *Client) NewRequest(method, urlStr string, body interface{}, opts ...Req
 // Body is sent with Content-Type: application/x-www-form-urlencoded.
 func (c *Client) NewFormRequest(urlStr string, body io.Reader, opts ...RequestOption) (*http.Request, error) {
 	if !strings.HasSuffix(c.BaseURL.Path, "/") {
-		return nil, fmt.Errorf("BaseURL must have a trailing slash, but %q does not", c.BaseURL)
+		return nil, fmt.Errorf("baseURL must have a trailing slash, but %q does not", c.BaseURL)
 	}
 
 	u, err := c.BaseURL.Parse(urlStr)
@@ -564,7 +604,7 @@ func (c *Client) NewFormRequest(urlStr string, body io.Reader, opts ...RequestOp
 // Relative URLs should always be specified without a preceding slash.
 func (c *Client) NewUploadRequest(urlStr string, reader io.Reader, size int64, mediaType string, opts ...RequestOption) (*http.Request, error) {
 	if !strings.HasSuffix(c.UploadURL.Path, "/") {
-		return nil, fmt.Errorf("UploadURL must have a trailing slash, but %q does not", c.UploadURL)
+		return nil, fmt.Errorf("uploadURL must have a trailing slash, but %q does not", c.UploadURL)
 	}
 	u, err := c.UploadURL.Parse(urlStr)
 	if err != nil {
@@ -730,11 +770,17 @@ func parseRate(r *http.Response) Rate {
 	if remaining := r.Header.Get(headerRateRemaining); remaining != "" {
 		rate.Remaining, _ = strconv.Atoi(remaining)
 	}
+	if used := r.Header.Get(headerRateUsed); used != "" {
+		rate.Used, _ = strconv.Atoi(used)
+	}
 	if reset := r.Header.Get(headerRateReset); reset != "" {
 		if v, _ := strconv.ParseInt(reset, 10, 64); v != 0 {
 			rate.Reset = Timestamp{time.Unix(v, 0)}
 		}
 	}
+	if resource := r.Header.Get(headerRateResource); resource != "" {
+		rate.Resource = resource
+	}
 	return rate
 }
 
@@ -752,7 +798,7 @@ func parseSecondaryRate(r *http.Response) *time.Duration {
 
 	// According to GitHub support, endpoints might return x-ratelimit-reset instead,
 	// as an integer which represents the number of seconds since epoch UTC,
-	// represting the time to resume making requests.
+	// representing the time to resume making requests.
 	if v := r.Header.Get(headerRateReset); v != "" {
 		secondsSinceEpoch, _ := strconv.ParseInt(v, 10, 64) // Error handling is noop.
 		retryAfter := time.Until(time.Unix(secondsSinceEpoch, 0))
@@ -781,27 +827,32 @@ func parseTokenExpiration(r *http.Response) Timestamp {
 type requestContext uint8
 
 const (
-	bypassRateLimitCheck requestContext = iota
+	// BypassRateLimitCheck prevents a pre-emptive check for exceeded primary rate limits
+	// Specify this by providing a context with this key, e.g.
+	//   context.WithValue(context.Background(), github.BypassRateLimitCheck, true)
+	BypassRateLimitCheck requestContext = iota
+
+	SleepUntilPrimaryRateLimitResetWhenRateLimited
 )
 
-// BareDo sends an API request and lets you handle the api response. If an error
-// or API Error occurs, the error will contain more information. Otherwise you
-// are supposed to read and close the response's Body. If rate limit is exceeded
-// and reset time is in the future, BareDo returns *RateLimitError immediately
-// without making a network API call.
+// bareDo sends an API request using `caller` http.Client passed in the parameters
+// and lets you handle the api response. If an error or API Error occurs, the error
+// will contain more information. Otherwise you are supposed to read and close the
+// response's Body. If rate limit is exceeded and reset time is in the future,
+// bareDo returns *RateLimitError immediately without making a network API call.
 //
 // The provided ctx must be non-nil, if it is nil an error is returned. If it is
 // canceled or times out, ctx.Err() will be returned.
-func (c *Client) BareDo(ctx context.Context, req *http.Request) (*Response, error) {
+func (c *Client) bareDo(ctx context.Context, caller *http.Client, req *http.Request) (*Response, error) {
 	if ctx == nil {
 		return nil, errNonNilContext
 	}
 
 	req = withContext(ctx, req)
 
-	rateLimitCategory := category(req.Method, req.URL.Path)
+	rateLimitCategory := GetRateLimitCategory(req.Method, req.URL.Path)
 
-	if bypass := ctx.Value(bypassRateLimitCheck); bypass == nil {
+	if bypass := ctx.Value(BypassRateLimitCheck); bypass == nil {
 		// If we've hit rate limit, don't make further requests before Reset time.
 		if err := c.checkRateLimitBeforeDo(req, rateLimitCategory); err != nil {
 			return &Response{
@@ -810,20 +861,25 @@ func (c *Client) BareDo(ctx context.Context, req *http.Request) (*Response, erro
 			}, err
 		}
 		// If we've hit a secondary rate limit, don't make further requests before Retry After.
-		if err := c.checkSecondaryRateLimitBeforeDo(ctx, req); err != nil {
+		if err := c.checkSecondaryRateLimitBeforeDo(req); err != nil {
 			return &Response{
 				Response: err.Response,
 			}, err
 		}
 	}
 
-	resp, err := c.client.Do(req)
+	resp, err := caller.Do(req)
+	var response *Response
+	if resp != nil {
+		response = newResponse(resp)
+	}
+
 	if err != nil {
 		// If we got an error, and the context has been canceled,
 		// the context's error is probably more useful.
 		select {
 		case <-ctx.Done():
-			return nil, ctx.Err()
+			return response, ctx.Err()
 		default:
 		}
 
@@ -831,15 +887,13 @@ func (c *Client) BareDo(ctx context.Context, req *http.Request) (*Response, erro
 		if e, ok := err.(*url.Error); ok {
 			if url, err := url.Parse(e.URL); err == nil {
 				e.URL = sanitizeURL(url).String()
-				return nil, e
+				return response, e
 			}
 		}
 
-		return nil, err
+		return response, err
 	}
 
-	response := newResponse(resp)
-
 	// Don't update the rate limits if this was a cached response.
 	// X-From-Cache is set by https://github.com/gregjones/httpcache
 	if response.Header.Get("X-From-Cache") == "" {
@@ -867,9 +921,22 @@ func (c *Client) BareDo(ctx context.Context, req *http.Request) (*Response, erro
 			err = aerr
 		}
 
+		rateLimitError, ok := err.(*RateLimitError)
+		if ok && req.Context().Value(SleepUntilPrimaryRateLimitResetWhenRateLimited) != nil {
+			if err := sleepUntilResetWithBuffer(req.Context(), rateLimitError.Rate.Reset.Time); err != nil {
+				return response, err
+			}
+			// retry the request once when the rate limit has reset
+			return c.bareDo(context.WithValue(req.Context(), SleepUntilPrimaryRateLimitResetWhenRateLimited, nil), caller, req)
+		}
+
 		// Update the secondary rate limit if we hit it.
 		rerr, ok := err.(*AbuseRateLimitError)
 		if ok && rerr.RetryAfter != nil {
+			// if a max duration is specified, make sure that we are waiting at most this duration
+			if c.MaxSecondaryRateLimitRetryAfterDuration > 0 && rerr.GetRetryAfter() > c.MaxSecondaryRateLimitRetryAfterDuration {
+				rerr.RetryAfter = &c.MaxSecondaryRateLimitRetryAfterDuration
+			}
 			c.rateMu.Lock()
 			c.secondaryRateLimitReset = time.Now().Add(*rerr.RetryAfter)
 			c.rateMu.Unlock()
@@ -878,11 +945,77 @@ func (c *Client) BareDo(ctx context.Context, req *http.Request) (*Response, erro
 	return response, err
 }
 
+// BareDo sends an API request and lets you handle the api response. If an error
+// or API Error occurs, the error will contain more information. Otherwise you
+// are supposed to read and close the response's Body. If rate limit is exceeded
+// and reset time is in the future, BareDo returns *RateLimitError immediately
+// without making a network API call.
+//
+// The provided ctx must be non-nil, if it is nil an error is returned. If it is
+// canceled or times out, ctx.Err() will be returned.
+func (c *Client) BareDo(ctx context.Context, req *http.Request) (*Response, error) {
+	return c.bareDo(ctx, c.client, req)
+}
+
+// bareDoIgnoreRedirects has the exact same behavior as BareDo but stops at the first
+// redirection code returned by the API. If a redirection is returned by the api, bareDoIgnoreRedirects
+// returns a *RedirectionError.
+//
+// The provided ctx must be non-nil, if it is nil an error is returned. If it is
+// canceled or times out, ctx.Err() will be returned.
+func (c *Client) bareDoIgnoreRedirects(ctx context.Context, req *http.Request) (*Response, error) {
+	return c.bareDo(ctx, c.clientIgnoreRedirects, req)
+}
+
+var errInvalidLocation = errors.New("invalid or empty Location header in redirection response")
+
+// bareDoUntilFound has the exact same behavior as BareDo but only follows 301s, up to maxRedirects times. If it receives
+// a 302, it will parse the Location header into a *url.URL and return that.
+// This is useful for endpoints that return a 302 in successful cases but still might return 301s for
+// permanent redirections.
+//
+// The provided ctx must be non-nil, if it is nil an error is returned. If it is
+// canceled or times out, ctx.Err() will be returned.
+func (c *Client) bareDoUntilFound(ctx context.Context, req *http.Request, maxRedirects int) (*url.URL, *Response, error) {
+	response, err := c.bareDoIgnoreRedirects(ctx, req)
+	if err != nil {
+		rerr, ok := err.(*RedirectionError)
+		if ok {
+			// If we receive a 302, transform potential relative locations into absolute and return it.
+			if rerr.StatusCode == http.StatusFound {
+				if rerr.Location == nil {
+					return nil, nil, errInvalidLocation
+				}
+				newURL := c.BaseURL.ResolveReference(rerr.Location)
+				return newURL, response, nil
+			}
+			// If permanent redirect response is returned, follow it
+			if maxRedirects > 0 && rerr.StatusCode == http.StatusMovedPermanently {
+				if rerr.Location == nil {
+					return nil, nil, errInvalidLocation
+				}
+				newURL := c.BaseURL.ResolveReference(rerr.Location)
+				newRequest := req.Clone(ctx)
+				newRequest.URL = newURL
+				return c.bareDoUntilFound(ctx, newRequest, maxRedirects-1)
+			}
+			// If we reached the maximum amount of redirections, return an error
+			if maxRedirects <= 0 && rerr.StatusCode == http.StatusMovedPermanently {
+				return nil, response, fmt.Errorf("reached the maximum amount of redirections: %w", err)
+			}
+			return nil, response, fmt.Errorf("unexpected redirection response: %w", err)
+		}
+	}
+
+	// If we don't receive a redirection, forward the response and potential error
+	return nil, response, err
+}
+
 // Do sends an API request and returns the API response. The API response is
 // JSON decoded and stored in the value pointed to by v, or returned as an
 // error if an API error has occurred. If v implements the io.Writer interface,
 // the raw response body will be written to v, without attempting to first
-// decode it. If v is nil, and no error hapens, the response is returned as is.
+// decode it. If v is nil, and no error happens, the response is returned as is.
 // If rate limit is exceeded and reset time is in the future, Do returns
 // *RateLimitError immediately without making a network API call.
 //
@@ -915,7 +1048,7 @@ func (c *Client) Do(ctx context.Context, req *http.Request, v interface{}) (*Res
 // current client state in order to quickly check if *RateLimitError can be immediately returned
 // from Client.Do, and if so, returns it so that Client.Do can skip making a network API call unnecessarily.
 // Otherwise it returns nil, and Client.Do should proceed normally.
-func (c *Client) checkRateLimitBeforeDo(req *http.Request, rateLimitCategory rateLimitCategory) *RateLimitError {
+func (c *Client) checkRateLimitBeforeDo(req *http.Request, rateLimitCategory RateLimitCategory) *RateLimitError {
 	c.rateMu.Lock()
 	rate := c.rateLimits[rateLimitCategory]
 	c.rateMu.Unlock()
@@ -928,6 +1061,18 @@ func (c *Client) checkRateLimitBeforeDo(req *http.Request, rateLimitCategory rat
 			Header:     make(http.Header),
 			Body:       io.NopCloser(strings.NewReader("")),
 		}
+
+		if req.Context().Value(SleepUntilPrimaryRateLimitResetWhenRateLimited) != nil {
+			if err := sleepUntilResetWithBuffer(req.Context(), rate.Reset.Time); err == nil {
+				return nil
+			}
+			return &RateLimitError{
+				Rate:     rate,
+				Response: resp,
+				Message:  fmt.Sprintf("Context cancelled while waiting for rate limit to reset until %v, not making remote request.", rate.Reset.Time),
+			}
+		}
+
 		return &RateLimitError{
 			Rate:     rate,
 			Response: resp,
@@ -942,7 +1087,7 @@ func (c *Client) checkRateLimitBeforeDo(req *http.Request, rateLimitCategory rat
 // current client state in order to quickly check if *AbuseRateLimitError can be immediately returned
 // from Client.Do, and if so, returns it so that Client.Do can skip making a network API call unnecessarily.
 // Otherwise it returns nil, and Client.Do should proceed normally.
-func (c *Client) checkSecondaryRateLimitBeforeDo(ctx context.Context, req *http.Request) *AbuseRateLimitError {
+func (c *Client) checkSecondaryRateLimitBeforeDo(req *http.Request) *AbuseRateLimitError {
 	c.rateMu.Lock()
 	secondary := c.secondaryRateLimitReset
 	c.rateMu.Unlock()
@@ -984,17 +1129,18 @@ func compareHTTPResponse(r1, r2 *http.Response) bool {
 /*
 An ErrorResponse reports one or more errors caused by an API request.
 
-GitHub API docs: https://docs.github.com/en/rest/#client-errors
+GitHub API docs: https://docs.github.com/rest/#client-errors
 */
 type ErrorResponse struct {
 	Response *http.Response `json:"-"`       // HTTP response that caused this error
 	Message  string         `json:"message"` // error message
-	Errors   []Error        `json:"errors"`  // more detail on individual errors
+	//nolint:sliceofpointers
+	Errors []Error `json:"errors"` // more detail on individual errors
 	// Block is only populated on certain types of errors such as code 451.
 	Block *ErrorBlock `json:"block,omitempty"`
 	// Most errors will also include a documentation_url field pointing
 	// to some content that might help you resolve the error, see
-	// https://docs.github.com/en/rest/#client-errors
+	// https://docs.github.com/rest/#client-errors
 	DocumentationURL string `json:"documentation_url,omitempty"`
 }
 
@@ -1007,9 +1153,17 @@ type ErrorBlock struct {
 }
 
 func (r *ErrorResponse) Error() string {
-	return fmt.Sprintf("%v %v: %d %v %+v",
-		r.Response.Request.Method, sanitizeURL(r.Response.Request.URL),
-		r.Response.StatusCode, r.Message, r.Errors)
+	if r.Response != nil && r.Response.Request != nil {
+		return fmt.Sprintf("%v %v: %d %v %+v",
+			r.Response.Request.Method, sanitizeURL(r.Response.Request.URL),
+			r.Response.StatusCode, r.Message, r.Errors)
+	}
+
+	if r.Response != nil {
+		return fmt.Sprintf("%d %v %+v", r.Response.StatusCode, r.Message, r.Errors)
+	}
+
+	return fmt.Sprintf("%v %+v", r.Message, r.Errors)
 }
 
 // Is returns whether the provided error equals this error.
@@ -1114,7 +1268,7 @@ func (ae *AcceptedError) Is(target error) bool {
 }
 
 // AbuseRateLimitError occurs when GitHub returns 403 Forbidden response with the
-// "documentation_url" field value equal to "https://docs.github.com/en/rest/overview/resources-in-the-rest-api#secondary-rate-limits".
+// "documentation_url" field value equal to "https://docs.github.com/rest/overview/rate-limits-for-the-rest-api#about-secondary-rate-limits".
 type AbuseRateLimitError struct {
 	Response *http.Response // HTTP response that caused this error
 	Message  string         `json:"message"` // error message
@@ -1143,6 +1297,40 @@ func (r *AbuseRateLimitError) Is(target error) bool {
 		compareHTTPResponse(r.Response, v.Response)
 }
 
+// RedirectionError represents a response that returned a redirect status code:
+//
+//	301 (Moved Permanently)
+//	302 (Found)
+//	303 (See Other)
+//	307 (Temporary Redirect)
+//	308 (Permanent Redirect)
+//
+// If there was a valid Location header included, it will be parsed to a URL. You should use
+// `BaseURL.ResolveReference()` to enrich it with the correct hostname where needed.
+type RedirectionError struct {
+	Response   *http.Response // HTTP response that caused this error
+	StatusCode int
+	Location   *url.URL // location header of the redirection if present
+}
+
+func (r *RedirectionError) Error() string {
+	return fmt.Sprintf("%v %v: %d location %v",
+		r.Response.Request.Method, sanitizeURL(r.Response.Request.URL),
+		r.StatusCode, sanitizeURL(r.Location))
+}
+
+// Is returns whether the provided error equals this error.
+func (r *RedirectionError) Is(target error) bool {
+	v, ok := target.(*RedirectionError)
+	if !ok {
+		return false
+	}
+
+	return r.StatusCode == v.StatusCode &&
+		(r.Location == v.Location || // either both locations are nil or exactly the same pointer
+			r.Location != nil && v.Location != nil && r.Location.String() == v.Location.String()) // or they are both not nil and marshaled identically
+}
+
 // sanitizeURL redacts the client_secret parameter from the URL which may be
 // exposed to the user.
 func sanitizeURL(uri *url.URL) *url.URL {
@@ -1177,7 +1365,7 @@ GitHub error responses structure are often undocumented and inconsistent.
 Sometimes error is just a simple string (Issue #540).
 In such cases, Message represents an error message as a workaround.
 
-GitHub API docs: https://docs.github.com/en/rest/#client-errors
+GitHub API docs: https://docs.github.com/rest/#client-errors
 */
 type Error struct {
 	Resource string `json:"resource"` // resource on which the error occurred
@@ -1207,7 +1395,8 @@ func (e *Error) UnmarshalJSON(data []byte) error {
 //
 // The error type will be *RateLimitError for rate limit exceeded errors,
 // *AcceptedError for 202 Accepted status codes,
-// and *TwoFactorAuthError for two-factor authentication errors.
+// *TwoFactorAuthError for two-factor authentication errors,
+// and *RedirectionError for redirect status codes (only happens when ignoring redirections).
 func CheckResponse(r *http.Response) error {
 	if r.StatusCode == http.StatusAccepted {
 		return &AcceptedError{}
@@ -1219,7 +1408,11 @@ func CheckResponse(r *http.Response) error {
 	errorResponse := &ErrorResponse{Response: r}
 	data, err := io.ReadAll(r.Body)
 	if err == nil && data != nil {
-		json.Unmarshal(data, errorResponse)
+		err = json.Unmarshal(data, errorResponse)
+		if err != nil {
+			// reset the response as if this never happened
+			errorResponse = &ErrorResponse{Response: r}
+		}
 	}
 	// Re-populate error response body because GitHub error responses are often
 	// undocumented and inconsistent.
@@ -1236,7 +1429,7 @@ func CheckResponse(r *http.Response) error {
 		}
 	case r.StatusCode == http.StatusForbidden &&
 		(strings.HasSuffix(errorResponse.DocumentationURL, "#abuse-rate-limits") ||
-			strings.HasSuffix(errorResponse.DocumentationURL, "#secondary-rate-limits")):
+			strings.HasSuffix(errorResponse.DocumentationURL, "secondary-rate-limits")):
 		abuseRateLimitError := &AbuseRateLimitError{
 			Response: errorResponse.Response,
 			Message:  errorResponse.Message,
@@ -1245,6 +1438,25 @@ func CheckResponse(r *http.Response) error {
 			abuseRateLimitError.RetryAfter = retryAfter
 		}
 		return abuseRateLimitError
+	// Check that the status code is a redirection and return a sentinel error that can be used to handle special cases
+	// where 302 is considered a successful result.
+	// This should never happen with the default `CheckRedirect`, because it would return a `url.Error` that should be handled upstream.
+	case r.StatusCode == http.StatusMovedPermanently ||
+		r.StatusCode == http.StatusFound ||
+		r.StatusCode == http.StatusSeeOther ||
+		r.StatusCode == http.StatusTemporaryRedirect ||
+		r.StatusCode == http.StatusPermanentRedirect:
+
+		locationStr := r.Header.Get("Location")
+		var location *url.URL
+		if locationStr != "" {
+			location, _ = url.Parse(locationStr)
+		}
+		return &RedirectionError{
+			Response:   errorResponse.Response,
+			StatusCode: r.StatusCode,
+			Location:   location,
+		}
 	default:
 		return errorResponse
 	}
@@ -1269,150 +1481,78 @@ func parseBoolResponse(err error) (bool, error) {
 	return false, err
 }
 
-// Rate represents the rate limit for the current client.
-type Rate struct {
-	// The number of requests per hour the client is currently limited to.
-	Limit int `json:"limit"`
-
-	// The number of remaining requests the client can make this hour.
-	Remaining int `json:"remaining"`
-
-	// The time at which the current rate limit will reset.
-	Reset Timestamp `json:"reset"`
-}
-
-func (r Rate) String() string {
-	return Stringify(r)
-}
-
-// RateLimits represents the rate limits for the current client.
-type RateLimits struct {
-	// The rate limit for non-search API requests. Unauthenticated
-	// requests are limited to 60 per hour. Authenticated requests are
-	// limited to 5,000 per hour.
-	//
-	// GitHub API docs: https://docs.github.com/en/rest/overview/resources-in-the-rest-api#rate-limiting
-	Core *Rate `json:"core"`
-
-	// The rate limit for search API requests. Unauthenticated requests
-	// are limited to 10 requests per minutes. Authenticated requests are
-	// limited to 30 per minute.
-	//
-	// GitHub API docs: https://docs.github.com/en/rest/search#rate-limit
-	Search *Rate `json:"search"`
-
-	// GitHub API docs: https://docs.github.com/en/graphql/overview/resource-limitations#rate-limit
-	GraphQL *Rate `json:"graphql"`
-
-	// GitHub API dos: https://docs.github.com/en/rest/rate-limit
-	IntegrationManifest *Rate `json:"integration_manifest"`
-
-	SourceImport              *Rate `json:"source_import"`
-	CodeScanningUpload        *Rate `json:"code_scanning_upload"`
-	ActionsRunnerRegistration *Rate `json:"actions_runner_registration"`
-	SCIM                      *Rate `json:"scim"`
-}
-
-func (r RateLimits) String() string {
-	return Stringify(r)
-}
-
-type rateLimitCategory uint8
+type RateLimitCategory uint8
 
 const (
-	coreCategory rateLimitCategory = iota
-	searchCategory
-	graphqlCategory
-	integrationManifestCategory
-	sourceImportCategory
-	codeScanningUploadCategory
-	actionsRunnerRegistrationCategory
-	scimCategory
-
-	categories // An array of this length will be able to contain all rate limit categories.
+	CoreCategory RateLimitCategory = iota
+	SearchCategory
+	GraphqlCategory
+	IntegrationManifestCategory
+	SourceImportCategory
+	CodeScanningUploadCategory
+	ActionsRunnerRegistrationCategory
+	ScimCategory
+	DependencySnapshotsCategory
+	CodeSearchCategory
+	AuditLogCategory
+
+	Categories // An array of this length will be able to contain all rate limit categories.
 )
 
-// category returns the rate limit category of the endpoint, determined by HTTP method and Request.URL.Path.
-func category(method, path string) rateLimitCategory {
+// GetRateLimitCategory returns the rate limit RateLimitCategory of the endpoint, determined by HTTP method and Request.URL.Path.
+func GetRateLimitCategory(method, path string) RateLimitCategory {
 	switch {
-	// https://docs.github.com/en/rest/rate-limit#about-rate-limits
+	// https://docs.github.com/rest/rate-limit#about-rate-limits
 	default:
 		// NOTE: coreCategory is returned for actionsRunnerRegistrationCategory too,
 		// because no API found for this category.
-		return coreCategory
+		return CoreCategory
+
+	// https://docs.github.com/en/rest/search/search#search-code
+	case strings.HasPrefix(path, "/search/code") &&
+		method == http.MethodGet:
+		return CodeSearchCategory
+
 	case strings.HasPrefix(path, "/search/"):
-		return searchCategory
+		return SearchCategory
 	case path == "/graphql":
-		return graphqlCategory
+		return GraphqlCategory
 	case strings.HasPrefix(path, "/app-manifests/") &&
 		strings.HasSuffix(path, "/conversions") &&
 		method == http.MethodPost:
-		return integrationManifestCategory
+		return IntegrationManifestCategory
 
-	// https://docs.github.com/en/rest/migrations/source-imports#start-an-import
+	// https://docs.github.com/rest/migrations/source-imports#start-an-import
 	case strings.HasPrefix(path, "/repos/") &&
 		strings.HasSuffix(path, "/import") &&
 		method == http.MethodPut:
-		return sourceImportCategory
+		return SourceImportCategory
 
-	// https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data
+	// https://docs.github.com/rest/code-scanning#upload-an-analysis-as-sarif-data
 	case strings.HasSuffix(path, "/code-scanning/sarifs"):
-		return codeScanningUploadCategory
+		return CodeScanningUploadCategory
 
-	// https://docs.github.com/en/enterprise-cloud@latest/rest/scim
+	// https://docs.github.com/enterprise-cloud@latest/rest/scim
 	case strings.HasPrefix(path, "/scim/"):
-		return scimCategory
+		return ScimCategory
+
+	// https://docs.github.com/en/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
+	case strings.HasPrefix(path, "/repos/") &&
+		strings.HasSuffix(path, "/dependency-graph/snapshots") &&
+		method == http.MethodPost:
+		return DependencySnapshotsCategory
+
+	// https://docs.github.com/en/enterprise-cloud@latest/rest/orgs/orgs?apiVersion=2022-11-28#get-the-audit-log-for-an-organization
+	case strings.HasSuffix(path, "/audit-log"):
+		return AuditLogCategory
 	}
 }
 
 // RateLimits returns the rate limits for the current client.
+//
+// Deprecated: Use RateLimitService.Get instead.
 func (c *Client) RateLimits(ctx context.Context) (*RateLimits, *Response, error) {
-	req, err := c.NewRequest("GET", "rate_limit", nil)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	response := new(struct {
-		Resources *RateLimits `json:"resources"`
-	})
-
-	// This resource is not subject to rate limits.
-	ctx = context.WithValue(ctx, bypassRateLimitCheck, true)
-	resp, err := c.Do(ctx, req, response)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	if response.Resources != nil {
-		c.rateMu.Lock()
-		if response.Resources.Core != nil {
-			c.rateLimits[coreCategory] = *response.Resources.Core
-		}
-		if response.Resources.Search != nil {
-			c.rateLimits[searchCategory] = *response.Resources.Search
-		}
-		if response.Resources.GraphQL != nil {
-			c.rateLimits[graphqlCategory] = *response.Resources.GraphQL
-		}
-		if response.Resources.IntegrationManifest != nil {
-			c.rateLimits[integrationManifestCategory] = *response.Resources.IntegrationManifest
-		}
-		if response.Resources.SourceImport != nil {
-			c.rateLimits[sourceImportCategory] = *response.Resources.SourceImport
-		}
-		if response.Resources.CodeScanningUpload != nil {
-			c.rateLimits[codeScanningUploadCategory] = *response.Resources.CodeScanningUpload
-		}
-		if response.Resources.ActionsRunnerRegistration != nil {
-			c.rateLimits[actionsRunnerRegistrationCategory] = *response.Resources.ActionsRunnerRegistration
-		}
-		if response.Resources.SCIM != nil {
-			c.rateLimits[scimCategory] = *response.Resources.SCIM
-		}
-		c.rateMu.Unlock()
-	}
-
-	return response.Resources, resp, nil
+	return c.RateLimit.Get(ctx)
 }
 
 func setCredentialsAsHeaders(req *http.Request, id, secret string) *http.Request {
@@ -1446,7 +1586,7 @@ that need to use a higher rate limit associated with your OAuth application.
 This will add the client id and secret as a base64-encoded string in the format
 ClientID:ClientSecret and apply it as an "Authorization": "Basic" header.
 
-See https://docs.github.com/en/rest/#unauthenticated-rate-limited-requests for
+See https://docs.github.com/rest/#unauthenticated-rate-limited-requests for
 more information.
 */
 type UnauthenticatedRateLimitedTransport struct {
@@ -1552,9 +1692,23 @@ func formatRateReset(d time.Duration) string {
 	return fmt.Sprintf("[rate reset in %v]", timeString)
 }
 
+func sleepUntilResetWithBuffer(ctx context.Context, reset time.Time) error {
+	buffer := time.Second
+	timer := time.NewTimer(time.Until(reset) + buffer)
+	select {
+	case <-ctx.Done():
+		if !timer.Stop() {
+			<-timer.C
+		}
+		return ctx.Err()
+	case <-timer.C:
+	}
+	return nil
+}
+
 // When using roundTripWithOptionalFollowRedirect, note that it
 // is the responsibility of the caller to close the response body.
-func (c *Client) roundTripWithOptionalFollowRedirect(ctx context.Context, u string, followRedirects bool, opts ...RequestOption) (*http.Response, error) {
+func (c *Client) roundTripWithOptionalFollowRedirect(ctx context.Context, u string, maxRedirects int, opts ...RequestOption) (*http.Response, error) {
 	req, err := c.NewRequest("GET", u, nil, opts...)
 	if err != nil {
 		return nil, err
@@ -1573,33 +1727,62 @@ func (c *Client) roundTripWithOptionalFollowRedirect(ctx context.Context, u stri
 	}
 
 	// If redirect response is returned, follow it
-	if followRedirects && resp.StatusCode == http.StatusMovedPermanently {
-		resp.Body.Close()
+	if maxRedirects > 0 && resp.StatusCode == http.StatusMovedPermanently {
+		_ = resp.Body.Close()
 		u = resp.Header.Get("Location")
-		resp, err = c.roundTripWithOptionalFollowRedirect(ctx, u, false, opts...)
+		resp, err = c.roundTripWithOptionalFollowRedirect(ctx, u, maxRedirects-1, opts...)
 	}
 	return resp, err
 }
 
+// Ptr is a helper routine that allocates a new T value
+// to store v and returns a pointer to it.
+func Ptr[T any](v T) *T {
+	return &v
+}
+
 // Bool is a helper routine that allocates a new bool value
 // to store v and returns a pointer to it.
+//
+// Deprecated: use Ptr instead.
 func Bool(v bool) *bool { return &v }
 
 // Int is a helper routine that allocates a new int value
 // to store v and returns a pointer to it.
+//
+// Deprecated: use Ptr instead.
 func Int(v int) *int { return &v }
 
 // Int64 is a helper routine that allocates a new int64 value
 // to store v and returns a pointer to it.
+//
+// Deprecated: use Ptr instead.
 func Int64(v int64) *int64 { return &v }
 
 // String is a helper routine that allocates a new string value
 // to store v and returns a pointer to it.
+//
+// Deprecated: use Ptr instead.
 func String(v string) *string { return &v }
 
-// roundTripperFunc creates a RoundTripper (transport)
+// roundTripperFunc creates a RoundTripper (transport).
 type roundTripperFunc func(*http.Request) (*http.Response, error)
 
 func (fn roundTripperFunc) RoundTrip(r *http.Request) (*http.Response, error) {
 	return fn(r)
 }
+
+var runIDFromURLRE = regexp.MustCompile(`repos/.*/actions/runs/(\d+)/deployment_protection_rule$`)
+
+// GetRunID is a Helper Function used to extract the workflow RunID from the *DeploymentProtectionRuleEvent.DeploymentCallBackURL.
+func (e *DeploymentProtectionRuleEvent) GetRunID() (int64, error) {
+	match := runIDFromURLRE.FindStringSubmatch(*e.DeploymentCallbackURL)
+	if len(match) != 2 {
+		return -1, errors.New("no match")
+	}
+	runID, err := strconv.ParseInt(match[1], 10, 64)
+	if err != nil {
+		return -1, err
+	}
+	return runID, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/gitignore.go b/vendor/github.com/google/go-github/v72/github/gitignore.go
similarity index 80%
rename from vendor/github.com/google/go-github/v55/github/gitignore.go
rename to vendor/github.com/google/go-github/v72/github/gitignore.go
index a20a868b44..34cf285e14 100644
--- a/vendor/github.com/google/go-github/v55/github/gitignore.go
+++ b/vendor/github.com/google/go-github/v72/github/gitignore.go
@@ -13,7 +13,7 @@ import (
 // GitignoresService provides access to the gitignore related functions in the
 // GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gitignore/
+// GitHub API docs: https://docs.github.com/rest/gitignore/
 type GitignoresService service
 
 // Gitignore represents a .gitignore file as returned by the GitHub API.
@@ -28,7 +28,9 @@ func (g Gitignore) String() string {
 
 // List all available Gitignore templates.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gitignore/#listing-available-templates
+// GitHub API docs: https://docs.github.com/rest/gitignore/gitignore#get-all-gitignore-templates
+//
+//meta:operation GET /gitignore/templates
 func (s *GitignoresService) List(ctx context.Context) ([]string, *Response, error) {
 	req, err := s.client.NewRequest("GET", "gitignore/templates", nil)
 	if err != nil {
@@ -46,7 +48,9 @@ func (s *GitignoresService) List(ctx context.Context) ([]string, *Response, erro
 
 // Get a Gitignore by name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/gitignore#get-a-gitignore-template
+// GitHub API docs: https://docs.github.com/rest/gitignore/gitignore#get-a-gitignore-template
+//
+//meta:operation GET /gitignore/templates/{name}
 func (s *GitignoresService) Get(ctx context.Context, name string) (*Gitignore, *Response, error) {
 	u := fmt.Sprintf("gitignore/templates/%v", name)
 	req, err := s.client.NewRequest("GET", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/interactions.go b/vendor/github.com/google/go-github/v72/github/interactions.go
similarity index 94%
rename from vendor/github.com/google/go-github/v55/github/interactions.go
rename to vendor/github.com/google/go-github/v72/github/interactions.go
index a690f61268..2268273dd4 100644
--- a/vendor/github.com/google/go-github/v55/github/interactions.go
+++ b/vendor/github.com/google/go-github/v72/github/interactions.go
@@ -8,7 +8,7 @@ package github
 // InteractionsService handles communication with the repository and organization related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/interactions/
+// GitHub API docs: https://docs.github.com/rest/interactions/
 type InteractionsService service
 
 // InteractionRestriction represents the interaction restrictions for repository and organization.
diff --git a/vendor/github.com/google/go-github/v55/github/interactions_orgs.go b/vendor/github.com/google/go-github/v72/github/interactions_orgs.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/interactions_orgs.go
rename to vendor/github.com/google/go-github/v72/github/interactions_orgs.go
index 5c7663f583..47998c4eef 100644
--- a/vendor/github.com/google/go-github/v55/github/interactions_orgs.go
+++ b/vendor/github.com/google/go-github/v72/github/interactions_orgs.go
@@ -12,7 +12,9 @@ import (
 
 // GetRestrictionsForOrg fetches the interaction restrictions for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/interactions/orgs#get-interaction-restrictions-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/interactions/orgs#get-interaction-restrictions-for-an-organization
+//
+//meta:operation GET /orgs/{org}/interaction-limits
 func (s *InteractionsService) GetRestrictionsForOrg(ctx context.Context, organization string) (*InteractionRestriction, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/interaction-limits", organization)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -39,11 +41,13 @@ func (s *InteractionsService) GetRestrictionsForOrg(ctx context.Context, organiz
 // in public repositories for the given organization.
 // Possible values are: "existing_users", "contributors_only", "collaborators_only".
 //
-// GitHub API docs: https://docs.github.com/en/rest/interactions/orgs#set-interaction-restrictions-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/interactions/orgs#set-interaction-restrictions-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/interaction-limits
 func (s *InteractionsService) UpdateRestrictionsForOrg(ctx context.Context, organization, limit string) (*InteractionRestriction, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/interaction-limits", organization)
 
-	interaction := &InteractionRestriction{Limit: String(limit)}
+	interaction := &InteractionRestriction{Limit: Ptr(limit)}
 
 	req, err := s.client.NewRequest("PUT", u, interaction)
 	if err != nil {
@@ -65,7 +69,9 @@ func (s *InteractionsService) UpdateRestrictionsForOrg(ctx context.Context, orga
 
 // RemoveRestrictionsFromOrg removes the interaction restrictions for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/interactions/orgs#remove-interaction-restrictions-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/interactions/orgs#remove-interaction-restrictions-for-an-organization
+//
+//meta:operation DELETE /orgs/{org}/interaction-limits
 func (s *InteractionsService) RemoveRestrictionsFromOrg(ctx context.Context, organization string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/interaction-limits", organization)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/interactions_repos.go b/vendor/github.com/google/go-github/v72/github/interactions_repos.go
similarity index 80%
rename from vendor/github.com/google/go-github/v55/github/interactions_repos.go
rename to vendor/github.com/google/go-github/v72/github/interactions_repos.go
index 41e6c5319d..58fd4f04f3 100644
--- a/vendor/github.com/google/go-github/v55/github/interactions_repos.go
+++ b/vendor/github.com/google/go-github/v72/github/interactions_repos.go
@@ -12,7 +12,9 @@ import (
 
 // GetRestrictionsForRepo fetches the interaction restrictions for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/interactions/repos#get-interaction-restrictions-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/interactions/repos#get-interaction-restrictions-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/interaction-limits
 func (s *InteractionsService) GetRestrictionsForRepo(ctx context.Context, owner, repo string) (*InteractionRestriction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/interaction-limits", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -39,11 +41,13 @@ func (s *InteractionsService) GetRestrictionsForRepo(ctx context.Context, owner,
 // for the given repository.
 // Possible values are: "existing_users", "contributors_only", "collaborators_only".
 //
-// GitHub API docs: https://docs.github.com/en/rest/interactions/repos#set-interaction-restrictions-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/interactions/repos#set-interaction-restrictions-for-a-repository
+//
+//meta:operation PUT /repos/{owner}/{repo}/interaction-limits
 func (s *InteractionsService) UpdateRestrictionsForRepo(ctx context.Context, owner, repo, limit string) (*InteractionRestriction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/interaction-limits", owner, repo)
 
-	interaction := &InteractionRestriction{Limit: String(limit)}
+	interaction := &InteractionRestriction{Limit: Ptr(limit)}
 
 	req, err := s.client.NewRequest("PUT", u, interaction)
 	if err != nil {
@@ -65,7 +69,9 @@ func (s *InteractionsService) UpdateRestrictionsForRepo(ctx context.Context, own
 
 // RemoveRestrictionsFromRepo removes the interaction restrictions for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/interactions/repos#remove-interaction-restrictions-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/interactions/repos#remove-interaction-restrictions-for-a-repository
+//
+//meta:operation DELETE /repos/{owner}/{repo}/interaction-limits
 func (s *InteractionsService) RemoveRestrictionsFromRepo(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/interaction-limits", owner, repo)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/issue_import.go b/vendor/github.com/google/go-github/v72/github/issue_import.go
similarity index 90%
rename from vendor/github.com/google/go-github/v55/github/issue_import.go
rename to vendor/github.com/google/go-github/v72/github/issue_import.go
index 04899772bd..4f06371085 100644
--- a/vendor/github.com/google/go-github/v55/github/issue_import.go
+++ b/vendor/github.com/google/go-github/v72/github/issue_import.go
@@ -70,7 +70,9 @@ type IssueImportError struct {
 
 // Create a new imported issue on the specified repository.
 //
-// https://gist.github.com/jonmagic/5282384165e0f86ef105#start-an-issue-import
+// GitHub API docs: https://gist.github.com/jonmagic/5282384165e0f86ef105#start-an-issue-import
+//
+//meta:operation POST /repos/{owner}/{repo}/import/issues
 func (s *IssueImportService) Create(ctx context.Context, owner, repo string, issue *IssueImportRequest) (*IssueImportResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import/issues", owner, repo)
 	req, err := s.client.NewRequest("POST", u, issue)
@@ -99,7 +101,9 @@ func (s *IssueImportService) Create(ctx context.Context, owner, repo string, iss
 
 // CheckStatus checks the status of an imported issue.
 //
-// https://gist.github.com/jonmagic/5282384165e0f86ef105#import-status-request
+// GitHub API docs: https://gist.github.com/jonmagic/5282384165e0f86ef105#import-status-request
+//
+//meta:operation GET /repos/{owner}/{repo}/import/issues/{issue_number}
 func (s *IssueImportService) CheckStatus(ctx context.Context, owner, repo string, issueID int64) (*IssueImportResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import/issues/%v", owner, repo, issueID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -121,7 +125,9 @@ func (s *IssueImportService) CheckStatus(ctx context.Context, owner, repo string
 
 // CheckStatusSince checks the status of multiple imported issues since a given date.
 //
-// https://gist.github.com/jonmagic/5282384165e0f86ef105#check-status-of-multiple-issues
+// GitHub API docs: https://gist.github.com/jonmagic/5282384165e0f86ef105#check-status-of-multiple-issues
+//
+//meta:operation GET /repos/{owner}/{repo}/import/issues
 func (s *IssueImportService) CheckStatusSince(ctx context.Context, owner, repo string, since Timestamp) ([]*IssueImportResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import/issues?since=%v", owner, repo, since.Format("2006-01-02"))
 	req, err := s.client.NewRequest("GET", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/issues.go b/vendor/github.com/google/go-github/v72/github/issues.go
similarity index 80%
rename from vendor/github.com/google/go-github/v55/github/issues.go
rename to vendor/github.com/google/go-github/v72/github/issues.go
index 42e58a17a8..395d64cf44 100644
--- a/vendor/github.com/google/go-github/v55/github/issues.go
+++ b/vendor/github.com/google/go-github/v72/github/issues.go
@@ -14,7 +14,7 @@ import (
 // IssuesService handles communication with the issue related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/
+// GitHub API docs: https://docs.github.com/rest/issues/
 type IssuesService service
 
 // Issue represents a GitHub issue on a repository.
@@ -54,9 +54,11 @@ type Issue struct {
 	Reactions         *Reactions        `json:"reactions,omitempty"`
 	Assignees         []*User           `json:"assignees,omitempty"`
 	NodeID            *string           `json:"node_id,omitempty"`
+	Draft             *bool             `json:"draft,omitempty"`
+	Type              *IssueType        `json:"type,omitempty"`
 
 	// TextMatches is only populated from search results that request text matches
-	// See: search.go and https://docs.github.com/en/rest/search/#text-match-metadata
+	// See: search.go and https://docs.github.com/rest/search/#text-match-metadata
 	TextMatches []*TextMatch `json:"text_matches,omitempty"`
 
 	// ActiveLockReason is populated only when LockReason is provided while locking the issue.
@@ -88,6 +90,7 @@ type IssueRequest struct {
 	StateReason *string   `json:"state_reason,omitempty"`
 	Milestone   *int      `json:"milestone,omitempty"`
 	Assignees   *[]string `json:"assignees,omitempty"`
+	Type        *string   `json:"type,omitempty"`
 }
 
 // IssueListOptions specifies the optional parameters to the IssuesService.List
@@ -115,16 +118,33 @@ type IssueListOptions struct {
 	// Since filters issues by time.
 	Since time.Time `url:"since,omitempty"`
 
+	ListCursorOptions
+
+	// Add ListOptions so offset pagination with integer type "page" query parameter is accepted
+	// since ListCursorOptions accepts "page" as string only.
 	ListOptions
 }
 
 // PullRequestLinks object is added to the Issue object when it's an issue included
 // in the IssueCommentEvent webhook payload, if the webhook is fired by a comment on a PR.
 type PullRequestLinks struct {
-	URL      *string `json:"url,omitempty"`
-	HTMLURL  *string `json:"html_url,omitempty"`
-	DiffURL  *string `json:"diff_url,omitempty"`
-	PatchURL *string `json:"patch_url,omitempty"`
+	URL      *string    `json:"url,omitempty"`
+	HTMLURL  *string    `json:"html_url,omitempty"`
+	DiffURL  *string    `json:"diff_url,omitempty"`
+	PatchURL *string    `json:"patch_url,omitempty"`
+	MergedAt *Timestamp `json:"merged_at,omitempty"`
+}
+
+// IssueType represents the type of issue.
+// For now it shows up when receiveing an Issue event.
+type IssueType struct {
+	ID          *int64     `json:"id,omitempty"`
+	NodeID      *string    `json:"node_id,omitempty"`
+	Name        *string    `json:"name,omitempty"`
+	Description *string    `json:"description,omitempty"`
+	Color       *string    `json:"color,omitempty"`
+	CreatedAt   *Timestamp `json:"created_at,omitempty"`
+	UpdatedAt   *Timestamp `json:"updated_at,omitempty"`
 }
 
 // List the issues for the authenticated user. If all is true, list issues
@@ -132,8 +152,11 @@ type PullRequestLinks struct {
 // organization repositories; if false, list only owned and member
 // repositories.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/issues#list-user-account-issues-assigned-to-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/issues/issues#list-issues-assigned-to-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/issues/issues#list-issues-assigned-to-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/issues/issues#list-user-account-issues-assigned-to-the-authenticated-user
+//
+//meta:operation GET /issues
+//meta:operation GET /user/issues
 func (s *IssuesService) List(ctx context.Context, all bool, opts *IssueListOptions) ([]*Issue, *Response, error) {
 	var u string
 	if all {
@@ -147,7 +170,9 @@ func (s *IssuesService) List(ctx context.Context, all bool, opts *IssueListOptio
 // ListByOrg fetches the issues in the specified organization for the
 // authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/issues#list-organization-issues-assigned-to-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/issues/issues#list-organization-issues-assigned-to-the-authenticated-user
+//
+//meta:operation GET /orgs/{org}/issues
 func (s *IssuesService) ListByOrg(ctx context.Context, org string, opts *IssueListOptions) ([]*Issue, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/issues", org)
 	return s.listIssues(ctx, u, opts)
@@ -213,12 +238,18 @@ type IssueListByRepoOptions struct {
 	// Since filters issues by time.
 	Since time.Time `url:"since,omitempty"`
 
+	ListCursorOptions
+
+	// Add ListOptions so offset pagination with integer type "page" query parameter is accepted
+	// since ListCursorOptions accepts "page" as string only.
 	ListOptions
 }
 
 // ListByRepo lists the issues for the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/issues#list-repository-issues
+// GitHub API docs: https://docs.github.com/rest/issues/issues#list-repository-issues
+//
+//meta:operation GET /repos/{owner}/{repo}/issues
 func (s *IssuesService) ListByRepo(ctx context.Context, owner string, repo string, opts *IssueListByRepoOptions) ([]*Issue, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues", owner, repo)
 	u, err := addOptions(u, opts)
@@ -245,7 +276,9 @@ func (s *IssuesService) ListByRepo(ctx context.Context, owner string, repo strin
 
 // Get a single issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/issues#get-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/issues#get-an-issue
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/{issue_number}
 func (s *IssuesService) Get(ctx context.Context, owner string, repo string, number int) (*Issue, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%d", owner, repo, number)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -267,7 +300,9 @@ func (s *IssuesService) Get(ctx context.Context, owner string, repo string, numb
 
 // Create a new issue on the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/issues#create-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/issues#create-an-issue
+//
+//meta:operation POST /repos/{owner}/{repo}/issues
 func (s *IssuesService) Create(ctx context.Context, owner string, repo string, issue *IssueRequest) (*Issue, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues", owner, repo)
 	req, err := s.client.NewRequest("POST", u, issue)
@@ -286,7 +321,9 @@ func (s *IssuesService) Create(ctx context.Context, owner string, repo string, i
 
 // Edit (update) an issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/issues#update-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/issues#update-an-issue
+//
+//meta:operation PATCH /repos/{owner}/{repo}/issues/{issue_number}
 func (s *IssuesService) Edit(ctx context.Context, owner string, repo string, number int, issue *IssueRequest) (*Issue, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%d", owner, repo, number)
 	req, err := s.client.NewRequest("PATCH", u, issue)
@@ -303,11 +340,13 @@ func (s *IssuesService) Edit(ctx context.Context, owner string, repo string, num
 	return i, resp, nil
 }
 
-// Remove a milestone from an issue.
+// RemoveMilestone removes a milestone from an issue.
 //
 // This is a helper method to explicitly update an issue with a `null` milestone, thereby removing it.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/issues#update-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/issues#update-an-issue
+//
+//meta:operation PATCH /repos/{owner}/{repo}/issues/{issue_number}
 func (s *IssuesService) RemoveMilestone(ctx context.Context, owner, repo string, issueNumber int) (*Issue, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%v", owner, repo, issueNumber)
 	req, err := s.client.NewRequest("PATCH", u, &struct {
@@ -337,7 +376,9 @@ type LockIssueOptions struct {
 
 // Lock an issue's conversation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/issues#lock-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/issues#lock-an-issue
+//
+//meta:operation PUT /repos/{owner}/{repo}/issues/{issue_number}/lock
 func (s *IssuesService) Lock(ctx context.Context, owner string, repo string, number int, opts *LockIssueOptions) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%d/lock", owner, repo, number)
 	req, err := s.client.NewRequest("PUT", u, opts)
@@ -350,7 +391,9 @@ func (s *IssuesService) Lock(ctx context.Context, owner string, repo string, num
 
 // Unlock an issue's conversation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/issues#unlock-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/issues#unlock-an-issue
+//
+//meta:operation DELETE /repos/{owner}/{repo}/issues/{issue_number}/lock
 func (s *IssuesService) Unlock(ctx context.Context, owner string, repo string, number int) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%d/lock", owner, repo, number)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/issues_assignees.go b/vendor/github.com/google/go-github/v72/github/issues_assignees.go
similarity index 79%
rename from vendor/github.com/google/go-github/v55/github/issues_assignees.go
rename to vendor/github.com/google/go-github/v72/github/issues_assignees.go
index b7f2e80243..fd065771ed 100644
--- a/vendor/github.com/google/go-github/v55/github/issues_assignees.go
+++ b/vendor/github.com/google/go-github/v72/github/issues_assignees.go
@@ -13,7 +13,9 @@ import (
 // ListAssignees fetches all available assignees (owners and collaborators) to
 // which issues may be assigned.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/assignees#list-assignees
+// GitHub API docs: https://docs.github.com/rest/issues/assignees#list-assignees
+//
+//meta:operation GET /repos/{owner}/{repo}/assignees
 func (s *IssuesService) ListAssignees(ctx context.Context, owner, repo string, opts *ListOptions) ([]*User, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/assignees", owner, repo)
 	u, err := addOptions(u, opts)
@@ -37,7 +39,9 @@ func (s *IssuesService) ListAssignees(ctx context.Context, owner, repo string, o
 
 // IsAssignee checks if a user is an assignee for the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/assignees#check-if-a-user-can-be-assigned
+// GitHub API docs: https://docs.github.com/rest/issues/assignees#check-if-a-user-can-be-assigned
+//
+//meta:operation GET /repos/{owner}/{repo}/assignees/{assignee}
 func (s *IssuesService) IsAssignee(ctx context.Context, owner, repo, user string) (bool, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/assignees/%v", owner, repo, user)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -52,7 +56,9 @@ func (s *IssuesService) IsAssignee(ctx context.Context, owner, repo, user string
 
 // AddAssignees adds the provided GitHub users as assignees to the issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/assignees#add-assignees-to-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/assignees#add-assignees-to-an-issue
+//
+//meta:operation POST /repos/{owner}/{repo}/issues/{issue_number}/assignees
 func (s *IssuesService) AddAssignees(ctx context.Context, owner, repo string, number int, assignees []string) (*Issue, *Response, error) {
 	users := &struct {
 		Assignees []string `json:"assignees,omitempty"`
@@ -74,7 +80,9 @@ func (s *IssuesService) AddAssignees(ctx context.Context, owner, repo string, nu
 
 // RemoveAssignees removes the provided GitHub users as assignees from the issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/assignees#remove-assignees-from-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/assignees#remove-assignees-from-an-issue
+//
+//meta:operation DELETE /repos/{owner}/{repo}/issues/{issue_number}/assignees
 func (s *IssuesService) RemoveAssignees(ctx context.Context, owner, repo string, number int, assignees []string) (*Issue, *Response, error) {
 	users := &struct {
 		Assignees []string `json:"assignees,omitempty"`
diff --git a/vendor/github.com/google/go-github/v55/github/issues_comments.go b/vendor/github.com/google/go-github/v72/github/issues_comments.go
similarity index 82%
rename from vendor/github.com/google/go-github/v55/github/issues_comments.go
rename to vendor/github.com/google/go-github/v72/github/issues_comments.go
index 17881c093d..74a4e60f7c 100644
--- a/vendor/github.com/google/go-github/v55/github/issues_comments.go
+++ b/vendor/github.com/google/go-github/v72/github/issues_comments.go
@@ -50,8 +50,11 @@ type IssueListCommentsOptions struct {
 // ListComments lists all comments on the specified issue. Specifying an issue
 // number of 0 will return all comments on all issues for the repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/comments#list-issue-comments
-// GitHub API docs: https://docs.github.com/en/rest/issues/comments#list-issue-comments-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/issues/comments#list-issue-comments
+// GitHub API docs: https://docs.github.com/rest/issues/comments#list-issue-comments-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/comments
+//meta:operation GET /repos/{owner}/{repo}/issues/{issue_number}/comments
 func (s *IssuesService) ListComments(ctx context.Context, owner string, repo string, number int, opts *IssueListCommentsOptions) ([]*IssueComment, *Response, error) {
 	var u string
 	if number == 0 {
@@ -83,7 +86,9 @@ func (s *IssuesService) ListComments(ctx context.Context, owner string, repo str
 
 // GetComment fetches the specified issue comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/comments#get-an-issue-comment
+// GitHub API docs: https://docs.github.com/rest/issues/comments#get-an-issue-comment
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/comments/{comment_id}
 func (s *IssuesService) GetComment(ctx context.Context, owner string, repo string, commentID int64) (*IssueComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/comments/%d", owner, repo, commentID)
 
@@ -106,7 +111,9 @@ func (s *IssuesService) GetComment(ctx context.Context, owner string, repo strin
 
 // CreateComment creates a new comment on the specified issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/comments#create-an-issue-comment
+// GitHub API docs: https://docs.github.com/rest/issues/comments#create-an-issue-comment
+//
+//meta:operation POST /repos/{owner}/{repo}/issues/{issue_number}/comments
 func (s *IssuesService) CreateComment(ctx context.Context, owner string, repo string, number int, comment *IssueComment) (*IssueComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%d/comments", owner, repo, number)
 	req, err := s.client.NewRequest("POST", u, comment)
@@ -125,7 +132,9 @@ func (s *IssuesService) CreateComment(ctx context.Context, owner string, repo st
 // EditComment updates an issue comment.
 // A non-nil comment.Body must be provided. Other comment fields should be left nil.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/comments#update-an-issue-comment
+// GitHub API docs: https://docs.github.com/rest/issues/comments#update-an-issue-comment
+//
+//meta:operation PATCH /repos/{owner}/{repo}/issues/comments/{comment_id}
 func (s *IssuesService) EditComment(ctx context.Context, owner string, repo string, commentID int64, comment *IssueComment) (*IssueComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/comments/%d", owner, repo, commentID)
 	req, err := s.client.NewRequest("PATCH", u, comment)
@@ -143,7 +152,9 @@ func (s *IssuesService) EditComment(ctx context.Context, owner string, repo stri
 
 // DeleteComment deletes an issue comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/comments#delete-an-issue-comment
+// GitHub API docs: https://docs.github.com/rest/issues/comments#delete-an-issue-comment
+//
+//meta:operation DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}
 func (s *IssuesService) DeleteComment(ctx context.Context, owner string, repo string, commentID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/comments/%d", owner, repo, commentID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/issues_events.go b/vendor/github.com/google/go-github/v72/github/issues_events.go
similarity index 75%
rename from vendor/github.com/google/go-github/v55/github/issues_events.go
rename to vendor/github.com/google/go-github/v72/github/issues_events.go
index ed07659170..8e234d7e02 100644
--- a/vendor/github.com/google/go-github/v55/github/issues_events.go
+++ b/vendor/github.com/google/go-github/v72/github/issues_events.go
@@ -18,6 +18,9 @@ type IssueEvent struct {
 	// The User that generated this event.
 	Actor *User `json:"actor,omitempty"`
 
+	// The action corresponding to the event.
+	Action string `json:"action,omitempty"`
+
 	// Event identifies the actual type of Event that occurred. Possible
 	// values are:
 	//
@@ -66,7 +69,7 @@ type IssueEvent struct {
 	//
 	//    review_requested, review_request_removed
 	//       The Actor requested or removed the request for a review.
-	//       RequestedReviewer and ReviewRequester will be populated below.
+	//       RequestedReviewer or RequestedTeam, and ReviewRequester will be populated below.
 	//
 	Event *string `json:"event,omitempty"`
 
@@ -74,17 +77,19 @@ type IssueEvent struct {
 	Issue     *Issue     `json:"issue,omitempty"`
 
 	// Only present on certain events; see above.
-	Assignee          *User            `json:"assignee,omitempty"`
-	Assigner          *User            `json:"assigner,omitempty"`
-	CommitID          *string          `json:"commit_id,omitempty"`
-	Milestone         *Milestone       `json:"milestone,omitempty"`
-	Label             *Label           `json:"label,omitempty"`
-	Rename            *Rename          `json:"rename,omitempty"`
-	LockReason        *string          `json:"lock_reason,omitempty"`
-	ProjectCard       *ProjectCard     `json:"project_card,omitempty"`
-	DismissedReview   *DismissedReview `json:"dismissed_review,omitempty"`
-	RequestedReviewer *User            `json:"requested_reviewer,omitempty"`
-	ReviewRequester   *User            `json:"review_requester,omitempty"`
+	Repository            *Repository      `json:"repository,omitempty"`
+	Assignee              *User            `json:"assignee,omitempty"`
+	Assigner              *User            `json:"assigner,omitempty"`
+	CommitID              *string          `json:"commit_id,omitempty"`
+	Milestone             *Milestone       `json:"milestone,omitempty"`
+	Label                 *Label           `json:"label,omitempty"`
+	Rename                *Rename          `json:"rename,omitempty"`
+	LockReason            *string          `json:"lock_reason,omitempty"`
+	DismissedReview       *DismissedReview `json:"dismissed_review,omitempty"`
+	RequestedReviewer     *User            `json:"requested_reviewer,omitempty"`
+	RequestedTeam         *Team            `json:"requested_team,omitempty"`
+	ReviewRequester       *User            `json:"review_requester,omitempty"`
+	PerformedViaGithubApp *App             `json:"performed_via_github_app,omitempty"`
 }
 
 // DismissedReview represents details for 'dismissed_review' events.
@@ -99,7 +104,9 @@ type DismissedReview struct {
 
 // ListIssueEvents lists events for the specified issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/events#list-issue-events
+// GitHub API docs: https://docs.github.com/rest/issues/events#list-issue-events
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/{issue_number}/events
 func (s *IssuesService) ListIssueEvents(ctx context.Context, owner, repo string, number int, opts *ListOptions) ([]*IssueEvent, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%v/events", owner, repo, number)
 	u, err := addOptions(u, opts)
@@ -125,7 +132,9 @@ func (s *IssuesService) ListIssueEvents(ctx context.Context, owner, repo string,
 
 // ListRepositoryEvents lists events for the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/events#list-issue-events-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/issues/events#list-issue-events-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/events
 func (s *IssuesService) ListRepositoryEvents(ctx context.Context, owner, repo string, opts *ListOptions) ([]*IssueEvent, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/events", owner, repo)
 	u, err := addOptions(u, opts)
@@ -149,7 +158,9 @@ func (s *IssuesService) ListRepositoryEvents(ctx context.Context, owner, repo st
 
 // GetEvent returns the specified issue event.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/events#get-an-issue-event
+// GitHub API docs: https://docs.github.com/rest/issues/events#get-an-issue-event
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/events/{event_id}
 func (s *IssuesService) GetEvent(ctx context.Context, owner, repo string, id int64) (*IssueEvent, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/events/%v", owner, repo, id)
 
diff --git a/vendor/github.com/google/go-github/v55/github/issues_labels.go b/vendor/github.com/google/go-github/v72/github/issues_labels.go
similarity index 76%
rename from vendor/github.com/google/go-github/v55/github/issues_labels.go
rename to vendor/github.com/google/go-github/v72/github/issues_labels.go
index d0f865c03f..b97b00f3e8 100644
--- a/vendor/github.com/google/go-github/v55/github/issues_labels.go
+++ b/vendor/github.com/google/go-github/v72/github/issues_labels.go
@@ -10,7 +10,7 @@ import (
 	"fmt"
 )
 
-// Label represents a GitHub label on an Issue
+// Label represents a GitHub label on an Issue.
 type Label struct {
 	ID          *int64  `json:"id,omitempty"`
 	URL         *string `json:"url,omitempty"`
@@ -27,7 +27,9 @@ func (l Label) String() string {
 
 // ListLabels lists all labels for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#list-labels-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/issues/labels#list-labels-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/labels
 func (s *IssuesService) ListLabels(ctx context.Context, owner string, repo string, opts *ListOptions) ([]*Label, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/labels", owner, repo)
 	u, err := addOptions(u, opts)
@@ -51,7 +53,9 @@ func (s *IssuesService) ListLabels(ctx context.Context, owner string, repo strin
 
 // GetLabel gets a single label.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#get-a-label
+// GitHub API docs: https://docs.github.com/rest/issues/labels#get-a-label
+//
+//meta:operation GET /repos/{owner}/{repo}/labels/{name}
 func (s *IssuesService) GetLabel(ctx context.Context, owner string, repo string, name string) (*Label, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/labels/%v", owner, repo, name)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -70,7 +74,9 @@ func (s *IssuesService) GetLabel(ctx context.Context, owner string, repo string,
 
 // CreateLabel creates a new label on the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#create-a-label
+// GitHub API docs: https://docs.github.com/rest/issues/labels#create-a-label
+//
+//meta:operation POST /repos/{owner}/{repo}/labels
 func (s *IssuesService) CreateLabel(ctx context.Context, owner string, repo string, label *Label) (*Label, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/labels", owner, repo)
 	req, err := s.client.NewRequest("POST", u, label)
@@ -89,7 +95,9 @@ func (s *IssuesService) CreateLabel(ctx context.Context, owner string, repo stri
 
 // EditLabel edits a label.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#update-a-label
+// GitHub API docs: https://docs.github.com/rest/issues/labels#update-a-label
+//
+//meta:operation PATCH /repos/{owner}/{repo}/labels/{name}
 func (s *IssuesService) EditLabel(ctx context.Context, owner string, repo string, name string, label *Label) (*Label, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/labels/%v", owner, repo, name)
 	req, err := s.client.NewRequest("PATCH", u, label)
@@ -108,7 +116,9 @@ func (s *IssuesService) EditLabel(ctx context.Context, owner string, repo string
 
 // DeleteLabel deletes a label.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#delete-a-label
+// GitHub API docs: https://docs.github.com/rest/issues/labels#delete-a-label
+//
+//meta:operation DELETE /repos/{owner}/{repo}/labels/{name}
 func (s *IssuesService) DeleteLabel(ctx context.Context, owner string, repo string, name string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/labels/%v", owner, repo, name)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -120,7 +130,9 @@ func (s *IssuesService) DeleteLabel(ctx context.Context, owner string, repo stri
 
 // ListLabelsByIssue lists all labels for an issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#list-labels-for-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/labels#list-labels-for-an-issue
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/{issue_number}/labels
 func (s *IssuesService) ListLabelsByIssue(ctx context.Context, owner string, repo string, number int, opts *ListOptions) ([]*Label, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%d/labels", owner, repo, number)
 	u, err := addOptions(u, opts)
@@ -144,7 +156,9 @@ func (s *IssuesService) ListLabelsByIssue(ctx context.Context, owner string, rep
 
 // AddLabelsToIssue adds labels to an issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#add-labels-to-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/labels#add-labels-to-an-issue
+//
+//meta:operation POST /repos/{owner}/{repo}/issues/{issue_number}/labels
 func (s *IssuesService) AddLabelsToIssue(ctx context.Context, owner string, repo string, number int, labels []string) ([]*Label, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%d/labels", owner, repo, number)
 	req, err := s.client.NewRequest("POST", u, labels)
@@ -163,7 +177,9 @@ func (s *IssuesService) AddLabelsToIssue(ctx context.Context, owner string, repo
 
 // RemoveLabelForIssue removes a label for an issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#remove-a-label-from-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/labels#remove-a-label-from-an-issue
+//
+//meta:operation DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels/{name}
 func (s *IssuesService) RemoveLabelForIssue(ctx context.Context, owner string, repo string, number int, label string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%d/labels/%v", owner, repo, number, label)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -176,7 +192,9 @@ func (s *IssuesService) RemoveLabelForIssue(ctx context.Context, owner string, r
 
 // ReplaceLabelsForIssue replaces all labels for an issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#set-labels-for-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/labels#set-labels-for-an-issue
+//
+//meta:operation PUT /repos/{owner}/{repo}/issues/{issue_number}/labels
 func (s *IssuesService) ReplaceLabelsForIssue(ctx context.Context, owner string, repo string, number int, labels []string) ([]*Label, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%d/labels", owner, repo, number)
 	req, err := s.client.NewRequest("PUT", u, labels)
@@ -195,7 +213,9 @@ func (s *IssuesService) ReplaceLabelsForIssue(ctx context.Context, owner string,
 
 // RemoveLabelsForIssue removes all labels for an issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#remove-all-labels-from-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/labels#remove-all-labels-from-an-issue
+//
+//meta:operation DELETE /repos/{owner}/{repo}/issues/{issue_number}/labels
 func (s *IssuesService) RemoveLabelsForIssue(ctx context.Context, owner string, repo string, number int) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%d/labels", owner, repo, number)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -208,7 +228,9 @@ func (s *IssuesService) RemoveLabelsForIssue(ctx context.Context, owner string,
 
 // ListLabelsForMilestone lists labels for every issue in a milestone.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/labels#list-labels-for-issues-in-a-milestone
+// GitHub API docs: https://docs.github.com/rest/issues/labels#list-labels-for-issues-in-a-milestone
+//
+//meta:operation GET /repos/{owner}/{repo}/milestones/{milestone_number}/labels
 func (s *IssuesService) ListLabelsForMilestone(ctx context.Context, owner string, repo string, number int, opts *ListOptions) ([]*Label, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/milestones/%d/labels", owner, repo, number)
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v55/github/issues_milestones.go b/vendor/github.com/google/go-github/v72/github/issues_milestones.go
similarity index 84%
rename from vendor/github.com/google/go-github/v55/github/issues_milestones.go
rename to vendor/github.com/google/go-github/v72/github/issues_milestones.go
index 897c7c0b6d..6c31bcd054 100644
--- a/vendor/github.com/google/go-github/v55/github/issues_milestones.go
+++ b/vendor/github.com/google/go-github/v72/github/issues_milestones.go
@@ -54,7 +54,9 @@ type MilestoneListOptions struct {
 
 // ListMilestones lists all milestones for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/milestones#list-milestones
+// GitHub API docs: https://docs.github.com/rest/issues/milestones#list-milestones
+//
+//meta:operation GET /repos/{owner}/{repo}/milestones
 func (s *IssuesService) ListMilestones(ctx context.Context, owner string, repo string, opts *MilestoneListOptions) ([]*Milestone, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/milestones", owner, repo)
 	u, err := addOptions(u, opts)
@@ -78,7 +80,9 @@ func (s *IssuesService) ListMilestones(ctx context.Context, owner string, repo s
 
 // GetMilestone gets a single milestone.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/milestones#get-a-milestone
+// GitHub API docs: https://docs.github.com/rest/issues/milestones#get-a-milestone
+//
+//meta:operation GET /repos/{owner}/{repo}/milestones/{milestone_number}
 func (s *IssuesService) GetMilestone(ctx context.Context, owner string, repo string, number int) (*Milestone, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/milestones/%d", owner, repo, number)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -97,7 +101,9 @@ func (s *IssuesService) GetMilestone(ctx context.Context, owner string, repo str
 
 // CreateMilestone creates a new milestone on the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/milestones#create-a-milestone
+// GitHub API docs: https://docs.github.com/rest/issues/milestones#create-a-milestone
+//
+//meta:operation POST /repos/{owner}/{repo}/milestones
 func (s *IssuesService) CreateMilestone(ctx context.Context, owner string, repo string, milestone *Milestone) (*Milestone, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/milestones", owner, repo)
 	req, err := s.client.NewRequest("POST", u, milestone)
@@ -116,7 +122,9 @@ func (s *IssuesService) CreateMilestone(ctx context.Context, owner string, repo
 
 // EditMilestone edits a milestone.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/milestones#update-a-milestone
+// GitHub API docs: https://docs.github.com/rest/issues/milestones#update-a-milestone
+//
+//meta:operation PATCH /repos/{owner}/{repo}/milestones/{milestone_number}
 func (s *IssuesService) EditMilestone(ctx context.Context, owner string, repo string, number int, milestone *Milestone) (*Milestone, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/milestones/%d", owner, repo, number)
 	req, err := s.client.NewRequest("PATCH", u, milestone)
@@ -135,7 +143,9 @@ func (s *IssuesService) EditMilestone(ctx context.Context, owner string, repo st
 
 // DeleteMilestone deletes a milestone.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/milestones#delete-a-milestone
+// GitHub API docs: https://docs.github.com/rest/issues/milestones#delete-a-milestone
+//
+//meta:operation DELETE /repos/{owner}/{repo}/milestones/{milestone_number}
 func (s *IssuesService) DeleteMilestone(ctx context.Context, owner string, repo string, number int) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/milestones/%d", owner, repo, number)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/issues_timeline.go b/vendor/github.com/google/go-github/v72/github/issues_timeline.go
similarity index 89%
rename from vendor/github.com/google/go-github/v55/github/issues_timeline.go
rename to vendor/github.com/google/go-github/v72/github/issues_timeline.go
index 9c73e6176d..903f5b89c3 100644
--- a/vendor/github.com/google/go-github/v55/github/issues_timeline.go
+++ b/vendor/github.com/google/go-github/v72/github/issues_timeline.go
@@ -14,7 +14,7 @@ import (
 // Timeline represents an event that occurred around an Issue or Pull Request.
 //
 // It is similar to an IssueEvent but may contain more information.
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/events/issue-event-types
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/events/issue-event-types
 type Timeline struct {
 	ID        *int64  `json:"id,omitempty"`
 	URL       *string `json:"url,omitempty"`
@@ -97,6 +97,14 @@ type Timeline struct {
 	//     reviewed
 	//       The pull request was reviewed.
 	//
+	//     review_requested
+	//       The actor requested a review from a user or team.
+	//       Reviewer and Requester/RequestedTeam will be populated.
+	//
+	//     review_request_removed
+	//       The actor removed a review request from a user or team.
+	//       Reviewer and Requester/RequestedTeam will be populated.
+	//
 	//     subscribed
 	//       The actor subscribed to receive notifications for an issue.
 	//
@@ -134,8 +142,7 @@ type Timeline struct {
 	Source *Source `json:"source,omitempty"`
 	// An object containing rename details including 'from' and 'to' attributes.
 	// Only provided for 'renamed' events.
-	Rename      *Rename      `json:"rename,omitempty"`
-	ProjectCard *ProjectCard `json:"project_card,omitempty"`
+	Rename *Rename `json:"rename,omitempty"`
 	// The state of a submitted review. Can be one of: 'commented',
 	// 'changes_requested' or 'approved'.
 	// Only provided for 'reviewed' events.
@@ -151,6 +158,8 @@ type Timeline struct {
 	// The review summary text.
 	Body        *string    `json:"body,omitempty"`
 	SubmittedAt *Timestamp `json:"submitted_at,omitempty"`
+
+	PerformedViaGithubApp *App `json:"performed_via_github_app,omitempty"`
 }
 
 // Source represents a reference's source.
@@ -164,7 +173,9 @@ type Source struct {
 
 // ListIssueTimeline lists events for the specified issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/issues/timeline#list-timeline-events-for-an-issue
+// GitHub API docs: https://docs.github.com/rest/issues/timeline#list-timeline-events-for-an-issue
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/{issue_number}/timeline
 func (s *IssuesService) ListIssueTimeline(ctx context.Context, owner, repo string, number int, opts *ListOptions) ([]*Timeline, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%v/timeline", owner, repo, number)
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v55/github/licenses.go b/vendor/github.com/google/go-github/v72/github/licenses.go
similarity index 89%
rename from vendor/github.com/google/go-github/v55/github/licenses.go
rename to vendor/github.com/google/go-github/v72/github/licenses.go
index 0877b6d183..34b8a3d8af 100644
--- a/vendor/github.com/google/go-github/v55/github/licenses.go
+++ b/vendor/github.com/google/go-github/v72/github/licenses.go
@@ -13,7 +13,7 @@ import (
 // LicensesService handles communication with the license related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/licenses/
+// GitHub API docs: https://docs.github.com/rest/licenses/
 type LicensesService service
 
 // RepositoryLicense represents the license for a repository.
@@ -60,7 +60,9 @@ func (l License) String() string {
 
 // List popular open source licenses.
 //
-// GitHub API docs: https://docs.github.com/en/rest/licenses/#list-all-licenses
+// GitHub API docs: https://docs.github.com/rest/licenses/licenses#get-all-commonly-used-licenses
+//
+//meta:operation GET /licenses
 func (s *LicensesService) List(ctx context.Context) ([]*License, *Response, error) {
 	req, err := s.client.NewRequest("GET", "licenses", nil)
 	if err != nil {
@@ -78,7 +80,9 @@ func (s *LicensesService) List(ctx context.Context) ([]*License, *Response, erro
 
 // Get extended metadata for one license.
 //
-// GitHub API docs: https://docs.github.com/en/rest/licenses#get-a-license
+// GitHub API docs: https://docs.github.com/rest/licenses/licenses#get-a-license
+//
+//meta:operation GET /licenses/{license}
 func (s *LicensesService) Get(ctx context.Context, licenseName string) (*License, *Response, error) {
 	u := fmt.Sprintf("licenses/%s", licenseName)
 
diff --git a/vendor/github.com/google/go-github/v72/github/markdown.go b/vendor/github.com/google/go-github/v72/github/markdown.go
new file mode 100644
index 0000000000..0fd896c6c8
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/markdown.go
@@ -0,0 +1,69 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"bytes"
+	"context"
+)
+
+// MarkdownService provides access to markdown-related functions in the GitHub API.
+type MarkdownService service
+
+// MarkdownOptions specifies optional parameters to the Render method.
+type MarkdownOptions struct {
+	// Mode identifies the rendering mode. Possible values are:
+	//   markdown - render a document as plain Render, just like
+	//   README files are rendered.
+	//
+	//   gfm - to render a document as user-content, e.g. like user
+	//   comments or issues are rendered. In GFM mode, hard line breaks are
+	//   always taken into account, and issue and user mentions are linked
+	//   accordingly.
+	//
+	// Default is "markdown".
+	Mode string
+
+	// Context identifies the repository context. Only taken into account
+	// when rendering as "gfm".
+	Context string
+}
+
+type markdownRenderRequest struct {
+	Text    *string `json:"text,omitempty"`
+	Mode    *string `json:"mode,omitempty"`
+	Context *string `json:"context,omitempty"`
+}
+
+// Render renders an arbitrary Render document.
+//
+// GitHub API docs: https://docs.github.com/rest/markdown/markdown#render-a-markdown-document
+//
+//meta:operation POST /markdown
+func (s *MarkdownService) Render(ctx context.Context, text string, opts *MarkdownOptions) (string, *Response, error) {
+	request := &markdownRenderRequest{Text: Ptr(text)}
+	if opts != nil {
+		if opts.Mode != "" {
+			request.Mode = Ptr(opts.Mode)
+		}
+		if opts.Context != "" {
+			request.Context = Ptr(opts.Context)
+		}
+	}
+
+	req, err := s.client.NewRequest("POST", "markdown", request)
+	if err != nil {
+		return "", nil, err
+	}
+
+	buf := new(bytes.Buffer)
+	resp, err := s.client.Do(ctx, req, buf)
+	if err != nil {
+		return "", resp, err
+	}
+
+	return buf.String(), resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/messages.go b/vendor/github.com/google/go-github/v72/github/messages.go
similarity index 67%
rename from vendor/github.com/google/go-github/v55/github/messages.go
rename to vendor/github.com/google/go-github/v72/github/messages.go
index c16b601528..2b5cce7504 100644
--- a/vendor/github.com/google/go-github/v55/github/messages.go
+++ b/vendor/github.com/google/go-github/v72/github/messages.go
@@ -46,75 +46,80 @@ const (
 var (
 	// eventTypeMapping maps webhooks types to their corresponding go-github struct types.
 	eventTypeMapping = map[string]interface{}{
-		"branch_protection_rule":         &BranchProtectionRuleEvent{},
-		"check_run":                      &CheckRunEvent{},
-		"check_suite":                    &CheckSuiteEvent{},
-		"code_scanning_alert":            &CodeScanningAlertEvent{},
-		"commit_comment":                 &CommitCommentEvent{},
-		"content_reference":              &ContentReferenceEvent{},
-		"create":                         &CreateEvent{},
-		"delete":                         &DeleteEvent{},
-		"dependabot_alert":               &DependabotAlertEvent{},
-		"deploy_key":                     &DeployKeyEvent{},
-		"deployment":                     &DeploymentEvent{},
-		"deployment_status":              &DeploymentStatusEvent{},
-		"deployment_protection_rule":     &DeploymentProtectionRuleEvent{},
-		"discussion":                     &DiscussionEvent{},
-		"discussion_comment":             &DiscussionCommentEvent{},
-		"fork":                           &ForkEvent{},
-		"github_app_authorization":       &GitHubAppAuthorizationEvent{},
-		"gollum":                         &GollumEvent{},
-		"installation":                   &InstallationEvent{},
-		"installation_repositories":      &InstallationRepositoriesEvent{},
-		"installation_target":            &InstallationTargetEvent{},
-		"issue_comment":                  &IssueCommentEvent{},
-		"issues":                         &IssuesEvent{},
-		"label":                          &LabelEvent{},
-		"marketplace_purchase":           &MarketplacePurchaseEvent{},
-		"member":                         &MemberEvent{},
-		"membership":                     &MembershipEvent{},
-		"merge_group":                    &MergeGroupEvent{},
-		"meta":                           &MetaEvent{},
-		"milestone":                      &MilestoneEvent{},
-		"organization":                   &OrganizationEvent{},
-		"org_block":                      &OrgBlockEvent{},
-		"package":                        &PackageEvent{},
-		"page_build":                     &PageBuildEvent{},
-		"personal_access_token_request":  &PersonalAccessTokenRequestEvent{},
-		"ping":                           &PingEvent{},
-		"project":                        &ProjectEvent{},
-		"project_card":                   &ProjectCardEvent{},
-		"project_column":                 &ProjectColumnEvent{},
-		"projects_v2":                    &ProjectV2Event{},
-		"projects_v2_item":               &ProjectV2ItemEvent{},
-		"public":                         &PublicEvent{},
-		"pull_request":                   &PullRequestEvent{},
-		"pull_request_review":            &PullRequestReviewEvent{},
-		"pull_request_review_comment":    &PullRequestReviewCommentEvent{},
-		"pull_request_review_thread":     &PullRequestReviewThreadEvent{},
-		"pull_request_target":            &PullRequestTargetEvent{},
-		"push":                           &PushEvent{},
-		"repository":                     &RepositoryEvent{},
-		"repository_dispatch":            &RepositoryDispatchEvent{},
-		"repository_import":              &RepositoryImportEvent{},
-		"repository_vulnerability_alert": &RepositoryVulnerabilityAlertEvent{},
-		"release":                        &ReleaseEvent{},
-		"secret_scanning_alert":          &SecretScanningAlertEvent{},
-		"security_advisory":              &SecurityAdvisoryEvent{},
-		"security_and_analysis":          &SecurityAndAnalysisEvent{},
-		"star":                           &StarEvent{},
-		"status":                         &StatusEvent{},
-		"team":                           &TeamEvent{},
-		"team_add":                       &TeamAddEvent{},
-		"user":                           &UserEvent{},
-		"watch":                          &WatchEvent{},
-		"workflow_dispatch":              &WorkflowDispatchEvent{},
-		"workflow_job":                   &WorkflowJobEvent{},
-		"workflow_run":                   &WorkflowRunEvent{},
+		"branch_protection_configuration": &BranchProtectionConfigurationEvent{},
+		"branch_protection_rule":          &BranchProtectionRuleEvent{},
+		"check_run":                       &CheckRunEvent{},
+		"check_suite":                     &CheckSuiteEvent{},
+		"code_scanning_alert":             &CodeScanningAlertEvent{},
+		"commit_comment":                  &CommitCommentEvent{},
+		"content_reference":               &ContentReferenceEvent{},
+		"create":                          &CreateEvent{},
+		"custom_property":                 &CustomPropertyEvent{},
+		"custom_property_values":          &CustomPropertyValuesEvent{},
+		"delete":                          &DeleteEvent{},
+		"dependabot_alert":                &DependabotAlertEvent{},
+		"deploy_key":                      &DeployKeyEvent{},
+		"deployment":                      &DeploymentEvent{},
+		"deployment_review":               &DeploymentReviewEvent{},
+		"deployment_status":               &DeploymentStatusEvent{},
+		"deployment_protection_rule":      &DeploymentProtectionRuleEvent{},
+		"discussion":                      &DiscussionEvent{},
+		"discussion_comment":              &DiscussionCommentEvent{},
+		"fork":                            &ForkEvent{},
+		"github_app_authorization":        &GitHubAppAuthorizationEvent{},
+		"gollum":                          &GollumEvent{},
+		"installation":                    &InstallationEvent{},
+		"installation_repositories":       &InstallationRepositoriesEvent{},
+		"installation_target":             &InstallationTargetEvent{},
+		"issue_comment":                   &IssueCommentEvent{},
+		"issues":                          &IssuesEvent{},
+		"label":                           &LabelEvent{},
+		"marketplace_purchase":            &MarketplacePurchaseEvent{},
+		"member":                          &MemberEvent{},
+		"membership":                      &MembershipEvent{},
+		"merge_group":                     &MergeGroupEvent{},
+		"meta":                            &MetaEvent{},
+		"milestone":                       &MilestoneEvent{},
+		"organization":                    &OrganizationEvent{},
+		"org_block":                       &OrgBlockEvent{},
+		"package":                         &PackageEvent{},
+		"page_build":                      &PageBuildEvent{},
+		"personal_access_token_request":   &PersonalAccessTokenRequestEvent{},
+		"ping":                            &PingEvent{},
+		"projects_v2":                     &ProjectV2Event{},
+		"projects_v2_item":                &ProjectV2ItemEvent{},
+		"public":                          &PublicEvent{},
+		"pull_request":                    &PullRequestEvent{},
+		"pull_request_review":             &PullRequestReviewEvent{},
+		"pull_request_review_comment":     &PullRequestReviewCommentEvent{},
+		"pull_request_review_thread":      &PullRequestReviewThreadEvent{},
+		"pull_request_target":             &PullRequestTargetEvent{},
+		"push":                            &PushEvent{},
+		"registry_package":                &RegistryPackageEvent{},
+		"repository":                      &RepositoryEvent{},
+		"repository_dispatch":             &RepositoryDispatchEvent{},
+		"repository_import":               &RepositoryImportEvent{},
+		"repository_ruleset":              &RepositoryRulesetEvent{},
+		"repository_vulnerability_alert":  &RepositoryVulnerabilityAlertEvent{},
+		"release":                         &ReleaseEvent{},
+		"secret_scanning_alert":           &SecretScanningAlertEvent{},
+		"secret_scanning_alert_location":  &SecretScanningAlertLocationEvent{},
+		"security_advisory":               &SecurityAdvisoryEvent{},
+		"security_and_analysis":           &SecurityAndAnalysisEvent{},
+		"sponsorship":                     &SponsorshipEvent{},
+		"star":                            &StarEvent{},
+		"status":                          &StatusEvent{},
+		"team":                            &TeamEvent{},
+		"team_add":                        &TeamAddEvent{},
+		"user":                            &UserEvent{},
+		"watch":                           &WatchEvent{},
+		"workflow_dispatch":               &WorkflowDispatchEvent{},
+		"workflow_job":                    &WorkflowJobEvent{},
+		"workflow_run":                    &WorkflowRunEvent{},
 	}
-	// forward mapping of event types to the string names of the structs
+	// Forward mapping of event types to the string names of the structs.
 	messageToTypeName = make(map[string]string, len(eventTypeMapping))
-	// Inverse map of the above
+	// Inverse map of the above.
 	typeToMessageMapping = make(map[string]string, len(eventTypeMapping))
 )
 
@@ -281,14 +286,14 @@ func ValidateSignature(signature string, payload, secretToken []byte) error {
 
 // WebHookType returns the event type of webhook request r.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/events/github-event-types
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/events/github-event-types
 func WebHookType(r *http.Request) string {
 	return r.Header.Get(EventTypeHeader)
 }
 
 // DeliveryID returns the unique delivery ID of webhook request r.
 //
-// GitHub API docs: https://docs.github.com/en/developers/webhooks-and-events/events/github-event-types
+// GitHub API docs: https://docs.github.com/developers/webhooks-and-events/events/github-event-types
 func DeliveryID(r *http.Request) string {
 	return r.Header.Get(DeliveryIDHeader)
 }
@@ -326,7 +331,7 @@ func ParseWebHook(messageType string, payload []byte) (interface{}, error) {
 	return event.ParsePayload()
 }
 
-// WebhookTypes returns a sorted list of all the known GitHub event type strings
+// MessageTypes returns a sorted list of all the known GitHub event type strings
 // supported by go-github.
 func MessageTypes() []string {
 	types := make([]string, 0, len(eventTypeMapping))
diff --git a/vendor/github.com/google/go-github/v72/github/meta.go b/vendor/github.com/google/go-github/v72/github/meta.go
new file mode 100644
index 0000000000..6923535692
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/meta.go
@@ -0,0 +1,188 @@
+// Copyright 2014 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"bytes"
+	"context"
+	"fmt"
+	"net/url"
+)
+
+// MetaService provides access to functions in the GitHub API that GitHub categorizes as "meta".
+type MetaService service
+
+// APIMeta represents metadata about the GitHub API.
+type APIMeta struct {
+	// An array of IP addresses in CIDR format specifying the addresses
+	// that incoming service hooks will originate from on GitHub.com.
+	Hooks []string `json:"hooks,omitempty"`
+
+	// An array of IP addresses in CIDR format specifying the Git servers
+	// for GitHub.com.
+	Git []string `json:"git,omitempty"`
+
+	// Whether authentication with username and password is supported.
+	// (GitHub Enterprise instances using CAS or OAuth for authentication
+	// will return false. Features like Basic Authentication with a
+	// username and password, sudo mode, and two-factor authentication are
+	// not supported on these servers.)
+	VerifiablePasswordAuthentication *bool `json:"verifiable_password_authentication,omitempty"`
+
+	// An array of IP addresses in CIDR format specifying the addresses
+	// which serve GitHub Packages.
+	Packages []string `json:"packages,omitempty"`
+
+	// An array of IP addresses in CIDR format specifying the addresses
+	// which serve GitHub Pages websites.
+	Pages []string `json:"pages,omitempty"`
+
+	// An array of IP addresses specifying the addresses that source imports
+	// will originate from on GitHub.com.
+	Importer []string `json:"importer,omitempty"`
+
+	// An array of IP addresses specifying the addresses that source imports
+	// will originate from on GitHub Enterprise Cloud.
+	GithubEnterpriseImporter []string `json:"github_enterprise_importer,omitempty"`
+
+	// An array of IP addresses in CIDR format specifying the IP addresses
+	// GitHub Actions will originate from.
+	Actions []string `json:"actions,omitempty"`
+
+	// An array of IP addresses in CIDR format specifying the IP addresses
+	// GitHub Action macOS runner will originate from.
+	ActionsMacos []string `json:"actions_macos,omitempty"`
+
+	// An array of IP addresses in CIDR format specifying the IP addresses
+	// Dependabot will originate from.
+	Dependabot []string `json:"dependabot,omitempty"`
+
+	// A map of algorithms to SSH key fingerprints.
+	SSHKeyFingerprints map[string]string `json:"ssh_key_fingerprints,omitempty"`
+
+	// An array of SSH keys.
+	SSHKeys []string `json:"ssh_keys,omitempty"`
+
+	// An array of IP addresses in CIDR format specifying the addresses
+	// which serve GitHub websites.
+	Web []string `json:"web,omitempty"`
+
+	// An array of IP addresses in CIDR format specifying the addresses
+	// which serve GitHub APIs.
+	API []string `json:"api,omitempty"`
+
+	// GitHub services and their associated domains. Note that many of these domains
+	// are represented as wildcards (e.g. "*.github.com").
+	Domains *APIMetaDomains `json:"domains,omitempty"`
+}
+
+// APIMetaDomains represents the domains associated with GitHub services.
+type APIMetaDomains struct {
+	Website              []string                     `json:"website,omitempty"`
+	Codespaces           []string                     `json:"codespaces,omitempty"`
+	Copilot              []string                     `json:"copilot,omitempty"`
+	Packages             []string                     `json:"packages,omitempty"`
+	Actions              []string                     `json:"actions,omitempty"`
+	ArtifactAttestations *APIMetaArtifactAttestations `json:"artifact_attestations,omitempty"`
+}
+
+// APIMetaArtifactAttestations represents the artifact attestation services domains.
+type APIMetaArtifactAttestations struct {
+	TrustDomain string   `json:"trust_domain,omitempty"`
+	Services    []string `json:"services,omitempty"`
+}
+
+// Get returns information about GitHub.com, the service. Or, if you access
+// this endpoint on your organization’s GitHub Enterprise installation, this
+// endpoint provides information about that installation.
+//
+// GitHub API docs: https://docs.github.com/rest/meta/meta#get-github-meta-information
+//
+//meta:operation GET /meta
+func (s *MetaService) Get(ctx context.Context) (*APIMeta, *Response, error) {
+	req, err := s.client.NewRequest("GET", "meta", nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	meta := new(APIMeta)
+	resp, err := s.client.Do(ctx, req, meta)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return meta, resp, nil
+}
+
+// APIMeta returns information about GitHub.com.
+//
+// Deprecated: Use MetaService.Get instead.
+func (c *Client) APIMeta(ctx context.Context) (*APIMeta, *Response, error) {
+	return c.Meta.Get(ctx)
+}
+
+// Octocat returns an ASCII art octocat with the specified message in a speech
+// bubble. If message is empty, a random zen phrase is used.
+//
+// GitHub API docs: https://docs.github.com/rest/meta/meta#get-octocat
+//
+//meta:operation GET /octocat
+func (s *MetaService) Octocat(ctx context.Context, message string) (string, *Response, error) {
+	u := "octocat"
+	if message != "" {
+		u = fmt.Sprintf("%s?s=%s", u, url.QueryEscape(message))
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return "", nil, err
+	}
+
+	buf := new(bytes.Buffer)
+	resp, err := s.client.Do(ctx, req, buf)
+	if err != nil {
+		return "", resp, err
+	}
+
+	return buf.String(), resp, nil
+}
+
+// Octocat returns an ASCII art octocat with the specified message in a speech
+// bubble. If message is empty, a random zen phrase is used.
+//
+// Deprecated: Use MetaService.Octocat instead.
+func (c *Client) Octocat(ctx context.Context, message string) (string, *Response, error) {
+	return c.Meta.Octocat(ctx, message)
+}
+
+// Zen returns a random line from The Zen of GitHub.
+//
+// See also: http://warpspire.com/posts/taste/
+//
+// GitHub API docs: https://docs.github.com/rest/meta/meta#get-the-zen-of-github
+//
+//meta:operation GET /zen
+func (s *MetaService) Zen(ctx context.Context) (string, *Response, error) {
+	req, err := s.client.NewRequest("GET", "zen", nil)
+	if err != nil {
+		return "", nil, err
+	}
+
+	buf := new(bytes.Buffer)
+	resp, err := s.client.Do(ctx, req, buf)
+	if err != nil {
+		return "", resp, err
+	}
+
+	return buf.String(), resp, nil
+}
+
+// Zen returns a random line from The Zen of GitHub.
+//
+// Deprecated: Use MetaService.Zen instead.
+func (c *Client) Zen(ctx context.Context) (string, *Response, error) {
+	return c.Meta.Zen(ctx)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/migrations.go b/vendor/github.com/google/go-github/v72/github/migrations.go
similarity index 85%
rename from vendor/github.com/google/go-github/v55/github/migrations.go
rename to vendor/github.com/google/go-github/v72/github/migrations.go
index 67989c0789..766c4c38e1 100644
--- a/vendor/github.com/google/go-github/v55/github/migrations.go
+++ b/vendor/github.com/google/go-github/v72/github/migrations.go
@@ -16,7 +16,7 @@ import (
 // MigrationService provides access to the migration related functions
 // in the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migration/
+// GitHub API docs: https://docs.github.com/rest/migration/
 type MigrationService service
 
 // Migration represents a GitHub migration (archival).
@@ -74,14 +74,16 @@ type startMigration struct {
 // StartMigration starts the generation of a migration archive.
 // repos is a slice of repository names to migrate.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/orgs#start-an-organization-migration
+// GitHub API docs: https://docs.github.com/rest/migrations/orgs#start-an-organization-migration
+//
+//meta:operation POST /orgs/{org}/migrations
 func (s *MigrationService) StartMigration(ctx context.Context, org string, repos []string, opts *MigrationOptions) (*Migration, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/migrations", org)
 
 	body := &startMigration{Repositories: repos}
 	if opts != nil {
-		body.LockRepositories = Bool(opts.LockRepositories)
-		body.ExcludeAttachments = Bool(opts.ExcludeAttachments)
+		body.LockRepositories = Ptr(opts.LockRepositories)
+		body.ExcludeAttachments = Ptr(opts.ExcludeAttachments)
 	}
 
 	req, err := s.client.NewRequest("POST", u, body)
@@ -103,7 +105,9 @@ func (s *MigrationService) StartMigration(ctx context.Context, org string, repos
 
 // ListMigrations lists the most recent migrations.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/orgs#list-organization-migrations
+// GitHub API docs: https://docs.github.com/rest/migrations/orgs#list-organization-migrations
+//
+//meta:operation GET /orgs/{org}/migrations
 func (s *MigrationService) ListMigrations(ctx context.Context, org string, opts *ListOptions) ([]*Migration, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/migrations", org)
 	u, err := addOptions(u, opts)
@@ -131,7 +135,9 @@ func (s *MigrationService) ListMigrations(ctx context.Context, org string, opts
 // MigrationStatus gets the status of a specific migration archive.
 // id is the migration ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/orgs#get-an-organization-migration-status
+// GitHub API docs: https://docs.github.com/rest/migrations/orgs#get-an-organization-migration-status
+//
+//meta:operation GET /orgs/{org}/migrations/{migration_id}
 func (s *MigrationService) MigrationStatus(ctx context.Context, org string, id int64) (*Migration, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/migrations/%v", org, id)
 
@@ -155,7 +161,9 @@ func (s *MigrationService) MigrationStatus(ctx context.Context, org string, id i
 // MigrationArchiveURL fetches a migration archive URL.
 // id is the migration ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/orgs#download-an-organization-migration-archive
+// GitHub API docs: https://docs.github.com/rest/migrations/orgs#download-an-organization-migration-archive
+//
+//meta:operation GET /orgs/{org}/migrations/{migration_id}/archive
 func (s *MigrationService) MigrationArchiveURL(ctx context.Context, org string, id int64) (url string, err error) {
 	u := fmt.Sprintf("orgs/%v/migrations/%v/archive", org, id)
 
@@ -192,7 +200,9 @@ func (s *MigrationService) MigrationArchiveURL(ctx context.Context, org string,
 // DeleteMigration deletes a previous migration archive.
 // id is the migration ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/orgs#delete-an-organization-migration-archive
+// GitHub API docs: https://docs.github.com/rest/migrations/orgs#delete-an-organization-migration-archive
+//
+//meta:operation DELETE /orgs/{org}/migrations/{migration_id}/archive
 func (s *MigrationService) DeleteMigration(ctx context.Context, org string, id int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/migrations/%v/archive", org, id)
 
@@ -212,7 +222,9 @@ func (s *MigrationService) DeleteMigration(ctx context.Context, org string, id i
 // You should unlock each migrated repository and delete them when the migration
 // is complete and you no longer need the source data.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/orgs#unlock-an-organization-repository
+// GitHub API docs: https://docs.github.com/rest/migrations/orgs#unlock-an-organization-repository
+//
+//meta:operation DELETE /orgs/{org}/migrations/{migration_id}/repos/{repo_name}/lock
 func (s *MigrationService) UnlockRepo(ctx context.Context, org string, id int64, repo string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/migrations/%v/repos/%v/lock", org, id, repo)
 
diff --git a/vendor/github.com/google/go-github/v55/github/migrations_source_import.go b/vendor/github.com/google/go-github/v72/github/migrations_source_import.go
similarity index 87%
rename from vendor/github.com/google/go-github/v55/github/migrations_source_import.go
rename to vendor/github.com/google/go-github/v72/github/migrations_source_import.go
index 74a04b22a4..f484b77d47 100644
--- a/vendor/github.com/google/go-github/v55/github/migrations_source_import.go
+++ b/vendor/github.com/google/go-github/v72/github/migrations_source_import.go
@@ -76,7 +76,7 @@ type Import struct {
 	//         Contact GitHub support for more information.
 	//     detection_needs_auth - the importer requires authentication for
 	//         the originating repository to continue detection. Make an
-	//         UpdatImport request, and include VCSUsername and
+	//         UpdateImport request, and include VCSUsername and
 	//         VCSPassword.
 	//     detection_found_nothing - the importer didn't recognize any
 	//         source control at the URL.
@@ -115,7 +115,7 @@ func (i Import) String() string {
 
 // SourceImportAuthor identifies an author imported from a source repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migration/source_imports/#get-commit-authors
+// GitHub API docs: https://docs.github.com/rest/migration/source_imports/#get-commit-authors
 type SourceImportAuthor struct {
 	ID         *int64  `json:"id,omitempty"`
 	RemoteID   *string `json:"remote_id,omitempty"`
@@ -132,7 +132,7 @@ func (a SourceImportAuthor) String() string {
 
 // LargeFile identifies a file larger than 100MB found during a repository import.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migration/source_imports/#get-large-files
+// GitHub API docs: https://docs.github.com/rest/migration/source_imports/#get-large-files
 type LargeFile struct {
 	RefName *string `json:"ref_name,omitempty"`
 	Path    *string `json:"path,omitempty"`
@@ -146,7 +146,9 @@ func (f LargeFile) String() string {
 
 // StartImport initiates a repository import.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/source-imports#start-an-import
+// GitHub API docs: https://docs.github.com/rest/migrations/source-imports#start-an-import
+//
+//meta:operation PUT /repos/{owner}/{repo}/import
 func (s *MigrationService) StartImport(ctx context.Context, owner, repo string, in *Import) (*Import, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import", owner, repo)
 	req, err := s.client.NewRequest("PUT", u, in)
@@ -165,7 +167,9 @@ func (s *MigrationService) StartImport(ctx context.Context, owner, repo string,
 
 // ImportProgress queries for the status and progress of an ongoing repository import.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/source-imports#get-an-import-status
+// GitHub API docs: https://docs.github.com/rest/migrations/source-imports#get-an-import-status
+//
+//meta:operation GET /repos/{owner}/{repo}/import
 func (s *MigrationService) ImportProgress(ctx context.Context, owner, repo string) (*Import, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -184,7 +188,9 @@ func (s *MigrationService) ImportProgress(ctx context.Context, owner, repo strin
 
 // UpdateImport initiates a repository import.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/source-imports#update-an-import
+// GitHub API docs: https://docs.github.com/rest/migrations/source-imports#update-an-import
+//
+//meta:operation PATCH /repos/{owner}/{repo}/import
 func (s *MigrationService) UpdateImport(ctx context.Context, owner, repo string, in *Import) (*Import, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import", owner, repo)
 	req, err := s.client.NewRequest("PATCH", u, in)
@@ -213,7 +219,9 @@ func (s *MigrationService) UpdateImport(ctx context.Context, owner, repo string,
 // This method and MapCommitAuthor allow you to provide correct Git author
 // information.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/source-imports#get-commit-authors
+// GitHub API docs: https://docs.github.com/rest/migrations/source-imports#get-commit-authors
+//
+//meta:operation GET /repos/{owner}/{repo}/import/authors
 func (s *MigrationService) CommitAuthors(ctx context.Context, owner, repo string) ([]*SourceImportAuthor, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import/authors", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -234,7 +242,9 @@ func (s *MigrationService) CommitAuthors(ctx context.Context, owner, repo string
 // application can continue updating authors any time before you push new
 // commits to the repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/source-imports#map-a-commit-author
+// GitHub API docs: https://docs.github.com/rest/migrations/source-imports#map-a-commit-author
+//
+//meta:operation PATCH /repos/{owner}/{repo}/import/authors/{author_id}
 func (s *MigrationService) MapCommitAuthor(ctx context.Context, owner, repo string, id int64, author *SourceImportAuthor) (*SourceImportAuthor, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import/authors/%v", owner, repo, id)
 	req, err := s.client.NewRequest("PATCH", u, author)
@@ -255,7 +265,9 @@ func (s *MigrationService) MapCommitAuthor(ctx context.Context, owner, repo stri
 // files larger than 100MB. Only the UseLFS field on the provided Import is
 // used.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/source-imports#update-git-lfs-preference
+// GitHub API docs: https://docs.github.com/rest/migrations/source-imports#update-git-lfs-preference
+//
+//meta:operation PATCH /repos/{owner}/{repo}/import/lfs
 func (s *MigrationService) SetLFSPreference(ctx context.Context, owner, repo string, in *Import) (*Import, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import/lfs", owner, repo)
 	req, err := s.client.NewRequest("PATCH", u, in)
@@ -274,7 +286,9 @@ func (s *MigrationService) SetLFSPreference(ctx context.Context, owner, repo str
 
 // LargeFiles lists files larger than 100MB found during the import.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/source-imports#get-large-files
+// GitHub API docs: https://docs.github.com/rest/migrations/source-imports#get-large-files
+//
+//meta:operation GET /repos/{owner}/{repo}/import/large_files
 func (s *MigrationService) LargeFiles(ctx context.Context, owner, repo string) ([]*LargeFile, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import/large_files", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -293,7 +307,9 @@ func (s *MigrationService) LargeFiles(ctx context.Context, owner, repo string) (
 
 // CancelImport stops an import for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/source-imports#cancel-an-import
+// GitHub API docs: https://docs.github.com/rest/migrations/source-imports#cancel-an-import
+//
+//meta:operation DELETE /repos/{owner}/{repo}/import
 func (s *MigrationService) CancelImport(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/import", owner, repo)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/migrations_user.go b/vendor/github.com/google/go-github/v72/github/migrations_user.go
similarity index 86%
rename from vendor/github.com/google/go-github/v55/github/migrations_user.go
rename to vendor/github.com/google/go-github/v72/github/migrations_user.go
index 6586fdb2d3..a7bd79499a 100644
--- a/vendor/github.com/google/go-github/v55/github/migrations_user.go
+++ b/vendor/github.com/google/go-github/v72/github/migrations_user.go
@@ -67,14 +67,16 @@ type startUserMigration struct {
 // StartUserMigration starts the generation of a migration archive.
 // repos is a slice of repository names to migrate.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/users#start-a-user-migration
+// GitHub API docs: https://docs.github.com/rest/migrations/users#start-a-user-migration
+//
+//meta:operation POST /user/migrations
 func (s *MigrationService) StartUserMigration(ctx context.Context, repos []string, opts *UserMigrationOptions) (*UserMigration, *Response, error) {
 	u := "user/migrations"
 
 	body := &startUserMigration{Repositories: repos}
 	if opts != nil {
-		body.LockRepositories = Bool(opts.LockRepositories)
-		body.ExcludeAttachments = Bool(opts.ExcludeAttachments)
+		body.LockRepositories = Ptr(opts.LockRepositories)
+		body.ExcludeAttachments = Ptr(opts.ExcludeAttachments)
 	}
 
 	req, err := s.client.NewRequest("POST", u, body)
@@ -96,7 +98,9 @@ func (s *MigrationService) StartUserMigration(ctx context.Context, repos []strin
 
 // ListUserMigrations lists the most recent migrations.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/users#list-user-migrations
+// GitHub API docs: https://docs.github.com/rest/migrations/users#list-user-migrations
+//
+//meta:operation GET /user/migrations
 func (s *MigrationService) ListUserMigrations(ctx context.Context, opts *ListOptions) ([]*UserMigration, *Response, error) {
 	u := "user/migrations"
 	u, err := addOptions(u, opts)
@@ -124,7 +128,9 @@ func (s *MigrationService) ListUserMigrations(ctx context.Context, opts *ListOpt
 // UserMigrationStatus gets the status of a specific migration archive.
 // id is the migration ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/users#get-a-user-migration-status
+// GitHub API docs: https://docs.github.com/rest/migrations/users#get-a-user-migration-status
+//
+//meta:operation GET /user/migrations/{migration_id}
 func (s *MigrationService) UserMigrationStatus(ctx context.Context, id int64) (*UserMigration, *Response, error) {
 	u := fmt.Sprintf("user/migrations/%v", id)
 
@@ -148,7 +154,9 @@ func (s *MigrationService) UserMigrationStatus(ctx context.Context, id int64) (*
 // UserMigrationArchiveURL gets the URL for a specific migration archive.
 // id is the migration ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/users#download-a-user-migration-archive
+// GitHub API docs: https://docs.github.com/rest/migrations/users#download-a-user-migration-archive
+//
+//meta:operation GET /user/migrations/{migration_id}/archive
 func (s *MigrationService) UserMigrationArchiveURL(ctx context.Context, id int64) (string, error) {
 	url := fmt.Sprintf("user/migrations/%v/archive", id)
 
@@ -182,7 +190,9 @@ func (s *MigrationService) UserMigrationArchiveURL(ctx context.Context, id int64
 // DeleteUserMigration will delete a previous migration archive.
 // id is the migration ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/users#delete-a-user-migration-archive
+// GitHub API docs: https://docs.github.com/rest/migrations/users#delete-a-user-migration-archive
+//
+//meta:operation DELETE /user/migrations/{migration_id}/archive
 func (s *MigrationService) DeleteUserMigration(ctx context.Context, id int64) (*Response, error) {
 	url := fmt.Sprintf("user/migrations/%v/archive", id)
 
@@ -202,7 +212,9 @@ func (s *MigrationService) DeleteUserMigration(ctx context.Context, id int64) (*
 // You should unlock each migrated repository and delete them when the migration
 // is complete and you no longer need the source data.
 //
-// GitHub API docs: https://docs.github.com/en/rest/migrations/users#unlock-a-user-repository
+// GitHub API docs: https://docs.github.com/rest/migrations/users#unlock-a-user-repository
+//
+//meta:operation DELETE /user/migrations/{migration_id}/repos/{repo_name}/lock
 func (s *MigrationService) UnlockUserRepo(ctx context.Context, id int64, repo string) (*Response, error) {
 	url := fmt.Sprintf("user/migrations/%v/repos/%v/lock", id, repo)
 
diff --git a/vendor/github.com/google/go-github/v55/github/orgs.go b/vendor/github.com/google/go-github/v72/github/orgs.go
similarity index 90%
rename from vendor/github.com/google/go-github/v55/github/orgs.go
rename to vendor/github.com/google/go-github/v72/github/orgs.go
index 0c7e361b3f..27c0f10284 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs.go
@@ -13,7 +13,7 @@ import (
 // OrganizationsService provides access to the organization related functions
 // in the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/
+// GitHub API docs: https://docs.github.com/rest/orgs/
 type OrganizationsService service
 
 // Organization represents a GitHub organization account.
@@ -95,6 +95,8 @@ type Organization struct {
 	SecretScanningEnabledForNewRepos *bool `json:"secret_scanning_enabled_for_new_repositories,omitempty"`
 	// SecretScanningPushProtectionEnabledForNewRepos toggles whether secret scanning push protection is enabled on new repositories.
 	SecretScanningPushProtectionEnabledForNewRepos *bool `json:"secret_scanning_push_protection_enabled_for_new_repositories,omitempty"`
+	// SecretScanningValidityChecksEnabled toggles whether secret scanning validity check is enabled.
+	SecretScanningValidityChecksEnabled *bool `json:"secret_scanning_validity_checks_enabled,omitempty"`
 
 	// API URLs
 	URL              *string `json:"url,omitempty"`
@@ -148,7 +150,9 @@ type OrganizationsListOptions struct {
 // listing the next set of organizations, use the ID of the last-returned organization
 // as the opts.Since parameter for the next call.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/orgs#list-organizations
+// GitHub API docs: https://docs.github.com/rest/orgs/orgs#list-organizations
+//
+//meta:operation GET /organizations
 func (s *OrganizationsService) ListAll(ctx context.Context, opts *OrganizationsListOptions) ([]*Organization, *Response, error) {
 	u, err := addOptions("organizations", opts)
 	if err != nil {
@@ -171,8 +175,11 @@ func (s *OrganizationsService) ListAll(ctx context.Context, opts *OrganizationsL
 // List the organizations for a user. Passing the empty string will list
 // organizations for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/orgs#list-organizations-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/orgs/orgs#list-organizations-for-a-user
+// GitHub API docs: https://docs.github.com/rest/orgs/orgs#list-organizations-for-a-user
+// GitHub API docs: https://docs.github.com/rest/orgs/orgs#list-organizations-for-the-authenticated-user
+//
+//meta:operation GET /user/orgs
+//meta:operation GET /users/{username}/orgs
 func (s *OrganizationsService) List(ctx context.Context, user string, opts *ListOptions) ([]*Organization, *Response, error) {
 	var u string
 	if user != "" {
@@ -201,7 +208,9 @@ func (s *OrganizationsService) List(ctx context.Context, user string, opts *List
 
 // Get fetches an organization by name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/orgs#get-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/orgs#get-an-organization
+//
+//meta:operation GET /orgs/{org}
 func (s *OrganizationsService) Get(ctx context.Context, org string) (*Organization, *Response, error) {
 	u := fmt.Sprintf("orgs/%v", org)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -223,7 +232,9 @@ func (s *OrganizationsService) Get(ctx context.Context, org string) (*Organizati
 
 // GetByID fetches an organization.
 //
-// Note: GetByID uses the undocumented GitHub API endpoint /organizations/:id.
+// Note: GetByID uses the undocumented GitHub API endpoint "GET /organizations/{organization_id}".
+//
+//meta:operation GET /organizations/{organization_id}
 func (s *OrganizationsService) GetByID(ctx context.Context, id int64) (*Organization, *Response, error) {
 	u := fmt.Sprintf("organizations/%d", id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -242,7 +253,9 @@ func (s *OrganizationsService) GetByID(ctx context.Context, id int64) (*Organiza
 
 // Edit an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/orgs#update-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/orgs#update-an-organization
+//
+//meta:operation PATCH /orgs/{org}
 func (s *OrganizationsService) Edit(ctx context.Context, name string, org *Organization) (*Organization, *Response, error) {
 	u := fmt.Sprintf("orgs/%v", name)
 	req, err := s.client.NewRequest("PATCH", u, org)
@@ -264,7 +277,9 @@ func (s *OrganizationsService) Edit(ctx context.Context, name string, org *Organ
 
 // Delete an organization by name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/orgs#delete-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/orgs#delete-an-organization
+//
+//meta:operation DELETE /orgs/{org}
 func (s *OrganizationsService) Delete(ctx context.Context, org string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v", org)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -277,7 +292,9 @@ func (s *OrganizationsService) Delete(ctx context.Context, org string) (*Respons
 
 // ListInstallations lists installations for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/orgs#list-app-installations-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/orgs#list-app-installations-for-an-organization
+//
+//meta:operation GET /orgs/{org}/installations
 func (s *OrganizationsService) ListInstallations(ctx context.Context, org string, opts *ListOptions) (*OrganizationInstallations, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/installations", org)
 
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_actions_allowed.go b/vendor/github.com/google/go-github/v72/github/orgs_actions_allowed.go
new file mode 100644
index 0000000000..b115e094a4
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_actions_allowed.go
@@ -0,0 +1,34 @@
+// Copyright 2021 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+)
+
+// GetActionsAllowed gets the actions that are allowed in an organization.
+//
+// Deprecated: please use `client.Actions.GetActionsAllowed` instead.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#get-allowed-actions-and-reusable-workflows-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/permissions/selected-actions
+func (s *OrganizationsService) GetActionsAllowed(ctx context.Context, org string) (*ActionsAllowed, *Response, error) {
+	s2 := (*ActionsService)(s)
+	return s2.GetActionsAllowed(ctx, org)
+}
+
+// EditActionsAllowed sets the actions that are allowed in an organization.
+//
+// Deprecated: please use `client.Actions.EditActionsAllowed` instead.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-allowed-actions-and-reusable-workflows-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/permissions/selected-actions
+func (s *OrganizationsService) EditActionsAllowed(ctx context.Context, org string, actionsAllowed ActionsAllowed) (*ActionsAllowed, *Response, error) {
+	s2 := (*ActionsService)(s)
+	return s2.EditActionsAllowed(ctx, org, actionsAllowed)
+}
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_actions_permissions.go b/vendor/github.com/google/go-github/v72/github/orgs_actions_permissions.go
new file mode 100644
index 0000000000..97df1c967e
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_actions_permissions.go
@@ -0,0 +1,34 @@
+// Copyright 2021 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+)
+
+// GetActionsPermissions gets the GitHub Actions permissions policy for repositories and allowed actions in an organization.
+//
+// Deprecated: please use `client.Actions.GetActionsPermissions` instead.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#get-github-actions-permissions-for-an-organization
+//
+//meta:operation GET /orgs/{org}/actions/permissions
+func (s *OrganizationsService) GetActionsPermissions(ctx context.Context, org string) (*ActionsPermissions, *Response, error) {
+	s2 := (*ActionsService)(s)
+	return s2.GetActionsPermissions(ctx, org)
+}
+
+// EditActionsPermissions sets the permissions policy for repositories and allowed actions in an organization.
+//
+// Deprecated: please use `client.Actions.EditActionsPermissions` instead.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-github-actions-permissions-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/actions/permissions
+func (s *OrganizationsService) EditActionsPermissions(ctx context.Context, org string, actionsPermissions ActionsPermissions) (*ActionsPermissions, *Response, error) {
+	s2 := (*ActionsService)(s)
+	return s2.EditActionsPermissions(ctx, org, actionsPermissions)
+}
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_attestations.go b/vendor/github.com/google/go-github/v72/github/orgs_attestations.go
new file mode 100644
index 0000000000..3d5793c18f
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_attestations.go
@@ -0,0 +1,40 @@
+// Copyright 2024 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ListAttestations returns a collection of artifact attestations
+// with a given subject digest that are associated with repositories
+// owned by an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/orgs#list-attestations
+//
+//meta:operation GET /orgs/{org}/attestations/{subject_digest}
+func (s *OrganizationsService) ListAttestations(ctx context.Context, org, subjectDigest string, opts *ListOptions) (*AttestationsResponse, *Response, error) {
+	var u = fmt.Sprintf("orgs/%v/attestations/%v", org, subjectDigest)
+
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var attestations *AttestationsResponse
+	resp, err := s.client.Do(ctx, req, &attestations)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return attestations, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_audit_log.go b/vendor/github.com/google/go-github/v72/github/orgs_audit_log.go
new file mode 100644
index 0000000000..025c5d0232
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_audit_log.go
@@ -0,0 +1,142 @@
+// Copyright 2021 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+)
+
+// GetAuditLogOptions sets up optional parameters to query audit-log endpoint.
+type GetAuditLogOptions struct {
+	Phrase  *string `url:"phrase,omitempty"`  // A search phrase. (Optional.)
+	Include *string `url:"include,omitempty"` // Event type includes. Can be one of "web", "git", "all". Default: "web". (Optional.)
+	Order   *string `url:"order,omitempty"`   // The order of audit log events. Can be one of "asc" or "desc". Default: "desc". (Optional.)
+
+	ListCursorOptions
+}
+
+// ActorLocation contains information about reported location for an actor.
+type ActorLocation struct {
+	CountryCode *string `json:"country_code,omitempty"`
+}
+
+// AuditEntry describes the fields that may be represented by various audit-log "action" entries.
+// There are many other fields that may be present depending on the action. You can access those
+// in AdditionalFields.
+// For a list of actions see - https://docs.github.com/github/setting-up-and-managing-organizations-and-teams/reviewing-the-audit-log-for-your-organization#audit-log-actions
+type AuditEntry struct {
+	Action                   *string        `json:"action,omitempty"` // The name of the action that was performed, for example `user.login` or `repo.create`.
+	Actor                    *string        `json:"actor,omitempty"`  // The actor who performed the action.
+	ActorID                  *int64         `json:"actor_id,omitempty"`
+	ActorLocation            *ActorLocation `json:"actor_location,omitempty"`
+	Business                 *string        `json:"business,omitempty"`
+	BusinessID               *int64         `json:"business_id,omitempty"`
+	CreatedAt                *Timestamp     `json:"created_at,omitempty"`
+	DocumentID               *string        `json:"_document_id,omitempty"`
+	ExternalIdentityNameID   *string        `json:"external_identity_nameid,omitempty"`
+	ExternalIdentityUsername *string        `json:"external_identity_username,omitempty"`
+	HashedToken              *string        `json:"hashed_token,omitempty"`
+	Org                      *string        `json:"org,omitempty"`
+	OrgID                    *int64         `json:"org_id,omitempty"`
+	Timestamp                *Timestamp     `json:"@timestamp,omitempty"` // The time the audit log event occurred, given as a [Unix timestamp](http://en.wikipedia.org/wiki/Unix_time).
+	TokenID                  *int64         `json:"token_id,omitempty"`
+	TokenScopes              *string        `json:"token_scopes,omitempty"`
+	User                     *string        `json:"user,omitempty"` // The user that was affected by the action performed (if available).
+	UserID                   *int64         `json:"user_id,omitempty"`
+
+	// Some events types have a data field that contains additional information about the event.
+	Data map[string]interface{} `json:"data,omitempty"`
+
+	// All fields that are not explicitly defined in the struct are captured here.
+	AdditionalFields map[string]interface{} `json:"-"`
+}
+
+func (a *AuditEntry) UnmarshalJSON(data []byte) error {
+	type entryAlias AuditEntry
+	var v entryAlias
+	if err := json.Unmarshal(data, &v); err != nil {
+		return err
+	}
+
+	rawDefinedFields, err := json.Marshal(v)
+	if err != nil {
+		return err
+	}
+	definedFields := map[string]interface{}{}
+	if err := json.Unmarshal(rawDefinedFields, &definedFields); err != nil {
+		return err
+	}
+
+	if err := json.Unmarshal(data, &v.AdditionalFields); err != nil {
+		return err
+	}
+
+	for key, val := range v.AdditionalFields {
+		if _, ok := definedFields[key]; ok || val == nil {
+			delete(v.AdditionalFields, key)
+		}
+	}
+
+	*a = AuditEntry(v)
+	if len(v.AdditionalFields) == 0 {
+		a.AdditionalFields = nil
+	}
+	return nil
+}
+
+func (a *AuditEntry) MarshalJSON() ([]byte, error) {
+	type entryAlias AuditEntry
+	v := entryAlias(*a)
+	defBytes, err := json.Marshal(v)
+	if err != nil {
+		return nil, err
+	}
+	if len(a.AdditionalFields) == 0 {
+		return defBytes, err
+	}
+	resMap := map[string]interface{}{}
+	if err := json.Unmarshal(defBytes, &resMap); err != nil {
+		return nil, err
+	}
+	for key, val := range a.AdditionalFields {
+		if val == nil {
+			continue
+		}
+		if _, ok := resMap[key]; ok {
+			return nil, fmt.Errorf("unexpected field in AdditionalFields: %v", key)
+		}
+		resMap[key] = val
+	}
+	return json.Marshal(resMap)
+}
+
+// GetAuditLog gets the audit-log entries for an organization.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/orgs#get-the-audit-log-for-an-organization
+//
+//meta:operation GET /orgs/{org}/audit-log
+func (s *OrganizationsService) GetAuditLog(ctx context.Context, org string, opts *GetAuditLogOptions) ([]*AuditEntry, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/audit-log", org)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var auditEntries []*AuditEntry
+	resp, err := s.client.Do(ctx, req, &auditEntries)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return auditEntries, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_codesecurity_configurations.go b/vendor/github.com/google/go-github/v72/github/orgs_codesecurity_configurations.go
new file mode 100644
index 0000000000..b25845a4e8
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_codesecurity_configurations.go
@@ -0,0 +1,284 @@
+// Copyright 2024 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+)
+
+// DependencyGraphAutosubmitActionOptions represents the options for the DependencyGraphAutosubmitAction.
+type DependencyGraphAutosubmitActionOptions struct {
+	LabeledRunners *bool `json:"labeled_runners,omitempty"`
+}
+
+// CodeSecurityConfiguration represents a code security configuration.
+type CodeSecurityConfiguration struct {
+	ID                                     *int64                                  `json:"id,omitempty"`
+	TargetType                             *string                                 `json:"target_type,omitempty"`
+	Name                                   *string                                 `json:"name"`
+	Description                            *string                                 `json:"description,omitempty"`
+	AdvancedSecurity                       *string                                 `json:"advanced_security,omitempty"`
+	DependencyGraph                        *string                                 `json:"dependency_graph,omitempty"`
+	DependencyGraphAutosubmitAction        *string                                 `json:"dependency_graph_autosubmit_action,omitempty"`
+	DependencyGraphAutosubmitActionOptions *DependencyGraphAutosubmitActionOptions `json:"dependency_graph_autosubmit_action_options,omitempty"`
+	DependabotAlerts                       *string                                 `json:"dependabot_alerts,omitempty"`
+	DependabotSecurityUpdates              *string                                 `json:"dependabot_security_updates,omitempty"`
+	CodeScanningDefaultSetup               *string                                 `json:"code_scanning_default_setup,omitempty"`
+	SecretScanning                         *string                                 `json:"secret_scanning,omitempty"`
+	SecretScanningPushProtection           *string                                 `json:"secret_scanning_push_protection,omitempty"`
+	SecretScanningValidityChecks           *string                                 `json:"secret_scanning_validity_checks,omitempty"`
+	SecretScanningNonProviderPatterns      *string                                 `json:"secret_scanning_non_provider_patterns,omitempty"`
+	PrivateVulnerabilityReporting          *string                                 `json:"private_vulnerability_reporting,omitempty"`
+	Enforcement                            *string                                 `json:"enforcement,omitempty"`
+	URL                                    *string                                 `json:"url,omitempty"`
+	HTMLURL                                *string                                 `json:"html_url,omitempty"`
+	CreatedAt                              *Timestamp                              `json:"created_at,omitempty"`
+	UpdatedAt                              *Timestamp                              `json:"updated_at,omitempty"`
+}
+
+// CodeSecurityConfigurationWithDefaultForNewRepos represents a code security configuration with default for new repos param.
+type CodeSecurityConfigurationWithDefaultForNewRepos struct {
+	Configuration      *CodeSecurityConfiguration `json:"configuration"`
+	DefaultForNewRepos *string                    `json:"default_for_new_repos"`
+}
+
+// RepositoryCodeSecurityConfiguration represents a code security configuration for a repository.
+type RepositoryCodeSecurityConfiguration struct {
+	State         *string                    `json:"state,omitempty"`
+	Configuration *CodeSecurityConfiguration `json:"configuration,omitempty"`
+}
+
+// GetCodeSecurityConfigurations gets code security configurations for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#get-code-security-configurations-for-an-organization
+//
+//meta:operation GET /orgs/{org}/code-security/configurations
+func (s *OrganizationsService) GetCodeSecurityConfigurations(ctx context.Context, org string) ([]*CodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var configurations []*CodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &configurations)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configurations, resp, nil
+}
+
+// CreateCodeSecurityConfiguration creates a code security configuration for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#create-a-code-security-configuration
+//
+//meta:operation POST /orgs/{org}/code-security/configurations
+func (s *OrganizationsService) CreateCodeSecurityConfiguration(ctx context.Context, org string, c *CodeSecurityConfiguration) (*CodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations", org)
+
+	req, err := s.client.NewRequest("POST", u, c)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var configuration *CodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &configuration)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configuration, resp, nil
+}
+
+// GetDefaultCodeSecurityConfigurations gets default code security configurations for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#get-default-code-security-configurations
+//
+//meta:operation GET /orgs/{org}/code-security/configurations/defaults
+func (s *OrganizationsService) GetDefaultCodeSecurityConfigurations(ctx context.Context, org string) ([]*CodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/defaults", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var configurations []*CodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &configurations)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configurations, resp, nil
+}
+
+// DetachCodeSecurityConfigurationsFromRepositories detaches code security configuration from an organization's repositories.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#detach-configurations-from-repositories
+//
+//meta:operation DELETE /orgs/{org}/code-security/configurations/detach
+func (s *OrganizationsService) DetachCodeSecurityConfigurationsFromRepositories(ctx context.Context, org string, repoIDs []int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/detach", org)
+	type selectedRepoIDs struct {
+		SelectedIDs []int64 `json:"selected_repository_ids"`
+	}
+	req, err := s.client.NewRequest("DELETE", u, selectedRepoIDs{SelectedIDs: repoIDs})
+	if err != nil {
+		return nil, err
+	}
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+	return resp, nil
+}
+
+// GetCodeSecurityConfiguration gets a code security configuration available in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#get-a-code-security-configuration
+//
+//meta:operation GET /orgs/{org}/code-security/configurations/{configuration_id}
+func (s *OrganizationsService) GetCodeSecurityConfiguration(ctx context.Context, org string, id int64) (*CodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v", org, id)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var configuration *CodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &configuration)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configuration, resp, nil
+}
+
+// UpdateCodeSecurityConfiguration updates a code security configuration for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#update-a-code-security-configuration
+//
+//meta:operation PATCH /orgs/{org}/code-security/configurations/{configuration_id}
+func (s *OrganizationsService) UpdateCodeSecurityConfiguration(ctx context.Context, org string, id int64, c *CodeSecurityConfiguration) (*CodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v", org, id)
+
+	req, err := s.client.NewRequest("PATCH", u, c)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var configuration *CodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &configuration)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configuration, resp, nil
+}
+
+// DeleteCodeSecurityConfiguration deletes a code security configuration for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#delete-a-code-security-configuration
+//
+//meta:operation DELETE /orgs/{org}/code-security/configurations/{configuration_id}
+func (s *OrganizationsService) DeleteCodeSecurityConfiguration(ctx context.Context, org string, id int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v", org, id)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+	return resp, nil
+}
+
+// AttachCodeSecurityConfigurationsToRepositories attaches code security configurations to repositories for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#attach-a-configuration-to-repositories
+//
+//meta:operation POST /orgs/{org}/code-security/configurations/{configuration_id}/attach
+func (s *OrganizationsService) AttachCodeSecurityConfigurationsToRepositories(ctx context.Context, org string, id int64, scope string, repoIDs []int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v/attach", org, id)
+	type selectedRepoIDs struct {
+		Scope       string  `json:"scope"`
+		SelectedIDs []int64 `json:"selected_repository_ids,omitempty"`
+	}
+	req, err := s.client.NewRequest("POST", u, selectedRepoIDs{Scope: scope, SelectedIDs: repoIDs})
+	if err != nil {
+		return nil, err
+	}
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil && resp.StatusCode != http.StatusAccepted { // StatusAccepted(202) is the expected status code as job is queued for processing
+		return resp, err
+	}
+	return resp, nil
+}
+
+// SetDefaultCodeSecurityConfiguration sets a code security configuration as the default for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#set-a-code-security-configuration-as-a-default-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/code-security/configurations/{configuration_id}/defaults
+func (s *OrganizationsService) SetDefaultCodeSecurityConfiguration(ctx context.Context, org string, id int64, newReposParam string) (*CodeSecurityConfigurationWithDefaultForNewRepos, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v/defaults", org, id)
+	type configParam struct {
+		DefaultForNewRepos string `json:"default_for_new_repos"`
+	}
+	req, err := s.client.NewRequest("PUT", u, configParam{DefaultForNewRepos: newReposParam})
+	if err != nil {
+		return nil, nil, err
+	}
+	var c *CodeSecurityConfigurationWithDefaultForNewRepos
+	resp, err := s.client.Do(ctx, req, &c)
+	if err != nil {
+		return nil, resp, err
+	}
+	return c, resp, nil
+}
+
+// GetRepositoriesForCodeSecurityConfiguration gets repositories associated with a code security configuration.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#get-repositories-associated-with-a-code-security-configuration
+//
+//meta:operation GET /orgs/{org}/code-security/configurations/{configuration_id}/repositories
+func (s *OrganizationsService) GetRepositoriesForCodeSecurityConfiguration(ctx context.Context, org string, id int64) ([]*Repository, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v/repositories", org, id)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var repositories []*Repository
+	resp, err := s.client.Do(ctx, req, &repositories)
+	if err != nil {
+		return nil, resp, err
+	}
+	return repositories, resp, nil
+}
+
+// GetCodeSecurityConfigurationForRepository gets code security configuration that manages a repository's code security settings.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#get-the-code-security-configuration-associated-with-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/code-security-configuration
+func (s *OrganizationsService) GetCodeSecurityConfigurationForRepository(ctx context.Context, org, repo string) (*RepositoryCodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/code-security-configuration", org, repo)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+	var repoConfig *RepositoryCodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &repoConfig)
+	if err != nil {
+		return nil, resp, err
+	}
+	return repoConfig, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_credential_authorizations.go b/vendor/github.com/google/go-github/v72/github/orgs_credential_authorizations.go
similarity index 74%
rename from vendor/github.com/google/go-github/v55/github/orgs_credential_authorizations.go
rename to vendor/github.com/google/go-github/v72/github/orgs_credential_authorizations.go
index 6d56fe8f79..dca42433c3 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs_credential_authorizations.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs_credential_authorizations.go
@@ -55,11 +55,23 @@ type CredentialAuthorization struct {
 	AuthorizedCredentialExpiresAt *Timestamp `json:"authorized_credential_expires_at,omitempty"`
 }
 
+// CredentialAuthorizationsListOptions adds the Login option as supported by the
+// list SAML SSO authorizations for organizations endpoint alongside paging options
+// such as Page and PerPage.
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/orgs#list-saml-sso-authorizations-for-an-organization
+type CredentialAuthorizationsListOptions struct {
+	ListOptions
+	// For credentials authorizations for an organization, limit the list of authorizations to a specific login (aka github username)
+	Login string `url:"login,omitempty"`
+}
+
 // ListCredentialAuthorizations lists credentials authorized through SAML SSO
 // for a given organization. Only available with GitHub Enterprise Cloud.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/orgs/orgs?apiVersion=2022-11-28#list-saml-sso-authorizations-for-an-organization
-func (s *OrganizationsService) ListCredentialAuthorizations(ctx context.Context, org string, opts *ListOptions) ([]*CredentialAuthorization, *Response, error) {
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/orgs#list-saml-sso-authorizations-for-an-organization
+//
+//meta:operation GET /orgs/{org}/credential-authorizations
+func (s *OrganizationsService) ListCredentialAuthorizations(ctx context.Context, org string, opts *CredentialAuthorizationsListOptions) ([]*CredentialAuthorization, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/credential-authorizations", org)
 	u, err := addOptions(u, opts)
 	if err != nil {
@@ -83,7 +95,9 @@ func (s *OrganizationsService) ListCredentialAuthorizations(ctx context.Context,
 // RemoveCredentialAuthorization revokes the SAML SSO authorization for a given
 // credential within an organization. Only available with GitHub Enterprise Cloud.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/orgs/orgs?apiVersion=2022-11-28#remove-a-saml-sso-authorization-for-an-organization
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/orgs#remove-a-saml-sso-authorization-for-an-organization
+//
+//meta:operation DELETE /orgs/{org}/credential-authorizations/{credential_id}
 func (s *OrganizationsService) RemoveCredentialAuthorization(ctx context.Context, org string, credentialID int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/credential-authorizations/%v", org, credentialID)
 	req, err := s.client.NewRequest(http.MethodDelete, u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_custom_roles.go b/vendor/github.com/google/go-github/v72/github/orgs_custom_repository_roles.go
similarity index 53%
rename from vendor/github.com/google/go-github/v55/github/orgs_custom_roles.go
rename to vendor/github.com/google/go-github/v72/github/orgs_custom_repository_roles.go
index 7c1b2d6292..44408db141 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs_custom_roles.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs_custom_repository_roles.go
@@ -1,4 +1,4 @@
-// Copyright 2022 The go-github AUTHORS. All rights reserved.
+// Copyright 2024 The go-github AUTHORS. All rights reserved.
 //
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
@@ -17,20 +17,33 @@ type OrganizationCustomRepoRoles struct {
 }
 
 // CustomRepoRoles represents custom repository roles for an organization.
-// See https://docs.github.com/en/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization
+// See https://docs.github.com/enterprise-cloud@latest/organizations/managing-peoples-access-to-your-organization-with-roles/managing-custom-repository-roles-for-an-organization
 // for more information.
 type CustomRepoRoles struct {
-	ID          *int64   `json:"id,omitempty"`
+	ID          *int64        `json:"id,omitempty"`
+	Name        *string       `json:"name,omitempty"`
+	Description *string       `json:"description,omitempty"`
+	BaseRole    *string       `json:"base_role,omitempty"`
+	Permissions []string      `json:"permissions,omitempty"`
+	Org         *Organization `json:"organization,omitempty"`
+	CreatedAt   *Timestamp    `json:"created_at,omitempty"`
+	UpdatedAt   *Timestamp    `json:"updated_at,omitempty"`
+}
+
+// CreateOrUpdateCustomRepoRoleOptions represents options required to create or update a custom repository role.
+type CreateOrUpdateCustomRepoRoleOptions struct {
 	Name        *string  `json:"name,omitempty"`
 	Description *string  `json:"description,omitempty"`
 	BaseRole    *string  `json:"base_role,omitempty"`
-	Permissions []string `json:"permissions,omitempty"`
+	Permissions []string `json:"permissions"`
 }
 
 // ListCustomRepoRoles lists the custom repository roles available in this organization.
 // In order to see custom repository roles in an organization, the authenticated user must be an organization owner.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/custom-roles#list-custom-repository-roles-in-an-organization
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/custom-roles#list-custom-repository-roles-in-an-organization
+//
+//meta:operation GET /orgs/{org}/custom-repository-roles
 func (s *OrganizationsService) ListCustomRepoRoles(ctx context.Context, org string) (*OrganizationCustomRepoRoles, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/custom-repository-roles", org)
 
@@ -48,19 +61,36 @@ func (s *OrganizationsService) ListCustomRepoRoles(ctx context.Context, org stri
 	return customRepoRoles, resp, nil
 }
 
-// CreateOrUpdateCustomRoleOptions represents options required to create or update a custom repository role.
-type CreateOrUpdateCustomRoleOptions struct {
-	Name        *string  `json:"name,omitempty"`
-	Description *string  `json:"description,omitempty"`
-	BaseRole    *string  `json:"base_role,omitempty"`
-	Permissions []string `json:"permissions,omitempty"`
+// GetCustomRepoRole gets a custom repository roles available in this organization.
+// In order to see custom repository roles in an organization, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/custom-roles#get-a-custom-repository-role
+//
+//meta:operation GET /orgs/{org}/custom-repository-roles/{role_id}
+func (s *OrganizationsService) GetCustomRepoRole(ctx context.Context, org string, roleID int64) (*CustomRepoRoles, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/custom-repository-roles/%v", org, roleID)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	resultingRole := new(CustomRepoRoles)
+	resp, err := s.client.Do(ctx, req, resultingRole)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return resultingRole, resp, nil
 }
 
 // CreateCustomRepoRole creates a custom repository role in this organization.
 // In order to create custom repository roles in an organization, the authenticated user must be an organization owner.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/custom-roles#create-a-custom-repository-role
-func (s *OrganizationsService) CreateCustomRepoRole(ctx context.Context, org string, opts *CreateOrUpdateCustomRoleOptions) (*CustomRepoRoles, *Response, error) {
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/custom-roles#create-a-custom-repository-role
+//
+//meta:operation POST /orgs/{org}/custom-repository-roles
+func (s *OrganizationsService) CreateCustomRepoRole(ctx context.Context, org string, opts *CreateOrUpdateCustomRepoRoleOptions) (*CustomRepoRoles, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/custom-repository-roles", org)
 
 	req, err := s.client.NewRequest("POST", u, opts)
@@ -80,8 +110,10 @@ func (s *OrganizationsService) CreateCustomRepoRole(ctx context.Context, org str
 // UpdateCustomRepoRole updates a custom repository role in this organization.
 // In order to update custom repository roles in an organization, the authenticated user must be an organization owner.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/custom-roles#update-a-custom-repository-role
-func (s *OrganizationsService) UpdateCustomRepoRole(ctx context.Context, org, roleID string, opts *CreateOrUpdateCustomRoleOptions) (*CustomRepoRoles, *Response, error) {
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/custom-roles#update-a-custom-repository-role
+//
+//meta:operation PATCH /orgs/{org}/custom-repository-roles/{role_id}
+func (s *OrganizationsService) UpdateCustomRepoRole(ctx context.Context, org string, roleID int64, opts *CreateOrUpdateCustomRepoRoleOptions) (*CustomRepoRoles, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/custom-repository-roles/%v", org, roleID)
 
 	req, err := s.client.NewRequest("PATCH", u, opts)
@@ -101,8 +133,10 @@ func (s *OrganizationsService) UpdateCustomRepoRole(ctx context.Context, org, ro
 // DeleteCustomRepoRole deletes an existing custom repository role in this organization.
 // In order to delete custom repository roles in an organization, the authenticated user must be an organization owner.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/custom-roles#delete-a-custom-repository-role
-func (s *OrganizationsService) DeleteCustomRepoRole(ctx context.Context, org, roleID string) (*Response, error) {
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/custom-roles#delete-a-custom-repository-role
+//
+//meta:operation DELETE /orgs/{org}/custom-repository-roles/{role_id}
+func (s *OrganizationsService) DeleteCustomRepoRole(ctx context.Context, org string, roleID int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/custom-repository-roles/%v", org, roleID)
 
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_hooks.go b/vendor/github.com/google/go-github/v72/github/orgs_hooks.go
similarity index 77%
rename from vendor/github.com/google/go-github/v55/github/orgs_hooks.go
rename to vendor/github.com/google/go-github/v72/github/orgs_hooks.go
index c0dd51e24e..c2eef77c92 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs_hooks.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs_hooks.go
@@ -12,7 +12,9 @@ import (
 
 // ListHooks lists all Hooks for the specified organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks#list-organization-webhooks
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#list-organization-webhooks
+//
+//meta:operation GET /orgs/{org}/hooks
 func (s *OrganizationsService) ListHooks(ctx context.Context, org string, opts *ListOptions) ([]*Hook, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks", org)
 	u, err := addOptions(u, opts)
@@ -36,7 +38,9 @@ func (s *OrganizationsService) ListHooks(ctx context.Context, org string, opts *
 
 // GetHook returns a single specified Hook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks#get-an-organization-webhook
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#get-an-organization-webhook
+//
+//meta:operation GET /orgs/{org}/hooks/{hook_id}
 func (s *OrganizationsService) GetHook(ctx context.Context, org string, id int64) (*Hook, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks/%d", org, id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -59,7 +63,9 @@ func (s *OrganizationsService) GetHook(ctx context.Context, org string, id int64
 // Note that only a subset of the hook fields are used and hook must
 // not be nil.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks#create-an-organization-webhook
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#create-an-organization-webhook
+//
+//meta:operation POST /orgs/{org}/hooks
 func (s *OrganizationsService) CreateHook(ctx context.Context, org string, hook *Hook) (*Hook, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks", org)
 
@@ -86,7 +92,9 @@ func (s *OrganizationsService) CreateHook(ctx context.Context, org string, hook
 
 // EditHook updates a specified Hook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks#update-an-organization-webhook
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#update-an-organization-webhook
+//
+//meta:operation PATCH /orgs/{org}/hooks/{hook_id}
 func (s *OrganizationsService) EditHook(ctx context.Context, org string, id int64, hook *Hook) (*Hook, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks/%d", org, id)
 	req, err := s.client.NewRequest("PATCH", u, hook)
@@ -105,7 +113,9 @@ func (s *OrganizationsService) EditHook(ctx context.Context, org string, id int6
 
 // PingHook triggers a 'ping' event to be sent to the Hook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks#ping-an-organization-webhook
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#ping-an-organization-webhook
+//
+//meta:operation POST /orgs/{org}/hooks/{hook_id}/pings
 func (s *OrganizationsService) PingHook(ctx context.Context, org string, id int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks/%d/pings", org, id)
 	req, err := s.client.NewRequest("POST", u, nil)
@@ -118,7 +128,9 @@ func (s *OrganizationsService) PingHook(ctx context.Context, org string, id int6
 
 // DeleteHook deletes a specified Hook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks#delete-an-organization-webhook
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#delete-an-organization-webhook
+//
+//meta:operation DELETE /orgs/{org}/hooks/{hook_id}
 func (s *OrganizationsService) DeleteHook(ctx context.Context, org string, id int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks/%d", org, id)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_hooks_configuration.go b/vendor/github.com/google/go-github/v72/github/orgs_hooks_configuration.go
similarity index 78%
rename from vendor/github.com/google/go-github/v55/github/orgs_hooks_configuration.go
rename to vendor/github.com/google/go-github/v72/github/orgs_hooks_configuration.go
index 953a2329c3..aeb616fc4c 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs_hooks_configuration.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs_hooks_configuration.go
@@ -12,7 +12,9 @@ import (
 
 // GetHookConfiguration returns the configuration for the specified organization webhook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks?apiVersion=2022-11-28#get-a-webhook-configuration-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#get-a-webhook-configuration-for-an-organization
+//
+//meta:operation GET /orgs/{org}/hooks/{hook_id}/config
 func (s *OrganizationsService) GetHookConfiguration(ctx context.Context, org string, id int64) (*HookConfig, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks/%v/config", org, id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -31,7 +33,9 @@ func (s *OrganizationsService) GetHookConfiguration(ctx context.Context, org str
 
 // EditHookConfiguration updates the configuration for the specified organization webhook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks?apiVersion=2022-11-28#update-a-webhook-configuration-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#update-a-webhook-configuration-for-an-organization
+//
+//meta:operation PATCH /orgs/{org}/hooks/{hook_id}/config
 func (s *OrganizationsService) EditHookConfiguration(ctx context.Context, org string, id int64, config *HookConfig) (*HookConfig, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks/%v/config", org, id)
 	req, err := s.client.NewRequest("PATCH", u, config)
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_hooks_deliveries.go b/vendor/github.com/google/go-github/v72/github/orgs_hooks_deliveries.go
similarity index 77%
rename from vendor/github.com/google/go-github/v55/github/orgs_hooks_deliveries.go
rename to vendor/github.com/google/go-github/v72/github/orgs_hooks_deliveries.go
index 1bfad409ea..c1c3012402 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs_hooks_deliveries.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs_hooks_deliveries.go
@@ -12,7 +12,9 @@ import (
 
 // ListHookDeliveries lists webhook deliveries for a webhook configured in an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks#list-deliveries-for-an-organization-webhook
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#list-deliveries-for-an-organization-webhook
+//
+//meta:operation GET /orgs/{org}/hooks/{hook_id}/deliveries
 func (s *OrganizationsService) ListHookDeliveries(ctx context.Context, org string, id int64, opts *ListCursorOptions) ([]*HookDelivery, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks/%v/deliveries", org, id)
 	u, err := addOptions(u, opts)
@@ -36,7 +38,9 @@ func (s *OrganizationsService) ListHookDeliveries(ctx context.Context, org strin
 
 // GetHookDelivery returns a delivery for a webhook configured in an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks#get-a-webhook-delivery-for-an-organization-webhook
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#get-a-webhook-delivery-for-an-organization-webhook
+//
+//meta:operation GET /orgs/{org}/hooks/{hook_id}/deliveries/{delivery_id}
 func (s *OrganizationsService) GetHookDelivery(ctx context.Context, owner string, hookID, deliveryID int64) (*HookDelivery, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks/%v/deliveries/%v", owner, hookID, deliveryID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -55,7 +59,9 @@ func (s *OrganizationsService) GetHookDelivery(ctx context.Context, owner string
 
 // RedeliverHookDelivery redelivers a delivery for a webhook configured in an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/webhooks#redeliver-a-delivery-for-an-organization-webhook
+// GitHub API docs: https://docs.github.com/rest/orgs/webhooks#redeliver-a-delivery-for-an-organization-webhook
+//
+//meta:operation POST /orgs/{org}/hooks/{hook_id}/deliveries/{delivery_id}/attempts
 func (s *OrganizationsService) RedeliverHookDelivery(ctx context.Context, owner string, hookID, deliveryID int64) (*HookDelivery, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/hooks/%v/deliveries/%v/attempts", owner, hookID, deliveryID)
 	req, err := s.client.NewRequest("POST", u, nil)
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_issue_types.go b/vendor/github.com/google/go-github/v72/github/orgs_issue_types.go
new file mode 100644
index 0000000000..73e6f8d639
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_issue_types.go
@@ -0,0 +1,99 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// CreateOrUpdateIssueTypesOptions represents the parameters for creating or updating an issue type.
+type CreateOrUpdateIssueTypesOptions struct {
+	Name        string  `json:"name"`                  // Name of the issue type. (Required.)
+	IsEnabled   bool    `json:"is_enabled"`            // Whether or not the issue type is enabled at the organization level. (Required.)
+	IsPrivate   *bool   `json:"is_private,omitempty"`  // Whether or not the issue type is restricted to issues in private repositories. (Optional.)
+	Description *string `json:"description,omitempty"` // Description of the issue type. (Optional.)
+	Color       *string `json:"color,omitempty"`       // Color for the issue type. Can be one of "gray", "blue", green "orange", "red", "pink", "purple", "null". (Optional.)
+}
+
+// ListIssueTypes lists all issue types for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/issue-types#list-issue-types-for-an-organization
+//
+//meta:operation GET /orgs/{org}/issue-types
+func (s *OrganizationsService) ListIssueTypes(ctx context.Context, org string) ([]*IssueType, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/issue-types", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var issueTypes []*IssueType
+	resp, err := s.client.Do(ctx, req, &issueTypes)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return issueTypes, resp, nil
+}
+
+// CreateIssueType creates a new issue type for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/issue-types#create-issue-type-for-an-organization
+//
+//meta:operation POST /orgs/{org}/issue-types
+func (s *OrganizationsService) CreateIssueType(ctx context.Context, org string, opt *CreateOrUpdateIssueTypesOptions) (*IssueType, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/issue-types", org)
+	req, err := s.client.NewRequest("POST", u, opt)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	issueType := new(IssueType)
+	resp, err := s.client.Do(ctx, req, issueType)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return issueType, resp, nil
+}
+
+// UpdateIssueType updates GitHub Pages for the named repo.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/issue-types#update-issue-type-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/issue-types/{issue_type_id}
+func (s *OrganizationsService) UpdateIssueType(ctx context.Context, org string, issueTypeID int64, opt *CreateOrUpdateIssueTypesOptions) (*IssueType, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/issue-types/%v", org, issueTypeID)
+	req, err := s.client.NewRequest("PUT", u, opt)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	issueType := new(IssueType)
+	resp, err := s.client.Do(ctx, req, issueType)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return issueType, resp, nil
+}
+
+// DeleteIssueType deletes an issue type for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/issue-types#delete-issue-type-for-an-organization
+//
+//meta:operation DELETE /orgs/{org}/issue-types/{issue_type_id}
+func (s *OrganizationsService) DeleteIssueType(ctx context.Context, org string, issueTypeID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/issue-types/%d", org, issueTypeID)
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_members.go b/vendor/github.com/google/go-github/v72/github/orgs_members.go
similarity index 77%
rename from vendor/github.com/google/go-github/v55/github/orgs_members.go
rename to vendor/github.com/google/go-github/v72/github/orgs_members.go
index 79f8a65333..d818d7f9f8 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs_members.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs_members.go
@@ -71,8 +71,11 @@ type ListMembersOptions struct {
 // user is an owner of the organization, this will return both concealed and
 // public members, otherwise it will only return public members.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#list-organization-members
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#list-public-organization-members
+// GitHub API docs: https://docs.github.com/rest/orgs/members#list-organization-members
+// GitHub API docs: https://docs.github.com/rest/orgs/members#list-public-organization-members
+//
+//meta:operation GET /orgs/{org}/members
+//meta:operation GET /orgs/{org}/public_members
 func (s *OrganizationsService) ListMembers(ctx context.Context, org string, opts *ListMembersOptions) ([]*User, *Response, error) {
 	var u string
 	if opts != nil && opts.PublicOnly {
@@ -101,7 +104,9 @@ func (s *OrganizationsService) ListMembers(ctx context.Context, org string, opts
 
 // IsMember checks if a user is a member of an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#check-organization-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/orgs/members#check-organization-membership-for-a-user
+//
+//meta:operation GET /orgs/{org}/members/{username}
 func (s *OrganizationsService) IsMember(ctx context.Context, org, user string) (bool, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/members/%v", org, user)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -116,7 +121,9 @@ func (s *OrganizationsService) IsMember(ctx context.Context, org, user string) (
 
 // IsPublicMember checks if a user is a public member of an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#check-public-organization-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/orgs/members#check-public-organization-membership-for-a-user
+//
+//meta:operation GET /orgs/{org}/public_members/{username}
 func (s *OrganizationsService) IsPublicMember(ctx context.Context, org, user string) (bool, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/public_members/%v", org, user)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -131,7 +138,9 @@ func (s *OrganizationsService) IsPublicMember(ctx context.Context, org, user str
 
 // RemoveMember removes a user from all teams of an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#remove-an-organization-member
+// GitHub API docs: https://docs.github.com/rest/orgs/members#remove-an-organization-member
+//
+//meta:operation DELETE /orgs/{org}/members/{username}
 func (s *OrganizationsService) RemoveMember(ctx context.Context, org, user string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/members/%v", org, user)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -142,10 +151,26 @@ func (s *OrganizationsService) RemoveMember(ctx context.Context, org, user strin
 	return s.client.Do(ctx, req, nil)
 }
 
+// CancelInvite cancels an organization invitation.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/members#cancel-an-organization-invitation
+//
+//meta:operation DELETE /orgs/{org}/invitations/{invitation_id}
+func (s *OrganizationsService) CancelInvite(ctx context.Context, org string, invitationID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/invitations/%v", org, invitationID)
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+	return s.client.Do(ctx, req, nil)
+}
+
 // PublicizeMembership publicizes a user's membership in an organization. (A
 // user cannot publicize the membership for another user.)
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#set-public-organization-membership-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/orgs/members#set-public-organization-membership-for-the-authenticated-user
+//
+//meta:operation PUT /orgs/{org}/public_members/{username}
 func (s *OrganizationsService) PublicizeMembership(ctx context.Context, org, user string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/public_members/%v", org, user)
 	req, err := s.client.NewRequest("PUT", u, nil)
@@ -158,7 +183,9 @@ func (s *OrganizationsService) PublicizeMembership(ctx context.Context, org, use
 
 // ConcealMembership conceals a user's membership in an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#remove-public-organization-membership-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/orgs/members#remove-public-organization-membership-for-the-authenticated-user
+//
+//meta:operation DELETE /orgs/{org}/public_members/{username}
 func (s *OrganizationsService) ConcealMembership(ctx context.Context, org, user string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/public_members/%v", org, user)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -181,7 +208,9 @@ type ListOrgMembershipsOptions struct {
 
 // ListOrgMemberships lists the organization memberships for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#list-organization-memberships-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/orgs/members#list-organization-memberships-for-the-authenticated-user
+//
+//meta:operation GET /user/memberships/orgs
 func (s *OrganizationsService) ListOrgMemberships(ctx context.Context, opts *ListOrgMembershipsOptions) ([]*Membership, *Response, error) {
 	u := "user/memberships/orgs"
 	u, err := addOptions(u, opts)
@@ -207,8 +236,11 @@ func (s *OrganizationsService) ListOrgMemberships(ctx context.Context, opts *Lis
 // Passing an empty string for user will get the membership for the
 // authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#get-an-organization-membership-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#get-organization-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/orgs/members#get-an-organization-membership-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/orgs/members#get-organization-membership-for-a-user
+//
+//meta:operation GET /orgs/{org}/memberships/{username}
+//meta:operation GET /user/memberships/orgs/{org}
 func (s *OrganizationsService) GetOrgMembership(ctx context.Context, user, org string) (*Membership, *Response, error) {
 	var u string
 	if user != "" {
@@ -235,8 +267,11 @@ func (s *OrganizationsService) GetOrgMembership(ctx context.Context, user, org s
 // Passing an empty string for user will edit the membership for the
 // authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#update-an-organization-membership-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#set-organization-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/orgs/members#set-organization-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/orgs/members#update-an-organization-membership-for-the-authenticated-user
+//
+//meta:operation PUT /orgs/{org}/memberships/{username}
+//meta:operation PATCH /user/memberships/orgs/{org}
 func (s *OrganizationsService) EditOrgMembership(ctx context.Context, user, org string, membership *Membership) (*Membership, *Response, error) {
 	var u, method string
 	if user != "" {
@@ -264,7 +299,9 @@ func (s *OrganizationsService) EditOrgMembership(ctx context.Context, user, org
 // RemoveOrgMembership removes user from the specified organization. If the
 // user has been invited to the organization, this will cancel their invitation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#remove-organization-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/orgs/members#remove-organization-membership-for-a-user
+//
+//meta:operation DELETE /orgs/{org}/memberships/{username}
 func (s *OrganizationsService) RemoveOrgMembership(ctx context.Context, user, org string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/memberships/%v", org, user)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -277,7 +314,9 @@ func (s *OrganizationsService) RemoveOrgMembership(ctx context.Context, user, or
 
 // ListPendingOrgInvitations returns a list of pending invitations.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#list-pending-organization-invitations
+// GitHub API docs: https://docs.github.com/rest/orgs/members#list-pending-organization-invitations
+//
+//meta:operation GET /orgs/{org}/invitations
 func (s *OrganizationsService) ListPendingOrgInvitations(ctx context.Context, org string, opts *ListOptions) ([]*Invitation, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/invitations", org)
 	u, err := addOptions(u, opts)
@@ -323,7 +362,9 @@ type CreateOrgInvitationOptions struct {
 // In order to create invitations in an organization,
 // the authenticated user must be an organization owner.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#create-an-organization-invitation
+// GitHub API docs: https://docs.github.com/rest/orgs/members#create-an-organization-invitation
+//
+//meta:operation POST /orgs/{org}/invitations
 func (s *OrganizationsService) CreateOrgInvitation(ctx context.Context, org string, opts *CreateOrgInvitationOptions) (*Invitation, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/invitations", org)
 
@@ -344,7 +385,9 @@ func (s *OrganizationsService) CreateOrgInvitation(ctx context.Context, org stri
 // ListOrgInvitationTeams lists all teams associated with an invitation. In order to see invitations in an organization,
 // the authenticated user must be an organization owner.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#list-organization-invitation-teams
+// GitHub API docs: https://docs.github.com/rest/orgs/members#list-organization-invitation-teams
+//
+//meta:operation GET /orgs/{org}/invitations/{invitation_id}/teams
 func (s *OrganizationsService) ListOrgInvitationTeams(ctx context.Context, org, invitationID string, opts *ListOptions) ([]*Team, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/invitations/%v/teams", org, invitationID)
 	u, err := addOptions(u, opts)
@@ -366,9 +409,11 @@ func (s *OrganizationsService) ListOrgInvitationTeams(ctx context.Context, org,
 	return orgInvitationTeams, resp, nil
 }
 
-// ListFailedOrgInvitations returns a list of failed inviatations.
+// ListFailedOrgInvitations returns a list of failed invitations.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/members#list-failed-organization-invitations
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/members#list-failed-organization-invitations
+//meta:operation GET /orgs/{org}/failed_invitations
 func (s *OrganizationsService) ListFailedOrgInvitations(ctx context.Context, org string, opts *ListOptions) ([]*Invitation, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/failed_invitations", org)
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_network_configurations.go b/vendor/github.com/google/go-github/v72/github/orgs_network_configurations.go
new file mode 100644
index 0000000000..82a819c204
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_network_configurations.go
@@ -0,0 +1,236 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"regexp"
+)
+
+// ComputeService represents a hosted compute service the network configuration supports.
+type ComputeService string
+
+const (
+	ComputeServiceNone       ComputeService = "none"
+	ComputeServiceActions    ComputeService = "actions"
+	ComputeServiceCodespaces ComputeService = "codespaces"
+)
+
+// NetworkConfigurations represents a hosted compute network configuration. This type is identical
+// for enterprise and organization endpoints.
+type NetworkConfigurations struct {
+	TotalCount            *int64                  `json:"total_count,omitempty"`
+	NetworkConfigurations []*NetworkConfiguration `json:"network_configurations,omitempty"`
+}
+
+// NetworkConfiguration represents a hosted compute network configurations. This type is identical
+// for enterprise and organization endpoints.
+type NetworkConfiguration struct {
+	ID                 *string         `json:"id,omitempty"`
+	Name               *string         `json:"name,omitempty"`
+	ComputeService     *ComputeService `json:"compute_service,omitempty"`
+	NetworkSettingsIDs []string        `json:"network_settings_ids,omitempty"`
+	CreatedOn          *Timestamp      `json:"created_on"`
+}
+
+// NetworkSettingsResource represents a hosted compute network settings resource. This type is identical
+// for enterprise and organization endpoints.
+type NetworkSettingsResource struct {
+	ID                     *string `json:"id,omitempty"`
+	NetworkConfigurationID *string `json:"network_configuration_id,omitempty"`
+	Name                   *string `json:"name,omitempty"`
+	SubnetID               *string `json:"subnet_id,omitempty"`
+	Region                 *string `json:"region,omitempty"`
+}
+
+func validateComputeService(compute *ComputeService) error {
+	if compute == nil {
+		return nil
+	}
+	if *compute != ComputeServiceNone && *compute != ComputeServiceActions {
+		return errors.New("compute service can only be one of: none, actions")
+	}
+	return nil
+}
+
+var validNetworkNameRE = regexp.MustCompile(`^[a-zA-Z0-9._-]+$`)
+
+func validateNetworkName(name string) error {
+	if len(name) < 1 || len(name) > 100 {
+		return errors.New("must be between 1 and 100 characters")
+	}
+	if !validNetworkNameRE.MatchString(name) {
+		return errors.New("may only contain upper and lowercase letters a-z, numbers 0-9, '.', '-', and '_'")
+	}
+	return nil
+}
+
+func validateNetworkSettingsID(settingsID []string) error {
+	if len(settingsID) != 1 {
+		return errors.New("exactly one network settings id must be specified")
+	}
+	return nil
+}
+
+func validateNetworkConfigurationRequest(req NetworkConfigurationRequest) error {
+	networkName := req.GetName()
+	if err := validateNetworkName(networkName); err != nil {
+		return err
+	}
+
+	computeService := req.GetComputeService()
+	if err := validateComputeService(computeService); err != nil {
+		return err
+	}
+
+	networkIDs := req.NetworkSettingsIDs
+	if err := validateNetworkSettingsID(networkIDs); err != nil {
+		return err
+	}
+	return nil
+}
+
+// NetworkConfigurationRequest represents a request to create or update a network configuration for an organization.
+type NetworkConfigurationRequest struct {
+	Name               *string         `json:"name,omitempty"`
+	ComputeService     *ComputeService `json:"compute_service,omitempty"`
+	NetworkSettingsIDs []string        `json:"network_settings_ids,omitempty"`
+}
+
+// ListNetworkConfigurations lists all hosted compute network configurations configured in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/network-configurations#list-hosted-compute-network-configurations-for-an-organization
+//
+//meta:operation GET /orgs/{org}/settings/network-configurations
+func (s *OrganizationsService) ListNetworkConfigurations(ctx context.Context, org string, opts *ListOptions) (*NetworkConfigurations, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/settings/network-configurations", org)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	configurations := &NetworkConfigurations{}
+	resp, err := s.client.Do(ctx, req, configurations)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configurations, resp, nil
+}
+
+// CreateNetworkConfiguration creates a hosted compute network configuration for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/network-configurations#create-a-hosted-compute-network-configuration-for-an-organization
+//
+//meta:operation POST /orgs/{org}/settings/network-configurations
+func (s *OrganizationsService) CreateNetworkConfiguration(ctx context.Context, org string, createReq NetworkConfigurationRequest) (*NetworkConfiguration, *Response, error) {
+	if err := validateNetworkConfigurationRequest(createReq); err != nil {
+		return nil, nil, fmt.Errorf("validation failed: %w", err)
+	}
+
+	u := fmt.Sprintf("orgs/%v/settings/network-configurations", org)
+	req, err := s.client.NewRequest("POST", u, createReq)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	configuration := &NetworkConfiguration{}
+	resp, err := s.client.Do(ctx, req, configuration)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configuration, resp, nil
+}
+
+// GetNetworkConfiguration gets a hosted compute network configuration configured in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/network-configurations#get-a-hosted-compute-network-configuration-for-an-organization
+//
+//meta:operation GET /orgs/{org}/settings/network-configurations/{network_configuration_id}
+func (s *OrganizationsService) GetNetworkConfiguration(ctx context.Context, org, networkID string) (*NetworkConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/settings/network-configurations/%v", org, networkID)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	configuration := &NetworkConfiguration{}
+	resp, err := s.client.Do(ctx, req, configuration)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configuration, resp, nil
+}
+
+// UpdateNetworkConfiguration updates a hosted compute network configuration for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/network-configurations#update-a-hosted-compute-network-configuration-for-an-organization
+//
+//meta:operation PATCH /orgs/{org}/settings/network-configurations/{network_configuration_id}
+func (s *OrganizationsService) UpdateNetworkConfiguration(ctx context.Context, org, networkID string, updateReq NetworkConfigurationRequest) (*NetworkConfiguration, *Response, error) {
+	if err := validateNetworkConfigurationRequest(updateReq); err != nil {
+		return nil, nil, fmt.Errorf("validation failed: %w", err)
+	}
+
+	u := fmt.Sprintf("orgs/%v/settings/network-configurations/%v", org, networkID)
+	req, err := s.client.NewRequest("PATCH", u, updateReq)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	configuration := &NetworkConfiguration{}
+	resp, err := s.client.Do(ctx, req, configuration)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configuration, resp, nil
+}
+
+// DeleteNetworkConfigurations deletes a hosted compute network configuration from an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/network-configurations#delete-a-hosted-compute-network-configuration-from-an-organization
+//
+//meta:operation DELETE /orgs/{org}/settings/network-configurations/{network_configuration_id}
+func (s *OrganizationsService) DeleteNetworkConfigurations(ctx context.Context, org, networkID string) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/settings/network-configurations/%v", org, networkID)
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	configuration := &NetworkConfiguration{}
+	resp, err := s.client.Do(ctx, req, configuration)
+	if err != nil {
+		return resp, err
+	}
+	return resp, nil
+}
+
+// GetNetworkConfigurationResource gets a hosted compute network settings resource configured for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/network-configurations#get-a-hosted-compute-network-settings-resource-for-an-organization
+//
+//meta:operation GET /orgs/{org}/settings/network-settings/{network_settings_id}
+func (s *OrganizationsService) GetNetworkConfigurationResource(ctx context.Context, org, networkID string) (*NetworkSettingsResource, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/settings/network-settings/%v", org, networkID)
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	resource := &NetworkSettingsResource{}
+	resp, err := s.client.Do(ctx, req, resource)
+	if err != nil {
+		return nil, resp, err
+	}
+	return resource, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_organization_roles.go b/vendor/github.com/google/go-github/v72/github/orgs_organization_roles.go
new file mode 100644
index 0000000000..0954b92d41
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_organization_roles.go
@@ -0,0 +1,295 @@
+// Copyright 2022 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// OrganizationCustomRoles represents custom organization roles available in specified organization.
+type OrganizationCustomRoles struct {
+	TotalCount      *int              `json:"total_count,omitempty"`
+	CustomRepoRoles []*CustomOrgRoles `json:"roles,omitempty"`
+}
+
+// CustomOrgRoles represents custom organization role available in specified organization.
+type CustomOrgRoles struct {
+	ID          *int64        `json:"id,omitempty"`
+	Name        *string       `json:"name,omitempty"`
+	Description *string       `json:"description,omitempty"`
+	Permissions []string      `json:"permissions,omitempty"`
+	Org         *Organization `json:"organization,omitempty"`
+	CreatedAt   *Timestamp    `json:"created_at,omitempty"`
+	UpdatedAt   *Timestamp    `json:"updated_at,omitempty"`
+	Source      *string       `json:"source,omitempty"`
+	BaseRole    *string       `json:"base_role,omitempty"`
+}
+
+// CreateOrUpdateOrgRoleOptions represents options required to create or update a custom organization role.
+type CreateOrUpdateOrgRoleOptions struct {
+	Name        *string  `json:"name,omitempty"`
+	Description *string  `json:"description,omitempty"`
+	Permissions []string `json:"permissions"`
+	BaseRole    *string  `json:"base_role,omitempty"`
+}
+
+// ListRoles lists the custom roles available in this organization.
+// In order to see custom roles in an organization, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/organization-roles#get-all-organization-roles-for-an-organization
+//
+//meta:operation GET /orgs/{org}/organization-roles
+func (s *OrganizationsService) ListRoles(ctx context.Context, org string) (*OrganizationCustomRoles, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	customRepoRoles := new(OrganizationCustomRoles)
+	resp, err := s.client.Do(ctx, req, customRepoRoles)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return customRepoRoles, resp, nil
+}
+
+// GetOrgRole gets an organization role in this organization.
+// In order to get organization roles in an organization, the authenticated user must be an organization owner, or have access via an organization role.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/organization-roles#get-an-organization-role
+//
+//meta:operation GET /orgs/{org}/organization-roles/{role_id}
+func (s *OrganizationsService) GetOrgRole(ctx context.Context, org string, roleID int64) (*CustomOrgRoles, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles/%v", org, roleID)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	resultingRole := new(CustomOrgRoles)
+	resp, err := s.client.Do(ctx, req, resultingRole)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return resultingRole, resp, err
+}
+
+// CreateCustomOrgRole creates a custom role in this organization.
+// In order to create custom roles in an organization, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/organization-roles#create-a-custom-organization-role
+//
+//meta:operation POST /orgs/{org}/organization-roles
+func (s *OrganizationsService) CreateCustomOrgRole(ctx context.Context, org string, opts *CreateOrUpdateOrgRoleOptions) (*CustomOrgRoles, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles", org)
+
+	req, err := s.client.NewRequest("POST", u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	resultingRole := new(CustomOrgRoles)
+	resp, err := s.client.Do(ctx, req, resultingRole)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return resultingRole, resp, err
+}
+
+// UpdateCustomOrgRole updates a custom role in this organization.
+// In order to update custom roles in an organization, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/organization-roles#update-a-custom-organization-role
+//
+//meta:operation PATCH /orgs/{org}/organization-roles/{role_id}
+func (s *OrganizationsService) UpdateCustomOrgRole(ctx context.Context, org string, roleID int64, opts *CreateOrUpdateOrgRoleOptions) (*CustomOrgRoles, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles/%v", org, roleID)
+
+	req, err := s.client.NewRequest("PATCH", u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	resultingRole := new(CustomOrgRoles)
+	resp, err := s.client.Do(ctx, req, resultingRole)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return resultingRole, resp, err
+}
+
+// DeleteCustomOrgRole deletes an existing custom role in this organization.
+// In order to delete custom roles in an organization, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/orgs/organization-roles#delete-a-custom-organization-role
+//
+//meta:operation DELETE /orgs/{org}/organization-roles/{role_id}
+func (s *OrganizationsService) DeleteCustomOrgRole(ctx context.Context, org string, roleID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles/%v", org, roleID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resultingRole := new(CustomOrgRoles)
+	resp, err := s.client.Do(ctx, req, resultingRole)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// AssignOrgRoleToTeam assigns an existing organization role to a team in this organization.
+// In order to assign organization roles in an organization, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/organization-roles#assign-an-organization-role-to-a-team
+//
+//meta:operation PUT /orgs/{org}/organization-roles/teams/{team_slug}/{role_id}
+func (s *OrganizationsService) AssignOrgRoleToTeam(ctx context.Context, org, teamSlug string, roleID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles/teams/%v/%v", org, teamSlug, roleID)
+
+	req, err := s.client.NewRequest("PUT", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// RemoveOrgRoleFromTeam removes an existing organization role assignment from a team in this organization.
+// In order to remove organization role assignments in an organization, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/organization-roles#remove-an-organization-role-from-a-team
+//
+//meta:operation DELETE /orgs/{org}/organization-roles/teams/{team_slug}/{role_id}
+func (s *OrganizationsService) RemoveOrgRoleFromTeam(ctx context.Context, org, teamSlug string, roleID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles/teams/%v/%v", org, teamSlug, roleID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// AssignOrgRoleToUser assigns an existing organization role to a user in this organization.
+// In order to assign organization roles in an organization, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/organization-roles#assign-an-organization-role-to-a-user
+//
+//meta:operation PUT /orgs/{org}/organization-roles/users/{username}/{role_id}
+func (s *OrganizationsService) AssignOrgRoleToUser(ctx context.Context, org, username string, roleID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles/users/%v/%v", org, username, roleID)
+
+	req, err := s.client.NewRequest("PUT", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// RemoveOrgRoleFromUser removes an existing organization role assignment from a user in this organization.
+// In order to remove organization role assignments in an organization, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/organization-roles#remove-an-organization-role-from-a-user
+//
+//meta:operation DELETE /orgs/{org}/organization-roles/users/{username}/{role_id}
+func (s *OrganizationsService) RemoveOrgRoleFromUser(ctx context.Context, org, username string, roleID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles/users/%v/%v", org, username, roleID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// ListTeamsAssignedToOrgRole returns all teams assigned to a specific organization role.
+// In order to list teams assigned to an organization role, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/organization-roles#list-teams-that-are-assigned-to-an-organization-role
+//
+//meta:operation GET /orgs/{org}/organization-roles/{role_id}/teams
+func (s *OrganizationsService) ListTeamsAssignedToOrgRole(ctx context.Context, org string, roleID int64, opts *ListOptions) ([]*Team, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles/%v/teams", org, roleID)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var teams []*Team
+	resp, err := s.client.Do(ctx, req, &teams)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return teams, resp, nil
+}
+
+// ListUsersAssignedToOrgRole returns all users assigned to a specific organization role.
+// In order to list users assigned to an organization role, the authenticated user must be an organization owner.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/organization-roles#list-users-that-are-assigned-to-an-organization-role
+//
+//meta:operation GET /orgs/{org}/organization-roles/{role_id}/users
+func (s *OrganizationsService) ListUsersAssignedToOrgRole(ctx context.Context, org string, roleID int64, opts *ListOptions) ([]*User, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/organization-roles/%v/users", org, roleID)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var users []*User
+	resp, err := s.client.Do(ctx, req, &users)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return users, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_outside_collaborators.go b/vendor/github.com/google/go-github/v72/github/orgs_outside_collaborators.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/orgs_outside_collaborators.go
rename to vendor/github.com/google/go-github/v72/github/orgs_outside_collaborators.go
index 506a494603..56034d7260 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs_outside_collaborators.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs_outside_collaborators.go
@@ -27,7 +27,9 @@ type ListOutsideCollaboratorsOptions struct {
 // Warning: The API may change without advance notice during the preview period.
 // Preview features are not supported for production use.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/outside-collaborators#list-outside-collaborators-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/outside-collaborators#list-outside-collaborators-for-an-organization
+//
+//meta:operation GET /orgs/{org}/outside_collaborators
 func (s *OrganizationsService) ListOutsideCollaborators(ctx context.Context, org string, opts *ListOutsideCollaboratorsOptions) ([]*User, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/outside_collaborators", org)
 	u, err := addOptions(u, opts)
@@ -52,7 +54,9 @@ func (s *OrganizationsService) ListOutsideCollaborators(ctx context.Context, org
 // RemoveOutsideCollaborator removes a user from the list of outside collaborators;
 // consequently, removing them from all the organization's repositories.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/outside-collaborators#remove-outside-collaborator-from-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/outside-collaborators#remove-outside-collaborator-from-an-organization
+//
+//meta:operation DELETE /orgs/{org}/outside_collaborators/{username}
 func (s *OrganizationsService) RemoveOutsideCollaborator(ctx context.Context, org string, user string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/outside_collaborators/%v", org, user)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -69,7 +73,9 @@ func (s *OrganizationsService) RemoveOutsideCollaborator(ctx context.Context, or
 // Responses for converting a non-member or the last owner to an outside collaborator
 // are listed in GitHub API docs.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/outside-collaborators#convert-an-organization-member-to-outside-collaborator
+// GitHub API docs: https://docs.github.com/rest/orgs/outside-collaborators#convert-an-organization-member-to-outside-collaborator
+//
+//meta:operation PUT /orgs/{org}/outside_collaborators/{username}
 func (s *OrganizationsService) ConvertMemberToOutsideCollaborator(ctx context.Context, org string, user string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/outside_collaborators/%v", org, user)
 	req, err := s.client.NewRequest("PUT", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_packages.go b/vendor/github.com/google/go-github/v72/github/orgs_packages.go
similarity index 52%
rename from vendor/github.com/google/go-github/v55/github/orgs_packages.go
rename to vendor/github.com/google/go-github/v72/github/orgs_packages.go
index 0ae68aaa36..edd8e508fb 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs_packages.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs_packages.go
@@ -8,11 +8,14 @@ package github
 import (
 	"context"
 	"fmt"
+	"net/url"
 )
 
-// List the packages for an organization.
+// ListPackages lists the packages for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#list-packages-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/packages/packages#list-packages-for-an-organization
+//
+//meta:operation GET /orgs/{org}/packages
 func (s *OrganizationsService) ListPackages(ctx context.Context, org string, opts *PackageListOptions) ([]*Package, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/packages", org)
 	u, err := addOptions(u, opts)
@@ -34,11 +37,15 @@ func (s *OrganizationsService) ListPackages(ctx context.Context, org string, opt
 	return packages, resp, nil
 }
 
-// Get a package by name from an organization.
+// GetPackage gets a package by name from an organization.
+//
+// Note that packageName is escaped for the URL path so that you don't need to.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#get-a-package-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/packages/packages#get-a-package-for-an-organization
+//
+//meta:operation GET /orgs/{org}/packages/{package_type}/{package_name}
 func (s *OrganizationsService) GetPackage(ctx context.Context, org, packageType, packageName string) (*Package, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/packages/%v/%v", org, packageType, packageName)
+	u := fmt.Sprintf("orgs/%v/packages/%v/%v", org, packageType, url.PathEscape(packageName))
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -53,11 +60,15 @@ func (s *OrganizationsService) GetPackage(ctx context.Context, org, packageType,
 	return pack, resp, nil
 }
 
-// Delete a package from an organization.
+// DeletePackage deletes a package from an organization.
+//
+// Note that packageName is escaped for the URL path so that you don't need to.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#delete-a-package-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/packages/packages#delete-a-package-for-an-organization
+//
+//meta:operation DELETE /orgs/{org}/packages/{package_type}/{package_name}
 func (s *OrganizationsService) DeletePackage(ctx context.Context, org, packageType, packageName string) (*Response, error) {
-	u := fmt.Sprintf("orgs/%v/packages/%v/%v", org, packageType, packageName)
+	u := fmt.Sprintf("orgs/%v/packages/%v/%v", org, packageType, url.PathEscape(packageName))
 	req, err := s.client.NewRequest("DELETE", u, nil)
 	if err != nil {
 		return nil, err
@@ -66,11 +77,15 @@ func (s *OrganizationsService) DeletePackage(ctx context.Context, org, packageTy
 	return s.client.Do(ctx, req, nil)
 }
 
-// Restore a package to an organization.
+// RestorePackage restores a package to an organization.
+//
+// Note that packageName is escaped for the URL path so that you don't need to.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#restore-a-package-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/packages/packages#restore-a-package-for-an-organization
+//
+//meta:operation POST /orgs/{org}/packages/{package_type}/{package_name}/restore
 func (s *OrganizationsService) RestorePackage(ctx context.Context, org, packageType, packageName string) (*Response, error) {
-	u := fmt.Sprintf("orgs/%v/packages/%v/%v/restore", org, packageType, packageName)
+	u := fmt.Sprintf("orgs/%v/packages/%v/%v/restore", org, packageType, url.PathEscape(packageName))
 	req, err := s.client.NewRequest("POST", u, nil)
 	if err != nil {
 		return nil, err
@@ -79,11 +94,15 @@ func (s *OrganizationsService) RestorePackage(ctx context.Context, org, packageT
 	return s.client.Do(ctx, req, nil)
 }
 
-// Get all versions of a package in an organization.
+// PackageGetAllVersions gets all versions of a package in an organization.
+//
+// Note that packageName is escaped for the URL path so that you don't need to.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#list-package-versions-for-a-package-owned-by-an-organization
+// GitHub API docs: https://docs.github.com/rest/packages/packages#list-package-versions-for-a-package-owned-by-an-organization
+//
+//meta:operation GET /orgs/{org}/packages/{package_type}/{package_name}/versions
 func (s *OrganizationsService) PackageGetAllVersions(ctx context.Context, org, packageType, packageName string, opts *PackageListOptions) ([]*PackageVersion, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/packages/%v/%v/versions", org, packageType, packageName)
+	u := fmt.Sprintf("orgs/%v/packages/%v/%v/versions", org, packageType, url.PathEscape(packageName))
 	u, err := addOptions(u, opts)
 	if err != nil {
 		return nil, nil, err
@@ -103,11 +122,15 @@ func (s *OrganizationsService) PackageGetAllVersions(ctx context.Context, org, p
 	return versions, resp, nil
 }
 
-// Get a specific version of a package in an organization.
+// PackageGetVersion gets a specific version of a package in an organization.
+//
+// Note that packageName is escaped for the URL path so that you don't need to.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#get-a-package-version-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/packages/packages#get-a-package-version-for-an-organization
+//
+//meta:operation GET /orgs/{org}/packages/{package_type}/{package_name}/versions/{package_version_id}
 func (s *OrganizationsService) PackageGetVersion(ctx context.Context, org, packageType, packageName string, packageVersionID int64) (*PackageVersion, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/packages/%v/%v/versions/%v", org, packageType, packageName, packageVersionID)
+	u := fmt.Sprintf("orgs/%v/packages/%v/%v/versions/%v", org, packageType, url.PathEscape(packageName), packageVersionID)
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -122,11 +145,15 @@ func (s *OrganizationsService) PackageGetVersion(ctx context.Context, org, packa
 	return version, resp, nil
 }
 
-// Delete a package version from an organization.
+// PackageDeleteVersion deletes a package version from an organization.
+//
+// Note that packageName is escaped for the URL path so that you don't need to.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#delete-package-version-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/packages/packages#delete-package-version-for-an-organization
+//
+//meta:operation DELETE /orgs/{org}/packages/{package_type}/{package_name}/versions/{package_version_id}
 func (s *OrganizationsService) PackageDeleteVersion(ctx context.Context, org, packageType, packageName string, packageVersionID int64) (*Response, error) {
-	u := fmt.Sprintf("orgs/%v/packages/%v/%v/versions/%v", org, packageType, packageName, packageVersionID)
+	u := fmt.Sprintf("orgs/%v/packages/%v/%v/versions/%v", org, packageType, url.PathEscape(packageName), packageVersionID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
 	if err != nil {
 		return nil, err
@@ -135,11 +162,15 @@ func (s *OrganizationsService) PackageDeleteVersion(ctx context.Context, org, pa
 	return s.client.Do(ctx, req, nil)
 }
 
-// Restore a package version to an organization.
+// PackageRestoreVersion restores a package version to an organization.
+//
+// Note that packageName is escaped for the URL path so that you don't need to.
+//
+// GitHub API docs: https://docs.github.com/rest/packages/packages#restore-package-version-for-an-organization
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#restore-package-version-for-an-organization
+//meta:operation POST /orgs/{org}/packages/{package_type}/{package_name}/versions/{package_version_id}/restore
 func (s *OrganizationsService) PackageRestoreVersion(ctx context.Context, org, packageType, packageName string, packageVersionID int64) (*Response, error) {
-	u := fmt.Sprintf("orgs/%v/packages/%v/%v/versions/%v/restore", org, packageType, packageName, packageVersionID)
+	u := fmt.Sprintf("orgs/%v/packages/%v/%v/versions/%v/restore", org, packageType, url.PathEscape(packageName), packageVersionID)
 	req, err := s.client.NewRequest("POST", u, nil)
 	if err != nil {
 		return nil, err
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_personal_access_tokens.go b/vendor/github.com/google/go-github/v72/github/orgs_personal_access_tokens.go
new file mode 100644
index 0000000000..276fbbb494
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_personal_access_tokens.go
@@ -0,0 +1,173 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"net/url"
+	"strings"
+)
+
+// PersonalAccessToken represents the minimal representation of an organization programmatic access grant.
+//
+// GitHub API docs: https://docs.github.com/en/rest/orgs/personal-access-tokens?apiVersion=2022-11-28
+type PersonalAccessToken struct {
+	// "Unique identifier of the fine-grained personal access token.
+	// The `pat_id` used to get details about an approved fine-grained personal access token.
+	ID *int64 `json:"id"`
+
+	// Owner is the GitHub user associated with the token.
+	Owner *User `json:"owner"`
+
+	// RepositorySelection is the type of repository selection requested.
+	// Possible values are: "none", "all", "subset".
+	RepositorySelection *string `json:"repository_selection"`
+
+	// URL to the list of repositories the fine-grained personal access token can access.
+	// Only follow when `repository_selection` is `subset`.
+	RepositoriesURL *string `json:"repositories_url"`
+
+	// Permissions are the permissions requested, categorized by type.
+	Permissions *PersonalAccessTokenPermissions `json:"permissions"`
+
+	// Date and time when the fine-grained personal access token was approved to access the organization.
+	AccessGrantedAt *Timestamp `json:"access_granted_at"`
+
+	// Whether the associated fine-grained personal access token has expired.
+	TokenExpired *bool `json:"token_expired"`
+
+	// Date and time when the associated fine-grained personal access token expires.
+	TokenExpiresAt *Timestamp `json:"token_expires_at"`
+
+	// TokenID
+	TokenID *int64 `json:"token_id"`
+
+	// TokenName
+	TokenName *string `json:"token_name"`
+
+	// Date and time when the associated fine-grained personal access token was last used for authentication.
+	TokenLastUsedAt *Timestamp `json:"token_last_used_at"`
+}
+
+// ListFineGrainedPATOptions specifies optional parameters to ListFineGrainedPersonalAccessTokens.
+type ListFineGrainedPATOptions struct {
+	// The property by which to sort the results.
+	// Default: created_at
+	// Value: created_at
+	Sort string `url:"sort,omitempty"`
+
+	// The direction to sort the results by.
+	// Default: desc
+	// Value: asc, desc
+	Direction string `url:"direction,omitempty"`
+
+	// A list of owner usernames to use to filter the results.
+	Owner []string `url:"-"`
+
+	// The name of the repository to use to filter the results.
+	Repository string `url:"repository,omitempty"`
+
+	// The permission to use to filter the results.
+	Permission string `url:"permission,omitempty"`
+
+	// Only show fine-grained personal access tokens used before the given time.
+	// This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
+	LastUsedBefore string `url:"last_used_before,omitempty"`
+
+	// Only show fine-grained personal access tokens used after the given time.
+	// This is a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ.
+	LastUsedAfter string `url:"last_used_after,omitempty"`
+
+	ListOptions
+}
+
+// ListFineGrainedPersonalAccessTokens lists approved fine-grained personal access tokens owned by organization members that can access organization resources.
+// Only GitHub Apps can call this API, using the `Personal access tokens` organization permissions (read).
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/personal-access-tokens#list-fine-grained-personal-access-tokens-with-access-to-organization-resources
+//
+//meta:operation GET /orgs/{org}/personal-access-tokens
+func (s *OrganizationsService) ListFineGrainedPersonalAccessTokens(ctx context.Context, org string, opts *ListFineGrainedPATOptions) ([]*PersonalAccessToken, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/personal-access-tokens", org)
+	// The `owner` parameter is a special case that uses the `owner[]=...` format and needs a custom function to format it correctly.
+	u, err := addListFineGrainedPATOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest(http.MethodGet, u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var pats []*PersonalAccessToken
+
+	resp, err := s.client.Do(ctx, req, &pats)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return pats, resp, nil
+}
+
+// ReviewPersonalAccessTokenRequestOptions specifies the parameters to the ReviewPersonalAccessTokenRequest method.
+type ReviewPersonalAccessTokenRequestOptions struct {
+	Action string  `json:"action"`
+	Reason *string `json:"reason,omitempty"`
+}
+
+// ReviewPersonalAccessTokenRequest approves or denies a pending request to access organization resources via a fine-grained personal access token.
+// Only GitHub Apps can call this API, using the `organization_personal_access_token_requests: write` permission.
+// `action` can be one of `approve` or `deny`.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/personal-access-tokens#review-a-request-to-access-organization-resources-with-a-fine-grained-personal-access-token
+//
+//meta:operation POST /orgs/{org}/personal-access-token-requests/{pat_request_id}
+func (s *OrganizationsService) ReviewPersonalAccessTokenRequest(ctx context.Context, org string, requestID int64, opts ReviewPersonalAccessTokenRequestOptions) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/personal-access-token-requests/%v", org, requestID)
+
+	req, err := s.client.NewRequest(http.MethodPost, u, &opts)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// addListFineGrainedPATOptions adds the owner parameter to the URL query string with the correct format if it is set.
+//
+// GitHub API expects the owner parameter to be a list of strings in the `owner[]=...` format.
+// For multiple owner values, the owner parameter is repeated in the query string.
+//
+// Example:
+// owner[]=user1&owner[]=user2
+// This will filter the results to only include fine-grained personal access tokens owned by `user1` and `user2`.
+//
+// This function ensures the owner parameter is formatted correctly in the URL query string.
+func addListFineGrainedPATOptions(s string, opts *ListFineGrainedPATOptions) (string, error) {
+	u, err := addOptions(s, opts)
+	if err != nil {
+		return s, err
+	}
+
+	if len(opts.Owner) > 0 {
+		ownerVals := make([]string, len(opts.Owner))
+		for i, owner := range opts.Owner {
+			ownerVals[i] = fmt.Sprintf("owner[]=%s", url.QueryEscape(owner))
+		}
+		ownerQuery := strings.Join(ownerVals, "&")
+
+		if strings.Contains(u, "?") {
+			u += "&" + ownerQuery
+		} else {
+			u += "?" + ownerQuery
+		}
+	}
+
+	return u, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_properties.go b/vendor/github.com/google/go-github/v72/github/orgs_properties.go
new file mode 100644
index 0000000000..f59d9f467e
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_properties.go
@@ -0,0 +1,243 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+)
+
+// CustomProperty represents an organization custom property object.
+type CustomProperty struct {
+	// PropertyName is required for most endpoints except when calling CreateOrUpdateCustomProperty;
+	// where this is sent in the path and thus can be omitted.
+	PropertyName *string `json:"property_name,omitempty"`
+	// SourceType is the source type of the property where it has been created. Can be one of: organization, enterprise.
+	SourceType *string `json:"source_type,omitempty"`
+	// The type of the value for the property. Can be one of: string, single_select, multi_select, true_false.
+	ValueType string `json:"value_type"`
+	// Whether the property is required.
+	Required *bool `json:"required,omitempty"`
+	// Default value of the property.
+	DefaultValue *string `json:"default_value,omitempty"`
+	// Short description of the property.
+	Description *string `json:"description,omitempty"`
+	// An ordered list of the allowed values of the property. The property can have up to 200
+	// allowed values.
+	AllowedValues []string `json:"allowed_values,omitempty"`
+	// Who can edit the values of the property. Can be one of: org_actors, org_and_repo_actors, nil (null).
+	ValuesEditableBy *string `json:"values_editable_by,omitempty"`
+}
+
+// RepoCustomPropertyValue represents a repository custom property value.
+type RepoCustomPropertyValue struct {
+	RepositoryID       int64                  `json:"repository_id"`
+	RepositoryName     string                 `json:"repository_name"`
+	RepositoryFullName string                 `json:"repository_full_name"`
+	Properties         []*CustomPropertyValue `json:"properties"`
+}
+
+// CustomPropertyValue represents a custom property value.
+type CustomPropertyValue struct {
+	PropertyName string      `json:"property_name"`
+	Value        interface{} `json:"value"`
+}
+
+// UnmarshalJSON implements the json.Unmarshaler interface.
+// This helps us handle the fact that Value can be either a string, []string, or nil.
+func (cpv *CustomPropertyValue) UnmarshalJSON(data []byte) error {
+	type aliasCustomPropertyValue CustomPropertyValue
+	aux := &struct {
+		*aliasCustomPropertyValue
+	}{
+		aliasCustomPropertyValue: (*aliasCustomPropertyValue)(cpv),
+	}
+	if err := json.Unmarshal(data, &aux); err != nil {
+		return err
+	}
+
+	switch v := aux.Value.(type) {
+	case nil:
+		cpv.Value = nil
+	case string:
+		cpv.Value = v
+	case []interface{}:
+		strSlice := make([]string, len(v))
+		for i, item := range v {
+			str, ok := item.(string)
+			if !ok {
+				return errors.New("non-string value in string array")
+			}
+			strSlice[i] = str
+		}
+		cpv.Value = strSlice
+	default:
+		return fmt.Errorf("unexpected value type: %T", v)
+	}
+	return nil
+}
+
+// GetAllCustomProperties gets all custom properties that are defined for the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/custom-properties#get-all-custom-properties-for-an-organization
+//
+//meta:operation GET /orgs/{org}/properties/schema
+func (s *OrganizationsService) GetAllCustomProperties(ctx context.Context, org string) ([]*CustomProperty, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/properties/schema", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var customProperties []*CustomProperty
+	resp, err := s.client.Do(ctx, req, &customProperties)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return customProperties, resp, nil
+}
+
+// CreateOrUpdateCustomProperties creates new or updates existing custom properties that are defined for the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/custom-properties#create-or-update-custom-properties-for-an-organization
+//
+//meta:operation PATCH /orgs/{org}/properties/schema
+func (s *OrganizationsService) CreateOrUpdateCustomProperties(ctx context.Context, org string, properties []*CustomProperty) ([]*CustomProperty, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/properties/schema", org)
+
+	params := struct {
+		Properties []*CustomProperty `json:"properties"`
+	}{
+		Properties: properties,
+	}
+
+	req, err := s.client.NewRequest("PATCH", u, params)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var customProperties []*CustomProperty
+	resp, err := s.client.Do(ctx, req, &customProperties)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return customProperties, resp, nil
+}
+
+// GetCustomProperty gets a custom property that is defined for the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/custom-properties#get-a-custom-property-for-an-organization
+//
+//meta:operation GET /orgs/{org}/properties/schema/{custom_property_name}
+func (s *OrganizationsService) GetCustomProperty(ctx context.Context, org, name string) (*CustomProperty, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/properties/schema/%v", org, name)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var customProperty *CustomProperty
+	resp, err := s.client.Do(ctx, req, &customProperty)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return customProperty, resp, nil
+}
+
+// CreateOrUpdateCustomProperty creates a new or updates an existing custom property that is defined for the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/custom-properties#create-or-update-a-custom-property-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/properties/schema/{custom_property_name}
+func (s *OrganizationsService) CreateOrUpdateCustomProperty(ctx context.Context, org, customPropertyName string, property *CustomProperty) (*CustomProperty, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/properties/schema/%v", org, customPropertyName)
+
+	req, err := s.client.NewRequest("PUT", u, property)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var customProperty *CustomProperty
+	resp, err := s.client.Do(ctx, req, &customProperty)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return customProperty, resp, nil
+}
+
+// RemoveCustomProperty removes a custom property that is defined for the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/custom-properties#remove-a-custom-property-for-an-organization
+//
+//meta:operation DELETE /orgs/{org}/properties/schema/{custom_property_name}
+func (s *OrganizationsService) RemoveCustomProperty(ctx context.Context, org, customPropertyName string) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/properties/schema/%v", org, customPropertyName)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
+
+// ListCustomPropertyValues lists all custom property values for repositories in the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/custom-properties#list-custom-property-values-for-organization-repositories
+//
+//meta:operation GET /orgs/{org}/properties/values
+func (s *OrganizationsService) ListCustomPropertyValues(ctx context.Context, org string, opts *ListOptions) ([]*RepoCustomPropertyValue, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/properties/values", org)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var repoCustomPropertyValues []*RepoCustomPropertyValue
+	resp, err := s.client.Do(ctx, req, &repoCustomPropertyValues)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return repoCustomPropertyValues, resp, nil
+}
+
+// CreateOrUpdateRepoCustomPropertyValues creates new or updates existing custom property values across multiple repositories for the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/custom-properties#create-or-update-custom-property-values-for-organization-repositories
+//
+//meta:operation PATCH /orgs/{org}/properties/values
+func (s *OrganizationsService) CreateOrUpdateRepoCustomPropertyValues(ctx context.Context, org string, repoNames []string, properties []*CustomPropertyValue) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/properties/values", org)
+
+	params := struct {
+		RepositoryNames []string               `json:"repository_names"`
+		Properties      []*CustomPropertyValue `json:"properties"`
+	}{
+		RepositoryNames: repoNames,
+		Properties:      properties,
+	}
+
+	req, err := s.client.NewRequest("PATCH", u, params)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/vendor/github.com/google/go-github/v72/github/orgs_rules.go b/vendor/github.com/google/go-github/v72/github/orgs_rules.go
new file mode 100644
index 0000000000..357eb8ce7c
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/orgs_rules.go
@@ -0,0 +1,145 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// GetAllRepositoryRulesets gets all the repository rulesets for the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/rules#get-all-organization-repository-rulesets
+//
+//meta:operation GET /orgs/{org}/rulesets
+func (s *OrganizationsService) GetAllRepositoryRulesets(ctx context.Context, org string, opts *ListOptions) ([]*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/rulesets", org)
+
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var rulesets []*RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &rulesets)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rulesets, resp, nil
+}
+
+// CreateRepositoryRuleset creates a repository ruleset for the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/rules#create-an-organization-repository-ruleset
+//
+//meta:operation POST /orgs/{org}/rulesets
+func (s *OrganizationsService) CreateRepositoryRuleset(ctx context.Context, org string, ruleset RepositoryRuleset) (*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/rulesets", org)
+
+	req, err := s.client.NewRequest("POST", u, ruleset)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var rs *RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &rs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rs, resp, nil
+}
+
+// GetRepositoryRuleset gets a repository ruleset for the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/rules#get-an-organization-repository-ruleset
+//
+//meta:operation GET /orgs/{org}/rulesets/{ruleset_id}
+func (s *OrganizationsService) GetRepositoryRuleset(ctx context.Context, org string, rulesetID int64) (*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/rulesets/%v", org, rulesetID)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var ruleset *RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &ruleset)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return ruleset, resp, nil
+}
+
+// UpdateRepositoryRuleset updates a repository ruleset for the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/rules#update-an-organization-repository-ruleset
+//
+//meta:operation PUT /orgs/{org}/rulesets/{ruleset_id}
+func (s *OrganizationsService) UpdateRepositoryRuleset(ctx context.Context, org string, rulesetID int64, ruleset RepositoryRuleset) (*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/rulesets/%v", org, rulesetID)
+
+	req, err := s.client.NewRequest("PUT", u, ruleset)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var rs *RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &rs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rs, resp, nil
+}
+
+// UpdateRepositoryRulesetClearBypassActor clears the bypass actors for a repository ruleset for the specified organization.
+//
+// This function is necessary as the UpdateRepositoryRuleset function does not marshal ByPassActor if passed as an empty array.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/rules#update-an-organization-repository-ruleset
+//
+//meta:operation PUT /orgs/{org}/rulesets/{ruleset_id}
+func (s *OrganizationsService) UpdateRepositoryRulesetClearBypassActor(ctx context.Context, org string, rulesetID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/rulesets/%v", org, rulesetID)
+
+	rsClearBypassActor := rulesetClearBypassActors{}
+
+	req, err := s.client.NewRequest("PUT", u, rsClearBypassActor)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// DeleteRepositoryRuleset deletes a repository ruleset from the specified organization.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/rules#delete-an-organization-repository-ruleset
+//
+//meta:operation DELETE /orgs/{org}/rulesets/{ruleset_id}
+func (s *OrganizationsService) DeleteRepositoryRuleset(ctx context.Context, org string, rulesetID int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/rulesets/%v", org, rulesetID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_security_managers.go b/vendor/github.com/google/go-github/v72/github/orgs_security_managers.go
similarity index 66%
rename from vendor/github.com/google/go-github/v55/github/orgs_security_managers.go
rename to vendor/github.com/google/go-github/v72/github/orgs_security_managers.go
index a3f002e0e1..b8562a2fd7 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs_security_managers.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs_security_managers.go
@@ -12,7 +12,11 @@ import (
 
 // ListSecurityManagerTeams lists all security manager teams for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/security-managers#list-security-manager-teams
+// Deprecated: Please use `client.Organizations.ListTeamsAssignedToOrgRole` instead.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/security-managers#list-security-manager-teams
+//
+//meta:operation GET /orgs/{org}/security-managers
 func (s *OrganizationsService) ListSecurityManagerTeams(ctx context.Context, org string) ([]*Team, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/security-managers", org)
 
@@ -32,7 +36,11 @@ func (s *OrganizationsService) ListSecurityManagerTeams(ctx context.Context, org
 
 // AddSecurityManagerTeam adds a team to the list of security managers for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/security-managers#add-a-security-manager-team
+// Deprecated: Please use `client.Organizations.AssignOrgRoleToTeam` instead.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/security-managers#add-a-security-manager-team
+//
+//meta:operation PUT /orgs/{org}/security-managers/teams/{team_slug}
 func (s *OrganizationsService) AddSecurityManagerTeam(ctx context.Context, org, team string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/security-managers/teams/%v", org, team)
 	req, err := s.client.NewRequest("PUT", u, nil)
@@ -45,7 +53,11 @@ func (s *OrganizationsService) AddSecurityManagerTeam(ctx context.Context, org,
 
 // RemoveSecurityManagerTeam removes a team from the list of security managers for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/security-managers#remove-a-security-manager-team
+// Deprecated: Please use `client.Organizations.RemoveOrgRoleFromTeam` instead.
+//
+// GitHub API docs: https://docs.github.com/rest/orgs/security-managers#remove-a-security-manager-team
+//
+//meta:operation DELETE /orgs/{org}/security-managers/teams/{team_slug}
 func (s *OrganizationsService) RemoveSecurityManagerTeam(ctx context.Context, org, team string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/security-managers/teams/%v", org, team)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/orgs_users_blocking.go b/vendor/github.com/google/go-github/v72/github/orgs_users_blocking.go
similarity index 79%
rename from vendor/github.com/google/go-github/v55/github/orgs_users_blocking.go
rename to vendor/github.com/google/go-github/v72/github/orgs_users_blocking.go
index 9c6cf60269..62bd9116cd 100644
--- a/vendor/github.com/google/go-github/v55/github/orgs_users_blocking.go
+++ b/vendor/github.com/google/go-github/v72/github/orgs_users_blocking.go
@@ -12,7 +12,9 @@ import (
 
 // ListBlockedUsers lists all the users blocked by an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/blocking#list-users-blocked-by-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/blocking#list-users-blocked-by-an-organization
+//
+//meta:operation GET /orgs/{org}/blocks
 func (s *OrganizationsService) ListBlockedUsers(ctx context.Context, org string, opts *ListOptions) ([]*User, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/blocks", org)
 	u, err := addOptions(u, opts)
@@ -39,7 +41,9 @@ func (s *OrganizationsService) ListBlockedUsers(ctx context.Context, org string,
 
 // IsBlocked reports whether specified user is blocked from an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/blocking#check-if-a-user-is-blocked-by-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/blocking#check-if-a-user-is-blocked-by-an-organization
+//
+//meta:operation GET /orgs/{org}/blocks/{username}
 func (s *OrganizationsService) IsBlocked(ctx context.Context, org string, user string) (bool, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/blocks/%v", org, user)
 
@@ -58,7 +62,9 @@ func (s *OrganizationsService) IsBlocked(ctx context.Context, org string, user s
 
 // BlockUser blocks specified user from an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/blocking#block-a-user-from-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/blocking#block-a-user-from-an-organization
+//
+//meta:operation PUT /orgs/{org}/blocks/{username}
 func (s *OrganizationsService) BlockUser(ctx context.Context, org string, user string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/blocks/%v", org, user)
 
@@ -75,7 +81,9 @@ func (s *OrganizationsService) BlockUser(ctx context.Context, org string, user s
 
 // UnblockUser unblocks specified user from an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/orgs/blocking#unblock-a-user-from-an-organization
+// GitHub API docs: https://docs.github.com/rest/orgs/blocking#unblock-a-user-from-an-organization
+//
+//meta:operation DELETE /orgs/{org}/blocks/{username}
 func (s *OrganizationsService) UnblockUser(ctx context.Context, org string, user string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/blocks/%v", org, user)
 
diff --git a/vendor/github.com/google/go-github/v72/github/packages.go b/vendor/github.com/google/go-github/v72/github/packages.go
new file mode 100644
index 0000000000..1eed77e804
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/packages.go
@@ -0,0 +1,319 @@
+// Copyright 2020 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"encoding/json"
+)
+
+// Package represents a GitHub package.
+type Package struct {
+	ID          *int64      `json:"id,omitempty"`
+	Name        *string     `json:"name,omitempty"`
+	PackageType *string     `json:"package_type,omitempty"` // One of "npm", "maven", "rubygems", "docker", "nuget", "container". For webhook events "container" is "CONTAINER"
+	HTMLURL     *string     `json:"html_url,omitempty"`
+	Visibility  *string     `json:"visibility,omitempty"`
+	Owner       *User       `json:"owner,omitempty"`
+	Repository  *Repository `json:"repository,omitempty"`
+	CreatedAt   *Timestamp  `json:"created_at,omitempty"`
+	UpdatedAt   *Timestamp  `json:"updated_at,omitempty"`
+
+	// The following are only populated for webhook events
+	Namespace      *string          `json:"namespace,omitempty"`
+	Description    *string          `json:"description,omitempty"`
+	Ecosystem      *string          `json:"ecosystem,omitempty"`
+	PackageVersion *PackageVersion  `json:"package_version,omitempty"`
+	Registry       *PackageRegistry `json:"registry,omitempty"`
+
+	// The following are NOT populated for webhook events
+	URL          *string `json:"url,omitempty"`
+	VersionCount *int64  `json:"version_count,omitempty"`
+}
+
+func (p Package) String() string {
+	return Stringify(p)
+}
+
+// PackageVersion represents a GitHub package version.
+type PackageVersion struct {
+	ID             *int64          `json:"id,omitempty"`
+	Name           *string         `json:"name,omitempty"`
+	URL            *string         `json:"url,omitempty"`
+	PackageHTMLURL *string         `json:"package_html_url,omitempty"`
+	License        *string         `json:"license,omitempty"`
+	Description    *string         `json:"description,omitempty"`
+	CreatedAt      *Timestamp      `json:"created_at,omitempty"`
+	UpdatedAt      *Timestamp      `json:"updated_at,omitempty"`
+	Metadata       json.RawMessage `json:"metadata,omitempty"` // For webhook events this will be []interface, else it will be of type PackageMetadata
+
+	// The following are only populated for webhook events
+	Version             *string                        `json:"version,omitempty"`
+	Summary             *string                        `json:"summary,omitempty"`
+	Body                json.RawMessage                `json:"body,omitempty"` // Can either be a string or of type PackageVersionBody
+	BodyHTML            *string                        `json:"body_html,omitempty"`
+	Release             *PackageRelease                `json:"release,omitempty"`
+	Manifest            *string                        `json:"manifest,omitempty"`
+	HTMLURL             *string                        `json:"html_url,omitempty"`
+	TagName             *string                        `json:"tag_name,omitempty"`
+	TargetCommitish     *string                        `json:"target_commitish,omitempty"`
+	TargetOID           *string                        `json:"target_oid,omitempty"`
+	Draft               *bool                          `json:"draft,omitempty"`
+	Prerelease          *bool                          `json:"prerelease,omitempty"`
+	ContainerMetadata   *PackageEventContainerMetadata `json:"container_metadata,omitempty"`
+	DockerMetadata      []interface{}                  `json:"docker_metadata,omitempty"`
+	NPMMetadata         *PackageNPMMetadata            `json:"npm_metadata,omitempty"`
+	NugetMetadata       []*PackageNugetMetadata        `json:"nuget_metadata,omitempty"`
+	RubyMetadata        map[string]any                 `json:"ruby_metadata,omitempty"`
+	PackageFiles        []*PackageFile                 `json:"package_files,omitempty"`
+	PackageURL          *string                        `json:"package_url,omitempty"`
+	Author              *User                          `json:"author,omitempty"`
+	SourceURL           *string                        `json:"source_url,omitempty"`
+	InstallationCommand *string                        `json:"installation_command,omitempty"`
+
+	// The following are NOT populated for webhook events
+	DeletedAt *Timestamp `json:"deleted_at,omitempty"`
+}
+
+// GetBody returns the body field as a string if it's valid.
+func (pv *PackageVersion) GetBody() (body string, ok bool) {
+	if pv == nil || pv.Body == nil {
+		return "", false
+	}
+
+	if err := json.Unmarshal(pv.Body, &body); err != nil {
+		return "", false
+	}
+
+	return body, true
+}
+
+// GetBodyAsPackageVersionBody returns the body field as a PackageVersionBody if it's valid.
+func (pv *PackageVersion) GetBodyAsPackageVersionBody() (body *PackageVersionBody, ok bool) {
+	if pv == nil || pv.Body == nil {
+		return nil, false
+	}
+
+	if err := json.Unmarshal(pv.Body, &body); err != nil {
+		return nil, false
+	}
+
+	return body, true
+}
+
+// GetMetadata returns the metadata field as PackageMetadata if it's valid.
+func (pv *PackageVersion) GetMetadata() (metadata *PackageMetadata, ok bool) {
+	if pv == nil || pv.Metadata == nil {
+		return nil, false
+	}
+
+	if err := json.Unmarshal(pv.Metadata, &metadata); err != nil {
+		return nil, false
+	}
+
+	return metadata, true
+}
+
+// GetRawMetadata returns the metadata field as a json.RawMessage.
+func (pv *PackageVersion) GetRawMetadata() json.RawMessage {
+	if pv == nil || pv.Metadata == nil {
+		return json.RawMessage{}
+	}
+
+	return pv.Metadata
+}
+
+func (pv PackageVersion) String() string {
+	return Stringify(pv)
+}
+
+// PackageRelease represents a GitHub package version release.
+type PackageRelease struct {
+	URL             *string    `json:"url,omitempty"`
+	HTMLURL         *string    `json:"html_url,omitempty"`
+	ID              *int64     `json:"id,omitempty"`
+	TagName         *string    `json:"tag_name,omitempty"`
+	TargetCommitish *string    `json:"target_commitish,omitempty"`
+	Name            *string    `json:"name,omitempty"`
+	Draft           *bool      `json:"draft,omitempty"`
+	Author          *User      `json:"author,omitempty"`
+	Prerelease      *bool      `json:"prerelease,omitempty"`
+	CreatedAt       *Timestamp `json:"created_at,omitempty"`
+	PublishedAt     *Timestamp `json:"published_at,omitempty"`
+}
+
+func (r PackageRelease) String() string {
+	return Stringify(r)
+}
+
+// PackageFile represents a GitHub package version release file.
+type PackageFile struct {
+	DownloadURL *string    `json:"download_url,omitempty"`
+	ID          *int64     `json:"id,omitempty"`
+	Name        *string    `json:"name,omitempty"`
+	SHA256      *string    `json:"sha256,omitempty"`
+	SHA1        *string    `json:"sha1,omitempty"`
+	MD5         *string    `json:"md5,omitempty"`
+	ContentType *string    `json:"content_type,omitempty"`
+	State       *string    `json:"state,omitempty"`
+	Author      *User      `json:"author,omitempty"`
+	Size        *int64     `json:"size,omitempty"`
+	CreatedAt   *Timestamp `json:"created_at,omitempty"`
+	UpdatedAt   *Timestamp `json:"updated_at,omitempty"`
+}
+
+func (pf PackageFile) String() string {
+	return Stringify(pf)
+}
+
+// PackageRegistry represents a GitHub package registry.
+type PackageRegistry struct {
+	AboutURL *string `json:"about_url,omitempty"`
+	Name     *string `json:"name,omitempty"`
+	Type     *string `json:"type,omitempty"`
+	URL      *string `json:"url,omitempty"`
+	Vendor   *string `json:"vendor,omitempty"`
+}
+
+func (r PackageRegistry) String() string {
+	return Stringify(r)
+}
+
+// PackageListOptions represents the optional list options for a package.
+type PackageListOptions struct {
+	// Visibility of packages "public", "internal" or "private".
+	Visibility *string `url:"visibility,omitempty"`
+
+	// PackageType represents the type of package.
+	// It can be one of "npm", "maven", "rubygems", "nuget", "docker", or "container".
+	PackageType *string `url:"package_type,omitempty"`
+
+	// State of package either "active" or "deleted".
+	State *string `url:"state,omitempty"`
+
+	ListOptions
+}
+
+// PackageMetadata represents metadata from a package.
+type PackageMetadata struct {
+	PackageType *string                   `json:"package_type,omitempty"`
+	Container   *PackageContainerMetadata `json:"container,omitempty"`
+}
+
+func (r PackageMetadata) String() string {
+	return Stringify(r)
+}
+
+// PackageContainerMetadata represents container metadata for docker container packages.
+type PackageContainerMetadata struct {
+	Tags []string `json:"tags,omitempty"`
+}
+
+func (r PackageContainerMetadata) String() string {
+	return Stringify(r)
+}
+
+// PackageVersionBody represents the body field of a package version.
+type PackageVersionBody struct {
+	Repo *Repository             `json:"repository,omitempty"`
+	Info *PackageVersionBodyInfo `json:"info,omitempty"`
+}
+
+func (b PackageVersionBody) String() string {
+	return Stringify(b)
+}
+
+// PackageVersionBodyInfo represents the info field of a PackageVersionBody.
+type PackageVersionBodyInfo struct {
+	Type       *string `json:"type,omitempty"`
+	OID        *string `json:"oid,omitempty"`
+	Mode       *int64  `json:"mode,omitempty"`
+	Name       *string `json:"name,omitempty"`
+	Path       *string `json:"path,omitempty"`
+	Size       *int64  `json:"size,omitempty"`
+	Collection *bool   `json:"collection,omitempty"`
+}
+
+func (bi PackageVersionBodyInfo) String() string {
+	return Stringify(bi)
+}
+
+// PackageEventContainerMetadata represents metadata for container packages as part of a webhook event.
+// See also PackageContainerMetadata.
+type PackageEventContainerMetadata struct {
+	Labels   map[string]any                    `json:"labels,omitempty"`
+	Manifest map[string]any                    `json:"manifest,omitempty"`
+	Tag      *PackageEventContainerMetadataTag `json:"tag,omitempty"`
+}
+
+func (m PackageEventContainerMetadata) String() string {
+	return Stringify(m)
+}
+
+// PackageEventContainerMetadataTag represents a tag of a GitHub container package.
+type PackageEventContainerMetadataTag struct {
+	Name   *string `json:"name,omitempty"`
+	Digest *string `json:"digest,omitempty"`
+}
+
+func (mt PackageEventContainerMetadataTag) String() string {
+	return Stringify(mt)
+}
+
+// PackageNugetMetadata represents nuget metadata for a GitHub package.
+type PackageNugetMetadata struct {
+	ID    json.RawMessage `json:"id,omitempty"` // Can either be a int64 or string
+	Name  *string         `json:"name,omitempty"`
+	Value json.RawMessage `json:"value,omitempty"` // Can either be a bool, string, integer or object
+}
+
+func (nm PackageNugetMetadata) String() string {
+	return Stringify(nm)
+}
+
+// PackageNPMMetadata represents NPM metadata for a GitHub package.
+type PackageNPMMetadata struct {
+	Name                 *string           `json:"name,omitempty"`
+	Version              *string           `json:"version,omitempty"`
+	NPMUser              *string           `json:"npm_user,omitempty"`
+	Author               map[string]string `json:"author,omitempty"`
+	Bugs                 map[string]string `json:"bugs,omitempty"`
+	Dependencies         map[string]string `json:"dependencies,omitempty"`
+	DevDependencies      map[string]string `json:"dev_dependencies,omitempty"`
+	PeerDependencies     map[string]string `json:"peer_dependencies,omitempty"`
+	OptionalDependencies map[string]string `json:"optional_dependencies,omitempty"`
+	Description          *string           `json:"description,omitempty"`
+	Dist                 map[string]string `json:"dist,omitempty"`
+	GitHead              *string           `json:"git_head,omitempty"`
+	Homepage             *string           `json:"homepage,omitempty"`
+	License              *string           `json:"license,omitempty"`
+	Main                 *string           `json:"main,omitempty"`
+	Repository           map[string]string `json:"repository,omitempty"`
+	Scripts              map[string]any    `json:"scripts,omitempty"`
+	ID                   *string           `json:"id,omitempty"`
+	NodeVersion          *string           `json:"node_version,omitempty"`
+	NPMVersion           *string           `json:"npm_version,omitempty"`
+	HasShrinkwrap        *bool             `json:"has_shrinkwrap,omitempty"`
+	Maintainers          []interface{}     `json:"maintainers,omitempty"`
+	Contributors         []interface{}     `json:"contributors,omitempty"`
+	Engines              map[string]string `json:"engines,omitempty"`
+	Keywords             []string          `json:"keywords,omitempty"`
+	Files                []string          `json:"files,omitempty"`
+	Bin                  map[string]any    `json:"bin,omitempty"`
+	Man                  map[string]any    `json:"man,omitempty"`
+	Directories          map[string]string `json:"directories,omitempty"`
+	OS                   []string          `json:"os,omitempty"`
+	CPU                  []string          `json:"cpu,omitempty"`
+	Readme               *string           `json:"readme,omitempty"`
+	InstallationCommand  *string           `json:"installation_command,omitempty"`
+	ReleaseID            *int64            `json:"release_id,omitempty"`
+	CommitOID            *string           `json:"commit_oid,omitempty"`
+	PublishedViaActions  *bool             `json:"published_via_actions,omitempty"`
+	DeletedByID          *int64            `json:"deleted_by_id,omitempty"`
+}
+
+func (nm PackageNPMMetadata) String() string {
+	return Stringify(nm)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/pulls.go b/vendor/github.com/google/go-github/v72/github/pulls.go
similarity index 71%
rename from vendor/github.com/google/go-github/v55/github/pulls.go
rename to vendor/github.com/google/go-github/v72/github/pulls.go
index 29549e24b8..f3c6e929c1 100644
--- a/vendor/github.com/google/go-github/v55/github/pulls.go
+++ b/vendor/github.com/google/go-github/v72/github/pulls.go
@@ -8,13 +8,14 @@ package github
 import (
 	"bytes"
 	"context"
+	"errors"
 	"fmt"
 )
 
 // PullRequestsService handles communication with the pull request related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/
+// GitHub API docs: https://docs.github.com/rest/pulls/
 type PullRequestsService service
 
 // PullRequestAutoMerge represents the "auto_merge" response for a PullRequest.
@@ -27,52 +28,54 @@ type PullRequestAutoMerge struct {
 
 // PullRequest represents a GitHub pull request on a repository.
 type PullRequest struct {
-	ID                  *int64                `json:"id,omitempty"`
-	Number              *int                  `json:"number,omitempty"`
-	State               *string               `json:"state,omitempty"`
-	Locked              *bool                 `json:"locked,omitempty"`
-	Title               *string               `json:"title,omitempty"`
-	Body                *string               `json:"body,omitempty"`
-	CreatedAt           *Timestamp            `json:"created_at,omitempty"`
-	UpdatedAt           *Timestamp            `json:"updated_at,omitempty"`
-	ClosedAt            *Timestamp            `json:"closed_at,omitempty"`
-	MergedAt            *Timestamp            `json:"merged_at,omitempty"`
-	Labels              []*Label              `json:"labels,omitempty"`
-	User                *User                 `json:"user,omitempty"`
-	Draft               *bool                 `json:"draft,omitempty"`
-	Merged              *bool                 `json:"merged,omitempty"`
-	Mergeable           *bool                 `json:"mergeable,omitempty"`
-	MergeableState      *string               `json:"mergeable_state,omitempty"`
-	MergedBy            *User                 `json:"merged_by,omitempty"`
-	MergeCommitSHA      *string               `json:"merge_commit_sha,omitempty"`
-	Rebaseable          *bool                 `json:"rebaseable,omitempty"`
-	Comments            *int                  `json:"comments,omitempty"`
-	Commits             *int                  `json:"commits,omitempty"`
-	Additions           *int                  `json:"additions,omitempty"`
-	Deletions           *int                  `json:"deletions,omitempty"`
-	ChangedFiles        *int                  `json:"changed_files,omitempty"`
-	URL                 *string               `json:"url,omitempty"`
-	HTMLURL             *string               `json:"html_url,omitempty"`
-	IssueURL            *string               `json:"issue_url,omitempty"`
-	StatusesURL         *string               `json:"statuses_url,omitempty"`
-	DiffURL             *string               `json:"diff_url,omitempty"`
-	PatchURL            *string               `json:"patch_url,omitempty"`
-	CommitsURL          *string               `json:"commits_url,omitempty"`
-	CommentsURL         *string               `json:"comments_url,omitempty"`
-	ReviewCommentsURL   *string               `json:"review_comments_url,omitempty"`
-	ReviewCommentURL    *string               `json:"review_comment_url,omitempty"`
-	ReviewComments      *int                  `json:"review_comments,omitempty"`
-	Assignee            *User                 `json:"assignee,omitempty"`
-	Assignees           []*User               `json:"assignees,omitempty"`
-	Milestone           *Milestone            `json:"milestone,omitempty"`
-	MaintainerCanModify *bool                 `json:"maintainer_can_modify,omitempty"`
-	AuthorAssociation   *string               `json:"author_association,omitempty"`
-	NodeID              *string               `json:"node_id,omitempty"`
-	RequestedReviewers  []*User               `json:"requested_reviewers,omitempty"`
-	AutoMerge           *PullRequestAutoMerge `json:"auto_merge,omitempty"`
+	ID                 *int64                `json:"id,omitempty"`
+	Number             *int                  `json:"number,omitempty"`
+	State              *string               `json:"state,omitempty"`
+	Locked             *bool                 `json:"locked,omitempty"`
+	Title              *string               `json:"title,omitempty"`
+	Body               *string               `json:"body,omitempty"`
+	CreatedAt          *Timestamp            `json:"created_at,omitempty"`
+	UpdatedAt          *Timestamp            `json:"updated_at,omitempty"`
+	ClosedAt           *Timestamp            `json:"closed_at,omitempty"`
+	MergedAt           *Timestamp            `json:"merged_at,omitempty"`
+	Labels             []*Label              `json:"labels,omitempty"`
+	User               *User                 `json:"user,omitempty"`
+	Draft              *bool                 `json:"draft,omitempty"`
+	URL                *string               `json:"url,omitempty"`
+	HTMLURL            *string               `json:"html_url,omitempty"`
+	IssueURL           *string               `json:"issue_url,omitempty"`
+	StatusesURL        *string               `json:"statuses_url,omitempty"`
+	DiffURL            *string               `json:"diff_url,omitempty"`
+	PatchURL           *string               `json:"patch_url,omitempty"`
+	CommitsURL         *string               `json:"commits_url,omitempty"`
+	CommentsURL        *string               `json:"comments_url,omitempty"`
+	ReviewCommentsURL  *string               `json:"review_comments_url,omitempty"`
+	ReviewCommentURL   *string               `json:"review_comment_url,omitempty"`
+	Assignee           *User                 `json:"assignee,omitempty"`
+	Assignees          []*User               `json:"assignees,omitempty"`
+	Milestone          *Milestone            `json:"milestone,omitempty"`
+	AuthorAssociation  *string               `json:"author_association,omitempty"`
+	NodeID             *string               `json:"node_id,omitempty"`
+	RequestedReviewers []*User               `json:"requested_reviewers,omitempty"`
+	AutoMerge          *PullRequestAutoMerge `json:"auto_merge,omitempty"`
+
+	// These fields are not populated by the List operation.
+	Merged              *bool   `json:"merged,omitempty"`
+	Mergeable           *bool   `json:"mergeable,omitempty"`
+	MergeableState      *string `json:"mergeable_state,omitempty"`
+	Rebaseable          *bool   `json:"rebaseable,omitempty"`
+	MergedBy            *User   `json:"merged_by,omitempty"`
+	MergeCommitSHA      *string `json:"merge_commit_sha,omitempty"`
+	Comments            *int    `json:"comments,omitempty"`
+	Commits             *int    `json:"commits,omitempty"`
+	Additions           *int    `json:"additions,omitempty"`
+	Deletions           *int    `json:"deletions,omitempty"`
+	ChangedFiles        *int    `json:"changed_files,omitempty"`
+	MaintainerCanModify *bool   `json:"maintainer_can_modify,omitempty"`
+	ReviewComments      *int    `json:"review_comments,omitempty"`
 
 	// RequestedTeams is populated as part of the PullRequestEvent.
-	// See, https://docs.github.com/en/developers/webhooks-and-events/github-event-types#pullrequestevent for an example.
+	// See, https://docs.github.com/developers/webhooks-and-events/github-event-types#pullrequestevent for an example.
 	RequestedTeams []*Team `json:"requested_teams,omitempty"`
 
 	Links *PRLinks           `json:"_links,omitempty"`
@@ -142,7 +145,9 @@ type PullRequestListOptions struct {
 
 // List the pull requests for the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/pulls#list-pull-requests
+// GitHub API docs: https://docs.github.com/rest/pulls/pulls#list-pull-requests
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls
 func (s *PullRequestsService) List(ctx context.Context, owner string, repo string, opts *PullRequestListOptions) ([]*PullRequest, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls", owner, repo)
 	u, err := addOptions(u, opts)
@@ -164,12 +169,16 @@ func (s *PullRequestsService) List(ctx context.Context, owner string, repo strin
 	return pulls, resp, nil
 }
 
-// ListPullRequestsWithCommit returns pull requests associated with a commit SHA.
+// ListPullRequestsWithCommit returns pull requests associated with a commit SHA
+// or branch name.
 //
-// The results may include open and closed pull requests.
-// By default, the PullRequestListOptions State filters for "open".
+// The results may include open and closed pull requests. If the commit SHA is
+// not present in the repository's default branch, the result will only include
+// open pull requests.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/commits#list-pull-requests-associated-with-a-commit
+// GitHub API docs: https://docs.github.com/rest/commits/commits#list-pull-requests-associated-with-a-commit
+//
+//meta:operation GET /repos/{owner}/{repo}/commits/{commit_sha}/pulls
 func (s *PullRequestsService) ListPullRequestsWithCommit(ctx context.Context, owner, repo, sha string, opts *ListOptions) ([]*PullRequest, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v/pulls", owner, repo, sha)
 	u, err := addOptions(u, opts)
@@ -195,7 +204,9 @@ func (s *PullRequestsService) ListPullRequestsWithCommit(ctx context.Context, ow
 
 // Get a single pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/pulls#get-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/pulls#get-a-pull-request
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/{pull_number}
 func (s *PullRequestsService) Get(ctx context.Context, owner string, repo string, number int) (*PullRequest, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d", owner, repo, number)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -214,7 +225,9 @@ func (s *PullRequestsService) Get(ctx context.Context, owner string, repo string
 
 // GetRaw gets a single pull request in raw (diff or patch) format.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/pulls#get-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/pulls#get-a-pull-request
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/{pull_number}
 func (s *PullRequestsService) GetRaw(ctx context.Context, owner string, repo string, number int, opts RawOptions) (string, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d", owner, repo, number)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -242,9 +255,16 @@ func (s *PullRequestsService) GetRaw(ctx context.Context, owner string, repo str
 
 // NewPullRequest represents a new pull request to be created.
 type NewPullRequest struct {
-	Title               *string `json:"title,omitempty"`
-	Head                *string `json:"head,omitempty"`
-	HeadRepo            *string `json:"head_repo,omitempty"`
+	Title *string `json:"title,omitempty"`
+	// The name of the branch where your changes are implemented. For
+	// cross-repository pull requests in the same network, namespace head with
+	// a user like this: username:branch.
+	Head     *string `json:"head,omitempty"`
+	HeadRepo *string `json:"head_repo,omitempty"`
+	// The name of the branch you want the changes pulled into. This should be
+	// an existing branch on the current repository. You cannot submit a pull
+	// request to one repository that requests a merge to a base of another
+	// repository.
 	Base                *string `json:"base,omitempty"`
 	Body                *string `json:"body,omitempty"`
 	Issue               *int    `json:"issue,omitempty"`
@@ -254,7 +274,9 @@ type NewPullRequest struct {
 
 // Create a new pull request on the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/pulls#create-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/pulls#create-a-pull-request
+//
+//meta:operation POST /repos/{owner}/{repo}/pulls
 func (s *PullRequestsService) Create(ctx context.Context, owner string, repo string, pull *NewPullRequest) (*PullRequest, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls", owner, repo)
 	req, err := s.client.NewRequest("POST", u, pull)
@@ -293,7 +315,9 @@ type PullRequestBranchUpdateResponse struct {
 // A follow up request, after a delay of a second or so, should result
 // in a successful request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/pulls#update-a-pull-request-branch
+// GitHub API docs: https://docs.github.com/rest/pulls/pulls#update-a-pull-request-branch
+//
+//meta:operation PUT /repos/{owner}/{repo}/pulls/{pull_number}/update-branch
 func (s *PullRequestsService) UpdateBranch(ctx context.Context, owner, repo string, number int, opts *PullRequestBranchUpdateOptions) (*PullRequestBranchUpdateResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/update-branch", owner, repo, number)
 
@@ -328,10 +352,12 @@ type pullRequestUpdate struct {
 // The following fields are editable: Title, Body, State, Base.Ref and MaintainerCanModify.
 // Base.Ref updates the base branch of the pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/pulls#update-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/pulls#update-a-pull-request
+//
+//meta:operation PATCH /repos/{owner}/{repo}/pulls/{pull_number}
 func (s *PullRequestsService) Edit(ctx context.Context, owner string, repo string, number int, pull *PullRequest) (*PullRequest, *Response, error) {
 	if pull == nil {
-		return nil, nil, fmt.Errorf("pull must be provided")
+		return nil, nil, errors.New("pull must be provided")
 	}
 
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d", owner, repo, number)
@@ -365,7 +391,9 @@ func (s *PullRequestsService) Edit(ctx context.Context, owner string, repo strin
 
 // ListCommits lists the commits in a pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/pulls#list-commits-on-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/pulls#list-commits-on-a-pull-request
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/{pull_number}/commits
 func (s *PullRequestsService) ListCommits(ctx context.Context, owner string, repo string, number int, opts *ListOptions) ([]*RepositoryCommit, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/commits", owner, repo, number)
 	u, err := addOptions(u, opts)
@@ -389,7 +417,9 @@ func (s *PullRequestsService) ListCommits(ctx context.Context, owner string, rep
 
 // ListFiles lists the files in a pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/pulls#list-pull-requests-files
+// GitHub API docs: https://docs.github.com/rest/pulls/pulls#list-pull-requests-files
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/{pull_number}/files
 func (s *PullRequestsService) ListFiles(ctx context.Context, owner string, repo string, number int, opts *ListOptions) ([]*CommitFile, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/files", owner, repo, number)
 	u, err := addOptions(u, opts)
@@ -413,7 +443,9 @@ func (s *PullRequestsService) ListFiles(ctx context.Context, owner string, repo
 
 // IsMerged checks if a pull request has been merged.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/pulls#check-if-a-pull-request-has-been-merged
+// GitHub API docs: https://docs.github.com/rest/pulls/pulls#check-if-a-pull-request-has-been-merged
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/{pull_number}/merge
 func (s *PullRequestsService) IsMerged(ctx context.Context, owner string, repo string, number int) (bool, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/merge", owner, repo, number)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -455,7 +487,9 @@ type pullRequestMergeRequest struct {
 // Merge a pull request.
 // commitMessage is an extra detail to append to automatic commit message.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/pulls#merge-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/pulls#merge-a-pull-request
+//
+//meta:operation PUT /repos/{owner}/{repo}/pulls/{pull_number}/merge
 func (s *PullRequestsService) Merge(ctx context.Context, owner string, repo string, number int, commitMessage string, options *PullRequestOptions) (*PullRequestMergeResult, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/merge", owner, repo, number)
 
diff --git a/vendor/github.com/google/go-github/v55/github/pulls_comments.go b/vendor/github.com/google/go-github/v72/github/pulls_comments.go
similarity index 83%
rename from vendor/github.com/google/go-github/v55/github/pulls_comments.go
rename to vendor/github.com/google/go-github/v72/github/pulls_comments.go
index ea1cf45d1e..a9ffe8d7cc 100644
--- a/vendor/github.com/google/go-github/v55/github/pulls_comments.go
+++ b/vendor/github.com/google/go-github/v72/github/pulls_comments.go
@@ -41,7 +41,7 @@ type PullRequestComment struct {
 	URL               *string `json:"url,omitempty"`
 	HTMLURL           *string `json:"html_url,omitempty"`
 	PullRequestURL    *string `json:"pull_request_url,omitempty"`
-	// Can be one of: LINE, FILE from https://docs.github.com/en/rest/pulls/comments?apiVersion=2022-11-28#create-a-review-comment-for-a-pull-request
+	// Can be one of: LINE, FILE from https://docs.github.com/rest/pulls/comments#create-a-review-comment-for-a-pull-request
 	SubjectType *string `json:"subject_type,omitempty"`
 }
 
@@ -68,8 +68,11 @@ type PullRequestListCommentsOptions struct {
 // pull request number of 0 will return all comments on all pull requests for
 // the repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/comments#list-review-comments-on-a-pull-request
-// GitHub API docs: https://docs.github.com/en/rest/pulls/comments#list-review-comments-in-a-repository
+// GitHub API docs: https://docs.github.com/rest/pulls/comments#list-review-comments-in-a-repository
+// GitHub API docs: https://docs.github.com/rest/pulls/comments#list-review-comments-on-a-pull-request
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/comments
+//meta:operation GET /repos/{owner}/{repo}/pulls/{pull_number}/comments
 func (s *PullRequestsService) ListComments(ctx context.Context, owner, repo string, number int, opts *PullRequestListCommentsOptions) ([]*PullRequestComment, *Response, error) {
 	var u string
 	if number == 0 {
@@ -102,7 +105,9 @@ func (s *PullRequestsService) ListComments(ctx context.Context, owner, repo stri
 
 // GetComment fetches the specified pull request comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/comments#get-a-review-comment-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/comments#get-a-review-comment-for-a-pull-request
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/comments/{comment_id}
 func (s *PullRequestsService) GetComment(ctx context.Context, owner, repo string, commentID int64) (*PullRequestComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/comments/%d", owner, repo, commentID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -125,7 +130,9 @@ func (s *PullRequestsService) GetComment(ctx context.Context, owner, repo string
 
 // CreateComment creates a new comment on the specified pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/comments#create-a-review-comment-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/comments#create-a-review-comment-for-a-pull-request
+//
+//meta:operation POST /repos/{owner}/{repo}/pulls/{pull_number}/comments
 func (s *PullRequestsService) CreateComment(ctx context.Context, owner, repo string, number int, comment *PullRequestComment) (*PullRequestComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/comments", owner, repo, number)
 	req, err := s.client.NewRequest("POST", u, comment)
@@ -147,7 +154,9 @@ func (s *PullRequestsService) CreateComment(ctx context.Context, owner, repo str
 
 // CreateCommentInReplyTo creates a new comment as a reply to an existing pull request comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/comments#create-a-review-comment-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/comments#create-a-review-comment-for-a-pull-request
+//
+//meta:operation POST /repos/{owner}/{repo}/pulls/{pull_number}/comments
 func (s *PullRequestsService) CreateCommentInReplyTo(ctx context.Context, owner, repo string, number int, body string, commentID int64) (*PullRequestComment, *Response, error) {
 	comment := &struct {
 		Body      string `json:"body,omitempty"`
@@ -174,7 +183,9 @@ func (s *PullRequestsService) CreateCommentInReplyTo(ctx context.Context, owner,
 // EditComment updates a pull request comment.
 // A non-nil comment.Body must be provided. Other comment fields should be left nil.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/comments#update-a-review-comment-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/comments#update-a-review-comment-for-a-pull-request
+//
+//meta:operation PATCH /repos/{owner}/{repo}/pulls/comments/{comment_id}
 func (s *PullRequestsService) EditComment(ctx context.Context, owner, repo string, commentID int64, comment *PullRequestComment) (*PullRequestComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/comments/%d", owner, repo, commentID)
 	req, err := s.client.NewRequest("PATCH", u, comment)
@@ -193,7 +204,9 @@ func (s *PullRequestsService) EditComment(ctx context.Context, owner, repo strin
 
 // DeleteComment deletes a pull request comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/comments#delete-a-review-comment-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/comments#delete-a-review-comment-for-a-pull-request
+//
+//meta:operation DELETE /repos/{owner}/{repo}/pulls/comments/{comment_id}
 func (s *PullRequestsService) DeleteComment(ctx context.Context, owner, repo string, commentID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/comments/%d", owner, repo, commentID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/pulls_reviewers.go b/vendor/github.com/google/go-github/v72/github/pulls_reviewers.go
similarity index 60%
rename from vendor/github.com/google/go-github/v55/github/pulls_reviewers.go
rename to vendor/github.com/google/go-github/v72/github/pulls_reviewers.go
index 1c336540b8..526047937e 100644
--- a/vendor/github.com/google/go-github/v55/github/pulls_reviewers.go
+++ b/vendor/github.com/google/go-github/v72/github/pulls_reviewers.go
@@ -23,9 +23,18 @@ type Reviewers struct {
 	Teams []*Team `json:"teams,omitempty"`
 }
 
+type removeReviewersRequest struct {
+	NodeID *string `json:"node_id,omitempty"`
+	// Note the lack of omitempty! See comment in RemoveReviewers.
+	Reviewers     []string `json:"reviewers"`
+	TeamReviewers []string `json:"team_reviewers,omitempty"`
+}
+
 // RequestReviewers creates a review request for the provided reviewers for the specified pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/review-requests#request-reviewers-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/review-requests#request-reviewers-for-a-pull-request
+//
+//meta:operation POST /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers
 func (s *PullRequestsService) RequestReviewers(ctx context.Context, owner, repo string, number int, reviewers ReviewersRequest) (*PullRequest, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/pulls/%d/requested_reviewers", owner, repo, number)
 	req, err := s.client.NewRequest("POST", u, &reviewers)
@@ -44,7 +53,9 @@ func (s *PullRequestsService) RequestReviewers(ctx context.Context, owner, repo
 
 // ListReviewers lists reviewers whose reviews have been requested on the specified pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/review-requests#list-requested-reviewers-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/review-requests#get-all-requested-reviewers-for-a-pull-request
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers
 func (s *PullRequestsService) ListReviewers(ctx context.Context, owner, repo string, number int, opts *ListOptions) (*Reviewers, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/requested_reviewers", owner, repo, number)
 	u, err := addOptions(u, opts)
@@ -68,10 +79,22 @@ func (s *PullRequestsService) ListReviewers(ctx context.Context, owner, repo str
 
 // RemoveReviewers removes the review request for the provided reviewers for the specified pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/review-requests#remove-requested-reviewers-from-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/review-requests#remove-requested-reviewers-from-a-pull-request
+//
+//meta:operation DELETE /repos/{owner}/{repo}/pulls/{pull_number}/requested_reviewers
 func (s *PullRequestsService) RemoveReviewers(ctx context.Context, owner, repo string, number int, reviewers ReviewersRequest) (*Response, error) {
+	// reviewers.Reviewers may be empty if the caller wants to remove teams, but not users. Unlike AddReviewers,
+	// "reviewers" is a required param here. Reference: https://github.com/google/go-github/issues/3336
+	// The type `removeReviewersRequest` is required because the struct tags are different from `ReviewersRequest`.
+	removeRequest := removeReviewersRequest(reviewers)
+
+	if removeRequest.Reviewers == nil {
+		// GitHub accepts the empty list, but rejects null. Removing `omitempty` is not enough - we also have to promote nil to [].
+		removeRequest.Reviewers = []string{}
+	}
+
 	u := fmt.Sprintf("repos/%s/%s/pulls/%d/requested_reviewers", owner, repo, number)
-	req, err := s.client.NewRequest("DELETE", u, &reviewers)
+	req, err := s.client.NewRequest("DELETE", u, &removeRequest)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/google/go-github/v55/github/pulls_reviews.go b/vendor/github.com/google/go-github/v72/github/pulls_reviews.go
similarity index 86%
rename from vendor/github.com/google/go-github/v55/github/pulls_reviews.go
rename to vendor/github.com/google/go-github/v72/github/pulls_reviews.go
index addcce4683..27b8dc37d5 100644
--- a/vendor/github.com/google/go-github/v55/github/pulls_reviews.go
+++ b/vendor/github.com/google/go-github/v72/github/pulls_reviews.go
@@ -100,7 +100,9 @@ func (r PullRequestReviewDismissalRequest) String() string {
 
 // ListReviews lists all reviews on the specified pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/reviews#list-reviews-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/reviews#list-reviews-for-a-pull-request
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews
 func (s *PullRequestsService) ListReviews(ctx context.Context, owner, repo string, number int, opts *ListOptions) ([]*PullRequestReview, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/reviews", owner, repo, number)
 	u, err := addOptions(u, opts)
@@ -124,7 +126,9 @@ func (s *PullRequestsService) ListReviews(ctx context.Context, owner, repo strin
 
 // GetReview fetches the specified pull request review.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/reviews#get-a-review-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/reviews#get-a-review-for-a-pull-request
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}
 func (s *PullRequestsService) GetReview(ctx context.Context, owner, repo string, number int, reviewID int64) (*PullRequestReview, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/reviews/%d", owner, repo, number, reviewID)
 
@@ -144,7 +148,9 @@ func (s *PullRequestsService) GetReview(ctx context.Context, owner, repo string,
 
 // DeletePendingReview deletes the specified pull request pending review.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/reviews#delete-a-pending-review-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/reviews#delete-a-pending-review-for-a-pull-request
+//
+//meta:operation DELETE /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}
 func (s *PullRequestsService) DeletePendingReview(ctx context.Context, owner, repo string, number int, reviewID int64) (*PullRequestReview, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/reviews/%d", owner, repo, number, reviewID)
 
@@ -164,7 +170,9 @@ func (s *PullRequestsService) DeletePendingReview(ctx context.Context, owner, re
 
 // ListReviewComments lists all the comments for the specified review.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/reviews#list-comments-for-a-pull-request-review
+// GitHub API docs: https://docs.github.com/rest/pulls/reviews#list-comments-for-a-pull-request-review
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/comments
 func (s *PullRequestsService) ListReviewComments(ctx context.Context, owner, repo string, number int, reviewID int64, opts *ListOptions) ([]*PullRequestComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/reviews/%d/comments", owner, repo, number, reviewID)
 	u, err := addOptions(u, opts)
@@ -188,8 +196,6 @@ func (s *PullRequestsService) ListReviewComments(ctx context.Context, owner, rep
 
 // CreateReview creates a new review on the specified pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/reviews#create-a-review-for-a-pull-request
-//
 // In order to use multi-line comments, you must use the "comfort fade" preview.
 // This replaces the use of the "Position" field in comments with 4 new fields:
 //
@@ -223,6 +229,10 @@ func (s *PullRequestsService) ListReviewComments(ctx context.Context, owner, rep
 //	Use this instead.
 //	It is waaaaaay better.
 //	```
+//
+// GitHub API docs: https://docs.github.com/rest/pulls/reviews#create-a-review-for-a-pull-request
+//
+//meta:operation POST /repos/{owner}/{repo}/pulls/{pull_number}/reviews
 func (s *PullRequestsService) CreateReview(ctx context.Context, owner, repo string, number int, review *PullRequestReviewRequest) (*PullRequestReview, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/reviews", owner, repo, number)
 
@@ -251,7 +261,9 @@ func (s *PullRequestsService) CreateReview(ctx context.Context, owner, repo stri
 
 // UpdateReview updates the review summary on the specified pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/reviews#update-a-review-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/reviews#update-a-review-for-a-pull-request
+//
+//meta:operation PUT /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}
 func (s *PullRequestsService) UpdateReview(ctx context.Context, owner, repo string, number int, reviewID int64, body string) (*PullRequestReview, *Response, error) {
 	opts := &struct {
 		Body string `json:"body"`
@@ -274,7 +286,9 @@ func (s *PullRequestsService) UpdateReview(ctx context.Context, owner, repo stri
 
 // SubmitReview submits a specified review on the specified pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/reviews#submit-a-review-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/reviews#submit-a-review-for-a-pull-request
+//
+//meta:operation POST /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/events
 func (s *PullRequestsService) SubmitReview(ctx context.Context, owner, repo string, number int, reviewID int64, review *PullRequestReviewRequest) (*PullRequestReview, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/reviews/%d/events", owner, repo, number, reviewID)
 
@@ -294,7 +308,9 @@ func (s *PullRequestsService) SubmitReview(ctx context.Context, owner, repo stri
 
 // DismissReview dismisses a specified review on the specified pull request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pulls/reviews#dismiss-a-review-for-a-pull-request
+// GitHub API docs: https://docs.github.com/rest/pulls/reviews#dismiss-a-review-for-a-pull-request
+//
+//meta:operation PUT /repos/{owner}/{repo}/pulls/{pull_number}/reviews/{review_id}/dismissals
 func (s *PullRequestsService) DismissReview(ctx context.Context, owner, repo string, number int, reviewID int64, review *PullRequestReviewDismissalRequest) (*PullRequestReview, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/%d/reviews/%d/dismissals", owner, repo, number, reviewID)
 
diff --git a/vendor/github.com/google/go-github/v55/github/pulls_threads.go b/vendor/github.com/google/go-github/v72/github/pulls_threads.go
similarity index 100%
rename from vendor/github.com/google/go-github/v55/github/pulls_threads.go
rename to vendor/github.com/google/go-github/v72/github/pulls_threads.go
diff --git a/vendor/github.com/google/go-github/v72/github/rate_limit.go b/vendor/github.com/google/go-github/v72/github/rate_limit.go
new file mode 100644
index 0000000000..6236eba8fb
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/rate_limit.go
@@ -0,0 +1,133 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import "context"
+
+// RateLimitService provides access to rate limit functions in the GitHub API.
+type RateLimitService service
+
+// Rate represents the rate limit for the current client.
+type Rate struct {
+	// The maximum number of requests that you can make per hour.
+	Limit int `json:"limit"`
+
+	// The number of requests remaining in the current rate limit window.
+	Remaining int `json:"remaining"`
+
+	// The number of requests you have made in the current rate limit window.
+	Used int `json:"used"`
+
+	// The time at which the current rate limit window resets, in UTC epoch seconds.
+	Reset Timestamp `json:"reset"`
+
+	// The rate limit resource that the request counted against.
+	// For more information about the different resources, see REST API endpoints for rate limits.
+	// GitHub API docs: https://docs.github.com/en/rest/rate-limit/rate-limit#get-rate-limit-status-for-the-authenticated-user
+	Resource string `json:"resource,omitempty"`
+}
+
+func (r Rate) String() string {
+	return Stringify(r)
+}
+
+// RateLimits represents the rate limits for the current client.
+type RateLimits struct {
+	// The rate limit for non-search API requests. Unauthenticated
+	// requests are limited to 60 per hour. Authenticated requests are
+	// limited to 5,000 per hour.
+	//
+	// GitHub API docs: https://docs.github.com/en/rest/overview/resources-in-the-rest-api#rate-limiting
+	Core *Rate `json:"core"`
+
+	// The rate limit for search API requests. Unauthenticated requests
+	// are limited to 10 requests per minutes. Authenticated requests are
+	// limited to 30 per minute.
+	//
+	// GitHub API docs: https://docs.github.com/en/rest/search#rate-limit
+	Search *Rate `json:"search"`
+
+	// GitHub API docs: https://docs.github.com/en/graphql/overview/resource-limitations#rate-limit
+	GraphQL *Rate `json:"graphql"`
+
+	// GitHub API dos: https://docs.github.com/en/rest/rate-limit
+	IntegrationManifest *Rate `json:"integration_manifest"`
+
+	SourceImport              *Rate `json:"source_import"`
+	CodeScanningUpload        *Rate `json:"code_scanning_upload"`
+	ActionsRunnerRegistration *Rate `json:"actions_runner_registration"`
+	SCIM                      *Rate `json:"scim"`
+	DependencySnapshots       *Rate `json:"dependency_snapshots"`
+	CodeSearch                *Rate `json:"code_search"`
+	AuditLog                  *Rate `json:"audit_log"`
+}
+
+func (r RateLimits) String() string {
+	return Stringify(r)
+}
+
+// Get returns the rate limits for the current client.
+//
+// GitHub API docs: https://docs.github.com/rest/rate-limit/rate-limit#get-rate-limit-status-for-the-authenticated-user
+//
+//meta:operation GET /rate_limit
+func (s *RateLimitService) Get(ctx context.Context) (*RateLimits, *Response, error) {
+	req, err := s.client.NewRequest("GET", "rate_limit", nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	response := new(struct {
+		Resources *RateLimits `json:"resources"`
+	})
+
+	// This resource is not subject to rate limits.
+	ctx = context.WithValue(ctx, BypassRateLimitCheck, true)
+	resp, err := s.client.Do(ctx, req, response)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	if response.Resources != nil {
+		s.client.rateMu.Lock()
+		if response.Resources.Core != nil {
+			s.client.rateLimits[CoreCategory] = *response.Resources.Core
+		}
+		if response.Resources.Search != nil {
+			s.client.rateLimits[SearchCategory] = *response.Resources.Search
+		}
+		if response.Resources.GraphQL != nil {
+			s.client.rateLimits[GraphqlCategory] = *response.Resources.GraphQL
+		}
+		if response.Resources.IntegrationManifest != nil {
+			s.client.rateLimits[IntegrationManifestCategory] = *response.Resources.IntegrationManifest
+		}
+		if response.Resources.SourceImport != nil {
+			s.client.rateLimits[SourceImportCategory] = *response.Resources.SourceImport
+		}
+		if response.Resources.CodeScanningUpload != nil {
+			s.client.rateLimits[CodeScanningUploadCategory] = *response.Resources.CodeScanningUpload
+		}
+		if response.Resources.ActionsRunnerRegistration != nil {
+			s.client.rateLimits[ActionsRunnerRegistrationCategory] = *response.Resources.ActionsRunnerRegistration
+		}
+		if response.Resources.SCIM != nil {
+			s.client.rateLimits[ScimCategory] = *response.Resources.SCIM
+		}
+		if response.Resources.DependencySnapshots != nil {
+			s.client.rateLimits[DependencySnapshotsCategory] = *response.Resources.DependencySnapshots
+		}
+		if response.Resources.CodeSearch != nil {
+			s.client.rateLimits[CodeSearchCategory] = *response.Resources.CodeSearch
+		}
+		if response.Resources.AuditLog != nil {
+			s.client.rateLimits[AuditLogCategory] = *response.Resources.AuditLog
+		}
+		s.client.rateMu.Unlock()
+	}
+
+	return response.Resources, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/reactions.go b/vendor/github.com/google/go-github/v72/github/reactions.go
similarity index 66%
rename from vendor/github.com/google/go-github/v55/github/reactions.go
rename to vendor/github.com/google/go-github/v72/github/reactions.go
index 14d193ae88..5233f78d3d 100644
--- a/vendor/github.com/google/go-github/v55/github/reactions.go
+++ b/vendor/github.com/google/go-github/v72/github/reactions.go
@@ -14,7 +14,7 @@ import (
 // ReactionsService provides access to the reactions-related functions in the
 // GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions
+// GitHub API docs: https://docs.github.com/rest/reactions
 type ReactionsService service
 
 // Reaction represents a GitHub reaction.
@@ -26,7 +26,8 @@ type Reaction struct {
 	// Content is the type of reaction.
 	// Possible values are:
 	//     "+1", "-1", "laugh", "confused", "heart", "hooray", "rocket", or "eyes".
-	Content *string `json:"content,omitempty"`
+	Content   *string    `json:"content,omitempty"`
+	CreatedAt *Timestamp `json:"created_at,omitempty"`
 }
 
 // Reactions represents a summary of GitHub reactions.
@@ -47,9 +48,8 @@ func (r Reaction) String() string {
 	return Stringify(r)
 }
 
-// ListCommentReactionOptions specifies the optional parameters to the
-// ReactionsService.ListCommentReactions method.
-type ListCommentReactionOptions struct {
+// ListReactionOptions specifies the optional parameters to the list reactions endpoints.
+type ListReactionOptions struct {
 	// Content restricts the returned comment reactions to only those with the given type.
 	// Omit this parameter to list all reactions to a commit comment.
 	// Possible values are: "+1", "-1", "laugh", "confused", "heart", "hooray", "rocket", or "eyes".
@@ -60,8 +60,10 @@ type ListCommentReactionOptions struct {
 
 // ListCommentReactions lists the reactions for a commit comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#list-reactions-for-a-commit-comment
-func (s *ReactionsService) ListCommentReactions(ctx context.Context, owner, repo string, id int64, opts *ListCommentReactionOptions) ([]*Reaction, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#list-reactions-for-a-commit-comment
+//
+//meta:operation GET /repos/{owner}/{repo}/comments/{comment_id}/reactions
+func (s *ReactionsService) ListCommentReactions(ctx context.Context, owner, repo string, id int64, opts *ListReactionOptions) ([]*Reaction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/comments/%v/reactions", owner, repo, id)
 	u, err := addOptions(u, opts)
 	if err != nil {
@@ -90,11 +92,13 @@ func (s *ReactionsService) ListCommentReactions(ctx context.Context, owner, repo
 // previously created reaction will be returned with Status: 200 OK.
 // The content should have one of the following values: "+1", "-1", "laugh", "confused", "heart", "hooray", "rocket", or "eyes".
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#create-reaction-for-a-commit-comment
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#create-reaction-for-a-commit-comment
+//
+//meta:operation POST /repos/{owner}/{repo}/comments/{comment_id}/reactions
 func (s *ReactionsService) CreateCommentReaction(ctx context.Context, owner, repo string, id int64, content string) (*Reaction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/comments/%v/reactions", owner, repo, id)
 
-	body := &Reaction{Content: String(content)}
+	body := &Reaction{Content: Ptr(content)}
 	req, err := s.client.NewRequest("POST", u, body)
 	if err != nil {
 		return nil, nil, err
@@ -114,7 +118,9 @@ func (s *ReactionsService) CreateCommentReaction(ctx context.Context, owner, rep
 
 // DeleteCommentReaction deletes the reaction for a commit comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#delete-a-commit-comment-reaction
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-a-commit-comment-reaction
+//
+//meta:operation DELETE /repos/{owner}/{repo}/comments/{comment_id}/reactions/{reaction_id}
 func (s *ReactionsService) DeleteCommentReaction(ctx context.Context, owner, repo string, commentID, reactionID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/comments/%v/reactions/%v", owner, repo, commentID, reactionID)
 
@@ -123,7 +129,9 @@ func (s *ReactionsService) DeleteCommentReaction(ctx context.Context, owner, rep
 
 // DeleteCommentReactionByID deletes the reaction for a commit comment by repository ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#delete-a-commit-comment-reaction
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-a-commit-comment-reaction
+//
+//meta:operation DELETE /repos/{owner}/{repo}/comments/{comment_id}/reactions/{reaction_id}
 func (s *ReactionsService) DeleteCommentReactionByID(ctx context.Context, repoID, commentID, reactionID int64) (*Response, error) {
 	u := fmt.Sprintf("repositories/%v/comments/%v/reactions/%v", repoID, commentID, reactionID)
 
@@ -132,8 +140,10 @@ func (s *ReactionsService) DeleteCommentReactionByID(ctx context.Context, repoID
 
 // ListIssueReactions lists the reactions for an issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#list-reactions-for-an-issue
-func (s *ReactionsService) ListIssueReactions(ctx context.Context, owner, repo string, number int, opts *ListOptions) ([]*Reaction, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#list-reactions-for-an-issue
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/{issue_number}/reactions
+func (s *ReactionsService) ListIssueReactions(ctx context.Context, owner, repo string, number int, opts *ListReactionOptions) ([]*Reaction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%v/reactions", owner, repo, number)
 	u, err := addOptions(u, opts)
 	if err != nil {
@@ -162,11 +172,13 @@ func (s *ReactionsService) ListIssueReactions(ctx context.Context, owner, repo s
 // previously created reaction will be returned with Status: 200 OK.
 // The content should have one of the following values: "+1", "-1", "laugh", "confused", "heart", "hooray", "rocket", or "eyes".
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#create-reaction-for-an-issue
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#create-reaction-for-an-issue
+//
+//meta:operation POST /repos/{owner}/{repo}/issues/{issue_number}/reactions
 func (s *ReactionsService) CreateIssueReaction(ctx context.Context, owner, repo string, number int, content string) (*Reaction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/%v/reactions", owner, repo, number)
 
-	body := &Reaction{Content: String(content)}
+	body := &Reaction{Content: Ptr(content)}
 	req, err := s.client.NewRequest("POST", u, body)
 	if err != nil {
 		return nil, nil, err
@@ -186,7 +198,9 @@ func (s *ReactionsService) CreateIssueReaction(ctx context.Context, owner, repo
 
 // DeleteIssueReaction deletes the reaction to an issue.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#delete-an-issue-reaction
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-an-issue-reaction
+//
+//meta:operation DELETE /repos/{owner}/{repo}/issues/{issue_number}/reactions/{reaction_id}
 func (s *ReactionsService) DeleteIssueReaction(ctx context.Context, owner, repo string, issueNumber int, reactionID int64) (*Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/issues/%v/reactions/%v", owner, repo, issueNumber, reactionID)
 
@@ -195,7 +209,9 @@ func (s *ReactionsService) DeleteIssueReaction(ctx context.Context, owner, repo
 
 // DeleteIssueReactionByID deletes the reaction to an issue by repository ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#delete-an-issue-reaction
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-an-issue-reaction
+//
+//meta:operation DELETE /repos/{owner}/{repo}/issues/{issue_number}/reactions/{reaction_id}
 func (s *ReactionsService) DeleteIssueReactionByID(ctx context.Context, repoID, issueNumber int, reactionID int64) (*Response, error) {
 	url := fmt.Sprintf("repositories/%v/issues/%v/reactions/%v", repoID, issueNumber, reactionID)
 
@@ -204,8 +220,10 @@ func (s *ReactionsService) DeleteIssueReactionByID(ctx context.Context, repoID,
 
 // ListIssueCommentReactions lists the reactions for an issue comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#list-reactions-for-an-issue-comment
-func (s *ReactionsService) ListIssueCommentReactions(ctx context.Context, owner, repo string, id int64, opts *ListOptions) ([]*Reaction, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#list-reactions-for-an-issue-comment
+//
+//meta:operation GET /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions
+func (s *ReactionsService) ListIssueCommentReactions(ctx context.Context, owner, repo string, id int64, opts *ListReactionOptions) ([]*Reaction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/comments/%v/reactions", owner, repo, id)
 	u, err := addOptions(u, opts)
 	if err != nil {
@@ -234,11 +252,13 @@ func (s *ReactionsService) ListIssueCommentReactions(ctx context.Context, owner,
 // previously created reaction will be returned with Status: 200 OK.
 // The content should have one of the following values: "+1", "-1", "laugh", "confused", "heart", "hooray", "rocket", or "eyes".
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#create-reaction-for-an-issue-comment
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#create-reaction-for-an-issue-comment
+//
+//meta:operation POST /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions
 func (s *ReactionsService) CreateIssueCommentReaction(ctx context.Context, owner, repo string, id int64, content string) (*Reaction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/issues/comments/%v/reactions", owner, repo, id)
 
-	body := &Reaction{Content: String(content)}
+	body := &Reaction{Content: Ptr(content)}
 	req, err := s.client.NewRequest("POST", u, body)
 	if err != nil {
 		return nil, nil, err
@@ -258,7 +278,9 @@ func (s *ReactionsService) CreateIssueCommentReaction(ctx context.Context, owner
 
 // DeleteIssueCommentReaction deletes the reaction to an issue comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#delete-an-issue-comment-reaction
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-an-issue-comment-reaction
+//
+//meta:operation DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions/{reaction_id}
 func (s *ReactionsService) DeleteIssueCommentReaction(ctx context.Context, owner, repo string, commentID, reactionID int64) (*Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/issues/comments/%v/reactions/%v", owner, repo, commentID, reactionID)
 
@@ -267,7 +289,9 @@ func (s *ReactionsService) DeleteIssueCommentReaction(ctx context.Context, owner
 
 // DeleteIssueCommentReactionByID deletes the reaction to an issue comment by repository ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#delete-an-issue-comment-reaction
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-an-issue-comment-reaction
+//
+//meta:operation DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}/reactions/{reaction_id}
 func (s *ReactionsService) DeleteIssueCommentReactionByID(ctx context.Context, repoID, commentID, reactionID int64) (*Response, error) {
 	url := fmt.Sprintf("repositories/%v/issues/comments/%v/reactions/%v", repoID, commentID, reactionID)
 
@@ -276,8 +300,10 @@ func (s *ReactionsService) DeleteIssueCommentReactionByID(ctx context.Context, r
 
 // ListPullRequestCommentReactions lists the reactions for a pull request review comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#list-reactions-for-a-pull-request-review-comment
-func (s *ReactionsService) ListPullRequestCommentReactions(ctx context.Context, owner, repo string, id int64, opts *ListOptions) ([]*Reaction, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#list-reactions-for-a-pull-request-review-comment
+//
+//meta:operation GET /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions
+func (s *ReactionsService) ListPullRequestCommentReactions(ctx context.Context, owner, repo string, id int64, opts *ListReactionOptions) ([]*Reaction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/comments/%v/reactions", owner, repo, id)
 	u, err := addOptions(u, opts)
 	if err != nil {
@@ -306,11 +332,13 @@ func (s *ReactionsService) ListPullRequestCommentReactions(ctx context.Context,
 // previously created reaction will be returned with Status: 200 OK.
 // The content should have one of the following values: "+1", "-1", "laugh", "confused", "heart", "hooray", "rocket", or "eyes".
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#create-reaction-for-a-pull-request-review-comment
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#create-reaction-for-a-pull-request-review-comment
+//
+//meta:operation POST /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions
 func (s *ReactionsService) CreatePullRequestCommentReaction(ctx context.Context, owner, repo string, id int64, content string) (*Reaction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pulls/comments/%v/reactions", owner, repo, id)
 
-	body := &Reaction{Content: String(content)}
+	body := &Reaction{Content: Ptr(content)}
 	req, err := s.client.NewRequest("POST", u, body)
 	if err != nil {
 		return nil, nil, err
@@ -330,7 +358,9 @@ func (s *ReactionsService) CreatePullRequestCommentReaction(ctx context.Context,
 
 // DeletePullRequestCommentReaction deletes the reaction to a pull request review comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#delete-a-pull-request-comment-reaction
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-a-pull-request-comment-reaction
+//
+//meta:operation DELETE /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions/{reaction_id}
 func (s *ReactionsService) DeletePullRequestCommentReaction(ctx context.Context, owner, repo string, commentID, reactionID int64) (*Response, error) {
 	url := fmt.Sprintf("repos/%v/%v/pulls/comments/%v/reactions/%v", owner, repo, commentID, reactionID)
 
@@ -339,7 +369,9 @@ func (s *ReactionsService) DeletePullRequestCommentReaction(ctx context.Context,
 
 // DeletePullRequestCommentReactionByID deletes the reaction to a pull request review comment by repository ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#delete-a-pull-request-comment-reaction
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-a-pull-request-comment-reaction
+//
+//meta:operation DELETE /repos/{owner}/{repo}/pulls/comments/{comment_id}/reactions/{reaction_id}
 func (s *ReactionsService) DeletePullRequestCommentReactionByID(ctx context.Context, repoID, commentID, reactionID int64) (*Response, error) {
 	url := fmt.Sprintf("repositories/%v/pulls/comments/%v/reactions/%v", repoID, commentID, reactionID)
 
@@ -348,8 +380,10 @@ func (s *ReactionsService) DeletePullRequestCommentReactionByID(ctx context.Cont
 
 // ListTeamDiscussionReactions lists the reactions for a team discussion.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#list-reactions-for-a-team-discussion-legacy
-func (s *ReactionsService) ListTeamDiscussionReactions(ctx context.Context, teamID int64, discussionNumber int, opts *ListOptions) ([]*Reaction, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#list-reactions-for-a-team-discussion-legacy
+//
+//meta:operation GET /teams/{team_id}/discussions/{discussion_number}/reactions
+func (s *ReactionsService) ListTeamDiscussionReactions(ctx context.Context, teamID int64, discussionNumber int, opts *ListReactionOptions) ([]*Reaction, *Response, error) {
 	u := fmt.Sprintf("teams/%v/discussions/%v/reactions", teamID, discussionNumber)
 	u, err := addOptions(u, opts)
 	if err != nil {
@@ -375,11 +409,13 @@ func (s *ReactionsService) ListTeamDiscussionReactions(ctx context.Context, team
 // CreateTeamDiscussionReaction creates a reaction for a team discussion.
 // The content should have one of the following values: "+1", "-1", "laugh", "confused", "heart", "hooray", "rocket", or "eyes".
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#create-reaction-for-a-team-discussion-legacy
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#create-reaction-for-a-team-discussion-legacy
+//
+//meta:operation POST /teams/{team_id}/discussions/{discussion_number}/reactions
 func (s *ReactionsService) CreateTeamDiscussionReaction(ctx context.Context, teamID int64, discussionNumber int, content string) (*Reaction, *Response, error) {
 	u := fmt.Sprintf("teams/%v/discussions/%v/reactions", teamID, discussionNumber)
 
-	body := &Reaction{Content: String(content)}
+	body := &Reaction{Content: Ptr(content)}
 	req, err := s.client.NewRequest("POST", u, body)
 	if err != nil {
 		return nil, nil, err
@@ -398,7 +434,9 @@ func (s *ReactionsService) CreateTeamDiscussionReaction(ctx context.Context, tea
 
 // DeleteTeamDiscussionReaction deletes the reaction to a team discussion.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#delete-team-discussion-reaction
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-team-discussion-reaction
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/reactions/{reaction_id}
 func (s *ReactionsService) DeleteTeamDiscussionReaction(ctx context.Context, org, teamSlug string, discussionNumber int, reactionID int64) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v/reactions/%v", org, teamSlug, discussionNumber, reactionID)
 
@@ -407,7 +445,9 @@ func (s *ReactionsService) DeleteTeamDiscussionReaction(ctx context.Context, org
 
 // DeleteTeamDiscussionReactionByOrgIDAndTeamID deletes the reaction to a team discussion by organization ID and team ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#create-reaction-for-a-team-discussion
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#create-reaction-for-a-team-discussion
+//
+//meta:operation POST /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/reactions
 func (s *ReactionsService) DeleteTeamDiscussionReactionByOrgIDAndTeamID(ctx context.Context, orgID, teamID, discussionNumber int, reactionID int64) (*Response, error) {
 	url := fmt.Sprintf("organizations/%v/team/%v/discussions/%v/reactions/%v", orgID, teamID, discussionNumber, reactionID)
 
@@ -416,8 +456,10 @@ func (s *ReactionsService) DeleteTeamDiscussionReactionByOrgIDAndTeamID(ctx cont
 
 // ListTeamDiscussionCommentReactions lists the reactions for a team discussion comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#list-reactions-for-a-team-discussion-comment-legacy
-func (s *ReactionsService) ListTeamDiscussionCommentReactions(ctx context.Context, teamID int64, discussionNumber, commentNumber int, opts *ListOptions) ([]*Reaction, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#list-reactions-for-a-team-discussion-comment-legacy
+//
+//meta:operation GET /teams/{team_id}/discussions/{discussion_number}/comments/{comment_number}/reactions
+func (s *ReactionsService) ListTeamDiscussionCommentReactions(ctx context.Context, teamID int64, discussionNumber, commentNumber int, opts *ListReactionOptions) ([]*Reaction, *Response, error) {
 	u := fmt.Sprintf("teams/%v/discussions/%v/comments/%v/reactions", teamID, discussionNumber, commentNumber)
 	u, err := addOptions(u, opts)
 	if err != nil {
@@ -442,11 +484,13 @@ func (s *ReactionsService) ListTeamDiscussionCommentReactions(ctx context.Contex
 // CreateTeamDiscussionCommentReaction creates a reaction for a team discussion comment.
 // The content should have one of the following values: "+1", "-1", "laugh", "confused", "heart", "hooray", "rocket", or "eyes".
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#create-reaction-for-a-team-discussion-comment-legacy
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#create-reaction-for-a-team-discussion-comment-legacy
+//
+//meta:operation POST /teams/{team_id}/discussions/{discussion_number}/comments/{comment_number}/reactions
 func (s *ReactionsService) CreateTeamDiscussionCommentReaction(ctx context.Context, teamID int64, discussionNumber, commentNumber int, content string) (*Reaction, *Response, error) {
 	u := fmt.Sprintf("teams/%v/discussions/%v/comments/%v/reactions", teamID, discussionNumber, commentNumber)
 
-	body := &Reaction{Content: String(content)}
+	body := &Reaction{Content: Ptr(content)}
 	req, err := s.client.NewRequest("POST", u, body)
 	if err != nil {
 		return nil, nil, err
@@ -465,7 +509,9 @@ func (s *ReactionsService) CreateTeamDiscussionCommentReaction(ctx context.Conte
 
 // DeleteTeamDiscussionCommentReaction deletes the reaction to a team discussion comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#delete-team-discussion-comment-reaction
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-team-discussion-comment-reaction
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}/reactions/{reaction_id}
 func (s *ReactionsService) DeleteTeamDiscussionCommentReaction(ctx context.Context, org, teamSlug string, discussionNumber, commentNumber int, reactionID int64) (*Response, error) {
 	url := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v/comments/%v/reactions/%v", org, teamSlug, discussionNumber, commentNumber, reactionID)
 
@@ -474,7 +520,9 @@ func (s *ReactionsService) DeleteTeamDiscussionCommentReaction(ctx context.Conte
 
 // DeleteTeamDiscussionCommentReactionByOrgIDAndTeamID deletes the reaction to a team discussion comment by organization ID and team ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#create-reaction-for-a-team-discussion-comment
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#create-reaction-for-a-team-discussion-comment
+//
+//meta:operation POST /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}/reactions
 func (s *ReactionsService) DeleteTeamDiscussionCommentReactionByOrgIDAndTeamID(ctx context.Context, orgID, teamID, discussionNumber, commentNumber int, reactionID int64) (*Response, error) {
 	url := fmt.Sprintf("organizations/%v/team/%v/discussions/%v/comments/%v/reactions/%v", orgID, teamID, discussionNumber, commentNumber, reactionID)
 
@@ -493,16 +541,18 @@ func (s *ReactionsService) deleteReaction(ctx context.Context, url string) (*Res
 	return s.client.Do(ctx, req, nil)
 }
 
-// Create a reaction to a release.
+// CreateReleaseReaction creates a reaction to a release.
 // Note that a response with a Status: 200 OK means that you already
 // added the reaction type to this release.
 // The content should have one of the following values: "+1", "-1", "laugh", "confused", "heart", "hooray", "rocket", or "eyes".
 //
-// GitHub API docs: https://docs.github.com/en/rest/reactions#create-reaction-for-a-release
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#create-reaction-for-a-release
+//
+//meta:operation POST /repos/{owner}/{repo}/releases/{release_id}/reactions
 func (s *ReactionsService) CreateReleaseReaction(ctx context.Context, owner, repo string, releaseID int64, content string) (*Reaction, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/releases/%v/reactions", owner, repo, releaseID)
 
-	body := &Reaction{Content: String(content)}
+	body := &Reaction{Content: Ptr(content)}
 	req, err := s.client.NewRequest("POST", u, body)
 	if err != nil {
 		return nil, nil, err
@@ -518,3 +568,54 @@ func (s *ReactionsService) CreateReleaseReaction(ctx context.Context, owner, rep
 
 	return m, resp, nil
 }
+
+// ListReleaseReactions lists the reactions for a release.
+//
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#list-reactions-for-a-release
+//
+//meta:operation GET /repos/{owner}/{repo}/releases/{release_id}/reactions
+func (s *ReactionsService) ListReleaseReactions(ctx context.Context, owner, repo string, releaseID int64, opts *ListReactionOptions) ([]*Reaction, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/releases/%v/reactions", owner, repo, releaseID)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	// TODO: remove custom Accept headers when APIs fully launch.
+	req.Header.Set("Accept", mediaTypeReactionsPreview)
+
+	var m []*Reaction
+	resp, err := s.client.Do(ctx, req, &m)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return m, resp, nil
+}
+
+// DeleteReleaseReaction deletes the reaction for a release.
+//
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-a-release-reaction
+//
+//meta:operation DELETE /repos/{owner}/{repo}/releases/{release_id}/reactions/{reaction_id}
+func (s *ReactionsService) DeleteReleaseReaction(ctx context.Context, owner, repo string, releaseID, reactionID int64) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/releases/%v/reactions/%v", owner, repo, releaseID, reactionID)
+
+	return s.deleteReaction(ctx, u)
+}
+
+// DeleteReleaseReactionByID deletes the reaction for a release by repository ID.
+//
+// GitHub API docs: https://docs.github.com/rest/reactions/reactions#delete-a-release-reaction
+//
+//meta:operation DELETE /repos/{owner}/{repo}/releases/{release_id}/reactions/{reaction_id}
+func (s *ReactionsService) DeleteReleaseReactionByID(ctx context.Context, repoID, releaseID, reactionID int64) (*Response, error) {
+	u := fmt.Sprintf("repositories/%v/releases/%v/reactions/%v", repoID, releaseID, reactionID)
+
+	return s.deleteReaction(ctx, u)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/repos.go b/vendor/github.com/google/go-github/v72/github/repos.go
similarity index 72%
rename from vendor/github.com/google/go-github/v55/github/repos.go
rename to vendor/github.com/google/go-github/v72/github/repos.go
index 83fc3f8e73..c4ef5d5987 100644
--- a/vendor/github.com/google/go-github/v55/github/repos.go
+++ b/vendor/github.com/google/go-github/v72/github/repos.go
@@ -11,6 +11,7 @@ import (
 	"errors"
 	"fmt"
 	"net/http"
+	"net/url"
 	"strings"
 )
 
@@ -21,63 +22,64 @@ var ErrBranchNotProtected = errors.New("branch is not protected")
 // RepositoriesService handles communication with the repository related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/
+// GitHub API docs: https://docs.github.com/rest/repos/
 type RepositoriesService service
 
 // Repository represents a GitHub repository.
 type Repository struct {
-	ID                        *int64          `json:"id,omitempty"`
-	NodeID                    *string         `json:"node_id,omitempty"`
-	Owner                     *User           `json:"owner,omitempty"`
-	Name                      *string         `json:"name,omitempty"`
-	FullName                  *string         `json:"full_name,omitempty"`
-	Description               *string         `json:"description,omitempty"`
-	Homepage                  *string         `json:"homepage,omitempty"`
-	CodeOfConduct             *CodeOfConduct  `json:"code_of_conduct,omitempty"`
-	DefaultBranch             *string         `json:"default_branch,omitempty"`
-	MasterBranch              *string         `json:"master_branch,omitempty"`
-	CreatedAt                 *Timestamp      `json:"created_at,omitempty"`
-	PushedAt                  *Timestamp      `json:"pushed_at,omitempty"`
-	UpdatedAt                 *Timestamp      `json:"updated_at,omitempty"`
-	HTMLURL                   *string         `json:"html_url,omitempty"`
-	CloneURL                  *string         `json:"clone_url,omitempty"`
-	GitURL                    *string         `json:"git_url,omitempty"`
-	MirrorURL                 *string         `json:"mirror_url,omitempty"`
-	SSHURL                    *string         `json:"ssh_url,omitempty"`
-	SVNURL                    *string         `json:"svn_url,omitempty"`
-	Language                  *string         `json:"language,omitempty"`
-	Fork                      *bool           `json:"fork,omitempty"`
-	ForksCount                *int            `json:"forks_count,omitempty"`
-	NetworkCount              *int            `json:"network_count,omitempty"`
-	OpenIssuesCount           *int            `json:"open_issues_count,omitempty"`
-	OpenIssues                *int            `json:"open_issues,omitempty"` // Deprecated: Replaced by OpenIssuesCount. For backward compatibility OpenIssues is still populated.
-	StargazersCount           *int            `json:"stargazers_count,omitempty"`
-	SubscribersCount          *int            `json:"subscribers_count,omitempty"`
-	WatchersCount             *int            `json:"watchers_count,omitempty"` // Deprecated: Replaced by StargazersCount. For backward compatibility WatchersCount is still populated.
-	Watchers                  *int            `json:"watchers,omitempty"`       // Deprecated: Replaced by StargazersCount. For backward compatibility Watchers is still populated.
-	Size                      *int            `json:"size,omitempty"`
-	AutoInit                  *bool           `json:"auto_init,omitempty"`
-	Parent                    *Repository     `json:"parent,omitempty"`
-	Source                    *Repository     `json:"source,omitempty"`
-	TemplateRepository        *Repository     `json:"template_repository,omitempty"`
-	Organization              *Organization   `json:"organization,omitempty"`
-	Permissions               map[string]bool `json:"permissions,omitempty"`
-	AllowRebaseMerge          *bool           `json:"allow_rebase_merge,omitempty"`
-	AllowUpdateBranch         *bool           `json:"allow_update_branch,omitempty"`
-	AllowSquashMerge          *bool           `json:"allow_squash_merge,omitempty"`
-	AllowMergeCommit          *bool           `json:"allow_merge_commit,omitempty"`
-	AllowAutoMerge            *bool           `json:"allow_auto_merge,omitempty"`
-	AllowForking              *bool           `json:"allow_forking,omitempty"`
-	WebCommitSignoffRequired  *bool           `json:"web_commit_signoff_required,omitempty"`
-	DeleteBranchOnMerge       *bool           `json:"delete_branch_on_merge,omitempty"`
-	UseSquashPRTitleAsDefault *bool           `json:"use_squash_pr_title_as_default,omitempty"`
-	SquashMergeCommitTitle    *string         `json:"squash_merge_commit_title,omitempty"`   // Can be one of: "PR_TITLE", "COMMIT_OR_PR_TITLE"
-	SquashMergeCommitMessage  *string         `json:"squash_merge_commit_message,omitempty"` // Can be one of: "PR_BODY", "COMMIT_MESSAGES", "BLANK"
-	MergeCommitTitle          *string         `json:"merge_commit_title,omitempty"`          // Can be one of: "PR_TITLE", "MERGE_MESSAGE"
-	MergeCommitMessage        *string         `json:"merge_commit_message,omitempty"`        // Can be one of: "PR_BODY", "PR_TITLE", "BLANK"
-	Topics                    []string        `json:"topics,omitempty"`
-	Archived                  *bool           `json:"archived,omitempty"`
-	Disabled                  *bool           `json:"disabled,omitempty"`
+	ID                        *int64                 `json:"id,omitempty"`
+	NodeID                    *string                `json:"node_id,omitempty"`
+	Owner                     *User                  `json:"owner,omitempty"`
+	Name                      *string                `json:"name,omitempty"`
+	FullName                  *string                `json:"full_name,omitempty"`
+	Description               *string                `json:"description,omitempty"`
+	Homepage                  *string                `json:"homepage,omitempty"`
+	CodeOfConduct             *CodeOfConduct         `json:"code_of_conduct,omitempty"`
+	DefaultBranch             *string                `json:"default_branch,omitempty"`
+	MasterBranch              *string                `json:"master_branch,omitempty"`
+	CreatedAt                 *Timestamp             `json:"created_at,omitempty"`
+	PushedAt                  *Timestamp             `json:"pushed_at,omitempty"`
+	UpdatedAt                 *Timestamp             `json:"updated_at,omitempty"`
+	HTMLURL                   *string                `json:"html_url,omitempty"`
+	CloneURL                  *string                `json:"clone_url,omitempty"`
+	GitURL                    *string                `json:"git_url,omitempty"`
+	MirrorURL                 *string                `json:"mirror_url,omitempty"`
+	SSHURL                    *string                `json:"ssh_url,omitempty"`
+	SVNURL                    *string                `json:"svn_url,omitempty"`
+	Language                  *string                `json:"language,omitempty"`
+	Fork                      *bool                  `json:"fork,omitempty"`
+	ForksCount                *int                   `json:"forks_count,omitempty"`
+	NetworkCount              *int                   `json:"network_count,omitempty"`
+	OpenIssuesCount           *int                   `json:"open_issues_count,omitempty"`
+	OpenIssues                *int                   `json:"open_issues,omitempty"` // Deprecated: Replaced by OpenIssuesCount. For backward compatibility OpenIssues is still populated.
+	StargazersCount           *int                   `json:"stargazers_count,omitempty"`
+	SubscribersCount          *int                   `json:"subscribers_count,omitempty"`
+	WatchersCount             *int                   `json:"watchers_count,omitempty"` // Deprecated: Replaced by StargazersCount. For backward compatibility WatchersCount is still populated.
+	Watchers                  *int                   `json:"watchers,omitempty"`       // Deprecated: Replaced by StargazersCount. For backward compatibility Watchers is still populated.
+	Size                      *int                   `json:"size,omitempty"`
+	AutoInit                  *bool                  `json:"auto_init,omitempty"`
+	Parent                    *Repository            `json:"parent,omitempty"`
+	Source                    *Repository            `json:"source,omitempty"`
+	TemplateRepository        *Repository            `json:"template_repository,omitempty"`
+	Organization              *Organization          `json:"organization,omitempty"`
+	Permissions               map[string]bool        `json:"permissions,omitempty"`
+	AllowRebaseMerge          *bool                  `json:"allow_rebase_merge,omitempty"`
+	AllowUpdateBranch         *bool                  `json:"allow_update_branch,omitempty"`
+	AllowSquashMerge          *bool                  `json:"allow_squash_merge,omitempty"`
+	AllowMergeCommit          *bool                  `json:"allow_merge_commit,omitempty"`
+	AllowAutoMerge            *bool                  `json:"allow_auto_merge,omitempty"`
+	AllowForking              *bool                  `json:"allow_forking,omitempty"`
+	WebCommitSignoffRequired  *bool                  `json:"web_commit_signoff_required,omitempty"`
+	DeleteBranchOnMerge       *bool                  `json:"delete_branch_on_merge,omitempty"`
+	UseSquashPRTitleAsDefault *bool                  `json:"use_squash_pr_title_as_default,omitempty"`
+	SquashMergeCommitTitle    *string                `json:"squash_merge_commit_title,omitempty"`   // Can be one of: "PR_TITLE", "COMMIT_OR_PR_TITLE"
+	SquashMergeCommitMessage  *string                `json:"squash_merge_commit_message,omitempty"` // Can be one of: "PR_BODY", "COMMIT_MESSAGES", "BLANK"
+	MergeCommitTitle          *string                `json:"merge_commit_title,omitempty"`          // Can be one of: "PR_TITLE", "MERGE_MESSAGE"
+	MergeCommitMessage        *string                `json:"merge_commit_message,omitempty"`        // Can be one of: "PR_BODY", "PR_TITLE", "BLANK"
+	Topics                    []string               `json:"topics,omitempty"`
+	CustomProperties          map[string]interface{} `json:"custom_properties,omitempty"`
+	Archived                  *bool                  `json:"archived,omitempty"`
+	Disabled                  *bool                  `json:"disabled,omitempty"`
 
 	// Only provided when using RepositoriesService.Get while in preview
 	License *License `json:"license,omitempty"`
@@ -140,7 +142,7 @@ type Repository struct {
 	TeamsURL         *string `json:"teams_url,omitempty"`
 
 	// TextMatches is only populated from search results that request text matches
-	// See: search.go and https://docs.github.com/en/rest/search/#text-match-metadata
+	// See: search.go and https://docs.github.com/rest/search/#text-match-metadata
 	TextMatches []*TextMatch `json:"text_matches,omitempty"`
 
 	// Visibility is only used for Create and Edit endpoints. The visibility field
@@ -149,7 +151,7 @@ type Repository struct {
 	Visibility *string `json:"visibility,omitempty"`
 
 	// RoleName is only returned by the API 'check team permissions for a repository'.
-	// See: teams.go (IsTeamRepoByID) https://docs.github.com/en/rest/teams/teams#check-team-permissions-for-a-repository
+	// See: teams.go (IsTeamRepoByID) https://docs.github.com/rest/teams/teams#check-team-permissions-for-a-repository
 	RoleName *string `json:"role_name,omitempty"`
 }
 
@@ -172,33 +174,19 @@ type BranchListOptions struct {
 // RepositoryListOptions specifies the optional parameters to the
 // RepositoriesService.List method.
 type RepositoryListOptions struct {
-	// Visibility of repositories to list. Can be one of all, public, or private.
-	// Default: all
+	// See RepositoryListByAuthenticatedUserOptions.Visibility
 	Visibility string `url:"visibility,omitempty"`
 
-	// List repos of given affiliation[s].
-	// Comma-separated list of values. Can include:
-	// * owner: Repositories that are owned by the authenticated user.
-	// * collaborator: Repositories that the user has been added to as a
-	//   collaborator.
-	// * organization_member: Repositories that the user has access to through
-	//   being a member of an organization. This includes every repository on
-	//   every team that the user is on.
-	// Default: owner,collaborator,organization_member
+	// See RepositoryListByAuthenticatedUserOptions.Affiliation
 	Affiliation string `url:"affiliation,omitempty"`
 
-	// Type of repositories to list.
-	// Can be one of all, owner, public, private, member. Default: all
-	// Will cause a 422 error if used in the same request as visibility or
-	// affiliation.
+	// See RepositoryListByUserOptions.Type or RepositoryListByAuthenticatedUserOptions.Type
 	Type string `url:"type,omitempty"`
 
-	// How to sort the repository list. Can be one of created, updated, pushed,
-	// full_name. Default: full_name
+	// See RepositoryListByUserOptions.Sort or RepositoryListByAuthenticatedUserOptions.Sort
 	Sort string `url:"sort,omitempty"`
 
-	// Direction in which to sort repositories. Can be one of asc or desc.
-	// Default: when using full_name: asc; otherwise desc
+	// See RepositoryListByUserOptions.Direction or RepositoryListByAuthenticatedUserOptions.Direction
 	Direction string `url:"direction,omitempty"`
 
 	ListOptions
@@ -211,6 +199,7 @@ type SecurityAndAnalysis struct {
 	SecretScanning               *SecretScanning               `json:"secret_scanning,omitempty"`
 	SecretScanningPushProtection *SecretScanningPushProtection `json:"secret_scanning_push_protection,omitempty"`
 	DependabotSecurityUpdates    *DependabotSecurityUpdates    `json:"dependabot_security_updates,omitempty"`
+	SecretScanningValidityChecks *SecretScanningValidityChecks `json:"secret_scanning_validity_checks,omitempty"`
 }
 
 func (s SecurityAndAnalysis) String() string {
@@ -219,7 +208,7 @@ func (s SecurityAndAnalysis) String() string {
 
 // AdvancedSecurity specifies the state of advanced security on a repository.
 //
-// GitHub API docs: https://docs.github.com/en/github/getting-started-with-github/learning-about-github/about-github-advanced-security
+// GitHub API docs: https://docs.github.com/github/getting-started-with-github/learning-about-github/about-github-advanced-security
 type AdvancedSecurity struct {
 	Status *string `json:"status,omitempty"`
 }
@@ -230,7 +219,7 @@ func (a AdvancedSecurity) String() string {
 
 // SecretScanning specifies the state of secret scanning on a repository.
 //
-// GitHub API docs: https://docs.github.com/en/code-security/secret-security/about-secret-scanning
+// GitHub API docs: https://docs.github.com/code-security/secret-security/about-secret-scanning
 type SecretScanning struct {
 	Status *string `json:"status,omitempty"`
 }
@@ -241,7 +230,7 @@ func (s SecretScanning) String() string {
 
 // SecretScanningPushProtection specifies the state of secret scanning push protection on a repository.
 //
-// GitHub API docs: https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-partner-patterns
+// GitHub API docs: https://docs.github.com/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-for-partner-patterns
 type SecretScanningPushProtection struct {
 	Status *string `json:"status,omitempty"`
 }
@@ -252,7 +241,7 @@ func (s SecretScanningPushProtection) String() string {
 
 // DependabotSecurityUpdates specifies the state of Dependabot security updates on a repository.
 //
-// GitHub API docs: https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates
+// GitHub API docs: https://docs.github.com/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates
 type DependabotSecurityUpdates struct {
 	Status *string `json:"status,omitempty"`
 }
@@ -261,18 +250,73 @@ func (d DependabotSecurityUpdates) String() string {
 	return Stringify(d)
 }
 
-// List the repositories for a user. Passing the empty string will list
-// repositories for the authenticated user.
+// SecretScanningValidityChecks represents the state of secret scanning validity checks on a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#list-repositories-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#list-repositories-for-a-user
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#allowing-validity-checks-for-partner-patterns-in-a-repository
+type SecretScanningValidityChecks struct {
+	Status *string `json:"status,omitempty"`
+}
+
+// List calls either RepositoriesService.ListByUser or RepositoriesService.ListByAuthenticatedUser
+// depending on whether user is empty.
+//
+// Deprecated: Use RepositoriesService.ListByUser or RepositoriesService.ListByAuthenticatedUser instead.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-repositories-for-a-user
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-repositories-for-the-authenticated-user
+//
+//meta:operation GET /user/repos
+//meta:operation GET /users/{username}/repos
 func (s *RepositoriesService) List(ctx context.Context, user string, opts *RepositoryListOptions) ([]*Repository, *Response, error) {
-	var u string
-	if user != "" {
-		u = fmt.Sprintf("users/%v/repos", user)
-	} else {
-		u = "user/repos"
+	if opts == nil {
+		opts = &RepositoryListOptions{}
 	}
+	if user != "" {
+		return s.ListByUser(ctx, user, &RepositoryListByUserOptions{
+			Type:        opts.Type,
+			Sort:        opts.Sort,
+			Direction:   opts.Direction,
+			ListOptions: opts.ListOptions,
+		})
+	}
+	return s.ListByAuthenticatedUser(ctx, &RepositoryListByAuthenticatedUserOptions{
+		Visibility:  opts.Visibility,
+		Affiliation: opts.Affiliation,
+		Type:        opts.Type,
+		Sort:        opts.Sort,
+		Direction:   opts.Direction,
+		ListOptions: opts.ListOptions,
+	})
+}
+
+// RepositoryListByUserOptions specifies the optional parameters to the
+// RepositoriesService.ListByUser method.
+type RepositoryListByUserOptions struct {
+	// Limit results to repositories of the specified type.
+	// Default: owner
+	// Can be one of: all, owner, member
+	Type string `url:"type,omitempty"`
+
+	// The property to sort the results by.
+	// Default: full_name
+	// Can be one of: created, updated, pushed, full_name
+	Sort string `url:"sort,omitempty"`
+
+	// The order to sort by.
+	// Default: asc when using full_name, otherwise desc.
+	// Can be one of: asc, desc
+	Direction string `url:"direction,omitempty"`
+
+	ListOptions
+}
+
+// ListByUser lists public repositories for the specified user.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-repositories-for-a-user
+//
+//meta:operation GET /users/{username}/repos
+func (s *RepositoriesService) ListByUser(ctx context.Context, user string, opts *RepositoryListByUserOptions) ([]*Repository, *Response, error) {
+	u := fmt.Sprintf("users/%v/repos", user)
 	u, err := addOptions(u, opts)
 	if err != nil {
 		return nil, nil, err
@@ -283,9 +327,68 @@ func (s *RepositoriesService) List(ctx context.Context, user string, opts *Repos
 		return nil, nil, err
 	}
 
-	// TODO: remove custom Accept headers when APIs fully launch.
-	acceptHeaders := []string{mediaTypeTopicsPreview, mediaTypeRepositoryVisibilityPreview}
-	req.Header.Set("Accept", strings.Join(acceptHeaders, ", "))
+	var repos []*Repository
+	resp, err := s.client.Do(ctx, req, &repos)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return repos, resp, nil
+}
+
+// RepositoryListByAuthenticatedUserOptions specifies the optional parameters to the
+// RepositoriesService.ListByAuthenticatedUser method.
+type RepositoryListByAuthenticatedUserOptions struct {
+	// Limit results to repositories with the specified visibility.
+	// Default: all
+	// Can be one of: all, public, private
+	Visibility string `url:"visibility,omitempty"`
+
+	// List repos of given affiliation[s].
+	// Comma-separated list of values. Can include:
+	// * owner: Repositories that are owned by the authenticated user.
+	// * collaborator: Repositories that the user has been added to as a
+	//   collaborator.
+	// * organization_member: Repositories that the user has access to through
+	//   being a member of an organization. This includes every repository on
+	//   every team that the user is on.
+	// Default: owner,collaborator,organization_member
+	Affiliation string `url:"affiliation,omitempty"`
+
+	// Limit results to repositories of the specified type. Will cause a 422 error if
+	// used in the same request as visibility or affiliation.
+	// Default: all
+	// Can be one of: all, owner, public, private, member
+	Type string `url:"type,omitempty"`
+
+	// The property to sort the results by.
+	// Default: full_name
+	// Can be one of: created, updated, pushed, full_name
+	Sort string `url:"sort,omitempty"`
+
+	// Direction in which to sort repositories. Can be one of asc or desc.
+	// Default: when using full_name: asc; otherwise desc
+	Direction string `url:"direction,omitempty"`
+
+	ListOptions
+}
+
+// ListByAuthenticatedUser lists repositories for the authenticated user.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-repositories-for-the-authenticated-user
+//
+//meta:operation GET /user/repos
+func (s *RepositoriesService) ListByAuthenticatedUser(ctx context.Context, opts *RepositoryListByAuthenticatedUserOptions) ([]*Repository, *Response, error) {
+	u := "user/repos"
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
 
 	var repos []*Repository
 	resp, err := s.client.Do(ctx, req, &repos)
@@ -316,7 +419,9 @@ type RepositoryListByOrgOptions struct {
 
 // ListByOrg lists the repositories for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#list-organization-repositories
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-organization-repositories
+//
+//meta:operation GET /orgs/{org}/repos
 func (s *RepositoriesService) ListByOrg(ctx context.Context, org string, opts *RepositoryListByOrgOptions) ([]*Repository, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/repos", org)
 	u, err := addOptions(u, opts)
@@ -351,7 +456,9 @@ type RepositoryListAllOptions struct {
 
 // ListAll lists all GitHub repositories in the order that they were created.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#list-public-repositories
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-public-repositories
+//
+//meta:operation GET /repositories
 func (s *RepositoriesService) ListAll(ctx context.Context, opts *RepositoryListAllOptions) ([]*Repository, *Response, error) {
 	u, err := addOptions("repositories", opts)
 	if err != nil {
@@ -423,8 +530,11 @@ type createRepoRequest struct {
 // changes propagate throughout its servers. You may set up a loop with
 // exponential back-off to verify repository's creation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#create-a-repository-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#create-an-organization-repository
+// GitHub API docs: https://docs.github.com/rest/repos/repos#create-a-repository-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/repos/repos#create-an-organization-repository
+//
+//meta:operation POST /orgs/{org}/repos
+//meta:operation POST /user/repos
 func (s *RepositoriesService) Create(ctx context.Context, org string, repo *Repository) (*Repository, *Response, error) {
 	var u string
 	if org != "" {
@@ -491,7 +601,9 @@ type TemplateRepoRequest struct {
 
 // CreateFromTemplate generates a repository from a template.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#create-a-repository-using-a-template
+// GitHub API docs: https://docs.github.com/rest/repos/repos#create-a-repository-using-a-template
+//
+//meta:operation POST /repos/{template_owner}/{template_repo}/generate
 func (s *RepositoriesService) CreateFromTemplate(ctx context.Context, templateOwner, templateRepo string, templateRepoReq *TemplateRepoRequest) (*Repository, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/generate", templateOwner, templateRepo)
 
@@ -512,7 +624,9 @@ func (s *RepositoriesService) CreateFromTemplate(ctx context.Context, templateOw
 
 // Get fetches a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#get-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/repos#get-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}
 func (s *RepositoriesService) Get(ctx context.Context, owner, repo string) (*Repository, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -521,7 +635,7 @@ func (s *RepositoriesService) Get(ctx context.Context, owner, repo string) (*Rep
 	}
 
 	// TODO: remove custom Accept header when the license support fully launches
-	// https://docs.github.com/en/rest/licenses/#get-a-repositorys-license
+	// https://docs.github.com/rest/licenses/#get-a-repositorys-license
 	acceptHeaders := []string{
 		mediaTypeCodesOfConductPreview,
 		mediaTypeTopicsPreview,
@@ -540,10 +654,12 @@ func (s *RepositoriesService) Get(ctx context.Context, owner, repo string) (*Rep
 }
 
 // GetCodeOfConduct gets the contents of a repository's code of conduct.
-// Note that https://docs.github.com/en/rest/codes-of-conduct#about-the-codes-of-conduct-api
+// Note that https://docs.github.com/rest/codes-of-conduct#about-the-codes-of-conduct-api
 // says to use the GET /repos/{owner}/{repo} endpoint.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#update-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/repos#get-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}
 func (s *RepositoriesService) GetCodeOfConduct(ctx context.Context, owner, repo string) (*CodeOfConduct, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -565,7 +681,9 @@ func (s *RepositoriesService) GetCodeOfConduct(ctx context.Context, owner, repo
 
 // GetByID fetches a repository.
 //
-// Note: GetByID uses the undocumented GitHub API endpoint /repositories/:id.
+// Note: GetByID uses the undocumented GitHub API endpoint "GET /repositories/{repository_id}".
+//
+//meta:operation GET /repositories/{repository_id}
 func (s *RepositoriesService) GetByID(ctx context.Context, id int64) (*Repository, *Response, error) {
 	u := fmt.Sprintf("repositories/%d", id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -584,7 +702,9 @@ func (s *RepositoriesService) GetByID(ctx context.Context, id int64) (*Repositor
 
 // Edit updates a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#update-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/repos#update-a-repository
+//
+//meta:operation PATCH /repos/{owner}/{repo}
 func (s *RepositoriesService) Edit(ctx context.Context, owner, repo string, repository *Repository) (*Repository, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v", owner, repo)
 	req, err := s.client.NewRequest("PATCH", u, repository)
@@ -605,7 +725,9 @@ func (s *RepositoriesService) Edit(ctx context.Context, owner, repo string, repo
 
 // Delete a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#delete-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/repos#delete-a-repository
+//
+//meta:operation DELETE /repos/{owner}/{repo}
 func (s *RepositoriesService) Delete(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v", owner, repo)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -616,7 +738,7 @@ func (s *RepositoriesService) Delete(ctx context.Context, owner, repo string) (*
 	return s.client.Do(ctx, req, nil)
 }
 
-// Contributor represents a repository contributor
+// Contributor represents a repository contributor.
 type Contributor struct {
 	Login             *string `json:"login,omitempty"`
 	ID                *int64  `json:"id,omitempty"`
@@ -652,7 +774,9 @@ type ListContributorsOptions struct {
 
 // GetVulnerabilityAlerts checks if vulnerability alerts are enabled for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#check-if-vulnerability-alerts-are-enabled-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/repos#check-if-vulnerability-alerts-are-enabled-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/vulnerability-alerts
 func (s *RepositoriesService) GetVulnerabilityAlerts(ctx context.Context, owner, repository string) (bool, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/vulnerability-alerts", owner, repository)
 
@@ -671,7 +795,9 @@ func (s *RepositoriesService) GetVulnerabilityAlerts(ctx context.Context, owner,
 
 // EnableVulnerabilityAlerts enables vulnerability alerts and the dependency graph for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#enable-vulnerability-alerts
+// GitHub API docs: https://docs.github.com/rest/repos/repos#enable-vulnerability-alerts
+//
+//meta:operation PUT /repos/{owner}/{repo}/vulnerability-alerts
 func (s *RepositoriesService) EnableVulnerabilityAlerts(ctx context.Context, owner, repository string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/vulnerability-alerts", owner, repository)
 
@@ -688,7 +814,9 @@ func (s *RepositoriesService) EnableVulnerabilityAlerts(ctx context.Context, own
 
 // DisableVulnerabilityAlerts disables vulnerability alerts and the dependency graph for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#disable-vulnerability-alerts
+// GitHub API docs: https://docs.github.com/rest/repos/repos#disable-vulnerability-alerts
+//
+//meta:operation DELETE /repos/{owner}/{repo}/vulnerability-alerts
 func (s *RepositoriesService) DisableVulnerabilityAlerts(ctx context.Context, owner, repository string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/vulnerability-alerts", owner, repository)
 
@@ -705,7 +833,9 @@ func (s *RepositoriesService) DisableVulnerabilityAlerts(ctx context.Context, ow
 
 // GetAutomatedSecurityFixes checks if the automated security fixes for a repository are enabled.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos?apiVersion=2022-11-28#check-if-automated-security-fixes-are-enabled-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/repos#check-if-dependabot-security-updates-are-enabled-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/automated-security-fixes
 func (s *RepositoriesService) GetAutomatedSecurityFixes(ctx context.Context, owner, repository string) (*AutomatedSecurityFixes, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/automated-security-fixes", owner, repository)
 
@@ -724,7 +854,9 @@ func (s *RepositoriesService) GetAutomatedSecurityFixes(ctx context.Context, own
 
 // EnableAutomatedSecurityFixes enables the automated security fixes for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#enable-automated-security-fixes
+// GitHub API docs: https://docs.github.com/rest/repos/repos#enable-dependabot-security-updates
+//
+//meta:operation PUT /repos/{owner}/{repo}/automated-security-fixes
 func (s *RepositoriesService) EnableAutomatedSecurityFixes(ctx context.Context, owner, repository string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/automated-security-fixes", owner, repository)
 
@@ -738,7 +870,9 @@ func (s *RepositoriesService) EnableAutomatedSecurityFixes(ctx context.Context,
 
 // DisableAutomatedSecurityFixes disables vulnerability alerts and the dependency graph for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#disable-automated-security-fixes
+// GitHub API docs: https://docs.github.com/rest/repos/repos#disable-dependabot-security-updates
+//
+//meta:operation DELETE /repos/{owner}/{repo}/automated-security-fixes
 func (s *RepositoriesService) DisableAutomatedSecurityFixes(ctx context.Context, owner, repository string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/automated-security-fixes", owner, repository)
 
@@ -752,7 +886,9 @@ func (s *RepositoriesService) DisableAutomatedSecurityFixes(ctx context.Context,
 
 // ListContributors lists contributors for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#list-repository-contributors
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-repository-contributors
+//
+//meta:operation GET /repos/{owner}/{repo}/contributors
 func (s *RepositoriesService) ListContributors(ctx context.Context, owner string, repository string, opts *ListContributorsOptions) ([]*Contributor, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/contributors", owner, repository)
 	u, err := addOptions(u, opts)
@@ -783,7 +919,9 @@ func (s *RepositoriesService) ListContributors(ctx context.Context, owner string
 //	  "Python": 7769
 //	}
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#list-repository-languages
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-repository-languages
+//
+//meta:operation GET /repos/{owner}/{repo}/languages
 func (s *RepositoriesService) ListLanguages(ctx context.Context, owner string, repo string) (map[string]int, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/languages", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -802,7 +940,9 @@ func (s *RepositoriesService) ListLanguages(ctx context.Context, owner string, r
 
 // ListTeams lists the teams for the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#list-repository-teams
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-repository-teams
+//
+//meta:operation GET /repos/{owner}/{repo}/teams
 func (s *RepositoriesService) ListTeams(ctx context.Context, owner string, repo string, opts *ListOptions) ([]*Team, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/teams", owner, repo)
 	u, err := addOptions(u, opts)
@@ -834,7 +974,9 @@ type RepositoryTag struct {
 
 // ListTags lists tags for the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#list-repository-tags
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-repository-tags
+//
+//meta:operation GET /repos/{owner}/{repo}/tags
 func (s *RepositoriesService) ListTags(ctx context.Context, owner string, repo string, opts *ListOptions) ([]*RepositoryTag, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/tags", owner, repo)
 	u, err := addOptions(u, opts)
@@ -856,11 +998,19 @@ func (s *RepositoriesService) ListTags(ctx context.Context, owner string, repo s
 	return tags, resp, nil
 }
 
-// Branch represents a repository branch
+// Branch represents a repository branch.
 type Branch struct {
 	Name      *string           `json:"name,omitempty"`
 	Commit    *RepositoryCommit `json:"commit,omitempty"`
 	Protected *bool             `json:"protected,omitempty"`
+
+	// Protection will always be included in APIs which return the
+	// 'Branch With Protection' schema such as 'Get a branch', but may
+	// not be included in APIs that return the `Short Branch` schema
+	// such as 'List branches'. In such cases, if branch protection is
+	// enabled, Protected will be `true` but this will be nil, and
+	// additional protection details can be obtained by calling GetBranch().
+	Protection *Protection `json:"protection,omitempty"`
 }
 
 // Protection represents a repository branch's protection.
@@ -1049,20 +1199,20 @@ type RequiredStatusChecks struct {
 	// Require branches to be up to date before merging. (Required.)
 	Strict bool `json:"strict"`
 	// The list of status checks to require in order to merge into this
-	// branch. (Deprecated. Note: only one of Contexts/Checks can be populated,
-	// but at least one must be populated).
-	Contexts []string `json:"contexts,omitempty"`
+	// branch. An empty slice is valid. (Deprecated. Note: only one of
+	// Contexts/Checks can be populated, but at least one must be populated).
+	Contexts *[]string `json:"contexts,omitempty"`
 	// The list of status checks to require in order to merge into this
-	// branch.
-	Checks      []*RequiredStatusCheck `json:"checks"`
-	ContextsURL *string                `json:"contexts_url,omitempty"`
-	URL         *string                `json:"url,omitempty"`
+	// branch. An empty slice is valid.
+	Checks      *[]*RequiredStatusCheck `json:"checks,omitempty"`
+	ContextsURL *string                 `json:"contexts_url,omitempty"`
+	URL         *string                 `json:"url,omitempty"`
 }
 
 // RequiredStatusChecksRequest represents a request to edit a protected branch's status checks.
 type RequiredStatusChecksRequest struct {
 	Strict *bool `json:"strict,omitempty"`
-	// Note: if both Contexts and Checks are populated,
+	// Deprecated. Note: if both Contexts and Checks are populated,
 	// the GitHub API will only use Checks.
 	Contexts []string               `json:"contexts,omitempty"`
 	Checks   []*RequiredStatusCheck `json:"checks,omitempty"`
@@ -1152,7 +1302,8 @@ type AllowForcePushes struct {
 	Enabled bool `json:"enabled"`
 }
 
-// RequiredConversationResolution, if enabled, requires all comments on the pull request to be resolved before it can be merged to a protected branch.
+// RequiredConversationResolution requires all comments on the pull request to be resolved before it can be
+// merged to a protected branch when enabled.
 type RequiredConversationResolution struct {
 	Enabled bool `json:"enabled"`
 }
@@ -1212,7 +1363,7 @@ type BypassPullRequestAllowancesRequest struct {
 
 // DismissalRestrictions specifies which users and teams can dismiss pull request reviews.
 type DismissalRestrictions struct {
-	// The list of users who can dimiss pull request reviews.
+	// The list of users who can dismiss pull request reviews.
 	Users []*User `json:"users"`
 	// The list of teams which can dismiss pull request reviews.
 	Teams []*Team `json:"teams"`
@@ -1221,7 +1372,7 @@ type DismissalRestrictions struct {
 }
 
 // DismissalRestrictionsRequest represents the request to create/edit the
-// restriction to allows only specific users, teams or apps to dimiss pull request reviews. It is
+// restriction to allows only specific users, teams or apps to dismiss pull request reviews. It is
 // separate from DismissalRestrictions above because the request structure is
 // different from the response structure.
 // Note: Both Users and Teams must be nil, or both must be non-nil.
@@ -1249,7 +1400,9 @@ type AutomatedSecurityFixes struct {
 
 // ListBranches lists branches for the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branches#list-branches
+// GitHub API docs: https://docs.github.com/rest/branches/branches#list-branches
+//
+//meta:operation GET /repos/{owner}/{repo}/branches
 func (s *RepositoriesService) ListBranches(ctx context.Context, owner string, repo string, opts *BranchListOptions) ([]*Branch, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/branches", owner, repo)
 	u, err := addOptions(u, opts)
@@ -1273,11 +1426,15 @@ func (s *RepositoriesService) ListBranches(ctx context.Context, owner string, re
 
 // GetBranch gets the specified branch for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branches#get-a-branch
-func (s *RepositoriesService) GetBranch(ctx context.Context, owner, repo, branch string, followRedirects bool) (*Branch, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v", owner, repo, branch)
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branches#get-a-branch
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}
+func (s *RepositoriesService) GetBranch(ctx context.Context, owner, repo, branch string, maxRedirects int) (*Branch, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/branches/%v", owner, repo, url.PathEscape(branch))
 
-	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, followRedirects)
+	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, maxRedirects)
 	if err != nil {
 		return nil, nil, err
 	}
@@ -1302,9 +1459,13 @@ type renameBranchRequest struct {
 // To rename a non-default branch: Users must have push access. GitHub Apps must have the `contents:write` repository permission.
 // To rename the default branch: Users must have admin or owner permissions. GitHub Apps must have the `administration:write` repository permission.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branches#rename-a-branch
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branches#rename-a-branch
+//
+//meta:operation POST /repos/{owner}/{repo}/branches/{branch}/rename
 func (s *RepositoriesService) RenameBranch(ctx context.Context, owner, repo, branch, newName string) (*Branch, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/rename", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/rename", owner, repo, url.PathEscape(branch))
 	r := &renameBranchRequest{NewName: newName}
 	req, err := s.client.NewRequest("POST", u, r)
 	if err != nil {
@@ -1322,9 +1483,13 @@ func (s *RepositoriesService) RenameBranch(ctx context.Context, owner, repo, bra
 
 // GetBranchProtection gets the protection of a given branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-branch-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#get-branch-protection
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}/protection
 func (s *RepositoriesService) GetBranchProtection(ctx context.Context, owner, repo, branch string) (*Protection, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1347,9 +1512,13 @@ func (s *RepositoriesService) GetBranchProtection(ctx context.Context, owner, re
 
 // GetRequiredStatusChecks gets the required status checks for a given protected branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-status-checks-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#get-status-checks-protection
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks
 func (s *RepositoriesService) GetRequiredStatusChecks(ctx context.Context, owner, repo, branch string) (*RequiredStatusChecks, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_status_checks", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_status_checks", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1369,9 +1538,13 @@ func (s *RepositoriesService) GetRequiredStatusChecks(ctx context.Context, owner
 
 // ListRequiredStatusChecksContexts lists the required status checks contexts for a given protected branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-all-status-check-contexts
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#get-all-status-check-contexts
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks/contexts
 func (s *RepositoriesService) ListRequiredStatusChecksContexts(ctx context.Context, owner, repo, branch string) (contexts []string, resp *Response, err error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_status_checks/contexts", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_status_checks/contexts", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1390,9 +1563,13 @@ func (s *RepositoriesService) ListRequiredStatusChecksContexts(ctx context.Conte
 
 // UpdateBranchProtection updates the protection of a given branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#update-branch-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#update-branch-protection
+//
+//meta:operation PUT /repos/{owner}/{repo}/branches/{branch}/protection
 func (s *RepositoriesService) UpdateBranchProtection(ctx context.Context, owner, repo, branch string, preq *ProtectionRequest) (*Protection, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("PUT", u, preq)
 	if err != nil {
 		return nil, nil, err
@@ -1412,9 +1589,13 @@ func (s *RepositoriesService) UpdateBranchProtection(ctx context.Context, owner,
 
 // RemoveBranchProtection removes the protection of a given branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#delete-branch-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#delete-branch-protection
+//
+//meta:operation DELETE /repos/{owner}/{repo}/branches/{branch}/protection
 func (s *RepositoriesService) RemoveBranchProtection(ctx context.Context, owner, repo, branch string) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("DELETE", u, nil)
 	if err != nil {
 		return nil, err
@@ -1425,9 +1606,13 @@ func (s *RepositoriesService) RemoveBranchProtection(ctx context.Context, owner,
 
 // GetSignaturesProtectedBranch gets required signatures of protected branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-commit-signature-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#get-commit-signature-protection
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures
 func (s *RepositoriesService) GetSignaturesProtectedBranch(ctx context.Context, owner, repo, branch string) (*SignaturesProtectedBranch, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_signatures", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_signatures", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1448,9 +1633,13 @@ func (s *RepositoriesService) GetSignaturesProtectedBranch(ctx context.Context,
 // RequireSignaturesOnProtectedBranch makes signed commits required on a protected branch.
 // It requires admin access and branch protection to be enabled.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#create-commit-signature-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#create-commit-signature-protection
+//
+//meta:operation POST /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures
 func (s *RepositoriesService) RequireSignaturesOnProtectedBranch(ctx context.Context, owner, repo, branch string) (*SignaturesProtectedBranch, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_signatures", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_signatures", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("POST", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1470,9 +1659,13 @@ func (s *RepositoriesService) RequireSignaturesOnProtectedBranch(ctx context.Con
 
 // OptionalSignaturesOnProtectedBranch removes required signed commits on a given branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#delete-commit-signature-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#delete-commit-signature-protection
+//
+//meta:operation DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_signatures
 func (s *RepositoriesService) OptionalSignaturesOnProtectedBranch(ctx context.Context, owner, repo, branch string) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_signatures", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_signatures", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("DELETE", u, nil)
 	if err != nil {
 		return nil, err
@@ -1486,9 +1679,13 @@ func (s *RepositoriesService) OptionalSignaturesOnProtectedBranch(ctx context.Co
 
 // UpdateRequiredStatusChecks updates the required status checks for a given protected branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#update-status-check-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#update-status-check-protection
+//
+//meta:operation PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks
 func (s *RepositoriesService) UpdateRequiredStatusChecks(ctx context.Context, owner, repo, branch string, sreq *RequiredStatusChecksRequest) (*RequiredStatusChecks, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_status_checks", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_status_checks", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("PATCH", u, sreq)
 	if err != nil {
 		return nil, nil, err
@@ -1505,9 +1702,13 @@ func (s *RepositoriesService) UpdateRequiredStatusChecks(ctx context.Context, ow
 
 // RemoveRequiredStatusChecks removes the required status checks for a given protected branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#remove-status-check-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#remove-status-check-protection
+//
+//meta:operation DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_status_checks
 func (s *RepositoriesService) RemoveRequiredStatusChecks(ctx context.Context, owner, repo, branch string) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_status_checks", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_status_checks", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("DELETE", u, nil)
 	if err != nil {
 		return nil, err
@@ -1518,7 +1719,9 @@ func (s *RepositoriesService) RemoveRequiredStatusChecks(ctx context.Context, ow
 
 // License gets the contents of a repository's license if one is detected.
 //
-// GitHub API docs: https://docs.github.com/en/rest/licenses#get-the-license-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/licenses/licenses#get-the-license-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/license
 func (s *RepositoriesService) License(ctx context.Context, owner, repo string) (*RepositoryLicense, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/license", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -1537,9 +1740,13 @@ func (s *RepositoriesService) License(ctx context.Context, owner, repo string) (
 
 // GetPullRequestReviewEnforcement gets pull request review enforcement of a protected branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-pull-request-review-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#get-pull-request-review-protection
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews
 func (s *RepositoriesService) GetPullRequestReviewEnforcement(ctx context.Context, owner, repo, branch string) (*PullRequestReviewsEnforcement, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_pull_request_reviews", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_pull_request_reviews", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1560,9 +1767,13 @@ func (s *RepositoriesService) GetPullRequestReviewEnforcement(ctx context.Contex
 // UpdatePullRequestReviewEnforcement patches pull request review enforcement of a protected branch.
 // It requires admin access and branch protection to be enabled.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#update-pull-request-review-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#update-pull-request-review-protection
+//
+//meta:operation PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews
 func (s *RepositoriesService) UpdatePullRequestReviewEnforcement(ctx context.Context, owner, repo, branch string, patch *PullRequestReviewsEnforcementUpdate) (*PullRequestReviewsEnforcement, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_pull_request_reviews", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_pull_request_reviews", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("PATCH", u, patch)
 	if err != nil {
 		return nil, nil, err
@@ -1583,9 +1794,13 @@ func (s *RepositoriesService) UpdatePullRequestReviewEnforcement(ctx context.Con
 // DisableDismissalRestrictions disables dismissal restrictions of a protected branch.
 // It requires admin access and branch protection to be enabled.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#update-pull-request-review-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#update-pull-request-review-protection
+//
+//meta:operation PATCH /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews
 func (s *RepositoriesService) DisableDismissalRestrictions(ctx context.Context, owner, repo, branch string) (*PullRequestReviewsEnforcement, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_pull_request_reviews", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_pull_request_reviews", owner, repo, url.PathEscape(branch))
 
 	data := new(struct {
 		DismissalRestrictionsRequest `json:"dismissal_restrictions"`
@@ -1610,9 +1825,13 @@ func (s *RepositoriesService) DisableDismissalRestrictions(ctx context.Context,
 
 // RemovePullRequestReviewEnforcement removes pull request enforcement of a protected branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#delete-pull-request-review-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#delete-pull-request-review-protection
+//
+//meta:operation DELETE /repos/{owner}/{repo}/branches/{branch}/protection/required_pull_request_reviews
 func (s *RepositoriesService) RemovePullRequestReviewEnforcement(ctx context.Context, owner, repo, branch string) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_pull_request_reviews", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/required_pull_request_reviews", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("DELETE", u, nil)
 	if err != nil {
 		return nil, err
@@ -1623,9 +1842,13 @@ func (s *RepositoriesService) RemovePullRequestReviewEnforcement(ctx context.Con
 
 // GetAdminEnforcement gets admin enforcement information of a protected branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-admin-branch-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#get-admin-branch-protection
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins
 func (s *RepositoriesService) GetAdminEnforcement(ctx context.Context, owner, repo, branch string) (*AdminEnforcement, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/enforce_admins", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/enforce_admins", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1643,9 +1866,13 @@ func (s *RepositoriesService) GetAdminEnforcement(ctx context.Context, owner, re
 // AddAdminEnforcement adds admin enforcement to a protected branch.
 // It requires admin access and branch protection to be enabled.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#set-admin-branch-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#set-admin-branch-protection
+//
+//meta:operation POST /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins
 func (s *RepositoriesService) AddAdminEnforcement(ctx context.Context, owner, repo, branch string) (*AdminEnforcement, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/enforce_admins", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/enforce_admins", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("POST", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1662,9 +1889,13 @@ func (s *RepositoriesService) AddAdminEnforcement(ctx context.Context, owner, re
 
 // RemoveAdminEnforcement removes admin enforcement from a protected branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#delete-admin-branch-protection
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#delete-admin-branch-protection
+//
+//meta:operation DELETE /repos/{owner}/{repo}/branches/{branch}/protection/enforce_admins
 func (s *RepositoriesService) RemoveAdminEnforcement(ctx context.Context, owner, repo, branch string) (*Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/enforce_admins", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/enforce_admins", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("DELETE", u, nil)
 	if err != nil {
 		return nil, err
@@ -1680,7 +1911,9 @@ type repositoryTopics struct {
 
 // ListAllTopics lists topics for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#get-all-repository-topics
+// GitHub API docs: https://docs.github.com/rest/repos/repos#get-all-repository-topics
+//
+//meta:operation GET /repos/{owner}/{repo}/topics
 func (s *RepositoriesService) ListAllTopics(ctx context.Context, owner, repo string) ([]string, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/topics", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -1702,7 +1935,9 @@ func (s *RepositoriesService) ListAllTopics(ctx context.Context, owner, repo str
 
 // ReplaceAllTopics replaces all repository topics.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#replace-all-repository-topics
+// GitHub API docs: https://docs.github.com/rest/repos/repos#replace-all-repository-topics
+//
+//meta:operation PUT /repos/{owner}/{repo}/topics
 func (s *RepositoriesService) ReplaceAllTopics(ctx context.Context, owner, repo string, topics []string) ([]string, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/topics", owner, repo)
 	t := &repositoryTopics{
@@ -1731,11 +1966,15 @@ func (s *RepositoriesService) ReplaceAllTopics(ctx context.Context, owner, repo
 // ListApps lists the GitHub apps that have push access to a given protected branch.
 // It requires the GitHub apps to have `write` access to the `content` permission.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-apps-with-access-to-the-protected-branch
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
 //
 // Deprecated: Please use ListAppRestrictions instead.
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#get-apps-with-access-to-the-protected-branch
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
 func (s *RepositoriesService) ListApps(ctx context.Context, owner, repo, branch string) ([]*App, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1753,9 +1992,11 @@ func (s *RepositoriesService) ListApps(ctx context.Context, owner, repo, branch
 // ListAppRestrictions lists the GitHub apps that have push access to a given protected branch.
 // It requires the GitHub apps to have `write` access to the `content` permission.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-apps-with-access-to-the-protected-branch
-//
 // Note: This is a wrapper around ListApps so a naming convention with ListUserRestrictions and ListTeamRestrictions is preserved.
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#get-apps-with-access-to-the-protected-branch
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
 func (s *RepositoriesService) ListAppRestrictions(ctx context.Context, owner, repo, branch string) ([]*App, *Response, error) {
 	return s.ListApps(ctx, owner, repo, branch)
 }
@@ -1766,9 +2007,13 @@ func (s *RepositoriesService) ListAppRestrictions(ctx context.Context, owner, re
 //
 // Note: The list of users, apps, and teams in total is limited to 100 items.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#set-app-access-restrictions
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#set-app-access-restrictions
+//
+//meta:operation PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
 func (s *RepositoriesService) ReplaceAppRestrictions(ctx context.Context, owner, repo, branch string, apps []string) ([]*App, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("PUT", u, apps)
 	if err != nil {
 		return nil, nil, err
@@ -1788,9 +2033,13 @@ func (s *RepositoriesService) ReplaceAppRestrictions(ctx context.Context, owner,
 //
 // Note: The list of users, apps, and teams in total is limited to 100 items.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#add-app-access-restrictions
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#add-app-access-restrictions
+//
+//meta:operation POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
 func (s *RepositoriesService) AddAppRestrictions(ctx context.Context, owner, repo, branch string, apps []string) ([]*App, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("POST", u, apps)
 	if err != nil {
 		return nil, nil, err
@@ -1810,9 +2059,13 @@ func (s *RepositoriesService) AddAppRestrictions(ctx context.Context, owner, rep
 //
 // Note: The list of users, apps, and teams in total is limited to 100 items.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#remove-app-access-restrictions
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#remove-app-access-restrictions
+//
+//meta:operation DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/apps
 func (s *RepositoriesService) RemoveAppRestrictions(ctx context.Context, owner, repo, branch string, apps []string) ([]*App, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/apps", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("DELETE", u, apps)
 	if err != nil {
 		return nil, nil, err
@@ -1830,9 +2083,13 @@ func (s *RepositoriesService) RemoveAppRestrictions(ctx context.Context, owner,
 // ListTeamRestrictions lists the GitHub teams that have push access to a given protected branch.
 // It requires the GitHub teams to have `write` access to the `content` permission.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-teams-with-access-to-the-protected-branch
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#get-teams-with-access-to-the-protected-branch
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams
 func (s *RepositoriesService) ListTeamRestrictions(ctx context.Context, owner, repo, branch string) ([]*Team, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1853,9 +2110,13 @@ func (s *RepositoriesService) ListTeamRestrictions(ctx context.Context, owner, r
 //
 // Note: The list of users, apps, and teams in total is limited to 100 items.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#set-team-access-restrictions
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#set-team-access-restrictions
+//
+//meta:operation PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams
 func (s *RepositoriesService) ReplaceTeamRestrictions(ctx context.Context, owner, repo, branch string, teams []string) ([]*Team, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("PUT", u, teams)
 	if err != nil {
 		return nil, nil, err
@@ -1875,9 +2136,13 @@ func (s *RepositoriesService) ReplaceTeamRestrictions(ctx context.Context, owner
 //
 // Note: The list of users, apps, and teams in total is limited to 100 items.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#add-team-access-restrictions
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#add-team-access-restrictions
+//
+//meta:operation POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams
 func (s *RepositoriesService) AddTeamRestrictions(ctx context.Context, owner, repo, branch string, teams []string) ([]*Team, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("POST", u, teams)
 	if err != nil {
 		return nil, nil, err
@@ -1897,9 +2162,13 @@ func (s *RepositoriesService) AddTeamRestrictions(ctx context.Context, owner, re
 //
 // Note: The list of users, apps, and teams in total is limited to 100 items.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#remove-team-access-restrictions
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#remove-team-access-restrictions
+//
+//meta:operation DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/teams
 func (s *RepositoriesService) RemoveTeamRestrictions(ctx context.Context, owner, repo, branch string, teams []string) ([]*Team, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/teams", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("DELETE", u, teams)
 	if err != nil {
 		return nil, nil, err
@@ -1917,9 +2186,13 @@ func (s *RepositoriesService) RemoveTeamRestrictions(ctx context.Context, owner,
 // ListUserRestrictions lists the GitHub users that have push access to a given protected branch.
 // It requires the GitHub users to have `write` access to the `content` permission.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#get-users-with-access-to-the-protected-branch
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#get-users-with-access-to-the-protected-branch
+//
+//meta:operation GET /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users
 func (s *RepositoriesService) ListUserRestrictions(ctx context.Context, owner, repo, branch string) ([]*User, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
@@ -1940,9 +2213,13 @@ func (s *RepositoriesService) ListUserRestrictions(ctx context.Context, owner, r
 //
 // Note: The list of users, apps, and teams in total is limited to 100 items.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#set-team-access-restrictions
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#set-user-access-restrictions
+//
+//meta:operation PUT /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users
 func (s *RepositoriesService) ReplaceUserRestrictions(ctx context.Context, owner, repo, branch string, users []string) ([]*User, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("PUT", u, users)
 	if err != nil {
 		return nil, nil, err
@@ -1962,9 +2239,13 @@ func (s *RepositoriesService) ReplaceUserRestrictions(ctx context.Context, owner
 //
 // Note: The list of users, apps, and teams in total is limited to 100 items.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#add-team-access-restrictions
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#add-user-access-restrictions
+//
+//meta:operation POST /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users
 func (s *RepositoriesService) AddUserRestrictions(ctx context.Context, owner, repo, branch string, users []string) ([]*User, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("POST", u, users)
 	if err != nil {
 		return nil, nil, err
@@ -1984,9 +2265,13 @@ func (s *RepositoriesService) AddUserRestrictions(ctx context.Context, owner, re
 //
 // Note: The list of users, apps, and teams in total is limited to 100 items.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branch-protection#remove-team-access-restrictions
+// Note: the branch name is URL path escaped for you. See: https://pkg.go.dev/net/url#PathEscape .
+//
+// GitHub API docs: https://docs.github.com/rest/branches/branch-protection#remove-user-access-restrictions
+//
+//meta:operation DELETE /repos/{owner}/{repo}/branches/{branch}/protection/restrictions/users
 func (s *RepositoriesService) RemoveUserRestrictions(ctx context.Context, owner, repo, branch string, users []string) ([]*User, *Response, error) {
-	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, branch)
+	u := fmt.Sprintf("repos/%v/%v/branches/%v/protection/restrictions/users", owner, repo, url.PathEscape(branch))
 	req, err := s.client.NewRequest("DELETE", u, users)
 	if err != nil {
 		return nil, nil, err
@@ -2016,7 +2301,9 @@ type TransferRequest struct {
 // A follow up request, after a delay of a second or so, should result
 // in a successful request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#transfer-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/repos#transfer-a-repository
+//
+//meta:operation POST /repos/{owner}/{repo}/transfer
 func (s *RepositoriesService) Transfer(ctx context.Context, owner, repo string, transfer TransferRequest) (*Repository, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/transfer", owner, repo)
 
@@ -2045,7 +2332,9 @@ type DispatchRequestOptions struct {
 
 // Dispatch triggers a repository_dispatch event in a GitHub Actions workflow.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#create-a-repository-dispatch-event
+// GitHub API docs: https://docs.github.com/rest/repos/repos#create-a-repository-dispatch-event
+//
+//meta:operation POST /repos/{owner}/{repo}/dispatches
 func (s *RepositoriesService) Dispatch(ctx context.Context, owner, repo string, opts DispatchRequestOptions) (*Repository, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/dispatches", owner, repo)
 
@@ -2073,7 +2362,9 @@ func isBranchNotProtected(err error) bool {
 // EnablePrivateReporting enables private reporting of vulnerabilities for a
 // repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#enable-private-vulnerability-reporting-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/repos#enable-private-vulnerability-reporting-for-a-repository
+//
+//meta:operation PUT /repos/{owner}/{repo}/private-vulnerability-reporting
 func (s *RepositoriesService) EnablePrivateReporting(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/private-vulnerability-reporting", owner, repo)
 
@@ -2093,7 +2384,9 @@ func (s *RepositoriesService) EnablePrivateReporting(ctx context.Context, owner,
 // DisablePrivateReporting disables private reporting of vulnerabilities for a
 // repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#disable-private-vulnerability-reporting-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/repos#disable-private-vulnerability-reporting-for-a-repository
+//
+//meta:operation DELETE /repos/{owner}/{repo}/private-vulnerability-reporting
 func (s *RepositoriesService) DisablePrivateReporting(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/private-vulnerability-reporting", owner, repo)
 
@@ -2109,3 +2402,27 @@ func (s *RepositoriesService) DisablePrivateReporting(ctx context.Context, owner
 
 	return resp, nil
 }
+
+// checkPrivateReporting represents whether private vulnerability reporting is enabled.
+type checkPrivateReporting struct {
+	Enabled bool `json:"enabled,omitempty"`
+}
+
+// IsPrivateReportingEnabled checks if private vulnerability reporting is enabled
+// for the repository and returns a boolean indicating the status.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/repos#check-if-private-vulnerability-reporting-is-enabled-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/private-vulnerability-reporting
+func (s *RepositoriesService) IsPrivateReportingEnabled(ctx context.Context, owner, repo string) (bool, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/private-vulnerability-reporting", owner, repo)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return false, nil, err
+	}
+
+	privateReporting := new(checkPrivateReporting)
+	resp, err := s.client.Do(ctx, req, privateReporting)
+	return privateReporting.Enabled, resp, err
+}
diff --git a/vendor/github.com/google/go-github/v55/github/repos_actions_access.go b/vendor/github.com/google/go-github/v72/github/repos_actions_access.go
similarity index 76%
rename from vendor/github.com/google/go-github/v55/github/repos_actions_access.go
rename to vendor/github.com/google/go-github/v72/github/repos_actions_access.go
index 55761eeb7e..2da1f01cc2 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_actions_access.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_actions_access.go
@@ -12,7 +12,7 @@ import (
 
 // RepositoryActionsAccessLevel represents the repository actions access level.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-the-level-of-access-for-workflows-outside-of-the-repository
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-the-level-of-access-for-workflows-outside-of-the-repository
 type RepositoryActionsAccessLevel struct {
 	// AccessLevel specifies the level of access that workflows outside of the repository have
 	// to actions and reusable workflows within the repository.
@@ -23,7 +23,9 @@ type RepositoryActionsAccessLevel struct {
 // GetActionsAccessLevel gets the level of access that workflows outside of the repository have
 // to actions and reusable workflows in the repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#get-the-level-of-access-for-workflows-outside-of-the-repository
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#get-the-level-of-access-for-workflows-outside-of-the-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/permissions/access
 func (s *RepositoriesService) GetActionsAccessLevel(ctx context.Context, owner, repo string) (*RepositoryActionsAccessLevel, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/permissions/access", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -43,7 +45,9 @@ func (s *RepositoriesService) GetActionsAccessLevel(ctx context.Context, owner,
 // EditActionsAccessLevel sets the level of access that workflows outside of the repository have
 // to actions and reusable workflows in the repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-the-level-of-access-for-workflows-outside-of-the-repository
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-the-level-of-access-for-workflows-outside-of-the-repository
+//
+//meta:operation PUT /repos/{owner}/{repo}/actions/permissions/access
 func (s *RepositoriesService) EditActionsAccessLevel(ctx context.Context, owner, repo string, repositoryActionsAccessLevel RepositoryActionsAccessLevel) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/permissions/access", owner, repo)
 	req, err := s.client.NewRequest("PUT", u, repositoryActionsAccessLevel)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_actions_allowed.go b/vendor/github.com/google/go-github/v72/github/repos_actions_allowed.go
similarity index 75%
rename from vendor/github.com/google/go-github/v55/github/repos_actions_allowed.go
rename to vendor/github.com/google/go-github/v72/github/repos_actions_allowed.go
index 25a4690583..e9ebff1d32 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_actions_allowed.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_actions_allowed.go
@@ -12,7 +12,9 @@ import (
 
 // GetActionsAllowed gets the allowed actions and reusable workflows for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#get-allowed-actions-and-reusable-workflows-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#get-allowed-actions-and-reusable-workflows-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/permissions/selected-actions
 func (s *RepositoriesService) GetActionsAllowed(ctx context.Context, org, repo string) (*ActionsAllowed, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/permissions/selected-actions", org, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -31,7 +33,9 @@ func (s *RepositoriesService) GetActionsAllowed(ctx context.Context, org, repo s
 
 // EditActionsAllowed sets the allowed actions and reusable workflows for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/actions/permissions#set-allowed-actions-and-reusable-workflows-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-allowed-actions-and-reusable-workflows-for-a-repository
+//
+//meta:operation PUT /repos/{owner}/{repo}/actions/permissions/selected-actions
 func (s *RepositoriesService) EditActionsAllowed(ctx context.Context, org, repo string, actionsAllowed ActionsAllowed) (*ActionsAllowed, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/actions/permissions/selected-actions", org, repo)
 	req, err := s.client.NewRequest("PUT", u, actionsAllowed)
diff --git a/vendor/github.com/google/go-github/v72/github/repos_actions_permissions.go b/vendor/github.com/google/go-github/v72/github/repos_actions_permissions.go
new file mode 100644
index 0000000000..9abd32a783
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/repos_actions_permissions.go
@@ -0,0 +1,118 @@
+// Copyright 2022 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ActionsPermissionsRepository represents a policy for repositories and allowed actions in a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions
+type ActionsPermissionsRepository struct {
+	Enabled            *bool   `json:"enabled,omitempty"`
+	AllowedActions     *string `json:"allowed_actions,omitempty"`
+	SelectedActionsURL *string `json:"selected_actions_url,omitempty"`
+}
+
+func (a ActionsPermissionsRepository) String() string {
+	return Stringify(a)
+}
+
+// DefaultWorkflowPermissionRepository represents the default permissions for GitHub Actions workflows for a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions
+type DefaultWorkflowPermissionRepository struct {
+	DefaultWorkflowPermissions   *string `json:"default_workflow_permissions,omitempty"`
+	CanApprovePullRequestReviews *bool   `json:"can_approve_pull_request_reviews,omitempty"`
+}
+
+// GetActionsPermissions gets the GitHub Actions permissions policy for repositories and allowed actions in a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#get-github-actions-permissions-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/permissions
+func (s *RepositoriesService) GetActionsPermissions(ctx context.Context, owner, repo string) (*ActionsPermissionsRepository, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/permissions", owner, repo)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	permissions := new(ActionsPermissionsRepository)
+	resp, err := s.client.Do(ctx, req, permissions)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return permissions, resp, nil
+}
+
+// EditActionsPermissions sets the permissions policy for repositories and allowed actions in a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-github-actions-permissions-for-a-repository
+//
+//meta:operation PUT /repos/{owner}/{repo}/actions/permissions
+func (s *RepositoriesService) EditActionsPermissions(ctx context.Context, owner, repo string, actionsPermissionsRepository ActionsPermissionsRepository) (*ActionsPermissionsRepository, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/permissions", owner, repo)
+	req, err := s.client.NewRequest("PUT", u, actionsPermissionsRepository)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	permissions := new(ActionsPermissionsRepository)
+	resp, err := s.client.Do(ctx, req, permissions)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return permissions, resp, nil
+}
+
+// GetDefaultWorkflowPermissions gets the GitHub Actions default workflow permissions in a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#get-default-workflow-permissions-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/actions/permissions/workflow
+func (s *RepositoriesService) GetDefaultWorkflowPermissions(ctx context.Context, owner, repo string) (*DefaultWorkflowPermissionRepository, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/permissions/workflow", owner, repo)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	permissions := new(DefaultWorkflowPermissionRepository)
+	resp, err := s.client.Do(ctx, req, permissions)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return permissions, resp, nil
+}
+
+// EditDefaultWorkflowPermissions sets the GitHub Actions default workflow permissions in a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/actions/permissions#set-default-workflow-permissions-for-a-repository
+//
+//meta:operation PUT /repos/{owner}/{repo}/actions/permissions/workflow
+func (s *RepositoriesService) EditDefaultWorkflowPermissions(ctx context.Context, owner, repo string, permissions DefaultWorkflowPermissionRepository) (*DefaultWorkflowPermissionRepository, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/actions/permissions/workflow", owner, repo)
+	req, err := s.client.NewRequest("PUT", u, permissions)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	p := new(DefaultWorkflowPermissionRepository)
+	resp, err := s.client.Do(ctx, req, p)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return p, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v72/github/repos_attestations.go b/vendor/github.com/google/go-github/v72/github/repos_attestations.go
new file mode 100644
index 0000000000..2e5425502c
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/repos_attestations.go
@@ -0,0 +1,39 @@
+// Copyright 2024 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ListAttestations returns a collection of artifact attestations
+// with a given subject digest that are associated with a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-attestations
+//
+//meta:operation GET /repos/{owner}/{repo}/attestations/{subject_digest}
+func (s *RepositoriesService) ListAttestations(ctx context.Context, owner, repo, subjectDigest string, opts *ListOptions) (*AttestationsResponse, *Response, error) {
+	var u = fmt.Sprintf("repos/%v/%v/attestations/%v", owner, repo, subjectDigest)
+
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var attestations *AttestationsResponse
+	resp, err := s.client.Do(ctx, req, &attestations)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return attestations, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/repos_autolinks.go b/vendor/github.com/google/go-github/v72/github/repos_autolinks.go
similarity index 82%
rename from vendor/github.com/google/go-github/v55/github/repos_autolinks.go
rename to vendor/github.com/google/go-github/v72/github/repos_autolinks.go
index 0d2cec618f..6c209b2d5e 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_autolinks.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_autolinks.go
@@ -28,7 +28,9 @@ type Autolink struct {
 // ListAutolinks returns a list of autolinks configured for the given repository.
 // Information about autolinks are only available to repository administrators.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/autolinks#list-all-autolinks-of-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/autolinks#get-all-autolinks-of-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/autolinks
 func (s *RepositoriesService) ListAutolinks(ctx context.Context, owner, repo string, opts *ListOptions) ([]*Autolink, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/autolinks", owner, repo)
 	u, err := addOptions(u, opts)
@@ -53,7 +55,9 @@ func (s *RepositoriesService) ListAutolinks(ctx context.Context, owner, repo str
 // AddAutolink creates an autolink reference for a repository.
 // Users with admin access to the repository can create an autolink.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/autolinks#create-an-autolink-reference-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/autolinks#create-an-autolink-reference-for-a-repository
+//
+//meta:operation POST /repos/{owner}/{repo}/autolinks
 func (s *RepositoriesService) AddAutolink(ctx context.Context, owner, repo string, opts *AutolinkOptions) (*Autolink, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/autolinks", owner, repo)
 	req, err := s.client.NewRequest("POST", u, opts)
@@ -72,7 +76,9 @@ func (s *RepositoriesService) AddAutolink(ctx context.Context, owner, repo strin
 // GetAutolink returns a single autolink reference by ID that was configured for the given repository.
 // Information about autolinks are only available to repository administrators.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/autolinks#get-an-autolink-reference-of-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/autolinks#get-an-autolink-reference-of-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/autolinks/{autolink_id}
 func (s *RepositoriesService) GetAutolink(ctx context.Context, owner, repo string, id int64) (*Autolink, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/autolinks/%v", owner, repo, id)
 
@@ -93,7 +99,9 @@ func (s *RepositoriesService) GetAutolink(ctx context.Context, owner, repo strin
 // DeleteAutolink deletes a single autolink reference by ID that was configured for the given repository.
 // Information about autolinks are only available to repository administrators.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/autolinks#delete-an-autolink-reference-from-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/autolinks#delete-an-autolink-reference-from-a-repository
+//
+//meta:operation DELETE /repos/{owner}/{repo}/autolinks/{autolink_id}
 func (s *RepositoriesService) DeleteAutolink(ctx context.Context, owner, repo string, id int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/autolinks/%v", owner, repo, id)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_codeowners.go b/vendor/github.com/google/go-github/v72/github/repos_codeowners.go
similarity index 64%
rename from vendor/github.com/google/go-github/v55/github/repos_codeowners.go
rename to vendor/github.com/google/go-github/v72/github/repos_codeowners.go
index 835d56e164..93eeae09b1 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_codeowners.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_codeowners.go
@@ -10,6 +10,14 @@ import (
 	"fmt"
 )
 
+// GetCodeownersErrorsOptions specifies the optional parameters to the
+// RepositoriesService.GetCodeownersErrors method.
+type GetCodeownersErrorsOptions struct {
+	// A branch, tag or commit name used to determine which version of the CODEOWNERS file to use.
+	// Default: the repository's default branch (e.g. main).
+	Ref string `url:"ref,omitempty"`
+}
+
 // CodeownersErrors represents a list of syntax errors detected in the CODEOWNERS file.
 type CodeownersErrors struct {
 	Errors []*CodeownersError `json:"errors"`
@@ -28,9 +36,16 @@ type CodeownersError struct {
 
 // GetCodeownersErrors lists any syntax errors that are detected in the CODEOWNERS file.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/repos#list-codeowners-errors
-func (s *RepositoriesService) GetCodeownersErrors(ctx context.Context, owner, repo string) (*CodeownersErrors, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/repos/repos#list-codeowners-errors
+//
+//meta:operation GET /repos/{owner}/{repo}/codeowners/errors
+func (s *RepositoriesService) GetCodeownersErrors(ctx context.Context, owner, repo string, opts *GetCodeownersErrorsOptions) (*CodeownersErrors, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/codeowners/errors", owner, repo)
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/github.com/google/go-github/v55/github/repos_collaborators.go b/vendor/github.com/google/go-github/v72/github/repos_collaborators.go
similarity index 84%
rename from vendor/github.com/google/go-github/v55/github/repos_collaborators.go
rename to vendor/github.com/google/go-github/v72/github/repos_collaborators.go
index c2396872f2..d6c985359a 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_collaborators.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_collaborators.go
@@ -34,7 +34,7 @@ type ListCollaboratorsOptions struct {
 }
 
 // CollaboratorInvitation represents an invitation created when adding a collaborator.
-// GitHub API docs: https://docs.github.com/en/rest/repos/collaborators/#response-when-a-new-invitation-is-created
+// GitHub API docs: https://docs.github.com/rest/repos/collaborators/#response-when-a-new-invitation-is-created
 type CollaboratorInvitation struct {
 	ID          *int64      `json:"id,omitempty"`
 	Repo        *Repository `json:"repository,omitempty"`
@@ -48,7 +48,9 @@ type CollaboratorInvitation struct {
 
 // ListCollaborators lists the GitHub users that have access to the repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/collaborators#list-repository-collaborators
+// GitHub API docs: https://docs.github.com/rest/collaborators/collaborators#list-repository-collaborators
+//
+//meta:operation GET /repos/{owner}/{repo}/collaborators
 func (s *RepositoriesService) ListCollaborators(ctx context.Context, owner, repo string, opts *ListCollaboratorsOptions) ([]*User, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/collaborators", owner, repo)
 	u, err := addOptions(u, opts)
@@ -75,7 +77,9 @@ func (s *RepositoriesService) ListCollaborators(ctx context.Context, owner, repo
 // Note: This will return false if the user is not a collaborator OR the user
 // is not a GitHub user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/collaborators#check-if-a-user-is-a-repository-collaborator
+// GitHub API docs: https://docs.github.com/rest/collaborators/collaborators#check-if-a-user-is-a-repository-collaborator
+//
+//meta:operation GET /repos/{owner}/{repo}/collaborators/{username}
 func (s *RepositoriesService) IsCollaborator(ctx context.Context, owner, repo, user string) (bool, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/collaborators/%v", owner, repo, user)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -95,11 +99,15 @@ type RepositoryPermissionLevel struct {
 	Permission *string `json:"permission,omitempty"`
 
 	User *User `json:"user,omitempty"`
+
+	RoleName *string `json:"role_name,omitempty"`
 }
 
 // GetPermissionLevel retrieves the specific permission level a collaborator has for a given repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/collaborators#get-repository-permissions-for-a-user
+// GitHub API docs: https://docs.github.com/rest/collaborators/collaborators#get-repository-permissions-for-a-user
+//
+//meta:operation GET /repos/{owner}/{repo}/collaborators/{username}/permission
 func (s *RepositoriesService) GetPermissionLevel(ctx context.Context, owner, repo, user string) (*RepositoryPermissionLevel, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/collaborators/%v/permission", owner, repo, user)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -134,7 +142,9 @@ type RepositoryAddCollaboratorOptions struct {
 // AddCollaborator sends an invitation to the specified GitHub user
 // to become a collaborator to the given repo.
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/collaborators#add-a-repository-collaborator
+// GitHub API docs: https://docs.github.com/rest/collaborators/collaborators#add-a-repository-collaborator
+//
+//meta:operation PUT /repos/{owner}/{repo}/collaborators/{username}
 func (s *RepositoriesService) AddCollaborator(ctx context.Context, owner, repo, user string, opts *RepositoryAddCollaboratorOptions) (*CollaboratorInvitation, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/collaborators/%v", owner, repo, user)
 	req, err := s.client.NewRequest("PUT", u, opts)
@@ -154,7 +164,9 @@ func (s *RepositoriesService) AddCollaborator(ctx context.Context, owner, repo,
 // RemoveCollaborator removes the specified GitHub user as collaborator from the given repo.
 // Note: Does not return error if a valid user that is not a collaborator is removed.
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/collaborators#remove-a-repository-collaborator
+// GitHub API docs: https://docs.github.com/rest/collaborators/collaborators#remove-a-repository-collaborator
+//
+//meta:operation DELETE /repos/{owner}/{repo}/collaborators/{username}
 func (s *RepositoriesService) RemoveCollaborator(ctx context.Context, owner, repo, user string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/collaborators/%v", owner, repo, user)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_comments.go b/vendor/github.com/google/go-github/v72/github/repos_comments.go
similarity index 82%
rename from vendor/github.com/google/go-github/v55/github/repos_comments.go
rename to vendor/github.com/google/go-github/v72/github/repos_comments.go
index e282374e9e..766a614cc1 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_comments.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_comments.go
@@ -35,7 +35,9 @@ func (r RepositoryComment) String() string {
 
 // ListComments lists all the comments for the repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/comments#list-commit-comments-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/commits/comments#list-commit-comments-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/comments
 func (s *RepositoriesService) ListComments(ctx context.Context, owner, repo string, opts *ListOptions) ([]*RepositoryComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/comments", owner, repo)
 	u, err := addOptions(u, opts)
@@ -62,7 +64,9 @@ func (s *RepositoriesService) ListComments(ctx context.Context, owner, repo stri
 
 // ListCommitComments lists all the comments for a given commit SHA.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/comments#list-commit-comments
+// GitHub API docs: https://docs.github.com/rest/commits/comments#list-commit-comments
+//
+//meta:operation GET /repos/{owner}/{repo}/commits/{commit_sha}/comments
 func (s *RepositoriesService) ListCommitComments(ctx context.Context, owner, repo, sha string, opts *ListOptions) ([]*RepositoryComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v/comments", owner, repo, sha)
 	u, err := addOptions(u, opts)
@@ -90,7 +94,9 @@ func (s *RepositoriesService) ListCommitComments(ctx context.Context, owner, rep
 // CreateComment creates a comment for the given commit.
 // Note: GitHub allows for comments to be created for non-existing files and positions.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/comments#create-a-commit-comment
+// GitHub API docs: https://docs.github.com/rest/commits/comments#create-a-commit-comment
+//
+//meta:operation POST /repos/{owner}/{repo}/commits/{commit_sha}/comments
 func (s *RepositoriesService) CreateComment(ctx context.Context, owner, repo, sha string, comment *RepositoryComment) (*RepositoryComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v/comments", owner, repo, sha)
 	req, err := s.client.NewRequest("POST", u, comment)
@@ -109,7 +115,9 @@ func (s *RepositoriesService) CreateComment(ctx context.Context, owner, repo, sh
 
 // GetComment gets a single comment from a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/comments#get-a-commit-comment
+// GitHub API docs: https://docs.github.com/rest/commits/comments#get-a-commit-comment
+//
+//meta:operation GET /repos/{owner}/{repo}/comments/{comment_id}
 func (s *RepositoriesService) GetComment(ctx context.Context, owner, repo string, id int64) (*RepositoryComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/comments/%v", owner, repo, id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -131,7 +139,9 @@ func (s *RepositoriesService) GetComment(ctx context.Context, owner, repo string
 
 // UpdateComment updates the body of a single comment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/comments#update-a-commit-comment
+// GitHub API docs: https://docs.github.com/rest/commits/comments#update-a-commit-comment
+//
+//meta:operation PATCH /repos/{owner}/{repo}/comments/{comment_id}
 func (s *RepositoriesService) UpdateComment(ctx context.Context, owner, repo string, id int64, comment *RepositoryComment) (*RepositoryComment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/comments/%v", owner, repo, id)
 	req, err := s.client.NewRequest("PATCH", u, comment)
@@ -150,7 +160,9 @@ func (s *RepositoriesService) UpdateComment(ctx context.Context, owner, repo str
 
 // DeleteComment deletes a single comment from a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/comments#delete-a-commit-comment
+// GitHub API docs: https://docs.github.com/rest/commits/comments#delete-a-commit-comment
+//
+//meta:operation DELETE /repos/{owner}/{repo}/comments/{comment_id}
 func (s *RepositoriesService) DeleteComment(ctx context.Context, owner, repo string, id int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/comments/%v", owner, repo, id)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_commits.go b/vendor/github.com/google/go-github/v72/github/repos_commits.go
similarity index 90%
rename from vendor/github.com/google/go-github/v55/github/repos_commits.go
rename to vendor/github.com/google/go-github/v72/github/repos_commits.go
index d1fb577c61..cca7430cb5 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_commits.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_commits.go
@@ -124,7 +124,9 @@ type BranchCommit struct {
 
 // ListCommits lists the commits of a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/commits#list-commits
+// GitHub API docs: https://docs.github.com/rest/commits/commits#list-commits
+//
+//meta:operation GET /repos/{owner}/{repo}/commits
 func (s *RepositoriesService) ListCommits(ctx context.Context, owner, repo string, opts *CommitsListOptions) ([]*RepositoryCommit, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits", owner, repo)
 	u, err := addOptions(u, opts)
@@ -148,8 +150,9 @@ func (s *RepositoriesService) ListCommits(ctx context.Context, owner, repo strin
 
 // GetCommit fetches the specified commit, including all details about it.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/commits#get-a-single-commit
-// GitHub API docs: https://docs.github.com/en/rest/commits/commits#get-a-commit
+// GitHub API docs: https://docs.github.com/rest/commits/commits#get-a-commit
+//
+//meta:operation GET /repos/{owner}/{repo}/commits/{ref}
 func (s *RepositoriesService) GetCommit(ctx context.Context, owner, repo, sha string, opts *ListOptions) (*RepositoryCommit, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v", owner, repo, sha)
 	u, err := addOptions(u, opts)
@@ -173,7 +176,9 @@ func (s *RepositoriesService) GetCommit(ctx context.Context, owner, repo, sha st
 
 // GetCommitRaw fetches the specified commit in raw (diff or patch) format.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/commits#get-a-commit
+// GitHub API docs: https://docs.github.com/rest/commits/commits#get-a-commit
+//
+//meta:operation GET /repos/{owner}/{repo}/commits/{ref}
 func (s *RepositoriesService) GetCommitRaw(ctx context.Context, owner string, repo string, sha string, opts RawOptions) (string, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v", owner, repo, sha)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -202,7 +207,9 @@ func (s *RepositoriesService) GetCommitRaw(ctx context.Context, owner string, re
 // GetCommitSHA1 gets the SHA-1 of a commit reference. If a last-known SHA1 is
 // supplied and no new commits have occurred, a 304 Unmodified response is returned.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/commits#get-a-commit
+// GitHub API docs: https://docs.github.com/rest/commits/commits#get-a-commit
+//
+//meta:operation GET /repos/{owner}/{repo}/commits/{ref}
 func (s *RepositoriesService) GetCommitSHA1(ctx context.Context, owner, repo, ref, lastSHA string) (string, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v", owner, repo, refURLEscape(ref))
 
@@ -227,7 +234,9 @@ func (s *RepositoriesService) GetCommitSHA1(ctx context.Context, owner, repo, re
 
 // CompareCommits compares a range of commits with each other.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/commits#compare-two-commits
+// GitHub API docs: https://docs.github.com/rest/commits/commits#compare-two-commits
+//
+//meta:operation GET /repos/{owner}/{repo}/compare/{basehead}
 func (s *RepositoriesService) CompareCommits(ctx context.Context, owner, repo string, base, head string, opts *ListOptions) (*CommitsComparison, *Response, error) {
 	escapedBase := url.QueryEscape(base)
 	escapedHead := url.QueryEscape(head)
@@ -258,7 +267,9 @@ func (s *RepositoriesService) CompareCommits(ctx context.Context, owner, repo st
 // To compare branches across other repositories in the same network as "repo",
 // use the format "<USERNAME>:branch".
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/commits#compare-two-commits
+// GitHub API docs: https://docs.github.com/rest/commits/commits#compare-two-commits
+//
+//meta:operation GET /repos/{owner}/{repo}/compare/{basehead}
 func (s *RepositoriesService) CompareCommitsRaw(ctx context.Context, owner, repo, base, head string, opts RawOptions) (string, *Response, error) {
 	escapedBase := url.QueryEscape(base)
 	escapedHead := url.QueryEscape(head)
@@ -291,7 +302,9 @@ func (s *RepositoriesService) CompareCommitsRaw(ctx context.Context, owner, repo
 // ListBranchesHeadCommit gets all branches where the given commit SHA is the HEAD,
 // or latest commit for the branch.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/commits#list-branches-for-head-commit
+// GitHub API docs: https://docs.github.com/rest/commits/commits#list-branches-for-head-commit
+//
+//meta:operation GET /repos/{owner}/{repo}/commits/{commit_sha}/branches-where-head
 func (s *RepositoriesService) ListBranchesHeadCommit(ctx context.Context, owner, repo, sha string) ([]*BranchCommit, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v/branches-where-head", owner, repo, sha)
 
diff --git a/vendor/github.com/google/go-github/v55/github/repos_community_health.go b/vendor/github.com/google/go-github/v72/github/repos_community_health.go
similarity index 92%
rename from vendor/github.com/google/go-github/v55/github/repos_community_health.go
rename to vendor/github.com/google/go-github/v72/github/repos_community_health.go
index 750ee15827..54d1b414ec 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_community_health.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_community_health.go
@@ -43,7 +43,9 @@ type CommunityHealthMetrics struct {
 
 // GetCommunityHealthMetrics retrieves all the community health  metrics for a  repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/metrics/community#get-community-profile-metrics
+// GitHub API docs: https://docs.github.com/rest/metrics/community#get-community-profile-metrics
+//
+//meta:operation GET /repos/{owner}/{repo}/community/profile
 func (s *RepositoriesService) GetCommunityHealthMetrics(ctx context.Context, owner, repo string) (*CommunityHealthMetrics, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/community/profile", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_contents.go b/vendor/github.com/google/go-github/v72/github/repos_contents.go
similarity index 77%
rename from vendor/github.com/google/go-github/v55/github/repos_contents.go
rename to vendor/github.com/google/go-github/v72/github/repos_contents.go
index de7a0d5b82..013993e5be 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_contents.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_contents.go
@@ -4,7 +4,7 @@
 // license that can be found in the LICENSE file.
 
 // Repository contents API methods.
-// GitHub API docs: https://docs.github.com/en/rest/repos/contents/
+// GitHub API docs: https://docs.github.com/rest/repos/contents/
 
 package github
 
@@ -62,7 +62,7 @@ type RepositoryContentFileOptions struct {
 }
 
 // RepositoryContentGetOptions represents an optional ref parameter, which can be a SHA,
-// branch, or tag
+// branch, or tag.
 type RepositoryContentGetOptions struct {
 	Ref string `url:"ref,omitempty"`
 }
@@ -91,6 +91,8 @@ func (r *RepositoryContent) GetContent() (string, error) {
 			return "", nil
 		}
 		return *r.Content, nil
+	case "none":
+		return "", errors.New("unsupported content encoding: none, this may occur when file size > 1 MB, if that is the case consider using DownloadContents")
 	default:
 		return "", fmt.Errorf("unsupported content encoding: %v", encoding)
 	}
@@ -98,7 +100,9 @@ func (r *RepositoryContent) GetContent() (string, error) {
 
 // GetReadme gets the Readme file for the repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/contents#get-a-repository-readme
+// GitHub API docs: https://docs.github.com/rest/repos/contents#get-a-repository-readme
+//
+//meta:operation GET /repos/{owner}/{repo}/readme
 func (s *RepositoriesService) GetReadme(ctx context.Context, owner, repo string, opts *RepositoryContentGetOptions) (*RepositoryContent, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/readme", owner, repo)
 	u, err := addOptions(u, opts)
@@ -128,6 +132,10 @@ func (s *RepositoriesService) GetReadme(ctx context.Context, owner, repo string,
 // It is possible for the download to result in a failed response when the
 // returned error is nil. Callers should check the returned Response status
 // code to verify the content is from a successful response.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/contents#get-repository-content
+//
+//meta:operation GET /repos/{owner}/{repo}/contents/{path}
 func (s *RepositoriesService) DownloadContents(ctx context.Context, owner, repo, filepath string, opts *RepositoryContentGetOptions) (io.ReadCloser, *Response, error) {
 	dir := path.Dir(filepath)
 	filename := path.Base(filepath)
@@ -142,7 +150,11 @@ func (s *RepositoriesService) DownloadContents(ctx context.Context, owner, repo,
 				return nil, resp, fmt.Errorf("no download link found for %s", filepath)
 			}
 
-			dlResp, err := s.client.client.Get(*contents.DownloadURL)
+			dlReq, err := http.NewRequestWithContext(ctx, http.MethodGet, *contents.DownloadURL, nil)
+			if err != nil {
+				return nil, resp, err
+			}
+			dlResp, err := s.client.client.Do(dlReq)
 			if err != nil {
 				return nil, &Response{Response: dlResp}, err
 			}
@@ -162,6 +174,10 @@ func (s *RepositoriesService) DownloadContents(ctx context.Context, owner, repo,
 // It is possible for the download to result in a failed response when the
 // returned error is nil. Callers should check the returned Response status
 // code to verify the content is from a successful response.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/contents#get-repository-content
+//
+//meta:operation GET /repos/{owner}/{repo}/contents/{path}
 func (s *RepositoriesService) DownloadContentsWithMeta(ctx context.Context, owner, repo, filepath string, opts *RepositoryContentGetOptions) (io.ReadCloser, *RepositoryContent, *Response, error) {
 	dir := path.Dir(filepath)
 	filename := path.Base(filepath)
@@ -176,7 +192,11 @@ func (s *RepositoriesService) DownloadContentsWithMeta(ctx context.Context, owne
 				return nil, contents, resp, fmt.Errorf("no download link found for %s", filepath)
 			}
 
-			dlResp, err := s.client.client.Get(*contents.DownloadURL)
+			dlReq, err := http.NewRequestWithContext(ctx, http.MethodGet, *contents.DownloadURL, nil)
+			if err != nil {
+				return nil, contents, resp, err
+			}
+			dlResp, err := s.client.client.Do(dlReq)
 			if err != nil {
 				return nil, contents, &Response{Response: dlResp}, err
 			}
@@ -198,7 +218,9 @@ func (s *RepositoriesService) DownloadContentsWithMeta(ctx context.Context, owne
 // Due to an auth vulnerability issue in the GitHub v3 API, ".." is not allowed
 // to appear anywhere in the "path" or this method will return an error.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/contents#get-repository-content
+// GitHub API docs: https://docs.github.com/rest/repos/contents#get-repository-content
+//
+//meta:operation GET /repos/{owner}/{repo}/contents/{path}
 func (s *RepositoriesService) GetContents(ctx context.Context, owner, repo, path string, opts *RepositoryContentGetOptions) (fileContent *RepositoryContent, directoryContent []*RepositoryContent, resp *Response, err error) {
 	if strings.Contains(path, "..") {
 		return nil, nil, nil, ErrPathForbidden
@@ -232,13 +254,15 @@ func (s *RepositoriesService) GetContents(ctx context.Context, owner, repo, path
 		return nil, directoryContent, resp, nil
 	}
 
-	return nil, nil, resp, fmt.Errorf("unmarshalling failed for both file and directory content: %s and %s", fileUnmarshalError, directoryUnmarshalError)
+	return nil, nil, resp, fmt.Errorf("unmarshaling failed for both file and directory content: %s and %s", fileUnmarshalError, directoryUnmarshalError)
 }
 
 // CreateFile creates a new file in a repository at the given path and returns
 // the commit and file metadata.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/contents#create-or-update-file-contents
+// GitHub API docs: https://docs.github.com/rest/repos/contents#create-or-update-file-contents
+//
+//meta:operation PUT /repos/{owner}/{repo}/contents/{path}
 func (s *RepositoriesService) CreateFile(ctx context.Context, owner, repo, path string, opts *RepositoryContentFileOptions) (*RepositoryContentResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/contents/%s", owner, repo, path)
 	req, err := s.client.NewRequest("PUT", u, opts)
@@ -258,7 +282,9 @@ func (s *RepositoriesService) CreateFile(ctx context.Context, owner, repo, path
 // UpdateFile updates a file in a repository at the given path and returns the
 // commit and file metadata. Requires the blob SHA of the file being updated.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/contents#create-or-update-file-contents
+// GitHub API docs: https://docs.github.com/rest/repos/contents#create-or-update-file-contents
+//
+//meta:operation PUT /repos/{owner}/{repo}/contents/{path}
 func (s *RepositoriesService) UpdateFile(ctx context.Context, owner, repo, path string, opts *RepositoryContentFileOptions) (*RepositoryContentResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/contents/%s", owner, repo, path)
 	req, err := s.client.NewRequest("PUT", u, opts)
@@ -278,7 +304,9 @@ func (s *RepositoriesService) UpdateFile(ctx context.Context, owner, repo, path
 // DeleteFile deletes a file from a repository and returns the commit.
 // Requires the blob SHA of the file to be deleted.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/contents#delete-a-file
+// GitHub API docs: https://docs.github.com/rest/repos/contents#delete-a-file
+//
+//meta:operation DELETE /repos/{owner}/{repo}/contents/{path}
 func (s *RepositoriesService) DeleteFile(ctx context.Context, owner, repo, path string, opts *RepositoryContentFileOptions) (*RepositoryContentResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/contents/%s", owner, repo, path)
 	req, err := s.client.NewRequest("DELETE", u, opts)
@@ -310,20 +338,33 @@ const (
 // repository. The archiveFormat can be specified by either the github.Tarball
 // or github.Zipball constant.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/contents/#get-archive-link
-func (s *RepositoriesService) GetArchiveLink(ctx context.Context, owner, repo string, archiveformat ArchiveFormat, opts *RepositoryContentGetOptions, followRedirects bool) (*url.URL, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/repos/contents#download-a-repository-archive-tar
+// GitHub API docs: https://docs.github.com/rest/repos/contents#download-a-repository-archive-zip
+//
+//meta:operation GET /repos/{owner}/{repo}/tarball/{ref}
+//meta:operation GET /repos/{owner}/{repo}/zipball/{ref}
+func (s *RepositoriesService) GetArchiveLink(ctx context.Context, owner, repo string, archiveformat ArchiveFormat, opts *RepositoryContentGetOptions, maxRedirects int) (*url.URL, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/%s", owner, repo, archiveformat)
 	if opts != nil && opts.Ref != "" {
 		u += fmt.Sprintf("/%s", opts.Ref)
 	}
-	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, followRedirects)
+
+	if s.client.RateLimitRedirectionalEndpoints {
+		return s.getArchiveLinkWithRateLimit(ctx, u, maxRedirects)
+	}
+
+	return s.getArchiveLinkWithoutRateLimit(ctx, u, maxRedirects)
+}
+
+func (s *RepositoriesService) getArchiveLinkWithoutRateLimit(ctx context.Context, u string, maxRedirects int) (*url.URL, *Response, error) {
+	resp, err := s.client.roundTripWithOptionalFollowRedirect(ctx, u, maxRedirects)
 	if err != nil {
 		return nil, nil, err
 	}
 	defer resp.Body.Close()
 
-	if resp.StatusCode != http.StatusFound {
-		return nil, newResponse(resp), fmt.Errorf("unexpected status code: %s", resp.Status)
+	if resp.StatusCode != http.StatusOK && resp.StatusCode != http.StatusFound {
+		return nil, newResponse(resp), fmt.Errorf("unexpected status code: %v", resp.Status)
 	}
 
 	parsedURL, err := url.Parse(resp.Header.Get("Location"))
@@ -333,3 +374,23 @@ func (s *RepositoriesService) GetArchiveLink(ctx context.Context, owner, repo st
 
 	return parsedURL, newResponse(resp), nil
 }
+
+func (s *RepositoriesService) getArchiveLinkWithRateLimit(ctx context.Context, u string, maxRedirects int) (*url.URL, *Response, error) {
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	url, resp, err := s.client.bareDoUntilFound(ctx, req, maxRedirects)
+	if err != nil {
+		return nil, resp, err
+	}
+	defer resp.Body.Close()
+
+	// If we didn't receive a valid Location in a 302 response
+	if url == nil {
+		return nil, resp, fmt.Errorf("unexpected status code: %v", resp.Status)
+	}
+
+	return url, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/repos_deployment_branch_policies.go b/vendor/github.com/google/go-github/v72/github/repos_deployment_branch_policies.go
similarity index 76%
rename from vendor/github.com/google/go-github/v55/github/repos_deployment_branch_policies.go
rename to vendor/github.com/google/go-github/v72/github/repos_deployment_branch_policies.go
index 8c4628b39b..77ac73e44e 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_deployment_branch_policies.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_deployment_branch_policies.go
@@ -15,6 +15,7 @@ type DeploymentBranchPolicy struct {
 	Name   *string `json:"name,omitempty"`
 	ID     *int64  `json:"id,omitempty"`
 	NodeID *string `json:"node_id,omitempty"`
+	Type   *string `json:"type,omitempty"`
 }
 
 // DeploymentBranchPolicyResponse represents the slightly different format of response that comes back when you list deployment branch policies.
@@ -26,11 +27,14 @@ type DeploymentBranchPolicyResponse struct {
 // DeploymentBranchPolicyRequest represents a deployment branch policy request.
 type DeploymentBranchPolicyRequest struct {
 	Name *string `json:"name,omitempty"`
+	Type *string `json:"type,omitempty"`
 }
 
 // ListDeploymentBranchPolicies lists the deployment branch policies for an environment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/branch-policies#list-deployment-branch-policies
+// GitHub API docs: https://docs.github.com/rest/deployments/branch-policies#list-deployment-branch-policies
+//
+//meta:operation GET /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies
 func (s *RepositoriesService) ListDeploymentBranchPolicies(ctx context.Context, owner, repo, environment string) (*DeploymentBranchPolicyResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/environments/%v/deployment-branch-policies", owner, repo, environment)
 
@@ -50,7 +54,9 @@ func (s *RepositoriesService) ListDeploymentBranchPolicies(ctx context.Context,
 
 // GetDeploymentBranchPolicy gets a deployment branch policy for an environment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/branch-policies#get-a-deployment-branch-policy
+// GitHub API docs: https://docs.github.com/rest/deployments/branch-policies#get-a-deployment-branch-policy
+//
+//meta:operation GET /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}
 func (s *RepositoriesService) GetDeploymentBranchPolicy(ctx context.Context, owner, repo, environment string, branchPolicyID int64) (*DeploymentBranchPolicy, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/environments/%v/deployment-branch-policies/%v", owner, repo, environment, branchPolicyID)
 
@@ -70,7 +76,9 @@ func (s *RepositoriesService) GetDeploymentBranchPolicy(ctx context.Context, own
 
 // CreateDeploymentBranchPolicy creates a deployment branch policy for an environment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/branch-policies#create-a-deployment-branch-policy
+// GitHub API docs: https://docs.github.com/rest/deployments/branch-policies#create-a-deployment-branch-policy
+//
+//meta:operation POST /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies
 func (s *RepositoriesService) CreateDeploymentBranchPolicy(ctx context.Context, owner, repo, environment string, request *DeploymentBranchPolicyRequest) (*DeploymentBranchPolicy, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/environments/%v/deployment-branch-policies", owner, repo, environment)
 
@@ -90,7 +98,9 @@ func (s *RepositoriesService) CreateDeploymentBranchPolicy(ctx context.Context,
 
 // UpdateDeploymentBranchPolicy updates a deployment branch policy for an environment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/branch-policies#update-a-deployment-branch-policy
+// GitHub API docs: https://docs.github.com/rest/deployments/branch-policies#update-a-deployment-branch-policy
+//
+//meta:operation PUT /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}
 func (s *RepositoriesService) UpdateDeploymentBranchPolicy(ctx context.Context, owner, repo, environment string, branchPolicyID int64, request *DeploymentBranchPolicyRequest) (*DeploymentBranchPolicy, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/environments/%v/deployment-branch-policies/%v", owner, repo, environment, branchPolicyID)
 
@@ -110,7 +120,9 @@ func (s *RepositoriesService) UpdateDeploymentBranchPolicy(ctx context.Context,
 
 // DeleteDeploymentBranchPolicy deletes a deployment branch policy for an environment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/branch-policies#delete-a-deployment-branch-policy
+// GitHub API docs: https://docs.github.com/rest/deployments/branch-policies#delete-a-deployment-branch-policy
+//
+//meta:operation DELETE /repos/{owner}/{repo}/environments/{environment_name}/deployment-branch-policies/{branch_policy_id}
 func (s *RepositoriesService) DeleteDeploymentBranchPolicy(ctx context.Context, owner, repo, environment string, branchPolicyID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/environments/%v/deployment-branch-policies/%v", owner, repo, environment, branchPolicyID)
 
diff --git a/vendor/github.com/google/go-github/v72/github/repos_deployment_protection_rules.go b/vendor/github.com/google/go-github/v72/github/repos_deployment_protection_rules.go
new file mode 100644
index 0000000000..29d4903281
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/repos_deployment_protection_rules.go
@@ -0,0 +1,148 @@
+// Copyright 2024 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// CustomDeploymentProtectionRuleApp represents a single deployment protection rule app for an environment.
+type CustomDeploymentProtectionRuleApp struct {
+	ID             *int64  `json:"id,omitempty"`
+	Slug           *string `json:"slug,omitempty"`
+	IntegrationURL *string `json:"integration_url,omitempty"`
+	NodeID         *string `json:"node_id,omitempty"`
+}
+
+// CustomDeploymentProtectionRule represents a single deployment protection rule for an environment.
+type CustomDeploymentProtectionRule struct {
+	ID      *int64                             `json:"id,omitempty"`
+	NodeID  *string                            `json:"node_id,omitempty"`
+	Enabled *bool                              `json:"enabled,omitempty"`
+	App     *CustomDeploymentProtectionRuleApp `json:"app,omitempty"`
+}
+
+// ListDeploymentProtectionRuleResponse represents the response that comes back when you list deployment protection rules.
+type ListDeploymentProtectionRuleResponse struct {
+	TotalCount      *int                              `json:"total_count,omitempty"`
+	ProtectionRules []*CustomDeploymentProtectionRule `json:"custom_deployment_protection_rules,omitempty"`
+}
+
+// ListCustomDeploymentRuleIntegrationsResponse represents the slightly different response that comes back when you list custom deployment rule integrations.
+type ListCustomDeploymentRuleIntegrationsResponse struct {
+	TotalCount            *int                                 `json:"total_count,omitempty"`
+	AvailableIntegrations []*CustomDeploymentProtectionRuleApp `json:"available_custom_deployment_protection_rule_integrations,omitempty"`
+}
+
+// CustomDeploymentProtectionRuleRequest represents a deployment protection rule request.
+type CustomDeploymentProtectionRuleRequest struct {
+	IntegrationID *int64 `json:"integration_id,omitempty"`
+}
+
+// GetAllDeploymentProtectionRules gets all the deployment protection rules for an environment.
+//
+// GitHub API docs: https://docs.github.com/rest/deployments/protection-rules#get-all-deployment-protection-rules-for-an-environment
+//
+//meta:operation GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules
+func (s *RepositoriesService) GetAllDeploymentProtectionRules(ctx context.Context, owner, repo, environment string) (*ListDeploymentProtectionRuleResponse, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/environments/%v/deployment_protection_rules", owner, repo, environment)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var list *ListDeploymentProtectionRuleResponse
+	resp, err := s.client.Do(ctx, req, &list)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return list, resp, nil
+}
+
+// CreateCustomDeploymentProtectionRule creates a custom deployment protection rule on an environment.
+//
+// GitHub API docs: https://docs.github.com/rest/deployments/protection-rules#create-a-custom-deployment-protection-rule-on-an-environment
+//
+//meta:operation POST /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules
+func (s *RepositoriesService) CreateCustomDeploymentProtectionRule(ctx context.Context, owner, repo, environment string, request *CustomDeploymentProtectionRuleRequest) (*CustomDeploymentProtectionRule, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/environments/%v/deployment_protection_rules", owner, repo, environment)
+
+	req, err := s.client.NewRequest("POST", u, request)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	protectionRule := new(CustomDeploymentProtectionRule)
+	resp, err := s.client.Do(ctx, req, protectionRule)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return protectionRule, resp, nil
+}
+
+// ListCustomDeploymentRuleIntegrations lists the custom deployment rule integrations for an environment.
+//
+// GitHub API docs: https://docs.github.com/rest/deployments/protection-rules#list-custom-deployment-rule-integrations-available-for-an-environment
+//
+//meta:operation GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/apps
+func (s *RepositoriesService) ListCustomDeploymentRuleIntegrations(ctx context.Context, owner, repo, environment string) (*ListCustomDeploymentRuleIntegrationsResponse, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/environments/%v/deployment_protection_rules/apps", owner, repo, environment)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var list *ListCustomDeploymentRuleIntegrationsResponse
+	resp, err := s.client.Do(ctx, req, &list)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return list, resp, nil
+}
+
+// GetCustomDeploymentProtectionRule gets a custom deployment protection rule for an environment.
+//
+// GitHub API docs: https://docs.github.com/rest/deployments/protection-rules#get-a-custom-deployment-protection-rule
+//
+//meta:operation GET /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/{protection_rule_id}
+func (s *RepositoriesService) GetCustomDeploymentProtectionRule(ctx context.Context, owner, repo, environment string, protectionRuleID int64) (*CustomDeploymentProtectionRule, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/environments/%v/deployment_protection_rules/%v", owner, repo, environment, protectionRuleID)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var protectionRule *CustomDeploymentProtectionRule
+	resp, err := s.client.Do(ctx, req, &protectionRule)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return protectionRule, resp, nil
+}
+
+// DisableCustomDeploymentProtectionRule disables a custom deployment protection rule for an environment.
+//
+// GitHub API docs: https://docs.github.com/rest/deployments/protection-rules#disable-a-custom-protection-rule-for-an-environment
+//
+//meta:operation DELETE /repos/{owner}/{repo}/environments/{environment_name}/deployment_protection_rules/{protection_rule_id}
+func (s *RepositoriesService) DisableCustomDeploymentProtectionRule(ctx context.Context, owner, repo, environment string, protectionRuleID int64) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/environments/%v/deployment_protection_rules/%v", owner, repo, environment, protectionRuleID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/repos_deployments.go b/vendor/github.com/google/go-github/v72/github/repos_deployments.go
similarity index 86%
rename from vendor/github.com/google/go-github/v55/github/repos_deployments.go
rename to vendor/github.com/google/go-github/v72/github/repos_deployments.go
index 36445f895e..6277ac2151 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_deployments.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_deployments.go
@@ -12,7 +12,7 @@ import (
 	"strings"
 )
 
-// Deployment represents a deployment in a repo
+// Deployment represents a deployment in a repo.
 type Deployment struct {
 	URL           *string         `json:"url,omitempty"`
 	ID            *int64          `json:"id,omitempty"`
@@ -30,7 +30,7 @@ type Deployment struct {
 	NodeID        *string         `json:"node_id,omitempty"`
 }
 
-// DeploymentRequest represents a deployment request
+// DeploymentRequest represents a deployment request.
 type DeploymentRequest struct {
 	Ref                   *string     `json:"ref,omitempty"`
 	Task                  *string     `json:"task,omitempty"`
@@ -63,7 +63,9 @@ type DeploymentsListOptions struct {
 
 // ListDeployments lists the deployments of a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/deployments#list-deployments
+// GitHub API docs: https://docs.github.com/rest/deployments/deployments#list-deployments
+//
+//meta:operation GET /repos/{owner}/{repo}/deployments
 func (s *RepositoriesService) ListDeployments(ctx context.Context, owner, repo string, opts *DeploymentsListOptions) ([]*Deployment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/deployments", owner, repo)
 	u, err := addOptions(u, opts)
@@ -87,7 +89,9 @@ func (s *RepositoriesService) ListDeployments(ctx context.Context, owner, repo s
 
 // GetDeployment returns a single deployment of a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/deployments#get-a-deployment
+// GitHub API docs: https://docs.github.com/rest/deployments/deployments#get-a-deployment
+//
+//meta:operation GET /repos/{owner}/{repo}/deployments/{deployment_id}
 func (s *RepositoriesService) GetDeployment(ctx context.Context, owner, repo string, deploymentID int64) (*Deployment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/deployments/%v", owner, repo, deploymentID)
 
@@ -107,7 +111,9 @@ func (s *RepositoriesService) GetDeployment(ctx context.Context, owner, repo str
 
 // CreateDeployment creates a new deployment for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/deployments#create-a-deployment
+// GitHub API docs: https://docs.github.com/rest/deployments/deployments#create-a-deployment
+//
+//meta:operation POST /repos/{owner}/{repo}/deployments
 func (s *RepositoriesService) CreateDeployment(ctx context.Context, owner, repo string, request *DeploymentRequest) (*Deployment, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/deployments", owner, repo)
 
@@ -131,7 +137,9 @@ func (s *RepositoriesService) CreateDeployment(ctx context.Context, owner, repo
 
 // DeleteDeployment deletes an existing deployment for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/deployments#delete-a-deployment
+// GitHub API docs: https://docs.github.com/rest/deployments/deployments#delete-a-deployment
+//
+//meta:operation DELETE /repos/{owner}/{repo}/deployments/{deployment_id}
 func (s *RepositoriesService) DeleteDeployment(ctx context.Context, owner, repo string, deploymentID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/deployments/%v", owner, repo, deploymentID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -163,7 +171,7 @@ type DeploymentStatus struct {
 	URL            *string    `json:"url,omitempty"`
 }
 
-// DeploymentStatusRequest represents a deployment request
+// DeploymentStatusRequest represents a deployment request.
 type DeploymentStatusRequest struct {
 	State          *string `json:"state,omitempty"`
 	LogURL         *string `json:"log_url,omitempty"`
@@ -175,7 +183,9 @@ type DeploymentStatusRequest struct {
 
 // ListDeploymentStatuses lists the statuses of a given deployment of a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/statuses#list-deployment-statuses
+// GitHub API docs: https://docs.github.com/rest/deployments/statuses#list-deployment-statuses
+//
+//meta:operation GET /repos/{owner}/{repo}/deployments/{deployment_id}/statuses
 func (s *RepositoriesService) ListDeploymentStatuses(ctx context.Context, owner, repo string, deployment int64, opts *ListOptions) ([]*DeploymentStatus, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/deployments/%v/statuses", owner, repo, deployment)
 	u, err := addOptions(u, opts)
@@ -203,7 +213,9 @@ func (s *RepositoriesService) ListDeploymentStatuses(ctx context.Context, owner,
 
 // GetDeploymentStatus returns a single deployment status of a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/statuses#get-a-deployment-status
+// GitHub API docs: https://docs.github.com/rest/deployments/statuses#get-a-deployment-status
+//
+//meta:operation GET /repos/{owner}/{repo}/deployments/{deployment_id}/statuses/{status_id}
 func (s *RepositoriesService) GetDeploymentStatus(ctx context.Context, owner, repo string, deploymentID, deploymentStatusID int64) (*DeploymentStatus, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/deployments/%v/statuses/%v", owner, repo, deploymentID, deploymentStatusID)
 
@@ -227,7 +239,9 @@ func (s *RepositoriesService) GetDeploymentStatus(ctx context.Context, owner, re
 
 // CreateDeploymentStatus creates a new status for a deployment.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/statuses#create-a-deployment-status
+// GitHub API docs: https://docs.github.com/rest/deployments/statuses#create-a-deployment-status
+//
+//meta:operation POST /repos/{owner}/{repo}/deployments/{deployment_id}/statuses
 func (s *RepositoriesService) CreateDeploymentStatus(ctx context.Context, owner, repo string, deployment int64, request *DeploymentStatusRequest) (*DeploymentStatus, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/deployments/%v/statuses", owner, repo, deployment)
 
diff --git a/vendor/github.com/google/go-github/v55/github/repos_environments.go b/vendor/github.com/google/go-github/v72/github/repos_environments.go
similarity index 85%
rename from vendor/github.com/google/go-github/v55/github/repos_environments.go
rename to vendor/github.com/google/go-github/v72/github/repos_environments.go
index 2399a42c74..d3e34fa8f8 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_environments.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_environments.go
@@ -52,11 +52,12 @@ type EnvResponse struct {
 
 // ProtectionRule represents a single protection rule applied to the environment.
 type ProtectionRule struct {
-	ID        *int64              `json:"id,omitempty"`
-	NodeID    *string             `json:"node_id,omitempty"`
-	Type      *string             `json:"type,omitempty"`
-	WaitTimer *int                `json:"wait_timer,omitempty"`
-	Reviewers []*RequiredReviewer `json:"reviewers,omitempty"`
+	ID                *int64              `json:"id,omitempty"`
+	NodeID            *string             `json:"node_id,omitempty"`
+	PreventSelfReview *bool               `json:"prevent_self_review,omitempty"`
+	Type              *string             `json:"type,omitempty"`
+	WaitTimer         *int                `json:"wait_timer,omitempty"`
+	Reviewers         []*RequiredReviewer `json:"reviewers,omitempty"`
 }
 
 // RequiredReviewer represents a required reviewer.
@@ -106,7 +107,9 @@ func (r *RequiredReviewer) UnmarshalJSON(data []byte) error {
 
 // ListEnvironments lists all environments for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/environments#get-all-environments
+// GitHub API docs: https://docs.github.com/rest/deployments/environments#list-environments
+//
+//meta:operation GET /repos/{owner}/{repo}/environments
 func (s *RepositoriesService) ListEnvironments(ctx context.Context, owner, repo string, opts *EnvironmentListOptions) (*EnvResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/environments", owner, repo)
 	u, err := addOptions(u, opts)
@@ -129,7 +132,9 @@ func (s *RepositoriesService) ListEnvironments(ctx context.Context, owner, repo
 
 // GetEnvironment get a single environment for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/environments#get-an-environment
+// GitHub API docs: https://docs.github.com/rest/deployments/environments#get-an-environment
+//
+//meta:operation GET /repos/{owner}/{repo}/environments/{environment_name}
 func (s *RepositoriesService) GetEnvironment(ctx context.Context, owner, repo, name string) (*Environment, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/environments/%s", owner, repo, name)
 
@@ -152,10 +157,10 @@ func (s *RepositoriesService) GetEnvironment(ctx context.Context, owner, repo, n
 func (c *CreateUpdateEnvironment) MarshalJSON() ([]byte, error) {
 	type Alias CreateUpdateEnvironment
 	if c.WaitTimer == nil {
-		c.WaitTimer = Int(0)
+		c.WaitTimer = Ptr(0)
 	}
 	if c.CanAdminsBypass == nil {
-		c.CanAdminsBypass = Bool(true)
+		c.CanAdminsBypass = Ptr(true)
 	}
 	return json.Marshal(&struct {
 		*Alias
@@ -173,10 +178,11 @@ type CreateUpdateEnvironment struct {
 	Reviewers              []*EnvReviewers `json:"reviewers"`
 	CanAdminsBypass        *bool           `json:"can_admins_bypass"`
 	DeploymentBranchPolicy *BranchPolicy   `json:"deployment_branch_policy"`
+	PreventSelfReview      *bool           `json:"prevent_self_review,omitempty"`
 }
 
 // createUpdateEnvironmentNoEnterprise represents the fields accepted for Pro/Teams private repos.
-// Ref: https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment
+// Ref: https://docs.github.com/actions/deployment/targeting-different-environments/using-environments-for-deployment
 // See https://github.com/google/go-github/issues/2602 for more information.
 type createUpdateEnvironmentNoEnterprise struct {
 	DeploymentBranchPolicy *BranchPolicy `json:"deployment_branch_policy"`
@@ -184,7 +190,9 @@ type createUpdateEnvironmentNoEnterprise struct {
 
 // CreateUpdateEnvironment create or update a new environment for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/environments#create-or-update-an-environment
+// GitHub API docs: https://docs.github.com/rest/deployments/environments#create-or-update-an-environment
+//
+//meta:operation PUT /repos/{owner}/{repo}/environments/{environment_name}
 func (s *RepositoriesService) CreateUpdateEnvironment(ctx context.Context, owner, repo, name string, environment *CreateUpdateEnvironment) (*Environment, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/environments/%s", owner, repo, name)
 
@@ -230,7 +238,9 @@ func (s *RepositoriesService) createNewEnvNoEnterprise(ctx context.Context, u st
 
 // DeleteEnvironment delete an environment from a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deployments/environments#delete-an-environment
+// GitHub API docs: https://docs.github.com/rest/deployments/environments#delete-an-environment
+//
+//meta:operation DELETE /repos/{owner}/{repo}/environments/{environment_name}
 func (s *RepositoriesService) DeleteEnvironment(ctx context.Context, owner, repo, name string) (*Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/environments/%s", owner, repo, name)
 
diff --git a/vendor/github.com/google/go-github/v55/github/repos_forks.go b/vendor/github.com/google/go-github/v72/github/repos_forks.go
similarity index 91%
rename from vendor/github.com/google/go-github/v55/github/repos_forks.go
rename to vendor/github.com/google/go-github/v72/github/repos_forks.go
index f175dfe3b0..60fb49da5a 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_forks.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_forks.go
@@ -23,7 +23,9 @@ type RepositoryListForksOptions struct {
 
 // ListForks lists the forks of the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/forks#list-forks
+// GitHub API docs: https://docs.github.com/rest/repos/forks#list-forks
+//
+//meta:operation GET /repos/{owner}/{repo}/forks
 func (s *RepositoriesService) ListForks(ctx context.Context, owner, repo string, opts *RepositoryListForksOptions) ([]*Repository, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/forks", owner, repo)
 	u, err := addOptions(u, opts)
@@ -66,7 +68,9 @@ type RepositoryCreateForkOptions struct {
 // A follow up request, after a delay of a second or so, should result
 // in a successful request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/forks#create-a-fork
+// GitHub API docs: https://docs.github.com/rest/repos/forks#create-a-fork
+//
+//meta:operation POST /repos/{owner}/{repo}/forks
 func (s *RepositoriesService) CreateFork(ctx context.Context, owner, repo string, opts *RepositoryCreateForkOptions) (*Repository, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/forks", owner, repo)
 
diff --git a/vendor/github.com/google/go-github/v55/github/repos_hooks.go b/vendor/github.com/google/go-github/v72/github/repos_hooks.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/repos_hooks.go
rename to vendor/github.com/google/go-github/v72/github/repos_hooks.go
index ba229e7bca..d221db21b6 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_hooks.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_hooks.go
@@ -51,9 +51,9 @@ type Hook struct {
 
 	// Only the following fields are used when creating a hook.
 	// Config is required.
-	Config map[string]interface{} `json:"config,omitempty"`
-	Events []string               `json:"events,omitempty"`
-	Active *bool                  `json:"active,omitempty"`
+	Config *HookConfig `json:"config,omitempty"`
+	Events []string    `json:"events,omitempty"`
+	Active *bool       `json:"active,omitempty"`
 }
 
 func (h Hook) String() string {
@@ -67,10 +67,10 @@ func (h Hook) String() string {
 // information.
 type createHookRequest struct {
 	// Config is required.
-	Name   string                 `json:"name"`
-	Config map[string]interface{} `json:"config,omitempty"`
-	Events []string               `json:"events,omitempty"`
-	Active *bool                  `json:"active,omitempty"`
+	Name   string      `json:"name"`
+	Config *HookConfig `json:"config,omitempty"`
+	Events []string    `json:"events,omitempty"`
+	Active *bool       `json:"active,omitempty"`
 }
 
 // CreateHook creates a Hook for the specified repository.
@@ -79,7 +79,9 @@ type createHookRequest struct {
 // Note that only a subset of the hook fields are used and hook must
 // not be nil.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repos#create-a-repository-webhook
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#create-a-repository-webhook
+//
+//meta:operation POST /repos/{owner}/{repo}/hooks
 func (s *RepositoriesService) CreateHook(ctx context.Context, owner, repo string, hook *Hook) (*Hook, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks", owner, repo)
 
@@ -106,7 +108,9 @@ func (s *RepositoriesService) CreateHook(ctx context.Context, owner, repo string
 
 // ListHooks lists all Hooks for the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repos#list-repository-webhooks
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#list-repository-webhooks
+//
+//meta:operation GET /repos/{owner}/{repo}/hooks
 func (s *RepositoriesService) ListHooks(ctx context.Context, owner, repo string, opts *ListOptions) ([]*Hook, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks", owner, repo)
 	u, err := addOptions(u, opts)
@@ -130,7 +134,9 @@ func (s *RepositoriesService) ListHooks(ctx context.Context, owner, repo string,
 
 // GetHook returns a single specified Hook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repos#get-a-repository-webhook
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#get-a-repository-webhook
+//
+//meta:operation GET /repos/{owner}/{repo}/hooks/{hook_id}
 func (s *RepositoriesService) GetHook(ctx context.Context, owner, repo string, id int64) (*Hook, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks/%d", owner, repo, id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -148,7 +154,9 @@ func (s *RepositoriesService) GetHook(ctx context.Context, owner, repo string, i
 
 // EditHook updates a specified Hook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repos#update-a-repository-webhook
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#update-a-repository-webhook
+//
+//meta:operation PATCH /repos/{owner}/{repo}/hooks/{hook_id}
 func (s *RepositoriesService) EditHook(ctx context.Context, owner, repo string, id int64, hook *Hook) (*Hook, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks/%d", owner, repo, id)
 	req, err := s.client.NewRequest("PATCH", u, hook)
@@ -166,7 +174,9 @@ func (s *RepositoriesService) EditHook(ctx context.Context, owner, repo string,
 
 // DeleteHook deletes a specified Hook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repos#delete-a-repository-webhook
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#delete-a-repository-webhook
+//
+//meta:operation DELETE /repos/{owner}/{repo}/hooks/{hook_id}
 func (s *RepositoriesService) DeleteHook(ctx context.Context, owner, repo string, id int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks/%d", owner, repo, id)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -178,7 +188,9 @@ func (s *RepositoriesService) DeleteHook(ctx context.Context, owner, repo string
 
 // PingHook triggers a 'ping' event to be sent to the Hook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repos#ping-a-repository-webhook
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#ping-a-repository-webhook
+//
+//meta:operation POST /repos/{owner}/{repo}/hooks/{hook_id}/pings
 func (s *RepositoriesService) PingHook(ctx context.Context, owner, repo string, id int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks/%d/pings", owner, repo, id)
 	req, err := s.client.NewRequest("POST", u, nil)
@@ -190,7 +202,9 @@ func (s *RepositoriesService) PingHook(ctx context.Context, owner, repo string,
 
 // TestHook triggers a test Hook by github.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repos#test-the-push-repository-webhook
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#test-the-push-repository-webhook
+//
+//meta:operation POST /repos/{owner}/{repo}/hooks/{hook_id}/tests
 func (s *RepositoriesService) TestHook(ctx context.Context, owner, repo string, id int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks/%d/tests", owner, repo, id)
 	req, err := s.client.NewRequest("POST", u, nil)
@@ -202,7 +216,9 @@ func (s *RepositoriesService) TestHook(ctx context.Context, owner, repo string,
 
 // Subscribe lets servers register to receive updates when a topic is updated.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks#pubsubhubbub
+// GitHub API docs: https://docs.github.com/webhooks/about-webhooks-for-repositories#pubsubhubbub
+//
+//meta:operation POST /hub
 func (s *RepositoriesService) Subscribe(ctx context.Context, owner, repo, event, callback string, secret []byte) (*Response, error) {
 	req, err := s.createWebSubRequest("subscribe", owner, repo, event, callback, secret)
 	if err != nil {
@@ -214,7 +230,9 @@ func (s *RepositoriesService) Subscribe(ctx context.Context, owner, repo, event,
 
 // Unsubscribe lets servers unregister to no longer receive updates when a topic is updated.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks#pubsubhubbub
+// GitHub API docs: https://docs.github.com/webhooks/about-webhooks-for-repositories#pubsubhubbub
+//
+//meta:operation POST /hub
 func (s *RepositoriesService) Unsubscribe(ctx context.Context, owner, repo, event, callback string, secret []byte) (*Response, error) {
 	req, err := s.createWebSubRequest("unsubscribe", owner, repo, event, callback, secret)
 	if err != nil {
diff --git a/vendor/github.com/google/go-github/v55/github/repos_hooks_configuration.go b/vendor/github.com/google/go-github/v72/github/repos_hooks_configuration.go
similarity index 54%
rename from vendor/github.com/google/go-github/v55/github/repos_hooks_configuration.go
rename to vendor/github.com/google/go-github/v72/github/repos_hooks_configuration.go
index 5aadfb645e..9560bd7a4b 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_hooks_configuration.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_hooks_configuration.go
@@ -10,9 +10,26 @@ import (
 	"fmt"
 )
 
+// HookConfig describes metadata about a webhook configuration.
+type HookConfig struct {
+	// The media type used to serialize the payloads
+	// Possible values are `json` and `form`, the field is not specified the default is `form`
+	ContentType *string `json:"content_type,omitempty"`
+	// The possible values are 0 and 1.
+	// Setting it to 1 will allow skip certificate verification for the host,
+	// potentially exposing to MitM attacks: https://en.wikipedia.org/wiki/Man-in-the-middle_attack
+	InsecureSSL *string `json:"insecure_ssl,omitempty"`
+	URL         *string `json:"url,omitempty"`
+
+	// Secret is returned obfuscated by GitHub, but it can be set for outgoing requests.
+	Secret *string `json:"secret,omitempty"`
+}
+
 // GetHookConfiguration returns the configuration for the specified repository webhook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repo-config?apiVersion=2022-11-28#get-a-webhook-configuration-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#get-a-webhook-configuration-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/hooks/{hook_id}/config
 func (s *RepositoriesService) GetHookConfiguration(ctx context.Context, owner, repo string, id int64) (*HookConfig, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks/%v/config", owner, repo, id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -31,7 +48,9 @@ func (s *RepositoriesService) GetHookConfiguration(ctx context.Context, owner, r
 
 // EditHookConfiguration updates the configuration for the specified repository webhook.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repo-config?apiVersion=2022-11-28#update-a-webhook-configuration-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#update-a-webhook-configuration-for-a-repository
+//
+//meta:operation PATCH /repos/{owner}/{repo}/hooks/{hook_id}/config
 func (s *RepositoriesService) EditHookConfiguration(ctx context.Context, owner, repo string, id int64, config *HookConfig) (*HookConfig, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks/%v/config", owner, repo, id)
 	req, err := s.client.NewRequest("PATCH", u, config)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_hooks_deliveries.go b/vendor/github.com/google/go-github/v72/github/repos_hooks_deliveries.go
similarity index 75%
rename from vendor/github.com/google/go-github/v55/github/repos_hooks_deliveries.go
rename to vendor/github.com/google/go-github/v72/github/repos_hooks_deliveries.go
index 5f2f8807e4..bcd4b336e5 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_hooks_deliveries.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_hooks_deliveries.go
@@ -9,13 +9,14 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"strings"
 )
 
 // HookDelivery represents the data that is received from GitHub's Webhook Delivery API
 //
 // GitHub API docs:
-// - https://docs.github.com/en/rest/webhooks/repo-deliveries#list-deliveries-for-a-repository-webhook
-// - https://docs.github.com/en/rest/webhooks/repo-deliveries#get-a-delivery-for-a-repository-webhook
+// - https://docs.github.com/rest/webhooks/repo-deliveries#list-deliveries-for-a-repository-webhook
+// - https://docs.github.com/rest/webhooks/repo-deliveries#get-a-delivery-for-a-repository-webhook
 type HookDelivery struct {
 	ID             *int64     `json:"id,omitempty"`
 	GUID           *string    `json:"guid,omitempty"`
@@ -39,6 +40,16 @@ func (d HookDelivery) String() string {
 	return Stringify(d)
 }
 
+// getHeader common function for GetHeader funcs of HookRequest & HookResponse.
+func getHeader(headers map[string]string, key string) string {
+	for k, v := range headers {
+		if strings.EqualFold(k, key) {
+			return v
+		}
+	}
+	return ""
+}
+
 // HookRequest is a part of HookDelivery that contains
 // the HTTP headers and the JSON payload of the webhook request.
 type HookRequest struct {
@@ -46,6 +57,11 @@ type HookRequest struct {
 	RawPayload *json.RawMessage  `json:"payload,omitempty"`
 }
 
+// GetHeader gets the value associated with the given key (ignoring key case).
+func (r *HookRequest) GetHeader(key string) string {
+	return getHeader(r.Headers, key)
+}
+
 func (r HookRequest) String() string {
 	return Stringify(r)
 }
@@ -57,13 +73,20 @@ type HookResponse struct {
 	RawPayload *json.RawMessage  `json:"payload,omitempty"`
 }
 
+// GetHeader gets the value associated with the given key (ignoring key case).
+func (r *HookResponse) GetHeader(key string) string {
+	return getHeader(r.Headers, key)
+}
+
 func (r HookResponse) String() string {
 	return Stringify(r)
 }
 
 // ListHookDeliveries lists webhook deliveries for a webhook configured in a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repo-deliveries#list-deliveries-for-a-repository-webhook
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#list-deliveries-for-a-repository-webhook
+//
+//meta:operation GET /repos/{owner}/{repo}/hooks/{hook_id}/deliveries
 func (s *RepositoriesService) ListHookDeliveries(ctx context.Context, owner, repo string, id int64, opts *ListCursorOptions) ([]*HookDelivery, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks/%v/deliveries", owner, repo, id)
 	u, err := addOptions(u, opts)
@@ -87,7 +110,9 @@ func (s *RepositoriesService) ListHookDeliveries(ctx context.Context, owner, rep
 
 // GetHookDelivery returns a delivery for a webhook configured in a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repo-deliveries#get-a-delivery-for-a-repository-webhook
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#get-a-delivery-for-a-repository-webhook
+//
+//meta:operation GET /repos/{owner}/{repo}/hooks/{hook_id}/deliveries/{delivery_id}
 func (s *RepositoriesService) GetHookDelivery(ctx context.Context, owner, repo string, hookID, deliveryID int64) (*HookDelivery, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks/%v/deliveries/%v", owner, repo, hookID, deliveryID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -106,7 +131,9 @@ func (s *RepositoriesService) GetHookDelivery(ctx context.Context, owner, repo s
 
 // RedeliverHookDelivery redelivers a delivery for a webhook configured in a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/webhooks/repo-deliveries#redeliver-a-delivery-for-a-repository-webhook
+// GitHub API docs: https://docs.github.com/rest/repos/webhooks#redeliver-a-delivery-for-a-repository-webhook
+//
+//meta:operation POST /repos/{owner}/{repo}/hooks/{hook_id}/deliveries/{delivery_id}/attempts
 func (s *RepositoriesService) RedeliverHookDelivery(ctx context.Context, owner, repo string, hookID, deliveryID int64) (*HookDelivery, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/hooks/%v/deliveries/%v/attempts", owner, repo, hookID, deliveryID)
 	req, err := s.client.NewRequest("POST", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_invitations.go b/vendor/github.com/google/go-github/v72/github/repos_invitations.go
similarity index 82%
rename from vendor/github.com/google/go-github/v55/github/repos_invitations.go
rename to vendor/github.com/google/go-github/v72/github/repos_invitations.go
index 81956cd49c..98fe01d1c9 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_invitations.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_invitations.go
@@ -23,11 +23,14 @@ type RepositoryInvitation struct {
 	CreatedAt   *Timestamp `json:"created_at,omitempty"`
 	URL         *string    `json:"url,omitempty"`
 	HTMLURL     *string    `json:"html_url,omitempty"`
+	Expired     *bool      `json:"expired,omitempty"`
 }
 
 // ListInvitations lists all currently-open repository invitations.
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/invitations#list-repository-invitations
+// GitHub API docs: https://docs.github.com/rest/collaborators/invitations#list-repository-invitations
+//
+//meta:operation GET /repos/{owner}/{repo}/invitations
 func (s *RepositoriesService) ListInvitations(ctx context.Context, owner, repo string, opts *ListOptions) ([]*RepositoryInvitation, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/invitations", owner, repo)
 	u, err := addOptions(u, opts)
@@ -51,7 +54,9 @@ func (s *RepositoriesService) ListInvitations(ctx context.Context, owner, repo s
 
 // DeleteInvitation deletes a repository invitation.
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/invitations#delete-a-repository-invitation
+// GitHub API docs: https://docs.github.com/rest/collaborators/invitations#delete-a-repository-invitation
+//
+//meta:operation DELETE /repos/{owner}/{repo}/invitations/{invitation_id}
 func (s *RepositoriesService) DeleteInvitation(ctx context.Context, owner, repo string, invitationID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/invitations/%v", owner, repo, invitationID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -68,7 +73,9 @@ func (s *RepositoriesService) DeleteInvitation(ctx context.Context, owner, repo
 // permissions represents the permissions that the associated user will have
 // on the repository. Possible values are: "read", "write", "admin".
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/invitations#update-a-repository-invitation
+// GitHub API docs: https://docs.github.com/rest/collaborators/invitations#update-a-repository-invitation
+//
+//meta:operation PATCH /repos/{owner}/{repo}/invitations/{invitation_id}
 func (s *RepositoriesService) UpdateInvitation(ctx context.Context, owner, repo string, invitationID int64, permissions string) (*RepositoryInvitation, *Response, error) {
 	opts := &struct {
 		Permissions string `json:"permissions"`
diff --git a/vendor/github.com/google/go-github/v55/github/repos_keys.go b/vendor/github.com/google/go-github/v72/github/repos_keys.go
similarity index 77%
rename from vendor/github.com/google/go-github/v55/github/repos_keys.go
rename to vendor/github.com/google/go-github/v72/github/repos_keys.go
index 42c5de4970..cc86f8bbd0 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_keys.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_keys.go
@@ -14,7 +14,9 @@ import (
 
 // ListKeys lists the deploy keys for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deploy-keys#list-deploy-keys
+// GitHub API docs: https://docs.github.com/rest/deploy-keys/deploy-keys#list-deploy-keys
+//
+//meta:operation GET /repos/{owner}/{repo}/keys
 func (s *RepositoriesService) ListKeys(ctx context.Context, owner string, repo string, opts *ListOptions) ([]*Key, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/keys", owner, repo)
 	u, err := addOptions(u, opts)
@@ -38,7 +40,9 @@ func (s *RepositoriesService) ListKeys(ctx context.Context, owner string, repo s
 
 // GetKey fetches a single deploy key.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deploy-keys#get-a-deploy-key
+// GitHub API docs: https://docs.github.com/rest/deploy-keys/deploy-keys#get-a-deploy-key
+//
+//meta:operation GET /repos/{owner}/{repo}/keys/{key_id}
 func (s *RepositoriesService) GetKey(ctx context.Context, owner string, repo string, id int64) (*Key, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/keys/%v", owner, repo, id)
 
@@ -58,7 +62,9 @@ func (s *RepositoriesService) GetKey(ctx context.Context, owner string, repo str
 
 // CreateKey adds a deploy key for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deploy-keys#create-a-deploy-key
+// GitHub API docs: https://docs.github.com/rest/deploy-keys/deploy-keys#create-a-deploy-key
+//
+//meta:operation POST /repos/{owner}/{repo}/keys
 func (s *RepositoriesService) CreateKey(ctx context.Context, owner string, repo string, key *Key) (*Key, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/keys", owner, repo)
 
@@ -78,7 +84,9 @@ func (s *RepositoriesService) CreateKey(ctx context.Context, owner string, repo
 
 // DeleteKey deletes a deploy key.
 //
-// GitHub API docs: https://docs.github.com/en/rest/deploy-keys#delete-a-deploy-key
+// GitHub API docs: https://docs.github.com/rest/deploy-keys/deploy-keys#delete-a-deploy-key
+//
+//meta:operation DELETE /repos/{owner}/{repo}/keys/{key_id}
 func (s *RepositoriesService) DeleteKey(ctx context.Context, owner string, repo string, id int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/keys/%v", owner, repo, id)
 
diff --git a/vendor/github.com/google/go-github/v55/github/repos_lfs.go b/vendor/github.com/google/go-github/v72/github/repos_lfs.go
similarity index 76%
rename from vendor/github.com/google/go-github/v55/github/repos_lfs.go
rename to vendor/github.com/google/go-github/v72/github/repos_lfs.go
index 6ac2e5a877..f0153c0808 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_lfs.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_lfs.go
@@ -12,7 +12,9 @@ import (
 
 // EnableLFS turns the LFS (Large File Storage) feature ON for the selected repo.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/lfs#enable-git-lfs-for-a-repository
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/repos/lfs#enable-git-lfs-for-a-repository
+//
+//meta:operation PUT /repos/{owner}/{repo}/lfs
 func (s *RepositoriesService) EnableLFS(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/lfs", owner, repo)
 
@@ -31,7 +33,9 @@ func (s *RepositoriesService) EnableLFS(ctx context.Context, owner, repo string)
 
 // DisableLFS turns the LFS (Large File Storage) feature OFF for the selected repo.
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/lfs#disable-git-lfs-for-a-repository
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/repos/lfs#disable-git-lfs-for-a-repository
+//
+//meta:operation DELETE /repos/{owner}/{repo}/lfs
 func (s *RepositoriesService) DisableLFS(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/lfs", owner, repo)
 
diff --git a/vendor/github.com/google/go-github/v55/github/repos_merging.go b/vendor/github.com/google/go-github/v72/github/repos_merging.go
similarity index 87%
rename from vendor/github.com/google/go-github/v55/github/repos_merging.go
rename to vendor/github.com/google/go-github/v72/github/repos_merging.go
index 66e88452e8..b26e5da1af 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_merging.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_merging.go
@@ -34,7 +34,9 @@ type RepoMergeUpstreamResult struct {
 
 // Merge a branch in the specified repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branches#merge-a-branch
+// GitHub API docs: https://docs.github.com/rest/branches/branches#merge-a-branch
+//
+//meta:operation POST /repos/{owner}/{repo}/merges
 func (s *RepositoriesService) Merge(ctx context.Context, owner, repo string, request *RepositoryMergeRequest) (*RepositoryCommit, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/merges", owner, repo)
 	req, err := s.client.NewRequest("POST", u, request)
@@ -54,7 +56,9 @@ func (s *RepositoriesService) Merge(ctx context.Context, owner, repo string, req
 // MergeUpstream syncs a branch of a forked repository to keep it up-to-date
 // with the upstream repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/branches/branches#sync-a-fork-branch-with-the-upstream-repository
+// GitHub API docs: https://docs.github.com/rest/branches/branches#sync-a-fork-branch-with-the-upstream-repository
+//
+//meta:operation POST /repos/{owner}/{repo}/merge-upstream
 func (s *RepositoriesService) MergeUpstream(ctx context.Context, owner, repo string, request *RepoMergeUpstreamRequest) (*RepoMergeUpstreamResult, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/merge-upstream", owner, repo)
 	req, err := s.client.NewRequest("POST", u, request)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_pages.go b/vendor/github.com/google/go-github/v72/github/repos_pages.go
similarity index 80%
rename from vendor/github.com/google/go-github/v55/github/repos_pages.go
rename to vendor/github.com/google/go-github/v72/github/repos_pages.go
index 83075dbdd2..930f6000b7 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_pages.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_pages.go
@@ -103,7 +103,9 @@ type createPagesRequest struct {
 
 // EnablePages enables GitHub Pages for the named repo.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pages#create-a-github-pages-site
+// GitHub API docs: https://docs.github.com/rest/pages/pages#create-a-github-pages-site
+//
+//meta:operation POST /repos/{owner}/{repo}/pages
 func (s *RepositoriesService) EnablePages(ctx context.Context, owner, repo string, pages *Pages) (*Pages, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pages", owner, repo)
 
@@ -153,7 +155,9 @@ type PagesUpdate struct {
 
 // UpdatePages updates GitHub Pages for the named repo.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pages#update-information-about-a-github-pages-site
+// GitHub API docs: https://docs.github.com/rest/pages/pages#update-information-about-a-github-pages-site
+//
+//meta:operation PUT /repos/{owner}/{repo}/pages
 func (s *RepositoriesService) UpdatePages(ctx context.Context, owner, repo string, opts *PagesUpdate) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pages", owner, repo)
 
@@ -166,13 +170,44 @@ func (s *RepositoriesService) UpdatePages(ctx context.Context, owner, repo strin
 	if err != nil {
 		return resp, err
 	}
+	return resp, nil
+}
+
+// PagesUpdateWithoutCNAME defines parameters for updating a GitHub Pages site on GitHub Enterprise Servers.
+// Sending a request with a CNAME (any value, empty string, or null) results in a 400 error: "Custom domains are not available for GitHub Pages".
+type PagesUpdateWithoutCNAME struct {
+	BuildType     *string      `json:"build_type,omitempty"`
+	Source        *PagesSource `json:"source,omitempty"`
+	Public        *bool        `json:"public,omitempty"`
+	HTTPSEnforced *bool        `json:"https_enforced,omitempty"`
+}
+
+// UpdatePagesGHES updates GitHub Pages for the named repo in GitHub Enterprise Servers.
+//
+// GitHub API docs: https://docs.github.com/rest/pages/pages#update-information-about-a-github-pages-site
+//
+//meta:operation PUT /repos/{owner}/{repo}/pages
+func (s *RepositoriesService) UpdatePagesGHES(ctx context.Context, owner, repo string, opts *PagesUpdateWithoutCNAME) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/pages", owner, repo)
 
+	req, err := s.client.NewRequest("PUT", u, opts)
+
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
 	return resp, nil
 }
 
 // DisablePages disables GitHub Pages for the named repo.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pages#delete-a-github-pages-site
+// GitHub API docs: https://docs.github.com/rest/pages/pages#delete-a-github-pages-site
+//
+//meta:operation DELETE /repos/{owner}/{repo}/pages
 func (s *RepositoriesService) DisablePages(ctx context.Context, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pages", owner, repo)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -188,7 +223,9 @@ func (s *RepositoriesService) DisablePages(ctx context.Context, owner, repo stri
 
 // GetPagesInfo fetches information about a GitHub Pages site.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pages#get-a-github-pages-site
+// GitHub API docs: https://docs.github.com/rest/pages/pages#get-a-github-pages-site
+//
+//meta:operation GET /repos/{owner}/{repo}/pages
 func (s *RepositoriesService) GetPagesInfo(ctx context.Context, owner, repo string) (*Pages, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pages", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -207,7 +244,9 @@ func (s *RepositoriesService) GetPagesInfo(ctx context.Context, owner, repo stri
 
 // ListPagesBuilds lists the builds for a GitHub Pages site.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pages#list-github-pages-builds
+// GitHub API docs: https://docs.github.com/rest/pages/pages#list-github-pages-builds
+//
+//meta:operation GET /repos/{owner}/{repo}/pages/builds
 func (s *RepositoriesService) ListPagesBuilds(ctx context.Context, owner, repo string, opts *ListOptions) ([]*PagesBuild, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pages/builds", owner, repo)
 	u, err := addOptions(u, opts)
@@ -231,7 +270,9 @@ func (s *RepositoriesService) ListPagesBuilds(ctx context.Context, owner, repo s
 
 // GetLatestPagesBuild fetches the latest build information for a GitHub pages site.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pages#get-latest-pages-build
+// GitHub API docs: https://docs.github.com/rest/pages/pages#get-latest-pages-build
+//
+//meta:operation GET /repos/{owner}/{repo}/pages/builds/latest
 func (s *RepositoriesService) GetLatestPagesBuild(ctx context.Context, owner, repo string) (*PagesBuild, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pages/builds/latest", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -250,7 +291,9 @@ func (s *RepositoriesService) GetLatestPagesBuild(ctx context.Context, owner, re
 
 // GetPageBuild fetches the specific build information for a GitHub pages site.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pages#get-github-pages-build
+// GitHub API docs: https://docs.github.com/rest/pages/pages#get-github-pages-build
+//
+//meta:operation GET /repos/{owner}/{repo}/pages/builds/{build_id}
 func (s *RepositoriesService) GetPageBuild(ctx context.Context, owner, repo string, id int64) (*PagesBuild, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pages/builds/%v", owner, repo, id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -269,7 +312,9 @@ func (s *RepositoriesService) GetPageBuild(ctx context.Context, owner, repo stri
 
 // RequestPageBuild requests a build of a GitHub Pages site without needing to push new commit.
 //
-// GitHub API docs: https://docs.github.com/en/rest/pages#request-a-github-pages-build
+// GitHub API docs: https://docs.github.com/rest/pages/pages#request-a-github-pages-build
+//
+//meta:operation POST /repos/{owner}/{repo}/pages/builds
 func (s *RepositoriesService) RequestPageBuild(ctx context.Context, owner, repo string) (*PagesBuild, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pages/builds", owner, repo)
 	req, err := s.client.NewRequest("POST", u, nil)
@@ -286,9 +331,11 @@ func (s *RepositoriesService) RequestPageBuild(ctx context.Context, owner, repo
 	return build, resp, nil
 }
 
-// GetPagesHealthCheck gets a DNS health check for the CNAME record configured for a repository's GitHub Pages.
+// GetPageHealthCheck gets a DNS health check for the CNAME record configured for a repository's GitHub Pages.
+//
+// GitHub API docs: https://docs.github.com/rest/pages/pages#get-a-dns-health-check-for-github-pages
 //
-// GitHub API docs: https://docs.github.com/en/rest/pages#get-a-dns-health-check-for-github-pages
+//meta:operation GET /repos/{owner}/{repo}/pages/health
 func (s *RepositoriesService) GetPageHealthCheck(ctx context.Context, owner, repo string) (*PagesHealthCheckResponse, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pages/health", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_prereceive_hooks.go b/vendor/github.com/google/go-github/v72/github/repos_prereceive_hooks.go
similarity index 76%
rename from vendor/github.com/google/go-github/v55/github/repos_prereceive_hooks.go
rename to vendor/github.com/google/go-github/v72/github/repos_prereceive_hooks.go
index 1ce6478d33..82f6ba0f72 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_prereceive_hooks.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_prereceive_hooks.go
@@ -24,7 +24,9 @@ func (p PreReceiveHook) String() string {
 
 // ListPreReceiveHooks lists all pre-receive hooks for the specified repository.
 //
-// GitHub API docs: https://developer.github.com/enterprise/2.13/v3/repos/pre_receive_hooks/#list-pre-receive-hooks
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/repo-pre-receive-hooks#list-pre-receive-hooks-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/pre-receive-hooks
 func (s *RepositoriesService) ListPreReceiveHooks(ctx context.Context, owner, repo string, opts *ListOptions) ([]*PreReceiveHook, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pre-receive-hooks", owner, repo)
 	u, err := addOptions(u, opts)
@@ -51,7 +53,9 @@ func (s *RepositoriesService) ListPreReceiveHooks(ctx context.Context, owner, re
 
 // GetPreReceiveHook returns a single specified pre-receive hook.
 //
-// GitHub API docs: https://developer.github.com/enterprise/2.13/v3/repos/pre_receive_hooks/#get-a-single-pre-receive-hook
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/repo-pre-receive-hooks#get-a-pre-receive-hook-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id}
 func (s *RepositoriesService) GetPreReceiveHook(ctx context.Context, owner, repo string, id int64) (*PreReceiveHook, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pre-receive-hooks/%d", owner, repo, id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -73,7 +77,9 @@ func (s *RepositoriesService) GetPreReceiveHook(ctx context.Context, owner, repo
 
 // UpdatePreReceiveHook updates a specified pre-receive hook.
 //
-// GitHub API docs: https://developer.github.com/enterprise/2.13/v3/repos/pre_receive_hooks/#update-pre-receive-hook-enforcement
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/repo-pre-receive-hooks#update-pre-receive-hook-enforcement-for-a-repository
+//
+//meta:operation PATCH /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id}
 func (s *RepositoriesService) UpdatePreReceiveHook(ctx context.Context, owner, repo string, id int64, hook *PreReceiveHook) (*PreReceiveHook, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pre-receive-hooks/%d", owner, repo, id)
 	req, err := s.client.NewRequest("PATCH", u, hook)
@@ -95,7 +101,9 @@ func (s *RepositoriesService) UpdatePreReceiveHook(ctx context.Context, owner, r
 
 // DeletePreReceiveHook deletes a specified pre-receive hook.
 //
-// GitHub API docs: https://developer.github.com/enterprise/2.13/v3/repos/pre_receive_hooks/#remove-enforcement-overrides-for-a-pre-receive-hook
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/repo-pre-receive-hooks#remove-pre-receive-hook-enforcement-for-a-repository
+//
+//meta:operation DELETE /repos/{owner}/{repo}/pre-receive-hooks/{pre_receive_hook_id}
 func (s *RepositoriesService) DeletePreReceiveHook(ctx context.Context, owner, repo string, id int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/pre-receive-hooks/%d", owner, repo, id)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v72/github/repos_properties.go b/vendor/github.com/google/go-github/v72/github/repos_properties.go
new file mode 100644
index 0000000000..5b12bc8b30
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/repos_properties.go
@@ -0,0 +1,60 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// GetAllCustomPropertyValues gets all custom property values that are set for a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/custom-properties#get-all-custom-property-values-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/properties/values
+func (s *RepositoriesService) GetAllCustomPropertyValues(ctx context.Context, org, repo string) ([]*CustomPropertyValue, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/properties/values", org, repo)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var customPropertyValues []*CustomPropertyValue
+	resp, err := s.client.Do(ctx, req, &customPropertyValues)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return customPropertyValues, resp, nil
+}
+
+// CreateOrUpdateCustomProperties creates new or updates existing custom property values for a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/custom-properties#create-or-update-custom-property-values-for-a-repository
+//
+//meta:operation PATCH /repos/{owner}/{repo}/properties/values
+func (s *RepositoriesService) CreateOrUpdateCustomProperties(ctx context.Context, org, repo string, customPropertyValues []*CustomPropertyValue) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/properties/values", org, repo)
+
+	params := struct {
+		Properties []*CustomPropertyValue `json:"properties"`
+	}{
+		Properties: customPropertyValues,
+	}
+
+	req, err := s.client.NewRequest("PATCH", u, params)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/repos_releases.go b/vendor/github.com/google/go-github/v72/github/repos_releases.go
similarity index 84%
rename from vendor/github.com/google/go-github/v55/github/repos_releases.go
rename to vendor/github.com/google/go-github/v72/github/repos_releases.go
index 464c2ee1e2..6023f63271 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_releases.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_releases.go
@@ -87,7 +87,9 @@ func (r ReleaseAsset) String() string {
 
 // ListReleases lists the releases for a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/releases#list-releases
+// GitHub API docs: https://docs.github.com/rest/releases/releases#list-releases
+//
+//meta:operation GET /repos/{owner}/{repo}/releases
 func (s *RepositoriesService) ListReleases(ctx context.Context, owner, repo string, opts *ListOptions) ([]*RepositoryRelease, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases", owner, repo)
 	u, err := addOptions(u, opts)
@@ -110,7 +112,9 @@ func (s *RepositoriesService) ListReleases(ctx context.Context, owner, repo stri
 
 // GetRelease fetches a single release.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/releases#get-a-release
+// GitHub API docs: https://docs.github.com/rest/releases/releases#get-a-release
+//
+//meta:operation GET /repos/{owner}/{repo}/releases/{release_id}
 func (s *RepositoriesService) GetRelease(ctx context.Context, owner, repo string, id int64) (*RepositoryRelease, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/%d", owner, repo, id)
 	return s.getSingleRelease(ctx, u)
@@ -118,7 +122,9 @@ func (s *RepositoriesService) GetRelease(ctx context.Context, owner, repo string
 
 // GetLatestRelease fetches the latest published release for the repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/releases#get-the-latest-release
+// GitHub API docs: https://docs.github.com/rest/releases/releases#get-the-latest-release
+//
+//meta:operation GET /repos/{owner}/{repo}/releases/latest
 func (s *RepositoriesService) GetLatestRelease(ctx context.Context, owner, repo string) (*RepositoryRelease, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/latest", owner, repo)
 	return s.getSingleRelease(ctx, u)
@@ -126,7 +132,9 @@ func (s *RepositoriesService) GetLatestRelease(ctx context.Context, owner, repo
 
 // GetReleaseByTag fetches a release with the specified tag.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/releases#get-a-release-by-tag-name
+// GitHub API docs: https://docs.github.com/rest/releases/releases#get-a-release-by-tag-name
+//
+//meta:operation GET /repos/{owner}/{repo}/releases/tags/{tag}
 func (s *RepositoriesService) GetReleaseByTag(ctx context.Context, owner, repo, tag string) (*RepositoryRelease, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/tags/%s", owner, repo, tag)
 	return s.getSingleRelease(ctx, u)
@@ -134,7 +142,9 @@ func (s *RepositoriesService) GetReleaseByTag(ctx context.Context, owner, repo,
 
 // GenerateReleaseNotes generates the release notes for the given tag.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/releases#generate-release-notes-content-for-a-release
+// GitHub API docs: https://docs.github.com/rest/releases/releases#generate-release-notes-content-for-a-release
+//
+//meta:operation POST /repos/{owner}/{repo}/releases/generate-notes
 func (s *RepositoriesService) GenerateReleaseNotes(ctx context.Context, owner, repo string, opts *GenerateNotesOptions) (*RepositoryReleaseNotes, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/generate-notes", owner, repo)
 	req, err := s.client.NewRequest("POST", u, opts)
@@ -188,7 +198,9 @@ type repositoryReleaseRequest struct {
 // Note that only a subset of the release fields are used.
 // See RepositoryRelease for more information.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/releases#create-a-release
+// GitHub API docs: https://docs.github.com/rest/releases/releases#create-a-release
+//
+//meta:operation POST /repos/{owner}/{repo}/releases
 func (s *RepositoriesService) CreateRelease(ctx context.Context, owner, repo string, release *RepositoryRelease) (*RepositoryRelease, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases", owner, repo)
 
@@ -222,7 +234,9 @@ func (s *RepositoriesService) CreateRelease(ctx context.Context, owner, repo str
 // Note that only a subset of the release fields are used.
 // See RepositoryRelease for more information.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/releases#update-a-release
+// GitHub API docs: https://docs.github.com/rest/releases/releases#update-a-release
+//
+//meta:operation PATCH /repos/{owner}/{repo}/releases/{release_id}
 func (s *RepositoriesService) EditRelease(ctx context.Context, owner, repo string, id int64, release *RepositoryRelease) (*RepositoryRelease, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/%d", owner, repo, id)
 
@@ -252,7 +266,9 @@ func (s *RepositoriesService) EditRelease(ctx context.Context, owner, repo strin
 
 // DeleteRelease delete a single release from a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/releases#delete-a-release
+// GitHub API docs: https://docs.github.com/rest/releases/releases#delete-a-release
+//
+//meta:operation DELETE /repos/{owner}/{repo}/releases/{release_id}
 func (s *RepositoriesService) DeleteRelease(ctx context.Context, owner, repo string, id int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/%d", owner, repo, id)
 
@@ -265,7 +281,9 @@ func (s *RepositoriesService) DeleteRelease(ctx context.Context, owner, repo str
 
 // ListReleaseAssets lists the release's assets.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/assets#list-release-assets
+// GitHub API docs: https://docs.github.com/rest/releases/assets#list-release-assets
+//
+//meta:operation GET /repos/{owner}/{repo}/releases/{release_id}/assets
 func (s *RepositoriesService) ListReleaseAssets(ctx context.Context, owner, repo string, id int64, opts *ListOptions) ([]*ReleaseAsset, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/%d/assets", owner, repo, id)
 	u, err := addOptions(u, opts)
@@ -288,7 +306,9 @@ func (s *RepositoriesService) ListReleaseAssets(ctx context.Context, owner, repo
 
 // GetReleaseAsset fetches a single release asset.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/assets#get-a-release-asset
+// GitHub API docs: https://docs.github.com/rest/releases/assets#get-a-release-asset
+//
+//meta:operation GET /repos/{owner}/{repo}/releases/assets/{asset_id}
 func (s *RepositoriesService) GetReleaseAsset(ctx context.Context, owner, repo string, id int64) (*ReleaseAsset, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/assets/%d", owner, repo, id)
 
@@ -313,11 +333,14 @@ func (s *RepositoriesService) GetReleaseAsset(ctx context.Context, owner, repo s
 // of the io.ReadCloser. Exactly one of rc and redirectURL will be zero.
 //
 // followRedirectsClient can be passed to download the asset from a redirected
-// location. Passing http.DefaultClient is recommended unless special circumstances
-// exist, but it's possible to pass any http.Client. If nil is passed the
-// redirectURL will be returned instead.
+// location. Specifying any http.Client is possible, but passing http.DefaultClient
+// is recommended, except when the specified repository is private, in which case
+// it's necessary to pass an http.Client that performs authenticated requests.
+// If nil is passed the redirectURL will be returned instead.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/assets#get-a-release-asset
+// GitHub API docs: https://docs.github.com/rest/releases/assets#get-a-release-asset
+//
+//meta:operation GET /repos/{owner}/{repo}/releases/assets/{asset_id}
 func (s *RepositoriesService) DownloadReleaseAsset(ctx context.Context, owner, repo string, id int64, followRedirectsClient *http.Client) (rc io.ReadCloser, redirectURL string, err error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/assets/%d", owner, repo, id)
 
@@ -352,7 +375,7 @@ func (s *RepositoriesService) DownloadReleaseAsset(ctx context.Context, owner, r
 	}
 
 	if err := CheckResponse(resp); err != nil {
-		resp.Body.Close()
+		_ = resp.Body.Close()
 		return nil, "", err
 	}
 
@@ -365,13 +388,13 @@ func (s *RepositoriesService) downloadReleaseAssetFromURL(ctx context.Context, f
 		return nil, err
 	}
 	req = withContext(ctx, req)
-	req.Header.Set("Accept", "*/*")
+	req.Header.Set("Accept", defaultMediaType)
 	resp, err := followRedirectsClient.Do(req)
 	if err != nil {
 		return nil, err
 	}
 	if err := CheckResponse(resp); err != nil {
-		resp.Body.Close()
+		_ = resp.Body.Close()
 		return nil, err
 	}
 	return resp.Body, nil
@@ -379,7 +402,9 @@ func (s *RepositoriesService) downloadReleaseAssetFromURL(ctx context.Context, f
 
 // EditReleaseAsset edits a repository release asset.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/assets#update-a-release-asset
+// GitHub API docs: https://docs.github.com/rest/releases/assets#update-a-release-asset
+//
+//meta:operation PATCH /repos/{owner}/{repo}/releases/assets/{asset_id}
 func (s *RepositoriesService) EditReleaseAsset(ctx context.Context, owner, repo string, id int64, release *ReleaseAsset) (*ReleaseAsset, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/assets/%d", owner, repo, id)
 
@@ -398,7 +423,9 @@ func (s *RepositoriesService) EditReleaseAsset(ctx context.Context, owner, repo
 
 // DeleteReleaseAsset delete a single release asset from a repository.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/assets#delete-a-release-asset
+// GitHub API docs: https://docs.github.com/rest/releases/assets#delete-a-release-asset
+//
+//meta:operation DELETE /repos/{owner}/{repo}/releases/assets/{asset_id}
 func (s *RepositoriesService) DeleteReleaseAsset(ctx context.Context, owner, repo string, id int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/assets/%d", owner, repo, id)
 
@@ -412,7 +439,9 @@ func (s *RepositoriesService) DeleteReleaseAsset(ctx context.Context, owner, rep
 // UploadReleaseAsset creates an asset by uploading a file into a release repository.
 // To upload assets that cannot be represented by an os.File, call NewUploadRequest directly.
 //
-// GitHub API docs: https://docs.github.com/en/rest/releases/assets#upload-a-release-asset
+// GitHub API docs: https://docs.github.com/rest/releases/assets#upload-a-release-asset
+//
+//meta:operation POST /repos/{owner}/{repo}/releases/{release_id}/assets
 func (s *RepositoriesService) UploadReleaseAsset(ctx context.Context, owner, repo string, id int64, opts *UploadOptions, file *os.File) (*ReleaseAsset, *Response, error) {
 	u := fmt.Sprintf("repos/%s/%s/releases/%d/assets", owner, repo, id)
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v72/github/repos_rules.go b/vendor/github.com/google/go-github/v72/github/repos_rules.go
new file mode 100644
index 0000000000..038cefd71a
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/repos_rules.go
@@ -0,0 +1,246 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// rulesetNoOmitBypassActors represents a GitHub ruleset object. The struct does not omit bypassActors if the field is nil or an empty array is passed.
+type rulesetNoOmitBypassActors struct {
+	ID                   *int64                       `json:"id,omitempty"`
+	Name                 string                       `json:"name"`
+	Target               *RulesetTarget               `json:"target,omitempty"`
+	SourceType           *RulesetSourceType           `json:"source_type,omitempty"`
+	Source               string                       `json:"source"`
+	Enforcement          RulesetEnforcement           `json:"enforcement"`
+	BypassActors         []*BypassActor               `json:"bypass_actors"`
+	CurrentUserCanBypass *BypassMode                  `json:"current_user_can_bypass,omitempty"`
+	NodeID               *string                      `json:"node_id,omitempty"`
+	Links                *RepositoryRulesetLinks      `json:"_links,omitempty"`
+	Conditions           *RepositoryRulesetConditions `json:"conditions,omitempty"`
+	Rules                *RepositoryRulesetRules      `json:"rules,omitempty"`
+	UpdatedAt            *Timestamp                   `json:"updated_at,omitempty"`
+	CreatedAt            *Timestamp                   `json:"created_at,omitempty"`
+}
+
+// rulesetClearBypassActors is used to clear the bypass actors when modifying a GitHub ruleset object.
+type rulesetClearBypassActors struct {
+	BypassActors []*BypassActor `json:"bypass_actors"`
+}
+
+// GetRulesForBranch gets all the repository rules that apply to the specified branch.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/rules#get-rules-for-a-branch
+//
+//meta:operation GET /repos/{owner}/{repo}/rules/branches/{branch}
+func (s *RepositoriesService) GetRulesForBranch(ctx context.Context, owner, repo, branch string, opts *ListOptions) (*BranchRules, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/rules/branches/%v", owner, repo, branch)
+
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var rules *BranchRules
+	resp, err := s.client.Do(ctx, req, &rules)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rules, resp, nil
+}
+
+// RepositoryListRulesetsOptions specifies optional parameters to the
+// RepositoriesService.GetAllRulesets method.
+type RepositoryListRulesetsOptions struct {
+	// IncludesParents indicates whether to include rulesets configured at the organization or enterprise level that apply to the repository.
+	IncludesParents *bool `url:"includes_parents,omitempty"`
+	ListOptions
+}
+
+// GetAllRulesets gets all the repository rulesets for the specified repository.
+// By default, this endpoint will include rulesets configured at the organization or enterprise level that apply to the repository.
+// To exclude those rulesets, set the `RepositoryListRulesetsOptions.IncludesParents` parameter to `false`.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/rules#get-all-repository-rulesets
+//
+//meta:operation GET /repos/{owner}/{repo}/rulesets
+func (s *RepositoriesService) GetAllRulesets(ctx context.Context, owner, repo string, opts *RepositoryListRulesetsOptions) ([]*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/rulesets", owner, repo)
+
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var ruleset []*RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &ruleset)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return ruleset, resp, nil
+}
+
+// CreateRuleset creates a repository ruleset for the specified repository.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/rules#create-a-repository-ruleset
+//
+//meta:operation POST /repos/{owner}/{repo}/rulesets
+func (s *RepositoriesService) CreateRuleset(ctx context.Context, owner, repo string, ruleset RepositoryRuleset) (*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/rulesets", owner, repo)
+
+	req, err := s.client.NewRequest("POST", u, ruleset)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var rs *RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &rs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rs, resp, nil
+}
+
+// GetRuleset gets a repository ruleset for the specified repository.
+// If includesParents is true, rulesets configured at the organization or enterprise level that apply to the repository will be returned.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/rules#get-a-repository-ruleset
+//
+//meta:operation GET /repos/{owner}/{repo}/rulesets/{ruleset_id}
+func (s *RepositoriesService) GetRuleset(ctx context.Context, owner, repo string, rulesetID int64, includesParents bool) (*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/rulesets/%v?includes_parents=%v", owner, repo, rulesetID, includesParents)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var ruleset *RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &ruleset)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return ruleset, resp, nil
+}
+
+// UpdateRuleset updates a repository ruleset for the specified repository.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/rules#update-a-repository-ruleset
+//
+//meta:operation PUT /repos/{owner}/{repo}/rulesets/{ruleset_id}
+func (s *RepositoriesService) UpdateRuleset(ctx context.Context, owner, repo string, rulesetID int64, ruleset RepositoryRuleset) (*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/rulesets/%v", owner, repo, rulesetID)
+
+	req, err := s.client.NewRequest("PUT", u, ruleset)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var rs *RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &rs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rs, resp, nil
+}
+
+// UpdateRulesetClearBypassActor clears the bypass actors for a repository ruleset for the specified repository.
+//
+// This function is necessary as the UpdateRuleset function does not marshal ByPassActor if passed as an empty array.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/rules#update-a-repository-ruleset
+//
+//meta:operation PUT /repos/{owner}/{repo}/rulesets/{ruleset_id}
+func (s *RepositoriesService) UpdateRulesetClearBypassActor(ctx context.Context, owner, repo string, rulesetID int64) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/rulesets/%v", owner, repo, rulesetID)
+
+	rsClearBypassActor := rulesetClearBypassActors{}
+
+	req, err := s.client.NewRequest("PUT", u, rsClearBypassActor)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// UpdateRulesetNoBypassActor updates a repository ruleset for the specified repository.
+//
+// This function is necessary as the UpdateRuleset function does not marshal ByPassActor if passed as an empty array.
+//
+// Deprecated: Use UpdateRulesetClearBypassActor instead.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/rules#update-a-repository-ruleset
+//
+//meta:operation PUT /repos/{owner}/{repo}/rulesets/{ruleset_id}
+func (s *RepositoriesService) UpdateRulesetNoBypassActor(ctx context.Context, owner, repo string, rulesetID int64, ruleset RepositoryRuleset) (*RepositoryRuleset, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/rulesets/%v", owner, repo, rulesetID)
+
+	rsNoBypassActor := rulesetNoOmitBypassActors{
+		ID:           ruleset.ID,
+		Name:         ruleset.Name,
+		Target:       ruleset.Target,
+		SourceType:   ruleset.SourceType,
+		Source:       ruleset.Source,
+		Enforcement:  ruleset.Enforcement,
+		BypassActors: ruleset.BypassActors,
+		NodeID:       ruleset.NodeID,
+		Links:        ruleset.Links,
+		Conditions:   ruleset.Conditions,
+		Rules:        ruleset.Rules,
+	}
+
+	req, err := s.client.NewRequest("PUT", u, rsNoBypassActor)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var rs *RepositoryRuleset
+	resp, err := s.client.Do(ctx, req, &rs)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return rs, resp, nil
+}
+
+// DeleteRuleset deletes a repository ruleset for the specified repository.
+//
+// GitHub API docs: https://docs.github.com/rest/repos/rules#delete-a-repository-ruleset
+//
+//meta:operation DELETE /repos/{owner}/{repo}/rulesets/{ruleset_id}
+func (s *RepositoriesService) DeleteRuleset(ctx context.Context, owner, repo string, rulesetID int64) (*Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/rulesets/%v", owner, repo, rulesetID)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(ctx, req, nil)
+}
diff --git a/vendor/github.com/google/go-github/v55/github/repos_stats.go b/vendor/github.com/google/go-github/v72/github/repos_stats.go
similarity index 88%
rename from vendor/github.com/google/go-github/v55/github/repos_stats.go
rename to vendor/github.com/google/go-github/v72/github/repos_stats.go
index 3df0a8f6de..a6ef9c0da4 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_stats.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_stats.go
@@ -45,7 +45,9 @@ func (w WeeklyStats) String() string {
 // it is now computing the requested statistics. A follow up request, after a
 // delay of a second or so, should result in a successful request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/metrics/statistics#get-all-contributor-commit-activity
+// GitHub API docs: https://docs.github.com/rest/metrics/statistics#get-all-contributor-commit-activity
+//
+//meta:operation GET /repos/{owner}/{repo}/stats/contributors
 func (s *RepositoriesService) ListContributorsStats(ctx context.Context, owner, repo string) ([]*ContributorStats, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/stats/contributors", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -84,7 +86,9 @@ func (w WeeklyCommitActivity) String() string {
 // it is now computing the requested statistics. A follow up request, after a
 // delay of a second or so, should result in a successful request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/metrics/statistics#get-the-last-year-of-commit-activity
+// GitHub API docs: https://docs.github.com/rest/metrics/statistics#get-the-last-year-of-commit-activity
+//
+//meta:operation GET /repos/{owner}/{repo}/stats/commit_activity
 func (s *RepositoriesService) ListCommitActivity(ctx context.Context, owner, repo string) ([]*WeeklyCommitActivity, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/stats/commit_activity", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -111,7 +115,9 @@ func (s *RepositoriesService) ListCommitActivity(ctx context.Context, owner, rep
 // it is now computing the requested statistics. A follow up request, after a
 // delay of a second or so, should result in a successful request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/metrics/statistics#get-the-weekly-commit-activity
+// GitHub API docs: https://docs.github.com/rest/metrics/statistics#get-the-weekly-commit-activity
+//
+//meta:operation GET /repos/{owner}/{repo}/stats/code_frequency
 func (s *RepositoriesService) ListCodeFrequency(ctx context.Context, owner, repo string) ([]*WeeklyStats, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/stats/code_frequency", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -133,8 +139,8 @@ func (s *RepositoriesService) ListCodeFrequency(ctx context.Context, owner, repo
 		}
 		stat := &WeeklyStats{
 			Week:      &Timestamp{time.Unix(int64(week[0]), 0)},
-			Additions: Int(week[1]),
-			Deletions: Int(week[2]),
+			Additions: Ptr(week[1]),
+			Deletions: Ptr(week[2]),
 		}
 		stats = append(stats, stat)
 	}
@@ -167,7 +173,9 @@ func (r RepositoryParticipation) String() string {
 // it is now computing the requested statistics. A follow up request, after a
 // delay of a second or so, should result in a successful request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/metrics/statistics#get-the-weekly-commit-count
+// GitHub API docs: https://docs.github.com/rest/metrics/statistics#get-the-weekly-commit-count
+//
+//meta:operation GET /repos/{owner}/{repo}/stats/participation
 func (s *RepositoriesService) ListParticipation(ctx context.Context, owner, repo string) (*RepositoryParticipation, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/stats/participation", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -200,7 +208,9 @@ type PunchCard struct {
 // it is now computing the requested statistics. A follow up request, after a
 // delay of a second or so, should result in a successful request.
 //
-// GitHub API docs: https://docs.github.com/en/rest/metrics/statistics#get-the-hourly-commit-count-for-each-day
+// GitHub API docs: https://docs.github.com/rest/metrics/statistics#get-the-hourly-commit-count-for-each-day
+//
+//meta:operation GET /repos/{owner}/{repo}/stats/punch_card
 func (s *RepositoriesService) ListPunchCard(ctx context.Context, owner, repo string) ([]*PunchCard, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/stats/punch_card", owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -221,9 +231,9 @@ func (s *RepositoriesService) ListPunchCard(ctx context.Context, owner, repo str
 			continue
 		}
 		card := &PunchCard{
-			Day:     Int(result[0]),
-			Hour:    Int(result[1]),
-			Commits: Int(result[2]),
+			Day:     Ptr(result[0]),
+			Hour:    Ptr(result[1]),
+			Commits: Ptr(result[2]),
 		}
 		cards = append(cards, card)
 	}
diff --git a/vendor/github.com/google/go-github/v55/github/repos_statuses.go b/vendor/github.com/google/go-github/v72/github/repos_statuses.go
similarity index 88%
rename from vendor/github.com/google/go-github/v55/github/repos_statuses.go
rename to vendor/github.com/google/go-github/v72/github/repos_statuses.go
index ea3d166c75..e7b0304752 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_statuses.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_statuses.go
@@ -45,7 +45,9 @@ func (r RepoStatus) String() string {
 // ListStatuses lists the statuses of a repository at the specified
 // reference. ref can be a SHA, a branch name, or a tag name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/statuses#list-commit-statuses-for-a-reference
+// GitHub API docs: https://docs.github.com/rest/commits/statuses#list-commit-statuses-for-a-reference
+//
+//meta:operation GET /repos/{owner}/{repo}/commits/{ref}/statuses
 func (s *RepositoriesService) ListStatuses(ctx context.Context, owner, repo, ref string, opts *ListOptions) ([]*RepoStatus, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v/statuses", owner, repo, refURLEscape(ref))
 	u, err := addOptions(u, opts)
@@ -70,7 +72,9 @@ func (s *RepositoriesService) ListStatuses(ctx context.Context, owner, repo, ref
 // CreateStatus creates a new status for a repository at the specified
 // reference. Ref can be a SHA, a branch name, or a tag name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/statuses#create-a-commit-status
+// GitHub API docs: https://docs.github.com/rest/commits/statuses#create-a-commit-status
+//
+//meta:operation POST /repos/{owner}/{repo}/statuses/{sha}
 func (s *RepositoriesService) CreateStatus(ctx context.Context, owner, repo, ref string, status *RepoStatus) (*RepoStatus, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/statuses/%v", owner, repo, refURLEscape(ref))
 	req, err := s.client.NewRequest("POST", u, status)
@@ -109,7 +113,9 @@ func (s CombinedStatus) String() string {
 // GetCombinedStatus returns the combined status of a repository at the specified
 // reference. ref can be a SHA, a branch name, or a tag name.
 //
-// GitHub API docs: https://docs.github.com/en/rest/commits/statuses#get-the-combined-status-for-a-specific-reference
+// GitHub API docs: https://docs.github.com/rest/commits/statuses#get-the-combined-status-for-a-specific-reference
+//
+//meta:operation GET /repos/{owner}/{repo}/commits/{ref}/status
 func (s *RepositoriesService) GetCombinedStatus(ctx context.Context, owner, repo, ref string, opts *ListOptions) (*CombinedStatus, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/commits/%v/status", owner, repo, refURLEscape(ref))
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_tags.go b/vendor/github.com/google/go-github/v72/github/repos_tags.go
similarity index 56%
rename from vendor/github.com/google/go-github/v55/github/repos_tags.go
rename to vendor/github.com/google/go-github/v72/github/repos_tags.go
index ff46d90c73..b6dc36e2a3 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_tags.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_tags.go
@@ -22,9 +22,12 @@ type tagProtectionRequest struct {
 	Pattern string `json:"pattern"`
 }
 
-// ListTagProtection lists tag protection of the specified repository.
+// Deprecated: ListTagProtection lists tag protection of the specified repository.
+// Deprecation notice: This operation is deprecated and will be removed after August 30, 2024. Use the "Repository Rulesets" endpoint instead: https://docs.github.com/rest/repos/rules#get-all-repository-rulesets
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/tags#list-tag-protection-states-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/repos/tags#closing-down---list-tag-protection-states-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/tags/protection
 func (s *RepositoriesService) ListTagProtection(ctx context.Context, owner, repo string) ([]*TagProtection, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/tags/protection", owner, repo)
 
@@ -42,9 +45,12 @@ func (s *RepositoriesService) ListTagProtection(ctx context.Context, owner, repo
 	return tagProtections, resp, nil
 }
 
-// CreateTagProtection creates the tag protection of the specified repository.
+// Deprecated: CreateTagProtection creates the tag protection of the specified repository.
+// Deprecation notice: This operation is deprecated and will be removed after August 30, 2024. Use the "Repository Rulesets" endpoint instead: https://docs.github.com/rest/repos/rules#create-a-repository-ruleset
+//
+// GitHub API docs: https://docs.github.com/rest/repos/tags#closing-down---create-a-tag-protection-state-for-a-repository
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/tags#create-a-tag-protection-state-for-a-repository
+//meta:operation POST /repos/{owner}/{repo}/tags/protection
 func (s *RepositoriesService) CreateTagProtection(ctx context.Context, owner, repo, pattern string) (*TagProtection, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/tags/protection", owner, repo)
 	r := &tagProtectionRequest{Pattern: pattern}
@@ -62,9 +68,12 @@ func (s *RepositoriesService) CreateTagProtection(ctx context.Context, owner, re
 	return tagProtection, resp, nil
 }
 
-// DeleteTagProtection deletes a tag protection from the specified repository.
+// Deprecated: DeleteTagProtection deletes a tag protection from the specified repository.
+// Deprecation notice: This operation is deprecated and will be removed after August 30, 2024. Use the "Repository Rulesets" endpoint instead: https://docs.github.com/rest/repos/rules#delete-a-repository-ruleset
+//
+// GitHub API docs: https://docs.github.com/rest/repos/tags#closing-down---delete-a-tag-protection-state-for-a-repository
 //
-// GitHub API docs: https://docs.github.com/en/rest/repos/tags#delete-a-tag-protection-state-for-a-repository
+//meta:operation DELETE /repos/{owner}/{repo}/tags/protection/{tag_protection_id}
 func (s *RepositoriesService) DeleteTagProtection(ctx context.Context, owner, repo string, tagProtectionID int64) (*Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/tags/protection/%v", owner, repo, tagProtectionID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/repos_traffic.go b/vendor/github.com/google/go-github/v72/github/repos_traffic.go
similarity index 87%
rename from vendor/github.com/google/go-github/v55/github/repos_traffic.go
rename to vendor/github.com/google/go-github/v72/github/repos_traffic.go
index bf093c03ea..ae2f1a86bd 100644
--- a/vendor/github.com/google/go-github/v55/github/repos_traffic.go
+++ b/vendor/github.com/google/go-github/v72/github/repos_traffic.go
@@ -54,7 +54,9 @@ type TrafficBreakdownOptions struct {
 
 // ListTrafficReferrers list the top 10 referrers over the last 14 days.
 //
-// GitHub API docs: https://docs.github.com/en/rest/metrics/traffic#get-top-referral-sources
+// GitHub API docs: https://docs.github.com/rest/metrics/traffic#get-top-referral-sources
+//
+//meta:operation GET /repos/{owner}/{repo}/traffic/popular/referrers
 func (s *RepositoriesService) ListTrafficReferrers(ctx context.Context, owner, repo string) ([]*TrafficReferrer, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/traffic/popular/referrers", owner, repo)
 
@@ -74,7 +76,9 @@ func (s *RepositoriesService) ListTrafficReferrers(ctx context.Context, owner, r
 
 // ListTrafficPaths list the top 10 popular content over the last 14 days.
 //
-// GitHub API docs: https://docs.github.com/en/rest/metrics/traffic#get-top-referral-paths
+// GitHub API docs: https://docs.github.com/rest/metrics/traffic#get-top-referral-paths
+//
+//meta:operation GET /repos/{owner}/{repo}/traffic/popular/paths
 func (s *RepositoriesService) ListTrafficPaths(ctx context.Context, owner, repo string) ([]*TrafficPath, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/traffic/popular/paths", owner, repo)
 
@@ -94,7 +98,9 @@ func (s *RepositoriesService) ListTrafficPaths(ctx context.Context, owner, repo
 
 // ListTrafficViews get total number of views for the last 14 days and breaks it down either per day or week.
 //
-// GitHub API docs: https://docs.github.com/en/rest/metrics/traffic#get-page-views
+// GitHub API docs: https://docs.github.com/rest/metrics/traffic#get-page-views
+//
+//meta:operation GET /repos/{owner}/{repo}/traffic/views
 func (s *RepositoriesService) ListTrafficViews(ctx context.Context, owner, repo string, opts *TrafficBreakdownOptions) (*TrafficViews, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/traffic/views", owner, repo)
 	u, err := addOptions(u, opts)
@@ -118,7 +124,9 @@ func (s *RepositoriesService) ListTrafficViews(ctx context.Context, owner, repo
 
 // ListTrafficClones get total number of clones for the last 14 days and breaks it down either per day or week for the last 14 days.
 //
-// GitHub API docs: https://docs.github.com/en/rest/metrics/traffic#get-repository-clones
+// GitHub API docs: https://docs.github.com/rest/metrics/traffic#get-repository-clones
+//
+//meta:operation GET /repos/{owner}/{repo}/traffic/clones
 func (s *RepositoriesService) ListTrafficClones(ctx context.Context, owner, repo string, opts *TrafficBreakdownOptions) (*TrafficClones, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/traffic/clones", owner, repo)
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v72/github/rules.go b/vendor/github.com/google/go-github/v72/github/rules.go
new file mode 100644
index 0000000000..4def2d19ee
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/rules.go
@@ -0,0 +1,1228 @@
+// Copyright 2025 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"encoding/json"
+	"reflect"
+)
+
+// RulesetTarget represents a GitHub ruleset target.
+type RulesetTarget string
+
+// This is the set of GitHub ruleset targets.
+const (
+	RulesetTargetBranch RulesetTarget = "branch"
+	RulesetTargetTag    RulesetTarget = "tag"
+	RulesetTargetPush   RulesetTarget = "push"
+)
+
+// RulesetSourceType represents a GitHub ruleset source type.
+type RulesetSourceType string
+
+// This is the set of GitHub ruleset source types.
+const (
+	RulesetSourceTypeRepository   RulesetSourceType = "Repository"
+	RulesetSourceTypeOrganization RulesetSourceType = "Organization"
+	RulesetSourceTypeEnterprise   RulesetSourceType = "Enterprise"
+)
+
+// RulesetEnforcement represents a GitHub ruleset enforcement.
+type RulesetEnforcement string
+
+// This is the set of GitHub ruleset enforcements.
+const (
+	RulesetEnforcementDisabled RulesetEnforcement = "disabled"
+	RulesetEnforcementActive   RulesetEnforcement = "active"
+	RulesetEnforcementEvaluate RulesetEnforcement = "evaluate"
+)
+
+// BypassActorType represents a GitHub ruleset bypass actor type.
+type BypassActorType string
+
+// This is the set of GitHub ruleset bypass actor types.
+const (
+	BypassActorTypeIntegration       BypassActorType = "Integration"
+	BypassActorTypeOrganizationAdmin BypassActorType = "OrganizationAdmin"
+	BypassActorTypeRepositoryRole    BypassActorType = "RepositoryRole"
+	BypassActorTypeTeam              BypassActorType = "Team"
+	BypassActorTypeDeployKey         BypassActorType = "DeployKey"
+)
+
+// BypassMode represents a GitHub ruleset bypass mode.
+type BypassMode string
+
+// This is the set of GitHub ruleset bypass modes.
+const (
+	BypassModeAlways      BypassMode = "always"
+	BypassModePullRequest BypassMode = "pull_request"
+	BypassModeNever       BypassMode = "never"
+)
+
+// RepositoryRuleType represents a GitHub ruleset rule type.
+type RepositoryRuleType string
+
+// This is the set of GitHub ruleset rule types.
+const (
+	RulesetRuleTypeCreation                 RepositoryRuleType = "creation"
+	RulesetRuleTypeUpdate                   RepositoryRuleType = "update"
+	RulesetRuleTypeDeletion                 RepositoryRuleType = "deletion"
+	RulesetRuleTypeRequiredLinearHistory    RepositoryRuleType = "required_linear_history"
+	RulesetRuleTypeMergeQueue               RepositoryRuleType = "merge_queue"
+	RulesetRuleTypeRequiredDeployments      RepositoryRuleType = "required_deployments"
+	RulesetRuleTypeRequiredSignatures       RepositoryRuleType = "required_signatures"
+	RulesetRuleTypePullRequest              RepositoryRuleType = "pull_request"
+	RulesetRuleTypeRequiredStatusChecks     RepositoryRuleType = "required_status_checks"
+	RulesetRuleTypeNonFastForward           RepositoryRuleType = "non_fast_forward"
+	RulesetRuleTypeCommitMessagePattern     RepositoryRuleType = "commit_message_pattern"
+	RulesetRuleTypeCommitAuthorEmailPattern RepositoryRuleType = "commit_author_email_pattern"
+	RulesetRuleTypeCommitterEmailPattern    RepositoryRuleType = "committer_email_pattern"
+	RulesetRuleTypeBranchNamePattern        RepositoryRuleType = "branch_name_pattern"
+	RulesetRuleTypeTagNamePattern           RepositoryRuleType = "tag_name_pattern"
+	RulesetRuleTypeFilePathRestriction      RepositoryRuleType = "file_path_restriction"
+	RulesetRuleTypeMaxFilePathLength        RepositoryRuleType = "max_file_path_length"
+	RulesetRuleTypeFileExtensionRestriction RepositoryRuleType = "file_extension_restriction"
+	RulesetRuleTypeMaxFileSize              RepositoryRuleType = "max_file_size"
+	RulesetRuleTypeWorkflows                RepositoryRuleType = "workflows"
+	RulesetRuleTypeCodeScanning             RepositoryRuleType = "code_scanning"
+)
+
+// MergeGroupingStrategy models a GitHub merge grouping strategy.
+type MergeGroupingStrategy string
+
+// This is the set of GitHub merge grouping strategies.
+const (
+	MergeGroupingStrategyAllGreen  MergeGroupingStrategy = "ALLGREEN"
+	MergeGroupingStrategyHeadGreen MergeGroupingStrategy = "HEADGREEN"
+)
+
+// PullRequestMergeMethod is used in PullRequestRuleParameters,
+// where the GitHub API expects lowercase merge method values: "merge", "rebase", "squash".
+//
+// NOTE: GitHub's API inconsistently uses different casing for the same logical values
+// across different rules.
+//
+// TODO: Unify with MergeQueueMergeMethod once the GitHub API uses consistent casing.
+type PullRequestMergeMethod string
+
+const (
+	PullRequestMergeMethodMerge  PullRequestMergeMethod = "merge"
+	PullRequestMergeMethodRebase PullRequestMergeMethod = "rebase"
+	PullRequestMergeMethodSquash PullRequestMergeMethod = "squash"
+)
+
+// MergeQueueMergeMethod is used in MergeQueueRuleParameters,
+// where the GitHub API expects uppercase merge method values: "MERGE", "REBASE", "SQUASH".
+//
+// NOTE: This type exists alongside PullRequestMergeMethod solely due to API casing inconsistencies.
+// It enforces the correct usage by API context.
+//
+// TODO: Unify with PullRequestMergeMethod once the GitHub API uses consistent casing.
+type MergeQueueMergeMethod string
+
+const (
+	MergeQueueMergeMethodMerge  MergeQueueMergeMethod = "MERGE"
+	MergeQueueMergeMethodRebase MergeQueueMergeMethod = "REBASE"
+	MergeQueueMergeMethodSquash MergeQueueMergeMethod = "SQUASH"
+)
+
+// PatternRuleOperator models a GitHub pattern rule operator.
+type PatternRuleOperator string
+
+// This is the set of GitHub pattern rule operators.
+const (
+	PatternRuleOperatorStartsWith PatternRuleOperator = "starts_with"
+	PatternRuleOperatorEndsWith   PatternRuleOperator = "ends_with"
+	PatternRuleOperatorContains   PatternRuleOperator = "contains"
+	PatternRuleOperatorRegex      PatternRuleOperator = "regex"
+)
+
+// CodeScanningAlertsThreshold models a GitHub code scanning alerts threshold.
+type CodeScanningAlertsThreshold string
+
+// This is the set of GitHub code scanning alerts thresholds.
+const (
+	CodeScanningAlertsThresholdNone              CodeScanningAlertsThreshold = "none"
+	CodeScanningAlertsThresholdErrors            CodeScanningAlertsThreshold = "errors"
+	CodeScanningAlertsThresholdErrorsAndWarnings CodeScanningAlertsThreshold = "errors_and_warnings"
+	CodeScanningAlertsThresholdAll               CodeScanningAlertsThreshold = "all"
+)
+
+// CodeScanningSecurityAlertsThreshold models a GitHub code scanning security alerts threshold.
+type CodeScanningSecurityAlertsThreshold string
+
+// This is the set of GitHub code scanning security alerts thresholds.
+const (
+	CodeScanningSecurityAlertsThresholdNone           CodeScanningSecurityAlertsThreshold = "none"
+	CodeScanningSecurityAlertsThresholdCritical       CodeScanningSecurityAlertsThreshold = "critical"
+	CodeScanningSecurityAlertsThresholdHighOrHigher   CodeScanningSecurityAlertsThreshold = "high_or_higher"
+	CodeScanningSecurityAlertsThresholdMediumOrHigher CodeScanningSecurityAlertsThreshold = "medium_or_higher"
+	CodeScanningSecurityAlertsThresholdAll            CodeScanningSecurityAlertsThreshold = "all"
+)
+
+// RepositoryRuleset represents a GitHub ruleset object.
+type RepositoryRuleset struct {
+	ID                   *int64                       `json:"id,omitempty"`
+	Name                 string                       `json:"name"`
+	Target               *RulesetTarget               `json:"target,omitempty"`
+	SourceType           *RulesetSourceType           `json:"source_type,omitempty"`
+	Source               string                       `json:"source"`
+	Enforcement          RulesetEnforcement           `json:"enforcement"`
+	BypassActors         []*BypassActor               `json:"bypass_actors,omitempty"`
+	CurrentUserCanBypass *BypassMode                  `json:"current_user_can_bypass,omitempty"`
+	NodeID               *string                      `json:"node_id,omitempty"`
+	Links                *RepositoryRulesetLinks      `json:"_links,omitempty"`
+	Conditions           *RepositoryRulesetConditions `json:"conditions,omitempty"`
+	Rules                *RepositoryRulesetRules      `json:"rules,omitempty"`
+	UpdatedAt            *Timestamp                   `json:"updated_at,omitempty"`
+	CreatedAt            *Timestamp                   `json:"created_at,omitempty"`
+}
+
+// BypassActor represents the bypass actors from a ruleset.
+type BypassActor struct {
+	ActorID    *int64           `json:"actor_id,omitempty"`
+	ActorType  *BypassActorType `json:"actor_type,omitempty"`
+	BypassMode *BypassMode      `json:"bypass_mode,omitempty"`
+}
+
+// RepositoryRulesetLinks represents the "_links" object in a Ruleset.
+type RepositoryRulesetLinks struct {
+	Self *RepositoryRulesetLink `json:"self,omitempty"`
+	HTML *RepositoryRulesetLink `json:"html,omitempty"`
+}
+
+// RepositoryRulesetLink represents a single link object from GitHub ruleset request _links.
+type RepositoryRulesetLink struct {
+	HRef *string `json:"href,omitempty"`
+}
+
+// RepositoryRulesetConditions represents the conditions object in a ruleset.
+// Set either RepositoryName or RepositoryID or RepositoryProperty, not more than one.
+type RepositoryRulesetConditions struct {
+	RefName            *RepositoryRulesetRefConditionParameters                `json:"ref_name,omitempty"`
+	RepositoryID       *RepositoryRulesetRepositoryIDsConditionParameters      `json:"repository_id,omitempty"`
+	RepositoryName     *RepositoryRulesetRepositoryNamesConditionParameters    `json:"repository_name,omitempty"`
+	RepositoryProperty *RepositoryRulesetRepositoryPropertyConditionParameters `json:"repository_property,omitempty"`
+	OrganizationID     *RepositoryRulesetOrganizationIDsConditionParameters    `json:"organization_id,omitempty"`
+	OrganizationName   *RepositoryRulesetOrganizationNamesConditionParameters  `json:"organization_name,omitempty"`
+}
+
+// RepositoryRulesetRefConditionParameters represents the conditions object for ref_names.
+type RepositoryRulesetRefConditionParameters struct {
+	Include []string `json:"include"`
+	Exclude []string `json:"exclude"`
+}
+
+// RepositoryRulesetRepositoryIDsConditionParameters represents the conditions object for repository_id.
+type RepositoryRulesetRepositoryIDsConditionParameters struct {
+	RepositoryIDs []int64 `json:"repository_ids,omitempty"`
+}
+
+// RepositoryRulesetRepositoryNamesConditionParameters represents the conditions object for repository_name.
+type RepositoryRulesetRepositoryNamesConditionParameters struct {
+	Include   []string `json:"include"`
+	Exclude   []string `json:"exclude"`
+	Protected *bool    `json:"protected,omitempty"`
+}
+
+// RepositoryRulesetRepositoryPropertyConditionParameters represents the conditions object for repository_property.
+type RepositoryRulesetRepositoryPropertyConditionParameters struct {
+	Include []*RepositoryRulesetRepositoryPropertyTargetParameters `json:"include"`
+	Exclude []*RepositoryRulesetRepositoryPropertyTargetParameters `json:"exclude"`
+}
+
+// RepositoryRulesetRepositoryPropertyTargetParameters represents a repository_property name and values to be used for targeting.
+type RepositoryRulesetRepositoryPropertyTargetParameters struct {
+	Name           string   `json:"name"`
+	PropertyValues []string `json:"property_values"`
+	Source         *string  `json:"source,omitempty"`
+}
+
+// RepositoryRulesetOrganizationIDsConditionParameters represents the conditions object for organization_id.
+type RepositoryRulesetOrganizationIDsConditionParameters struct {
+	OrganizationIDs []int64 `json:"organization_ids,omitempty"`
+}
+
+// RepositoryRulesetOrganizationNamesConditionParameters represents the conditions object for organization_name.
+type RepositoryRulesetOrganizationNamesConditionParameters struct {
+	Include []string `json:"include"`
+	Exclude []string `json:"exclude"`
+}
+
+// RepositoryRule represents a GitHub ruleset rule object.
+type RepositoryRule struct {
+	Type       RepositoryRuleType `json:"type"`
+	Parameters any                `json:"parameters,omitempty"`
+}
+
+// RepositoryRulesetRules represents a GitHub ruleset rules object.
+// This type doesn't have JSON annotations as it uses custom marshaling.
+type RepositoryRulesetRules struct {
+	Creation                 *EmptyRuleParameters
+	Update                   *UpdateRuleParameters
+	Deletion                 *EmptyRuleParameters
+	RequiredLinearHistory    *EmptyRuleParameters
+	MergeQueue               *MergeQueueRuleParameters
+	RequiredDeployments      *RequiredDeploymentsRuleParameters
+	RequiredSignatures       *EmptyRuleParameters
+	PullRequest              *PullRequestRuleParameters
+	RequiredStatusChecks     *RequiredStatusChecksRuleParameters
+	NonFastForward           *EmptyRuleParameters
+	CommitMessagePattern     *PatternRuleParameters
+	CommitAuthorEmailPattern *PatternRuleParameters
+	CommitterEmailPattern    *PatternRuleParameters
+	BranchNamePattern        *PatternRuleParameters
+	TagNamePattern           *PatternRuleParameters
+	FilePathRestriction      *FilePathRestrictionRuleParameters
+	MaxFilePathLength        *MaxFilePathLengthRuleParameters
+	FileExtensionRestriction *FileExtensionRestrictionRuleParameters
+	MaxFileSize              *MaxFileSizeRuleParameters
+	Workflows                *WorkflowsRuleParameters
+	CodeScanning             *CodeScanningRuleParameters
+}
+
+// BranchRules represents the rules active for a GitHub repository branch.
+// This type doesn't have JSON annotations as it uses custom marshaling.
+type BranchRules struct {
+	Creation                 []*BranchRuleMetadata
+	Update                   []*UpdateBranchRule
+	Deletion                 []*BranchRuleMetadata
+	RequiredLinearHistory    []*BranchRuleMetadata
+	MergeQueue               []*MergeQueueBranchRule
+	RequiredDeployments      []*RequiredDeploymentsBranchRule
+	RequiredSignatures       []*BranchRuleMetadata
+	PullRequest              []*PullRequestBranchRule
+	RequiredStatusChecks     []*RequiredStatusChecksBranchRule
+	NonFastForward           []*BranchRuleMetadata
+	CommitMessagePattern     []*PatternBranchRule
+	CommitAuthorEmailPattern []*PatternBranchRule
+	CommitterEmailPattern    []*PatternBranchRule
+	BranchNamePattern        []*PatternBranchRule
+	TagNamePattern           []*PatternBranchRule
+	FilePathRestriction      []*FilePathRestrictionBranchRule
+	MaxFilePathLength        []*MaxFilePathLengthBranchRule
+	FileExtensionRestriction []*FileExtensionRestrictionBranchRule
+	MaxFileSize              []*MaxFileSizeBranchRule
+	Workflows                []*WorkflowsBranchRule
+	CodeScanning             []*CodeScanningBranchRule
+}
+
+// BranchRuleMetadata represents the metadata for a branch rule.
+type BranchRuleMetadata struct {
+	RulesetSourceType RulesetSourceType `json:"ruleset_source_type"`
+	RulesetSource     string            `json:"ruleset_source"`
+	RulesetID         int64             `json:"ruleset_id"`
+}
+
+// UpdateBranchRule represents an update branch rule.
+type UpdateBranchRule struct {
+	BranchRuleMetadata
+	Parameters UpdateRuleParameters `json:"parameters"`
+}
+
+// MergeQueueBranchRule represents a merge queue branch rule.
+type MergeQueueBranchRule struct {
+	BranchRuleMetadata
+	Parameters MergeQueueRuleParameters `json:"parameters"`
+}
+
+// RequiredDeploymentsBranchRule represents a required deployments branch rule.
+type RequiredDeploymentsBranchRule struct {
+	BranchRuleMetadata
+	Parameters RequiredDeploymentsRuleParameters `json:"parameters"`
+}
+
+// PullRequestBranchRule represents a pull request branch rule.
+type PullRequestBranchRule struct {
+	BranchRuleMetadata
+	Parameters PullRequestRuleParameters `json:"parameters"`
+}
+
+// RequiredStatusChecksBranchRule represents a required status checks branch rule.
+type RequiredStatusChecksBranchRule struct {
+	BranchRuleMetadata
+	Parameters RequiredStatusChecksRuleParameters `json:"parameters"`
+}
+
+// PatternBranchRule represents a pattern branch rule.
+type PatternBranchRule struct {
+	BranchRuleMetadata
+	Parameters PatternRuleParameters `json:"parameters"`
+}
+
+// FilePathRestrictionBranchRule represents a file path restriction branch rule.
+type FilePathRestrictionBranchRule struct {
+	BranchRuleMetadata
+	Parameters FilePathRestrictionRuleParameters `json:"parameters"`
+}
+
+// MaxFilePathLengthBranchRule represents a max file path length branch rule.
+type MaxFilePathLengthBranchRule struct {
+	BranchRuleMetadata
+	Parameters MaxFilePathLengthRuleParameters `json:"parameters"`
+}
+
+// FileExtensionRestrictionBranchRule represents a file extension restriction branch rule.
+type FileExtensionRestrictionBranchRule struct {
+	BranchRuleMetadata
+	Parameters FileExtensionRestrictionRuleParameters `json:"parameters"`
+}
+
+// MaxFileSizeBranchRule represents a max file size branch rule.
+type MaxFileSizeBranchRule struct {
+	BranchRuleMetadata
+	Parameters MaxFileSizeRuleParameters `json:"parameters"`
+}
+
+// WorkflowsBranchRule represents a workflows branch rule.
+type WorkflowsBranchRule struct {
+	BranchRuleMetadata
+	Parameters WorkflowsRuleParameters `json:"parameters"`
+}
+
+// CodeScanningBranchRule represents a code scanning branch rule.
+type CodeScanningBranchRule struct {
+	BranchRuleMetadata
+	Parameters CodeScanningRuleParameters `json:"parameters"`
+}
+
+// EmptyRuleParameters represents the parameters for a rule with no options.
+type EmptyRuleParameters struct{}
+
+// UpdateRuleParameters represents the update rule parameters.
+type UpdateRuleParameters struct {
+	UpdateAllowsFetchAndMerge bool `json:"update_allows_fetch_and_merge,omitempty"`
+}
+
+// MergeQueueRuleParameters represents the merge_queue rule parameters.
+type MergeQueueRuleParameters struct {
+	CheckResponseTimeoutMinutes  int                   `json:"check_response_timeout_minutes"`
+	GroupingStrategy             MergeGroupingStrategy `json:"grouping_strategy"`
+	MaxEntriesToBuild            int                   `json:"max_entries_to_build"`
+	MaxEntriesToMerge            int                   `json:"max_entries_to_merge"`
+	MergeMethod                  MergeQueueMergeMethod `json:"merge_method"`
+	MinEntriesToMerge            int                   `json:"min_entries_to_merge"`
+	MinEntriesToMergeWaitMinutes int                   `json:"min_entries_to_merge_wait_minutes"`
+}
+
+// RequiredDeploymentsRuleParameters represents the required deployments rule parameters.
+type RequiredDeploymentsRuleParameters struct {
+	RequiredDeploymentEnvironments []string `json:"required_deployment_environments"`
+}
+
+// PullRequestRuleParameters represents the pull_request rule parameters.
+type PullRequestRuleParameters struct {
+	AllowedMergeMethods               []PullRequestMergeMethod `json:"allowed_merge_methods"`
+	AutomaticCopilotCodeReviewEnabled *bool                    `json:"automatic_copilot_code_review_enabled,omitempty"`
+	DismissStaleReviewsOnPush         bool                     `json:"dismiss_stale_reviews_on_push"`
+	RequireCodeOwnerReview            bool                     `json:"require_code_owner_review"`
+	RequireLastPushApproval           bool                     `json:"require_last_push_approval"`
+	RequiredApprovingReviewCount      int                      `json:"required_approving_review_count"`
+	RequiredReviewThreadResolution    bool                     `json:"required_review_thread_resolution"`
+}
+
+// RequiredStatusChecksRuleParameters represents the required status checks rule parameters.
+type RequiredStatusChecksRuleParameters struct {
+	DoNotEnforceOnCreate             *bool              `json:"do_not_enforce_on_create,omitempty"`
+	RequiredStatusChecks             []*RuleStatusCheck `json:"required_status_checks"`
+	StrictRequiredStatusChecksPolicy bool               `json:"strict_required_status_checks_policy"`
+}
+
+// RuleStatusCheck represents a status checks for the required status checks rule parameters.
+type RuleStatusCheck struct {
+	Context       string `json:"context"`
+	IntegrationID *int64 `json:"integration_id,omitempty"`
+}
+
+// PatternRuleParameters represents the parameters for a pattern rule.
+type PatternRuleParameters struct {
+	Name *string `json:"name,omitempty"`
+	// If Negate is true, the rule will fail if the pattern matches.
+	Negate   *bool               `json:"negate,omitempty"`
+	Operator PatternRuleOperator `json:"operator"`
+	Pattern  string              `json:"pattern"`
+}
+
+// FilePathRestrictionRuleParameters represents the file path restriction rule parameters.
+type FilePathRestrictionRuleParameters struct {
+	RestrictedFilePaths []string `json:"restricted_file_paths"`
+}
+
+// MaxFilePathLengthRuleParameters represents the max file path length rule parameters.
+type MaxFilePathLengthRuleParameters struct {
+	MaxFilePathLength int `json:"max_file_path_length"`
+}
+
+// FileExtensionRestrictionRuleParameters represents the file extension restriction rule parameters.
+type FileExtensionRestrictionRuleParameters struct {
+	RestrictedFileExtensions []string `json:"restricted_file_extensions"`
+}
+
+// MaxFileSizeRuleParameters represents the max file size rule parameters.
+type MaxFileSizeRuleParameters struct {
+	MaxFileSize int64 `json:"max_file_size"`
+}
+
+// WorkflowsRuleParameters represents the workflows rule parameters.
+type WorkflowsRuleParameters struct {
+	DoNotEnforceOnCreate *bool           `json:"do_not_enforce_on_create,omitempty"`
+	Workflows            []*RuleWorkflow `json:"workflows"`
+}
+
+// RuleWorkflow represents a Workflow for the workflows rule parameters.
+type RuleWorkflow struct {
+	Path         string  `json:"path"`
+	Ref          *string `json:"ref,omitempty"`
+	RepositoryID *int64  `json:"repository_id,omitempty"`
+	SHA          *string `json:"sha,omitempty"`
+}
+
+// CodeScanningRuleParameters represents the code scanning rule parameters.
+type CodeScanningRuleParameters struct {
+	CodeScanningTools []*RuleCodeScanningTool `json:"code_scanning_tools"`
+}
+
+// RuleCodeScanningTool represents a single code scanning tool for the code scanning parameters.
+type RuleCodeScanningTool struct {
+	AlertsThreshold         CodeScanningAlertsThreshold         `json:"alerts_threshold"`
+	SecurityAlertsThreshold CodeScanningSecurityAlertsThreshold `json:"security_alerts_threshold"`
+	Tool                    string                              `json:"tool"`
+}
+
+// repositoryRulesetRuleWrapper is a helper type to marshal & unmarshal a ruleset rule.
+type repositoryRulesetRuleWrapper struct {
+	Type       RepositoryRuleType `json:"type"`
+	Parameters json.RawMessage    `json:"parameters,omitempty"`
+}
+
+// MarshalJSON is a custom JSON marshaler for RulesetRules.
+func (r *RepositoryRulesetRules) MarshalJSON() ([]byte, error) {
+	// The RepositoryRulesetRules type marshals to between 1 and 21 rules.
+	// If new rules are added to RepositoryRulesetRules the capacity below needs increasing
+	rawRules := make([]json.RawMessage, 0, 21)
+
+	if r.Creation != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeCreation, r.Creation)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.Update != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeUpdate, r.Update)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.Deletion != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeDeletion, r.Deletion)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.RequiredLinearHistory != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeRequiredLinearHistory, r.RequiredLinearHistory)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.MergeQueue != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeMergeQueue, r.MergeQueue)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.RequiredDeployments != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeRequiredDeployments, r.RequiredDeployments)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.RequiredSignatures != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeRequiredSignatures, r.RequiredSignatures)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.PullRequest != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypePullRequest, r.PullRequest)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.RequiredStatusChecks != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeRequiredStatusChecks, r.RequiredStatusChecks)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.NonFastForward != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeNonFastForward, r.NonFastForward)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.CommitMessagePattern != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeCommitMessagePattern, r.CommitMessagePattern)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.CommitAuthorEmailPattern != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeCommitAuthorEmailPattern, r.CommitAuthorEmailPattern)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.CommitterEmailPattern != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeCommitterEmailPattern, r.CommitterEmailPattern)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.BranchNamePattern != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeBranchNamePattern, r.BranchNamePattern)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.TagNamePattern != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeTagNamePattern, r.TagNamePattern)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.FilePathRestriction != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeFilePathRestriction, r.FilePathRestriction)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.MaxFilePathLength != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeMaxFilePathLength, r.MaxFilePathLength)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.FileExtensionRestriction != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeFileExtensionRestriction, r.FileExtensionRestriction)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.MaxFileSize != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeMaxFileSize, r.MaxFileSize)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.Workflows != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeWorkflows, r.Workflows)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	if r.CodeScanning != nil {
+		bytes, err := marshalRepositoryRulesetRule(RulesetRuleTypeCodeScanning, r.CodeScanning)
+		if err != nil {
+			return nil, err
+		}
+		rawRules = append(rawRules, json.RawMessage(bytes))
+	}
+
+	return json.Marshal(rawRules)
+}
+
+// marshalRepositoryRulesetRule is a helper function to marshal a ruleset rule.
+//
+// TODO: Benchmark the code that uses reflection.
+// TODO: Use a generator here instead of reflection if there is a significant performance hit.
+func marshalRepositoryRulesetRule[T any](t RepositoryRuleType, params T) ([]byte, error) {
+	paramsType := reflect.TypeFor[T]()
+
+	if paramsType.Kind() == reflect.Pointer && (reflect.ValueOf(params).IsNil() || reflect.ValueOf(params).Elem().IsZero()) {
+		return json.Marshal(repositoryRulesetRuleWrapper{Type: t})
+	}
+
+	bytes, err := json.Marshal(params)
+	if err != nil {
+		return nil, err
+	}
+
+	return json.Marshal(repositoryRulesetRuleWrapper{Type: t, Parameters: json.RawMessage(bytes)})
+}
+
+// UnmarshalJSON is a custom JSON unmarshaler for RulesetRules.
+func (r *RepositoryRulesetRules) UnmarshalJSON(data []byte) error {
+	var wrappers []*repositoryRulesetRuleWrapper
+
+	if err := json.Unmarshal(data, &wrappers); err != nil {
+		return err
+	}
+
+	for _, w := range wrappers {
+		switch w.Type {
+		case RulesetRuleTypeCreation:
+			r.Creation = &EmptyRuleParameters{}
+		case RulesetRuleTypeUpdate:
+			r.Update = &UpdateRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.Update); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeDeletion:
+			r.Deletion = &EmptyRuleParameters{}
+		case RulesetRuleTypeRequiredLinearHistory:
+			r.RequiredLinearHistory = &EmptyRuleParameters{}
+		case RulesetRuleTypeMergeQueue:
+			r.MergeQueue = &MergeQueueRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.MergeQueue); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeRequiredDeployments:
+			r.RequiredDeployments = &RequiredDeploymentsRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.RequiredDeployments); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeRequiredSignatures:
+			r.RequiredSignatures = &EmptyRuleParameters{}
+		case RulesetRuleTypePullRequest:
+			r.PullRequest = &PullRequestRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.PullRequest); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeRequiredStatusChecks:
+			r.RequiredStatusChecks = &RequiredStatusChecksRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.RequiredStatusChecks); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeNonFastForward:
+			r.NonFastForward = &EmptyRuleParameters{}
+		case RulesetRuleTypeCommitMessagePattern:
+			r.CommitMessagePattern = &PatternRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.CommitMessagePattern); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeCommitAuthorEmailPattern:
+			r.CommitAuthorEmailPattern = &PatternRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.CommitAuthorEmailPattern); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeCommitterEmailPattern:
+			r.CommitterEmailPattern = &PatternRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.CommitterEmailPattern); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeBranchNamePattern:
+			r.BranchNamePattern = &PatternRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.BranchNamePattern); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeTagNamePattern:
+			r.TagNamePattern = &PatternRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.TagNamePattern); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeFilePathRestriction:
+			r.FilePathRestriction = &FilePathRestrictionRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.FilePathRestriction); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeMaxFilePathLength:
+			r.MaxFilePathLength = &MaxFilePathLengthRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.MaxFilePathLength); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeFileExtensionRestriction:
+			r.FileExtensionRestriction = &FileExtensionRestrictionRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.FileExtensionRestriction); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeMaxFileSize:
+			r.MaxFileSize = &MaxFileSizeRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.MaxFileSize); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeWorkflows:
+			r.Workflows = &WorkflowsRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.Workflows); err != nil {
+					return err
+				}
+			}
+		case RulesetRuleTypeCodeScanning:
+			r.CodeScanning = &CodeScanningRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, r.CodeScanning); err != nil {
+					return err
+				}
+			}
+		}
+	}
+
+	return nil
+}
+
+// branchRuleWrapper is a helper type to unmarshal a branch rule.
+type branchRuleWrapper struct {
+	Type RepositoryRuleType `json:"type"`
+	BranchRuleMetadata
+	Parameters json.RawMessage `json:"parameters,omitempty"`
+}
+
+// UnmarshalJSON is a custom JSON unmarshaler for BranchRules.
+func (r *BranchRules) UnmarshalJSON(data []byte) error {
+	var wrappers []*branchRuleWrapper
+
+	if err := json.Unmarshal(data, &wrappers); err != nil {
+		return err
+	}
+
+	for _, w := range wrappers {
+		switch w.Type {
+		case RulesetRuleTypeCreation:
+			r.Creation = append(r.Creation, &BranchRuleMetadata{RulesetSourceType: w.RulesetSourceType, RulesetSource: w.RulesetSource, RulesetID: w.RulesetID})
+		case RulesetRuleTypeUpdate:
+			params := &UpdateRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.Update = append(r.Update, &UpdateBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeDeletion:
+			r.Deletion = append(r.Deletion, &BranchRuleMetadata{RulesetSourceType: w.RulesetSourceType, RulesetSource: w.RulesetSource, RulesetID: w.RulesetID})
+		case RulesetRuleTypeRequiredLinearHistory:
+			r.RequiredLinearHistory = append(r.RequiredLinearHistory, &BranchRuleMetadata{RulesetSourceType: w.RulesetSourceType, RulesetSource: w.RulesetSource, RulesetID: w.RulesetID})
+		case RulesetRuleTypeMergeQueue:
+			params := &MergeQueueRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.MergeQueue = append(r.MergeQueue, &MergeQueueBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeRequiredDeployments:
+			params := &RequiredDeploymentsRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.RequiredDeployments = append(r.RequiredDeployments, &RequiredDeploymentsBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeRequiredSignatures:
+			r.RequiredSignatures = append(r.RequiredSignatures, &BranchRuleMetadata{RulesetSourceType: w.RulesetSourceType, RulesetSource: w.RulesetSource, RulesetID: w.RulesetID})
+		case RulesetRuleTypePullRequest:
+			params := &PullRequestRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.PullRequest = append(r.PullRequest, &PullRequestBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeRequiredStatusChecks:
+			params := &RequiredStatusChecksRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.RequiredStatusChecks = append(r.RequiredStatusChecks, &RequiredStatusChecksBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeNonFastForward:
+			r.NonFastForward = append(r.NonFastForward, &BranchRuleMetadata{RulesetSourceType: w.RulesetSourceType, RulesetSource: w.RulesetSource, RulesetID: w.RulesetID})
+		case RulesetRuleTypeCommitMessagePattern:
+			params := &PatternRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.CommitMessagePattern = append(r.CommitMessagePattern, &PatternBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeCommitAuthorEmailPattern:
+			params := &PatternRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.CommitAuthorEmailPattern = append(r.CommitAuthorEmailPattern, &PatternBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeCommitterEmailPattern:
+			params := &PatternRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.CommitterEmailPattern = append(r.CommitterEmailPattern, &PatternBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeBranchNamePattern:
+			params := &PatternRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.BranchNamePattern = append(r.BranchNamePattern, &PatternBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeTagNamePattern:
+			params := &PatternRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.TagNamePattern = append(r.TagNamePattern, &PatternBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeFilePathRestriction:
+			params := &FilePathRestrictionRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.FilePathRestriction = append(r.FilePathRestriction, &FilePathRestrictionBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeMaxFilePathLength:
+			params := &MaxFilePathLengthRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.MaxFilePathLength = append(r.MaxFilePathLength, &MaxFilePathLengthBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeFileExtensionRestriction:
+			params := &FileExtensionRestrictionRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.FileExtensionRestriction = append(r.FileExtensionRestriction, &FileExtensionRestrictionBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeMaxFileSize:
+			params := &MaxFileSizeRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.MaxFileSize = append(r.MaxFileSize, &MaxFileSizeBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeWorkflows:
+			params := &WorkflowsRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.Workflows = append(r.Workflows, &WorkflowsBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		case RulesetRuleTypeCodeScanning:
+			params := &CodeScanningRuleParameters{}
+
+			if w.Parameters != nil {
+				if err := json.Unmarshal(w.Parameters, params); err != nil {
+					return err
+				}
+			}
+
+			r.CodeScanning = append(r.CodeScanning, &CodeScanningBranchRule{BranchRuleMetadata: w.BranchRuleMetadata, Parameters: *params})
+		}
+	}
+
+	return nil
+}
+
+// UnmarshalJSON is a custom JSON unmarshaler for RulesetRule.
+func (r *RepositoryRule) UnmarshalJSON(data []byte) error {
+	w := repositoryRulesetRuleWrapper{}
+
+	if err := json.Unmarshal(data, &w); err != nil {
+		return err
+	}
+
+	r.Type = w.Type
+
+	switch r.Type {
+	case RulesetRuleTypeCreation:
+		r.Parameters = nil
+	case RulesetRuleTypeUpdate:
+		p := &UpdateRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeDeletion:
+		r.Parameters = nil
+	case RulesetRuleTypeRequiredLinearHistory:
+		r.Parameters = nil
+	case RulesetRuleTypeMergeQueue:
+		p := &MergeQueueRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeRequiredDeployments:
+		p := &RequiredDeploymentsRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeRequiredSignatures:
+		r.Parameters = nil
+	case RulesetRuleTypePullRequest:
+		p := &PullRequestRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeRequiredStatusChecks:
+		p := &RequiredStatusChecksRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeNonFastForward:
+		r.Parameters = nil
+	case RulesetRuleTypeCommitMessagePattern:
+		p := &PatternRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeCommitAuthorEmailPattern:
+		p := &PatternRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeCommitterEmailPattern:
+		p := &PatternRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeBranchNamePattern:
+		p := &PatternRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeTagNamePattern:
+		p := &PatternRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeFilePathRestriction:
+		p := &FilePathRestrictionRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeMaxFilePathLength:
+		p := &MaxFilePathLengthRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeFileExtensionRestriction:
+		p := &FileExtensionRestrictionRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeMaxFileSize:
+		p := &MaxFileSizeRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeWorkflows:
+		p := &WorkflowsRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	case RulesetRuleTypeCodeScanning:
+		p := &CodeScanningRuleParameters{}
+
+		if w.Parameters != nil {
+			if err := json.Unmarshal(w.Parameters, p); err != nil {
+				return err
+			}
+		}
+
+		r.Parameters = p
+	}
+
+	return nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/scim.go b/vendor/github.com/google/go-github/v72/github/scim.go
similarity index 63%
rename from vendor/github.com/google/go-github/v55/github/scim.go
rename to vendor/github.com/google/go-github/v72/github/scim.go
index 7deee6be4b..70f063caa9 100644
--- a/vendor/github.com/google/go-github/v55/github/scim.go
+++ b/vendor/github.com/google/go-github/v72/github/scim.go
@@ -14,12 +14,32 @@ import (
 // SCIMService provides access to SCIM related functions in the
 // GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/scim
+// GitHub API docs: https://docs.github.com/rest/scim
 type SCIMService service
 
+// SCIMGroupAttributes represents supported SCIM Group attributes.
+//
+// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/enterprise-admin/scim#list-provisioned-scim-groups-for-an-enterprise
+type SCIMGroupAttributes struct {
+	DisplayName *string                 `json:"displayName,omitempty"` // The name of the group, suitable for display to end-users. (Optional.)
+	Members     []*SCIMDisplayReference `json:"members,omitempty"`     // (Optional.)
+	Schemas     []string                `json:"schemas,omitempty"`     // (Optional.)
+	ExternalID  *string                 `json:"externalId,omitempty"`  // (Optional.)
+	// Only populated as a result of calling ListSCIMProvisionedIdentitiesOptions:
+	ID   *string   `json:"id,omitempty"`
+	Meta *SCIMMeta `json:"meta,omitempty"`
+}
+
+// SCIMDisplayReference represents a JSON SCIM (System for Cross-domain Identity Management) resource.
+type SCIMDisplayReference struct {
+	Value   string  `json:"value"`             // (Required.)
+	Ref     string  `json:"$ref"`              // (Required.)
+	Display *string `json:"display,omitempty"` // (Optional.)
+}
+
 // SCIMUserAttributes represents supported SCIM User attributes.
 //
-// GitHub API docs: https://docs.github.com/en/rest/scim#supported-scim-user-attributes
+// GitHub API docs: https://docs.github.com/rest/scim#supported-scim-user-attributes
 type SCIMUserAttributes struct {
 	UserName    string           `json:"userName"`              // Configured by the admin. Could be an email, login, or username. (Required.)
 	Name        SCIMUserName     `json:"name"`                  // (Required.)
@@ -56,6 +76,15 @@ type SCIMMeta struct {
 	Location     *string    `json:"location,omitempty"`
 }
 
+// SCIMProvisionedGroups represents the result of calling ListSCIMProvisionedGroupsForEnterprise.
+type SCIMProvisionedGroups struct {
+	Schemas      []string               `json:"schemas,omitempty"`
+	TotalResults *int                   `json:"totalResults,omitempty"`
+	ItemsPerPage *int                   `json:"itemsPerPage,omitempty"`
+	StartIndex   *int                   `json:"startIndex,omitempty"`
+	Resources    []*SCIMGroupAttributes `json:"Resources,omitempty"`
+}
+
 // SCIMProvisionedIdentities represents the result of calling ListSCIMProvisionedIdentities.
 type SCIMProvisionedIdentities struct {
 	Schemas      []string              `json:"schemas,omitempty"`
@@ -67,7 +96,7 @@ type SCIMProvisionedIdentities struct {
 
 // ListSCIMProvisionedIdentitiesOptions represents options for ListSCIMProvisionedIdentities.
 //
-// Github API docs: https://docs.github.com/en/rest/scim#list-scim-provisioned-identities--parameters
+// GitHub API docs: https://docs.github.com/rest/scim#list-scim-provisioned-identities--parameters
 type ListSCIMProvisionedIdentitiesOptions struct {
 	StartIndex *int `url:"startIndex,omitempty"` // Used for pagination: the index of the first result to return. (Optional.)
 	Count      *int `url:"count,omitempty"`      // Used for pagination: the number of results to return. (Optional.)
@@ -81,7 +110,9 @@ type ListSCIMProvisionedIdentitiesOptions struct {
 
 // ListSCIMProvisionedIdentities lists SCIM provisioned identities.
 //
-// GitHub API docs: https://docs.github.com/en/rest/scim#list-scim-provisioned-identities
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/scim/scim#list-scim-provisioned-identities
+//
+//meta:operation GET /scim/v2/organizations/{org}/Users
 func (s *SCIMService) ListSCIMProvisionedIdentities(ctx context.Context, org string, opts *ListSCIMProvisionedIdentitiesOptions) (*SCIMProvisionedIdentities, *Response, error) {
 	u := fmt.Sprintf("scim/v2/organizations/%v/Users", org)
 	u, err := addOptions(u, opts)
@@ -105,25 +136,31 @@ func (s *SCIMService) ListSCIMProvisionedIdentities(ctx context.Context, org str
 
 // ProvisionAndInviteSCIMUser provisions organization membership for a user, and sends an activation email to the email address.
 //
-// GitHub API docs: https://docs.github.com/en/rest/scim#provision-and-invite-a-scim-user
-func (s *SCIMService) ProvisionAndInviteSCIMUser(ctx context.Context, org string, opts *SCIMUserAttributes) (*Response, error) {
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/scim/scim#provision-and-invite-a-scim-user
+//
+//meta:operation POST /scim/v2/organizations/{org}/Users
+func (s *SCIMService) ProvisionAndInviteSCIMUser(ctx context.Context, org string, opts *SCIMUserAttributes) (*SCIMUserAttributes, *Response, error) {
 	u := fmt.Sprintf("scim/v2/organizations/%v/Users", org)
-	u, err := addOptions(u, opts)
+
+	req, err := s.client.NewRequest("POST", u, opts)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
-	req, err := s.client.NewRequest("POST", u, nil)
+	user := new(SCIMUserAttributes)
+	resp, err := s.client.Do(ctx, req, user)
 	if err != nil {
-		return nil, err
+		return nil, resp, err
 	}
 
-	return s.client.Do(ctx, req, nil)
+	return user, resp, nil
 }
 
 // GetSCIMProvisioningInfoForUser returns SCIM provisioning information for a user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/scim#supported-scim-user-attributes
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/scim/scim#get-scim-provisioning-information-for-a-user
+//
+//meta:operation GET /scim/v2/organizations/{org}/Users/{scim_user_id}
 func (s *SCIMService) GetSCIMProvisioningInfoForUser(ctx context.Context, org, scimUserID string) (*SCIMUserAttributes, *Response, error) {
 	u := fmt.Sprintf("scim/v2/organizations/%v/Users/%v", org, scimUserID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -142,7 +179,9 @@ func (s *SCIMService) GetSCIMProvisioningInfoForUser(ctx context.Context, org, s
 
 // UpdateProvisionedOrgMembership updates a provisioned organization membership.
 //
-// GitHub API docs: https://docs.github.com/en/rest/scim#update-a-provisioned-organization-membership
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/scim/scim#update-a-provisioned-organization-membership
+//
+//meta:operation PUT /scim/v2/organizations/{org}/Users/{scim_user_id}
 func (s *SCIMService) UpdateProvisionedOrgMembership(ctx context.Context, org, scimUserID string, opts *SCIMUserAttributes) (*Response, error) {
 	u := fmt.Sprintf("scim/v2/organizations/%v/Users/%v", org, scimUserID)
 	u, err := addOptions(u, opts)
@@ -160,7 +199,7 @@ func (s *SCIMService) UpdateProvisionedOrgMembership(ctx context.Context, org, s
 
 // UpdateAttributeForSCIMUserOptions represents options for UpdateAttributeForSCIMUser.
 //
-// GitHub API docs: https://docs.github.com/en/rest/scim#update-an-attribute-for-a-scim-user--parameters
+// GitHub API docs: https://docs.github.com/rest/scim#update-an-attribute-for-a-scim-user--parameters
 type UpdateAttributeForSCIMUserOptions struct {
 	Schemas    []string                             `json:"schemas,omitempty"` // (Optional.)
 	Operations UpdateAttributeForSCIMUserOperations `json:"operations"`        // Set of operations to be performed. (Required.)
@@ -175,7 +214,9 @@ type UpdateAttributeForSCIMUserOperations struct {
 
 // UpdateAttributeForSCIMUser updates an attribute for an SCIM user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/scim#update-an-attribute-for-a-scim-user
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/scim/scim#update-an-attribute-for-a-scim-user
+//
+//meta:operation PATCH /scim/v2/organizations/{org}/Users/{scim_user_id}
 func (s *SCIMService) UpdateAttributeForSCIMUser(ctx context.Context, org, scimUserID string, opts *UpdateAttributeForSCIMUserOptions) (*Response, error) {
 	u := fmt.Sprintf("scim/v2/organizations/%v/Users/%v", org, scimUserID)
 	u, err := addOptions(u, opts)
@@ -193,7 +234,9 @@ func (s *SCIMService) UpdateAttributeForSCIMUser(ctx context.Context, org, scimU
 
 // DeleteSCIMUserFromOrg deletes SCIM user from an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/scim#delete-a-scim-user-from-an-organization
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/scim/scim#delete-a-scim-user-from-an-organization
+//
+//meta:operation DELETE /scim/v2/organizations/{org}/Users/{scim_user_id}
 func (s *SCIMService) DeleteSCIMUserFromOrg(ctx context.Context, org, scimUserID string) (*Response, error) {
 	u := fmt.Sprintf("scim/v2/organizations/%v/Users/%v", org, scimUserID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -203,3 +246,25 @@ func (s *SCIMService) DeleteSCIMUserFromOrg(ctx context.Context, org, scimUserID
 
 	return s.client.Do(ctx, req, nil)
 }
+
+// ListSCIMProvisionedGroupsForEnterprise lists SCIM provisioned groups for an enterprise.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/scim#list-provisioned-scim-groups-for-an-enterprise
+//
+//meta:operation GET /scim/v2/enterprises/{enterprise}/Groups
+func (s *SCIMService) ListSCIMProvisionedGroupsForEnterprise(ctx context.Context, enterprise string, opts *ListSCIMProvisionedIdentitiesOptions) (*SCIMProvisionedGroups, *Response, error) {
+	u := fmt.Sprintf("scim/v2/enterprises/%v/Groups", enterprise)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	groups := new(SCIMProvisionedGroups)
+	resp, err := s.client.Do(ctx, req, groups)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return groups, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/search.go b/vendor/github.com/google/go-github/v72/github/search.go
similarity index 91%
rename from vendor/github.com/google/go-github/v55/github/search.go
rename to vendor/github.com/google/go-github/v72/github/search.go
index adb832d0d8..54bc6d5e1f 100644
--- a/vendor/github.com/google/go-github/v55/github/search.go
+++ b/vendor/github.com/google/go-github/v72/github/search.go
@@ -32,7 +32,7 @@ import (
 // For example, querying with "language:c++" and "leveldb", then query should be
 // "language:c++ leveldb" but not "language:c+++leveldb".
 //
-// GitHub API docs: https://docs.github.com/en/rest/search/
+// GitHub API docs: https://docs.github.com/rest/search/
 type SearchService service
 
 // SearchOptions specifies optional parameters to the SearchService methods.
@@ -72,7 +72,9 @@ type RepositoriesSearchResult struct {
 
 // Repositories searches repositories via various criteria.
 //
-// GitHub API docs: https://docs.github.com/en/rest/search#search-repositories
+// GitHub API docs: https://docs.github.com/rest/search/search#search-repositories
+//
+//meta:operation GET /search/repositories
 func (s *SearchService) Repositories(ctx context.Context, query string, opts *SearchOptions) (*RepositoriesSearchResult, *Response, error) {
 	result := new(RepositoriesSearchResult)
 	resp, err := s.search(ctx, "repositories", &searchParameters{Query: query}, opts, result)
@@ -104,10 +106,12 @@ type TopicResult struct {
 }
 
 // Topics finds topics via various criteria. Results are sorted by best match.
-// Please see https://help.github.com/en/articles/searching-topics for more
+// Please see https://help.github.com/articles/searching-topics for more
 // information about search qualifiers.
 //
-// GitHub API docs: https://docs.github.com/en/rest/search#search-topics
+// GitHub API docs: https://docs.github.com/rest/search/search#search-topics
+//
+//meta:operation GET /search/topics
 func (s *SearchService) Topics(ctx context.Context, query string, opts *SearchOptions) (*TopicsSearchResult, *Response, error) {
 	result := new(TopicsSearchResult)
 	resp, err := s.search(ctx, "topics", &searchParameters{Query: query}, opts, result)
@@ -142,7 +146,9 @@ type CommitResult struct {
 
 // Commits searches commits via various criteria.
 //
-// GitHub API docs: https://docs.github.com/en/rest/search#search-commits
+// GitHub API docs: https://docs.github.com/rest/search/search#search-commits
+//
+//meta:operation GET /search/commits
 func (s *SearchService) Commits(ctx context.Context, query string, opts *SearchOptions) (*CommitsSearchResult, *Response, error) {
 	result := new(CommitsSearchResult)
 	resp, err := s.search(ctx, "commits", &searchParameters{Query: query}, opts, result)
@@ -162,7 +168,9 @@ type IssuesSearchResult struct {
 
 // Issues searches issues via various criteria.
 //
-// GitHub API docs: https://docs.github.com/en/rest/search#search-issues-and-pull-requests
+// GitHub API docs: https://docs.github.com/rest/search/search#search-issues-and-pull-requests
+//
+//meta:operation GET /search/issues
 func (s *SearchService) Issues(ctx context.Context, query string, opts *SearchOptions) (*IssuesSearchResult, *Response, error) {
 	result := new(IssuesSearchResult)
 	resp, err := s.search(ctx, "issues", &searchParameters{Query: query}, opts, result)
@@ -182,7 +190,9 @@ type UsersSearchResult struct {
 
 // Users searches users via various criteria.
 //
-// GitHub API docs: https://docs.github.com/en/rest/search#search-users
+// GitHub API docs: https://docs.github.com/rest/search/search#search-users
+//
+//meta:operation GET /search/users
 func (s *SearchService) Users(ctx context.Context, query string, opts *SearchOptions) (*UsersSearchResult, *Response, error) {
 	result := new(UsersSearchResult)
 	resp, err := s.search(ctx, "users", &searchParameters{Query: query}, opts, result)
@@ -199,7 +209,7 @@ type Match struct {
 	Indices []int   `json:"indices,omitempty"`
 }
 
-// TextMatch represents a text match for a SearchResult
+// TextMatch represents a text match for a SearchResult.
 type TextMatch struct {
 	ObjectURL  *string  `json:"object_url,omitempty"`
 	ObjectType *string  `json:"object_type,omitempty"`
@@ -235,7 +245,9 @@ func (c CodeResult) String() string {
 
 // Code searches code via various criteria.
 //
-// GitHub API docs: https://docs.github.com/en/rest/search#search-code
+// GitHub API docs: https://docs.github.com/rest/search/search#search-code
+//
+//meta:operation GET /search/code
 func (s *SearchService) Code(ctx context.Context, query string, opts *SearchOptions) (*CodeSearchResult, *Response, error) {
 	result := new(CodeSearchResult)
 	resp, err := s.search(ctx, "code", &searchParameters{Query: query}, opts, result)
@@ -270,7 +282,9 @@ func (l LabelResult) String() string {
 
 // Labels searches labels in the repository with ID repoID via various criteria.
 //
-// GitHub API docs: https://docs.github.com/en/rest/search#search-labels
+// GitHub API docs: https://docs.github.com/rest/search/search#search-labels
+//
+//meta:operation GET /search/labels
 func (s *SearchService) Labels(ctx context.Context, repoID int64, query string, opts *SearchOptions) (*LabelsSearchResult, *Response, error) {
 	result := new(LabelsSearchResult)
 	resp, err := s.search(ctx, "labels", &searchParameters{RepositoryID: &repoID, Query: query}, opts, result)
@@ -321,7 +335,7 @@ func (s *SearchService) search(ctx context.Context, searchType string, parameter
 		// TODO: remove custom Accept header when this API fully launches.
 		acceptHeaders = append(acceptHeaders, mediaTypeReactionsPreview)
 	}
-	// https://docs.github.com/en/rest/search#search-repositories
+	// https://docs.github.com/rest/search#search-repositories
 	// Accept header defaults to "application/vnd.github.v3+json"
 	// We change it here to fetch back text-match metadata
 	if opts != nil && opts.TextMatch {
diff --git a/vendor/github.com/google/go-github/v55/github/secret_scanning.go b/vendor/github.com/google/go-github/v72/github/secret_scanning.go
similarity index 50%
rename from vendor/github.com/google/go-github/v55/github/secret_scanning.go
rename to vendor/github.com/google/go-github/v72/github/secret_scanning.go
index b8295cbf79..ad2312d0b2 100644
--- a/vendor/github.com/google/go-github/v55/github/secret_scanning.go
+++ b/vendor/github.com/google/go-github/v72/github/secret_scanning.go
@@ -16,19 +16,32 @@ type SecretScanningService service
 
 // SecretScanningAlert represents a GitHub secret scanning alert.
 type SecretScanningAlert struct {
-	Number                *int        `json:"number,omitempty"`
-	CreatedAt             *Timestamp  `json:"created_at,omitempty"`
-	URL                   *string     `json:"url,omitempty"`
-	HTMLURL               *string     `json:"html_url,omitempty"`
-	LocationsURL          *string     `json:"locations_url,omitempty"`
-	State                 *string     `json:"state,omitempty"`
-	Resolution            *string     `json:"resolution,omitempty"`
-	ResolvedAt            *Timestamp  `json:"resolved_at,omitempty"`
-	ResolvedBy            *User       `json:"resolved_by,omitempty"`
-	SecretType            *string     `json:"secret_type,omitempty"`
-	SecretTypeDisplayName *string     `json:"secret_type_display_name,omitempty"`
-	Secret                *string     `json:"secret,omitempty"`
-	Repository            *Repository `json:"repository,omitempty"`
+	Number                                     *int        `json:"number,omitempty"`
+	CreatedAt                                  *Timestamp  `json:"created_at,omitempty"`
+	URL                                        *string     `json:"url,omitempty"`
+	HTMLURL                                    *string     `json:"html_url,omitempty"`
+	LocationsURL                               *string     `json:"locations_url,omitempty"`
+	State                                      *string     `json:"state,omitempty"`
+	Resolution                                 *string     `json:"resolution,omitempty"`
+	ResolvedAt                                 *Timestamp  `json:"resolved_at,omitempty"`
+	ResolvedBy                                 *User       `json:"resolved_by,omitempty"`
+	SecretType                                 *string     `json:"secret_type,omitempty"`
+	SecretTypeDisplayName                      *string     `json:"secret_type_display_name,omitempty"`
+	Secret                                     *string     `json:"secret,omitempty"`
+	Repository                                 *Repository `json:"repository,omitempty"`
+	UpdatedAt                                  *Timestamp  `json:"updated_at,omitempty"`
+	IsBase64Encoded                            *bool       `json:"is_base64_encoded,omitempty"`
+	MultiRepo                                  *bool       `json:"multi_repo,omitempty"`
+	PubliclyLeaked                             *bool       `json:"publicly_leaked,omitempty"`
+	PushProtectionBypassed                     *bool       `json:"push_protection_bypassed,omitempty"`
+	PushProtectionBypassedBy                   *User       `json:"push_protection_bypassed_by,omitempty"`
+	PushProtectionBypassedAt                   *Timestamp  `json:"push_protection_bypassed_at,omitempty"`
+	ResolutionComment                          *string     `json:"resolution_comment,omitempty"`
+	PushProtectionBypassRequestComment         *string     `json:"push_protection_bypass_request_comment,omitempty"`
+	PushProtectionBypassRequestHTMLURL         *string     `json:"push_protection_bypass_request_html_url,omitempty"`
+	PushProtectionBypassRequestReviewer        *User       `json:"push_protection_bypass_request_reviewer,omitempty"`
+	PushProtectionBypassRequestReviewerComment *string     `json:"push_protection_bypass_request_reviewer_comment,omitempty"`
+	Validity                                   *string     `json:"validity,omitempty"`
 }
 
 // SecretScanningAlertLocation represents the location for a secret scanning alert.
@@ -39,15 +52,16 @@ type SecretScanningAlertLocation struct {
 
 // SecretScanningAlertLocationDetails represents the location details for a secret scanning alert.
 type SecretScanningAlertLocationDetails struct {
-	Path        *string `json:"path,omitempty"`
-	Startline   *int    `json:"start_line,omitempty"`
-	EndLine     *int    `json:"end_line,omitempty"`
-	StartColumn *int    `json:"start_column,omitempty"`
-	EndColumn   *int    `json:"end_column,omitempty"`
-	BlobSHA     *string `json:"blob_sha,omitempty"`
-	BlobURL     *string `json:"blob_url,omitempty"`
-	CommitSHA   *string `json:"commit_sha,omitempty"`
-	CommitURL   *string `json:"commit_url,omitempty"`
+	Path                  *string `json:"path,omitempty"`
+	Startline             *int    `json:"start_line,omitempty"`
+	EndLine               *int    `json:"end_line,omitempty"`
+	StartColumn           *int    `json:"start_column,omitempty"`
+	EndColumn             *int    `json:"end_column,omitempty"`
+	BlobSHA               *string `json:"blob_sha,omitempty"`
+	BlobURL               *string `json:"blob_url,omitempty"`
+	CommitSHA             *string `json:"commit_sha,omitempty"`
+	CommitURL             *string `json:"commit_url,omitempty"`
+	PullRequestCommentURL *string `json:"pull_request_comment_url,omitempty"`
 }
 
 // SecretScanningAlertListOptions specifies optional parameters to the SecretScanningService.ListAlertsForEnterprise method.
@@ -62,37 +76,56 @@ type SecretScanningAlertListOptions struct {
 	// Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.
 	Resolution string `url:"resolution,omitempty"`
 
+	// A comma-separated list of validities that, when present, will return alerts that match the validities in this list.
+	// Valid options are active, inactive, and unknown.
+	Validity string `url:"validity,omitempty"`
+
+	// A boolean value representing whether or not to filter alerts by the publicly-leaked tag being present. Default: false.
+	IsPubliclyLeaked bool `url:"is_publicly_leaked,omitempty"`
+
+	// A boolean value representing whether or not to filter alerts by the multi-repo tag being present. Default: false.
+	IsMultiRepo bool `url:"is_multi_repo,omitempty"`
+
+	// The direction to sort the results by. Possible values are: asc, desc. Default: desc.
+	Direction string `url:"direction,omitempty"`
+
+	// The property by which to sort the results. Possible values are: created, updated. Default: created.
+	Sort string `url:"sort,omitempty"`
+
 	ListCursorOptions
 
 	// List options can vary on the Enterprise type.
 	// On Enterprise Cloud, Secret Scan alerts support requesting by page number
 	// along with providing a cursor for an "after" param.
-	// See: https://docs.github.com/en/enterprise-cloud@latest/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization
+	// See: https://docs.github.com/enterprise-cloud@latest/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization
 	// Whereas on Enterprise Server, pagination is by index.
-	// See: https://docs.github.com/en/enterprise-server@3.6/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization
+	// See: https://docs.github.com/enterprise-server@3.6/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization
 	ListOptions
 }
 
 // SecretScanningAlertUpdateOptions specifies optional parameters to the SecretScanningService.UpdateAlert method.
 type SecretScanningAlertUpdateOptions struct {
-	// Required. Sets the state of the secret scanning alert. Can be either open or resolved.
-	// You must provide resolution when you set the state to resolved.
-	State *string `url:"state,omitempty"`
+	// State is required and sets the state of the secret scanning alert.
+	// Can be either "open" or "resolved".
+	// You must provide resolution when you set the state to "resolved".
+	State string `json:"state"`
 
-	// A comma-separated list of secret types to return. By default all secret types are returned.
-	SecretType *string `url:"secret_type,omitempty"`
+	// Required when the state is "resolved" and represents the reason for resolving the alert.
+	// Can be one of: "false_positive", "wont_fix", "revoked", or "used_in_tests".
+	Resolution *string `json:"resolution,omitempty"`
 
-	// Required when the state is resolved. The reason for resolving the alert. Can be one of false_positive,
-	// wont_fix, revoked, or used_in_tests.
-	Resolution *string `url:"resolution,omitempty"`
+	// An optional comment when closing an alert.
+	ResolutionComment *string `json:"resolution_comment,omitempty"`
 }
 
-// Lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest.
+// ListAlertsForEnterprise lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest.
 //
 // To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo scope or
 // security_events scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-secret-scanning-alerts-for-an-enterprise
+// GitHub API docs: https://docs.github.com/rest/secret-scanning/secret-scanning#list-secret-scanning-alerts-for-an-enterprise
+//
+//meta:operation GET /enterprises/{enterprise}/secret-scanning/alerts
 func (s *SecretScanningService) ListAlertsForEnterprise(ctx context.Context, enterprise string, opts *SecretScanningAlertListOptions) ([]*SecretScanningAlert, *Response, error) {
 	u := fmt.Sprintf("enterprises/%v/secret-scanning/alerts", enterprise)
 	u, err := addOptions(u, opts)
@@ -114,12 +147,14 @@ func (s *SecretScanningService) ListAlertsForEnterprise(ctx context.Context, ent
 	return alerts, resp, nil
 }
 
-// Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest.
+// ListAlertsForOrg lists secret scanning alerts for eligible repositories in an organization, from newest to oldest.
 //
 // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
 // the repo scope or security_events scope.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization
+// GitHub API docs: https://docs.github.com/rest/secret-scanning/secret-scanning#list-secret-scanning-alerts-for-an-organization
+//
+//meta:operation GET /orgs/{org}/secret-scanning/alerts
 func (s *SecretScanningService) ListAlertsForOrg(ctx context.Context, org string, opts *SecretScanningAlertListOptions) ([]*SecretScanningAlert, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/secret-scanning/alerts", org)
 	u, err := addOptions(u, opts)
@@ -141,12 +176,14 @@ func (s *SecretScanningService) ListAlertsForOrg(ctx context.Context, org string
 	return alerts, resp, nil
 }
 
-// Lists secret scanning alerts for a private repository, from newest to oldest.
+// ListAlertsForRepo lists secret scanning alerts for a private repository, from newest to oldest.
 //
 // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
 // the repo scope or security_events scope.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-secret-scanning-alerts-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/secret-scanning/secret-scanning#list-secret-scanning-alerts-for-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/secret-scanning/alerts
 func (s *SecretScanningService) ListAlertsForRepo(ctx context.Context, owner, repo string, opts *SecretScanningAlertListOptions) ([]*SecretScanningAlert, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts", owner, repo)
 	u, err := addOptions(u, opts)
@@ -168,12 +205,14 @@ func (s *SecretScanningService) ListAlertsForRepo(ctx context.Context, owner, re
 	return alerts, resp, nil
 }
 
-// Gets a single secret scanning alert detected in a private repository.
+// GetAlert gets a single secret scanning alert detected in a private repository.
 //
 // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
 // the repo scope or security_events scope.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#get-a-secret-scanning-alert
+// GitHub API docs: https://docs.github.com/rest/secret-scanning/secret-scanning#get-a-secret-scanning-alert
+//
+//meta:operation GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}
 func (s *SecretScanningService) GetAlert(ctx context.Context, owner, repo string, number int64) (*SecretScanningAlert, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts/%v", owner, repo, number)
 
@@ -191,12 +230,14 @@ func (s *SecretScanningService) GetAlert(ctx context.Context, owner, repo string
 	return alert, resp, nil
 }
 
-// Updates the status of a secret scanning alert in a private repository.
+// UpdateAlert updates the status of a secret scanning alert in a private repository.
 //
 // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
 // the repo scope or security_events scope.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#update-a-secret-scanning-alert
+// GitHub API docs: https://docs.github.com/rest/secret-scanning/secret-scanning#update-a-secret-scanning-alert
+//
+//meta:operation PATCH /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}
 func (s *SecretScanningService) UpdateAlert(ctx context.Context, owner, repo string, number int64, opts *SecretScanningAlertUpdateOptions) (*SecretScanningAlert, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts/%v", owner, repo, number)
 
@@ -214,12 +255,14 @@ func (s *SecretScanningService) UpdateAlert(ctx context.Context, owner, repo str
 	return alert, resp, nil
 }
 
-// Lists all locations for a given secret scanning alert for a private repository.
+// ListLocationsForAlert lists all locations for a given secret scanning alert for a private repository.
 //
 // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
 // the repo scope or security_events scope.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-locations-for-a-secret-scanning-alert
+// GitHub API docs: https://docs.github.com/rest/secret-scanning/secret-scanning#list-locations-for-a-secret-scanning-alert
+//
+//meta:operation GET /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations
 func (s *SecretScanningService) ListLocationsForAlert(ctx context.Context, owner, repo string, number int64, opts *ListOptions) ([]*SecretScanningAlertLocation, *Response, error) {
 	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts/%v/locations", owner, repo, number)
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v72/github/security_advisories.go b/vendor/github.com/google/go-github/v72/github/security_advisories.go
new file mode 100644
index 0000000000..b5a43f1aac
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/security_advisories.go
@@ -0,0 +1,279 @@
+// Copyright 2023 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+)
+
+type SecurityAdvisoriesService service
+
+// SecurityAdvisorySubmission represents the Security Advisory Submission.
+type SecurityAdvisorySubmission struct {
+	// Accepted represents whether a private vulnerability report was accepted by the repository's administrators.
+	Accepted *bool `json:"accepted,omitempty"`
+}
+
+// RepoAdvisoryCredit represents the credit object for a repository Security Advisory.
+type RepoAdvisoryCredit struct {
+	Login *string `json:"login,omitempty"`
+	Type  *string `json:"type,omitempty"`
+}
+
+// RepoAdvisoryCreditDetailed represents a credit given to a user for a repository Security Advisory.
+type RepoAdvisoryCreditDetailed struct {
+	User  *User   `json:"user,omitempty"`
+	Type  *string `json:"type,omitempty"`
+	State *string `json:"state,omitempty"`
+}
+
+// ListRepositorySecurityAdvisoriesOptions specifies the optional parameters to list the repository security advisories.
+type ListRepositorySecurityAdvisoriesOptions struct {
+	ListCursorOptions
+
+	// Direction in which to sort advisories. Possible values are: asc, desc.
+	// Default is "asc".
+	Direction string `url:"direction,omitempty"`
+
+	// Sort specifies how to sort advisories. Possible values are: created, updated,
+	// and published. Default value is "created".
+	Sort string `url:"sort,omitempty"`
+
+	// State filters advisories based on their state. Possible values are: triage, draft, published, closed.
+	State string `url:"state,omitempty"`
+}
+
+// ListGlobalSecurityAdvisoriesOptions specifies the optional parameters to list the global security advisories.
+type ListGlobalSecurityAdvisoriesOptions struct {
+	ListCursorOptions
+
+	// If specified, only advisories with this GHSA (GitHub Security Advisory) identifier will be returned.
+	GHSAID *string `url:"ghsa_id,omitempty"`
+
+	// If specified, only advisories of this type will be returned.
+	// By default, a request with no other parameters defined will only return reviewed advisories that are not malware.
+	// Default: reviewed
+	// Can be one of: reviewed, malware, unreviewed
+	Type *string `url:"type,omitempty"`
+
+	// If specified, only advisories with this CVE (Common Vulnerabilities and Exposures) identifier will be returned.
+	CVEID *string `url:"cve_id,omitempty"`
+
+	// If specified, only advisories for these ecosystems will be returned.
+	// Can be one of: actions, composer, erlang, go, maven, npm, nuget, other, pip, pub, rubygems, rust
+	Ecosystem *string `url:"ecosystem,omitempty"`
+
+	// If specified, only advisories with these severities will be returned.
+	// Can be one of: unknown, low, medium, high, critical
+	Severity *string `url:"severity,omitempty"`
+
+	// If specified, only advisories with these Common Weakness Enumerations (CWEs) will be returned.
+	// Example: cwes=79,284,22 or cwes[]=79&cwes[]=284&cwes[]=22
+	CWEs []string `url:"cwes,omitempty"`
+
+	// Whether to only return advisories that have been withdrawn.
+	IsWithdrawn *bool `url:"is_withdrawn,omitempty"`
+
+	// If specified, only return advisories that affect any of package or package@version.
+	// A maximum of 1000 packages can be specified. If the query parameter causes
+	// the URL to exceed the maximum URL length supported by your client, you must specify fewer packages.
+	// Example: affects=package1,package2@1.0.0,package3@^2.0.0 or affects[]=package1&affects[]=package2@1.0.0
+	Affects *string `url:"affects,omitempty"`
+
+	// If specified, only return advisories that were published on a date or date range.
+	Published *string `url:"published,omitempty"`
+
+	// If specified, only return advisories that were updated on a date or date range.
+	Updated *string `url:"updated,omitempty"`
+
+	// If specified, only show advisories that were updated or published on a date or date range.
+	Modified *string `url:"modified,omitempty"`
+}
+
+// GlobalSecurityAdvisory represents the global security advisory object response.
+type GlobalSecurityAdvisory struct {
+	SecurityAdvisory
+	ID                    *int64                         `json:"id,omitempty"`
+	RepositoryAdvisoryURL *string                        `json:"repository_advisory_url,omitempty"`
+	Type                  *string                        `json:"type,omitempty"`
+	SourceCodeLocation    *string                        `json:"source_code_location,omitempty"`
+	References            []string                       `json:"references,omitempty"`
+	Vulnerabilities       []*GlobalSecurityVulnerability `json:"vulnerabilities,omitempty"`
+	GithubReviewedAt      *Timestamp                     `json:"github_reviewed_at,omitempty"`
+	NVDPublishedAt        *Timestamp                     `json:"nvd_published_at,omitempty"`
+	Credits               []*Credit                      `json:"credits,omitempty"`
+}
+
+// GlobalSecurityVulnerability represents a vulnerability for a global security advisory.
+type GlobalSecurityVulnerability struct {
+	Package                *VulnerabilityPackage `json:"package,omitempty"`
+	FirstPatchedVersion    *string               `json:"first_patched_version,omitempty"`
+	VulnerableVersionRange *string               `json:"vulnerable_version_range,omitempty"`
+	VulnerableFunctions    []string              `json:"vulnerable_functions,omitempty"`
+}
+
+// Credit represents the credit object for a global security advisory.
+type Credit struct {
+	User *User   `json:"user,omitempty"`
+	Type *string `json:"type,omitempty"`
+}
+
+// RequestCVE requests a Common Vulnerabilities and Exposures (CVE) for a repository security advisory.
+// The ghsaID is the GitHub Security Advisory identifier of the advisory.
+//
+// GitHub API docs: https://docs.github.com/rest/security-advisories/repository-advisories#request-a-cve-for-a-repository-security-advisory
+//
+//meta:operation POST /repos/{owner}/{repo}/security-advisories/{ghsa_id}/cve
+func (s *SecurityAdvisoriesService) RequestCVE(ctx context.Context, owner, repo, ghsaID string) (*Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/security-advisories/%v/cve", owner, repo, ghsaID)
+
+	req, err := s.client.NewRequest("POST", url, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		if _, ok := err.(*AcceptedError); ok {
+			return resp, nil
+		}
+
+		return resp, err
+	}
+
+	return resp, nil
+}
+
+// CreateTemporaryPrivateFork creates a temporary private fork to collaborate on fixing a security vulnerability in your repository.
+// The ghsaID is the GitHub Security Advisory identifier of the advisory.
+//
+// GitHub API docs: https://docs.github.com/rest/security-advisories/repository-advisories#create-a-temporary-private-fork
+//
+//meta:operation POST /repos/{owner}/{repo}/security-advisories/{ghsa_id}/forks
+func (s *SecurityAdvisoriesService) CreateTemporaryPrivateFork(ctx context.Context, owner, repo, ghsaID string) (*Repository, *Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/security-advisories/%v/forks", owner, repo, ghsaID)
+
+	req, err := s.client.NewRequest("POST", url, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	fork := new(Repository)
+	resp, err := s.client.Do(ctx, req, fork)
+	if err != nil {
+		if aerr, ok := err.(*AcceptedError); ok {
+			if err := json.Unmarshal(aerr.Raw, fork); err != nil {
+				return fork, resp, err
+			}
+
+			return fork, resp, err
+		}
+		return nil, resp, err
+	}
+
+	return fork, resp, nil
+}
+
+// ListRepositorySecurityAdvisoriesForOrg lists the repository security advisories for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/security-advisories/repository-advisories#list-repository-security-advisories-for-an-organization
+//
+//meta:operation GET /orgs/{org}/security-advisories
+func (s *SecurityAdvisoriesService) ListRepositorySecurityAdvisoriesForOrg(ctx context.Context, org string, opt *ListRepositorySecurityAdvisoriesOptions) ([]*SecurityAdvisory, *Response, error) {
+	url := fmt.Sprintf("orgs/%v/security-advisories", org)
+	url, err := addOptions(url, opt)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", url, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var advisories []*SecurityAdvisory
+	resp, err := s.client.Do(ctx, req, &advisories)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return advisories, resp, nil
+}
+
+// ListRepositorySecurityAdvisories lists the security advisories in a repository.
+//
+// GitHub API docs: https://docs.github.com/rest/security-advisories/repository-advisories#list-repository-security-advisories
+//
+//meta:operation GET /repos/{owner}/{repo}/security-advisories
+func (s *SecurityAdvisoriesService) ListRepositorySecurityAdvisories(ctx context.Context, owner, repo string, opt *ListRepositorySecurityAdvisoriesOptions) ([]*SecurityAdvisory, *Response, error) {
+	url := fmt.Sprintf("repos/%v/%v/security-advisories", owner, repo)
+	url, err := addOptions(url, opt)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", url, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var advisories []*SecurityAdvisory
+	resp, err := s.client.Do(ctx, req, &advisories)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return advisories, resp, nil
+}
+
+// ListGlobalSecurityAdvisories lists all global security advisories.
+//
+// GitHub API docs: https://docs.github.com/rest/security-advisories/global-advisories#list-global-security-advisories
+//
+//meta:operation GET /advisories
+func (s *SecurityAdvisoriesService) ListGlobalSecurityAdvisories(ctx context.Context, opts *ListGlobalSecurityAdvisoriesOptions) ([]*GlobalSecurityAdvisory, *Response, error) {
+	url := "advisories"
+	url, err := addOptions(url, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", url, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var advisories []*GlobalSecurityAdvisory
+	resp, err := s.client.Do(ctx, req, &advisories)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return advisories, resp, nil
+}
+
+// GetGlobalSecurityAdvisories gets a global security advisory using its GitHub Security Advisory (GHSA) identifier.
+//
+// GitHub API docs: https://docs.github.com/rest/security-advisories/global-advisories#get-a-global-security-advisory
+//
+//meta:operation GET /advisories/{ghsa_id}
+func (s *SecurityAdvisoriesService) GetGlobalSecurityAdvisories(ctx context.Context, ghsaID string) (*GlobalSecurityAdvisory, *Response, error) {
+	url := fmt.Sprintf("advisories/%s", ghsaID)
+	req, err := s.client.NewRequest("GET", url, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var advisory *GlobalSecurityAdvisory
+	resp, err := s.client.Do(ctx, req, &advisory)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return advisory, resp, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/strings.go b/vendor/github.com/google/go-github/v72/github/strings.go
similarity index 82%
rename from vendor/github.com/google/go-github/v55/github/strings.go
rename to vendor/github.com/google/go-github/v72/github/strings.go
index 5611b96a88..f5e61aa326 100644
--- a/vendor/github.com/google/go-github/v55/github/strings.go
+++ b/vendor/github.com/google/go-github/v72/github/strings.go
@@ -8,8 +8,6 @@ package github
 import (
 	"bytes"
 	"fmt"
-	"io"
-
 	"reflect"
 )
 
@@ -27,9 +25,9 @@ func Stringify(message interface{}) string {
 
 // stringifyValue was heavily inspired by the goprotobuf library.
 
-func stringifyValue(w io.Writer, val reflect.Value) {
+func stringifyValue(w *bytes.Buffer, val reflect.Value) {
 	if val.Kind() == reflect.Ptr && val.IsNil() {
-		w.Write([]byte("<nil>"))
+		w.WriteString("<nil>")
 		return
 	}
 
@@ -39,20 +37,20 @@ func stringifyValue(w io.Writer, val reflect.Value) {
 	case reflect.String:
 		fmt.Fprintf(w, `"%s"`, v)
 	case reflect.Slice:
-		w.Write([]byte{'['})
+		w.WriteByte('[')
 		for i := 0; i < v.Len(); i++ {
 			if i > 0 {
-				w.Write([]byte{' '})
+				w.WriteByte(' ')
 			}
 
 			stringifyValue(w, v.Index(i))
 		}
 
-		w.Write([]byte{']'})
+		w.WriteByte(']')
 		return
 	case reflect.Struct:
 		if v.Type().Name() != "" {
-			w.Write([]byte(v.Type().String()))
+			w.WriteString(v.Type().String())
 		}
 
 		// special handling of Timestamp values
@@ -61,7 +59,7 @@ func stringifyValue(w io.Writer, val reflect.Value) {
 			return
 		}
 
-		w.Write([]byte{'{'})
+		w.WriteByte('{')
 
 		var sep bool
 		for i := 0; i < v.NumField(); i++ {
@@ -77,17 +75,17 @@ func stringifyValue(w io.Writer, val reflect.Value) {
 			}
 
 			if sep {
-				w.Write([]byte(", "))
+				w.WriteString(", ")
 			} else {
 				sep = true
 			}
 
-			w.Write([]byte(v.Type().Field(i).Name))
-			w.Write([]byte{':'})
+			w.WriteString(v.Type().Field(i).Name)
+			w.WriteByte(':')
 			stringifyValue(w, fv)
 		}
 
-		w.Write([]byte{'}'})
+		w.WriteByte('}')
 	default:
 		if v.CanInterface() {
 			fmt.Fprint(w, v.Interface())
diff --git a/vendor/github.com/google/go-github/v55/github/teams.go b/vendor/github.com/google/go-github/v72/github/teams.go
similarity index 74%
rename from vendor/github.com/google/go-github/v55/github/teams.go
rename to vendor/github.com/google/go-github/v72/github/teams.go
index 0ee7c20079..d334110f4a 100644
--- a/vendor/github.com/google/go-github/v55/github/teams.go
+++ b/vendor/github.com/google/go-github/v72/github/teams.go
@@ -9,13 +9,12 @@ import (
 	"context"
 	"fmt"
 	"net/http"
-	"strings"
 )
 
 // TeamsService provides access to the team-related functions
 // in the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/
+// GitHub API docs: https://docs.github.com/rest/teams/
 type TeamsService service
 
 // Team represents a team within a GitHub organization. Teams are used to
@@ -31,10 +30,6 @@ type Team struct {
 	// Permission specifies the default permission for repositories owned by the team.
 	Permission *string `json:"permission,omitempty"`
 
-	// Permissions identifies the permissions that a team has on a given
-	// repository. This is only populated when calling Repositories.ListTeams.
-	Permissions map[string]bool `json:"permissions,omitempty"`
-
 	// Privacy identifies the level of privacy this team should have.
 	// Possible values are:
 	//     secret - only visible to organization owners and members of this team
@@ -42,6 +37,9 @@ type Team struct {
 	// Default is "secret".
 	Privacy *string `json:"privacy,omitempty"`
 
+	// NotificationSetting can be one of: "notifications_enabled", "notifications_disabled".
+	NotificationSetting *string `json:"notification_setting,omitempty"`
+
 	MembersCount    *int          `json:"members_count,omitempty"`
 	ReposCount      *int          `json:"repos_count,omitempty"`
 	Organization    *Organization `json:"organization,omitempty"`
@@ -53,6 +51,15 @@ type Team struct {
 	// LDAPDN is only available in GitHub Enterprise and when the team
 	// membership is synchronized with LDAP.
 	LDAPDN *string `json:"ldap_dn,omitempty"`
+
+	// Permissions identifies the permissions that a team has on a given
+	// repository. This is only populated when calling Repositories.ListTeams.
+	Permissions map[string]bool `json:"permissions,omitempty"`
+
+	// Assignment identifies how a team was assigned to an organization role. Its
+	// possible values are: "direct", "indirect", "mixed". This is only populated when
+	// calling the ListTeamsAssignedToOrgRole method.
+	Assignment *string `json:"assignment,omitempty"`
 }
 
 func (t Team) String() string {
@@ -81,7 +88,9 @@ func (i Invitation) String() string {
 
 // ListTeams lists all of the teams for an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#list-teams
+// GitHub API docs: https://docs.github.com/rest/teams/teams#list-teams
+//
+//meta:operation GET /orgs/{org}/teams
 func (s *TeamsService) ListTeams(ctx context.Context, org string, opts *ListOptions) ([]*Team, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams", org)
 	u, err := addOptions(u, opts)
@@ -105,7 +114,11 @@ func (s *TeamsService) ListTeams(ctx context.Context, org string, opts *ListOpti
 
 // GetTeamByID fetches a team, given a specified organization ID, by ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#get-a-team-by-name
+// Deprecated: Use GetTeamBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#get-a-team-by-name
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}
 func (s *TeamsService) GetTeamByID(ctx context.Context, orgID, teamID int64) (*Team, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v", orgID, teamID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -124,7 +137,9 @@ func (s *TeamsService) GetTeamByID(ctx context.Context, orgID, teamID int64) (*T
 
 // GetTeamBySlug fetches a team, given a specified organization name, by slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#get-a-team-by-name
+// GitHub API docs: https://docs.github.com/rest/teams/teams#get-a-team-by-name
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}
 func (s *TeamsService) GetTeamBySlug(ctx context.Context, org, slug string) (*Team, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v", org, slug)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -149,6 +164,9 @@ type NewTeam struct {
 	RepoNames    []string `json:"repo_names,omitempty"`
 	ParentTeamID *int64   `json:"parent_team_id,omitempty"`
 
+	// NotificationSetting can be one of: "notifications_enabled", "notifications_disabled".
+	NotificationSetting *string `json:"notification_setting,omitempty"`
+
 	// Deprecated: Permission is deprecated when creating or editing a team in an org
 	// using the new GitHub permission model. It no longer identifies the
 	// permission a team has on its repos, but only specifies the default
@@ -174,7 +192,9 @@ func (s NewTeam) String() string {
 
 // CreateTeam creates a new team within an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#create-a-team
+// GitHub API docs: https://docs.github.com/rest/teams/teams#create-a-team
+//
+//meta:operation POST /orgs/{org}/teams
 func (s *TeamsService) CreateTeam(ctx context.Context, org string, team NewTeam) (*Team, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams", org)
 	req, err := s.client.NewRequest("POST", u, team)
@@ -195,13 +215,14 @@ func (s *TeamsService) CreateTeam(ctx context.Context, org string, team NewTeam)
 // "parent_team_id" field will be null. It is for internal use
 // only and should not be exported.
 type newTeamNoParent struct {
-	Name         string   `json:"name"`
-	Description  *string  `json:"description,omitempty"`
-	Maintainers  []string `json:"maintainers,omitempty"`
-	RepoNames    []string `json:"repo_names,omitempty"`
-	ParentTeamID *int64   `json:"parent_team_id"` // This will be "null"
-	Privacy      *string  `json:"privacy,omitempty"`
-	LDAPDN       *string  `json:"ldap_dn,omitempty"`
+	Name                string   `json:"name"`
+	Description         *string  `json:"description,omitempty"`
+	Maintainers         []string `json:"maintainers,omitempty"`
+	RepoNames           []string `json:"repo_names,omitempty"`
+	ParentTeamID        *int64   `json:"parent_team_id"` // This will be "null"
+	NotificationSetting *string  `json:"notification_setting,omitempty"`
+	Privacy             *string  `json:"privacy,omitempty"`
+	LDAPDN              *string  `json:"ldap_dn,omitempty"`
 }
 
 // copyNewTeamWithoutParent is used to set the "parent_team_id"
@@ -209,18 +230,23 @@ type newTeamNoParent struct {
 // It is for internal use only and should not be exported.
 func copyNewTeamWithoutParent(team *NewTeam) *newTeamNoParent {
 	return &newTeamNoParent{
-		Name:        team.Name,
-		Description: team.Description,
-		Maintainers: team.Maintainers,
-		RepoNames:   team.RepoNames,
-		Privacy:     team.Privacy,
-		LDAPDN:      team.LDAPDN,
+		Name:                team.Name,
+		Description:         team.Description,
+		Maintainers:         team.Maintainers,
+		RepoNames:           team.RepoNames,
+		NotificationSetting: team.NotificationSetting,
+		Privacy:             team.Privacy,
+		LDAPDN:              team.LDAPDN,
 	}
 }
 
 // EditTeamByID edits a team, given an organization ID, selected by ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#update-a-team
+// Deprecated: Use EditTeamBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#update-a-team
+//
+//meta:operation PATCH /orgs/{org}/teams/{team_slug}
 func (s *TeamsService) EditTeamByID(ctx context.Context, orgID, teamID int64, team NewTeam, removeParent bool) (*Team, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v", orgID, teamID)
 
@@ -247,7 +273,9 @@ func (s *TeamsService) EditTeamByID(ctx context.Context, orgID, teamID int64, te
 
 // EditTeamBySlug edits a team, given an organization name, by slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#update-a-team
+// GitHub API docs: https://docs.github.com/rest/teams/teams#update-a-team
+//
+//meta:operation PATCH /orgs/{org}/teams/{team_slug}
 func (s *TeamsService) EditTeamBySlug(ctx context.Context, org, slug string, team NewTeam, removeParent bool) (*Team, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v", org, slug)
 
@@ -274,7 +302,11 @@ func (s *TeamsService) EditTeamBySlug(ctx context.Context, org, slug string, tea
 
 // DeleteTeamByID deletes a team referenced by ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#delete-a-team
+// Deprecated: Use DeleteTeamBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#delete-a-team
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}
 func (s *TeamsService) DeleteTeamByID(ctx context.Context, orgID, teamID int64) (*Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v", orgID, teamID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -287,7 +319,9 @@ func (s *TeamsService) DeleteTeamByID(ctx context.Context, orgID, teamID int64)
 
 // DeleteTeamBySlug deletes a team reference by slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#delete-a-team
+// GitHub API docs: https://docs.github.com/rest/teams/teams#delete-a-team
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}
 func (s *TeamsService) DeleteTeamBySlug(ctx context.Context, org, slug string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v", org, slug)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -300,7 +334,11 @@ func (s *TeamsService) DeleteTeamBySlug(ctx context.Context, org, slug string) (
 
 // ListChildTeamsByParentID lists child teams for a parent team given parent ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#list-child-teams
+// Deprecated: Use ListChildTeamsByParentSlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#list-child-teams
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/teams
 func (s *TeamsService) ListChildTeamsByParentID(ctx context.Context, orgID, teamID int64, opts *ListOptions) ([]*Team, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/teams", orgID, teamID)
 	u, err := addOptions(u, opts)
@@ -324,7 +362,9 @@ func (s *TeamsService) ListChildTeamsByParentID(ctx context.Context, orgID, team
 
 // ListChildTeamsByParentSlug lists child teams for a parent team given parent slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#list-child-teams
+// GitHub API docs: https://docs.github.com/rest/teams/teams#list-child-teams
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/teams
 func (s *TeamsService) ListChildTeamsByParentSlug(ctx context.Context, org, slug string, opts *ListOptions) ([]*Team, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/teams", org, slug)
 	u, err := addOptions(u, opts)
@@ -348,7 +388,11 @@ func (s *TeamsService) ListChildTeamsByParentSlug(ctx context.Context, org, slug
 
 // ListTeamReposByID lists the repositories given a team ID that the specified team has access to.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#list-team-repositories
+// Deprecated: Use ListTeamReposBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#list-team-repositories
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/repos
 func (s *TeamsService) ListTeamReposByID(ctx context.Context, orgID, teamID int64, opts *ListOptions) ([]*Repository, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/repos", orgID, teamID)
 	u, err := addOptions(u, opts)
@@ -362,8 +406,7 @@ func (s *TeamsService) ListTeamReposByID(ctx context.Context, orgID, teamID int6
 	}
 
 	// TODO: remove custom Accept header when topics API fully launches.
-	headers := []string{mediaTypeTopicsPreview}
-	req.Header.Set("Accept", strings.Join(headers, ", "))
+	req.Header.Set("Accept", mediaTypeTopicsPreview)
 
 	var repos []*Repository
 	resp, err := s.client.Do(ctx, req, &repos)
@@ -376,7 +419,9 @@ func (s *TeamsService) ListTeamReposByID(ctx context.Context, orgID, teamID int6
 
 // ListTeamReposBySlug lists the repositories given a team slug that the specified team has access to.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#list-team-repositories
+// GitHub API docs: https://docs.github.com/rest/teams/teams#list-team-repositories
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/repos
 func (s *TeamsService) ListTeamReposBySlug(ctx context.Context, org, slug string, opts *ListOptions) ([]*Repository, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/repos", org, slug)
 	u, err := addOptions(u, opts)
@@ -390,8 +435,7 @@ func (s *TeamsService) ListTeamReposBySlug(ctx context.Context, org, slug string
 	}
 
 	// TODO: remove custom Accept header when topics API fully launches.
-	headers := []string{mediaTypeTopicsPreview}
-	req.Header.Set("Accept", strings.Join(headers, ", "))
+	req.Header.Set("Accept", mediaTypeTopicsPreview)
 
 	var repos []*Repository
 	resp, err := s.client.Do(ctx, req, &repos)
@@ -406,7 +450,11 @@ func (s *TeamsService) ListTeamReposBySlug(ctx context.Context, org, slug string
 // repository is managed by team, a Repository is returned which includes the
 // permissions team has for that repo.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#check-team-permissions-for-a-repository
+// Deprecated: Use IsTeamRepoBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#check-team-permissions-for-a-repository
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}
 func (s *TeamsService) IsTeamRepoByID(ctx context.Context, orgID, teamID int64, owner, repo string) (*Repository, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/repos/%v/%v", orgID, teamID, owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -414,8 +462,7 @@ func (s *TeamsService) IsTeamRepoByID(ctx context.Context, orgID, teamID int64,
 		return nil, nil, err
 	}
 
-	headers := []string{mediaTypeOrgPermissionRepo}
-	req.Header.Set("Accept", strings.Join(headers, ", "))
+	req.Header.Set("Accept", mediaTypeOrgPermissionRepo)
 
 	repository := new(Repository)
 	resp, err := s.client.Do(ctx, req, repository)
@@ -430,7 +477,9 @@ func (s *TeamsService) IsTeamRepoByID(ctx context.Context, orgID, teamID int64,
 // repository is managed by team, a Repository is returned which includes the
 // permissions team has for that repo.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#check-team-permissions-for-a-repository
+// GitHub API docs: https://docs.github.com/rest/teams/teams#check-team-permissions-for-a-repository
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}
 func (s *TeamsService) IsTeamRepoBySlug(ctx context.Context, org, slug, owner, repo string) (*Repository, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/repos/%v/%v", org, slug, owner, repo)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -438,8 +487,7 @@ func (s *TeamsService) IsTeamRepoBySlug(ctx context.Context, org, slug, owner, r
 		return nil, nil, err
 	}
 
-	headers := []string{mediaTypeOrgPermissionRepo}
-	req.Header.Set("Accept", strings.Join(headers, ", "))
+	req.Header.Set("Accept", mediaTypeOrgPermissionRepo)
 
 	repository := new(Repository)
 	resp, err := s.client.Do(ctx, req, repository)
@@ -469,7 +517,11 @@ type TeamAddTeamRepoOptions struct {
 // The specified repository must be owned by the organization to which the team
 // belongs, or a direct fork of a repository owned by the organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#add-or-update-team-repository-permissions
+// Deprecated: Use AddTeamRepoBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#add-or-update-team-repository-permissions
+//
+//meta:operation PUT /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}
 func (s *TeamsService) AddTeamRepoByID(ctx context.Context, orgID, teamID int64, owner, repo string, opts *TeamAddTeamRepoOptions) (*Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/repos/%v/%v", orgID, teamID, owner, repo)
 	req, err := s.client.NewRequest("PUT", u, opts)
@@ -484,7 +536,9 @@ func (s *TeamsService) AddTeamRepoByID(ctx context.Context, orgID, teamID int64,
 // The specified repository must be owned by the organization to which the team
 // belongs, or a direct fork of a repository owned by the organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#add-or-update-team-repository-permissions
+// GitHub API docs: https://docs.github.com/rest/teams/teams#add-or-update-team-repository-permissions
+//
+//meta:operation PUT /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}
 func (s *TeamsService) AddTeamRepoBySlug(ctx context.Context, org, slug, owner, repo string, opts *TeamAddTeamRepoOptions) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/repos/%v/%v", org, slug, owner, repo)
 	req, err := s.client.NewRequest("PUT", u, opts)
@@ -499,7 +553,11 @@ func (s *TeamsService) AddTeamRepoBySlug(ctx context.Context, org, slug, owner,
 // team given the team ID. Note that this does not delete the repository, it
 // just removes it from the team.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#remove-a-repository-from-a-team
+// Deprecated: Use RemoveTeamRepoBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#remove-a-repository-from-a-team
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}
 func (s *TeamsService) RemoveTeamRepoByID(ctx context.Context, orgID, teamID int64, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/repos/%v/%v", orgID, teamID, owner, repo)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -514,7 +572,9 @@ func (s *TeamsService) RemoveTeamRepoByID(ctx context.Context, orgID, teamID int
 // team given the team slug. Note that this does not delete the repository, it
 // just removes it from the team.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#remove-a-repository-from-a-team
+// GitHub API docs: https://docs.github.com/rest/teams/teams#remove-a-repository-from-a-team
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/repos/{owner}/{repo}
 func (s *TeamsService) RemoveTeamRepoBySlug(ctx context.Context, org, slug, owner, repo string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/repos/%v/%v", org, slug, owner, repo)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -526,7 +586,10 @@ func (s *TeamsService) RemoveTeamRepoBySlug(ctx context.Context, org, slug, owne
 }
 
 // ListUserTeams lists a user's teams
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#list-teams-for-the-authenticated-user
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#list-teams-for-the-authenticated-user
+//
+//meta:operation GET /user/teams
 func (s *TeamsService) ListUserTeams(ctx context.Context, opts *ListOptions) ([]*Team, *Response, error) {
 	u := "user/teams"
 	u, err := addOptions(u, opts)
@@ -550,8 +613,12 @@ func (s *TeamsService) ListUserTeams(ctx context.Context, opts *ListOptions) ([]
 
 // ListTeamProjectsByID lists the organization projects for a team given the team ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#list-team-projects
-func (s *TeamsService) ListTeamProjectsByID(ctx context.Context, orgID, teamID int64) ([]*Project, *Response, error) {
+// Deprecated: Use ListTeamProjectsBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#list-team-projects
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/projects
+func (s *TeamsService) ListTeamProjectsByID(ctx context.Context, orgID, teamID int64) ([]*ProjectV2, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/projects", orgID, teamID)
 
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -560,10 +627,9 @@ func (s *TeamsService) ListTeamProjectsByID(ctx context.Context, orgID, teamID i
 	}
 
 	// TODO: remove custom Accept header when this API fully launches.
-	acceptHeaders := []string{mediaTypeProjectsPreview}
-	req.Header.Set("Accept", strings.Join(acceptHeaders, ", "))
+	req.Header.Set("Accept", mediaTypeProjectsPreview)
 
-	var projects []*Project
+	var projects []*ProjectV2
 	resp, err := s.client.Do(ctx, req, &projects)
 	if err != nil {
 		return nil, resp, err
@@ -574,8 +640,10 @@ func (s *TeamsService) ListTeamProjectsByID(ctx context.Context, orgID, teamID i
 
 // ListTeamProjectsBySlug lists the organization projects for a team given the team slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#list-team-projects
-func (s *TeamsService) ListTeamProjectsBySlug(ctx context.Context, org, slug string) ([]*Project, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/teams/teams#list-team-projects
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/projects
+func (s *TeamsService) ListTeamProjectsBySlug(ctx context.Context, org, slug string) ([]*ProjectV2, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/projects", org, slug)
 
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -584,10 +652,9 @@ func (s *TeamsService) ListTeamProjectsBySlug(ctx context.Context, org, slug str
 	}
 
 	// TODO: remove custom Accept header when this API fully launches.
-	acceptHeaders := []string{mediaTypeProjectsPreview}
-	req.Header.Set("Accept", strings.Join(acceptHeaders, ", "))
+	req.Header.Set("Accept", mediaTypeProjectsPreview)
 
-	var projects []*Project
+	var projects []*ProjectV2
 	resp, err := s.client.Do(ctx, req, &projects)
 	if err != nil {
 		return nil, resp, err
@@ -599,8 +666,12 @@ func (s *TeamsService) ListTeamProjectsBySlug(ctx context.Context, org, slug str
 // ReviewTeamProjectsByID checks whether a team, given its ID, has read, write, or admin
 // permissions for an organization project.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#check-team-permissions-for-a-project
-func (s *TeamsService) ReviewTeamProjectsByID(ctx context.Context, orgID, teamID, projectID int64) (*Project, *Response, error) {
+// Deprecated: Use ReviewTeamProjectsBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#check-team-permissions-for-a-project
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/projects/{project_id}
+func (s *TeamsService) ReviewTeamProjectsByID(ctx context.Context, orgID, teamID, projectID int64) (*ProjectV2, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/projects/%v", orgID, teamID, projectID)
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
@@ -608,10 +679,9 @@ func (s *TeamsService) ReviewTeamProjectsByID(ctx context.Context, orgID, teamID
 	}
 
 	// TODO: remove custom Accept header when this API fully launches.
-	acceptHeaders := []string{mediaTypeProjectsPreview}
-	req.Header.Set("Accept", strings.Join(acceptHeaders, ", "))
+	req.Header.Set("Accept", mediaTypeProjectsPreview)
 
-	projects := &Project{}
+	projects := &ProjectV2{}
 	resp, err := s.client.Do(ctx, req, &projects)
 	if err != nil {
 		return nil, resp, err
@@ -623,8 +693,10 @@ func (s *TeamsService) ReviewTeamProjectsByID(ctx context.Context, orgID, teamID
 // ReviewTeamProjectsBySlug checks whether a team, given its slug, has read, write, or admin
 // permissions for an organization project.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#check-team-permissions-for-a-project
-func (s *TeamsService) ReviewTeamProjectsBySlug(ctx context.Context, org, slug string, projectID int64) (*Project, *Response, error) {
+// GitHub API docs: https://docs.github.com/rest/teams/teams#check-team-permissions-for-a-project
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/projects/{project_id}
+func (s *TeamsService) ReviewTeamProjectsBySlug(ctx context.Context, org, slug string, projectID int64) (*ProjectV2, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/projects/%v", org, slug, projectID)
 	req, err := s.client.NewRequest("GET", u, nil)
 	if err != nil {
@@ -632,10 +704,9 @@ func (s *TeamsService) ReviewTeamProjectsBySlug(ctx context.Context, org, slug s
 	}
 
 	// TODO: remove custom Accept header when this API fully launches.
-	acceptHeaders := []string{mediaTypeProjectsPreview}
-	req.Header.Set("Accept", strings.Join(acceptHeaders, ", "))
+	req.Header.Set("Accept", mediaTypeProjectsPreview)
 
-	projects := &Project{}
+	projects := &ProjectV2{}
 	resp, err := s.client.Do(ctx, req, &projects)
 	if err != nil {
 		return nil, resp, err
@@ -660,7 +731,11 @@ type TeamProjectOptions struct {
 // To add a project to a team or update the team's permission on a project, the
 // authenticated user must have admin permissions for the project.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#add-or-update-team-project-permissions
+// Deprecated: Use AddTeamProjectBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#add-or-update-team-project-permissions
+//
+//meta:operation PUT /orgs/{org}/teams/{team_slug}/projects/{project_id}
 func (s *TeamsService) AddTeamProjectByID(ctx context.Context, orgID, teamID, projectID int64, opts *TeamProjectOptions) (*Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/projects/%v", orgID, teamID, projectID)
 	req, err := s.client.NewRequest("PUT", u, opts)
@@ -669,8 +744,7 @@ func (s *TeamsService) AddTeamProjectByID(ctx context.Context, orgID, teamID, pr
 	}
 
 	// TODO: remove custom Accept header when this API fully launches.
-	acceptHeaders := []string{mediaTypeProjectsPreview}
-	req.Header.Set("Accept", strings.Join(acceptHeaders, ", "))
+	req.Header.Set("Accept", mediaTypeProjectsPreview)
 
 	return s.client.Do(ctx, req, nil)
 }
@@ -679,7 +753,9 @@ func (s *TeamsService) AddTeamProjectByID(ctx context.Context, orgID, teamID, pr
 // To add a project to a team or update the team's permission on a project, the
 // authenticated user must have admin permissions for the project.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#add-or-update-team-project-permissions
+// GitHub API docs: https://docs.github.com/rest/teams/teams#add-or-update-team-project-permissions
+//
+//meta:operation PUT /orgs/{org}/teams/{team_slug}/projects/{project_id}
 func (s *TeamsService) AddTeamProjectBySlug(ctx context.Context, org, slug string, projectID int64, opts *TeamProjectOptions) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/projects/%v", org, slug, projectID)
 	req, err := s.client.NewRequest("PUT", u, opts)
@@ -688,8 +764,7 @@ func (s *TeamsService) AddTeamProjectBySlug(ctx context.Context, org, slug strin
 	}
 
 	// TODO: remove custom Accept header when this API fully launches.
-	acceptHeaders := []string{mediaTypeProjectsPreview}
-	req.Header.Set("Accept", strings.Join(acceptHeaders, ", "))
+	req.Header.Set("Accept", mediaTypeProjectsPreview)
 
 	return s.client.Do(ctx, req, nil)
 }
@@ -701,7 +776,11 @@ func (s *TeamsService) AddTeamProjectBySlug(ctx context.Context, org, slug strin
 // or project.
 // Note: This endpoint removes the project from the team, but does not delete it.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#remove-a-project-from-a-team
+// Deprecated: Use RemoveTeamProjectBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/rest/teams/teams#remove-a-project-from-a-team
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/projects/{project_id}
 func (s *TeamsService) RemoveTeamProjectByID(ctx context.Context, orgID, teamID, projectID int64) (*Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/projects/%v", orgID, teamID, projectID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -710,8 +789,7 @@ func (s *TeamsService) RemoveTeamProjectByID(ctx context.Context, orgID, teamID,
 	}
 
 	// TODO: remove custom Accept header when this API fully launches.
-	acceptHeaders := []string{mediaTypeProjectsPreview}
-	req.Header.Set("Accept", strings.Join(acceptHeaders, ", "))
+	req.Header.Set("Accept", mediaTypeProjectsPreview)
 
 	return s.client.Do(ctx, req, nil)
 }
@@ -723,7 +801,9 @@ func (s *TeamsService) RemoveTeamProjectByID(ctx context.Context, orgID, teamID,
 // or project.
 // Note: This endpoint removes the project from the team, but does not delete it.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/teams#remove-a-project-from-a-team
+// GitHub API docs: https://docs.github.com/rest/teams/teams#remove-a-project-from-a-team
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/projects/{project_id}
 func (s *TeamsService) RemoveTeamProjectBySlug(ctx context.Context, org, slug string, projectID int64) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/projects/%v", org, slug, projectID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -732,12 +812,19 @@ func (s *TeamsService) RemoveTeamProjectBySlug(ctx context.Context, org, slug st
 	}
 
 	// TODO: remove custom Accept header when this API fully launches.
-	acceptHeaders := []string{mediaTypeProjectsPreview}
-	req.Header.Set("Accept", strings.Join(acceptHeaders, ", "))
+	req.Header.Set("Accept", mediaTypeProjectsPreview)
 
 	return s.client.Do(ctx, req, nil)
 }
 
+// ListIDPGroupsOptions specifies the optional parameters to the ListIDPGroupsInOrganization method.
+type ListIDPGroupsOptions struct {
+	// Filters the results to return only those that begin with the value specified by this parameter.
+	Query string `url:"q,omitempty"`
+
+	ListCursorOptions
+}
+
 // IDPGroupList represents a list of external identity provider (IDP) groups.
 type IDPGroupList struct {
 	Groups []*IDPGroup `json:"groups"`
@@ -752,8 +839,10 @@ type IDPGroup struct {
 
 // ListIDPGroupsInOrganization lists IDP groups available in an organization.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/team-sync#list-idp-groups-for-an-organization
-func (s *TeamsService) ListIDPGroupsInOrganization(ctx context.Context, org string, opts *ListCursorOptions) (*IDPGroupList, *Response, error) {
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/teams/team-sync#list-idp-groups-for-an-organization
+//
+//meta:operation GET /orgs/{org}/team-sync/groups
+func (s *TeamsService) ListIDPGroupsInOrganization(ctx context.Context, org string, opts *ListIDPGroupsOptions) (*IDPGroupList, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/team-sync/groups", org)
 	u, err := addOptions(u, opts)
 	if err != nil {
@@ -777,7 +866,11 @@ func (s *TeamsService) ListIDPGroupsInOrganization(ctx context.Context, org stri
 // ListIDPGroupsForTeamByID lists IDP groups connected to a team on GitHub
 // given organization and team IDs.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/team-sync#list-idp-groups-for-a-team
+// Deprecated: Use ListIDPGroupsForTeamBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/teams/team-sync#list-idp-groups-for-a-team
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/team-sync/group-mappings
 func (s *TeamsService) ListIDPGroupsForTeamByID(ctx context.Context, orgID, teamID int64) (*IDPGroupList, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/team-sync/group-mappings", orgID, teamID)
 
@@ -798,7 +891,9 @@ func (s *TeamsService) ListIDPGroupsForTeamByID(ctx context.Context, orgID, team
 // ListIDPGroupsForTeamBySlug lists IDP groups connected to a team on GitHub
 // given organization name and team slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/team-sync#list-idp-groups-for-a-team
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/teams/team-sync#list-idp-groups-for-a-team
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/team-sync/group-mappings
 func (s *TeamsService) ListIDPGroupsForTeamBySlug(ctx context.Context, org, slug string) (*IDPGroupList, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/team-sync/group-mappings", org, slug)
 
@@ -819,7 +914,11 @@ func (s *TeamsService) ListIDPGroupsForTeamBySlug(ctx context.Context, org, slug
 // CreateOrUpdateIDPGroupConnectionsByID creates, updates, or removes a connection
 // between a team and an IDP group given organization and team IDs.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/team-sync#create-or-update-idp-group-connections
+// Deprecated: Use CreateOrUpdateIDPGroupConnectionsBySlug instead.
+//
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/teams/team-sync#create-or-update-idp-group-connections
+//
+//meta:operation PATCH /orgs/{org}/teams/{team_slug}/team-sync/group-mappings
 func (s *TeamsService) CreateOrUpdateIDPGroupConnectionsByID(ctx context.Context, orgID, teamID int64, opts IDPGroupList) (*IDPGroupList, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/team-sync/group-mappings", orgID, teamID)
 
@@ -840,7 +939,9 @@ func (s *TeamsService) CreateOrUpdateIDPGroupConnectionsByID(ctx context.Context
 // CreateOrUpdateIDPGroupConnectionsBySlug creates, updates, or removes a connection
 // between a team and an IDP group given organization name and team slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/team-sync#create-or-update-idp-group-connections
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/teams/team-sync#create-or-update-idp-group-connections
+//
+//meta:operation PATCH /orgs/{org}/teams/{team_slug}/team-sync/group-mappings
 func (s *TeamsService) CreateOrUpdateIDPGroupConnectionsBySlug(ctx context.Context, org, slug string, opts IDPGroupList) (*IDPGroupList, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/team-sync/group-mappings", org, slug)
 
@@ -888,7 +989,9 @@ type ExternalGroupList struct {
 
 // GetExternalGroup fetches an external group.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/teams/external-groups#get-an-external-group
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/teams/external-groups#get-an-external-group
+//
+//meta:operation GET /orgs/{org}/external-group/{group_id}
 func (s *TeamsService) GetExternalGroup(ctx context.Context, org string, groupID int64) (*ExternalGroup, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/external-group/%v", org, groupID)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -915,7 +1018,9 @@ type ListExternalGroupsOptions struct {
 
 // ListExternalGroups lists external groups in an organization on GitHub.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/teams/external-groups#list-external-groups-in-an-organization
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/teams/external-groups#list-external-groups-in-an-organization
+//
+//meta:operation GET /orgs/{org}/external-groups
 func (s *TeamsService) ListExternalGroups(ctx context.Context, org string, opts *ListExternalGroupsOptions) (*ExternalGroupList, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/external-groups", org)
 	u, err := addOptions(u, opts)
@@ -939,7 +1044,9 @@ func (s *TeamsService) ListExternalGroups(ctx context.Context, org string, opts
 
 // ListExternalGroupsForTeamBySlug lists external groups connected to a team on GitHub.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/teams/external-groups#list-a-connection-between-an-external-group-and-a-team
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/teams/external-groups#list-a-connection-between-an-external-group-and-a-team
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/external-groups
 func (s *TeamsService) ListExternalGroupsForTeamBySlug(ctx context.Context, org, slug string) (*ExternalGroupList, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/external-groups", org, slug)
 
@@ -959,7 +1066,9 @@ func (s *TeamsService) ListExternalGroupsForTeamBySlug(ctx context.Context, org,
 
 // UpdateConnectedExternalGroup updates the connection between an external group and a team.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/teams/external-groups#update-the-connection-between-an-external-group-and-a-team
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/teams/external-groups#update-the-connection-between-an-external-group-and-a-team
+//
+//meta:operation PATCH /orgs/{org}/teams/{team_slug}/external-groups
 func (s *TeamsService) UpdateConnectedExternalGroup(ctx context.Context, org, slug string, eg *ExternalGroup) (*ExternalGroup, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/external-groups", org, slug)
 
@@ -979,7 +1088,9 @@ func (s *TeamsService) UpdateConnectedExternalGroup(ctx context.Context, org, sl
 
 // RemoveConnectedExternalGroup removes the connection between an external group and a team.
 //
-// GitHub API docs: https://docs.github.com/en/enterprise-cloud@latest/rest/teams/external-groups#remove-the-connection-between-an-external-group-and-a-team
+// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/teams/external-groups#remove-the-connection-between-an-external-group-and-a-team
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/external-groups
 func (s *TeamsService) RemoveConnectedExternalGroup(ctx context.Context, org, slug string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/external-groups", org, slug)
 
diff --git a/vendor/github.com/google/go-github/v55/github/teams_discussion_comments.go b/vendor/github.com/google/go-github/v72/github/teams_discussion_comments.go
similarity index 77%
rename from vendor/github.com/google/go-github/v55/github/teams_discussion_comments.go
rename to vendor/github.com/google/go-github/v72/github/teams_discussion_comments.go
index f3a1cc4dc0..70bcbbc95b 100644
--- a/vendor/github.com/google/go-github/v55/github/teams_discussion_comments.go
+++ b/vendor/github.com/google/go-github/v72/github/teams_discussion_comments.go
@@ -10,7 +10,7 @@ import (
 	"fmt"
 )
 
-// DiscussionComment represents a GitHub dicussion in a team.
+// DiscussionComment represents a GitHub discussion in a team.
 type DiscussionComment struct {
 	Author        *User      `json:"author,omitempty"`
 	Body          *string    `json:"body,omitempty"`
@@ -43,7 +43,9 @@ type DiscussionCommentListOptions struct {
 // ListCommentsByID lists all comments on a team discussion by team ID.
 // Authenticated user must grant read:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussion-comments#list-discussion-comments
+// GitHub API docs: https://docs.github.com/rest/teams/discussion-comments#list-discussion-comments
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments
 func (s *TeamsService) ListCommentsByID(ctx context.Context, orgID, teamID int64, discussionNumber int, options *DiscussionCommentListOptions) ([]*DiscussionComment, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/discussions/%v/comments", orgID, teamID, discussionNumber)
 	u, err := addOptions(u, options)
@@ -68,7 +70,9 @@ func (s *TeamsService) ListCommentsByID(ctx context.Context, orgID, teamID int64
 // ListCommentsBySlug lists all comments on a team discussion by team slug.
 // Authenticated user must grant read:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussion-comments#list-discussion-comments
+// GitHub API docs: https://docs.github.com/rest/teams/discussion-comments#list-discussion-comments
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments
 func (s *TeamsService) ListCommentsBySlug(ctx context.Context, org, slug string, discussionNumber int, options *DiscussionCommentListOptions) ([]*DiscussionComment, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v/comments", org, slug, discussionNumber)
 	u, err := addOptions(u, options)
@@ -93,7 +97,9 @@ func (s *TeamsService) ListCommentsBySlug(ctx context.Context, org, slug string,
 // GetCommentByID gets a specific comment on a team discussion by team ID.
 // Authenticated user must grant read:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussion-comments#get-a-discussion-comment
+// GitHub API docs: https://docs.github.com/rest/teams/discussion-comments#get-a-discussion-comment
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}
 func (s *TeamsService) GetCommentByID(ctx context.Context, orgID, teamID int64, discussionNumber, commentNumber int) (*DiscussionComment, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/discussions/%v/comments/%v", orgID, teamID, discussionNumber, commentNumber)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -113,7 +119,9 @@ func (s *TeamsService) GetCommentByID(ctx context.Context, orgID, teamID int64,
 // GetCommentBySlug gets a specific comment on a team discussion by team slug.
 // Authenticated user must grant read:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussion-comments#get-a-discussion-comment
+// GitHub API docs: https://docs.github.com/rest/teams/discussion-comments#get-a-discussion-comment
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}
 func (s *TeamsService) GetCommentBySlug(ctx context.Context, org, slug string, discussionNumber, commentNumber int) (*DiscussionComment, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v/comments/%v", org, slug, discussionNumber, commentNumber)
 
@@ -134,9 +142,11 @@ func (s *TeamsService) GetCommentBySlug(ctx context.Context, org, slug string, d
 // CreateCommentByID creates a new comment on a team discussion by team ID.
 // Authenticated user must grant write:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussion-comments#create-a-discussion-comment
-func (s *TeamsService) CreateCommentByID(ctx context.Context, orgID, teamID int64, discsusionNumber int, comment DiscussionComment) (*DiscussionComment, *Response, error) {
-	u := fmt.Sprintf("organizations/%v/team/%v/discussions/%v/comments", orgID, teamID, discsusionNumber)
+// GitHub API docs: https://docs.github.com/rest/teams/discussion-comments#create-a-discussion-comment
+//
+//meta:operation POST /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments
+func (s *TeamsService) CreateCommentByID(ctx context.Context, orgID, teamID int64, discussionNumber int, comment DiscussionComment) (*DiscussionComment, *Response, error) {
+	u := fmt.Sprintf("organizations/%v/team/%v/discussions/%v/comments", orgID, teamID, discussionNumber)
 	req, err := s.client.NewRequest("POST", u, comment)
 	if err != nil {
 		return nil, nil, err
@@ -154,9 +164,11 @@ func (s *TeamsService) CreateCommentByID(ctx context.Context, orgID, teamID int6
 // CreateCommentBySlug creates a new comment on a team discussion by team slug.
 // Authenticated user must grant write:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussion-comments#create-a-discussion-comment
-func (s *TeamsService) CreateCommentBySlug(ctx context.Context, org, slug string, discsusionNumber int, comment DiscussionComment) (*DiscussionComment, *Response, error) {
-	u := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v/comments", org, slug, discsusionNumber)
+// GitHub API docs: https://docs.github.com/rest/teams/discussion-comments#create-a-discussion-comment
+//
+//meta:operation POST /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments
+func (s *TeamsService) CreateCommentBySlug(ctx context.Context, org, slug string, discussionNumber int, comment DiscussionComment) (*DiscussionComment, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v/comments", org, slug, discussionNumber)
 	req, err := s.client.NewRequest("POST", u, comment)
 	if err != nil {
 		return nil, nil, err
@@ -175,7 +187,9 @@ func (s *TeamsService) CreateCommentBySlug(ctx context.Context, org, slug string
 // Authenticated user must grant write:discussion scope.
 // User is allowed to edit body of a comment only.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussion-comments#update-a-discussion-comment
+// GitHub API docs: https://docs.github.com/rest/teams/discussion-comments#update-a-discussion-comment
+//
+//meta:operation PATCH /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}
 func (s *TeamsService) EditCommentByID(ctx context.Context, orgID, teamID int64, discussionNumber, commentNumber int, comment DiscussionComment) (*DiscussionComment, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/discussions/%v/comments/%v", orgID, teamID, discussionNumber, commentNumber)
 	req, err := s.client.NewRequest("PATCH", u, comment)
@@ -196,7 +210,9 @@ func (s *TeamsService) EditCommentByID(ctx context.Context, orgID, teamID int64,
 // Authenticated user must grant write:discussion scope.
 // User is allowed to edit body of a comment only.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussion-comments#update-a-discussion-comment
+// GitHub API docs: https://docs.github.com/rest/teams/discussion-comments#update-a-discussion-comment
+//
+//meta:operation PATCH /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}
 func (s *TeamsService) EditCommentBySlug(ctx context.Context, org, slug string, discussionNumber, commentNumber int, comment DiscussionComment) (*DiscussionComment, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v/comments/%v", org, slug, discussionNumber, commentNumber)
 	req, err := s.client.NewRequest("PATCH", u, comment)
@@ -216,7 +232,9 @@ func (s *TeamsService) EditCommentBySlug(ctx context.Context, org, slug string,
 // DeleteCommentByID deletes a comment on a team discussion by team ID.
 // Authenticated user must grant write:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussion-comments#delete-a-discussion-comment
+// GitHub API docs: https://docs.github.com/rest/teams/discussion-comments#delete-a-discussion-comment
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}
 func (s *TeamsService) DeleteCommentByID(ctx context.Context, orgID, teamID int64, discussionNumber, commentNumber int) (*Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/discussions/%v/comments/%v", orgID, teamID, discussionNumber, commentNumber)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -230,7 +248,9 @@ func (s *TeamsService) DeleteCommentByID(ctx context.Context, orgID, teamID int6
 // DeleteCommentBySlug deletes a comment on a team discussion by team slug.
 // Authenticated user must grant write:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussion-comments#delete-a-discussion-comment
+// GitHub API docs: https://docs.github.com/rest/teams/discussion-comments#delete-a-discussion-comment
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}/comments/{comment_number}
 func (s *TeamsService) DeleteCommentBySlug(ctx context.Context, org, slug string, discussionNumber, commentNumber int) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v/comments/%v", org, slug, discussionNumber, commentNumber)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/teams_discussions.go b/vendor/github.com/google/go-github/v72/github/teams_discussions.go
similarity index 82%
rename from vendor/github.com/google/go-github/v55/github/teams_discussions.go
rename to vendor/github.com/google/go-github/v72/github/teams_discussions.go
index 69a3ebd51f..b056525f4e 100644
--- a/vendor/github.com/google/go-github/v55/github/teams_discussions.go
+++ b/vendor/github.com/google/go-github/v72/github/teams_discussions.go
@@ -10,7 +10,7 @@ import (
 	"fmt"
 )
 
-// TeamDiscussion represents a GitHub dicussion in a team.
+// TeamDiscussion represents a GitHub discussion in a team.
 type TeamDiscussion struct {
 	Author        *User      `json:"author,omitempty"`
 	Body          *string    `json:"body,omitempty"`
@@ -49,7 +49,9 @@ type DiscussionListOptions struct {
 // ListDiscussionsByID lists all discussions on team's page given Organization and Team ID.
 // Authenticated user must grant read:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussions#list-discussions
+// GitHub API docs: https://docs.github.com/rest/teams/discussions#list-discussions
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/discussions
 func (s *TeamsService) ListDiscussionsByID(ctx context.Context, orgID, teamID int64, opts *DiscussionListOptions) ([]*TeamDiscussion, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/discussions", orgID, teamID)
 	u, err := addOptions(u, opts)
@@ -74,7 +76,9 @@ func (s *TeamsService) ListDiscussionsByID(ctx context.Context, orgID, teamID in
 // ListDiscussionsBySlug lists all discussions on team's page given Organization name and Team's slug.
 // Authenticated user must grant read:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussions#list-discussions
+// GitHub API docs: https://docs.github.com/rest/teams/discussions#list-discussions
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/discussions
 func (s *TeamsService) ListDiscussionsBySlug(ctx context.Context, org, slug string, opts *DiscussionListOptions) ([]*TeamDiscussion, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/discussions", org, slug)
 	u, err := addOptions(u, opts)
@@ -99,7 +103,9 @@ func (s *TeamsService) ListDiscussionsBySlug(ctx context.Context, org, slug stri
 // GetDiscussionByID gets a specific discussion on a team's page given Organization and Team ID.
 // Authenticated user must grant read:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussions#get-a-discussion
+// GitHub API docs: https://docs.github.com/rest/teams/discussions#get-a-discussion
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}
 func (s *TeamsService) GetDiscussionByID(ctx context.Context, orgID, teamID int64, discussionNumber int) (*TeamDiscussion, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/discussions/%v", orgID, teamID, discussionNumber)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -119,7 +125,9 @@ func (s *TeamsService) GetDiscussionByID(ctx context.Context, orgID, teamID int6
 // GetDiscussionBySlug gets a specific discussion on a team's page given Organization name and Team's slug.
 // Authenticated user must grant read:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussions#get-a-discussion
+// GitHub API docs: https://docs.github.com/rest/teams/discussions#get-a-discussion
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}
 func (s *TeamsService) GetDiscussionBySlug(ctx context.Context, org, slug string, discussionNumber int) (*TeamDiscussion, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v", org, slug, discussionNumber)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -139,7 +147,9 @@ func (s *TeamsService) GetDiscussionBySlug(ctx context.Context, org, slug string
 // CreateDiscussionByID creates a new discussion post on a team's page given Organization and Team ID.
 // Authenticated user must grant write:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussions#create-a-discussion
+// GitHub API docs: https://docs.github.com/rest/teams/discussions#create-a-discussion
+//
+//meta:operation POST /orgs/{org}/teams/{team_slug}/discussions
 func (s *TeamsService) CreateDiscussionByID(ctx context.Context, orgID, teamID int64, discussion TeamDiscussion) (*TeamDiscussion, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/discussions", orgID, teamID)
 	req, err := s.client.NewRequest("POST", u, discussion)
@@ -159,7 +169,9 @@ func (s *TeamsService) CreateDiscussionByID(ctx context.Context, orgID, teamID i
 // CreateDiscussionBySlug creates a new discussion post on a team's page given Organization name and Team's slug.
 // Authenticated user must grant write:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussions#create-a-discussion
+// GitHub API docs: https://docs.github.com/rest/teams/discussions#create-a-discussion
+//
+//meta:operation POST /orgs/{org}/teams/{team_slug}/discussions
 func (s *TeamsService) CreateDiscussionBySlug(ctx context.Context, org, slug string, discussion TeamDiscussion) (*TeamDiscussion, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/discussions", org, slug)
 	req, err := s.client.NewRequest("POST", u, discussion)
@@ -180,7 +192,9 @@ func (s *TeamsService) CreateDiscussionBySlug(ctx context.Context, org, slug str
 // Authenticated user must grant write:discussion scope.
 // User is allowed to change Title and Body of a discussion only.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussions#update-a-discussion
+// GitHub API docs: https://docs.github.com/rest/teams/discussions#update-a-discussion
+//
+//meta:operation PATCH /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}
 func (s *TeamsService) EditDiscussionByID(ctx context.Context, orgID, teamID int64, discussionNumber int, discussion TeamDiscussion) (*TeamDiscussion, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/discussions/%v", orgID, teamID, discussionNumber)
 	req, err := s.client.NewRequest("PATCH", u, discussion)
@@ -201,7 +215,9 @@ func (s *TeamsService) EditDiscussionByID(ctx context.Context, orgID, teamID int
 // Authenticated user must grant write:discussion scope.
 // User is allowed to change Title and Body of a discussion only.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussions#update-a-discussion
+// GitHub API docs: https://docs.github.com/rest/teams/discussions#update-a-discussion
+//
+//meta:operation PATCH /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}
 func (s *TeamsService) EditDiscussionBySlug(ctx context.Context, org, slug string, discussionNumber int, discussion TeamDiscussion) (*TeamDiscussion, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v", org, slug, discussionNumber)
 	req, err := s.client.NewRequest("PATCH", u, discussion)
@@ -221,7 +237,9 @@ func (s *TeamsService) EditDiscussionBySlug(ctx context.Context, org, slug strin
 // DeleteDiscussionByID deletes a discussion from team's page given Organization and Team ID.
 // Authenticated user must grant write:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussions#delete-a-discussion
+// GitHub API docs: https://docs.github.com/rest/teams/discussions#delete-a-discussion
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}
 func (s *TeamsService) DeleteDiscussionByID(ctx context.Context, orgID, teamID int64, discussionNumber int) (*Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/discussions/%v", orgID, teamID, discussionNumber)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -235,7 +253,9 @@ func (s *TeamsService) DeleteDiscussionByID(ctx context.Context, orgID, teamID i
 // DeleteDiscussionBySlug deletes a discussion from team's page given Organization name and Team's slug.
 // Authenticated user must grant write:discussion scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/discussions#delete-a-discussion
+// GitHub API docs: https://docs.github.com/rest/teams/discussions#delete-a-discussion
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/discussions/{discussion_number}
 func (s *TeamsService) DeleteDiscussionBySlug(ctx context.Context, org, slug string, discussionNumber int) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/discussions/%v", org, slug, discussionNumber)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/teams_members.go b/vendor/github.com/google/go-github/v72/github/teams_members.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/teams_members.go
rename to vendor/github.com/google/go-github/v72/github/teams_members.go
index 58cb79744e..059d993a3e 100644
--- a/vendor/github.com/google/go-github/v55/github/teams_members.go
+++ b/vendor/github.com/google/go-github/v72/github/teams_members.go
@@ -23,7 +23,9 @@ type TeamListTeamMembersOptions struct {
 // ListTeamMembersByID lists all of the users who are members of a team, given a specified
 // organization ID, by team ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/members#list-team-members
+// GitHub API docs: https://docs.github.com/rest/teams/members#list-team-members
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/members
 func (s *TeamsService) ListTeamMembersByID(ctx context.Context, orgID, teamID int64, opts *TeamListTeamMembersOptions) ([]*User, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/members", orgID, teamID)
 	u, err := addOptions(u, opts)
@@ -48,7 +50,9 @@ func (s *TeamsService) ListTeamMembersByID(ctx context.Context, orgID, teamID in
 // ListTeamMembersBySlug lists all of the users who are members of a team, given a specified
 // organization name, by team slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/members#list-team-members
+// GitHub API docs: https://docs.github.com/rest/teams/members#list-team-members
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/members
 func (s *TeamsService) ListTeamMembersBySlug(ctx context.Context, org, slug string, opts *TeamListTeamMembersOptions) ([]*User, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/members", org, slug)
 	u, err := addOptions(u, opts)
@@ -73,7 +77,9 @@ func (s *TeamsService) ListTeamMembersBySlug(ctx context.Context, org, slug stri
 // GetTeamMembershipByID returns the membership status for a user in a team, given a specified
 // organization ID, by team ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/members#list-team-members
+// GitHub API docs: https://docs.github.com/rest/teams/members#list-team-members
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/members
 func (s *TeamsService) GetTeamMembershipByID(ctx context.Context, orgID, teamID int64, user string) (*Membership, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/memberships/%v", orgID, teamID, user)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -93,7 +99,9 @@ func (s *TeamsService) GetTeamMembershipByID(ctx context.Context, orgID, teamID
 // GetTeamMembershipBySlug returns the membership status for a user in a team, given a specified
 // organization name, by team slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/members#get-team-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/teams/members#get-team-membership-for-a-user
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/memberships/{username}
 func (s *TeamsService) GetTeamMembershipBySlug(ctx context.Context, org, slug, user string) (*Membership, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/memberships/%v", org, slug, user)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -127,7 +135,9 @@ type TeamAddTeamMembershipOptions struct {
 // AddTeamMembershipByID adds or invites a user to a team, given a specified
 // organization ID, by team ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/members#add-or-update-team-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/teams/members#add-or-update-team-membership-for-a-user
+//
+//meta:operation PUT /orgs/{org}/teams/{team_slug}/memberships/{username}
 func (s *TeamsService) AddTeamMembershipByID(ctx context.Context, orgID, teamID int64, user string, opts *TeamAddTeamMembershipOptions) (*Membership, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/memberships/%v", orgID, teamID, user)
 	req, err := s.client.NewRequest("PUT", u, opts)
@@ -147,7 +157,9 @@ func (s *TeamsService) AddTeamMembershipByID(ctx context.Context, orgID, teamID
 // AddTeamMembershipBySlug adds or invites a user to a team, given a specified
 // organization name, by team slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/members#add-or-update-team-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/teams/members#add-or-update-team-membership-for-a-user
+//
+//meta:operation PUT /orgs/{org}/teams/{team_slug}/memberships/{username}
 func (s *TeamsService) AddTeamMembershipBySlug(ctx context.Context, org, slug, user string, opts *TeamAddTeamMembershipOptions) (*Membership, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/memberships/%v", org, slug, user)
 	req, err := s.client.NewRequest("PUT", u, opts)
@@ -167,7 +179,9 @@ func (s *TeamsService) AddTeamMembershipBySlug(ctx context.Context, org, slug, u
 // RemoveTeamMembershipByID removes a user from a team, given a specified
 // organization ID, by team ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/members#remove-team-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/teams/members#remove-team-membership-for-a-user
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/memberships/{username}
 func (s *TeamsService) RemoveTeamMembershipByID(ctx context.Context, orgID, teamID int64, user string) (*Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/memberships/%v", orgID, teamID, user)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -181,7 +195,9 @@ func (s *TeamsService) RemoveTeamMembershipByID(ctx context.Context, orgID, team
 // RemoveTeamMembershipBySlug removes a user from a team, given a specified
 // organization name, by team slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/members#remove-team-membership-for-a-user
+// GitHub API docs: https://docs.github.com/rest/teams/members#remove-team-membership-for-a-user
+//
+//meta:operation DELETE /orgs/{org}/teams/{team_slug}/memberships/{username}
 func (s *TeamsService) RemoveTeamMembershipBySlug(ctx context.Context, org, slug, user string) (*Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/memberships/%v", org, slug, user)
 	req, err := s.client.NewRequest("DELETE", u, nil)
@@ -195,7 +211,9 @@ func (s *TeamsService) RemoveTeamMembershipBySlug(ctx context.Context, org, slug
 // ListPendingTeamInvitationsByID gets pending invitation list of a team, given a specified
 // organization ID, by team ID.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/members#list-pending-team-invitations
+// GitHub API docs: https://docs.github.com/rest/teams/members#list-pending-team-invitations
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/invitations
 func (s *TeamsService) ListPendingTeamInvitationsByID(ctx context.Context, orgID, teamID int64, opts *ListOptions) ([]*Invitation, *Response, error) {
 	u := fmt.Sprintf("organizations/%v/team/%v/invitations", orgID, teamID)
 	u, err := addOptions(u, opts)
@@ -220,7 +238,9 @@ func (s *TeamsService) ListPendingTeamInvitationsByID(ctx context.Context, orgID
 // ListPendingTeamInvitationsBySlug get pending invitation list of a team, given a specified
 // organization name, by team slug.
 //
-// GitHub API docs: https://docs.github.com/en/rest/teams/members#list-pending-team-invitations
+// GitHub API docs: https://docs.github.com/rest/teams/members#list-pending-team-invitations
+//
+//meta:operation GET /orgs/{org}/teams/{team_slug}/invitations
 func (s *TeamsService) ListPendingTeamInvitationsBySlug(ctx context.Context, org, slug string, opts *ListOptions) ([]*Invitation, *Response, error) {
 	u := fmt.Sprintf("orgs/%v/teams/%v/invitations", org, slug)
 	u, err := addOptions(u, opts)
diff --git a/vendor/github.com/google/go-github/v55/github/timestamp.go b/vendor/github.com/google/go-github/v72/github/timestamp.go
similarity index 89%
rename from vendor/github.com/google/go-github/v55/github/timestamp.go
rename to vendor/github.com/google/go-github/v72/github/timestamp.go
index 00c1235e9d..71660193bb 100644
--- a/vendor/github.com/google/go-github/v55/github/timestamp.go
+++ b/vendor/github.com/google/go-github/v72/github/timestamp.go
@@ -10,7 +10,7 @@ import (
 	"time"
 )
 
-// Timestamp represents a time that can be unmarshalled from a JSON string
+// Timestamp represents a time that can be unmarshaled from a JSON string
 // formatted as either an RFC3339 or Unix timestamp. This is necessary for some
 // fields since the GitHub API is inconsistent in how it represents times. All
 // exported methods of time.Time can be called on Timestamp.
@@ -46,7 +46,7 @@ func (t *Timestamp) UnmarshalJSON(data []byte) (err error) {
 	return
 }
 
-// Equal reports whether t and u are equal based on time.Equal
+// Equal reports whether t and u are equal based on time.Equal.
 func (t Timestamp) Equal(u Timestamp) bool {
 	return t.Time.Equal(u.Time)
 }
diff --git a/vendor/github.com/google/go-github/v55/github/users.go b/vendor/github.com/google/go-github/v72/github/users.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/users.go
rename to vendor/github.com/google/go-github/v72/github/users.go
index 1b0670103b..28db59c5e1 100644
--- a/vendor/github.com/google/go-github/v55/github/users.go
+++ b/vendor/github.com/google/go-github/v72/github/users.go
@@ -13,7 +13,7 @@ import (
 // UsersService handles communication with the user related
 // methods of the GitHub API.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/
+// GitHub API docs: https://docs.github.com/rest/users/
 type UsersService service
 
 // User represents a GitHub user.
@@ -63,13 +63,21 @@ type User struct {
 	SubscriptionsURL  *string `json:"subscriptions_url,omitempty"`
 
 	// TextMatches is only populated from search results that request text matches
-	// See: search.go and https://docs.github.com/en/rest/search/#text-match-metadata
+	// See: search.go and https://docs.github.com/rest/search/#text-match-metadata
 	TextMatches []*TextMatch `json:"text_matches,omitempty"`
 
 	// Permissions and RoleName identify the permissions and role that a user has on a given
 	// repository. These are only populated when calling Repositories.ListCollaborators.
 	Permissions map[string]bool `json:"permissions,omitempty"`
 	RoleName    *string         `json:"role_name,omitempty"`
+
+	// Assignment identifies how a user was assigned to an organization role. Its
+	// possible values are: "direct", "indirect", "mixed". This is only populated when
+	// calling the ListUsersAssignedToOrgRole method.
+	Assignment *string `json:"assignment,omitempty"`
+	// InheritedFrom identifies the team that a user inherited their organization role
+	// from. This is only populated when calling the ListUsersAssignedToOrgRole method.
+	InheritedFrom []*Team `json:"inherited_from,omitempty"`
 }
 
 func (u User) String() string {
@@ -79,8 +87,11 @@ func (u User) String() string {
 // Get fetches a user. Passing the empty string will fetch the authenticated
 // user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/users#get-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/users/users#get-a-user
+// GitHub API docs: https://docs.github.com/rest/users/users#get-a-user
+// GitHub API docs: https://docs.github.com/rest/users/users#get-the-authenticated-user
+//
+//meta:operation GET /user
+//meta:operation GET /users/{username}
 func (s *UsersService) Get(ctx context.Context, user string) (*User, *Response, error) {
 	var u string
 	if user != "" {
@@ -104,7 +115,9 @@ func (s *UsersService) Get(ctx context.Context, user string) (*User, *Response,
 
 // GetByID fetches a user.
 //
-// Note: GetByID uses the undocumented GitHub API endpoint /user/:id.
+// GitHub API docs: https://docs.github.com/rest/users/users#get-a-user-using-their-id
+//
+//meta:operation GET /user/{account_id}
 func (s *UsersService) GetByID(ctx context.Context, id int64) (*User, *Response, error) {
 	u := fmt.Sprintf("user/%d", id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -123,7 +136,9 @@ func (s *UsersService) GetByID(ctx context.Context, id int64) (*User, *Response,
 
 // Edit the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/users#update-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/users#update-the-authenticated-user
+//
+//meta:operation PATCH /user
 func (s *UsersService) Edit(ctx context.Context, user *User) (*User, *Response, error) {
 	u := "user"
 	req, err := s.client.NewRequest("PATCH", u, user)
@@ -165,7 +180,9 @@ type UserContext struct {
 // GetHovercard fetches contextual information about user. It requires authentication
 // via Basic Auth or via OAuth with the repo scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/users#get-contextual-information-for-a-user
+// GitHub API docs: https://docs.github.com/rest/users/users#get-contextual-information-for-a-user
+//
+//meta:operation GET /users/{username}/hovercard
 func (s *UsersService) GetHovercard(ctx context.Context, user string, opts *HovercardOptions) (*Hovercard, *Response, error) {
 	u := fmt.Sprintf("users/%v/hovercard", user)
 	u, err := addOptions(u, opts)
@@ -203,7 +220,9 @@ type UserListOptions struct {
 //
 // To paginate through all users, populate 'Since' with the ID of the last user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/users#list-users
+// GitHub API docs: https://docs.github.com/rest/users/users#list-users
+//
+//meta:operation GET /users
 func (s *UsersService) ListAll(ctx context.Context, opts *UserListOptions) ([]*User, *Response, error) {
 	u, err := addOptions("users", opts)
 	if err != nil {
@@ -227,7 +246,9 @@ func (s *UsersService) ListAll(ctx context.Context, opts *UserListOptions) ([]*U
 // ListInvitations lists all currently-open repository invitations for the
 // authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/invitations#list-repository-invitations-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/collaborators/invitations#list-repository-invitations-for-the-authenticated-user
+//
+//meta:operation GET /user/repository_invitations
 func (s *UsersService) ListInvitations(ctx context.Context, opts *ListOptions) ([]*RepositoryInvitation, *Response, error) {
 	u, err := addOptions("user/repository_invitations", opts)
 	if err != nil {
@@ -251,7 +272,9 @@ func (s *UsersService) ListInvitations(ctx context.Context, opts *ListOptions) (
 // AcceptInvitation accepts the currently-open repository invitation for the
 // authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/invitations#accept-a-repository-invitation
+// GitHub API docs: https://docs.github.com/rest/collaborators/invitations#accept-a-repository-invitation
+//
+//meta:operation PATCH /user/repository_invitations/{invitation_id}
 func (s *UsersService) AcceptInvitation(ctx context.Context, invitationID int64) (*Response, error) {
 	u := fmt.Sprintf("user/repository_invitations/%v", invitationID)
 	req, err := s.client.NewRequest("PATCH", u, nil)
@@ -265,7 +288,9 @@ func (s *UsersService) AcceptInvitation(ctx context.Context, invitationID int64)
 // DeclineInvitation declines the currently-open repository invitation for the
 // authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/collaborators/invitations#decline-a-repository-invitation
+// GitHub API docs: https://docs.github.com/rest/collaborators/invitations#decline-a-repository-invitation
+//
+//meta:operation DELETE /user/repository_invitations/{invitation_id}
 func (s *UsersService) DeclineInvitation(ctx context.Context, invitationID int64) (*Response, error) {
 	u := fmt.Sprintf("user/repository_invitations/%v", invitationID)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/users_administration.go b/vendor/github.com/google/go-github/v72/github/users_administration.go
similarity index 71%
rename from vendor/github.com/google/go-github/v55/github/users_administration.go
rename to vendor/github.com/google/go-github/v72/github/users_administration.go
index aef947ec45..67fef61faa 100644
--- a/vendor/github.com/google/go-github/v55/github/users_administration.go
+++ b/vendor/github.com/google/go-github/v72/github/users_administration.go
@@ -12,7 +12,9 @@ import (
 
 // PromoteSiteAdmin promotes a user to a site administrator of a GitHub Enterprise instance.
 //
-// GitHub API docs: https://developer.github.com/enterprise/v3/enterprise-admin/users/#promote-an-ordinary-user-to-a-site-administrator
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/users#promote-a-user-to-be-a-site-administrator
+//
+//meta:operation PUT /users/{username}/site_admin
 func (s *UsersService) PromoteSiteAdmin(ctx context.Context, user string) (*Response, error) {
 	u := fmt.Sprintf("users/%v/site_admin", user)
 
@@ -26,7 +28,9 @@ func (s *UsersService) PromoteSiteAdmin(ctx context.Context, user string) (*Resp
 
 // DemoteSiteAdmin demotes a user from site administrator of a GitHub Enterprise instance.
 //
-// GitHub API docs: https://developer.github.com/enterprise/v3/enterprise-admin/users/#demote-a-site-administrator-to-an-ordinary-user
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/users#demote-a-site-administrator
+//
+//meta:operation DELETE /users/{username}/site_admin
 func (s *UsersService) DemoteSiteAdmin(ctx context.Context, user string) (*Response, error) {
 	u := fmt.Sprintf("users/%v/site_admin", user)
 
@@ -45,7 +49,9 @@ type UserSuspendOptions struct {
 
 // Suspend a user on a GitHub Enterprise instance.
 //
-// GitHub API docs: https://developer.github.com/enterprise/v3/enterprise-admin/users/#suspend-a-user
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/users#suspend-a-user
+//
+//meta:operation PUT /users/{username}/suspended
 func (s *UsersService) Suspend(ctx context.Context, user string, opts *UserSuspendOptions) (*Response, error) {
 	u := fmt.Sprintf("users/%v/suspended", user)
 
@@ -59,7 +65,9 @@ func (s *UsersService) Suspend(ctx context.Context, user string, opts *UserSuspe
 
 // Unsuspend a user on a GitHub Enterprise instance.
 //
-// GitHub API docs: https://developer.github.com/enterprise/v3/enterprise-admin/users/#unsuspend-a-user
+// GitHub API docs: https://docs.github.com/enterprise-server@3.16/rest/enterprise-admin/users#unsuspend-a-user
+//
+//meta:operation DELETE /users/{username}/suspended
 func (s *UsersService) Unsuspend(ctx context.Context, user string) (*Response, error) {
 	u := fmt.Sprintf("users/%v/suspended", user)
 
diff --git a/vendor/github.com/google/go-github/v72/github/users_attestations.go b/vendor/github.com/google/go-github/v72/github/users_attestations.go
new file mode 100644
index 0000000000..18f60298d8
--- /dev/null
+++ b/vendor/github.com/google/go-github/v72/github/users_attestations.go
@@ -0,0 +1,40 @@
+// Copyright 2024 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+)
+
+// ListAttestations returns a collection of artifact attestations
+// with a given subject digest that are associated with repositories
+// owned by a user.
+//
+// GitHub API docs: https://docs.github.com/rest/users/attestations#list-attestations
+//
+//meta:operation GET /users/{username}/attestations/{subject_digest}
+func (s *UsersService) ListAttestations(ctx context.Context, user, subjectDigest string, opts *ListOptions) (*AttestationsResponse, *Response, error) {
+	var u = fmt.Sprintf("users/%v/attestations/%v", user, subjectDigest)
+
+	u, err := addOptions(u, opts)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var attestations *AttestationsResponse
+	res, err := s.client.Do(ctx, req, &attestations)
+	if err != nil {
+		return nil, res, err
+	}
+
+	return attestations, res, nil
+}
diff --git a/vendor/github.com/google/go-github/v55/github/users_blocking.go b/vendor/github.com/google/go-github/v72/github/users_blocking.go
similarity index 80%
rename from vendor/github.com/google/go-github/v55/github/users_blocking.go
rename to vendor/github.com/google/go-github/v72/github/users_blocking.go
index 3d38d94789..3f2af38f6c 100644
--- a/vendor/github.com/google/go-github/v55/github/users_blocking.go
+++ b/vendor/github.com/google/go-github/v72/github/users_blocking.go
@@ -12,7 +12,9 @@ import (
 
 // ListBlockedUsers lists all the blocked users by the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/blocking#list-users-blocked-by-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/blocking#list-users-blocked-by-the-authenticated-user
+//
+//meta:operation GET /user/blocks
 func (s *UsersService) ListBlockedUsers(ctx context.Context, opts *ListOptions) ([]*User, *Response, error) {
 	u := "user/blocks"
 	u, err := addOptions(u, opts)
@@ -39,7 +41,9 @@ func (s *UsersService) ListBlockedUsers(ctx context.Context, opts *ListOptions)
 
 // IsBlocked reports whether specified user is blocked by the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/blocking#check-if-a-user-is-blocked-by-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/blocking#check-if-a-user-is-blocked-by-the-authenticated-user
+//
+//meta:operation GET /user/blocks/{username}
 func (s *UsersService) IsBlocked(ctx context.Context, user string) (bool, *Response, error) {
 	u := fmt.Sprintf("user/blocks/%v", user)
 
@@ -58,7 +62,9 @@ func (s *UsersService) IsBlocked(ctx context.Context, user string) (bool, *Respo
 
 // BlockUser blocks specified user for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/blocking#block-a-user
+// GitHub API docs: https://docs.github.com/rest/users/blocking#block-a-user
+//
+//meta:operation PUT /user/blocks/{username}
 func (s *UsersService) BlockUser(ctx context.Context, user string) (*Response, error) {
 	u := fmt.Sprintf("user/blocks/%v", user)
 
@@ -75,7 +81,9 @@ func (s *UsersService) BlockUser(ctx context.Context, user string) (*Response, e
 
 // UnblockUser unblocks specified user for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/blocking#unblock-a-user
+// GitHub API docs: https://docs.github.com/rest/users/blocking#unblock-a-user
+//
+//meta:operation DELETE /user/blocks/{username}
 func (s *UsersService) UnblockUser(ctx context.Context, user string) (*Response, error) {
 	u := fmt.Sprintf("user/blocks/%v", user)
 
diff --git a/vendor/github.com/google/go-github/v55/github/users_emails.go b/vendor/github.com/google/go-github/v72/github/users_emails.go
similarity index 73%
rename from vendor/github.com/google/go-github/v55/github/users_emails.go
rename to vendor/github.com/google/go-github/v72/github/users_emails.go
index 67bd210e8d..3d0e1bfaaf 100644
--- a/vendor/github.com/google/go-github/v55/github/users_emails.go
+++ b/vendor/github.com/google/go-github/v72/github/users_emails.go
@@ -7,7 +7,7 @@ package github
 
 import "context"
 
-// UserEmail represents user's email address
+// UserEmail represents user's email address.
 type UserEmail struct {
 	Email      *string `json:"email,omitempty"`
 	Primary    *bool   `json:"primary,omitempty"`
@@ -17,7 +17,9 @@ type UserEmail struct {
 
 // ListEmails lists all email addresses for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/emails#list-email-addresses-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/emails#list-email-addresses-for-the-authenticated-user
+//
+//meta:operation GET /user/emails
 func (s *UsersService) ListEmails(ctx context.Context, opts *ListOptions) ([]*UserEmail, *Response, error) {
 	u := "user/emails"
 	u, err := addOptions(u, opts)
@@ -41,7 +43,9 @@ func (s *UsersService) ListEmails(ctx context.Context, opts *ListOptions) ([]*Us
 
 // AddEmails adds email addresses of the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/emails#add-an-email-address-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/emails#add-an-email-address-for-the-authenticated-user
+//
+//meta:operation POST /user/emails
 func (s *UsersService) AddEmails(ctx context.Context, emails []string) ([]*UserEmail, *Response, error) {
 	u := "user/emails"
 	req, err := s.client.NewRequest("POST", u, emails)
@@ -60,7 +64,9 @@ func (s *UsersService) AddEmails(ctx context.Context, emails []string) ([]*UserE
 
 // DeleteEmails deletes email addresses from authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/emails#delete-an-email-address-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/emails#delete-an-email-address-for-the-authenticated-user
+//
+//meta:operation DELETE /user/emails
 func (s *UsersService) DeleteEmails(ctx context.Context, emails []string) (*Response, error) {
 	u := "user/emails"
 	req, err := s.client.NewRequest("DELETE", u, emails)
@@ -74,15 +80,17 @@ func (s *UsersService) DeleteEmails(ctx context.Context, emails []string) (*Resp
 // SetEmailVisibility sets the visibility for the primary email address of the authenticated user.
 // `visibility` can be "private" or "public".
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/emails#set-primary-email-visibility-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/emails#set-primary-email-visibility-for-the-authenticated-user
+//
+//meta:operation PATCH /user/email/visibility
 func (s *UsersService) SetEmailVisibility(ctx context.Context, visibility string) ([]*UserEmail, *Response, error) {
 	u := "user/email/visibility"
 
-	updateVisiblilityReq := &UserEmail{
+	updateVisibilityReq := &UserEmail{
 		Visibility: &visibility,
 	}
 
-	req, err := s.client.NewRequest("PATCH", u, updateVisiblilityReq)
+	req, err := s.client.NewRequest("PATCH", u, updateVisibilityReq)
 	if err != nil {
 		return nil, nil, err
 	}
diff --git a/vendor/github.com/google/go-github/v55/github/users_followers.go b/vendor/github.com/google/go-github/v72/github/users_followers.go
similarity index 70%
rename from vendor/github.com/google/go-github/v55/github/users_followers.go
rename to vendor/github.com/google/go-github/v72/github/users_followers.go
index 1266e0e9ee..ec6f531eaa 100644
--- a/vendor/github.com/google/go-github/v55/github/users_followers.go
+++ b/vendor/github.com/google/go-github/v72/github/users_followers.go
@@ -13,8 +13,11 @@ import (
 // ListFollowers lists the followers for a user. Passing the empty string will
 // fetch followers for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/followers#list-followers-of-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/users/followers#list-followers-of-a-user
+// GitHub API docs: https://docs.github.com/rest/users/followers#list-followers-of-a-user
+// GitHub API docs: https://docs.github.com/rest/users/followers#list-followers-of-the-authenticated-user
+//
+//meta:operation GET /user/followers
+//meta:operation GET /users/{username}/followers
 func (s *UsersService) ListFollowers(ctx context.Context, user string, opts *ListOptions) ([]*User, *Response, error) {
 	var u string
 	if user != "" {
@@ -44,8 +47,11 @@ func (s *UsersService) ListFollowers(ctx context.Context, user string, opts *Lis
 // ListFollowing lists the people that a user is following. Passing the empty
 // string will list people the authenticated user is following.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/followers#list-the-people-the-authenticated-user-follows
-// GitHub API docs: https://docs.github.com/en/rest/users/followers#list-the-people-a-user-follows
+// GitHub API docs: https://docs.github.com/rest/users/followers#list-the-people-a-user-follows
+// GitHub API docs: https://docs.github.com/rest/users/followers#list-the-people-the-authenticated-user-follows
+//
+//meta:operation GET /user/following
+//meta:operation GET /users/{username}/following
 func (s *UsersService) ListFollowing(ctx context.Context, user string, opts *ListOptions) ([]*User, *Response, error) {
 	var u string
 	if user != "" {
@@ -75,8 +81,11 @@ func (s *UsersService) ListFollowing(ctx context.Context, user string, opts *Lis
 // IsFollowing checks if "user" is following "target". Passing the empty
 // string for "user" will check if the authenticated user is following "target".
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/followers#check-if-a-person-is-followed-by-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/users/followers#check-if-a-user-follows-another-user
+// GitHub API docs: https://docs.github.com/rest/users/followers#check-if-a-person-is-followed-by-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/followers#check-if-a-user-follows-another-user
+//
+//meta:operation GET /user/following/{username}
+//meta:operation GET /users/{username}/following/{target_user}
 func (s *UsersService) IsFollowing(ctx context.Context, user, target string) (bool, *Response, error) {
 	var u string
 	if user != "" {
@@ -97,7 +106,9 @@ func (s *UsersService) IsFollowing(ctx context.Context, user, target string) (bo
 
 // Follow will cause the authenticated user to follow the specified user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/followers#follow-a-user
+// GitHub API docs: https://docs.github.com/rest/users/followers#follow-a-user
+//
+//meta:operation PUT /user/following/{username}
 func (s *UsersService) Follow(ctx context.Context, user string) (*Response, error) {
 	u := fmt.Sprintf("user/following/%v", user)
 	req, err := s.client.NewRequest("PUT", u, nil)
@@ -110,7 +121,9 @@ func (s *UsersService) Follow(ctx context.Context, user string) (*Response, erro
 
 // Unfollow will cause the authenticated user to unfollow the specified user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/followers#unfollow-a-user
+// GitHub API docs: https://docs.github.com/rest/users/followers#unfollow-a-user
+//
+//meta:operation DELETE /user/following/{username}
 func (s *UsersService) Unfollow(ctx context.Context, user string) (*Response, error) {
 	u := fmt.Sprintf("user/following/%v", user)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/users_gpg_keys.go b/vendor/github.com/google/go-github/v72/github/users_gpg_keys.go
similarity index 81%
rename from vendor/github.com/google/go-github/v55/github/users_gpg_keys.go
rename to vendor/github.com/google/go-github/v72/github/users_gpg_keys.go
index 54189b8307..2f296a1ef6 100644
--- a/vendor/github.com/google/go-github/v55/github/users_gpg_keys.go
+++ b/vendor/github.com/google/go-github/v72/github/users_gpg_keys.go
@@ -44,8 +44,11 @@ type GPGEmail struct {
 // string will fetch keys for the authenticated user. It requires authentication
 // via Basic Auth or via OAuth with at least read:gpg_key scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/gpg-keys#list-gpg-keys-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/users/gpg-keys#list-gpg-keys-for-a-user
+// GitHub API docs: https://docs.github.com/rest/users/gpg-keys#list-gpg-keys-for-a-user
+// GitHub API docs: https://docs.github.com/rest/users/gpg-keys#list-gpg-keys-for-the-authenticated-user
+//
+//meta:operation GET /user/gpg_keys
+//meta:operation GET /users/{username}/gpg_keys
 func (s *UsersService) ListGPGKeys(ctx context.Context, user string, opts *ListOptions) ([]*GPGKey, *Response, error) {
 	var u string
 	if user != "" {
@@ -75,7 +78,9 @@ func (s *UsersService) ListGPGKeys(ctx context.Context, user string, opts *ListO
 // GetGPGKey gets extended details for a single GPG key. It requires authentication
 // via Basic Auth or via OAuth with at least read:gpg_key scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/gpg-keys#get-a-gpg-key-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/gpg-keys#get-a-gpg-key-for-the-authenticated-user
+//
+//meta:operation GET /user/gpg_keys/{gpg_key_id}
 func (s *UsersService) GetGPGKey(ctx context.Context, id int64) (*GPGKey, *Response, error) {
 	u := fmt.Sprintf("user/gpg_keys/%v", id)
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -92,10 +97,12 @@ func (s *UsersService) GetGPGKey(ctx context.Context, id int64) (*GPGKey, *Respo
 	return key, resp, nil
 }
 
-// CreateGPGKey creates a GPG key. It requires authenticatation via Basic Auth
+// CreateGPGKey creates a GPG key. It requires authentication via Basic Auth
 // or OAuth with at least write:gpg_key scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/gpg-keys#create-a-gpg-key
+// GitHub API docs: https://docs.github.com/rest/users/gpg-keys#create-a-gpg-key-for-the-authenticated-user
+//
+//meta:operation POST /user/gpg_keys
 func (s *UsersService) CreateGPGKey(ctx context.Context, armoredPublicKey string) (*GPGKey, *Response, error) {
 	gpgKey := &struct {
 		ArmoredPublicKey string `json:"armored_public_key"`
@@ -117,7 +124,9 @@ func (s *UsersService) CreateGPGKey(ctx context.Context, armoredPublicKey string
 // DeleteGPGKey deletes a GPG key. It requires authentication via Basic Auth or
 // via OAuth with at least admin:gpg_key scope.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/gpg-keys#delete-a-gpg-key-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/gpg-keys#delete-a-gpg-key-for-the-authenticated-user
+//
+//meta:operation DELETE /user/gpg_keys/{gpg_key_id}
 func (s *UsersService) DeleteGPGKey(ctx context.Context, id int64) (*Response, error) {
 	u := fmt.Sprintf("user/gpg_keys/%v", id)
 	req, err := s.client.NewRequest("DELETE", u, nil)
diff --git a/vendor/github.com/google/go-github/v55/github/users_keys.go b/vendor/github.com/google/go-github/v72/github/users_keys.go
similarity index 77%
rename from vendor/github.com/google/go-github/v55/github/users_keys.go
rename to vendor/github.com/google/go-github/v72/github/users_keys.go
index b49b8e4b4e..4d42986ed2 100644
--- a/vendor/github.com/google/go-github/v55/github/users_keys.go
+++ b/vendor/github.com/google/go-github/v72/github/users_keys.go
@@ -30,8 +30,11 @@ func (k Key) String() string {
 // ListKeys lists the verified public keys for a user. Passing the empty
 // string will fetch keys for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/keys#list-public-ssh-keys-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/users/keys#list-public-keys-for-a-user
+// GitHub API docs: https://docs.github.com/rest/users/keys#list-public-keys-for-a-user
+// GitHub API docs: https://docs.github.com/rest/users/keys#list-public-ssh-keys-for-the-authenticated-user
+//
+//meta:operation GET /user/keys
+//meta:operation GET /users/{username}/keys
 func (s *UsersService) ListKeys(ctx context.Context, user string, opts *ListOptions) ([]*Key, *Response, error) {
 	var u string
 	if user != "" {
@@ -60,7 +63,9 @@ func (s *UsersService) ListKeys(ctx context.Context, user string, opts *ListOpti
 
 // GetKey fetches a single public key.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/keys#get-a-public-ssh-key-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/keys#get-a-public-ssh-key-for-the-authenticated-user
+//
+//meta:operation GET /user/keys/{key_id}
 func (s *UsersService) GetKey(ctx context.Context, id int64) (*Key, *Response, error) {
 	u := fmt.Sprintf("user/keys/%v", id)
 
@@ -80,7 +85,9 @@ func (s *UsersService) GetKey(ctx context.Context, id int64) (*Key, *Response, e
 
 // CreateKey adds a public key for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/keys#create-a-public-ssh-key-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/keys#create-a-public-ssh-key-for-the-authenticated-user
+//
+//meta:operation POST /user/keys
 func (s *UsersService) CreateKey(ctx context.Context, key *Key) (*Key, *Response, error) {
 	u := "user/keys"
 
@@ -100,7 +107,9 @@ func (s *UsersService) CreateKey(ctx context.Context, key *Key) (*Key, *Response
 
 // DeleteKey deletes a public key.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/keys#delete-a-public-ssh-key-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/keys#delete-a-public-ssh-key-for-the-authenticated-user
+//
+//meta:operation DELETE /user/keys/{key_id}
 func (s *UsersService) DeleteKey(ctx context.Context, id int64) (*Response, error) {
 	u := fmt.Sprintf("user/keys/%v", id)
 
diff --git a/vendor/github.com/google/go-github/v55/github/users_packages.go b/vendor/github.com/google/go-github/v72/github/users_packages.go
similarity index 55%
rename from vendor/github.com/google/go-github/v55/github/users_packages.go
rename to vendor/github.com/google/go-github/v72/github/users_packages.go
index da04919ecc..b813dd9d14 100644
--- a/vendor/github.com/google/go-github/v55/github/users_packages.go
+++ b/vendor/github.com/google/go-github/v72/github/users_packages.go
@@ -8,13 +8,17 @@ package github
 import (
 	"context"
 	"fmt"
+	"net/url"
 )
 
-// List the packages for a user. Passing the empty string for "user" will
+// ListPackages lists the packages for a user. Passing the empty string for "user" will
 // list packages for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#list-packages-for-the-authenticated-users-namespace
-// GitHub API docs: https://docs.github.com/en/rest/packages#list-packages-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#list-packages-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#list-packages-for-the-authenticated-users-namespace
+//
+//meta:operation GET /user/packages
+//meta:operation GET /users/{username}/packages
 func (s *UsersService) ListPackages(ctx context.Context, user string, opts *PackageListOptions) ([]*Package, *Response, error) {
 	var u string
 	if user != "" {
@@ -41,17 +45,20 @@ func (s *UsersService) ListPackages(ctx context.Context, user string, opts *Pack
 	return packages, resp, nil
 }
 
-// Get a package by name for a user. Passing the empty string for "user" will
+// GetPackage gets a package by name for a user. Passing the empty string for "user" will
 // get the package for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#get-a-package-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/packages#get-a-package-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#get-a-package-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#get-a-package-for-the-authenticated-user
+//
+//meta:operation GET /user/packages/{package_type}/{package_name}
+//meta:operation GET /users/{username}/packages/{package_type}/{package_name}
 func (s *UsersService) GetPackage(ctx context.Context, user, packageType, packageName string) (*Package, *Response, error) {
 	var u string
 	if user != "" {
-		u = fmt.Sprintf("users/%v/packages/%v/%v", user, packageType, packageName)
+		u = fmt.Sprintf("users/%v/packages/%v/%v", user, packageType, url.PathEscape(packageName))
 	} else {
-		u = fmt.Sprintf("user/packages/%v/%v", packageType, packageName)
+		u = fmt.Sprintf("user/packages/%v/%v", packageType, url.PathEscape(packageName))
 	}
 
 	req, err := s.client.NewRequest("GET", u, nil)
@@ -68,11 +75,14 @@ func (s *UsersService) GetPackage(ctx context.Context, user, packageType, packag
 	return pack, resp, nil
 }
 
-// Delete a package from a user. Passing the empty string for "user" will
+// DeletePackage deletes a package from a user. Passing the empty string for "user" will
 // delete the package for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#delete-a-package-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/packages#delete-a-package-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#delete-a-package-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#delete-a-package-for-the-authenticated-user
+//
+//meta:operation DELETE /user/packages/{package_type}/{package_name}
+//meta:operation DELETE /users/{username}/packages/{package_type}/{package_name}
 func (s *UsersService) DeletePackage(ctx context.Context, user, packageType, packageName string) (*Response, error) {
 	var u string
 	if user != "" {
@@ -89,11 +99,14 @@ func (s *UsersService) DeletePackage(ctx context.Context, user, packageType, pac
 	return s.client.Do(ctx, req, nil)
 }
 
-// Restore a package to a user. Passing the empty string for "user" will
+// RestorePackage restores a package to a user. Passing the empty string for "user" will
 // restore the package for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#restore-a-package-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/packages#restore-a-package-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#restore-a-package-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#restore-a-package-for-the-authenticated-user
+//
+//meta:operation POST /user/packages/{package_type}/{package_name}/restore
+//meta:operation POST /users/{username}/packages/{package_type}/{package_name}/restore
 func (s *UsersService) RestorePackage(ctx context.Context, user, packageType, packageName string) (*Response, error) {
 	var u string
 	if user != "" {
@@ -110,11 +123,14 @@ func (s *UsersService) RestorePackage(ctx context.Context, user, packageType, pa
 	return s.client.Do(ctx, req, nil)
 }
 
-// Get all versions of a package for a user. Passing the empty string for "user" will
+// PackageGetAllVersions gets all versions of a package for a user. Passing the empty string for "user" will
 // get versions for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#get-all-package-versions-for-a-package-owned-by-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/packages#get-all-package-versions-for-a-package-owned-by-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#list-package-versions-for-a-package-owned-by-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#list-package-versions-for-a-package-owned-by-the-authenticated-user
+//
+//meta:operation GET /user/packages/{package_type}/{package_name}/versions
+//meta:operation GET /users/{username}/packages/{package_type}/{package_name}/versions
 func (s *UsersService) PackageGetAllVersions(ctx context.Context, user, packageType, packageName string, opts *PackageListOptions) ([]*PackageVersion, *Response, error) {
 	var u string
 	if user != "" {
@@ -141,11 +157,14 @@ func (s *UsersService) PackageGetAllVersions(ctx context.Context, user, packageT
 	return versions, resp, nil
 }
 
-// Get a specific version of a package for a user. Passing the empty string for "user" will
+// PackageGetVersion gets a specific version of a package for a user. Passing the empty string for "user" will
 // get the version for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#get-a-package-version-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/packages#get-a-package-version-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#get-a-package-version-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#get-a-package-version-for-the-authenticated-user
+//
+//meta:operation GET /user/packages/{package_type}/{package_name}/versions/{package_version_id}
+//meta:operation GET /users/{username}/packages/{package_type}/{package_name}/versions/{package_version_id}
 func (s *UsersService) PackageGetVersion(ctx context.Context, user, packageType, packageName string, packageVersionID int64) (*PackageVersion, *Response, error) {
 	var u string
 	if user != "" {
@@ -168,11 +187,14 @@ func (s *UsersService) PackageGetVersion(ctx context.Context, user, packageType,
 	return version, resp, nil
 }
 
-// Delete a package version for a user. Passing the empty string for "user" will
+// PackageDeleteVersion deletes a package version for a user. Passing the empty string for "user" will
 // delete the version for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#delete-a-package-version-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/packages#delete-package-version-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#delete-a-package-version-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#delete-package-version-for-a-user
+//
+//meta:operation DELETE /user/packages/{package_type}/{package_name}/versions/{package_version_id}
+//meta:operation DELETE /users/{username}/packages/{package_type}/{package_name}/versions/{package_version_id}
 func (s *UsersService) PackageDeleteVersion(ctx context.Context, user, packageType, packageName string, packageVersionID int64) (*Response, error) {
 	var u string
 	if user != "" {
@@ -189,11 +211,14 @@ func (s *UsersService) PackageDeleteVersion(ctx context.Context, user, packageTy
 	return s.client.Do(ctx, req, nil)
 }
 
-// Restore a package version to a user. Passing the empty string for "user" will
+// PackageRestoreVersion restores a package version to a user. Passing the empty string for "user" will
 // restore the version for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/packages#restore-a-package-version-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/packages#restore-package-version-for-a-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#restore-a-package-version-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/packages/packages#restore-package-version-for-a-user
+//
+//meta:operation POST /user/packages/{package_type}/{package_name}/versions/{package_version_id}/restore
+//meta:operation POST /users/{username}/packages/{package_type}/{package_name}/versions/{package_version_id}/restore
 func (s *UsersService) PackageRestoreVersion(ctx context.Context, user, packageType, packageName string, packageVersionID int64) (*Response, error) {
 	var u string
 	if user != "" {
diff --git a/vendor/github.com/google/go-github/v55/github/users_ssh_signing_keys.go b/vendor/github.com/google/go-github/v72/github/users_ssh_signing_keys.go
similarity index 72%
rename from vendor/github.com/google/go-github/v55/github/users_ssh_signing_keys.go
rename to vendor/github.com/google/go-github/v72/github/users_ssh_signing_keys.go
index 567623f887..fcc930be62 100644
--- a/vendor/github.com/google/go-github/v55/github/users_ssh_signing_keys.go
+++ b/vendor/github.com/google/go-github/v72/github/users_ssh_signing_keys.go
@@ -25,8 +25,11 @@ func (k SSHSigningKey) String() string {
 // ListSSHSigningKeys lists the SSH signing keys for a user. Passing an empty
 // username string will fetch SSH signing keys for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/ssh-signing-keys#list-ssh-signing-keys-for-the-authenticated-user
-// GitHub API docs: https://docs.github.com/en/rest/users/ssh-signing-keys#list-ssh-signing-keys-for-a-user
+// GitHub API docs: https://docs.github.com/rest/users/ssh-signing-keys#list-ssh-signing-keys-for-a-user
+// GitHub API docs: https://docs.github.com/rest/users/ssh-signing-keys#list-ssh-signing-keys-for-the-authenticated-user
+//
+//meta:operation GET /user/ssh_signing_keys
+//meta:operation GET /users/{username}/ssh_signing_keys
 func (s *UsersService) ListSSHSigningKeys(ctx context.Context, user string, opts *ListOptions) ([]*SSHSigningKey, *Response, error) {
 	var u string
 	if user != "" {
@@ -55,7 +58,9 @@ func (s *UsersService) ListSSHSigningKeys(ctx context.Context, user string, opts
 
 // GetSSHSigningKey fetches a single SSH signing key for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/ssh-signing-keys#get-an-ssh-signing-key-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/ssh-signing-keys#get-an-ssh-signing-key-for-the-authenticated-user
+//
+//meta:operation GET /user/ssh_signing_keys/{ssh_signing_key_id}
 func (s *UsersService) GetSSHSigningKey(ctx context.Context, id int64) (*SSHSigningKey, *Response, error) {
 	u := fmt.Sprintf("user/ssh_signing_keys/%v", id)
 
@@ -75,7 +80,9 @@ func (s *UsersService) GetSSHSigningKey(ctx context.Context, id int64) (*SSHSign
 
 // CreateSSHSigningKey adds a SSH signing key for the authenticated user.
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/ssh-signing-keys#create-a-ssh-signing-key-for-the-authenticated-user
+// GitHub API docs: https://docs.github.com/rest/users/ssh-signing-keys#create-a-ssh-signing-key-for-the-authenticated-user
+//
+//meta:operation POST /user/ssh_signing_keys
 func (s *UsersService) CreateSSHSigningKey(ctx context.Context, key *Key) (*SSHSigningKey, *Response, error) {
 	u := "user/ssh_signing_keys"
 
@@ -93,9 +100,11 @@ func (s *UsersService) CreateSSHSigningKey(ctx context.Context, key *Key) (*SSHS
 	return k, resp, nil
 }
 
-// DeleteKey deletes a SSH signing key for the authenticated user.
+// DeleteSSHSigningKey deletes a SSH signing key for the authenticated user.
+//
+// GitHub API docs: https://docs.github.com/rest/users/ssh-signing-keys#delete-an-ssh-signing-key-for-the-authenticated-user
 //
-// GitHub API docs: https://docs.github.com/en/rest/users/ssh-signing-keys#delete-an-ssh-signing-key-for-the-authenticated-user
+//meta:operation DELETE /user/ssh_signing_keys/{ssh_signing_key_id}
 func (s *UsersService) DeleteSSHSigningKey(ctx context.Context, id int64) (*Response, error) {
 	u := fmt.Sprintf("user/ssh_signing_keys/%v", id)
 
diff --git a/vendor/github.com/google/go-github/v55/github/with_appengine.go b/vendor/github.com/google/go-github/v72/github/with_appengine.go
similarity index 95%
rename from vendor/github.com/google/go-github/v55/github/with_appengine.go
rename to vendor/github.com/google/go-github/v72/github/with_appengine.go
index 9053ce1059..9bb95b8c89 100644
--- a/vendor/github.com/google/go-github/v55/github/with_appengine.go
+++ b/vendor/github.com/google/go-github/v72/github/with_appengine.go
@@ -4,7 +4,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build appengine
-// +build appengine
 
 // This file provides glue for making github work on App Engine.
 
diff --git a/vendor/github.com/google/go-github/v55/github/without_appengine.go b/vendor/github.com/google/go-github/v72/github/without_appengine.go
similarity index 95%
rename from vendor/github.com/google/go-github/v55/github/without_appengine.go
rename to vendor/github.com/google/go-github/v72/github/without_appengine.go
index 0024ae4157..bfdb18ecbb 100644
--- a/vendor/github.com/google/go-github/v55/github/without_appengine.go
+++ b/vendor/github.com/google/go-github/v72/github/without_appengine.go
@@ -4,7 +4,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !appengine
-// +build !appengine
 
 // This file provides glue for making github work without App Engine.
 
diff --git a/vendor/github.com/google/gofuzz/.travis.yml b/vendor/github.com/google/gofuzz/.travis.yml
deleted file mode 100644
index 061d72ae07..0000000000
--- a/vendor/github.com/google/gofuzz/.travis.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-language: go
-
-go:
-  - 1.11.x
-  - 1.12.x
-  - 1.13.x
-  - master
-
-script:
-  - go test -cover
diff --git a/vendor/github.com/google/gofuzz/CONTRIBUTING.md b/vendor/github.com/google/gofuzz/CONTRIBUTING.md
deleted file mode 100644
index 97c1b34fd5..0000000000
--- a/vendor/github.com/google/gofuzz/CONTRIBUTING.md
+++ /dev/null
@@ -1,67 +0,0 @@
-# How to contribute #
-
-We'd love to accept your patches and contributions to this project.  There are
-just a few small guidelines you need to follow.
-
-
-## Contributor License Agreement ##
-
-Contributions to any Google project must be accompanied by a Contributor
-License Agreement.  This is not a copyright **assignment**, it simply gives
-Google permission to use and redistribute your contributions as part of the
-project.
-
-  * If you are an individual writing original source code and you're sure you
-    own the intellectual property, then you'll need to sign an [individual
-    CLA][].
-
-  * If you work for a company that wants to allow you to contribute your work,
-    then you'll need to sign a [corporate CLA][].
-
-You generally only need to submit a CLA once, so if you've already submitted
-one (even if it was for a different project), you probably don't need to do it
-again.
-
-[individual CLA]: https://developers.google.com/open-source/cla/individual
-[corporate CLA]: https://developers.google.com/open-source/cla/corporate
-
-
-## Submitting a patch ##
-
-  1. It's generally best to start by opening a new issue describing the bug or
-     feature you're intending to fix.  Even if you think it's relatively minor,
-     it's helpful to know what people are working on.  Mention in the initial
-     issue that you are planning to work on that bug or feature so that it can
-     be assigned to you.
-
-  1. Follow the normal process of [forking][] the project, and setup a new
-     branch to work in.  It's important that each group of changes be done in
-     separate branches in order to ensure that a pull request only includes the
-     commits related to that bug or feature.
-
-  1. Go makes it very simple to ensure properly formatted code, so always run
-     `go fmt` on your code before committing it.  You should also run
-     [golint][] over your code.  As noted in the [golint readme][], it's not
-     strictly necessary that your code be completely "lint-free", but this will
-     help you find common style issues.
-
-  1. Any significant changes should almost always be accompanied by tests.  The
-     project already has good test coverage, so look at some of the existing
-     tests if you're unsure how to go about it.  [gocov][] and [gocov-html][]
-     are invaluable tools for seeing which parts of your code aren't being
-     exercised by your tests.
-
-  1. Do your best to have [well-formed commit messages][] for each change.
-     This provides consistency throughout the project, and ensures that commit
-     messages are able to be formatted properly by various git tools.
-
-  1. Finally, push the commits to your fork and submit a [pull request][].
-
-[forking]: https://help.github.com/articles/fork-a-repo
-[golint]: https://github.com/golang/lint
-[golint readme]: https://github.com/golang/lint/blob/master/README
-[gocov]: https://github.com/axw/gocov
-[gocov-html]: https://github.com/matm/gocov-html
-[well-formed commit messages]: http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
-[squash]: http://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits
-[pull request]: https://help.github.com/articles/creating-a-pull-request
diff --git a/vendor/github.com/google/gofuzz/fuzz.go b/vendor/github.com/google/gofuzz/fuzz.go
deleted file mode 100644
index 761520a8ce..0000000000
--- a/vendor/github.com/google/gofuzz/fuzz.go
+++ /dev/null
@@ -1,605 +0,0 @@
-/*
-Copyright 2014 Google Inc. All rights reserved.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package fuzz
-
-import (
-	"fmt"
-	"math/rand"
-	"reflect"
-	"regexp"
-	"time"
-
-	"github.com/google/gofuzz/bytesource"
-	"strings"
-)
-
-// fuzzFuncMap is a map from a type to a fuzzFunc that handles that type.
-type fuzzFuncMap map[reflect.Type]reflect.Value
-
-// Fuzzer knows how to fill any object with random fields.
-type Fuzzer struct {
-	fuzzFuncs         fuzzFuncMap
-	defaultFuzzFuncs  fuzzFuncMap
-	r                 *rand.Rand
-	nilChance         float64
-	minElements       int
-	maxElements       int
-	maxDepth          int
-	skipFieldPatterns []*regexp.Regexp
-}
-
-// New returns a new Fuzzer. Customize your Fuzzer further by calling Funcs,
-// RandSource, NilChance, or NumElements in any order.
-func New() *Fuzzer {
-	return NewWithSeed(time.Now().UnixNano())
-}
-
-func NewWithSeed(seed int64) *Fuzzer {
-	f := &Fuzzer{
-		defaultFuzzFuncs: fuzzFuncMap{
-			reflect.TypeOf(&time.Time{}): reflect.ValueOf(fuzzTime),
-		},
-
-		fuzzFuncs:   fuzzFuncMap{},
-		r:           rand.New(rand.NewSource(seed)),
-		nilChance:   .2,
-		minElements: 1,
-		maxElements: 10,
-		maxDepth:    100,
-	}
-	return f
-}
-
-// NewFromGoFuzz is a helper function that enables using gofuzz (this
-// project) with go-fuzz (https://github.com/dvyukov/go-fuzz) for continuous
-// fuzzing. Essentially, it enables translating the fuzzing bytes from
-// go-fuzz to any Go object using this library.
-//
-// This implementation promises a constant translation from a given slice of
-// bytes to the fuzzed objects. This promise will remain over future
-// versions of Go and of this library.
-//
-// Note: the returned Fuzzer should not be shared between multiple goroutines,
-// as its deterministic output will no longer be available.
-//
-// Example: use go-fuzz to test the function `MyFunc(int)` in the package
-// `mypackage`. Add the file: "mypacakge_fuzz.go" with the content:
-//
-// // +build gofuzz
-// package mypacakge
-// import fuzz "github.com/google/gofuzz"
-// func Fuzz(data []byte) int {
-// 	var i int
-// 	fuzz.NewFromGoFuzz(data).Fuzz(&i)
-// 	MyFunc(i)
-// 	return 0
-// }
-func NewFromGoFuzz(data []byte) *Fuzzer {
-	return New().RandSource(bytesource.New(data))
-}
-
-// Funcs adds each entry in fuzzFuncs as a custom fuzzing function.
-//
-// Each entry in fuzzFuncs must be a function taking two parameters.
-// The first parameter must be a pointer or map. It is the variable that
-// function will fill with random data. The second parameter must be a
-// fuzz.Continue, which will provide a source of randomness and a way
-// to automatically continue fuzzing smaller pieces of the first parameter.
-//
-// These functions are called sensibly, e.g., if you wanted custom string
-// fuzzing, the function `func(s *string, c fuzz.Continue)` would get
-// called and passed the address of strings. Maps and pointers will always
-// be made/new'd for you, ignoring the NilChange option. For slices, it
-// doesn't make much sense to  pre-create them--Fuzzer doesn't know how
-// long you want your slice--so take a pointer to a slice, and make it
-// yourself. (If you don't want your map/pointer type pre-made, take a
-// pointer to it, and make it yourself.) See the examples for a range of
-// custom functions.
-func (f *Fuzzer) Funcs(fuzzFuncs ...interface{}) *Fuzzer {
-	for i := range fuzzFuncs {
-		v := reflect.ValueOf(fuzzFuncs[i])
-		if v.Kind() != reflect.Func {
-			panic("Need only funcs!")
-		}
-		t := v.Type()
-		if t.NumIn() != 2 || t.NumOut() != 0 {
-			panic("Need 2 in and 0 out params!")
-		}
-		argT := t.In(0)
-		switch argT.Kind() {
-		case reflect.Ptr, reflect.Map:
-		default:
-			panic("fuzzFunc must take pointer or map type")
-		}
-		if t.In(1) != reflect.TypeOf(Continue{}) {
-			panic("fuzzFunc's second parameter must be type fuzz.Continue")
-		}
-		f.fuzzFuncs[argT] = v
-	}
-	return f
-}
-
-// RandSource causes f to get values from the given source of randomness.
-// Use if you want deterministic fuzzing.
-func (f *Fuzzer) RandSource(s rand.Source) *Fuzzer {
-	f.r = rand.New(s)
-	return f
-}
-
-// NilChance sets the probability of creating a nil pointer, map, or slice to
-// 'p'. 'p' should be between 0 (no nils) and 1 (all nils), inclusive.
-func (f *Fuzzer) NilChance(p float64) *Fuzzer {
-	if p < 0 || p > 1 {
-		panic("p should be between 0 and 1, inclusive.")
-	}
-	f.nilChance = p
-	return f
-}
-
-// NumElements sets the minimum and maximum number of elements that will be
-// added to a non-nil map or slice.
-func (f *Fuzzer) NumElements(atLeast, atMost int) *Fuzzer {
-	if atLeast > atMost {
-		panic("atLeast must be <= atMost")
-	}
-	if atLeast < 0 {
-		panic("atLeast must be >= 0")
-	}
-	f.minElements = atLeast
-	f.maxElements = atMost
-	return f
-}
-
-func (f *Fuzzer) genElementCount() int {
-	if f.minElements == f.maxElements {
-		return f.minElements
-	}
-	return f.minElements + f.r.Intn(f.maxElements-f.minElements+1)
-}
-
-func (f *Fuzzer) genShouldFill() bool {
-	return f.r.Float64() >= f.nilChance
-}
-
-// MaxDepth sets the maximum number of recursive fuzz calls that will be made
-// before stopping.  This includes struct members, pointers, and map and slice
-// elements.
-func (f *Fuzzer) MaxDepth(d int) *Fuzzer {
-	f.maxDepth = d
-	return f
-}
-
-// Skip fields which match the supplied pattern. Call this multiple times if needed
-// This is useful to skip XXX_ fields generated by protobuf
-func (f *Fuzzer) SkipFieldsWithPattern(pattern *regexp.Regexp) *Fuzzer {
-	f.skipFieldPatterns = append(f.skipFieldPatterns, pattern)
-	return f
-}
-
-// Fuzz recursively fills all of obj's fields with something random.  First
-// this tries to find a custom fuzz function (see Funcs).  If there is no
-// custom function this tests whether the object implements fuzz.Interface and,
-// if so, calls Fuzz on it to fuzz itself.  If that fails, this will see if
-// there is a default fuzz function provided by this package.  If all of that
-// fails, this will generate random values for all primitive fields and then
-// recurse for all non-primitives.
-//
-// This is safe for cyclic or tree-like structs, up to a limit.  Use the
-// MaxDepth method to adjust how deep you need it to recurse.
-//
-// obj must be a pointer. Only exported (public) fields can be set (thanks,
-// golang :/ ) Intended for tests, so will panic on bad input or unimplemented
-// fields.
-func (f *Fuzzer) Fuzz(obj interface{}) {
-	v := reflect.ValueOf(obj)
-	if v.Kind() != reflect.Ptr {
-		panic("needed ptr!")
-	}
-	v = v.Elem()
-	f.fuzzWithContext(v, 0)
-}
-
-// FuzzNoCustom is just like Fuzz, except that any custom fuzz function for
-// obj's type will not be called and obj will not be tested for fuzz.Interface
-// conformance.  This applies only to obj and not other instances of obj's
-// type.
-// Not safe for cyclic or tree-like structs!
-// obj must be a pointer. Only exported (public) fields can be set (thanks, golang :/ )
-// Intended for tests, so will panic on bad input or unimplemented fields.
-func (f *Fuzzer) FuzzNoCustom(obj interface{}) {
-	v := reflect.ValueOf(obj)
-	if v.Kind() != reflect.Ptr {
-		panic("needed ptr!")
-	}
-	v = v.Elem()
-	f.fuzzWithContext(v, flagNoCustomFuzz)
-}
-
-const (
-	// Do not try to find a custom fuzz function.  Does not apply recursively.
-	flagNoCustomFuzz uint64 = 1 << iota
-)
-
-func (f *Fuzzer) fuzzWithContext(v reflect.Value, flags uint64) {
-	fc := &fuzzerContext{fuzzer: f}
-	fc.doFuzz(v, flags)
-}
-
-// fuzzerContext carries context about a single fuzzing run, which lets Fuzzer
-// be thread-safe.
-type fuzzerContext struct {
-	fuzzer   *Fuzzer
-	curDepth int
-}
-
-func (fc *fuzzerContext) doFuzz(v reflect.Value, flags uint64) {
-	if fc.curDepth >= fc.fuzzer.maxDepth {
-		return
-	}
-	fc.curDepth++
-	defer func() { fc.curDepth-- }()
-
-	if !v.CanSet() {
-		return
-	}
-
-	if flags&flagNoCustomFuzz == 0 {
-		// Check for both pointer and non-pointer custom functions.
-		if v.CanAddr() && fc.tryCustom(v.Addr()) {
-			return
-		}
-		if fc.tryCustom(v) {
-			return
-		}
-	}
-
-	if fn, ok := fillFuncMap[v.Kind()]; ok {
-		fn(v, fc.fuzzer.r)
-		return
-	}
-
-	switch v.Kind() {
-	case reflect.Map:
-		if fc.fuzzer.genShouldFill() {
-			v.Set(reflect.MakeMap(v.Type()))
-			n := fc.fuzzer.genElementCount()
-			for i := 0; i < n; i++ {
-				key := reflect.New(v.Type().Key()).Elem()
-				fc.doFuzz(key, 0)
-				val := reflect.New(v.Type().Elem()).Elem()
-				fc.doFuzz(val, 0)
-				v.SetMapIndex(key, val)
-			}
-			return
-		}
-		v.Set(reflect.Zero(v.Type()))
-	case reflect.Ptr:
-		if fc.fuzzer.genShouldFill() {
-			v.Set(reflect.New(v.Type().Elem()))
-			fc.doFuzz(v.Elem(), 0)
-			return
-		}
-		v.Set(reflect.Zero(v.Type()))
-	case reflect.Slice:
-		if fc.fuzzer.genShouldFill() {
-			n := fc.fuzzer.genElementCount()
-			v.Set(reflect.MakeSlice(v.Type(), n, n))
-			for i := 0; i < n; i++ {
-				fc.doFuzz(v.Index(i), 0)
-			}
-			return
-		}
-		v.Set(reflect.Zero(v.Type()))
-	case reflect.Array:
-		if fc.fuzzer.genShouldFill() {
-			n := v.Len()
-			for i := 0; i < n; i++ {
-				fc.doFuzz(v.Index(i), 0)
-			}
-			return
-		}
-		v.Set(reflect.Zero(v.Type()))
-	case reflect.Struct:
-		for i := 0; i < v.NumField(); i++ {
-			skipField := false
-			fieldName := v.Type().Field(i).Name
-			for _, pattern := range fc.fuzzer.skipFieldPatterns {
-				if pattern.MatchString(fieldName) {
-					skipField = true
-					break
-				}
-			}
-			if !skipField {
-				fc.doFuzz(v.Field(i), 0)
-			}
-		}
-	case reflect.Chan:
-		fallthrough
-	case reflect.Func:
-		fallthrough
-	case reflect.Interface:
-		fallthrough
-	default:
-		panic(fmt.Sprintf("Can't handle %#v", v.Interface()))
-	}
-}
-
-// tryCustom searches for custom handlers, and returns true iff it finds a match
-// and successfully randomizes v.
-func (fc *fuzzerContext) tryCustom(v reflect.Value) bool {
-	// First: see if we have a fuzz function for it.
-	doCustom, ok := fc.fuzzer.fuzzFuncs[v.Type()]
-	if !ok {
-		// Second: see if it can fuzz itself.
-		if v.CanInterface() {
-			intf := v.Interface()
-			if fuzzable, ok := intf.(Interface); ok {
-				fuzzable.Fuzz(Continue{fc: fc, Rand: fc.fuzzer.r})
-				return true
-			}
-		}
-		// Finally: see if there is a default fuzz function.
-		doCustom, ok = fc.fuzzer.defaultFuzzFuncs[v.Type()]
-		if !ok {
-			return false
-		}
-	}
-
-	switch v.Kind() {
-	case reflect.Ptr:
-		if v.IsNil() {
-			if !v.CanSet() {
-				return false
-			}
-			v.Set(reflect.New(v.Type().Elem()))
-		}
-	case reflect.Map:
-		if v.IsNil() {
-			if !v.CanSet() {
-				return false
-			}
-			v.Set(reflect.MakeMap(v.Type()))
-		}
-	default:
-		return false
-	}
-
-	doCustom.Call([]reflect.Value{v, reflect.ValueOf(Continue{
-		fc:   fc,
-		Rand: fc.fuzzer.r,
-	})})
-	return true
-}
-
-// Interface represents an object that knows how to fuzz itself.  Any time we
-// find a type that implements this interface we will delegate the act of
-// fuzzing itself.
-type Interface interface {
-	Fuzz(c Continue)
-}
-
-// Continue can be passed to custom fuzzing functions to allow them to use
-// the correct source of randomness and to continue fuzzing their members.
-type Continue struct {
-	fc *fuzzerContext
-
-	// For convenience, Continue implements rand.Rand via embedding.
-	// Use this for generating any randomness if you want your fuzzing
-	// to be repeatable for a given seed.
-	*rand.Rand
-}
-
-// Fuzz continues fuzzing obj. obj must be a pointer.
-func (c Continue) Fuzz(obj interface{}) {
-	v := reflect.ValueOf(obj)
-	if v.Kind() != reflect.Ptr {
-		panic("needed ptr!")
-	}
-	v = v.Elem()
-	c.fc.doFuzz(v, 0)
-}
-
-// FuzzNoCustom continues fuzzing obj, except that any custom fuzz function for
-// obj's type will not be called and obj will not be tested for fuzz.Interface
-// conformance.  This applies only to obj and not other instances of obj's
-// type.
-func (c Continue) FuzzNoCustom(obj interface{}) {
-	v := reflect.ValueOf(obj)
-	if v.Kind() != reflect.Ptr {
-		panic("needed ptr!")
-	}
-	v = v.Elem()
-	c.fc.doFuzz(v, flagNoCustomFuzz)
-}
-
-// RandString makes a random string up to 20 characters long. The returned string
-// may include a variety of (valid) UTF-8 encodings.
-func (c Continue) RandString() string {
-	return randString(c.Rand)
-}
-
-// RandUint64 makes random 64 bit numbers.
-// Weirdly, rand doesn't have a function that gives you 64 random bits.
-func (c Continue) RandUint64() uint64 {
-	return randUint64(c.Rand)
-}
-
-// RandBool returns true or false randomly.
-func (c Continue) RandBool() bool {
-	return randBool(c.Rand)
-}
-
-func fuzzInt(v reflect.Value, r *rand.Rand) {
-	v.SetInt(int64(randUint64(r)))
-}
-
-func fuzzUint(v reflect.Value, r *rand.Rand) {
-	v.SetUint(randUint64(r))
-}
-
-func fuzzTime(t *time.Time, c Continue) {
-	var sec, nsec int64
-	// Allow for about 1000 years of random time values, which keeps things
-	// like JSON parsing reasonably happy.
-	sec = c.Rand.Int63n(1000 * 365 * 24 * 60 * 60)
-	c.Fuzz(&nsec)
-	*t = time.Unix(sec, nsec)
-}
-
-var fillFuncMap = map[reflect.Kind]func(reflect.Value, *rand.Rand){
-	reflect.Bool: func(v reflect.Value, r *rand.Rand) {
-		v.SetBool(randBool(r))
-	},
-	reflect.Int:     fuzzInt,
-	reflect.Int8:    fuzzInt,
-	reflect.Int16:   fuzzInt,
-	reflect.Int32:   fuzzInt,
-	reflect.Int64:   fuzzInt,
-	reflect.Uint:    fuzzUint,
-	reflect.Uint8:   fuzzUint,
-	reflect.Uint16:  fuzzUint,
-	reflect.Uint32:  fuzzUint,
-	reflect.Uint64:  fuzzUint,
-	reflect.Uintptr: fuzzUint,
-	reflect.Float32: func(v reflect.Value, r *rand.Rand) {
-		v.SetFloat(float64(r.Float32()))
-	},
-	reflect.Float64: func(v reflect.Value, r *rand.Rand) {
-		v.SetFloat(r.Float64())
-	},
-	reflect.Complex64: func(v reflect.Value, r *rand.Rand) {
-		v.SetComplex(complex128(complex(r.Float32(), r.Float32())))
-	},
-	reflect.Complex128: func(v reflect.Value, r *rand.Rand) {
-		v.SetComplex(complex(r.Float64(), r.Float64()))
-	},
-	reflect.String: func(v reflect.Value, r *rand.Rand) {
-		v.SetString(randString(r))
-	},
-	reflect.UnsafePointer: func(v reflect.Value, r *rand.Rand) {
-		panic("unimplemented")
-	},
-}
-
-// randBool returns true or false randomly.
-func randBool(r *rand.Rand) bool {
-	return r.Int31()&(1<<30) == 0
-}
-
-type int63nPicker interface {
-	Int63n(int64) int64
-}
-
-// UnicodeRange describes a sequential range of unicode characters.
-// Last must be numerically greater than First.
-type UnicodeRange struct {
-	First, Last rune
-}
-
-// UnicodeRanges describes an arbitrary number of sequential ranges of unicode characters.
-// To be useful, each range must have at least one character (First <= Last) and
-// there must be at least one range.
-type UnicodeRanges []UnicodeRange
-
-// choose returns a random unicode character from the given range, using the
-// given randomness source.
-func (ur UnicodeRange) choose(r int63nPicker) rune {
-	count := int64(ur.Last - ur.First + 1)
-	return ur.First + rune(r.Int63n(count))
-}
-
-// CustomStringFuzzFunc constructs a FuzzFunc which produces random strings.
-// Each character is selected from the range ur. If there are no characters
-// in the range (cr.Last < cr.First), this will panic.
-func (ur UnicodeRange) CustomStringFuzzFunc() func(s *string, c Continue) {
-	ur.check()
-	return func(s *string, c Continue) {
-		*s = ur.randString(c.Rand)
-	}
-}
-
-// check is a function that used to check whether the first of ur(UnicodeRange)
-// is greater than the last one.
-func (ur UnicodeRange) check() {
-	if ur.Last < ur.First {
-		panic("The last encoding must be greater than the first one.")
-	}
-}
-
-// randString of UnicodeRange makes a random string up to 20 characters long.
-// Each character is selected form ur(UnicodeRange).
-func (ur UnicodeRange) randString(r *rand.Rand) string {
-	n := r.Intn(20)
-	sb := strings.Builder{}
-	sb.Grow(n)
-	for i := 0; i < n; i++ {
-		sb.WriteRune(ur.choose(r))
-	}
-	return sb.String()
-}
-
-// defaultUnicodeRanges sets a default unicode range when user do not set
-// CustomStringFuzzFunc() but wants fuzz string.
-var defaultUnicodeRanges = UnicodeRanges{
-	{' ', '~'},           // ASCII characters
-	{'\u00a0', '\u02af'}, // Multi-byte encoded characters
-	{'\u4e00', '\u9fff'}, // Common CJK (even longer encodings)
-}
-
-// CustomStringFuzzFunc constructs a FuzzFunc which produces random strings.
-// Each character is selected from one of the ranges of ur(UnicodeRanges).
-// Each range has an equal probability of being chosen. If there are no ranges,
-// or a selected range has no characters (.Last < .First), this will panic.
-// Do not modify any of the ranges in ur after calling this function.
-func (ur UnicodeRanges) CustomStringFuzzFunc() func(s *string, c Continue) {
-	// Check unicode ranges slice is empty.
-	if len(ur) == 0 {
-		panic("UnicodeRanges is empty.")
-	}
-	// if not empty, each range should be checked.
-	for i := range ur {
-		ur[i].check()
-	}
-	return func(s *string, c Continue) {
-		*s = ur.randString(c.Rand)
-	}
-}
-
-// randString of UnicodeRanges makes a random string up to 20 characters long.
-// Each character is selected form one of the ranges of ur(UnicodeRanges),
-// and each range has an equal probability of being chosen.
-func (ur UnicodeRanges) randString(r *rand.Rand) string {
-	n := r.Intn(20)
-	sb := strings.Builder{}
-	sb.Grow(n)
-	for i := 0; i < n; i++ {
-		sb.WriteRune(ur[r.Intn(len(ur))].choose(r))
-	}
-	return sb.String()
-}
-
-// randString makes a random string up to 20 characters long. The returned string
-// may include a variety of (valid) UTF-8 encodings.
-func randString(r *rand.Rand) string {
-	return defaultUnicodeRanges.randString(r)
-}
-
-// randUint64 makes random 64 bit numbers.
-// Weirdly, rand doesn't have a function that gives you 64 random bits.
-func randUint64(r *rand.Rand) uint64 {
-	return uint64(r.Uint32())<<32 | uint64(r.Uint32())
-}
diff --git a/vendor/github.com/googleapis/gax-go/v2/.release-please-manifest.json b/vendor/github.com/googleapis/gax-go/v2/.release-please-manifest.json
index a8c082dd61..846e3ece81 100644
--- a/vendor/github.com/googleapis/gax-go/v2/.release-please-manifest.json
+++ b/vendor/github.com/googleapis/gax-go/v2/.release-please-manifest.json
@@ -1,3 +1,3 @@
 {
-    "v2": "2.14.1"
+    "v2": "2.14.2"
 }
diff --git a/vendor/github.com/googleapis/gax-go/v2/CHANGES.md b/vendor/github.com/googleapis/gax-go/v2/CHANGES.md
index 17cced15ec..a7fe145a43 100644
--- a/vendor/github.com/googleapis/gax-go/v2/CHANGES.md
+++ b/vendor/github.com/googleapis/gax-go/v2/CHANGES.md
@@ -1,5 +1,12 @@
 # Changelog
 
+## [2.14.2](https://github.com/googleapis/gax-go/compare/v2.14.1...v2.14.2) (2025-05-12)
+
+
+### Documentation
+
+* **v2:** Fix Backoff doc to accurately explain Multiplier ([#423](https://github.com/googleapis/gax-go/issues/423)) ([16d1791](https://github.com/googleapis/gax-go/commit/16d17917121ea9f5d84ba52b5c7c7f2ec0f9e784)), refs [#422](https://github.com/googleapis/gax-go/issues/422)
+
 ## [2.14.1](https://github.com/googleapis/gax-go/compare/v2.14.0...v2.14.1) (2024-12-19)
 
 
diff --git a/vendor/github.com/googleapis/gax-go/v2/call_option.go b/vendor/github.com/googleapis/gax-go/v2/call_option.go
index c52e03f643..ac1f2b11c9 100644
--- a/vendor/github.com/googleapis/gax-go/v2/call_option.go
+++ b/vendor/github.com/googleapis/gax-go/v2/call_option.go
@@ -156,10 +156,13 @@ func (r *httpRetryer) Retry(err error) (time.Duration, bool) {
 	return 0, false
 }
 
-// Backoff implements exponential backoff. The wait time between retries is a
-// random value between 0 and the "retry period" - the time between retries. The
-// retry period starts at Initial and increases by the factor of Multiplier
-// every retry, but is capped at Max.
+// Backoff implements backoff logic for retries. The configuration for retries
+// is described in https://google.aip.dev/client-libraries/4221. The current
+// retry limit starts at Initial and increases by a factor of Multiplier every
+// retry, but is capped at Max. The actual wait time between retries is a
+// random value between 1ns and the current retry limit. The purpose of this
+// random jitter is explained in
+// https://www.awsarchitectureblog.com/2015/03/backoff.html.
 //
 // Note: MaxNumRetries / RPCDeadline is specifically not provided. These should
 // be built on top of Backoff.
diff --git a/vendor/github.com/googleapis/gax-go/v2/internal/version.go b/vendor/github.com/googleapis/gax-go/v2/internal/version.go
index 2b284a24a4..e272d4d720 100644
--- a/vendor/github.com/googleapis/gax-go/v2/internal/version.go
+++ b/vendor/github.com/googleapis/gax-go/v2/internal/version.go
@@ -30,4 +30,4 @@
 package internal
 
 // Version is the current tagged release of the library.
-const Version = "2.14.1"
+const Version = "2.14.2"
diff --git a/vendor/github.com/gorilla/websocket/README.md b/vendor/github.com/gorilla/websocket/README.md
index d33ed7fdd8..ff8bfab0b2 100644
--- a/vendor/github.com/gorilla/websocket/README.md
+++ b/vendor/github.com/gorilla/websocket/README.md
@@ -10,10 +10,10 @@ Gorilla WebSocket is a [Go](http://golang.org/) implementation of the
 ### Documentation
 
 * [API Reference](https://pkg.go.dev/github.com/gorilla/websocket?tab=doc)
-* [Chat example](https://github.com/gorilla/websocket/tree/master/examples/chat)
-* [Command example](https://github.com/gorilla/websocket/tree/master/examples/command)
-* [Client and server example](https://github.com/gorilla/websocket/tree/master/examples/echo)
-* [File watch example](https://github.com/gorilla/websocket/tree/master/examples/filewatch)
+* [Chat example](https://github.com/gorilla/websocket/tree/main/examples/chat)
+* [Command example](https://github.com/gorilla/websocket/tree/main/examples/command)
+* [Client and server example](https://github.com/gorilla/websocket/tree/main/examples/echo)
+* [File watch example](https://github.com/gorilla/websocket/tree/main/examples/filewatch)
 
 ### Status
 
@@ -29,5 +29,4 @@ package API is stable.
 
 The Gorilla WebSocket package passes the server tests in the [Autobahn Test
 Suite](https://github.com/crossbario/autobahn-testsuite) using the application in the [examples/autobahn
-subdirectory](https://github.com/gorilla/websocket/tree/master/examples/autobahn).
-
+subdirectory](https://github.com/gorilla/websocket/tree/main/examples/autobahn).
diff --git a/vendor/github.com/gorilla/websocket/client.go b/vendor/github.com/gorilla/websocket/client.go
index 04fdafee18..00917ea341 100644
--- a/vendor/github.com/gorilla/websocket/client.go
+++ b/vendor/github.com/gorilla/websocket/client.go
@@ -11,7 +11,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net"
 	"net/http"
 	"net/http/httptrace"
@@ -52,18 +51,34 @@ func NewClient(netConn net.Conn, u *url.URL, requestHeader http.Header, readBufS
 //
 // It is safe to call Dialer's methods concurrently.
 type Dialer struct {
+	// The following custom dial functions can be set to establish
+	// connections to either the backend server or the proxy (if it
+	// exists). The scheme of the dialed entity (either backend or
+	// proxy) determines which custom dial function is selected:
+	// either NetDialTLSContext for HTTPS or NetDialContext/NetDial
+	// for HTTP. Since the "Proxy" function can determine the scheme
+	// dynamically, it can make sense to set multiple custom dial
+	// functions simultaneously.
+	//
 	// NetDial specifies the dial function for creating TCP connections. If
-	// NetDial is nil, net.Dial is used.
+	// NetDial is nil, net.Dialer DialContext is used.
+	// If "Proxy" field is also set, this function dials the proxy--not
+	// the backend server.
 	NetDial func(network, addr string) (net.Conn, error)
 
 	// NetDialContext specifies the dial function for creating TCP connections. If
 	// NetDialContext is nil, NetDial is used.
+	// If "Proxy" field is also set, this function dials the proxy--not
+	// the backend server.
 	NetDialContext func(ctx context.Context, network, addr string) (net.Conn, error)
 
 	// NetDialTLSContext specifies the dial function for creating TLS/TCP connections. If
 	// NetDialTLSContext is nil, NetDialContext is used.
 	// If NetDialTLSContext is set, Dial assumes the TLS handshake is done there and
 	// TLSClientConfig is ignored.
+	// If "Proxy" field is also set, this function dials the proxy (and performs
+	// the TLS handshake with the proxy, ignoring TLSClientConfig). In this TLS proxy
+	// dialing case the TLSClientConfig could still be necessary for TLS to the backend server.
 	NetDialTLSContext func(ctx context.Context, network, addr string) (net.Conn, error)
 
 	// Proxy specifies a function to return a proxy for a given
@@ -74,7 +89,7 @@ type Dialer struct {
 
 	// TLSClientConfig specifies the TLS configuration to use with tls.Client.
 	// If nil, the default configuration is used.
-	// If either NetDialTLS or NetDialTLSContext are set, Dial assumes the TLS handshake
+	// If NetDialTLSContext is set, Dial assumes the TLS handshake
 	// is done there and TLSClientConfig is ignored.
 	TLSClientConfig *tls.Config
 
@@ -245,71 +260,16 @@ func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader h
 		defer cancel()
 	}
 
-	// Get network dial function.
-	var netDial func(network, add string) (net.Conn, error)
-
-	switch u.Scheme {
-	case "http":
-		if d.NetDialContext != nil {
-			netDial = func(network, addr string) (net.Conn, error) {
-				return d.NetDialContext(ctx, network, addr)
-			}
-		} else if d.NetDial != nil {
-			netDial = d.NetDial
-		}
-	case "https":
-		if d.NetDialTLSContext != nil {
-			netDial = func(network, addr string) (net.Conn, error) {
-				return d.NetDialTLSContext(ctx, network, addr)
-			}
-		} else if d.NetDialContext != nil {
-			netDial = func(network, addr string) (net.Conn, error) {
-				return d.NetDialContext(ctx, network, addr)
-			}
-		} else if d.NetDial != nil {
-			netDial = d.NetDial
-		}
-	default:
-		return nil, nil, errMalformedURL
-	}
-
-	if netDial == nil {
-		netDialer := &net.Dialer{}
-		netDial = func(network, addr string) (net.Conn, error) {
-			return netDialer.DialContext(ctx, network, addr)
-		}
-	}
-
-	// If needed, wrap the dial function to set the connection deadline.
-	if deadline, ok := ctx.Deadline(); ok {
-		forwardDial := netDial
-		netDial = func(network, addr string) (net.Conn, error) {
-			c, err := forwardDial(network, addr)
-			if err != nil {
-				return nil, err
-			}
-			err = c.SetDeadline(deadline)
-			if err != nil {
-				c.Close()
-				return nil, err
-			}
-			return c, nil
-		}
-	}
-
-	// If needed, wrap the dial function to connect through a proxy.
+	var proxyURL *url.URL
 	if d.Proxy != nil {
-		proxyURL, err := d.Proxy(req)
+		proxyURL, err = d.Proxy(req)
 		if err != nil {
 			return nil, nil, err
 		}
-		if proxyURL != nil {
-			dialer, err := proxy_FromURL(proxyURL, netDialerFunc(netDial))
-			if err != nil {
-				return nil, nil, err
-			}
-			netDial = dialer.Dial
-		}
+	}
+	netDial, err := d.netDialFn(ctx, proxyURL, u)
+	if err != nil {
+		return nil, nil, err
 	}
 
 	hostPort, hostNoPort := hostPortNoPort(u)
@@ -318,7 +278,7 @@ func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader h
 		trace.GetConn(hostPort)
 	}
 
-	netConn, err := netDial("tcp", hostPort)
+	netConn, err := netDial(ctx, "tcp", hostPort)
 	if err != nil {
 		return nil, nil, err
 	}
@@ -328,14 +288,20 @@ func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader h
 		})
 	}
 
+	// Close the network connection when returning an error. The variable
+	// netConn is set to nil before the success return at the end of the
+	// function.
 	defer func() {
 		if netConn != nil {
-			netConn.Close()
+			// It's safe to ignore the error from Close() because this code is
+			// only executed when returning a more important error to the
+			// application.
+			_ = netConn.Close()
 		}
 	}()
 
-	if u.Scheme == "https" && d.NetDialTLSContext == nil {
-		// If NetDialTLSContext is set, assume that the TLS handshake has already been done
+	// Do TLS handshake over established connection if a proxy exists.
+	if proxyURL != nil && u.Scheme == "https" {
 
 		cfg := cloneTLSConfig(d.TLSClientConfig)
 		if cfg.ServerName == "" {
@@ -400,7 +366,7 @@ func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader h
 		// debugging.
 		buf := make([]byte, 1024)
 		n, _ := io.ReadFull(resp.Body, buf)
-		resp.Body = ioutil.NopCloser(bytes.NewReader(buf[:n]))
+		resp.Body = io.NopCloser(bytes.NewReader(buf[:n]))
 		return nil, resp, ErrBadHandshake
 	}
 
@@ -418,17 +384,134 @@ func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader h
 		break
 	}
 
-	resp.Body = ioutil.NopCloser(bytes.NewReader([]byte{}))
+	resp.Body = io.NopCloser(bytes.NewReader([]byte{}))
 	conn.subprotocol = resp.Header.Get("Sec-Websocket-Protocol")
 
-	netConn.SetDeadline(time.Time{})
-	netConn = nil // to avoid close in defer.
+	if err := netConn.SetDeadline(time.Time{}); err != nil {
+		return nil, resp, err
+	}
+
+	// Success! Set netConn to nil to stop the deferred function above from
+	// closing the network connection.
+	netConn = nil
+
 	return conn, resp, nil
 }
 
+// Returns the dial function to establish the connection to either the backend
+// server or the proxy (if it exists). If the dialed entity is HTTPS, then the
+// returned dial function *also* performs the TLS handshake to the dialed entity.
+// NOTE: If a proxy exists, it is possible for a second TLS handshake to be
+// necessary over the established connection.
+func (d *Dialer) netDialFn(ctx context.Context, proxyURL *url.URL, backendURL *url.URL) (netDialerFunc, error) {
+	var netDial netDialerFunc
+	if proxyURL != nil {
+		netDial = d.netDialFromURL(proxyURL)
+	} else {
+		netDial = d.netDialFromURL(backendURL)
+	}
+	// If needed, wrap the dial function to set the connection deadline.
+	if deadline, ok := ctx.Deadline(); ok {
+		netDial = netDialWithDeadline(netDial, deadline)
+	}
+	// Proxy dialing is wrapped to implement CONNECT method and possibly proxy auth.
+	if proxyURL != nil {
+		return proxyFromURL(proxyURL, netDial)
+	}
+	return netDial, nil
+}
+
+// Returns function to create the connection depending on the Dialer's
+// custom dialing functions and the passed URL of entity connecting to.
+func (d *Dialer) netDialFromURL(u *url.URL) netDialerFunc {
+	var netDial netDialerFunc
+	switch {
+	case d.NetDialContext != nil:
+		netDial = d.NetDialContext
+	case d.NetDial != nil:
+		netDial = func(ctx context.Context, net, addr string) (net.Conn, error) {
+			return d.NetDial(net, addr)
+		}
+	default:
+		netDial = (&net.Dialer{}).DialContext
+	}
+	// If dialed entity is HTTPS, then either use custom TLS dialing function (if exists)
+	// or wrap the previously computed "netDial" to use TLS config for handshake.
+	if u.Scheme == "https" {
+		if d.NetDialTLSContext != nil {
+			netDial = d.NetDialTLSContext
+		} else {
+			netDial = netDialWithTLSHandshake(netDial, d.TLSClientConfig, u)
+		}
+	}
+	return netDial
+}
+
+// Returns wrapped "netDial" function, performing TLS handshake after connecting.
+func netDialWithTLSHandshake(netDial netDialerFunc, tlsConfig *tls.Config, u *url.URL) netDialerFunc {
+	return func(ctx context.Context, unused, addr string) (net.Conn, error) {
+		hostPort, hostNoPort := hostPortNoPort(u)
+		trace := httptrace.ContextClientTrace(ctx)
+		if trace != nil && trace.GetConn != nil {
+			trace.GetConn(hostPort)
+		}
+		// Creates TCP connection to addr using passed "netDial" function.
+		conn, err := netDial(ctx, "tcp", addr)
+		if err != nil {
+			return nil, err
+		}
+		cfg := cloneTLSConfig(tlsConfig)
+		if cfg.ServerName == "" {
+			cfg.ServerName = hostNoPort
+		}
+		tlsConn := tls.Client(conn, cfg)
+		// Do the TLS handshake using TLSConfig over the wrapped connection.
+		if trace != nil && trace.TLSHandshakeStart != nil {
+			trace.TLSHandshakeStart()
+		}
+		err = doHandshake(ctx, tlsConn, cfg)
+		if trace != nil && trace.TLSHandshakeDone != nil {
+			trace.TLSHandshakeDone(tlsConn.ConnectionState(), err)
+		}
+		if err != nil {
+			tlsConn.Close()
+			return nil, err
+		}
+		return tlsConn, nil
+	}
+}
+
+// Returns wrapped "netDial" function, setting passed deadline.
+func netDialWithDeadline(netDial netDialerFunc, deadline time.Time) netDialerFunc {
+	return func(ctx context.Context, network, addr string) (net.Conn, error) {
+		c, err := netDial(ctx, network, addr)
+		if err != nil {
+			return nil, err
+		}
+		err = c.SetDeadline(deadline)
+		if err != nil {
+			c.Close()
+			return nil, err
+		}
+		return c, nil
+	}
+}
+
 func cloneTLSConfig(cfg *tls.Config) *tls.Config {
 	if cfg == nil {
 		return &tls.Config{}
 	}
 	return cfg.Clone()
 }
+
+func doHandshake(ctx context.Context, tlsConn *tls.Conn, cfg *tls.Config) error {
+	if err := tlsConn.HandshakeContext(ctx); err != nil {
+		return err
+	}
+	if !cfg.InsecureSkipVerify {
+		if err := tlsConn.VerifyHostname(cfg.ServerName); err != nil {
+			return err
+		}
+	}
+	return nil
+}
diff --git a/vendor/github.com/gorilla/websocket/compression.go b/vendor/github.com/gorilla/websocket/compression.go
index 813ffb1e84..fe1079edbc 100644
--- a/vendor/github.com/gorilla/websocket/compression.go
+++ b/vendor/github.com/gorilla/websocket/compression.go
@@ -33,7 +33,11 @@ func decompressNoContextTakeover(r io.Reader) io.ReadCloser {
 		"\x01\x00\x00\xff\xff"
 
 	fr, _ := flateReaderPool.Get().(io.ReadCloser)
-	fr.(flate.Resetter).Reset(io.MultiReader(r, strings.NewReader(tail)), nil)
+	mr := io.MultiReader(r, strings.NewReader(tail))
+	if err := fr.(flate.Resetter).Reset(mr, nil); err != nil {
+		// Reset never fails, but handle error in case that changes.
+		fr = flate.NewReader(mr)
+	}
 	return &flateReadWrapper{fr}
 }
 
diff --git a/vendor/github.com/gorilla/websocket/conn.go b/vendor/github.com/gorilla/websocket/conn.go
index 5161ef81f6..9562ffd497 100644
--- a/vendor/github.com/gorilla/websocket/conn.go
+++ b/vendor/github.com/gorilla/websocket/conn.go
@@ -6,11 +6,10 @@ package websocket
 
 import (
 	"bufio"
+	"crypto/rand"
 	"encoding/binary"
 	"errors"
 	"io"
-	"io/ioutil"
-	"math/rand"
 	"net"
 	"strconv"
 	"strings"
@@ -181,16 +180,16 @@ var (
 	errInvalidControlFrame = errors.New("websocket: invalid control frame")
 )
 
-func newMaskKey() [4]byte {
-	n := rand.Uint32()
-	return [4]byte{byte(n), byte(n >> 8), byte(n >> 16), byte(n >> 24)}
-}
+// maskRand is an io.Reader for generating mask bytes. The reader is initialized
+// to crypto/rand Reader. Tests swap the reader to a math/rand reader for
+// reproducible results.
+var maskRand = rand.Reader
 
-func hideTempErr(err error) error {
-	if e, ok := err.(net.Error); ok && e.Temporary() {
-		err = &netError{msg: e.Error(), timeout: e.Timeout()}
-	}
-	return err
+// newMaskKey returns a new 32 bit value for masking client frames.
+func newMaskKey() [4]byte {
+	var k [4]byte
+	_, _ = io.ReadFull(maskRand, k[:])
+	return k
 }
 
 func isControl(frameType int) bool {
@@ -358,7 +357,6 @@ func (c *Conn) RemoteAddr() net.Addr {
 // Write methods
 
 func (c *Conn) writeFatal(err error) error {
-	err = hideTempErr(err)
 	c.writeErrMu.Lock()
 	if c.writeErr == nil {
 		c.writeErr = err
@@ -372,7 +370,9 @@ func (c *Conn) read(n int) ([]byte, error) {
 	if err == io.EOF {
 		err = errUnexpectedEOF
 	}
-	c.br.Discard(len(p))
+	// Discard is guaranteed to succeed because the number of bytes to discard
+	// is less than or equal to the number of bytes buffered.
+	_, _ = c.br.Discard(len(p))
 	return p, err
 }
 
@@ -387,7 +387,9 @@ func (c *Conn) write(frameType int, deadline time.Time, buf0, buf1 []byte) error
 		return err
 	}
 
-	c.conn.SetWriteDeadline(deadline)
+	if err := c.conn.SetWriteDeadline(deadline); err != nil {
+		return c.writeFatal(err)
+	}
 	if len(buf1) == 0 {
 		_, err = c.conn.Write(buf0)
 	} else {
@@ -397,7 +399,7 @@ func (c *Conn) write(frameType int, deadline time.Time, buf0, buf1 []byte) error
 		return c.writeFatal(err)
 	}
 	if frameType == CloseMessage {
-		c.writeFatal(ErrCloseSent)
+		_ = c.writeFatal(ErrCloseSent)
 	}
 	return nil
 }
@@ -436,21 +438,27 @@ func (c *Conn) WriteControl(messageType int, data []byte, deadline time.Time) er
 		maskBytes(key, 0, buf[6:])
 	}
 
-	d := 1000 * time.Hour
-	if !deadline.IsZero() {
-		d = deadline.Sub(time.Now())
+	if deadline.IsZero() {
+		// No timeout for zero time.
+		<-c.mu
+	} else {
+		d := time.Until(deadline)
 		if d < 0 {
 			return errWriteTimeout
 		}
+		select {
+		case <-c.mu:
+		default:
+			timer := time.NewTimer(d)
+			select {
+			case <-c.mu:
+				timer.Stop()
+			case <-timer.C:
+				return errWriteTimeout
+			}
+		}
 	}
 
-	timer := time.NewTimer(d)
-	select {
-	case <-c.mu:
-		timer.Stop()
-	case <-timer.C:
-		return errWriteTimeout
-	}
 	defer func() { c.mu <- struct{}{} }()
 
 	c.writeErrMu.Lock()
@@ -460,13 +468,14 @@ func (c *Conn) WriteControl(messageType int, data []byte, deadline time.Time) er
 		return err
 	}
 
-	c.conn.SetWriteDeadline(deadline)
-	_, err = c.conn.Write(buf)
-	if err != nil {
+	if err := c.conn.SetWriteDeadline(deadline); err != nil {
+		return c.writeFatal(err)
+	}
+	if _, err = c.conn.Write(buf); err != nil {
 		return c.writeFatal(err)
 	}
 	if messageType == CloseMessage {
-		c.writeFatal(ErrCloseSent)
+		_ = c.writeFatal(ErrCloseSent)
 	}
 	return err
 }
@@ -630,7 +639,7 @@ func (w *messageWriter) flushFrame(final bool, extra []byte) error {
 	}
 
 	if final {
-		w.endMessage(errWriteClosed)
+		_ = w.endMessage(errWriteClosed)
 		return nil
 	}
 
@@ -795,7 +804,7 @@ func (c *Conn) advanceFrame() (int, error) {
 	// 1. Skip remainder of previous frame.
 
 	if c.readRemaining > 0 {
-		if _, err := io.CopyN(ioutil.Discard, c.br, c.readRemaining); err != nil {
+		if _, err := io.CopyN(io.Discard, c.br, c.readRemaining); err != nil {
 			return noFrame, err
 		}
 	}
@@ -817,7 +826,7 @@ func (c *Conn) advanceFrame() (int, error) {
 	rsv2 := p[0]&rsv2Bit != 0
 	rsv3 := p[0]&rsv3Bit != 0
 	mask := p[1]&maskBit != 0
-	c.setReadRemaining(int64(p[1] & 0x7f))
+	_ = c.setReadRemaining(int64(p[1] & 0x7f)) // will not fail because argument is >= 0
 
 	c.readDecompress = false
 	if rsv1 {
@@ -922,7 +931,8 @@ func (c *Conn) advanceFrame() (int, error) {
 		}
 
 		if c.readLimit > 0 && c.readLength > c.readLimit {
-			c.WriteControl(CloseMessage, FormatCloseMessage(CloseMessageTooBig, ""), time.Now().Add(writeWait))
+			// Make a best effort to send a close message describing the problem.
+			_ = c.WriteControl(CloseMessage, FormatCloseMessage(CloseMessageTooBig, ""), time.Now().Add(writeWait))
 			return noFrame, ErrReadLimit
 		}
 
@@ -934,7 +944,7 @@ func (c *Conn) advanceFrame() (int, error) {
 	var payload []byte
 	if c.readRemaining > 0 {
 		payload, err = c.read(int(c.readRemaining))
-		c.setReadRemaining(0)
+		_ = c.setReadRemaining(0) // will not fail because argument is >= 0
 		if err != nil {
 			return noFrame, err
 		}
@@ -981,7 +991,8 @@ func (c *Conn) handleProtocolError(message string) error {
 	if len(data) > maxControlFramePayloadSize {
 		data = data[:maxControlFramePayloadSize]
 	}
-	c.WriteControl(CloseMessage, data, time.Now().Add(writeWait))
+	// Make a best effor to send a close message describing the problem.
+	_ = c.WriteControl(CloseMessage, data, time.Now().Add(writeWait))
 	return errors.New("websocket: " + message)
 }
 
@@ -1008,7 +1019,7 @@ func (c *Conn) NextReader() (messageType int, r io.Reader, err error) {
 	for c.readErr == nil {
 		frameType, err := c.advanceFrame()
 		if err != nil {
-			c.readErr = hideTempErr(err)
+			c.readErr = err
 			break
 		}
 
@@ -1048,13 +1059,13 @@ func (r *messageReader) Read(b []byte) (int, error) {
 				b = b[:c.readRemaining]
 			}
 			n, err := c.br.Read(b)
-			c.readErr = hideTempErr(err)
+			c.readErr = err
 			if c.isServer {
 				c.readMaskPos = maskBytes(c.readMaskKey, c.readMaskPos, b[:n])
 			}
 			rem := c.readRemaining
 			rem -= int64(n)
-			c.setReadRemaining(rem)
+			_ = c.setReadRemaining(rem) // rem is guaranteed to be >= 0
 			if c.readRemaining > 0 && c.readErr == io.EOF {
 				c.readErr = errUnexpectedEOF
 			}
@@ -1069,7 +1080,7 @@ func (r *messageReader) Read(b []byte) (int, error) {
 		frameType, err := c.advanceFrame()
 		switch {
 		case err != nil:
-			c.readErr = hideTempErr(err)
+			c.readErr = err
 		case frameType == TextMessage || frameType == BinaryMessage:
 			c.readErr = errors.New("websocket: internal error, unexpected text or binary in Reader")
 		}
@@ -1094,7 +1105,7 @@ func (c *Conn) ReadMessage() (messageType int, p []byte, err error) {
 	if err != nil {
 		return messageType, nil, err
 	}
-	p, err = ioutil.ReadAll(r)
+	p, err = io.ReadAll(r)
 	return messageType, p, err
 }
 
@@ -1136,7 +1147,8 @@ func (c *Conn) SetCloseHandler(h func(code int, text string) error) {
 	if h == nil {
 		h = func(code int, text string) error {
 			message := FormatCloseMessage(code, "")
-			c.WriteControl(CloseMessage, message, time.Now().Add(writeWait))
+			// Make a best effor to send the close message.
+			_ = c.WriteControl(CloseMessage, message, time.Now().Add(writeWait))
 			return nil
 		}
 	}
@@ -1158,13 +1170,9 @@ func (c *Conn) PingHandler() func(appData string) error {
 func (c *Conn) SetPingHandler(h func(appData string) error) {
 	if h == nil {
 		h = func(message string) error {
-			err := c.WriteControl(PongMessage, []byte(message), time.Now().Add(writeWait))
-			if err == ErrCloseSent {
-				return nil
-			} else if e, ok := err.(net.Error); ok && e.Temporary() {
-				return nil
-			}
-			return err
+			// Make a best effort to send the pong message.
+			_ = c.WriteControl(PongMessage, []byte(message), time.Now().Add(writeWait))
+			return nil
 		}
 	}
 	c.handlePing = h
diff --git a/vendor/github.com/gorilla/websocket/proxy.go b/vendor/github.com/gorilla/websocket/proxy.go
index e0f466b72f..d716a05884 100644
--- a/vendor/github.com/gorilla/websocket/proxy.go
+++ b/vendor/github.com/gorilla/websocket/proxy.go
@@ -6,34 +6,52 @@ package websocket
 
 import (
 	"bufio"
+	"bytes"
+	"context"
 	"encoding/base64"
 	"errors"
 	"net"
 	"net/http"
 	"net/url"
 	"strings"
+
+	"golang.org/x/net/proxy"
 )
 
-type netDialerFunc func(network, addr string) (net.Conn, error)
+type netDialerFunc func(ctx context.Context, network, addr string) (net.Conn, error)
 
 func (fn netDialerFunc) Dial(network, addr string) (net.Conn, error) {
-	return fn(network, addr)
+	return fn(context.Background(), network, addr)
 }
 
-func init() {
-	proxy_RegisterDialerType("http", func(proxyURL *url.URL, forwardDialer proxy_Dialer) (proxy_Dialer, error) {
-		return &httpProxyDialer{proxyURL: proxyURL, forwardDial: forwardDialer.Dial}, nil
-	})
+func (fn netDialerFunc) DialContext(ctx context.Context, network, addr string) (net.Conn, error) {
+	return fn(ctx, network, addr)
+}
+
+func proxyFromURL(proxyURL *url.URL, forwardDial netDialerFunc) (netDialerFunc, error) {
+	if proxyURL.Scheme == "http" || proxyURL.Scheme == "https" {
+		return (&httpProxyDialer{proxyURL: proxyURL, forwardDial: forwardDial}).DialContext, nil
+	}
+	dialer, err := proxy.FromURL(proxyURL, forwardDial)
+	if err != nil {
+		return nil, err
+	}
+	if d, ok := dialer.(proxy.ContextDialer); ok {
+		return d.DialContext, nil
+	}
+	return func(ctx context.Context, net, addr string) (net.Conn, error) {
+		return dialer.Dial(net, addr)
+	}, nil
 }
 
 type httpProxyDialer struct {
 	proxyURL    *url.URL
-	forwardDial func(network, addr string) (net.Conn, error)
+	forwardDial netDialerFunc
 }
 
-func (hpd *httpProxyDialer) Dial(network string, addr string) (net.Conn, error) {
+func (hpd *httpProxyDialer) DialContext(ctx context.Context, network string, addr string) (net.Conn, error) {
 	hostPort, _ := hostPortNoPort(hpd.proxyURL)
-	conn, err := hpd.forwardDial(network, hostPort)
+	conn, err := hpd.forwardDial(ctx, network, hostPort)
 	if err != nil {
 		return nil, err
 	}
@@ -46,7 +64,6 @@ func (hpd *httpProxyDialer) Dial(network string, addr string) (net.Conn, error)
 			connectHeader.Set("Proxy-Authorization", "Basic "+credential)
 		}
 	}
-
 	connectReq := &http.Request{
 		Method: http.MethodConnect,
 		URL:    &url.URL{Opaque: addr},
@@ -59,7 +76,7 @@ func (hpd *httpProxyDialer) Dial(network string, addr string) (net.Conn, error)
 		return nil, err
 	}
 
-	// Read response. It's OK to use and discard buffered reader here becaue
+	// Read response. It's OK to use and discard buffered reader here because
 	// the remote server does not speak until spoken to.
 	br := bufio.NewReader(conn)
 	resp, err := http.ReadResponse(br, connectReq)
@@ -68,8 +85,18 @@ func (hpd *httpProxyDialer) Dial(network string, addr string) (net.Conn, error)
 		return nil, err
 	}
 
-	if resp.StatusCode != 200 {
-		conn.Close()
+	// Close the response body to silence false positives from linters. Reset
+	// the buffered reader first to ensure that Close() does not read from
+	// conn.
+	// Note: Applications must call resp.Body.Close() on a response returned
+	// http.ReadResponse to inspect trailers or read another response from the
+	// buffered reader. The call to resp.Body.Close() does not release
+	// resources.
+	br.Reset(bytes.NewReader(nil))
+	_ = resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		_ = conn.Close()
 		f := strings.SplitN(resp.Status, " ", 2)
 		return nil, errors.New(f[1])
 	}
diff --git a/vendor/github.com/gorilla/websocket/server.go b/vendor/github.com/gorilla/websocket/server.go
index bb33597432..02ea01fdcd 100644
--- a/vendor/github.com/gorilla/websocket/server.go
+++ b/vendor/github.com/gorilla/websocket/server.go
@@ -6,8 +6,7 @@ package websocket
 
 import (
 	"bufio"
-	"errors"
-	"io"
+	"net"
 	"net/http"
 	"net/url"
 	"strings"
@@ -101,8 +100,8 @@ func checkSameOrigin(r *http.Request) bool {
 func (u *Upgrader) selectSubprotocol(r *http.Request, responseHeader http.Header) string {
 	if u.Subprotocols != nil {
 		clientProtocols := Subprotocols(r)
-		for _, serverProtocol := range u.Subprotocols {
-			for _, clientProtocol := range clientProtocols {
+		for _, clientProtocol := range clientProtocols {
+			for _, serverProtocol := range u.Subprotocols {
 				if clientProtocol == serverProtocol {
 					return clientProtocol
 				}
@@ -130,7 +129,8 @@ func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeade
 	}
 
 	if !tokenListContainsValue(r.Header, "Upgrade", "websocket") {
-		return u.returnError(w, r, http.StatusBadRequest, badHandshake+"'websocket' token not found in 'Upgrade' header")
+		w.Header().Set("Upgrade", "websocket")
+		return u.returnError(w, r, http.StatusUpgradeRequired, badHandshake+"'websocket' token not found in 'Upgrade' header")
 	}
 
 	if r.Method != http.MethodGet {
@@ -172,28 +172,37 @@ func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeade
 		}
 	}
 
-	h, ok := w.(http.Hijacker)
-	if !ok {
-		return u.returnError(w, r, http.StatusInternalServerError, "websocket: response does not implement http.Hijacker")
-	}
-	var brw *bufio.ReadWriter
-	netConn, brw, err := h.Hijack()
+	netConn, brw, err := http.NewResponseController(w).Hijack()
 	if err != nil {
-		return u.returnError(w, r, http.StatusInternalServerError, err.Error())
+		return u.returnError(w, r, http.StatusInternalServerError,
+			"websocket: hijack: "+err.Error())
 	}
 
-	if brw.Reader.Buffered() > 0 {
-		netConn.Close()
-		return nil, errors.New("websocket: client sent data before handshake is complete")
-	}
+	// Close the network connection when returning an error. The variable
+	// netConn is set to nil before the success return at the end of the
+	// function.
+	defer func() {
+		if netConn != nil {
+			// It's safe to ignore the error from Close() because this code is
+			// only executed when returning a more important error to the
+			// application.
+			_ = netConn.Close()
+		}
+	}()
 
 	var br *bufio.Reader
-	if u.ReadBufferSize == 0 && bufioReaderSize(netConn, brw.Reader) > 256 {
-		// Reuse hijacked buffered reader as connection reader.
+	if u.ReadBufferSize == 0 && brw.Reader.Size() > 256 {
+		// Use hijacked buffered reader as the connection reader.
 		br = brw.Reader
+	} else if brw.Reader.Buffered() > 0 {
+		// Wrap the network connection to read buffered data in brw.Reader
+		// before reading from the network connection. This should be rare
+		// because a client must not send message data before receiving the
+		// handshake response.
+		netConn = &brNetConn{br: brw.Reader, Conn: netConn}
 	}
 
-	buf := bufioWriterBuffer(netConn, brw.Writer)
+	buf := brw.Writer.AvailableBuffer()
 
 	var writeBuf []byte
 	if u.WriteBufferPool == nil && u.WriteBufferSize == 0 && len(buf) >= maxFrameHeaderSize+256 {
@@ -247,20 +256,30 @@ func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeade
 	}
 	p = append(p, "\r\n"...)
 
-	// Clear deadlines set by HTTP server.
-	netConn.SetDeadline(time.Time{})
-
 	if u.HandshakeTimeout > 0 {
-		netConn.SetWriteDeadline(time.Now().Add(u.HandshakeTimeout))
+		if err := netConn.SetWriteDeadline(time.Now().Add(u.HandshakeTimeout)); err != nil {
+			return nil, err
+		}
+	} else {
+		// Clear deadlines set by HTTP server.
+		if err := netConn.SetDeadline(time.Time{}); err != nil {
+			return nil, err
+		}
 	}
+
 	if _, err = netConn.Write(p); err != nil {
-		netConn.Close()
 		return nil, err
 	}
 	if u.HandshakeTimeout > 0 {
-		netConn.SetWriteDeadline(time.Time{})
+		if err := netConn.SetWriteDeadline(time.Time{}); err != nil {
+			return nil, err
+		}
 	}
 
+	// Success! Set netConn to nil to stop the deferred function above from
+	// closing the network connection.
+	netConn = nil
+
 	return c, nil
 }
 
@@ -327,39 +346,28 @@ func IsWebSocketUpgrade(r *http.Request) bool {
 		tokenListContainsValue(r.Header, "Upgrade", "websocket")
 }
 
-// bufioReaderSize size returns the size of a bufio.Reader.
-func bufioReaderSize(originalReader io.Reader, br *bufio.Reader) int {
-	// This code assumes that peek on a reset reader returns
-	// bufio.Reader.buf[:0].
-	// TODO: Use bufio.Reader.Size() after Go 1.10
-	br.Reset(originalReader)
-	if p, err := br.Peek(0); err == nil {
-		return cap(p)
-	}
-	return 0
+type brNetConn struct {
+	br *bufio.Reader
+	net.Conn
 }
 
-// writeHook is an io.Writer that records the last slice passed to it vio
-// io.Writer.Write.
-type writeHook struct {
-	p []byte
+func (b *brNetConn) Read(p []byte) (n int, err error) {
+	if b.br != nil {
+		// Limit read to buferred data.
+		if n := b.br.Buffered(); len(p) > n {
+			p = p[:n]
+		}
+		n, err = b.br.Read(p)
+		if b.br.Buffered() == 0 {
+			b.br = nil
+		}
+		return n, err
+	}
+	return b.Conn.Read(p)
 }
 
-func (wh *writeHook) Write(p []byte) (int, error) {
-	wh.p = p
-	return len(p), nil
+// NetConn returns the underlying connection that is wrapped by b.
+func (b *brNetConn) NetConn() net.Conn {
+	return b.Conn
 }
 
-// bufioWriterBuffer grabs the buffer from a bufio.Writer.
-func bufioWriterBuffer(originalWriter io.Writer, bw *bufio.Writer) []byte {
-	// This code assumes that bufio.Writer.buf[:1] is passed to the
-	// bufio.Writer's underlying writer.
-	var wh writeHook
-	bw.Reset(&wh)
-	bw.WriteByte(0)
-	bw.Flush()
-
-	bw.Reset(originalWriter)
-
-	return wh.p[:cap(wh.p)]
-}
diff --git a/vendor/github.com/gorilla/websocket/tls_handshake.go b/vendor/github.com/gorilla/websocket/tls_handshake.go
deleted file mode 100644
index a62b68ccb1..0000000000
--- a/vendor/github.com/gorilla/websocket/tls_handshake.go
+++ /dev/null
@@ -1,21 +0,0 @@
-//go:build go1.17
-// +build go1.17
-
-package websocket
-
-import (
-	"context"
-	"crypto/tls"
-)
-
-func doHandshake(ctx context.Context, tlsConn *tls.Conn, cfg *tls.Config) error {
-	if err := tlsConn.HandshakeContext(ctx); err != nil {
-		return err
-	}
-	if !cfg.InsecureSkipVerify {
-		if err := tlsConn.VerifyHostname(cfg.ServerName); err != nil {
-			return err
-		}
-	}
-	return nil
-}
diff --git a/vendor/github.com/gorilla/websocket/tls_handshake_116.go b/vendor/github.com/gorilla/websocket/tls_handshake_116.go
deleted file mode 100644
index e1b2b44f6e..0000000000
--- a/vendor/github.com/gorilla/websocket/tls_handshake_116.go
+++ /dev/null
@@ -1,21 +0,0 @@
-//go:build !go1.17
-// +build !go1.17
-
-package websocket
-
-import (
-	"context"
-	"crypto/tls"
-)
-
-func doHandshake(ctx context.Context, tlsConn *tls.Conn, cfg *tls.Config) error {
-	if err := tlsConn.Handshake(); err != nil {
-		return err
-	}
-	if !cfg.InsecureSkipVerify {
-		if err := tlsConn.VerifyHostname(cfg.ServerName); err != nil {
-			return err
-		}
-	}
-	return nil
-}
diff --git a/vendor/github.com/gorilla/websocket/x_net_proxy.go b/vendor/github.com/gorilla/websocket/x_net_proxy.go
deleted file mode 100644
index 2e668f6b88..0000000000
--- a/vendor/github.com/gorilla/websocket/x_net_proxy.go
+++ /dev/null
@@ -1,473 +0,0 @@
-// Code generated by golang.org/x/tools/cmd/bundle. DO NOT EDIT.
-//go:generate bundle -o x_net_proxy.go golang.org/x/net/proxy
-
-// Package proxy provides support for a variety of protocols to proxy network
-// data.
-//
-
-package websocket
-
-import (
-	"errors"
-	"io"
-	"net"
-	"net/url"
-	"os"
-	"strconv"
-	"strings"
-	"sync"
-)
-
-type proxy_direct struct{}
-
-// Direct is a direct proxy: one that makes network connections directly.
-var proxy_Direct = proxy_direct{}
-
-func (proxy_direct) Dial(network, addr string) (net.Conn, error) {
-	return net.Dial(network, addr)
-}
-
-// A PerHost directs connections to a default Dialer unless the host name
-// requested matches one of a number of exceptions.
-type proxy_PerHost struct {
-	def, bypass proxy_Dialer
-
-	bypassNetworks []*net.IPNet
-	bypassIPs      []net.IP
-	bypassZones    []string
-	bypassHosts    []string
-}
-
-// NewPerHost returns a PerHost Dialer that directs connections to either
-// defaultDialer or bypass, depending on whether the connection matches one of
-// the configured rules.
-func proxy_NewPerHost(defaultDialer, bypass proxy_Dialer) *proxy_PerHost {
-	return &proxy_PerHost{
-		def:    defaultDialer,
-		bypass: bypass,
-	}
-}
-
-// Dial connects to the address addr on the given network through either
-// defaultDialer or bypass.
-func (p *proxy_PerHost) Dial(network, addr string) (c net.Conn, err error) {
-	host, _, err := net.SplitHostPort(addr)
-	if err != nil {
-		return nil, err
-	}
-
-	return p.dialerForRequest(host).Dial(network, addr)
-}
-
-func (p *proxy_PerHost) dialerForRequest(host string) proxy_Dialer {
-	if ip := net.ParseIP(host); ip != nil {
-		for _, net := range p.bypassNetworks {
-			if net.Contains(ip) {
-				return p.bypass
-			}
-		}
-		for _, bypassIP := range p.bypassIPs {
-			if bypassIP.Equal(ip) {
-				return p.bypass
-			}
-		}
-		return p.def
-	}
-
-	for _, zone := range p.bypassZones {
-		if strings.HasSuffix(host, zone) {
-			return p.bypass
-		}
-		if host == zone[1:] {
-			// For a zone ".example.com", we match "example.com"
-			// too.
-			return p.bypass
-		}
-	}
-	for _, bypassHost := range p.bypassHosts {
-		if bypassHost == host {
-			return p.bypass
-		}
-	}
-	return p.def
-}
-
-// AddFromString parses a string that contains comma-separated values
-// specifying hosts that should use the bypass proxy. Each value is either an
-// IP address, a CIDR range, a zone (*.example.com) or a host name
-// (localhost). A best effort is made to parse the string and errors are
-// ignored.
-func (p *proxy_PerHost) AddFromString(s string) {
-	hosts := strings.Split(s, ",")
-	for _, host := range hosts {
-		host = strings.TrimSpace(host)
-		if len(host) == 0 {
-			continue
-		}
-		if strings.Contains(host, "/") {
-			// We assume that it's a CIDR address like 127.0.0.0/8
-			if _, net, err := net.ParseCIDR(host); err == nil {
-				p.AddNetwork(net)
-			}
-			continue
-		}
-		if ip := net.ParseIP(host); ip != nil {
-			p.AddIP(ip)
-			continue
-		}
-		if strings.HasPrefix(host, "*.") {
-			p.AddZone(host[1:])
-			continue
-		}
-		p.AddHost(host)
-	}
-}
-
-// AddIP specifies an IP address that will use the bypass proxy. Note that
-// this will only take effect if a literal IP address is dialed. A connection
-// to a named host will never match an IP.
-func (p *proxy_PerHost) AddIP(ip net.IP) {
-	p.bypassIPs = append(p.bypassIPs, ip)
-}
-
-// AddNetwork specifies an IP range that will use the bypass proxy. Note that
-// this will only take effect if a literal IP address is dialed. A connection
-// to a named host will never match.
-func (p *proxy_PerHost) AddNetwork(net *net.IPNet) {
-	p.bypassNetworks = append(p.bypassNetworks, net)
-}
-
-// AddZone specifies a DNS suffix that will use the bypass proxy. A zone of
-// "example.com" matches "example.com" and all of its subdomains.
-func (p *proxy_PerHost) AddZone(zone string) {
-	if strings.HasSuffix(zone, ".") {
-		zone = zone[:len(zone)-1]
-	}
-	if !strings.HasPrefix(zone, ".") {
-		zone = "." + zone
-	}
-	p.bypassZones = append(p.bypassZones, zone)
-}
-
-// AddHost specifies a host name that will use the bypass proxy.
-func (p *proxy_PerHost) AddHost(host string) {
-	if strings.HasSuffix(host, ".") {
-		host = host[:len(host)-1]
-	}
-	p.bypassHosts = append(p.bypassHosts, host)
-}
-
-// A Dialer is a means to establish a connection.
-type proxy_Dialer interface {
-	// Dial connects to the given address via the proxy.
-	Dial(network, addr string) (c net.Conn, err error)
-}
-
-// Auth contains authentication parameters that specific Dialers may require.
-type proxy_Auth struct {
-	User, Password string
-}
-
-// FromEnvironment returns the dialer specified by the proxy related variables in
-// the environment.
-func proxy_FromEnvironment() proxy_Dialer {
-	allProxy := proxy_allProxyEnv.Get()
-	if len(allProxy) == 0 {
-		return proxy_Direct
-	}
-
-	proxyURL, err := url.Parse(allProxy)
-	if err != nil {
-		return proxy_Direct
-	}
-	proxy, err := proxy_FromURL(proxyURL, proxy_Direct)
-	if err != nil {
-		return proxy_Direct
-	}
-
-	noProxy := proxy_noProxyEnv.Get()
-	if len(noProxy) == 0 {
-		return proxy
-	}
-
-	perHost := proxy_NewPerHost(proxy, proxy_Direct)
-	perHost.AddFromString(noProxy)
-	return perHost
-}
-
-// proxySchemes is a map from URL schemes to a function that creates a Dialer
-// from a URL with such a scheme.
-var proxy_proxySchemes map[string]func(*url.URL, proxy_Dialer) (proxy_Dialer, error)
-
-// RegisterDialerType takes a URL scheme and a function to generate Dialers from
-// a URL with that scheme and a forwarding Dialer. Registered schemes are used
-// by FromURL.
-func proxy_RegisterDialerType(scheme string, f func(*url.URL, proxy_Dialer) (proxy_Dialer, error)) {
-	if proxy_proxySchemes == nil {
-		proxy_proxySchemes = make(map[string]func(*url.URL, proxy_Dialer) (proxy_Dialer, error))
-	}
-	proxy_proxySchemes[scheme] = f
-}
-
-// FromURL returns a Dialer given a URL specification and an underlying
-// Dialer for it to make network requests.
-func proxy_FromURL(u *url.URL, forward proxy_Dialer) (proxy_Dialer, error) {
-	var auth *proxy_Auth
-	if u.User != nil {
-		auth = new(proxy_Auth)
-		auth.User = u.User.Username()
-		if p, ok := u.User.Password(); ok {
-			auth.Password = p
-		}
-	}
-
-	switch u.Scheme {
-	case "socks5":
-		return proxy_SOCKS5("tcp", u.Host, auth, forward)
-	}
-
-	// If the scheme doesn't match any of the built-in schemes, see if it
-	// was registered by another package.
-	if proxy_proxySchemes != nil {
-		if f, ok := proxy_proxySchemes[u.Scheme]; ok {
-			return f(u, forward)
-		}
-	}
-
-	return nil, errors.New("proxy: unknown scheme: " + u.Scheme)
-}
-
-var (
-	proxy_allProxyEnv = &proxy_envOnce{
-		names: []string{"ALL_PROXY", "all_proxy"},
-	}
-	proxy_noProxyEnv = &proxy_envOnce{
-		names: []string{"NO_PROXY", "no_proxy"},
-	}
-)
-
-// envOnce looks up an environment variable (optionally by multiple
-// names) once. It mitigates expensive lookups on some platforms
-// (e.g. Windows).
-// (Borrowed from net/http/transport.go)
-type proxy_envOnce struct {
-	names []string
-	once  sync.Once
-	val   string
-}
-
-func (e *proxy_envOnce) Get() string {
-	e.once.Do(e.init)
-	return e.val
-}
-
-func (e *proxy_envOnce) init() {
-	for _, n := range e.names {
-		e.val = os.Getenv(n)
-		if e.val != "" {
-			return
-		}
-	}
-}
-
-// SOCKS5 returns a Dialer that makes SOCKSv5 connections to the given address
-// with an optional username and password. See RFC 1928 and RFC 1929.
-func proxy_SOCKS5(network, addr string, auth *proxy_Auth, forward proxy_Dialer) (proxy_Dialer, error) {
-	s := &proxy_socks5{
-		network: network,
-		addr:    addr,
-		forward: forward,
-	}
-	if auth != nil {
-		s.user = auth.User
-		s.password = auth.Password
-	}
-
-	return s, nil
-}
-
-type proxy_socks5 struct {
-	user, password string
-	network, addr  string
-	forward        proxy_Dialer
-}
-
-const proxy_socks5Version = 5
-
-const (
-	proxy_socks5AuthNone     = 0
-	proxy_socks5AuthPassword = 2
-)
-
-const proxy_socks5Connect = 1
-
-const (
-	proxy_socks5IP4    = 1
-	proxy_socks5Domain = 3
-	proxy_socks5IP6    = 4
-)
-
-var proxy_socks5Errors = []string{
-	"",
-	"general failure",
-	"connection forbidden",
-	"network unreachable",
-	"host unreachable",
-	"connection refused",
-	"TTL expired",
-	"command not supported",
-	"address type not supported",
-}
-
-// Dial connects to the address addr on the given network via the SOCKS5 proxy.
-func (s *proxy_socks5) Dial(network, addr string) (net.Conn, error) {
-	switch network {
-	case "tcp", "tcp6", "tcp4":
-	default:
-		return nil, errors.New("proxy: no support for SOCKS5 proxy connections of type " + network)
-	}
-
-	conn, err := s.forward.Dial(s.network, s.addr)
-	if err != nil {
-		return nil, err
-	}
-	if err := s.connect(conn, addr); err != nil {
-		conn.Close()
-		return nil, err
-	}
-	return conn, nil
-}
-
-// connect takes an existing connection to a socks5 proxy server,
-// and commands the server to extend that connection to target,
-// which must be a canonical address with a host and port.
-func (s *proxy_socks5) connect(conn net.Conn, target string) error {
-	host, portStr, err := net.SplitHostPort(target)
-	if err != nil {
-		return err
-	}
-
-	port, err := strconv.Atoi(portStr)
-	if err != nil {
-		return errors.New("proxy: failed to parse port number: " + portStr)
-	}
-	if port < 1 || port > 0xffff {
-		return errors.New("proxy: port number out of range: " + portStr)
-	}
-
-	// the size here is just an estimate
-	buf := make([]byte, 0, 6+len(host))
-
-	buf = append(buf, proxy_socks5Version)
-	if len(s.user) > 0 && len(s.user) < 256 && len(s.password) < 256 {
-		buf = append(buf, 2 /* num auth methods */, proxy_socks5AuthNone, proxy_socks5AuthPassword)
-	} else {
-		buf = append(buf, 1 /* num auth methods */, proxy_socks5AuthNone)
-	}
-
-	if _, err := conn.Write(buf); err != nil {
-		return errors.New("proxy: failed to write greeting to SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-
-	if _, err := io.ReadFull(conn, buf[:2]); err != nil {
-		return errors.New("proxy: failed to read greeting from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-	if buf[0] != 5 {
-		return errors.New("proxy: SOCKS5 proxy at " + s.addr + " has unexpected version " + strconv.Itoa(int(buf[0])))
-	}
-	if buf[1] == 0xff {
-		return errors.New("proxy: SOCKS5 proxy at " + s.addr + " requires authentication")
-	}
-
-	// See RFC 1929
-	if buf[1] == proxy_socks5AuthPassword {
-		buf = buf[:0]
-		buf = append(buf, 1 /* password protocol version */)
-		buf = append(buf, uint8(len(s.user)))
-		buf = append(buf, s.user...)
-		buf = append(buf, uint8(len(s.password)))
-		buf = append(buf, s.password...)
-
-		if _, err := conn.Write(buf); err != nil {
-			return errors.New("proxy: failed to write authentication request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
-		}
-
-		if _, err := io.ReadFull(conn, buf[:2]); err != nil {
-			return errors.New("proxy: failed to read authentication reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-		}
-
-		if buf[1] != 0 {
-			return errors.New("proxy: SOCKS5 proxy at " + s.addr + " rejected username/password")
-		}
-	}
-
-	buf = buf[:0]
-	buf = append(buf, proxy_socks5Version, proxy_socks5Connect, 0 /* reserved */)
-
-	if ip := net.ParseIP(host); ip != nil {
-		if ip4 := ip.To4(); ip4 != nil {
-			buf = append(buf, proxy_socks5IP4)
-			ip = ip4
-		} else {
-			buf = append(buf, proxy_socks5IP6)
-		}
-		buf = append(buf, ip...)
-	} else {
-		if len(host) > 255 {
-			return errors.New("proxy: destination host name too long: " + host)
-		}
-		buf = append(buf, proxy_socks5Domain)
-		buf = append(buf, byte(len(host)))
-		buf = append(buf, host...)
-	}
-	buf = append(buf, byte(port>>8), byte(port))
-
-	if _, err := conn.Write(buf); err != nil {
-		return errors.New("proxy: failed to write connect request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-
-	if _, err := io.ReadFull(conn, buf[:4]); err != nil {
-		return errors.New("proxy: failed to read connect reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-
-	failure := "unknown error"
-	if int(buf[1]) < len(proxy_socks5Errors) {
-		failure = proxy_socks5Errors[buf[1]]
-	}
-
-	if len(failure) > 0 {
-		return errors.New("proxy: SOCKS5 proxy at " + s.addr + " failed to connect: " + failure)
-	}
-
-	bytesToDiscard := 0
-	switch buf[3] {
-	case proxy_socks5IP4:
-		bytesToDiscard = net.IPv4len
-	case proxy_socks5IP6:
-		bytesToDiscard = net.IPv6len
-	case proxy_socks5Domain:
-		_, err := io.ReadFull(conn, buf[:1])
-		if err != nil {
-			return errors.New("proxy: failed to read domain length from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-		}
-		bytesToDiscard = int(buf[0])
-	default:
-		return errors.New("proxy: got unknown address type " + strconv.Itoa(int(buf[3])) + " from SOCKS5 proxy at " + s.addr)
-	}
-
-	if cap(buf) < bytesToDiscard {
-		buf = make([]byte, bytesToDiscard)
-	} else {
-		buf = buf[:bytesToDiscard]
-	}
-	if _, err := io.ReadFull(conn, buf); err != nil {
-		return errors.New("proxy: failed to read address from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-
-	// Also need to discard the port number
-	if _, err := io.ReadFull(conn, buf[:2]); err != nil {
-		return errors.New("proxy: failed to read port from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-
-	return nil
-}
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/errors.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/errors.go
index 41cd4f5030..bbe7decf09 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/errors.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/errors.go
@@ -148,22 +148,20 @@ func DefaultHTTPErrorHandler(ctx context.Context, mux *ServeMux, marshaler Marsh
 	}
 
 	md, ok := ServerMetadataFromContext(ctx)
-	if !ok {
-		grpclog.Error("Failed to extract ServerMetadata from context")
-	}
-
-	handleForwardResponseServerMetadata(w, mux, md)
-
-	// RFC 7230 https://tools.ietf.org/html/rfc7230#section-4.1.2
-	// Unless the request includes a TE header field indicating "trailers"
-	// is acceptable, as described in Section 4.3, a server SHOULD NOT
-	// generate trailer fields that it believes are necessary for the user
-	// agent to receive.
-	doForwardTrailers := requestAcceptsTrailers(r)
-
-	if doForwardTrailers {
-		handleForwardResponseTrailerHeader(w, mux, md)
-		w.Header().Set("Transfer-Encoding", "chunked")
+	if ok {
+		handleForwardResponseServerMetadata(w, mux, md)
+
+		// RFC 7230 https://tools.ietf.org/html/rfc7230#section-4.1.2
+		// Unless the request includes a TE header field indicating "trailers"
+		// is acceptable, as described in Section 4.3, a server SHOULD NOT
+		// generate trailer fields that it believes are necessary for the user
+		// agent to receive.
+		doForwardTrailers := requestAcceptsTrailers(r)
+
+		if doForwardTrailers {
+			handleForwardResponseTrailerHeader(w, mux, md)
+			w.Header().Set("Transfer-Encoding", "chunked")
+		}
 	}
 
 	st := HTTPStatusFromCode(s.Code())
@@ -176,7 +174,7 @@ func DefaultHTTPErrorHandler(ctx context.Context, mux *ServeMux, marshaler Marsh
 		grpclog.Errorf("Failed to write response: %v", err)
 	}
 
-	if doForwardTrailers {
+	if ok && requestAcceptsTrailers(r) {
 		handleForwardResponseTrailer(w, mux, md)
 	}
 }
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/handler.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/handler.go
index f0727cf7c0..2f0b9e9e0f 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/handler.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/handler.go
@@ -153,12 +153,10 @@ type responseBody interface {
 // ForwardResponseMessage forwards the message "resp" from gRPC server to REST client.
 func ForwardResponseMessage(ctx context.Context, mux *ServeMux, marshaler Marshaler, w http.ResponseWriter, req *http.Request, resp proto.Message, opts ...func(context.Context, http.ResponseWriter, proto.Message) error) {
 	md, ok := ServerMetadataFromContext(ctx)
-	if !ok {
-		grpclog.Error("Failed to extract ServerMetadata from context")
+	if ok {
+		handleForwardResponseServerMetadata(w, mux, md)
 	}
 
-	handleForwardResponseServerMetadata(w, mux, md)
-
 	// RFC 7230 https://tools.ietf.org/html/rfc7230#section-4.1.2
 	// Unless the request includes a TE header field indicating "trailers"
 	// is acceptable, as described in Section 4.3, a server SHOULD NOT
@@ -166,7 +164,7 @@ func ForwardResponseMessage(ctx context.Context, mux *ServeMux, marshaler Marsha
 	// agent to receive.
 	doForwardTrailers := requestAcceptsTrailers(req)
 
-	if doForwardTrailers {
+	if ok && doForwardTrailers {
 		handleForwardResponseTrailerHeader(w, mux, md)
 		w.Header().Set("Transfer-Encoding", "chunked")
 	}
@@ -204,7 +202,7 @@ func ForwardResponseMessage(ctx context.Context, mux *ServeMux, marshaler Marsha
 		grpclog.Errorf("Failed to write response: %v", err)
 	}
 
-	if doForwardTrailers {
+	if ok && doForwardTrailers {
 		handleForwardResponseTrailer(w, mux, md)
 	}
 }
diff --git a/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/LICENSE b/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/LICENSE
index e87a115e46..7c5baa45e1 100644
--- a/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/LICENSE
+++ b/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/LICENSE
@@ -1,3 +1,5 @@
+Copyright (c) 2020 HashiCorp, Inc.
+
 Mozilla Public License, version 2.0
 
 1. Definitions
diff --git a/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/normalize.go b/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/normalize.go
new file mode 100644
index 0000000000..879bcfca4f
--- /dev/null
+++ b/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/normalize.go
@@ -0,0 +1,121 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package parseutil
+
+import (
+	"fmt"
+	"net"
+	"net/url"
+	"strings"
+)
+
+// general delimiters as defined in RFC-3986 §2.2
+// See: https://www.rfc-editor.org/rfc/rfc3986#section-2.2
+const genDelims = ":/?#[]@"
+
+func normalizeHostPort(host string, port string) (string, error) {
+	if host == "" {
+		return "", fmt.Errorf("empty hostname")
+	}
+	if ip := net.ParseIP(host); ip != nil {
+		if ip.To4() == nil && ip.To16() != nil && port == "" {
+			// this is a unique case, host is ipv6 and requires brackets due to
+			// being part of a url, but they won't be added by net.JoinHostPort
+			// as there is no port
+			// See: https://www.rfc-editor.org/rfc/rfc3986#section-3.2.2
+			return "[" + ip.String() + "]", nil
+		}
+		host = ip.String()
+	} else if strings.Contains(host, ":") {
+		// host is an invalid ipv6 literal.
+		// hosts cannot contain certain reserved characters, including ":"
+		// See: https://www.rfc-editor.org/rfc/rfc3986#section-2.2,
+		//      https://www.rfc-editor.org/rfc/rfc3986#section-3.2.2
+		return "", fmt.Errorf("host contains an invalid IPv6 literal")
+	}
+	if port == "" {
+		return host, nil
+	}
+	return net.JoinHostPort(host, port), nil
+}
+
+func parseUrl(addr string) (string, error) {
+	if u, err := url.Parse(addr); err == nil {
+		if strings.HasSuffix(u.Host, ":") {
+			return "", fmt.Errorf("url has malformed host: missing port value after colon")
+		}
+		if u.Host, err = normalizeHostPort(u.Hostname(), u.Port()); err != nil {
+			return "", err
+		}
+		return u.String(), nil
+	}
+	return "", fmt.Errorf("failed to parse address")
+}
+
+// NormalizeAddr takes an address as a string and returns a normalized copy.
+// If the address is a URL, IP Address, or host:port address that includes an
+// IPv6 address, the normalized copy will be conformant with RFC-5952 §4. If
+// the address cannot be parsed, an error will be returned.
+//
+// There are two valid formats:
+//
+// - hosts: "host"
+//   - may be any of: IPv6 literal, IPv4 literal, dns name, or [sub]domain name
+//   - IPv6 literals cannot be encapsulated within square brackets in this format
+//
+// - URIs: "[scheme://] [user@] host [:port] [/path] [?query] [#frag]"
+//   - format should conform with RFC-3986 §3 or else the returned address may
+//     be parsed and formatted incorrectly
+//   - hosts containing IPv6 literals MUST be encapsulated within square brackets,
+//     as defined in RFC-3986 §3.2.2 and RFC-5952 §6
+//   - all non-host components are optional
+//
+// See:
+//   - https://www.rfc-editor.org/rfc/rfc5952
+//   - https://www.rfc-editor.org/rfc/rfc3986
+func NormalizeAddr(address string) (string, error) {
+	if address == "" {
+		return "", fmt.Errorf("empty address")
+	}
+
+	if strings.HasPrefix(address, "[") && strings.HasSuffix(address, "]") {
+		return "", fmt.Errorf("address cannot be encapsulated by brackets")
+	}
+
+	if ip := net.ParseIP(address); ip != nil {
+		return ip.String(), nil
+	}
+
+	// if the provided address does not have a scheme provided, attempt to
+	// provide one and re-parse the result. this is done by looking for the
+	// first general delimiter and checking if it exists or if it's not a colon
+	// or by subsequently checking if the first character of the address is a
+	// letter or a colon or if the colon is part of "://"
+	// See: https://www.rfc-editor.org/rfc/rfc3986#section-3
+	//
+	// though the first character being a colon is not mentioned in the scheme
+	// spec, we check for it as url.Parse will read certain invalid ipv6
+	// addresses as valid urls, and we want to avoid that
+	idx := strings.IndexAny(address, genDelims)
+	switch {
+	case idx < 0:
+		fallthrough
+	case address[idx] != ':':
+		fallthrough
+		// by this point we already know that idx > 0 and that address[idx] == ':'
+	case idx > 1 && !strings.HasPrefix(address[idx:], "://"):
+		const scheme = "default://"
+		// attempt to parse it as a url. we only want to try this func when we
+		// know for sure it has a scheme, since it will parse ANYTHING, but
+		// just put it into u.Path when called without the scheme
+		u, err := parseUrl(scheme + address)
+		if err != nil {
+			return "", err
+		}
+		return strings.TrimPrefix(u, scheme), nil
+
+	default:
+		return parseUrl(address)
+	}
+}
diff --git a/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/parsepath.go b/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/parsepath.go
index d59ecbb2b7..46ccbe773e 100644
--- a/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/parsepath.go
+++ b/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/parsepath.go
@@ -1,3 +1,6 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
 package parseutil
 
 import (
@@ -14,6 +17,15 @@ var (
 	ErrNotParsed = errors.New("not a parsed value")
 )
 
+type options struct {
+	errorOnMissingEnv bool
+	noTrimSpaces      bool
+}
+
+type option func() optionFunc
+
+type optionFunc func(*options)
+
 // ParsePath parses a URL with schemes file://, env://, or any other. Depending
 // on the scheme it will return specific types of data:
 //
@@ -31,31 +43,60 @@ var (
 // step that errored or something else (such as a file not found). This is
 // useful to attempt to read a non-URL string from some resource, but where the
 // original input may simply be a valid string of that type.
-func ParsePath(path string) (string, error) {
-	return parsePath(path, false)
+func ParsePath(path string, options ...option) (string, error) {
+	return parsePath(path, false, options)
 }
 
 // MustParsePath behaves like ParsePath but will return ErrNotAUrl if the value
 // is not a URL with a scheme that can be parsed by this function.
-func MustParsePath(path string) (string, error) {
-	return parsePath(path, true)
+func MustParsePath(path string, options ...option) (string, error) {
+	return parsePath(path, true, options)
 }
 
-func parsePath(path string, mustParse bool) (string, error) {
-	path = strings.TrimSpace(path)
-	parsed, err := url.Parse(path)
+func parsePath(path string, mustParse bool, passedOptions []option) (string, error) {
+	var opts options
+	for _, o := range passedOptions {
+		of := o()
+		of(&opts)
+	}
+
+	trimmedPath := strings.TrimSpace(path)
+	parsed, err := url.Parse(trimmedPath)
 	if err != nil {
-		return path, fmt.Errorf("error parsing url (%q): %w", err.Error(), ErrNotAUrl)
+		err = fmt.Errorf("error parsing url (%q): %w", err.Error(), ErrNotAUrl)
+		if opts.noTrimSpaces {
+			return path, err
+		}
+		return trimmedPath, err
 	}
 	switch parsed.Scheme {
 	case "file":
-		contents, err := ioutil.ReadFile(strings.TrimPrefix(path, "file://"))
+		contents, err := ioutil.ReadFile(strings.TrimPrefix(trimmedPath, "file://"))
 		if err != nil {
-			return path, fmt.Errorf("error reading file at %s: %w", path, err)
+			return trimmedPath, fmt.Errorf("error reading file at %s: %w", trimmedPath, err)
+		}
+		if opts.noTrimSpaces {
+			return string(contents), nil
 		}
 		return strings.TrimSpace(string(contents)), nil
 	case "env":
-		return strings.TrimSpace(os.Getenv(strings.TrimPrefix(path, "env://"))), nil
+		envKey := strings.TrimPrefix(trimmedPath, "env://")
+		envVal, ok := os.LookupEnv(envKey)
+		if opts.errorOnMissingEnv && !ok {
+			return "", fmt.Errorf("environment variable %s unset", envKey)
+		}
+		if opts.noTrimSpaces {
+			return envVal, nil
+		}
+		return strings.TrimSpace(envVal), nil
+	case "string":
+		// Meant if there is a need to provide a string literal that is prefixed by one of these URL schemes but want to "escape" it,
+		// e.g. "string://env://foo", in order to get the value "env://foo"
+		val := strings.TrimPrefix(trimmedPath, "string://")
+		if opts.noTrimSpaces {
+			return val, nil
+		}
+		return strings.TrimSpace(val), nil
 	default:
 		if mustParse {
 			return "", ErrNotParsed
@@ -63,3 +104,21 @@ func parsePath(path string, mustParse bool) (string, error) {
 		return path, nil
 	}
 }
+
+// When true, values returned from ParsePath won't have leading/trailing spaces trimmed.
+func WithNoTrimSpaces(noTrim bool) option {
+	return func() optionFunc {
+		return optionFunc(func(o *options) {
+			o.noTrimSpaces = noTrim
+		})
+	}
+}
+
+// When true, if an environment variable is unset, an error will be returned rather than the empty string.
+func WithErrorOnMissingEnv(errorOnMissingEnv bool) option {
+	return func() optionFunc {
+		return optionFunc(func(o *options) {
+			o.errorOnMissingEnv = errorOnMissingEnv
+		})
+	}
+}
diff --git a/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/parseutil.go b/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/parseutil.go
index e469499bdc..815c993b86 100644
--- a/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/parseutil.go
+++ b/vendor/github.com/hashicorp/go-secure-stdlib/parseutil/parseutil.go
@@ -1,3 +1,6 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
 package parseutil
 
 import (
@@ -15,7 +18,10 @@ import (
 	"github.com/mitchellh/mapstructure"
 )
 
-var validCapacityString = regexp.MustCompile("^[\t ]*([0-9]+)[\t ]?([kmgtKMGT][iI]?[bB])?[\t ]*$")
+var (
+	validCapacityString               = regexp.MustCompile("^[\t ]*([0-9]+)[\t ]?([kmgtKMGT][iI]?[bB])?[\t ]*$")
+	ErrDurationMultiplicationOverflow = errors.New("multiplication of durations resulted in overflow, one operand may be too large")
+)
 
 // ParseCapacityString parses a capacity string and returns the number of bytes it represents.
 // Capacity strings are things like 5gib or 10MB. Supported prefixes are kb, kib, mb, mib, gb,
@@ -102,6 +108,7 @@ func ParseDurationSecond(in interface{}) (time.Duration, error) {
 	if ok {
 		in = jsonIn.String()
 	}
+	var err error
 	switch inp := in.(type) {
 	case nil:
 		// return default of zero
@@ -111,7 +118,7 @@ func ParseDurationSecond(in interface{}) (time.Duration, error) {
 		}
 
 		if v, err := strconv.ParseInt(inp, 10, 64); err == nil {
-			return time.Duration(v) * time.Second, nil
+			return overflowMul(time.Duration(v), time.Second)
 		}
 
 		if strings.HasSuffix(inp, "d") {
@@ -119,7 +126,7 @@ func ParseDurationSecond(in interface{}) (time.Duration, error) {
 			if err != nil {
 				return dur, err
 			}
-			return time.Duration(v) * 24 * time.Hour, nil
+			return overflowMul(time.Duration(v), 24*time.Hour)
 		}
 
 		var err error
@@ -127,28 +134,39 @@ func ParseDurationSecond(in interface{}) (time.Duration, error) {
 			return dur, err
 		}
 	case int:
-		dur = time.Duration(inp) * time.Second
+		dur, err = overflowMul(time.Duration(inp), time.Second)
 	case int32:
-		dur = time.Duration(inp) * time.Second
+		dur, err = overflowMul(time.Duration(inp), time.Second)
 	case int64:
-		dur = time.Duration(inp) * time.Second
+		dur, err = overflowMul(time.Duration(inp), time.Second)
 	case uint:
-		dur = time.Duration(inp) * time.Second
+		dur, err = overflowMul(time.Duration(inp), time.Second)
 	case uint32:
-		dur = time.Duration(inp) * time.Second
+		dur, err = overflowMul(time.Duration(inp), time.Second)
 	case uint64:
-		dur = time.Duration(inp) * time.Second
+		dur, err = overflowMul(time.Duration(inp), time.Second)
 	case float32:
-		dur = time.Duration(inp) * time.Second
+		dur, err = overflowMul(time.Duration(inp), time.Second)
 	case float64:
-		dur = time.Duration(inp) * time.Second
+		dur, err = overflowMul(time.Duration(inp), time.Second)
 	case time.Duration:
 		dur = inp
 	default:
 		return 0, errors.New("could not parse duration from input")
 	}
+	if err != nil {
+		dur = time.Duration(0)
+	}
+	return dur, err
+}
 
-	return dur, nil
+// Multiplication of durations could overflow, this performs multiplication while erroring out if an overflow occurs
+func overflowMul(a time.Duration, b time.Duration) (time.Duration, error) {
+	x := a * b
+	if a != 0 && x/a != b {
+		return time.Duration(0), ErrDurationMultiplicationOverflow
+	}
+	return x, nil
 }
 
 // Parse an absolute timestamp from the provided arbitrary value (string or
diff --git a/vendor/github.com/hashicorp/go-sockaddr/README.md b/vendor/github.com/hashicorp/go-sockaddr/README.md
index a2e170ae09..3046031b63 100644
--- a/vendor/github.com/hashicorp/go-sockaddr/README.md
+++ b/vendor/github.com/hashicorp/go-sockaddr/README.md
@@ -68,7 +68,7 @@ the
 run:
 
 ```text
-$ go get -u github.com/hashicorp/go-sockaddr/cmd/sockaddr
+$ go install github.com/hashicorp/go-sockaddr/cmd/sockaddr@latest
 ```
 
 If you're familiar with UNIX's `sockaddr` struct's, the following diagram
diff --git a/vendor/github.com/hashicorp/go-sockaddr/route_info.go b/vendor/github.com/hashicorp/go-sockaddr/route_info.go
index 2a3ee1db9e..601a2b5838 100644
--- a/vendor/github.com/hashicorp/go-sockaddr/route_info.go
+++ b/vendor/github.com/hashicorp/go-sockaddr/route_info.go
@@ -1,5 +1,12 @@
 package sockaddr
 
+import "errors"
+
+var (
+	ErrNoInterface = errors.New("No default interface found (unsupported platform)")
+	ErrNoRoute     = errors.New("no route info found (unsupported platform)")
+)
+
 // RouteInterface specifies an interface for obtaining memoized route table and
 // network information from a given OS.
 type RouteInterface interface {
@@ -9,6 +16,10 @@ type RouteInterface interface {
 	GetDefaultInterfaceName() (string, error)
 }
 
+type routeInfo struct {
+	cmds map[string][]string
+}
+
 // VisitCommands visits each command used by the platform-specific RouteInfo
 // implementation.
 func (ri routeInfo) VisitCommands(fn func(name string, cmd []string)) {
diff --git a/vendor/github.com/hashicorp/go-sockaddr/route_info_aix.go b/vendor/github.com/hashicorp/go-sockaddr/route_info_aix.go
new file mode 100644
index 0000000000..4e23d9d4c6
--- /dev/null
+++ b/vendor/github.com/hashicorp/go-sockaddr/route_info_aix.go
@@ -0,0 +1,35 @@
+//go:build aix
+
+package sockaddr
+
+import (
+	"errors"
+	"os/exec"
+)
+
+var cmds map[string][]string = map[string][]string{
+	"route": {"/usr/sbin/route", "-n", "get", "default"},
+}
+
+// NewRouteInfo returns a BSD-specific implementation of the RouteInfo
+// interface.
+func NewRouteInfo() (routeInfo, error) {
+	return routeInfo{
+		cmds: cmds,
+	}, nil
+}
+
+// GetDefaultInterfaceName returns the interface name attached to the default
+// route on the default interface.
+func (ri routeInfo) GetDefaultInterfaceName() (string, error) {
+	out, err := exec.Command(cmds["route"][0], cmds["route"][1:]...).Output()
+	if err != nil {
+		return "", err
+	}
+
+	var ifName string
+	if ifName, err = parseDefaultIfNameFromRoute(string(out)); err != nil {
+		return "", errors.New("No default interface found")
+	}
+	return ifName, nil
+}
diff --git a/vendor/github.com/hashicorp/go-sockaddr/route_info_android.go b/vendor/github.com/hashicorp/go-sockaddr/route_info_android.go
index 9885915a6b..059ddaebf6 100644
--- a/vendor/github.com/hashicorp/go-sockaddr/route_info_android.go
+++ b/vendor/github.com/hashicorp/go-sockaddr/route_info_android.go
@@ -1,3 +1,5 @@
+//go:build android
+
 package sockaddr
 
 import (
@@ -5,10 +7,6 @@ import (
 	"os/exec"
 )
 
-type routeInfo struct {
-	cmds map[string][]string
-}
-
 // NewRouteInfo returns a Android-specific implementation of the RouteInfo
 // interface.
 func NewRouteInfo() (routeInfo, error) {
diff --git a/vendor/github.com/hashicorp/go-sockaddr/route_info_bsd.go b/vendor/github.com/hashicorp/go-sockaddr/route_info_bsd.go
index 705757abc7..f5e548ac70 100644
--- a/vendor/github.com/hashicorp/go-sockaddr/route_info_bsd.go
+++ b/vendor/github.com/hashicorp/go-sockaddr/route_info_bsd.go
@@ -1,17 +1,14 @@
+//go:build darwin || dragonfly || freebsd || netbsd || openbsd
 // +build darwin dragonfly freebsd netbsd openbsd
 
 package sockaddr
 
 import "os/exec"
 
-var cmds map[string][]string = map[string][]string{
+var cmds = map[string][]string{
 	"route": {"/sbin/route", "-n", "get", "default"},
 }
 
-type routeInfo struct {
-	cmds map[string][]string
-}
-
 // NewRouteInfo returns a BSD-specific implementation of the RouteInfo
 // interface.
 func NewRouteInfo() (routeInfo, error) {
diff --git a/vendor/github.com/hashicorp/go-sockaddr/route_info_default.go b/vendor/github.com/hashicorp/go-sockaddr/route_info_default.go
index d1b009f653..db0052fa8f 100644
--- a/vendor/github.com/hashicorp/go-sockaddr/route_info_default.go
+++ b/vendor/github.com/hashicorp/go-sockaddr/route_info_default.go
@@ -1,10 +1,19 @@
-// +build android nacl plan9
+//go:build nacl || plan9 || js
+// +build nacl plan9 js
 
 package sockaddr
 
-import "errors"
-
 // getDefaultIfName is the default interface function for unsupported platforms.
 func getDefaultIfName() (string, error) {
-	return "", errors.New("No default interface found (unsupported platform)")
+	return "", ErrNoInterface
+}
+
+func NewRouteInfo() (routeInfo, error) {
+	return routeInfo{}, ErrNoRoute
+}
+
+// GetDefaultInterfaceName returns the interface name attached to the default
+// route on the default interface.
+func (ri routeInfo) GetDefaultInterfaceName() (string, error) {
+	return "", ErrNoInterface
 }
diff --git a/vendor/github.com/hashicorp/go-sockaddr/route_info_linux.go b/vendor/github.com/hashicorp/go-sockaddr/route_info_linux.go
index b62ce6ecb2..cc5f68d0c8 100644
--- a/vendor/github.com/hashicorp/go-sockaddr/route_info_linux.go
+++ b/vendor/github.com/hashicorp/go-sockaddr/route_info_linux.go
@@ -1,3 +1,4 @@
+//go:build !android
 // +build !android
 
 package sockaddr
@@ -7,10 +8,6 @@ import (
 	"os/exec"
 )
 
-type routeInfo struct {
-	cmds map[string][]string
-}
-
 // NewRouteInfo returns a Linux-specific implementation of the RouteInfo
 // interface.
 func NewRouteInfo() (routeInfo, error) {
diff --git a/vendor/github.com/hashicorp/go-sockaddr/route_info_solaris.go b/vendor/github.com/hashicorp/go-sockaddr/route_info_solaris.go
index ee8e7984d7..1354a73b68 100644
--- a/vendor/github.com/hashicorp/go-sockaddr/route_info_solaris.go
+++ b/vendor/github.com/hashicorp/go-sockaddr/route_info_solaris.go
@@ -1,3 +1,5 @@
+//go:build solaris
+
 package sockaddr
 
 import (
@@ -9,10 +11,6 @@ var cmds map[string][]string = map[string][]string{
 	"route": {"/usr/sbin/route", "-n", "get", "default"},
 }
 
-type routeInfo struct {
-	cmds map[string][]string
-}
-
 // NewRouteInfo returns a BSD-specific implementation of the RouteInfo
 // interface.
 func NewRouteInfo() (routeInfo, error) {
diff --git a/vendor/github.com/hashicorp/go-sockaddr/route_info_windows.go b/vendor/github.com/hashicorp/go-sockaddr/route_info_windows.go
index 087fad95e0..ed9bd0a386 100644
--- a/vendor/github.com/hashicorp/go-sockaddr/route_info_windows.go
+++ b/vendor/github.com/hashicorp/go-sockaddr/route_info_windows.go
@@ -13,10 +13,6 @@ var cmds map[string][]string = map[string][]string{
 	"ipconfig": {"ipconfig"},
 }
 
-type routeInfo struct {
-	cmds map[string][]string
-}
-
 // NewRouteInfo returns a BSD-specific implementation of the RouteInfo
 // interface.
 func NewRouteInfo() (routeInfo, error) {
diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/version.go b/vendor/github.com/opencontainers/image-spec/specs-go/version.go
index 7069ae44d7..c3897c7ca0 100644
--- a/vendor/github.com/opencontainers/image-spec/specs-go/version.go
+++ b/vendor/github.com/opencontainers/image-spec/specs-go/version.go
@@ -22,7 +22,7 @@ const (
 	// VersionMinor is for functionality in a backwards-compatible manner
 	VersionMinor = 1
 	// VersionPatch is for backwards-compatible bug fixes
-	VersionPatch = 0
+	VersionPatch = 1
 
 	// VersionDev indicates development branch. Releases will be empty string.
 	VersionDev = ""
diff --git a/vendor/github.com/pelletier/go-toml/v2/.goreleaser.yaml b/vendor/github.com/pelletier/go-toml/v2/.goreleaser.yaml
index ec52857a3e..47f0f59142 100644
--- a/vendor/github.com/pelletier/go-toml/v2/.goreleaser.yaml
+++ b/vendor/github.com/pelletier/go-toml/v2/.goreleaser.yaml
@@ -113,7 +113,7 @@ dockers:
 checksum:
   name_template: 'sha256sums.txt'
 snapshot:
-  name_template: "{{ incpatch .Version }}-next"
+  version_template: "{{ incpatch .Version }}-next"
 release:
   github:
     owner: pelletier
diff --git a/vendor/github.com/pelletier/go-toml/v2/unmarshaler.go b/vendor/github.com/pelletier/go-toml/v2/unmarshaler.go
index c3df8bee1c..189be525e1 100644
--- a/vendor/github.com/pelletier/go-toml/v2/unmarshaler.go
+++ b/vendor/github.com/pelletier/go-toml/v2/unmarshaler.go
@@ -59,7 +59,7 @@ func (d *Decoder) DisallowUnknownFields() *Decoder {
 //
 // With this feature enabled, types implementing the unstable/Unmarshaler
 // interface can be decoded from any structure of the document. It allows types
-// that don't have a straightfoward TOML representation to provide their own
+// that don't have a straightforward TOML representation to provide their own
 // decoding logic.
 //
 // Currently, types can only decode from a single value. Tables and array tables
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/collectorfunc.go b/vendor/github.com/prometheus/client_golang/prometheus/collectorfunc.go
new file mode 100644
index 0000000000..9a71a15db1
--- /dev/null
+++ b/vendor/github.com/prometheus/client_golang/prometheus/collectorfunc.go
@@ -0,0 +1,30 @@
+// Copyright 2025 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package prometheus
+
+// CollectorFunc is a convenient way to implement a Prometheus Collector
+// without interface boilerplate.
+// This implementation is based on DescribeByCollect method.
+// familiarize yourself to it before using.
+type CollectorFunc func(chan<- Metric)
+
+// Collect calls the defined CollectorFunc function with the provided Metrics channel
+func (f CollectorFunc) Collect(ch chan<- Metric) {
+	f(ch)
+}
+
+// Describe sends the descriptor information using DescribeByCollect
+func (f CollectorFunc) Describe(ch chan<- *Desc) {
+	DescribeByCollect(f, ch)
+}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
index 28eed26727..763d99e362 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
@@ -41,11 +41,11 @@ import (
 	"sync"
 	"time"
 
-	"github.com/klauspost/compress/zstd"
 	"github.com/prometheus/common/expfmt"
 
 	"github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil"
 	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/promhttp/internal"
 )
 
 const (
@@ -65,7 +65,13 @@ const (
 	Zstd     Compression = "zstd"
 )
 
-var defaultCompressionFormats = []Compression{Identity, Gzip, Zstd}
+func defaultCompressionFormats() []Compression {
+	if internal.NewZstdWriter != nil {
+		return []Compression{Identity, Gzip, Zstd}
+	} else {
+		return []Compression{Identity, Gzip}
+	}
+}
 
 var gzipPool = sync.Pool{
 	New: func() interface{} {
@@ -138,7 +144,7 @@ func HandlerForTransactional(reg prometheus.TransactionalGatherer, opts HandlerO
 	// Select compression formats to offer based on default or user choice.
 	var compressions []string
 	if !opts.DisableCompression {
-		offers := defaultCompressionFormats
+		offers := defaultCompressionFormats()
 		if len(opts.OfferedCompressions) > 0 {
 			offers = opts.OfferedCompressions
 		}
@@ -466,14 +472,12 @@ func negotiateEncodingWriter(r *http.Request, rw io.Writer, compressions []strin
 
 	switch selected {
 	case "zstd":
-		// TODO(mrueg): Replace klauspost/compress with stdlib implementation once https://github.com/golang/go/issues/62513 is implemented.
-		z, err := zstd.NewWriter(rw, zstd.WithEncoderLevel(zstd.SpeedFastest))
-		if err != nil {
-			return nil, "", func() {}, err
+		if internal.NewZstdWriter == nil {
+			// The content encoding was not implemented yet.
+			return nil, "", func() {}, fmt.Errorf("content compression format not recognized: %s. Valid formats are: %s", selected, defaultCompressionFormats())
 		}
-
-		z.Reset(rw)
-		return z, selected, func() { _ = z.Close() }, nil
+		writer, closeWriter, err := internal.NewZstdWriter(rw)
+		return writer, selected, closeWriter, err
 	case "gzip":
 		gz := gzipPool.Get().(*gzip.Writer)
 		gz.Reset(rw)
@@ -483,6 +487,6 @@ func negotiateEncodingWriter(r *http.Request, rw io.Writer, compressions []strin
 		return rw, selected, func() {}, nil
 	default:
 		// The content encoding was not implemented yet.
-		return nil, "", func() {}, fmt.Errorf("content compression format not recognized: %s. Valid formats are: %s", selected, defaultCompressionFormats)
+		return nil, "", func() {}, fmt.Errorf("content compression format not recognized: %s. Valid formats are: %s", selected, defaultCompressionFormats())
 	}
 }
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/internal/compression.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/internal/compression.go
new file mode 100644
index 0000000000..c5039590f7
--- /dev/null
+++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/internal/compression.go
@@ -0,0 +1,21 @@
+// Copyright 2025 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package internal
+
+import (
+	"io"
+)
+
+// NewZstdWriter enables zstd write support if non-nil.
+var NewZstdWriter func(rw io.Writer) (_ io.Writer, closeWriter func(), _ error)
diff --git a/vendor/github.com/prometheus/common/model/alert.go b/vendor/github.com/prometheus/common/model/alert.go
index bd3a39e3e1..460f554f29 100644
--- a/vendor/github.com/prometheus/common/model/alert.go
+++ b/vendor/github.com/prometheus/common/model/alert.go
@@ -65,7 +65,7 @@ func (a *Alert) Resolved() bool {
 	return a.ResolvedAt(time.Now())
 }
 
-// ResolvedAt returns true off the activity interval ended before
+// ResolvedAt returns true iff the activity interval ended before
 // the given timestamp.
 func (a *Alert) ResolvedAt(ts time.Time) bool {
 	if a.EndsAt.IsZero() {
diff --git a/vendor/github.com/prometheus/common/model/labels.go b/vendor/github.com/prometheus/common/model/labels.go
index 73b7aa3e60..f4a387605f 100644
--- a/vendor/github.com/prometheus/common/model/labels.go
+++ b/vendor/github.com/prometheus/common/model/labels.go
@@ -22,7 +22,7 @@ import (
 )
 
 const (
-	// AlertNameLabel is the name of the label containing the an alert's name.
+	// AlertNameLabel is the name of the label containing the alert's name.
 	AlertNameLabel = "alertname"
 
 	// ExportedLabelPrefix is the prefix to prepend to the label names present in
diff --git a/vendor/github.com/prometheus/common/model/metric.go b/vendor/github.com/prometheus/common/model/metric.go
index 5766107cf9..a6b01755bd 100644
--- a/vendor/github.com/prometheus/common/model/metric.go
+++ b/vendor/github.com/prometheus/common/model/metric.go
@@ -27,13 +27,25 @@ import (
 )
 
 var (
-	// NameValidationScheme determines the method of name validation to be used by
-	// all calls to IsValidMetricName() and LabelName IsValid(). Setting UTF-8
-	// mode in isolation from other components that don't support UTF-8 may result
-	// in bugs or other undefined behavior. This value can be set to
-	// LegacyValidation during startup if a binary is not UTF-8-aware binaries. To
-	// avoid need for locking, this value should be set once, ideally in an
-	// init(), before multiple goroutines are started.
+	// NameValidationScheme determines the global default method of the name
+	// validation to be used by all calls to IsValidMetricName() and LabelName
+	// IsValid().
+	//
+	// Deprecated: This variable should not be used and might be removed in the
+	// far future. If you wish to stick to the legacy name validation use
+	// `IsValidLegacyMetricName()` and `LabelName.IsValidLegacy()` methods
+	// instead. This variable is here as an escape hatch for emergency cases,
+	// given the recent change from `LegacyValidation` to `UTF8Validation`, e.g.,
+	// to delay UTF-8 migrations in time or aid in debugging unforeseen results of
+	// the change. In such a case, a temporary assignment to `LegacyValidation`
+	// value in the `init()` function in your main.go or so, could be considered.
+	//
+	// Historically we opted for a global variable for feature gating different
+	// validation schemes in operations that were not otherwise easily adjustable
+	// (e.g. Labels yaml unmarshaling). That could have been a mistake, a separate
+	// Labels structure or package might have been a better choice. Given the
+	// change was made and many upgraded the common already, we live this as-is
+	// with this warning and learning for the future.
 	NameValidationScheme = UTF8Validation
 
 	// NameEscapingScheme defines the default way that names will be escaped when
@@ -50,7 +62,7 @@ var (
 type ValidationScheme int
 
 const (
-	// LegacyValidation is a setting that requirets that metric and label names
+	// LegacyValidation is a setting that requires that all metric and label names
 	// conform to the original Prometheus character requirements described by
 	// MetricNameRE and LabelNameRE.
 	LegacyValidation ValidationScheme = iota
diff --git a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/annotations.go b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/annotations.go
index d5174c2a0d..5da30a3c91 100644
--- a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/annotations.go
+++ b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/annotations.go
@@ -19,9 +19,8 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/spf13/cobra"
-
 	sigs "github.com/sigstore/cosign/v2/pkg/signature"
+	"github.com/spf13/cobra"
 )
 
 // AnnotationOptions is the top level wrapper for the annotations.
diff --git a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/attach.go b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/attach.go
index 06f562c7f3..4e51d527f0 100644
--- a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/attach.go
+++ b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/attach.go
@@ -20,9 +20,8 @@ import (
 	"strings"
 
 	"github.com/google/go-containerregistry/pkg/v1/types"
-	"github.com/spf13/cobra"
-
 	ctypes "github.com/sigstore/cosign/v2/pkg/types"
+	"github.com/spf13/cobra"
 )
 
 // AttachSignatureOptions is the top level wrapper for the attach signature command.
diff --git a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/attest.go b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/attest.go
index e852c4c12e..7b67e4ee56 100644
--- a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/attest.go
+++ b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/attest.go
@@ -27,7 +27,6 @@ type AttestOptions struct {
 	Cert                    string
 	CertChain               string
 	NoUpload                bool
-	Recursive               bool
 	Replace                 bool
 	SkipConfirmation        bool
 	TlogUpload              bool
@@ -75,11 +74,7 @@ func (o *AttestOptions) AddFlags(cmd *cobra.Command) {
 	_ = cmd.MarkFlagFilename("certificate-chain", certificateExts...)
 
 	cmd.Flags().BoolVar(&o.NoUpload, "no-upload", false,
-		"do not upload the generated attestation")
-
-	cmd.Flags().BoolVarP(&o.Recursive, "recursive", "r", false,
-		"if a multi-arch image is specified, additionally sign each discrete image")
-
+		"do not upload the generated attestation, but send the attestation output to STDOUT")
 	cmd.Flags().BoolVarP(&o.Replace, "replace", "", false,
 		"")
 
diff --git a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/files.go b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/files.go
index 1d3bde17c2..5d3d185f1e 100644
--- a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/files.go
+++ b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/files.go
@@ -19,9 +19,8 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/spf13/cobra"
-
 	cremote "github.com/sigstore/cosign/v2/pkg/cosign/remote"
+	"github.com/spf13/cobra"
 )
 
 // FilesOptions is the wrapper for the files.
diff --git a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/key.go b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/key.go
index 634911fdb5..2cae8d5cdb 100644
--- a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/key.go
+++ b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/key.go
@@ -15,7 +15,10 @@
 
 package options
 
-import "github.com/sigstore/cosign/v2/pkg/cosign"
+import (
+	"github.com/sigstore/cosign/v2/pkg/cosign"
+	"github.com/sigstore/sigstore-go/pkg/root"
+)
 
 type KeyOpts struct {
 	Sk                   bool
@@ -53,4 +56,7 @@ type KeyOpts struct {
 	// Modeled after InsecureSkipVerify in tls.Config, this disables
 	// verifying the SCT.
 	InsecureSkipFulcioVerify bool
+
+	// TrustedMaterial contains trusted metadata for all Sigstore services. It is exclusive with RekorPubKeys, RootCerts, IntermediateCerts, CTLogPubKeys, and the TSA* cert fields.
+	TrustedMaterial root.TrustedMaterial
 }
diff --git a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/predicate.go b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/predicate.go
index b5a01f7cfa..4fc8e95d67 100644
--- a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/predicate.go
+++ b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/predicate.go
@@ -19,13 +19,11 @@ import (
 	"fmt"
 	"net/url"
 
+	"github.com/in-toto/in-toto-golang/in_toto"
 	slsa02 "github.com/in-toto/in-toto-golang/in_toto/slsa_provenance/v0.2"
 	slsa1 "github.com/in-toto/in-toto-golang/in_toto/slsa_provenance/v1"
-
-	"github.com/in-toto/in-toto-golang/in_toto"
-	"github.com/spf13/cobra"
-
 	"github.com/sigstore/cosign/v2/pkg/cosign/attestation"
+	"github.com/spf13/cobra"
 )
 
 const (
diff --git a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/signature_digest.go b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/signature_digest.go
index 764a3dfe52..dda0ddd0ee 100644
--- a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/signature_digest.go
+++ b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/signature_digest.go
@@ -17,13 +17,12 @@ package options
 
 import (
 	"crypto"
+	_ "crypto/sha256" // for sha224 + sha256
+	_ "crypto/sha512" // for sha384 + sha512
 	"fmt"
 	"sort"
 	"strings"
 
-	_ "crypto/sha256" // for sha224 + sha256
-	_ "crypto/sha512" // for sha384 + sha512
-
 	"github.com/spf13/cobra"
 )
 
diff --git a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/trustedroot.go b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/trustedroot.go
index 21561aa527..d82730cd65 100644
--- a/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/trustedroot.go
+++ b/vendor/github.com/sigstore/cosign/v2/cmd/cosign/cli/options/trustedroot.go
@@ -21,12 +21,16 @@ import (
 
 type TrustedRootCreateOptions struct {
 	CertChain        []string
+	FulcioURI        []string
 	CtfeKeyPath      []string
 	CtfeStartTime    []string
+	CtfeURL          []string
 	Out              string
 	RekorKeyPath     []string
 	RekorStartTime   []string
+	RekorURL         []string
 	TSACertChainPath []string
+	TSAURI           []string
 }
 
 var _ Interface = (*TrustedRootCreateOptions)(nil)
@@ -39,6 +43,9 @@ func (o *TrustedRootCreateOptions) AddFlags(cmd *cobra.Command) {
 			"signing certificate and end with the root certificate.")
 	_ = cmd.MarkFlagFilename("certificate-chain", certificateExts...)
 
+	cmd.Flags().StringArrayVar(&o.FulcioURI, "fulcio-uri", nil,
+		"URI of the Fulcio server issuing certificates.")
+
 	cmd.Flags().StringArrayVar(&o.CtfeKeyPath, "ctfe-key", nil,
 		"path to a PEM-encoded public key used by certificate authority for "+
 			"certificate transparency log.")
@@ -48,19 +55,30 @@ func (o *TrustedRootCreateOptions) AddFlags(cmd *cobra.Command) {
 		"RFC 3339 string describing validity start time for key use by "+
 			"certificate transparency log.")
 
+	cmd.Flags().StringArrayVar(&o.CtfeURL, "ctfe-url", nil,
+		"URL of the certificate transparency log.")
+
 	cmd.Flags().StringVar(&o.Out, "out", "", "path to output trusted root")
 	// _ = cmd.MarkFlagFilename("output") // no typical extensions
 
 	cmd.Flags().StringArrayVar(&o.RekorKeyPath, "rekor-key", nil,
-		"path to a PEM-encoded public key used by transparency log like Rekor.")
+		"path to a PEM-encoded public key used by transparency log like Rekor. "+
+			"For Rekor V2, append the Rekor server name with ',', e.g. "+
+			"'--rekor-key=/path/to/key.pub,rekor.example.test'.")
 	_ = cmd.MarkFlagFilename("rekor-key", publicKeyExts...)
 
 	cmd.Flags().StringArrayVar(&o.RekorStartTime, "rekor-start-time", nil,
 		"RFC 3339 string describing validity start time for key use by "+
 			"transparency log like Rekor.")
 
+	cmd.Flags().StringArrayVar(&o.RekorURL, "rekor-url", nil,
+		"URL of the transparency log.")
+
 	cmd.Flags().StringArrayVar(&o.TSACertChainPath, "timestamp-certificate-chain", nil,
 		"path to PEM-encoded certificate chain file for the RFC3161 timestamp authority. Must contain the root CA certificate. "+
 			"Optionally may contain intermediate CA certificates")
 	_ = cmd.MarkFlagFilename("timestamp-certificate-chain", certificateExts...)
+
+	cmd.Flags().StringArrayVar(&o.TSAURI, "timestamp-uri", nil,
+		"URI of the timestamp authority server.")
 }
diff --git a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/env/env.go b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/env/env.go
index 016687acb8..00500843db 100644
--- a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/env/env.go
+++ b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/env/env.go
@@ -60,6 +60,11 @@ const (
 	VariableSigstoreIDToken            Variable = "SIGSTORE_ID_TOKEN" //nolint:gosec
 	VariableSigstoreTSACertificateFile Variable = "SIGSTORE_TSA_CERTIFICATE_FILE"
 
+	// TUF environment variables
+	VariableTUFRootDir  Variable = "TUF_ROOT"
+	VariableTUFMirror   Variable = "TUF_MIRROR"
+	VariableTUFRootJSON Variable = "TUF_ROOT_JSON"
+
 	// Other external environment variables
 	VariableGitHubHost                Variable = "GITHUB_HOST"
 	VariableGitHubToken               Variable = "GITHUB_TOKEN" //nolint:gosec
@@ -145,6 +150,24 @@ var (
 			Sensitive:   false,
 			External:    true,
 		},
+		VariableTUFMirror: {
+			Description: "URL of the TUF mirror. Use with TUF_ROOT_JSON to refresh TUF metadata during signing and verification commands. Setting this will cause cosign to attempt to use trusted_root.json if available and will ignore custom TUF metadata.",
+			Expects:     "URL of the TUF mirror",
+			Sensitive:   false,
+			External:    true,
+		},
+		VariableTUFRootDir: {
+			Description: "path to the TUF cache directory",
+			Expects:     "path to the TUF cache directory",
+			Sensitive:   false,
+			External:    true,
+		},
+		VariableTUFRootJSON: {
+			Description: "path to the TUF root.json file used to initialize and update a local TUF repository. Use with TUF_MIRROR to refresh TUF metadata during signing and verification commands. Setting this will cause cosign to attempt to use trusted_root.json if available and will ignore custom TUF metadata.",
+			Expects:     "path to root.json",
+			Sensitive:   false,
+			External:    true,
+		},
 		VariableGitHubHost: {
 			Description: "is URL of the GitHub Enterprise instance",
 			Expects:     "string with the URL of GitHub Enterprise instance",
diff --git a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/git/github/github.go b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/git/github/github.go
index d58e68d414..9866f6eef6 100644
--- a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/git/github/github.go
+++ b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/git/github/github.go
@@ -25,7 +25,7 @@ import (
 	"os"
 	"strings"
 
-	"github.com/google/go-github/v55/github"
+	"github.com/google/go-github/v72/github"
 	"golang.org/x/crypto/nacl/box"
 	"golang.org/x/oauth2"
 
diff --git a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/tlog.go b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/tlog.go
index a9379ba941..bd3c2a897e 100644
--- a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/tlog.go
+++ b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/tlog.go
@@ -44,6 +44,8 @@ import (
 	hashedrekord_v001 "github.com/sigstore/rekor/pkg/types/hashedrekord/v0.0.1"
 	"github.com/sigstore/rekor/pkg/types/intoto"
 	intoto_v001 "github.com/sigstore/rekor/pkg/types/intoto/v0.0.1"
+	"github.com/sigstore/sigstore-go/pkg/root"
+	"github.com/sigstore/sigstore-go/pkg/tlog"
 	"github.com/sigstore/sigstore/pkg/cryptoutils"
 	"github.com/sigstore/sigstore/pkg/tuf"
 	"github.com/transparency-dev/merkle/proof"
@@ -218,7 +220,7 @@ func doUpload(ctx context.Context, rekorClient *client.Rekor, pe models.Proposed
 			if err != nil {
 				return nil, err
 			}
-			return e, VerifyTLogEntryOffline(ctx, e, rekorPubsFromAPI)
+			return e, VerifyTLogEntryOffline(ctx, e, rekorPubsFromAPI, nil)
 		}
 		return nil, err
 	}
@@ -442,20 +444,14 @@ func FindTlogEntry(ctx context.Context, rekorClient *client.Rekor,
 
 // VerifyTLogEntryOffline verifies a TLog entry against a map of trusted rekorPubKeys indexed
 // by log id.
-func VerifyTLogEntryOffline(ctx context.Context, e *models.LogEntryAnon, rekorPubKeys *TrustedTransparencyLogPubKeys) error {
+func VerifyTLogEntryOffline(ctx context.Context, e *models.LogEntryAnon, rekorPubKeys *TrustedTransparencyLogPubKeys, trustedMaterial root.TrustedMaterial) error {
 	if e.Verification == nil || e.Verification.InclusionProof == nil {
 		return errors.New("inclusion proof not provided")
 	}
 
-	if rekorPubKeys == nil || rekorPubKeys.Keys == nil {
+	if trustedMaterial == nil && (rekorPubKeys == nil || rekorPubKeys.Keys == nil) {
 		return errors.New("no trusted rekor public keys provided")
 	}
-	// Make sure all the rekorPubKeys are ecsda.PublicKeys
-	for k, v := range rekorPubKeys.Keys {
-		if _, ok := v.PubKey.(*ecdsa.PublicKey); !ok {
-			return fmt.Errorf("rekor Public key for LogID %s is not type ecdsa.PublicKey", k)
-		}
-	}
 
 	hashes := [][]byte{}
 	for _, h := range e.Verification.InclusionProof.Hashes {
@@ -477,6 +473,23 @@ func VerifyTLogEntryOffline(ctx context.Context, e *models.LogEntryAnon, rekorPu
 	}
 
 	// Verify rekor's signature over the SET.
+	if trustedMaterial != nil {
+		logID, err := hex.DecodeString(*e.LogID)
+		if err != nil {
+			return fmt.Errorf("decoding log ID: %w", err)
+		}
+		entry, err := tlog.NewEntry(entryBytes, *e.IntegratedTime, *e.LogIndex, logID, e.Verification.SignedEntryTimestamp, e.Verification.InclusionProof)
+		if err != nil {
+			return fmt.Errorf("converting tlog entry: %w", err)
+		}
+		if err := tlog.VerifySET(entry, trustedMaterial.RekorLogs()); err != nil {
+			return fmt.Errorf("verifying SET offline: %w", err)
+		}
+		return nil
+	}
+
+	// No trusted root available, so verify the SET with legacy TUF metadata:
+
 	payload := bundle.RekorPayload{
 		Body:           e.Body,
 		IntegratedTime: *e.IntegratedTime,
@@ -484,6 +497,13 @@ func VerifyTLogEntryOffline(ctx context.Context, e *models.LogEntryAnon, rekorPu
 		LogID:          *e.LogID,
 	}
 
+	// Make sure all the rekorPubKeys are ecsda.PublicKeys
+	for k, v := range rekorPubKeys.Keys {
+		if _, ok := v.PubKey.(*ecdsa.PublicKey); !ok {
+			return fmt.Errorf("rekor Public key for LogID %s is not type ecdsa.PublicKey", k)
+		}
+	}
+
 	pubKey, ok := rekorPubKeys.Keys[payload.LogID]
 	if !ok {
 		return errors.New("rekor log public key not found for payload. Check your TUF root (see cosign initialize) or set a custom key with env var SIGSTORE_REKOR_PUBLIC_KEY")
diff --git a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/tuf.go b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/tuf.go
new file mode 100644
index 0000000000..2a7049feec
--- /dev/null
+++ b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/tuf.go
@@ -0,0 +1,111 @@
+// Copyright 2025 The Sigstore Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cosign
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"os"
+	"path/filepath"
+
+	"github.com/sigstore/cosign/v2/pkg/cosign/env"
+	"github.com/sigstore/sigstore-go/pkg/root"
+	"github.com/sigstore/sigstore-go/pkg/tuf"
+)
+
+func TrustedRoot() (root.TrustedMaterial, error) {
+	opts, err := setTUFOpts()
+	if err != nil {
+		return nil, fmt.Errorf("error setting TUF options: %w", err)
+	}
+	tr, err := root.NewLiveTrustedRoot(opts)
+	if err != nil {
+		return nil, fmt.Errorf("error getting live trusted root: %w", err)
+	}
+	return tr, nil
+}
+
+// setTUFOpts sets the TUF cache directory, the mirror URL, and the root.json in the TUF options.
+// The cache directory is provided by the user as an environment variable TUF_ROOT, or the default $HOME/.sigstore/root is used.
+// The mirror URL is provided by the user as an environment variable TUF_MIRROR. If not overridden by the user, the value set during `cosign initialize` in remote.json in the cache directory is used.
+// If the mirror happens to be the sigstore.dev production TUF CDN, the options are returned since it is safe to use all the default settings.
+// If the mirror is a custom mirror, we try to find a cached root.json. We must not use the default embedded root.json.
+// If the TUF options cannot be found through these steps, the caller should not try to use this TUF client to fetch the trusted root and should instead fall back to the legacy TUF client to fetch individual trusted keys.
+func setTUFOpts() (*tuf.Options, error) {
+	opts := tuf.DefaultOptions()
+	if tufCacheDir := env.Getenv(env.VariableTUFRootDir); tufCacheDir != "" { //nolint:forbidigo
+		opts.CachePath = tufCacheDir
+	}
+	err := setTUFMirror(opts)
+	if err != nil {
+		return nil, fmt.Errorf("error setting TUF mirror: %w", err)
+	}
+	if opts.RepositoryBaseURL == tuf.DefaultMirror {
+		// Using the default mirror, so just use the embedded root.json.
+		return opts, nil
+	}
+	err = setTUFRootJSON(opts)
+	if err != nil {
+		return nil, fmt.Errorf("error setting root: %w", err)
+	}
+	return opts, nil
+}
+
+func setTUFMirror(opts *tuf.Options) error {
+	if tufMirror := env.Getenv(env.VariableTUFMirror); tufMirror != "" { //nolint:forbidigo
+		opts.RepositoryBaseURL = tufMirror
+		return nil
+	}
+	// try using the mirror set by `cosign initialize`
+	cachedRemote := filepath.Join(opts.CachePath, "remote.json")
+	remoteBytes, err := os.ReadFile(cachedRemote)
+	if errors.Is(err, os.ErrNotExist) {
+		return nil // `cosign initialize` wasn't run, so use the default
+	}
+	if err != nil {
+		return fmt.Errorf("error reading remote.json: %w", err)
+	}
+	remote := make(map[string]string)
+	err = json.Unmarshal(remoteBytes, &remote)
+	if err != nil {
+		return fmt.Errorf("error unmarshalling remote.json: %w", err)
+	}
+	opts.RepositoryBaseURL = remote["mirror"]
+	return nil
+}
+
+func setTUFRootJSON(opts *tuf.Options) error {
+	// TUF root set by TUF_ROOT_JSON
+	if tufRootJSON := env.Getenv(env.VariableTUFRootJSON); tufRootJSON != "" { //nolint:forbidigo
+		rootJSONBytes, err := os.ReadFile(tufRootJSON)
+		if err != nil {
+			return fmt.Errorf("error reading root.json given by TUF_ROOT_JSON")
+		}
+		opts.Root = rootJSONBytes
+		return nil
+	}
+	// Look for cached root.json
+	cachedRootJSON := filepath.Join(opts.CachePath, tuf.URLToPath(opts.RepositoryBaseURL), "root.json")
+	if _, err := os.Stat(cachedRootJSON); !os.IsNotExist(err) {
+		rootJSONBytes, err := os.ReadFile(cachedRootJSON)
+		if err != nil {
+			return fmt.Errorf("error reading cached root.json")
+		}
+		opts.Root = rootJSONBytes
+		return nil
+	}
+	return fmt.Errorf("could not find cached root.json")
+}
diff --git a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify.go b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify.go
index b2c9ee66fc..29aa372955 100644
--- a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify.go
+++ b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify.go
@@ -29,6 +29,7 @@ import (
 	"errors"
 	"fmt"
 	"io/fs"
+	"log"
 	"net/http"
 	"os"
 	"regexp"
@@ -38,7 +39,6 @@ import (
 	"github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer"
 	"github.com/digitorus/timestamp"
 	"github.com/go-openapi/runtime"
-
 	"github.com/google/go-containerregistry/pkg/name"
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/google/go-containerregistry/pkg/v1/remote/transport"
@@ -66,6 +66,7 @@ import (
 	sgbundle "github.com/sigstore/sigstore-go/pkg/bundle"
 	"github.com/sigstore/sigstore-go/pkg/fulcio/certificate"
 	"github.com/sigstore/sigstore-go/pkg/root"
+	"github.com/sigstore/sigstore-go/pkg/tlog"
 	"github.com/sigstore/sigstore-go/pkg/verify"
 	"github.com/sigstore/sigstore/pkg/cryptoutils"
 	"github.com/sigstore/sigstore/pkg/signature"
@@ -96,6 +97,9 @@ type CheckOpts struct {
 	// ClaimVerifier, if provided, verifies claims present in the oci.Signature.
 	ClaimVerifier func(sig oci.Signature, imageDigest v1.Hash, annotations map[string]interface{}) error
 
+	// TrustedMaterial contains trusted metadata for all Sigstore services. It is exclusive with RekorPubKeys, RootCerts, IntermediateCerts, CTLogPubKeys, and the TSA* cert fields.
+	TrustedMaterial root.TrustedMaterial
+
 	// RekorClient, if set, is used to make online tlog calls use to verify signatures and public keys.
 	RekorClient *client.Rekor
 	// RekorPubKeys, if set, is used to validate signatures on log entries from
@@ -170,10 +174,6 @@ type CheckOpts struct {
 
 	// NewBundleFormat enables the new bundle format (Cosign Bundle Spec) and the new verifier.
 	NewBundleFormat bool
-
-	// TrustedMaterial is the trusted material to use for verification.
-	// Currently, this is only applicable when NewBundleFormat is true.
-	TrustedMaterial root.TrustedMaterial
 }
 
 type verifyTrustedMaterial struct {
@@ -342,11 +342,27 @@ func ValidateAndUnpackCertWithIntermediates(cert *x509.Certificate, co *CheckOpt
 	}
 
 	// Now verify the cert, then the signature.
-	chains, err := TrustedCert(cert, co.RootCerts, intermediateCerts)
 
+	shouldVerifyEmbeddedSCT := !co.IgnoreSCT
+	contains, err := ContainsSCT(cert.Raw)
 	if err != nil {
 		return nil, err
 	}
+	shouldVerifyEmbeddedSCT = shouldVerifyEmbeddedSCT && contains
+	// If trusted root is available and the SCT is embedded, use the verifiers from sigstore-go (preferred).
+	var chains [][]*x509.Certificate
+	if co.TrustedMaterial != nil && shouldVerifyEmbeddedSCT {
+		if chains, err = verify.VerifyLeafCertificate(cert.NotBefore, cert, co.TrustedMaterial); err != nil {
+			return nil, err
+		}
+	} else {
+		// If the trusted root is not available, OR if the SCT is detached, use the verifiers from cosign (legacy).
+		// The certificate chains will be needed for the legacy SCT verifiers, which is why we can't use sigstore-go.
+		chains, err = TrustedCert(cert, co.RootCerts, intermediateCerts)
+		if err != nil {
+			return nil, err
+		}
+	}
 
 	err = CheckCertificatePolicy(cert, co)
 	if err != nil {
@@ -357,15 +373,20 @@ func ValidateAndUnpackCertWithIntermediates(cert *x509.Certificate, co *CheckOpt
 	if co.IgnoreSCT {
 		return verifier, nil
 	}
-	contains, err := ContainsSCT(cert.Raw)
-	if err != nil {
-		return nil, err
-	}
 	if !contains && len(co.SCT) == 0 {
 		return nil, &VerificationFailure{
 			fmt.Errorf("certificate does not include required embedded SCT and no detached SCT was set"),
 		}
 	}
+
+	// If trusted root is available and the SCT is embedded, use the verifiers from sigstore-go (preferred).
+	if co.TrustedMaterial != nil && contains {
+		if err := verify.VerifySignedCertificateTimestamp(chains, 1, co.TrustedMaterial); err != nil {
+			return nil, err
+		}
+		return verifier, nil
+	}
+
 	// handle if chains has more than one chain - grab first and print message
 	if len(chains) > 1 {
 		fmt.Fprintf(os.Stderr, "**Info** Multiple valid certificate chains found. Selecting the first to verify the SCT.\n")
@@ -374,22 +395,22 @@ func ValidateAndUnpackCertWithIntermediates(cert *x509.Certificate, co *CheckOpt
 		if err := VerifyEmbeddedSCT(context.Background(), chains[0], co.CTLogPubKeys); err != nil {
 			return nil, err
 		}
-	} else {
-		chain := chains[0]
-		if len(chain) < 2 {
-			return nil, errors.New("certificate chain must contain at least a certificate and its issuer")
-		}
-		certPEM, err := cryptoutils.MarshalCertificateToPEM(chain[0])
-		if err != nil {
-			return nil, err
-		}
-		chainPEM, err := cryptoutils.MarshalCertificatesToPEM(chain[1:])
-		if err != nil {
-			return nil, err
-		}
-		if err := VerifySCT(context.Background(), certPEM, chainPEM, co.SCT, co.CTLogPubKeys); err != nil {
-			return nil, err
-		}
+		return verifier, nil
+	}
+	chain := chains[0]
+	if len(chain) < 2 {
+		return nil, errors.New("certificate chain must contain at least a certificate and its issuer")
+	}
+	certPEM, err := cryptoutils.MarshalCertificateToPEM(chain[0])
+	if err != nil {
+		return nil, err
+	}
+	chainPEM, err := cryptoutils.MarshalCertificatesToPEM(chain[1:])
+	if err != nil {
+		return nil, err
+	}
+	if err := VerifySCT(context.Background(), certPEM, chainPEM, co.SCT, co.CTLogPubKeys); err != nil {
+		return nil, err
 	}
 
 	return verifier, nil
@@ -527,7 +548,7 @@ func ValidateAndUnpackCertWithChain(cert *x509.Certificate, chain []*x509.Certif
 	return ValidateAndUnpackCert(cert, co)
 }
 
-func tlogValidateEntry(ctx context.Context, client *client.Rekor, rekorPubKeys *TrustedTransparencyLogPubKeys,
+func tlogValidateEntry(ctx context.Context, client *client.Rekor, rekorPubKeys *TrustedTransparencyLogPubKeys, trustedMaterial root.TrustedMaterial,
 	sig oci.Signature, pem []byte) (*models.LogEntryAnon, error) {
 	b64sig, err := sig.Base64Signature()
 	if err != nil {
@@ -551,7 +572,7 @@ func tlogValidateEntry(ctx context.Context, client *client.Rekor, rekorPubKeys *
 	entryVerificationErrs := make([]string, 0)
 	for _, e := range tlogEntries {
 		entry := e
-		if err := VerifyTLogEntryOffline(ctx, &entry, rekorPubKeys); err != nil {
+		if err := VerifyTLogEntryOffline(ctx, &entry, rekorPubKeys, trustedMaterial); err != nil {
 			entryVerificationErrs = append(entryVerificationErrs, err.Error())
 			continue
 		}
@@ -594,8 +615,8 @@ func VerifyImageSignatures(ctx context.Context, signedImgRef name.Reference, co
 	}
 
 	// Enforce this up front.
-	if co.RootCerts == nil && co.SigVerifier == nil {
-		return nil, false, errors.New("one of verifier or root certs is required")
+	if co.RootCerts == nil && co.SigVerifier == nil && co.TrustedMaterial == nil {
+		return nil, false, errors.New("one of verifier, root certs, or trusted root is required")
 	}
 
 	// This is a carefully optimized sequence for fetching the signatures of the
@@ -639,8 +660,8 @@ func VerifyImageSignatures(ctx context.Context, signedImgRef name.Reference, co
 // If there were no valid signatures, we return an error.
 func VerifyLocalImageSignatures(ctx context.Context, path string, co *CheckOpts) (checkedSignatures []oci.Signature, bundleVerified bool, err error) {
 	// Enforce this up front.
-	if co.RootCerts == nil && co.SigVerifier == nil {
-		return nil, false, errors.New("one of verifier or root certs is required")
+	if co.RootCerts == nil && co.SigVerifier == nil && co.TrustedMaterial == nil {
+		return nil, false, errors.New("one of verifier, root certs, or trusted root is required")
 	}
 
 	se, err := layout.SignedImageIndex(path)
@@ -805,7 +826,7 @@ func verifyInternal(ctx context.Context, sig oci.Signature, h v1.Hash,
 				return false, err
 			}
 
-			e, err := tlogValidateEntry(ctx, co.RekorClient, co.RekorPubKeys, sig, pemBytes)
+			e, err := tlogValidateEntry(ctx, co.RekorClient, co.RekorPubKeys, co.TrustedMaterial, sig, pemBytes)
 			if err != nil {
 				return false, err
 			}
@@ -1016,8 +1037,8 @@ func VerifyImageAttestations(ctx context.Context, signedImgRef name.Reference, c
 // If there were no valid signatures, we return an error.
 func VerifyLocalImageAttestations(ctx context.Context, path string, co *CheckOpts) (checkedAttestations []oci.Signature, bundleVerified bool, err error) {
 	// Enforce this up front.
-	if co.RootCerts == nil && co.SigVerifier == nil {
-		return nil, false, errors.New("one of verifier or root certs is required")
+	if co.RootCerts == nil && co.SigVerifier == nil && co.TrustedMaterial == nil {
+		return nil, false, errors.New("one of verifier, root certs, or trusted root is required")
 	}
 
 	se, err := layout.SignedImageIndex(path)
@@ -1164,9 +1185,26 @@ func VerifyBundle(sig oci.Signature, co *CheckOpts) (bool, error) {
 		return false, nil
 	}
 
-	if co.RekorPubKeys == nil || co.RekorPubKeys.Keys == nil {
+	if co.TrustedMaterial == nil && (co.RekorPubKeys == nil || co.RekorPubKeys.Keys == nil) {
 		return false, errors.New("no trusted rekor public keys provided")
 	}
+
+	if co.TrustedMaterial != nil {
+		payload := bundle.Payload
+		logID, err := hex.DecodeString(payload.LogID)
+		if err != nil {
+			return false, fmt.Errorf("decoding log ID: %w", err)
+		}
+		body, _ := base64.StdEncoding.DecodeString(payload.Body.(string))
+		entry, err := tlog.NewEntry(body, payload.IntegratedTime, payload.LogIndex, logID, bundle.SignedEntryTimestamp, nil)
+		if err != nil {
+			return false, fmt.Errorf("converting tlog entry: %w", err)
+		}
+		if err := tlog.VerifySET(entry, co.TrustedMaterial.RekorLogs()); err != nil {
+			return false, fmt.Errorf("verifying bundle with trusted root: %w", err)
+		}
+		return true, nil
+	}
 	// Make sure all the rekorPubKeys are ecsda.PublicKeys
 	for k, v := range co.RekorPubKeys.Keys {
 		if _, ok := v.PubKey.(*ecdsa.PublicKey); !ok {
@@ -1220,6 +1258,40 @@ func VerifyBundle(sig oci.Signature, co *CheckOpts) (bool, error) {
 	return true, nil
 }
 
+type signedEntityForTimestamp struct {
+	verify.BaseSignedEntity
+	timestamp  *cbundle.RFC3161Timestamp
+	sigContent *sigContent
+}
+
+type sigContent struct {
+	rawSig []byte
+}
+
+func (e *signedEntityForTimestamp) Timestamps() ([][]byte, error) {
+	timestamps := make([][]byte, 1)
+	timestamps[0] = e.timestamp.SignedRFC3161Timestamp
+	return timestamps, nil
+}
+
+func (e *signedEntityForTimestamp) SignatureContent() (verify.SignatureContent, error) {
+	return e.sigContent, nil
+}
+
+func (s *sigContent) Signature() []byte {
+	return s.rawSig
+}
+
+func (s *sigContent) EnvelopeContent() verify.EnvelopeContent {
+	log.Fatal("programmer error: EnvelopeContent was called but not implemented")
+	return nil
+}
+
+func (s *sigContent) MessageSignatureContent() verify.MessageSignatureContent {
+	log.Fatal("programmer error: MessageSignatureContent was called but not implemented")
+	return nil
+}
+
 // VerifyRFC3161Timestamp verifies that the timestamp in sig is correctly signed, and if so,
 // returns the timestamp value.
 // It returns (nil, nil) if there is no timestamp, or (nil, err) if there is an invalid timestamp or if
@@ -1231,7 +1303,7 @@ func VerifyRFC3161Timestamp(sig oci.Signature, co *CheckOpts) (*timestamp.Timest
 		return nil, err
 	case ts == nil:
 		return nil, nil
-	case co.TSARootCertificates == nil:
+	case co.TSARootCertificates == nil && co.TrustedMaterial == nil:
 		return nil, errors.New("no TSA root certificate(s) provided to verify timestamp")
 	}
 
@@ -1257,6 +1329,21 @@ func VerifyRFC3161Timestamp(sig oci.Signature, co *CheckOpts) (*timestamp.Timest
 		tsBytes = rawSig
 	}
 
+	if co.TrustedMaterial != nil {
+		entity := &signedEntityForTimestamp{
+			timestamp:  ts,
+			sigContent: &sigContent{rawSig: tsBytes},
+		}
+		verifiedTimestamps, verifyErrs, err := verify.VerifySignedTimestamp(entity, co.TrustedMaterial)
+		if err != nil {
+			return nil, fmt.Errorf("unable to verify signed timestamps with trusted root: %w", err)
+		}
+		if len(verifyErrs) > 0 {
+			log.Printf("Warning: subset of signed timestamps failed to verify: %v", verifyErrs)
+		}
+		return &timestamp.Timestamp{Time: verifiedTimestamps[0].Time}, nil
+	}
+
 	return tsaverification.VerifyTimestampResponse(ts.SignedRFC3161Timestamp, bytes.NewReader(tsBytes),
 		tsaverification.VerifyOpts{
 			TSACertificate: co.TSACertificate,
@@ -1464,8 +1551,8 @@ func correctAnnotations(wanted, have map[string]interface{}) bool {
 // If there were no valid signatures, we return an error, using OCI 1.1+ behavior.
 func verifyImageSignaturesExperimentalOCI(ctx context.Context, signedImgRef name.Reference, co *CheckOpts) (checkedSignatures []oci.Signature, bundleVerified bool, err error) {
 	// Enforce this up front.
-	if co.RootCerts == nil && co.SigVerifier == nil {
-		return nil, false, errors.New("one of verifier or root certs is required")
+	if co.RootCerts == nil && co.SigVerifier == nil && co.TrustedMaterial == nil {
+		return nil, false, errors.New("one of verifier, root certs, or trusted root is required")
 	}
 
 	// This is a carefully optimized sequence for fetching the signatures of the
diff --git a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify_bundle.go b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify_bundle.go
index 85a9a66028..9c6daf8814 100644
--- a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify_bundle.go
+++ b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify_bundle.go
@@ -27,7 +27,7 @@ func VerifyNewBundle(_ context.Context, co *CheckOpts, artifactPolicyOption veri
 	if err != nil {
 		return nil, err
 	}
-	verifier, err := verify.NewSignedEntityVerifier(trustedMaterial, verifierOptions...)
+	verifier, err := verify.NewVerifier(trustedMaterial, verifierOptions...)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify_sct.go b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify_sct.go
index 1b904c2c4f..444c488149 100644
--- a/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify_sct.go
+++ b/vendor/github.com/sigstore/cosign/v2/pkg/cosign/verify_sct.go
@@ -19,7 +19,6 @@ import (
 	"crypto/x509"
 	"encoding/hex"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"os"
 
@@ -50,7 +49,7 @@ func getCTPublicKey(sct *ct.SignedCertificateTimestamp,
 	keyID := hex.EncodeToString(sct.LogID.KeyID[:])
 	pubKeyMetadata, ok := pubKeys.Keys[keyID]
 	if !ok {
-		return nil, errors.New("ctfe public key not found for payload. Check your TUF root (see cosign initialize) or set a custom key with env var SIGSTORE_CT_LOG_PUBLIC_KEY_FILE")
+		return nil, fmt.Errorf("ctfe public key not found for payload. Check your TUF root (see cosign initialize) or set a custom key with env var SIGSTORE_CT_LOG_PUBLIC_KEY_FILE")
 	}
 	return &pubKeyMetadata, nil
 }
@@ -73,7 +72,7 @@ func getCTPublicKey(sct *ct.SignedCertificateTimestamp,
 // an alternate, the file can be PEM, or DER format.
 func VerifySCT(_ context.Context, certPEM, chainPEM, rawSCT []byte, pubKeys *TrustedTransparencyLogPubKeys) error {
 	if pubKeys == nil || len(pubKeys.Keys) == 0 {
-		return errors.New("none of the CTFE keys have been found")
+		return fmt.Errorf("none of the CTFE keys have been found")
 	}
 
 	// parse certificate and chain
@@ -86,7 +85,7 @@ func VerifySCT(_ context.Context, certPEM, chainPEM, rawSCT []byte, pubKeys *Tru
 		return err
 	}
 	if len(certChain) == 0 {
-		return errors.New("no certificate chain found")
+		return fmt.Errorf("no certificate chain found")
 	}
 
 	// fetch embedded SCT if present
@@ -96,7 +95,7 @@ func VerifySCT(_ context.Context, certPEM, chainPEM, rawSCT []byte, pubKeys *Tru
 	}
 	// SCT must be either embedded or in header
 	if len(embeddedSCTs) == 0 && len(rawSCT) == 0 {
-		return errors.New("no SCT found")
+		return fmt.Errorf("no SCT found")
 	}
 
 	// check SCT embedded in certificate
@@ -143,7 +142,7 @@ func VerifySCT(_ context.Context, certPEM, chainPEM, rawSCT []byte, pubKeys *Tru
 // VerifyEmbeddedSCT verifies an embedded SCT in a certificate.
 func VerifyEmbeddedSCT(ctx context.Context, chain []*x509.Certificate, pubKeys *TrustedTransparencyLogPubKeys) error {
 	if len(chain) < 2 {
-		return errors.New("certificate chain must contain at least a certificate and its issuer")
+		return fmt.Errorf("certificate chain must contain at least a certificate and its issuer")
 	}
 	certPEM, err := cryptoutils.MarshalCertificateToPEM(chain[0])
 	if err != nil {
diff --git a/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/bundle/v1/sigstore_bundle.pb.go b/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/bundle/v1/sigstore_bundle.pb.go
index 45b3eff00e..9d43f66c0f 100644
--- a/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/bundle/v1/sigstore_bundle.pb.go
+++ b/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/bundle/v1/sigstore_bundle.pb.go
@@ -15,7 +15,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.36.5
-// 	protoc        v5.29.4
+// 	protoc        v6.30.2
 // source: sigstore_bundle.proto
 
 package v1
diff --git a/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/common/v1/sigstore_common.pb.go b/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/common/v1/sigstore_common.pb.go
index 40725bd79c..5f339b2d78 100644
--- a/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/common/v1/sigstore_common.pb.go
+++ b/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/common/v1/sigstore_common.pb.go
@@ -15,7 +15,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.36.5
-// 	protoc        v5.29.4
+// 	protoc        v6.30.2
 // source: sigstore_common.proto
 
 package v1
@@ -112,7 +112,8 @@ func (HashAlgorithm) EnumDescriptor() ([]byte, []int) {
 // opinionated options instead of allowing every possible permutation.
 //
 // Any changes to this enum MUST be reflected in the algorithm registry.
-// See: docs/algorithm-registry.md
+//
+// See: <https://github.com/sigstore/architecture-docs/blob/main/algorithm-registry.md>
 //
 // To avoid the possibility of contradicting formats such as PKCS1 with
 // ED25519 the valid permutations are listed as a linear set instead of a
@@ -159,8 +160,9 @@ const (
 	PublicKeyDetails_PKIX_ECDSA_P521_SHA_256 PublicKeyDetails = 20
 	// LMS and LM-OTS
 	//
-	// These keys and signatures may be used by private Sigstore
-	// deployments, but are not currently supported by the public
+	// These algorithms are deprecated and should not be used.
+	// Keys and signatures MAY be used by private Sigstore
+	// deployments, but will not be supported by the public
 	// good instance.
 	//
 	// USER WARNING: LMS and LM-OTS are both stateful signature schemes.
@@ -170,8 +172,26 @@ const (
 	// MUST NOT be used for more than one signature per LM-OTS key.
 	// If you cannot maintain these invariants, you MUST NOT use these
 	// schemes.
-	PublicKeyDetails_LMS_SHA256   PublicKeyDetails = 14
+	//
+	// Deprecated: Marked as deprecated in sigstore_common.proto.
+	PublicKeyDetails_LMS_SHA256 PublicKeyDetails = 14
+	// Deprecated: Marked as deprecated in sigstore_common.proto.
 	PublicKeyDetails_LMOTS_SHA256 PublicKeyDetails = 15
+	// ML-DSA
+	//
+	// These ML_DSA_65 and ML-DSA_87 algorithms are the pure variants that
+	// take data to sign rather than the prehash variants (HashML-DSA), which
+	// take digests.  While considered quantum-resistant, their usage
+	// involves tradeoffs in that signatures and keys are much larger, and
+	// this makes deployments more costly.
+	//
+	// USER WARNING: ML_DSA_65 and ML_DSA_87 are experimental algorithms.
+	// In the future they MAY be used by private Sigstore deployments, but
+	// they are not yet fully functional.  This warning will be removed when
+	// these algorithms are widely supported by Sigstore clients and servers,
+	// but care should still be taken for production environments.
+	PublicKeyDetails_ML_DSA_65 PublicKeyDetails = 21 // See NIST FIPS 204
+	PublicKeyDetails_ML_DSA_87 PublicKeyDetails = 22
 )
 
 // Enum value maps for PublicKeyDetails.
@@ -198,6 +218,8 @@ var (
 		20: "PKIX_ECDSA_P521_SHA_256",
 		14: "LMS_SHA256",
 		15: "LMOTS_SHA256",
+		21: "ML_DSA_65",
+		22: "ML_DSA_87",
 	}
 	PublicKeyDetails_value = map[string]int32{
 		"PUBLIC_KEY_DETAILS_UNSPECIFIED": 0,
@@ -221,6 +243,8 @@ var (
 		"PKIX_ECDSA_P521_SHA_256":        20,
 		"LMS_SHA256":                     14,
 		"LMOTS_SHA256":                   15,
+		"ML_DSA_65":                      21,
+		"ML_DSA_87":                      22,
 	}
 )
 
@@ -1134,7 +1158,7 @@ var file_sigstore_common_proto_rawDesc = string([]byte{
 	0x48, 0x41, 0x32, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41,
 	0x32, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f,
 	0x32, 0x35, 0x36, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x33, 0x38,
-	0x34, 0x10, 0x05, 0x2a, 0xe9, 0x04, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65,
+	0x34, 0x10, 0x05, 0x2a, 0x8f, 0x05, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65,
 	0x79, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x55, 0x42, 0x4c,
 	0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x53, 0x5f, 0x55,
 	0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x19, 0x0a, 0x11,
@@ -1170,25 +1194,27 @@ var file_sigstore_common_proto_rawDesc = string([]byte{
 	0x44, 0x53, 0x41, 0x5f, 0x50, 0x33, 0x38, 0x34, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36,
 	0x10, 0x13, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x1f, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45,
 	0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x35, 0x32, 0x31, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35,
-	0x36, 0x10, 0x14, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x0e, 0x0a, 0x0a, 0x4c, 0x4d, 0x53, 0x5f, 0x53,
-	0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x12, 0x10, 0x0a, 0x0c, 0x4c, 0x4d, 0x4f, 0x54, 0x53,
-	0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x22, 0x04, 0x08, 0x15, 0x10, 0x32, 0x2a,
-	0x6f, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e,
-	0x61, 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, 0x0a,
-	0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, 0x41,
-	0x54, 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55,
-	0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05,
-	0x45, 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, 0x02,
-	0x12, 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, 0x03,
-	0x42, 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65,
-	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31,
-	0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a,
-	0x36, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73,
-	0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70,
-	0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, 0x6f,
-	0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f,
-	0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x36, 0x10, 0x14, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x12, 0x0a, 0x0a, 0x4c, 0x4d, 0x53, 0x5f, 0x53,
+	0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x14, 0x0a, 0x0c, 0x4c,
+	0x4d, 0x4f, 0x54, 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x1a, 0x02, 0x08,
+	0x01, 0x12, 0x0d, 0x0a, 0x09, 0x4d, 0x4c, 0x5f, 0x44, 0x53, 0x41, 0x5f, 0x36, 0x35, 0x10, 0x15,
+	0x12, 0x0d, 0x0a, 0x09, 0x4d, 0x4c, 0x5f, 0x44, 0x53, 0x41, 0x5f, 0x38, 0x37, 0x10, 0x16, 0x22,
+	0x04, 0x08, 0x17, 0x10, 0x32, 0x2a, 0x6f, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74,
+	0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54,
+	0x79, 0x70, 0x65, 0x12, 0x2d, 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41,
+	0x4c, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x54, 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f,
+	0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44,
+	0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a,
+	0x03, 0x55, 0x52, 0x49, 0x10, 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f,
+	0x4e, 0x41, 0x4d, 0x45, 0x10, 0x03, 0x42, 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69,
+	0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72,
+	0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x36, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f,
+	0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
+	0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62,
+	0x2d, 0x67, 0x6f, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14,
+	0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e,
+	0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 })
 
 var (
diff --git a/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/dsse/envelope.pb.go b/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/dsse/envelope.pb.go
index b7711cdd24..298e2439ef 100644
--- a/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/dsse/envelope.pb.go
+++ b/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/dsse/envelope.pb.go
@@ -15,7 +15,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.36.5
-// 	protoc        v5.29.4
+// 	protoc        v6.30.2
 // source: envelope.proto
 
 package dsse
diff --git a/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/rekor/v1/sigstore_rekor.pb.go b/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/rekor/v1/sigstore_rekor.pb.go
index 7e599c783d..43b3111ebf 100644
--- a/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/rekor/v1/sigstore_rekor.pb.go
+++ b/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/rekor/v1/sigstore_rekor.pb.go
@@ -15,7 +15,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.36.5
-// 	protoc        v5.29.4
+// 	protoc        v6.30.2
 // source: sigstore_rekor.proto
 
 package v1
diff --git a/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/trustroot/v1/sigstore_trustroot.pb.go b/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/trustroot/v1/sigstore_trustroot.pb.go
index 883e65e130..eaa250c520 100644
--- a/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/trustroot/v1/sigstore_trustroot.pb.go
+++ b/vendor/github.com/sigstore/protobuf-specs/gen/pb-go/trustroot/v1/sigstore_trustroot.pb.go
@@ -15,7 +15,7 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
 // 	protoc-gen-go v1.36.5
-// 	protoc        v5.29.4
+// 	protoc        v6.30.2
 // source: sigstore_trustroot.proto
 
 package v1
@@ -110,6 +110,8 @@ func (ServiceSelector) EnumDescriptor() ([]byte, []int) {
 type TransparencyLogInstance struct {
 	state protoimpl.MessageState `protogen:"open.v1"`
 	// The base URL at which can be used to URLs for the client.
+	// SHOULD match the origin on the log checkpoint:
+	// https://github.com/C2SP/C2SP/blob/main/tlog-checkpoint.md#note-text.
 	BaseUrl string `protobuf:"bytes,1,opt,name=base_url,json=baseUrl,proto3" json:"base_url,omitempty"`
 	// The hash algorithm used for the Merkle Tree.
 	HashAlgorithm v1.HashAlgorithm `protobuf:"varint,2,opt,name=hash_algorithm,json=hashAlgorithm,proto3,enum=dev.sigstore.common.v1.HashAlgorithm" json:"hash_algorithm,omitempty"`
@@ -121,25 +123,47 @@ type TransparencyLogInstance struct {
 	// calculated over the DER encoding of the key represented as
 	// SubjectPublicKeyInfo.
 	// See https://www.rfc-editor.org/rfc/rfc6962#section-3.2
+	// MUST set checkpoint_key_id if multiple logs use the same
+	// signing key.
+	// Deprecated: Use checkpoint_key_id instead, since log_id is not
+	// guaranteed to be unique across multiple deployments. Clients
+	// must use the key name and key ID from a checkpoint to determine
+	// the correct TransparencyLogInstance to verify a proof.
+	//
+	// Deprecated: Marked as deprecated in sigstore_trustroot.proto.
 	LogId *v1.LogId `protobuf:"bytes,4,opt,name=log_id,json=logId,proto3" json:"log_id,omitempty"`
-	// The checkpoint key identifier for the log used in a checkpoint.
-	// Optional, not provided for logs that do not generate checkpoints.
-	// For logs that do generate checkpoints, if not set, assume
-	// log_id equals checkpoint_key_id.
-	// Follows the specification described here
-	// for ECDSA and Ed25519 signatures:
+	// The unique identifier for the log, used in the checkpoint.
+	// Its calculation is described in
 	// https://github.com/C2SP/C2SP/blob/main/signed-note.md#signatures
-	// For RSA signatures, the key ID will match the ECDSA format, the
-	// hashed DER-encoded SPKI public key. Publicly witnessed logs MUST NOT
-	// use RSA-signed checkpoints, since witnesses do not support
-	// RSA signatures.
+	// SHOULD be set for all logs. When not set, clients MUST use log_id.
+	//
+	// For Ed25519 signatures, the key ID is computed per the C2SP spec:
+	// key ID = SHA-256(key name || 0x0A || 0x01 || 32-byte Ed25519 public key)[:4]
+	// For ECDSA signatures, the key ID is computed per the C2SP spec:
+	// key ID = SHA-256(PKIX ASN.1 DER-encoded public key, in SubjectPublicKeyInfo format)[:4]
+	// For RSA signatures, the signature type will be 0xff with an appended identifier for the format,
+	// "PKIX-RSA-PKCS#1v1.5":
+	// key ID = SHA-256(key name || 0x0A || 0xff || PKIX-RSA-PKCS#1v1.5 || PKIX ASN.1 DER-encoded public key)[:4]
+	//
 	// This is provided for convenience. Clients can also calculate the
 	// checkpoint key ID given the log's public key.
-	// SHOULD be set for logs generating Ed25519 signatures.
 	// SHOULD be 4 bytes long, as a truncated hash.
+	//
+	// To find a matching TransparencyLogInstance in the TrustedRoot,
+	// clients will parse the checkpoint, and for each signature line,
+	// use the key name (i.e. log origin, base_url from TrustedRoot)
+	// and checkpoint key ID (i.e. checkpoint_key_id from TrustedRoot)
+	// which can then be compared against the TrustedRoot log instances.
 	CheckpointKeyId *v1.LogId `protobuf:"bytes,5,opt,name=checkpoint_key_id,json=checkpointKeyId,proto3" json:"checkpoint_key_id,omitempty"`
-	unknownFields   protoimpl.UnknownFields
-	sizeCache       protoimpl.SizeCache
+	// The name of the operator of this log deployment. Operator MUST be
+	// formatted as a scheme-less URI, e.g. sigstore.dev
+	// This MUST be used when there are multiple transparency log instances
+	// to determine if log proof verification meets a specified threshold,
+	// e.g. two proofs from log deployments operated by the same operator
+	// should count as only one valid proof.
+	Operator      string `protobuf:"bytes,6,opt,name=operator,proto3" json:"operator,omitempty"`
+	unknownFields protoimpl.UnknownFields
+	sizeCache     protoimpl.SizeCache
 }
 
 func (x *TransparencyLogInstance) Reset() {
@@ -193,6 +217,7 @@ func (x *TransparencyLogInstance) GetPublicKey() *v1.PublicKey {
 	return nil
 }
 
+// Deprecated: Marked as deprecated in sigstore_trustroot.proto.
 func (x *TransparencyLogInstance) GetLogId() *v1.LogId {
 	if x != nil {
 		return x.LogId
@@ -207,6 +232,13 @@ func (x *TransparencyLogInstance) GetCheckpointKeyId() *v1.LogId {
 	return nil
 }
 
+func (x *TransparencyLogInstance) GetOperator() string {
+	if x != nil {
+		return x.Operator
+	}
+	return ""
+}
+
 // CertificateAuthority enlists the information required to identify which
 // CA to use and perform signature verification.
 type CertificateAuthority struct {
@@ -232,7 +264,15 @@ type CertificateAuthority struct {
 	//
 	// The TimeRange should be considered valid *inclusive* of the
 	// endpoints.
-	ValidFor      *v1.TimeRange `protobuf:"bytes,4,opt,name=valid_for,json=validFor,proto3" json:"valid_for,omitempty"`
+	ValidFor *v1.TimeRange `protobuf:"bytes,4,opt,name=valid_for,json=validFor,proto3" json:"valid_for,omitempty"`
+	// The name of the operator of this certificate or timestamp authority.
+	// Operator MUST be formatted as a scheme-less URI, e.g. sigstore.dev
+	// This MUST be used when there are multiple timestamp authorities to
+	// determine if the signed timestamp verification meets a specified
+	// threshold, e.g. two signed timestamps from timestamp authorities
+	// operated by the same operator should count as only one valid
+	// timestamp.
+	Operator      string `protobuf:"bytes,5,opt,name=operator,proto3" json:"operator,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
@@ -295,6 +335,13 @@ func (x *CertificateAuthority) GetValidFor() *v1.TimeRange {
 	return nil
 }
 
+func (x *CertificateAuthority) GetOperator() string {
+	if x != nil {
+		return x.Operator
+	}
+	return ""
+}
+
 // TrustedRoot describes the client's complete set of trusted entities.
 // How the TrustedRoot is populated is not specified, but can be a
 // combination of many sources such as TUF repositories, files on disk etc.
@@ -460,9 +507,10 @@ type SigningConfig struct {
 	// These URL MUST be the "base" URLs for the transparency logs,
 	// which clients should construct appropriate API endpoints on top of.
 	//
-	// Clients MUST select Services with the highest API version
-	// that the client is compatible with, that are within its
-	// validity period, and have the newest validity start dates.
+	// Clients MUST group Services by `operator` and select at most one
+	// Service from each operator. Clients MUST select Services with the
+	// highest API version that the client is compatible with, that are
+	// within its validity period, and have the newest validity start dates.
 	// All listed Services SHOULD be sorted by the `valid_for` window in
 	// descending order, with the newest instance first.
 	//
@@ -478,9 +526,10 @@ type SigningConfig struct {
 	// should be suitable for submitting Time Stamp Requests (TSRs) to
 	// via HTTP, per RFC 3161.
 	//
-	// Clients MUST select Services with the highest API version
-	// that the client is compatible with, that are within its
-	// validity period, and have the newest validity start dates.
+	// Clients MUST group Services by `operator` and select at most one
+	// Service from each operator. Clients MUST select Services with the
+	// highest API version that the client is compatible with, that are
+	// within its validity period, and have the newest validity start dates.
 	// All listed Services SHOULD be sorted by the `valid_for` window in
 	// descending order, with the newest instance first.
 	//
@@ -574,10 +623,20 @@ func (x *SigningConfig) GetTsaConfig() *ServiceConfiguration {
 }
 
 // Service represents an instance of a service that is a part of Sigstore infrastructure.
-// Clients MUST use the API version hint to determine the service with the
-// highest API version that the client is compatible with. Clients MUST also
-// only connect to services within the specified validity period and that has the
-// newest validity start date.
+// When selecting one or multiple services from a list of services, clients MUST:
+//   - Use the API version hint to determine the service with the highest API version
+//     that the client is compatible with.
+//   - Only select services within the specified validity period and that have the
+//     newest validity start date.
+//
+// When selecting multiple services, clients MUST:
+//   - Use the ServiceConfiguration to determine how many services MUST be selected.
+//     Clients MUST return an error if there are not enough services that meet the
+//     selection criteria.
+//   - Group services by `operator` and select at most one service from an operator.
+//     During verification, clients MUST treat valid verification metadata from the
+//     operator as valid only once towards a threshold.
+//   - Select services from only the highest supported API version.
 type Service struct {
 	state protoimpl.MessageState `protogen:"open.v1"`
 	// URL of the service. MUST include scheme and authority. MAY include path.
@@ -590,7 +649,12 @@ type Service struct {
 	// the client MUST NOT assume there is only one valid instance.
 	// The TimeRange MUST be considered valid *inclusive* of the
 	// endpoints.
-	ValidFor      *v1.TimeRange `protobuf:"bytes,3,opt,name=valid_for,json=validFor,proto3" json:"valid_for,omitempty"`
+	ValidFor *v1.TimeRange `protobuf:"bytes,3,opt,name=valid_for,json=validFor,proto3" json:"valid_for,omitempty"`
+	// Specifies the name of the service operator. When selecting multiple
+	// services, clients MUST use the operator to select services from
+	// distinct operators. Operator MUST be formatted as a scheme-less
+	// URI, e.g. sigstore.dev
+	Operator      string `protobuf:"bytes,4,opt,name=operator,proto3" json:"operator,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
@@ -646,16 +710,26 @@ func (x *Service) GetValidFor() *v1.TimeRange {
 	return nil
 }
 
+func (x *Service) GetOperator() string {
+	if x != nil {
+		return x.Operator
+	}
+	return ""
+}
+
 // ServiceConfiguration specifies how a client should select a set of
 // Services to connect to, along with a count when a specific number
 // of Services is requested.
 type ServiceConfiguration struct {
 	state protoimpl.MessageState `protogen:"open.v1"`
 	// How a client should select a set of Services to connect to.
+	// Clients SHOULD NOT select services from multiple API versions.
 	Selector ServiceSelector `protobuf:"varint,1,opt,name=selector,proto3,enum=dev.sigstore.trustroot.v1.ServiceSelector" json:"selector,omitempty"`
 	// count specifies the number of Services the client should use.
 	// Only used when selector is set to EXACT, and count MUST be greater
 	// than 0. count MUST be less than or equal to the number of Services.
+	// Clients MUST return an error is there are not enough services
+	// that meet selection criteria.
 	Count         uint32 `protobuf:"varint,2,opt,name=count,proto3" json:"count,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
@@ -780,7 +854,7 @@ var file_sigstore_trustroot_proto_rawDesc = string([]byte{
 	0x6f, 0x74, 0x2e, 0x76, 0x31, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70,
 	0x69, 0x2f, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x5f, 0x62, 0x65, 0x68, 0x61, 0x76, 0x69, 0x6f, 0x72,
 	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x15, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65,
-	0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc5, 0x02,
+	0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xe5, 0x02,
 	0x0a, 0x17, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x6f,
 	0x67, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x62, 0x61, 0x73,
 	0x65, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x62, 0x61, 0x73,
@@ -793,15 +867,17 @@ var file_sigstore_trustroot_proto_rawDesc = string([]byte{
 	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67,
 	0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e,
 	0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x52, 0x09, 0x70, 0x75, 0x62, 0x6c, 0x69,
-	0x63, 0x4b, 0x65, 0x79, 0x12, 0x34, 0x0a, 0x06, 0x6c, 0x6f, 0x67, 0x5f, 0x69, 0x64, 0x18, 0x04,
+	0x63, 0x4b, 0x65, 0x79, 0x12, 0x38, 0x0a, 0x06, 0x6c, 0x6f, 0x67, 0x5f, 0x69, 0x64, 0x18, 0x04,
 	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74,
 	0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x6f,
-	0x67, 0x49, 0x64, 0x52, 0x05, 0x6c, 0x6f, 0x67, 0x49, 0x64, 0x12, 0x49, 0x0a, 0x11, 0x63, 0x68,
-	0x65, 0x63, 0x6b, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x69, 0x64, 0x18,
-	0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73,
-	0x74, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4c,
-	0x6f, 0x67, 0x49, 0x64, 0x52, 0x0f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x70, 0x6f, 0x69, 0x6e, 0x74,
-	0x4b, 0x65, 0x79, 0x49, 0x64, 0x22, 0xfa, 0x01, 0x0a, 0x14, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
+	0x67, 0x49, 0x64, 0x42, 0x02, 0x18, 0x01, 0x52, 0x05, 0x6c, 0x6f, 0x67, 0x49, 0x64, 0x12, 0x49,
+	0x0a, 0x11, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79,
+	0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x64, 0x65, 0x76, 0x2e,
+	0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e,
+	0x76, 0x31, 0x2e, 0x4c, 0x6f, 0x67, 0x49, 0x64, 0x52, 0x0f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x70,
+	0x6f, 0x69, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x6f, 0x70, 0x65,
+	0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6f, 0x70, 0x65,
+	0x72, 0x61, 0x74, 0x6f, 0x72, 0x22, 0x96, 0x02, 0x0a, 0x14, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66,
 	0x69, 0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x43,
 	0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
 	0x29, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x63,
@@ -817,107 +893,110 @@ var file_sigstore_trustroot_proto_rawDesc = string([]byte{
 	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73,
 	0x74, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x54,
 	0x69, 0x6d, 0x65, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x08, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x46,
-	0x6f, 0x72, 0x22, 0x92, 0x03, 0x0a, 0x0b, 0x54, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x52, 0x6f,
-	0x6f, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x5f, 0x74, 0x79, 0x70, 0x65,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x54, 0x79, 0x70,
-	0x65, 0x12, 0x48, 0x0a, 0x05, 0x74, 0x6c, 0x6f, 0x67, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b,
-	0x32, 0x32, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e,
-	0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x72, 0x61,
-	0x6e, 0x73, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x6f, 0x67, 0x49, 0x6e, 0x73, 0x74,
-	0x61, 0x6e, 0x63, 0x65, 0x52, 0x05, 0x74, 0x6c, 0x6f, 0x67, 0x73, 0x12, 0x68, 0x0a, 0x17, 0x63,
-	0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f,
-	0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x64,
+	0x6f, 0x72, 0x12, 0x1a, 0x0a, 0x08, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x05,
+	0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x22, 0x92,
+	0x03, 0x0a, 0x0b, 0x54, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x52, 0x6f, 0x6f, 0x74, 0x12, 0x1d,
+	0x0a, 0x0a, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x09, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x54, 0x79, 0x70, 0x65, 0x12, 0x48, 0x0a,
+	0x05, 0x74, 0x6c, 0x6f, 0x67, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x64,
+	0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73,
+	0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x61,
+	0x72, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x6f, 0x67, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65,
+	0x52, 0x05, 0x74, 0x6c, 0x6f, 0x67, 0x73, 0x12, 0x68, 0x0a, 0x17, 0x63, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69,
+	0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73,
+	0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f,
+	0x74, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
+	0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x16, 0x63, 0x65, 0x72, 0x74, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65,
+	0x73, 0x12, 0x4a, 0x0a, 0x06, 0x63, 0x74, 0x6c, 0x6f, 0x67, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28,
+	0x0b, 0x32, 0x32, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65,
+	0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x72,
+	0x61, 0x6e, 0x73, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x6f, 0x67, 0x49, 0x6e, 0x73,
+	0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x63, 0x74, 0x6c, 0x6f, 0x67, 0x73, 0x12, 0x64, 0x0a,
+	0x15, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x6f,
+	0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x64,
 	0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73,
 	0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
-	0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x16, 0x63,
-	0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72,
-	0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x4a, 0x0a, 0x06, 0x63, 0x74, 0x6c, 0x6f, 0x67, 0x73, 0x18,
-	0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73,
+	0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x52, 0x14, 0x74,
+	0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74,
+	0x69, 0x65, 0x73, 0x22, 0xea, 0x03, 0x0a, 0x0d, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x43,
+	0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x5f, 0x74,
+	0x79, 0x70, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6d, 0x65, 0x64, 0x69, 0x61,
+	0x54, 0x79, 0x70, 0x65, 0x12, 0x3b, 0x0a, 0x07, 0x63, 0x61, 0x5f, 0x75, 0x72, 0x6c, 0x73, 0x18,
+	0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73,
 	0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76,
-	0x31, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x6f,
-	0x67, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x06, 0x63, 0x74, 0x6c, 0x6f, 0x67,
-	0x73, 0x12, 0x64, 0x0a, 0x15, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x5f, 0x61,
-	0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b,
-	0x32, 0x2f, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e,
-	0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x65, 0x72,
-	0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74,
-	0x79, 0x52, 0x14, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x41, 0x75, 0x74, 0x68,
-	0x6f, 0x72, 0x69, 0x74, 0x69, 0x65, 0x73, 0x22, 0xea, 0x03, 0x0a, 0x0d, 0x53, 0x69, 0x67, 0x6e,
-	0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x6d, 0x65, 0x64,
-	0x69, 0x61, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6d,
-	0x65, 0x64, 0x69, 0x61, 0x54, 0x79, 0x70, 0x65, 0x12, 0x3b, 0x0a, 0x07, 0x63, 0x61, 0x5f, 0x75,
-	0x72, 0x6c, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x64, 0x65, 0x76, 0x2e,
+	0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x52, 0x06, 0x63, 0x61, 0x55, 0x72, 0x6c,
+	0x73, 0x12, 0x3f, 0x0a, 0x09, 0x6f, 0x69, 0x64, 0x63, 0x5f, 0x75, 0x72, 0x6c, 0x73, 0x18, 0x07,
+	0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74,
+	0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31,
+	0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x52, 0x08, 0x6f, 0x69, 0x64, 0x63, 0x55, 0x72,
+	0x6c, 0x73, 0x12, 0x4a, 0x0a, 0x0f, 0x72, 0x65, 0x6b, 0x6f, 0x72, 0x5f, 0x74, 0x6c, 0x6f, 0x67,
+	0x5f, 0x75, 0x72, 0x6c, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x64, 0x65,
+	0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74,
+	0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x52,
+	0x0d, 0x72, 0x65, 0x6b, 0x6f, 0x72, 0x54, 0x6c, 0x6f, 0x67, 0x55, 0x72, 0x6c, 0x73, 0x12, 0x5b,
+	0x0a, 0x11, 0x72, 0x65, 0x6b, 0x6f, 0x72, 0x5f, 0x74, 0x6c, 0x6f, 0x67, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x64, 0x65, 0x76, 0x2e,
 	0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f,
-	0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x52, 0x06, 0x63,
-	0x61, 0x55, 0x72, 0x6c, 0x73, 0x12, 0x3f, 0x0a, 0x09, 0x6f, 0x69, 0x64, 0x63, 0x5f, 0x75, 0x72,
-	0x6c, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73,
-	0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f,
-	0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x52, 0x08, 0x6f, 0x69,
-	0x64, 0x63, 0x55, 0x72, 0x6c, 0x73, 0x12, 0x4a, 0x0a, 0x0f, 0x72, 0x65, 0x6b, 0x6f, 0x72, 0x5f,
-	0x74, 0x6c, 0x6f, 0x67, 0x5f, 0x75, 0x72, 0x6c, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32,
-	0x22, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74,
-	0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72, 0x76,
-	0x69, 0x63, 0x65, 0x52, 0x0d, 0x72, 0x65, 0x6b, 0x6f, 0x72, 0x54, 0x6c, 0x6f, 0x67, 0x55, 0x72,
-	0x6c, 0x73, 0x12, 0x5b, 0x0a, 0x11, 0x72, 0x65, 0x6b, 0x6f, 0x72, 0x5f, 0x74, 0x6c, 0x6f, 0x67,
-	0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e,
+	0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0f, 0x72, 0x65, 0x6b, 0x6f,
+	0x72, 0x54, 0x6c, 0x6f, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x3d, 0x0a, 0x08, 0x74,
+	0x73, 0x61, 0x5f, 0x75, 0x72, 0x6c, 0x73, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e,
 	0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75,
 	0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
-	0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0f,
-	0x72, 0x65, 0x6b, 0x6f, 0x72, 0x54, 0x6c, 0x6f, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
-	0x3d, 0x0a, 0x08, 0x74, 0x73, 0x61, 0x5f, 0x75, 0x72, 0x6c, 0x73, 0x18, 0x0a, 0x20, 0x03, 0x28,
-	0x0b, 0x32, 0x22, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65,
-	0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65,
-	0x72, 0x76, 0x69, 0x63, 0x65, 0x52, 0x07, 0x74, 0x73, 0x61, 0x55, 0x72, 0x6c, 0x73, 0x12, 0x4e,
-	0x0a, 0x0a, 0x74, 0x73, 0x61, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0b, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72,
-	0x65, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53,
-	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x52, 0x09, 0x74, 0x73, 0x61, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4a, 0x04,
-	0x08, 0x01, 0x10, 0x05, 0x22, 0x87, 0x01, 0x0a, 0x07, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
-	0x12, 0x10, 0x0a, 0x03, 0x75, 0x72, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75,
-	0x72, 0x6c, 0x12, 0x2a, 0x0a, 0x11, 0x6d, 0x61, 0x6a, 0x6f, 0x72, 0x5f, 0x61, 0x70, 0x69, 0x5f,
-	0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0f, 0x6d,
-	0x61, 0x6a, 0x6f, 0x72, 0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x3e,
-	0x0a, 0x09, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x5f, 0x66, 0x6f, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28,
-	0x0b, 0x32, 0x21, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65,
-	0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x52,
-	0x61, 0x6e, 0x67, 0x65, 0x52, 0x08, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x46, 0x6f, 0x72, 0x22, 0x74,
-	0x0a, 0x14, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75,
-	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x46, 0x0a, 0x08, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74,
-	0x6f, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2a, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73,
-	0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f,
-	0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x53, 0x65, 0x6c, 0x65,
-	0x63, 0x74, 0x6f, 0x72, 0x52, 0x08, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x14,
-	0x0a, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x63,
-	0x6f, 0x75, 0x6e, 0x74, 0x22, 0xd8, 0x01, 0x0a, 0x11, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x54,
-	0x72, 0x75, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x6d, 0x65,
-	0x64, 0x69, 0x61, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09,
-	0x6d, 0x65, 0x64, 0x69, 0x61, 0x54, 0x79, 0x70, 0x65, 0x12, 0x4e, 0x0a, 0x0c, 0x74, 0x72, 0x75,
-	0x73, 0x74, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x6f, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32,
-	0x26, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74,
-	0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x72, 0x75, 0x73,
-	0x74, 0x65, 0x64, 0x52, 0x6f, 0x6f, 0x74, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0b, 0x74, 0x72,
-	0x75, 0x73, 0x74, 0x65, 0x64, 0x52, 0x6f, 0x6f, 0x74, 0x12, 0x54, 0x0a, 0x0e, 0x73, 0x69, 0x67,
-	0x6e, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28,
-	0x0b, 0x32, 0x28, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65,
-	0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x69,
-	0x67, 0x6e, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x03, 0xe0, 0x41, 0x02,
-	0x52, 0x0d, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2a,
-	0x4e, 0x0a, 0x0f, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74,
-	0x6f, 0x72, 0x12, 0x1e, 0x0a, 0x1a, 0x53, 0x45, 0x52, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x53, 0x45,
-	0x4c, 0x45, 0x43, 0x54, 0x4f, 0x52, 0x5f, 0x55, 0x4e, 0x44, 0x45, 0x46, 0x49, 0x4e, 0x45, 0x44,
-	0x10, 0x00, 0x12, 0x07, 0x0a, 0x03, 0x41, 0x4c, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x41,
-	0x4e, 0x59, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x58, 0x41, 0x43, 0x54, 0x10, 0x03, 0x42,
-	0x88, 0x01, 0x0a, 0x1f, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65,
-	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74,
-	0x2e, 0x76, 0x31, 0x42, 0x0e, 0x54, 0x72, 0x75, 0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x50, 0x72,
-	0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x39, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f,
-	0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62,
-	0x2d, 0x67, 0x6f, 0x2f, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2f, 0x76, 0x31,
-	0xea, 0x02, 0x17, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3a, 0x3a, 0x54, 0x72, 0x75,
-	0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x33,
+	0x65, 0x52, 0x07, 0x74, 0x73, 0x61, 0x55, 0x72, 0x6c, 0x73, 0x12, 0x4e, 0x0a, 0x0a, 0x74, 0x73,
+	0x61, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f,
+	0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72,
+	0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
+	0x09, 0x74, 0x73, 0x61, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x05,
+	0x22, 0xa3, 0x01, 0x0a, 0x07, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x10, 0x0a, 0x03,
+	0x75, 0x72, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x72, 0x6c, 0x12, 0x2a,
+	0x0a, 0x11, 0x6d, 0x61, 0x6a, 0x6f, 0x72, 0x5f, 0x61, 0x70, 0x69, 0x5f, 0x76, 0x65, 0x72, 0x73,
+	0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0f, 0x6d, 0x61, 0x6a, 0x6f, 0x72,
+	0x41, 0x70, 0x69, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x3e, 0x0a, 0x09, 0x76, 0x61,
+	0x6c, 0x69, 0x64, 0x5f, 0x66, 0x6f, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e,
+	0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d,
+	0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x52, 0x61, 0x6e, 0x67, 0x65,
+	0x52, 0x08, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x46, 0x6f, 0x72, 0x12, 0x1a, 0x0a, 0x08, 0x6f, 0x70,
+	0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6f, 0x70,
+	0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x22, 0x74, 0x0a, 0x14, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
+	0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x46,
+	0x0a, 0x08, 0x73, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e,
+	0x32, 0x2a, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e,
+	0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x52, 0x08, 0x73, 0x65,
+	0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x14, 0x0a, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0xd8, 0x01, 0x0a,
+	0x11, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x54, 0x72, 0x75, 0x73, 0x74, 0x43, 0x6f, 0x6e, 0x66,
+	0x69, 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x5f, 0x74, 0x79, 0x70, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x54, 0x79, 0x70,
+	0x65, 0x12, 0x4e, 0x0a, 0x0c, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x6f,
+	0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69,
+	0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74,
+	0x2e, 0x76, 0x31, 0x2e, 0x54, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x52, 0x6f, 0x6f, 0x74, 0x42,
+	0x03, 0xe0, 0x41, 0x02, 0x52, 0x0b, 0x74, 0x72, 0x75, 0x73, 0x74, 0x65, 0x64, 0x52, 0x6f, 0x6f,
+	0x74, 0x12, 0x54, 0x0a, 0x0e, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x64, 0x65, 0x76, 0x2e,
+	0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x74, 0x72, 0x75, 0x73, 0x74, 0x72, 0x6f,
+	0x6f, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52, 0x0d, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e,
+	0x67, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2a, 0x4e, 0x0a, 0x0f, 0x53, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x53, 0x65, 0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x1e, 0x0a, 0x1a, 0x53, 0x45,
+	0x52, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x53, 0x45, 0x4c, 0x45, 0x43, 0x54, 0x4f, 0x52, 0x5f, 0x55,
+	0x4e, 0x44, 0x45, 0x46, 0x49, 0x4e, 0x45, 0x44, 0x10, 0x00, 0x12, 0x07, 0x0a, 0x03, 0x41, 0x4c,
+	0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x41, 0x4e, 0x59, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05,
+	0x45, 0x58, 0x41, 0x43, 0x54, 0x10, 0x03, 0x42, 0x88, 0x01, 0x0a, 0x1f, 0x64, 0x65, 0x76, 0x2e,
+	0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74,
+	0x72, 0x75, 0x73, 0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2e, 0x76, 0x31, 0x42, 0x0e, 0x54, 0x72, 0x75,
+	0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x39, 0x67,
+	0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f,
+	0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, 0x63,
+	0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x74, 0x72, 0x75, 0x73,
+	0x74, 0x72, 0x6f, 0x6f, 0x74, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x17, 0x53, 0x69, 0x67, 0x73, 0x74,
+	0x6f, 0x72, 0x65, 0x3a, 0x3a, 0x54, 0x72, 0x75, 0x73, 0x74, 0x52, 0x6f, 0x6f, 0x74, 0x3a, 0x3a,
+	0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 })
 
 var (
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/bundle/bundle.go b/vendor/github.com/sigstore/sigstore-go/pkg/bundle/bundle.go
index 7c4e7a966b..6cd1bd20da 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/bundle/bundle.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/bundle/bundle.go
@@ -80,7 +80,7 @@ func NewProtobufBundle(b *protobundle.Bundle) (*ProtobufBundle, error) {
 }
 
 func (b *Bundle) validate() error {
-	bundleVersion, err := getBundleVersion(b.MediaType)
+	bundleVersion, err := b.Version()
 	if err != nil {
 		return fmt.Errorf("error getting bundle version: %w", err)
 	}
@@ -152,6 +152,10 @@ func MediaTypeString(version string) (string, error) {
 	return mtString, nil
 }
 
+func (b *Bundle) Version() (string, error) {
+	return getBundleVersion(b.MediaType)
+}
+
 func getBundleVersion(mediaType string) (string, error) {
 	switch mediaType {
 	case mediaTypeBase + "+json;version=0.1":
@@ -369,7 +373,7 @@ func (b *Bundle) Timestamps() ([][]byte, error) {
 
 // MinVersion returns true if the bundle version is greater than or equal to the expected version.
 func (b *Bundle) MinVersion(expectVersion string) bool {
-	version, err := getBundleVersion(b.MediaType)
+	version, err := b.Version()
 	if err != nil {
 		return false
 	}
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/root/signing_config.go b/vendor/github.com/sigstore/sigstore-go/pkg/root/signing_config.go
index 495afb03b0..6842618b5e 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/root/signing_config.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/root/signing_config.go
@@ -46,16 +46,49 @@ type ServiceConfiguration struct {
 	Count    uint32
 }
 
+func NewService(s *prototrustroot.Service) Service {
+	validFor := s.GetValidFor()
+
+	var start time.Time
+	if validFor.GetStart() != nil {
+		start = validFor.GetStart().AsTime()
+	}
+
+	var end time.Time
+	if validFor.GetEnd() != nil {
+		end = validFor.GetEnd().AsTime()
+	}
+
+	return Service{
+		URL:                 s.GetUrl(),
+		MajorAPIVersion:     s.GetMajorApiVersion(),
+		ValidityPeriodStart: start,
+		ValidityPeriodEnd:   end,
+	}
+}
+
 // SelectService returns which service endpoint should be used based on supported API versions
-// and current time. It will select the first service that matches the criteria. Services should
-// be sorted from newest to oldest validity period start time, to minimize how far clients
-// need to search to find a matching service.
+// and current time. It will select the first service with the highest API version that matches
+// the criteria. Services should be sorted from newest to oldest validity period start time, to
+// minimize how far clients need to search to find a matching service.
 func SelectService(services []Service, supportedAPIVersions []uint32, currentTime time.Time) (string, error) {
-	for _, s := range services {
-		if slices.Contains(supportedAPIVersions, s.MajorAPIVersion) && s.ValidAtTime(currentTime) {
-			return s.URL, nil
+	if len(supportedAPIVersions) == 0 {
+		return "", fmt.Errorf("no supported API versions")
+	}
+
+	sortedVersions := make([]uint32, len(supportedAPIVersions))
+	copy(sortedVersions, supportedAPIVersions)
+	slices.Sort(sortedVersions)
+	slices.Reverse(sortedVersions)
+
+	for _, version := range sortedVersions {
+		for _, s := range services {
+			if version == s.MajorAPIVersion && s.ValidAtTime(currentTime) {
+				return s.URL, nil
+			}
 		}
 	}
+
 	return "", fmt.Errorf("no matching service found for API versions %v and current time %v", supportedAPIVersions, currentTime)
 }
 
@@ -63,31 +96,49 @@ func SelectService(services []Service, supportedAPIVersions []uint32, currentTim
 // and current time. It will use the configuration's selector to pick a set of services.
 // ALL will return all service endpoints, ANY will return a random endpoint, and
 // EXACT will return a random selection of a specified number of endpoints.
+// It will select services from the highest supported API versions and will not select
+// services from different API versions.
 func SelectServices(services []Service, config ServiceConfiguration, supportedAPIVersions []uint32, currentTime time.Time) ([]string, error) {
-	var urls []string
+	if len(supportedAPIVersions) == 0 {
+		return nil, fmt.Errorf("no supported API versions")
+	}
+
+	urlsByVersion := make(map[uint32][]string)
 	for _, s := range services {
 		if slices.Contains(supportedAPIVersions, s.MajorAPIVersion) && s.ValidAtTime(currentTime) {
-			urls = append(urls, s.URL)
+			urlsByVersion[s.MajorAPIVersion] = append(urlsByVersion[s.MajorAPIVersion], s.URL)
 		}
 	}
-	if len(urls) == 0 {
-		return nil, fmt.Errorf("no matching services found for API versions %v and current time %v", supportedAPIVersions, currentTime)
-	}
-	switch config.Selector {
-	case prototrustroot.ServiceSelector_ALL:
-		return urls, nil
-	case prototrustroot.ServiceSelector_ANY:
-		i := rand.Intn(len(urls)) // #nosec G404
-		return []string{urls[i]}, nil
-	case prototrustroot.ServiceSelector_EXACT:
-		matchedUrls, err := selectExact(urls, config.Count)
-		if err != nil {
-			return nil, err
+
+	sortedVersions := make([]uint32, len(supportedAPIVersions))
+	copy(sortedVersions, supportedAPIVersions)
+	slices.Sort(sortedVersions)
+	slices.Reverse(sortedVersions)
+
+	// Select services from the highest supported API version
+	for _, version := range sortedVersions {
+		urls, ok := urlsByVersion[version]
+		if !ok {
+			continue
+		}
+		switch config.Selector {
+		case prototrustroot.ServiceSelector_ALL:
+			return urls, nil
+		case prototrustroot.ServiceSelector_ANY:
+			i := rand.Intn(len(urls)) // #nosec G404
+			return []string{urls[i]}, nil
+		case prototrustroot.ServiceSelector_EXACT:
+			matchedUrls, err := selectExact(urls, config.Count)
+			if err != nil {
+				return nil, err
+			}
+			return matchedUrls, nil
+		default:
+			return nil, fmt.Errorf("invalid service selector")
 		}
-		return matchedUrls, nil
-	default:
-		return nil, fmt.Errorf("invalid service selector")
 	}
+
+	return nil, fmt.Errorf("no matching services found for API versions %v and current time %v", supportedAPIVersions, currentTime)
 }
 
 func selectExact[T any](slice []T, count uint32) ([]T, error) {
@@ -148,13 +199,9 @@ func (sc ServiceConfiguration) ToConfigProtobuf() *prototrustroot.ServiceConfigu
 
 func (sc *SigningConfig) FulcioCertificateAuthorityURLs() []Service {
 	var services []Service
+
 	for _, s := range sc.signingConfig.GetCaUrls() {
-		services = append(services, Service{
-			URL:                 s.GetUrl(),
-			MajorAPIVersion:     s.GetMajorApiVersion(),
-			ValidityPeriodStart: s.GetValidFor().GetStart().AsTime(),
-			ValidityPeriodEnd:   s.GetValidFor().GetEnd().AsTime(),
-		})
+		services = append(services, NewService(s))
 	}
 	return services
 }
@@ -162,12 +209,7 @@ func (sc *SigningConfig) FulcioCertificateAuthorityURLs() []Service {
 func (sc *SigningConfig) OIDCProviderURLs() []Service {
 	var services []Service
 	for _, s := range sc.signingConfig.GetOidcUrls() {
-		services = append(services, Service{
-			URL:                 s.GetUrl(),
-			MajorAPIVersion:     s.GetMajorApiVersion(),
-			ValidityPeriodStart: s.GetValidFor().GetStart().AsTime(),
-			ValidityPeriodEnd:   s.GetValidFor().GetEnd().AsTime(),
-		})
+		services = append(services, NewService(s))
 	}
 	return services
 }
@@ -175,12 +217,7 @@ func (sc *SigningConfig) OIDCProviderURLs() []Service {
 func (sc *SigningConfig) RekorLogURLs() []Service {
 	var services []Service
 	for _, s := range sc.signingConfig.GetRekorTlogUrls() {
-		services = append(services, Service{
-			URL:                 s.GetUrl(),
-			MajorAPIVersion:     s.GetMajorApiVersion(),
-			ValidityPeriodStart: s.GetValidFor().GetStart().AsTime(),
-			ValidityPeriodEnd:   s.GetValidFor().GetEnd().AsTime(),
-		})
+		services = append(services, NewService(s))
 	}
 	return services
 }
@@ -196,12 +233,7 @@ func (sc *SigningConfig) RekorLogURLsConfig() ServiceConfiguration {
 func (sc *SigningConfig) TimestampAuthorityURLs() []Service {
 	var services []Service
 	for _, s := range sc.signingConfig.GetTsaUrls() {
-		services = append(services, Service{
-			URL:                 s.GetUrl(),
-			MajorAPIVersion:     s.GetMajorApiVersion(),
-			ValidityPeriodStart: s.GetValidFor().GetStart().AsTime(),
-			ValidityPeriodEnd:   s.GetValidFor().GetEnd().AsTime(),
-		})
+		services = append(services, NewService(s))
 	}
 	return services
 }
@@ -217,14 +249,7 @@ func (sc *SigningConfig) TimestampAuthorityURLsConfig() ServiceConfiguration {
 func (sc *SigningConfig) WithFulcioCertificateAuthorityURLs(fulcioURLs ...Service) *SigningConfig {
 	var services []*prototrustroot.Service
 	for _, u := range fulcioURLs {
-		services = append(services, &prototrustroot.Service{
-			Url:             u.URL,
-			MajorApiVersion: u.MajorAPIVersion,
-			ValidFor: &v1.TimeRange{
-				Start: timestamppb.New(u.ValidityPeriodStart),
-				End:   timestamppb.New(u.ValidityPeriodEnd),
-			},
-		})
+		services = append(services, u.ToServiceProtobuf())
 	}
 	sc.signingConfig.CaUrls = services
 	return sc
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/root/trusted_root.go b/vendor/github.com/sigstore/sigstore-go/pkg/root/trusted_root.go
index e4f6e8aa10..4f1607029e 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/root/trusted_root.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/root/trusted_root.go
@@ -367,6 +367,7 @@ func NewTrustedRootProtobuf(rootJSON []byte) (*prototrustroot.TrustedRoot, error
 // NewTrustedRoot initializes a TrustedRoot object from a mediaType string, list of Fulcio
 // certificate authorities, list of timestamp authorities and maps of ctlogs and rekor
 // transparency log instances.
+// mediaType must be TrustedRootMediaType01 ("application/vnd.dev.sigstore.trustedroot+json;version=0.1").
 func NewTrustedRoot(mediaType string,
 	certificateAuthorities []CertificateAuthority,
 	certificateTransparencyLogs map[string]*TransparencyLog,
@@ -374,7 +375,7 @@ func NewTrustedRoot(mediaType string,
 	transparencyLogs map[string]*TransparencyLog) (*TrustedRoot, error) {
 	// document that we assume 1 cert chain per target and with certs already ordered from leaf to root
 	if mediaType != TrustedRootMediaType01 {
-		return nil, fmt.Errorf("unsupported TrustedRoot media type: %s", TrustedRootMediaType01)
+		return nil, fmt.Errorf("unsupported TrustedRoot media type: %s, must be %s", mediaType, TrustedRootMediaType01)
 	}
 	tr := &TrustedRoot{
 		certificateAuthorities:  certificateAuthorities,
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/tlog/entry.go b/vendor/github.com/sigstore/sigstore-go/pkg/tlog/entry.go
index 939e25f0d0..60c83cec89 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/tlog/entry.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/tlog/entry.go
@@ -101,7 +101,7 @@ func ParseEntry(protoEntry *v1.TransparencyLogEntry) (entry *Entry, err error) {
 	if protoEntry == nil ||
 		protoEntry.CanonicalizedBody == nil ||
 		protoEntry.IntegratedTime == 0 ||
-		protoEntry.LogIndex == 0 ||
+		protoEntry.LogIndex < 0 ||
 		protoEntry.LogId == nil ||
 		protoEntry.LogId.KeyId == nil ||
 		protoEntry.KindVersion == nil {
@@ -250,7 +250,7 @@ func (entry *Entry) HasInclusionProof() bool {
 }
 
 func VerifyInclusion(entry *Entry, verifier signature.Verifier) error {
-	err := rekorVerify.VerifyInclusion(context.TODO(), &entry.logEntryAnon)
+	err := rekorVerify.VerifyInclusion(context.Background(), &entry.logEntryAnon)
 	if err != nil {
 		return err
 	}
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/tuf/client.go b/vendor/github.com/sigstore/sigstore-go/pkg/tuf/client.go
index 0b0d8f5e9d..d9b35377e9 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/tuf/client.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/tuf/client.go
@@ -60,9 +60,9 @@ func New(opts *Options) (*Client, error) {
 	if opts.Fetcher != nil {
 		c.cfg.Fetcher = opts.Fetcher
 	} else {
-		fetcher := fetcher.DefaultFetcher{}
+		fetcher := fetcher.NewDefaultFetcher()
 		fetcher.SetHTTPUserAgent(util.ConstructUserAgent())
-		c.cfg.Fetcher = &fetcher
+		c.cfg.Fetcher = fetcher
 	}
 
 	// Upon client creation, we may not perform a full TUF update,
@@ -150,7 +150,10 @@ func (c *Client) Refresh() error {
 	if err != nil {
 		return fmt.Errorf("tuf refresh failed: %w", err)
 	}
-
+	// If cache is disabled, we don't need to persist the last timestamp
+	if c.cfg.DisableLocalCache {
+		return nil
+	}
 	// Update config with last update
 	cfg, err := LoadConfig(c.configPath())
 	if err != nil {
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/tuf/options.go b/vendor/github.com/sigstore/sigstore-go/pkg/tuf/options.go
index 14b5ae8957..5c73485a70 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/tuf/options.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/tuf/options.go
@@ -130,6 +130,7 @@ func DefaultOptions() *Options {
 	}
 	opts.CachePath = filepath.Join(home, ".sigstore", "root")
 	opts.RepositoryBaseURL = DefaultMirror
+	opts.Fetcher = fetcher.NewDefaultFetcher()
 
 	return &opts
 }
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/verify/interface.go b/vendor/github.com/sigstore/sigstore-go/pkg/verify/interface.go
index 2ff080345d..85bcb50284 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/verify/interface.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/verify/interface.go
@@ -51,6 +51,10 @@ type VerificationProvider interface {
 	VerificationContent() (VerificationContent, error)
 }
 
+type VersionProvider interface {
+	Version() (string, error)
+}
+
 type SignedEntity interface {
 	HasInclusionPromise
 	HasInclusionProof
@@ -58,6 +62,7 @@ type SignedEntity interface {
 	SignedTimestampProvider
 	TlogEntryProvider
 	VerificationProvider
+	VersionProvider
 }
 
 type VerificationContent interface {
@@ -119,3 +124,7 @@ func (b *BaseSignedEntity) Timestamps() ([][]byte, error) {
 func (b *BaseSignedEntity) TlogEntries() ([]*tlog.Entry, error) {
 	return nil, errNotImplemented
 }
+
+func (b *BaseSignedEntity) Version() (string, error) {
+	return "", errNotImplemented
+}
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/verify/signature.go b/vendor/github.com/sigstore/sigstore-go/pkg/verify/signature.go
index 689e5ee06b..0386a98e18 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/verify/signature.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/verify/signature.go
@@ -18,15 +18,20 @@ import (
 	"bytes"
 	"context"
 	"crypto"
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/x509"
 	"encoding/hex"
 	"errors"
 	"fmt"
 	"hash"
 	"io"
+	"os"
 	"slices"
 
 	in_toto "github.com/in-toto/attestation/go/v1"
 	"github.com/secure-systems-lab/go-securesystemslib/dsse"
+	v1 "github.com/sigstore/protobuf-specs/gen/pb-go/common/v1"
 	"github.com/sigstore/sigstore-go/pkg/root"
 	"github.com/sigstore/sigstore/pkg/signature"
 	sigdsse "github.com/sigstore/sigstore/pkg/signature/dsse"
@@ -39,14 +44,15 @@ const maxAllowedSubjectDigests = 32
 var ErrDSSEInvalidSignatureCount = errors.New("exactly one signature is required")
 
 func VerifySignature(sigContent SignatureContent, verificationContent VerificationContent, trustedMaterial root.TrustedMaterial) error { // nolint: revive
-	var verifier signature.Verifier
-	var err error
-
-	verifier, err = getSignatureVerifier(verificationContent, trustedMaterial)
+	verifier, err := getSignatureVerifier(sigContent, verificationContent, trustedMaterial, false)
 	if err != nil {
 		return fmt.Errorf("could not load signature verifier: %w", err)
 	}
 
+	return verifySignatureWithVerifier(verifier, sigContent, verificationContent, trustedMaterial)
+}
+
+func verifySignatureWithVerifier(verifier signature.Verifier, sigContent SignatureContent, verificationContent VerificationContent, trustedMaterial root.TrustedMaterial) error { // nolint: revive
 	if envelope := sigContent.EnvelopeContent(); envelope != nil {
 		return verifyEnvelope(verifier, envelope)
 	} else if msg := sigContent.MessageSignatureContent(); msg != nil {
@@ -58,11 +64,14 @@ func VerifySignature(sigContent SignatureContent, verificationContent Verificati
 }
 
 func VerifySignatureWithArtifacts(sigContent SignatureContent, verificationContent VerificationContent, trustedMaterial root.TrustedMaterial, artifacts []io.Reader) error { // nolint: revive
-	verifier, err := getSignatureVerifier(verificationContent, trustedMaterial)
+	verifier, err := getSignatureVerifier(sigContent, verificationContent, trustedMaterial, false)
 	if err != nil {
 		return fmt.Errorf("could not load signature verifier: %w", err)
 	}
+	return verifySignatureWithVerifierAndArtifacts(verifier, sigContent, verificationContent, trustedMaterial, artifacts)
+}
 
+func verifySignatureWithVerifierAndArtifacts(verifier signature.Verifier, sigContent SignatureContent, verificationContent VerificationContent, trustedMaterial root.TrustedMaterial, artifacts []io.Reader) error { // nolint: revive
 	envelope := sigContent.EnvelopeContent()
 	msg := sigContent.MessageSignatureContent()
 	if envelope == nil && msg == nil {
@@ -82,11 +91,14 @@ func VerifySignatureWithArtifacts(sigContent SignatureContent, verificationConte
 }
 
 func VerifySignatureWithArtifactDigests(sigContent SignatureContent, verificationContent VerificationContent, trustedMaterial root.TrustedMaterial, digests []ArtifactDigest) error { // nolint: revive
-	verifier, err := getSignatureVerifier(verificationContent, trustedMaterial)
+	verifier, err := getSignatureVerifier(sigContent, verificationContent, trustedMaterial, false)
 	if err != nil {
 		return fmt.Errorf("could not load signature verifier: %w", err)
 	}
+	return verifySignatureWithVerifierAndArtifactDigests(verifier, sigContent, verificationContent, trustedMaterial, digests)
+}
 
+func verifySignatureWithVerifierAndArtifactDigests(verifier signature.Verifier, sigContent SignatureContent, verificationContent VerificationContent, trustedMaterial root.TrustedMaterial, digests []ArtifactDigest) error { // nolint: revive
 	envelope := sigContent.EnvelopeContent()
 	msg := sigContent.MessageSignatureContent()
 	if envelope == nil && msg == nil {
@@ -104,10 +116,101 @@ func VerifySignatureWithArtifactDigests(sigContent SignatureContent, verificatio
 	return verifyEnvelopeWithArtifactDigests(verifier, envelope, digests)
 }
 
-func getSignatureVerifier(verificationContent VerificationContent, tm root.TrustedMaterial) (signature.Verifier, error) {
+// compatVerifier is a signature.Verifier that tries multiple verifiers
+// and returns nil if any of them verify the signature. This is used to
+// verify signatures that were generated with old clients that used SHA256
+// for ECDSA P384/P521 keys.
+type compatVerifier struct {
+	verifiers []signature.Verifier
+}
+
+func (v *compatVerifier) VerifySignature(signature, message io.Reader, opts ...signature.VerifyOption) error {
+	// Create a buffer to store the signature bytes
+	sigBuf := &bytes.Buffer{}
+	sigTee := io.TeeReader(signature, sigBuf)
+	sigBytes, err := io.ReadAll(sigTee)
+	if err != nil {
+		return fmt.Errorf("failed to read signature: %w", err)
+	}
+
+	// Create a buffer to store the message bytes
+	msgBuf := &bytes.Buffer{}
+	msgTee := io.TeeReader(message, msgBuf)
+	msgBytes, err := io.ReadAll(msgTee)
+	if err != nil {
+		return fmt.Errorf("failed to read message: %w", err)
+	}
+
+	for idx, verifier := range v.verifiers {
+		if idx != 0 {
+			fmt.Fprint(os.Stderr, "Failed to verify signature with default verifier, trying compatibility verifier\n")
+		}
+		err := verifier.VerifySignature(bytes.NewReader(sigBytes), bytes.NewReader(msgBytes), opts...)
+		if err == nil {
+			return nil
+		}
+	}
+	return fmt.Errorf("no compatible verifier found")
+}
+
+func (v *compatVerifier) PublicKey(opts ...signature.PublicKeyOption) (crypto.PublicKey, error) {
+	return v.verifiers[0].PublicKey(opts...)
+}
+
+func compatSignatureVerifier(leafCert *x509.Certificate, enableCompat bool, isDSSE bool) (signature.Verifier, error) {
+	// LoadDefaultSigner/Verifier functions accept a few options to select
+	// the default signer/verifier when there are ambiguities, like for
+	// ED25519 keys, which could be used with PureEd25519 or Ed25519ph.
+	//
+	// When dealing with DSSE, use ED25519, but when we are working with
+	// hashedrekord entries, use ED25519ph by default, because this is the
+	// only option.
+	var defaultOpts []signature.LoadOption
+	if !isDSSE {
+		defaultOpts = []signature.LoadOption{options.WithED25519ph()}
+	}
+
+	verifiers := make([]signature.Verifier, 0)
+	verifier, err := signature.LoadDefaultVerifier(leafCert.PublicKey, defaultOpts...)
+	if err != nil {
+		return nil, err
+	}
+	// If compatibility is not enabled, return only the default verifier
+	if !enableCompat {
+		return verifier, nil
+	}
+	verifiers = append(verifiers, verifier)
+
+	// Add a compatibility verifier for ECDSA P384/P521, because we still want
+	// to verify signatures generated with old clients that used SHA256
+	var algorithmDetails signature.AlgorithmDetails
+	if pubKey, ok := leafCert.PublicKey.(*ecdsa.PublicKey); ok {
+		switch pubKey.Curve {
+		case elliptic.P384():
+			//nolint:staticcheck // Need to use deprecated field for backwards compatibility
+			algorithmDetails, err = signature.GetAlgorithmDetails(v1.PublicKeyDetails_PKIX_ECDSA_P384_SHA_256)
+		case elliptic.P521():
+			//nolint:staticcheck // Need to use deprecated field for backwards compatibility
+			algorithmDetails, err = signature.GetAlgorithmDetails(v1.PublicKeyDetails_PKIX_ECDSA_P521_SHA_256)
+		default:
+			return verifier, nil
+		}
+		if err != nil {
+			return nil, err
+		}
+		verifier, err = signature.LoadVerifierFromAlgorithmDetails(leafCert.PublicKey, algorithmDetails, defaultOpts...)
+	}
+	if err != nil {
+		return nil, err
+	}
+	verifiers = append(verifiers, verifier)
+	return &compatVerifier{verifiers: verifiers}, nil
+}
+
+func getSignatureVerifier(sigContent SignatureContent, verificationContent VerificationContent, tm root.TrustedMaterial, enableCompat bool) (signature.Verifier, error) {
 	if leafCert := verificationContent.Certificate(); leafCert != nil {
-		// TODO: Inspect certificate's SignatureAlgorithm to determine hash function
-		return signature.LoadVerifier(leafCert.PublicKey, crypto.SHA256)
+		isDSSE := sigContent.EnvelopeContent() != nil
+		return compatSignatureVerifier(leafCert, enableCompat, isDSSE)
 	} else if pk := verificationContent.PublicKey(); pk != nil {
 		return tm.PublicKeyVerifier(pk.Hint())
 	}
@@ -136,7 +239,7 @@ func verifyEnvelope(verifier signature.Verifier, envelope EnvelopeContent) error
 		return fmt.Errorf("could not load envelope verifier: %w", err)
 	}
 
-	_, err = envVerifier.Verify(context.TODO(), dsseEnv)
+	_, err = envVerifier.Verify(context.Background(), dsseEnv)
 	if err != nil {
 		return fmt.Errorf("could not verify envelope: %w", err)
 	}
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/verify/signed_entity.go b/vendor/github.com/sigstore/sigstore-go/pkg/verify/signed_entity.go
index fc28dd264c..1fc92011a4 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/verify/signed_entity.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/verify/signed_entity.go
@@ -34,7 +34,7 @@ const (
 	VerificationResultMediaType01 = "application/vnd.dev.sigstore.verificationresult+json;version=0.1"
 )
 
-type SignedEntityVerifier struct {
+type Verifier struct {
 	trustedMaterial root.TrustedMaterial
 	config          VerifierConfig
 }
@@ -75,7 +75,7 @@ type VerifierConfig struct { // nolint: revive
 
 type VerifierOption func(*VerifierConfig) error
 
-// NewSignedEntityVerifier creates a new SignedEntityVerifier. It takes a
+// NewVerifier creates a new Verifier. It takes a
 // root.TrustedMaterial, which contains a set of trusted public keys and
 // certificates, and a set of VerifierConfigurators, which set the config
 // that determines the behaviour of the Verify function.
@@ -83,7 +83,7 @@ type VerifierOption func(*VerifierConfig) error
 // VerifierConfig's set of options should match the properties of a given
 // Sigstore deployment, i.e. whether to expect SCTs, Tlog entries, or signed
 // timestamps.
-func NewSignedEntityVerifier(trustedMaterial root.TrustedMaterial, options ...VerifierOption) (*SignedEntityVerifier, error) {
+func NewVerifier(trustedMaterial root.TrustedMaterial, options ...VerifierOption) (*Verifier, error) {
 	var err error
 	c := VerifierConfig{}
 
@@ -99,7 +99,7 @@ func NewSignedEntityVerifier(trustedMaterial root.TrustedMaterial, options ...Ve
 		return nil, err
 	}
 
-	v := &SignedEntityVerifier{
+	v := &Verifier{
 		trustedMaterial: trustedMaterial,
 		config:          c,
 	}
@@ -107,7 +107,17 @@ func NewSignedEntityVerifier(trustedMaterial root.TrustedMaterial, options ...Ve
 	return v, nil
 }
 
-// WithSignedTimestamps configures the SignedEntityVerifier to expect RFC 3161
+// TODO: Remove the following deprecated functions in a future release before sigstore-go 2.0.
+
+// Deprecated: Use Verifier instead
+type SignedEntityVerifier = Verifier
+
+// Deprecated: Use NewVerifier instead
+func NewSignedEntityVerifier(trustedMaterial root.TrustedMaterial, options ...VerifierOption) (*Verifier, error) {
+	return NewVerifier(trustedMaterial, options...)
+}
+
+// WithSignedTimestamps configures the Verifier to expect RFC 3161
 // timestamps from a Timestamp Authority, verify them using the TrustedMaterial's
 // TimestampingAuthorities(), and, if it exists, use the resulting timestamp(s)
 // to verify the Fulcio certificate.
@@ -122,7 +132,7 @@ func WithSignedTimestamps(threshold int) VerifierOption {
 	}
 }
 
-// WithObserverTimestamps configures the SignedEntityVerifier to expect
+// WithObserverTimestamps configures the Verifier to expect
 // timestamps from either an RFC3161 timestamp authority or a log's
 // SignedEntryTimestamp. These are verified using the TrustedMaterial's
 // TimestampingAuthorities() or RekorLogs(), and used to verify
@@ -138,7 +148,7 @@ func WithObserverTimestamps(threshold int) VerifierOption {
 	}
 }
 
-// WithTransparencyLog configures the SignedEntityVerifier to expect
+// WithTransparencyLog configures the Verifier to expect
 // Transparency Log inclusion proofs or SignedEntryTimestamps, verifying them
 // using the TrustedMaterial's RekorLogs().
 func WithTransparencyLog(threshold int) VerifierOption {
@@ -152,7 +162,7 @@ func WithTransparencyLog(threshold int) VerifierOption {
 	}
 }
 
-// WithIntegratedTimestamps configures the SignedEntityVerifier to
+// WithIntegratedTimestamps configures the Verifier to
 // expect log entry integrated timestamps from either SignedEntryTimestamps
 // or live log lookups.
 func WithIntegratedTimestamps(threshold int) VerifierOption {
@@ -163,7 +173,7 @@ func WithIntegratedTimestamps(threshold int) VerifierOption {
 	}
 }
 
-// WithSignedCertificateTimestamps configures the SignedEntityVerifier to
+// WithSignedCertificateTimestamps configures the Verifier to
 // expect the Fulcio certificate to have a SignedCertificateTimestamp, and
 // verify it using the TrustedMaterial's CTLogAuthorities().
 func WithSignedCertificateTimestamps(threshold int) VerifierOption {
@@ -177,7 +187,7 @@ func WithSignedCertificateTimestamps(threshold int) VerifierOption {
 	}
 }
 
-// WithCurrentTime configures the SignedEntityVerifier to not expect
+// WithCurrentTime configures the Verifier to not expect
 // any timestamps from either a Timestamp Authority or a Transparency Log.
 // This option should not be enabled when verifying short-lived certificates,
 // as an observer timestamp is needed. This option is useful primarily for
@@ -191,7 +201,7 @@ func WithCurrentTime() VerifierOption {
 
 func (c *VerifierConfig) Validate() error {
 	if !c.requireObserverTimestamps && !c.requireSignedTimestamps && !c.requireIntegratedTimestamps && !c.useCurrentTime {
-		return errors.New("when initializing a new SignedEntityVerifier, you must specify at least one of " +
+		return errors.New("when initializing a new Verifier, you must specify at least one of " +
 			"WithObserverTimestamps(), WithSignedTimestamps(), or WithIntegratedTimestamps()")
 	}
 
@@ -548,7 +558,7 @@ func WithArtifactDigests(digests []ArtifactDigest) ArtifactPolicyOption {
 }
 
 // Verify checks the cryptographic integrity of a given SignedEntity according
-// to the options configured in the NewSignedEntityVerifier. Its purpose is to
+// to the options configured in the NewVerifier. Its purpose is to
 // determine whether the SignedEntity was created by a Sigstore deployment we
 // trust, as defined by keys in our TrustedMaterial.
 //
@@ -567,7 +577,7 @@ func WithArtifactDigests(digests []ArtifactDigest) ArtifactPolicyOption {
 //     expected value
 //   - (if the signed entity has a dsse envelope) verify that the envelope's
 //     statement's subject matches the artifact being verified
-func (v *SignedEntityVerifier) Verify(entity SignedEntity, pb PolicyBuilder) (*VerificationResult, error) {
+func (v *Verifier) Verify(entity SignedEntity, pb PolicyBuilder) (*VerificationResult, error) {
 	policy, err := pb.BuildConfig()
 	if err != nil {
 		return nil, fmt.Errorf("failed to build policy: %w", err)
@@ -665,12 +675,37 @@ func (v *SignedEntityVerifier) Verify(entity SignedEntity, pb PolicyBuilder) (*V
 		return nil, fmt.Errorf("failed to fetch signature content: %w", err)
 	}
 
+	entityVersion, err := entity.Version()
+	if err != nil {
+		return nil, fmt.Errorf("failed to fetch entity version: %w", err)
+	}
+
+	var enableCompat bool
+	switch entityVersion {
+	case "v0.1":
+		fallthrough
+	case "0.1":
+		fallthrough
+	case "v0.2":
+		fallthrough
+	case "0.2":
+		fallthrough
+	case "v0.3":
+		fallthrough
+	case "0.3":
+		enableCompat = true
+	}
+	verifier, err := getSignatureVerifier(sigContent, verificationContent, v.trustedMaterial, enableCompat)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get signature verifier: %w", err)
+	}
+
 	if policy.RequireArtifact() {
 		switch {
 		case policy.verifyArtifacts:
-			err = VerifySignatureWithArtifacts(sigContent, verificationContent, v.trustedMaterial, policy.artifacts)
+			err = verifySignatureWithVerifierAndArtifacts(verifier, sigContent, verificationContent, v.trustedMaterial, policy.artifacts)
 		case policy.verifyArtifactDigests:
-			err = VerifySignatureWithArtifactDigests(sigContent, verificationContent, v.trustedMaterial, policy.artifactDigests)
+			err = verifySignatureWithVerifierAndArtifactDigests(verifier, sigContent, verificationContent, v.trustedMaterial, policy.artifactDigests)
 		default:
 			// should never happen, but just in case:
 			err = errors.New("no artifact or artifact digest provided")
@@ -678,7 +713,7 @@ func (v *SignedEntityVerifier) Verify(entity SignedEntity, pb PolicyBuilder) (*V
 	} else {
 		// verifying with artifact has been explicitly turned off, so just check
 		// the signature on the dsse envelope:
-		err = VerifySignature(sigContent, verificationContent, v.trustedMaterial)
+		err = verifySignatureWithVerifier(verifier, sigContent, verificationContent, v.trustedMaterial)
 	}
 
 	if err != nil {
@@ -740,12 +775,12 @@ func (v *SignedEntityVerifier) Verify(entity SignedEntity, pb PolicyBuilder) (*V
 // a list of verified timestamps from the log integrated timestamps when verifying
 // with observer timestamps.
 // TODO: Return a different verification result for logs specifically (also for #48)
-func (v *SignedEntityVerifier) VerifyTransparencyLogInclusion(entity SignedEntity) ([]TimestampVerificationResult, error) {
+func (v *Verifier) VerifyTransparencyLogInclusion(entity SignedEntity) ([]TimestampVerificationResult, error) {
 	verifiedTimestamps := []TimestampVerificationResult{}
 
 	if v.config.requireTlogEntries {
 		// log timestamps should be verified if with WithIntegratedTimestamps or WithObserverTimestamps is used
-		verifiedTlogTimestamps, err := VerifyArtifactTransparencyLog(entity, v.trustedMaterial, v.config.tlogEntriesThreshold,
+		verifiedTlogTimestamps, err := VerifyTlogEntry(entity, v.trustedMaterial, v.config.tlogEntriesThreshold,
 			v.config.requireIntegratedTimestamps || v.config.requireObserverTimestamps)
 		if err != nil {
 			return nil, err
@@ -766,13 +801,13 @@ func (v *SignedEntityVerifier) VerifyTransparencyLogInclusion(entity SignedEntit
 // logTimestamps may be populated with verified log entry integrated timestamps
 // In order to be verifiable, a SignedEntity must have at least one verified
 // "observer timestamp".
-func (v *SignedEntityVerifier) VerifyObserverTimestamps(entity SignedEntity, logTimestamps []TimestampVerificationResult) ([]TimestampVerificationResult, error) {
+func (v *Verifier) VerifyObserverTimestamps(entity SignedEntity, logTimestamps []TimestampVerificationResult) ([]TimestampVerificationResult, error) {
 	verifiedTimestamps := []TimestampVerificationResult{}
 
 	// From spec:
 	// > … if verification or timestamp parsing fails, the Verifier MUST abort
 	if v.config.requireSignedTimestamps {
-		verifiedSignedTimestamps, err := VerifyTimestampAuthorityWithThreshold(entity, v.trustedMaterial, v.config.signedTimestampThreshold)
+		verifiedSignedTimestamps, err := VerifySignedTimestampWithThreshold(entity, v.trustedMaterial, v.config.signedTimestampThreshold)
 		if err != nil {
 			return nil, err
 		}
@@ -789,16 +824,16 @@ func (v *SignedEntityVerifier) VerifyObserverTimestamps(entity SignedEntity, log
 	}
 
 	if v.config.requireObserverTimestamps {
-		verifiedSignedTimestamps, err := VerifyTimestampAuthority(entity, v.trustedMaterial)
+		verifiedSignedTimestamps, verificationErrors, err := VerifySignedTimestamp(entity, v.trustedMaterial)
 		if err != nil {
-			return nil, err
+			return nil, fmt.Errorf("failed to verify signed timestamps: %w", err)
 		}
 
 		// check threshold for both RFC3161 and log timestamps
 		tsCount := len(verifiedSignedTimestamps) + len(logTimestamps)
 		if tsCount < v.config.observerTimestampThreshold {
-			return nil, fmt.Errorf("threshold not met for verified signed & log entry integrated timestamps: %d < %d",
-				tsCount, v.config.observerTimestampThreshold)
+			return nil, fmt.Errorf("threshold not met for verified signed & log entry integrated timestamps: %d < %d; error: %w",
+				tsCount, v.config.observerTimestampThreshold, errors.Join(verificationErrors...))
 		}
 
 		// append all timestamps
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/verify/tlog.go b/vendor/github.com/sigstore/sigstore-go/pkg/verify/tlog.go
index a52b0a17b2..bec975d742 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/verify/tlog.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/verify/tlog.go
@@ -29,12 +29,12 @@ import (
 
 const maxAllowedTlogEntries = 32
 
-// VerifyArtifactTransparencyLog verifies that the given entity has been logged
+// VerifyTlogEntry verifies that the given entity has been logged
 // in the transparency log and that the log entry is valid.
 //
 // The threshold parameter is the number of unique transparency log entries
 // that must be verified.
-func VerifyArtifactTransparencyLog(entity SignedEntity, trustedMaterial root.TrustedMaterial, logThreshold int, trustIntegratedTime bool) ([]root.Timestamp, error) { //nolint:revive
+func VerifyTlogEntry(entity SignedEntity, trustedMaterial root.TrustedMaterial, logThreshold int, trustIntegratedTime bool) ([]root.Timestamp, error) { //nolint:revive
 	entries, err := entity.TlogEntries()
 	if err != nil {
 		return nil, err
@@ -146,3 +146,10 @@ func getVerifier(publicKey crypto.PublicKey, hashFunc crypto.Hash) (*signature.V
 
 	return &verifier, nil
 }
+
+// TODO: remove this deprecated function before 2.0
+
+// Deprecated: use VerifyTlogEntry instead
+func VerifyArtifactTransparencyLog(entity SignedEntity, trustedMaterial root.TrustedMaterial, logThreshold int, trustIntegratedTime bool) ([]root.Timestamp, error) { //nolint:revive
+	return VerifyTlogEntry(entity, trustedMaterial, logThreshold, trustIntegratedTime)
+}
diff --git a/vendor/github.com/sigstore/sigstore-go/pkg/verify/tsa.go b/vendor/github.com/sigstore/sigstore-go/pkg/verify/tsa.go
index 92f8289453..1c10445dd9 100644
--- a/vendor/github.com/sigstore/sigstore-go/pkg/verify/tsa.go
+++ b/vendor/github.com/sigstore/sigstore-go/pkg/verify/tsa.go
@@ -15,7 +15,6 @@
 package verify
 
 import (
-	"bytes"
 	"errors"
 	"fmt"
 
@@ -24,62 +23,69 @@ import (
 
 const maxAllowedTimestamps = 32
 
-// VerifyTimestampAuthority verifies that the given entity has been timestamped
+// VerifySignedTimestamp verifies that the given entity has been timestamped
 // by a trusted timestamp authority and that the timestamp is valid.
-func VerifyTimestampAuthority(entity SignedEntity, trustedMaterial root.TrustedMaterial) ([]*root.Timestamp, error) { //nolint:revive
+func VerifySignedTimestamp(entity SignedEntity, trustedMaterial root.TrustedMaterial) ([]*root.Timestamp, []error, error) { //nolint:revive
 	signedTimestamps, err := entity.Timestamps()
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
 	// limit the number of timestamps to prevent DoS
 	if len(signedTimestamps) > maxAllowedTimestamps {
-		return nil, fmt.Errorf("too many signed timestamps: %d > %d", len(signedTimestamps), maxAllowedTimestamps)
-	}
-
-	// disallow duplicate timestamps, as a malicious actor could use duplicates to bypass the threshold
-	for i := 0; i < len(signedTimestamps); i++ {
-		for j := i + 1; j < len(signedTimestamps); j++ {
-			if bytes.Equal(signedTimestamps[i], signedTimestamps[j]) {
-				return nil, errors.New("duplicate timestamps found")
-			}
-		}
+		return nil, nil, fmt.Errorf("too many signed timestamps: %d > %d", len(signedTimestamps), maxAllowedTimestamps)
 	}
-
 	sigContent, err := entity.SignatureContent()
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
 	signatureBytes := sigContent.Signature()
 
 	verifiedTimestamps := []*root.Timestamp{}
+	var verificationErrors []error
 	for _, timestamp := range signedTimestamps {
 		verifiedSignedTimestamp, err := verifySignedTimestamp(timestamp, signatureBytes, trustedMaterial)
-
-		// Timestamps from unknown source are okay, but don't count as verified
 		if err != nil {
+			verificationErrors = append(verificationErrors, err)
+			continue
+		}
+		if isDuplicateTSA(verifiedTimestamps, verifiedSignedTimestamp) {
+			verificationErrors = append(verificationErrors, fmt.Errorf("duplicate timestamps from the same authority, ignoring %s", verifiedSignedTimestamp.URI))
 			continue
 		}
 
 		verifiedTimestamps = append(verifiedTimestamps, verifiedSignedTimestamp)
 	}
 
-	return verifiedTimestamps, nil
+	return verifiedTimestamps, verificationErrors, nil
+}
+
+// isDuplicateTSA checks if the given verified signed timestamp is a duplicate
+// of any of the verified timestamps.
+// This is used to prevent replay attacks and ensure a single compromised TSA
+// cannot meet the threshold.
+func isDuplicateTSA(verifiedTimestamps []*root.Timestamp, verifiedSignedTimestamp *root.Timestamp) bool {
+	for _, ts := range verifiedTimestamps {
+		if ts.URI == verifiedSignedTimestamp.URI {
+			return true
+		}
+	}
+	return false
 }
 
-// VerifyTimestampAuthority verifies that the given entity has been timestamped
+// VerifySignedTimestamp verifies that the given entity has been timestamped
 // by a trusted timestamp authority and that the timestamp is valid.
 //
 // The threshold parameter is the number of unique timestamps that must be
 // verified.
-func VerifyTimestampAuthorityWithThreshold(entity SignedEntity, trustedMaterial root.TrustedMaterial, threshold int) ([]*root.Timestamp, error) { //nolint:revive
-	verifiedTimestamps, err := VerifyTimestampAuthority(entity, trustedMaterial)
+func VerifySignedTimestampWithThreshold(entity SignedEntity, trustedMaterial root.TrustedMaterial, threshold int) ([]*root.Timestamp, error) { //nolint:revive
+	verifiedTimestamps, verificationErrors, err := VerifySignedTimestamp(entity, trustedMaterial)
 	if err != nil {
 		return nil, err
 	}
 	if len(verifiedTimestamps) < threshold {
-		return nil, fmt.Errorf("threshold not met for verified signed timestamps: %d < %d", len(verifiedTimestamps), threshold)
+		return nil, fmt.Errorf("threshold not met for verified signed timestamps: %d < %d; error: %w", len(verifiedTimestamps), threshold, errors.Join(verificationErrors...))
 	}
 	return verifiedTimestamps, nil
 }
@@ -87,13 +93,28 @@ func VerifyTimestampAuthorityWithThreshold(entity SignedEntity, trustedMaterial
 func verifySignedTimestamp(signedTimestamp []byte, signatureBytes []byte, trustedMaterial root.TrustedMaterial) (*root.Timestamp, error) {
 	timestampAuthorities := trustedMaterial.TimestampingAuthorities()
 
+	var errs []error
+
 	// Iterate through TSA certificate authorities to find one that verifies
 	for _, tsa := range timestampAuthorities {
 		ts, err := tsa.Verify(signedTimestamp, signatureBytes)
 		if err == nil {
 			return ts, nil
 		}
+		errs = append(errs, err)
 	}
 
-	return nil, errors.New("unable to verify signed timestamps")
+	return nil, fmt.Errorf("unable to verify signed timestamps: %w", errors.Join(errs...))
+}
+
+// TODO: remove below deprecated functions before 2.0
+
+// Deprecated: use VerifySignedTimestamp instead.
+func VerifyTimestampAuthority(entity SignedEntity, trustedMaterial root.TrustedMaterial) ([]*root.Timestamp, []error, error) { //nolint:revive
+	return VerifySignedTimestamp(entity, trustedMaterial)
+}
+
+// Deprecated: use VerifySignedTimestampWithThreshold instead.
+func VerifyTimestampAuthorityWithThreshold(entity SignedEntity, trustedMaterial root.TrustedMaterial, threshold int) ([]*root.Timestamp, error) { //nolint:revive
+	return VerifySignedTimestampWithThreshold(entity, trustedMaterial, threshold)
 }
diff --git a/vendor/github.com/sigstore/sigstore/pkg/signature/kms/azure/signer.go b/vendor/github.com/sigstore/sigstore/pkg/signature/kms/azure/signer.go
index 1207849ede..3889306ae4 100644
--- a/vendor/github.com/sigstore/sigstore/pkg/signature/kms/azure/signer.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/signature/kms/azure/signer.go
@@ -87,12 +87,14 @@ func LoadSignerVerifier(defaultCtx context.Context, referenceStr string) (*Signe
 // All other options are ignored if specified.
 func (a *SignerVerifier) SignMessage(message io.Reader, opts ...signature.SignOption) ([]byte, error) {
 	var digest []byte
+	ctx := a.defaultCtx
 
 	for _, opt := range opts {
+		opt.ApplyContext(&ctx)
 		opt.ApplyDigest(&digest)
 	}
 
-	hashFunc, _, err := a.client.getKeyVaultHashFunc(a.defaultCtx)
+	hashFunc, _, err := a.client.getKeyVaultHashFunc(ctx)
 	if err != nil {
 		return nil, err
 	}
@@ -102,7 +104,7 @@ func (a *SignerVerifier) SignMessage(message io.Reader, opts ...signature.SignOp
 		return nil, err
 	}
 
-	rawSig, err := a.client.sign(a.defaultCtx, digest)
+	rawSig, err := a.client.sign(ctx, digest)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/sigstore/sigstore/pkg/signature/kms/gcp/client.go b/vendor/github.com/sigstore/sigstore/pkg/signature/kms/gcp/client.go
index 095319bb5e..52a57203c6 100644
--- a/vendor/github.com/sigstore/sigstore/pkg/signature/kms/gcp/client.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/signature/kms/gcp/client.go
@@ -209,26 +209,50 @@ func (g *gcpClient) keyVersionName(ctx context.Context) (*cryptoKeyVersion, erro
 	// as well as using the in memory Verifier to perform the verify operations.
 	switch kv.Algorithm {
 	case kmspb.CryptoKeyVersion_EC_SIGN_P256_SHA256:
-		crv.Verifier, err = signature.LoadECDSAVerifier(pubKey.(*ecdsa.PublicKey), crypto.SHA256)
+		pk, ok := pubKey.(*ecdsa.PublicKey)
+		if !ok {
+			return nil, fmt.Errorf("asserting public key type ecdsa.PublicKey")
+		}
+		crv.Verifier, err = signature.LoadECDSAVerifier(pk, crypto.SHA256)
 		crv.HashFunc = crypto.SHA256
 	case kmspb.CryptoKeyVersion_EC_SIGN_P384_SHA384:
-		crv.Verifier, err = signature.LoadECDSAVerifier(pubKey.(*ecdsa.PublicKey), crypto.SHA384)
+		pk, ok := pubKey.(*ecdsa.PublicKey)
+		if !ok {
+			return nil, fmt.Errorf("asserting public key type ecdsa.PublicKey")
+		}
+		crv.Verifier, err = signature.LoadECDSAVerifier(pk, crypto.SHA384)
 		crv.HashFunc = crypto.SHA384
 	case kmspb.CryptoKeyVersion_RSA_SIGN_PKCS1_2048_SHA256,
 		kmspb.CryptoKeyVersion_RSA_SIGN_PKCS1_3072_SHA256,
 		kmspb.CryptoKeyVersion_RSA_SIGN_PKCS1_4096_SHA256:
-		crv.Verifier, err = signature.LoadRSAPKCS1v15Verifier(pubKey.(*rsa.PublicKey), crypto.SHA256)
+		pk, ok := pubKey.(*rsa.PublicKey)
+		if !ok {
+			return nil, fmt.Errorf("asserting public key type rsa.PublicKey")
+		}
+		crv.Verifier, err = signature.LoadRSAPKCS1v15Verifier(pk, crypto.SHA256)
 		crv.HashFunc = crypto.SHA256
 	case kmspb.CryptoKeyVersion_RSA_SIGN_PKCS1_4096_SHA512:
-		crv.Verifier, err = signature.LoadRSAPKCS1v15Verifier(pubKey.(*rsa.PublicKey), crypto.SHA512)
+		pk, ok := pubKey.(*rsa.PublicKey)
+		if !ok {
+			return nil, fmt.Errorf("asserting public key type rsa.PublicKey")
+		}
+		crv.Verifier, err = signature.LoadRSAPKCS1v15Verifier(pk, crypto.SHA512)
 		crv.HashFunc = crypto.SHA512
 	case kmspb.CryptoKeyVersion_RSA_SIGN_PSS_2048_SHA256,
 		kmspb.CryptoKeyVersion_RSA_SIGN_PSS_3072_SHA256,
 		kmspb.CryptoKeyVersion_RSA_SIGN_PSS_4096_SHA256:
-		crv.Verifier, err = signature.LoadRSAPSSVerifier(pubKey.(*rsa.PublicKey), crypto.SHA256, nil)
+		pk, ok := pubKey.(*rsa.PublicKey)
+		if !ok {
+			return nil, fmt.Errorf("asserting public key type rsa.PublicKey")
+		}
+		crv.Verifier, err = signature.LoadRSAPSSVerifier(pk, crypto.SHA256, nil)
 		crv.HashFunc = crypto.SHA256
 	case kmspb.CryptoKeyVersion_RSA_SIGN_PSS_4096_SHA512:
-		crv.Verifier, err = signature.LoadRSAPSSVerifier(pubKey.(*rsa.PublicKey), crypto.SHA512, nil)
+		pk, ok := pubKey.(*rsa.PublicKey)
+		if !ok {
+			return nil, fmt.Errorf("asserting public key type rsa.PublicKey")
+		}
+		crv.Verifier, err = signature.LoadRSAPSSVerifier(pk, crypto.SHA512, nil)
 		crv.HashFunc = crypto.SHA512
 	default:
 		return nil, errors.New("unknown algorithm specified by KMS")
diff --git a/vendor/github.com/sigstore/sigstore/pkg/signature/kms/hashivault/client.go b/vendor/github.com/sigstore/sigstore/pkg/signature/kms/hashivault/client.go
index 4501e8640b..49501cf28a 100644
--- a/vendor/github.com/sigstore/sigstore/pkg/signature/kms/hashivault/client.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/signature/kms/hashivault/client.go
@@ -289,9 +289,24 @@ func (h hashivaultClient) sign(digest []byte, alg crypto.Hash, opts ...signature
 		}
 	}
 
+	prehashed := alg != crypto.Hash(0)
+
+	pub, err := h.public()
+	if err != nil {
+		return nil, fmt.Errorf("determining key type: %w", err)
+	}
+	switch pub.(type) {
+	case ed25519.PublicKey:
+		if alg == crypto.SHA512 {
+			prehashed = true
+			break
+		}
+		prehashed = false
+	}
+
 	signResult, err := client.Write(fmt.Sprintf("/%s/sign/%s%s", h.transitSecretEnginePath, h.keyPath, hashString(alg)), map[string]interface{}{
 		"input":               base64.StdEncoding.Strict().EncodeToString(digest),
-		"prehashed":           alg != crypto.Hash(0),
+		"prehashed":           prehashed,
 		"key_version":         keyVersion,
 		"signature_algorithm": "pkcs1v15",
 	})
@@ -337,10 +352,24 @@ func (h hashivaultClient) verify(sig, digest []byte, alg crypto.Hash, opts ...si
 			}
 		}
 	}
+	prehashed := alg != crypto.Hash(0)
+
+	pub, err := h.public()
+	if err != nil {
+		return fmt.Errorf("determining key type: %w", err)
+	}
+	switch pub.(type) {
+	case ed25519.PublicKey:
+		if alg == crypto.SHA512 {
+			prehashed = true
+			break
+		}
+		prehashed = false
+	}
 
 	result, err := client.Write(fmt.Sprintf("/%s/verify/%s/%s", h.transitSecretEnginePath, h.keyPath, hashString(alg)), map[string]interface{}{
 		"input":     base64.StdEncoding.EncodeToString(digest),
-		"prehashed": alg != crypto.Hash(0),
+		"prehashed": prehashed,
 		"signature": fmt.Sprintf("%s%s", vaultDataPrefix, encodedSig),
 	})
 	if err != nil {
diff --git a/vendor/github.com/sigstore/sigstore/pkg/signature/kms/kms.go b/vendor/github.com/sigstore/sigstore/pkg/signature/kms/kms.go
index 7baf9504b8..9432dfe4e8 100644
--- a/vendor/github.com/sigstore/sigstore/pkg/signature/kms/kms.go
+++ b/vendor/github.com/sigstore/sigstore/pkg/signature/kms/kms.go
@@ -23,6 +23,7 @@ import (
 	"fmt"
 	"os/exec"
 	"strings"
+	"sync"
 
 	"github.com/sigstore/sigstore/pkg/signature"
 	"github.com/sigstore/sigstore/pkg/signature/kms/cliplugin"
@@ -45,10 +46,15 @@ type ProviderInit func(context.Context, string, crypto.Hash, ...signature.RPCOpt
 
 // AddProvider adds the provider implementation into the local cache
 func AddProvider(keyResourceID string, init ProviderInit) {
+	providersMapMu.Lock()
+	defer providersMapMu.Unlock()
 	providersMap[keyResourceID] = init
 }
 
-var providersMap = map[string]ProviderInit{}
+var (
+	providersMapMu sync.RWMutex
+	providersMap   = map[string]ProviderInit{}
+)
 
 // Get returns a KMS SignerVerifier for the given resource string and hash function.
 // If no matching built-in provider is found, it will try to use the plugin system as a provider.
@@ -58,6 +64,8 @@ var providersMap = map[string]ProviderInit{}
 // - the plugin program, can't be found.
 // It also returns an error if initializing the SignerVerifier fails.
 func Get(ctx context.Context, keyResourceID string, hashFunc crypto.Hash, opts ...signature.RPCOption) (SignerVerifier, error) {
+	providersMapMu.RLock()
+	defer providersMapMu.RUnlock()
 	for ref, pi := range providersMap {
 		if strings.HasPrefix(keyResourceID, ref) {
 			sv, err := pi(ctx, keyResourceID, hashFunc, opts...)
@@ -77,6 +85,8 @@ func Get(ctx context.Context, keyResourceID string, hashFunc crypto.Hash, opts .
 // SupportedProviders returns list of initialized providers
 func SupportedProviders() []string {
 	keys := make([]string, 0, len(providersMap))
+	providersMapMu.RLock()
+	defer providersMapMu.RUnlock()
 	for key := range providersMap {
 		keys = append(keys, key)
 	}
diff --git a/vendor/github.com/sigstore/timestamp-authority/pkg/verification/verify.go b/vendor/github.com/sigstore/timestamp-authority/pkg/verification/verify.go
index 82bebdd2f8..5a80375db4 100644
--- a/vendor/github.com/sigstore/timestamp-authority/pkg/verification/verify.go
+++ b/vendor/github.com/sigstore/timestamp-authority/pkg/verification/verify.go
@@ -113,7 +113,15 @@ func verifyLeafCert(ts timestamp.Timestamp, opts VerifyOpts) error {
 
 	var leafCert *x509.Certificate
 	if len(ts.Certificates) != 0 {
-		leafCert = ts.Certificates[0]
+		for _, c := range ts.Certificates {
+			if !c.IsCA {
+				leafCert = c
+				break
+			}
+		}
+		if leafCert == nil {
+			return fmt.Errorf("no leaf certificate found in chain")
+		}
 
 		err := verifyEmbeddedLeafCert(leafCert, opts)
 		if err != nil {
@@ -148,7 +156,7 @@ func verifyLeafCert(ts timestamp.Timestamp, opts VerifyOpts) error {
 	return nil
 }
 
-func verifyExtendedKeyUsage(cert *x509.Certificate) error {
+func verifyLeafExtendedKeyUsage(cert *x509.Certificate) error {
 	certEKULen := len(cert.ExtKeyUsage)
 	if certEKULen != 1 {
 		return fmt.Errorf("certificate has %d extended key usages, expected only one", certEKULen)
@@ -160,16 +168,40 @@ func verifyExtendedKeyUsage(cert *x509.Certificate) error {
 	return nil
 }
 
+func verifyIntermediateExtendedKeyUsage(cert *x509.Certificate) error {
+	// If no EKU specified it means unrestricted usage
+	if len(cert.ExtKeyUsage) == 0 {
+		return nil
+	}
+
+	allowsTimestampingUse := false
+	for _, eku := range cert.ExtKeyUsage {
+		if eku == x509.ExtKeyUsageTimeStamping || eku == x509.ExtKeyUsageAny {
+			allowsTimestampingUse = true
+			break
+		}
+	}
+
+	if !allowsTimestampingUse {
+		return errors.New("intermediate certificate does not allow Timestamping usage")
+	}
+
+	return nil
+}
+
 // Verify the leaf and intermediate certificates (called "EKU chaining") all
-// have the extended key usage set to only time stamping usage
+// have the appropriate extended key usage set.
+// Leaf certificates must have exactly one EKU set to Timestamping
+// Intermediates can have no EKU (unrestricted) or multiple EKUs,
+// which need to include Timestamping or UsageAny.
 func verifyLeafAndIntermediatesTimestampingEKU(leafCert *x509.Certificate, opts VerifyOpts) error {
-	err := verifyExtendedKeyUsage(leafCert)
+	err := verifyLeafExtendedKeyUsage(leafCert)
 	if err != nil {
 		return fmt.Errorf("failed to verify EKU on leaf certificate: %w", err)
 	}
 
 	for _, cert := range opts.Intermediates {
-		err := verifyExtendedKeyUsage(cert)
+		err := verifyIntermediateExtendedKeyUsage(cert)
 		if err != nil {
 			return fmt.Errorf("failed to verify EKU on intermediate certificate: %w", err)
 		}
diff --git a/vendor/github.com/sigstore/timestamp-authority/pkg/verification/verify_request.go b/vendor/github.com/sigstore/timestamp-authority/pkg/verification/verify_request.go
index 3e9db5e558..ba7511d755 100644
--- a/vendor/github.com/sigstore/timestamp-authority/pkg/verification/verify_request.go
+++ b/vendor/github.com/sigstore/timestamp-authority/pkg/verification/verify_request.go
@@ -16,17 +16,32 @@ package verification
 
 import (
 	"crypto"
+	"fmt"
 
 	"github.com/digitorus/timestamp"
 	"github.com/pkg/errors"
 )
 
 var ErrWeakHashAlg = errors.New("weak hash algorithm: must be SHA-256, SHA-384, or SHA-512")
+var ErrUnsupportedHashAlg = errors.New("unsupported hash algorithm")
+var ErrInconsistentDigestLength = errors.New("digest length inconsistent with specified hash algorithm")
 
 func VerifyRequest(ts *timestamp.Request) error {
 	// only SHA-1, SHA-256, SHA-384, and SHA-512 are supported by the underlying library
-	if ts.HashAlgorithm == crypto.SHA1 {
+	switch ts.HashAlgorithm {
+	case crypto.SHA1:
 		return ErrWeakHashAlg
+	case crypto.SHA256, crypto.SHA384, crypto.SHA512:
+	default:
+		return ErrUnsupportedHashAlg
 	}
+
+	expectedDigestLength := ts.HashAlgorithm.Size()
+	actualDigestLength := len(ts.HashedMessage)
+
+	if actualDigestLength != expectedDigestLength {
+		return fmt.Errorf("%w: expected %d bytes, got %d bytes", ErrInconsistentDigestLength, expectedDigestLength, actualDigestLength)
+	}
+
 	return nil
 }
diff --git a/vendor/github.com/theupdateframework/go-tuf/v2/metadata/config/config.go b/vendor/github.com/theupdateframework/go-tuf/v2/metadata/config/config.go
index cd8cc98a2c..2123e57dfc 100644
--- a/vendor/github.com/theupdateframework/go-tuf/v2/metadata/config/config.go
+++ b/vendor/github.com/theupdateframework/go-tuf/v2/metadata/config/config.go
@@ -18,9 +18,13 @@
 package config
 
 import (
+	"fmt"
+	"net/http"
 	"net/url"
 	"os"
+	"time"
 
+	"github.com/cenkalti/backoff/v5"
 	"github.com/theupdateframework/go-tuf/v2/metadata/fetcher"
 )
 
@@ -64,12 +68,12 @@ func New(remoteURL string, rootBytes []byte) (*UpdaterConfig, error) {
 		SnapshotMaxLength:  2000000, // bytes
 		TargetsMaxLength:   5000000, // bytes
 		// Updater configuration
-		Fetcher:               &fetcher.DefaultFetcher{}, // use the default built-in download fetcher
-		LocalTrustedRoot:      rootBytes,                 // trusted root.json
-		RemoteMetadataURL:     remoteURL,                 // URL of where the TUF metadata is
-		RemoteTargetsURL:      targetsURL,                // URL of where the target files should be downloaded from
-		DisableLocalCache:     false,                     // enable local caching of trusted metadata
-		PrefixTargetsWithHash: true,                      // use hash-prefixed target files with consistent snapshots
+		Fetcher:               fetcher.NewDefaultFetcher(), // use the default built-in download fetcher
+		LocalTrustedRoot:      rootBytes,                   // trusted root.json
+		RemoteMetadataURL:     remoteURL,                   // URL of where the TUF metadata is
+		RemoteTargetsURL:      targetsURL,                  // URL of where the target files should be downloaded from
+		DisableLocalCache:     false,                       // enable local caching of trusted metadata
+		PrefixTargetsWithHash: true,                        // use hash-prefixed target files with consistent snapshots
 		UnsafeLocalMode:       false,
 	}, nil
 }
@@ -87,3 +91,54 @@ func (cfg *UpdaterConfig) EnsurePathsExist() error {
 
 	return nil
 }
+
+func (cfg *UpdaterConfig) SetDefaultFetcherHTTPClient(client *http.Client) error {
+	// Check if the configured fetcher is the default fetcher
+	// since we are only configuring a http.Client value for the default fetcher
+	df, ok := cfg.Fetcher.(*fetcher.DefaultFetcher)
+	if !ok {
+		return fmt.Errorf("fetcher is not type fetcher.DefaultFetcher")
+	}
+	df.SetHTTPClient(client)
+	cfg.Fetcher = df
+	return nil
+}
+
+func (cfg *UpdaterConfig) SetDefaultFetcherTransport(rt http.RoundTripper) error {
+	// Check if the configured fetcher is the default fetcher
+	// since we are only configuring a Transport value for the default fetcher
+	df, ok := cfg.Fetcher.(*fetcher.DefaultFetcher)
+	if !ok {
+		return fmt.Errorf("fetcher is not type fetcher.DefaultFetcher")
+	}
+	if err := df.SetTransport(rt); err != nil {
+		return err
+	}
+	cfg.Fetcher = df
+	return nil
+}
+
+// SetDefaultFetcherRetry sets the constant retry interval and count for the default fetcher
+func (cfg *UpdaterConfig) SetDefaultFetcherRetry(retryInterval time.Duration, retryCount uint) error {
+	// Check if the configured fetcher is the default fetcher
+	// since we are only configuring the retry interval and count for the default fetcher
+	df, ok := cfg.Fetcher.(*fetcher.DefaultFetcher)
+	if !ok {
+		return fmt.Errorf("fetcher is not type fetcher.DefaultFetcher")
+	}
+	df.SetRetry(retryInterval, retryCount)
+	cfg.Fetcher = df
+	return nil
+}
+
+func (cfg *UpdaterConfig) SetRetryOptions(retryOptions ...backoff.RetryOption) error {
+	// Check if the configured fetcher is the default fetcher
+	// since we are only configuring retry options for the default fetcher
+	df, ok := cfg.Fetcher.(*fetcher.DefaultFetcher)
+	if !ok {
+		return fmt.Errorf("fetcher is not type fetcher.DefaultFetcher")
+	}
+	df.SetRetryOptions(retryOptions...)
+	cfg.Fetcher = df
+	return nil
+}
diff --git a/vendor/github.com/theupdateframework/go-tuf/v2/metadata/fetcher/fetcher.go b/vendor/github.com/theupdateframework/go-tuf/v2/metadata/fetcher/fetcher.go
index dfe2bc14bf..71796b7891 100644
--- a/vendor/github.com/theupdateframework/go-tuf/v2/metadata/fetcher/fetcher.go
+++ b/vendor/github.com/theupdateframework/go-tuf/v2/metadata/fetcher/fetcher.go
@@ -18,23 +18,40 @@
 package fetcher
 
 import (
+	"context"
 	"fmt"
 	"io"
 	"net/http"
 	"strconv"
 	"time"
 
+	"github.com/cenkalti/backoff/v5"
 	"github.com/theupdateframework/go-tuf/v2/metadata"
 )
 
+// httpClient interface allows us to either provide a live http.Client
+// or a mock implementation for testing purposes
+type httpClient interface {
+	Do(req *http.Request) (*http.Response, error)
+}
+
 // Fetcher interface
 type Fetcher interface {
-	DownloadFile(urlPath string, maxLength int64, timeout time.Duration) ([]byte, error)
+	// DownloadFile downloads a file from the provided URL, reading
+	// up to maxLength of bytes before it aborts.
+	// The timeout argument is deprecated and not used. To configure
+	// the timeout (or retries), modify the fetcher instead. For the
+	// DefaultFetcher the underlying HTTP client can be substituted.
+	DownloadFile(urlPath string, maxLength int64, _ time.Duration) ([]byte, error)
 }
 
 // DefaultFetcher implements Fetcher
 type DefaultFetcher struct {
+	//  httpClient configuration
 	httpUserAgent string
+	client        httpClient
+	// retry logic configuration
+	retryOptions []backoff.RetryOption
 }
 
 func (d *DefaultFetcher) SetHTTPUserAgent(httpUserAgent string) {
@@ -43,8 +60,7 @@ func (d *DefaultFetcher) SetHTTPUserAgent(httpUserAgent string) {
 
 // DownloadFile downloads a file from urlPath, errors out if it failed,
 // its length is larger than maxLength or the timeout is reached.
-func (d *DefaultFetcher) DownloadFile(urlPath string, maxLength int64, timeout time.Duration) ([]byte, error) {
-	client := &http.Client{Timeout: timeout}
+func (d *DefaultFetcher) DownloadFile(urlPath string, maxLength int64, _ time.Duration) ([]byte, error) {
 	req, err := http.NewRequest("GET", urlPath, nil)
 	if err != nil {
 		return nil, err
@@ -53,41 +69,104 @@ func (d *DefaultFetcher) DownloadFile(urlPath string, maxLength int64, timeout t
 	if d.httpUserAgent != "" {
 		req.Header.Set("User-Agent", d.httpUserAgent)
 	}
-	// Execute the request.
-	res, err := client.Do(req)
-	if err != nil {
-		return nil, err
-	}
-	defer res.Body.Close()
-	// Handle HTTP status codes.
-	if res.StatusCode != http.StatusOK {
-		return nil, &metadata.ErrDownloadHTTP{StatusCode: res.StatusCode, URL: urlPath}
+
+	// For backwards compatibility, if the client is nil, use the default client.
+	if d.client == nil {
+		d.client = http.DefaultClient
 	}
-	var length int64
-	// Get content length from header (might not be accurate, -1 or not set).
-	if header := res.Header.Get("Content-Length"); header != "" {
-		length, err = strconv.ParseInt(header, 10, 0)
+
+	operation := func() ([]byte, error) {
+		// Execute the request.
+		res, err := d.client.Do(req)
+		if err != nil {
+			return nil, err
+		}
+		defer res.Body.Close()
+		// Handle HTTP status codes.
+		if res.StatusCode != http.StatusOK {
+			return nil, &metadata.ErrDownloadHTTP{StatusCode: res.StatusCode, URL: urlPath}
+		}
+		var length int64
+		// Get content length from header (might not be accurate, -1 or not set).
+		if header := res.Header.Get("Content-Length"); header != "" {
+			length, err = strconv.ParseInt(header, 10, 0)
+			if err != nil {
+				return nil, err
+			}
+			// Error if the reported size is greater than what is expected.
+			if length > maxLength {
+				return nil, &metadata.ErrDownloadLengthMismatch{Msg: fmt.Sprintf("download failed for %s, length %d is larger than expected %d", urlPath, length, maxLength)}
+			}
+		}
+		// Although the size has been checked above, use a LimitReader in case
+		// the reported size is inaccurate, or size is -1 which indicates an
+		// unknown length. We read maxLength + 1 in order to check if the read data
+		// surpassed our set limit.
+		data, err := io.ReadAll(io.LimitReader(res.Body, maxLength+1))
 		if err != nil {
 			return nil, err
 		}
 		// Error if the reported size is greater than what is expected.
+		length = int64(len(data))
 		if length > maxLength {
 			return nil, &metadata.ErrDownloadLengthMismatch{Msg: fmt.Sprintf("download failed for %s, length %d is larger than expected %d", urlPath, length, maxLength)}
 		}
+
+		return data, nil
 	}
-	// Although the size has been checked above, use a LimitReader in case
-	// the reported size is inaccurate, or size is -1 which indicates an
-	// unknown length. We read maxLength + 1 in order to check if the read data
-	// surpased our set limit.
-	data, err := io.ReadAll(io.LimitReader(res.Body, maxLength+1))
+	data, err := backoff.Retry(context.Background(), operation, d.retryOptions...)
 	if err != nil {
 		return nil, err
 	}
-	// Error if the reported size is greater than what is expected.
-	length = int64(len(data))
-	if length > maxLength {
-		return nil, &metadata.ErrDownloadLengthMismatch{Msg: fmt.Sprintf("download failed for %s, length %d is larger than expected %d", urlPath, length, maxLength)}
-	}
 
 	return data, nil
 }
+
+func NewDefaultFetcher() *DefaultFetcher {
+	return &DefaultFetcher{
+		client: http.DefaultClient,
+		// default to attempting the HTTP request once
+		retryOptions: []backoff.RetryOption{backoff.WithMaxTries(1)},
+	}
+}
+
+// NewFetcherWithHTTPClient creates a new DefaultFetcher with a custom httpClient
+func (f *DefaultFetcher) NewFetcherWithHTTPClient(hc httpClient) *DefaultFetcher {
+	return &DefaultFetcher{
+		client: hc,
+	}
+}
+
+// NewFetcherWithRoundTripper creates a new DefaultFetcher with a custom RoundTripper
+// The function will create a default http.Client and replace the transport with the provided RoundTripper implementation
+func (f *DefaultFetcher) NewFetcherWithRoundTripper(rt http.RoundTripper) *DefaultFetcher {
+	client := http.DefaultClient
+	client.Transport = rt
+	return &DefaultFetcher{
+		client: client,
+	}
+}
+
+func (f *DefaultFetcher) SetHTTPClient(hc httpClient) {
+	f.client = hc
+}
+
+func (f *DefaultFetcher) SetTransport(rt http.RoundTripper) error {
+	hc, ok := f.client.(*http.Client)
+	if !ok {
+		return fmt.Errorf("fetcher is not type fetcher.DefaultFetcher")
+	}
+	hc.Transport = rt
+	f.client = hc
+	return nil
+}
+
+func (f *DefaultFetcher) SetRetry(retryInterval time.Duration, retryCount uint) {
+	constantBackOff := backoff.WithBackOff(backoff.NewConstantBackOff(retryInterval))
+	maxTryCount := backoff.WithMaxTries(retryCount)
+	f.SetRetryOptions(constantBackOff, maxTryCount)
+}
+
+func (f *DefaultFetcher) SetRetryOptions(retryOptions ...backoff.RetryOption) {
+	f.retryOptions = retryOptions
+}
diff --git a/vendor/github.com/theupdateframework/go-tuf/v2/metadata/metadata.go b/vendor/github.com/theupdateframework/go-tuf/v2/metadata/metadata.go
index 3e0a9e1ab0..0d0afd850e 100644
--- a/vendor/github.com/theupdateframework/go-tuf/v2/metadata/metadata.go
+++ b/vendor/github.com/theupdateframework/go-tuf/v2/metadata/metadata.go
@@ -21,6 +21,7 @@ import (
 	"bytes"
 	"crypto"
 	"crypto/hmac"
+	"crypto/rsa"
 	"crypto/sha256"
 	"crypto/sha512"
 	"encoding/base64"
@@ -160,12 +161,7 @@ func MetaFile(version int64) *MetaFiles {
 
 // FromFile load metadata from file
 func (meta *Metadata[T]) FromFile(name string) (*Metadata[T], error) {
-	in, err := os.Open(name)
-	if err != nil {
-		return nil, err
-	}
-	defer in.Close()
-	data, err := io.ReadAll(in)
+	data, err := os.ReadFile(name)
 	if err != nil {
 		return nil, err
 	}
@@ -322,7 +318,21 @@ func (meta *Metadata[T]) VerifyDelegate(delegatedRole string, delegatedMetadata
 			}
 		}
 		// load a verifier based on that key
-		verifier, err := signature.LoadVerifier(publicKey, hash)
+		// handle RSA PSS scheme separately as the LoadVerifier function doesn't identify it correctly
+		// Note we should support RSA PSS, not RSA PKCS1v15 (which is what LoadVerifier would return)
+		// Reference: https://theupdateframework.github.io/specification/latest/#file-formats-keys
+		var verifier signature.Verifier
+		if key.Type == KeyTypeRSASSA_PSS_SHA256 {
+			// Load a verifier for rsa
+			publicKeyRSAPSS, ok := publicKey.(*rsa.PublicKey)
+			if !ok {
+				return &ErrType{Msg: "failed to convert public key to RSA PSS key"}
+			}
+			verifier, err = signature.LoadRSAPSSVerifier(publicKeyRSAPSS, hash, &rsa.PSSOptions{Hash: crypto.SHA256})
+		} else {
+			// Load a verifier for ed25519 and ecdsa
+			verifier, err = signature.LoadVerifier(publicKey, hash)
+		}
 		if err != nil {
 			return err
 		}
@@ -459,14 +469,8 @@ func (source *TargetFiles) Equal(expected TargetFiles) bool {
 // FromFile generate TargetFiles from file
 func (t *TargetFiles) FromFile(localPath string, hashes ...string) (*TargetFiles, error) {
 	log.Info("Generating target file from file", "path", localPath)
-	// open file
-	in, err := os.Open(localPath)
-	if err != nil {
-		return nil, err
-	}
-	defer in.Close()
 	// read file
-	data, err := io.ReadAll(in)
+	data, err := os.ReadFile(localPath)
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/theupdateframework/go-tuf/v2/metadata/updater/updater.go b/vendor/github.com/theupdateframework/go-tuf/v2/metadata/updater/updater.go
index 1b9d21b860..4ab24d2a80 100644
--- a/vendor/github.com/theupdateframework/go-tuf/v2/metadata/updater/updater.go
+++ b/vendor/github.com/theupdateframework/go-tuf/v2/metadata/updater/updater.go
@@ -21,12 +21,12 @@ import (
 	"encoding/hex"
 	"errors"
 	"fmt"
-	"io"
 	"net/http"
 	"net/url"
 	"os"
 	"path/filepath"
 	"regexp"
+	"slices"
 	"strconv"
 	"strings"
 	"time"
@@ -142,7 +142,7 @@ func (update *Updater) onlineRefresh() error {
 	return nil
 }
 
-// unsafeLoadRefresh tries to load the persisted metadata already cached
+// unsafeLocalRefresh tries to load the persisted metadata already cached
 // on disk. Note that this is an usafe function, and does deviate from the
 // TUF specification section 5.3 to 5.7 (update phases).
 // The metadata on disk are verified against the provided root though,
@@ -245,7 +245,7 @@ func (update *Updater) DownloadTarget(targetFile *metadata.TargetFiles, filePath
 		}
 	}
 	fullURL := fmt.Sprintf("%s%s", targetBaseURL, targetRemotePath)
-	data, err := update.cfg.Fetcher.DownloadFile(fullURL, targetFile.Length, time.Second*15)
+	data, err := update.cfg.Fetcher.DownloadFile(fullURL, targetFile.Length, 0)
 	if err != nil {
 		return "", nil, err
 	}
@@ -283,7 +283,7 @@ func (update *Updater) FindCachedTarget(targetFile *metadata.TargetFiles, filePa
 		targetFilePath = filePath
 	}
 	// get file content
-	data, err := readFile(targetFilePath)
+	data, err := os.ReadFile(targetFilePath)
 	if err != nil {
 		// do not want to return err, instead we say that there's no cached target available
 		return "", nil, nil
@@ -569,7 +569,7 @@ func (update *Updater) preOrderDepthFirstWalk(targetFilePath string) (*metadata.
 			// push childRolesToVisit in reverse order of appearance
 			// onto delegationsToVisit. Roles are popped from the end of
 			// the list
-			reverseSlice(childRolesToVisit)
+			slices.Reverse(childRolesToVisit)
 			delegationsToVisit = append(delegationsToVisit, childRolesToVisit...)
 		}
 	}
@@ -590,17 +590,28 @@ func (update *Updater) persistMetadata(roleName string, data []byte) error {
 		return nil
 	}
 	// caching enabled, proceed with persisting the metadata locally
-	fileName := filepath.Join(update.cfg.LocalMetadataDir, fmt.Sprintf("%s.json", url.QueryEscape(roleName)))
+	fileName := filepath.Join(update.cfg.LocalMetadataDir, fmt.Sprintf("%s.json", url.PathEscape(roleName)))
 	// create a temporary file
 	file, err := os.CreateTemp(update.cfg.LocalMetadataDir, "tuf_tmp")
 	if err != nil {
 		return err
 	}
-	defer file.Close()
+	// change the file permissions to our desired permissions
+	err = file.Chmod(0644)
+	if err != nil {
+		// close and delete the temporary file if there was an error while writing
+		file.Close()
+		errRemove := os.Remove(file.Name())
+		if errRemove != nil {
+			log.Info("Failed to delete temporary file", "name", file.Name())
+		}
+		return err
+	}
 	// write the data content to the temporary file
-	err = os.WriteFile(file.Name(), data, 0644)
+	_, err = file.Write(data)
 	if err != nil {
-		// delete the temporary file if there was an error while writing
+		// close and delete the temporary file if there was an error while writing
+		file.Close()
 		errRemove := os.Remove(file.Name())
 		if errRemove != nil {
 			log.Info("Failed to delete temporary file", "name", file.Name())
@@ -633,11 +644,11 @@ func (update *Updater) downloadMetadata(roleName string, length int64, version s
 	urlPath := ensureTrailingSlash(update.cfg.RemoteMetadataURL)
 	// build urlPath
 	if version == "" {
-		urlPath = fmt.Sprintf("%s%s.json", urlPath, url.QueryEscape(roleName))
+		urlPath = fmt.Sprintf("%s%s.json", urlPath, url.PathEscape(roleName))
 	} else {
-		urlPath = fmt.Sprintf("%s%s.%s.json", urlPath, version, url.QueryEscape(roleName))
+		urlPath = fmt.Sprintf("%s%s.%s.json", urlPath, version, url.PathEscape(roleName))
 	}
-	return update.cfg.Fetcher.DownloadFile(urlPath, length, time.Second*15)
+	return update.cfg.Fetcher.DownloadFile(urlPath, length, 0)
 }
 
 // generateTargetFilePath generates path from TargetFiles
@@ -647,12 +658,12 @@ func (update *Updater) generateTargetFilePath(tf *metadata.TargetFiles) (string,
 		return "", &metadata.ErrValue{Msg: "LocalTargetsDir must be set if filepath is not given"}
 	}
 	// Use URL encoded target path as filename
-	return filepath.Join(update.cfg.LocalTargetsDir, url.QueryEscape(tf.Path)), nil
+	return filepath.Join(update.cfg.LocalTargetsDir, url.PathEscape(tf.Path)), nil
 }
 
 // loadLocalMetadata reads a local <roleName>.json file and returns its bytes
 func (update *Updater) loadLocalMetadata(roleName string) ([]byte, error) {
-	return readFile(fmt.Sprintf("%s.json", roleName))
+	return os.ReadFile(fmt.Sprintf("%s.json", roleName))
 }
 
 // GetTopLevelTargets returns the top-level target files
@@ -691,24 +702,3 @@ func ensureTrailingSlash(url string) string {
 	}
 	return url + "/"
 }
-
-// reverseSlice reverses the elements in a generic type of slice
-func reverseSlice[S ~[]E, E any](s S) {
-	for i, j := 0, len(s)-1; i < j; i, j = i+1, j-1 {
-		s[i], s[j] = s[j], s[i]
-	}
-}
-
-// readFile reads the content of a file and return its bytes
-func readFile(name string) ([]byte, error) {
-	in, err := os.Open(name)
-	if err != nil {
-		return nil, err
-	}
-	defer in.Close()
-	data, err := io.ReadAll(in)
-	if err != nil {
-		return nil, err
-	}
-	return data, nil
-}
diff --git a/vendor/github.com/vbatts/tar-split/archive/tar/format.go b/vendor/github.com/vbatts/tar-split/archive/tar/format.go
index 1f89d0c59a..60977980c5 100644
--- a/vendor/github.com/vbatts/tar-split/archive/tar/format.go
+++ b/vendor/github.com/vbatts/tar-split/archive/tar/format.go
@@ -143,6 +143,10 @@ const (
 	blockSize  = 512 // Size of each block in a tar stream
 	nameSize   = 100 // Max length of the name field in USTAR format
 	prefixSize = 155 // Max length of the prefix field in USTAR format
+
+	// Max length of a special file (PAX header, GNU long name or link).
+	// This matches the limit used by libarchive.
+	maxSpecialFileSize = 1 << 20
 )
 
 // blockPadding computes the number of bytes needed to pad offset up to the
diff --git a/vendor/github.com/vbatts/tar-split/archive/tar/reader.go b/vendor/github.com/vbatts/tar-split/archive/tar/reader.go
index 6a6b3e0182..248a7ccb15 100644
--- a/vendor/github.com/vbatts/tar-split/archive/tar/reader.go
+++ b/vendor/github.com/vbatts/tar-split/archive/tar/reader.go
@@ -144,7 +144,7 @@ func (tr *Reader) next() (*Header, error) {
 			continue // This is a meta header affecting the next header
 		case TypeGNULongName, TypeGNULongLink:
 			format.mayOnlyBe(FormatGNU)
-			realname, err := io.ReadAll(tr)
+			realname, err := readSpecialFile(tr)
 			if err != nil {
 				return nil, err
 			}
@@ -338,7 +338,7 @@ func mergePAX(hdr *Header, paxHdrs map[string]string) (err error) {
 // parsePAX parses PAX headers.
 // If an extended header (type 'x') is invalid, ErrHeader is returned
 func parsePAX(r io.Reader) (map[string]string, error) {
-	buf, err := io.ReadAll(r)
+	buf, err := readSpecialFile(r)
 	if err != nil {
 		return nil, err
 	}
@@ -889,6 +889,16 @@ func tryReadFull(r io.Reader, b []byte) (n int, err error) {
 	return n, err
 }
 
+// readSpecialFile is like io.ReadAll except it returns
+// ErrFieldTooLong if more than maxSpecialFileSize is read.
+func readSpecialFile(r io.Reader) ([]byte, error) {
+	buf, err := io.ReadAll(io.LimitReader(r, maxSpecialFileSize+1))
+	if len(buf) > maxSpecialFileSize {
+		return nil, ErrFieldTooLong
+	}
+	return buf, err
+}
+
 // discard skips n bytes in r, reporting an error if unable to do so.
 func discard(tr *Reader, n int64) error {
 	var seekSkipped, copySkipped int64
diff --git a/vendor/github.com/vbatts/tar-split/archive/tar/writer.go b/vendor/github.com/vbatts/tar-split/archive/tar/writer.go
index e80498d03e..893eac00ae 100644
--- a/vendor/github.com/vbatts/tar-split/archive/tar/writer.go
+++ b/vendor/github.com/vbatts/tar-split/archive/tar/writer.go
@@ -199,6 +199,9 @@ func (tw *Writer) writePAXHeader(hdr *Header, paxHdrs map[string]string) error {
 			flag = TypeXHeader
 		}
 		data := buf.String()
+		if len(data) > maxSpecialFileSize {
+			return ErrFieldTooLong
+		}
 		if err := tw.writeRawFile(name, data, flag, FormatPAX); err != nil || isGlobal {
 			return err // Global headers return here
 		}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/.gitignore b/vendor/gitlab.com/gitlab-org/api/client-go/.gitignore
index 064c877f38..d28ad4186f 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/.gitignore
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/.gitignore
@@ -33,3 +33,6 @@ _testmain.go
 vendor
 .go/
 .golangci-lint/
+
+# reports
+gl-code-quality-report.json
\ No newline at end of file
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/.gitlab-ci.yml b/vendor/gitlab.com/gitlab-org/api/client-go/.gitlab-ci.yml
index 7b90069c24..7b5da83ef0 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/.gitlab-ci.yml
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/.gitlab-ci.yml
@@ -34,14 +34,13 @@ stages:
   parallel:
     matrix:
       - GOLANG_IMAGE_VERSION:
-        - '1.22'
         - '1.23'
         - '1.24'
 
 .go:base:
   extends:
     - .go:runner-tags
-  # From: https://docs.gitlab.com/ee/ci/caching/#cache-go-dependencies
+  # From: https://docs.gitlab.com/ci/caching/#cache-go-dependencies
   variables:
     GOPATH: $CI_PROJECT_DIR/.go
     GOLANGCI_LINT_CACHE: $CI_PROJECT_DIR/.golangci-lint
@@ -75,9 +74,9 @@ golangci-lint:
   needs: []
   variables:
     REPORT_FILENAME: 'gl-code-quality-report.json'
-  image: golangci/golangci-lint:v1.64.8
+  image: golangci/golangci-lint:v2.1.6
   script:
-    - golangci-lint run --print-issued-lines=false --out-format code-climate:$REPORT_FILENAME,line-number
+    - golangci-lint run
   artifacts:
     reports:
       codequality: $REPORT_FILENAME
@@ -102,6 +101,17 @@ verify-generated-code:
         exit 1;
       }
 
+commitlint:
+  stage: lint
+  needs: []
+  rules:
+    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'
+  image:
+    name: commitlint/commitlint:19.8.1
+    entrypoint: [""]
+  script:
+    - commitlint --from ${CI_MERGE_REQUEST_DIFF_BASE_SHA} --to ${CI_COMMIT_SHA}
+
 tests:unit:
   extends:
     - .go:base
@@ -136,45 +146,20 @@ tests:unit:
         coverage_format: cobertura
     when: always
 
-generate-release-notes:
+release:
+  image: node:24-bookworm-slim
   stage: deploy
-  needs: []
-  image: alpine:3.21.3
   before_script:
-    - apk add --update jq curl git
+    - apt-get update && apt-get install -y --no-install-recommends git-core ca-certificates
+    - npm install -g semantic-release @semantic-release/gitlab @semantic-release/git @semantic-release/changelog
   script:
-    - |
-      if [ -z "$CI_COMMIT_TAG" ]; then
-        last_stable_version_sha="$(git tag | grep -E '^v(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)$' | sort -Vr | head -n1)"
-        version="${last_stable_version_sha}+${CI_COMMIT_SHA}"
-      else
-        version="$CI_COMMIT_TAG"
-      fi
-      urlencoded_version="$(jq -rn --arg x "${version}" '$x|@uri')"
-    - echo "Generating release notes for ${version} (urlencoded=${urlencoded_version}) ..."
-    - 'curl --fail-with-body --header "JOB-TOKEN: $CI_JOB_TOKEN" "$CI_API_V4_URL/projects/$CI_PROJECT_ID/repository/changelog?version=${urlencoded_version}" | jq -r .notes > release-notes.md'
-    - cat release-notes.md
-  artifacts:
-    paths:
-    - release-notes.md
-
-release:
-  stage: deploy
+    - semantic-release
   rules:
-    - if: $CI_COMMIT_TAG
-  needs:
-    - golangci-lint
-    - tests:unit
-    - job: generate-release-notes
-      artifacts: true
-  image: registry.gitlab.com/gitlab-org/release-cli:latest
-  script:
-    - echo "Create release for $CI_COMMIT_TAG"
-  release:
-    tag_name: '$CI_COMMIT_TAG'
-    tag_message: 'Version $CI_COMMIT_TAG'
-    name: '$CI_COMMIT_TAG'
-    description: release-notes.md
+    - if: '$CI_SERVER_HOST != "gitlab.com" || $CI_PROJECT_PATH != "gitlab-org/api/client-go"'
+      when: never
+    - if: $CI_PIPELINE_SOURCE == "schedule"
+      when: never
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
 
 # Update rules on SAST to ensure the jobs show up in the pipeline
 # this prevents forks that don't have `ultimate` from skipping SAST scans
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/.golangci.yml b/vendor/gitlab.com/gitlab-org/api/client-go/.golangci.yml
index ed7b359815..c2eb5c9b0b 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/.golangci.yml
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/.golangci.yml
@@ -1,60 +1,70 @@
-# This file contains all available configuration options
-# with their default values.
+version: "2"
 
 # Options for analysis running
 run:
   concurrency: 4
-  timeout: 10m
   issues-exit-code: 1
   tests: true
 
 # Output configuration options
 output:
   formats:
-    - format: line-number
-
-# All available settings of specific linters
-linters-settings:
-  misspell:
-    locale: US
-    ignore-words:
-    - noteable
-  revive:
-    enable-all-rules: false
-    rules:
-      - name: deep-exit
-
+    text:
+      path: stdout
+      colors: false
+      print-issued-lines: false
+    code-climate:
+      path: gl-code-quality-report.json
 linters:
   enable:
     - asciicheck
     - dogsled
     - errorlint
     - goconst
-    - gosimple
-    - gofumpt
-    - govet
-    - ineffassign
     - misspell
     - nakedret
     - nolintlint
     - revive
-    - staticcheck
-    - typecheck
     - unconvert
-    - unused
     - whitespace
   disable:
     - errcheck
-  disable-all: false
-  fast: false
-
-issues:
+  settings:
+    misspell:
+      locale: US
+      ignore-rules:
+        - noteable
+    revive:
+      enable-all-rules: false
+      rules:
+        - name: deep-exit
+  
   # List of regexps of issue texts to exclude.
-  exclude:
-    - "^.*, make it a constant$"
-
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    rules:
+      - path: (.+)\.go$
+        text: ^.*, make it a constant$
+    paths:
+      - third_party$
+      - builtin$
+      - examples/*
+issues:
   # Maximum issues count per one linter (set to 0 to disable)
   max-issues-per-linter: 0
-
-  # Maximum count of issues with the same text (set to 0 to disable)
+  # Maximum count of issues with the same text (set to 0 to disable)  
   max-same-issues: 0
+formatters:
+  enable:
+    - gofumpt
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/.tool-versions b/vendor/gitlab.com/gitlab-org/api/client-go/.tool-versions
index 3c1fdba6ba..ce09ad71e5 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/.tool-versions
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/.tool-versions
@@ -1 +1,2 @@
-golang 1.22.10
+golang 1.23
+golangci-lint 2.1.6
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/CHANGELOG.md b/vendor/gitlab.com/gitlab-org/api/client-go/CHANGELOG.md
new file mode 100644
index 0000000000..1f5e489287
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/CHANGELOG.md
@@ -0,0 +1,26 @@
+## [0.130.1](https://gitlab.com/gitlab-org/api/client-go/compare/v0.130.0...v0.130.1) (2025-06-11)
+
+
+### Bug Fixes
+
+* add missing nil check on create group with avatar ([3298a05](https://gitlab.com/gitlab-org/api/client-go/commit/3298a058f36962a86dea31587956863cd1ed7624))
+
+# [0.130.0](https://gitlab.com/gitlab-org/api/client-go/compare/v0.129.0...v0.130.0) (2025-06-11)
+
+
+### Bug Fixes
+
+* **workflow:** the `release.config.mjs` file mustn't be hidden ([5d423a5](https://gitlab.com/gitlab-org/api/client-go/commit/5d423a55d5b577ebff50dc1a0905c6511b5a4d6f))
+
+
+### Features
+
+* add "emoji_events" support to group hooks ([c6b770f](https://gitlab.com/gitlab-org/api/client-go/commit/c6b770f350b11e1c9a7c4702ab25b865624b0d47))
+* Add `active` to ListProjects ([7818155](https://gitlab.com/gitlab-org/api/client-go/commit/78181558db20647c22e7fed23e749ecafedad27b))
+* add generated_file field for MergeRequestDiff ([4b95dac](https://gitlab.com/gitlab-org/api/client-go/commit/4b95dac3ef2b5aabe3040f592ba6378d081d7642))
+* add support for `administrator` to Group `project_creation_level` enums ([664bbd7](https://gitlab.com/gitlab-org/api/client-go/commit/664bbd7e3c955c8068b895b1cf1540054ebc13c1))
+* add the `WithTokenSource` client option ([6ccfcf8](https://gitlab.com/gitlab-org/api/client-go/commit/6ccfcf857a0a4a850168ecf9317e2e0b8a532173))
+* add url field to MergeCommentEvent.merge_request ([bd639d8](https://gitlab.com/gitlab-org/api/client-go/commit/bd639d811c8e7965f426c2deccee84a12d32920f))
+* implement a specialized `TokenSource` interface ([83c2e06](https://gitlab.com/gitlab-org/api/client-go/commit/83c2e06cbe76b5268e55589e8bc580582e65bb22))
+* **projects:** add ci_push_repository_for_job_token_allowed parameter ([3d539f6](https://gitlab.com/gitlab-org/api/client-go/commit/3d539f66fd63ce4fec6fa7e4e546c9d2acd018f0))
+* **terraform-states:** add Terraform States API ([082b81c](https://gitlab.com/gitlab-org/api/client-go/commit/082b81cd456d4b8020f6542daeb3f47c80ba38d0))
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/Dangerfile b/vendor/gitlab.com/gitlab-org/api/client-go/Dangerfile
index 13606f2727..51504b3e75 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/Dangerfile
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/Dangerfile
@@ -1,6 +1,6 @@
 require 'gitlab-dangerfiles'
 
-# see https://docs.gitlab.com/ee/development/dangerbot.html#enable-danger-on-a-project
+# see https://docs.gitlab.com/development/dangerbot/#enable-danger-on-a-project
 # see https://gitlab.com/gitlab-org/ruby/gems/gitlab-dangerfiles
 Gitlab::Dangerfiles.for_project(self, 'gitlab-api-client-go') do |dangerfiles|
   # Import all plugins from the gem
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/Makefile b/vendor/gitlab.com/gitlab-org/api/client-go/Makefile
index 605abfb972..510bcbf630 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/Makefile
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/Makefile
@@ -19,7 +19,7 @@ setup: install-golangci-lint install-gofumpt ## Setup your local environment
 	go mod tidy
 
 install-golangci-lint:
-	@go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
+	@go install github.com/golangci/golangci-lint/v2/cmd/golangci-lint@latest
 
 install-gofumpt:
 	@go install mvdan.cc/gofumpt@latest
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/README.md b/vendor/gitlab.com/gitlab-org/api/client-go/README.md
index 4298a42551..33e0ce068f 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/README.md
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/README.md
@@ -2,6 +2,11 @@
 
 A GitLab API client enabling Go programs to interact with GitLab in a simple and uniform way.
 
+
+## Table of Contents
+
+[[_TOC_]]
+
 ## Usage
 
 ```go
@@ -89,6 +94,14 @@ func main() {
 
 For complete usage of go-gitlab, see the full [package docs](https://godoc.org/gitlab.com/gitlab-org/api/client-go).
 
+## Installation
+
+To install the library, use the following command:
+
+```go
+go get gitlab.com/gitlab-org/api/client-go
+```
+
 ## Testing
 
 The `client-go` project comes with a `testing` package at `gitlab.com/gitlab-org/api/client-go/testing`
@@ -97,19 +110,22 @@ which contains a `TestClient` with [gomock](https://github.com/uber-go/mock) moc
 You can use them like this:
 
 ```go
-func Test_MyApp(t *testing.T) {
-    client := testing.NewTestClient(t)
-
+func TestMockExample(t *testing.T) {
+    client := gitlabtesting.NewTestClient(t)
+    opts := &gitlab.ListAgentsOptions{}
+    expectedResp := &gitlab.Response{}
+    pid := 1
     // Setup expectations
     client.MockClusterAgents.EXPECT().
-        List(gomock.Any(), 123, nil).
-        Return([]*gitlab.ClusterAgent{{ID: 1}}, nil)
+        ListAgents(pid, opts).
+        Return([]*gitlab.Agent{{ID: 1}}, expectedResp, nil)
 
     // Use the client in your test
     // You'd probably call your own code here that gets the client injected.
     // You can also retrieve a `gitlab.Client` object from `client.Client`.
-    agents, err := client.ClusterAgents.List(ctx, 123, nil)
+    agents, resp, err := client.ClusterAgents.ListAgents(pid, opts)
     assert.NoError(t, err)
+    assert.Equal(t, expectedResp, resp)
     assert.Len(t, agents, 1)
 }
 ```
@@ -134,6 +150,16 @@ The `newMockClusterAgentsService` must return a type that implements `gitlab.Clu
 
 You can have a look at [`testing/client.go`](/testing.client.go) how it's implemented for `gomock`.
 
+## Compatibility
+
+The `client-go` package will maintain compatibility with the officially supported Go releases
+at the time the package is released. According to the [Go Release Policy](https://go.dev/doc/devel/release#policy),
+that's currently the two last major Go releases.
+This compatibility is reflected in the `go` directive of the [`go.mod`](/go.mod) file
+and the unit test matrix in [`.gitlab-ci.yml`](/.gitlab-ci.yml).
+
+You may also use https://endoflife.date/go to quickly discover the supported Go versions.
+
 ## Contributing
 
 Contributions are always welcome. For more information, check out the
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/access_requests.go b/vendor/gitlab.com/gitlab-org/api/client-go/access_requests.go
index 724b51e34c..1c2ef31c70 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/access_requests.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/access_requests.go
@@ -24,14 +24,14 @@ import (
 
 type (
 	AccessRequestsServiceInterface interface {
-		ListProjectAccessRequests(pid interface{}, opt *ListAccessRequestsOptions, options ...RequestOptionFunc) ([]*AccessRequest, *Response, error)
-		ListGroupAccessRequests(gid interface{}, opt *ListAccessRequestsOptions, options ...RequestOptionFunc) ([]*AccessRequest, *Response, error)
-		RequestProjectAccess(pid interface{}, options ...RequestOptionFunc) (*AccessRequest, *Response, error)
-		RequestGroupAccess(gid interface{}, options ...RequestOptionFunc) (*AccessRequest, *Response, error)
-		ApproveProjectAccessRequest(pid interface{}, user int, opt *ApproveAccessRequestOptions, options ...RequestOptionFunc) (*AccessRequest, *Response, error)
-		ApproveGroupAccessRequest(gid interface{}, user int, opt *ApproveAccessRequestOptions, options ...RequestOptionFunc) (*AccessRequest, *Response, error)
-		DenyProjectAccessRequest(pid interface{}, user int, options ...RequestOptionFunc) (*Response, error)
-		DenyGroupAccessRequest(gid interface{}, user int, options ...RequestOptionFunc) (*Response, error)
+		ListProjectAccessRequests(pid any, opt *ListAccessRequestsOptions, options ...RequestOptionFunc) ([]*AccessRequest, *Response, error)
+		ListGroupAccessRequests(gid any, opt *ListAccessRequestsOptions, options ...RequestOptionFunc) ([]*AccessRequest, *Response, error)
+		RequestProjectAccess(pid any, options ...RequestOptionFunc) (*AccessRequest, *Response, error)
+		RequestGroupAccess(gid any, options ...RequestOptionFunc) (*AccessRequest, *Response, error)
+		ApproveProjectAccessRequest(pid any, user int, opt *ApproveAccessRequestOptions, options ...RequestOptionFunc) (*AccessRequest, *Response, error)
+		ApproveGroupAccessRequest(gid any, user int, opt *ApproveAccessRequestOptions, options ...RequestOptionFunc) (*AccessRequest, *Response, error)
+		DenyProjectAccessRequest(pid any, user int, options ...RequestOptionFunc) (*Response, error)
+		DenyGroupAccessRequest(gid any, user int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// AccessRequestsService handles communication with the project/group
@@ -71,7 +71,7 @@ type ListAccessRequestsOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/access_requests/#list-access-requests-for-a-group-or-project
-func (s *AccessRequestsService) ListProjectAccessRequests(pid interface{}, opt *ListAccessRequestsOptions, options ...RequestOptionFunc) ([]*AccessRequest, *Response, error) {
+func (s *AccessRequestsService) ListProjectAccessRequests(pid any, opt *ListAccessRequestsOptions, options ...RequestOptionFunc) ([]*AccessRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -97,7 +97,7 @@ func (s *AccessRequestsService) ListProjectAccessRequests(pid interface{}, opt *
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/access_requests/#list-access-requests-for-a-group-or-project
-func (s *AccessRequestsService) ListGroupAccessRequests(gid interface{}, opt *ListAccessRequestsOptions, options ...RequestOptionFunc) ([]*AccessRequest, *Response, error) {
+func (s *AccessRequestsService) ListGroupAccessRequests(gid any, opt *ListAccessRequestsOptions, options ...RequestOptionFunc) ([]*AccessRequest, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -123,7 +123,7 @@ func (s *AccessRequestsService) ListGroupAccessRequests(gid interface{}, opt *Li
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/access_requests/#request-access-to-a-group-or-project
-func (s *AccessRequestsService) RequestProjectAccess(pid interface{}, options ...RequestOptionFunc) (*AccessRequest, *Response, error) {
+func (s *AccessRequestsService) RequestProjectAccess(pid any, options ...RequestOptionFunc) (*AccessRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -149,7 +149,7 @@ func (s *AccessRequestsService) RequestProjectAccess(pid interface{}, options ..
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/access_requests/#request-access-to-a-group-or-project
-func (s *AccessRequestsService) RequestGroupAccess(gid interface{}, options ...RequestOptionFunc) (*AccessRequest, *Response, error) {
+func (s *AccessRequestsService) RequestGroupAccess(gid any, options ...RequestOptionFunc) (*AccessRequest, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -183,7 +183,7 @@ type ApproveAccessRequestOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/access_requests/#approve-an-access-request
-func (s *AccessRequestsService) ApproveProjectAccessRequest(pid interface{}, user int, opt *ApproveAccessRequestOptions, options ...RequestOptionFunc) (*AccessRequest, *Response, error) {
+func (s *AccessRequestsService) ApproveProjectAccessRequest(pid any, user int, opt *ApproveAccessRequestOptions, options ...RequestOptionFunc) (*AccessRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -208,7 +208,7 @@ func (s *AccessRequestsService) ApproveProjectAccessRequest(pid interface{}, use
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/access_requests/#approve-an-access-request
-func (s *AccessRequestsService) ApproveGroupAccessRequest(gid interface{}, user int, opt *ApproveAccessRequestOptions, options ...RequestOptionFunc) (*AccessRequest, *Response, error) {
+func (s *AccessRequestsService) ApproveGroupAccessRequest(gid any, user int, opt *ApproveAccessRequestOptions, options ...RequestOptionFunc) (*AccessRequest, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -233,7 +233,7 @@ func (s *AccessRequestsService) ApproveGroupAccessRequest(gid interface{}, user
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/access_requests/#deny-an-access-request
-func (s *AccessRequestsService) DenyProjectAccessRequest(pid interface{}, user int, options ...RequestOptionFunc) (*Response, error) {
+func (s *AccessRequestsService) DenyProjectAccessRequest(pid any, user int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -252,7 +252,7 @@ func (s *AccessRequestsService) DenyProjectAccessRequest(pid interface{}, user i
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/access_requests/#deny-an-access-request
-func (s *AccessRequestsService) DenyGroupAccessRequest(gid interface{}, user int, options ...RequestOptionFunc) (*Response, error) {
+func (s *AccessRequestsService) DenyGroupAccessRequest(gid any, user int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/alert_management.go b/vendor/gitlab.com/gitlab-org/api/client-go/alert_management.go
new file mode 100644
index 0000000000..b87f15c558
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/alert_management.go
@@ -0,0 +1,175 @@
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"fmt"
+	"io"
+	"net/http"
+	"time"
+)
+
+type (
+	AlertManagementServiceInterface interface {
+		UploadMetricImage(pid any, alertIID int, content io.Reader, filename string, opt *UploadMetricImageOptions, options ...RequestOptionFunc) (*MetricImage, *Response, error)
+		ListMetricImages(pid any, alertIID int, opt *ListMetricImagesOptions, options ...RequestOptionFunc) ([]*MetricImage, *Response, error)
+		UpdateMetricImage(pid any, alertIID int, id int, opt *UpdateMetricImageOptions, options ...RequestOptionFunc) (*MetricImage, *Response, error)
+		DeleteMetricImage(pid any, alertIID int, id int, options ...RequestOptionFunc) (*Response, error)
+	}
+
+	// AlertManagementService handles communication with the alert management
+	// related methods of the GitLab API.
+	//
+	// GitLab API docs:
+	// https://docs.gitlab.com/api/alert_management_alerts/
+	AlertManagementService struct {
+		client *Client
+	}
+)
+
+var _ AlertManagementServiceInterface = (*AlertManagementService)(nil)
+
+// MetricImage represents a single metric image file.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/alert_management_alerts/
+type MetricImage struct {
+	ID        int        `json:"id"`
+	CreatedAt *time.Time `json:"created_at"`
+	Filename  string     `json:"filename"`
+	FilePath  string     `json:"file_path"`
+	URL       string     `json:"url"`
+	URLText   string     `json:"url_text"`
+}
+
+// UploadMetricImageOptions represents the available UploadMetricImage() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/alert_management_alerts/#upload-metric-image
+type UploadMetricImageOptions struct {
+	URL     *string `url:"url,omitempty" json:"url,omitempty"`
+	URLText *string `url:"url_text,omitempty" json:"url_text,omitempty"`
+}
+
+// UploadMetricImageOptions uploads a metric image to a project alert.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/alert_management_alerts/#upload-metric-image
+func (s *AlertManagementService) UploadMetricImage(pid any, alertIID int, content io.Reader, filename string, opt *UploadMetricImageOptions, options ...RequestOptionFunc) (*MetricImage, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/alert_management_alerts/%d/metric_images", PathEscape(project), alertIID)
+
+	req, err := s.client.UploadRequest(http.MethodPost, u, content, filename, UploadFile, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	mi := new(MetricImage)
+	resp, err := s.client.Do(req, mi)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return mi, resp, nil
+}
+
+// ListMetricImagesOptions represents the available ListMetricImages() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/alert_management_alerts/#list-metric-images
+type ListMetricImagesOptions struct {
+	ListOptions
+}
+
+// ListMetricImages lists all the metric images for a project alert.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/alert_management_alerts/#list-metric-images
+func (s *AlertManagementService) ListMetricImages(pid any, alertIID int, opt *ListMetricImagesOptions, options ...RequestOptionFunc) ([]*MetricImage, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/alert_management_alerts/%d/metric_images", PathEscape(project), alertIID)
+
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var mis []*MetricImage
+	resp, err := s.client.Do(req, &mis)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return mis, resp, nil
+}
+
+// UpdateMetricImageOptions represents the available UpdateMetricImage() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/alert_management_alerts/#update-metric-image
+type UpdateMetricImageOptions struct {
+	URL     *string `url:"url,omitempty" json:"url,omitempty"`
+	URLText *string `url:"url_text,omitempty" json:"url_text,omitempty"`
+}
+
+// UpdateMetricImage updates a metric image for a project alert.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/alert_management_alerts/#update-metric-image
+func (s *AlertManagementService) UpdateMetricImage(pid any, alertIID int, id int, opt *UpdateMetricImageOptions, options ...RequestOptionFunc) (*MetricImage, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/alert_management_alerts/%d/metric_images/%d", PathEscape(project), alertIID, id)
+
+	req, err := s.client.NewRequest(http.MethodPut, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	mi := new(MetricImage)
+	resp, err := s.client.Do(req, mi)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return mi, resp, nil
+}
+
+// DeleteMetricImage deletes a metric image for a project alert.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/alert_management_alerts/#delete-metric-image
+func (s *AlertManagementService) DeleteMetricImage(pid any, alertIID int, id int, options ...RequestOptionFunc) (*Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, err
+	}
+	u := fmt.Sprintf("projects/%s/alert_management_alerts/%d/metric_images/%d", PathEscape(project), alertIID, id)
+
+	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/application_statistics.go b/vendor/gitlab.com/gitlab-org/api/client-go/application_statistics.go
new file mode 100644
index 0000000000..5442852c50
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/application_statistics.go
@@ -0,0 +1,68 @@
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import "net/http"
+
+type (
+	ApplicationStatisticsServiceInterface interface {
+		GetApplicationStatistics(options ...RequestOptionFunc) (*ApplicationStatistics, *Response, error)
+	}
+
+	// ApplicationStatisticsService handles communication with the application
+	// statistics related methods of the GitLab API.
+	//
+	// GitLab API docs: https://docs.gitlab.com/api/statistics/
+	ApplicationStatisticsService struct {
+		client *Client
+	}
+)
+
+var _ ApplicationStatisticsServiceInterface = (*ApplicationStatisticsService)(nil)
+
+// ApplicationStatistics represents application statistics.
+//
+// GitLab API docs: https://docs.gitlab.com/api/statistics/
+type ApplicationStatistics struct {
+	Forks         int `url:"forks" json:"forks"`
+	Issues        int `url:"issues" json:"issues"`
+	MergeRequests int `url:"merge_requests" json:"merge_requests"`
+	Notes         int `url:"notes" json:"notes"`
+	Snippets      int `url:"snippets" json:"snippets"`
+	SSHKeys       int `url:"ssh_keys" json:"ssh_keys"`
+	Milestones    int `url:"milestones" json:"milestones"`
+	Users         int `url:"users" json:"users"`
+	Groups        int `url:"groups" json:"groups"`
+	Projects      int `url:"projects" json:"projects"`
+	ActiveUsers   int `url:"active_users" json:"active_users"`
+}
+
+// GetApplicationStatistics gets details on the current application statistics.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/statistics/#get-details-on-current-application-statistics
+func (s *ApplicationStatisticsService) GetApplicationStatistics(options ...RequestOptionFunc) (*ApplicationStatistics, *Response, error) {
+	req, err := s.client.NewRequest(http.MethodGet, "application/statistics", nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	statistics := new(ApplicationStatistics)
+	resp, err := s.client.Do(req, statistics)
+	if err != nil {
+		return nil, resp, err
+	}
+	return statistics, resp, nil
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/audit_events.go b/vendor/gitlab.com/gitlab-org/api/client-go/audit_events.go
index 6f0f9f8c4d..3a61d8a4f9 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/audit_events.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/audit_events.go
@@ -10,10 +10,10 @@ type (
 	AuditEventsServiceInterface interface {
 		ListInstanceAuditEvents(opt *ListAuditEventsOptions, options ...RequestOptionFunc) ([]*AuditEvent, *Response, error)
 		GetInstanceAuditEvent(event int, options ...RequestOptionFunc) (*AuditEvent, *Response, error)
-		ListGroupAuditEvents(gid interface{}, opt *ListAuditEventsOptions, options ...RequestOptionFunc) ([]*AuditEvent, *Response, error)
-		GetGroupAuditEvent(gid interface{}, event int, options ...RequestOptionFunc) (*AuditEvent, *Response, error)
-		ListProjectAuditEvents(pid interface{}, opt *ListAuditEventsOptions, options ...RequestOptionFunc) ([]*AuditEvent, *Response, error)
-		GetProjectAuditEvent(pid interface{}, event int, options ...RequestOptionFunc) (*AuditEvent, *Response, error)
+		ListGroupAuditEvents(gid any, opt *ListAuditEventsOptions, options ...RequestOptionFunc) ([]*AuditEvent, *Response, error)
+		GetGroupAuditEvent(gid any, event int, options ...RequestOptionFunc) (*AuditEvent, *Response, error)
+		ListProjectAuditEvents(pid any, opt *ListAuditEventsOptions, options ...RequestOptionFunc) ([]*AuditEvent, *Response, error)
+		GetProjectAuditEvent(pid any, event int, options ...RequestOptionFunc) (*AuditEvent, *Response, error)
 	}
 
 	// AuditEventsService handles communication with the project/group/instance
@@ -47,24 +47,24 @@ type AuditEvent struct {
 //
 // GitLab API docs: https://docs.gitlab.com/api/audit_events/
 type AuditEventDetails struct {
-	With          string      `json:"with"`
-	Add           string      `json:"add"`
-	As            string      `json:"as"`
-	Change        string      `json:"change"`
-	From          string      `json:"from"`
-	To            string      `json:"to"`
-	Remove        string      `json:"remove"`
-	CustomMessage string      `json:"custom_message"`
-	AuthorName    string      `json:"author_name"`
-	AuthorEmail   string      `json:"author_email"`
-	AuthorClass   string      `json:"author_class"`
-	TargetID      interface{} `json:"target_id"`
-	TargetType    string      `json:"target_type"`
-	TargetDetails string      `json:"target_details"`
-	IPAddress     string      `json:"ip_address"`
-	EntityPath    string      `json:"entity_path"`
-	FailedLogin   string      `json:"failed_login"`
-	EventName     string      `json:"event_name"`
+	With          string `json:"with"`
+	Add           string `json:"add"`
+	As            string `json:"as"`
+	Change        string `json:"change"`
+	From          string `json:"from"`
+	To            string `json:"to"`
+	Remove        string `json:"remove"`
+	CustomMessage string `json:"custom_message"`
+	AuthorName    string `json:"author_name"`
+	AuthorEmail   string `json:"author_email"`
+	AuthorClass   string `json:"author_class"`
+	TargetID      any    `json:"target_id"`
+	TargetType    string `json:"target_type"`
+	TargetDetails string `json:"target_details"`
+	IPAddress     string `json:"ip_address"`
+	EntityPath    string `json:"entity_path"`
+	FailedLogin   string `json:"failed_login"`
+	EventName     string `json:"event_name"`
 }
 
 // ListAuditEventsOptions represents the available ListProjectAuditEvents(),
@@ -121,7 +121,7 @@ func (s *AuditEventsService) GetInstanceAuditEvent(event int, options ...Request
 // viewable by the authenticated user.
 //
 // GitLab API docs: https://docs.gitlab.com/api/audit_events/#retrieve-all-group-audit-events
-func (s *AuditEventsService) ListGroupAuditEvents(gid interface{}, opt *ListAuditEventsOptions, options ...RequestOptionFunc) ([]*AuditEvent, *Response, error) {
+func (s *AuditEventsService) ListGroupAuditEvents(gid any, opt *ListAuditEventsOptions, options ...RequestOptionFunc) ([]*AuditEvent, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -145,7 +145,7 @@ func (s *AuditEventsService) ListGroupAuditEvents(gid interface{}, opt *ListAudi
 // GetGroupAuditEvent gets a specific group audit event.
 //
 // GitLab API docs: https://docs.gitlab.com/api/audit_events/#retrieve-a-specific-group-audit-event
-func (s *AuditEventsService) GetGroupAuditEvent(gid interface{}, event int, options ...RequestOptionFunc) (*AuditEvent, *Response, error) {
+func (s *AuditEventsService) GetGroupAuditEvent(gid any, event int, options ...RequestOptionFunc) (*AuditEvent, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -170,7 +170,7 @@ func (s *AuditEventsService) GetGroupAuditEvent(gid interface{}, event int, opti
 // viewable by the authenticated user.
 //
 // GitLab API docs: https://docs.gitlab.com/api/audit_events/#retrieve-all-project-audit-events
-func (s *AuditEventsService) ListProjectAuditEvents(pid interface{}, opt *ListAuditEventsOptions, options ...RequestOptionFunc) ([]*AuditEvent, *Response, error) {
+func (s *AuditEventsService) ListProjectAuditEvents(pid any, opt *ListAuditEventsOptions, options ...RequestOptionFunc) ([]*AuditEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -195,7 +195,7 @@ func (s *AuditEventsService) ListProjectAuditEvents(pid interface{}, opt *ListAu
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/audit_events/#retrieve-a-specific-project-audit-event
-func (s *AuditEventsService) GetProjectAuditEvent(pid interface{}, event int, options ...RequestOptionFunc) (*AuditEvent, *Response, error) {
+func (s *AuditEventsService) GetProjectAuditEvent(pid any, event int, options ...RequestOptionFunc) (*AuditEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go b/vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go
index a161dd2338..525ec4475f 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go
@@ -24,30 +24,30 @@ import (
 
 type (
 	AwardEmojiServiceInterface interface {
-		ListMergeRequestAwardEmoji(pid interface{}, mergeRequestIID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
-		ListIssueAwardEmoji(pid interface{}, issueIID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
-		ListSnippetAwardEmoji(pid interface{}, snippetID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
-		GetMergeRequestAwardEmoji(pid interface{}, mergeRequestIID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		GetIssueAwardEmoji(pid interface{}, issueIID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		GetSnippetAwardEmoji(pid interface{}, snippetID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		CreateMergeRequestAwardEmoji(pid interface{}, mergeRequestIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		CreateIssueAwardEmoji(pid interface{}, issueIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		CreateSnippetAwardEmoji(pid interface{}, snippetID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		DeleteIssueAwardEmoji(pid interface{}, issueIID, awardID int, options ...RequestOptionFunc) (*Response, error)
-		DeleteMergeRequestAwardEmoji(pid interface{}, mergeRequestIID, awardID int, options ...RequestOptionFunc) (*Response, error)
-		DeleteSnippetAwardEmoji(pid interface{}, snippetID, awardID int, options ...RequestOptionFunc) (*Response, error)
-		ListIssuesAwardEmojiOnNote(pid interface{}, issueID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
-		ListMergeRequestAwardEmojiOnNote(pid interface{}, mergeRequestIID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
-		ListSnippetAwardEmojiOnNote(pid interface{}, snippetIID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
-		GetIssuesAwardEmojiOnNote(pid interface{}, issueID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		GetMergeRequestAwardEmojiOnNote(pid interface{}, mergeRequestIID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		GetSnippetAwardEmojiOnNote(pid interface{}, snippetIID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		CreateIssuesAwardEmojiOnNote(pid interface{}, issueID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		CreateMergeRequestAwardEmojiOnNote(pid interface{}, mergeRequestIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		CreateSnippetAwardEmojiOnNote(pid interface{}, snippetIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
-		DeleteIssuesAwardEmojiOnNote(pid interface{}, issueID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error)
-		DeleteMergeRequestAwardEmojiOnNote(pid interface{}, mergeRequestIID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error)
-		DeleteSnippetAwardEmojiOnNote(pid interface{}, snippetIID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error)
+		ListMergeRequestAwardEmoji(pid any, mergeRequestIID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
+		ListIssueAwardEmoji(pid any, issueIID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
+		ListSnippetAwardEmoji(pid any, snippetID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
+		GetMergeRequestAwardEmoji(pid any, mergeRequestIID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		GetIssueAwardEmoji(pid any, issueIID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		GetSnippetAwardEmoji(pid any, snippetID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		CreateMergeRequestAwardEmoji(pid any, mergeRequestIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		CreateIssueAwardEmoji(pid any, issueIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		CreateSnippetAwardEmoji(pid any, snippetID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		DeleteIssueAwardEmoji(pid any, issueIID, awardID int, options ...RequestOptionFunc) (*Response, error)
+		DeleteMergeRequestAwardEmoji(pid any, mergeRequestIID, awardID int, options ...RequestOptionFunc) (*Response, error)
+		DeleteSnippetAwardEmoji(pid any, snippetID, awardID int, options ...RequestOptionFunc) (*Response, error)
+		ListIssuesAwardEmojiOnNote(pid any, issueID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
+		ListMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
+		ListSnippetAwardEmojiOnNote(pid any, snippetIID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error)
+		GetIssuesAwardEmojiOnNote(pid any, issueID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		GetMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		GetSnippetAwardEmojiOnNote(pid any, snippetIID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		CreateIssuesAwardEmojiOnNote(pid any, issueID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		CreateMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		CreateSnippetAwardEmojiOnNote(pid any, snippetIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error)
+		DeleteIssuesAwardEmojiOnNote(pid any, issueID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error)
+		DeleteMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error)
+		DeleteSnippetAwardEmojiOnNote(pid any, snippetIID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// AwardEmojiService handles communication with the emoji awards related methods
@@ -88,7 +88,7 @@ const (
 )
 
 // ListAwardEmojiOptions represents the available options for listing emoji
-// for each resources
+// for each resource
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/
@@ -98,7 +98,7 @@ type ListAwardEmojiOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#list-an-awardables-emoji-reactions
-func (s *AwardEmojiService) ListMergeRequestAwardEmoji(pid interface{}, mergeRequestIID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) ListMergeRequestAwardEmoji(pid any, mergeRequestIID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
 	return s.listAwardEmoji(pid, awardMergeRequest, mergeRequestIID, opt, options...)
 }
 
@@ -106,7 +106,7 @@ func (s *AwardEmojiService) ListMergeRequestAwardEmoji(pid interface{}, mergeReq
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#list-an-awardables-emoji-reactions
-func (s *AwardEmojiService) ListIssueAwardEmoji(pid interface{}, issueIID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) ListIssueAwardEmoji(pid any, issueIID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
 	return s.listAwardEmoji(pid, awardIssue, issueIID, opt, options...)
 }
 
@@ -114,11 +114,11 @@ func (s *AwardEmojiService) ListIssueAwardEmoji(pid interface{}, issueIID int, o
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#list-an-awardables-emoji-reactions
-func (s *AwardEmojiService) ListSnippetAwardEmoji(pid interface{}, snippetID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) ListSnippetAwardEmoji(pid any, snippetID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
 	return s.listAwardEmoji(pid, awardSnippets, snippetID, opt, options...)
 }
 
-func (s *AwardEmojiService) listAwardEmoji(pid interface{}, resource string, resourceID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) listAwardEmoji(pid any, resource string, resourceID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -147,7 +147,7 @@ func (s *AwardEmojiService) listAwardEmoji(pid interface{}, resource string, res
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#get-single-emoji-reaction
-func (s *AwardEmojiService) GetMergeRequestAwardEmoji(pid interface{}, mergeRequestIID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) GetMergeRequestAwardEmoji(pid any, mergeRequestIID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.getAwardEmoji(pid, awardMergeRequest, mergeRequestIID, awardID, options...)
 }
 
@@ -155,7 +155,7 @@ func (s *AwardEmojiService) GetMergeRequestAwardEmoji(pid interface{}, mergeRequ
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#get-single-emoji-reaction
-func (s *AwardEmojiService) GetIssueAwardEmoji(pid interface{}, issueIID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) GetIssueAwardEmoji(pid any, issueIID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.getAwardEmoji(pid, awardIssue, issueIID, awardID, options...)
 }
 
@@ -163,11 +163,11 @@ func (s *AwardEmojiService) GetIssueAwardEmoji(pid interface{}, issueIID, awardI
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#get-single-emoji-reaction
-func (s *AwardEmojiService) GetSnippetAwardEmoji(pid interface{}, snippetID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) GetSnippetAwardEmoji(pid any, snippetID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.getAwardEmoji(pid, awardSnippets, snippetID, awardID, options...)
 }
 
-func (s *AwardEmojiService) getAwardEmoji(pid interface{}, resource string, resourceID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) getAwardEmoji(pid any, resource string, resourceID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -206,7 +206,7 @@ type CreateAwardEmojiOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
-func (s *AwardEmojiService) CreateMergeRequestAwardEmoji(pid interface{}, mergeRequestIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) CreateMergeRequestAwardEmoji(pid any, mergeRequestIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmoji(pid, awardMergeRequest, mergeRequestIID, opt, options...)
 }
 
@@ -214,7 +214,7 @@ func (s *AwardEmojiService) CreateMergeRequestAwardEmoji(pid interface{}, mergeR
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
-func (s *AwardEmojiService) CreateIssueAwardEmoji(pid interface{}, issueIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) CreateIssueAwardEmoji(pid any, issueIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmoji(pid, awardIssue, issueIID, opt, options...)
 }
 
@@ -222,11 +222,11 @@ func (s *AwardEmojiService) CreateIssueAwardEmoji(pid interface{}, issueIID int,
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
-func (s *AwardEmojiService) CreateSnippetAwardEmoji(pid interface{}, snippetID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) CreateSnippetAwardEmoji(pid any, snippetID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmoji(pid, awardSnippets, snippetID, opt, options...)
 }
 
-func (s *AwardEmojiService) createAwardEmoji(pid interface{}, resource string, resourceID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) createAwardEmoji(pid any, resource string, resourceID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -255,7 +255,7 @@ func (s *AwardEmojiService) createAwardEmoji(pid interface{}, resource string, r
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#delete-an-emoji-reaction
-func (s *AwardEmojiService) DeleteIssueAwardEmoji(pid interface{}, issueIID, awardID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *AwardEmojiService) DeleteIssueAwardEmoji(pid any, issueIID, awardID int, options ...RequestOptionFunc) (*Response, error) {
 	return s.deleteAwardEmoji(pid, awardIssue, issueIID, awardID, options...)
 }
 
@@ -263,7 +263,7 @@ func (s *AwardEmojiService) DeleteIssueAwardEmoji(pid interface{}, issueIID, awa
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#delete-an-emoji-reaction
-func (s *AwardEmojiService) DeleteMergeRequestAwardEmoji(pid interface{}, mergeRequestIID, awardID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *AwardEmojiService) DeleteMergeRequestAwardEmoji(pid any, mergeRequestIID, awardID int, options ...RequestOptionFunc) (*Response, error) {
 	return s.deleteAwardEmoji(pid, awardMergeRequest, mergeRequestIID, awardID, options...)
 }
 
@@ -271,7 +271,7 @@ func (s *AwardEmojiService) DeleteMergeRequestAwardEmoji(pid interface{}, mergeR
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#delete-an-emoji-reaction
-func (s *AwardEmojiService) DeleteSnippetAwardEmoji(pid interface{}, snippetID, awardID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *AwardEmojiService) DeleteSnippetAwardEmoji(pid any, snippetID, awardID int, options ...RequestOptionFunc) (*Response, error) {
 	return s.deleteAwardEmoji(pid, awardSnippets, snippetID, awardID, options...)
 }
 
@@ -279,7 +279,7 @@ func (s *AwardEmojiService) DeleteSnippetAwardEmoji(pid interface{}, snippetID,
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#delete-an-emoji-reaction
-func (s *AwardEmojiService) deleteAwardEmoji(pid interface{}, resource string, resourceID, awardID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *AwardEmojiService) deleteAwardEmoji(pid any, resource string, resourceID, awardID int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -299,7 +299,7 @@ func (s *AwardEmojiService) deleteAwardEmoji(pid interface{}, resource string, r
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#list-a-comments-emoji-reactions
-func (s *AwardEmojiService) ListIssuesAwardEmojiOnNote(pid interface{}, issueID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) ListIssuesAwardEmojiOnNote(pid any, issueID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
 	return s.listAwardEmojiOnNote(pid, awardIssue, issueID, noteID, opt, options...)
 }
 
@@ -308,7 +308,7 @@ func (s *AwardEmojiService) ListIssuesAwardEmojiOnNote(pid interface{}, issueID,
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#list-a-comments-emoji-reactions
-func (s *AwardEmojiService) ListMergeRequestAwardEmojiOnNote(pid interface{}, mergeRequestIID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) ListMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
 	return s.listAwardEmojiOnNote(pid, awardMergeRequest, mergeRequestIID, noteID, opt, options...)
 }
 
@@ -317,11 +317,11 @@ func (s *AwardEmojiService) ListMergeRequestAwardEmojiOnNote(pid interface{}, me
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#list-a-comments-emoji-reactions
-func (s *AwardEmojiService) ListSnippetAwardEmojiOnNote(pid interface{}, snippetIID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) ListSnippetAwardEmojiOnNote(pid any, snippetIID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
 	return s.listAwardEmojiOnNote(pid, awardSnippets, snippetIID, noteID, opt, options...)
 }
 
-func (s *AwardEmojiService) listAwardEmojiOnNote(pid interface{}, resources string, ressourceID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) listAwardEmojiOnNote(pid any, resources string, ressourceID, noteID int, opt *ListAwardEmojiOptions, options ...RequestOptionFunc) ([]*AwardEmoji, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -347,7 +347,7 @@ func (s *AwardEmojiService) listAwardEmojiOnNote(pid interface{}, resources stri
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#get-an-emoji-reaction-for-a-comment
-func (s *AwardEmojiService) GetIssuesAwardEmojiOnNote(pid interface{}, issueID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) GetIssuesAwardEmojiOnNote(pid any, issueID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.getSingleNoteAwardEmoji(pid, awardIssue, issueID, noteID, awardID, options...)
 }
 
@@ -356,7 +356,7 @@ func (s *AwardEmojiService) GetIssuesAwardEmojiOnNote(pid interface{}, issueID,
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#get-an-emoji-reaction-for-a-comment
-func (s *AwardEmojiService) GetMergeRequestAwardEmojiOnNote(pid interface{}, mergeRequestIID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) GetMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.getSingleNoteAwardEmoji(pid, awardMergeRequest, mergeRequestIID, noteID, awardID,
 		options...)
 }
@@ -365,11 +365,11 @@ func (s *AwardEmojiService) GetMergeRequestAwardEmojiOnNote(pid interface{}, mer
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#get-an-emoji-reaction-for-a-comment
-func (s *AwardEmojiService) GetSnippetAwardEmojiOnNote(pid interface{}, snippetIID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) GetSnippetAwardEmojiOnNote(pid any, snippetIID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.getSingleNoteAwardEmoji(pid, awardSnippets, snippetIID, noteID, awardID, options...)
 }
 
-func (s *AwardEmojiService) getSingleNoteAwardEmoji(pid interface{}, ressource string, resourceID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) getSingleNoteAwardEmoji(pid any, ressource string, resourceID, noteID, awardID int, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -400,7 +400,7 @@ func (s *AwardEmojiService) getSingleNoteAwardEmoji(pid interface{}, ressource s
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
-func (s *AwardEmojiService) CreateIssuesAwardEmojiOnNote(pid interface{}, issueID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) CreateIssuesAwardEmojiOnNote(pid any, issueID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmojiOnNote(pid, awardIssue, issueID, noteID, opt, options...)
 }
 
@@ -409,7 +409,7 @@ func (s *AwardEmojiService) CreateIssuesAwardEmojiOnNote(pid interface{}, issueI
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
-func (s *AwardEmojiService) CreateMergeRequestAwardEmojiOnNote(pid interface{}, mergeRequestIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) CreateMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmojiOnNote(pid, awardMergeRequest, mergeRequestIID, noteID, opt, options...)
 }
 
@@ -417,7 +417,7 @@ func (s *AwardEmojiService) CreateMergeRequestAwardEmojiOnNote(pid interface{},
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
-func (s *AwardEmojiService) CreateSnippetAwardEmojiOnNote(pid interface{}, snippetIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) CreateSnippetAwardEmojiOnNote(pid any, snippetIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmojiOnNote(pid, awardSnippets, snippetIID, noteID, opt, options...)
 }
 
@@ -425,7 +425,7 @@ func (s *AwardEmojiService) CreateSnippetAwardEmojiOnNote(pid interface{}, snipp
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
-func (s *AwardEmojiService) createAwardEmojiOnNote(pid interface{}, resource string, resourceID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
+func (s *AwardEmojiService) createAwardEmojiOnNote(pid any, resource string, resourceID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -455,7 +455,7 @@ func (s *AwardEmojiService) createAwardEmojiOnNote(pid interface{}, resource str
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#delete-an-emoji-reaction-from-a-comment
-func (s *AwardEmojiService) DeleteIssuesAwardEmojiOnNote(pid interface{}, issueID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *AwardEmojiService) DeleteIssuesAwardEmojiOnNote(pid any, issueID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error) {
 	return s.deleteAwardEmojiOnNote(pid, awardIssue, issueID, noteID, awardID, options...)
 }
 
@@ -464,7 +464,7 @@ func (s *AwardEmojiService) DeleteIssuesAwardEmojiOnNote(pid interface{}, issueI
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#delete-an-emoji-reaction-from-a-comment
-func (s *AwardEmojiService) DeleteMergeRequestAwardEmojiOnNote(pid interface{}, mergeRequestIID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *AwardEmojiService) DeleteMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error) {
 	return s.deleteAwardEmojiOnNote(pid, awardMergeRequest, mergeRequestIID, noteID, awardID,
 		options...)
 }
@@ -473,11 +473,11 @@ func (s *AwardEmojiService) DeleteMergeRequestAwardEmojiOnNote(pid interface{},
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#delete-an-emoji-reaction-from-a-comment
-func (s *AwardEmojiService) DeleteSnippetAwardEmojiOnNote(pid interface{}, snippetIID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *AwardEmojiService) DeleteSnippetAwardEmojiOnNote(pid any, snippetIID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error) {
 	return s.deleteAwardEmojiOnNote(pid, awardSnippets, snippetIID, noteID, awardID, options...)
 }
 
-func (s *AwardEmojiService) deleteAwardEmojiOnNote(pid interface{}, resource string, resourceID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *AwardEmojiService) deleteAwardEmojiOnNote(pid any, resource string, resourceID, noteID, awardID int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/boards.go b/vendor/gitlab.com/gitlab-org/api/client-go/boards.go
index cce12fbc8f..1d1558d029 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/boards.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/boards.go
@@ -23,16 +23,16 @@ import (
 
 type (
 	IssueBoardsServiceInterface interface {
-		CreateIssueBoard(pid interface{}, opt *CreateIssueBoardOptions, options ...RequestOptionFunc) (*IssueBoard, *Response, error)
-		UpdateIssueBoard(pid interface{}, board int, opt *UpdateIssueBoardOptions, options ...RequestOptionFunc) (*IssueBoard, *Response, error)
-		DeleteIssueBoard(pid interface{}, board int, options ...RequestOptionFunc) (*Response, error)
-		ListIssueBoards(pid interface{}, opt *ListIssueBoardsOptions, options ...RequestOptionFunc) ([]*IssueBoard, *Response, error)
-		GetIssueBoard(pid interface{}, board int, options ...RequestOptionFunc) (*IssueBoard, *Response, error)
-		GetIssueBoardLists(pid interface{}, board int, opt *GetIssueBoardListsOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error)
-		GetIssueBoardList(pid interface{}, board, list int, options ...RequestOptionFunc) (*BoardList, *Response, error)
-		CreateIssueBoardList(pid interface{}, board int, opt *CreateIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error)
-		UpdateIssueBoardList(pid interface{}, board, list int, opt *UpdateIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error)
-		DeleteIssueBoardList(pid interface{}, board, list int, options ...RequestOptionFunc) (*Response, error)
+		CreateIssueBoard(pid any, opt *CreateIssueBoardOptions, options ...RequestOptionFunc) (*IssueBoard, *Response, error)
+		UpdateIssueBoard(pid any, board int, opt *UpdateIssueBoardOptions, options ...RequestOptionFunc) (*IssueBoard, *Response, error)
+		DeleteIssueBoard(pid any, board int, options ...RequestOptionFunc) (*Response, error)
+		ListIssueBoards(pid any, opt *ListIssueBoardsOptions, options ...RequestOptionFunc) ([]*IssueBoard, *Response, error)
+		GetIssueBoard(pid any, board int, options ...RequestOptionFunc) (*IssueBoard, *Response, error)
+		GetIssueBoardLists(pid any, board int, opt *GetIssueBoardListsOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error)
+		GetIssueBoardList(pid any, board, list int, options ...RequestOptionFunc) (*BoardList, *Response, error)
+		CreateIssueBoardList(pid any, board int, opt *CreateIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error)
+		UpdateIssueBoardList(pid any, board, list int, opt *UpdateIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error)
+		DeleteIssueBoardList(pid any, board, list int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// IssueBoardsService handles communication with the issue board related
@@ -103,7 +103,7 @@ type CreateIssueBoardOptions struct {
 // CreateIssueBoard creates a new issue board.
 //
 // GitLab API docs: https://docs.gitlab.com/api/boards/#create-an-issue-board
-func (s *IssueBoardsService) CreateIssueBoard(pid interface{}, opt *CreateIssueBoardOptions, options ...RequestOptionFunc) (*IssueBoard, *Response, error) {
+func (s *IssueBoardsService) CreateIssueBoard(pid any, opt *CreateIssueBoardOptions, options ...RequestOptionFunc) (*IssueBoard, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -138,7 +138,7 @@ type UpdateIssueBoardOptions struct {
 // UpdateIssueBoard update an issue board.
 //
 // GitLab API docs: https://docs.gitlab.com/api/boards/#update-an-issue-board
-func (s *IssueBoardsService) UpdateIssueBoard(pid interface{}, board int, opt *UpdateIssueBoardOptions, options ...RequestOptionFunc) (*IssueBoard, *Response, error) {
+func (s *IssueBoardsService) UpdateIssueBoard(pid any, board int, opt *UpdateIssueBoardOptions, options ...RequestOptionFunc) (*IssueBoard, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -162,7 +162,7 @@ func (s *IssueBoardsService) UpdateIssueBoard(pid interface{}, board int, opt *U
 // DeleteIssueBoard deletes an issue board.
 //
 // GitLab API docs: https://docs.gitlab.com/api/boards/#delete-an-issue-board
-func (s *IssueBoardsService) DeleteIssueBoard(pid interface{}, board int, options ...RequestOptionFunc) (*Response, error) {
+func (s *IssueBoardsService) DeleteIssueBoard(pid any, board int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -185,7 +185,7 @@ type ListIssueBoardsOptions ListOptions
 // ListIssueBoards gets a list of all issue boards in a project.
 //
 // GitLab API docs: https://docs.gitlab.com/api/boards/#list-project-issue-boards
-func (s *IssueBoardsService) ListIssueBoards(pid interface{}, opt *ListIssueBoardsOptions, options ...RequestOptionFunc) ([]*IssueBoard, *Response, error) {
+func (s *IssueBoardsService) ListIssueBoards(pid any, opt *ListIssueBoardsOptions, options ...RequestOptionFunc) ([]*IssueBoard, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -209,7 +209,7 @@ func (s *IssueBoardsService) ListIssueBoards(pid interface{}, opt *ListIssueBoar
 // GetIssueBoard gets a single issue board of a project.
 //
 // GitLab API docs: https://docs.gitlab.com/api/boards/#show-a-single-issue-board
-func (s *IssueBoardsService) GetIssueBoard(pid interface{}, board int, options ...RequestOptionFunc) (*IssueBoard, *Response, error) {
+func (s *IssueBoardsService) GetIssueBoard(pid any, board int, options ...RequestOptionFunc) (*IssueBoard, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -239,7 +239,7 @@ type GetIssueBoardListsOptions ListOptions
 // backlog and closed lists.
 //
 // GitLab API docs: https://docs.gitlab.com/api/boards/#list-board-lists-in-a-project-issue-board
-func (s *IssueBoardsService) GetIssueBoardLists(pid interface{}, board int, opt *GetIssueBoardListsOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error) {
+func (s *IssueBoardsService) GetIssueBoardLists(pid any, board int, opt *GetIssueBoardListsOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -263,7 +263,7 @@ func (s *IssueBoardsService) GetIssueBoardLists(pid interface{}, board int, opt
 // GetIssueBoardList gets a single issue board list.
 //
 // GitLab API docs: https://docs.gitlab.com/api/boards/#show-a-single-board-list
-func (s *IssueBoardsService) GetIssueBoardList(pid interface{}, board, list int, options ...RequestOptionFunc) (*BoardList, *Response, error) {
+func (s *IssueBoardsService) GetIssueBoardList(pid any, board, list int, options ...RequestOptionFunc) (*BoardList, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -302,7 +302,7 @@ type CreateIssueBoardListOptions struct {
 // CreateIssueBoardList creates a new issue board list.
 //
 // GitLab API docs: https://docs.gitlab.com/api/boards/#create-a-board-list
-func (s *IssueBoardsService) CreateIssueBoardList(pid interface{}, board int, opt *CreateIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error) {
+func (s *IssueBoardsService) CreateIssueBoardList(pid any, board int, opt *CreateIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -334,7 +334,7 @@ type UpdateIssueBoardListOptions struct {
 // UpdateIssueBoardList updates the position of an existing issue board list.
 //
 // GitLab API docs: https://docs.gitlab.com/api/boards/#reorder-a-list-in-a-board
-func (s *IssueBoardsService) UpdateIssueBoardList(pid interface{}, board, list int, opt *UpdateIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error) {
+func (s *IssueBoardsService) UpdateIssueBoardList(pid any, board, list int, opt *UpdateIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -364,7 +364,7 @@ func (s *IssueBoardsService) UpdateIssueBoardList(pid interface{}, board, list i
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/boards/#delete-a-board-list-from-a-board
-func (s *IssueBoardsService) DeleteIssueBoardList(pid interface{}, board, list int, options ...RequestOptionFunc) (*Response, error) {
+func (s *IssueBoardsService) DeleteIssueBoardList(pid any, board, list int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/branches.go b/vendor/gitlab.com/gitlab-org/api/client-go/branches.go
index 2ff5d0a066..1c753b17fe 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/branches.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/branches.go
@@ -24,13 +24,11 @@ import (
 
 type (
 	BranchesServiceInterface interface {
-		ListBranches(pid interface{}, opts *ListBranchesOptions, options ...RequestOptionFunc) ([]*Branch, *Response, error)
-		GetBranch(pid interface{}, branch string, options ...RequestOptionFunc) (*Branch, *Response, error)
-		ProtectBranch(pid interface{}, branch string, opts *ProtectBranchOptions, options ...RequestOptionFunc) (*Branch, *Response, error)
-		UnprotectBranch(pid interface{}, branch string, options ...RequestOptionFunc) (*Branch, *Response, error)
-		CreateBranch(pid interface{}, opt *CreateBranchOptions, options ...RequestOptionFunc) (*Branch, *Response, error)
-		DeleteBranch(pid interface{}, branch string, options ...RequestOptionFunc) (*Response, error)
-		DeleteMergedBranches(pid interface{}, options ...RequestOptionFunc) (*Response, error)
+		ListBranches(pid any, opts *ListBranchesOptions, options ...RequestOptionFunc) ([]*Branch, *Response, error)
+		GetBranch(pid any, branch string, options ...RequestOptionFunc) (*Branch, *Response, error)
+		CreateBranch(pid any, opt *CreateBranchOptions, options ...RequestOptionFunc) (*Branch, *Response, error)
+		DeleteBranch(pid any, branch string, options ...RequestOptionFunc) (*Response, error)
+		DeleteMergedBranches(pid any, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// BranchesService handles communication with the branch related methods
@@ -78,7 +76,7 @@ type ListBranchesOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/branches/#list-repository-branches
-func (s *BranchesService) ListBranches(pid interface{}, opts *ListBranchesOptions, options ...RequestOptionFunc) ([]*Branch, *Response, error) {
+func (s *BranchesService) ListBranches(pid any, opts *ListBranchesOptions, options ...RequestOptionFunc) ([]*Branch, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -103,7 +101,7 @@ func (s *BranchesService) ListBranches(pid interface{}, opts *ListBranchesOption
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/branches/#get-single-repository-branch
-func (s *BranchesService) GetBranch(pid interface{}, branch string, options ...RequestOptionFunc) (*Branch, *Response, error) {
+func (s *BranchesService) GetBranch(pid any, branch string, options ...RequestOptionFunc) (*Branch, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -124,75 +122,6 @@ func (s *BranchesService) GetBranch(pid interface{}, branch string, options ...R
 	return b, resp, nil
 }
 
-// ProtectBranchOptions represents the available ProtectBranch() options.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/api/branches/#protect-repository-branch
-type ProtectBranchOptions struct {
-	DevelopersCanPush  *bool `url:"developers_can_push,omitempty" json:"developers_can_push,omitempty"`
-	DevelopersCanMerge *bool `url:"developers_can_merge,omitempty" json:"developers_can_merge,omitempty"`
-}
-
-// ProtectBranch protects a single project repository branch. This is an
-// idempotent function, protecting an already protected repository branch
-// still returns a 200 OK status code.
-//
-// Deprecated: This endpoint has been replaced by
-// ProtectedBranchesService.ProtectRepositoryBranches()
-//
-// GitLab API docs:
-// https://docs.gitlab.com/api/branches/#protect-repository-branch
-func (s *BranchesService) ProtectBranch(pid interface{}, branch string, opts *ProtectBranchOptions, options ...RequestOptionFunc) (*Branch, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/repository/branches/%s/protect", PathEscape(project), url.PathEscape(branch))
-
-	req, err := s.client.NewRequest(http.MethodPut, u, opts, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	b := new(Branch)
-	resp, err := s.client.Do(req, b)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return b, resp, nil
-}
-
-// UnprotectBranch unprotects a single project repository branch. This is an
-// idempotent function, unprotecting an already unprotected repository branch
-// still returns a 200 OK status code.
-//
-// Deprecated: This endpoint has been replaced by
-// ProtectedBranchesService.UnprotectRepositoryBranches()
-//
-// GitLab API docs:
-// https://docs.gitlab.com/api/branches/#unprotect-repository-branch
-func (s *BranchesService) UnprotectBranch(pid interface{}, branch string, options ...RequestOptionFunc) (*Branch, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/repository/branches/%s/unprotect", PathEscape(project), url.PathEscape(branch))
-
-	req, err := s.client.NewRequest(http.MethodPut, u, nil, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	b := new(Branch)
-	resp, err := s.client.Do(req, b)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return b, resp, nil
-}
-
 // CreateBranchOptions represents the available CreateBranch() options.
 //
 // GitLab API docs:
@@ -206,7 +135,7 @@ type CreateBranchOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/branches/#create-repository-branch
-func (s *BranchesService) CreateBranch(pid interface{}, opt *CreateBranchOptions, options ...RequestOptionFunc) (*Branch, *Response, error) {
+func (s *BranchesService) CreateBranch(pid any, opt *CreateBranchOptions, options ...RequestOptionFunc) (*Branch, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -231,7 +160,7 @@ func (s *BranchesService) CreateBranch(pid interface{}, opt *CreateBranchOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/branches/#delete-repository-branch
-func (s *BranchesService) DeleteBranch(pid interface{}, branch string, options ...RequestOptionFunc) (*Response, error) {
+func (s *BranchesService) DeleteBranch(pid any, branch string, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -250,7 +179,7 @@ func (s *BranchesService) DeleteBranch(pid interface{}, branch string, options .
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/branches/#delete-merged-branches
-func (s *BranchesService) DeleteMergedBranches(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+func (s *BranchesService) DeleteMergedBranches(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/broadcast_messages.go b/vendor/gitlab.com/gitlab-org/api/client-go/broadcast_messages.go
index 40af3832eb..2e42200860 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/broadcast_messages.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/broadcast_messages.go
@@ -58,9 +58,6 @@ type BroadcastMessage struct {
 	BroadcastType      string             `json:"broadcast_type"`
 	Dismissable        bool               `json:"dismissable"`
 	Theme              string             `json:"theme"`
-
-	// Deprecated: This parameter was removed in GitLab 15.6.
-	Color string `json:"color"`
 }
 
 // ListBroadcastMessagesOptions represents the available ListBroadcastMessages()
@@ -125,9 +122,6 @@ type CreateBroadcastMessageOptions struct {
 	BroadcastType      *string            `url:"broadcast_type,omitempty" json:"broadcast_type,omitempty"`
 	Dismissable        *bool              `url:"dismissable,omitempty" json:"dismissable,omitempty"`
 	Theme              *string            `url:"theme,omitempty" json:"theme,omitempty"`
-
-	// Deprecated: This parameter was removed in GitLab 15.6.
-	Color *string `url:"color,omitempty" json:"color,omitempty"`
 }
 
 // CreateBroadcastMessage creates a message to broadcast.
@@ -164,9 +158,6 @@ type UpdateBroadcastMessageOptions struct {
 	BroadcastType      *string            `url:"broadcast_type,omitempty" json:"broadcast_type,omitempty"`
 	Dismissable        *bool              `url:"dismissable,omitempty" json:"dismissable,omitempty"`
 	Theme              *string            `url:"theme,omitempty" json:"theme,omitempty"`
-
-	// Deprecated: This parameter was removed in GitLab 15.6.
-	Color *string `url:"color,omitempty" json:"color,omitempty"`
 }
 
 // UpdateBroadcastMessage update a broadcasted message.
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/ci_yml_templates.go b/vendor/gitlab.com/gitlab-org/api/client-go/ci_yml_templates.go
index 6441fe6b76..168ca1fc43 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/ci_yml_templates.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/ci_yml_templates.go
@@ -31,7 +31,7 @@ type (
 	// CI YML templates related methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/templates/gitlab_ci_ymls.html
+	// https://docs.gitlab.com/api/templates/gitlab_ci_ymls/
 	CIYMLTemplatesService struct {
 		client *Client
 	}
@@ -42,7 +42,7 @@ var _ CIYMLTemplatesServiceInterface = (*CIYMLTemplatesService)(nil)
 // CIYMLTemplate represents a GitLab CI YML template.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/templates/gitlab_ci_ymls.html
+// https://docs.gitlab.com/api/templates/gitlab_ci_ymls/
 type CIYMLTemplate struct {
 	Name    string `json:"name"`
 	Content string `json:"content"`
@@ -51,7 +51,7 @@ type CIYMLTemplate struct {
 // CIYMLTemplateListItem represents a GitLab CI YML template from the list.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/templates/gitlab_ci_ymls.html
+// https://docs.gitlab.com/api/templates/gitlab_ci_ymls/
 type CIYMLTemplateListItem struct {
 	Key  string `json:"key"`
 	Name string `json:"name"`
@@ -60,13 +60,13 @@ type CIYMLTemplateListItem struct {
 // ListCIYMLTemplatesOptions represents the available ListAllTemplates() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/templates/gitlab_ci_ymls.html#list-gitlab-ci-yaml-templates
+// https://docs.gitlab.com/api/templates/gitlab_ci_ymls/#list-gitlab-ci-yaml-templates
 type ListCIYMLTemplatesOptions ListOptions
 
 // ListAllTemplates get all GitLab CI YML templates.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/templates/gitlab_ci_ymls.html#list-gitlab-ci-yaml-templates
+// https://docs.gitlab.com/api/templates/gitlab_ci_ymls/#list-gitlab-ci-yaml-templates
 func (s *CIYMLTemplatesService) ListAllTemplates(opt *ListCIYMLTemplatesOptions, options ...RequestOptionFunc) ([]*CIYMLTemplateListItem, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "templates/gitlab_ci_ymls", opt, options)
 	if err != nil {
@@ -85,7 +85,7 @@ func (s *CIYMLTemplatesService) ListAllTemplates(opt *ListCIYMLTemplatesOptions,
 // GetTemplate get a single GitLab CI YML template.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/templates/gitlab_ci_ymls.html#single-gitlab-ci-yaml-template
+// https://docs.gitlab.com/api/templates/gitlab_ci_ymls/#single-gitlab-ci-yaml-template
 func (s *CIYMLTemplatesService) GetTemplate(key string, options ...RequestOptionFunc) (*CIYMLTemplate, *Response, error) {
 	u := fmt.Sprintf("templates/gitlab_ci_ymls/%s", PathEscape(key))
 
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/cluster_agents.go b/vendor/gitlab.com/gitlab-org/api/client-go/cluster_agents.go
index 33c94b9040..88855174d7 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/cluster_agents.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/cluster_agents.go
@@ -24,20 +24,20 @@ import (
 
 type (
 	ClusterAgentsServiceInterface interface {
-		ListAgents(pid interface{}, opt *ListAgentsOptions, options ...RequestOptionFunc) ([]*Agent, *Response, error)
-		GetAgent(pid interface{}, id int, options ...RequestOptionFunc) (*Agent, *Response, error)
-		RegisterAgent(pid interface{}, opt *RegisterAgentOptions, options ...RequestOptionFunc) (*Agent, *Response, error)
-		DeleteAgent(pid interface{}, id int, options ...RequestOptionFunc) (*Response, error)
-		ListAgentTokens(pid interface{}, aid int, opt *ListAgentTokensOptions, options ...RequestOptionFunc) ([]*AgentToken, *Response, error)
-		GetAgentToken(pid interface{}, aid int, id int, options ...RequestOptionFunc) (*AgentToken, *Response, error)
-		CreateAgentToken(pid interface{}, aid int, opt *CreateAgentTokenOptions, options ...RequestOptionFunc) (*AgentToken, *Response, error)
-		RevokeAgentToken(pid interface{}, aid int, id int, options ...RequestOptionFunc) (*Response, error)
+		ListAgents(pid any, opt *ListAgentsOptions, options ...RequestOptionFunc) ([]*Agent, *Response, error)
+		GetAgent(pid any, id int, options ...RequestOptionFunc) (*Agent, *Response, error)
+		RegisterAgent(pid any, opt *RegisterAgentOptions, options ...RequestOptionFunc) (*Agent, *Response, error)
+		DeleteAgent(pid any, id int, options ...RequestOptionFunc) (*Response, error)
+		ListAgentTokens(pid any, aid int, opt *ListAgentTokensOptions, options ...RequestOptionFunc) ([]*AgentToken, *Response, error)
+		GetAgentToken(pid any, aid int, id int, options ...RequestOptionFunc) (*AgentToken, *Response, error)
+		CreateAgentToken(pid any, aid int, opt *CreateAgentTokenOptions, options ...RequestOptionFunc) (*AgentToken, *Response, error)
+		RevokeAgentToken(pid any, aid int, id int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ClusterAgentsService handles communication with the cluster agents related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/cluster_agents.html
+	// GitLab API docs: https://docs.gitlab.com/api/cluster_agents/
 	ClusterAgentsService struct {
 		client *Client
 	}
@@ -47,7 +47,7 @@ var _ ClusterAgentsServiceInterface = (*ClusterAgentsService)(nil)
 
 // Agent represents a GitLab agent for Kubernetes.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/cluster_agents.html
+// GitLab API docs: https://docs.gitlab.com/api/cluster_agents/
 type Agent struct {
 	ID              int           `json:"id"`
 	Name            string        `json:"name"`
@@ -73,7 +73,7 @@ func (a Agent) String() string {
 // AgentToken represents a GitLab agent token.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#list-tokens-for-an-agent
+// https://docs.gitlab.com/api/cluster_agents/#list-tokens-for-an-agent
 type AgentToken struct {
 	ID              int        `json:"id"`
 	Name            string     `json:"name"`
@@ -93,14 +93,14 @@ func (a AgentToken) String() string {
 // ListAgentsOptions represents the available ListAgents() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#list-the-agents-for-a-project
+// https://docs.gitlab.com/api/cluster_agents/#list-the-agents-for-a-project
 type ListAgentsOptions ListOptions
 
 // ListAgents returns a list of agents registered for the project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#list-the-agents-for-a-project
-func (s *ClusterAgentsService) ListAgents(pid interface{}, opt *ListAgentsOptions, options ...RequestOptionFunc) ([]*Agent, *Response, error) {
+// https://docs.gitlab.com/api/cluster_agents/#list-the-agents-for-a-project
+func (s *ClusterAgentsService) ListAgents(pid any, opt *ListAgentsOptions, options ...RequestOptionFunc) ([]*Agent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -124,8 +124,8 @@ func (s *ClusterAgentsService) ListAgents(pid interface{}, opt *ListAgentsOption
 // GetAgent gets a single agent details.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#get-details-about-an-agent
-func (s *ClusterAgentsService) GetAgent(pid interface{}, id int, options ...RequestOptionFunc) (*Agent, *Response, error) {
+// https://docs.gitlab.com/api/cluster_agents/#get-details-about-an-agent
+func (s *ClusterAgentsService) GetAgent(pid any, id int, options ...RequestOptionFunc) (*Agent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -150,7 +150,7 @@ func (s *ClusterAgentsService) GetAgent(pid interface{}, id int, options ...Requ
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#register-an-agent-with-a-project
+// https://docs.gitlab.com/api/cluster_agents/#register-an-agent-with-a-project
 type RegisterAgentOptions struct {
 	Name *string `url:"name,omitempty" json:"name,omitempty"`
 }
@@ -158,8 +158,8 @@ type RegisterAgentOptions struct {
 // RegisterAgent registers an agent to the project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#register-an-agent-with-a-project
-func (s *ClusterAgentsService) RegisterAgent(pid interface{}, opt *RegisterAgentOptions, options ...RequestOptionFunc) (*Agent, *Response, error) {
+// https://docs.gitlab.com/api/cluster_agents/#register-an-agent-with-a-project
+func (s *ClusterAgentsService) RegisterAgent(pid any, opt *RegisterAgentOptions, options ...RequestOptionFunc) (*Agent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -183,8 +183,8 @@ func (s *ClusterAgentsService) RegisterAgent(pid interface{}, opt *RegisterAgent
 // DeleteAgent deletes an existing agent registration.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#delete-a-registered-agent
-func (s *ClusterAgentsService) DeleteAgent(pid interface{}, id int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/cluster_agents/#delete-a-registered-agent
+func (s *ClusterAgentsService) DeleteAgent(pid any, id int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -202,14 +202,14 @@ func (s *ClusterAgentsService) DeleteAgent(pid interface{}, id int, options ...R
 // ListAgentTokensOptions represents the available ListAgentTokens() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#list-tokens-for-an-agent
+// https://docs.gitlab.com/api/cluster_agents/#list-tokens-for-an-agent
 type ListAgentTokensOptions ListOptions
 
 // ListAgentTokens returns a list of tokens for an agent.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#list-tokens-for-an-agent
-func (s *ClusterAgentsService) ListAgentTokens(pid interface{}, aid int, opt *ListAgentTokensOptions, options ...RequestOptionFunc) ([]*AgentToken, *Response, error) {
+// https://docs.gitlab.com/api/cluster_agents/#list-tokens-for-an-agent
+func (s *ClusterAgentsService) ListAgentTokens(pid any, aid int, opt *ListAgentTokensOptions, options ...RequestOptionFunc) ([]*AgentToken, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -233,8 +233,8 @@ func (s *ClusterAgentsService) ListAgentTokens(pid interface{}, aid int, opt *Li
 // GetAgentToken gets a single agent token.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#get-a-single-agent-token
-func (s *ClusterAgentsService) GetAgentToken(pid interface{}, aid int, id int, options ...RequestOptionFunc) (*AgentToken, *Response, error) {
+// https://docs.gitlab.com/api/cluster_agents/#get-a-single-agent-token
+func (s *ClusterAgentsService) GetAgentToken(pid any, aid int, id int, options ...RequestOptionFunc) (*AgentToken, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -258,7 +258,7 @@ func (s *ClusterAgentsService) GetAgentToken(pid interface{}, aid int, id int, o
 // CreateAgentTokenOptions represents the available CreateAgentToken() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#create-an-agent-token
+// https://docs.gitlab.com/api/cluster_agents/#create-an-agent-token
 type CreateAgentTokenOptions struct {
 	Name        *string `url:"name,omitempty" json:"name,omitempty"`
 	Description *string `url:"description,omitempty" json:"description,omitempty"`
@@ -267,8 +267,8 @@ type CreateAgentTokenOptions struct {
 // CreateAgentToken creates a new token for an agent.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#create-an-agent-token
-func (s *ClusterAgentsService) CreateAgentToken(pid interface{}, aid int, opt *CreateAgentTokenOptions, options ...RequestOptionFunc) (*AgentToken, *Response, error) {
+// https://docs.gitlab.com/api/cluster_agents/#create-an-agent-token
+func (s *ClusterAgentsService) CreateAgentToken(pid any, aid int, opt *CreateAgentTokenOptions, options ...RequestOptionFunc) (*AgentToken, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -292,8 +292,8 @@ func (s *ClusterAgentsService) CreateAgentToken(pid interface{}, aid int, opt *C
 // RevokeAgentToken revokes an agent token.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/cluster_agents.html#revoke-an-agent-token
-func (s *ClusterAgentsService) RevokeAgentToken(pid interface{}, aid int, id int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/cluster_agents/#revoke-an-agent-token
+func (s *ClusterAgentsService) RevokeAgentToken(pid any, aid int, id int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/commitlint.config.mjs b/vendor/gitlab.com/gitlab-org/api/client-go/commitlint.config.mjs
new file mode 100644
index 0000000000..2291173ef3
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/commitlint.config.mjs
@@ -0,0 +1,3 @@
+export default {
+  extends: ['@commitlint/config-conventional']
+};
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/commits.go b/vendor/gitlab.com/gitlab-org/api/client-go/commits.go
index b316dd19f1..d73031f051 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/commits.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/commits.go
@@ -26,28 +26,28 @@ import (
 // CommitsService handles communication with the commit related methods
 // of the GitLab API.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html
+// GitLab API docs: https://docs.gitlab.com/api/commits/
 type (
 	CommitsServiceInterface interface {
-		ListCommits(pid interface{}, opt *ListCommitsOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error)
-		GetCommitRefs(pid interface{}, sha string, opt *GetCommitRefsOptions, options ...RequestOptionFunc) ([]*CommitRef, *Response, error)
-		GetCommit(pid interface{}, sha string, opt *GetCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error)
-		CreateCommit(pid interface{}, opt *CreateCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error)
-		GetCommitDiff(pid interface{}, sha string, opt *GetCommitDiffOptions, options ...RequestOptionFunc) ([]*Diff, *Response, error)
-		GetCommitComments(pid interface{}, sha string, opt *GetCommitCommentsOptions, options ...RequestOptionFunc) ([]*CommitComment, *Response, error)
-		PostCommitComment(pid interface{}, sha string, opt *PostCommitCommentOptions, options ...RequestOptionFunc) (*CommitComment, *Response, error)
-		GetCommitStatuses(pid interface{}, sha string, opt *GetCommitStatusesOptions, options ...RequestOptionFunc) ([]*CommitStatus, *Response, error)
-		SetCommitStatus(pid interface{}, sha string, opt *SetCommitStatusOptions, options ...RequestOptionFunc) (*CommitStatus, *Response, error)
-		ListMergeRequestsByCommit(pid interface{}, sha string, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
-		CherryPickCommit(pid interface{}, sha string, opt *CherryPickCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error)
-		RevertCommit(pid interface{}, sha string, opt *RevertCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error)
-		GetGPGSignature(pid interface{}, sha string, options ...RequestOptionFunc) (*GPGSignature, *Response, error)
+		ListCommits(pid any, opt *ListCommitsOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error)
+		GetCommitRefs(pid any, sha string, opt *GetCommitRefsOptions, options ...RequestOptionFunc) ([]*CommitRef, *Response, error)
+		GetCommit(pid any, sha string, opt *GetCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error)
+		CreateCommit(pid any, opt *CreateCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error)
+		GetCommitDiff(pid any, sha string, opt *GetCommitDiffOptions, options ...RequestOptionFunc) ([]*Diff, *Response, error)
+		GetCommitComments(pid any, sha string, opt *GetCommitCommentsOptions, options ...RequestOptionFunc) ([]*CommitComment, *Response, error)
+		PostCommitComment(pid any, sha string, opt *PostCommitCommentOptions, options ...RequestOptionFunc) (*CommitComment, *Response, error)
+		GetCommitStatuses(pid any, sha string, opt *GetCommitStatusesOptions, options ...RequestOptionFunc) ([]*CommitStatus, *Response, error)
+		SetCommitStatus(pid any, sha string, opt *SetCommitStatusOptions, options ...RequestOptionFunc) (*CommitStatus, *Response, error)
+		ListMergeRequestsByCommit(pid any, sha string, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
+		CherryPickCommit(pid any, sha string, opt *CherryPickCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error)
+		RevertCommit(pid any, sha string, opt *RevertCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error)
+		GetGPGSignature(pid any, sha string, options ...RequestOptionFunc) (*GPGSignature, *Response, error)
 	}
 
 	// CommitsService handles communication with the commit related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html
+	// GitLab API docs: https://docs.gitlab.com/api/commits/
 	CommitsService struct {
 		client *Client
 	}
@@ -57,7 +57,7 @@ var _ CommitsServiceInterface = (*CommitsService)(nil)
 
 // Commit represents a GitLab commit.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html
+// GitLab API docs: https://docs.gitlab.com/api/commits/
 type Commit struct {
 	ID               string            `json:"id"`
 	ShortID          string            `json:"short_id"`
@@ -82,7 +82,7 @@ type Commit struct {
 
 // CommitStats represents the number of added and deleted files in a commit.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html
+// GitLab API docs: https://docs.gitlab.com/api/commits/
 type CommitStats struct {
 	Additions int `json:"additions"`
 	Deletions int `json:"deletions"`
@@ -95,7 +95,7 @@ func (c Commit) String() string {
 
 // ListCommitsOptions represents the available ListCommits() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#list-repository-commits
+// GitLab API docs: https://docs.gitlab.com/api/commits/#list-repository-commits
 type ListCommitsOptions struct {
 	ListOptions
 	RefName     *string    `url:"ref_name,omitempty" json:"ref_name,omitempty"`
@@ -111,8 +111,8 @@ type ListCommitsOptions struct {
 
 // ListCommits gets a list of repository commits in a project.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#list-repository-commits
-func (s *CommitsService) ListCommits(pid interface{}, opt *ListCommitsOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/commits/#list-repository-commits
+func (s *CommitsService) ListCommits(pid any, opt *ListCommitsOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -136,7 +136,7 @@ func (s *CommitsService) ListCommits(pid interface{}, opt *ListCommitsOptions, o
 // CommitRef represents the reference of branches/tags in a commit.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#get-references-a-commit-is-pushed-to
+// https://docs.gitlab.com/api/commits/#get-references-a-commit-is-pushed-to
 type CommitRef struct {
 	Type string `json:"type"`
 	Name string `json:"name"`
@@ -145,7 +145,7 @@ type CommitRef struct {
 // GetCommitRefsOptions represents the available GetCommitRefs() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#get-references-a-commit-is-pushed-to
+// https://docs.gitlab.com/api/commits/#get-references-a-commit-is-pushed-to
 type GetCommitRefsOptions struct {
 	ListOptions
 	Type *string `url:"type,omitempty" json:"type,omitempty"`
@@ -154,8 +154,8 @@ type GetCommitRefsOptions struct {
 // GetCommitRefs gets all references (from branches or tags) a commit is pushed to
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#get-references-a-commit-is-pushed-to
-func (s *CommitsService) GetCommitRefs(pid interface{}, sha string, opt *GetCommitRefsOptions, options ...RequestOptionFunc) ([]*CommitRef, *Response, error) {
+// https://docs.gitlab.com/api/commits/#get-references-a-commit-is-pushed-to
+func (s *CommitsService) GetCommitRefs(pid any, sha string, opt *GetCommitRefsOptions, options ...RequestOptionFunc) ([]*CommitRef, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -179,7 +179,7 @@ func (s *CommitsService) GetCommitRefs(pid interface{}, sha string, opt *GetComm
 // GetCommitOptions represents the available GetCommit() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#get-a-single-commit
+// https://docs.gitlab.com/api/commits/#get-a-single-commit
 type GetCommitOptions struct {
 	Stats *bool `url:"stats,omitempty" json:"stats,omitempty"`
 }
@@ -187,8 +187,8 @@ type GetCommitOptions struct {
 // GetCommit gets a specific commit identified by the commit hash or name of a
 // branch or tag.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#get-a-single-commit
-func (s *CommitsService) GetCommit(pid interface{}, sha string, opt *GetCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/commits/#get-a-single-commit
+func (s *CommitsService) GetCommit(pid any, sha string, opt *GetCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -214,7 +214,7 @@ func (s *CommitsService) GetCommit(pid interface{}, sha string, opt *GetCommitOp
 
 // CreateCommitOptions represents the available options for a new commit.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#create-a-commit-with-multiple-files-and-actions
+// GitLab API docs: https://docs.gitlab.com/api/commits/#create-a-commit-with-multiple-files-and-actions
 type CreateCommitOptions struct {
 	Branch        *string                `url:"branch,omitempty" json:"branch,omitempty"`
 	CommitMessage *string                `url:"commit_message,omitempty" json:"commit_message,omitempty"`
@@ -231,7 +231,7 @@ type CreateCommitOptions struct {
 // CommitActionOptions represents the available options for a new single
 // file action.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#create-a-commit-with-multiple-files-and-actions
+// GitLab API docs: https://docs.gitlab.com/api/commits/#create-a-commit-with-multiple-files-and-actions
 type CommitActionOptions struct {
 	Action          *FileActionValue `url:"action,omitempty" json:"action,omitempty"`
 	FilePath        *string          `url:"file_path,omitempty" json:"file_path,omitempty"`
@@ -244,8 +244,8 @@ type CommitActionOptions struct {
 
 // CreateCommit creates a commit with multiple files and actions.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#create-a-commit-with-multiple-files-and-actions
-func (s *CommitsService) CreateCommit(pid interface{}, opt *CreateCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/commits/#create-a-commit-with-multiple-files-and-actions
+func (s *CommitsService) CreateCommit(pid any, opt *CreateCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -268,7 +268,7 @@ func (s *CommitsService) CreateCommit(pid interface{}, opt *CreateCommitOptions,
 
 // Diff represents a GitLab diff.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html
+// GitLab API docs: https://docs.gitlab.com/api/commits/
 type Diff struct {
 	Diff        string `json:"diff"`
 	NewPath     string `json:"new_path"`
@@ -287,17 +287,17 @@ func (d Diff) String() string {
 // GetCommitDiffOptions represents the available GetCommitDiff() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#get-the-diff-of-a-commit
+// https://docs.gitlab.com/api/commits/#get-the-diff-of-a-commit
 type GetCommitDiffOptions struct {
 	ListOptions
 	Unidiff *bool `url:"unidiff,omitempty" json:"unidiff,omitempty"`
 }
 
-// GetCommitDiff gets the diff of a commit in a project..
+// GetCommitDiff gets the diff of a commit in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#get-the-diff-of-a-commit
-func (s *CommitsService) GetCommitDiff(pid interface{}, sha string, opt *GetCommitDiffOptions, options ...RequestOptionFunc) ([]*Diff, *Response, error) {
+// https://docs.gitlab.com/api/commits/#get-the-diff-of-a-commit
+func (s *CommitsService) GetCommitDiff(pid any, sha string, opt *GetCommitDiffOptions, options ...RequestOptionFunc) ([]*Diff, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -320,7 +320,7 @@ func (s *CommitsService) GetCommitDiff(pid interface{}, sha string, opt *GetComm
 
 // CommitComment represents a GitLab commit comment.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html
+// GitLab API docs: https://docs.gitlab.com/api/commits/
 type CommitComment struct {
 	Note     string `json:"note"`
 	Path     string `json:"path"`
@@ -347,14 +347,14 @@ func (c CommitComment) String() string {
 // GetCommitCommentsOptions represents the available GetCommitComments() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#get-the-comments-of-a-commit
+// https://docs.gitlab.com/api/commits/#get-the-comments-of-a-commit
 type GetCommitCommentsOptions ListOptions
 
 // GetCommitComments gets the comments of a commit in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#get-the-comments-of-a-commit
-func (s *CommitsService) GetCommitComments(pid interface{}, sha string, opt *GetCommitCommentsOptions, options ...RequestOptionFunc) ([]*CommitComment, *Response, error) {
+// https://docs.gitlab.com/api/commits/#get-the-comments-of-a-commit
+func (s *CommitsService) GetCommitComments(pid any, sha string, opt *GetCommitCommentsOptions, options ...RequestOptionFunc) ([]*CommitComment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -379,7 +379,7 @@ func (s *CommitsService) GetCommitComments(pid interface{}, sha string, opt *Get
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#post-comment-to-commit
+// https://docs.gitlab.com/api/commits/#post-comment-to-commit
 type PostCommitCommentOptions struct {
 	Note     *string `url:"note,omitempty" json:"note,omitempty"`
 	Path     *string `url:"path" json:"path"`
@@ -392,8 +392,8 @@ type PostCommitCommentOptions struct {
 // line_old are required.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#post-comment-to-commit
-func (s *CommitsService) PostCommitComment(pid interface{}, sha string, opt *PostCommitCommentOptions, options ...RequestOptionFunc) (*CommitComment, *Response, error) {
+// https://docs.gitlab.com/api/commits/#post-comment-to-commit
+func (s *CommitsService) PostCommitComment(pid any, sha string, opt *PostCommitCommentOptions, options ...RequestOptionFunc) (*CommitComment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -416,7 +416,7 @@ func (s *CommitsService) PostCommitComment(pid interface{}, sha string, opt *Pos
 
 // GetCommitStatusesOptions represents the available GetCommitStatuses() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#list-the-statuses-of-a-commit
+// GitLab API docs: https://docs.gitlab.com/api/commits/#list-the-statuses-of-a-commit
 type GetCommitStatusesOptions struct {
 	ListOptions
 	Ref   *string `url:"ref,omitempty" json:"ref,omitempty"`
@@ -427,7 +427,7 @@ type GetCommitStatusesOptions struct {
 
 // CommitStatus represents a GitLab commit status.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#commit-status
+// GitLab API docs: https://docs.gitlab.com/api/commits/#commit-status
 type CommitStatus struct {
 	ID           int        `json:"id"`
 	SHA          string     `json:"sha"`
@@ -447,8 +447,8 @@ type CommitStatus struct {
 
 // GetCommitStatuses gets the statuses of a commit in a project.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#list-the-statuses-of-a-commit
-func (s *CommitsService) GetCommitStatuses(pid interface{}, sha string, opt *GetCommitStatusesOptions, options ...RequestOptionFunc) ([]*CommitStatus, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/commits/#list-the-statuses-of-a-commit
+func (s *CommitsService) GetCommitStatuses(pid any, sha string, opt *GetCommitStatusesOptions, options ...RequestOptionFunc) ([]*CommitStatus, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -471,7 +471,7 @@ func (s *CommitsService) GetCommitStatuses(pid interface{}, sha string, opt *Get
 
 // SetCommitStatusOptions represents the available SetCommitStatus() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#set-the-pipeline-status-of-a-commit
+// GitLab API docs: https://docs.gitlab.com/api/commits/#set-the-pipeline-status-of-a-commit
 type SetCommitStatusOptions struct {
 	State       BuildStateValue `url:"state" json:"state"`
 	Ref         *string         `url:"ref,omitempty" json:"ref,omitempty"`
@@ -485,8 +485,8 @@ type SetCommitStatusOptions struct {
 
 // SetCommitStatus sets the status of a commit in a project.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#set-the-pipeline-status-of-a-commit
-func (s *CommitsService) SetCommitStatus(pid interface{}, sha string, opt *SetCommitStatusOptions, options ...RequestOptionFunc) (*CommitStatus, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/commits/#set-the-pipeline-status-of-a-commit
+func (s *CommitsService) SetCommitStatus(pid any, sha string, opt *SetCommitStatusOptions, options ...RequestOptionFunc) (*CommitStatus, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -510,8 +510,8 @@ func (s *CommitsService) SetCommitStatus(pid interface{}, sha string, opt *SetCo
 // ListMergeRequestsByCommit gets merge request associated with a commit.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#list-merge-requests-associated-with-a-commit
-func (s *CommitsService) ListMergeRequestsByCommit(pid interface{}, sha string, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/commits/#list-merge-requests-associated-with-a-commit
+func (s *CommitsService) ListMergeRequestsByCommit(pid any, sha string, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -534,7 +534,7 @@ func (s *CommitsService) ListMergeRequestsByCommit(pid interface{}, sha string,
 
 // CherryPickCommitOptions represents the available CherryPickCommit() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#cherry-pick-a-commit
+// GitLab API docs: https://docs.gitlab.com/api/commits/#cherry-pick-a-commit
 type CherryPickCommitOptions struct {
 	Branch  *string `url:"branch,omitempty" json:"branch,omitempty"`
 	DryRun  *bool   `url:"dry_run,omitempty" json:"dry_run,omitempty"`
@@ -543,8 +543,8 @@ type CherryPickCommitOptions struct {
 
 // CherryPickCommit cherry picks a commit to a given branch.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#cherry-pick-a-commit
-func (s *CommitsService) CherryPickCommit(pid interface{}, sha string, opt *CherryPickCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/commits/#cherry-pick-a-commit
+func (s *CommitsService) CherryPickCommit(pid any, sha string, opt *CherryPickCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -567,15 +567,15 @@ func (s *CommitsService) CherryPickCommit(pid interface{}, sha string, opt *Cher
 
 // RevertCommitOptions represents the available RevertCommit() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#revert-a-commit
+// GitLab API docs: https://docs.gitlab.com/api/commits/#revert-a-commit
 type RevertCommitOptions struct {
 	Branch *string `url:"branch,omitempty" json:"branch,omitempty"`
 }
 
 // RevertCommit reverts a commit in a given branch.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#revert-a-commit
-func (s *CommitsService) RevertCommit(pid interface{}, sha string, opt *RevertCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/commits/#revert-a-commit
+func (s *CommitsService) RevertCommit(pid any, sha string, opt *RevertCommitOptions, options ...RequestOptionFunc) (*Commit, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -599,7 +599,7 @@ func (s *CommitsService) RevertCommit(pid interface{}, sha string, opt *RevertCo
 // GPGSignature represents a Gitlab commit's GPG Signature.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#get-gpg-signature-of-a-commit
+// https://docs.gitlab.com/api/commits/#get-signature-of-a-commit
 type GPGSignature struct {
 	KeyID              int    `json:"gpg_key_id"`
 	KeyPrimaryKeyID    string `json:"gpg_key_primary_keyid"`
@@ -611,8 +611,8 @@ type GPGSignature struct {
 
 // GetGPGSignature gets a GPG signature of a commit.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/commits.html#get-gpg-signature-of-a-commit
-func (s *CommitsService) GetGPGSignature(pid interface{}, sha string, options ...RequestOptionFunc) (*GPGSignature, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/commits/#get-signature-of-a-commit
+func (s *CommitsService) GetGPGSignature(pid any, sha string, options ...RequestOptionFunc) (*GPGSignature, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/container_registry.go b/vendor/gitlab.com/gitlab-org/api/client-go/container_registry.go
index dc361b8bab..4e473ee0e4 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/container_registry.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/container_registry.go
@@ -24,20 +24,20 @@ import (
 
 type (
 	ContainerRegistryServiceInterface interface {
-		ListProjectRegistryRepositories(pid interface{}, opt *ListRegistryRepositoriesOptions, options ...RequestOptionFunc) ([]*RegistryRepository, *Response, error)
-		ListGroupRegistryRepositories(gid interface{}, opt *ListRegistryRepositoriesOptions, options ...RequestOptionFunc) ([]*RegistryRepository, *Response, error)
-		GetSingleRegistryRepository(pid interface{}, opt *GetSingleRegistryRepositoryOptions, options ...RequestOptionFunc) (*RegistryRepository, *Response, error)
-		DeleteRegistryRepository(pid interface{}, repository int, options ...RequestOptionFunc) (*Response, error)
-		ListRegistryRepositoryTags(pid interface{}, repository int, opt *ListRegistryRepositoryTagsOptions, options ...RequestOptionFunc) ([]*RegistryRepositoryTag, *Response, error)
-		GetRegistryRepositoryTagDetail(pid interface{}, repository int, tagName string, options ...RequestOptionFunc) (*RegistryRepositoryTag, *Response, error)
-		DeleteRegistryRepositoryTag(pid interface{}, repository int, tagName string, options ...RequestOptionFunc) (*Response, error)
-		DeleteRegistryRepositoryTags(pid interface{}, repository int, opt *DeleteRegistryRepositoryTagsOptions, options ...RequestOptionFunc) (*Response, error)
+		ListProjectRegistryRepositories(pid any, opt *ListRegistryRepositoriesOptions, options ...RequestOptionFunc) ([]*RegistryRepository, *Response, error)
+		ListGroupRegistryRepositories(gid any, opt *ListRegistryRepositoriesOptions, options ...RequestOptionFunc) ([]*RegistryRepository, *Response, error)
+		GetSingleRegistryRepository(pid any, opt *GetSingleRegistryRepositoryOptions, options ...RequestOptionFunc) (*RegistryRepository, *Response, error)
+		DeleteRegistryRepository(pid any, repository int, options ...RequestOptionFunc) (*Response, error)
+		ListRegistryRepositoryTags(pid any, repository int, opt *ListRegistryRepositoryTagsOptions, options ...RequestOptionFunc) ([]*RegistryRepositoryTag, *Response, error)
+		GetRegistryRepositoryTagDetail(pid any, repository int, tagName string, options ...RequestOptionFunc) (*RegistryRepositoryTag, *Response, error)
+		DeleteRegistryRepositoryTag(pid any, repository int, tagName string, options ...RequestOptionFunc) (*Response, error)
+		DeleteRegistryRepositoryTags(pid any, repository int, opt *DeleteRegistryRepositoryTagsOptions, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ContainerRegistryService handles communication with the container registry
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/container_registry.html
+	// GitLab API docs: https://docs.gitlab.com/api/container_registry/
 	ContainerRegistryService struct {
 		client *Client
 	}
@@ -47,7 +47,7 @@ var _ ContainerRegistryServiceInterface = (*ContainerRegistryService)(nil)
 
 // RegistryRepository represents a GitLab content registry repository.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/container_registry.html
+// GitLab API docs: https://docs.gitlab.com/api/container_registry/
 type RegistryRepository struct {
 	ID                     int                      `json:"id"`
 	Name                   string                   `json:"name"`
@@ -67,7 +67,7 @@ func (s RegistryRepository) String() string {
 
 // RegistryRepositoryTag represents a GitLab registry image tag.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/container_registry.html
+// GitLab API docs: https://docs.gitlab.com/api/container_registry/
 type RegistryRepositoryTag struct {
 	Name          string     `json:"name"`
 	Path          string     `json:"path"`
@@ -87,7 +87,7 @@ func (s RegistryRepositoryTag) String() string {
 // ListRegistryRepositories() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#list-registry-repositories
+// https://docs.gitlab.com/api/container_registry/#list-registry-repositories
 type ListRegistryRepositoriesOptions struct {
 	ListOptions
 
@@ -99,8 +99,8 @@ type ListRegistryRepositoriesOptions struct {
 // ListProjectRegistryRepositories gets a list of registry repositories in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#within-a-project
-func (s *ContainerRegistryService) ListProjectRegistryRepositories(pid interface{}, opt *ListRegistryRepositoriesOptions, options ...RequestOptionFunc) ([]*RegistryRepository, *Response, error) {
+// https://docs.gitlab.com/api/container_registry/#within-a-project
+func (s *ContainerRegistryService) ListProjectRegistryRepositories(pid any, opt *ListRegistryRepositoriesOptions, options ...RequestOptionFunc) ([]*RegistryRepository, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -124,8 +124,8 @@ func (s *ContainerRegistryService) ListProjectRegistryRepositories(pid interface
 // ListGroupRegistryRepositories gets a list of registry repositories in a group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#within-a-group
-func (s *ContainerRegistryService) ListGroupRegistryRepositories(gid interface{}, opt *ListRegistryRepositoriesOptions, options ...RequestOptionFunc) ([]*RegistryRepository, *Response, error) {
+// https://docs.gitlab.com/api/container_registry/#within-a-group
+func (s *ContainerRegistryService) ListGroupRegistryRepositories(gid any, opt *ListRegistryRepositoriesOptions, options ...RequestOptionFunc) ([]*RegistryRepository, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -150,7 +150,7 @@ func (s *ContainerRegistryService) ListGroupRegistryRepositories(gid interface{}
 // GetSingleRegistryRepository() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#get-details-of-a-single-repository
+// https://docs.gitlab.com/api/container_registry/#get-details-of-a-single-repository
 type GetSingleRegistryRepositoryOptions struct {
 	Tags      *bool `url:"tags,omitempty" json:"tags,omitempty"`
 	TagsCount *bool `url:"tags_count,omitempty" json:"tags_count,omitempty"`
@@ -159,8 +159,8 @@ type GetSingleRegistryRepositoryOptions struct {
 // GetSingleRegistryRepository gets the details of single registry repository.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#get-details-of-a-single-repository
-func (s *ContainerRegistryService) GetSingleRegistryRepository(pid interface{}, opt *GetSingleRegistryRepositoryOptions, options ...RequestOptionFunc) (*RegistryRepository, *Response, error) {
+// https://docs.gitlab.com/api/container_registry/#get-details-of-a-single-repository
+func (s *ContainerRegistryService) GetSingleRegistryRepository(pid any, opt *GetSingleRegistryRepositoryOptions, options ...RequestOptionFunc) (*RegistryRepository, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -184,8 +184,8 @@ func (s *ContainerRegistryService) GetSingleRegistryRepository(pid interface{},
 // DeleteRegistryRepository deletes a repository in a registry.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#delete-registry-repository
-func (s *ContainerRegistryService) DeleteRegistryRepository(pid interface{}, repository int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/container_registry/#delete-registry-repository
+func (s *ContainerRegistryService) DeleteRegistryRepository(pid any, repository int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -204,14 +204,14 @@ func (s *ContainerRegistryService) DeleteRegistryRepository(pid interface{}, rep
 // ListRegistryRepositoryTags() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#list-registry-repository-tags
+// https://docs.gitlab.com/api/container_registry/#list-registry-repository-tags
 type ListRegistryRepositoryTagsOptions ListOptions
 
 // ListRegistryRepositoryTags gets a list of tags for given registry repository.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#list-registry-repository-tags
-func (s *ContainerRegistryService) ListRegistryRepositoryTags(pid interface{}, repository int, opt *ListRegistryRepositoryTagsOptions, options ...RequestOptionFunc) ([]*RegistryRepositoryTag, *Response, error) {
+// https://docs.gitlab.com/api/container_registry/#list-registry-repository-tags
+func (s *ContainerRegistryService) ListRegistryRepositoryTags(pid any, repository int, opt *ListRegistryRepositoryTagsOptions, options ...RequestOptionFunc) ([]*RegistryRepositoryTag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -238,8 +238,8 @@ func (s *ContainerRegistryService) ListRegistryRepositoryTags(pid interface{}, r
 // GetRegistryRepositoryTagDetail get details of a registry repository tag
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#get-details-of-a-registry-repository-tag
-func (s *ContainerRegistryService) GetRegistryRepositoryTagDetail(pid interface{}, repository int, tagName string, options ...RequestOptionFunc) (*RegistryRepositoryTag, *Response, error) {
+// https://docs.gitlab.com/api/container_registry/#get-details-of-a-registry-repository-tag
+func (s *ContainerRegistryService) GetRegistryRepositoryTagDetail(pid any, repository int, tagName string, options ...RequestOptionFunc) (*RegistryRepositoryTag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -267,8 +267,8 @@ func (s *ContainerRegistryService) GetRegistryRepositoryTagDetail(pid interface{
 // DeleteRegistryRepositoryTag deletes a registry repository tag.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#delete-a-registry-repository-tag
-func (s *ContainerRegistryService) DeleteRegistryRepositoryTag(pid interface{}, repository int, tagName string, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/container_registry/#delete-a-registry-repository-tag
+func (s *ContainerRegistryService) DeleteRegistryRepositoryTag(pid any, repository int, tagName string, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -291,7 +291,7 @@ func (s *ContainerRegistryService) DeleteRegistryRepositoryTag(pid interface{},
 // DeleteRegistryRepositoryTags() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#delete-registry-repository-tags-in-bulk
+// https://docs.gitlab.com/api/container_registry/#delete-registry-repository-tags-in-bulk
 type DeleteRegistryRepositoryTagsOptions struct {
 	NameRegexpDelete *string `url:"name_regex_delete,omitempty" json:"name_regex_delete,omitempty"`
 	NameRegexpKeep   *string `url:"name_regex_keep,omitempty" json:"name_regex_keep,omitempty"`
@@ -306,8 +306,8 @@ type DeleteRegistryRepositoryTagsOptions struct {
 // given criteria.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#delete-registry-repository-tags-in-bulk
-func (s *ContainerRegistryService) DeleteRegistryRepositoryTags(pid interface{}, repository int, opt *DeleteRegistryRepositoryTagsOptions, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/container_registry/#delete-registry-repository-tags-in-bulk
+func (s *ContainerRegistryService) DeleteRegistryRepositoryTags(pid any, repository int, opt *DeleteRegistryRepositoryTagsOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/container_registry_protection_rules.go b/vendor/gitlab.com/gitlab-org/api/client-go/container_registry_protection_rules.go
index 8f6242fc53..5871f39830 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/container_registry_protection_rules.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/container_registry_protection_rules.go
@@ -21,10 +21,10 @@ import (
 
 type (
 	ContainerRegistryProtectionRulesServiceInterface interface {
-		ListContainerRegistryProtectionRules(pid interface{}, options ...RequestOptionFunc) ([]*ContainerRegistryProtectionRule, *Response, error)
-		CreateContainerRegistryProtectionRule(pid interface{}, opt *CreateContainerRegistryProtectionRuleOptions, options ...RequestOptionFunc) (*ContainerRegistryProtectionRule, *Response, error)
-		UpdateContainerRegistryProtectionRule(pid interface{}, ruleID int, opt *UpdateContainerRegistryProtectionRuleOptions, options ...RequestOptionFunc) (*ContainerRegistryProtectionRule, *Response, error)
-		DeleteContainerRegistryProtectionRule(pid interface{}, ruleID int, options ...RequestOptionFunc) (*Response, error)
+		ListContainerRegistryProtectionRules(pid any, options ...RequestOptionFunc) ([]*ContainerRegistryProtectionRule, *Response, error)
+		CreateContainerRegistryProtectionRule(pid any, opt *CreateContainerRegistryProtectionRuleOptions, options ...RequestOptionFunc) (*ContainerRegistryProtectionRule, *Response, error)
+		UpdateContainerRegistryProtectionRule(pid any, ruleID int, opt *UpdateContainerRegistryProtectionRuleOptions, options ...RequestOptionFunc) (*ContainerRegistryProtectionRule, *Response, error)
+		DeleteContainerRegistryProtectionRule(pid any, ruleID int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ContainerRegistryProtectionRulesService handles communication with
@@ -62,7 +62,7 @@ func (s ContainerRegistryProtectionRule) String() string {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/container_repository_protection_rules/#list-container-repository-protection-rules
-func (s *ContainerRegistryProtectionRulesService) ListContainerRegistryProtectionRules(pid interface{}, options ...RequestOptionFunc) ([]*ContainerRegistryProtectionRule, *Response, error) {
+func (s *ContainerRegistryProtectionRulesService) ListContainerRegistryProtectionRules(pid any, options ...RequestOptionFunc) ([]*ContainerRegistryProtectionRule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -99,7 +99,7 @@ type CreateContainerRegistryProtectionRuleOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/container_repository_protection_rules/#create-a-container-repository-protection-rule
-func (s *ContainerRegistryProtectionRulesService) CreateContainerRegistryProtectionRule(pid interface{}, opt *CreateContainerRegistryProtectionRuleOptions, options ...RequestOptionFunc) (*ContainerRegistryProtectionRule, *Response, error) {
+func (s *ContainerRegistryProtectionRulesService) CreateContainerRegistryProtectionRule(pid any, opt *CreateContainerRegistryProtectionRuleOptions, options ...RequestOptionFunc) (*ContainerRegistryProtectionRule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -136,7 +136,7 @@ type UpdateContainerRegistryProtectionRuleOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/container_repository_protection_rules/#update-a-container-repository-protection-rule
-func (s *ContainerRegistryProtectionRulesService) UpdateContainerRegistryProtectionRule(pid interface{}, ruleID int, opt *UpdateContainerRegistryProtectionRuleOptions, options ...RequestOptionFunc) (*ContainerRegistryProtectionRule, *Response, error) {
+func (s *ContainerRegistryProtectionRulesService) UpdateContainerRegistryProtectionRule(pid any, ruleID int, opt *UpdateContainerRegistryProtectionRuleOptions, options ...RequestOptionFunc) (*ContainerRegistryProtectionRule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -162,7 +162,7 @@ func (s *ContainerRegistryProtectionRulesService) UpdateContainerRegistryProtect
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/container_repository_protection_rules/#delete-a-container-repository-protection-rule
-func (s *ContainerRegistryProtectionRulesService) DeleteContainerRegistryProtectionRule(pid interface{}, ruleID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *ContainerRegistryProtectionRulesService) DeleteContainerRegistryProtectionRule(pid any, ruleID int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/context.go b/vendor/gitlab.com/gitlab-org/api/client-go/context.go
new file mode 100644
index 0000000000..25c2319c78
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/context.go
@@ -0,0 +1,33 @@
+package gitlab
+
+import (
+	"context"
+
+	retryablehttp "github.com/hashicorp/go-retryablehttp"
+)
+
+// contextKey is key of context used internal client-go
+type contextKey struct{}
+
+// checkRetryKey is context key of requestRetry.
+// Value type of this key must be `retryablehttp.CheckRetry`
+// This is used in [WithRequestRetry].
+var checkRetryKey = &contextKey{}
+
+// checkRetryFromContext returns checkRetry from Context.
+// If checkRetry doesn't exist in context, return nil
+func checkRetryFromContext(ctx context.Context) retryablehttp.CheckRetry {
+	val := ctx.Value(checkRetryKey)
+
+	// There is no checkRetry in context
+	if val == nil {
+		return nil
+	}
+
+	return val.(retryablehttp.CheckRetry)
+}
+
+// contextWithCheckRetry create and return new context with checkRetry
+func contextWithCheckRetry(ctx context.Context, checkRetry retryablehttp.CheckRetry) context.Context {
+	return context.WithValue(ctx, checkRetryKey, checkRetry)
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/custom_attributes.go b/vendor/gitlab.com/gitlab-org/api/client-go/custom_attributes.go
index 99d155145a..92e3babcec 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/custom_attributes.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/custom_attributes.go
@@ -40,7 +40,7 @@ type (
 	// CustomAttributesService handles communication with the group, project and
 	// user custom attributes related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/custom_attributes.html
+	// GitLab API docs: https://docs.gitlab.com/api/custom_attributes/
 	CustomAttributesService struct {
 		client *Client
 	}
@@ -50,7 +50,7 @@ var _ CustomAttributesServiceInterface = (*CustomAttributesService)(nil)
 
 // CustomAttribute struct is used to unmarshal response to api calls.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/custom_attributes.html
+// GitLab API docs: https://docs.gitlab.com/api/custom_attributes/
 type CustomAttribute struct {
 	Key   string `json:"key"`
 	Value string `json:"value"`
@@ -59,7 +59,7 @@ type CustomAttribute struct {
 // ListCustomUserAttributes lists the custom attributes of the specified user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#list-custom-attributes
+// https://docs.gitlab.com/api/custom_attributes/#list-custom-attributes
 func (s *CustomAttributesService) ListCustomUserAttributes(user int, options ...RequestOptionFunc) ([]*CustomAttribute, *Response, error) {
 	return s.listCustomAttributes("users", user, options...)
 }
@@ -67,7 +67,7 @@ func (s *CustomAttributesService) ListCustomUserAttributes(user int, options ...
 // ListCustomGroupAttributes lists the custom attributes of the specified group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#list-custom-attributes
+// https://docs.gitlab.com/api/custom_attributes/#list-custom-attributes
 func (s *CustomAttributesService) ListCustomGroupAttributes(group int, options ...RequestOptionFunc) ([]*CustomAttribute, *Response, error) {
 	return s.listCustomAttributes("groups", group, options...)
 }
@@ -75,7 +75,7 @@ func (s *CustomAttributesService) ListCustomGroupAttributes(group int, options .
 // ListCustomProjectAttributes lists the custom attributes of the specified project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#list-custom-attributes
+// https://docs.gitlab.com/api/custom_attributes/#list-custom-attributes
 func (s *CustomAttributesService) ListCustomProjectAttributes(project int, options ...RequestOptionFunc) ([]*CustomAttribute, *Response, error) {
 	return s.listCustomAttributes("projects", project, options...)
 }
@@ -95,26 +95,26 @@ func (s *CustomAttributesService) listCustomAttributes(resource string, id int,
 	return cas, resp, nil
 }
 
-// GetCustomUserAttribute returns the user attribute with a speciifc key.
+// GetCustomUserAttribute returns the user attribute with a specific key.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#single-custom-attribute
+// https://docs.gitlab.com/api/custom_attributes/#single-custom-attribute
 func (s *CustomAttributesService) GetCustomUserAttribute(user int, key string, options ...RequestOptionFunc) (*CustomAttribute, *Response, error) {
 	return s.getCustomAttribute("users", user, key, options...)
 }
 
-// GetCustomGroupAttribute returns the group attribute with a speciifc key.
+// GetCustomGroupAttribute returns the group attribute with a specific key.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#single-custom-attribute
+// https://docs.gitlab.com/api/custom_attributes/#single-custom-attribute
 func (s *CustomAttributesService) GetCustomGroupAttribute(group int, key string, options ...RequestOptionFunc) (*CustomAttribute, *Response, error) {
 	return s.getCustomAttribute("groups", group, key, options...)
 }
 
-// GetCustomProjectAttribute returns the project attribute with a speciifc key.
+// GetCustomProjectAttribute returns the project attribute with a specific key.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#single-custom-attribute
+// https://docs.gitlab.com/api/custom_attributes/#single-custom-attribute
 func (s *CustomAttributesService) GetCustomProjectAttribute(project int, key string, options ...RequestOptionFunc) (*CustomAttribute, *Response, error) {
 	return s.getCustomAttribute("projects", project, key, options...)
 }
@@ -137,7 +137,7 @@ func (s *CustomAttributesService) getCustomAttribute(resource string, id int, ke
 // SetCustomUserAttribute sets the custom attributes of the specified user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#set-custom-attribute
+// https://docs.gitlab.com/api/custom_attributes/#set-custom-attribute
 func (s *CustomAttributesService) SetCustomUserAttribute(user int, c CustomAttribute, options ...RequestOptionFunc) (*CustomAttribute, *Response, error) {
 	return s.setCustomAttribute("users", user, c, options...)
 }
@@ -145,7 +145,7 @@ func (s *CustomAttributesService) SetCustomUserAttribute(user int, c CustomAttri
 // SetCustomGroupAttribute sets the custom attributes of the specified group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#set-custom-attribute
+// https://docs.gitlab.com/api/custom_attributes/#set-custom-attribute
 func (s *CustomAttributesService) SetCustomGroupAttribute(group int, c CustomAttribute, options ...RequestOptionFunc) (*CustomAttribute, *Response, error) {
 	return s.setCustomAttribute("groups", group, c, options...)
 }
@@ -153,7 +153,7 @@ func (s *CustomAttributesService) SetCustomGroupAttribute(group int, c CustomAtt
 // SetCustomProjectAttribute sets the custom attributes of the specified project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#set-custom-attribute
+// https://docs.gitlab.com/api/custom_attributes/#set-custom-attribute
 func (s *CustomAttributesService) SetCustomProjectAttribute(project int, c CustomAttribute, options ...RequestOptionFunc) (*CustomAttribute, *Response, error) {
 	return s.setCustomAttribute("projects", project, c, options...)
 }
@@ -176,7 +176,7 @@ func (s *CustomAttributesService) setCustomAttribute(resource string, id int, c
 // DeleteCustomUserAttribute removes the custom attribute of the specified user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#delete-custom-attribute
+// https://docs.gitlab.com/api/custom_attributes/#delete-custom-attribute
 func (s *CustomAttributesService) DeleteCustomUserAttribute(user int, key string, options ...RequestOptionFunc) (*Response, error) {
 	return s.deleteCustomAttribute("users", user, key, options...)
 }
@@ -184,7 +184,7 @@ func (s *CustomAttributesService) DeleteCustomUserAttribute(user int, key string
 // DeleteCustomGroupAttribute removes the custom attribute of the specified group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#delete-custom-attribute
+// https://docs.gitlab.com/api/custom_attributes/#delete-custom-attribute
 func (s *CustomAttributesService) DeleteCustomGroupAttribute(group int, key string, options ...RequestOptionFunc) (*Response, error) {
 	return s.deleteCustomAttribute("groups", group, key, options...)
 }
@@ -192,7 +192,7 @@ func (s *CustomAttributesService) DeleteCustomGroupAttribute(group int, key stri
 // DeleteCustomProjectAttribute removes the custom attribute of the specified project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/custom_attributes.html#delete-custom-attribute
+// https://docs.gitlab.com/api/custom_attributes/#delete-custom-attribute
 func (s *CustomAttributesService) DeleteCustomProjectAttribute(project int, key string, options ...RequestOptionFunc) (*Response, error) {
 	return s.deleteCustomAttribute("projects", project, key, options...)
 }
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/database_migrations.go b/vendor/gitlab.com/gitlab-org/api/client-go/database_migrations.go
new file mode 100644
index 0000000000..007b1b4016
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/database_migrations.go
@@ -0,0 +1,62 @@
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"fmt"
+	"net/http"
+)
+
+type (
+	DatabaseMigrationsServiceInterface interface {
+		MarkMigrationAsSuccessful(version int, opt *MarkMigrationAsSuccessfulOptions, options ...RequestOptionFunc) (*Response, error)
+	}
+
+	// DatabaseMigrationsService handles communication with the database
+	// migrations related methods of the GitLab API.
+	//
+	// GitLab API docs: https://docs.gitlab.com/api/database_migrations/
+	DatabaseMigrationsService struct {
+		client *Client
+	}
+)
+
+var _ DatabaseMigrationsServiceInterface = (*DatabaseMigrationsService)(nil)
+
+// MarkMigrationAsSuccessfulOptions represents the options to mark a migration
+// as successful.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/database_migrations/#mark-a-migration-as-successful
+type MarkMigrationAsSuccessfulOptions struct {
+	Database string `url:"database,omitempty" json:"database,omitempty"`
+}
+
+// MarkMigrationAsSuccessful markd pending migrations as successfully executed
+// to prevent them from being executed by the db:migrate tasks. Use this API to
+// skip failing migrations after they are determined to be safe to skip.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/database_migrations/#mark-a-migration-as-successful
+func (s *DatabaseMigrationsService) MarkMigrationAsSuccessful(version int, opt *MarkMigrationAsSuccessfulOptions, options ...RequestOptionFunc) (*Response, error) {
+	u := fmt.Sprintf("admin/migrations/%d/mark", version)
+
+	req, err := s.client.NewRequest(http.MethodPost, u, opt, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/dependencies.go b/vendor/gitlab.com/gitlab-org/api/client-go/dependencies.go
new file mode 100644
index 0000000000..e4b85381ed
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/dependencies.go
@@ -0,0 +1,103 @@
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"fmt"
+	"net/http"
+)
+
+type (
+	DependenciesServiceInterface interface {
+		ListProjectDependencies(pid any, opt *ListProjectDependenciesOptions, options ...RequestOptionFunc) ([]*Dependency, *Response, error)
+	}
+
+	// DependenciesService handles communication with the dependencies related
+	// methods of the GitLab API.
+	//
+	// GitLab API docs: https://docs.gitlab.com/api/dependencies/
+	DependenciesService struct {
+		client *Client
+	}
+)
+
+var _ DependenciesServiceInterface = (*DependenciesService)(nil)
+
+// Dependency represents a project dependency.
+//
+// GitLab API docs: https://docs.gitlab.com/api/dependencies/
+type Dependency struct {
+	Name               string                        `url:"name" json:"name"`
+	Version            string                        `url:"version" json:"version"`
+	PackageManager     DependencyPackageManagerValue `url:"package_manager" json:"package_manager"`
+	DependencyFilePath string                        `url:"dependency_file_path" json:"dependency_file_path"`
+	Vulnerabilities    []*DependencyVulnerability    `url:"vulnerabilities" json:"vulnerabilities"`
+	Licenses           []*DependencyLicense          `url:"licenses" json:"licenses"`
+}
+
+// DependencyVulnerability represents a project dependency vulnerability.
+//
+// GitLab API docs: https://docs.gitlab.com/api/dependencies/
+type DependencyVulnerability struct {
+	Name     string `url:"name" json:"name"`
+	Severity string `url:"severity" json:"severity"`
+	ID       int    `url:"id" json:"id"`
+	URL      string `url:"url" json:"url"`
+}
+
+// DependencyLicense represents a project dependency license.
+//
+// GitLab API docs: https://docs.gitlab.com/api/dependencies/
+type DependencyLicense struct {
+	Name string `url:"name" json:"name"`
+	URL  string `url:"url" json:"url"`
+}
+
+// ListProjectDependenciesOptions represents the options for listing project
+// dependencies.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/dependencies/#list-project-dependencies
+type ListProjectDependenciesOptions struct {
+	ListOptions
+	PackageManager []*DependencyPackageManagerValue `url:"package_manager,omitempty" json:"package_manager,omitempty"`
+}
+
+// ListProjectDependencies Get a list of project dependencies. This API partially
+// mirroring Dependency List feature. This list can be generated only for languages
+// and package managers supported by Gemnasium.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/dependencies/#list-project-dependencies
+func (s *DependenciesService) ListProjectDependencies(pid any, opt *ListProjectDependenciesOptions, options ...RequestOptionFunc) ([]*Dependency, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/dependencies", PathEscape(project))
+
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var dependencies []*Dependency
+	resp, err := s.client.Do(req, &dependencies)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return dependencies, resp, nil
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/dependency_list_export.go b/vendor/gitlab.com/gitlab-org/api/client-go/dependency_list_export.go
index 24ed3c2831..ed475fd46e 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/dependency_list_export.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/dependency_list_export.go
@@ -17,7 +17,7 @@ type (
 	// DependencyListExportService handles communication with the dependency list export
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/dependency_list_export.html
+	// GitLab API docs: https://docs.gitlab.com/api/dependency_list_export/
 	DependencyListExportService struct {
 		client *Client
 	}
@@ -29,7 +29,7 @@ var _ DependencyListExportServiceInterface = (*DependencyListExportService)(nil)
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/dependency_list_export.html#create-a-pipeline-level-dependency-list-export
+// https://docs.gitlab.com/api/dependency_list_export/#create-a-dependency-list-export
 type CreateDependencyListExportOptions struct {
 	ExportType *string `url:"export_type" json:"export_type"`
 }
@@ -37,7 +37,7 @@ type CreateDependencyListExportOptions struct {
 // DependencyListExport represents a request for a GitLab project's dependency list.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/dependency_list_export.html#create-a-pipeline-level-dependency-list-export
+// https://docs.gitlab.com/api/dependency_list_export/#create-a-dependency-list-export
 type DependencyListExport struct {
 	ID          int    `json:"id"`
 	HasFinished bool   `json:"has_finished"`
@@ -56,7 +56,7 @@ const defaultExportType = "sbom"
 // SBOM exports can be only accessed by the export’s author.
 //
 // GitLab docs:
-// https://docs.gitlab.com/ee/api/dependency_list_export.html#create-a-pipeline-level-dependency-list-export
+// https://docs.gitlab.com/api/dependency_list_export/#create-a-dependency-list-export
 func (s *DependencyListExportService) CreateDependencyListExport(pipelineID int, opt *CreateDependencyListExportOptions, options ...RequestOptionFunc) (*DependencyListExport, *Response, error) {
 	// POST /pipelines/:id/dependency_list_exports
 	createExportPath := fmt.Sprintf("pipelines/%d/dependency_list_exports", pipelineID)
@@ -85,7 +85,7 @@ func (s *DependencyListExportService) CreateDependencyListExport(pipelineID int,
 // GetDependencyListExport gets metadata about a single dependency list export.
 //
 // GitLab docs:
-// https://docs.gitlab.com/ee/api/dependency_list_export.html#get-single-dependency-list-export
+// https://docs.gitlab.com/api/dependency_list_export/#get-single-dependency-list-export
 func (s *DependencyListExportService) GetDependencyListExport(id int, options ...RequestOptionFunc) (*DependencyListExport, *Response, error) {
 	// GET /dependency_list_exports/:id
 	getExportPath := fmt.Sprintf("dependency_list_exports/%d", id)
@@ -116,7 +116,7 @@ func (s *DependencyListExportService) GetDependencyListExport(id int, options ..
 //	}
 //
 // GitLab docs:
-// https://docs.gitlab.com/ee/api/dependency_list_export.html#download-dependency-list-export
+// https://docs.gitlab.com/api/dependency_list_export/#download-dependency-list-export
 func (s *DependencyListExportService) DownloadDependencyListExport(id int, options ...RequestOptionFunc) (io.Reader, *Response, error) {
 	// GET /dependency_list_exports/:id/download
 	downloadExportPath := fmt.Sprintf("dependency_list_exports/%d/download", id)
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/dependency_proxy.go b/vendor/gitlab.com/gitlab-org/api/client-go/dependency_proxy.go
new file mode 100644
index 0000000000..a475cb5fd4
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/dependency_proxy.go
@@ -0,0 +1,56 @@
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"fmt"
+	"net/http"
+)
+
+type (
+	DependencyProxyServiceInterface interface {
+		PurgeGroupDependencyProxy(gid any, options ...RequestOptionFunc) (*Response, error)
+	}
+
+	// DependencyProxyService handles communication with the dependency proxy
+	// related methods of the GitLab API.
+	//
+	// GitLab API docs: https://docs.gitlab.com/api/dependency_proxy/
+	DependencyProxyService struct {
+		client *Client
+	}
+)
+
+var _ DependencyProxyServiceInterface = (*DependencyProxyService)(nil)
+
+// PurgeGroupDependencyProxy schedules for deletion the cached manifests and blobs
+// for a group. This endpoint requires the Owner role for the group.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/dependency_proxy/#purge-the-dependency-proxy-for-a-group
+func (s *DependencyProxyService) PurgeGroupDependencyProxy(gid any, options ...RequestOptionFunc) (*Response, error) {
+	group, err := parseID(gid)
+	if err != nil {
+		return nil, err
+	}
+	u := fmt.Sprintf("groups/%s/dependency_proxy/cache", PathEscape(group))
+
+	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/deploy_keys.go b/vendor/gitlab.com/gitlab-org/api/client-go/deploy_keys.go
index 1863b438a3..57d24568f1 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/deploy_keys.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/deploy_keys.go
@@ -25,18 +25,20 @@ import (
 type (
 	DeployKeysServiceInterface interface {
 		ListAllDeployKeys(opt *ListInstanceDeployKeysOptions, options ...RequestOptionFunc) ([]*InstanceDeployKey, *Response, error)
-		ListProjectDeployKeys(pid interface{}, opt *ListProjectDeployKeysOptions, options ...RequestOptionFunc) ([]*ProjectDeployKey, *Response, error)
-		GetDeployKey(pid interface{}, deployKey int, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error)
-		AddDeployKey(pid interface{}, opt *AddDeployKeyOptions, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error)
-		DeleteDeployKey(pid interface{}, deployKey int, options ...RequestOptionFunc) (*Response, error)
-		EnableDeployKey(pid interface{}, deployKey int, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error)
-		UpdateDeployKey(pid interface{}, deployKey int, opt *UpdateDeployKeyOptions, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error)
+		AddInstanceDeployKey(opt *AddInstanceDeployKeyOptions, options ...RequestOptionFunc) (*InstanceDeployKey, *Response, error)
+		ListProjectDeployKeys(pid any, opt *ListProjectDeployKeysOptions, options ...RequestOptionFunc) ([]*ProjectDeployKey, *Response, error)
+		ListUserProjectDeployKeys(uid any, opt *ListUserProjectDeployKeysOptions, options ...RequestOptionFunc) ([]*ProjectDeployKey, *Response, error)
+		GetDeployKey(pid any, deployKey int, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error)
+		AddDeployKey(pid any, opt *AddDeployKeyOptions, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error)
+		DeleteDeployKey(pid any, deployKey int, options ...RequestOptionFunc) (*Response, error)
+		EnableDeployKey(pid any, deployKey int, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error)
+		UpdateDeployKey(pid any, deployKey int, opt *UpdateDeployKeyOptions, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error)
 	}
 
 	// DeployKeysService handles communication with the keys related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/deploy_keys.html
+	// GitLab API docs: https://docs.gitlab.com/api/deploy_keys/
 	DeployKeysService struct {
 		client *Client
 	}
@@ -47,12 +49,15 @@ var _ DeployKeysServiceInterface = (*DeployKeysService)(nil)
 // InstanceDeployKey represents a GitLab deploy key with the associated
 // projects it has write access to.
 type InstanceDeployKey struct {
-	ID                      int                 `json:"id"`
-	Title                   string              `json:"title"`
-	CreatedAt               *time.Time          `json:"created_at"`
-	Key                     string              `json:"key"`
-	Fingerprint             string              `json:"fingerprint"`
-	ProjectsWithWriteAccess []*DeployKeyProject `json:"projects_with_write_access"`
+	ID                         int                 `json:"id"`
+	Title                      string              `json:"title"`
+	CreatedAt                  *time.Time          `json:"created_at"`
+	ExpiresAt                  *time.Time          `json:"expires_at"`
+	Key                        string              `json:"key"`
+	Fingerprint                string              `json:"fingerprint"`
+	FingerprintSHA256          string              `json:"fingerprint_sha256"`
+	ProjectsWithWriteAccess    []*DeployKeyProject `json:"projects_with_write_access"`
+	ProjectsWithReadonlyAccess []*DeployKeyProject `json:"projects_with_readonly_access"`
 }
 
 func (k InstanceDeployKey) String() string {
@@ -94,7 +99,7 @@ func (k ProjectDeployKey) String() string {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#list-all-deploy-keys
+// https://docs.gitlab.com/api/deploy_keys/#list-all-deploy-keys
 type ListInstanceDeployKeysOptions struct {
 	ListOptions
 	Public *bool `url:"public,omitempty" json:"public,omitempty"`
@@ -103,7 +108,7 @@ type ListInstanceDeployKeysOptions struct {
 // ListAllDeployKeys gets a list of all deploy keys
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#list-all-deploy-keys
+// https://docs.gitlab.com/api/deploy_keys/#list-all-deploy-keys
 func (s *DeployKeysService) ListAllDeployKeys(opt *ListInstanceDeployKeysOptions, options ...RequestOptionFunc) ([]*InstanceDeployKey, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "deploy_keys", opt, options)
 	if err != nil {
@@ -119,18 +124,49 @@ func (s *DeployKeysService) ListAllDeployKeys(opt *ListInstanceDeployKeysOptions
 	return ks, resp, nil
 }
 
+// AddInstanceDeployKeyOptions represents the available AddInstanceDeployKey()
+// options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/deploy_keys/#add-deploy-key
+type AddInstanceDeployKeyOptions struct {
+	Key       *string    `url:"key,omitempty" json:"key,omitempty"`
+	Title     *string    `url:"title,omitempty" json:"title,omitempty"`
+	ExpiresAt *time.Time `url:"expires_at,omitempty" json:"expires_at,omitempty"`
+}
+
+// AddInstanceDeployKey creates a deploy key for the GitLab instance.
+// Requires administrator access.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/deploy_keys/#add-deploy-key
+func (s *DeployKeysService) AddInstanceDeployKey(opt *AddInstanceDeployKeyOptions, options ...RequestOptionFunc) (*InstanceDeployKey, *Response, error) {
+	req, err := s.client.NewRequest(http.MethodPost, "deploy_keys", opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	key := new(InstanceDeployKey)
+	resp, err := s.client.Do(req, &key)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return key, resp, nil
+}
+
 // ListProjectDeployKeysOptions represents the available ListProjectDeployKeys()
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#list-deploy-keys-for-project
+// https://docs.gitlab.com/api/deploy_keys/#list-deploy-keys-for-project
 type ListProjectDeployKeysOptions ListOptions
 
 // ListProjectDeployKeys gets a list of a project's deploy keys
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#list-deploy-keys-for-project
-func (s *DeployKeysService) ListProjectDeployKeys(pid interface{}, opt *ListProjectDeployKeysOptions, options ...RequestOptionFunc) ([]*ProjectDeployKey, *Response, error) {
+// https://docs.gitlab.com/api/deploy_keys/#list-deploy-keys-for-project
+func (s *DeployKeysService) ListProjectDeployKeys(pid any, opt *ListProjectDeployKeysOptions, options ...RequestOptionFunc) ([]*ProjectDeployKey, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -151,11 +187,43 @@ func (s *DeployKeysService) ListProjectDeployKeys(pid interface{}, opt *ListProj
 	return ks, resp, nil
 }
 
+// ListUserProjectDeployKeysOptions represents the available ListUserProjectDeployKeys()
+// options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/deploy_keys/#list-project-deploy-keys-for-user
+type ListUserProjectDeployKeysOptions ListOptions
+
+// ListUserProjectDeployKeys gets a list of a user's deploy keys
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/deploy_keys/#list-project-deploy-keys-for-user
+func (s *DeployKeysService) ListUserProjectDeployKeys(uid any, opt *ListUserProjectDeployKeysOptions, options ...RequestOptionFunc) ([]*ProjectDeployKey, *Response, error) {
+	user, err := parseID(uid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("users/%s/project_deploy_keys", PathEscape(user))
+
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var ks []*ProjectDeployKey
+	resp, err := s.client.Do(req, &ks)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return ks, resp, nil
+}
+
 // GetDeployKey gets a single deploy key.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#get-a-single-deploy-key
-func (s *DeployKeysService) GetDeployKey(pid interface{}, deployKey int, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error) {
+// https://docs.gitlab.com/api/deploy_keys/#get-a-single-deploy-key
+func (s *DeployKeysService) GetDeployKey(pid any, deployKey int, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -179,7 +247,7 @@ func (s *DeployKeysService) GetDeployKey(pid interface{}, deployKey int, options
 // AddDeployKeyOptions represents the available ADDDeployKey() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#add-deploy-key-for-a-project
+// https://docs.gitlab.com/api/deploy_keys/#add-deploy-key-for-a-project
 type AddDeployKeyOptions struct {
 	Key       *string    `url:"key,omitempty" json:"key,omitempty"`
 	Title     *string    `url:"title,omitempty" json:"title,omitempty"`
@@ -189,11 +257,11 @@ type AddDeployKeyOptions struct {
 
 // AddDeployKey creates a new deploy key for a project. If deploy key already
 // exists in another project - it will be joined to project but only if
-// original one was is accessible by same user.
+// original one is accessible by the same user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#add-deploy-key-for-a-project
-func (s *DeployKeysService) AddDeployKey(pid interface{}, opt *AddDeployKeyOptions, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error) {
+// https://docs.gitlab.com/api/deploy_keys/#add-deploy-key-for-a-project
+func (s *DeployKeysService) AddDeployKey(pid any, opt *AddDeployKeyOptions, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -217,8 +285,8 @@ func (s *DeployKeysService) AddDeployKey(pid interface{}, opt *AddDeployKeyOptio
 // DeleteDeployKey deletes a deploy key from a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#delete-deploy-key
-func (s *DeployKeysService) DeleteDeployKey(pid interface{}, deployKey int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/deploy_keys/#delete-deploy-key
+func (s *DeployKeysService) DeleteDeployKey(pid any, deployKey int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -236,8 +304,8 @@ func (s *DeployKeysService) DeleteDeployKey(pid interface{}, deployKey int, opti
 // EnableDeployKey enables a deploy key.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#enable-a-deploy-key
-func (s *DeployKeysService) EnableDeployKey(pid interface{}, deployKey int, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error) {
+// https://docs.gitlab.com/api/deploy_keys/#enable-a-deploy-key
+func (s *DeployKeysService) EnableDeployKey(pid any, deployKey int, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -261,7 +329,7 @@ func (s *DeployKeysService) EnableDeployKey(pid interface{}, deployKey int, opti
 // UpdateDeployKeyOptions represents the available UpdateDeployKey() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#update-deploy-key
+// https://docs.gitlab.com/api/deploy_keys/#update-deploy-key
 type UpdateDeployKeyOptions struct {
 	Title   *string `url:"title,omitempty" json:"title,omitempty"`
 	CanPush *bool   `url:"can_push,omitempty" json:"can_push,omitempty"`
@@ -270,8 +338,8 @@ type UpdateDeployKeyOptions struct {
 // UpdateDeployKey updates a deploy key for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_keys.html#update-deploy-key
-func (s *DeployKeysService) UpdateDeployKey(pid interface{}, deployKey int, opt *UpdateDeployKeyOptions, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error) {
+// https://docs.gitlab.com/api/deploy_keys/#update-deploy-key
+func (s *DeployKeysService) UpdateDeployKey(pid any, deployKey int, opt *UpdateDeployKeyOptions, options ...RequestOptionFunc) (*ProjectDeployKey, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/deploy_tokens.go b/vendor/gitlab.com/gitlab-org/api/client-go/deploy_tokens.go
index 412e8b3665..f7128a69f7 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/deploy_tokens.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/deploy_tokens.go
@@ -25,20 +25,20 @@ import (
 type (
 	DeployTokensServiceInterface interface {
 		ListAllDeployTokens(options ...RequestOptionFunc) ([]*DeployToken, *Response, error)
-		ListProjectDeployTokens(pid interface{}, opt *ListProjectDeployTokensOptions, options ...RequestOptionFunc) ([]*DeployToken, *Response, error)
-		GetProjectDeployToken(pid interface{}, deployToken int, options ...RequestOptionFunc) (*DeployToken, *Response, error)
-		CreateProjectDeployToken(pid interface{}, opt *CreateProjectDeployTokenOptions, options ...RequestOptionFunc) (*DeployToken, *Response, error)
-		DeleteProjectDeployToken(pid interface{}, deployToken int, options ...RequestOptionFunc) (*Response, error)
-		ListGroupDeployTokens(gid interface{}, opt *ListGroupDeployTokensOptions, options ...RequestOptionFunc) ([]*DeployToken, *Response, error)
-		GetGroupDeployToken(gid interface{}, deployToken int, options ...RequestOptionFunc) (*DeployToken, *Response, error)
-		CreateGroupDeployToken(gid interface{}, opt *CreateGroupDeployTokenOptions, options ...RequestOptionFunc) (*DeployToken, *Response, error)
-		DeleteGroupDeployToken(gid interface{}, deployToken int, options ...RequestOptionFunc) (*Response, error)
+		ListProjectDeployTokens(pid any, opt *ListProjectDeployTokensOptions, options ...RequestOptionFunc) ([]*DeployToken, *Response, error)
+		GetProjectDeployToken(pid any, deployToken int, options ...RequestOptionFunc) (*DeployToken, *Response, error)
+		CreateProjectDeployToken(pid any, opt *CreateProjectDeployTokenOptions, options ...RequestOptionFunc) (*DeployToken, *Response, error)
+		DeleteProjectDeployToken(pid any, deployToken int, options ...RequestOptionFunc) (*Response, error)
+		ListGroupDeployTokens(gid any, opt *ListGroupDeployTokensOptions, options ...RequestOptionFunc) ([]*DeployToken, *Response, error)
+		GetGroupDeployToken(gid any, deployToken int, options ...RequestOptionFunc) (*DeployToken, *Response, error)
+		CreateGroupDeployToken(gid any, opt *CreateGroupDeployTokenOptions, options ...RequestOptionFunc) (*DeployToken, *Response, error)
+		DeleteGroupDeployToken(gid any, deployToken int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// DeployTokensService handles communication with the deploy tokens related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/deploy_tokens.html
+	// GitLab API docs: https://docs.gitlab.com/api/deploy_tokens/
 	DeployTokensService struct {
 		client *Client
 	}
@@ -63,7 +63,7 @@ func (k DeployToken) String() string {
 // ListAllDeployTokens gets a list of all deploy tokens.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#list-all-deploy-tokens
+// https://docs.gitlab.com/api/deploy_tokens/#list-all-deploy-tokens
 func (s *DeployTokensService) ListAllDeployTokens(options ...RequestOptionFunc) ([]*DeployToken, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "deploy_tokens", nil, options)
 	if err != nil {
@@ -83,14 +83,14 @@ func (s *DeployTokensService) ListAllDeployTokens(options ...RequestOptionFunc)
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#list-project-deploy-tokens
+// https://docs.gitlab.com/api/deploy_tokens/#list-project-deploy-tokens
 type ListProjectDeployTokensOptions ListOptions
 
 // ListProjectDeployTokens gets a list of a project's deploy tokens.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#list-project-deploy-tokens
-func (s *DeployTokensService) ListProjectDeployTokens(pid interface{}, opt *ListProjectDeployTokensOptions, options ...RequestOptionFunc) ([]*DeployToken, *Response, error) {
+// https://docs.gitlab.com/api/deploy_tokens/#list-project-deploy-tokens
+func (s *DeployTokensService) ListProjectDeployTokens(pid any, opt *ListProjectDeployTokensOptions, options ...RequestOptionFunc) ([]*DeployToken, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -114,8 +114,8 @@ func (s *DeployTokensService) ListProjectDeployTokens(pid interface{}, opt *List
 // GetProjectDeployToken gets a single deploy token.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#get-a-project-deploy-token
-func (s *DeployTokensService) GetProjectDeployToken(pid interface{}, deployToken int, options ...RequestOptionFunc) (*DeployToken, *Response, error) {
+// https://docs.gitlab.com/api/deploy_tokens/#get-a-project-deploy-token
+func (s *DeployTokensService) GetProjectDeployToken(pid any, deployToken int, options ...RequestOptionFunc) (*DeployToken, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -139,7 +139,7 @@ func (s *DeployTokensService) GetProjectDeployToken(pid interface{}, deployToken
 // CreateProjectDeployTokenOptions represents the available CreateProjectDeployToken() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#create-a-project-deploy-token
+// https://docs.gitlab.com/api/deploy_tokens/#create-a-project-deploy-token
 type CreateProjectDeployTokenOptions struct {
 	Name      *string    `url:"name,omitempty" json:"name,omitempty"`
 	ExpiresAt *time.Time `url:"expires_at,omitempty" json:"expires_at,omitempty"`
@@ -150,8 +150,8 @@ type CreateProjectDeployTokenOptions struct {
 // CreateProjectDeployToken creates a new deploy token for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#create-a-project-deploy-token
-func (s *DeployTokensService) CreateProjectDeployToken(pid interface{}, opt *CreateProjectDeployTokenOptions, options ...RequestOptionFunc) (*DeployToken, *Response, error) {
+// https://docs.gitlab.com/api/deploy_tokens/#create-a-project-deploy-token
+func (s *DeployTokensService) CreateProjectDeployToken(pid any, opt *CreateProjectDeployTokenOptions, options ...RequestOptionFunc) (*DeployToken, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -175,8 +175,8 @@ func (s *DeployTokensService) CreateProjectDeployToken(pid interface{}, opt *Cre
 // DeleteProjectDeployToken removes a deploy token from the project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#delete-a-project-deploy-token
-func (s *DeployTokensService) DeleteProjectDeployToken(pid interface{}, deployToken int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/deploy_tokens/#delete-a-project-deploy-token
+func (s *DeployTokensService) DeleteProjectDeployToken(pid any, deployToken int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -195,14 +195,14 @@ func (s *DeployTokensService) DeleteProjectDeployToken(pid interface{}, deployTo
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#list-group-deploy-tokens
+// https://docs.gitlab.com/api/deploy_tokens/#list-group-deploy-tokens
 type ListGroupDeployTokensOptions ListOptions
 
 // ListGroupDeployTokens gets a list of a group’s deploy tokens.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#list-group-deploy-tokens
-func (s *DeployTokensService) ListGroupDeployTokens(gid interface{}, opt *ListGroupDeployTokensOptions, options ...RequestOptionFunc) ([]*DeployToken, *Response, error) {
+// https://docs.gitlab.com/api/deploy_tokens/#list-group-deploy-tokens
+func (s *DeployTokensService) ListGroupDeployTokens(gid any, opt *ListGroupDeployTokensOptions, options ...RequestOptionFunc) ([]*DeployToken, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -226,8 +226,8 @@ func (s *DeployTokensService) ListGroupDeployTokens(gid interface{}, opt *ListGr
 // GetGroupDeployToken gets a single deploy token.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#get-a-group-deploy-token
-func (s *DeployTokensService) GetGroupDeployToken(gid interface{}, deployToken int, options ...RequestOptionFunc) (*DeployToken, *Response, error) {
+// https://docs.gitlab.com/api/deploy_tokens/#get-a-group-deploy-token
+func (s *DeployTokensService) GetGroupDeployToken(gid any, deployToken int, options ...RequestOptionFunc) (*DeployToken, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -251,7 +251,7 @@ func (s *DeployTokensService) GetGroupDeployToken(gid interface{}, deployToken i
 // CreateGroupDeployTokenOptions represents the available CreateGroupDeployToken() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#create-a-group-deploy-token
+// https://docs.gitlab.com/api/deploy_tokens/#create-a-group-deploy-token
 type CreateGroupDeployTokenOptions struct {
 	Name      *string    `url:"name,omitempty" json:"name,omitempty"`
 	ExpiresAt *time.Time `url:"expires_at,omitempty" json:"expires_at,omitempty"`
@@ -262,8 +262,8 @@ type CreateGroupDeployTokenOptions struct {
 // CreateGroupDeployToken creates a new deploy token for a group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#create-a-group-deploy-token
-func (s *DeployTokensService) CreateGroupDeployToken(gid interface{}, opt *CreateGroupDeployTokenOptions, options ...RequestOptionFunc) (*DeployToken, *Response, error) {
+// https://docs.gitlab.com/api/deploy_tokens/#create-a-group-deploy-token
+func (s *DeployTokensService) CreateGroupDeployToken(gid any, opt *CreateGroupDeployTokenOptions, options ...RequestOptionFunc) (*DeployToken, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -287,8 +287,8 @@ func (s *DeployTokensService) CreateGroupDeployToken(gid interface{}, opt *Creat
 // DeleteGroupDeployToken removes a deploy token from the group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deploy_tokens.html#delete-a-group-deploy-token
-func (s *DeployTokensService) DeleteGroupDeployToken(gid interface{}, deployToken int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/deploy_tokens/#delete-a-group-deploy-token
+func (s *DeployTokensService) DeleteGroupDeployToken(gid any, deployToken int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/deployments.go b/vendor/gitlab.com/gitlab-org/api/client-go/deployments.go
index d2a1db337b..7368477c9c 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/deployments.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/deployments.go
@@ -24,18 +24,18 @@ import (
 type (
 	// DeploymentsServiceInterface defines all the API methods for the DeploymentsService
 	DeploymentsServiceInterface interface {
-		ListProjectDeployments(pid interface{}, opts *ListProjectDeploymentsOptions, options ...RequestOptionFunc) ([]*Deployment, *Response, error)
-		GetProjectDeployment(pid interface{}, deployment int, options ...RequestOptionFunc) (*Deployment, *Response, error)
-		CreateProjectDeployment(pid interface{}, opt *CreateProjectDeploymentOptions, options ...RequestOptionFunc) (*Deployment, *Response, error)
-		UpdateProjectDeployment(pid interface{}, deployment int, opt *UpdateProjectDeploymentOptions, options ...RequestOptionFunc) (*Deployment, *Response, error)
-		ApproveOrRejectProjectDeployment(pid interface{}, deployment int, opt *ApproveOrRejectProjectDeploymentOptions, options ...RequestOptionFunc) (*Response, error)
-		DeleteProjectDeployment(pid interface{}, deployment int, options ...RequestOptionFunc) (*Response, error)
+		ListProjectDeployments(pid any, opts *ListProjectDeploymentsOptions, options ...RequestOptionFunc) ([]*Deployment, *Response, error)
+		GetProjectDeployment(pid any, deployment int, options ...RequestOptionFunc) (*Deployment, *Response, error)
+		CreateProjectDeployment(pid any, opt *CreateProjectDeploymentOptions, options ...RequestOptionFunc) (*Deployment, *Response, error)
+		UpdateProjectDeployment(pid any, deployment int, opt *UpdateProjectDeploymentOptions, options ...RequestOptionFunc) (*Deployment, *Response, error)
+		ApproveOrRejectProjectDeployment(pid any, deployment int, opt *ApproveOrRejectProjectDeploymentOptions, options ...RequestOptionFunc) (*Response, error)
+		DeleteProjectDeployment(pid any, deployment int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// DeploymentsService handles communication with the deployment related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/deployments.html
+	// GitLab API docs: https://docs.gitlab.com/api/deployments/
 	DeploymentsService struct {
 		client *Client
 	}
@@ -83,7 +83,7 @@ type Deployment struct {
 // ListProjectDeploymentsOptions represents the available ListProjectDeployments() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#list-project-deployments
+// https://docs.gitlab.com/api/deployments/#list-project-deployments
 type ListProjectDeploymentsOptions struct {
 	ListOptions
 	OrderBy     *string `url:"order_by,omitempty" json:"order_by,omitempty"`
@@ -103,8 +103,8 @@ type ListProjectDeploymentsOptions struct {
 // ListProjectDeployments gets a list of deployments in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#list-project-deployments
-func (s *DeploymentsService) ListProjectDeployments(pid interface{}, opts *ListProjectDeploymentsOptions, options ...RequestOptionFunc) ([]*Deployment, *Response, error) {
+// https://docs.gitlab.com/api/deployments/#list-project-deployments
+func (s *DeploymentsService) ListProjectDeployments(pid any, opts *ListProjectDeploymentsOptions, options ...RequestOptionFunc) ([]*Deployment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -128,8 +128,8 @@ func (s *DeploymentsService) ListProjectDeployments(pid interface{}, opts *ListP
 // GetProjectDeployment get a deployment for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#get-a-specific-deployment
-func (s *DeploymentsService) GetProjectDeployment(pid interface{}, deployment int, options ...RequestOptionFunc) (*Deployment, *Response, error) {
+// https://docs.gitlab.com/api/deployments/#get-a-specific-deployment
+func (s *DeploymentsService) GetProjectDeployment(pid any, deployment int, options ...RequestOptionFunc) (*Deployment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -154,7 +154,7 @@ func (s *DeploymentsService) GetProjectDeployment(pid interface{}, deployment in
 // CreateProjectDeployment() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#create-a-deployment
+// https://docs.gitlab.com/api/deployments/#create-a-deployment
 type CreateProjectDeploymentOptions struct {
 	Environment *string                `url:"environment,omitempty" json:"environment,omitempty"`
 	Ref         *string                `url:"ref,omitempty" json:"ref,omitempty"`
@@ -166,8 +166,8 @@ type CreateProjectDeploymentOptions struct {
 // CreateProjectDeployment creates a project deployment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#create-a-deployment
-func (s *DeploymentsService) CreateProjectDeployment(pid interface{}, opt *CreateProjectDeploymentOptions, options ...RequestOptionFunc) (*Deployment, *Response, error) {
+// https://docs.gitlab.com/api/deployments/#create-a-deployment
+func (s *DeploymentsService) CreateProjectDeployment(pid any, opt *CreateProjectDeploymentOptions, options ...RequestOptionFunc) (*Deployment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -192,7 +192,7 @@ func (s *DeploymentsService) CreateProjectDeployment(pid interface{}, opt *Creat
 // UpdateProjectDeployment() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#update-a-deployment
+// https://docs.gitlab.com/api/deployments/#update-a-deployment
 type UpdateProjectDeploymentOptions struct {
 	Status *DeploymentStatusValue `url:"status,omitempty" json:"status,omitempty"`
 }
@@ -200,8 +200,8 @@ type UpdateProjectDeploymentOptions struct {
 // UpdateProjectDeployment updates a project deployment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#update-a-deployment
-func (s *DeploymentsService) UpdateProjectDeployment(pid interface{}, deployment int, opt *UpdateProjectDeploymentOptions, options ...RequestOptionFunc) (*Deployment, *Response, error) {
+// https://docs.gitlab.com/api/deployments/#update-a-deployment
+func (s *DeploymentsService) UpdateProjectDeployment(pid any, deployment int, opt *UpdateProjectDeploymentOptions, options ...RequestOptionFunc) (*Deployment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -226,7 +226,7 @@ func (s *DeploymentsService) UpdateProjectDeployment(pid interface{}, deployment
 // ApproveOrRejectProjectDeployment() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#approve-or-reject-a-blocked-deployment
+// https://docs.gitlab.com/api/deployments/#approve-or-reject-a-blocked-deployment
 type ApproveOrRejectProjectDeploymentOptions struct {
 	Status        *DeploymentApprovalStatus `url:"status,omitempty" json:"status,omitempty"`
 	Comment       *string                   `url:"comment,omitempty" json:"comment,omitempty"`
@@ -236,8 +236,8 @@ type ApproveOrRejectProjectDeploymentOptions struct {
 // ApproveOrRejectProjectDeployment approve or reject a blocked deployment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#approve-or-reject-a-blocked-deployment
-func (s *DeploymentsService) ApproveOrRejectProjectDeployment(pid interface{}, deployment int,
+// https://docs.gitlab.com/api/deployments/#approve-or-reject-a-blocked-deployment
+func (s *DeploymentsService) ApproveOrRejectProjectDeployment(pid any, deployment int,
 	opt *ApproveOrRejectProjectDeploymentOptions, options ...RequestOptionFunc,
 ) (*Response, error) {
 	project, err := parseID(pid)
@@ -257,8 +257,8 @@ func (s *DeploymentsService) ApproveOrRejectProjectDeployment(pid interface{}, d
 // DeleteProjectDeployment delete a project deployment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#delete-a-specific-deployment
-func (s *DeploymentsService) DeleteProjectDeployment(pid interface{}, deployment int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/deployments/#delete-a-specific-deployment
+func (s *DeploymentsService) DeleteProjectDeployment(pid any, deployment int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/deployments_merge_requests.go b/vendor/gitlab.com/gitlab-org/api/client-go/deployments_merge_requests.go
index a75268593a..a2b0e717c0 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/deployments_merge_requests.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/deployments_merge_requests.go
@@ -21,14 +21,14 @@ import (
 type (
 	// DeploymentMergeRequestsServiceInterface defines all the API methods for the DeploymentMergeRequestsService
 	DeploymentMergeRequestsServiceInterface interface {
-		ListDeploymentMergeRequests(pid interface{}, deployment int, opts *ListMergeRequestsOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error)
+		ListDeploymentMergeRequests(pid any, deployment int, opts *ListMergeRequestsOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error)
 	}
 
 	// DeploymentMergeRequestsService handles communication with the deployment's
 	// merge requests related methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/deployments.html#list-of-merge-requests-associated-with-a-deployment
+	// https://docs.gitlab.com/api/deployments/#list-of-merge-requests-associated-with-a-deployment
 	DeploymentMergeRequestsService struct {
 		client *Client
 	}
@@ -39,8 +39,8 @@ var _ DeploymentMergeRequestsServiceInterface = (*DeploymentMergeRequestsService
 // ListDeploymentMergeRequests get the merge requests associated with deployment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/deployments.html#list-of-merge-requests-associated-with-a-deployment
-func (s *DeploymentMergeRequestsService) ListDeploymentMergeRequests(pid interface{}, deployment int, opts *ListMergeRequestsOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/deployments/#list-of-merge-requests-associated-with-a-deployment
+func (s *DeploymentMergeRequestsService) ListDeploymentMergeRequests(pid any, deployment int, opts *ListMergeRequestsOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/discussions.go b/vendor/gitlab.com/gitlab-org/api/client-go/discussions.go
index 2eb9b00b17..f73a865ad4 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/discussions.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/discussions.go
@@ -25,43 +25,43 @@ import (
 type (
 	// DiscussionsServiceInterface defines all the API methods for the DiscussionsService
 	DiscussionsServiceInterface interface {
-		ListIssueDiscussions(pid interface{}, issue int, opt *ListIssueDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error)
-		GetIssueDiscussion(pid interface{}, issue int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		CreateIssueDiscussion(pid interface{}, issue int, opt *CreateIssueDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		AddIssueDiscussionNote(pid interface{}, issue int, discussion string, opt *AddIssueDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		UpdateIssueDiscussionNote(pid interface{}, issue int, discussion string, note int, opt *UpdateIssueDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		DeleteIssueDiscussionNote(pid interface{}, issue int, discussion string, note int, options ...RequestOptionFunc) (*Response, error)
-		ListSnippetDiscussions(pid interface{}, snippet int, opt *ListSnippetDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error)
-		GetSnippetDiscussion(pid interface{}, snippet int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		CreateSnippetDiscussion(pid interface{}, snippet int, opt *CreateSnippetDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		AddSnippetDiscussionNote(pid interface{}, snippet int, discussion string, opt *AddSnippetDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		UpdateSnippetDiscussionNote(pid interface{}, snippet int, discussion string, note int, opt *UpdateSnippetDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		DeleteSnippetDiscussionNote(pid interface{}, snippet int, discussion string, note int, options ...RequestOptionFunc) (*Response, error)
-		ListGroupEpicDiscussions(gid interface{}, epic int, opt *ListGroupEpicDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error)
-		GetEpicDiscussion(gid interface{}, epic int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		CreateEpicDiscussion(gid interface{}, epic int, opt *CreateEpicDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		AddEpicDiscussionNote(gid interface{}, epic int, discussion string, opt *AddEpicDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		UpdateEpicDiscussionNote(gid interface{}, epic int, discussion string, note int, opt *UpdateEpicDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		DeleteEpicDiscussionNote(gid interface{}, epic int, discussion string, note int, options ...RequestOptionFunc) (*Response, error)
-		ListMergeRequestDiscussions(pid interface{}, mergeRequest int, opt *ListMergeRequestDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error)
-		GetMergeRequestDiscussion(pid interface{}, mergeRequest int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		CreateMergeRequestDiscussion(pid interface{}, mergeRequest int, opt *CreateMergeRequestDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		ResolveMergeRequestDiscussion(pid interface{}, mergeRequest int, discussion string, opt *ResolveMergeRequestDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		AddMergeRequestDiscussionNote(pid interface{}, mergeRequest int, discussion string, opt *AddMergeRequestDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		UpdateMergeRequestDiscussionNote(pid interface{}, mergeRequest int, discussion string, note int, opt *UpdateMergeRequestDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		DeleteMergeRequestDiscussionNote(pid interface{}, mergeRequest int, discussion string, note int, options ...RequestOptionFunc) (*Response, error)
-		ListCommitDiscussions(pid interface{}, commit string, opt *ListCommitDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error)
-		GetCommitDiscussion(pid interface{}, commit string, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		CreateCommitDiscussion(pid interface{}, commit string, opt *CreateCommitDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
-		AddCommitDiscussionNote(pid interface{}, commit string, discussion string, opt *AddCommitDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		UpdateCommitDiscussionNote(pid interface{}, commit string, discussion string, note int, opt *UpdateCommitDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		DeleteCommitDiscussionNote(pid interface{}, commit string, discussion string, note int, options ...RequestOptionFunc) (*Response, error)
+		ListIssueDiscussions(pid any, issue int, opt *ListIssueDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error)
+		GetIssueDiscussion(pid any, issue int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		CreateIssueDiscussion(pid any, issue int, opt *CreateIssueDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		AddIssueDiscussionNote(pid any, issue int, discussion string, opt *AddIssueDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		UpdateIssueDiscussionNote(pid any, issue int, discussion string, note int, opt *UpdateIssueDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		DeleteIssueDiscussionNote(pid any, issue int, discussion string, note int, options ...RequestOptionFunc) (*Response, error)
+		ListSnippetDiscussions(pid any, snippet int, opt *ListSnippetDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error)
+		GetSnippetDiscussion(pid any, snippet int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		CreateSnippetDiscussion(pid any, snippet int, opt *CreateSnippetDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		AddSnippetDiscussionNote(pid any, snippet int, discussion string, opt *AddSnippetDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		UpdateSnippetDiscussionNote(pid any, snippet int, discussion string, note int, opt *UpdateSnippetDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		DeleteSnippetDiscussionNote(pid any, snippet int, discussion string, note int, options ...RequestOptionFunc) (*Response, error)
+		ListGroupEpicDiscussions(gid any, epic int, opt *ListGroupEpicDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error)
+		GetEpicDiscussion(gid any, epic int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		CreateEpicDiscussion(gid any, epic int, opt *CreateEpicDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		AddEpicDiscussionNote(gid any, epic int, discussion string, opt *AddEpicDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		UpdateEpicDiscussionNote(gid any, epic int, discussion string, note int, opt *UpdateEpicDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		DeleteEpicDiscussionNote(gid any, epic int, discussion string, note int, options ...RequestOptionFunc) (*Response, error)
+		ListMergeRequestDiscussions(pid any, mergeRequest int, opt *ListMergeRequestDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error)
+		GetMergeRequestDiscussion(pid any, mergeRequest int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		CreateMergeRequestDiscussion(pid any, mergeRequest int, opt *CreateMergeRequestDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		ResolveMergeRequestDiscussion(pid any, mergeRequest int, discussion string, opt *ResolveMergeRequestDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		AddMergeRequestDiscussionNote(pid any, mergeRequest int, discussion string, opt *AddMergeRequestDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		UpdateMergeRequestDiscussionNote(pid any, mergeRequest int, discussion string, note int, opt *UpdateMergeRequestDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		DeleteMergeRequestDiscussionNote(pid any, mergeRequest int, discussion string, note int, options ...RequestOptionFunc) (*Response, error)
+		ListCommitDiscussions(pid any, commit string, opt *ListCommitDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error)
+		GetCommitDiscussion(pid any, commit string, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		CreateCommitDiscussion(pid any, commit string, opt *CreateCommitDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error)
+		AddCommitDiscussionNote(pid any, commit string, discussion string, opt *AddCommitDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		UpdateCommitDiscussionNote(pid any, commit string, discussion string, note int, opt *UpdateCommitDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		DeleteCommitDiscussionNote(pid any, commit string, discussion string, note int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// DiscussionsService handles communication with the discussions related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/discussions.html
+	// GitLab API docs: https://docs.gitlab.com/api/discussions/
 	DiscussionsService struct {
 		client *Client
 	}
@@ -71,7 +71,7 @@ var _ DiscussionsServiceInterface = (*DiscussionsService)(nil)
 
 // Discussion represents a GitLab discussion.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/discussions.html
+// GitLab API docs: https://docs.gitlab.com/api/discussions/
 type Discussion struct {
 	ID             string  `json:"id"`
 	IndividualNote bool    `json:"individual_note"`
@@ -86,15 +86,15 @@ func (d Discussion) String() string {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#list-project-issue-discussion-items
+// https://docs.gitlab.com/api/discussions/#list-project-issue-discussion-items
 type ListIssueDiscussionsOptions ListOptions
 
 // ListIssueDiscussions gets a list of all discussions for a single
 // issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#list-project-issue-discussion-items
-func (s *DiscussionsService) ListIssueDiscussions(pid interface{}, issue int, opt *ListIssueDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#list-project-issue-discussion-items
+func (s *DiscussionsService) ListIssueDiscussions(pid any, issue int, opt *ListIssueDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -118,8 +118,8 @@ func (s *DiscussionsService) ListIssueDiscussions(pid interface{}, issue int, op
 // GetIssueDiscussion returns a single discussion for a specific project issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#get-single-issue-discussion-item
-func (s *DiscussionsService) GetIssueDiscussion(pid interface{}, issue int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#get-single-issue-discussion-item
+func (s *DiscussionsService) GetIssueDiscussion(pid any, issue int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -148,7 +148,7 @@ func (s *DiscussionsService) GetIssueDiscussion(pid interface{}, issue int, disc
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#create-new-issue-thread
+// https://docs.gitlab.com/api/discussions/#create-new-issue-thread
 type CreateIssueDiscussionOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -157,8 +157,8 @@ type CreateIssueDiscussionOptions struct {
 // CreateIssueDiscussion creates a new discussion to a single project issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#create-new-issue-thread
-func (s *DiscussionsService) CreateIssueDiscussion(pid interface{}, issue int, opt *CreateIssueDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#create-new-issue-thread
+func (s *DiscussionsService) CreateIssueDiscussion(pid any, issue int, opt *CreateIssueDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -183,7 +183,7 @@ func (s *DiscussionsService) CreateIssueDiscussion(pid interface{}, issue int, o
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#add-note-to-existing-issue-thread
+// https://docs.gitlab.com/api/discussions/#add-note-to-existing-issue-thread
 type AddIssueDiscussionNoteOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -192,8 +192,8 @@ type AddIssueDiscussionNoteOptions struct {
 // AddIssueDiscussionNote creates a new discussion to a single project issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#add-note-to-existing-issue-thread
-func (s *DiscussionsService) AddIssueDiscussionNote(pid interface{}, issue int, discussion string, opt *AddIssueDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#add-note-to-existing-issue-thread
+func (s *DiscussionsService) AddIssueDiscussionNote(pid any, issue int, discussion string, opt *AddIssueDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -222,7 +222,7 @@ func (s *DiscussionsService) AddIssueDiscussionNote(pid interface{}, issue int,
 // UpdateIssueDiscussion() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#modify-existing-issue-thread-note
+// https://docs.gitlab.com/api/discussions/#modify-existing-issue-thread-note
 type UpdateIssueDiscussionNoteOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -231,8 +231,8 @@ type UpdateIssueDiscussionNoteOptions struct {
 // UpdateIssueDiscussionNote modifies existing discussion of an issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#modify-existing-issue-thread-note
-func (s *DiscussionsService) UpdateIssueDiscussionNote(pid interface{}, issue int, discussion string, note int, opt *UpdateIssueDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#modify-existing-issue-thread-note
+func (s *DiscussionsService) UpdateIssueDiscussionNote(pid any, issue int, discussion string, note int, opt *UpdateIssueDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -261,8 +261,8 @@ func (s *DiscussionsService) UpdateIssueDiscussionNote(pid interface{}, issue in
 // DeleteIssueDiscussionNote deletes an existing discussion of an issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#delete-an-issue-thread-note
-func (s *DiscussionsService) DeleteIssueDiscussionNote(pid interface{}, issue int, discussion string, note int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/discussions/#delete-an-issue-thread-note
+func (s *DiscussionsService) DeleteIssueDiscussionNote(pid any, issue int, discussion string, note int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -286,15 +286,15 @@ func (s *DiscussionsService) DeleteIssueDiscussionNote(pid interface{}, issue in
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#list-project-snippet-discussion-items
+// https://docs.gitlab.com/api/discussions/#list-project-snippet-discussion-items
 type ListSnippetDiscussionsOptions ListOptions
 
 // ListSnippetDiscussions gets a list of all discussions for a single
 // snippet. Snippet discussions are comments users can post to a snippet.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#list-project-snippet-discussion-items
-func (s *DiscussionsService) ListSnippetDiscussions(pid interface{}, snippet int, opt *ListSnippetDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#list-project-snippet-discussion-items
+func (s *DiscussionsService) ListSnippetDiscussions(pid any, snippet int, opt *ListSnippetDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -318,8 +318,8 @@ func (s *DiscussionsService) ListSnippetDiscussions(pid interface{}, snippet int
 // GetSnippetDiscussion returns a single discussion for a given snippet.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#get-single-snippet-discussion-item
-func (s *DiscussionsService) GetSnippetDiscussion(pid interface{}, snippet int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#get-single-snippet-discussion-item
+func (s *DiscussionsService) GetSnippetDiscussion(pid any, snippet int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -348,7 +348,7 @@ func (s *DiscussionsService) GetSnippetDiscussion(pid interface{}, snippet int,
 // CreateSnippetDiscussion() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#create-new-snippet-thread
+// https://docs.gitlab.com/api/discussions/#create-new-snippet-thread
 type CreateSnippetDiscussionOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -358,8 +358,8 @@ type CreateSnippetDiscussionOptions struct {
 // Snippet discussions are comments users can post to a snippet.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#create-new-snippet-thread
-func (s *DiscussionsService) CreateSnippetDiscussion(pid interface{}, snippet int, opt *CreateSnippetDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#create-new-snippet-thread
+func (s *DiscussionsService) CreateSnippetDiscussion(pid any, snippet int, opt *CreateSnippetDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -384,7 +384,7 @@ func (s *DiscussionsService) CreateSnippetDiscussion(pid interface{}, snippet in
 // AddSnippetDiscussionNote() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#add-note-to-existing-snippet-thread
+// https://docs.gitlab.com/api/discussions/#add-note-to-existing-snippet-thread
 type AddSnippetDiscussionNoteOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -394,8 +394,8 @@ type AddSnippetDiscussionNoteOptions struct {
 // snippet.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#add-note-to-existing-snippet-thread
-func (s *DiscussionsService) AddSnippetDiscussionNote(pid interface{}, snippet int, discussion string, opt *AddSnippetDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#add-note-to-existing-snippet-thread
+func (s *DiscussionsService) AddSnippetDiscussionNote(pid any, snippet int, discussion string, opt *AddSnippetDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -424,7 +424,7 @@ func (s *DiscussionsService) AddSnippetDiscussionNote(pid interface{}, snippet i
 // UpdateSnippetDiscussion() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#modify-existing-snippet-thread-note
+// https://docs.gitlab.com/api/discussions/#modify-existing-snippet-thread-note
 type UpdateSnippetDiscussionNoteOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -433,8 +433,8 @@ type UpdateSnippetDiscussionNoteOptions struct {
 // UpdateSnippetDiscussionNote modifies existing discussion of a snippet.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#modify-existing-snippet-thread-note
-func (s *DiscussionsService) UpdateSnippetDiscussionNote(pid interface{}, snippet int, discussion string, note int, opt *UpdateSnippetDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#modify-existing-snippet-thread-note
+func (s *DiscussionsService) UpdateSnippetDiscussionNote(pid any, snippet int, discussion string, note int, opt *UpdateSnippetDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -463,8 +463,8 @@ func (s *DiscussionsService) UpdateSnippetDiscussionNote(pid interface{}, snippe
 // DeleteSnippetDiscussionNote deletes an existing discussion of a snippet.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#delete-a-snippet-thread-note
-func (s *DiscussionsService) DeleteSnippetDiscussionNote(pid interface{}, snippet int, discussion string, note int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/discussions/#delete-a-snippet-thread-note
+func (s *DiscussionsService) DeleteSnippetDiscussionNote(pid any, snippet int, discussion string, note int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -488,15 +488,15 @@ func (s *DiscussionsService) DeleteSnippetDiscussionNote(pid interface{}, snippe
 // ListEpicDiscussions() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#list-group-epic-discussion-items
+// https://docs.gitlab.com/api/discussions/#list-group-epic-discussion-items
 type ListGroupEpicDiscussionsOptions ListOptions
 
 // ListGroupEpicDiscussions gets a list of all discussions for a single
 // epic. Epic discussions are comments users can post to a epic.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#list-group-epic-discussion-items
-func (s *DiscussionsService) ListGroupEpicDiscussions(gid interface{}, epic int, opt *ListGroupEpicDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#list-group-epic-discussion-items
+func (s *DiscussionsService) ListGroupEpicDiscussions(gid any, epic int, opt *ListGroupEpicDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -523,8 +523,8 @@ func (s *DiscussionsService) ListGroupEpicDiscussions(gid interface{}, epic int,
 // GetEpicDiscussion returns a single discussion for a given epic.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#get-single-epic-discussion-item
-func (s *DiscussionsService) GetEpicDiscussion(gid interface{}, epic int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#get-single-epic-discussion-item
+func (s *DiscussionsService) GetEpicDiscussion(gid any, epic int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -553,7 +553,7 @@ func (s *DiscussionsService) GetEpicDiscussion(gid interface{}, epic int, discus
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#create-new-epic-thread
+// https://docs.gitlab.com/api/discussions/#create-new-epic-thread
 type CreateEpicDiscussionOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -563,8 +563,8 @@ type CreateEpicDiscussionOptions struct {
 // discussions are comments users can post to a epic.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#create-new-epic-thread
-func (s *DiscussionsService) CreateEpicDiscussion(gid interface{}, epic int, opt *CreateEpicDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#create-new-epic-thread
+func (s *DiscussionsService) CreateEpicDiscussion(gid any, epic int, opt *CreateEpicDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -592,7 +592,7 @@ func (s *DiscussionsService) CreateEpicDiscussion(gid interface{}, epic int, opt
 // AddEpicDiscussionNote() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#add-note-to-existing-epic-thread
+// https://docs.gitlab.com/api/discussions/#add-note-to-existing-epic-thread
 type AddEpicDiscussionNoteOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -601,8 +601,8 @@ type AddEpicDiscussionNoteOptions struct {
 // AddEpicDiscussionNote creates a new discussion to a single project epic.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#add-note-to-existing-epic-thread
-func (s *DiscussionsService) AddEpicDiscussionNote(gid interface{}, epic int, discussion string, opt *AddEpicDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#add-note-to-existing-epic-thread
+func (s *DiscussionsService) AddEpicDiscussionNote(gid any, epic int, discussion string, opt *AddEpicDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -631,17 +631,17 @@ func (s *DiscussionsService) AddEpicDiscussionNote(gid interface{}, epic int, di
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#modify-existing-epic-thread-note
+// https://docs.gitlab.com/api/discussions/#modify-existing-epic-thread-note
 type UpdateEpicDiscussionNoteOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
 }
 
-// UpdateEpicDiscussionNote modifies existing discussion of a epic.
+// UpdateEpicDiscussionNote modifies existing discussion of an epic.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#modify-existing-epic-thread-note
-func (s *DiscussionsService) UpdateEpicDiscussionNote(gid interface{}, epic int, discussion string, note int, opt *UpdateEpicDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#modify-existing-epic-thread-note
+func (s *DiscussionsService) UpdateEpicDiscussionNote(gid any, epic int, discussion string, note int, opt *UpdateEpicDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -670,8 +670,8 @@ func (s *DiscussionsService) UpdateEpicDiscussionNote(gid interface{}, epic int,
 // DeleteEpicDiscussionNote deletes an existing discussion of a epic.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#delete-an-epic-thread-note
-func (s *DiscussionsService) DeleteEpicDiscussionNote(gid interface{}, epic int, discussion string, note int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/discussions/#delete-an-epic-thread-note
+func (s *DiscussionsService) DeleteEpicDiscussionNote(gid any, epic int, discussion string, note int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -695,15 +695,15 @@ func (s *DiscussionsService) DeleteEpicDiscussionNote(gid interface{}, epic int,
 // ListMergeRequestDiscussions() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#list-project-merge-request-discussion-items
+// https://docs.gitlab.com/api/discussions/#list-project-merge-request-discussion-items
 type ListMergeRequestDiscussionsOptions ListOptions
 
 // ListMergeRequestDiscussions gets a list of all discussions for a single
 // merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#list-project-merge-request-discussion-items
-func (s *DiscussionsService) ListMergeRequestDiscussions(pid interface{}, mergeRequest int, opt *ListMergeRequestDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#list-project-merge-request-discussion-items
+func (s *DiscussionsService) ListMergeRequestDiscussions(pid any, mergeRequest int, opt *ListMergeRequestDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -731,8 +731,8 @@ func (s *DiscussionsService) ListMergeRequestDiscussions(pid interface{}, mergeR
 // request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#get-single-merge-request-discussion-item
-func (s *DiscussionsService) GetMergeRequestDiscussion(pid interface{}, mergeRequest int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#get-single-merge-request-discussion-item
+func (s *DiscussionsService) GetMergeRequestDiscussion(pid any, mergeRequest int, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -761,7 +761,7 @@ func (s *DiscussionsService) GetMergeRequestDiscussion(pid interface{}, mergeReq
 // CreateMergeRequestDiscussion() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#create-new-merge-request-thread
+// https://docs.gitlab.com/api/discussions/#create-new-merge-request-thread
 type CreateMergeRequestDiscussionOptions struct {
 	Body      *string          `url:"body,omitempty" json:"body,omitempty"`
 	CommitID  *string          `url:"commit_id,omitempty" json:"commit_id,omitempty"`
@@ -796,14 +796,16 @@ type LineRangeOptions struct {
 type LinePositionOptions struct {
 	LineCode *string `url:"line_code,omitempty" json:"line_code,omitempty"`
 	Type     *string `url:"type,omitempty" json:"type,omitempty"`
+	OldLine  *int    `url:"old_line,omitempty" json:"old_line,omitempty"`
+	NewLine  *int    `url:"new_line,omitempty" json:"new_line,omitempty"`
 }
 
 // CreateMergeRequestDiscussion creates a new discussion for a single merge
 // request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#create-new-merge-request-thread
-func (s *DiscussionsService) CreateMergeRequestDiscussion(pid interface{}, mergeRequest int, opt *CreateMergeRequestDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#create-new-merge-request-thread
+func (s *DiscussionsService) CreateMergeRequestDiscussion(pid any, mergeRequest int, opt *CreateMergeRequestDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -831,7 +833,7 @@ func (s *DiscussionsService) CreateMergeRequestDiscussion(pid interface{}, merge
 // ResolveMergeRequestDiscussion() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#resolve-a-merge-request-thread
+// https://docs.gitlab.com/api/discussions/#resolve-a-merge-request-thread
 type ResolveMergeRequestDiscussionOptions struct {
 	Resolved *bool `url:"resolved,omitempty" json:"resolved,omitempty"`
 }
@@ -840,8 +842,8 @@ type ResolveMergeRequestDiscussionOptions struct {
 // request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#resolve-a-merge-request-thread
-func (s *DiscussionsService) ResolveMergeRequestDiscussion(pid interface{}, mergeRequest int, discussion string, opt *ResolveMergeRequestDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#resolve-a-merge-request-thread
+func (s *DiscussionsService) ResolveMergeRequestDiscussion(pid any, mergeRequest int, discussion string, opt *ResolveMergeRequestDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -870,7 +872,7 @@ func (s *DiscussionsService) ResolveMergeRequestDiscussion(pid interface{}, merg
 // AddMergeRequestDiscussionNote() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#add-note-to-existing-merge-request-thread
+// https://docs.gitlab.com/api/discussions/#add-note-to-existing-merge-request-thread
 type AddMergeRequestDiscussionNoteOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -880,8 +882,8 @@ type AddMergeRequestDiscussionNoteOptions struct {
 // merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#add-note-to-existing-merge-request-thread
-func (s *DiscussionsService) AddMergeRequestDiscussionNote(pid interface{}, mergeRequest int, discussion string, opt *AddMergeRequestDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#add-note-to-existing-merge-request-thread
+func (s *DiscussionsService) AddMergeRequestDiscussionNote(pid any, mergeRequest int, discussion string, opt *AddMergeRequestDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -910,7 +912,7 @@ func (s *DiscussionsService) AddMergeRequestDiscussionNote(pid interface{}, merg
 // UpdateMergeRequestDiscussion() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#modify-an-existing-merge-request-thread-note
+// https://docs.gitlab.com/api/discussions/#modify-an-existing-merge-request-thread-note
 type UpdateMergeRequestDiscussionNoteOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -921,8 +923,8 @@ type UpdateMergeRequestDiscussionNoteOptions struct {
 // request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#modify-an-existing-merge-request-thread-note
-func (s *DiscussionsService) UpdateMergeRequestDiscussionNote(pid interface{}, mergeRequest int, discussion string, note int, opt *UpdateMergeRequestDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#modify-an-existing-merge-request-thread-note
+func (s *DiscussionsService) UpdateMergeRequestDiscussionNote(pid any, mergeRequest int, discussion string, note int, opt *UpdateMergeRequestDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -952,8 +954,8 @@ func (s *DiscussionsService) UpdateMergeRequestDiscussionNote(pid interface{}, m
 // request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#delete-a-merge-request-thread-note
-func (s *DiscussionsService) DeleteMergeRequestDiscussionNote(pid interface{}, mergeRequest int, discussion string, note int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/discussions/#delete-a-merge-request-thread-note
+func (s *DiscussionsService) DeleteMergeRequestDiscussionNote(pid any, mergeRequest int, discussion string, note int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -977,15 +979,15 @@ func (s *DiscussionsService) DeleteMergeRequestDiscussionNote(pid interface{}, m
 // ListCommitDiscussions() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#list-project-commit-discussion-items
+// https://docs.gitlab.com/api/discussions/#list-project-commit-discussion-items
 type ListCommitDiscussionsOptions ListOptions
 
 // ListCommitDiscussions gets a list of all discussions for a single
 // commit.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#list-project-commit-discussion-items
-func (s *DiscussionsService) ListCommitDiscussions(pid interface{}, commit string, opt *ListCommitDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#list-project-commit-discussion-items
+func (s *DiscussionsService) ListCommitDiscussions(pid any, commit string, opt *ListCommitDiscussionsOptions, options ...RequestOptionFunc) ([]*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1013,8 +1015,8 @@ func (s *DiscussionsService) ListCommitDiscussions(pid interface{}, commit strin
 // commit.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#get-single-commit-discussion-item
-func (s *DiscussionsService) GetCommitDiscussion(pid interface{}, commit string, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#get-single-commit-discussion-item
+func (s *DiscussionsService) GetCommitDiscussion(pid any, commit string, discussion string, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1043,7 +1045,7 @@ func (s *DiscussionsService) GetCommitDiscussion(pid interface{}, commit string,
 // CreateCommitDiscussion() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#create-new-commit-thread
+// https://docs.gitlab.com/api/discussions/#create-new-commit-thread
 type CreateCommitDiscussionOptions struct {
 	Body      *string       `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time    `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -1053,8 +1055,8 @@ type CreateCommitDiscussionOptions struct {
 // CreateCommitDiscussion creates a new discussion to a single project commit.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#create-new-commit-thread
-func (s *DiscussionsService) CreateCommitDiscussion(pid interface{}, commit string, opt *CreateCommitDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#create-new-commit-thread
+func (s *DiscussionsService) CreateCommitDiscussion(pid any, commit string, opt *CreateCommitDiscussionOptions, options ...RequestOptionFunc) (*Discussion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1082,7 +1084,7 @@ func (s *DiscussionsService) CreateCommitDiscussion(pid interface{}, commit stri
 // AddCommitDiscussionNote() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#add-note-to-existing-commit-thread
+// https://docs.gitlab.com/api/discussions/#add-note-to-existing-commit-thread
 type AddCommitDiscussionNoteOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
@@ -1091,8 +1093,8 @@ type AddCommitDiscussionNoteOptions struct {
 // AddCommitDiscussionNote creates a new discussion to a single project commit.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#add-note-to-existing-commit-thread
-func (s *DiscussionsService) AddCommitDiscussionNote(pid interface{}, commit string, discussion string, opt *AddCommitDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#add-note-to-existing-commit-thread
+func (s *DiscussionsService) AddCommitDiscussionNote(pid any, commit string, discussion string, opt *AddCommitDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1121,17 +1123,17 @@ func (s *DiscussionsService) AddCommitDiscussionNote(pid interface{}, commit str
 // UpdateCommitDiscussion() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#modify-an-existing-commit-thread-note
+// https://docs.gitlab.com/api/discussions/#modify-an-existing-commit-thread-note
 type UpdateCommitDiscussionNoteOptions struct {
 	Body      *string    `url:"body,omitempty" json:"body,omitempty"`
 	CreatedAt *time.Time `url:"created_at,omitempty" json:"created_at,omitempty"`
 }
 
-// UpdateCommitDiscussionNote modifies existing discussion of an commit.
+// UpdateCommitDiscussionNote modifies existing discussion of a commit.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#modify-an-existing-commit-thread-note
-func (s *DiscussionsService) UpdateCommitDiscussionNote(pid interface{}, commit string, discussion string, note int, opt *UpdateCommitDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+// https://docs.gitlab.com/api/discussions/#modify-an-existing-commit-thread-note
+func (s *DiscussionsService) UpdateCommitDiscussionNote(pid any, commit string, discussion string, note int, opt *UpdateCommitDiscussionNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1160,8 +1162,8 @@ func (s *DiscussionsService) UpdateCommitDiscussionNote(pid interface{}, commit
 // DeleteCommitDiscussionNote deletes an existing discussion of an commit.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/discussions.html#delete-a-commit-thread-note
-func (s *DiscussionsService) DeleteCommitDiscussionNote(pid interface{}, commit string, discussion string, note int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/discussions/#delete-a-commit-thread-note
+func (s *DiscussionsService) DeleteCommitDiscussionNote(pid any, commit string, discussion string, note int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/dora_metrics.go b/vendor/gitlab.com/gitlab-org/api/client-go/dora_metrics.go
index 5b900183b0..21b4d0eba9 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/dora_metrics.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/dora_metrics.go
@@ -24,8 +24,8 @@ import (
 type (
 	// DORAMetricsServiceInterface defines all the API methods for the DORAMetricsService
 	DORAMetricsServiceInterface interface {
-		GetProjectDORAMetrics(pid interface{}, opt GetDORAMetricsOptions, options ...RequestOptionFunc) ([]DORAMetric, *Response, error)
-		GetGroupDORAMetrics(gid interface{}, opt GetDORAMetricsOptions, options ...RequestOptionFunc) ([]DORAMetric, *Response, error)
+		GetProjectDORAMetrics(pid any, opt GetDORAMetricsOptions, options ...RequestOptionFunc) ([]DORAMetric, *Response, error)
+		GetGroupDORAMetrics(gid any, opt GetDORAMetricsOptions, options ...RequestOptionFunc) ([]DORAMetric, *Response, error)
 	}
 
 	// DORAMetricsService handles communication with the DORA metrics related methods
@@ -64,16 +64,13 @@ type GetDORAMetricsOptions struct {
 	EnvironmentTiers *[]string           `url:"environment_tiers,comma,omitempty" json:"environment_tiers,omitempty"`
 	Interval         *DORAMetricInterval `url:"interval,omitempty" json:"interval,omitempty"`
 	StartDate        *ISOTime            `url:"start_date,omitempty" json:"start_date,omitempty"`
-
-	// Deprecated, use environment tiers instead
-	EnvironmentTier *string `url:"environment_tier,omitempty" json:"environment_tier,omitempty"`
 }
 
 // GetProjectDORAMetrics gets the DORA metrics for a project.
 //
 // GitLab API Docs:
 // https://docs.gitlab.com/api/dora/metrics/#get-project-level-dora-metrics
-func (s *DORAMetricsService) GetProjectDORAMetrics(pid interface{}, opt GetDORAMetricsOptions, options ...RequestOptionFunc) ([]DORAMetric, *Response, error) {
+func (s *DORAMetricsService) GetProjectDORAMetrics(pid any, opt GetDORAMetricsOptions, options ...RequestOptionFunc) ([]DORAMetric, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -98,7 +95,7 @@ func (s *DORAMetricsService) GetProjectDORAMetrics(pid interface{}, opt GetDORAM
 //
 // GitLab API Docs:
 // https://docs.gitlab.com/api/dora/metrics/#get-group-level-dora-metrics
-func (s *DORAMetricsService) GetGroupDORAMetrics(gid interface{}, opt GetDORAMetricsOptions, options ...RequestOptionFunc) ([]DORAMetric, *Response, error) {
+func (s *DORAMetricsService) GetGroupDORAMetrics(gid any, opt GetDORAMetricsOptions, options ...RequestOptionFunc) ([]DORAMetric, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/draft_notes.go b/vendor/gitlab.com/gitlab-org/api/client-go/draft_notes.go
index 7ed13ba6ba..4520965626 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/draft_notes.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/draft_notes.go
@@ -24,13 +24,13 @@ import (
 type (
 	// DraftNotesServiceInterface defines all the API methods for the DraftNotesService
 	DraftNotesServiceInterface interface {
-		ListDraftNotes(pid interface{}, mergeRequest int, opt *ListDraftNotesOptions, options ...RequestOptionFunc) ([]*DraftNote, *Response, error)
-		GetDraftNote(pid interface{}, mergeRequest int, note int, options ...RequestOptionFunc) (*DraftNote, *Response, error)
-		CreateDraftNote(pid interface{}, mergeRequest int, opt *CreateDraftNoteOptions, options ...RequestOptionFunc) (*DraftNote, *Response, error)
-		UpdateDraftNote(pid interface{}, mergeRequest int, note int, opt *UpdateDraftNoteOptions, options ...RequestOptionFunc) (*DraftNote, *Response, error)
-		DeleteDraftNote(pid interface{}, mergeRequest int, note int, options ...RequestOptionFunc) (*Response, error)
-		PublishDraftNote(pid interface{}, mergeRequest int, note int, options ...RequestOptionFunc) (*Response, error)
-		PublishAllDraftNotes(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*Response, error)
+		ListDraftNotes(pid any, mergeRequest int, opt *ListDraftNotesOptions, options ...RequestOptionFunc) ([]*DraftNote, *Response, error)
+		GetDraftNote(pid any, mergeRequest int, note int, options ...RequestOptionFunc) (*DraftNote, *Response, error)
+		CreateDraftNote(pid any, mergeRequest int, opt *CreateDraftNoteOptions, options ...RequestOptionFunc) (*DraftNote, *Response, error)
+		UpdateDraftNote(pid any, mergeRequest int, note int, opt *UpdateDraftNoteOptions, options ...RequestOptionFunc) (*DraftNote, *Response, error)
+		DeleteDraftNote(pid any, mergeRequest int, note int, options ...RequestOptionFunc) (*Response, error)
+		PublishDraftNote(pid any, mergeRequest int, note int, options ...RequestOptionFunc) (*Response, error)
+		PublishAllDraftNotes(pid any, mergeRequest int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// DraftNotesService handles communication with the draft notes related methods
@@ -72,7 +72,7 @@ type ListDraftNotesOptions struct {
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/draft_notes/#list-all-merge-request-draft-notes
-func (s *DraftNotesService) ListDraftNotes(pid interface{}, mergeRequest int, opt *ListDraftNotesOptions, options ...RequestOptionFunc) ([]*DraftNote, *Response, error) {
+func (s *DraftNotesService) ListDraftNotes(pid any, mergeRequest int, opt *ListDraftNotesOptions, options ...RequestOptionFunc) ([]*DraftNote, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -97,7 +97,7 @@ func (s *DraftNotesService) ListDraftNotes(pid interface{}, mergeRequest int, op
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/draft_notes/#get-a-single-draft-note
-func (s *DraftNotesService) GetDraftNote(pid interface{}, mergeRequest int, note int, options ...RequestOptionFunc) (*DraftNote, *Response, error) {
+func (s *DraftNotesService) GetDraftNote(pid any, mergeRequest int, note int, options ...RequestOptionFunc) (*DraftNote, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -135,7 +135,7 @@ type CreateDraftNoteOptions struct {
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/draft_notes/#create-a-draft-note
-func (s *DraftNotesService) CreateDraftNote(pid interface{}, mergeRequest int, opt *CreateDraftNoteOptions, options ...RequestOptionFunc) (*DraftNote, *Response, error) {
+func (s *DraftNotesService) CreateDraftNote(pid any, mergeRequest int, opt *CreateDraftNoteOptions, options ...RequestOptionFunc) (*DraftNote, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -169,7 +169,7 @@ type UpdateDraftNoteOptions struct {
 // UpdateDraftNote updates a draft note for a merge request.
 //
 // Gitlab API docs: https://docs.gitlab.com/api/draft_notes/#create-a-draft-note
-func (s *DraftNotesService) UpdateDraftNote(pid interface{}, mergeRequest int, note int, opt *UpdateDraftNoteOptions, options ...RequestOptionFunc) (*DraftNote, *Response, error) {
+func (s *DraftNotesService) UpdateDraftNote(pid any, mergeRequest int, note int, opt *UpdateDraftNoteOptions, options ...RequestOptionFunc) (*DraftNote, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -194,7 +194,7 @@ func (s *DraftNotesService) UpdateDraftNote(pid interface{}, mergeRequest int, n
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/draft_notes/#delete-a-draft-note
-func (s *DraftNotesService) DeleteDraftNote(pid interface{}, mergeRequest int, note int, options ...RequestOptionFunc) (*Response, error) {
+func (s *DraftNotesService) DeleteDraftNote(pid any, mergeRequest int, note int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -213,7 +213,7 @@ func (s *DraftNotesService) DeleteDraftNote(pid interface{}, mergeRequest int, n
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/draft_notes/#publish-a-draft-note
-func (s *DraftNotesService) PublishDraftNote(pid interface{}, mergeRequest int, note int, options ...RequestOptionFunc) (*Response, error) {
+func (s *DraftNotesService) PublishDraftNote(pid any, mergeRequest int, note int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -232,7 +232,7 @@ func (s *DraftNotesService) PublishDraftNote(pid interface{}, mergeRequest int,
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/draft_notes/#publish-a-draft-note
-func (s *DraftNotesService) PublishAllDraftNotes(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*Response, error) {
+func (s *DraftNotesService) PublishAllDraftNotes(pid any, mergeRequest int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/enterprise_users.go b/vendor/gitlab.com/gitlab-org/api/client-go/enterprise_users.go
new file mode 100644
index 0000000000..e50b5c5112
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/enterprise_users.go
@@ -0,0 +1,125 @@
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+)
+
+type (
+	EnterpriseUsersServiceInterface interface {
+		ListEnterpriseUsers(gid any, opt *ListEnterpriseUsersOptions, options ...RequestOptionFunc) ([]*User, *Response, error)
+		GetEnterpriseUser(gid any, uid int, options ...RequestOptionFunc) (*User, *Response, error)
+		Disable2FAForEnterpriseUser(gid any, uid int, options ...RequestOptionFunc) (*Response, error)
+	}
+
+	// EnterpriseUsersService handles communication with the enterprise users
+	// related methods of the GitLab API.
+	//
+	// GitLab API docs: https://docs.gitlab.com/api/group_enterprise_users/
+	EnterpriseUsersService struct {
+		client *Client
+	}
+)
+
+var _ EnterpriseUsersServiceInterface = (*EnterpriseUsersService)(nil)
+
+// ListEnterpriseUsersOptions represents the available
+// ListEnterpriseUsers() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_enterprise_users/#list-all-enterprise-users
+type ListEnterpriseUsersOptions struct {
+	ListOptions
+	Username      string     `url:"username,omitempty" json:"username,omitempty"`
+	Search        string     `url:"search,omitempty" json:"search,omitempty"`
+	Active        bool       `url:"active,omitempty" json:"active,omitempty"`
+	Blocked       bool       `url:"blocked,omitempty" json:"blocked,omitempty"`
+	CreatedAfter  *time.Time `url:"created_after,omitempty" json:"created_after,omitempty"`
+	CreatedBefore *time.Time `url:"created_before,omitempty" json:"created_before,omitempty"`
+	TwoFactor     string     `url:"two_factor,omitempty" json:"two_factor,omitempty"`
+}
+
+// ListEnterpriseUsers lists all enterprise users for a given top-level group.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_enterprise_users/#list-all-enterprise-users
+func (s *EnterpriseUsersService) ListEnterpriseUsers(gid any, opt *ListEnterpriseUsersOptions, options ...RequestOptionFunc) ([]*User, *Response, error) {
+	group, err := parseID(gid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("groups/%s/enterprise_users", PathEscape(group))
+
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var users []*User
+	resp, err := s.client.Do(req, &users)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return users, resp, nil
+}
+
+// GetEnterpriseUser gets details on a specified enterprise user.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_enterprise_users/#get-details-on-an-enterprise-user
+func (s *EnterpriseUsersService) GetEnterpriseUser(gid any, uid int, options ...RequestOptionFunc) (*User, *Response, error) {
+	group, err := parseID(gid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("groups/%s/enterprise_users/%d", PathEscape(group), uid)
+
+	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	user := new(User)
+	resp, err := s.client.Do(req, &user)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return user, resp, nil
+}
+
+// Disable2FAForEnterpriseUser disables two-factor authentication (2FA) for a
+// specified enterprise user.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_enterprise_users/#disable-two-factor-authentication-for-an-enterprise-user
+func (s *EnterpriseUsersService) Disable2FAForEnterpriseUser(gid any, uid int, options ...RequestOptionFunc) (*Response, error) {
+	group, err := parseID(gid)
+	if err != nil {
+		return nil, err
+	}
+	u := fmt.Sprintf("groups/%s/enterprise_users/%d/disable_two_factor", PathEscape(group), uid)
+
+	req, err := s.client.NewRequest(http.MethodPatch, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/environments.go b/vendor/gitlab.com/gitlab-org/api/client-go/environments.go
index ba8a6aaa04..9d8f9fedc6 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/environments.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/environments.go
@@ -25,12 +25,12 @@ import (
 type (
 	// EnvironmentsServiceInterface defines all the API methods for the EnvironmentsService
 	EnvironmentsServiceInterface interface {
-		ListEnvironments(pid interface{}, opts *ListEnvironmentsOptions, options ...RequestOptionFunc) ([]*Environment, *Response, error)
-		GetEnvironment(pid interface{}, environment int, options ...RequestOptionFunc) (*Environment, *Response, error)
-		CreateEnvironment(pid interface{}, opt *CreateEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error)
-		EditEnvironment(pid interface{}, environment int, opt *EditEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error)
-		DeleteEnvironment(pid interface{}, environment int, options ...RequestOptionFunc) (*Response, error)
-		StopEnvironment(pid interface{}, environmentID int, opt *StopEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error)
+		ListEnvironments(pid any, opts *ListEnvironmentsOptions, options ...RequestOptionFunc) ([]*Environment, *Response, error)
+		GetEnvironment(pid any, environment int, options ...RequestOptionFunc) (*Environment, *Response, error)
+		CreateEnvironment(pid any, opt *CreateEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error)
+		EditEnvironment(pid any, environment int, opt *EditEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error)
+		DeleteEnvironment(pid any, environment int, options ...RequestOptionFunc) (*Response, error)
+		StopEnvironment(pid any, environmentID int, opt *StopEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error)
 	}
 
 	// EnvironmentsService handles communication with the environment related methods
@@ -86,7 +86,7 @@ type ListEnvironmentsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/environments/#list-environments
-func (s *EnvironmentsService) ListEnvironments(pid interface{}, opts *ListEnvironmentsOptions, options ...RequestOptionFunc) ([]*Environment, *Response, error) {
+func (s *EnvironmentsService) ListEnvironments(pid any, opts *ListEnvironmentsOptions, options ...RequestOptionFunc) ([]*Environment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -111,7 +111,7 @@ func (s *EnvironmentsService) ListEnvironments(pid interface{}, opts *ListEnviro
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/environments/#get-a-specific-environment
-func (s *EnvironmentsService) GetEnvironment(pid interface{}, environment int, options ...RequestOptionFunc) (*Environment, *Response, error) {
+func (s *EnvironmentsService) GetEnvironment(pid any, environment int, options ...RequestOptionFunc) (*Environment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -147,14 +147,13 @@ type CreateEnvironmentOptions struct {
 	AutoStopSetting     *string `url:"auto_stop_setting,omitempty" json:"auto_stop_setting,omitempty"`
 }
 
-// CreateEnvironment adds an environment to a project. This is an idempotent
-// method and can be called multiple times with the same parameters. Createing
-// an environment that is already a environment does not affect the
-// existing environmentship.
+// CreateEnvironment adds an environment to a project. This method is idempotent
+// and can be called multiple times with the same parameters. Creating an environment
+// that already exists does not affect the existing association.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/environments/#create-a-new-environment
-func (s *EnvironmentsService) CreateEnvironment(pid interface{}, opt *CreateEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error) {
+func (s *EnvironmentsService) CreateEnvironment(pid any, opt *CreateEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -194,7 +193,7 @@ type EditEnvironmentOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/environments/#update-an-existing-environment
-func (s *EnvironmentsService) EditEnvironment(pid interface{}, environment int, opt *EditEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error) {
+func (s *EnvironmentsService) EditEnvironment(pid any, environment int, opt *EditEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -219,7 +218,7 @@ func (s *EnvironmentsService) EditEnvironment(pid interface{}, environment int,
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/environments/#delete-an-environment
-func (s *EnvironmentsService) DeleteEnvironment(pid interface{}, environment int, options ...RequestOptionFunc) (*Response, error) {
+func (s *EnvironmentsService) DeleteEnvironment(pid any, environment int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -246,7 +245,7 @@ type StopEnvironmentOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/environments/#stop-an-environment
-func (s *EnvironmentsService) StopEnvironment(pid interface{}, environmentID int, opt *StopEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error) {
+func (s *EnvironmentsService) StopEnvironment(pid any, environmentID int, opt *StopEnvironmentOptions, options ...RequestOptionFunc) (*Environment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/epic_issues.go b/vendor/gitlab.com/gitlab-org/api/client-go/epic_issues.go
index 5e1e31396e..625d86c11c 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/epic_issues.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/epic_issues.go
@@ -23,15 +23,21 @@ import (
 
 type (
 	// EpicIssuesServiceInterface defines all the API methods for the EpicIssuesService
+	// Will be removed in v5 of the API, use Work Items API instead
 	EpicIssuesServiceInterface interface {
-		ListEpicIssues(gid interface{}, epic int, opt *ListOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
-		AssignEpicIssue(gid interface{}, epic, issue int, options ...RequestOptionFunc) (*EpicIssueAssignment, *Response, error)
-		RemoveEpicIssue(gid interface{}, epic, epicIssue int, options ...RequestOptionFunc) (*EpicIssueAssignment, *Response, error)
-		UpdateEpicIssueAssignment(gid interface{}, epic, epicIssue int, opt *UpdateEpicIsssueAssignmentOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
+		// Will be removed in v5 of the API, use Work Items API instead
+		ListEpicIssues(gid any, epic int, opt *ListOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
+		// Will be removed in v5 of the API, use Work Items API instead
+		AssignEpicIssue(gid any, epic, issue int, options ...RequestOptionFunc) (*EpicIssueAssignment, *Response, error)
+		// Will be removed in v5 of the API, use Work Items API instead
+		RemoveEpicIssue(gid any, epic, epicIssue int, options ...RequestOptionFunc) (*EpicIssueAssignment, *Response, error)
+		// Will be removed in v5 of the API, use Work Items API instead
+		UpdateEpicIssueAssignment(gid any, epic, epicIssue int, opt *UpdateEpicIssueAssignmentOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
 	}
 
 	// EpicIssuesService handles communication with the epic issue related methods
 	// of the GitLab API.
+	// Will be removed in v5 of the API, use Work Items API instead
 	//
 	// GitLab API docs: https://docs.gitlab.com/api/epic_issues/
 	EpicIssuesService struct {
@@ -39,10 +45,12 @@ type (
 	}
 )
 
+// Will be removed in v5 of the API, use Work Items API instead
 var _ EpicIssuesServiceInterface = (*EpicIssuesService)(nil)
 
 // EpicIssueAssignment contains both the epic and issue objects returned from
 // Gitlab with the assignment ID.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epic_issues/
 type EpicIssueAssignment struct {
@@ -52,10 +60,11 @@ type EpicIssueAssignment struct {
 }
 
 // ListEpicIssues get a list of epic issues.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/epic_issues/#list-issues-for-an-epic
-func (s *EpicIssuesService) ListEpicIssues(gid interface{}, epic int, opt *ListOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
+func (s *EpicIssuesService) ListEpicIssues(gid any, epic int, opt *ListOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -77,10 +86,11 @@ func (s *EpicIssuesService) ListEpicIssues(gid interface{}, epic int, opt *ListO
 }
 
 // AssignEpicIssue assigns an existing issue to an epic.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // Gitlab API Docs:
 // https://docs.gitlab.com/api/epic_issues/#assign-an-issue-to-the-epic
-func (s *EpicIssuesService) AssignEpicIssue(gid interface{}, epic, issue int, options ...RequestOptionFunc) (*EpicIssueAssignment, *Response, error) {
+func (s *EpicIssuesService) AssignEpicIssue(gid any, epic, issue int, options ...RequestOptionFunc) (*EpicIssueAssignment, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -102,10 +112,11 @@ func (s *EpicIssuesService) AssignEpicIssue(gid interface{}, epic, issue int, op
 }
 
 // RemoveEpicIssue removes an issue from an epic.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // Gitlab API Docs:
 // https://docs.gitlab.com/api/epic_issues/#remove-an-issue-from-the-epic
-func (s *EpicIssuesService) RemoveEpicIssue(gid interface{}, epic, epicIssue int, options ...RequestOptionFunc) (*EpicIssueAssignment, *Response, error) {
+func (s *EpicIssuesService) RemoveEpicIssue(gid any, epic, epicIssue int, options ...RequestOptionFunc) (*EpicIssueAssignment, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -126,23 +137,29 @@ func (s *EpicIssuesService) RemoveEpicIssue(gid interface{}, epic, epicIssue int
 	return a, resp, nil
 }
 
-// UpdateEpicIsssueAssignmentOptions describes the UpdateEpicIssueAssignment()
+// UpdateEpicIssueAssignmentOptions describes the UpdateEpicIssueAssignment()
 // options.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // Gitlab API Docs:
 // https://docs.gitlab.com/api/epic_issues/#update-epic---issue-association
-type UpdateEpicIsssueAssignmentOptions struct {
+type UpdateEpicIssueAssignmentOptions struct {
 	*ListOptions
 	MoveBeforeID *int `url:"move_before_id,omitempty" json:"move_before_id,omitempty"`
 	MoveAfterID  *int `url:"move_after_id,omitempty" json:"move_after_id,omitempty"`
 }
 
+// UpdateEpicIsssueAssignmentOptions is kept for backwards compatibility.
+// Deprecated: use UpdateEpicIssueAssignmentOptions instead.
+type UpdateEpicIsssueAssignmentOptions = UpdateEpicIssueAssignmentOptions
+
 // UpdateEpicIssueAssignment moves an issue before or after another issue in an
 // epic issue list.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // Gitlab API Docs:
 // https://docs.gitlab.com/api/epic_issues/#update-epic---issue-association
-func (s *EpicIssuesService) UpdateEpicIssueAssignment(gid interface{}, epic, epicIssue int, opt *UpdateEpicIsssueAssignmentOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
+func (s *EpicIssuesService) UpdateEpicIssueAssignment(gid any, epic, epicIssue int, opt *UpdateEpicIssueAssignmentOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/epics.go b/vendor/gitlab.com/gitlab-org/api/client-go/epics.go
index c5ceaa3ebc..df28cc032b 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/epics.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/epics.go
@@ -24,17 +24,25 @@ import (
 
 type (
 	// EpicsServiceInterface defines all the API methods for the EpicsService
+	// Will be removed in v5 of the API, use Work Items API instead
 	EpicsServiceInterface interface {
-		ListGroupEpics(gid interface{}, opt *ListGroupEpicsOptions, options ...RequestOptionFunc) ([]*Epic, *Response, error)
-		GetEpic(gid interface{}, epic int, options ...RequestOptionFunc) (*Epic, *Response, error)
-		GetEpicLinks(gid interface{}, epic int, options ...RequestOptionFunc) ([]*Epic, *Response, error)
-		CreateEpic(gid interface{}, opt *CreateEpicOptions, options ...RequestOptionFunc) (*Epic, *Response, error)
-		UpdateEpic(gid interface{}, epic int, opt *UpdateEpicOptions, options ...RequestOptionFunc) (*Epic, *Response, error)
-		DeleteEpic(gid interface{}, epic int, options ...RequestOptionFunc) (*Response, error)
+		// Will be removed in v5 of the API, use Work Items API instead
+		ListGroupEpics(gid any, opt *ListGroupEpicsOptions, options ...RequestOptionFunc) ([]*Epic, *Response, error)
+		// Will be removed in v5 of the API, use Work Items API instead
+		GetEpic(gid any, epic int, options ...RequestOptionFunc) (*Epic, *Response, error)
+		// Will be removed in v5 of the API, use Work Items API instead
+		GetEpicLinks(gid any, epic int, options ...RequestOptionFunc) ([]*Epic, *Response, error)
+		// Will be removed in v5 of the API, use Work Items API instead
+		CreateEpic(gid any, opt *CreateEpicOptions, options ...RequestOptionFunc) (*Epic, *Response, error)
+		// Will be removed in v5 of the API, use Work Items API instead
+		UpdateEpic(gid any, epic int, opt *UpdateEpicOptions, options ...RequestOptionFunc) (*Epic, *Response, error)
+		// Will be removed in v5 of the API, use Work Items API instead
+		DeleteEpic(gid any, epic int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// EpicsService handles communication with the epic related methods
 	// of the GitLab API.
+	// Will be removed in v5 of the API, use Work Items API instead
 	//
 	// GitLab API docs: https://docs.gitlab.com/api/epics/
 	EpicsService struct {
@@ -42,9 +50,11 @@ type (
 	}
 )
 
+// Will be removed in v5 of the API, use Work Items API instead
 var _ EpicsServiceInterface = (*EpicsService)(nil)
 
 // EpicAuthor represents a author of the epic.
+// Will be removed in v5 of the API, use Work Items API instead
 type EpicAuthor struct {
 	ID        int    `json:"id"`
 	State     string `json:"state"`
@@ -55,6 +65,7 @@ type EpicAuthor struct {
 }
 
 // Epic represents a GitLab epic.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epics/
 type Epic struct {
@@ -86,11 +97,13 @@ type Epic struct {
 	URL                     string      `json:"url"`
 }
 
+// Will be removed in v5 of the API, use Work Items API instead
 func (e Epic) String() string {
 	return Stringify(e)
 }
 
 // ListGroupEpicsOptions represents the available ListGroupEpics() options.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epics/#list-epics-for-a-group
 type ListGroupEpicsOptions struct {
@@ -113,9 +126,10 @@ type ListGroupEpicsOptions struct {
 
 // ListGroupEpics gets a list of group epics. This function accepts pagination
 // parameters page and per_page to return the list of group epics.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epics/#list-epics-for-a-group
-func (s *EpicsService) ListGroupEpics(gid interface{}, opt *ListGroupEpicsOptions, options ...RequestOptionFunc) ([]*Epic, *Response, error) {
+func (s *EpicsService) ListGroupEpics(gid any, opt *ListGroupEpicsOptions, options ...RequestOptionFunc) ([]*Epic, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -137,9 +151,10 @@ func (s *EpicsService) ListGroupEpics(gid interface{}, opt *ListGroupEpicsOption
 }
 
 // GetEpic gets a single group epic.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epics/#single-epic
-func (s *EpicsService) GetEpic(gid interface{}, epic int, options ...RequestOptionFunc) (*Epic, *Response, error) {
+func (s *EpicsService) GetEpic(gid any, epic int, options ...RequestOptionFunc) (*Epic, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -161,9 +176,10 @@ func (s *EpicsService) GetEpic(gid interface{}, epic int, options ...RequestOpti
 }
 
 // GetEpicLinks gets all child epics of an epic.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epic_links/
-func (s *EpicsService) GetEpicLinks(gid interface{}, epic int, options ...RequestOptionFunc) ([]*Epic, *Response, error) {
+func (s *EpicsService) GetEpicLinks(gid any, epic int, options ...RequestOptionFunc) ([]*Epic, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -185,6 +201,7 @@ func (s *EpicsService) GetEpicLinks(gid interface{}, epic int, options ...Reques
 }
 
 // CreateEpicOptions represents the available CreateEpic() options.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epics/#new-epic
 type CreateEpicOptions struct {
@@ -202,9 +219,10 @@ type CreateEpicOptions struct {
 }
 
 // CreateEpic creates a new group epic.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epics/#new-epic
-func (s *EpicsService) CreateEpic(gid interface{}, opt *CreateEpicOptions, options ...RequestOptionFunc) (*Epic, *Response, error) {
+func (s *EpicsService) CreateEpic(gid any, opt *CreateEpicOptions, options ...RequestOptionFunc) (*Epic, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -226,6 +244,7 @@ func (s *EpicsService) CreateEpic(gid interface{}, opt *CreateEpicOptions, optio
 }
 
 // UpdateEpicOptions represents the available UpdateEpic() options.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epics/#update-epic
 type UpdateEpicOptions struct {
@@ -247,9 +266,10 @@ type UpdateEpicOptions struct {
 
 // UpdateEpic updates an existing group epic. This function is also used
 // to mark an epic as closed.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epics/#update-epic
-func (s *EpicsService) UpdateEpic(gid interface{}, epic int, opt *UpdateEpicOptions, options ...RequestOptionFunc) (*Epic, *Response, error) {
+func (s *EpicsService) UpdateEpic(gid any, epic int, opt *UpdateEpicOptions, options ...RequestOptionFunc) (*Epic, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -271,9 +291,10 @@ func (s *EpicsService) UpdateEpic(gid interface{}, epic int, opt *UpdateEpicOpti
 }
 
 // DeleteEpic deletes a single group epic.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/epics/#delete-epic
-func (s *EpicsService) DeleteEpic(gid interface{}, epic int, options ...RequestOptionFunc) (*Response, error) {
+func (s *EpicsService) DeleteEpic(gid any, epic int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go b/vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go
index 937498fc6c..14de8ea88e 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go
@@ -24,11 +24,11 @@ import (
 type (
 	// ErrorTrackingServiceInterface defines all the API methods for the ErrorTrackingService
 	ErrorTrackingServiceInterface interface {
-		GetErrorTrackingSettings(pid interface{}, options ...RequestOptionFunc) (*ErrorTrackingSettings, *Response, error)
-		EnableDisableErrorTracking(pid interface{}, opt *EnableDisableErrorTrackingOptions, options ...RequestOptionFunc) (*ErrorTrackingSettings, *Response, error)
-		ListClientKeys(pid interface{}, opt *ListClientKeysOptions, options ...RequestOptionFunc) ([]*ErrorTrackingClientKey, *Response, error)
-		CreateClientKey(pid interface{}, options ...RequestOptionFunc) (*ErrorTrackingClientKey, *Response, error)
-		DeleteClientKey(pid interface{}, keyID int, options ...RequestOptionFunc) (*Response, error)
+		GetErrorTrackingSettings(pid any, options ...RequestOptionFunc) (*ErrorTrackingSettings, *Response, error)
+		EnableDisableErrorTracking(pid any, opt *EnableDisableErrorTrackingOptions, options ...RequestOptionFunc) (*ErrorTrackingSettings, *Response, error)
+		ListClientKeys(pid any, opt *ListClientKeysOptions, options ...RequestOptionFunc) ([]*ErrorTrackingClientKey, *Response, error)
+		CreateClientKey(pid any, options ...RequestOptionFunc) (*ErrorTrackingClientKey, *Response, error)
+		DeleteClientKey(pid any, keyID int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ErrorTrackingService handles communication with the error tracking
@@ -76,7 +76,7 @@ func (p ErrorTrackingSettings) String() string {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/error_tracking/#get-error-tracking-settings
-func (s *ErrorTrackingService) GetErrorTrackingSettings(pid interface{}, options ...RequestOptionFunc) (*ErrorTrackingSettings, *Response, error) {
+func (s *ErrorTrackingService) GetErrorTrackingSettings(pid any, options ...RequestOptionFunc) (*ErrorTrackingSettings, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -112,7 +112,7 @@ type EnableDisableErrorTrackingOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/error_tracking/#enable-or-disable-the-error-tracking-project-settings
-func (s *ErrorTrackingService) EnableDisableErrorTracking(pid interface{}, opt *EnableDisableErrorTrackingOptions, options ...RequestOptionFunc) (*ErrorTrackingSettings, *Response, error) {
+func (s *ErrorTrackingService) EnableDisableErrorTracking(pid any, opt *EnableDisableErrorTrackingOptions, options ...RequestOptionFunc) (*ErrorTrackingSettings, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -143,7 +143,7 @@ type ListClientKeysOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/error_tracking/#list-project-client-keys
-func (s *ErrorTrackingService) ListClientKeys(pid interface{}, opt *ListClientKeysOptions, options ...RequestOptionFunc) ([]*ErrorTrackingClientKey, *Response, error) {
+func (s *ErrorTrackingService) ListClientKeys(pid any, opt *ListClientKeysOptions, options ...RequestOptionFunc) ([]*ErrorTrackingClientKey, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -168,7 +168,7 @@ func (s *ErrorTrackingService) ListClientKeys(pid interface{}, opt *ListClientKe
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/error_tracking/#create-a-client-key
-func (s *ErrorTrackingService) CreateClientKey(pid interface{}, options ...RequestOptionFunc) (*ErrorTrackingClientKey, *Response, error) {
+func (s *ErrorTrackingService) CreateClientKey(pid any, options ...RequestOptionFunc) (*ErrorTrackingClientKey, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -193,7 +193,7 @@ func (s *ErrorTrackingService) CreateClientKey(pid interface{}, options ...Reque
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/error_tracking/#delete-a-client-key
-func (s *ErrorTrackingService) DeleteClientKey(pid interface{}, keyID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *ErrorTrackingService) DeleteClientKey(pid any, keyID int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/event_parsing.go b/vendor/gitlab.com/gitlab-org/api/client-go/event_parsing.go
index eb81fa05cb..cae15b4bce 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/event_parsing.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/event_parsing.go
@@ -103,7 +103,7 @@ func HookEventType(r *http.Request) EventType {
 //	    ...
 //	    }
 //	}
-func ParseHook(eventType EventType, payload []byte) (event interface{}, err error) {
+func ParseHook(eventType EventType, payload []byte) (event any, err error) {
 	switch eventType {
 	case EventTypeSystemHook:
 		return ParseSystemhook(payload)
@@ -131,7 +131,7 @@ func ParseHook(eventType EventType, payload []byte) (event interface{}, err erro
 //	    ...
 //	    }
 //	}
-func ParseSystemhook(payload []byte) (event interface{}, err error) {
+func ParseSystemhook(payload []byte) (event any, err error) {
 	e := &systemHookEvent{}
 	err = json.Unmarshal(payload, e)
 	if err != nil {
@@ -215,7 +215,7 @@ func WebhookEventType(r *http.Request) EventType {
 //	    ...
 //	    }
 //	}
-func ParseWebhook(eventType EventType, payload []byte) (event interface{}, err error) {
+func ParseWebhook(eventType EventType, payload []byte) (event any, err error) {
 	switch eventType {
 	case EventTypeBuild:
 		event = &BuildEvent{}
@@ -261,7 +261,7 @@ func ParseWebhook(eventType EventType, payload []byte) (event interface{}, err e
 	case EventTypeRelease:
 		event = &ReleaseEvent{}
 	case EventTypeResourceAccessToken:
-		data := map[string]interface{}{}
+		data := map[string]any{}
 		err := json.Unmarshal(payload, &data)
 		if err != nil {
 			return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/event_systemhook_types.go b/vendor/gitlab.com/gitlab-org/api/client-go/event_systemhook_types.go
index a653d15b58..50940e8326 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/event_systemhook_types.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/event_systemhook_types.go
@@ -28,7 +28,7 @@ type systemHookEvent struct {
 // BaseSystemEvent contains system hook's common properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/administration/system_hooks.html
+// https://docs.gitlab.com/administration/system_hooks/
 type BaseSystemEvent struct {
 	EventName string `json:"event_name"`
 	CreatedAt string `json:"created_at"`
@@ -38,7 +38,7 @@ type BaseSystemEvent struct {
 // ProjectSystemEvent represents a project system event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/administration/system_hooks.html
+// https://docs.gitlab.com/administration/system_hooks/
 type ProjectSystemEvent struct {
 	BaseSystemEvent
 	Name                 string `json:"name"`
@@ -54,7 +54,7 @@ type ProjectSystemEvent struct {
 // GroupSystemEvent represents a group system event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/administration/system_hooks.html
+// https://docs.gitlab.com/administration/system_hooks/
 type GroupSystemEvent struct {
 	BaseSystemEvent
 	Name                 string `json:"name"`
@@ -71,7 +71,7 @@ type GroupSystemEvent struct {
 // KeySystemEvent represents a key system event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/administration/system_hooks.html
+// https://docs.gitlab.com/administration/system_hooks/
 type KeySystemEvent struct {
 	BaseSystemEvent
 	ID       int    `json:"id"`
@@ -82,7 +82,7 @@ type KeySystemEvent struct {
 // UserSystemEvent represents a user system event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/administration/system_hooks.html
+// https://docs.gitlab.com/administration/system_hooks/
 type UserSystemEvent struct {
 	BaseSystemEvent
 	ID          int    `json:"user_id"`
@@ -96,7 +96,7 @@ type UserSystemEvent struct {
 // UserGroupSystemEvent represents a user group system event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/administration/system_hooks.html
+// https://docs.gitlab.com/administration/system_hooks/
 type UserGroupSystemEvent struct {
 	BaseSystemEvent
 	ID          int    `json:"user_id"`
@@ -112,7 +112,7 @@ type UserGroupSystemEvent struct {
 // UserTeamSystemEvent represents a user team system event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/administration/system_hooks.html
+// https://docs.gitlab.com/administration/system_hooks/
 type UserTeamSystemEvent struct {
 	BaseSystemEvent
 	ID                       int    `json:"user_id"`
@@ -130,7 +130,7 @@ type UserTeamSystemEvent struct {
 // PushSystemEvent represents a push system event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/administration/system_hooks.html#push-events
+// https://docs.gitlab.com/administration/system_hooks/#push-events
 type PushSystemEvent struct {
 	BaseSystemEvent
 	Before       string `json:"before"`
@@ -173,7 +173,7 @@ type PushSystemEvent struct {
 // TagPushSystemEvent represents a tag push system event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/administration/system_hooks.html#tag-events
+// https://docs.gitlab.com/administration/system_hooks/#tag-events
 type TagPushSystemEvent struct {
 	BaseSystemEvent
 	Before       string `json:"before"`
@@ -216,7 +216,7 @@ type TagPushSystemEvent struct {
 // RepositoryUpdateSystemEvent represents a repository updated system event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/administration/system_hooks.html#repository-update-events
+// https://docs.gitlab.com/administration/system_hooks/#repository-update-events
 type RepositoryUpdateSystemEvent struct {
 	BaseSystemEvent
 	UserID     int    `json:"user_id"`
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/event_webhook_types.go b/vendor/gitlab.com/gitlab-org/api/client-go/event_webhook_types.go
index deded26550..4c9eaad450 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/event_webhook_types.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/event_webhook_types.go
@@ -41,7 +41,7 @@ const (
 // BuildEvent represents a build event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#job-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#job-events
 type BuildEvent struct {
 	ObjectKind        string     `json:"object_kind"`
 	Ref               string     `json:"ref"`
@@ -77,7 +77,7 @@ type BuildEvent struct {
 // CommitCommentEvent represents a comment on a commit event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#comment-on-a-commit
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#comment-on-a-commit
 type CommitCommentEvent struct {
 	ObjectKind string `json:"object_kind"`
 	EventType  string `json:"event_type"`
@@ -135,7 +135,7 @@ type CommitCommentEvent struct {
 // DeploymentEvent represents a deployment event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#deployment-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#deployment-events
 type DeploymentEvent struct {
 	ObjectKind             string `json:"object_kind"`
 	Status                 string `json:"status"`
@@ -175,7 +175,7 @@ type DeploymentEvent struct {
 // FeatureFlagEvent represents a feature flag event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#feature-flag-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#feature-flag-events
 type FeatureFlagEvent struct {
 	ObjectKind string `json:"object_kind"`
 	Project    struct {
@@ -210,7 +210,7 @@ type FeatureFlagEvent struct {
 // group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#project-and-group-access-token-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#project-and-group-access-token-events
 type GroupResourceAccessTokenEvent struct {
 	EventName  string `json:"event_name"`
 	ObjectKind string `json:"object_kind"`
@@ -231,7 +231,7 @@ type GroupResourceAccessTokenEvent struct {
 // IssueCommentEvent represents a comment on an issue event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#comment-on-an-issue
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#comment-on-an-issue
 type IssueCommentEvent struct {
 	ObjectKind string `json:"object_kind"`
 	EventType  string `json:"event_type"`
@@ -306,7 +306,7 @@ type IssueCommentEvent struct {
 // IssueEvent represents a issue event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#issue-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#work-item-events
 type IssueEvent struct {
 	ObjectKind string     `json:"object_kind"`
 	EventType  string     `json:"event_type"`
@@ -416,7 +416,7 @@ type IssueEvent struct {
 // JobEvent represents a job event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#job-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#job-events
 type JobEvent struct {
 	ObjectKind          string     `json:"object_kind"`
 	Ref                 string     `json:"ref"`
@@ -466,12 +466,21 @@ type JobEvent struct {
 		Action         string `json:"action"`
 		DeploymentTier string `json:"deployment_tier"`
 	} `json:"environment"`
+	SourcePipeline struct {
+		Project struct {
+			ID                int    `json:"id"`
+			WebURL            string `json:"web_url"`
+			PathWithNamespace string `json:"path_with_namespace"`
+		} `json:"project"`
+		PipelineID int `json:"pipeline_id"`
+		JobID      int `json:"job_id"`
+	} `json:"source_pipeline"`
 }
 
 // MemberEvent represents a member event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#group-member-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#group-member-events
 type MemberEvent struct {
 	CreatedAt    *time.Time `json:"created_at"`
 	UpdatedAt    *time.Time `json:"updated_at"`
@@ -491,7 +500,7 @@ type MemberEvent struct {
 // MergeCommentEvent represents a comment on a merge event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#comment-on-a-merge-request
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#comment-on-a-merge-request
 type MergeCommentEvent struct {
 	ObjectKind string     `json:"object_kind"`
 	EventType  string     `json:"event_type"`
@@ -550,6 +559,7 @@ type MergeCommentEvent struct {
 		AuthorID                  int           `json:"author_id"`
 		AssigneeID                int           `json:"assignee_id"`
 		AssigneeIDs               []int         `json:"assignee_ids"`
+		ReviewerIDs               []int         `json:"reviewer_ids"`
 		Title                     string        `json:"title"`
 		CreatedAt                 string        `json:"created_at"`
 		UpdatedAt                 string        `json:"updated_at"`
@@ -595,13 +605,14 @@ type MergeCommentEvent struct {
 		HeadPipelineID      int        `json:"head_pipeline_id"`
 		Assignee            *EventUser `json:"assignee"`
 		DetailedMergeStatus string     `json:"detailed_merge_status"`
+		URL                 string     `json:"url"`
 	} `json:"merge_request"`
 }
 
 // MergeEvent represents a merge event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#merge-request-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#merge-request-events
 type MergeEvent struct {
 	ObjectKind string     `json:"object_kind"`
 	EventType  string     `json:"event_type"`
@@ -789,7 +800,7 @@ func (p *MergeParams) UnmarshalJSON(b []byte) error {
 	type Alias MergeParams
 	raw := struct {
 		*Alias
-		ForceRemoveSourceBranch interface{} `json:"force_remove_source_branch"`
+		ForceRemoveSourceBranch any `json:"force_remove_source_branch"`
 	}{
 		Alias: (*Alias)(p),
 	}
@@ -819,7 +830,7 @@ func (p *MergeParams) UnmarshalJSON(b []byte) error {
 // PipelineEvent represents a pipeline event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#pipeline-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#pipeline-events
 type PipelineEvent struct {
 	ObjectKind       string `json:"object_kind"`
 	ObjectAttributes struct {
@@ -934,7 +945,7 @@ type PipelineEvent struct {
 // a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#project-and-group-access-token-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#project-and-group-access-token-events
 type ProjectResourceAccessTokenEvent struct {
 	EventName  string `json:"event_name"`
 	ObjectKind string `json:"object_kind"`
@@ -968,7 +979,7 @@ type ProjectResourceAccessTokenEvent struct {
 // PushEvent represents a push event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#push-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#push-events
 type PushEvent struct {
 	ObjectKind   string `json:"object_kind"`
 	EventName    string `json:"event_name"`
@@ -1020,7 +1031,7 @@ type PushEvent struct {
 // ReleaseEvent represents a release event
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#release-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#release-events
 type ReleaseEvent struct {
 	ID          int    `json:"id"`
 	CreatedAt   string `json:"created_at"` // Should be *time.Time (see Gitlab issue #21468)
@@ -1079,7 +1090,7 @@ type ReleaseEvent struct {
 // SnippetCommentEvent represents a comment on a snippet event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#comment-on-a-code-snippet
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#comment-on-a-code-snippet
 type SnippetCommentEvent struct {
 	ObjectKind string     `json:"object_kind"`
 	EventType  string     `json:"event_type"`
@@ -1141,7 +1152,7 @@ type SnippetCommentEvent struct {
 // SubGroupEvent represents a subgroup event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#subgroup-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#subgroup-events
 type SubGroupEvent struct {
 	CreatedAt      *time.Time `json:"created_at"`
 	UpdatedAt      *time.Time `json:"updated_at"`
@@ -1159,7 +1170,7 @@ type SubGroupEvent struct {
 // TagEvent represents a tag event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#tag-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#tag-events
 type TagEvent struct {
 	ObjectKind   string `json:"object_kind"`
 	EventName    string `json:"event_name"`
@@ -1212,7 +1223,7 @@ type TagEvent struct {
 // WikiPageEvent represents a wiki page event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#wiki-page-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#wiki-page-events
 type WikiPageEvent struct {
 	ObjectKind string     `json:"object_kind"`
 	User       *EventUser `json:"user"`
@@ -1254,7 +1265,7 @@ type WikiPageEvent struct {
 // EventLabel represents a label inside a webhook event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#issue-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#work-item-events
 type EventLabel struct {
 	ID          int    `json:"id"`
 	Title       string `json:"title"`
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/events.go b/vendor/gitlab.com/gitlab-org/api/client-go/events.go
index a71c82f541..a11d77cb2b 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/events.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/events.go
@@ -26,7 +26,7 @@ type (
 	// EventsServiceInterface defines all the API methods for the EventsService
 	EventsServiceInterface interface {
 		ListCurrentUserContributionEvents(opt *ListContributionEventsOptions, options ...RequestOptionFunc) ([]*ContributionEvent, *Response, error)
-		ListProjectVisibleEvents(pid interface{}, opt *ListProjectVisibleEventsOptions, options ...RequestOptionFunc) ([]*ProjectEvent, *Response, error)
+		ListProjectVisibleEvents(pid any, opt *ListProjectVisibleEventsOptions, options ...RequestOptionFunc) ([]*ProjectEvent, *Response, error)
 	}
 
 	// EventsService handles communication with the event related methods of
@@ -94,7 +94,7 @@ type ListContributionEventsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/events/#get-user-contribution-events
-func (s *UsersService) ListUserContributionEvents(uid interface{}, opt *ListContributionEventsOptions, options ...RequestOptionFunc) ([]*ContributionEvent, *Response, error) {
+func (s *UsersService) ListUserContributionEvents(uid any, opt *ListContributionEventsOptions, options ...RequestOptionFunc) ([]*ContributionEvent, *Response, error) {
 	user, err := parseID(uid)
 	if err != nil {
 		return nil, nil, err
@@ -219,7 +219,7 @@ type ListProjectVisibleEventsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/events/#list-a-projects-visible-events
-func (s *EventsService) ListProjectVisibleEvents(pid interface{}, opt *ListProjectVisibleEventsOptions, options ...RequestOptionFunc) ([]*ProjectEvent, *Response, error) {
+func (s *EventsService) ListProjectVisibleEvents(pid any, opt *ListProjectVisibleEventsOptions, options ...RequestOptionFunc) ([]*ProjectEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/external_status_checks.go b/vendor/gitlab.com/gitlab-org/api/client-go/external_status_checks.go
index 8b34627d00..caddb08153 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/external_status_checks.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/external_status_checks.go
@@ -9,13 +9,13 @@ import (
 type (
 	// ExternalStatusChecksServiceInterface defines all the API methods for the ExternalStatusChecksService
 	ExternalStatusChecksServiceInterface interface {
-		ListMergeStatusChecks(pid interface{}, mr int, opt *ListOptions, options ...RequestOptionFunc) ([]*MergeStatusCheck, *Response, error)
-		SetExternalStatusCheckStatus(pid interface{}, mergeRequest int, opt *SetExternalStatusCheckStatusOptions, options ...RequestOptionFunc) (*Response, error)
-		ListProjectStatusChecks(pid interface{}, opt *ListOptions, options ...RequestOptionFunc) ([]*ProjectStatusCheck, *Response, error)
-		CreateExternalStatusCheck(pid interface{}, opt *CreateExternalStatusCheckOptions, options ...RequestOptionFunc) (*Response, error)
-		DeleteExternalStatusCheck(pid interface{}, check int, options ...RequestOptionFunc) (*Response, error)
-		UpdateExternalStatusCheck(pid interface{}, check int, opt *UpdateExternalStatusCheckOptions, options ...RequestOptionFunc) (*Response, error)
-		RetryFailedStatusCheckForAMergeRequest(pid interface{}, mergeRequest int, externalStatusCheck int, options ...RequestOptionFunc) (*Response, error)
+		ListMergeStatusChecks(pid any, mr int, opt *ListOptions, options ...RequestOptionFunc) ([]*MergeStatusCheck, *Response, error)
+		SetExternalStatusCheckStatus(pid any, mergeRequest int, opt *SetExternalStatusCheckStatusOptions, options ...RequestOptionFunc) (*Response, error)
+		ListProjectStatusChecks(pid any, opt *ListOptions, options ...RequestOptionFunc) ([]*ProjectStatusCheck, *Response, error)
+		CreateExternalStatusCheck(pid any, opt *CreateExternalStatusCheckOptions, options ...RequestOptionFunc) (*Response, error)
+		DeleteExternalStatusCheck(pid any, check int, options ...RequestOptionFunc) (*Response, error)
+		UpdateExternalStatusCheck(pid any, check int, opt *UpdateExternalStatusCheckOptions, options ...RequestOptionFunc) (*Response, error)
+		RetryFailedStatusCheckForAMergeRequest(pid any, mergeRequest int, externalStatusCheck int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ExternalStatusChecksService handles communication with the external
@@ -58,7 +58,7 @@ type StatusCheckProtectedBranch struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/status_checks/#list-status-checks-for-a-merge-request
-func (s *ExternalStatusChecksService) ListMergeStatusChecks(pid interface{}, mr int, opt *ListOptions, options ...RequestOptionFunc) ([]*MergeStatusCheck, *Response, error) {
+func (s *ExternalStatusChecksService) ListMergeStatusChecks(pid any, mr int, opt *ListOptions, options ...RequestOptionFunc) ([]*MergeStatusCheck, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -94,7 +94,7 @@ type SetExternalStatusCheckStatusOptions struct {
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/status_checks/#set-status-of-an-external-status-check
-func (s *ExternalStatusChecksService) SetExternalStatusCheckStatus(pid interface{}, mergeRequest int, opt *SetExternalStatusCheckStatusOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *ExternalStatusChecksService) SetExternalStatusCheckStatus(pid any, mergeRequest int, opt *SetExternalStatusCheckStatusOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -113,7 +113,7 @@ func (s *ExternalStatusChecksService) SetExternalStatusCheckStatus(pid interface
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/status_checks/#get-project-external-status-check-services
-func (s *ExternalStatusChecksService) ListProjectStatusChecks(pid interface{}, opt *ListOptions, options ...RequestOptionFunc) ([]*ProjectStatusCheck, *Response, error) {
+func (s *ExternalStatusChecksService) ListProjectStatusChecks(pid any, opt *ListOptions, options ...RequestOptionFunc) ([]*ProjectStatusCheck, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -149,7 +149,7 @@ type CreateExternalStatusCheckOptions struct {
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/status_checks/#create-external-status-check-service
-func (s *ExternalStatusChecksService) CreateExternalStatusCheck(pid interface{}, opt *CreateExternalStatusCheckOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *ExternalStatusChecksService) CreateExternalStatusCheck(pid any, opt *CreateExternalStatusCheckOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -168,7 +168,7 @@ func (s *ExternalStatusChecksService) CreateExternalStatusCheck(pid interface{},
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/status_checks/#delete-external-status-check-service
-func (s *ExternalStatusChecksService) DeleteExternalStatusCheck(pid interface{}, check int, options ...RequestOptionFunc) (*Response, error) {
+func (s *ExternalStatusChecksService) DeleteExternalStatusCheck(pid any, check int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -198,7 +198,7 @@ type UpdateExternalStatusCheckOptions struct {
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/status_checks/#update-external-status-check-service
-func (s *ExternalStatusChecksService) UpdateExternalStatusCheck(pid interface{}, check int, opt *UpdateExternalStatusCheckOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *ExternalStatusChecksService) UpdateExternalStatusCheck(pid any, check int, opt *UpdateExternalStatusCheckOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -217,7 +217,7 @@ func (s *ExternalStatusChecksService) UpdateExternalStatusCheck(pid interface{},
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/status_checks/#retry-failed-status-check-for-a-merge-request
-func (s *ExternalStatusChecksService) RetryFailedStatusCheckForAMergeRequest(pid interface{}, mergeRequest int, externalStatusCheck int, options ...RequestOptionFunc) (*Response, error) {
+func (s *ExternalStatusChecksService) RetryFailedStatusCheckForAMergeRequest(pid any, mergeRequest int, externalStatusCheck int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/feature_flag_user_lists.go b/vendor/gitlab.com/gitlab-org/api/client-go/feature_flag_user_lists.go
new file mode 100644
index 0000000000..5555a28314
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/feature_flag_user_lists.go
@@ -0,0 +1,204 @@
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+)
+
+type (
+	FeatureFlagUserListsServiceInterface interface {
+		ListFeatureFlagUserLists(pid any, opt *ListFeatureFlagUserListsOptions, options ...RequestOptionFunc) ([]*FeatureFlagUserList, *Response, error)
+		CreateFeatureFlagUserList(pid any, opt *CreateFeatureFlagUserListOptions, options ...RequestOptionFunc) (*FeatureFlagUserList, *Response, error)
+		GetFeatureFlagUserList(pid any, iid int, options ...RequestOptionFunc) (*FeatureFlagUserList, *Response, error)
+		UpdateFeatureFlagUserList(pid any, iid int, opt *UpdateFeatureFlagUserListOptions, options ...RequestOptionFunc) (*FeatureFlagUserList, *Response, error)
+		DeleteFeatureFlagUserList(pid any, iid int, options ...RequestOptionFunc) (*Response, error)
+	}
+
+	// FeatureFlagUserListService handles communication with the feature flag
+	// user list related methods of the GitLab API.
+	//
+	// GitLab API docs: https://docs.gitlab.com/api/feature_flag_user_lists/
+	FeatureFlagUserListsService struct {
+		client *Client
+	}
+)
+
+var _ FeatureFlagUserListsServiceInterface = (*FeatureFlagUserListsService)(nil)
+
+// FeatureFlagUserList represents a project feature flag user list.
+//
+// GitLab API docs: https://docs.gitlab.com/api/feature_flag_user_lists/
+type FeatureFlagUserList struct {
+	Name      string     `url:"name" json:"name"`
+	UserXIDs  string     `url:"user_xids" json:"user_xids"`
+	ID        int        `url:"id" json:"id"`
+	IID       int        `url:"iid" json:"iid"`
+	ProjectID int        `url:"project_id" json:"project_id"`
+	CreatedAt *time.Time `url:"created_at" json:"created_at"`
+	UpdatedAt *time.Time `url:"updated_at" json:"updated_at"`
+}
+
+// ListFeatureFlagUserListsOptions represents the available
+// ListFeatureFlagUserLists() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/feature_flag_user_lists/#list-all-feature-flag-user-lists-for-a-project
+type ListFeatureFlagUserListsOptions struct {
+	ListOptions
+	Search string `url:"search,omitempty" json:"search,omitempty"`
+}
+
+// ListFeatureFlagUserLists gets all feature flag user lists for the requested
+// project.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/feature_flag_user_lists/#list-all-feature-flag-user-lists-for-a-project
+func (s *FeatureFlagUserListsService) ListFeatureFlagUserLists(pid any, opt *ListFeatureFlagUserListsOptions, options ...RequestOptionFunc) ([]*FeatureFlagUserList, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/feature_flags_user_lists", PathEscape(project))
+
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var lists []*FeatureFlagUserList
+	resp, err := s.client.Do(req, &lists)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return lists, resp, nil
+}
+
+// CreateFeatureFlagUserListOptions represents the available
+// CreateFeatureFlagUserList() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/feature_flag_user_lists/#create-a-feature-flag-user-list
+type CreateFeatureFlagUserListOptions struct {
+	Name     string `url:"name,omitempty" json:"name,omitempty"`
+	UserXIDs string `url:"user_xids,omitempty" json:"user_xids,omitempty"`
+}
+
+// CreateFeatureFlagUserList creates a feature flag user list.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/feature_flag_user_lists/#create-a-feature-flag-user-list
+func (s *FeatureFlagUserListsService) CreateFeatureFlagUserList(pid any, opt *CreateFeatureFlagUserListOptions, options ...RequestOptionFunc) (*FeatureFlagUserList, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/feature_flags_user_lists", PathEscape(project))
+
+	req, err := s.client.NewRequest(http.MethodPost, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	list := new(FeatureFlagUserList)
+	resp, err := s.client.Do(req, list)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return list, resp, nil
+}
+
+// GetFeatureFlagUserList gets a feature flag user list.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/feature_flag_user_lists/#get-a-feature-flag-user-list
+func (s *FeatureFlagUserListsService) GetFeatureFlagUserList(pid any, iid int, options ...RequestOptionFunc) (*FeatureFlagUserList, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/feature_flags_user_lists/%d", PathEscape(project), iid)
+
+	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	list := new(FeatureFlagUserList)
+	resp, err := s.client.Do(req, list)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return list, resp, nil
+}
+
+// UpdateFeatureFlagUserListOptions represents the available
+// UpdateFeatureFlagUserList() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/feature_flag_user_lists/#update-a-feature-flag-user-list
+type UpdateFeatureFlagUserListOptions struct {
+	Name     string `url:"name,omitempty" json:"name,omitempty"`
+	UserXIDs string `url:"user_xids,omitempty" json:"user_xids,omitempty"`
+}
+
+// UpdateFeatureFlagUserList updates a feature flag user list.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/feature_flag_user_lists/#update-a-feature-flag-user-list
+func (s *FeatureFlagUserListsService) UpdateFeatureFlagUserList(pid any, iid int, opt *UpdateFeatureFlagUserListOptions, options ...RequestOptionFunc) (*FeatureFlagUserList, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/feature_flags_user_lists/%d", PathEscape(project), iid)
+
+	req, err := s.client.NewRequest(http.MethodPut, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	list := new(FeatureFlagUserList)
+	resp, err := s.client.Do(req, list)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return list, resp, nil
+}
+
+// DeleteFeatureFlagUserList deletes a feature flag user list.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/feature_flag_user_lists/#delete-feature-flag-user-list
+func (s *FeatureFlagUserListsService) DeleteFeatureFlagUserList(pid any, iid int, options ...RequestOptionFunc) (*Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, err
+	}
+	u := fmt.Sprintf("projects/%s/feature_flags_user_lists/%d", PathEscape(project), iid)
+
+	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/feature_flags.go b/vendor/gitlab.com/gitlab-org/api/client-go/feature_flags.go
index a54e7c55e2..d0a5d84d71 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/feature_flags.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/feature_flags.go
@@ -26,7 +26,9 @@ type (
 	// FeaturesServiceInterface defines all the API methods for the FeaturesService
 	FeaturesServiceInterface interface {
 		ListFeatures(options ...RequestOptionFunc) ([]*Feature, *Response, error)
-		SetFeatureFlag(name string, value interface{}, options ...RequestOptionFunc) (*Feature, *Response, error)
+		ListFeatureDefinitions(options ...RequestOptionFunc) ([]*FeatureDefinition, *Response, error)
+		SetFeatureFlag(name string, opt *SetFeatureFlagOptions, options ...RequestOptionFunc) (*Feature, *Response, error)
+		DeleteFeatureFlag(name string, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// FeaturesService handles the communication with the application FeaturesService
@@ -44,17 +46,18 @@ var _ FeaturesServiceInterface = (*FeaturesService)(nil)
 //
 // GitLab API docs: https://docs.gitlab.com/api/features/
 type Feature struct {
-	Name  string `json:"name"`
-	State string `json:"state"`
-	Gates []Gate
+	Name       string `json:"name"`
+	State      string `json:"state"`
+	Gates      []Gate
+	Definition *FeatureDefinition `json:"definition"`
 }
 
 // Gate represents a gate of a GitLab feature flag.
 //
 // GitLab API docs: https://docs.gitlab.com/api/features/
 type Gate struct {
-	Key   string      `json:"key"`
-	Value interface{} `json:"value"`
+	Key   string `json:"key"`
+	Value any    `json:"value"`
 }
 
 func (f Feature) String() string {
@@ -79,19 +82,67 @@ func (s *FeaturesService) ListFeatures(options ...RequestOptionFunc) ([]*Feature
 	return f, resp, nil
 }
 
+// FeatureDefinition represents a Feature Definition.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/features/#list-all-feature-definitions
+type FeatureDefinition struct {
+	Name            string `json:"name"`
+	IntroducedByURL string `json:"introduced_by_url"`
+	RolloutIssueURL string `json:"rollout_issue_url"`
+	Milestone       string `json:"milestone"`
+	LogStateChanges bool   `json:"log_state_changes"`
+	Type            string `json:"type"`
+	Group           string `json:"group"`
+	DefaultEnabled  bool   `json:"default_enabled"`
+}
+
+func (fd FeatureDefinition) String() string {
+	return Stringify(fd)
+}
+
+// ListFeatureDefinitions gets a lists of all feature definitions.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/features/#list-all-feature-definitions
+func (s *FeaturesService) ListFeatureDefinitions(options ...RequestOptionFunc) ([]*FeatureDefinition, *Response, error) {
+	req, err := s.client.NewRequest(http.MethodGet, "features/definitions", nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var fd []*FeatureDefinition
+	resp, err := s.client.Do(req, &fd)
+	if err != nil {
+		return nil, resp, err
+	}
+	return fd, resp, nil
+}
+
+// SetFeatureFlagOptions represents the available options for
+// SetFeatureFlag().
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/features/#set-or-create-a-feature
+type SetFeatureFlagOptions struct {
+	Value        any    `url:"value" json:"value"`
+	Key          string `url:"key" json:"key"`
+	FeatureGroup string `url:"feature_group" json:"feature_group"`
+	User         string `url:"user" json:"user"`
+	Group        string `url:"group" json:"group"`
+	Namespace    string `url:"namespace" json:"namespace"`
+	Project      string `url:"project" json:"project"`
+	Repository   string `url:"repository" json:"repository"`
+	Force        bool   `url:"force" json:"force"`
+}
+
 // SetFeatureFlag sets or creates a feature flag gate
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/features/#set-or-create-a-feature
-func (s *FeaturesService) SetFeatureFlag(name string, value interface{}, options ...RequestOptionFunc) (*Feature, *Response, error) {
+func (s *FeaturesService) SetFeatureFlag(name string, opt *SetFeatureFlagOptions, options ...RequestOptionFunc) (*Feature, *Response, error) {
 	u := fmt.Sprintf("features/%s", url.PathEscape(name))
 
-	opt := struct {
-		Value interface{} `url:"value" json:"value"`
-	}{
-		value,
-	}
-
 	req, err := s.client.NewRequest(http.MethodPost, u, opt, options)
 	if err != nil {
 		return nil, nil, err
@@ -104,3 +155,18 @@ func (s *FeaturesService) SetFeatureFlag(name string, value interface{}, options
 	}
 	return f, resp, nil
 }
+
+// DeleteFeatureFlag deletes a feature flag.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/features/#delete-a-feature
+func (s *FeaturesService) DeleteFeatureFlag(name string, options ...RequestOptionFunc) (*Response, error) {
+	u := fmt.Sprintf("features/%s", url.PathEscape(name))
+
+	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/freeze_periods.go b/vendor/gitlab.com/gitlab-org/api/client-go/freeze_periods.go
index e05392e9e1..cf6d3f8546 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/freeze_periods.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/freeze_periods.go
@@ -29,11 +29,11 @@ import (
 type (
 	// FreezePeriodsServiceInterface defines all the API methods for the FreezePeriodsService
 	FreezePeriodsServiceInterface interface {
-		ListFreezePeriods(pid interface{}, opt *ListFreezePeriodsOptions, options ...RequestOptionFunc) ([]*FreezePeriod, *Response, error)
-		GetFreezePeriod(pid interface{}, freezePeriod int, options ...RequestOptionFunc) (*FreezePeriod, *Response, error)
-		CreateFreezePeriodOptions(pid interface{}, opt *CreateFreezePeriodOptions, options ...RequestOptionFunc) (*FreezePeriod, *Response, error)
-		UpdateFreezePeriodOptions(pid interface{}, freezePeriod int, opt *UpdateFreezePeriodOptions, options ...RequestOptionFunc) (*FreezePeriod, *Response, error)
-		DeleteFreezePeriod(pid interface{}, freezePeriod int, options ...RequestOptionFunc) (*Response, error)
+		ListFreezePeriods(pid any, opt *ListFreezePeriodsOptions, options ...RequestOptionFunc) ([]*FreezePeriod, *Response, error)
+		GetFreezePeriod(pid any, freezePeriod int, options ...RequestOptionFunc) (*FreezePeriod, *Response, error)
+		CreateFreezePeriodOptions(pid any, opt *CreateFreezePeriodOptions, options ...RequestOptionFunc) (*FreezePeriod, *Response, error)
+		UpdateFreezePeriodOptions(pid any, freezePeriod int, opt *UpdateFreezePeriodOptions, options ...RequestOptionFunc) (*FreezePeriod, *Response, error)
+		DeleteFreezePeriod(pid any, freezePeriod int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// FreezePeriodsService handles the communication with the freeze periods
@@ -71,7 +71,7 @@ type ListFreezePeriodsOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/freeze_periods/#list-freeze-periods
-func (s *FreezePeriodsService) ListFreezePeriods(pid interface{}, opt *ListFreezePeriodsOptions, options ...RequestOptionFunc) ([]*FreezePeriod, *Response, error) {
+func (s *FreezePeriodsService) ListFreezePeriods(pid any, opt *ListFreezePeriodsOptions, options ...RequestOptionFunc) ([]*FreezePeriod, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -96,7 +96,7 @@ func (s *FreezePeriodsService) ListFreezePeriods(pid interface{}, opt *ListFreez
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/freeze_periods/#get-a-freeze-period-by-a-freeze_period_id
-func (s *FreezePeriodsService) GetFreezePeriod(pid interface{}, freezePeriod int, options ...RequestOptionFunc) (*FreezePeriod, *Response, error) {
+func (s *FreezePeriodsService) GetFreezePeriod(pid any, freezePeriod int, options ...RequestOptionFunc) (*FreezePeriod, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -132,7 +132,7 @@ type CreateFreezePeriodOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/freeze_periods/#create-a-freeze-period
-func (s *FreezePeriodsService) CreateFreezePeriodOptions(pid interface{}, opt *CreateFreezePeriodOptions, options ...RequestOptionFunc) (*FreezePeriod, *Response, error) {
+func (s *FreezePeriodsService) CreateFreezePeriodOptions(pid any, opt *CreateFreezePeriodOptions, options ...RequestOptionFunc) (*FreezePeriod, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -168,7 +168,7 @@ type UpdateFreezePeriodOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/freeze_periods/#update-a-freeze-period
-func (s *FreezePeriodsService) UpdateFreezePeriodOptions(pid interface{}, freezePeriod int, opt *UpdateFreezePeriodOptions, options ...RequestOptionFunc) (*FreezePeriod, *Response, error) {
+func (s *FreezePeriodsService) UpdateFreezePeriodOptions(pid any, freezePeriod int, opt *UpdateFreezePeriodOptions, options ...RequestOptionFunc) (*FreezePeriod, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -195,7 +195,7 @@ func (s *FreezePeriodsService) UpdateFreezePeriodOptions(pid interface{}, freeze
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/freeze_periods/#delete-a-freeze-period
-func (s *FreezePeriodsService) DeleteFreezePeriod(pid interface{}, freezePeriod int, options ...RequestOptionFunc) (*Response, error) {
+func (s *FreezePeriodsService) DeleteFreezePeriod(pid any, freezePeriod int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/generic_packages.go b/vendor/gitlab.com/gitlab-org/api/client-go/generic_packages.go
index 1db3aadb20..e80fb5bbd8 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/generic_packages.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/generic_packages.go
@@ -27,16 +27,16 @@ import (
 type (
 	// GenericPackagesServiceInterface defines all the API methods for the GenericPackagesService
 	GenericPackagesServiceInterface interface {
-		FormatPackageURL(pid interface{}, packageName, packageVersion, fileName string) (string, error)
-		PublishPackageFile(pid interface{}, packageName, packageVersion, fileName string, content io.Reader, opt *PublishPackageFileOptions, options ...RequestOptionFunc) (*GenericPackagesFile, *Response, error)
-		DownloadPackageFile(pid interface{}, packageName, packageVersion, fileName string, options ...RequestOptionFunc) ([]byte, *Response, error)
+		FormatPackageURL(pid any, packageName, packageVersion, fileName string) (string, error)
+		PublishPackageFile(pid any, packageName, packageVersion, fileName string, content io.Reader, opt *PublishPackageFileOptions, options ...RequestOptionFunc) (*GenericPackagesFile, *Response, error)
+		DownloadPackageFile(pid any, packageName, packageVersion, fileName string, options ...RequestOptionFunc) ([]byte, *Response, error)
 	}
 
 	// GenericPackagesService handles communication with the packages related
 	// methods of the GitLab API.
 	//
 	// GitLab docs:
-	// https://docs.gitlab.com/ee/user/packages/generic_packages/index.html
+	// https://docs.gitlab.com/user/packages/generic_packages/
 	GenericPackagesService struct {
 		client *Client
 	}
@@ -47,7 +47,7 @@ var _ GenericPackagesServiceInterface = (*GenericPackagesService)(nil)
 // GenericPackagesFile represents a GitLab generic package file.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/packages/generic_packages/index.html#publish-a-package-file
+// https://docs.gitlab.com/user/packages/generic_packages/#publish-a-single-file
 type GenericPackagesFile struct {
 	ID        int        `json:"id"`
 	PackageID int        `json:"package_id"`
@@ -74,7 +74,7 @@ type GenericPackagesFile struct {
 
 // FormatPackageURL returns the GitLab Package Registry URL for the given artifact metadata, without the BaseURL.
 // This does not make a GitLab API request, but rather computes it based on their documentation.
-func (s *GenericPackagesService) FormatPackageURL(pid interface{}, packageName, packageVersion, fileName string) (string, error) {
+func (s *GenericPackagesService) FormatPackageURL(pid any, packageName, packageVersion, fileName string) (string, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return "", err
@@ -93,7 +93,7 @@ func (s *GenericPackagesService) FormatPackageURL(pid interface{}, packageName,
 // options.
 //
 // GitLab docs:
-// https://docs.gitlab.com/ee/user/packages/generic_packages/index.html#publish-a-package-file
+// https://docs.gitlab.com/user/packages/generic_packages/#publish-a-single-file
 type PublishPackageFileOptions struct {
 	Status *GenericPackageStatusValue `url:"status,omitempty" json:"status,omitempty"`
 	Select *GenericPackageSelectValue `url:"select,omitempty" json:"select,omitempty"`
@@ -102,8 +102,8 @@ type PublishPackageFileOptions struct {
 // PublishPackageFile uploads a file to a project's package registry.
 //
 // GitLab docs:
-// https://docs.gitlab.com/ee/user/packages/generic_packages/index.html#publish-a-package-file
-func (s *GenericPackagesService) PublishPackageFile(pid interface{}, packageName, packageVersion, fileName string, content io.Reader, opt *PublishPackageFileOptions, options ...RequestOptionFunc) (*GenericPackagesFile, *Response, error) {
+// https://docs.gitlab.com/user/packages/generic_packages/#publish-a-single-file
+func (s *GenericPackagesService) PublishPackageFile(pid any, packageName, packageVersion, fileName string, content io.Reader, opt *PublishPackageFileOptions, options ...RequestOptionFunc) (*GenericPackagesFile, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -140,8 +140,8 @@ func (s *GenericPackagesService) PublishPackageFile(pid interface{}, packageName
 // DownloadPackageFile allows you to download the package file.
 //
 // GitLab docs:
-// https://docs.gitlab.com/ee/user/packages/generic_packages/index.html#download-package-file
-func (s *GenericPackagesService) DownloadPackageFile(pid interface{}, packageName, packageVersion, fileName string, options ...RequestOptionFunc) ([]byte, *Response, error) {
+// https://docs.gitlab.com/user/packages/generic_packages/#download-a-single-file
+func (s *GenericPackagesService) DownloadPackageFile(pid any, packageName, packageVersion, fileName string, options ...RequestOptionFunc) ([]byte, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go b/vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go
index 9ff0bcf67b..124cc83127 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go
@@ -22,19 +22,29 @@ import (
 )
 
 type (
+	// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 	GeoNodesServiceInterface interface {
+		// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 		CreateGeoNode(*CreateGeoNodesOptions, ...RequestOptionFunc) (*GeoNode, *Response, error)
+		// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 		ListGeoNodes(*ListGeoNodesOptions, ...RequestOptionFunc) ([]*GeoNode, *Response, error)
+		// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 		GetGeoNode(int, ...RequestOptionFunc) (*GeoNode, *Response, error)
+		// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 		EditGeoNode(int, *UpdateGeoNodesOptions, ...RequestOptionFunc) (*GeoNode, *Response, error)
+		// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 		DeleteGeoNode(int, ...RequestOptionFunc) (*Response, error)
+		// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 		RepairGeoNode(int, ...RequestOptionFunc) (*GeoNode, *Response, error)
+		// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 		RetrieveStatusOfAllGeoNodes(...RequestOptionFunc) ([]*GeoNodeStatus, *Response, error)
+		// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 		RetrieveStatusOfGeoNode(int, ...RequestOptionFunc) (*GeoNodeStatus, *Response, error)
 	}
 
 	// GeoNodesService handles communication with Geo Nodes related methods
 	// of GitLab API.
+	// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 	//
 	// GitLab API docs: https://docs.gitlab.com/api/geo_nodes/
 	GeoNodesService struct {
@@ -42,9 +52,11 @@ type (
 	}
 )
 
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 var _ GeoNodesServiceInterface = (*GeoNodesService)(nil)
 
 // GeoNode represents a GitLab Geo Node.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/geo_nodes/
 type GeoNode struct {
@@ -71,6 +83,7 @@ type GeoNode struct {
 }
 
 // GeoNodeLinks represents links for GitLab GeoNode.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs: https://docs.gitlab.com/api/geo_nodes/
 type GeoNodeLinks struct {
@@ -80,6 +93,7 @@ type GeoNodeLinks struct {
 }
 
 // CreateGeoNodesOptions represents the available CreateGeoNode() options.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#create-a-new-geo-node
@@ -101,6 +115,7 @@ type CreateGeoNodesOptions struct {
 }
 
 // CreateGeoNode creates a new Geo Node.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#create-a-new-geo-node
@@ -120,12 +135,14 @@ func (s *GeoNodesService) CreateGeoNode(opt *CreateGeoNodesOptions, options ...R
 }
 
 // ListGeoNodesOptions represents the available ListGeoNodes() options.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#retrieve-configuration-about-all-geo-nodes
 type ListGeoNodesOptions ListOptions
 
 // ListGeoNodes gets a list of geo nodes.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#retrieve-configuration-about-all-geo-nodes
@@ -145,6 +162,7 @@ func (s *GeoNodesService) ListGeoNodes(opt *ListGeoNodesOptions, options ...Requ
 }
 
 // GetGeoNode gets a specific geo node.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#retrieve-configuration-about-a-specific-geo-node
@@ -166,6 +184,7 @@ func (s *GeoNodesService) GetGeoNode(id int, options ...RequestOptionFunc) (*Geo
 }
 
 // UpdateGeoNodesOptions represents the available EditGeoNode() options.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#edit-a-geo-node
@@ -187,6 +206,7 @@ type UpdateGeoNodesOptions struct {
 }
 
 // EditGeoNode updates settings of an existing Geo node.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#edit-a-geo-node
@@ -208,6 +228,7 @@ func (s *GeoNodesService) EditGeoNode(id int, opt *UpdateGeoNodesOptions, option
 }
 
 // DeleteGeoNode removes the Geo node.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#delete-a-geo-node
@@ -223,6 +244,7 @@ func (s *GeoNodesService) DeleteGeoNode(id int, options ...RequestOptionFunc) (*
 }
 
 // RepairGeoNode to repair the OAuth authentication of a Geo node.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#repair-a-geo-node
@@ -244,6 +266,7 @@ func (s *GeoNodesService) RepairGeoNode(id int, options ...RequestOptionFunc) (*
 }
 
 // GeoNodeStatus represents the status of Geo Node.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#retrieve-status-about-all-geo-nodes
@@ -408,6 +431,7 @@ type GeoNodeStatus struct {
 }
 
 // RetrieveStatusOfAllGeoNodes get the list of status of all Geo Nodes.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#retrieve-status-about-all-geo-nodes
@@ -427,6 +451,7 @@ func (s *GeoNodesService) RetrieveStatusOfAllGeoNodes(options ...RequestOptionFu
 }
 
 // RetrieveStatusOfGeoNode get the of status of a specific Geo Nodes.
+// Deprecated: will be removed in v5 of the API, use Geo Sites API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/geo_nodes/#retrieve-status-about-a-specific-geo-node
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go b/vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go
new file mode 100644
index 0000000000..53cdb895e5
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go
@@ -0,0 +1,513 @@
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+)
+
+type (
+	GeoSitesServiceInterface interface {
+		CreateGeoSite(*CreateGeoSitesOptions, ...RequestOptionFunc) (*GeoSite, *Response, error)
+		ListGeoSites(*ListGeoSitesOptions, ...RequestOptionFunc) ([]*GeoSite, *Response, error)
+		GetGeoSite(int, ...RequestOptionFunc) (*GeoSite, *Response, error)
+		EditGeoSite(int, *EditGeoSiteOptions, ...RequestOptionFunc) (*GeoSite, *Response, error)
+		DeleteGeoSite(int, ...RequestOptionFunc) (*Response, error)
+		RepairGeoSite(int, ...RequestOptionFunc) (*GeoSite, *Response, error)
+		ListStatusOfAllGeoSites(*ListStatusOfAllGeoSitesOptions, ...RequestOptionFunc) ([]*GeoSiteStatus, *Response, error)
+		GetStatusOfGeoSite(int, ...RequestOptionFunc) (*GeoSiteStatus, *Response, error)
+	}
+
+	// GeoSitesService handles communication with Geo Sites related methods
+	// of GitLab API.
+	//
+	// GitLab API docs: https://docs.gitlab.com/api/geo_sites/
+	GeoSitesService struct {
+		client *Client
+	}
+)
+
+var _ GeoSitesServiceInterface = (*GeoSitesService)(nil)
+
+// GeoSite represents a GitLab Geo Site.
+//
+// GitLab API docs: https://docs.gitlab.com/api/geo_sites/
+type GeoSite struct {
+	ID                               int          `json:"id"`
+	Name                             string       `json:"name"`
+	URL                              string       `json:"url"`
+	InternalURL                      string       `json:"internal_url"`
+	Primary                          bool         `json:"primary"`
+	Enabled                          bool         `json:"enabled"`
+	Current                          bool         `json:"current"`
+	FilesMaxCapacity                 int          `json:"files_max_capacity"`
+	ReposMaxCapacity                 int          `json:"repos_max_capacity"`
+	VerificationMaxCapacity          int          `json:"verification_max_capacity"`
+	ContainerRepositoriesMaxCapacity int          `json:"container_repositories_max_capacity"`
+	SelectiveSyncType                string       `json:"selective_sync_type"`
+	SelectiveSyncShards              []string     `json:"selective_sync_shards"`
+	SelectiveSyncNamespaceIDs        []int        `json:"selective_sync_namespace_ids"`
+	MinimumReverificationInterval    int          `json:"minimum_reverification_interval"`
+	SyncObjectStorage                bool         `json:"sync_object_storage"`
+	WebEditURL                       string       `json:"web_edit_url"`
+	WebGeoReplicationDetailsURL      string       `json:"web_geo_replication_details_url"`
+	Links                            GeoSiteLinks `json:"_links"`
+}
+
+// GeoSiteLinks represents links for GitLab GeoSite.
+//
+// GitLab API docs: https://docs.gitlab.com/api/geo_sites/
+type GeoSiteLinks struct {
+	Self   string `json:"self"`
+	Status string `json:"status"`
+	Repair string `json:"repair"`
+}
+
+// CreateGeoSitesOptions represents the available CreateGeoSite() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#create-a-new-geo-site
+type CreateGeoSitesOptions struct {
+	Primary                          *bool     `url:"primary,omitempty" json:"primary,omitempty"`
+	Enabled                          *bool     `url:"enabled,omitempty" json:"enabled,omitempty"`
+	Name                             *string   `url:"name,omitempty" json:"name,omitempty"`
+	URL                              *string   `url:"url,omitempty" json:"url,omitempty"`
+	InternalURL                      *string   `url:"internal_url,omitempty" json:"internal_url,omitempty"`
+	FilesMaxCapacity                 *int      `url:"files_max_capacity,omitempty" json:"files_max_capacity,omitempty"`
+	ReposMaxCapacity                 *int      `url:"repos_max_capacity,omitempty" json:"repos_max_capacity,omitempty"`
+	VerificationMaxCapacity          *int      `url:"verification_max_capacity,omitempty" json:"verification_max_capacity,omitempty"`
+	ContainerRepositoriesMaxCapacity *int      `url:"container_repositories_max_capacity,omitempty" json:"container_repositories_max_capacity,omitempty"`
+	SyncObjectStorage                *bool     `url:"sync_object_storage,omitempty" json:"sync_object_storage,omitempty"`
+	SelectiveSyncType                *string   `url:"selective_sync_type,omitempty" json:"selective_sync_type,omitempty"`
+	SelectiveSyncShards              *[]string `url:"selective_sync_shards,omitempty" json:"selective_sync_shards,omitempty"`
+	SelectiveSyncNamespaceIDs        *[]int    `url:"selective_sync_namespace_ids,omitempty" json:"selective_sync_namespace_ids,omitempty"`
+	MinimumReverificationInterval    *int      `url:"minimum_reverification_interval,omitempty" json:"minimum_reverification_interval,omitempty"`
+}
+
+// CreateGeoSite creates a new Geo Site.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#create-a-new-geo-site
+func (s *GeoSitesService) CreateGeoSite(opt *CreateGeoSitesOptions, options ...RequestOptionFunc) (*GeoSite, *Response, error) {
+	req, err := s.client.NewRequest(http.MethodPost, "geo_sites", opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	site := new(GeoSite)
+	resp, err := s.client.Do(req, site)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return site, resp, nil
+}
+
+// ListGeoSitesOptions represents the available ListGeoSites() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#retrieve-configuration-about-all-geo-sites
+type ListGeoSitesOptions ListOptions
+
+// ListGeoSites gets a list of geo sites.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#retrieve-configuration-about-all-geo-sites
+func (s *GeoSitesService) ListGeoSites(opt *ListGeoSitesOptions, options ...RequestOptionFunc) ([]*GeoSite, *Response, error) {
+	req, err := s.client.NewRequest(http.MethodGet, "geo_sites", opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var sites []*GeoSite
+	resp, err := s.client.Do(req, &sites)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return sites, resp, nil
+}
+
+// GetGeoSite gets a specific geo site.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#retrieve-configuration-about-a-specific-geo-site
+func (s *GeoSitesService) GetGeoSite(id int, options ...RequestOptionFunc) (*GeoSite, *Response, error) {
+	u := fmt.Sprintf("geo_sites/%d", id)
+
+	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	site := new(GeoSite)
+	resp, err := s.client.Do(req, site)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return site, resp, nil
+}
+
+// EditGeoSiteOptions represents the available EditGeoSite() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#edit-a-geo-site
+type EditGeoSiteOptions struct {
+	Enabled                          *bool     `url:"enabled,omitempty" json:"enabled,omitempty"`
+	Name                             *string   `url:"name,omitempty" json:"name,omitempty"`
+	URL                              *string   `url:"url,omitempty" json:"url,omitempty"`
+	InternalURL                      *string   `url:"internal_url,omitempty" json:"internal_url,omitempty"`
+	FilesMaxCapacity                 *int      `url:"files_max_capacity,omitempty" json:"files_max_capacity,omitempty"`
+	ReposMaxCapacity                 *int      `url:"repos_max_capacity,omitempty" json:"repos_max_capacity,omitempty"`
+	VerificationMaxCapacity          *int      `url:"verification_max_capacity,omitempty" json:"verification_max_capacity,omitempty"`
+	ContainerRepositoriesMaxCapacity *int      `url:"container_repositories_max_capacity,omitempty" json:"container_repositories_max_capacity,omitempty"`
+	SelectiveSyncType                *string   `url:"selective_sync_type,omitempty" json:"selective_sync_type,omitempty"`
+	SelectiveSyncShards              *[]string `url:"selective_sync_shards,omitempty" json:"selective_sync_shards,omitempty"`
+	SelectiveSyncNamespaceIDs        *[]int    `url:"selective_sync_namespace_ids,omitempty" json:"selective_sync_namespace_ids,omitempty"`
+	MinimumReverificationInterval    *int      `url:"minimum_reverification_interval,omitempty" json:"minimum_reverification_interval,omitempty"`
+}
+
+// EditGeoSite updates settings of an existing Geo site.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#edit-a-geo-site
+func (s *GeoSitesService) EditGeoSite(id int, opt *EditGeoSiteOptions, options ...RequestOptionFunc) (*GeoSite, *Response, error) {
+	u := fmt.Sprintf("geo_sites/%d", id)
+
+	req, err := s.client.NewRequest(http.MethodPut, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	site := new(GeoSite)
+	resp, err := s.client.Do(req, site)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return site, resp, nil
+}
+
+// DeleteGeoSite removes the Geo site.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#delete-a-geo-site
+func (s *GeoSitesService) DeleteGeoSite(id int, options ...RequestOptionFunc) (*Response, error) {
+	u := fmt.Sprintf("geo_sites/%d", id)
+
+	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
+
+// RepairGeoSite to repair the OAuth authentication of a Geo site.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#repair-a-geo-site
+func (s *GeoSitesService) RepairGeoSite(id int, options ...RequestOptionFunc) (*GeoSite, *Response, error) {
+	u := fmt.Sprintf("geo_sites/%d/repair", id)
+
+	req, err := s.client.NewRequest(http.MethodPost, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	site := new(GeoSite)
+	resp, err := s.client.Do(req, site)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return site, resp, nil
+}
+
+// GeoSiteStatus represents the status of Geo Site.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#retrieve-status-about-all-geo-sites
+type GeoSiteStatus struct {
+	GeoNodeID                                       int               `json:"geo_node_id"`
+	ProjectsCount                                   int               `json:"projects_count"`
+	ContainerRepositoriesReplicationEnabled         bool              `json:"container_repositories_replication_enabled"`
+	LFSObjectsCount                                 int               `json:"lfs_objects_count"`
+	LFSObjectsChecksumTotalCount                    int               `json:"lfs_objects_checksum_total_count"`
+	LFSObjectsChecksummedCount                      int               `json:"lfs_objects_checksummed_count"`
+	LFSObjectsChecksumFailedCount                   int               `json:"lfs_objects_checksum_failed_count"`
+	LFSObjectsSyncedCount                           int               `json:"lfs_objects_synced_count"`
+	LFSObjectsFailedCount                           int               `json:"lfs_objects_failed_count"`
+	LFSObjectsRegistryCount                         int               `json:"lfs_objects_registry_count"`
+	LFSObjectsVerificationTotalCount                int               `json:"lfs_objects_verification_total_count"`
+	LFSObjectsVerifiedCount                         int               `json:"lfs_objects_verified_count"`
+	LFSObjectsVerificationFailedCount               int               `json:"lfs_objects_verification_failed_count"`
+	MergeRequestDiffsCount                          int               `json:"merge_request_diffs_count"`
+	MergeRequestDiffsChecksumTotalCount             int               `json:"merge_request_diffs_checksum_total_count"`
+	MergeRequestDiffsChecksummedCount               int               `json:"merge_request_diffs_checksummed_count"`
+	MergeRequestDiffsChecksumFailedCount            int               `json:"merge_request_diffs_checksum_failed_count"`
+	MergeRequestDiffsSyncedCount                    int               `json:"merge_request_diffs_synced_count"`
+	MergeRequestDiffsFailedCount                    int               `json:"merge_request_diffs_failed_count"`
+	MergeRequestDiffsRegistryCount                  int               `json:"merge_request_diffs_registry_count"`
+	MergeRequestDiffsVerificationTotalCount         int               `json:"merge_request_diffs_verification_total_count"`
+	MergeRequestDiffsVerifiedCount                  int               `json:"merge_request_diffs_verified_count"`
+	MergeRequestDiffsVerificationFailedCount        int               `json:"merge_request_diffs_verification_failed_count"`
+	PackageFilesCount                               int               `json:"package_files_count"`
+	PackageFilesChecksumTotalCount                  int               `json:"package_files_checksum_total_count"`
+	PackageFilesChecksummedCount                    int               `json:"package_files_checksummed_count"`
+	PackageFilesChecksumFailedCount                 int               `json:"package_files_checksum_failed_count"`
+	PackageFilesSyncedCount                         int               `json:"package_files_synced_count"`
+	PackageFilesFailedCount                         int               `json:"package_files_failed_count"`
+	PackageFilesRegistryCount                       int               `json:"package_files_registry_count"`
+	PackageFilesVerificationTotalCount              int               `json:"package_files_verification_total_count"`
+	PackageFilesVerifiedCount                       int               `json:"package_files_verified_count"`
+	PackageFilesVerificationFailedCount             int               `json:"package_files_verification_failed_count"`
+	TerraformStateVersionsCount                     int               `json:"terraform_state_versions_count"`
+	TerraformStateVersionsChecksumTotalCount        int               `json:"terraform_state_versions_checksum_total_count"`
+	TerraformStateVersionsChecksummedCount          int               `json:"terraform_state_versions_checksummed_count"`
+	TerraformStateVersionsChecksumFailedCount       int               `json:"terraform_state_versions_checksum_failed_count"`
+	TerraformStateVersionsSyncedCount               int               `json:"terraform_state_versions_synced_count"`
+	TerraformStateVersionsFailedCount               int               `json:"terraform_state_versions_failed_count"`
+	TerraformStateVersionsRegistryCount             int               `json:"terraform_state_versions_registry_count"`
+	TerraformStateVersionsVerificationTotalCount    int               `json:"terraform_state_versions_verification_total_count"`
+	TerraformStateVersionsVerifiedCount             int               `json:"terraform_state_versions_verified_count"`
+	TerraformStateVersionsVerificationFailedCount   int               `json:"terraform_state_versions_verification_failed_count"`
+	SnippetRepositoriesCount                        int               `json:"snippet_repositories_count"`
+	SnippetRepositoriesChecksumTotalCount           int               `json:"snippet_repositories_checksum_total_count"`
+	SnippetRepositoriesChecksummedCount             int               `json:"snippet_repositories_checksummed_count"`
+	SnippetRepositoriesChecksumFailedCount          int               `json:"snippet_repositories_checksum_failed_count"`
+	SnippetRepositoriesSyncedCount                  int               `json:"snippet_repositories_synced_count"`
+	SnippetRepositoriesFailedCount                  int               `json:"snippet_repositories_failed_count"`
+	SnippetRepositoriesRegistryCount                int               `json:"snippet_repositories_registry_count"`
+	SnippetRepositoriesVerificationTotalCount       int               `json:"snippet_repositories_verification_total_count"`
+	SnippetRepositoriesVerifiedCount                int               `json:"snippet_repositories_verified_count"`
+	SnippetRepositoriesVerificationFailedCount      int               `json:"snippet_repositories_verification_failed_count"`
+	GroupWikiRepositoriesCount                      int               `json:"group_wiki_repositories_count"`
+	GroupWikiRepositoriesChecksumTotalCount         int               `json:"group_wiki_repositories_checksum_total_count"`
+	GroupWikiRepositoriesChecksummedCount           int               `json:"group_wiki_repositories_checksummed_count"`
+	GroupWikiRepositoriesChecksumFailedCount        int               `json:"group_wiki_repositories_checksum_failed_count"`
+	GroupWikiRepositoriesSyncedCount                int               `json:"group_wiki_repositories_synced_count"`
+	GroupWikiRepositoriesFailedCount                int               `json:"group_wiki_repositories_failed_count"`
+	GroupWikiRepositoriesRegistryCount              int               `json:"group_wiki_repositories_registry_count"`
+	GrupWikiRepositoriesVerificationTotalCount      int               `json:"group_wiki_repositories_verification_total_count"`
+	GroupWikiRepositoriesVerifiedCount              int               `json:"group_wiki_repositories_verified_count"`
+	GroupWikiRepositoriesVerificationFailedCount    int               `json:"group_wiki_repositories_verification_failed_count"`
+	PipelineArtifactsCount                          int               `json:"pipeline_artifacts_count"`
+	PipelineArtifactsChecksumTotalCount             int               `json:"pipeline_artifacts_checksum_total_count"`
+	PipelineArtifactsChecksummedCount               int               `json:"pipeline_artifacts_checksummed_count"`
+	PipelineArtifactsChecksumFailedCount            int               `json:"pipeline_artifacts_checksum_failed_count"`
+	PipelineArtifactsSyncedCount                    int               `json:"pipeline_artifacts_synced_count"`
+	PipelineArtifactsFailedCount                    int               `json:"pipeline_artifacts_failed_count"`
+	PipelineArtifactsRegistryCount                  int               `json:"pipeline_artifacts_registry_count"`
+	PipelineArtifactsVerificationTotalCount         int               `json:"pipeline_artifacts_verification_total_count"`
+	PipelineArtifactsVerifiedCount                  int               `json:"pipeline_artifacts_verified_count"`
+	PipelineArtifactsVerificationFailedCount        int               `json:"pipeline_artifacts_verification_failed_count"`
+	PagesDeploymentsCount                           int               `json:"pages_deployments_count"`
+	PagesDeploymentsChecksumTotalCount              int               `json:"pages_deployments_checksum_total_count"`
+	PagesDeploymentsChecksummedCount                int               `json:"pages_deployments_checksummed_count"`
+	PagesDeploymentsChecksumFailedCount             int               `json:"pages_deployments_checksum_failed_count"`
+	PagesDeploymentsSyncedCount                     int               `json:"pages_deployments_synced_count"`
+	PagesDeploymentsFailedCount                     int               `json:"pages_deployments_failed_count"`
+	PagesDeploymentsRegistryCount                   int               `json:"pages_deployments_registry_count"`
+	PagesDeploymentsVerificationTotalCount          int               `json:"pages_deployments_verification_total_count"`
+	PagesDeploymentsVerifiedCount                   int               `json:"pages_deployments_verified_count"`
+	PagesDeploymentsVerificationFailedCount         int               `json:"pages_deployments_verification_failed_count"`
+	UploadsCount                                    int               `json:"uploads_count"`
+	UploadsChecksumTotalCount                       int               `json:"uploads_checksum_total_count"`
+	UploadsChecksummedCount                         int               `json:"uploads_checksummed_count"`
+	UploadsChecksumFailedCount                      int               `json:"uploads_checksum_failed_count"`
+	UploadsSyncedCount                              int               `json:"uploads_synced_count"`
+	UploadsFailedCount                              int               `json:"uploads_failed_count"`
+	UploadsRegistryCount                            int               `json:"uploads_registry_count"`
+	UploadsVerificationTotalCount                   int               `json:"uploads_verification_total_count"`
+	UploadsVerifiedCount                            int               `json:"uploads_verified_count"`
+	UploadsVerificationFailedCount                  int               `json:"uploads_verification_failed_count"`
+	JobArtifactsCount                               int               `json:"job_artifacts_count"`
+	JobArtifactsChecksumTotalCount                  int               `json:"job_artifacts_checksum_total_count"`
+	JobArtifactsChecksummedCount                    int               `json:"job_artifacts_checksummed_count"`
+	JobArtifactsChecksumFailedCount                 int               `json:"job_artifacts_checksum_failed_count"`
+	JobArtifactsSyncedCount                         int               `json:"job_artifacts_synced_count"`
+	JobArtifactsFailedCount                         int               `json:"job_artifacts_failed_count"`
+	JobArtifactsRegistryCount                       int               `json:"job_artifacts_registry_count"`
+	JobArtifactsVerificationTotalCount              int               `json:"job_artifacts_verification_total_count"`
+	JobArtifactsVerifiedCount                       int               `json:"job_artifacts_verified_count"`
+	JobArtifactsVerificationFailedCount             int               `json:"job_artifacts_verification_failed_count"`
+	CISecureFilesCount                              int               `json:"ci_secure_files_count"`
+	CISecureFilesChecksumTotalCount                 int               `json:"ci_secure_files_checksum_total_count"`
+	CISecureFilesChecksummedCount                   int               `json:"ci_secure_files_checksummed_count"`
+	CISecureFilesChecksumFailedCount                int               `json:"ci_secure_files_checksum_failed_count"`
+	CISecureFilesSyncedCount                        int               `json:"ci_secure_files_synced_count"`
+	CISecureFilesFailedCount                        int               `json:"ci_secure_files_failed_count"`
+	CISecureFilesRegistryCount                      int               `json:"ci_secure_files_registry_count"`
+	CISecureFilesVerificationTotalCount             int               `json:"ci_secure_files_verification_total_count"`
+	CISecureFilesVerifiedCount                      int               `json:"ci_secure_files_verified_count"`
+	CISecureFilesVerificationFailedCount            int               `json:"ci_secure_files_verification_failed_count"`
+	ContainerRepositoriesCount                      int               `json:"container_repositories_count"`
+	ContainerRepositoriesChecksumTotalCount         int               `json:"container_repositories_checksum_total_count"`
+	ContainerRepositoriesChecksummedCount           int               `json:"container_repositories_checksummed_count"`
+	ContainerRepositoriesChecksumFailedCount        int               `json:"container_repositories_checksum_failed_count"`
+	ContainerRepositoriesSyncedCount                int               `json:"container_repositories_synced_count"`
+	ContainerRepositoriesFailedCount                int               `json:"container_repositories_failed_count"`
+	ContainerRepositoriesRegistryCount              int               `json:"container_repositories_registry_count"`
+	ContainerRepositoriesVerificationTotalCount     int               `json:"container_repositories_verification_total_count"`
+	ContainerRepositoriesVerifiedCount              int               `json:"container_repositories_verified_count"`
+	ContainerRepositoriesVerificationFailedCount    int               `json:"container_repositories_verification_failed_count"`
+	DependencyProxyBlobsCount                       int               `json:"dependency_proxy_blobs_count"`
+	DependencyProxyBlobsChecksumTotalCount          int               `json:"dependency_proxy_blobs_checksum_total_count"`
+	DependencyProxyBlobsChecksummedCount            int               `json:"dependency_proxy_blobs_checksummed_count"`
+	DependencyProxyBlobsChecksumFailedCount         int               `json:"dependency_proxy_blobs_checksum_failed_count"`
+	DependencyProxyBlobsSyncedCount                 int               `json:"dependency_proxy_blobs_synced_count"`
+	DependencyProxyBlobsFailedCount                 int               `json:"dependency_proxy_blobs_failed_count"`
+	DependencyProxyBlobsRegistryCount               int               `json:"dependency_proxy_blobs_registry_count"`
+	DependencyProxyBlobsVerificationTotalCount      int               `json:"dependency_proxy_blobs_verification_total_count"`
+	DependencyProxyBlobsVerifiedCount               int               `json:"dependency_proxy_blobs_verified_count"`
+	DependencyProxyBlobsVerificationFailedCount     int               `json:"dependency_proxy_blobs_verification_failed_count"`
+	DependencyProxyManifestsCount                   int               `json:"dependency_proxy_manifests_count"`
+	DependencyProxyManifestsChecksumTotalCount      int               `json:"dependency_proxy_manifests_checksum_total_count"`
+	DependencyProxyManifestsChecksummedCount        int               `json:"dependency_proxy_manifests_checksummed_count"`
+	DependencyProxyManifestsChecksumFailedCount     int               `json:"dependency_proxy_manifests_checksum_failed_count"`
+	DependencyProxyManifestsSyncedCount             int               `json:"dependency_proxy_manifests_synced_count"`
+	DependencyProxyManifestsFailedCount             int               `json:"dependency_proxy_manifests_failed_count"`
+	DependencyProxyManifestsRegistryCount           int               `json:"dependency_proxy_manifests_registry_count"`
+	DependencyProxyManifestsVerificationTotalCount  int               `json:"dependency_proxy_manifests_verification_total_count"`
+	DependencyProxyManifestsVerifiedCount           int               `json:"dependency_proxy_manifests_verified_count"`
+	DependencyProxyManifestsVerificationFailedCount int               `json:"dependency_proxy_manifests_verification_failed_count"`
+	ProjectWikiRepositoriesCount                    int               `json:"project_wiki_repositories_count"`
+	ProjectWikiRepositoriesChecksumTotalCount       int               `json:"project_wiki_repositories_checksum_total_count"`
+	ProjectWikiRepositoriesChecksummedCount         int               `json:"project_wiki_repositories_checksummed_count"`
+	ProjectWikiRepositoriesChecksumFailedCount      int               `json:"project_wiki_repositories_checksum_failed_count"`
+	ProjectWikiRepositoriesSyncedCount              int               `json:"project_wiki_repositories_synced_count"`
+	ProjectWikiRepositoriesFailedCount              int               `json:"project_wiki_repositories_failed_count"`
+	ProjectWikiRepositoriesRegistryCount            int               `json:"project_wiki_repositories_registry_count"`
+	ProjectWikiRepositoriesVerificationTotalCount   int               `json:"project_wiki_repositories_verification_total_count"`
+	ProjectWikiRepositoriesVerifiedCount            int               `json:"project_wiki_repositories_verified_count"`
+	ProjectWikiRepositoriesVerificationFailedCount  int               `json:"project_wiki_repositories_verification_failed_count"`
+	GitFetchEventCountWeekly                        int               `json:"git_fetch_event_count_weekly"`
+	GitPushEventCountWeekly                         int               `json:"git_push_event_count_weekly"`
+	ProxyRemoteRequestsEventCountWeekly             int               `json:"proxy_remote_requests_event_count_weekly"`
+	ProxyLocalRequestsEventCountWeekly              int               `json:"proxy_local_requests_event_count_weekly"`
+	RepositoriesCheckedInPercentage                 string            `json:"repositories_checked_in_percentage"`
+	ReplicationSlotsUsedInPercentage                string            `json:"replication_slots_used_in_percentage"`
+	LFSObjectsSyncedInPercentage                    string            `json:"lfs_objects_synced_in_percentage"`
+	LFSObjectsVerifiedInPercentage                  string            `json:"lfs_objects_verified_in_percentage"`
+	MergeRequestDiffsSyncedInPercentage             string            `json:"merge_request_diffs_synced_in_percentage"`
+	MergeRequestDiffsVerifiedInPercentage           string            `json:"merge_request_diffs_verified_in_percentage"`
+	PackageFilesSyncedInPercentage                  string            `json:"package_files_synced_in_percentage"`
+	PackageFilesVerifiedInPercentage                string            `json:"package_files_verified_in_percentage"`
+	TerraformStateVersionsSyncedInPercentage        string            `json:"terraform_state_versions_synced_in_percentage"`
+	TerraformStateVersionsVerifiedInPercentage      string            `json:"terraform_state_versions_verified_in_percentage"`
+	SnippetRepositoriesSyncedInPercentage           string            `json:"snippet_repositories_synced_in_percentage"`
+	SnippetRepositoriesVerifiedInPercentage         string            `json:"snippet_repositories_verified_in_percentage"`
+	GroupWikiRepositoriesSyncedInPercentage         string            `json:"group_wiki_repositories_synced_in_percentage"`
+	GroupWikiRepositoriesVerifiedInPercentage       string            `json:"group_wiki_repositories_verified_in_percentage"`
+	PipelineArtifactsSyncedInPercentage             string            `json:"pipeline_artifacts_synced_in_percentage"`
+	PipelineArtifactsVerifiedInPercentage           string            `json:"pipeline_artifacts_verified_in_percentage"`
+	PagesDeploymentsSyncedInPercentage              string            `json:"pages_deployments_synced_in_percentage"`
+	PagesDeploymentsVerifiedInPercentage            string            `json:"pages_deployments_verified_in_percentage"`
+	UploadsSyncedInPercentage                       string            `json:"uploads_synced_in_percentage"`
+	UploadsVerifiedInPercentage                     string            `json:"uploads_verified_in_percentage"`
+	JobArtifactsSyncedInPercentage                  string            `json:"job_artifacts_synced_in_percentage"`
+	JobArtifactsVerifiedInPercentage                string            `json:"job_artifacts_verified_in_percentage"`
+	CISecureFilesSyncedInPercentage                 string            `json:"ci_secure_files_synced_in_percentage"`
+	CISecureFilesVerifiedInPercentage               string            `json:"ci_secure_files_verified_in_percentage"`
+	ContainerRepositoriesSyncedInPercentage         string            `json:"container_repositories_synced_in_percentage"`
+	ContainerRepositoriesVerifiedInPercentage       string            `json:"container_repositories_verified_in_percentage"`
+	DependencyProxyBlobsSyncedInPercentage          string            `json:"dependency_proxy_blobs_synced_in_percentage"`
+	DependencyProxyBlobsVerifiedInPercentage        string            `json:"dependency_proxy_blobs_verified_in_percentage"`
+	DependencyProxyManifestsSyncedInPercentage      string            `json:"dependency_proxy_manifests_synced_in_percentage"`
+	DependencyProxyManifestsVerifiedInPercentage    string            `json:"dependency_proxy_manifests_verified_in_percentage"`
+	ProjectWikiRepositoriesSyncedInPercentage       string            `json:"project_wiki_repositories_synced_in_percentage"`
+	ProjectWikiRepositoriesVerifiedInPercentage     string            `json:"project_wiki_repositories_verified_in_percentage"`
+	ReplicationSlotsCount                           int               `json:"replication_slots_count"`
+	ReplicationSlotsUsedCount                       int               `json:"replication_slots_used_count"`
+	Healthy                                         bool              `json:"healthy"`
+	Health                                          string            `json:"health"`
+	HealthStatus                                    string            `json:"health_status"`
+	MissingOAuthApplication                         bool              `json:"missing_oauth_application"`
+	DBReplicationLagSeconds                         int               `json:"db_replication_lag_seconds"`
+	ReplicationSlotsMaxRetainedWalBytes             int               `json:"replication_slots_max_retained_wal_bytes"`
+	RepositoriesCheckedCount                        int               `json:"repositories_checked_count"`
+	RepositoriesCheckedFailedCount                  int               `json:"repositories_checked_failed_count"`
+	LastEventID                                     int               `json:"last_event_id"`
+	LastEventTimestamp                              int               `json:"last_event_timestamp"`
+	CursorLastEventID                               int               `json:"cursor_last_event_id"`
+	CursorLastEventTimestamp                        int               `json:"cursor_last_event_timestamp"`
+	LastSuccessfulStatusCheckTimestamp              int               `json:"last_successful_status_check_timestamp"`
+	Version                                         string            `json:"version"`
+	Revision                                        string            `json:"revision"`
+	SelectiveSyncType                               string            `json:"selective_sync_type"`
+	Namespaces                                      []string          `json:"namespaces"`
+	UpdatedAt                                       time.Time         `json:"updated_at"`
+	StorageShardsMatch                              bool              `json:"storage_shards_match"`
+	Links                                           GeoSiteStatusLink `json:"_links"`
+}
+
+// GeoSiteStatus represents the status of Geo Site.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#retrieve-status-about-all-geo-sites
+type GeoSiteStatusLink struct {
+	Self string `json:"self"`
+	Site string `json:"site"`
+}
+
+// ListStatusOfAllGeoSitesOptions represents the available ListStatusOfAllGeoSites() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#retrieve-status-about-all-geo-sites
+type ListStatusOfAllGeoSitesOptions ListOptions
+
+// ListStatusOfAllGeoSites get the list of status of all Geo Sites.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#retrieve-status-about-all-geo-sites
+func (s *GeoSitesService) ListStatusOfAllGeoSites(opt *ListStatusOfAllGeoSitesOptions, options ...RequestOptionFunc) ([]*GeoSiteStatus, *Response, error) {
+	req, err := s.client.NewRequest(http.MethodGet, "geo_sites/status", nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var statuses []*GeoSiteStatus
+	resp, err := s.client.Do(req, &statuses)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return statuses, resp, nil
+}
+
+// GetStatusOfGeoSite get the of status of a specific Geo Sites.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/geo_sites/#retrieve-status-about-a-specific-geo-site
+func (s *GeoSitesService) GetStatusOfGeoSite(id int, options ...RequestOptionFunc) (*GeoSiteStatus, *Response, error) {
+	u := fmt.Sprintf("geo_sites/%d/status", id)
+
+	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	status := new(GeoSiteStatus)
+	resp, err := s.client.Do(req, status)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return status, resp, nil
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/gitlab.go b/vendor/gitlab.com/gitlab-org/api/client-go/gitlab.go
index 72846cf296..fe912715f2 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/gitlab.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/gitlab.go
@@ -24,6 +24,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"maps"
 	"math"
 	"math/rand"
 	"mime/multipart"
@@ -89,17 +90,12 @@ type Client struct {
 	// Limiter is used to limit API calls and prevent 429 responses.
 	limiter RateLimiter
 
-	// Token type used to make authenticated API calls.
-	authType AuthType
-
-	// Username and password used for basic authentication.
-	username, password string
+	// authSource is used to obtain authentication headers.
+	authSource AuthSource
 
-	// Token used to make authenticated API calls.
-	token string
-
-	// Protects the token field from concurrent read/write accesses.
-	tokenLock sync.RWMutex
+	// authSourceInit is used to ensure that AuthSources are initialized only
+	// once.
+	authSourceInit sync.Once
 
 	// Default request options applied to every request.
 	defaultRequestOptions []RequestOptionFunc
@@ -107,10 +103,15 @@ type Client struct {
 	// User agent used when communicating with the GitLab API.
 	UserAgent string
 
+	// GraphQL interface
+	GraphQL GraphQLInterface
+
 	// Services used for talking to different parts of the GitLab API.
 	AccessRequests                   AccessRequestsServiceInterface
+	AlertManagement                  AlertManagementServiceInterface
 	Appearance                       AppearanceServiceInterface
 	Applications                     ApplicationsServiceInterface
+	ApplicationStatistics            ApplicationStatisticsServiceInterface
 	AuditEvents                      AuditEventsServiceInterface
 	Avatar                           AvatarRequestsServiceInterface
 	AwardEmoji                       AwardEmojiServiceInterface
@@ -124,7 +125,10 @@ type Client struct {
 	ContainerRegistry                ContainerRegistryServiceInterface
 	ContainerRegistryProtectionRules ContainerRegistryProtectionRulesServiceInterface
 	CustomAttribute                  CustomAttributesServiceInterface
+	DatabaseMigrations               DatabaseMigrationsServiceInterface
+	Dependencies                     DependenciesServiceInterface
 	DependencyListExport             DependencyListExportServiceInterface
+	DependencyProxy                  DependencyProxyServiceInterface
 	DeployKeys                       DeployKeysServiceInterface
 	DeployTokens                     DeployTokensServiceInterface
 	DeploymentMergeRequests          DeploymentMergeRequestsServiceInterface
@@ -133,18 +137,22 @@ type Client struct {
 	DockerfileTemplate               DockerfileTemplatesServiceInterface
 	DORAMetrics                      DORAMetricsServiceInterface
 	DraftNotes                       DraftNotesServiceInterface
+	EnterpriseUsers                  EnterpriseUsersServiceInterface
 	Environments                     EnvironmentsServiceInterface
 	EpicIssues                       EpicIssuesServiceInterface
 	Epics                            EpicsServiceInterface
 	ErrorTracking                    ErrorTrackingServiceInterface
 	Events                           EventsServiceInterface
 	ExternalStatusChecks             ExternalStatusChecksServiceInterface
+	FeatureFlagUserLists             FeatureFlagUserListsServiceInterface
 	Features                         FeaturesServiceInterface
 	FreezePeriods                    FreezePeriodsServiceInterface
 	GenericPackages                  GenericPackagesServiceInterface
 	GeoNodes                         GeoNodesServiceInterface
+	GeoSites                         GeoSitesServiceInterface
 	GitIgnoreTemplates               GitIgnoreTemplatesServiceInterface
 	GroupAccessTokens                GroupAccessTokensServiceInterface
+	GroupActivityAnalytics           GroupActivityAnalyticsServiceInterface
 	GroupBadges                      GroupBadgesServiceInterface
 	GroupCluster                     GroupClustersServiceInterface
 	GroupEpicBoards                  GroupEpicBoardsServiceInterface
@@ -152,6 +160,7 @@ type Client struct {
 	GroupIssueBoards                 GroupIssueBoardsServiceInterface
 	GroupIterations                  GroupIterationsServiceInterface
 	GroupLabels                      GroupLabelsServiceInterface
+	GroupMarkdownUploads             GroupMarkdownUploadsServiceInterface
 	GroupMembers                     GroupMembersServiceInterface
 	GroupMilestones                  GroupMilestonesServiceInterface
 	GroupProtectedEnvironments       GroupProtectedEnvironmentsServiceInterface
@@ -176,7 +185,6 @@ type Client struct {
 	Labels                           LabelsServiceInterface
 	License                          LicenseServiceInterface
 	LicenseTemplates                 LicenseTemplatesServiceInterface
-	ManagedLicenses                  ManagedLicensesServiceInterface
 	Markdown                         MarkdownServiceInterface
 	MemberRolesService               MemberRolesServiceInterface
 	MergeRequestApprovals            MergeRequestApprovalsServiceInterface
@@ -236,6 +244,7 @@ type Client struct {
 	Snippets                         SnippetsServiceInterface
 	SystemHooks                      SystemHooksServiceInterface
 	Tags                             TagsServiceInterface
+	TerraformStates                  TerraformStatesServiceInterface
 	Todos                            TodosServiceInterface
 	Topics                           TopicsServiceInterface
 	UsageData                        UsageDataServiceInterface
@@ -270,56 +279,68 @@ type RateLimiter interface {
 // NewClient returns a new GitLab API client. To use API methods which require
 // authentication, provide a valid private or personal token.
 func NewClient(token string, options ...ClientOptionFunc) (*Client, error) {
-	client, err := newClient(options...)
-	if err != nil {
-		return nil, err
+	as := staticAuthSource{
+		token:    token,
+		authType: PrivateToken,
 	}
-	client.authType = PrivateToken
-	client.token = token
-	return client, nil
+
+	return NewAuthSourceClient(as, options...)
 }
 
-// NewBasicAuthClient returns a new GitLab API client. To use API methods which
-// require authentication, provide a valid username and password.
+// NewBasicAuthClient returns a new GitLab API client using the OAuth 2.0 Resource Owner Password Credentials flow.
+// The provided username and password are used to obtain an OAuth access token
+// from GitLab's token endpoint on the first API request. The token is then
+// cached, reused for subsequent requests, and refreshed when expired.
+//
+// The Resource Owner Password Credentials flow is only suitable for trusted,
+// first-party applications and does not work for users who have two-factor
+// authentication enabled.
+//
+// Note: This method uses OAuth tokens with Bearer authentication, not HTTP Basic Auth.
+//
+// Deprecated: GitLab recommends against using this authentication method.
 func NewBasicAuthClient(username, password string, options ...ClientOptionFunc) (*Client, error) {
-	client, err := newClient(options...)
-	if err != nil {
-		return nil, err
+	as := &passwordCredentialsAuthSource{
+		username: username,
+		password: password,
 	}
 
-	client.authType = BasicAuth
-	client.username = username
-	client.password = password
-
-	return client, nil
+	return NewAuthSourceClient(as, options...)
 }
 
 // NewJobClient returns a new GitLab API client. To use API methods which require
 // authentication, provide a valid job token.
 func NewJobClient(token string, options ...ClientOptionFunc) (*Client, error) {
-	client, err := newClient(options...)
-	if err != nil {
-		return nil, err
+	as := staticAuthSource{
+		token:    token,
+		authType: JobToken,
 	}
-	client.authType = JobToken
-	client.token = token
-	return client, nil
+
+	return NewAuthSourceClient(as, options...)
 }
 
-// NewOAuthClient returns a new GitLab API client. To use API methods which
-// require authentication, provide a valid oauth token.
+// NewOAuthClient returns a new GitLab API client using a static OAuth bearer token for authentication.
+//
+// Deprecated: use NewAuthSourceClient with a StaticTokenSource instead. For example:
+//
+//	ts := oauth2.StaticTokenSource(
+//	    &oauth2.Token{AccessToken: "YOUR STATIC TOKEN"},
+//	)
+//	c, err := gitlab.NewAuthSourceClient(gitlab.OAuthTokenSource{ts})
 func NewOAuthClient(token string, options ...ClientOptionFunc) (*Client, error) {
-	client, err := newClient(options...)
-	if err != nil {
-		return nil, err
+	as := OAuthTokenSource{
+		TokenSource: oauth2.StaticTokenSource(&oauth2.Token{AccessToken: token}),
 	}
-	client.authType = OAuthToken
-	client.token = token
-	return client, nil
+
+	return NewAuthSourceClient(as, options...)
 }
 
-func newClient(options ...ClientOptionFunc) (*Client, error) {
-	c := &Client{UserAgent: userAgent}
+// NewAuthSourceClient returns a new GitLab API client that uses the AuthSouce for authentication.
+func NewAuthSourceClient(as AuthSource, options ...ClientOptionFunc) (*Client, error) {
+	c := &Client{
+		UserAgent:  userAgent,
+		authSource: as,
+	}
 
 	// Configure the HTTP client.
 	c.client = &retryablehttp.Client{
@@ -356,10 +377,15 @@ func newClient(options ...ClientOptionFunc) (*Client, error) {
 	// Create the internal timeStats service.
 	timeStats := &timeStatsService{client: c}
 
+	// GraphQL interface
+	c.GraphQL = &GraphQL{client: c}
+
 	// Create all the public services.
 	c.AccessRequests = &AccessRequestsService{client: c}
+	c.AlertManagement = &AlertManagementService{client: c}
 	c.Appearance = &AppearanceService{client: c}
 	c.Applications = &ApplicationsService{client: c}
+	c.ApplicationStatistics = &ApplicationStatisticsService{client: c}
 	c.AuditEvents = &AuditEventsService{client: c}
 	c.Avatar = &AvatarRequestsService{client: c}
 	c.AwardEmoji = &AwardEmojiService{client: c}
@@ -373,7 +399,10 @@ func newClient(options ...ClientOptionFunc) (*Client, error) {
 	c.ContainerRegistry = &ContainerRegistryService{client: c}
 	c.ContainerRegistryProtectionRules = &ContainerRegistryProtectionRulesService{client: c}
 	c.CustomAttribute = &CustomAttributesService{client: c}
+	c.DatabaseMigrations = &DatabaseMigrationsService{client: c}
+	c.Dependencies = &DependenciesService{client: c}
 	c.DependencyListExport = &DependencyListExportService{client: c}
+	c.DependencyProxy = &DependencyProxyService{client: c}
 	c.DeployKeys = &DeployKeysService{client: c}
 	c.DeployTokens = &DeployTokensService{client: c}
 	c.DeploymentMergeRequests = &DeploymentMergeRequestsService{client: c}
@@ -382,18 +411,22 @@ func newClient(options ...ClientOptionFunc) (*Client, error) {
 	c.DockerfileTemplate = &DockerfileTemplatesService{client: c}
 	c.DORAMetrics = &DORAMetricsService{client: c}
 	c.DraftNotes = &DraftNotesService{client: c}
+	c.EnterpriseUsers = &EnterpriseUsersService{client: c}
 	c.Environments = &EnvironmentsService{client: c}
 	c.EpicIssues = &EpicIssuesService{client: c}
 	c.Epics = &EpicsService{client: c}
 	c.ErrorTracking = &ErrorTrackingService{client: c}
 	c.Events = &EventsService{client: c}
 	c.ExternalStatusChecks = &ExternalStatusChecksService{client: c}
+	c.FeatureFlagUserLists = &FeatureFlagUserListsService{client: c}
 	c.Features = &FeaturesService{client: c}
 	c.FreezePeriods = &FreezePeriodsService{client: c}
 	c.GenericPackages = &GenericPackagesService{client: c}
 	c.GeoNodes = &GeoNodesService{client: c}
+	c.GeoSites = &GeoSitesService{client: c}
 	c.GitIgnoreTemplates = &GitIgnoreTemplatesService{client: c}
 	c.GroupAccessTokens = &GroupAccessTokensService{client: c}
+	c.GroupActivityAnalytics = &GroupActivityAnalyticsService{client: c}
 	c.GroupBadges = &GroupBadgesService{client: c}
 	c.GroupCluster = &GroupClustersService{client: c}
 	c.GroupEpicBoards = &GroupEpicBoardsService{client: c}
@@ -401,6 +434,7 @@ func newClient(options ...ClientOptionFunc) (*Client, error) {
 	c.GroupIssueBoards = &GroupIssueBoardsService{client: c}
 	c.GroupIterations = &GroupIterationsService{client: c}
 	c.GroupLabels = &GroupLabelsService{client: c}
+	c.GroupMarkdownUploads = &GroupMarkdownUploadsService{client: c}
 	c.GroupMembers = &GroupMembersService{client: c}
 	c.GroupMilestones = &GroupMilestonesService{client: c}
 	c.GroupProtectedEnvironments = &GroupProtectedEnvironmentsService{client: c}
@@ -425,7 +459,6 @@ func newClient(options ...ClientOptionFunc) (*Client, error) {
 	c.Labels = &LabelsService{client: c}
 	c.License = &LicenseService{client: c}
 	c.LicenseTemplates = &LicenseTemplatesService{client: c}
-	c.ManagedLicenses = &ManagedLicensesService{client: c}
 	c.Markdown = &MarkdownService{client: c}
 	c.MemberRolesService = &MemberRolesService{client: c}
 	c.MergeRequestApprovals = &MergeRequestApprovalsService{client: c}
@@ -485,6 +518,7 @@ func newClient(options ...ClientOptionFunc) (*Client, error) {
 	c.SnippetRepositoryStorageMove = &SnippetRepositoryStorageMoveService{client: c}
 	c.SystemHooks = &SystemHooksService{client: c}
 	c.Tags = &TagsService{client: c}
+	c.TerraformStates = &TerraformStatesService{client: c}
 	c.Todos = &TodosService{client: c}
 	c.Topics = &TopicsService{client: c}
 	c.UsageData = &UsageDataService{client: c}
@@ -623,7 +657,7 @@ func (c *Client) setBaseURL(urlStr string) error {
 // Relative URL paths should always be specified without a preceding slash.
 // If specified, the value pointed to by body is JSON encoded and included
 // as the request body.
-func (c *Client) NewRequest(method, path string, opt interface{}, options []RequestOptionFunc) (*retryablehttp.Request, error) {
+func (c *Client) NewRequest(method, path string, opt any, options []RequestOptionFunc) (*retryablehttp.Request, error) {
 	u := *c.baseURL
 	unescaped, err := url.PathUnescape(path)
 	if err != nil {
@@ -642,7 +676,7 @@ func (c *Client) NewRequest(method, path string, opt interface{}, options []Requ
 		reqHeaders.Set("User-Agent", c.UserAgent)
 	}
 
-	var body interface{}
+	var body any
 	switch {
 	case method == http.MethodPatch || method == http.MethodPost || method == http.MethodPut:
 		reqHeaders.Set("Content-Type", "application/json")
@@ -676,9 +710,7 @@ func (c *Client) NewRequest(method, path string, opt interface{}, options []Requ
 	}
 
 	// Set the request specific headers.
-	for k, v := range reqHeaders {
-		req.Header[k] = v
-	}
+	maps.Copy(req.Header, reqHeaders)
 
 	return req, nil
 }
@@ -688,7 +720,7 @@ func (c *Client) NewRequest(method, path string, opt interface{}, options []Requ
 // URL of the Client. Relative URL paths should always be specified without
 // a preceding slash. If specified, the value pointed to by body is JSON
 // encoded and included as the request body.
-func (c *Client) UploadRequest(method, path string, content io.Reader, filename string, uploadType UploadType, opt interface{}, options []RequestOptionFunc) (*retryablehttp.Request, error) {
+func (c *Client) UploadRequest(method, path string, content io.Reader, filename string, uploadType UploadType, opt any, options []RequestOptionFunc) (*retryablehttp.Request, error) {
 	u := *c.baseURL
 	unescaped, err := url.PathUnescape(path)
 	if err != nil {
@@ -752,9 +784,7 @@ func (c *Client) UploadRequest(method, path string, content io.Reader, filename
 	}
 
 	// Set the request specific headers.
-	for k, v := range reqHeaders {
-		req.Header[k] = v
-	}
+	maps.Copy(req.Header, reqHeaders)
 
 	return req, nil
 }
@@ -857,58 +887,45 @@ func (r *Response) populateLinkValues() {
 // error if an API error has occurred. If v implements the io.Writer
 // interface, the raw response body will be written to v, without attempting to
 // first decode it.
-func (c *Client) Do(req *retryablehttp.Request, v interface{}) (*Response, error) {
+func (c *Client) Do(req *retryablehttp.Request, v any) (*Response, error) {
 	// Wait will block until the limiter can obtain a new token.
 	err := c.limiter.Wait(req.Context())
 	if err != nil {
 		return nil, err
 	}
 
-	// Set the correct authentication header. If using basic auth, then check
-	// if we already have a token and if not first authenticate and get one.
-	var basicAuthToken string
-	switch c.authType {
-	case BasicAuth:
-		c.tokenLock.RLock()
-		basicAuthToken = c.token
-		c.tokenLock.RUnlock()
-		if basicAuthToken == "" {
-			// If we don't have a token yet, we first need to request one.
-			basicAuthToken, err = c.requestOAuthToken(req.Context(), basicAuthToken)
-			if err != nil {
-				return nil, err
-			}
-		}
-		req.Header.Set("Authorization", "Bearer "+basicAuthToken)
-	case JobToken:
-		if values := req.Header.Values("JOB-TOKEN"); len(values) == 0 {
-			req.Header.Set("JOB-TOKEN", c.token)
-		}
-	case OAuthToken:
-		if values := req.Header.Values("Authorization"); len(values) == 0 {
-			req.Header.Set("Authorization", "Bearer "+c.token)
-		}
-	case PrivateToken:
-		if values := req.Header.Values("PRIVATE-TOKEN"); len(values) == 0 {
-			req.Header.Set("PRIVATE-TOKEN", c.token)
-		}
+	c.authSourceInit.Do(func() {
+		err = c.authSource.Init(req.Context(), c)
+	})
+	if err != nil {
+		return nil, fmt.Errorf("initializing token source failed: %w", err)
 	}
 
-	resp, err := c.client.Do(req)
+	authKey, authValue, err := c.authSource.Header(req.Context())
 	if err != nil {
 		return nil, err
 	}
 
-	if resp.StatusCode == http.StatusUnauthorized && c.authType == BasicAuth {
-		resp.Body.Close()
-		// The token most likely expired, so we need to request a new one and try again.
-		if _, err := c.requestOAuthToken(req.Context(), basicAuthToken); err != nil {
-			return nil, err
-		}
-		return c.Do(req, v)
+	if v := req.Header.Values(authKey); len(v) == 0 {
+		req.Header.Set(authKey, authValue)
 	}
-	defer resp.Body.Close()
-	defer io.Copy(io.Discard, resp.Body)
+
+	client := c.client
+
+	if cr := checkRetryFromContext(req.Context()); cr != nil {
+		// for avoid overwriting c.client. Use copy of c.client and apply checkRetry from request context
+		client = c.newRetryableHTTPClientWithRetryCheck(cr)
+	}
+
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+
+	defer func() {
+		io.Copy(io.Discard, resp.Body)
+		resp.Body.Close()
+	}()
 
 	// If not yet configured, try to configure the rate limiter
 	// using the response headers we just received. Fail silently
@@ -935,42 +952,32 @@ func (c *Client) Do(req *retryablehttp.Request, v interface{}) (*Response, error
 	return response, err
 }
 
-func (c *Client) requestOAuthToken(ctx context.Context, token string) (string, error) {
-	c.tokenLock.Lock()
-	defer c.tokenLock.Unlock()
-
-	// Return early if the token was updated while waiting for the lock.
-	if c.token != token {
-		return c.token, nil
-	}
+func (c *Client) endpoint() oauth2.Endpoint {
+	baseURL := strings.TrimSuffix(c.baseURL.String(), apiVersionPath)
 
-	config := &oauth2.Config{
-		Endpoint: oauth2.Endpoint{
-			AuthURL:  strings.TrimSuffix(c.baseURL.String(), apiVersionPath) + "oauth/authorize",
-			TokenURL: strings.TrimSuffix(c.baseURL.String(), apiVersionPath) + "oauth/token",
-		},
+	return oauth2.Endpoint{
+		AuthURL:       baseURL + "oauth/authorize",
+		TokenURL:      baseURL + "oauth/token",
+		DeviceAuthURL: baseURL + "oauth/authorize_device",
 	}
-
-	ctx = context.WithValue(ctx, oauth2.HTTPClient, c.client.HTTPClient)
-	t, err := config.PasswordCredentialsToken(ctx, c.username, c.password)
-	if err != nil {
-		return "", err
-	}
-	c.token = t.AccessToken
-
-	return c.token, nil
 }
 
+// ErrInvalidIDType is returned when a function expecting an ID as either an integer
+// or string receives a different type. This error commonly occurs when working with
+// GitLab resources like groups and projects which support both numeric IDs and
+// path-based string identifiers.
+var ErrInvalidIDType = errors.New("the ID must be an int or a string")
+
 // Helper function to accept and format both the project ID or name as project
 // identifier for all API calls.
-func parseID(id interface{}) (string, error) {
+func parseID(id any) (string, error) {
 	switch v := id.(type) {
 	case int:
 		return strconv.Itoa(v), nil
 	case string:
 		return v, nil
 	default:
-		return "", fmt.Errorf("invalid ID type %#v, the ID must be an int or a string", id)
+		return "", fmt.Errorf("invalid ID type %#v, %w", id, ErrInvalidIDType)
 	}
 }
 
@@ -990,7 +997,10 @@ type ErrorResponse struct {
 }
 
 func (e *ErrorResponse) Error() string {
-	path, _ := url.QueryUnescape(e.Response.Request.URL.Path)
+	path := e.Response.Request.URL.RawPath
+	if path == "" {
+		path = e.Response.Request.URL.Path
+	}
 	url := fmt.Sprintf("%s://%s%s", e.Response.Request.URL.Scheme, e.Response.Request.URL.Host, path)
 
 	if e.Message == "" {
@@ -1015,7 +1025,7 @@ func CheckResponse(r *http.Response) error {
 	if err == nil && strings.TrimSpace(string(data)) != "" {
 		errorResponse.Body = data
 
-		var raw interface{}
+		var raw any
 		if err := json.Unmarshal(data, &raw); err != nil {
 			errorResponse.Message = fmt.Sprintf("failed to parse unknown error format: %s", data)
 		} else {
@@ -1045,19 +1055,19 @@ func CheckResponse(r *http.Response) error {
 //	    },
 //	    "error": "<error-message>"
 //	}
-func parseError(raw interface{}) string {
+func parseError(raw any) string {
 	switch raw := raw.(type) {
 	case string:
 		return raw
 
-	case []interface{}:
+	case []any:
 		var errs []string
 		for _, v := range raw {
 			errs = append(errs, parseError(v))
 		}
 		return fmt.Sprintf("[%s]", strings.Join(errs, ", "))
 
-	case map[string]interface{}:
+	case map[string]any:
 		var errs []string
 		for k, v := range raw {
 			errs = append(errs, fmt.Sprintf("{%s: %s}", k, parseError(v)))
@@ -1069,3 +1079,99 @@ func parseError(raw interface{}) string {
 		return fmt.Sprintf("failed to parse unexpected error type: %T", raw)
 	}
 }
+
+// newRetryableHTTPClientWithRetryCheck returns a `retryablehttp.Client` clone of itself with the given CheckRetry function
+func (c *Client) newRetryableHTTPClientWithRetryCheck(cr retryablehttp.CheckRetry) *retryablehttp.Client {
+	return &retryablehttp.Client{
+		HTTPClient:     c.client.HTTPClient,
+		Logger:         c.client.Logger,
+		RetryWaitMin:   c.client.RetryWaitMin,
+		RetryWaitMax:   c.client.RetryWaitMax,
+		RetryMax:       c.client.RetryMax,
+		RequestLogHook: c.client.RequestLogHook,
+		CheckRetry:     cr,
+		Backoff:        c.client.Backoff,
+		ErrorHandler:   c.client.ErrorHandler,
+		PrepareRetry:   c.client.PrepareRetry,
+	}
+}
+
+// AuthSource is used to obtain access tokens.
+type AuthSource interface {
+	// Init is called once before making any requests.
+	// If the token source needs access to client to initialize itself, it should do so here.
+	Init(context.Context, *Client) error
+
+	// Header returns an authentication header. When no error is returned, the
+	// key and value should never be empty.
+	Header(ctx context.Context) (key, value string, err error)
+}
+
+// OAuthTokenSource wraps an oauth2.TokenSource to implement the AuthSource interface.
+type OAuthTokenSource struct {
+	TokenSource oauth2.TokenSource
+}
+
+func (OAuthTokenSource) Init(context.Context, *Client) error {
+	return nil
+}
+
+func (as OAuthTokenSource) Header(_ context.Context) (string, string, error) {
+	t, err := as.TokenSource.Token()
+	if err != nil {
+		return "", "", err
+	}
+
+	return "Authorization", "Bearer " + t.AccessToken, nil
+}
+
+// staticAuthSource implements the AuthSource interface for static tokens.
+type staticAuthSource struct {
+	token    string
+	authType AuthType
+}
+
+func (staticAuthSource) Init(context.Context, *Client) error {
+	return nil
+}
+
+func (as staticAuthSource) Header(_ context.Context) (string, string, error) {
+	switch as.authType {
+	case PrivateToken:
+		return "PRIVATE-TOKEN", as.token, nil
+
+	case JobToken:
+		return "JOB-TOKEN", as.token, nil
+
+	default:
+		return "", "", fmt.Errorf("invalid auth type: %v", as.authType)
+	}
+}
+
+// passwordTokenSource implements the AuthSource interface for the OAuth 2.0
+// resource owner password credentials flow.
+type passwordCredentialsAuthSource struct {
+	username string
+	password string
+
+	AuthSource
+}
+
+func (as *passwordCredentialsAuthSource) Init(ctx context.Context, client *Client) error {
+	ctx = context.WithValue(ctx, oauth2.HTTPClient, client.client.HTTPClient)
+
+	config := &oauth2.Config{
+		Endpoint: client.endpoint(),
+	}
+
+	pct, err := config.PasswordCredentialsToken(ctx, as.username, as.password)
+	if err != nil {
+		return fmt.Errorf("PasswordCredentialsToken(%q, ******): %w", as.username, err)
+	}
+
+	as.AuthSource = OAuthTokenSource{
+		config.TokenSource(ctx, pct),
+	}
+
+	return nil
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/graphql.go b/vendor/gitlab.com/gitlab-org/api/client-go/graphql.go
new file mode 100644
index 0000000000..41c64d0692
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/graphql.go
@@ -0,0 +1,101 @@
+package gitlab
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"strings"
+)
+
+const (
+	// GraphQLAPIEndpoint defines the endpoint URI for the GraphQL backend
+	GraphQLAPIEndpoint = "/api/graphql"
+)
+
+type (
+	GraphQLInterface interface {
+		Do(query GraphQLQuery, response any, options ...RequestOptionFunc) (*Response, error)
+	}
+
+	GraphQL struct {
+		client *Client
+	}
+
+	GraphQLQuery struct {
+		Query string `json:"query"`
+	}
+
+	GenericGraphQLErrors struct {
+		Errors []struct {
+			Message string `json:"message"`
+		} `json:"errors"`
+	}
+
+	GraphQLResponseError struct {
+		Err    error
+		Errors GenericGraphQLErrors
+	}
+)
+
+var _ GraphQLInterface = (*GraphQL)(nil)
+
+func (e *GraphQLResponseError) Error() string {
+	if len(e.Errors.Errors) == 0 {
+		return fmt.Sprintf("%s (no additional error messages)", e.Err)
+	}
+
+	var sb strings.Builder
+	sb.WriteString(e.Err.Error())
+	sb.WriteString(" (GraphQL errors: ")
+
+	for i, err := range e.Errors.Errors {
+		if i > 0 {
+			sb.WriteString(", ")
+		}
+		sb.WriteString(err.Message)
+	}
+	sb.WriteString(")")
+
+	return sb.String()
+}
+
+// Do sends a GraphQL query and returns the response in the given response argument
+// The response must be JSON serializable. The *Response return value is the HTTP response
+// and must be used to retrieve additional HTTP information, like status codes and also
+// error messages from failed queries.
+//
+// Example:
+//
+//	var response struct {
+//		Data struct {
+//			Project struct {
+//				ID string `json:"id"`
+//			} `json:"project"`
+//		} `json:"data"`
+//	}
+//	_, err := client.GraphQL.Do(GraphQLQuery{Query: `query { project(fullPath: "gitlab-org/gitlab") { id } }`}, &response, gitlab.WithContext(ctx))
+//
+// Attention: This API is experimental and may be subject to breaking changes to improve the API in the future.
+func (g *GraphQL) Do(query GraphQLQuery, response any, options ...RequestOptionFunc) (*Response, error) {
+	request, err := g.client.NewRequest(http.MethodPost, "", query, options)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create GraphQL request: %w", err)
+	}
+	// Overwrite the path of the existing request, as otherwise client-go appends /api/v4 instead.
+	request.URL.Path = GraphQLAPIEndpoint
+	resp, err := g.client.Do(request, response)
+	if err != nil {
+		// return error, details can be read from Response
+		if errResp, ok := err.(*ErrorResponse); ok { //nolint: errorlint
+			var v GenericGraphQLErrors
+			if json.Unmarshal(errResp.Body, &v) == nil {
+				return resp, &GraphQLResponseError{
+					Err:    err,
+					Errors: v,
+				}
+			}
+		}
+		return resp, fmt.Errorf("failed to execute GraphQL query: %w", err)
+	}
+	return resp, nil
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_access_tokens.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_access_tokens.go
index 6af38c1c72..08946643da 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_access_tokens.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_access_tokens.go
@@ -24,12 +24,12 @@ import (
 type (
 	// GroupAccessTokensServiceInterface defines all the API methods for the GroupAccessTokensService
 	GroupAccessTokensServiceInterface interface {
-		ListGroupAccessTokens(gid interface{}, opt *ListGroupAccessTokensOptions, options ...RequestOptionFunc) ([]*GroupAccessToken, *Response, error)
-		GetGroupAccessToken(gid interface{}, id int, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error)
-		CreateGroupAccessToken(gid interface{}, opt *CreateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error)
-		RotateGroupAccessToken(gid interface{}, id int, opt *RotateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error)
-		RotateGroupAccessTokenSelf(gid interface{}, opt *RotateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error)
-		RevokeGroupAccessToken(gid interface{}, id int, options ...RequestOptionFunc) (*Response, error)
+		ListGroupAccessTokens(gid any, opt *ListGroupAccessTokensOptions, options ...RequestOptionFunc) ([]*GroupAccessToken, *Response, error)
+		GetGroupAccessToken(gid any, id int, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error)
+		CreateGroupAccessToken(gid any, opt *CreateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error)
+		RotateGroupAccessToken(gid any, id int, opt *RotateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error)
+		RotateGroupAccessTokenSelf(gid any, opt *RotateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error)
+		RevokeGroupAccessToken(gid any, id int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupAccessTokensService handles communication with the
@@ -55,17 +55,26 @@ func (v GroupAccessToken) String() string {
 }
 
 // ListGroupAccessTokensOptions represents the available options for
-// listing variables in a group.
+// listing access tokens in a group.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_access_tokens/#list-all-group-access-tokens
-type ListGroupAccessTokensOptions ListOptions
+type ListGroupAccessTokensOptions struct {
+	ListOptions
+	CreatedAfter   *ISOTime          `url:"created_after,omitempty" json:"created_after,omitempty"`
+	CreatedBefore  *ISOTime          `url:"created_before,omitempty" json:"created_before,omitempty"`
+	LastUsedAfter  *ISOTime          `url:"last_used_after,omitempty" json:"last_used_after,omitempty"`
+	LastUsedBefore *ISOTime          `url:"last_used_before,omitempty" json:"last_used_before,omitempty"`
+	Revoked        *bool             `url:"revoked,omitempty" json:"revoked,omitempty"`
+	Search         *string           `url:"search,omitempty" json:"search,omitempty"`
+	State          *AccessTokenState `url:"state,omitempty" json:"state,omitempty"`
+}
 
 // ListGroupAccessTokens gets a list of all group access tokens in a group.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_access_tokens/#list-all-group-access-tokens
-func (s *GroupAccessTokensService) ListGroupAccessTokens(gid interface{}, opt *ListGroupAccessTokensOptions, options ...RequestOptionFunc) ([]*GroupAccessToken, *Response, error) {
+func (s *GroupAccessTokensService) ListGroupAccessTokens(gid any, opt *ListGroupAccessTokensOptions, options ...RequestOptionFunc) ([]*GroupAccessToken, *Response, error) {
 	groups, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -90,7 +99,7 @@ func (s *GroupAccessTokensService) ListGroupAccessTokens(gid interface{}, opt *L
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_access_tokens/#get-details-on-a-group-access-token
-func (s *GroupAccessTokensService) GetGroupAccessToken(gid interface{}, id int, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error) {
+func (s *GroupAccessTokensService) GetGroupAccessToken(gid any, id int, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error) {
 	groups, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -128,7 +137,7 @@ type CreateGroupAccessTokenOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_access_tokens/#create-a-group-access-token
-func (s *GroupAccessTokensService) CreateGroupAccessToken(gid interface{}, opt *CreateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error) {
+func (s *GroupAccessTokensService) CreateGroupAccessToken(gid any, opt *CreateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error) {
 	groups, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -163,7 +172,7 @@ type RotateGroupAccessTokenOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_access_tokens/#rotate-a-group-access-token
-func (s *GroupAccessTokensService) RotateGroupAccessToken(gid interface{}, id int, opt *RotateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error) {
+func (s *GroupAccessTokensService) RotateGroupAccessToken(gid any, id int, opt *RotateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error) {
 	groups, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -188,7 +197,7 @@ func (s *GroupAccessTokensService) RotateGroupAccessToken(gid interface{}, id in
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_access_tokens/#self-rotate
-func (s *GroupAccessTokensService) RotateGroupAccessTokenSelf(gid interface{}, opt *RotateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error) {
+func (s *GroupAccessTokensService) RotateGroupAccessTokenSelf(gid any, opt *RotateGroupAccessTokenOptions, options ...RequestOptionFunc) (*GroupAccessToken, *Response, error) {
 	groups, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -212,7 +221,7 @@ func (s *GroupAccessTokensService) RotateGroupAccessTokenSelf(gid interface{}, o
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_access_tokens/#revoke-a-group-access-token
-func (s *GroupAccessTokensService) RevokeGroupAccessToken(gid interface{}, id int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupAccessTokensService) RevokeGroupAccessToken(gid any, id int, options ...RequestOptionFunc) (*Response, error) {
 	groups, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_activity_analytics.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_activity_analytics.go
new file mode 100644
index 0000000000..9824f4d63b
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_activity_analytics.go
@@ -0,0 +1,148 @@
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import "net/http"
+
+type (
+	GroupActivityAnalyticsServiceInterface interface {
+		GetRecentlyCreatedIssuesCount(opt *GetRecentlyCreatedIssuesCountOptions, options ...RequestOptionFunc) (*IssuesCount, *Response, error)
+		GetRecentlyCreatedMergeRequestsCount(opt *GetRecentlyCreatedMergeRequestsCountOptions, options ...RequestOptionFunc) (*MergeRequestsCount, *Response, error)
+		GetRecentlyAddedMembersCount(opt *GetRecentlyAddedMembersCountOptions, options ...RequestOptionFunc) (*NewMembersCount, *Response, error)
+	}
+
+	// GroupActivityAnalyticsService handles communication with the group activity
+	// analytics related methods of the GitLab API.
+	//
+	// GitLab API docs: https://docs.gitlab.com/api/group_activity_analytics/
+	GroupActivityAnalyticsService struct {
+		client *Client
+	}
+)
+
+var _ GroupActivityAnalyticsServiceInterface = (*GroupActivityAnalyticsService)(nil)
+
+// IssuesCount represents the total count of recently created issues in a group.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_activity_analytics/#get-count-of-recently-created-issues-for-group
+type IssuesCount struct {
+	IssuesCount int `url:"issues_count" json:"issues_count"`
+}
+
+// GetRecentlyCreatedIssuesCountOptions represents the available
+// GetRecentlyCreatedIssuesCount() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_activity_analytics/#get-count-of-recently-created-issues-for-group
+type GetRecentlyCreatedIssuesCountOptions struct {
+	GroupPath string `url:"group_path" json:"group_path"`
+}
+
+// GetRecentlyCreatedIssuesCount gets the count of recently created issues for a group.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_activity_analytics/#get-count-of-recently-created-issues-for-group
+func (s *GroupActivityAnalyticsService) GetRecentlyCreatedIssuesCount(opt *GetRecentlyCreatedIssuesCountOptions, options ...RequestOptionFunc) (*IssuesCount, *Response, error) {
+	u := "analytics/group_activity/issues_count"
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	res := new(IssuesCount)
+	resp, err := s.client.Do(req, res)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return res, resp, nil
+}
+
+// MergeRequestsCount represents the total count of recently created merge requests
+// in a group.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_activity_analytics/#get-count-of-recently-created-merge-requests-for-group
+type MergeRequestsCount struct {
+	MergeRequestsCount int `url:"merge_requests_count" json:"merge_requests_count"`
+}
+
+// GetRecentlyCreatedMergeRequestsCountOptions represents the available
+// GetRecentlyCreatedMergeRequestsCount() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_activity_analytics/#get-count-of-recently-created-merge-requests-for-group
+type GetRecentlyCreatedMergeRequestsCountOptions struct {
+	GroupPath string `url:"group_path" json:"group_path"`
+}
+
+// GetRecentlyCreatedMergeRequestsCount gets the count of recently created merge
+// requests for a group.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_activity_analytics/#get-count-of-recently-created-merge-requests-for-group
+func (s *GroupActivityAnalyticsService) GetRecentlyCreatedMergeRequestsCount(opt *GetRecentlyCreatedMergeRequestsCountOptions, options ...RequestOptionFunc) (*MergeRequestsCount, *Response, error) {
+	u := "analytics/group_activity/merge_requests_count"
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	res := new(MergeRequestsCount)
+	resp, err := s.client.Do(req, res)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return res, resp, nil
+}
+
+// NewMembersCount represents the total count of recently added members to a group.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_activity_analytics/#get-count-of-members-recently-added-to-group
+type NewMembersCount struct {
+	NewMembersCount int `url:"new_members_count" json:"new_members_count"`
+}
+
+// GetRecentlyAddedMembersCountOptions represents the available
+// GetRecentlyAddedMembersCount() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_activity_analytics/#get-count-of-members-recently-added-to-group
+type GetRecentlyAddedMembersCountOptions struct {
+	GroupPath string `url:"group_path" json:"group_path"`
+}
+
+// GetRecentlyAddedMembersCount gets the count of recently added members to a group.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_activity_analytics/#get-count-of-members-recently-added-to-group
+func (s *GroupActivityAnalyticsService) GetRecentlyAddedMembersCount(opt *GetRecentlyAddedMembersCountOptions, options ...RequestOptionFunc) (*NewMembersCount, *Response, error) {
+	u := "analytics/group_activity/new_members_count"
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	res := new(NewMembersCount)
+	resp, err := s.client.Do(req, res)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return res, resp, nil
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_badges.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_badges.go
index db6887b208..b56c582648 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_badges.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_badges.go
@@ -24,12 +24,12 @@ import (
 type (
 	// GroupBadgesServiceInterface defines all the API methods for the GroupBadgesService
 	GroupBadgesServiceInterface interface {
-		ListGroupBadges(gid interface{}, opt *ListGroupBadgesOptions, options ...RequestOptionFunc) ([]*GroupBadge, *Response, error)
-		GetGroupBadge(gid interface{}, badge int, options ...RequestOptionFunc) (*GroupBadge, *Response, error)
-		AddGroupBadge(gid interface{}, opt *AddGroupBadgeOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error)
-		EditGroupBadge(gid interface{}, badge int, opt *EditGroupBadgeOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error)
-		DeleteGroupBadge(gid interface{}, badge int, options ...RequestOptionFunc) (*Response, error)
-		PreviewGroupBadge(gid interface{}, opt *GroupBadgePreviewOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error)
+		ListGroupBadges(gid any, opt *ListGroupBadgesOptions, options ...RequestOptionFunc) ([]*GroupBadge, *Response, error)
+		GetGroupBadge(gid any, badge int, options ...RequestOptionFunc) (*GroupBadge, *Response, error)
+		AddGroupBadge(gid any, opt *AddGroupBadgeOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error)
+		EditGroupBadge(gid any, badge int, opt *EditGroupBadgeOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error)
+		DeleteGroupBadge(gid any, badge int, options ...RequestOptionFunc) (*Response, error)
+		PreviewGroupBadge(gid any, opt *GroupBadgePreviewOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error)
 	}
 
 	// GroupBadgesService handles communication with the group badges
@@ -79,7 +79,7 @@ type ListGroupBadgesOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_badges/#list-all-badges-of-a-group
-func (s *GroupBadgesService) ListGroupBadges(gid interface{}, opt *ListGroupBadgesOptions, options ...RequestOptionFunc) ([]*GroupBadge, *Response, error) {
+func (s *GroupBadgesService) ListGroupBadges(gid any, opt *ListGroupBadgesOptions, options ...RequestOptionFunc) ([]*GroupBadge, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -104,7 +104,7 @@ func (s *GroupBadgesService) ListGroupBadges(gid interface{}, opt *ListGroupBadg
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_badges/#get-a-badge-of-a-group
-func (s *GroupBadgesService) GetGroupBadge(gid interface{}, badge int, options ...RequestOptionFunc) (*GroupBadge, *Response, error) {
+func (s *GroupBadgesService) GetGroupBadge(gid any, badge int, options ...RequestOptionFunc) (*GroupBadge, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -139,7 +139,7 @@ type AddGroupBadgeOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_badges/#add-a-badge-to-a-group
-func (s *GroupBadgesService) AddGroupBadge(gid interface{}, opt *AddGroupBadgeOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error) {
+func (s *GroupBadgesService) AddGroupBadge(gid any, opt *AddGroupBadgeOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -174,7 +174,7 @@ type EditGroupBadgeOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_badges/#edit-a-badge-of-a-group
-func (s *GroupBadgesService) EditGroupBadge(gid interface{}, badge int, opt *EditGroupBadgeOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error) {
+func (s *GroupBadgesService) EditGroupBadge(gid any, badge int, opt *EditGroupBadgeOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -199,7 +199,7 @@ func (s *GroupBadgesService) EditGroupBadge(gid interface{}, badge int, opt *Edi
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_badges/#remove-a-badge-from-a-group
-func (s *GroupBadgesService) DeleteGroupBadge(gid interface{}, badge int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupBadgesService) DeleteGroupBadge(gid any, badge int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -229,7 +229,7 @@ type GroupBadgePreviewOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_badges/#preview-a-badge-from-a-group
-func (s *GroupBadgesService) PreviewGroupBadge(gid interface{}, opt *GroupBadgePreviewOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error) {
+func (s *GroupBadgesService) PreviewGroupBadge(gid any, opt *GroupBadgePreviewOptions, options ...RequestOptionFunc) (*GroupBadge, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_boards.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_boards.go
index 97dc296a4d..c5d7e77d22 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_boards.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_boards.go
@@ -23,16 +23,16 @@ import (
 
 type (
 	GroupIssueBoardsServiceInterface interface {
-		ListGroupIssueBoards(gid interface{}, opt *ListGroupIssueBoardsOptions, options ...RequestOptionFunc) ([]*GroupIssueBoard, *Response, error)
-		CreateGroupIssueBoard(gid interface{}, opt *CreateGroupIssueBoardOptions, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error)
-		GetGroupIssueBoard(gid interface{}, board int, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error)
-		UpdateIssueBoard(gid interface{}, board int, opt *UpdateGroupIssueBoardOptions, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error)
-		DeleteIssueBoard(gid interface{}, board int, options ...RequestOptionFunc) (*Response, error)
-		ListGroupIssueBoardLists(gid interface{}, board int, opt *ListGroupIssueBoardListsOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error)
-		GetGroupIssueBoardList(gid interface{}, board, list int, options ...RequestOptionFunc) (*BoardList, *Response, error)
-		CreateGroupIssueBoardList(gid interface{}, board int, opt *CreateGroupIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error)
-		UpdateIssueBoardList(gid interface{}, board, list int, opt *UpdateGroupIssueBoardListOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error)
-		DeleteGroupIssueBoardList(gid interface{}, board, list int, options ...RequestOptionFunc) (*Response, error)
+		ListGroupIssueBoards(gid any, opt *ListGroupIssueBoardsOptions, options ...RequestOptionFunc) ([]*GroupIssueBoard, *Response, error)
+		CreateGroupIssueBoard(gid any, opt *CreateGroupIssueBoardOptions, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error)
+		GetGroupIssueBoard(gid any, board int, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error)
+		UpdateIssueBoard(gid any, board int, opt *UpdateGroupIssueBoardOptions, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error)
+		DeleteIssueBoard(gid any, board int, options ...RequestOptionFunc) (*Response, error)
+		ListGroupIssueBoardLists(gid any, board int, opt *ListGroupIssueBoardListsOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error)
+		GetGroupIssueBoardList(gid any, board, list int, options ...RequestOptionFunc) (*BoardList, *Response, error)
+		CreateGroupIssueBoardList(gid any, board int, opt *CreateGroupIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error)
+		UpdateIssueBoardList(gid any, board, list int, opt *UpdateGroupIssueBoardListOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error)
+		DeleteGroupIssueBoardList(gid any, board, list int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupIssueBoardsService handles communication with the group issue board
@@ -75,7 +75,7 @@ type ListGroupIssueBoardsOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_boards/#list-all-group-issue-boards-in-a-group
-func (s *GroupIssueBoardsService) ListGroupIssueBoards(gid interface{}, opt *ListGroupIssueBoardsOptions, options ...RequestOptionFunc) ([]*GroupIssueBoard, *Response, error) {
+func (s *GroupIssueBoardsService) ListGroupIssueBoards(gid any, opt *ListGroupIssueBoardsOptions, options ...RequestOptionFunc) ([]*GroupIssueBoard, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -109,7 +109,7 @@ type CreateGroupIssueBoardOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_boards/#create-a-group-issue-board
-func (s *GroupIssueBoardsService) CreateGroupIssueBoard(gid interface{}, opt *CreateGroupIssueBoardOptions, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error) {
+func (s *GroupIssueBoardsService) CreateGroupIssueBoard(gid any, opt *CreateGroupIssueBoardOptions, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -134,7 +134,7 @@ func (s *GroupIssueBoardsService) CreateGroupIssueBoard(gid interface{}, opt *Cr
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_boards/#single-group-issue-board
-func (s *GroupIssueBoardsService) GetGroupIssueBoard(gid interface{}, board int, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error) {
+func (s *GroupIssueBoardsService) GetGroupIssueBoard(gid any, board int, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -171,7 +171,7 @@ type UpdateGroupIssueBoardOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_boards/#update-a-group-issue-board
-func (s *GroupIssueBoardsService) UpdateIssueBoard(gid interface{}, board int, opt *UpdateGroupIssueBoardOptions, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error) {
+func (s *GroupIssueBoardsService) UpdateIssueBoard(gid any, board int, opt *UpdateGroupIssueBoardOptions, options ...RequestOptionFunc) (*GroupIssueBoard, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -196,7 +196,7 @@ func (s *GroupIssueBoardsService) UpdateIssueBoard(gid interface{}, board int, o
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_boards/#delete-a-group-issue-board
-func (s *GroupIssueBoardsService) DeleteIssueBoard(gid interface{}, board int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupIssueBoardsService) DeleteIssueBoard(gid any, board int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -222,7 +222,7 @@ type ListGroupIssueBoardListsOptions ListOptions
 // backlog and closed lists.
 //
 // GitLab API docs: https://docs.gitlab.com/api/group_boards/#list-group-issue-board-lists
-func (s *GroupIssueBoardsService) ListGroupIssueBoardLists(gid interface{}, board int, opt *ListGroupIssueBoardListsOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error) {
+func (s *GroupIssueBoardsService) ListGroupIssueBoardLists(gid any, board int, opt *ListGroupIssueBoardListsOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -247,7 +247,7 @@ func (s *GroupIssueBoardsService) ListGroupIssueBoardLists(gid interface{}, boar
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_boards/#single-group-issue-board-list
-func (s *GroupIssueBoardsService) GetGroupIssueBoardList(gid interface{}, board, list int, options ...RequestOptionFunc) (*BoardList, *Response, error) {
+func (s *GroupIssueBoardsService) GetGroupIssueBoardList(gid any, board, list int, options ...RequestOptionFunc) (*BoardList, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -285,7 +285,7 @@ type CreateGroupIssueBoardListOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_boards/#new-group-issue-board-list
-func (s *GroupIssueBoardsService) CreateGroupIssueBoardList(gid interface{}, board int, opt *CreateGroupIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error) {
+func (s *GroupIssueBoardsService) CreateGroupIssueBoardList(gid any, board int, opt *CreateGroupIssueBoardListOptions, options ...RequestOptionFunc) (*BoardList, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -320,7 +320,7 @@ type UpdateGroupIssueBoardListOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_boards/#edit-group-issue-board-list
-func (s *GroupIssueBoardsService) UpdateIssueBoardList(gid interface{}, board, list int, opt *UpdateGroupIssueBoardListOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error) {
+func (s *GroupIssueBoardsService) UpdateIssueBoardList(gid any, board, list int, opt *UpdateGroupIssueBoardListOptions, options ...RequestOptionFunc) ([]*BoardList, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -350,7 +350,7 @@ func (s *GroupIssueBoardsService) UpdateIssueBoardList(gid interface{}, board, l
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_boards/#delete-a-group-issue-board-list
-func (s *GroupIssueBoardsService) DeleteGroupIssueBoardList(gid interface{}, board, list int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupIssueBoardsService) DeleteGroupIssueBoardList(gid any, board, list int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_clusters.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_clusters.go
index b9318abda1..145f56ea42 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_clusters.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_clusters.go
@@ -23,16 +23,23 @@ import (
 )
 
 type (
+	// Deprecated: in GitLab 14.5, to be removed in 19.0
 	GroupClustersServiceInterface interface {
-		ListClusters(pid interface{}, options ...RequestOptionFunc) ([]*GroupCluster, *Response, error)
-		GetCluster(pid interface{}, cluster int, options ...RequestOptionFunc) (*GroupCluster, *Response, error)
-		AddCluster(pid interface{}, opt *AddGroupClusterOptions, options ...RequestOptionFunc) (*GroupCluster, *Response, error)
-		EditCluster(pid interface{}, cluster int, opt *EditGroupClusterOptions, options ...RequestOptionFunc) (*GroupCluster, *Response, error)
-		DeleteCluster(pid interface{}, cluster int, options ...RequestOptionFunc) (*Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
+		ListClusters(pid any, options ...RequestOptionFunc) ([]*GroupCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
+		GetCluster(pid any, cluster int, options ...RequestOptionFunc) (*GroupCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
+		AddCluster(pid any, opt *AddGroupClusterOptions, options ...RequestOptionFunc) (*GroupCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
+		EditCluster(pid any, cluster int, opt *EditGroupClusterOptions, options ...RequestOptionFunc) (*GroupCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
+		DeleteCluster(pid any, cluster int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupClustersService handles communication with the
 	// group clusters related methods of the GitLab API.
+	// Deprecated: in GitLab 14.5, to be removed in 19.0
 	//
 	// GitLab API docs:
 	// https://docs.gitlab.com/api/group_clusters/
@@ -41,9 +48,11 @@ type (
 	}
 )
 
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 var _ GroupClustersServiceInterface = (*GroupClustersService)(nil)
 
 // GroupCluster represents a GitLab Group Cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs: https://docs.gitlab.com/api/group_clusters/
 type GroupCluster struct {
@@ -63,15 +72,17 @@ type GroupCluster struct {
 	Group              *Group              `json:"group"`
 }
 
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 func (v GroupCluster) String() string {
 	return Stringify(v)
 }
 
 // ListClusters gets a list of all clusters in a group.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_clusters/#list-group-clusters
-func (s *GroupClustersService) ListClusters(pid interface{}, options ...RequestOptionFunc) ([]*GroupCluster, *Response, error) {
+func (s *GroupClustersService) ListClusters(pid any, options ...RequestOptionFunc) ([]*GroupCluster, *Response, error) {
 	group, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -93,10 +104,11 @@ func (s *GroupClustersService) ListClusters(pid interface{}, options ...RequestO
 }
 
 // GetCluster gets a cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_clusters/#get-a-single-group-cluster
-func (s *GroupClustersService) GetCluster(pid interface{}, cluster int, options ...RequestOptionFunc) (*GroupCluster, *Response, error) {
+func (s *GroupClustersService) GetCluster(pid any, cluster int, options ...RequestOptionFunc) (*GroupCluster, *Response, error) {
 	group, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -118,6 +130,7 @@ func (s *GroupClustersService) GetCluster(pid interface{}, cluster int, options
 }
 
 // AddGroupClusterOptions represents the available AddCluster() options.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_clusters/#add-existing-cluster-to-group
@@ -132,6 +145,7 @@ type AddGroupClusterOptions struct {
 }
 
 // AddGroupPlatformKubernetesOptions represents the available PlatformKubernetes options for adding.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 type AddGroupPlatformKubernetesOptions struct {
 	APIURL            *string `url:"api_url,omitempty" json:"api_url,omitempty"`
 	Token             *string `url:"token,omitempty" json:"token,omitempty"`
@@ -141,10 +155,11 @@ type AddGroupPlatformKubernetesOptions struct {
 }
 
 // AddCluster adds an existing cluster to the group.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_clusters/#add-existing-cluster-to-group
-func (s *GroupClustersService) AddCluster(pid interface{}, opt *AddGroupClusterOptions, options ...RequestOptionFunc) (*GroupCluster, *Response, error) {
+func (s *GroupClustersService) AddCluster(pid any, opt *AddGroupClusterOptions, options ...RequestOptionFunc) (*GroupCluster, *Response, error) {
 	group, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -166,6 +181,7 @@ func (s *GroupClustersService) AddCluster(pid interface{}, opt *AddGroupClusterO
 }
 
 // EditGroupClusterOptions represents the available EditCluster() options.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_clusters/#edit-group-cluster
@@ -178,6 +194,7 @@ type EditGroupClusterOptions struct {
 }
 
 // EditGroupPlatformKubernetesOptions represents the available PlatformKubernetes options for editing.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 type EditGroupPlatformKubernetesOptions struct {
 	APIURL *string `url:"api_url,omitempty" json:"api_url,omitempty"`
 	Token  *string `url:"token,omitempty" json:"token,omitempty"`
@@ -185,10 +202,11 @@ type EditGroupPlatformKubernetesOptions struct {
 }
 
 // EditCluster updates an existing group cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_clusters/#edit-group-cluster
-func (s *GroupClustersService) EditCluster(pid interface{}, cluster int, opt *EditGroupClusterOptions, options ...RequestOptionFunc) (*GroupCluster, *Response, error) {
+func (s *GroupClustersService) EditCluster(pid any, cluster int, opt *EditGroupClusterOptions, options ...RequestOptionFunc) (*GroupCluster, *Response, error) {
 	group, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -210,10 +228,11 @@ func (s *GroupClustersService) EditCluster(pid interface{}, cluster int, opt *Ed
 }
 
 // DeleteCluster deletes an existing group cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_clusters/#delete-group-cluster
-func (s *GroupClustersService) DeleteCluster(pid interface{}, cluster int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupClustersService) DeleteCluster(pid any, cluster int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_epic_boards.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_epic_boards.go
index 86d2c17046..23097312e2 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_epic_boards.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_epic_boards.go
@@ -23,8 +23,8 @@ import (
 
 type (
 	GroupEpicBoardsServiceInterface interface {
-		ListGroupEpicBoards(gid interface{}, opt *ListGroupEpicBoardsOptions, options ...RequestOptionFunc) ([]*GroupEpicBoard, *Response, error)
-		GetGroupEpicBoard(gid interface{}, board int, options ...RequestOptionFunc) (*GroupEpicBoard, *Response, error)
+		ListGroupEpicBoards(gid any, opt *ListGroupEpicBoardsOptions, options ...RequestOptionFunc) ([]*GroupEpicBoard, *Response, error)
+		GetGroupEpicBoard(gid any, board int, options ...RequestOptionFunc) (*GroupEpicBoard, *Response, error)
 	}
 
 	// GroupEpicBoardsService handles communication with the group epic board
@@ -66,7 +66,7 @@ type ListGroupEpicBoardsOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_epic_boards/#list-all-epic-boards-in-a-group
-func (s *GroupEpicBoardsService) ListGroupEpicBoards(gid interface{}, opt *ListGroupEpicBoardsOptions, options ...RequestOptionFunc) ([]*GroupEpicBoard, *Response, error) {
+func (s *GroupEpicBoardsService) ListGroupEpicBoards(gid any, opt *ListGroupEpicBoardsOptions, options ...RequestOptionFunc) ([]*GroupEpicBoard, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -91,7 +91,7 @@ func (s *GroupEpicBoardsService) ListGroupEpicBoards(gid interface{}, opt *ListG
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_epic_boards/#single-group-epic-board
-func (s *GroupEpicBoardsService) GetGroupEpicBoard(gid interface{}, board int, options ...RequestOptionFunc) (*GroupEpicBoard, *Response, error) {
+func (s *GroupEpicBoardsService) GetGroupEpicBoard(gid any, board int, options ...RequestOptionFunc) (*GroupEpicBoard, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_hooks.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_hooks.go
index b77b3c511f..cd7117c846 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_hooks.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_hooks.go
@@ -69,7 +69,7 @@ type ListGroupHooksOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#list-group-hooks
-func (s *GroupsService) ListGroupHooks(gid interface{}, opt *ListGroupHooksOptions, options ...RequestOptionFunc) ([]*GroupHook, *Response, error) {
+func (s *GroupsService) ListGroupHooks(gid any, opt *ListGroupHooksOptions, options ...RequestOptionFunc) ([]*GroupHook, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -93,7 +93,7 @@ func (s *GroupsService) ListGroupHooks(gid interface{}, opt *ListGroupHooksOptio
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#get-a-group-hook
-func (s *GroupsService) GetGroupHook(gid interface{}, hook int, options ...RequestOptionFunc) (*GroupHook, *Response, error) {
+func (s *GroupsService) GetGroupHook(gid any, hook int, options ...RequestOptionFunc) (*GroupHook, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -118,7 +118,7 @@ func (s *GroupsService) GetGroupHook(gid interface{}, hook int, options ...Reque
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#resend-group-hook-event
-func (s *GroupsService) ResendGroupHookEvent(gid interface{}, hook int, hookEventID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) ResendGroupHookEvent(gid any, hook int, hookEventID int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -157,6 +157,7 @@ type AddGroupHookOptions struct {
 	FeatureFlagEvents         *bool                `url:"feature_flag_events,omitempty" json:"feature_flag_events,omitempty"`
 	ReleasesEvents            *bool                `url:"releases_events,omitempty" json:"releases_events,omitempty"`
 	SubGroupEvents            *bool                `url:"subgroup_events,omitempty" json:"subgroup_events,omitempty"`
+	EmojiEvents               *bool                `url:"emoji_events,omitempty" json:"emoji_events,omitempty"`
 	MemberEvents              *bool                `url:"member_events,omitempty" json:"member_events,omitempty"`
 	EnableSSLVerification     *bool                `url:"enable_ssl_verification,omitempty"  json:"enable_ssl_verification,omitempty"`
 	Token                     *string              `url:"token,omitempty" json:"token,omitempty"`
@@ -169,7 +170,7 @@ type AddGroupHookOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#add-a-group-hook
-func (s *GroupsService) AddGroupHook(gid interface{}, opt *AddGroupHookOptions, options ...RequestOptionFunc) (*GroupHook, *Response, error) {
+func (s *GroupsService) AddGroupHook(gid any, opt *AddGroupHookOptions, options ...RequestOptionFunc) (*GroupHook, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -214,6 +215,7 @@ type EditGroupHookOptions struct {
 	FeatureFlagEvents                     *bool                `url:"feature_flag_events,omitempty" json:"feature_flag_events,omitempty"`
 	ReleasesEvents                        *bool                `url:"releases_events,omitempty" json:"releases_events,omitempty"`
 	SubGroupEvents                        *bool                `url:"subgroup_events,omitempty" json:"subgroup_events,omitempty"`
+	EmojiEvents                           *bool                `url:"emoji_events,omitempty" json:"emoji_events,omitempty"`
 	MemberEvents                          *bool                `url:"member_events,omitempty" json:"member_events,omitempty"`
 	EnableSSLVerification                 *bool                `url:"enable_ssl_verification,omitempty" json:"enable_ssl_verification,omitempty"`
 	ServiceAccessTokensExpirationEnforced *bool                `url:"service_access_tokens_expiration_enforced,omitempty" json:"service_access_tokens_expiration_enforced,omitempty"`
@@ -227,7 +229,7 @@ type EditGroupHookOptions struct {
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#edit-group-hook
-func (s *GroupsService) EditGroupHook(gid interface{}, hook int, opt *EditGroupHookOptions, options ...RequestOptionFunc) (*GroupHook, *Response, error) {
+func (s *GroupsService) EditGroupHook(gid any, hook int, opt *EditGroupHookOptions, options ...RequestOptionFunc) (*GroupHook, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -253,7 +255,7 @@ func (s *GroupsService) EditGroupHook(gid interface{}, hook int, opt *EditGroupH
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#delete-a-group-hook
-func (s *GroupsService) DeleteGroupHook(gid interface{}, hook int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) DeleteGroupHook(gid any, hook int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -272,7 +274,7 @@ func (s *GroupsService) DeleteGroupHook(gid interface{}, hook int, options ...Re
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#trigger-a-test-group-hook
-func (s *GroupsService) TriggerTestGroupHook(pid interface{}, hook int, trigger GroupHookTrigger, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) TriggerTestGroupHook(pid any, hook int, trigger GroupHookTrigger, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -291,7 +293,7 @@ func (s *GroupsService) TriggerTestGroupHook(pid interface{}, hook int, trigger
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#set-a-custom-header
-func (s *GroupsService) SetGroupCustomHeader(gid interface{}, hook int, key string, opt *SetHookCustomHeaderOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) SetGroupCustomHeader(gid any, hook int, key string, opt *SetHookCustomHeaderOptions, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -310,7 +312,7 @@ func (s *GroupsService) SetGroupCustomHeader(gid interface{}, hook int, key stri
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#delete-a-custom-header
-func (s *GroupsService) DeleteGroupCustomHeader(gid interface{}, hook int, key string, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) DeleteGroupCustomHeader(gid any, hook int, key string, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -338,7 +340,7 @@ type SetHookURLVariableOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#set-a-url-variable
-func (s *GroupsService) SetGroupHookURLVariable(gid interface{}, hook int, key string, opt *SetHookURLVariableOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) SetGroupHookURLVariable(gid any, hook int, key string, opt *SetHookURLVariableOptions, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -357,7 +359,7 @@ func (s *GroupsService) SetGroupHookURLVariable(gid interface{}, hook int, key s
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_webhooks/#delete-a-url-variable
-func (s *GroupsService) DeleteGroupHookURLVariable(gid interface{}, hook int, key string, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) DeleteGroupHookURLVariable(gid any, hook int, key string, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_import_export.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_import_export.go
index 89955dd999..4064800400 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_import_export.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_import_export.go
@@ -29,8 +29,8 @@ import (
 
 type (
 	GroupImportExportServiceInterface interface {
-		ScheduleExport(gid interface{}, options ...RequestOptionFunc) (*Response, error)
-		ExportDownload(gid interface{}, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
+		ScheduleExport(gid any, options ...RequestOptionFunc) (*Response, error)
+		ExportDownload(gid any, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
 		ImportFile(opt *GroupImportFileOptions, options ...RequestOptionFunc) (*Response, error)
 	}
 
@@ -49,7 +49,7 @@ var _ GroupImportExportServiceInterface = (*GroupImportExportService)(nil)
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_import_export/#schedule-new-export
-func (s *GroupImportExportService) ScheduleExport(gid interface{}, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupImportExportService) ScheduleExport(gid any, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -68,7 +68,7 @@ func (s *GroupImportExportService) ScheduleExport(gid interface{}, options ...Re
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_import_export/#export-download
-func (s *GroupImportExportService) ExportDownload(gid interface{}, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
+func (s *GroupImportExportService) ExportDownload(gid any, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -107,13 +107,13 @@ type GroupImportFileOptions struct {
 func (s *GroupImportExportService) ImportFile(opt *GroupImportFileOptions, options ...RequestOptionFunc) (*Response, error) {
 	// First check if we got all required options.
 	if opt.Name == nil || *opt.Name == "" {
-		return nil, fmt.Errorf("Missing required option: Name")
+		return nil, fmt.Errorf("missing required option: Name")
 	}
 	if opt.Path == nil || *opt.Path == "" {
-		return nil, fmt.Errorf("Missing required option: Path")
+		return nil, fmt.Errorf("missing required option: Path")
 	}
 	if opt.File == nil || *opt.File == "" {
-		return nil, fmt.Errorf("Missing required option: File")
+		return nil, fmt.Errorf("missing required option: File")
 	}
 
 	f, err := os.Open(*opt.File)
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_iterations.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_iterations.go
index 72f3d82286..a0f7e337fc 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_iterations.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_iterations.go
@@ -24,7 +24,7 @@ import (
 
 type (
 	GroupIterationsServiceInterface interface {
-		ListGroupIterations(gid interface{}, opt *ListGroupIterationsOptions, options ...RequestOptionFunc) ([]*GroupIteration, *Response, error)
+		ListGroupIterations(gid any, opt *ListGroupIterationsOptions, options ...RequestOptionFunc) ([]*GroupIteration, *Response, error)
 	}
 
 	// IterationsAPI handles communication with the iterations related methods
@@ -76,7 +76,7 @@ type ListGroupIterationsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_iterations/#list-group-iterations
-func (s *GroupIterationsService) ListGroupIterations(gid interface{}, opt *ListGroupIterationsOptions, options ...RequestOptionFunc) ([]*GroupIteration, *Response, error) {
+func (s *GroupIterationsService) ListGroupIterations(gid any, opt *ListGroupIterationsOptions, options ...RequestOptionFunc) ([]*GroupIteration, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go
index 253d800da0..7bd4d1df8b 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go
@@ -23,13 +23,13 @@ import (
 
 type (
 	GroupLabelsServiceInterface interface {
-		ListGroupLabels(gid interface{}, opt *ListGroupLabelsOptions, options ...RequestOptionFunc) ([]*GroupLabel, *Response, error)
-		GetGroupLabel(gid interface{}, lid interface{}, options ...RequestOptionFunc) (*GroupLabel, *Response, error)
-		CreateGroupLabel(gid interface{}, opt *CreateGroupLabelOptions, options ...RequestOptionFunc) (*GroupLabel, *Response, error)
-		DeleteGroupLabel(gid interface{}, lid interface{}, opt *DeleteGroupLabelOptions, options ...RequestOptionFunc) (*Response, error)
-		UpdateGroupLabel(gid interface{}, lid interface{}, opt *UpdateGroupLabelOptions, options ...RequestOptionFunc) (*GroupLabel, *Response, error)
-		SubscribeToGroupLabel(gid interface{}, lid interface{}, options ...RequestOptionFunc) (*GroupLabel, *Response, error)
-		UnsubscribeFromGroupLabel(gid interface{}, lid interface{}, options ...RequestOptionFunc) (*Response, error)
+		ListGroupLabels(gid any, opt *ListGroupLabelsOptions, options ...RequestOptionFunc) ([]*GroupLabel, *Response, error)
+		GetGroupLabel(gid any, lid any, options ...RequestOptionFunc) (*GroupLabel, *Response, error)
+		CreateGroupLabel(gid any, opt *CreateGroupLabelOptions, options ...RequestOptionFunc) (*GroupLabel, *Response, error)
+		DeleteGroupLabel(gid any, lid any, opt *DeleteGroupLabelOptions, options ...RequestOptionFunc) (*Response, error)
+		UpdateGroupLabel(gid any, lid any, opt *UpdateGroupLabelOptions, options ...RequestOptionFunc) (*GroupLabel, *Response, error)
+		SubscribeToGroupLabel(gid any, lid any, options ...RequestOptionFunc) (*GroupLabel, *Response, error)
+		UnsubscribeFromGroupLabel(gid any, lid any, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupLabelsService handles communication with the label related methods of the
@@ -68,7 +68,7 @@ type ListGroupLabelsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_labels/#list-group-labels
-func (s *GroupLabelsService) ListGroupLabels(gid interface{}, opt *ListGroupLabelsOptions, options ...RequestOptionFunc) ([]*GroupLabel, *Response, error) {
+func (s *GroupLabelsService) ListGroupLabels(gid any, opt *ListGroupLabelsOptions, options ...RequestOptionFunc) ([]*GroupLabel, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -93,7 +93,7 @@ func (s *GroupLabelsService) ListGroupLabels(gid interface{}, opt *ListGroupLabe
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_labels/#get-a-single-group-label
-func (s *GroupLabelsService) GetGroupLabel(gid interface{}, lid interface{}, options ...RequestOptionFunc) (*GroupLabel, *Response, error) {
+func (s *GroupLabelsService) GetGroupLabel(gid any, lid any, options ...RequestOptionFunc) (*GroupLabel, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -134,7 +134,7 @@ type CreateGroupLabelOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_labels/#create-a-new-group-label
-func (s *GroupLabelsService) CreateGroupLabel(gid interface{}, opt *CreateGroupLabelOptions, options ...RequestOptionFunc) (*GroupLabel, *Response, error) {
+func (s *GroupLabelsService) CreateGroupLabel(gid any, opt *CreateGroupLabelOptions, options ...RequestOptionFunc) (*GroupLabel, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -167,7 +167,7 @@ type DeleteGroupLabelOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_labels/#delete-a-group-label
-func (s *GroupLabelsService) DeleteGroupLabel(gid interface{}, lid interface{}, opt *DeleteGroupLabelOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupLabelsService) DeleteGroupLabel(gid any, lid any, opt *DeleteGroupLabelOptions, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -207,7 +207,7 @@ type UpdateGroupLabelOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_labels/#update-a-group-label
-func (s *GroupLabelsService) UpdateGroupLabel(gid interface{}, lid interface{}, opt *UpdateGroupLabelOptions, options ...RequestOptionFunc) (*GroupLabel, *Response, error) {
+func (s *GroupLabelsService) UpdateGroupLabel(gid any, lid any, opt *UpdateGroupLabelOptions, options ...RequestOptionFunc) (*GroupLabel, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -242,7 +242,7 @@ func (s *GroupLabelsService) UpdateGroupLabel(gid interface{}, lid interface{},
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_labels/#subscribe-to-a-group-label
-func (s *GroupLabelsService) SubscribeToGroupLabel(gid interface{}, lid interface{}, options ...RequestOptionFunc) (*GroupLabel, *Response, error) {
+func (s *GroupLabelsService) SubscribeToGroupLabel(gid any, lid any, options ...RequestOptionFunc) (*GroupLabel, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -273,7 +273,7 @@ func (s *GroupLabelsService) SubscribeToGroupLabel(gid interface{}, lid interfac
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_labels/#unsubscribe-from-a-group-label
-func (s *GroupLabelsService) UnsubscribeFromGroupLabel(gid interface{}, lid interface{}, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupLabelsService) UnsubscribeFromGroupLabel(gid any, lid any, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_markdown_uploads.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_markdown_uploads.go
new file mode 100644
index 0000000000..5c0afc8493
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_markdown_uploads.go
@@ -0,0 +1,97 @@
+//
+// Copyright 2024, Sander van Harmelen
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"io"
+)
+
+type (
+	GroupMarkdownUploadsServiceInterface interface {
+		ListGroupMarkdownUploads(gid any, opt *ListMarkdownUploadsOptions, options ...RequestOptionFunc) ([]*GroupMarkdownUpload, *Response, error)
+		DownloadGroupMarkdownUploadByID(gid any, uploadID int, options ...RequestOptionFunc) (io.Reader, *Response, error)
+		DownloadGroupMarkdownUploadBySecretAndFilename(gid any, secret string, filename string, options ...RequestOptionFunc) (io.Reader, *Response, error)
+		DeleteGroupMarkdownUploadByID(gid any, uploadID int, options ...RequestOptionFunc) (*Response, error)
+		DeleteGroupMarkdownUploadBySecretAndFilename(gid any, secret string, filename string, options ...RequestOptionFunc) (*Response, error)
+	}
+
+	// GroupMarkdownUploadsService handles communication with the group
+	// markdown uploads related methods of the GitLab API.
+	//
+	// GitLab API docs:
+	// https://docs.gitlab.com/api/group_access_tokens/
+	GroupMarkdownUploadsService struct {
+		client *Client
+	}
+)
+
+var _ GroupMarkdownUploadsServiceInterface = (*GroupMarkdownUploadsService)(nil)
+
+// Type aliases for backward compatibility
+type (
+	GroupMarkdownUpload = MarkdownUpload
+)
+
+// ListGroupMarkdownUploads gets all markdown uploads for a group.
+//
+// GitLab API Docs:
+// https://docs.gitlab.com/api/group_markdown_uploads/#list-uploads
+func (s *GroupMarkdownUploadsService) ListGroupMarkdownUploads(gid any, opt *ListMarkdownUploadsOptions, options ...RequestOptionFunc) ([]*GroupMarkdownUpload, *Response, error) {
+	return listMarkdownUploads[GroupMarkdownUpload](s.client, GroupResource, gid, opt, options)
+}
+
+// DownloadGroupMarkdownUploadByID downloads a specific upload by ID.
+//
+// GitLab API Docs:
+// https://docs.gitlab.com/api/group_markdown_uploads/#download-an-uploaded-file-by-id
+func (s *GroupMarkdownUploadsService) DownloadGroupMarkdownUploadByID(gid any, uploadID int, options ...RequestOptionFunc) (io.Reader, *Response, error) {
+	buffer, resp, err := downloadMarkdownUploadByID(s.client, GroupResource, gid, uploadID, options)
+	if err != nil {
+		return nil, resp, err
+	}
+	return buffer, resp, nil
+}
+
+// DownloadGroupMarkdownUploadBySecretAndFilename downloads a specific upload
+// by secret and filename.
+//
+// GitLab API Docs:
+// https://docs.gitlab.com/api/group_markdown_uploads/#download-an-uploaded-file-by-secret-and-filename
+func (s *GroupMarkdownUploadsService) DownloadGroupMarkdownUploadBySecretAndFilename(gid any, secret string, filename string, options ...RequestOptionFunc) (io.Reader, *Response, error) {
+	buffer, resp, err := downloadMarkdownUploadBySecretAndFilename(s.client, GroupResource, gid, secret, filename, options)
+	if err != nil {
+		return nil, resp, err
+	}
+	return buffer, resp, nil
+}
+
+// DeleteGroupMarkdownUploadByID deletes an upload by ID.
+//
+// GitLab API Docs:
+// https://docs.gitlab.com/api/group_markdown_uploads/#delete-an-uploaded-file-by-id
+func (s *GroupMarkdownUploadsService) DeleteGroupMarkdownUploadByID(gid any, uploadID int, options ...RequestOptionFunc) (*Response, error) {
+	return deleteMarkdownUploadByID(s.client, GroupResource, gid, uploadID, options)
+}
+
+// DeleteGroupMarkdownUploadBySecretAndFilename deletes an upload
+// by secret and filename.
+//
+// GitLab API Docs:
+// https://docs.gitlab.com/api/group_markdown_uploads/#delete-an-uploaded-file-by-secret-and-filename
+func (s *GroupMarkdownUploadsService) DeleteGroupMarkdownUploadBySecretAndFilename(gid any, secret string, filename string, options ...RequestOptionFunc) (*Response, error) {
+	return deleteMarkdownUploadBySecretAndFilename(s.client, GroupResource, gid, secret, filename, options)
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_members.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_members.go
index 4574bd376f..7ba88838cc 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_members.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_members.go
@@ -24,13 +24,13 @@ import (
 
 type (
 	GroupMembersServiceInterface interface {
-		GetGroupMember(gid interface{}, user int, options ...RequestOptionFunc) (*GroupMember, *Response, error)
-		GetInheritedGroupMember(gid interface{}, user int, options ...RequestOptionFunc) (*GroupMember, *Response, error)
-		AddGroupMember(gid interface{}, opt *AddGroupMemberOptions, options ...RequestOptionFunc) (*GroupMember, *Response, error)
-		ShareWithGroup(gid interface{}, opt *ShareWithGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
-		DeleteShareWithGroup(gid interface{}, groupID int, options ...RequestOptionFunc) (*Response, error)
-		EditGroupMember(gid interface{}, user int, opt *EditGroupMemberOptions, options ...RequestOptionFunc) (*GroupMember, *Response, error)
-		RemoveGroupMember(gid interface{}, user int, opt *RemoveGroupMemberOptions, options ...RequestOptionFunc) (*Response, error)
+		GetGroupMember(gid any, user int, options ...RequestOptionFunc) (*GroupMember, *Response, error)
+		GetInheritedGroupMember(gid any, user int, options ...RequestOptionFunc) (*GroupMember, *Response, error)
+		AddGroupMember(gid any, opt *AddGroupMemberOptions, options ...RequestOptionFunc) (*GroupMember, *Response, error)
+		ShareWithGroup(gid any, opt *ShareWithGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
+		DeleteShareWithGroup(gid any, groupID int, options ...RequestOptionFunc) (*Response, error)
+		EditGroupMember(gid any, user int, opt *EditGroupMemberOptions, options ...RequestOptionFunc) (*GroupMember, *Response, error)
+		RemoveGroupMember(gid any, user int, opt *RemoveGroupMemberOptions, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupMembersService handles communication with the group members
@@ -58,6 +58,7 @@ type GroupMember struct {
 	ExpiresAt         *ISOTime                 `json:"expires_at"`
 	AccessLevel       AccessLevelValue         `json:"access_level"`
 	Email             string                   `json:"email,omitempty"`
+	PublicEmail       string                   `json:"public_email,omitempty"`
 	GroupSAMLIdentity *GroupMemberSAMLIdentity `json:"group_saml_identity"`
 	MemberRole        *MemberRole              `json:"member_role"`
 }
@@ -122,7 +123,7 @@ type ListGroupMembersOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/members/#list-all-members-of-a-group-or-project
-func (s *GroupsService) ListGroupMembers(gid interface{}, opt *ListGroupMembersOptions, options ...RequestOptionFunc) ([]*GroupMember, *Response, error) {
+func (s *GroupsService) ListGroupMembers(gid any, opt *ListGroupMembersOptions, options ...RequestOptionFunc) ([]*GroupMember, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -148,7 +149,7 @@ func (s *GroupsService) ListGroupMembers(gid interface{}, opt *ListGroupMembersO
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/members/#list-all-members-of-a-group-or-project-including-inherited-and-invited-members
-func (s *GroupsService) ListAllGroupMembers(gid interface{}, opt *ListGroupMembersOptions, options ...RequestOptionFunc) ([]*GroupMember, *Response, error) {
+func (s *GroupsService) ListAllGroupMembers(gid any, opt *ListGroupMembersOptions, options ...RequestOptionFunc) ([]*GroupMember, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -185,7 +186,7 @@ type AddGroupMemberOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/members/#get-a-member-of-a-group-or-project
-func (s *GroupMembersService) GetGroupMember(gid interface{}, user int, options ...RequestOptionFunc) (*GroupMember, *Response, error) {
+func (s *GroupMembersService) GetGroupMember(gid any, user int, options ...RequestOptionFunc) (*GroupMember, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -211,7 +212,7 @@ func (s *GroupMembersService) GetGroupMember(gid interface{}, user int, options
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/members/#get-a-member-of-a-group-or-project-including-inherited-and-invited-members
-func (s *GroupMembersService) GetInheritedGroupMember(gid interface{}, user int, options ...RequestOptionFunc) (*GroupMember, *Response, error) {
+func (s *GroupMembersService) GetInheritedGroupMember(gid any, user int, options ...RequestOptionFunc) (*GroupMember, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -248,7 +249,7 @@ type ListBillableGroupMembersOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/members/#list-all-billable-members-of-a-group
-func (s *GroupsService) ListBillableGroupMembers(gid interface{}, opt *ListBillableGroupMembersOptions, options ...RequestOptionFunc) ([]*BillableGroupMember, *Response, error) {
+func (s *GroupsService) ListBillableGroupMembers(gid any, opt *ListBillableGroupMembersOptions, options ...RequestOptionFunc) ([]*BillableGroupMember, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -281,7 +282,7 @@ type ListMembershipsForBillableGroupMemberOptions = ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/members/#list-memberships-for-a-billable-member-of-a-group
-func (s *GroupsService) ListMembershipsForBillableGroupMember(gid interface{}, user int, opt *ListMembershipsForBillableGroupMemberOptions, options ...RequestOptionFunc) ([]*BillableUserMembership, *Response, error) {
+func (s *GroupsService) ListMembershipsForBillableGroupMember(gid any, user int, opt *ListMembershipsForBillableGroupMemberOptions, options ...RequestOptionFunc) ([]*BillableUserMembership, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -306,7 +307,7 @@ func (s *GroupsService) ListMembershipsForBillableGroupMember(gid interface{}, u
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/members/#remove-a-billable-member-from-a-group
-func (s *GroupsService) RemoveBillableGroupMember(gid interface{}, user int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) RemoveBillableGroupMember(gid any, user int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -325,7 +326,7 @@ func (s *GroupsService) RemoveBillableGroupMember(gid interface{}, user int, opt
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/members/#add-a-member-to-a-group-or-project
-func (s *GroupMembersService) AddGroupMember(gid interface{}, opt *AddGroupMemberOptions, options ...RequestOptionFunc) (*GroupMember, *Response, error) {
+func (s *GroupMembersService) AddGroupMember(gid any, opt *AddGroupMemberOptions, options ...RequestOptionFunc) (*GroupMember, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -350,7 +351,7 @@ func (s *GroupMembersService) AddGroupMember(gid interface{}, opt *AddGroupMembe
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#create-a-link-to-share-a-group-with-another-group
-func (s *GroupMembersService) ShareWithGroup(gid interface{}, opt *ShareWithGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
+func (s *GroupMembersService) ShareWithGroup(gid any, opt *ShareWithGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -375,7 +376,7 @@ func (s *GroupMembersService) ShareWithGroup(gid interface{}, opt *ShareWithGrou
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#delete-the-link-that-shares-a-group-with-another-group
-func (s *GroupMembersService) DeleteShareWithGroup(gid interface{}, groupID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupMembersService) DeleteShareWithGroup(gid any, groupID int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -405,7 +406,7 @@ type EditGroupMemberOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/members/#edit-a-member-of-a-group-or-project
-func (s *GroupMembersService) EditGroupMember(gid interface{}, user int, opt *EditGroupMemberOptions, options ...RequestOptionFunc) (*GroupMember, *Response, error) {
+func (s *GroupMembersService) EditGroupMember(gid any, user int, opt *EditGroupMemberOptions, options ...RequestOptionFunc) (*GroupMember, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -439,7 +440,7 @@ type RemoveGroupMemberOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/members/#remove-a-member-from-a-group-or-project
-func (s *GroupMembersService) RemoveGroupMember(gid interface{}, user int, opt *RemoveGroupMemberOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupMembersService) RemoveGroupMember(gid any, user int, opt *RemoveGroupMemberOptions, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_milestones.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_milestones.go
index a32cd09f35..e9fc97aa81 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_milestones.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_milestones.go
@@ -24,14 +24,14 @@ import (
 
 type (
 	GroupMilestonesServiceInterface interface {
-		ListGroupMilestones(gid interface{}, opt *ListGroupMilestonesOptions, options ...RequestOptionFunc) ([]*GroupMilestone, *Response, error)
-		GetGroupMilestone(gid interface{}, milestone int, options ...RequestOptionFunc) (*GroupMilestone, *Response, error)
-		CreateGroupMilestone(gid interface{}, opt *CreateGroupMilestoneOptions, options ...RequestOptionFunc) (*GroupMilestone, *Response, error)
-		UpdateGroupMilestone(gid interface{}, milestone int, opt *UpdateGroupMilestoneOptions, options ...RequestOptionFunc) (*GroupMilestone, *Response, error)
-		DeleteGroupMilestone(pid interface{}, milestone int, options ...RequestOptionFunc) (*Response, error)
-		GetGroupMilestoneIssues(gid interface{}, milestone int, opt *GetGroupMilestoneIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
-		GetGroupMilestoneMergeRequests(gid interface{}, milestone int, opt *GetGroupMilestoneMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
-		GetGroupMilestoneBurndownChartEvents(gid interface{}, milestone int, opt *GetGroupMilestoneBurndownChartEventsOptions, options ...RequestOptionFunc) ([]*BurndownChartEvent, *Response, error)
+		ListGroupMilestones(gid any, opt *ListGroupMilestonesOptions, options ...RequestOptionFunc) ([]*GroupMilestone, *Response, error)
+		GetGroupMilestone(gid any, milestone int, options ...RequestOptionFunc) (*GroupMilestone, *Response, error)
+		CreateGroupMilestone(gid any, opt *CreateGroupMilestoneOptions, options ...RequestOptionFunc) (*GroupMilestone, *Response, error)
+		UpdateGroupMilestone(gid any, milestone int, opt *UpdateGroupMilestoneOptions, options ...RequestOptionFunc) (*GroupMilestone, *Response, error)
+		DeleteGroupMilestone(pid any, milestone int, options ...RequestOptionFunc) (*Response, error)
+		GetGroupMilestoneIssues(gid any, milestone int, opt *GetGroupMilestoneIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
+		GetGroupMilestoneMergeRequests(gid any, milestone int, opt *GetGroupMilestoneMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
+		GetGroupMilestoneBurndownChartEvents(gid any, milestone int, opt *GetGroupMilestoneBurndownChartEventsOptions, options ...RequestOptionFunc) ([]*BurndownChartEvent, *Response, error)
 	}
 
 	// GroupMilestonesService handles communication with the milestone related
@@ -73,26 +73,28 @@ func (m GroupMilestone) String() string {
 // https://docs.gitlab.com/api/group_milestones/#list-group-milestones
 type ListGroupMilestonesOptions struct {
 	ListOptions
-	IIDs                    *[]int   `url:"iids[],omitempty" json:"iids,omitempty"`
-	State                   *string  `url:"state,omitempty" json:"state,omitempty"`
-	Title                   *string  `url:"title,omitempty" json:"title,omitempty"`
-	Search                  *string  `url:"search,omitempty" json:"search,omitempty"`
-	SearchTitle             *string  `url:"search_title,omitempty" json:"search_title,omitempty"`
-	IncludeParentMilestones *bool    `url:"include_parent_milestones,omitempty" json:"include_parent_milestones,omitempty"`
-	IncludeAncestors        *bool    `url:"include_ancestors,omitempty" json:"include_ancestors,omitempty"`
-	IncludeDescendents      *bool    `url:"include_descendents,omitempty" json:"include_descendents,omitempty"`
-	UpdatedBefore           *ISOTime `url:"updated_before,omitempty" json:"updated_before,omitempty"`
-	UpdatedAfter            *ISOTime `url:"updated_after,omitempty" json:"updated_after,omitempty"`
-	ContainingDate          *ISOTime `url:"containing_date,omitempty" json:"containing_date,omitempty"`
-	StartDate               *ISOTime `url:"start_date,omitempty" json:"start_date,omitempty"`
-	EndDate                 *ISOTime `url:"end_date,omitempty" json:"end_date,omitempty"`
+	IIDs               *[]int   `url:"iids[],omitempty" json:"iids,omitempty"`
+	State              *string  `url:"state,omitempty" json:"state,omitempty"`
+	Title              *string  `url:"title,omitempty" json:"title,omitempty"`
+	Search             *string  `url:"search,omitempty" json:"search,omitempty"`
+	SearchTitle        *string  `url:"search_title,omitempty" json:"search_title,omitempty"`
+	IncludeAncestors   *bool    `url:"include_ancestors,omitempty" json:"include_ancestors,omitempty"`
+	IncludeDescendents *bool    `url:"include_descendents,omitempty" json:"include_descendents,omitempty"`
+	UpdatedBefore      *ISOTime `url:"updated_before,omitempty" json:"updated_before,omitempty"`
+	UpdatedAfter       *ISOTime `url:"updated_after,omitempty" json:"updated_after,omitempty"`
+	ContainingDate     *ISOTime `url:"containing_date,omitempty" json:"containing_date,omitempty"`
+	StartDate          *ISOTime `url:"start_date,omitempty" json:"start_date,omitempty"`
+	EndDate            *ISOTime `url:"end_date,omitempty" json:"end_date,omitempty"`
+
+	// Deprecated: in GitLab 16.7, use IncludeAncestors instead
+	IncludeParentMilestones *bool `url:"include_parent_milestones,omitempty" json:"include_parent_milestones,omitempty"`
 }
 
 // ListGroupMilestones returns a list of group milestones.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_milestones/#list-group-milestones
-func (s *GroupMilestonesService) ListGroupMilestones(gid interface{}, opt *ListGroupMilestonesOptions, options ...RequestOptionFunc) ([]*GroupMilestone, *Response, error) {
+func (s *GroupMilestonesService) ListGroupMilestones(gid any, opt *ListGroupMilestonesOptions, options ...RequestOptionFunc) ([]*GroupMilestone, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -117,7 +119,7 @@ func (s *GroupMilestonesService) ListGroupMilestones(gid interface{}, opt *ListG
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_milestones/#get-single-milestone
-func (s *GroupMilestonesService) GetGroupMilestone(gid interface{}, milestone int, options ...RequestOptionFunc) (*GroupMilestone, *Response, error) {
+func (s *GroupMilestonesService) GetGroupMilestone(gid any, milestone int, options ...RequestOptionFunc) (*GroupMilestone, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -153,7 +155,7 @@ type CreateGroupMilestoneOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_milestones/#create-new-milestone
-func (s *GroupMilestonesService) CreateGroupMilestone(gid interface{}, opt *CreateGroupMilestoneOptions, options ...RequestOptionFunc) (*GroupMilestone, *Response, error) {
+func (s *GroupMilestonesService) CreateGroupMilestone(gid any, opt *CreateGroupMilestoneOptions, options ...RequestOptionFunc) (*GroupMilestone, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -190,7 +192,7 @@ type UpdateGroupMilestoneOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_milestones/#edit-milestone
-func (s *GroupMilestonesService) UpdateGroupMilestone(gid interface{}, milestone int, opt *UpdateGroupMilestoneOptions, options ...RequestOptionFunc) (*GroupMilestone, *Response, error) {
+func (s *GroupMilestonesService) UpdateGroupMilestone(gid any, milestone int, opt *UpdateGroupMilestoneOptions, options ...RequestOptionFunc) (*GroupMilestone, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -215,7 +217,7 @@ func (s *GroupMilestonesService) UpdateGroupMilestone(gid interface{}, milestone
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_milestones/#delete-group-milestone
-func (s *GroupMilestonesService) DeleteGroupMilestone(pid interface{}, milestone int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupMilestonesService) DeleteGroupMilestone(pid any, milestone int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -239,7 +241,7 @@ type GetGroupMilestoneIssuesOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_milestones/#get-all-issues-assigned-to-a-single-milestone
-func (s *GroupMilestonesService) GetGroupMilestoneIssues(gid interface{}, milestone int, opt *GetGroupMilestoneIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
+func (s *GroupMilestonesService) GetGroupMilestoneIssues(gid any, milestone int, opt *GetGroupMilestoneIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -272,7 +274,7 @@ type GetGroupMilestoneMergeRequestsOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_milestones/#get-all-merge-requests-assigned-to-a-single-milestone
-func (s *GroupMilestonesService) GetGroupMilestoneMergeRequests(gid interface{}, milestone int, opt *GetGroupMilestoneMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
+func (s *GroupMilestonesService) GetGroupMilestoneMergeRequests(gid any, milestone int, opt *GetGroupMilestoneMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -315,7 +317,7 @@ type GetGroupMilestoneBurndownChartEventsOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_milestones/#get-all-burndown-chart-events-for-a-single-milestone
-func (s *GroupMilestonesService) GetGroupMilestoneBurndownChartEvents(gid interface{}, milestone int, opt *GetGroupMilestoneBurndownChartEventsOptions, options ...RequestOptionFunc) ([]*BurndownChartEvent, *Response, error) {
+func (s *GroupMilestonesService) GetGroupMilestoneBurndownChartEvents(gid any, milestone int, opt *GetGroupMilestoneBurndownChartEventsOptions, options ...RequestOptionFunc) ([]*BurndownChartEvent, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_protected_environments.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_protected_environments.go
index e74a0123ab..aea180371c 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_protected_environments.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_protected_environments.go
@@ -23,11 +23,11 @@ import (
 
 type (
 	GroupProtectedEnvironmentsServiceInterface interface {
-		ListGroupProtectedEnvironments(gid interface{}, opt *ListGroupProtectedEnvironmentsOptions, options ...RequestOptionFunc) ([]*GroupProtectedEnvironment, *Response, error)
-		GetGroupProtectedEnvironment(gid interface{}, environment string, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error)
-		ProtectGroupEnvironment(gid interface{}, opt *ProtectGroupEnvironmentOptions, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error)
-		UpdateGroupProtectedEnvironment(gid interface{}, environment string, opt *UpdateGroupProtectedEnvironmentOptions, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error)
-		UnprotectGroupEnvironment(gid interface{}, environment string, options ...RequestOptionFunc) (*Response, error)
+		ListGroupProtectedEnvironments(gid any, opt *ListGroupProtectedEnvironmentsOptions, options ...RequestOptionFunc) ([]*GroupProtectedEnvironment, *Response, error)
+		GetGroupProtectedEnvironment(gid any, environment string, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error)
+		ProtectGroupEnvironment(gid any, opt *ProtectGroupEnvironmentOptions, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error)
+		UpdateGroupProtectedEnvironment(gid any, environment string, opt *UpdateGroupProtectedEnvironmentOptions, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error)
+		UnprotectGroupEnvironment(gid any, environment string, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupProtectedEnvironmentsService handles communication with the group-level
@@ -94,7 +94,7 @@ type ListGroupProtectedEnvironmentsOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_protected_environments/#list-group-level-protected-environments
-func (s *GroupProtectedEnvironmentsService) ListGroupProtectedEnvironments(gid interface{}, opt *ListGroupProtectedEnvironmentsOptions, options ...RequestOptionFunc) ([]*GroupProtectedEnvironment, *Response, error) {
+func (s *GroupProtectedEnvironmentsService) ListGroupProtectedEnvironments(gid any, opt *ListGroupProtectedEnvironmentsOptions, options ...RequestOptionFunc) ([]*GroupProtectedEnvironment, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -120,7 +120,7 @@ func (s *GroupProtectedEnvironmentsService) ListGroupProtectedEnvironments(gid i
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_protected_environments/#get-a-single-protected-environment
-func (s *GroupProtectedEnvironmentsService) GetGroupProtectedEnvironment(gid interface{}, environment string, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error) {
+func (s *GroupProtectedEnvironmentsService) GetGroupProtectedEnvironment(gid any, environment string, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -183,7 +183,7 @@ type GroupEnvironmentApprovalRuleOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_protected_environments/#protect-a-single-environment
-func (s *GroupProtectedEnvironmentsService) ProtectGroupEnvironment(gid interface{}, opt *ProtectGroupEnvironmentOptions, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error) {
+func (s *GroupProtectedEnvironmentsService) ProtectGroupEnvironment(gid any, opt *ProtectGroupEnvironmentOptions, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -251,7 +251,7 @@ type UpdateGroupEnvironmentApprovalRuleOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_protected_environments/#update-a-protected-environment
-func (s *GroupProtectedEnvironmentsService) UpdateGroupProtectedEnvironment(gid interface{}, environment string, opt *UpdateGroupProtectedEnvironmentOptions, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error) {
+func (s *GroupProtectedEnvironmentsService) UpdateGroupProtectedEnvironment(gid any, environment string, opt *UpdateGroupProtectedEnvironmentOptions, options ...RequestOptionFunc) (*GroupProtectedEnvironment, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -277,7 +277,7 @@ func (s *GroupProtectedEnvironmentsService) UpdateGroupProtectedEnvironment(gid
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_protected_environments/#unprotect-a-single-environment
-func (s *GroupProtectedEnvironmentsService) UnprotectGroupEnvironment(gid interface{}, environment string, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupProtectedEnvironmentsService) UnprotectGroupEnvironment(gid any, environment string, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_releases.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_releases.go
index 6ed78e656f..da52ce9e22 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_releases.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_releases.go
@@ -20,7 +20,7 @@ import (
 
 type (
 	GroupReleasesServiceInterface interface {
-		ListGroupReleases(gid interface{}, opts *ListGroupReleasesOptions, options ...RequestOptionFunc) ([]*Release, *Response, error)
+		ListGroupReleases(gid any, opts *ListGroupReleasesOptions, options ...RequestOptionFunc) ([]*Release, *Response, error)
 	}
 
 	// GroupReleasesService handles communication with the group
@@ -48,7 +48,7 @@ type ListGroupReleasesOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_releases.html#list-group-releases
-func (s *GroupReleasesService) ListGroupReleases(gid interface{}, opts *ListGroupReleasesOptions, options ...RequestOptionFunc) ([]*Release, *Response, error) {
+func (s *GroupReleasesService) ListGroupReleases(gid any, opts *ListGroupReleasesOptions, options ...RequestOptionFunc) ([]*Release, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_scim.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_scim.go
index c0f3eb0342..e99a266e8d 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_scim.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_scim.go
@@ -20,10 +20,10 @@ import (
 
 type (
 	GroupSCIMServiceInterface interface {
-		GetSCIMIdentitiesForGroup(gid interface{}, options ...RequestOptionFunc) ([]*GroupSCIMIdentity, *Response, error)
-		GetSCIMIdentity(gid interface{}, uid string, options ...RequestOptionFunc) (*GroupSCIMIdentity, *Response, error)
-		UpdateSCIMIdentity(gid interface{}, uid string, opt *UpdateSCIMIdentityOptions, options ...RequestOptionFunc) (*Response, error)
-		DeleteSCIMIdentity(gid interface{}, uid string, options ...RequestOptionFunc) (*Response, error)
+		GetSCIMIdentitiesForGroup(gid any, options ...RequestOptionFunc) ([]*GroupSCIMIdentity, *Response, error)
+		GetSCIMIdentity(gid any, uid string, options ...RequestOptionFunc) (*GroupSCIMIdentity, *Response, error)
+		UpdateSCIMIdentity(gid any, uid string, opt *UpdateSCIMIdentityOptions, options ...RequestOptionFunc) (*Response, error)
+		DeleteSCIMIdentity(gid any, uid string, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupSCIMService handles communication with the Group SCIM
@@ -50,7 +50,7 @@ type GroupSCIMIdentity struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/scim/#get-scim-identities-for-a-group
-func (s *GroupSCIMService) GetSCIMIdentitiesForGroup(gid interface{}, options ...RequestOptionFunc) ([]*GroupSCIMIdentity, *Response, error) {
+func (s *GroupSCIMService) GetSCIMIdentitiesForGroup(gid any, options ...RequestOptionFunc) ([]*GroupSCIMIdentity, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -74,7 +74,7 @@ func (s *GroupSCIMService) GetSCIMIdentitiesForGroup(gid interface{}, options ..
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/scim/#get-a-single-scim-identity
-func (s *GroupSCIMService) GetSCIMIdentity(gid interface{}, uid string, options ...RequestOptionFunc) (*GroupSCIMIdentity, *Response, error) {
+func (s *GroupSCIMService) GetSCIMIdentity(gid any, uid string, options ...RequestOptionFunc) (*GroupSCIMIdentity, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -107,7 +107,7 @@ type UpdateSCIMIdentityOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/scim/#update-extern_uid-field-for-a-scim-identity
-func (s *GroupSCIMService) UpdateSCIMIdentity(gid interface{}, uid string, opt *UpdateSCIMIdentityOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupSCIMService) UpdateSCIMIdentity(gid any, uid string, opt *UpdateSCIMIdentityOptions, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -126,7 +126,7 @@ func (s *GroupSCIMService) UpdateSCIMIdentity(gid interface{}, uid string, opt *
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/scim/#delete-a-single-scim-identity
-func (s *GroupSCIMService) DeleteSCIMIdentity(gid interface{}, uid string, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupSCIMService) DeleteSCIMIdentity(gid any, uid string, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_security_settings.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_security_settings.go
index 6751300cdf..c93a311570 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_security_settings.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_security_settings.go
@@ -22,7 +22,7 @@ import (
 
 type (
 	GroupSecuritySettingsServiceInterface interface {
-		UpdateSecretPushProtectionEnabledSetting(gid interface{}, opt UpdateGroupSecuritySettingsOptions, options ...RequestOptionFunc) (*GroupSecuritySettings, *Response, error)
+		UpdateSecretPushProtectionEnabledSetting(gid any, opt UpdateGroupSecuritySettingsOptions, options ...RequestOptionFunc) (*GroupSecuritySettings, *Response, error)
 	}
 
 	// GroupSecuritySettingsService handles communication with the Group Security Settings
@@ -69,7 +69,7 @@ type UpdateGroupSecuritySettingsOptions struct {
 //
 // GitLab API Docs:
 // https://docs.gitlab.com/api/group_security_settings/#update-secret_push_protection_enabled-setting
-func (s *GroupSecuritySettingsService) UpdateSecretPushProtectionEnabledSetting(gid interface{}, opt UpdateGroupSecuritySettingsOptions, options ...RequestOptionFunc) (*GroupSecuritySettings, *Response, error) {
+func (s *GroupSecuritySettingsService) UpdateSecretPushProtectionEnabledSetting(gid any, opt UpdateGroupSecuritySettingsOptions, options ...RequestOptionFunc) (*GroupSecuritySettings, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_serviceaccounts.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_serviceaccounts.go
index 98b3f813e6..01fba66acc 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_serviceaccounts.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_serviceaccounts.go
@@ -45,7 +45,7 @@ type ListServiceAccountsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_service_accounts/#list-all-service-account-users
-func (s *GroupsService) ListServiceAccounts(gid interface{}, opt *ListServiceAccountsOptions, options ...RequestOptionFunc) ([]*GroupServiceAccount, *Response, error) {
+func (s *GroupsService) ListServiceAccounts(gid any, opt *ListServiceAccountsOptions, options ...RequestOptionFunc) ([]*GroupServiceAccount, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -81,7 +81,7 @@ type CreateServiceAccountOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_service_accounts/#create-a-service-account-user
-func (s *GroupsService) CreateServiceAccount(gid interface{}, opt *CreateServiceAccountOptions, options ...RequestOptionFunc) (*GroupServiceAccount, *Response, error) {
+func (s *GroupsService) CreateServiceAccount(gid any, opt *CreateServiceAccountOptions, options ...RequestOptionFunc) (*GroupServiceAccount, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -116,7 +116,7 @@ type DeleteServiceAccountOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_service_accounts/#delete-a-service-account-user
-func (s *GroupsService) DeleteServiceAccount(gid interface{}, serviceAccount int, opt *DeleteServiceAccountOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) DeleteServiceAccount(gid any, serviceAccount int, opt *DeleteServiceAccountOptions, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -147,7 +147,7 @@ type CreateServiceAccountPersonalAccessTokenOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_service_accounts/#create-a-personal-access-token-for-a-service-account-user
-func (s *GroupsService) CreateServiceAccountPersonalAccessToken(gid interface{}, serviceAccount int, opt *CreateServiceAccountPersonalAccessTokenOptions, options ...RequestOptionFunc) (*PersonalAccessToken, *Response, error) {
+func (s *GroupsService) CreateServiceAccountPersonalAccessToken(gid any, serviceAccount int, opt *CreateServiceAccountPersonalAccessTokenOptions, options ...RequestOptionFunc) (*PersonalAccessToken, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -182,7 +182,7 @@ type RotateServiceAccountPersonalAccessTokenOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_service_accounts/#rotate-a-personal-access-token-for-a-service-account-user
-func (s *GroupsService) RotateServiceAccountPersonalAccessToken(gid interface{}, serviceAccount, token int, opt *RotateServiceAccountPersonalAccessTokenOptions, options ...RequestOptionFunc) (*PersonalAccessToken, *Response, error) {
+func (s *GroupsService) RotateServiceAccountPersonalAccessToken(gid any, serviceAccount, token int, opt *RotateServiceAccountPersonalAccessTokenOptions, options ...RequestOptionFunc) (*PersonalAccessToken, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_ssh_certificates.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_ssh_certificates.go
index 6769649f07..27f9dddbd1 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_ssh_certificates.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_ssh_certificates.go
@@ -9,9 +9,9 @@ import (
 type (
 	// GroupSSHCertificatesServiceInterface defines methods for the GroupSSHCertificatesService.
 	GroupSSHCertificatesServiceInterface interface {
-		ListGroupSSHCertificates(gid interface{}, options ...RequestOptionFunc) ([]*GroupSSHCertificate, *Response, error)
-		CreateGroupSSHCertificate(gid interface{}, opt *CreateGroupSSHCertificateOptions, options ...RequestOptionFunc) (*GroupSSHCertificate, *Response, error)
-		DeleteGroupSSHCertificate(gid interface{}, cert int, options ...RequestOptionFunc) (*Response, error)
+		ListGroupSSHCertificates(gid any, options ...RequestOptionFunc) ([]*GroupSSHCertificate, *Response, error)
+		CreateGroupSSHCertificate(gid any, opt *CreateGroupSSHCertificateOptions, options ...RequestOptionFunc) (*GroupSSHCertificate, *Response, error)
+		DeleteGroupSSHCertificate(gid any, cert int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupSSHCertificatesService handles communication with the group
@@ -40,7 +40,7 @@ type GroupSSHCertificate struct {
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/group_ssh_certificates/#get-all-ssh-certificates-for-a-particular-group
-func (s *GroupSSHCertificatesService) ListGroupSSHCertificates(gid interface{}, options ...RequestOptionFunc) ([]*GroupSSHCertificate, *Response, error) {
+func (s *GroupSSHCertificatesService) ListGroupSSHCertificates(gid any, options ...RequestOptionFunc) ([]*GroupSSHCertificate, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -75,7 +75,7 @@ type CreateGroupSSHCertificateOptions struct {
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/group_ssh_certificates/#create-ssh-certificate
-func (s *GroupSSHCertificatesService) CreateGroupSSHCertificate(gid interface{}, opt *CreateGroupSSHCertificateOptions, options ...RequestOptionFunc) (*GroupSSHCertificate, *Response, error) {
+func (s *GroupSSHCertificatesService) CreateGroupSSHCertificate(gid any, opt *CreateGroupSSHCertificateOptions, options ...RequestOptionFunc) (*GroupSSHCertificate, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -100,7 +100,7 @@ func (s *GroupSSHCertificatesService) CreateGroupSSHCertificate(gid interface{},
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/group_ssh_certificates/#delete-group-ssh-certificate
-func (s *GroupSSHCertificatesService) DeleteGroupSSHCertificate(gid interface{}, cert int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupSSHCertificatesService) DeleteGroupSSHCertificate(gid any, cert int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_variables.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_variables.go
index 19afc1c684..ae643a2649 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_variables.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_variables.go
@@ -25,11 +25,11 @@ import (
 type (
 	// GroupVariablesServiceInterface defines methods for the GroupVariablesService.
 	GroupVariablesServiceInterface interface {
-		ListVariables(gid interface{}, opt *ListGroupVariablesOptions, options ...RequestOptionFunc) ([]*GroupVariable, *Response, error)
-		GetVariable(gid interface{}, key string, opt *GetGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error)
-		CreateVariable(gid interface{}, opt *CreateGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error)
-		UpdateVariable(gid interface{}, key string, opt *UpdateGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error)
-		RemoveVariable(gid interface{}, key string, opt *RemoveGroupVariableOptions, options ...RequestOptionFunc) (*Response, error)
+		ListVariables(gid any, opt *ListGroupVariablesOptions, options ...RequestOptionFunc) ([]*GroupVariable, *Response, error)
+		GetVariable(gid any, key string, opt *GetGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error)
+		CreateVariable(gid any, opt *CreateGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error)
+		UpdateVariable(gid any, key string, opt *UpdateGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error)
+		RemoveVariable(gid any, key string, opt *RemoveGroupVariableOptions, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupVariablesService handles communication with the
@@ -75,7 +75,7 @@ type ListGroupVariablesOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_level_variables/#list-group-variables
-func (s *GroupVariablesService) ListVariables(gid interface{}, opt *ListGroupVariablesOptions, options ...RequestOptionFunc) ([]*GroupVariable, *Response, error) {
+func (s *GroupVariablesService) ListVariables(gid any, opt *ListGroupVariablesOptions, options ...RequestOptionFunc) ([]*GroupVariable, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -109,7 +109,7 @@ type GetGroupVariableOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_level_variables/#show-variable-details
-func (s *GroupVariablesService) GetVariable(gid interface{}, key string, opt *GetGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error) {
+func (s *GroupVariablesService) GetVariable(gid any, key string, opt *GetGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -151,7 +151,7 @@ type CreateGroupVariableOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_level_variables/#create-variable
-func (s *GroupVariablesService) CreateVariable(gid interface{}, opt *CreateGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error) {
+func (s *GroupVariablesService) CreateVariable(gid any, opt *CreateGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -193,7 +193,7 @@ type UpdateGroupVariableOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_level_variables/#update-variable
-func (s *GroupVariablesService) UpdateVariable(gid interface{}, key string, opt *UpdateGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error) {
+func (s *GroupVariablesService) UpdateVariable(gid any, key string, opt *UpdateGroupVariableOptions, options ...RequestOptionFunc) (*GroupVariable, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -227,7 +227,7 @@ type RemoveGroupVariableOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_level_variables/#remove-variable
-func (s *GroupVariablesService) RemoveVariable(gid interface{}, key string, opt *RemoveGroupVariableOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupVariablesService) RemoveVariable(gid any, key string, opt *RemoveGroupVariableOptions, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/group_wikis.go b/vendor/gitlab.com/gitlab-org/api/client-go/group_wikis.go
index 92319d97c7..b04fd99836 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/group_wikis.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/group_wikis.go
@@ -24,11 +24,11 @@ import (
 type (
 	// GroupWikisServiceInterface defines methods for the GroupWikisService.
 	GroupWikisServiceInterface interface {
-		ListGroupWikis(gid interface{}, opt *ListGroupWikisOptions, options ...RequestOptionFunc) ([]*GroupWiki, *Response, error)
-		GetGroupWikiPage(gid interface{}, slug string, opt *GetGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error)
-		CreateGroupWikiPage(gid interface{}, opt *CreateGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error)
-		EditGroupWikiPage(gid interface{}, slug string, opt *EditGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error)
-		DeleteGroupWikiPage(gid interface{}, slug string, options ...RequestOptionFunc) (*Response, error)
+		ListGroupWikis(gid any, opt *ListGroupWikisOptions, options ...RequestOptionFunc) ([]*GroupWiki, *Response, error)
+		GetGroupWikiPage(gid any, slug string, opt *GetGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error)
+		CreateGroupWikiPage(gid any, opt *CreateGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error)
+		EditGroupWikiPage(gid any, slug string, opt *EditGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error)
+		DeleteGroupWikiPage(gid any, slug string, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupWikisService handles communication with the group wikis related methods of
@@ -70,7 +70,7 @@ type ListGroupWikisOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_wikis/#list-wiki-pages
-func (s *GroupWikisService) ListGroupWikis(gid interface{}, opt *ListGroupWikisOptions, options ...RequestOptionFunc) ([]*GroupWiki, *Response, error) {
+func (s *GroupWikisService) ListGroupWikis(gid any, opt *ListGroupWikisOptions, options ...RequestOptionFunc) ([]*GroupWiki, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -104,7 +104,7 @@ type GetGroupWikiPageOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_wikis/#get-a-wiki-page
-func (s *GroupWikisService) GetGroupWikiPage(gid interface{}, slug string, opt *GetGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error) {
+func (s *GroupWikisService) GetGroupWikiPage(gid any, slug string, opt *GetGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -140,7 +140,7 @@ type CreateGroupWikiPageOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_wikis/#create-a-new-wiki-page
-func (s *GroupWikisService) CreateGroupWikiPage(gid interface{}, opt *CreateGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error) {
+func (s *GroupWikisService) CreateGroupWikiPage(gid any, opt *CreateGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -176,7 +176,7 @@ type EditGroupWikiPageOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_wikis/#edit-an-existing-wiki-page
-func (s *GroupWikisService) EditGroupWikiPage(gid interface{}, slug string, opt *EditGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error) {
+func (s *GroupWikisService) EditGroupWikiPage(gid any, slug string, opt *EditGroupWikiPageOptions, options ...RequestOptionFunc) (*GroupWiki, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -201,7 +201,7 @@ func (s *GroupWikisService) EditGroupWikiPage(gid interface{}, slug string, opt
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_wikis/#delete-a-wiki-page
-func (s *GroupWikisService) DeleteGroupWikiPage(gid interface{}, slug string, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupWikisService) DeleteGroupWikiPage(gid any, slug string, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/groups.go b/vendor/gitlab.com/gitlab-org/api/client-go/groups.go
index 0845ee2d4f..0212d6946d 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/groups.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/groups.go
@@ -22,6 +22,8 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"net/url"
+	"strconv"
 	"time"
 
 	retryablehttp "github.com/hashicorp/go-retryablehttp"
@@ -30,63 +32,63 @@ import (
 type (
 	GroupsServiceInterface interface {
 		ListGroups(opt *ListGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error)
-		ListSubGroups(gid interface{}, opt *ListSubGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error)
-		ListDescendantGroups(gid interface{}, opt *ListDescendantGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error)
-		ListGroupProjects(gid interface{}, opt *ListGroupProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
-		GetGroup(gid interface{}, opt *GetGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
-		DownloadAvatar(gid interface{}, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
+		ListSubGroups(gid any, opt *ListSubGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error)
+		ListDescendantGroups(gid any, opt *ListDescendantGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error)
+		ListGroupProjects(gid any, opt *ListGroupProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
+		GetGroup(gid any, opt *GetGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
+		DownloadAvatar(gid any, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
 		CreateGroup(opt *CreateGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
-		TransferGroup(gid interface{}, pid interface{}, options ...RequestOptionFunc) (*Group, *Response, error)
-		TransferSubGroup(gid interface{}, opt *TransferSubGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
-		UpdateGroup(gid interface{}, opt *UpdateGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
-		UploadAvatar(gid interface{}, avatar io.Reader, filename string, options ...RequestOptionFunc) (*Group, *Response, error)
-		DeleteGroup(gid interface{}, opt *DeleteGroupOptions, options ...RequestOptionFunc) (*Response, error)
-		RestoreGroup(gid interface{}, options ...RequestOptionFunc) (*Group, *Response, error)
+		TransferGroup(gid any, pid any, options ...RequestOptionFunc) (*Group, *Response, error)
+		TransferSubGroup(gid any, opt *TransferSubGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
+		UpdateGroup(gid any, opt *UpdateGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
+		UploadAvatar(gid any, avatar io.Reader, filename string, options ...RequestOptionFunc) (*Group, *Response, error)
+		DeleteGroup(gid any, opt *DeleteGroupOptions, options ...RequestOptionFunc) (*Response, error)
+		RestoreGroup(gid any, options ...RequestOptionFunc) (*Group, *Response, error)
 		SearchGroup(query string, options ...RequestOptionFunc) ([]*Group, *Response, error)
-		ListProvisionedUsers(gid interface{}, opt *ListProvisionedUsersOptions, options ...RequestOptionFunc) ([]*User, *Response, error)
-		ListGroupLDAPLinks(gid interface{}, options ...RequestOptionFunc) ([]*LDAPGroupLink, *Response, error)
-		AddGroupLDAPLink(gid interface{}, opt *AddGroupLDAPLinkOptions, options ...RequestOptionFunc) (*LDAPGroupLink, *Response, error)
-		DeleteGroupLDAPLink(gid interface{}, cn string, options ...RequestOptionFunc) (*Response, error)
-		DeleteGroupLDAPLinkWithCNOrFilter(gid interface{}, opts *DeleteGroupLDAPLinkWithCNOrFilterOptions, options ...RequestOptionFunc) (*Response, error)
-		DeleteGroupLDAPLinkForProvider(gid interface{}, provider, cn string, options ...RequestOptionFunc) (*Response, error)
-		ListGroupSAMLLinks(gid interface{}, options ...RequestOptionFunc) ([]*SAMLGroupLink, *Response, error)
-		ListGroupSharedProjects(gid interface{}, opt *ListGroupSharedProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
-		GetGroupSAMLLink(gid interface{}, samlGroupName string, options ...RequestOptionFunc) (*SAMLGroupLink, *Response, error)
-		AddGroupSAMLLink(gid interface{}, opt *AddGroupSAMLLinkOptions, options ...RequestOptionFunc) (*SAMLGroupLink, *Response, error)
-		DeleteGroupSAMLLink(gid interface{}, samlGroupName string, options ...RequestOptionFunc) (*Response, error)
-		ShareGroupWithGroup(gid interface{}, opt *ShareGroupWithGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
-		UnshareGroupFromGroup(gid interface{}, groupID int, options ...RequestOptionFunc) (*Response, error)
-		GetGroupPushRules(gid interface{}, options ...RequestOptionFunc) (*GroupPushRules, *Response, error)
-		AddGroupPushRule(gid interface{}, opt *AddGroupPushRuleOptions, options ...RequestOptionFunc) (*GroupPushRules, *Response, error)
-		EditGroupPushRule(gid interface{}, opt *EditGroupPushRuleOptions, options ...RequestOptionFunc) (*GroupPushRules, *Response, error)
-		DeleteGroupPushRule(gid interface{}, options ...RequestOptionFunc) (*Response, error)
+		ListProvisionedUsers(gid any, opt *ListProvisionedUsersOptions, options ...RequestOptionFunc) ([]*User, *Response, error)
+		ListGroupLDAPLinks(gid any, options ...RequestOptionFunc) ([]*LDAPGroupLink, *Response, error)
+		AddGroupLDAPLink(gid any, opt *AddGroupLDAPLinkOptions, options ...RequestOptionFunc) (*LDAPGroupLink, *Response, error)
+		DeleteGroupLDAPLink(gid any, cn string, options ...RequestOptionFunc) (*Response, error)
+		DeleteGroupLDAPLinkWithCNOrFilter(gid any, opts *DeleteGroupLDAPLinkWithCNOrFilterOptions, options ...RequestOptionFunc) (*Response, error)
+		DeleteGroupLDAPLinkForProvider(gid any, provider, cn string, options ...RequestOptionFunc) (*Response, error)
+		ListGroupSAMLLinks(gid any, options ...RequestOptionFunc) ([]*SAMLGroupLink, *Response, error)
+		ListGroupSharedProjects(gid any, opt *ListGroupSharedProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
+		GetGroupSAMLLink(gid any, samlGroupName string, options ...RequestOptionFunc) (*SAMLGroupLink, *Response, error)
+		AddGroupSAMLLink(gid any, opt *AddGroupSAMLLinkOptions, options ...RequestOptionFunc) (*SAMLGroupLink, *Response, error)
+		DeleteGroupSAMLLink(gid any, samlGroupName string, options ...RequestOptionFunc) (*Response, error)
+		ShareGroupWithGroup(gid any, opt *ShareGroupWithGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error)
+		UnshareGroupFromGroup(gid any, groupID int, options ...RequestOptionFunc) (*Response, error)
+		GetGroupPushRules(gid any, options ...RequestOptionFunc) (*GroupPushRules, *Response, error)
+		AddGroupPushRule(gid any, opt *AddGroupPushRuleOptions, options ...RequestOptionFunc) (*GroupPushRules, *Response, error)
+		EditGroupPushRule(gid any, opt *EditGroupPushRuleOptions, options ...RequestOptionFunc) (*GroupPushRules, *Response, error)
+		DeleteGroupPushRule(gid any, options ...RequestOptionFunc) (*Response, error)
 
 		// group_hooks.go
-		ListGroupHooks(gid interface{}, opt *ListGroupHooksOptions, options ...RequestOptionFunc) ([]*GroupHook, *Response, error)
-		GetGroupHook(gid interface{}, hook int, options ...RequestOptionFunc) (*GroupHook, *Response, error)
-		ResendGroupHookEvent(gid interface{}, hook int, hookEventID int, options ...RequestOptionFunc) (*Response, error)
-		AddGroupHook(gid interface{}, opt *AddGroupHookOptions, options ...RequestOptionFunc) (*GroupHook, *Response, error)
-		EditGroupHook(gid interface{}, hook int, opt *EditGroupHookOptions, options ...RequestOptionFunc) (*GroupHook, *Response, error)
-		DeleteGroupHook(gid interface{}, hook int, options ...RequestOptionFunc) (*Response, error)
-		TriggerTestGroupHook(pid interface{}, hook int, trigger GroupHookTrigger, options ...RequestOptionFunc) (*Response, error)
-		SetGroupCustomHeader(gid interface{}, hook int, key string, opt *SetHookCustomHeaderOptions, options ...RequestOptionFunc) (*Response, error)
-		DeleteGroupCustomHeader(gid interface{}, hook int, key string, options ...RequestOptionFunc) (*Response, error)
-		SetGroupHookURLVariable(gid interface{}, hook int, key string, opt *SetHookURLVariableOptions, options ...RequestOptionFunc) (*Response, error)
-		DeleteGroupHookURLVariable(gid interface{}, hook int, key string, options ...RequestOptionFunc) (*Response, error)
+		ListGroupHooks(gid any, opt *ListGroupHooksOptions, options ...RequestOptionFunc) ([]*GroupHook, *Response, error)
+		GetGroupHook(gid any, hook int, options ...RequestOptionFunc) (*GroupHook, *Response, error)
+		ResendGroupHookEvent(gid any, hook int, hookEventID int, options ...RequestOptionFunc) (*Response, error)
+		AddGroupHook(gid any, opt *AddGroupHookOptions, options ...RequestOptionFunc) (*GroupHook, *Response, error)
+		EditGroupHook(gid any, hook int, opt *EditGroupHookOptions, options ...RequestOptionFunc) (*GroupHook, *Response, error)
+		DeleteGroupHook(gid any, hook int, options ...RequestOptionFunc) (*Response, error)
+		TriggerTestGroupHook(pid any, hook int, trigger GroupHookTrigger, options ...RequestOptionFunc) (*Response, error)
+		SetGroupCustomHeader(gid any, hook int, key string, opt *SetHookCustomHeaderOptions, options ...RequestOptionFunc) (*Response, error)
+		DeleteGroupCustomHeader(gid any, hook int, key string, options ...RequestOptionFunc) (*Response, error)
+		SetGroupHookURLVariable(gid any, hook int, key string, opt *SetHookURLVariableOptions, options ...RequestOptionFunc) (*Response, error)
+		DeleteGroupHookURLVariable(gid any, hook int, key string, options ...RequestOptionFunc) (*Response, error)
 
 		// group_serviceaccounts.go
-		ListServiceAccounts(gid interface{}, opt *ListServiceAccountsOptions, options ...RequestOptionFunc) ([]*GroupServiceAccount, *Response, error)
-		CreateServiceAccount(gid interface{}, opt *CreateServiceAccountOptions, options ...RequestOptionFunc) (*GroupServiceAccount, *Response, error)
-		DeleteServiceAccount(gid interface{}, serviceAccount int, opt *DeleteServiceAccountOptions, options ...RequestOptionFunc) (*Response, error)
-		CreateServiceAccountPersonalAccessToken(gid interface{}, serviceAccount int, opt *CreateServiceAccountPersonalAccessTokenOptions, options ...RequestOptionFunc) (*PersonalAccessToken, *Response, error)
-		RotateServiceAccountPersonalAccessToken(gid interface{}, serviceAccount, token int, opt *RotateServiceAccountPersonalAccessTokenOptions, options ...RequestOptionFunc) (*PersonalAccessToken, *Response, error)
+		ListServiceAccounts(gid any, opt *ListServiceAccountsOptions, options ...RequestOptionFunc) ([]*GroupServiceAccount, *Response, error)
+		CreateServiceAccount(gid any, opt *CreateServiceAccountOptions, options ...RequestOptionFunc) (*GroupServiceAccount, *Response, error)
+		DeleteServiceAccount(gid any, serviceAccount int, opt *DeleteServiceAccountOptions, options ...RequestOptionFunc) (*Response, error)
+		CreateServiceAccountPersonalAccessToken(gid any, serviceAccount int, opt *CreateServiceAccountPersonalAccessTokenOptions, options ...RequestOptionFunc) (*PersonalAccessToken, *Response, error)
+		RotateServiceAccountPersonalAccessToken(gid any, serviceAccount, token int, opt *RotateServiceAccountPersonalAccessTokenOptions, options ...RequestOptionFunc) (*PersonalAccessToken, *Response, error)
 
 		// group_members.go
-		ListGroupMembers(gid interface{}, opt *ListGroupMembersOptions, options ...RequestOptionFunc) ([]*GroupMember, *Response, error)
-		ListAllGroupMembers(gid interface{}, opt *ListGroupMembersOptions, options ...RequestOptionFunc) ([]*GroupMember, *Response, error)
-		ListBillableGroupMembers(gid interface{}, opt *ListBillableGroupMembersOptions, options ...RequestOptionFunc) ([]*BillableGroupMember, *Response, error)
-		ListMembershipsForBillableGroupMember(gid interface{}, user int, opt *ListMembershipsForBillableGroupMemberOptions, options ...RequestOptionFunc) ([]*BillableUserMembership, *Response, error)
-		RemoveBillableGroupMember(gid interface{}, user int, options ...RequestOptionFunc) (*Response, error)
+		ListGroupMembers(gid any, opt *ListGroupMembersOptions, options ...RequestOptionFunc) ([]*GroupMember, *Response, error)
+		ListAllGroupMembers(gid any, opt *ListGroupMembersOptions, options ...RequestOptionFunc) ([]*GroupMember, *Response, error)
+		ListBillableGroupMembers(gid any, opt *ListBillableGroupMembersOptions, options ...RequestOptionFunc) ([]*BillableGroupMember, *Response, error)
+		ListMembershipsForBillableGroupMember(gid any, user int, opt *ListMembershipsForBillableGroupMemberOptions, options ...RequestOptionFunc) ([]*BillableUserMembership, *Response, error)
+		RemoveBillableGroupMember(gid any, user int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// GroupsService handles communication with the group related methods of
@@ -121,7 +123,6 @@ type Group struct {
 	FullPath                        string                     `json:"full_path"`
 	FileTemplateProjectID           int                        `json:"file_template_project_id"`
 	ParentID                        int                        `json:"parent_id"`
-	Projects                        []*Project                 `json:"projects"`
 	Statistics                      *Statistics                `json:"statistics"`
 	CustomAttributes                []*CustomAttribute         `json:"custom_attributes"`
 	ShareWithGroupLock              bool                       `json:"share_with_group_lock"`
@@ -133,7 +134,6 @@ type Group struct {
 	EmailsEnabled                   bool                       `json:"emails_enabled"`
 	MentionsDisabled                bool                       `json:"mentions_disabled"`
 	RunnersToken                    string                     `json:"runners_token"`
-	SharedProjects                  []*Project                 `json:"shared_projects"`
 	SharedRunnersSetting            SharedRunnersSettingValue  `json:"shared_runners_setting"`
 	SharedWithGroups                []SharedWithGroup          `json:"shared_with_groups"`
 	LDAPCN                          string                     `json:"ldap_cn"`
@@ -149,6 +149,12 @@ type Group struct {
 	AllowedEmailDomainsList         string                     `json:"allowed_email_domains_list"`
 	WikiAccessLevel                 AccessControlValue         `json:"wiki_access_level"`
 
+	// Deprecated: will be removed in v5 of the API, use ListGroupProjects instead
+	Projects []*Project `json:"projects"`
+
+	// Deprecated: will be removed in v5 of the API, use ListGroupSharedProjects instead
+	SharedProjects []*Project `json:"shared_projects"`
+
 	// Deprecated: Use EmailsEnabled instead
 	EmailsDisabled bool `json:"emails_disabled"`
 
@@ -272,7 +278,7 @@ type ListSubGroupsOptions ListGroupsOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#list-subgroups
-func (s *GroupsService) ListSubGroups(gid interface{}, opt *ListSubGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error) {
+func (s *GroupsService) ListSubGroups(gid any, opt *ListSubGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -304,7 +310,7 @@ type ListDescendantGroupsOptions ListGroupsOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#list-descendant-groups
-func (s *GroupsService) ListDescendantGroups(gid interface{}, opt *ListDescendantGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error) {
+func (s *GroupsService) ListDescendantGroups(gid any, opt *ListDescendantGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -353,7 +359,7 @@ type ListGroupProjectsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#list-projects
-func (s *GroupsService) ListGroupProjects(gid interface{}, opt *ListGroupProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
+func (s *GroupsService) ListGroupProjects(gid any, opt *ListGroupProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -380,13 +386,15 @@ func (s *GroupsService) ListGroupProjects(gid interface{}, opt *ListGroupProject
 type GetGroupOptions struct {
 	ListOptions
 	WithCustomAttributes *bool `url:"with_custom_attributes,omitempty" json:"with_custom_attributes,omitempty"`
-	WithProjects         *bool `url:"with_projects,omitempty" json:"with_projects,omitempty"`
+
+	// Deprecated: will be removed in v5 of the API, use ListGroupProjects instead
+	WithProjects *bool `url:"with_projects,omitempty" json:"with_projects,omitempty"`
 }
 
 // GetGroup gets all details of a group.
 //
 // GitLab API docs: https://docs.gitlab.com/api/groups/#get-a-single-group
-func (s *GroupsService) GetGroup(gid interface{}, opt *GetGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
+func (s *GroupsService) GetGroup(gid any, opt *GetGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -411,7 +419,7 @@ func (s *GroupsService) GetGroup(gid interface{}, opt *GetGroupOptions, options
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#download-a-group-avatar
-func (s *GroupsService) DownloadAvatar(gid interface{}, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
+func (s *GroupsService) DownloadAvatar(gid any, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -478,9 +486,46 @@ type DefaultBranchProtectionDefaultsOptions struct {
 	DeveloperCanInitialPush *bool                `url:"developer_can_initial_push,omitempty" json:"developer_can_initial_push,omitempty"`
 }
 
+// EncodeValues implements the query.Encoder interface
+func (d *DefaultBranchProtectionDefaultsOptions) EncodeValues(key string, v *url.Values) error {
+	if d.AllowForcePush != nil {
+		v.Add(key+"[allow_force_push]", strconv.FormatBool(*d.AllowForcePush))
+	}
+	if d.DeveloperCanInitialPush != nil {
+		v.Add(key+"[developer_can_initial_push]", strconv.FormatBool(*d.DeveloperCanInitialPush))
+	}
+	// The GitLab API only accepts one value for `allowed_to_merge` even when multiples are
+	// provided on the request.  The API will take the highest permission level.  For instance,
+	// if 'developer' and 'maintainer' are provided, the API will take 'maintainer'.
+	if d.AllowedToMerge != nil {
+		for _, atm := range *d.AllowedToMerge {
+			if atm != nil {
+				v.Add(key+"[allowed_to_merge][][access_level]", strconv.Itoa((int)(*atm.AccessLevel)))
+			}
+		}
+	}
+	// The GitLab API only accepts one value for `allowed_to_push` even when multiples are
+	// provided on the request.  The API will take the highest permission level.  For instance,
+	// if 'developer' and 'maintainer' are provided, the API will take 'maintainer'.
+	if d.AllowedToPush != nil {
+		for _, atp := range *d.AllowedToPush {
+			if atp != nil {
+				v.Add(key+"[allowed_to_push][][access_level]", strconv.Itoa((int)(*atp.AccessLevel)))
+			}
+		}
+	}
+	return nil
+}
+
 // CreateGroup creates a new project group. Available only for users who can
 // create groups.
 //
+// When `default_branch_protection_defaults` are defined with an `avatar` value,
+// only one value for `allowed_to_push` and `allowed_to_merge` will be used as
+// the GitLab API only accepts one value for those attributes even when multiples
+// are provided on the request. The API will take the highest permission level.
+// For instance, if 'developer' and 'maintainer' are provided, the API will take 'maintainer'.
+//
 // GitLab API docs: https://docs.gitlab.com/api/groups/#create-a-group
 func (s *GroupsService) CreateGroup(opt *CreateGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
 	var err error
@@ -489,6 +534,11 @@ func (s *GroupsService) CreateGroup(opt *CreateGroupOptions, options ...RequestO
 	if opt.Avatar == nil {
 		req, err = s.client.NewRequest(http.MethodPost, "groups", opt, options)
 	} else {
+		// since the Avatar is provided, check allowed_to_push and
+		// allowed_to_merge access levels and error if multiples are provided
+		if opt.DefaultBranchProtectionDefaults != nil && (len(*opt.DefaultBranchProtectionDefaults.AllowedToMerge) > 1 || len(*opt.DefaultBranchProtectionDefaults.AllowedToPush) > 1) {
+			return nil, nil, fmt.Errorf("multiple access levels for allowed_to_merge or allowed_to_push are not permitted when an Avatar is also specified as it will result in unexpected behavior")
+		}
 		req, err = s.client.UploadRequest(
 			http.MethodPost,
 			"groups",
@@ -517,7 +567,7 @@ func (s *GroupsService) CreateGroup(opt *CreateGroupOptions, options ...RequestO
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#transfer-a-project-to-a-group
-func (s *GroupsService) TransferGroup(gid interface{}, pid interface{}, options ...RequestOptionFunc) (*Group, *Response, error) {
+func (s *GroupsService) TransferGroup(gid any, pid any, options ...RequestOptionFunc) (*Group, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -555,7 +605,7 @@ type TransferSubGroupOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#transfer-a-group
-func (s *GroupsService) TransferSubGroup(gid interface{}, opt *TransferSubGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
+func (s *GroupsService) TransferSubGroup(gid any, opt *TransferSubGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -618,8 +668,14 @@ type UpdateGroupOptions struct {
 // UpdateGroup updates an existing group; only available to group owners and
 // administrators.
 //
+// When `default_branch_protection_defaults` are defined with an `avatar` value,
+// only one value for `allowed_to_push` and `allowed_to_merge` will be used as
+// the GitLab API only accepts one value for those attributes even when multiples
+// are provided on the request. The API will take the highest permission level.
+// For instance, if 'developer' and 'maintainer' are provided, the API will take 'maintainer'.
+//
 // GitLab API docs: https://docs.gitlab.com/api/groups/#update-group-attributes
-func (s *GroupsService) UpdateGroup(gid interface{}, opt *UpdateGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
+func (s *GroupsService) UpdateGroup(gid any, opt *UpdateGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -631,6 +687,11 @@ func (s *GroupsService) UpdateGroup(gid interface{}, opt *UpdateGroupOptions, op
 	if opt.Avatar == nil || (opt.Avatar.Filename == "" && opt.Avatar.Image == nil) {
 		req, err = s.client.NewRequest(http.MethodPut, u, opt, options)
 	} else {
+		// since the Avatar is provided, check allowed_to_push and
+		// allowed_to_merge access levels and error if multiples are provided
+		if opt.DefaultBranchProtectionDefaults != nil && (len(*opt.DefaultBranchProtectionDefaults.AllowedToMerge) > 1 || len(*opt.DefaultBranchProtectionDefaults.AllowedToPush) > 1) {
+			return nil, nil, fmt.Errorf("multiple access levels for allowed_to_merge or allowed_to_push are not permitted when an Avatar is also specified as it will result in unexpected behavior")
+		}
 		req, err = s.client.UploadRequest(
 			http.MethodPut,
 			u,
@@ -658,7 +719,7 @@ func (s *GroupsService) UpdateGroup(gid interface{}, opt *UpdateGroupOptions, op
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#upload-a-group-avatar
-func (s *GroupsService) UploadAvatar(gid interface{}, avatar io.Reader, filename string, options ...RequestOptionFunc) (*Group, *Response, error) {
+func (s *GroupsService) UploadAvatar(gid any, avatar io.Reader, filename string, options ...RequestOptionFunc) (*Group, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -698,7 +759,7 @@ type DeleteGroupOptions struct {
 // DeleteGroup removes group with all projects inside.
 //
 // GitLab API docs: https://docs.gitlab.com/api/groups/#delete-a-group
-func (s *GroupsService) DeleteGroup(gid interface{}, opt *DeleteGroupOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) DeleteGroup(gid any, opt *DeleteGroupOptions, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -717,7 +778,7 @@ func (s *GroupsService) DeleteGroup(gid interface{}, opt *DeleteGroupOptions, op
 //
 // GitLap API docs:
 // https://docs.gitlab.com/api/groups/#restore-a-group-marked-for-deletion
-func (s *GroupsService) RestoreGroup(gid interface{}, options ...RequestOptionFunc) (*Group, *Response, error) {
+func (s *GroupsService) RestoreGroup(gid any, options ...RequestOptionFunc) (*Group, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -780,7 +841,7 @@ type ListProvisionedUsersOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#list-provisioned-users
-func (s *GroupsService) ListProvisionedUsers(gid interface{}, opt *ListProvisionedUsersOptions, options ...RequestOptionFunc) ([]*User, *Response, error) {
+func (s *GroupsService) ListProvisionedUsers(gid any, opt *ListProvisionedUsersOptions, options ...RequestOptionFunc) ([]*User, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -806,7 +867,7 @@ func (s *GroupsService) ListProvisionedUsers(gid interface{}, opt *ListProvision
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_ldap_links/#list-ldap-group-links
-func (s *GroupsService) ListGroupLDAPLinks(gid interface{}, options ...RequestOptionFunc) ([]*LDAPGroupLink, *Response, error) {
+func (s *GroupsService) ListGroupLDAPLinks(gid any, options ...RequestOptionFunc) ([]*LDAPGroupLink, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -844,7 +905,7 @@ type AddGroupLDAPLinkOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_ldap_links/#add-an-ldap-group-link-with-cn-or-filter
-func (s *GroupsService) AddGroupLDAPLink(gid interface{}, opt *AddGroupLDAPLinkOptions, options ...RequestOptionFunc) (*LDAPGroupLink, *Response, error) {
+func (s *GroupsService) AddGroupLDAPLink(gid any, opt *AddGroupLDAPLinkOptions, options ...RequestOptionFunc) (*LDAPGroupLink, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -871,7 +932,7 @@ func (s *GroupsService) AddGroupLDAPLink(gid interface{}, opt *AddGroupLDAPLinkO
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_ldap_links/#delete-an-ldap-group-link-deprecated
-func (s *GroupsService) DeleteGroupLDAPLink(gid interface{}, cn string, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) DeleteGroupLDAPLink(gid any, cn string, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -901,7 +962,7 @@ type DeleteGroupLDAPLinkWithCNOrFilterOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_ldap_links/#delete-an-ldap-group-link-with-cn-or-filter
-func (s *GroupsService) DeleteGroupLDAPLinkWithCNOrFilter(gid interface{}, opts *DeleteGroupLDAPLinkWithCNOrFilterOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) DeleteGroupLDAPLinkWithCNOrFilter(gid any, opts *DeleteGroupLDAPLinkWithCNOrFilterOptions, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -921,7 +982,7 @@ func (s *GroupsService) DeleteGroupLDAPLinkWithCNOrFilter(gid interface{}, opts
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_ldap_links/#delete-an-ldap-group-link-deprecated
-func (s *GroupsService) DeleteGroupLDAPLinkForProvider(gid interface{}, provider, cn string, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) DeleteGroupLDAPLinkForProvider(gid any, provider, cn string, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -946,7 +1007,7 @@ func (s *GroupsService) DeleteGroupLDAPLinkForProvider(gid interface{}, provider
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/saml/#list-saml-group-links
-func (s *GroupsService) ListGroupSAMLLinks(gid interface{}, options ...RequestOptionFunc) ([]*SAMLGroupLink, *Response, error) {
+func (s *GroupsService) ListGroupSAMLLinks(gid any, options ...RequestOptionFunc) ([]*SAMLGroupLink, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -990,7 +1051,7 @@ type ListGroupSharedProjectsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#list-shared-projects
-func (s *GroupsService) ListGroupSharedProjects(gid interface{}, opt *ListGroupSharedProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
+func (s *GroupsService) ListGroupSharedProjects(gid any, opt *ListGroupSharedProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -1016,7 +1077,7 @@ func (s *GroupsService) ListGroupSharedProjects(gid interface{}, opt *ListGroupS
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/saml/#get-a-saml-group-link
-func (s *GroupsService) GetGroupSAMLLink(gid interface{}, samlGroupName string, options ...RequestOptionFunc) (*SAMLGroupLink, *Response, error) {
+func (s *GroupsService) GetGroupSAMLLink(gid any, samlGroupName string, options ...RequestOptionFunc) (*SAMLGroupLink, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -1052,7 +1113,7 @@ type AddGroupSAMLLinkOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/saml/#add-a-saml-group-link
-func (s *GroupsService) AddGroupSAMLLink(gid interface{}, opt *AddGroupSAMLLinkOptions, options ...RequestOptionFunc) (*SAMLGroupLink, *Response, error) {
+func (s *GroupsService) AddGroupSAMLLink(gid any, opt *AddGroupSAMLLinkOptions, options ...RequestOptionFunc) (*SAMLGroupLink, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -1078,7 +1139,7 @@ func (s *GroupsService) AddGroupSAMLLink(gid interface{}, opt *AddGroupSAMLLinkO
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/saml/#delete-a-saml-group-link
-func (s *GroupsService) DeleteGroupSAMLLink(gid interface{}, samlGroupName string, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) DeleteGroupSAMLLink(gid any, samlGroupName string, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -1108,7 +1169,7 @@ type ShareGroupWithGroupOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#create-a-link-to-share-a-group-with-another-group
-func (s *GroupsService) ShareGroupWithGroup(gid interface{}, opt *ShareGroupWithGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
+func (s *GroupsService) ShareGroupWithGroup(gid any, opt *ShareGroupWithGroupOptions, options ...RequestOptionFunc) (*Group, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -1133,7 +1194,7 @@ func (s *GroupsService) ShareGroupWithGroup(gid interface{}, opt *ShareGroupWith
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/groups/#delete-the-link-that-shares-a-group-with-another-group
-func (s *GroupsService) UnshareGroupFromGroup(gid interface{}, groupID int, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) UnshareGroupFromGroup(gid any, groupID int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -1174,7 +1235,7 @@ type GroupPushRules struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_push_rules/#get-the-push-rules-of-a-group
-func (s *GroupsService) GetGroupPushRules(gid interface{}, options ...RequestOptionFunc) (*GroupPushRules, *Response, error) {
+func (s *GroupsService) GetGroupPushRules(gid any, options ...RequestOptionFunc) (*GroupPushRules, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -1220,7 +1281,7 @@ type AddGroupPushRuleOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_push_rules/#add-push-rules-to-a-group
-func (s *GroupsService) AddGroupPushRule(gid interface{}, opt *AddGroupPushRuleOptions, options ...RequestOptionFunc) (*GroupPushRules, *Response, error) {
+func (s *GroupsService) AddGroupPushRule(gid any, opt *AddGroupPushRuleOptions, options ...RequestOptionFunc) (*GroupPushRules, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -1266,7 +1327,7 @@ type EditGroupPushRuleOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_push_rules/#edit-the-push-rules-of-a-group
-func (s *GroupsService) EditGroupPushRule(gid interface{}, opt *EditGroupPushRuleOptions, options ...RequestOptionFunc) (*GroupPushRules, *Response, error) {
+func (s *GroupsService) EditGroupPushRule(gid any, opt *EditGroupPushRuleOptions, options ...RequestOptionFunc) (*GroupPushRules, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -1291,7 +1352,7 @@ func (s *GroupsService) EditGroupPushRule(gid interface{}, opt *EditGroupPushRul
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/group_push_rules/#delete-the-push-rules-of-a-group
-func (s *GroupsService) DeleteGroupPushRule(gid interface{}, options ...RequestOptionFunc) (*Response, error) {
+func (s *GroupsService) DeleteGroupPushRule(gid any, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/instance_clusters.go b/vendor/gitlab.com/gitlab-org/api/client-go/instance_clusters.go
index e908688195..fd4bce6be0 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/instance_clusters.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/instance_clusters.go
@@ -23,16 +23,23 @@ import (
 )
 
 type (
+	// Deprecated: in GitLab 14.5, to be removed in 19.0
 	InstanceClustersServiceInterface interface {
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
 		ListClusters(options ...RequestOptionFunc) ([]*InstanceCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
 		GetCluster(cluster int, options ...RequestOptionFunc) (*InstanceCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
 		AddCluster(opt *AddClusterOptions, options ...RequestOptionFunc) (*InstanceCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
 		EditCluster(cluster int, opt *EditClusterOptions, options ...RequestOptionFunc) (*InstanceCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
 		DeleteCluster(cluster int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// InstanceClustersService handles communication with the
 	// instance clusters related methods of the GitLab API.
+	// Deprecated: in GitLab 14.5, to be removed in 19.0
 	//
 	// GitLab API docs:
 	// https://docs.gitlab.com/api/instance_clusters/
@@ -41,9 +48,11 @@ type (
 	}
 )
 
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 var _ InstanceClustersServiceInterface = (*InstanceClustersService)(nil)
 
 // InstanceCluster represents a GitLab Instance Cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs: https://docs.gitlab.com/api/instance_clusters/
 type InstanceCluster struct {
@@ -61,11 +70,13 @@ type InstanceCluster struct {
 	ManagementProject  *ManagementProject  `json:"management_project"`
 }
 
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 func (v InstanceCluster) String() string {
 	return Stringify(v)
 }
 
 // ListClusters gets a list of all instance clusters.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/instance_clusters/#list-instance-clusters
@@ -87,6 +98,7 @@ func (s *InstanceClustersService) ListClusters(options ...RequestOptionFunc) ([]
 }
 
 // GetCluster gets an instance cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/instance_clusters/#get-a-single-instance-cluster
@@ -108,6 +120,7 @@ func (s *InstanceClustersService) GetCluster(cluster int, options ...RequestOpti
 }
 
 // AddCluster adds an existing cluster to the instance.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/instance_clusters/#add-existing-instance-cluster
@@ -129,6 +142,7 @@ func (s *InstanceClustersService) AddCluster(opt *AddClusterOptions, options ...
 }
 
 // EditCluster updates an existing instance cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/instance_clusters/#edit-instance-cluster
@@ -150,6 +164,7 @@ func (s *InstanceClustersService) EditCluster(cluster int, opt *EditClusterOptio
 }
 
 // DeleteCluster deletes an existing instance cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/instance_clusters/#delete-instance-cluster
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/invites.go b/vendor/gitlab.com/gitlab-org/api/client-go/invites.go
index f520c9e747..71b64e0781 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/invites.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/invites.go
@@ -24,10 +24,10 @@ import (
 
 type (
 	InvitesServiceInterface interface {
-		ListPendingGroupInvitations(gid interface{}, opt *ListPendingInvitationsOptions, options ...RequestOptionFunc) ([]*PendingInvite, *Response, error)
-		ListPendingProjectInvitations(pid interface{}, opt *ListPendingInvitationsOptions, options ...RequestOptionFunc) ([]*PendingInvite, *Response, error)
-		GroupInvites(gid interface{}, opt *InvitesOptions, options ...RequestOptionFunc) (*InvitesResult, *Response, error)
-		ProjectInvites(pid interface{}, opt *InvitesOptions, options ...RequestOptionFunc) (*InvitesResult, *Response, error)
+		ListPendingGroupInvitations(gid any, opt *ListPendingInvitationsOptions, options ...RequestOptionFunc) ([]*PendingInvite, *Response, error)
+		ListPendingProjectInvitations(pid any, opt *ListPendingInvitationsOptions, options ...RequestOptionFunc) ([]*PendingInvite, *Response, error)
+		GroupInvites(gid any, opt *InvitesOptions, options ...RequestOptionFunc) (*InvitesResult, *Response, error)
+		ProjectInvites(pid any, opt *InvitesOptions, options ...RequestOptionFunc) (*InvitesResult, *Response, error)
 	}
 
 	// InvitesService handles communication with the invitation related
@@ -68,7 +68,7 @@ type ListPendingInvitationsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/invitations/#list-all-invitations-pending-for-a-group-or-project
-func (s *InvitesService) ListPendingGroupInvitations(gid interface{}, opt *ListPendingInvitationsOptions, options ...RequestOptionFunc) ([]*PendingInvite, *Response, error) {
+func (s *InvitesService) ListPendingGroupInvitations(gid any, opt *ListPendingInvitationsOptions, options ...RequestOptionFunc) ([]*PendingInvite, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -93,7 +93,7 @@ func (s *InvitesService) ListPendingGroupInvitations(gid interface{}, opt *ListP
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/invitations/#list-all-invitations-pending-for-a-group-or-project
-func (s *InvitesService) ListPendingProjectInvitations(pid interface{}, opt *ListPendingInvitationsOptions, options ...RequestOptionFunc) ([]*PendingInvite, *Response, error) {
+func (s *InvitesService) ListPendingProjectInvitations(pid any, opt *ListPendingInvitationsOptions, options ...RequestOptionFunc) ([]*PendingInvite, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -120,9 +120,9 @@ func (s *InvitesService) ListPendingProjectInvitations(pid interface{}, opt *Lis
 // GitLab API docs:
 // https://docs.gitlab.com/api/invitations/#add-a-member-to-a-group-or-project
 type InvitesOptions struct {
-	ID          interface{}       `url:"id,omitempty" json:"id,omitempty"`
+	ID          any               `url:"id,omitempty" json:"id,omitempty"`
 	Email       *string           `url:"email,omitempty" json:"email,omitempty"`
-	UserID      interface{}       `url:"user_id,omitempty" json:"user_id,omitempty"`
+	UserID      any               `url:"user_id,omitempty" json:"user_id,omitempty"`
 	AccessLevel *AccessLevelValue `url:"access_level,omitempty" json:"access_level,omitempty"`
 	ExpiresAt   *ISOTime          `url:"expires_at,omitempty" json:"expires_at,omitempty"`
 }
@@ -140,7 +140,7 @@ type InvitesResult struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/invitations/#add-a-member-to-a-group-or-project
-func (s *InvitesService) GroupInvites(gid interface{}, opt *InvitesOptions, options ...RequestOptionFunc) (*InvitesResult, *Response, error) {
+func (s *InvitesService) GroupInvites(gid any, opt *InvitesOptions, options ...RequestOptionFunc) (*InvitesResult, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -165,7 +165,7 @@ func (s *InvitesService) GroupInvites(gid interface{}, opt *InvitesOptions, opti
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/invitations/#add-a-member-to-a-group-or-project
-func (s *InvitesService) ProjectInvites(pid interface{}, opt *InvitesOptions, options ...RequestOptionFunc) (*InvitesResult, *Response, error) {
+func (s *InvitesService) ProjectInvites(pid any, opt *InvitesOptions, options ...RequestOptionFunc) (*InvitesResult, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/issue_links.go b/vendor/gitlab.com/gitlab-org/api/client-go/issue_links.go
index 79060282c1..78b3877ba8 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/issue_links.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/issue_links.go
@@ -24,10 +24,10 @@ import (
 
 type (
 	IssueLinksServiceInterface interface {
-		ListIssueRelations(pid interface{}, issue int, options ...RequestOptionFunc) ([]*IssueRelation, *Response, error)
-		GetIssueLink(pid interface{}, issue, issueLink int, options ...RequestOptionFunc) (*IssueLink, *Response, error)
-		CreateIssueLink(pid interface{}, issue int, opt *CreateIssueLinkOptions, options ...RequestOptionFunc) (*IssueLink, *Response, error)
-		DeleteIssueLink(pid interface{}, issue, issueLink int, options ...RequestOptionFunc) (*IssueLink, *Response, error)
+		ListIssueRelations(pid any, issue int, options ...RequestOptionFunc) ([]*IssueRelation, *Response, error)
+		GetIssueLink(pid any, issue, issueLink int, options ...RequestOptionFunc) (*IssueLink, *Response, error)
+		CreateIssueLink(pid any, issue int, opt *CreateIssueLinkOptions, options ...RequestOptionFunc) (*IssueLink, *Response, error)
+		DeleteIssueLink(pid any, issue, issueLink int, options ...RequestOptionFunc) (*IssueLink, *Response, error)
 	}
 
 	// IssueLinksService handles communication with the issue relations related methods
@@ -87,7 +87,7 @@ type IssueRelation struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/issue_links/#list-issue-relations
-func (s *IssueLinksService) ListIssueRelations(pid interface{}, issue int, options ...RequestOptionFunc) ([]*IssueRelation, *Response, error) {
+func (s *IssueLinksService) ListIssueRelations(pid any, issue int, options ...RequestOptionFunc) ([]*IssueRelation, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -112,7 +112,7 @@ func (s *IssueLinksService) ListIssueRelations(pid interface{}, issue int, optio
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/issue_links/#get-an-issue-link
-func (s *IssueLinksService) GetIssueLink(pid interface{}, issue, issueLink int, options ...RequestOptionFunc) (*IssueLink, *Response, error) {
+func (s *IssueLinksService) GetIssueLink(pid any, issue, issueLink int, options ...RequestOptionFunc) (*IssueLink, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -147,7 +147,7 @@ type CreateIssueLinkOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/issue_links/#create-an-issue-link
-func (s *IssueLinksService) CreateIssueLink(pid interface{}, issue int, opt *CreateIssueLinkOptions, options ...RequestOptionFunc) (*IssueLink, *Response, error) {
+func (s *IssueLinksService) CreateIssueLink(pid any, issue int, opt *CreateIssueLinkOptions, options ...RequestOptionFunc) (*IssueLink, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -172,7 +172,7 @@ func (s *IssueLinksService) CreateIssueLink(pid interface{}, issue int, opt *Cre
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/issue_links/#delete-an-issue-link
-func (s *IssueLinksService) DeleteIssueLink(pid interface{}, issue, issueLink int, options ...RequestOptionFunc) (*IssueLink, *Response, error) {
+func (s *IssueLinksService) DeleteIssueLink(pid any, issue, issueLink int, options ...RequestOptionFunc) (*IssueLink, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/issues.go b/vendor/gitlab.com/gitlab-org/api/client-go/issues.go
index e20d3ddb45..102047053d 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/issues.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/issues.go
@@ -21,38 +21,39 @@ import (
 	"fmt"
 	"net/http"
 	"reflect"
+	"strings"
 	"time"
 )
 
 type (
 	IssuesServiceInterface interface {
 		ListIssues(opt *ListIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
-		ListGroupIssues(pid interface{}, opt *ListGroupIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
-		ListProjectIssues(pid interface{}, opt *ListProjectIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
+		ListGroupIssues(pid any, opt *ListGroupIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
+		ListProjectIssues(pid any, opt *ListProjectIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
 		GetIssueByID(issue int, options ...RequestOptionFunc) (*Issue, *Response, error)
-		GetIssue(pid interface{}, issue int, options ...RequestOptionFunc) (*Issue, *Response, error)
-		CreateIssue(pid interface{}, opt *CreateIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error)
-		UpdateIssue(pid interface{}, issue int, opt *UpdateIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error)
-		DeleteIssue(pid interface{}, issue int, options ...RequestOptionFunc) (*Response, error)
-		ReorderIssue(pid interface{}, issue int, opt *ReorderIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error)
-		MoveIssue(pid interface{}, issue int, opt *MoveIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error)
-		SubscribeToIssue(pid interface{}, issue int, options ...RequestOptionFunc) (*Issue, *Response, error)
-		UnsubscribeFromIssue(pid interface{}, issue int, options ...RequestOptionFunc) (*Issue, *Response, error)
-		CreateTodo(pid interface{}, issue int, options ...RequestOptionFunc) (*Todo, *Response, error)
-		ListMergeRequestsClosingIssue(pid interface{}, issue int, opt *ListMergeRequestsClosingIssueOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
-		ListMergeRequestsRelatedToIssue(pid interface{}, issue int, opt *ListMergeRequestsRelatedToIssueOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
-		SetTimeEstimate(pid interface{}, issue int, opt *SetTimeEstimateOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error)
-		ResetTimeEstimate(pid interface{}, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
-		AddSpentTime(pid interface{}, issue int, opt *AddSpentTimeOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error)
-		ResetSpentTime(pid interface{}, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
-		GetTimeSpent(pid interface{}, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
-		GetParticipants(pid interface{}, issue int, options ...RequestOptionFunc) ([]*BasicUser, *Response, error)
+		GetIssue(pid any, issue int, options ...RequestOptionFunc) (*Issue, *Response, error)
+		CreateIssue(pid any, opt *CreateIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error)
+		UpdateIssue(pid any, issue int, opt *UpdateIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error)
+		DeleteIssue(pid any, issue int, options ...RequestOptionFunc) (*Response, error)
+		ReorderIssue(pid any, issue int, opt *ReorderIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error)
+		MoveIssue(pid any, issue int, opt *MoveIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error)
+		SubscribeToIssue(pid any, issue int, options ...RequestOptionFunc) (*Issue, *Response, error)
+		UnsubscribeFromIssue(pid any, issue int, options ...RequestOptionFunc) (*Issue, *Response, error)
+		CreateTodo(pid any, issue int, options ...RequestOptionFunc) (*Todo, *Response, error)
+		ListMergeRequestsClosingIssue(pid any, issue int, opt *ListMergeRequestsClosingIssueOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
+		ListMergeRequestsRelatedToIssue(pid any, issue int, opt *ListMergeRequestsRelatedToIssueOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
+		SetTimeEstimate(pid any, issue int, opt *SetTimeEstimateOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error)
+		ResetTimeEstimate(pid any, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
+		AddSpentTime(pid any, issue int, opt *AddSpentTimeOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error)
+		ResetSpentTime(pid any, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
+		GetTimeSpent(pid any, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
+		GetParticipants(pid any, issue int, options ...RequestOptionFunc) ([]*BasicUser, *Response, error)
 	}
 
 	// IssuesService handles communication with the issue related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html
+	// GitLab API docs: https://docs.gitlab.com/api/issues/
 	IssuesService struct {
 		client    *Client
 		timeStats *timeStatsService
@@ -108,7 +109,7 @@ type IssueLinks struct {
 
 // Issue represents a GitLab issue.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html
+// GitLab API docs: https://docs.gitlab.com/api/issues/
 type Issue struct {
 	ID                   int                    `json:"id"`
 	IID                  int                    `json:"iid"`
@@ -120,7 +121,6 @@ type Issue struct {
 	Milestone            *Milestone             `json:"milestone"`
 	ProjectID            int                    `json:"project_id"`
 	Assignees            []*IssueAssignee       `json:"assignees"`
-	Assignee             *IssueAssignee         `json:"assignee"`
 	UpdatedAt            *time.Time             `json:"updated_at"`
 	ClosedAt             *time.Time             `json:"closed_at"`
 	ClosedBy             *IssueCloser           `json:"closed_by"`
@@ -149,6 +149,9 @@ type Issue struct {
 	Iteration            *GroupIteration        `json:"iteration"`
 	TaskCompletionStatus *TasksCompletionStatus `json:"task_completion_status"`
 	ServiceDeskReplyTo   string                 `json:"service_desk_reply_to"`
+
+	// Deprecated: use Assignees instead
+	Assignee *IssueAssignee `json:"assignee"`
 }
 
 func (i Issue) String() string {
@@ -159,7 +162,7 @@ func (i Issue) String() string {
 func (i *Issue) UnmarshalJSON(data []byte) error {
 	type alias Issue
 
-	raw := make(map[string]interface{})
+	raw := make(map[string]any)
 	err := json.Unmarshal(data, &raw)
 	if err != nil {
 		return err
@@ -170,13 +173,13 @@ func (i *Issue) UnmarshalJSON(data []byte) error {
 		delete(raw, "id")
 	}
 
-	labelDetails, ok := raw["labels"].([]interface{})
+	labelDetails, ok := raw["labels"].([]any)
 	if ok && len(labelDetails) > 0 {
 		// We only want to change anything if we got label details.
-		if _, ok := labelDetails[0].(map[string]interface{}); ok {
-			labels := make([]interface{}, len(labelDetails))
+		if _, ok := labelDetails[0].(map[string]any); ok {
+			labels := make([]any, len(labelDetails))
 			for i, details := range labelDetails {
-				labels[i] = details.(map[string]interface{})["name"]
+				labels[i] = details.(map[string]any)["name"]
 			}
 
 			// Set the correct values
@@ -205,7 +208,7 @@ type LabelDetails struct {
 
 // ListIssuesOptions represents the available ListIssues() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#list-issues
+// GitLab API docs: https://docs.gitlab.com/api/issues/#list-issues
 type ListIssuesOptions struct {
 	ListOptions
 	State               *string          `url:"state,omitempty" json:"state,omitempty"`
@@ -245,7 +248,7 @@ type ListIssuesOptions struct {
 // ListIssues gets all issues created by authenticated user. This function
 // takes pagination parameters page and per_page to restrict the list of issues.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#list-issues
+// GitLab API docs: https://docs.gitlab.com/api/issues/#list-issues
 func (s *IssuesService) ListIssues(opt *ListIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "issues", opt, options)
 	if err != nil {
@@ -263,7 +266,7 @@ func (s *IssuesService) ListIssues(opt *ListIssuesOptions, options ...RequestOpt
 
 // ListGroupIssuesOptions represents the available ListGroupIssues() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#list-group-issues
+// GitLab API docs: https://docs.gitlab.com/api/issues/#list-group-issues
 type ListGroupIssuesOptions struct {
 	ListOptions
 	State             *string       `url:"state,omitempty" json:"state,omitempty"`
@@ -279,32 +282,36 @@ type ListGroupIssuesOptions struct {
 	AuthorUsername    *string       `url:"author_username,omitempty" json:"author_username,omitempty"`
 	NotAuthorUsername *string       `url:"not[author_username],omitempty" json:"not[author_username],omitempty"`
 
-	AssigneeID          *int       `url:"assignee_id,omitempty" json:"assignee_id,omitempty"`
-	NotAssigneeID       *int       `url:"not[assignee_id],omitempty" json:"not[assignee_id],omitempty"`
-	AssigneeUsername    *string    `url:"assignee_username,omitempty" json:"assignee_username,omitempty"`
-	NotAssigneeUsername *string    `url:"not[assignee_username],omitempty" json:"not[assignee_username],omitempty"`
-	MyReactionEmoji     *string    `url:"my_reaction_emoji,omitempty" json:"my_reaction_emoji,omitempty"`
-	NotMyReactionEmoji  *string    `url:"not[my_reaction_emoji],omitempty" json:"not[my_reaction_emoji],omitempty"`
-	OrderBy             *string    `url:"order_by,omitempty" json:"order_by,omitempty"`
-	Sort                *string    `url:"sort,omitempty" json:"sort,omitempty"`
-	Search              *string    `url:"search,omitempty" json:"search,omitempty"`
-	NotSearch           *string    `url:"not[search],omitempty" json:"not[search],omitempty"`
-	In                  *string    `url:"in,omitempty" json:"in,omitempty"`
-	NotIn               *string    `url:"not[in],omitempty" json:"not[in],omitempty"`
-	CreatedAfter        *time.Time `url:"created_after,omitempty" json:"created_after,omitempty"`
-	CreatedBefore       *time.Time `url:"created_before,omitempty" json:"created_before,omitempty"`
-	DueDate             *string    `url:"due_date,omitempty" json:"due_date,omitempty"`
-	UpdatedAfter        *time.Time `url:"updated_after,omitempty" json:"updated_after,omitempty"`
-	UpdatedBefore       *time.Time `url:"updated_before,omitempty" json:"updated_before,omitempty"`
-	IssueType           *string    `url:"issue_type,omitempty" json:"issue_type,omitempty"`
-	IterationID         *int       `url:"iteration_id,omitempty" json:"iteration_id,omitempty"`
+	// AssigneeID is defined as an int the the documentation, however, the field
+	// must be able to accept Assignee IDs and the words 'None' and 'Any'.  Use
+	// *AssigneIDValue instead of *int.
+	AssigneeID          *AssigneeIDValue `url:"assignee_id,omitempty" json:"assignee_id,omitempty"`
+	NotAssigneeID       *int             `url:"not[assignee_id],omitempty" json:"not[assignee_id],omitempty"`
+	AssigneeUsername    *string          `url:"assignee_username,omitempty" json:"assignee_username,omitempty"`
+	NotAssigneeUsername *string          `url:"not[assignee_username],omitempty" json:"not[assignee_username],omitempty"`
+	MyReactionEmoji     *string          `url:"my_reaction_emoji,omitempty" json:"my_reaction_emoji,omitempty"`
+	NotMyReactionEmoji  *string          `url:"not[my_reaction_emoji],omitempty" json:"not[my_reaction_emoji],omitempty"`
+	OrderBy             *string          `url:"order_by,omitempty" json:"order_by,omitempty"`
+	Sort                *string          `url:"sort,omitempty" json:"sort,omitempty"`
+	Search              *string          `url:"search,omitempty" json:"search,omitempty"`
+	NotSearch           *string          `url:"not[search],omitempty" json:"not[search],omitempty"`
+	In                  *string          `url:"in,omitempty" json:"in,omitempty"`
+	NotIn               *string          `url:"not[in],omitempty" json:"not[in],omitempty"`
+	CreatedAfter        *time.Time       `url:"created_after,omitempty" json:"created_after,omitempty"`
+	CreatedBefore       *time.Time       `url:"created_before,omitempty" json:"created_before,omitempty"`
+	DueDate             *string          `url:"due_date,omitempty" json:"due_date,omitempty"`
+	UpdatedAfter        *time.Time       `url:"updated_after,omitempty" json:"updated_after,omitempty"`
+	UpdatedBefore       *time.Time       `url:"updated_before,omitempty" json:"updated_before,omitempty"`
+	Confidential        *bool            `url:"confidential,omitempty" json:"confidential,omitempty"`
+	IssueType           *string          `url:"issue_type,omitempty" json:"issue_type,omitempty"`
+	IterationID         *int             `url:"iteration_id,omitempty" json:"iteration_id,omitempty"`
 }
 
 // ListGroupIssues gets a list of group issues. This function accepts
 // pagination parameters page and per_page to return the list of group issues.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#list-group-issues
-func (s *IssuesService) ListGroupIssues(pid interface{}, opt *ListGroupIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/issues/#list-group-issues
+func (s *IssuesService) ListGroupIssues(pid any, opt *ListGroupIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	group, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -327,7 +334,7 @@ func (s *IssuesService) ListGroupIssues(pid interface{}, opt *ListGroupIssuesOpt
 
 // ListProjectIssuesOptions represents the available ListProjectIssues() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#list-project-issues
+// GitLab API docs: https://docs.gitlab.com/api/issues/#list-project-issues
 type ListProjectIssuesOptions struct {
 	ListOptions
 	IIDs                *[]int        `url:"iids[],omitempty" json:"iids,omitempty"`
@@ -366,8 +373,8 @@ type ListProjectIssuesOptions struct {
 // ListProjectIssues gets a list of project issues. This function accepts
 // pagination parameters page and per_page to return the list of project issues.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#list-project-issues
-func (s *IssuesService) ListProjectIssues(pid interface{}, opt *ListProjectIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/issues/#list-project-issues
+func (s *IssuesService) ListProjectIssues(pid any, opt *ListProjectIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -390,7 +397,7 @@ func (s *IssuesService) ListProjectIssues(pid interface{}, opt *ListProjectIssue
 
 // GetIssueByID gets a single issue.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#single-issue
+// GitLab API docs: https://docs.gitlab.com/api/issues/#single-issue
 func (s *IssuesService) GetIssueByID(issue int, options ...RequestOptionFunc) (*Issue, *Response, error) {
 	u := fmt.Sprintf("issues/%d", issue)
 
@@ -410,8 +417,8 @@ func (s *IssuesService) GetIssueByID(issue int, options ...RequestOptionFunc) (*
 
 // GetIssue gets a single project issue.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#single-project-issue
-func (s *IssuesService) GetIssue(pid interface{}, issue int, options ...RequestOptionFunc) (*Issue, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/issues/#single-project-issue
+func (s *IssuesService) GetIssue(pid any, issue int, options ...RequestOptionFunc) (*Issue, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -434,7 +441,7 @@ func (s *IssuesService) GetIssue(pid interface{}, issue int, options ...RequestO
 
 // CreateIssueOptions represents the available CreateIssue() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#new-issue
+// GitLab API docs: https://docs.gitlab.com/api/issues/#new-issue
 type CreateIssueOptions struct {
 	IID                                *int          `url:"iid,omitempty" json:"iid,omitempty"`
 	Title                              *string       `url:"title,omitempty" json:"title,omitempty"`
@@ -454,8 +461,8 @@ type CreateIssueOptions struct {
 
 // CreateIssue creates a new project issue.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#new-issue
-func (s *IssuesService) CreateIssue(pid interface{}, opt *CreateIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/issues/#new-issue
+func (s *IssuesService) CreateIssue(pid any, opt *CreateIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -478,7 +485,10 @@ func (s *IssuesService) CreateIssue(pid interface{}, opt *CreateIssueOptions, op
 
 // UpdateIssueOptions represents the available UpdateIssue() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#edit-issue
+// To reset the due date, epic, milestone, or weight of the issue, set the
+// ResetDueDate, ResetEpic, ResetMilestone, or ResetWeight field to true.
+//
+// GitLab API docs: https://docs.gitlab.com/api/issues/#edit-an-issue
 type UpdateIssueOptions struct {
 	Title            *string       `url:"title,omitempty" json:"title,omitempty"`
 	Description      *string       `url:"description,omitempty" json:"description,omitempty"`
@@ -495,13 +505,70 @@ type UpdateIssueOptions struct {
 	Weight           *int          `url:"weight,omitempty" json:"weight,omitempty"`
 	DiscussionLocked *bool         `url:"discussion_locked,omitempty" json:"discussion_locked,omitempty"`
 	IssueType        *string       `url:"issue_type,omitempty" json:"issue_type,omitempty"`
+
+	ResetDueDate     bool `url:"-" json:"-"`
+	ResetEpicID      bool `url:"-" json:"-"`
+	ResetMilestoneID bool `url:"-" json:"-"`
+	ResetWeight      bool `url:"-" json:"-"`
+}
+
+// MarshalJSON implements custom JSON marshaling for UpdateIssueOptions.
+// This is needed to support emitting a literal `null` when the field needs to be removed.
+func (o UpdateIssueOptions) MarshalJSON() ([]byte, error) {
+	data := map[string]any{}
+
+	// Use reflection to copy all fields from o to data
+	val := reflect.ValueOf(o)
+	typ := val.Type()
+
+	for i := range val.NumField() {
+		field := val.Field(i)
+		fieldName := typ.Field(i).Name
+
+		if field.IsZero() {
+			continue
+		}
+
+		name := fieldName
+
+		if tag := typ.Field(i).Tag.Get("json"); tag != "" {
+			tagFields := strings.Split(tag, ",")
+			name = tagFields[0]
+		}
+
+		// Skip unexported fields.
+		if name == "-" {
+			continue
+		}
+
+		data[name] = field.Interface()
+	}
+
+	// Emit a literal `null` when the field needs to be removed
+	if o.ResetDueDate {
+		data["due_date"] = nil
+	}
+
+	if o.ResetEpicID {
+		data["epic_id"] = nil
+	}
+
+	if o.ResetMilestoneID {
+		data["milestone_id"] = nil
+	}
+
+	if o.ResetWeight {
+		data["weight"] = nil
+	}
+
+	return json.Marshal(data)
 }
 
 // UpdateIssue updates an existing project issue. This function is also used
 // to mark an issue as closed.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#edit-issues
-func (s *IssuesService) UpdateIssue(pid interface{}, issue int, opt *UpdateIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/issues/#edit-an-issue
+func (s *IssuesService) UpdateIssue(pid any, issue int, opt *UpdateIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -524,8 +591,8 @@ func (s *IssuesService) UpdateIssue(pid interface{}, issue int, opt *UpdateIssue
 
 // DeleteIssue deletes a single project issue.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#delete-an-issue
-func (s *IssuesService) DeleteIssue(pid interface{}, issue int, options ...RequestOptionFunc) (*Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/issues/#delete-an-issue
+func (s *IssuesService) DeleteIssue(pid any, issue int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -542,7 +609,7 @@ func (s *IssuesService) DeleteIssue(pid interface{}, issue int, options ...Reque
 
 // ReorderIssueOptions represents the available ReorderIssue() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#reorder-an-issue
+// GitLab API docs: https://docs.gitlab.com/api/issues/#reorder-an-issue
 type ReorderIssueOptions struct {
 	MoveAfterID  *int `url:"move_after_id,omitempty" json:"move_after_id,omitempty"`
 	MoveBeforeID *int `url:"move_before_id,omitempty" json:"move_before_id,omitempty"`
@@ -550,8 +617,8 @@ type ReorderIssueOptions struct {
 
 // ReorderIssue reorders an issue.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#reorder-an-issue
-func (s *IssuesService) ReorderIssue(pid interface{}, issue int, opt *ReorderIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/issues/#reorder-an-issue
+func (s *IssuesService) ReorderIssue(pid any, issue int, opt *ReorderIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -574,7 +641,7 @@ func (s *IssuesService) ReorderIssue(pid interface{}, issue int, opt *ReorderIss
 
 // MoveIssueOptions represents the available MoveIssue() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#move-an-issue
+// GitLab API docs: https://docs.gitlab.com/api/issues/#move-an-issue
 type MoveIssueOptions struct {
 	ToProjectID *int `url:"to_project_id,omitempty" json:"to_project_id,omitempty"`
 }
@@ -582,8 +649,8 @@ type MoveIssueOptions struct {
 // MoveIssue updates an existing project issue. This function is also used
 // to mark an issue as closed.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/issues.html#move-an-issue
-func (s *IssuesService) MoveIssue(pid interface{}, issue int, opt *MoveIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/issues/#move-an-issue
+func (s *IssuesService) MoveIssue(pid any, issue int, opt *MoveIssueOptions, options ...RequestOptionFunc) (*Issue, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -609,8 +676,8 @@ func (s *IssuesService) MoveIssue(pid interface{}, issue int, opt *MoveIssueOpti
 // status code 304 is returned.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#subscribe-to-an-issue
-func (s *IssuesService) SubscribeToIssue(pid interface{}, issue int, options ...RequestOptionFunc) (*Issue, *Response, error) {
+// https://docs.gitlab.com/api/issues/#subscribe-to-an-issue
+func (s *IssuesService) SubscribeToIssue(pid any, issue int, options ...RequestOptionFunc) (*Issue, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -636,8 +703,8 @@ func (s *IssuesService) SubscribeToIssue(pid interface{}, issue int, options ...
 // is not subscribed to the issue, status code 304 is returned.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#unsubscribe-from-an-issue
-func (s *IssuesService) UnsubscribeFromIssue(pid interface{}, issue int, options ...RequestOptionFunc) (*Issue, *Response, error) {
+// https://docs.gitlab.com/api/issues/#unsubscribe-from-an-issue
+func (s *IssuesService) UnsubscribeFromIssue(pid any, issue int, options ...RequestOptionFunc) (*Issue, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -663,8 +730,8 @@ func (s *IssuesService) UnsubscribeFromIssue(pid interface{}, issue int, options
 // 304 is returned.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#create-a-to-do-item
-func (s *IssuesService) CreateTodo(pid interface{}, issue int, options ...RequestOptionFunc) (*Todo, *Response, error) {
+// https://docs.gitlab.com/api/issues/#create-a-to-do-item
+func (s *IssuesService) CreateTodo(pid any, issue int, options ...RequestOptionFunc) (*Todo, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -689,15 +756,15 @@ func (s *IssuesService) CreateTodo(pid interface{}, issue int, options ...Reques
 // ListMergeRequestsClosingIssue() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#list-merge-requests-that-close-a-particular-issue-on-merge
+// https://docs.gitlab.com/api/issues/#list-merge-requests-that-close-a-particular-issue-on-merge
 type ListMergeRequestsClosingIssueOptions ListOptions
 
 // ListMergeRequestsClosingIssue gets all the merge requests that will close
 // issue when merged.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#list-merge-requests-that-close-a-particular-issue-on-merge
-func (s *IssuesService) ListMergeRequestsClosingIssue(pid interface{}, issue int, opt *ListMergeRequestsClosingIssueOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/issues/#list-merge-requests-that-close-a-particular-issue-on-merge
+func (s *IssuesService) ListMergeRequestsClosingIssue(pid any, issue int, opt *ListMergeRequestsClosingIssueOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -722,15 +789,15 @@ func (s *IssuesService) ListMergeRequestsClosingIssue(pid interface{}, issue int
 // ListMergeRequestsRelatedToIssue() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#list-merge-requests-related-to-issue
+// https://docs.gitlab.com/api/issues/#list-merge-requests-related-to-issue
 type ListMergeRequestsRelatedToIssueOptions ListOptions
 
 // ListMergeRequestsRelatedToIssue gets all the merge requests that are
 // related to the issue
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#list-merge-requests-related-to-issue
-func (s *IssuesService) ListMergeRequestsRelatedToIssue(pid interface{}, issue int, opt *ListMergeRequestsRelatedToIssueOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/issues/#list-merge-requests-related-to-issue
+func (s *IssuesService) ListMergeRequestsRelatedToIssue(pid any, issue int, opt *ListMergeRequestsRelatedToIssueOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -757,48 +824,48 @@ func (s *IssuesService) ListMergeRequestsRelatedToIssue(pid interface{}, issue i
 // SetTimeEstimate sets the time estimate for a single project issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#set-a-time-estimate-for-an-issue
-func (s *IssuesService) SetTimeEstimate(pid interface{}, issue int, opt *SetTimeEstimateOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// https://docs.gitlab.com/api/issues/#set-a-time-estimate-for-an-issue
+func (s *IssuesService) SetTimeEstimate(pid any, issue int, opt *SetTimeEstimateOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	return s.timeStats.setTimeEstimate(pid, "issues", issue, opt, options...)
 }
 
 // ResetTimeEstimate resets the time estimate for a single project issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#reset-the-time-estimate-for-an-issue
-func (s *IssuesService) ResetTimeEstimate(pid interface{}, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// https://docs.gitlab.com/api/issues/#reset-the-time-estimate-for-an-issue
+func (s *IssuesService) ResetTimeEstimate(pid any, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	return s.timeStats.resetTimeEstimate(pid, "issues", issue, options...)
 }
 
 // AddSpentTime adds spent time for a single project issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#add-spent-time-for-an-issue
-func (s *IssuesService) AddSpentTime(pid interface{}, issue int, opt *AddSpentTimeOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// https://docs.gitlab.com/api/issues/#add-spent-time-for-an-issue
+func (s *IssuesService) AddSpentTime(pid any, issue int, opt *AddSpentTimeOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	return s.timeStats.addSpentTime(pid, "issues", issue, opt, options...)
 }
 
 // ResetSpentTime resets the spent time for a single project issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#reset-spent-time-for-an-issue
-func (s *IssuesService) ResetSpentTime(pid interface{}, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// https://docs.gitlab.com/api/issues/#reset-spent-time-for-an-issue
+func (s *IssuesService) ResetSpentTime(pid any, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	return s.timeStats.resetSpentTime(pid, "issues", issue, options...)
 }
 
 // GetTimeSpent gets the spent time for a single project issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#get-time-tracking-stats
-func (s *IssuesService) GetTimeSpent(pid interface{}, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// https://docs.gitlab.com/api/issues/#get-time-tracking-stats
+func (s *IssuesService) GetTimeSpent(pid any, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	return s.timeStats.getTimeSpent(pid, "issues", issue, options...)
 }
 
 // GetParticipants gets a list of issue participants.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/issues.html#participants-on-issues
-func (s *IssuesService) GetParticipants(pid interface{}, issue int, options ...RequestOptionFunc) ([]*BasicUser, *Response, error) {
+// https://docs.gitlab.com/api/issues/#list-participants-in-an-issue
+func (s *IssuesService) GetParticipants(pid any, issue int, options ...RequestOptionFunc) ([]*BasicUser, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/issues_statistics.go b/vendor/gitlab.com/gitlab-org/api/client-go/issues_statistics.go
index 6d85b1a6c4..23f68169af 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/issues_statistics.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/issues_statistics.go
@@ -25,8 +25,8 @@ import (
 type (
 	IssuesStatisticsServiceInterface interface {
 		GetIssuesStatistics(opt *GetIssuesStatisticsOptions, options ...RequestOptionFunc) (*IssuesStatistics, *Response, error)
-		GetGroupIssuesStatistics(gid interface{}, opt *GetGroupIssuesStatisticsOptions, options ...RequestOptionFunc) (*IssuesStatistics, *Response, error)
-		GetProjectIssuesStatistics(pid interface{}, opt *GetProjectIssuesStatisticsOptions, options ...RequestOptionFunc) (*IssuesStatistics, *Response, error)
+		GetGroupIssuesStatistics(gid any, opt *GetGroupIssuesStatisticsOptions, options ...RequestOptionFunc) (*IssuesStatistics, *Response, error)
+		GetProjectIssuesStatistics(pid any, opt *GetProjectIssuesStatisticsOptions, options ...RequestOptionFunc) (*IssuesStatistics, *Response, error)
 	}
 
 	// IssuesStatisticsService handles communication with the issues statistics
@@ -127,7 +127,7 @@ type GetGroupIssuesStatisticsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/issues_statistics/#get-group-issues-statistics
-func (s *IssuesStatisticsService) GetGroupIssuesStatistics(gid interface{}, opt *GetGroupIssuesStatisticsOptions, options ...RequestOptionFunc) (*IssuesStatistics, *Response, error) {
+func (s *IssuesStatisticsService) GetGroupIssuesStatistics(gid any, opt *GetGroupIssuesStatisticsOptions, options ...RequestOptionFunc) (*IssuesStatistics, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -175,7 +175,7 @@ type GetProjectIssuesStatisticsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/issues_statistics/#get-project-issues-statistics
-func (s *IssuesStatisticsService) GetProjectIssuesStatistics(pid interface{}, opt *GetProjectIssuesStatisticsOptions, options ...RequestOptionFunc) (*IssuesStatistics, *Response, error) {
+func (s *IssuesStatisticsService) GetProjectIssuesStatistics(pid any, opt *GetProjectIssuesStatisticsOptions, options ...RequestOptionFunc) (*IssuesStatistics, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/job_token_scope.go b/vendor/gitlab.com/gitlab-org/api/client-go/job_token_scope.go
index 4b6acc208c..1421f59135 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/job_token_scope.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/job_token_scope.go
@@ -20,20 +20,20 @@ import (
 
 type (
 	JobTokenScopeServiceInterface interface {
-		GetProjectJobTokenAccessSettings(pid interface{}, options ...RequestOptionFunc) (*JobTokenAccessSettings, *Response, error)
-		PatchProjectJobTokenAccessSettings(pid interface{}, opt *PatchProjectJobTokenAccessSettingsOptions, options ...RequestOptionFunc) (*Response, error)
-		GetProjectJobTokenInboundAllowList(pid interface{}, opt *GetJobTokenInboundAllowListOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
-		AddProjectToJobScopeAllowList(pid interface{}, opt *JobTokenInboundAllowOptions, options ...RequestOptionFunc) (*JobTokenInboundAllowItem, *Response, error)
-		RemoveProjectFromJobScopeAllowList(pid interface{}, targetProject int, options ...RequestOptionFunc) (*Response, error)
-		GetJobTokenAllowlistGroups(pid interface{}, opt *GetJobTokenAllowlistGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error)
-		AddGroupToJobTokenAllowlist(pid interface{}, opt *AddGroupToJobTokenAllowlistOptions, options ...RequestOptionFunc) (*JobTokenAllowlistItem, *Response, error)
-		RemoveGroupFromJobTokenAllowlist(pid interface{}, targetGroup int, options ...RequestOptionFunc) (*Response, error)
+		GetProjectJobTokenAccessSettings(pid any, options ...RequestOptionFunc) (*JobTokenAccessSettings, *Response, error)
+		PatchProjectJobTokenAccessSettings(pid any, opt *PatchProjectJobTokenAccessSettingsOptions, options ...RequestOptionFunc) (*Response, error)
+		GetProjectJobTokenInboundAllowList(pid any, opt *GetJobTokenInboundAllowListOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
+		AddProjectToJobScopeAllowList(pid any, opt *JobTokenInboundAllowOptions, options ...RequestOptionFunc) (*JobTokenInboundAllowItem, *Response, error)
+		RemoveProjectFromJobScopeAllowList(pid any, targetProject int, options ...RequestOptionFunc) (*Response, error)
+		GetJobTokenAllowlistGroups(pid any, opt *GetJobTokenAllowlistGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error)
+		AddGroupToJobTokenAllowlist(pid any, opt *AddGroupToJobTokenAllowlistOptions, options ...RequestOptionFunc) (*JobTokenAllowlistItem, *Response, error)
+		RemoveGroupFromJobTokenAllowlist(pid any, targetGroup int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// JobTokenScopeService handles communication with project CI settings
 	// such as token permissions.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/project_job_token_scopes.html
+	// GitLab API docs: https://docs.gitlab.com/api/project_job_token_scopes/
 	JobTokenScopeService struct {
 		client *Client
 	}
@@ -43,17 +43,16 @@ var _ JobTokenScopeServiceInterface = (*JobTokenScopeService)(nil)
 
 // JobTokenAccessSettings represents job token access attributes for this project.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_job_token_scopes.html
+// GitLab API docs: https://docs.gitlab.com/api/project_job_token_scopes/
 type JobTokenAccessSettings struct {
-	InboundEnabled  bool `json:"inbound_enabled"`
-	OutboundEnabled bool `json:"outbound_enabled"`
+	InboundEnabled bool `json:"inbound_enabled"`
 }
 
 // GetProjectJobTokenAccessSettings fetch the CI/CD job token access settings (job token scope) of a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#get-a-projects-cicd-job-token-access-settings
-func (j *JobTokenScopeService) GetProjectJobTokenAccessSettings(pid interface{}, options ...RequestOptionFunc) (*JobTokenAccessSettings, *Response, error) {
+// https://docs.gitlab.com/api/project_job_token_scopes/#get-a-projects-cicd-job-token-access-settings
+func (j *JobTokenScopeService) GetProjectJobTokenAccessSettings(pid any, options ...RequestOptionFunc) (*JobTokenAccessSettings, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -78,7 +77,7 @@ func (j *JobTokenScopeService) GetProjectJobTokenAccessSettings(pid interface{},
 // PatchProjectJobTokenAccessSettings() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#patch-a-projects-cicd-job-token-access-settings
+// https://docs.gitlab.com/api/project_job_token_scopes/#patch-a-projects-cicd-job-token-access-settings
 type PatchProjectJobTokenAccessSettingsOptions struct {
 	Enabled bool `json:"enabled"`
 }
@@ -86,8 +85,8 @@ type PatchProjectJobTokenAccessSettingsOptions struct {
 // PatchProjectJobTokenAccessSettings patch the Limit access to this project setting (job token scope) of a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#patch-a-projects-cicd-job-token-access-settings
-func (j *JobTokenScopeService) PatchProjectJobTokenAccessSettings(pid interface{}, opt *PatchProjectJobTokenAccessSettingsOptions, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_job_token_scopes/#patch-a-projects-cicd-job-token-access-settings
+func (j *JobTokenScopeService) PatchProjectJobTokenAccessSettings(pid any, opt *PatchProjectJobTokenAccessSettingsOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -104,7 +103,7 @@ func (j *JobTokenScopeService) PatchProjectJobTokenAccessSettings(pid interface{
 
 // JobTokenInboundAllowItem represents a single job token inbound allowlist item.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_job_token_scopes.html
+// GitLab API docs: https://docs.gitlab.com/api/project_job_token_scopes/
 type JobTokenInboundAllowItem struct {
 	SourceProjectID int `json:"source_project_id"`
 	TargetProjectID int `json:"target_project_id"`
@@ -114,7 +113,7 @@ type JobTokenInboundAllowItem struct {
 // GetJobTokenInboundAllowList() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#get-a-projects-cicd-job-token-inbound-allowlist
+// https://docs.gitlab.com/api/project_job_token_scopes/#get-a-projects-cicd-job-token-inbound-allowlist
 type GetJobTokenInboundAllowListOptions struct {
 	ListOptions
 }
@@ -123,8 +122,8 @@ type GetJobTokenInboundAllowListOptions struct {
 // allowlist (job token scope) of a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#get-a-projects-cicd-job-token-inbound-allowlist
-func (j *JobTokenScopeService) GetProjectJobTokenInboundAllowList(pid interface{}, opt *GetJobTokenInboundAllowListOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
+// https://docs.gitlab.com/api/project_job_token_scopes/#get-a-projects-cicd-job-token-inbound-allowlist
+func (j *JobTokenScopeService) GetProjectJobTokenInboundAllowList(pid any, opt *GetJobTokenInboundAllowListOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -149,7 +148,7 @@ func (j *JobTokenScopeService) GetProjectJobTokenInboundAllowList(pid interface{
 // AddProjectToJobScopeAllowList() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#create-a-new-project-to-a-projects-cicd-job-token-inbound-allowlist
+// https://docs.gitlab.com/api/project_job_token_scopes/#add-a-project-to-a-cicd-job-token-inbound-allowlist
 type JobTokenInboundAllowOptions struct {
 	TargetProjectID *int `url:"target_project_id,omitempty" json:"target_project_id,omitempty"`
 }
@@ -158,8 +157,8 @@ type JobTokenInboundAllowOptions struct {
 // inbound allow list.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#create-a-new-project-to-a-projects-cicd-job-token-inbound-allowlist
-func (j *JobTokenScopeService) AddProjectToJobScopeAllowList(pid interface{}, opt *JobTokenInboundAllowOptions, options ...RequestOptionFunc) (*JobTokenInboundAllowItem, *Response, error) {
+// https://docs.gitlab.com/api/project_job_token_scopes/#add-a-project-to-a-cicd-job-token-inbound-allowlist
+func (j *JobTokenScopeService) AddProjectToJobScopeAllowList(pid any, opt *JobTokenInboundAllowOptions, options ...RequestOptionFunc) (*JobTokenInboundAllowItem, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -184,8 +183,8 @@ func (j *JobTokenScopeService) AddProjectToJobScopeAllowList(pid interface{}, op
 // token inbound allow list.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#remove-a-project-from-a-projects-cicd-job-token-inbound-allowlist
-func (j *JobTokenScopeService) RemoveProjectFromJobScopeAllowList(pid interface{}, targetProject int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_job_token_scopes/#remove-a-project-from-a-cicd-job-token-inbound-allowlist
+func (j *JobTokenScopeService) RemoveProjectFromJobScopeAllowList(pid any, targetProject int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -202,7 +201,7 @@ func (j *JobTokenScopeService) RemoveProjectFromJobScopeAllowList(pid interface{
 
 // JobTokenAllowlistItem represents a single job token allowlist item.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_job_token_scopes.html
+// GitLab API docs: https://docs.gitlab.com/api/project_job_token_scopes/
 type JobTokenAllowlistItem struct {
 	SourceProjectID int `json:"source_project_id"`
 	TargetGroupID   int `json:"target_group_id"`
@@ -212,7 +211,7 @@ type JobTokenAllowlistItem struct {
 // GetJobTokenAllowlistGroups() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#get-a-projects-cicd-job-token-allowlist-of-groups
+// https://docs.gitlab.com/api/project_job_token_scopes/#get-a-projects-cicd-job-token-allowlist-of-groups
 type GetJobTokenAllowlistGroupsOptions struct {
 	ListOptions
 }
@@ -221,8 +220,8 @@ type GetJobTokenAllowlistGroupsOptions struct {
 // (job token scopes) of a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#get-a-projects-cicd-job-token-allowlist-of-groups
-func (j *JobTokenScopeService) GetJobTokenAllowlistGroups(pid interface{}, opt *GetJobTokenAllowlistGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error) {
+// https://docs.gitlab.com/api/project_job_token_scopes/#get-a-projects-cicd-job-token-allowlist-of-groups
+func (j *JobTokenScopeService) GetJobTokenAllowlistGroups(pid any, opt *GetJobTokenAllowlistGroupsOptions, options ...RequestOptionFunc) ([]*Group, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -247,7 +246,7 @@ func (j *JobTokenScopeService) GetJobTokenAllowlistGroups(pid interface{}, opt *
 // AddGroupToJobTokenAllowlist() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#add-a-group-to-a-cicd-job-token-allowlist
+// https://docs.gitlab.com/api/project_job_token_scopes/#add-a-group-to-a-cicd-job-token-allowlist
 type AddGroupToJobTokenAllowlistOptions struct {
 	TargetGroupID *int `url:"target_group_id,omitempty" json:"target_group_id,omitempty"`
 }
@@ -256,8 +255,8 @@ type AddGroupToJobTokenAllowlistOptions struct {
 // inbound groups allow list.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#add-a-group-to-a-cicd-job-token-allowlist
-func (j *JobTokenScopeService) AddGroupToJobTokenAllowlist(pid interface{}, opt *AddGroupToJobTokenAllowlistOptions, options ...RequestOptionFunc) (*JobTokenAllowlistItem, *Response, error) {
+// https://docs.gitlab.com/api/project_job_token_scopes/#add-a-group-to-a-cicd-job-token-allowlist
+func (j *JobTokenScopeService) AddGroupToJobTokenAllowlist(pid any, opt *AddGroupToJobTokenAllowlistOptions, options ...RequestOptionFunc) (*JobTokenAllowlistItem, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -282,8 +281,8 @@ func (j *JobTokenScopeService) AddGroupToJobTokenAllowlist(pid interface{}, opt
 // token inbound groups allow list.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_job_token_scopes.html#remove-a-group-from-a-cicd-job-token-allowlist
-func (j *JobTokenScopeService) RemoveGroupFromJobTokenAllowlist(pid interface{}, targetGroup int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_job_token_scopes/#remove-a-group-from-a-cicd-job-token-allowlist
+func (j *JobTokenScopeService) RemoveGroupFromJobTokenAllowlist(pid any, targetGroup int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/jobs.go b/vendor/gitlab.com/gitlab-org/api/client-go/jobs.go
index e0014f408c..2b6ba1accb 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/jobs.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/jobs.go
@@ -25,29 +25,29 @@ import (
 
 type (
 	JobsServiceInterface interface {
-		ListProjectJobs(pid interface{}, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error)
-		ListPipelineJobs(pid interface{}, pipelineID int, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error)
-		ListPipelineBridges(pid interface{}, pipelineID int, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Bridge, *Response, error)
+		ListProjectJobs(pid any, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error)
+		ListPipelineJobs(pid any, pipelineID int, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error)
+		ListPipelineBridges(pid any, pipelineID int, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Bridge, *Response, error)
 		GetJobTokensJob(opts *GetJobTokensJobOptions, options ...RequestOptionFunc) (*Job, *Response, error)
-		GetJob(pid interface{}, jobID int, options ...RequestOptionFunc) (*Job, *Response, error)
-		GetJobArtifacts(pid interface{}, jobID int, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
-		DownloadArtifactsFile(pid interface{}, refName string, opt *DownloadArtifactsFileOptions, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
-		DownloadSingleArtifactsFile(pid interface{}, jobID int, artifactPath string, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
-		DownloadSingleArtifactsFileByTagOrBranch(pid interface{}, refName string, artifactPath string, opt *DownloadArtifactsFileOptions, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
-		GetTraceFile(pid interface{}, jobID int, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
-		CancelJob(pid interface{}, jobID int, options ...RequestOptionFunc) (*Job, *Response, error)
-		RetryJob(pid interface{}, jobID int, options ...RequestOptionFunc) (*Job, *Response, error)
-		EraseJob(pid interface{}, jobID int, options ...RequestOptionFunc) (*Job, *Response, error)
-		KeepArtifacts(pid interface{}, jobID int, options ...RequestOptionFunc) (*Job, *Response, error)
-		PlayJob(pid interface{}, jobID int, opt *PlayJobOptions, options ...RequestOptionFunc) (*Job, *Response, error)
-		DeleteArtifacts(pid interface{}, jobID int, options ...RequestOptionFunc) (*Response, error)
-		DeleteProjectArtifacts(pid interface{}, options ...RequestOptionFunc) (*Response, error)
+		GetJob(pid any, jobID int, options ...RequestOptionFunc) (*Job, *Response, error)
+		GetJobArtifacts(pid any, jobID int, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
+		DownloadArtifactsFile(pid any, refName string, opt *DownloadArtifactsFileOptions, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
+		DownloadSingleArtifactsFile(pid any, jobID int, artifactPath string, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
+		DownloadSingleArtifactsFileByTagOrBranch(pid any, refName string, artifactPath string, opt *DownloadArtifactsFileOptions, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
+		GetTraceFile(pid any, jobID int, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
+		CancelJob(pid any, jobID int, options ...RequestOptionFunc) (*Job, *Response, error)
+		RetryJob(pid any, jobID int, options ...RequestOptionFunc) (*Job, *Response, error)
+		EraseJob(pid any, jobID int, options ...RequestOptionFunc) (*Job, *Response, error)
+		KeepArtifacts(pid any, jobID int, options ...RequestOptionFunc) (*Job, *Response, error)
+		PlayJob(pid any, jobID int, opt *PlayJobOptions, options ...RequestOptionFunc) (*Job, *Response, error)
+		DeleteArtifacts(pid any, jobID int, options ...RequestOptionFunc) (*Response, error)
+		DeleteProjectArtifacts(pid any, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// JobsService handles communication with the ci builds related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/jobs.html
+	// GitLab API docs: https://docs.gitlab.com/api/jobs/
 	JobsService struct {
 		client *Client
 	}
@@ -57,7 +57,7 @@ var _ JobsServiceInterface = (*JobsService)(nil)
 
 // Job represents a ci build.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/jobs.html
+// GitLab API docs: https://docs.gitlab.com/api/jobs/
 type Job struct {
 	Commit            *Commit    `json:"commit"`
 	Coverage          float64    `json:"coverage"`
@@ -108,7 +108,7 @@ type Job struct {
 
 // Bridge represents a pipeline bridge.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/jobs.html#list-pipeline-bridges
+// GitLab API docs: https://docs.gitlab.com/api/jobs/#list-pipeline-trigger-jobs
 type Bridge struct {
 	Commit             *Commit       `json:"commit"`
 	Coverage           float64       `json:"coverage"`
@@ -135,7 +135,7 @@ type Bridge struct {
 // ListJobsOptions represents the available ListProjectJobs() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#list-project-jobs
+// https://docs.gitlab.com/api/jobs/#list-project-jobs
 type ListJobsOptions struct {
 	ListOptions
 	Scope          *[]BuildStateValue `url:"scope[],omitempty" json:"scope,omitempty"`
@@ -148,8 +148,8 @@ type ListJobsOptions struct {
 // failed, success, canceled, skipped; showing all jobs if none provided
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#list-project-jobs
-func (s *JobsService) ListProjectJobs(pid interface{}, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error) {
+// https://docs.gitlab.com/api/jobs/#list-project-jobs
+func (s *JobsService) ListProjectJobs(pid any, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -174,8 +174,8 @@ func (s *JobsService) ListProjectJobs(pid interface{}, opts *ListJobsOptions, op
 // project. If the pipeline ID is not found, it will respond with 404.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#list-pipeline-jobs
-func (s *JobsService) ListPipelineJobs(pid interface{}, pipelineID int, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error) {
+// https://docs.gitlab.com/api/jobs/#list-pipeline-jobs
+func (s *JobsService) ListPipelineJobs(pid any, pipelineID int, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -200,8 +200,8 @@ func (s *JobsService) ListPipelineJobs(pid interface{}, pipelineID int, opts *Li
 // project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#list-pipeline-jobs
-func (s *JobsService) ListPipelineBridges(pid interface{}, pipelineID int, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Bridge, *Response, error) {
+// https://docs.gitlab.com/api/jobs/#list-pipeline-trigger-jobs
+func (s *JobsService) ListPipelineBridges(pid any, pipelineID int, opts *ListJobsOptions, options ...RequestOptionFunc) ([]*Bridge, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -224,14 +224,14 @@ func (s *JobsService) ListPipelineBridges(pid interface{}, pipelineID int, opts
 
 // GetJobTokensJobOptions represents the available GetJobTokensJob() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/jobs.html#get-job-tokens-job
+// GitLab API docs: https://docs.gitlab.com/api/jobs/#get-job-tokens-job
 type GetJobTokensJobOptions struct {
 	JobToken *string `url:"job_token,omitempty" json:"job_token,omitempty"`
 }
 
 // GetJobTokensJob retrieves the job that generated a job token.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/jobs.html#get-job-tokens-job
+// GitLab API docs: https://docs.gitlab.com/api/jobs/#get-job-tokens-job
 func (s *JobsService) GetJobTokensJob(opts *GetJobTokensJobOptions, options ...RequestOptionFunc) (*Job, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "job", opts, options)
 	if err != nil {
@@ -250,8 +250,8 @@ func (s *JobsService) GetJobTokensJob(opts *GetJobTokensJobOptions, options ...R
 // GetJob gets a single job of a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#get-a-single-job
-func (s *JobsService) GetJob(pid interface{}, jobID int, options ...RequestOptionFunc) (*Job, *Response, error) {
+// https://docs.gitlab.com/api/jobs/#get-a-single-job
+func (s *JobsService) GetJob(pid any, jobID int, options ...RequestOptionFunc) (*Job, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -275,8 +275,8 @@ func (s *JobsService) GetJob(pid interface{}, jobID int, options ...RequestOptio
 // GetJobArtifacts get jobs artifacts of a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/job_artifacts.html#get-job-artifacts
-func (s *JobsService) GetJobArtifacts(pid interface{}, jobID int, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
+// https://docs.gitlab.com/api/job_artifacts/#get-job-artifacts
+func (s *JobsService) GetJobArtifacts(pid any, jobID int, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -301,7 +301,7 @@ func (s *JobsService) GetJobArtifacts(pid interface{}, jobID int, options ...Req
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/job_artifacts.html#download-the-artifacts-archive
+// https://docs.gitlab.com/api/job_artifacts/#download-the-artifacts-archive
 type DownloadArtifactsFileOptions struct {
 	Job *string `url:"job" json:"job"`
 }
@@ -310,8 +310,8 @@ type DownloadArtifactsFileOptions struct {
 // reference name and job provided the job finished successfully.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/job_artifacts.html#download-the-artifacts-archive
-func (s *JobsService) DownloadArtifactsFile(pid interface{}, refName string, opt *DownloadArtifactsFileOptions, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
+// https://docs.gitlab.com/api/job_artifacts/#download-the-artifacts-archive
+func (s *JobsService) DownloadArtifactsFile(pid any, refName string, opt *DownloadArtifactsFileOptions, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -338,8 +338,8 @@ func (s *JobsService) DownloadArtifactsFile(pid interface{}, refName string, opt
 // to a client.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/job_artifacts.html#download-a-single-artifact-file-by-job-id
-func (s *JobsService) DownloadSingleArtifactsFile(pid interface{}, jobID int, artifactPath string, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
+// https://docs.gitlab.com/api/job_artifacts/#download-a-single-artifact-file-by-job-id
+func (s *JobsService) DownloadSingleArtifactsFile(pid any, jobID int, artifactPath string, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -372,8 +372,8 @@ func (s *JobsService) DownloadSingleArtifactsFile(pid interface{}, jobID int, ar
 // and streamed to the client.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/job_artifacts.html#download-a-single-artifact-file-from-specific-tag-or-branch
-func (s *JobsService) DownloadSingleArtifactsFileByTagOrBranch(pid interface{}, refName string, artifactPath string, opt *DownloadArtifactsFileOptions, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
+// https://docs.gitlab.com/api/job_artifacts/#download-a-single-artifact-file-from-specific-tag-or-branch
+func (s *JobsService) DownloadSingleArtifactsFileByTagOrBranch(pid any, refName string, artifactPath string, opt *DownloadArtifactsFileOptions, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -403,8 +403,8 @@ func (s *JobsService) DownloadSingleArtifactsFileByTagOrBranch(pid interface{},
 // GetTraceFile gets a trace of a specific job of a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#get-a-log-file
-func (s *JobsService) GetTraceFile(pid interface{}, jobID int, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
+// https://docs.gitlab.com/api/jobs/#get-a-log-file
+func (s *JobsService) GetTraceFile(pid any, jobID int, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -428,8 +428,8 @@ func (s *JobsService) GetTraceFile(pid interface{}, jobID int, options ...Reques
 // CancelJob cancels a single job of a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#cancel-a-job
-func (s *JobsService) CancelJob(pid interface{}, jobID int, options ...RequestOptionFunc) (*Job, *Response, error) {
+// https://docs.gitlab.com/api/jobs/#cancel-a-job
+func (s *JobsService) CancelJob(pid any, jobID int, options ...RequestOptionFunc) (*Job, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -453,8 +453,8 @@ func (s *JobsService) CancelJob(pid interface{}, jobID int, options ...RequestOp
 // RetryJob retries a single job of a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#retry-a-job
-func (s *JobsService) RetryJob(pid interface{}, jobID int, options ...RequestOptionFunc) (*Job, *Response, error) {
+// https://docs.gitlab.com/api/jobs/#retry-a-job
+func (s *JobsService) RetryJob(pid any, jobID int, options ...RequestOptionFunc) (*Job, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -479,8 +479,8 @@ func (s *JobsService) RetryJob(pid interface{}, jobID int, options ...RequestOpt
 // artifacts and a job trace.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#erase-a-job
-func (s *JobsService) EraseJob(pid interface{}, jobID int, options ...RequestOptionFunc) (*Job, *Response, error) {
+// https://docs.gitlab.com/api/jobs/#erase-a-job
+func (s *JobsService) EraseJob(pid any, jobID int, options ...RequestOptionFunc) (*Job, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -505,8 +505,8 @@ func (s *JobsService) EraseJob(pid interface{}, jobID int, options ...RequestOpt
 // expiration is set.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/job_artifacts.html#keep-artifacts
-func (s *JobsService) KeepArtifacts(pid interface{}, jobID int, options ...RequestOptionFunc) (*Job, *Response, error) {
+// https://docs.gitlab.com/api/job_artifacts/#keep-artifacts
+func (s *JobsService) KeepArtifacts(pid any, jobID int, options ...RequestOptionFunc) (*Job, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -530,7 +530,7 @@ func (s *JobsService) KeepArtifacts(pid interface{}, jobID int, options ...Reque
 // PlayJobOptions represents the available PlayJob() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#run-a-job
+// https://docs.gitlab.com/api/jobs/#run-a-job
 type PlayJobOptions struct {
 	JobVariablesAttributes *[]*JobVariableOptions `url:"job_variables_attributes,omitempty" json:"job_variables_attributes,omitempty"`
 }
@@ -538,7 +538,7 @@ type PlayJobOptions struct {
 // JobVariableOptions represents a single job variable.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#run-a-job
+// https://docs.gitlab.com/api/jobs/#run-a-job
 type JobVariableOptions struct {
 	Key          *string            `url:"key,omitempty" json:"key,omitempty"`
 	Value        *string            `url:"value,omitempty" json:"value,omitempty"`
@@ -548,8 +548,8 @@ type JobVariableOptions struct {
 // PlayJob triggers a manual action to start a job.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/jobs.html#run-a-job
-func (s *JobsService) PlayJob(pid interface{}, jobID int, opt *PlayJobOptions, options ...RequestOptionFunc) (*Job, *Response, error) {
+// https://docs.gitlab.com/api/jobs/#run-a-job
+func (s *JobsService) PlayJob(pid any, jobID int, opt *PlayJobOptions, options ...RequestOptionFunc) (*Job, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -573,8 +573,8 @@ func (s *JobsService) PlayJob(pid interface{}, jobID int, opt *PlayJobOptions, o
 // DeleteArtifacts delete artifacts of a job
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/job_artifacts.html#delete-job-artifacts
-func (s *JobsService) DeleteArtifacts(pid interface{}, jobID int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/job_artifacts/#delete-job-artifacts
+func (s *JobsService) DeleteArtifacts(pid any, jobID int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -592,8 +592,8 @@ func (s *JobsService) DeleteArtifacts(pid interface{}, jobID int, options ...Req
 // DeleteProjectArtifacts delete artifacts eligible for deletion in a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/job_artifacts.html#delete-project-artifacts
-func (s *JobsService) DeleteProjectArtifacts(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/job_artifacts/#delete-job-artifacts
+func (s *JobsService) DeleteProjectArtifacts(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/keys.go b/vendor/gitlab.com/gitlab-org/api/client-go/keys.go
index 60e60471ea..3b2187c65f 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/keys.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/keys.go
@@ -32,7 +32,7 @@ type (
 	// keys related methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/keys.html
+	// https://docs.gitlab.com/api/keys/
 	KeysService struct {
 		client *Client
 	}
@@ -43,7 +43,7 @@ var _ KeysServiceInterface = (*KeysService)(nil)
 // Key represents a GitLab user's SSH key.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/keys.html
+// https://docs.gitlab.com/api/keys/
 type Key struct {
 	ID        int        `json:"id"`
 	Title     string     `json:"title"`
@@ -56,7 +56,7 @@ type Key struct {
 // user information.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/keys.html#get-ssh-key-with-user-by-id-of-an-ssh-key
+// https://docs.gitlab.com/api/keys/#get-ssh-key-with-user-by-id-of-an-ssh-key
 func (s *KeysService) GetKeyWithUser(key int, options ...RequestOptionFunc) (*Key, *Response, error) {
 	u := fmt.Sprintf("keys/%d", key)
 
@@ -78,8 +78,8 @@ func (s *KeysService) GetKeyWithUser(key int, options ...RequestOptionFunc) (*Ke
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/keys.html#get-user-by-fingerprint-of-ssh-key
-// https://docs.gitlab.com/ee/api/keys.html#get-user-by-deploy-key-fingerprint
+// https://docs.gitlab.com/api/keys/#get-user-by-fingerprint-of-ssh-key
+// https://docs.gitlab.com/api/keys/#get-user-by-deploy-key-fingerprint
 type GetKeyByFingerprintOptions struct {
 	Fingerprint string `url:"fingerprint" json:"fingerprint"`
 }
@@ -88,8 +88,8 @@ type GetKeyByFingerprintOptions struct {
 // along with the associated user information.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/keys.html#get-user-by-fingerprint-of-ssh-key
-// https://docs.gitlab.com/ee/api/keys.html#get-user-by-deploy-key-fingerprint
+// https://docs.gitlab.com/api/keys/#get-user-by-fingerprint-of-ssh-key
+// https://docs.gitlab.com/api/keys/#get-user-by-deploy-key-fingerprint
 func (s *KeysService) GetKeyByFingerprint(opt *GetKeyByFingerprintOptions, options ...RequestOptionFunc) (*Key, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "keys", opt, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/labels.go b/vendor/gitlab.com/gitlab-org/api/client-go/labels.go
index 9654d7e4f5..d7eb1e6240 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/labels.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/labels.go
@@ -24,20 +24,20 @@ import (
 
 type (
 	LabelsServiceInterface interface {
-		ListLabels(pid interface{}, opt *ListLabelsOptions, options ...RequestOptionFunc) ([]*Label, *Response, error)
-		GetLabel(pid interface{}, lid interface{}, options ...RequestOptionFunc) (*Label, *Response, error)
-		CreateLabel(pid interface{}, opt *CreateLabelOptions, options ...RequestOptionFunc) (*Label, *Response, error)
-		DeleteLabel(pid interface{}, lid interface{}, opt *DeleteLabelOptions, options ...RequestOptionFunc) (*Response, error)
-		UpdateLabel(pid interface{}, lid interface{}, opt *UpdateLabelOptions, options ...RequestOptionFunc) (*Label, *Response, error)
-		SubscribeToLabel(pid interface{}, lid interface{}, options ...RequestOptionFunc) (*Label, *Response, error)
-		UnsubscribeFromLabel(pid interface{}, lid interface{}, options ...RequestOptionFunc) (*Response, error)
-		PromoteLabel(pid interface{}, lid interface{}, options ...RequestOptionFunc) (*Response, error)
+		ListLabels(pid any, opt *ListLabelsOptions, options ...RequestOptionFunc) ([]*Label, *Response, error)
+		GetLabel(pid any, lid any, options ...RequestOptionFunc) (*Label, *Response, error)
+		CreateLabel(pid any, opt *CreateLabelOptions, options ...RequestOptionFunc) (*Label, *Response, error)
+		DeleteLabel(pid any, lid any, opt *DeleteLabelOptions, options ...RequestOptionFunc) (*Response, error)
+		UpdateLabel(pid any, lid any, opt *UpdateLabelOptions, options ...RequestOptionFunc) (*Label, *Response, error)
+		SubscribeToLabel(pid any, lid any, options ...RequestOptionFunc) (*Label, *Response, error)
+		UnsubscribeFromLabel(pid any, lid any, options ...RequestOptionFunc) (*Response, error)
+		PromoteLabel(pid any, lid any, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// LabelsService handles communication with the label related methods of the
 	// GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html
+	// GitLab API docs: https://docs.gitlab.com/api/labels/
 	LabelsService struct {
 		client *Client
 	}
@@ -47,7 +47,7 @@ var _ LabelsServiceInterface = (*LabelsService)(nil)
 
 // Label represents a GitLab label.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html
+// GitLab API docs: https://docs.gitlab.com/api/labels/
 type Label struct {
 	ID                     int    `json:"id"`
 	Name                   string `json:"name"`
@@ -70,7 +70,7 @@ func (l *Label) UnmarshalJSON(data []byte) error {
 	}
 
 	if l.Name == "" {
-		var raw map[string]interface{}
+		var raw map[string]any
 		if err := json.Unmarshal(data, &raw); err != nil {
 			return err
 		}
@@ -88,7 +88,7 @@ func (l Label) String() string {
 
 // ListLabelsOptions represents the available ListLabels() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html#list-labels
+// GitLab API docs: https://docs.gitlab.com/api/labels/#list-labels
 type ListLabelsOptions struct {
 	ListOptions
 	WithCounts            *bool   `url:"with_counts,omitempty" json:"with_counts,omitempty"`
@@ -98,8 +98,8 @@ type ListLabelsOptions struct {
 
 // ListLabels gets all labels for given project.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html#list-labels
-func (s *LabelsService) ListLabels(pid interface{}, opt *ListLabelsOptions, options ...RequestOptionFunc) ([]*Label, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/labels/#list-labels
+func (s *LabelsService) ListLabels(pid any, opt *ListLabelsOptions, options ...RequestOptionFunc) ([]*Label, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -122,8 +122,8 @@ func (s *LabelsService) ListLabels(pid interface{}, opt *ListLabelsOptions, opti
 
 // GetLabel get a single label for a given project.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html#get-a-single-project-label
-func (s *LabelsService) GetLabel(pid interface{}, lid interface{}, options ...RequestOptionFunc) (*Label, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/labels/#get-a-single-project-label
+func (s *LabelsService) GetLabel(pid any, lid any, options ...RequestOptionFunc) (*Label, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -150,7 +150,7 @@ func (s *LabelsService) GetLabel(pid interface{}, lid interface{}, options ...Re
 
 // CreateLabelOptions represents the available CreateLabel() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html#create-a-new-label
+// GitLab API docs: https://docs.gitlab.com/api/labels/#create-a-new-label
 type CreateLabelOptions struct {
 	Name        *string `url:"name,omitempty" json:"name,omitempty"`
 	Color       *string `url:"color,omitempty" json:"color,omitempty"`
@@ -161,8 +161,8 @@ type CreateLabelOptions struct {
 // CreateLabel creates a new label for given repository with given name and
 // color.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html#create-a-new-label
-func (s *LabelsService) CreateLabel(pid interface{}, opt *CreateLabelOptions, options ...RequestOptionFunc) (*Label, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/labels/#create-a-new-label
+func (s *LabelsService) CreateLabel(pid any, opt *CreateLabelOptions, options ...RequestOptionFunc) (*Label, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -185,15 +185,15 @@ func (s *LabelsService) CreateLabel(pid interface{}, opt *CreateLabelOptions, op
 
 // DeleteLabelOptions represents the available DeleteLabel() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html#delete-a-label
+// GitLab API docs: https://docs.gitlab.com/api/labels/#delete-a-label
 type DeleteLabelOptions struct {
 	Name *string `url:"name,omitempty" json:"name,omitempty"`
 }
 
 // DeleteLabel deletes a label given by its name or ID.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html#delete-a-label
-func (s *LabelsService) DeleteLabel(pid interface{}, lid interface{}, opt *DeleteLabelOptions, options ...RequestOptionFunc) (*Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/labels/#delete-a-label
+func (s *LabelsService) DeleteLabel(pid any, lid any, opt *DeleteLabelOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -218,7 +218,7 @@ func (s *LabelsService) DeleteLabel(pid interface{}, lid interface{}, opt *Delet
 
 // UpdateLabelOptions represents the available UpdateLabel() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html#edit-an-existing-label
+// GitLab API docs: https://docs.gitlab.com/api/labels/#edit-an-existing-label
 type UpdateLabelOptions struct {
 	Name        *string `url:"name,omitempty" json:"name,omitempty"`
 	NewName     *string `url:"new_name,omitempty" json:"new_name,omitempty"`
@@ -230,8 +230,8 @@ type UpdateLabelOptions struct {
 // UpdateLabel updates an existing label with new name or now color. At least
 // one parameter is required, to update the label.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/labels.html#edit-an-existing-label
-func (s *LabelsService) UpdateLabel(pid interface{}, lid interface{}, opt *UpdateLabelOptions, options ...RequestOptionFunc) (*Label, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/labels/#edit-an-existing-label
+func (s *LabelsService) UpdateLabel(pid any, lid any, opt *UpdateLabelOptions, options ...RequestOptionFunc) (*Label, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -265,8 +265,8 @@ func (s *LabelsService) UpdateLabel(pid interface{}, lid interface{}, opt *Updat
 // code 304 is returned.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/labels.html#subscribe-to-a-label
-func (s *LabelsService) SubscribeToLabel(pid interface{}, lid interface{}, options ...RequestOptionFunc) (*Label, *Response, error) {
+// https://docs.gitlab.com/api/labels/#subscribe-to-a-label
+func (s *LabelsService) SubscribeToLabel(pid any, lid any, options ...RequestOptionFunc) (*Label, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -296,8 +296,8 @@ func (s *LabelsService) SubscribeToLabel(pid interface{}, lid interface{}, optio
 // status code 304 is returned.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/labels.html#unsubscribe-from-a-label
-func (s *LabelsService) UnsubscribeFromLabel(pid interface{}, lid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/labels/#unsubscribe-from-a-label
+func (s *LabelsService) UnsubscribeFromLabel(pid any, lid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -319,8 +319,8 @@ func (s *LabelsService) UnsubscribeFromLabel(pid interface{}, lid interface{}, o
 // PromoteLabel Promotes a project label to a group label.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/labels.html#promote-a-project-label-to-a-group-label
-func (s *LabelsService) PromoteLabel(pid interface{}, lid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/labels/#promote-a-project-label-to-a-group-label
+func (s *LabelsService) PromoteLabel(pid any, lid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/license.go b/vendor/gitlab.com/gitlab-org/api/client-go/license.go
index 571cc73ccd..9e9d2a0681 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/license.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/license.go
@@ -33,7 +33,7 @@ type (
 	// related methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/license.html
+	// https://docs.gitlab.com/api/license/
 	LicenseService struct {
 		client *Client
 	}
@@ -44,7 +44,7 @@ var _ LicenseServiceInterface = (*LicenseService)(nil)
 // License represents a GitLab license.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/license.html
+// https://docs.gitlab.com/api/license/
 type License struct {
 	ID               int        `json:"id"`
 	Plan             string     `json:"plan"`
@@ -80,7 +80,7 @@ func (l License) String() string {
 // GetLicense retrieves information about the current license.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/license.html#retrieve-information-about-the-current-license
+// https://docs.gitlab.com/api/license/#retrieve-information-about-the-current-license
 func (s *LicenseService) GetLicense(options ...RequestOptionFunc) (*License, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "license", nil, options)
 	if err != nil {
@@ -98,7 +98,7 @@ func (s *LicenseService) GetLicense(options ...RequestOptionFunc) (*License, *Re
 
 // AddLicenseOptions represents the available AddLicense() options.
 //
-// https://docs.gitlab.com/ee/api/license.html#add-a-new-license
+// https://docs.gitlab.com/api/license/#add-a-new-license
 type AddLicenseOptions struct {
 	License *string `url:"license" json:"license"`
 }
@@ -106,7 +106,7 @@ type AddLicenseOptions struct {
 // AddLicense adds a new license.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/license.html#add-a-new-license
+// https://docs.gitlab.com/api/license/#add-a-new-license
 func (s *LicenseService) AddLicense(opt *AddLicenseOptions, options ...RequestOptionFunc) (*License, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "license", opt, options)
 	if err != nil {
@@ -125,7 +125,7 @@ func (s *LicenseService) AddLicense(opt *AddLicenseOptions, options ...RequestOp
 // DeleteLicense deletes an existing license.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/license.html#delete-a-license
+// https://docs.gitlab.com/api/license/#delete-a-license
 func (s *LicenseService) DeleteLicense(licenseID int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("license/%d", licenseID)
 
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/license_templates.go b/vendor/gitlab.com/gitlab-org/api/client-go/license_templates.go
index 2db651bb0e..8808f56b56 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/license_templates.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/license_templates.go
@@ -24,7 +24,7 @@ import (
 // LicenseTemplate represents a license template.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/templates/licenses.html
+// https://docs.gitlab.com/api/templates/licenses/
 type LicenseTemplate struct {
 	Key         string   `json:"key"`
 	Name        string   `json:"name"`
@@ -48,7 +48,7 @@ type (
 	// LicenseTemplatesService handles communication with the license templates
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/templates/licenses.html
+	// GitLab API docs: https://docs.gitlab.com/api/templates/licenses/
 	LicenseTemplatesService struct {
 		client *Client
 	}
@@ -60,7 +60,7 @@ var _ LicenseTemplatesServiceInterface = (*LicenseTemplatesService)(nil)
 // ListLicenseTemplates() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/templates/licenses.html#list-license-templates
+// https://docs.gitlab.com/api/templates/licenses/#list-license-templates
 type ListLicenseTemplatesOptions struct {
 	ListOptions
 	Popular *bool `url:"popular,omitempty" json:"popular,omitempty"`
@@ -69,7 +69,7 @@ type ListLicenseTemplatesOptions struct {
 // ListLicenseTemplates get all license templates.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/templates/licenses.html#list-license-templates
+// https://docs.gitlab.com/api/templates/licenses/#list-license-templates
 func (s *LicenseTemplatesService) ListLicenseTemplates(opt *ListLicenseTemplatesOptions, options ...RequestOptionFunc) ([]*LicenseTemplate, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "templates/licenses", opt, options)
 	if err != nil {
@@ -89,7 +89,7 @@ func (s *LicenseTemplatesService) ListLicenseTemplates(opt *ListLicenseTemplates
 // GetLicenseTemplate() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/templates/licenses.html#single-license-template
+// https://docs.gitlab.com/api/templates/licenses/#single-license-template
 type GetLicenseTemplateOptions struct {
 	Project  *string `url:"project,omitempty" json:"project,omitempty"`
 	Fullname *string `url:"fullname,omitempty" json:"fullname,omitempty"`
@@ -99,7 +99,7 @@ type GetLicenseTemplateOptions struct {
 // to replace the license placeholder.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/templates/licenses.html#single-license-template
+// https://docs.gitlab.com/api/templates/licenses/#single-license-template
 func (s *LicenseTemplatesService) GetLicenseTemplate(template string, opt *GetLicenseTemplateOptions, options ...RequestOptionFunc) (*LicenseTemplate, *Response, error) {
 	u := fmt.Sprintf("templates/licenses/%s", template)
 
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/markdown.go b/vendor/gitlab.com/gitlab-org/api/client-go/markdown.go
index 1aa65444f5..8e2e30f655 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/markdown.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/markdown.go
@@ -10,7 +10,7 @@ type (
 	// MarkdownService handles communication with the markdown related methods of
 	// the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/markdown.html
+	// GitLab API docs: https://docs.gitlab.com/api/markdown/
 	MarkdownService struct {
 		client *Client
 	}
@@ -20,7 +20,7 @@ var _ MarkdownServiceInterface = (*MarkdownService)(nil)
 
 // Markdown represents a markdown document.
 //
-// Gitlab API docs: https://docs.gitlab.com/ee/api/markdown.html
+// Gitlab API docs: https://docs.gitlab.com/api/markdown/
 type Markdown struct {
 	HTML string `json:"html"`
 }
@@ -28,7 +28,7 @@ type Markdown struct {
 // RenderOptions represents the available Render() options.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/markdown.html#render-an-arbitrary-markdown-document
+// https://docs.gitlab.com/api/markdown/#render-an-arbitrary-markdown-document
 type RenderOptions struct {
 	Text                    *string `url:"text,omitempty" json:"text,omitempty"`
 	GitlabFlavouredMarkdown *bool   `url:"gfm,omitempty" json:"gfm,omitempty"`
@@ -38,7 +38,7 @@ type RenderOptions struct {
 // Render an arbitrary markdown document.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/markdown.html#render-an-arbitrary-markdown-document
+// https://docs.gitlab.com/api/markdown/#render-an-arbitrary-markdown-document
 func (s *MarkdownService) Render(opt *RenderOptions, options ...RequestOptionFunc) (*Markdown, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "markdown", opt, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/markdown_uploads.go b/vendor/gitlab.com/gitlab-org/api/client-go/markdown_uploads.go
new file mode 100644
index 0000000000..37a6831c58
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/markdown_uploads.go
@@ -0,0 +1,168 @@
+//
+// Copyright 2024, Sander van Harmelen
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"bytes"
+	"fmt"
+	"net/http"
+	"time"
+)
+
+// MarkdownUpload represents a single markdown upload.
+//
+// Gitlab API docs:
+// https://docs.gitlab.com/api/project_markdown_uploads/
+// https://docs.gitlab.com/api/group_markdown_uploads/
+type MarkdownUpload struct {
+	ID         int        `json:"id"`
+	Size       int        `json:"size"`
+	Filename   string     `json:"filename"`
+	CreatedAt  *time.Time `json:"created_at"`
+	UploadedBy *User      `json:"uploaded_by"`
+}
+
+// Gets a string representation of a MarkdownUpload.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/project_markdown_uploads/
+// https://docs.gitlab.com/api/group_markdown_uploads/
+func (m MarkdownUpload) String() string {
+	return Stringify(m)
+}
+
+// MarkdownUploadedFile represents a single markdown uploaded file.
+//
+// Gitlab API docs:
+// https://docs.gitlab.com/api/project_markdown_uploads/
+type MarkdownUploadedFile struct {
+	ID       int    `json:"id"`
+	Alt      string `json:"alt"`
+	URL      string `json:"url"`
+	FullPath string `json:"full_path"`
+	Markdown string `json:"markdown"`
+}
+
+// ResourceType represents the type of resource (project or group)
+type ResourceType string
+
+const (
+	ProjectResource ResourceType = "projects"
+	GroupResource   ResourceType = "groups"
+)
+
+type ListMarkdownUploadsOptions struct {
+	ListOptions
+}
+
+// listMarkdownUploads gets all markdown uploads for a resource
+func listMarkdownUploads[T any](client *Client, resourceType ResourceType, id any, opt *ListMarkdownUploadsOptions, options []RequestOptionFunc) ([]*T, *Response, error) {
+	resourceID, err := parseID(id)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("%s/%s/uploads", resourceType, PathEscape(resourceID))
+
+	req, err := client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var uploads []*T
+	resp, err := client.Do(req, &uploads)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return uploads, resp, err
+}
+
+// downloadMarkdownUploadByID downloads a specific upload by ID
+func downloadMarkdownUploadByID(client *Client, resourceType ResourceType, id any, uploadID int, options []RequestOptionFunc) (*bytes.Buffer, *Response, error) {
+	resourceID, err := parseID(id)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("%s/%s/uploads/%d", resourceType, PathEscape(resourceID), uploadID)
+
+	req, err := client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var file bytes.Buffer
+	resp, err := client.Do(req, &file)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return &file, resp, err
+}
+
+// downloadMarkdownUploadBySecretAndFilename downloads a specific upload by secret and filename
+func downloadMarkdownUploadBySecretAndFilename(client *Client, resourceType ResourceType, id any, secret string, filename string, options []RequestOptionFunc) (*bytes.Buffer, *Response, error) {
+	resourceID, err := parseID(id)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("%s/%s/uploads/%s/%s", resourceType, PathEscape(resourceID), PathEscape(secret), PathEscape(filename))
+
+	req, err := client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var file bytes.Buffer
+	resp, err := client.Do(req, &file)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return &file, resp, err
+}
+
+// deleteMarkdownUploadByID deletes an upload by ID
+func deleteMarkdownUploadByID(client *Client, resourceType ResourceType, id any, uploadID int, options []RequestOptionFunc) (*Response, error) {
+	resourceID, err := parseID(id)
+	if err != nil {
+		return nil, err
+	}
+	u := fmt.Sprintf("%s/%s/uploads/%d", resourceType, PathEscape(resourceID), uploadID)
+
+	req, err := client.NewRequest(http.MethodDelete, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return client.Do(req, nil)
+}
+
+// deleteMarkdownUploadBySecretAndFilename deletes an upload by secret and filename
+func deleteMarkdownUploadBySecretAndFilename(client *Client, resourceType ResourceType, id any, secret string, filename string, options []RequestOptionFunc) (*Response, error) {
+	resourceID, err := parseID(id)
+	if err != nil {
+		return nil, err
+	}
+	u := fmt.Sprintf("%s/%s/uploads/%s/%s", resourceType, PathEscape(resourceID), PathEscape(secret), PathEscape(filename))
+
+	req, err := client.NewRequest(http.MethodDelete, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return client.Do(req, nil)
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/member_roles.go b/vendor/gitlab.com/gitlab-org/api/client-go/member_roles.go
index cb7319e094..e9fede2146 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/member_roles.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/member_roles.go
@@ -10,9 +10,9 @@ type (
 		ListInstanceMemberRoles(options ...RequestOptionFunc) ([]*MemberRole, *Response, error)
 		CreateInstanceMemberRole(opt *CreateMemberRoleOptions, options ...RequestOptionFunc) (*MemberRole, *Response, error)
 		DeleteInstanceMemberRole(memberRoleID int, options ...RequestOptionFunc) (*Response, error)
-		ListMemberRoles(gid interface{}, options ...RequestOptionFunc) ([]*MemberRole, *Response, error)
-		CreateMemberRole(gid interface{}, opt *CreateMemberRoleOptions, options ...RequestOptionFunc) (*MemberRole, *Response, error)
-		DeleteMemberRole(gid interface{}, memberRole int, options ...RequestOptionFunc) (*Response, error)
+		ListMemberRoles(gid any, options ...RequestOptionFunc) ([]*MemberRole, *Response, error)
+		CreateMemberRole(gid any, opt *CreateMemberRoleOptions, options ...RequestOptionFunc) (*MemberRole, *Response, error)
+		DeleteMemberRole(gid any, memberRole int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// MemberRolesService handles communication with the member roles related
@@ -149,7 +149,7 @@ func (s *MemberRolesService) DeleteInstanceMemberRole(memberRoleID int, options
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/member_roles/#get-all-group-member-roles
-func (s *MemberRolesService) ListMemberRoles(gid interface{}, options ...RequestOptionFunc) ([]*MemberRole, *Response, error) {
+func (s *MemberRolesService) ListMemberRoles(gid any, options ...RequestOptionFunc) ([]*MemberRole, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -174,7 +174,7 @@ func (s *MemberRolesService) ListMemberRoles(gid interface{}, options ...Request
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/member_roles/#add-a-member-role-to-a-group
-func (s *MemberRolesService) CreateMemberRole(gid interface{}, opt *CreateMemberRoleOptions, options ...RequestOptionFunc) (*MemberRole, *Response, error) {
+func (s *MemberRolesService) CreateMemberRole(gid any, opt *CreateMemberRoleOptions, options ...RequestOptionFunc) (*MemberRole, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -199,7 +199,7 @@ func (s *MemberRolesService) CreateMemberRole(gid interface{}, opt *CreateMember
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/api/member_roles/#remove-member-role-of-a-group
-func (s *MemberRolesService) DeleteMemberRole(gid interface{}, memberRole int, options ...RequestOptionFunc) (*Response, error) {
+func (s *MemberRolesService) DeleteMemberRole(gid any, memberRole int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/merge_request_approval_settings.go b/vendor/gitlab.com/gitlab-org/api/client-go/merge_request_approval_settings.go
index c72aae0158..c1701be22f 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/merge_request_approval_settings.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/merge_request_approval_settings.go
@@ -21,10 +21,10 @@ import (
 
 type (
 	MergeRequestApprovalSettingsServiceInterface interface {
-		GetGroupMergeRequestApprovalSettings(gid interface{}, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error)
-		UpdateGroupMergeRequestApprovalSettings(gid interface{}, opt *UpdateMergeRequestApprovalSettingsOptions, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error)
-		GetProjectMergeRequestApprovalSettings(pid interface{}, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error)
-		UpdateProjectMergeRequestApprovalSettings(pid interface{}, opt *UpdateMergeRequestApprovalSettingsOptions, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error)
+		GetGroupMergeRequestApprovalSettings(gid any, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error)
+		UpdateGroupMergeRequestApprovalSettings(gid any, opt *UpdateMergeRequestApprovalSettingsOptions, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error)
+		GetProjectMergeRequestApprovalSettings(pid any, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error)
+		UpdateProjectMergeRequestApprovalSettings(pid any, opt *UpdateMergeRequestApprovalSettingsOptions, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error)
 	}
 
 	// MergeRequestApprovalSettingsService handles communication with the merge
@@ -69,7 +69,7 @@ type MergeRequestApprovalSetting struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/merge_request_approval_settings/#get-group-mr-approval-settings
-func (s *MergeRequestApprovalSettingsService) GetGroupMergeRequestApprovalSettings(gid interface{}, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error) {
+func (s *MergeRequestApprovalSettingsService) GetGroupMergeRequestApprovalSettings(gid any, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -111,7 +111,7 @@ type UpdateMergeRequestApprovalSettingsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/merge_request_approval_settings/#update-group-mr-approval-settings
-func (s *MergeRequestApprovalSettingsService) UpdateGroupMergeRequestApprovalSettings(gid interface{}, opt *UpdateMergeRequestApprovalSettingsOptions, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error) {
+func (s *MergeRequestApprovalSettingsService) UpdateGroupMergeRequestApprovalSettings(gid any, opt *UpdateMergeRequestApprovalSettingsOptions, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -137,7 +137,7 @@ func (s *MergeRequestApprovalSettingsService) UpdateGroupMergeRequestApprovalSet
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/merge_request_approval_settings/#get-project-mr-approval-settings
-func (s *MergeRequestApprovalSettingsService) GetProjectMergeRequestApprovalSettings(pid interface{}, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error) {
+func (s *MergeRequestApprovalSettingsService) GetProjectMergeRequestApprovalSettings(pid any, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -163,7 +163,7 @@ func (s *MergeRequestApprovalSettingsService) GetProjectMergeRequestApprovalSett
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/merge_request_approval_settings/#update-project-mr-approval-settings
-func (s *MergeRequestApprovalSettingsService) UpdateProjectMergeRequestApprovalSettings(pid interface{}, opt *UpdateMergeRequestApprovalSettingsOptions, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error) {
+func (s *MergeRequestApprovalSettingsService) UpdateProjectMergeRequestApprovalSettings(pid any, opt *UpdateMergeRequestApprovalSettingsOptions, options ...RequestOptionFunc) (*MergeRequestApprovalSettings, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/merge_request_approvals.go b/vendor/gitlab.com/gitlab-org/api/client-go/merge_request_approvals.go
index 0bbf60ac20..80d16bec68 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/merge_request_approvals.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/merge_request_approvals.go
@@ -24,24 +24,23 @@ import (
 
 type (
 	MergeRequestApprovalsServiceInterface interface {
-		ApproveMergeRequest(pid interface{}, mr int, opt *ApproveMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error)
-		UnapproveMergeRequest(pid interface{}, mr int, options ...RequestOptionFunc) (*Response, error)
-		ResetApprovalsOfMergeRequest(pid interface{}, mr int, options ...RequestOptionFunc) (*Response, error)
-		GetConfiguration(pid interface{}, mr int, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error)
-		ChangeApprovalConfiguration(pid interface{}, mergeRequest int, opt *ChangeMergeRequestApprovalConfigurationOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
-		ChangeAllowedApprovers(pid interface{}, mergeRequest int, opt *ChangeMergeRequestAllowedApproversOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
-		GetApprovalRules(pid interface{}, mergeRequest int, options ...RequestOptionFunc) ([]*MergeRequestApprovalRule, *Response, error)
-		GetApprovalState(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeRequestApprovalState, *Response, error)
-		CreateApprovalRule(pid interface{}, mergeRequest int, opt *CreateMergeRequestApprovalRuleOptions, options ...RequestOptionFunc) (*MergeRequestApprovalRule, *Response, error)
-		UpdateApprovalRule(pid interface{}, mergeRequest int, approvalRule int, opt *UpdateMergeRequestApprovalRuleOptions, options ...RequestOptionFunc) (*MergeRequestApprovalRule, *Response, error)
-		DeleteApprovalRule(pid interface{}, mergeRequest int, approvalRule int, options ...RequestOptionFunc) (*Response, error)
+		ApproveMergeRequest(pid any, mr int, opt *ApproveMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error)
+		UnapproveMergeRequest(pid any, mr int, options ...RequestOptionFunc) (*Response, error)
+		ResetApprovalsOfMergeRequest(pid any, mr int, options ...RequestOptionFunc) (*Response, error)
+		GetConfiguration(pid any, mr int, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error)
+		ChangeApprovalConfiguration(pid any, mergeRequest int, opt *ChangeMergeRequestApprovalConfigurationOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
+		GetApprovalRules(pid any, mergeRequest int, options ...RequestOptionFunc) ([]*MergeRequestApprovalRule, *Response, error)
+		GetApprovalState(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeRequestApprovalState, *Response, error)
+		CreateApprovalRule(pid any, mergeRequest int, opt *CreateMergeRequestApprovalRuleOptions, options ...RequestOptionFunc) (*MergeRequestApprovalRule, *Response, error)
+		UpdateApprovalRule(pid any, mergeRequest int, approvalRule int, opt *UpdateMergeRequestApprovalRuleOptions, options ...RequestOptionFunc) (*MergeRequestApprovalRule, *Response, error)
+		DeleteApprovalRule(pid any, mergeRequest int, approvalRule int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// MergeRequestApprovalsService handles communication with the merge request
 	// approvals related methods of the GitLab API. This includes reading/updating
 	// approval settings and approve/unapproving merge requests
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/merge_request_approvals.html
+	// GitLab API docs: https://docs.gitlab.com/api/merge_request_approvals/
 	MergeRequestApprovalsService struct {
 		client *Client
 	}
@@ -52,7 +51,7 @@ var _ MergeRequestApprovalsServiceInterface = (*MergeRequestApprovalsService)(ni
 // MergeRequestApprovals represents GitLab merge request approvals.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#merge-request-level-mr-approvals
+// https://docs.gitlab.com/api/merge_request_approvals/#single-merge-request-approval
 type MergeRequestApprovals struct {
 	ID                             int                          `json:"id"`
 	IID                            int                          `json:"iid"`
@@ -87,7 +86,7 @@ func (m MergeRequestApprovals) String() string {
 // MergeRequestApproverGroup  represents GitLab project level merge request approver group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#project-level-mr-approvals
+// https://docs.gitlab.com/api/merge_request_approvals/#project-approval-rules
 type MergeRequestApproverGroup struct {
 	Group struct {
 		ID                   int    `json:"id"`
@@ -107,7 +106,7 @@ type MergeRequestApproverGroup struct {
 // MergeRequestApprovalRule represents a GitLab merge request approval rule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#get-merge-request-level-rules
+// https://docs.gitlab.com/api/merge_request_approvals/#get-merge-request-approval-rules
 type MergeRequestApprovalRule struct {
 	ID                   int                  `json:"id"`
 	Name                 string               `json:"name"`
@@ -127,7 +126,7 @@ type MergeRequestApprovalRule struct {
 // MergeRequestApprovalState represents a GitLab merge request approval state.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#get-the-approval-state-of-merge-requests
+// https://docs.gitlab.com/api/merge_request_approvals/#get-the-approval-state-of-merge-requests
 type MergeRequestApprovalState struct {
 	ApprovalRulesOverwritten bool                        `json:"approval_rules_overwritten"`
 	Rules                    []*MergeRequestApprovalRule `json:"rules"`
@@ -141,7 +140,7 @@ func (s MergeRequestApprovalRule) String() string {
 // MergeRequestApproverUser  represents GitLab project level merge request approver user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#project-level-mr-approvals
+// https://docs.gitlab.com/api/merge_request_approvals/#project-approval-rules
 type MergeRequestApproverUser struct {
 	User *BasicUser
 }
@@ -149,7 +148,7 @@ type MergeRequestApproverUser struct {
 // ApproveMergeRequestOptions represents the available ApproveMergeRequest() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#approve-merge-request
+// https://docs.gitlab.com/api/merge_request_approvals/#approve-merge-request
 type ApproveMergeRequestOptions struct {
 	SHA *string `url:"sha,omitempty" json:"sha,omitempty"`
 }
@@ -158,8 +157,8 @@ type ApproveMergeRequestOptions struct {
 // is provided then it must match the sha at the HEAD of the MR.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#approve-merge-request
-func (s *MergeRequestApprovalsService) ApproveMergeRequest(pid interface{}, mr int, opt *ApproveMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#approve-merge-request
+func (s *MergeRequestApprovalsService) ApproveMergeRequest(pid any, mr int, opt *ApproveMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -183,8 +182,8 @@ func (s *MergeRequestApprovalsService) ApproveMergeRequest(pid interface{}, mr i
 // UnapproveMergeRequest unapproves a previously approved merge request on GitLab.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#unapprove-merge-request
-func (s *MergeRequestApprovalsService) UnapproveMergeRequest(pid interface{}, mr int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#unapprove-merge-request
+func (s *MergeRequestApprovalsService) UnapproveMergeRequest(pid any, mr int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -203,8 +202,8 @@ func (s *MergeRequestApprovalsService) UnapproveMergeRequest(pid interface{}, mr
 // Available only for bot users based on project or group tokens.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#reset-approvals-of-a-merge-request
-func (s *MergeRequestApprovalsService) ResetApprovalsOfMergeRequest(pid interface{}, mr int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#reset-approvals-of-a-merge-request
+func (s *MergeRequestApprovalsService) ResetApprovalsOfMergeRequest(pid any, mr int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -219,20 +218,11 @@ func (s *MergeRequestApprovalsService) ResetApprovalsOfMergeRequest(pid interfac
 	return s.client.Do(req, nil)
 }
 
-// ChangeMergeRequestApprovalConfigurationOptions represents the available
-// ChangeMergeRequestApprovalConfiguration() options.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#change-approval-configuration-deprecated
-type ChangeMergeRequestApprovalConfigurationOptions struct {
-	ApprovalsRequired *int `url:"approvals_required,omitempty" json:"approvals_required,omitempty"`
-}
-
 // GetConfiguration shows information about single merge request approvals
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#get-configuration-1
-func (s *MergeRequestApprovalsService) GetConfiguration(pid interface{}, mr int, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#single-merge-request-approval
+func (s *MergeRequestApprovalsService) GetConfiguration(pid any, mr int, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -253,53 +243,25 @@ func (s *MergeRequestApprovalsService) GetConfiguration(pid interface{}, mr int,
 	return m, resp, nil
 }
 
-// ChangeApprovalConfiguration updates the approval configuration of a merge request.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#change-approval-configuration-deprecated
-func (s *MergeRequestApprovalsService) ChangeApprovalConfiguration(pid interface{}, mergeRequest int, opt *ChangeMergeRequestApprovalConfigurationOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/merge_requests/%d/approvals", PathEscape(project), mergeRequest)
-
-	req, err := s.client.NewRequest(http.MethodPost, u, opt, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	m := new(MergeRequest)
-	resp, err := s.client.Do(req, m)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return m, resp, nil
-}
-
-// ChangeMergeRequestAllowedApproversOptions represents the available
-// ChangeMergeRequestAllowedApprovers() options.
+// ChangeMergeRequestApprovalConfigurationOptions represents the available
+// ChangeMergeRequestApprovalConfiguration() options.
 //
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#change-allowed-approvers-for-merge-request
-type ChangeMergeRequestAllowedApproversOptions struct {
-	ApproverIDs      []int `url:"approver_ids" json:"approver_ids"`
-	ApproverGroupIDs []int `url:"approver_group_ids" json:"approver_group_ids"`
+// Deprecated: in GitLab 16.0
+type ChangeMergeRequestApprovalConfigurationOptions struct {
+	ApprovalsRequired *int `url:"approvals_required,omitempty" json:"approvals_required,omitempty"`
 }
 
-// ChangeAllowedApprovers updates the approvers for a merge request.
+// ChangeApprovalConfiguration updates the approval configuration of a merge request.
 //
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#change-allowed-approvers-for-merge-request
-func (s *MergeRequestApprovalsService) ChangeAllowedApprovers(pid interface{}, mergeRequest int, opt *ChangeMergeRequestAllowedApproversOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
+// Deprecated: in GitLab 16.0
+func (s *MergeRequestApprovalsService) ChangeApprovalConfiguration(pid any, mergeRequest int, opt *ChangeMergeRequestApprovalConfigurationOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
 	}
-	u := fmt.Sprintf("projects/%s/merge_requests/%d/approvers", PathEscape(project), mergeRequest)
+	u := fmt.Sprintf("projects/%s/merge_requests/%d/approvals", PathEscape(project), mergeRequest)
 
-	req, err := s.client.NewRequest(http.MethodPut, u, opt, options)
+	req, err := s.client.NewRequest(http.MethodPost, u, opt, options)
 	if err != nil {
 		return nil, nil, err
 	}
@@ -316,8 +278,8 @@ func (s *MergeRequestApprovalsService) ChangeAllowedApprovers(pid interface{}, m
 // GetApprovalRules requests information about a merge request’s approval rules
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#get-merge-request-level-rules
-func (s *MergeRequestApprovalsService) GetApprovalRules(pid interface{}, mergeRequest int, options ...RequestOptionFunc) ([]*MergeRequestApprovalRule, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#get-merge-request-approval-rules
+func (s *MergeRequestApprovalsService) GetApprovalRules(pid any, mergeRequest int, options ...RequestOptionFunc) ([]*MergeRequestApprovalRule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -341,8 +303,8 @@ func (s *MergeRequestApprovalsService) GetApprovalRules(pid interface{}, mergeRe
 // GetApprovalState requests information about a merge request’s approval state
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#get-the-approval-state-of-merge-requests
-func (s *MergeRequestApprovalsService) GetApprovalState(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeRequestApprovalState, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#get-the-approval-state-of-merge-requests
+func (s *MergeRequestApprovalsService) GetApprovalState(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeRequestApprovalState, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -367,7 +329,7 @@ func (s *MergeRequestApprovalsService) GetApprovalState(pid interface{}, mergeRe
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#create-merge-request-level-rule
+// https://docs.gitlab.com/api/merge_request_approvals/#create-merge-request-rule
 type CreateMergeRequestApprovalRuleOptions struct {
 	Name                  *string `url:"name,omitempty" json:"name,omitempty"`
 	ApprovalsRequired     *int    `url:"approvals_required,omitempty" json:"approvals_required,omitempty"`
@@ -379,8 +341,8 @@ type CreateMergeRequestApprovalRuleOptions struct {
 // CreateApprovalRule creates a new MR level approval rule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#create-merge-request-level-rule
-func (s *MergeRequestApprovalsService) CreateApprovalRule(pid interface{}, mergeRequest int, opt *CreateMergeRequestApprovalRuleOptions, options ...RequestOptionFunc) (*MergeRequestApprovalRule, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#create-merge-request-rule
+func (s *MergeRequestApprovalsService) CreateApprovalRule(pid any, mergeRequest int, opt *CreateMergeRequestApprovalRuleOptions, options ...RequestOptionFunc) (*MergeRequestApprovalRule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -405,7 +367,7 @@ func (s *MergeRequestApprovalsService) CreateApprovalRule(pid interface{}, merge
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#update-merge-request-level-rule
+// https://docs.gitlab.com/api/merge_request_approvals/#update-merge-request-rule
 type UpdateMergeRequestApprovalRuleOptions struct {
 	Name              *string `url:"name,omitempty" json:"name,omitempty"`
 	ApprovalsRequired *int    `url:"approvals_required,omitempty" json:"approvals_required,omitempty"`
@@ -416,8 +378,8 @@ type UpdateMergeRequestApprovalRuleOptions struct {
 // UpdateApprovalRule updates an existing approval rule with new options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#update-merge-request-level-rule
-func (s *MergeRequestApprovalsService) UpdateApprovalRule(pid interface{}, mergeRequest int, approvalRule int, opt *UpdateMergeRequestApprovalRuleOptions, options ...RequestOptionFunc) (*MergeRequestApprovalRule, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#update-merge-request-rule
+func (s *MergeRequestApprovalsService) UpdateApprovalRule(pid any, mergeRequest int, approvalRule int, opt *UpdateMergeRequestApprovalRuleOptions, options ...RequestOptionFunc) (*MergeRequestApprovalRule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -441,8 +403,8 @@ func (s *MergeRequestApprovalsService) UpdateApprovalRule(pid interface{}, merge
 // DeleteApprovalRule deletes a mr level approval rule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#delete-merge-request-level-rule
-func (s *MergeRequestApprovalsService) DeleteApprovalRule(pid interface{}, mergeRequest int, approvalRule int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#delete-merge-request-rule
+func (s *MergeRequestApprovalsService) DeleteApprovalRule(pid any, mergeRequest int, approvalRule int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/merge_requests.go b/vendor/gitlab.com/gitlab-org/api/client-go/merge_requests.go
index 38f366d7b1..08578fcd87 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/merge_requests.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/merge_requests.go
@@ -27,44 +27,45 @@ import (
 type (
 	MergeRequestsServiceInterface interface {
 		ListMergeRequests(opt *ListMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
-		ListProjectMergeRequests(pid interface{}, opt *ListProjectMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
-		ListGroupMergeRequests(gid interface{}, opt *ListGroupMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
-		GetMergeRequest(pid interface{}, mergeRequest int, opt *GetMergeRequestsOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
-		GetMergeRequestApprovals(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error)
-		GetMergeRequestCommits(pid interface{}, mergeRequest int, opt *GetMergeRequestCommitsOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error)
-		GetMergeRequestChanges(pid interface{}, mergeRequest int, opt *GetMergeRequestChangesOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
-		ListMergeRequestDiffs(pid interface{}, mergeRequest int, opt *ListMergeRequestDiffsOptions, options ...RequestOptionFunc) ([]*MergeRequestDiff, *Response, error)
-		ShowMergeRequestRawDiffs(pid interface{}, mergeRequest int, opt *ShowMergeRequestRawDiffsOptions, options ...RequestOptionFunc) ([]byte, *Response, error)
-		GetMergeRequestParticipants(pid interface{}, mergeRequest int, options ...RequestOptionFunc) ([]*BasicUser, *Response, error)
-		GetMergeRequestReviewers(pid interface{}, mergeRequest int, options ...RequestOptionFunc) ([]*MergeRequestReviewer, *Response, error)
-		ListMergeRequestPipelines(pid interface{}, mergeRequest int, options ...RequestOptionFunc) ([]*PipelineInfo, *Response, error)
-		CreateMergeRequestPipeline(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*PipelineInfo, *Response, error)
-		GetIssuesClosedOnMerge(pid interface{}, mergeRequest int, opt *GetIssuesClosedOnMergeOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
-		CreateMergeRequest(pid interface{}, opt *CreateMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
-		UpdateMergeRequest(pid interface{}, mergeRequest int, opt *UpdateMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
-		DeleteMergeRequest(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*Response, error)
-		AcceptMergeRequest(pid interface{}, mergeRequest int, opt *AcceptMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
-		CancelMergeWhenPipelineSucceeds(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
-		RebaseMergeRequest(pid interface{}, mergeRequest int, opt *RebaseMergeRequestOptions, options ...RequestOptionFunc) (*Response, error)
-		GetMergeRequestDiffVersions(pid interface{}, mergeRequest int, opt *GetMergeRequestDiffVersionsOptions, options ...RequestOptionFunc) ([]*MergeRequestDiffVersion, *Response, error)
-		GetSingleMergeRequestDiffVersion(pid interface{}, mergeRequest, version int, opt *GetSingleMergeRequestDiffVersionOptions, options ...RequestOptionFunc) (*MergeRequestDiffVersion, *Response, error)
-		SubscribeToMergeRequest(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
-		UnsubscribeFromMergeRequest(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
-		CreateTodo(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*Todo, *Response, error)
-		SetTimeEstimate(pid interface{}, mergeRequest int, opt *SetTimeEstimateOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error)
-		ResetTimeEstimate(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
-		AddSpentTime(pid interface{}, mergeRequest int, opt *AddSpentTimeOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error)
-		ResetSpentTime(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
-		GetTimeSpent(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
-		CreateMergeRequestDependency(pid interface{}, mergeRequest int, opts CreateMergeRequestDependencyOptions, options ...RequestOptionFunc) (*MergeRequestDependency, *Response, error)
-		DeleteMergeRequestDependency(pid interface{}, mergeRequest int, blockingMergeRequest int, options ...RequestOptionFunc) (*Response, error)
-		GetMergeRequestDependencies(pid interface{}, mergeRequest int, options ...RequestOptionFunc) ([]MergeRequestDependency, *Response, error)
+		ListProjectMergeRequests(pid any, opt *ListProjectMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
+		ListGroupMergeRequests(gid any, opt *ListGroupMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
+		GetMergeRequest(pid any, mergeRequest int, opt *GetMergeRequestsOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
+		GetMergeRequestApprovals(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error)
+		GetMergeRequestCommits(pid any, mergeRequest int, opt *GetMergeRequestCommitsOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error)
+		GetMergeRequestChanges(pid any, mergeRequest int, opt *GetMergeRequestChangesOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
+		ListMergeRequestDiffs(pid any, mergeRequest int, opt *ListMergeRequestDiffsOptions, options ...RequestOptionFunc) ([]*MergeRequestDiff, *Response, error)
+		ShowMergeRequestRawDiffs(pid any, mergeRequest int, opt *ShowMergeRequestRawDiffsOptions, options ...RequestOptionFunc) ([]byte, *Response, error)
+		GetMergeRequestParticipants(pid any, mergeRequest int, options ...RequestOptionFunc) ([]*BasicUser, *Response, error)
+		GetMergeRequestReviewers(pid any, mergeRequest int, options ...RequestOptionFunc) ([]*MergeRequestReviewer, *Response, error)
+		ListMergeRequestPipelines(pid any, mergeRequest int, options ...RequestOptionFunc) ([]*PipelineInfo, *Response, error)
+		CreateMergeRequestPipeline(pid any, mergeRequest int, options ...RequestOptionFunc) (*PipelineInfo, *Response, error)
+		GetIssuesClosedOnMerge(pid any, mergeRequest int, opt *GetIssuesClosedOnMergeOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
+		ListRelatedIssues(pid any, mergeRequest int, opt *ListRelatedIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
+		CreateMergeRequest(pid any, opt *CreateMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
+		UpdateMergeRequest(pid any, mergeRequest int, opt *UpdateMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
+		DeleteMergeRequest(pid any, mergeRequest int, options ...RequestOptionFunc) (*Response, error)
+		AcceptMergeRequest(pid any, mergeRequest int, opt *AcceptMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
+		CancelMergeWhenPipelineSucceeds(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
+		RebaseMergeRequest(pid any, mergeRequest int, opt *RebaseMergeRequestOptions, options ...RequestOptionFunc) (*Response, error)
+		GetMergeRequestDiffVersions(pid any, mergeRequest int, opt *GetMergeRequestDiffVersionsOptions, options ...RequestOptionFunc) ([]*MergeRequestDiffVersion, *Response, error)
+		GetSingleMergeRequestDiffVersion(pid any, mergeRequest, version int, opt *GetSingleMergeRequestDiffVersionOptions, options ...RequestOptionFunc) (*MergeRequestDiffVersion, *Response, error)
+		SubscribeToMergeRequest(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
+		UnsubscribeFromMergeRequest(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error)
+		CreateTodo(pid any, mergeRequest int, options ...RequestOptionFunc) (*Todo, *Response, error)
+		SetTimeEstimate(pid any, mergeRequest int, opt *SetTimeEstimateOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error)
+		ResetTimeEstimate(pid any, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
+		AddSpentTime(pid any, mergeRequest int, opt *AddSpentTimeOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error)
+		ResetSpentTime(pid any, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
+		GetTimeSpent(pid any, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error)
+		CreateMergeRequestDependency(pid any, mergeRequest int, opts CreateMergeRequestDependencyOptions, options ...RequestOptionFunc) (*MergeRequestDependency, *Response, error)
+		DeleteMergeRequestDependency(pid any, mergeRequest int, blockingMergeRequest int, options ...RequestOptionFunc) (*Response, error)
+		GetMergeRequestDependencies(pid any, mergeRequest int, options ...RequestOptionFunc) ([]MergeRequestDependency, *Response, error)
 	}
 
 	// MergeRequestsService handles communication with the merge requests related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/merge_requests.html
+	// GitLab API docs: https://docs.gitlab.com/api/merge_requests/
 	MergeRequestsService struct {
 		client    *Client
 		timeStats *timeStatsService
@@ -76,7 +77,7 @@ var _ MergeRequestsServiceInterface = (*MergeRequestsService)(nil)
 // BasicMergeRequest represents a basic GitLab merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html
+// https://docs.gitlab.com/api/merge_requests/
 type BasicMergeRequest struct {
 	ID                          int                    `json:"id"`
 	IID                         int                    `json:"iid"`
@@ -104,7 +105,6 @@ type BasicMergeRequest struct {
 	Milestone                   *Milestone             `json:"milestone"`
 	MergeWhenPipelineSucceeds   bool                   `json:"merge_when_pipeline_succeeds"`
 	DetailedMergeStatus         string                 `json:"detailed_merge_status"`
-	MergedBy                    *BasicUser             `json:"merged_by"`
 	MergeUser                   *BasicUser             `json:"merge_user"`
 	MergedAt                    *time.Time             `json:"merged_at"`
 	MergeAfter                  *time.Time             `json:"merge_after"`
@@ -128,6 +128,9 @@ type BasicMergeRequest struct {
 	TaskCompletionStatus        *TasksCompletionStatus `json:"task_completion_status"`
 	HasConflicts                bool                   `json:"has_conflicts"`
 	BlockingDiscussionsResolved bool                   `json:"blocking_discussions_resolved"`
+
+	// Deprecated: will be removed in v5 of the API, use MergeUser instead
+	MergedBy *BasicUser `json:"merged_by"`
 }
 
 func (m BasicMergeRequest) String() string {
@@ -136,14 +139,13 @@ func (m BasicMergeRequest) String() string {
 
 // MergeRequest represents a GitLab merge request.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/merge_requests.html
+// GitLab API docs: https://docs.gitlab.com/api/merge_requests/
 type MergeRequest struct {
 	BasicMergeRequest
-	WorkInProgress bool   `json:"work_in_progress"`
-	MergeError     string `json:"merge_error"`
-	Subscribed     bool   `json:"subscribed"`
-	ChangesCount   string `json:"changes_count"`
-	User           struct {
+	MergeError   string `json:"merge_error"`
+	Subscribed   bool   `json:"subscribed"`
+	ChangesCount string `json:"changes_count"`
+	User         struct {
 		CanMerge bool `json:"can_merge"`
 	} `json:"user"`
 	LatestBuildStartedAt        *time.Time    `json:"latest_build_started_at"`
@@ -159,6 +161,9 @@ type MergeRequest struct {
 	RebaseInProgress     bool `json:"rebase_in_progress"`
 	DivergedCommitsCount int  `json:"diverged_commits_count"`
 	FirstContribution    bool `json:"first_contribution"`
+
+	// Deprecated: use Draft instead
+	WorkInProgress bool `json:"work_in_progress"`
 }
 
 func (m MergeRequest) String() string {
@@ -168,22 +173,22 @@ func (m MergeRequest) String() string {
 func (m *MergeRequest) UnmarshalJSON(data []byte) error {
 	type alias MergeRequest
 
-	raw := make(map[string]interface{})
+	raw := make(map[string]any)
 	err := json.Unmarshal(data, &raw)
 	if err != nil {
 		return err
 	}
 
-	labelDetails, ok := raw["labels"].([]interface{})
+	labelDetails, ok := raw["labels"].([]any)
 	if ok && len(labelDetails) > 0 {
 		// We only want to change anything if we got label details.
-		if _, ok := labelDetails[0].(map[string]interface{}); !ok {
+		if _, ok := labelDetails[0].(map[string]any); !ok {
 			return json.Unmarshal(data, (*alias)(m))
 		}
 
-		labels := make([]interface{}, len(labelDetails))
+		labels := make([]any, len(labelDetails))
 		for i, details := range labelDetails {
-			labels[i] = details.(map[string]interface{})["name"]
+			labels[i] = details.(map[string]any)["name"]
 		}
 
 		// Set the correct values
@@ -202,22 +207,23 @@ func (m *MergeRequest) UnmarshalJSON(data []byte) error {
 // MergeRequestDiff represents Gitlab merge request diff.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-merge-request-diffs
+// https://docs.gitlab.com/api/merge_requests/#list-merge-request-diffs
 type MergeRequestDiff struct {
-	OldPath     string `json:"old_path"`
-	NewPath     string `json:"new_path"`
-	AMode       string `json:"a_mode"`
-	BMode       string `json:"b_mode"`
-	Diff        string `json:"diff"`
-	NewFile     bool   `json:"new_file"`
-	RenamedFile bool   `json:"renamed_file"`
-	DeletedFile bool   `json:"deleted_file"`
+	OldPath       string `json:"old_path"`
+	NewPath       string `json:"new_path"`
+	AMode         string `json:"a_mode"`
+	BMode         string `json:"b_mode"`
+	Diff          string `json:"diff"`
+	NewFile       bool   `json:"new_file"`
+	RenamedFile   bool   `json:"renamed_file"`
+	DeletedFile   bool   `json:"deleted_file"`
+	GeneratedFile bool   `json:"generated_file"`
 }
 
 // MergeRequestDiffVersion represents Gitlab merge request version.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-merge-request-diff-versions
+// https://docs.gitlab.com/api/merge_requests/#get-merge-request-diff-versions
 type MergeRequestDiffVersion struct {
 	ID             int        `json:"id"`
 	HeadCommitSHA  string     `json:"head_commit_sha,omitempty"`
@@ -239,7 +245,7 @@ func (m MergeRequestDiffVersion) String() string {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-merge-requests
+// https://docs.gitlab.com/api/merge_requests/#list-merge-requests
 type ListMergeRequestsOptions struct {
 	ListOptions
 	Approved               *string           `url:"approved,omitempty" json:"approved,omitempty"`
@@ -280,7 +286,7 @@ type ListMergeRequestsOptions struct {
 // used to restrict the list of merge requests.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-merge-requests
+// https://docs.gitlab.com/api/merge_requests/#list-merge-requests
 func (s *MergeRequestsService) ListMergeRequests(opt *ListMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "merge_requests", opt, options)
 	if err != nil {
@@ -300,7 +306,7 @@ func (s *MergeRequestsService) ListMergeRequests(opt *ListMergeRequestsOptions,
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-project-merge-requests
+// https://docs.gitlab.com/api/merge_requests/#list-project-merge-requests
 type ListProjectMergeRequestsOptions struct {
 	ListOptions
 	IIDs                   *[]int            `url:"iids[],omitempty" json:"iids,omitempty"`
@@ -337,8 +343,8 @@ type ListProjectMergeRequestsOptions struct {
 // ListProjectMergeRequests gets all merge requests for this project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-project-merge-requests
-func (s *MergeRequestsService) ListProjectMergeRequests(pid interface{}, opt *ListProjectMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#list-project-merge-requests
+func (s *MergeRequestsService) ListProjectMergeRequests(pid any, opt *ListProjectMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -363,7 +369,7 @@ func (s *MergeRequestsService) ListProjectMergeRequests(pid interface{}, opt *Li
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-group-merge-requests
+// https://docs.gitlab.com/api/merge_requests/#list-group-merge-requests
 type ListGroupMergeRequestsOptions struct {
 	ListOptions
 	State                  *string           `url:"state,omitempty" json:"state,omitempty"`
@@ -400,8 +406,8 @@ type ListGroupMergeRequestsOptions struct {
 // ListGroupMergeRequests gets all merge requests for this group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-group-merge-requests
-func (s *MergeRequestsService) ListGroupMergeRequests(gid interface{}, opt *ListGroupMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#list-group-merge-requests
+func (s *MergeRequestsService) ListGroupMergeRequests(gid any, opt *ListGroupMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -426,7 +432,7 @@ func (s *MergeRequestsService) ListGroupMergeRequests(gid interface{}, opt *List
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-single-mr
+// https://docs.gitlab.com/api/merge_requests/#get-single-mr
 type GetMergeRequestsOptions struct {
 	RenderHTML                  *bool `url:"render_html,omitempty" json:"render_html,omitempty"`
 	IncludeDivergedCommitsCount *bool `url:"include_diverged_commits_count,omitempty" json:"include_diverged_commits_count,omitempty"`
@@ -436,8 +442,8 @@ type GetMergeRequestsOptions struct {
 // GetMergeRequest shows information about a single merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-single-mr
-func (s *MergeRequestsService) GetMergeRequest(pid interface{}, mergeRequest int, opt *GetMergeRequestsOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#get-single-mr
+func (s *MergeRequestsService) GetMergeRequest(pid any, mergeRequest int, opt *GetMergeRequestsOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -461,8 +467,8 @@ func (s *MergeRequestsService) GetMergeRequest(pid interface{}, mergeRequest int
 // GetMergeRequestApprovals gets information about a merge requests approvals
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#merge-request-level-mr-approvals
-func (s *MergeRequestsService) GetMergeRequestApprovals(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#single-merge-request-approval
+func (s *MergeRequestsService) GetMergeRequestApprovals(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeRequestApprovals, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -487,14 +493,14 @@ func (s *MergeRequestsService) GetMergeRequestApprovals(pid interface{}, mergeRe
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-single-merge-request-commits
+// https://docs.gitlab.com/api/merge_requests/#get-single-merge-request-commits
 type GetMergeRequestCommitsOptions ListOptions
 
 // GetMergeRequestCommits gets a list of merge request commits.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-single-merge-request-commits
-func (s *MergeRequestsService) GetMergeRequestCommits(pid interface{}, mergeRequest int, opt *GetMergeRequestCommitsOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#get-single-merge-request-commits
+func (s *MergeRequestsService) GetMergeRequestCommits(pid any, mergeRequest int, opt *GetMergeRequestCommitsOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -517,9 +523,11 @@ func (s *MergeRequestsService) GetMergeRequestCommits(pid interface{}, mergeRequ
 
 // GetMergeRequestChangesOptions represents the available GetMergeRequestChanges()
 // options.
+// Deprecated: This endpoint has been replaced by
+// MergeRequestsService.ListMergeRequestDiffs()
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-single-merge-request-changes
+// https://docs.gitlab.com/api/merge_requests/#get-single-merge-request-changes
 type GetMergeRequestChangesOptions struct {
 	AccessRawDiffs *bool `url:"access_raw_diffs,omitempty" json:"access_raw_diffs,omitempty"`
 	Unidiff        *bool `url:"unidiff,omitempty" json:"unidiff,omitempty"`
@@ -532,8 +540,8 @@ type GetMergeRequestChangesOptions struct {
 // MergeRequestsService.ListMergeRequestDiffs()
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-single-merge-request-changes
-func (s *MergeRequestsService) GetMergeRequestChanges(pid interface{}, mergeRequest int, opt *GetMergeRequestChangesOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#get-single-merge-request-changes
+func (s *MergeRequestsService) GetMergeRequestChanges(pid any, mergeRequest int, opt *GetMergeRequestChangesOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -558,7 +566,7 @@ func (s *MergeRequestsService) GetMergeRequestChanges(pid interface{}, mergeRequ
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-merge-request-diffs
+// https://docs.gitlab.com/api/merge_requests/#list-merge-request-diffs
 type ListMergeRequestDiffsOptions struct {
 	ListOptions
 	Unidiff *bool `url:"unidiff,omitempty" json:"unidiff,omitempty"`
@@ -567,8 +575,8 @@ type ListMergeRequestDiffsOptions struct {
 // ListMergeRequestDiffs List diffs of the files changed in a merge request
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-merge-request-diffs
-func (s *MergeRequestsService) ListMergeRequestDiffs(pid interface{}, mergeRequest int, opt *ListMergeRequestDiffsOptions, options ...RequestOptionFunc) ([]*MergeRequestDiff, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#list-merge-request-diffs
+func (s *MergeRequestsService) ListMergeRequestDiffs(pid any, mergeRequest int, opt *ListMergeRequestDiffsOptions, options ...RequestOptionFunc) ([]*MergeRequestDiff, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -593,14 +601,14 @@ func (s *MergeRequestsService) ListMergeRequestDiffs(pid interface{}, mergeReque
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#show-merge-request-raw-diffs
+// https://docs.gitlab.com/api/merge_requests/#show-merge-request-raw-diffs
 type ShowMergeRequestRawDiffsOptions struct{}
 
 // ShowMergeRequestRawDiffs Show raw diffs of the files changed in a merge request
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#show-merge-request-raw-diffs
-func (s *MergeRequestsService) ShowMergeRequestRawDiffs(pid interface{}, mergeRequest int, opt *ShowMergeRequestRawDiffsOptions, options ...RequestOptionFunc) ([]byte, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#show-merge-request-raw-diffs
+func (s *MergeRequestsService) ShowMergeRequestRawDiffs(pid any, mergeRequest int, opt *ShowMergeRequestRawDiffsOptions, options ...RequestOptionFunc) ([]byte, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return []byte{}, nil, err
@@ -628,8 +636,8 @@ func (s *MergeRequestsService) ShowMergeRequestRawDiffs(pid interface{}, mergeRe
 // GetMergeRequestParticipants gets a list of merge request participants.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-single-merge-request-participants
-func (s *MergeRequestsService) GetMergeRequestParticipants(pid interface{}, mergeRequest int, options ...RequestOptionFunc) ([]*BasicUser, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#get-single-merge-request-participants
+func (s *MergeRequestsService) GetMergeRequestParticipants(pid any, mergeRequest int, options ...RequestOptionFunc) ([]*BasicUser, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -653,7 +661,7 @@ func (s *MergeRequestsService) GetMergeRequestParticipants(pid interface{}, merg
 // MergeRequestReviewer represents a GitLab merge request reviewer.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-single-merge-request-reviewers
+// https://docs.gitlab.com/api/merge_requests/#get-single-merge-request-reviewers
 type MergeRequestReviewer struct {
 	User      *BasicUser `json:"user"`
 	State     string     `json:"state"`
@@ -663,8 +671,8 @@ type MergeRequestReviewer struct {
 // GetMergeRequestReviewers gets a list of merge request reviewers.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-single-merge-request-reviewers
-func (s *MergeRequestsService) GetMergeRequestReviewers(pid interface{}, mergeRequest int, options ...RequestOptionFunc) ([]*MergeRequestReviewer, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#get-single-merge-request-reviewers
+func (s *MergeRequestsService) GetMergeRequestReviewers(pid any, mergeRequest int, options ...RequestOptionFunc) ([]*MergeRequestReviewer, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -688,8 +696,8 @@ func (s *MergeRequestsService) GetMergeRequestReviewers(pid interface{}, mergeRe
 // ListMergeRequestPipelines gets all pipelines for the provided merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-merge-request-pipelines
-func (s *MergeRequestsService) ListMergeRequestPipelines(pid interface{}, mergeRequest int, options ...RequestOptionFunc) ([]*PipelineInfo, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#list-merge-request-pipelines
+func (s *MergeRequestsService) ListMergeRequestPipelines(pid any, mergeRequest int, options ...RequestOptionFunc) ([]*PipelineInfo, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -713,8 +721,8 @@ func (s *MergeRequestsService) ListMergeRequestPipelines(pid interface{}, mergeR
 // CreateMergeRequestPipeline creates a new pipeline for a merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#create-merge-request-pipeline
-func (s *MergeRequestsService) CreateMergeRequestPipeline(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*PipelineInfo, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#create-merge-request-pipeline
+func (s *MergeRequestsService) CreateMergeRequestPipeline(pid any, mergeRequest int, options ...RequestOptionFunc) (*PipelineInfo, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -739,15 +747,15 @@ func (s *MergeRequestsService) CreateMergeRequestPipeline(pid interface{}, merge
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-issues-that-close-on-merge
+// https://docs.gitlab.com/api/merge_requests/#list-issues-that-close-on-merge
 type GetIssuesClosedOnMergeOptions ListOptions
 
 // GetIssuesClosedOnMerge gets all the issues that would be closed by merging the
 // provided merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#list-issues-that-close-on-merge
-func (s *MergeRequestsService) GetIssuesClosedOnMerge(pid interface{}, mergeRequest int, opt *GetIssuesClosedOnMergeOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#list-issues-that-close-on-merge
+func (s *MergeRequestsService) GetIssuesClosedOnMerge(pid any, mergeRequest int, opt *GetIssuesClosedOnMergeOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -768,33 +776,67 @@ func (s *MergeRequestsService) GetIssuesClosedOnMerge(pid interface{}, mergeRequ
 	return i, resp, nil
 }
 
+// ListRelatedIssuesOptions represents the available ListRelatedIssues() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/merge_requests/#list-issues-related-to-the-merge-request
+type ListRelatedIssuesOptions ListOptions
+
+// ListRelatedIssues gets all the issues related to provided merge request.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/merge_requests/#list-issues-related-to-the-merge-request
+func (s *MergeRequestsService) ListRelatedIssues(pid any, mergeRequest int, opt *ListRelatedIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	u := fmt.Sprintf("projects/%s/merge_requests/%d/related_issues", PathEscape(project), mergeRequest)
+
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var i []*Issue
+	resp, err := s.client.Do(req, &i)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return i, resp, nil
+}
+
 // CreateMergeRequestOptions represents the available CreateMergeRequest()
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#create-mr
+// https://docs.gitlab.com/api/merge_requests/#create-mr
 type CreateMergeRequestOptions struct {
-	Title                *string       `url:"title,omitempty" json:"title,omitempty"`
-	Description          *string       `url:"description,omitempty" json:"description,omitempty"`
-	SourceBranch         *string       `url:"source_branch,omitempty" json:"source_branch,omitempty"`
-	TargetBranch         *string       `url:"target_branch,omitempty" json:"target_branch,omitempty"`
-	Labels               *LabelOptions `url:"labels,comma,omitempty" json:"labels,omitempty"`
-	AssigneeID           *int          `url:"assignee_id,omitempty" json:"assignee_id,omitempty"`
-	AssigneeIDs          *[]int        `url:"assignee_ids,omitempty" json:"assignee_ids,omitempty"`
-	ReviewerIDs          *[]int        `url:"reviewer_ids,omitempty" json:"reviewer_ids,omitempty"`
-	TargetProjectID      *int          `url:"target_project_id,omitempty" json:"target_project_id,omitempty"`
-	MilestoneID          *int          `url:"milestone_id,omitempty" json:"milestone_id,omitempty"`
-	RemoveSourceBranch   *bool         `url:"remove_source_branch,omitempty" json:"remove_source_branch,omitempty"`
-	Squash               *bool         `url:"squash,omitempty" json:"squash,omitempty"`
-	AllowCollaboration   *bool         `url:"allow_collaboration,omitempty" json:"allow_collaboration,omitempty"`
-	ApprovalsBeforeMerge *int          `url:"approvals_before_merge,omitempty" json:"approvals_before_merge,omitempty"`
+	Title              *string       `url:"title,omitempty" json:"title,omitempty"`
+	Description        *string       `url:"description,omitempty" json:"description,omitempty"`
+	SourceBranch       *string       `url:"source_branch,omitempty" json:"source_branch,omitempty"`
+	TargetBranch       *string       `url:"target_branch,omitempty" json:"target_branch,omitempty"`
+	Labels             *LabelOptions `url:"labels,comma,omitempty" json:"labels,omitempty"`
+	AssigneeID         *int          `url:"assignee_id,omitempty" json:"assignee_id,omitempty"`
+	AssigneeIDs        *[]int        `url:"assignee_ids,omitempty" json:"assignee_ids,omitempty"`
+	ReviewerIDs        *[]int        `url:"reviewer_ids,omitempty" json:"reviewer_ids,omitempty"`
+	TargetProjectID    *int          `url:"target_project_id,omitempty" json:"target_project_id,omitempty"`
+	MilestoneID        *int          `url:"milestone_id,omitempty" json:"milestone_id,omitempty"`
+	RemoveSourceBranch *bool         `url:"remove_source_branch,omitempty" json:"remove_source_branch,omitempty"`
+	Squash             *bool         `url:"squash,omitempty" json:"squash,omitempty"`
+	AllowCollaboration *bool         `url:"allow_collaboration,omitempty" json:"allow_collaboration,omitempty"`
+
+	// Deprecated: will be removed in v5 of the API, use the Merge Request Approvals API instead
+	ApprovalsBeforeMerge *int `url:"approvals_before_merge,omitempty" json:"approvals_before_merge,omitempty"`
 }
 
 // CreateMergeRequest creates a new merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#create-mr
-func (s *MergeRequestsService) CreateMergeRequest(pid interface{}, opt *CreateMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#create-mr
+func (s *MergeRequestsService) CreateMergeRequest(pid any, opt *CreateMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -819,7 +861,7 @@ func (s *MergeRequestsService) CreateMergeRequest(pid interface{}, opt *CreateMe
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#update-mr
+// https://docs.gitlab.com/api/merge_requests/#update-mr
 type UpdateMergeRequestOptions struct {
 	Title              *string       `url:"title,omitempty" json:"title,omitempty"`
 	Description        *string       `url:"description,omitempty" json:"description,omitempty"`
@@ -841,8 +883,8 @@ type UpdateMergeRequestOptions struct {
 // UpdateMergeRequest updates an existing project milestone.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#update-mr
-func (s *MergeRequestsService) UpdateMergeRequest(pid interface{}, mergeRequest int, opt *UpdateMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#update-mr
+func (s *MergeRequestsService) UpdateMergeRequest(pid any, mergeRequest int, opt *UpdateMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -866,8 +908,8 @@ func (s *MergeRequestsService) UpdateMergeRequest(pid interface{}, mergeRequest
 // DeleteMergeRequest deletes a merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#delete-a-merge-request
-func (s *MergeRequestsService) DeleteMergeRequest(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#delete-a-merge-request
+func (s *MergeRequestsService) DeleteMergeRequest(pid any, mergeRequest int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -886,7 +928,7 @@ func (s *MergeRequestsService) DeleteMergeRequest(pid interface{}, mergeRequest
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#merge-a-merge-request
+// https://docs.gitlab.com/api/merge_requests/#merge-a-merge-request
 type AcceptMergeRequestOptions struct {
 	MergeCommitMessage        *string `url:"merge_commit_message,omitempty" json:"merge_commit_message,omitempty"`
 	SquashCommitMessage       *string `url:"squash_commit_message,omitempty" json:"squash_commit_message,omitempty"`
@@ -902,8 +944,8 @@ type AcceptMergeRequestOptions struct {
 // already merged or closed - you get 405 and error message 'Method Not Allowed'
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#merge-a-merge-request
-func (s *MergeRequestsService) AcceptMergeRequest(pid interface{}, mergeRequest int, opt *AcceptMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#merge-a-merge-request
+func (s *MergeRequestsService) AcceptMergeRequest(pid any, mergeRequest int, opt *AcceptMergeRequestOptions, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -931,8 +973,8 @@ func (s *MergeRequestsService) AcceptMergeRequest(pid interface{}, mergeRequest
 // merged when the pipeline succeeds, you'll also get a 406 error.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#cancel-merge-when-pipeline-succeeds
-func (s *MergeRequestsService) CancelMergeWhenPipelineSucceeds(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#cancel-merge-when-pipeline-succeeds
+func (s *MergeRequestsService) CancelMergeWhenPipelineSucceeds(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -957,7 +999,7 @@ func (s *MergeRequestsService) CancelMergeWhenPipelineSucceeds(pid interface{},
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#rebase-a-merge-request
+// https://docs.gitlab.com/api/merge_requests/#rebase-a-merge-request
 type RebaseMergeRequestOptions struct {
 	SkipCI *bool `url:"skip_ci,omitempty" json:"skip_ci,omitempty"`
 }
@@ -967,8 +1009,8 @@ type RebaseMergeRequestOptions struct {
 // to the merge request’s source branch, you’ll get a 403 Forbidden response.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#rebase-a-merge-request
-func (s *MergeRequestsService) RebaseMergeRequest(pid interface{}, mergeRequest int, opt *RebaseMergeRequestOptions, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#rebase-a-merge-request
+func (s *MergeRequestsService) RebaseMergeRequest(pid any, mergeRequest int, opt *RebaseMergeRequestOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -987,14 +1029,14 @@ func (s *MergeRequestsService) RebaseMergeRequest(pid interface{}, mergeRequest
 // GetMergeRequestDiffVersions() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-merge-request-diff-versions
+// https://docs.gitlab.com/api/merge_requests/#get-merge-request-diff-versions
 type GetMergeRequestDiffVersionsOptions ListOptions
 
 // GetMergeRequestDiffVersions get a list of merge request diff versions.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-merge-request-diff-versions
-func (s *MergeRequestsService) GetMergeRequestDiffVersions(pid interface{}, mergeRequest int, opt *GetMergeRequestDiffVersionsOptions, options ...RequestOptionFunc) ([]*MergeRequestDiffVersion, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#get-merge-request-diff-versions
+func (s *MergeRequestsService) GetMergeRequestDiffVersions(pid any, mergeRequest int, opt *GetMergeRequestDiffVersionsOptions, options ...RequestOptionFunc) ([]*MergeRequestDiffVersion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1019,7 +1061,7 @@ func (s *MergeRequestsService) GetMergeRequestDiffVersions(pid interface{}, merg
 // GetSingleMergeRequestDiffVersion() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-a-single-merge-request-diff-version
+// https://docs.gitlab.com/api/merge_requests/#get-a-single-merge-request-diff-version
 type GetSingleMergeRequestDiffVersionOptions struct {
 	Unidiff *bool `url:"unidiff,omitempty" json:"unidiff,omitempty"`
 }
@@ -1027,8 +1069,8 @@ type GetSingleMergeRequestDiffVersionOptions struct {
 // GetSingleMergeRequestDiffVersion get a single MR diff version
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-a-single-merge-request-diff-version
-func (s *MergeRequestsService) GetSingleMergeRequestDiffVersion(pid interface{}, mergeRequest, version int, opt *GetSingleMergeRequestDiffVersionOptions, options ...RequestOptionFunc) (*MergeRequestDiffVersion, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#get-a-single-merge-request-diff-version
+func (s *MergeRequestsService) GetSingleMergeRequestDiffVersion(pid any, mergeRequest, version int, opt *GetSingleMergeRequestDiffVersionOptions, options ...RequestOptionFunc) (*MergeRequestDiffVersion, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1054,8 +1096,8 @@ func (s *MergeRequestsService) GetSingleMergeRequestDiffVersion(pid interface{},
 // merge request, the status code 304 is returned.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#subscribe-to-a-merge-request
-func (s *MergeRequestsService) SubscribeToMergeRequest(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#subscribe-to-a-merge-request
+func (s *MergeRequestsService) SubscribeToMergeRequest(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1082,8 +1124,8 @@ func (s *MergeRequestsService) SubscribeToMergeRequest(pid interface{}, mergeReq
 // returned.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#unsubscribe-from-a-merge-request
-func (s *MergeRequestsService) UnsubscribeFromMergeRequest(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#unsubscribe-from-a-merge-request
+func (s *MergeRequestsService) UnsubscribeFromMergeRequest(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1109,8 +1151,8 @@ func (s *MergeRequestsService) UnsubscribeFromMergeRequest(pid interface{}, merg
 // status code 304 is returned.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#create-a-to-do-item
-func (s *MergeRequestsService) CreateTodo(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*Todo, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#create-a-to-do-item
+func (s *MergeRequestsService) CreateTodo(pid any, mergeRequest int, options ...RequestOptionFunc) (*Todo, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1134,47 +1176,47 @@ func (s *MergeRequestsService) CreateTodo(pid interface{}, mergeRequest int, opt
 // SetTimeEstimate sets the time estimate for a single project merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#set-a-time-estimate-for-a-merge-request
-func (s *MergeRequestsService) SetTimeEstimate(pid interface{}, mergeRequest int, opt *SetTimeEstimateOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#set-a-time-estimate-for-a-merge-request
+func (s *MergeRequestsService) SetTimeEstimate(pid any, mergeRequest int, opt *SetTimeEstimateOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	return s.timeStats.setTimeEstimate(pid, "merge_requests", mergeRequest, opt, options...)
 }
 
 // ResetTimeEstimate resets the time estimate for a single project merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#reset-the-time-estimate-for-a-merge-request
-func (s *MergeRequestsService) ResetTimeEstimate(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#reset-the-time-estimate-for-a-merge-request
+func (s *MergeRequestsService) ResetTimeEstimate(pid any, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	return s.timeStats.resetTimeEstimate(pid, "merge_requests", mergeRequest, options...)
 }
 
 // AddSpentTime adds spent time for a single project merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#add-spent-time-for-a-merge-request
-func (s *MergeRequestsService) AddSpentTime(pid interface{}, mergeRequest int, opt *AddSpentTimeOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#add-spent-time-for-a-merge-request
+func (s *MergeRequestsService) AddSpentTime(pid any, mergeRequest int, opt *AddSpentTimeOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	return s.timeStats.addSpentTime(pid, "merge_requests", mergeRequest, opt, options...)
 }
 
 // ResetSpentTime resets the spent time for a single project merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#reset-spent-time-for-a-merge-request
-func (s *MergeRequestsService) ResetSpentTime(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#reset-spent-time-for-a-merge-request
+func (s *MergeRequestsService) ResetSpentTime(pid any, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	return s.timeStats.resetSpentTime(pid, "merge_requests", mergeRequest, options...)
 }
 
 // GetTimeSpent gets the spent time for a single project merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-time-tracking-stats
-func (s *MergeRequestsService) GetTimeSpent(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#get-time-tracking-stats
+func (s *MergeRequestsService) GetTimeSpent(pid any, mergeRequest int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	return s.timeStats.getTimeSpent(pid, "merge_requests", mergeRequest, options...)
 }
 
 // MergeRequestDependency represents a GitLab merge request dependency.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#create-a-merge-request-dependency
+// https://docs.gitlab.com/api/merge_requests/#create-a-merge-request-dependency
 type MergeRequestDependency struct {
 	ID                   int                  `json:"id"`
 	BlockingMergeRequest BlockingMergeRequest `json:"blocking_merge_request"`
@@ -1184,7 +1226,7 @@ type MergeRequestDependency struct {
 // BlockingMergeRequest represents a GitLab merge request dependency.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#create-a-merge-request-dependency
+// https://docs.gitlab.com/api/merge_requests/#create-a-merge-request-dependency
 type BlockingMergeRequest struct {
 	ID                          int                    `json:"id"`
 	Iid                         int                    `json:"iid"`
@@ -1206,11 +1248,9 @@ type BlockingMergeRequest struct {
 	Labels                      *LabelOptions          `json:"labels"`
 	Description                 string                 `json:"description"`
 	Draft                       bool                   `json:"draft"`
-	WorkInProgress              bool                   `json:"work_in_progress"`
 	Milestone                   *string                `json:"milestone"`
-	MergeWhenPipelineSucceeds   bool                   `json:"merge_when_pipeline_succeeds"`
+	AutoMerge                   bool                   `json:"auto_merge"`
 	DetailedMergeStatus         string                 `json:"detailed_merge_status"`
-	MergedBy                    *BasicUser             `json:"merged_by"`
 	MergedAt                    *time.Time             `json:"merged_at"`
 	ClosedBy                    *BasicUser             `json:"closed_by"`
 	ClosedAt                    *time.Time             `json:"closed_at"`
@@ -1225,18 +1265,28 @@ type BlockingMergeRequest struct {
 	DiscussionLocked            *bool                  `json:"discussion_locked"`
 	TimeStats                   *TimeStats             `json:"time_stats"`
 	Squash                      bool                   `json:"squash"`
-	ApprovalsBeforeMerge        *int                   `json:"approvals_before_merge"`
-	Reference                   string                 `json:"reference"`
 	TaskCompletionStatus        *TasksCompletionStatus `json:"task_completion_status"`
 	HasConflicts                bool                   `json:"has_conflicts"`
 	BlockingDiscussionsResolved bool                   `json:"blocking_discussions_resolved"`
-	MergeStatus                 string                 `json:"merge_status"`
 	MergeUser                   *BasicUser             `json:"merge_user"`
 	MergeAfter                  time.Time              `json:"merge_after"`
 	Imported                    bool                   `json:"imported"`
 	ImportedFrom                string                 `json:"imported_from"`
 	PreparedAt                  *time.Time             `json:"prepared_at"`
 	SquashOnMerge               bool                   `json:"squash_on_merge"`
+
+	// Deprecated: use Draft instead
+	WorkInProgress bool `json:"work_in_progress"`
+	// Deprecated: will be removed in v5 of the API, use AutoMerge instead
+	MergeWhenPipelineSucceeds bool `json:"merge_when_pipeline_succeeds"`
+	// Deprecated: will be removed in v5 of the API, use MergeUser instead
+	MergedBy *BasicUser `json:"merged_by"`
+	// Deprecated: will be removed in v5 of the API, use the Merge Request Approvals API instead
+	ApprovalsBeforeMerge *int `json:"approvals_before_merge"`
+	// Deprecated: will be removed in v5 of the API, use References instead
+	Reference string `json:"reference"`
+	// Deprecated: in 15.6, use DetailedMergeStatus instead
+	MergeStatus string `json:"merge_status"`
 }
 
 func (m MergeRequestDependency) String() string {
@@ -1247,7 +1297,7 @@ func (m MergeRequestDependency) String() string {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#create-a-merge-request-dependency
+// https://docs.gitlab.com/api/merge_requests/#create-a-merge-request-dependency
 type CreateMergeRequestDependencyOptions struct {
 	BlockingMergeRequestID *int `url:"blocking_merge_request_id,omitempty" json:"blocking_merge_request_id,omitempty"`
 }
@@ -1256,8 +1306,8 @@ type CreateMergeRequestDependencyOptions struct {
 // merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#create-a-merge-request-dependency
-func (s *MergeRequestsService) CreateMergeRequestDependency(pid interface{}, mergeRequest int, opts CreateMergeRequestDependencyOptions, options ...RequestOptionFunc) (*MergeRequestDependency, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#create-a-merge-request-dependency
+func (s *MergeRequestsService) CreateMergeRequestDependency(pid any, mergeRequest int, opts CreateMergeRequestDependencyOptions, options ...RequestOptionFunc) (*MergeRequestDependency, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1282,8 +1332,8 @@ func (s *MergeRequestsService) CreateMergeRequestDependency(pid interface{}, mer
 // merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#delete-a-merge-request-dependency
-func (s *MergeRequestsService) DeleteMergeRequestDependency(pid interface{}, mergeRequest int, blockingMergeRequest int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#delete-a-merge-request-dependency
+func (s *MergeRequestsService) DeleteMergeRequestDependency(pid any, mergeRequest int, blockingMergeRequest int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1295,19 +1345,14 @@ func (s *MergeRequestsService) DeleteMergeRequestDependency(pid interface{}, mer
 		return nil, err
 	}
 
-	resp, err := s.client.Do(req, nil)
-	if err != nil {
-		return resp, err
-	}
-
-	return resp, err
+	return s.client.Do(req, nil)
 }
 
 // GetMergeRequestDependencies gets a list of merge request dependencies.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_requests.html#get-merge-request-dependencies
-func (s *MergeRequestsService) GetMergeRequestDependencies(pid interface{}, mergeRequest int, options ...RequestOptionFunc) ([]MergeRequestDependency, *Response, error) {
+// https://docs.gitlab.com/api/merge_requests/#get-merge-request-dependencies
+func (s *MergeRequestsService) GetMergeRequestDependencies(pid any, mergeRequest int, options ...RequestOptionFunc) ([]MergeRequestDependency, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/merge_trains.go b/vendor/gitlab.com/gitlab-org/api/client-go/merge_trains.go
index 4e14f7b3db..bfeb65801c 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/merge_trains.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/merge_trains.go
@@ -8,16 +8,16 @@ import (
 
 type (
 	MergeTrainsServiceInterface interface {
-		ListProjectMergeTrains(pid interface{}, opt *ListMergeTrainsOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error)
-		ListMergeRequestInMergeTrain(pid interface{}, targetBranch string, opts *ListMergeTrainsOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error)
-		GetMergeRequestOnAMergeTrain(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeTrain, *Response, error)
-		AddMergeRequestToMergeTrain(pid interface{}, mergeRequest int, opts *AddMergeRequestToMergeTrainOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error)
+		ListProjectMergeTrains(pid any, opt *ListMergeTrainsOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error)
+		ListMergeRequestInMergeTrain(pid any, targetBranch string, opts *ListMergeTrainsOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error)
+		GetMergeRequestOnAMergeTrain(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeTrain, *Response, error)
+		AddMergeRequestToMergeTrain(pid any, mergeRequest int, opts *AddMergeRequestToMergeTrainOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error)
 	}
 
 	// MergeTrainsService handles communication with the merge trains related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/merge_trains.html
+	// GitLab API docs: https://docs.gitlab.com/api/merge_trains/
 	MergeTrainsService struct {
 		client *Client
 	}
@@ -27,7 +27,7 @@ var _ MergeTrainsServiceInterface = (*MergeTrainsService)(nil)
 
 // MergeTrain represents a Gitlab merge train.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/merge_trains.html
+// GitLab API docs: https://docs.gitlab.com/api/merge_trains/
 type MergeTrain struct {
 	ID           int                     `json:"id"`
 	MergeRequest *MergeTrainMergeRequest `json:"merge_request"`
@@ -43,7 +43,7 @@ type MergeTrain struct {
 
 // MergeTrainMergeRequest represents a Gitlab merge request inside merge train.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/merge_trains.html
+// GitLab API docs: https://docs.gitlab.com/api/merge_trains/
 type MergeTrainMergeRequest struct {
 	ID          int        `json:"id"`
 	IID         int        `json:"iid"`
@@ -59,7 +59,7 @@ type MergeTrainMergeRequest struct {
 // ListMergeTrainsOptions represents the available ListMergeTrain() options.
 //
 // Gitab API docs:
-// https://docs.gitlab.com/ee/api/merge_trains.html#list-merge-trains-for-a-project
+// https://docs.gitlab.com/api/merge_trains/#list-merge-trains-for-a-project
 type ListMergeTrainsOptions struct {
 	ListOptions
 	Scope *string `url:"scope,omitempty" json:"scope,omitempty"`
@@ -69,8 +69,8 @@ type ListMergeTrainsOptions struct {
 // ListProjectMergeTrains get a list of merge trains in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_trains.html#list-merge-trains-for-a-project
-func (s *MergeTrainsService) ListProjectMergeTrains(pid interface{}, opt *ListMergeTrainsOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error) {
+// https://docs.gitlab.com/api/merge_trains/#list-merge-trains-for-a-project
+func (s *MergeTrainsService) ListProjectMergeTrains(pid any, opt *ListMergeTrainsOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -95,8 +95,8 @@ func (s *MergeTrainsService) ListProjectMergeTrains(pid interface{}, opt *ListMe
 // train for the requested target branch.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_trains.html#list-merge-requests-in-a-merge-train
-func (s *MergeTrainsService) ListMergeRequestInMergeTrain(pid interface{}, targetBranch string, opts *ListMergeTrainsOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error) {
+// https://docs.gitlab.com/api/merge_trains/#list-merge-requests-in-a-merge-train
+func (s *MergeTrainsService) ListMergeRequestInMergeTrain(pid any, targetBranch string, opts *ListMergeTrainsOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -121,8 +121,8 @@ func (s *MergeTrainsService) ListMergeRequestInMergeTrain(pid interface{}, targe
 // merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_trains.html#get-the-status-of-a-merge-request-on-a-merge-train
-func (s *MergeTrainsService) GetMergeRequestOnAMergeTrain(pid interface{}, mergeRequest int, options ...RequestOptionFunc) (*MergeTrain, *Response, error) {
+// https://docs.gitlab.com/api/merge_trains/#get-the-status-of-a-merge-request-on-a-merge-train
+func (s *MergeTrainsService) GetMergeRequestOnAMergeTrain(pid any, mergeRequest int, options ...RequestOptionFunc) (*MergeTrain, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -147,19 +147,22 @@ func (s *MergeTrainsService) GetMergeRequestOnAMergeTrain(pid interface{}, merge
 // AddMergeRequestToMergeTrain() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_trains.html#add-a-merge-request-to-a-merge-train
+// https://docs.gitlab.com/api/merge_trains/#add-a-merge-request-to-a-merge-train
 type AddMergeRequestToMergeTrainOptions struct {
-	WhenPipelineSucceeds *bool   `url:"when_pipeline_succeeds,omitempty" json:"when_pipeline_succeeds,omitempty"`
-	SHA                  *string `url:"sha,omitempty" json:"sha,omitempty"`
-	Squash               *bool   `url:"squash,omitempty" json:"squash,omitempty"`
+	AutoMerge *bool   `url:"auto_merge,omitempty" json:"auto_merge,omitempty"`
+	SHA       *string `url:"sha,omitempty" json:"sha,omitempty"`
+	Squash    *bool   `url:"squash,omitempty" json:"squash,omitempty"`
+
+	// Deprecated: in 17.11, use AutoMerge instead
+	WhenPipelineSucceeds *bool `url:"when_pipeline_succeeds,omitempty" json:"when_pipeline_succeeds,omitempty"`
 }
 
 // AddMergeRequestToMergeTrain Add a merge request to the merge train targeting
 // the merge request’s target branch.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_trains.html#add-a-merge-request-to-a-merge-train
-func (s *MergeTrainsService) AddMergeRequestToMergeTrain(pid interface{}, mergeRequest int, opts *AddMergeRequestToMergeTrainOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error) {
+// https://docs.gitlab.com/api/merge_trains/#add-a-merge-request-to-a-merge-train
+func (s *MergeTrainsService) AddMergeRequestToMergeTrain(pid any, mergeRequest int, opts *AddMergeRequestToMergeTrainOptions, options ...RequestOptionFunc) ([]*MergeTrain, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/metadata.go b/vendor/gitlab.com/gitlab-org/api/client-go/metadata.go
index d07428032c..0a702f8e33 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/metadata.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/metadata.go
@@ -26,7 +26,7 @@ type (
 	// MetadataService handles communication with the GitLab server instance to
 	// retrieve its metadata information via the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/metadata.html
+	// GitLab API docs: https://docs.gitlab.com/api/metadata/
 	MetadataService struct {
 		client *Client
 	}
@@ -36,7 +36,7 @@ var _ MetadataServiceInterface = (*MetadataService)(nil)
 
 // Metadata represents a GitLab instance version.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/metadata.html
+// GitLab API docs: https://docs.gitlab.com/api/metadata/
 type Metadata struct {
 	Version  string `json:"version"`
 	Revision string `json:"revision"`
@@ -55,7 +55,7 @@ func (s Metadata) String() string {
 
 // GetMetadata gets a GitLab server instance meteadata.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/metadata.html
+// GitLab API docs: https://docs.gitlab.com/api/metadata/
 func (s *MetadataService) GetMetadata(options ...RequestOptionFunc) (*Metadata, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "metadata", nil, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/milestones.go b/vendor/gitlab.com/gitlab-org/api/client-go/milestones.go
index 191a953022..3bcf0657bb 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/milestones.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/milestones.go
@@ -24,19 +24,19 @@ import (
 
 type (
 	MilestonesServiceInterface interface {
-		ListMilestones(pid interface{}, opt *ListMilestonesOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error)
-		GetMilestone(pid interface{}, milestone int, options ...RequestOptionFunc) (*Milestone, *Response, error)
-		CreateMilestone(pid interface{}, opt *CreateMilestoneOptions, options ...RequestOptionFunc) (*Milestone, *Response, error)
-		UpdateMilestone(pid interface{}, milestone int, opt *UpdateMilestoneOptions, options ...RequestOptionFunc) (*Milestone, *Response, error)
-		DeleteMilestone(pid interface{}, milestone int, options ...RequestOptionFunc) (*Response, error)
-		GetMilestoneIssues(pid interface{}, milestone int, opt *GetMilestoneIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
-		GetMilestoneMergeRequests(pid interface{}, milestone int, opt *GetMilestoneMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
+		ListMilestones(pid any, opt *ListMilestonesOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error)
+		GetMilestone(pid any, milestone int, options ...RequestOptionFunc) (*Milestone, *Response, error)
+		CreateMilestone(pid any, opt *CreateMilestoneOptions, options ...RequestOptionFunc) (*Milestone, *Response, error)
+		UpdateMilestone(pid any, milestone int, opt *UpdateMilestoneOptions, options ...RequestOptionFunc) (*Milestone, *Response, error)
+		DeleteMilestone(pid any, milestone int, options ...RequestOptionFunc) (*Response, error)
+		GetMilestoneIssues(pid any, milestone int, opt *GetMilestoneIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
+		GetMilestoneMergeRequests(pid any, milestone int, opt *GetMilestoneMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error)
 	}
 
 	// MilestonesService handles communication with the milestone related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/milestones.html
+	// GitLab API docs: https://docs.gitlab.com/api/milestones/
 	MilestonesService struct {
 		client *Client
 	}
@@ -46,7 +46,7 @@ var _ MilestonesServiceInterface = (*MilestonesService)(nil)
 
 // Milestone represents a GitLab milestone.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/milestones.html
+// GitLab API docs: https://docs.gitlab.com/api/milestones/
 type Milestone struct {
 	ID          int        `json:"id"`
 	IID         int        `json:"iid"`
@@ -70,21 +70,24 @@ func (m Milestone) String() string {
 // ListMilestonesOptions represents the available ListMilestones() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#list-project-milestones
+// https://docs.gitlab.com/api/milestones/#list-project-milestones
 type ListMilestonesOptions struct {
 	ListOptions
-	IIDs                    *[]int  `url:"iids[],omitempty" json:"iids,omitempty"`
-	Title                   *string `url:"title,omitempty" json:"title,omitempty"`
-	State                   *string `url:"state,omitempty" json:"state,omitempty"`
-	Search                  *string `url:"search,omitempty" json:"search,omitempty"`
-	IncludeParentMilestones *bool   `url:"include_parent_milestones,omitempty" json:"include_parent_milestones,omitempty"`
+	IIDs             *[]int  `url:"iids[],omitempty" json:"iids,omitempty"`
+	Title            *string `url:"title,omitempty" json:"title,omitempty"`
+	State            *string `url:"state,omitempty" json:"state,omitempty"`
+	Search           *string `url:"search,omitempty" json:"search,omitempty"`
+	IncludeAncestors *bool   `url:"include_ancestors,omitempty" json:"include_ancestors,omitempty"`
+
+	// Deprecated: in GitLab 16,7, use IncludeAncestors instead
+	IncludeParentMilestones *bool `url:"include_parent_milestones,omitempty" json:"include_parent_milestones,omitempty"`
 }
 
 // ListMilestones returns a list of project milestones.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#list-project-milestones
-func (s *MilestonesService) ListMilestones(pid interface{}, opt *ListMilestonesOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error) {
+// https://docs.gitlab.com/api/milestones/#list-project-milestones
+func (s *MilestonesService) ListMilestones(pid any, opt *ListMilestonesOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -108,8 +111,8 @@ func (s *MilestonesService) ListMilestones(pid interface{}, opt *ListMilestonesO
 // GetMilestone gets a single project milestone.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#get-single-milestone
-func (s *MilestonesService) GetMilestone(pid interface{}, milestone int, options ...RequestOptionFunc) (*Milestone, *Response, error) {
+// https://docs.gitlab.com/api/milestones/#get-single-milestone
+func (s *MilestonesService) GetMilestone(pid any, milestone int, options ...RequestOptionFunc) (*Milestone, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -133,7 +136,7 @@ func (s *MilestonesService) GetMilestone(pid interface{}, milestone int, options
 // CreateMilestoneOptions represents the available CreateMilestone() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#create-new-milestone
+// https://docs.gitlab.com/api/milestones/#create-new-milestone
 type CreateMilestoneOptions struct {
 	Title       *string  `url:"title,omitempty" json:"title,omitempty"`
 	Description *string  `url:"description,omitempty" json:"description,omitempty"`
@@ -144,8 +147,8 @@ type CreateMilestoneOptions struct {
 // CreateMilestone creates a new project milestone.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#create-new-milestone
-func (s *MilestonesService) CreateMilestone(pid interface{}, opt *CreateMilestoneOptions, options ...RequestOptionFunc) (*Milestone, *Response, error) {
+// https://docs.gitlab.com/api/milestones/#create-new-milestone
+func (s *MilestonesService) CreateMilestone(pid any, opt *CreateMilestoneOptions, options ...RequestOptionFunc) (*Milestone, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -169,7 +172,7 @@ func (s *MilestonesService) CreateMilestone(pid interface{}, opt *CreateMileston
 // UpdateMilestoneOptions represents the available UpdateMilestone() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#edit-milestone
+// https://docs.gitlab.com/api/milestones/#edit-milestone
 type UpdateMilestoneOptions struct {
 	Title       *string  `url:"title,omitempty" json:"title,omitempty"`
 	Description *string  `url:"description,omitempty" json:"description,omitempty"`
@@ -181,8 +184,8 @@ type UpdateMilestoneOptions struct {
 // UpdateMilestone updates an existing project milestone.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#edit-milestone
-func (s *MilestonesService) UpdateMilestone(pid interface{}, milestone int, opt *UpdateMilestoneOptions, options ...RequestOptionFunc) (*Milestone, *Response, error) {
+// https://docs.gitlab.com/api/milestones/#edit-milestone
+func (s *MilestonesService) UpdateMilestone(pid any, milestone int, opt *UpdateMilestoneOptions, options ...RequestOptionFunc) (*Milestone, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -206,8 +209,8 @@ func (s *MilestonesService) UpdateMilestone(pid interface{}, milestone int, opt
 // DeleteMilestone deletes a specified project milestone.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#delete-project-milestone
-func (s *MilestonesService) DeleteMilestone(pid interface{}, milestone int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/milestones/#delete-project-milestone
+func (s *MilestonesService) DeleteMilestone(pid any, milestone int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -224,14 +227,14 @@ func (s *MilestonesService) DeleteMilestone(pid interface{}, milestone int, opti
 // GetMilestoneIssuesOptions represents the available GetMilestoneIssues() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#get-all-issues-assigned-to-a-single-milestone
+// https://docs.gitlab.com/api/milestones/#get-all-issues-assigned-to-a-single-milestone
 type GetMilestoneIssuesOptions ListOptions
 
 // GetMilestoneIssues gets all issues assigned to a single project milestone.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#get-all-issues-assigned-to-a-single-milestone
-func (s *MilestonesService) GetMilestoneIssues(pid interface{}, milestone int, opt *GetMilestoneIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
+// https://docs.gitlab.com/api/milestones/#get-all-issues-assigned-to-a-single-milestone
+func (s *MilestonesService) GetMilestoneIssues(pid any, milestone int, opt *GetMilestoneIssuesOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -256,15 +259,15 @@ func (s *MilestonesService) GetMilestoneIssues(pid interface{}, milestone int, o
 // GetMilestoneMergeRequests() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#get-all-merge-requests-assigned-to-a-single-milestone
+// https://docs.gitlab.com/api/milestones/#get-all-merge-requests-assigned-to-a-single-milestone
 type GetMilestoneMergeRequestsOptions ListOptions
 
 // GetMilestoneMergeRequests gets all merge requests assigned to a single
 // project milestone.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/milestones.html#get-all-merge-requests-assigned-to-a-single-milestone
-func (s *MilestonesService) GetMilestoneMergeRequests(pid interface{}, milestone int, opt *GetMilestoneMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/milestones/#get-all-merge-requests-assigned-to-a-single-milestone
+func (s *MilestonesService) GetMilestoneMergeRequests(pid any, milestone int, opt *GetMilestoneMergeRequestsOptions, options ...RequestOptionFunc) ([]*BasicMergeRequest, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/namespaces.go b/vendor/gitlab.com/gitlab-org/api/client-go/namespaces.go
index db35ed9eff..b4768551c8 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/namespaces.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/namespaces.go
@@ -25,14 +25,14 @@ type (
 	NamespacesServiceInterface interface {
 		ListNamespaces(opt *ListNamespacesOptions, options ...RequestOptionFunc) ([]*Namespace, *Response, error)
 		SearchNamespace(query string, options ...RequestOptionFunc) ([]*Namespace, *Response, error)
-		GetNamespace(id interface{}, options ...RequestOptionFunc) (*Namespace, *Response, error)
-		NamespaceExists(id interface{}, opt *NamespaceExistsOptions, options ...RequestOptionFunc) (*NamespaceExistance, *Response, error)
+		GetNamespace(id any, options ...RequestOptionFunc) (*Namespace, *Response, error)
+		NamespaceExists(id any, opt *NamespaceExistsOptions, options ...RequestOptionFunc) (*NamespaceExistance, *Response, error)
 	}
 
 	// NamespacesService handles communication with the namespace related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/namespaces.html
+	// GitLab API docs: https://docs.gitlab.com/api/namespaces/
 	NamespacesService struct {
 		client *Client
 	}
@@ -42,7 +42,7 @@ var _ NamespacesServiceInterface = (*NamespacesService)(nil)
 
 // Namespace represents a GitLab namespace.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/namespaces.html
+// GitLab API docs: https://docs.gitlab.com/api/namespaces/
 type Namespace struct {
 	ID                          int      `json:"id"`
 	Name                        string   `json:"name"`
@@ -67,7 +67,7 @@ func (n Namespace) String() string {
 
 // ListNamespacesOptions represents the available ListNamespaces() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/namespaces.html#list-namespaces
+// GitLab API docs: https://docs.gitlab.com/api/namespaces/#list-all-namespaces
 type ListNamespacesOptions struct {
 	ListOptions
 	Search       *string `url:"search,omitempty" json:"search,omitempty"`
@@ -77,7 +77,7 @@ type ListNamespacesOptions struct {
 
 // ListNamespaces gets a list of projects accessible by the authenticated user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/namespaces.html#list-namespaces
+// GitLab API docs: https://docs.gitlab.com/api/namespaces/#list-all-namespaces
 func (s *NamespacesService) ListNamespaces(opt *ListNamespacesOptions, options ...RequestOptionFunc) ([]*Namespace, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "namespaces", opt, options)
 	if err != nil {
@@ -97,7 +97,7 @@ func (s *NamespacesService) ListNamespaces(opt *ListNamespacesOptions, options .
 // or path.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/namespaces.html#list-namespaces
+// https://docs.gitlab.com/api/namespaces/#list-all-namespaces
 func (s *NamespacesService) SearchNamespace(query string, options ...RequestOptionFunc) ([]*Namespace, *Response, error) {
 	var q struct {
 		Search string `url:"search,omitempty" json:"search,omitempty"`
@@ -121,8 +121,8 @@ func (s *NamespacesService) SearchNamespace(query string, options ...RequestOpti
 // GetNamespace gets a namespace by id.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/namespaces.html#get-namespace-by-id
-func (s *NamespacesService) GetNamespace(id interface{}, options ...RequestOptionFunc) (*Namespace, *Response, error) {
+// https://docs.gitlab.com/api/namespaces/#get-details-on-a-namespace
+func (s *NamespacesService) GetNamespace(id any, options ...RequestOptionFunc) (*Namespace, *Response, error) {
 	namespace, err := parseID(id)
 	if err != nil {
 		return nil, nil, err
@@ -146,7 +146,7 @@ func (s *NamespacesService) GetNamespace(id interface{}, options ...RequestOptio
 // NamespaceExistance represents a namespace exists result.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/namespaces.html#get-existence-of-a-namespace
+// https://docs.gitlab.com/api/namespaces/#verify-namespace-availability
 type NamespaceExistance struct {
 	Exists   bool     `json:"exists"`
 	Suggests []string `json:"suggests"`
@@ -155,7 +155,7 @@ type NamespaceExistance struct {
 // NamespaceExistsOptions represents the available NamespaceExists() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/namespaces.html#get-existence-of-a-namespace
+// https://docs.gitlab.com/api/namespaces/#verify-namespace-availability
 type NamespaceExistsOptions struct {
 	ParentID *int `url:"parent_id,omitempty" json:"parent_id,omitempty"`
 }
@@ -163,8 +163,8 @@ type NamespaceExistsOptions struct {
 // NamespaceExists checks the existence of a namespace.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/namespaces.html#get-existence-of-a-namespace
-func (s *NamespacesService) NamespaceExists(id interface{}, opt *NamespaceExistsOptions, options ...RequestOptionFunc) (*NamespaceExistance, *Response, error) {
+// https://docs.gitlab.com/api/namespaces/#verify-namespace-availability
+func (s *NamespacesService) NamespaceExists(id any, opt *NamespaceExistsOptions, options ...RequestOptionFunc) (*NamespaceExistance, *Response, error) {
 	namespace, err := parseID(id)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/notes.go b/vendor/gitlab.com/gitlab-org/api/client-go/notes.go
index 41e9ccfe70..b54b950190 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/notes.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/notes.go
@@ -24,26 +24,26 @@ import (
 
 type (
 	NotesServiceInterface interface {
-		ListIssueNotes(pid interface{}, issue int, opt *ListIssueNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error)
-		GetIssueNote(pid interface{}, issue, note int, options ...RequestOptionFunc) (*Note, *Response, error)
-		CreateIssueNote(pid interface{}, issue int, opt *CreateIssueNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		UpdateIssueNote(pid interface{}, issue, note int, opt *UpdateIssueNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		DeleteIssueNote(pid interface{}, issue, note int, options ...RequestOptionFunc) (*Response, error)
-		ListSnippetNotes(pid interface{}, snippet int, opt *ListSnippetNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error)
-		GetSnippetNote(pid interface{}, snippet, note int, options ...RequestOptionFunc) (*Note, *Response, error)
-		CreateSnippetNote(pid interface{}, snippet int, opt *CreateSnippetNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		UpdateSnippetNote(pid interface{}, snippet, note int, opt *UpdateSnippetNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		DeleteSnippetNote(pid interface{}, snippet, note int, options ...RequestOptionFunc) (*Response, error)
-		ListMergeRequestNotes(pid interface{}, mergeRequest int, opt *ListMergeRequestNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error)
-		GetMergeRequestNote(pid interface{}, mergeRequest, note int, options ...RequestOptionFunc) (*Note, *Response, error)
-		CreateMergeRequestNote(pid interface{}, mergeRequest int, opt *CreateMergeRequestNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		UpdateMergeRequestNote(pid interface{}, mergeRequest, note int, opt *UpdateMergeRequestNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		DeleteMergeRequestNote(pid interface{}, mergeRequest, note int, options ...RequestOptionFunc) (*Response, error)
-		ListEpicNotes(gid interface{}, epic int, opt *ListEpicNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error)
-		GetEpicNote(gid interface{}, epic, note int, options ...RequestOptionFunc) (*Note, *Response, error)
-		CreateEpicNote(gid interface{}, epic int, opt *CreateEpicNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		UpdateEpicNote(gid interface{}, epic, note int, opt *UpdateEpicNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
-		DeleteEpicNote(gid interface{}, epic, note int, options ...RequestOptionFunc) (*Response, error)
+		ListIssueNotes(pid any, issue int, opt *ListIssueNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error)
+		GetIssueNote(pid any, issue, note int, options ...RequestOptionFunc) (*Note, *Response, error)
+		CreateIssueNote(pid any, issue int, opt *CreateIssueNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		UpdateIssueNote(pid any, issue, note int, opt *UpdateIssueNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		DeleteIssueNote(pid any, issue, note int, options ...RequestOptionFunc) (*Response, error)
+		ListSnippetNotes(pid any, snippet int, opt *ListSnippetNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error)
+		GetSnippetNote(pid any, snippet, note int, options ...RequestOptionFunc) (*Note, *Response, error)
+		CreateSnippetNote(pid any, snippet int, opt *CreateSnippetNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		UpdateSnippetNote(pid any, snippet, note int, opt *UpdateSnippetNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		DeleteSnippetNote(pid any, snippet, note int, options ...RequestOptionFunc) (*Response, error)
+		ListMergeRequestNotes(pid any, mergeRequest int, opt *ListMergeRequestNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error)
+		GetMergeRequestNote(pid any, mergeRequest, note int, options ...RequestOptionFunc) (*Note, *Response, error)
+		CreateMergeRequestNote(pid any, mergeRequest int, opt *CreateMergeRequestNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		UpdateMergeRequestNote(pid any, mergeRequest, note int, opt *UpdateMergeRequestNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		DeleteMergeRequestNote(pid any, mergeRequest, note int, options ...RequestOptionFunc) (*Response, error)
+		ListEpicNotes(gid any, epic int, opt *ListEpicNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error)
+		GetEpicNote(gid any, epic, note int, options ...RequestOptionFunc) (*Note, *Response, error)
+		CreateEpicNote(gid any, epic int, opt *CreateEpicNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		UpdateEpicNote(gid any, epic, note int, opt *UpdateEpicNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error)
+		DeleteEpicNote(gid any, epic, note int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// NotesService handles communication with the notes related methods
@@ -92,8 +92,10 @@ type Note struct {
 		AvatarURL string `json:"avatar_url"`
 		WebURL    string `json:"web_url"`
 	} `json:"resolved_by"`
+	Internal bool `json:"internal"`
+
+	// Deprecated: use Internal instead
 	Confidential bool `json:"confidential"`
-	Internal     bool `json:"internal"`
 }
 
 // NoteAuthor represents the author of a note.
@@ -152,7 +154,7 @@ type ListIssueNotesOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#list-project-issue-notes
-func (s *NotesService) ListIssueNotes(pid interface{}, issue int, opt *ListIssueNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error) {
+func (s *NotesService) ListIssueNotes(pid any, issue int, opt *ListIssueNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -177,7 +179,7 @@ func (s *NotesService) ListIssueNotes(pid interface{}, issue int, opt *ListIssue
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#get-single-issue-note
-func (s *NotesService) GetIssueNote(pid interface{}, issue, note int, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) GetIssueNote(pid any, issue, note int, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -213,7 +215,7 @@ type CreateIssueNoteOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#create-new-issue-note
-func (s *NotesService) CreateIssueNote(pid interface{}, issue int, opt *CreateIssueNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) CreateIssueNote(pid any, issue int, opt *CreateIssueNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -247,7 +249,7 @@ type UpdateIssueNoteOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#modify-existing-issue-note
-func (s *NotesService) UpdateIssueNote(pid interface{}, issue, note int, opt *UpdateIssueNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) UpdateIssueNote(pid any, issue, note int, opt *UpdateIssueNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -272,7 +274,7 @@ func (s *NotesService) UpdateIssueNote(pid interface{}, issue, note int, opt *Up
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#delete-an-issue-note
-func (s *NotesService) DeleteIssueNote(pid interface{}, issue, note int, options ...RequestOptionFunc) (*Response, error) {
+func (s *NotesService) DeleteIssueNote(pid any, issue, note int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -302,7 +304,7 @@ type ListSnippetNotesOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#list-all-snippet-notes
-func (s *NotesService) ListSnippetNotes(pid interface{}, snippet int, opt *ListSnippetNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error) {
+func (s *NotesService) ListSnippetNotes(pid any, snippet int, opt *ListSnippetNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -327,7 +329,7 @@ func (s *NotesService) ListSnippetNotes(pid interface{}, snippet int, opt *ListS
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#get-single-snippet-note
-func (s *NotesService) GetSnippetNote(pid interface{}, snippet, note int, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) GetSnippetNote(pid any, snippet, note int, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -363,7 +365,7 @@ type CreateSnippetNoteOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#create-new-snippet-note
-func (s *NotesService) CreateSnippetNote(pid interface{}, snippet int, opt *CreateSnippetNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) CreateSnippetNote(pid any, snippet int, opt *CreateSnippetNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -397,7 +399,7 @@ type UpdateSnippetNoteOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#modify-existing-snippet-note
-func (s *NotesService) UpdateSnippetNote(pid interface{}, snippet, note int, opt *UpdateSnippetNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) UpdateSnippetNote(pid any, snippet, note int, opt *UpdateSnippetNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -422,7 +424,7 @@ func (s *NotesService) UpdateSnippetNote(pid interface{}, snippet, note int, opt
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#delete-a-snippet-note
-func (s *NotesService) DeleteSnippetNote(pid interface{}, snippet, note int, options ...RequestOptionFunc) (*Response, error) {
+func (s *NotesService) DeleteSnippetNote(pid any, snippet, note int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -452,7 +454,7 @@ type ListMergeRequestNotesOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#list-all-merge-request-notes
-func (s *NotesService) ListMergeRequestNotes(pid interface{}, mergeRequest int, opt *ListMergeRequestNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error) {
+func (s *NotesService) ListMergeRequestNotes(pid any, mergeRequest int, opt *ListMergeRequestNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -477,7 +479,7 @@ func (s *NotesService) ListMergeRequestNotes(pid interface{}, mergeRequest int,
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#get-single-merge-request-note
-func (s *NotesService) GetMergeRequestNote(pid interface{}, mergeRequest, note int, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) GetMergeRequestNote(pid any, mergeRequest, note int, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -514,7 +516,7 @@ type CreateMergeRequestNoteOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#create-new-merge-request-note
-func (s *NotesService) CreateMergeRequestNote(pid interface{}, mergeRequest int, opt *CreateMergeRequestNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) CreateMergeRequestNote(pid any, mergeRequest int, opt *CreateMergeRequestNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -548,7 +550,7 @@ type UpdateMergeRequestNoteOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#modify-existing-merge-request-note
-func (s *NotesService) UpdateMergeRequestNote(pid interface{}, mergeRequest, note int, opt *UpdateMergeRequestNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) UpdateMergeRequestNote(pid any, mergeRequest, note int, opt *UpdateMergeRequestNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -573,7 +575,7 @@ func (s *NotesService) UpdateMergeRequestNote(pid interface{}, mergeRequest, not
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#delete-a-merge-request-note
-func (s *NotesService) DeleteMergeRequestNote(pid interface{}, mergeRequest, note int, options ...RequestOptionFunc) (*Response, error) {
+func (s *NotesService) DeleteMergeRequestNote(pid any, mergeRequest, note int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -590,7 +592,7 @@ func (s *NotesService) DeleteMergeRequestNote(pid interface{}, mergeRequest, not
 }
 
 // ListEpicNotesOptions represents the available ListEpicNotes() options.
-// Deprecated: use Work Items API instead.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#list-all-epic-notes
@@ -601,11 +603,11 @@ type ListEpicNotesOptions struct {
 }
 
 // ListEpicNotes gets a list of all notes for a single epic.
-// Deprecated: use Work Items API instead.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#list-all-epic-notes
-func (s *NotesService) ListEpicNotes(gid interface{}, epic int, opt *ListEpicNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error) {
+func (s *NotesService) ListEpicNotes(gid any, epic int, opt *ListEpicNotesOptions, options ...RequestOptionFunc) ([]*Note, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -627,11 +629,11 @@ func (s *NotesService) ListEpicNotes(gid interface{}, epic int, opt *ListEpicNot
 }
 
 // GetEpicNote returns a single note for an epic.
-// Deprecated: use Work Items API instead.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#get-single-epic-note
-func (s *NotesService) GetEpicNote(gid interface{}, epic, note int, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) GetEpicNote(gid any, epic, note int, options ...RequestOptionFunc) (*Note, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -653,7 +655,7 @@ func (s *NotesService) GetEpicNote(gid interface{}, epic, note int, options ...R
 }
 
 // CreateEpicNoteOptions represents the available CreateEpicNote() options.
-// Deprecated: use Work Items API instead.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#create-new-epic-note
@@ -662,11 +664,11 @@ type CreateEpicNoteOptions struct {
 }
 
 // CreateEpicNote creates a new note for a single merge request.
-// Deprecated: use Work Items API instead.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#create-new-epic-note
-func (s *NotesService) CreateEpicNote(gid interface{}, epic int, opt *CreateEpicNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) CreateEpicNote(gid any, epic int, opt *CreateEpicNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -688,7 +690,7 @@ func (s *NotesService) CreateEpicNote(gid interface{}, epic int, opt *CreateEpic
 }
 
 // UpdateEpicNoteOptions represents the available UpdateEpicNote() options.
-// Deprecated: use Work Items API instead.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/notes/#modify-existing-epic-note
@@ -697,10 +699,10 @@ type UpdateEpicNoteOptions struct {
 }
 
 // UpdateEpicNote modifies existing note of an epic.
-// Deprecated: use Work Items API instead.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // https://docs.gitlab.com/api/notes/#modify-existing-epic-note
-func (s *NotesService) UpdateEpicNote(gid interface{}, epic, note int, opt *UpdateEpicNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
+func (s *NotesService) UpdateEpicNote(gid any, epic, note int, opt *UpdateEpicNoteOptions, options ...RequestOptionFunc) (*Note, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -722,10 +724,10 @@ func (s *NotesService) UpdateEpicNote(gid interface{}, epic, note int, opt *Upda
 }
 
 // DeleteEpicNote deletes an existing note of a merge request.
-// Deprecated: use Work Items API instead.
+// Will be removed in v5 of the API, use Work Items API instead
 //
 // https://docs.gitlab.com/api/notes/#delete-an-epic-note
-func (s *NotesService) DeleteEpicNote(gid interface{}, epic, note int, options ...RequestOptionFunc) (*Response, error) {
+func (s *NotesService) DeleteEpicNote(gid any, epic, note int, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/notifications.go b/vendor/gitlab.com/gitlab-org/api/client-go/notifications.go
index 8194489d17..539600f3cc 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/notifications.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/notifications.go
@@ -26,16 +26,16 @@ type (
 	NotificationSettingsServiceInterface interface {
 		GetGlobalSettings(options ...RequestOptionFunc) (*NotificationSettings, *Response, error)
 		UpdateGlobalSettings(opt *NotificationSettingsOptions, options ...RequestOptionFunc) (*NotificationSettings, *Response, error)
-		GetSettingsForGroup(gid interface{}, options ...RequestOptionFunc) (*NotificationSettings, *Response, error)
-		GetSettingsForProject(pid interface{}, options ...RequestOptionFunc) (*NotificationSettings, *Response, error)
-		UpdateSettingsForGroup(gid interface{}, opt *NotificationSettingsOptions, options ...RequestOptionFunc) (*NotificationSettings, *Response, error)
-		UpdateSettingsForProject(pid interface{}, opt *NotificationSettingsOptions, options ...RequestOptionFunc) (*NotificationSettings, *Response, error)
+		GetSettingsForGroup(gid any, options ...RequestOptionFunc) (*NotificationSettings, *Response, error)
+		GetSettingsForProject(pid any, options ...RequestOptionFunc) (*NotificationSettings, *Response, error)
+		UpdateSettingsForGroup(gid any, opt *NotificationSettingsOptions, options ...RequestOptionFunc) (*NotificationSettings, *Response, error)
+		UpdateSettingsForProject(pid any, opt *NotificationSettingsOptions, options ...RequestOptionFunc) (*NotificationSettings, *Response, error)
 	}
 
 	// NotificationSettingsService handles communication with the notification settings
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/notification_settings.html
+	// GitLab API docs: https://docs.gitlab.com/api/notification_settings/
 	NotificationSettingsService struct {
 		client *Client
 	}
@@ -46,7 +46,7 @@ var _ NotificationSettingsServiceInterface = (*NotificationSettingsService)(nil)
 // NotificationSettings represents the Gitlab notification setting.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/notification_settings.html#valid-notification-levels
+// https://docs.gitlab.com/api/notification_settings/#valid-notification-levels
 type NotificationSettings struct {
 	Level             NotificationLevelValue `json:"level"`
 	NotificationEmail string                 `json:"notification_email"`
@@ -56,7 +56,7 @@ type NotificationSettings struct {
 // NotificationEvents represents the available notification setting events.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/notification_settings.html#valid-notification-levels
+// https://docs.gitlab.com/api/notification_settings/#valid-notification-levels
 type NotificationEvents struct {
 	CloseIssue                bool `json:"close_issue"`
 	CloseMergeRequest         bool `json:"close_merge_request"`
@@ -85,7 +85,7 @@ func (ns NotificationSettings) String() string {
 // GetGlobalSettings returns current notification settings and email address.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/notification_settings.html#global-notification-settings
+// https://docs.gitlab.com/api/notification_settings/#global-notification-settings
 func (s *NotificationSettingsService) GetGlobalSettings(options ...RequestOptionFunc) (*NotificationSettings, *Response, error) {
 	u := "notification_settings"
 
@@ -131,7 +131,7 @@ type NotificationSettingsOptions struct {
 // UpdateGlobalSettings updates current notification settings and email address.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/notification_settings.html#update-global-notification-settings
+// https://docs.gitlab.com/api/notification_settings/#update-global-notification-settings
 func (s *NotificationSettingsService) UpdateGlobalSettings(opt *NotificationSettingsOptions, options ...RequestOptionFunc) (*NotificationSettings, *Response, error) {
 	if opt.Level != nil && *opt.Level == GlobalNotificationLevel {
 		return nil, nil, errors.New(
@@ -157,8 +157,8 @@ func (s *NotificationSettingsService) UpdateGlobalSettings(opt *NotificationSett
 // GetSettingsForGroup returns current group notification settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/notification_settings.html#group--project-level-notification-settings
-func (s *NotificationSettingsService) GetSettingsForGroup(gid interface{}, options ...RequestOptionFunc) (*NotificationSettings, *Response, error) {
+// https://docs.gitlab.com/api/notification_settings/#group--project-level-notification-settings
+func (s *NotificationSettingsService) GetSettingsForGroup(gid any, options ...RequestOptionFunc) (*NotificationSettings, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -182,8 +182,8 @@ func (s *NotificationSettingsService) GetSettingsForGroup(gid interface{}, optio
 // GetSettingsForProject returns current project notification settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/notification_settings.html#group--project-level-notification-settings
-func (s *NotificationSettingsService) GetSettingsForProject(pid interface{}, options ...RequestOptionFunc) (*NotificationSettings, *Response, error) {
+// https://docs.gitlab.com/api/notification_settings/#group--project-level-notification-settings
+func (s *NotificationSettingsService) GetSettingsForProject(pid any, options ...RequestOptionFunc) (*NotificationSettings, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -207,8 +207,8 @@ func (s *NotificationSettingsService) GetSettingsForProject(pid interface{}, opt
 // UpdateSettingsForGroup updates current group notification settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/notification_settings.html#update-groupproject-level-notification-settings
-func (s *NotificationSettingsService) UpdateSettingsForGroup(gid interface{}, opt *NotificationSettingsOptions, options ...RequestOptionFunc) (*NotificationSettings, *Response, error) {
+// https://docs.gitlab.com/api/notification_settings/#update-groupproject-level-notification-settings
+func (s *NotificationSettingsService) UpdateSettingsForGroup(gid any, opt *NotificationSettingsOptions, options ...RequestOptionFunc) (*NotificationSettings, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -232,8 +232,8 @@ func (s *NotificationSettingsService) UpdateSettingsForGroup(gid interface{}, op
 // UpdateSettingsForProject updates current project notification settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/notification_settings.html#update-groupproject-level-notification-settings
-func (s *NotificationSettingsService) UpdateSettingsForProject(pid interface{}, opt *NotificationSettingsOptions, options ...RequestOptionFunc) (*NotificationSettings, *Response, error) {
+// https://docs.gitlab.com/api/notification_settings/#update-groupproject-level-notification-settings
+func (s *NotificationSettingsService) UpdateSettingsForProject(pid any, opt *NotificationSettingsOptions, options ...RequestOptionFunc) (*NotificationSettings, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/packages.go b/vendor/gitlab.com/gitlab-org/api/client-go/packages.go
index 811e7ce8eb..f9f3b59afc 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/packages.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/packages.go
@@ -24,17 +24,17 @@ import (
 
 type (
 	PackagesServiceInterface interface {
-		ListProjectPackages(pid interface{}, opt *ListProjectPackagesOptions, options ...RequestOptionFunc) ([]*Package, *Response, error)
-		ListGroupPackages(gid interface{}, opt *ListGroupPackagesOptions, options ...RequestOptionFunc) ([]*GroupPackage, *Response, error)
-		ListPackageFiles(pid interface{}, pkg int, opt *ListPackageFilesOptions, options ...RequestOptionFunc) ([]*PackageFile, *Response, error)
-		DeleteProjectPackage(pid interface{}, pkg int, options ...RequestOptionFunc) (*Response, error)
-		DeletePackageFile(pid interface{}, pkg, file int, options ...RequestOptionFunc) (*Response, error)
+		ListProjectPackages(pid any, opt *ListProjectPackagesOptions, options ...RequestOptionFunc) ([]*Package, *Response, error)
+		ListGroupPackages(gid any, opt *ListGroupPackagesOptions, options ...RequestOptionFunc) ([]*GroupPackage, *Response, error)
+		ListPackageFiles(pid any, pkg int, opt *ListPackageFilesOptions, options ...RequestOptionFunc) ([]*PackageFile, *Response, error)
+		DeleteProjectPackage(pid any, pkg int, options ...RequestOptionFunc) (*Response, error)
+		DeletePackageFile(pid any, pkg, file int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// PackagesService handles communication with the packages related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/packages.html
+	// GitLab API docs: https://docs.gitlab.com/api/packages/
 	PackagesService struct {
 		client *Client
 	}
@@ -44,7 +44,7 @@ var _ PackagesServiceInterface = (*PackagesService)(nil)
 
 // Package represents a GitLab package.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/packages.html
+// GitLab API docs: https://docs.gitlab.com/api/packages/
 type Package struct {
 	ID               int           `json:"id"`
 	Name             string        `json:"name"`
@@ -63,7 +63,7 @@ func (s Package) String() string {
 
 // GroupPackage represents a GitLab group package.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/packages.html
+// GitLab API docs: https://docs.gitlab.com/api/packages/
 type GroupPackage struct {
 	Package
 	ProjectID   int    `json:"project_id"`
@@ -99,7 +99,7 @@ func (s PackageTag) String() string {
 
 // PackageFile represents one file contained within a package.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/packages.html
+// GitLab API docs: https://docs.gitlab.com/api/packages/
 type PackageFile struct {
 	ID         int         `json:"id"`
 	PackageID  int         `json:"package_id"`
@@ -120,7 +120,7 @@ func (s PackageFile) String() string {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/packages.html#within-a-project
+// https://docs.gitlab.com/api/packages/#for-a-project
 type ListProjectPackagesOptions struct {
 	ListOptions
 	OrderBy            *string `url:"order_by,omitempty" json:"order_by,omitempty"`
@@ -135,8 +135,8 @@ type ListProjectPackagesOptions struct {
 // ListProjectPackages gets a list of packages in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/packages.html#within-a-project
-func (s *PackagesService) ListProjectPackages(pid interface{}, opt *ListProjectPackagesOptions, options ...RequestOptionFunc) ([]*Package, *Response, error) {
+// https://docs.gitlab.com/api/packages/#for-a-project
+func (s *PackagesService) ListProjectPackages(pid any, opt *ListProjectPackagesOptions, options ...RequestOptionFunc) ([]*Package, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -161,7 +161,7 @@ func (s *PackagesService) ListProjectPackages(pid interface{}, opt *ListProjectP
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/packages.html#within-a-group
+// https://docs.gitlab.com/api/packages/#for-a-group
 type ListGroupPackagesOptions struct {
 	ListOptions
 	ExcludeSubGroups   *bool   `url:"exclude_subgroups,omitempty" json:"exclude_subgroups,omitempty"`
@@ -176,8 +176,8 @@ type ListGroupPackagesOptions struct {
 // ListGroupPackages gets a list of packages in a group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/packages.html#within-a-group
-func (s *PackagesService) ListGroupPackages(gid interface{}, opt *ListGroupPackagesOptions, options ...RequestOptionFunc) ([]*GroupPackage, *Response, error) {
+// https://docs.gitlab.com/api/packages/#for-a-group
+func (s *PackagesService) ListGroupPackages(gid any, opt *ListGroupPackagesOptions, options ...RequestOptionFunc) ([]*GroupPackage, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -202,14 +202,14 @@ func (s *PackagesService) ListGroupPackages(gid interface{}, opt *ListGroupPacka
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/packages.html#list-package-files
+// https://docs.gitlab.com/api/packages/#list-package-files
 type ListPackageFilesOptions ListOptions
 
 // ListPackageFiles gets a list of files that are within a package
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/packages.html#list-package-files
-func (s *PackagesService) ListPackageFiles(pid interface{}, pkg int, opt *ListPackageFilesOptions, options ...RequestOptionFunc) ([]*PackageFile, *Response, error) {
+// https://docs.gitlab.com/api/packages/#list-package-files
+func (s *PackagesService) ListPackageFiles(pid any, pkg int, opt *ListPackageFilesOptions, options ...RequestOptionFunc) ([]*PackageFile, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -237,8 +237,8 @@ func (s *PackagesService) ListPackageFiles(pid interface{}, pkg int, opt *ListPa
 // DeleteProjectPackage deletes a package in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/packages.html#delete-a-project-package
-func (s *PackagesService) DeleteProjectPackage(pid interface{}, pkg int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/packages/#delete-a-project-package
+func (s *PackagesService) DeleteProjectPackage(pid any, pkg int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -256,8 +256,8 @@ func (s *PackagesService) DeleteProjectPackage(pid interface{}, pkg int, options
 // DeletePackageFile deletes a file in project package
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/packages.html#delete-a-package-file
-func (s *PackagesService) DeletePackageFile(pid interface{}, pkg, file int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/packages/#delete-a-package-file
+func (s *PackagesService) DeletePackageFile(pid any, pkg, file int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/pages.go b/vendor/gitlab.com/gitlab-org/api/client-go/pages.go
index ec3863da0b..379844054f 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/pages.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/pages.go
@@ -24,15 +24,15 @@ import (
 
 type (
 	PagesServiceInterface interface {
-		UnpublishPages(gid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetPages(gid interface{}, options ...RequestOptionFunc) (*Pages, *Response, error)
-		UpdatePages(pid interface{}, opt UpdatePagesOptions, options ...RequestOptionFunc) (*Pages, *Response, error)
+		UnpublishPages(gid any, options ...RequestOptionFunc) (*Response, error)
+		GetPages(gid any, options ...RequestOptionFunc) (*Pages, *Response, error)
+		UpdatePages(pid any, opt UpdatePagesOptions, options ...RequestOptionFunc) (*Pages, *Response, error)
 	}
 
 	// PagesService handles communication with the pages related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/pages.html
+	// GitLab API docs: https://docs.gitlab.com/api/pages/
 	PagesService struct {
 		client *Client
 	}
@@ -42,7 +42,7 @@ var _ PagesServiceInterface = (*PagesService)(nil)
 
 // Pages represents the Pages of a project.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/pages.html
+// GitLab API docs: https://docs.gitlab.com/api/pages/
 type Pages struct {
 	URL                   string             `json:"url"`
 	IsUniqueDomainEnabled bool               `json:"is_unique_domain_enabled"`
@@ -52,7 +52,7 @@ type Pages struct {
 
 // PagesDeployment represents a Pages deployment.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/pages.html
+// GitLab API docs: https://docs.gitlab.com/api/pages/
 type PagesDeployment struct {
 	CreatedAt     time.Time `json:"created_at"`
 	URL           string    `json:"url"`
@@ -63,8 +63,8 @@ type PagesDeployment struct {
 // UnpublishPages unpublished pages. The user must have admin privileges.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages.html#unpublish-pages
-func (s *PagesService) UnpublishPages(gid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/pages/#unpublish-pages
+func (s *PagesService) UnpublishPages(gid any, options ...RequestOptionFunc) (*Response, error) {
 	page, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -83,8 +83,8 @@ func (s *PagesService) UnpublishPages(gid interface{}, options ...RequestOptionF
 // maintainer privileges.
 //
 // GitLab API Docs:
-// https://docs.gitlab.com/ee/api/pages.html#get-pages-settings-for-a-project
-func (s *PagesService) GetPages(gid interface{}, options ...RequestOptionFunc) (*Pages, *Response, error) {
+// https://docs.gitlab.com/api/pages/#get-pages-settings-for-a-project
+func (s *PagesService) GetPages(gid any, options ...RequestOptionFunc) (*Pages, *Response, error) {
 	project, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -108,7 +108,7 @@ func (s *PagesService) GetPages(gid interface{}, options ...RequestOptionFunc) (
 // UpdatePages represents the available UpdatePages() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages.html#update-pages-settings-for-a-project
+// https://docs.gitlab.com/api/pages/#update-pages-settings-for-a-project
 type UpdatePagesOptions struct {
 	PagesUniqueDomainEnabled *bool `url:"pages_unique_domain_enabled,omitempty" json:"pages_unique_domain_enabled,omitempty"`
 	PagesHTTPSOnly           *bool `url:"pages_https_only,omitempty" json:"pages_https_only,omitempty"`
@@ -118,8 +118,8 @@ type UpdatePagesOptions struct {
 // administrator privileges.
 //
 // GitLab API Docs:
-// https://docs.gitlab.com/ee/api/pages.html#update-pages-settings-for-a-project
-func (s *PagesService) UpdatePages(pid interface{}, opt UpdatePagesOptions, options ...RequestOptionFunc) (*Pages, *Response, error) {
+// https://docs.gitlab.com/api/pages/#update-pages-settings-for-a-project
+func (s *PagesService) UpdatePages(pid any, opt UpdatePagesOptions, options ...RequestOptionFunc) (*Pages, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/pages_domains.go b/vendor/gitlab.com/gitlab-org/api/client-go/pages_domains.go
index 5329dd312b..c6b5d79eb5 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/pages_domains.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/pages_domains.go
@@ -24,18 +24,18 @@ import (
 
 type (
 	PagesDomainsServiceInterface interface {
-		ListPagesDomains(pid interface{}, opt *ListPagesDomainsOptions, options ...RequestOptionFunc) ([]*PagesDomain, *Response, error)
+		ListPagesDomains(pid any, opt *ListPagesDomainsOptions, options ...RequestOptionFunc) ([]*PagesDomain, *Response, error)
 		ListAllPagesDomains(options ...RequestOptionFunc) ([]*PagesDomain, *Response, error)
-		GetPagesDomain(pid interface{}, domain string, options ...RequestOptionFunc) (*PagesDomain, *Response, error)
-		CreatePagesDomain(pid interface{}, opt *CreatePagesDomainOptions, options ...RequestOptionFunc) (*PagesDomain, *Response, error)
-		UpdatePagesDomain(pid interface{}, domain string, opt *UpdatePagesDomainOptions, options ...RequestOptionFunc) (*PagesDomain, *Response, error)
-		DeletePagesDomain(pid interface{}, domain string, options ...RequestOptionFunc) (*Response, error)
+		GetPagesDomain(pid any, domain string, options ...RequestOptionFunc) (*PagesDomain, *Response, error)
+		CreatePagesDomain(pid any, opt *CreatePagesDomainOptions, options ...RequestOptionFunc) (*PagesDomain, *Response, error)
+		UpdatePagesDomain(pid any, domain string, opt *UpdatePagesDomainOptions, options ...RequestOptionFunc) (*PagesDomain, *Response, error)
+		DeletePagesDomain(pid any, domain string, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// PagesDomainsService handles communication with the pages domains
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/pages_domains.html
+	// GitLab API docs: https://docs.gitlab.com/api/pages_domains/
 	PagesDomainsService struct {
 		client *Client
 	}
@@ -45,7 +45,7 @@ var _ PagesDomainsServiceInterface = (*PagesDomainsService)(nil)
 
 // PagesDomain represents a pages domain.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/pages_domains.html
+// GitLab API docs: https://docs.gitlab.com/api/pages_domains/
 type PagesDomain struct {
 	Domain           string     `json:"domain"`
 	AutoSslEnabled   bool       `json:"auto_ssl_enabled"`
@@ -66,14 +66,14 @@ type PagesDomain struct {
 // ListPagesDomainsOptions represents the available ListPagesDomains() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages_domains.html#list-pages-domains
+// https://docs.gitlab.com/api/pages_domains/#list-pages-domains
 type ListPagesDomainsOptions ListOptions
 
 // ListPagesDomains gets a list of project pages domains.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages_domains.html#list-pages-domains
-func (s *PagesDomainsService) ListPagesDomains(pid interface{}, opt *ListPagesDomainsOptions, options ...RequestOptionFunc) ([]*PagesDomain, *Response, error) {
+// https://docs.gitlab.com/api/pages_domains/#list-pages-domains
+func (s *PagesDomainsService) ListPagesDomains(pid any, opt *ListPagesDomainsOptions, options ...RequestOptionFunc) ([]*PagesDomain, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -97,7 +97,7 @@ func (s *PagesDomainsService) ListPagesDomains(pid interface{}, opt *ListPagesDo
 // ListAllPagesDomains gets a list of all pages domains.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages_domains.html#list-all-pages-domains
+// https://docs.gitlab.com/api/pages_domains/#list-all-pages-domains
 func (s *PagesDomainsService) ListAllPagesDomains(options ...RequestOptionFunc) ([]*PagesDomain, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "pages/domains", nil, options)
 	if err != nil {
@@ -116,8 +116,8 @@ func (s *PagesDomainsService) ListAllPagesDomains(options ...RequestOptionFunc)
 // GetPagesDomain get a specific pages domain for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages_domains.html#single-pages-domain
-func (s *PagesDomainsService) GetPagesDomain(pid interface{}, domain string, options ...RequestOptionFunc) (*PagesDomain, *Response, error) {
+// https://docs.gitlab.com/api/pages_domains/#single-pages-domain
+func (s *PagesDomainsService) GetPagesDomain(pid any, domain string, options ...RequestOptionFunc) (*PagesDomain, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -141,7 +141,7 @@ func (s *PagesDomainsService) GetPagesDomain(pid interface{}, domain string, opt
 // CreatePagesDomainOptions represents the available CreatePagesDomain() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages_domains.html#create-new-pages-domain
+// https://docs.gitlab.com/api/pages_domains/#create-new-pages-domain
 type CreatePagesDomainOptions struct {
 	Domain         *string `url:"domain,omitempty" json:"domain,omitempty"`
 	AutoSslEnabled *bool   `url:"auto_ssl_enabled,omitempty" json:"auto_ssl_enabled,omitempty"`
@@ -152,8 +152,8 @@ type CreatePagesDomainOptions struct {
 // CreatePagesDomain creates a new project pages domain.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages_domains.html#create-new-pages-domain
-func (s *PagesDomainsService) CreatePagesDomain(pid interface{}, opt *CreatePagesDomainOptions, options ...RequestOptionFunc) (*PagesDomain, *Response, error) {
+// https://docs.gitlab.com/api/pages_domains/#create-new-pages-domain
+func (s *PagesDomainsService) CreatePagesDomain(pid any, opt *CreatePagesDomainOptions, options ...RequestOptionFunc) (*PagesDomain, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -177,7 +177,7 @@ func (s *PagesDomainsService) CreatePagesDomain(pid interface{}, opt *CreatePage
 // UpdatePagesDomainOptions represents the available UpdatePagesDomain() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages_domains.html#update-pages-domain
+// https://docs.gitlab.com/api/pages_domains/#update-pages-domain
 type UpdatePagesDomainOptions struct {
 	AutoSslEnabled *bool   `url:"auto_ssl_enabled,omitempty" json:"auto_ssl_enabled,omitempty"`
 	Certificate    *string `url:"certificate,omitempty" json:"certificate,omitempty"`
@@ -187,8 +187,8 @@ type UpdatePagesDomainOptions struct {
 // UpdatePagesDomain updates an existing project pages domain.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages_domains.html#update-pages-domain
-func (s *PagesDomainsService) UpdatePagesDomain(pid interface{}, domain string, opt *UpdatePagesDomainOptions, options ...RequestOptionFunc) (*PagesDomain, *Response, error) {
+// https://docs.gitlab.com/api/pages_domains/#update-pages-domain
+func (s *PagesDomainsService) UpdatePagesDomain(pid any, domain string, opt *UpdatePagesDomainOptions, options ...RequestOptionFunc) (*PagesDomain, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -212,8 +212,8 @@ func (s *PagesDomainsService) UpdatePagesDomain(pid interface{}, domain string,
 // DeletePagesDomain deletes an existing prject pages domain.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pages_domains.html#delete-pages-domain
-func (s *PagesDomainsService) DeletePagesDomain(pid interface{}, domain string, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/pages_domains/#delete-pages-domain
+func (s *PagesDomainsService) DeletePagesDomain(pid any, domain string, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/pagination.go b/vendor/gitlab.com/gitlab-org/api/client-go/pagination.go
new file mode 100644
index 0000000000..cc7a1e7087
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/pagination.go
@@ -0,0 +1,159 @@
+//go:build go1.23
+// +build go1.23
+
+package gitlab
+
+import (
+	"fmt"
+	"iter"
+)
+
+type PaginationOptionFunc = RequestOptionFunc
+
+// Scan scans all pages for the given request function f and returns individual items in an iterator.
+// If an error happens during pagination, the iterator stops immediately.
+// The caller must consume the returned error function to retrieve potential errors.
+//
+//	opts := &ListProjectsOptions{}
+//	it, hasErr := Scan(func(p PaginationOptionFunc) ([]*Project, *Response, error) {
+//		return c.Projects.ListProjects(opts, p)
+//	})
+//	projects := slices.Collect(it)
+//	if err := hasErr(); err != nil {
+//		return err
+//	}
+//
+// or with keyset-based pagination:
+//
+//	opts := &ListProjectsOptions{
+//		ListOptions: ListOptions{
+//			OrderBy:    "id",
+//			Pagination: "keyset",
+//		},
+//	}
+//	it, hasErr := Scan(func(p PaginationOptionFunc) ([]*Project, *Response, error) {
+//		return c.Projects.ListProjects(opts, p)
+//	})
+//	projects := slices.Collect(it)
+//	if err := hasErr(); err != nil {
+//		return err
+//	}
+//
+// Attention: This API is experimental and may be subject to breaking changes to improve the API in the future.
+func Scan[T any](f func(p PaginationOptionFunc) ([]T, *Response, error)) (iter.Seq[T], func() error) {
+	exhausted := false
+	var e error
+	it := func(yield func(T) bool) {
+		defer func() {
+			exhausted = true
+		}()
+		for t, err := range Scan2(f) {
+			if err != nil {
+				e = err
+				return
+			}
+
+			if !yield(t) {
+				return
+			}
+		}
+	}
+	hasErr := func() error {
+		if !exhausted {
+			panic("called error function of Scan iterator before iterator was exhausted")
+		}
+		return e
+	}
+	return it, hasErr
+}
+
+// Scan2 scans all pages for the given request function f and returns individual items and potential errors in an iterator.
+// The caller must consume the error element of the iterator during each iteration
+// to ensure that no errors happened.
+//
+//	opts := &ListProjectsOptions{}
+//	for p, err := range Scan2(func(p PaginationOptionFunc) ([]*Project, *Response, error) {
+//		return c.Projects.ListProjects(opts, p)
+//	}) {
+//		if err != nil {
+//			return err
+//		}
+//		// do something with p
+//	}
+//
+// or with keyset-based pagination:
+//
+//	opts := &ListProjectsOptions{
+//		ListOptions: ListOptions{
+//			OrderBy:    "id",
+//			Pagination: "keyset",
+//		},
+//	}
+//	for p, err := range Scan2(func(p PaginationOptionFunc) ([]*Project, *Response, error) {
+//		return c.Projects.ListProjects(opts, p)
+//	}) {
+//		if err != nil {
+//			return err
+//		}
+//		// do something with p
+//	}
+//
+// Attention: This API is experimental and may be subject to breaking changes to improve the API in the future.
+func Scan2[T any](f func(p PaginationOptionFunc) ([]T, *Response, error)) iter.Seq2[T, error] {
+	return func(yield func(T, error) bool) {
+		var nextOpt PaginationOptionFunc
+
+	Pagination:
+		for {
+			ts, resp, err := f(nextOpt)
+			if err != nil {
+				var t T
+				yield(t, err)
+				return
+			}
+
+			for _, t := range ts {
+				if !yield(t, nil) {
+					return
+				}
+			}
+
+			// the f request function was either configured for offset- or keyset-based
+			// pagination. We support both here, by checking if the next link is provided (keyset)
+			// or not. If both are provided, keyset-based pagination takes precedence.
+			switch {
+			case resp.NextLink != "":
+				nextOpt = WithKeysetPaginationParameters(resp.NextLink)
+			case resp.NextPage != 0:
+				nextOpt = WithOffsetPaginationParameters(resp.NextPage)
+			default:
+				// no more pages
+				break Pagination
+			}
+		}
+	}
+}
+
+// Must provides a single item iterator for the provided two item iterator and panics if an error happens.
+//
+//	opts := &ListProjectsOptions{}
+//	for p := range Must(Scan2(func(p PaginationOptionFunc) ([]*Project, *Response, error) {
+//		return c.Projects.ListProjects(opts, p)
+//	})) {
+//		// do something with p
+//	}
+//
+// Attention: This API is experimental and may be subject to breaking changes to improve the API in the future.
+func Must[T any](it iter.Seq2[T, error]) iter.Seq[T] {
+	return func(yield func(T) bool) {
+		for x, err := range it {
+			if err != nil {
+				panic(fmt.Errorf("iterator produced an error: %w", err))
+			}
+
+			if !yield(x) {
+				return
+			}
+		}
+	}
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/pipeline_schedules.go b/vendor/gitlab.com/gitlab-org/api/client-go/pipeline_schedules.go
index f84084a6c2..2e2f156ddf 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/pipeline_schedules.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/pipeline_schedules.go
@@ -24,23 +24,23 @@ import (
 
 type (
 	PipelineSchedulesServiceInterface interface {
-		ListPipelineSchedules(pid interface{}, opt *ListPipelineSchedulesOptions, options ...RequestOptionFunc) ([]*PipelineSchedule, *Response, error)
-		GetPipelineSchedule(pid interface{}, schedule int, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error)
-		ListPipelinesTriggeredBySchedule(pid interface{}, schedule int, opt *ListPipelinesTriggeredByScheduleOptions, options ...RequestOptionFunc) ([]*Pipeline, *Response, error)
-		CreatePipelineSchedule(pid interface{}, opt *CreatePipelineScheduleOptions, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error)
-		EditPipelineSchedule(pid interface{}, schedule int, opt *EditPipelineScheduleOptions, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error)
-		TakeOwnershipOfPipelineSchedule(pid interface{}, schedule int, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error)
-		DeletePipelineSchedule(pid interface{}, schedule int, options ...RequestOptionFunc) (*Response, error)
-		RunPipelineSchedule(pid interface{}, schedule int, options ...RequestOptionFunc) (*Response, error)
-		CreatePipelineScheduleVariable(pid interface{}, schedule int, opt *CreatePipelineScheduleVariableOptions, options ...RequestOptionFunc) (*PipelineVariable, *Response, error)
-		EditPipelineScheduleVariable(pid interface{}, schedule int, key string, opt *EditPipelineScheduleVariableOptions, options ...RequestOptionFunc) (*PipelineVariable, *Response, error)
-		DeletePipelineScheduleVariable(pid interface{}, schedule int, key string, options ...RequestOptionFunc) (*PipelineVariable, *Response, error)
+		ListPipelineSchedules(pid any, opt *ListPipelineSchedulesOptions, options ...RequestOptionFunc) ([]*PipelineSchedule, *Response, error)
+		GetPipelineSchedule(pid any, schedule int, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error)
+		ListPipelinesTriggeredBySchedule(pid any, schedule int, opt *ListPipelinesTriggeredByScheduleOptions, options ...RequestOptionFunc) ([]*Pipeline, *Response, error)
+		CreatePipelineSchedule(pid any, opt *CreatePipelineScheduleOptions, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error)
+		EditPipelineSchedule(pid any, schedule int, opt *EditPipelineScheduleOptions, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error)
+		TakeOwnershipOfPipelineSchedule(pid any, schedule int, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error)
+		DeletePipelineSchedule(pid any, schedule int, options ...RequestOptionFunc) (*Response, error)
+		RunPipelineSchedule(pid any, schedule int, options ...RequestOptionFunc) (*Response, error)
+		CreatePipelineScheduleVariable(pid any, schedule int, opt *CreatePipelineScheduleVariableOptions, options ...RequestOptionFunc) (*PipelineVariable, *Response, error)
+		EditPipelineScheduleVariable(pid any, schedule int, key string, opt *EditPipelineScheduleVariableOptions, options ...RequestOptionFunc) (*PipelineVariable, *Response, error)
+		DeletePipelineScheduleVariable(pid any, schedule int, key string, options ...RequestOptionFunc) (*PipelineVariable, *Response, error)
 	}
 
 	// PipelineSchedulesService handles communication with the pipeline
 	// schedules related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/pipeline_schedules.html
+	// GitLab API docs: https://docs.gitlab.com/api/pipeline_schedules/
 	PipelineSchedulesService struct {
 		client *Client
 	}
@@ -51,7 +51,7 @@ var _ PipelineSchedulesServiceInterface = (*PipelineSchedulesService)(nil)
 // PipelineSchedule represents a pipeline schedule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html
+// https://docs.gitlab.com/api/pipeline_schedules/
 type PipelineSchedule struct {
 	ID           int                 `json:"id"`
 	Description  string              `json:"description"`
@@ -65,6 +65,7 @@ type PipelineSchedule struct {
 	Owner        *User               `json:"owner"`
 	LastPipeline *LastPipeline       `json:"last_pipeline"`
 	Variables    []*PipelineVariable `json:"variables"`
+	Inputs       []*PipelineInput    `json:"inputs"`
 }
 
 // LastPipeline represents the last pipeline ran by schedule
@@ -80,14 +81,17 @@ type LastPipeline struct {
 // ListPipelineSchedulesOptions represents the available ListPipelineTriggers() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#get-all-pipeline-schedules
-type ListPipelineSchedulesOptions ListOptions
+// https://docs.gitlab.com/api/pipeline_schedules/#get-all-pipeline-schedules
+type ListPipelineSchedulesOptions struct {
+	ListOptions
+	Scope *PipelineScheduleScopeValue `url:"scope,omitempty"`
+}
 
 // ListPipelineSchedules gets a list of project triggers.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#get-all-pipeline-schedules
-func (s *PipelineSchedulesService) ListPipelineSchedules(pid interface{}, opt *ListPipelineSchedulesOptions, options ...RequestOptionFunc) ([]*PipelineSchedule, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#get-all-pipeline-schedules
+func (s *PipelineSchedulesService) ListPipelineSchedules(pid any, opt *ListPipelineSchedulesOptions, options ...RequestOptionFunc) ([]*PipelineSchedule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -111,8 +115,8 @@ func (s *PipelineSchedulesService) ListPipelineSchedules(pid interface{}, opt *L
 // GetPipelineSchedule gets a pipeline schedule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#get-a-single-pipeline-schedule
-func (s *PipelineSchedulesService) GetPipelineSchedule(pid interface{}, schedule int, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#get-a-single-pipeline-schedule
+func (s *PipelineSchedulesService) GetPipelineSchedule(pid any, schedule int, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -137,15 +141,15 @@ func (s *PipelineSchedulesService) GetPipelineSchedule(pid interface{}, schedule
 // ListPipelinesTriggeredBySchedule() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#get-all-pipelines-triggered-by-a-pipeline-schedule
+// https://docs.gitlab.com/api/pipeline_schedules/#get-all-pipelines-triggered-by-a-pipeline-schedule
 type ListPipelinesTriggeredByScheduleOptions ListOptions
 
 // ListPipelinesTriggeredBySchedule gets all pipelines triggered by a pipeline
 // schedule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#get-all-pipelines-triggered-by-a-pipeline-schedule
-func (s *PipelineSchedulesService) ListPipelinesTriggeredBySchedule(pid interface{}, schedule int, opt *ListPipelinesTriggeredByScheduleOptions, options ...RequestOptionFunc) ([]*Pipeline, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#get-all-pipelines-triggered-by-a-pipeline-schedule
+func (s *PipelineSchedulesService) ListPipelinesTriggeredBySchedule(pid any, schedule int, opt *ListPipelinesTriggeredByScheduleOptions, options ...RequestOptionFunc) ([]*Pipeline, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -170,20 +174,21 @@ func (s *PipelineSchedulesService) ListPipelinesTriggeredBySchedule(pid interfac
 // CreatePipelineSchedule() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#create-a-new-pipeline-schedule
+// https://docs.gitlab.com/api/pipeline_schedules/#create-a-new-pipeline-schedule
 type CreatePipelineScheduleOptions struct {
-	Description  *string `url:"description" json:"description"`
-	Ref          *string `url:"ref" json:"ref"`
-	Cron         *string `url:"cron" json:"cron"`
-	CronTimezone *string `url:"cron_timezone,omitempty" json:"cron_timezone,omitempty"`
-	Active       *bool   `url:"active,omitempty" json:"active,omitempty"`
+	Description  *string          `url:"description" json:"description"`
+	Ref          *string          `url:"ref" json:"ref"`
+	Cron         *string          `url:"cron" json:"cron"`
+	CronTimezone *string          `url:"cron_timezone,omitempty" json:"cron_timezone,omitempty"`
+	Active       *bool            `url:"active,omitempty" json:"active,omitempty"`
+	Inputs       []*PipelineInput `url:"inputs,omitempty" json:"inputs,omitempty"`
 }
 
 // CreatePipelineSchedule creates a pipeline schedule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#create-a-new-pipeline-schedule
-func (s *PipelineSchedulesService) CreatePipelineSchedule(pid interface{}, opt *CreatePipelineScheduleOptions, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#create-a-new-pipeline-schedule
+func (s *PipelineSchedulesService) CreatePipelineSchedule(pid any, opt *CreatePipelineScheduleOptions, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -208,20 +213,21 @@ func (s *PipelineSchedulesService) CreatePipelineSchedule(pid interface{}, opt *
 // EditPipelineSchedule() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#edit-a-pipeline-schedule
+// https://docs.gitlab.com/api/pipeline_schedules/#edit-a-pipeline-schedule
 type EditPipelineScheduleOptions struct {
-	Description  *string `url:"description,omitempty" json:"description,omitempty"`
-	Ref          *string `url:"ref,omitempty" json:"ref,omitempty"`
-	Cron         *string `url:"cron,omitempty" json:"cron,omitempty"`
-	CronTimezone *string `url:"cron_timezone,omitempty" json:"cron_timezone,omitempty"`
-	Active       *bool   `url:"active,omitempty" json:"active,omitempty"`
+	Description  *string          `url:"description,omitempty" json:"description,omitempty"`
+	Ref          *string          `url:"ref,omitempty" json:"ref,omitempty"`
+	Cron         *string          `url:"cron,omitempty" json:"cron,omitempty"`
+	CronTimezone *string          `url:"cron_timezone,omitempty" json:"cron_timezone,omitempty"`
+	Active       *bool            `url:"active,omitempty" json:"active,omitempty"`
+	Inputs       []*PipelineInput `url:"inputs,omitempty" json:"inputs,omitempty"`
 }
 
 // EditPipelineSchedule edits a pipeline schedule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#edit-a-pipeline-schedule
-func (s *PipelineSchedulesService) EditPipelineSchedule(pid interface{}, schedule int, opt *EditPipelineScheduleOptions, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#edit-a-pipeline-schedule
+func (s *PipelineSchedulesService) EditPipelineSchedule(pid any, schedule int, opt *EditPipelineScheduleOptions, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -246,8 +252,8 @@ func (s *PipelineSchedulesService) EditPipelineSchedule(pid interface{}, schedul
 // pipeline schedule to the user issuing the request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#take-ownership-of-a-pipeline-schedule
-func (s *PipelineSchedulesService) TakeOwnershipOfPipelineSchedule(pid interface{}, schedule int, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#take-ownership-of-a-pipeline-schedule
+func (s *PipelineSchedulesService) TakeOwnershipOfPipelineSchedule(pid any, schedule int, options ...RequestOptionFunc) (*PipelineSchedule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -271,8 +277,8 @@ func (s *PipelineSchedulesService) TakeOwnershipOfPipelineSchedule(pid interface
 // DeletePipelineSchedule deletes a pipeline schedule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#delete-a-pipeline-schedule
-func (s *PipelineSchedulesService) DeletePipelineSchedule(pid interface{}, schedule int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#delete-a-pipeline-schedule
+func (s *PipelineSchedulesService) DeletePipelineSchedule(pid any, schedule int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -290,8 +296,8 @@ func (s *PipelineSchedulesService) DeletePipelineSchedule(pid interface{}, sched
 // RunPipelineSchedule triggers a new scheduled pipeline to run immediately.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#run-a-scheduled-pipeline-immediately
-func (s *PipelineSchedulesService) RunPipelineSchedule(pid interface{}, schedule int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#run-a-scheduled-pipeline-immediately
+func (s *PipelineSchedulesService) RunPipelineSchedule(pid any, schedule int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -310,7 +316,7 @@ func (s *PipelineSchedulesService) RunPipelineSchedule(pid interface{}, schedule
 // CreatePipelineScheduleVariable() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#create-a-new-pipeline-schedule
+// https://docs.gitlab.com/api/pipeline_schedules/#create-a-new-pipeline-schedule
 type CreatePipelineScheduleVariableOptions struct {
 	Key          *string            `url:"key" json:"key"`
 	Value        *string            `url:"value" json:"value"`
@@ -320,8 +326,8 @@ type CreatePipelineScheduleVariableOptions struct {
 // CreatePipelineScheduleVariable creates a pipeline schedule variable.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#create-a-new-pipeline-schedule
-func (s *PipelineSchedulesService) CreatePipelineScheduleVariable(pid interface{}, schedule int, opt *CreatePipelineScheduleVariableOptions, options ...RequestOptionFunc) (*PipelineVariable, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#create-a-new-pipeline-schedule
+func (s *PipelineSchedulesService) CreatePipelineScheduleVariable(pid any, schedule int, opt *CreatePipelineScheduleVariableOptions, options ...RequestOptionFunc) (*PipelineVariable, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -346,7 +352,7 @@ func (s *PipelineSchedulesService) CreatePipelineScheduleVariable(pid interface{
 // EditPipelineScheduleVariable() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#edit-a-pipeline-schedule-variable
+// https://docs.gitlab.com/api/pipeline_schedules/#edit-a-pipeline-schedule-variable
 type EditPipelineScheduleVariableOptions struct {
 	Value        *string            `url:"value" json:"value"`
 	VariableType *VariableTypeValue `url:"variable_type,omitempty" json:"variable_type,omitempty"`
@@ -355,8 +361,8 @@ type EditPipelineScheduleVariableOptions struct {
 // EditPipelineScheduleVariable creates a pipeline schedule variable.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#edit-a-pipeline-schedule-variable
-func (s *PipelineSchedulesService) EditPipelineScheduleVariable(pid interface{}, schedule int, key string, opt *EditPipelineScheduleVariableOptions, options ...RequestOptionFunc) (*PipelineVariable, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#edit-a-pipeline-schedule-variable
+func (s *PipelineSchedulesService) EditPipelineScheduleVariable(pid any, schedule int, key string, opt *EditPipelineScheduleVariableOptions, options ...RequestOptionFunc) (*PipelineVariable, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -380,8 +386,8 @@ func (s *PipelineSchedulesService) EditPipelineScheduleVariable(pid interface{},
 // DeletePipelineScheduleVariable creates a pipeline schedule variable.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_schedules.html#delete-a-pipeline-schedule-variable
-func (s *PipelineSchedulesService) DeletePipelineScheduleVariable(pid interface{}, schedule int, key string, options ...RequestOptionFunc) (*PipelineVariable, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_schedules/#delete-a-pipeline-schedule-variable
+func (s *PipelineSchedulesService) DeletePipelineScheduleVariable(pid any, schedule int, key string, options ...RequestOptionFunc) (*PipelineVariable, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/pipeline_triggers.go b/vendor/gitlab.com/gitlab-org/api/client-go/pipeline_triggers.go
index 80f8961142..deff0c89f3 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/pipeline_triggers.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/pipeline_triggers.go
@@ -24,19 +24,18 @@ import (
 
 type (
 	PipelineTriggersServiceInterface interface {
-		ListPipelineTriggers(pid interface{}, opt *ListPipelineTriggersOptions, options ...RequestOptionFunc) ([]*PipelineTrigger, *Response, error)
-		GetPipelineTrigger(pid interface{}, trigger int, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error)
-		AddPipelineTrigger(pid interface{}, opt *AddPipelineTriggerOptions, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error)
-		EditPipelineTrigger(pid interface{}, trigger int, opt *EditPipelineTriggerOptions, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error)
-		TakeOwnershipOfPipelineTrigger(pid interface{}, trigger int, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error)
-		DeletePipelineTrigger(pid interface{}, trigger int, options ...RequestOptionFunc) (*Response, error)
-		RunPipelineTrigger(pid interface{}, opt *RunPipelineTriggerOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error)
+		ListPipelineTriggers(pid any, opt *ListPipelineTriggersOptions, options ...RequestOptionFunc) ([]*PipelineTrigger, *Response, error)
+		GetPipelineTrigger(pid any, trigger int, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error)
+		AddPipelineTrigger(pid any, opt *AddPipelineTriggerOptions, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error)
+		EditPipelineTrigger(pid any, trigger int, opt *EditPipelineTriggerOptions, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error)
+		DeletePipelineTrigger(pid any, trigger int, options ...RequestOptionFunc) (*Response, error)
+		RunPipelineTrigger(pid any, opt *RunPipelineTriggerOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error)
 	}
 
 	// PipelineTriggersService handles Project pipeline triggers.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/pipeline_triggers.html
+	// https://docs.gitlab.com/api/pipeline_triggers/
 	PipelineTriggersService struct {
 		client *Client
 	}
@@ -47,7 +46,7 @@ var _ PipelineTriggersServiceInterface = (*PipelineTriggersService)(nil)
 // PipelineTrigger represents a project pipeline trigger.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html
+// https://docs.gitlab.com/api/pipeline_triggers/
 type PipelineTrigger struct {
 	ID          int        `json:"id"`
 	Description string     `json:"description"`
@@ -62,14 +61,14 @@ type PipelineTrigger struct {
 // ListPipelineTriggersOptions represents the available ListPipelineTriggers() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#list-project-trigger-tokens
+// https://docs.gitlab.com/api/pipeline_triggers/#list-project-trigger-tokens
 type ListPipelineTriggersOptions ListOptions
 
 // ListPipelineTriggers gets a list of project triggers.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#list-project-trigger-tokens
-func (s *PipelineTriggersService) ListPipelineTriggers(pid interface{}, opt *ListPipelineTriggersOptions, options ...RequestOptionFunc) ([]*PipelineTrigger, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_triggers/#list-project-trigger-tokens
+func (s *PipelineTriggersService) ListPipelineTriggers(pid any, opt *ListPipelineTriggersOptions, options ...RequestOptionFunc) ([]*PipelineTrigger, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -93,8 +92,8 @@ func (s *PipelineTriggersService) ListPipelineTriggers(pid interface{}, opt *Lis
 // GetPipelineTrigger gets a specific pipeline trigger for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#get-trigger-token-details
-func (s *PipelineTriggersService) GetPipelineTrigger(pid interface{}, trigger int, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_triggers/#get-trigger-token-details
+func (s *PipelineTriggersService) GetPipelineTrigger(pid any, trigger int, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -118,7 +117,7 @@ func (s *PipelineTriggersService) GetPipelineTrigger(pid interface{}, trigger in
 // AddPipelineTriggerOptions represents the available AddPipelineTrigger() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#create-a-trigger-token
+// https://docs.gitlab.com/api/pipeline_triggers/#create-a-trigger-token
 type AddPipelineTriggerOptions struct {
 	Description *string `url:"description,omitempty" json:"description,omitempty"`
 }
@@ -126,8 +125,8 @@ type AddPipelineTriggerOptions struct {
 // AddPipelineTrigger adds a pipeline trigger to a specified project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#create-a-trigger-token
-func (s *PipelineTriggersService) AddPipelineTrigger(pid interface{}, opt *AddPipelineTriggerOptions, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_triggers/#create-a-trigger-token
+func (s *PipelineTriggersService) AddPipelineTrigger(pid any, opt *AddPipelineTriggerOptions, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -151,7 +150,7 @@ func (s *PipelineTriggersService) AddPipelineTrigger(pid interface{}, opt *AddPi
 // EditPipelineTriggerOptions represents the available EditPipelineTrigger() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#update-a-project-trigger-token
+// https://docs.gitlab.com/api/pipeline_triggers/#update-a-pipeline-trigger-token
 type EditPipelineTriggerOptions struct {
 	Description *string `url:"description,omitempty" json:"description,omitempty"`
 }
@@ -159,8 +158,8 @@ type EditPipelineTriggerOptions struct {
 // EditPipelineTrigger edits a trigger for a specified project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#update-a-project-trigger-token
-func (s *PipelineTriggersService) EditPipelineTrigger(pid interface{}, trigger int, opt *EditPipelineTriggerOptions, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_triggers/#update-a-pipeline-trigger-token
+func (s *PipelineTriggersService) EditPipelineTrigger(pid any, trigger int, opt *EditPipelineTriggerOptions, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -181,37 +180,11 @@ func (s *PipelineTriggersService) EditPipelineTrigger(pid interface{}, trigger i
 	return pt, resp, nil
 }
 
-// TakeOwnershipOfPipelineTrigger sets the owner of the specified
-// pipeline trigger to the user issuing the request.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#take-ownership-of-a-project-trigger
-func (s *PipelineTriggersService) TakeOwnershipOfPipelineTrigger(pid interface{}, trigger int, options ...RequestOptionFunc) (*PipelineTrigger, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/triggers/%d/take_ownership", PathEscape(project), trigger)
-
-	req, err := s.client.NewRequest(http.MethodPost, u, nil, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	pt := new(PipelineTrigger)
-	resp, err := s.client.Do(req, pt)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return pt, resp, nil
-}
-
 // DeletePipelineTrigger removes a trigger from a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#remove-a-project-trigger-token
-func (s *PipelineTriggersService) DeletePipelineTrigger(pid interface{}, trigger int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/pipeline_triggers/#remove-a-pipeline-trigger-token
+func (s *PipelineTriggersService) DeletePipelineTrigger(pid any, trigger int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -229,7 +202,7 @@ func (s *PipelineTriggersService) DeletePipelineTrigger(pid interface{}, trigger
 // RunPipelineTriggerOptions represents the available RunPipelineTrigger() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#trigger-a-pipeline-with-a-token
+// https://docs.gitlab.com/api/pipeline_triggers/#trigger-a-pipeline-with-a-token
 type RunPipelineTriggerOptions struct {
 	Ref       *string           `url:"ref" json:"ref"`
 	Token     *string           `url:"token" json:"token"`
@@ -239,8 +212,8 @@ type RunPipelineTriggerOptions struct {
 // RunPipelineTrigger starts a trigger from a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipeline_triggers.html#trigger-a-pipeline-with-a-token
-func (s *PipelineTriggersService) RunPipelineTrigger(pid interface{}, opt *RunPipelineTriggerOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
+// https://docs.gitlab.com/api/pipeline_triggers/#trigger-a-pipeline-with-a-token
+func (s *PipelineTriggersService) RunPipelineTrigger(pid any, opt *RunPipelineTriggerOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/pipelines.go b/vendor/gitlab.com/gitlab-org/api/client-go/pipelines.go
index 4ef37a2eb2..88cf702ad4 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/pipelines.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/pipelines.go
@@ -22,24 +22,46 @@ import (
 	"time"
 )
 
+type PipelineSource string
+
+// PipelineSource is the source of a pipeline.
+// GitLab API docs: https://docs.gitlab.com/ci/jobs/job_rules/#ci_pipeline_source-predefined-variable
+const (
+	PipelineSourceAPI                         PipelineSource = "api"
+	PipelineSourceChat                        PipelineSource = "chat"
+	PipelineSourceExternal                    PipelineSource = "external"
+	PipelineSourceExternalPullRequestEvent    PipelineSource = "external_pull_request_event"
+	PipelineSourceMergeRequestEvent           PipelineSource = "merge_request_event"
+	PipelineSourceOndemandDastScan            PipelineSource = "ondemand_dast_scan"
+	PipelineSourceOndemandDastValidation      PipelineSource = "ondemand_dast_validation"
+	PipelineSourceParentPipeline              PipelineSource = "parent_pipeline"
+	PipelineSourcePipeline                    PipelineSource = "pipeline"
+	PipelineSourcePush                        PipelineSource = "push"
+	PipelineSourceSchedule                    PipelineSource = "schedule"
+	PipelineSourceSecurityOrchestrationPolicy PipelineSource = "security_orchestration_policy"
+	PipelineSourceTrigger                     PipelineSource = "trigger"
+	PipelineSourceWeb                         PipelineSource = "web"
+	PipelineSourceWebIDE                      PipelineSource = "webide"
+)
+
 type (
 	PipelinesServiceInterface interface {
-		ListProjectPipelines(pid interface{}, opt *ListProjectPipelinesOptions, options ...RequestOptionFunc) ([]*PipelineInfo, *Response, error)
-		GetPipeline(pid interface{}, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error)
-		GetPipelineVariables(pid interface{}, pipeline int, options ...RequestOptionFunc) ([]*PipelineVariable, *Response, error)
-		GetPipelineTestReport(pid interface{}, pipeline int, options ...RequestOptionFunc) (*PipelineTestReport, *Response, error)
-		GetLatestPipeline(pid interface{}, opt *GetLatestPipelineOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error)
-		CreatePipeline(pid interface{}, opt *CreatePipelineOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error)
-		RetryPipelineBuild(pid interface{}, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error)
-		CancelPipelineBuild(pid interface{}, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error)
-		DeletePipeline(pid interface{}, pipeline int, options ...RequestOptionFunc) (*Response, error)
-		UpdatePipelineMetadata(pid interface{}, pipeline int, opt *UpdatePipelineMetadataOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error)
+		ListProjectPipelines(pid any, opt *ListProjectPipelinesOptions, options ...RequestOptionFunc) ([]*PipelineInfo, *Response, error)
+		GetPipeline(pid any, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error)
+		GetPipelineVariables(pid any, pipeline int, options ...RequestOptionFunc) ([]*PipelineVariable, *Response, error)
+		GetPipelineTestReport(pid any, pipeline int, options ...RequestOptionFunc) (*PipelineTestReport, *Response, error)
+		GetLatestPipeline(pid any, opt *GetLatestPipelineOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error)
+		CreatePipeline(pid any, opt *CreatePipelineOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error)
+		RetryPipelineBuild(pid any, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error)
+		CancelPipelineBuild(pid any, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error)
+		DeletePipeline(pid any, pipeline int, options ...RequestOptionFunc) (*Response, error)
+		UpdatePipelineMetadata(pid any, pipeline int, opt *UpdatePipelineMetadataOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error)
 	}
 
 	// PipelinesService handles communication with the repositories related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/pipelines.html
+	// GitLab API docs: https://docs.gitlab.com/api/pipelines/
 	PipelinesService struct {
 		client *Client
 	}
@@ -49,22 +71,30 @@ var _ PipelinesServiceInterface = (*PipelinesService)(nil)
 
 // PipelineVariable represents a pipeline variable.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/pipelines.html
+// GitLab API docs: https://docs.gitlab.com/api/pipelines/
 type PipelineVariable struct {
 	Key          string            `json:"key"`
 	Value        string            `json:"value"`
 	VariableType VariableTypeValue `json:"variable_type"`
 }
 
+// PipelineInput represents a pipeline input.
+//
+// GitLab API docs: https://docs.gitlab.com/api/pipelines/
+type PipelineInput struct {
+	Name  string `json:"key"`
+	Value any    `json:"value"`
+}
+
 // Pipeline represents a GitLab pipeline.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/pipelines.html
+// GitLab API docs: https://docs.gitlab.com/api/pipelines/
 type Pipeline struct {
 	ID             int             `json:"id"`
 	IID            int             `json:"iid"`
 	ProjectID      int             `json:"project_id"`
 	Status         string          `json:"status"`
-	Source         string          `json:"source"`
+	Source         PipelineSource  `json:"source"`
 	Ref            string          `json:"ref"`
 	Name           string          `json:"name"`
 	SHA            string          `json:"sha"`
@@ -133,7 +163,7 @@ type PipelineTestCases struct {
 	Classname      string          `json:"classname"`
 	File           string          `json:"file"`
 	ExecutionTime  float64         `json:"execution_time"`
-	SystemOutput   interface{}     `json:"system_output"`
+	SystemOutput   any             `json:"system_output"`
 	StackTrace     string          `json:"stack_trace"`
 	AttachmentURL  string          `json:"attachment_url"`
 	RecentFailures *RecentFailures `json:"recent_failures"`
@@ -173,7 +203,7 @@ func (p PipelineInfo) String() string {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#list-project-pipelines
+// https://docs.gitlab.com/api/pipelines/#list-project-pipelines
 type ListProjectPipelinesOptions struct {
 	ListOptions
 	Scope         *string          `url:"scope,omitempty" json:"scope,omitempty"`
@@ -188,13 +218,15 @@ type ListProjectPipelinesOptions struct {
 	UpdatedBefore *time.Time       `url:"updated_before,omitempty" json:"updated_before,omitempty"`
 	OrderBy       *string          `url:"order_by,omitempty" json:"order_by,omitempty"`
 	Sort          *string          `url:"sort,omitempty" json:"sort,omitempty"`
+	CreatedAfter  *time.Time       `url:"created_after,omitempty" json:"created_after,omitempty"`
+	CreatedBefore *time.Time       `url:"created_before,omitempty" json:"created_before,omitempty"`
 }
 
 // ListProjectPipelines gets a list of project piplines.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#list-project-pipelines
-func (s *PipelinesService) ListProjectPipelines(pid interface{}, opt *ListProjectPipelinesOptions, options ...RequestOptionFunc) ([]*PipelineInfo, *Response, error) {
+// https://docs.gitlab.com/api/pipelines/#list-project-pipelines
+func (s *PipelinesService) ListProjectPipelines(pid any, opt *ListProjectPipelinesOptions, options ...RequestOptionFunc) ([]*PipelineInfo, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -218,8 +250,8 @@ func (s *PipelinesService) ListProjectPipelines(pid interface{}, opt *ListProjec
 // GetPipeline gets a single project pipeline.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#get-a-single-pipeline
-func (s *PipelinesService) GetPipeline(pid interface{}, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
+// https://docs.gitlab.com/api/pipelines/#get-a-single-pipeline
+func (s *PipelinesService) GetPipeline(pid any, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -243,8 +275,8 @@ func (s *PipelinesService) GetPipeline(pid interface{}, pipeline int, options ..
 // GetPipelineVariables gets the variables of a single project pipeline.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#get-variables-of-a-pipeline
-func (s *PipelinesService) GetPipelineVariables(pid interface{}, pipeline int, options ...RequestOptionFunc) ([]*PipelineVariable, *Response, error) {
+// https://docs.gitlab.com/api/pipelines/#get-variables-of-a-pipeline
+func (s *PipelinesService) GetPipelineVariables(pid any, pipeline int, options ...RequestOptionFunc) ([]*PipelineVariable, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -268,8 +300,8 @@ func (s *PipelinesService) GetPipelineVariables(pid interface{}, pipeline int, o
 // GetPipelineTestReport gets the test report of a single project pipeline.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#get-a-pipelines-test-report
-func (s *PipelinesService) GetPipelineTestReport(pid interface{}, pipeline int, options ...RequestOptionFunc) (*PipelineTestReport, *Response, error) {
+// https://docs.gitlab.com/api/pipelines/#get-a-pipelines-test-report
+func (s *PipelinesService) GetPipelineTestReport(pid any, pipeline int, options ...RequestOptionFunc) (*PipelineTestReport, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -293,7 +325,7 @@ func (s *PipelinesService) GetPipelineTestReport(pid interface{}, pipeline int,
 // GetLatestPipelineOptions represents the available GetLatestPipeline() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#get-the-latest-pipeline
+// https://docs.gitlab.com/api/pipelines/#get-the-latest-pipeline
 type GetLatestPipelineOptions struct {
 	Ref *string `url:"ref,omitempty" json:"ref,omitempty"`
 }
@@ -301,8 +333,8 @@ type GetLatestPipelineOptions struct {
 // GetLatestPipeline gets the latest pipeline for a specific ref in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#get-the-latest-pipeline
-func (s *PipelinesService) GetLatestPipeline(pid interface{}, opt *GetLatestPipelineOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
+// https://docs.gitlab.com/api/pipelines/#get-the-latest-pipeline
+func (s *PipelinesService) GetLatestPipeline(pid any, opt *GetLatestPipelineOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -326,7 +358,7 @@ func (s *PipelinesService) GetLatestPipeline(pid interface{}, opt *GetLatestPipe
 // CreatePipelineOptions represents the available CreatePipeline() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#create-a-new-pipeline
+// https://docs.gitlab.com/api/pipelines/#create-a-new-pipeline
 type CreatePipelineOptions struct {
 	Ref       *string                     `url:"ref" json:"ref"`
 	Variables *[]*PipelineVariableOptions `url:"variables,omitempty" json:"variables,omitempty"`
@@ -334,7 +366,7 @@ type CreatePipelineOptions struct {
 
 // PipelineVariable represents a pipeline variable.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/pipelines.html#create-a-new-pipeline
+// GitLab API docs: https://docs.gitlab.com/api/pipelines/#create-a-new-pipeline
 type PipelineVariableOptions struct {
 	Key          *string            `url:"key,omitempty" json:"key,omitempty"`
 	Value        *string            `url:"value,omitempty" json:"value,omitempty"`
@@ -344,8 +376,8 @@ type PipelineVariableOptions struct {
 // CreatePipeline creates a new project pipeline.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#create-a-new-pipeline
-func (s *PipelinesService) CreatePipeline(pid interface{}, opt *CreatePipelineOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
+// https://docs.gitlab.com/api/pipelines/#create-a-new-pipeline
+func (s *PipelinesService) CreatePipeline(pid any, opt *CreatePipelineOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -369,8 +401,8 @@ func (s *PipelinesService) CreatePipeline(pid interface{}, opt *CreatePipelineOp
 // RetryPipelineBuild retries failed builds in a pipeline.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#retry-jobs-in-a-pipeline
-func (s *PipelinesService) RetryPipelineBuild(pid interface{}, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
+// https://docs.gitlab.com/api/pipelines/#retry-jobs-in-a-pipeline
+func (s *PipelinesService) RetryPipelineBuild(pid any, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -394,8 +426,8 @@ func (s *PipelinesService) RetryPipelineBuild(pid interface{}, pipeline int, opt
 // CancelPipelineBuild cancels a pipeline builds.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#cancel-a-pipelines-jobs
-func (s *PipelinesService) CancelPipelineBuild(pid interface{}, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
+// https://docs.gitlab.com/api/pipelines/#cancel-a-pipelines-jobs
+func (s *PipelinesService) CancelPipelineBuild(pid any, pipeline int, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -419,8 +451,8 @@ func (s *PipelinesService) CancelPipelineBuild(pid interface{}, pipeline int, op
 // DeletePipeline deletes an existing pipeline.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#delete-a-pipeline
-func (s *PipelinesService) DeletePipeline(pid interface{}, pipeline int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/pipelines/#delete-a-pipeline
+func (s *PipelinesService) DeletePipeline(pid any, pipeline int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -439,7 +471,7 @@ func (s *PipelinesService) DeletePipeline(pid interface{}, pipeline int, options
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#update-pipeline-metadata
+// https://docs.gitlab.com/api/pipelines/#update-pipeline-metadata
 type UpdatePipelineMetadataOptions struct {
 	Name *string `url:"name,omitempty" json:"name,omitempty"`
 }
@@ -448,8 +480,8 @@ type UpdatePipelineMetadataOptions struct {
 // contains the name of the pipeline.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/pipelines.html#update-pipeline-metadata
-func (s *PipelinesService) UpdatePipelineMetadata(pid interface{}, pipeline int, opt *UpdatePipelineMetadataOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
+// https://docs.gitlab.com/api/pipelines/#update-pipeline-metadata
+func (s *PipelinesService) UpdatePipelineMetadata(pid any, pipeline int, opt *UpdatePipelineMetadataOptions, options ...RequestOptionFunc) (*Pipeline, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/plan_limits.go b/vendor/gitlab.com/gitlab-org/api/client-go/plan_limits.go
index 2f09fef6d0..4d4986057e 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/plan_limits.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/plan_limits.go
@@ -27,7 +27,7 @@ type (
 	// PlanLimitsService handles communication with the repositories related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/plan_limits.html
+	// GitLab API docs: https://docs.gitlab.com/api/plan_limits/
 	PlanLimitsService struct {
 		client *Client
 	}
@@ -37,7 +37,7 @@ var _ PlanLimitsServiceInterface = (*PlanLimitsService)(nil)
 
 // PlanLimit represents a GitLab pipeline.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/plan_limits.html
+// GitLab API docs: https://docs.gitlab.com/api/plan_limits/
 type PlanLimit struct {
 	ConanMaxFileSize           int `json:"conan_max_file_size,omitempty"`
 	GenericPackagesMaxFileSize int `json:"generic_packages_max_file_size,omitempty"`
@@ -53,7 +53,7 @@ type PlanLimit struct {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/plan_limits.html#get-current-plan-limits
+// https://docs.gitlab.com/api/plan_limits/#get-current-plan-limits
 type GetCurrentPlanLimitsOptions struct {
 	PlanName *string `url:"plan_name,omitempty" json:"plan_name,omitempty"`
 }
@@ -61,7 +61,7 @@ type GetCurrentPlanLimitsOptions struct {
 // List the current limits of a plan on the GitLab instance.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/plan_limits.html#get-current-plan-limits
+// https://docs.gitlab.com/api/plan_limits/#get-current-plan-limits
 func (s *PlanLimitsService) GetCurrentPlanLimits(opt *GetCurrentPlanLimitsOptions, options ...RequestOptionFunc) (*PlanLimit, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "application/plan_limits", opt, options)
 	if err != nil {
@@ -80,7 +80,7 @@ func (s *PlanLimitsService) GetCurrentPlanLimits(opt *GetCurrentPlanLimitsOption
 // ChangePlanLimitOptions represents the available ChangePlanLimits() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/plan_limits.html#change-plan-limits
+// https://docs.gitlab.com/api/plan_limits/#change-plan-limits
 type ChangePlanLimitOptions struct {
 	PlanName                   *string `url:"plan_name,omitempty" json:"plan_name,omitempty"`
 	ConanMaxFileSize           *int    `url:"conan_max_file_size,omitempty" json:"conan_max_file_size,omitempty"`
@@ -96,7 +96,7 @@ type ChangePlanLimitOptions struct {
 // ChangePlanLimits modifies the limits of a plan on the GitLab instance.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/plan_limits.html#change-plan-limits
+// https://docs.gitlab.com/api/plan_limits/#change-plan-limits
 func (s *PlanLimitsService) ChangePlanLimits(opt *ChangePlanLimitOptions, options ...RequestOptionFunc) (*PlanLimit, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPut, "application/plan_limits", opt, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_access_tokens.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_access_tokens.go
index ac4d2cc69b..e98e658550 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_access_tokens.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_access_tokens.go
@@ -23,12 +23,12 @@ import (
 
 type (
 	ProjectAccessTokensServiceInterface interface {
-		ListProjectAccessTokens(pid interface{}, opt *ListProjectAccessTokensOptions, options ...RequestOptionFunc) ([]*ProjectAccessToken, *Response, error)
-		GetProjectAccessToken(pid interface{}, id int, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error)
-		CreateProjectAccessToken(pid interface{}, opt *CreateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error)
-		RotateProjectAccessToken(pid interface{}, id int, opt *RotateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error)
-		RotateProjectAccessTokenSelf(pid interface{}, opt *RotateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error)
-		RevokeProjectAccessToken(pid interface{}, id int, options ...RequestOptionFunc) (*Response, error)
+		ListProjectAccessTokens(pid any, opt *ListProjectAccessTokensOptions, options ...RequestOptionFunc) ([]*ProjectAccessToken, *Response, error)
+		GetProjectAccessToken(pid any, id int, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error)
+		CreateProjectAccessToken(pid any, opt *CreateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error)
+		RotateProjectAccessToken(pid any, id int, opt *RotateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error)
+		RotateProjectAccessTokenSelf(pid any, opt *RotateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error)
+		RevokeProjectAccessToken(pid any, id int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ProjectAccessTokensService handles communication with the
@@ -68,7 +68,7 @@ type ListProjectAccessTokensOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/project_access_tokens/#list-all-project-access-tokens
-func (s *ProjectAccessTokensService) ListProjectAccessTokens(pid interface{}, opt *ListProjectAccessTokensOptions, options ...RequestOptionFunc) ([]*ProjectAccessToken, *Response, error) {
+func (s *ProjectAccessTokensService) ListProjectAccessTokens(pid any, opt *ListProjectAccessTokensOptions, options ...RequestOptionFunc) ([]*ProjectAccessToken, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -93,7 +93,7 @@ func (s *ProjectAccessTokensService) ListProjectAccessTokens(pid interface{}, op
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/project_access_tokens/#get-details-on-a-project-access-token
-func (s *ProjectAccessTokensService) GetProjectAccessToken(pid interface{}, id int, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error) {
+func (s *ProjectAccessTokensService) GetProjectAccessToken(pid any, id int, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -131,7 +131,7 @@ type CreateProjectAccessTokenOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/project_access_tokens/#create-a-project-access-token
-func (s *ProjectAccessTokensService) CreateProjectAccessToken(pid interface{}, opt *CreateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error) {
+func (s *ProjectAccessTokensService) CreateProjectAccessToken(pid any, opt *CreateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -166,7 +166,7 @@ type RotateProjectAccessTokenOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/project_access_tokens/#rotate-a-project-access-token
-func (s *ProjectAccessTokensService) RotateProjectAccessToken(pid interface{}, id int, opt *RotateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error) {
+func (s *ProjectAccessTokensService) RotateProjectAccessToken(pid any, id int, opt *RotateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error) {
 	projects, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -191,7 +191,7 @@ func (s *ProjectAccessTokensService) RotateProjectAccessToken(pid interface{}, i
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/project_access_tokens/#self-rotate
-func (s *ProjectAccessTokensService) RotateProjectAccessTokenSelf(pid interface{}, opt *RotateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error) {
+func (s *ProjectAccessTokensService) RotateProjectAccessTokenSelf(pid any, opt *RotateProjectAccessTokenOptions, options ...RequestOptionFunc) (*ProjectAccessToken, *Response, error) {
 	projects, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -215,7 +215,7 @@ func (s *ProjectAccessTokensService) RotateProjectAccessTokenSelf(pid interface{
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/project_access_tokens/#revoke-a-project-access-token
-func (s *ProjectAccessTokensService) RevokeProjectAccessToken(pid interface{}, id int, options ...RequestOptionFunc) (*Response, error) {
+func (s *ProjectAccessTokensService) RevokeProjectAccessToken(pid any, id int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_badges.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_badges.go
index aea54f28d2..c65daa3893 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_badges.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_badges.go
@@ -23,18 +23,18 @@ import (
 
 type (
 	ProjectBadgesServiceInterface interface {
-		ListProjectBadges(pid interface{}, opt *ListProjectBadgesOptions, options ...RequestOptionFunc) ([]*ProjectBadge, *Response, error)
-		GetProjectBadge(pid interface{}, badge int, options ...RequestOptionFunc) (*ProjectBadge, *Response, error)
-		AddProjectBadge(pid interface{}, opt *AddProjectBadgeOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error)
-		EditProjectBadge(pid interface{}, badge int, opt *EditProjectBadgeOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error)
-		DeleteProjectBadge(pid interface{}, badge int, options ...RequestOptionFunc) (*Response, error)
-		PreviewProjectBadge(pid interface{}, opt *ProjectBadgePreviewOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error)
+		ListProjectBadges(pid any, opt *ListProjectBadgesOptions, options ...RequestOptionFunc) ([]*ProjectBadge, *Response, error)
+		GetProjectBadge(pid any, badge int, options ...RequestOptionFunc) (*ProjectBadge, *Response, error)
+		AddProjectBadge(pid any, opt *AddProjectBadgeOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error)
+		EditProjectBadge(pid any, badge int, opt *EditProjectBadgeOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error)
+		DeleteProjectBadge(pid any, badge int, options ...RequestOptionFunc) (*Response, error)
+		PreviewProjectBadge(pid any, opt *ProjectBadgePreviewOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error)
 	}
 
 	// ProjectBadgesService handles communication with the project badges
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/project_badges.html
+	// GitLab API docs: https://docs.gitlab.com/api/project_badges/
 	ProjectBadgesService struct {
 		client *Client
 	}
@@ -45,7 +45,7 @@ var _ ProjectBadgesServiceInterface = (*ProjectBadgesService)(nil)
 // ProjectBadge represents a project badge.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#list-all-badges-of-a-project
+// https://docs.gitlab.com/api/project_badges/#list-all-badges-of-a-project
 type ProjectBadge struct {
 	ID               int    `json:"id"`
 	Name             string `json:"name"`
@@ -61,7 +61,7 @@ type ProjectBadge struct {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#list-all-badges-of-a-project
+// https://docs.gitlab.com/api/project_badges/#list-all-badges-of-a-project
 type ListProjectBadgesOptions struct {
 	ListOptions
 	Name *string `url:"name,omitempty" json:"name,omitempty"`
@@ -70,8 +70,8 @@ type ListProjectBadgesOptions struct {
 // ListProjectBadges gets a list of a project's badges and its group badges.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#list-all-badges-of-a-project
-func (s *ProjectBadgesService) ListProjectBadges(pid interface{}, opt *ListProjectBadgesOptions, options ...RequestOptionFunc) ([]*ProjectBadge, *Response, error) {
+// https://docs.gitlab.com/api/project_badges/#list-all-badges-of-a-project
+func (s *ProjectBadgesService) ListProjectBadges(pid any, opt *ListProjectBadgesOptions, options ...RequestOptionFunc) ([]*ProjectBadge, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -95,8 +95,8 @@ func (s *ProjectBadgesService) ListProjectBadges(pid interface{}, opt *ListProje
 // GetProjectBadge gets a project badge.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#get-a-badge-of-a-project
-func (s *ProjectBadgesService) GetProjectBadge(pid interface{}, badge int, options ...RequestOptionFunc) (*ProjectBadge, *Response, error) {
+// https://docs.gitlab.com/api/project_badges/#get-a-badge-of-a-project
+func (s *ProjectBadgesService) GetProjectBadge(pid any, badge int, options ...RequestOptionFunc) (*ProjectBadge, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -120,7 +120,7 @@ func (s *ProjectBadgesService) GetProjectBadge(pid interface{}, badge int, optio
 // AddProjectBadgeOptions represents the available AddProjectBadge() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#add-a-badge-to-a-project
+// https://docs.gitlab.com/api/project_badges/#add-a-badge-to-a-project
 type AddProjectBadgeOptions struct {
 	LinkURL  *string `url:"link_url,omitempty" json:"link_url,omitempty"`
 	ImageURL *string `url:"image_url,omitempty" json:"image_url,omitempty"`
@@ -130,8 +130,8 @@ type AddProjectBadgeOptions struct {
 // AddProjectBadge adds a badge to a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#add-a-badge-to-a-project
-func (s *ProjectBadgesService) AddProjectBadge(pid interface{}, opt *AddProjectBadgeOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error) {
+// https://docs.gitlab.com/api/project_badges/#add-a-badge-to-a-project
+func (s *ProjectBadgesService) AddProjectBadge(pid any, opt *AddProjectBadgeOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -155,7 +155,7 @@ func (s *ProjectBadgesService) AddProjectBadge(pid interface{}, opt *AddProjectB
 // EditProjectBadgeOptions represents the available EditProjectBadge() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#edit-a-badge-of-a-project
+// https://docs.gitlab.com/api/project_badges/#edit-a-badge-of-a-project
 type EditProjectBadgeOptions struct {
 	LinkURL  *string `url:"link_url,omitempty" json:"link_url,omitempty"`
 	ImageURL *string `url:"image_url,omitempty" json:"image_url,omitempty"`
@@ -165,8 +165,8 @@ type EditProjectBadgeOptions struct {
 // EditProjectBadge updates a badge of a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#edit-a-badge-of-a-project
-func (s *ProjectBadgesService) EditProjectBadge(pid interface{}, badge int, opt *EditProjectBadgeOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error) {
+// https://docs.gitlab.com/api/project_badges/#edit-a-badge-of-a-project
+func (s *ProjectBadgesService) EditProjectBadge(pid any, badge int, opt *EditProjectBadgeOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -191,8 +191,8 @@ func (s *ProjectBadgesService) EditProjectBadge(pid interface{}, badge int, opt
 // badges will be removed by using this endpoint.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#remove-a-badge-from-a-project
-func (s *ProjectBadgesService) DeleteProjectBadge(pid interface{}, badge int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_badges/#remove-a-badge-from-a-project
+func (s *ProjectBadgesService) DeleteProjectBadge(pid any, badge int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -210,7 +210,7 @@ func (s *ProjectBadgesService) DeleteProjectBadge(pid interface{}, badge int, op
 // ProjectBadgePreviewOptions represents the available PreviewProjectBadge() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#preview-a-badge-from-a-project
+// https://docs.gitlab.com/api/project_badges/#preview-a-badge-from-a-project
 type ProjectBadgePreviewOptions struct {
 	LinkURL  *string `url:"link_url,omitempty" json:"link_url,omitempty"`
 	ImageURL *string `url:"image_url,omitempty" json:"image_url,omitempty"`
@@ -220,8 +220,8 @@ type ProjectBadgePreviewOptions struct {
 // resolving the placeholder interpolation.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_badges.html#preview-a-badge-from-a-project
-func (s *ProjectBadgesService) PreviewProjectBadge(pid interface{}, opt *ProjectBadgePreviewOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error) {
+// https://docs.gitlab.com/api/project_badges/#preview-a-badge-from-a-project
+func (s *ProjectBadgesService) PreviewProjectBadge(pid any, opt *ProjectBadgePreviewOptions, options ...RequestOptionFunc) (*ProjectBadge, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_clusters.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_clusters.go
index 058dd9f7c1..0572e1b618 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_clusters.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_clusters.go
@@ -23,29 +23,38 @@ import (
 )
 
 type (
+	// Deprecated: in GitLab 14.5, to be removed in 19.0
 	ProjectClustersServiceInterface interface {
-		ListClusters(pid interface{}, options ...RequestOptionFunc) ([]*ProjectCluster, *Response, error)
-		GetCluster(pid interface{}, cluster int, options ...RequestOptionFunc) (*ProjectCluster, *Response, error)
-		AddCluster(pid interface{}, opt *AddClusterOptions, options ...RequestOptionFunc) (*ProjectCluster, *Response, error)
-		EditCluster(pid interface{}, cluster int, opt *EditClusterOptions, options ...RequestOptionFunc) (*ProjectCluster, *Response, error)
-		DeleteCluster(pid interface{}, cluster int, options ...RequestOptionFunc) (*Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
+		ListClusters(pid any, options ...RequestOptionFunc) ([]*ProjectCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
+		GetCluster(pid any, cluster int, options ...RequestOptionFunc) (*ProjectCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
+		AddCluster(pid any, opt *AddClusterOptions, options ...RequestOptionFunc) (*ProjectCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
+		EditCluster(pid any, cluster int, opt *EditClusterOptions, options ...RequestOptionFunc) (*ProjectCluster, *Response, error)
+		// Deprecated: in GitLab 14.5, to be removed in 19.0
+		DeleteCluster(pid any, cluster int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ProjectClustersService handles communication with the
 	// project clusters related methods of the GitLab API.
+	// Deprecated: in GitLab 14.5, to be removed in 19.0
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/project_clusters.html
+	// https://docs.gitlab.com/api/project_clusters/
 	ProjectClustersService struct {
 		client *Client
 	}
 )
 
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 var _ ProjectClustersServiceInterface = (*ProjectClustersService)(nil)
 
 // ProjectCluster represents a GitLab Project Cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_clusters.html
+// GitLab API docs: https://docs.gitlab.com/api/project_clusters/
 type ProjectCluster struct {
 	ID                 int                 `json:"id"`
 	Name               string              `json:"name"`
@@ -61,11 +70,13 @@ type ProjectCluster struct {
 	Project            *Project            `json:"project"`
 }
 
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 func (v ProjectCluster) String() string {
 	return Stringify(v)
 }
 
 // PlatformKubernetes represents a GitLab Project Cluster PlatformKubernetes.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 type PlatformKubernetes struct {
 	APIURL            string `json:"api_url"`
 	Token             string `json:"token"`
@@ -75,6 +86,7 @@ type PlatformKubernetes struct {
 }
 
 // ManagementProject represents a GitLab Project Cluster management_project.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 type ManagementProject struct {
 	ID                int        `json:"id"`
 	Description       string     `json:"description"`
@@ -86,10 +98,11 @@ type ManagementProject struct {
 }
 
 // ListClusters gets a list of all clusters in a project.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_clusters.html#list-project-clusters
-func (s *ProjectClustersService) ListClusters(pid interface{}, options ...RequestOptionFunc) ([]*ProjectCluster, *Response, error) {
+// https://docs.gitlab.com/api/project_clusters/#list-project-clusters
+func (s *ProjectClustersService) ListClusters(pid any, options ...RequestOptionFunc) ([]*ProjectCluster, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -111,10 +124,11 @@ func (s *ProjectClustersService) ListClusters(pid interface{}, options ...Reques
 }
 
 // GetCluster gets a cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_clusters.html#get-a-single-project-cluster
-func (s *ProjectClustersService) GetCluster(pid interface{}, cluster int, options ...RequestOptionFunc) (*ProjectCluster, *Response, error) {
+// https://docs.gitlab.com/api/project_clusters/#get-a-single-project-cluster
+func (s *ProjectClustersService) GetCluster(pid any, cluster int, options ...RequestOptionFunc) (*ProjectCluster, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -136,9 +150,10 @@ func (s *ProjectClustersService) GetCluster(pid interface{}, cluster int, option
 }
 
 // AddClusterOptions represents the available AddCluster() options.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_clusters.html#add-existing-cluster-to-project
+// https://docs.gitlab.com/api/project_clusters/#add-existing-cluster-to-project
 type AddClusterOptions struct {
 	Name                *string                       `url:"name,omitempty" json:"name,omitempty"`
 	Domain              *string                       `url:"domain,omitempty" json:"domain,omitempty"`
@@ -150,6 +165,7 @@ type AddClusterOptions struct {
 }
 
 // AddPlatformKubernetesOptions represents the available PlatformKubernetes options for adding.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 type AddPlatformKubernetesOptions struct {
 	APIURL            *string `url:"api_url,omitempty" json:"api_url,omitempty"`
 	Token             *string `url:"token,omitempty" json:"token,omitempty"`
@@ -159,10 +175,11 @@ type AddPlatformKubernetesOptions struct {
 }
 
 // AddCluster adds an existing cluster to the project.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_clusters.html#add-existing-cluster-to-project
-func (s *ProjectClustersService) AddCluster(pid interface{}, opt *AddClusterOptions, options ...RequestOptionFunc) (*ProjectCluster, *Response, error) {
+// https://docs.gitlab.com/api/project_clusters/#add-existing-cluster-to-project
+func (s *ProjectClustersService) AddCluster(pid any, opt *AddClusterOptions, options ...RequestOptionFunc) (*ProjectCluster, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -184,9 +201,10 @@ func (s *ProjectClustersService) AddCluster(pid interface{}, opt *AddClusterOpti
 }
 
 // EditClusterOptions represents the available EditCluster() options.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_clusters.html#edit-project-cluster
+// https://docs.gitlab.com/api/project_clusters/#edit-project-cluster
 type EditClusterOptions struct {
 	Name                *string                        `url:"name,omitempty" json:"name,omitempty"`
 	Domain              *string                        `url:"domain,omitempty" json:"domain,omitempty"`
@@ -196,6 +214,7 @@ type EditClusterOptions struct {
 }
 
 // EditPlatformKubernetesOptions represents the available PlatformKubernetes options for editing.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 type EditPlatformKubernetesOptions struct {
 	APIURL    *string `url:"api_url,omitempty" json:"api_url,omitempty"`
 	Token     *string `url:"token,omitempty" json:"token,omitempty"`
@@ -204,10 +223,11 @@ type EditPlatformKubernetesOptions struct {
 }
 
 // EditCluster updates an existing project cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_clusters.html#edit-project-cluster
-func (s *ProjectClustersService) EditCluster(pid interface{}, cluster int, opt *EditClusterOptions, options ...RequestOptionFunc) (*ProjectCluster, *Response, error) {
+// https://docs.gitlab.com/api/project_clusters/#edit-project-cluster
+func (s *ProjectClustersService) EditCluster(pid any, cluster int, opt *EditClusterOptions, options ...RequestOptionFunc) (*ProjectCluster, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -229,10 +249,11 @@ func (s *ProjectClustersService) EditCluster(pid interface{}, cluster int, opt *
 }
 
 // DeleteCluster deletes an existing project cluster.
+// Deprecated: in GitLab 14.5, to be removed in 19.0
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_clusters.html#delete-project-cluster
-func (s *ProjectClustersService) DeleteCluster(pid interface{}, cluster int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_clusters/#delete-project-cluster
+func (s *ProjectClustersService) DeleteCluster(pid any, cluster int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_feature_flags.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_feature_flags.go
index 94ea293538..53491bccf3 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_feature_flags.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_feature_flags.go
@@ -8,17 +8,17 @@ import (
 
 type (
 	ProjectFeatureFlagServiceInterface interface {
-		ListProjectFeatureFlags(pid interface{}, opt *ListProjectFeatureFlagOptions, options ...RequestOptionFunc) ([]*ProjectFeatureFlag, *Response, error)
-		GetProjectFeatureFlag(pid interface{}, name string, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error)
-		CreateProjectFeatureFlag(pid interface{}, opt *CreateProjectFeatureFlagOptions, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error)
-		UpdateProjectFeatureFlag(pid interface{}, name string, opt *UpdateProjectFeatureFlagOptions, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error)
-		DeleteProjectFeatureFlag(pid interface{}, name string, options ...RequestOptionFunc) (*Response, error)
+		ListProjectFeatureFlags(pid any, opt *ListProjectFeatureFlagOptions, options ...RequestOptionFunc) ([]*ProjectFeatureFlag, *Response, error)
+		GetProjectFeatureFlag(pid any, name string, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error)
+		CreateProjectFeatureFlag(pid any, opt *CreateProjectFeatureFlagOptions, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error)
+		UpdateProjectFeatureFlag(pid any, name string, opt *UpdateProjectFeatureFlagOptions, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error)
+		DeleteProjectFeatureFlag(pid any, name string, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ProjectFeatureFlagService handles operations on gitlab project feature
 	// flags using the following api:
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/feature_flags.html
+	// GitLab API docs: https://docs.gitlab.com/api/feature_flags/
 	ProjectFeatureFlagService struct {
 		client *Client
 	}
@@ -28,7 +28,7 @@ var _ ProjectFeatureFlagServiceInterface = (*ProjectFeatureFlagService)(nil)
 
 // ProjectFeatureFlag represents a GitLab project iteration.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/feature_flags.html
+// GitLab API docs: https://docs.gitlab.com/api/feature_flags/
 type ProjectFeatureFlag struct {
 	Name        string                        `json:"name"`
 	Description string                        `json:"description"`
@@ -42,7 +42,7 @@ type ProjectFeatureFlag struct {
 
 // ProjectFeatureFlagScope defines the scopes of a feature flag
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/feature_flags.html
+// GitLab API docs: https://docs.gitlab.com/api/feature_flags/
 type ProjectFeatureFlagScope struct {
 	ID               int    `json:"id"`
 	EnvironmentScope string `json:"environment_scope"`
@@ -50,7 +50,7 @@ type ProjectFeatureFlagScope struct {
 
 // ProjectFeatureFlagStrategy defines the strategy used for a feature flag
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/feature_flags.html
+// GitLab API docs: https://docs.gitlab.com/api/feature_flags/
 type ProjectFeatureFlagStrategy struct {
 	ID         int                                  `json:"id"`
 	Name       string                               `json:"name"`
@@ -60,7 +60,7 @@ type ProjectFeatureFlagStrategy struct {
 
 // ProjectFeatureFlagStrategyParameter is used in updating and creating feature flags
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/feature_flags.html
+// GitLab API docs: https://docs.gitlab.com/api/feature_flags/
 type ProjectFeatureFlagStrategyParameter struct {
 	GroupID    string `json:"groupId,omitempty"`
 	UserIDs    string `json:"userIds,omitempty"`
@@ -80,7 +80,7 @@ func (i ProjectFeatureFlag) String() string {
 // ListProjectFeatureFlagOptions contains the options for ListProjectFeatureFlags
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/feature_flags.html#list-feature-flags-for-a-project
+// https://docs.gitlab.com/api/feature_flags/#list-feature-flags-for-a-project
 type ListProjectFeatureFlagOptions struct {
 	ListOptions
 	Scope *string `url:"scope,omitempty" json:"scope,omitempty"`
@@ -89,8 +89,8 @@ type ListProjectFeatureFlagOptions struct {
 // ListProjectFeatureFlags returns a list with the feature flags of a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/feature_flags.html#list-feature-flags-for-a-project
-func (s *ProjectFeatureFlagService) ListProjectFeatureFlags(pid interface{}, opt *ListProjectFeatureFlagOptions, options ...RequestOptionFunc) ([]*ProjectFeatureFlag, *Response, error) {
+// https://docs.gitlab.com/api/feature_flags/#list-feature-flags-for-a-project
+func (s *ProjectFeatureFlagService) ListProjectFeatureFlags(pid any, opt *ListProjectFeatureFlagOptions, options ...RequestOptionFunc) ([]*ProjectFeatureFlag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -114,8 +114,8 @@ func (s *ProjectFeatureFlagService) ListProjectFeatureFlags(pid interface{}, opt
 // GetProjectFeatureFlag gets a single feature flag for the specified project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/feature_flags.html#get-a-single-feature-flag
-func (s *ProjectFeatureFlagService) GetProjectFeatureFlag(pid interface{}, name string, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error) {
+// https://docs.gitlab.com/api/feature_flags/#get-a-single-feature-flag
+func (s *ProjectFeatureFlagService) GetProjectFeatureFlag(pid any, name string, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -140,7 +140,7 @@ func (s *ProjectFeatureFlagService) GetProjectFeatureFlag(pid interface{}, name
 // CreateProjectFeatureFlag() options.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/feature_flags.html#create-a-feature-flag
+// https://docs.gitlab.com/api/feature_flags/#create-a-feature-flag
 type CreateProjectFeatureFlagOptions struct {
 	Name        *string                        `url:"name,omitempty" json:"name,omitempty"`
 	Description *string                        `url:"description,omitempty" json:"description,omitempty"`
@@ -153,7 +153,7 @@ type CreateProjectFeatureFlagOptions struct {
 // options.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/feature_flags.html#create-a-feature-flag
+// https://docs.gitlab.com/api/feature_flags/#create-a-feature-flag
 type FeatureFlagStrategyOptions struct {
 	ID         *int                                 `url:"id,omitempty" json:"id,omitempty"`
 	Name       *string                              `url:"name,omitempty" json:"name,omitempty"`
@@ -165,7 +165,7 @@ type FeatureFlagStrategyOptions struct {
 // options.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/feature_flags.html#create-a-feature-flag
+// https://docs.gitlab.com/api/feature_flags/#create-a-feature-flag
 type ProjectFeatureFlagScopeOptions struct {
 	ID               *int    `url:"id,omitempty" json:"id,omitempty"`
 	EnvironmentScope *string `url:"id,omitempty" json:"environment_scope,omitempty"`
@@ -174,8 +174,8 @@ type ProjectFeatureFlagScopeOptions struct {
 // CreateProjectFeatureFlag creates a feature flag
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/feature_flags.html#create-a-feature-flag
-func (s *ProjectFeatureFlagService) CreateProjectFeatureFlag(pid interface{}, opt *CreateProjectFeatureFlagOptions, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error) {
+// https://docs.gitlab.com/api/feature_flags/#create-a-feature-flag
+func (s *ProjectFeatureFlagService) CreateProjectFeatureFlag(pid any, opt *CreateProjectFeatureFlagOptions, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -202,7 +202,7 @@ func (s *ProjectFeatureFlagService) CreateProjectFeatureFlag(pid interface{}, op
 // UpdateProjectFeatureFlag() options.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/feature_flags.html#update-a-feature-flag
+// https://docs.gitlab.com/api/feature_flags/#update-a-feature-flag
 type UpdateProjectFeatureFlagOptions struct {
 	Name        *string                        `url:"name,omitempty" json:"name,omitempty"`
 	Description *string                        `url:"description,omitempty" json:"description,omitempty"`
@@ -213,8 +213,8 @@ type UpdateProjectFeatureFlagOptions struct {
 // UpdateProjectFeatureFlag updates a feature flag
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/feature_flags.html#update-a-feature-flag
-func (s *ProjectFeatureFlagService) UpdateProjectFeatureFlag(pid interface{}, name string, opt *UpdateProjectFeatureFlagOptions, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error) {
+// https://docs.gitlab.com/api/feature_flags/#update-a-feature-flag
+func (s *ProjectFeatureFlagService) UpdateProjectFeatureFlag(pid any, name string, opt *UpdateProjectFeatureFlagOptions, options ...RequestOptionFunc) (*ProjectFeatureFlag, *Response, error) {
 	group, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -241,8 +241,8 @@ func (s *ProjectFeatureFlagService) UpdateProjectFeatureFlag(pid interface{}, na
 // DeleteProjectFeatureFlag deletes a feature flag
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/feature_flags.html#delete-a-feature-flag
-func (s *ProjectFeatureFlagService) DeleteProjectFeatureFlag(pid interface{}, name string, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/feature_flags/#delete-a-feature-flag
+func (s *ProjectFeatureFlagService) DeleteProjectFeatureFlag(pid any, name string, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_import_export.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_import_export.go
index 549b8c5d0a..eab7e3edf4 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_import_export.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_import_export.go
@@ -26,18 +26,18 @@ import (
 
 type (
 	ProjectImportExportServiceInterface interface {
-		ScheduleExport(pid interface{}, opt *ScheduleExportOptions, options ...RequestOptionFunc) (*Response, error)
-		ExportStatus(pid interface{}, options ...RequestOptionFunc) (*ExportStatus, *Response, error)
-		ExportDownload(pid interface{}, options ...RequestOptionFunc) ([]byte, *Response, error)
+		ScheduleExport(pid any, opt *ScheduleExportOptions, options ...RequestOptionFunc) (*Response, error)
+		ExportStatus(pid any, options ...RequestOptionFunc) (*ExportStatus, *Response, error)
+		ExportDownload(pid any, options ...RequestOptionFunc) ([]byte, *Response, error)
 		ImportFromFile(archive io.Reader, opt *ImportFileOptions, options ...RequestOptionFunc) (*ImportStatus, *Response, error)
-		ImportStatus(pid interface{}, options ...RequestOptionFunc) (*ImportStatus, *Response, error)
+		ImportStatus(pid any, options ...RequestOptionFunc) (*ImportStatus, *Response, error)
 	}
 
 	// ProjectImportExportService handles communication with the project
 	// import/export related methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/project_import_export.html
+	// https://docs.gitlab.com/api/project_import_export/
 	ProjectImportExportService struct {
 		client *Client
 	}
@@ -48,7 +48,7 @@ var _ ProjectImportExportServiceInterface = (*ProjectImportExportService)(nil)
 // ImportStatus represents a project import status.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_import_export.html#import-status
+// https://docs.gitlab.com/api/project_import_export/#import-status
 type ImportStatus struct {
 	ID                int        `json:"id"`
 	Description       string     `json:"description"`
@@ -70,7 +70,7 @@ func (s ImportStatus) String() string {
 // ExportStatus represents a project export status.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_import_export.html#export-status
+// https://docs.gitlab.com/api/project_import_export/#export-status
 type ExportStatus struct {
 	ID                int        `json:"id"`
 	Description       string     `json:"description"`
@@ -94,7 +94,7 @@ func (s ExportStatus) String() string {
 // ScheduleExportOptions represents the available ScheduleExport() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_import_export.html#schedule-an-export
+// https://docs.gitlab.com/api/project_import_export/#schedule-an-export
 type ScheduleExportOptions struct {
 	Description *string `url:"description,omitempty" json:"description,omitempty"`
 	Upload      struct {
@@ -106,8 +106,8 @@ type ScheduleExportOptions struct {
 // ScheduleExport schedules a project export.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_import_export.html#schedule-an-export
-func (s *ProjectImportExportService) ScheduleExport(pid interface{}, opt *ScheduleExportOptions, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_import_export/#schedule-an-export
+func (s *ProjectImportExportService) ScheduleExport(pid any, opt *ScheduleExportOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -125,8 +125,8 @@ func (s *ProjectImportExportService) ScheduleExport(pid interface{}, opt *Schedu
 // ExportStatus get the status of export.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_import_export.html#export-status
-func (s *ProjectImportExportService) ExportStatus(pid interface{}, options ...RequestOptionFunc) (*ExportStatus, *Response, error) {
+// https://docs.gitlab.com/api/project_import_export/#export-status
+func (s *ProjectImportExportService) ExportStatus(pid any, options ...RequestOptionFunc) (*ExportStatus, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -150,8 +150,8 @@ func (s *ProjectImportExportService) ExportStatus(pid interface{}, options ...Re
 // ExportDownload download the finished export.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_import_export.html#export-download
-func (s *ProjectImportExportService) ExportDownload(pid interface{}, options ...RequestOptionFunc) ([]byte, *Response, error) {
+// https://docs.gitlab.com/api/project_import_export/#export-download
+func (s *ProjectImportExportService) ExportDownload(pid any, options ...RequestOptionFunc) ([]byte, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -175,7 +175,7 @@ func (s *ProjectImportExportService) ExportDownload(pid interface{}, options ...
 // ImportFileOptions represents the available ImportFile() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_import_export.html#import-a-file
+// https://docs.gitlab.com/api/project_import_export/#import-a-file
 type ImportFileOptions struct {
 	Namespace      *string               `url:"namespace,omitempty" json:"namespace,omitempty"`
 	Name           *string               `url:"name,omitempty" json:"name,omitempty"`
@@ -187,7 +187,7 @@ type ImportFileOptions struct {
 // Import a project from an archive file.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_import_export.html#import-a-file
+// https://docs.gitlab.com/api/project_import_export/#import-a-file
 func (s *ProjectImportExportService) ImportFromFile(archive io.Reader, opt *ImportFileOptions, options ...RequestOptionFunc) (*ImportStatus, *Response, error) {
 	req, err := s.client.UploadRequest(
 		http.MethodPost,
@@ -214,8 +214,8 @@ func (s *ProjectImportExportService) ImportFromFile(archive io.Reader, opt *Impo
 // ImportStatus get the status of an import.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_import_export.html#import-status
-func (s *ProjectImportExportService) ImportStatus(pid interface{}, options ...RequestOptionFunc) (*ImportStatus, *Response, error) {
+// https://docs.gitlab.com/api/project_import_export/#import-status
+func (s *ProjectImportExportService) ImportStatus(pid any, options ...RequestOptionFunc) (*ImportStatus, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_iterations.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_iterations.go
index 0823963e73..2495e4cfa8 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_iterations.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_iterations.go
@@ -24,13 +24,13 @@ import (
 
 type (
 	ProjectIterationsServiceInterface interface {
-		ListProjectIterations(pid interface{}, opt *ListProjectIterationsOptions, options ...RequestOptionFunc) ([]*ProjectIteration, *Response, error)
+		ListProjectIterations(pid any, opt *ListProjectIterationsOptions, options ...RequestOptionFunc) ([]*ProjectIteration, *Response, error)
 	}
 
 	// ProjectIterationsService handles communication with the project iterations related
 	// methods of the GitLab API
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/iterations.html
+	// GitLab API docs: https://docs.gitlab.com/api/iterations/
 	ProjectIterationsService struct {
 		client *Client
 	}
@@ -40,7 +40,7 @@ var _ ProjectIterationsServiceInterface = (*ProjectIterationsService)(nil)
 
 // ProjectIteration represents a GitLab project iteration.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/iterations.html
+// GitLab API docs: https://docs.gitlab.com/api/iterations/
 type ProjectIteration struct {
 	ID          int        `json:"id"`
 	IID         int        `json:"iid"`
@@ -64,7 +64,7 @@ func (i ProjectIteration) String() string {
 // options
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/iterations.html#list-project-iterations
+// https://docs.gitlab.com/api/iterations/#list-project-iterations
 type ListProjectIterationsOptions struct {
 	ListOptions
 	State            *string `url:"state,omitempty" json:"state,omitempty"`
@@ -75,8 +75,8 @@ type ListProjectIterationsOptions struct {
 // ListProjectIterations returns a list of projects iterations.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/iterations.html#list-project-iterations
-func (i *ProjectIterationsService) ListProjectIterations(pid interface{}, opt *ListProjectIterationsOptions, options ...RequestOptionFunc) ([]*ProjectIteration, *Response, error) {
+// https://docs.gitlab.com/api/iterations/#list-project-iterations
+func (i *ProjectIterationsService) ListProjectIterations(pid any, opt *ListProjectIterationsOptions, options ...RequestOptionFunc) ([]*ProjectIteration, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_managed_licenses.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_managed_licenses.go
deleted file mode 100644
index d5f090349c..0000000000
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_managed_licenses.go
+++ /dev/null
@@ -1,200 +0,0 @@
-//
-// Copyright 2021, Andrea Perizzato
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-package gitlab
-
-import (
-	"fmt"
-	"net/http"
-)
-
-type (
-	ManagedLicensesServiceInterface interface {
-		ListManagedLicenses(pid interface{}, options ...RequestOptionFunc) ([]*ManagedLicense, *Response, error)
-		GetManagedLicense(pid, mlid interface{}, options ...RequestOptionFunc) (*ManagedLicense, *Response, error)
-		AddManagedLicense(pid interface{}, opt *AddManagedLicenseOptions, options ...RequestOptionFunc) (*ManagedLicense, *Response, error)
-		DeleteManagedLicense(pid, mlid interface{}, options ...RequestOptionFunc) (*Response, error)
-		EditManagedLicense(pid, mlid interface{}, opt *EditManagedLicenceOptions, options ...RequestOptionFunc) (*ManagedLicense, *Response, error)
-	}
-
-	// ManagedLicensesService handles communication with the managed licenses
-	// methods of the GitLab API.
-	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/managed_licenses.html
-	ManagedLicensesService struct {
-		client *Client
-	}
-)
-
-var _ ManagedLicensesServiceInterface = (*ManagedLicensesService)(nil)
-
-// ManagedLicense represents a managed license.
-//
-// GitLab API docs: https://docs.gitlab.com/ee/api/managed_licenses.html
-type ManagedLicense struct {
-	ID             int                        `json:"id"`
-	Name           string                     `json:"name"`
-	ApprovalStatus LicenseApprovalStatusValue `json:"approval_status"`
-}
-
-// ListManagedLicenses returns a list of managed licenses from a project.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/managed_licenses.html#list-managed-licenses
-func (s *ManagedLicensesService) ListManagedLicenses(pid interface{}, options ...RequestOptionFunc) ([]*ManagedLicense, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/managed_licenses", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var mls []*ManagedLicense
-	resp, err := s.client.Do(req, &mls)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return mls, resp, nil
-}
-
-// GetManagedLicense returns an existing managed license.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/managed_licenses.html#show-an-existing-managed-license
-func (s *ManagedLicensesService) GetManagedLicense(pid, mlid interface{}, options ...RequestOptionFunc) (*ManagedLicense, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	license, err := parseID(mlid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/managed_licenses/%s", PathEscape(project), PathEscape(license))
-
-	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	ml := new(ManagedLicense)
-	resp, err := s.client.Do(req, ml)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return ml, resp, nil
-}
-
-// AddManagedLicenseOptions represents the available AddManagedLicense() options.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/managed_licenses.html#create-a-new-managed-license
-type AddManagedLicenseOptions struct {
-	Name           *string                     `url:"name,omitempty" json:"name,omitempty"`
-	ApprovalStatus *LicenseApprovalStatusValue `url:"approval_status,omitempty" json:"approval_status,omitempty"`
-}
-
-// AddManagedLicense adds a managed license to a project.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/managed_licenses.html#create-a-new-managed-license
-func (s *ManagedLicensesService) AddManagedLicense(pid interface{}, opt *AddManagedLicenseOptions, options ...RequestOptionFunc) (*ManagedLicense, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/managed_licenses", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodPost, u, opt, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	ml := new(ManagedLicense)
-	resp, err := s.client.Do(req, ml)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return ml, resp, nil
-}
-
-// DeleteManagedLicense deletes a managed license with a given ID.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/managed_licenses.html#delete-a-managed-license
-func (s *ManagedLicensesService) DeleteManagedLicense(pid, mlid interface{}, options ...RequestOptionFunc) (*Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, err
-	}
-	license, err := parseID(mlid)
-	if err != nil {
-		return nil, err
-	}
-	u := fmt.Sprintf("projects/%s/managed_licenses/%s", PathEscape(project), PathEscape(license))
-
-	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(req, nil)
-}
-
-// EditManagedLicenceOptions represents the available EditManagedLicense() options.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/managed_licenses.html#edit-an-existing-managed-license
-type EditManagedLicenceOptions struct {
-	ApprovalStatus *LicenseApprovalStatusValue `url:"approval_status,omitempty" json:"approval_status,omitempty"`
-}
-
-// EditManagedLicense updates an existing managed license with a new approval
-// status.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/managed_licenses.html#edit-an-existing-managed-license
-func (s *ManagedLicensesService) EditManagedLicense(pid, mlid interface{}, opt *EditManagedLicenceOptions, options ...RequestOptionFunc) (*ManagedLicense, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	license, err := parseID(mlid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/managed_licenses/%s", PathEscape(project), PathEscape(license))
-
-	req, err := s.client.NewRequest(http.MethodPatch, u, opt, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	ml := new(ManagedLicense)
-	resp, err := s.client.Do(req, ml)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return ml, resp, nil
-}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_markdown_uploads.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_markdown_uploads.go
index 462098ee8e..b7d0ea307e 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_markdown_uploads.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_markdown_uploads.go
@@ -17,27 +17,26 @@
 package gitlab
 
 import (
-	"bytes"
 	"fmt"
 	"io"
 	"net/http"
-	"time"
 )
 
 type (
 	ProjectMarkdownUploadsServiceInterface interface {
-		UploadProjectMarkdown(pid interface{}, content io.Reader, filename string, options ...RequestOptionFunc) (*ProjectMarkdownUploadedFile, *Response, error)
-		ListProjectMarkdownUploads(pid interface{}, options ...RequestOptionFunc) ([]*ProjectMarkdownUpload, *Response, error)
-		DownloadProjectMarkdownUploadByID(pid interface{}, uploadID int, options ...RequestOptionFunc) ([]byte, *Response, error)
-		DownloadProjectMarkdownUploadBySecretAndFilename(pid interface{}, secret string, filename string, options ...RequestOptionFunc) ([]byte, *Response, error)
-		DeleteProjectMarkdownUploadByID(pid interface{}, uploadID int, options ...RequestOptionFunc) (*Response, error)
-		DeleteProjectMarkdownUploadBySecretAndFilename(pid interface{}, secret string, filename string, options ...RequestOptionFunc) (*Response, error)
+		UploadProjectMarkdown(pid any, content io.Reader, filename string, options ...RequestOptionFunc) (*ProjectMarkdownUploadedFile, *Response, error)
+		ListProjectMarkdownUploads(pid any, options ...RequestOptionFunc) ([]*ProjectMarkdownUpload, *Response, error)
+		DownloadProjectMarkdownUploadByID(pid any, uploadID int, options ...RequestOptionFunc) ([]byte, *Response, error)
+		DownloadProjectMarkdownUploadBySecretAndFilename(pid any, secret string, filename string, options ...RequestOptionFunc) ([]byte, *Response, error)
+		DeleteProjectMarkdownUploadByID(pid any, uploadID int, options ...RequestOptionFunc) (*Response, error)
+		DeleteProjectMarkdownUploadBySecretAndFilename(pid any, secret string, filename string, options ...RequestOptionFunc) (*Response, error)
 	}
 
-	// ProjectMarkdownUploadsService handles communication with the project markdown uploads
-	// related methods of the GitLab API.
+	// MarkdownUploadsService handles communication with the project
+	// markdown uploads related methods of the GitLab API.
 	//
-	// Gitlab API docs: https://docs.gitlab.com/ee/api/project_markdown_uploads.html
+	// GitLab API docs:
+	// https://docs.gitlab.com/api/project_markdown_uploads/
 	ProjectMarkdownUploadsService struct {
 		client *Client
 	}
@@ -45,40 +44,17 @@ type (
 
 var _ ProjectMarkdownUploadsServiceInterface = (*ProjectMarkdownUploadsService)(nil)
 
-// ProjectMarkdownUploadedFile represents a single project markdown uploaded file.
-//
-// Gitlab API docs: https://docs.gitlab.com/ee/api/project_markdown_uploads.html
-type ProjectMarkdownUploadedFile struct {
-	ID       int    `json:"id"`
-	Alt      string `json:"alt"`
-	URL      string `json:"url"`
-	FullPath string `json:"full_path"`
-	Markdown string `json:"markdown"`
-}
-
-// ProjectMarkdownUpload represents a single project markdown upload.
-//
-// Gitlab API docs: https://docs.gitlab.com/ee/api/project_markdown_uploads.html
-type ProjectMarkdownUpload struct {
-	ID         int        `json:"id"`
-	Size       int        `json:"size"`
-	Filename   string     `json:"filename"`
-	CreatedAt  *time.Time `json:"created_at"`
-	UploadedBy *User      `json:"uploaded_by"`
-}
-
-// Gets a string representation of a ProjectMarkdownUpload.
-//
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_markdown_uploads.html
-func (m ProjectMarkdownUpload) String() string {
-	return Stringify(m)
-}
+// Type aliases for backward compatibility
+type (
+	ProjectMarkdownUpload       = MarkdownUpload
+	ProjectMarkdownUploadedFile = MarkdownUploadedFile
+)
 
 // UploadProjectMarkdown uploads a markdown file to a project.
 //
 // GitLab docs:
-// https://docs.gitlab.com/ee/api/project_markdown_uploads.html#upload-a-file
-func (s *ProjectMarkdownUploadsService) UploadProjectMarkdown(pid interface{}, content io.Reader, filename string, options ...RequestOptionFunc) (*ProjectMarkdownUploadedFile, *Response, error) {
+// https://docs.gitlab.com/api/project_markdown_uploads/#upload-a-file
+func (s *ProjectMarkdownUploadsService) UploadProjectMarkdown(pid any, content io.Reader, filename string, options ...RequestOptionFunc) (*ProjectMarkdownUploadedFile, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -110,115 +86,49 @@ func (s *ProjectMarkdownUploadsService) UploadProjectMarkdown(pid interface{}, c
 // ListProjectMarkdownUploads gets all markdown uploads for a project.
 //
 // GitLab API Docs:
-// https://docs.gitlab.com/ee/api/project_markdown_uploads.html#list-uploads
-func (s *ProjectMarkdownUploadsService) ListProjectMarkdownUploads(pid interface{}, options ...RequestOptionFunc) ([]*ProjectMarkdownUpload, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/uploads", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var uploads []*ProjectMarkdownUpload
-	resp, err := s.client.Do(req, &uploads)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return uploads, resp, err
+// https://docs.gitlab.com/api/project_markdown_uploads/#list-uploads
+func (s *ProjectMarkdownUploadsService) ListProjectMarkdownUploads(pid any, options ...RequestOptionFunc) ([]*ProjectMarkdownUpload, *Response, error) {
+	return listMarkdownUploads[ProjectMarkdownUpload](s.client, ProjectResource, pid, nil, options)
 }
 
 // DownloadProjectMarkdownUploadByID downloads a specific upload by ID.
 //
 // GitLab API Docs:
-// https://docs.gitlab.com/ee/api/project_markdown_uploads.html#download-an-uploaded-file-by-id
-func (s *ProjectMarkdownUploadsService) DownloadProjectMarkdownUploadByID(pid interface{}, uploadID int, options ...RequestOptionFunc) ([]byte, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/uploads/%d", PathEscape(project), uploadID)
-
-	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var f bytes.Buffer
-	resp, err := s.client.Do(req, &f)
+// https://docs.gitlab.com/api/project_markdown_uploads/#download-an-uploaded-file-by-id
+func (s *ProjectMarkdownUploadsService) DownloadProjectMarkdownUploadByID(pid any, uploadID int, options ...RequestOptionFunc) ([]byte, *Response, error) {
+	buffer, resp, err := downloadMarkdownUploadByID(s.client, ProjectResource, pid, uploadID, options)
 	if err != nil {
 		return nil, resp, err
 	}
-
-	return f.Bytes(), resp, err
+	return buffer.Bytes(), resp, nil
 }
 
 // DownloadProjectMarkdownUploadBySecretAndFilename downloads a specific upload
 // by secret and filename.
 //
 // GitLab API Docs:
-// https://docs.gitlab.com/ee/api/project_markdown_uploads.html#download-an-uploaded-file-by-secret-and-filename
-func (s *ProjectMarkdownUploadsService) DownloadProjectMarkdownUploadBySecretAndFilename(pid interface{}, secret string, filename string, options ...RequestOptionFunc) ([]byte, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/uploads/%s/%s", PathEscape(project), PathEscape(secret), PathEscape(filename))
-
-	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var f bytes.Buffer
-	resp, err := s.client.Do(req, &f)
+// https://docs.gitlab.com/api/project_markdown_uploads/#download-an-uploaded-file-by-secret-and-filename
+func (s *ProjectMarkdownUploadsService) DownloadProjectMarkdownUploadBySecretAndFilename(pid any, secret string, filename string, options ...RequestOptionFunc) ([]byte, *Response, error) {
+	buffer, resp, err := downloadMarkdownUploadBySecretAndFilename(s.client, ProjectResource, pid, secret, filename, options)
 	if err != nil {
 		return nil, resp, err
 	}
-
-	return f.Bytes(), resp, err
+	return buffer.Bytes(), resp, nil
 }
 
 // DeleteProjectMarkdownUploadByID deletes an upload by ID.
 //
 // GitLab API Docs:
-// https://docs.gitlab.com/ee/api/project_markdown_uploads.html#delete-an-uploaded-file-by-id
-func (s *ProjectMarkdownUploadsService) DeleteProjectMarkdownUploadByID(pid interface{}, uploadID int, options ...RequestOptionFunc) (*Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, err
-	}
-	u := fmt.Sprintf("projects/%s/uploads/%d", PathEscape(project), uploadID)
-
-	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(req, nil)
+// https://docs.gitlab.com/api/project_markdown_uploads/#delete-an-uploaded-file-by-id
+func (s *ProjectMarkdownUploadsService) DeleteProjectMarkdownUploadByID(pid any, uploadID int, options ...RequestOptionFunc) (*Response, error) {
+	return deleteMarkdownUploadByID(s.client, ProjectResource, pid, uploadID, options)
 }
 
 // DeleteProjectMarkdownUploadBySecretAndFilename deletes an upload
 // by secret and filename.
 //
 // GitLab API Docs:
-// https://docs.gitlab.com/ee/api/project_markdown_uploads.html#delete-an-uploaded-file-by-secret-and-filename
-func (s *ProjectMarkdownUploadsService) DeleteProjectMarkdownUploadBySecretAndFilename(pid interface{}, secret string, filename string, options ...RequestOptionFunc) (*Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, err
-	}
-	u := fmt.Sprintf("projects/%s/uploads/%s/%s",
-		PathEscape(project), PathEscape(secret), PathEscape(filename))
-
-	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(req, nil)
+// https://docs.gitlab.com/api/project_markdown_uploads/#delete-an-uploaded-file-by-secret-and-filename
+func (s *ProjectMarkdownUploadsService) DeleteProjectMarkdownUploadBySecretAndFilename(pid any, secret string, filename string, options ...RequestOptionFunc) (*Response, error) {
+	return deleteMarkdownUploadBySecretAndFilename(s.client, ProjectResource, pid, secret, filename, options)
 }
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_members.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_members.go
index 9e108ccad3..fa4bbcef7c 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_members.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_members.go
@@ -24,19 +24,19 @@ import (
 
 type (
 	ProjectMembersServiceInterface interface {
-		ListProjectMembers(pid interface{}, opt *ListProjectMembersOptions, options ...RequestOptionFunc) ([]*ProjectMember, *Response, error)
-		ListAllProjectMembers(pid interface{}, opt *ListProjectMembersOptions, options ...RequestOptionFunc) ([]*ProjectMember, *Response, error)
-		GetProjectMember(pid interface{}, user int, options ...RequestOptionFunc) (*ProjectMember, *Response, error)
-		GetInheritedProjectMember(pid interface{}, user int, options ...RequestOptionFunc) (*ProjectMember, *Response, error)
-		AddProjectMember(pid interface{}, opt *AddProjectMemberOptions, options ...RequestOptionFunc) (*ProjectMember, *Response, error)
-		EditProjectMember(pid interface{}, user int, opt *EditProjectMemberOptions, options ...RequestOptionFunc) (*ProjectMember, *Response, error)
-		DeleteProjectMember(pid interface{}, user int, options ...RequestOptionFunc) (*Response, error)
+		ListProjectMembers(pid any, opt *ListProjectMembersOptions, options ...RequestOptionFunc) ([]*ProjectMember, *Response, error)
+		ListAllProjectMembers(pid any, opt *ListProjectMembersOptions, options ...RequestOptionFunc) ([]*ProjectMember, *Response, error)
+		GetProjectMember(pid any, user int, options ...RequestOptionFunc) (*ProjectMember, *Response, error)
+		GetInheritedProjectMember(pid any, user int, options ...RequestOptionFunc) (*ProjectMember, *Response, error)
+		AddProjectMember(pid any, opt *AddProjectMemberOptions, options ...RequestOptionFunc) (*ProjectMember, *Response, error)
+		EditProjectMember(pid any, user int, opt *EditProjectMemberOptions, options ...RequestOptionFunc) (*ProjectMember, *Response, error)
+		DeleteProjectMember(pid any, user int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ProjectMembersService handles communication with the project members
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/members.html
+	// GitLab API docs: https://docs.gitlab.com/api/members/
 	ProjectMembersService struct {
 		client *Client
 	}
@@ -47,7 +47,7 @@ var _ ProjectMembersServiceInterface = (*ProjectMembersService)(nil)
 // ProjectMember represents a project member.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html
+// https://docs.gitlab.com/api/members/
 type ProjectMember struct {
 	ID          int              `json:"id"`
 	Username    string           `json:"username"`
@@ -66,7 +66,7 @@ type ProjectMember struct {
 // ListAllProjectMembers() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html#list-all-members-of-a-group-or-project
+// https://docs.gitlab.com/api/members/#list-all-members-of-a-group-or-project
 type ListProjectMembersOptions struct {
 	ListOptions
 	Query   *string `url:"query,omitempty" json:"query,omitempty"`
@@ -78,8 +78,8 @@ type ListProjectMembersOptions struct {
 // through ancestors groups.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html#list-all-members-of-a-group-or-project
-func (s *ProjectMembersService) ListProjectMembers(pid interface{}, opt *ListProjectMembersOptions, options ...RequestOptionFunc) ([]*ProjectMember, *Response, error) {
+// https://docs.gitlab.com/api/members/#list-all-members-of-a-group-or-project
+func (s *ProjectMembersService) ListProjectMembers(pid any, opt *ListProjectMembersOptions, options ...RequestOptionFunc) ([]*ProjectMember, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -105,8 +105,8 @@ func (s *ProjectMembersService) ListProjectMembers(pid interface{}, opt *ListPro
 // ancestor groups.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html#list-all-members-of-a-group-or-project-including-inherited-and-invited-members
-func (s *ProjectMembersService) ListAllProjectMembers(pid interface{}, opt *ListProjectMembersOptions, options ...RequestOptionFunc) ([]*ProjectMember, *Response, error) {
+// https://docs.gitlab.com/api/members/#list-all-members-of-a-group-or-project-including-inherited-and-invited-members
+func (s *ProjectMembersService) ListAllProjectMembers(pid any, opt *ListProjectMembersOptions, options ...RequestOptionFunc) ([]*ProjectMember, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -130,8 +130,8 @@ func (s *ProjectMembersService) ListAllProjectMembers(pid interface{}, opt *List
 // GetProjectMember gets a project team member.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html#get-a-member-of-a-group-or-project
-func (s *ProjectMembersService) GetProjectMember(pid interface{}, user int, options ...RequestOptionFunc) (*ProjectMember, *Response, error) {
+// https://docs.gitlab.com/api/members/#get-a-member-of-a-group-or-project
+func (s *ProjectMembersService) GetProjectMember(pid any, user int, options ...RequestOptionFunc) (*ProjectMember, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -155,8 +155,8 @@ func (s *ProjectMembersService) GetProjectMember(pid interface{}, user int, opti
 // GetInheritedProjectMember gets a project team member, including inherited
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html#get-a-member-of-a-group-or-project-including-inherited-and-invited-members
-func (s *ProjectMembersService) GetInheritedProjectMember(pid interface{}, user int, options ...RequestOptionFunc) (*ProjectMember, *Response, error) {
+// https://docs.gitlab.com/api/members/#get-a-member-of-a-group-or-project-including-inherited-and-invited-members
+func (s *ProjectMembersService) GetInheritedProjectMember(pid any, user int, options ...RequestOptionFunc) (*ProjectMember, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -180,9 +180,9 @@ func (s *ProjectMembersService) GetInheritedProjectMember(pid interface{}, user
 // AddProjectMemberOptions represents the available AddProjectMember() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html#add-a-member-to-a-group-or-project
+// https://docs.gitlab.com/api/members/#add-a-member-to-a-group-or-project
 type AddProjectMemberOptions struct {
-	UserID       interface{}       `url:"user_id,omitempty" json:"user_id,omitempty"`
+	UserID       any               `url:"user_id,omitempty" json:"user_id,omitempty"`
 	Username     *string           `url:"username,omitempty" json:"username,omitempty"`
 	AccessLevel  *AccessLevelValue `url:"access_level,omitempty" json:"access_level,omitempty"`
 	ExpiresAt    *string           `url:"expires_at,omitempty" json:"expires_at"`
@@ -195,8 +195,8 @@ type AddProjectMemberOptions struct {
 // existing membership.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html#add-a-member-to-a-group-or-project
-func (s *ProjectMembersService) AddProjectMember(pid interface{}, opt *AddProjectMemberOptions, options ...RequestOptionFunc) (*ProjectMember, *Response, error) {
+// https://docs.gitlab.com/api/members/#add-a-member-to-a-group-or-project
+func (s *ProjectMembersService) AddProjectMember(pid any, opt *AddProjectMemberOptions, options ...RequestOptionFunc) (*ProjectMember, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -220,7 +220,7 @@ func (s *ProjectMembersService) AddProjectMember(pid interface{}, opt *AddProjec
 // EditProjectMemberOptions represents the available EditProjectMember() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html#edit-a-member-of-a-group-or-project
+// https://docs.gitlab.com/api/members/#edit-a-member-of-a-group-or-project
 type EditProjectMemberOptions struct {
 	AccessLevel  *AccessLevelValue `url:"access_level,omitempty" json:"access_level,omitempty"`
 	ExpiresAt    *string           `url:"expires_at,omitempty" json:"expires_at,omitempty"`
@@ -230,8 +230,8 @@ type EditProjectMemberOptions struct {
 // EditProjectMember updates a project team member to a specified access level..
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html#edit-a-member-of-a-group-or-project
-func (s *ProjectMembersService) EditProjectMember(pid interface{}, user int, opt *EditProjectMemberOptions, options ...RequestOptionFunc) (*ProjectMember, *Response, error) {
+// https://docs.gitlab.com/api/members/#edit-a-member-of-a-group-or-project
+func (s *ProjectMembersService) EditProjectMember(pid any, user int, opt *EditProjectMemberOptions, options ...RequestOptionFunc) (*ProjectMember, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -255,8 +255,8 @@ func (s *ProjectMembersService) EditProjectMember(pid interface{}, user int, opt
 // DeleteProjectMember removes a user from a project team.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/members.html#remove-a-member-from-a-group-or-project
-func (s *ProjectMembersService) DeleteProjectMember(pid interface{}, user int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/members/#remove-a-member-from-a-group-or-project
+func (s *ProjectMembersService) DeleteProjectMember(pid any, user int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_mirror.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_mirror.go
index 7b500a5dd5..c8ef609700 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_mirror.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_mirror.go
@@ -24,18 +24,18 @@ import (
 
 type (
 	ProjectMirrorServiceInterface interface {
-		ListProjectMirror(pid interface{}, opt *ListProjectMirrorOptions, options ...RequestOptionFunc) ([]*ProjectMirror, *Response, error)
-		GetProjectMirror(pid interface{}, mirror int, options ...RequestOptionFunc) (*ProjectMirror, *Response, error)
-		GetProjectMirrorPublicKey(pid interface{}, mirror int, options ...RequestOptionFunc) (*ProjectMirrorPublicKey, *Response, error)
-		AddProjectMirror(pid interface{}, opt *AddProjectMirrorOptions, options ...RequestOptionFunc) (*ProjectMirror, *Response, error)
-		EditProjectMirror(pid interface{}, mirror int, opt *EditProjectMirrorOptions, options ...RequestOptionFunc) (*ProjectMirror, *Response, error)
-		DeleteProjectMirror(pid interface{}, mirror int, options ...RequestOptionFunc) (*Response, error)
+		ListProjectMirror(pid any, opt *ListProjectMirrorOptions, options ...RequestOptionFunc) ([]*ProjectMirror, *Response, error)
+		GetProjectMirror(pid any, mirror int, options ...RequestOptionFunc) (*ProjectMirror, *Response, error)
+		GetProjectMirrorPublicKey(pid any, mirror int, options ...RequestOptionFunc) (*ProjectMirrorPublicKey, *Response, error)
+		AddProjectMirror(pid any, opt *AddProjectMirrorOptions, options ...RequestOptionFunc) (*ProjectMirror, *Response, error)
+		EditProjectMirror(pid any, mirror int, opt *EditProjectMirrorOptions, options ...RequestOptionFunc) (*ProjectMirror, *Response, error)
+		DeleteProjectMirror(pid any, mirror int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ProjectMirrorService handles communication with the project mirror
 	// related methods of the GitLab API.
 	//
-	// GitLAb API docs: https://docs.gitlab.com/ee/api/remote_mirrors.html
+	// GitLAb API docs: https://docs.gitlab.com/api/remote_mirrors/
 	ProjectMirrorService struct {
 		client *Client
 	}
@@ -45,7 +45,7 @@ var _ ProjectMirrorServiceInterface = (*ProjectMirrorService)(nil)
 
 // ProjectMirror represents a project mirror configuration.
 //
-// GitLAb API docs: https://docs.gitlab.com/ee/api/remote_mirrors.html
+// GitLAb API docs: https://docs.gitlab.com/api/remote_mirrors/
 type ProjectMirror struct {
 	Enabled                bool       `json:"enabled"`
 	ID                     int        `json:"id"`
@@ -71,8 +71,8 @@ type ListProjectMirrorOptions ListOptions
 // ListProjectMirror gets a list of mirrors configured on the project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/remote_mirrors.html#list-a-projects-remote-mirrors
-func (s *ProjectMirrorService) ListProjectMirror(pid interface{}, opt *ListProjectMirrorOptions, options ...RequestOptionFunc) ([]*ProjectMirror, *Response, error) {
+// https://docs.gitlab.com/api/remote_mirrors/#list-a-projects-remote-mirrors
+func (s *ProjectMirrorService) ListProjectMirror(pid any, opt *ListProjectMirrorOptions, options ...RequestOptionFunc) ([]*ProjectMirror, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -96,8 +96,8 @@ func (s *ProjectMirrorService) ListProjectMirror(pid interface{}, opt *ListProje
 // GetProjectMirror gets a single mirror configured on the project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/remote_mirrors.html#get-a-single-projects-remote-mirror
-func (s *ProjectMirrorService) GetProjectMirror(pid interface{}, mirror int, options ...RequestOptionFunc) (*ProjectMirror, *Response, error) {
+// https://docs.gitlab.com/api/remote_mirrors/#get-a-single-projects-remote-mirror
+func (s *ProjectMirrorService) GetProjectMirror(pid any, mirror int, options ...RequestOptionFunc) (*ProjectMirror, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -122,7 +122,7 @@ func (s *ProjectMirrorService) GetProjectMirror(pid interface{}, mirror int, opt
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/remote_mirrors/#get-a-single-projects-remote-mirror-public-key
-func (s *ProjectMirrorService) GetProjectMirrorPublicKey(pid interface{}, mirror int, options ...RequestOptionFunc) (*ProjectMirrorPublicKey, *Response, error) {
+func (s *ProjectMirrorService) GetProjectMirrorPublicKey(pid any, mirror int, options ...RequestOptionFunc) (*ProjectMirrorPublicKey, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -147,7 +147,7 @@ func (s *ProjectMirrorService) GetProjectMirrorPublicKey(pid interface{}, mirror
 // a new project mirror.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/remote_mirrors.html#create-a-push-mirror
+// https://docs.gitlab.com/api/remote_mirrors/#create-a-push-mirror
 type AddProjectMirrorOptions struct {
 	URL                   *string `url:"url,omitempty" json:"url,omitempty"`
 	Enabled               *bool   `url:"enabled,omitempty" json:"enabled,omitempty"`
@@ -160,8 +160,8 @@ type AddProjectMirrorOptions struct {
 // AddProjectMirror creates a new mirror on the project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/remote_mirrors.html#create-a-push-mirror
-func (s *ProjectMirrorService) AddProjectMirror(pid interface{}, opt *AddProjectMirrorOptions, options ...RequestOptionFunc) (*ProjectMirror, *Response, error) {
+// https://docs.gitlab.com/api/remote_mirrors/#create-a-push-mirror
+func (s *ProjectMirrorService) AddProjectMirror(pid any, opt *AddProjectMirrorOptions, options ...RequestOptionFunc) (*ProjectMirror, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -186,7 +186,7 @@ func (s *ProjectMirrorService) AddProjectMirror(pid interface{}, opt *AddProject
 // an existing project mirror.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/remote_mirrors.html#update-a-remote-mirrors-attributes
+// https://docs.gitlab.com/api/remote_mirrors/#update-a-remote-mirrors-attributes
 type EditProjectMirrorOptions struct {
 	Enabled               *bool   `url:"enabled,omitempty" json:"enabled,omitempty"`
 	KeepDivergentRefs     *bool   `url:"keep_divergent_refs,omitempty" json:"keep_divergent_refs,omitempty"`
@@ -198,8 +198,8 @@ type EditProjectMirrorOptions struct {
 // EditProjectMirror updates a project team member to a specified access level..
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/remote_mirrors.html#update-a-remote-mirrors-attributes
-func (s *ProjectMirrorService) EditProjectMirror(pid interface{}, mirror int, opt *EditProjectMirrorOptions, options ...RequestOptionFunc) (*ProjectMirror, *Response, error) {
+// https://docs.gitlab.com/api/remote_mirrors/#update-a-remote-mirrors-attributes
+func (s *ProjectMirrorService) EditProjectMirror(pid any, mirror int, opt *EditProjectMirrorOptions, options ...RequestOptionFunc) (*ProjectMirror, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -223,8 +223,8 @@ func (s *ProjectMirrorService) EditProjectMirror(pid interface{}, mirror int, op
 // DeleteProjectMirror deletes a project mirror.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/remote_mirrors.html#delete-a-remote-mirror
-func (s *ProjectMirrorService) DeleteProjectMirror(pid interface{}, mirror int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/remote_mirrors/#delete-a-remote-mirror
+func (s *ProjectMirrorService) DeleteProjectMirror(pid any, mirror int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_repository_storage_move.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_repository_storage_move.go
index a5a8900344..fe23dfbc8c 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_repository_storage_move.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_repository_storage_move.go
@@ -36,7 +36,7 @@ type (
 	// repositories related methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html
+	// https://docs.gitlab.com/api/project_repository_storage_moves/
 	ProjectRepositoryStorageMoveService struct {
 		client *Client
 	}
@@ -47,7 +47,7 @@ var _ ProjectRepositoryStorageMoveServiceInterface = (*ProjectRepositoryStorageM
 // ProjectRepositoryStorageMove represents the status of a repository move.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html
+// https://docs.gitlab.com/api/project_repository_storage_moves/
 type ProjectRepositoryStorageMove struct {
 	ID                     int                `json:"id"`
 	CreatedAt              *time.Time         `json:"created_at"`
@@ -71,14 +71,14 @@ type RepositoryProject struct {
 // RetrieveAllStorageMoves() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html#retrieve-all-project-repository-storage-moves
+// https://docs.gitlab.com/api/project_repository_storage_moves/#retrieve-all-project-repository-storage-moves
 type RetrieveAllProjectStorageMovesOptions ListOptions
 
 // RetrieveAllStorageMoves retrieves all project repository storage moves
 // accessible by the authenticated user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html#retrieve-all-project-repository-storage-moves
+// https://docs.gitlab.com/api/project_repository_storage_moves/#retrieve-all-project-repository-storage-moves
 func (p ProjectRepositoryStorageMoveService) RetrieveAllStorageMoves(opts RetrieveAllProjectStorageMovesOptions, options ...RequestOptionFunc) ([]*ProjectRepositoryStorageMove, *Response, error) {
 	req, err := p.client.NewRequest(http.MethodGet, "project_repository_storage_moves", opts, options)
 	if err != nil {
@@ -98,7 +98,7 @@ func (p ProjectRepositoryStorageMoveService) RetrieveAllStorageMoves(opts Retrie
 // a single project accessible by the authenticated user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html#retrieve-all-repository-storage-moves-for-a-project
+// https://docs.gitlab.com/api/project_repository_storage_moves/#retrieve-all-repository-storage-moves-for-a-project
 func (p ProjectRepositoryStorageMoveService) RetrieveAllStorageMovesForProject(project int, opts RetrieveAllProjectStorageMovesOptions, options ...RequestOptionFunc) ([]*ProjectRepositoryStorageMove, *Response, error) {
 	u := fmt.Sprintf("projects/%d/repository_storage_moves", project)
 
@@ -119,7 +119,7 @@ func (p ProjectRepositoryStorageMoveService) RetrieveAllStorageMovesForProject(p
 // GetStorageMove gets a single project repository storage move.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html#get-a-single-project-repository-storage-move
+// https://docs.gitlab.com/api/project_repository_storage_moves/#get-a-single-project-repository-storage-move
 func (p ProjectRepositoryStorageMoveService) GetStorageMove(repositoryStorage int, options ...RequestOptionFunc) (*ProjectRepositoryStorageMove, *Response, error) {
 	u := fmt.Sprintf("project_repository_storage_moves/%d", repositoryStorage)
 
@@ -140,7 +140,7 @@ func (p ProjectRepositoryStorageMoveService) GetStorageMove(repositoryStorage in
 // GetStorageMoveForProject gets a single repository storage move for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html#get-a-single-repository-storage-move-for-a-project
+// https://docs.gitlab.com/api/project_repository_storage_moves/#get-a-single-repository-storage-move-for-a-project
 func (p ProjectRepositoryStorageMoveService) GetStorageMoveForProject(project int, repositoryStorage int, options ...RequestOptionFunc) (*ProjectRepositoryStorageMove, *Response, error) {
 	u := fmt.Sprintf("projects/%d/repository_storage_moves/%d", project, repositoryStorage)
 
@@ -162,7 +162,7 @@ func (p ProjectRepositoryStorageMoveService) GetStorageMoveForProject(project in
 // ScheduleStorageMoveForProject() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html#schedule-a-repository-storage-move-for-a-project
+// https://docs.gitlab.com/api/project_repository_storage_moves/#schedule-a-repository-storage-move-for-a-project
 type ScheduleStorageMoveForProjectOptions struct {
 	DestinationStorageName *string `url:"destination_storage_name,omitempty" json:"destination_storage_name,omitempty"`
 }
@@ -170,7 +170,7 @@ type ScheduleStorageMoveForProjectOptions struct {
 // ScheduleStorageMoveForProject schedule a repository to be moved for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html#schedule-a-repository-storage-move-for-a-project
+// https://docs.gitlab.com/api/project_repository_storage_moves/#schedule-a-repository-storage-move-for-a-project
 func (p ProjectRepositoryStorageMoveService) ScheduleStorageMoveForProject(project int, opts ScheduleStorageMoveForProjectOptions, options ...RequestOptionFunc) (*ProjectRepositoryStorageMove, *Response, error) {
 	u := fmt.Sprintf("projects/%d/repository_storage_moves", project)
 
@@ -192,7 +192,7 @@ func (p ProjectRepositoryStorageMoveService) ScheduleStorageMoveForProject(proje
 // ScheduleAllStorageMoves() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html#schedule-repository-storage-moves-for-all-projects-on-a-storage-shard
+// https://docs.gitlab.com/api/project_repository_storage_moves/#schedule-repository-storage-moves-for-all-projects-on-a-storage-shard
 type ScheduleAllProjectStorageMovesOptions struct {
 	SourceStorageName      *string `url:"source_storage_name,omitempty" json:"source_storage_name,omitempty"`
 	DestinationStorageName *string `url:"destination_storage_name,omitempty" json:"destination_storage_name,omitempty"`
@@ -201,7 +201,7 @@ type ScheduleAllProjectStorageMovesOptions struct {
 // ScheduleAllStorageMoves schedules all repositories to be moved.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_repository_storage_moves.html#schedule-repository-storage-moves-for-all-projects-on-a-storage-shard
+// https://docs.gitlab.com/api/project_repository_storage_moves/#schedule-repository-storage-moves-for-all-projects-on-a-storage-shard
 func (p ProjectRepositoryStorageMoveService) ScheduleAllStorageMoves(opts ScheduleAllProjectStorageMovesOptions, options ...RequestOptionFunc) (*Response, error) {
 	req, err := p.client.NewRequest(http.MethodPost, "project_repository_storage_moves", opts, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_security_settings.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_security_settings.go
index 8d53092049..028d62724d 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_security_settings.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_security_settings.go
@@ -23,15 +23,15 @@ import (
 
 type (
 	ProjectSecuritySettingsServiceInterface interface {
-		ListProjectSecuritySettings(pid interface{}, options ...RequestOptionFunc) (*ProjectSecuritySettings, *Response, error)
-		UpdateSecretPushProtectionEnabledSetting(pid interface{}, opt UpdateProjectSecuritySettingsOptions, options ...RequestOptionFunc) (*ProjectSecuritySettings, *Response, error)
+		ListProjectSecuritySettings(pid any, options ...RequestOptionFunc) (*ProjectSecuritySettings, *Response, error)
+		UpdateSecretPushProtectionEnabledSetting(pid any, opt UpdateProjectSecuritySettingsOptions, options ...RequestOptionFunc) (*ProjectSecuritySettings, *Response, error)
 	}
 
 	// ProjectSecuritySettingsService handles communication with the Project Security Settings
 	// related methods of the GitLab API.
 	//
 	// Gitlab API docs:
-	// https://docs.gitlab.com/ee/api/project_security_settings.html
+	// https://docs.gitlab.com/api/project_security_settings/
 	ProjectSecuritySettingsService struct {
 		client *Client
 	}
@@ -42,7 +42,7 @@ var _ ProjectSecuritySettingsServiceInterface = (*ProjectSecuritySettingsService
 // ProjectSecuritySettings represents the project security settings data.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/project_security_settings.html
+// https://docs.gitlab.com/api/project_security_settings/
 type ProjectSecuritySettings struct {
 	ProjectID                           int64      `json:"project_id"`
 	CreatedAt                           *time.Time `json:"created_at"`
@@ -59,7 +59,7 @@ type ProjectSecuritySettings struct {
 // Gets a string representation of the ProjectSecuritySettings data.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_security_settings.html
+// https://docs.gitlab.com/api/project_security_settings/
 func (s ProjectSecuritySettings) String() string {
 	return Stringify(s)
 }
@@ -67,8 +67,8 @@ func (s ProjectSecuritySettings) String() string {
 // ListProjectSecuritySettings lists all of a project's security settings.
 //
 // GitLab API Docs:
-// https://docs.gitlab.com/ee/api/project_security_settings.html#list-project-security-settings
-func (s *ProjectSecuritySettingsService) ListProjectSecuritySettings(pid interface{}, options ...RequestOptionFunc) (*ProjectSecuritySettings, *Response, error) {
+// https://docs.gitlab.com/api/project_security_settings/#list-project-security-settings
+func (s *ProjectSecuritySettingsService) ListProjectSecuritySettings(pid any, options ...RequestOptionFunc) (*ProjectSecuritySettings, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -92,7 +92,7 @@ func (s *ProjectSecuritySettingsService) ListProjectSecuritySettings(pid interfa
 // the project security settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_security_settings.html#update-secret_push_protection_enabled-setting
+// https://docs.gitlab.com/api/project_security_settings/#update-secret_push_protection_enabled-setting
 type UpdateProjectSecuritySettingsOptions struct {
 	SecretPushProtectionEnabled *bool `url:"secret_push_protection_enabled,omitempty" json:"secret_push_protection_enabled,omitempty"`
 }
@@ -101,8 +101,8 @@ type UpdateProjectSecuritySettingsOptions struct {
 // setting for the all projects in a project to the provided value.
 //
 // GitLab API Docs:
-// https://docs.gitlab.com/ee/api/project_security_settings.html#update-secret_push_protection_enabled-setting
-func (s *ProjectSecuritySettingsService) UpdateSecretPushProtectionEnabledSetting(pid interface{}, opt UpdateProjectSecuritySettingsOptions, options ...RequestOptionFunc) (*ProjectSecuritySettings, *Response, error) {
+// https://docs.gitlab.com/api/project_security_settings/#update-secret_push_protection_enabled-setting
+func (s *ProjectSecuritySettingsService) UpdateSecretPushProtectionEnabledSetting(pid any, opt UpdateProjectSecuritySettingsOptions, options ...RequestOptionFunc) (*ProjectSecuritySettings, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_snippets.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_snippets.go
index bb43e37f81..61c7e59e27 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_snippets.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_snippets.go
@@ -24,18 +24,18 @@ import (
 
 type (
 	ProjectSnippetsServiceInterface interface {
-		ListSnippets(pid interface{}, opt *ListProjectSnippetsOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error)
-		GetSnippet(pid interface{}, snippet int, options ...RequestOptionFunc) (*Snippet, *Response, error)
-		CreateSnippet(pid interface{}, opt *CreateProjectSnippetOptions, options ...RequestOptionFunc) (*Snippet, *Response, error)
-		UpdateSnippet(pid interface{}, snippet int, opt *UpdateProjectSnippetOptions, options ...RequestOptionFunc) (*Snippet, *Response, error)
-		DeleteSnippet(pid interface{}, snippet int, options ...RequestOptionFunc) (*Response, error)
-		SnippetContent(pid interface{}, snippet int, options ...RequestOptionFunc) ([]byte, *Response, error)
+		ListSnippets(pid any, opt *ListProjectSnippetsOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error)
+		GetSnippet(pid any, snippet int, options ...RequestOptionFunc) (*Snippet, *Response, error)
+		CreateSnippet(pid any, opt *CreateProjectSnippetOptions, options ...RequestOptionFunc) (*Snippet, *Response, error)
+		UpdateSnippet(pid any, snippet int, opt *UpdateProjectSnippetOptions, options ...RequestOptionFunc) (*Snippet, *Response, error)
+		DeleteSnippet(pid any, snippet int, options ...RequestOptionFunc) (*Response, error)
+		SnippetContent(pid any, snippet int, options ...RequestOptionFunc) ([]byte, *Response, error)
 	}
 
 	// ProjectSnippetsService handles communication with the project snippets
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/project_snippets.html
+	// GitLab API docs: https://docs.gitlab.com/api/project_snippets/
 	ProjectSnippetsService struct {
 		client *Client
 	}
@@ -45,13 +45,13 @@ var _ ProjectSnippetsServiceInterface = (*ProjectSnippetsService)(nil)
 
 // ListProjectSnippetsOptions represents the available ListSnippets() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_snippets.html#list-snippets
+// GitLab API docs: https://docs.gitlab.com/api/project_snippets/#list-snippets
 type ListProjectSnippetsOptions ListOptions
 
 // ListSnippets gets a list of project snippets.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_snippets.html#list-snippets
-func (s *ProjectSnippetsService) ListSnippets(pid interface{}, opt *ListProjectSnippetsOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/project_snippets/#list-snippets
+func (s *ProjectSnippetsService) ListSnippets(pid any, opt *ListProjectSnippetsOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -75,8 +75,8 @@ func (s *ProjectSnippetsService) ListSnippets(pid interface{}, opt *ListProjectS
 // GetSnippet gets a single project snippet
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_snippets.html#single-snippet
-func (s *ProjectSnippetsService) GetSnippet(pid interface{}, snippet int, options ...RequestOptionFunc) (*Snippet, *Response, error) {
+// https://docs.gitlab.com/api/project_snippets/#single-snippet
+func (s *ProjectSnippetsService) GetSnippet(pid any, snippet int, options ...RequestOptionFunc) (*Snippet, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -100,22 +100,25 @@ func (s *ProjectSnippetsService) GetSnippet(pid interface{}, snippet int, option
 // CreateProjectSnippetOptions represents the available CreateSnippet() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_snippets.html#create-new-snippet
+// https://docs.gitlab.com/api/project_snippets/#create-new-snippet
 type CreateProjectSnippetOptions struct {
 	Title       *string                      `url:"title,omitempty" json:"title,omitempty"`
-	FileName    *string                      `url:"file_name,omitempty" json:"file_name,omitempty"`
 	Description *string                      `url:"description,omitempty" json:"description,omitempty"`
-	Content     *string                      `url:"content,omitempty" json:"content,omitempty"`
 	Visibility  *VisibilityValue             `url:"visibility,omitempty" json:"visibility,omitempty"`
 	Files       *[]*CreateSnippetFileOptions `url:"files,omitempty" json:"files,omitempty"`
+
+	// Deprecated: use Files instead
+	FileName *string `url:"file_name,omitempty" json:"file_name,omitempty"`
+	// Deprecated: use Files instead
+	Content *string `url:"content,omitempty" json:"content,omitempty"`
 }
 
 // CreateSnippet creates a new project snippet. The user must have permission
 // to create new snippets.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_snippets.html#create-new-snippet
-func (s *ProjectSnippetsService) CreateSnippet(pid interface{}, opt *CreateProjectSnippetOptions, options ...RequestOptionFunc) (*Snippet, *Response, error) {
+// https://docs.gitlab.com/api/project_snippets/#create-new-snippet
+func (s *ProjectSnippetsService) CreateSnippet(pid any, opt *CreateProjectSnippetOptions, options ...RequestOptionFunc) (*Snippet, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -139,22 +142,25 @@ func (s *ProjectSnippetsService) CreateSnippet(pid interface{}, opt *CreateProje
 // UpdateProjectSnippetOptions represents the available UpdateSnippet() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_snippets.html#update-snippet
+// https://docs.gitlab.com/api/project_snippets/#update-snippet
 type UpdateProjectSnippetOptions struct {
 	Title       *string                      `url:"title,omitempty" json:"title,omitempty"`
-	FileName    *string                      `url:"file_name,omitempty" json:"file_name,omitempty"`
 	Description *string                      `url:"description,omitempty" json:"description,omitempty"`
-	Content     *string                      `url:"content,omitempty" json:"content,omitempty"`
 	Visibility  *VisibilityValue             `url:"visibility,omitempty" json:"visibility,omitempty"`
 	Files       *[]*UpdateSnippetFileOptions `url:"files,omitempty" json:"files,omitempty"`
+
+	// Deprecated: use Files instead
+	FileName *string `url:"file_name,omitempty" json:"file_name,omitempty"`
+	// Deprecated: use Files instead
+	Content *string `url:"content,omitempty" json:"content,omitempty"`
 }
 
 // UpdateSnippet updates an existing project snippet. The user must have
 // permission to change an existing snippet.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_snippets.html#update-snippet
-func (s *ProjectSnippetsService) UpdateSnippet(pid interface{}, snippet int, opt *UpdateProjectSnippetOptions, options ...RequestOptionFunc) (*Snippet, *Response, error) {
+// https://docs.gitlab.com/api/project_snippets/#update-snippet
+func (s *ProjectSnippetsService) UpdateSnippet(pid any, snippet int, opt *UpdateProjectSnippetOptions, options ...RequestOptionFunc) (*Snippet, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -180,8 +186,8 @@ func (s *ProjectSnippetsService) UpdateSnippet(pid interface{}, snippet int, opt
 // code.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_snippets.html#delete-snippet
-func (s *ProjectSnippetsService) DeleteSnippet(pid interface{}, snippet int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_snippets/#delete-snippet
+func (s *ProjectSnippetsService) DeleteSnippet(pid any, snippet int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -199,8 +205,8 @@ func (s *ProjectSnippetsService) DeleteSnippet(pid interface{}, snippet int, opt
 // SnippetContent returns the raw project snippet as plain text.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_snippets.html#snippet-content
-func (s *ProjectSnippetsService) SnippetContent(pid interface{}, snippet int, options ...RequestOptionFunc) ([]byte, *Response, error) {
+// https://docs.gitlab.com/api/project_snippets/#snippet-content
+func (s *ProjectSnippetsService) SnippetContent(pid any, snippet int, options ...RequestOptionFunc) ([]byte, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_templates.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_templates.go
index cc8351dc6b..1e7c6489af 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_templates.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_templates.go
@@ -23,14 +23,14 @@ import (
 
 type (
 	ProjectTemplatesServiceInterface interface {
-		ListTemplates(pid interface{}, templateType string, opt *ListProjectTemplatesOptions, options ...RequestOptionFunc) ([]*ProjectTemplate, *Response, error)
-		GetProjectTemplate(pid interface{}, templateType string, templateName string, options ...RequestOptionFunc) (*ProjectTemplate, *Response, error)
+		ListTemplates(pid any, templateType string, opt *ListProjectTemplatesOptions, options ...RequestOptionFunc) ([]*ProjectTemplate, *Response, error)
+		GetProjectTemplate(pid any, templateType string, templateName string, options ...RequestOptionFunc) (*ProjectTemplate, *Response, error)
 	}
 
 	// ProjectTemplatesService handles communication with the project templates
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/project_templates.html
+	// GitLab API docs: https://docs.gitlab.com/api/project_templates/
 	ProjectTemplatesService struct {
 		client *Client
 	}
@@ -40,7 +40,7 @@ var _ ProjectTemplatesServiceInterface = (*ProjectTemplatesService)(nil)
 
 // ProjectTemplate represents a GitLab ProjectTemplate.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_templates.html
+// GitLab API docs: https://docs.gitlab.com/api/project_templates/
 type ProjectTemplate struct {
 	Key         string   `json:"key"`
 	Name        string   `json:"name"`
@@ -62,7 +62,7 @@ func (s ProjectTemplate) String() string {
 // ListProjectTemplatesOptions represents the available ListSnippets() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_templates.html#get-all-templates-of-a-particular-type
+// https://docs.gitlab.com/api/project_templates/#get-all-templates-of-a-particular-type
 type ListProjectTemplatesOptions struct {
 	ListOptions
 	ID   *int    `url:"id,omitempty" json:"id,omitempty"`
@@ -71,8 +71,8 @@ type ListProjectTemplatesOptions struct {
 
 // ListTemplates gets a list of project templates.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_templates.html#get-all-templates-of-a-particular-type
-func (s *ProjectTemplatesService) ListTemplates(pid interface{}, templateType string, opt *ListProjectTemplatesOptions, options ...RequestOptionFunc) ([]*ProjectTemplate, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/project_templates/#get-all-templates-of-a-particular-type
+func (s *ProjectTemplatesService) ListTemplates(pid any, templateType string, opt *ListProjectTemplatesOptions, options ...RequestOptionFunc) ([]*ProjectTemplate, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -96,8 +96,8 @@ func (s *ProjectTemplatesService) ListTemplates(pid interface{}, templateType st
 // GetProjectTemplate gets a single project template.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_templates.html#get-one-template-of-a-particular-type
-func (s *ProjectTemplatesService) GetProjectTemplate(pid interface{}, templateType string, templateName string, options ...RequestOptionFunc) (*ProjectTemplate, *Response, error) {
+// https://docs.gitlab.com/api/project_templates/#get-one-template-of-a-particular-type
+func (s *ProjectTemplatesService) GetProjectTemplate(pid any, templateType string, templateName string, options ...RequestOptionFunc) (*ProjectTemplate, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_variables.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_variables.go
index 4854ca6916..870837ec68 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_variables.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_variables.go
@@ -24,18 +24,18 @@ import (
 
 type (
 	ProjectVariablesServiceInterface interface {
-		ListVariables(pid interface{}, opt *ListProjectVariablesOptions, options ...RequestOptionFunc) ([]*ProjectVariable, *Response, error)
-		GetVariable(pid interface{}, key string, opt *GetProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error)
-		CreateVariable(pid interface{}, opt *CreateProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error)
-		UpdateVariable(pid interface{}, key string, opt *UpdateProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error)
-		RemoveVariable(pid interface{}, key string, opt *RemoveProjectVariableOptions, options ...RequestOptionFunc) (*Response, error)
+		ListVariables(pid any, opt *ListProjectVariablesOptions, options ...RequestOptionFunc) ([]*ProjectVariable, *Response, error)
+		GetVariable(pid any, key string, opt *GetProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error)
+		CreateVariable(pid any, opt *CreateProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error)
+		UpdateVariable(pid any, key string, opt *UpdateProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error)
+		RemoveVariable(pid any, key string, opt *RemoveProjectVariableOptions, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ProjectVariablesService handles communication with the
 	// project variables related methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/project_level_variables.html
+	// https://docs.gitlab.com/api/project_level_variables/
 	ProjectVariablesService struct {
 		client *Client
 	}
@@ -46,7 +46,7 @@ var _ ProjectVariablesServiceInterface = (*ProjectVariablesService)(nil)
 // ProjectVariable represents a GitLab Project Variable.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html
+// https://docs.gitlab.com/api/project_level_variables/
 type ProjectVariable struct {
 	Key              string            `json:"key"`
 	Value            string            `json:"value"`
@@ -72,14 +72,14 @@ type VariableFilter struct {
 // in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html#list-project-variables
+// https://docs.gitlab.com/api/project_level_variables/#list-project-variables
 type ListProjectVariablesOptions ListOptions
 
 // ListVariables gets a list of all variables in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html#list-project-variables
-func (s *ProjectVariablesService) ListVariables(pid interface{}, opt *ListProjectVariablesOptions, options ...RequestOptionFunc) ([]*ProjectVariable, *Response, error) {
+// https://docs.gitlab.com/api/project_level_variables/#list-project-variables
+func (s *ProjectVariablesService) ListVariables(pid any, opt *ListProjectVariablesOptions, options ...RequestOptionFunc) ([]*ProjectVariable, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -104,7 +104,7 @@ func (s *ProjectVariablesService) ListVariables(pid interface{}, opt *ListProjec
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html#get-a-single-variable
+// https://docs.gitlab.com/api/project_level_variables/#get-a-single-variable
 type GetProjectVariableOptions struct {
 	Filter *VariableFilter `url:"filter,omitempty" json:"filter,omitempty"`
 }
@@ -112,8 +112,8 @@ type GetProjectVariableOptions struct {
 // GetVariable gets a variable.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html#get-a-single-variable
-func (s *ProjectVariablesService) GetVariable(pid interface{}, key string, opt *GetProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error) {
+// https://docs.gitlab.com/api/project_level_variables/#get-a-single-variable
+func (s *ProjectVariablesService) GetVariable(pid any, key string, opt *GetProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -138,7 +138,7 @@ func (s *ProjectVariablesService) GetVariable(pid interface{}, key string, opt *
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html#create-a-variable
+// https://docs.gitlab.com/api/project_level_variables/#create-a-variable
 type CreateProjectVariableOptions struct {
 	Key              *string            `url:"key,omitempty" json:"key,omitempty"`
 	Value            *string            `url:"value,omitempty" json:"value,omitempty"`
@@ -154,8 +154,8 @@ type CreateProjectVariableOptions struct {
 // CreateVariable creates a new project variable.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html#create-a-variable
-func (s *ProjectVariablesService) CreateVariable(pid interface{}, opt *CreateProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error) {
+// https://docs.gitlab.com/api/project_level_variables/#create-a-variable
+func (s *ProjectVariablesService) CreateVariable(pid any, opt *CreateProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -180,7 +180,7 @@ func (s *ProjectVariablesService) CreateVariable(pid interface{}, opt *CreatePro
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html#update-a-variable
+// https://docs.gitlab.com/api/project_level_variables/#update-a-variable
 type UpdateProjectVariableOptions struct {
 	Value            *string            `url:"value,omitempty" json:"value,omitempty"`
 	Description      *string            `url:"description,omitempty" json:"description,omitempty"`
@@ -195,8 +195,8 @@ type UpdateProjectVariableOptions struct {
 // UpdateVariable updates a project's variable.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html#update-a-variable
-func (s *ProjectVariablesService) UpdateVariable(pid interface{}, key string, opt *UpdateProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error) {
+// https://docs.gitlab.com/api/project_level_variables/#update-a-variable
+func (s *ProjectVariablesService) UpdateVariable(pid any, key string, opt *UpdateProjectVariableOptions, options ...RequestOptionFunc) (*ProjectVariable, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -221,7 +221,7 @@ func (s *ProjectVariablesService) UpdateVariable(pid interface{}, key string, op
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html#delete-a-variable
+// https://docs.gitlab.com/api/project_level_variables/#delete-a-variable
 type RemoveProjectVariableOptions struct {
 	Filter *VariableFilter `url:"filter,omitempty" json:"filter,omitempty"`
 }
@@ -229,8 +229,8 @@ type RemoveProjectVariableOptions struct {
 // RemoveVariable removes a project's variable.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_level_variables.html#delete-a-variable
-func (s *ProjectVariablesService) RemoveVariable(pid interface{}, key string, opt *RemoveProjectVariableOptions, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_level_variables/#delete-a-variable
+func (s *ProjectVariablesService) RemoveVariable(pid any, key string, opt *RemoveProjectVariableOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/project_vulnerabilities.go b/vendor/gitlab.com/gitlab-org/api/client-go/project_vulnerabilities.go
index 61a5f76f95..9b939e0bf0 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/project_vulnerabilities.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/project_vulnerabilities.go
@@ -23,25 +23,31 @@ import (
 )
 
 type (
+	// Deprecated: use GraphQL Query.vulnerabilities instead
 	ProjectVulnerabilitiesServiceInterface interface {
-		ListProjectVulnerabilities(pid interface{}, opt *ListProjectVulnerabilitiesOptions, options ...RequestOptionFunc) ([]*ProjectVulnerability, *Response, error)
-		CreateVulnerability(pid interface{}, opt *CreateVulnerabilityOptions, options ...RequestOptionFunc) (*ProjectVulnerability, *Response, error)
+		// Deprecated: use GraphQL Query.vulnerabilities instead
+		ListProjectVulnerabilities(pid any, opt *ListProjectVulnerabilitiesOptions, options ...RequestOptionFunc) ([]*ProjectVulnerability, *Response, error)
+		// Deprecated: use GraphQL Query.vulnerabilities instead
+		CreateVulnerability(pid any, opt *CreateVulnerabilityOptions, options ...RequestOptionFunc) (*ProjectVulnerability, *Response, error)
 	}
 
 	// ProjectVulnerabilitiesService handles communication with the projects
 	// vulnerabilities related methods of the GitLab API.
+	// Deprecated: use GraphQL Query.vulnerabilities instead
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/project_vulnerabilities.html
+	// GitLab API docs: https://docs.gitlab.com/api/project_vulnerabilities/
 	ProjectVulnerabilitiesService struct {
 		client *Client
 	}
 )
 
+// Deprecated: use GraphQL Query.vulnerabilities instead
 var _ ProjectVulnerabilitiesServiceInterface = (*ProjectVulnerabilitiesService)(nil)
 
 // Project represents a GitLab project vulnerability.
+// Deprecated: use GraphQL Query.vulnerabilities instead
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_vulnerabilities.html
+// GitLab API docs: https://docs.gitlab.com/api/project_vulnerabilities/
 type ProjectVulnerability struct {
 	AuthorID                int        `json:"author_id"`
 	Confidence              string     `json:"confidence"`
@@ -69,8 +75,9 @@ type ProjectVulnerability struct {
 }
 
 // Project represents a GitLab project vulnerability finding.
+// Deprecated: use GraphQL Query.vulnerabilities instead
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_vulnerabilities.html
+// GitLab API docs: https://docs.gitlab.com/api/project_vulnerabilities/
 type Finding struct {
 	Confidence          string     `json:"confidence"`
 	CreatedAt           *time.Time `json:"created_at"`
@@ -92,18 +99,20 @@ type Finding struct {
 
 // ListProjectVulnerabilitiesOptions represents the available
 // ListProjectVulnerabilities() options.
+// Deprecated: use GraphQL Query.vulnerabilities instead
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_vulnerabilities.html#list-project-vulnerabilities
+// https://docs.gitlab.com/api/project_vulnerabilities/#list-project-vulnerabilities
 type ListProjectVulnerabilitiesOptions struct {
 	ListOptions
 }
 
 // ListProjectVulnerabilities gets a list of all project vulnerabilities.
+// Deprecated: use GraphQL Query.vulnerabilities instead
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_vulnerabilities.html#list-project-vulnerabilities
-func (s *ProjectVulnerabilitiesService) ListProjectVulnerabilities(pid interface{}, opt *ListProjectVulnerabilitiesOptions, options ...RequestOptionFunc) ([]*ProjectVulnerability, *Response, error) {
+// https://docs.gitlab.com/api/project_vulnerabilities/#list-project-vulnerabilities
+func (s *ProjectVulnerabilitiesService) ListProjectVulnerabilities(pid any, opt *ListProjectVulnerabilitiesOptions, options ...RequestOptionFunc) ([]*ProjectVulnerability, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -126,18 +135,20 @@ func (s *ProjectVulnerabilitiesService) ListProjectVulnerabilities(pid interface
 
 // CreateVulnerabilityOptions represents the available CreateVulnerability()
 // options.
+// Deprecated: use GraphQL Query.vulnerabilities instead
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_vulnerabilities.html#new-vulnerability
+// https://docs.gitlab.com/api/project_vulnerabilities/#new-vulnerability
 type CreateVulnerabilityOptions struct {
 	FindingID *int `url:"finding_id,omitempty" json:"finding_id,omitempty"`
 }
 
 // CreateVulnerability creates a new vulnerability on the selected project.
+// Deprecated: use GraphQL Query.vulnerabilities instead
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/project_vulnerabilities.html#new-vulnerability
-func (s *ProjectVulnerabilitiesService) CreateVulnerability(pid interface{}, opt *CreateVulnerabilityOptions, options ...RequestOptionFunc) (*ProjectVulnerability, *Response, error) {
+// https://docs.gitlab.com/api/project_vulnerabilities/#new-vulnerability
+func (s *ProjectVulnerabilitiesService) CreateVulnerability(pid any, opt *CreateVulnerabilityOptions, options ...RequestOptionFunc) (*ProjectVulnerability, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/projects.go b/vendor/gitlab.com/gitlab-org/api/client-go/projects.go
index eae733e5a4..4becdbb3c3 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/projects.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/projects.go
@@ -31,66 +31,64 @@ type (
 	// ProjectsServiceInterface handles communication with the repositories related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html
+	// GitLab API docs: https://docs.gitlab.com/api/projects/
 	ProjectsServiceInterface interface {
 		ListProjects(opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
-		ListUserProjects(uid interface{}, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
-		ListUserContributedProjects(uid interface{}, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
-		ListUserStarredProjects(uid interface{}, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
-		ListProjectsUsers(pid interface{}, opt *ListProjectUserOptions, options ...RequestOptionFunc) ([]*ProjectUser, *Response, error)
-		ListProjectsGroups(pid interface{}, opt *ListProjectGroupOptions, options ...RequestOptionFunc) ([]*ProjectGroup, *Response, error)
-		GetProjectLanguages(pid interface{}, options ...RequestOptionFunc) (*ProjectLanguages, *Response, error)
-		GetProject(pid interface{}, opt *GetProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error)
+		ListUserProjects(uid any, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
+		ListUserContributedProjects(uid any, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
+		ListUserStarredProjects(uid any, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
+		ListProjectsUsers(pid any, opt *ListProjectUserOptions, options ...RequestOptionFunc) ([]*ProjectUser, *Response, error)
+		ListProjectsGroups(pid any, opt *ListProjectGroupOptions, options ...RequestOptionFunc) ([]*ProjectGroup, *Response, error)
+		GetProjectLanguages(pid any, options ...RequestOptionFunc) (*ProjectLanguages, *Response, error)
+		GetProject(pid any, opt *GetProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error)
 		CreateProject(opt *CreateProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error)
 		CreateProjectForUser(user int, opt *CreateProjectForUserOptions, options ...RequestOptionFunc) (*Project, *Response, error)
-		EditProject(pid interface{}, opt *EditProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error)
-		ForkProject(pid interface{}, opt *ForkProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error)
-		StarProject(pid interface{}, options ...RequestOptionFunc) (*Project, *Response, error)
-		ListProjectsInvitedGroups(pid interface{}, opt *ListProjectInvidedGroupOptions, options ...RequestOptionFunc) ([]*ProjectGroup, *Response, error)
-		UnstarProject(pid interface{}, options ...RequestOptionFunc) (*Project, *Response, error)
-		ArchiveProject(pid interface{}, options ...RequestOptionFunc) (*Project, *Response, error)
-		UnarchiveProject(pid interface{}, options ...RequestOptionFunc) (*Project, *Response, error)
-		DeleteProject(pid interface{}, opt *DeleteProjectOptions, options ...RequestOptionFunc) (*Response, error)
-		ShareProjectWithGroup(pid interface{}, opt *ShareWithGroupOptions, options ...RequestOptionFunc) (*Response, error)
-		DeleteSharedProjectFromGroup(pid interface{}, groupID int, options ...RequestOptionFunc) (*Response, error)
-		ListProjectHooks(pid interface{}, opt *ListProjectHooksOptions, options ...RequestOptionFunc) ([]*ProjectHook, *Response, error)
-		GetProjectHook(pid interface{}, hook int, options ...RequestOptionFunc) (*ProjectHook, *Response, error)
-		AddProjectHook(pid interface{}, opt *AddProjectHookOptions, options ...RequestOptionFunc) (*ProjectHook, *Response, error)
-		EditProjectHook(pid interface{}, hook int, opt *EditProjectHookOptions, options ...RequestOptionFunc) (*ProjectHook, *Response, error)
-		DeleteProjectHook(pid interface{}, hook int, options ...RequestOptionFunc) (*Response, error)
-		TriggerTestProjectHook(pid interface{}, hook int, event ProjectHookEvent, options ...RequestOptionFunc) (*Response, error)
-		SetProjectCustomHeader(pid interface{}, hook int, key string, opt *SetHookCustomHeaderOptions, options ...RequestOptionFunc) (*Response, error)
-		DeleteProjectCustomHeader(pid interface{}, hook int, key string, options ...RequestOptionFunc) (*Response, error)
-		CreateProjectForkRelation(pid interface{}, fork int, options ...RequestOptionFunc) (*ProjectForkRelation, *Response, error)
-		DeleteProjectForkRelation(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		UploadFile(pid interface{}, content io.Reader, filename string, options ...RequestOptionFunc) (*ProjectFile, *Response, error)
-		UploadAvatar(pid interface{}, avatar io.Reader, filename string, options ...RequestOptionFunc) (*Project, *Response, error)
-		DownloadAvatar(pid interface{}, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
-		ListProjectForks(pid interface{}, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
-		GetProjectPushRules(pid interface{}, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error)
-		AddProjectPushRule(pid interface{}, opt *AddProjectPushRuleOptions, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error)
-		EditProjectPushRule(pid interface{}, opt *EditProjectPushRuleOptions, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error)
-		DeleteProjectPushRule(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetApprovalConfiguration(pid interface{}, options ...RequestOptionFunc) (*ProjectApprovals, *Response, error)
-		ChangeApprovalConfiguration(pid interface{}, opt *ChangeApprovalConfigurationOptions, options ...RequestOptionFunc) (*ProjectApprovals, *Response, error)
-		GetProjectApprovalRules(pid interface{}, opt *GetProjectApprovalRulesListsOptions, options ...RequestOptionFunc) ([]*ProjectApprovalRule, *Response, error)
-		GetProjectApprovalRule(pid interface{}, ruleID int, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error)
-		CreateProjectApprovalRule(pid interface{}, opt *CreateProjectLevelRuleOptions, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error)
-		UpdateProjectApprovalRule(pid interface{}, approvalRule int, opt *UpdateProjectLevelRuleOptions, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error)
-		DeleteProjectApprovalRule(pid interface{}, approvalRule int, options ...RequestOptionFunc) (*Response, error)
-		ChangeAllowedApprovers(pid interface{}, opt *ChangeAllowedApproversOptions, options ...RequestOptionFunc) (*ProjectApprovals, *Response, error)
-		GetProjectPullMirrorDetails(pid interface{}, options ...RequestOptionFunc) (*ProjectPullMirrorDetails, *Response, error)
-		ConfigureProjectPullMirror(pid interface{}, opt *ConfigureProjectPullMirrorOptions, options ...RequestOptionFunc) (*ProjectPullMirrorDetails, *Response, error)
-		StartMirroringProject(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		TransferProject(pid interface{}, opt *TransferProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error)
-		StartHousekeepingProject(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetRepositoryStorage(pid interface{}, options ...RequestOptionFunc) (*ProjectReposityStorage, *Response, error)
+		EditProject(pid any, opt *EditProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error)
+		ForkProject(pid any, opt *ForkProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error)
+		StarProject(pid any, options ...RequestOptionFunc) (*Project, *Response, error)
+		ListProjectsInvitedGroups(pid any, opt *ListProjectInvidedGroupOptions, options ...RequestOptionFunc) ([]*ProjectGroup, *Response, error)
+		UnstarProject(pid any, options ...RequestOptionFunc) (*Project, *Response, error)
+		ArchiveProject(pid any, options ...RequestOptionFunc) (*Project, *Response, error)
+		UnarchiveProject(pid any, options ...RequestOptionFunc) (*Project, *Response, error)
+		DeleteProject(pid any, opt *DeleteProjectOptions, options ...RequestOptionFunc) (*Response, error)
+		ShareProjectWithGroup(pid any, opt *ShareWithGroupOptions, options ...RequestOptionFunc) (*Response, error)
+		DeleteSharedProjectFromGroup(pid any, groupID int, options ...RequestOptionFunc) (*Response, error)
+		ListProjectHooks(pid any, opt *ListProjectHooksOptions, options ...RequestOptionFunc) ([]*ProjectHook, *Response, error)
+		GetProjectHook(pid any, hook int, options ...RequestOptionFunc) (*ProjectHook, *Response, error)
+		AddProjectHook(pid any, opt *AddProjectHookOptions, options ...RequestOptionFunc) (*ProjectHook, *Response, error)
+		EditProjectHook(pid any, hook int, opt *EditProjectHookOptions, options ...RequestOptionFunc) (*ProjectHook, *Response, error)
+		DeleteProjectHook(pid any, hook int, options ...RequestOptionFunc) (*Response, error)
+		TriggerTestProjectHook(pid any, hook int, event ProjectHookEvent, options ...RequestOptionFunc) (*Response, error)
+		SetProjectCustomHeader(pid any, hook int, key string, opt *SetHookCustomHeaderOptions, options ...RequestOptionFunc) (*Response, error)
+		DeleteProjectCustomHeader(pid any, hook int, key string, options ...RequestOptionFunc) (*Response, error)
+		CreateProjectForkRelation(pid any, fork int, options ...RequestOptionFunc) (*ProjectForkRelation, *Response, error)
+		DeleteProjectForkRelation(pid any, options ...RequestOptionFunc) (*Response, error)
+		UploadAvatar(pid any, avatar io.Reader, filename string, options ...RequestOptionFunc) (*Project, *Response, error)
+		DownloadAvatar(pid any, options ...RequestOptionFunc) (*bytes.Reader, *Response, error)
+		ListProjectForks(pid any, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
+		GetProjectPushRules(pid any, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error)
+		AddProjectPushRule(pid any, opt *AddProjectPushRuleOptions, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error)
+		EditProjectPushRule(pid any, opt *EditProjectPushRuleOptions, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error)
+		DeleteProjectPushRule(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetApprovalConfiguration(pid any, options ...RequestOptionFunc) (*ProjectApprovals, *Response, error)
+		ChangeApprovalConfiguration(pid any, opt *ChangeApprovalConfigurationOptions, options ...RequestOptionFunc) (*ProjectApprovals, *Response, error)
+		GetProjectApprovalRules(pid any, opt *GetProjectApprovalRulesListsOptions, options ...RequestOptionFunc) ([]*ProjectApprovalRule, *Response, error)
+		GetProjectApprovalRule(pid any, ruleID int, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error)
+		CreateProjectApprovalRule(pid any, opt *CreateProjectLevelRuleOptions, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error)
+		UpdateProjectApprovalRule(pid any, approvalRule int, opt *UpdateProjectLevelRuleOptions, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error)
+		DeleteProjectApprovalRule(pid any, approvalRule int, options ...RequestOptionFunc) (*Response, error)
+		GetProjectPullMirrorDetails(pid any, options ...RequestOptionFunc) (*ProjectPullMirrorDetails, *Response, error)
+		ConfigureProjectPullMirror(pid any, opt *ConfigureProjectPullMirrorOptions, options ...RequestOptionFunc) (*ProjectPullMirrorDetails, *Response, error)
+		StartMirroringProject(pid any, options ...RequestOptionFunc) (*Response, error)
+		TransferProject(pid any, opt *TransferProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error)
+		StartHousekeepingProject(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetRepositoryStorage(pid any, options ...RequestOptionFunc) (*ProjectReposityStorage, *Response, error)
 	}
 
 	// ProjectsService handles communication with the repositories related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html
+	// GitLab API docs: https://docs.gitlab.com/api/projects/
 	ProjectsService struct {
 		client *Client
 	}
@@ -100,7 +98,7 @@ var _ ProjectsServiceInterface = (*ProjectsService)(nil)
 
 // Project represents a GitLab project.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html
+// GitLab API docs: https://docs.gitlab.com/api/projects/
 type Project struct {
 	ID                                        int                        `json:"id"`
 	Description                               string                     `json:"description"`
@@ -110,23 +108,15 @@ type Project struct {
 	HTTPURLToRepo                             string                     `json:"http_url_to_repo"`
 	WebURL                                    string                     `json:"web_url"`
 	ReadmeURL                                 string                     `json:"readme_url"`
-	TagList                                   []string                   `json:"tag_list"`
 	Topics                                    []string                   `json:"topics"`
 	Owner                                     *User                      `json:"owner"`
 	Name                                      string                     `json:"name"`
 	NameWithNamespace                         string                     `json:"name_with_namespace"`
 	Path                                      string                     `json:"path"`
 	PathWithNamespace                         string                     `json:"path_with_namespace"`
-	IssuesEnabled                             bool                       `json:"issues_enabled"`
 	OpenIssuesCount                           int                        `json:"open_issues_count"`
-	MergeRequestsEnabled                      bool                       `json:"merge_requests_enabled"`
-	ApprovalsBeforeMerge                      int                        `json:"approvals_before_merge"`
-	JobsEnabled                               bool                       `json:"jobs_enabled"`
-	WikiEnabled                               bool                       `json:"wiki_enabled"`
-	SnippetsEnabled                           bool                       `json:"snippets_enabled"`
 	ResolveOutdatedDiffDiscussions            bool                       `json:"resolve_outdated_diff_discussions"`
 	ContainerExpirationPolicy                 *ContainerExpirationPolicy `json:"container_expiration_policy,omitempty"`
-	ContainerRegistryEnabled                  bool                       `json:"container_registry_enabled"`
 	ContainerRegistryAccessLevel              AccessControlValue         `json:"container_registry_access_level"`
 	ContainerRegistryImagePrefix              string                     `json:"container_registry_image_prefix,omitempty"`
 	CreatedAt                                 *time.Time                 `json:"created_at,omitempty"`
@@ -135,7 +125,7 @@ type Project struct {
 	CreatorID                                 int                        `json:"creator_id"`
 	Namespace                                 *ProjectNamespace          `json:"namespace"`
 	Permissions                               *Permissions               `json:"permissions"`
-	MarkedForDeletionAt                       *ISOTime                   `json:"marked_for_deletion_at"`
+	MarkedForDeletionOn                       *ISOTime                   `json:"marked_for_deletion_on"`
 	EmptyRepo                                 bool                       `json:"empty_repo"`
 	Archived                                  bool                       `json:"archived"`
 	AvatarURL                                 string                     `json:"avatar_url"`
@@ -203,6 +193,7 @@ type Project struct {
 	CIDeletePipelinesInSeconds               int                                         `json:"ci_delete_pipelines_in_seconds,omitempty"`
 	CIForwardDeploymentEnabled               bool                                        `json:"ci_forward_deployment_enabled"`
 	CIForwardDeploymentRollbackAllowed       bool                                        `json:"ci_forward_deployment_rollback_allowed"`
+	CIPushRepositoryForJobTokenAllowed       bool                                        `json:"ci_push_repository_for_job_token_allowed"`
 	CIIdTokenSubClaimComponents              []string                                    `json:"ci_id_token_sub_claim_components"`
 	CISeperateCache                          bool                                        `json:"ci_separated_caches"`
 	CIJobTokenScopeEnabled                   bool                                        `json:"ci_job_token_scope_enabled"`
@@ -222,7 +213,7 @@ type Project struct {
 	KeepLatestArtifact                       bool                                        `json:"keep_latest_artifact"`
 	MergePipelinesEnabled                    bool                                        `json:"merge_pipelines_enabled"`
 	MergeTrainsEnabled                       bool                                        `json:"merge_trains_enabled"`
-	RestrictUserDefinedVariables             bool                                        `json:"restrict_user_defined_variables"`
+	MergeTrainsSkipTrainAllowed              bool                                        `json:"merge_trains_skip_train_allowed"`
 	CIPipelineVariablesMinimumOverrideRole   CIPipelineVariablesMinimumOverrideRoleValue `json:"ci_pipeline_variables_minimum_override_role"`
 	MergeCommitTemplate                      string                                      `json:"merge_commit_template"`
 	SquashCommitTemplate                     string                                      `json:"squash_commit_template"`
@@ -239,7 +230,28 @@ type Project struct {
 	ModelExperimentsAccessLevel              AccessControlValue                          `json:"model_experiments_access_level"`
 	ModelRegistryAccessLevel                 AccessControlValue                          `json:"model_registry_access_level"`
 	PreReceiveSecretDetectionEnabled         bool                                        `json:"pre_receive_secret_detection_enabled"`
-
+	AutoDuoCodeReviewEnabled                 bool                                        `json:"auto_duo_code_review_enabled"`
+
+	// Deprecated: use Topics instead
+	TagList []string `json:"tag_list"`
+	// Deprecated: use IssuesAccessLevel instead
+	IssuesEnabled bool `json:"issues_enabled"`
+	// Deprecated: use MergeRequestsAccessLevel instead
+	MergeRequestsEnabled bool `json:"merge_requests_enabled"`
+	// Deprecated: use Merge Request Approvals API instead
+	ApprovalsBeforeMerge int `json:"approvals_before_merge"`
+	// Deprecated: use BuildsAccessLevel instead
+	JobsEnabled bool `json:"jobs_enabled"`
+	// Deprecated: use WikiAccessLevel instead
+	WikiEnabled bool `json:"wiki_enabled"`
+	// Deprecated: use SnippetsAccessLevel instead
+	SnippetsEnabled bool `json:"snippets_enabled"`
+	// Deprecated: use ContainerRegistryAccessLevel instead
+	ContainerRegistryEnabled bool `json:"container_registry_enabled"`
+	// Deprecated: use MarkedForDeletionOn instead
+	MarkedForDeletionAt *ISOTime `json:"marked_for_deletion_at"`
+	// Deprecated: use CIPipelineVariablesMinimumOverrideRole instead
+	RestrictUserDefinedVariables bool `json:"restrict_user_defined_variables"`
 	// Deprecated: Use EmailsEnabled instead
 	EmailsDisabled bool `json:"emails_disabled"`
 	// Deprecated: This parameter has been renamed to PublicJobs in GitLab 9.0.
@@ -262,11 +274,13 @@ type ContainerExpirationPolicy struct {
 	Cadence         string     `json:"cadence"`
 	KeepN           int        `json:"keep_n"`
 	OlderThan       string     `json:"older_than"`
-	NameRegex       string     `json:"name_regex"`
 	NameRegexDelete string     `json:"name_regex_delete"`
 	NameRegexKeep   string     `json:"name_regex_keep"`
 	Enabled         bool       `json:"enabled"`
 	NextRunAt       *time.Time `json:"next_run_at"`
+
+	// Deprecated: use NameRegexDelete instead
+	NameRegex string `json:"name_regex"`
 }
 
 // ForkParent represents the parent project when this is a fork.
@@ -373,7 +387,7 @@ func (s Project) String() string {
 // ProjectApprovalRule represents a GitLab project approval rule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#get-project-level-rules
+// https://docs.gitlab.com/api/merge_request_approvals/#get-all-approval-rules-for-project
 type ProjectApprovalRule struct {
 	ID                            int                `json:"id"`
 	Name                          string             `json:"name"`
@@ -394,9 +408,10 @@ func (s ProjectApprovalRule) String() string {
 
 // ListProjectsOptions represents the available ListProjects() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#list-all-projects
+// GitLab API docs: https://docs.gitlab.com/api/projects/#list-all-projects
 type ListProjectsOptions struct {
 	ListOptions
+	Active                   *bool             `url:"active,omitempty" json:"active,omitempty"`
 	Archived                 *bool             `url:"archived,omitempty" json:"archived,omitempty"`
 	IDAfter                  *int              `url:"id_after,omitempty" json:"id_after,omitempty"`
 	IDBefore                 *int              `url:"id_before,omitempty" json:"id_before,omitempty"`
@@ -428,7 +443,7 @@ type ListProjectsOptions struct {
 
 // ListProjects gets a list of projects accessible by the authenticated user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#list-all-projects
+// GitLab API docs: https://docs.gitlab.com/api/projects/#list-all-projects
 func (s *ProjectsService) ListProjects(opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "projects", opt, options)
 	if err != nil {
@@ -447,8 +462,8 @@ func (s *ProjectsService) ListProjects(opt *ListProjectsOptions, options ...Requ
 // ListUserProjects gets a list of projects for the given user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#list-user-projects
-func (s *ProjectsService) ListUserProjects(uid interface{}, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
+// https://docs.gitlab.com/api/projects/#list-a-users-projects
+func (s *ProjectsService) ListUserProjects(uid any, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
 	user, err := parseID(uid)
 	if err != nil {
 		return nil, nil, err
@@ -472,8 +487,8 @@ func (s *ProjectsService) ListUserProjects(uid interface{}, opt *ListProjectsOpt
 // ListUserContributedProjects gets a list of visible projects a given user has contributed to.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#list-projects-a-user-has-contributed-to
-func (s *ProjectsService) ListUserContributedProjects(uid interface{}, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
+// https://docs.gitlab.com/api/projects/#list-projects-a-user-has-contributed-to
+func (s *ProjectsService) ListUserContributedProjects(uid any, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
 	user, err := parseID(uid)
 	if err != nil {
 		return nil, nil, err
@@ -497,8 +512,8 @@ func (s *ProjectsService) ListUserContributedProjects(uid interface{}, opt *List
 // ListUserStarredProjects gets a list of projects starred by the given user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#list-projects-starred-by-a-user
-func (s *ProjectsService) ListUserStarredProjects(uid interface{}, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
+// https://docs.gitlab.com/api/project_starring/#list-projects-starred-by-a-user
+func (s *ProjectsService) ListUserStarredProjects(uid any, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
 	user, err := parseID(uid)
 	if err != nil {
 		return nil, nil, err
@@ -531,7 +546,7 @@ type ProjectUser struct {
 
 // ListProjectUserOptions represents the available ListProjectsUsers() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#get-project-users
+// GitLab API docs: https://docs.gitlab.com/api/projects/#list-users
 type ListProjectUserOptions struct {
 	ListOptions
 	Search *string `url:"search,omitempty" json:"search,omitempty"`
@@ -540,8 +555,8 @@ type ListProjectUserOptions struct {
 // ListProjectsUsers gets a list of users for the given project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#get-project-users
-func (s *ProjectsService) ListProjectsUsers(pid interface{}, opt *ListProjectUserOptions, options ...RequestOptionFunc) ([]*ProjectUser, *Response, error) {
+// https://docs.gitlab.com/api/projects/#list-users
+func (s *ProjectsService) ListProjectsUsers(pid any, opt *ListProjectUserOptions, options ...RequestOptionFunc) ([]*ProjectUser, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -563,6 +578,7 @@ func (s *ProjectsService) ListProjectsUsers(pid interface{}, opt *ListProjectUse
 }
 
 // ProjectGroup represents a GitLab project group.
+// GitLab API docs: https://docs.gitlab.com/api/projects/#list-groups
 type ProjectGroup struct {
 	ID        int    `json:"id"`
 	Name      string `json:"name"`
@@ -574,7 +590,7 @@ type ProjectGroup struct {
 
 // ListProjectGroupOptions represents the available ListProjectsGroups() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#list-a-projects-groups
+// GitLab API docs: https://docs.gitlab.com/api/projects/#list-groups
 type ListProjectGroupOptions struct {
 	ListOptions
 	Search               *string           `url:"search,omitempty" json:"search,omitempty"`
@@ -587,8 +603,8 @@ type ListProjectGroupOptions struct {
 // ListProjectsGroups gets a list of groups for the given project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#list-a-projects-groups
-func (s *ProjectsService) ListProjectsGroups(pid interface{}, opt *ListProjectGroupOptions, options ...RequestOptionFunc) ([]*ProjectGroup, *Response, error) {
+// https://docs.gitlab.com/api/projects/#list-groups
+func (s *ProjectsService) ListProjectsGroups(pid any, opt *ListProjectGroupOptions, options ...RequestOptionFunc) ([]*ProjectGroup, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -611,13 +627,15 @@ func (s *ProjectsService) ListProjectsGroups(pid interface{}, opt *ListProjectGr
 
 // ProjectLanguages is a map of strings because the response is arbitrary
 //
-// Gitlab API docs: https://docs.gitlab.com/ee/api/projects.html#languages
+// Gitlab API docs:
+// https://docs.gitlab.com/api/projects/#list-programming-languages-used
 type ProjectLanguages map[string]float32
 
 // GetProjectLanguages gets a list of languages used by the project
 //
-// GitLab API docs:  https://docs.gitlab.com/ee/api/projects.html#languages
-func (s *ProjectsService) GetProjectLanguages(pid interface{}, options ...RequestOptionFunc) (*ProjectLanguages, *Response, error) {
+// GitLab API docs:
+// https://docs.gitlab.com/api/projects/#list-programming-languages-used
+func (s *ProjectsService) GetProjectLanguages(pid any, options ...RequestOptionFunc) (*ProjectLanguages, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -640,7 +658,7 @@ func (s *ProjectsService) GetProjectLanguages(pid interface{}, options ...Reques
 
 // GetProjectOptions represents the available GetProject() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#get-single-project
+// GitLab API docs: https://docs.gitlab.com/api/projects/#get-a-single-project
 type GetProjectOptions struct {
 	License              *bool `url:"license,omitempty" json:"license,omitempty"`
 	Statistics           *bool `url:"statistics,omitempty" json:"statistics,omitempty"`
@@ -651,8 +669,8 @@ type GetProjectOptions struct {
 // NAMESPACE/PROJECT_NAME, which is owned by the authenticated user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#get-single-project
-func (s *ProjectsService) GetProject(pid interface{}, opt *GetProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error) {
+// https://docs.gitlab.com/api/projects/#get-a-single-project
+func (s *ProjectsService) GetProject(pid any, opt *GetProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -675,12 +693,11 @@ func (s *ProjectsService) GetProject(pid interface{}, opt *GetProjectOptions, op
 
 // CreateProjectOptions represents the available CreateProject() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#create-project
+// GitLab API docs: https://docs.gitlab.com/api/projects/#create-a-project
 type CreateProjectOptions struct {
 	AllowMergeOnSkippedPipeline               *bool                                `url:"allow_merge_on_skipped_pipeline,omitempty" json:"allow_merge_on_skipped_pipeline,omitempty"`
 	OnlyAllowMergeIfAllStatusChecksPassed     *bool                                `url:"only_allow_merge_if_all_status_checks_passed,omitempty" json:"only_allow_merge_if_all_status_checks_passed,omitempty"`
 	AnalyticsAccessLevel                      *AccessControlValue                  `url:"analytics_access_level,omitempty" json:"analytics_access_level,omitempty"`
-	ApprovalsBeforeMerge                      *int                                 `url:"approvals_before_merge,omitempty" json:"approvals_before_merge,omitempty"`
 	AutoCancelPendingPipelines                *string                              `url:"auto_cancel_pending_pipelines,omitempty" json:"auto_cancel_pending_pipelines,omitempty"`
 	AutoDevopsDeployStrategy                  *string                              `url:"auto_devops_deploy_strategy,omitempty" json:"auto_devops_deploy_strategy,omitempty"`
 	AutoDevopsEnabled                         *bool                                `url:"auto_devops_enabled,omitempty" json:"auto_devops_enabled,omitempty"`
@@ -710,6 +727,7 @@ type CreateProjectOptions struct {
 	MergePipelinesEnabled                     *bool                                `url:"merge_pipelines_enabled,omitempty" json:"merge_pipelines_enabled,omitempty"`
 	MergeRequestsAccessLevel                  *AccessControlValue                  `url:"merge_requests_access_level,omitempty" json:"merge_requests_access_level,omitempty"`
 	MergeTrainsEnabled                        *bool                                `url:"merge_trains_enabled,omitempty" json:"merge_trains_enabled,omitempty"`
+	MergeTrainsSkipTrainAllowed               *bool                                `url:"merge_trains_skip_train_allowed,omitempty" json:"merge_trains_skip_train_allowed,omitempty"`
 	Mirror                                    *bool                                `url:"mirror,omitempty" json:"mirror,omitempty"`
 	MirrorTriggerBuilds                       *bool                                `url:"mirror_trigger_builds,omitempty" json:"mirror_trigger_builds,omitempty"`
 	ModelExperimentsAccessLevel               *AccessControlValue                  `url:"model_experiments_access_level,omitempty" json:"model_experiments_access_level,omitempty"`
@@ -722,7 +740,6 @@ type CreateProjectOptions struct {
 	PackagesEnabled                           *bool                                `url:"packages_enabled,omitempty" json:"packages_enabled,omitempty"`
 	PagesAccessLevel                          *AccessControlValue                  `url:"pages_access_level,omitempty" json:"pages_access_level,omitempty"`
 	Path                                      *string                              `url:"path,omitempty" json:"path,omitempty"`
-	PublicBuilds                              *bool                                `url:"public_builds,omitempty" json:"public_builds,omitempty"`
 	ReleasesAccessLevel                       *AccessControlValue                  `url:"releases_access_level,omitempty" json:"releases_access_level,omitempty"`
 	EnvironmentsAccessLevel                   *AccessControlValue                  `url:"environments_access_level,omitempty" json:"environments_access_level,omitempty"`
 	FeatureFlagsAccessLevel                   *AccessControlValue                  `url:"feature_flags_access_level,omitempty" json:"feature_flags_access_level,omitempty"`
@@ -750,6 +767,10 @@ type CreateProjectOptions struct {
 	Visibility                                *VisibilityValue                     `url:"visibility,omitempty" json:"visibility,omitempty"`
 	WikiAccessLevel                           *AccessControlValue                  `url:"wiki_access_level,omitempty" json:"wiki_access_level,omitempty"`
 
+	// Deprecated: use Merge Request Approvals API instead
+	ApprovalsBeforeMerge *int `url:"approvals_before_merge,omitempty" json:"approvals_before_merge,omitempty"`
+	// Deprecated: use PublicJobs instead
+	PublicBuilds *bool `url:"public_builds,omitempty" json:"public_builds,omitempty"`
 	// Deprecated: No longer supported in recent versions.
 	CIForwardDeploymentEnabled *bool `url:"ci_forward_deployment_enabled,omitempty" json:"ci_forward_deployment_enabled,omitempty"`
 	// Deprecated: Use ContainerRegistryAccessLevel instead.
@@ -779,7 +800,7 @@ type CreateProjectOptions struct {
 // ContainerExpirationPolicyAttributes represents the available container
 // expiration policy attributes.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#create-project
+// GitLab API docs: https://docs.gitlab.com/api/projects/#create-a-project
 type ContainerExpirationPolicyAttributes struct {
 	Cadence         *string `url:"cadence,omitempty" json:"cadence,omitempty"`
 	KeepN           *int    `url:"keep_n,omitempty" json:"keep_n,omitempty"`
@@ -794,7 +815,7 @@ type ContainerExpirationPolicyAttributes struct {
 
 // ProjectAvatar represents a GitLab project avatar.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#create-project
+// GitLab API docs: https://docs.gitlab.com/api/projects/#create-a-project
 type ProjectAvatar struct {
 	Filename string
 	Image    io.Reader
@@ -811,7 +832,7 @@ func (a *ProjectAvatar) MarshalJSON() ([]byte, error) {
 
 // CreateProject creates a new project owned by the authenticated user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#create-project
+// GitLab API docs: https://docs.gitlab.com/api/projects/#create-a-project
 func (s *ProjectsService) CreateProject(opt *CreateProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error) {
 	if opt.ContainerExpirationPolicyAttributes != nil {
 		// This is needed to satisfy the API. Should be deleted
@@ -852,14 +873,14 @@ func (s *ProjectsService) CreateProject(opt *CreateProjectOptions, options ...Re
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#create-project-for-user
+// https://docs.gitlab.com/api/projects/#create-a-project-for-a-user
 type CreateProjectForUserOptions CreateProjectOptions
 
 // CreateProjectForUser creates a new project owned by the specified user.
 // Available only for admins.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#create-project-for-user
+// https://docs.gitlab.com/api/projects/#create-a-project-for-a-user
 func (s *ProjectsService) CreateProjectForUser(user int, opt *CreateProjectForUserOptions, options ...RequestOptionFunc) (*Project, *Response, error) {
 	if opt.ContainerExpirationPolicyAttributes != nil {
 		// This is needed to satisfy the API. Should be deleted
@@ -899,16 +920,16 @@ func (s *ProjectsService) CreateProjectForUser(user int, opt *CreateProjectForUs
 
 // EditProjectOptions represents the available EditProject() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#edit-project
+// GitLab API docs: https://docs.gitlab.com/api/projects/#edit-a-project
 type EditProjectOptions struct {
 	AllowMergeOnSkippedPipeline               *bool                                        `url:"allow_merge_on_skipped_pipeline,omitempty" json:"allow_merge_on_skipped_pipeline,omitempty"`
 	AllowPipelineTriggerApproveDeployment     *bool                                        `url:"allow_pipeline_trigger_approve_deployment,omitempty" json:"allow_pipeline_trigger_approve_deployment,omitempty"`
 	OnlyAllowMergeIfAllStatusChecksPassed     *bool                                        `url:"only_allow_merge_if_all_status_checks_passed,omitempty" json:"only_allow_merge_if_all_status_checks_passed,omitempty"`
 	AnalyticsAccessLevel                      *AccessControlValue                          `url:"analytics_access_level,omitempty" json:"analytics_access_level,omitempty"`
-	ApprovalsBeforeMerge                      *int                                         `url:"approvals_before_merge,omitempty" json:"approvals_before_merge,omitempty"`
 	AutoCancelPendingPipelines                *string                                      `url:"auto_cancel_pending_pipelines,omitempty" json:"auto_cancel_pending_pipelines,omitempty"`
 	AutoDevopsDeployStrategy                  *string                                      `url:"auto_devops_deploy_strategy,omitempty" json:"auto_devops_deploy_strategy,omitempty"`
 	AutoDevopsEnabled                         *bool                                        `url:"auto_devops_enabled,omitempty" json:"auto_devops_enabled,omitempty"`
+	AutoDuoCodeReviewEnabled                  *bool                                        `url:"auto_duo_code_review_enabled,omitempty" json:"auto_duo_code_review_enabled,omitempty"`
 	AutocloseReferencedIssues                 *bool                                        `url:"autoclose_referenced_issues,omitempty" json:"autoclose_referenced_issues,omitempty"`
 	Avatar                                    *ProjectAvatar                               `url:"-" json:"avatar,omitempty"`
 	BuildCoverageRegex                        *string                                      `url:"build_coverage_regex,omitempty" json:"build_coverage_regex,omitempty"`
@@ -920,6 +941,7 @@ type EditProjectOptions struct {
 	CIDeletePipelinesInSeconds                *int                                         `url:"ci_delete_pipelines_in_seconds,omitempty" json:"ci_delete_pipelines_in_seconds,omitempty"`
 	CIForwardDeploymentEnabled                *bool                                        `url:"ci_forward_deployment_enabled,omitempty" json:"ci_forward_deployment_enabled,omitempty"`
 	CIForwardDeploymentRollbackAllowed        *bool                                        `url:"ci_forward_deployment_rollback_allowed,omitempty" json:"ci_forward_deployment_rollback_allowed,omitempty"`
+	CIPushRepositoryForJobTokenAllowed        *bool                                        `url:"ci_push_repository_for_job_token_allowed,omitempty" json:"ci_push_repository_for_job_token_allowed,omitempty"`
 	CIIdTokenSubClaimComponents               *[]string                                    `url:"ci_id_token_sub_claim_components,omitempty" json:"ci_id_token_sub_claim_components,omitempty"`
 	CISeperateCache                           *bool                                        `url:"ci_separated_caches,omitempty" json:"ci_separated_caches,omitempty"`
 	CIRestrictPipelineCancellationRole        *AccessControlValue                          `url:"ci_restrict_pipeline_cancellation_role,omitempty" json:"ci_restrict_pipeline_cancellation_role,omitempty"`
@@ -945,6 +967,7 @@ type EditProjectOptions struct {
 	MergeRequestsAccessLevel                  *AccessControlValue                          `url:"merge_requests_access_level,omitempty" json:"merge_requests_access_level,omitempty"`
 	MergeRequestsTemplate                     *string                                      `url:"merge_requests_template,omitempty" json:"merge_requests_template,omitempty"`
 	MergeTrainsEnabled                        *bool                                        `url:"merge_trains_enabled,omitempty" json:"merge_trains_enabled,omitempty"`
+	MergeTrainsSkipTrainAllowed               *bool                                        `url:"merge_trains_skip_train_allowed,omitempty" json:"merge_trains_skip_train_allowed,omitempty"`
 	Mirror                                    *bool                                        `url:"mirror,omitempty" json:"mirror,omitempty"`
 	MirrorBranchRegex                         *string                                      `url:"mirror_branch_regex,omitempty" json:"mirror_branch_regex,omitempty"`
 	MirrorOverwritesDivergedBranches          *bool                                        `url:"mirror_overwrites_diverged_branches,omitempty" json:"mirror_overwrites_diverged_branches,omitempty"`
@@ -960,7 +983,7 @@ type EditProjectOptions struct {
 	PackagesEnabled                           *bool                                        `url:"packages_enabled,omitempty" json:"packages_enabled,omitempty"`
 	PagesAccessLevel                          *AccessControlValue                          `url:"pages_access_level,omitempty" json:"pages_access_level,omitempty"`
 	Path                                      *string                                      `url:"path,omitempty" json:"path,omitempty"`
-	PublicBuilds                              *bool                                        `url:"public_builds,omitempty" json:"public_builds,omitempty"`
+	PublicJobs                                *bool                                        `url:"public_jobs,omitempty" json:"public_jobs,omitempty"`
 	ReleasesAccessLevel                       *AccessControlValue                          `url:"releases_access_level,omitempty" json:"releases_access_level,omitempty"`
 	EnvironmentsAccessLevel                   *AccessControlValue                          `url:"environments_access_level,omitempty" json:"environments_access_level,omitempty"`
 	FeatureFlagsAccessLevel                   *AccessControlValue                          `url:"feature_flags_access_level,omitempty" json:"feature_flags_access_level,omitempty"`
@@ -974,7 +997,6 @@ type EditProjectOptions struct {
 	RequestAccessEnabled                      *bool                                        `url:"request_access_enabled,omitempty" json:"request_access_enabled,omitempty"`
 	RequirementsAccessLevel                   *AccessControlValue                          `url:"requirements_access_level,omitempty" json:"requirements_access_level,omitempty"`
 	ResolveOutdatedDiffDiscussions            *bool                                        `url:"resolve_outdated_diff_discussions,omitempty" json:"resolve_outdated_diff_discussions,omitempty"`
-	RestrictUserDefinedVariables              *bool                                        `url:"restrict_user_defined_variables,omitempty" json:"restrict_user_defined_variables,omitempty"`
 	SecurityAndComplianceAccessLevel          *AccessControlValue                          `url:"security_and_compliance_access_level,omitempty" json:"security_and_compliance_access_level,omitempty"`
 	ServiceDeskEnabled                        *bool                                        `url:"service_desk_enabled,omitempty" json:"service_desk_enabled,omitempty"`
 	SharedRunnersEnabled                      *bool                                        `url:"shared_runners_enabled,omitempty" json:"shared_runners_enabled,omitempty"`
@@ -988,6 +1010,12 @@ type EditProjectOptions struct {
 	Visibility                                *VisibilityValue                             `url:"visibility,omitempty" json:"visibility,omitempty"`
 	WikiAccessLevel                           *AccessControlValue                          `url:"wiki_access_level,omitempty" json:"wiki_access_level,omitempty"`
 
+	// Deprecated: use Merge Request Approvals API instead
+	ApprovalsBeforeMerge *int `url:"approvals_before_merge,omitempty" json:"approvals_before_merge,omitempty"`
+	// Deprecated: use PublicJobs instead
+	PublicBuilds *bool `url:"public_builds,omitempty" json:"public_builds,omitempty"`
+	// Deprecated: use CIPipelineVariablesMinimumOverrideRole instead
+	RestrictUserDefinedVariables *bool `url:"restrict_user_defined_variables,omitempty" json:"restrict_user_defined_variables,omitempty"`
 	// Deprecated: Use ContainerRegistryAccessLevel instead.
 	ContainerRegistryEnabled *bool `url:"container_registry_enabled,omitempty" json:"container_registry_enabled,omitempty"`
 	// Deprecated: Use EmailsEnabled instead
@@ -1008,8 +1036,8 @@ type EditProjectOptions struct {
 
 // EditProject updates an existing project.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#edit-project
-func (s *ProjectsService) EditProject(pid interface{}, opt *EditProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/projects/#edit-a-project
+func (s *ProjectsService) EditProject(pid any, opt *EditProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error) {
 	if opt.ContainerExpirationPolicyAttributes != nil {
 		// This is needed to satisfy the API. Should be deleted
 		// when NameRegex is removed (it's now deprecated).
@@ -1052,8 +1080,10 @@ func (s *ProjectsService) EditProject(pid interface{}, opt *EditProjectOptions,
 
 // ForkProjectOptions represents the available ForkProject() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#fork-project
+// GitLab API docs:
+// https://docs.gitlab.com/api/project_forks/#fork-a-project
 type ForkProjectOptions struct {
+	Branches                      *string          `url:"branches,omitempty" json:"branches,omitempty"`
 	Description                   *string          `url:"description,omitempty" json:"description,omitempty"`
 	MergeRequestDefaultTargetSelf *bool            `url:"mr_default_target_self,omitempty" json:"mr_default_target_self,omitempty"`
 	Name                          *string          `url:"name,omitempty" json:"name,omitempty"`
@@ -1069,8 +1099,9 @@ type ForkProjectOptions struct {
 // ForkProject forks a project into the user namespace of the authenticated
 // user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#fork-project
-func (s *ProjectsService) ForkProject(pid interface{}, opt *ForkProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error) {
+// GitLab API docs:
+// https://docs.gitlab.com/api/project_forks/#fork-a-project
+func (s *ProjectsService) ForkProject(pid any, opt *ForkProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1094,8 +1125,8 @@ func (s *ProjectsService) ForkProject(pid interface{}, opt *ForkProjectOptions,
 // StarProject stars a given the project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#star-a-project
-func (s *ProjectsService) StarProject(pid interface{}, options ...RequestOptionFunc) (*Project, *Response, error) {
+// https://docs.gitlab.com/api/project_starring/#star-a-project
+func (s *ProjectsService) StarProject(pid any, options ...RequestOptionFunc) (*Project, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1120,7 +1151,7 @@ func (s *ProjectsService) StarProject(pid interface{}, options ...RequestOptionF
 // ListProjectsInvitedGroups() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#list-a-projects-invited-groups
+// https://docs.gitlab.com/api/projects/#list-a-projects-invited-groups
 type ListProjectInvidedGroupOptions struct {
 	ListOptions
 	Search               *string           `url:"search,omitempty" json:"search,omitempty"`
@@ -1132,8 +1163,8 @@ type ListProjectInvidedGroupOptions struct {
 // ListProjectsInvitedGroups lists invited groups of a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#list-a-projects-invited-groups
-func (s *ProjectsService) ListProjectsInvitedGroups(pid interface{}, opt *ListProjectInvidedGroupOptions, options ...RequestOptionFunc) ([]*ProjectGroup, *Response, error) {
+// https://docs.gitlab.com/api/projects/#list-a-projects-invited-groups
+func (s *ProjectsService) ListProjectsInvitedGroups(pid any, opt *ListProjectInvidedGroupOptions, options ...RequestOptionFunc) ([]*ProjectGroup, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1157,8 +1188,8 @@ func (s *ProjectsService) ListProjectsInvitedGroups(pid interface{}, opt *ListPr
 // UnstarProject unstars a given project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#unstar-a-project
-func (s *ProjectsService) UnstarProject(pid interface{}, options ...RequestOptionFunc) (*Project, *Response, error) {
+// https://docs.gitlab.com/api/project_starring/#unstar-a-project
+func (s *ProjectsService) UnstarProject(pid any, options ...RequestOptionFunc) (*Project, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1183,8 +1214,8 @@ func (s *ProjectsService) UnstarProject(pid interface{}, options ...RequestOptio
 // project owner of this project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#archive-a-project
-func (s *ProjectsService) ArchiveProject(pid interface{}, options ...RequestOptionFunc) (*Project, *Response, error) {
+// https://docs.gitlab.com/api/projects/#archive-a-project
+func (s *ProjectsService) ArchiveProject(pid any, options ...RequestOptionFunc) (*Project, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1209,8 +1240,8 @@ func (s *ProjectsService) ArchiveProject(pid interface{}, options ...RequestOpti
 // the project owner of this project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#unarchive-a-project
-func (s *ProjectsService) UnarchiveProject(pid interface{}, options ...RequestOptionFunc) (*Project, *Response, error) {
+// https://docs.gitlab.com/api/projects/#unarchive-a-project
+func (s *ProjectsService) UnarchiveProject(pid any, options ...RequestOptionFunc) (*Project, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1234,7 +1265,7 @@ func (s *ProjectsService) UnarchiveProject(pid interface{}, options ...RequestOp
 // DeleteProjectOptions represents the available DeleteProject() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#delete-project
+// https://docs.gitlab.com/api/projects/#delete-a-project
 type DeleteProjectOptions struct {
 	FullPath          *string `url:"full_path" json:"full_path"`
 	PermanentlyRemove *bool   `url:"permanently_remove" json:"permanently_remove"`
@@ -1244,8 +1275,8 @@ type DeleteProjectOptions struct {
 // (issues, merge requests etc.)
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#delete-project
-func (s *ProjectsService) DeleteProject(pid interface{}, opt *DeleteProjectOptions, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/projects/#delete-a-project
+func (s *ProjectsService) DeleteProject(pid any, opt *DeleteProjectOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1262,7 +1293,7 @@ func (s *ProjectsService) DeleteProject(pid interface{}, opt *DeleteProjectOptio
 
 // ShareWithGroupOptions represents the available SharedWithGroup() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#share-project-with-group
+// GitLab API docs: https://docs.gitlab.com/api/projects/#share-a-project-with-a-group
 type ShareWithGroupOptions struct {
 	ExpiresAt   *string           `url:"expires_at" json:"expires_at"`
 	GroupAccess *AccessLevelValue `url:"group_access" json:"group_access"`
@@ -1271,8 +1302,8 @@ type ShareWithGroupOptions struct {
 
 // ShareProjectWithGroup allows to share a project with a group.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#share-project-with-group
-func (s *ProjectsService) ShareProjectWithGroup(pid interface{}, opt *ShareWithGroupOptions, options ...RequestOptionFunc) (*Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/projects/#share-a-project-with-a-group
+func (s *ProjectsService) ShareProjectWithGroup(pid any, opt *ShareWithGroupOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1289,8 +1320,9 @@ func (s *ProjectsService) ShareProjectWithGroup(pid interface{}, opt *ShareWithG
 
 // DeleteSharedProjectFromGroup allows to unshare a project from a group.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#delete-a-shared-project-link-within-a-group
-func (s *ProjectsService) DeleteSharedProjectFromGroup(pid interface{}, groupID int, options ...RequestOptionFunc) (*Response, error) {
+// GitLab API docs:
+// https://docs.gitlab.com/api/projects/#delete-a-shared-project-link-in-a-group
+func (s *ProjectsService) DeleteSharedProjectFromGroup(pid any, groupID int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1317,7 +1349,7 @@ type HookCustomHeader struct {
 // ProjectHook represents a project hook.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#list-project-hooks
+// https://docs.gitlab.com/api/project_webhooks/#list-webhooks-for-a-project
 type ProjectHook struct {
 	ID                        int                 `json:"id"`
 	URL                       string              `json:"url"`
@@ -1347,14 +1379,15 @@ type ProjectHook struct {
 
 // ListProjectHooksOptions represents the available ListProjectHooks() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#list-project-hooks
+// GitLab API docs:
+// https://docs.gitlab.com/api/project_webhooks/#list-webhooks-for-a-project
 type ListProjectHooksOptions ListOptions
 
 // ListProjectHooks gets a list of project hooks.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#list-project-hooks
-func (s *ProjectsService) ListProjectHooks(pid interface{}, opt *ListProjectHooksOptions, options ...RequestOptionFunc) ([]*ProjectHook, *Response, error) {
+// https://docs.gitlab.com/api/project_webhooks/#list-webhooks-for-a-project
+func (s *ProjectsService) ListProjectHooks(pid any, opt *ListProjectHooksOptions, options ...RequestOptionFunc) ([]*ProjectHook, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1378,8 +1411,8 @@ func (s *ProjectsService) ListProjectHooks(pid interface{}, opt *ListProjectHook
 // GetProjectHook gets a specific hook for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#get-project-hook
-func (s *ProjectsService) GetProjectHook(pid interface{}, hook int, options ...RequestOptionFunc) (*ProjectHook, *Response, error) {
+// https://docs.gitlab.com/api/project_webhooks/#get-a-project-webhook
+func (s *ProjectsService) GetProjectHook(pid any, hook int, options ...RequestOptionFunc) (*ProjectHook, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1403,7 +1436,7 @@ func (s *ProjectsService) GetProjectHook(pid interface{}, hook int, options ...R
 // AddProjectHookOptions represents the available AddProjectHook() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#add-project-hook
+// https://docs.gitlab.com/api/project_webhooks/#add-a-webhook-to-a-project
 type AddProjectHookOptions struct {
 	Name                      *string              `url:"name,omitempty" json:"name,omitempty"`
 	Description               *string              `url:"description,omitempty" json:"description,omitempty"`
@@ -1431,8 +1464,8 @@ type AddProjectHookOptions struct {
 // AddProjectHook adds a hook to a specified project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#add-project-hook
-func (s *ProjectsService) AddProjectHook(pid interface{}, opt *AddProjectHookOptions, options ...RequestOptionFunc) (*ProjectHook, *Response, error) {
+// https://docs.gitlab.com/api/project_webhooks/#add-a-webhook-to-a-project
+func (s *ProjectsService) AddProjectHook(pid any, opt *AddProjectHookOptions, options ...RequestOptionFunc) (*ProjectHook, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1456,7 +1489,7 @@ func (s *ProjectsService) AddProjectHook(pid interface{}, opt *AddProjectHookOpt
 // EditProjectHookOptions represents the available EditProjectHook() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#edit-project-hook
+// https://docs.gitlab.com/api/project_webhooks/#edit-a-project-webhook
 type EditProjectHookOptions struct {
 	Name                      *string              `url:"name,omitempty" json:"name,omitempty"`
 	Description               *string              `url:"description,omitempty" json:"description,omitempty"`
@@ -1484,8 +1517,8 @@ type EditProjectHookOptions struct {
 // EditProjectHook edits a hook for a specified project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#edit-project-hook
-func (s *ProjectsService) EditProjectHook(pid interface{}, hook int, opt *EditProjectHookOptions, options ...RequestOptionFunc) (*ProjectHook, *Response, error) {
+// https://docs.gitlab.com/api/project_webhooks/#edit-a-project-webhook
+func (s *ProjectsService) EditProjectHook(pid any, hook int, opt *EditProjectHookOptions, options ...RequestOptionFunc) (*ProjectHook, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1510,8 +1543,8 @@ func (s *ProjectsService) EditProjectHook(pid interface{}, hook int, opt *EditPr
 // method and can be called multiple times. Either the hook is available or not.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#delete-project-hook
-func (s *ProjectsService) DeleteProjectHook(pid interface{}, hook int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_webhooks/#delete-project-webhook
+func (s *ProjectsService) DeleteProjectHook(pid any, hook int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1537,8 +1570,8 @@ func (s *ProjectsService) DeleteProjectHook(pid interface{}, hook int, options .
 // an administrator can disable the feature flag named web_hook_test_api_endpoint_rate_limit.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#trigger-a-test-project-hook
-func (s *ProjectsService) TriggerTestProjectHook(pid interface{}, hook int, event ProjectHookEvent, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_webhooks/#trigger-a-test-project-webhook
+func (s *ProjectsService) TriggerTestProjectHook(pid any, hook int, event ProjectHookEvent, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1557,7 +1590,7 @@ func (s *ProjectsService) TriggerTestProjectHook(pid interface{}, hook int, even
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#set-a-custom-header
+// https://docs.gitlab.com/api/project_webhooks/#set-a-custom-header
 type SetHookCustomHeaderOptions struct {
 	Value *string `json:"value,omitempty"`
 }
@@ -1565,8 +1598,8 @@ type SetHookCustomHeaderOptions struct {
 // SetProjectCustomHeader creates or updates a project custom webhook header.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#set-a-custom-header
-func (s *ProjectsService) SetProjectCustomHeader(pid interface{}, hook int, key string, opt *SetHookCustomHeaderOptions, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_webhooks/#set-a-custom-header
+func (s *ProjectsService) SetProjectCustomHeader(pid any, hook int, key string, opt *SetHookCustomHeaderOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1584,8 +1617,8 @@ func (s *ProjectsService) SetProjectCustomHeader(pid interface{}, hook int, key
 // DeleteProjectCustomHeader deletes a project custom webhook header.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#delete-a-custom-header
-func (s *ProjectsService) DeleteProjectCustomHeader(pid interface{}, hook int, key string, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_webhooks/#delete-a-custom-header
+func (s *ProjectsService) DeleteProjectCustomHeader(pid any, hook int, key string, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1603,7 +1636,7 @@ func (s *ProjectsService) DeleteProjectCustomHeader(pid interface{}, hook int, k
 // ProjectForkRelation represents a project fork relationship.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#admin-fork-relation
+// https://docs.gitlab.com/api/project_forks/#create-a-fork-relationship-between-projects
 type ProjectForkRelation struct {
 	ID                  int        `json:"id"`
 	ForkedToProjectID   int        `json:"forked_to_project_id"`
@@ -1616,8 +1649,8 @@ type ProjectForkRelation struct {
 // existing projects.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#create-a-forked-fromto-relation-between-existing-projects.
-func (s *ProjectsService) CreateProjectForkRelation(pid interface{}, fork int, options ...RequestOptionFunc) (*ProjectForkRelation, *Response, error) {
+// https://docs.gitlab.com/api/project_forks/#create-a-fork-relationship-between-projects
+func (s *ProjectsService) CreateProjectForkRelation(pid any, fork int, options ...RequestOptionFunc) (*ProjectForkRelation, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1641,8 +1674,8 @@ func (s *ProjectsService) CreateProjectForkRelation(pid interface{}, fork int, o
 // DeleteProjectForkRelation deletes an existing forked from relationship.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#delete-an-existing-forked-from-relationship
-func (s *ProjectsService) DeleteProjectForkRelation(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_forks/#delete-a-fork-relationship-between-projects
+func (s *ProjectsService) DeleteProjectForkRelation(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1657,57 +1690,11 @@ func (s *ProjectsService) DeleteProjectForkRelation(pid interface{}, options ...
 	return s.client.Do(req, nil)
 }
 
-// ProjectFile represents an uploaded project file.
-//
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#upload-a-file
-type ProjectFile struct {
-	Alt      string `json:"alt"`
-	URL      string `json:"url"`
-	FullPath string `json:"full_path"`
-	Markdown string `json:"markdown"`
-}
-
-// UploadFile uploads a file.
-//
-// Deprecated: UploadFile is deprecated and will be removed in a future release.
-// Use [ProjectMarkdownUploadsService.UploadProjectMarkdown] instead for uploading
-// markdown files to a project.
-//
-// GitLab API docs: https://docs.gitlab.com/ee/api/project_markdown_uploads.html#upload-a-file
-func (s *ProjectsService) UploadFile(pid interface{}, content io.Reader, filename string, options ...RequestOptionFunc) (*ProjectFile, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/uploads", PathEscape(project))
-
-	req, err := s.client.UploadRequest(
-		http.MethodPost,
-		u,
-		content,
-		filename,
-		UploadFile,
-		nil,
-		options,
-	)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	pf := new(ProjectFile)
-	resp, err := s.client.Do(req, pf)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return pf, resp, nil
-}
-
 // UploadAvatar uploads an avatar.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#upload-a-project-avatar
-func (s *ProjectsService) UploadAvatar(pid interface{}, avatar io.Reader, filename string, options ...RequestOptionFunc) (*Project, *Response, error) {
+// https://docs.gitlab.com/api/projects/#upload-a-project-avatar
+func (s *ProjectsService) UploadAvatar(pid any, avatar io.Reader, filename string, options ...RequestOptionFunc) (*Project, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1739,8 +1726,8 @@ func (s *ProjectsService) UploadAvatar(pid interface{}, avatar io.Reader, filena
 // DownloadAvatar downloads an avatar.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#download-a-project-avatar
-func (s *ProjectsService) DownloadAvatar(pid interface{}, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
+// https://docs.gitlab.com/api/projects/#download-a-project-avatar
+func (s *ProjectsService) DownloadAvatar(pid any, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1764,8 +1751,8 @@ func (s *ProjectsService) DownloadAvatar(pid interface{}, options ...RequestOpti
 // ListProjectForks gets a list of project forks.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#list-forks-of-a-project
-func (s *ProjectsService) ListProjectForks(pid interface{}, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
+// https://docs.gitlab.com/api/project_forks/#list-forks-of-a-project
+func (s *ProjectsService) ListProjectForks(pid any, opt *ListProjectsOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1789,7 +1776,7 @@ func (s *ProjectsService) ListProjectForks(pid interface{}, opt *ListProjectsOpt
 // ProjectPushRules represents a project push rule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#push-rules
+// https://docs.gitlab.com/api/project_push_rules/
 type ProjectPushRules struct {
 	ID                         int        `json:"id"`
 	ProjectID                  int        `json:"project_id"`
@@ -1812,8 +1799,8 @@ type ProjectPushRules struct {
 // GetProjectPushRules gets the push rules of a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#get-project-push-rules
-func (s *ProjectsService) GetProjectPushRules(pid interface{}, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error) {
+// https://docs.gitlab.com/api/project_push_rules/#get-project-push-rules
+func (s *ProjectsService) GetProjectPushRules(pid any, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1838,7 +1825,7 @@ func (s *ProjectsService) GetProjectPushRules(pid interface{}, options ...Reques
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#add-project-push-rule
+// https://docs.gitlab.com/api/project_push_rules/#add-a-project-push-rule
 type AddProjectPushRuleOptions struct {
 	AuthorEmailRegex           *string `url:"author_email_regex,omitempty" json:"author_email_regex,omitempty"`
 	BranchNameRegex            *string `url:"branch_name_regex,omitempty" json:"branch_name_regex,omitempty"`
@@ -1858,8 +1845,8 @@ type AddProjectPushRuleOptions struct {
 // AddProjectPushRule adds a push rule to a specified project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#add-project-push-rule
-func (s *ProjectsService) AddProjectPushRule(pid interface{}, opt *AddProjectPushRuleOptions, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error) {
+// https://docs.gitlab.com/api/project_push_rules/#add-a-project-push-rule
+func (s *ProjectsService) AddProjectPushRule(pid any, opt *AddProjectPushRuleOptions, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1884,7 +1871,7 @@ func (s *ProjectsService) AddProjectPushRule(pid interface{}, opt *AddProjectPus
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#edit-project-push-rule
+// https://docs.gitlab.com/api/project_push_rules/#edit-project-push-rule
 type EditProjectPushRuleOptions struct {
 	AuthorEmailRegex           *string `url:"author_email_regex,omitempty" json:"author_email_regex,omitempty"`
 	BranchNameRegex            *string `url:"branch_name_regex,omitempty" json:"branch_name_regex,omitempty"`
@@ -1904,8 +1891,8 @@ type EditProjectPushRuleOptions struct {
 // EditProjectPushRule edits a push rule for a specified project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#edit-project-push-rule
-func (s *ProjectsService) EditProjectPushRule(pid interface{}, opt *EditProjectPushRuleOptions, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error) {
+// https://docs.gitlab.com/api/project_push_rules/#edit-project-push-rule
+func (s *ProjectsService) EditProjectPushRule(pid any, opt *EditProjectPushRuleOptions, options ...RequestOptionFunc) (*ProjectPushRules, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1931,8 +1918,8 @@ func (s *ProjectsService) EditProjectPushRule(pid interface{}, opt *EditProjectP
 // available or not.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#delete-project-push-rule
-func (s *ProjectsService) DeleteProjectPushRule(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_push_rules/#delete-project-push-rule
+func (s *ProjectsService) DeleteProjectPushRule(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1950,24 +1937,26 @@ func (s *ProjectsService) DeleteProjectPushRule(pid interface{}, options ...Requ
 // ProjectApprovals represents GitLab project level merge request approvals.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#project-level-mr-approvals
+// https://docs.gitlab.com/api/merge_request_approvals/#project-approval-rules
 type ProjectApprovals struct {
 	Approvers                                 []*MergeRequestApproverUser  `json:"approvers"`
 	ApproverGroups                            []*MergeRequestApproverGroup `json:"approver_groups"`
-	ApprovalsBeforeMerge                      int                          `json:"approvals_before_merge"`
 	ResetApprovalsOnPush                      bool                         `json:"reset_approvals_on_push"`
 	DisableOverridingApproversPerMergeRequest bool                         `json:"disable_overriding_approvers_per_merge_request"`
 	MergeRequestsAuthorApproval               bool                         `json:"merge_requests_author_approval"`
 	MergeRequestsDisableCommittersApproval    bool                         `json:"merge_requests_disable_committers_approval"`
 	RequirePasswordToApprove                  bool                         `json:"require_password_to_approve"`
 	SelectiveCodeOwnerRemovals                bool                         `json:"selective_code_owner_removals,omitempty"`
+
+	// Deprecated: use Merge Request Approvals API instead
+	ApprovalsBeforeMerge int `json:"approvals_before_merge"`
 }
 
 // GetApprovalConfiguration get the approval configuration for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#get-configuration
-func (s *ProjectsService) GetApprovalConfiguration(pid interface{}, options ...RequestOptionFunc) (*ProjectApprovals, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#project-approval-rules
+func (s *ProjectsService) GetApprovalConfiguration(pid any, options ...RequestOptionFunc) (*ProjectApprovals, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1992,22 +1981,24 @@ func (s *ProjectsService) GetApprovalConfiguration(pid interface{}, options ...R
 // ApprovalConfiguration() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#change-configuration
+// https://docs.gitlab.com/api/merge_request_approvals/#change-configuration
 type ChangeApprovalConfigurationOptions struct {
-	ApprovalsBeforeMerge                      *int  `url:"approvals_before_merge,omitempty" json:"approvals_before_merge,omitempty"`
 	DisableOverridingApproversPerMergeRequest *bool `url:"disable_overriding_approvers_per_merge_request,omitempty" json:"disable_overriding_approvers_per_merge_request,omitempty"`
 	MergeRequestsAuthorApproval               *bool `url:"merge_requests_author_approval,omitempty" json:"merge_requests_author_approval,omitempty"`
 	MergeRequestsDisableCommittersApproval    *bool `url:"merge_requests_disable_committers_approval,omitempty" json:"merge_requests_disable_committers_approval,omitempty"`
 	RequirePasswordToApprove                  *bool `url:"require_password_to_approve,omitempty" json:"require_password_to_approve,omitempty"`
 	ResetApprovalsOnPush                      *bool `url:"reset_approvals_on_push,omitempty" json:"reset_approvals_on_push,omitempty"`
 	SelectiveCodeOwnerRemovals                *bool `url:"selective_code_owner_removals,omitempty" json:"selective_code_owner_removals,omitempty"`
+
+	// Deprecated: use Merge Request Approvals API instead
+	ApprovalsBeforeMerge *int `url:"approvals_before_merge,omitempty" json:"approvals_before_merge,omitempty"`
 }
 
 // ChangeApprovalConfiguration updates the approval configuration for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#change-configuration
-func (s *ProjectsService) ChangeApprovalConfiguration(pid interface{}, opt *ChangeApprovalConfigurationOptions, options ...RequestOptionFunc) (*ProjectApprovals, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#change-configuration
+func (s *ProjectsService) ChangeApprovalConfiguration(pid any, opt *ChangeApprovalConfigurationOptions, options ...RequestOptionFunc) (*ProjectApprovals, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2032,14 +2023,14 @@ func (s *ProjectsService) ChangeApprovalConfiguration(pid interface{}, opt *Chan
 // GetProjectApprovalRules() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#get-project-level-rules
+// https://docs.gitlab.com/api/merge_request_approvals/#get-all-approval-rules-for-project
 type GetProjectApprovalRulesListsOptions ListOptions
 
 // GetProjectApprovalRules looks up the list of project level approver rules.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#get-project-level-rules
-func (s *ProjectsService) GetProjectApprovalRules(pid interface{}, opt *GetProjectApprovalRulesListsOptions, options ...RequestOptionFunc) ([]*ProjectApprovalRule, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#get-all-approval-rules-for-project
+func (s *ProjectsService) GetProjectApprovalRules(pid any, opt *GetProjectApprovalRulesListsOptions, options ...RequestOptionFunc) ([]*ProjectApprovalRule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2063,8 +2054,8 @@ func (s *ProjectsService) GetProjectApprovalRules(pid interface{}, opt *GetProje
 // GetProjectApprovalRule gets the project level approvers.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#get-a-single-project-level-rule
-func (s *ProjectsService) GetProjectApprovalRule(pid interface{}, ruleID int, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#get-single-approval-rule-for-project
+func (s *ProjectsService) GetProjectApprovalRule(pid any, ruleID int, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2089,7 +2080,7 @@ func (s *ProjectsService) GetProjectApprovalRule(pid interface{}, ruleID int, op
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#create-project-level-rule
+// https://docs.gitlab.com/api/merge_request_approvals/#create-project-approval-rule
 type CreateProjectLevelRuleOptions struct {
 	Name                          *string   `url:"name,omitempty" json:"name,omitempty"`
 	ApprovalsRequired             *int      `url:"approvals_required,omitempty" json:"approvals_required,omitempty"`
@@ -2105,8 +2096,8 @@ type CreateProjectLevelRuleOptions struct {
 // CreateProjectApprovalRule creates a new project-level approval rule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#create-project-level-rule
-func (s *ProjectsService) CreateProjectApprovalRule(pid interface{}, opt *CreateProjectLevelRuleOptions, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#create-project-approval-rule
+func (s *ProjectsService) CreateProjectApprovalRule(pid any, opt *CreateProjectLevelRuleOptions, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2131,7 +2122,7 @@ func (s *ProjectsService) CreateProjectApprovalRule(pid interface{}, opt *Create
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#update-project-level-rule
+// https://docs.gitlab.com/api/merge_request_approvals/#update-project-approval-rule
 type UpdateProjectLevelRuleOptions struct {
 	Name                          *string   `url:"name,omitempty" json:"name,omitempty"`
 	ApprovalsRequired             *int      `url:"approvals_required,omitempty" json:"approvals_required,omitempty"`
@@ -2145,8 +2136,8 @@ type UpdateProjectLevelRuleOptions struct {
 // UpdateProjectApprovalRule updates an existing approval rule with new options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#update-project-level-rule
-func (s *ProjectsService) UpdateProjectApprovalRule(pid interface{}, approvalRule int, opt *UpdateProjectLevelRuleOptions, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#update-project-approval-rule
+func (s *ProjectsService) UpdateProjectApprovalRule(pid any, approvalRule int, opt *UpdateProjectLevelRuleOptions, options ...RequestOptionFunc) (*ProjectApprovalRule, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2170,8 +2161,8 @@ func (s *ProjectsService) UpdateProjectApprovalRule(pid interface{}, approvalRul
 // DeleteProjectApprovalRule deletes a project-level approval rule.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#delete-project-level-rule
-func (s *ProjectsService) DeleteProjectApprovalRule(pid interface{}, approvalRule int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/merge_request_approvals/#delete-project-approval-rule
+func (s *ProjectsService) DeleteProjectApprovalRule(pid any, approvalRule int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -2186,41 +2177,6 @@ func (s *ProjectsService) DeleteProjectApprovalRule(pid interface{}, approvalRul
 	return s.client.Do(req, nil)
 }
 
-// ChangeAllowedApproversOptions represents the available ChangeAllowedApprovers()
-// options.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#change-allowed-approvers
-type ChangeAllowedApproversOptions struct {
-	ApproverGroupIDs *[]int `url:"approver_group_ids,omitempty" json:"approver_group_ids,omitempty"`
-	ApproverIDs      *[]int `url:"approver_ids,omitempty" json:"approver_ids,omitempty"`
-}
-
-// ChangeAllowedApprovers updates the list of approvers and approver groups.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/merge_request_approvals.html#change-allowed-approvers
-func (s *ProjectsService) ChangeAllowedApprovers(pid interface{}, opt *ChangeAllowedApproversOptions, options ...RequestOptionFunc) (*ProjectApprovals, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/approvers", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodPut, u, opt, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	pa := new(ProjectApprovals)
-	resp, err := s.client.Do(req, pa)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return pa, resp, nil
-}
-
 // ProjectPullMirrorDetails represent the details of the configuration pull
 // mirror and its update status.
 //
@@ -2240,7 +2196,7 @@ type ProjectPullMirrorDetails struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/project_pull_mirroring/#get-a-projects-pull-mirror-details
-func (s *ProjectsService) GetProjectPullMirrorDetails(pid interface{}, options ...RequestOptionFunc) (*ProjectPullMirrorDetails, *Response, error) {
+func (s *ProjectsService) GetProjectPullMirrorDetails(pid any, options ...RequestOptionFunc) (*ProjectPullMirrorDetails, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2280,7 +2236,7 @@ type ConfigureProjectPullMirrorOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/project_pull_mirroring/#configure-pull-mirroring-for-a-project
-func (s *ProjectsService) ConfigureProjectPullMirror(pid interface{}, opt *ConfigureProjectPullMirrorOptions, options ...RequestOptionFunc) (*ProjectPullMirrorDetails, *Response, error) {
+func (s *ProjectsService) ConfigureProjectPullMirror(pid any, opt *ConfigureProjectPullMirrorOptions, options ...RequestOptionFunc) (*ProjectPullMirrorDetails, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2305,7 +2261,7 @@ func (s *ProjectsService) ConfigureProjectPullMirror(pid interface{}, opt *Confi
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/project_pull_mirroring/#start-the-pull-mirroring-process-for-a-project
-func (s *ProjectsService) StartMirroringProject(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+func (s *ProjectsService) StartMirroringProject(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -2317,26 +2273,21 @@ func (s *ProjectsService) StartMirroringProject(pid interface{}, options ...Requ
 		return nil, err
 	}
 
-	resp, err := s.client.Do(req, nil)
-	if err != nil {
-		return resp, err
-	}
-
-	return resp, nil
+	return s.client.Do(req, nil)
 }
 
 // TransferProjectOptions represents the available TransferProject() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#transfer-a-project-to-a-new-namespace
+// https://docs.gitlab.com/api/projects/#transfer-a-project-to-a-new-namespace
 type TransferProjectOptions struct {
-	Namespace interface{} `url:"namespace,omitempty" json:"namespace,omitempty"`
+	Namespace any `url:"namespace,omitempty" json:"namespace,omitempty"`
 }
 
 // TransferProject transfer a project into the specified namespace
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#transfer-a-project-to-a-new-namespace
-func (s *ProjectsService) TransferProject(pid interface{}, opt *TransferProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/projects/#transfer-a-project-to-a-new-namespace
+func (s *ProjectsService) TransferProject(pid any, opt *TransferProjectOptions, options ...RequestOptionFunc) (*Project, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2360,8 +2311,8 @@ func (s *ProjectsService) TransferProject(pid interface{}, opt *TransferProjectO
 // StartHousekeepingProject start the Housekeeping task for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#start-the-housekeeping-task-for-a-project
-func (s *ProjectsService) StartHousekeepingProject(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/projects/#start-the-housekeeping-task-for-a-project
+func (s *ProjectsService) StartHousekeepingProject(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -2379,7 +2330,7 @@ func (s *ProjectsService) StartHousekeepingProject(pid interface{}, options ...R
 // GetRepositoryStorage Get the path to repository storage.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/projects.html#get-the-path-to-repository-storage
+// https://docs.gitlab.com/api/projects/#get-the-path-to-repository-storage
 type ProjectReposityStorage struct {
 	ProjectID         int        `json:"project_id"`
 	DiskPath          string     `json:"disk_path"`
@@ -2387,7 +2338,11 @@ type ProjectReposityStorage struct {
 	RepositoryStorage string     `json:"repository_storage"`
 }
 
-func (s *ProjectsService) GetRepositoryStorage(pid interface{}, options ...RequestOptionFunc) (*ProjectReposityStorage, *Response, error) {
+// GetRepositoryStorage Get the path to repository storage.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/projects/#get-the-path-to-repository-storage
+func (s *ProjectsService) GetRepositoryStorage(pid any, options ...RequestOptionFunc) (*ProjectReposityStorage, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/protected_branches.go b/vendor/gitlab.com/gitlab-org/api/client-go/protected_branches.go
index 672d09afa7..d3c1aaa76c 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/protected_branches.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/protected_branches.go
@@ -24,19 +24,18 @@ import (
 
 type (
 	ProtectedBranchesServiceInterface interface {
-		ListProtectedBranches(pid interface{}, opt *ListProtectedBranchesOptions, options ...RequestOptionFunc) ([]*ProtectedBranch, *Response, error)
-		GetProtectedBranch(pid interface{}, branch string, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error)
-		ProtectRepositoryBranches(pid interface{}, opt *ProtectRepositoryBranchesOptions, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error)
-		UnprotectRepositoryBranches(pid interface{}, branch string, options ...RequestOptionFunc) (*Response, error)
-		UpdateProtectedBranch(pid interface{}, branch string, opt *UpdateProtectedBranchOptions, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error)
-		RequireCodeOwnerApprovals(pid interface{}, branch string, opt *RequireCodeOwnerApprovalsOptions, options ...RequestOptionFunc) (*Response, error)
+		ListProtectedBranches(pid any, opt *ListProtectedBranchesOptions, options ...RequestOptionFunc) ([]*ProtectedBranch, *Response, error)
+		GetProtectedBranch(pid any, branch string, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error)
+		ProtectRepositoryBranches(pid any, opt *ProtectRepositoryBranchesOptions, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error)
+		UnprotectRepositoryBranches(pid any, branch string, options ...RequestOptionFunc) (*Response, error)
+		UpdateProtectedBranch(pid any, branch string, opt *UpdateProtectedBranchOptions, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error)
 	}
 
 	// ProtectedBranchesService handles communication with the protected branch
 	// related methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/protected_branches.html
+	// https://docs.gitlab.com/api/protected_branches/
 	ProtectedBranchesService struct {
 		client *Client
 	}
@@ -47,7 +46,7 @@ var _ ProtectedBranchesServiceInterface = (*ProtectedBranchesService)(nil)
 // ProtectedBranch represents a protected branch.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#list-protected-branches
+// https://docs.gitlab.com/api/protected_branches/#list-protected-branches
 type ProtectedBranch struct {
 	ID                        int                        `json:"id"`
 	Name                      string                     `json:"name"`
@@ -62,7 +61,7 @@ type ProtectedBranch struct {
 // branch.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#list-protected-branches
+// https://docs.gitlab.com/api/protected_branches/#list-protected-branches
 type BranchAccessDescription struct {
 	ID                     int              `json:"id"`
 	AccessLevel            AccessLevelValue `json:"access_level"`
@@ -76,7 +75,7 @@ type BranchAccessDescription struct {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#list-protected-branches
+// https://docs.gitlab.com/api/protected_branches/#list-protected-branches
 type ListProtectedBranchesOptions struct {
 	ListOptions
 	Search *string `url:"search,omitempty" json:"search,omitempty"`
@@ -85,8 +84,8 @@ type ListProtectedBranchesOptions struct {
 // ListProtectedBranches gets a list of protected branches from a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#list-protected-branches
-func (s *ProtectedBranchesService) ListProtectedBranches(pid interface{}, opt *ListProtectedBranchesOptions, options ...RequestOptionFunc) ([]*ProtectedBranch, *Response, error) {
+// https://docs.gitlab.com/api/protected_branches/#list-protected-branches
+func (s *ProtectedBranchesService) ListProtectedBranches(pid any, opt *ListProtectedBranchesOptions, options ...RequestOptionFunc) ([]*ProtectedBranch, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -110,8 +109,8 @@ func (s *ProtectedBranchesService) ListProtectedBranches(pid interface{}, opt *L
 // GetProtectedBranch gets a single protected branch or wildcard protected branch.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#get-a-single-protected-branch-or-wildcard-protected-branch
-func (s *ProtectedBranchesService) GetProtectedBranch(pid interface{}, branch string, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error) {
+// https://docs.gitlab.com/api/protected_branches/#get-a-single-protected-branch-or-wildcard-protected-branch
+func (s *ProtectedBranchesService) GetProtectedBranch(pid any, branch string, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -136,7 +135,7 @@ func (s *ProtectedBranchesService) GetProtectedBranch(pid interface{}, branch st
 // ProtectRepositoryBranches() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#protect-repository-branches
+// https://docs.gitlab.com/api/protected_branches/#protect-repository-branches
 type ProtectRepositoryBranchesOptions struct {
 	Name                      *string                     `url:"name,omitempty" json:"name,omitempty"`
 	PushAccessLevel           *AccessLevelValue           `url:"push_access_level,omitempty" json:"push_access_level,omitempty"`
@@ -152,7 +151,7 @@ type ProtectRepositoryBranchesOptions struct {
 // BranchPermissionOptions represents a branch permission option.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#protect-repository-branches
+// https://docs.gitlab.com/api/protected_branches/#protect-repository-branches
 type BranchPermissionOptions struct {
 	ID          *int              `url:"id,omitempty" json:"id,omitempty"`
 	UserID      *int              `url:"user_id,omitempty" json:"user_id,omitempty"`
@@ -166,8 +165,8 @@ type BranchPermissionOptions struct {
 // project repository branches using a wildcard protected branch.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#protect-repository-branches
-func (s *ProtectedBranchesService) ProtectRepositoryBranches(pid interface{}, opt *ProtectRepositoryBranchesOptions, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error) {
+// https://docs.gitlab.com/api/protected_branches/#protect-repository-branches
+func (s *ProtectedBranchesService) ProtectRepositoryBranches(pid any, opt *ProtectRepositoryBranchesOptions, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -192,8 +191,8 @@ func (s *ProtectedBranchesService) ProtectRepositoryBranches(pid interface{}, op
 // protected branch.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#unprotect-repository-branches
-func (s *ProtectedBranchesService) UnprotectRepositoryBranches(pid interface{}, branch string, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/protected_branches/#unprotect-repository-branches
+func (s *ProtectedBranchesService) UnprotectRepositoryBranches(pid any, branch string, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -212,7 +211,7 @@ func (s *ProtectedBranchesService) UnprotectRepositoryBranches(pid interface{},
 // UpdateProtectedBranch() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#update-a-protected-branch
+// https://docs.gitlab.com/api/protected_branches/#update-a-protected-branch
 type UpdateProtectedBranchOptions struct {
 	Name                      *string                     `url:"name,omitempty" json:"name,omitempty"`
 	AllowForcePush            *bool                       `url:"allow_force_push,omitempty" json:"allow_force_push,omitempty"`
@@ -225,8 +224,8 @@ type UpdateProtectedBranchOptions struct {
 // UpdateProtectedBranch updates a protected branch.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#update-a-protected-branch
-func (s *ProtectedBranchesService) UpdateProtectedBranch(pid interface{}, branch string, opt *UpdateProtectedBranchOptions, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error) {
+// https://docs.gitlab.com/api/protected_branches/#update-a-protected-branch
+func (s *ProtectedBranchesService) UpdateProtectedBranch(pid any, branch string, opt *UpdateProtectedBranchOptions, options ...RequestOptionFunc) (*ProtectedBranch, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -246,26 +245,3 @@ func (s *ProtectedBranchesService) UpdateProtectedBranch(pid interface{}, branch
 
 	return p, resp, nil
 }
-
-// RequireCodeOwnerApprovalsOptions represents the available
-// RequireCodeOwnerApprovals() options.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#update-a-protected-branch
-type RequireCodeOwnerApprovalsOptions struct {
-	CodeOwnerApprovalRequired *bool `url:"code_owner_approval_required,omitempty" json:"code_owner_approval_required,omitempty"`
-}
-
-// RequireCodeOwnerApprovals updates the code owner approval option.
-//
-// Deprecated: Use UpdateProtectedBranch() instead.
-//
-// Gitlab API docs:
-// https://docs.gitlab.com/ee/api/protected_branches.html#update-a-protected-branch
-func (s *ProtectedBranchesService) RequireCodeOwnerApprovals(pid interface{}, branch string, opt *RequireCodeOwnerApprovalsOptions, options ...RequestOptionFunc) (*Response, error) {
-	updateOptions := &UpdateProtectedBranchOptions{
-		CodeOwnerApprovalRequired: opt.CodeOwnerApprovalRequired,
-	}
-	_, req, err := s.UpdateProtectedBranch(pid, branch, updateOptions, options...)
-	return req, err
-}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/protected_environments.go b/vendor/gitlab.com/gitlab-org/api/client-go/protected_environments.go
index daea97a963..0135b1ee1a 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/protected_environments.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/protected_environments.go
@@ -23,18 +23,18 @@ import (
 
 type (
 	ProtectedEnvironmentsServiceInterface interface {
-		ListProtectedEnvironments(pid interface{}, opt *ListProtectedEnvironmentsOptions, options ...RequestOptionFunc) ([]*ProtectedEnvironment, *Response, error)
-		GetProtectedEnvironment(pid interface{}, environment string, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error)
-		ProtectRepositoryEnvironments(pid interface{}, opt *ProtectRepositoryEnvironmentsOptions, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error)
-		UpdateProtectedEnvironments(pid interface{}, environment string, opt *UpdateProtectedEnvironmentsOptions, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error)
-		UnprotectEnvironment(pid interface{}, environment string, options ...RequestOptionFunc) (*Response, error)
+		ListProtectedEnvironments(pid any, opt *ListProtectedEnvironmentsOptions, options ...RequestOptionFunc) ([]*ProtectedEnvironment, *Response, error)
+		GetProtectedEnvironment(pid any, environment string, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error)
+		ProtectRepositoryEnvironments(pid any, opt *ProtectRepositoryEnvironmentsOptions, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error)
+		UpdateProtectedEnvironments(pid any, environment string, opt *UpdateProtectedEnvironmentsOptions, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error)
+		UnprotectEnvironment(pid any, environment string, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ProtectedEnvironmentsService handles communication with the protected
 	// environment methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/protected_environments.html
+	// https://docs.gitlab.com/api/protected_environments/
 	ProtectedEnvironmentsService struct {
 		client *Client
 	}
@@ -45,7 +45,7 @@ var _ ProtectedEnvironmentsServiceInterface = (*ProtectedEnvironmentsService)(ni
 // ProtectedEnvironment represents a protected environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html
+// https://docs.gitlab.com/api/protected_environments/
 type ProtectedEnvironment struct {
 	Name                  string                          `json:"name"`
 	DeployAccessLevels    []*EnvironmentAccessDescription `json:"deploy_access_levels"`
@@ -57,7 +57,7 @@ type ProtectedEnvironment struct {
 // environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html
+// https://docs.gitlab.com/api/protected_environments/
 type EnvironmentAccessDescription struct {
 	ID                     int              `json:"id"`
 	AccessLevel            AccessLevelValue `json:"access_level"`
@@ -71,7 +71,7 @@ type EnvironmentAccessDescription struct {
 // environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#protect-a-single-environment
+// https://docs.gitlab.com/api/protected_environments/#protect-a-single-environment
 type EnvironmentApprovalRule struct {
 	ID                     int              `json:"id"`
 	UserID                 int              `json:"user_id"`
@@ -86,15 +86,15 @@ type EnvironmentApprovalRule struct {
 // ListProtectedEnvironments() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#list-protected-environments
+// https://docs.gitlab.com/api/protected_environments/#list-protected-environments
 type ListProtectedEnvironmentsOptions ListOptions
 
 // ListProtectedEnvironments returns a list of protected environments from a
 // project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#list-protected-environments
-func (s *ProtectedEnvironmentsService) ListProtectedEnvironments(pid interface{}, opt *ListProtectedEnvironmentsOptions, options ...RequestOptionFunc) ([]*ProtectedEnvironment, *Response, error) {
+// https://docs.gitlab.com/api/protected_environments/#list-protected-environments
+func (s *ProtectedEnvironmentsService) ListProtectedEnvironments(pid any, opt *ListProtectedEnvironmentsOptions, options ...RequestOptionFunc) ([]*ProtectedEnvironment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -119,8 +119,8 @@ func (s *ProtectedEnvironmentsService) ListProtectedEnvironments(pid interface{}
 // protected environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#get-a-single-protected-environment
-func (s *ProtectedEnvironmentsService) GetProtectedEnvironment(pid interface{}, environment string, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error) {
+// https://docs.gitlab.com/api/protected_environments/#get-a-single-protected-environment
+func (s *ProtectedEnvironmentsService) GetProtectedEnvironment(pid any, environment string, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -145,7 +145,7 @@ func (s *ProtectedEnvironmentsService) GetProtectedEnvironment(pid interface{},
 // ProtectRepositoryEnvironments() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#protect-a-single-environment
+// https://docs.gitlab.com/api/protected_environments/#protect-a-single-environment
 type ProtectRepositoryEnvironmentsOptions struct {
 	Name                  *string                            `url:"name,omitempty" json:"name,omitempty"`
 	DeployAccessLevels    *[]*EnvironmentAccessOptions       `url:"deploy_access_levels,omitempty" json:"deploy_access_levels,omitempty"`
@@ -157,7 +157,7 @@ type ProtectRepositoryEnvironmentsOptions struct {
 // a protected environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#protect-a-single-environment
+// https://docs.gitlab.com/api/protected_environments/#protect-a-single-environment
 type EnvironmentAccessOptions struct {
 	AccessLevel          *AccessLevelValue `url:"access_level,omitempty" json:"access_level,omitempty"`
 	UserID               *int              `url:"user_id,omitempty" json:"user_id,omitempty"`
@@ -169,7 +169,7 @@ type EnvironmentAccessOptions struct {
 // environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#protect-a-single-environment
+// https://docs.gitlab.com/api/protected_environments/#protect-a-single-environment
 type EnvironmentApprovalRuleOptions struct {
 	UserID                 *int              `url:"user_id,omitempty" json:"user_id,omitempty"`
 	GroupID                *int              `url:"group_id,omitempty" json:"group_id,omitempty"`
@@ -183,8 +183,8 @@ type EnvironmentApprovalRuleOptions struct {
 // several project repository environments using wildcard protected environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#protect-a-single-environment
-func (s *ProtectedEnvironmentsService) ProtectRepositoryEnvironments(pid interface{}, opt *ProtectRepositoryEnvironmentsOptions, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error) {
+// https://docs.gitlab.com/api/protected_environments/#protect-a-single-environment
+func (s *ProtectedEnvironmentsService) ProtectRepositoryEnvironments(pid any, opt *ProtectRepositoryEnvironmentsOptions, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -209,7 +209,7 @@ func (s *ProtectedEnvironmentsService) ProtectRepositoryEnvironments(pid interfa
 // UpdateProtectedEnvironments() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#update-a-protected-environment
+// https://docs.gitlab.com/api/protected_environments/#update-a-protected-environment
 type UpdateProtectedEnvironmentsOptions struct {
 	Name                  *string                                  `url:"name,omitempty" json:"name,omitempty"`
 	DeployAccessLevels    *[]*UpdateEnvironmentAccessOptions       `url:"deploy_access_levels,omitempty" json:"deploy_access_levels,omitempty"`
@@ -221,7 +221,7 @@ type UpdateProtectedEnvironmentsOptions struct {
 // access decription for a protected environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#update-a-protected-environment
+// https://docs.gitlab.com/api/protected_environments/#update-a-protected-environment
 type UpdateEnvironmentAccessOptions struct {
 	AccessLevel          *AccessLevelValue `url:"access_level,omitempty" json:"access_level,omitempty"`
 	ID                   *int              `url:"id,omitempty" json:"id,omitempty"`
@@ -235,7 +235,7 @@ type UpdateEnvironmentAccessOptions struct {
 // rules for a protected environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#update-a-protected-environment
+// https://docs.gitlab.com/api/protected_environments/#update-a-protected-environment
 type UpdateEnvironmentApprovalRuleOptions struct {
 	ID                     *int              `url:"id,omitempty" json:"id,omitempty"`
 	UserID                 *int              `url:"user_id,omitempty" json:"user_id,omitempty"`
@@ -251,8 +251,8 @@ type UpdateEnvironmentApprovalRuleOptions struct {
 // several project repository environments using wildcard protected environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#update-a-protected-environment
-func (s *ProtectedEnvironmentsService) UpdateProtectedEnvironments(pid interface{}, environment string, opt *UpdateProtectedEnvironmentsOptions, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error) {
+// https://docs.gitlab.com/api/protected_environments/#update-a-protected-environment
+func (s *ProtectedEnvironmentsService) UpdateProtectedEnvironments(pid any, environment string, opt *UpdateProtectedEnvironmentsOptions, options ...RequestOptionFunc) (*ProtectedEnvironment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -277,8 +277,8 @@ func (s *ProtectedEnvironmentsService) UpdateProtectedEnvironments(pid interface
 // protected environment.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_environments.html#unprotect-a-single-environment
-func (s *ProtectedEnvironmentsService) UnprotectEnvironment(pid interface{}, environment string, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/protected_environments/#unprotect-a-single-environment
+func (s *ProtectedEnvironmentsService) UnprotectEnvironment(pid any, environment string, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/protected_tags.go b/vendor/gitlab.com/gitlab-org/api/client-go/protected_tags.go
index 267bc92bf8..e9adfe2482 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/protected_tags.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/protected_tags.go
@@ -23,17 +23,17 @@ import (
 
 type (
 	ProtectedTagsServiceInterface interface {
-		ListProtectedTags(pid interface{}, opt *ListProtectedTagsOptions, options ...RequestOptionFunc) ([]*ProtectedTag, *Response, error)
-		GetProtectedTag(pid interface{}, tag string, options ...RequestOptionFunc) (*ProtectedTag, *Response, error)
-		ProtectRepositoryTags(pid interface{}, opt *ProtectRepositoryTagsOptions, options ...RequestOptionFunc) (*ProtectedTag, *Response, error)
-		UnprotectRepositoryTags(pid interface{}, tag string, options ...RequestOptionFunc) (*Response, error)
+		ListProtectedTags(pid any, opt *ListProtectedTagsOptions, options ...RequestOptionFunc) ([]*ProtectedTag, *Response, error)
+		GetProtectedTag(pid any, tag string, options ...RequestOptionFunc) (*ProtectedTag, *Response, error)
+		ProtectRepositoryTags(pid any, opt *ProtectRepositoryTagsOptions, options ...RequestOptionFunc) (*ProtectedTag, *Response, error)
+		UnprotectRepositoryTags(pid any, tag string, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ProtectedTagsService handles communication with the protected tag methods
 	// of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/protected_tags.html
+	// https://docs.gitlab.com/api/protected_tags/
 	ProtectedTagsService struct {
 		client *Client
 	}
@@ -44,7 +44,7 @@ var _ ProtectedTagsServiceInterface = (*ProtectedTagsService)(nil)
 // ProtectedTag represents a protected tag.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_tags.html
+// https://docs.gitlab.com/api/protected_tags/
 type ProtectedTag struct {
 	Name               string                  `json:"name"`
 	CreateAccessLevels []*TagAccessDescription `json:"create_access_levels"`
@@ -53,7 +53,7 @@ type ProtectedTag struct {
 // TagAccessDescription reperesents the access decription for a protected tag.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_tags.html
+// https://docs.gitlab.com/api/protected_tags/
 type TagAccessDescription struct {
 	ID                     int              `json:"id"`
 	UserID                 int              `json:"user_id"`
@@ -66,14 +66,14 @@ type TagAccessDescription struct {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_tags.html#list-protected-tags
+// https://docs.gitlab.com/api/protected_tags/#list-protected-tags
 type ListProtectedTagsOptions ListOptions
 
 // ListProtectedTags returns a list of protected tags from a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_tags.html#list-protected-tags
-func (s *ProtectedTagsService) ListProtectedTags(pid interface{}, opt *ListProtectedTagsOptions, options ...RequestOptionFunc) ([]*ProtectedTag, *Response, error) {
+// https://docs.gitlab.com/api/protected_tags/#list-protected-tags
+func (s *ProtectedTagsService) ListProtectedTags(pid any, opt *ListProtectedTagsOptions, options ...RequestOptionFunc) ([]*ProtectedTag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -97,8 +97,8 @@ func (s *ProtectedTagsService) ListProtectedTags(pid interface{}, opt *ListProte
 // GetProtectedTag returns a single protected tag or wildcard protected tag.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_tags.html#get-a-single-protected-tag-or-wildcard-protected-tag
-func (s *ProtectedTagsService) GetProtectedTag(pid interface{}, tag string, options ...RequestOptionFunc) (*ProtectedTag, *Response, error) {
+// https://docs.gitlab.com/api/protected_tags/#get-a-single-protected-tag-or-wildcard-protected-tag
+func (s *ProtectedTagsService) GetProtectedTag(pid any, tag string, options ...RequestOptionFunc) (*ProtectedTag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -123,7 +123,7 @@ func (s *ProtectedTagsService) GetProtectedTag(pid interface{}, tag string, opti
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_tags.html#protect-repository-tags
+// https://docs.gitlab.com/api/protected_tags/#protect-repository-tags
 type ProtectRepositoryTagsOptions struct {
 	Name              *string                   `url:"name,omitempty" json:"name,omitempty"`
 	CreateAccessLevel *AccessLevelValue         `url:"create_access_level,omitempty" json:"create_access_level,omitempty"`
@@ -133,7 +133,7 @@ type ProtectRepositoryTagsOptions struct {
 // TagsPermissionOptions represents a protected tag permission option.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_tags.html#protect-repository-tags
+// https://docs.gitlab.com/api/protected_tags/#protect-repository-tags
 type TagsPermissionOptions struct {
 	UserID      *int              `url:"user_id,omitempty" json:"user_id,omitempty"`
 	GroupID     *int              `url:"group_id,omitempty" json:"group_id,omitempty"`
@@ -144,8 +144,8 @@ type TagsPermissionOptions struct {
 // repository tags using a wildcard protected tag.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_tags.html#protect-repository-tags
-func (s *ProtectedTagsService) ProtectRepositoryTags(pid interface{}, opt *ProtectRepositoryTagsOptions, options ...RequestOptionFunc) (*ProtectedTag, *Response, error) {
+// https://docs.gitlab.com/api/protected_tags/#protect-repository-tags
+func (s *ProtectedTagsService) ProtectRepositoryTags(pid any, opt *ProtectRepositoryTagsOptions, options ...RequestOptionFunc) (*ProtectedTag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -170,8 +170,8 @@ func (s *ProtectedTagsService) ProtectRepositoryTags(pid interface{}, opt *Prote
 // protected tag.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/protected_tags.html#unprotect-repository-tags
-func (s *ProtectedTagsService) UnprotectRepositoryTags(pid interface{}, tag string, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/protected_tags/#unprotect-repository-tags
+func (s *ProtectedTagsService) UnprotectRepositoryTags(pid any, tag string, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/release.config.mjs b/vendor/gitlab.com/gitlab-org/api/client-go/release.config.mjs
new file mode 100644
index 0000000000..ef6774efd0
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/release.config.mjs
@@ -0,0 +1,13 @@
+export default {
+  branches: ["main"],
+  plugins: [
+    "@semantic-release/commit-analyzer",
+    "@semantic-release/release-notes-generator",
+    "@semantic-release/changelog",
+    "@semantic-release/gitlab",
+    ["@semantic-release/git", {
+      assets: ["CHANGELOG.md"],
+      message: "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
+    }]
+  ]
+};
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/releaselinks.go b/vendor/gitlab.com/gitlab-org/api/client-go/releaselinks.go
index fb3cbf7a59..804e1ae51a 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/releaselinks.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/releaselinks.go
@@ -23,17 +23,17 @@ import (
 
 type (
 	ReleaseLinksServiceInterface interface {
-		ListReleaseLinks(pid interface{}, tagName string, opt *ListReleaseLinksOptions, options ...RequestOptionFunc) ([]*ReleaseLink, *Response, error)
-		GetReleaseLink(pid interface{}, tagName string, link int, options ...RequestOptionFunc) (*ReleaseLink, *Response, error)
-		CreateReleaseLink(pid interface{}, tagName string, opt *CreateReleaseLinkOptions, options ...RequestOptionFunc) (*ReleaseLink, *Response, error)
-		UpdateReleaseLink(pid interface{}, tagName string, link int, opt *UpdateReleaseLinkOptions, options ...RequestOptionFunc) (*ReleaseLink, *Response, error)
-		DeleteReleaseLink(pid interface{}, tagName string, link int, options ...RequestOptionFunc) (*ReleaseLink, *Response, error)
+		ListReleaseLinks(pid any, tagName string, opt *ListReleaseLinksOptions, options ...RequestOptionFunc) ([]*ReleaseLink, *Response, error)
+		GetReleaseLink(pid any, tagName string, link int, options ...RequestOptionFunc) (*ReleaseLink, *Response, error)
+		CreateReleaseLink(pid any, tagName string, opt *CreateReleaseLinkOptions, options ...RequestOptionFunc) (*ReleaseLink, *Response, error)
+		UpdateReleaseLink(pid any, tagName string, link int, opt *UpdateReleaseLinkOptions, options ...RequestOptionFunc) (*ReleaseLink, *Response, error)
+		DeleteReleaseLink(pid any, tagName string, link int, options ...RequestOptionFunc) (*ReleaseLink, *Response, error)
 	}
 
 	// ReleaseLinksService handles communication with the release link methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html
+	// GitLab API docs: https://docs.gitlab.com/api/releases/links/
 	ReleaseLinksService struct {
 		client *Client
 	}
@@ -43,7 +43,7 @@ var _ ReleaseLinksServiceInterface = (*ReleaseLinksService)(nil)
 
 // ReleaseLink represents a release link.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html
+// GitLab API docs: https://docs.gitlab.com/api/releases/links/
 type ReleaseLink struct {
 	ID             int           `json:"id"`
 	Name           string        `json:"name"`
@@ -55,13 +55,13 @@ type ReleaseLink struct {
 
 // ListReleaseLinksOptions represents ListReleaseLinks() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html#list-links-of-a-release
+// GitLab API docs: https://docs.gitlab.com/api/releases/links/#list-links-of-a-release
 type ListReleaseLinksOptions ListOptions
 
 // ListReleaseLinks gets assets as links from a Release.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html#list-links-of-a-release
-func (s *ReleaseLinksService) ListReleaseLinks(pid interface{}, tagName string, opt *ListReleaseLinksOptions, options ...RequestOptionFunc) ([]*ReleaseLink, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/releases/links/#list-links-of-a-release
+func (s *ReleaseLinksService) ListReleaseLinks(pid any, tagName string, opt *ListReleaseLinksOptions, options ...RequestOptionFunc) ([]*ReleaseLink, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -84,8 +84,8 @@ func (s *ReleaseLinksService) ListReleaseLinks(pid interface{}, tagName string,
 
 // GetReleaseLink returns a link from release assets.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html#get-a-release-link
-func (s *ReleaseLinksService) GetReleaseLink(pid interface{}, tagName string, link int, options ...RequestOptionFunc) (*ReleaseLink, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/releases/links/#get-a-release-link
+func (s *ReleaseLinksService) GetReleaseLink(pid any, tagName string, link int, options ...RequestOptionFunc) (*ReleaseLink, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -111,7 +111,7 @@ func (s *ReleaseLinksService) GetReleaseLink(pid interface{}, tagName string, li
 
 // CreateReleaseLinkOptions represents CreateReleaseLink() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html#create-a-release-link
+// GitLab API docs: https://docs.gitlab.com/api/releases/links/#create-a-release-link
 type CreateReleaseLinkOptions struct {
 	Name            *string        `url:"name,omitempty" json:"name,omitempty"`
 	URL             *string        `url:"url,omitempty" json:"url,omitempty"`
@@ -122,8 +122,8 @@ type CreateReleaseLinkOptions struct {
 
 // CreateReleaseLink creates a link.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html#create-a-release-link
-func (s *ReleaseLinksService) CreateReleaseLink(pid interface{}, tagName string, opt *CreateReleaseLinkOptions, options ...RequestOptionFunc) (*ReleaseLink, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/releases/links/#create-a-release-link
+func (s *ReleaseLinksService) CreateReleaseLink(pid any, tagName string, opt *CreateReleaseLinkOptions, options ...RequestOptionFunc) (*ReleaseLink, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -148,7 +148,7 @@ func (s *ReleaseLinksService) CreateReleaseLink(pid interface{}, tagName string,
 //
 // You have to specify at least one of Name of URL.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html#update-a-release-link
+// GitLab API docs: https://docs.gitlab.com/api/releases/links/#update-a-release-link
 type UpdateReleaseLinkOptions struct {
 	Name            *string        `url:"name,omitempty" json:"name,omitempty"`
 	URL             *string        `url:"url,omitempty" json:"url,omitempty"`
@@ -159,8 +159,8 @@ type UpdateReleaseLinkOptions struct {
 
 // UpdateReleaseLink updates an asset link.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html#update-a-release-link
-func (s *ReleaseLinksService) UpdateReleaseLink(pid interface{}, tagName string, link int, opt *UpdateReleaseLinkOptions, options ...RequestOptionFunc) (*ReleaseLink, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/releases/links/#update-a-release-link
+func (s *ReleaseLinksService) UpdateReleaseLink(pid any, tagName string, link int, opt *UpdateReleaseLinkOptions, options ...RequestOptionFunc) (*ReleaseLink, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -186,8 +186,8 @@ func (s *ReleaseLinksService) UpdateReleaseLink(pid interface{}, tagName string,
 
 // DeleteReleaseLink deletes a link from release.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html#delete-a-release-link
-func (s *ReleaseLinksService) DeleteReleaseLink(pid interface{}, tagName string, link int, options ...RequestOptionFunc) (*ReleaseLink, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/releases/links/#delete-a-release-link
+func (s *ReleaseLinksService) DeleteReleaseLink(pid any, tagName string, link int, options ...RequestOptionFunc) (*ReleaseLink, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/releases.go b/vendor/gitlab.com/gitlab-org/api/client-go/releases.go
index dad8aa5710..1d335e314a 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/releases.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/releases.go
@@ -24,18 +24,18 @@ import (
 
 type (
 	ReleasesServiceInterface interface {
-		ListReleases(pid interface{}, opt *ListReleasesOptions, options ...RequestOptionFunc) ([]*Release, *Response, error)
-		GetRelease(pid interface{}, tagName string, options ...RequestOptionFunc) (*Release, *Response, error)
-		GetLatestRelease(pid interface{}, options ...RequestOptionFunc) (*Release, *Response, error)
-		CreateRelease(pid interface{}, opts *CreateReleaseOptions, options ...RequestOptionFunc) (*Release, *Response, error)
-		UpdateRelease(pid interface{}, tagName string, opts *UpdateReleaseOptions, options ...RequestOptionFunc) (*Release, *Response, error)
-		DeleteRelease(pid interface{}, tagName string, options ...RequestOptionFunc) (*Release, *Response, error)
+		ListReleases(pid any, opt *ListReleasesOptions, options ...RequestOptionFunc) ([]*Release, *Response, error)
+		GetRelease(pid any, tagName string, options ...RequestOptionFunc) (*Release, *Response, error)
+		GetLatestRelease(pid any, options ...RequestOptionFunc) (*Release, *Response, error)
+		CreateRelease(pid any, opts *CreateReleaseOptions, options ...RequestOptionFunc) (*Release, *Response, error)
+		UpdateRelease(pid any, tagName string, opts *UpdateReleaseOptions, options ...RequestOptionFunc) (*Release, *Response, error)
+		DeleteRelease(pid any, tagName string, options ...RequestOptionFunc) (*Release, *Response, error)
 	}
 
 	// ReleasesService handles communication with the releases methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/releases/index.html
+	// GitLab API docs: https://docs.gitlab.com/api/releases/
 	ReleasesService struct {
 		client *Client
 	}
@@ -46,7 +46,7 @@ var _ ReleasesServiceInterface = (*ReleasesService)(nil)
 // Release represents a project release.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#list-releases
+// https://docs.gitlab.com/api/releases/#list-releases
 type Release struct {
 	TagName         string     `json:"tag_name"`
 	Name            string     `json:"name"`
@@ -91,7 +91,7 @@ type Release struct {
 // ReleaseMilestone represents a project release milestone.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#list-releases
+// https://docs.gitlab.com/api/releases/#list-releases
 type ReleaseMilestone struct {
 	ID          int                         `json:"id"`
 	IID         int                         `json:"iid"`
@@ -111,7 +111,7 @@ type ReleaseMilestone struct {
 // related issues statistics.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#list-releases
+// https://docs.gitlab.com/api/releases/#list-releases
 type ReleaseMilestoneIssueStats struct {
 	Total  int `json:"total"`
 	Closed int `json:"closed"`
@@ -120,7 +120,7 @@ type ReleaseMilestoneIssueStats struct {
 // ReleaseEvidence represents a project release's evidence.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#list-releases
+// https://docs.gitlab.com/api/releases/#list-releases
 type ReleaseEvidence struct {
 	SHA         string     `json:"sha"`
 	Filepath    string     `json:"filepath"`
@@ -130,7 +130,7 @@ type ReleaseEvidence struct {
 // ListReleasesOptions represents ListReleases() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#list-releases
+// https://docs.gitlab.com/api/releases/#list-releases
 type ListReleasesOptions struct {
 	ListOptions
 	OrderBy                *string `url:"order_by,omitempty" json:"order_by,omitempty"`
@@ -141,8 +141,8 @@ type ListReleasesOptions struct {
 // ListReleases gets a pagenated of releases accessible by the authenticated user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#list-releases
-func (s *ReleasesService) ListReleases(pid interface{}, opt *ListReleasesOptions, options ...RequestOptionFunc) ([]*Release, *Response, error) {
+// https://docs.gitlab.com/api/releases/#list-releases
+func (s *ReleasesService) ListReleases(pid any, opt *ListReleasesOptions, options ...RequestOptionFunc) ([]*Release, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -166,8 +166,8 @@ func (s *ReleasesService) ListReleases(pid interface{}, opt *ListReleasesOptions
 // GetRelease returns a single release, identified by a tag name.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#get-a-release-by-a-tag-name
-func (s *ReleasesService) GetRelease(pid interface{}, tagName string, options ...RequestOptionFunc) (*Release, *Response, error) {
+// https://docs.gitlab.com/api/releases/#get-a-release-by-a-tag-name
+func (s *ReleasesService) GetRelease(pid any, tagName string, options ...RequestOptionFunc) (*Release, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -191,8 +191,8 @@ func (s *ReleasesService) GetRelease(pid interface{}, tagName string, options ..
 // GetLatestRelease returns the latest release for the project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/#get-the-latest-release
-func (s *ReleasesService) GetLatestRelease(pid interface{}, options ...RequestOptionFunc) (*Release, *Response, error) {
+// https://docs.gitlab.com/api/releases/#get-the-latest-release
+func (s *ReleasesService) GetLatestRelease(pid any, options ...RequestOptionFunc) (*Release, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -216,7 +216,7 @@ func (s *ReleasesService) GetLatestRelease(pid interface{}, options ...RequestOp
 // CreateReleaseOptions represents CreateRelease() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#create-a-release
+// https://docs.gitlab.com/api/releases/#create-a-release
 type CreateReleaseOptions struct {
 	Name        *string               `url:"name,omitempty" json:"name,omitempty"`
 	TagName     *string               `url:"tag_name,omitempty" json:"tag_name,omitempty"`
@@ -231,7 +231,7 @@ type CreateReleaseOptions struct {
 // ReleaseAssetsOptions represents release assets in CreateRelease() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#create-a-release
+// https://docs.gitlab.com/api/releases/#create-a-release
 type ReleaseAssetsOptions struct {
 	Links []*ReleaseAssetLinkOptions `url:"links,omitempty" json:"links,omitempty"`
 }
@@ -240,7 +240,7 @@ type ReleaseAssetsOptions struct {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#create-a-release
+// https://docs.gitlab.com/api/releases/#create-a-release
 type ReleaseAssetLinkOptions struct {
 	Name            *string        `url:"name,omitempty" json:"name,omitempty"`
 	URL             *string        `url:"url,omitempty" json:"url,omitempty"`
@@ -252,8 +252,8 @@ type ReleaseAssetLinkOptions struct {
 // CreateRelease creates a release.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#create-a-release
-func (s *ReleasesService) CreateRelease(pid interface{}, opts *CreateReleaseOptions, options ...RequestOptionFunc) (*Release, *Response, error) {
+// https://docs.gitlab.com/api/releases/#create-a-release
+func (s *ReleasesService) CreateRelease(pid any, opts *CreateReleaseOptions, options ...RequestOptionFunc) (*Release, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -277,7 +277,7 @@ func (s *ReleasesService) CreateRelease(pid interface{}, opts *CreateReleaseOpti
 // UpdateReleaseOptions represents UpdateRelease() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#update-a-release
+// https://docs.gitlab.com/api/releases/#update-a-release
 type UpdateReleaseOptions struct {
 	Name        *string    `url:"name" json:"name"`
 	Description *string    `url:"description" json:"description"`
@@ -288,8 +288,8 @@ type UpdateReleaseOptions struct {
 // UpdateRelease updates a release.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#update-a-release
-func (s *ReleasesService) UpdateRelease(pid interface{}, tagName string, opts *UpdateReleaseOptions, options ...RequestOptionFunc) (*Release, *Response, error) {
+// https://docs.gitlab.com/api/releases/#update-a-release
+func (s *ReleasesService) UpdateRelease(pid any, tagName string, opts *UpdateReleaseOptions, options ...RequestOptionFunc) (*Release, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -313,8 +313,8 @@ func (s *ReleasesService) UpdateRelease(pid interface{}, tagName string, opts *U
 // DeleteRelease deletes a release.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/index.html#delete-a-release
-func (s *ReleasesService) DeleteRelease(pid interface{}, tagName string, options ...RequestOptionFunc) (*Release, *Response, error) {
+// https://docs.gitlab.com/api/releases/#delete-a-release
+func (s *ReleasesService) DeleteRelease(pid any, tagName string, options ...RequestOptionFunc) (*Release, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/repositories.go b/vendor/gitlab.com/gitlab-org/api/client-go/repositories.go
index cf255ea365..50da7ceb18 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/repositories.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/repositories.go
@@ -26,22 +26,22 @@ import (
 
 type (
 	RepositoriesServiceInterface interface {
-		ListTree(pid interface{}, opt *ListTreeOptions, options ...RequestOptionFunc) ([]*TreeNode, *Response, error)
-		Blob(pid interface{}, sha string, options ...RequestOptionFunc) ([]byte, *Response, error)
-		RawBlobContent(pid interface{}, sha string, options ...RequestOptionFunc) ([]byte, *Response, error)
-		Archive(pid interface{}, opt *ArchiveOptions, options ...RequestOptionFunc) ([]byte, *Response, error)
-		StreamArchive(pid interface{}, w io.Writer, opt *ArchiveOptions, options ...RequestOptionFunc) (*Response, error)
-		Compare(pid interface{}, opt *CompareOptions, options ...RequestOptionFunc) (*Compare, *Response, error)
-		Contributors(pid interface{}, opt *ListContributorsOptions, options ...RequestOptionFunc) ([]*Contributor, *Response, error)
-		MergeBase(pid interface{}, opt *MergeBaseOptions, options ...RequestOptionFunc) (*Commit, *Response, error)
-		AddChangelog(pid interface{}, opt *AddChangelogOptions, options ...RequestOptionFunc) (*Response, error)
-		GenerateChangelogData(pid interface{}, opt GenerateChangelogDataOptions, options ...RequestOptionFunc) (*ChangelogData, *Response, error)
+		ListTree(pid any, opt *ListTreeOptions, options ...RequestOptionFunc) ([]*TreeNode, *Response, error)
+		Blob(pid any, sha string, options ...RequestOptionFunc) ([]byte, *Response, error)
+		RawBlobContent(pid any, sha string, options ...RequestOptionFunc) ([]byte, *Response, error)
+		Archive(pid any, opt *ArchiveOptions, options ...RequestOptionFunc) ([]byte, *Response, error)
+		StreamArchive(pid any, w io.Writer, opt *ArchiveOptions, options ...RequestOptionFunc) (*Response, error)
+		Compare(pid any, opt *CompareOptions, options ...RequestOptionFunc) (*Compare, *Response, error)
+		Contributors(pid any, opt *ListContributorsOptions, options ...RequestOptionFunc) ([]*Contributor, *Response, error)
+		MergeBase(pid any, opt *MergeBaseOptions, options ...RequestOptionFunc) (*Commit, *Response, error)
+		AddChangelog(pid any, opt *AddChangelogOptions, options ...RequestOptionFunc) (*Response, error)
+		GenerateChangelogData(pid any, opt GenerateChangelogDataOptions, options ...RequestOptionFunc) (*ChangelogData, *Response, error)
 	}
 
 	// RepositoriesService handles communication with the repositories related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/repositories.html
+	// GitLab API docs: https://docs.gitlab.com/api/repositories/
 	RepositoriesService struct {
 		client *Client
 	}
@@ -51,7 +51,7 @@ var _ RepositoriesServiceInterface = (*RepositoriesService)(nil)
 
 // TreeNode represents a GitLab repository file or directory.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/repositories.html
+// GitLab API docs: https://docs.gitlab.com/api/repositories/
 type TreeNode struct {
 	ID   string `json:"id"`
 	Name string `json:"name"`
@@ -67,7 +67,7 @@ func (t TreeNode) String() string {
 // ListTreeOptions represents the available ListTree() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#list-repository-tree
+// https://docs.gitlab.com/api/repositories/#list-repository-tree
 type ListTreeOptions struct {
 	ListOptions
 	Path      *string `url:"path,omitempty" json:"path,omitempty"`
@@ -78,8 +78,8 @@ type ListTreeOptions struct {
 // ListTree gets a list of repository files and directories in a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#list-repository-tree
-func (s *RepositoriesService) ListTree(pid interface{}, opt *ListTreeOptions, options ...RequestOptionFunc) ([]*TreeNode, *Response, error) {
+// https://docs.gitlab.com/api/repositories/#list-repository-tree
+func (s *RepositoriesService) ListTree(pid any, opt *ListTreeOptions, options ...RequestOptionFunc) ([]*TreeNode, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -104,8 +104,8 @@ func (s *RepositoriesService) ListTree(pid interface{}, opt *ListTreeOptions, op
 // that blob content is Base64 encoded.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#get-a-blob-from-repository
-func (s *RepositoriesService) Blob(pid interface{}, sha string, options ...RequestOptionFunc) ([]byte, *Response, error) {
+// https://docs.gitlab.com/api/repositories/#get-a-blob-from-repository
+func (s *RepositoriesService) Blob(pid any, sha string, options ...RequestOptionFunc) ([]byte, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -129,8 +129,8 @@ func (s *RepositoriesService) Blob(pid interface{}, sha string, options ...Reque
 // RawBlobContent gets the raw file contents for a blob by blob SHA.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#raw-blob-content
-func (s *RepositoriesService) RawBlobContent(pid interface{}, sha string, options ...RequestOptionFunc) ([]byte, *Response, error) {
+// https://docs.gitlab.com/api/repositories/#raw-blob-content
+func (s *RepositoriesService) RawBlobContent(pid any, sha string, options ...RequestOptionFunc) ([]byte, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -154,7 +154,7 @@ func (s *RepositoriesService) RawBlobContent(pid interface{}, sha string, option
 // ArchiveOptions represents the available Archive() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#get-file-archive
+// https://docs.gitlab.com/api/repositories/#get-file-archive
 type ArchiveOptions struct {
 	Format *string `url:"-" json:"-"`
 	Path   *string `url:"path,omitempty" json:"path,omitempty"`
@@ -164,8 +164,8 @@ type ArchiveOptions struct {
 // Archive gets an archive of the repository.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#get-file-archive
-func (s *RepositoriesService) Archive(pid interface{}, opt *ArchiveOptions, options ...RequestOptionFunc) ([]byte, *Response, error) {
+// https://docs.gitlab.com/api/repositories/#get-file-archive
+func (s *RepositoriesService) Archive(pid any, opt *ArchiveOptions, options ...RequestOptionFunc) ([]byte, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -195,8 +195,8 @@ func (s *RepositoriesService) Archive(pid interface{}, opt *ArchiveOptions, opti
 // io.Writer.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#get-file-archive
-func (s *RepositoriesService) StreamArchive(pid interface{}, w io.Writer, opt *ArchiveOptions, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/repositories/#get-file-archive
+func (s *RepositoriesService) StreamArchive(pid any, w io.Writer, opt *ArchiveOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -219,7 +219,7 @@ func (s *RepositoriesService) StreamArchive(pid interface{}, w io.Writer, opt *A
 // Compare represents the result of a comparison of branches, tags or commits.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#compare-branches-tags-or-commits
+// https://docs.gitlab.com/api/repositories/#compare-branches-tags-or-commits
 type Compare struct {
 	Commit         *Commit   `json:"commit"`
 	Commits        []*Commit `json:"commits"`
@@ -236,7 +236,7 @@ func (c Compare) String() string {
 // CompareOptions represents the available Compare() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#compare-branches-tags-or-commits
+// https://docs.gitlab.com/api/repositories/#compare-branches-tags-or-commits
 type CompareOptions struct {
 	From     *string `url:"from,omitempty" json:"from,omitempty"`
 	To       *string `url:"to,omitempty" json:"to,omitempty"`
@@ -247,8 +247,8 @@ type CompareOptions struct {
 // Compare compares branches, tags or commits.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#compare-branches-tags-or-commits
-func (s *RepositoriesService) Compare(pid interface{}, opt *CompareOptions, options ...RequestOptionFunc) (*Compare, *Response, error) {
+// https://docs.gitlab.com/api/repositories/#compare-branches-tags-or-commits
+func (s *RepositoriesService) Compare(pid any, opt *CompareOptions, options ...RequestOptionFunc) (*Compare, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -271,7 +271,7 @@ func (s *RepositoriesService) Compare(pid interface{}, opt *CompareOptions, opti
 
 // Contributor represents a GitLap contributor.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/repositories.html#contributors
+// GitLab API docs: https://docs.gitlab.com/api/repositories/#contributors
 type Contributor struct {
 	Name      string `json:"name"`
 	Email     string `json:"email"`
@@ -286,7 +286,7 @@ func (c Contributor) String() string {
 
 // ListContributorsOptions represents the available ListContributors() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/repositories.html#contributors
+// GitLab API docs: https://docs.gitlab.com/api/repositories/#contributors
 type ListContributorsOptions struct {
 	ListOptions
 	OrderBy *string `url:"order_by,omitempty" json:"order_by,omitempty"`
@@ -295,8 +295,8 @@ type ListContributorsOptions struct {
 
 // Contributors gets the repository contributors list.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/repositories.html#contributors
-func (s *RepositoriesService) Contributors(pid interface{}, opt *ListContributorsOptions, options ...RequestOptionFunc) ([]*Contributor, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/repositories/#contributors
+func (s *RepositoriesService) Contributors(pid any, opt *ListContributorsOptions, options ...RequestOptionFunc) ([]*Contributor, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -320,7 +320,7 @@ func (s *RepositoriesService) Contributors(pid interface{}, opt *ListContributor
 // MergeBaseOptions represents the available MergeBase() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#merge-base
+// https://docs.gitlab.com/api/repositories/#merge-base
 type MergeBaseOptions struct {
 	Ref *[]string `url:"refs[],omitempty" json:"refs,omitempty"`
 }
@@ -329,8 +329,8 @@ type MergeBaseOptions struct {
 // names or tags).
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#merge-base
-func (s *RepositoriesService) MergeBase(pid interface{}, opt *MergeBaseOptions, options ...RequestOptionFunc) (*Commit, *Response, error) {
+// https://docs.gitlab.com/api/repositories/#merge-base
+func (s *RepositoriesService) MergeBase(pid any, opt *MergeBaseOptions, options ...RequestOptionFunc) (*Commit, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -354,7 +354,7 @@ func (s *RepositoriesService) MergeBase(pid interface{}, opt *MergeBaseOptions,
 // AddChangelogOptions represents the available AddChangelog() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#add-changelog-data-to-a-changelog-file
+// https://docs.gitlab.com/api/repositories/#add-changelog-data-to-a-changelog-file
 type AddChangelogOptions struct {
 	Version    *string  `url:"version,omitempty" json:"version,omitempty"`
 	Branch     *string  `url:"branch,omitempty" json:"branch,omitempty"`
@@ -370,8 +370,8 @@ type AddChangelogOptions struct {
 // AddChangelog generates changelog data based on commits in a repository.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#add-changelog-data-to-a-changelog-file
-func (s *RepositoriesService) AddChangelog(pid interface{}, opt *AddChangelogOptions, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/repositories/#add-changelog-data-to-a-changelog-file
+func (s *RepositoriesService) AddChangelog(pid any, opt *AddChangelogOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -389,7 +389,7 @@ func (s *RepositoriesService) AddChangelog(pid interface{}, opt *AddChangelogOpt
 // ChangelogData represents the generated changelog data.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#generate-changelog-data
+// https://docs.gitlab.com/api/repositories/#generate-changelog-data
 type ChangelogData struct {
 	Notes string `json:"notes"`
 }
@@ -402,7 +402,7 @@ func (c ChangelogData) String() string {
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#generate-changelog-data
+// https://docs.gitlab.com/api/repositories/#generate-changelog-data
 type GenerateChangelogDataOptions struct {
 	Version    *string  `url:"version,omitempty" json:"version,omitempty"`
 	ConfigFile *string  `url:"config_file,omitempty" json:"config_file,omitempty"`
@@ -416,8 +416,8 @@ type GenerateChangelogDataOptions struct {
 // repository, without committing them to a changelog file.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/repositories.html#generate-changelog-data
-func (s *RepositoriesService) GenerateChangelogData(pid interface{}, opt GenerateChangelogDataOptions, options ...RequestOptionFunc) (*ChangelogData, *Response, error) {
+// https://docs.gitlab.com/api/repositories/#generate-changelog-data
+func (s *RepositoriesService) GenerateChangelogData(pid any, opt GenerateChangelogDataOptions, options ...RequestOptionFunc) (*ChangelogData, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/repository_files.go b/vendor/gitlab.com/gitlab-org/api/client-go/repository_files.go
index ddbea6c2b7..32d1a49881 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/repository_files.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/repository_files.go
@@ -26,14 +26,14 @@ import (
 
 type (
 	RepositoryFilesServiceInterface interface {
-		GetFile(pid interface{}, fileName string, opt *GetFileOptions, options ...RequestOptionFunc) (*File, *Response, error)
-		GetFileMetaData(pid interface{}, fileName string, opt *GetFileMetaDataOptions, options ...RequestOptionFunc) (*File, *Response, error)
-		GetFileBlame(pid interface{}, file string, opt *GetFileBlameOptions, options ...RequestOptionFunc) ([]*FileBlameRange, *Response, error)
-		GetRawFile(pid interface{}, fileName string, opt *GetRawFileOptions, options ...RequestOptionFunc) ([]byte, *Response, error)
-		GetRawFileMetaData(pid interface{}, fileName string, opt *GetRawFileOptions, options ...RequestOptionFunc) (*File, *Response, error)
-		CreateFile(pid interface{}, fileName string, opt *CreateFileOptions, options ...RequestOptionFunc) (*FileInfo, *Response, error)
-		UpdateFile(pid interface{}, fileName string, opt *UpdateFileOptions, options ...RequestOptionFunc) (*FileInfo, *Response, error)
-		DeleteFile(pid interface{}, fileName string, opt *DeleteFileOptions, options ...RequestOptionFunc) (*Response, error)
+		GetFile(pid any, fileName string, opt *GetFileOptions, options ...RequestOptionFunc) (*File, *Response, error)
+		GetFileMetaData(pid any, fileName string, opt *GetFileMetaDataOptions, options ...RequestOptionFunc) (*File, *Response, error)
+		GetFileBlame(pid any, file string, opt *GetFileBlameOptions, options ...RequestOptionFunc) ([]*FileBlameRange, *Response, error)
+		GetRawFile(pid any, fileName string, opt *GetRawFileOptions, options ...RequestOptionFunc) ([]byte, *Response, error)
+		GetRawFileMetaData(pid any, fileName string, opt *GetRawFileOptions, options ...RequestOptionFunc) (*File, *Response, error)
+		CreateFile(pid any, fileName string, opt *CreateFileOptions, options ...RequestOptionFunc) (*FileInfo, *Response, error)
+		UpdateFile(pid any, fileName string, opt *UpdateFileOptions, options ...RequestOptionFunc) (*FileInfo, *Response, error)
+		DeleteFile(pid any, fileName string, opt *DeleteFileOptions, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// RepositoryFilesService handles communication with the repository files
@@ -81,7 +81,7 @@ type GetFileOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/repository_files/#get-file-from-repository
-func (s *RepositoryFilesService) GetFile(pid interface{}, fileName string, opt *GetFileOptions, options ...RequestOptionFunc) (*File, *Response, error) {
+func (s *RepositoryFilesService) GetFile(pid any, fileName string, opt *GetFileOptions, options ...RequestOptionFunc) (*File, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -119,7 +119,7 @@ type GetFileMetaDataOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/repository_files/#get-file-from-repository
-func (s *RepositoryFilesService) GetFileMetaData(pid interface{}, fileName string, opt *GetFileMetaDataOptions, options ...RequestOptionFunc) (*File, *Response, error) {
+func (s *RepositoryFilesService) GetFileMetaData(pid any, fileName string, opt *GetFileMetaDataOptions, options ...RequestOptionFunc) (*File, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -212,7 +212,7 @@ type GetFileBlameOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/repository_files/#get-file-blame-from-repository
-func (s *RepositoryFilesService) GetFileBlame(pid interface{}, file string, opt *GetFileBlameOptions, options ...RequestOptionFunc) ([]*FileBlameRange, *Response, error) {
+func (s *RepositoryFilesService) GetFileBlame(pid any, file string, opt *GetFileBlameOptions, options ...RequestOptionFunc) ([]*FileBlameRange, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -250,7 +250,7 @@ type GetRawFileOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/repository_files/#get-raw-file-from-repository
-func (s *RepositoryFilesService) GetRawFile(pid interface{}, fileName string, opt *GetRawFileOptions, options ...RequestOptionFunc) ([]byte, *Response, error) {
+func (s *RepositoryFilesService) GetRawFile(pid any, fileName string, opt *GetRawFileOptions, options ...RequestOptionFunc) ([]byte, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -279,7 +279,7 @@ func (s *RepositoryFilesService) GetRawFile(pid interface{}, fileName string, op
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/repository_files/#get-raw-file-from-repository
-func (s *RepositoryFilesService) GetRawFileMetaData(pid interface{}, fileName string, opt *GetRawFileOptions, options ...RequestOptionFunc) (*File, *Response, error) {
+func (s *RepositoryFilesService) GetRawFileMetaData(pid any, fileName string, opt *GetRawFileOptions, options ...RequestOptionFunc) (*File, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -339,7 +339,7 @@ type CreateFileOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/repository_files/#create-new-file-in-repository
-func (s *RepositoryFilesService) CreateFile(pid interface{}, fileName string, opt *CreateFileOptions, options ...RequestOptionFunc) (*FileInfo, *Response, error) {
+func (s *RepositoryFilesService) CreateFile(pid any, fileName string, opt *CreateFileOptions, options ...RequestOptionFunc) (*FileInfo, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -384,7 +384,7 @@ type UpdateFileOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/repository_files/#update-existing-file-in-repository
-func (s *RepositoryFilesService) UpdateFile(pid interface{}, fileName string, opt *UpdateFileOptions, options ...RequestOptionFunc) (*FileInfo, *Response, error) {
+func (s *RepositoryFilesService) UpdateFile(pid any, fileName string, opt *UpdateFileOptions, options ...RequestOptionFunc) (*FileInfo, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -426,7 +426,7 @@ type DeleteFileOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/repository_files/#delete-existing-file-in-repository
-func (s *RepositoryFilesService) DeleteFile(pid interface{}, fileName string, opt *DeleteFileOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *RepositoryFilesService) DeleteFile(pid any, fileName string, opt *DeleteFileOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/repository_submodules.go b/vendor/gitlab.com/gitlab-org/api/client-go/repository_submodules.go
index 45af24a497..84a0491d42 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/repository_submodules.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/repository_submodules.go
@@ -24,13 +24,13 @@ import (
 
 type (
 	RepositorySubmodulesServiceInterface interface {
-		UpdateSubmodule(pid interface{}, submodule string, opt *UpdateSubmoduleOptions, options ...RequestOptionFunc) (*SubmoduleCommit, *Response, error)
+		UpdateSubmodule(pid any, submodule string, opt *UpdateSubmoduleOptions, options ...RequestOptionFunc) (*SubmoduleCommit, *Response, error)
 	}
 
 	// RepositorySubmodulesService handles communication with the repository
 	// submodules related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/repository_submodules.html
+	// GitLab API docs: https://docs.gitlab.com/api/repository_submodules/
 	RepositorySubmodulesService struct {
 		client *Client
 	}
@@ -40,7 +40,7 @@ var _ RepositorySubmodulesServiceInterface = (*RepositorySubmodulesService)(nil)
 
 // SubmoduleCommit represents a GitLab submodule commit.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/repository_submodules.html
+// GitLab API docs: https://docs.gitlab.com/api/repository_submodules/
 type SubmoduleCommit struct {
 	ID             string           `json:"id"`
 	ShortID        string           `json:"short_id"`
@@ -64,7 +64,7 @@ func (r SubmoduleCommit) String() string {
 // UpdateSubmoduleOptions represents the available UpdateSubmodule() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repository_submodules.html#update-existing-submodule-reference-in-repository
+// https://docs.gitlab.com/api/repository_submodules/#update-existing-submodule-reference-in-repository
 type UpdateSubmoduleOptions struct {
 	Branch        *string `url:"branch,omitempty" json:"branch,omitempty"`
 	CommitSHA     *string `url:"commit_sha,omitempty" json:"commit_sha,omitempty"`
@@ -74,8 +74,8 @@ type UpdateSubmoduleOptions struct {
 // UpdateSubmodule updates an existing submodule reference.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/repository_submodules.html#update-existing-submodule-reference-in-repository
-func (s *RepositorySubmodulesService) UpdateSubmodule(pid interface{}, submodule string, opt *UpdateSubmoduleOptions, options ...RequestOptionFunc) (*SubmoduleCommit, *Response, error) {
+// https://docs.gitlab.com/api/repository_submodules/#update-existing-submodule-reference-in-repository
+func (s *RepositorySubmodulesService) UpdateSubmodule(pid any, submodule string, opt *UpdateSubmoduleOptions, options ...RequestOptionFunc) (*SubmoduleCommit, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/request_options.go b/vendor/gitlab.com/gitlab-org/api/client-go/request_options.go
index d158047f69..16f699c087 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/request_options.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/request_options.go
@@ -19,6 +19,7 @@ package gitlab
 import (
 	"context"
 	"net/url"
+	"strconv"
 
 	retryablehttp "github.com/hashicorp/go-retryablehttp"
 )
@@ -29,11 +30,24 @@ type RequestOptionFunc func(*retryablehttp.Request) error
 // WithContext runs the request with the provided context
 func WithContext(ctx context.Context) RequestOptionFunc {
 	return func(req *retryablehttp.Request) error {
-		*req = *req.WithContext(ctx)
+		newCtx := copyContextValues(req.Context(), ctx)
+
+		*req = *req.WithContext(newCtx)
 		return nil
 	}
 }
 
+// copyContextValues copy some context key and values in old context
+func copyContextValues(oldCtx context.Context, newCtx context.Context) context.Context {
+	cheryRetry := checkRetryFromContext(oldCtx)
+
+	if cheryRetry != nil {
+		newCtx = contextWithCheckRetry(newCtx, cheryRetry)
+	}
+
+	return newCtx
+}
+
 // WithHeader takes a header name and value and appends it to the request headers.
 func WithHeader(name, value string) RequestOptionFunc {
 	return func(req *retryablehttp.Request) error {
@@ -74,8 +88,20 @@ func WithKeysetPaginationParameters(nextLink string) RequestOptionFunc {
 	}
 }
 
+// WithOffsetPaginationParameters takes a page number and modifies the request
+// to use that page for offset-based pagination, overriding any existing page value.
+func WithOffsetPaginationParameters(page int) RequestOptionFunc {
+	return func(req *retryablehttp.Request) error {
+		q := req.URL.Query()
+		q.Del("page")
+		q.Add("page", strconv.Itoa(page))
+		req.URL.RawQuery = q.Encode()
+		return nil
+	}
+}
+
 // WithSudo takes either a username or user ID and sets the SUDO request header.
-func WithSudo(uid interface{}) RequestOptionFunc {
+func WithSudo(uid any) RequestOptionFunc {
 	return func(req *retryablehttp.Request) error {
 		user, err := parseID(uid)
 		if err != nil {
@@ -100,3 +126,13 @@ func WithToken(authType AuthType, token string) RequestOptionFunc {
 		return nil
 	}
 }
+
+// WithRequestRetry takes a `retryablehttp.CheckRetry` which is then used when making this one request.
+func WithRequestRetry(checkRetry retryablehttp.CheckRetry) RequestOptionFunc {
+	return func(req *retryablehttp.Request) error {
+		// Store checkRetry to context
+		ctx := contextWithCheckRetry(req.Context(), checkRetry)
+		*req = *req.WithContext(ctx)
+		return nil
+	}
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/resource_group.go b/vendor/gitlab.com/gitlab-org/api/client-go/resource_group.go
index bdc961d72e..7471c29598 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/resource_group.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/resource_group.go
@@ -24,17 +24,17 @@ import (
 
 type (
 	ResourceGroupServiceInterface interface {
-		GetAllResourceGroupsForAProject(pid interface{}, options ...RequestOptionFunc) ([]*ResourceGroup, *Response, error)
-		GetASpecificResourceGroup(pid interface{}, key string, options ...RequestOptionFunc) (*ResourceGroup, *Response, error)
-		ListUpcomingJobsForASpecificResourceGroup(pid interface{}, key string, options ...RequestOptionFunc) ([]*Job, *Response, error)
-		EditAnExistingResourceGroup(pid interface{}, key string, opts *EditAnExistingResourceGroupOptions, options ...RequestOptionFunc) (*ResourceGroup, *Response, error)
+		GetAllResourceGroupsForAProject(pid any, options ...RequestOptionFunc) ([]*ResourceGroup, *Response, error)
+		GetASpecificResourceGroup(pid any, key string, options ...RequestOptionFunc) (*ResourceGroup, *Response, error)
+		ListUpcomingJobsForASpecificResourceGroup(pid any, key string, options ...RequestOptionFunc) ([]*Job, *Response, error)
+		EditAnExistingResourceGroup(pid any, key string, opts *EditAnExistingResourceGroupOptions, options ...RequestOptionFunc) (*ResourceGroup, *Response, error)
 	}
 
 	// ResourceGroupService handles communication with the resource
 	// group related methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/resource_groups.html
+	// https://docs.gitlab.com/api/resource_groups/
 	ResourceGroupService struct {
 		client *Client
 	}
@@ -45,7 +45,7 @@ var _ ResourceGroupServiceInterface = (*ResourceGroupService)(nil)
 // ResourceGrouop represents a GitLab Project Resource Group.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_groups.html
+// https://docs.gitlab.com/api/resource_groups/
 type ResourceGroup struct {
 	ID          int        `json:"id"`
 	Key         string     `json:"key"`
@@ -57,7 +57,7 @@ type ResourceGroup struct {
 // Gets a string representation of a ResourceGroup
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_groups.html
+// https://docs.gitlab.com/api/resource_groups/
 func (rg ResourceGroup) String() string {
 	return Stringify(rg)
 }
@@ -66,8 +66,8 @@ func (rg ResourceGroup) String() string {
 // groups associated with a given project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_groups.html#get-all-resource-groups-for-a-project
-func (s *ResourceGroupService) GetAllResourceGroupsForAProject(pid interface{}, options ...RequestOptionFunc) ([]*ResourceGroup, *Response, error) {
+// https://docs.gitlab.com/api/resource_groups/#get-all-resource-groups-for-a-project
+func (s *ResourceGroupService) GetAllResourceGroupsForAProject(pid any, options ...RequestOptionFunc) ([]*ResourceGroup, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -92,8 +92,8 @@ func (s *ResourceGroupService) GetAllResourceGroupsForAProject(pid interface{},
 // resource group for a given project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_groups.html#get-a-specific-resource-group
-func (s *ResourceGroupService) GetASpecificResourceGroup(pid interface{}, key string, options ...RequestOptionFunc) (*ResourceGroup, *Response, error) {
+// https://docs.gitlab.com/api/resource_groups/#get-a-specific-resource-group
+func (s *ResourceGroupService) GetASpecificResourceGroup(pid any, key string, options ...RequestOptionFunc) (*ResourceGroup, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -118,8 +118,8 @@ func (s *ResourceGroupService) GetASpecificResourceGroup(pid interface{}, key st
 // upcoming jobs for a specific resource group for a given project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_groups.html#list-upcoming-jobs-for-a-specific-resource-group
-func (s *ResourceGroupService) ListUpcomingJobsForASpecificResourceGroup(pid interface{}, key string, options ...RequestOptionFunc) ([]*Job, *Response, error) {
+// https://docs.gitlab.com/api/resource_groups/#list-upcoming-jobs-for-a-specific-resource-group
+func (s *ResourceGroupService) ListUpcomingJobsForASpecificResourceGroup(pid any, key string, options ...RequestOptionFunc) ([]*Job, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -144,7 +144,7 @@ func (s *ResourceGroupService) ListUpcomingJobsForASpecificResourceGroup(pid int
 // EditAnExistingResourceGroup options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_groups.html#edit-an-existing-resource-group
+// https://docs.gitlab.com/api/resource_groups/#edit-an-existing-resource-group
 type EditAnExistingResourceGroupOptions struct {
 	ProcessMode *ResourceGroupProcessMode `url:"process_mode,omitempty" json:"process_mode,omitempty"`
 }
@@ -153,8 +153,8 @@ type EditAnExistingResourceGroupOptions struct {
 // resource group for a given project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_groups.html#edit-an-existing-resource-group
-func (s *ResourceGroupService) EditAnExistingResourceGroup(pid interface{}, key string, opts *EditAnExistingResourceGroupOptions, options ...RequestOptionFunc) (*ResourceGroup, *Response, error) {
+// https://docs.gitlab.com/api/resource_groups/#edit-an-existing-resource-group
+func (s *ResourceGroupService) EditAnExistingResourceGroup(pid any, key string, opts *EditAnExistingResourceGroupOptions, options ...RequestOptionFunc) (*ResourceGroup, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/resource_iteration_events.go b/vendor/gitlab.com/gitlab-org/api/client-go/resource_iteration_events.go
index a79a94170e..bb52fc0eea 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/resource_iteration_events.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/resource_iteration_events.go
@@ -24,14 +24,14 @@ import (
 
 type (
 	ResourceIterationEventsServiceInterface interface {
-		ListIssueIterationEvents(pid interface{}, issue int, opt *ListIterationEventsOptions, options ...RequestOptionFunc) ([]*IterationEvent, *Response, error)
-		GetIssueIterationEvent(pid interface{}, issue int, event int, options ...RequestOptionFunc) (*IterationEvent, *Response, error)
+		ListIssueIterationEvents(pid any, issue int, opt *ListIterationEventsOptions, options ...RequestOptionFunc) ([]*IterationEvent, *Response, error)
+		GetIssueIterationEvent(pid any, issue int, event int, options ...RequestOptionFunc) (*IterationEvent, *Response, error)
 	}
 
 	// ResourceIterationEventsService handles communication with the event related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/resource_iteration_events.html
+	// GitLab API docs: https://docs.gitlab.com/api/resource_iteration_events/
 	ResourceIterationEventsService struct {
 		client *Client
 	}
@@ -41,7 +41,7 @@ var _ ResourceIterationEventsServiceInterface = (*ResourceIterationEventsService
 
 // IterationEvent represents a resource iteration event.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/resource_iteration_events.html
+// GitLab API docs: https://docs.gitlab.com/api/resource_iteration_events/
 type IterationEvent struct {
 	ID           int        `json:"id"`
 	User         *BasicUser `json:"user"`
@@ -54,7 +54,7 @@ type IterationEvent struct {
 
 // Iteration represents a project issue iteration.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/resource_iteration_events.html
+// GitLab API docs: https://docs.gitlab.com/api/resource_iteration_events/
 type Iteration struct {
 	ID          int        `json:"id"`
 	IID         int        `json:"iid"`
@@ -74,7 +74,7 @@ type Iteration struct {
 // events list methods.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_iteration_events.html#list-project-issue-iteration-events
+// https://docs.gitlab.com/api/resource_iteration_events/#list-project-issue-iteration-events
 type ListIterationEventsOptions struct {
 	ListOptions
 }
@@ -83,8 +83,8 @@ type ListIterationEventsOptions struct {
 // specified project and issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_iteration_events.html#list-project-issue-iteration-events
-func (s *ResourceIterationEventsService) ListIssueIterationEvents(pid interface{}, issue int, opt *ListIterationEventsOptions, options ...RequestOptionFunc) ([]*IterationEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_iteration_events/#list-project-issue-iteration-events
+func (s *ResourceIterationEventsService) ListIssueIterationEvents(pid any, issue int, opt *ListIterationEventsOptions, options ...RequestOptionFunc) ([]*IterationEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -108,8 +108,8 @@ func (s *ResourceIterationEventsService) ListIssueIterationEvents(pid interface{
 // GetIssueIterationEvent gets a single issue iteration event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_iteration_events.html#get-single-issue-iteration-event
-func (s *ResourceIterationEventsService) GetIssueIterationEvent(pid interface{}, issue int, event int, options ...RequestOptionFunc) (*IterationEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_iteration_events/#get-single-issue-iteration-event
+func (s *ResourceIterationEventsService) GetIssueIterationEvent(pid any, issue int, event int, options ...RequestOptionFunc) (*IterationEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/resource_label_events.go b/vendor/gitlab.com/gitlab-org/api/client-go/resource_label_events.go
index 7f66b16ecf..f37296748b 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/resource_label_events.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/resource_label_events.go
@@ -24,18 +24,21 @@ import (
 
 type (
 	ResourceLabelEventsServiceInterface interface {
-		ListIssueLabelEvents(pid interface{}, issue int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error)
-		GetIssueLabelEvent(pid interface{}, issue int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error)
-		ListGroupEpicLabelEvents(gid interface{}, epic int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error)
-		GetGroupEpicLabelEvent(gid interface{}, epic int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error)
-		ListMergeRequestsLabelEvents(pid interface{}, request int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error)
-		GetMergeRequestLabelEvent(pid interface{}, request int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error)
+		ListIssueLabelEvents(pid any, issue int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error)
+		GetIssueLabelEvent(pid any, issue int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error)
+		ListMergeRequestsLabelEvents(pid any, request int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error)
+		GetMergeRequestLabelEvent(pid any, request int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error)
+
+		// Will be removed in v5, use Work Items API instead
+		ListGroupEpicLabelEvents(gid any, epic int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error)
+		// Will be removed in v5, use Work Items API instead
+		GetGroupEpicLabelEvent(gid any, epic int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error)
 	}
 
 	// ResourceLabelEventsService handles communication with the event related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/resource_label_events.html
+	// GitLab API docs: https://docs.gitlab.com/api/resource_label_events/
 	ResourceLabelEventsService struct {
 		client *Client
 	}
@@ -46,7 +49,7 @@ var _ ResourceLabelEventsServiceInterface = (*ResourceLabelEventsService)(nil)
 // LabelEvent represents a resource label event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_label_events.html#get-single-issue-label-event
+// https://docs.gitlab.com/api/resource_label_events/#get-single-issue-label-event
 type LabelEvent struct {
 	ID           int        `json:"id"`
 	Action       string     `json:"action"`
@@ -74,7 +77,7 @@ type LabelEvent struct {
 // list methods.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_label_events.html#list-project-issue-label-events
+// https://docs.gitlab.com/api/resource_label_events/#list-project-issue-label-events
 type ListLabelEventsOptions struct {
 	ListOptions
 }
@@ -83,8 +86,8 @@ type ListLabelEventsOptions struct {
 // specified project and issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_label_events.html#list-project-issue-label-events
-func (s *ResourceLabelEventsService) ListIssueLabelEvents(pid interface{}, issue int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_label_events/#list-project-issue-label-events
+func (s *ResourceLabelEventsService) ListIssueLabelEvents(pid any, issue int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -108,8 +111,8 @@ func (s *ResourceLabelEventsService) ListIssueLabelEvents(pid interface{}, issue
 // GetIssueLabelEvent gets a single issue-label-event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_label_events.html#get-single-issue-label-event
-func (s *ResourceLabelEventsService) GetIssueLabelEvent(pid interface{}, issue int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_label_events/#get-single-issue-label-event
+func (s *ResourceLabelEventsService) GetIssueLabelEvent(pid any, issue int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -132,10 +135,11 @@ func (s *ResourceLabelEventsService) GetIssueLabelEvent(pid interface{}, issue i
 
 // ListGroupEpicLabelEvents retrieves resource label events for the specified
 // group and epic.
+// Will be removed in v5, use Work Items API instead
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_label_events.html#list-group-epic-label-events
-func (s *ResourceLabelEventsService) ListGroupEpicLabelEvents(gid interface{}, epic int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_label_events/#list-group-epic-label-events
+func (s *ResourceLabelEventsService) ListGroupEpicLabelEvents(gid any, epic int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -157,10 +161,11 @@ func (s *ResourceLabelEventsService) ListGroupEpicLabelEvents(gid interface{}, e
 }
 
 // GetGroupEpicLabelEvent gets a single group epic label event.
+// Will be removed in v5, use Work Items API instead
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_label_events.html#get-single-epic-label-event
-func (s *ResourceLabelEventsService) GetGroupEpicLabelEvent(gid interface{}, epic int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_label_events/#get-single-epic-label-event
+func (s *ResourceLabelEventsService) GetGroupEpicLabelEvent(gid any, epic int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -185,8 +190,8 @@ func (s *ResourceLabelEventsService) GetGroupEpicLabelEvent(gid interface{}, epi
 // project and merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_label_events.html#list-project-merge-request-label-events
-func (s *ResourceLabelEventsService) ListMergeRequestsLabelEvents(pid interface{}, request int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_label_events/#list-project-merge-request-label-events
+func (s *ResourceLabelEventsService) ListMergeRequestsLabelEvents(pid any, request int, opt *ListLabelEventsOptions, options ...RequestOptionFunc) ([]*LabelEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -210,8 +215,8 @@ func (s *ResourceLabelEventsService) ListMergeRequestsLabelEvents(pid interface{
 // GetMergeRequestLabelEvent gets a single merge request label event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_label_events.html#get-single-merge-request-label-event
-func (s *ResourceLabelEventsService) GetMergeRequestLabelEvent(pid interface{}, request int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_label_events/#get-single-merge-request-label-event
+func (s *ResourceLabelEventsService) GetMergeRequestLabelEvent(pid any, request int, event int, options ...RequestOptionFunc) (*LabelEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/resource_milestone_events.go b/vendor/gitlab.com/gitlab-org/api/client-go/resource_milestone_events.go
index 21afaf3dc8..76cb105da3 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/resource_milestone_events.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/resource_milestone_events.go
@@ -24,16 +24,16 @@ import (
 
 type (
 	ResourceMilestoneEventsServiceInterface interface {
-		ListIssueMilestoneEvents(pid interface{}, issue int, opt *ListMilestoneEventsOptions, options ...RequestOptionFunc) ([]*MilestoneEvent, *Response, error)
-		GetIssueMilestoneEvent(pid interface{}, issue int, event int, options ...RequestOptionFunc) (*MilestoneEvent, *Response, error)
-		ListMergeMilestoneEvents(pid interface{}, request int, opt *ListMilestoneEventsOptions, options ...RequestOptionFunc) ([]*MilestoneEvent, *Response, error)
-		GetMergeRequestMilestoneEvent(pid interface{}, request int, event int, options ...RequestOptionFunc) (*MilestoneEvent, *Response, error)
+		ListIssueMilestoneEvents(pid any, issue int, opt *ListMilestoneEventsOptions, options ...RequestOptionFunc) ([]*MilestoneEvent, *Response, error)
+		GetIssueMilestoneEvent(pid any, issue int, event int, options ...RequestOptionFunc) (*MilestoneEvent, *Response, error)
+		ListMergeMilestoneEvents(pid any, request int, opt *ListMilestoneEventsOptions, options ...RequestOptionFunc) ([]*MilestoneEvent, *Response, error)
+		GetMergeRequestMilestoneEvent(pid any, request int, event int, options ...RequestOptionFunc) (*MilestoneEvent, *Response, error)
 	}
 
 	// ResourceMilestoneEventsService handles communication with the event related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/resource_milestone_events.html
+	// GitLab API docs: https://docs.gitlab.com/api/resource_milestone_events/
 	ResourceMilestoneEventsService struct {
 		client *Client
 	}
@@ -43,7 +43,7 @@ var _ ResourceMilestoneEventsServiceInterface = (*ResourceMilestoneEventsService
 
 // MilestoneEvent represents a resource milestone event.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/resource_milestone_events.html
+// GitLab API docs: https://docs.gitlab.com/api/resource_milestone_events/
 type MilestoneEvent struct {
 	ID           int        `json:"id"`
 	User         *BasicUser `json:"user"`
@@ -58,7 +58,7 @@ type MilestoneEvent struct {
 // list methods.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_milestone_events.html#list-project-issue-milestone-events
+// https://docs.gitlab.com/api/resource_milestone_events/#list-project-issue-milestone-events
 type ListMilestoneEventsOptions struct {
 	ListOptions
 }
@@ -67,8 +67,8 @@ type ListMilestoneEventsOptions struct {
 // project and issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_milestone_events.html#list-project-issue-milestone-events
-func (s *ResourceMilestoneEventsService) ListIssueMilestoneEvents(pid interface{}, issue int, opt *ListMilestoneEventsOptions, options ...RequestOptionFunc) ([]*MilestoneEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_milestone_events/#list-project-issue-milestone-events
+func (s *ResourceMilestoneEventsService) ListIssueMilestoneEvents(pid any, issue int, opt *ListMilestoneEventsOptions, options ...RequestOptionFunc) ([]*MilestoneEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -92,8 +92,8 @@ func (s *ResourceMilestoneEventsService) ListIssueMilestoneEvents(pid interface{
 // GetIssueMilestoneEvent gets a single issue milestone event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_milestone_events.html#get-single-issue-milestone-event
-func (s *ResourceMilestoneEventsService) GetIssueMilestoneEvent(pid interface{}, issue int, event int, options ...RequestOptionFunc) (*MilestoneEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_milestone_events/#get-single-issue-milestone-event
+func (s *ResourceMilestoneEventsService) GetIssueMilestoneEvent(pid any, issue int, event int, options ...RequestOptionFunc) (*MilestoneEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -118,8 +118,8 @@ func (s *ResourceMilestoneEventsService) GetIssueMilestoneEvent(pid interface{},
 // project and merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_milestone_events.html#list-project-merge-request-milestone-events
-func (s *ResourceMilestoneEventsService) ListMergeMilestoneEvents(pid interface{}, request int, opt *ListMilestoneEventsOptions, options ...RequestOptionFunc) ([]*MilestoneEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_milestone_events/#list-project-merge-request-milestone-events
+func (s *ResourceMilestoneEventsService) ListMergeMilestoneEvents(pid any, request int, opt *ListMilestoneEventsOptions, options ...RequestOptionFunc) ([]*MilestoneEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -143,8 +143,8 @@ func (s *ResourceMilestoneEventsService) ListMergeMilestoneEvents(pid interface{
 // GetMergeRequestMilestoneEvent gets a single merge request milestone event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_milestone_events.html#get-single-merge-request-milestone-event
-func (s *ResourceMilestoneEventsService) GetMergeRequestMilestoneEvent(pid interface{}, request int, event int, options ...RequestOptionFunc) (*MilestoneEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_milestone_events/#get-single-merge-request-milestone-event
+func (s *ResourceMilestoneEventsService) GetMergeRequestMilestoneEvent(pid any, request int, event int, options ...RequestOptionFunc) (*MilestoneEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/resource_state_events.go b/vendor/gitlab.com/gitlab-org/api/client-go/resource_state_events.go
index 3c752c697d..b1acec9ce6 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/resource_state_events.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/resource_state_events.go
@@ -24,16 +24,16 @@ import (
 
 type (
 	ResourceStateEventsServiceInterface interface {
-		ListIssueStateEvents(pid interface{}, issue int, opt *ListStateEventsOptions, options ...RequestOptionFunc) ([]*StateEvent, *Response, error)
-		GetIssueStateEvent(pid interface{}, issue int, event int, options ...RequestOptionFunc) (*StateEvent, *Response, error)
-		ListMergeStateEvents(pid interface{}, request int, opt *ListStateEventsOptions, options ...RequestOptionFunc) ([]*StateEvent, *Response, error)
-		GetMergeRequestStateEvent(pid interface{}, request int, event int, options ...RequestOptionFunc) (*StateEvent, *Response, error)
+		ListIssueStateEvents(pid any, issue int, opt *ListStateEventsOptions, options ...RequestOptionFunc) ([]*StateEvent, *Response, error)
+		GetIssueStateEvent(pid any, issue int, event int, options ...RequestOptionFunc) (*StateEvent, *Response, error)
+		ListMergeStateEvents(pid any, request int, opt *ListStateEventsOptions, options ...RequestOptionFunc) ([]*StateEvent, *Response, error)
+		GetMergeRequestStateEvent(pid any, request int, event int, options ...RequestOptionFunc) (*StateEvent, *Response, error)
 	}
 
 	// ResourceStateEventsService handles communication with the event related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/resource_state_events.html
+	// GitLab API docs: https://docs.gitlab.com/api/resource_state_events/
 	ResourceStateEventsService struct {
 		client *Client
 	}
@@ -43,7 +43,7 @@ var _ ResourceStateEventsServiceInterface = (*ResourceStateEventsService)(nil)
 
 // StateEvent represents a resource state event.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/resource_state_events.html
+// GitLab API docs: https://docs.gitlab.com/api/resource_state_events/
 type StateEvent struct {
 	ID           int            `json:"id"`
 	User         *BasicUser     `json:"user"`
@@ -57,7 +57,7 @@ type StateEvent struct {
 // list methods.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_state_events.html#list-project-issue-state-events
+// https://docs.gitlab.com/api/resource_state_events/#list-project-issue-state-events
 type ListStateEventsOptions struct {
 	ListOptions
 }
@@ -66,8 +66,8 @@ type ListStateEventsOptions struct {
 // project and issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_state_events.html#list-project-issue-state-events
-func (s *ResourceStateEventsService) ListIssueStateEvents(pid interface{}, issue int, opt *ListStateEventsOptions, options ...RequestOptionFunc) ([]*StateEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_state_events/#list-project-issue-state-events
+func (s *ResourceStateEventsService) ListIssueStateEvents(pid any, issue int, opt *ListStateEventsOptions, options ...RequestOptionFunc) ([]*StateEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -91,8 +91,8 @@ func (s *ResourceStateEventsService) ListIssueStateEvents(pid interface{}, issue
 // GetIssueStateEvent gets a single issue-state-event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_state_events.html#get-single-issue-state-event
-func (s *ResourceStateEventsService) GetIssueStateEvent(pid interface{}, issue int, event int, options ...RequestOptionFunc) (*StateEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_state_events/#get-single-issue-state-event
+func (s *ResourceStateEventsService) GetIssueStateEvent(pid any, issue int, event int, options ...RequestOptionFunc) (*StateEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -117,8 +117,8 @@ func (s *ResourceStateEventsService) GetIssueStateEvent(pid interface{}, issue i
 // project and merge request.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_state_events.html#list-project-merge-request-state-events
-func (s *ResourceStateEventsService) ListMergeStateEvents(pid interface{}, request int, opt *ListStateEventsOptions, options ...RequestOptionFunc) ([]*StateEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_state_events/#list-project-merge-request-state-events
+func (s *ResourceStateEventsService) ListMergeStateEvents(pid any, request int, opt *ListStateEventsOptions, options ...RequestOptionFunc) ([]*StateEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -142,8 +142,8 @@ func (s *ResourceStateEventsService) ListMergeStateEvents(pid interface{}, reque
 // GetMergeRequestStateEvent gets a single merge request state event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_state_events.html#get-single-merge-request-state-event
-func (s *ResourceStateEventsService) GetMergeRequestStateEvent(pid interface{}, request int, event int, options ...RequestOptionFunc) (*StateEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_state_events/#get-single-merge-request-state-event
+func (s *ResourceStateEventsService) GetMergeRequestStateEvent(pid any, request int, event int, options ...RequestOptionFunc) (*StateEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/resource_weight_events.go b/vendor/gitlab.com/gitlab-org/api/client-go/resource_weight_events.go
index aecb344aad..e515f312ab 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/resource_weight_events.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/resource_weight_events.go
@@ -24,13 +24,13 @@ import (
 
 type (
 	ResourceWeightEventsServiceInterface interface {
-		ListIssueWeightEvents(pid interface{}, issue int, opt *ListWeightEventsOptions, options ...RequestOptionFunc) ([]*WeightEvent, *Response, error)
+		ListIssueWeightEvents(pid any, issue int, opt *ListWeightEventsOptions, options ...RequestOptionFunc) ([]*WeightEvent, *Response, error)
 	}
 
 	// ResourceWeightEventsService handles communication with the event related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/resource_weight_events.html
+	// GitLab API docs: https://docs.gitlab.com/api/resource_weight_events/
 	ResourceWeightEventsService struct {
 		client *Client
 	}
@@ -40,7 +40,7 @@ var _ ResourceWeightEventsServiceInterface = (*ResourceWeightEventsService)(nil)
 
 // WeightEvent represents a resource weight event.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/resource_weight_events.html
+// GitLab API docs: https://docs.gitlab.com/api/resource_weight_events/
 type WeightEvent struct {
 	ID           int            `json:"id"`
 	User         *BasicUser     `json:"user"`
@@ -56,7 +56,7 @@ type WeightEvent struct {
 // list methods.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_weight_events.html#list-project-issue-weight-events
+// https://docs.gitlab.com/api/resource_weight_events/#list-project-issue-weight-events
 type ListWeightEventsOptions struct {
 	ListOptions
 }
@@ -65,8 +65,8 @@ type ListWeightEventsOptions struct {
 // project and issue.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/resource_weight_events.html#list-project-issue-weight-events
-func (s *ResourceWeightEventsService) ListIssueWeightEvents(pid interface{}, issue int, opt *ListWeightEventsOptions, options ...RequestOptionFunc) ([]*WeightEvent, *Response, error) {
+// https://docs.gitlab.com/api/resource_weight_events/#list-project-issue-weight-events
+func (s *ResourceWeightEventsService) ListIssueWeightEvents(pid any, issue int, opt *ListWeightEventsOptions, options ...RequestOptionFunc) ([]*WeightEvent, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/runners.go b/vendor/gitlab.com/gitlab-org/api/client-go/runners.go
index 6b052959a6..b5285c8068 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/runners.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/runners.go
@@ -26,28 +26,34 @@ type (
 	RunnersServiceInterface interface {
 		ListRunners(opt *ListRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error)
 		ListAllRunners(opt *ListRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error)
-		GetRunnerDetails(rid interface{}, options ...RequestOptionFunc) (*RunnerDetails, *Response, error)
-		UpdateRunnerDetails(rid interface{}, opt *UpdateRunnerDetailsOptions, options ...RequestOptionFunc) (*RunnerDetails, *Response, error)
-		RemoveRunner(rid interface{}, options ...RequestOptionFunc) (*Response, error)
-		ListRunnerJobs(rid interface{}, opt *ListRunnerJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error)
-		ListProjectRunners(pid interface{}, opt *ListProjectRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error)
-		EnableProjectRunner(pid interface{}, opt *EnableProjectRunnerOptions, options ...RequestOptionFunc) (*Runner, *Response, error)
-		DisableProjectRunner(pid interface{}, runner int, options ...RequestOptionFunc) (*Response, error)
-		ListGroupsRunners(gid interface{}, opt *ListGroupsRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error)
+		GetRunnerDetails(rid any, options ...RequestOptionFunc) (*RunnerDetails, *Response, error)
+		UpdateRunnerDetails(rid any, opt *UpdateRunnerDetailsOptions, options ...RequestOptionFunc) (*RunnerDetails, *Response, error)
+		RemoveRunner(rid any, options ...RequestOptionFunc) (*Response, error)
+		ListRunnerJobs(rid any, opt *ListRunnerJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error)
+		ListProjectRunners(pid any, opt *ListProjectRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error)
+		EnableProjectRunner(pid any, opt *EnableProjectRunnerOptions, options ...RequestOptionFunc) (*Runner, *Response, error)
+		DisableProjectRunner(pid any, runner int, options ...RequestOptionFunc) (*Response, error)
+		ListGroupsRunners(gid any, opt *ListGroupsRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error)
 		RegisterNewRunner(opt *RegisterNewRunnerOptions, options ...RequestOptionFunc) (*Runner, *Response, error)
 		DeleteRegisteredRunner(opt *DeleteRegisteredRunnerOptions, options ...RequestOptionFunc) (*Response, error)
 		DeleteRegisteredRunnerByID(rid int, options ...RequestOptionFunc) (*Response, error)
 		VerifyRegisteredRunner(opt *VerifyRegisteredRunnerOptions, options ...RequestOptionFunc) (*Response, error)
-		ResetInstanceRunnerRegistrationToken(options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error)
-		ResetGroupRunnerRegistrationToken(gid interface{}, options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error)
-		ResetProjectRunnerRegistrationToken(pid interface{}, options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error)
 		ResetRunnerAuthenticationToken(rid int, options ...RequestOptionFunc) (*RunnerAuthenticationToken, *Response, error)
+
+		// Deprecated: for removal in GitLab 20.0, see https://docs.gitlab.com/ci/runners/new_creation_workflow/ instead
+		ResetInstanceRunnerRegistrationToken(options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error)
+
+		// Deprecated: for removal in GitLab 20.0, see https://docs.gitlab.com/ci/runners/new_creation_workflow/ instead
+		ResetGroupRunnerRegistrationToken(gid any, options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error)
+
+		// Deprecated: for removal in GitLab 20.0, see https://docs.gitlab.com/ci/runners/new_creation_workflow/ instead
+		ResetProjectRunnerRegistrationToken(pid any, options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error)
 	}
 
 	// RunnersService handles communication with the runner related methods of the
 	// GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/runners.html
+	// GitLab API docs: https://docs.gitlab.com/api/runners/
 	RunnersService struct {
 		client *Client
 	}
@@ -57,31 +63,33 @@ var _ RunnersServiceInterface = (*RunnersService)(nil)
 
 // Runner represents a GitLab CI Runner.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/runners.html
+// GitLab API docs: https://docs.gitlab.com/api/runners/
 type Runner struct {
 	ID             int        `json:"id"`
 	Description    string     `json:"description"`
-	Active         bool       `json:"active"`
 	Paused         bool       `json:"paused"`
 	IsShared       bool       `json:"is_shared"`
-	IPAddress      string     `json:"ip_address"`
 	RunnerType     string     `json:"runner_type"`
 	Name           string     `json:"name"`
 	Online         bool       `json:"online"`
 	Status         string     `json:"status"`
 	Token          string     `json:"token"`
 	TokenExpiresAt *time.Time `json:"token_expires_at"`
+
+	// Deprecated: for removal in v5 of the API, use Paused instead
+	Active bool `json:"active"`
+
+	// Deprecated: for removal in v5 of the API, returns an empty string from 17.0 onwards, see GraphQL resource CiRunnerManager instead
+	IPAddress string `json:"ip_address"`
 }
 
 // RunnerDetails represents the GitLab CI runner details.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/runners.html
+// GitLab API docs: https://docs.gitlab.com/api/runners/
 type RunnerDetails struct {
 	Paused          bool       `json:"paused"`
-	Architecture    string     `json:"architecture"`
 	Description     string     `json:"description"`
 	ID              int        `json:"id"`
-	IPAddress       string     `json:"ip_address"`
 	IsShared        bool       `json:"is_shared"`
 	RunnerType      string     `json:"runner_type"`
 	ContactedAt     *time.Time `json:"contacted_at"`
@@ -89,7 +97,6 @@ type RunnerDetails struct {
 	Name            string     `json:"name"`
 	Online          bool       `json:"online"`
 	Status          string     `json:"status"`
-	Platform        string     `json:"platform"`
 	Projects        []struct {
 		ID                int    `json:"id"`
 		Name              string `json:"name"`
@@ -98,10 +105,8 @@ type RunnerDetails struct {
 		PathWithNamespace string `json:"path_with_namespace"`
 	} `json:"projects"`
 	Token          string   `json:"token"`
-	Revision       string   `json:"revision"`
 	TagList        []string `json:"tag_list"`
 	RunUntagged    bool     `json:"run_untagged"`
-	Version        string   `json:"version"`
 	Locked         bool     `json:"locked"`
 	AccessLevel    string   `json:"access_level"`
 	MaximumTimeout int      `json:"maximum_timeout"`
@@ -111,14 +116,29 @@ type RunnerDetails struct {
 		WebURL string `json:"web_url"`
 	} `json:"groups"`
 
-	// Deprecated: Use Paused instead. (Deprecated in GitLab 14.8)
+	// Deprecated: for removal in v5 of the API, see GraphQL resource CiRunnerManager instead
+	Architecture string `json:"architecture"`
+
+	// Deprecated: for removal in v5 of the API, returns an empty string from 17.0 onwards, see GraphQL resource CiRunnerManager instead
+	IPAddress string `json:"ip_address"`
+
+	// Deprecated: for removal in v5 of the API, see GraphQL resource CiRunnerManager instead
+	Platform string `json:"platform"`
+
+	// Deprecated: for removal in v5 of the API, see GraphQL resource CiRunnerManager instead
+	Revision string `json:"revision"`
+
+	// Deprecated: for removal in v5 of the API, see GraphQL resource CiRunnerManager instead
+	Version string `json:"version"`
+
+	// Deprecated: for removal in v5 of the API, use Paused instead
 	Active bool `json:"active"`
 }
 
 // ListRunnersOptions represents the available ListRunners() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#list-owned-runners
+// https://docs.gitlab.com/api/runners/#list-owned-runners
 type ListRunnersOptions struct {
 	ListOptions
 	Type    *string   `url:"type,omitempty" json:"type,omitempty"`
@@ -133,7 +153,7 @@ type ListRunnersOptions struct {
 // ListRunners gets a list of runners accessible by the authenticated user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#list-owned-runners
+// https://docs.gitlab.com/api/runners/#list-owned-runners
 func (s *RunnersService) ListRunners(opt *ListRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "runners", opt, options)
 	if err != nil {
@@ -153,7 +173,7 @@ func (s *RunnersService) ListRunners(opt *ListRunnersOptions, options ...Request
 // restricted to users with admin privileges.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#list-all-runners
+// https://docs.gitlab.com/api/runners/#list-all-runners
 func (s *RunnersService) ListAllRunners(opt *ListRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "runners/all", opt, options)
 	if err != nil {
@@ -172,8 +192,8 @@ func (s *RunnersService) ListAllRunners(opt *ListRunnersOptions, options ...Requ
 // GetRunnerDetails returns details for given runner.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#get-runners-details
-func (s *RunnersService) GetRunnerDetails(rid interface{}, options ...RequestOptionFunc) (*RunnerDetails, *Response, error) {
+// https://docs.gitlab.com/api/runners/#get-runners-details
+func (s *RunnersService) GetRunnerDetails(rid any, options ...RequestOptionFunc) (*RunnerDetails, *Response, error) {
 	runner, err := parseID(rid)
 	if err != nil {
 		return nil, nil, err
@@ -197,7 +217,7 @@ func (s *RunnersService) GetRunnerDetails(rid interface{}, options ...RequestOpt
 // UpdateRunnerDetailsOptions represents the available UpdateRunnerDetails() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#update-runners-details
+// https://docs.gitlab.com/api/runners/#update-runners-details
 type UpdateRunnerDetailsOptions struct {
 	Description     *string   `url:"description,omitempty" json:"description,omitempty"`
 	Paused          *bool     `url:"paused,omitempty" json:"paused,omitempty"`
@@ -208,15 +228,15 @@ type UpdateRunnerDetailsOptions struct {
 	MaximumTimeout  *int      `url:"maximum_timeout,omitempty" json:"maximum_timeout,omitempty"`
 	MaintenanceNote *string   `url:"maintenance_note,omitempty" json:"maintenance_note,omitempty"`
 
-	// Deprecated: Use Paused instead. (Deprecated in GitLab 14.8)
+	// Deprecated: for removal in v5 of the API, use Paused instead
 	Active *bool `url:"active,omitempty" json:"active,omitempty"`
 }
 
 // UpdateRunnerDetails updates details for a given runner.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#update-runners-details
-func (s *RunnersService) UpdateRunnerDetails(rid interface{}, opt *UpdateRunnerDetailsOptions, options ...RequestOptionFunc) (*RunnerDetails, *Response, error) {
+// https://docs.gitlab.com/api/runners/#update-runners-details
+func (s *RunnersService) UpdateRunnerDetails(rid any, opt *UpdateRunnerDetailsOptions, options ...RequestOptionFunc) (*RunnerDetails, *Response, error) {
 	runner, err := parseID(rid)
 	if err != nil {
 		return nil, nil, err
@@ -240,8 +260,8 @@ func (s *RunnersService) UpdateRunnerDetails(rid interface{}, opt *UpdateRunnerD
 // RemoveRunner removes a runner.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#delete-a-runner
-func (s *RunnersService) RemoveRunner(rid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/runners/#delete-a-runner
+func (s *RunnersService) RemoveRunner(rid any, options ...RequestOptionFunc) (*Response, error) {
 	runner, err := parseID(rid)
 	if err != nil {
 		return nil, err
@@ -260,7 +280,7 @@ func (s *RunnersService) RemoveRunner(rid interface{}, options ...RequestOptionF
 // options. Status can be one of: running, success, failed, canceled.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#list-runners-jobs
+// https://docs.gitlab.com/api/runners/#list-jobs-processed-by-a-runner
 type ListRunnerJobsOptions struct {
 	ListOptions
 	Status  *string `url:"status,omitempty" json:"status,omitempty"`
@@ -271,8 +291,8 @@ type ListRunnerJobsOptions struct {
 // ListRunnerJobs gets a list of jobs that are being processed or were processed by specified Runner.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#list-runners-jobs
-func (s *RunnersService) ListRunnerJobs(rid interface{}, opt *ListRunnerJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error) {
+// https://docs.gitlab.com/api/runners/#list-jobs-processed-by-a-runner
+func (s *RunnersService) ListRunnerJobs(rid any, opt *ListRunnerJobsOptions, options ...RequestOptionFunc) ([]*Job, *Response, error) {
 	runner, err := parseID(rid)
 	if err != nil {
 		return nil, nil, err
@@ -297,14 +317,14 @@ func (s *RunnersService) ListRunnerJobs(rid interface{}, opt *ListRunnerJobsOpti
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#list-projects-runners
+// https://docs.gitlab.com/api/runners/#list-projects-runners
 type ListProjectRunnersOptions ListRunnersOptions
 
 // ListProjectRunners gets a list of runners accessible by the authenticated user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#list-projects-runners
-func (s *RunnersService) ListProjectRunners(pid interface{}, opt *ListProjectRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error) {
+// https://docs.gitlab.com/api/runners/#list-projects-runners
+func (s *RunnersService) ListProjectRunners(pid any, opt *ListProjectRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -329,7 +349,7 @@ func (s *RunnersService) ListProjectRunners(pid interface{}, opt *ListProjectRun
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#enable-a-runner-in-project
+// https://docs.gitlab.com/api/runners/#assign-a-runner-to-project
 type EnableProjectRunnerOptions struct {
 	RunnerID int `json:"runner_id"`
 }
@@ -337,8 +357,8 @@ type EnableProjectRunnerOptions struct {
 // EnableProjectRunner enables an available specific runner in the project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#enable-a-runner-in-project
-func (s *RunnersService) EnableProjectRunner(pid interface{}, opt *EnableProjectRunnerOptions, options ...RequestOptionFunc) (*Runner, *Response, error) {
+// https://docs.gitlab.com/api/runners/#assign-a-runner-to-project
+func (s *RunnersService) EnableProjectRunner(pid any, opt *EnableProjectRunnerOptions, options ...RequestOptionFunc) (*Runner, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -362,8 +382,8 @@ func (s *RunnersService) EnableProjectRunner(pid interface{}, opt *EnableProject
 // DisableProjectRunner disables a specific runner from project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#disable-a-runner-from-project
-func (s *RunnersService) DisableProjectRunner(pid interface{}, runner int, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/runners/#unassign-a-runner-from-project
+func (s *RunnersService) DisableProjectRunner(pid any, runner int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -381,7 +401,7 @@ func (s *RunnersService) DisableProjectRunner(pid interface{}, runner int, optio
 // ListGroupsRunnersOptions represents the available ListGroupsRunners() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#list-groups-runners
+// https://docs.gitlab.com/api/runners/#list-groups-runners
 type ListGroupsRunnersOptions struct {
 	ListOptions
 	Type    *string   `url:"type,omitempty" json:"type,omitempty"`
@@ -394,8 +414,8 @@ type ListGroupsRunnersOptions struct {
 // shared runner is defined.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#list-groups-runners
-func (s *RunnersService) ListGroupsRunners(gid interface{}, opt *ListGroupsRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error) {
+// https://docs.gitlab.com/api/runners/#list-groups-runners
+func (s *RunnersService) ListGroupsRunners(gid any, opt *ListGroupsRunnersOptions, options ...RequestOptionFunc) ([]*Runner, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -420,12 +440,11 @@ func (s *RunnersService) ListGroupsRunners(gid interface{}, opt *ListGroupsRunne
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#register-a-new-runner
+// https://docs.gitlab.com/api/runners/#create-a-runner
 type RegisterNewRunnerOptions struct {
 	Token           *string                       `url:"token" json:"token"`
 	Description     *string                       `url:"description,omitempty" json:"description,omitempty"`
 	Info            *RegisterNewRunnerInfoOptions `url:"info,omitempty" json:"info,omitempty"`
-	Active          *bool                         `url:"active,omitempty" json:"active,omitempty"`
 	Paused          *bool                         `url:"paused,omitempty" json:"paused,omitempty"`
 	Locked          *bool                         `url:"locked,omitempty" json:"locked,omitempty"`
 	RunUntagged     *bool                         `url:"run_untagged,omitempty" json:"run_untagged,omitempty"`
@@ -433,13 +452,16 @@ type RegisterNewRunnerOptions struct {
 	AccessLevel     *string                       `url:"access_level,omitempty" json:"access_level,omitempty"`
 	MaximumTimeout  *int                          `url:"maximum_timeout,omitempty" json:"maximum_timeout,omitempty"`
 	MaintenanceNote *string                       `url:"maintenance_note,omitempty" json:"maintenance_note,omitempty"`
+
+	// Deprecated: for removal in v5 of the API, use Paused instead
+	Active *bool `url:"active,omitempty" json:"active,omitempty"`
 }
 
 // RegisterNewRunnerInfoOptions represents the info hashmap parameter in
 // RegisterNewRunnerOptions.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#register-a-new-runner
+// https://docs.gitlab.com/api/runners/#create-a-runner
 type RegisterNewRunnerInfoOptions struct {
 	Name         *string `url:"name,omitempty" json:"name,omitempty"`
 	Version      *string `url:"version,omitempty" json:"version,omitempty"`
@@ -451,7 +473,7 @@ type RegisterNewRunnerInfoOptions struct {
 // RegisterNewRunner registers a new Runner for the instance.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#register-a-new-runner
+// https://docs.gitlab.com/api/runners/#create-a-runner
 func (s *RunnersService) RegisterNewRunner(opt *RegisterNewRunnerOptions, options ...RequestOptionFunc) (*Runner, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "runners", opt, options)
 	if err != nil {
@@ -471,7 +493,7 @@ func (s *RunnersService) RegisterNewRunner(opt *RegisterNewRunnerOptions, option
 // DeleteRegisteredRunner() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#delete-a-runner-by-authentication-token
+// https://docs.gitlab.com/api/runners/#delete-a-runner-by-authentication-token
 type DeleteRegisteredRunnerOptions struct {
 	Token *string `url:"token" json:"token"`
 }
@@ -479,7 +501,7 @@ type DeleteRegisteredRunnerOptions struct {
 // DeleteRegisteredRunner deletes a Runner by Token.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#delete-a-runner-by-authentication-token
+// https://docs.gitlab.com/api/runners/#delete-a-runner-by-authentication-token
 func (s *RunnersService) DeleteRegisteredRunner(opt *DeleteRegisteredRunnerOptions, options ...RequestOptionFunc) (*Response, error) {
 	req, err := s.client.NewRequest(http.MethodDelete, "runners", opt, options)
 	if err != nil {
@@ -492,7 +514,7 @@ func (s *RunnersService) DeleteRegisteredRunner(opt *DeleteRegisteredRunnerOptio
 // DeleteRegisteredRunnerByID deletes a runner by ID.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#delete-a-runner-by-id
+// https://docs.gitlab.com/api/runners/#delete-a-runner-by-id
 func (s *RunnersService) DeleteRegisteredRunnerByID(rid int, options ...RequestOptionFunc) (*Response, error) {
 	req, err := s.client.NewRequest(http.MethodDelete, fmt.Sprintf("runners/%d", rid), nil, options)
 	if err != nil {
@@ -506,7 +528,7 @@ func (s *RunnersService) DeleteRegisteredRunnerByID(rid int, options ...RequestO
 // VerifyRegisteredRunner() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#verify-authentication-for-a-registered-runner
+// https://docs.gitlab.com/api/runners/#verify-authentication-for-a-registered-runner
 type VerifyRegisteredRunnerOptions struct {
 	Token *string `url:"token" json:"token"`
 }
@@ -514,7 +536,7 @@ type VerifyRegisteredRunnerOptions struct {
 // VerifyRegisteredRunner registers a new runner for the instance.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#verify-authentication-for-a-registered-runner
+// https://docs.gitlab.com/api/runners/#verify-authentication-for-a-registered-runner
 func (s *RunnersService) VerifyRegisteredRunner(opt *VerifyRegisteredRunnerOptions, options ...RequestOptionFunc) (*Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "runners/verify", opt, options)
 	if err != nil {
@@ -531,9 +553,10 @@ type RunnerRegistrationToken struct {
 
 // ResetInstanceRunnerRegistrationToken resets the instance runner registration
 // token.
+// Deprecated: for removal in GitLab 20.0, see https://docs.gitlab.com/ci/runners/new_creation_workflow/ instead
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#reset-instances-runner-registration-token
+// https://docs.gitlab.com/api/runners/#reset-instances-runner-registration-token
 func (s *RunnersService) ResetInstanceRunnerRegistrationToken(options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "runners/reset_registration_token", nil, options)
 	if err != nil {
@@ -550,10 +573,11 @@ func (s *RunnersService) ResetInstanceRunnerRegistrationToken(options ...Request
 }
 
 // ResetGroupRunnerRegistrationToken resets a group's runner registration token.
+// Deprecated: for removal in GitLab 20.0, see https://docs.gitlab.com/ci/runners/new_creation_workflow/ instead
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#reset-groups-runner-registration-token
-func (s *RunnersService) ResetGroupRunnerRegistrationToken(gid interface{}, options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error) {
+// https://docs.gitlab.com/api/runners/#reset-groups-runner-registration-token
+func (s *RunnersService) ResetGroupRunnerRegistrationToken(gid any, options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, nil, err
@@ -574,11 +598,12 @@ func (s *RunnersService) ResetGroupRunnerRegistrationToken(gid interface{}, opti
 	return r, resp, nil
 }
 
-// ResetGroupRunnerRegistrationToken resets a projects's runner registration token.
+// ResetProjectRunnerRegistrationToken resets a projects's runner registration token.
+// Deprecated: for removal in GitLab 20.0, see https://docs.gitlab.com/ci/runners/new_creation_workflow/ instead
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#reset-projects-runner-registration-token
-func (s *RunnersService) ResetProjectRunnerRegistrationToken(pid interface{}, options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error) {
+// https://docs.gitlab.com/api/runners/#reset-projects-runner-registration-token
+func (s *RunnersService) ResetProjectRunnerRegistrationToken(pid any, options ...RequestOptionFunc) (*RunnerRegistrationToken, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -606,7 +631,7 @@ type RunnerAuthenticationToken struct {
 // ResetRunnerAuthenticationToken resets a runner's authentication token.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/runners.html#reset-runners-authentication-token-by-using-the-runner-id
+// https://docs.gitlab.com/api/runners/#reset-runners-authentication-token-by-using-the-runner-id
 func (s *RunnersService) ResetRunnerAuthenticationToken(rid int, options ...RequestOptionFunc) (*RunnerAuthenticationToken, *Response, error) {
 	u := fmt.Sprintf("runners/%d/reset_authentication_token", rid)
 	req, err := s.client.NewRequest(http.MethodPost, u, nil, options)
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/search.go b/vendor/gitlab.com/gitlab-org/api/client-go/search.go
index 8b422dc892..580e56ff10 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/search.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/search.go
@@ -24,37 +24,36 @@ import (
 type (
 	SearchServiceInterface interface {
 		Projects(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
-		ProjectsByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
+		ProjectsByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Project, *Response, error)
 		Issues(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
-		IssuesByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
-		IssuesByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
+		IssuesByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
+		IssuesByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error)
 		MergeRequests(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error)
-		MergeRequestsByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error)
-		MergeRequestsByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error)
+		MergeRequestsByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error)
+		MergeRequestsByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error)
 		Milestones(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error)
-		MilestonesByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error)
-		MilestonesByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error)
+		MilestonesByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error)
+		MilestonesByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error)
 		SnippetTitles(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error)
-		SnippetBlobs(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error)
-		NotesByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Note, *Response, error)
+		NotesByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Note, *Response, error)
 		WikiBlobs(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error)
-		WikiBlobsByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error)
-		WikiBlobsByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error)
+		WikiBlobsByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error)
+		WikiBlobsByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error)
 		Commits(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error)
-		CommitsByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error)
-		CommitsByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error)
+		CommitsByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error)
+		CommitsByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error)
 		Blobs(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Blob, *Response, error)
-		BlobsByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Blob, *Response, error)
-		BlobsByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Blob, *Response, error)
+		BlobsByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Blob, *Response, error)
+		BlobsByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Blob, *Response, error)
 		Users(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*User, *Response, error)
-		UsersByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*User, *Response, error)
-		UsersByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*User, *Response, error)
+		UsersByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*User, *Response, error)
+		UsersByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*User, *Response, error)
 	}
 
 	// SearchService handles communication with the search related methods of the
 	// GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/search.html
+	// GitLab API docs: https://docs.gitlab.com/api/search/
 	SearchService struct {
 		client *Client
 	}
@@ -64,7 +63,7 @@ var _ SearchServiceInterface = (*SearchService)(nil)
 
 // SearchOptions represents the available options for all search methods.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html
+// GitLab API docs: https://docs.gitlab.com/api/search/
 type SearchOptions struct {
 	ListOptions
 	Ref *string `url:"ref,omitempty" json:"ref,omitempty"`
@@ -78,7 +77,7 @@ type searchOptions struct {
 
 // Projects searches the expression within projects
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-projects
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-projects
 func (s *SearchService) Projects(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
 	var ps []*Project
 	resp, err := s.search("projects", query, &ps, opt, options...)
@@ -88,8 +87,8 @@ func (s *SearchService) Projects(query string, opt *SearchOptions, options ...Re
 // ProjectsByGroup searches the expression within projects for
 // the specified group
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#group-search-api
-func (s *SearchService) ProjectsByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#group-search-api
+func (s *SearchService) ProjectsByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Project, *Response, error) {
 	var ps []*Project
 	resp, err := s.searchByGroup(gid, "projects", query, &ps, opt, options...)
 	return ps, resp, err
@@ -97,7 +96,7 @@ func (s *SearchService) ProjectsByGroup(gid interface{}, query string, opt *Sear
 
 // Issues searches the expression within issues
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-issues
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-issues
 func (s *SearchService) Issues(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	var is []*Issue
 	resp, err := s.search("issues", query, &is, opt, options...)
@@ -107,8 +106,8 @@ func (s *SearchService) Issues(query string, opt *SearchOptions, options ...Requ
 // IssuesByGroup searches the expression within issues for
 // the specified group
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-issues-1
-func (s *SearchService) IssuesByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-issues-1
+func (s *SearchService) IssuesByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	var is []*Issue
 	resp, err := s.searchByGroup(gid, "issues", query, &is, opt, options...)
 	return is, resp, err
@@ -117,8 +116,8 @@ func (s *SearchService) IssuesByGroup(gid interface{}, query string, opt *Search
 // IssuesByProject searches the expression within issues for
 // the specified project
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-issues-2
-func (s *SearchService) IssuesByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-issues-2
+func (s *SearchService) IssuesByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Issue, *Response, error) {
 	var is []*Issue
 	resp, err := s.searchByProject(pid, "issues", query, &is, opt, options...)
 	return is, resp, err
@@ -127,7 +126,7 @@ func (s *SearchService) IssuesByProject(pid interface{}, query string, opt *Sear
 // MergeRequests searches the expression within merge requests
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/search.html#scope-merge_requests
+// https://docs.gitlab.com/api/search/#scope-merge_requests
 func (s *SearchService) MergeRequests(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error) {
 	var ms []*MergeRequest
 	resp, err := s.search("merge_requests", query, &ms, opt, options...)
@@ -138,8 +137,8 @@ func (s *SearchService) MergeRequests(query string, opt *SearchOptions, options
 // the specified group
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/search.html#scope-merge_requests-1
-func (s *SearchService) MergeRequestsByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/search/#scope-merge_requests-1
+func (s *SearchService) MergeRequestsByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error) {
 	var ms []*MergeRequest
 	resp, err := s.searchByGroup(gid, "merge_requests", query, &ms, opt, options...)
 	return ms, resp, err
@@ -149,8 +148,8 @@ func (s *SearchService) MergeRequestsByGroup(gid interface{}, query string, opt
 // the specified project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/search.html#scope-merge_requests-2
-func (s *SearchService) MergeRequestsByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error) {
+// https://docs.gitlab.com/api/search/#scope-merge_requests-2
+func (s *SearchService) MergeRequestsByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*MergeRequest, *Response, error) {
 	var ms []*MergeRequest
 	resp, err := s.searchByProject(pid, "merge_requests", query, &ms, opt, options...)
 	return ms, resp, err
@@ -158,7 +157,7 @@ func (s *SearchService) MergeRequestsByProject(pid interface{}, query string, op
 
 // Milestones searches the expression within milestones
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-milestones
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-milestones
 func (s *SearchService) Milestones(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error) {
 	var ms []*Milestone
 	resp, err := s.search("milestones", query, &ms, opt, options...)
@@ -168,8 +167,8 @@ func (s *SearchService) Milestones(query string, opt *SearchOptions, options ...
 // MilestonesByGroup searches the expression within milestones for
 // the specified group
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-milestones-1
-func (s *SearchService) MilestonesByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-milestones-1
+func (s *SearchService) MilestonesByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error) {
 	var ms []*Milestone
 	resp, err := s.searchByGroup(gid, "milestones", query, &ms, opt, options...)
 	return ms, resp, err
@@ -178,8 +177,8 @@ func (s *SearchService) MilestonesByGroup(gid interface{}, query string, opt *Se
 // MilestonesByProject searches the expression within milestones for
 // the specified project
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-milestones-2
-func (s *SearchService) MilestonesByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-milestones-2
+func (s *SearchService) MilestonesByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Milestone, *Response, error) {
 	var ms []*Milestone
 	resp, err := s.searchByProject(pid, "milestones", query, &ms, opt, options...)
 	return ms, resp, err
@@ -188,28 +187,18 @@ func (s *SearchService) MilestonesByProject(pid interface{}, query string, opt *
 // SnippetTitles searches the expression within snippet titles
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/search.html#scope-snippet_titles
+// https://docs.gitlab.com/api/search/#scope-snippet_titles
 func (s *SearchService) SnippetTitles(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error) {
 	var ss []*Snippet
 	resp, err := s.search("snippet_titles", query, &ss, opt, options...)
 	return ss, resp, err
 }
 
-// SnippetBlobs searches the expression within snippet blobs
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/search.html#scope-snippet_blobs
-func (s *SearchService) SnippetBlobs(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error) {
-	var ss []*Snippet
-	resp, err := s.search("snippet_blobs", query, &ss, opt, options...)
-	return ss, resp, err
-}
-
 // NotesByProject searches the expression within notes for the specified
 // project
 //
-// GitLab API docs: // https://docs.gitlab.com/ee/api/search.html#scope-notes
-func (s *SearchService) NotesByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Note, *Response, error) {
+// GitLab API docs: // https://docs.gitlab.com/api/search/#scope-notes
+func (s *SearchService) NotesByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Note, *Response, error) {
 	var ns []*Note
 	resp, err := s.searchByProject(pid, "notes", query, &ns, opt, options...)
 	return ns, resp, err
@@ -218,7 +207,7 @@ func (s *SearchService) NotesByProject(pid interface{}, query string, opt *Searc
 // WikiBlobs searches the expression within all wiki blobs
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/search.html#scope-wiki_blobs
+// https://docs.gitlab.com/api/search/#scope-wiki_blobs
 func (s *SearchService) WikiBlobs(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error) {
 	var ws []*Wiki
 	resp, err := s.search("wiki_blobs", query, &ws, opt, options...)
@@ -229,8 +218,8 @@ func (s *SearchService) WikiBlobs(query string, opt *SearchOptions, options ...R
 // specified group
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/search.html#scope-wiki_blobs-premium-1
-func (s *SearchService) WikiBlobsByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error) {
+// https://docs.gitlab.com/api/search/#scope-wiki_blobs-1
+func (s *SearchService) WikiBlobsByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error) {
 	var ws []*Wiki
 	resp, err := s.searchByGroup(gid, "wiki_blobs", query, &ws, opt, options...)
 	return ws, resp, err
@@ -240,8 +229,8 @@ func (s *SearchService) WikiBlobsByGroup(gid interface{}, query string, opt *Sea
 // the specified project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/search.html#scope-wiki_blobs-premium-2
-func (s *SearchService) WikiBlobsByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error) {
+// https://docs.gitlab.com/api/search/#scope-wiki_blobs-2
+func (s *SearchService) WikiBlobsByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error) {
 	var ws []*Wiki
 	resp, err := s.searchByProject(pid, "wiki_blobs", query, &ws, opt, options...)
 	return ws, resp, err
@@ -249,7 +238,7 @@ func (s *SearchService) WikiBlobsByProject(pid interface{}, query string, opt *S
 
 // Commits searches the expression within all commits
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-commits
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-commits
 func (s *SearchService) Commits(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error) {
 	var cs []*Commit
 	resp, err := s.search("commits", query, &cs, opt, options...)
@@ -259,8 +248,8 @@ func (s *SearchService) Commits(query string, opt *SearchOptions, options ...Req
 // CommitsByGroup searches the expression within commits for the specified
 // group
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-commits-premium-1
-func (s *SearchService) CommitsByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-commits-1
+func (s *SearchService) CommitsByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error) {
 	var cs []*Commit
 	resp, err := s.searchByGroup(gid, "commits", query, &cs, opt, options...)
 	return cs, resp, err
@@ -269,8 +258,8 @@ func (s *SearchService) CommitsByGroup(gid interface{}, query string, opt *Searc
 // CommitsByProject searches the expression within commits for the
 // specified project
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-commits-premium-2
-func (s *SearchService) CommitsByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-commits-2
+func (s *SearchService) CommitsByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Commit, *Response, error) {
 	var cs []*Commit
 	resp, err := s.searchByProject(pid, "commits", query, &cs, opt, options...)
 	return cs, resp, err
@@ -290,7 +279,7 @@ type Blob struct {
 
 // Blobs searches the expression within all blobs
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-blobs
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-blobs
 func (s *SearchService) Blobs(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Blob, *Response, error) {
 	var bs []*Blob
 	resp, err := s.search("blobs", query, &bs, opt, options...)
@@ -300,8 +289,8 @@ func (s *SearchService) Blobs(query string, opt *SearchOptions, options ...Reque
 // BlobsByGroup searches the expression within blobs for the specified
 // group
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-blobs-premium-1
-func (s *SearchService) BlobsByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Blob, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-blobs-1
+func (s *SearchService) BlobsByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Blob, *Response, error) {
 	var bs []*Blob
 	resp, err := s.searchByGroup(gid, "blobs", query, &bs, opt, options...)
 	return bs, resp, err
@@ -310,8 +299,8 @@ func (s *SearchService) BlobsByGroup(gid interface{}, query string, opt *SearchO
 // BlobsByProject searches the expression within blobs for the specified
 // project
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-blobs-premium-2
-func (s *SearchService) BlobsByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Blob, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-blobs-2
+func (s *SearchService) BlobsByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*Blob, *Response, error) {
 	var bs []*Blob
 	resp, err := s.searchByProject(pid, "blobs", query, &bs, opt, options...)
 	return bs, resp, err
@@ -319,7 +308,7 @@ func (s *SearchService) BlobsByProject(pid interface{}, query string, opt *Searc
 
 // Users searches the expression within all users
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-users
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-users
 func (s *SearchService) Users(query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*User, *Response, error) {
 	var ret []*User
 	resp, err := s.search("users", query, &ret, opt, options...)
@@ -329,8 +318,11 @@ func (s *SearchService) Users(query string, opt *SearchOptions, options ...Reque
 // UsersByGroup searches the expression within users for the specified
 // group
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-users-1
-func (s *SearchService) UsersByGroup(gid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*User, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-users-1
+func (s *SearchService) UsersByGroup(gid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*User, *Response, error) {
+	if opt == nil {
+		opt = &SearchOptions{}
+	}
 	var ret []*User
 	resp, err := s.searchByGroup(gid, "users", query, &ret, opt, options...)
 	return ret, resp, err
@@ -339,14 +331,14 @@ func (s *SearchService) UsersByGroup(gid interface{}, query string, opt *SearchO
 // UsersByProject searches the expression within users for the
 // specified project
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/search.html#scope-users-2
-func (s *SearchService) UsersByProject(pid interface{}, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*User, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/search/#scope-users-2
+func (s *SearchService) UsersByProject(pid any, query string, opt *SearchOptions, options ...RequestOptionFunc) ([]*User, *Response, error) {
 	var ret []*User
 	resp, err := s.searchByProject(pid, "users", query, &ret, opt, options...)
 	return ret, resp, err
 }
 
-func (s *SearchService) search(scope, query string, result interface{}, opt *SearchOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *SearchService) search(scope, query string, result any, opt *SearchOptions, options ...RequestOptionFunc) (*Response, error) {
 	opts := &searchOptions{SearchOptions: *opt, Scope: scope, Search: query}
 
 	req, err := s.client.NewRequest(http.MethodGet, "search", opts, options)
@@ -357,7 +349,7 @@ func (s *SearchService) search(scope, query string, result interface{}, opt *Sea
 	return s.client.Do(req, result)
 }
 
-func (s *SearchService) searchByGroup(gid interface{}, scope, query string, result interface{}, opt *SearchOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *SearchService) searchByGroup(gid any, scope, query string, result any, opt *SearchOptions, options ...RequestOptionFunc) (*Response, error) {
 	group, err := parseID(gid)
 	if err != nil {
 		return nil, err
@@ -374,7 +366,7 @@ func (s *SearchService) searchByGroup(gid interface{}, scope, query string, resu
 	return s.client.Do(req, result)
 }
 
-func (s *SearchService) searchByProject(pid interface{}, scope, query string, result interface{}, opt *SearchOptions, options ...RequestOptionFunc) (*Response, error) {
+func (s *SearchService) searchByProject(pid any, scope, query string, result any, opt *SearchOptions, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/secure_files.go b/vendor/gitlab.com/gitlab-org/api/client-go/secure_files.go
index e6693ce84d..761beff905 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/secure_files.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/secure_files.go
@@ -23,11 +23,11 @@ import (
 
 type (
 	SecureFilesServiceInterface interface {
-		ListProjectSecureFiles(pid interface{}, opt *ListProjectSecureFilesOptions, options ...RequestOptionFunc) ([]*SecureFile, *Response, error)
-		ShowSecureFileDetails(pid interface{}, id int, options ...RequestOptionFunc) (*SecureFile, *Response, error)
-		CreateSecureFile(pid interface{}, content io.Reader, opt *CreateSecureFileOptions, options ...RequestOptionFunc) (*SecureFile, *Response, error)
-		DownloadSecureFile(pid interface{}, id int, options ...RequestOptionFunc) (io.Reader, *Response, error)
-		RemoveSecureFile(pid interface{}, id int, options ...RequestOptionFunc) (*Response, error)
+		ListProjectSecureFiles(pid any, opt *ListProjectSecureFilesOptions, options ...RequestOptionFunc) ([]*SecureFile, *Response, error)
+		ShowSecureFileDetails(pid any, id int, options ...RequestOptionFunc) (*SecureFile, *Response, error)
+		CreateSecureFile(pid any, content io.Reader, opt *CreateSecureFileOptions, options ...RequestOptionFunc) (*SecureFile, *Response, error)
+		DownloadSecureFile(pid any, id int, options ...RequestOptionFunc) (io.Reader, *Response, error)
+		RemoveSecureFile(pid any, id int, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// SecureFilesService handles communication with the secure files related
@@ -109,7 +109,7 @@ type ListProjectSecureFilesOptions ListOptions
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/secure_files/#list-project-secure-files
-func (s SecureFilesService) ListProjectSecureFiles(pid interface{}, opt *ListProjectSecureFilesOptions, options ...RequestOptionFunc) ([]*SecureFile, *Response, error) {
+func (s SecureFilesService) ListProjectSecureFiles(pid any, opt *ListProjectSecureFilesOptions, options ...RequestOptionFunc) ([]*SecureFile, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -133,7 +133,7 @@ func (s SecureFilesService) ListProjectSecureFiles(pid interface{}, opt *ListPro
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/secure_files/#show-secure-file-details
-func (s SecureFilesService) ShowSecureFileDetails(pid interface{}, id int, options ...RequestOptionFunc) (*SecureFile, *Response, error) {
+func (s SecureFilesService) ShowSecureFileDetails(pid any, id int, options ...RequestOptionFunc) (*SecureFile, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -167,7 +167,7 @@ type CreateSecureFileOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/secure_files/#create-secure-file
-func (s SecureFilesService) CreateSecureFile(pid interface{}, content io.Reader, opt *CreateSecureFileOptions, options ...RequestOptionFunc) (*SecureFile, *Response, error) {
+func (s SecureFilesService) CreateSecureFile(pid any, content io.Reader, opt *CreateSecureFileOptions, options ...RequestOptionFunc) (*SecureFile, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -192,7 +192,7 @@ func (s SecureFilesService) CreateSecureFile(pid interface{}, content io.Reader,
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/secure_files/#download-secure-file
-func (s SecureFilesService) DownloadSecureFile(pid interface{}, id int, options ...RequestOptionFunc) (io.Reader, *Response, error) {
+func (s SecureFilesService) DownloadSecureFile(pid any, id int, options ...RequestOptionFunc) (io.Reader, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -217,7 +217,7 @@ func (s SecureFilesService) DownloadSecureFile(pid interface{}, id int, options
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/secure_files/#remove-secure-file
-func (s SecureFilesService) RemoveSecureFile(pid interface{}, id int, options ...RequestOptionFunc) (*Response, error) {
+func (s SecureFilesService) RemoveSecureFile(pid any, id int, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/services.go b/vendor/gitlab.com/gitlab-org/api/client-go/services.go
index cf4f3e8f8c..7ce79c4ea8 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/services.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/services.go
@@ -26,80 +26,73 @@ import (
 
 type (
 	ServicesServiceInterface interface {
-		ListServices(pid interface{}, options ...RequestOptionFunc) ([]*Service, *Response, error)
-		GetCustomIssueTrackerService(pid interface{}, options ...RequestOptionFunc) (*CustomIssueTrackerService, *Response, error)
-		SetCustomIssueTrackerService(pid interface{}, opt *SetCustomIssueTrackerServiceOptions, options ...RequestOptionFunc) (*CustomIssueTrackerService, *Response, error)
-		DeleteCustomIssueTrackerService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetDataDogService(pid interface{}, options ...RequestOptionFunc) (*DataDogService, *Response, error)
-		SetDataDogService(pid interface{}, opt *SetDataDogServiceOptions, options ...RequestOptionFunc) (*DataDogService, *Response, error)
-		DeleteDataDogService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetDiscordService(pid interface{}, options ...RequestOptionFunc) (*DiscordService, *Response, error)
-		SetDiscordService(pid interface{}, opt *SetDiscordServiceOptions, options ...RequestOptionFunc) (*DiscordService, *Response, error)
-		DeleteDiscordService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetDroneCIService(pid interface{}, options ...RequestOptionFunc) (*DroneCIService, *Response, error)
-		SetDroneCIService(pid interface{}, opt *SetDroneCIServiceOptions, options ...RequestOptionFunc) (*DroneCIService, *Response, error)
-		DeleteDroneCIService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetEmailsOnPushService(pid interface{}, options ...RequestOptionFunc) (*EmailsOnPushService, *Response, error)
-		SetEmailsOnPushService(pid interface{}, opt *SetEmailsOnPushServiceOptions, options ...RequestOptionFunc) (*EmailsOnPushService, *Response, error)
-		DeleteEmailsOnPushService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetExternalWikiService(pid interface{}, options ...RequestOptionFunc) (*ExternalWikiService, *Response, error)
-		SetExternalWikiService(pid interface{}, opt *SetExternalWikiServiceOptions, options ...RequestOptionFunc) (*ExternalWikiService, *Response, error)
-		DeleteExternalWikiService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetGithubService(pid interface{}, options ...RequestOptionFunc) (*GithubService, *Response, error)
-		SetGithubService(pid interface{}, opt *SetGithubServiceOptions, options ...RequestOptionFunc) (*GithubService, *Response, error)
-		DeleteGithubService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetHarborService(pid interface{}, options ...RequestOptionFunc) (*HarborService, *Response, error)
-		SetHarborService(pid interface{}, opt *SetHarborServiceOptions, options ...RequestOptionFunc) (*HarborService, *Response, error)
-		DeleteHarborService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetSlackApplication(pid interface{}, options ...RequestOptionFunc) (*SlackApplication, *Response, error)
-		SetSlackApplication(pid interface{}, opt *SetSlackApplicationOptions, options ...RequestOptionFunc) (*SlackApplication, *Response, error)
-		DisableSlackApplication(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		SetGitLabCIService(pid interface{}, opt *SetGitLabCIServiceOptions, options ...RequestOptionFunc) (*Response, error)
-		DeleteGitLabCIService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		SetHipChatService(pid interface{}, opt *SetHipChatServiceOptions, options ...RequestOptionFunc) (*Response, error)
-		DeleteHipChatService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetJenkinsCIService(pid interface{}, options ...RequestOptionFunc) (*JenkinsCIService, *Response, error)
-		SetJenkinsCIService(pid interface{}, opt *SetJenkinsCIServiceOptions, options ...RequestOptionFunc) (*JenkinsCIService, *Response, error)
-		DeleteJenkinsCIService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetJiraService(pid interface{}, options ...RequestOptionFunc) (*JiraService, *Response, error)
-		SetJiraService(pid interface{}, opt *SetJiraServiceOptions, options ...RequestOptionFunc) (*JiraService, *Response, error)
-		DeleteJiraService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetMattermostService(pid interface{}, options ...RequestOptionFunc) (*MattermostService, *Response, error)
-		SetMattermostService(pid interface{}, opt *SetMattermostServiceOptions, options ...RequestOptionFunc) (*MattermostService, *Response, error)
-		DeleteMattermostService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetMattermostSlashCommandsService(pid interface{}, options ...RequestOptionFunc) (*MattermostSlashCommandsService, *Response, error)
-		SetMattermostSlashCommandsService(pid interface{}, opt *SetMattermostSlashCommandsServiceOptions, options ...RequestOptionFunc) (*MattermostSlashCommandsService, *Response, error)
-		DeleteMattermostSlashCommandsService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetMicrosoftTeamsService(pid interface{}, options ...RequestOptionFunc) (*MicrosoftTeamsService, *Response, error)
-		SetMicrosoftTeamsService(pid interface{}, opt *SetMicrosoftTeamsServiceOptions, options ...RequestOptionFunc) (*MicrosoftTeamsService, *Response, error)
-		DeleteMicrosoftTeamsService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetPipelinesEmailService(pid interface{}, options ...RequestOptionFunc) (*PipelinesEmailService, *Response, error)
-		SetPipelinesEmailService(pid interface{}, opt *SetPipelinesEmailServiceOptions, options ...RequestOptionFunc) (*PipelinesEmailService, *Response, error)
-		DeletePipelinesEmailService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetPrometheusService(pid interface{}, options ...RequestOptionFunc) (*PrometheusService, *Response, error)
-		SetPrometheusService(pid interface{}, opt *SetPrometheusServiceOptions, options ...RequestOptionFunc) (*PrometheusService, *Response, error)
-		DeletePrometheusService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetRedmineService(pid interface{}, options ...RequestOptionFunc) (*RedmineService, *Response, error)
-		SetRedmineService(pid interface{}, opt *SetRedmineServiceOptions, options ...RequestOptionFunc) (*RedmineService, *Response, error)
-		DeleteRedmineService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetSlackService(pid interface{}, options ...RequestOptionFunc) (*SlackService, *Response, error)
-		SetSlackService(pid interface{}, opt *SetSlackServiceOptions, options ...RequestOptionFunc) (*SlackService, *Response, error)
-		DeleteSlackService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetSlackSlashCommandsService(pid interface{}, options ...RequestOptionFunc) (*SlackSlashCommandsService, *Response, error)
-		SetSlackSlashCommandsService(pid interface{}, opt *SetSlackSlashCommandsServiceOptions, options ...RequestOptionFunc) (*SlackSlashCommandsService, *Response, error)
-		DeleteSlackSlashCommandsService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetTelegramService(pid interface{}, options ...RequestOptionFunc) (*TelegramService, *Response, error)
-		SetTelegramService(pid interface{}, opt *SetTelegramServiceOptions, options ...RequestOptionFunc) (*TelegramService, *Response, error)
-		DeleteTelegramService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
-		GetYouTrackService(pid interface{}, options ...RequestOptionFunc) (*YouTrackService, *Response, error)
-		SetYouTrackService(pid interface{}, opt *SetYouTrackServiceOptions, options ...RequestOptionFunc) (*YouTrackService, *Response, error)
-		DeleteYouTrackService(pid interface{}, options ...RequestOptionFunc) (*Response, error)
+		ListServices(pid any, options ...RequestOptionFunc) ([]*Service, *Response, error)
+		GetCustomIssueTrackerService(pid any, options ...RequestOptionFunc) (*CustomIssueTrackerService, *Response, error)
+		SetCustomIssueTrackerService(pid any, opt *SetCustomIssueTrackerServiceOptions, options ...RequestOptionFunc) (*CustomIssueTrackerService, *Response, error)
+		DeleteCustomIssueTrackerService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetDataDogService(pid any, options ...RequestOptionFunc) (*DataDogService, *Response, error)
+		SetDataDogService(pid any, opt *SetDataDogServiceOptions, options ...RequestOptionFunc) (*DataDogService, *Response, error)
+		DeleteDataDogService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetDiscordService(pid any, options ...RequestOptionFunc) (*DiscordService, *Response, error)
+		SetDiscordService(pid any, opt *SetDiscordServiceOptions, options ...RequestOptionFunc) (*DiscordService, *Response, error)
+		DeleteDiscordService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetDroneCIService(pid any, options ...RequestOptionFunc) (*DroneCIService, *Response, error)
+		SetDroneCIService(pid any, opt *SetDroneCIServiceOptions, options ...RequestOptionFunc) (*DroneCIService, *Response, error)
+		DeleteDroneCIService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetEmailsOnPushService(pid any, options ...RequestOptionFunc) (*EmailsOnPushService, *Response, error)
+		SetEmailsOnPushService(pid any, opt *SetEmailsOnPushServiceOptions, options ...RequestOptionFunc) (*EmailsOnPushService, *Response, error)
+		DeleteEmailsOnPushService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetExternalWikiService(pid any, options ...RequestOptionFunc) (*ExternalWikiService, *Response, error)
+		SetExternalWikiService(pid any, opt *SetExternalWikiServiceOptions, options ...RequestOptionFunc) (*ExternalWikiService, *Response, error)
+		DeleteExternalWikiService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetGithubService(pid any, options ...RequestOptionFunc) (*GithubService, *Response, error)
+		SetGithubService(pid any, opt *SetGithubServiceOptions, options ...RequestOptionFunc) (*GithubService, *Response, error)
+		DeleteGithubService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetHarborService(pid any, options ...RequestOptionFunc) (*HarborService, *Response, error)
+		SetHarborService(pid any, opt *SetHarborServiceOptions, options ...RequestOptionFunc) (*HarborService, *Response, error)
+		DeleteHarborService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetSlackApplication(pid any, options ...RequestOptionFunc) (*SlackApplication, *Response, error)
+		SetSlackApplication(pid any, opt *SetSlackApplicationOptions, options ...RequestOptionFunc) (*SlackApplication, *Response, error)
+		DisableSlackApplication(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetJenkinsCIService(pid any, options ...RequestOptionFunc) (*JenkinsCIService, *Response, error)
+		SetJenkinsCIService(pid any, opt *SetJenkinsCIServiceOptions, options ...RequestOptionFunc) (*JenkinsCIService, *Response, error)
+		DeleteJenkinsCIService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetJiraService(pid any, options ...RequestOptionFunc) (*JiraService, *Response, error)
+		SetJiraService(pid any, opt *SetJiraServiceOptions, options ...RequestOptionFunc) (*JiraService, *Response, error)
+		DeleteJiraService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetMattermostService(pid any, options ...RequestOptionFunc) (*MattermostService, *Response, error)
+		SetMattermostService(pid any, opt *SetMattermostServiceOptions, options ...RequestOptionFunc) (*MattermostService, *Response, error)
+		DeleteMattermostService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetMattermostSlashCommandsService(pid any, options ...RequestOptionFunc) (*MattermostSlashCommandsService, *Response, error)
+		SetMattermostSlashCommandsService(pid any, opt *SetMattermostSlashCommandsServiceOptions, options ...RequestOptionFunc) (*MattermostSlashCommandsService, *Response, error)
+		DeleteMattermostSlashCommandsService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetMicrosoftTeamsService(pid any, options ...RequestOptionFunc) (*MicrosoftTeamsService, *Response, error)
+		SetMicrosoftTeamsService(pid any, opt *SetMicrosoftTeamsServiceOptions, options ...RequestOptionFunc) (*MicrosoftTeamsService, *Response, error)
+		DeleteMicrosoftTeamsService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetPipelinesEmailService(pid any, options ...RequestOptionFunc) (*PipelinesEmailService, *Response, error)
+		SetPipelinesEmailService(pid any, opt *SetPipelinesEmailServiceOptions, options ...RequestOptionFunc) (*PipelinesEmailService, *Response, error)
+		DeletePipelinesEmailService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetRedmineService(pid any, options ...RequestOptionFunc) (*RedmineService, *Response, error)
+		SetRedmineService(pid any, opt *SetRedmineServiceOptions, options ...RequestOptionFunc) (*RedmineService, *Response, error)
+		DeleteRedmineService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetSlackService(pid any, options ...RequestOptionFunc) (*SlackService, *Response, error)
+		SetSlackService(pid any, opt *SetSlackServiceOptions, options ...RequestOptionFunc) (*SlackService, *Response, error)
+		DeleteSlackService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetSlackSlashCommandsService(pid any, options ...RequestOptionFunc) (*SlackSlashCommandsService, *Response, error)
+		SetSlackSlashCommandsService(pid any, opt *SetSlackSlashCommandsServiceOptions, options ...RequestOptionFunc) (*SlackSlashCommandsService, *Response, error)
+		DeleteSlackSlashCommandsService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetTelegramService(pid any, options ...RequestOptionFunc) (*TelegramService, *Response, error)
+		SetTelegramService(pid any, opt *SetTelegramServiceOptions, options ...RequestOptionFunc) (*TelegramService, *Response, error)
+		DeleteTelegramService(pid any, options ...RequestOptionFunc) (*Response, error)
+		GetYouTrackService(pid any, options ...RequestOptionFunc) (*YouTrackService, *Response, error)
+		SetYouTrackService(pid any, opt *SetYouTrackServiceOptions, options ...RequestOptionFunc) (*YouTrackService, *Response, error)
+		DeleteYouTrackService(pid any, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// ServicesService handles communication with the services related methods of
 	// the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/integrations.html
+	// GitLab API docs: https://docs.gitlab.com/api/project_integrations/
 	ServicesService struct {
 		client *Client
 	}
@@ -109,7 +102,7 @@ var _ ServicesServiceInterface = (*ServicesService)(nil)
 
 // Service represents a GitLab service.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/integrations.html
+// GitLab API docs: https://docs.gitlab.com/api/project_integrations/
 type Service struct {
 	ID                             int        `json:"id"`
 	Title                          string     `json:"title"`
@@ -140,8 +133,8 @@ type Service struct {
 
 // ListServices gets a list of all active services.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/integrations.html#list-all-active-integrations
-func (s *ServicesService) ListServices(pid interface{}, options ...RequestOptionFunc) ([]*Service, *Response, error) {
+// GitLab API docs: https://docs.gitlab.com/api/project_integrations/#list-all-active-integrations
+func (s *ServicesService) ListServices(pid any, options ...RequestOptionFunc) ([]*Service, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -165,7 +158,7 @@ func (s *ServicesService) ListServices(pid interface{}, options ...RequestOption
 // CustomIssueTrackerService represents Custom Issue Tracker service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#custom-issue-tracker
+// https://docs.gitlab.com/api/project_integrations/#custom-issue-tracker
 type CustomIssueTrackerService struct {
 	Service
 	Properties *CustomIssueTrackerServiceProperties `json:"properties"`
@@ -174,7 +167,7 @@ type CustomIssueTrackerService struct {
 // CustomIssueTrackerServiceProperties represents Custom Issue Tracker specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#custom-issue-tracker
+// https://docs.gitlab.com/api/project_integrations/#custom-issue-tracker
 type CustomIssueTrackerServiceProperties struct {
 	ProjectURL  string `json:"project_url,omitempty"`
 	IssuesURL   string `json:"issues_url,omitempty"`
@@ -184,8 +177,8 @@ type CustomIssueTrackerServiceProperties struct {
 // GetCustomIssueTrackerService gets Custom Issue Tracker service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-custom-issue-tracker-settings
-func (s *ServicesService) GetCustomIssueTrackerService(pid interface{}, options ...RequestOptionFunc) (*CustomIssueTrackerService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-custom-issue-tracker-settings
+func (s *ServicesService) GetCustomIssueTrackerService(pid any, options ...RequestOptionFunc) (*CustomIssueTrackerService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -210,7 +203,7 @@ func (s *ServicesService) GetCustomIssueTrackerService(pid interface{}, options
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-a-custom-issue-tracker
+// https://docs.gitlab.com/api/project_integrations/#set-up-a-custom-issue-tracker
 type SetCustomIssueTrackerServiceOptions struct {
 	NewIssueURL *string `url:"new_issue_url,omitempty" json:"new_issue_url,omitempty"`
 	IssuesURL   *string `url:"issues_url,omitempty" json:"issues_url,omitempty"`
@@ -220,8 +213,8 @@ type SetCustomIssueTrackerServiceOptions struct {
 // SetCustomIssueTrackerService sets Custom Issue Tracker service for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-a-custom-issue-tracker
-func (s *ServicesService) SetCustomIssueTrackerService(pid interface{}, opt *SetCustomIssueTrackerServiceOptions, options ...RequestOptionFunc) (*CustomIssueTrackerService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-a-custom-issue-tracker
+func (s *ServicesService) SetCustomIssueTrackerService(pid any, opt *SetCustomIssueTrackerServiceOptions, options ...RequestOptionFunc) (*CustomIssueTrackerService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -245,8 +238,8 @@ func (s *ServicesService) SetCustomIssueTrackerService(pid interface{}, opt *Set
 // DeleteCustomIssueTrackerService deletes Custom Issue Tracker service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-a-custom-issue-tracker
-func (s *ServicesService) DeleteCustomIssueTrackerService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-a-custom-issue-tracker
+func (s *ServicesService) DeleteCustomIssueTrackerService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -264,7 +257,7 @@ func (s *ServicesService) DeleteCustomIssueTrackerService(pid interface{}, optio
 // DataDogService represents DataDog service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#datadog
+// https://docs.gitlab.com/api/project_integrations/#datadog
 type DataDogService struct {
 	Service
 	Properties *DataDogServiceProperties `json:"properties"`
@@ -273,7 +266,7 @@ type DataDogService struct {
 // DataDogServiceProperties represents DataDog specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#datadog
+// https://docs.gitlab.com/api/project_integrations/#datadog
 type DataDogServiceProperties struct {
 	APIURL             string `url:"api_url,omitempty" json:"api_url,omitempty"`
 	DataDogEnv         string `url:"datadog_env,omitempty" json:"datadog_env,omitempty"`
@@ -286,8 +279,8 @@ type DataDogServiceProperties struct {
 // GetDataDogService gets DataDog service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-datadog-settings
-func (s *ServicesService) GetDataDogService(pid interface{}, options ...RequestOptionFunc) (*DataDogService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-datadog-settings
+func (s *ServicesService) GetDataDogService(pid any, options ...RequestOptionFunc) (*DataDogService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -312,7 +305,7 @@ func (s *ServicesService) GetDataDogService(pid interface{}, options ...RequestO
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-datadog
+// https://docs.gitlab.com/api/project_integrations/#set-up-datadog
 type SetDataDogServiceOptions struct {
 	APIKey             *string `url:"api_key,omitempty" json:"api_key,omitempty"`
 	APIURL             *string `url:"api_url,omitempty" json:"api_url,omitempty"`
@@ -326,8 +319,8 @@ type SetDataDogServiceOptions struct {
 // SetDataDogService sets DataDog service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-datadog
-func (s *ServicesService) SetDataDogService(pid interface{}, opt *SetDataDogServiceOptions, options ...RequestOptionFunc) (*DataDogService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-datadog
+func (s *ServicesService) SetDataDogService(pid any, opt *SetDataDogServiceOptions, options ...RequestOptionFunc) (*DataDogService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -351,8 +344,8 @@ func (s *ServicesService) SetDataDogService(pid interface{}, opt *SetDataDogServ
 // DeleteDataDogService deletes the DataDog service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-datadog
-func (s *ServicesService) DeleteDataDogService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-datadog
+func (s *ServicesService) DeleteDataDogService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -370,7 +363,7 @@ func (s *ServicesService) DeleteDataDogService(pid interface{}, options ...Reque
 // DiscordService represents Discord service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#discord-notifications
+// https://docs.gitlab.com/api/project_integrations/#discord-notifications
 type DiscordService struct {
 	Service
 	Properties *DiscordServiceProperties `json:"properties"`
@@ -379,7 +372,7 @@ type DiscordService struct {
 // DiscordServiceProperties represents Discord specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#discord-notifications
+// https://docs.gitlab.com/api/project_integrations/#discord-notifications
 type DiscordServiceProperties struct {
 	BranchesToBeNotified      string `url:"branches_to_be_notified,omitempty" json:"branches_to_be_notified,omitempty"`
 	NotifyOnlyBrokenPipelines bool   `url:"notify_only_broken_pipelines,omitempty" json:"notify_only_broken_pipelines,omitempty"`
@@ -388,8 +381,8 @@ type DiscordServiceProperties struct {
 // GetDiscordService gets Discord service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-discord-notifications-settings
-func (s *ServicesService) GetDiscordService(pid interface{}, options ...RequestOptionFunc) (*DiscordService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-discord-notifications-settings
+func (s *ServicesService) GetDiscordService(pid any, options ...RequestOptionFunc) (*DiscordService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -414,7 +407,7 @@ func (s *ServicesService) GetDiscordService(pid interface{}, options ...RequestO
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-discord-notifications
+// https://docs.gitlab.com/api/project_integrations/#set-up-discord-notifications
 type SetDiscordServiceOptions struct {
 	WebHook                          *string `url:"webhook,omitempty" json:"webhook,omitempty"`
 	BranchesToBeNotified             *string `url:"branches_to_be_notified,omitempty" json:"branches_to_be_notified,omitempty"`
@@ -448,8 +441,8 @@ type SetDiscordServiceOptions struct {
 // SetDiscordService sets Discord service for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-discord-notifications
-func (s *ServicesService) SetDiscordService(pid interface{}, opt *SetDiscordServiceOptions, options ...RequestOptionFunc) (*DiscordService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-discord-notifications
+func (s *ServicesService) SetDiscordService(pid any, opt *SetDiscordServiceOptions, options ...RequestOptionFunc) (*DiscordService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -473,8 +466,8 @@ func (s *ServicesService) SetDiscordService(pid interface{}, opt *SetDiscordServ
 // DeleteDiscordService deletes Discord service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-discord-notifications
-func (s *ServicesService) DeleteDiscordService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-discord-notifications
+func (s *ServicesService) DeleteDiscordService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -492,7 +485,7 @@ func (s *ServicesService) DeleteDiscordService(pid interface{}, options ...Reque
 // DroneCIService represents Drone CI service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#drone
+// https://docs.gitlab.com/api/project_integrations/#drone
 type DroneCIService struct {
 	Service
 	Properties *DroneCIServiceProperties `json:"properties"`
@@ -501,7 +494,7 @@ type DroneCIService struct {
 // DroneCIServiceProperties represents Drone CI specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#drone
+// https://docs.gitlab.com/api/project_integrations/#drone
 type DroneCIServiceProperties struct {
 	DroneURL              string `json:"drone_url"`
 	EnableSSLVerification bool   `json:"enable_ssl_verification"`
@@ -510,8 +503,8 @@ type DroneCIServiceProperties struct {
 // GetDroneCIService gets Drone CI service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-drone-settings
-func (s *ServicesService) GetDroneCIService(pid interface{}, options ...RequestOptionFunc) (*DroneCIService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-drone-settings
+func (s *ServicesService) GetDroneCIService(pid any, options ...RequestOptionFunc) (*DroneCIService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -536,7 +529,7 @@ func (s *ServicesService) GetDroneCIService(pid interface{}, options ...RequestO
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-drone
+// https://docs.gitlab.com/api/project_integrations/#set-up-drone
 type SetDroneCIServiceOptions struct {
 	Token                 *string `url:"token,omitempty" json:"token,omitempty"`
 	DroneURL              *string `url:"drone_url,omitempty" json:"drone_url,omitempty"`
@@ -549,8 +542,8 @@ type SetDroneCIServiceOptions struct {
 // SetDroneCIService sets Drone CI service for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-drone
-func (s *ServicesService) SetDroneCIService(pid interface{}, opt *SetDroneCIServiceOptions, options ...RequestOptionFunc) (*DroneCIService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-drone
+func (s *ServicesService) SetDroneCIService(pid any, opt *SetDroneCIServiceOptions, options ...RequestOptionFunc) (*DroneCIService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -574,8 +567,8 @@ func (s *ServicesService) SetDroneCIService(pid interface{}, opt *SetDroneCIServ
 // DeleteDroneCIService deletes Drone CI service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-drone
-func (s *ServicesService) DeleteDroneCIService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-drone
+func (s *ServicesService) DeleteDroneCIService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -593,7 +586,7 @@ func (s *ServicesService) DeleteDroneCIService(pid interface{}, options ...Reque
 // EmailsOnPushService represents Emails on Push service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#emails-on-push
+// https://docs.gitlab.com/api/project_integrations/#emails-on-push
 type EmailsOnPushService struct {
 	Service
 	Properties *EmailsOnPushServiceProperties `json:"properties"`
@@ -602,7 +595,7 @@ type EmailsOnPushService struct {
 // EmailsOnPushServiceProperties represents Emails on Push specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#emails-on-push
+// https://docs.gitlab.com/api/project_integrations/#emails-on-push
 type EmailsOnPushServiceProperties struct {
 	Recipients             string `json:"recipients"`
 	DisableDiffs           bool   `json:"disable_diffs"`
@@ -615,8 +608,8 @@ type EmailsOnPushServiceProperties struct {
 // GetEmailsOnPushService gets Emails on Push service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-emails-on-push-integration-settings
-func (s *ServicesService) GetEmailsOnPushService(pid interface{}, options ...RequestOptionFunc) (*EmailsOnPushService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-emails-on-push-settings
+func (s *ServicesService) GetEmailsOnPushService(pid any, options ...RequestOptionFunc) (*EmailsOnPushService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -641,7 +634,7 @@ func (s *ServicesService) GetEmailsOnPushService(pid interface{}, options ...Req
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-emails-on-push
+// https://docs.gitlab.com/api/project_integrations/#set-up-emails-on-push
 type SetEmailsOnPushServiceOptions struct {
 	Recipients             *string `url:"recipients,omitempty" json:"recipients,omitempty"`
 	DisableDiffs           *bool   `url:"disable_diffs,omitempty" json:"disable_diffs,omitempty"`
@@ -654,8 +647,8 @@ type SetEmailsOnPushServiceOptions struct {
 // SetEmailsOnPushService sets Emails on Push service for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-emails-on-push
-func (s *ServicesService) SetEmailsOnPushService(pid interface{}, opt *SetEmailsOnPushServiceOptions, options ...RequestOptionFunc) (*EmailsOnPushService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-emails-on-push
+func (s *ServicesService) SetEmailsOnPushService(pid any, opt *SetEmailsOnPushServiceOptions, options ...RequestOptionFunc) (*EmailsOnPushService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -679,8 +672,8 @@ func (s *ServicesService) SetEmailsOnPushService(pid interface{}, opt *SetEmails
 // DeleteEmailsOnPushService deletes Emails on Push service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-emails-on-push
-func (s *ServicesService) DeleteEmailsOnPushService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-emails-on-push
+func (s *ServicesService) DeleteEmailsOnPushService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -698,7 +691,7 @@ func (s *ServicesService) DeleteEmailsOnPushService(pid interface{}, options ...
 // ExternalWikiService represents External Wiki service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#external-wiki
+// https://docs.gitlab.com/api/project_integrations/#external-wiki
 type ExternalWikiService struct {
 	Service
 	Properties *ExternalWikiServiceProperties `json:"properties"`
@@ -707,7 +700,7 @@ type ExternalWikiService struct {
 // ExternalWikiServiceProperties represents External Wiki specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#external-wiki
+// https://docs.gitlab.com/api/project_integrations/#external-wiki
 type ExternalWikiServiceProperties struct {
 	ExternalWikiURL string `json:"external_wiki_url"`
 }
@@ -715,8 +708,8 @@ type ExternalWikiServiceProperties struct {
 // GetExternalWikiService gets External Wiki service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-external-wiki-settings
-func (s *ServicesService) GetExternalWikiService(pid interface{}, options ...RequestOptionFunc) (*ExternalWikiService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-external-wiki-settings
+func (s *ServicesService) GetExternalWikiService(pid any, options ...RequestOptionFunc) (*ExternalWikiService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -741,7 +734,7 @@ func (s *ServicesService) GetExternalWikiService(pid interface{}, options ...Req
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-an-external-wiki
+// https://docs.gitlab.com/api/project_integrations/#set-up-an-external-wiki
 type SetExternalWikiServiceOptions struct {
 	ExternalWikiURL *string `url:"external_wiki_url,omitempty" json:"external_wiki_url,omitempty"`
 }
@@ -749,8 +742,8 @@ type SetExternalWikiServiceOptions struct {
 // SetExternalWikiService sets External Wiki service for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-an-external-wiki
-func (s *ServicesService) SetExternalWikiService(pid interface{}, opt *SetExternalWikiServiceOptions, options ...RequestOptionFunc) (*ExternalWikiService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-an-external-wiki
+func (s *ServicesService) SetExternalWikiService(pid any, opt *SetExternalWikiServiceOptions, options ...RequestOptionFunc) (*ExternalWikiService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -774,8 +767,8 @@ func (s *ServicesService) SetExternalWikiService(pid interface{}, opt *SetExtern
 // DeleteExternalWikiService deletes External Wiki service for project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-an-external-wiki
-func (s *ServicesService) DeleteExternalWikiService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-an-external-wiki
+func (s *ServicesService) DeleteExternalWikiService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -793,7 +786,7 @@ func (s *ServicesService) DeleteExternalWikiService(pid interface{}, options ...
 // GithubService represents Github service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#github
+// https://docs.gitlab.com/api/project_integrations/#github
 type GithubService struct {
 	Service
 	Properties *GithubServiceProperties `json:"properties"`
@@ -802,7 +795,7 @@ type GithubService struct {
 // GithubServiceProperties represents Github specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#github
+// https://docs.gitlab.com/api/project_integrations/#github
 type GithubServiceProperties struct {
 	RepositoryURL string `json:"repository_url"`
 	StaticContext bool   `json:"static_context"`
@@ -811,8 +804,8 @@ type GithubServiceProperties struct {
 // GetGithubService gets Github service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-github-settings
-func (s *ServicesService) GetGithubService(pid interface{}, options ...RequestOptionFunc) (*GithubService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-github-settings
+func (s *ServicesService) GetGithubService(pid any, options ...RequestOptionFunc) (*GithubService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -837,7 +830,7 @@ func (s *ServicesService) GetGithubService(pid interface{}, options ...RequestOp
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-github
+// https://docs.gitlab.com/api/project_integrations/#set-up-github
 type SetGithubServiceOptions struct {
 	Token         *string `url:"token,omitempty" json:"token,omitempty"`
 	RepositoryURL *string `url:"repository_url,omitempty" json:"repository_url,omitempty"`
@@ -847,8 +840,8 @@ type SetGithubServiceOptions struct {
 // SetGithubService sets Github service for a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-github
-func (s *ServicesService) SetGithubService(pid interface{}, opt *SetGithubServiceOptions, options ...RequestOptionFunc) (*GithubService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-github
+func (s *ServicesService) SetGithubService(pid any, opt *SetGithubServiceOptions, options ...RequestOptionFunc) (*GithubService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -872,8 +865,8 @@ func (s *ServicesService) SetGithubService(pid interface{}, opt *SetGithubServic
 // DeleteGithubService deletes Github service for a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-github
-func (s *ServicesService) DeleteGithubService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-github
+func (s *ServicesService) DeleteGithubService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -891,7 +884,7 @@ func (s *ServicesService) DeleteGithubService(pid interface{}, options ...Reques
 // HarborService represents the Harbor service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#harbor
+// https://docs.gitlab.com/api/project_integrations/#harbor
 type HarborService struct {
 	Service
 	Properties *HarborServiceProperties `json:"properties"`
@@ -900,7 +893,7 @@ type HarborService struct {
 // HarborServiceProperties represents Harbor specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#harbor
+// https://docs.gitlab.com/api/project_integrations/#harbor
 type HarborServiceProperties struct {
 	URL                  string `json:"url"`
 	ProjectName          string `json:"project_name"`
@@ -912,8 +905,8 @@ type HarborServiceProperties struct {
 // GetHarborService gets Harbor service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-harbor-settings
-func (s *ServicesService) GetHarborService(pid interface{}, options ...RequestOptionFunc) (*HarborService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-harbor-settings
+func (s *ServicesService) GetHarborService(pid any, options ...RequestOptionFunc) (*HarborService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -938,7 +931,7 @@ func (s *ServicesService) GetHarborService(pid interface{}, options ...RequestOp
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-harbor
+// https://docs.gitlab.com/api/project_integrations/#set-up-harbor
 type SetHarborServiceOptions struct {
 	URL                  *string `url:"url,omitempty" json:"url,omitempty"`
 	ProjectName          *string `url:"project_name,omitempty" json:"project_name,omitempty"`
@@ -950,8 +943,8 @@ type SetHarborServiceOptions struct {
 // SetHarborService sets Harbor service for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-harbor
-func (s *ServicesService) SetHarborService(pid interface{}, opt *SetHarborServiceOptions, options ...RequestOptionFunc) (*HarborService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-harbor
+func (s *ServicesService) SetHarborService(pid any, opt *SetHarborServiceOptions, options ...RequestOptionFunc) (*HarborService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -975,8 +968,8 @@ func (s *ServicesService) SetHarborService(pid interface{}, opt *SetHarborServic
 // DeleteHarborService deletes Harbor service for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-harbor
-func (s *ServicesService) DeleteHarborService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-harbor
+func (s *ServicesService) DeleteHarborService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -994,7 +987,7 @@ func (s *ServicesService) DeleteHarborService(pid interface{}, options ...Reques
 // SlackApplication represents GitLab for slack application settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#gitlab-for-slack-app
+// https://docs.gitlab.com/api/project_integrations/#gitlab-for-slack-app
 type SlackApplication struct {
 	Service
 	Properties *SlackApplicationProperties `json:"properties"`
@@ -1003,7 +996,7 @@ type SlackApplication struct {
 // SlackApplicationProperties represents GitLab for slack application specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#gitlab-for-slack-app
+// https://docs.gitlab.com/api/project_integrations/#gitlab-for-slack-app
 type SlackApplicationProperties struct {
 	Channel                    string `json:"channel"`
 	NotifyOnlyBrokenPipelines  bool   `json:"notify_only_broken_pipelines"`
@@ -1032,8 +1025,8 @@ type SlackApplicationProperties struct {
 // project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-gitlab-for-slack-app-settings
-func (s *ServicesService) GetSlackApplication(pid interface{}, options ...RequestOptionFunc) (*SlackApplication, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-gitlab-for-slack-app-settings
+func (s *ServicesService) GetSlackApplication(pid any, options ...RequestOptionFunc) (*SlackApplication, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1058,7 +1051,7 @@ func (s *ServicesService) GetSlackApplication(pid interface{}, options ...Reques
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-gitlab-for-slack-app
+// https://docs.gitlab.com/api/project_integrations/#set-up-gitlab-for-slack-app
 type SetSlackApplicationOptions struct {
 	Channel                    *string `url:"channel,omitempty" json:"channel,omitempty"`
 	NotifyOnlyBrokenPipelines  *bool   `url:"notify_only_broken_pipelines,omitempty" json:"notify_only_broken_pipelines,omitempty"`
@@ -1100,8 +1093,8 @@ type SetSlackApplicationOptions struct {
 // SetSlackApplication update the GitLab for Slack app integration for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-gitlab-for-slack-app
-func (s *ServicesService) SetSlackApplication(pid interface{}, opt *SetSlackApplicationOptions, options ...RequestOptionFunc) (*SlackApplication, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-gitlab-for-slack-app
+func (s *ServicesService) SetSlackApplication(pid any, opt *SetSlackApplicationOptions, options ...RequestOptionFunc) (*SlackApplication, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1125,8 +1118,8 @@ func (s *ServicesService) SetSlackApplication(pid interface{}, opt *SetSlackAppl
 // DisableSlackApplication disable the GitLab for Slack app integration for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-gitlab-for-slack-app
-func (s *ServicesService) DisableSlackApplication(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-gitlab-for-slack-app
+func (s *ServicesService) DisableSlackApplication(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1141,106 +1134,10 @@ func (s *ServicesService) DisableSlackApplication(pid interface{}, options ...Re
 	return s.client.Do(req, nil)
 }
 
-// SetGitLabCIServiceOptions represents the available SetGitLabCIService()
-// options.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#edit-gitlab-ci-service
-type SetGitLabCIServiceOptions struct {
-	Token      *string `url:"token,omitempty" json:"token,omitempty"`
-	ProjectURL *string `url:"project_url,omitempty" json:"project_url,omitempty"`
-}
-
-// SetGitLabCIService sets GitLab CI service for a project.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#edit-gitlab-ci-service
-func (s *ServicesService) SetGitLabCIService(pid interface{}, opt *SetGitLabCIServiceOptions, options ...RequestOptionFunc) (*Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, err
-	}
-	u := fmt.Sprintf("projects/%s/services/gitlab-ci", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodPut, u, opt, options)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(req, nil)
-}
-
-// DeleteGitLabCIService deletes GitLab CI service settings for a project.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#delete-gitlab-ci-service
-func (s *ServicesService) DeleteGitLabCIService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, err
-	}
-	u := fmt.Sprintf("projects/%s/services/gitlab-ci", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(req, nil)
-}
-
-// SetHipChatServiceOptions represents the available SetHipChatService()
-// options.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#edit-hipchat-service
-type SetHipChatServiceOptions struct {
-	Token *string `url:"token,omitempty" json:"token,omitempty" `
-	Room  *string `url:"room,omitempty" json:"room,omitempty"`
-}
-
-// SetHipChatService sets HipChat service for a project
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#edit-hipchat-service
-func (s *ServicesService) SetHipChatService(pid interface{}, opt *SetHipChatServiceOptions, options ...RequestOptionFunc) (*Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, err
-	}
-	u := fmt.Sprintf("projects/%s/services/hipchat", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodPut, u, opt, options)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(req, nil)
-}
-
-// DeleteHipChatService deletes HipChat service for project.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#delete-hipchat-service
-func (s *ServicesService) DeleteHipChatService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, err
-	}
-	u := fmt.Sprintf("projects/%s/services/hipchat", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(req, nil)
-}
-
 // JenkinsCIService represents Jenkins CI service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#jenkins
+// https://docs.gitlab.com/api/project_integrations/#jenkins
 type JenkinsCIService struct {
 	Service
 	Properties *JenkinsCIServiceProperties `json:"properties"`
@@ -1249,7 +1146,7 @@ type JenkinsCIService struct {
 // JenkinsCIServiceProperties represents Jenkins CI specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#jenkins
+// https://docs.gitlab.com/api/project_integrations/#jenkins
 type JenkinsCIServiceProperties struct {
 	URL                   string `json:"jenkins_url"`
 	EnableSSLVerification bool   `json:"enable_ssl_verification"`
@@ -1260,8 +1157,8 @@ type JenkinsCIServiceProperties struct {
 // GetJenkinsCIService gets Jenkins CI service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-jenkins-settings
-func (s *ServicesService) GetJenkinsCIService(pid interface{}, options ...RequestOptionFunc) (*JenkinsCIService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-jenkins-settings
+func (s *ServicesService) GetJenkinsCIService(pid any, options ...RequestOptionFunc) (*JenkinsCIService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1286,7 +1183,7 @@ func (s *ServicesService) GetJenkinsCIService(pid interface{}, options ...Reques
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#jenkins
+// https://docs.gitlab.com/api/project_integrations/#jenkins
 type SetJenkinsCIServiceOptions struct {
 	URL                   *string `url:"jenkins_url,omitempty" json:"jenkins_url,omitempty"`
 	EnableSSLVerification *bool   `url:"enable_ssl_verification,omitempty" json:"enable_ssl_verification,omitempty"`
@@ -1301,8 +1198,8 @@ type SetJenkinsCIServiceOptions struct {
 // SetJenkinsCIService sets Jenkins service for a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-jenkins
-func (s *ServicesService) SetJenkinsCIService(pid interface{}, opt *SetJenkinsCIServiceOptions, options ...RequestOptionFunc) (*JenkinsCIService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-jenkins
+func (s *ServicesService) SetJenkinsCIService(pid any, opt *SetJenkinsCIServiceOptions, options ...RequestOptionFunc) (*JenkinsCIService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1326,8 +1223,8 @@ func (s *ServicesService) SetJenkinsCIService(pid interface{}, opt *SetJenkinsCI
 // DeleteJenkinsCIService deletes Jenkins CI service for project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-jenkins
-func (s *ServicesService) DeleteJenkinsCIService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-jenkins
+func (s *ServicesService) DeleteJenkinsCIService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1345,7 +1242,7 @@ func (s *ServicesService) DeleteJenkinsCIService(pid interface{}, options ...Req
 // JiraService represents Jira service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#jira
+// https://docs.gitlab.com/api/project_integrations/#jira-issues
 type JiraService struct {
 	Service
 	Properties *JiraServiceProperties `json:"properties"`
@@ -1354,7 +1251,7 @@ type JiraService struct {
 // JiraServiceProperties represents Jira specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#jira
+// https://docs.gitlab.com/api/project_integrations/#jira-issues
 type JiraServiceProperties struct {
 	URL                          string   `json:"url"`
 	APIURL                       string   `json:"api_url"`
@@ -1372,9 +1269,6 @@ type JiraServiceProperties struct {
 	IssuesEnabled                bool     `json:"issues_enabled"`
 	ProjectKeys                  []string `json:"project_keys" `
 	UseInheritedSettings         bool     `json:"use_inherited_settings"`
-
-	// Deprecated: This parameter was removed in GitLab 17.0
-	ProjectKey string `json:"project_key" `
 }
 
 // UnmarshalJSON decodes the Jira Service Properties.
@@ -1384,7 +1278,7 @@ func (p *JiraServiceProperties) UnmarshalJSON(b []byte) error {
 	type Alias JiraServiceProperties
 	raw := struct {
 		*Alias
-		JiraIssueTransitionID interface{} `json:"jira_issue_transition_id"`
+		JiraIssueTransitionID any `json:"jira_issue_transition_id"`
 	}{
 		Alias: (*Alias)(p),
 	}
@@ -1410,8 +1304,8 @@ func (p *JiraServiceProperties) UnmarshalJSON(b []byte) error {
 // GetJiraService gets Jira service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-jira-service-settings
-func (s *ServicesService) GetJiraService(pid interface{}, options ...RequestOptionFunc) (*JiraService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-jira-settings
+func (s *ServicesService) GetJiraService(pid any, options ...RequestOptionFunc) (*JiraService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1436,7 +1330,7 @@ func (s *ServicesService) GetJiraService(pid interface{}, options ...RequestOpti
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#edit-jira-service
+// https://docs.gitlab.com/api/project_integrations/#set-up-jira-issues
 type SetJiraServiceOptions struct {
 	URL                          *string   `url:"url,omitempty" json:"url,omitempty"`
 	APIURL                       *string   `url:"api_url,omitempty" json:"api_url,omitempty"`
@@ -1454,16 +1348,13 @@ type SetJiraServiceOptions struct {
 	IssuesEnabled                *bool     `url:"issues_enabled,omitempty" json:"issues_enabled,omitempty"`
 	ProjectKeys                  *[]string `url:"project_keys,comma,omitempty" json:"project_keys,omitempty" `
 	UseInheritedSettings         *bool     `url:"use_inherited_settings,omitempty" json:"use_inherited_settings,omitempty"`
-
-	// Deprecated: This parameter was removed in GitLab 17.0
-	ProjectKey *string `url:"project_key,omitempty" json:"project_key,omitempty" `
 }
 
 // SetJiraService sets Jira service for a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#edit-jira-service
-func (s *ServicesService) SetJiraService(pid interface{}, opt *SetJiraServiceOptions, options ...RequestOptionFunc) (*JiraService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-jira-issues
+func (s *ServicesService) SetJiraService(pid any, opt *SetJiraServiceOptions, options ...RequestOptionFunc) (*JiraService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1487,8 +1378,8 @@ func (s *ServicesService) SetJiraService(pid interface{}, opt *SetJiraServiceOpt
 // DeleteJiraService deletes Jira service for project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#delete-jira-service
-func (s *ServicesService) DeleteJiraService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-jira
+func (s *ServicesService) DeleteJiraService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1506,7 +1397,7 @@ func (s *ServicesService) DeleteJiraService(pid interface{}, options ...RequestO
 // MattermostService represents Mattermost service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#mattermost-notifications
+// https://docs.gitlab.com/api/project_integrations/#mattermost-notifications
 type MattermostService struct {
 	Service
 	Properties *MattermostServiceProperties `json:"properties"`
@@ -1515,7 +1406,7 @@ type MattermostService struct {
 // MattermostServiceProperties represents Mattermost specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#mattermost-notifications
+// https://docs.gitlab.com/api/project_integrations/#mattermost-notifications
 type MattermostServiceProperties struct {
 	WebHook                   string    `json:"webhook"`
 	Username                  string    `json:"username"`
@@ -1537,8 +1428,8 @@ type MattermostServiceProperties struct {
 // GetMattermostService gets Mattermost service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-slack-service-settings
-func (s *ServicesService) GetMattermostService(pid interface{}, options ...RequestOptionFunc) (*MattermostService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-mattermost-notifications-settings
+func (s *ServicesService) GetMattermostService(pid any, options ...RequestOptionFunc) (*MattermostService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1563,7 +1454,7 @@ func (s *ServicesService) GetMattermostService(pid interface{}, options ...Reque
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#createedit-mattermost-notifications-service
+// https://docs.gitlab.com/api/project_integrations/#set-up-mattermost-notifications
 type SetMattermostServiceOptions struct {
 	WebHook                   *string `url:"webhook,omitempty" json:"webhook,omitempty"`
 	Username                  *string `url:"username,omitempty" json:"username,omitempty"`
@@ -1593,8 +1484,8 @@ type SetMattermostServiceOptions struct {
 // SetMattermostService sets Mattermost service for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#createedit-mattermost-notifications-service
-func (s *ServicesService) SetMattermostService(pid interface{}, opt *SetMattermostServiceOptions, options ...RequestOptionFunc) (*MattermostService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-mattermost-notifications
+func (s *ServicesService) SetMattermostService(pid any, opt *SetMattermostServiceOptions, options ...RequestOptionFunc) (*MattermostService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1618,8 +1509,8 @@ func (s *ServicesService) SetMattermostService(pid interface{}, opt *SetMattermo
 // DeleteMattermostService deletes Mattermost service for project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#delete-mattermost-notifications-service
-func (s *ServicesService) DeleteMattermostService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-mattermost-notifications
+func (s *ServicesService) DeleteMattermostService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1637,7 +1528,7 @@ func (s *ServicesService) DeleteMattermostService(pid interface{}, options ...Re
 // MattermostSlashCommandsService represents Mattermost slash commands settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#mattermost-slash-commands
+// https://docs.gitlab.com/api/project_integrations/#mattermost-slash-commands
 type MattermostSlashCommandsService struct {
 	Service
 	Properties *MattermostSlashCommandsProperties `json:"properties"`
@@ -1646,7 +1537,7 @@ type MattermostSlashCommandsService struct {
 // MattermostSlashCommandsProperties represents Mattermost slash commands specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#mattermost-slash-commands
+// https://docs.gitlab.com/api/project_integrations/#mattermost-slash-commands
 type MattermostSlashCommandsProperties struct {
 	Token    string `json:"token"`
 	Username string `json:"username,omitempty"`
@@ -1655,8 +1546,8 @@ type MattermostSlashCommandsProperties struct {
 // GetMattermostSlashCommandsService gets Slack Mattermost commands service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-mattermost-slash-command-integration-settings
-func (s *ServicesService) GetMattermostSlashCommandsService(pid interface{}, options ...RequestOptionFunc) (*MattermostSlashCommandsService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-mattermost-slash-commands-settings
+func (s *ServicesService) GetMattermostSlashCommandsService(pid any, options ...RequestOptionFunc) (*MattermostSlashCommandsService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1681,7 +1572,7 @@ func (s *ServicesService) GetMattermostSlashCommandsService(pid interface{}, opt
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-mattermost-slash-command-integration-settings
+// https://docs.gitlab.com/api/project_integrations/#set-up-mattermost-slash-commands
 type SetMattermostSlashCommandsServiceOptions struct {
 	Token    *string `url:"token,omitempty" json:"token,omitempty"`
 	Username *string `url:"username,omitempty" json:"username,omitempty"`
@@ -1690,8 +1581,8 @@ type SetMattermostSlashCommandsServiceOptions struct {
 // SetMattermostSlashCommandsService sets Mattermost slash commands service for a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#createedit-mattermost-slash-command-integration
-func (s *ServicesService) SetMattermostSlashCommandsService(pid interface{}, opt *SetMattermostSlashCommandsServiceOptions, options ...RequestOptionFunc) (*MattermostSlashCommandsService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-mattermost-slash-commands
+func (s *ServicesService) SetMattermostSlashCommandsService(pid any, opt *SetMattermostSlashCommandsServiceOptions, options ...RequestOptionFunc) (*MattermostSlashCommandsService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1715,8 +1606,8 @@ func (s *ServicesService) SetMattermostSlashCommandsService(pid interface{}, opt
 // DeleteMattermostSlashCommandsService deletes Mattermost slash commands service for project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-mattermost-slash-command-integration
-func (s *ServicesService) DeleteMattermostSlashCommandsService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-mattermost-slash-commands
+func (s *ServicesService) DeleteMattermostSlashCommandsService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1734,7 +1625,7 @@ func (s *ServicesService) DeleteMattermostSlashCommandsService(pid interface{},
 // MicrosoftTeamsService represents Microsoft Teams service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#microsoft-teams
+// https://docs.gitlab.com/api/project_integrations/#microsoft-teams-notifications
 type MicrosoftTeamsService struct {
 	Service
 	Properties *MicrosoftTeamsServiceProperties `json:"properties"`
@@ -1743,7 +1634,7 @@ type MicrosoftTeamsService struct {
 // MicrosoftTeamsServiceProperties represents Microsoft Teams specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#microsoft-teams
+// https://docs.gitlab.com/api/project_integrations/#microsoft-teams-notifications
 type MicrosoftTeamsServiceProperties struct {
 	WebHook                   string    `json:"webhook"`
 	NotifyOnlyBrokenPipelines BoolValue `json:"notify_only_broken_pipelines"`
@@ -1761,8 +1652,8 @@ type MicrosoftTeamsServiceProperties struct {
 // GetMicrosoftTeamsService gets MicrosoftTeams service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-microsoft-teams-service-settings
-func (s *ServicesService) GetMicrosoftTeamsService(pid interface{}, options ...RequestOptionFunc) (*MicrosoftTeamsService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-microsoft-teams-notifications-settings
+func (s *ServicesService) GetMicrosoftTeamsService(pid any, options ...RequestOptionFunc) (*MicrosoftTeamsService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1787,7 +1678,7 @@ func (s *ServicesService) GetMicrosoftTeamsService(pid interface{}, options ...R
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#create-edit-microsoft-teams-service
+// https://docs.gitlab.com/api/project_integrations/#set-up-microsoft-teams-notifications
 type SetMicrosoftTeamsServiceOptions struct {
 	WebHook                   *string `url:"webhook,omitempty" json:"webhook,omitempty"`
 	NotifyOnlyBrokenPipelines *bool   `url:"notify_only_broken_pipelines,omitempty" json:"notify_only_broken_pipelines,omitempty"`
@@ -1806,8 +1697,8 @@ type SetMicrosoftTeamsServiceOptions struct {
 // SetMicrosoftTeamsService sets Microsoft Teams service for a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#create-edit-microsoft-teams-service
-func (s *ServicesService) SetMicrosoftTeamsService(pid interface{}, opt *SetMicrosoftTeamsServiceOptions, options ...RequestOptionFunc) (*MicrosoftTeamsService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-microsoft-teams-notifications
+func (s *ServicesService) SetMicrosoftTeamsService(pid any, opt *SetMicrosoftTeamsServiceOptions, options ...RequestOptionFunc) (*MicrosoftTeamsService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1831,8 +1722,8 @@ func (s *ServicesService) SetMicrosoftTeamsService(pid interface{}, opt *SetMicr
 // DeleteMicrosoftTeamsService deletes Microsoft Teams service for project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#delete-microsoft-teams-service
-func (s *ServicesService) DeleteMicrosoftTeamsService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-microsoft-teams-notifications
+func (s *ServicesService) DeleteMicrosoftTeamsService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1850,7 +1741,7 @@ func (s *ServicesService) DeleteMicrosoftTeamsService(pid interface{}, options .
 // PipelinesEmailService represents Pipelines Email service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#pipeline-emails
+// https://docs.gitlab.com/api/project_integrations/#pipeline-status-emails
 type PipelinesEmailService struct {
 	Service
 	Properties *PipelinesEmailProperties `json:"properties"`
@@ -1859,7 +1750,7 @@ type PipelinesEmailService struct {
 // PipelinesEmailProperties represents PipelinesEmail specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#pipeline-emails
+// https://docs.gitlab.com/api/project_integrations/#pipeline-status-emails
 type PipelinesEmailProperties struct {
 	Recipients                string    `json:"recipients"`
 	NotifyOnlyBrokenPipelines BoolValue `json:"notify_only_broken_pipelines"`
@@ -1870,8 +1761,8 @@ type PipelinesEmailProperties struct {
 // GetPipelinesEmailService gets Pipelines Email service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-pipeline-emails-service-settings
-func (s *ServicesService) GetPipelinesEmailService(pid interface{}, options ...RequestOptionFunc) (*PipelinesEmailService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-pipeline-status-emails-settings
+func (s *ServicesService) GetPipelinesEmailService(pid any, options ...RequestOptionFunc) (*PipelinesEmailService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1896,7 +1787,7 @@ func (s *ServicesService) GetPipelinesEmailService(pid interface{}, options ...R
 // SetPipelinesEmailService() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#pipeline-emails
+// https://docs.gitlab.com/api/project_integrations/#set-up-pipeline-status-emails
 type SetPipelinesEmailServiceOptions struct {
 	Recipients                *string `url:"recipients,omitempty" json:"recipients,omitempty"`
 	NotifyOnlyBrokenPipelines *bool   `url:"notify_only_broken_pipelines,omitempty" json:"notify_only_broken_pipelines,omitempty"`
@@ -1909,8 +1800,8 @@ type SetPipelinesEmailServiceOptions struct {
 // SetPipelinesEmailService sets Pipelines Email service for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#pipeline-emails
-func (s *ServicesService) SetPipelinesEmailService(pid interface{}, opt *SetPipelinesEmailServiceOptions, options ...RequestOptionFunc) (*PipelinesEmailService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-pipeline-status-emails
+func (s *ServicesService) SetPipelinesEmailService(pid any, opt *SetPipelinesEmailServiceOptions, options ...RequestOptionFunc) (*PipelinesEmailService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -1934,8 +1825,8 @@ func (s *ServicesService) SetPipelinesEmailService(pid interface{}, opt *SetPipe
 // DeletePipelinesEmailService deletes Pipelines Email service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#delete-pipeline-emails-service
-func (s *ServicesService) DeletePipelinesEmailService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-pipeline-status-emails
+func (s *ServicesService) DeletePipelinesEmailService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -1950,109 +1841,10 @@ func (s *ServicesService) DeletePipelinesEmailService(pid interface{}, options .
 	return s.client.Do(req, nil)
 }
 
-// PrometheusService represents Prometheus service settings.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#prometheus
-type PrometheusService struct {
-	Service
-	Properties *PrometheusServiceProperties `json:"properties"`
-}
-
-// PrometheusServiceProperties represents Prometheus specific properties.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#prometheus
-type PrometheusServiceProperties struct {
-	APIURL                      string `json:"api_url"`
-	GoogleIAPAudienceClientID   string `json:"google_iap_audience_client_id"`
-	GoogleIAPServiceAccountJSON string `json:"google_iap_service_account_json"`
-}
-
-// GetPrometheusService gets Prometheus service settings for a project.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-prometheus-service-settings
-func (s *ServicesService) GetPrometheusService(pid interface{}, options ...RequestOptionFunc) (*PrometheusService, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/services/prometheus", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	svc := new(PrometheusService)
-	resp, err := s.client.Do(req, svc)
-	if err != nil {
-		return nil, resp, err
-	}
-
-	return svc, resp, nil
-}
-
-// SetPrometheusServiceOptions represents the available SetPrometheusService()
-// options.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#createedit-prometheus-service
-type SetPrometheusServiceOptions struct {
-	APIURL                      *string `url:"api_url,omitempty" json:"api_url,omitempty"`
-	GoogleIAPAudienceClientID   *string `url:"google_iap_audience_client_id,omitempty" json:"google_iap_audience_client_id,omitempty"`
-	GoogleIAPServiceAccountJSON *string `url:"google_iap_service_account_json,omitempty" json:"google_iap_service_account_json,omitempty"`
-}
-
-// SetPrometheusService sets Prometheus service for a project.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#createedit-prometheus-service
-func (s *ServicesService) SetPrometheusService(pid interface{}, opt *SetPrometheusServiceOptions, options ...RequestOptionFunc) (*PrometheusService, *Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, nil, err
-	}
-	u := fmt.Sprintf("projects/%s/services/prometheus", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodPut, u, opt, options)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	svc := new(PrometheusService)
-	resp, err := s.client.Do(req, svc)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	return svc, resp, nil
-}
-
-// DeletePrometheusService deletes Prometheus service settings for a project.
-//
-// GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#delete-prometheus-service
-func (s *ServicesService) DeletePrometheusService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
-	project, err := parseID(pid)
-	if err != nil {
-		return nil, err
-	}
-	u := fmt.Sprintf("projects/%s/services/prometheus", PathEscape(project))
-
-	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
-	if err != nil {
-		return nil, err
-	}
-
-	return s.client.Do(req, nil)
-}
-
 // RedmineService represents the Redmine service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#redmine
+// https://docs.gitlab.com/api/project_integrations/#redmine
 type RedmineService struct {
 	Service
 	Properties *RedmineServiceProperties `json:"properties"`
@@ -2061,7 +1853,7 @@ type RedmineService struct {
 // RedmineServiceProperties represents Redmine specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#redmine
+// https://docs.gitlab.com/api/project_integrations/#redmine
 type RedmineServiceProperties struct {
 	NewIssueURL          string    `json:"new_issue_url"`
 	ProjectURL           string    `json:"project_url"`
@@ -2072,8 +1864,8 @@ type RedmineServiceProperties struct {
 // GetRedmineService gets Redmine service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-redmine-settings
-func (s *ServicesService) GetRedmineService(pid interface{}, options ...RequestOptionFunc) (*RedmineService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-redmine-settings
+func (s *ServicesService) GetRedmineService(pid any, options ...RequestOptionFunc) (*RedmineService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2098,7 +1890,7 @@ func (s *ServicesService) GetRedmineService(pid interface{}, options ...RequestO
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-redmine
+// https://docs.gitlab.com/api/project_integrations/#set-up-redmine
 type SetRedmineServiceOptions struct {
 	NewIssueURL          *string `url:"new_issue_url,omitempty" json:"new_issue_url,omitempty"`
 	ProjectURL           *string `url:"project_url,omitempty" json:"project_url,omitempty"`
@@ -2109,8 +1901,8 @@ type SetRedmineServiceOptions struct {
 // SetRedmineService sets Redmine service for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-redmine
-func (s *ServicesService) SetRedmineService(pid interface{}, opt *SetRedmineServiceOptions, options ...RequestOptionFunc) (*RedmineService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-redmine
+func (s *ServicesService) SetRedmineService(pid any, opt *SetRedmineServiceOptions, options ...RequestOptionFunc) (*RedmineService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2134,8 +1926,8 @@ func (s *ServicesService) SetRedmineService(pid interface{}, opt *SetRedmineServ
 // DeleteRedmineService deletes Redmine service for project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-redmine
-func (s *ServicesService) DeleteRedmineService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-redmine
+func (s *ServicesService) DeleteRedmineService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -2153,7 +1945,7 @@ func (s *ServicesService) DeleteRedmineService(pid interface{}, options ...Reque
 // SlackService represents Slack service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#slack
+// https://docs.gitlab.com/api/project_integrations/#slack-notifications
 type SlackService struct {
 	Service
 	Properties *SlackServiceProperties `json:"properties"`
@@ -2162,7 +1954,7 @@ type SlackService struct {
 // SlackServiceProperties represents Slack specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#slack
+// https://docs.gitlab.com/api/project_integrations/#slack-notifications
 type SlackServiceProperties struct {
 	WebHook                   string    `json:"webhook"`
 	Username                  string    `json:"username"`
@@ -2187,8 +1979,8 @@ type SlackServiceProperties struct {
 // GetSlackService gets Slack service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-slack-service-settings
-func (s *ServicesService) GetSlackService(pid interface{}, options ...RequestOptionFunc) (*SlackService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-slack-notifications-settings
+func (s *ServicesService) GetSlackService(pid any, options ...RequestOptionFunc) (*SlackService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2213,7 +2005,7 @@ func (s *ServicesService) GetSlackService(pid interface{}, options ...RequestOpt
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#edit-slack-service
+// https://docs.gitlab.com/api/project_integrations/#set-up-slack-notifications
 type SetSlackServiceOptions struct {
 	WebHook                   *string `url:"webhook,omitempty" json:"webhook,omitempty"`
 	Username                  *string `url:"username,omitempty" json:"username,omitempty"`
@@ -2248,8 +2040,8 @@ type SetSlackServiceOptions struct {
 // SetSlackService sets Slack service for a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#edit-slack-service
-func (s *ServicesService) SetSlackService(pid interface{}, opt *SetSlackServiceOptions, options ...RequestOptionFunc) (*SlackService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-slack-notifications
+func (s *ServicesService) SetSlackService(pid any, opt *SetSlackServiceOptions, options ...RequestOptionFunc) (*SlackService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2273,8 +2065,8 @@ func (s *ServicesService) SetSlackService(pid interface{}, opt *SetSlackServiceO
 // DeleteSlackService deletes Slack service for project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#delete-slack-service
-func (s *ServicesService) DeleteSlackService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-slack-notifications
+func (s *ServicesService) DeleteSlackService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -2292,7 +2084,7 @@ func (s *ServicesService) DeleteSlackService(pid interface{}, options ...Request
 // SlackSlashCommandsService represents Slack slash commands settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#slack-slash-commands
+// https://docs.gitlab.com/api/project_integrations/#slack-slash-commands
 type SlackSlashCommandsService struct {
 	Service
 	Properties *SlackSlashCommandsProperties `json:"properties"`
@@ -2301,7 +2093,7 @@ type SlackSlashCommandsService struct {
 // SlackSlashCommandsProperties represents Slack slash commands specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#slack-slash-commands
+// https://docs.gitlab.com/api/project_integrations/#slack-slash-commands
 type SlackSlashCommandsProperties struct {
 	Token string `json:"token"`
 }
@@ -2309,8 +2101,8 @@ type SlackSlashCommandsProperties struct {
 // GetSlackSlashCommandsService gets Slack slash commands service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-slack-slash-command-integration-settings
-func (s *ServicesService) GetSlackSlashCommandsService(pid interface{}, options ...RequestOptionFunc) (*SlackSlashCommandsService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-slack-slash-commands-settings
+func (s *ServicesService) GetSlackSlashCommandsService(pid any, options ...RequestOptionFunc) (*SlackSlashCommandsService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2335,7 +2127,7 @@ func (s *ServicesService) GetSlackSlashCommandsService(pid interface{}, options
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#createedit-slack-slash-command-service
+// https://docs.gitlab.com/api/project_integrations/#set-up-slack-slash-commands
 type SetSlackSlashCommandsServiceOptions struct {
 	Token *string `url:"token,omitempty" json:"token,omitempty"`
 }
@@ -2343,8 +2135,8 @@ type SetSlackSlashCommandsServiceOptions struct {
 // SetSlackSlashCommandsService sets Slack slash commands service for a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/13.12/ee/api/integrations.html#createedit-slack-slash-command-service
-func (s *ServicesService) SetSlackSlashCommandsService(pid interface{}, opt *SetSlackSlashCommandsServiceOptions, options ...RequestOptionFunc) (*SlackSlashCommandsService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-slack-slash-commands
+func (s *ServicesService) SetSlackSlashCommandsService(pid any, opt *SetSlackSlashCommandsServiceOptions, options ...RequestOptionFunc) (*SlackSlashCommandsService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2368,8 +2160,8 @@ func (s *ServicesService) SetSlackSlashCommandsService(pid interface{}, opt *Set
 // DeleteSlackSlashCommandsService deletes Slack slash commands service for project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/13.12/ee/api/integrations.html#delete-slack-slash-command-service
-func (s *ServicesService) DeleteSlackSlashCommandsService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-slack-slash-commands
+func (s *ServicesService) DeleteSlackSlashCommandsService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -2387,7 +2179,7 @@ func (s *ServicesService) DeleteSlackSlashCommandsService(pid interface{}, optio
 // TelegramService represents Telegram service settings.
 //
 // Gitlab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#telegram
+// https://docs.gitlab.com/api/project_integrations/#telegram
 type TelegramService struct {
 	Service
 	Properties *TelegramServiceProperties `json:"properties"`
@@ -2396,7 +2188,7 @@ type TelegramService struct {
 // TelegramServiceProperties represents Telegram specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-telegram
+// https://docs.gitlab.com/api/project_integrations/#set-up-telegram
 type TelegramServiceProperties struct {
 	Room                      string `json:"room"`
 	NotifyOnlyBrokenPipelines bool   `json:"notify_only_broken_pipelines"`
@@ -2406,8 +2198,8 @@ type TelegramServiceProperties struct {
 // GetTelegramService gets MicrosoftTeams service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-telegram-settings
-func (s *ServicesService) GetTelegramService(pid interface{}, options ...RequestOptionFunc) (*TelegramService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-telegram-settings
+func (s *ServicesService) GetTelegramService(pid any, options ...RequestOptionFunc) (*TelegramService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2432,7 +2224,7 @@ func (s *ServicesService) GetTelegramService(pid interface{}, options ...Request
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-telegram
+// https://docs.gitlab.com/api/project_integrations/#set-up-telegram
 type SetTelegramServiceOptions struct {
 	Token                     *string `url:"token,omitempty" json:"token,omitempty"`
 	Room                      *string `url:"room,omitempty" json:"room,omitempty"`
@@ -2452,8 +2244,8 @@ type SetTelegramServiceOptions struct {
 // SetTelegramService sets Telegram service for a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#set-up-telegram
-func (s *ServicesService) SetTelegramService(pid interface{}, opt *SetTelegramServiceOptions, options ...RequestOptionFunc) (*TelegramService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-telegram
+func (s *ServicesService) SetTelegramService(pid any, opt *SetTelegramServiceOptions, options ...RequestOptionFunc) (*TelegramService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2477,8 +2269,8 @@ func (s *ServicesService) SetTelegramService(pid interface{}, opt *SetTelegramSe
 // DeleteTelegramService deletes Telegram service for project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#disable-telegram
-func (s *ServicesService) DeleteTelegramService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-telegram
+func (s *ServicesService) DeleteTelegramService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -2496,7 +2288,7 @@ func (s *ServicesService) DeleteTelegramService(pid interface{}, options ...Requ
 // YouTrackService represents YouTrack service settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#youtrack
+// https://docs.gitlab.com/api/project_integrations/#youtrack
 type YouTrackService struct {
 	Service
 	Properties *YouTrackServiceProperties `json:"properties"`
@@ -2505,7 +2297,7 @@ type YouTrackService struct {
 // YouTrackServiceProperties represents YouTrack specific properties.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#youtrack
+// https://docs.gitlab.com/api/project_integrations/#youtrack
 type YouTrackServiceProperties struct {
 	IssuesURL   string `json:"issues_url"`
 	ProjectURL  string `json:"project_url"`
@@ -2516,8 +2308,8 @@ type YouTrackServiceProperties struct {
 // GetYouTrackService gets YouTrack service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#get-youtrack-service-settings
-func (s *ServicesService) GetYouTrackService(pid interface{}, options ...RequestOptionFunc) (*YouTrackService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#get-youtrack-settings
+func (s *ServicesService) GetYouTrackService(pid any, options ...RequestOptionFunc) (*YouTrackService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2542,7 +2334,7 @@ func (s *ServicesService) GetYouTrackService(pid interface{}, options ...Request
 // options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#createedit-youtrack-service
+// https://docs.gitlab.com/api/project_integrations/#set-up-youtrack
 type SetYouTrackServiceOptions struct {
 	IssuesURL   *string `url:"issues_url,omitempty" json:"issues_url,omitempty"`
 	ProjectURL  *string `url:"project_url,omitempty" json:"project_url,omitempty"`
@@ -2553,8 +2345,8 @@ type SetYouTrackServiceOptions struct {
 // SetYouTrackService sets YouTrack service for a project
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#createedit-youtrack-service
-func (s *ServicesService) SetYouTrackService(pid interface{}, opt *SetYouTrackServiceOptions, options ...RequestOptionFunc) (*YouTrackService, *Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#set-up-youtrack
+func (s *ServicesService) SetYouTrackService(pid any, opt *SetYouTrackServiceOptions, options ...RequestOptionFunc) (*YouTrackService, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -2578,8 +2370,8 @@ func (s *ServicesService) SetYouTrackService(pid interface{}, opt *SetYouTrackSe
 // DeleteYouTrackService deletes YouTrack service settings for a project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/integrations.html#delete-youtrack-service
-func (s *ServicesService) DeleteYouTrackService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+// https://docs.gitlab.com/api/project_integrations/#disable-youtrack
+func (s *ServicesService) DeleteYouTrackService(pid any, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/settings.go b/vendor/gitlab.com/gitlab-org/api/client-go/settings.go
index 13a10c9f79..2f04c29b0c 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/settings.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/settings.go
@@ -31,7 +31,7 @@ type (
 	// SettingsService handles communication with the application SettingsService
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/settings.html
+	// GitLab API docs: https://docs.gitlab.com/api/settings/
 	SettingsService struct {
 		client *Client
 	}
@@ -41,7 +41,7 @@ var _ SettingsServiceInterface = (*SettingsService)(nil)
 
 // Settings represents the GitLab application settings.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/settings.html
+// GitLab API docs: https://docs.gitlab.com/api/settings/
 //
 // The available parameters have been modeled directly after the code, as the
 // documentation seems to be inaccurate.
@@ -60,6 +60,8 @@ type Settings struct {
 	AkismetAPIKey                                         string                    `json:"akismet_api_key"`
 	AkismetEnabled                                        bool                      `json:"akismet_enabled"`
 	AllowAccountDeletion                                  bool                      `json:"allow_account_deletion"`
+	AllowAllIntegrations                                  bool                      `json:"allow_all_integrations"`
+	AllowedIntegrations                                   []string                  `json:"allowed_integrations"`
 	AllowGroupOwnersToManageLDAP                          bool                      `json:"allow_group_owners_to_manage_ldap"`
 	AllowLocalRequestsFromSystemHooks                     bool                      `json:"allow_local_requests_from_system_hooks"`
 	AllowLocalRequestsFromWebHooksAndServices             bool                      `json:"allow_local_requests_from_web_hooks_and_services"`
@@ -73,6 +75,8 @@ type Settings struct {
 	AssetProxySecretKey                                   string                    `json:"asset_proxy_secret_key"`
 	AuthorizedKeysEnabled                                 bool                      `json:"authorized_keys_enabled"`
 	AutoBanUserOnExcessiveProjectsDownload                bool                      `json:"auto_ban_user_on_excessive_projects_download"`
+	AutocompleteUsers                                     int                       `json:"autocomplete_users"`
+	AutocompleteUsersUnauthenticated                      int                       `json:"autocomplete_users_unauthenticated"`
 	AutoDevOpsDomain                                      string                    `json:"auto_devops_domain"`
 	AutoDevOpsEnabled                                     bool                      `json:"auto_devops_enabled"`
 	AutomaticPurchasedStorageAllocation                   bool                      `json:"automatic_purchased_storage_allocation"`
@@ -81,8 +85,10 @@ type Settings struct {
 	BulkImportMaxDownloadFileSize                         int                       `json:"bulk_import_max_download_file_size"`
 	CanCreateGroup                                        bool                      `json:"can_create_group"`
 	CheckNamespacePlan                                    bool                      `json:"check_namespace_plan"`
+	CIJobLiveTraceEnabled                                 bool                      `json:"ci_job_live_trace_enabled"`
 	CIMaxIncludes                                         int                       `json:"ci_max_includes"`
 	CIMaxTotalYAMLSizeBytes                               int                       `json:"ci_max_total_yaml_size_bytes"`
+	CIPartitionsSizeLimit                                 int                       `json:"ci_partitions_size_limit"`
 	CommitEmailHostname                                   string                    `json:"commit_email_hostname"`
 	ConcurrentBitbucketImportJobsLimit                    int                       `json:"concurrent_bitbucket_import_jobs_limit"`
 	ConcurrentBitbucketServerImportJobsLimit              int                       `json:"concurrent_bitbucket_server_import_jobs_limit"`
@@ -108,7 +114,6 @@ type Settings struct {
 	DecompressArchiveFileTimeout                          int                       `json:"decompress_archive_file_timeout"`
 	DefaultArtifactsExpireIn                              string                    `json:"default_artifacts_expire_in"`
 	DefaultBranchName                                     string                    `json:"default_branch_name"`
-	DefaultBranchProtection                               int                       `json:"default_branch_protection"`
 	DefaultBranchProtectionDefaults                       *BranchProtectionDefaults `json:"default_branch_protection_defaults,omitempty"`
 	DefaultCiConfigPath                                   string                    `json:"default_ci_config_path"`
 	DefaultGroupVisibility                                VisibilityValue           `json:"default_group_visibility"`
@@ -169,6 +174,7 @@ type Settings struct {
 	ElasticsearchProjectIDs                               []int                     `json:"elasticsearch_project_ids"`
 	ElasticsearchReplicas                                 int                       `json:"elasticsearch_replicas"`
 	ElasticsearchRequeueWorkers                           bool                      `json:"elasticsearch_requeue_workers"`
+	ElasticsearchRetryOnFailure                           int                       `json:"elasticsearch_retry_on_failure"`
 	ElasticsearchSearch                                   bool                      `json:"elasticsearch_search"`
 	ElasticsearchShards                                   int                       `json:"elasticsearch_shards"`
 	ElasticsearchURL                                      []string                  `json:"elasticsearch_url"`
@@ -181,6 +187,7 @@ type Settings struct {
 	EmailRestrictionsEnabled                              bool                      `json:"email_restrictions_enabled"`
 	EnableArtifactExternalRedirectWarningPage             bool                      `json:"enable_artifact_external_redirect_warning_page"`
 	EnabledGitAccessProtocol                              string                    `json:"enabled_git_access_protocol"`
+	EnforceCIInboundJobTokenScopeEnabled                  bool                      `json:"enforce_ci_inbound_job_token_scope_enabled"`
 	EnforceNamespaceStorageLimit                          bool                      `json:"enforce_namespace_storage_limit"`
 	EnforcePATExpiration                                  bool                      `json:"enforce_pat_expiration"`
 	EnforceSSHKeyExpiration                               bool                      `json:"enforce_ssh_key_expiration"`
@@ -201,7 +208,7 @@ type Settings struct {
 	FlocEnabled                                           bool                      `json:"floc_enabled"`
 	GeoNodeAllowedIPs                                     string                    `json:"geo_node_allowed_ips"`
 	GeoStatusTimeout                                      int                       `json:"geo_status_timeout"`
-	GitRateLimitUsersAlertlist                            []string                  `json:"git_rate_limit_users_alertlist"`
+	GitRateLimitUsersAlertlist                            []int                     `json:"git_rate_limit_users_alertlist"`
 	GitTwoFactorSessionExpiry                             int                       `json:"git_two_factor_session_expiry"`
 	GitalyTimeoutDefault                                  int                       `json:"gitaly_timeout_default"`
 	GitalyTimeoutFast                                     int                       `json:"gitaly_timeout_fast"`
@@ -230,11 +237,7 @@ type Settings struct {
 	HelpText                                              string                    `json:"help_text"`
 	HideThirdPartyOffers                                  bool                      `json:"hide_third_party_offers"`
 	HomePageURL                                           string                    `json:"home_page_url"`
-	HousekeepingBitmapsEnabled                            bool                      `json:"housekeeping_bitmaps_enabled"`
 	HousekeepingEnabled                                   bool                      `json:"housekeeping_enabled"`
-	HousekeepingFullRepackPeriod                          int                       `json:"housekeeping_full_repack_period"`
-	HousekeepingGcPeriod                                  int                       `json:"housekeeping_gc_period"`
-	HousekeepingIncrementalRepackPeriod                   int                       `json:"housekeeping_incremental_repack_period"`
 	HousekeepingOptimizeRepositoryPeriod                  int                       `json:"housekeeping_optimize_repository_period"`
 	ImportSources                                         []string                  `json:"import_sources"`
 	InactiveProjectsDeleteAfterMonths                     int                       `json:"inactive_projects_delete_after_months"`
@@ -297,9 +300,7 @@ type Settings struct {
 	PasswordSymbolRequired                                bool                      `json:"password_symbol_required"`
 	PasswordUppercaseRequired                             bool                      `json:"password_uppercase_required"`
 	PasswordLowercaseRequired                             bool                      `json:"password_lowercase_required"`
-	PerformanceBarAllowedGroupID                          int                       `json:"performance_bar_allowed_group_id"`
 	PerformanceBarAllowedGroupPath                        string                    `json:"performance_bar_allowed_group_path"`
-	PerformanceBarEnabled                                 bool                      `json:"performance_bar_enabled"`
 	PersonalAccessTokenPrefix                             string                    `json:"personal_access_token_prefix"`
 	PipelineLimitPerProjectUserSha                        int                       `json:"pipeline_limit_per_project_user_sha"`
 	PlantumlEnabled                                       bool                      `json:"plantuml_enabled"`
@@ -455,6 +456,20 @@ type Settings struct {
 	WhatsNewVariant                                       string                    `json:"whats_new_variant"`
 	WikiPageMaxContentBytes                               int                       `json:"wiki_page_max_content_bytes"`
 
+	// Deprecated: Use DefaultBranchProtectionDefaults instead.
+	DefaultBranchProtection int `json:"default_branch_protection"`
+	// Deprecated: Cannot be set through the API, always true
+	HousekeepingBitmapsEnabled bool `json:"housekeeping_bitmaps_enabled"`
+	// Deprecated: use HousekeepingOptimizeRepositoryPeriod instead
+	HousekeepingFullRepackPeriod int `json:"housekeeping_full_repack_period"`
+	// Deprecated: use HousekeepingOptimizeRepositoryPeriod instead
+	HousekeepingGcPeriod int `json:"housekeeping_gc_period"`
+	// Deprecated: use HousekeepingOptimizeRepositoryPeriod instead
+	HousekeepingIncrementalRepackPeriod int `json:"housekeeping_incremental_repack_period"`
+	// Deprecated: use PerformanceBarAllowedGroupPath instead
+	PerformanceBarAllowedGroupID int `json:"performance_bar_allowed_group_id"`
+	// Deprecated: use PerformanceBarAllowedGroupPath: nil instead
+	PerformanceBarEnabled bool `json:"performance_bar_enabled"`
 	// Deprecated: Use AbuseNotificationEmail instead.
 	AdminNotificationEmail string `json:"admin_notification_email"`
 	// Deprecated: Use AllowLocalRequestsFromWebHooksAndServices instead.
@@ -477,7 +492,7 @@ type Settings struct {
 func (s *Settings) UnmarshalJSON(data []byte) error {
 	type Alias Settings
 
-	raw := make(map[string]interface{})
+	raw := make(map[string]any)
 	err := json.Unmarshal(data, &raw)
 	if err != nil {
 		return err
@@ -503,7 +518,7 @@ func (s Settings) String() string {
 // GetSettings gets the current application settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/settings.html#get-current-application-settings
+// https://docs.gitlab.com/api/settings/#get-details-on-current-application-settings
 func (s *SettingsService) GetSettings(options ...RequestOptionFunc) (*Settings, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "application/settings", nil, options)
 	if err != nil {
@@ -522,18 +537,18 @@ func (s *SettingsService) GetSettings(options ...RequestOptionFunc) (*Settings,
 // UpdateSettingsOptions represents the available UpdateSettings() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/settings.html#change-application-settings
+// https://docs.gitlab.com/api/settings/#update-application-settings
 type UpdateSettingsOptions struct {
 	AbuseNotificationEmail                                *string                                 `url:"abuse_notification_email,omitempty" json:"abuse_notification_email,omitempty"`
 	AdminMode                                             *bool                                   `url:"admin_mode,omitempty" json:"admin_mode,omitempty"`
-	AdminNotificationEmail                                *string                                 `url:"admin_notification_email,omitempty" json:"admin_notification_email,omitempty"`
 	AfterSignOutPath                                      *string                                 `url:"after_sign_out_path,omitempty" json:"after_sign_out_path,omitempty"`
 	AfterSignUpText                                       *string                                 `url:"after_sign_up_text,omitempty" json:"after_sign_up_text,omitempty"`
 	AkismetAPIKey                                         *string                                 `url:"akismet_api_key,omitempty" json:"akismet_api_key,omitempty"`
 	AkismetEnabled                                        *bool                                   `url:"akismet_enabled,omitempty" json:"akismet_enabled,omitempty"`
 	AllowAccountDeletion                                  *bool                                   `url:"allow_account_deletion,omitempty" json:"allow_account_deletion,omitempty"`
+	AllowAllIntegrations                                  *bool                                   `url:"allow_all_integrations,omitempty" json:"allow_all_integrations,omitempty"`
+	AllowedIntegrations                                   *[]string                               `url:"allowed_integrations,omitempty" json:"allowed_integrations,omitempty"`
 	AllowGroupOwnersToManageLDAP                          *bool                                   `url:"allow_group_owners_to_manage_ldap,omitempty" json:"allow_group_owners_to_manage_ldap,omitempty"`
-	AllowLocalRequestsFromHooksAndServices                *bool                                   `url:"allow_local_requests_from_hooks_and_services,omitempty" json:"allow_local_requests_from_hooks_and_services,omitempty"`
 	AllowLocalRequestsFromSystemHooks                     *bool                                   `url:"allow_local_requests_from_system_hooks,omitempty" json:"allow_local_requests_from_system_hooks,omitempty"`
 	AllowLocalRequestsFromWebHooksAndServices             *bool                                   `url:"allow_local_requests_from_web_hooks_and_services,omitempty" json:"allow_local_requests_from_web_hooks_and_services,omitempty"`
 	AllowProjectCreationForGuestAndBelow                  *bool                                   `url:"allow_project_creation_for_guest_and_below,omitempty" json:"allow_project_creation_for_guest_and_below,omitempty"`
@@ -544,9 +559,10 @@ type UpdateSettingsOptions struct {
 	AssetProxyEnabled                                     *bool                                   `url:"asset_proxy_enabled,omitempty" json:"asset_proxy_enabled,omitempty"`
 	AssetProxySecretKey                                   *string                                 `url:"asset_proxy_secret_key,omitempty" json:"asset_proxy_secret_key,omitempty"`
 	AssetProxyURL                                         *string                                 `url:"asset_proxy_url,omitempty" json:"asset_proxy_url,omitempty"`
-	AssetProxyWhitelist                                   *[]string                               `url:"asset_proxy_whitelist,omitempty" json:"asset_proxy_whitelist,omitempty"`
 	AuthorizedKeysEnabled                                 *bool                                   `url:"authorized_keys_enabled,omitempty" json:"authorized_keys_enabled,omitempty"`
 	AutoBanUserOnExcessiveProjectsDownload                *bool                                   `url:"auto_ban_user_on_excessive_projects_download,omitempty" json:"auto_ban_user_on_excessive_projects_download,omitempty"`
+	AutocompleteUsers                                     *int                                    `url:"autocomplete_users,omitempty" json:"autocomplete_users,omitempty"`
+	AutocompleteUsersUnauthenticated                      *int                                    `url:"autocomplete_users_unauthenticated,omitempty" json:"autocomplete_users_unauthenticated,omitempty"`
 	AutoDevOpsDomain                                      *string                                 `url:"auto_devops_domain,omitempty" json:"auto_devops_domain,omitempty"`
 	AutoDevOpsEnabled                                     *bool                                   `url:"auto_devops_enabled,omitempty" json:"auto_devops_enabled,omitempty"`
 	AutomaticPurchasedStorageAllocation                   *bool                                   `url:"automatic_purchased_storage_allocation,omitempty" json:"automatic_purchased_storage_allocation,omitempty"`
@@ -555,8 +571,10 @@ type UpdateSettingsOptions struct {
 	BulkImportMaxDownloadFileSize                         *int                                    `url:"bulk_import_max_download_file_size,omitempty" json:"bulk_import_max_download_file_size,omitempty"`
 	CanCreateGroup                                        *bool                                   `url:"can_create_group,omitempty" json:"can_create_group,omitempty"`
 	CheckNamespacePlan                                    *bool                                   `url:"check_namespace_plan,omitempty" json:"check_namespace_plan,omitempty"`
+	CIJobLiveTraceEnabled                                 *bool                                   `url:"ci_job_live_trace_enabled,omitempty" json:"ci_job_live_trace_enabled,omitempty"`
 	CIMaxIncludes                                         *int                                    `url:"ci_max_includes,omitempty" json:"ci_max_includes,omitempty"`
 	CIMaxTotalYAMLSizeBytes                               *int                                    `url:"ci_max_total_yaml_size_bytes,omitempty" json:"ci_max_total_yaml_size_bytes,omitempty"`
+	CIPartitionsSizeLimit                                 *int                                    `url:"ci_partitions_size_limit,omitempty" json:"ci_partitions_size_limit,omitempty"`
 	CommitEmailHostname                                   *string                                 `url:"commit_email_hostname,omitempty" json:"commit_email_hostname,omitempty"`
 	ConcurrentBitbucketImportJobsLimit                    *int                                    `url:"concurrent_bitbucket_import_jobs_limit,omitempty" json:"concurrent_bitbucket_import_jobs_limit,omitempty"`
 	ConcurrentBitbucketServerImportJobsLimit              *int                                    `url:"concurrent_bitbucket_server_import_jobs_limit,omitempty" json:"concurrent_bitbucket_server_import_jobs_limit,omitempty"`
@@ -581,7 +599,6 @@ type UpdateSettingsOptions struct {
 	DecompressArchiveFileTimeout                          *int                                    `url:"decompress_archive_file_timeout,omitempty" json:"decompress_archive_file_timeout,omitempty"`
 	DefaultArtifactsExpireIn                              *string                                 `url:"default_artifacts_expire_in,omitempty" json:"default_artifacts_expire_in,omitempty"`
 	DefaultBranchName                                     *string                                 `url:"default_branch_name,omitempty" json:"default_branch_name,omitempty"`
-	DefaultBranchProtection                               *int                                    `url:"default_branch_protection,omitempty" json:"default_branch_protection,omitempty"`
 	DefaultBranchProtectionDefaults                       *DefaultBranchProtectionDefaultsOptions `url:"default_branch_protection_defaults,omitempty" json:"default_branch_protection_defaults,omitempty"`
 	DefaultCiConfigPath                                   *string                                 `url:"default_ci_config_path,omitempty" json:"default_ci_config_path,omitempty"`
 	DefaultGroupVisibility                                *VisibilityValue                        `url:"default_group_visibility,omitempty" json:"default_group_visibility,omitempty"`
@@ -642,6 +659,7 @@ type UpdateSettingsOptions struct {
 	ElasticsearchProjectIDs                               *[]int                                  `url:"elasticsearch_project_ids,omitempty" json:"elasticsearch_project_ids,omitempty"`
 	ElasticsearchReplicas                                 *int                                    `url:"elasticsearch_replicas,omitempty" json:"elasticsearch_replicas,omitempty"`
 	ElasticsearchRequeueWorkers                           *bool                                   `url:"elasticsearch_requeue_workers,omitempty" json:"elasticsearch_requeue_workers,omitempty"`
+	ElasticsearchRetryOnFailure                           *int                                    `url:"elasticsearch_retry_on_failure,omitempty" json:"elasticsearch_retry_on_failure,omitempty"`
 	ElasticsearchSearch                                   *bool                                   `url:"elasticsearch_search,omitempty" json:"elasticsearch_search,omitempty"`
 	ElasticsearchShards                                   *int                                    `url:"elasticsearch_shards,omitempty" json:"elasticsearch_shards,omitempty"`
 	ElasticsearchURL                                      *string                                 `url:"elasticsearch_url,omitempty" json:"elasticsearch_url,omitempty"`
@@ -654,6 +672,7 @@ type UpdateSettingsOptions struct {
 	EmailRestrictionsEnabled                              *bool                                   `url:"email_restrictions_enabled,omitempty" json:"email_restrictions_enabled,omitempty"`
 	EnableArtifactExternalRedirectWarningPage             *bool                                   `url:"enable_artifact_external_redirect_warning_page,omitempty" json:"enable_artifact_external_redirect_warning_page,omitempty"`
 	EnabledGitAccessProtocol                              *string                                 `url:"enabled_git_access_protocol,omitempty" json:"enabled_git_access_protocol,omitempty"`
+	EnforceCIInboundJobTokenScopeEnabled                  *bool                                   `url:"enforce_ci_inbound_job_token_scope_enabled,omitempty" json:"enforce_ci_inbound_job_token_scope_enabled,omitempty"`
 	EnforceNamespaceStorageLimit                          *bool                                   `url:"enforce_namespace_storage_limit,omitempty" json:"enforce_namespace_storage_limit,omitempty"`
 	EnforcePATExpiration                                  *bool                                   `url:"enforce_pat_expiration,omitempty" json:"enforce_pat_expiration,omitempty"`
 	EnforceSSHKeyExpiration                               *bool                                   `url:"enforce_ssh_key_expiration,omitempty" json:"enforce_ssh_key_expiration,omitempty"`
@@ -674,7 +693,7 @@ type UpdateSettingsOptions struct {
 	FlocEnabled                                           *bool                                   `url:"floc_enabled,omitempty" json:"floc_enabled,omitempty"`
 	GeoNodeAllowedIPs                                     *string                                 `url:"geo_node_allowed_ips,omitempty" json:"geo_node_allowed_ips,omitempty"`
 	GeoStatusTimeout                                      *int                                    `url:"geo_status_timeout,omitempty" json:"geo_status_timeout,omitempty"`
-	GitRateLimitUsersAlertlist                            *[]string                               `url:"git_rate_limit_users_alertlist,omitempty" json:"git_rate_limit_users_alertlist,omitempty"`
+	GitRateLimitUsersAlertlist                            *[]int                                  `url:"git_rate_limit_users_alertlist,omitempty" json:"git_rate_limit_users_alertlist,omitempty"`
 	GitTwoFactorSessionExpiry                             *int                                    `url:"git_two_factor_session_expiry,omitempty" json:"git_two_factor_session_expiry,omitempty"`
 	GitalyTimeoutDefault                                  *int                                    `url:"gitaly_timeout_default,omitempty" json:"gitaly_timeout_default,omitempty"`
 	GitalyTimeoutFast                                     *int                                    `url:"gitaly_timeout_fast,omitempty" json:"gitaly_timeout_fast,omitempty"`
@@ -703,11 +722,7 @@ type UpdateSettingsOptions struct {
 	HelpText                                              *string                                 `url:"help_text,omitempty" json:"help_text,omitempty"`
 	HideThirdPartyOffers                                  *bool                                   `url:"hide_third_party_offers,omitempty" json:"hide_third_party_offers,omitempty"`
 	HomePageURL                                           *string                                 `url:"home_page_url,omitempty" json:"home_page_url,omitempty"`
-	HousekeepingBitmapsEnabled                            *bool                                   `url:"housekeeping_bitmaps_enabled,omitempty" json:"housekeeping_bitmaps_enabled,omitempty"`
 	HousekeepingEnabled                                   *bool                                   `url:"housekeeping_enabled,omitempty" json:"housekeeping_enabled,omitempty"`
-	HousekeepingFullRepackPeriod                          *int                                    `url:"housekeeping_full_repack_period,omitempty" json:"housekeeping_full_repack_period,omitempty"`
-	HousekeepingGcPeriod                                  *int                                    `url:"housekeeping_gc_period,omitempty" json:"housekeeping_gc_period,omitempty"`
-	HousekeepingIncrementalRepackPeriod                   *int                                    `url:"housekeeping_incremental_repack_period,omitempty" json:"housekeeping_incremental_repack_period,omitempty"`
 	HousekeepingOptimizeRepositoryPeriod                  *int                                    `url:"housekeeping_optimize_repository_period,omitempty" json:"housekeeping_optimize_repository_period,omitempty"`
 	ImportSources                                         *[]string                               `url:"import_sources,omitempty" json:"import_sources,omitempty"`
 	InactiveProjectsDeleteAfterMonths                     *int                                    `url:"inactive_projects_delete_after_months,omitempty" json:"inactive_projects_delete_after_months,omitempty"`
@@ -770,9 +785,7 @@ type UpdateSettingsOptions struct {
 	PasswordSymbolRequired                                *bool                                   `url:"password_symbol_required,omitempty" json:"password_symbol_required,omitempty"`
 	PasswordUppercaseRequired                             *bool                                   `url:"password_uppercase_required,omitempty" json:"password_uppercase_required,omitempty"`
 	PasswordLowercaseRequired                             *bool                                   `url:"password_lowercase_required,omitempty" json:"password_lowercase_required,omitempty"`
-	PerformanceBarAllowedGroupID                          *int                                    `url:"performance_bar_allowed_group_id,omitempty" json:"performance_bar_allowed_group_id,omitempty"`
 	PerformanceBarAllowedGroupPath                        *string                                 `url:"performance_bar_allowed_group_path,omitempty" json:"performance_bar_allowed_group_path,omitempty"`
-	PerformanceBarEnabled                                 *bool                                   `url:"performance_bar_enabled,omitempty" json:"performance_bar_enabled,omitempty"`
 	PersonalAccessTokenPrefix                             *string                                 `url:"personal_access_token_prefix,omitempty" json:"personal_access_token_prefix,omitempty"`
 	PlantumlEnabled                                       *bool                                   `url:"plantuml_enabled,omitempty" json:"plantuml_enabled,omitempty"`
 	PlantumlURL                                           *string                                 `url:"plantuml_url,omitempty" json:"plantuml_url,omitempty"`
@@ -890,7 +903,6 @@ type UpdateSettingsOptions struct {
 	ThrottleUnauthenticatedDeprecatedAPIEnabled           *bool                                   `url:"throttle_unauthenticated_deprecated_api_enabled,omitempty" json:"throttle_unauthenticated_deprecated_api_enabled,omitempty"`
 	ThrottleUnauthenticatedDeprecatedAPIPeriodInSeconds   *int                                    `url:"throttle_unauthenticated_deprecated_api_period_in_seconds,omitempty" json:"throttle_unauthenticated_deprecated_api_period_in_seconds,omitempty"`
 	ThrottleUnauthenticatedDeprecatedAPIRequestsPerPeriod *int                                    `url:"throttle_unauthenticated_deprecated_api_requests_per_period,omitempty" json:"throttle_unauthenticated_deprecated_api_requests_per_period,omitempty"`
-	ThrottleUnauthenticatedEnabled                        *bool                                   `url:"throttle_unauthenticated_enabled,omitempty" json:"throttle_unauthenticated_enabled,omitempty"`
 	ThrottleUnauthenticatedFilesAPIEnabled                *bool                                   `url:"throttle_unauthenticated_files_api_enabled,omitempty" json:"throttle_unauthenticated_files_api_enabled,omitempty"`
 	ThrottleUnauthenticatedFilesAPIPeriodInSeconds        *int                                    `url:"throttle_unauthenticated_files_api_period_in_seconds,omitempty" json:"throttle_unauthenticated_files_api_period_in_seconds,omitempty"`
 	ThrottleUnauthenticatedFilesAPIRequestsPerPeriod      *int                                    `url:"throttle_unauthenticated_files_api_requests_per_period,omitempty" json:"throttle_unauthenticated_files_api_requests_per_period,omitempty"`
@@ -900,8 +912,6 @@ type UpdateSettingsOptions struct {
 	ThrottleUnauthenticatedPackagesAPIEnabled             *bool                                   `url:"throttle_unauthenticated_packages_api_enabled,omitempty" json:"throttle_unauthenticated_packages_api_enabled,omitempty"`
 	ThrottleUnauthenticatedPackagesAPIPeriodInSeconds     *int                                    `url:"throttle_unauthenticated_packages_api_period_in_seconds,omitempty" json:"throttle_unauthenticated_packages_api_period_in_seconds,omitempty"`
 	ThrottleUnauthenticatedPackagesAPIRequestsPerPeriod   *int                                    `url:"throttle_unauthenticated_packages_api_requests_per_period,omitempty" json:"throttle_unauthenticated_packages_api_requests_per_period,omitempty"`
-	ThrottleUnauthenticatedPeriodInSeconds                *int                                    `url:"throttle_unauthenticated_period_in_seconds,omitempty" json:"throttle_unauthenticated_period_in_seconds,omitempty"`
-	ThrottleUnauthenticatedRequestsPerPeriod              *int                                    `url:"throttle_unauthenticated_requests_per_period,omitempty" json:"throttle_unauthenticated_requests_per_period,omitempty"`
 	ThrottleUnauthenticatedWebEnabled                     *bool                                   `url:"throttle_unauthenticated_web_enabled,omitempty" json:"throttle_unauthenticated_web_enabled,omitempty"`
 	ThrottleUnauthenticatedWebPeriodInSeconds             *int                                    `url:"throttle_unauthenticated_web_period_in_seconds,omitempty" json:"throttle_unauthenticated_web_period_in_seconds,omitempty"`
 	ThrottleUnauthenticatedWebRequestsPerPeriod           *int                                    `url:"throttle_unauthenticated_web_requests_per_period,omitempty" json:"throttle_unauthenticated_web_requests_per_period,omitempty"`
@@ -930,12 +940,39 @@ type UpdateSettingsOptions struct {
 	WebIDEClientsidePreviewEnabled                        *bool                                   `url:"web_ide_clientside_preview_enabled,omitempty" json:"web_ide_clientside_preview_enabled,omitempty"`
 	WhatsNewVariant                                       *string                                 `url:"whats_new_variant,omitempty" json:"whats_new_variant,omitempty"`
 	WikiPageMaxContentBytes                               *int                                    `url:"wiki_page_max_content_bytes,omitempty" json:"wiki_page_max_content_bytes,omitempty"`
+
+	// Deprecated: Use AbuseNotificationEmail instead.
+	AdminNotificationEmail *string `url:"admin_notification_email,omitempty" json:"admin_notification_email,omitempty"`
+	// Deprecated: Use AllowLocalRequestsFromWebHooksAndServices instead.
+	AllowLocalRequestsFromHooksAndServices *bool `url:"allow_local_requests_from_hooks_and_services,omitempty" json:"allow_local_requests_from_hooks_and_services,omitempty"`
+	// Deprecated: Use AssetProxyAllowlist instead.
+	AssetProxyWhitelist *[]string `url:"asset_proxy_whitelist,omitempty" json:"asset_proxy_whitelist,omitempty"`
+	// Deprecated: Use DefaultBranchProtectionDefaults instead.
+	DefaultBranchProtection *int `url:"default_branch_protection,omitempty" json:"default_branch_protection,omitempty"`
+	// Deprecated: Cannot be set through the API, always true
+	HousekeepingBitmapsEnabled *bool `url:"housekeeping_bitmaps_enabled,omitempty" json:"housekeeping_bitmaps_enabled,omitempty"`
+	// Deprecated: use HousekeepingOptimizeRepositoryPeriod instead
+	HousekeepingFullRepackPeriod *int `url:"housekeeping_full_repack_period,omitempty" json:"housekeeping_full_repack_period,omitempty"`
+	// Deprecated: use HousekeepingOptimizeRepositoryPeriod instead
+	HousekeepingGcPeriod *int `url:"housekeeping_gc_period,omitempty" json:"housekeeping_gc_period,omitempty"`
+	// Deprecated: use HousekeepingOptimizeRepositoryPeriod instead
+	HousekeepingIncrementalRepackPeriod *int `url:"housekeeping_incremental_repack_period,omitempty" json:"housekeeping_incremental_repack_period,omitempty"`
+	// Deprecated: use PerformanceBarAllowedGroupPath instead
+	PerformanceBarAllowedGroupID *int `url:"performance_bar_allowed_group_id,omitempty" json:"performance_bar_allowed_group_id,omitempty"`
+	// Deprecated: use PerformanceBarAllowedGroupPath: nil instead
+	PerformanceBarEnabled *bool `url:"performance_bar_enabled,omitempty" json:"performance_bar_enabled,omitempty"`
+	// Deprecated: Use ThrottleUnauthenticatedWebEnabled or ThrottleUnauthenticatedAPIEnabled instead. (Deprecated in GitLab 14.3)
+	ThrottleUnauthenticatedEnabled *bool `url:"throttle_unauthenticated_enabled,omitempty" json:"throttle_unauthenticated_enabled,omitempty"`
+	// Deprecated: Use ThrottleUnauthenticatedWebPeriodInSeconds or ThrottleUnauthenticatedAPIPeriodInSeconds instead. (Deprecated in GitLab 14.3)
+	ThrottleUnauthenticatedPeriodInSeconds *int `url:"throttle_unauthenticated_period_in_seconds,omitempty" json:"throttle_unauthenticated_period_in_seconds,omitempty"`
+	// Deprecated: Use ThrottleUnauthenticatedWebRequestsPerPeriod or ThrottleUnauthenticatedAPIRequestsPerPeriod instead. (Deprecated in GitLab 14.3)
+	ThrottleUnauthenticatedRequestsPerPeriod *int `url:"throttle_unauthenticated_requests_per_period,omitempty" json:"throttle_unauthenticated_requests_per_period,omitempty"`
 }
 
 // BranchProtectionDefaultsOptions represents default Git protected branch permissions options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/groups.html#options-for-default_branch_protection_defaults
+// https://docs.gitlab.com/api/groups/#options-for-default_branch_protection_defaults
 type BranchProtectionDefaultsOptions struct {
 	AllowedToPush           *[]int `url:"allowed_to_push,omitempty" json:"allowed_to_push,omitempty"`
 	AllowForcePush          *bool  `url:"allow_force_push,omitempty" json:"allow_force_push,omitempty"`
@@ -946,7 +983,7 @@ type BranchProtectionDefaultsOptions struct {
 // UpdateSettings updates the application settings.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/settings.html#change-application-settings
+// https://docs.gitlab.com/api/settings/#update-application-settings
 func (s *SettingsService) UpdateSettings(opt *UpdateSettingsOptions, options ...RequestOptionFunc) (*Settings, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPut, "application/settings", opt, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/sidekiq_metrics.go b/vendor/gitlab.com/gitlab-org/api/client-go/sidekiq_metrics.go
index bbd4c7b28d..0a985847fc 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/sidekiq_metrics.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/sidekiq_metrics.go
@@ -31,7 +31,7 @@ type (
 
 	// SidekiqService handles communication with the sidekiq service
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/sidekiq_metrics.html
+	// GitLab API docs: https://docs.gitlab.com/api/sidekiq_metrics/
 	SidekiqService struct {
 		client *Client
 	}
@@ -42,7 +42,7 @@ var _ SidekiqServiceInterface = (*SidekiqService)(nil)
 // QueueMetrics represents the GitLab sidekiq queue metrics.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/sidekiq_metrics.html#get-the-current-queue-metrics
+// https://docs.gitlab.com/api/sidekiq_metrics/#get-the-current-queue-metrics
 type QueueMetrics struct {
 	Queues map[string]struct {
 		Backlog int `json:"backlog"`
@@ -54,7 +54,7 @@ type QueueMetrics struct {
 // their backlog and their latency.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/sidekiq_metrics.html#get-the-current-queue-metrics
+// https://docs.gitlab.com/api/sidekiq_metrics/#get-the-current-queue-metrics
 func (s *SidekiqService) GetQueueMetrics(options ...RequestOptionFunc) (*QueueMetrics, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "/sidekiq/queue_metrics", nil, options)
 	if err != nil {
@@ -73,7 +73,7 @@ func (s *SidekiqService) GetQueueMetrics(options ...RequestOptionFunc) (*QueueMe
 // ProcessMetrics represents the GitLab sidekiq process metrics.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/sidekiq_metrics.html#get-the-current-process-metrics
+// https://docs.gitlab.com/api/sidekiq_metrics/#get-the-current-process-metrics
 type ProcessMetrics struct {
 	Processes []struct {
 		Hostname    string     `json:"hostname"`
@@ -91,7 +91,7 @@ type ProcessMetrics struct {
 // to process your queues.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/sidekiq_metrics.html#get-the-current-process-metrics
+// https://docs.gitlab.com/api/sidekiq_metrics/#get-the-current-process-metrics
 func (s *SidekiqService) GetProcessMetrics(options ...RequestOptionFunc) (*ProcessMetrics, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "/sidekiq/process_metrics", nil, options)
 	if err != nil {
@@ -110,7 +110,7 @@ func (s *SidekiqService) GetProcessMetrics(options ...RequestOptionFunc) (*Proce
 // JobStats represents the GitLab sidekiq job stats.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/sidekiq_metrics.html#get-the-current-job-statistics
+// https://docs.gitlab.com/api/sidekiq_metrics/#get-the-current-job-statistics
 type JobStats struct {
 	Jobs struct {
 		Processed int `json:"processed"`
@@ -122,7 +122,7 @@ type JobStats struct {
 // GetJobStats list information about the jobs that Sidekiq has performed.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/sidekiq_metrics.html#get-the-current-job-statistics
+// https://docs.gitlab.com/api/sidekiq_metrics/#get-the-current-job-statistics
 func (s *SidekiqService) GetJobStats(options ...RequestOptionFunc) (*JobStats, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "/sidekiq/job_stats", nil, options)
 	if err != nil {
@@ -141,7 +141,7 @@ func (s *SidekiqService) GetJobStats(options ...RequestOptionFunc) (*JobStats, *
 // CompoundMetrics represents the GitLab sidekiq compounded stats.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/sidekiq_metrics.html#get-a-compound-response-of-all-the-previously-mentioned-metrics
+// https://docs.gitlab.com/api/sidekiq_metrics/#get-a-compound-response-of-all-the-previously-mentioned-metrics
 type CompoundMetrics struct {
 	QueueMetrics
 	ProcessMetrics
@@ -151,7 +151,8 @@ type CompoundMetrics struct {
 // GetCompoundMetrics lists all the currently available information about Sidekiq.
 // Get a compound response of all the previously mentioned metrics
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/sidekiq_metrics.html#get-a-compound-response-of-all-the-previously-mentioned-metrics
+// GitLab API docs:
+// https://docs.gitlab.com/api/sidekiq_metrics/#get-a-compound-response-of-all-the-previously-mentioned-metrics
 func (s *SidekiqService) GetCompoundMetrics(options ...RequestOptionFunc) (*CompoundMetrics, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "/sidekiq/compound_metrics", nil, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/snippet_repository_storage_move.go b/vendor/gitlab.com/gitlab-org/api/client-go/snippet_repository_storage_move.go
index 96d1780832..b25c3a4875 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/snippet_repository_storage_move.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/snippet_repository_storage_move.go
@@ -36,7 +36,7 @@ type (
 	// snippets related methods of the GitLab API.
 	//
 	// GitLab API docs:
-	// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html
+	// https://docs.gitlab.com/api/snippet_repository_storage_moves/
 	SnippetRepositoryStorageMoveService struct {
 		client *Client
 	}
@@ -47,7 +47,7 @@ var _ SnippetRepositoryStorageMoveServiceInterface = (*SnippetRepositoryStorageM
 // SnippetRepositoryStorageMove represents the status of a repository move.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/
 type SnippetRepositoryStorageMove struct {
 	ID                     int                `json:"id"`
 	CreatedAt              *time.Time         `json:"created_at"`
@@ -75,14 +75,15 @@ type RepositorySnippet struct {
 // RetrieveAllStorageMoves() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html#retrieve-all-repository-storage-moves-for-a-snippet
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/#retrieve-all-snippet-repository-storage-moves
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/#retrieve-all-repository-storage-moves-for-a-snippet
 type RetrieveAllSnippetStorageMovesOptions ListOptions
 
 // RetrieveAllStorageMoves retrieves all snippet repository storage moves
 // accessible by the authenticated user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html#retrieve-all-repository-storage-moves-for-a-snippet
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/#retrieve-all-snippet-repository-storage-moves
 func (s SnippetRepositoryStorageMoveService) RetrieveAllStorageMoves(opts RetrieveAllSnippetStorageMovesOptions, options ...RequestOptionFunc) ([]*SnippetRepositoryStorageMove, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "snippet_repository_storage_moves", opts, options)
 	if err != nil {
@@ -102,7 +103,7 @@ func (s SnippetRepositoryStorageMoveService) RetrieveAllStorageMoves(opts Retrie
 // a single snippet accessible by the authenticated user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html#retrieve-all-repository-storage-moves-for-a-snippet
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/#retrieve-all-repository-storage-moves-for-a-snippet
 func (s SnippetRepositoryStorageMoveService) RetrieveAllStorageMovesForSnippet(snippet int, opts RetrieveAllSnippetStorageMovesOptions, options ...RequestOptionFunc) ([]*SnippetRepositoryStorageMove, *Response, error) {
 	u := fmt.Sprintf("snippets/%d/repository_storage_moves", snippet)
 
@@ -123,7 +124,7 @@ func (s SnippetRepositoryStorageMoveService) RetrieveAllStorageMovesForSnippet(s
 // GetStorageMove gets a single snippet repository storage move.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html#get-a-single-snippet-repository-storage-move
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/#get-a-single-snippet-repository-storage-move
 func (s SnippetRepositoryStorageMoveService) GetStorageMove(repositoryStorage int, options ...RequestOptionFunc) (*SnippetRepositoryStorageMove, *Response, error) {
 	u := fmt.Sprintf("snippet_repository_storage_moves/%d", repositoryStorage)
 
@@ -144,7 +145,7 @@ func (s SnippetRepositoryStorageMoveService) GetStorageMove(repositoryStorage in
 // GetStorageMoveForSnippet gets a single repository storage move for a snippet.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html#get-a-single-repository-storage-move-for-a-snippet
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/#get-a-single-repository-storage-move-for-a-snippet
 func (s SnippetRepositoryStorageMoveService) GetStorageMoveForSnippet(snippet int, repositoryStorage int, options ...RequestOptionFunc) (*SnippetRepositoryStorageMove, *Response, error) {
 	u := fmt.Sprintf("snippets/%d/repository_storage_moves/%d", snippet, repositoryStorage)
 
@@ -166,7 +167,7 @@ func (s SnippetRepositoryStorageMoveService) GetStorageMoveForSnippet(snippet in
 // ScheduleStorageMoveForSnippet() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html#schedule-a-repository-storage-move-for-a-snippet
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/#schedule-a-repository-storage-move-for-a-snippet
 type ScheduleStorageMoveForSnippetOptions struct {
 	DestinationStorageName *string `url:"destination_storage_name,omitempty" json:"destination_storage_name,omitempty"`
 }
@@ -174,7 +175,7 @@ type ScheduleStorageMoveForSnippetOptions struct {
 // ScheduleStorageMoveForSnippet schedule a repository to be moved for a snippet.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html#schedule-a-repository-storage-move-for-a-snippet
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/#schedule-a-repository-storage-move-for-a-snippet
 func (s SnippetRepositoryStorageMoveService) ScheduleStorageMoveForSnippet(snippet int, opts ScheduleStorageMoveForSnippetOptions, options ...RequestOptionFunc) (*SnippetRepositoryStorageMove, *Response, error) {
 	u := fmt.Sprintf("snippets/%d/repository_storage_moves", snippet)
 
@@ -196,7 +197,7 @@ func (s SnippetRepositoryStorageMoveService) ScheduleStorageMoveForSnippet(snipp
 // ScheduleAllStorageMoves() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html#schedule-repository-storage-moves-for-all-snippets-on-a-storage-shard
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/#schedule-repository-storage-moves-for-all-snippets-on-a-storage-shard
 type ScheduleAllSnippetStorageMovesOptions struct {
 	SourceStorageName      *string `url:"source_storage_name,omitempty" json:"source_storage_name,omitempty"`
 	DestinationStorageName *string `url:"destination_storage_name,omitempty" json:"destination_storage_name,omitempty"`
@@ -205,7 +206,7 @@ type ScheduleAllSnippetStorageMovesOptions struct {
 // ScheduleAllStorageMoves schedules all snippet repositories to be moved.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippet_repository_storage_moves.html#schedule-repository-storage-moves-for-all-snippets-on-a-storage-shard
+// https://docs.gitlab.com/api/snippet_repository_storage_moves/#schedule-repository-storage-moves-for-all-snippets-on-a-storage-shard
 func (s SnippetRepositoryStorageMoveService) ScheduleAllStorageMoves(opts ScheduleAllSnippetStorageMovesOptions, options ...RequestOptionFunc) (*Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "snippet_repository_storage_moves", opts, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/snippets.go b/vendor/gitlab.com/gitlab-org/api/client-go/snippets.go
index d8a6ea35ce..d3bdad822e 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/snippets.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/snippets.go
@@ -39,7 +39,7 @@ type (
 	// SnippetsService handles communication with the snippets
 	// related methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/snippets.html
+	// GitLab API docs: https://docs.gitlab.com/api/snippets/
 	SnippetsService struct {
 		client *Client
 	}
@@ -49,7 +49,7 @@ var _ SnippetsServiceInterface = (*SnippetsService)(nil)
 
 // Snippet represents a GitLab snippet.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/snippets.html
+// GitLab API docs: https://docs.gitlab.com/api/snippets/
 type Snippet struct {
 	ID          int    `json:"id"`
 	Title       string `json:"title"`
@@ -83,13 +83,13 @@ func (s Snippet) String() string {
 // ListSnippetsOptions represents the available ListSnippets() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#list-all-snippets-for-a-user
+// https://docs.gitlab.com/api/snippets/#list-all-snippets-for-current-user
 type ListSnippetsOptions ListOptions
 
 // ListSnippets gets a list of snippets.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#list-all-snippets-for-a-user
+// https://docs.gitlab.com/api/snippets/#list-all-snippets-for-current-user
 func (s *SnippetsService) ListSnippets(opt *ListSnippetsOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "snippets", opt, options)
 	if err != nil {
@@ -108,7 +108,7 @@ func (s *SnippetsService) ListSnippets(opt *ListSnippetsOptions, options ...Requ
 // GetSnippet gets a single snippet
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#get-a-single-snippet
+// https://docs.gitlab.com/api/snippets/#get-a-single-snippet
 func (s *SnippetsService) GetSnippet(snippet int, options ...RequestOptionFunc) (*Snippet, *Response, error) {
 	u := fmt.Sprintf("snippets/%d", snippet)
 
@@ -129,7 +129,7 @@ func (s *SnippetsService) GetSnippet(snippet int, options ...RequestOptionFunc)
 // SnippetContent gets a single snippet’s raw contents.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#single-snippet-contents
+// https://docs.gitlab.com/api/snippets/#single-snippet-contents
 func (s *SnippetsService) SnippetContent(snippet int, options ...RequestOptionFunc) ([]byte, *Response, error) {
 	u := fmt.Sprintf("snippets/%d/raw", snippet)
 
@@ -150,7 +150,7 @@ func (s *SnippetsService) SnippetContent(snippet int, options ...RequestOptionFu
 // SnippetFileContent returns the raw file content as plain text.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#snippet-repository-file-content
+// https://docs.gitlab.com/api/snippets/#snippet-repository-file-content
 func (s *SnippetsService) SnippetFileContent(snippet int, ref, filename string, options ...RequestOptionFunc) ([]byte, *Response, error) {
 	filepath := PathEscape(filename)
 	u := fmt.Sprintf("snippets/%d/files/%s/%s/raw", snippet, ref, filepath)
@@ -172,7 +172,7 @@ func (s *SnippetsService) SnippetFileContent(snippet int, ref, filename string,
 // CreateSnippetFileOptions represents the create snippet file options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#create-new-snippet
+// https://docs.gitlab.com/api/snippets/#create-new-snippet
 type CreateSnippetFileOptions struct {
 	FilePath *string `url:"file_path,omitempty" json:"file_path,omitempty"`
 	Content  *string `url:"content,omitempty" json:"content,omitempty"`
@@ -181,7 +181,7 @@ type CreateSnippetFileOptions struct {
 // CreateSnippetOptions represents the available CreateSnippet() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#create-new-snippet
+// https://docs.gitlab.com/api/snippets/#create-new-snippet
 type CreateSnippetOptions struct {
 	Title       *string                      `url:"title,omitempty" json:"title,omitempty"`
 	FileName    *string                      `url:"file_name,omitempty" json:"file_name,omitempty"`
@@ -195,7 +195,7 @@ type CreateSnippetOptions struct {
 // to create new snippets.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#create-new-snippet
+// https://docs.gitlab.com/api/snippets/#create-new-snippet
 func (s *SnippetsService) CreateSnippet(opt *CreateSnippetOptions, options ...RequestOptionFunc) (*Snippet, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "snippets", opt, options)
 	if err != nil {
@@ -214,7 +214,7 @@ func (s *SnippetsService) CreateSnippet(opt *CreateSnippetOptions, options ...Re
 // UpdateSnippetFileOptions represents the update snippet file options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#update-snippet
+// https://docs.gitlab.com/api/snippets/#update-snippet
 type UpdateSnippetFileOptions struct {
 	Action       *string `url:"action,omitempty" json:"action,omitempty"`
 	FilePath     *string `url:"file_path,omitempty" json:"file_path,omitempty"`
@@ -225,7 +225,7 @@ type UpdateSnippetFileOptions struct {
 // UpdateSnippetOptions represents the available UpdateSnippet() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#update-snippet
+// https://docs.gitlab.com/api/snippets/#update-snippet
 type UpdateSnippetOptions struct {
 	Title       *string                      `url:"title,omitempty" json:"title,omitempty"`
 	FileName    *string                      `url:"file_name,omitempty" json:"file_name,omitempty"`
@@ -239,7 +239,7 @@ type UpdateSnippetOptions struct {
 // permission to change an existing snippet.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#update-snippet
+// https://docs.gitlab.com/api/snippets/#update-snippet
 func (s *SnippetsService) UpdateSnippet(snippet int, opt *UpdateSnippetOptions, options ...RequestOptionFunc) (*Snippet, *Response, error) {
 	u := fmt.Sprintf("snippets/%d", snippet)
 
@@ -262,7 +262,7 @@ func (s *SnippetsService) UpdateSnippet(snippet int, opt *UpdateSnippetOptions,
 // code.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#delete-snippet
+// https://docs.gitlab.com/api/snippets/#delete-snippet
 func (s *SnippetsService) DeleteSnippet(snippet int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("snippets/%d", snippet)
 
@@ -277,13 +277,13 @@ func (s *SnippetsService) DeleteSnippet(snippet int, options ...RequestOptionFun
 // ExploreSnippetsOptions represents the available ExploreSnippets() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#list-all-public-snippets
+// https://docs.gitlab.com/api/snippets/#list-all-public-snippets
 type ExploreSnippetsOptions ListOptions
 
 // ExploreSnippets gets the list of public snippets.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#list-all-public-snippets
+// https://docs.gitlab.com/api/snippets/#list-all-public-snippets
 func (s *SnippetsService) ExploreSnippets(opt *ExploreSnippetsOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "snippets/public", opt, options)
 	if err != nil {
@@ -302,7 +302,7 @@ func (s *SnippetsService) ExploreSnippets(opt *ExploreSnippetsOptions, options .
 // ListAllSnippetsOptions represents the available ListAllSnippets() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#list-all-snippets
+// https://docs.gitlab.com/api/snippets/#list-all-snippets
 type ListAllSnippetsOptions struct {
 	ListOptions
 	CreatedAfter      *ISOTime `url:"created_after,omitempty" json:"created_after,omitempty"`
@@ -313,7 +313,7 @@ type ListAllSnippetsOptions struct {
 // ListAllSnippets gets all snippets the current user has access to.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/snippets.html#list-all-snippets
+// https://docs.gitlab.com/api/snippets/#list-all-snippets
 func (s *SnippetsService) ListAllSnippets(opt *ListAllSnippetsOptions, options ...RequestOptionFunc) ([]*Snippet, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "snippets/all", opt, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/strings.go b/vendor/gitlab.com/gitlab-org/api/client-go/strings.go
index efbd10ffd5..def37b2552 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/strings.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/strings.go
@@ -25,7 +25,7 @@ import (
 // Stringify attempts to create a reasonable string representation of types in
 // the Gitlab library.  It does things like resolve pointers to their values
 // and omits struct fields with nil values.
-func Stringify(message interface{}) string {
+func Stringify(message any) string {
 	var buf bytes.Buffer
 	v := reflect.ValueOf(message)
 	stringifyValue(&buf, v)
@@ -46,7 +46,7 @@ func stringifyValue(buf *bytes.Buffer, val reflect.Value) {
 		fmt.Fprintf(buf, `"%s"`, v)
 	case reflect.Slice:
 		buf.WriteByte('[')
-		for i := 0; i < v.Len(); i++ {
+		for i := range v.Len() {
 			if i > 0 {
 				buf.WriteByte(' ')
 			}
@@ -64,7 +64,7 @@ func stringifyValue(buf *bytes.Buffer, val reflect.Value) {
 		buf.WriteByte('{')
 
 		var sep bool
-		for i := 0; i < v.NumField(); i++ {
+		for i := range v.NumField() {
 			fv := v.Field(i)
 			if fv.Kind() == reflect.Ptr && fv.IsNil() {
 				continue
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/system_hooks.go b/vendor/gitlab.com/gitlab-org/api/client-go/system_hooks.go
index a4ac982dcd..7fe26a4618 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/system_hooks.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/system_hooks.go
@@ -34,7 +34,7 @@ type (
 	// SystemHooksService handles communication with the system hooks related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/system_hooks.html
+	// GitLab API docs: https://docs.gitlab.com/api/system_hooks/
 	SystemHooksService struct {
 		client *Client
 	}
@@ -44,7 +44,7 @@ var _ SystemHooksServiceInterface = (*SystemHooksService)(nil)
 
 // Hook represents a GitLap system hook.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/system_hooks.html
+// GitLab API docs: https://docs.gitlab.com/api/system_hooks/
 type Hook struct {
 	ID                     int        `json:"id"`
 	URL                    string     `json:"url"`
@@ -63,7 +63,7 @@ func (h Hook) String() string {
 // ListHooks gets a list of system hooks.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/system_hooks.html#list-system-hooks
+// https://docs.gitlab.com/api/system_hooks/#list-system-hooks
 func (s *SystemHooksService) ListHooks(options ...RequestOptionFunc) ([]*Hook, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "hooks", nil, options)
 	if err != nil {
@@ -82,7 +82,7 @@ func (s *SystemHooksService) ListHooks(options ...RequestOptionFunc) ([]*Hook, *
 // GetHook get a single system hook.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/system_hooks.html#get-system-hook
+// https://docs.gitlab.com/api/system_hooks/#get-system-hook
 func (s *SystemHooksService) GetHook(hook int, options ...RequestOptionFunc) (*Hook, *Response, error) {
 	u := fmt.Sprintf("hooks/%d", hook)
 
@@ -103,7 +103,7 @@ func (s *SystemHooksService) GetHook(hook int, options ...RequestOptionFunc) (*H
 // AddHookOptions represents the available AddHook() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/system_hooks.html#add-new-system-hook
+// https://docs.gitlab.com/api/system_hooks/#add-new-system-hook
 type AddHookOptions struct {
 	URL                    *string `url:"url,omitempty" json:"url,omitempty"`
 	Token                  *string `url:"token,omitempty" json:"token,omitempty"`
@@ -117,7 +117,7 @@ type AddHookOptions struct {
 // AddHook adds a new system hook hook.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/system_hooks.html#add-new-system-hook
+// https://docs.gitlab.com/api/system_hooks/#add-new-system-hook
 func (s *SystemHooksService) AddHook(opt *AddHookOptions, options ...RequestOptionFunc) (*Hook, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "hooks", opt, options)
 	if err != nil {
@@ -135,7 +135,7 @@ func (s *SystemHooksService) AddHook(opt *AddHookOptions, options ...RequestOpti
 
 // HookEvent represents an event trigger by a GitLab system hook.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/system_hooks.html
+// GitLab API docs: https://docs.gitlab.com/api/system_hooks/
 type HookEvent struct {
 	EventName  string `json:"event_name"`
 	Name       string `json:"name"`
@@ -152,7 +152,7 @@ func (h HookEvent) String() string {
 // TestHook tests a system hook.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/system_hooks.html#test-system-hook
+// https://docs.gitlab.com/api/system_hooks/#test-system-hook
 func (s *SystemHooksService) TestHook(hook int, options ...RequestOptionFunc) (*HookEvent, *Response, error) {
 	u := fmt.Sprintf("hooks/%d", hook)
 
@@ -175,7 +175,7 @@ func (s *SystemHooksService) TestHook(hook int, options ...RequestOptionFunc) (*
 // is also returned as JSON.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/system_hooks.html#delete-system-hook
+// https://docs.gitlab.com/api/system_hooks/#delete-system-hook
 func (s *SystemHooksService) DeleteHook(hook int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("hooks/%d", hook)
 
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/tags.go b/vendor/gitlab.com/gitlab-org/api/client-go/tags.go
index e59d74cdf3..43b0e37a20 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/tags.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/tags.go
@@ -18,16 +18,18 @@ package gitlab
 
 import (
 	"fmt"
+	"math/big"
 	"net/http"
 	"net/url"
 )
 
 type (
 	TagsServiceInterface interface {
-		ListTags(pid interface{}, opt *ListTagsOptions, options ...RequestOptionFunc) ([]*Tag, *Response, error)
-		GetTag(pid interface{}, tag string, options ...RequestOptionFunc) (*Tag, *Response, error)
-		CreateTag(pid interface{}, opt *CreateTagOptions, options ...RequestOptionFunc) (*Tag, *Response, error)
-		DeleteTag(pid interface{}, tag string, options ...RequestOptionFunc) (*Response, error)
+		ListTags(pid any, opt *ListTagsOptions, options ...RequestOptionFunc) ([]*Tag, *Response, error)
+		GetTag(pid any, tag string, options ...RequestOptionFunc) (*Tag, *Response, error)
+		GetTagSignature(pid any, tag string, options ...RequestOptionFunc) (*X509Signature, *Response, error)
+		CreateTag(pid any, opt *CreateTagOptions, options ...RequestOptionFunc) (*Tag, *Response, error)
+		DeleteTag(pid any, tag string, options ...RequestOptionFunc) (*Response, error)
 	}
 
 	// TagsService handles communication with the tags related methods
@@ -53,6 +55,32 @@ type Tag struct {
 	Target    string       `json:"target"`
 }
 
+// X509Signature represents a GitLab Tag Signature object.
+//
+// GitLab API docs: https://docs.gitlab.com/api/tags/#get-x509-signature-of-a-tag
+type X509Signature struct {
+	SignatureType      string          `json:"signature_type"`
+	VerificationStatus string          `json:"verification_status"`
+	X509Certificate    X509Certificate `json:"x509_certificate"`
+}
+
+type X509Certificate struct {
+	ID                   int        `json:"id"`
+	Subject              string     `json:"subject"`
+	SubjectKeyIdentifier string     `json:"subject_key_identifier"`
+	Email                string     `json:"email"`
+	SerialNumber         *big.Int   `json:"serial_number"`
+	CertificateStatus    string     `json:"certificate_status"`
+	X509Issuer           X509Issuer `json:"x509_issuer"`
+}
+
+type X509Issuer struct {
+	ID                   int    `json:"id"`
+	Subject              string `json:"subject"`
+	SubjectKeyIdentifier string `json:"subject_key_identifier"`
+	CrlUrl               string `json:"crl_url"`
+}
+
 // ReleaseNote represents a GitLab version release.
 //
 // GitLab API docs: https://docs.gitlab.com/api/tags/
@@ -81,7 +109,7 @@ type ListTagsOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/tags/#list-project-repository-tags
-func (s *TagsService) ListTags(pid interface{}, opt *ListTagsOptions, options ...RequestOptionFunc) ([]*Tag, *Response, error) {
+func (s *TagsService) ListTags(pid any, opt *ListTagsOptions, options ...RequestOptionFunc) ([]*Tag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -107,7 +135,7 @@ func (s *TagsService) ListTags(pid interface{}, opt *ListTagsOptions, options ..
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/tags/#get-a-single-repository-tag
-func (s *TagsService) GetTag(pid interface{}, tag string, options ...RequestOptionFunc) (*Tag, *Response, error) {
+func (s *TagsService) GetTag(pid any, tag string, options ...RequestOptionFunc) (*Tag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -128,6 +156,32 @@ func (s *TagsService) GetTag(pid interface{}, tag string, options ...RequestOpti
 	return t, resp, nil
 }
 
+// GetTagSignature a specific repository tag determined by its name. It returns 200 together
+// with the signature if the tag exists. It returns 404 if the tag does not exist.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/tags/#get-x509-signature-of-a-tag
+func (s *TagsService) GetTagSignature(pid any, tag string, options ...RequestOptionFunc) (*X509Signature, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/repository/tags/%s/signature", PathEscape(project), url.PathEscape(tag))
+
+	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var sig *X509Signature
+	resp, err := s.client.Do(req, &sig)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return sig, resp, nil
+}
+
 // CreateTagOptions represents the available CreateTag() options.
 //
 // GitLab API docs:
@@ -142,7 +196,7 @@ type CreateTagOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/tags/#create-a-new-tag
-func (s *TagsService) CreateTag(pid interface{}, opt *CreateTagOptions, options ...RequestOptionFunc) (*Tag, *Response, error) {
+func (s *TagsService) CreateTag(pid any, opt *CreateTagOptions, options ...RequestOptionFunc) (*Tag, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -167,7 +221,7 @@ func (s *TagsService) CreateTag(pid interface{}, opt *CreateTagOptions, options
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/tags/#delete-a-tag
-func (s *TagsService) DeleteTag(pid interface{}, tag string, options ...RequestOptionFunc) (*Response, error) {
+func (s *TagsService) DeleteTag(pid any, tag string, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/terraform_states.go b/vendor/gitlab.com/gitlab-org/api/client-go/terraform_states.go
new file mode 100644
index 0000000000..0c4bea4066
--- /dev/null
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/terraform_states.go
@@ -0,0 +1,232 @@
+package gitlab
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"net/http"
+	"time"
+)
+
+type (
+	TerraformStatesServiceInterface interface {
+		List(projectFullPath string) ([]TerraformState, *Response, error)
+		Get(projectFullPath string, name string) (*TerraformState, *Response, error)
+		Download(pid any, name string, serial uint64, options ...RequestOptionFunc) (io.Reader, *Response, error)
+		DownloadLatest(pid any, name string, options ...RequestOptionFunc) (io.Reader, *Response, error)
+		Delete(pid any, name string, options ...RequestOptionFunc) (*Response, error)
+		Lock(pid any, name string, options ...RequestOptionFunc) (*Response, error)
+		Unlock(pid any, name string, options ...RequestOptionFunc) (*Response, error)
+	}
+
+	// TerraformStatesService handles communication with the GitLab-managed Terraform state API
+	//
+	// GitLab API docs: https://docs.gitlab.com/user/infrastructure/iac/terraform_state/
+	TerraformStatesService struct {
+		client *Client
+	}
+)
+
+var _ TerraformStatesServiceInterface = (*TerraformStatesService)(nil)
+
+// GitLab API docs: https://docs.gitlab.com/api/graphql/reference/#terraformstate
+type TerraformState struct {
+	Name          string                `json:"name"`
+	LatestVersion TerraformStateVersion `json:"latestVersion"`
+	CreatedAt     time.Time             `json:"createdAt"`
+	UpdatedAt     time.Time             `json:"updatedAt"`
+	DeletedAt     time.Time             `json:"deletedAt"`
+	LockedAt      time.Time             `json:"lockedAt"`
+}
+
+// GitLab API docs: https://docs.gitlab.com/api/graphql/reference/#terraformstateversion
+type TerraformStateVersion struct {
+	Serial       uint64    `json:"serial"`
+	DownloadPath string    `json:"downloadPath"`
+	CreatedAt    time.Time `json:"createdAt"`
+	UpdatedAt    time.Time `json:"updatedAt"`
+}
+
+// List returns all Terraform states
+func (s *TerraformStatesService) List(projectFullPath string) ([]TerraformState, *Response, error) {
+	query := GraphQLQuery{
+		Query: fmt.Sprintf(`
+			query {
+				project(fullPath: %q) {
+					terraformStates {
+						nodes {
+							name
+							createdAt
+							deletedAt
+							latestVersion {
+								createdAt
+								updatedAt
+								downloadPath
+								serial
+							}
+							updatedAt
+							lockedAt
+						}
+					}
+				}
+			}
+		`, projectFullPath),
+	}
+
+	var response struct {
+		Data struct {
+			Project *struct {
+				TerraformStates struct {
+					Nodes []TerraformState `json:"nodes"`
+				} `json:"terraformStates"`
+			} `json:"project"`
+		} `json:"data"`
+	}
+	resp, err := s.client.GraphQL.Do(query, &response)
+	if err != nil {
+		return nil, resp, err
+	}
+	if response.Data.Project == nil {
+		return nil, resp, ErrNotFound
+	}
+
+	return response.Data.Project.TerraformStates.Nodes, resp, nil
+}
+
+// Get returns a single Terraform state
+func (s *TerraformStatesService) Get(projectFullPath string, name string) (*TerraformState, *Response, error) {
+	query := GraphQLQuery{
+		Query: fmt.Sprintf(`
+			query {
+				project(fullPath: %q) {
+					terraformState(name: %q) {
+						name
+						createdAt
+						deletedAt
+						latestVersion {
+							createdAt
+							updatedAt
+							downloadPath
+							serial
+						}
+						updatedAt
+						lockedAt
+					}
+				}
+			}
+		`, projectFullPath, name),
+	}
+
+	var response struct {
+		Data struct {
+			Project *struct {
+				TerraformState *TerraformState `json:"terraformState"`
+			} `json:"project"`
+		} `json:"data"`
+	}
+	resp, err := s.client.GraphQL.Do(query, &response)
+	if err != nil {
+		return nil, resp, err
+	}
+	if response.Data.Project == nil || response.Data.Project.TerraformState == nil {
+		return nil, resp, ErrNotFound
+	}
+
+	return response.Data.Project.TerraformState, resp, nil
+}
+
+func (s *TerraformStatesService) DownloadLatest(pid any, name string, options ...RequestOptionFunc) (io.Reader, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	uri := fmt.Sprintf("projects/%s/terraform/state/%s", PathEscape(project), PathEscape(name))
+
+	req, err := s.client.NewRequest(http.MethodGet, uri, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var b bytes.Buffer
+	resp, err := s.client.Do(req, &b)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return &b, resp, nil
+}
+
+func (s *TerraformStatesService) Download(pid any, name string, serial uint64, options ...RequestOptionFunc) (io.Reader, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	uri := fmt.Sprintf("projects/%s/terraform/state/%s/versions/%d", PathEscape(project), PathEscape(name), serial)
+
+	req, err := s.client.NewRequest(http.MethodGet, uri, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var b bytes.Buffer
+	resp, err := s.client.Do(req, &b)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return &b, resp, nil
+}
+
+// Delete deletes a single Terraform state
+//
+// GitLab API docs: https://docs.gitlab.com/user/infrastructure/iac/terraform_state/
+func (s *TerraformStatesService) Delete(pid any, name string, options ...RequestOptionFunc) (*Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, err
+	}
+	uri := fmt.Sprintf("projects/%s/terraform/state/%s", PathEscape(project), PathEscape(name))
+
+	req, err := s.client.NewRequest(http.MethodDelete, uri, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
+
+// Lock locks a single Terraform state
+//
+// GitLab API docs: https://docs.gitlab.com/user/infrastructure/iac/terraform_state/
+func (s *TerraformStatesService) Lock(pid any, name string, options ...RequestOptionFunc) (*Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, err
+	}
+	uri := fmt.Sprintf("projects/%s/terraform/state/%s/lock", PathEscape(project), PathEscape(name))
+
+	req, err := s.client.NewRequest(http.MethodPost, uri, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
+
+// Unlock unlocks a single Terraform state
+//
+// GitLab API docs: https://docs.gitlab.com/user/infrastructure/iac/terraform_state/
+func (s *TerraformStatesService) Unlock(pid any, name string, options ...RequestOptionFunc) (*Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, err
+	}
+	uri := fmt.Sprintf("projects/%s/terraform/state/%s/lock", PathEscape(project), PathEscape(name))
+
+	req, err := s.client.NewRequest(http.MethodDelete, uri, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/time_stats.go b/vendor/gitlab.com/gitlab-org/api/client-go/time_stats.go
index 0ce2d6751f..580acf1a67 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/time_stats.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/time_stats.go
@@ -24,14 +24,14 @@ import (
 // timeStatsService handles communication with the time tracking related
 // methods of the GitLab API.
 //
-// GitLab docs: https://docs.gitlab.com/ee/workflow/time_tracking.html
+// GitLab docs: https://docs.gitlab.com/api/issues/#time-tracking
 type timeStatsService struct {
 	client *Client
 }
 
 // TimeStats represents the time estimates and time spent for an issue.
 //
-// GitLab docs: https://docs.gitlab.com/ee/workflow/time_tracking.html
+// GitLab docs: https://docs.gitlab.com/api/issues/#time-tracking
 type TimeStats struct {
 	HumanTimeEstimate   string `json:"human_time_estimate"`
 	HumanTotalTimeSpent string `json:"human_total_time_spent"`
@@ -46,15 +46,15 @@ func (t TimeStats) String() string {
 // SetTimeEstimateOptions represents the available SetTimeEstimate()
 // options.
 //
-// GitLab docs: https://docs.gitlab.com/ee/workflow/time_tracking.html
+// GitLab docs: https://docs.gitlab.com/api/issues/#set-a-time-estimate-for-an-issue
 type SetTimeEstimateOptions struct {
 	Duration *string `url:"duration,omitempty" json:"duration,omitempty"`
 }
 
 // setTimeEstimate sets the time estimate for a single project issue.
 //
-// GitLab docs: https://docs.gitlab.com/ee/workflow/time_tracking.html
-func (s *timeStatsService) setTimeEstimate(pid interface{}, entity string, issue int, opt *SetTimeEstimateOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// GitLab docs: https://docs.gitlab.com/api/issues/#set-a-time-estimate-for-an-issue
+func (s *timeStatsService) setTimeEstimate(pid any, entity string, issue int, opt *SetTimeEstimateOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -77,8 +77,8 @@ func (s *timeStatsService) setTimeEstimate(pid interface{}, entity string, issue
 
 // resetTimeEstimate resets the time estimate for a single project issue.
 //
-// GitLab docs: https://docs.gitlab.com/ee/workflow/time_tracking.html
-func (s *timeStatsService) resetTimeEstimate(pid interface{}, entity string, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// GitLab docs: https://docs.gitlab.com/api/issues/#reset-the-time-estimate-for-an-issue
+func (s *timeStatsService) resetTimeEstimate(pid any, entity string, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -101,7 +101,7 @@ func (s *timeStatsService) resetTimeEstimate(pid interface{}, entity string, iss
 
 // AddSpentTimeOptions represents the available AddSpentTime() options.
 //
-// GitLab docs: https://docs.gitlab.com/ee/workflow/time_tracking.html
+// GitLab docs: https://docs.gitlab.com/api/issues/#add-spent-time-for-an-issue
 type AddSpentTimeOptions struct {
 	Duration *string `url:"duration,omitempty" json:"duration,omitempty"`
 	Summary  *string `url:"summary,omitempty" json:"summary,omitempty"`
@@ -109,8 +109,8 @@ type AddSpentTimeOptions struct {
 
 // addSpentTime adds spent time for a single project issue.
 //
-// GitLab docs: https://docs.gitlab.com/ee/workflow/time_tracking.html
-func (s *timeStatsService) addSpentTime(pid interface{}, entity string, issue int, opt *AddSpentTimeOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// GitLab docs: https://docs.gitlab.com/api/issues/#add-spent-time-for-an-issue
+func (s *timeStatsService) addSpentTime(pid any, entity string, issue int, opt *AddSpentTimeOptions, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -133,8 +133,8 @@ func (s *timeStatsService) addSpentTime(pid interface{}, entity string, issue in
 
 // resetSpentTime resets the spent time for a single project issue.
 //
-// GitLab docs: https://docs.gitlab.com/ee/workflow/time_tracking.html
-func (s *timeStatsService) resetSpentTime(pid interface{}, entity string, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// GitLab docs: https://docs.gitlab.com/api/issues/#reset-spent-time-for-an-issue
+func (s *timeStatsService) resetSpentTime(pid any, entity string, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -157,8 +157,8 @@ func (s *timeStatsService) resetSpentTime(pid interface{}, entity string, issue
 
 // getTimeSpent gets the spent time for a single project issue.
 //
-// GitLab docs: https://docs.gitlab.com/ee/workflow/time_tracking.html
-func (s *timeStatsService) getTimeSpent(pid interface{}, entity string, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
+// GitLab docs: https://docs.gitlab.com/api/issues/#get-time-tracking-stats
+func (s *timeStatsService) getTimeSpent(pid any, entity string, issue int, options ...RequestOptionFunc) (*TimeStats, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/todos.go b/vendor/gitlab.com/gitlab-org/api/client-go/todos.go
index aff9f8e30b..7711e72509 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/todos.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/todos.go
@@ -32,7 +32,7 @@ type (
 	// TodosService handles communication with the todos related methods of
 	// the Gitlab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/todos.html
+	// GitLab API docs: https://docs.gitlab.com/api/todos/
 	TodosService struct {
 		client *Client
 	}
@@ -42,7 +42,7 @@ var _ TodosServiceInterface = (*TodosService)(nil)
 
 // Todo represents a GitLab todo.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/todos.html
+// GitLab API docs: https://docs.gitlab.com/api/todos/
 type Todo struct {
 	ID         int            `json:"id"`
 	Project    *BasicProject  `json:"project"`
@@ -68,7 +68,7 @@ type TodoTarget struct {
 	CreatedAt            *time.Time             `json:"created_at"`
 	Description          string                 `json:"description"`
 	Downvotes            int                    `json:"downvotes"`
-	ID                   interface{}            `json:"id"`
+	ID                   any                    `json:"id"`
 	IID                  int                    `json:"iid"`
 	Labels               []string               `json:"labels"`
 	Milestone            *Milestone             `json:"milestone"`
@@ -116,12 +116,13 @@ type TodoTarget struct {
 
 // ListTodosOptions represents the available ListTodos() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/todos.html#get-a-list-of-to-do-items
+// GitLab API docs: https://docs.gitlab.com/api/todos/#get-a-list-of-to-do-items
 type ListTodosOptions struct {
 	ListOptions
 	Action    *TodoAction `url:"action,omitempty" json:"action,omitempty"`
 	AuthorID  *int        `url:"author_id,omitempty" json:"author_id,omitempty"`
 	ProjectID *int        `url:"project_id,omitempty" json:"project_id,omitempty"`
+	GroupID   *int        `url:"group_id,omitempty" json:"group_id,omitempty"`
 	State     *string     `url:"state,omitempty" json:"state,omitempty"`
 	Type      *string     `url:"type,omitempty" json:"type,omitempty"`
 }
@@ -130,7 +131,7 @@ type ListTodosOptions struct {
 // When no filter is applied, it returns all pending todos for the current user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/todos.html#get-a-list-of-to-do-items
+// https://docs.gitlab.com/api/todos/#get-a-list-of-to-do-items
 func (s *TodosService) ListTodos(opt *ListTodosOptions, options ...RequestOptionFunc) ([]*Todo, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "todos", opt, options)
 	if err != nil {
@@ -148,7 +149,7 @@ func (s *TodosService) ListTodos(opt *ListTodosOptions, options ...RequestOption
 
 // MarkTodoAsDone marks a single pending todo given by its ID for the current user as done.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/todos.html#mark-a-to-do-item-as-done
+// GitLab API docs: https://docs.gitlab.com/api/todos/#mark-a-to-do-item-as-done
 func (s *TodosService) MarkTodoAsDone(id int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("todos/%d/mark_as_done", id)
 
@@ -162,7 +163,7 @@ func (s *TodosService) MarkTodoAsDone(id int, options ...RequestOptionFunc) (*Re
 
 // MarkAllTodosAsDone marks all pending todos for the current user as done.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/todos.html#mark-all-to-do-items-as-done
+// GitLab API docs: https://docs.gitlab.com/api/todos/#mark-all-to-do-items-as-done
 func (s *TodosService) MarkAllTodosAsDone(options ...RequestOptionFunc) (*Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "todos/mark_as_done", nil, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/topics.go b/vendor/gitlab.com/gitlab-org/api/client-go/topics.go
index 5344824fab..abd4ff453f 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/topics.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/topics.go
@@ -37,7 +37,7 @@ type (
 	// TopicsService handles communication with the topics related methods
 	// of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/topics.html
+	// GitLab API docs: https://docs.gitlab.com/api/topics/
 	TopicsService struct {
 		client *Client
 	}
@@ -47,7 +47,7 @@ var _ TopicsServiceInterface = (*TopicsService)(nil)
 
 // Topic represents a GitLab project topic.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/topics.html
+// GitLab API docs: https://docs.gitlab.com/api/topics/
 type Topic struct {
 	ID                 int    `json:"id"`
 	Name               string `json:"name"`
@@ -63,7 +63,7 @@ func (t Topic) String() string {
 
 // ListTopicsOptions represents the available ListTopics() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/topics.html#list-topics
+// GitLab API docs: https://docs.gitlab.com/api/topics/#list-topics
 type ListTopicsOptions struct {
 	ListOptions
 	Search *string `url:"search,omitempty" json:"search,omitempty"`
@@ -72,7 +72,7 @@ type ListTopicsOptions struct {
 // ListTopics returns a list of project topics in the GitLab instance ordered
 // by number of associated projects.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/topics.html#list-topics
+// GitLab API docs: https://docs.gitlab.com/api/topics/#list-topics
 func (s *TopicsService) ListTopics(opt *ListTopicsOptions, options ...RequestOptionFunc) ([]*Topic, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "topics", opt, options)
 	if err != nil {
@@ -90,7 +90,7 @@ func (s *TopicsService) ListTopics(opt *ListTopicsOptions, options ...RequestOpt
 
 // GetTopic gets a project topic by ID.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/topics.html#get-a-topic
+// GitLab API docs: https://docs.gitlab.com/api/topics/#get-a-topic
 func (s *TopicsService) GetTopic(topic int, options ...RequestOptionFunc) (*Topic, *Response, error) {
 	u := fmt.Sprintf("topics/%d", topic)
 
@@ -111,7 +111,7 @@ func (s *TopicsService) GetTopic(topic int, options ...RequestOptionFunc) (*Topi
 // CreateTopicOptions represents the available CreateTopic() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/topics.html#create-a-project-topic
+// https://docs.gitlab.com/api/topics/#create-a-project-topic
 type CreateTopicOptions struct {
 	Name        *string      `url:"name,omitempty" json:"name,omitempty"`
 	Title       *string      `url:"title,omitempty" json:"title,omitempty"`
@@ -137,7 +137,7 @@ func (a *TopicAvatar) MarshalJSON() ([]byte, error) {
 // CreateTopic creates a new project topic.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/topics.html#create-a-project-topic
+// https://docs.gitlab.com/api/topics/#create-a-project-topic
 func (s *TopicsService) CreateTopic(opt *CreateTopicOptions, options ...RequestOptionFunc) (*Topic, *Response, error) {
 	var err error
 	var req *retryablehttp.Request
@@ -171,7 +171,7 @@ func (s *TopicsService) CreateTopic(opt *CreateTopicOptions, options ...RequestO
 // UpdateTopicOptions represents the available UpdateTopic() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/topics.html#update-a-project-topic
+// https://docs.gitlab.com/api/topics/#update-a-project-topic
 type UpdateTopicOptions struct {
 	Name        *string      `url:"name,omitempty" json:"name,omitempty"`
 	Title       *string      `url:"title,omitempty" json:"title,omitempty"`
@@ -185,7 +185,7 @@ type UpdateTopicOptions struct {
 // and set TopicAvatar.Image to nil.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/topics.html#update-a-project-topic
+// https://docs.gitlab.com/api/topics/#update-a-project-topic
 func (s *TopicsService) UpdateTopic(topic int, opt *UpdateTopicOptions, options ...RequestOptionFunc) (*Topic, *Response, error) {
 	u := fmt.Sprintf("topics/%d", topic)
 
@@ -221,7 +221,7 @@ func (s *TopicsService) UpdateTopic(topic int, opt *UpdateTopicOptions, options
 // DeleteTopic deletes a project topic. Only available to administrators.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/topics.html#delete-a-project-topic
+// https://docs.gitlab.com/api/topics/#delete-a-project-topic
 func (s *TopicsService) DeleteTopic(topic int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("topics/%d", topic)
 
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/types.go b/vendor/gitlab.com/gitlab-org/api/client-go/types.go
index a0c6087273..78c71830c6 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/types.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/types.go
@@ -36,12 +36,12 @@ func Ptr[T any](v T) *T {
 // AccessControlValue represents an access control value within GitLab,
 // used for managing access to certain project features.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html
+// GitLab API docs: https://docs.gitlab.com/api/projects/
 type AccessControlValue string
 
 // List of available access control values.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html
+// GitLab API docs: https://docs.gitlab.com/api/projects/
 const (
 	DisabledAccessControl AccessControlValue = "disabled"
 	EnabledAccessControl  AccessControlValue = "enabled"
@@ -49,14 +49,6 @@ const (
 	PublicAccessControl   AccessControlValue = "public"
 )
 
-// AccessControl is a helper routine that allocates a new AccessControlValue
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func AccessControl(v AccessControlValue) *AccessControlValue {
-	return Ptr(v)
-}
-
 // AccessLevelValue represents a permission level within GitLab.
 //
 // GitLab API docs: https://docs.gitlab.com/user/permissions/#roles
@@ -77,19 +69,23 @@ const (
 	AdminPermissions         AccessLevelValue = 60
 )
 
-// AccessLevel is a helper routine that allocates a new AccessLevelValue
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func AccessLevel(v AccessLevelValue) *AccessLevelValue {
-	return Ptr(v)
-}
-
 type AccessLevelDetails struct {
 	IntegerValue AccessLevelValue `json:"integer_value"`
 	StringValue  string           `json:"string_value"`
 }
 
+// AccessTokenState identifies if an access token is active or inactive.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/group_access_tokens/#list-all-group-access-tokens
+// https://docs.gitlab.com/api/project_access_tokens/#list-all-project-access-tokens
+type AccessTokenState string
+
+const (
+	AccessTokenStateActive   AccessTokenState = "active"
+	AccessTokenStateInactive AccessTokenState = "inactive"
+)
+
 // UserIDValue represents a user ID value within GitLab.
 type UserIDValue string
 
@@ -101,11 +97,11 @@ const (
 
 // ApproverIDsValue represents an approver ID value within GitLab.
 type ApproverIDsValue struct {
-	value interface{}
+	value any
 }
 
 // ApproverIDs is a helper routine that creates a new ApproverIDsValue.
-func ApproverIDs(v interface{}) *ApproverIDsValue {
+func ApproverIDs(v any) *ApproverIDsValue {
 	switch v.(type) {
 	case UserIDValue, []int:
 		return &ApproverIDsValue{value: v}
@@ -141,11 +137,11 @@ func (a *ApproverIDsValue) UnmarshalJSON(bytes []byte) error {
 
 // AssigneeIDValue represents an assignee ID value within GitLab.
 type AssigneeIDValue struct {
-	value interface{}
+	value any
 }
 
 // AssigneeID is a helper routine that creates a new AssigneeIDValue.
-func AssigneeID(v interface{}) *AssigneeIDValue {
+func AssigneeID(v any) *AssigneeIDValue {
 	switch v.(type) {
 	case UserIDValue, int:
 		return &AssigneeIDValue{value: v}
@@ -177,11 +173,11 @@ func (a *AssigneeIDValue) UnmarshalJSON(bytes []byte) error {
 
 // ReviewerIDValue represents a reviewer ID value within GitLab.
 type ReviewerIDValue struct {
-	value interface{}
+	value any
 }
 
 // ReviewerID is a helper routine that creates a new ReviewerIDValue.
-func ReviewerID(v interface{}) *ReviewerIDValue {
+func ReviewerID(v any) *ReviewerIDValue {
 	switch v.(type) {
 	case UserIDValue, int:
 		return &ReviewerIDValue{value: v}
@@ -223,13 +219,23 @@ const (
 	Busy   AvailabilityValue = "busy"
 )
 
-// Availability is a helper routine that allocates a new AvailabilityValue
-// to store v and returns a pointer to it.
+// ClearStatusAfterValue represents the time period after which the user's status will be cleared.
 //
-// Deprecated: Please use Ptr instead.
-func Availability(v AvailabilityValue) *AvailabilityValue {
-	return Ptr(v)
-}
+// The duration is specified using one of the constants defined in this package.
+type ClearStatusAfterValue string
+
+// List of available clear status after values.
+//
+// https://docs.gitlab.com/api/users/#set-your-user-status:~:text=clear_status_after
+const (
+	ClearStatusAfter30Minutes ClearStatusAfterValue = "30_minutes"
+	ClearStatusAfter3Hours    ClearStatusAfterValue = "3_hours"
+	ClearStatusAfter8Hours    ClearStatusAfterValue = "8_hours"
+	ClearStatusAfter1Day      ClearStatusAfterValue = "1_day"
+	ClearStatusAfter3Days     ClearStatusAfterValue = "3_days"
+	ClearStatusAfter7Days     ClearStatusAfterValue = "7_days"
+	ClearStatusAfter30Days    ClearStatusAfterValue = "30_days"
+)
 
 // BuildStateValue represents a GitLab build state.
 type BuildStateValue string
@@ -249,18 +255,10 @@ const (
 	Scheduled          BuildStateValue = "scheduled"
 )
 
-// BuildState is a helper routine that allocates a new BuildStateValue
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func BuildState(v BuildStateValue) *BuildStateValue {
-	return Ptr(v)
-}
-
 // CommentEventAction identifies if a comment has been newly created or updated.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/project/integrations/webhook_events.html#comment-events
+// https://docs.gitlab.com/user/project/integrations/webhook_events/#comment-events
 type CommentEventAction string
 
 const (
@@ -271,7 +269,7 @@ const (
 // ContainerRegistryStatus represents the status of a Container Registry.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/container_registry.html#list-registry-repositories
+// https://docs.gitlab.com/api/container_registry/#list-registry-repositories
 type ContainerRegistryStatus string
 
 // ContainerRegistryStatus represents all valid statuses of a Container Registry.
@@ -322,22 +320,14 @@ const (
 	DeploymentStatusCanceled DeploymentStatusValue = "canceled"
 )
 
-// DeploymentStatus is a helper routine that allocates a new
-// DeploymentStatusValue to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func DeploymentStatus(v DeploymentStatusValue) *DeploymentStatusValue {
-	return Ptr(v)
-}
-
 // DORAMetricType represents all valid DORA metrics types.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/dora/metrics.html
+// GitLab API docs: https://docs.gitlab.com/api/dora/metrics/
 type DORAMetricType string
 
 // List of available DORA metric type names.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/dora/metrics.html
+// GitLab API docs: https://docs.gitlab.com/api/dora/metrics/
 const (
 	DORAMetricDeploymentFrequency  DORAMetricType = "deployment_frequency"
 	DORAMetricLeadTimeForChanges   DORAMetricType = "lead_time_for_changes"
@@ -348,12 +338,12 @@ const (
 // DORAMetricInterval represents the time period over which the
 // metrics are aggregated.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/dora/metrics.html
+// GitLab API docs: https://docs.gitlab.com/api/dora/metrics/
 type DORAMetricInterval string
 
 // List of available DORA metric interval types.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/dora/metrics.html
+// GitLab API docs: https://docs.gitlab.com/api/dora/metrics/
 const (
 	DORAMetricIntervalDaily   DORAMetricInterval = "daily"
 	DORAMetricIntervalMonthly DORAMetricInterval = "monthly"
@@ -366,7 +356,7 @@ type EventTypeValue string
 // List of available action type.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/user/profile/contributions_calendar.html#user-contribution-events
+// https://docs.gitlab.com/user/profile/contributions_calendar/#user-contribution-events
 const (
 	CreatedEventType   EventTypeValue = "created"
 	UpdatedEventType   EventTypeValue = "updated"
@@ -386,7 +376,7 @@ type EventTargetTypeValue string
 
 // List of available action type.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/events.html#target-types
+// GitLab API docs: https://docs.gitlab.com/api/events/#target-types
 const (
 	IssueEventTargetType        EventTargetTypeValue = "issue"
 	MilestoneEventTargetType    EventTargetTypeValue = "milestone"
@@ -400,7 +390,7 @@ const (
 // FileActionValue represents the available actions that can be performed on a file.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/commits.html#create-a-commit-with-multiple-files-and-actions
+// https://docs.gitlab.com/api/commits/#create-a-commit-with-multiple-files-and-actions
 type FileActionValue string
 
 // The available file actions.
@@ -412,14 +402,6 @@ const (
 	FileChmod  FileActionValue = "chmod"
 )
 
-// FileAction is a helper routine that allocates a new FileActionValue value
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func FileAction(v FileActionValue) *FileActionValue {
-	return Ptr(v)
-}
-
 // GenericPackageSelectValue represents a generic package select value.
 type GenericPackageSelectValue string
 
@@ -428,14 +410,6 @@ const (
 	SelectPackageFile GenericPackageSelectValue = "package_file"
 )
 
-// GenericPackageSelect is a helper routine that allocates a new
-// GenericPackageSelectValue value to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func GenericPackageSelect(v GenericPackageSelectValue) *GenericPackageSelectValue {
-	return Ptr(v)
-}
-
 // GenericPackageStatusValue represents a generic package status.
 type GenericPackageStatusValue string
 
@@ -445,14 +419,6 @@ const (
 	PackageHidden  GenericPackageStatusValue = "hidden"
 )
 
-// GenericPackageStatus is a helper routine that allocates a new
-// GenericPackageStatusValue value to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func GenericPackageStatus(v GenericPackageStatusValue) *GenericPackageStatusValue {
-	return Ptr(v)
-}
-
 // GroupHookTrigger represents the type of event to trigger for a group
 // hook test.
 type GroupHookTrigger string
@@ -549,7 +515,7 @@ func (l *LabelOptions) MarshalJSON() ([]byte, error) {
 func (l *LabelOptions) UnmarshalJSON(data []byte) error {
 	type alias LabelOptions
 	if !bytes.HasPrefix(data, []byte("[")) {
-		data = []byte(fmt.Sprintf("[%s]", string(data)))
+		data = fmt.Appendf(nil, "[%s]", string(data))
 	}
 	return json.Unmarshal(data, (*alias)(l))
 }
@@ -566,7 +532,7 @@ type LinkTypeValue string
 // List of available release link types.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/releases/links.html#create-a-release-link
+// https://docs.gitlab.com/api/releases/links/#create-a-release-link
 const (
 	ImageLinkType   LinkTypeValue = "image"
 	OtherLinkType   LinkTypeValue = "other"
@@ -574,57 +540,20 @@ const (
 	RunbookLinkType LinkTypeValue = "runbook"
 )
 
-// LinkType is a helper routine that allocates a new LinkType value
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func LinkType(v LinkTypeValue) *LinkTypeValue {
-	return Ptr(v)
-}
-
-// LicenseApprovalStatusValue describe the approval statuses of a license.
-//
-// GitLab API docs: https://docs.gitlab.com/ee/api/managed_licenses.html
-type LicenseApprovalStatusValue string
-
-// List of available license approval statuses.
-const (
-	LicenseApproved    LicenseApprovalStatusValue = "approved"
-	LicenseBlacklisted LicenseApprovalStatusValue = "blacklisted"
-	LicenseAllowed     LicenseApprovalStatusValue = "allowed"
-	LicenseDenied      LicenseApprovalStatusValue = "denied"
-)
-
-// LicenseApprovalStatus is a helper routine that allocates a new license
-// approval status value to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func LicenseApprovalStatus(v LicenseApprovalStatusValue) *LicenseApprovalStatusValue {
-	return Ptr(v)
-}
-
 // MergeMethodValue represents a project merge type within GitLab.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#project-merge-method
+// GitLab API docs: https://docs.gitlab.com/api/projects/#project-merge-method
 type MergeMethodValue string
 
 // List of available merge type
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#project-merge-method
+// GitLab API docs: https://docs.gitlab.com/api/projects/#project-merge-method
 const (
 	NoFastForwardMerge MergeMethodValue = "merge"
 	FastForwardMerge   MergeMethodValue = "ff"
 	RebaseMerge        MergeMethodValue = "rebase_merge"
 )
 
-// MergeMethod is a helper routine that allocates a new MergeMethod
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func MergeMethod(v MergeMethodValue) *MergeMethodValue {
-	return Ptr(v)
-}
-
 // NoteTypeValue represents the type of a Note.
 type NoteTypeValue string
 
@@ -636,14 +565,6 @@ const (
 	LegacyDiffNote NoteTypeValue = "LegacyDiffNote"
 )
 
-// NoteType is a helper routine that allocates a new NoteTypeValue to
-// store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func NoteType(v NoteTypeValue) *NoteTypeValue {
-	return Ptr(v)
-}
-
 // NotificationLevelValue represents a notification level.
 type NotificationLevelValue int
 
@@ -659,7 +580,7 @@ func (l NotificationLevelValue) MarshalJSON() ([]byte, error) {
 
 // UnmarshalJSON implements the json.Unmarshaler interface.
 func (l *NotificationLevelValue) UnmarshalJSON(data []byte) error {
-	var raw interface{}
+	var raw any
 	if err := json.Unmarshal(data, &raw); err != nil {
 		return err
 	}
@@ -706,44 +627,70 @@ var notificationLevelTypes = map[string]NotificationLevelValue{
 	"custom":        CustomNotificationLevel,
 }
 
-// NotificationLevel is a helper routine that allocates a new NotificationLevelValue
-// to store v and returns a pointer to it.
+// DependencyPackageManagerValue represents a dependency package manager.
 //
-// Deprecated: Please use Ptr instead.
-func NotificationLevel(v NotificationLevelValue) *NotificationLevelValue {
-	return Ptr(v)
-}
+// GitLab API docs: https://docs.gitlab.com/api/dependencies/
+type DependencyPackageManagerValue string
+
+// List of available package manager for dependencies
+//
+// GitLab API docs: https://docs.gitlab.com/api/dependencies/
+const (
+	Bundler    DependencyPackageManagerValue = "bundler"
+	Composer   DependencyPackageManagerValue = "composer"
+	Conan      DependencyPackageManagerValue = "conan"
+	Go         DependencyPackageManagerValue = "go"
+	Gradle     DependencyPackageManagerValue = "gradle"
+	Maven      DependencyPackageManagerValue = "maven"
+	NPM        DependencyPackageManagerValue = "npm"
+	NuGet      DependencyPackageManagerValue = "nuget"
+	Pip        DependencyPackageManagerValue = "pip"
+	Pipenv     DependencyPackageManagerValue = "pipenv"
+	PNPM       DependencyPackageManagerValue = "pnpm"
+	Yarn       DependencyPackageManagerValue = "yarn"
+	SBT        DependencyPackageManagerValue = "sbt"
+	Setuptools DependencyPackageManagerValue = "setuptools"
+)
+
+// PipelineScheduleScopeValue represents a pipeline schedule scope within GitLab.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/pipeline_schedules/#get-all-pipeline-schedules
+type PipelineScheduleScopeValue string
+
+// List of available pipeline schedule scope values.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/api/pipeline_schedules/#get-all-pipeline-schedules
+const (
+	PipelineScheduleActive   PipelineScheduleScopeValue = "active"
+	PipelineScheduleInactive PipelineScheduleScopeValue = "inactive"
+)
 
 // ProjectCreationLevelValue represents a project creation level within GitLab.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/
+// GitLab API docs: https://docs.gitlab.com/api/groups/
 type ProjectCreationLevelValue string
 
 // List of available project creation levels.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/
+// GitLab API docs: https://docs.gitlab.com/api/groups/
 const (
-	NoOneProjectCreation      ProjectCreationLevelValue = "noone"
-	MaintainerProjectCreation ProjectCreationLevelValue = "maintainer"
-	DeveloperProjectCreation  ProjectCreationLevelValue = "developer"
-	OwnerProjectCreation      ProjectCreationLevelValue = "owner"
+	NoOneProjectCreation         ProjectCreationLevelValue = "noone"
+	MaintainerProjectCreation    ProjectCreationLevelValue = "maintainer"
+	DeveloperProjectCreation     ProjectCreationLevelValue = "developer"
+	OwnerProjectCreation         ProjectCreationLevelValue = "owner"
+	AdministratorProjectCreation ProjectCreationLevelValue = "administrator"
 )
 
-// ProjectCreationLevel is a helper routine that allocates a new ProjectCreationLevelValue
-// to store v and returns a pointer to it.
-// Please use Ptr instead.
-func ProjectCreationLevel(v ProjectCreationLevelValue) *ProjectCreationLevelValue {
-	return Ptr(v)
-}
-
 // ProjectHookEvent represents a project hook event.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#hook-events
+// GitLab API docs: https://docs.gitlab.com/api/projects/#hook-events
 type ProjectHookEvent string
 
 // List of available project hook events.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#hook-events
+// GitLab API docs: https://docs.gitlab.com/api/projects/#hook-events
 const (
 	ProjectHookEventPush                ProjectHookEvent = "push_events"
 	ProjectHookEventTagPush             ProjectHookEvent = "tag_push_events"
@@ -763,13 +710,13 @@ const (
 // within a GitLab project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/ci/resource_groups/index.html#process-modes
+// https://docs.gitlab.com/ci/resource_groups/#process-modes
 type ResourceGroupProcessMode string
 
 // List of available resource group process modes.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/ci/resource_groups/index.html#process-modes
+// https://docs.gitlab.com/ci/resource_groups/#process-modes
 const (
 	Unordered   ResourceGroupProcessMode = "unordered"
 	OldestFirst ResourceGroupProcessMode = "oldest_first"
@@ -780,13 +727,13 @@ const (
 // group’s subgroups and projects.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/groups.html#options-for-shared_runners_setting
+// https://docs.gitlab.com/api/groups/#options-for-shared_runners_setting
 type SharedRunnersSettingValue string
 
 // List of available shared runner setting levels.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/groups.html#options-for-shared_runners_setting
+// https://docs.gitlab.com/api/groups/#options-for-shared_runners_setting
 const (
 	EnabledSharedRunnersSettingValue                  SharedRunnersSettingValue = "enabled"
 	DisabledAndOverridableSharedRunnersSettingValue   SharedRunnersSettingValue = "disabled_and_overridable"
@@ -797,43 +744,27 @@ const (
 	DisabledWithOverrideSharedRunnersSettingValue SharedRunnersSettingValue = "disabled_with_override"
 )
 
-// SharedRunnersSetting is a helper routine that allocates a new SharedRunnersSettingValue
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func SharedRunnersSetting(v SharedRunnersSettingValue) *SharedRunnersSettingValue {
-	return Ptr(v)
-}
-
 // SubGroupCreationLevelValue represents a sub group creation level within GitLab.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/
+// GitLab API docs: https://docs.gitlab.com/api/groups/
 type SubGroupCreationLevelValue string
 
 // List of available sub group creation levels.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/
+// GitLab API docs: https://docs.gitlab.com/api/groups/
 const (
 	OwnerSubGroupCreationLevelValue      SubGroupCreationLevelValue = "owner"
 	MaintainerSubGroupCreationLevelValue SubGroupCreationLevelValue = "maintainer"
 )
 
-// SubGroupCreationLevel is a helper routine that allocates a new SubGroupCreationLevelValue
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func SubGroupCreationLevel(v SubGroupCreationLevelValue) *SubGroupCreationLevelValue {
-	return Ptr(v)
-}
-
 // SquashOptionValue represents a squash optional level within GitLab.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#create-project
+// GitLab API docs: https://docs.gitlab.com/api/projects/#create-project
 type SquashOptionValue string
 
 // List of available squash options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html#create-project
+// GitLab API docs: https://docs.gitlab.com/api/projects/#create-project
 const (
 	SquashOptionNever      SquashOptionValue = "never"
 	SquashOptionAlways     SquashOptionValue = "always"
@@ -841,14 +772,6 @@ const (
 	SquashOptionDefaultOn  SquashOptionValue = "default_on"
 )
 
-// SquashOption is a helper routine that allocates a new SquashOptionValue
-// to store s and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func SquashOption(s SquashOptionValue) *SquashOptionValue {
-	return Ptr(s)
-}
-
 // TasksCompletionStatus represents tasks of the issue/merge request.
 type TasksCompletionStatus struct {
 	Count          int `json:"count"`
@@ -857,7 +780,7 @@ type TasksCompletionStatus struct {
 
 // TodoAction represents the available actions that can be performed on a todo.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/todos.html
+// GitLab API docs: https://docs.gitlab.com/api/todos/
 type TodoAction string
 
 // The available todo actions.
@@ -872,7 +795,7 @@ const (
 
 // TodoTargetType represents the available target that can be linked to a todo.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/todos.html
+// GitLab API docs: https://docs.gitlab.com/api/todos/
 type TodoTargetType string
 
 const (
@@ -893,50 +816,34 @@ const (
 
 // VariableTypeValue represents a variable type within GitLab.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/
+// GitLab API docs: https://docs.gitlab.com/api/group_level_variables/
 type VariableTypeValue string
 
 // List of available variable types.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/
+// GitLab API docs: https://docs.gitlab.com/api/group_level_variables/
 const (
 	EnvVariableType  VariableTypeValue = "env_var"
 	FileVariableType VariableTypeValue = "file"
 )
 
-// VariableType is a helper routine that allocates a new VariableTypeValue
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func VariableType(v VariableTypeValue) *VariableTypeValue {
-	return Ptr(v)
-}
-
 // VisibilityValue represents a visibility level within GitLab.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/
+// GitLab API docs: https://docs.gitlab.com/api/groups/
 type VisibilityValue string
 
 // List of available visibility levels.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/
+// GitLab API docs: https://docs.gitlab.com/api/groups/
 const (
 	PrivateVisibility  VisibilityValue = "private"
 	InternalVisibility VisibilityValue = "internal"
 	PublicVisibility   VisibilityValue = "public"
 )
 
-// Visibility is a helper routine that allocates a new VisibilityValue
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func Visibility(v VisibilityValue) *VisibilityValue {
-	return Ptr(v)
-}
-
 // WikiFormatValue represents the available wiki formats.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/wikis.html
+// GitLab API docs: https://docs.gitlab.com/api/wikis/
 type WikiFormatValue string
 
 // The available wiki formats.
@@ -947,46 +854,6 @@ const (
 	WikiFormatOrg      WikiFormatValue = "org"
 )
 
-// WikiFormat is a helper routine that allocates a new WikiFormatValue
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func WikiFormat(v WikiFormatValue) *WikiFormatValue {
-	return Ptr(v)
-}
-
-// Bool is a helper routine that allocates a new bool value
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func Bool(v bool) *bool {
-	return Ptr(v)
-}
-
-// Int is a helper routine that allocates a new int value
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func Int(v int) *int {
-	return Ptr(v)
-}
-
-// String is a helper routine that allocates a new string value
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func String(v string) *string {
-	return Ptr(v)
-}
-
-// Time is a helper routine that allocates a new time.Time value
-// to store v and returns a pointer to it.
-//
-// Deprecated: Please use Ptr instead.
-func Time(v time.Time) *time.Time {
-	return Ptr(v)
-}
-
 // BoolValue is a boolean value with advanced json unmarshaling features.
 type BoolValue bool
 
@@ -1020,12 +887,12 @@ func (t *BoolValue) UnmarshalJSON(b []byte) error {
 // CIPipelineVariablesMinimumOverrideRoleValue represents an access control
 // value used for managing access to the CI Pipeline Variable Override feature.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html
+// GitLab API docs: https://docs.gitlab.com/api/projects/
 type CIPipelineVariablesMinimumOverrideRoleValue = string
 
 // List of available CIPipelineVariablesMinimumOverrideRoleValue values.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/projects.html
+// GitLab API docs: https://docs.gitlab.com/api/projects/
 const (
 	CIPipelineVariablesNoOneAllowedRole CIPipelineVariablesMinimumOverrideRoleValue = "no_one_allowed"
 	CiPipelineVariablesOwnerRole        CIPipelineVariablesMinimumOverrideRoleValue = "owner"
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/usage_data.go b/vendor/gitlab.com/gitlab-org/api/client-go/usage_data.go
index e2698b75e2..788522a64e 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/usage_data.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/usage_data.go
@@ -20,7 +20,7 @@ type (
 	// UsageDataService handles communication with the service ping related
 	// methods of the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/api/usage_data.html
+	// GitLab API docs: https://docs.gitlab.com/api/usage_data/
 	UsageDataService struct {
 		client *Client
 	}
@@ -36,7 +36,7 @@ type ServicePingData struct {
 // GetServicePing gets the current service ping data.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/api/usage_data.html#export-service-ping-data
+// https://docs.gitlab.com/api/usage_data/#export-service-ping-data
 func (s *UsageDataService) GetServicePing(options ...RequestOptionFunc) (*ServicePingData, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "usage_data/service_ping", nil, options)
 	if err != nil {
@@ -55,7 +55,7 @@ func (s *UsageDataService) GetServicePing(options ...RequestOptionFunc) (*Servic
 // GetMetricDefinitionsAsYAML gets all metric definitions as a single YAML file.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/api/usage_data.html#export-metric-definitions-as-a-single-yaml-file
+// https://docs.gitlab.com/api/usage_data/#export-metric-definitions-as-a-single-yaml-file
 func (s *UsageDataService) GetMetricDefinitionsAsYAML(options ...RequestOptionFunc) (io.Reader, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "usage_data/metric_definitions", nil, options)
 	if err != nil {
@@ -102,7 +102,7 @@ type ServicePingQueries struct {
 // GetQueries gets all raw SQL queries used to compute service ping.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/api/usage_data.html#export-service-ping-sql-queries
+// https://docs.gitlab.com/api/usage_data/#export-service-ping-sql-queries
 func (s *UsageDataService) GetQueries(options ...RequestOptionFunc) (*ServicePingQueries, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "usage_data/queries", nil, options)
 	if err != nil {
@@ -146,7 +146,7 @@ type ServicePingNonSqlMetrics struct {
 // GetNonSQLMetrics gets all non-SQL metrics data used in the service ping.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/api/usage_data.html#usagedatanonsqlmetrics-api
+// https://docs.gitlab.com/api/usage_data/#usagedatanonsqlmetrics-api
 func (s *UsageDataService) GetNonSQLMetrics(options ...RequestOptionFunc) (*ServicePingNonSqlMetrics, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "usage_data/non_sql_metrics", nil, options)
 	if err != nil {
@@ -174,7 +174,7 @@ type TrackEventOptions struct {
 // TrackEvent tracks an internal GitLab event.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/api/usage_data.html#events-tracking-api
+// https://docs.gitlab.com/api/usage_data/#events-tracking-api
 func (s *UsageDataService) TrackEvent(opt *TrackEventOptions, options ...RequestOptionFunc) (*Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "usage_data/track_event", opt, options)
 	if err != nil {
@@ -192,7 +192,7 @@ type TrackEventsOptions struct {
 // TrackEvents tracks multiple internal GitLab events.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/api/usage_data.html#events-tracking-api
+// https://docs.gitlab.com/api/usage_data/#events-tracking-api
 func (s *UsageDataService) TrackEvents(opt *TrackEventsOptions, options ...RequestOptionFunc) (*Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "usage_data/track_events", opt, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/users.go b/vendor/gitlab.com/gitlab-org/api/client-go/users.go
index 778a815964..e790aa4c1d 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/users.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/users.go
@@ -23,6 +23,7 @@ import (
 	"io"
 	"net"
 	"net/http"
+	"strings"
 	"time"
 
 	"github.com/hashicorp/go-retryablehttp"
@@ -37,11 +38,11 @@ type (
 		DeleteUser(user int, options ...RequestOptionFunc) (*Response, error)
 		CurrentUser(options ...RequestOptionFunc) (*User, *Response, error)
 		CurrentUserStatus(options ...RequestOptionFunc) (*UserStatus, *Response, error)
-		GetUserStatus(user int, options ...RequestOptionFunc) (*UserStatus, *Response, error)
+		GetUserStatus(uid any, options ...RequestOptionFunc) (*UserStatus, *Response, error)
 		SetUserStatus(opt *UserStatusOptions, options ...RequestOptionFunc) (*UserStatus, *Response, error)
 		GetUserAssociationsCount(user int, options ...RequestOptionFunc) (*UserAssociationsCount, *Response, error)
 		ListSSHKeys(opt *ListSSHKeysOptions, options ...RequestOptionFunc) ([]*SSHKey, *Response, error)
-		ListSSHKeysForUser(uid interface{}, opt *ListSSHKeysForUserOptions, options ...RequestOptionFunc) ([]*SSHKey, *Response, error)
+		ListSSHKeysForUser(uid any, opt *ListSSHKeysForUserOptions, options ...RequestOptionFunc) ([]*SSHKey, *Response, error)
 		GetSSHKey(key int, options ...RequestOptionFunc) (*SSHKey, *Response, error)
 		GetSSHKeyForUser(user int, key int, options ...RequestOptionFunc) (*SSHKey, *Response, error)
 		AddSSHKey(opt *AddSSHKeyOptions, options ...RequestOptionFunc) (*SSHKey, *Response, error)
@@ -87,13 +88,13 @@ type (
 		DeleteUserIdentity(user int, provider string, options ...RequestOptionFunc) (*Response, error)
 
 		// events.go
-		ListUserContributionEvents(uid interface{}, opt *ListContributionEventsOptions, options ...RequestOptionFunc) ([]*ContributionEvent, *Response, error)
+		ListUserContributionEvents(uid any, opt *ListContributionEventsOptions, options ...RequestOptionFunc) ([]*ContributionEvent, *Response, error)
 	}
 
 	// UsersService handles communication with the user related methods of
 	// the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/users.html
+	// GitLab API docs: https://docs.gitlab.com/api/users/
 	UsersService struct {
 		client *Client
 	}
@@ -103,16 +104,16 @@ var _ UsersServiceInterface = (*UsersService)(nil)
 
 // List a couple of standard errors.
 var (
-	ErrUserActivatePrevented         = errors.New("Cannot activate a user that is blocked by admin or by LDAP synchronization")
-	ErrUserApprovePrevented          = errors.New("Cannot approve a user that is blocked by admin or by LDAP synchronization")
-	ErrUserBlockPrevented            = errors.New("Cannot block a user that is already blocked by LDAP synchronization")
-	ErrUserConflict                  = errors.New("User does not have a pending request")
-	ErrUserDeactivatePrevented       = errors.New("Cannot deactivate a user that is blocked by admin or by LDAP synchronization")
-	ErrUserDisableTwoFactorPrevented = errors.New("Cannot disable two factor authentication if not authenticated as administrator")
-	ErrUserNotFound                  = errors.New("User does not exist")
-	ErrUserRejectPrevented           = errors.New("Cannot reject a user if not authenticated as administrator")
-	ErrUserTwoFactorNotEnabled       = errors.New("Cannot disable two factor authentication if not enabled")
-	ErrUserUnblockPrevented          = errors.New("Cannot unblock a user that is blocked by LDAP synchronization")
+	ErrUserActivatePrevented         = errors.New("cannot activate a user that is blocked by admin or by LDAP synchronization")
+	ErrUserApprovePrevented          = errors.New("cannot approve a user that is blocked by admin or by LDAP synchronization")
+	ErrUserBlockPrevented            = errors.New("cannot block a user that is already blocked by LDAP synchronization")
+	ErrUserConflict                  = errors.New("user does not have a pending request")
+	ErrUserDeactivatePrevented       = errors.New("cannot deactivate a user that is blocked by admin or by LDAP synchronization")
+	ErrUserDisableTwoFactorPrevented = errors.New("cannot disable two factor authentication if not authenticated as administrator")
+	ErrUserNotFound                  = errors.New("user does not exist")
+	ErrUserRejectPrevented           = errors.New("cannot reject a user if not authenticated as administrator")
+	ErrUserTwoFactorNotEnabled       = errors.New("cannot disable two factor authentication if not enabled")
+	ErrUserUnblockPrevented          = errors.New("cannot unblock a user that is blocked by LDAP synchronization")
 )
 
 // BasicUser included in other service responses (such as merge requests, pipelines, etc).
@@ -130,7 +131,7 @@ type BasicUser struct {
 // ServiceAccount represents a GitLab service account.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/user_service_accounts.html
+// https://docs.gitlab.com/api/user_service_accounts/
 type ServiceAccount struct {
 	ID       int    `json:"id"`
 	Username string `json:"username"`
@@ -139,7 +140,7 @@ type ServiceAccount struct {
 
 // User represents a GitLab user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html
+// GitLab API docs: https://docs.gitlab.com/api/users/
 type User struct {
 	ID                             int                `json:"id"`
 	Username                       string             `json:"username"`
@@ -196,7 +197,7 @@ type UserIdentity struct {
 
 // UserAvatar represents a GitLab user avatar.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html
+// GitLab API docs: https://docs.gitlab.com/api/users/
 type UserAvatar struct {
 	Filename string
 	Image    io.Reader
@@ -213,7 +214,7 @@ func (a *UserAvatar) MarshalJSON() ([]byte, error) {
 
 // ListUsersOptions represents the available ListUsers() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#list-users
+// GitLab API docs: https://docs.gitlab.com/api/users/#list-users
 type ListUsersOptions struct {
 	ListOptions
 	Active          *bool `url:"active,omitempty" json:"active,omitempty"`
@@ -243,7 +244,7 @@ type ListUsersOptions struct {
 
 // ListUsers gets a list of users.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#list-users
+// GitLab API docs: https://docs.gitlab.com/api/users/#list-users
 func (s *UsersService) ListUsers(opt *ListUsersOptions, options ...RequestOptionFunc) ([]*User, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "users", opt, options)
 	if err != nil {
@@ -261,14 +262,14 @@ func (s *UsersService) ListUsers(opt *ListUsersOptions, options ...RequestOption
 
 // GetUsersOptions represents the available GetUser() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#single-user
+// GitLab API docs: https://docs.gitlab.com/api/users/#get-a-single-user
 type GetUsersOptions struct {
 	WithCustomAttributes *bool `url:"with_custom_attributes,omitempty" json:"with_custom_attributes,omitempty"`
 }
 
 // GetUser gets a single user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#single-user
+// GitLab API docs: https://docs.gitlab.com/api/users/#get-a-single-user
 func (s *UsersService) GetUser(user int, opt GetUsersOptions, options ...RequestOptionFunc) (*User, *Response, error) {
 	u := fmt.Sprintf("users/%d", user)
 
@@ -288,7 +289,7 @@ func (s *UsersService) GetUser(user int, opt GetUsersOptions, options ...Request
 
 // CreateUserOptions represents the available CreateUser() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#user-creation
+// GitLab API docs: https://docs.gitlab.com/api/users/#create-a-user
 type CreateUserOptions struct {
 	Admin               *bool       `url:"admin,omitempty" json:"admin,omitempty"`
 	Avatar              *UserAvatar `url:"-" json:"-"`
@@ -319,7 +320,7 @@ type CreateUserOptions struct {
 
 // CreateUser creates a new user. Note only administrators can create new users.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#user-creation
+// GitLab API docs: https://docs.gitlab.com/api/users/#create-a-user
 func (s *UsersService) CreateUser(opt *CreateUserOptions, options ...RequestOptionFunc) (*User, *Response, error) {
 	var err error
 	var req *retryablehttp.Request
@@ -352,7 +353,7 @@ func (s *UsersService) CreateUser(opt *CreateUserOptions, options ...RequestOpti
 
 // ModifyUserOptions represents the available ModifyUser() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#user-modification
+// GitLab API docs: https://docs.gitlab.com/api/users/#modify-a-user
 type ModifyUserOptions struct {
 	Admin              *bool       `url:"admin,omitempty" json:"admin,omitempty"`
 	Avatar             *UserAvatar `url:"-" json:"avatar,omitempty"`
@@ -384,7 +385,7 @@ type ModifyUserOptions struct {
 // ModifyUser modifies an existing user. Only administrators can change attributes
 // of a user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#user-modification
+// GitLab API docs: https://docs.gitlab.com/api/users/#modify-a-user
 func (s *UsersService) ModifyUser(user int, opt *ModifyUserOptions, options ...RequestOptionFunc) (*User, *Response, error) {
 	var err error
 	var req *retryablehttp.Request
@@ -422,7 +423,7 @@ func (s *UsersService) ModifyUser(user int, opt *ModifyUserOptions, options ...R
 // actually deleted or not. In the former the user is returned and in the
 // latter not.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#user-deletion
+// GitLab API docs: https://docs.gitlab.com/api/users/#delete-a-user
 func (s *UsersService) DeleteUser(user int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("users/%d", user)
 
@@ -436,7 +437,7 @@ func (s *UsersService) DeleteUser(user int, options ...RequestOptionFunc) (*Resp
 
 // CurrentUser gets currently authenticated user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#list-current-user
+// GitLab API docs: https://docs.gitlab.com/api/users/#get-the-current-user
 func (s *UsersService) CurrentUser(options ...RequestOptionFunc) (*User, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "user", nil, options)
 	if err != nil {
@@ -455,18 +456,19 @@ func (s *UsersService) CurrentUser(options ...RequestOptionFunc) (*User, *Respon
 // UserStatus represents the current status of a user
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#user-status
+// https://docs.gitlab.com/api/users/#get-your-user-status
 type UserStatus struct {
-	Emoji        string            `json:"emoji"`
-	Availability AvailabilityValue `json:"availability"`
-	Message      string            `json:"message"`
-	MessageHTML  string            `json:"message_html"`
+	Emoji         string            `json:"emoji"`
+	Availability  AvailabilityValue `json:"availability"`
+	Message       string            `json:"message"`
+	MessageHTML   string            `json:"message_html"`
+	ClearStatusAt *time.Time        `json:"clear_status_at"`
 }
 
 // CurrentUserStatus retrieves the user status
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#user-status
+// https://docs.gitlab.com/api/users/#get-your-user-status
 func (s *UsersService) CurrentUserStatus(options ...RequestOptionFunc) (*UserStatus, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "user/status", nil, options)
 	if err != nil {
@@ -482,12 +484,20 @@ func (s *UsersService) CurrentUserStatus(options ...RequestOptionFunc) (*UserSta
 	return status, resp, nil
 }
 
-// GetUserStatus retrieves a user's status
+// GetUserStatus retrieves a user's status.
+//
+// uid can be either a user ID (int) or a username (string); will trim one "@" character off the username, if present.
+// Other types will cause an error to be returned.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#get-the-status-of-a-user
-func (s *UsersService) GetUserStatus(user int, options ...RequestOptionFunc) (*UserStatus, *Response, error) {
-	u := fmt.Sprintf("users/%d/status", user)
+// https://docs.gitlab.com/api/users/#get-the-status-of-a-user
+func (s *UsersService) GetUserStatus(uid any, options ...RequestOptionFunc) (*UserStatus, *Response, error) {
+	user, err := parseID(uid)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	u := fmt.Sprintf("users/%s/status", strings.TrimPrefix(user, "@"))
 
 	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
 	if err != nil {
@@ -506,17 +516,18 @@ func (s *UsersService) GetUserStatus(user int, options ...RequestOptionFunc) (*U
 // UserStatusOptions represents the options required to set the status
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#set-user-status
+// https://docs.gitlab.com/api/users/#set-your-user-status
 type UserStatusOptions struct {
-	Emoji        *string            `url:"emoji,omitempty" json:"emoji,omitempty"`
-	Availability *AvailabilityValue `url:"availability,omitempty" json:"availability,omitempty"`
-	Message      *string            `url:"message,omitempty" json:"message,omitempty"`
+	Emoji            *string                `url:"emoji,omitempty" json:"emoji,omitempty"`
+	Availability     *AvailabilityValue     `url:"availability,omitempty" json:"availability,omitempty"`
+	Message          *string                `url:"message,omitempty" json:"message,omitempty"`
+	ClearStatusAfter *ClearStatusAfterValue `url:"clear_status_after,omitempty" json:"clear_status_after,omitempty"`
 }
 
 // SetUserStatus sets the user's status
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#set-user-status
+// https://docs.gitlab.com/api/users/#set-your-user-status
 func (s *UsersService) SetUserStatus(opt *UserStatusOptions, options ...RequestOptionFunc) (*UserStatus, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPut, "user/status", opt, options)
 	if err != nil {
@@ -534,7 +545,8 @@ func (s *UsersService) SetUserStatus(opt *UserStatusOptions, options ...RequestO
 
 // UserAssociationsCount represents the user associations count.
 //
-// Gitlab API docs: https://docs.gitlab.com/ee/api/users.html#list-associations-count-for-user
+// Gitlab API docs:
+// https://docs.gitlab.com/api/users/#get-a-count-of-a-users-projects-groups-issues-and-merge-requests
 type UserAssociationsCount struct {
 	GroupsCount        int `json:"groups_count"`
 	ProjectsCount      int `json:"projects_count"`
@@ -544,7 +556,8 @@ type UserAssociationsCount struct {
 
 // GetUserAssociationsCount gets a list of a specified user associations.
 //
-// Gitlab API docs: https://docs.gitlab.com/ee/api/users.html#list-associations-count-for-user
+// Gitlab API docs:
+// https://docs.gitlab.com/api/users/#get-a-count-of-a-users-projects-groups-issues-and-merge-requests
 func (s *UsersService) GetUserAssociationsCount(user int, options ...RequestOptionFunc) (*UserAssociationsCount, *Response, error) {
 	u := fmt.Sprintf("users/%d/associations_count", user)
 
@@ -564,7 +577,7 @@ func (s *UsersService) GetUserAssociationsCount(user int, options ...RequestOpti
 
 // SSHKey represents a SSH key.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/user_keys.html#list-all-ssh-keys
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#list-all-ssh-keys
 type SSHKey struct {
 	ID        int        `json:"id"`
 	Title     string     `json:"title"`
@@ -576,12 +589,12 @@ type SSHKey struct {
 
 // ListSSHKeysOptions represents the available ListSSHKeys options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/user_keys.html#list-all-ssh-keys
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#list-all-ssh-keys
 type ListSSHKeysOptions ListOptions
 
 // ListSSHKeys gets a list of currently authenticated user's SSH keys.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/user_keys.html#list-all-ssh-keys
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#list-all-ssh-keys
 func (s *UsersService) ListSSHKeys(opt *ListSSHKeysOptions, options ...RequestOptionFunc) ([]*SSHKey, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "user/keys", opt, options)
 	if err != nil {
@@ -600,14 +613,14 @@ func (s *UsersService) ListSSHKeys(opt *ListSSHKeysOptions, options ...RequestOp
 // ListSSHKeysForUserOptions represents the available ListSSHKeysForUser() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#list-ssh-keys-for-user
+// https://docs.gitlab.com/api/user_keys/#list-all-ssh-keys-for-a-user
 type ListSSHKeysForUserOptions ListOptions
 
 // ListSSHKeysForUser gets a list of a specified user's SSH keys.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#list-ssh-keys-for-user
-func (s *UsersService) ListSSHKeysForUser(uid interface{}, opt *ListSSHKeysForUserOptions, options ...RequestOptionFunc) ([]*SSHKey, *Response, error) {
+// https://docs.gitlab.com/api/user_keys/#list-all-ssh-keys-for-a-user
+func (s *UsersService) ListSSHKeysForUser(uid any, opt *ListSSHKeysForUserOptions, options ...RequestOptionFunc) ([]*SSHKey, *Response, error) {
 	user, err := parseID(uid)
 	if err != nil {
 		return nil, nil, err
@@ -630,7 +643,7 @@ func (s *UsersService) ListSSHKeysForUser(uid interface{}, opt *ListSSHKeysForUs
 
 // GetSSHKey gets a single key.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#single-ssh-key
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#get-an-ssh-key
 func (s *UsersService) GetSSHKey(key int, options ...RequestOptionFunc) (*SSHKey, *Response, error) {
 	u := fmt.Sprintf("user/keys/%d", key)
 
@@ -650,7 +663,7 @@ func (s *UsersService) GetSSHKey(key int, options ...RequestOptionFunc) (*SSHKey
 
 // GetSSHKeyForUser gets a single key for a given user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#single-ssh-key-for-given-user
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#get-an-ssh-key-for-a-user
 func (s *UsersService) GetSSHKeyForUser(user int, key int, options ...RequestOptionFunc) (*SSHKey, *Response, error) {
 	u := fmt.Sprintf("users/%d/keys/%d", user, key)
 
@@ -670,7 +683,7 @@ func (s *UsersService) GetSSHKeyForUser(user int, key int, options ...RequestOpt
 
 // AddSSHKeyOptions represents the available AddSSHKey() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/user_keys.html#add-an-ssh-key
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#add-an-ssh-key
 type AddSSHKeyOptions struct {
 	Title     *string  `url:"title,omitempty" json:"title,omitempty"`
 	Key       *string  `url:"key,omitempty" json:"key,omitempty"`
@@ -680,7 +693,7 @@ type AddSSHKeyOptions struct {
 
 // AddSSHKey creates a new key owned by the currently authenticated user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/user_keys.html#add-an-ssh-key
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#add-an-ssh-key
 func (s *UsersService) AddSSHKey(opt *AddSSHKeyOptions, options ...RequestOptionFunc) (*SSHKey, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "user/keys", opt, options)
 	if err != nil {
@@ -699,7 +712,7 @@ func (s *UsersService) AddSSHKey(opt *AddSSHKeyOptions, options ...RequestOption
 // AddSSHKeyForUser creates new key owned by specified user. Available only for
 // admin.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/user_keys.html#add-an-ssh-key-for-a-user
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#add-an-ssh-key-for-a-user
 func (s *UsersService) AddSSHKeyForUser(user int, opt *AddSSHKeyOptions, options ...RequestOptionFunc) (*SSHKey, *Response, error) {
 	u := fmt.Sprintf("users/%d/keys", user)
 
@@ -722,7 +735,7 @@ func (s *UsersService) AddSSHKeyForUser(user int, opt *AddSSHKeyOptions, options
 // available results in 200 OK.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#delete-ssh-key-for-current-user
+// https://docs.gitlab.com/api/user_keys/#delete-an-ssh-key
 func (s *UsersService) DeleteSSHKey(key int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("user/keys/%d", key)
 
@@ -738,7 +751,7 @@ func (s *UsersService) DeleteSSHKey(key int, options ...RequestOptionFunc) (*Res
 // for admin.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#delete-ssh-key-for-given-user
+// https://docs.gitlab.com/api/user_keys/#delete-an-ssh-key-for-a-user
 func (s *UsersService) DeleteSSHKeyForUser(user, key int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("users/%d/keys/%d", user, key)
 
@@ -752,7 +765,7 @@ func (s *UsersService) DeleteSSHKeyForUser(user, key int, options ...RequestOpti
 
 // GPGKey represents a GPG key.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#list-all-gpg-keys
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#list-all-gpg-keys
 type GPGKey struct {
 	ID        int        `json:"id"`
 	Key       string     `json:"key"`
@@ -761,7 +774,7 @@ type GPGKey struct {
 
 // ListGPGKeys gets a list of currently authenticated user’s GPG keys.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#list-all-gpg-keys
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#list-all-gpg-keys
 func (s *UsersService) ListGPGKeys(options ...RequestOptionFunc) ([]*GPGKey, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "user/gpg_keys", nil, options)
 	if err != nil {
@@ -779,7 +792,7 @@ func (s *UsersService) ListGPGKeys(options ...RequestOptionFunc) ([]*GPGKey, *Re
 
 // GetGPGKey gets a specific GPG key of currently authenticated user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#get-a-specific-gpg-key
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#get-a-gpg-key
 func (s *UsersService) GetGPGKey(key int, options ...RequestOptionFunc) (*GPGKey, *Response, error) {
 	u := fmt.Sprintf("user/gpg_keys/%d", key)
 
@@ -799,14 +812,14 @@ func (s *UsersService) GetGPGKey(key int, options ...RequestOptionFunc) (*GPGKey
 
 // AddGPGKeyOptions represents the available AddGPGKey() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#add-a-gpg-key
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#add-a-gpg-key
 type AddGPGKeyOptions struct {
 	Key *string `url:"key,omitempty" json:"key,omitempty"`
 }
 
 // AddGPGKey creates a new GPG key owned by the currently authenticated user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#add-a-gpg-key
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#add-a-gpg-key
 func (s *UsersService) AddGPGKey(opt *AddGPGKeyOptions, options ...RequestOptionFunc) (*GPGKey, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "user/gpg_keys", opt, options)
 	if err != nil {
@@ -824,7 +837,7 @@ func (s *UsersService) AddGPGKey(opt *AddGPGKeyOptions, options ...RequestOption
 
 // DeleteGPGKey deletes a GPG key owned by currently authenticated user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#delete-a-gpg-key
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#delete-a-gpg-key
 func (s *UsersService) DeleteGPGKey(key int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("user/gpg_keys/%d", key)
 
@@ -839,7 +852,7 @@ func (s *UsersService) DeleteGPGKey(key int, options ...RequestOptionFunc) (*Res
 // ListGPGKeysForUser gets a list of a specified user’s GPG keys.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#list-all-gpg-keys-for-given-user
+// https://docs.gitlab.com/api/user_keys/#list-all-gpg-keys-for-a-user
 func (s *UsersService) ListGPGKeysForUser(user int, options ...RequestOptionFunc) ([]*GPGKey, *Response, error) {
 	u := fmt.Sprintf("users/%d/gpg_keys", user)
 
@@ -859,7 +872,7 @@ func (s *UsersService) ListGPGKeysForUser(user int, options ...RequestOptionFunc
 
 // GetGPGKeyForUser gets a specific GPG key for a given user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#get-a-specific-gpg-key-for-a-given-user
+// GitLab API docs: https://docs.gitlab.com/api/user_keys/#get-a-gpg-key-for-a-user
 func (s *UsersService) GetGPGKeyForUser(user, key int, options ...RequestOptionFunc) (*GPGKey, *Response, error) {
 	u := fmt.Sprintf("users/%d/gpg_keys/%d", user, key)
 
@@ -880,7 +893,7 @@ func (s *UsersService) GetGPGKeyForUser(user, key int, options ...RequestOptionF
 // AddGPGKeyForUser creates new GPG key owned by the specified user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#add-a-gpg-key-for-a-given-user
+// https://docs.gitlab.com/api/user_keys/#add-a-gpg-key-for-a-user
 func (s *UsersService) AddGPGKeyForUser(user int, opt *AddGPGKeyOptions, options ...RequestOptionFunc) (*GPGKey, *Response, error) {
 	u := fmt.Sprintf("users/%d/gpg_keys", user)
 
@@ -901,7 +914,7 @@ func (s *UsersService) AddGPGKeyForUser(user int, opt *AddGPGKeyOptions, options
 // DeleteGPGKeyForUser deletes a GPG key owned by a specified user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#delete-a-gpg-key-for-a-given-user
+// https://docs.gitlab.com/api/user_keys/#delete-a-gpg-key-for-a-user
 func (s *UsersService) DeleteGPGKeyForUser(user, key int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("users/%d/gpg_keys/%d", user, key)
 
@@ -915,7 +928,8 @@ func (s *UsersService) DeleteGPGKeyForUser(user, key int, options ...RequestOpti
 
 // Email represents an Email.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#list-emails
+// GitLab API docs:
+// https://docs.gitlab.com/api/user_email_addresses/#list-all-email-addresses
 type Email struct {
 	ID          int        `json:"id"`
 	Email       string     `json:"email"`
@@ -924,7 +938,8 @@ type Email struct {
 
 // ListEmails gets a list of currently authenticated user's Emails.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#list-emails
+// GitLab API docs:
+// https://docs.gitlab.com/api/user_email_addresses/#list-all-email-addresses
 func (s *UsersService) ListEmails(options ...RequestOptionFunc) ([]*Email, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "user/emails", nil, options)
 	if err != nil {
@@ -943,14 +958,14 @@ func (s *UsersService) ListEmails(options ...RequestOptionFunc) ([]*Email, *Resp
 // ListEmailsForUserOptions represents the available ListEmailsForUser() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#list-emails-for-user
+// https://docs.gitlab.com/api/user_email_addresses/#list-all-email-addresses-for-a-user
 type ListEmailsForUserOptions ListOptions
 
 // ListEmailsForUser gets a list of a specified user's Emails. Available
 // only for admin
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#list-emails-for-user
+// https://docs.gitlab.com/api/user_email_addresses/#list-all-email-addresses-for-a-user
 func (s *UsersService) ListEmailsForUser(user int, opt *ListEmailsForUserOptions, options ...RequestOptionFunc) ([]*Email, *Response, error) {
 	u := fmt.Sprintf("users/%d/emails", user)
 
@@ -970,7 +985,8 @@ func (s *UsersService) ListEmailsForUser(user int, opt *ListEmailsForUserOptions
 
 // GetEmail gets a single email.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#single-email
+// GitLab API docs:
+// https://docs.gitlab.com/api/user_email_addresses/#get-details-on-an-email-address
 func (s *UsersService) GetEmail(email int, options ...RequestOptionFunc) (*Email, *Response, error) {
 	u := fmt.Sprintf("user/emails/%d", email)
 
@@ -990,7 +1006,8 @@ func (s *UsersService) GetEmail(email int, options ...RequestOptionFunc) (*Email
 
 // AddEmailOptions represents the available AddEmail() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#add-email
+// GitLab API docs:
+// https://docs.gitlab.com/api/user_email_addresses/#add-an-email-address
 type AddEmailOptions struct {
 	Email            *string `url:"email,omitempty" json:"email,omitempty"`
 	SkipConfirmation *bool   `url:"skip_confirmation,omitempty" json:"skip_confirmation,omitempty"`
@@ -998,7 +1015,8 @@ type AddEmailOptions struct {
 
 // AddEmail creates a new email owned by the currently authenticated user.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#add-email
+// GitLab API docs:
+// https://docs.gitlab.com/api/user_email_addresses/#add-an-email-address
 func (s *UsersService) AddEmail(opt *AddEmailOptions, options ...RequestOptionFunc) (*Email, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "user/emails", opt, options)
 	if err != nil {
@@ -1017,7 +1035,8 @@ func (s *UsersService) AddEmail(opt *AddEmailOptions, options ...RequestOptionFu
 // AddEmailForUser creates new email owned by specified user. Available only for
 // admin.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#add-email-for-user
+// GitLab API docs:
+// https://docs.gitlab.com/api/user_email_addresses/#add-an-email-address-for-a-user
 func (s *UsersService) AddEmailForUser(user int, opt *AddEmailOptions, options ...RequestOptionFunc) (*Email, *Response, error) {
 	u := fmt.Sprintf("users/%d/emails", user)
 
@@ -1040,7 +1059,7 @@ func (s *UsersService) AddEmailForUser(user int, opt *AddEmailOptions, options .
 // available results in 200 OK.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#delete-email-for-current-user
+// https://docs.gitlab.com/api/user_email_addresses/#delete-an-email-address
 func (s *UsersService) DeleteEmail(email int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("user/emails/%d", email)
 
@@ -1056,7 +1075,7 @@ func (s *UsersService) DeleteEmail(email int, options ...RequestOptionFunc) (*Re
 // for admin.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#delete-email-for-given-user
+// https://docs.gitlab.com/api/user_email_addresses/#delete-an-email-address-for-a-user
 func (s *UsersService) DeleteEmailForUser(user, email int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("users/%d/emails/%d", user, email)
 
@@ -1070,7 +1089,7 @@ func (s *UsersService) DeleteEmailForUser(user, email int, options ...RequestOpt
 
 // BlockUser blocks the specified user. Available only for admin.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#block-user
+// GitLab API docs: https://docs.gitlab.com/api/user_moderation/#block-access-to-a-user
 func (s *UsersService) BlockUser(user int, options ...RequestOptionFunc) error {
 	u := fmt.Sprintf("users/%d/block", user)
 
@@ -1092,13 +1111,13 @@ func (s *UsersService) BlockUser(user int, options ...RequestOptionFunc) error {
 	case 404:
 		return ErrUserNotFound
 	default:
-		return fmt.Errorf("Received unexpected result code: %d", resp.StatusCode)
+		return fmt.Errorf("received unexpected result code: %d", resp.StatusCode)
 	}
 }
 
 // UnblockUser unblocks the specified user. Available only for admin.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#unblock-user
+// GitLab API docs: https://docs.gitlab.com/api/user_moderation/#unblock-access-to-a-user
 func (s *UsersService) UnblockUser(user int, options ...RequestOptionFunc) error {
 	u := fmt.Sprintf("users/%d/unblock", user)
 
@@ -1120,13 +1139,13 @@ func (s *UsersService) UnblockUser(user int, options ...RequestOptionFunc) error
 	case 404:
 		return ErrUserNotFound
 	default:
-		return fmt.Errorf("Received unexpected result code: %d", resp.StatusCode)
+		return fmt.Errorf("received unexpected result code: %d", resp.StatusCode)
 	}
 }
 
 // BanUser bans the specified user. Available only for admin.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#ban-user
+// GitLab API docs: https://docs.gitlab.com/api/user_moderation/#ban-a-user
 func (s *UsersService) BanUser(user int, options ...RequestOptionFunc) error {
 	u := fmt.Sprintf("users/%d/ban", user)
 
@@ -1146,13 +1165,13 @@ func (s *UsersService) BanUser(user int, options ...RequestOptionFunc) error {
 	case 404:
 		return ErrUserNotFound
 	default:
-		return fmt.Errorf("Received unexpected result code: %d", resp.StatusCode)
+		return fmt.Errorf("received unexpected result code: %d", resp.StatusCode)
 	}
 }
 
 // UnbanUser unbans the specified user. Available only for admin.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#unban-user
+// GitLab API docs: https://docs.gitlab.com/api/user_moderation/#unban-a-user
 func (s *UsersService) UnbanUser(user int, options ...RequestOptionFunc) error {
 	u := fmt.Sprintf("users/%d/unban", user)
 
@@ -1172,13 +1191,13 @@ func (s *UsersService) UnbanUser(user int, options ...RequestOptionFunc) error {
 	case 404:
 		return ErrUserNotFound
 	default:
-		return fmt.Errorf("Received unexpected result code: %d", resp.StatusCode)
+		return fmt.Errorf("received unexpected result code: %d", resp.StatusCode)
 	}
 }
 
 // DeactivateUser deactivate the specified user. Available only for admin.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#deactivate-user
+// GitLab API docs: https://docs.gitlab.com/api/user_moderation/#deactivate-a-user
 func (s *UsersService) DeactivateUser(user int, options ...RequestOptionFunc) error {
 	u := fmt.Sprintf("users/%d/deactivate", user)
 
@@ -1200,13 +1219,13 @@ func (s *UsersService) DeactivateUser(user int, options ...RequestOptionFunc) er
 	case 404:
 		return ErrUserNotFound
 	default:
-		return fmt.Errorf("Received unexpected result code: %d", resp.StatusCode)
+		return fmt.Errorf("received unexpected result code: %d", resp.StatusCode)
 	}
 }
 
 // ActivateUser activate the specified user. Available only for admin.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#activate-user
+// GitLab API docs: https://docs.gitlab.com/api/user_moderation/#reactivate-a-user
 func (s *UsersService) ActivateUser(user int, options ...RequestOptionFunc) error {
 	u := fmt.Sprintf("users/%d/activate", user)
 
@@ -1228,13 +1247,13 @@ func (s *UsersService) ActivateUser(user int, options ...RequestOptionFunc) erro
 	case 404:
 		return ErrUserNotFound
 	default:
-		return fmt.Errorf("Received unexpected result code: %d", resp.StatusCode)
+		return fmt.Errorf("received unexpected result code: %d", resp.StatusCode)
 	}
 }
 
 // ApproveUser approve the specified user. Available only for admin.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#approve-user
+// GitLab API docs: https://docs.gitlab.com/api/user_moderation/#approve-access-to-a-user
 func (s *UsersService) ApproveUser(user int, options ...RequestOptionFunc) error {
 	u := fmt.Sprintf("users/%d/approve", user)
 
@@ -1256,13 +1275,13 @@ func (s *UsersService) ApproveUser(user int, options ...RequestOptionFunc) error
 	case 404:
 		return ErrUserNotFound
 	default:
-		return fmt.Errorf("Received unexpected result code: %d", resp.StatusCode)
+		return fmt.Errorf("received unexpected result code: %d", resp.StatusCode)
 	}
 }
 
 // RejectUser reject the specified user. Available only for admin.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/users.html#reject-user
+// GitLab API docs: https://docs.gitlab.com/api/user_moderation/#reject-access-to-a-user
 func (s *UsersService) RejectUser(user int, options ...RequestOptionFunc) error {
 	u := fmt.Sprintf("users/%d/reject", user)
 
@@ -1286,14 +1305,14 @@ func (s *UsersService) RejectUser(user int, options ...RequestOptionFunc) error
 	case 409:
 		return ErrUserConflict
 	default:
-		return fmt.Errorf("Received unexpected result code: %d", resp.StatusCode)
+		return fmt.Errorf("received unexpected result code: %d", resp.StatusCode)
 	}
 }
 
 // ImpersonationToken represents an impersonation token.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#get-all-impersonation-tokens-of-a-user
+// https://docs.gitlab.com/api/user_tokens/#list-all-impersonation-tokens-for-a-user
 type ImpersonationToken struct {
 	ID         int        `json:"id"`
 	Name       string     `json:"name"`
@@ -1310,7 +1329,7 @@ type ImpersonationToken struct {
 // GetAllImpersonationTokens() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#get-all-impersonation-tokens-of-a-user
+// https://docs.gitlab.com/api/user_tokens/#list-all-impersonation-tokens-for-a-user
 type GetAllImpersonationTokensOptions struct {
 	ListOptions
 	State *string `url:"state,omitempty" json:"state,omitempty"`
@@ -1319,7 +1338,7 @@ type GetAllImpersonationTokensOptions struct {
 // GetAllImpersonationTokens retrieves all impersonation tokens of a user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#get-all-impersonation-tokens-of-a-user
+// https://docs.gitlab.com/api/user_tokens/#list-all-impersonation-tokens-for-a-user
 func (s *UsersService) GetAllImpersonationTokens(user int, opt *GetAllImpersonationTokensOptions, options ...RequestOptionFunc) ([]*ImpersonationToken, *Response, error) {
 	u := fmt.Sprintf("users/%d/impersonation_tokens", user)
 
@@ -1340,7 +1359,7 @@ func (s *UsersService) GetAllImpersonationTokens(user int, opt *GetAllImpersonat
 // GetImpersonationToken retrieves an impersonation token of a user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#get-an-impersonation-token-of-a-user
+// https://docs.gitlab.com/api/user_tokens/#get-an-impersonation-token-for-a-user
 func (s *UsersService) GetImpersonationToken(user, token int, options ...RequestOptionFunc) (*ImpersonationToken, *Response, error) {
 	u := fmt.Sprintf("users/%d/impersonation_tokens/%d", user, token)
 
@@ -1362,7 +1381,7 @@ func (s *UsersService) GetImpersonationToken(user, token int, options ...Request
 // CreateImpersonationToken() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#create-an-impersonation-token
+// https://docs.gitlab.com/api/user_tokens/#create-an-impersonation-token
 type CreateImpersonationTokenOptions struct {
 	Name      *string    `url:"name,omitempty" json:"name,omitempty"`
 	Scopes    *[]string  `url:"scopes,omitempty" json:"scopes,omitempty"`
@@ -1372,7 +1391,7 @@ type CreateImpersonationTokenOptions struct {
 // CreateImpersonationToken creates an impersonation token.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#create-an-impersonation-token
+// https://docs.gitlab.com/api/user_tokens/#create-an-impersonation-token
 func (s *UsersService) CreateImpersonationToken(user int, opt *CreateImpersonationTokenOptions, options ...RequestOptionFunc) (*ImpersonationToken, *Response, error) {
 	u := fmt.Sprintf("users/%d/impersonation_tokens", user)
 
@@ -1393,7 +1412,7 @@ func (s *UsersService) CreateImpersonationToken(user int, opt *CreateImpersonati
 // RevokeImpersonationToken revokes an impersonation token.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#revoke-an-impersonation-token
+// https://docs.gitlab.com/api/user_tokens/#revoke-an-impersonation-token
 func (s *UsersService) RevokeImpersonationToken(user, token int, options ...RequestOptionFunc) (*Response, error) {
 	u := fmt.Sprintf("users/%d/impersonation_tokens/%d", user, token)
 
@@ -1474,7 +1493,7 @@ func (s *UsersService) CreatePersonalAccessTokenForCurrentUser(opt *CreatePerson
 // UserActivity represents an entry in the user/activities response
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#get-user-activities
+// https://docs.gitlab.com/api/users/#list-a-users-activity
 type UserActivity struct {
 	Username       string   `json:"username"`
 	LastActivityOn *ISOTime `json:"last_activity_on"`
@@ -1483,7 +1502,7 @@ type UserActivity struct {
 // GetUserActivitiesOptions represents the options for GetUserActivities
 //
 // GitLap API docs:
-// https://docs.gitlab.com/ee/api/users.html#get-user-activities
+// https://docs.gitlab.com/api/users/#list-a-users-activity
 type GetUserActivitiesOptions struct {
 	ListOptions
 	From *ISOTime `url:"from,omitempty" json:"from,omitempty"`
@@ -1492,7 +1511,7 @@ type GetUserActivitiesOptions struct {
 // GetUserActivities retrieves user activities (admin only)
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#get-user-activities
+// https://docs.gitlab.com/api/users/#list-a-users-activity
 func (s *UsersService) GetUserActivities(opt *GetUserActivitiesOptions, options ...RequestOptionFunc) ([]*UserActivity, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "user/activities", opt, options)
 	if err != nil {
@@ -1511,7 +1530,7 @@ func (s *UsersService) GetUserActivities(opt *GetUserActivitiesOptions, options
 // UserMembership represents a membership of the user in a namespace or project.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#user-memberships
+// https://docs.gitlab.com/api/users/#list-projects-and-groups-that-a-user-is-a-member-of
 type UserMembership struct {
 	SourceID    int              `json:"source_id"`
 	SourceName  string           `json:"source_name"`
@@ -1522,7 +1541,7 @@ type UserMembership struct {
 // GetUserMembershipOptions represents the options available to query user memberships.
 //
 // GitLab API docs:
-// ohttps://docs.gitlab.com/ee/api/users.html#user-memberships
+// https://docs.gitlab.com/api/users/#list-projects-and-groups-that-a-user-is-a-member-of
 type GetUserMembershipOptions struct {
 	ListOptions
 	Type *string `url:"type,omitempty" json:"type,omitempty"`
@@ -1531,7 +1550,7 @@ type GetUserMembershipOptions struct {
 // GetUserMemberships retrieves a list of the user's memberships.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#user-memberships
+// https://docs.gitlab.com/api/users/#list-projects-and-groups-that-a-user-is-a-member-of
 func (s *UsersService) GetUserMemberships(user int, opt *GetUserMembershipOptions, options ...RequestOptionFunc) ([]*UserMembership, *Response, error) {
 	u := fmt.Sprintf("users/%d/memberships", user)
 
@@ -1552,7 +1571,7 @@ func (s *UsersService) GetUserMemberships(user int, opt *GetUserMembershipOption
 // DisableTwoFactor disables two factor authentication for the specified user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#disable-two-factor-authentication
+// https://docs.gitlab.com/api/users/#disable-two-factor-authentication-for-a-user
 func (s *UsersService) DisableTwoFactor(user int, options ...RequestOptionFunc) error {
 	u := fmt.Sprintf("users/%d/disable_two_factor", user)
 
@@ -1576,14 +1595,14 @@ func (s *UsersService) DisableTwoFactor(user int, options ...RequestOptionFunc)
 	case 404:
 		return ErrUserNotFound
 	default:
-		return fmt.Errorf("Received unexpected result code: %d", resp.StatusCode)
+		return fmt.Errorf("received unexpected result code: %d", resp.StatusCode)
 	}
 }
 
 // UserRunner represents a GitLab runner linked to the current user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#create-a-runner
+// https://docs.gitlab.com/api/users/#create-a-runner-linked-to-a-user
 type UserRunner struct {
 	ID             int        `json:"id"`
 	Token          string     `json:"token"`
@@ -1593,7 +1612,7 @@ type UserRunner struct {
 // CreateUserRunnerOptions represents the available CreateUserRunner() options.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#create-a-runner
+// https://docs.gitlab.com/api/users/#create-a-runner-linked-to-a-user
 type CreateUserRunnerOptions struct {
 	RunnerType      *string   `url:"runner_type,omitempty" json:"runner_type,omitempty"`
 	GroupID         *int      `url:"group_id,omitempty" json:"group_id,omitempty"`
@@ -1611,7 +1630,7 @@ type CreateUserRunnerOptions struct {
 // CreateUserRunner creates a runner linked to the current user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#create-a-runner
+// https://docs.gitlab.com/api/users/#create-a-runner-linked-to-a-user
 func (s *UsersService) CreateUserRunner(opts *CreateUserRunnerOptions, options ...RequestOptionFunc) (*UserRunner, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "user/runners", opts, options)
 	if err != nil {
@@ -1629,7 +1648,8 @@ func (s *UsersService) CreateUserRunner(opts *CreateUserRunnerOptions, options .
 
 // CreateServiceAccountUserOptions represents the available CreateServiceAccountUser() options.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/user_service_accounts.html#create-a-service-account-user
+// GitLab API docs:
+// https://docs.gitlab.com/api/user_service_accounts/#create-a-service-account-user
 type CreateServiceAccountUserOptions struct {
 	Name     *string `url:"name,omitempty" json:"name,omitempty"`
 	Username *string `url:"username,omitempty" json:"username,omitempty"`
@@ -1639,7 +1659,7 @@ type CreateServiceAccountUserOptions struct {
 // CreateServiceAccountUser creates a new service account user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#create-service-account-user
+// https://docs.gitlab.com/api/user_service_accounts/#create-a-service-account-user
 func (s *UsersService) CreateServiceAccountUser(opts *CreateServiceAccountUserOptions, options ...RequestOptionFunc) (*User, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodPost, "service_accounts", opts, options)
 	if err != nil {
@@ -1658,7 +1678,7 @@ func (s *UsersService) CreateServiceAccountUser(opts *CreateServiceAccountUserOp
 // ListServiceAccounts lists all service accounts.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#create-service-account-user
+// https://docs.gitlab.com/api/user_service_accounts/#list-all-service-account-users
 func (s *UsersService) ListServiceAccounts(opt *ListServiceAccountsOptions, options ...RequestOptionFunc) ([]*ServiceAccount, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "service_accounts", opt, options)
 	if err != nil {
@@ -1677,7 +1697,7 @@ func (s *UsersService) ListServiceAccounts(opt *ListServiceAccountsOptions, opti
 // UploadAvatar uploads an avatar to the current user.
 //
 // GitLab API docs:
-// https://docs.gitlab.com/ee/api/users.html#upload-a-current-user-avatar
+// https://docs.gitlab.com/api/users/#upload-an-avatar-for-yourself
 func (s *UsersService) UploadAvatar(avatar io.Reader, filename string, options ...RequestOptionFunc) (*User, *Response, error) {
 	u := "user/avatar"
 
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/validate.go b/vendor/gitlab.com/gitlab-org/api/client-go/validate.go
index e55704eb23..9b05ad4ab3 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/validate.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/validate.go
@@ -23,8 +23,8 @@ import (
 
 type (
 	ValidateServiceInterface interface {
-		ProjectNamespaceLint(pid interface{}, opt *ProjectNamespaceLintOptions, options ...RequestOptionFunc) (*ProjectLintResult, *Response, error)
-		ProjectLint(pid interface{}, opt *ProjectLintOptions, options ...RequestOptionFunc) (*ProjectLintResult, *Response, error)
+		ProjectNamespaceLint(pid any, opt *ProjectNamespaceLintOptions, options ...RequestOptionFunc) (*ProjectLintResult, *Response, error)
+		ProjectLint(pid any, opt *ProjectLintOptions, options ...RequestOptionFunc) (*ProjectLintResult, *Response, error)
 	}
 
 	// ValidateService handles communication with the validation related methods of
@@ -66,13 +66,13 @@ type ProjectLintResult struct {
 // Reference can be found at the lint API endpoint in the openapi yaml:
 // https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/api/openapi/openapi_v2.yaml
 type Include struct {
-	Type           string                 `json:"type"`
-	Location       string                 `json:"location"`
-	Blob           string                 `json:"blob"`
-	Raw            string                 `json:"raw"`
-	Extra          map[string]interface{} `json:"extra"`
-	ContextProject string                 `json:"context_project"`
-	ContextSHA     string                 `json:"context_sha"`
+	Type           string         `json:"type"`
+	Location       string         `json:"location"`
+	Blob           string         `json:"blob"`
+	Raw            string         `json:"raw"`
+	Extra          map[string]any `json:"extra"`
+	ContextProject string         `json:"context_project"`
+	ContextSHA     string         `json:"context_sha"`
 }
 
 // ProjectNamespaceLintOptions represents the available ProjectNamespaceLint() options.
@@ -90,7 +90,7 @@ type ProjectNamespaceLintOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/lint/#validate-sample-cicd-configuration
-func (s *ValidateService) ProjectNamespaceLint(pid interface{}, opt *ProjectNamespaceLintOptions, options ...RequestOptionFunc) (*ProjectLintResult, *Response, error) {
+func (s *ValidateService) ProjectNamespaceLint(pid any, opt *ProjectNamespaceLintOptions, options ...RequestOptionFunc) (*ProjectLintResult, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -127,7 +127,7 @@ type ProjectLintOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/lint/#validate-a-projects-cicd-configuration
-func (s *ValidateService) ProjectLint(pid interface{}, opt *ProjectLintOptions, options ...RequestOptionFunc) (*ProjectLintResult, *Response, error) {
+func (s *ValidateService) ProjectLint(pid any, opt *ProjectLintOptions, options ...RequestOptionFunc) (*ProjectLintResult, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/version.go b/vendor/gitlab.com/gitlab-org/api/client-go/version.go
index 3b01847515..90bd2552a1 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/version.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/version.go
@@ -26,7 +26,7 @@ type (
 	// VersionService handles communication with the GitLab server instance to
 	// retrieve its version information via the GitLab API.
 	//
-	// GitLab API docs: https://docs.gitlab.com/ee/api/version.html
+	// GitLab API docs: https://docs.gitlab.com/api/version/
 	VersionService struct {
 		client *Client
 	}
@@ -36,7 +36,7 @@ var _ VersionServiceInterface = (*VersionService)(nil)
 
 // Version represents a GitLab instance version.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/version.html
+// GitLab API docs: https://docs.gitlab.com/api/version/
 type Version struct {
 	Version  string `json:"version"`
 	Revision string `json:"revision"`
@@ -49,7 +49,7 @@ func (s Version) String() string {
 // GetVersion gets a GitLab server instance version; it is only available to
 // authenticated users.
 //
-// GitLab API docs: https://docs.gitlab.com/ee/api/version.html
+// GitLab API docs: https://docs.gitlab.com/api/version/
 func (s *VersionService) GetVersion(options ...RequestOptionFunc) (*Version, *Response, error) {
 	req, err := s.client.NewRequest(http.MethodGet, "version", nil, options)
 	if err != nil {
diff --git a/vendor/gitlab.com/gitlab-org/api/client-go/wikis.go b/vendor/gitlab.com/gitlab-org/api/client-go/wikis.go
index b35d4f6cfd..e17b2041ce 100644
--- a/vendor/gitlab.com/gitlab-org/api/client-go/wikis.go
+++ b/vendor/gitlab.com/gitlab-org/api/client-go/wikis.go
@@ -24,12 +24,12 @@ import (
 
 type (
 	WikisServiceInterface interface {
-		ListWikis(pid interface{}, opt *ListWikisOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error)
-		GetWikiPage(pid interface{}, slug string, opt *GetWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error)
-		CreateWikiPage(pid interface{}, opt *CreateWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error)
-		EditWikiPage(pid interface{}, slug string, opt *EditWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error)
-		DeleteWikiPage(pid interface{}, slug string, options ...RequestOptionFunc) (*Response, error)
-		UploadWikiAttachment(pid interface{}, content io.Reader, filename string, opt *UploadWikiAttachmentOptions, options ...RequestOptionFunc) (*WikiAttachment, *Response, error)
+		ListWikis(pid any, opt *ListWikisOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error)
+		GetWikiPage(pid any, slug string, opt *GetWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error)
+		CreateWikiPage(pid any, opt *CreateWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error)
+		EditWikiPage(pid any, slug string, opt *EditWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error)
+		DeleteWikiPage(pid any, slug string, options ...RequestOptionFunc) (*Response, error)
+		UploadWikiAttachment(pid any, content io.Reader, filename string, opt *UploadWikiAttachmentOptions, options ...RequestOptionFunc) (*WikiAttachment, *Response, error)
 	}
 
 	// WikisService handles communication with the wikis related methods of
@@ -97,7 +97,7 @@ type ListWikisOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/wikis/#list-wiki-pages
-func (s *WikisService) ListWikis(pid interface{}, opt *ListWikisOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error) {
+func (s *WikisService) ListWikis(pid any, opt *ListWikisOptions, options ...RequestOptionFunc) ([]*Wiki, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -131,7 +131,7 @@ type GetWikiPageOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/wikis/#get-a-wiki-page
-func (s *WikisService) GetWikiPage(pid interface{}, slug string, opt *GetWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error) {
+func (s *WikisService) GetWikiPage(pid any, slug string, opt *GetWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -167,7 +167,7 @@ type CreateWikiPageOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/wikis/#create-a-new-wiki-page
-func (s *WikisService) CreateWikiPage(pid interface{}, opt *CreateWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error) {
+func (s *WikisService) CreateWikiPage(pid any, opt *CreateWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -203,7 +203,7 @@ type EditWikiPageOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/wikis/#edit-an-existing-wiki-page
-func (s *WikisService) EditWikiPage(pid interface{}, slug string, opt *EditWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error) {
+func (s *WikisService) EditWikiPage(pid any, slug string, opt *EditWikiPageOptions, options ...RequestOptionFunc) (*Wiki, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
@@ -228,7 +228,7 @@ func (s *WikisService) EditWikiPage(pid interface{}, slug string, opt *EditWikiP
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/wikis/#delete-a-wiki-page
-func (s *WikisService) DeleteWikiPage(pid interface{}, slug string, options ...RequestOptionFunc) (*Response, error) {
+func (s *WikisService) DeleteWikiPage(pid any, slug string, options ...RequestOptionFunc) (*Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, err
@@ -255,7 +255,7 @@ type UploadWikiAttachmentOptions struct {
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/wikis/#upload-an-attachment-to-the-wiki-repository
-func (s *WikisService) UploadWikiAttachment(pid interface{}, content io.Reader, filename string, opt *UploadWikiAttachmentOptions, options ...RequestOptionFunc) (*WikiAttachment, *Response, error) {
+func (s *WikisService) UploadWikiAttachment(pid any, content io.Reader, filename string, opt *UploadWikiAttachmentOptions, options ...RequestOptionFunc) (*WikiAttachment, *Response, error) {
 	project, err := parseID(pid)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/config.go b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/config.go
index 9e87fb4bb1..296407f38e 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/config.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/config.go
@@ -9,18 +9,12 @@ import (
 	"go.opentelemetry.io/otel"
 	"go.opentelemetry.io/otel/attribute"
 	"go.opentelemetry.io/otel/metric"
-	"go.opentelemetry.io/otel/metric/noop"
 	"go.opentelemetry.io/otel/propagation"
-	semconv "go.opentelemetry.io/otel/semconv/v1.17.0"
 	"go.opentelemetry.io/otel/trace"
 )
 
-const (
-	// ScopeName is the instrumentation scope name.
-	ScopeName = "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc"
-	// GRPCStatusCodeKey is convention for numeric status code of a gRPC request.
-	GRPCStatusCodeKey = attribute.Key("rpc.grpc.status_code")
-)
+// ScopeName is the instrumentation scope name.
+const ScopeName = "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc"
 
 // InterceptorFilter is a predicate used to determine whether a given request in
 // interceptor info should be instrumented. A InterceptorFilter must return true if
@@ -47,15 +41,6 @@ type config struct {
 
 	ReceivedEvent bool
 	SentEvent     bool
-
-	tracer trace.Tracer
-	meter  metric.Meter
-
-	rpcDuration    metric.Float64Histogram
-	rpcInBytes     metric.Int64Histogram
-	rpcOutBytes    metric.Int64Histogram
-	rpcInMessages  metric.Int64Histogram
-	rpcOutMessages metric.Int64Histogram
 }
 
 // Option applies an option value for a config.
@@ -64,7 +49,7 @@ type Option interface {
 }
 
 // newConfig returns a config configured with all the passed Options.
-func newConfig(opts []Option, role string) *config {
+func newConfig(opts []Option) *config {
 	c := &config{
 		Propagators:    otel.GetTextMapPropagator(),
 		TracerProvider: otel.GetTracerProvider(),
@@ -73,87 +58,6 @@ func newConfig(opts []Option, role string) *config {
 	for _, o := range opts {
 		o.apply(c)
 	}
-
-	c.tracer = c.TracerProvider.Tracer(
-		ScopeName,
-		trace.WithInstrumentationVersion(SemVersion()),
-	)
-
-	c.meter = c.MeterProvider.Meter(
-		ScopeName,
-		metric.WithInstrumentationVersion(Version()),
-		metric.WithSchemaURL(semconv.SchemaURL),
-	)
-
-	var err error
-	c.rpcDuration, err = c.meter.Float64Histogram("rpc."+role+".duration",
-		metric.WithDescription("Measures the duration of inbound RPC."),
-		metric.WithUnit("ms"))
-	if err != nil {
-		otel.Handle(err)
-		if c.rpcDuration == nil {
-			c.rpcDuration = noop.Float64Histogram{}
-		}
-	}
-
-	rpcRequestSize, err := c.meter.Int64Histogram("rpc."+role+".request.size",
-		metric.WithDescription("Measures size of RPC request messages (uncompressed)."),
-		metric.WithUnit("By"))
-	if err != nil {
-		otel.Handle(err)
-		if rpcRequestSize == nil {
-			rpcRequestSize = noop.Int64Histogram{}
-		}
-	}
-
-	rpcResponseSize, err := c.meter.Int64Histogram("rpc."+role+".response.size",
-		metric.WithDescription("Measures size of RPC response messages (uncompressed)."),
-		metric.WithUnit("By"))
-	if err != nil {
-		otel.Handle(err)
-		if rpcResponseSize == nil {
-			rpcResponseSize = noop.Int64Histogram{}
-		}
-	}
-
-	rpcRequestsPerRPC, err := c.meter.Int64Histogram("rpc."+role+".requests_per_rpc",
-		metric.WithDescription("Measures the number of messages received per RPC. Should be 1 for all non-streaming RPCs."),
-		metric.WithUnit("{count}"))
-	if err != nil {
-		otel.Handle(err)
-		if rpcRequestsPerRPC == nil {
-			rpcRequestsPerRPC = noop.Int64Histogram{}
-		}
-	}
-
-	rpcResponsesPerRPC, err := c.meter.Int64Histogram("rpc."+role+".responses_per_rpc",
-		metric.WithDescription("Measures the number of messages received per RPC. Should be 1 for all non-streaming RPCs."),
-		metric.WithUnit("{count}"))
-	if err != nil {
-		otel.Handle(err)
-		if rpcResponsesPerRPC == nil {
-			rpcResponsesPerRPC = noop.Int64Histogram{}
-		}
-	}
-
-	switch role {
-	case "client":
-		c.rpcInBytes = rpcResponseSize
-		c.rpcInMessages = rpcResponsesPerRPC
-		c.rpcOutBytes = rpcRequestSize
-		c.rpcOutMessages = rpcRequestsPerRPC
-	case "server":
-		c.rpcInBytes = rpcRequestSize
-		c.rpcInMessages = rpcRequestsPerRPC
-		c.rpcOutBytes = rpcResponseSize
-		c.rpcOutMessages = rpcResponsesPerRPC
-	default:
-		c.rpcInBytes = noop.Int64Histogram{}
-		c.rpcInMessages = noop.Int64Histogram{}
-		c.rpcOutBytes = noop.Int64Histogram{}
-		c.rpcOutMessages = noop.Int64Histogram{}
-	}
-
 	return c
 }
 
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go
index 7d5ed05808..f63513d456 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go
@@ -11,7 +11,6 @@ import (
 	"io"
 	"net"
 	"strconv"
-	"time"
 
 	"google.golang.org/grpc"
 	grpc_codes "google.golang.org/grpc/codes"
@@ -23,8 +22,7 @@ import (
 	"go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/internal"
 	"go.opentelemetry.io/otel/attribute"
 	"go.opentelemetry.io/otel/codes"
-	"go.opentelemetry.io/otel/metric"
-	semconv "go.opentelemetry.io/otel/semconv/v1.17.0"
+	semconv "go.opentelemetry.io/otel/semconv/v1.30.0"
 	"go.opentelemetry.io/otel/trace"
 )
 
@@ -39,82 +37,15 @@ func (m messageType) Event(ctx context.Context, id int, _ interface{}) {
 	}
 	span.AddEvent("message", trace.WithAttributes(
 		attribute.KeyValue(m),
-		RPCMessageIDKey.Int(id),
+		semconv.RPCMessageIDKey.Int(id),
 	))
 }
 
 var (
-	messageSent     = messageType(RPCMessageTypeSent)
-	messageReceived = messageType(RPCMessageTypeReceived)
+	messageSent     = messageType(semconv.RPCMessageTypeSent)
+	messageReceived = messageType(semconv.RPCMessageTypeReceived)
 )
 
-// UnaryClientInterceptor returns a grpc.UnaryClientInterceptor suitable
-// for use in a grpc.NewClient call.
-//
-// Deprecated: Use [NewClientHandler] instead.
-func UnaryClientInterceptor(opts ...Option) grpc.UnaryClientInterceptor {
-	cfg := newConfig(opts, "client")
-	tracer := cfg.TracerProvider.Tracer(
-		ScopeName,
-		trace.WithInstrumentationVersion(Version()),
-	)
-
-	return func(
-		ctx context.Context,
-		method string,
-		req, reply interface{},
-		cc *grpc.ClientConn,
-		invoker grpc.UnaryInvoker,
-		callOpts ...grpc.CallOption,
-	) error {
-		i := &InterceptorInfo{
-			Method: method,
-			Type:   UnaryClient,
-		}
-		if cfg.InterceptorFilter != nil && !cfg.InterceptorFilter(i) {
-			return invoker(ctx, method, req, reply, cc, callOpts...)
-		}
-
-		name, attr, _ := telemetryAttributes(method, cc.Target())
-
-		startOpts := append([]trace.SpanStartOption{
-			trace.WithSpanKind(trace.SpanKindClient),
-			trace.WithAttributes(attr...),
-		},
-			cfg.SpanStartOptions...,
-		)
-
-		ctx, span := tracer.Start(
-			ctx,
-			name,
-			startOpts...,
-		)
-		defer span.End()
-
-		ctx = inject(ctx, cfg.Propagators)
-
-		if cfg.SentEvent {
-			messageSent.Event(ctx, 1, req)
-		}
-
-		err := invoker(ctx, method, req, reply, cc, callOpts...)
-
-		if cfg.ReceivedEvent {
-			messageReceived.Event(ctx, 1, reply)
-		}
-
-		if err != nil {
-			s, _ := status.FromError(err)
-			span.SetStatus(codes.Error, s.Message())
-			span.SetAttributes(statusCodeAttr(s.Code()))
-		} else {
-			span.SetAttributes(statusCodeAttr(grpc_codes.OK))
-		}
-
-		return err
-	}
-}
-
 // clientStream  wraps around the embedded grpc.ClientStream, and intercepts the RecvMsg and
 // SendMsg method call.
 type clientStream struct {
@@ -213,7 +144,7 @@ func (w *clientStream) endSpan(err error) {
 //
 // Deprecated: Use [NewClientHandler] instead.
 func StreamClientInterceptor(opts ...Option) grpc.StreamClientInterceptor {
-	cfg := newConfig(opts, "client")
+	cfg := newConfig(opts)
 	tracer := cfg.TracerProvider.Tracer(
 		ScopeName,
 		trace.WithInstrumentationVersion(Version()),
@@ -235,7 +166,7 @@ func StreamClientInterceptor(opts ...Option) grpc.StreamClientInterceptor {
 			return streamer(ctx, desc, cc, method, callOpts...)
 		}
 
-		name, attr, _ := telemetryAttributes(method, cc.Target())
+		name, attr := telemetryAttributes(method, cc.Target())
 
 		startOpts := append([]trace.SpanStartOption{
 			trace.WithSpanKind(trace.SpanKindClient),
@@ -265,81 +196,6 @@ func StreamClientInterceptor(opts ...Option) grpc.StreamClientInterceptor {
 	}
 }
 
-// UnaryServerInterceptor returns a grpc.UnaryServerInterceptor suitable
-// for use in a grpc.NewServer call.
-//
-// Deprecated: Use [NewServerHandler] instead.
-func UnaryServerInterceptor(opts ...Option) grpc.UnaryServerInterceptor {
-	cfg := newConfig(opts, "server")
-	tracer := cfg.TracerProvider.Tracer(
-		ScopeName,
-		trace.WithInstrumentationVersion(Version()),
-	)
-
-	return func(
-		ctx context.Context,
-		req interface{},
-		info *grpc.UnaryServerInfo,
-		handler grpc.UnaryHandler,
-	) (interface{}, error) {
-		i := &InterceptorInfo{
-			UnaryServerInfo: info,
-			Type:            UnaryServer,
-		}
-		if cfg.InterceptorFilter != nil && !cfg.InterceptorFilter(i) {
-			return handler(ctx, req)
-		}
-
-		ctx = extract(ctx, cfg.Propagators)
-		name, attr, metricAttrs := telemetryAttributes(info.FullMethod, peerFromCtx(ctx))
-
-		startOpts := append([]trace.SpanStartOption{
-			trace.WithSpanKind(trace.SpanKindServer),
-			trace.WithAttributes(attr...),
-		},
-			cfg.SpanStartOptions...,
-		)
-
-		ctx, span := tracer.Start(
-			trace.ContextWithRemoteSpanContext(ctx, trace.SpanContextFromContext(ctx)),
-			name,
-			startOpts...,
-		)
-		defer span.End()
-
-		if cfg.ReceivedEvent {
-			messageReceived.Event(ctx, 1, req)
-		}
-
-		before := time.Now()
-
-		resp, err := handler(ctx, req)
-
-		s, _ := status.FromError(err)
-		if err != nil {
-			statusCode, msg := serverStatus(s)
-			span.SetStatus(statusCode, msg)
-			if cfg.SentEvent {
-				messageSent.Event(ctx, 1, s.Proto())
-			}
-		} else {
-			if cfg.SentEvent {
-				messageSent.Event(ctx, 1, resp)
-			}
-		}
-		grpcStatusCodeAttr := statusCodeAttr(s.Code())
-		span.SetAttributes(grpcStatusCodeAttr)
-
-		// Use floating point division here for higher precision (instead of Millisecond method).
-		elapsedTime := float64(time.Since(before)) / float64(time.Millisecond)
-
-		metricAttrs = append(metricAttrs, grpcStatusCodeAttr)
-		cfg.rpcDuration.Record(ctx, elapsedTime, metric.WithAttributeSet(attribute.NewSet(metricAttrs...)))
-
-		return resp, err
-	}
-}
-
 // serverStream wraps around the embedded grpc.ServerStream, and intercepts the RecvMsg and
 // SendMsg method call.
 type serverStream struct {
@@ -395,7 +251,7 @@ func wrapServerStream(ctx context.Context, ss grpc.ServerStream, cfg *config) *s
 //
 // Deprecated: Use [NewServerHandler] instead.
 func StreamServerInterceptor(opts ...Option) grpc.StreamServerInterceptor {
-	cfg := newConfig(opts, "server")
+	cfg := newConfig(opts)
 	tracer := cfg.TracerProvider.Tracer(
 		ScopeName,
 		trace.WithInstrumentationVersion(Version()),
@@ -417,7 +273,7 @@ func StreamServerInterceptor(opts ...Option) grpc.StreamServerInterceptor {
 		}
 
 		ctx = extract(ctx, cfg.Propagators)
-		name, attr, _ := telemetryAttributes(info.FullMethod, peerFromCtx(ctx))
+		name, attr := telemetryAttributes(info.FullMethod, peerFromCtx(ctx))
 
 		startOpts := append([]trace.SpanStartOption{
 			trace.WithSpanKind(trace.SpanKindServer),
@@ -449,47 +305,32 @@ func StreamServerInterceptor(opts ...Option) grpc.StreamServerInterceptor {
 
 // telemetryAttributes returns a span name and span and metric attributes from
 // the gRPC method and peer address.
-func telemetryAttributes(fullMethod, peerAddress string) (string, []attribute.KeyValue, []attribute.KeyValue) {
+func telemetryAttributes(fullMethod, sererAddr string) (string, []attribute.KeyValue) {
 	name, methodAttrs := internal.ParseFullMethod(fullMethod)
-	peerAttrs := peerAttr(peerAddress)
+	srvAttrs := serverAddrAttrs(sererAddr)
 
-	attrs := make([]attribute.KeyValue, 0, 1+len(methodAttrs)+len(peerAttrs))
-	attrs = append(attrs, RPCSystemGRPC)
+	attrs := make([]attribute.KeyValue, 0, 1+len(methodAttrs)+len(srvAttrs))
+	attrs = append(attrs, semconv.RPCSystemGRPC)
 	attrs = append(attrs, methodAttrs...)
-	metricAttrs := attrs[:1+len(methodAttrs)]
-	attrs = append(attrs, peerAttrs...)
-	return name, attrs, metricAttrs
+	attrs = append(attrs, srvAttrs...)
+	return name, attrs
 }
 
-// peerAttr returns attributes about the peer address.
-func peerAttr(addr string) []attribute.KeyValue {
-	host, p, err := net.SplitHostPort(addr)
+// serverAddrAttrs returns the server address attributes for the hostport.
+func serverAddrAttrs(hostport string) []attribute.KeyValue {
+	h, pStr, err := net.SplitHostPort(hostport)
 	if err != nil {
-		return nil
+		// The server.address attribute is required.
+		return []attribute.KeyValue{semconv.ServerAddress(hostport)}
 	}
-
-	if host == "" {
-		host = "127.0.0.1"
-	}
-	port, err := strconv.Atoi(p)
+	p, err := strconv.Atoi(pStr)
 	if err != nil {
-		return nil
+		return []attribute.KeyValue{semconv.ServerAddress(h)}
 	}
-
-	var attr []attribute.KeyValue
-	if ip := net.ParseIP(host); ip != nil {
-		attr = []attribute.KeyValue{
-			semconv.NetSockPeerAddr(host),
-			semconv.NetSockPeerPort(port),
-		}
-	} else {
-		attr = []attribute.KeyValue{
-			semconv.NetPeerName(host),
-			semconv.NetPeerPort(port),
-		}
+	return []attribute.KeyValue{
+		semconv.ServerAddress(h),
+		semconv.ServerPort(p),
 	}
-
-	return attr
 }
 
 // peerFromCtx returns a peer address from a context, if one exists.
@@ -503,7 +344,7 @@ func peerFromCtx(ctx context.Context) string {
 
 // statusCodeAttr returns status code attribute based on given gRPC code.
 func statusCodeAttr(c grpc_codes.Code) attribute.KeyValue {
-	return GRPCStatusCodeKey.Int64(int64(c))
+	return semconv.RPCGRPCStatusCodeKey.Int64(int64(c))
 }
 
 // serverStatus returns a span status code and message for a given gRPC
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/internal/parse.go b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/internal/parse.go
index bef07b7a3c..1fa73c2f94 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/internal/parse.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/internal/parse.go
@@ -1,13 +1,14 @@
 // Copyright The OpenTelemetry Authors
 // SPDX-License-Identifier: Apache-2.0
 
+// Package internal provides internal functionality for the otelgrpc package.
 package internal // import "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/internal"
 
 import (
 	"strings"
 
 	"go.opentelemetry.io/otel/attribute"
-	semconv "go.opentelemetry.io/otel/semconv/v1.17.0"
+	semconv "go.opentelemetry.io/otel/semconv/v1.30.0"
 )
 
 // ParseFullMethod returns a span name following the OpenTelemetry semantic
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/metadata_supplier.go b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/metadata_supplier.go
index 3aa37915df..6e67f0216b 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/metadata_supplier.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/metadata_supplier.go
@@ -45,7 +45,7 @@ func (s *metadataSupplier) Keys() []string {
 // requests.
 // Deprecated: Unnecessary public func.
 func Inject(ctx context.Context, md *metadata.MD, opts ...Option) {
-	c := newConfig(opts, "")
+	c := newConfig(opts)
 	c.Propagators.Inject(ctx, &metadataSupplier{
 		metadata: md,
 	})
@@ -67,7 +67,7 @@ func inject(ctx context.Context, propagators propagation.TextMapPropagator) cont
 // This function is meant to be used on incoming requests.
 // Deprecated: Unnecessary public func.
 func Extract(ctx context.Context, md *metadata.MD, opts ...Option) (baggage.Baggage, trace.SpanContext) {
-	c := newConfig(opts, "")
+	c := newConfig(opts)
 	ctx = c.Propagators.Extract(ctx, &metadataSupplier{
 		metadata: md,
 	})
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/semconv.go b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/semconv.go
deleted file mode 100644
index 409c621b74..0000000000
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/semconv.go
+++ /dev/null
@@ -1,41 +0,0 @@
-// Copyright The OpenTelemetry Authors
-// SPDX-License-Identifier: Apache-2.0
-
-package otelgrpc // import "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc"
-
-import (
-	"go.opentelemetry.io/otel/attribute"
-	semconv "go.opentelemetry.io/otel/semconv/v1.17.0"
-)
-
-// Semantic conventions for attribute keys for gRPC.
-const (
-	// Name of message transmitted or received.
-	RPCNameKey = attribute.Key("name")
-
-	// Type of message transmitted or received.
-	RPCMessageTypeKey = attribute.Key("message.type")
-
-	// Identifier of message transmitted or received.
-	RPCMessageIDKey = attribute.Key("message.id")
-
-	// The compressed size of the message transmitted or received in bytes.
-	RPCMessageCompressedSizeKey = attribute.Key("message.compressed_size")
-
-	// The uncompressed size of the message transmitted or received in
-	// bytes.
-	RPCMessageUncompressedSizeKey = attribute.Key("message.uncompressed_size")
-)
-
-// Semantic conventions for common RPC attributes.
-var (
-	// Semantic convention for gRPC as the remoting system.
-	RPCSystemGRPC = semconv.RPCSystemGRPC
-
-	// Semantic convention for a message named message.
-	RPCNameMessage = RPCNameKey.String("message")
-
-	// Semantic conventions for RPC message types.
-	RPCMessageTypeSent     = RPCMessageTypeKey.String("SENT")
-	RPCMessageTypeReceived = RPCMessageTypeKey.String("RECEIVED")
-)
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/stats_handler.go b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/stats_handler.go
index 216127d6fb..9bec51df33 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/stats_handler.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/stats_handler.go
@@ -13,10 +13,12 @@ import (
 	"google.golang.org/grpc/stats"
 	"google.golang.org/grpc/status"
 
+	"go.opentelemetry.io/otel"
 	"go.opentelemetry.io/otel/attribute"
 	"go.opentelemetry.io/otel/codes"
 	"go.opentelemetry.io/otel/metric"
-	semconv "go.opentelemetry.io/otel/semconv/v1.17.0"
+	"go.opentelemetry.io/otel/metric/noop"
+	semconv "go.opentelemetry.io/otel/semconv/v1.30.0"
 	"go.opentelemetry.io/otel/trace"
 
 	"go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/internal"
@@ -33,12 +35,91 @@ type gRPCContext struct {
 
 type serverHandler struct {
 	*config
+
+	tracer trace.Tracer
+
+	duration metric.Float64Histogram
+	inSize   metric.Int64Histogram
+	outSize  metric.Int64Histogram
+	inMsg    metric.Int64Histogram
+	outMsg   metric.Int64Histogram
 }
 
 // NewServerHandler creates a stats.Handler for a gRPC server.
 func NewServerHandler(opts ...Option) stats.Handler {
-	h := &serverHandler{
-		config: newConfig(opts, "server"),
+	c := newConfig(opts)
+	h := &serverHandler{config: c}
+
+	h.tracer = c.TracerProvider.Tracer(
+		ScopeName,
+		trace.WithInstrumentationVersion(Version()),
+	)
+
+	meter := c.MeterProvider.Meter(
+		ScopeName,
+		metric.WithInstrumentationVersion(Version()),
+		metric.WithSchemaURL(semconv.SchemaURL),
+	)
+
+	var err error
+	h.duration, err = meter.Float64Histogram(
+		semconv.RPCServerDurationName,
+		metric.WithDescription(semconv.RPCServerDurationDescription),
+		metric.WithUnit(semconv.RPCServerDurationUnit),
+	)
+	if err != nil {
+		otel.Handle(err)
+		if h.duration == nil {
+			h.duration = noop.Float64Histogram{}
+		}
+	}
+
+	h.inSize, err = meter.Int64Histogram(
+		semconv.RPCServerRequestSizeName,
+		metric.WithDescription(semconv.RPCServerRequestSizeDescription),
+		metric.WithUnit(semconv.RPCServerRequestSizeUnit),
+	)
+	if err != nil {
+		otel.Handle(err)
+		if h.inSize == nil {
+			h.inSize = noop.Int64Histogram{}
+		}
+	}
+
+	h.outSize, err = meter.Int64Histogram(
+		semconv.RPCServerResponseSizeName,
+		metric.WithDescription(semconv.RPCServerResponseSizeDescription),
+		metric.WithUnit(semconv.RPCServerResponseSizeUnit),
+	)
+	if err != nil {
+		otel.Handle(err)
+		if h.outSize == nil {
+			h.outSize = noop.Int64Histogram{}
+		}
+	}
+
+	h.inMsg, err = meter.Int64Histogram(
+		semconv.RPCServerRequestsPerRPCName,
+		metric.WithDescription(semconv.RPCServerRequestsPerRPCDescription),
+		metric.WithUnit(semconv.RPCServerRequestsPerRPCUnit),
+	)
+	if err != nil {
+		otel.Handle(err)
+		if h.inMsg == nil {
+			h.inMsg = noop.Int64Histogram{}
+		}
+	}
+
+	h.outMsg, err = meter.Int64Histogram(
+		semconv.RPCServerResponsesPerRPCName,
+		metric.WithDescription(semconv.RPCServerResponsesPerRPCDescription),
+		metric.WithUnit(semconv.RPCServerResponsesPerRPCUnit),
+	)
+	if err != nil {
+		otel.Handle(err)
+		if h.outMsg == nil {
+			h.outMsg = noop.Int64Histogram{}
+		}
 	}
 
 	return h
@@ -55,14 +136,14 @@ func (h *serverHandler) HandleConn(ctx context.Context, info stats.ConnStats) {
 
 // TagRPC can attach some information to the given context.
 func (h *serverHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo) context.Context {
-	ctx = extract(ctx, h.config.Propagators)
+	ctx = extract(ctx, h.Propagators)
 
 	name, attrs := internal.ParseFullMethod(info.FullMethodName)
-	attrs = append(attrs, RPCSystemGRPC)
+	attrs = append(attrs, semconv.RPCSystemGRPC)
 
 	record := true
-	if h.config.Filter != nil {
-		record = h.config.Filter(info)
+	if h.Filter != nil {
+		record = h.Filter(info)
 	}
 
 	if record {
@@ -70,12 +151,12 @@ func (h *serverHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo) cont
 			trace.ContextWithRemoteSpanContext(ctx, trace.SpanContextFromContext(ctx)),
 			name,
 			trace.WithSpanKind(trace.SpanKindServer),
-			trace.WithAttributes(append(attrs, h.config.SpanAttributes...)...),
+			trace.WithAttributes(append(attrs, h.SpanAttributes...)...),
 		)
 	}
 
 	gctx := gRPCContext{
-		metricAttrs: append(attrs, h.config.MetricAttributes...),
+		metricAttrs: append(attrs, h.MetricAttributes...),
 		record:      record,
 	}
 
@@ -84,18 +165,96 @@ func (h *serverHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo) cont
 
 // HandleRPC processes the RPC stats.
 func (h *serverHandler) HandleRPC(ctx context.Context, rs stats.RPCStats) {
-	isServer := true
-	h.handleRPC(ctx, rs, isServer)
+	h.handleRPC(ctx, rs, h.duration, h.inSize, h.outSize, h.inMsg, h.outMsg, serverStatus)
 }
 
 type clientHandler struct {
 	*config
+
+	tracer trace.Tracer
+
+	duration metric.Float64Histogram
+	inSize   metric.Int64Histogram
+	outSize  metric.Int64Histogram
+	inMsg    metric.Int64Histogram
+	outMsg   metric.Int64Histogram
 }
 
 // NewClientHandler creates a stats.Handler for a gRPC client.
 func NewClientHandler(opts ...Option) stats.Handler {
-	h := &clientHandler{
-		config: newConfig(opts, "client"),
+	c := newConfig(opts)
+	h := &clientHandler{config: c}
+
+	h.tracer = c.TracerProvider.Tracer(
+		ScopeName,
+		trace.WithInstrumentationVersion(Version()),
+	)
+
+	meter := c.MeterProvider.Meter(
+		ScopeName,
+		metric.WithInstrumentationVersion(Version()),
+		metric.WithSchemaURL(semconv.SchemaURL),
+	)
+
+	var err error
+	h.duration, err = meter.Float64Histogram(
+		semconv.RPCClientDurationName,
+		metric.WithDescription(semconv.RPCClientDurationDescription),
+		metric.WithUnit(semconv.RPCClientDurationUnit),
+	)
+	if err != nil {
+		otel.Handle(err)
+		if h.duration == nil {
+			h.duration = noop.Float64Histogram{}
+		}
+	}
+
+	h.outSize, err = meter.Int64Histogram(
+		semconv.RPCClientRequestSizeName,
+		metric.WithDescription(semconv.RPCClientRequestSizeDescription),
+		metric.WithUnit(semconv.RPCClientRequestSizeUnit),
+	)
+	if err != nil {
+		otel.Handle(err)
+		if h.outSize == nil {
+			h.outSize = noop.Int64Histogram{}
+		}
+	}
+
+	h.inSize, err = meter.Int64Histogram(
+		semconv.RPCClientResponseSizeName,
+		metric.WithDescription(semconv.RPCClientResponseSizeDescription),
+		metric.WithUnit(semconv.RPCClientResponseSizeUnit),
+	)
+	if err != nil {
+		otel.Handle(err)
+		if h.inSize == nil {
+			h.inSize = noop.Int64Histogram{}
+		}
+	}
+
+	h.outMsg, err = meter.Int64Histogram(
+		semconv.RPCClientRequestsPerRPCName,
+		metric.WithDescription(semconv.RPCClientRequestsPerRPCDescription),
+		metric.WithUnit(semconv.RPCClientRequestsPerRPCUnit),
+	)
+	if err != nil {
+		otel.Handle(err)
+		if h.outMsg == nil {
+			h.outMsg = noop.Int64Histogram{}
+		}
+	}
+
+	h.inMsg, err = meter.Int64Histogram(
+		semconv.RPCClientResponsesPerRPCName,
+		metric.WithDescription(semconv.RPCClientResponsesPerRPCDescription),
+		metric.WithUnit(semconv.RPCClientResponsesPerRPCUnit),
+	)
+	if err != nil {
+		otel.Handle(err)
+		if h.inMsg == nil {
+			h.inMsg = noop.Int64Histogram{}
+		}
 	}
 
 	return h
@@ -104,11 +263,11 @@ func NewClientHandler(opts ...Option) stats.Handler {
 // TagRPC can attach some information to the given context.
 func (h *clientHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo) context.Context {
 	name, attrs := internal.ParseFullMethod(info.FullMethodName)
-	attrs = append(attrs, RPCSystemGRPC)
+	attrs = append(attrs, semconv.RPCSystemGRPC)
 
 	record := true
-	if h.config.Filter != nil {
-		record = h.config.Filter(info)
+	if h.Filter != nil {
+		record = h.Filter(info)
 	}
 
 	if record {
@@ -116,22 +275,26 @@ func (h *clientHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo) cont
 			ctx,
 			name,
 			trace.WithSpanKind(trace.SpanKindClient),
-			trace.WithAttributes(append(attrs, h.config.SpanAttributes...)...),
+			trace.WithAttributes(append(attrs, h.SpanAttributes...)...),
 		)
 	}
 
 	gctx := gRPCContext{
-		metricAttrs: append(attrs, h.config.MetricAttributes...),
+		metricAttrs: append(attrs, h.MetricAttributes...),
 		record:      record,
 	}
 
-	return inject(context.WithValue(ctx, gRPCContextKey{}, &gctx), h.config.Propagators)
+	return inject(context.WithValue(ctx, gRPCContextKey{}, &gctx), h.Propagators)
 }
 
 // HandleRPC processes the RPC stats.
 func (h *clientHandler) HandleRPC(ctx context.Context, rs stats.RPCStats) {
-	isServer := false
-	h.handleRPC(ctx, rs, isServer)
+	h.handleRPC(
+		ctx, rs, h.duration, h.inSize, h.outSize, h.inMsg, h.outMsg,
+		func(s *status.Status) (codes.Code, string) {
+			return codes.Error, s.Message()
+		},
+	)
 }
 
 // TagConn can attach some information to the given context.
@@ -144,77 +307,86 @@ func (h *clientHandler) HandleConn(context.Context, stats.ConnStats) {
 	// no-op
 }
 
-func (c *config) handleRPC(ctx context.Context, rs stats.RPCStats, isServer bool) { // nolint: revive  // isServer is not a control flag.
-	span := trace.SpanFromContext(ctx)
-	var metricAttrs []attribute.KeyValue
-	var messageId int64
-
+func (c *config) handleRPC(
+	ctx context.Context,
+	rs stats.RPCStats,
+	duration metric.Float64Histogram,
+	inSize, outSize, inMsg, outMsg metric.Int64Histogram,
+	recordStatus func(*status.Status) (codes.Code, string),
+) {
 	gctx, _ := ctx.Value(gRPCContextKey{}).(*gRPCContext)
-	if gctx != nil {
-		if !gctx.record {
-			return
-		}
-		metricAttrs = make([]attribute.KeyValue, 0, len(gctx.metricAttrs)+1)
-		metricAttrs = append(metricAttrs, gctx.metricAttrs...)
+	if gctx != nil && !gctx.record {
+		return
 	}
 
+	span := trace.SpanFromContext(ctx)
+	var messageId int64
+
 	switch rs := rs.(type) {
 	case *stats.Begin:
 	case *stats.InPayload:
 		if gctx != nil {
 			messageId = atomic.AddInt64(&gctx.inMessages, 1)
-			c.rpcInBytes.Record(ctx, int64(rs.Length), metric.WithAttributeSet(attribute.NewSet(metricAttrs...)))
+			inSize.Record(ctx, int64(rs.Length), metric.WithAttributes(gctx.metricAttrs...))
 		}
 
-		if c.ReceivedEvent {
+		if c.ReceivedEvent && span.IsRecording() {
 			span.AddEvent("message",
 				trace.WithAttributes(
-					semconv.MessageTypeReceived,
-					semconv.MessageIDKey.Int64(messageId),
-					semconv.MessageCompressedSizeKey.Int(rs.CompressedLength),
-					semconv.MessageUncompressedSizeKey.Int(rs.Length),
+					semconv.RPCMessageTypeReceived,
+					semconv.RPCMessageIDKey.Int64(messageId),
+					semconv.RPCMessageCompressedSizeKey.Int(rs.CompressedLength),
+					semconv.RPCMessageUncompressedSizeKey.Int(rs.Length),
 				),
 			)
 		}
 	case *stats.OutPayload:
 		if gctx != nil {
 			messageId = atomic.AddInt64(&gctx.outMessages, 1)
-			c.rpcOutBytes.Record(ctx, int64(rs.Length), metric.WithAttributeSet(attribute.NewSet(metricAttrs...)))
+			outSize.Record(ctx, int64(rs.Length), metric.WithAttributes(gctx.metricAttrs...))
 		}
 
-		if c.SentEvent {
+		if c.SentEvent && span.IsRecording() {
 			span.AddEvent("message",
 				trace.WithAttributes(
-					semconv.MessageTypeSent,
-					semconv.MessageIDKey.Int64(messageId),
-					semconv.MessageCompressedSizeKey.Int(rs.CompressedLength),
-					semconv.MessageUncompressedSizeKey.Int(rs.Length),
+					semconv.RPCMessageTypeSent,
+					semconv.RPCMessageIDKey.Int64(messageId),
+					semconv.RPCMessageCompressedSizeKey.Int(rs.CompressedLength),
+					semconv.RPCMessageUncompressedSizeKey.Int(rs.Length),
 				),
 			)
 		}
 	case *stats.OutTrailer:
 	case *stats.OutHeader:
-		if p, ok := peer.FromContext(ctx); ok {
-			span.SetAttributes(peerAttr(p.Addr.String())...)
+		if span.IsRecording() {
+			if p, ok := peer.FromContext(ctx); ok {
+				span.SetAttributes(serverAddrAttrs(p.Addr.String())...)
+			}
 		}
 	case *stats.End:
 		var rpcStatusAttr attribute.KeyValue
 
+		var s *status.Status
 		if rs.Error != nil {
-			s, _ := status.FromError(rs.Error)
-			if isServer {
-				statusCode, msg := serverStatus(s)
-				span.SetStatus(statusCode, msg)
-			} else {
-				span.SetStatus(codes.Error, s.Message())
-			}
+			s, _ = status.FromError(rs.Error)
 			rpcStatusAttr = semconv.RPCGRPCStatusCodeKey.Int(int(s.Code()))
 		} else {
 			rpcStatusAttr = semconv.RPCGRPCStatusCodeKey.Int(int(grpc_codes.OK))
 		}
-		span.SetAttributes(rpcStatusAttr)
-		span.End()
+		if span.IsRecording() {
+			if s != nil {
+				c, m := recordStatus(s)
+				span.SetStatus(c, m)
+			}
+			span.SetAttributes(rpcStatusAttr)
+			span.End()
+		}
 
+		var metricAttrs []attribute.KeyValue
+		if gctx != nil {
+			metricAttrs = make([]attribute.KeyValue, 0, len(gctx.metricAttrs)+1)
+			metricAttrs = append(metricAttrs, gctx.metricAttrs...)
+		}
 		metricAttrs = append(metricAttrs, rpcStatusAttr)
 		// Allocate vararg slice once.
 		recordOpts := []metric.RecordOption{metric.WithAttributeSet(attribute.NewSet(metricAttrs...))}
@@ -223,10 +395,10 @@ func (c *config) handleRPC(ctx context.Context, rs stats.RPCStats, isServer bool
 		// Measure right before calling Record() to capture as much elapsed time as possible.
 		elapsedTime := float64(rs.EndTime.Sub(rs.BeginTime)) / float64(time.Millisecond)
 
-		c.rpcDuration.Record(ctx, elapsedTime, recordOpts...)
+		duration.Record(ctx, elapsedTime, recordOpts...)
 		if gctx != nil {
-			c.rpcInMessages.Record(ctx, atomic.LoadInt64(&gctx.inMessages), recordOpts...)
-			c.rpcOutMessages.Record(ctx, atomic.LoadInt64(&gctx.outMessages), recordOpts...)
+			inMsg.Record(ctx, atomic.LoadInt64(&gctx.inMessages), recordOpts...)
+			outMsg.Record(ctx, atomic.LoadInt64(&gctx.outMessages), recordOpts...)
 		}
 	default:
 		return
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/version.go b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/version.go
index 442e8a838b..b1feeca494 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/version.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/version.go
@@ -5,13 +5,6 @@ package otelgrpc // import "go.opentelemetry.io/contrib/instrumentation/google.g
 
 // Version is the current release version of the gRPC instrumentation.
 func Version() string {
-	return "0.60.0"
+	return "0.61.0"
 	// This string is updated by the pre_release.sh script during release
 }
-
-// SemVersion is the semantic version to be supplied to tracer/meter creation.
-//
-// Deprecated: Use [Version] instead.
-func SemVersion() string {
-	return Version()
-}
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/config.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/config.go
index a01bfafbe0..6bd50d4c9b 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/config.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/config.go
@@ -176,6 +176,10 @@ func WithMessageEvents(events ...event) Option {
 
 // WithSpanNameFormatter takes a function that will be called on every
 // request and the returned string will become the Span Name.
+//
+// When using [http.ServeMux] (or any middleware that sets the Pattern of [http.Request]),
+// the span name formatter will run twice. Once when the span is created, and
+// second time after the middleware, so the pattern can be used.
 func WithSpanNameFormatter(f func(operation string, r *http.Request) string) Option {
 	return optionFunc(func(c *config) {
 		c.SpanNameFormatter = f
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/handler.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/handler.go
index 3ea05d0199..937f9b4e73 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/handler.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/handler.go
@@ -98,7 +98,7 @@ func (h *middleware) serveHTTP(w http.ResponseWriter, r *http.Request, next http
 
 	ctx := h.propagators.Extract(r.Context(), propagation.HeaderCarrier(r.Header))
 	opts := []trace.SpanStartOption{
-		trace.WithAttributes(h.semconv.RequestTraceAttrs(h.server, r)...),
+		trace.WithAttributes(h.semconv.RequestTraceAttrs(h.server, r, semconv.RequestTraceAttrsOpts{})...),
 	}
 
 	opts = append(opts, h.spanStartOptions...)
@@ -176,7 +176,12 @@ func (h *middleware) serveHTTP(w http.ResponseWriter, r *http.Request, next http
 		ctx = ContextWithLabeler(ctx, labeler)
 	}
 
-	next.ServeHTTP(w, r.WithContext(ctx))
+	r = r.WithContext(ctx)
+	next.ServeHTTP(w, r)
+
+	if r.Pattern != "" {
+		span.SetName(h.spanNameFormatter(h.operation, r))
+	}
 
 	statusCode := rww.StatusCode()
 	bytesWritten := rww.BytesWritten()
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/body_wrapper.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/body_wrapper.go
index 866aa21dce..d032aa841b 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/body_wrapper.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/body_wrapper.go
@@ -1,9 +1,11 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
 // source: internal/shared/request/body_wrapper.go.tmpl
 
 // Copyright The OpenTelemetry Authors
 // SPDX-License-Identifier: Apache-2.0
 
+// Package request provides types and functionality to handle HTTP request
+// handling.
 package request // import "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request"
 
 import (
@@ -56,7 +58,7 @@ func (w *BodyWrapper) updateReadData(n int64, err error) {
 	}
 }
 
-// Closes closes the io.ReadCloser.
+// Close closes the io.ReadCloser.
 func (w *BodyWrapper) Close() error {
 	return w.ReadCloser.Close()
 }
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/resp_writer_wrapper.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/resp_writer_wrapper.go
index 73184e7d00..ca2e4c14c7 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/resp_writer_wrapper.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/resp_writer_wrapper.go
@@ -1,4 +1,4 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
 // source: internal/shared/request/resp_writer_wrapper.go.tmpl
 
 // Copyright The OpenTelemetry Authors
@@ -105,7 +105,7 @@ func (w *RespWriterWrapper) BytesWritten() int64 {
 	return w.written
 }
 
-// BytesWritten returns the HTTP status code that was sent.
+// StatusCode returns the HTTP status code that was sent.
 func (w *RespWriterWrapper) StatusCode() int {
 	w.mu.RLock()
 	defer w.mu.RUnlock()
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/env.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/env.go
index 4693a01949..7cb9693d98 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/env.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/env.go
@@ -1,4 +1,4 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
 // source: internal/shared/semconv/env.go.tmpl
 
 // Copyright The OpenTelemetry Authors
@@ -20,7 +20,7 @@ import (
 )
 
 // OTelSemConvStabilityOptIn is an environment variable.
-// That can be set to "old" or "http/dup" to opt into the new HTTP semantic conventions.
+// That can be set to "http/dup" to keep getting the old HTTP semantic conventions.
 const OTelSemConvStabilityOptIn = "OTEL_SEMCONV_STABILITY_OPT_IN"
 
 type ResponseTelemetry struct {
@@ -61,19 +61,23 @@ type HTTPServer struct {
 //
 // If the primary server name is not known, server should be an empty string.
 // The req Host will be used to determine the server instead.
-func (s HTTPServer) RequestTraceAttrs(server string, req *http.Request) []attribute.KeyValue {
+func (s HTTPServer) RequestTraceAttrs(server string, req *http.Request, opts RequestTraceAttrsOpts) []attribute.KeyValue {
+	attrs := CurrentHTTPServer{}.RequestTraceAttrs(server, req, opts)
 	if s.duplicate {
-		return append(OldHTTPServer{}.RequestTraceAttrs(server, req), CurrentHTTPServer{}.RequestTraceAttrs(server, req)...)
+		return OldHTTPServer{}.RequestTraceAttrs(server, req, attrs)
 	}
-	return OldHTTPServer{}.RequestTraceAttrs(server, req)
+	return attrs
 }
 
 func (s HTTPServer) NetworkTransportAttr(network string) []attribute.KeyValue {
 	if s.duplicate {
-		return append([]attribute.KeyValue{OldHTTPServer{}.NetworkTransportAttr(network)}, CurrentHTTPServer{}.NetworkTransportAttr(network))
+		return []attribute.KeyValue{
+			OldHTTPServer{}.NetworkTransportAttr(network),
+			CurrentHTTPServer{}.NetworkTransportAttr(network),
+		}
 	}
 	return []attribute.KeyValue{
-		OldHTTPServer{}.NetworkTransportAttr(network),
+		CurrentHTTPServer{}.NetworkTransportAttr(network),
 	}
 }
 
@@ -81,15 +85,16 @@ func (s HTTPServer) NetworkTransportAttr(network string) []attribute.KeyValue {
 //
 // If any of the fields in the ResponseTelemetry are not set the attribute will be omitted.
 func (s HTTPServer) ResponseTraceAttrs(resp ResponseTelemetry) []attribute.KeyValue {
+	attrs := CurrentHTTPServer{}.ResponseTraceAttrs(resp)
 	if s.duplicate {
-		return append(OldHTTPServer{}.ResponseTraceAttrs(resp), CurrentHTTPServer{}.ResponseTraceAttrs(resp)...)
+		return OldHTTPServer{}.ResponseTraceAttrs(resp, attrs)
 	}
-	return OldHTTPServer{}.ResponseTraceAttrs(resp)
+	return attrs
 }
 
 // Route returns the attribute for the route.
 func (s HTTPServer) Route(route string) attribute.KeyValue {
-	return OldHTTPServer{}.Route(route)
+	return CurrentHTTPServer{}.Route(route)
 }
 
 // Status returns a span status code and message for an HTTP status code
@@ -121,6 +126,8 @@ type MetricAttributes struct {
 
 type MetricData struct {
 	RequestSize int64
+
+	// The request duration, in milliseconds
 	ElapsedTime float64
 }
 
@@ -139,7 +146,19 @@ var (
 )
 
 func (s HTTPServer) RecordMetrics(ctx context.Context, md ServerMetricData) {
-	if s.requestBytesCounter != nil && s.responseBytesCounter != nil && s.serverLatencyMeasure != nil {
+	if s.requestDurationHistogram != nil && s.requestBodySizeHistogram != nil && s.responseBodySizeHistogram != nil {
+		attributes := CurrentHTTPServer{}.MetricAttributes(md.ServerName, md.Req, md.StatusCode, md.AdditionalAttributes)
+		o := metric.WithAttributeSet(attribute.NewSet(attributes...))
+		recordOpts := metricRecordOptionPool.Get().(*[]metric.RecordOption)
+		*recordOpts = append(*recordOpts, o)
+		s.requestBodySizeHistogram.Record(ctx, md.RequestSize, *recordOpts...)
+		s.responseBodySizeHistogram.Record(ctx, md.ResponseSize, *recordOpts...)
+		s.requestDurationHistogram.Record(ctx, md.ElapsedTime/1000.0, o)
+		*recordOpts = (*recordOpts)[:0]
+		metricRecordOptionPool.Put(recordOpts)
+	}
+
+	if s.duplicate && s.requestBytesCounter != nil && s.responseBytesCounter != nil && s.serverLatencyMeasure != nil {
 		attributes := OldHTTPServer{}.MetricAttributes(md.ServerName, md.Req, md.StatusCode, md.AdditionalAttributes)
 		o := metric.WithAttributeSet(attribute.NewSet(attributes...))
 		addOpts := metricAddOptionPool.Get().(*[]metric.AddOption)
@@ -150,29 +169,28 @@ func (s HTTPServer) RecordMetrics(ctx context.Context, md ServerMetricData) {
 		*addOpts = (*addOpts)[:0]
 		metricAddOptionPool.Put(addOpts)
 	}
+}
 
-	if s.duplicate && s.requestDurationHistogram != nil && s.requestBodySizeHistogram != nil && s.responseBodySizeHistogram != nil {
-		attributes := CurrentHTTPServer{}.MetricAttributes(md.ServerName, md.Req, md.StatusCode, md.AdditionalAttributes)
-		o := metric.WithAttributeSet(attribute.NewSet(attributes...))
-		recordOpts := metricRecordOptionPool.Get().(*[]metric.RecordOption)
-		*recordOpts = append(*recordOpts, o)
-		s.requestBodySizeHistogram.Record(ctx, md.RequestSize, *recordOpts...)
-		s.responseBodySizeHistogram.Record(ctx, md.ResponseSize, *recordOpts...)
-		s.requestDurationHistogram.Record(ctx, md.ElapsedTime, o)
-		*recordOpts = (*recordOpts)[:0]
-		metricRecordOptionPool.Put(recordOpts)
+// hasOptIn returns true if the comma-separated version string contains the
+// exact optIn value.
+func hasOptIn(version, optIn string) bool {
+	for _, v := range strings.Split(version, ",") {
+		if strings.TrimSpace(v) == optIn {
+			return true
+		}
 	}
+	return false
 }
 
 func NewHTTPServer(meter metric.Meter) HTTPServer {
 	env := strings.ToLower(os.Getenv(OTelSemConvStabilityOptIn))
-	duplicate := env == "http/dup"
+	duplicate := hasOptIn(env, "http/dup")
 	server := HTTPServer{
 		duplicate: duplicate,
 	}
-	server.requestBytesCounter, server.responseBytesCounter, server.serverLatencyMeasure = OldHTTPServer{}.createMeasures(meter)
+	server.requestBodySizeHistogram, server.responseBodySizeHistogram, server.requestDurationHistogram = CurrentHTTPServer{}.createMeasures(meter)
 	if duplicate {
-		server.requestBodySizeHistogram, server.responseBodySizeHistogram, server.requestDurationHistogram = CurrentHTTPServer{}.createMeasures(meter)
+		server.requestBytesCounter, server.responseBytesCounter, server.serverLatencyMeasure = OldHTTPServer{}.createMeasures(meter)
 	}
 	return server
 }
@@ -192,13 +210,13 @@ type HTTPClient struct {
 
 func NewHTTPClient(meter metric.Meter) HTTPClient {
 	env := strings.ToLower(os.Getenv(OTelSemConvStabilityOptIn))
-	duplicate := env == "http/dup"
+	duplicate := hasOptIn(env, "http/dup")
 	client := HTTPClient{
 		duplicate: duplicate,
 	}
-	client.requestBytesCounter, client.responseBytesCounter, client.latencyMeasure = OldHTTPClient{}.createMeasures(meter)
+	client.requestBodySize, client.requestDuration = CurrentHTTPClient{}.createMeasures(meter)
 	if duplicate {
-		client.requestBodySize, client.requestDuration = CurrentHTTPClient{}.createMeasures(meter)
+		client.requestBytesCounter, client.responseBytesCounter, client.latencyMeasure = OldHTTPClient{}.createMeasures(meter)
 	}
 
 	return client
@@ -206,19 +224,20 @@ func NewHTTPClient(meter metric.Meter) HTTPClient {
 
 // RequestTraceAttrs returns attributes for an HTTP request made by a client.
 func (c HTTPClient) RequestTraceAttrs(req *http.Request) []attribute.KeyValue {
+	attrs := CurrentHTTPClient{}.RequestTraceAttrs(req)
 	if c.duplicate {
-		return append(OldHTTPClient{}.RequestTraceAttrs(req), CurrentHTTPClient{}.RequestTraceAttrs(req)...)
+		return OldHTTPClient{}.RequestTraceAttrs(req, attrs)
 	}
-	return OldHTTPClient{}.RequestTraceAttrs(req)
+	return attrs
 }
 
 // ResponseTraceAttrs returns metric attributes for an HTTP request made by a client.
 func (c HTTPClient) ResponseTraceAttrs(resp *http.Response) []attribute.KeyValue {
+	attrs := CurrentHTTPClient{}.ResponseTraceAttrs(resp)
 	if c.duplicate {
-		return append(OldHTTPClient{}.ResponseTraceAttrs(resp), CurrentHTTPClient{}.ResponseTraceAttrs(resp)...)
+		return OldHTTPClient{}.ResponseTraceAttrs(resp, attrs)
 	}
-
-	return OldHTTPClient{}.ResponseTraceAttrs(resp)
+	return attrs
 }
 
 func (c HTTPClient) Status(code int) (codes.Code, string) {
@@ -232,11 +251,7 @@ func (c HTTPClient) Status(code int) (codes.Code, string) {
 }
 
 func (c HTTPClient) ErrorType(err error) attribute.KeyValue {
-	if c.duplicate {
-		return CurrentHTTPClient{}.ErrorType(err)
-	}
-
-	return attribute.KeyValue{}
+	return CurrentHTTPClient{}.ErrorType(err)
 }
 
 type MetricOpts struct {
@@ -255,17 +270,17 @@ func (o MetricOpts) AddOptions() metric.AddOption {
 func (c HTTPClient) MetricOptions(ma MetricAttributes) map[string]MetricOpts {
 	opts := map[string]MetricOpts{}
 
-	attributes := OldHTTPClient{}.MetricAttributes(ma.Req, ma.StatusCode, ma.AdditionalAttributes)
+	attributes := CurrentHTTPClient{}.MetricAttributes(ma.Req, ma.StatusCode, ma.AdditionalAttributes)
 	set := metric.WithAttributeSet(attribute.NewSet(attributes...))
-	opts["old"] = MetricOpts{
+	opts["new"] = MetricOpts{
 		measurement: set,
 		addOptions:  set,
 	}
 
 	if c.duplicate {
-		attributes := CurrentHTTPClient{}.MetricAttributes(ma.Req, ma.StatusCode, ma.AdditionalAttributes)
+		attributes := OldHTTPClient{}.MetricAttributes(ma.Req, ma.StatusCode, ma.AdditionalAttributes)
 		set := metric.WithAttributeSet(attribute.NewSet(attributes...))
-		opts["new"] = MetricOpts{
+		opts["old"] = MetricOpts{
 			measurement: set,
 			addOptions:  set,
 		}
@@ -275,17 +290,17 @@ func (c HTTPClient) MetricOptions(ma MetricAttributes) map[string]MetricOpts {
 }
 
 func (s HTTPClient) RecordMetrics(ctx context.Context, md MetricData, opts map[string]MetricOpts) {
-	if s.requestBytesCounter == nil || s.latencyMeasure == nil {
+	if s.requestBodySize == nil || s.requestDuration == nil {
 		// This will happen if an HTTPClient{} is used instead of NewHTTPClient().
 		return
 	}
 
-	s.requestBytesCounter.Add(ctx, md.RequestSize, opts["old"].AddOptions())
-	s.latencyMeasure.Record(ctx, md.ElapsedTime, opts["old"].MeasurementOption())
+	s.requestBodySize.Record(ctx, md.RequestSize, opts["new"].MeasurementOption())
+	s.requestDuration.Record(ctx, md.ElapsedTime/1000, opts["new"].MeasurementOption())
 
 	if s.duplicate {
-		s.requestBodySize.Record(ctx, md.RequestSize, opts["new"].MeasurementOption())
-		s.requestDuration.Record(ctx, md.ElapsedTime, opts["new"].MeasurementOption())
+		s.requestBytesCounter.Add(ctx, md.RequestSize, opts["old"].AddOptions())
+		s.latencyMeasure.Record(ctx, md.ElapsedTime, opts["old"].MeasurementOption())
 	}
 }
 
@@ -299,9 +314,10 @@ func (s HTTPClient) RecordResponseSize(ctx context.Context, responseData int64,
 }
 
 func (s HTTPClient) TraceAttributes(host string) []attribute.KeyValue {
+	attrs := CurrentHTTPClient{}.TraceAttributes(host)
 	if s.duplicate {
-		return append(OldHTTPClient{}.TraceAttributes(host), CurrentHTTPClient{}.TraceAttributes(host)...)
+		return OldHTTPClient{}.TraceAttributes(host, attrs)
 	}
 
-	return OldHTTPClient{}.TraceAttributes(host)
+	return attrs
 }
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/httpconv.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/httpconv.go
index 8b85eff90a..53976b0d5a 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/httpconv.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/httpconv.go
@@ -1,9 +1,11 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
 // source: internal/shared/semconv/httpconv.go.tmpl
 
 // Copyright The OpenTelemetry Authors
 // SPDX-License-Identifier: Apache-2.0
 
+// Package semconv provides OpenTelemetry semantic convention types and
+// functionality.
 package semconv // import "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv"
 
 import (
@@ -20,9 +22,14 @@ import (
 	semconvNew "go.opentelemetry.io/otel/semconv/v1.26.0"
 )
 
+type RequestTraceAttrsOpts struct {
+	// If set, this is used as value for the "http.client_ip" attribute.
+	HTTPClientIP string
+}
+
 type CurrentHTTPServer struct{}
 
-// TraceRequest returns trace attributes for an HTTP request received by a
+// RequestTraceAttrs returns trace attributes for an HTTP request received by a
 // server.
 //
 // The server must be the primary server name if it is known. For example this
@@ -38,7 +45,7 @@ type CurrentHTTPServer struct{}
 //
 // If the primary server name is not known, server should be an empty string.
 // The req Host will be used to determine the server instead.
-func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) []attribute.KeyValue {
+func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request, opts RequestTraceAttrsOpts) []attribute.KeyValue {
 	count := 3 // ServerAddress, Method, Scheme
 
 	var host string
@@ -65,7 +72,8 @@ func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) [
 
 	scheme := n.scheme(req.TLS != nil)
 
-	if peer, peerPort := SplitHostPort(req.RemoteAddr); peer != "" {
+	peer, peerPort := SplitHostPort(req.RemoteAddr)
+	if peer != "" {
 		// The Go HTTP server sets RemoteAddr to "IP:port", this will not be a
 		// file-path that would be interpreted with a sock family.
 		count++
@@ -79,7 +87,17 @@ func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) [
 		count++
 	}
 
-	clientIP := serverClientIP(req.Header.Get("X-Forwarded-For"))
+	// For client IP, use, in order:
+	// 1. The value passed in the options
+	// 2. The value in the X-Forwarded-For header
+	// 3. The peer address
+	clientIP := opts.HTTPClientIP
+	if clientIP == "" {
+		clientIP = serverClientIP(req.Header.Get("X-Forwarded-For"))
+		if clientIP == "" {
+			clientIP = peer
+		}
+	}
 	if clientIP != "" {
 		count++
 	}
@@ -96,6 +114,11 @@ func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) [
 		count++
 	}
 
+	route := httpRoute(req.Pattern)
+	if route != "" {
+		count++
+	}
+
 	attrs := make([]attribute.KeyValue, 0, count)
 	attrs = append(attrs,
 		semconvNew.ServerAddress(host),
@@ -119,7 +142,7 @@ func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) [
 		}
 	}
 
-	if useragent := req.UserAgent(); useragent != "" {
+	if useragent != "" {
 		attrs = append(attrs, semconvNew.UserAgentOriginal(useragent))
 	}
 
@@ -138,10 +161,14 @@ func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) [
 		attrs = append(attrs, semconvNew.NetworkProtocolVersion(protoVersion))
 	}
 
+	if route != "" {
+		attrs = append(attrs, n.Route(route))
+	}
+
 	return attrs
 }
 
-func (o CurrentHTTPServer) NetworkTransportAttr(network string) attribute.KeyValue {
+func (n CurrentHTTPServer) NetworkTransportAttr(network string) attribute.KeyValue {
 	switch network {
 	case "tcp", "tcp4", "tcp6":
 		return semconvNew.NetworkTransportTCP
@@ -176,9 +203,11 @@ func (n CurrentHTTPServer) scheme(https bool) attribute.KeyValue { // nolint:rev
 	return semconvNew.URLScheme("http")
 }
 
-// TraceResponse returns trace attributes for telemetry from an HTTP response.
+// ResponseTraceAttrs returns trace attributes for telemetry from an HTTP
+// response.
 //
-// If any of the fields in the ResponseTelemetry are not set the attribute will be omitted.
+// If any of the fields in the ResponseTelemetry are not set the attribute will
+// be omitted.
 func (n CurrentHTTPServer) ResponseTraceAttrs(resp ResponseTelemetry) []attribute.KeyValue {
 	var count int
 
@@ -241,6 +270,7 @@ func (n CurrentHTTPServer) createMeasures(meter metric.Meter) (metric.Int64Histo
 		semconvNew.HTTPServerRequestDurationName,
 		metric.WithUnit(semconvNew.HTTPServerRequestDurationUnit),
 		metric.WithDescription(semconvNew.HTTPServerRequestDurationDescription),
+		metric.WithExplicitBucketBoundaries(0.005, 0.01, 0.025, 0.05, 0.075, 0.1, 0.25, 0.5, 0.75, 1, 2.5, 5, 7.5, 10),
 	)
 	handleErr(err)
 
@@ -459,6 +489,7 @@ func (n CurrentHTTPClient) createMeasures(meter metric.Meter) (metric.Int64Histo
 		semconvNew.HTTPClientRequestDurationName,
 		metric.WithUnit(semconvNew.HTTPClientRequestDurationUnit),
 		metric.WithDescription(semconvNew.HTTPClientRequestDurationDescription),
+		metric.WithExplicitBucketBoundaries(0.005, 0.01, 0.025, 0.05, 0.075, 0.1, 0.25, 0.5, 0.75, 1, 2.5, 5, 7.5, 10),
 	)
 	handleErr(err)
 
@@ -501,7 +532,7 @@ func (n CurrentHTTPClient) MetricAttributes(req *http.Request, statusCode int, a
 	attributes = append(attributes,
 		semconvNew.HTTPRequestMethodKey.String(standardizeHTTPMethod(req.Method)),
 		semconvNew.ServerAddress(requestHost),
-		n.scheme(req.TLS != nil),
+		n.scheme(req),
 	)
 
 	if port > 0 {
@@ -520,15 +551,18 @@ func (n CurrentHTTPClient) MetricAttributes(req *http.Request, statusCode int, a
 	return attributes
 }
 
-// Attributes for httptrace.
+// TraceAttributes returns attributes for httptrace.
 func (n CurrentHTTPClient) TraceAttributes(host string) []attribute.KeyValue {
 	return []attribute.KeyValue{
 		semconvNew.ServerAddress(host),
 	}
 }
 
-func (n CurrentHTTPClient) scheme(https bool) attribute.KeyValue { // nolint:revive
-	if https {
+func (n CurrentHTTPClient) scheme(req *http.Request) attribute.KeyValue {
+	if req.URL != nil && req.URL.Scheme != "" {
+		return semconvNew.URLScheme(req.URL.Scheme)
+	}
+	if req.TLS != nil {
 		return semconvNew.URLScheme("https")
 	}
 	return semconvNew.URLScheme("http")
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/util.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/util.go
index 315d3dd29c..bc1f7751db 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/util.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/util.go
@@ -1,4 +1,4 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
 // source: internal/shared/semconv/util.go.tmpl
 
 // Copyright The OpenTelemetry Authors
@@ -28,17 +28,17 @@ func SplitHostPort(hostport string) (host string, port int) {
 	port = -1
 
 	if strings.HasPrefix(hostport, "[") {
-		addrEnd := strings.LastIndex(hostport, "]")
+		addrEnd := strings.LastIndexByte(hostport, ']')
 		if addrEnd < 0 {
 			// Invalid hostport.
 			return
 		}
-		if i := strings.LastIndex(hostport[addrEnd:], ":"); i < 0 {
+		if i := strings.LastIndexByte(hostport[addrEnd:], ':'); i < 0 {
 			host = hostport[1:addrEnd]
 			return
 		}
 	} else {
-		if i := strings.LastIndex(hostport, ":"); i < 0 {
+		if i := strings.LastIndexByte(hostport, ':'); i < 0 {
 			host = hostport
 			return
 		}
@@ -70,12 +70,19 @@ func requiredHTTPPort(https bool, port int) int { // nolint:revive
 }
 
 func serverClientIP(xForwardedFor string) string {
-	if idx := strings.Index(xForwardedFor, ","); idx >= 0 {
+	if idx := strings.IndexByte(xForwardedFor, ','); idx >= 0 {
 		xForwardedFor = xForwardedFor[:idx]
 	}
 	return xForwardedFor
 }
 
+func httpRoute(pattern string) string {
+	if idx := strings.IndexByte(pattern, '/'); idx >= 0 {
+		return pattern[idx:]
+	}
+	return ""
+}
+
 func netProtocol(proto string) (name string, version string) {
 	name, version, _ = strings.Cut(proto, "/")
 	switch name {
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/v1.20.0.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/v1.20.0.go
index 742c2113e1..ba7fccf1ef 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/v1.20.0.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/v1.20.0.go
@@ -1,4 +1,4 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
 // source: internal/shared/semconv/v120.0.go.tmpl
 
 // Copyright The OpenTelemetry Authors
@@ -37,8 +37,8 @@ type OldHTTPServer struct{}
 //
 // If the primary server name is not known, server should be an empty string.
 // The req Host will be used to determine the server instead.
-func (o OldHTTPServer) RequestTraceAttrs(server string, req *http.Request) []attribute.KeyValue {
-	return semconvutil.HTTPServerRequest(server, req)
+func (o OldHTTPServer) RequestTraceAttrs(server string, req *http.Request, attrs []attribute.KeyValue) []attribute.KeyValue {
+	return semconvutil.HTTPServerRequest(server, req, semconvutil.HTTPServerRequestOptions{}, attrs)
 }
 
 func (o OldHTTPServer) NetworkTransportAttr(network string) attribute.KeyValue {
@@ -48,9 +48,7 @@ func (o OldHTTPServer) NetworkTransportAttr(network string) attribute.KeyValue {
 // ResponseTraceAttrs returns trace attributes for telemetry from an HTTP response.
 //
 // If any of the fields in the ResponseTelemetry are not set the attribute will be omitted.
-func (o OldHTTPServer) ResponseTraceAttrs(resp ResponseTelemetry) []attribute.KeyValue {
-	attributes := []attribute.KeyValue{}
-
+func (o OldHTTPServer) ResponseTraceAttrs(resp ResponseTelemetry, attributes []attribute.KeyValue) []attribute.KeyValue {
 	if resp.ReadBytes > 0 {
 		attributes = append(attributes, semconv.HTTPRequestContentLength(int(resp.ReadBytes)))
 	}
@@ -179,12 +177,12 @@ func (o OldHTTPServer) scheme(https bool) attribute.KeyValue { // nolint:revive
 
 type OldHTTPClient struct{}
 
-func (o OldHTTPClient) RequestTraceAttrs(req *http.Request) []attribute.KeyValue {
-	return semconvutil.HTTPClientRequest(req)
+func (o OldHTTPClient) RequestTraceAttrs(req *http.Request, attrs []attribute.KeyValue) []attribute.KeyValue {
+	return semconvutil.HTTPClientRequest(req, attrs)
 }
 
-func (o OldHTTPClient) ResponseTraceAttrs(resp *http.Response) []attribute.KeyValue {
-	return semconvutil.HTTPClientResponse(resp)
+func (o OldHTTPClient) ResponseTraceAttrs(resp *http.Response, attrs []attribute.KeyValue) []attribute.KeyValue {
+	return semconvutil.HTTPClientResponse(resp, attrs)
 }
 
 func (o OldHTTPClient) MetricAttributes(req *http.Request, statusCode int, additionalAttributes []attribute.KeyValue) []attribute.KeyValue {
@@ -269,9 +267,7 @@ func (o OldHTTPClient) createMeasures(meter metric.Meter) (metric.Int64Counter,
 	return requestBytesCounter, responseBytesCounter, latencyMeasure
 }
 
-// Attributes for httptrace.
-func (c OldHTTPClient) TraceAttributes(host string) []attribute.KeyValue {
-	return []attribute.KeyValue{
-		semconv.NetHostName(host),
-	}
+// TraceAttributes returns attributes for httptrace.
+func (c OldHTTPClient) TraceAttributes(host string, attrs []attribute.KeyValue) []attribute.KeyValue {
+	return append(attrs, semconv.NetHostName(host))
 }
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/httpconv.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/httpconv.go
index a73bb06e90..b997354793 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/httpconv.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/httpconv.go
@@ -1,14 +1,16 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
 // source: internal/shared/semconvutil/httpconv.go.tmpl
 
 // Copyright The OpenTelemetry Authors
 // SPDX-License-Identifier: Apache-2.0
 
+// Package semconvutil provides OpenTelemetry semantic convention utilities.
 package semconvutil // import "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil"
 
 import (
 	"fmt"
 	"net/http"
+	"slices"
 	"strings"
 
 	"go.opentelemetry.io/otel/attribute"
@@ -16,6 +18,11 @@ import (
 	semconv "go.opentelemetry.io/otel/semconv/v1.20.0"
 )
 
+type HTTPServerRequestOptions struct {
+	// If set, this is used as value for the "http.client_ip" attribute.
+	HTTPClientIP string
+}
+
 // HTTPClientResponse returns trace attributes for an HTTP response received by a
 // client from a server. It will return the following attributes if the related
 // values are defined in resp: "http.status.code",
@@ -26,9 +33,9 @@ import (
 // attributes. If a complete set of attributes can be generated using the
 // request contained in resp. For example:
 //
-//	append(HTTPClientResponse(resp), ClientRequest(resp.Request)...)
-func HTTPClientResponse(resp *http.Response) []attribute.KeyValue {
-	return hc.ClientResponse(resp)
+//	HTTPClientResponse(resp, ClientRequest(resp.Request)))
+func HTTPClientResponse(resp *http.Response, attrs []attribute.KeyValue) []attribute.KeyValue {
+	return hc.ClientResponse(resp, attrs)
 }
 
 // HTTPClientRequest returns trace attributes for an HTTP request made by a client.
@@ -36,8 +43,8 @@ func HTTPClientResponse(resp *http.Response) []attribute.KeyValue {
 // "net.peer.name". The following attributes are returned if the related values
 // are defined in req: "net.peer.port", "user_agent.original",
 // "http.request_content_length".
-func HTTPClientRequest(req *http.Request) []attribute.KeyValue {
-	return hc.ClientRequest(req)
+func HTTPClientRequest(req *http.Request, attrs []attribute.KeyValue) []attribute.KeyValue {
+	return hc.ClientRequest(req, attrs)
 }
 
 // HTTPClientRequestMetrics returns metric attributes for an HTTP request made by a client.
@@ -75,8 +82,8 @@ func HTTPClientStatus(code int) (codes.Code, string) {
 // "http.target", "net.host.name". The following attributes are returned if
 // they related values are defined in req: "net.host.port", "net.sock.peer.addr",
 // "net.sock.peer.port", "user_agent.original", "http.client_ip".
-func HTTPServerRequest(server string, req *http.Request) []attribute.KeyValue {
-	return hc.ServerRequest(server, req)
+func HTTPServerRequest(server string, req *http.Request, opts HTTPServerRequestOptions, attrs []attribute.KeyValue) []attribute.KeyValue {
+	return hc.ServerRequest(server, req, opts, attrs)
 }
 
 // HTTPServerRequestMetrics returns metric attributes for an HTTP request received by a
@@ -153,8 +160,8 @@ var hc = &httpConv{
 // attributes. If a complete set of attributes can be generated using the
 // request contained in resp. For example:
 //
-//	append(ClientResponse(resp), ClientRequest(resp.Request)...)
-func (c *httpConv) ClientResponse(resp *http.Response) []attribute.KeyValue {
+//	ClientResponse(resp, ClientRequest(resp.Request))
+func (c *httpConv) ClientResponse(resp *http.Response, attrs []attribute.KeyValue) []attribute.KeyValue {
 	/* The following semantic conventions are returned if present:
 	http.status_code                int
 	http.response_content_length    int
@@ -166,8 +173,11 @@ func (c *httpConv) ClientResponse(resp *http.Response) []attribute.KeyValue {
 	if resp.ContentLength > 0 {
 		n++
 	}
+	if n == 0 {
+		return attrs
+	}
 
-	attrs := make([]attribute.KeyValue, 0, n)
+	attrs = slices.Grow(attrs, n)
 	if resp.StatusCode > 0 {
 		attrs = append(attrs, c.HTTPStatusCodeKey.Int(resp.StatusCode))
 	}
@@ -182,7 +192,7 @@ func (c *httpConv) ClientResponse(resp *http.Response) []attribute.KeyValue {
 // "net.peer.name". The following attributes are returned if the related values
 // are defined in req: "net.peer.port", "user_agent.original",
 // "http.request_content_length", "user_agent.original".
-func (c *httpConv) ClientRequest(req *http.Request) []attribute.KeyValue {
+func (c *httpConv) ClientRequest(req *http.Request, attrs []attribute.KeyValue) []attribute.KeyValue {
 	/* The following semantic conventions are returned if present:
 	http.method                     string
 	user_agent.original             string
@@ -221,8 +231,7 @@ func (c *httpConv) ClientRequest(req *http.Request) []attribute.KeyValue {
 		n++
 	}
 
-	attrs := make([]attribute.KeyValue, 0, n)
-
+	attrs = slices.Grow(attrs, n)
 	attrs = append(attrs, c.method(req.Method))
 
 	var u string
@@ -305,7 +314,7 @@ func (c *httpConv) ClientRequestMetrics(req *http.Request) []attribute.KeyValue
 // related values are defined in req: "net.host.port", "net.sock.peer.addr",
 // "net.sock.peer.port", "user_agent.original", "http.client_ip",
 // "net.protocol.name", "net.protocol.version".
-func (c *httpConv) ServerRequest(server string, req *http.Request) []attribute.KeyValue {
+func (c *httpConv) ServerRequest(server string, req *http.Request, opts HTTPServerRequestOptions, attrs []attribute.KeyValue) []attribute.KeyValue {
 	/* The following semantic conventions are returned if present:
 	http.method             string
 	http.scheme             string
@@ -358,7 +367,17 @@ func (c *httpConv) ServerRequest(server string, req *http.Request) []attribute.K
 		n++
 	}
 
-	clientIP := serverClientIP(req.Header.Get("X-Forwarded-For"))
+	// For client IP, use, in order:
+	// 1. The value passed in the options
+	// 2. The value in the X-Forwarded-For header
+	// 3. The peer address
+	clientIP := opts.HTTPClientIP
+	if clientIP == "" {
+		clientIP = serverClientIP(req.Header.Get("X-Forwarded-For"))
+		if clientIP == "" {
+			clientIP = peer
+		}
+	}
 	if clientIP != "" {
 		n++
 	}
@@ -378,7 +397,7 @@ func (c *httpConv) ServerRequest(server string, req *http.Request) []attribute.K
 		n++
 	}
 
-	attrs := make([]attribute.KeyValue, 0, n)
+	attrs = slices.Grow(attrs, n)
 
 	attrs = append(attrs, c.method(req.Method))
 	attrs = append(attrs, c.scheme(req.TLS != nil))
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go
index de74fa252a..df97255e41 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go
@@ -1,4 +1,4 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
 // source: internal/shared/semconvutil/netconv.go.tmpl
 
 // Copyright The OpenTelemetry Authors
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/labeler.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/labeler.go
index ea504e396f..d62ce44b00 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/labeler.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/labeler.go
@@ -35,14 +35,14 @@ func (l *Labeler) Get() []attribute.KeyValue {
 
 type labelerContextKeyType int
 
-const lablelerContextKey labelerContextKeyType = 0
+const labelerContextKey labelerContextKeyType = 0
 
 // ContextWithLabeler returns a new context with the provided Labeler instance.
 // Attributes added to the specified labeler will be injected into metrics
 // emitted by the instrumentation. Only one labeller can be injected into the
 // context. Injecting it multiple times will override the previous calls.
 func ContextWithLabeler(parent context.Context, l *Labeler) context.Context {
-	return context.WithValue(parent, lablelerContextKey, l)
+	return context.WithValue(parent, labelerContextKey, l)
 }
 
 // LabelerFromContext retrieves a Labeler instance from the provided context if
@@ -50,7 +50,7 @@ func ContextWithLabeler(parent context.Context, l *Labeler) context.Context {
 // Labeler is returned and the second return value is false.  In this case it is
 // safe to use the Labeler but any attributes added to it will not be used.
 func LabelerFromContext(ctx context.Context) (*Labeler, bool) {
-	l, ok := ctx.Value(lablelerContextKey).(*Labeler)
+	l, ok := ctx.Value(labelerContextKey).(*Labeler)
 	if !ok {
 		l = &Labeler{}
 	}
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go
index 1ec9a00c7a..6be4c1fde2 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go
@@ -5,13 +5,6 @@ package otelhttp // import "go.opentelemetry.io/contrib/instrumentation/net/http
 
 // Version is the current release version of the otelhttp instrumentation.
 func Version() string {
-	return "0.60.0"
+	return "0.61.0"
 	// This string is updated by the pre_release.sh script during release
 }
-
-// SemVersion is the semantic version to be supplied to tracer/meter creation.
-//
-// Deprecated: Use [Version] instead.
-func SemVersion() string {
-	return Version()
-}
diff --git a/vendor/go.opentelemetry.io/otel/.golangci.yml b/vendor/go.opentelemetry.io/otel/.golangci.yml
index c58e48ab0c..888e5da802 100644
--- a/vendor/go.opentelemetry.io/otel/.golangci.yml
+++ b/vendor/go.opentelemetry.io/otel/.golangci.yml
@@ -1,13 +1,9 @@
-# See https://github.com/golangci/golangci-lint#config-file
+version: "2"
 run:
-  issues-exit-code: 1 #Default
-  tests: true #Default
-
+  issues-exit-code: 1
+  tests: true
 linters:
-  # Disable everything by default so upgrades to not include new "default
-  # enabled" linters.
-  disable-all: true
-  # Specifically enable linters we want to use.
+  default: none
   enable:
     - asasalint
     - bodyclose
@@ -15,10 +11,7 @@ linters:
     - errcheck
     - errorlint
     - godot
-    - gofumpt
-    - goimports
     - gosec
-    - gosimple
     - govet
     - ineffassign
     - misspell
@@ -26,227 +19,230 @@ linters:
     - revive
     - staticcheck
     - testifylint
-    - typecheck
     - unconvert
-    - unused
     - unparam
+    - unused
     - usestdlibvars
     - usetesting
-
+  settings:
+    depguard:
+      rules:
+        auto/sdk:
+          files:
+            - '!internal/global/trace.go'
+            - ~internal/global/trace_test.go
+          deny:
+            - pkg: go.opentelemetry.io/auto/sdk
+              desc: Do not use SDK from automatic instrumentation.
+        non-tests:
+          files:
+            - '!$test'
+            - '!**/*test/*.go'
+            - '!**/internal/matchers/*.go'
+          deny:
+            - pkg: testing
+            - pkg: github.com/stretchr/testify
+            - pkg: crypto/md5
+            - pkg: crypto/sha1
+            - pkg: crypto/**/pkix
+        otel-internal:
+          files:
+            - '**/sdk/*.go'
+            - '**/sdk/**/*.go'
+            - '**/exporters/*.go'
+            - '**/exporters/**/*.go'
+            - '**/schema/*.go'
+            - '**/schema/**/*.go'
+            - '**/metric/*.go'
+            - '**/metric/**/*.go'
+            - '**/bridge/*.go'
+            - '**/bridge/**/*.go'
+            - '**/trace/*.go'
+            - '**/trace/**/*.go'
+            - '**/log/*.go'
+            - '**/log/**/*.go'
+          deny:
+            - pkg: go.opentelemetry.io/otel/internal$
+              desc: Do not use cross-module internal packages.
+            - pkg: go.opentelemetry.io/otel/internal/internaltest
+              desc: Do not use cross-module internal packages.
+            - pkg: go.opentelemetry.io/otel/internal/matchers
+              desc: Do not use cross-module internal packages.
+        otlp-internal:
+          files:
+            - '!**/exporters/otlp/internal/**/*.go'
+          deny:
+            - pkg: go.opentelemetry.io/otel/exporters/otlp/internal
+              desc: Do not use cross-module internal packages.
+        otlpmetric-internal:
+          files:
+            - '!**/exporters/otlp/otlpmetric/internal/*.go'
+            - '!**/exporters/otlp/otlpmetric/internal/**/*.go'
+          deny:
+            - pkg: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal
+              desc: Do not use cross-module internal packages.
+        otlptrace-internal:
+          files:
+            - '!**/exporters/otlp/otlptrace/*.go'
+            - '!**/exporters/otlp/otlptrace/internal/**.go'
+          deny:
+            - pkg: go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal
+              desc: Do not use cross-module internal packages.
+    godot:
+      exclude:
+        # Exclude links.
+        - '^ *\[[^]]+\]:'
+        # Exclude sentence fragments for lists.
+        - ^[ ]*[-•]
+        # Exclude sentences prefixing a list.
+        - :$
+    misspell:
+      locale: US
+      ignore-rules:
+        - cancelled
+    perfsprint:
+      int-conversion: true
+      err-error: true
+      errorf: true
+      sprintf1: true
+      strconcat: true
+    revive:
+      confidence: 0.01
+      rules:
+        - name: blank-imports
+        - name: bool-literal-in-expr
+        - name: constant-logical-expr
+        - name: context-as-argument
+          arguments:
+            - allowTypesBefore: '*testing.T'
+          disabled: true
+        - name: context-keys-type
+        - name: deep-exit
+        - name: defer
+          arguments:
+            - - call-chain
+              - loop
+        - name: dot-imports
+        - name: duplicated-imports
+        - name: early-return
+          arguments:
+            - preserveScope
+        - name: empty-block
+        - name: empty-lines
+        - name: error-naming
+        - name: error-return
+        - name: error-strings
+        - name: errorf
+        - name: exported
+          arguments:
+            - sayRepetitiveInsteadOfStutters
+        - name: flag-parameter
+        - name: identical-branches
+        - name: if-return
+        - name: import-shadowing
+        - name: increment-decrement
+        - name: indent-error-flow
+          arguments:
+            - preserveScope
+        - name: package-comments
+        - name: range
+        - name: range-val-in-closure
+        - name: range-val-address
+        - name: redefines-builtin-id
+        - name: string-format
+          arguments:
+            - - panic
+              - /^[^\n]*$/
+              - must not contain line breaks
+        - name: struct-tag
+        - name: superfluous-else
+          arguments:
+            - preserveScope
+        - name: time-equal
+        - name: unconditional-recursion
+        - name: unexported-return
+        - name: unhandled-error
+          arguments:
+            - fmt.Fprint
+            - fmt.Fprintf
+            - fmt.Fprintln
+            - fmt.Print
+            - fmt.Printf
+            - fmt.Println
+        - name: unnecessary-stmt
+        - name: useless-break
+        - name: var-declaration
+        - name: var-naming
+          arguments:
+            - ["ID"] # AllowList
+            - ["Otel", "Aws", "Gcp"] # DenyList
+        - name: waitgroup-by-value
+    testifylint:
+      enable-all: true
+      disable:
+        - float-compare
+        - go-require
+        - require-error
+  exclusions:
+    generated: lax
+    presets:
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    rules:
+      # TODO: Having appropriate comments for exported objects helps development,
+      # even for objects in internal packages. Appropriate comments for all
+      # exported objects should be added and this exclusion removed.
+      - linters:
+          - revive
+        path: .*internal/.*
+        text: exported (method|function|type|const) (.+) should have comment or be unexported
+      # Yes, they are, but it's okay in a test.
+      - linters:
+          - revive
+        path: _test\.go
+        text: exported func.*returns unexported type.*which can be annoying to use
+      # Example test functions should be treated like main.
+      - linters:
+          - revive
+        path: example.*_test\.go
+        text: calls to (.+) only in main[(][)] or init[(][)] functions
+      # It's okay to not run gosec and perfsprint in a test.
+      - linters:
+          - gosec
+          - perfsprint
+        path: _test\.go
+      # Ignoring gosec G404: Use of weak random number generator (math/rand instead of crypto/rand)
+      # as we commonly use it in tests and examples.
+      - linters:
+          - gosec
+        text: 'G404:'
+      # Ignoring gosec G402: TLS MinVersion too low
+      # as the https://pkg.go.dev/crypto/tls#Config handles MinVersion default well.
+      - linters:
+          - gosec
+        text: 'G402: TLS MinVersion too low.'
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
 issues:
-  # Maximum issues count per one linter.
-  # Set to 0 to disable.
-  # Default: 50
-  # Setting to unlimited so the linter only is run once to debug all issues.
   max-issues-per-linter: 0
-  # Maximum count of issues with the same text.
-  # Set to 0 to disable.
-  # Default: 3
-  # Setting to unlimited so the linter only is run once to debug all issues.
   max-same-issues: 0
-  # Excluding configuration per-path, per-linter, per-text and per-source.
-  exclude-rules:
-    # TODO: Having appropriate comments for exported objects helps development,
-    # even for objects in internal packages. Appropriate comments for all
-    # exported objects should be added and this exclusion removed.
-    - path: '.*internal/.*'
-      text: "exported (method|function|type|const) (.+) should have comment or be unexported"
-      linters:
-        - revive
-    # Yes, they are, but it's okay in a test.
-    - path: _test\.go
-      text: "exported func.*returns unexported type.*which can be annoying to use"
-      linters:
-        - revive
-    # Example test functions should be treated like main.
-    - path: example.*_test\.go
-      text: "calls to (.+) only in main[(][)] or init[(][)] functions"
-      linters:
-        - revive
-    # It's okay to not run gosec and perfsprint in a test.
-    - path: _test\.go
-      linters:
-        - gosec
-        - perfsprint
-    # Ignoring gosec G404: Use of weak random number generator (math/rand instead of crypto/rand)
-    # as we commonly use it in tests and examples.
-    - text: "G404:"
-      linters:
-        - gosec
-    # Ignoring gosec G402: TLS MinVersion too low
-    # as the https://pkg.go.dev/crypto/tls#Config handles MinVersion default well.
-    - text: "G402: TLS MinVersion too low."
-      linters:
-        - gosec
-  include:
-    # revive exported should have comment or be unexported.
-    - EXC0012
-    # revive package comment should be of the form ...
-    - EXC0013
-
-linters-settings:
-  depguard:
-    rules:
-      non-tests:
-        files:
-          - "!$test"
-          - "!**/*test/*.go"
-          - "!**/internal/matchers/*.go"
-        deny:
-          - pkg: "testing"
-          - pkg: "github.com/stretchr/testify"
-          - pkg: "crypto/md5"
-          - pkg: "crypto/sha1"
-          - pkg: "crypto/**/pkix"
-      auto/sdk:
-        files:
-          - "!internal/global/trace.go"
-          - "~internal/global/trace_test.go"
-        deny:
-          - pkg: "go.opentelemetry.io/auto/sdk"
-            desc: Do not use SDK from automatic instrumentation.
-      otlp-internal:
-        files:
-          - "!**/exporters/otlp/internal/**/*.go"
-        deny:
-          - pkg: "go.opentelemetry.io/otel/exporters/otlp/internal"
-            desc: Do not use cross-module internal packages.
-      otlptrace-internal:
-        files:
-          - "!**/exporters/otlp/otlptrace/*.go"
-          - "!**/exporters/otlp/otlptrace/internal/**.go"
-        deny:
-          - pkg: "go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal"
-            desc: Do not use cross-module internal packages.
-      otlpmetric-internal:
-        files:
-          - "!**/exporters/otlp/otlpmetric/internal/*.go"
-          - "!**/exporters/otlp/otlpmetric/internal/**/*.go"
-        deny:
-          - pkg: "go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal"
-            desc: Do not use cross-module internal packages.
-      otel-internal:
-        files:
-          - "**/sdk/*.go"
-          - "**/sdk/**/*.go"
-          - "**/exporters/*.go"
-          - "**/exporters/**/*.go"
-          - "**/schema/*.go"
-          - "**/schema/**/*.go"
-          - "**/metric/*.go"
-          - "**/metric/**/*.go"
-          - "**/bridge/*.go"
-          - "**/bridge/**/*.go"
-          - "**/trace/*.go"
-          - "**/trace/**/*.go"
-          - "**/log/*.go"
-          - "**/log/**/*.go"
-        deny:
-          - pkg: "go.opentelemetry.io/otel/internal$"
-            desc: Do not use cross-module internal packages.
-          - pkg: "go.opentelemetry.io/otel/internal/attribute"
-            desc: Do not use cross-module internal packages.
-          - pkg: "go.opentelemetry.io/otel/internal/internaltest"
-            desc: Do not use cross-module internal packages.
-          - pkg: "go.opentelemetry.io/otel/internal/matchers"
-            desc: Do not use cross-module internal packages.
-  godot:
-    exclude:
-      # Exclude links.
-      - '^ *\[[^]]+\]:'
-      # Exclude sentence fragments for lists.
-      - '^[ ]*[-•]'
-      # Exclude sentences prefixing a list.
-      - ':$'
-  goimports:
-    local-prefixes: go.opentelemetry.io
-  misspell:
-    locale: US
-    ignore-words:
-      - cancelled
-  perfsprint:
-    err-error: true
-    errorf: true
-    int-conversion: true
-    sprintf1: true
-    strconcat: true
-  revive:
-    # Sets the default failure confidence.
-    # This means that linting errors with less than 0.8 confidence will be ignored.
-    # Default: 0.8
-    confidence: 0.01
-    # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md
-    rules:
-      - name: blank-imports
-      - name: bool-literal-in-expr
-      - name: constant-logical-expr
-      - name: context-as-argument
-        disabled: true
-        arguments:
-          - allowTypesBefore: "*testing.T"
-      - name: context-keys-type
-      - name: deep-exit
-      - name: defer
-        arguments:
-          - ["call-chain", "loop"]
-      - name: dot-imports
-      - name: duplicated-imports
-      - name: early-return
-        arguments:
-          - "preserveScope"
-      - name: empty-block
-      - name: empty-lines
-      - name: error-naming
-      - name: error-return
-      - name: error-strings
-      - name: errorf
-      - name: exported
-        arguments:
-          - "sayRepetitiveInsteadOfStutters"
-      - name: flag-parameter
-      - name: identical-branches
-      - name: if-return
-      - name: import-shadowing
-      - name: increment-decrement
-      - name: indent-error-flow
-        arguments:
-          - "preserveScope"
-      - name: package-comments
-      - name: range
-      - name: range-val-in-closure
-      - name: range-val-address
-      - name: redefines-builtin-id
-      - name: string-format
-        arguments:
-          - - panic
-            - '/^[^\n]*$/'
-            - must not contain line breaks
-      - name: struct-tag
-      - name: superfluous-else
-        arguments:
-          - "preserveScope"
-      - name: time-equal
-      - name: unconditional-recursion
-      - name: unexported-return
-      - name: unhandled-error
-        arguments:
-          - "fmt.Fprint"
-          - "fmt.Fprintf"
-          - "fmt.Fprintln"
-          - "fmt.Print"
-          - "fmt.Printf"
-          - "fmt.Println"
-      - name: unnecessary-stmt
-      - name: useless-break
-      - name: var-declaration
-      - name: var-naming
-        arguments:
-          - ["ID"] # AllowList
-          - ["Otel", "Aws", "Gcp"] # DenyList
-      - name: waitgroup-by-value
-  testifylint:
-    enable-all: true
-    disable:
-      - float-compare
-      - go-require
-      - require-error
+formatters:
+  enable:
+    - gofumpt
+    - goimports
+    - golines
+  settings:
+    goimports:
+      local-prefixes:
+        - go.opentelemetry.io
+    golines:
+      max-len: 120
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
diff --git a/vendor/go.opentelemetry.io/otel/CHANGELOG.md b/vendor/go.opentelemetry.io/otel/CHANGELOG.md
index c076db2823..648e4abab8 100644
--- a/vendor/go.opentelemetry.io/otel/CHANGELOG.md
+++ b/vendor/go.opentelemetry.io/otel/CHANGELOG.md
@@ -11,6 +11,57 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
 <!-- Released section -->
 <!-- Don't change this section unless doing release -->
 
+## [1.36.0/0.58.0/0.12.0] 2025-05-20
+
+### Added
+
+- Add exponential histogram support in `go.opentelemetry.io/otel/exporters/prometheus`. (#6421)
+- The `go.opentelemetry.io/otel/semconv/v1.31.0` package.
+  The package contains semantic conventions from the `v1.31.0` version of the OpenTelemetry Semantic Conventions.
+  See the [migration documentation](./semconv/v1.31.0/MIGRATION.md) for information on how to upgrade from `go.opentelemetry.io/otel/semconv/v1.30.0`. (#6479)
+- Add `Recording`, `Scope`, and `Record` types in `go.opentelemetry.io/otel/log/logtest`. (#6507)
+- Add `WithHTTPClient` option to configure the `http.Client` used by `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp`. (#6751)
+- Add `WithHTTPClient` option to configure the `http.Client` used by `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#6752)
+- Add `WithHTTPClient` option to configure the `http.Client` used by `go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp`. (#6688)
+- Add `ValuesGetter` in `go.opentelemetry.io/otel/propagation`, a `TextMapCarrier` that supports retrieving multiple values for a single key. (#5973)
+- Add `Values` method to `HeaderCarrier` to implement the new `ValuesGetter` interface in `go.opentelemetry.io/otel/propagation`. (#5973)
+- Update `Baggage` in `go.opentelemetry.io/otel/propagation` to retrieve multiple values for a key when the carrier implements `ValuesGetter`. (#5973)
+- Add `AssertEqual` function in `go.opentelemetry.io/otel/log/logtest`. (#6662)
+- The `go.opentelemetry.io/otel/semconv/v1.32.0` package.
+  The package contains semantic conventions from the `v1.32.0` version of the OpenTelemetry Semantic Conventions.
+  See the [migration documentation](./semconv/v1.32.0/MIGRATION.md) for information on how to upgrade from `go.opentelemetry.io/otel/semconv/v1.31.0`(#6782)
+- Add `Transform` option in `go.opentelemetry.io/otel/log/logtest`. (#6794)
+- Add `Desc` option in `go.opentelemetry.io/otel/log/logtest`. (#6796)
+
+### Removed
+
+- Drop support for [Go 1.22]. (#6381, #6418)
+- Remove `Resource` field from `EnabledParameters` in `go.opentelemetry.io/otel/sdk/log`. (#6494)
+- Remove `RecordFactory` type from `go.opentelemetry.io/otel/log/logtest`. (#6492)
+- Remove `ScopeRecords`, `EmittedRecord`, and `RecordFactory` types from `go.opentelemetry.io/otel/log/logtest`. (#6507)
+- Remove `AssertRecordEqual` function in `go.opentelemetry.io/otel/log/logtest`, use `AssertEqual` instead. (#6662)
+
+### Changed
+
+- ⚠️ Update `github.com/prometheus/client_golang` to `v1.21.1`, which changes the `NameValidationScheme` to `UTF8Validation`.
+  This allows metrics names to keep original delimiters (e.g. `.`), rather than replacing with underscores.
+  This can be reverted by setting `github.com/prometheus/common/model.NameValidationScheme` to `LegacyValidation` in `github.com/prometheus/common/model`. (#6433)
+- Initialize map with `len(keys)` in `NewAllowKeysFilter` and `NewDenyKeysFilter` to avoid unnecessary allocations in `go.opentelemetry.io/otel/attribute`. (#6455)
+- `go.opentelemetry.io/otel/log/logtest` is now a separate Go module. (#6465)
+- `go.opentelemetry.io/otel/sdk/log/logtest` is now a separate Go module. (#6466)
+- `Recorder` in `go.opentelemetry.io/otel/log/logtest` no longer separately stores records emitted by loggers with the same instrumentation scope. (#6507)
+- Improve performance of `BatchProcessor` in `go.opentelemetry.io/otel/sdk/log` by not exporting when exporter cannot accept more. (#6569, #6641)
+
+### Deprecated
+
+- Deprecate support for `model.LegacyValidation` for `go.opentelemetry.io/otel/exporters/prometheus`. (#6449)
+
+### Fixes
+
+- Stop percent encoding header environment variables in `go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc` and `go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp`. (#6392)
+- Ensure the `noopSpan.tracerProvider` method is not inlined in `go.opentelemetry.io/otel/trace` so the `go.opentelemetry.io/auto` instrumentation can instrument non-recording spans. (#6456)
+- Use a `sync.Pool` instead of allocating `metricdata.ResourceMetrics` in `go.opentelemetry.io/otel/exporters/prometheus`. (#6472)
+
 ## [1.35.0/0.57.0/0.11.0] 2025-03-05
 
 This release is the last to support [Go 1.22].
@@ -3237,7 +3288,8 @@ It contains api and sdk for trace and meter.
 - CircleCI build CI manifest files.
 - CODEOWNERS file to track owners of this project.
 
-[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.35.0...HEAD
+[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.36.0...HEAD
+[1.36.0/0.58.0/0.12.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.36.0
 [1.35.0/0.57.0/0.11.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.35.0
 [1.34.0/0.56.0/0.10.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.34.0
 [1.33.0/0.55.0/0.9.0/0.0.12]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.33.0
diff --git a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md
index 7b8af585aa..1902dac057 100644
--- a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md
+++ b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md
@@ -643,6 +643,7 @@ should be canceled.
 
 ### Triagers
 
+- [Alex Kats](https://github.com/akats7), Capital One
 - [Cheng-Zhen Yang](https://github.com/scorpionknifes), Independent
 
 ### Approvers
diff --git a/vendor/go.opentelemetry.io/otel/Makefile b/vendor/go.opentelemetry.io/otel/Makefile
index 226410d742..62a56f4d34 100644
--- a/vendor/go.opentelemetry.io/otel/Makefile
+++ b/vendor/go.opentelemetry.io/otel/Makefile
@@ -43,8 +43,11 @@ $(TOOLS)/crosslink: PACKAGE=go.opentelemetry.io/build-tools/crosslink
 SEMCONVKIT = $(TOOLS)/semconvkit
 $(TOOLS)/semconvkit: PACKAGE=go.opentelemetry.io/otel/$(TOOLS_MOD_DIR)/semconvkit
 
+VERIFYREADMES = $(TOOLS)/verifyreadmes
+$(TOOLS)/verifyreadmes: PACKAGE=go.opentelemetry.io/otel/$(TOOLS_MOD_DIR)/verifyreadmes
+
 GOLANGCI_LINT = $(TOOLS)/golangci-lint
-$(TOOLS)/golangci-lint: PACKAGE=github.com/golangci/golangci-lint/cmd/golangci-lint
+$(TOOLS)/golangci-lint: PACKAGE=github.com/golangci/golangci-lint/v2/cmd/golangci-lint
 
 MISSPELL = $(TOOLS)/misspell
 $(TOOLS)/misspell: PACKAGE=github.com/client9/misspell/cmd/misspell
@@ -68,7 +71,7 @@ GOVULNCHECK = $(TOOLS)/govulncheck
 $(TOOLS)/govulncheck: PACKAGE=golang.org/x/vuln/cmd/govulncheck
 
 .PHONY: tools
-tools: $(CROSSLINK) $(GOLANGCI_LINT) $(MISSPELL) $(GOCOVMERGE) $(STRINGER) $(PORTO) $(SEMCONVGEN) $(MULTIMOD) $(SEMCONVKIT) $(GOTMPL) $(GORELEASE)
+tools: $(CROSSLINK) $(GOLANGCI_LINT) $(MISSPELL) $(GOCOVMERGE) $(STRINGER) $(PORTO) $(SEMCONVGEN) $(VERIFYREADMES) $(MULTIMOD) $(SEMCONVKIT) $(GOTMPL) $(GORELEASE)
 
 # Virtualized python tools via docker
 
@@ -213,11 +216,8 @@ go-mod-tidy/%: crosslink
 		&& cd $(DIR) \
 		&& $(GO) mod tidy -compat=1.21
 
-.PHONY: lint-modules
-lint-modules: go-mod-tidy
-
 .PHONY: lint
-lint: misspell lint-modules golangci-lint govulncheck
+lint: misspell go-mod-tidy golangci-lint govulncheck
 
 .PHONY: vanity-import-check
 vanity-import-check: $(PORTO)
@@ -319,10 +319,11 @@ add-tags: verify-mods
 	@[ "${MODSET}" ] || ( echo ">> env var MODSET is not set"; exit 1 )
 	$(MULTIMOD) tag -m ${MODSET} -c ${COMMIT}
 
+MARKDOWNIMAGE := $(shell awk '$$4=="markdown" {print $$2}' $(DEPENDENCIES_DOCKERFILE))
 .PHONY: lint-markdown
 lint-markdown:
-	docker run -v "$(CURDIR):$(WORKDIR)" avtodev/markdown-lint:v1 -c $(WORKDIR)/.markdownlint.yaml $(WORKDIR)/**/*.md
+	docker run --rm -u $(DOCKER_USER) -v "$(CURDIR):$(WORKDIR)" $(MARKDOWNIMAGE) -c $(WORKDIR)/.markdownlint.yaml $(WORKDIR)/**/*.md
 
 .PHONY: verify-readmes
-verify-readmes:
-	./verify_readmes.sh
+verify-readmes: $(VERIFYREADMES)
+	$(VERIFYREADMES)
diff --git a/vendor/go.opentelemetry.io/otel/README.md b/vendor/go.opentelemetry.io/otel/README.md
index 8421cd7e59..b600788121 100644
--- a/vendor/go.opentelemetry.io/otel/README.md
+++ b/vendor/go.opentelemetry.io/otel/README.md
@@ -6,6 +6,7 @@
 [![Go Report Card](https://goreportcard.com/badge/go.opentelemetry.io/otel)](https://goreportcard.com/report/go.opentelemetry.io/otel)
 [![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/open-telemetry/opentelemetry-go/badge)](https://scorecard.dev/viewer/?uri=github.com/open-telemetry/opentelemetry-go)
 [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9996/badge)](https://www.bestpractices.dev/projects/9996)
+[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/opentelemetry-go.svg)](https://issues.oss-fuzz.com/issues?q=project:opentelemetry-go)
 [![Slack](https://img.shields.io/badge/slack-@cncf/otel--go-brightgreen.svg?logo=slack)](https://cloud-native.slack.com/archives/C01NPAXACKT)
 
 OpenTelemetry-Go is the [Go](https://golang.org/) implementation of [OpenTelemetry](https://opentelemetry.io/).
@@ -53,25 +54,18 @@ Currently, this project supports the following environments.
 |----------|------------|--------------|
 | Ubuntu   | 1.24       | amd64        |
 | Ubuntu   | 1.23       | amd64        |
-| Ubuntu   | 1.22       | amd64        |
 | Ubuntu   | 1.24       | 386          |
 | Ubuntu   | 1.23       | 386          |
-| Ubuntu   | 1.22       | 386          |
 | Ubuntu   | 1.24       | arm64        |
 | Ubuntu   | 1.23       | arm64        |
-| Ubuntu   | 1.22       | arm64        |
 | macOS 13 | 1.24       | amd64        |
 | macOS 13 | 1.23       | amd64        |
-| macOS 13 | 1.22       | amd64        |
 | macOS    | 1.24       | arm64        |
 | macOS    | 1.23       | arm64        |
-| macOS    | 1.22       | arm64        |
 | Windows  | 1.24       | amd64        |
 | Windows  | 1.23       | amd64        |
-| Windows  | 1.22       | amd64        |
 | Windows  | 1.24       | 386          |
 | Windows  | 1.23       | 386          |
-| Windows  | 1.22       | 386          |
 
 While this project should work for other systems, no compatibility guarantees
 are made for those systems currently.
diff --git a/vendor/go.opentelemetry.io/otel/RELEASING.md b/vendor/go.opentelemetry.io/otel/RELEASING.md
index 1e13ae54f7..7c1a9119dc 100644
--- a/vendor/go.opentelemetry.io/otel/RELEASING.md
+++ b/vendor/go.opentelemetry.io/otel/RELEASING.md
@@ -1,5 +1,9 @@
 # Release Process
 
+## Create a `Version Release` issue
+
+Create a `Version Release` issue to track the release process.
+
 ## Semantic Convention Generation
 
 New versions of the [OpenTelemetry Semantic Conventions] mean new versions of the `semconv` package need to be generated.
@@ -123,6 +127,16 @@ Importantly, bump any package versions referenced to be the latest one you just
 [Go instrumentation documentation]: https://opentelemetry.io/docs/languages/go/
 [content/en/docs/languages/go]: https://github.com/open-telemetry/opentelemetry.io/tree/main/content/en/docs/languages/go
 
+### Close the milestone
+
+Once a release is made, ensure all issues that were fixed and PRs that were merged as part of this release are added to the corresponding milestone.
+This helps track what changes were included in each release.
+
+- To find issues that haven't been included in a milestone, use this [GitHub search query](https://github.com/open-telemetry/opentelemetry-go/issues?q=is%3Aissue%20no%3Amilestone%20is%3Aclosed%20sort%3Aupdated-desc%20reason%3Acompleted%20-label%3AStale%20linked%3Apr)
+- To find merged PRs that haven't been included in a milestone, use this [GitHub search query](https://github.com/open-telemetry/opentelemetry-go/pulls?q=is%3Apr+no%3Amilestone+is%3Amerged).
+
+Once all related issues and PRs have been added to the milestone, close the milestone.
+
 ### Demo Repository
 
 Bump the dependencies in the following Go services:
@@ -130,3 +144,7 @@ Bump the dependencies in the following Go services:
 - [`accounting`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/accounting)
 - [`checkoutservice`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/checkout)
 - [`productcatalogservice`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/product-catalog)
+
+### Close the `Version Release` issue
+
+Once the todo list in the `Version Release` issue is complete, close the issue.
diff --git a/vendor/go.opentelemetry.io/otel/attribute/filter.go b/vendor/go.opentelemetry.io/otel/attribute/filter.go
index be9cd922d8..3eeaa5d442 100644
--- a/vendor/go.opentelemetry.io/otel/attribute/filter.go
+++ b/vendor/go.opentelemetry.io/otel/attribute/filter.go
@@ -19,7 +19,7 @@ func NewAllowKeysFilter(keys ...Key) Filter {
 		return func(kv KeyValue) bool { return false }
 	}
 
-	allowed := make(map[Key]struct{})
+	allowed := make(map[Key]struct{}, len(keys))
 	for _, k := range keys {
 		allowed[k] = struct{}{}
 	}
@@ -38,7 +38,7 @@ func NewDenyKeysFilter(keys ...Key) Filter {
 		return func(kv KeyValue) bool { return true }
 	}
 
-	forbid := make(map[Key]struct{})
+	forbid := make(map[Key]struct{}, len(keys))
 	for _, k := range keys {
 		forbid[k] = struct{}{}
 	}
diff --git a/vendor/go.opentelemetry.io/otel/internal/attribute/attribute.go b/vendor/go.opentelemetry.io/otel/attribute/internal/attribute.go
similarity index 97%
rename from vendor/go.opentelemetry.io/otel/internal/attribute/attribute.go
rename to vendor/go.opentelemetry.io/otel/attribute/internal/attribute.go
index 691d96c755..b76d2bbfdb 100644
--- a/vendor/go.opentelemetry.io/otel/internal/attribute/attribute.go
+++ b/vendor/go.opentelemetry.io/otel/attribute/internal/attribute.go
@@ -5,7 +5,7 @@
 Package attribute provide several helper functions for some commonly used
 logic of processing attributes.
 */
-package attribute // import "go.opentelemetry.io/otel/internal/attribute"
+package attribute // import "go.opentelemetry.io/otel/attribute/internal"
 
 import (
 	"reflect"
diff --git a/vendor/go.opentelemetry.io/otel/attribute/rawhelpers.go b/vendor/go.opentelemetry.io/otel/attribute/rawhelpers.go
new file mode 100644
index 0000000000..5791c6e7aa
--- /dev/null
+++ b/vendor/go.opentelemetry.io/otel/attribute/rawhelpers.go
@@ -0,0 +1,37 @@
+// Copyright The OpenTelemetry Authors
+// SPDX-License-Identifier: Apache-2.0
+
+package attribute // import "go.opentelemetry.io/otel/attribute"
+
+import (
+	"math"
+)
+
+func boolToRaw(b bool) uint64 { // nolint:revive  // b is not a control flag.
+	if b {
+		return 1
+	}
+	return 0
+}
+
+func rawToBool(r uint64) bool {
+	return r != 0
+}
+
+func int64ToRaw(i int64) uint64 {
+	// Assumes original was a valid int64 (overflow not checked).
+	return uint64(i) // nolint: gosec
+}
+
+func rawToInt64(r uint64) int64 {
+	// Assumes original was a valid int64 (overflow not checked).
+	return int64(r) // nolint: gosec
+}
+
+func float64ToRaw(f float64) uint64 {
+	return math.Float64bits(f)
+}
+
+func rawToFloat64(r uint64) float64 {
+	return math.Float64frombits(r)
+}
diff --git a/vendor/go.opentelemetry.io/otel/attribute/value.go b/vendor/go.opentelemetry.io/otel/attribute/value.go
index 9ea0ecbbd2..817eecacf1 100644
--- a/vendor/go.opentelemetry.io/otel/attribute/value.go
+++ b/vendor/go.opentelemetry.io/otel/attribute/value.go
@@ -9,8 +9,7 @@ import (
 	"reflect"
 	"strconv"
 
-	"go.opentelemetry.io/otel/internal"
-	"go.opentelemetry.io/otel/internal/attribute"
+	attribute "go.opentelemetry.io/otel/attribute/internal"
 )
 
 //go:generate stringer -type=Type
@@ -51,7 +50,7 @@ const (
 func BoolValue(v bool) Value {
 	return Value{
 		vtype:   BOOL,
-		numeric: internal.BoolToRaw(v),
+		numeric: boolToRaw(v),
 	}
 }
 
@@ -82,7 +81,7 @@ func IntSliceValue(v []int) Value {
 func Int64Value(v int64) Value {
 	return Value{
 		vtype:   INT64,
-		numeric: internal.Int64ToRaw(v),
+		numeric: int64ToRaw(v),
 	}
 }
 
@@ -95,7 +94,7 @@ func Int64SliceValue(v []int64) Value {
 func Float64Value(v float64) Value {
 	return Value{
 		vtype:   FLOAT64,
-		numeric: internal.Float64ToRaw(v),
+		numeric: float64ToRaw(v),
 	}
 }
 
@@ -125,7 +124,7 @@ func (v Value) Type() Type {
 // AsBool returns the bool value. Make sure that the Value's type is
 // BOOL.
 func (v Value) AsBool() bool {
-	return internal.RawToBool(v.numeric)
+	return rawToBool(v.numeric)
 }
 
 // AsBoolSlice returns the []bool value. Make sure that the Value's type is
@@ -144,7 +143,7 @@ func (v Value) asBoolSlice() []bool {
 // AsInt64 returns the int64 value. Make sure that the Value's type is
 // INT64.
 func (v Value) AsInt64() int64 {
-	return internal.RawToInt64(v.numeric)
+	return rawToInt64(v.numeric)
 }
 
 // AsInt64Slice returns the []int64 value. Make sure that the Value's type is
@@ -163,7 +162,7 @@ func (v Value) asInt64Slice() []int64 {
 // AsFloat64 returns the float64 value. Make sure that the Value's
 // type is FLOAT64.
 func (v Value) AsFloat64() float64 {
-	return internal.RawToFloat64(v.numeric)
+	return rawToFloat64(v.numeric)
 }
 
 // AsFloat64Slice returns the []float64 value. Make sure that the Value's type is
diff --git a/vendor/go.opentelemetry.io/otel/dependencies.Dockerfile b/vendor/go.opentelemetry.io/otel/dependencies.Dockerfile
index e4c4a753c8..51fb76b30d 100644
--- a/vendor/go.opentelemetry.io/otel/dependencies.Dockerfile
+++ b/vendor/go.opentelemetry.io/otel/dependencies.Dockerfile
@@ -1,3 +1,4 @@
 # This is a renovate-friendly source of Docker images.
-FROM python:3.13.2-slim-bullseye@sha256:31b581c8218e1f3c58672481b3b7dba8e898852866b408c6a984c22832523935 AS python
-FROM otel/weaver:v0.13.2@sha256:ae7346b992e477f629ea327e0979e8a416a97f7956ab1f7e95ac1f44edf1a893 AS weaver
+FROM python:3.13.3-slim-bullseye@sha256:9e3f9243e06fd68eb9519074b49878eda20ad39a855fac51aaffb741de20726e AS python
+FROM otel/weaver:v0.15.0@sha256:1cf1c72eaed57dad813c2e359133b8a15bd4facf305aae5b13bdca6d3eccff56 AS weaver
+FROM avtodev/markdown-lint:v1@sha256:6aeedc2f49138ce7a1cd0adffc1b1c0321b841dc2102408967d9301c031949ee AS markdown
diff --git a/vendor/go.opentelemetry.io/otel/get_main_pkgs.sh b/vendor/go.opentelemetry.io/otel/get_main_pkgs.sh
deleted file mode 100644
index 93e80ea306..0000000000
--- a/vendor/go.opentelemetry.io/otel/get_main_pkgs.sh
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright The OpenTelemetry Authors
-# SPDX-License-Identifier: Apache-2.0
-
-set -euo pipefail
-
-top_dir='.'
-if [[ $# -gt 0 ]]; then
-    top_dir="${1}"
-fi
-
-p=$(pwd)
-mod_dirs=()
-
-# Note `mapfile` does not exist in older bash versions:
-# https://stackoverflow.com/questions/41475261/need-alternative-to-readarray-mapfile-for-script-on-older-version-of-bash
-
-while IFS= read -r line; do
-    mod_dirs+=("$line")
-done < <(find "${top_dir}" -type f -name 'go.mod' -exec dirname {} \; | sort)
-
-for mod_dir in "${mod_dirs[@]}"; do
-    cd "${mod_dir}"
-
-    while IFS= read -r line; do
-        echo ".${line#${p}}"
-    done < <(go list --find -f '{{.Name}}|{{.Dir}}' ./... | grep '^main|' | cut -f 2- -d '|')
-    cd "${p}"
-done
diff --git a/vendor/go.opentelemetry.io/otel/internal/gen.go b/vendor/go.opentelemetry.io/otel/internal/gen.go
deleted file mode 100644
index 4259f0320d..0000000000
--- a/vendor/go.opentelemetry.io/otel/internal/gen.go
+++ /dev/null
@@ -1,18 +0,0 @@
-// Copyright The OpenTelemetry Authors
-// SPDX-License-Identifier: Apache-2.0
-
-package internal // import "go.opentelemetry.io/otel/internal"
-
-//go:generate gotmpl --body=./shared/matchers/expectation.go.tmpl "--data={}" --out=matchers/expectation.go
-//go:generate gotmpl --body=./shared/matchers/expecter.go.tmpl "--data={}" --out=matchers/expecter.go
-//go:generate gotmpl --body=./shared/matchers/temporal_matcher.go.tmpl "--data={}" --out=matchers/temporal_matcher.go
-
-//go:generate gotmpl --body=./shared/internaltest/alignment.go.tmpl "--data={}" --out=internaltest/alignment.go
-//go:generate gotmpl --body=./shared/internaltest/env.go.tmpl "--data={}" --out=internaltest/env.go
-//go:generate gotmpl --body=./shared/internaltest/env_test.go.tmpl "--data={}" --out=internaltest/env_test.go
-//go:generate gotmpl --body=./shared/internaltest/errors.go.tmpl "--data={}" --out=internaltest/errors.go
-//go:generate gotmpl --body=./shared/internaltest/harness.go.tmpl "--data={\"matchersImportPath\": \"go.opentelemetry.io/otel/internal/matchers\"}" --out=internaltest/harness.go
-//go:generate gotmpl --body=./shared/internaltest/text_map_carrier.go.tmpl "--data={}" --out=internaltest/text_map_carrier.go
-//go:generate gotmpl --body=./shared/internaltest/text_map_carrier_test.go.tmpl "--data={}" --out=internaltest/text_map_carrier_test.go
-//go:generate gotmpl --body=./shared/internaltest/text_map_propagator.go.tmpl "--data={}" --out=internaltest/text_map_propagator.go
-//go:generate gotmpl --body=./shared/internaltest/text_map_propagator_test.go.tmpl "--data={}" --out=internaltest/text_map_propagator_test.go
diff --git a/vendor/go.opentelemetry.io/otel/internal/global/handler.go b/vendor/go.opentelemetry.io/otel/internal/global/handler.go
index c657ff8e75..2e47b2964c 100644
--- a/vendor/go.opentelemetry.io/otel/internal/global/handler.go
+++ b/vendor/go.opentelemetry.io/otel/internal/global/handler.go
@@ -1,6 +1,7 @@
 // Copyright The OpenTelemetry Authors
 // SPDX-License-Identifier: Apache-2.0
 
+// Package global provides the OpenTelemetry global API.
 package global // import "go.opentelemetry.io/otel/internal/global"
 
 import (
diff --git a/vendor/go.opentelemetry.io/otel/internal/global/meter.go b/vendor/go.opentelemetry.io/otel/internal/global/meter.go
index a6acd8dca6..adb37b5b0e 100644
--- a/vendor/go.opentelemetry.io/otel/internal/global/meter.go
+++ b/vendor/go.opentelemetry.io/otel/internal/global/meter.go
@@ -169,7 +169,10 @@ func (m *meter) Int64Counter(name string, options ...metric.Int64CounterOption)
 	return i, nil
 }
 
-func (m *meter) Int64UpDownCounter(name string, options ...metric.Int64UpDownCounterOption) (metric.Int64UpDownCounter, error) {
+func (m *meter) Int64UpDownCounter(
+	name string,
+	options ...metric.Int64UpDownCounterOption,
+) (metric.Int64UpDownCounter, error) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
@@ -238,7 +241,10 @@ func (m *meter) Int64Gauge(name string, options ...metric.Int64GaugeOption) (met
 	return i, nil
 }
 
-func (m *meter) Int64ObservableCounter(name string, options ...metric.Int64ObservableCounterOption) (metric.Int64ObservableCounter, error) {
+func (m *meter) Int64ObservableCounter(
+	name string,
+	options ...metric.Int64ObservableCounterOption,
+) (metric.Int64ObservableCounter, error) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
@@ -261,7 +267,10 @@ func (m *meter) Int64ObservableCounter(name string, options ...metric.Int64Obser
 	return i, nil
 }
 
-func (m *meter) Int64ObservableUpDownCounter(name string, options ...metric.Int64ObservableUpDownCounterOption) (metric.Int64ObservableUpDownCounter, error) {
+func (m *meter) Int64ObservableUpDownCounter(
+	name string,
+	options ...metric.Int64ObservableUpDownCounterOption,
+) (metric.Int64ObservableUpDownCounter, error) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
@@ -284,7 +293,10 @@ func (m *meter) Int64ObservableUpDownCounter(name string, options ...metric.Int6
 	return i, nil
 }
 
-func (m *meter) Int64ObservableGauge(name string, options ...metric.Int64ObservableGaugeOption) (metric.Int64ObservableGauge, error) {
+func (m *meter) Int64ObservableGauge(
+	name string,
+	options ...metric.Int64ObservableGaugeOption,
+) (metric.Int64ObservableGauge, error) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
@@ -330,7 +342,10 @@ func (m *meter) Float64Counter(name string, options ...metric.Float64CounterOpti
 	return i, nil
 }
 
-func (m *meter) Float64UpDownCounter(name string, options ...metric.Float64UpDownCounterOption) (metric.Float64UpDownCounter, error) {
+func (m *meter) Float64UpDownCounter(
+	name string,
+	options ...metric.Float64UpDownCounterOption,
+) (metric.Float64UpDownCounter, error) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
@@ -353,7 +368,10 @@ func (m *meter) Float64UpDownCounter(name string, options ...metric.Float64UpDow
 	return i, nil
 }
 
-func (m *meter) Float64Histogram(name string, options ...metric.Float64HistogramOption) (metric.Float64Histogram, error) {
+func (m *meter) Float64Histogram(
+	name string,
+	options ...metric.Float64HistogramOption,
+) (metric.Float64Histogram, error) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
@@ -399,7 +417,10 @@ func (m *meter) Float64Gauge(name string, options ...metric.Float64GaugeOption)
 	return i, nil
 }
 
-func (m *meter) Float64ObservableCounter(name string, options ...metric.Float64ObservableCounterOption) (metric.Float64ObservableCounter, error) {
+func (m *meter) Float64ObservableCounter(
+	name string,
+	options ...metric.Float64ObservableCounterOption,
+) (metric.Float64ObservableCounter, error) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
@@ -422,7 +443,10 @@ func (m *meter) Float64ObservableCounter(name string, options ...metric.Float64O
 	return i, nil
 }
 
-func (m *meter) Float64ObservableUpDownCounter(name string, options ...metric.Float64ObservableUpDownCounterOption) (metric.Float64ObservableUpDownCounter, error) {
+func (m *meter) Float64ObservableUpDownCounter(
+	name string,
+	options ...metric.Float64ObservableUpDownCounterOption,
+) (metric.Float64ObservableUpDownCounter, error) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
@@ -445,7 +469,10 @@ func (m *meter) Float64ObservableUpDownCounter(name string, options ...metric.Fl
 	return i, nil
 }
 
-func (m *meter) Float64ObservableGauge(name string, options ...metric.Float64ObservableGaugeOption) (metric.Float64ObservableGauge, error) {
+func (m *meter) Float64ObservableGauge(
+	name string,
+	options ...metric.Float64ObservableGaugeOption,
+) (metric.Float64ObservableGauge, error) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
diff --git a/vendor/go.opentelemetry.io/otel/internal/global/trace.go b/vendor/go.opentelemetry.io/otel/internal/global/trace.go
index 8982aa0dc5..49e4ac4faa 100644
--- a/vendor/go.opentelemetry.io/otel/internal/global/trace.go
+++ b/vendor/go.opentelemetry.io/otel/internal/global/trace.go
@@ -158,7 +158,18 @@ func (t *tracer) Start(ctx context.Context, name string, opts ...trace.SpanStart
 // a nonRecordingSpan by default.
 var autoInstEnabled = new(bool)
 
-func (t *tracer) newSpan(ctx context.Context, autoSpan *bool, name string, opts []trace.SpanStartOption) (context.Context, trace.Span) {
+// newSpan is called by tracer.Start so auto-instrumentation can attach an eBPF
+// uprobe to this code.
+//
+// "noinline" pragma prevents the method from ever being inlined.
+//
+//go:noinline
+func (t *tracer) newSpan(
+	ctx context.Context,
+	autoSpan *bool,
+	name string,
+	opts []trace.SpanStartOption,
+) (context.Context, trace.Span) {
 	// autoInstEnabled is passed to newSpan via the autoSpan parameter. This is
 	// so the auto-instrumentation can define a uprobe for (*t).newSpan and be
 	// provided with the address of the bool autoInstEnabled points to. It
diff --git a/vendor/go.opentelemetry.io/otel/internal/rawhelpers.go b/vendor/go.opentelemetry.io/otel/internal/rawhelpers.go
deleted file mode 100644
index b2fe3e41d3..0000000000
--- a/vendor/go.opentelemetry.io/otel/internal/rawhelpers.go
+++ /dev/null
@@ -1,48 +0,0 @@
-// Copyright The OpenTelemetry Authors
-// SPDX-License-Identifier: Apache-2.0
-
-package internal // import "go.opentelemetry.io/otel/internal"
-
-import (
-	"math"
-	"unsafe"
-)
-
-func BoolToRaw(b bool) uint64 { // nolint:revive  // b is not a control flag.
-	if b {
-		return 1
-	}
-	return 0
-}
-
-func RawToBool(r uint64) bool {
-	return r != 0
-}
-
-func Int64ToRaw(i int64) uint64 {
-	// Assumes original was a valid int64 (overflow not checked).
-	return uint64(i) // nolint: gosec
-}
-
-func RawToInt64(r uint64) int64 {
-	// Assumes original was a valid int64 (overflow not checked).
-	return int64(r) // nolint: gosec
-}
-
-func Float64ToRaw(f float64) uint64 {
-	return math.Float64bits(f)
-}
-
-func RawToFloat64(r uint64) float64 {
-	return math.Float64frombits(r)
-}
-
-func RawPtrToFloat64Ptr(r *uint64) *float64 {
-	// Assumes original was a valid *float64 (overflow not checked).
-	return (*float64)(unsafe.Pointer(r)) // nolint: gosec
-}
-
-func RawPtrToInt64Ptr(r *uint64) *int64 {
-	// Assumes original was a valid *int64 (overflow not checked).
-	return (*int64)(unsafe.Pointer(r)) // nolint: gosec
-}
diff --git a/vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go b/vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go
index f8435d8f28..b7fc973a66 100644
--- a/vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go
+++ b/vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go
@@ -106,7 +106,9 @@ type Float64ObservableUpDownCounterConfig struct {
 
 // NewFloat64ObservableUpDownCounterConfig returns a new
 // [Float64ObservableUpDownCounterConfig] with all opts applied.
-func NewFloat64ObservableUpDownCounterConfig(opts ...Float64ObservableUpDownCounterOption) Float64ObservableUpDownCounterConfig {
+func NewFloat64ObservableUpDownCounterConfig(
+	opts ...Float64ObservableUpDownCounterOption,
+) Float64ObservableUpDownCounterConfig {
 	var config Float64ObservableUpDownCounterConfig
 	for _, o := range opts {
 		config = o.applyFloat64ObservableUpDownCounter(config)
@@ -239,12 +241,16 @@ type float64CallbackOpt struct {
 	cback Float64Callback
 }
 
-func (o float64CallbackOpt) applyFloat64ObservableCounter(cfg Float64ObservableCounterConfig) Float64ObservableCounterConfig {
+func (o float64CallbackOpt) applyFloat64ObservableCounter(
+	cfg Float64ObservableCounterConfig,
+) Float64ObservableCounterConfig {
 	cfg.callbacks = append(cfg.callbacks, o.cback)
 	return cfg
 }
 
-func (o float64CallbackOpt) applyFloat64ObservableUpDownCounter(cfg Float64ObservableUpDownCounterConfig) Float64ObservableUpDownCounterConfig {
+func (o float64CallbackOpt) applyFloat64ObservableUpDownCounter(
+	cfg Float64ObservableUpDownCounterConfig,
+) Float64ObservableUpDownCounterConfig {
 	cfg.callbacks = append(cfg.callbacks, o.cback)
 	return cfg
 }
diff --git a/vendor/go.opentelemetry.io/otel/metric/asyncint64.go b/vendor/go.opentelemetry.io/otel/metric/asyncint64.go
index e079aaef16..4404b71a22 100644
--- a/vendor/go.opentelemetry.io/otel/metric/asyncint64.go
+++ b/vendor/go.opentelemetry.io/otel/metric/asyncint64.go
@@ -105,7 +105,9 @@ type Int64ObservableUpDownCounterConfig struct {
 
 // NewInt64ObservableUpDownCounterConfig returns a new
 // [Int64ObservableUpDownCounterConfig] with all opts applied.
-func NewInt64ObservableUpDownCounterConfig(opts ...Int64ObservableUpDownCounterOption) Int64ObservableUpDownCounterConfig {
+func NewInt64ObservableUpDownCounterConfig(
+	opts ...Int64ObservableUpDownCounterOption,
+) Int64ObservableUpDownCounterConfig {
 	var config Int64ObservableUpDownCounterConfig
 	for _, o := range opts {
 		config = o.applyInt64ObservableUpDownCounter(config)
@@ -242,7 +244,9 @@ func (o int64CallbackOpt) applyInt64ObservableCounter(cfg Int64ObservableCounter
 	return cfg
 }
 
-func (o int64CallbackOpt) applyInt64ObservableUpDownCounter(cfg Int64ObservableUpDownCounterConfig) Int64ObservableUpDownCounterConfig {
+func (o int64CallbackOpt) applyInt64ObservableUpDownCounter(
+	cfg Int64ObservableUpDownCounterConfig,
+) Int64ObservableUpDownCounterConfig {
 	cfg.callbacks = append(cfg.callbacks, o.cback)
 	return cfg
 }
diff --git a/vendor/go.opentelemetry.io/otel/metric/instrument.go b/vendor/go.opentelemetry.io/otel/metric/instrument.go
index a535782e1d..9f48d5f117 100644
--- a/vendor/go.opentelemetry.io/otel/metric/instrument.go
+++ b/vendor/go.opentelemetry.io/otel/metric/instrument.go
@@ -63,7 +63,9 @@ func (o descOpt) applyFloat64ObservableCounter(c Float64ObservableCounterConfig)
 	return c
 }
 
-func (o descOpt) applyFloat64ObservableUpDownCounter(c Float64ObservableUpDownCounterConfig) Float64ObservableUpDownCounterConfig {
+func (o descOpt) applyFloat64ObservableUpDownCounter(
+	c Float64ObservableUpDownCounterConfig,
+) Float64ObservableUpDownCounterConfig {
 	c.description = string(o)
 	return c
 }
@@ -98,7 +100,9 @@ func (o descOpt) applyInt64ObservableCounter(c Int64ObservableCounterConfig) Int
 	return c
 }
 
-func (o descOpt) applyInt64ObservableUpDownCounter(c Int64ObservableUpDownCounterConfig) Int64ObservableUpDownCounterConfig {
+func (o descOpt) applyInt64ObservableUpDownCounter(
+	c Int64ObservableUpDownCounterConfig,
+) Int64ObservableUpDownCounterConfig {
 	c.description = string(o)
 	return c
 }
@@ -138,7 +142,9 @@ func (o unitOpt) applyFloat64ObservableCounter(c Float64ObservableCounterConfig)
 	return c
 }
 
-func (o unitOpt) applyFloat64ObservableUpDownCounter(c Float64ObservableUpDownCounterConfig) Float64ObservableUpDownCounterConfig {
+func (o unitOpt) applyFloat64ObservableUpDownCounter(
+	c Float64ObservableUpDownCounterConfig,
+) Float64ObservableUpDownCounterConfig {
 	c.unit = string(o)
 	return c
 }
@@ -173,7 +179,9 @@ func (o unitOpt) applyInt64ObservableCounter(c Int64ObservableCounterConfig) Int
 	return c
 }
 
-func (o unitOpt) applyInt64ObservableUpDownCounter(c Int64ObservableUpDownCounterConfig) Int64ObservableUpDownCounterConfig {
+func (o unitOpt) applyInt64ObservableUpDownCounter(
+	c Int64ObservableUpDownCounterConfig,
+) Int64ObservableUpDownCounterConfig {
 	c.unit = string(o)
 	return c
 }
diff --git a/vendor/go.opentelemetry.io/otel/metric/meter.go b/vendor/go.opentelemetry.io/otel/metric/meter.go
index 14e08c24a4..fdd2a7011c 100644
--- a/vendor/go.opentelemetry.io/otel/metric/meter.go
+++ b/vendor/go.opentelemetry.io/otel/metric/meter.go
@@ -110,7 +110,10 @@ type Meter interface {
 	// The name needs to conform to the OpenTelemetry instrument name syntax.
 	// See the Instrument Name section of the package documentation for more
 	// information.
-	Int64ObservableUpDownCounter(name string, options ...Int64ObservableUpDownCounterOption) (Int64ObservableUpDownCounter, error)
+	Int64ObservableUpDownCounter(
+		name string,
+		options ...Int64ObservableUpDownCounterOption,
+	) (Int64ObservableUpDownCounter, error)
 
 	// Int64ObservableGauge returns a new Int64ObservableGauge instrument
 	// identified by name and configured with options. The instrument is used
@@ -194,7 +197,10 @@ type Meter interface {
 	// The name needs to conform to the OpenTelemetry instrument name syntax.
 	// See the Instrument Name section of the package documentation for more
 	// information.
-	Float64ObservableUpDownCounter(name string, options ...Float64ObservableUpDownCounterOption) (Float64ObservableUpDownCounter, error)
+	Float64ObservableUpDownCounter(
+		name string,
+		options ...Float64ObservableUpDownCounterOption,
+	) (Float64ObservableUpDownCounter, error)
 
 	// Float64ObservableGauge returns a new Float64ObservableGauge instrument
 	// identified by name and configured with options. The instrument is used
diff --git a/vendor/go.opentelemetry.io/otel/metric/noop/noop.go b/vendor/go.opentelemetry.io/otel/metric/noop/noop.go
index ca6fcbdc09..9afb69e583 100644
--- a/vendor/go.opentelemetry.io/otel/metric/noop/noop.go
+++ b/vendor/go.opentelemetry.io/otel/metric/noop/noop.go
@@ -86,13 +86,19 @@ func (Meter) Int64Gauge(string, ...metric.Int64GaugeOption) (metric.Int64Gauge,
 
 // Int64ObservableCounter returns an ObservableCounter used to record int64
 // measurements that produces no telemetry.
-func (Meter) Int64ObservableCounter(string, ...metric.Int64ObservableCounterOption) (metric.Int64ObservableCounter, error) {
+func (Meter) Int64ObservableCounter(
+	string,
+	...metric.Int64ObservableCounterOption,
+) (metric.Int64ObservableCounter, error) {
 	return Int64ObservableCounter{}, nil
 }
 
 // Int64ObservableUpDownCounter returns an ObservableUpDownCounter used to
 // record int64 measurements that produces no telemetry.
-func (Meter) Int64ObservableUpDownCounter(string, ...metric.Int64ObservableUpDownCounterOption) (metric.Int64ObservableUpDownCounter, error) {
+func (Meter) Int64ObservableUpDownCounter(
+	string,
+	...metric.Int64ObservableUpDownCounterOption,
+) (metric.Int64ObservableUpDownCounter, error) {
 	return Int64ObservableUpDownCounter{}, nil
 }
 
@@ -128,19 +134,28 @@ func (Meter) Float64Gauge(string, ...metric.Float64GaugeOption) (metric.Float64G
 
 // Float64ObservableCounter returns an ObservableCounter used to record int64
 // measurements that produces no telemetry.
-func (Meter) Float64ObservableCounter(string, ...metric.Float64ObservableCounterOption) (metric.Float64ObservableCounter, error) {
+func (Meter) Float64ObservableCounter(
+	string,
+	...metric.Float64ObservableCounterOption,
+) (metric.Float64ObservableCounter, error) {
 	return Float64ObservableCounter{}, nil
 }
 
 // Float64ObservableUpDownCounter returns an ObservableUpDownCounter used to
 // record int64 measurements that produces no telemetry.
-func (Meter) Float64ObservableUpDownCounter(string, ...metric.Float64ObservableUpDownCounterOption) (metric.Float64ObservableUpDownCounter, error) {
+func (Meter) Float64ObservableUpDownCounter(
+	string,
+	...metric.Float64ObservableUpDownCounterOption,
+) (metric.Float64ObservableUpDownCounter, error) {
 	return Float64ObservableUpDownCounter{}, nil
 }
 
 // Float64ObservableGauge returns an ObservableGauge used to record int64
 // measurements that produces no telemetry.
-func (Meter) Float64ObservableGauge(string, ...metric.Float64ObservableGaugeOption) (metric.Float64ObservableGauge, error) {
+func (Meter) Float64ObservableGauge(
+	string,
+	...metric.Float64ObservableGaugeOption,
+) (metric.Float64ObservableGauge, error) {
 	return Float64ObservableGauge{}, nil
 }
 
diff --git a/vendor/go.opentelemetry.io/otel/propagation/baggage.go b/vendor/go.opentelemetry.io/otel/propagation/baggage.go
index 552263ba73..ebda5026d6 100644
--- a/vendor/go.opentelemetry.io/otel/propagation/baggage.go
+++ b/vendor/go.opentelemetry.io/otel/propagation/baggage.go
@@ -28,7 +28,21 @@ func (b Baggage) Inject(ctx context.Context, carrier TextMapCarrier) {
 }
 
 // Extract returns a copy of parent with the baggage from the carrier added.
+// If carrier implements [ValuesGetter] (e.g. [HeaderCarrier]), Values is invoked
+// for multiple values extraction. Otherwise, Get is called.
 func (b Baggage) Extract(parent context.Context, carrier TextMapCarrier) context.Context {
+	if multiCarrier, ok := carrier.(ValuesGetter); ok {
+		return extractMultiBaggage(parent, multiCarrier)
+	}
+	return extractSingleBaggage(parent, carrier)
+}
+
+// Fields returns the keys who's values are set with Inject.
+func (b Baggage) Fields() []string {
+	return []string{baggageHeader}
+}
+
+func extractSingleBaggage(parent context.Context, carrier TextMapCarrier) context.Context {
 	bStr := carrier.Get(baggageHeader)
 	if bStr == "" {
 		return parent
@@ -41,7 +55,23 @@ func (b Baggage) Extract(parent context.Context, carrier TextMapCarrier) context
 	return baggage.ContextWithBaggage(parent, bag)
 }
 
-// Fields returns the keys who's values are set with Inject.
-func (b Baggage) Fields() []string {
-	return []string{baggageHeader}
+func extractMultiBaggage(parent context.Context, carrier ValuesGetter) context.Context {
+	bVals := carrier.Values(baggageHeader)
+	if len(bVals) == 0 {
+		return parent
+	}
+	var members []baggage.Member
+	for _, bStr := range bVals {
+		currBag, err := baggage.Parse(bStr)
+		if err != nil {
+			continue
+		}
+		members = append(members, currBag.Members()...)
+	}
+
+	b, err := baggage.New(members...)
+	if err != nil || b.Len() == 0 {
+		return parent
+	}
+	return baggage.ContextWithBaggage(parent, b)
 }
diff --git a/vendor/go.opentelemetry.io/otel/propagation/propagation.go b/vendor/go.opentelemetry.io/otel/propagation/propagation.go
index 8c8286aab4..5c8c26ea2e 100644
--- a/vendor/go.opentelemetry.io/otel/propagation/propagation.go
+++ b/vendor/go.opentelemetry.io/otel/propagation/propagation.go
@@ -9,6 +9,7 @@ import (
 )
 
 // TextMapCarrier is the storage medium used by a TextMapPropagator.
+// See ValuesGetter for how a TextMapCarrier can get multiple values for a key.
 type TextMapCarrier interface {
 	// DO NOT CHANGE: any modification will not be backwards compatible and
 	// must never be done outside of a new major release.
@@ -29,6 +30,18 @@ type TextMapCarrier interface {
 	// must never be done outside of a new major release.
 }
 
+// ValuesGetter can return multiple values for a single key,
+// with contrast to TextMapCarrier.Get which returns a single value.
+type ValuesGetter interface {
+	// DO NOT CHANGE: any modification will not be backwards compatible and
+	// must never be done outside of a new major release.
+
+	// Values returns all values associated with the passed key.
+	Values(key string) []string
+	// DO NOT CHANGE: any modification will not be backwards compatible and
+	// must never be done outside of a new major release.
+}
+
 // MapCarrier is a TextMapCarrier that uses a map held in memory as a storage
 // medium for propagated key-value pairs.
 type MapCarrier map[string]string
@@ -55,14 +68,25 @@ func (c MapCarrier) Keys() []string {
 	return keys
 }
 
-// HeaderCarrier adapts http.Header to satisfy the TextMapCarrier interface.
+// HeaderCarrier adapts http.Header to satisfy the TextMapCarrier and ValuesGetter interfaces.
 type HeaderCarrier http.Header
 
-// Get returns the value associated with the passed key.
+// Compile time check that HeaderCarrier implements ValuesGetter.
+var _ TextMapCarrier = HeaderCarrier{}
+
+// Compile time check that HeaderCarrier implements TextMapCarrier.
+var _ ValuesGetter = HeaderCarrier{}
+
+// Get returns the first value associated with the passed key.
 func (hc HeaderCarrier) Get(key string) string {
 	return http.Header(hc).Get(key)
 }
 
+// Values returns all values associated with the passed key.
+func (hc HeaderCarrier) Values(key string) []string {
+	return http.Header(hc).Values(key)
+}
+
 // Set stores the key-value pair.
 func (hc HeaderCarrier) Set(key string, value string) {
 	http.Header(hc).Set(key, value)
@@ -89,6 +113,8 @@ type TextMapPropagator interface {
 	// must never be done outside of a new major release.
 
 	// Extract reads cross-cutting concerns from the carrier into a Context.
+	// Implementations may check if the carrier implements ValuesGetter,
+	// to support extraction of multiple values per key.
 	Extract(ctx context.Context, carrier TextMapCarrier) context.Context
 	// DO NOT CHANGE: any modification will not be backwards compatible and
 	// must never be done outside of a new major release.
diff --git a/vendor/go.opentelemetry.io/otel/renovate.json b/vendor/go.opentelemetry.io/otel/renovate.json
index a6fa353f95..fa5acf2d3b 100644
--- a/vendor/go.opentelemetry.io/otel/renovate.json
+++ b/vendor/go.opentelemetry.io/otel/renovate.json
@@ -1,7 +1,8 @@
 {
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
   "extends": [
-    "config:best-practices"
+    "config:best-practices",
+    "helpers:pinGitHubActionDigestsToSemver"
   ],
   "ignorePaths": [],
   "labels": ["Skip Changelog", "dependencies"],
@@ -25,6 +26,10 @@
     {
       "matchPackageNames": ["golang.org/x/**"],
       "groupName": "golang.org/x"
+    },
+    {
+      "matchPackageNames": ["go.opentelemetry.io/otel/sdk/log/logtest"],
+      "enabled": false
     }
   ]
 }
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/exemplar.go b/vendor/go.opentelemetry.io/otel/sdk/metric/exemplar.go
index 0335b8ae48..549d3bd5f9 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/exemplar.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/exemplar.go
@@ -18,7 +18,10 @@ type ExemplarReservoirProviderSelector func(Aggregation) exemplar.ReservoirProvi
 
 // reservoirFunc returns the appropriately configured exemplar reservoir
 // creation func based on the passed InstrumentKind and filter configuration.
-func reservoirFunc[N int64 | float64](provider exemplar.ReservoirProvider, filter exemplar.Filter) func(attribute.Set) aggregate.FilteredExemplarReservoir[N] {
+func reservoirFunc[N int64 | float64](
+	provider exemplar.ReservoirProvider,
+	filter exemplar.Filter,
+) func(attribute.Set) aggregate.FilteredExemplarReservoir[N] {
 	return func(attrs attribute.Set) aggregate.FilteredExemplarReservoir[N] {
 		return aggregate.NewFilteredExemplarReservoir[N](filter, provider(attrs))
 	}
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/exemplar/fixed_size_reservoir.go b/vendor/go.opentelemetry.io/otel/sdk/metric/exemplar/fixed_size_reservoir.go
index d4aab0aad4..1fb1e0095f 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/exemplar/fixed_size_reservoir.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/exemplar/fixed_size_reservoir.go
@@ -6,7 +6,7 @@ package exemplar // import "go.opentelemetry.io/otel/sdk/metric/exemplar"
 import (
 	"context"
 	"math"
-	"math/rand"
+	"math/rand/v2"
 	"time"
 
 	"go.opentelemetry.io/otel/attribute"
@@ -44,18 +44,11 @@ type FixedSizeReservoir struct {
 	// w is the largest random number in a distribution that is used to compute
 	// the next next.
 	w float64
-
-	// rng is used to make sampling decisions.
-	//
-	// Do not use crypto/rand. There is no reason for the decrease in performance
-	// given this is not a security sensitive decision.
-	rng *rand.Rand
 }
 
 func newFixedSizeReservoir(s *storage) *FixedSizeReservoir {
 	r := &FixedSizeReservoir{
 		storage: s,
-		rng:     rand.New(rand.NewSource(time.Now().UnixNano())),
 	}
 	r.reset()
 	return r
@@ -64,26 +57,15 @@ func newFixedSizeReservoir(s *storage) *FixedSizeReservoir {
 // randomFloat64 returns, as a float64, a uniform pseudo-random number in the
 // open interval (0.0,1.0).
 func (r *FixedSizeReservoir) randomFloat64() float64 {
-	// TODO: This does not return a uniform number. rng.Float64 returns a
-	// uniformly random int in [0,2^53) that is divided by 2^53. Meaning it
-	// returns multiples of 2^-53, and not all floating point numbers between 0
-	// and 1 (i.e. for values less than 2^-4 the 4 last bits of the significand
-	// are always going to be 0).
-	//
-	// An alternative algorithm should be considered that will actually return
-	// a uniform number in the interval (0,1). For example, since the default
-	// rand source provides a uniform distribution for Int63, this can be
-	// converted following the prototypical code of Mersenne Twister 64 (Takuji
-	// Nishimura and Makoto Matsumoto:
-	// http://www.math.sci.hiroshima-u.ac.jp/m-mat/MT/VERSIONS/C-LANG/mt19937-64.c)
+	// TODO: Use an algorithm that avoids rejection sampling. For example:
 	//
-	//   (float64(rng.Int63()>>11) + 0.5) * (1.0 / 4503599627370496.0)
-	//
-	// There are likely many other methods to explore here as well.
-
-	f := r.rng.Float64()
+	//   const precision = 1 << 53 // 2^53
+	//   // Generate an integer in [1, 2^53 - 1]
+	//   v := rand.Uint64() % (precision - 1) + 1
+	//   return float64(v) / float64(precision)
+	f := rand.Float64()
 	for f == 0 {
-		f = r.rng.Float64()
+		f = rand.Float64()
 	}
 	return f
 }
@@ -146,7 +128,7 @@ func (r *FixedSizeReservoir) Offer(ctx context.Context, t time.Time, n Value, a
 	} else {
 		if r.count == r.next {
 			// Overwrite a random existing measurement with the one offered.
-			idx := int(r.rng.Int63n(int64(cap(r.store))))
+			idx := int(rand.Int64N(int64(cap(r.store))))
 			r.store[idx] = newMeasurement(ctx, t, n, a)
 			r.advance()
 		}
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/instrument.go b/vendor/go.opentelemetry.io/otel/sdk/metric/instrument.go
index c33e1a28cb..18891ed5b1 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/instrument.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/instrument.go
@@ -28,7 +28,7 @@ type InstrumentKind uint8
 const (
 	// instrumentKindUndefined is an undefined instrument kind, it should not
 	// be used by any initialized type.
-	instrumentKindUndefined InstrumentKind = 0 // nolint:deadcode,varcheck,unused
+	instrumentKindUndefined InstrumentKind = 0 // nolint:unused
 	// InstrumentKindCounter identifies a group of instruments that record
 	// increasing values synchronously with the code path they are measuring.
 	InstrumentKindCounter InstrumentKind = 1
@@ -208,7 +208,11 @@ func (i *int64Inst) Enabled(_ context.Context) bool {
 	return len(i.measures) != 0
 }
 
-func (i *int64Inst) aggregate(ctx context.Context, val int64, s attribute.Set) { // nolint:revive  // okay to shadow pkg with method.
+func (i *int64Inst) aggregate(
+	ctx context.Context,
+	val int64,
+	s attribute.Set,
+) { // nolint:revive  // okay to shadow pkg with method.
 	for _, in := range i.measures {
 		in(ctx, val, s)
 	}
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/aggregate.go b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/aggregate.go
index fde2193338..0321da6815 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/aggregate.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/aggregate.go
@@ -121,7 +121,10 @@ func (b Builder[N]) Sum(monotonic bool) (Measure[N], ComputeAggregation) {
 
 // ExplicitBucketHistogram returns a histogram aggregate function input and
 // output.
-func (b Builder[N]) ExplicitBucketHistogram(boundaries []float64, noMinMax, noSum bool) (Measure[N], ComputeAggregation) {
+func (b Builder[N]) ExplicitBucketHistogram(
+	boundaries []float64,
+	noMinMax, noSum bool,
+) (Measure[N], ComputeAggregation) {
 	h := newHistogram[N](boundaries, noMinMax, noSum, b.AggregationLimit, b.resFunc())
 	switch b.Temporality {
 	case metricdata.DeltaTemporality:
@@ -133,7 +136,10 @@ func (b Builder[N]) ExplicitBucketHistogram(boundaries []float64, noMinMax, noSu
 
 // ExponentialBucketHistogram returns a histogram aggregate function input and
 // output.
-func (b Builder[N]) ExponentialBucketHistogram(maxSize, maxScale int32, noMinMax, noSum bool) (Measure[N], ComputeAggregation) {
+func (b Builder[N]) ExponentialBucketHistogram(
+	maxSize, maxScale int32,
+	noMinMax, noSum bool,
+) (Measure[N], ComputeAggregation) {
 	h := newExponentialHistogram[N](maxSize, maxScale, noMinMax, noSum, b.AggregationLimit, b.resFunc())
 	switch b.Temporality {
 	case metricdata.DeltaTemporality:
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/exponential_histogram.go b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/exponential_histogram.go
index 32a62e1b8e..ae1f593440 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/exponential_histogram.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/exponential_histogram.go
@@ -48,7 +48,12 @@ type expoHistogramDataPoint[N int64 | float64] struct {
 	zeroCount  uint64
 }
 
-func newExpoHistogramDataPoint[N int64 | float64](attrs attribute.Set, maxSize int, maxScale int32, noMinMax, noSum bool) *expoHistogramDataPoint[N] { // nolint:revive // we need this control flag
+func newExpoHistogramDataPoint[N int64 | float64](
+	attrs attribute.Set,
+	maxSize int,
+	maxScale int32,
+	noMinMax, noSum bool,
+) *expoHistogramDataPoint[N] { // nolint:revive // we need this control flag
 	f := math.MaxFloat64
 	ma := N(f) // if N is int64, max will overflow to -9223372036854775808
 	mi := N(-f)
@@ -283,7 +288,12 @@ func (b *expoBuckets) downscale(delta int32) {
 // newExponentialHistogram returns an Aggregator that summarizes a set of
 // measurements as an exponential histogram. Each histogram is scoped by attributes
 // and the aggregation cycle the measurements were made in.
-func newExponentialHistogram[N int64 | float64](maxSize, maxScale int32, noMinMax, noSum bool, limit int, r func(attribute.Set) FilteredExemplarReservoir[N]) *expoHistogram[N] {
+func newExponentialHistogram[N int64 | float64](
+	maxSize, maxScale int32,
+	noMinMax, noSum bool,
+	limit int,
+	r func(attribute.Set) FilteredExemplarReservoir[N],
+) *expoHistogram[N] {
 	return &expoHistogram[N]{
 		noSum:    noSum,
 		noMinMax: noMinMax,
@@ -314,7 +324,12 @@ type expoHistogram[N int64 | float64] struct {
 	start time.Time
 }
 
-func (e *expoHistogram[N]) measure(ctx context.Context, value N, fltrAttr attribute.Set, droppedAttr []attribute.KeyValue) {
+func (e *expoHistogram[N]) measure(
+	ctx context.Context,
+	value N,
+	fltrAttr attribute.Set,
+	droppedAttr []attribute.KeyValue,
+) {
 	// Ignore NaN and infinity.
 	if math.IsInf(float64(value), 0) || math.IsNaN(float64(value)) {
 		return
@@ -360,11 +375,19 @@ func (e *expoHistogram[N]) delta(dest *metricdata.Aggregation) int {
 		hDPts[i].ZeroThreshold = 0.0
 
 		hDPts[i].PositiveBucket.Offset = val.posBuckets.startBin
-		hDPts[i].PositiveBucket.Counts = reset(hDPts[i].PositiveBucket.Counts, len(val.posBuckets.counts), len(val.posBuckets.counts))
+		hDPts[i].PositiveBucket.Counts = reset(
+			hDPts[i].PositiveBucket.Counts,
+			len(val.posBuckets.counts),
+			len(val.posBuckets.counts),
+		)
 		copy(hDPts[i].PositiveBucket.Counts, val.posBuckets.counts)
 
 		hDPts[i].NegativeBucket.Offset = val.negBuckets.startBin
-		hDPts[i].NegativeBucket.Counts = reset(hDPts[i].NegativeBucket.Counts, len(val.negBuckets.counts), len(val.negBuckets.counts))
+		hDPts[i].NegativeBucket.Counts = reset(
+			hDPts[i].NegativeBucket.Counts,
+			len(val.negBuckets.counts),
+			len(val.negBuckets.counts),
+		)
 		copy(hDPts[i].NegativeBucket.Counts, val.negBuckets.counts)
 
 		if !e.noSum {
@@ -413,11 +436,19 @@ func (e *expoHistogram[N]) cumulative(dest *metricdata.Aggregation) int {
 		hDPts[i].ZeroThreshold = 0.0
 
 		hDPts[i].PositiveBucket.Offset = val.posBuckets.startBin
-		hDPts[i].PositiveBucket.Counts = reset(hDPts[i].PositiveBucket.Counts, len(val.posBuckets.counts), len(val.posBuckets.counts))
+		hDPts[i].PositiveBucket.Counts = reset(
+			hDPts[i].PositiveBucket.Counts,
+			len(val.posBuckets.counts),
+			len(val.posBuckets.counts),
+		)
 		copy(hDPts[i].PositiveBucket.Counts, val.posBuckets.counts)
 
 		hDPts[i].NegativeBucket.Offset = val.negBuckets.startBin
-		hDPts[i].NegativeBucket.Counts = reset(hDPts[i].NegativeBucket.Counts, len(val.negBuckets.counts), len(val.negBuckets.counts))
+		hDPts[i].NegativeBucket.Counts = reset(
+			hDPts[i].NegativeBucket.Counts,
+			len(val.negBuckets.counts),
+			len(val.negBuckets.counts),
+		)
 		copy(hDPts[i].NegativeBucket.Counts, val.negBuckets.counts)
 
 		if !e.noSum {
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/filtered_reservoir.go b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/filtered_reservoir.go
index 691a910608..d4c41642d7 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/filtered_reservoir.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/filtered_reservoir.go
@@ -33,7 +33,10 @@ type filteredExemplarReservoir[N int64 | float64] struct {
 
 // NewFilteredExemplarReservoir creates a [FilteredExemplarReservoir] which only offers values
 // that are allowed by the filter.
-func NewFilteredExemplarReservoir[N int64 | float64](f exemplar.Filter, r exemplar.Reservoir) FilteredExemplarReservoir[N] {
+func NewFilteredExemplarReservoir[N int64 | float64](
+	f exemplar.Filter,
+	r exemplar.Reservoir,
+) FilteredExemplarReservoir[N] {
 	return &filteredExemplarReservoir[N]{
 		filter:    f,
 		reservoir: r,
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/histogram.go b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/histogram.go
index d577ae2c19..d3068484cf 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/histogram.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/histogram.go
@@ -53,7 +53,12 @@ type histValues[N int64 | float64] struct {
 	valuesMu sync.Mutex
 }
 
-func newHistValues[N int64 | float64](bounds []float64, noSum bool, limit int, r func(attribute.Set) FilteredExemplarReservoir[N]) *histValues[N] {
+func newHistValues[N int64 | float64](
+	bounds []float64,
+	noSum bool,
+	limit int,
+	r func(attribute.Set) FilteredExemplarReservoir[N],
+) *histValues[N] {
 	// The responsibility of keeping all buckets correctly associated with the
 	// passed boundaries is ultimately this type's responsibility. Make a copy
 	// here so we can always guarantee this. Or, in the case of failure, have
@@ -71,7 +76,12 @@ func newHistValues[N int64 | float64](bounds []float64, noSum bool, limit int, r
 
 // Aggregate records the measurement value, scoped by attr, and aggregates it
 // into a histogram.
-func (s *histValues[N]) measure(ctx context.Context, value N, fltrAttr attribute.Set, droppedAttr []attribute.KeyValue) {
+func (s *histValues[N]) measure(
+	ctx context.Context,
+	value N,
+	fltrAttr attribute.Set,
+	droppedAttr []attribute.KeyValue,
+) {
 	// This search will return an index in the range [0, len(s.bounds)], where
 	// it will return len(s.bounds) if value is greater than the last element
 	// of s.bounds. This aligns with the buckets in that the length of buckets
@@ -108,7 +118,12 @@ func (s *histValues[N]) measure(ctx context.Context, value N, fltrAttr attribute
 
 // newHistogram returns an Aggregator that summarizes a set of measurements as
 // an histogram.
-func newHistogram[N int64 | float64](boundaries []float64, noMinMax, noSum bool, limit int, r func(attribute.Set) FilteredExemplarReservoir[N]) *histogram[N] {
+func newHistogram[N int64 | float64](
+	boundaries []float64,
+	noMinMax, noSum bool,
+	limit int,
+	r func(attribute.Set) FilteredExemplarReservoir[N],
+) *histogram[N] {
 	return &histogram[N]{
 		histValues: newHistValues[N](boundaries, noSum, limit, r),
 		noMinMax:   noMinMax,
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/lastvalue.go b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/lastvalue.go
index d3a93f085c..350ccebdcb 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/lastvalue.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/lastvalue.go
@@ -114,7 +114,10 @@ func (s *lastValue[N]) copyDpts(dest *[]metricdata.DataPoint[N], t time.Time) in
 
 // newPrecomputedLastValue returns an aggregator that summarizes a set of
 // observations as the last one made.
-func newPrecomputedLastValue[N int64 | float64](limit int, r func(attribute.Set) FilteredExemplarReservoir[N]) *precomputedLastValue[N] {
+func newPrecomputedLastValue[N int64 | float64](
+	limit int,
+	r func(attribute.Set) FilteredExemplarReservoir[N],
+) *precomputedLastValue[N] {
 	return &precomputedLastValue[N]{lastValue: newLastValue[N](limit, r)}
 }
 
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/sum.go b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/sum.go
index 8e132ad618..612cde4327 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/sum.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/aggregate/sum.go
@@ -143,7 +143,11 @@ func (s *sum[N]) cumulative(dest *metricdata.Aggregation) int {
 // newPrecomputedSum returns an aggregator that summarizes a set of
 // observations as their arithmetic sum. Each sum is scoped by attributes and
 // the aggregation cycle the measurements were made in.
-func newPrecomputedSum[N int64 | float64](monotonic bool, limit int, r func(attribute.Set) FilteredExemplarReservoir[N]) *precomputedSum[N] {
+func newPrecomputedSum[N int64 | float64](
+	monotonic bool,
+	limit int,
+	r func(attribute.Set) FilteredExemplarReservoir[N],
+) *precomputedSum[N] {
 	return &precomputedSum[N]{
 		valueMap:  newValueMap[N](limit, r),
 		monotonic: monotonic,
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/reuse_slice.go b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/reuse_slice.go
index 19ec6806ff..ea452be6c2 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/internal/reuse_slice.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/internal/reuse_slice.go
@@ -1,6 +1,7 @@
 // Copyright The OpenTelemetry Authors
 // SPDX-License-Identifier: Apache-2.0
 
+// Package internal provides internal functionality for the metric package.
 package internal // import "go.opentelemetry.io/otel/sdk/metric/internal"
 
 // ReuseSlice returns a zeroed view of slice if its capacity is greater than or
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/manual_reader.go b/vendor/go.opentelemetry.io/otel/sdk/metric/manual_reader.go
index c495985bc2..96e7790866 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/manual_reader.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/manual_reader.go
@@ -58,7 +58,9 @@ func (mr *ManualReader) temporality(kind InstrumentKind) metricdata.Temporality
 }
 
 // aggregation returns what Aggregation to use for kind.
-func (mr *ManualReader) aggregation(kind InstrumentKind) Aggregation { // nolint:revive  // import-shadow for method scoped by type.
+func (mr *ManualReader) aggregation(
+	kind InstrumentKind,
+) Aggregation { // nolint:revive  // import-shadow for method scoped by type.
 	return mr.aggregationSelector(kind)
 }
 
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/meter.go b/vendor/go.opentelemetry.io/otel/sdk/metric/meter.go
index a6ccd117b8..c500fd9f2a 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/meter.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/meter.go
@@ -82,7 +82,10 @@ func (m *meter) Int64Counter(name string, options ...metric.Int64CounterOption)
 // Int64UpDownCounter returns a new instrument identified by name and
 // configured with options. The instrument is used to synchronously record
 // int64 measurements during a computational operation.
-func (m *meter) Int64UpDownCounter(name string, options ...metric.Int64UpDownCounterOption) (metric.Int64UpDownCounter, error) {
+func (m *meter) Int64UpDownCounter(
+	name string,
+	options ...metric.Int64UpDownCounterOption,
+) (metric.Int64UpDownCounter, error) {
 	cfg := metric.NewInt64UpDownCounterConfig(options...)
 	const kind = InstrumentKindUpDownCounter
 	p := int64InstProvider{m}
@@ -174,7 +177,10 @@ func (m *meter) int64ObservableInstrument(id Instrument, callbacks []metric.Int6
 // Description, and Unit, only the first set of callbacks provided are used.
 // Use meter.RegisterCallback and Registration.Unregister to manage callbacks
 // if instrumentation can be created multiple times with different callbacks.
-func (m *meter) Int64ObservableCounter(name string, options ...metric.Int64ObservableCounterOption) (metric.Int64ObservableCounter, error) {
+func (m *meter) Int64ObservableCounter(
+	name string,
+	options ...metric.Int64ObservableCounterOption,
+) (metric.Int64ObservableCounter, error) {
 	cfg := metric.NewInt64ObservableCounterConfig(options...)
 	id := Instrument{
 		Name:        name,
@@ -195,7 +201,10 @@ func (m *meter) Int64ObservableCounter(name string, options ...metric.Int64Obser
 // Description, and Unit, only the first set of callbacks provided are used.
 // Use meter.RegisterCallback and Registration.Unregister to manage callbacks
 // if instrumentation can be created multiple times with different callbacks.
-func (m *meter) Int64ObservableUpDownCounter(name string, options ...metric.Int64ObservableUpDownCounterOption) (metric.Int64ObservableUpDownCounter, error) {
+func (m *meter) Int64ObservableUpDownCounter(
+	name string,
+	options ...metric.Int64ObservableUpDownCounterOption,
+) (metric.Int64ObservableUpDownCounter, error) {
 	cfg := metric.NewInt64ObservableUpDownCounterConfig(options...)
 	id := Instrument{
 		Name:        name,
@@ -216,7 +225,10 @@ func (m *meter) Int64ObservableUpDownCounter(name string, options ...metric.Int6
 // Description, and Unit, only the first set of callbacks provided are used.
 // Use meter.RegisterCallback and Registration.Unregister to manage callbacks
 // if instrumentation can be created multiple times with different callbacks.
-func (m *meter) Int64ObservableGauge(name string, options ...metric.Int64ObservableGaugeOption) (metric.Int64ObservableGauge, error) {
+func (m *meter) Int64ObservableGauge(
+	name string,
+	options ...metric.Int64ObservableGaugeOption,
+) (metric.Int64ObservableGauge, error) {
 	cfg := metric.NewInt64ObservableGaugeConfig(options...)
 	id := Instrument{
 		Name:        name,
@@ -246,7 +258,10 @@ func (m *meter) Float64Counter(name string, options ...metric.Float64CounterOpti
 // Float64UpDownCounter returns a new instrument identified by name and
 // configured with options. The instrument is used to synchronously record
 // float64 measurements during a computational operation.
-func (m *meter) Float64UpDownCounter(name string, options ...metric.Float64UpDownCounterOption) (metric.Float64UpDownCounter, error) {
+func (m *meter) Float64UpDownCounter(
+	name string,
+	options ...metric.Float64UpDownCounterOption,
+) (metric.Float64UpDownCounter, error) {
 	cfg := metric.NewFloat64UpDownCounterConfig(options...)
 	const kind = InstrumentKindUpDownCounter
 	p := float64InstProvider{m}
@@ -261,7 +276,10 @@ func (m *meter) Float64UpDownCounter(name string, options ...metric.Float64UpDow
 // Float64Histogram returns a new instrument identified by name and configured
 // with options. The instrument is used to synchronously record the
 // distribution of float64 measurements during a computational operation.
-func (m *meter) Float64Histogram(name string, options ...metric.Float64HistogramOption) (metric.Float64Histogram, error) {
+func (m *meter) Float64Histogram(
+	name string,
+	options ...metric.Float64HistogramOption,
+) (metric.Float64Histogram, error) {
 	cfg := metric.NewFloat64HistogramConfig(options...)
 	p := float64InstProvider{m}
 	i, err := p.lookupHistogram(name, cfg)
@@ -289,7 +307,10 @@ func (m *meter) Float64Gauge(name string, options ...metric.Float64GaugeOption)
 
 // float64ObservableInstrument returns a new observable identified by the Instrument.
 // It registers callbacks for each reader's pipeline.
-func (m *meter) float64ObservableInstrument(id Instrument, callbacks []metric.Float64Callback) (float64Observable, error) {
+func (m *meter) float64ObservableInstrument(
+	id Instrument,
+	callbacks []metric.Float64Callback,
+) (float64Observable, error) {
 	key := instID{
 		Name:        id.Name,
 		Description: id.Description,
@@ -338,7 +359,10 @@ func (m *meter) float64ObservableInstrument(id Instrument, callbacks []metric.Fl
 // Description, and Unit, only the first set of callbacks provided are used.
 // Use meter.RegisterCallback and Registration.Unregister to manage callbacks
 // if instrumentation can be created multiple times with different callbacks.
-func (m *meter) Float64ObservableCounter(name string, options ...metric.Float64ObservableCounterOption) (metric.Float64ObservableCounter, error) {
+func (m *meter) Float64ObservableCounter(
+	name string,
+	options ...metric.Float64ObservableCounterOption,
+) (metric.Float64ObservableCounter, error) {
 	cfg := metric.NewFloat64ObservableCounterConfig(options...)
 	id := Instrument{
 		Name:        name,
@@ -359,7 +383,10 @@ func (m *meter) Float64ObservableCounter(name string, options ...metric.Float64O
 // Description, and Unit, only the first set of callbacks provided are used.
 // Use meter.RegisterCallback and Registration.Unregister to manage callbacks
 // if instrumentation can be created multiple times with different callbacks.
-func (m *meter) Float64ObservableUpDownCounter(name string, options ...metric.Float64ObservableUpDownCounterOption) (metric.Float64ObservableUpDownCounter, error) {
+func (m *meter) Float64ObservableUpDownCounter(
+	name string,
+	options ...metric.Float64ObservableUpDownCounterOption,
+) (metric.Float64ObservableUpDownCounter, error) {
 	cfg := metric.NewFloat64ObservableUpDownCounterConfig(options...)
 	id := Instrument{
 		Name:        name,
@@ -380,7 +407,10 @@ func (m *meter) Float64ObservableUpDownCounter(name string, options ...metric.Fl
 // Description, and Unit, only the first set of callbacks provided are used.
 // Use meter.RegisterCallback and Registration.Unregister to manage callbacks
 // if instrumentation can be created multiple times with different callbacks.
-func (m *meter) Float64ObservableGauge(name string, options ...metric.Float64ObservableGaugeOption) (metric.Float64ObservableGauge, error) {
+func (m *meter) Float64ObservableGauge(
+	name string,
+	options ...metric.Float64ObservableGaugeOption,
+) (metric.Float64ObservableGauge, error) {
 	cfg := metric.NewFloat64ObservableGaugeConfig(options...)
 	id := Instrument{
 		Name:        name,
@@ -426,8 +456,10 @@ func warnRepeatedObservableCallbacks(id Instrument) {
 		"Instrument{Name: %q, Description: %q, Kind: %q, Unit: %q}",
 		id.Name, id.Description, "InstrumentKind"+id.Kind.String(), id.Unit,
 	)
-	global.Warn("Repeated observable instrument creation with callbacks. Ignoring new callbacks. Use meter.RegisterCallback and Registration.Unregister to manage callbacks.",
-		"instrument", inst,
+	global.Warn(
+		"Repeated observable instrument creation with callbacks. Ignoring new callbacks. Use meter.RegisterCallback and Registration.Unregister to manage callbacks.",
+		"instrument",
+		inst,
 	)
 }
 
@@ -613,7 +645,10 @@ func (p int64InstProvider) aggs(kind InstrumentKind, name, desc, u string) ([]ag
 	return p.int64Resolver.Aggregators(inst)
 }
 
-func (p int64InstProvider) histogramAggs(name string, cfg metric.Int64HistogramConfig) ([]aggregate.Measure[int64], error) {
+func (p int64InstProvider) histogramAggs(
+	name string,
+	cfg metric.Int64HistogramConfig,
+) ([]aggregate.Measure[int64], error) {
 	boundaries := cfg.ExplicitBucketBoundaries()
 	aggError := AggregationExplicitBucketHistogram{Boundaries: boundaries}.err()
 	if aggError != nil {
@@ -633,7 +668,7 @@ func (p int64InstProvider) histogramAggs(name string, cfg metric.Int64HistogramC
 
 // lookup returns the resolved instrumentImpl.
 func (p int64InstProvider) lookup(kind InstrumentKind, name, desc, u string) (*int64Inst, error) {
-	return p.meter.int64Insts.Lookup(instID{
+	return p.int64Insts.Lookup(instID{
 		Name:        name,
 		Description: desc,
 		Unit:        u,
@@ -646,7 +681,7 @@ func (p int64InstProvider) lookup(kind InstrumentKind, name, desc, u string) (*i
 
 // lookupHistogram returns the resolved instrumentImpl.
 func (p int64InstProvider) lookupHistogram(name string, cfg metric.Int64HistogramConfig) (*int64Inst, error) {
-	return p.meter.int64Insts.Lookup(instID{
+	return p.int64Insts.Lookup(instID{
 		Name:        name,
 		Description: cfg.Description(),
 		Unit:        cfg.Unit(),
@@ -671,7 +706,10 @@ func (p float64InstProvider) aggs(kind InstrumentKind, name, desc, u string) ([]
 	return p.float64Resolver.Aggregators(inst)
 }
 
-func (p float64InstProvider) histogramAggs(name string, cfg metric.Float64HistogramConfig) ([]aggregate.Measure[float64], error) {
+func (p float64InstProvider) histogramAggs(
+	name string,
+	cfg metric.Float64HistogramConfig,
+) ([]aggregate.Measure[float64], error) {
 	boundaries := cfg.ExplicitBucketBoundaries()
 	aggError := AggregationExplicitBucketHistogram{Boundaries: boundaries}.err()
 	if aggError != nil {
@@ -691,7 +729,7 @@ func (p float64InstProvider) histogramAggs(name string, cfg metric.Float64Histog
 
 // lookup returns the resolved instrumentImpl.
 func (p float64InstProvider) lookup(kind InstrumentKind, name, desc, u string) (*float64Inst, error) {
-	return p.meter.float64Insts.Lookup(instID{
+	return p.float64Insts.Lookup(instID{
 		Name:        name,
 		Description: desc,
 		Unit:        u,
@@ -704,7 +742,7 @@ func (p float64InstProvider) lookup(kind InstrumentKind, name, desc, u string) (
 
 // lookupHistogram returns the resolved instrumentImpl.
 func (p float64InstProvider) lookupHistogram(name string, cfg metric.Float64HistogramConfig) (*float64Inst, error) {
-	return p.meter.float64Insts.Lookup(instID{
+	return p.float64Insts.Lookup(instID{
 		Name:        name,
 		Description: cfg.Description(),
 		Unit:        cfg.Unit(),
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/metricdata/data.go b/vendor/go.opentelemetry.io/otel/sdk/metric/metricdata/data.go
index d32cfc67d9..af835e9d99 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/metricdata/data.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/metricdata/data.go
@@ -1,6 +1,7 @@
 // Copyright The OpenTelemetry Authors
 // SPDX-License-Identifier: Apache-2.0
 
+// Package metricdata provides types for the metric SDK data model.
 package metricdata // import "go.opentelemetry.io/otel/sdk/metric/metricdata"
 
 import (
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/metricdata/temporality.go b/vendor/go.opentelemetry.io/otel/sdk/metric/metricdata/temporality.go
index 187713dadf..2ac840ff35 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/metricdata/temporality.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/metricdata/temporality.go
@@ -10,7 +10,7 @@ type Temporality uint8
 
 const (
 	// undefinedTemporality represents an unset Temporality.
-	//nolint:deadcode,unused,varcheck
+	//nolint:unused
 	undefinedTemporality Temporality = iota
 
 	// CumulativeTemporality defines a measurement interval that continues to
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/periodic_reader.go b/vendor/go.opentelemetry.io/otel/sdk/metric/periodic_reader.go
index dcd2182d9a..ebb9a0463b 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/periodic_reader.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/periodic_reader.go
@@ -193,7 +193,9 @@ func (r *PeriodicReader) temporality(kind InstrumentKind) metricdata.Temporality
 }
 
 // aggregation returns what Aggregation to use for kind.
-func (r *PeriodicReader) aggregation(kind InstrumentKind) Aggregation { // nolint:revive  // import-shadow for method scoped by type.
+func (r *PeriodicReader) aggregation(
+	kind InstrumentKind,
+) Aggregation { // nolint:revive  // import-shadow for method scoped by type.
 	return r.exporter.Aggregation(kind)
 }
 
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/pipeline.go b/vendor/go.opentelemetry.io/otel/sdk/metric/pipeline.go
index 775e245261..2240c26e9b 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/pipeline.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/pipeline.go
@@ -347,7 +347,12 @@ func (i *inserter[N]) readerDefaultAggregation(kind InstrumentKind) Aggregation
 //
 // If the instrument defines an unknown or incompatible aggregation, an error
 // is returned.
-func (i *inserter[N]) cachedAggregator(scope instrumentation.Scope, kind InstrumentKind, stream Stream, readerAggregation Aggregation) (meas aggregate.Measure[N], aggID uint64, err error) {
+func (i *inserter[N]) cachedAggregator(
+	scope instrumentation.Scope,
+	kind InstrumentKind,
+	stream Stream,
+	readerAggregation Aggregation,
+) (meas aggregate.Measure[N], aggID uint64, err error) {
 	switch stream.Aggregation.(type) {
 	case nil:
 		// The aggregation was not overridden with a view. Use the aggregation
@@ -379,8 +384,11 @@ func (i *inserter[N]) cachedAggregator(scope instrumentation.Scope, kind Instrum
 	normID := id.normalize()
 	cv := i.aggregators.Lookup(normID, func() aggVal[N] {
 		b := aggregate.Builder[N]{
-			Temporality:   i.pipeline.reader.temporality(kind),
-			ReservoirFunc: reservoirFunc[N](stream.ExemplarReservoirProviderSelector(stream.Aggregation), i.pipeline.exemplarFilter),
+			Temporality: i.pipeline.reader.temporality(kind),
+			ReservoirFunc: reservoirFunc[N](
+				stream.ExemplarReservoirProviderSelector(stream.Aggregation),
+				i.pipeline.exemplarFilter,
+			),
 		}
 		b.Filter = stream.AttributeFilter
 		// A value less than or equal to zero will disable the aggregation
@@ -471,7 +479,11 @@ func (i *inserter[N]) instID(kind InstrumentKind, stream Stream) instID {
 // aggregateFunc returns new aggregate functions matching agg, kind, and
 // monotonic. If the agg is unknown or temporality is invalid, an error is
 // returned.
-func (i *inserter[N]) aggregateFunc(b aggregate.Builder[N], agg Aggregation, kind InstrumentKind) (meas aggregate.Measure[N], comp aggregate.ComputeAggregation, err error) {
+func (i *inserter[N]) aggregateFunc(
+	b aggregate.Builder[N],
+	agg Aggregation,
+	kind InstrumentKind,
+) (meas aggregate.Measure[N], comp aggregate.ComputeAggregation, err error) {
 	switch a := agg.(type) {
 	case AggregationDefault:
 		return i.aggregateFunc(b, DefaultAggregationSelector(kind), kind)
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/reader.go b/vendor/go.opentelemetry.io/otel/sdk/metric/reader.go
index d13a706978..c96e500a2b 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/reader.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/reader.go
@@ -146,7 +146,10 @@ type AggregationSelector func(InstrumentKind) Aggregation
 // Histogram ⇨ ExplicitBucketHistogram.
 func DefaultAggregationSelector(ik InstrumentKind) Aggregation {
 	switch ik {
-	case InstrumentKindCounter, InstrumentKindUpDownCounter, InstrumentKindObservableCounter, InstrumentKindObservableUpDownCounter:
+	case InstrumentKindCounter,
+		InstrumentKindUpDownCounter,
+		InstrumentKindObservableCounter,
+		InstrumentKindObservableUpDownCounter:
 		return AggregationSum{}
 	case InstrumentKindObservableGauge, InstrumentKindGauge:
 		return AggregationLastValue{}
diff --git a/vendor/go.opentelemetry.io/otel/sdk/metric/version.go b/vendor/go.opentelemetry.io/otel/sdk/metric/version.go
index 92d2589daf..cda142c7ea 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/metric/version.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/metric/version.go
@@ -5,5 +5,5 @@ package metric // import "go.opentelemetry.io/otel/sdk/metric"
 
 // version is the current release version of the metric SDK in use.
 func version() string {
-	return "1.35.0"
+	return "1.36.0"
 }
diff --git a/vendor/go.opentelemetry.io/otel/sdk/version.go b/vendor/go.opentelemetry.io/otel/sdk/version.go
index 2b797fbdea..1af257449a 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/version.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/version.go
@@ -1,9 +1,10 @@
 // Copyright The OpenTelemetry Authors
 // SPDX-License-Identifier: Apache-2.0
 
+// Package sdk provides the OpenTelemetry default SDK for Go.
 package sdk // import "go.opentelemetry.io/otel/sdk"
 
 // Version is the current release version of the OpenTelemetry SDK in use.
 func Version() string {
-	return "1.35.0"
+	return "1.36.0"
 }
diff --git a/vendor/go.opentelemetry.io/otel/semconv/internal/v2/http.go b/vendor/go.opentelemetry.io/otel/semconv/internal/v2/http.go
index 09e094de9a..3709ef0993 100644
--- a/vendor/go.opentelemetry.io/otel/semconv/internal/v2/http.go
+++ b/vendor/go.opentelemetry.io/otel/semconv/internal/v2/http.go
@@ -1,6 +1,7 @@
 // Copyright The OpenTelemetry Authors
 // SPDX-License-Identifier: Apache-2.0
 
+// Package internal provides common semconv functionality.
 package internal // import "go.opentelemetry.io/otel/semconv/internal/v2"
 
 import (
diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/MIGRATION.md b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/MIGRATION.md
new file mode 100644
index 0000000000..8a11ea28d3
--- /dev/null
+++ b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/MIGRATION.md
@@ -0,0 +1,155 @@
+# Semantic Convention Changes
+
+The `go.opentelemetry.io/otel/semconv/v1.30.0` should be a drop-in replacement for `go.opentelemetry.io/otel/semconv/v1.28.0` with the following exceptions.
+
+Note: `go.opentelemetry.io/otel/semconv/v1.29.0` does not exist due to bugs from the upstream [OpenTelemetry Semantic Conventions].
+
+## Dropped deprecations
+
+The following declarations have been deprecated in the [OpenTelemetry Semantic Conventions].
+Refer to the respective documentation in that repository for deprecation instructions for each type.
+
+- `CodeColumn`
+- `CodeColumnKey`
+- `CodeFunction`
+- `CodeFunctionKey`
+- `DBCassandraConsistencyLevelAll`
+- `DBCassandraConsistencyLevelAny`
+- `DBCassandraConsistencyLevelEachQuorum`
+- `DBCassandraConsistencyLevelKey`
+- `DBCassandraConsistencyLevelLocalOne`
+- `DBCassandraConsistencyLevelLocalQuorum`
+- `DBCassandraConsistencyLevelLocalSerial`
+- `DBCassandraConsistencyLevelOne`
+- `DBCassandraConsistencyLevelQuorum`
+- `DBCassandraConsistencyLevelSerial`
+- `DBCassandraConsistencyLevelThree`
+- `DBCassandraConsistencyLevelTwo`
+- `DBCassandraCoordinatorDC`
+- `DBCassandraCoordinatorDCKey`
+- `DBCassandraCoordinatorID`
+- `DBCassandraCoordinatorIDKey`
+- `DBCassandraIdempotence`
+- `DBCassandraIdempotenceKey`
+- `DBCassandraPageSize`
+- `DBCassandraPageSizeKey`
+- `DBCassandraSpeculativeExecutionCount`
+- `DBCassandraSpeculativeExecutionCountKey`
+- `DBCosmosDBClientID`
+- `DBCosmosDBClientIDKey`
+- `DBCosmosDBConnectionModeDirect`
+- `DBCosmosDBConnectionModeGateway`
+- `DBCosmosDBConnectionModeKey`
+- `DBCosmosDBOperationTypeBatch`
+- `DBCosmosDBOperationTypeCreate`
+- `DBCosmosDBOperationTypeDelete`
+- `DBCosmosDBOperationTypeExecute`
+- `DBCosmosDBOperationTypeExecuteJavascript`
+- `DBCosmosDBOperationTypeHead`
+- `DBCosmosDBOperationTypeHeadFeed`
+- `DBCosmosDBOperationTypeInvalid`
+- `DBCosmosDBOperationTypeKey`
+- `DBCosmosDBOperationTypePatch`
+- `DBCosmosDBOperationTypeQuery`
+- `DBCosmosDBOperationTypeQueryPlan`
+- `DBCosmosDBOperationTypeRead`
+- `DBCosmosDBOperationTypeReadFeed`
+- `DBCosmosDBOperationTypeReplace`
+- `DBCosmosDBOperationTypeUpsert`
+- `DBCosmosDBRequestCharge`
+- `DBCosmosDBRequestChargeKey`
+- `DBCosmosDBRequestContentLength`
+- `DBCosmosDBRequestContentLengthKey`
+- `DBCosmosDBSubStatusCode`
+- `DBCosmosDBSubStatusCodeKey`
+- `DBElasticsearchNodeName`
+- `DBElasticsearchNodeNameKey`
+- `DBSystemAdabas`
+- `DBSystemCache`
+- `DBSystemCassandra`
+- `DBSystemClickhouse`
+- `DBSystemCloudscape`
+- `DBSystemCockroachdb`
+- `DBSystemColdfusion`
+- `DBSystemCosmosDB`
+- `DBSystemCouchDB`
+- `DBSystemCouchbase`
+- `DBSystemDb2`
+- `DBSystemDerby`
+- `DBSystemDynamoDB`
+- `DBSystemEDB`
+- `DBSystemElasticsearch`
+- `DBSystemFilemaker`
+- `DBSystemFirebird`
+- `DBSystemFirstSQL`
+- `DBSystemGeode`
+- `DBSystemH2`
+- `DBSystemHBase`
+- `DBSystemHSQLDB`
+- `DBSystemHanaDB`
+- `DBSystemHive`
+- `DBSystemInfluxdb`
+- `DBSystemInformix`
+- `DBSystemIngres`
+- `DBSystemInstantDB`
+- `DBSystemInterbase`
+- `DBSystemIntersystemsCache`
+- `DBSystemKey`
+- `DBSystemMSSQL`
+- `DBSystemMariaDB`
+- `DBSystemMaxDB`
+- `DBSystemMemcached`
+- `DBSystemMongoDB`
+- `DBSystemMssqlcompact`
+- `DBSystemMySQL`
+- `DBSystemNeo4j`
+- `DBSystemNetezza`
+- `DBSystemOpensearch`
+- `DBSystemOracle`
+- `DBSystemOtherSQL`
+- `DBSystemPervasive`
+- `DBSystemPointbase`
+- `DBSystemPostgreSQL`
+- `DBSystemProgress`
+- `DBSystemRedis`
+- `DBSystemRedshift`
+- `DBSystemSpanner`
+- `DBSystemSqlite`
+- `DBSystemSybase`
+- `DBSystemTeradata`
+- `DBSystemTrino`
+- `DBSystemVertica`
+- `EventName`
+- `EventNameKey`
+- `ExceptionEscaped`
+- `ExceptionEscapedKey`
+- `GenAIOpenaiRequestSeed`
+- `GenAIOpenaiRequestSeedKey`
+- `ProcessExecutableBuildIDProfiling`
+- `ProcessExecutableBuildIDProfilingKey`
+- `SystemNetworkStateClose`
+- `SystemNetworkStateCloseWait`
+- `SystemNetworkStateClosing`
+- `SystemNetworkStateDelete`
+- `SystemNetworkStateEstablished`
+- `SystemNetworkStateFinWait1`
+- `SystemNetworkStateFinWait2`
+- `SystemNetworkStateKey`
+- `SystemNetworkStateLastAck`
+- `SystemNetworkStateListen`
+- `SystemNetworkStateSynRecv`
+- `SystemNetworkStateSynSent`
+- `SystemNetworkStateTimeWait`
+- `VCSRepositoryChangeID`
+- `VCSRepositoryChangeIDKey`
+- `VCSRepositoryChangeTitle`
+- `VCSRepositoryChangeTitleKey`
+- `VCSRepositoryRefName`
+- `VCSRepositoryRefNameKey`
+- `VCSRepositoryRefRevision`
+- `VCSRepositoryRefRevisionKey`
+- `VCSRepositoryRefTypeBranch`
+- `VCSRepositoryRefTypeKey`
+- `VCSRepositoryRefTypeTag`
+
+[OpenTelemetry Semantic Conventions]: https://github.com/open-telemetry/semantic-conventions
diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/README.md b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/README.md
new file mode 100644
index 0000000000..072ea6928f
--- /dev/null
+++ b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/README.md
@@ -0,0 +1,3 @@
+# Semconv v1.30.0
+
+[![PkgGoDev](https://pkg.go.dev/badge/go.opentelemetry.io/otel/semconv/v1.30.0)](https://pkg.go.dev/go.opentelemetry.io/otel/semconv/v1.30.0)
diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/attribute_group.go b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/attribute_group.go
new file mode 100644
index 0000000000..60f3df0db5
--- /dev/null
+++ b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/attribute_group.go
@@ -0,0 +1,12333 @@
+// Copyright The OpenTelemetry Authors
+// SPDX-License-Identifier: Apache-2.0
+
+// Code generated from semantic convention specification. DO NOT EDIT.
+
+package semconv // import "go.opentelemetry.io/otel/semconv/v1.30.0"
+
+import "go.opentelemetry.io/otel/attribute"
+
+// Namespace: android
+const (
+	// AndroidOSAPILevelKey is the attribute Key conforming to the
+	// "android.os.api_level" semantic conventions. It represents the uniquely
+	// identifies the framework API revision offered by a version (`os.version`) of
+	// the android operating system. More information can be found [here].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "33", "32"
+	//
+	// [here]: https://developer.android.com/guide/topics/manifest/uses-sdk-element#ApiLevels
+	AndroidOSAPILevelKey = attribute.Key("android.os.api_level")
+)
+
+// AndroidOSAPILevel returns an attribute KeyValue conforming to the
+// "android.os.api_level" semantic conventions. It represents the uniquely
+// identifies the framework API revision offered by a version (`os.version`) of
+// the android operating system. More information can be found [here].
+//
+// [here]: https://developer.android.com/guide/topics/manifest/uses-sdk-element#ApiLevels
+func AndroidOSAPILevel(val string) attribute.KeyValue {
+	return AndroidOSAPILevelKey.String(val)
+}
+
+// Namespace: artifact
+const (
+	// ArtifactAttestationFilenameKey is the attribute Key conforming to the
+	// "artifact.attestation.filename" semantic conventions. It represents the
+	// provenance filename of the built attestation which directly relates to the
+	// build artifact filename. This filename SHOULD accompany the artifact at
+	// publish time. See the [SLSA Relationship] specification for more information.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "golang-binary-amd64-v0.1.0.attestation",
+	// "docker-image-amd64-v0.1.0.intoto.json1", "release-1.tar.gz.attestation",
+	// "file-name-package.tar.gz.intoto.json1"
+	//
+	// [SLSA Relationship]: https://slsa.dev/spec/v1.0/distributing-provenance#relationship-between-artifacts-and-attestations
+	ArtifactAttestationFilenameKey = attribute.Key("artifact.attestation.filename")
+
+	// ArtifactAttestationHashKey is the attribute Key conforming to the
+	// "artifact.attestation.hash" semantic conventions. It represents the full
+	// [hash value (see glossary)], of the built attestation. Some envelopes in the
+	// [software attestation space] also refer to this as the **digest**.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1b31dfcd5b7f9267bf2ff47651df1cfb9147b9e4df1f335accf65b4cda498408"
+	//
+	// [hash value (see glossary)]: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf
+	// [software attestation space]: https://github.com/in-toto/attestation/tree/main/spec
+	ArtifactAttestationHashKey = attribute.Key("artifact.attestation.hash")
+
+	// ArtifactAttestationIDKey is the attribute Key conforming to the
+	// "artifact.attestation.id" semantic conventions. It represents the id of the
+	// build [software attestation].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "123"
+	//
+	// [software attestation]: https://slsa.dev/attestation-model
+	ArtifactAttestationIDKey = attribute.Key("artifact.attestation.id")
+
+	// ArtifactFilenameKey is the attribute Key conforming to the
+	// "artifact.filename" semantic conventions. It represents the human readable
+	// file name of the artifact, typically generated during build and release
+	// processes. Often includes the package name and version in the file name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "golang-binary-amd64-v0.1.0", "docker-image-amd64-v0.1.0",
+	// "release-1.tar.gz", "file-name-package.tar.gz"
+	// Note: This file name can also act as the [Package Name]
+	// in cases where the package ecosystem maps accordingly.
+	// Additionally, the artifact [can be published]
+	// for others, but that is not a guarantee.
+	//
+	// [Package Name]: https://slsa.dev/spec/v1.0/terminology#package-model
+	// [can be published]: https://slsa.dev/spec/v1.0/terminology#software-supply-chain
+	ArtifactFilenameKey = attribute.Key("artifact.filename")
+
+	// ArtifactHashKey is the attribute Key conforming to the "artifact.hash"
+	// semantic conventions. It represents the full [hash value (see glossary)],
+	// often found in checksum.txt on a release of the artifact and used to verify
+	// package integrity.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "9ff4c52759e2c4ac70b7d517bc7fcdc1cda631ca0045271ddd1b192544f8a3e9"
+	// Note: The specific algorithm used to create the cryptographic hash value is
+	// not defined. In situations where an artifact has multiple
+	// cryptographic hashes, it is up to the implementer to choose which
+	// hash value to set here; this should be the most secure hash algorithm
+	// that is suitable for the situation and consistent with the
+	// corresponding attestation. The implementer can then provide the other
+	// hash values through an additional set of attribute extensions as they
+	// deem necessary.
+	//
+	// [hash value (see glossary)]: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf
+	ArtifactHashKey = attribute.Key("artifact.hash")
+
+	// ArtifactPurlKey is the attribute Key conforming to the "artifact.purl"
+	// semantic conventions. It represents the [Package URL] of the
+	// [package artifact] provides a standard way to identify and locate the
+	// packaged artifact.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "pkg:github/package-url/purl-spec@1209109710924",
+	// "pkg:npm/foo@12.12.3"
+	//
+	// [Package URL]: https://github.com/package-url/purl-spec
+	// [package artifact]: https://slsa.dev/spec/v1.0/terminology#package-model
+	ArtifactPurlKey = attribute.Key("artifact.purl")
+
+	// ArtifactVersionKey is the attribute Key conforming to the "artifact.version"
+	// semantic conventions. It represents the version of the artifact.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "v0.1.0", "1.2.1", "122691-build"
+	ArtifactVersionKey = attribute.Key("artifact.version")
+)
+
+// ArtifactAttestationFilename returns an attribute KeyValue conforming to the
+// "artifact.attestation.filename" semantic conventions. It represents the
+// provenance filename of the built attestation which directly relates to the
+// build artifact filename. This filename SHOULD accompany the artifact at
+// publish time. See the [SLSA Relationship] specification for more information.
+//
+// [SLSA Relationship]: https://slsa.dev/spec/v1.0/distributing-provenance#relationship-between-artifacts-and-attestations
+func ArtifactAttestationFilename(val string) attribute.KeyValue {
+	return ArtifactAttestationFilenameKey.String(val)
+}
+
+// ArtifactAttestationHash returns an attribute KeyValue conforming to the
+// "artifact.attestation.hash" semantic conventions. It represents the full
+// [hash value (see glossary)], of the built attestation. Some envelopes in the
+// [software attestation space] also refer to this as the **digest**.
+//
+// [hash value (see glossary)]: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf
+// [software attestation space]: https://github.com/in-toto/attestation/tree/main/spec
+func ArtifactAttestationHash(val string) attribute.KeyValue {
+	return ArtifactAttestationHashKey.String(val)
+}
+
+// ArtifactAttestationID returns an attribute KeyValue conforming to the
+// "artifact.attestation.id" semantic conventions. It represents the id of the
+// build [software attestation].
+//
+// [software attestation]: https://slsa.dev/attestation-model
+func ArtifactAttestationID(val string) attribute.KeyValue {
+	return ArtifactAttestationIDKey.String(val)
+}
+
+// ArtifactFilename returns an attribute KeyValue conforming to the
+// "artifact.filename" semantic conventions. It represents the human readable
+// file name of the artifact, typically generated during build and release
+// processes. Often includes the package name and version in the file name.
+func ArtifactFilename(val string) attribute.KeyValue {
+	return ArtifactFilenameKey.String(val)
+}
+
+// ArtifactHash returns an attribute KeyValue conforming to the "artifact.hash"
+// semantic conventions. It represents the full [hash value (see glossary)],
+// often found in checksum.txt on a release of the artifact and used to verify
+// package integrity.
+//
+// [hash value (see glossary)]: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf
+func ArtifactHash(val string) attribute.KeyValue {
+	return ArtifactHashKey.String(val)
+}
+
+// ArtifactPurl returns an attribute KeyValue conforming to the "artifact.purl"
+// semantic conventions. It represents the [Package URL] of the
+// [package artifact] provides a standard way to identify and locate the packaged
+// artifact.
+//
+// [Package URL]: https://github.com/package-url/purl-spec
+// [package artifact]: https://slsa.dev/spec/v1.0/terminology#package-model
+func ArtifactPurl(val string) attribute.KeyValue {
+	return ArtifactPurlKey.String(val)
+}
+
+// ArtifactVersion returns an attribute KeyValue conforming to the
+// "artifact.version" semantic conventions. It represents the version of the
+// artifact.
+func ArtifactVersion(val string) attribute.KeyValue {
+	return ArtifactVersionKey.String(val)
+}
+
+// Namespace: aws
+const (
+	// AWSDynamoDBAttributeDefinitionsKey is the attribute Key conforming to the
+	// "aws.dynamodb.attribute_definitions" semantic conventions. It represents the
+	// JSON-serialized value of each item in the `AttributeDefinitions` request
+	// field.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "{ "AttributeName": "string", "AttributeType": "string" }"
+	AWSDynamoDBAttributeDefinitionsKey = attribute.Key("aws.dynamodb.attribute_definitions")
+
+	// AWSDynamoDBAttributesToGetKey is the attribute Key conforming to the
+	// "aws.dynamodb.attributes_to_get" semantic conventions. It represents the
+	// value of the `AttributesToGet` request parameter.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "lives", "id"
+	AWSDynamoDBAttributesToGetKey = attribute.Key("aws.dynamodb.attributes_to_get")
+
+	// AWSDynamoDBConsistentReadKey is the attribute Key conforming to the
+	// "aws.dynamodb.consistent_read" semantic conventions. It represents the value
+	// of the `ConsistentRead` request parameter.
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	AWSDynamoDBConsistentReadKey = attribute.Key("aws.dynamodb.consistent_read")
+
+	// AWSDynamoDBConsumedCapacityKey is the attribute Key conforming to the
+	// "aws.dynamodb.consumed_capacity" semantic conventions. It represents the
+	// JSON-serialized value of each item in the `ConsumedCapacity` response field.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "{ "CapacityUnits": number, "GlobalSecondaryIndexes": { "string" :
+	// { "CapacityUnits": number, "ReadCapacityUnits": number, "WriteCapacityUnits":
+	// number } }, "LocalSecondaryIndexes": { "string" : { "CapacityUnits": number,
+	// "ReadCapacityUnits": number, "WriteCapacityUnits": number } },
+	// "ReadCapacityUnits": number, "Table": { "CapacityUnits": number,
+	// "ReadCapacityUnits": number, "WriteCapacityUnits": number }, "TableName":
+	// "string", "WriteCapacityUnits": number }"
+	AWSDynamoDBConsumedCapacityKey = attribute.Key("aws.dynamodb.consumed_capacity")
+
+	// AWSDynamoDBCountKey is the attribute Key conforming to the
+	// "aws.dynamodb.count" semantic conventions. It represents the value of the
+	// `Count` response parameter.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 10
+	AWSDynamoDBCountKey = attribute.Key("aws.dynamodb.count")
+
+	// AWSDynamoDBExclusiveStartTableKey is the attribute Key conforming to the
+	// "aws.dynamodb.exclusive_start_table" semantic conventions. It represents the
+	// value of the `ExclusiveStartTableName` request parameter.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Users", "CatsTable"
+	AWSDynamoDBExclusiveStartTableKey = attribute.Key("aws.dynamodb.exclusive_start_table")
+
+	// AWSDynamoDBGlobalSecondaryIndexUpdatesKey is the attribute Key conforming to
+	// the "aws.dynamodb.global_secondary_index_updates" semantic conventions. It
+	// represents the JSON-serialized value of each item in the
+	// `GlobalSecondaryIndexUpdates` request field.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "{ "Create": { "IndexName": "string", "KeySchema": [ {
+	// "AttributeName": "string", "KeyType": "string" } ], "Projection": {
+	// "NonKeyAttributes": [ "string" ], "ProjectionType": "string" },
+	// "ProvisionedThroughput": { "ReadCapacityUnits": number, "WriteCapacityUnits":
+	// number } }"
+	AWSDynamoDBGlobalSecondaryIndexUpdatesKey = attribute.Key("aws.dynamodb.global_secondary_index_updates")
+
+	// AWSDynamoDBGlobalSecondaryIndexesKey is the attribute Key conforming to the
+	// "aws.dynamodb.global_secondary_indexes" semantic conventions. It represents
+	// the JSON-serialized value of each item of the `GlobalSecondaryIndexes`
+	// request field.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "{ "IndexName": "string", "KeySchema": [ { "AttributeName":
+	// "string", "KeyType": "string" } ], "Projection": { "NonKeyAttributes": [
+	// "string" ], "ProjectionType": "string" }, "ProvisionedThroughput": {
+	// "ReadCapacityUnits": number, "WriteCapacityUnits": number } }"
+	AWSDynamoDBGlobalSecondaryIndexesKey = attribute.Key("aws.dynamodb.global_secondary_indexes")
+
+	// AWSDynamoDBIndexNameKey is the attribute Key conforming to the
+	// "aws.dynamodb.index_name" semantic conventions. It represents the value of
+	// the `IndexName` request parameter.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "name_to_group"
+	AWSDynamoDBIndexNameKey = attribute.Key("aws.dynamodb.index_name")
+
+	// AWSDynamoDBItemCollectionMetricsKey is the attribute Key conforming to the
+	// "aws.dynamodb.item_collection_metrics" semantic conventions. It represents
+	// the JSON-serialized value of the `ItemCollectionMetrics` response field.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "{ "string" : [ { "ItemCollectionKey": { "string" : { "B": blob,
+	// "BOOL": boolean, "BS": [ blob ], "L": [ "AttributeValue" ], "M": { "string" :
+	// "AttributeValue" }, "N": "string", "NS": [ "string" ], "NULL": boolean, "S":
+	// "string", "SS": [ "string" ] } }, "SizeEstimateRangeGB": [ number ] } ] }"
+	AWSDynamoDBItemCollectionMetricsKey = attribute.Key("aws.dynamodb.item_collection_metrics")
+
+	// AWSDynamoDBLimitKey is the attribute Key conforming to the
+	// "aws.dynamodb.limit" semantic conventions. It represents the value of the
+	// `Limit` request parameter.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 10
+	AWSDynamoDBLimitKey = attribute.Key("aws.dynamodb.limit")
+
+	// AWSDynamoDBLocalSecondaryIndexesKey is the attribute Key conforming to the
+	// "aws.dynamodb.local_secondary_indexes" semantic conventions. It represents
+	// the JSON-serialized value of each item of the `LocalSecondaryIndexes` request
+	// field.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "{ "IndexArn": "string", "IndexName": "string", "IndexSizeBytes":
+	// number, "ItemCount": number, "KeySchema": [ { "AttributeName": "string",
+	// "KeyType": "string" } ], "Projection": { "NonKeyAttributes": [ "string" ],
+	// "ProjectionType": "string" } }"
+	AWSDynamoDBLocalSecondaryIndexesKey = attribute.Key("aws.dynamodb.local_secondary_indexes")
+
+	// AWSDynamoDBProjectionKey is the attribute Key conforming to the
+	// "aws.dynamodb.projection" semantic conventions. It represents the value of
+	// the `ProjectionExpression` request parameter.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Title", "Title, Price, Color", "Title, Description, RelatedItems,
+	// ProductReviews"
+	AWSDynamoDBProjectionKey = attribute.Key("aws.dynamodb.projection")
+
+	// AWSDynamoDBProvisionedReadCapacityKey is the attribute Key conforming to the
+	// "aws.dynamodb.provisioned_read_capacity" semantic conventions. It represents
+	// the value of the `ProvisionedThroughput.ReadCapacityUnits` request parameter.
+	//
+	// Type: double
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1.0, 2.0
+	AWSDynamoDBProvisionedReadCapacityKey = attribute.Key("aws.dynamodb.provisioned_read_capacity")
+
+	// AWSDynamoDBProvisionedWriteCapacityKey is the attribute Key conforming to the
+	// "aws.dynamodb.provisioned_write_capacity" semantic conventions. It represents
+	// the value of the `ProvisionedThroughput.WriteCapacityUnits` request
+	// parameter.
+	//
+	// Type: double
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1.0, 2.0
+	AWSDynamoDBProvisionedWriteCapacityKey = attribute.Key("aws.dynamodb.provisioned_write_capacity")
+
+	// AWSDynamoDBScanForwardKey is the attribute Key conforming to the
+	// "aws.dynamodb.scan_forward" semantic conventions. It represents the value of
+	// the `ScanIndexForward` request parameter.
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	AWSDynamoDBScanForwardKey = attribute.Key("aws.dynamodb.scan_forward")
+
+	// AWSDynamoDBScannedCountKey is the attribute Key conforming to the
+	// "aws.dynamodb.scanned_count" semantic conventions. It represents the value of
+	// the `ScannedCount` response parameter.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 50
+	AWSDynamoDBScannedCountKey = attribute.Key("aws.dynamodb.scanned_count")
+
+	// AWSDynamoDBSegmentKey is the attribute Key conforming to the
+	// "aws.dynamodb.segment" semantic conventions. It represents the value of the
+	// `Segment` request parameter.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 10
+	AWSDynamoDBSegmentKey = attribute.Key("aws.dynamodb.segment")
+
+	// AWSDynamoDBSelectKey is the attribute Key conforming to the
+	// "aws.dynamodb.select" semantic conventions. It represents the value of the
+	// `Select` request parameter.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "ALL_ATTRIBUTES", "COUNT"
+	AWSDynamoDBSelectKey = attribute.Key("aws.dynamodb.select")
+
+	// AWSDynamoDBTableCountKey is the attribute Key conforming to the
+	// "aws.dynamodb.table_count" semantic conventions. It represents the number of
+	// items in the `TableNames` response parameter.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 20
+	AWSDynamoDBTableCountKey = attribute.Key("aws.dynamodb.table_count")
+
+	// AWSDynamoDBTableNamesKey is the attribute Key conforming to the
+	// "aws.dynamodb.table_names" semantic conventions. It represents the keys in
+	// the `RequestItems` object field.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Users", "Cats"
+	AWSDynamoDBTableNamesKey = attribute.Key("aws.dynamodb.table_names")
+
+	// AWSDynamoDBTotalSegmentsKey is the attribute Key conforming to the
+	// "aws.dynamodb.total_segments" semantic conventions. It represents the value
+	// of the `TotalSegments` request parameter.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 100
+	AWSDynamoDBTotalSegmentsKey = attribute.Key("aws.dynamodb.total_segments")
+
+	// AWSECSClusterARNKey is the attribute Key conforming to the
+	// "aws.ecs.cluster.arn" semantic conventions. It represents the ARN of an
+	// [ECS cluster].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "arn:aws:ecs:us-west-2:123456789123:cluster/my-cluster"
+	//
+	// [ECS cluster]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/clusters.html
+	AWSECSClusterARNKey = attribute.Key("aws.ecs.cluster.arn")
+
+	// AWSECSContainerARNKey is the attribute Key conforming to the
+	// "aws.ecs.container.arn" semantic conventions. It represents the Amazon
+	// Resource Name (ARN) of an [ECS container instance].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "arn:aws:ecs:us-west-1:123456789123:container/32624152-9086-4f0e-acae-1a75b14fe4d9"
+	//
+	// [ECS container instance]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_instances.html
+	AWSECSContainerARNKey = attribute.Key("aws.ecs.container.arn")
+
+	// AWSECSLaunchtypeKey is the attribute Key conforming to the
+	// "aws.ecs.launchtype" semantic conventions. It represents the [launch type]
+	// for an ECS task.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	//
+	// [launch type]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html
+	AWSECSLaunchtypeKey = attribute.Key("aws.ecs.launchtype")
+
+	// AWSECSTaskARNKey is the attribute Key conforming to the "aws.ecs.task.arn"
+	// semantic conventions. It represents the ARN of a running [ECS task].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "arn:aws:ecs:us-west-1:123456789123:task/10838bed-421f-43ef-870a-f43feacbbb5b",
+	// "arn:aws:ecs:us-west-1:123456789123:task/my-cluster/task-id/23ebb8ac-c18f-46c6-8bbe-d55d0e37cfbd"
+	//
+	// [ECS task]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#ecs-resource-ids
+	AWSECSTaskARNKey = attribute.Key("aws.ecs.task.arn")
+
+	// AWSECSTaskFamilyKey is the attribute Key conforming to the
+	// "aws.ecs.task.family" semantic conventions. It represents the family name of
+	// the [ECS task definition] used to create the ECS task.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry-family"
+	//
+	// [ECS task definition]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definitions.html
+	AWSECSTaskFamilyKey = attribute.Key("aws.ecs.task.family")
+
+	// AWSECSTaskIDKey is the attribute Key conforming to the "aws.ecs.task.id"
+	// semantic conventions. It represents the ID of a running ECS task. The ID MUST
+	// be extracted from `task.arn`.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "10838bed-421f-43ef-870a-f43feacbbb5b",
+	// "23ebb8ac-c18f-46c6-8bbe-d55d0e37cfbd"
+	AWSECSTaskIDKey = attribute.Key("aws.ecs.task.id")
+
+	// AWSECSTaskRevisionKey is the attribute Key conforming to the
+	// "aws.ecs.task.revision" semantic conventions. It represents the revision for
+	// the task definition used to create the ECS task.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "8", "26"
+	AWSECSTaskRevisionKey = attribute.Key("aws.ecs.task.revision")
+
+	// AWSEKSClusterARNKey is the attribute Key conforming to the
+	// "aws.eks.cluster.arn" semantic conventions. It represents the ARN of an EKS
+	// cluster.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "arn:aws:ecs:us-west-2:123456789123:cluster/my-cluster"
+	AWSEKSClusterARNKey = attribute.Key("aws.eks.cluster.arn")
+
+	// AWSExtendedRequestIDKey is the attribute Key conforming to the
+	// "aws.extended_request_id" semantic conventions. It represents the AWS
+	// extended request ID as returned in the response header `x-amz-id-2`.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "wzHcyEWfmOGDIE5QOhTAqFDoDWP3y8IUvpNINCwL9N4TEHbUw0/gZJ+VZTmCNCWR7fezEN3eCiQ="
+	AWSExtendedRequestIDKey = attribute.Key("aws.extended_request_id")
+
+	// AWSLambdaInvokedARNKey is the attribute Key conforming to the
+	// "aws.lambda.invoked_arn" semantic conventions. It represents the full invoked
+	// ARN as provided on the `Context` passed to the function (
+	// `Lambda-Runtime-Invoked-Function-Arn` header on the
+	// `/runtime/invocation/next` applicable).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "arn:aws:lambda:us-east-1:123456:function:myfunction:myalias"
+	// Note: This may be different from `cloud.resource_id` if an alias is involved.
+	AWSLambdaInvokedARNKey = attribute.Key("aws.lambda.invoked_arn")
+
+	// AWSLogGroupARNsKey is the attribute Key conforming to the
+	// "aws.log.group.arns" semantic conventions. It represents the Amazon Resource
+	// Name(s) (ARN) of the AWS log group(s).
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "arn:aws:logs:us-west-1:123456789012:log-group:/aws/my/group:*"
+	// Note: See the [log group ARN format documentation].
+	//
+	// [log group ARN format documentation]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html#CWL_ARN_Format
+	AWSLogGroupARNsKey = attribute.Key("aws.log.group.arns")
+
+	// AWSLogGroupNamesKey is the attribute Key conforming to the
+	// "aws.log.group.names" semantic conventions. It represents the name(s) of the
+	// AWS log group(s) an application is writing to.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/aws/lambda/my-function", "opentelemetry-service"
+	// Note: Multiple log groups must be supported for cases like multi-container
+	// applications, where a single application has sidecar containers, and each
+	// write to their own log group.
+	AWSLogGroupNamesKey = attribute.Key("aws.log.group.names")
+
+	// AWSLogStreamARNsKey is the attribute Key conforming to the
+	// "aws.log.stream.arns" semantic conventions. It represents the ARN(s) of the
+	// AWS log stream(s).
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "arn:aws:logs:us-west-1:123456789012:log-group:/aws/my/group:log-stream:logs/main/10838bed-421f-43ef-870a-f43feacbbb5b"
+	// Note: See the [log stream ARN format documentation]. One log group can
+	// contain several log streams, so these ARNs necessarily identify both a log
+	// group and a log stream.
+	//
+	// [log stream ARN format documentation]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html#CWL_ARN_Format
+	AWSLogStreamARNsKey = attribute.Key("aws.log.stream.arns")
+
+	// AWSLogStreamNamesKey is the attribute Key conforming to the
+	// "aws.log.stream.names" semantic conventions. It represents the name(s) of the
+	// AWS log stream(s) an application is writing to.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "logs/main/10838bed-421f-43ef-870a-f43feacbbb5b"
+	AWSLogStreamNamesKey = attribute.Key("aws.log.stream.names")
+
+	// AWSRequestIDKey is the attribute Key conforming to the "aws.request_id"
+	// semantic conventions. It represents the AWS request ID as returned in the
+	// response headers `x-amzn-requestid`, `x-amzn-request-id` or
+	// `x-amz-request-id`.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "79b9da39-b7ae-508a-a6bc-864b2829c622", "C9ER4AJX75574TDJ"
+	AWSRequestIDKey = attribute.Key("aws.request_id")
+
+	// AWSS3BucketKey is the attribute Key conforming to the "aws.s3.bucket"
+	// semantic conventions. It represents the S3 bucket name the request refers to.
+	// Corresponds to the `--bucket` parameter of the [S3 API] operations.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "some-bucket-name"
+	// Note: The `bucket` attribute is applicable to all S3 operations that
+	// reference a bucket, i.e. that require the bucket name as a mandatory
+	// parameter.
+	// This applies to almost all S3 operations except `list-buckets`.
+	//
+	// [S3 API]: https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html
+	AWSS3BucketKey = attribute.Key("aws.s3.bucket")
+
+	// AWSS3CopySourceKey is the attribute Key conforming to the
+	// "aws.s3.copy_source" semantic conventions. It represents the source object
+	// (in the form `bucket`/`key`) for the copy operation.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "someFile.yml"
+	// Note: The `copy_source` attribute applies to S3 copy operations and
+	// corresponds to the `--copy-source` parameter
+	// of the [copy-object operation within the S3 API].
+	// This applies in particular to the following operations:
+	//
+	//   - [copy-object]
+	//   - [upload-part-copy]
+	//
+	//
+	// [copy-object operation within the S3 API]: https://docs.aws.amazon.com/cli/latest/reference/s3api/copy-object.html
+	// [copy-object]: https://docs.aws.amazon.com/cli/latest/reference/s3api/copy-object.html
+	// [upload-part-copy]: https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part-copy.html
+	AWSS3CopySourceKey = attribute.Key("aws.s3.copy_source")
+
+	// AWSS3DeleteKey is the attribute Key conforming to the "aws.s3.delete"
+	// semantic conventions. It represents the delete request container that
+	// specifies the objects to be deleted.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "Objects=[{Key=string,VersionId=string},{Key=string,VersionId=string}],Quiet=boolean"
+	// Note: The `delete` attribute is only applicable to the [delete-object]
+	// operation.
+	// The `delete` attribute corresponds to the `--delete` parameter of the
+	// [delete-objects operation within the S3 API].
+	//
+	// [delete-object]: https://docs.aws.amazon.com/cli/latest/reference/s3api/delete-object.html
+	// [delete-objects operation within the S3 API]: https://docs.aws.amazon.com/cli/latest/reference/s3api/delete-objects.html
+	AWSS3DeleteKey = attribute.Key("aws.s3.delete")
+
+	// AWSS3KeyKey is the attribute Key conforming to the "aws.s3.key" semantic
+	// conventions. It represents the S3 object key the request refers to.
+	// Corresponds to the `--key` parameter of the [S3 API] operations.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "someFile.yml"
+	// Note: The `key` attribute is applicable to all object-related S3 operations,
+	// i.e. that require the object key as a mandatory parameter.
+	// This applies in particular to the following operations:
+	//
+	//   - [copy-object]
+	//   - [delete-object]
+	//   - [get-object]
+	//   - [head-object]
+	//   - [put-object]
+	//   - [restore-object]
+	//   - [select-object-content]
+	//   - [abort-multipart-upload]
+	//   - [complete-multipart-upload]
+	//   - [create-multipart-upload]
+	//   - [list-parts]
+	//   - [upload-part]
+	//   - [upload-part-copy]
+	//
+	//
+	// [S3 API]: https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html
+	// [copy-object]: https://docs.aws.amazon.com/cli/latest/reference/s3api/copy-object.html
+	// [delete-object]: https://docs.aws.amazon.com/cli/latest/reference/s3api/delete-object.html
+	// [get-object]: https://docs.aws.amazon.com/cli/latest/reference/s3api/get-object.html
+	// [head-object]: https://docs.aws.amazon.com/cli/latest/reference/s3api/head-object.html
+	// [put-object]: https://docs.aws.amazon.com/cli/latest/reference/s3api/put-object.html
+	// [restore-object]: https://docs.aws.amazon.com/cli/latest/reference/s3api/restore-object.html
+	// [select-object-content]: https://docs.aws.amazon.com/cli/latest/reference/s3api/select-object-content.html
+	// [abort-multipart-upload]: https://docs.aws.amazon.com/cli/latest/reference/s3api/abort-multipart-upload.html
+	// [complete-multipart-upload]: https://docs.aws.amazon.com/cli/latest/reference/s3api/complete-multipart-upload.html
+	// [create-multipart-upload]: https://docs.aws.amazon.com/cli/latest/reference/s3api/create-multipart-upload.html
+	// [list-parts]: https://docs.aws.amazon.com/cli/latest/reference/s3api/list-parts.html
+	// [upload-part]: https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part.html
+	// [upload-part-copy]: https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part-copy.html
+	AWSS3KeyKey = attribute.Key("aws.s3.key")
+
+	// AWSS3PartNumberKey is the attribute Key conforming to the
+	// "aws.s3.part_number" semantic conventions. It represents the part number of
+	// the part being uploaded in a multipart-upload operation. This is a positive
+	// integer between 1 and 10,000.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 3456
+	// Note: The `part_number` attribute is only applicable to the [upload-part]
+	// and [upload-part-copy] operations.
+	// The `part_number` attribute corresponds to the `--part-number` parameter of
+	// the
+	// [upload-part operation within the S3 API].
+	//
+	// [upload-part]: https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part.html
+	// [upload-part-copy]: https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part-copy.html
+	// [upload-part operation within the S3 API]: https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part.html
+	AWSS3PartNumberKey = attribute.Key("aws.s3.part_number")
+
+	// AWSS3UploadIDKey is the attribute Key conforming to the "aws.s3.upload_id"
+	// semantic conventions. It represents the upload ID that identifies the
+	// multipart upload.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "dfRtDYWFbkRONycy.Yxwh66Yjlx.cph0gtNBtJ"
+	// Note: The `upload_id` attribute applies to S3 multipart-upload operations and
+	// corresponds to the `--upload-id` parameter
+	// of the [S3 API] multipart operations.
+	// This applies in particular to the following operations:
+	//
+	//   - [abort-multipart-upload]
+	//   - [complete-multipart-upload]
+	//   - [list-parts]
+	//   - [upload-part]
+	//   - [upload-part-copy]
+	//
+	//
+	// [S3 API]: https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html
+	// [abort-multipart-upload]: https://docs.aws.amazon.com/cli/latest/reference/s3api/abort-multipart-upload.html
+	// [complete-multipart-upload]: https://docs.aws.amazon.com/cli/latest/reference/s3api/complete-multipart-upload.html
+	// [list-parts]: https://docs.aws.amazon.com/cli/latest/reference/s3api/list-parts.html
+	// [upload-part]: https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part.html
+	// [upload-part-copy]: https://docs.aws.amazon.com/cli/latest/reference/s3api/upload-part-copy.html
+	AWSS3UploadIDKey = attribute.Key("aws.s3.upload_id")
+)
+
+// AWSDynamoDBAttributeDefinitions returns an attribute KeyValue conforming to
+// the "aws.dynamodb.attribute_definitions" semantic conventions. It represents
+// the JSON-serialized value of each item in the `AttributeDefinitions` request
+// field.
+func AWSDynamoDBAttributeDefinitions(val ...string) attribute.KeyValue {
+	return AWSDynamoDBAttributeDefinitionsKey.StringSlice(val)
+}
+
+// AWSDynamoDBAttributesToGet returns an attribute KeyValue conforming to the
+// "aws.dynamodb.attributes_to_get" semantic conventions. It represents the value
+// of the `AttributesToGet` request parameter.
+func AWSDynamoDBAttributesToGet(val ...string) attribute.KeyValue {
+	return AWSDynamoDBAttributesToGetKey.StringSlice(val)
+}
+
+// AWSDynamoDBConsistentRead returns an attribute KeyValue conforming to the
+// "aws.dynamodb.consistent_read" semantic conventions. It represents the value
+// of the `ConsistentRead` request parameter.
+func AWSDynamoDBConsistentRead(val bool) attribute.KeyValue {
+	return AWSDynamoDBConsistentReadKey.Bool(val)
+}
+
+// AWSDynamoDBConsumedCapacity returns an attribute KeyValue conforming to the
+// "aws.dynamodb.consumed_capacity" semantic conventions. It represents the
+// JSON-serialized value of each item in the `ConsumedCapacity` response field.
+func AWSDynamoDBConsumedCapacity(val ...string) attribute.KeyValue {
+	return AWSDynamoDBConsumedCapacityKey.StringSlice(val)
+}
+
+// AWSDynamoDBCount returns an attribute KeyValue conforming to the
+// "aws.dynamodb.count" semantic conventions. It represents the value of the
+// `Count` response parameter.
+func AWSDynamoDBCount(val int) attribute.KeyValue {
+	return AWSDynamoDBCountKey.Int(val)
+}
+
+// AWSDynamoDBExclusiveStartTable returns an attribute KeyValue conforming to the
+// "aws.dynamodb.exclusive_start_table" semantic conventions. It represents the
+// value of the `ExclusiveStartTableName` request parameter.
+func AWSDynamoDBExclusiveStartTable(val string) attribute.KeyValue {
+	return AWSDynamoDBExclusiveStartTableKey.String(val)
+}
+
+// AWSDynamoDBGlobalSecondaryIndexUpdates returns an attribute KeyValue
+// conforming to the "aws.dynamodb.global_secondary_index_updates" semantic
+// conventions. It represents the JSON-serialized value of each item in the
+// `GlobalSecondaryIndexUpdates` request field.
+func AWSDynamoDBGlobalSecondaryIndexUpdates(val ...string) attribute.KeyValue {
+	return AWSDynamoDBGlobalSecondaryIndexUpdatesKey.StringSlice(val)
+}
+
+// AWSDynamoDBGlobalSecondaryIndexes returns an attribute KeyValue conforming to
+// the "aws.dynamodb.global_secondary_indexes" semantic conventions. It
+// represents the JSON-serialized value of each item of the
+// `GlobalSecondaryIndexes` request field.
+func AWSDynamoDBGlobalSecondaryIndexes(val ...string) attribute.KeyValue {
+	return AWSDynamoDBGlobalSecondaryIndexesKey.StringSlice(val)
+}
+
+// AWSDynamoDBIndexName returns an attribute KeyValue conforming to the
+// "aws.dynamodb.index_name" semantic conventions. It represents the value of the
+// `IndexName` request parameter.
+func AWSDynamoDBIndexName(val string) attribute.KeyValue {
+	return AWSDynamoDBIndexNameKey.String(val)
+}
+
+// AWSDynamoDBItemCollectionMetrics returns an attribute KeyValue conforming to
+// the "aws.dynamodb.item_collection_metrics" semantic conventions. It represents
+// the JSON-serialized value of the `ItemCollectionMetrics` response field.
+func AWSDynamoDBItemCollectionMetrics(val string) attribute.KeyValue {
+	return AWSDynamoDBItemCollectionMetricsKey.String(val)
+}
+
+// AWSDynamoDBLimit returns an attribute KeyValue conforming to the
+// "aws.dynamodb.limit" semantic conventions. It represents the value of the
+// `Limit` request parameter.
+func AWSDynamoDBLimit(val int) attribute.KeyValue {
+	return AWSDynamoDBLimitKey.Int(val)
+}
+
+// AWSDynamoDBLocalSecondaryIndexes returns an attribute KeyValue conforming to
+// the "aws.dynamodb.local_secondary_indexes" semantic conventions. It represents
+// the JSON-serialized value of each item of the `LocalSecondaryIndexes` request
+// field.
+func AWSDynamoDBLocalSecondaryIndexes(val ...string) attribute.KeyValue {
+	return AWSDynamoDBLocalSecondaryIndexesKey.StringSlice(val)
+}
+
+// AWSDynamoDBProjection returns an attribute KeyValue conforming to the
+// "aws.dynamodb.projection" semantic conventions. It represents the value of the
+// `ProjectionExpression` request parameter.
+func AWSDynamoDBProjection(val string) attribute.KeyValue {
+	return AWSDynamoDBProjectionKey.String(val)
+}
+
+// AWSDynamoDBProvisionedReadCapacity returns an attribute KeyValue conforming to
+// the "aws.dynamodb.provisioned_read_capacity" semantic conventions. It
+// represents the value of the `ProvisionedThroughput.ReadCapacityUnits` request
+// parameter.
+func AWSDynamoDBProvisionedReadCapacity(val float64) attribute.KeyValue {
+	return AWSDynamoDBProvisionedReadCapacityKey.Float64(val)
+}
+
+// AWSDynamoDBProvisionedWriteCapacity returns an attribute KeyValue conforming
+// to the "aws.dynamodb.provisioned_write_capacity" semantic conventions. It
+// represents the value of the `ProvisionedThroughput.WriteCapacityUnits` request
+// parameter.
+func AWSDynamoDBProvisionedWriteCapacity(val float64) attribute.KeyValue {
+	return AWSDynamoDBProvisionedWriteCapacityKey.Float64(val)
+}
+
+// AWSDynamoDBScanForward returns an attribute KeyValue conforming to the
+// "aws.dynamodb.scan_forward" semantic conventions. It represents the value of
+// the `ScanIndexForward` request parameter.
+func AWSDynamoDBScanForward(val bool) attribute.KeyValue {
+	return AWSDynamoDBScanForwardKey.Bool(val)
+}
+
+// AWSDynamoDBScannedCount returns an attribute KeyValue conforming to the
+// "aws.dynamodb.scanned_count" semantic conventions. It represents the value of
+// the `ScannedCount` response parameter.
+func AWSDynamoDBScannedCount(val int) attribute.KeyValue {
+	return AWSDynamoDBScannedCountKey.Int(val)
+}
+
+// AWSDynamoDBSegment returns an attribute KeyValue conforming to the
+// "aws.dynamodb.segment" semantic conventions. It represents the value of the
+// `Segment` request parameter.
+func AWSDynamoDBSegment(val int) attribute.KeyValue {
+	return AWSDynamoDBSegmentKey.Int(val)
+}
+
+// AWSDynamoDBSelect returns an attribute KeyValue conforming to the
+// "aws.dynamodb.select" semantic conventions. It represents the value of the
+// `Select` request parameter.
+func AWSDynamoDBSelect(val string) attribute.KeyValue {
+	return AWSDynamoDBSelectKey.String(val)
+}
+
+// AWSDynamoDBTableCount returns an attribute KeyValue conforming to the
+// "aws.dynamodb.table_count" semantic conventions. It represents the number of
+// items in the `TableNames` response parameter.
+func AWSDynamoDBTableCount(val int) attribute.KeyValue {
+	return AWSDynamoDBTableCountKey.Int(val)
+}
+
+// AWSDynamoDBTableNames returns an attribute KeyValue conforming to the
+// "aws.dynamodb.table_names" semantic conventions. It represents the keys in the
+// `RequestItems` object field.
+func AWSDynamoDBTableNames(val ...string) attribute.KeyValue {
+	return AWSDynamoDBTableNamesKey.StringSlice(val)
+}
+
+// AWSDynamoDBTotalSegments returns an attribute KeyValue conforming to the
+// "aws.dynamodb.total_segments" semantic conventions. It represents the value of
+// the `TotalSegments` request parameter.
+func AWSDynamoDBTotalSegments(val int) attribute.KeyValue {
+	return AWSDynamoDBTotalSegmentsKey.Int(val)
+}
+
+// AWSECSClusterARN returns an attribute KeyValue conforming to the
+// "aws.ecs.cluster.arn" semantic conventions. It represents the ARN of an
+// [ECS cluster].
+//
+// [ECS cluster]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/clusters.html
+func AWSECSClusterARN(val string) attribute.KeyValue {
+	return AWSECSClusterARNKey.String(val)
+}
+
+// AWSECSContainerARN returns an attribute KeyValue conforming to the
+// "aws.ecs.container.arn" semantic conventions. It represents the Amazon
+// Resource Name (ARN) of an [ECS container instance].
+//
+// [ECS container instance]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ECS_instances.html
+func AWSECSContainerARN(val string) attribute.KeyValue {
+	return AWSECSContainerARNKey.String(val)
+}
+
+// AWSECSTaskARN returns an attribute KeyValue conforming to the
+// "aws.ecs.task.arn" semantic conventions. It represents the ARN of a running
+// [ECS task].
+//
+// [ECS task]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#ecs-resource-ids
+func AWSECSTaskARN(val string) attribute.KeyValue {
+	return AWSECSTaskARNKey.String(val)
+}
+
+// AWSECSTaskFamily returns an attribute KeyValue conforming to the
+// "aws.ecs.task.family" semantic conventions. It represents the family name of
+// the [ECS task definition] used to create the ECS task.
+//
+// [ECS task definition]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definitions.html
+func AWSECSTaskFamily(val string) attribute.KeyValue {
+	return AWSECSTaskFamilyKey.String(val)
+}
+
+// AWSECSTaskID returns an attribute KeyValue conforming to the "aws.ecs.task.id"
+// semantic conventions. It represents the ID of a running ECS task. The ID MUST
+// be extracted from `task.arn`.
+func AWSECSTaskID(val string) attribute.KeyValue {
+	return AWSECSTaskIDKey.String(val)
+}
+
+// AWSECSTaskRevision returns an attribute KeyValue conforming to the
+// "aws.ecs.task.revision" semantic conventions. It represents the revision for
+// the task definition used to create the ECS task.
+func AWSECSTaskRevision(val string) attribute.KeyValue {
+	return AWSECSTaskRevisionKey.String(val)
+}
+
+// AWSEKSClusterARN returns an attribute KeyValue conforming to the
+// "aws.eks.cluster.arn" semantic conventions. It represents the ARN of an EKS
+// cluster.
+func AWSEKSClusterARN(val string) attribute.KeyValue {
+	return AWSEKSClusterARNKey.String(val)
+}
+
+// AWSExtendedRequestID returns an attribute KeyValue conforming to the
+// "aws.extended_request_id" semantic conventions. It represents the AWS extended
+// request ID as returned in the response header `x-amz-id-2`.
+func AWSExtendedRequestID(val string) attribute.KeyValue {
+	return AWSExtendedRequestIDKey.String(val)
+}
+
+// AWSLambdaInvokedARN returns an attribute KeyValue conforming to the
+// "aws.lambda.invoked_arn" semantic conventions. It represents the full invoked
+// ARN as provided on the `Context` passed to the function (
+// `Lambda-Runtime-Invoked-Function-Arn` header on the `/runtime/invocation/next`
+//  applicable).
+func AWSLambdaInvokedARN(val string) attribute.KeyValue {
+	return AWSLambdaInvokedARNKey.String(val)
+}
+
+// AWSLogGroupARNs returns an attribute KeyValue conforming to the
+// "aws.log.group.arns" semantic conventions. It represents the Amazon Resource
+// Name(s) (ARN) of the AWS log group(s).
+func AWSLogGroupARNs(val ...string) attribute.KeyValue {
+	return AWSLogGroupARNsKey.StringSlice(val)
+}
+
+// AWSLogGroupNames returns an attribute KeyValue conforming to the
+// "aws.log.group.names" semantic conventions. It represents the name(s) of the
+// AWS log group(s) an application is writing to.
+func AWSLogGroupNames(val ...string) attribute.KeyValue {
+	return AWSLogGroupNamesKey.StringSlice(val)
+}
+
+// AWSLogStreamARNs returns an attribute KeyValue conforming to the
+// "aws.log.stream.arns" semantic conventions. It represents the ARN(s) of the
+// AWS log stream(s).
+func AWSLogStreamARNs(val ...string) attribute.KeyValue {
+	return AWSLogStreamARNsKey.StringSlice(val)
+}
+
+// AWSLogStreamNames returns an attribute KeyValue conforming to the
+// "aws.log.stream.names" semantic conventions. It represents the name(s) of the
+// AWS log stream(s) an application is writing to.
+func AWSLogStreamNames(val ...string) attribute.KeyValue {
+	return AWSLogStreamNamesKey.StringSlice(val)
+}
+
+// AWSRequestID returns an attribute KeyValue conforming to the "aws.request_id"
+// semantic conventions. It represents the AWS request ID as returned in the
+// response headers `x-amzn-requestid`, `x-amzn-request-id` or `x-amz-request-id`
+// .
+func AWSRequestID(val string) attribute.KeyValue {
+	return AWSRequestIDKey.String(val)
+}
+
+// AWSS3Bucket returns an attribute KeyValue conforming to the "aws.s3.bucket"
+// semantic conventions. It represents the S3 bucket name the request refers to.
+// Corresponds to the `--bucket` parameter of the [S3 API] operations.
+//
+// [S3 API]: https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html
+func AWSS3Bucket(val string) attribute.KeyValue {
+	return AWSS3BucketKey.String(val)
+}
+
+// AWSS3CopySource returns an attribute KeyValue conforming to the
+// "aws.s3.copy_source" semantic conventions. It represents the source object (in
+// the form `bucket`/`key`) for the copy operation.
+func AWSS3CopySource(val string) attribute.KeyValue {
+	return AWSS3CopySourceKey.String(val)
+}
+
+// AWSS3Delete returns an attribute KeyValue conforming to the "aws.s3.delete"
+// semantic conventions. It represents the delete request container that
+// specifies the objects to be deleted.
+func AWSS3Delete(val string) attribute.KeyValue {
+	return AWSS3DeleteKey.String(val)
+}
+
+// AWSS3Key returns an attribute KeyValue conforming to the "aws.s3.key" semantic
+// conventions. It represents the S3 object key the request refers to.
+// Corresponds to the `--key` parameter of the [S3 API] operations.
+//
+// [S3 API]: https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html
+func AWSS3Key(val string) attribute.KeyValue {
+	return AWSS3KeyKey.String(val)
+}
+
+// AWSS3PartNumber returns an attribute KeyValue conforming to the
+// "aws.s3.part_number" semantic conventions. It represents the part number of
+// the part being uploaded in a multipart-upload operation. This is a positive
+// integer between 1 and 10,000.
+func AWSS3PartNumber(val int) attribute.KeyValue {
+	return AWSS3PartNumberKey.Int(val)
+}
+
+// AWSS3UploadID returns an attribute KeyValue conforming to the
+// "aws.s3.upload_id" semantic conventions. It represents the upload ID that
+// identifies the multipart upload.
+func AWSS3UploadID(val string) attribute.KeyValue {
+	return AWSS3UploadIDKey.String(val)
+}
+
+// Enum values for aws.ecs.launchtype
+var (
+	// ec2
+	// Stability: development
+	AWSECSLaunchtypeEC2 = AWSECSLaunchtypeKey.String("ec2")
+	// fargate
+	// Stability: development
+	AWSECSLaunchtypeFargate = AWSECSLaunchtypeKey.String("fargate")
+)
+
+// Namespace: az
+const (
+	// AzNamespaceKey is the attribute Key conforming to the "az.namespace" semantic
+	// conventions. It represents the [Azure Resource Provider Namespace] as
+	// recognized by the client.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Microsoft.Storage", "Microsoft.KeyVault", "Microsoft.ServiceBus"
+	//
+	// [Azure Resource Provider Namespace]: https://learn.microsoft.com/azure/azure-resource-manager/management/azure-services-resource-providers
+	AzNamespaceKey = attribute.Key("az.namespace")
+
+	// AzServiceRequestIDKey is the attribute Key conforming to the
+	// "az.service_request_id" semantic conventions. It represents the unique
+	// identifier of the service request. It's generated by the Azure service and
+	// returned with the response.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "00000000-0000-0000-0000-000000000000"
+	AzServiceRequestIDKey = attribute.Key("az.service_request_id")
+)
+
+// AzNamespace returns an attribute KeyValue conforming to the "az.namespace"
+// semantic conventions. It represents the [Azure Resource Provider Namespace] as
+// recognized by the client.
+//
+// [Azure Resource Provider Namespace]: https://learn.microsoft.com/azure/azure-resource-manager/management/azure-services-resource-providers
+func AzNamespace(val string) attribute.KeyValue {
+	return AzNamespaceKey.String(val)
+}
+
+// AzServiceRequestID returns an attribute KeyValue conforming to the
+// "az.service_request_id" semantic conventions. It represents the unique
+// identifier of the service request. It's generated by the Azure service and
+// returned with the response.
+func AzServiceRequestID(val string) attribute.KeyValue {
+	return AzServiceRequestIDKey.String(val)
+}
+
+// Namespace: azure
+const (
+	// AzureClientIDKey is the attribute Key conforming to the "azure.client.id"
+	// semantic conventions. It represents the unique identifier of the client
+	// instance.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "3ba4827d-4422-483f-b59f-85b74211c11d", "storage-client-1"
+	AzureClientIDKey = attribute.Key("azure.client.id")
+
+	// AzureCosmosDBConnectionModeKey is the attribute Key conforming to the
+	// "azure.cosmosdb.connection.mode" semantic conventions. It represents the
+	// cosmos client connection mode.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	AzureCosmosDBConnectionModeKey = attribute.Key("azure.cosmosdb.connection.mode")
+
+	// AzureCosmosDBConsistencyLevelKey is the attribute Key conforming to the
+	// "azure.cosmosdb.consistency.level" semantic conventions. It represents the
+	// account or request [consistency level].
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Eventual", "ConsistentPrefix", "BoundedStaleness", "Strong",
+	// "Session"
+	//
+	// [consistency level]: https://learn.microsoft.com/azure/cosmos-db/consistency-levels
+	AzureCosmosDBConsistencyLevelKey = attribute.Key("azure.cosmosdb.consistency.level")
+
+	// AzureCosmosDBOperationContactedRegionsKey is the attribute Key conforming to
+	// the "azure.cosmosdb.operation.contacted_regions" semantic conventions. It
+	// represents the list of regions contacted during operation in the order that
+	// they were contacted. If there is more than one region listed, it indicates
+	// that the operation was performed on multiple regions i.e. cross-regional
+	// call.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "North Central US", "Australia East", "Australia Southeast"
+	// Note: Region name matches the format of `displayName` in [Azure Location API]
+	//
+	// [Azure Location API]: https://learn.microsoft.com/rest/api/subscription/subscriptions/list-locations?view=rest-subscription-2021-10-01&tabs=HTTP#location
+	AzureCosmosDBOperationContactedRegionsKey = attribute.Key("azure.cosmosdb.operation.contacted_regions")
+
+	// AzureCosmosDBOperationRequestChargeKey is the attribute Key conforming to the
+	// "azure.cosmosdb.operation.request_charge" semantic conventions. It represents
+	// the number of request units consumed by the operation.
+	//
+	// Type: double
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 46.18, 1.0
+	AzureCosmosDBOperationRequestChargeKey = attribute.Key("azure.cosmosdb.operation.request_charge")
+
+	// AzureCosmosDBRequestBodySizeKey is the attribute Key conforming to the
+	// "azure.cosmosdb.request.body.size" semantic conventions. It represents the
+	// request payload size in bytes.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	AzureCosmosDBRequestBodySizeKey = attribute.Key("azure.cosmosdb.request.body.size")
+
+	// AzureCosmosDBResponseSubStatusCodeKey is the attribute Key conforming to the
+	// "azure.cosmosdb.response.sub_status_code" semantic conventions. It represents
+	// the cosmos DB sub status code.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1000, 1002
+	AzureCosmosDBResponseSubStatusCodeKey = attribute.Key("azure.cosmosdb.response.sub_status_code")
+)
+
+// AzureClientID returns an attribute KeyValue conforming to the
+// "azure.client.id" semantic conventions. It represents the unique identifier of
+// the client instance.
+func AzureClientID(val string) attribute.KeyValue {
+	return AzureClientIDKey.String(val)
+}
+
+// AzureCosmosDBOperationContactedRegions returns an attribute KeyValue
+// conforming to the "azure.cosmosdb.operation.contacted_regions" semantic
+// conventions. It represents the list of regions contacted during operation in
+// the order that they were contacted. If there is more than one region listed,
+// it indicates that the operation was performed on multiple regions i.e.
+// cross-regional call.
+func AzureCosmosDBOperationContactedRegions(val ...string) attribute.KeyValue {
+	return AzureCosmosDBOperationContactedRegionsKey.StringSlice(val)
+}
+
+// AzureCosmosDBOperationRequestCharge returns an attribute KeyValue conforming
+// to the "azure.cosmosdb.operation.request_charge" semantic conventions. It
+// represents the number of request units consumed by the operation.
+func AzureCosmosDBOperationRequestCharge(val float64) attribute.KeyValue {
+	return AzureCosmosDBOperationRequestChargeKey.Float64(val)
+}
+
+// AzureCosmosDBRequestBodySize returns an attribute KeyValue conforming to the
+// "azure.cosmosdb.request.body.size" semantic conventions. It represents the
+// request payload size in bytes.
+func AzureCosmosDBRequestBodySize(val int) attribute.KeyValue {
+	return AzureCosmosDBRequestBodySizeKey.Int(val)
+}
+
+// AzureCosmosDBResponseSubStatusCode returns an attribute KeyValue conforming to
+// the "azure.cosmosdb.response.sub_status_code" semantic conventions. It
+// represents the cosmos DB sub status code.
+func AzureCosmosDBResponseSubStatusCode(val int) attribute.KeyValue {
+	return AzureCosmosDBResponseSubStatusCodeKey.Int(val)
+}
+
+// Enum values for azure.cosmosdb.connection.mode
+var (
+	// Gateway (HTTP) connection.
+	// Stability: development
+	AzureCosmosDBConnectionModeGateway = AzureCosmosDBConnectionModeKey.String("gateway")
+	// Direct connection.
+	// Stability: development
+	AzureCosmosDBConnectionModeDirect = AzureCosmosDBConnectionModeKey.String("direct")
+)
+
+// Enum values for azure.cosmosdb.consistency.level
+var (
+	// strong
+	// Stability: development
+	AzureCosmosDBConsistencyLevelStrong = AzureCosmosDBConsistencyLevelKey.String("Strong")
+	// bounded_staleness
+	// Stability: development
+	AzureCosmosDBConsistencyLevelBoundedStaleness = AzureCosmosDBConsistencyLevelKey.String("BoundedStaleness")
+	// session
+	// Stability: development
+	AzureCosmosDBConsistencyLevelSession = AzureCosmosDBConsistencyLevelKey.String("Session")
+	// eventual
+	// Stability: development
+	AzureCosmosDBConsistencyLevelEventual = AzureCosmosDBConsistencyLevelKey.String("Eventual")
+	// consistent_prefix
+	// Stability: development
+	AzureCosmosDBConsistencyLevelConsistentPrefix = AzureCosmosDBConsistencyLevelKey.String("ConsistentPrefix")
+)
+
+// Namespace: browser
+const (
+	// BrowserBrandsKey is the attribute Key conforming to the "browser.brands"
+	// semantic conventions. It represents the array of brand name and version
+	// separated by a space.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: " Not A;Brand 99", "Chromium 99", "Chrome 99"
+	// Note: This value is intended to be taken from the [UA client hints API] (
+	// `navigator.userAgentData.brands`).
+	//
+	// [UA client hints API]: https://wicg.github.io/ua-client-hints/#interface
+	BrowserBrandsKey = attribute.Key("browser.brands")
+
+	// BrowserLanguageKey is the attribute Key conforming to the "browser.language"
+	// semantic conventions. It represents the preferred language of the user using
+	// the browser.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "en", "en-US", "fr", "fr-FR"
+	// Note: This value is intended to be taken from the Navigator API
+	// `navigator.language`.
+	BrowserLanguageKey = attribute.Key("browser.language")
+
+	// BrowserMobileKey is the attribute Key conforming to the "browser.mobile"
+	// semantic conventions. It represents a boolean that is true if the browser is
+	// running on a mobile device.
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// Note: This value is intended to be taken from the [UA client hints API] (
+	// `navigator.userAgentData.mobile`). If unavailable, this attribute SHOULD be
+	// left unset.
+	//
+	// [UA client hints API]: https://wicg.github.io/ua-client-hints/#interface
+	BrowserMobileKey = attribute.Key("browser.mobile")
+
+	// BrowserPlatformKey is the attribute Key conforming to the "browser.platform"
+	// semantic conventions. It represents the platform on which the browser is
+	// running.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Windows", "macOS", "Android"
+	// Note: This value is intended to be taken from the [UA client hints API] (
+	// `navigator.userAgentData.platform`). If unavailable, the legacy
+	// `navigator.platform` API SHOULD NOT be used instead and this attribute SHOULD
+	// be left unset in order for the values to be consistent.
+	// The list of possible values is defined in the
+	// [W3C User-Agent Client Hints specification]. Note that some (but not all) of
+	// these values can overlap with values in the
+	// [`os.type` and `os.name` attributes]. However, for consistency, the values in
+	// the `browser.platform` attribute should capture the exact value that the user
+	// agent provides.
+	//
+	// [UA client hints API]: https://wicg.github.io/ua-client-hints/#interface
+	// [W3C User-Agent Client Hints specification]: https://wicg.github.io/ua-client-hints/#sec-ch-ua-platform
+	// [`os.type` and `os.name` attributes]: ./os.md
+	BrowserPlatformKey = attribute.Key("browser.platform")
+)
+
+// BrowserBrands returns an attribute KeyValue conforming to the "browser.brands"
+// semantic conventions. It represents the array of brand name and version
+// separated by a space.
+func BrowserBrands(val ...string) attribute.KeyValue {
+	return BrowserBrandsKey.StringSlice(val)
+}
+
+// BrowserLanguage returns an attribute KeyValue conforming to the
+// "browser.language" semantic conventions. It represents the preferred language
+// of the user using the browser.
+func BrowserLanguage(val string) attribute.KeyValue {
+	return BrowserLanguageKey.String(val)
+}
+
+// BrowserMobile returns an attribute KeyValue conforming to the "browser.mobile"
+// semantic conventions. It represents a boolean that is true if the browser is
+// running on a mobile device.
+func BrowserMobile(val bool) attribute.KeyValue {
+	return BrowserMobileKey.Bool(val)
+}
+
+// BrowserPlatform returns an attribute KeyValue conforming to the
+// "browser.platform" semantic conventions. It represents the platform on which
+// the browser is running.
+func BrowserPlatform(val string) attribute.KeyValue {
+	return BrowserPlatformKey.String(val)
+}
+
+// Namespace: cassandra
+const (
+	// CassandraConsistencyLevelKey is the attribute Key conforming to the
+	// "cassandra.consistency.level" semantic conventions. It represents the
+	// consistency level of the query. Based on consistency values from [CQL].
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	//
+	// [CQL]: https://docs.datastax.com/en/cassandra-oss/3.0/cassandra/dml/dmlConfigConsistency.html
+	CassandraConsistencyLevelKey = attribute.Key("cassandra.consistency.level")
+
+	// CassandraCoordinatorDCKey is the attribute Key conforming to the
+	// "cassandra.coordinator.dc" semantic conventions. It represents the data
+	// center of the coordinating node for a query.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: us-west-2
+	CassandraCoordinatorDCKey = attribute.Key("cassandra.coordinator.dc")
+
+	// CassandraCoordinatorIDKey is the attribute Key conforming to the
+	// "cassandra.coordinator.id" semantic conventions. It represents the ID of the
+	// coordinating node for a query.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: be13faa2-8574-4d71-926d-27f16cf8a7af
+	CassandraCoordinatorIDKey = attribute.Key("cassandra.coordinator.id")
+
+	// CassandraPageSizeKey is the attribute Key conforming to the
+	// "cassandra.page.size" semantic conventions. It represents the fetch size used
+	// for paging, i.e. how many rows will be returned at once.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 5000
+	CassandraPageSizeKey = attribute.Key("cassandra.page.size")
+
+	// CassandraQueryIdempotentKey is the attribute Key conforming to the
+	// "cassandra.query.idempotent" semantic conventions. It represents the whether
+	// or not the query is idempotent.
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	CassandraQueryIdempotentKey = attribute.Key("cassandra.query.idempotent")
+
+	// CassandraSpeculativeExecutionCountKey is the attribute Key conforming to the
+	// "cassandra.speculative_execution.count" semantic conventions. It represents
+	// the number of times a query was speculatively executed. Not set or `0` if the
+	// query was not executed speculatively.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 0, 2
+	CassandraSpeculativeExecutionCountKey = attribute.Key("cassandra.speculative_execution.count")
+)
+
+// CassandraCoordinatorDC returns an attribute KeyValue conforming to the
+// "cassandra.coordinator.dc" semantic conventions. It represents the data center
+// of the coordinating node for a query.
+func CassandraCoordinatorDC(val string) attribute.KeyValue {
+	return CassandraCoordinatorDCKey.String(val)
+}
+
+// CassandraCoordinatorID returns an attribute KeyValue conforming to the
+// "cassandra.coordinator.id" semantic conventions. It represents the ID of the
+// coordinating node for a query.
+func CassandraCoordinatorID(val string) attribute.KeyValue {
+	return CassandraCoordinatorIDKey.String(val)
+}
+
+// CassandraPageSize returns an attribute KeyValue conforming to the
+// "cassandra.page.size" semantic conventions. It represents the fetch size used
+// for paging, i.e. how many rows will be returned at once.
+func CassandraPageSize(val int) attribute.KeyValue {
+	return CassandraPageSizeKey.Int(val)
+}
+
+// CassandraQueryIdempotent returns an attribute KeyValue conforming to the
+// "cassandra.query.idempotent" semantic conventions. It represents the whether
+// or not the query is idempotent.
+func CassandraQueryIdempotent(val bool) attribute.KeyValue {
+	return CassandraQueryIdempotentKey.Bool(val)
+}
+
+// CassandraSpeculativeExecutionCount returns an attribute KeyValue conforming to
+// the "cassandra.speculative_execution.count" semantic conventions. It
+// represents the number of times a query was speculatively executed. Not set or
+// `0` if the query was not executed speculatively.
+func CassandraSpeculativeExecutionCount(val int) attribute.KeyValue {
+	return CassandraSpeculativeExecutionCountKey.Int(val)
+}
+
+// Enum values for cassandra.consistency.level
+var (
+	// all
+	// Stability: development
+	CassandraConsistencyLevelAll = CassandraConsistencyLevelKey.String("all")
+	// each_quorum
+	// Stability: development
+	CassandraConsistencyLevelEachQuorum = CassandraConsistencyLevelKey.String("each_quorum")
+	// quorum
+	// Stability: development
+	CassandraConsistencyLevelQuorum = CassandraConsistencyLevelKey.String("quorum")
+	// local_quorum
+	// Stability: development
+	CassandraConsistencyLevelLocalQuorum = CassandraConsistencyLevelKey.String("local_quorum")
+	// one
+	// Stability: development
+	CassandraConsistencyLevelOne = CassandraConsistencyLevelKey.String("one")
+	// two
+	// Stability: development
+	CassandraConsistencyLevelTwo = CassandraConsistencyLevelKey.String("two")
+	// three
+	// Stability: development
+	CassandraConsistencyLevelThree = CassandraConsistencyLevelKey.String("three")
+	// local_one
+	// Stability: development
+	CassandraConsistencyLevelLocalOne = CassandraConsistencyLevelKey.String("local_one")
+	// any
+	// Stability: development
+	CassandraConsistencyLevelAny = CassandraConsistencyLevelKey.String("any")
+	// serial
+	// Stability: development
+	CassandraConsistencyLevelSerial = CassandraConsistencyLevelKey.String("serial")
+	// local_serial
+	// Stability: development
+	CassandraConsistencyLevelLocalSerial = CassandraConsistencyLevelKey.String("local_serial")
+)
+
+// Namespace: cicd
+const (
+	// CICDPipelineNameKey is the attribute Key conforming to the
+	// "cicd.pipeline.name" semantic conventions. It represents the human readable
+	// name of the pipeline within a CI/CD system.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Build and Test", "Lint", "Deploy Go Project",
+	// "deploy_to_environment"
+	CICDPipelineNameKey = attribute.Key("cicd.pipeline.name")
+
+	// CICDPipelineResultKey is the attribute Key conforming to the
+	// "cicd.pipeline.result" semantic conventions. It represents the result of a
+	// pipeline run.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "success", "failure", "timeout", "skipped"
+	CICDPipelineResultKey = attribute.Key("cicd.pipeline.result")
+
+	// CICDPipelineRunIDKey is the attribute Key conforming to the
+	// "cicd.pipeline.run.id" semantic conventions. It represents the unique
+	// identifier of a pipeline run within a CI/CD system.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "120912"
+	CICDPipelineRunIDKey = attribute.Key("cicd.pipeline.run.id")
+
+	// CICDPipelineRunStateKey is the attribute Key conforming to the
+	// "cicd.pipeline.run.state" semantic conventions. It represents the pipeline
+	// run goes through these states during its lifecycle.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "pending", "executing", "finalizing"
+	CICDPipelineRunStateKey = attribute.Key("cicd.pipeline.run.state")
+
+	// CICDPipelineTaskNameKey is the attribute Key conforming to the
+	// "cicd.pipeline.task.name" semantic conventions. It represents the human
+	// readable name of a task within a pipeline. Task here most closely aligns with
+	// a [computing process] in a pipeline. Other terms for tasks include commands,
+	// steps, and procedures.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Run GoLang Linter", "Go Build", "go-test", "deploy_binary"
+	//
+	// [computing process]: https://wikipedia.org/wiki/Pipeline_(computing)
+	CICDPipelineTaskNameKey = attribute.Key("cicd.pipeline.task.name")
+
+	// CICDPipelineTaskRunIDKey is the attribute Key conforming to the
+	// "cicd.pipeline.task.run.id" semantic conventions. It represents the unique
+	// identifier of a task run within a pipeline.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "12097"
+	CICDPipelineTaskRunIDKey = attribute.Key("cicd.pipeline.task.run.id")
+
+	// CICDPipelineTaskRunURLFullKey is the attribute Key conforming to the
+	// "cicd.pipeline.task.run.url.full" semantic conventions. It represents the
+	// [URL] of the pipeline run providing the complete address in order to locate
+	// and identify the pipeline run.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "https://github.com/open-telemetry/semantic-conventions/actions/runs/9753949763/job/26920038674?pr=1075"
+	//
+	// [URL]: https://wikipedia.org/wiki/URL
+	CICDPipelineTaskRunURLFullKey = attribute.Key("cicd.pipeline.task.run.url.full")
+
+	// CICDPipelineTaskTypeKey is the attribute Key conforming to the
+	// "cicd.pipeline.task.type" semantic conventions. It represents the type of the
+	// task within a pipeline.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "build", "test", "deploy"
+	CICDPipelineTaskTypeKey = attribute.Key("cicd.pipeline.task.type")
+
+	// CICDSystemComponentKey is the attribute Key conforming to the
+	// "cicd.system.component" semantic conventions. It represents the name of a
+	// component of the CICD system.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "controller", "scheduler", "agent"
+	CICDSystemComponentKey = attribute.Key("cicd.system.component")
+
+	// CICDWorkerStateKey is the attribute Key conforming to the "cicd.worker.state"
+	// semantic conventions. It represents the state of a CICD worker / agent.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "idle", "busy", "down"
+	CICDWorkerStateKey = attribute.Key("cicd.worker.state")
+)
+
+// CICDPipelineName returns an attribute KeyValue conforming to the
+// "cicd.pipeline.name" semantic conventions. It represents the human readable
+// name of the pipeline within a CI/CD system.
+func CICDPipelineName(val string) attribute.KeyValue {
+	return CICDPipelineNameKey.String(val)
+}
+
+// CICDPipelineRunID returns an attribute KeyValue conforming to the
+// "cicd.pipeline.run.id" semantic conventions. It represents the unique
+// identifier of a pipeline run within a CI/CD system.
+func CICDPipelineRunID(val string) attribute.KeyValue {
+	return CICDPipelineRunIDKey.String(val)
+}
+
+// CICDPipelineTaskName returns an attribute KeyValue conforming to the
+// "cicd.pipeline.task.name" semantic conventions. It represents the human
+// readable name of a task within a pipeline. Task here most closely aligns with
+// a [computing process] in a pipeline. Other terms for tasks include commands,
+// steps, and procedures.
+//
+// [computing process]: https://wikipedia.org/wiki/Pipeline_(computing)
+func CICDPipelineTaskName(val string) attribute.KeyValue {
+	return CICDPipelineTaskNameKey.String(val)
+}
+
+// CICDPipelineTaskRunID returns an attribute KeyValue conforming to the
+// "cicd.pipeline.task.run.id" semantic conventions. It represents the unique
+// identifier of a task run within a pipeline.
+func CICDPipelineTaskRunID(val string) attribute.KeyValue {
+	return CICDPipelineTaskRunIDKey.String(val)
+}
+
+// CICDPipelineTaskRunURLFull returns an attribute KeyValue conforming to the
+// "cicd.pipeline.task.run.url.full" semantic conventions. It represents the
+// [URL] of the pipeline run providing the complete address in order to locate
+// and identify the pipeline run.
+//
+// [URL]: https://wikipedia.org/wiki/URL
+func CICDPipelineTaskRunURLFull(val string) attribute.KeyValue {
+	return CICDPipelineTaskRunURLFullKey.String(val)
+}
+
+// CICDSystemComponent returns an attribute KeyValue conforming to the
+// "cicd.system.component" semantic conventions. It represents the name of a
+// component of the CICD system.
+func CICDSystemComponent(val string) attribute.KeyValue {
+	return CICDSystemComponentKey.String(val)
+}
+
+// Enum values for cicd.pipeline.result
+var (
+	// The pipeline run finished successfully.
+	// Stability: development
+	CICDPipelineResultSuccess = CICDPipelineResultKey.String("success")
+	// The pipeline run did not finish successfully, eg. due to a compile error or a
+	// failing test. Such failures are usually detected by non-zero exit codes of
+	// the tools executed in the pipeline run.
+	// Stability: development
+	CICDPipelineResultFailure = CICDPipelineResultKey.String("failure")
+	// The pipeline run failed due to an error in the CICD system, eg. due to the
+	// worker being killed.
+	// Stability: development
+	CICDPipelineResultError = CICDPipelineResultKey.String("error")
+	// A timeout caused the pipeline run to be interrupted.
+	// Stability: development
+	CICDPipelineResultTimeout = CICDPipelineResultKey.String("timeout")
+	// The pipeline run was cancelled, eg. by a user manually cancelling the
+	// pipeline run.
+	// Stability: development
+	CICDPipelineResultCancellation = CICDPipelineResultKey.String("cancellation")
+	// The pipeline run was skipped, eg. due to a precondition not being met.
+	// Stability: development
+	CICDPipelineResultSkip = CICDPipelineResultKey.String("skip")
+)
+
+// Enum values for cicd.pipeline.run.state
+var (
+	// The run pending state spans from the event triggering the pipeline run until
+	// the execution of the run starts (eg. time spent in a queue, provisioning
+	// agents, creating run resources).
+	//
+	// Stability: development
+	CICDPipelineRunStatePending = CICDPipelineRunStateKey.String("pending")
+	// The executing state spans the execution of any run tasks (eg. build, test).
+	// Stability: development
+	CICDPipelineRunStateExecuting = CICDPipelineRunStateKey.String("executing")
+	// The finalizing state spans from when the run has finished executing (eg.
+	// cleanup of run resources).
+	// Stability: development
+	CICDPipelineRunStateFinalizing = CICDPipelineRunStateKey.String("finalizing")
+)
+
+// Enum values for cicd.pipeline.task.type
+var (
+	// build
+	// Stability: development
+	CICDPipelineTaskTypeBuild = CICDPipelineTaskTypeKey.String("build")
+	// test
+	// Stability: development
+	CICDPipelineTaskTypeTest = CICDPipelineTaskTypeKey.String("test")
+	// deploy
+	// Stability: development
+	CICDPipelineTaskTypeDeploy = CICDPipelineTaskTypeKey.String("deploy")
+)
+
+// Enum values for cicd.worker.state
+var (
+	// The worker is not performing work for the CICD system. It is available to the
+	// CICD system to perform work on (online / idle).
+	// Stability: development
+	CICDWorkerStateAvailable = CICDWorkerStateKey.String("available")
+	// The worker is performing work for the CICD system.
+	// Stability: development
+	CICDWorkerStateBusy = CICDWorkerStateKey.String("busy")
+	// The worker is not available to the CICD system (disconnected / down).
+	// Stability: development
+	CICDWorkerStateOffline = CICDWorkerStateKey.String("offline")
+)
+
+// Namespace: client
+const (
+	// ClientAddressKey is the attribute Key conforming to the "client.address"
+	// semantic conventions. It represents the client address - domain name if
+	// available without reverse DNS lookup; otherwise, IP address or Unix domain
+	// socket name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "client.example.com", "10.1.2.80", "/tmp/my.sock"
+	// Note: When observed from the server side, and when communicating through an
+	// intermediary, `client.address` SHOULD represent the client address behind any
+	// intermediaries, for example proxies, if it's available.
+	ClientAddressKey = attribute.Key("client.address")
+
+	// ClientPortKey is the attribute Key conforming to the "client.port" semantic
+	// conventions. It represents the client port number.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: 65123
+	// Note: When observed from the server side, and when communicating through an
+	// intermediary, `client.port` SHOULD represent the client port behind any
+	// intermediaries, for example proxies, if it's available.
+	ClientPortKey = attribute.Key("client.port")
+)
+
+// ClientAddress returns an attribute KeyValue conforming to the "client.address"
+// semantic conventions. It represents the client address - domain name if
+// available without reverse DNS lookup; otherwise, IP address or Unix domain
+// socket name.
+func ClientAddress(val string) attribute.KeyValue {
+	return ClientAddressKey.String(val)
+}
+
+// ClientPort returns an attribute KeyValue conforming to the "client.port"
+// semantic conventions. It represents the client port number.
+func ClientPort(val int) attribute.KeyValue {
+	return ClientPortKey.Int(val)
+}
+
+// Namespace: cloud
+const (
+	// CloudAccountIDKey is the attribute Key conforming to the "cloud.account.id"
+	// semantic conventions. It represents the cloud account ID the resource is
+	// assigned to.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "111111111111", "opentelemetry"
+	CloudAccountIDKey = attribute.Key("cloud.account.id")
+
+	// CloudAvailabilityZoneKey is the attribute Key conforming to the
+	// "cloud.availability_zone" semantic conventions. It represents the cloud
+	// regions often have multiple, isolated locations known as zones to increase
+	// availability. Availability zone represents the zone where the resource is
+	// running.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "us-east-1c"
+	// Note: Availability zones are called "zones" on Alibaba Cloud and Google
+	// Cloud.
+	CloudAvailabilityZoneKey = attribute.Key("cloud.availability_zone")
+
+	// CloudPlatformKey is the attribute Key conforming to the "cloud.platform"
+	// semantic conventions. It represents the cloud platform in use.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// Note: The prefix of the service SHOULD match the one specified in
+	// `cloud.provider`.
+	CloudPlatformKey = attribute.Key("cloud.platform")
+
+	// CloudProviderKey is the attribute Key conforming to the "cloud.provider"
+	// semantic conventions. It represents the name of the cloud provider.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	CloudProviderKey = attribute.Key("cloud.provider")
+
+	// CloudRegionKey is the attribute Key conforming to the "cloud.region" semantic
+	// conventions. It represents the geographical region the resource is running.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "us-central1", "us-east-1"
+	// Note: Refer to your provider's docs to see the available regions, for example
+	// [Alibaba Cloud regions], [AWS regions], [Azure regions],
+	// [Google Cloud regions], or [Tencent Cloud regions].
+	//
+	// [Alibaba Cloud regions]: https://www.alibabacloud.com/help/doc-detail/40654.htm
+	// [AWS regions]: https://aws.amazon.com/about-aws/global-infrastructure/regions_az/
+	// [Azure regions]: https://azure.microsoft.com/global-infrastructure/geographies/
+	// [Google Cloud regions]: https://cloud.google.com/about/locations
+	// [Tencent Cloud regions]: https://www.tencentcloud.com/document/product/213/6091
+	CloudRegionKey = attribute.Key("cloud.region")
+
+	// CloudResourceIDKey is the attribute Key conforming to the "cloud.resource_id"
+	// semantic conventions. It represents the cloud provider-specific native
+	// identifier of the monitored cloud resource (e.g. an [ARN] on AWS, a
+	// [fully qualified resource ID] on Azure, a [full resource name] on GCP).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "arn:aws:lambda:REGION:ACCOUNT_ID:function:my-function",
+	// "//run.googleapis.com/projects/PROJECT_ID/locations/LOCATION_ID/services/SERVICE_ID",
+	// "/subscriptions/<SUBSCRIPTION_GUID>/resourceGroups/<RG>
+	// /providers/Microsoft.Web/sites/<FUNCAPP>/functions/<FUNC>"
+	// Note: On some cloud providers, it may not be possible to determine the full
+	// ID at startup,
+	// so it may be necessary to set `cloud.resource_id` as a span attribute
+	// instead.
+	//
+	// The exact value to use for `cloud.resource_id` depends on the cloud provider.
+	// The following well-known definitions MUST be used if you set this attribute
+	// and they apply:
+	//
+	//   - **AWS Lambda:** The function [ARN].
+	//     Take care not to use the "invoked ARN" directly but replace any
+	//     [alias suffix]
+	//     with the resolved function version, as the same runtime instance may be
+	//     invocable with
+	//     multiple different aliases.
+	//   - **GCP:** The [URI of the resource]
+	//   - **Azure:** The [Fully Qualified Resource ID] of the invoked function,
+	//     *not* the function app, having the form
+	//
+	//     `/subscriptions/<SUBSCRIPTION_GUID>/resourceGroups/<RG>/providers/Microsoft.Web/sites/<FUNCAPP>/functions/<FUNC>`
+	//     .
+	//     This means that a span attribute MUST be used, as an Azure function app
+	//     can host multiple functions that would usually share
+	//     a TracerProvider.
+	//
+	//
+	// [ARN]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
+	// [fully qualified resource ID]: https://learn.microsoft.com/rest/api/resources/resources/get-by-id
+	// [full resource name]: https://cloud.google.com/apis/design/resource_names#full_resource_name
+	// [ARN]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
+	// [alias suffix]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-aliases.html
+	// [URI of the resource]: https://cloud.google.com/iam/docs/full-resource-names
+	// [Fully Qualified Resource ID]: https://docs.microsoft.com/rest/api/resources/resources/get-by-id
+	CloudResourceIDKey = attribute.Key("cloud.resource_id")
+)
+
+// CloudAccountID returns an attribute KeyValue conforming to the
+// "cloud.account.id" semantic conventions. It represents the cloud account ID
+// the resource is assigned to.
+func CloudAccountID(val string) attribute.KeyValue {
+	return CloudAccountIDKey.String(val)
+}
+
+// CloudAvailabilityZone returns an attribute KeyValue conforming to the
+// "cloud.availability_zone" semantic conventions. It represents the cloud
+// regions often have multiple, isolated locations known as zones to increase
+// availability. Availability zone represents the zone where the resource is
+// running.
+func CloudAvailabilityZone(val string) attribute.KeyValue {
+	return CloudAvailabilityZoneKey.String(val)
+}
+
+// CloudRegion returns an attribute KeyValue conforming to the "cloud.region"
+// semantic conventions. It represents the geographical region the resource is
+// running.
+func CloudRegion(val string) attribute.KeyValue {
+	return CloudRegionKey.String(val)
+}
+
+// CloudResourceID returns an attribute KeyValue conforming to the
+// "cloud.resource_id" semantic conventions. It represents the cloud
+// provider-specific native identifier of the monitored cloud resource (e.g. an
+// [ARN] on AWS, a [fully qualified resource ID] on Azure, a [full resource name]
+//  on GCP).
+//
+// [ARN]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
+// [fully qualified resource ID]: https://learn.microsoft.com/rest/api/resources/resources/get-by-id
+// [full resource name]: https://cloud.google.com/apis/design/resource_names#full_resource_name
+func CloudResourceID(val string) attribute.KeyValue {
+	return CloudResourceIDKey.String(val)
+}
+
+// Enum values for cloud.platform
+var (
+	// Alibaba Cloud Elastic Compute Service
+	// Stability: development
+	CloudPlatformAlibabaCloudECS = CloudPlatformKey.String("alibaba_cloud_ecs")
+	// Alibaba Cloud Function Compute
+	// Stability: development
+	CloudPlatformAlibabaCloudFc = CloudPlatformKey.String("alibaba_cloud_fc")
+	// Red Hat OpenShift on Alibaba Cloud
+	// Stability: development
+	CloudPlatformAlibabaCloudOpenshift = CloudPlatformKey.String("alibaba_cloud_openshift")
+	// AWS Elastic Compute Cloud
+	// Stability: development
+	CloudPlatformAWSEC2 = CloudPlatformKey.String("aws_ec2")
+	// AWS Elastic Container Service
+	// Stability: development
+	CloudPlatformAWSECS = CloudPlatformKey.String("aws_ecs")
+	// AWS Elastic Kubernetes Service
+	// Stability: development
+	CloudPlatformAWSEKS = CloudPlatformKey.String("aws_eks")
+	// AWS Lambda
+	// Stability: development
+	CloudPlatformAWSLambda = CloudPlatformKey.String("aws_lambda")
+	// AWS Elastic Beanstalk
+	// Stability: development
+	CloudPlatformAWSElasticBeanstalk = CloudPlatformKey.String("aws_elastic_beanstalk")
+	// AWS App Runner
+	// Stability: development
+	CloudPlatformAWSAppRunner = CloudPlatformKey.String("aws_app_runner")
+	// Red Hat OpenShift on AWS (ROSA)
+	// Stability: development
+	CloudPlatformAWSOpenshift = CloudPlatformKey.String("aws_openshift")
+	// Azure Virtual Machines
+	// Stability: development
+	CloudPlatformAzureVM = CloudPlatformKey.String("azure_vm")
+	// Azure Container Apps
+	// Stability: development
+	CloudPlatformAzureContainerApps = CloudPlatformKey.String("azure_container_apps")
+	// Azure Container Instances
+	// Stability: development
+	CloudPlatformAzureContainerInstances = CloudPlatformKey.String("azure_container_instances")
+	// Azure Kubernetes Service
+	// Stability: development
+	CloudPlatformAzureAKS = CloudPlatformKey.String("azure_aks")
+	// Azure Functions
+	// Stability: development
+	CloudPlatformAzureFunctions = CloudPlatformKey.String("azure_functions")
+	// Azure App Service
+	// Stability: development
+	CloudPlatformAzureAppService = CloudPlatformKey.String("azure_app_service")
+	// Azure Red Hat OpenShift
+	// Stability: development
+	CloudPlatformAzureOpenshift = CloudPlatformKey.String("azure_openshift")
+	// Google Bare Metal Solution (BMS)
+	// Stability: development
+	CloudPlatformGCPBareMetalSolution = CloudPlatformKey.String("gcp_bare_metal_solution")
+	// Google Cloud Compute Engine (GCE)
+	// Stability: development
+	CloudPlatformGCPComputeEngine = CloudPlatformKey.String("gcp_compute_engine")
+	// Google Cloud Run
+	// Stability: development
+	CloudPlatformGCPCloudRun = CloudPlatformKey.String("gcp_cloud_run")
+	// Google Cloud Kubernetes Engine (GKE)
+	// Stability: development
+	CloudPlatformGCPKubernetesEngine = CloudPlatformKey.String("gcp_kubernetes_engine")
+	// Google Cloud Functions (GCF)
+	// Stability: development
+	CloudPlatformGCPCloudFunctions = CloudPlatformKey.String("gcp_cloud_functions")
+	// Google Cloud App Engine (GAE)
+	// Stability: development
+	CloudPlatformGCPAppEngine = CloudPlatformKey.String("gcp_app_engine")
+	// Red Hat OpenShift on Google Cloud
+	// Stability: development
+	CloudPlatformGCPOpenshift = CloudPlatformKey.String("gcp_openshift")
+	// Red Hat OpenShift on IBM Cloud
+	// Stability: development
+	CloudPlatformIbmCloudOpenshift = CloudPlatformKey.String("ibm_cloud_openshift")
+	// Compute on Oracle Cloud Infrastructure (OCI)
+	// Stability: development
+	CloudPlatformOracleCloudCompute = CloudPlatformKey.String("oracle_cloud_compute")
+	// Kubernetes Engine (OKE) on Oracle Cloud Infrastructure (OCI)
+	// Stability: development
+	CloudPlatformOracleCloudOke = CloudPlatformKey.String("oracle_cloud_oke")
+	// Tencent Cloud Cloud Virtual Machine (CVM)
+	// Stability: development
+	CloudPlatformTencentCloudCvm = CloudPlatformKey.String("tencent_cloud_cvm")
+	// Tencent Cloud Elastic Kubernetes Service (EKS)
+	// Stability: development
+	CloudPlatformTencentCloudEKS = CloudPlatformKey.String("tencent_cloud_eks")
+	// Tencent Cloud Serverless Cloud Function (SCF)
+	// Stability: development
+	CloudPlatformTencentCloudScf = CloudPlatformKey.String("tencent_cloud_scf")
+)
+
+// Enum values for cloud.provider
+var (
+	// Alibaba Cloud
+	// Stability: development
+	CloudProviderAlibabaCloud = CloudProviderKey.String("alibaba_cloud")
+	// Amazon Web Services
+	// Stability: development
+	CloudProviderAWS = CloudProviderKey.String("aws")
+	// Microsoft Azure
+	// Stability: development
+	CloudProviderAzure = CloudProviderKey.String("azure")
+	// Google Cloud Platform
+	// Stability: development
+	CloudProviderGCP = CloudProviderKey.String("gcp")
+	// Heroku Platform as a Service
+	// Stability: development
+	CloudProviderHeroku = CloudProviderKey.String("heroku")
+	// IBM Cloud
+	// Stability: development
+	CloudProviderIbmCloud = CloudProviderKey.String("ibm_cloud")
+	// Oracle Cloud Infrastructure (OCI)
+	// Stability: development
+	CloudProviderOracleCloud = CloudProviderKey.String("oracle_cloud")
+	// Tencent Cloud
+	// Stability: development
+	CloudProviderTencentCloud = CloudProviderKey.String("tencent_cloud")
+)
+
+// Namespace: cloudevents
+const (
+	// CloudeventsEventIDKey is the attribute Key conforming to the
+	// "cloudevents.event_id" semantic conventions. It represents the [event_id]
+	// uniquely identifies the event.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "123e4567-e89b-12d3-a456-426614174000", "0001"
+	//
+	// [event_id]: https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#id
+	CloudeventsEventIDKey = attribute.Key("cloudevents.event_id")
+
+	// CloudeventsEventSourceKey is the attribute Key conforming to the
+	// "cloudevents.event_source" semantic conventions. It represents the [source]
+	// identifies the context in which an event happened.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "https://github.com/cloudevents", "/cloudevents/spec/pull/123",
+	// "my-service"
+	//
+	// [source]: https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#source-1
+	CloudeventsEventSourceKey = attribute.Key("cloudevents.event_source")
+
+	// CloudeventsEventSpecVersionKey is the attribute Key conforming to the
+	// "cloudevents.event_spec_version" semantic conventions. It represents the
+	// [version of the CloudEvents specification] which the event uses.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1.0
+	//
+	// [version of the CloudEvents specification]: https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#specversion
+	CloudeventsEventSpecVersionKey = attribute.Key("cloudevents.event_spec_version")
+
+	// CloudeventsEventSubjectKey is the attribute Key conforming to the
+	// "cloudevents.event_subject" semantic conventions. It represents the [subject]
+	//  of the event in the context of the event producer (identified by source).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: mynewfile.jpg
+	//
+	// [subject]: https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#subject
+	CloudeventsEventSubjectKey = attribute.Key("cloudevents.event_subject")
+
+	// CloudeventsEventTypeKey is the attribute Key conforming to the
+	// "cloudevents.event_type" semantic conventions. It represents the [event_type]
+	//  contains a value describing the type of event related to the originating
+	// occurrence.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "com.github.pull_request.opened", "com.example.object.deleted.v2"
+	//
+	// [event_type]: https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#type
+	CloudeventsEventTypeKey = attribute.Key("cloudevents.event_type")
+)
+
+// CloudeventsEventID returns an attribute KeyValue conforming to the
+// "cloudevents.event_id" semantic conventions. It represents the [event_id]
+// uniquely identifies the event.
+//
+// [event_id]: https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#id
+func CloudeventsEventID(val string) attribute.KeyValue {
+	return CloudeventsEventIDKey.String(val)
+}
+
+// CloudeventsEventSource returns an attribute KeyValue conforming to the
+// "cloudevents.event_source" semantic conventions. It represents the [source]
+// identifies the context in which an event happened.
+//
+// [source]: https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#source-1
+func CloudeventsEventSource(val string) attribute.KeyValue {
+	return CloudeventsEventSourceKey.String(val)
+}
+
+// CloudeventsEventSpecVersion returns an attribute KeyValue conforming to the
+// "cloudevents.event_spec_version" semantic conventions. It represents the
+// [version of the CloudEvents specification] which the event uses.
+//
+// [version of the CloudEvents specification]: https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#specversion
+func CloudeventsEventSpecVersion(val string) attribute.KeyValue {
+	return CloudeventsEventSpecVersionKey.String(val)
+}
+
+// CloudeventsEventSubject returns an attribute KeyValue conforming to the
+// "cloudevents.event_subject" semantic conventions. It represents the [subject]
+// of the event in the context of the event producer (identified by source).
+//
+// [subject]: https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#subject
+func CloudeventsEventSubject(val string) attribute.KeyValue {
+	return CloudeventsEventSubjectKey.String(val)
+}
+
+// CloudeventsEventType returns an attribute KeyValue conforming to the
+// "cloudevents.event_type" semantic conventions. It represents the [event_type]
+// contains a value describing the type of event related to the originating
+// occurrence.
+//
+// [event_type]: https://github.com/cloudevents/spec/blob/v1.0.2/cloudevents/spec.md#type
+func CloudeventsEventType(val string) attribute.KeyValue {
+	return CloudeventsEventTypeKey.String(val)
+}
+
+// Namespace: cloudfoundry
+const (
+	// CloudfoundryAppIDKey is the attribute Key conforming to the
+	// "cloudfoundry.app.id" semantic conventions. It represents the guid of the
+	// application.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "218fc5a9-a5f1-4b54-aa05-46717d0ab26d"
+	// Note: Application instrumentation should use the value from environment
+	// variable `VCAP_APPLICATION.application_id`. This is the same value as
+	// reported by `cf app <app-name> --guid`.
+	CloudfoundryAppIDKey = attribute.Key("cloudfoundry.app.id")
+
+	// CloudfoundryAppInstanceIDKey is the attribute Key conforming to the
+	// "cloudfoundry.app.instance.id" semantic conventions. It represents the index
+	// of the application instance. 0 when just one instance is active.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "0", "1"
+	// Note: CloudFoundry defines the `instance_id` in the [Loggregator v2 envelope]
+	// .
+	// It is used for logs and metrics emitted by CloudFoundry. It is
+	// supposed to contain the application instance index for applications
+	// deployed on the runtime.
+	//
+	// Application instrumentation should use the value from environment
+	// variable `CF_INSTANCE_INDEX`.
+	//
+	// [Loggregator v2 envelope]: https://github.com/cloudfoundry/loggregator-api#v2-envelope
+	CloudfoundryAppInstanceIDKey = attribute.Key("cloudfoundry.app.instance.id")
+
+	// CloudfoundryAppNameKey is the attribute Key conforming to the
+	// "cloudfoundry.app.name" semantic conventions. It represents the name of the
+	// application.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "my-app-name"
+	// Note: Application instrumentation should use the value from environment
+	// variable `VCAP_APPLICATION.application_name`. This is the same value
+	// as reported by `cf apps`.
+	CloudfoundryAppNameKey = attribute.Key("cloudfoundry.app.name")
+
+	// CloudfoundryOrgIDKey is the attribute Key conforming to the
+	// "cloudfoundry.org.id" semantic conventions. It represents the guid of the
+	// CloudFoundry org the application is running in.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "218fc5a9-a5f1-4b54-aa05-46717d0ab26d"
+	// Note: Application instrumentation should use the value from environment
+	// variable `VCAP_APPLICATION.org_id`. This is the same value as
+	// reported by `cf org <org-name> --guid`.
+	CloudfoundryOrgIDKey = attribute.Key("cloudfoundry.org.id")
+
+	// CloudfoundryOrgNameKey is the attribute Key conforming to the
+	// "cloudfoundry.org.name" semantic conventions. It represents the name of the
+	// CloudFoundry organization the app is running in.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "my-org-name"
+	// Note: Application instrumentation should use the value from environment
+	// variable `VCAP_APPLICATION.org_name`. This is the same value as
+	// reported by `cf orgs`.
+	CloudfoundryOrgNameKey = attribute.Key("cloudfoundry.org.name")
+
+	// CloudfoundryProcessIDKey is the attribute Key conforming to the
+	// "cloudfoundry.process.id" semantic conventions. It represents the UID
+	// identifying the process.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "218fc5a9-a5f1-4b54-aa05-46717d0ab26d"
+	// Note: Application instrumentation should use the value from environment
+	// variable `VCAP_APPLICATION.process_id`. It is supposed to be equal to
+	// `VCAP_APPLICATION.app_id` for applications deployed to the runtime.
+	// For system components, this could be the actual PID.
+	CloudfoundryProcessIDKey = attribute.Key("cloudfoundry.process.id")
+
+	// CloudfoundryProcessTypeKey is the attribute Key conforming to the
+	// "cloudfoundry.process.type" semantic conventions. It represents the type of
+	// process.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "web"
+	// Note: CloudFoundry applications can consist of multiple jobs. Usually the
+	// main process will be of type `web`. There can be additional background
+	// tasks or side-cars with different process types.
+	CloudfoundryProcessTypeKey = attribute.Key("cloudfoundry.process.type")
+
+	// CloudfoundrySpaceIDKey is the attribute Key conforming to the
+	// "cloudfoundry.space.id" semantic conventions. It represents the guid of the
+	// CloudFoundry space the application is running in.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "218fc5a9-a5f1-4b54-aa05-46717d0ab26d"
+	// Note: Application instrumentation should use the value from environment
+	// variable `VCAP_APPLICATION.space_id`. This is the same value as
+	// reported by `cf space <space-name> --guid`.
+	CloudfoundrySpaceIDKey = attribute.Key("cloudfoundry.space.id")
+
+	// CloudfoundrySpaceNameKey is the attribute Key conforming to the
+	// "cloudfoundry.space.name" semantic conventions. It represents the name of the
+	// CloudFoundry space the application is running in.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "my-space-name"
+	// Note: Application instrumentation should use the value from environment
+	// variable `VCAP_APPLICATION.space_name`. This is the same value as
+	// reported by `cf spaces`.
+	CloudfoundrySpaceNameKey = attribute.Key("cloudfoundry.space.name")
+
+	// CloudfoundrySystemIDKey is the attribute Key conforming to the
+	// "cloudfoundry.system.id" semantic conventions. It represents a guid or
+	// another name describing the event source.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "cf/gorouter"
+	// Note: CloudFoundry defines the `source_id` in the [Loggregator v2 envelope].
+	// It is used for logs and metrics emitted by CloudFoundry. It is
+	// supposed to contain the component name, e.g. "gorouter", for
+	// CloudFoundry components.
+	//
+	// When system components are instrumented, values from the
+	// [Bosh spec]
+	// should be used. The `system.id` should be set to
+	// `spec.deployment/spec.name`.
+	//
+	// [Loggregator v2 envelope]: https://github.com/cloudfoundry/loggregator-api#v2-envelope
+	// [Bosh spec]: https://bosh.io/docs/jobs/#properties-spec
+	CloudfoundrySystemIDKey = attribute.Key("cloudfoundry.system.id")
+
+	// CloudfoundrySystemInstanceIDKey is the attribute Key conforming to the
+	// "cloudfoundry.system.instance.id" semantic conventions. It represents a guid
+	// describing the concrete instance of the event source.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "218fc5a9-a5f1-4b54-aa05-46717d0ab26d"
+	// Note: CloudFoundry defines the `instance_id` in the [Loggregator v2 envelope]
+	// .
+	// It is used for logs and metrics emitted by CloudFoundry. It is
+	// supposed to contain the vm id for CloudFoundry components.
+	//
+	// When system components are instrumented, values from the
+	// [Bosh spec]
+	// should be used. The `system.instance.id` should be set to `spec.id`.
+	//
+	// [Loggregator v2 envelope]: https://github.com/cloudfoundry/loggregator-api#v2-envelope
+	// [Bosh spec]: https://bosh.io/docs/jobs/#properties-spec
+	CloudfoundrySystemInstanceIDKey = attribute.Key("cloudfoundry.system.instance.id")
+)
+
+// CloudfoundryAppID returns an attribute KeyValue conforming to the
+// "cloudfoundry.app.id" semantic conventions. It represents the guid of the
+// application.
+func CloudfoundryAppID(val string) attribute.KeyValue {
+	return CloudfoundryAppIDKey.String(val)
+}
+
+// CloudfoundryAppInstanceID returns an attribute KeyValue conforming to the
+// "cloudfoundry.app.instance.id" semantic conventions. It represents the index
+// of the application instance. 0 when just one instance is active.
+func CloudfoundryAppInstanceID(val string) attribute.KeyValue {
+	return CloudfoundryAppInstanceIDKey.String(val)
+}
+
+// CloudfoundryAppName returns an attribute KeyValue conforming to the
+// "cloudfoundry.app.name" semantic conventions. It represents the name of the
+// application.
+func CloudfoundryAppName(val string) attribute.KeyValue {
+	return CloudfoundryAppNameKey.String(val)
+}
+
+// CloudfoundryOrgID returns an attribute KeyValue conforming to the
+// "cloudfoundry.org.id" semantic conventions. It represents the guid of the
+// CloudFoundry org the application is running in.
+func CloudfoundryOrgID(val string) attribute.KeyValue {
+	return CloudfoundryOrgIDKey.String(val)
+}
+
+// CloudfoundryOrgName returns an attribute KeyValue conforming to the
+// "cloudfoundry.org.name" semantic conventions. It represents the name of the
+// CloudFoundry organization the app is running in.
+func CloudfoundryOrgName(val string) attribute.KeyValue {
+	return CloudfoundryOrgNameKey.String(val)
+}
+
+// CloudfoundryProcessID returns an attribute KeyValue conforming to the
+// "cloudfoundry.process.id" semantic conventions. It represents the UID
+// identifying the process.
+func CloudfoundryProcessID(val string) attribute.KeyValue {
+	return CloudfoundryProcessIDKey.String(val)
+}
+
+// CloudfoundryProcessType returns an attribute KeyValue conforming to the
+// "cloudfoundry.process.type" semantic conventions. It represents the type of
+// process.
+func CloudfoundryProcessType(val string) attribute.KeyValue {
+	return CloudfoundryProcessTypeKey.String(val)
+}
+
+// CloudfoundrySpaceID returns an attribute KeyValue conforming to the
+// "cloudfoundry.space.id" semantic conventions. It represents the guid of the
+// CloudFoundry space the application is running in.
+func CloudfoundrySpaceID(val string) attribute.KeyValue {
+	return CloudfoundrySpaceIDKey.String(val)
+}
+
+// CloudfoundrySpaceName returns an attribute KeyValue conforming to the
+// "cloudfoundry.space.name" semantic conventions. It represents the name of the
+// CloudFoundry space the application is running in.
+func CloudfoundrySpaceName(val string) attribute.KeyValue {
+	return CloudfoundrySpaceNameKey.String(val)
+}
+
+// CloudfoundrySystemID returns an attribute KeyValue conforming to the
+// "cloudfoundry.system.id" semantic conventions. It represents a guid or another
+// name describing the event source.
+func CloudfoundrySystemID(val string) attribute.KeyValue {
+	return CloudfoundrySystemIDKey.String(val)
+}
+
+// CloudfoundrySystemInstanceID returns an attribute KeyValue conforming to the
+// "cloudfoundry.system.instance.id" semantic conventions. It represents a guid
+// describing the concrete instance of the event source.
+func CloudfoundrySystemInstanceID(val string) attribute.KeyValue {
+	return CloudfoundrySystemInstanceIDKey.String(val)
+}
+
+// Namespace: code
+const (
+	// CodeColumnNumberKey is the attribute Key conforming to the
+	// "code.column.number" semantic conventions. It represents the column number in
+	// `code.file.path` best representing the operation. It SHOULD point within the
+	// code unit named in `code.function.name`.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	CodeColumnNumberKey = attribute.Key("code.column.number")
+
+	// CodeFilePathKey is the attribute Key conforming to the "code.file.path"
+	// semantic conventions. It represents the source code file name that identifies
+	// the code unit as uniquely as possible (preferably an absolute file path).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: /usr/local/MyApplication/content_root/app/index.php
+	CodeFilePathKey = attribute.Key("code.file.path")
+
+	// CodeFilepathKey is the attribute Key conforming to the "code.filepath"
+	// semantic conventions. It represents the deprecated, use `code.file.path`
+	// instead.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: /usr/local/MyApplication/content_root/app/index.php
+	CodeFilepathKey = attribute.Key("code.filepath")
+
+	// CodeFunctionNameKey is the attribute Key conforming to the
+	// "code.function.name" semantic conventions. It represents the method or
+	// function name, or equivalent (usually rightmost part of the code unit's
+	// name).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: serveRequest
+	CodeFunctionNameKey = attribute.Key("code.function.name")
+
+	// CodeLineNumberKey is the attribute Key conforming to the "code.line.number"
+	// semantic conventions. It represents the line number in `code.file.path` best
+	// representing the operation. It SHOULD point within the code unit named in
+	// `code.function.name`.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	CodeLineNumberKey = attribute.Key("code.line.number")
+
+	// CodeNamespaceKey is the attribute Key conforming to the "code.namespace"
+	// semantic conventions. It represents the "namespace" within which
+	// `code.function.name` is defined. Usually the qualified class or module name,
+	// such that `code.namespace` + some separator + `code.function.name` form a
+	// unique identifier for the code unit.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: com.example.MyHttpService
+	CodeNamespaceKey = attribute.Key("code.namespace")
+
+	// CodeStacktraceKey is the attribute Key conforming to the "code.stacktrace"
+	// semantic conventions. It represents a stacktrace as a string in the natural
+	// representation for the language runtime. The representation is to be
+	// determined and documented by each language SIG.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: at com.example.GenerateTrace.methodB(GenerateTrace.java:13)\n at
+	// com.example.GenerateTrace.methodA(GenerateTrace.java:9)\n at
+	// com.example.GenerateTrace.main(GenerateTrace.java:5)
+	CodeStacktraceKey = attribute.Key("code.stacktrace")
+)
+
+// CodeColumnNumber returns an attribute KeyValue conforming to the
+// "code.column.number" semantic conventions. It represents the column number in
+// `code.file.path` best representing the operation. It SHOULD point within the
+// code unit named in `code.function.name`.
+func CodeColumnNumber(val int) attribute.KeyValue {
+	return CodeColumnNumberKey.Int(val)
+}
+
+// CodeFilePath returns an attribute KeyValue conforming to the "code.file.path"
+// semantic conventions. It represents the source code file name that identifies
+// the code unit as uniquely as possible (preferably an absolute file path).
+func CodeFilePath(val string) attribute.KeyValue {
+	return CodeFilePathKey.String(val)
+}
+
+// CodeFilepath returns an attribute KeyValue conforming to the "code.filepath"
+// semantic conventions. It represents the deprecated, use `code.file.path`
+// instead.
+func CodeFilepath(val string) attribute.KeyValue {
+	return CodeFilepathKey.String(val)
+}
+
+// CodeFunctionName returns an attribute KeyValue conforming to the
+// "code.function.name" semantic conventions. It represents the method or
+// function name, or equivalent (usually rightmost part of the code unit's name).
+func CodeFunctionName(val string) attribute.KeyValue {
+	return CodeFunctionNameKey.String(val)
+}
+
+// CodeLineNumber returns an attribute KeyValue conforming to the
+// "code.line.number" semantic conventions. It represents the line number in
+// `code.file.path` best representing the operation. It SHOULD point within the
+// code unit named in `code.function.name`.
+func CodeLineNumber(val int) attribute.KeyValue {
+	return CodeLineNumberKey.Int(val)
+}
+
+// CodeNamespace returns an attribute KeyValue conforming to the "code.namespace"
+// semantic conventions. It represents the "namespace" within which
+// `code.function.name` is defined. Usually the qualified class or module name,
+// such that `code.namespace` + some separator + `code.function.name` form a
+// unique identifier for the code unit.
+func CodeNamespace(val string) attribute.KeyValue {
+	return CodeNamespaceKey.String(val)
+}
+
+// CodeStacktrace returns an attribute KeyValue conforming to the
+// "code.stacktrace" semantic conventions. It represents a stacktrace as a string
+// in the natural representation for the language runtime. The representation is
+// to be determined and documented by each language SIG.
+func CodeStacktrace(val string) attribute.KeyValue {
+	return CodeStacktraceKey.String(val)
+}
+
+// Namespace: container
+const (
+	// ContainerCommandKey is the attribute Key conforming to the
+	// "container.command" semantic conventions. It represents the command used to
+	// run the container (i.e. the command name).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "otelcontribcol"
+	// Note: If using embedded credentials or sensitive data, it is recommended to
+	// remove them to prevent potential leakage.
+	ContainerCommandKey = attribute.Key("container.command")
+
+	// ContainerCommandArgsKey is the attribute Key conforming to the
+	// "container.command_args" semantic conventions. It represents the all the
+	// command arguments (including the command/executable itself) run by the
+	// container.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "otelcontribcol", "--config", "config.yaml"
+	ContainerCommandArgsKey = attribute.Key("container.command_args")
+
+	// ContainerCommandLineKey is the attribute Key conforming to the
+	// "container.command_line" semantic conventions. It represents the full command
+	// run by the container as a single string representing the full command.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "otelcontribcol --config config.yaml"
+	ContainerCommandLineKey = attribute.Key("container.command_line")
+
+	// ContainerCsiPluginNameKey is the attribute Key conforming to the
+	// "container.csi.plugin.name" semantic conventions. It represents the name of
+	// the CSI ([Container Storage Interface]) plugin used by the volume.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "pd.csi.storage.gke.io"
+	// Note: This can sometimes be referred to as a "driver" in CSI implementations.
+	// This should represent the `name` field of the GetPluginInfo RPC.
+	//
+	// [Container Storage Interface]: https://github.com/container-storage-interface/spec
+	ContainerCsiPluginNameKey = attribute.Key("container.csi.plugin.name")
+
+	// ContainerCsiVolumeIDKey is the attribute Key conforming to the
+	// "container.csi.volume.id" semantic conventions. It represents the unique
+	// volume ID returned by the CSI ([Container Storage Interface]) plugin.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "projects/my-gcp-project/zones/my-gcp-zone/disks/my-gcp-disk"
+	// Note: This can sometimes be referred to as a "volume handle" in CSI
+	// implementations. This should represent the `Volume.volume_id` field in CSI
+	// spec.
+	//
+	// [Container Storage Interface]: https://github.com/container-storage-interface/spec
+	ContainerCsiVolumeIDKey = attribute.Key("container.csi.volume.id")
+
+	// ContainerIDKey is the attribute Key conforming to the "container.id" semantic
+	// conventions. It represents the container ID. Usually a UUID, as for example
+	// used to [identify Docker containers]. The UUID might be abbreviated.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "a3bf90e006b2"
+	//
+	// [identify Docker containers]: https://docs.docker.com/engine/containers/run/#container-identification
+	ContainerIDKey = attribute.Key("container.id")
+
+	// ContainerImageIDKey is the attribute Key conforming to the
+	// "container.image.id" semantic conventions. It represents the runtime specific
+	// image identifier. Usually a hash algorithm followed by a UUID.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "sha256:19c92d0a00d1b66d897bceaa7319bee0dd38a10a851c60bcec9474aa3f01e50f"
+	// Note: Docker defines a sha256 of the image id; `container.image.id`
+	// corresponds to the `Image` field from the Docker container inspect [API]
+	// endpoint.
+	// K8s defines a link to the container registry repository with digest
+	// `"imageID": "registry.azurecr.io /namespace/service/dockerfile@sha256:bdeabd40c3a8a492eaf9e8e44d0ebbb84bac7ee25ac0cf8a7159d25f62555625"`
+	// .
+	// The ID is assigned by the container runtime and can vary in different
+	// environments. Consider using `oci.manifest.digest` if it is important to
+	// identify the same image in different environments/runtimes.
+	//
+	// [API]: https://docs.docker.com/engine/api/v1.43/#tag/Container/operation/ContainerInspect
+	ContainerImageIDKey = attribute.Key("container.image.id")
+
+	// ContainerImageNameKey is the attribute Key conforming to the
+	// "container.image.name" semantic conventions. It represents the name of the
+	// image the container was built on.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "gcr.io/opentelemetry/operator"
+	ContainerImageNameKey = attribute.Key("container.image.name")
+
+	// ContainerImageRepoDigestsKey is the attribute Key conforming to the
+	// "container.image.repo_digests" semantic conventions. It represents the repo
+	// digests of the container image as provided by the container runtime.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "example@sha256:afcc7f1ac1b49db317a7196c902e61c6c3c4607d63599ee1a82d702d249a0ccb",
+	// "internal.registry.example.com:5000/example@sha256:b69959407d21e8a062e0416bf13405bb2b71ed7a84dde4158ebafacfa06f5578"
+	// Note: [Docker] and [CRI] report those under the `RepoDigests` field.
+	//
+	// [Docker]: https://docs.docker.com/engine/api/v1.43/#tag/Image/operation/ImageInspect
+	// [CRI]: https://github.com/kubernetes/cri-api/blob/c75ef5b473bbe2d0a4fc92f82235efd665ea8e9f/pkg/apis/runtime/v1/api.proto#L1237-L1238
+	ContainerImageRepoDigestsKey = attribute.Key("container.image.repo_digests")
+
+	// ContainerImageTagsKey is the attribute Key conforming to the
+	// "container.image.tags" semantic conventions. It represents the container
+	// image tags. An example can be found in [Docker Image Inspect]. Should be only
+	// the `<tag>` section of the full name for example from
+	// `registry.example.com/my-org/my-image:<tag>`.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "v1.27.1", "3.5.7-0"
+	//
+	// [Docker Image Inspect]: https://docs.docker.com/engine/api/v1.43/#tag/Image/operation/ImageInspect
+	ContainerImageTagsKey = attribute.Key("container.image.tags")
+
+	// ContainerNameKey is the attribute Key conforming to the "container.name"
+	// semantic conventions. It represents the container name used by container
+	// runtime.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry-autoconf"
+	ContainerNameKey = attribute.Key("container.name")
+
+	// ContainerRuntimeKey is the attribute Key conforming to the
+	// "container.runtime" semantic conventions. It represents the container runtime
+	// managing this container.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "docker", "containerd", "rkt"
+	ContainerRuntimeKey = attribute.Key("container.runtime")
+)
+
+// ContainerCommand returns an attribute KeyValue conforming to the
+// "container.command" semantic conventions. It represents the command used to
+// run the container (i.e. the command name).
+func ContainerCommand(val string) attribute.KeyValue {
+	return ContainerCommandKey.String(val)
+}
+
+// ContainerCommandArgs returns an attribute KeyValue conforming to the
+// "container.command_args" semantic conventions. It represents the all the
+// command arguments (including the command/executable itself) run by the
+// container.
+func ContainerCommandArgs(val ...string) attribute.KeyValue {
+	return ContainerCommandArgsKey.StringSlice(val)
+}
+
+// ContainerCommandLine returns an attribute KeyValue conforming to the
+// "container.command_line" semantic conventions. It represents the full command
+// run by the container as a single string representing the full command.
+func ContainerCommandLine(val string) attribute.KeyValue {
+	return ContainerCommandLineKey.String(val)
+}
+
+// ContainerCsiPluginName returns an attribute KeyValue conforming to the
+// "container.csi.plugin.name" semantic conventions. It represents the name of
+// the CSI ([Container Storage Interface]) plugin used by the volume.
+//
+// [Container Storage Interface]: https://github.com/container-storage-interface/spec
+func ContainerCsiPluginName(val string) attribute.KeyValue {
+	return ContainerCsiPluginNameKey.String(val)
+}
+
+// ContainerCsiVolumeID returns an attribute KeyValue conforming to the
+// "container.csi.volume.id" semantic conventions. It represents the unique
+// volume ID returned by the CSI ([Container Storage Interface]) plugin.
+//
+// [Container Storage Interface]: https://github.com/container-storage-interface/spec
+func ContainerCsiVolumeID(val string) attribute.KeyValue {
+	return ContainerCsiVolumeIDKey.String(val)
+}
+
+// ContainerID returns an attribute KeyValue conforming to the "container.id"
+// semantic conventions. It represents the container ID. Usually a UUID, as for
+// example used to [identify Docker containers]. The UUID might be abbreviated.
+//
+// [identify Docker containers]: https://docs.docker.com/engine/containers/run/#container-identification
+func ContainerID(val string) attribute.KeyValue {
+	return ContainerIDKey.String(val)
+}
+
+// ContainerImageID returns an attribute KeyValue conforming to the
+// "container.image.id" semantic conventions. It represents the runtime specific
+// image identifier. Usually a hash algorithm followed by a UUID.
+func ContainerImageID(val string) attribute.KeyValue {
+	return ContainerImageIDKey.String(val)
+}
+
+// ContainerImageName returns an attribute KeyValue conforming to the
+// "container.image.name" semantic conventions. It represents the name of the
+// image the container was built on.
+func ContainerImageName(val string) attribute.KeyValue {
+	return ContainerImageNameKey.String(val)
+}
+
+// ContainerImageRepoDigests returns an attribute KeyValue conforming to the
+// "container.image.repo_digests" semantic conventions. It represents the repo
+// digests of the container image as provided by the container runtime.
+func ContainerImageRepoDigests(val ...string) attribute.KeyValue {
+	return ContainerImageRepoDigestsKey.StringSlice(val)
+}
+
+// ContainerImageTags returns an attribute KeyValue conforming to the
+// "container.image.tags" semantic conventions. It represents the container image
+// tags. An example can be found in [Docker Image Inspect]. Should be only the
+// `<tag>` section of the full name for example from
+// `registry.example.com/my-org/my-image:<tag>`.
+//
+// [Docker Image Inspect]: https://docs.docker.com/engine/api/v1.43/#tag/Image/operation/ImageInspect
+func ContainerImageTags(val ...string) attribute.KeyValue {
+	return ContainerImageTagsKey.StringSlice(val)
+}
+
+// ContainerName returns an attribute KeyValue conforming to the "container.name"
+// semantic conventions. It represents the container name used by container
+// runtime.
+func ContainerName(val string) attribute.KeyValue {
+	return ContainerNameKey.String(val)
+}
+
+// ContainerRuntime returns an attribute KeyValue conforming to the
+// "container.runtime" semantic conventions. It represents the container runtime
+// managing this container.
+func ContainerRuntime(val string) attribute.KeyValue {
+	return ContainerRuntimeKey.String(val)
+}
+
+// Namespace: cpu
+const (
+	// CPUModeKey is the attribute Key conforming to the "cpu.mode" semantic
+	// conventions. It represents the mode of the CPU.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "user", "system"
+	CPUModeKey = attribute.Key("cpu.mode")
+)
+
+// Enum values for cpu.mode
+var (
+	// user
+	// Stability: development
+	CPUModeUser = CPUModeKey.String("user")
+	// system
+	// Stability: development
+	CPUModeSystem = CPUModeKey.String("system")
+	// nice
+	// Stability: development
+	CPUModeNice = CPUModeKey.String("nice")
+	// idle
+	// Stability: development
+	CPUModeIdle = CPUModeKey.String("idle")
+	// iowait
+	// Stability: development
+	CPUModeIowait = CPUModeKey.String("iowait")
+	// interrupt
+	// Stability: development
+	CPUModeInterrupt = CPUModeKey.String("interrupt")
+	// steal
+	// Stability: development
+	CPUModeSteal = CPUModeKey.String("steal")
+	// kernel
+	// Stability: development
+	CPUModeKernel = CPUModeKey.String("kernel")
+)
+
+// Namespace: db
+const (
+	// DBClientConnectionPoolNameKey is the attribute Key conforming to the
+	// "db.client.connection.pool.name" semantic conventions. It represents the name
+	// of the connection pool; unique within the instrumented application. In case
+	// the connection pool implementation doesn't provide a name, instrumentation
+	// SHOULD use a combination of parameters that would make the name unique, for
+	// example, combining attributes `server.address`, `server.port`, and
+	// `db.namespace`, formatted as `server.address:server.port/db.namespace`.
+	// Instrumentations that generate connection pool name following different
+	// patterns SHOULD document it.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "myDataSource"
+	DBClientConnectionPoolNameKey = attribute.Key("db.client.connection.pool.name")
+
+	// DBClientConnectionStateKey is the attribute Key conforming to the
+	// "db.client.connection.state" semantic conventions. It represents the state of
+	// a connection in the pool.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "idle"
+	DBClientConnectionStateKey = attribute.Key("db.client.connection.state")
+
+	// DBCollectionNameKey is the attribute Key conforming to the
+	// "db.collection.name" semantic conventions. It represents the name of a
+	// collection (table, container) within the database.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Release_Candidate
+	//
+	// Examples: "public.users", "customers"
+	// Note: It is RECOMMENDED to capture the value as provided by the application
+	// without attempting to do any case normalization.
+	//
+	// The collection name SHOULD NOT be extracted from `db.query.text`,
+	// unless the query format is known to only ever have a single collection name
+	// present.
+	//
+	// For batch operations, if the individual operations are known to have the same
+	// collection name
+	// then that collection name SHOULD be used.
+	DBCollectionNameKey = attribute.Key("db.collection.name")
+
+	// DBNamespaceKey is the attribute Key conforming to the "db.namespace" semantic
+	// conventions. It represents the name of the database, fully qualified within
+	// the server address and port.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Release_Candidate
+	//
+	// Examples: "customers", "test.users"
+	// Note: If a database system has multiple namespace components, they SHOULD be
+	// concatenated (potentially using database system specific conventions) from
+	// most general to most specific namespace component, and more specific
+	// namespaces SHOULD NOT be captured without the more general namespaces, to
+	// ensure that "startswith" queries for the more general namespaces will be
+	// valid.
+	// Semantic conventions for individual database systems SHOULD document what
+	// `db.namespace` means in the context of that system.
+	// It is RECOMMENDED to capture the value as provided by the application without
+	// attempting to do any case normalization.
+	DBNamespaceKey = attribute.Key("db.namespace")
+
+	// DBOperationBatchSizeKey is the attribute Key conforming to the
+	// "db.operation.batch.size" semantic conventions. It represents the number of
+	// queries included in a batch operation.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Release_Candidate
+	//
+	// Examples: 2, 3, 4
+	// Note: Operations are only considered batches when they contain two or more
+	// operations, and so `db.operation.batch.size` SHOULD never be `1`.
+	DBOperationBatchSizeKey = attribute.Key("db.operation.batch.size")
+
+	// DBOperationNameKey is the attribute Key conforming to the "db.operation.name"
+	// semantic conventions. It represents the name of the operation or command
+	// being executed.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Release_Candidate
+	//
+	// Examples: "findAndModify", "HMSET", "SELECT"
+	// Note: It is RECOMMENDED to capture the value as provided by the application
+	// without attempting to do any case normalization.
+	//
+	// The operation name SHOULD NOT be extracted from `db.query.text`,
+	// unless the query format is known to only ever have a single operation name
+	// present.
+	//
+	// For batch operations, if the individual operations are known to have the same
+	// operation name
+	// then that operation name SHOULD be used prepended by `BATCH `,
+	// otherwise `db.operation.name` SHOULD be `BATCH` or some other database
+	// system specific term if more applicable.
+	DBOperationNameKey = attribute.Key("db.operation.name")
+
+	// DBQuerySummaryKey is the attribute Key conforming to the "db.query.summary"
+	// semantic conventions. It represents the low cardinality representation of a
+	// database query text.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Release_Candidate
+	//
+	// Examples: "SELECT wuser_table", "INSERT shipping_details SELECT orders", "get
+	// user by id"
+	// Note: `db.query.summary` provides static summary of the query text. It
+	// describes a class of database queries and is useful as a grouping key,
+	// especially when analyzing telemetry for database calls involving complex
+	// queries.
+	// Summary may be available to the instrumentation through instrumentation hooks
+	// or other means. If it is not available, instrumentations that support query
+	// parsing SHOULD generate a summary following [Generating query summary]
+	// section.
+	//
+	// [Generating query summary]: ../../docs/database/database-spans.md#generating-a-summary-of-the-query-text
+	DBQuerySummaryKey = attribute.Key("db.query.summary")
+
+	// DBQueryTextKey is the attribute Key conforming to the "db.query.text"
+	// semantic conventions. It represents the database query being executed.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Release_Candidate
+	//
+	// Examples: "SELECT * FROM wuser_table where username = ?", "SET mykey ?"
+	// Note: For sanitization see [Sanitization of `db.query.text`].
+	// For batch operations, if the individual operations are known to have the same
+	// query text then that query text SHOULD be used, otherwise all of the
+	// individual query texts SHOULD be concatenated with separator `; ` or some
+	// other database system specific separator if more applicable.
+	// Even though parameterized query text can potentially have sensitive data, by
+	// using a parameterized query the user is giving a strong signal that any
+	// sensitive data will be passed as parameter values, and the benefit to
+	// observability of capturing the static part of the query text by default
+	// outweighs the risk.
+	//
+	// [Sanitization of `db.query.text`]: ../../docs/database/database-spans.md#sanitization-of-dbquerytext
+	DBQueryTextKey = attribute.Key("db.query.text")
+
+	// DBResponseReturnedRowsKey is the attribute Key conforming to the
+	// "db.response.returned_rows" semantic conventions. It represents the number of
+	// rows returned by the operation.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 10, 30, 1000
+	DBResponseReturnedRowsKey = attribute.Key("db.response.returned_rows")
+
+	// DBResponseStatusCodeKey is the attribute Key conforming to the
+	// "db.response.status_code" semantic conventions. It represents the database
+	// response status code.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Release_Candidate
+	//
+	// Examples: "102", "ORA-17002", "08P01", "404"
+	// Note: The status code returned by the database. Usually it represents an
+	// error code, but may also represent partial success, warning, or differentiate
+	// between various types of successful outcomes.
+	// Semantic conventions for individual database systems SHOULD document what
+	// `db.response.status_code` means in the context of that system.
+	DBResponseStatusCodeKey = attribute.Key("db.response.status_code")
+
+	// DBSystemNameKey is the attribute Key conforming to the "db.system.name"
+	// semantic conventions. It represents the database management system (DBMS)
+	// product as identified by the client instrumentation.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Release_Candidate
+	//
+	// Examples:
+	// Note: The actual DBMS may differ from the one identified by the client. For
+	// example, when using PostgreSQL client libraries to connect to a CockroachDB,
+	// the `db.system.name` is set to `postgresql` based on the instrumentation's
+	// best knowledge.
+	DBSystemNameKey = attribute.Key("db.system.name")
+)
+
+// DBClientConnectionPoolName returns an attribute KeyValue conforming to the
+// "db.client.connection.pool.name" semantic conventions. It represents the name
+// of the connection pool; unique within the instrumented application. In case
+// the connection pool implementation doesn't provide a name, instrumentation
+// SHOULD use a combination of parameters that would make the name unique, for
+// example, combining attributes `server.address`, `server.port`, and
+// `db.namespace`, formatted as `server.address:server.port/db.namespace`.
+// Instrumentations that generate connection pool name following different
+// patterns SHOULD document it.
+func DBClientConnectionPoolName(val string) attribute.KeyValue {
+	return DBClientConnectionPoolNameKey.String(val)
+}
+
+// DBCollectionName returns an attribute KeyValue conforming to the
+// "db.collection.name" semantic conventions. It represents the name of a
+// collection (table, container) within the database.
+func DBCollectionName(val string) attribute.KeyValue {
+	return DBCollectionNameKey.String(val)
+}
+
+// DBNamespace returns an attribute KeyValue conforming to the "db.namespace"
+// semantic conventions. It represents the name of the database, fully qualified
+// within the server address and port.
+func DBNamespace(val string) attribute.KeyValue {
+	return DBNamespaceKey.String(val)
+}
+
+// DBOperationBatchSize returns an attribute KeyValue conforming to the
+// "db.operation.batch.size" semantic conventions. It represents the number of
+// queries included in a batch operation.
+func DBOperationBatchSize(val int) attribute.KeyValue {
+	return DBOperationBatchSizeKey.Int(val)
+}
+
+// DBOperationName returns an attribute KeyValue conforming to the
+// "db.operation.name" semantic conventions. It represents the name of the
+// operation or command being executed.
+func DBOperationName(val string) attribute.KeyValue {
+	return DBOperationNameKey.String(val)
+}
+
+// DBQuerySummary returns an attribute KeyValue conforming to the
+// "db.query.summary" semantic conventions. It represents the low cardinality
+// representation of a database query text.
+func DBQuerySummary(val string) attribute.KeyValue {
+	return DBQuerySummaryKey.String(val)
+}
+
+// DBQueryText returns an attribute KeyValue conforming to the "db.query.text"
+// semantic conventions. It represents the database query being executed.
+func DBQueryText(val string) attribute.KeyValue {
+	return DBQueryTextKey.String(val)
+}
+
+// DBResponseReturnedRows returns an attribute KeyValue conforming to the
+// "db.response.returned_rows" semantic conventions. It represents the number of
+// rows returned by the operation.
+func DBResponseReturnedRows(val int) attribute.KeyValue {
+	return DBResponseReturnedRowsKey.Int(val)
+}
+
+// DBResponseStatusCode returns an attribute KeyValue conforming to the
+// "db.response.status_code" semantic conventions. It represents the database
+// response status code.
+func DBResponseStatusCode(val string) attribute.KeyValue {
+	return DBResponseStatusCodeKey.String(val)
+}
+
+// Enum values for db.client.connection.state
+var (
+	// idle
+	// Stability: development
+	DBClientConnectionStateIdle = DBClientConnectionStateKey.String("idle")
+	// used
+	// Stability: development
+	DBClientConnectionStateUsed = DBClientConnectionStateKey.String("used")
+)
+
+// Enum values for db.system.name
+var (
+	// Some other SQL database. Fallback only.
+	// Stability: development
+	DBSystemNameOtherSQL = DBSystemNameKey.String("other_sql")
+	// [Adabas (Adaptable Database System)]
+	// Stability: development
+	//
+	// [Adabas (Adaptable Database System)]: https://documentation.softwareag.com/?pf=adabas
+	DBSystemNameSoftwareagAdabas = DBSystemNameKey.String("softwareag.adabas")
+	// [Actian Ingres]
+	// Stability: development
+	//
+	// [Actian Ingres]: https://www.actian.com/databases/ingres/
+	DBSystemNameActianIngres = DBSystemNameKey.String("actian.ingres")
+	// [Amazon DynamoDB]
+	// Stability: development
+	//
+	// [Amazon DynamoDB]: https://aws.amazon.com/pm/dynamodb/
+	DBSystemNameAWSDynamoDB = DBSystemNameKey.String("aws.dynamodb")
+	// [Amazon Redshift]
+	// Stability: development
+	//
+	// [Amazon Redshift]: https://aws.amazon.com/redshift/
+	DBSystemNameAWSRedshift = DBSystemNameKey.String("aws.redshift")
+	// [Azure Cosmos DB]
+	// Stability: development
+	//
+	// [Azure Cosmos DB]: https://learn.microsoft.com/azure/cosmos-db
+	DBSystemNameAzureCosmosDB = DBSystemNameKey.String("azure.cosmosdb")
+	// [InterSystems Caché]
+	// Stability: development
+	//
+	// [InterSystems Caché]: https://www.intersystems.com/products/cache/
+	DBSystemNameIntersystemsCache = DBSystemNameKey.String("intersystems.cache")
+	// [Apache Cassandra]
+	// Stability: development
+	//
+	// [Apache Cassandra]: https://cassandra.apache.org/
+	DBSystemNameCassandra = DBSystemNameKey.String("cassandra")
+	// [ClickHouse]
+	// Stability: development
+	//
+	// [ClickHouse]: https://clickhouse.com/
+	DBSystemNameClickhouse = DBSystemNameKey.String("clickhouse")
+	// [CockroachDB]
+	// Stability: development
+	//
+	// [CockroachDB]: https://www.cockroachlabs.com/
+	DBSystemNameCockroachdb = DBSystemNameKey.String("cockroachdb")
+	// [Couchbase]
+	// Stability: development
+	//
+	// [Couchbase]: https://www.couchbase.com/
+	DBSystemNameCouchbase = DBSystemNameKey.String("couchbase")
+	// [Apache CouchDB]
+	// Stability: development
+	//
+	// [Apache CouchDB]: https://couchdb.apache.org/
+	DBSystemNameCouchDB = DBSystemNameKey.String("couchdb")
+	// [Apache Derby]
+	// Stability: development
+	//
+	// [Apache Derby]: https://db.apache.org/derby/
+	DBSystemNameDerby = DBSystemNameKey.String("derby")
+	// [Elasticsearch]
+	// Stability: development
+	//
+	// [Elasticsearch]: https://www.elastic.co/elasticsearch
+	DBSystemNameElasticsearch = DBSystemNameKey.String("elasticsearch")
+	// [Firebird]
+	// Stability: development
+	//
+	// [Firebird]: https://www.firebirdsql.org/
+	DBSystemNameFirebirdsql = DBSystemNameKey.String("firebirdsql")
+	// [Google Cloud Spanner]
+	// Stability: development
+	//
+	// [Google Cloud Spanner]: https://cloud.google.com/spanner
+	DBSystemNameGCPSpanner = DBSystemNameKey.String("gcp.spanner")
+	// [Apache Geode]
+	// Stability: development
+	//
+	// [Apache Geode]: https://geode.apache.org/
+	DBSystemNameGeode = DBSystemNameKey.String("geode")
+	// [H2 Database]
+	// Stability: development
+	//
+	// [H2 Database]: https://h2database.com/
+	DBSystemNameH2database = DBSystemNameKey.String("h2database")
+	// [Apache HBase]
+	// Stability: development
+	//
+	// [Apache HBase]: https://hbase.apache.org/
+	DBSystemNameHBase = DBSystemNameKey.String("hbase")
+	// [Apache Hive]
+	// Stability: development
+	//
+	// [Apache Hive]: https://hive.apache.org/
+	DBSystemNameHive = DBSystemNameKey.String("hive")
+	// [HyperSQL Database]
+	// Stability: development
+	//
+	// [HyperSQL Database]: https://hsqldb.org/
+	DBSystemNameHSQLDB = DBSystemNameKey.String("hsqldb")
+	// [IBM Db2]
+	// Stability: development
+	//
+	// [IBM Db2]: https://www.ibm.com/db2
+	DBSystemNameIbmDb2 = DBSystemNameKey.String("ibm.db2")
+	// [IBM Informix]
+	// Stability: development
+	//
+	// [IBM Informix]: https://www.ibm.com/products/informix
+	DBSystemNameIbmInformix = DBSystemNameKey.String("ibm.informix")
+	// [IBM Netezza]
+	// Stability: development
+	//
+	// [IBM Netezza]: https://www.ibm.com/products/netezza
+	DBSystemNameIbmNetezza = DBSystemNameKey.String("ibm.netezza")
+	// [InfluxDB]
+	// Stability: development
+	//
+	// [InfluxDB]: https://www.influxdata.com/
+	DBSystemNameInfluxdb = DBSystemNameKey.String("influxdb")
+	// [Instant]
+	// Stability: development
+	//
+	// [Instant]: https://www.instantdb.com/
+	DBSystemNameInstantDB = DBSystemNameKey.String("instantdb")
+	// [MariaDB]
+	// Stability: release_candidate
+	//
+	// [MariaDB]: https://mariadb.org/
+	DBSystemNameMariaDB = DBSystemNameKey.String("mariadb")
+	// [Memcached]
+	// Stability: development
+	//
+	// [Memcached]: https://memcached.org/
+	DBSystemNameMemcached = DBSystemNameKey.String("memcached")
+	// [MongoDB]
+	// Stability: development
+	//
+	// [MongoDB]: https://www.mongodb.com/
+	DBSystemNameMongoDB = DBSystemNameKey.String("mongodb")
+	// [Microsoft SQL Server]
+	// Stability: release_candidate
+	//
+	// [Microsoft SQL Server]: https://www.microsoft.com/sql-server
+	DBSystemNameMicrosoftSQLServer = DBSystemNameKey.String("microsoft.sql_server")
+	// [MySQL]
+	// Stability: release_candidate
+	//
+	// [MySQL]: https://www.mysql.com/
+	DBSystemNameMySQL = DBSystemNameKey.String("mysql")
+	// [Neo4j]
+	// Stability: development
+	//
+	// [Neo4j]: https://neo4j.com/
+	DBSystemNameNeo4j = DBSystemNameKey.String("neo4j")
+	// [OpenSearch]
+	// Stability: development
+	//
+	// [OpenSearch]: https://opensearch.org/
+	DBSystemNameOpensearch = DBSystemNameKey.String("opensearch")
+	// [Oracle Database]
+	// Stability: development
+	//
+	// [Oracle Database]: https://www.oracle.com/database/
+	DBSystemNameOracleDB = DBSystemNameKey.String("oracle.db")
+	// [PostgreSQL]
+	// Stability: release_candidate
+	//
+	// [PostgreSQL]: https://www.postgresql.org/
+	DBSystemNamePostgreSQL = DBSystemNameKey.String("postgresql")
+	// [Redis]
+	// Stability: development
+	//
+	// [Redis]: https://redis.io/
+	DBSystemNameRedis = DBSystemNameKey.String("redis")
+	// [SAP HANA]
+	// Stability: development
+	//
+	// [SAP HANA]: https://www.sap.com/products/technology-platform/hana/what-is-sap-hana.html
+	DBSystemNameSapHana = DBSystemNameKey.String("sap.hana")
+	// [SAP MaxDB]
+	// Stability: development
+	//
+	// [SAP MaxDB]: https://maxdb.sap.com/
+	DBSystemNameSapMaxDB = DBSystemNameKey.String("sap.maxdb")
+	// [SQLite]
+	// Stability: development
+	//
+	// [SQLite]: https://www.sqlite.org/
+	DBSystemNameSqlite = DBSystemNameKey.String("sqlite")
+	// [Teradata]
+	// Stability: development
+	//
+	// [Teradata]: https://www.teradata.com/
+	DBSystemNameTeradata = DBSystemNameKey.String("teradata")
+	// [Trino]
+	// Stability: development
+	//
+	// [Trino]: https://trino.io/
+	DBSystemNameTrino = DBSystemNameKey.String("trino")
+)
+
+// Namespace: deployment
+const (
+	// DeploymentEnvironmentNameKey is the attribute Key conforming to the
+	// "deployment.environment.name" semantic conventions. It represents the name of
+	// the [deployment environment] (aka deployment tier).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "staging", "production"
+	// Note: `deployment.environment.name` does not affect the uniqueness
+	// constraints defined through
+	// the `service.namespace`, `service.name` and `service.instance.id` resource
+	// attributes.
+	// This implies that resources carrying the following attribute combinations
+	// MUST be
+	// considered to be identifying the same service:
+	//
+	//   - `service.name=frontend`, `deployment.environment.name=production`
+	//   - `service.name=frontend`, `deployment.environment.name=staging`.
+	//
+	//
+	// [deployment environment]: https://wikipedia.org/wiki/Deployment_environment
+	DeploymentEnvironmentNameKey = attribute.Key("deployment.environment.name")
+
+	// DeploymentIDKey is the attribute Key conforming to the "deployment.id"
+	// semantic conventions. It represents the id of the deployment.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1208"
+	DeploymentIDKey = attribute.Key("deployment.id")
+
+	// DeploymentNameKey is the attribute Key conforming to the "deployment.name"
+	// semantic conventions. It represents the name of the deployment.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "deploy my app", "deploy-frontend"
+	DeploymentNameKey = attribute.Key("deployment.name")
+
+	// DeploymentStatusKey is the attribute Key conforming to the
+	// "deployment.status" semantic conventions. It represents the status of the
+	// deployment.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	DeploymentStatusKey = attribute.Key("deployment.status")
+)
+
+// DeploymentEnvironmentName returns an attribute KeyValue conforming to the
+// "deployment.environment.name" semantic conventions. It represents the name of
+// the [deployment environment] (aka deployment tier).
+//
+// [deployment environment]: https://wikipedia.org/wiki/Deployment_environment
+func DeploymentEnvironmentName(val string) attribute.KeyValue {
+	return DeploymentEnvironmentNameKey.String(val)
+}
+
+// DeploymentID returns an attribute KeyValue conforming to the "deployment.id"
+// semantic conventions. It represents the id of the deployment.
+func DeploymentID(val string) attribute.KeyValue {
+	return DeploymentIDKey.String(val)
+}
+
+// DeploymentName returns an attribute KeyValue conforming to the
+// "deployment.name" semantic conventions. It represents the name of the
+// deployment.
+func DeploymentName(val string) attribute.KeyValue {
+	return DeploymentNameKey.String(val)
+}
+
+// Enum values for deployment.status
+var (
+	// failed
+	// Stability: development
+	DeploymentStatusFailed = DeploymentStatusKey.String("failed")
+	// succeeded
+	// Stability: development
+	DeploymentStatusSucceeded = DeploymentStatusKey.String("succeeded")
+)
+
+// Namespace: destination
+const (
+	// DestinationAddressKey is the attribute Key conforming to the
+	// "destination.address" semantic conventions. It represents the destination
+	// address - domain name if available without reverse DNS lookup; otherwise, IP
+	// address or Unix domain socket name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "destination.example.com", "10.1.2.80", "/tmp/my.sock"
+	// Note: When observed from the source side, and when communicating through an
+	// intermediary, `destination.address` SHOULD represent the destination address
+	// behind any intermediaries, for example proxies, if it's available.
+	DestinationAddressKey = attribute.Key("destination.address")
+
+	// DestinationPortKey is the attribute Key conforming to the "destination.port"
+	// semantic conventions. It represents the destination port number.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 3389, 2888
+	DestinationPortKey = attribute.Key("destination.port")
+)
+
+// DestinationAddress returns an attribute KeyValue conforming to the
+// "destination.address" semantic conventions. It represents the destination
+// address - domain name if available without reverse DNS lookup; otherwise, IP
+// address or Unix domain socket name.
+func DestinationAddress(val string) attribute.KeyValue {
+	return DestinationAddressKey.String(val)
+}
+
+// DestinationPort returns an attribute KeyValue conforming to the
+// "destination.port" semantic conventions. It represents the destination port
+// number.
+func DestinationPort(val int) attribute.KeyValue {
+	return DestinationPortKey.Int(val)
+}
+
+// Namespace: device
+const (
+	// DeviceIDKey is the attribute Key conforming to the "device.id" semantic
+	// conventions. It represents a unique identifier representing the device.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2ab2916d-a51f-4ac8-80ee-45ac31a28092"
+	// Note: The device identifier MUST only be defined using the values outlined
+	// below. This value is not an advertising identifier and MUST NOT be used as
+	// such. On iOS (Swift or Objective-C), this value MUST be equal to the
+	// [vendor identifier]. On Android (Java or Kotlin), this value MUST be equal to
+	// the Firebase Installation ID or a globally unique UUID which is persisted
+	// across sessions in your application. More information can be found [here] on
+	// best practices and exact implementation details. Caution should be taken when
+	// storing personal data or anything which can identify a user. GDPR and data
+	// protection laws may apply, ensure you do your own due diligence.
+	//
+	// [vendor identifier]: https://developer.apple.com/documentation/uikit/uidevice/1620059-identifierforvendor
+	// [here]: https://developer.android.com/training/articles/user-data-ids
+	DeviceIDKey = attribute.Key("device.id")
+
+	// DeviceManufacturerKey is the attribute Key conforming to the
+	// "device.manufacturer" semantic conventions. It represents the name of the
+	// device manufacturer.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Apple", "Samsung"
+	// Note: The Android OS provides this field via [Build]. iOS apps SHOULD
+	// hardcode the value `Apple`.
+	//
+	// [Build]: https://developer.android.com/reference/android/os/Build#MANUFACTURER
+	DeviceManufacturerKey = attribute.Key("device.manufacturer")
+
+	// DeviceModelIdentifierKey is the attribute Key conforming to the
+	// "device.model.identifier" semantic conventions. It represents the model
+	// identifier for the device.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "iPhone3,4", "SM-G920F"
+	// Note: It's recommended this value represents a machine-readable version of
+	// the model identifier rather than the market or consumer-friendly name of the
+	// device.
+	DeviceModelIdentifierKey = attribute.Key("device.model.identifier")
+
+	// DeviceModelNameKey is the attribute Key conforming to the "device.model.name"
+	// semantic conventions. It represents the marketing name for the device model.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "iPhone 6s Plus", "Samsung Galaxy S6"
+	// Note: It's recommended this value represents a human-readable version of the
+	// device model rather than a machine-readable alternative.
+	DeviceModelNameKey = attribute.Key("device.model.name")
+)
+
+// DeviceID returns an attribute KeyValue conforming to the "device.id" semantic
+// conventions. It represents a unique identifier representing the device.
+func DeviceID(val string) attribute.KeyValue {
+	return DeviceIDKey.String(val)
+}
+
+// DeviceManufacturer returns an attribute KeyValue conforming to the
+// "device.manufacturer" semantic conventions. It represents the name of the
+// device manufacturer.
+func DeviceManufacturer(val string) attribute.KeyValue {
+	return DeviceManufacturerKey.String(val)
+}
+
+// DeviceModelIdentifier returns an attribute KeyValue conforming to the
+// "device.model.identifier" semantic conventions. It represents the model
+// identifier for the device.
+func DeviceModelIdentifier(val string) attribute.KeyValue {
+	return DeviceModelIdentifierKey.String(val)
+}
+
+// DeviceModelName returns an attribute KeyValue conforming to the
+// "device.model.name" semantic conventions. It represents the marketing name for
+// the device model.
+func DeviceModelName(val string) attribute.KeyValue {
+	return DeviceModelNameKey.String(val)
+}
+
+// Namespace: disk
+const (
+	// DiskIoDirectionKey is the attribute Key conforming to the "disk.io.direction"
+	// semantic conventions. It represents the disk IO operation direction.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "read"
+	DiskIoDirectionKey = attribute.Key("disk.io.direction")
+)
+
+// Enum values for disk.io.direction
+var (
+	// read
+	// Stability: development
+	DiskIoDirectionRead = DiskIoDirectionKey.String("read")
+	// write
+	// Stability: development
+	DiskIoDirectionWrite = DiskIoDirectionKey.String("write")
+)
+
+// Namespace: dns
+const (
+	// DNSQuestionNameKey is the attribute Key conforming to the "dns.question.name"
+	// semantic conventions. It represents the name being queried.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "www.example.com", "opentelemetry.io"
+	// Note: If the name field contains non-printable characters (below 32 or above
+	// 126), those characters should be represented as escaped base 10 integers
+	// (\DDD). Back slashes and quotes should be escaped. Tabs, carriage returns,
+	// and line feeds should be converted to \t, \r, and \n respectively.
+	DNSQuestionNameKey = attribute.Key("dns.question.name")
+)
+
+// DNSQuestionName returns an attribute KeyValue conforming to the
+// "dns.question.name" semantic conventions. It represents the name being
+// queried.
+func DNSQuestionName(val string) attribute.KeyValue {
+	return DNSQuestionNameKey.String(val)
+}
+
+// Namespace: elasticsearch
+const (
+	// ElasticsearchNodeNameKey is the attribute Key conforming to the
+	// "elasticsearch.node.name" semantic conventions. It represents the represents
+	// the human-readable identifier of the node/instance to which a request was
+	// routed.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "instance-0000000001"
+	ElasticsearchNodeNameKey = attribute.Key("elasticsearch.node.name")
+)
+
+// ElasticsearchNodeName returns an attribute KeyValue conforming to the
+// "elasticsearch.node.name" semantic conventions. It represents the represents
+// the human-readable identifier of the node/instance to which a request was
+// routed.
+func ElasticsearchNodeName(val string) attribute.KeyValue {
+	return ElasticsearchNodeNameKey.String(val)
+}
+
+// Namespace: error
+const (
+	// ErrorTypeKey is the attribute Key conforming to the "error.type" semantic
+	// conventions. It represents the describes a class of error the operation ended
+	// with.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "timeout", "java.net.UnknownHostException",
+	// "server_certificate_invalid", "500"
+	// Note: The `error.type` SHOULD be predictable, and SHOULD have low
+	// cardinality.
+	//
+	// When `error.type` is set to a type (e.g., an exception type), its
+	// canonical class name identifying the type within the artifact SHOULD be used.
+	//
+	// Instrumentations SHOULD document the list of errors they report.
+	//
+	// The cardinality of `error.type` within one instrumentation library SHOULD be
+	// low.
+	// Telemetry consumers that aggregate data from multiple instrumentation
+	// libraries and applications
+	// should be prepared for `error.type` to have high cardinality at query time
+	// when no
+	// additional filters are applied.
+	//
+	// If the operation has completed successfully, instrumentations SHOULD NOT set
+	// `error.type`.
+	//
+	// If a specific domain defines its own set of error identifiers (such as HTTP
+	// or gRPC status codes),
+	// it's RECOMMENDED to:
+	//
+	//   - Use a domain-specific attribute
+	//   - Set `error.type` to capture all errors, regardless of whether they are
+	//     defined within the domain-specific set or not.
+	ErrorTypeKey = attribute.Key("error.type")
+)
+
+// Enum values for error.type
+var (
+	// A fallback error value to be used when the instrumentation doesn't define a
+	// custom value.
+	//
+	// Stability: stable
+	ErrorTypeOther = ErrorTypeKey.String("_OTHER")
+)
+
+// Namespace: exception
+const (
+	// ExceptionMessageKey is the attribute Key conforming to the
+	// "exception.message" semantic conventions. It represents the exception
+	// message.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "Division by zero", "Can't convert 'int' object to str implicitly"
+	ExceptionMessageKey = attribute.Key("exception.message")
+
+	// ExceptionStacktraceKey is the attribute Key conforming to the
+	// "exception.stacktrace" semantic conventions. It represents a stacktrace as a
+	// string in the natural representation for the language runtime. The
+	// representation is to be determined and documented by each language SIG.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: Exception in thread "main" java.lang.RuntimeException: Test
+	// exception\n at com.example.GenerateTrace.methodB(GenerateTrace.java:13)\n at
+	// com.example.GenerateTrace.methodA(GenerateTrace.java:9)\n at
+	// com.example.GenerateTrace.main(GenerateTrace.java:5)
+	ExceptionStacktraceKey = attribute.Key("exception.stacktrace")
+
+	// ExceptionTypeKey is the attribute Key conforming to the "exception.type"
+	// semantic conventions. It represents the type of the exception (its
+	// fully-qualified class name, if applicable). The dynamic type of the exception
+	// should be preferred over the static type in languages that support it.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "java.net.ConnectException", "OSError"
+	ExceptionTypeKey = attribute.Key("exception.type")
+)
+
+// ExceptionMessage returns an attribute KeyValue conforming to the
+// "exception.message" semantic conventions. It represents the exception message.
+func ExceptionMessage(val string) attribute.KeyValue {
+	return ExceptionMessageKey.String(val)
+}
+
+// ExceptionStacktrace returns an attribute KeyValue conforming to the
+// "exception.stacktrace" semantic conventions. It represents a stacktrace as a
+// string in the natural representation for the language runtime. The
+// representation is to be determined and documented by each language SIG.
+func ExceptionStacktrace(val string) attribute.KeyValue {
+	return ExceptionStacktraceKey.String(val)
+}
+
+// ExceptionType returns an attribute KeyValue conforming to the "exception.type"
+// semantic conventions. It represents the type of the exception (its
+// fully-qualified class name, if applicable). The dynamic type of the exception
+// should be preferred over the static type in languages that support it.
+func ExceptionType(val string) attribute.KeyValue {
+	return ExceptionTypeKey.String(val)
+}
+
+// Namespace: faas
+const (
+	// FaaSColdstartKey is the attribute Key conforming to the "faas.coldstart"
+	// semantic conventions. It represents a boolean that is true if the serverless
+	// function is executed for the first time (aka cold-start).
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	FaaSColdstartKey = attribute.Key("faas.coldstart")
+
+	// FaaSCronKey is the attribute Key conforming to the "faas.cron" semantic
+	// conventions. It represents a string containing the schedule period as
+	// [Cron Expression].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 0/5 * * * ? *
+	//
+	// [Cron Expression]: https://docs.oracle.com/cd/E12058_01/doc/doc.1014/e12030/cron_expressions.htm
+	FaaSCronKey = attribute.Key("faas.cron")
+
+	// FaaSDocumentCollectionKey is the attribute Key conforming to the
+	// "faas.document.collection" semantic conventions. It represents the name of
+	// the source on which the triggering operation was performed. For example, in
+	// Cloud Storage or S3 corresponds to the bucket name, and in Cosmos DB to the
+	// database name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "myBucketName", "myDbName"
+	FaaSDocumentCollectionKey = attribute.Key("faas.document.collection")
+
+	// FaaSDocumentNameKey is the attribute Key conforming to the
+	// "faas.document.name" semantic conventions. It represents the document
+	// name/table subjected to the operation. For example, in Cloud Storage or S3 is
+	// the name of the file, and in Cosmos DB the table name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "myFile.txt", "myTableName"
+	FaaSDocumentNameKey = attribute.Key("faas.document.name")
+
+	// FaaSDocumentOperationKey is the attribute Key conforming to the
+	// "faas.document.operation" semantic conventions. It represents the describes
+	// the type of the operation that was performed on the data.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	FaaSDocumentOperationKey = attribute.Key("faas.document.operation")
+
+	// FaaSDocumentTimeKey is the attribute Key conforming to the
+	// "faas.document.time" semantic conventions. It represents a string containing
+	// the time when the data was accessed in the [ISO 8601] format expressed in
+	// [UTC].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 2020-01-23T13:47:06Z
+	//
+	// [ISO 8601]: https://www.iso.org/iso-8601-date-and-time-format.html
+	// [UTC]: https://www.w3.org/TR/NOTE-datetime
+	FaaSDocumentTimeKey = attribute.Key("faas.document.time")
+
+	// FaaSInstanceKey is the attribute Key conforming to the "faas.instance"
+	// semantic conventions. It represents the execution environment ID as a string,
+	// that will be potentially reused for other invocations to the same
+	// function/function version.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2021/06/28/[$LATEST]2f399eb14537447da05ab2a2e39309de"
+	// Note: - **AWS Lambda:** Use the (full) log stream name.
+	FaaSInstanceKey = attribute.Key("faas.instance")
+
+	// FaaSInvocationIDKey is the attribute Key conforming to the
+	// "faas.invocation_id" semantic conventions. It represents the invocation ID of
+	// the current function invocation.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: af9d5aa4-a685-4c5f-a22b-444f80b3cc28
+	FaaSInvocationIDKey = attribute.Key("faas.invocation_id")
+
+	// FaaSInvokedNameKey is the attribute Key conforming to the "faas.invoked_name"
+	// semantic conventions. It represents the name of the invoked function.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: my-function
+	// Note: SHOULD be equal to the `faas.name` resource attribute of the invoked
+	// function.
+	FaaSInvokedNameKey = attribute.Key("faas.invoked_name")
+
+	// FaaSInvokedProviderKey is the attribute Key conforming to the
+	// "faas.invoked_provider" semantic conventions. It represents the cloud
+	// provider of the invoked function.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// Note: SHOULD be equal to the `cloud.provider` resource attribute of the
+	// invoked function.
+	FaaSInvokedProviderKey = attribute.Key("faas.invoked_provider")
+
+	// FaaSInvokedRegionKey is the attribute Key conforming to the
+	// "faas.invoked_region" semantic conventions. It represents the cloud region of
+	// the invoked function.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: eu-central-1
+	// Note: SHOULD be equal to the `cloud.region` resource attribute of the invoked
+	// function.
+	FaaSInvokedRegionKey = attribute.Key("faas.invoked_region")
+
+	// FaaSMaxMemoryKey is the attribute Key conforming to the "faas.max_memory"
+	// semantic conventions. It represents the amount of memory available to the
+	// serverless function converted to Bytes.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Note: It's recommended to set this attribute since e.g. too little memory can
+	// easily stop a Java AWS Lambda function from working correctly. On AWS Lambda,
+	// the environment variable `AWS_LAMBDA_FUNCTION_MEMORY_SIZE` provides this
+	// information (which must be multiplied by 1,048,576).
+	FaaSMaxMemoryKey = attribute.Key("faas.max_memory")
+
+	// FaaSNameKey is the attribute Key conforming to the "faas.name" semantic
+	// conventions. It represents the name of the single function that this runtime
+	// instance executes.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "my-function", "myazurefunctionapp/some-function-name"
+	// Note: This is the name of the function as configured/deployed on the FaaS
+	// platform and is usually different from the name of the callback
+	// function (which may be stored in the
+	// [`code.namespace`/`code.function.name`]
+	// span attributes).
+	//
+	// For some cloud providers, the above definition is ambiguous. The following
+	// definition of function name MUST be used for this attribute
+	// (and consequently the span name) for the listed cloud providers/products:
+	//
+	//   - **Azure:** The full name `<FUNCAPP>/<FUNC>`, i.e., function app name
+	//     followed by a forward slash followed by the function name (this form
+	//     can also be seen in the resource JSON for the function).
+	//     This means that a span attribute MUST be used, as an Azure function
+	//     app can host multiple functions that would usually share
+	//     a TracerProvider (see also the `cloud.resource_id` attribute).
+	//
+	//
+	// [`code.namespace`/`code.function.name`]: /docs/general/attributes.md#source-code-attributes
+	FaaSNameKey = attribute.Key("faas.name")
+
+	// FaaSTimeKey is the attribute Key conforming to the "faas.time" semantic
+	// conventions. It represents a string containing the function invocation time
+	// in the [ISO 8601] format expressed in [UTC].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 2020-01-23T13:47:06Z
+	//
+	// [ISO 8601]: https://www.iso.org/iso-8601-date-and-time-format.html
+	// [UTC]: https://www.w3.org/TR/NOTE-datetime
+	FaaSTimeKey = attribute.Key("faas.time")
+
+	// FaaSTriggerKey is the attribute Key conforming to the "faas.trigger" semantic
+	// conventions. It represents the type of the trigger which caused this function
+	// invocation.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	FaaSTriggerKey = attribute.Key("faas.trigger")
+
+	// FaaSVersionKey is the attribute Key conforming to the "faas.version" semantic
+	// conventions. It represents the immutable version of the function being
+	// executed.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "26", "pinkfroid-00002"
+	// Note: Depending on the cloud provider and platform, use:
+	//
+	//   - **AWS Lambda:** The [function version]
+	//     (an integer represented as a decimal string).
+	//   - **Google Cloud Run (Services):** The [revision]
+	//     (i.e., the function name plus the revision suffix).
+	//   - **Google Cloud Functions:** The value of the
+	//     [`K_REVISION` environment variable].
+	//   - **Azure Functions:** Not applicable. Do not set this attribute.
+	//
+	//
+	// [function version]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html
+	// [revision]: https://cloud.google.com/run/docs/managing/revisions
+	// [`K_REVISION` environment variable]: https://cloud.google.com/functions/docs/env-var#runtime_environment_variables_set_automatically
+	FaaSVersionKey = attribute.Key("faas.version")
+)
+
+// FaaSColdstart returns an attribute KeyValue conforming to the "faas.coldstart"
+// semantic conventions. It represents a boolean that is true if the serverless
+// function is executed for the first time (aka cold-start).
+func FaaSColdstart(val bool) attribute.KeyValue {
+	return FaaSColdstartKey.Bool(val)
+}
+
+// FaaSCron returns an attribute KeyValue conforming to the "faas.cron" semantic
+// conventions. It represents a string containing the schedule period as
+// [Cron Expression].
+//
+// [Cron Expression]: https://docs.oracle.com/cd/E12058_01/doc/doc.1014/e12030/cron_expressions.htm
+func FaaSCron(val string) attribute.KeyValue {
+	return FaaSCronKey.String(val)
+}
+
+// FaaSDocumentCollection returns an attribute KeyValue conforming to the
+// "faas.document.collection" semantic conventions. It represents the name of the
+// source on which the triggering operation was performed. For example, in Cloud
+// Storage or S3 corresponds to the bucket name, and in Cosmos DB to the database
+// name.
+func FaaSDocumentCollection(val string) attribute.KeyValue {
+	return FaaSDocumentCollectionKey.String(val)
+}
+
+// FaaSDocumentName returns an attribute KeyValue conforming to the
+// "faas.document.name" semantic conventions. It represents the document
+// name/table subjected to the operation. For example, in Cloud Storage or S3 is
+// the name of the file, and in Cosmos DB the table name.
+func FaaSDocumentName(val string) attribute.KeyValue {
+	return FaaSDocumentNameKey.String(val)
+}
+
+// FaaSDocumentTime returns an attribute KeyValue conforming to the
+// "faas.document.time" semantic conventions. It represents a string containing
+// the time when the data was accessed in the [ISO 8601] format expressed in
+// [UTC].
+//
+// [ISO 8601]: https://www.iso.org/iso-8601-date-and-time-format.html
+// [UTC]: https://www.w3.org/TR/NOTE-datetime
+func FaaSDocumentTime(val string) attribute.KeyValue {
+	return FaaSDocumentTimeKey.String(val)
+}
+
+// FaaSInstance returns an attribute KeyValue conforming to the "faas.instance"
+// semantic conventions. It represents the execution environment ID as a string,
+// that will be potentially reused for other invocations to the same
+// function/function version.
+func FaaSInstance(val string) attribute.KeyValue {
+	return FaaSInstanceKey.String(val)
+}
+
+// FaaSInvocationID returns an attribute KeyValue conforming to the
+// "faas.invocation_id" semantic conventions. It represents the invocation ID of
+// the current function invocation.
+func FaaSInvocationID(val string) attribute.KeyValue {
+	return FaaSInvocationIDKey.String(val)
+}
+
+// FaaSInvokedName returns an attribute KeyValue conforming to the
+// "faas.invoked_name" semantic conventions. It represents the name of the
+// invoked function.
+func FaaSInvokedName(val string) attribute.KeyValue {
+	return FaaSInvokedNameKey.String(val)
+}
+
+// FaaSInvokedRegion returns an attribute KeyValue conforming to the
+// "faas.invoked_region" semantic conventions. It represents the cloud region of
+// the invoked function.
+func FaaSInvokedRegion(val string) attribute.KeyValue {
+	return FaaSInvokedRegionKey.String(val)
+}
+
+// FaaSMaxMemory returns an attribute KeyValue conforming to the
+// "faas.max_memory" semantic conventions. It represents the amount of memory
+// available to the serverless function converted to Bytes.
+func FaaSMaxMemory(val int) attribute.KeyValue {
+	return FaaSMaxMemoryKey.Int(val)
+}
+
+// FaaSName returns an attribute KeyValue conforming to the "faas.name" semantic
+// conventions. It represents the name of the single function that this runtime
+// instance executes.
+func FaaSName(val string) attribute.KeyValue {
+	return FaaSNameKey.String(val)
+}
+
+// FaaSTime returns an attribute KeyValue conforming to the "faas.time" semantic
+// conventions. It represents a string containing the function invocation time in
+// the [ISO 8601] format expressed in [UTC].
+//
+// [ISO 8601]: https://www.iso.org/iso-8601-date-and-time-format.html
+// [UTC]: https://www.w3.org/TR/NOTE-datetime
+func FaaSTime(val string) attribute.KeyValue {
+	return FaaSTimeKey.String(val)
+}
+
+// FaaSVersion returns an attribute KeyValue conforming to the "faas.version"
+// semantic conventions. It represents the immutable version of the function
+// being executed.
+func FaaSVersion(val string) attribute.KeyValue {
+	return FaaSVersionKey.String(val)
+}
+
+// Enum values for faas.document.operation
+var (
+	// When a new object is created.
+	// Stability: development
+	FaaSDocumentOperationInsert = FaaSDocumentOperationKey.String("insert")
+	// When an object is modified.
+	// Stability: development
+	FaaSDocumentOperationEdit = FaaSDocumentOperationKey.String("edit")
+	// When an object is deleted.
+	// Stability: development
+	FaaSDocumentOperationDelete = FaaSDocumentOperationKey.String("delete")
+)
+
+// Enum values for faas.invoked_provider
+var (
+	// Alibaba Cloud
+	// Stability: development
+	FaaSInvokedProviderAlibabaCloud = FaaSInvokedProviderKey.String("alibaba_cloud")
+	// Amazon Web Services
+	// Stability: development
+	FaaSInvokedProviderAWS = FaaSInvokedProviderKey.String("aws")
+	// Microsoft Azure
+	// Stability: development
+	FaaSInvokedProviderAzure = FaaSInvokedProviderKey.String("azure")
+	// Google Cloud Platform
+	// Stability: development
+	FaaSInvokedProviderGCP = FaaSInvokedProviderKey.String("gcp")
+	// Tencent Cloud
+	// Stability: development
+	FaaSInvokedProviderTencentCloud = FaaSInvokedProviderKey.String("tencent_cloud")
+)
+
+// Enum values for faas.trigger
+var (
+	// A response to some data source operation such as a database or filesystem
+	// read/write
+	// Stability: development
+	FaaSTriggerDatasource = FaaSTriggerKey.String("datasource")
+	// To provide an answer to an inbound HTTP request
+	// Stability: development
+	FaaSTriggerHTTP = FaaSTriggerKey.String("http")
+	// A function is set to be executed when messages are sent to a messaging system
+	// Stability: development
+	FaaSTriggerPubsub = FaaSTriggerKey.String("pubsub")
+	// A function is scheduled to be executed regularly
+	// Stability: development
+	FaaSTriggerTimer = FaaSTriggerKey.String("timer")
+	// If none of the others apply
+	// Stability: development
+	FaaSTriggerOther = FaaSTriggerKey.String("other")
+)
+
+// Namespace: feature_flag
+const (
+	// FeatureFlagContextIDKey is the attribute Key conforming to the
+	// "feature_flag.context.id" semantic conventions. It represents the unique
+	// identifier for the flag evaluation context. For example, the targeting key.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "5157782b-2203-4c80-a857-dbbd5e7761db"
+	FeatureFlagContextIDKey = attribute.Key("feature_flag.context.id")
+
+	// FeatureFlagEvaluationErrorMessageKey is the attribute Key conforming to the
+	// "feature_flag.evaluation.error.message" semantic conventions. It represents a
+	// message explaining the nature of an error occurring during flag evaluation.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Flag `header-color` expected type `string` but found type `number`
+	// "
+	FeatureFlagEvaluationErrorMessageKey = attribute.Key("feature_flag.evaluation.error.message")
+
+	// FeatureFlagEvaluationReasonKey is the attribute Key conforming to the
+	// "feature_flag.evaluation.reason" semantic conventions. It represents the
+	// reason code which shows how a feature flag value was determined.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "static", "targeting_match", "error", "default"
+	FeatureFlagEvaluationReasonKey = attribute.Key("feature_flag.evaluation.reason")
+
+	// FeatureFlagKeyKey is the attribute Key conforming to the "feature_flag.key"
+	// semantic conventions. It represents the lookup key of the feature flag.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "logo-color"
+	FeatureFlagKeyKey = attribute.Key("feature_flag.key")
+
+	// FeatureFlagProviderNameKey is the attribute Key conforming to the
+	// "feature_flag.provider_name" semantic conventions. It represents the
+	// identifies the feature flag provider.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Flag Manager"
+	FeatureFlagProviderNameKey = attribute.Key("feature_flag.provider_name")
+
+	// FeatureFlagSetIDKey is the attribute Key conforming to the
+	// "feature_flag.set.id" semantic conventions. It represents the identifier of
+	// the [flag set] to which the feature flag belongs.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "proj-1", "ab98sgs", "service1/dev"
+	//
+	// [flag set]: https://openfeature.dev/specification/glossary/#flag-set
+	FeatureFlagSetIDKey = attribute.Key("feature_flag.set.id")
+
+	// FeatureFlagVariantKey is the attribute Key conforming to the
+	// "feature_flag.variant" semantic conventions. It represents a semantic
+	// identifier for an evaluated flag value.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "red", "true", "on"
+	// Note: A semantic identifier, commonly referred to as a variant, provides a
+	// means
+	// for referring to a value without including the value itself. This can
+	// provide additional context for understanding the meaning behind a value.
+	// For example, the variant `red` maybe be used for the value `#c05543`.
+	FeatureFlagVariantKey = attribute.Key("feature_flag.variant")
+
+	// FeatureFlagVersionKey is the attribute Key conforming to the
+	// "feature_flag.version" semantic conventions. It represents the version of the
+	// ruleset used during the evaluation. This may be any stable value which
+	// uniquely identifies the ruleset.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1", "01ABCDEF"
+	FeatureFlagVersionKey = attribute.Key("feature_flag.version")
+)
+
+// FeatureFlagContextID returns an attribute KeyValue conforming to the
+// "feature_flag.context.id" semantic conventions. It represents the unique
+// identifier for the flag evaluation context. For example, the targeting key.
+func FeatureFlagContextID(val string) attribute.KeyValue {
+	return FeatureFlagContextIDKey.String(val)
+}
+
+// FeatureFlagEvaluationErrorMessage returns an attribute KeyValue conforming to
+// the "feature_flag.evaluation.error.message" semantic conventions. It
+// represents a message explaining the nature of an error occurring during flag
+// evaluation.
+func FeatureFlagEvaluationErrorMessage(val string) attribute.KeyValue {
+	return FeatureFlagEvaluationErrorMessageKey.String(val)
+}
+
+// FeatureFlagKey returns an attribute KeyValue conforming to the
+// "feature_flag.key" semantic conventions. It represents the lookup key of the
+// feature flag.
+func FeatureFlagKey(val string) attribute.KeyValue {
+	return FeatureFlagKeyKey.String(val)
+}
+
+// FeatureFlagProviderName returns an attribute KeyValue conforming to the
+// "feature_flag.provider_name" semantic conventions. It represents the
+// identifies the feature flag provider.
+func FeatureFlagProviderName(val string) attribute.KeyValue {
+	return FeatureFlagProviderNameKey.String(val)
+}
+
+// FeatureFlagSetID returns an attribute KeyValue conforming to the
+// "feature_flag.set.id" semantic conventions. It represents the identifier of
+// the [flag set] to which the feature flag belongs.
+//
+// [flag set]: https://openfeature.dev/specification/glossary/#flag-set
+func FeatureFlagSetID(val string) attribute.KeyValue {
+	return FeatureFlagSetIDKey.String(val)
+}
+
+// FeatureFlagVariant returns an attribute KeyValue conforming to the
+// "feature_flag.variant" semantic conventions. It represents a semantic
+// identifier for an evaluated flag value.
+func FeatureFlagVariant(val string) attribute.KeyValue {
+	return FeatureFlagVariantKey.String(val)
+}
+
+// FeatureFlagVersion returns an attribute KeyValue conforming to the
+// "feature_flag.version" semantic conventions. It represents the version of the
+// ruleset used during the evaluation. This may be any stable value which
+// uniquely identifies the ruleset.
+func FeatureFlagVersion(val string) attribute.KeyValue {
+	return FeatureFlagVersionKey.String(val)
+}
+
+// Enum values for feature_flag.evaluation.reason
+var (
+	// The resolved value is static (no dynamic evaluation).
+	// Stability: development
+	FeatureFlagEvaluationReasonStatic = FeatureFlagEvaluationReasonKey.String("static")
+	// The resolved value fell back to a pre-configured value (no dynamic evaluation
+	// occurred or dynamic evaluation yielded no result).
+	// Stability: development
+	FeatureFlagEvaluationReasonDefault = FeatureFlagEvaluationReasonKey.String("default")
+	// The resolved value was the result of a dynamic evaluation, such as a rule or
+	// specific user-targeting.
+	// Stability: development
+	FeatureFlagEvaluationReasonTargetingMatch = FeatureFlagEvaluationReasonKey.String("targeting_match")
+	// The resolved value was the result of pseudorandom assignment.
+	// Stability: development
+	FeatureFlagEvaluationReasonSplit = FeatureFlagEvaluationReasonKey.String("split")
+	// The resolved value was retrieved from cache.
+	// Stability: development
+	FeatureFlagEvaluationReasonCached = FeatureFlagEvaluationReasonKey.String("cached")
+	// The resolved value was the result of the flag being disabled in the
+	// management system.
+	// Stability: development
+	FeatureFlagEvaluationReasonDisabled = FeatureFlagEvaluationReasonKey.String("disabled")
+	// The reason for the resolved value could not be determined.
+	// Stability: development
+	FeatureFlagEvaluationReasonUnknown = FeatureFlagEvaluationReasonKey.String("unknown")
+	// The resolved value is non-authoritative or possibly out of date
+	// Stability: development
+	FeatureFlagEvaluationReasonStale = FeatureFlagEvaluationReasonKey.String("stale")
+	// The resolved value was the result of an error.
+	// Stability: development
+	FeatureFlagEvaluationReasonError = FeatureFlagEvaluationReasonKey.String("error")
+)
+
+// Namespace: file
+const (
+	// FileAccessedKey is the attribute Key conforming to the "file.accessed"
+	// semantic conventions. It represents the time when the file was last accessed,
+	// in ISO 8601 format.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2021-01-01T12:00:00Z"
+	// Note: This attribute might not be supported by some file systems — NFS,
+	// FAT32, in embedded OS, etc.
+	FileAccessedKey = attribute.Key("file.accessed")
+
+	// FileAttributesKey is the attribute Key conforming to the "file.attributes"
+	// semantic conventions. It represents the array of file attributes.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "readonly", "hidden"
+	// Note: Attributes names depend on the OS or file system. Here’s a
+	// non-exhaustive list of values expected for this attribute: `archive`,
+	// `compressed`, `directory`, `encrypted`, `execute`, `hidden`, `immutable`,
+	// `journaled`, `read`, `readonly`, `symbolic link`, `system`, `temporary`,
+	// `write`.
+	FileAttributesKey = attribute.Key("file.attributes")
+
+	// FileChangedKey is the attribute Key conforming to the "file.changed" semantic
+	// conventions. It represents the time when the file attributes or metadata was
+	// last changed, in ISO 8601 format.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2021-01-01T12:00:00Z"
+	// Note: `file.changed` captures the time when any of the file's properties or
+	// attributes (including the content) are changed, while `file.modified`
+	// captures the timestamp when the file content is modified.
+	FileChangedKey = attribute.Key("file.changed")
+
+	// FileCreatedKey is the attribute Key conforming to the "file.created" semantic
+	// conventions. It represents the time when the file was created, in ISO 8601
+	// format.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2021-01-01T12:00:00Z"
+	// Note: This attribute might not be supported by some file systems — NFS,
+	// FAT32, in embedded OS, etc.
+	FileCreatedKey = attribute.Key("file.created")
+
+	// FileDirectoryKey is the attribute Key conforming to the "file.directory"
+	// semantic conventions. It represents the directory where the file is located.
+	// It should include the drive letter, when appropriate.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/home/user", "C:\Program Files\MyApp"
+	FileDirectoryKey = attribute.Key("file.directory")
+
+	// FileExtensionKey is the attribute Key conforming to the "file.extension"
+	// semantic conventions. It represents the file extension, excluding the leading
+	// dot.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "png", "gz"
+	// Note: When the file name has multiple extensions (example.tar.gz), only the
+	// last one should be captured ("gz", not "tar.gz").
+	FileExtensionKey = attribute.Key("file.extension")
+
+	// FileForkNameKey is the attribute Key conforming to the "file.fork_name"
+	// semantic conventions. It represents the name of the fork. A fork is
+	// additional data associated with a filesystem object.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Zone.Identifer"
+	// Note: On Linux, a resource fork is used to store additional data with a
+	// filesystem object. A file always has at least one fork for the data portion,
+	// and additional forks may exist.
+	// On NTFS, this is analogous to an Alternate Data Stream (ADS), and the default
+	// data stream for a file is just called $DATA. Zone.Identifier is commonly used
+	// by Windows to track contents downloaded from the Internet. An ADS is
+	// typically of the form: C:\path\to\filename.extension:some_fork_name, and
+	// some_fork_name is the value that should populate `fork_name`.
+	// `filename.extension` should populate `file.name`, and `extension` should
+	// populate `file.extension`. The full path, `file.path`, will include the fork
+	// name.
+	FileForkNameKey = attribute.Key("file.fork_name")
+
+	// FileGroupIDKey is the attribute Key conforming to the "file.group.id"
+	// semantic conventions. It represents the primary Group ID (GID) of the file.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1000"
+	FileGroupIDKey = attribute.Key("file.group.id")
+
+	// FileGroupNameKey is the attribute Key conforming to the "file.group.name"
+	// semantic conventions. It represents the primary group name of the file.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "users"
+	FileGroupNameKey = attribute.Key("file.group.name")
+
+	// FileInodeKey is the attribute Key conforming to the "file.inode" semantic
+	// conventions. It represents the inode representing the file in the filesystem.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "256383"
+	FileInodeKey = attribute.Key("file.inode")
+
+	// FileModeKey is the attribute Key conforming to the "file.mode" semantic
+	// conventions. It represents the mode of the file in octal representation.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "0640"
+	FileModeKey = attribute.Key("file.mode")
+
+	// FileModifiedKey is the attribute Key conforming to the "file.modified"
+	// semantic conventions. It represents the time when the file content was last
+	// modified, in ISO 8601 format.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2021-01-01T12:00:00Z"
+	FileModifiedKey = attribute.Key("file.modified")
+
+	// FileNameKey is the attribute Key conforming to the "file.name" semantic
+	// conventions. It represents the name of the file including the extension,
+	// without the directory.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "example.png"
+	FileNameKey = attribute.Key("file.name")
+
+	// FileOwnerIDKey is the attribute Key conforming to the "file.owner.id"
+	// semantic conventions. It represents the user ID (UID) or security identifier
+	// (SID) of the file owner.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1000"
+	FileOwnerIDKey = attribute.Key("file.owner.id")
+
+	// FileOwnerNameKey is the attribute Key conforming to the "file.owner.name"
+	// semantic conventions. It represents the username of the file owner.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "root"
+	FileOwnerNameKey = attribute.Key("file.owner.name")
+
+	// FilePathKey is the attribute Key conforming to the "file.path" semantic
+	// conventions. It represents the full path to the file, including the file
+	// name. It should include the drive letter, when appropriate.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/home/alice/example.png", "C:\Program Files\MyApp\myapp.exe"
+	FilePathKey = attribute.Key("file.path")
+
+	// FileSizeKey is the attribute Key conforming to the "file.size" semantic
+	// conventions. It represents the file size in bytes.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	FileSizeKey = attribute.Key("file.size")
+
+	// FileSymbolicLinkTargetPathKey is the attribute Key conforming to the
+	// "file.symbolic_link.target_path" semantic conventions. It represents the path
+	// to the target of a symbolic link.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/usr/bin/python3"
+	// Note: This attribute is only applicable to symbolic links.
+	FileSymbolicLinkTargetPathKey = attribute.Key("file.symbolic_link.target_path")
+)
+
+// FileAccessed returns an attribute KeyValue conforming to the "file.accessed"
+// semantic conventions. It represents the time when the file was last accessed,
+// in ISO 8601 format.
+func FileAccessed(val string) attribute.KeyValue {
+	return FileAccessedKey.String(val)
+}
+
+// FileAttributes returns an attribute KeyValue conforming to the
+// "file.attributes" semantic conventions. It represents the array of file
+// attributes.
+func FileAttributes(val ...string) attribute.KeyValue {
+	return FileAttributesKey.StringSlice(val)
+}
+
+// FileChanged returns an attribute KeyValue conforming to the "file.changed"
+// semantic conventions. It represents the time when the file attributes or
+// metadata was last changed, in ISO 8601 format.
+func FileChanged(val string) attribute.KeyValue {
+	return FileChangedKey.String(val)
+}
+
+// FileCreated returns an attribute KeyValue conforming to the "file.created"
+// semantic conventions. It represents the time when the file was created, in ISO
+// 8601 format.
+func FileCreated(val string) attribute.KeyValue {
+	return FileCreatedKey.String(val)
+}
+
+// FileDirectory returns an attribute KeyValue conforming to the "file.directory"
+// semantic conventions. It represents the directory where the file is located.
+// It should include the drive letter, when appropriate.
+func FileDirectory(val string) attribute.KeyValue {
+	return FileDirectoryKey.String(val)
+}
+
+// FileExtension returns an attribute KeyValue conforming to the "file.extension"
+// semantic conventions. It represents the file extension, excluding the leading
+// dot.
+func FileExtension(val string) attribute.KeyValue {
+	return FileExtensionKey.String(val)
+}
+
+// FileForkName returns an attribute KeyValue conforming to the "file.fork_name"
+// semantic conventions. It represents the name of the fork. A fork is additional
+// data associated with a filesystem object.
+func FileForkName(val string) attribute.KeyValue {
+	return FileForkNameKey.String(val)
+}
+
+// FileGroupID returns an attribute KeyValue conforming to the "file.group.id"
+// semantic conventions. It represents the primary Group ID (GID) of the file.
+func FileGroupID(val string) attribute.KeyValue {
+	return FileGroupIDKey.String(val)
+}
+
+// FileGroupName returns an attribute KeyValue conforming to the
+// "file.group.name" semantic conventions. It represents the primary group name
+// of the file.
+func FileGroupName(val string) attribute.KeyValue {
+	return FileGroupNameKey.String(val)
+}
+
+// FileInode returns an attribute KeyValue conforming to the "file.inode"
+// semantic conventions. It represents the inode representing the file in the
+// filesystem.
+func FileInode(val string) attribute.KeyValue {
+	return FileInodeKey.String(val)
+}
+
+// FileMode returns an attribute KeyValue conforming to the "file.mode" semantic
+// conventions. It represents the mode of the file in octal representation.
+func FileMode(val string) attribute.KeyValue {
+	return FileModeKey.String(val)
+}
+
+// FileModified returns an attribute KeyValue conforming to the "file.modified"
+// semantic conventions. It represents the time when the file content was last
+// modified, in ISO 8601 format.
+func FileModified(val string) attribute.KeyValue {
+	return FileModifiedKey.String(val)
+}
+
+// FileName returns an attribute KeyValue conforming to the "file.name" semantic
+// conventions. It represents the name of the file including the extension,
+// without the directory.
+func FileName(val string) attribute.KeyValue {
+	return FileNameKey.String(val)
+}
+
+// FileOwnerID returns an attribute KeyValue conforming to the "file.owner.id"
+// semantic conventions. It represents the user ID (UID) or security identifier
+// (SID) of the file owner.
+func FileOwnerID(val string) attribute.KeyValue {
+	return FileOwnerIDKey.String(val)
+}
+
+// FileOwnerName returns an attribute KeyValue conforming to the
+// "file.owner.name" semantic conventions. It represents the username of the file
+// owner.
+func FileOwnerName(val string) attribute.KeyValue {
+	return FileOwnerNameKey.String(val)
+}
+
+// FilePath returns an attribute KeyValue conforming to the "file.path" semantic
+// conventions. It represents the full path to the file, including the file name.
+// It should include the drive letter, when appropriate.
+func FilePath(val string) attribute.KeyValue {
+	return FilePathKey.String(val)
+}
+
+// FileSize returns an attribute KeyValue conforming to the "file.size" semantic
+// conventions. It represents the file size in bytes.
+func FileSize(val int) attribute.KeyValue {
+	return FileSizeKey.Int(val)
+}
+
+// FileSymbolicLinkTargetPath returns an attribute KeyValue conforming to the
+// "file.symbolic_link.target_path" semantic conventions. It represents the path
+// to the target of a symbolic link.
+func FileSymbolicLinkTargetPath(val string) attribute.KeyValue {
+	return FileSymbolicLinkTargetPathKey.String(val)
+}
+
+// Namespace: gcp
+const (
+	// GCPClientServiceKey is the attribute Key conforming to the
+	// "gcp.client.service" semantic conventions. It represents the identifies the
+	// Google Cloud service for which the official client library is intended.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "appengine", "run", "firestore", "alloydb", "spanner"
+	// Note: Intended to be a stable identifier for Google Cloud client libraries
+	// that is uniform across implementation languages. The value should be derived
+	// from the canonical service domain for the service; for example,
+	// 'foo.googleapis.com' should result in a value of 'foo'.
+	GCPClientServiceKey = attribute.Key("gcp.client.service")
+
+	// GCPCloudRunJobExecutionKey is the attribute Key conforming to the
+	// "gcp.cloud_run.job.execution" semantic conventions. It represents the name of
+	// the Cloud Run [execution] being run for the Job, as set by the
+	// [`CLOUD_RUN_EXECUTION`] environment variable.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "job-name-xxxx", "sample-job-mdw84"
+	//
+	// [execution]: https://cloud.google.com/run/docs/managing/job-executions
+	// [`CLOUD_RUN_EXECUTION`]: https://cloud.google.com/run/docs/container-contract#jobs-env-vars
+	GCPCloudRunJobExecutionKey = attribute.Key("gcp.cloud_run.job.execution")
+
+	// GCPCloudRunJobTaskIndexKey is the attribute Key conforming to the
+	// "gcp.cloud_run.job.task_index" semantic conventions. It represents the index
+	// for a task within an execution as provided by the [`CLOUD_RUN_TASK_INDEX`]
+	// environment variable.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 0, 1
+	//
+	// [`CLOUD_RUN_TASK_INDEX`]: https://cloud.google.com/run/docs/container-contract#jobs-env-vars
+	GCPCloudRunJobTaskIndexKey = attribute.Key("gcp.cloud_run.job.task_index")
+
+	// GCPGceInstanceHostnameKey is the attribute Key conforming to the
+	// "gcp.gce.instance.hostname" semantic conventions. It represents the hostname
+	// of a GCE instance. This is the full value of the default or [custom hostname]
+	// .
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "my-host1234.example.com",
+	// "sample-vm.us-west1-b.c.my-project.internal"
+	//
+	// [custom hostname]: https://cloud.google.com/compute/docs/instances/custom-hostname-vm
+	GCPGceInstanceHostnameKey = attribute.Key("gcp.gce.instance.hostname")
+
+	// GCPGceInstanceNameKey is the attribute Key conforming to the
+	// "gcp.gce.instance.name" semantic conventions. It represents the instance name
+	// of a GCE instance. This is the value provided by `host.name`, the visible
+	// name of the instance in the Cloud Console UI, and the prefix for the default
+	// hostname of the instance as defined by the [default internal DNS name].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "instance-1", "my-vm-name"
+	//
+	// [default internal DNS name]: https://cloud.google.com/compute/docs/internal-dns#instance-fully-qualified-domain-names
+	GCPGceInstanceNameKey = attribute.Key("gcp.gce.instance.name")
+)
+
+// GCPClientService returns an attribute KeyValue conforming to the
+// "gcp.client.service" semantic conventions. It represents the identifies the
+// Google Cloud service for which the official client library is intended.
+func GCPClientService(val string) attribute.KeyValue {
+	return GCPClientServiceKey.String(val)
+}
+
+// GCPCloudRunJobExecution returns an attribute KeyValue conforming to the
+// "gcp.cloud_run.job.execution" semantic conventions. It represents the name of
+// the Cloud Run [execution] being run for the Job, as set by the
+// [`CLOUD_RUN_EXECUTION`] environment variable.
+//
+// [execution]: https://cloud.google.com/run/docs/managing/job-executions
+// [`CLOUD_RUN_EXECUTION`]: https://cloud.google.com/run/docs/container-contract#jobs-env-vars
+func GCPCloudRunJobExecution(val string) attribute.KeyValue {
+	return GCPCloudRunJobExecutionKey.String(val)
+}
+
+// GCPCloudRunJobTaskIndex returns an attribute KeyValue conforming to the
+// "gcp.cloud_run.job.task_index" semantic conventions. It represents the index
+// for a task within an execution as provided by the [`CLOUD_RUN_TASK_INDEX`]
+// environment variable.
+//
+// [`CLOUD_RUN_TASK_INDEX`]: https://cloud.google.com/run/docs/container-contract#jobs-env-vars
+func GCPCloudRunJobTaskIndex(val int) attribute.KeyValue {
+	return GCPCloudRunJobTaskIndexKey.Int(val)
+}
+
+// GCPGceInstanceHostname returns an attribute KeyValue conforming to the
+// "gcp.gce.instance.hostname" semantic conventions. It represents the hostname
+// of a GCE instance. This is the full value of the default or [custom hostname]
+// .
+//
+// [custom hostname]: https://cloud.google.com/compute/docs/instances/custom-hostname-vm
+func GCPGceInstanceHostname(val string) attribute.KeyValue {
+	return GCPGceInstanceHostnameKey.String(val)
+}
+
+// GCPGceInstanceName returns an attribute KeyValue conforming to the
+// "gcp.gce.instance.name" semantic conventions. It represents the instance name
+// of a GCE instance. This is the value provided by `host.name`, the visible name
+// of the instance in the Cloud Console UI, and the prefix for the default
+// hostname of the instance as defined by the [default internal DNS name].
+//
+// [default internal DNS name]: https://cloud.google.com/compute/docs/internal-dns#instance-fully-qualified-domain-names
+func GCPGceInstanceName(val string) attribute.KeyValue {
+	return GCPGceInstanceNameKey.String(val)
+}
+
+// Namespace: gen_ai
+const (
+	// GenAIOpenaiRequestResponseFormatKey is the attribute Key conforming to the
+	// "gen_ai.openai.request.response_format" semantic conventions. It represents
+	// the response format that is requested.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "json"
+	GenAIOpenaiRequestResponseFormatKey = attribute.Key("gen_ai.openai.request.response_format")
+
+	// GenAIOpenaiRequestServiceTierKey is the attribute Key conforming to the
+	// "gen_ai.openai.request.service_tier" semantic conventions. It represents the
+	// service tier requested. May be a specific tier, default, or auto.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "auto", "default"
+	GenAIOpenaiRequestServiceTierKey = attribute.Key("gen_ai.openai.request.service_tier")
+
+	// GenAIOpenaiResponseServiceTierKey is the attribute Key conforming to the
+	// "gen_ai.openai.response.service_tier" semantic conventions. It represents the
+	// service tier used for the response.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "scale", "default"
+	GenAIOpenaiResponseServiceTierKey = attribute.Key("gen_ai.openai.response.service_tier")
+
+	// GenAIOpenaiResponseSystemFingerprintKey is the attribute Key conforming to
+	// the "gen_ai.openai.response.system_fingerprint" semantic conventions. It
+	// represents a fingerprint to track any eventual change in the Generative AI
+	// environment.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "fp_44709d6fcb"
+	GenAIOpenaiResponseSystemFingerprintKey = attribute.Key("gen_ai.openai.response.system_fingerprint")
+
+	// GenAIOperationNameKey is the attribute Key conforming to the
+	// "gen_ai.operation.name" semantic conventions. It represents the name of the
+	// operation being performed.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// Note: If one of the predefined values applies, but specific system uses a
+	// different name it's RECOMMENDED to document it in the semantic conventions
+	// for specific GenAI system and use system-specific name in the
+	// instrumentation. If a different name is not documented, instrumentation
+	// libraries SHOULD use applicable predefined value.
+	GenAIOperationNameKey = attribute.Key("gen_ai.operation.name")
+
+	// GenAIRequestEncodingFormatsKey is the attribute Key conforming to the
+	// "gen_ai.request.encoding_formats" semantic conventions. It represents the
+	// encoding formats requested in an embeddings operation, if specified.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "base64"], ["float", "binary"
+	// Note: In some GenAI systems the encoding formats are called embedding types.
+	// Also, some GenAI systems only accept a single format per request.
+	GenAIRequestEncodingFormatsKey = attribute.Key("gen_ai.request.encoding_formats")
+
+	// GenAIRequestFrequencyPenaltyKey is the attribute Key conforming to the
+	// "gen_ai.request.frequency_penalty" semantic conventions. It represents the
+	// frequency penalty setting for the GenAI request.
+	//
+	// Type: double
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 0.1
+	GenAIRequestFrequencyPenaltyKey = attribute.Key("gen_ai.request.frequency_penalty")
+
+	// GenAIRequestMaxTokensKey is the attribute Key conforming to the
+	// "gen_ai.request.max_tokens" semantic conventions. It represents the maximum
+	// number of tokens the model generates for a request.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 100
+	GenAIRequestMaxTokensKey = attribute.Key("gen_ai.request.max_tokens")
+
+	// GenAIRequestModelKey is the attribute Key conforming to the
+	// "gen_ai.request.model" semantic conventions. It represents the name of the
+	// GenAI model a request is being made to.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: gpt-4
+	GenAIRequestModelKey = attribute.Key("gen_ai.request.model")
+
+	// GenAIRequestPresencePenaltyKey is the attribute Key conforming to the
+	// "gen_ai.request.presence_penalty" semantic conventions. It represents the
+	// presence penalty setting for the GenAI request.
+	//
+	// Type: double
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 0.1
+	GenAIRequestPresencePenaltyKey = attribute.Key("gen_ai.request.presence_penalty")
+
+	// GenAIRequestSeedKey is the attribute Key conforming to the
+	// "gen_ai.request.seed" semantic conventions. It represents the requests with
+	// same seed value more likely to return same result.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 100
+	GenAIRequestSeedKey = attribute.Key("gen_ai.request.seed")
+
+	// GenAIRequestStopSequencesKey is the attribute Key conforming to the
+	// "gen_ai.request.stop_sequences" semantic conventions. It represents the list
+	// of sequences that the model will use to stop generating further tokens.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "forest", "lived"
+	GenAIRequestStopSequencesKey = attribute.Key("gen_ai.request.stop_sequences")
+
+	// GenAIRequestTemperatureKey is the attribute Key conforming to the
+	// "gen_ai.request.temperature" semantic conventions. It represents the
+	// temperature setting for the GenAI request.
+	//
+	// Type: double
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 0.0
+	GenAIRequestTemperatureKey = attribute.Key("gen_ai.request.temperature")
+
+	// GenAIRequestTopKKey is the attribute Key conforming to the
+	// "gen_ai.request.top_k" semantic conventions. It represents the top_k sampling
+	// setting for the GenAI request.
+	//
+	// Type: double
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1.0
+	GenAIRequestTopKKey = attribute.Key("gen_ai.request.top_k")
+
+	// GenAIRequestTopPKey is the attribute Key conforming to the
+	// "gen_ai.request.top_p" semantic conventions. It represents the top_p sampling
+	// setting for the GenAI request.
+	//
+	// Type: double
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1.0
+	GenAIRequestTopPKey = attribute.Key("gen_ai.request.top_p")
+
+	// GenAIResponseFinishReasonsKey is the attribute Key conforming to the
+	// "gen_ai.response.finish_reasons" semantic conventions. It represents the
+	// array of reasons the model stopped generating tokens, corresponding to each
+	// generation received.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "stop"], ["stop", "length"
+	GenAIResponseFinishReasonsKey = attribute.Key("gen_ai.response.finish_reasons")
+
+	// GenAIResponseIDKey is the attribute Key conforming to the
+	// "gen_ai.response.id" semantic conventions. It represents the unique
+	// identifier for the completion.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "chatcmpl-123"
+	GenAIResponseIDKey = attribute.Key("gen_ai.response.id")
+
+	// GenAIResponseModelKey is the attribute Key conforming to the
+	// "gen_ai.response.model" semantic conventions. It represents the name of the
+	// model that generated the response.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "gpt-4-0613"
+	GenAIResponseModelKey = attribute.Key("gen_ai.response.model")
+
+	// GenAISystemKey is the attribute Key conforming to the "gen_ai.system"
+	// semantic conventions. It represents the Generative AI product as identified
+	// by the client or server instrumentation.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: openai
+	// Note: The `gen_ai.system` describes a family of GenAI models with specific
+	// model identified
+	// by `gen_ai.request.model` and `gen_ai.response.model` attributes.
+	//
+	// The actual GenAI product may differ from the one identified by the client.
+	// Multiple systems, including Azure OpenAI and Gemini, are accessible by OpenAI
+	// client
+	// libraries. In such cases, the `gen_ai.system` is set to `openai` based on the
+	// instrumentation's best knowledge, instead of the actual system. The
+	// `server.address`
+	// attribute may help identify the actual system in use for `openai`.
+	//
+	// For custom model, a custom friendly name SHOULD be used.
+	// If none of these options apply, the `gen_ai.system` SHOULD be set to `_OTHER`
+	// .
+	GenAISystemKey = attribute.Key("gen_ai.system")
+
+	// GenAITokenTypeKey is the attribute Key conforming to the "gen_ai.token.type"
+	// semantic conventions. It represents the type of token being counted.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "input", "output"
+	GenAITokenTypeKey = attribute.Key("gen_ai.token.type")
+
+	// GenAIUsageInputTokensKey is the attribute Key conforming to the
+	// "gen_ai.usage.input_tokens" semantic conventions. It represents the number of
+	// tokens used in the GenAI input (prompt).
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 100
+	GenAIUsageInputTokensKey = attribute.Key("gen_ai.usage.input_tokens")
+
+	// GenAIUsageOutputTokensKey is the attribute Key conforming to the
+	// "gen_ai.usage.output_tokens" semantic conventions. It represents the number
+	// of tokens used in the GenAI response (completion).
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 180
+	GenAIUsageOutputTokensKey = attribute.Key("gen_ai.usage.output_tokens")
+)
+
+// GenAIOpenaiResponseServiceTier returns an attribute KeyValue conforming to the
+// "gen_ai.openai.response.service_tier" semantic conventions. It represents the
+// service tier used for the response.
+func GenAIOpenaiResponseServiceTier(val string) attribute.KeyValue {
+	return GenAIOpenaiResponseServiceTierKey.String(val)
+}
+
+// GenAIOpenaiResponseSystemFingerprint returns an attribute KeyValue conforming
+// to the "gen_ai.openai.response.system_fingerprint" semantic conventions. It
+// represents a fingerprint to track any eventual change in the Generative AI
+// environment.
+func GenAIOpenaiResponseSystemFingerprint(val string) attribute.KeyValue {
+	return GenAIOpenaiResponseSystemFingerprintKey.String(val)
+}
+
+// GenAIRequestEncodingFormats returns an attribute KeyValue conforming to the
+// "gen_ai.request.encoding_formats" semantic conventions. It represents the
+// encoding formats requested in an embeddings operation, if specified.
+func GenAIRequestEncodingFormats(val ...string) attribute.KeyValue {
+	return GenAIRequestEncodingFormatsKey.StringSlice(val)
+}
+
+// GenAIRequestFrequencyPenalty returns an attribute KeyValue conforming to the
+// "gen_ai.request.frequency_penalty" semantic conventions. It represents the
+// frequency penalty setting for the GenAI request.
+func GenAIRequestFrequencyPenalty(val float64) attribute.KeyValue {
+	return GenAIRequestFrequencyPenaltyKey.Float64(val)
+}
+
+// GenAIRequestMaxTokens returns an attribute KeyValue conforming to the
+// "gen_ai.request.max_tokens" semantic conventions. It represents the maximum
+// number of tokens the model generates for a request.
+func GenAIRequestMaxTokens(val int) attribute.KeyValue {
+	return GenAIRequestMaxTokensKey.Int(val)
+}
+
+// GenAIRequestModel returns an attribute KeyValue conforming to the
+// "gen_ai.request.model" semantic conventions. It represents the name of the
+// GenAI model a request is being made to.
+func GenAIRequestModel(val string) attribute.KeyValue {
+	return GenAIRequestModelKey.String(val)
+}
+
+// GenAIRequestPresencePenalty returns an attribute KeyValue conforming to the
+// "gen_ai.request.presence_penalty" semantic conventions. It represents the
+// presence penalty setting for the GenAI request.
+func GenAIRequestPresencePenalty(val float64) attribute.KeyValue {
+	return GenAIRequestPresencePenaltyKey.Float64(val)
+}
+
+// GenAIRequestSeed returns an attribute KeyValue conforming to the
+// "gen_ai.request.seed" semantic conventions. It represents the requests with
+// same seed value more likely to return same result.
+func GenAIRequestSeed(val int) attribute.KeyValue {
+	return GenAIRequestSeedKey.Int(val)
+}
+
+// GenAIRequestStopSequences returns an attribute KeyValue conforming to the
+// "gen_ai.request.stop_sequences" semantic conventions. It represents the list
+// of sequences that the model will use to stop generating further tokens.
+func GenAIRequestStopSequences(val ...string) attribute.KeyValue {
+	return GenAIRequestStopSequencesKey.StringSlice(val)
+}
+
+// GenAIRequestTemperature returns an attribute KeyValue conforming to the
+// "gen_ai.request.temperature" semantic conventions. It represents the
+// temperature setting for the GenAI request.
+func GenAIRequestTemperature(val float64) attribute.KeyValue {
+	return GenAIRequestTemperatureKey.Float64(val)
+}
+
+// GenAIRequestTopK returns an attribute KeyValue conforming to the
+// "gen_ai.request.top_k" semantic conventions. It represents the top_k sampling
+// setting for the GenAI request.
+func GenAIRequestTopK(val float64) attribute.KeyValue {
+	return GenAIRequestTopKKey.Float64(val)
+}
+
+// GenAIRequestTopP returns an attribute KeyValue conforming to the
+// "gen_ai.request.top_p" semantic conventions. It represents the top_p sampling
+// setting for the GenAI request.
+func GenAIRequestTopP(val float64) attribute.KeyValue {
+	return GenAIRequestTopPKey.Float64(val)
+}
+
+// GenAIResponseFinishReasons returns an attribute KeyValue conforming to the
+// "gen_ai.response.finish_reasons" semantic conventions. It represents the array
+// of reasons the model stopped generating tokens, corresponding to each
+// generation received.
+func GenAIResponseFinishReasons(val ...string) attribute.KeyValue {
+	return GenAIResponseFinishReasonsKey.StringSlice(val)
+}
+
+// GenAIResponseID returns an attribute KeyValue conforming to the
+// "gen_ai.response.id" semantic conventions. It represents the unique identifier
+// for the completion.
+func GenAIResponseID(val string) attribute.KeyValue {
+	return GenAIResponseIDKey.String(val)
+}
+
+// GenAIResponseModel returns an attribute KeyValue conforming to the
+// "gen_ai.response.model" semantic conventions. It represents the name of the
+// model that generated the response.
+func GenAIResponseModel(val string) attribute.KeyValue {
+	return GenAIResponseModelKey.String(val)
+}
+
+// GenAIUsageInputTokens returns an attribute KeyValue conforming to the
+// "gen_ai.usage.input_tokens" semantic conventions. It represents the number of
+// tokens used in the GenAI input (prompt).
+func GenAIUsageInputTokens(val int) attribute.KeyValue {
+	return GenAIUsageInputTokensKey.Int(val)
+}
+
+// GenAIUsageOutputTokens returns an attribute KeyValue conforming to the
+// "gen_ai.usage.output_tokens" semantic conventions. It represents the number of
+// tokens used in the GenAI response (completion).
+func GenAIUsageOutputTokens(val int) attribute.KeyValue {
+	return GenAIUsageOutputTokensKey.Int(val)
+}
+
+// Enum values for gen_ai.openai.request.response_format
+var (
+	// Text response format
+	// Stability: development
+	GenAIOpenaiRequestResponseFormatText = GenAIOpenaiRequestResponseFormatKey.String("text")
+	// JSON object response format
+	// Stability: development
+	GenAIOpenaiRequestResponseFormatJSONObject = GenAIOpenaiRequestResponseFormatKey.String("json_object")
+	// JSON schema response format
+	// Stability: development
+	GenAIOpenaiRequestResponseFormatJSONSchema = GenAIOpenaiRequestResponseFormatKey.String("json_schema")
+)
+
+// Enum values for gen_ai.openai.request.service_tier
+var (
+	// The system will utilize scale tier credits until they are exhausted.
+	// Stability: development
+	GenAIOpenaiRequestServiceTierAuto = GenAIOpenaiRequestServiceTierKey.String("auto")
+	// The system will utilize the default scale tier.
+	// Stability: development
+	GenAIOpenaiRequestServiceTierDefault = GenAIOpenaiRequestServiceTierKey.String("default")
+)
+
+// Enum values for gen_ai.operation.name
+var (
+	// Chat completion operation such as [OpenAI Chat API]
+	// Stability: development
+	//
+	// [OpenAI Chat API]: https://platform.openai.com/docs/api-reference/chat
+	GenAIOperationNameChat = GenAIOperationNameKey.String("chat")
+	// Text completions operation such as [OpenAI Completions API (Legacy)]
+	// Stability: development
+	//
+	// [OpenAI Completions API (Legacy)]: https://platform.openai.com/docs/api-reference/completions
+	GenAIOperationNameTextCompletion = GenAIOperationNameKey.String("text_completion")
+	// Embeddings operation such as [OpenAI Create embeddings API]
+	// Stability: development
+	//
+	// [OpenAI Create embeddings API]: https://platform.openai.com/docs/api-reference/embeddings/create
+	GenAIOperationNameEmbeddings = GenAIOperationNameKey.String("embeddings")
+)
+
+// Enum values for gen_ai.system
+var (
+	// OpenAI
+	// Stability: development
+	GenAISystemOpenai = GenAISystemKey.String("openai")
+	// Vertex AI
+	// Stability: development
+	GenAISystemVertexAI = GenAISystemKey.String("vertex_ai")
+	// Gemini
+	// Stability: development
+	GenAISystemGemini = GenAISystemKey.String("gemini")
+	// Anthropic
+	// Stability: development
+	GenAISystemAnthropic = GenAISystemKey.String("anthropic")
+	// Cohere
+	// Stability: development
+	GenAISystemCohere = GenAISystemKey.String("cohere")
+	// Azure AI Inference
+	// Stability: development
+	GenAISystemAzAIInference = GenAISystemKey.String("az.ai.inference")
+	// Azure OpenAI
+	// Stability: development
+	GenAISystemAzAIOpenai = GenAISystemKey.String("az.ai.openai")
+	// IBM Watsonx AI
+	// Stability: development
+	GenAISystemIbmWatsonxAI = GenAISystemKey.String("ibm.watsonx.ai")
+	// AWS Bedrock
+	// Stability: development
+	GenAISystemAWSBedrock = GenAISystemKey.String("aws.bedrock")
+	// Perplexity
+	// Stability: development
+	GenAISystemPerplexity = GenAISystemKey.String("perplexity")
+	// xAI
+	// Stability: development
+	GenAISystemXai = GenAISystemKey.String("xai")
+	// DeepSeek
+	// Stability: development
+	GenAISystemDeepseek = GenAISystemKey.String("deepseek")
+	// Groq
+	// Stability: development
+	GenAISystemGroq = GenAISystemKey.String("groq")
+	// Mistral AI
+	// Stability: development
+	GenAISystemMistralAI = GenAISystemKey.String("mistral_ai")
+)
+
+// Enum values for gen_ai.token.type
+var (
+	// Input tokens (prompt, input, etc.)
+	// Stability: development
+	GenAITokenTypeInput = GenAITokenTypeKey.String("input")
+	// Output tokens (completion, response, etc.)
+	// Stability: development
+	GenAITokenTypeCompletion = GenAITokenTypeKey.String("output")
+)
+
+// Namespace: geo
+const (
+	// GeoContinentCodeKey is the attribute Key conforming to the
+	// "geo.continent.code" semantic conventions. It represents the two-letter code
+	// representing continent’s name.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	GeoContinentCodeKey = attribute.Key("geo.continent.code")
+
+	// GeoCountryIsoCodeKey is the attribute Key conforming to the
+	// "geo.country.iso_code" semantic conventions. It represents the two-letter ISO
+	// Country Code ([ISO 3166-1 alpha2]).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "CA"
+	//
+	// [ISO 3166-1 alpha2]: https://wikipedia.org/wiki/ISO_3166-1#Codes
+	GeoCountryIsoCodeKey = attribute.Key("geo.country.iso_code")
+
+	// GeoLocalityNameKey is the attribute Key conforming to the "geo.locality.name"
+	// semantic conventions. It represents the locality name. Represents the name of
+	// a city, town, village, or similar populated place.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Montreal", "Berlin"
+	GeoLocalityNameKey = attribute.Key("geo.locality.name")
+
+	// GeoLocationLatKey is the attribute Key conforming to the "geo.location.lat"
+	// semantic conventions. It represents the latitude of the geo location in
+	// [WGS84].
+	//
+	// Type: double
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 45.505918
+	//
+	// [WGS84]: https://wikipedia.org/wiki/World_Geodetic_System#WGS84
+	GeoLocationLatKey = attribute.Key("geo.location.lat")
+
+	// GeoLocationLonKey is the attribute Key conforming to the "geo.location.lon"
+	// semantic conventions. It represents the longitude of the geo location in
+	// [WGS84].
+	//
+	// Type: double
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: -73.61483
+	//
+	// [WGS84]: https://wikipedia.org/wiki/World_Geodetic_System#WGS84
+	GeoLocationLonKey = attribute.Key("geo.location.lon")
+
+	// GeoPostalCodeKey is the attribute Key conforming to the "geo.postal_code"
+	// semantic conventions. It represents the postal code associated with the
+	// location. Values appropriate for this field may also be known as a postcode
+	// or ZIP code and will vary widely from country to country.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "94040"
+	GeoPostalCodeKey = attribute.Key("geo.postal_code")
+
+	// GeoRegionIsoCodeKey is the attribute Key conforming to the
+	// "geo.region.iso_code" semantic conventions. It represents the region ISO code
+	// ([ISO 3166-2]).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "CA-QC"
+	//
+	// [ISO 3166-2]: https://wikipedia.org/wiki/ISO_3166-2
+	GeoRegionIsoCodeKey = attribute.Key("geo.region.iso_code")
+)
+
+// GeoCountryIsoCode returns an attribute KeyValue conforming to the
+// "geo.country.iso_code" semantic conventions. It represents the two-letter ISO
+// Country Code ([ISO 3166-1 alpha2]).
+//
+// [ISO 3166-1 alpha2]: https://wikipedia.org/wiki/ISO_3166-1#Codes
+func GeoCountryIsoCode(val string) attribute.KeyValue {
+	return GeoCountryIsoCodeKey.String(val)
+}
+
+// GeoLocalityName returns an attribute KeyValue conforming to the
+// "geo.locality.name" semantic conventions. It represents the locality name.
+// Represents the name of a city, town, village, or similar populated place.
+func GeoLocalityName(val string) attribute.KeyValue {
+	return GeoLocalityNameKey.String(val)
+}
+
+// GeoLocationLat returns an attribute KeyValue conforming to the
+// "geo.location.lat" semantic conventions. It represents the latitude of the geo
+// location in [WGS84].
+//
+// [WGS84]: https://wikipedia.org/wiki/World_Geodetic_System#WGS84
+func GeoLocationLat(val float64) attribute.KeyValue {
+	return GeoLocationLatKey.Float64(val)
+}
+
+// GeoLocationLon returns an attribute KeyValue conforming to the
+// "geo.location.lon" semantic conventions. It represents the longitude of the
+// geo location in [WGS84].
+//
+// [WGS84]: https://wikipedia.org/wiki/World_Geodetic_System#WGS84
+func GeoLocationLon(val float64) attribute.KeyValue {
+	return GeoLocationLonKey.Float64(val)
+}
+
+// GeoPostalCode returns an attribute KeyValue conforming to the
+// "geo.postal_code" semantic conventions. It represents the postal code
+// associated with the location. Values appropriate for this field may also be
+// known as a postcode or ZIP code and will vary widely from country to country.
+func GeoPostalCode(val string) attribute.KeyValue {
+	return GeoPostalCodeKey.String(val)
+}
+
+// GeoRegionIsoCode returns an attribute KeyValue conforming to the
+// "geo.region.iso_code" semantic conventions. It represents the region ISO code
+// ([ISO 3166-2]).
+//
+// [ISO 3166-2]: https://wikipedia.org/wiki/ISO_3166-2
+func GeoRegionIsoCode(val string) attribute.KeyValue {
+	return GeoRegionIsoCodeKey.String(val)
+}
+
+// Enum values for geo.continent.code
+var (
+	// Africa
+	// Stability: development
+	GeoContinentCodeAf = GeoContinentCodeKey.String("AF")
+	// Antarctica
+	// Stability: development
+	GeoContinentCodeAn = GeoContinentCodeKey.String("AN")
+	// Asia
+	// Stability: development
+	GeoContinentCodeAs = GeoContinentCodeKey.String("AS")
+	// Europe
+	// Stability: development
+	GeoContinentCodeEu = GeoContinentCodeKey.String("EU")
+	// North America
+	// Stability: development
+	GeoContinentCodeNa = GeoContinentCodeKey.String("NA")
+	// Oceania
+	// Stability: development
+	GeoContinentCodeOc = GeoContinentCodeKey.String("OC")
+	// South America
+	// Stability: development
+	GeoContinentCodeSa = GeoContinentCodeKey.String("SA")
+)
+
+// Namespace: go
+const (
+	// GoMemoryTypeKey is the attribute Key conforming to the "go.memory.type"
+	// semantic conventions. It represents the type of memory.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "other", "stack"
+	GoMemoryTypeKey = attribute.Key("go.memory.type")
+)
+
+// Enum values for go.memory.type
+var (
+	// Memory allocated from the heap that is reserved for stack space, whether or
+	// not it is currently in-use.
+	// Stability: development
+	GoMemoryTypeStack = GoMemoryTypeKey.String("stack")
+	// Memory used by the Go runtime, excluding other categories of memory usage
+	// described in this enumeration.
+	// Stability: development
+	GoMemoryTypeOther = GoMemoryTypeKey.String("other")
+)
+
+// Namespace: graphql
+const (
+	// GraphqlDocumentKey is the attribute Key conforming to the "graphql.document"
+	// semantic conventions. It represents the GraphQL document being executed.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: query findBookById { bookById(id: ?) { name } }
+	// Note: The value may be sanitized to exclude sensitive information.
+	GraphqlDocumentKey = attribute.Key("graphql.document")
+
+	// GraphqlOperationNameKey is the attribute Key conforming to the
+	// "graphql.operation.name" semantic conventions. It represents the name of the
+	// operation being executed.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: findBookById
+	GraphqlOperationNameKey = attribute.Key("graphql.operation.name")
+
+	// GraphqlOperationTypeKey is the attribute Key conforming to the
+	// "graphql.operation.type" semantic conventions. It represents the type of the
+	// operation being executed.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "query", "mutation", "subscription"
+	GraphqlOperationTypeKey = attribute.Key("graphql.operation.type")
+)
+
+// GraphqlDocument returns an attribute KeyValue conforming to the
+// "graphql.document" semantic conventions. It represents the GraphQL document
+// being executed.
+func GraphqlDocument(val string) attribute.KeyValue {
+	return GraphqlDocumentKey.String(val)
+}
+
+// GraphqlOperationName returns an attribute KeyValue conforming to the
+// "graphql.operation.name" semantic conventions. It represents the name of the
+// operation being executed.
+func GraphqlOperationName(val string) attribute.KeyValue {
+	return GraphqlOperationNameKey.String(val)
+}
+
+// Enum values for graphql.operation.type
+var (
+	// GraphQL query
+	// Stability: development
+	GraphqlOperationTypeQuery = GraphqlOperationTypeKey.String("query")
+	// GraphQL mutation
+	// Stability: development
+	GraphqlOperationTypeMutation = GraphqlOperationTypeKey.String("mutation")
+	// GraphQL subscription
+	// Stability: development
+	GraphqlOperationTypeSubscription = GraphqlOperationTypeKey.String("subscription")
+)
+
+// Namespace: heroku
+const (
+	// HerokuAppIDKey is the attribute Key conforming to the "heroku.app.id"
+	// semantic conventions. It represents the unique identifier for the
+	// application.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2daa2797-e42b-4624-9322-ec3f968df4da"
+	HerokuAppIDKey = attribute.Key("heroku.app.id")
+
+	// HerokuReleaseCommitKey is the attribute Key conforming to the
+	// "heroku.release.commit" semantic conventions. It represents the commit hash
+	// for the current release.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "e6134959463efd8966b20e75b913cafe3f5ec"
+	HerokuReleaseCommitKey = attribute.Key("heroku.release.commit")
+
+	// HerokuReleaseCreationTimestampKey is the attribute Key conforming to the
+	// "heroku.release.creation_timestamp" semantic conventions. It represents the
+	// time and date the release was created.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2022-10-23T18:00:42Z"
+	HerokuReleaseCreationTimestampKey = attribute.Key("heroku.release.creation_timestamp")
+)
+
+// HerokuAppID returns an attribute KeyValue conforming to the "heroku.app.id"
+// semantic conventions. It represents the unique identifier for the application.
+func HerokuAppID(val string) attribute.KeyValue {
+	return HerokuAppIDKey.String(val)
+}
+
+// HerokuReleaseCommit returns an attribute KeyValue conforming to the
+// "heroku.release.commit" semantic conventions. It represents the commit hash
+// for the current release.
+func HerokuReleaseCommit(val string) attribute.KeyValue {
+	return HerokuReleaseCommitKey.String(val)
+}
+
+// HerokuReleaseCreationTimestamp returns an attribute KeyValue conforming to the
+// "heroku.release.creation_timestamp" semantic conventions. It represents the
+// time and date the release was created.
+func HerokuReleaseCreationTimestamp(val string) attribute.KeyValue {
+	return HerokuReleaseCreationTimestampKey.String(val)
+}
+
+// Namespace: host
+const (
+	// HostArchKey is the attribute Key conforming to the "host.arch" semantic
+	// conventions. It represents the CPU architecture the host system is running
+	// on.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	HostArchKey = attribute.Key("host.arch")
+
+	// HostCPUCacheL2SizeKey is the attribute Key conforming to the
+	// "host.cpu.cache.l2.size" semantic conventions. It represents the amount of
+	// level 2 memory cache available to the processor (in Bytes).
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 12288000
+	HostCPUCacheL2SizeKey = attribute.Key("host.cpu.cache.l2.size")
+
+	// HostCPUFamilyKey is the attribute Key conforming to the "host.cpu.family"
+	// semantic conventions. It represents the family or generation of the CPU.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "6", "PA-RISC 1.1e"
+	HostCPUFamilyKey = attribute.Key("host.cpu.family")
+
+	// HostCPUModelIDKey is the attribute Key conforming to the "host.cpu.model.id"
+	// semantic conventions. It represents the model identifier. It provides more
+	// granular information about the CPU, distinguishing it from other CPUs within
+	// the same family.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "6", "9000/778/B180L"
+	HostCPUModelIDKey = attribute.Key("host.cpu.model.id")
+
+	// HostCPUModelNameKey is the attribute Key conforming to the
+	// "host.cpu.model.name" semantic conventions. It represents the model
+	// designation of the processor.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "11th Gen Intel(R) Core(TM) i7-1185G7 @ 3.00GHz"
+	HostCPUModelNameKey = attribute.Key("host.cpu.model.name")
+
+	// HostCPUSteppingKey is the attribute Key conforming to the "host.cpu.stepping"
+	// semantic conventions. It represents the stepping or core revisions.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1", "r1p1"
+	HostCPUSteppingKey = attribute.Key("host.cpu.stepping")
+
+	// HostCPUVendorIDKey is the attribute Key conforming to the
+	// "host.cpu.vendor.id" semantic conventions. It represents the processor
+	// manufacturer identifier. A maximum 12-character string.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "GenuineIntel"
+	// Note: [CPUID] command returns the vendor ID string in EBX, EDX and ECX
+	// registers. Writing these to memory in this order results in a 12-character
+	// string.
+	//
+	// [CPUID]: https://wiki.osdev.org/CPUID
+	HostCPUVendorIDKey = attribute.Key("host.cpu.vendor.id")
+
+	// HostIDKey is the attribute Key conforming to the "host.id" semantic
+	// conventions. It represents the unique host ID. For Cloud, this must be the
+	// instance_id assigned by the cloud provider. For non-containerized systems,
+	// this should be the `machine-id`. See the table below for the sources to use
+	// to determine the `machine-id` based on operating system.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "fdbf79e8af94cb7f9e8df36789187052"
+	HostIDKey = attribute.Key("host.id")
+
+	// HostImageIDKey is the attribute Key conforming to the "host.image.id"
+	// semantic conventions. It represents the vM image ID or host OS image ID. For
+	// Cloud, this value is from the provider.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "ami-07b06b442921831e5"
+	HostImageIDKey = attribute.Key("host.image.id")
+
+	// HostImageNameKey is the attribute Key conforming to the "host.image.name"
+	// semantic conventions. It represents the name of the VM image or OS install
+	// the host was instantiated from.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "infra-ami-eks-worker-node-7d4ec78312", "CentOS-8-x86_64-1905"
+	HostImageNameKey = attribute.Key("host.image.name")
+
+	// HostImageVersionKey is the attribute Key conforming to the
+	// "host.image.version" semantic conventions. It represents the version string
+	// of the VM image or host OS as defined in [Version Attributes].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "0.1"
+	//
+	// [Version Attributes]: /docs/resource/README.md#version-attributes
+	HostImageVersionKey = attribute.Key("host.image.version")
+
+	// HostIPKey is the attribute Key conforming to the "host.ip" semantic
+	// conventions. It represents the available IP addresses of the host, excluding
+	// loopback interfaces.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "192.168.1.140", "fe80::abc2:4a28:737a:609e"
+	// Note: IPv4 Addresses MUST be specified in dotted-quad notation. IPv6
+	// addresses MUST be specified in the [RFC 5952] format.
+	//
+	// [RFC 5952]: https://www.rfc-editor.org/rfc/rfc5952.html
+	HostIPKey = attribute.Key("host.ip")
+
+	// HostMacKey is the attribute Key conforming to the "host.mac" semantic
+	// conventions. It represents the available MAC addresses of the host, excluding
+	// loopback interfaces.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "AC-DE-48-23-45-67", "AC-DE-48-23-45-67-01-9F"
+	// Note: MAC Addresses MUST be represented in [IEEE RA hexadecimal form]: as
+	// hyphen-separated octets in uppercase hexadecimal form from most to least
+	// significant.
+	//
+	// [IEEE RA hexadecimal form]: https://standards.ieee.org/wp-content/uploads/import/documents/tutorials/eui.pdf
+	HostMacKey = attribute.Key("host.mac")
+
+	// HostNameKey is the attribute Key conforming to the "host.name" semantic
+	// conventions. It represents the name of the host. On Unix systems, it may
+	// contain what the hostname command returns, or the fully qualified hostname,
+	// or another name specified by the user.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry-test"
+	HostNameKey = attribute.Key("host.name")
+
+	// HostTypeKey is the attribute Key conforming to the "host.type" semantic
+	// conventions. It represents the type of host. For Cloud, this must be the
+	// machine type.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "n1-standard-1"
+	HostTypeKey = attribute.Key("host.type")
+)
+
+// HostCPUCacheL2Size returns an attribute KeyValue conforming to the
+// "host.cpu.cache.l2.size" semantic conventions. It represents the amount of
+// level 2 memory cache available to the processor (in Bytes).
+func HostCPUCacheL2Size(val int) attribute.KeyValue {
+	return HostCPUCacheL2SizeKey.Int(val)
+}
+
+// HostCPUFamily returns an attribute KeyValue conforming to the
+// "host.cpu.family" semantic conventions. It represents the family or generation
+// of the CPU.
+func HostCPUFamily(val string) attribute.KeyValue {
+	return HostCPUFamilyKey.String(val)
+}
+
+// HostCPUModelID returns an attribute KeyValue conforming to the
+// "host.cpu.model.id" semantic conventions. It represents the model identifier.
+// It provides more granular information about the CPU, distinguishing it from
+// other CPUs within the same family.
+func HostCPUModelID(val string) attribute.KeyValue {
+	return HostCPUModelIDKey.String(val)
+}
+
+// HostCPUModelName returns an attribute KeyValue conforming to the
+// "host.cpu.model.name" semantic conventions. It represents the model
+// designation of the processor.
+func HostCPUModelName(val string) attribute.KeyValue {
+	return HostCPUModelNameKey.String(val)
+}
+
+// HostCPUStepping returns an attribute KeyValue conforming to the
+// "host.cpu.stepping" semantic conventions. It represents the stepping or core
+// revisions.
+func HostCPUStepping(val string) attribute.KeyValue {
+	return HostCPUSteppingKey.String(val)
+}
+
+// HostCPUVendorID returns an attribute KeyValue conforming to the
+// "host.cpu.vendor.id" semantic conventions. It represents the processor
+// manufacturer identifier. A maximum 12-character string.
+func HostCPUVendorID(val string) attribute.KeyValue {
+	return HostCPUVendorIDKey.String(val)
+}
+
+// HostID returns an attribute KeyValue conforming to the "host.id" semantic
+// conventions. It represents the unique host ID. For Cloud, this must be the
+// instance_id assigned by the cloud provider. For non-containerized systems,
+// this should be the `machine-id`. See the table below for the sources to use to
+// determine the `machine-id` based on operating system.
+func HostID(val string) attribute.KeyValue {
+	return HostIDKey.String(val)
+}
+
+// HostImageID returns an attribute KeyValue conforming to the "host.image.id"
+// semantic conventions. It represents the vM image ID or host OS image ID. For
+// Cloud, this value is from the provider.
+func HostImageID(val string) attribute.KeyValue {
+	return HostImageIDKey.String(val)
+}
+
+// HostImageName returns an attribute KeyValue conforming to the
+// "host.image.name" semantic conventions. It represents the name of the VM image
+// or OS install the host was instantiated from.
+func HostImageName(val string) attribute.KeyValue {
+	return HostImageNameKey.String(val)
+}
+
+// HostImageVersion returns an attribute KeyValue conforming to the
+// "host.image.version" semantic conventions. It represents the version string of
+// the VM image or host OS as defined in [Version Attributes].
+//
+// [Version Attributes]: /docs/resource/README.md#version-attributes
+func HostImageVersion(val string) attribute.KeyValue {
+	return HostImageVersionKey.String(val)
+}
+
+// HostIP returns an attribute KeyValue conforming to the "host.ip" semantic
+// conventions. It represents the available IP addresses of the host, excluding
+// loopback interfaces.
+func HostIP(val ...string) attribute.KeyValue {
+	return HostIPKey.StringSlice(val)
+}
+
+// HostMac returns an attribute KeyValue conforming to the "host.mac" semantic
+// conventions. It represents the available MAC addresses of the host, excluding
+// loopback interfaces.
+func HostMac(val ...string) attribute.KeyValue {
+	return HostMacKey.StringSlice(val)
+}
+
+// HostName returns an attribute KeyValue conforming to the "host.name" semantic
+// conventions. It represents the name of the host. On Unix systems, it may
+// contain what the hostname command returns, or the fully qualified hostname, or
+// another name specified by the user.
+func HostName(val string) attribute.KeyValue {
+	return HostNameKey.String(val)
+}
+
+// HostType returns an attribute KeyValue conforming to the "host.type" semantic
+// conventions. It represents the type of host. For Cloud, this must be the
+// machine type.
+func HostType(val string) attribute.KeyValue {
+	return HostTypeKey.String(val)
+}
+
+// Enum values for host.arch
+var (
+	// AMD64
+	// Stability: development
+	HostArchAMD64 = HostArchKey.String("amd64")
+	// ARM32
+	// Stability: development
+	HostArchARM32 = HostArchKey.String("arm32")
+	// ARM64
+	// Stability: development
+	HostArchARM64 = HostArchKey.String("arm64")
+	// Itanium
+	// Stability: development
+	HostArchIA64 = HostArchKey.String("ia64")
+	// 32-bit PowerPC
+	// Stability: development
+	HostArchPPC32 = HostArchKey.String("ppc32")
+	// 64-bit PowerPC
+	// Stability: development
+	HostArchPPC64 = HostArchKey.String("ppc64")
+	// IBM z/Architecture
+	// Stability: development
+	HostArchS390x = HostArchKey.String("s390x")
+	// 32-bit x86
+	// Stability: development
+	HostArchX86 = HostArchKey.String("x86")
+)
+
+// Namespace: http
+const (
+	// HTTPConnectionStateKey is the attribute Key conforming to the
+	// "http.connection.state" semantic conventions. It represents the state of the
+	// HTTP connection in the HTTP connection pool.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "active", "idle"
+	HTTPConnectionStateKey = attribute.Key("http.connection.state")
+
+	// HTTPRequestBodySizeKey is the attribute Key conforming to the
+	// "http.request.body.size" semantic conventions. It represents the size of the
+	// request payload body in bytes. This is the number of bytes transferred
+	// excluding headers and is often, but not always, present as the
+	// [Content-Length] header. For requests using transport encoding, this should
+	// be the compressed size.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// [Content-Length]: https://www.rfc-editor.org/rfc/rfc9110.html#field.content-length
+	HTTPRequestBodySizeKey = attribute.Key("http.request.body.size")
+
+	// HTTPRequestMethodKey is the attribute Key conforming to the
+	// "http.request.method" semantic conventions. It represents the hTTP request
+	// method.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "GET", "POST", "HEAD"
+	// Note: HTTP request method value SHOULD be "known" to the instrumentation.
+	// By default, this convention defines "known" methods as the ones listed in
+	// [RFC9110]
+	// and the PATCH method defined in [RFC5789].
+	//
+	// If the HTTP request method is not known to instrumentation, it MUST set the
+	// `http.request.method` attribute to `_OTHER`.
+	//
+	// If the HTTP instrumentation could end up converting valid HTTP request
+	// methods to `_OTHER`, then it MUST provide a way to override
+	// the list of known HTTP methods. If this override is done via environment
+	// variable, then the environment variable MUST be named
+	// OTEL_INSTRUMENTATION_HTTP_KNOWN_METHODS and support a comma-separated list of
+	// case-sensitive known HTTP methods
+	// (this list MUST be a full override of the default known method, it is not a
+	// list of known methods in addition to the defaults).
+	//
+	// HTTP method names are case-sensitive and `http.request.method` attribute
+	// value MUST match a known HTTP method name exactly.
+	// Instrumentations for specific web frameworks that consider HTTP methods to be
+	// case insensitive, SHOULD populate a canonical equivalent.
+	// Tracing instrumentations that do so, MUST also set
+	// `http.request.method_original` to the original value.
+	//
+	// [RFC9110]: https://www.rfc-editor.org/rfc/rfc9110.html#name-methods
+	// [RFC5789]: https://www.rfc-editor.org/rfc/rfc5789.html
+	HTTPRequestMethodKey = attribute.Key("http.request.method")
+
+	// HTTPRequestMethodOriginalKey is the attribute Key conforming to the
+	// "http.request.method_original" semantic conventions. It represents the
+	// original HTTP method sent by the client in the request line.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "GeT", "ACL", "foo"
+	HTTPRequestMethodOriginalKey = attribute.Key("http.request.method_original")
+
+	// HTTPRequestResendCountKey is the attribute Key conforming to the
+	// "http.request.resend_count" semantic conventions. It represents the ordinal
+	// number of request resending attempt (for any reason, including redirects).
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Note: The resend count SHOULD be updated each time an HTTP request gets
+	// resent by the client, regardless of what was the cause of the resending (e.g.
+	// redirection, authorization failure, 503 Server Unavailable, network issues,
+	// or any other).
+	HTTPRequestResendCountKey = attribute.Key("http.request.resend_count")
+
+	// HTTPRequestSizeKey is the attribute Key conforming to the "http.request.size"
+	// semantic conventions. It represents the total size of the request in bytes.
+	// This should be the total number of bytes sent over the wire, including the
+	// request line (HTTP/1.1), framing (HTTP/2 and HTTP/3), headers, and request
+	// body if any.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	HTTPRequestSizeKey = attribute.Key("http.request.size")
+
+	// HTTPResponseBodySizeKey is the attribute Key conforming to the
+	// "http.response.body.size" semantic conventions. It represents the size of the
+	// response payload body in bytes. This is the number of bytes transferred
+	// excluding headers and is often, but not always, present as the
+	// [Content-Length] header. For requests using transport encoding, this should
+	// be the compressed size.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// [Content-Length]: https://www.rfc-editor.org/rfc/rfc9110.html#field.content-length
+	HTTPResponseBodySizeKey = attribute.Key("http.response.body.size")
+
+	// HTTPResponseSizeKey is the attribute Key conforming to the
+	// "http.response.size" semantic conventions. It represents the total size of
+	// the response in bytes. This should be the total number of bytes sent over the
+	// wire, including the status line (HTTP/1.1), framing (HTTP/2 and HTTP/3),
+	// headers, and response body and trailers if any.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	HTTPResponseSizeKey = attribute.Key("http.response.size")
+
+	// HTTPResponseStatusCodeKey is the attribute Key conforming to the
+	// "http.response.status_code" semantic conventions. It represents the
+	// [HTTP response status code].
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: 200
+	//
+	// [HTTP response status code]: https://tools.ietf.org/html/rfc7231#section-6
+	HTTPResponseStatusCodeKey = attribute.Key("http.response.status_code")
+
+	// HTTPRouteKey is the attribute Key conforming to the "http.route" semantic
+	// conventions. It represents the matched route, that is, the path template in
+	// the format used by the respective server framework.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "/users/:userID?", "{controller}/{action}/{id?}"
+	// Note: MUST NOT be populated when this is not supported by the HTTP server
+	// framework as the route attribute should have low-cardinality and the URI path
+	// can NOT substitute it.
+	// SHOULD include the [application root] if there is one.
+	//
+	// [application root]: /docs/http/http-spans.md#http-server-definitions
+	HTTPRouteKey = attribute.Key("http.route")
+)
+
+// HTTPRequestBodySize returns an attribute KeyValue conforming to the
+// "http.request.body.size" semantic conventions. It represents the size of the
+// request payload body in bytes. This is the number of bytes transferred
+// excluding headers and is often, but not always, present as the
+// [Content-Length] header. For requests using transport encoding, this should be
+// the compressed size.
+//
+// [Content-Length]: https://www.rfc-editor.org/rfc/rfc9110.html#field.content-length
+func HTTPRequestBodySize(val int) attribute.KeyValue {
+	return HTTPRequestBodySizeKey.Int(val)
+}
+
+// HTTPRequestMethodOriginal returns an attribute KeyValue conforming to the
+// "http.request.method_original" semantic conventions. It represents the
+// original HTTP method sent by the client in the request line.
+func HTTPRequestMethodOriginal(val string) attribute.KeyValue {
+	return HTTPRequestMethodOriginalKey.String(val)
+}
+
+// HTTPRequestResendCount returns an attribute KeyValue conforming to the
+// "http.request.resend_count" semantic conventions. It represents the ordinal
+// number of request resending attempt (for any reason, including redirects).
+func HTTPRequestResendCount(val int) attribute.KeyValue {
+	return HTTPRequestResendCountKey.Int(val)
+}
+
+// HTTPRequestSize returns an attribute KeyValue conforming to the
+// "http.request.size" semantic conventions. It represents the total size of the
+// request in bytes. This should be the total number of bytes sent over the wire,
+// including the request line (HTTP/1.1), framing (HTTP/2 and HTTP/3), headers,
+// and request body if any.
+func HTTPRequestSize(val int) attribute.KeyValue {
+	return HTTPRequestSizeKey.Int(val)
+}
+
+// HTTPResponseBodySize returns an attribute KeyValue conforming to the
+// "http.response.body.size" semantic conventions. It represents the size of the
+// response payload body in bytes. This is the number of bytes transferred
+// excluding headers and is often, but not always, present as the
+// [Content-Length] header. For requests using transport encoding, this should be
+// the compressed size.
+//
+// [Content-Length]: https://www.rfc-editor.org/rfc/rfc9110.html#field.content-length
+func HTTPResponseBodySize(val int) attribute.KeyValue {
+	return HTTPResponseBodySizeKey.Int(val)
+}
+
+// HTTPResponseSize returns an attribute KeyValue conforming to the
+// "http.response.size" semantic conventions. It represents the total size of the
+// response in bytes. This should be the total number of bytes sent over the
+// wire, including the status line (HTTP/1.1), framing (HTTP/2 and HTTP/3),
+// headers, and response body and trailers if any.
+func HTTPResponseSize(val int) attribute.KeyValue {
+	return HTTPResponseSizeKey.Int(val)
+}
+
+// HTTPResponseStatusCode returns an attribute KeyValue conforming to the
+// "http.response.status_code" semantic conventions. It represents the
+// [HTTP response status code].
+//
+// [HTTP response status code]: https://tools.ietf.org/html/rfc7231#section-6
+func HTTPResponseStatusCode(val int) attribute.KeyValue {
+	return HTTPResponseStatusCodeKey.Int(val)
+}
+
+// HTTPRoute returns an attribute KeyValue conforming to the "http.route"
+// semantic conventions. It represents the matched route, that is, the path
+// template in the format used by the respective server framework.
+func HTTPRoute(val string) attribute.KeyValue {
+	return HTTPRouteKey.String(val)
+}
+
+// Enum values for http.connection.state
+var (
+	// active state.
+	// Stability: development
+	HTTPConnectionStateActive = HTTPConnectionStateKey.String("active")
+	// idle state.
+	// Stability: development
+	HTTPConnectionStateIdle = HTTPConnectionStateKey.String("idle")
+)
+
+// Enum values for http.request.method
+var (
+	// CONNECT method.
+	// Stability: stable
+	HTTPRequestMethodConnect = HTTPRequestMethodKey.String("CONNECT")
+	// DELETE method.
+	// Stability: stable
+	HTTPRequestMethodDelete = HTTPRequestMethodKey.String("DELETE")
+	// GET method.
+	// Stability: stable
+	HTTPRequestMethodGet = HTTPRequestMethodKey.String("GET")
+	// HEAD method.
+	// Stability: stable
+	HTTPRequestMethodHead = HTTPRequestMethodKey.String("HEAD")
+	// OPTIONS method.
+	// Stability: stable
+	HTTPRequestMethodOptions = HTTPRequestMethodKey.String("OPTIONS")
+	// PATCH method.
+	// Stability: stable
+	HTTPRequestMethodPatch = HTTPRequestMethodKey.String("PATCH")
+	// POST method.
+	// Stability: stable
+	HTTPRequestMethodPost = HTTPRequestMethodKey.String("POST")
+	// PUT method.
+	// Stability: stable
+	HTTPRequestMethodPut = HTTPRequestMethodKey.String("PUT")
+	// TRACE method.
+	// Stability: stable
+	HTTPRequestMethodTrace = HTTPRequestMethodKey.String("TRACE")
+	// Any HTTP method that the instrumentation has no prior knowledge of.
+	// Stability: stable
+	HTTPRequestMethodOther = HTTPRequestMethodKey.String("_OTHER")
+)
+
+// Namespace: hw
+const (
+	// HwIDKey is the attribute Key conforming to the "hw.id" semantic conventions.
+	// It represents an identifier for the hardware component, unique within the
+	// monitored host.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "win32battery_battery_testsysa33_1"
+	HwIDKey = attribute.Key("hw.id")
+
+	// HwNameKey is the attribute Key conforming to the "hw.name" semantic
+	// conventions. It represents an easily-recognizable name for the hardware
+	// component.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "eth0"
+	HwNameKey = attribute.Key("hw.name")
+
+	// HwParentKey is the attribute Key conforming to the "hw.parent" semantic
+	// conventions. It represents the unique identifier of the parent component
+	// (typically the `hw.id` attribute of the enclosure, or disk controller).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "dellStorage_perc_0"
+	HwParentKey = attribute.Key("hw.parent")
+
+	// HwStateKey is the attribute Key conforming to the "hw.state" semantic
+	// conventions. It represents the current state of the component.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	HwStateKey = attribute.Key("hw.state")
+
+	// HwTypeKey is the attribute Key conforming to the "hw.type" semantic
+	// conventions. It represents the type of the component.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// Note: Describes the category of the hardware component for which `hw.state`
+	// is being reported. For example, `hw.type=temperature` along with
+	// `hw.state=degraded` would indicate that the temperature of the hardware
+	// component has been reported as `degraded`.
+	HwTypeKey = attribute.Key("hw.type")
+)
+
+// HwID returns an attribute KeyValue conforming to the "hw.id" semantic
+// conventions. It represents an identifier for the hardware component, unique
+// within the monitored host.
+func HwID(val string) attribute.KeyValue {
+	return HwIDKey.String(val)
+}
+
+// HwName returns an attribute KeyValue conforming to the "hw.name" semantic
+// conventions. It represents an easily-recognizable name for the hardware
+// component.
+func HwName(val string) attribute.KeyValue {
+	return HwNameKey.String(val)
+}
+
+// HwParent returns an attribute KeyValue conforming to the "hw.parent" semantic
+// conventions. It represents the unique identifier of the parent component
+// (typically the `hw.id` attribute of the enclosure, or disk controller).
+func HwParent(val string) attribute.KeyValue {
+	return HwParentKey.String(val)
+}
+
+// Enum values for hw.state
+var (
+	// Ok
+	// Stability: development
+	HwStateOk = HwStateKey.String("ok")
+	// Degraded
+	// Stability: development
+	HwStateDegraded = HwStateKey.String("degraded")
+	// Failed
+	// Stability: development
+	HwStateFailed = HwStateKey.String("failed")
+)
+
+// Enum values for hw.type
+var (
+	// Battery
+	// Stability: development
+	HwTypeBattery = HwTypeKey.String("battery")
+	// CPU
+	// Stability: development
+	HwTypeCPU = HwTypeKey.String("cpu")
+	// Disk controller
+	// Stability: development
+	HwTypeDiskController = HwTypeKey.String("disk_controller")
+	// Enclosure
+	// Stability: development
+	HwTypeEnclosure = HwTypeKey.String("enclosure")
+	// Fan
+	// Stability: development
+	HwTypeFan = HwTypeKey.String("fan")
+	// GPU
+	// Stability: development
+	HwTypeGpu = HwTypeKey.String("gpu")
+	// Logical disk
+	// Stability: development
+	HwTypeLogicalDisk = HwTypeKey.String("logical_disk")
+	// Memory
+	// Stability: development
+	HwTypeMemory = HwTypeKey.String("memory")
+	// Network
+	// Stability: development
+	HwTypeNetwork = HwTypeKey.String("network")
+	// Physical disk
+	// Stability: development
+	HwTypePhysicalDisk = HwTypeKey.String("physical_disk")
+	// Power supply
+	// Stability: development
+	HwTypePowerSupply = HwTypeKey.String("power_supply")
+	// Tape drive
+	// Stability: development
+	HwTypeTapeDrive = HwTypeKey.String("tape_drive")
+	// Temperature
+	// Stability: development
+	HwTypeTemperature = HwTypeKey.String("temperature")
+	// Voltage
+	// Stability: development
+	HwTypeVoltage = HwTypeKey.String("voltage")
+)
+
+// Namespace: k8s
+const (
+	// K8SClusterNameKey is the attribute Key conforming to the "k8s.cluster.name"
+	// semantic conventions. It represents the name of the cluster.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry-cluster"
+	K8SClusterNameKey = attribute.Key("k8s.cluster.name")
+
+	// K8SClusterUIDKey is the attribute Key conforming to the "k8s.cluster.uid"
+	// semantic conventions. It represents a pseudo-ID for the cluster, set to the
+	// UID of the `kube-system` namespace.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "218fc5a9-a5f1-4b54-aa05-46717d0ab26d"
+	// Note: K8s doesn't have support for obtaining a cluster ID. If this is ever
+	// added, we will recommend collecting the `k8s.cluster.uid` through the
+	// official APIs. In the meantime, we are able to use the `uid` of the
+	// `kube-system` namespace as a proxy for cluster ID. Read on for the
+	// rationale.
+	//
+	// Every object created in a K8s cluster is assigned a distinct UID. The
+	// `kube-system` namespace is used by Kubernetes itself and will exist
+	// for the lifetime of the cluster. Using the `uid` of the `kube-system`
+	// namespace is a reasonable proxy for the K8s ClusterID as it will only
+	// change if the cluster is rebuilt. Furthermore, Kubernetes UIDs are
+	// UUIDs as standardized by
+	// [ISO/IEC 9834-8 and ITU-T X.667].
+	// Which states:
+	//
+	// > If generated according to one of the mechanisms defined in Rec.
+	// > ITU-T X.667 | ISO/IEC 9834-8, a UUID is either guaranteed to be
+	// > different from all other UUIDs generated before 3603 A.D., or is
+	// > extremely likely to be different (depending on the mechanism chosen).
+	//
+	// Therefore, UIDs between clusters should be extremely unlikely to
+	// conflict.
+	//
+	// [ISO/IEC 9834-8 and ITU-T X.667]: https://www.itu.int/ITU-T/studygroups/com17/oid.html
+	K8SClusterUIDKey = attribute.Key("k8s.cluster.uid")
+
+	// K8SContainerNameKey is the attribute Key conforming to the
+	// "k8s.container.name" semantic conventions. It represents the name of the
+	// Container from Pod specification, must be unique within a Pod. Container
+	// runtime usually uses different globally unique name (`container.name`).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "redis"
+	K8SContainerNameKey = attribute.Key("k8s.container.name")
+
+	// K8SContainerRestartCountKey is the attribute Key conforming to the
+	// "k8s.container.restart_count" semantic conventions. It represents the number
+	// of times the container was restarted. This attribute can be used to identify
+	// a particular container (running or stopped) within a container spec.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	K8SContainerRestartCountKey = attribute.Key("k8s.container.restart_count")
+
+	// K8SContainerStatusLastTerminatedReasonKey is the attribute Key conforming to
+	// the "k8s.container.status.last_terminated_reason" semantic conventions. It
+	// represents the last terminated reason of the Container.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Evicted", "Error"
+	K8SContainerStatusLastTerminatedReasonKey = attribute.Key("k8s.container.status.last_terminated_reason")
+
+	// K8SCronJobNameKey is the attribute Key conforming to the "k8s.cronjob.name"
+	// semantic conventions. It represents the name of the CronJob.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry"
+	K8SCronJobNameKey = attribute.Key("k8s.cronjob.name")
+
+	// K8SCronJobUIDKey is the attribute Key conforming to the "k8s.cronjob.uid"
+	// semantic conventions. It represents the UID of the CronJob.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "275ecb36-5aa8-4c2a-9c47-d8bb681b9aff"
+	K8SCronJobUIDKey = attribute.Key("k8s.cronjob.uid")
+
+	// K8SDaemonSetNameKey is the attribute Key conforming to the
+	// "k8s.daemonset.name" semantic conventions. It represents the name of the
+	// DaemonSet.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry"
+	K8SDaemonSetNameKey = attribute.Key("k8s.daemonset.name")
+
+	// K8SDaemonSetUIDKey is the attribute Key conforming to the "k8s.daemonset.uid"
+	// semantic conventions. It represents the UID of the DaemonSet.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "275ecb36-5aa8-4c2a-9c47-d8bb681b9aff"
+	K8SDaemonSetUIDKey = attribute.Key("k8s.daemonset.uid")
+
+	// K8SDeploymentNameKey is the attribute Key conforming to the
+	// "k8s.deployment.name" semantic conventions. It represents the name of the
+	// Deployment.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry"
+	K8SDeploymentNameKey = attribute.Key("k8s.deployment.name")
+
+	// K8SDeploymentUIDKey is the attribute Key conforming to the
+	// "k8s.deployment.uid" semantic conventions. It represents the UID of the
+	// Deployment.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "275ecb36-5aa8-4c2a-9c47-d8bb681b9aff"
+	K8SDeploymentUIDKey = attribute.Key("k8s.deployment.uid")
+
+	// K8SJobNameKey is the attribute Key conforming to the "k8s.job.name" semantic
+	// conventions. It represents the name of the Job.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry"
+	K8SJobNameKey = attribute.Key("k8s.job.name")
+
+	// K8SJobUIDKey is the attribute Key conforming to the "k8s.job.uid" semantic
+	// conventions. It represents the UID of the Job.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "275ecb36-5aa8-4c2a-9c47-d8bb681b9aff"
+	K8SJobUIDKey = attribute.Key("k8s.job.uid")
+
+	// K8SNamespaceNameKey is the attribute Key conforming to the
+	// "k8s.namespace.name" semantic conventions. It represents the name of the
+	// namespace that the pod is running in.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "default"
+	K8SNamespaceNameKey = attribute.Key("k8s.namespace.name")
+
+	// K8SNamespacePhaseKey is the attribute Key conforming to the
+	// "k8s.namespace.phase" semantic conventions. It represents the phase of the
+	// K8s namespace.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "active", "terminating"
+	// Note: This attribute aligns with the `phase` field of the
+	// [K8s NamespaceStatus]
+	//
+	// [K8s NamespaceStatus]: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#namespacestatus-v1-core
+	K8SNamespacePhaseKey = attribute.Key("k8s.namespace.phase")
+
+	// K8SNodeNameKey is the attribute Key conforming to the "k8s.node.name"
+	// semantic conventions. It represents the name of the Node.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "node-1"
+	K8SNodeNameKey = attribute.Key("k8s.node.name")
+
+	// K8SNodeUIDKey is the attribute Key conforming to the "k8s.node.uid" semantic
+	// conventions. It represents the UID of the Node.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1eb3a0c6-0477-4080-a9cb-0cb7db65c6a2"
+	K8SNodeUIDKey = attribute.Key("k8s.node.uid")
+
+	// K8SPodNameKey is the attribute Key conforming to the "k8s.pod.name" semantic
+	// conventions. It represents the name of the Pod.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry-pod-autoconf"
+	K8SPodNameKey = attribute.Key("k8s.pod.name")
+
+	// K8SPodUIDKey is the attribute Key conforming to the "k8s.pod.uid" semantic
+	// conventions. It represents the UID of the Pod.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "275ecb36-5aa8-4c2a-9c47-d8bb681b9aff"
+	K8SPodUIDKey = attribute.Key("k8s.pod.uid")
+
+	// K8SReplicaSetNameKey is the attribute Key conforming to the
+	// "k8s.replicaset.name" semantic conventions. It represents the name of the
+	// ReplicaSet.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry"
+	K8SReplicaSetNameKey = attribute.Key("k8s.replicaset.name")
+
+	// K8SReplicaSetUIDKey is the attribute Key conforming to the
+	// "k8s.replicaset.uid" semantic conventions. It represents the UID of the
+	// ReplicaSet.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "275ecb36-5aa8-4c2a-9c47-d8bb681b9aff"
+	K8SReplicaSetUIDKey = attribute.Key("k8s.replicaset.uid")
+
+	// K8SStatefulSetNameKey is the attribute Key conforming to the
+	// "k8s.statefulset.name" semantic conventions. It represents the name of the
+	// StatefulSet.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "opentelemetry"
+	K8SStatefulSetNameKey = attribute.Key("k8s.statefulset.name")
+
+	// K8SStatefulSetUIDKey is the attribute Key conforming to the
+	// "k8s.statefulset.uid" semantic conventions. It represents the UID of the
+	// StatefulSet.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "275ecb36-5aa8-4c2a-9c47-d8bb681b9aff"
+	K8SStatefulSetUIDKey = attribute.Key("k8s.statefulset.uid")
+
+	// K8SVolumeNameKey is the attribute Key conforming to the "k8s.volume.name"
+	// semantic conventions. It represents the name of the K8s volume.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "volume0"
+	K8SVolumeNameKey = attribute.Key("k8s.volume.name")
+
+	// K8SVolumeTypeKey is the attribute Key conforming to the "k8s.volume.type"
+	// semantic conventions. It represents the type of the K8s volume.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "emptyDir", "persistentVolumeClaim"
+	K8SVolumeTypeKey = attribute.Key("k8s.volume.type")
+)
+
+// K8SClusterName returns an attribute KeyValue conforming to the
+// "k8s.cluster.name" semantic conventions. It represents the name of the
+// cluster.
+func K8SClusterName(val string) attribute.KeyValue {
+	return K8SClusterNameKey.String(val)
+}
+
+// K8SClusterUID returns an attribute KeyValue conforming to the
+// "k8s.cluster.uid" semantic conventions. It represents a pseudo-ID for the
+// cluster, set to the UID of the `kube-system` namespace.
+func K8SClusterUID(val string) attribute.KeyValue {
+	return K8SClusterUIDKey.String(val)
+}
+
+// K8SContainerName returns an attribute KeyValue conforming to the
+// "k8s.container.name" semantic conventions. It represents the name of the
+// Container from Pod specification, must be unique within a Pod. Container
+// runtime usually uses different globally unique name (`container.name`).
+func K8SContainerName(val string) attribute.KeyValue {
+	return K8SContainerNameKey.String(val)
+}
+
+// K8SContainerRestartCount returns an attribute KeyValue conforming to the
+// "k8s.container.restart_count" semantic conventions. It represents the number
+// of times the container was restarted. This attribute can be used to identify a
+// particular container (running or stopped) within a container spec.
+func K8SContainerRestartCount(val int) attribute.KeyValue {
+	return K8SContainerRestartCountKey.Int(val)
+}
+
+// K8SContainerStatusLastTerminatedReason returns an attribute KeyValue
+// conforming to the "k8s.container.status.last_terminated_reason" semantic
+// conventions. It represents the last terminated reason of the Container.
+func K8SContainerStatusLastTerminatedReason(val string) attribute.KeyValue {
+	return K8SContainerStatusLastTerminatedReasonKey.String(val)
+}
+
+// K8SCronJobName returns an attribute KeyValue conforming to the
+// "k8s.cronjob.name" semantic conventions. It represents the name of the
+// CronJob.
+func K8SCronJobName(val string) attribute.KeyValue {
+	return K8SCronJobNameKey.String(val)
+}
+
+// K8SCronJobUID returns an attribute KeyValue conforming to the
+// "k8s.cronjob.uid" semantic conventions. It represents the UID of the CronJob.
+func K8SCronJobUID(val string) attribute.KeyValue {
+	return K8SCronJobUIDKey.String(val)
+}
+
+// K8SDaemonSetName returns an attribute KeyValue conforming to the
+// "k8s.daemonset.name" semantic conventions. It represents the name of the
+// DaemonSet.
+func K8SDaemonSetName(val string) attribute.KeyValue {
+	return K8SDaemonSetNameKey.String(val)
+}
+
+// K8SDaemonSetUID returns an attribute KeyValue conforming to the
+// "k8s.daemonset.uid" semantic conventions. It represents the UID of the
+// DaemonSet.
+func K8SDaemonSetUID(val string) attribute.KeyValue {
+	return K8SDaemonSetUIDKey.String(val)
+}
+
+// K8SDeploymentName returns an attribute KeyValue conforming to the
+// "k8s.deployment.name" semantic conventions. It represents the name of the
+// Deployment.
+func K8SDeploymentName(val string) attribute.KeyValue {
+	return K8SDeploymentNameKey.String(val)
+}
+
+// K8SDeploymentUID returns an attribute KeyValue conforming to the
+// "k8s.deployment.uid" semantic conventions. It represents the UID of the
+// Deployment.
+func K8SDeploymentUID(val string) attribute.KeyValue {
+	return K8SDeploymentUIDKey.String(val)
+}
+
+// K8SJobName returns an attribute KeyValue conforming to the "k8s.job.name"
+// semantic conventions. It represents the name of the Job.
+func K8SJobName(val string) attribute.KeyValue {
+	return K8SJobNameKey.String(val)
+}
+
+// K8SJobUID returns an attribute KeyValue conforming to the "k8s.job.uid"
+// semantic conventions. It represents the UID of the Job.
+func K8SJobUID(val string) attribute.KeyValue {
+	return K8SJobUIDKey.String(val)
+}
+
+// K8SNamespaceName returns an attribute KeyValue conforming to the
+// "k8s.namespace.name" semantic conventions. It represents the name of the
+// namespace that the pod is running in.
+func K8SNamespaceName(val string) attribute.KeyValue {
+	return K8SNamespaceNameKey.String(val)
+}
+
+// K8SNodeName returns an attribute KeyValue conforming to the "k8s.node.name"
+// semantic conventions. It represents the name of the Node.
+func K8SNodeName(val string) attribute.KeyValue {
+	return K8SNodeNameKey.String(val)
+}
+
+// K8SNodeUID returns an attribute KeyValue conforming to the "k8s.node.uid"
+// semantic conventions. It represents the UID of the Node.
+func K8SNodeUID(val string) attribute.KeyValue {
+	return K8SNodeUIDKey.String(val)
+}
+
+// K8SPodName returns an attribute KeyValue conforming to the "k8s.pod.name"
+// semantic conventions. It represents the name of the Pod.
+func K8SPodName(val string) attribute.KeyValue {
+	return K8SPodNameKey.String(val)
+}
+
+// K8SPodUID returns an attribute KeyValue conforming to the "k8s.pod.uid"
+// semantic conventions. It represents the UID of the Pod.
+func K8SPodUID(val string) attribute.KeyValue {
+	return K8SPodUIDKey.String(val)
+}
+
+// K8SReplicaSetName returns an attribute KeyValue conforming to the
+// "k8s.replicaset.name" semantic conventions. It represents the name of the
+// ReplicaSet.
+func K8SReplicaSetName(val string) attribute.KeyValue {
+	return K8SReplicaSetNameKey.String(val)
+}
+
+// K8SReplicaSetUID returns an attribute KeyValue conforming to the
+// "k8s.replicaset.uid" semantic conventions. It represents the UID of the
+// ReplicaSet.
+func K8SReplicaSetUID(val string) attribute.KeyValue {
+	return K8SReplicaSetUIDKey.String(val)
+}
+
+// K8SStatefulSetName returns an attribute KeyValue conforming to the
+// "k8s.statefulset.name" semantic conventions. It represents the name of the
+// StatefulSet.
+func K8SStatefulSetName(val string) attribute.KeyValue {
+	return K8SStatefulSetNameKey.String(val)
+}
+
+// K8SStatefulSetUID returns an attribute KeyValue conforming to the
+// "k8s.statefulset.uid" semantic conventions. It represents the UID of the
+// StatefulSet.
+func K8SStatefulSetUID(val string) attribute.KeyValue {
+	return K8SStatefulSetUIDKey.String(val)
+}
+
+// K8SVolumeName returns an attribute KeyValue conforming to the
+// "k8s.volume.name" semantic conventions. It represents the name of the K8s
+// volume.
+func K8SVolumeName(val string) attribute.KeyValue {
+	return K8SVolumeNameKey.String(val)
+}
+
+// Enum values for k8s.namespace.phase
+var (
+	// Active namespace phase as described by [K8s API]
+	// Stability: development
+	//
+	// [K8s API]: https://pkg.go.dev/k8s.io/api@v0.31.3/core/v1#NamespacePhase
+	K8SNamespacePhaseActive = K8SNamespacePhaseKey.String("active")
+	// Terminating namespace phase as described by [K8s API]
+	// Stability: development
+	//
+	// [K8s API]: https://pkg.go.dev/k8s.io/api@v0.31.3/core/v1#NamespacePhase
+	K8SNamespacePhaseTerminating = K8SNamespacePhaseKey.String("terminating")
+)
+
+// Enum values for k8s.volume.type
+var (
+	// A [persistentVolumeClaim] volume
+	// Stability: development
+	//
+	// [persistentVolumeClaim]: https://v1-30.docs.kubernetes.io/docs/concepts/storage/volumes/#persistentvolumeclaim
+	K8SVolumeTypePersistentVolumeClaim = K8SVolumeTypeKey.String("persistentVolumeClaim")
+	// A [configMap] volume
+	// Stability: development
+	//
+	// [configMap]: https://v1-30.docs.kubernetes.io/docs/concepts/storage/volumes/#configmap
+	K8SVolumeTypeConfigMap = K8SVolumeTypeKey.String("configMap")
+	// A [downwardAPI] volume
+	// Stability: development
+	//
+	// [downwardAPI]: https://v1-30.docs.kubernetes.io/docs/concepts/storage/volumes/#downwardapi
+	K8SVolumeTypeDownwardAPI = K8SVolumeTypeKey.String("downwardAPI")
+	// An [emptyDir] volume
+	// Stability: development
+	//
+	// [emptyDir]: https://v1-30.docs.kubernetes.io/docs/concepts/storage/volumes/#emptydir
+	K8SVolumeTypeEmptyDir = K8SVolumeTypeKey.String("emptyDir")
+	// A [secret] volume
+	// Stability: development
+	//
+	// [secret]: https://v1-30.docs.kubernetes.io/docs/concepts/storage/volumes/#secret
+	K8SVolumeTypeSecret = K8SVolumeTypeKey.String("secret")
+	// A [local] volume
+	// Stability: development
+	//
+	// [local]: https://v1-30.docs.kubernetes.io/docs/concepts/storage/volumes/#local
+	K8SVolumeTypeLocal = K8SVolumeTypeKey.String("local")
+)
+
+// Namespace: linux
+const (
+	// LinuxMemorySlabStateKey is the attribute Key conforming to the
+	// "linux.memory.slab.state" semantic conventions. It represents the Linux Slab
+	// memory state.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "reclaimable", "unreclaimable"
+	LinuxMemorySlabStateKey = attribute.Key("linux.memory.slab.state")
+)
+
+// Enum values for linux.memory.slab.state
+var (
+	// reclaimable
+	// Stability: development
+	LinuxMemorySlabStateReclaimable = LinuxMemorySlabStateKey.String("reclaimable")
+	// unreclaimable
+	// Stability: development
+	LinuxMemorySlabStateUnreclaimable = LinuxMemorySlabStateKey.String("unreclaimable")
+)
+
+// Namespace: log
+const (
+	// LogFileNameKey is the attribute Key conforming to the "log.file.name"
+	// semantic conventions. It represents the basename of the file.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "audit.log"
+	LogFileNameKey = attribute.Key("log.file.name")
+
+	// LogFileNameResolvedKey is the attribute Key conforming to the
+	// "log.file.name_resolved" semantic conventions. It represents the basename of
+	// the file, with symlinks resolved.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "uuid.log"
+	LogFileNameResolvedKey = attribute.Key("log.file.name_resolved")
+
+	// LogFilePathKey is the attribute Key conforming to the "log.file.path"
+	// semantic conventions. It represents the full path to the file.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/var/log/mysql/audit.log"
+	LogFilePathKey = attribute.Key("log.file.path")
+
+	// LogFilePathResolvedKey is the attribute Key conforming to the
+	// "log.file.path_resolved" semantic conventions. It represents the full path to
+	// the file, with symlinks resolved.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/var/lib/docker/uuid.log"
+	LogFilePathResolvedKey = attribute.Key("log.file.path_resolved")
+
+	// LogIostreamKey is the attribute Key conforming to the "log.iostream" semantic
+	// conventions. It represents the stream associated with the log. See below for
+	// a list of well-known values.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	LogIostreamKey = attribute.Key("log.iostream")
+
+	// LogRecordOriginalKey is the attribute Key conforming to the
+	// "log.record.original" semantic conventions. It represents the complete
+	// original Log Record.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "77 <86>1 2015-08-06T21:58:59.694Z 192.168.2.133 inactive - - -
+	// Something happened", "[INFO] 8/3/24 12:34:56 Something happened"
+	// Note: This value MAY be added when processing a Log Record which was
+	// originally transmitted as a string or equivalent data type AND the Body field
+	// of the Log Record does not contain the same value. (e.g. a syslog or a log
+	// record read from a file.)
+	LogRecordOriginalKey = attribute.Key("log.record.original")
+
+	// LogRecordUIDKey is the attribute Key conforming to the "log.record.uid"
+	// semantic conventions. It represents a unique identifier for the Log Record.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "01ARZ3NDEKTSV4RRFFQ69G5FAV"
+	// Note: If an id is provided, other log records with the same id will be
+	// considered duplicates and can be removed safely. This means, that two
+	// distinguishable log records MUST have different values.
+	// The id MAY be an
+	// [Universally Unique Lexicographically Sortable Identifier (ULID)], but other
+	// identifiers (e.g. UUID) may be used as needed.
+	//
+	// [Universally Unique Lexicographically Sortable Identifier (ULID)]: https://github.com/ulid/spec
+	LogRecordUIDKey = attribute.Key("log.record.uid")
+)
+
+// LogFileName returns an attribute KeyValue conforming to the "log.file.name"
+// semantic conventions. It represents the basename of the file.
+func LogFileName(val string) attribute.KeyValue {
+	return LogFileNameKey.String(val)
+}
+
+// LogFileNameResolved returns an attribute KeyValue conforming to the
+// "log.file.name_resolved" semantic conventions. It represents the basename of
+// the file, with symlinks resolved.
+func LogFileNameResolved(val string) attribute.KeyValue {
+	return LogFileNameResolvedKey.String(val)
+}
+
+// LogFilePath returns an attribute KeyValue conforming to the "log.file.path"
+// semantic conventions. It represents the full path to the file.
+func LogFilePath(val string) attribute.KeyValue {
+	return LogFilePathKey.String(val)
+}
+
+// LogFilePathResolved returns an attribute KeyValue conforming to the
+// "log.file.path_resolved" semantic conventions. It represents the full path to
+// the file, with symlinks resolved.
+func LogFilePathResolved(val string) attribute.KeyValue {
+	return LogFilePathResolvedKey.String(val)
+}
+
+// LogRecordOriginal returns an attribute KeyValue conforming to the
+// "log.record.original" semantic conventions. It represents the complete
+// original Log Record.
+func LogRecordOriginal(val string) attribute.KeyValue {
+	return LogRecordOriginalKey.String(val)
+}
+
+// LogRecordUID returns an attribute KeyValue conforming to the "log.record.uid"
+// semantic conventions. It represents a unique identifier for the Log Record.
+func LogRecordUID(val string) attribute.KeyValue {
+	return LogRecordUIDKey.String(val)
+}
+
+// Enum values for log.iostream
+var (
+	// Logs from stdout stream
+	// Stability: development
+	LogIostreamStdout = LogIostreamKey.String("stdout")
+	// Events from stderr stream
+	// Stability: development
+	LogIostreamStderr = LogIostreamKey.String("stderr")
+)
+
+// Namespace: messaging
+const (
+	// MessagingBatchMessageCountKey is the attribute Key conforming to the
+	// "messaging.batch.message_count" semantic conventions. It represents the
+	// number of messages sent, received, or processed in the scope of the batching
+	// operation.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 0, 1, 2
+	// Note: Instrumentations SHOULD NOT set `messaging.batch.message_count` on
+	// spans that operate with a single message. When a messaging client library
+	// supports both batch and single-message API for the same operation,
+	// instrumentations SHOULD use `messaging.batch.message_count` for batching APIs
+	// and SHOULD NOT use it for single-message APIs.
+	MessagingBatchMessageCountKey = attribute.Key("messaging.batch.message_count")
+
+	// MessagingClientIDKey is the attribute Key conforming to the
+	// "messaging.client.id" semantic conventions. It represents a unique identifier
+	// for the client that consumes or produces a message.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "client-5", "myhost@8742@s8083jm"
+	MessagingClientIDKey = attribute.Key("messaging.client.id")
+
+	// MessagingConsumerGroupNameKey is the attribute Key conforming to the
+	// "messaging.consumer.group.name" semantic conventions. It represents the name
+	// of the consumer group with which a consumer is associated.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "my-group", "indexer"
+	// Note: Semantic conventions for individual messaging systems SHOULD document
+	// whether `messaging.consumer.group.name` is applicable and what it means in
+	// the context of that system.
+	MessagingConsumerGroupNameKey = attribute.Key("messaging.consumer.group.name")
+
+	// MessagingDestinationAnonymousKey is the attribute Key conforming to the
+	// "messaging.destination.anonymous" semantic conventions. It represents a
+	// boolean that is true if the message destination is anonymous (could be
+	// unnamed or have auto-generated name).
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	MessagingDestinationAnonymousKey = attribute.Key("messaging.destination.anonymous")
+
+	// MessagingDestinationNameKey is the attribute Key conforming to the
+	// "messaging.destination.name" semantic conventions. It represents the message
+	// destination name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "MyQueue", "MyTopic"
+	// Note: Destination name SHOULD uniquely identify a specific queue, topic or
+	// other entity within the broker. If
+	// the broker doesn't have such notion, the destination name SHOULD uniquely
+	// identify the broker.
+	MessagingDestinationNameKey = attribute.Key("messaging.destination.name")
+
+	// MessagingDestinationPartitionIDKey is the attribute Key conforming to the
+	// "messaging.destination.partition.id" semantic conventions. It represents the
+	// identifier of the partition messages are sent to or received from, unique
+	// within the `messaging.destination.name`.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1
+	MessagingDestinationPartitionIDKey = attribute.Key("messaging.destination.partition.id")
+
+	// MessagingDestinationSubscriptionNameKey is the attribute Key conforming to
+	// the "messaging.destination.subscription.name" semantic conventions. It
+	// represents the name of the destination subscription from which a message is
+	// consumed.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "subscription-a"
+	// Note: Semantic conventions for individual messaging systems SHOULD document
+	// whether `messaging.destination.subscription.name` is applicable and what it
+	// means in the context of that system.
+	MessagingDestinationSubscriptionNameKey = attribute.Key("messaging.destination.subscription.name")
+
+	// MessagingDestinationTemplateKey is the attribute Key conforming to the
+	// "messaging.destination.template" semantic conventions. It represents the low
+	// cardinality representation of the messaging destination name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/customers/{customerId}"
+	// Note: Destination names could be constructed from templates. An example would
+	// be a destination name involving a user name or product id. Although the
+	// destination name in this case is of high cardinality, the underlying template
+	// is of low cardinality and can be effectively used for grouping and
+	// aggregation.
+	MessagingDestinationTemplateKey = attribute.Key("messaging.destination.template")
+
+	// MessagingDestinationTemporaryKey is the attribute Key conforming to the
+	// "messaging.destination.temporary" semantic conventions. It represents a
+	// boolean that is true if the message destination is temporary and might not
+	// exist anymore after messages are processed.
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	MessagingDestinationTemporaryKey = attribute.Key("messaging.destination.temporary")
+
+	// MessagingEventhubsMessageEnqueuedTimeKey is the attribute Key conforming to
+	// the "messaging.eventhubs.message.enqueued_time" semantic conventions. It
+	// represents the UTC epoch seconds at which the message has been accepted and
+	// stored in the entity.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	MessagingEventhubsMessageEnqueuedTimeKey = attribute.Key("messaging.eventhubs.message.enqueued_time")
+
+	// MessagingGCPPubsubMessageAckDeadlineKey is the attribute Key conforming to
+	// the "messaging.gcp_pubsub.message.ack_deadline" semantic conventions. It
+	// represents the ack deadline in seconds set for the modify ack deadline
+	// request.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	MessagingGCPPubsubMessageAckDeadlineKey = attribute.Key("messaging.gcp_pubsub.message.ack_deadline")
+
+	// MessagingGCPPubsubMessageAckIDKey is the attribute Key conforming to the
+	// "messaging.gcp_pubsub.message.ack_id" semantic conventions. It represents the
+	// ack id for a given message.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: ack_id
+	MessagingGCPPubsubMessageAckIDKey = attribute.Key("messaging.gcp_pubsub.message.ack_id")
+
+	// MessagingGCPPubsubMessageDeliveryAttemptKey is the attribute Key conforming
+	// to the "messaging.gcp_pubsub.message.delivery_attempt" semantic conventions.
+	// It represents the delivery attempt for a given message.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	MessagingGCPPubsubMessageDeliveryAttemptKey = attribute.Key("messaging.gcp_pubsub.message.delivery_attempt")
+
+	// MessagingGCPPubsubMessageOrderingKeyKey is the attribute Key conforming to
+	// the "messaging.gcp_pubsub.message.ordering_key" semantic conventions. It
+	// represents the ordering key for a given message. If the attribute is not
+	// present, the message does not have an ordering key.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: ordering_key
+	MessagingGCPPubsubMessageOrderingKeyKey = attribute.Key("messaging.gcp_pubsub.message.ordering_key")
+
+	// MessagingKafkaMessageKeyKey is the attribute Key conforming to the
+	// "messaging.kafka.message.key" semantic conventions. It represents the message
+	// keys in Kafka are used for grouping alike messages to ensure they're
+	// processed on the same partition. They differ from `messaging.message.id` in
+	// that they're not unique. If the key is `null`, the attribute MUST NOT be set.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: myKey
+	// Note: If the key type is not string, it's string representation has to be
+	// supplied for the attribute. If the key has no unambiguous, canonical string
+	// form, don't include its value.
+	MessagingKafkaMessageKeyKey = attribute.Key("messaging.kafka.message.key")
+
+	// MessagingKafkaMessageTombstoneKey is the attribute Key conforming to the
+	// "messaging.kafka.message.tombstone" semantic conventions. It represents a
+	// boolean that is true if the message is a tombstone.
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	MessagingKafkaMessageTombstoneKey = attribute.Key("messaging.kafka.message.tombstone")
+
+	// MessagingKafkaOffsetKey is the attribute Key conforming to the
+	// "messaging.kafka.offset" semantic conventions. It represents the offset of a
+	// record in the corresponding Kafka partition.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	MessagingKafkaOffsetKey = attribute.Key("messaging.kafka.offset")
+
+	// MessagingMessageBodySizeKey is the attribute Key conforming to the
+	// "messaging.message.body.size" semantic conventions. It represents the size of
+	// the message body in bytes.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Note: This can refer to both the compressed or uncompressed body size. If
+	// both sizes are known, the uncompressed
+	// body size should be used.
+	MessagingMessageBodySizeKey = attribute.Key("messaging.message.body.size")
+
+	// MessagingMessageConversationIDKey is the attribute Key conforming to the
+	// "messaging.message.conversation_id" semantic conventions. It represents the
+	// conversation ID identifying the conversation to which the message belongs,
+	// represented as a string. Sometimes called "Correlation ID".
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: MyConversationId
+	MessagingMessageConversationIDKey = attribute.Key("messaging.message.conversation_id")
+
+	// MessagingMessageEnvelopeSizeKey is the attribute Key conforming to the
+	// "messaging.message.envelope.size" semantic conventions. It represents the
+	// size of the message body and metadata in bytes.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Note: This can refer to both the compressed or uncompressed size. If both
+	// sizes are known, the uncompressed
+	// size should be used.
+	MessagingMessageEnvelopeSizeKey = attribute.Key("messaging.message.envelope.size")
+
+	// MessagingMessageIDKey is the attribute Key conforming to the
+	// "messaging.message.id" semantic conventions. It represents a value used by
+	// the messaging system as an identifier for the message, represented as a
+	// string.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 452a7c7c7c7048c2f887f61572b18fc2
+	MessagingMessageIDKey = attribute.Key("messaging.message.id")
+
+	// MessagingOperationNameKey is the attribute Key conforming to the
+	// "messaging.operation.name" semantic conventions. It represents the
+	// system-specific name of the messaging operation.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "ack", "nack", "send"
+	MessagingOperationNameKey = attribute.Key("messaging.operation.name")
+
+	// MessagingOperationTypeKey is the attribute Key conforming to the
+	// "messaging.operation.type" semantic conventions. It represents a string
+	// identifying the type of the messaging operation.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// Note: If a custom value is used, it MUST be of low cardinality.
+	MessagingOperationTypeKey = attribute.Key("messaging.operation.type")
+
+	// MessagingRabbitmqDestinationRoutingKeyKey is the attribute Key conforming to
+	// the "messaging.rabbitmq.destination.routing_key" semantic conventions. It
+	// represents the rabbitMQ message routing key.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: myKey
+	MessagingRabbitmqDestinationRoutingKeyKey = attribute.Key("messaging.rabbitmq.destination.routing_key")
+
+	// MessagingRabbitmqMessageDeliveryTagKey is the attribute Key conforming to the
+	// "messaging.rabbitmq.message.delivery_tag" semantic conventions. It represents
+	// the rabbitMQ message delivery tag.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	MessagingRabbitmqMessageDeliveryTagKey = attribute.Key("messaging.rabbitmq.message.delivery_tag")
+
+	// MessagingRocketmqConsumptionModelKey is the attribute Key conforming to the
+	// "messaging.rocketmq.consumption_model" semantic conventions. It represents
+	// the model of message consumption. This only applies to consumer spans.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	MessagingRocketmqConsumptionModelKey = attribute.Key("messaging.rocketmq.consumption_model")
+
+	// MessagingRocketmqMessageDelayTimeLevelKey is the attribute Key conforming to
+	// the "messaging.rocketmq.message.delay_time_level" semantic conventions. It
+	// represents the delay time level for delay message, which determines the
+	// message delay time.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	MessagingRocketmqMessageDelayTimeLevelKey = attribute.Key("messaging.rocketmq.message.delay_time_level")
+
+	// MessagingRocketmqMessageDeliveryTimestampKey is the attribute Key conforming
+	// to the "messaging.rocketmq.message.delivery_timestamp" semantic conventions.
+	// It represents the timestamp in milliseconds that the delay message is
+	// expected to be delivered to consumer.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	MessagingRocketmqMessageDeliveryTimestampKey = attribute.Key("messaging.rocketmq.message.delivery_timestamp")
+
+	// MessagingRocketmqMessageGroupKey is the attribute Key conforming to the
+	// "messaging.rocketmq.message.group" semantic conventions. It represents the it
+	// is essential for FIFO message. Messages that belong to the same message group
+	// are always processed one by one within the same consumer group.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: myMessageGroup
+	MessagingRocketmqMessageGroupKey = attribute.Key("messaging.rocketmq.message.group")
+
+	// MessagingRocketmqMessageKeysKey is the attribute Key conforming to the
+	// "messaging.rocketmq.message.keys" semantic conventions. It represents the
+	// key(s) of message, another way to mark message besides message id.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "keyA", "keyB"
+	MessagingRocketmqMessageKeysKey = attribute.Key("messaging.rocketmq.message.keys")
+
+	// MessagingRocketmqMessageTagKey is the attribute Key conforming to the
+	// "messaging.rocketmq.message.tag" semantic conventions. It represents the
+	// secondary classifier of message besides topic.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: tagA
+	MessagingRocketmqMessageTagKey = attribute.Key("messaging.rocketmq.message.tag")
+
+	// MessagingRocketmqMessageTypeKey is the attribute Key conforming to the
+	// "messaging.rocketmq.message.type" semantic conventions. It represents the
+	// type of message.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	MessagingRocketmqMessageTypeKey = attribute.Key("messaging.rocketmq.message.type")
+
+	// MessagingRocketmqNamespaceKey is the attribute Key conforming to the
+	// "messaging.rocketmq.namespace" semantic conventions. It represents the
+	// namespace of RocketMQ resources, resources in different namespaces are
+	// individual.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: myNamespace
+	MessagingRocketmqNamespaceKey = attribute.Key("messaging.rocketmq.namespace")
+
+	// MessagingServicebusDispositionStatusKey is the attribute Key conforming to
+	// the "messaging.servicebus.disposition_status" semantic conventions. It
+	// represents the describes the [settlement type].
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	//
+	// [settlement type]: https://learn.microsoft.com/azure/service-bus-messaging/message-transfers-locks-settlement#peeklock
+	MessagingServicebusDispositionStatusKey = attribute.Key("messaging.servicebus.disposition_status")
+
+	// MessagingServicebusMessageDeliveryCountKey is the attribute Key conforming to
+	// the "messaging.servicebus.message.delivery_count" semantic conventions. It
+	// represents the number of deliveries that have been attempted for this
+	// message.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	MessagingServicebusMessageDeliveryCountKey = attribute.Key("messaging.servicebus.message.delivery_count")
+
+	// MessagingServicebusMessageEnqueuedTimeKey is the attribute Key conforming to
+	// the "messaging.servicebus.message.enqueued_time" semantic conventions. It
+	// represents the UTC epoch seconds at which the message has been accepted and
+	// stored in the entity.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	MessagingServicebusMessageEnqueuedTimeKey = attribute.Key("messaging.servicebus.message.enqueued_time")
+
+	// MessagingSystemKey is the attribute Key conforming to the "messaging.system"
+	// semantic conventions. It represents the messaging system as identified by the
+	// client instrumentation.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// Note: The actual messaging system may differ from the one known by the
+	// client. For example, when using Kafka client libraries to communicate with
+	// Azure Event Hubs, the `messaging.system` is set to `kafka` based on the
+	// instrumentation's best knowledge.
+	MessagingSystemKey = attribute.Key("messaging.system")
+)
+
+// MessagingBatchMessageCount returns an attribute KeyValue conforming to the
+// "messaging.batch.message_count" semantic conventions. It represents the number
+// of messages sent, received, or processed in the scope of the batching
+// operation.
+func MessagingBatchMessageCount(val int) attribute.KeyValue {
+	return MessagingBatchMessageCountKey.Int(val)
+}
+
+// MessagingClientID returns an attribute KeyValue conforming to the
+// "messaging.client.id" semantic conventions. It represents a unique identifier
+// for the client that consumes or produces a message.
+func MessagingClientID(val string) attribute.KeyValue {
+	return MessagingClientIDKey.String(val)
+}
+
+// MessagingConsumerGroupName returns an attribute KeyValue conforming to the
+// "messaging.consumer.group.name" semantic conventions. It represents the name
+// of the consumer group with which a consumer is associated.
+func MessagingConsumerGroupName(val string) attribute.KeyValue {
+	return MessagingConsumerGroupNameKey.String(val)
+}
+
+// MessagingDestinationAnonymous returns an attribute KeyValue conforming to the
+// "messaging.destination.anonymous" semantic conventions. It represents a
+// boolean that is true if the message destination is anonymous (could be unnamed
+// or have auto-generated name).
+func MessagingDestinationAnonymous(val bool) attribute.KeyValue {
+	return MessagingDestinationAnonymousKey.Bool(val)
+}
+
+// MessagingDestinationName returns an attribute KeyValue conforming to the
+// "messaging.destination.name" semantic conventions. It represents the message
+// destination name.
+func MessagingDestinationName(val string) attribute.KeyValue {
+	return MessagingDestinationNameKey.String(val)
+}
+
+// MessagingDestinationPartitionID returns an attribute KeyValue conforming to
+// the "messaging.destination.partition.id" semantic conventions. It represents
+// the identifier of the partition messages are sent to or received from, unique
+// within the `messaging.destination.name`.
+func MessagingDestinationPartitionID(val string) attribute.KeyValue {
+	return MessagingDestinationPartitionIDKey.String(val)
+}
+
+// MessagingDestinationSubscriptionName returns an attribute KeyValue conforming
+// to the "messaging.destination.subscription.name" semantic conventions. It
+// represents the name of the destination subscription from which a message is
+// consumed.
+func MessagingDestinationSubscriptionName(val string) attribute.KeyValue {
+	return MessagingDestinationSubscriptionNameKey.String(val)
+}
+
+// MessagingDestinationTemplate returns an attribute KeyValue conforming to the
+// "messaging.destination.template" semantic conventions. It represents the low
+// cardinality representation of the messaging destination name.
+func MessagingDestinationTemplate(val string) attribute.KeyValue {
+	return MessagingDestinationTemplateKey.String(val)
+}
+
+// MessagingDestinationTemporary returns an attribute KeyValue conforming to the
+// "messaging.destination.temporary" semantic conventions. It represents a
+// boolean that is true if the message destination is temporary and might not
+// exist anymore after messages are processed.
+func MessagingDestinationTemporary(val bool) attribute.KeyValue {
+	return MessagingDestinationTemporaryKey.Bool(val)
+}
+
+// MessagingEventhubsMessageEnqueuedTime returns an attribute KeyValue conforming
+// to the "messaging.eventhubs.message.enqueued_time" semantic conventions. It
+// represents the UTC epoch seconds at which the message has been accepted and
+// stored in the entity.
+func MessagingEventhubsMessageEnqueuedTime(val int) attribute.KeyValue {
+	return MessagingEventhubsMessageEnqueuedTimeKey.Int(val)
+}
+
+// MessagingGCPPubsubMessageAckDeadline returns an attribute KeyValue conforming
+// to the "messaging.gcp_pubsub.message.ack_deadline" semantic conventions. It
+// represents the ack deadline in seconds set for the modify ack deadline
+// request.
+func MessagingGCPPubsubMessageAckDeadline(val int) attribute.KeyValue {
+	return MessagingGCPPubsubMessageAckDeadlineKey.Int(val)
+}
+
+// MessagingGCPPubsubMessageAckID returns an attribute KeyValue conforming to the
+// "messaging.gcp_pubsub.message.ack_id" semantic conventions. It represents the
+// ack id for a given message.
+func MessagingGCPPubsubMessageAckID(val string) attribute.KeyValue {
+	return MessagingGCPPubsubMessageAckIDKey.String(val)
+}
+
+// MessagingGCPPubsubMessageDeliveryAttempt returns an attribute KeyValue
+// conforming to the "messaging.gcp_pubsub.message.delivery_attempt" semantic
+// conventions. It represents the delivery attempt for a given message.
+func MessagingGCPPubsubMessageDeliveryAttempt(val int) attribute.KeyValue {
+	return MessagingGCPPubsubMessageDeliveryAttemptKey.Int(val)
+}
+
+// MessagingGCPPubsubMessageOrderingKey returns an attribute KeyValue conforming
+// to the "messaging.gcp_pubsub.message.ordering_key" semantic conventions. It
+// represents the ordering key for a given message. If the attribute is not
+// present, the message does not have an ordering key.
+func MessagingGCPPubsubMessageOrderingKey(val string) attribute.KeyValue {
+	return MessagingGCPPubsubMessageOrderingKeyKey.String(val)
+}
+
+// MessagingKafkaMessageKey returns an attribute KeyValue conforming to the
+// "messaging.kafka.message.key" semantic conventions. It represents the message
+// keys in Kafka are used for grouping alike messages to ensure they're processed
+// on the same partition. They differ from `messaging.message.id` in that they're
+// not unique. If the key is `null`, the attribute MUST NOT be set.
+func MessagingKafkaMessageKey(val string) attribute.KeyValue {
+	return MessagingKafkaMessageKeyKey.String(val)
+}
+
+// MessagingKafkaMessageTombstone returns an attribute KeyValue conforming to the
+// "messaging.kafka.message.tombstone" semantic conventions. It represents a
+// boolean that is true if the message is a tombstone.
+func MessagingKafkaMessageTombstone(val bool) attribute.KeyValue {
+	return MessagingKafkaMessageTombstoneKey.Bool(val)
+}
+
+// MessagingKafkaOffset returns an attribute KeyValue conforming to the
+// "messaging.kafka.offset" semantic conventions. It represents the offset of a
+// record in the corresponding Kafka partition.
+func MessagingKafkaOffset(val int) attribute.KeyValue {
+	return MessagingKafkaOffsetKey.Int(val)
+}
+
+// MessagingMessageBodySize returns an attribute KeyValue conforming to the
+// "messaging.message.body.size" semantic conventions. It represents the size of
+// the message body in bytes.
+func MessagingMessageBodySize(val int) attribute.KeyValue {
+	return MessagingMessageBodySizeKey.Int(val)
+}
+
+// MessagingMessageConversationID returns an attribute KeyValue conforming to the
+// "messaging.message.conversation_id" semantic conventions. It represents the
+// conversation ID identifying the conversation to which the message belongs,
+// represented as a string. Sometimes called "Correlation ID".
+func MessagingMessageConversationID(val string) attribute.KeyValue {
+	return MessagingMessageConversationIDKey.String(val)
+}
+
+// MessagingMessageEnvelopeSize returns an attribute KeyValue conforming to the
+// "messaging.message.envelope.size" semantic conventions. It represents the size
+// of the message body and metadata in bytes.
+func MessagingMessageEnvelopeSize(val int) attribute.KeyValue {
+	return MessagingMessageEnvelopeSizeKey.Int(val)
+}
+
+// MessagingMessageID returns an attribute KeyValue conforming to the
+// "messaging.message.id" semantic conventions. It represents a value used by the
+// messaging system as an identifier for the message, represented as a string.
+func MessagingMessageID(val string) attribute.KeyValue {
+	return MessagingMessageIDKey.String(val)
+}
+
+// MessagingOperationName returns an attribute KeyValue conforming to the
+// "messaging.operation.name" semantic conventions. It represents the
+// system-specific name of the messaging operation.
+func MessagingOperationName(val string) attribute.KeyValue {
+	return MessagingOperationNameKey.String(val)
+}
+
+// MessagingRabbitmqDestinationRoutingKey returns an attribute KeyValue
+// conforming to the "messaging.rabbitmq.destination.routing_key" semantic
+// conventions. It represents the rabbitMQ message routing key.
+func MessagingRabbitmqDestinationRoutingKey(val string) attribute.KeyValue {
+	return MessagingRabbitmqDestinationRoutingKeyKey.String(val)
+}
+
+// MessagingRabbitmqMessageDeliveryTag returns an attribute KeyValue conforming
+// to the "messaging.rabbitmq.message.delivery_tag" semantic conventions. It
+// represents the rabbitMQ message delivery tag.
+func MessagingRabbitmqMessageDeliveryTag(val int) attribute.KeyValue {
+	return MessagingRabbitmqMessageDeliveryTagKey.Int(val)
+}
+
+// MessagingRocketmqMessageDelayTimeLevel returns an attribute KeyValue
+// conforming to the "messaging.rocketmq.message.delay_time_level" semantic
+// conventions. It represents the delay time level for delay message, which
+// determines the message delay time.
+func MessagingRocketmqMessageDelayTimeLevel(val int) attribute.KeyValue {
+	return MessagingRocketmqMessageDelayTimeLevelKey.Int(val)
+}
+
+// MessagingRocketmqMessageDeliveryTimestamp returns an attribute KeyValue
+// conforming to the "messaging.rocketmq.message.delivery_timestamp" semantic
+// conventions. It represents the timestamp in milliseconds that the delay
+// message is expected to be delivered to consumer.
+func MessagingRocketmqMessageDeliveryTimestamp(val int) attribute.KeyValue {
+	return MessagingRocketmqMessageDeliveryTimestampKey.Int(val)
+}
+
+// MessagingRocketmqMessageGroup returns an attribute KeyValue conforming to the
+// "messaging.rocketmq.message.group" semantic conventions. It represents the it
+// is essential for FIFO message. Messages that belong to the same message group
+// are always processed one by one within the same consumer group.
+func MessagingRocketmqMessageGroup(val string) attribute.KeyValue {
+	return MessagingRocketmqMessageGroupKey.String(val)
+}
+
+// MessagingRocketmqMessageKeys returns an attribute KeyValue conforming to the
+// "messaging.rocketmq.message.keys" semantic conventions. It represents the
+// key(s) of message, another way to mark message besides message id.
+func MessagingRocketmqMessageKeys(val ...string) attribute.KeyValue {
+	return MessagingRocketmqMessageKeysKey.StringSlice(val)
+}
+
+// MessagingRocketmqMessageTag returns an attribute KeyValue conforming to the
+// "messaging.rocketmq.message.tag" semantic conventions. It represents the
+// secondary classifier of message besides topic.
+func MessagingRocketmqMessageTag(val string) attribute.KeyValue {
+	return MessagingRocketmqMessageTagKey.String(val)
+}
+
+// MessagingRocketmqNamespace returns an attribute KeyValue conforming to the
+// "messaging.rocketmq.namespace" semantic conventions. It represents the
+// namespace of RocketMQ resources, resources in different namespaces are
+// individual.
+func MessagingRocketmqNamespace(val string) attribute.KeyValue {
+	return MessagingRocketmqNamespaceKey.String(val)
+}
+
+// MessagingServicebusMessageDeliveryCount returns an attribute KeyValue
+// conforming to the "messaging.servicebus.message.delivery_count" semantic
+// conventions. It represents the number of deliveries that have been attempted
+// for this message.
+func MessagingServicebusMessageDeliveryCount(val int) attribute.KeyValue {
+	return MessagingServicebusMessageDeliveryCountKey.Int(val)
+}
+
+// MessagingServicebusMessageEnqueuedTime returns an attribute KeyValue
+// conforming to the "messaging.servicebus.message.enqueued_time" semantic
+// conventions. It represents the UTC epoch seconds at which the message has been
+// accepted and stored in the entity.
+func MessagingServicebusMessageEnqueuedTime(val int) attribute.KeyValue {
+	return MessagingServicebusMessageEnqueuedTimeKey.Int(val)
+}
+
+// Enum values for messaging.operation.type
+var (
+	// A message is created. "Create" spans always refer to a single message and are
+	// used to provide a unique creation context for messages in batch sending
+	// scenarios.
+	//
+	// Stability: development
+	MessagingOperationTypeCreate = MessagingOperationTypeKey.String("create")
+	// One or more messages are provided for sending to an intermediary. If a single
+	// message is sent, the context of the "Send" span can be used as the creation
+	// context and no "Create" span needs to be created.
+	//
+	// Stability: development
+	MessagingOperationTypeSend = MessagingOperationTypeKey.String("send")
+	// One or more messages are requested by a consumer. This operation refers to
+	// pull-based scenarios, where consumers explicitly call methods of messaging
+	// SDKs to receive messages.
+	//
+	// Stability: development
+	MessagingOperationTypeReceive = MessagingOperationTypeKey.String("receive")
+	// One or more messages are processed by a consumer.
+	//
+	// Stability: development
+	MessagingOperationTypeProcess = MessagingOperationTypeKey.String("process")
+	// One or more messages are settled.
+	//
+	// Stability: development
+	MessagingOperationTypeSettle = MessagingOperationTypeKey.String("settle")
+	// Deprecated: Replaced by `process`.
+	MessagingOperationTypeDeliver = MessagingOperationTypeKey.String("deliver")
+	// Deprecated: Replaced by `send`.
+	MessagingOperationTypePublish = MessagingOperationTypeKey.String("publish")
+)
+
+// Enum values for messaging.rocketmq.consumption_model
+var (
+	// Clustering consumption model
+	// Stability: development
+	MessagingRocketmqConsumptionModelClustering = MessagingRocketmqConsumptionModelKey.String("clustering")
+	// Broadcasting consumption model
+	// Stability: development
+	MessagingRocketmqConsumptionModelBroadcasting = MessagingRocketmqConsumptionModelKey.String("broadcasting")
+)
+
+// Enum values for messaging.rocketmq.message.type
+var (
+	// Normal message
+	// Stability: development
+	MessagingRocketmqMessageTypeNormal = MessagingRocketmqMessageTypeKey.String("normal")
+	// FIFO message
+	// Stability: development
+	MessagingRocketmqMessageTypeFifo = MessagingRocketmqMessageTypeKey.String("fifo")
+	// Delay message
+	// Stability: development
+	MessagingRocketmqMessageTypeDelay = MessagingRocketmqMessageTypeKey.String("delay")
+	// Transaction message
+	// Stability: development
+	MessagingRocketmqMessageTypeTransaction = MessagingRocketmqMessageTypeKey.String("transaction")
+)
+
+// Enum values for messaging.servicebus.disposition_status
+var (
+	// Message is completed
+	// Stability: development
+	MessagingServicebusDispositionStatusComplete = MessagingServicebusDispositionStatusKey.String("complete")
+	// Message is abandoned
+	// Stability: development
+	MessagingServicebusDispositionStatusAbandon = MessagingServicebusDispositionStatusKey.String("abandon")
+	// Message is sent to dead letter queue
+	// Stability: development
+	MessagingServicebusDispositionStatusDeadLetter = MessagingServicebusDispositionStatusKey.String("dead_letter")
+	// Message is deferred
+	// Stability: development
+	MessagingServicebusDispositionStatusDefer = MessagingServicebusDispositionStatusKey.String("defer")
+)
+
+// Enum values for messaging.system
+var (
+	// Apache ActiveMQ
+	// Stability: development
+	MessagingSystemActivemq = MessagingSystemKey.String("activemq")
+	// Amazon Simple Queue Service (SQS)
+	// Stability: development
+	MessagingSystemAWSSqs = MessagingSystemKey.String("aws_sqs")
+	// Azure Event Grid
+	// Stability: development
+	MessagingSystemEventgrid = MessagingSystemKey.String("eventgrid")
+	// Azure Event Hubs
+	// Stability: development
+	MessagingSystemEventhubs = MessagingSystemKey.String("eventhubs")
+	// Azure Service Bus
+	// Stability: development
+	MessagingSystemServicebus = MessagingSystemKey.String("servicebus")
+	// Google Cloud Pub/Sub
+	// Stability: development
+	MessagingSystemGCPPubsub = MessagingSystemKey.String("gcp_pubsub")
+	// Java Message Service
+	// Stability: development
+	MessagingSystemJms = MessagingSystemKey.String("jms")
+	// Apache Kafka
+	// Stability: development
+	MessagingSystemKafka = MessagingSystemKey.String("kafka")
+	// RabbitMQ
+	// Stability: development
+	MessagingSystemRabbitmq = MessagingSystemKey.String("rabbitmq")
+	// Apache RocketMQ
+	// Stability: development
+	MessagingSystemRocketmq = MessagingSystemKey.String("rocketmq")
+	// Apache Pulsar
+	// Stability: development
+	MessagingSystemPulsar = MessagingSystemKey.String("pulsar")
+)
+
+// Namespace: network
+const (
+	// NetworkCarrierIccKey is the attribute Key conforming to the
+	// "network.carrier.icc" semantic conventions. It represents the ISO 3166-1
+	// alpha-2 2-character country code associated with the mobile carrier network.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: DE
+	NetworkCarrierIccKey = attribute.Key("network.carrier.icc")
+
+	// NetworkCarrierMccKey is the attribute Key conforming to the
+	// "network.carrier.mcc" semantic conventions. It represents the mobile carrier
+	// country code.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 310
+	NetworkCarrierMccKey = attribute.Key("network.carrier.mcc")
+
+	// NetworkCarrierMncKey is the attribute Key conforming to the
+	// "network.carrier.mnc" semantic conventions. It represents the mobile carrier
+	// network code.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 001
+	NetworkCarrierMncKey = attribute.Key("network.carrier.mnc")
+
+	// NetworkCarrierNameKey is the attribute Key conforming to the
+	// "network.carrier.name" semantic conventions. It represents the name of the
+	// mobile carrier.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: sprint
+	NetworkCarrierNameKey = attribute.Key("network.carrier.name")
+
+	// NetworkConnectionStateKey is the attribute Key conforming to the
+	// "network.connection.state" semantic conventions. It represents the state of
+	// network connection.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "close_wait"
+	// Note: Connection states are defined as part of the [rfc9293]
+	//
+	// [rfc9293]: https://datatracker.ietf.org/doc/html/rfc9293#section-3.3.2
+	NetworkConnectionStateKey = attribute.Key("network.connection.state")
+
+	// NetworkConnectionSubtypeKey is the attribute Key conforming to the
+	// "network.connection.subtype" semantic conventions. It represents the this
+	// describes more details regarding the connection.type. It may be the type of
+	// cell technology connection, but it could be used for describing details about
+	// a wifi connection.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: LTE
+	NetworkConnectionSubtypeKey = attribute.Key("network.connection.subtype")
+
+	// NetworkConnectionTypeKey is the attribute Key conforming to the
+	// "network.connection.type" semantic conventions. It represents the internet
+	// connection type.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: wifi
+	NetworkConnectionTypeKey = attribute.Key("network.connection.type")
+
+	// NetworkInterfaceNameKey is the attribute Key conforming to the
+	// "network.interface.name" semantic conventions. It represents the network
+	// interface name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "lo", "eth0"
+	NetworkInterfaceNameKey = attribute.Key("network.interface.name")
+
+	// NetworkIoDirectionKey is the attribute Key conforming to the
+	// "network.io.direction" semantic conventions. It represents the network IO
+	// operation direction.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "transmit"
+	NetworkIoDirectionKey = attribute.Key("network.io.direction")
+
+	// NetworkLocalAddressKey is the attribute Key conforming to the
+	// "network.local.address" semantic conventions. It represents the local address
+	// of the network connection - IP address or Unix domain socket name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "10.1.2.80", "/tmp/my.sock"
+	NetworkLocalAddressKey = attribute.Key("network.local.address")
+
+	// NetworkLocalPortKey is the attribute Key conforming to the
+	// "network.local.port" semantic conventions. It represents the local port
+	// number of the network connection.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: 65123
+	NetworkLocalPortKey = attribute.Key("network.local.port")
+
+	// NetworkPeerAddressKey is the attribute Key conforming to the
+	// "network.peer.address" semantic conventions. It represents the peer address
+	// of the network connection - IP address or Unix domain socket name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "10.1.2.80", "/tmp/my.sock"
+	NetworkPeerAddressKey = attribute.Key("network.peer.address")
+
+	// NetworkPeerPortKey is the attribute Key conforming to the "network.peer.port"
+	// semantic conventions. It represents the peer port number of the network
+	// connection.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: 65123
+	NetworkPeerPortKey = attribute.Key("network.peer.port")
+
+	// NetworkProtocolNameKey is the attribute Key conforming to the
+	// "network.protocol.name" semantic conventions. It represents the
+	// [OSI application layer] or non-OSI equivalent.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "amqp", "http", "mqtt"
+	// Note: The value SHOULD be normalized to lowercase.
+	//
+	// [OSI application layer]: https://wikipedia.org/wiki/Application_layer
+	NetworkProtocolNameKey = attribute.Key("network.protocol.name")
+
+	// NetworkProtocolVersionKey is the attribute Key conforming to the
+	// "network.protocol.version" semantic conventions. It represents the actual
+	// version of the protocol used for network communication.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "1.1", "2"
+	// Note: If protocol version is subject to negotiation (for example using [ALPN]
+	// ), this attribute SHOULD be set to the negotiated version. If the actual
+	// protocol version is not known, this attribute SHOULD NOT be set.
+	//
+	// [ALPN]: https://www.rfc-editor.org/rfc/rfc7301.html
+	NetworkProtocolVersionKey = attribute.Key("network.protocol.version")
+
+	// NetworkTransportKey is the attribute Key conforming to the
+	// "network.transport" semantic conventions. It represents the
+	// [OSI transport layer] or [inter-process communication method].
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "tcp", "udp"
+	// Note: The value SHOULD be normalized to lowercase.
+	//
+	// Consider always setting the transport when setting a port number, since
+	// a port number is ambiguous without knowing the transport. For example
+	// different processes could be listening on TCP port 12345 and UDP port 12345.
+	//
+	// [OSI transport layer]: https://wikipedia.org/wiki/Transport_layer
+	// [inter-process communication method]: https://wikipedia.org/wiki/Inter-process_communication
+	NetworkTransportKey = attribute.Key("network.transport")
+
+	// NetworkTypeKey is the attribute Key conforming to the "network.type" semantic
+	// conventions. It represents the [OSI network layer] or non-OSI equivalent.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "ipv4", "ipv6"
+	// Note: The value SHOULD be normalized to lowercase.
+	//
+	// [OSI network layer]: https://wikipedia.org/wiki/Network_layer
+	NetworkTypeKey = attribute.Key("network.type")
+)
+
+// NetworkCarrierIcc returns an attribute KeyValue conforming to the
+// "network.carrier.icc" semantic conventions. It represents the ISO 3166-1
+// alpha-2 2-character country code associated with the mobile carrier network.
+func NetworkCarrierIcc(val string) attribute.KeyValue {
+	return NetworkCarrierIccKey.String(val)
+}
+
+// NetworkCarrierMcc returns an attribute KeyValue conforming to the
+// "network.carrier.mcc" semantic conventions. It represents the mobile carrier
+// country code.
+func NetworkCarrierMcc(val string) attribute.KeyValue {
+	return NetworkCarrierMccKey.String(val)
+}
+
+// NetworkCarrierMnc returns an attribute KeyValue conforming to the
+// "network.carrier.mnc" semantic conventions. It represents the mobile carrier
+// network code.
+func NetworkCarrierMnc(val string) attribute.KeyValue {
+	return NetworkCarrierMncKey.String(val)
+}
+
+// NetworkCarrierName returns an attribute KeyValue conforming to the
+// "network.carrier.name" semantic conventions. It represents the name of the
+// mobile carrier.
+func NetworkCarrierName(val string) attribute.KeyValue {
+	return NetworkCarrierNameKey.String(val)
+}
+
+// NetworkInterfaceName returns an attribute KeyValue conforming to the
+// "network.interface.name" semantic conventions. It represents the network
+// interface name.
+func NetworkInterfaceName(val string) attribute.KeyValue {
+	return NetworkInterfaceNameKey.String(val)
+}
+
+// NetworkLocalAddress returns an attribute KeyValue conforming to the
+// "network.local.address" semantic conventions. It represents the local address
+// of the network connection - IP address or Unix domain socket name.
+func NetworkLocalAddress(val string) attribute.KeyValue {
+	return NetworkLocalAddressKey.String(val)
+}
+
+// NetworkLocalPort returns an attribute KeyValue conforming to the
+// "network.local.port" semantic conventions. It represents the local port number
+// of the network connection.
+func NetworkLocalPort(val int) attribute.KeyValue {
+	return NetworkLocalPortKey.Int(val)
+}
+
+// NetworkPeerAddress returns an attribute KeyValue conforming to the
+// "network.peer.address" semantic conventions. It represents the peer address of
+// the network connection - IP address or Unix domain socket name.
+func NetworkPeerAddress(val string) attribute.KeyValue {
+	return NetworkPeerAddressKey.String(val)
+}
+
+// NetworkPeerPort returns an attribute KeyValue conforming to the
+// "network.peer.port" semantic conventions. It represents the peer port number
+// of the network connection.
+func NetworkPeerPort(val int) attribute.KeyValue {
+	return NetworkPeerPortKey.Int(val)
+}
+
+// NetworkProtocolName returns an attribute KeyValue conforming to the
+// "network.protocol.name" semantic conventions. It represents the
+// [OSI application layer] or non-OSI equivalent.
+//
+// [OSI application layer]: https://wikipedia.org/wiki/Application_layer
+func NetworkProtocolName(val string) attribute.KeyValue {
+	return NetworkProtocolNameKey.String(val)
+}
+
+// NetworkProtocolVersion returns an attribute KeyValue conforming to the
+// "network.protocol.version" semantic conventions. It represents the actual
+// version of the protocol used for network communication.
+func NetworkProtocolVersion(val string) attribute.KeyValue {
+	return NetworkProtocolVersionKey.String(val)
+}
+
+// Enum values for network.connection.state
+var (
+	// closed
+	// Stability: development
+	NetworkConnectionStateClosed = NetworkConnectionStateKey.String("closed")
+	// close_wait
+	// Stability: development
+	NetworkConnectionStateCloseWait = NetworkConnectionStateKey.String("close_wait")
+	// closing
+	// Stability: development
+	NetworkConnectionStateClosing = NetworkConnectionStateKey.String("closing")
+	// established
+	// Stability: development
+	NetworkConnectionStateEstablished = NetworkConnectionStateKey.String("established")
+	// fin_wait_1
+	// Stability: development
+	NetworkConnectionStateFinWait1 = NetworkConnectionStateKey.String("fin_wait_1")
+	// fin_wait_2
+	// Stability: development
+	NetworkConnectionStateFinWait2 = NetworkConnectionStateKey.String("fin_wait_2")
+	// last_ack
+	// Stability: development
+	NetworkConnectionStateLastAck = NetworkConnectionStateKey.String("last_ack")
+	// listen
+	// Stability: development
+	NetworkConnectionStateListen = NetworkConnectionStateKey.String("listen")
+	// syn_received
+	// Stability: development
+	NetworkConnectionStateSynReceived = NetworkConnectionStateKey.String("syn_received")
+	// syn_sent
+	// Stability: development
+	NetworkConnectionStateSynSent = NetworkConnectionStateKey.String("syn_sent")
+	// time_wait
+	// Stability: development
+	NetworkConnectionStateTimeWait = NetworkConnectionStateKey.String("time_wait")
+)
+
+// Enum values for network.connection.subtype
+var (
+	// GPRS
+	// Stability: development
+	NetworkConnectionSubtypeGprs = NetworkConnectionSubtypeKey.String("gprs")
+	// EDGE
+	// Stability: development
+	NetworkConnectionSubtypeEdge = NetworkConnectionSubtypeKey.String("edge")
+	// UMTS
+	// Stability: development
+	NetworkConnectionSubtypeUmts = NetworkConnectionSubtypeKey.String("umts")
+	// CDMA
+	// Stability: development
+	NetworkConnectionSubtypeCdma = NetworkConnectionSubtypeKey.String("cdma")
+	// EVDO Rel. 0
+	// Stability: development
+	NetworkConnectionSubtypeEvdo0 = NetworkConnectionSubtypeKey.String("evdo_0")
+	// EVDO Rev. A
+	// Stability: development
+	NetworkConnectionSubtypeEvdoA = NetworkConnectionSubtypeKey.String("evdo_a")
+	// CDMA2000 1XRTT
+	// Stability: development
+	NetworkConnectionSubtypeCdma20001xrtt = NetworkConnectionSubtypeKey.String("cdma2000_1xrtt")
+	// HSDPA
+	// Stability: development
+	NetworkConnectionSubtypeHsdpa = NetworkConnectionSubtypeKey.String("hsdpa")
+	// HSUPA
+	// Stability: development
+	NetworkConnectionSubtypeHsupa = NetworkConnectionSubtypeKey.String("hsupa")
+	// HSPA
+	// Stability: development
+	NetworkConnectionSubtypeHspa = NetworkConnectionSubtypeKey.String("hspa")
+	// IDEN
+	// Stability: development
+	NetworkConnectionSubtypeIden = NetworkConnectionSubtypeKey.String("iden")
+	// EVDO Rev. B
+	// Stability: development
+	NetworkConnectionSubtypeEvdoB = NetworkConnectionSubtypeKey.String("evdo_b")
+	// LTE
+	// Stability: development
+	NetworkConnectionSubtypeLte = NetworkConnectionSubtypeKey.String("lte")
+	// EHRPD
+	// Stability: development
+	NetworkConnectionSubtypeEhrpd = NetworkConnectionSubtypeKey.String("ehrpd")
+	// HSPAP
+	// Stability: development
+	NetworkConnectionSubtypeHspap = NetworkConnectionSubtypeKey.String("hspap")
+	// GSM
+	// Stability: development
+	NetworkConnectionSubtypeGsm = NetworkConnectionSubtypeKey.String("gsm")
+	// TD-SCDMA
+	// Stability: development
+	NetworkConnectionSubtypeTdScdma = NetworkConnectionSubtypeKey.String("td_scdma")
+	// IWLAN
+	// Stability: development
+	NetworkConnectionSubtypeIwlan = NetworkConnectionSubtypeKey.String("iwlan")
+	// 5G NR (New Radio)
+	// Stability: development
+	NetworkConnectionSubtypeNr = NetworkConnectionSubtypeKey.String("nr")
+	// 5G NRNSA (New Radio Non-Standalone)
+	// Stability: development
+	NetworkConnectionSubtypeNrnsa = NetworkConnectionSubtypeKey.String("nrnsa")
+	// LTE CA
+	// Stability: development
+	NetworkConnectionSubtypeLteCa = NetworkConnectionSubtypeKey.String("lte_ca")
+)
+
+// Enum values for network.connection.type
+var (
+	// wifi
+	// Stability: development
+	NetworkConnectionTypeWifi = NetworkConnectionTypeKey.String("wifi")
+	// wired
+	// Stability: development
+	NetworkConnectionTypeWired = NetworkConnectionTypeKey.String("wired")
+	// cell
+	// Stability: development
+	NetworkConnectionTypeCell = NetworkConnectionTypeKey.String("cell")
+	// unavailable
+	// Stability: development
+	NetworkConnectionTypeUnavailable = NetworkConnectionTypeKey.String("unavailable")
+	// unknown
+	// Stability: development
+	NetworkConnectionTypeUnknown = NetworkConnectionTypeKey.String("unknown")
+)
+
+// Enum values for network.io.direction
+var (
+	// transmit
+	// Stability: development
+	NetworkIoDirectionTransmit = NetworkIoDirectionKey.String("transmit")
+	// receive
+	// Stability: development
+	NetworkIoDirectionReceive = NetworkIoDirectionKey.String("receive")
+)
+
+// Enum values for network.transport
+var (
+	// TCP
+	// Stability: stable
+	NetworkTransportTCP = NetworkTransportKey.String("tcp")
+	// UDP
+	// Stability: stable
+	NetworkTransportUDP = NetworkTransportKey.String("udp")
+	// Named or anonymous pipe.
+	// Stability: stable
+	NetworkTransportPipe = NetworkTransportKey.String("pipe")
+	// Unix domain socket
+	// Stability: stable
+	NetworkTransportUnix = NetworkTransportKey.String("unix")
+	// QUIC
+	// Stability: development
+	NetworkTransportQUIC = NetworkTransportKey.String("quic")
+)
+
+// Enum values for network.type
+var (
+	// IPv4
+	// Stability: stable
+	NetworkTypeIpv4 = NetworkTypeKey.String("ipv4")
+	// IPv6
+	// Stability: stable
+	NetworkTypeIpv6 = NetworkTypeKey.String("ipv6")
+)
+
+// Namespace: oci
+const (
+	// OciManifestDigestKey is the attribute Key conforming to the
+	// "oci.manifest.digest" semantic conventions. It represents the digest of the
+	// OCI image manifest. For container images specifically is the digest by which
+	// the container image is known.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "sha256:e4ca62c0d62f3e886e684806dfe9d4e0cda60d54986898173c1083856cfda0f4"
+	// Note: Follows [OCI Image Manifest Specification], and specifically the
+	// [Digest property].
+	// An example can be found in [Example Image Manifest].
+	//
+	// [OCI Image Manifest Specification]: https://github.com/opencontainers/image-spec/blob/main/manifest.md
+	// [Digest property]: https://github.com/opencontainers/image-spec/blob/main/descriptor.md#digests
+	// [Example Image Manifest]: https://docs.docker.com/registry/spec/manifest-v2-2/#example-image-manifest
+	OciManifestDigestKey = attribute.Key("oci.manifest.digest")
+)
+
+// OciManifestDigest returns an attribute KeyValue conforming to the
+// "oci.manifest.digest" semantic conventions. It represents the digest of the
+// OCI image manifest. For container images specifically is the digest by which
+// the container image is known.
+func OciManifestDigest(val string) attribute.KeyValue {
+	return OciManifestDigestKey.String(val)
+}
+
+// Namespace: opentracing
+const (
+	// OpentracingRefTypeKey is the attribute Key conforming to the
+	// "opentracing.ref_type" semantic conventions. It represents the parent-child
+	// Reference type.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// Note: The causal relationship between a child Span and a parent Span.
+	OpentracingRefTypeKey = attribute.Key("opentracing.ref_type")
+)
+
+// Enum values for opentracing.ref_type
+var (
+	// The parent Span depends on the child Span in some capacity
+	// Stability: development
+	OpentracingRefTypeChildOf = OpentracingRefTypeKey.String("child_of")
+	// The parent Span doesn't depend in any way on the result of the child Span
+	// Stability: development
+	OpentracingRefTypeFollowsFrom = OpentracingRefTypeKey.String("follows_from")
+)
+
+// Namespace: os
+const (
+	// OSBuildIDKey is the attribute Key conforming to the "os.build_id" semantic
+	// conventions. It represents the unique identifier for a particular build or
+	// compilation of the operating system.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "TQ3C.230805.001.B2", "20E247", "22621"
+	OSBuildIDKey = attribute.Key("os.build_id")
+
+	// OSDescriptionKey is the attribute Key conforming to the "os.description"
+	// semantic conventions. It represents the human readable (not intended to be
+	// parsed) OS version information, like e.g. reported by `ver` or
+	// `lsb_release -a` commands.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Microsoft Windows [Version 10.0.18363.778]", "Ubuntu 18.04.1 LTS"
+	OSDescriptionKey = attribute.Key("os.description")
+
+	// OSNameKey is the attribute Key conforming to the "os.name" semantic
+	// conventions. It represents the human readable operating system name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "iOS", "Android", "Ubuntu"
+	OSNameKey = attribute.Key("os.name")
+
+	// OSTypeKey is the attribute Key conforming to the "os.type" semantic
+	// conventions. It represents the operating system type.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	OSTypeKey = attribute.Key("os.type")
+
+	// OSVersionKey is the attribute Key conforming to the "os.version" semantic
+	// conventions. It represents the version string of the operating system as
+	// defined in [Version Attributes].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "14.2.1", "18.04.1"
+	//
+	// [Version Attributes]: /docs/resource/README.md#version-attributes
+	OSVersionKey = attribute.Key("os.version")
+)
+
+// OSBuildID returns an attribute KeyValue conforming to the "os.build_id"
+// semantic conventions. It represents the unique identifier for a particular
+// build or compilation of the operating system.
+func OSBuildID(val string) attribute.KeyValue {
+	return OSBuildIDKey.String(val)
+}
+
+// OSDescription returns an attribute KeyValue conforming to the "os.description"
+// semantic conventions. It represents the human readable (not intended to be
+// parsed) OS version information, like e.g. reported by `ver` or
+// `lsb_release -a` commands.
+func OSDescription(val string) attribute.KeyValue {
+	return OSDescriptionKey.String(val)
+}
+
+// OSName returns an attribute KeyValue conforming to the "os.name" semantic
+// conventions. It represents the human readable operating system name.
+func OSName(val string) attribute.KeyValue {
+	return OSNameKey.String(val)
+}
+
+// OSVersion returns an attribute KeyValue conforming to the "os.version"
+// semantic conventions. It represents the version string of the operating system
+// as defined in [Version Attributes].
+//
+// [Version Attributes]: /docs/resource/README.md#version-attributes
+func OSVersion(val string) attribute.KeyValue {
+	return OSVersionKey.String(val)
+}
+
+// Enum values for os.type
+var (
+	// Microsoft Windows
+	// Stability: development
+	OSTypeWindows = OSTypeKey.String("windows")
+	// Linux
+	// Stability: development
+	OSTypeLinux = OSTypeKey.String("linux")
+	// Apple Darwin
+	// Stability: development
+	OSTypeDarwin = OSTypeKey.String("darwin")
+	// FreeBSD
+	// Stability: development
+	OSTypeFreeBSD = OSTypeKey.String("freebsd")
+	// NetBSD
+	// Stability: development
+	OSTypeNetBSD = OSTypeKey.String("netbsd")
+	// OpenBSD
+	// Stability: development
+	OSTypeOpenBSD = OSTypeKey.String("openbsd")
+	// DragonFly BSD
+	// Stability: development
+	OSTypeDragonflyBSD = OSTypeKey.String("dragonflybsd")
+	// HP-UX (Hewlett Packard Unix)
+	// Stability: development
+	OSTypeHPUX = OSTypeKey.String("hpux")
+	// AIX (Advanced Interactive eXecutive)
+	// Stability: development
+	OSTypeAIX = OSTypeKey.String("aix")
+	// SunOS, Oracle Solaris
+	// Stability: development
+	OSTypeSolaris = OSTypeKey.String("solaris")
+	// IBM z/OS
+	// Stability: development
+	OSTypeZOS = OSTypeKey.String("z_os")
+)
+
+// Namespace: otel
+const (
+	// OTelScopeNameKey is the attribute Key conforming to the "otel.scope.name"
+	// semantic conventions. It represents the name of the instrumentation scope - (
+	// `InstrumentationScope.Name` in OTLP).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "io.opentelemetry.contrib.mongodb"
+	OTelScopeNameKey = attribute.Key("otel.scope.name")
+
+	// OTelScopeVersionKey is the attribute Key conforming to the
+	// "otel.scope.version" semantic conventions. It represents the version of the
+	// instrumentation scope - (`InstrumentationScope.Version` in OTLP).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "1.0.0"
+	OTelScopeVersionKey = attribute.Key("otel.scope.version")
+
+	// OTelStatusCodeKey is the attribute Key conforming to the "otel.status_code"
+	// semantic conventions. It represents the name of the code, either "OK" or
+	// "ERROR". MUST NOT be set if the status code is UNSET.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples:
+	OTelStatusCodeKey = attribute.Key("otel.status_code")
+
+	// OTelStatusDescriptionKey is the attribute Key conforming to the
+	// "otel.status_description" semantic conventions. It represents the description
+	// of the Status if it has a value, otherwise not set.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "resource not found"
+	OTelStatusDescriptionKey = attribute.Key("otel.status_description")
+)
+
+// OTelScopeName returns an attribute KeyValue conforming to the
+// "otel.scope.name" semantic conventions. It represents the name of the
+// instrumentation scope - (`InstrumentationScope.Name` in OTLP).
+func OTelScopeName(val string) attribute.KeyValue {
+	return OTelScopeNameKey.String(val)
+}
+
+// OTelScopeVersion returns an attribute KeyValue conforming to the
+// "otel.scope.version" semantic conventions. It represents the version of the
+// instrumentation scope - (`InstrumentationScope.Version` in OTLP).
+func OTelScopeVersion(val string) attribute.KeyValue {
+	return OTelScopeVersionKey.String(val)
+}
+
+// OTelStatusDescription returns an attribute KeyValue conforming to the
+// "otel.status_description" semantic conventions. It represents the description
+// of the Status if it has a value, otherwise not set.
+func OTelStatusDescription(val string) attribute.KeyValue {
+	return OTelStatusDescriptionKey.String(val)
+}
+
+// Enum values for otel.status_code
+var (
+	// The operation has been validated by an Application developer or Operator to
+	// have completed successfully.
+	// Stability: stable
+	OTelStatusCodeOk = OTelStatusCodeKey.String("OK")
+	// The operation contains an error.
+	// Stability: stable
+	OTelStatusCodeError = OTelStatusCodeKey.String("ERROR")
+)
+
+// Namespace: peer
+const (
+	// PeerServiceKey is the attribute Key conforming to the "peer.service" semantic
+	// conventions. It represents the [`service.name`] of the remote service. SHOULD
+	// be equal to the actual `service.name` resource attribute of the remote
+	// service if any.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: AuthTokenCache
+	//
+	// [`service.name`]: /docs/resource/README.md#service
+	PeerServiceKey = attribute.Key("peer.service")
+)
+
+// PeerService returns an attribute KeyValue conforming to the "peer.service"
+// semantic conventions. It represents the [`service.name`] of the remote
+// service. SHOULD be equal to the actual `service.name` resource attribute of
+// the remote service if any.
+//
+// [`service.name`]: /docs/resource/README.md#service
+func PeerService(val string) attribute.KeyValue {
+	return PeerServiceKey.String(val)
+}
+
+// Namespace: process
+const (
+	// ProcessArgsCountKey is the attribute Key conforming to the
+	// "process.args_count" semantic conventions. It represents the length of the
+	// process.command_args array.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 4
+	// Note: This field can be useful for querying or performing bucket analysis on
+	// how many arguments were provided to start a process. More arguments may be an
+	// indication of suspicious activity.
+	ProcessArgsCountKey = attribute.Key("process.args_count")
+
+	// ProcessCommandKey is the attribute Key conforming to the "process.command"
+	// semantic conventions. It represents the command used to launch the process
+	// (i.e. the command name). On Linux based systems, can be set to the zeroth
+	// string in `proc/[pid]/cmdline`. On Windows, can be set to the first parameter
+	// extracted from `GetCommandLineW`.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "cmd/otelcol"
+	ProcessCommandKey = attribute.Key("process.command")
+
+	// ProcessCommandArgsKey is the attribute Key conforming to the
+	// "process.command_args" semantic conventions. It represents the all the
+	// command arguments (including the command/executable itself) as received by
+	// the process. On Linux-based systems (and some other Unixoid systems
+	// supporting procfs), can be set according to the list of null-delimited
+	// strings extracted from `proc/[pid]/cmdline`. For libc-based executables, this
+	// would be the full argv vector passed to `main`.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "cmd/otecol", "--config=config.yaml"
+	ProcessCommandArgsKey = attribute.Key("process.command_args")
+
+	// ProcessCommandLineKey is the attribute Key conforming to the
+	// "process.command_line" semantic conventions. It represents the full command
+	// used to launch the process as a single string representing the full command.
+	// On Windows, can be set to the result of `GetCommandLineW`. Do not set this if
+	// you have to assemble it just for monitoring; use `process.command_args`
+	// instead.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "C:\cmd\otecol --config="my directory\config.yaml""
+	ProcessCommandLineKey = attribute.Key("process.command_line")
+
+	// ProcessContextSwitchTypeKey is the attribute Key conforming to the
+	// "process.context_switch_type" semantic conventions. It represents the
+	// specifies whether the context switches for this data point were voluntary or
+	// involuntary.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	ProcessContextSwitchTypeKey = attribute.Key("process.context_switch_type")
+
+	// ProcessCreationTimeKey is the attribute Key conforming to the
+	// "process.creation.time" semantic conventions. It represents the date and time
+	// the process was created, in ISO 8601 format.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2023-11-21T09:25:34.853Z"
+	ProcessCreationTimeKey = attribute.Key("process.creation.time")
+
+	// ProcessExecutableBuildIDGnuKey is the attribute Key conforming to the
+	// "process.executable.build_id.gnu" semantic conventions. It represents the GNU
+	// build ID as found in the `.note.gnu.build-id` ELF section (hex string).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "c89b11207f6479603b0d49bf291c092c2b719293"
+	ProcessExecutableBuildIDGnuKey = attribute.Key("process.executable.build_id.gnu")
+
+	// ProcessExecutableBuildIDGoKey is the attribute Key conforming to the
+	// "process.executable.build_id.go" semantic conventions. It represents the Go
+	// build ID as retrieved by `go tool buildid <go executable>`.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "foh3mEXu7BLZjsN9pOwG/kATcXlYVCDEFouRMQed_/WwRFB1hPo9LBkekthSPG/x8hMC8emW2cCjXD0_1aY"
+	ProcessExecutableBuildIDGoKey = attribute.Key("process.executable.build_id.go")
+
+	// ProcessExecutableBuildIDHtlhashKey is the attribute Key conforming to the
+	// "process.executable.build_id.htlhash" semantic conventions. It represents the
+	// profiling specific build ID for executables. See the OTel specification for
+	// Profiles for more information.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "600DCAFE4A110000F2BF38C493F5FB92"
+	ProcessExecutableBuildIDHtlhashKey = attribute.Key("process.executable.build_id.htlhash")
+
+	// ProcessExecutableNameKey is the attribute Key conforming to the
+	// "process.executable.name" semantic conventions. It represents the name of the
+	// process executable. On Linux based systems, can be set to the `Name` in
+	// `proc/[pid]/status`. On Windows, can be set to the base name of
+	// `GetProcessImageFileNameW`.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "otelcol"
+	ProcessExecutableNameKey = attribute.Key("process.executable.name")
+
+	// ProcessExecutablePathKey is the attribute Key conforming to the
+	// "process.executable.path" semantic conventions. It represents the full path
+	// to the process executable. On Linux based systems, can be set to the target
+	// of `proc/[pid]/exe`. On Windows, can be set to the result of
+	// `GetProcessImageFileNameW`.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/usr/bin/cmd/otelcol"
+	ProcessExecutablePathKey = attribute.Key("process.executable.path")
+
+	// ProcessExitCodeKey is the attribute Key conforming to the "process.exit.code"
+	// semantic conventions. It represents the exit code of the process.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 127
+	ProcessExitCodeKey = attribute.Key("process.exit.code")
+
+	// ProcessExitTimeKey is the attribute Key conforming to the "process.exit.time"
+	// semantic conventions. It represents the date and time the process exited, in
+	// ISO 8601 format.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2023-11-21T09:26:12.315Z"
+	ProcessExitTimeKey = attribute.Key("process.exit.time")
+
+	// ProcessGroupLeaderPIDKey is the attribute Key conforming to the
+	// "process.group_leader.pid" semantic conventions. It represents the PID of the
+	// process's group leader. This is also the process group ID (PGID) of the
+	// process.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 23
+	ProcessGroupLeaderPIDKey = attribute.Key("process.group_leader.pid")
+
+	// ProcessInteractiveKey is the attribute Key conforming to the
+	// "process.interactive" semantic conventions. It represents the whether the
+	// process is connected to an interactive shell.
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	ProcessInteractiveKey = attribute.Key("process.interactive")
+
+	// ProcessLinuxCgroupKey is the attribute Key conforming to the
+	// "process.linux.cgroup" semantic conventions. It represents the control group
+	// associated with the process.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1:name=systemd:/user.slice/user-1000.slice/session-3.scope",
+	// "0::/user.slice/user-1000.slice/user@1000.service/tmux-spawn-0267755b-4639-4a27-90ed-f19f88e53748.scope"
+	// Note: Control groups (cgroups) are a kernel feature used to organize and
+	// manage process resources. This attribute provides the path(s) to the
+	// cgroup(s) associated with the process, which should match the contents of the
+	// [/proc/[PID]/cgroup] file.
+	//
+	// [/proc/[PID]/cgroup]: https://man7.org/linux/man-pages/man7/cgroups.7.html
+	ProcessLinuxCgroupKey = attribute.Key("process.linux.cgroup")
+
+	// ProcessOwnerKey is the attribute Key conforming to the "process.owner"
+	// semantic conventions. It represents the username of the user that owns the
+	// process.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "root"
+	ProcessOwnerKey = attribute.Key("process.owner")
+
+	// ProcessPagingFaultTypeKey is the attribute Key conforming to the
+	// "process.paging.fault_type" semantic conventions. It represents the type of
+	// page fault for this data point. Type `major` is for major/hard page faults,
+	// and `minor` is for minor/soft page faults.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	ProcessPagingFaultTypeKey = attribute.Key("process.paging.fault_type")
+
+	// ProcessParentPIDKey is the attribute Key conforming to the
+	// "process.parent_pid" semantic conventions. It represents the parent Process
+	// identifier (PPID).
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 111
+	ProcessParentPIDKey = attribute.Key("process.parent_pid")
+
+	// ProcessPIDKey is the attribute Key conforming to the "process.pid" semantic
+	// conventions. It represents the process identifier (PID).
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1234
+	ProcessPIDKey = attribute.Key("process.pid")
+
+	// ProcessRealUserIDKey is the attribute Key conforming to the
+	// "process.real_user.id" semantic conventions. It represents the real user ID
+	// (RUID) of the process.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1000
+	ProcessRealUserIDKey = attribute.Key("process.real_user.id")
+
+	// ProcessRealUserNameKey is the attribute Key conforming to the
+	// "process.real_user.name" semantic conventions. It represents the username of
+	// the real user of the process.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "operator"
+	ProcessRealUserNameKey = attribute.Key("process.real_user.name")
+
+	// ProcessRuntimeDescriptionKey is the attribute Key conforming to the
+	// "process.runtime.description" semantic conventions. It represents an
+	// additional description about the runtime of the process, for example a
+	// specific vendor customization of the runtime environment.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: Eclipse OpenJ9 Eclipse OpenJ9 VM openj9-0.21.0
+	ProcessRuntimeDescriptionKey = attribute.Key("process.runtime.description")
+
+	// ProcessRuntimeNameKey is the attribute Key conforming to the
+	// "process.runtime.name" semantic conventions. It represents the name of the
+	// runtime of this process.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "OpenJDK Runtime Environment"
+	ProcessRuntimeNameKey = attribute.Key("process.runtime.name")
+
+	// ProcessRuntimeVersionKey is the attribute Key conforming to the
+	// "process.runtime.version" semantic conventions. It represents the version of
+	// the runtime of this process, as returned by the runtime without modification.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 14.0.2
+	ProcessRuntimeVersionKey = attribute.Key("process.runtime.version")
+
+	// ProcessSavedUserIDKey is the attribute Key conforming to the
+	// "process.saved_user.id" semantic conventions. It represents the saved user ID
+	// (SUID) of the process.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1002
+	ProcessSavedUserIDKey = attribute.Key("process.saved_user.id")
+
+	// ProcessSavedUserNameKey is the attribute Key conforming to the
+	// "process.saved_user.name" semantic conventions. It represents the username of
+	// the saved user.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "operator"
+	ProcessSavedUserNameKey = attribute.Key("process.saved_user.name")
+
+	// ProcessSessionLeaderPIDKey is the attribute Key conforming to the
+	// "process.session_leader.pid" semantic conventions. It represents the PID of
+	// the process's session leader. This is also the session ID (SID) of the
+	// process.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 14
+	ProcessSessionLeaderPIDKey = attribute.Key("process.session_leader.pid")
+
+	// ProcessTitleKey is the attribute Key conforming to the "process.title"
+	// semantic conventions. It represents the process title (proctitle).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "cat /etc/hostname", "xfce4-session", "bash"
+	// Note: In many Unix-like systems, process title (proctitle), is the string
+	// that represents the name or command line of a running process, displayed by
+	// system monitoring tools like ps, top, and htop.
+	ProcessTitleKey = attribute.Key("process.title")
+
+	// ProcessUserIDKey is the attribute Key conforming to the "process.user.id"
+	// semantic conventions. It represents the effective user ID (EUID) of the
+	// process.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1001
+	ProcessUserIDKey = attribute.Key("process.user.id")
+
+	// ProcessUserNameKey is the attribute Key conforming to the "process.user.name"
+	// semantic conventions. It represents the username of the effective user of the
+	// process.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "root"
+	ProcessUserNameKey = attribute.Key("process.user.name")
+
+	// ProcessVpidKey is the attribute Key conforming to the "process.vpid" semantic
+	// conventions. It represents the virtual process identifier.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 12
+	// Note: The process ID within a PID namespace. This is not necessarily unique
+	// across all processes on the host but it is unique within the process
+	// namespace that the process exists within.
+	ProcessVpidKey = attribute.Key("process.vpid")
+
+	// ProcessWorkingDirectoryKey is the attribute Key conforming to the
+	// "process.working_directory" semantic conventions. It represents the working
+	// directory of the process.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/root"
+	ProcessWorkingDirectoryKey = attribute.Key("process.working_directory")
+)
+
+// ProcessArgsCount returns an attribute KeyValue conforming to the
+// "process.args_count" semantic conventions. It represents the length of the
+// process.command_args array.
+func ProcessArgsCount(val int) attribute.KeyValue {
+	return ProcessArgsCountKey.Int(val)
+}
+
+// ProcessCommand returns an attribute KeyValue conforming to the
+// "process.command" semantic conventions. It represents the command used to
+// launch the process (i.e. the command name). On Linux based systems, can be set
+// to the zeroth string in `proc/[pid]/cmdline`. On Windows, can be set to the
+// first parameter extracted from `GetCommandLineW`.
+func ProcessCommand(val string) attribute.KeyValue {
+	return ProcessCommandKey.String(val)
+}
+
+// ProcessCommandArgs returns an attribute KeyValue conforming to the
+// "process.command_args" semantic conventions. It represents the all the command
+// arguments (including the command/executable itself) as received by the
+// process. On Linux-based systems (and some other Unixoid systems supporting
+// procfs), can be set according to the list of null-delimited strings extracted
+// from `proc/[pid]/cmdline`. For libc-based executables, this would be the full
+// argv vector passed to `main`.
+func ProcessCommandArgs(val ...string) attribute.KeyValue {
+	return ProcessCommandArgsKey.StringSlice(val)
+}
+
+// ProcessCommandLine returns an attribute KeyValue conforming to the
+// "process.command_line" semantic conventions. It represents the full command
+// used to launch the process as a single string representing the full command.
+// On Windows, can be set to the result of `GetCommandLineW`. Do not set this if
+// you have to assemble it just for monitoring; use `process.command_args`
+// instead.
+func ProcessCommandLine(val string) attribute.KeyValue {
+	return ProcessCommandLineKey.String(val)
+}
+
+// ProcessCreationTime returns an attribute KeyValue conforming to the
+// "process.creation.time" semantic conventions. It represents the date and time
+// the process was created, in ISO 8601 format.
+func ProcessCreationTime(val string) attribute.KeyValue {
+	return ProcessCreationTimeKey.String(val)
+}
+
+// ProcessExecutableBuildIDGnu returns an attribute KeyValue conforming to the
+// "process.executable.build_id.gnu" semantic conventions. It represents the GNU
+// build ID as found in the `.note.gnu.build-id` ELF section (hex string).
+func ProcessExecutableBuildIDGnu(val string) attribute.KeyValue {
+	return ProcessExecutableBuildIDGnuKey.String(val)
+}
+
+// ProcessExecutableBuildIDGo returns an attribute KeyValue conforming to the
+// "process.executable.build_id.go" semantic conventions. It represents the Go
+// build ID as retrieved by `go tool buildid <go executable>`.
+func ProcessExecutableBuildIDGo(val string) attribute.KeyValue {
+	return ProcessExecutableBuildIDGoKey.String(val)
+}
+
+// ProcessExecutableBuildIDHtlhash returns an attribute KeyValue conforming to
+// the "process.executable.build_id.htlhash" semantic conventions. It represents
+// the profiling specific build ID for executables. See the OTel specification
+// for Profiles for more information.
+func ProcessExecutableBuildIDHtlhash(val string) attribute.KeyValue {
+	return ProcessExecutableBuildIDHtlhashKey.String(val)
+}
+
+// ProcessExecutableName returns an attribute KeyValue conforming to the
+// "process.executable.name" semantic conventions. It represents the name of the
+// process executable. On Linux based systems, can be set to the `Name` in
+// `proc/[pid]/status`. On Windows, can be set to the base name of
+// `GetProcessImageFileNameW`.
+func ProcessExecutableName(val string) attribute.KeyValue {
+	return ProcessExecutableNameKey.String(val)
+}
+
+// ProcessExecutablePath returns an attribute KeyValue conforming to the
+// "process.executable.path" semantic conventions. It represents the full path to
+// the process executable. On Linux based systems, can be set to the target of
+// `proc/[pid]/exe`. On Windows, can be set to the result of
+// `GetProcessImageFileNameW`.
+func ProcessExecutablePath(val string) attribute.KeyValue {
+	return ProcessExecutablePathKey.String(val)
+}
+
+// ProcessExitCode returns an attribute KeyValue conforming to the
+// "process.exit.code" semantic conventions. It represents the exit code of the
+// process.
+func ProcessExitCode(val int) attribute.KeyValue {
+	return ProcessExitCodeKey.Int(val)
+}
+
+// ProcessExitTime returns an attribute KeyValue conforming to the
+// "process.exit.time" semantic conventions. It represents the date and time the
+// process exited, in ISO 8601 format.
+func ProcessExitTime(val string) attribute.KeyValue {
+	return ProcessExitTimeKey.String(val)
+}
+
+// ProcessGroupLeaderPID returns an attribute KeyValue conforming to the
+// "process.group_leader.pid" semantic conventions. It represents the PID of the
+// process's group leader. This is also the process group ID (PGID) of the
+// process.
+func ProcessGroupLeaderPID(val int) attribute.KeyValue {
+	return ProcessGroupLeaderPIDKey.Int(val)
+}
+
+// ProcessInteractive returns an attribute KeyValue conforming to the
+// "process.interactive" semantic conventions. It represents the whether the
+// process is connected to an interactive shell.
+func ProcessInteractive(val bool) attribute.KeyValue {
+	return ProcessInteractiveKey.Bool(val)
+}
+
+// ProcessLinuxCgroup returns an attribute KeyValue conforming to the
+// "process.linux.cgroup" semantic conventions. It represents the control group
+// associated with the process.
+func ProcessLinuxCgroup(val string) attribute.KeyValue {
+	return ProcessLinuxCgroupKey.String(val)
+}
+
+// ProcessOwner returns an attribute KeyValue conforming to the "process.owner"
+// semantic conventions. It represents the username of the user that owns the
+// process.
+func ProcessOwner(val string) attribute.KeyValue {
+	return ProcessOwnerKey.String(val)
+}
+
+// ProcessParentPID returns an attribute KeyValue conforming to the
+// "process.parent_pid" semantic conventions. It represents the parent Process
+// identifier (PPID).
+func ProcessParentPID(val int) attribute.KeyValue {
+	return ProcessParentPIDKey.Int(val)
+}
+
+// ProcessPID returns an attribute KeyValue conforming to the "process.pid"
+// semantic conventions. It represents the process identifier (PID).
+func ProcessPID(val int) attribute.KeyValue {
+	return ProcessPIDKey.Int(val)
+}
+
+// ProcessRealUserID returns an attribute KeyValue conforming to the
+// "process.real_user.id" semantic conventions. It represents the real user ID
+// (RUID) of the process.
+func ProcessRealUserID(val int) attribute.KeyValue {
+	return ProcessRealUserIDKey.Int(val)
+}
+
+// ProcessRealUserName returns an attribute KeyValue conforming to the
+// "process.real_user.name" semantic conventions. It represents the username of
+// the real user of the process.
+func ProcessRealUserName(val string) attribute.KeyValue {
+	return ProcessRealUserNameKey.String(val)
+}
+
+// ProcessRuntimeDescription returns an attribute KeyValue conforming to the
+// "process.runtime.description" semantic conventions. It represents an
+// additional description about the runtime of the process, for example a
+// specific vendor customization of the runtime environment.
+func ProcessRuntimeDescription(val string) attribute.KeyValue {
+	return ProcessRuntimeDescriptionKey.String(val)
+}
+
+// ProcessRuntimeName returns an attribute KeyValue conforming to the
+// "process.runtime.name" semantic conventions. It represents the name of the
+// runtime of this process.
+func ProcessRuntimeName(val string) attribute.KeyValue {
+	return ProcessRuntimeNameKey.String(val)
+}
+
+// ProcessRuntimeVersion returns an attribute KeyValue conforming to the
+// "process.runtime.version" semantic conventions. It represents the version of
+// the runtime of this process, as returned by the runtime without modification.
+func ProcessRuntimeVersion(val string) attribute.KeyValue {
+	return ProcessRuntimeVersionKey.String(val)
+}
+
+// ProcessSavedUserID returns an attribute KeyValue conforming to the
+// "process.saved_user.id" semantic conventions. It represents the saved user ID
+// (SUID) of the process.
+func ProcessSavedUserID(val int) attribute.KeyValue {
+	return ProcessSavedUserIDKey.Int(val)
+}
+
+// ProcessSavedUserName returns an attribute KeyValue conforming to the
+// "process.saved_user.name" semantic conventions. It represents the username of
+// the saved user.
+func ProcessSavedUserName(val string) attribute.KeyValue {
+	return ProcessSavedUserNameKey.String(val)
+}
+
+// ProcessSessionLeaderPID returns an attribute KeyValue conforming to the
+// "process.session_leader.pid" semantic conventions. It represents the PID of
+// the process's session leader. This is also the session ID (SID) of the
+// process.
+func ProcessSessionLeaderPID(val int) attribute.KeyValue {
+	return ProcessSessionLeaderPIDKey.Int(val)
+}
+
+// ProcessTitle returns an attribute KeyValue conforming to the "process.title"
+// semantic conventions. It represents the process title (proctitle).
+func ProcessTitle(val string) attribute.KeyValue {
+	return ProcessTitleKey.String(val)
+}
+
+// ProcessUserID returns an attribute KeyValue conforming to the
+// "process.user.id" semantic conventions. It represents the effective user ID
+// (EUID) of the process.
+func ProcessUserID(val int) attribute.KeyValue {
+	return ProcessUserIDKey.Int(val)
+}
+
+// ProcessUserName returns an attribute KeyValue conforming to the
+// "process.user.name" semantic conventions. It represents the username of the
+// effective user of the process.
+func ProcessUserName(val string) attribute.KeyValue {
+	return ProcessUserNameKey.String(val)
+}
+
+// ProcessVpid returns an attribute KeyValue conforming to the "process.vpid"
+// semantic conventions. It represents the virtual process identifier.
+func ProcessVpid(val int) attribute.KeyValue {
+	return ProcessVpidKey.Int(val)
+}
+
+// ProcessWorkingDirectory returns an attribute KeyValue conforming to the
+// "process.working_directory" semantic conventions. It represents the working
+// directory of the process.
+func ProcessWorkingDirectory(val string) attribute.KeyValue {
+	return ProcessWorkingDirectoryKey.String(val)
+}
+
+// Enum values for process.context_switch_type
+var (
+	// voluntary
+	// Stability: development
+	ProcessContextSwitchTypeVoluntary = ProcessContextSwitchTypeKey.String("voluntary")
+	// involuntary
+	// Stability: development
+	ProcessContextSwitchTypeInvoluntary = ProcessContextSwitchTypeKey.String("involuntary")
+)
+
+// Enum values for process.paging.fault_type
+var (
+	// major
+	// Stability: development
+	ProcessPagingFaultTypeMajor = ProcessPagingFaultTypeKey.String("major")
+	// minor
+	// Stability: development
+	ProcessPagingFaultTypeMinor = ProcessPagingFaultTypeKey.String("minor")
+)
+
+// Namespace: profile
+const (
+	// ProfileFrameTypeKey is the attribute Key conforming to the
+	// "profile.frame.type" semantic conventions. It represents the describes the
+	// interpreter or compiler of a single frame.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "cpython"
+	ProfileFrameTypeKey = attribute.Key("profile.frame.type")
+)
+
+// Enum values for profile.frame.type
+var (
+	// [.NET]
+	//
+	// Stability: development
+	//
+	// [.NET]: https://wikipedia.org/wiki/.NET
+	ProfileFrameTypeDotnet = ProfileFrameTypeKey.String("dotnet")
+	// [JVM]
+	//
+	// Stability: development
+	//
+	// [JVM]: https://wikipedia.org/wiki/Java_virtual_machine
+	ProfileFrameTypeJVM = ProfileFrameTypeKey.String("jvm")
+	// [Kernel]
+	//
+	// Stability: development
+	//
+	// [Kernel]: https://wikipedia.org/wiki/Kernel_(operating_system)
+	ProfileFrameTypeKernel = ProfileFrameTypeKey.String("kernel")
+	// [C], [C++], [Go], [Rust]
+	//
+	// Stability: development
+	//
+	// [C]: https://wikipedia.org/wiki/C_(programming_language)
+	// [C++]: https://wikipedia.org/wiki/C%2B%2B
+	// [Go]: https://wikipedia.org/wiki/Go_(programming_language)
+	// [Rust]: https://wikipedia.org/wiki/Rust_(programming_language)
+	ProfileFrameTypeNative = ProfileFrameTypeKey.String("native")
+	// [Perl]
+	//
+	// Stability: development
+	//
+	// [Perl]: https://wikipedia.org/wiki/Perl
+	ProfileFrameTypePerl = ProfileFrameTypeKey.String("perl")
+	// [PHP]
+	//
+	// Stability: development
+	//
+	// [PHP]: https://wikipedia.org/wiki/PHP
+	ProfileFrameTypePHP = ProfileFrameTypeKey.String("php")
+	// [Python]
+	//
+	// Stability: development
+	//
+	// [Python]: https://wikipedia.org/wiki/Python_(programming_language)
+	ProfileFrameTypeCpython = ProfileFrameTypeKey.String("cpython")
+	// [Ruby]
+	//
+	// Stability: development
+	//
+	// [Ruby]: https://wikipedia.org/wiki/Ruby_(programming_language)
+	ProfileFrameTypeRuby = ProfileFrameTypeKey.String("ruby")
+	// [V8JS]
+	//
+	// Stability: development
+	//
+	// [V8JS]: https://wikipedia.org/wiki/V8_(JavaScript_engine)
+	ProfileFrameTypeV8JS = ProfileFrameTypeKey.String("v8js")
+	// [Erlang]
+	//
+	// Stability: development
+	//
+	// [Erlang]: https://en.wikipedia.org/wiki/BEAM_(Erlang_virtual_machine)
+	ProfileFrameTypeBeam = ProfileFrameTypeKey.String("beam")
+)
+
+// Namespace: rpc
+const (
+	// RPCConnectRPCErrorCodeKey is the attribute Key conforming to the
+	// "rpc.connect_rpc.error_code" semantic conventions. It represents the
+	// [error codes] of the Connect request. Error codes are always string values.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	//
+	// [error codes]: https://connect.build/docs/protocol/#error-codes
+	RPCConnectRPCErrorCodeKey = attribute.Key("rpc.connect_rpc.error_code")
+
+	// RPCGRPCStatusCodeKey is the attribute Key conforming to the
+	// "rpc.grpc.status_code" semantic conventions. It represents the
+	// [numeric status code] of the gRPC request.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	//
+	// [numeric status code]: https://github.com/grpc/grpc/blob/v1.33.2/doc/statuscodes.md
+	RPCGRPCStatusCodeKey = attribute.Key("rpc.grpc.status_code")
+
+	// RPCJsonrpcErrorCodeKey is the attribute Key conforming to the
+	// "rpc.jsonrpc.error_code" semantic conventions. It represents the `error.code`
+	//  property of response if it is an error response.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: -32700, 100
+	RPCJsonrpcErrorCodeKey = attribute.Key("rpc.jsonrpc.error_code")
+
+	// RPCJsonrpcErrorMessageKey is the attribute Key conforming to the
+	// "rpc.jsonrpc.error_message" semantic conventions. It represents the
+	// `error.message` property of response if it is an error response.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Parse error", "User already exists"
+	RPCJsonrpcErrorMessageKey = attribute.Key("rpc.jsonrpc.error_message")
+
+	// RPCJsonrpcRequestIDKey is the attribute Key conforming to the
+	// "rpc.jsonrpc.request_id" semantic conventions. It represents the `id`
+	// property of request or response. Since protocol allows id to be int, string,
+	// `null` or missing (for notifications), value is expected to be cast to string
+	// for simplicity. Use empty string in case of `null` value. Omit entirely if
+	// this is a notification.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "10", "request-7", ""
+	RPCJsonrpcRequestIDKey = attribute.Key("rpc.jsonrpc.request_id")
+
+	// RPCJsonrpcVersionKey is the attribute Key conforming to the
+	// "rpc.jsonrpc.version" semantic conventions. It represents the protocol
+	// version as in `jsonrpc` property of request/response. Since JSON-RPC 1.0
+	// doesn't specify this, the value can be omitted.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2.0", "1.0"
+	RPCJsonrpcVersionKey = attribute.Key("rpc.jsonrpc.version")
+
+	// RPCMessageCompressedSizeKey is the attribute Key conforming to the
+	// "rpc.message.compressed_size" semantic conventions. It represents the
+	// compressed size of the message in bytes.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	RPCMessageCompressedSizeKey = attribute.Key("rpc.message.compressed_size")
+
+	// RPCMessageIDKey is the attribute Key conforming to the "rpc.message.id"
+	// semantic conventions. It represents the mUST be calculated as two different
+	// counters starting from `1` one for sent messages and one for received
+	// message.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// Note: This way we guarantee that the values will be consistent between
+	// different implementations.
+	RPCMessageIDKey = attribute.Key("rpc.message.id")
+
+	// RPCMessageTypeKey is the attribute Key conforming to the "rpc.message.type"
+	// semantic conventions. It represents the whether this is a received or sent
+	// message.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	RPCMessageTypeKey = attribute.Key("rpc.message.type")
+
+	// RPCMessageUncompressedSizeKey is the attribute Key conforming to the
+	// "rpc.message.uncompressed_size" semantic conventions. It represents the
+	// uncompressed size of the message in bytes.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	RPCMessageUncompressedSizeKey = attribute.Key("rpc.message.uncompressed_size")
+
+	// RPCMethodKey is the attribute Key conforming to the "rpc.method" semantic
+	// conventions. It represents the name of the (logical) method being called,
+	// must be equal to the $method part in the span name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: exampleMethod
+	// Note: This is the logical name of the method from the RPC interface
+	// perspective, which can be different from the name of any implementing
+	// method/function. The `code.function.name` attribute may be used to store the
+	// latter (e.g., method actually executing the call on the server side, RPC
+	// client stub method on the client side).
+	RPCMethodKey = attribute.Key("rpc.method")
+
+	// RPCServiceKey is the attribute Key conforming to the "rpc.service" semantic
+	// conventions. It represents the full (logical) name of the service being
+	// called, including its package name, if applicable.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: myservice.EchoService
+	// Note: This is the logical name of the service from the RPC interface
+	// perspective, which can be different from the name of any implementing class.
+	// The `code.namespace` attribute may be used to store the latter (despite the
+	// attribute name, it may include a class name; e.g., class with method actually
+	// executing the call on the server side, RPC client stub class on the client
+	// side).
+	RPCServiceKey = attribute.Key("rpc.service")
+
+	// RPCSystemKey is the attribute Key conforming to the "rpc.system" semantic
+	// conventions. It represents a string identifying the remoting system. See
+	// below for a list of well-known identifiers.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	RPCSystemKey = attribute.Key("rpc.system")
+)
+
+// RPCJsonrpcErrorCode returns an attribute KeyValue conforming to the
+// "rpc.jsonrpc.error_code" semantic conventions. It represents the `error.code`
+// property of response if it is an error response.
+func RPCJsonrpcErrorCode(val int) attribute.KeyValue {
+	return RPCJsonrpcErrorCodeKey.Int(val)
+}
+
+// RPCJsonrpcErrorMessage returns an attribute KeyValue conforming to the
+// "rpc.jsonrpc.error_message" semantic conventions. It represents the
+// `error.message` property of response if it is an error response.
+func RPCJsonrpcErrorMessage(val string) attribute.KeyValue {
+	return RPCJsonrpcErrorMessageKey.String(val)
+}
+
+// RPCJsonrpcRequestID returns an attribute KeyValue conforming to the
+// "rpc.jsonrpc.request_id" semantic conventions. It represents the `id` property
+// of request or response. Since protocol allows id to be int, string, `null` or
+// missing (for notifications), value is expected to be cast to string for
+// simplicity. Use empty string in case of `null` value. Omit entirely if this is
+// a notification.
+func RPCJsonrpcRequestID(val string) attribute.KeyValue {
+	return RPCJsonrpcRequestIDKey.String(val)
+}
+
+// RPCJsonrpcVersion returns an attribute KeyValue conforming to the
+// "rpc.jsonrpc.version" semantic conventions. It represents the protocol version
+// as in `jsonrpc` property of request/response. Since JSON-RPC 1.0 doesn't
+// specify this, the value can be omitted.
+func RPCJsonrpcVersion(val string) attribute.KeyValue {
+	return RPCJsonrpcVersionKey.String(val)
+}
+
+// RPCMessageCompressedSize returns an attribute KeyValue conforming to the
+// "rpc.message.compressed_size" semantic conventions. It represents the
+// compressed size of the message in bytes.
+func RPCMessageCompressedSize(val int) attribute.KeyValue {
+	return RPCMessageCompressedSizeKey.Int(val)
+}
+
+// RPCMessageID returns an attribute KeyValue conforming to the "rpc.message.id"
+// semantic conventions. It represents the mUST be calculated as two different
+// counters starting from `1` one for sent messages and one for received message.
+func RPCMessageID(val int) attribute.KeyValue {
+	return RPCMessageIDKey.Int(val)
+}
+
+// RPCMessageUncompressedSize returns an attribute KeyValue conforming to the
+// "rpc.message.uncompressed_size" semantic conventions. It represents the
+// uncompressed size of the message in bytes.
+func RPCMessageUncompressedSize(val int) attribute.KeyValue {
+	return RPCMessageUncompressedSizeKey.Int(val)
+}
+
+// RPCMethod returns an attribute KeyValue conforming to the "rpc.method"
+// semantic conventions. It represents the name of the (logical) method being
+// called, must be equal to the $method part in the span name.
+func RPCMethod(val string) attribute.KeyValue {
+	return RPCMethodKey.String(val)
+}
+
+// RPCService returns an attribute KeyValue conforming to the "rpc.service"
+// semantic conventions. It represents the full (logical) name of the service
+// being called, including its package name, if applicable.
+func RPCService(val string) attribute.KeyValue {
+	return RPCServiceKey.String(val)
+}
+
+// Enum values for rpc.connect_rpc.error_code
+var (
+	// cancelled
+	// Stability: development
+	RPCConnectRPCErrorCodeCancelled = RPCConnectRPCErrorCodeKey.String("cancelled")
+	// unknown
+	// Stability: development
+	RPCConnectRPCErrorCodeUnknown = RPCConnectRPCErrorCodeKey.String("unknown")
+	// invalid_argument
+	// Stability: development
+	RPCConnectRPCErrorCodeInvalidArgument = RPCConnectRPCErrorCodeKey.String("invalid_argument")
+	// deadline_exceeded
+	// Stability: development
+	RPCConnectRPCErrorCodeDeadlineExceeded = RPCConnectRPCErrorCodeKey.String("deadline_exceeded")
+	// not_found
+	// Stability: development
+	RPCConnectRPCErrorCodeNotFound = RPCConnectRPCErrorCodeKey.String("not_found")
+	// already_exists
+	// Stability: development
+	RPCConnectRPCErrorCodeAlreadyExists = RPCConnectRPCErrorCodeKey.String("already_exists")
+	// permission_denied
+	// Stability: development
+	RPCConnectRPCErrorCodePermissionDenied = RPCConnectRPCErrorCodeKey.String("permission_denied")
+	// resource_exhausted
+	// Stability: development
+	RPCConnectRPCErrorCodeResourceExhausted = RPCConnectRPCErrorCodeKey.String("resource_exhausted")
+	// failed_precondition
+	// Stability: development
+	RPCConnectRPCErrorCodeFailedPrecondition = RPCConnectRPCErrorCodeKey.String("failed_precondition")
+	// aborted
+	// Stability: development
+	RPCConnectRPCErrorCodeAborted = RPCConnectRPCErrorCodeKey.String("aborted")
+	// out_of_range
+	// Stability: development
+	RPCConnectRPCErrorCodeOutOfRange = RPCConnectRPCErrorCodeKey.String("out_of_range")
+	// unimplemented
+	// Stability: development
+	RPCConnectRPCErrorCodeUnimplemented = RPCConnectRPCErrorCodeKey.String("unimplemented")
+	// internal
+	// Stability: development
+	RPCConnectRPCErrorCodeInternal = RPCConnectRPCErrorCodeKey.String("internal")
+	// unavailable
+	// Stability: development
+	RPCConnectRPCErrorCodeUnavailable = RPCConnectRPCErrorCodeKey.String("unavailable")
+	// data_loss
+	// Stability: development
+	RPCConnectRPCErrorCodeDataLoss = RPCConnectRPCErrorCodeKey.String("data_loss")
+	// unauthenticated
+	// Stability: development
+	RPCConnectRPCErrorCodeUnauthenticated = RPCConnectRPCErrorCodeKey.String("unauthenticated")
+)
+
+// Enum values for rpc.grpc.status_code
+var (
+	// OK
+	// Stability: development
+	RPCGRPCStatusCodeOk = RPCGRPCStatusCodeKey.Int(0)
+	// CANCELLED
+	// Stability: development
+	RPCGRPCStatusCodeCancelled = RPCGRPCStatusCodeKey.Int(1)
+	// UNKNOWN
+	// Stability: development
+	RPCGRPCStatusCodeUnknown = RPCGRPCStatusCodeKey.Int(2)
+	// INVALID_ARGUMENT
+	// Stability: development
+	RPCGRPCStatusCodeInvalidArgument = RPCGRPCStatusCodeKey.Int(3)
+	// DEADLINE_EXCEEDED
+	// Stability: development
+	RPCGRPCStatusCodeDeadlineExceeded = RPCGRPCStatusCodeKey.Int(4)
+	// NOT_FOUND
+	// Stability: development
+	RPCGRPCStatusCodeNotFound = RPCGRPCStatusCodeKey.Int(5)
+	// ALREADY_EXISTS
+	// Stability: development
+	RPCGRPCStatusCodeAlreadyExists = RPCGRPCStatusCodeKey.Int(6)
+	// PERMISSION_DENIED
+	// Stability: development
+	RPCGRPCStatusCodePermissionDenied = RPCGRPCStatusCodeKey.Int(7)
+	// RESOURCE_EXHAUSTED
+	// Stability: development
+	RPCGRPCStatusCodeResourceExhausted = RPCGRPCStatusCodeKey.Int(8)
+	// FAILED_PRECONDITION
+	// Stability: development
+	RPCGRPCStatusCodeFailedPrecondition = RPCGRPCStatusCodeKey.Int(9)
+	// ABORTED
+	// Stability: development
+	RPCGRPCStatusCodeAborted = RPCGRPCStatusCodeKey.Int(10)
+	// OUT_OF_RANGE
+	// Stability: development
+	RPCGRPCStatusCodeOutOfRange = RPCGRPCStatusCodeKey.Int(11)
+	// UNIMPLEMENTED
+	// Stability: development
+	RPCGRPCStatusCodeUnimplemented = RPCGRPCStatusCodeKey.Int(12)
+	// INTERNAL
+	// Stability: development
+	RPCGRPCStatusCodeInternal = RPCGRPCStatusCodeKey.Int(13)
+	// UNAVAILABLE
+	// Stability: development
+	RPCGRPCStatusCodeUnavailable = RPCGRPCStatusCodeKey.Int(14)
+	// DATA_LOSS
+	// Stability: development
+	RPCGRPCStatusCodeDataLoss = RPCGRPCStatusCodeKey.Int(15)
+	// UNAUTHENTICATED
+	// Stability: development
+	RPCGRPCStatusCodeUnauthenticated = RPCGRPCStatusCodeKey.Int(16)
+)
+
+// Enum values for rpc.message.type
+var (
+	// sent
+	// Stability: development
+	RPCMessageTypeSent = RPCMessageTypeKey.String("SENT")
+	// received
+	// Stability: development
+	RPCMessageTypeReceived = RPCMessageTypeKey.String("RECEIVED")
+)
+
+// Enum values for rpc.system
+var (
+	// gRPC
+	// Stability: development
+	RPCSystemGRPC = RPCSystemKey.String("grpc")
+	// Java RMI
+	// Stability: development
+	RPCSystemJavaRmi = RPCSystemKey.String("java_rmi")
+	// .NET WCF
+	// Stability: development
+	RPCSystemDotnetWcf = RPCSystemKey.String("dotnet_wcf")
+	// Apache Dubbo
+	// Stability: development
+	RPCSystemApacheDubbo = RPCSystemKey.String("apache_dubbo")
+	// Connect RPC
+	// Stability: development
+	RPCSystemConnectRPC = RPCSystemKey.String("connect_rpc")
+)
+
+// Namespace: security_rule
+const (
+	// SecurityRuleCategoryKey is the attribute Key conforming to the
+	// "security_rule.category" semantic conventions. It represents a categorization
+	// value keyword used by the entity using the rule for detection of this event.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Attempted Information Leak"
+	SecurityRuleCategoryKey = attribute.Key("security_rule.category")
+
+	// SecurityRuleDescriptionKey is the attribute Key conforming to the
+	// "security_rule.description" semantic conventions. It represents the
+	// description of the rule generating the event.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Block requests to public DNS over HTTPS / TLS protocols"
+	SecurityRuleDescriptionKey = attribute.Key("security_rule.description")
+
+	// SecurityRuleLicenseKey is the attribute Key conforming to the
+	// "security_rule.license" semantic conventions. It represents the name of the
+	// license under which the rule used to generate this event is made available.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Apache 2.0"
+	SecurityRuleLicenseKey = attribute.Key("security_rule.license")
+
+	// SecurityRuleNameKey is the attribute Key conforming to the
+	// "security_rule.name" semantic conventions. It represents the name of the rule
+	// or signature generating the event.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "BLOCK_DNS_over_TLS"
+	SecurityRuleNameKey = attribute.Key("security_rule.name")
+
+	// SecurityRuleReferenceKey is the attribute Key conforming to the
+	// "security_rule.reference" semantic conventions. It represents the reference
+	// URL to additional information about the rule used to generate this event.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "https://en.wikipedia.org/wiki/DNS_over_TLS"
+	// Note: The URL can point to the vendor’s documentation about the rule. If
+	// that’s not available, it can also be a link to a more general page
+	// describing this type of alert.
+	SecurityRuleReferenceKey = attribute.Key("security_rule.reference")
+
+	// SecurityRuleRulesetNameKey is the attribute Key conforming to the
+	// "security_rule.ruleset.name" semantic conventions. It represents the name of
+	// the ruleset, policy, group, or parent category in which the rule used to
+	// generate this event is a member.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Standard_Protocol_Filters"
+	SecurityRuleRulesetNameKey = attribute.Key("security_rule.ruleset.name")
+
+	// SecurityRuleUUIDKey is the attribute Key conforming to the
+	// "security_rule.uuid" semantic conventions. It represents a rule ID that is
+	// unique within the scope of a set or group of agents, observers, or other
+	// entities using the rule for detection of this event.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "550e8400-e29b-41d4-a716-446655440000", "1100110011"
+	SecurityRuleUUIDKey = attribute.Key("security_rule.uuid")
+
+	// SecurityRuleVersionKey is the attribute Key conforming to the
+	// "security_rule.version" semantic conventions. It represents the version /
+	// revision of the rule being used for analysis.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1.0.0"
+	SecurityRuleVersionKey = attribute.Key("security_rule.version")
+)
+
+// SecurityRuleCategory returns an attribute KeyValue conforming to the
+// "security_rule.category" semantic conventions. It represents a categorization
+// value keyword used by the entity using the rule for detection of this event.
+func SecurityRuleCategory(val string) attribute.KeyValue {
+	return SecurityRuleCategoryKey.String(val)
+}
+
+// SecurityRuleDescription returns an attribute KeyValue conforming to the
+// "security_rule.description" semantic conventions. It represents the
+// description of the rule generating the event.
+func SecurityRuleDescription(val string) attribute.KeyValue {
+	return SecurityRuleDescriptionKey.String(val)
+}
+
+// SecurityRuleLicense returns an attribute KeyValue conforming to the
+// "security_rule.license" semantic conventions. It represents the name of the
+// license under which the rule used to generate this event is made available.
+func SecurityRuleLicense(val string) attribute.KeyValue {
+	return SecurityRuleLicenseKey.String(val)
+}
+
+// SecurityRuleName returns an attribute KeyValue conforming to the
+// "security_rule.name" semantic conventions. It represents the name of the rule
+// or signature generating the event.
+func SecurityRuleName(val string) attribute.KeyValue {
+	return SecurityRuleNameKey.String(val)
+}
+
+// SecurityRuleReference returns an attribute KeyValue conforming to the
+// "security_rule.reference" semantic conventions. It represents the reference
+// URL to additional information about the rule used to generate this event.
+func SecurityRuleReference(val string) attribute.KeyValue {
+	return SecurityRuleReferenceKey.String(val)
+}
+
+// SecurityRuleRulesetName returns an attribute KeyValue conforming to the
+// "security_rule.ruleset.name" semantic conventions. It represents the name of
+// the ruleset, policy, group, or parent category in which the rule used to
+// generate this event is a member.
+func SecurityRuleRulesetName(val string) attribute.KeyValue {
+	return SecurityRuleRulesetNameKey.String(val)
+}
+
+// SecurityRuleUUID returns an attribute KeyValue conforming to the
+// "security_rule.uuid" semantic conventions. It represents a rule ID that is
+// unique within the scope of a set or group of agents, observers, or other
+// entities using the rule for detection of this event.
+func SecurityRuleUUID(val string) attribute.KeyValue {
+	return SecurityRuleUUIDKey.String(val)
+}
+
+// SecurityRuleVersion returns an attribute KeyValue conforming to the
+// "security_rule.version" semantic conventions. It represents the version /
+// revision of the rule being used for analysis.
+func SecurityRuleVersion(val string) attribute.KeyValue {
+	return SecurityRuleVersionKey.String(val)
+}
+
+// Namespace: server
+const (
+	// ServerAddressKey is the attribute Key conforming to the "server.address"
+	// semantic conventions. It represents the server domain name if available
+	// without reverse DNS lookup; otherwise, IP address or Unix domain socket name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "example.com", "10.1.2.80", "/tmp/my.sock"
+	// Note: When observed from the client side, and when communicating through an
+	// intermediary, `server.address` SHOULD represent the server address behind any
+	// intermediaries, for example proxies, if it's available.
+	ServerAddressKey = attribute.Key("server.address")
+
+	// ServerPortKey is the attribute Key conforming to the "server.port" semantic
+	// conventions. It represents the server port number.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: 80, 8080, 443
+	// Note: When observed from the client side, and when communicating through an
+	// intermediary, `server.port` SHOULD represent the server port behind any
+	// intermediaries, for example proxies, if it's available.
+	ServerPortKey = attribute.Key("server.port")
+)
+
+// ServerAddress returns an attribute KeyValue conforming to the "server.address"
+// semantic conventions. It represents the server domain name if available
+// without reverse DNS lookup; otherwise, IP address or Unix domain socket name.
+func ServerAddress(val string) attribute.KeyValue {
+	return ServerAddressKey.String(val)
+}
+
+// ServerPort returns an attribute KeyValue conforming to the "server.port"
+// semantic conventions. It represents the server port number.
+func ServerPort(val int) attribute.KeyValue {
+	return ServerPortKey.Int(val)
+}
+
+// Namespace: service
+const (
+	// ServiceInstanceIDKey is the attribute Key conforming to the
+	// "service.instance.id" semantic conventions. It represents the string ID of
+	// the service instance.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "627cc493-f310-47de-96bd-71410b7dec09"
+	// Note: MUST be unique for each instance of the same
+	// `service.namespace,service.name` pair (in other words
+	// `service.namespace,service.name,service.instance.id` triplet MUST be globally
+	// unique). The ID helps to
+	// distinguish instances of the same service that exist at the same time (e.g.
+	// instances of a horizontally scaled
+	// service).
+	//
+	// Implementations, such as SDKs, are recommended to generate a random Version 1
+	// or Version 4 [RFC
+	// 4122] UUID, but are free to use an inherent unique ID as
+	// the source of
+	// this value if stability is desirable. In that case, the ID SHOULD be used as
+	// source of a UUID Version 5 and
+	// SHOULD use the following UUID as the namespace:
+	// `4d63009a-8d0f-11ee-aad7-4c796ed8e320`.
+	//
+	// UUIDs are typically recommended, as only an opaque value for the purposes of
+	// identifying a service instance is
+	// needed. Similar to what can be seen in the man page for the
+	// [`/etc/machine-id`] file, the underlying
+	// data, such as pod name and namespace should be treated as confidential, being
+	// the user's choice to expose it
+	// or not via another resource attribute.
+	//
+	// For applications running behind an application server (like unicorn), we do
+	// not recommend using one identifier
+	// for all processes participating in the application. Instead, it's recommended
+	// each division (e.g. a worker
+	// thread in unicorn) to have its own instance.id.
+	//
+	// It's not recommended for a Collector to set `service.instance.id` if it can't
+	// unambiguously determine the
+	// service instance that is generating that telemetry. For instance, creating an
+	// UUID based on `pod.name` will
+	// likely be wrong, as the Collector might not know from which container within
+	// that pod the telemetry originated.
+	// However, Collectors can set the `service.instance.id` if they can
+	// unambiguously determine the service instance
+	// for that telemetry. This is typically the case for scraping receivers, as
+	// they know the target address and
+	// port.
+	//
+	// [RFC
+	// 4122]: https://www.ietf.org/rfc/rfc4122.txt
+	// [`/etc/machine-id`]: https://www.freedesktop.org/software/systemd/man/latest/machine-id.html
+	ServiceInstanceIDKey = attribute.Key("service.instance.id")
+
+	// ServiceNameKey is the attribute Key conforming to the "service.name" semantic
+	// conventions. It represents the logical name of the service.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "shoppingcart"
+	// Note: MUST be the same for all instances of horizontally scaled services. If
+	// the value was not specified, SDKs MUST fallback to `unknown_service:`
+	// concatenated with [`process.executable.name`], e.g. `unknown_service:bash`.
+	// If `process.executable.name` is not available, the value MUST be set to
+	// `unknown_service`.
+	//
+	// [`process.executable.name`]: process.md
+	ServiceNameKey = attribute.Key("service.name")
+
+	// ServiceNamespaceKey is the attribute Key conforming to the
+	// "service.namespace" semantic conventions. It represents a namespace for
+	// `service.name`.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Shop"
+	// Note: A string value having a meaning that helps to distinguish a group of
+	// services, for example the team name that owns a group of services.
+	// `service.name` is expected to be unique within the same namespace. If
+	// `service.namespace` is not specified in the Resource then `service.name` is
+	// expected to be unique for all services that have no explicit namespace
+	// defined (so the empty/unspecified namespace is simply one more valid
+	// namespace). Zero-length namespace string is assumed equal to unspecified
+	// namespace.
+	ServiceNamespaceKey = attribute.Key("service.namespace")
+
+	// ServiceVersionKey is the attribute Key conforming to the "service.version"
+	// semantic conventions. It represents the version string of the service API or
+	// implementation. The format is not defined by these conventions.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "2.0.0", "a01dbef8a"
+	ServiceVersionKey = attribute.Key("service.version")
+)
+
+// ServiceInstanceID returns an attribute KeyValue conforming to the
+// "service.instance.id" semantic conventions. It represents the string ID of the
+// service instance.
+func ServiceInstanceID(val string) attribute.KeyValue {
+	return ServiceInstanceIDKey.String(val)
+}
+
+// ServiceName returns an attribute KeyValue conforming to the "service.name"
+// semantic conventions. It represents the logical name of the service.
+func ServiceName(val string) attribute.KeyValue {
+	return ServiceNameKey.String(val)
+}
+
+// ServiceNamespace returns an attribute KeyValue conforming to the
+// "service.namespace" semantic conventions. It represents a namespace for
+// `service.name`.
+func ServiceNamespace(val string) attribute.KeyValue {
+	return ServiceNamespaceKey.String(val)
+}
+
+// ServiceVersion returns an attribute KeyValue conforming to the
+// "service.version" semantic conventions. It represents the version string of
+// the service API or implementation. The format is not defined by these
+// conventions.
+func ServiceVersion(val string) attribute.KeyValue {
+	return ServiceVersionKey.String(val)
+}
+
+// Namespace: session
+const (
+	// SessionIDKey is the attribute Key conforming to the "session.id" semantic
+	// conventions. It represents a unique id to identify a session.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 00112233-4455-6677-8899-aabbccddeeff
+	SessionIDKey = attribute.Key("session.id")
+
+	// SessionPreviousIDKey is the attribute Key conforming to the
+	// "session.previous_id" semantic conventions. It represents the previous
+	// `session.id` for this user, when known.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 00112233-4455-6677-8899-aabbccddeeff
+	SessionPreviousIDKey = attribute.Key("session.previous_id")
+)
+
+// SessionID returns an attribute KeyValue conforming to the "session.id"
+// semantic conventions. It represents a unique id to identify a session.
+func SessionID(val string) attribute.KeyValue {
+	return SessionIDKey.String(val)
+}
+
+// SessionPreviousID returns an attribute KeyValue conforming to the
+// "session.previous_id" semantic conventions. It represents the previous
+// `session.id` for this user, when known.
+func SessionPreviousID(val string) attribute.KeyValue {
+	return SessionPreviousIDKey.String(val)
+}
+
+// Namespace: signalr
+const (
+	// SignalrConnectionStatusKey is the attribute Key conforming to the
+	// "signalr.connection.status" semantic conventions. It represents the signalR
+	// HTTP connection closure status.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "app_shutdown", "timeout"
+	SignalrConnectionStatusKey = attribute.Key("signalr.connection.status")
+
+	// SignalrTransportKey is the attribute Key conforming to the
+	// "signalr.transport" semantic conventions. It represents the
+	// [SignalR transport type].
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "web_sockets", "long_polling"
+	//
+	// [SignalR transport type]: https://github.com/dotnet/aspnetcore/blob/main/src/SignalR/docs/specs/TransportProtocols.md
+	SignalrTransportKey = attribute.Key("signalr.transport")
+)
+
+// Enum values for signalr.connection.status
+var (
+	// The connection was closed normally.
+	// Stability: stable
+	SignalrConnectionStatusNormalClosure = SignalrConnectionStatusKey.String("normal_closure")
+	// The connection was closed due to a timeout.
+	// Stability: stable
+	SignalrConnectionStatusTimeout = SignalrConnectionStatusKey.String("timeout")
+	// The connection was closed because the app is shutting down.
+	// Stability: stable
+	SignalrConnectionStatusAppShutdown = SignalrConnectionStatusKey.String("app_shutdown")
+)
+
+// Enum values for signalr.transport
+var (
+	// ServerSentEvents protocol
+	// Stability: stable
+	SignalrTransportServerSentEvents = SignalrTransportKey.String("server_sent_events")
+	// LongPolling protocol
+	// Stability: stable
+	SignalrTransportLongPolling = SignalrTransportKey.String("long_polling")
+	// WebSockets protocol
+	// Stability: stable
+	SignalrTransportWebSockets = SignalrTransportKey.String("web_sockets")
+)
+
+// Namespace: source
+const (
+	// SourceAddressKey is the attribute Key conforming to the "source.address"
+	// semantic conventions. It represents the source address - domain name if
+	// available without reverse DNS lookup; otherwise, IP address or Unix domain
+	// socket name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "source.example.com", "10.1.2.80", "/tmp/my.sock"
+	// Note: When observed from the destination side, and when communicating through
+	// an intermediary, `source.address` SHOULD represent the source address behind
+	// any intermediaries, for example proxies, if it's available.
+	SourceAddressKey = attribute.Key("source.address")
+
+	// SourcePortKey is the attribute Key conforming to the "source.port" semantic
+	// conventions. It represents the source port number.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 3389, 2888
+	SourcePortKey = attribute.Key("source.port")
+)
+
+// SourceAddress returns an attribute KeyValue conforming to the "source.address"
+// semantic conventions. It represents the source address - domain name if
+// available without reverse DNS lookup; otherwise, IP address or Unix domain
+// socket name.
+func SourceAddress(val string) attribute.KeyValue {
+	return SourceAddressKey.String(val)
+}
+
+// SourcePort returns an attribute KeyValue conforming to the "source.port"
+// semantic conventions. It represents the source port number.
+func SourcePort(val int) attribute.KeyValue {
+	return SourcePortKey.Int(val)
+}
+
+// Namespace: system
+const (
+	// SystemCPULogicalNumberKey is the attribute Key conforming to the
+	// "system.cpu.logical_number" semantic conventions. It represents the logical
+	// CPU number [0..n-1].
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 1
+	SystemCPULogicalNumberKey = attribute.Key("system.cpu.logical_number")
+
+	// SystemDeviceKey is the attribute Key conforming to the "system.device"
+	// semantic conventions. It represents the device identifier.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "(identifier)"
+	SystemDeviceKey = attribute.Key("system.device")
+
+	// SystemFilesystemModeKey is the attribute Key conforming to the
+	// "system.filesystem.mode" semantic conventions. It represents the filesystem
+	// mode.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "rw, ro"
+	SystemFilesystemModeKey = attribute.Key("system.filesystem.mode")
+
+	// SystemFilesystemMountpointKey is the attribute Key conforming to the
+	// "system.filesystem.mountpoint" semantic conventions. It represents the
+	// filesystem mount path.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/mnt/data"
+	SystemFilesystemMountpointKey = attribute.Key("system.filesystem.mountpoint")
+
+	// SystemFilesystemStateKey is the attribute Key conforming to the
+	// "system.filesystem.state" semantic conventions. It represents the filesystem
+	// state.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "used"
+	SystemFilesystemStateKey = attribute.Key("system.filesystem.state")
+
+	// SystemFilesystemTypeKey is the attribute Key conforming to the
+	// "system.filesystem.type" semantic conventions. It represents the filesystem
+	// type.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "ext4"
+	SystemFilesystemTypeKey = attribute.Key("system.filesystem.type")
+
+	// SystemMemoryStateKey is the attribute Key conforming to the
+	// "system.memory.state" semantic conventions. It represents the memory state.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "free", "cached"
+	SystemMemoryStateKey = attribute.Key("system.memory.state")
+
+	// SystemPagingDirectionKey is the attribute Key conforming to the
+	// "system.paging.direction" semantic conventions. It represents the paging
+	// access direction.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "in"
+	SystemPagingDirectionKey = attribute.Key("system.paging.direction")
+
+	// SystemPagingStateKey is the attribute Key conforming to the
+	// "system.paging.state" semantic conventions. It represents the memory paging
+	// state.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "free"
+	SystemPagingStateKey = attribute.Key("system.paging.state")
+
+	// SystemPagingTypeKey is the attribute Key conforming to the
+	// "system.paging.type" semantic conventions. It represents the memory paging
+	// type.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "minor"
+	SystemPagingTypeKey = attribute.Key("system.paging.type")
+
+	// SystemProcessStatusKey is the attribute Key conforming to the
+	// "system.process.status" semantic conventions. It represents the process
+	// state, e.g., [Linux Process State Codes].
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "running"
+	//
+	// [Linux Process State Codes]: https://man7.org/linux/man-pages/man1/ps.1.html#PROCESS_STATE_CODES
+	SystemProcessStatusKey = attribute.Key("system.process.status")
+)
+
+// SystemCPULogicalNumber returns an attribute KeyValue conforming to the
+// "system.cpu.logical_number" semantic conventions. It represents the logical
+// CPU number [0..n-1].
+func SystemCPULogicalNumber(val int) attribute.KeyValue {
+	return SystemCPULogicalNumberKey.Int(val)
+}
+
+// SystemDevice returns an attribute KeyValue conforming to the "system.device"
+// semantic conventions. It represents the device identifier.
+func SystemDevice(val string) attribute.KeyValue {
+	return SystemDeviceKey.String(val)
+}
+
+// SystemFilesystemMode returns an attribute KeyValue conforming to the
+// "system.filesystem.mode" semantic conventions. It represents the filesystem
+// mode.
+func SystemFilesystemMode(val string) attribute.KeyValue {
+	return SystemFilesystemModeKey.String(val)
+}
+
+// SystemFilesystemMountpoint returns an attribute KeyValue conforming to the
+// "system.filesystem.mountpoint" semantic conventions. It represents the
+// filesystem mount path.
+func SystemFilesystemMountpoint(val string) attribute.KeyValue {
+	return SystemFilesystemMountpointKey.String(val)
+}
+
+// Enum values for system.filesystem.state
+var (
+	// used
+	// Stability: development
+	SystemFilesystemStateUsed = SystemFilesystemStateKey.String("used")
+	// free
+	// Stability: development
+	SystemFilesystemStateFree = SystemFilesystemStateKey.String("free")
+	// reserved
+	// Stability: development
+	SystemFilesystemStateReserved = SystemFilesystemStateKey.String("reserved")
+)
+
+// Enum values for system.filesystem.type
+var (
+	// fat32
+	// Stability: development
+	SystemFilesystemTypeFat32 = SystemFilesystemTypeKey.String("fat32")
+	// exfat
+	// Stability: development
+	SystemFilesystemTypeExfat = SystemFilesystemTypeKey.String("exfat")
+	// ntfs
+	// Stability: development
+	SystemFilesystemTypeNtfs = SystemFilesystemTypeKey.String("ntfs")
+	// refs
+	// Stability: development
+	SystemFilesystemTypeRefs = SystemFilesystemTypeKey.String("refs")
+	// hfsplus
+	// Stability: development
+	SystemFilesystemTypeHfsplus = SystemFilesystemTypeKey.String("hfsplus")
+	// ext4
+	// Stability: development
+	SystemFilesystemTypeExt4 = SystemFilesystemTypeKey.String("ext4")
+)
+
+// Enum values for system.memory.state
+var (
+	// used
+	// Stability: development
+	SystemMemoryStateUsed = SystemMemoryStateKey.String("used")
+	// free
+	// Stability: development
+	SystemMemoryStateFree = SystemMemoryStateKey.String("free")
+	// Deprecated: Removed, report shared memory usage with
+	// `metric.system.memory.shared` metric.
+	SystemMemoryStateShared = SystemMemoryStateKey.String("shared")
+	// buffers
+	// Stability: development
+	SystemMemoryStateBuffers = SystemMemoryStateKey.String("buffers")
+	// cached
+	// Stability: development
+	SystemMemoryStateCached = SystemMemoryStateKey.String("cached")
+)
+
+// Enum values for system.paging.direction
+var (
+	// in
+	// Stability: development
+	SystemPagingDirectionIn = SystemPagingDirectionKey.String("in")
+	// out
+	// Stability: development
+	SystemPagingDirectionOut = SystemPagingDirectionKey.String("out")
+)
+
+// Enum values for system.paging.state
+var (
+	// used
+	// Stability: development
+	SystemPagingStateUsed = SystemPagingStateKey.String("used")
+	// free
+	// Stability: development
+	SystemPagingStateFree = SystemPagingStateKey.String("free")
+)
+
+// Enum values for system.paging.type
+var (
+	// major
+	// Stability: development
+	SystemPagingTypeMajor = SystemPagingTypeKey.String("major")
+	// minor
+	// Stability: development
+	SystemPagingTypeMinor = SystemPagingTypeKey.String("minor")
+)
+
+// Enum values for system.process.status
+var (
+	// running
+	// Stability: development
+	SystemProcessStatusRunning = SystemProcessStatusKey.String("running")
+	// sleeping
+	// Stability: development
+	SystemProcessStatusSleeping = SystemProcessStatusKey.String("sleeping")
+	// stopped
+	// Stability: development
+	SystemProcessStatusStopped = SystemProcessStatusKey.String("stopped")
+	// defunct
+	// Stability: development
+	SystemProcessStatusDefunct = SystemProcessStatusKey.String("defunct")
+)
+
+// Namespace: telemetry
+const (
+	// TelemetryDistroNameKey is the attribute Key conforming to the
+	// "telemetry.distro.name" semantic conventions. It represents the name of the
+	// auto instrumentation agent or distribution, if used.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "parts-unlimited-java"
+	// Note: Official auto instrumentation agents and distributions SHOULD set the
+	// `telemetry.distro.name` attribute to
+	// a string starting with `opentelemetry-`, e.g.
+	// `opentelemetry-java-instrumentation`.
+	TelemetryDistroNameKey = attribute.Key("telemetry.distro.name")
+
+	// TelemetryDistroVersionKey is the attribute Key conforming to the
+	// "telemetry.distro.version" semantic conventions. It represents the version
+	// string of the auto instrumentation agent or distribution, if used.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1.2.3"
+	TelemetryDistroVersionKey = attribute.Key("telemetry.distro.version")
+
+	// TelemetrySDKLanguageKey is the attribute Key conforming to the
+	// "telemetry.sdk.language" semantic conventions. It represents the language of
+	// the telemetry SDK.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples:
+	TelemetrySDKLanguageKey = attribute.Key("telemetry.sdk.language")
+
+	// TelemetrySDKNameKey is the attribute Key conforming to the
+	// "telemetry.sdk.name" semantic conventions. It represents the name of the
+	// telemetry SDK as defined above.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "opentelemetry"
+	// Note: The OpenTelemetry SDK MUST set the `telemetry.sdk.name` attribute to
+	// `opentelemetry`.
+	// If another SDK, like a fork or a vendor-provided implementation, is used,
+	// this SDK MUST set the
+	// `telemetry.sdk.name` attribute to the fully-qualified class or module name of
+	// this SDK's main entry point
+	// or another suitable identifier depending on the language.
+	// The identifier `opentelemetry` is reserved and MUST NOT be used in this case.
+	// All custom identifiers SHOULD be stable across different versions of an
+	// implementation.
+	TelemetrySDKNameKey = attribute.Key("telemetry.sdk.name")
+
+	// TelemetrySDKVersionKey is the attribute Key conforming to the
+	// "telemetry.sdk.version" semantic conventions. It represents the version
+	// string of the telemetry SDK.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "1.2.3"
+	TelemetrySDKVersionKey = attribute.Key("telemetry.sdk.version")
+)
+
+// TelemetryDistroName returns an attribute KeyValue conforming to the
+// "telemetry.distro.name" semantic conventions. It represents the name of the
+// auto instrumentation agent or distribution, if used.
+func TelemetryDistroName(val string) attribute.KeyValue {
+	return TelemetryDistroNameKey.String(val)
+}
+
+// TelemetryDistroVersion returns an attribute KeyValue conforming to the
+// "telemetry.distro.version" semantic conventions. It represents the version
+// string of the auto instrumentation agent or distribution, if used.
+func TelemetryDistroVersion(val string) attribute.KeyValue {
+	return TelemetryDistroVersionKey.String(val)
+}
+
+// TelemetrySDKName returns an attribute KeyValue conforming to the
+// "telemetry.sdk.name" semantic conventions. It represents the name of the
+// telemetry SDK as defined above.
+func TelemetrySDKName(val string) attribute.KeyValue {
+	return TelemetrySDKNameKey.String(val)
+}
+
+// TelemetrySDKVersion returns an attribute KeyValue conforming to the
+// "telemetry.sdk.version" semantic conventions. It represents the version string
+// of the telemetry SDK.
+func TelemetrySDKVersion(val string) attribute.KeyValue {
+	return TelemetrySDKVersionKey.String(val)
+}
+
+// Enum values for telemetry.sdk.language
+var (
+	// cpp
+	// Stability: stable
+	TelemetrySDKLanguageCPP = TelemetrySDKLanguageKey.String("cpp")
+	// dotnet
+	// Stability: stable
+	TelemetrySDKLanguageDotnet = TelemetrySDKLanguageKey.String("dotnet")
+	// erlang
+	// Stability: stable
+	TelemetrySDKLanguageErlang = TelemetrySDKLanguageKey.String("erlang")
+	// go
+	// Stability: stable
+	TelemetrySDKLanguageGo = TelemetrySDKLanguageKey.String("go")
+	// java
+	// Stability: stable
+	TelemetrySDKLanguageJava = TelemetrySDKLanguageKey.String("java")
+	// nodejs
+	// Stability: stable
+	TelemetrySDKLanguageNodejs = TelemetrySDKLanguageKey.String("nodejs")
+	// php
+	// Stability: stable
+	TelemetrySDKLanguagePHP = TelemetrySDKLanguageKey.String("php")
+	// python
+	// Stability: stable
+	TelemetrySDKLanguagePython = TelemetrySDKLanguageKey.String("python")
+	// ruby
+	// Stability: stable
+	TelemetrySDKLanguageRuby = TelemetrySDKLanguageKey.String("ruby")
+	// rust
+	// Stability: stable
+	TelemetrySDKLanguageRust = TelemetrySDKLanguageKey.String("rust")
+	// swift
+	// Stability: stable
+	TelemetrySDKLanguageSwift = TelemetrySDKLanguageKey.String("swift")
+	// webjs
+	// Stability: stable
+	TelemetrySDKLanguageWebjs = TelemetrySDKLanguageKey.String("webjs")
+)
+
+// Namespace: test
+const (
+	// TestCaseNameKey is the attribute Key conforming to the "test.case.name"
+	// semantic conventions. It represents the fully qualified human readable name
+	// of the [test case].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "org.example.TestCase1.test1", "example/tests/TestCase1.test1",
+	// "ExampleTestCase1_test1"
+	//
+	// [test case]: https://wikipedia.org/wiki/Test_case
+	TestCaseNameKey = attribute.Key("test.case.name")
+
+	// TestCaseResultStatusKey is the attribute Key conforming to the
+	// "test.case.result.status" semantic conventions. It represents the status of
+	// the actual test case result from test execution.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "pass", "fail"
+	TestCaseResultStatusKey = attribute.Key("test.case.result.status")
+
+	// TestSuiteNameKey is the attribute Key conforming to the "test.suite.name"
+	// semantic conventions. It represents the human readable name of a [test suite]
+	// .
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "TestSuite1"
+	//
+	// [test suite]: https://wikipedia.org/wiki/Test_suite
+	TestSuiteNameKey = attribute.Key("test.suite.name")
+
+	// TestSuiteRunStatusKey is the attribute Key conforming to the
+	// "test.suite.run.status" semantic conventions. It represents the status of the
+	// test suite run.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "success", "failure", "skipped", "aborted", "timed_out",
+	// "in_progress"
+	TestSuiteRunStatusKey = attribute.Key("test.suite.run.status")
+)
+
+// TestCaseName returns an attribute KeyValue conforming to the "test.case.name"
+// semantic conventions. It represents the fully qualified human readable name of
+// the [test case].
+//
+// [test case]: https://wikipedia.org/wiki/Test_case
+func TestCaseName(val string) attribute.KeyValue {
+	return TestCaseNameKey.String(val)
+}
+
+// TestSuiteName returns an attribute KeyValue conforming to the
+// "test.suite.name" semantic conventions. It represents the human readable name
+// of a [test suite].
+//
+// [test suite]: https://wikipedia.org/wiki/Test_suite
+func TestSuiteName(val string) attribute.KeyValue {
+	return TestSuiteNameKey.String(val)
+}
+
+// Enum values for test.case.result.status
+var (
+	// pass
+	// Stability: development
+	TestCaseResultStatusPass = TestCaseResultStatusKey.String("pass")
+	// fail
+	// Stability: development
+	TestCaseResultStatusFail = TestCaseResultStatusKey.String("fail")
+)
+
+// Enum values for test.suite.run.status
+var (
+	// success
+	// Stability: development
+	TestSuiteRunStatusSuccess = TestSuiteRunStatusKey.String("success")
+	// failure
+	// Stability: development
+	TestSuiteRunStatusFailure = TestSuiteRunStatusKey.String("failure")
+	// skipped
+	// Stability: development
+	TestSuiteRunStatusSkipped = TestSuiteRunStatusKey.String("skipped")
+	// aborted
+	// Stability: development
+	TestSuiteRunStatusAborted = TestSuiteRunStatusKey.String("aborted")
+	// timed_out
+	// Stability: development
+	TestSuiteRunStatusTimedOut = TestSuiteRunStatusKey.String("timed_out")
+	// in_progress
+	// Stability: development
+	TestSuiteRunStatusInProgress = TestSuiteRunStatusKey.String("in_progress")
+)
+
+// Namespace: thread
+const (
+	// ThreadIDKey is the attribute Key conforming to the "thread.id" semantic
+	// conventions. It represents the current "managed" thread ID (as opposed to OS
+	// thread ID).
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	ThreadIDKey = attribute.Key("thread.id")
+
+	// ThreadNameKey is the attribute Key conforming to the "thread.name" semantic
+	// conventions. It represents the current thread name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: main
+	ThreadNameKey = attribute.Key("thread.name")
+)
+
+// ThreadID returns an attribute KeyValue conforming to the "thread.id" semantic
+// conventions. It represents the current "managed" thread ID (as opposed to OS
+// thread ID).
+func ThreadID(val int) attribute.KeyValue {
+	return ThreadIDKey.Int(val)
+}
+
+// ThreadName returns an attribute KeyValue conforming to the "thread.name"
+// semantic conventions. It represents the current thread name.
+func ThreadName(val string) attribute.KeyValue {
+	return ThreadNameKey.String(val)
+}
+
+// Namespace: tls
+const (
+	// TLSCipherKey is the attribute Key conforming to the "tls.cipher" semantic
+	// conventions. It represents the string indicating the [cipher] used during the
+	// current connection.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+	// "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
+	// Note: The values allowed for `tls.cipher` MUST be one of the `Descriptions`
+	// of the [registered TLS Cipher Suits].
+	//
+	// [cipher]: https://datatracker.ietf.org/doc/html/rfc5246#appendix-A.5
+	// [registered TLS Cipher Suits]: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#table-tls-parameters-4
+	TLSCipherKey = attribute.Key("tls.cipher")
+
+	// TLSClientCertificateKey is the attribute Key conforming to the
+	// "tls.client.certificate" semantic conventions. It represents the pEM-encoded
+	// stand-alone certificate offered by the client. This is usually
+	// mutually-exclusive of `client.certificate_chain` since this value also exists
+	// in that list.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "MII..."
+	TLSClientCertificateKey = attribute.Key("tls.client.certificate")
+
+	// TLSClientCertificateChainKey is the attribute Key conforming to the
+	// "tls.client.certificate_chain" semantic conventions. It represents the array
+	// of PEM-encoded certificates that make up the certificate chain offered by the
+	// client. This is usually mutually-exclusive of `client.certificate` since that
+	// value should be the first certificate in the chain.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "MII...", "MI..."
+	TLSClientCertificateChainKey = attribute.Key("tls.client.certificate_chain")
+
+	// TLSClientHashMd5Key is the attribute Key conforming to the
+	// "tls.client.hash.md5" semantic conventions. It represents the certificate
+	// fingerprint using the MD5 digest of DER-encoded version of certificate
+	// offered by the client. For consistency with other hash values, this value
+	// should be formatted as an uppercase hash.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "0F76C7F2C55BFD7D8E8B8F4BFBF0C9EC"
+	TLSClientHashMd5Key = attribute.Key("tls.client.hash.md5")
+
+	// TLSClientHashSha1Key is the attribute Key conforming to the
+	// "tls.client.hash.sha1" semantic conventions. It represents the certificate
+	// fingerprint using the SHA1 digest of DER-encoded version of certificate
+	// offered by the client. For consistency with other hash values, this value
+	// should be formatted as an uppercase hash.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "9E393D93138888D288266C2D915214D1D1CCEB2A"
+	TLSClientHashSha1Key = attribute.Key("tls.client.hash.sha1")
+
+	// TLSClientHashSha256Key is the attribute Key conforming to the
+	// "tls.client.hash.sha256" semantic conventions. It represents the certificate
+	// fingerprint using the SHA256 digest of DER-encoded version of certificate
+	// offered by the client. For consistency with other hash values, this value
+	// should be formatted as an uppercase hash.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "0687F666A054EF17A08E2F2162EAB4CBC0D265E1D7875BE74BF3C712CA92DAF0"
+	TLSClientHashSha256Key = attribute.Key("tls.client.hash.sha256")
+
+	// TLSClientIssuerKey is the attribute Key conforming to the "tls.client.issuer"
+	// semantic conventions. It represents the distinguished name of [subject] of
+	// the issuer of the x.509 certificate presented by the client.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "CN=Example Root CA, OU=Infrastructure Team, DC=example, DC=com"
+	//
+	// [subject]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6
+	TLSClientIssuerKey = attribute.Key("tls.client.issuer")
+
+	// TLSClientJa3Key is the attribute Key conforming to the "tls.client.ja3"
+	// semantic conventions. It represents a hash that identifies clients based on
+	// how they perform an SSL/TLS handshake.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "d4e5b18d6b55c71272893221c96ba240"
+	TLSClientJa3Key = attribute.Key("tls.client.ja3")
+
+	// TLSClientNotAfterKey is the attribute Key conforming to the
+	// "tls.client.not_after" semantic conventions. It represents the date/Time
+	// indicating when client certificate is no longer considered valid.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2021-01-01T00:00:00.000Z"
+	TLSClientNotAfterKey = attribute.Key("tls.client.not_after")
+
+	// TLSClientNotBeforeKey is the attribute Key conforming to the
+	// "tls.client.not_before" semantic conventions. It represents the date/Time
+	// indicating when client certificate is first considered valid.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1970-01-01T00:00:00.000Z"
+	TLSClientNotBeforeKey = attribute.Key("tls.client.not_before")
+
+	// TLSClientSubjectKey is the attribute Key conforming to the
+	// "tls.client.subject" semantic conventions. It represents the distinguished
+	// name of subject of the x.509 certificate presented by the client.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "CN=myclient, OU=Documentation Team, DC=example, DC=com"
+	TLSClientSubjectKey = attribute.Key("tls.client.subject")
+
+	// TLSClientSupportedCiphersKey is the attribute Key conforming to the
+	// "tls.client.supported_ciphers" semantic conventions. It represents the array
+	// of ciphers offered by the client during the client hello.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+	// "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
+	TLSClientSupportedCiphersKey = attribute.Key("tls.client.supported_ciphers")
+
+	// TLSCurveKey is the attribute Key conforming to the "tls.curve" semantic
+	// conventions. It represents the string indicating the curve used for the given
+	// cipher, when applicable.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "secp256r1"
+	TLSCurveKey = attribute.Key("tls.curve")
+
+	// TLSEstablishedKey is the attribute Key conforming to the "tls.established"
+	// semantic conventions. It represents the boolean flag indicating if the TLS
+	// negotiation was successful and transitioned to an encrypted tunnel.
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: true
+	TLSEstablishedKey = attribute.Key("tls.established")
+
+	// TLSNextProtocolKey is the attribute Key conforming to the "tls.next_protocol"
+	// semantic conventions. It represents the string indicating the protocol being
+	// tunneled. Per the values in the [IANA registry], this string should be lower
+	// case.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "http/1.1"
+	//
+	// [IANA registry]: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
+	TLSNextProtocolKey = attribute.Key("tls.next_protocol")
+
+	// TLSProtocolNameKey is the attribute Key conforming to the "tls.protocol.name"
+	// semantic conventions. It represents the normalized lowercase protocol name
+	// parsed from original string of the negotiated [SSL/TLS protocol version].
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	//
+	// [SSL/TLS protocol version]: https://www.openssl.org/docs/man1.1.1/man3/SSL_get_version.html#RETURN-VALUES
+	TLSProtocolNameKey = attribute.Key("tls.protocol.name")
+
+	// TLSProtocolVersionKey is the attribute Key conforming to the
+	// "tls.protocol.version" semantic conventions. It represents the numeric part
+	// of the version parsed from the original string of the negotiated
+	// [SSL/TLS protocol version].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1.2", "3"
+	//
+	// [SSL/TLS protocol version]: https://www.openssl.org/docs/man1.1.1/man3/SSL_get_version.html#RETURN-VALUES
+	TLSProtocolVersionKey = attribute.Key("tls.protocol.version")
+
+	// TLSResumedKey is the attribute Key conforming to the "tls.resumed" semantic
+	// conventions. It represents the boolean flag indicating if this TLS connection
+	// was resumed from an existing TLS negotiation.
+	//
+	// Type: boolean
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: true
+	TLSResumedKey = attribute.Key("tls.resumed")
+
+	// TLSServerCertificateKey is the attribute Key conforming to the
+	// "tls.server.certificate" semantic conventions. It represents the pEM-encoded
+	// stand-alone certificate offered by the server. This is usually
+	// mutually-exclusive of `server.certificate_chain` since this value also exists
+	// in that list.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "MII..."
+	TLSServerCertificateKey = attribute.Key("tls.server.certificate")
+
+	// TLSServerCertificateChainKey is the attribute Key conforming to the
+	// "tls.server.certificate_chain" semantic conventions. It represents the array
+	// of PEM-encoded certificates that make up the certificate chain offered by the
+	// server. This is usually mutually-exclusive of `server.certificate` since that
+	// value should be the first certificate in the chain.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "MII...", "MI..."
+	TLSServerCertificateChainKey = attribute.Key("tls.server.certificate_chain")
+
+	// TLSServerHashMd5Key is the attribute Key conforming to the
+	// "tls.server.hash.md5" semantic conventions. It represents the certificate
+	// fingerprint using the MD5 digest of DER-encoded version of certificate
+	// offered by the server. For consistency with other hash values, this value
+	// should be formatted as an uppercase hash.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "0F76C7F2C55BFD7D8E8B8F4BFBF0C9EC"
+	TLSServerHashMd5Key = attribute.Key("tls.server.hash.md5")
+
+	// TLSServerHashSha1Key is the attribute Key conforming to the
+	// "tls.server.hash.sha1" semantic conventions. It represents the certificate
+	// fingerprint using the SHA1 digest of DER-encoded version of certificate
+	// offered by the server. For consistency with other hash values, this value
+	// should be formatted as an uppercase hash.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "9E393D93138888D288266C2D915214D1D1CCEB2A"
+	TLSServerHashSha1Key = attribute.Key("tls.server.hash.sha1")
+
+	// TLSServerHashSha256Key is the attribute Key conforming to the
+	// "tls.server.hash.sha256" semantic conventions. It represents the certificate
+	// fingerprint using the SHA256 digest of DER-encoded version of certificate
+	// offered by the server. For consistency with other hash values, this value
+	// should be formatted as an uppercase hash.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "0687F666A054EF17A08E2F2162EAB4CBC0D265E1D7875BE74BF3C712CA92DAF0"
+	TLSServerHashSha256Key = attribute.Key("tls.server.hash.sha256")
+
+	// TLSServerIssuerKey is the attribute Key conforming to the "tls.server.issuer"
+	// semantic conventions. It represents the distinguished name of [subject] of
+	// the issuer of the x.509 certificate presented by the client.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "CN=Example Root CA, OU=Infrastructure Team, DC=example, DC=com"
+	//
+	// [subject]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6
+	TLSServerIssuerKey = attribute.Key("tls.server.issuer")
+
+	// TLSServerJa3sKey is the attribute Key conforming to the "tls.server.ja3s"
+	// semantic conventions. It represents a hash that identifies servers based on
+	// how they perform an SSL/TLS handshake.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "d4e5b18d6b55c71272893221c96ba240"
+	TLSServerJa3sKey = attribute.Key("tls.server.ja3s")
+
+	// TLSServerNotAfterKey is the attribute Key conforming to the
+	// "tls.server.not_after" semantic conventions. It represents the date/Time
+	// indicating when server certificate is no longer considered valid.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "2021-01-01T00:00:00.000Z"
+	TLSServerNotAfterKey = attribute.Key("tls.server.not_after")
+
+	// TLSServerNotBeforeKey is the attribute Key conforming to the
+	// "tls.server.not_before" semantic conventions. It represents the date/Time
+	// indicating when server certificate is first considered valid.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "1970-01-01T00:00:00.000Z"
+	TLSServerNotBeforeKey = attribute.Key("tls.server.not_before")
+
+	// TLSServerSubjectKey is the attribute Key conforming to the
+	// "tls.server.subject" semantic conventions. It represents the distinguished
+	// name of subject of the x.509 certificate presented by the server.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "CN=myserver, OU=Documentation Team, DC=example, DC=com"
+	TLSServerSubjectKey = attribute.Key("tls.server.subject")
+)
+
+// TLSCipher returns an attribute KeyValue conforming to the "tls.cipher"
+// semantic conventions. It represents the string indicating the [cipher] used
+// during the current connection.
+//
+// [cipher]: https://datatracker.ietf.org/doc/html/rfc5246#appendix-A.5
+func TLSCipher(val string) attribute.KeyValue {
+	return TLSCipherKey.String(val)
+}
+
+// TLSClientCertificate returns an attribute KeyValue conforming to the
+// "tls.client.certificate" semantic conventions. It represents the pEM-encoded
+// stand-alone certificate offered by the client. This is usually
+// mutually-exclusive of `client.certificate_chain` since this value also exists
+// in that list.
+func TLSClientCertificate(val string) attribute.KeyValue {
+	return TLSClientCertificateKey.String(val)
+}
+
+// TLSClientCertificateChain returns an attribute KeyValue conforming to the
+// "tls.client.certificate_chain" semantic conventions. It represents the array
+// of PEM-encoded certificates that make up the certificate chain offered by the
+// client. This is usually mutually-exclusive of `client.certificate` since that
+// value should be the first certificate in the chain.
+func TLSClientCertificateChain(val ...string) attribute.KeyValue {
+	return TLSClientCertificateChainKey.StringSlice(val)
+}
+
+// TLSClientHashMd5 returns an attribute KeyValue conforming to the
+// "tls.client.hash.md5" semantic conventions. It represents the certificate
+// fingerprint using the MD5 digest of DER-encoded version of certificate offered
+// by the client. For consistency with other hash values, this value should be
+// formatted as an uppercase hash.
+func TLSClientHashMd5(val string) attribute.KeyValue {
+	return TLSClientHashMd5Key.String(val)
+}
+
+// TLSClientHashSha1 returns an attribute KeyValue conforming to the
+// "tls.client.hash.sha1" semantic conventions. It represents the certificate
+// fingerprint using the SHA1 digest of DER-encoded version of certificate
+// offered by the client. For consistency with other hash values, this value
+// should be formatted as an uppercase hash.
+func TLSClientHashSha1(val string) attribute.KeyValue {
+	return TLSClientHashSha1Key.String(val)
+}
+
+// TLSClientHashSha256 returns an attribute KeyValue conforming to the
+// "tls.client.hash.sha256" semantic conventions. It represents the certificate
+// fingerprint using the SHA256 digest of DER-encoded version of certificate
+// offered by the client. For consistency with other hash values, this value
+// should be formatted as an uppercase hash.
+func TLSClientHashSha256(val string) attribute.KeyValue {
+	return TLSClientHashSha256Key.String(val)
+}
+
+// TLSClientIssuer returns an attribute KeyValue conforming to the
+// "tls.client.issuer" semantic conventions. It represents the distinguished name
+// of [subject] of the issuer of the x.509 certificate presented by the client.
+//
+// [subject]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6
+func TLSClientIssuer(val string) attribute.KeyValue {
+	return TLSClientIssuerKey.String(val)
+}
+
+// TLSClientJa3 returns an attribute KeyValue conforming to the "tls.client.ja3"
+// semantic conventions. It represents a hash that identifies clients based on
+// how they perform an SSL/TLS handshake.
+func TLSClientJa3(val string) attribute.KeyValue {
+	return TLSClientJa3Key.String(val)
+}
+
+// TLSClientNotAfter returns an attribute KeyValue conforming to the
+// "tls.client.not_after" semantic conventions. It represents the date/Time
+// indicating when client certificate is no longer considered valid.
+func TLSClientNotAfter(val string) attribute.KeyValue {
+	return TLSClientNotAfterKey.String(val)
+}
+
+// TLSClientNotBefore returns an attribute KeyValue conforming to the
+// "tls.client.not_before" semantic conventions. It represents the date/Time
+// indicating when client certificate is first considered valid.
+func TLSClientNotBefore(val string) attribute.KeyValue {
+	return TLSClientNotBeforeKey.String(val)
+}
+
+// TLSClientSubject returns an attribute KeyValue conforming to the
+// "tls.client.subject" semantic conventions. It represents the distinguished
+// name of subject of the x.509 certificate presented by the client.
+func TLSClientSubject(val string) attribute.KeyValue {
+	return TLSClientSubjectKey.String(val)
+}
+
+// TLSClientSupportedCiphers returns an attribute KeyValue conforming to the
+// "tls.client.supported_ciphers" semantic conventions. It represents the array
+// of ciphers offered by the client during the client hello.
+func TLSClientSupportedCiphers(val ...string) attribute.KeyValue {
+	return TLSClientSupportedCiphersKey.StringSlice(val)
+}
+
+// TLSCurve returns an attribute KeyValue conforming to the "tls.curve" semantic
+// conventions. It represents the string indicating the curve used for the given
+// cipher, when applicable.
+func TLSCurve(val string) attribute.KeyValue {
+	return TLSCurveKey.String(val)
+}
+
+// TLSEstablished returns an attribute KeyValue conforming to the
+// "tls.established" semantic conventions. It represents the boolean flag
+// indicating if the TLS negotiation was successful and transitioned to an
+// encrypted tunnel.
+func TLSEstablished(val bool) attribute.KeyValue {
+	return TLSEstablishedKey.Bool(val)
+}
+
+// TLSNextProtocol returns an attribute KeyValue conforming to the
+// "tls.next_protocol" semantic conventions. It represents the string indicating
+// the protocol being tunneled. Per the values in the [IANA registry], this
+// string should be lower case.
+//
+// [IANA registry]: https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
+func TLSNextProtocol(val string) attribute.KeyValue {
+	return TLSNextProtocolKey.String(val)
+}
+
+// TLSProtocolVersion returns an attribute KeyValue conforming to the
+// "tls.protocol.version" semantic conventions. It represents the numeric part of
+// the version parsed from the original string of the negotiated
+// [SSL/TLS protocol version].
+//
+// [SSL/TLS protocol version]: https://www.openssl.org/docs/man1.1.1/man3/SSL_get_version.html#RETURN-VALUES
+func TLSProtocolVersion(val string) attribute.KeyValue {
+	return TLSProtocolVersionKey.String(val)
+}
+
+// TLSResumed returns an attribute KeyValue conforming to the "tls.resumed"
+// semantic conventions. It represents the boolean flag indicating if this TLS
+// connection was resumed from an existing TLS negotiation.
+func TLSResumed(val bool) attribute.KeyValue {
+	return TLSResumedKey.Bool(val)
+}
+
+// TLSServerCertificate returns an attribute KeyValue conforming to the
+// "tls.server.certificate" semantic conventions. It represents the pEM-encoded
+// stand-alone certificate offered by the server. This is usually
+// mutually-exclusive of `server.certificate_chain` since this value also exists
+// in that list.
+func TLSServerCertificate(val string) attribute.KeyValue {
+	return TLSServerCertificateKey.String(val)
+}
+
+// TLSServerCertificateChain returns an attribute KeyValue conforming to the
+// "tls.server.certificate_chain" semantic conventions. It represents the array
+// of PEM-encoded certificates that make up the certificate chain offered by the
+// server. This is usually mutually-exclusive of `server.certificate` since that
+// value should be the first certificate in the chain.
+func TLSServerCertificateChain(val ...string) attribute.KeyValue {
+	return TLSServerCertificateChainKey.StringSlice(val)
+}
+
+// TLSServerHashMd5 returns an attribute KeyValue conforming to the
+// "tls.server.hash.md5" semantic conventions. It represents the certificate
+// fingerprint using the MD5 digest of DER-encoded version of certificate offered
+// by the server. For consistency with other hash values, this value should be
+// formatted as an uppercase hash.
+func TLSServerHashMd5(val string) attribute.KeyValue {
+	return TLSServerHashMd5Key.String(val)
+}
+
+// TLSServerHashSha1 returns an attribute KeyValue conforming to the
+// "tls.server.hash.sha1" semantic conventions. It represents the certificate
+// fingerprint using the SHA1 digest of DER-encoded version of certificate
+// offered by the server. For consistency with other hash values, this value
+// should be formatted as an uppercase hash.
+func TLSServerHashSha1(val string) attribute.KeyValue {
+	return TLSServerHashSha1Key.String(val)
+}
+
+// TLSServerHashSha256 returns an attribute KeyValue conforming to the
+// "tls.server.hash.sha256" semantic conventions. It represents the certificate
+// fingerprint using the SHA256 digest of DER-encoded version of certificate
+// offered by the server. For consistency with other hash values, this value
+// should be formatted as an uppercase hash.
+func TLSServerHashSha256(val string) attribute.KeyValue {
+	return TLSServerHashSha256Key.String(val)
+}
+
+// TLSServerIssuer returns an attribute KeyValue conforming to the
+// "tls.server.issuer" semantic conventions. It represents the distinguished name
+// of [subject] of the issuer of the x.509 certificate presented by the client.
+//
+// [subject]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6
+func TLSServerIssuer(val string) attribute.KeyValue {
+	return TLSServerIssuerKey.String(val)
+}
+
+// TLSServerJa3s returns an attribute KeyValue conforming to the
+// "tls.server.ja3s" semantic conventions. It represents a hash that identifies
+// servers based on how they perform an SSL/TLS handshake.
+func TLSServerJa3s(val string) attribute.KeyValue {
+	return TLSServerJa3sKey.String(val)
+}
+
+// TLSServerNotAfter returns an attribute KeyValue conforming to the
+// "tls.server.not_after" semantic conventions. It represents the date/Time
+// indicating when server certificate is no longer considered valid.
+func TLSServerNotAfter(val string) attribute.KeyValue {
+	return TLSServerNotAfterKey.String(val)
+}
+
+// TLSServerNotBefore returns an attribute KeyValue conforming to the
+// "tls.server.not_before" semantic conventions. It represents the date/Time
+// indicating when server certificate is first considered valid.
+func TLSServerNotBefore(val string) attribute.KeyValue {
+	return TLSServerNotBeforeKey.String(val)
+}
+
+// TLSServerSubject returns an attribute KeyValue conforming to the
+// "tls.server.subject" semantic conventions. It represents the distinguished
+// name of subject of the x.509 certificate presented by the server.
+func TLSServerSubject(val string) attribute.KeyValue {
+	return TLSServerSubjectKey.String(val)
+}
+
+// Enum values for tls.protocol.name
+var (
+	// ssl
+	// Stability: development
+	TLSProtocolNameSsl = TLSProtocolNameKey.String("ssl")
+	// tls
+	// Stability: development
+	TLSProtocolNameTLS = TLSProtocolNameKey.String("tls")
+)
+
+// Namespace: url
+const (
+	// URLDomainKey is the attribute Key conforming to the "url.domain" semantic
+	// conventions. It represents the domain extracted from the `url.full`, such as
+	// "opentelemetry.io".
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "www.foo.bar", "opentelemetry.io", "3.12.167.2",
+	// "[1080:0:0:0:8:800:200C:417A]"
+	// Note: In some cases a URL may refer to an IP and/or port directly, without a
+	// domain name. In this case, the IP address would go to the domain field. If
+	// the URL contains a [literal IPv6 address] enclosed by `[` and `]`, the `[`
+	// and `]` characters should also be captured in the domain field.
+	//
+	// [literal IPv6 address]: https://www.rfc-editor.org/rfc/rfc2732#section-2
+	URLDomainKey = attribute.Key("url.domain")
+
+	// URLExtensionKey is the attribute Key conforming to the "url.extension"
+	// semantic conventions. It represents the file extension extracted from the
+	// `url.full`, excluding the leading dot.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "png", "gz"
+	// Note: The file extension is only set if it exists, as not every url has a
+	// file extension. When the file name has multiple extensions `example.tar.gz`,
+	// only the last one should be captured `gz`, not `tar.gz`.
+	URLExtensionKey = attribute.Key("url.extension")
+
+	// URLFragmentKey is the attribute Key conforming to the "url.fragment" semantic
+	// conventions. It represents the [URI fragment] component.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "SemConv"
+	//
+	// [URI fragment]: https://www.rfc-editor.org/rfc/rfc3986#section-3.5
+	URLFragmentKey = attribute.Key("url.fragment")
+
+	// URLFullKey is the attribute Key conforming to the "url.full" semantic
+	// conventions. It represents the absolute URL describing a network resource
+	// according to [RFC3986].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "https://www.foo.bar/search?q=OpenTelemetry#SemConv", "//localhost"
+	// Note: For network calls, URL usually has
+	// `scheme://host[:port][path][?query][#fragment]` format, where the fragment
+	// is not transmitted over HTTP, but if it is known, it SHOULD be included
+	// nevertheless.
+	//
+	// `url.full` MUST NOT contain credentials passed via URL in form of
+	// `https://username:password@www.example.com/`.
+	// In such case username and password SHOULD be redacted and attribute's value
+	// SHOULD be `https://REDACTED:REDACTED@www.example.com/`.
+	//
+	// `url.full` SHOULD capture the absolute URL when it is available (or can be
+	// reconstructed).
+	//
+	// Sensitive content provided in `url.full` SHOULD be scrubbed when
+	// instrumentations can identify it.
+	//
+	//
+	// Query string values for the following keys SHOULD be redacted by default and
+	// replaced by the
+	// value `REDACTED`:
+	//
+	//   - [`AWSAccessKeyId`]
+	//   - [`Signature`]
+	//   - [`sig`]
+	//   - [`X-Goog-Signature`]
+	//
+	// This list is subject to change over time.
+	//
+	// When a query string value is redacted, the query string key SHOULD still be
+	// preserved, e.g.
+	// `https://www.example.com/path?color=blue&sig=REDACTED`.
+	//
+	// [RFC3986]: https://www.rfc-editor.org/rfc/rfc3986
+	// [`AWSAccessKeyId`]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/RESTAuthentication.html#RESTAuthenticationQueryStringAuth
+	// [`Signature`]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/RESTAuthentication.html#RESTAuthenticationQueryStringAuth
+	// [`sig`]: https://learn.microsoft.com/azure/storage/common/storage-sas-overview#sas-token
+	// [`X-Goog-Signature`]: https://cloud.google.com/storage/docs/access-control/signed-urls
+	URLFullKey = attribute.Key("url.full")
+
+	// URLOriginalKey is the attribute Key conforming to the "url.original" semantic
+	// conventions. It represents the unmodified original URL as seen in the event
+	// source.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "https://www.foo.bar/search?q=OpenTelemetry#SemConv",
+	// "search?q=OpenTelemetry"
+	// Note: In network monitoring, the observed URL may be a full URL, whereas in
+	// access logs, the URL is often just represented as a path. This field is meant
+	// to represent the URL as it was observed, complete or not.
+	// `url.original` might contain credentials passed via URL in form of
+	// `https://username:password@www.example.com/`. In such case password and
+	// username SHOULD NOT be redacted and attribute's value SHOULD remain the same.
+	URLOriginalKey = attribute.Key("url.original")
+
+	// URLPathKey is the attribute Key conforming to the "url.path" semantic
+	// conventions. It represents the [URI path] component.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "/search"
+	// Note: Sensitive content provided in `url.path` SHOULD be scrubbed when
+	// instrumentations can identify it.
+	//
+	// [URI path]: https://www.rfc-editor.org/rfc/rfc3986#section-3.3
+	URLPathKey = attribute.Key("url.path")
+
+	// URLPortKey is the attribute Key conforming to the "url.port" semantic
+	// conventions. It represents the port extracted from the `url.full`.
+	//
+	// Type: int
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: 443
+	URLPortKey = attribute.Key("url.port")
+
+	// URLQueryKey is the attribute Key conforming to the "url.query" semantic
+	// conventions. It represents the [URI query] component.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "q=OpenTelemetry"
+	// Note: Sensitive content provided in `url.query` SHOULD be scrubbed when
+	// instrumentations can identify it.
+	//
+	//
+	// Query string values for the following keys SHOULD be redacted by default and
+	// replaced by the value `REDACTED`:
+	//
+	//   - [`AWSAccessKeyId`]
+	//   - [`Signature`]
+	//   - [`sig`]
+	//   - [`X-Goog-Signature`]
+	//
+	// This list is subject to change over time.
+	//
+	// When a query string value is redacted, the query string key SHOULD still be
+	// preserved, e.g.
+	// `q=OpenTelemetry&sig=REDACTED`.
+	//
+	// [URI query]: https://www.rfc-editor.org/rfc/rfc3986#section-3.4
+	// [`AWSAccessKeyId`]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/RESTAuthentication.html#RESTAuthenticationQueryStringAuth
+	// [`Signature`]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/RESTAuthentication.html#RESTAuthenticationQueryStringAuth
+	// [`sig`]: https://learn.microsoft.com/azure/storage/common/storage-sas-overview#sas-token
+	// [`X-Goog-Signature`]: https://cloud.google.com/storage/docs/access-control/signed-urls
+	URLQueryKey = attribute.Key("url.query")
+
+	// URLRegisteredDomainKey is the attribute Key conforming to the
+	// "url.registered_domain" semantic conventions. It represents the highest
+	// registered url domain, stripped of the subdomain.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "example.com", "foo.co.uk"
+	// Note: This value can be determined precisely with the [public suffix list].
+	// For example, the registered domain for `foo.example.com` is `example.com`.
+	// Trying to approximate this by simply taking the last two labels will not work
+	// well for TLDs such as `co.uk`.
+	//
+	// [public suffix list]: http://publicsuffix.org
+	URLRegisteredDomainKey = attribute.Key("url.registered_domain")
+
+	// URLSchemeKey is the attribute Key conforming to the "url.scheme" semantic
+	// conventions. It represents the [URI scheme] component identifying the used
+	// protocol.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "https", "ftp", "telnet"
+	//
+	// [URI scheme]: https://www.rfc-editor.org/rfc/rfc3986#section-3.1
+	URLSchemeKey = attribute.Key("url.scheme")
+
+	// URLSubdomainKey is the attribute Key conforming to the "url.subdomain"
+	// semantic conventions. It represents the subdomain portion of a fully
+	// qualified domain name includes all of the names except the host name under
+	// the registered_domain. In a partially qualified domain, or if the
+	// qualification level of the full name cannot be determined, subdomain contains
+	// all of the names below the registered domain.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "east", "sub2.sub1"
+	// Note: The subdomain portion of `www.east.mydomain.co.uk` is `east`. If the
+	// domain has multiple levels of subdomain, such as `sub2.sub1.example.com`, the
+	// subdomain field should contain `sub2.sub1`, with no trailing period.
+	URLSubdomainKey = attribute.Key("url.subdomain")
+
+	// URLTemplateKey is the attribute Key conforming to the "url.template" semantic
+	// conventions. It represents the low-cardinality template of an
+	// [absolute path reference].
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "/users/{id}", "/users/:id", "/users?id={id}"
+	//
+	// [absolute path reference]: https://www.rfc-editor.org/rfc/rfc3986#section-4.2
+	URLTemplateKey = attribute.Key("url.template")
+
+	// URLTopLevelDomainKey is the attribute Key conforming to the
+	// "url.top_level_domain" semantic conventions. It represents the effective top
+	// level domain (eTLD), also known as the domain suffix, is the last part of the
+	// domain name. For example, the top level domain for example.com is `com`.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "com", "co.uk"
+	// Note: This value can be determined precisely with the [public suffix list].
+	//
+	// [public suffix list]: http://publicsuffix.org
+	URLTopLevelDomainKey = attribute.Key("url.top_level_domain")
+)
+
+// URLDomain returns an attribute KeyValue conforming to the "url.domain"
+// semantic conventions. It represents the domain extracted from the `url.full`,
+// such as "opentelemetry.io".
+func URLDomain(val string) attribute.KeyValue {
+	return URLDomainKey.String(val)
+}
+
+// URLExtension returns an attribute KeyValue conforming to the "url.extension"
+// semantic conventions. It represents the file extension extracted from the
+// `url.full`, excluding the leading dot.
+func URLExtension(val string) attribute.KeyValue {
+	return URLExtensionKey.String(val)
+}
+
+// URLFragment returns an attribute KeyValue conforming to the "url.fragment"
+// semantic conventions. It represents the [URI fragment] component.
+//
+// [URI fragment]: https://www.rfc-editor.org/rfc/rfc3986#section-3.5
+func URLFragment(val string) attribute.KeyValue {
+	return URLFragmentKey.String(val)
+}
+
+// URLFull returns an attribute KeyValue conforming to the "url.full" semantic
+// conventions. It represents the absolute URL describing a network resource
+// according to [RFC3986].
+//
+// [RFC3986]: https://www.rfc-editor.org/rfc/rfc3986
+func URLFull(val string) attribute.KeyValue {
+	return URLFullKey.String(val)
+}
+
+// URLOriginal returns an attribute KeyValue conforming to the "url.original"
+// semantic conventions. It represents the unmodified original URL as seen in the
+// event source.
+func URLOriginal(val string) attribute.KeyValue {
+	return URLOriginalKey.String(val)
+}
+
+// URLPath returns an attribute KeyValue conforming to the "url.path" semantic
+// conventions. It represents the [URI path] component.
+//
+// [URI path]: https://www.rfc-editor.org/rfc/rfc3986#section-3.3
+func URLPath(val string) attribute.KeyValue {
+	return URLPathKey.String(val)
+}
+
+// URLPort returns an attribute KeyValue conforming to the "url.port" semantic
+// conventions. It represents the port extracted from the `url.full`.
+func URLPort(val int) attribute.KeyValue {
+	return URLPortKey.Int(val)
+}
+
+// URLQuery returns an attribute KeyValue conforming to the "url.query" semantic
+// conventions. It represents the [URI query] component.
+//
+// [URI query]: https://www.rfc-editor.org/rfc/rfc3986#section-3.4
+func URLQuery(val string) attribute.KeyValue {
+	return URLQueryKey.String(val)
+}
+
+// URLRegisteredDomain returns an attribute KeyValue conforming to the
+// "url.registered_domain" semantic conventions. It represents the highest
+// registered url domain, stripped of the subdomain.
+func URLRegisteredDomain(val string) attribute.KeyValue {
+	return URLRegisteredDomainKey.String(val)
+}
+
+// URLScheme returns an attribute KeyValue conforming to the "url.scheme"
+// semantic conventions. It represents the [URI scheme] component identifying the
+// used protocol.
+//
+// [URI scheme]: https://www.rfc-editor.org/rfc/rfc3986#section-3.1
+func URLScheme(val string) attribute.KeyValue {
+	return URLSchemeKey.String(val)
+}
+
+// URLSubdomain returns an attribute KeyValue conforming to the "url.subdomain"
+// semantic conventions. It represents the subdomain portion of a fully qualified
+// domain name includes all of the names except the host name under the
+// registered_domain. In a partially qualified domain, or if the qualification
+// level of the full name cannot be determined, subdomain contains all of the
+// names below the registered domain.
+func URLSubdomain(val string) attribute.KeyValue {
+	return URLSubdomainKey.String(val)
+}
+
+// URLTemplate returns an attribute KeyValue conforming to the "url.template"
+// semantic conventions. It represents the low-cardinality template of an
+// [absolute path reference].
+//
+// [absolute path reference]: https://www.rfc-editor.org/rfc/rfc3986#section-4.2
+func URLTemplate(val string) attribute.KeyValue {
+	return URLTemplateKey.String(val)
+}
+
+// URLTopLevelDomain returns an attribute KeyValue conforming to the
+// "url.top_level_domain" semantic conventions. It represents the effective top
+// level domain (eTLD), also known as the domain suffix, is the last part of the
+// domain name. For example, the top level domain for example.com is `com`.
+func URLTopLevelDomain(val string) attribute.KeyValue {
+	return URLTopLevelDomainKey.String(val)
+}
+
+// Namespace: user
+const (
+	// UserEmailKey is the attribute Key conforming to the "user.email" semantic
+	// conventions. It represents the user email address.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "a.einstein@example.com"
+	UserEmailKey = attribute.Key("user.email")
+
+	// UserFullNameKey is the attribute Key conforming to the "user.full_name"
+	// semantic conventions. It represents the user's full name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Albert Einstein"
+	UserFullNameKey = attribute.Key("user.full_name")
+
+	// UserHashKey is the attribute Key conforming to the "user.hash" semantic
+	// conventions. It represents the unique user hash to correlate information for
+	// a user in anonymized form.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "364fc68eaf4c8acec74a4e52d7d1feaa"
+	// Note: Useful if `user.id` or `user.name` contain confidential information and
+	// cannot be used.
+	UserHashKey = attribute.Key("user.hash")
+
+	// UserIDKey is the attribute Key conforming to the "user.id" semantic
+	// conventions. It represents the unique identifier of the user.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "S-1-5-21-202424912787-2692429404-2351956786-1000"
+	UserIDKey = attribute.Key("user.id")
+
+	// UserNameKey is the attribute Key conforming to the "user.name" semantic
+	// conventions. It represents the short name or login/username of the user.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "a.einstein"
+	UserNameKey = attribute.Key("user.name")
+
+	// UserRolesKey is the attribute Key conforming to the "user.roles" semantic
+	// conventions. It represents the array of user roles at the time of the event.
+	//
+	// Type: string[]
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "admin", "reporting_user"
+	UserRolesKey = attribute.Key("user.roles")
+)
+
+// UserEmail returns an attribute KeyValue conforming to the "user.email"
+// semantic conventions. It represents the user email address.
+func UserEmail(val string) attribute.KeyValue {
+	return UserEmailKey.String(val)
+}
+
+// UserFullName returns an attribute KeyValue conforming to the "user.full_name"
+// semantic conventions. It represents the user's full name.
+func UserFullName(val string) attribute.KeyValue {
+	return UserFullNameKey.String(val)
+}
+
+// UserHash returns an attribute KeyValue conforming to the "user.hash" semantic
+// conventions. It represents the unique user hash to correlate information for a
+// user in anonymized form.
+func UserHash(val string) attribute.KeyValue {
+	return UserHashKey.String(val)
+}
+
+// UserID returns an attribute KeyValue conforming to the "user.id" semantic
+// conventions. It represents the unique identifier of the user.
+func UserID(val string) attribute.KeyValue {
+	return UserIDKey.String(val)
+}
+
+// UserName returns an attribute KeyValue conforming to the "user.name" semantic
+// conventions. It represents the short name or login/username of the user.
+func UserName(val string) attribute.KeyValue {
+	return UserNameKey.String(val)
+}
+
+// UserRoles returns an attribute KeyValue conforming to the "user.roles"
+// semantic conventions. It represents the array of user roles at the time of the
+// event.
+func UserRoles(val ...string) attribute.KeyValue {
+	return UserRolesKey.StringSlice(val)
+}
+
+// Namespace: user_agent
+const (
+	// UserAgentNameKey is the attribute Key conforming to the "user_agent.name"
+	// semantic conventions. It represents the name of the user-agent extracted from
+	// original. Usually refers to the browser's name.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Safari", "YourApp"
+	// Note: [Example] of extracting browser's name from original string. In the
+	// case of using a user-agent for non-browser products, such as microservices
+	// with multiple names/versions inside the `user_agent.original`, the most
+	// significant name SHOULD be selected. In such a scenario it should align with
+	// `user_agent.version`
+	//
+	// [Example]: https://www.whatsmyua.info
+	UserAgentNameKey = attribute.Key("user_agent.name")
+
+	// UserAgentOriginalKey is the attribute Key conforming to the
+	// "user_agent.original" semantic conventions. It represents the value of the
+	// [HTTP User-Agent] header sent by the client.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Stable
+	//
+	// Examples: "CERN-LineMode/2.15 libwww/2.17b3", "Mozilla/5.0 (iPhone; CPU
+	// iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko)
+	// Version/14.1.2 Mobile/15E148 Safari/604.1", "YourApp/1.0.0
+	// grpc-java-okhttp/1.27.2"
+	//
+	// [HTTP User-Agent]: https://www.rfc-editor.org/rfc/rfc9110.html#field.user-agent
+	UserAgentOriginalKey = attribute.Key("user_agent.original")
+
+	// UserAgentSyntheticTypeKey is the attribute Key conforming to the
+	// "user_agent.synthetic.type" semantic conventions. It represents the specifies
+	// the category of synthetic traffic, such as tests or bots.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// Note: This attribute MAY be derived from the contents of the
+	// `user_agent.original` attribute. Components that populate the attribute are
+	// responsible for determining what they consider to be synthetic bot or test
+	// traffic. This attribute can either be set for self-identification purposes,
+	// or on telemetry detected to be generated as a result of a synthetic request.
+	// This attribute is useful for distinguishing between genuine client traffic
+	// and synthetic traffic generated by bots or tests.
+	UserAgentSyntheticTypeKey = attribute.Key("user_agent.synthetic.type")
+
+	// UserAgentVersionKey is the attribute Key conforming to the
+	// "user_agent.version" semantic conventions. It represents the version of the
+	// user-agent extracted from original. Usually refers to the browser's version.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "14.1.2", "1.0.0"
+	// Note: [Example] of extracting browser's version from original string. In the
+	// case of using a user-agent for non-browser products, such as microservices
+	// with multiple names/versions inside the `user_agent.original`, the most
+	// significant version SHOULD be selected. In such a scenario it should align
+	// with `user_agent.name`
+	//
+	// [Example]: https://www.whatsmyua.info
+	UserAgentVersionKey = attribute.Key("user_agent.version")
+)
+
+// UserAgentName returns an attribute KeyValue conforming to the
+// "user_agent.name" semantic conventions. It represents the name of the
+// user-agent extracted from original. Usually refers to the browser's name.
+func UserAgentName(val string) attribute.KeyValue {
+	return UserAgentNameKey.String(val)
+}
+
+// UserAgentOriginal returns an attribute KeyValue conforming to the
+// "user_agent.original" semantic conventions. It represents the value of the
+// [HTTP User-Agent] header sent by the client.
+//
+// [HTTP User-Agent]: https://www.rfc-editor.org/rfc/rfc9110.html#field.user-agent
+func UserAgentOriginal(val string) attribute.KeyValue {
+	return UserAgentOriginalKey.String(val)
+}
+
+// UserAgentVersion returns an attribute KeyValue conforming to the
+// "user_agent.version" semantic conventions. It represents the version of the
+// user-agent extracted from original. Usually refers to the browser's version.
+func UserAgentVersion(val string) attribute.KeyValue {
+	return UserAgentVersionKey.String(val)
+}
+
+// Enum values for user_agent.synthetic.type
+var (
+	// Bot source.
+	// Stability: development
+	UserAgentSyntheticTypeBot = UserAgentSyntheticTypeKey.String("bot")
+	// Synthetic test source.
+	// Stability: development
+	UserAgentSyntheticTypeTest = UserAgentSyntheticTypeKey.String("test")
+)
+
+// Namespace: vcs
+const (
+	// VCSChangeIDKey is the attribute Key conforming to the "vcs.change.id"
+	// semantic conventions. It represents the ID of the change (pull request/merge
+	// request/changelist) if applicable. This is usually a unique (within
+	// repository) identifier generated by the VCS system.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "123"
+	VCSChangeIDKey = attribute.Key("vcs.change.id")
+
+	// VCSChangeStateKey is the attribute Key conforming to the "vcs.change.state"
+	// semantic conventions. It represents the state of the change (pull
+	// request/merge request/changelist).
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "open", "closed", "merged"
+	VCSChangeStateKey = attribute.Key("vcs.change.state")
+
+	// VCSChangeTitleKey is the attribute Key conforming to the "vcs.change.title"
+	// semantic conventions. It represents the human readable title of the change
+	// (pull request/merge request/changelist). This title is often a brief summary
+	// of the change and may get merged in to a ref as the commit summary.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "Fixes broken thing", "feat: add my new feature", "[chore] update
+	// dependency"
+	VCSChangeTitleKey = attribute.Key("vcs.change.title")
+
+	// VCSLineChangeTypeKey is the attribute Key conforming to the
+	// "vcs.line_change.type" semantic conventions. It represents the type of line
+	// change being measured on a branch or change.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "added", "removed"
+	VCSLineChangeTypeKey = attribute.Key("vcs.line_change.type")
+
+	// VCSRefBaseNameKey is the attribute Key conforming to the "vcs.ref.base.name"
+	// semantic conventions. It represents the name of the [reference] such as
+	// **branch** or **tag** in the repository.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "my-feature-branch", "tag-1-test"
+	// Note: `base` refers to the starting point of a change. For example, `main`
+	// would be the base reference of type branch if you've created a new
+	// reference of type branch from it and created new commits.
+	//
+	// [reference]: https://git-scm.com/docs/gitglossary#def_ref
+	VCSRefBaseNameKey = attribute.Key("vcs.ref.base.name")
+
+	// VCSRefBaseRevisionKey is the attribute Key conforming to the
+	// "vcs.ref.base.revision" semantic conventions. It represents the revision,
+	// literally [revised version], The revision most often refers to a commit
+	// object in Git, or a revision number in SVN.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "9d59409acf479dfa0df1aa568182e43e43df8bbe28d60fcf2bc52e30068802cc",
+	// "main", "123", "HEAD"
+	// Note: `base` refers to the starting point of a change. For example, `main`
+	// would be the base reference of type branch if you've created a new
+	// reference of type branch from it and created new commits. The
+	// revision can be a full [hash value (see
+	// glossary)],
+	// of the recorded change to a ref within a repository pointing to a
+	// commit [commit] object. It does
+	// not necessarily have to be a hash; it can simply define a [revision
+	// number]
+	// which is an integer that is monotonically increasing. In cases where
+	// it is identical to the `ref.base.name`, it SHOULD still be included.
+	// It is up to the implementer to decide which value to set as the
+	// revision based on the VCS system and situational context.
+	//
+	// [revised version]: https://www.merriam-webster.com/dictionary/revision
+	// [hash value (see
+	// glossary)]: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf
+	// [commit]: https://git-scm.com/docs/git-commit
+	// [revision
+	// number]: https://svnbook.red-bean.com/en/1.7/svn.tour.revs.specifiers.html
+	VCSRefBaseRevisionKey = attribute.Key("vcs.ref.base.revision")
+
+	// VCSRefBaseTypeKey is the attribute Key conforming to the "vcs.ref.base.type"
+	// semantic conventions. It represents the type of the [reference] in the
+	// repository.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "branch", "tag"
+	// Note: `base` refers to the starting point of a change. For example, `main`
+	// would be the base reference of type branch if you've created a new
+	// reference of type branch from it and created new commits.
+	//
+	// [reference]: https://git-scm.com/docs/gitglossary#def_ref
+	VCSRefBaseTypeKey = attribute.Key("vcs.ref.base.type")
+
+	// VCSRefHeadNameKey is the attribute Key conforming to the "vcs.ref.head.name"
+	// semantic conventions. It represents the name of the [reference] such as
+	// **branch** or **tag** in the repository.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "my-feature-branch", "tag-1-test"
+	// Note: `head` refers to where you are right now; the current reference at a
+	// given time.
+	//
+	// [reference]: https://git-scm.com/docs/gitglossary#def_ref
+	VCSRefHeadNameKey = attribute.Key("vcs.ref.head.name")
+
+	// VCSRefHeadRevisionKey is the attribute Key conforming to the
+	// "vcs.ref.head.revision" semantic conventions. It represents the revision,
+	// literally [revised version], The revision most often refers to a commit
+	// object in Git, or a revision number in SVN.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "9d59409acf479dfa0df1aa568182e43e43df8bbe28d60fcf2bc52e30068802cc",
+	// "main", "123", "HEAD"
+	// Note: `head` refers to where you are right now; the current reference at a
+	// given time.The revision can be a full [hash value (see
+	// glossary)],
+	// of the recorded change to a ref within a repository pointing to a
+	// commit [commit] object. It does
+	// not necessarily have to be a hash; it can simply define a [revision
+	// number]
+	// which is an integer that is monotonically increasing. In cases where
+	// it is identical to the `ref.head.name`, it SHOULD still be included.
+	// It is up to the implementer to decide which value to set as the
+	// revision based on the VCS system and situational context.
+	//
+	// [revised version]: https://www.merriam-webster.com/dictionary/revision
+	// [hash value (see
+	// glossary)]: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf
+	// [commit]: https://git-scm.com/docs/git-commit
+	// [revision
+	// number]: https://svnbook.red-bean.com/en/1.7/svn.tour.revs.specifiers.html
+	VCSRefHeadRevisionKey = attribute.Key("vcs.ref.head.revision")
+
+	// VCSRefHeadTypeKey is the attribute Key conforming to the "vcs.ref.head.type"
+	// semantic conventions. It represents the type of the [reference] in the
+	// repository.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "branch", "tag"
+	// Note: `head` refers to where you are right now; the current reference at a
+	// given time.
+	//
+	// [reference]: https://git-scm.com/docs/gitglossary#def_ref
+	VCSRefHeadTypeKey = attribute.Key("vcs.ref.head.type")
+
+	// VCSRefTypeKey is the attribute Key conforming to the "vcs.ref.type" semantic
+	// conventions. It represents the type of the [reference] in the repository.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "branch", "tag"
+	//
+	// [reference]: https://git-scm.com/docs/gitglossary#def_ref
+	VCSRefTypeKey = attribute.Key("vcs.ref.type")
+
+	// VCSRepositoryNameKey is the attribute Key conforming to the
+	// "vcs.repository.name" semantic conventions. It represents the human readable
+	// name of the repository. It SHOULD NOT include any additional identifier like
+	// Group/SubGroup in GitLab or organization in GitHub.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "semantic-conventions", "my-cool-repo"
+	// Note: Due to it only being the name, it can clash with forks of the same
+	// repository if collecting telemetry across multiple orgs or groups in
+	// the same backends.
+	VCSRepositoryNameKey = attribute.Key("vcs.repository.name")
+
+	// VCSRepositoryURLFullKey is the attribute Key conforming to the
+	// "vcs.repository.url.full" semantic conventions. It represents the
+	// [canonical URL] of the repository providing the complete HTTP(S) address in
+	// order to locate and identify the repository through a browser.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples:
+	// "https://github.com/opentelemetry/open-telemetry-collector-contrib",
+	// "https://gitlab.com/my-org/my-project/my-projects-project/repo"
+	// Note: In Git Version Control Systems, the canonical URL SHOULD NOT include
+	// the `.git` extension.
+	//
+	// [canonical URL]: https://support.google.com/webmasters/answer/10347851?hl=en#:~:text=A%20canonical%20URL%20is%20the,Google%20chooses%20one%20as%20canonical.
+	VCSRepositoryURLFullKey = attribute.Key("vcs.repository.url.full")
+
+	// VCSRevisionDeltaDirectionKey is the attribute Key conforming to the
+	// "vcs.revision_delta.direction" semantic conventions. It represents the type
+	// of revision comparison.
+	//
+	// Type: Enum
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "ahead", "behind"
+	VCSRevisionDeltaDirectionKey = attribute.Key("vcs.revision_delta.direction")
+)
+
+// VCSChangeID returns an attribute KeyValue conforming to the "vcs.change.id"
+// semantic conventions. It represents the ID of the change (pull request/merge
+// request/changelist) if applicable. This is usually a unique (within
+// repository) identifier generated by the VCS system.
+func VCSChangeID(val string) attribute.KeyValue {
+	return VCSChangeIDKey.String(val)
+}
+
+// VCSChangeTitle returns an attribute KeyValue conforming to the
+// "vcs.change.title" semantic conventions. It represents the human readable
+// title of the change (pull request/merge request/changelist). This title is
+// often a brief summary of the change and may get merged in to a ref as the
+// commit summary.
+func VCSChangeTitle(val string) attribute.KeyValue {
+	return VCSChangeTitleKey.String(val)
+}
+
+// VCSRefBaseName returns an attribute KeyValue conforming to the
+// "vcs.ref.base.name" semantic conventions. It represents the name of the
+// [reference] such as **branch** or **tag** in the repository.
+//
+// [reference]: https://git-scm.com/docs/gitglossary#def_ref
+func VCSRefBaseName(val string) attribute.KeyValue {
+	return VCSRefBaseNameKey.String(val)
+}
+
+// VCSRefBaseRevision returns an attribute KeyValue conforming to the
+// "vcs.ref.base.revision" semantic conventions. It represents the revision,
+// literally [revised version], The revision most often refers to a commit object
+// in Git, or a revision number in SVN.
+//
+// [revised version]: https://www.merriam-webster.com/dictionary/revision
+func VCSRefBaseRevision(val string) attribute.KeyValue {
+	return VCSRefBaseRevisionKey.String(val)
+}
+
+// VCSRefHeadName returns an attribute KeyValue conforming to the
+// "vcs.ref.head.name" semantic conventions. It represents the name of the
+// [reference] such as **branch** or **tag** in the repository.
+//
+// [reference]: https://git-scm.com/docs/gitglossary#def_ref
+func VCSRefHeadName(val string) attribute.KeyValue {
+	return VCSRefHeadNameKey.String(val)
+}
+
+// VCSRefHeadRevision returns an attribute KeyValue conforming to the
+// "vcs.ref.head.revision" semantic conventions. It represents the revision,
+// literally [revised version], The revision most often refers to a commit object
+// in Git, or a revision number in SVN.
+//
+// [revised version]: https://www.merriam-webster.com/dictionary/revision
+func VCSRefHeadRevision(val string) attribute.KeyValue {
+	return VCSRefHeadRevisionKey.String(val)
+}
+
+// VCSRepositoryName returns an attribute KeyValue conforming to the
+// "vcs.repository.name" semantic conventions. It represents the human readable
+// name of the repository. It SHOULD NOT include any additional identifier like
+// Group/SubGroup in GitLab or organization in GitHub.
+func VCSRepositoryName(val string) attribute.KeyValue {
+	return VCSRepositoryNameKey.String(val)
+}
+
+// VCSRepositoryURLFull returns an attribute KeyValue conforming to the
+// "vcs.repository.url.full" semantic conventions. It represents the
+// [canonical URL] of the repository providing the complete HTTP(S) address in
+// order to locate and identify the repository through a browser.
+//
+// [canonical URL]: https://support.google.com/webmasters/answer/10347851?hl=en#:~:text=A%20canonical%20URL%20is%20the,Google%20chooses%20one%20as%20canonical.
+func VCSRepositoryURLFull(val string) attribute.KeyValue {
+	return VCSRepositoryURLFullKey.String(val)
+}
+
+// Enum values for vcs.change.state
+var (
+	// Open means the change is currently active and under review. It hasn't been
+	// merged into the target branch yet, and it's still possible to make changes or
+	// add comments.
+	// Stability: development
+	VCSChangeStateOpen = VCSChangeStateKey.String("open")
+	// WIP (work-in-progress, draft) means the change is still in progress and not
+	// yet ready for a full review. It might still undergo significant changes.
+	// Stability: development
+	VCSChangeStateWip = VCSChangeStateKey.String("wip")
+	// Closed means the merge request has been closed without merging. This can
+	// happen for various reasons, such as the changes being deemed unnecessary, the
+	// issue being resolved in another way, or the author deciding to withdraw the
+	// request.
+	// Stability: development
+	VCSChangeStateClosed = VCSChangeStateKey.String("closed")
+	// Merged indicates that the change has been successfully integrated into the
+	// target codebase.
+	// Stability: development
+	VCSChangeStateMerged = VCSChangeStateKey.String("merged")
+)
+
+// Enum values for vcs.line_change.type
+var (
+	// How many lines were added.
+	// Stability: development
+	VCSLineChangeTypeAdded = VCSLineChangeTypeKey.String("added")
+	// How many lines were removed.
+	// Stability: development
+	VCSLineChangeTypeRemoved = VCSLineChangeTypeKey.String("removed")
+)
+
+// Enum values for vcs.ref.base.type
+var (
+	// [branch]
+	// Stability: development
+	//
+	// [branch]: https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddefbranchabranch
+	VCSRefBaseTypeBranch = VCSRefBaseTypeKey.String("branch")
+	// [tag]
+	// Stability: development
+	//
+	// [tag]: https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddeftagatag
+	VCSRefBaseTypeTag = VCSRefBaseTypeKey.String("tag")
+)
+
+// Enum values for vcs.ref.head.type
+var (
+	// [branch]
+	// Stability: development
+	//
+	// [branch]: https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddefbranchabranch
+	VCSRefHeadTypeBranch = VCSRefHeadTypeKey.String("branch")
+	// [tag]
+	// Stability: development
+	//
+	// [tag]: https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddeftagatag
+	VCSRefHeadTypeTag = VCSRefHeadTypeKey.String("tag")
+)
+
+// Enum values for vcs.ref.type
+var (
+	// [branch]
+	// Stability: development
+	//
+	// [branch]: https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddefbranchabranch
+	VCSRefTypeBranch = VCSRefTypeKey.String("branch")
+	// [tag]
+	// Stability: development
+	//
+	// [tag]: https://git-scm.com/docs/gitglossary#Documentation/gitglossary.txt-aiddeftagatag
+	VCSRefTypeTag = VCSRefTypeKey.String("tag")
+)
+
+// Enum values for vcs.revision_delta.direction
+var (
+	// How many revisions the change is behind the target ref.
+	// Stability: development
+	VCSRevisionDeltaDirectionBehind = VCSRevisionDeltaDirectionKey.String("behind")
+	// How many revisions the change is ahead of the target ref.
+	// Stability: development
+	VCSRevisionDeltaDirectionAhead = VCSRevisionDeltaDirectionKey.String("ahead")
+)
+
+// Namespace: webengine
+const (
+	// WebEngineDescriptionKey is the attribute Key conforming to the
+	// "webengine.description" semantic conventions. It represents the additional
+	// description of the web engine (e.g. detailed version and edition
+	// information).
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "WildFly Full 21.0.0.Final (WildFly Core 13.0.1.Final) -
+	// 2.2.2.Final"
+	WebEngineDescriptionKey = attribute.Key("webengine.description")
+
+	// WebEngineNameKey is the attribute Key conforming to the "webengine.name"
+	// semantic conventions. It represents the name of the web engine.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "WildFly"
+	WebEngineNameKey = attribute.Key("webengine.name")
+
+	// WebEngineVersionKey is the attribute Key conforming to the
+	// "webengine.version" semantic conventions. It represents the version of the
+	// web engine.
+	//
+	// Type: string
+	// RequirementLevel: Recommended
+	// Stability: Development
+	//
+	// Examples: "21.0.0"
+	WebEngineVersionKey = attribute.Key("webengine.version")
+)
+
+// WebEngineDescription returns an attribute KeyValue conforming to the
+// "webengine.description" semantic conventions. It represents the additional
+// description of the web engine (e.g. detailed version and edition information).
+func WebEngineDescription(val string) attribute.KeyValue {
+	return WebEngineDescriptionKey.String(val)
+}
+
+// WebEngineName returns an attribute KeyValue conforming to the "webengine.name"
+// semantic conventions. It represents the name of the web engine.
+func WebEngineName(val string) attribute.KeyValue {
+	return WebEngineNameKey.String(val)
+}
+
+// WebEngineVersion returns an attribute KeyValue conforming to the
+// "webengine.version" semantic conventions. It represents the version of the web
+// engine.
+func WebEngineVersion(val string) attribute.KeyValue {
+	return WebEngineVersionKey.String(val)
+}
\ No newline at end of file
diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/doc.go b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/doc.go
new file mode 100644
index 0000000000..787f5b0f4d
--- /dev/null
+++ b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/doc.go
@@ -0,0 +1,9 @@
+// Copyright The OpenTelemetry Authors
+// SPDX-License-Identifier: Apache-2.0
+
+// Package semconv implements OpenTelemetry semantic conventions.
+//
+// OpenTelemetry semantic conventions are agreed standardized naming
+// patterns for OpenTelemetry things. This package represents the v1.30.0
+// version of the OpenTelemetry semantic conventions.
+package semconv // import "go.opentelemetry.io/otel/semconv/v1.30.0"
diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/exception.go b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/exception.go
new file mode 100644
index 0000000000..4332a795f3
--- /dev/null
+++ b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/exception.go
@@ -0,0 +1,9 @@
+// Copyright The OpenTelemetry Authors
+// SPDX-License-Identifier: Apache-2.0
+
+package semconv // import "go.opentelemetry.io/otel/semconv/v1.30.0"
+
+const (
+	// ExceptionEventName is the name of the Span event representing an exception.
+	ExceptionEventName = "exception"
+)
diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/metric.go b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/metric.go
new file mode 100644
index 0000000000..fe6beb91dd
--- /dev/null
+++ b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/metric.go
@@ -0,0 +1,1750 @@
+// Copyright The OpenTelemetry Authors
+// SPDX-License-Identifier: Apache-2.0
+
+// Code generated from semantic convention specification. DO NOT EDIT.
+
+package semconv // import "go.opentelemetry.io/otel/semconv/v1.30.0"
+
+const (
+  // AzureCosmosDBClientActiveInstanceCount is the metric conforming to the
+  // "azure.cosmosdb.client.active_instance.count" semantic conventions. It
+  // represents the number of active client instances.
+  // Instrument: updowncounter
+  // Unit: {instance}
+  // Stability: development
+  AzureCosmosDBClientActiveInstanceCountName = "azure.cosmosdb.client.active_instance.count"
+  AzureCosmosDBClientActiveInstanceCountUnit = "{instance}"
+  AzureCosmosDBClientActiveInstanceCountDescription = "Number of active client instances"
+  // AzureCosmosDBClientOperationRequestCharge is the metric conforming to the
+  // "azure.cosmosdb.client.operation.request_charge" semantic conventions. It
+  // represents the [Request units] consumed by the operation.
+  //
+  // [Request units]: https://learn.microsoft.com/azure/cosmos-db/request-units
+  // Instrument: histogram
+  // Unit: {request_unit}
+  // Stability: development
+  AzureCosmosDBClientOperationRequestChargeName = "azure.cosmosdb.client.operation.request_charge"
+  AzureCosmosDBClientOperationRequestChargeUnit = "{request_unit}"
+  AzureCosmosDBClientOperationRequestChargeDescription = "[Request units](https://learn.microsoft.com/azure/cosmos-db/request-units) consumed by the operation"
+  // CICDPipelineRunActive is the metric conforming to the
+  // "cicd.pipeline.run.active" semantic conventions. It represents the number of
+  // pipeline runs currently active in the system by state.
+  // Instrument: updowncounter
+  // Unit: {run}
+  // Stability: development
+  CICDPipelineRunActiveName = "cicd.pipeline.run.active"
+  CICDPipelineRunActiveUnit = "{run}"
+  CICDPipelineRunActiveDescription = "The number of pipeline runs currently active in the system by state."
+  // CICDPipelineRunDuration is the metric conforming to the
+  // "cicd.pipeline.run.duration" semantic conventions. It represents the
+  // duration of a pipeline run grouped by pipeline, state and result.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  CICDPipelineRunDurationName = "cicd.pipeline.run.duration"
+  CICDPipelineRunDurationUnit = "s"
+  CICDPipelineRunDurationDescription = "Duration of a pipeline run grouped by pipeline, state and result."
+  // CICDPipelineRunErrors is the metric conforming to the
+  // "cicd.pipeline.run.errors" semantic conventions. It represents the number of
+  // errors encountered in pipeline runs (eg. compile, test failures).
+  // Instrument: counter
+  // Unit: {error}
+  // Stability: development
+  CICDPipelineRunErrorsName = "cicd.pipeline.run.errors"
+  CICDPipelineRunErrorsUnit = "{error}"
+  CICDPipelineRunErrorsDescription = "The number of errors encountered in pipeline runs (eg. compile, test failures)."
+  // CICDSystemErrors is the metric conforming to the "cicd.system.errors"
+  // semantic conventions. It represents the number of errors in a component of
+  // the CICD system (eg. controller, scheduler, agent).
+  // Instrument: counter
+  // Unit: {error}
+  // Stability: development
+  CICDSystemErrorsName = "cicd.system.errors"
+  CICDSystemErrorsUnit = "{error}"
+  CICDSystemErrorsDescription = "The number of errors in a component of the CICD system (eg. controller, scheduler, agent)."
+  // CICDWorkerCount is the metric conforming to the "cicd.worker.count" semantic
+  // conventions. It represents the number of workers on the CICD system by
+  // state.
+  // Instrument: updowncounter
+  // Unit: {count}
+  // Stability: development
+  CICDWorkerCountName = "cicd.worker.count"
+  CICDWorkerCountUnit = "{count}"
+  CICDWorkerCountDescription = "The number of workers on the CICD system by state."
+  // ContainerCPUTime is the metric conforming to the "container.cpu.time"
+  // semantic conventions. It represents the total CPU time consumed.
+  // Instrument: counter
+  // Unit: s
+  // Stability: development
+  ContainerCPUTimeName = "container.cpu.time"
+  ContainerCPUTimeUnit = "s"
+  ContainerCPUTimeDescription = "Total CPU time consumed"
+  // ContainerCPUUsage is the metric conforming to the "container.cpu.usage"
+  // semantic conventions. It represents the container's CPU usage, measured in
+  // cpus. Range from 0 to the number of allocatable CPUs.
+  // Instrument: gauge
+  // Unit: {cpu}
+  // Stability: development
+  ContainerCPUUsageName = "container.cpu.usage"
+  ContainerCPUUsageUnit = "{cpu}"
+  ContainerCPUUsageDescription = "Container's CPU usage, measured in cpus. Range from 0 to the number of allocatable CPUs"
+  // ContainerDiskIo is the metric conforming to the "container.disk.io" semantic
+  // conventions. It represents the disk bytes for the container.
+  // Instrument: counter
+  // Unit: By
+  // Stability: development
+  ContainerDiskIoName = "container.disk.io"
+  ContainerDiskIoUnit = "By"
+  ContainerDiskIoDescription = "Disk bytes for the container."
+  // ContainerMemoryUsage is the metric conforming to the
+  // "container.memory.usage" semantic conventions. It represents the memory
+  // usage of the container.
+  // Instrument: counter
+  // Unit: By
+  // Stability: development
+  ContainerMemoryUsageName = "container.memory.usage"
+  ContainerMemoryUsageUnit = "By"
+  ContainerMemoryUsageDescription = "Memory usage of the container."
+  // ContainerNetworkIo is the metric conforming to the "container.network.io"
+  // semantic conventions. It represents the network bytes for the container.
+  // Instrument: counter
+  // Unit: By
+  // Stability: development
+  ContainerNetworkIoName = "container.network.io"
+  ContainerNetworkIoUnit = "By"
+  ContainerNetworkIoDescription = "Network bytes for the container."
+  // ContainerUptime is the metric conforming to the "container.uptime" semantic
+  // conventions. It represents the time the container has been running.
+  // Instrument: gauge
+  // Unit: s
+  // Stability: development
+  ContainerUptimeName = "container.uptime"
+  ContainerUptimeUnit = "s"
+  ContainerUptimeDescription = "The time the container has been running"
+  // DBClientConnectionCount is the metric conforming to the
+  // "db.client.connection.count" semantic conventions. It represents the number
+  // of connections that are currently in state described by the `state`
+  // attribute.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: development
+  DBClientConnectionCountName = "db.client.connection.count"
+  DBClientConnectionCountUnit = "{connection}"
+  DBClientConnectionCountDescription = "The number of connections that are currently in state described by the `state` attribute"
+  // DBClientConnectionCreateTime is the metric conforming to the
+  // "db.client.connection.create_time" semantic conventions. It represents the
+  // time it took to create a new connection.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  DBClientConnectionCreateTimeName = "db.client.connection.create_time"
+  DBClientConnectionCreateTimeUnit = "s"
+  DBClientConnectionCreateTimeDescription = "The time it took to create a new connection"
+  // DBClientConnectionIdleMax is the metric conforming to the
+  // "db.client.connection.idle.max" semantic conventions. It represents the
+  // maximum number of idle open connections allowed.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: development
+  DBClientConnectionIdleMaxName = "db.client.connection.idle.max"
+  DBClientConnectionIdleMaxUnit = "{connection}"
+  DBClientConnectionIdleMaxDescription = "The maximum number of idle open connections allowed"
+  // DBClientConnectionIdleMin is the metric conforming to the
+  // "db.client.connection.idle.min" semantic conventions. It represents the
+  // minimum number of idle open connections allowed.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: development
+  DBClientConnectionIdleMinName = "db.client.connection.idle.min"
+  DBClientConnectionIdleMinUnit = "{connection}"
+  DBClientConnectionIdleMinDescription = "The minimum number of idle open connections allowed"
+  // DBClientConnectionMax is the metric conforming to the
+  // "db.client.connection.max" semantic conventions. It represents the maximum
+  // number of open connections allowed.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: development
+  DBClientConnectionMaxName = "db.client.connection.max"
+  DBClientConnectionMaxUnit = "{connection}"
+  DBClientConnectionMaxDescription = "The maximum number of open connections allowed"
+  // DBClientConnectionPendingRequests is the metric conforming to the
+  // "db.client.connection.pending_requests" semantic conventions. It represents
+  // the number of current pending requests for an open connection.
+  // Instrument: updowncounter
+  // Unit: {request}
+  // Stability: development
+  DBClientConnectionPendingRequestsName = "db.client.connection.pending_requests"
+  DBClientConnectionPendingRequestsUnit = "{request}"
+  DBClientConnectionPendingRequestsDescription = "The number of current pending requests for an open connection"
+  // DBClientConnectionTimeouts is the metric conforming to the
+  // "db.client.connection.timeouts" semantic conventions. It represents the
+  // number of connection timeouts that have occurred trying to obtain a
+  // connection from the pool.
+  // Instrument: counter
+  // Unit: {timeout}
+  // Stability: development
+  DBClientConnectionTimeoutsName = "db.client.connection.timeouts"
+  DBClientConnectionTimeoutsUnit = "{timeout}"
+  DBClientConnectionTimeoutsDescription = "The number of connection timeouts that have occurred trying to obtain a connection from the pool"
+  // DBClientConnectionUseTime is the metric conforming to the
+  // "db.client.connection.use_time" semantic conventions. It represents the time
+  // between borrowing a connection and returning it to the pool.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  DBClientConnectionUseTimeName = "db.client.connection.use_time"
+  DBClientConnectionUseTimeUnit = "s"
+  DBClientConnectionUseTimeDescription = "The time between borrowing a connection and returning it to the pool"
+  // DBClientConnectionWaitTime is the metric conforming to the
+  // "db.client.connection.wait_time" semantic conventions. It represents the
+  // time it took to obtain an open connection from the pool.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  DBClientConnectionWaitTimeName = "db.client.connection.wait_time"
+  DBClientConnectionWaitTimeUnit = "s"
+  DBClientConnectionWaitTimeDescription = "The time it took to obtain an open connection from the pool"
+  // DBClientConnectionsCreateTime is the metric conforming to the
+  // "db.client.connections.create_time" semantic conventions. It represents the
+  // deprecated, use `db.client.connection.create_time` instead. Note: the unit
+  // also changed from `ms` to `s`.
+  // Instrument: histogram
+  // Unit: ms
+  // Stability: development
+  // Deprecated: Replaced by `db.client.connection.create_time`. Note: the unit also changed from `ms` to `s`.
+  DBClientConnectionsCreateTimeName = "db.client.connections.create_time"
+  DBClientConnectionsCreateTimeUnit = "ms"
+  DBClientConnectionsCreateTimeDescription = "Deprecated, use `db.client.connection.create_time` instead. Note: the unit also changed from `ms` to `s`."
+  // DBClientConnectionsIdleMax is the metric conforming to the
+  // "db.client.connections.idle.max" semantic conventions. It represents the
+  // deprecated, use `db.client.connection.idle.max` instead.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: development
+  // Deprecated: Replaced by `db.client.connection.idle.max`.
+  DBClientConnectionsIdleMaxName = "db.client.connections.idle.max"
+  DBClientConnectionsIdleMaxUnit = "{connection}"
+  DBClientConnectionsIdleMaxDescription = "Deprecated, use `db.client.connection.idle.max` instead."
+  // DBClientConnectionsIdleMin is the metric conforming to the
+  // "db.client.connections.idle.min" semantic conventions. It represents the
+  // deprecated, use `db.client.connection.idle.min` instead.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: development
+  // Deprecated: Replaced by `db.client.connection.idle.min`.
+  DBClientConnectionsIdleMinName = "db.client.connections.idle.min"
+  DBClientConnectionsIdleMinUnit = "{connection}"
+  DBClientConnectionsIdleMinDescription = "Deprecated, use `db.client.connection.idle.min` instead."
+  // DBClientConnectionsMax is the metric conforming to the
+  // "db.client.connections.max" semantic conventions. It represents the
+  // deprecated, use `db.client.connection.max` instead.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: development
+  // Deprecated: Replaced by `db.client.connection.max`.
+  DBClientConnectionsMaxName = "db.client.connections.max"
+  DBClientConnectionsMaxUnit = "{connection}"
+  DBClientConnectionsMaxDescription = "Deprecated, use `db.client.connection.max` instead."
+  // DBClientConnectionsPendingRequests is the metric conforming to the
+  // "db.client.connections.pending_requests" semantic conventions. It represents
+  // the deprecated, use `db.client.connection.pending_requests` instead.
+  // Instrument: updowncounter
+  // Unit: {request}
+  // Stability: development
+  // Deprecated: Replaced by `db.client.connection.pending_requests`.
+  DBClientConnectionsPendingRequestsName = "db.client.connections.pending_requests"
+  DBClientConnectionsPendingRequestsUnit = "{request}"
+  DBClientConnectionsPendingRequestsDescription = "Deprecated, use `db.client.connection.pending_requests` instead."
+  // DBClientConnectionsTimeouts is the metric conforming to the
+  // "db.client.connections.timeouts" semantic conventions. It represents the
+  // deprecated, use `db.client.connection.timeouts` instead.
+  // Instrument: counter
+  // Unit: {timeout}
+  // Stability: development
+  // Deprecated: Replaced by `db.client.connection.timeouts`.
+  DBClientConnectionsTimeoutsName = "db.client.connections.timeouts"
+  DBClientConnectionsTimeoutsUnit = "{timeout}"
+  DBClientConnectionsTimeoutsDescription = "Deprecated, use `db.client.connection.timeouts` instead."
+  // DBClientConnectionsUsage is the metric conforming to the
+  // "db.client.connections.usage" semantic conventions. It represents the
+  // deprecated, use `db.client.connection.count` instead.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: development
+  // Deprecated: Replaced by `db.client.connection.count`.
+  DBClientConnectionsUsageName = "db.client.connections.usage"
+  DBClientConnectionsUsageUnit = "{connection}"
+  DBClientConnectionsUsageDescription = "Deprecated, use `db.client.connection.count` instead."
+  // DBClientConnectionsUseTime is the metric conforming to the
+  // "db.client.connections.use_time" semantic conventions. It represents the
+  // deprecated, use `db.client.connection.use_time` instead. Note: the unit also
+  // changed from `ms` to `s`.
+  // Instrument: histogram
+  // Unit: ms
+  // Stability: development
+  // Deprecated: Replaced by `db.client.connection.use_time`. Note: the unit also changed from `ms` to `s`.
+  DBClientConnectionsUseTimeName = "db.client.connections.use_time"
+  DBClientConnectionsUseTimeUnit = "ms"
+  DBClientConnectionsUseTimeDescription = "Deprecated, use `db.client.connection.use_time` instead. Note: the unit also changed from `ms` to `s`."
+  // DBClientConnectionsWaitTime is the metric conforming to the
+  // "db.client.connections.wait_time" semantic conventions. It represents the
+  // deprecated, use `db.client.connection.wait_time` instead. Note: the unit
+  // also changed from `ms` to `s`.
+  // Instrument: histogram
+  // Unit: ms
+  // Stability: development
+  // Deprecated: Replaced by `db.client.connection.wait_time`. Note: the unit also changed from `ms` to `s`.
+  DBClientConnectionsWaitTimeName = "db.client.connections.wait_time"
+  DBClientConnectionsWaitTimeUnit = "ms"
+  DBClientConnectionsWaitTimeDescription = "Deprecated, use `db.client.connection.wait_time` instead. Note: the unit also changed from `ms` to `s`."
+  // DBClientCosmosDBActiveInstanceCount is the metric conforming to the
+  // "db.client.cosmosdb.active_instance.count" semantic conventions. It
+  // represents the deprecated, use `azure.cosmosdb.client.active_instance.count`
+  //  instead.
+  // Instrument: updowncounter
+  // Unit: {instance}
+  // Stability: development
+  // Deprecated: Replaced by `azure.cosmosdb.client.active_instance.count`.
+  DBClientCosmosDBActiveInstanceCountName = "db.client.cosmosdb.active_instance.count"
+  DBClientCosmosDBActiveInstanceCountUnit = "{instance}"
+  DBClientCosmosDBActiveInstanceCountDescription = "Deprecated, use `azure.cosmosdb.client.active_instance.count` instead."
+  // DBClientCosmosDBOperationRequestCharge is the metric conforming to the
+  // "db.client.cosmosdb.operation.request_charge" semantic conventions. It
+  // represents the deprecated, use
+  // `azure.cosmosdb.client.operation.request_charge` instead.
+  // Instrument: histogram
+  // Unit: {request_unit}
+  // Stability: development
+  // Deprecated: Replaced by `azure.cosmosdb.client.operation.request_charge`.
+  DBClientCosmosDBOperationRequestChargeName = "db.client.cosmosdb.operation.request_charge"
+  DBClientCosmosDBOperationRequestChargeUnit = "{request_unit}"
+  DBClientCosmosDBOperationRequestChargeDescription = "Deprecated, use `azure.cosmosdb.client.operation.request_charge` instead."
+  // DBClientOperationDuration is the metric conforming to the
+  // "db.client.operation.duration" semantic conventions. It represents the
+  // duration of database client operations.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: release_candidate
+  DBClientOperationDurationName = "db.client.operation.duration"
+  DBClientOperationDurationUnit = "s"
+  DBClientOperationDurationDescription = "Duration of database client operations."
+  // DBClientResponseReturnedRows is the metric conforming to the
+  // "db.client.response.returned_rows" semantic conventions. It represents the
+  // actual number of records returned by the database operation.
+  // Instrument: histogram
+  // Unit: {row}
+  // Stability: development
+  DBClientResponseReturnedRowsName = "db.client.response.returned_rows"
+  DBClientResponseReturnedRowsUnit = "{row}"
+  DBClientResponseReturnedRowsDescription = "The actual number of records returned by the database operation."
+  // DNSLookupDuration is the metric conforming to the "dns.lookup.duration"
+  // semantic conventions. It represents the measures the time taken to perform a
+  // DNS lookup.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  DNSLookupDurationName = "dns.lookup.duration"
+  DNSLookupDurationUnit = "s"
+  DNSLookupDurationDescription = "Measures the time taken to perform a DNS lookup."
+  // FaaSColdstarts is the metric conforming to the "faas.coldstarts" semantic
+  // conventions. It represents the number of invocation cold starts.
+  // Instrument: counter
+  // Unit: {coldstart}
+  // Stability: development
+  FaaSColdstartsName = "faas.coldstarts"
+  FaaSColdstartsUnit = "{coldstart}"
+  FaaSColdstartsDescription = "Number of invocation cold starts"
+  // FaaSCPUUsage is the metric conforming to the "faas.cpu_usage" semantic
+  // conventions. It represents the distribution of CPU usage per invocation.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  FaaSCPUUsageName = "faas.cpu_usage"
+  FaaSCPUUsageUnit = "s"
+  FaaSCPUUsageDescription = "Distribution of CPU usage per invocation"
+  // FaaSErrors is the metric conforming to the "faas.errors" semantic
+  // conventions. It represents the number of invocation errors.
+  // Instrument: counter
+  // Unit: {error}
+  // Stability: development
+  FaaSErrorsName = "faas.errors"
+  FaaSErrorsUnit = "{error}"
+  FaaSErrorsDescription = "Number of invocation errors"
+  // FaaSInitDuration is the metric conforming to the "faas.init_duration"
+  // semantic conventions. It represents the measures the duration of the
+  // function's initialization, such as a cold start.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  FaaSInitDurationName = "faas.init_duration"
+  FaaSInitDurationUnit = "s"
+  FaaSInitDurationDescription = "Measures the duration of the function's initialization, such as a cold start"
+  // FaaSInvocations is the metric conforming to the "faas.invocations" semantic
+  // conventions. It represents the number of successful invocations.
+  // Instrument: counter
+  // Unit: {invocation}
+  // Stability: development
+  FaaSInvocationsName = "faas.invocations"
+  FaaSInvocationsUnit = "{invocation}"
+  FaaSInvocationsDescription = "Number of successful invocations"
+  // FaaSInvokeDuration is the metric conforming to the "faas.invoke_duration"
+  // semantic conventions. It represents the measures the duration of the
+  // function's logic execution.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  FaaSInvokeDurationName = "faas.invoke_duration"
+  FaaSInvokeDurationUnit = "s"
+  FaaSInvokeDurationDescription = "Measures the duration of the function's logic execution"
+  // FaaSMemUsage is the metric conforming to the "faas.mem_usage" semantic
+  // conventions. It represents the distribution of max memory usage per
+  // invocation.
+  // Instrument: histogram
+  // Unit: By
+  // Stability: development
+  FaaSMemUsageName = "faas.mem_usage"
+  FaaSMemUsageUnit = "By"
+  FaaSMemUsageDescription = "Distribution of max memory usage per invocation"
+  // FaaSNetIo is the metric conforming to the "faas.net_io" semantic
+  // conventions. It represents the distribution of net I/O usage per invocation.
+  // Instrument: histogram
+  // Unit: By
+  // Stability: development
+  FaaSNetIoName = "faas.net_io"
+  FaaSNetIoUnit = "By"
+  FaaSNetIoDescription = "Distribution of net I/O usage per invocation"
+  // FaaSTimeouts is the metric conforming to the "faas.timeouts" semantic
+  // conventions. It represents the number of invocation timeouts.
+  // Instrument: counter
+  // Unit: {timeout}
+  // Stability: development
+  FaaSTimeoutsName = "faas.timeouts"
+  FaaSTimeoutsUnit = "{timeout}"
+  FaaSTimeoutsDescription = "Number of invocation timeouts"
+  // GenAIClientOperationDuration is the metric conforming to the
+  // "gen_ai.client.operation.duration" semantic conventions. It represents the
+  // genAI operation duration.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  GenAIClientOperationDurationName = "gen_ai.client.operation.duration"
+  GenAIClientOperationDurationUnit = "s"
+  GenAIClientOperationDurationDescription = "GenAI operation duration"
+  // GenAIClientTokenUsage is the metric conforming to the
+  // "gen_ai.client.token.usage" semantic conventions. It represents the measures
+  // number of input and output tokens used.
+  // Instrument: histogram
+  // Unit: {token}
+  // Stability: development
+  GenAIClientTokenUsageName = "gen_ai.client.token.usage"
+  GenAIClientTokenUsageUnit = "{token}"
+  GenAIClientTokenUsageDescription = "Measures number of input and output tokens used"
+  // GenAIServerRequestDuration is the metric conforming to the
+  // "gen_ai.server.request.duration" semantic conventions. It represents the
+  // generative AI server request duration such as time-to-last byte or last
+  // output token.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  GenAIServerRequestDurationName = "gen_ai.server.request.duration"
+  GenAIServerRequestDurationUnit = "s"
+  GenAIServerRequestDurationDescription = "Generative AI server request duration such as time-to-last byte or last output token"
+  // GenAIServerTimePerOutputToken is the metric conforming to the
+  // "gen_ai.server.time_per_output_token" semantic conventions. It represents
+  // the time per output token generated after the first token for successful
+  // responses.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  GenAIServerTimePerOutputTokenName = "gen_ai.server.time_per_output_token"
+  GenAIServerTimePerOutputTokenUnit = "s"
+  GenAIServerTimePerOutputTokenDescription = "Time per output token generated after the first token for successful responses"
+  // GenAIServerTimeToFirstToken is the metric conforming to the
+  // "gen_ai.server.time_to_first_token" semantic conventions. It represents the
+  // time to generate first token for successful responses.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  GenAIServerTimeToFirstTokenName = "gen_ai.server.time_to_first_token"
+  GenAIServerTimeToFirstTokenUnit = "s"
+  GenAIServerTimeToFirstTokenDescription = "Time to generate first token for successful responses"
+  // GoConfigGogc is the metric conforming to the "go.config.gogc" semantic
+  // conventions. It represents the heap size target percentage configured by the
+  // user, otherwise 100.
+  // Instrument: updowncounter
+  // Unit: %
+  // Stability: development
+  GoConfigGogcName = "go.config.gogc"
+  GoConfigGogcUnit = "%"
+  GoConfigGogcDescription = "Heap size target percentage configured by the user, otherwise 100."
+  // GoGoroutineCount is the metric conforming to the "go.goroutine.count"
+  // semantic conventions. It represents the count of live goroutines.
+  // Instrument: updowncounter
+  // Unit: {goroutine}
+  // Stability: development
+  GoGoroutineCountName = "go.goroutine.count"
+  GoGoroutineCountUnit = "{goroutine}"
+  GoGoroutineCountDescription = "Count of live goroutines."
+  // GoMemoryAllocated is the metric conforming to the "go.memory.allocated"
+  // semantic conventions. It represents the memory allocated to the heap by the
+  // application.
+  // Instrument: counter
+  // Unit: By
+  // Stability: development
+  GoMemoryAllocatedName = "go.memory.allocated"
+  GoMemoryAllocatedUnit = "By"
+  GoMemoryAllocatedDescription = "Memory allocated to the heap by the application."
+  // GoMemoryAllocations is the metric conforming to the "go.memory.allocations"
+  // semantic conventions. It represents the count of allocations to the heap by
+  // the application.
+  // Instrument: counter
+  // Unit: {allocation}
+  // Stability: development
+  GoMemoryAllocationsName = "go.memory.allocations"
+  GoMemoryAllocationsUnit = "{allocation}"
+  GoMemoryAllocationsDescription = "Count of allocations to the heap by the application."
+  // GoMemoryGCGoal is the metric conforming to the "go.memory.gc.goal" semantic
+  // conventions. It represents the heap size target for the end of the GC cycle.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  GoMemoryGCGoalName = "go.memory.gc.goal"
+  GoMemoryGCGoalUnit = "By"
+  GoMemoryGCGoalDescription = "Heap size target for the end of the GC cycle."
+  // GoMemoryLimit is the metric conforming to the "go.memory.limit" semantic
+  // conventions. It represents the go runtime memory limit configured by the
+  // user, if a limit exists.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  GoMemoryLimitName = "go.memory.limit"
+  GoMemoryLimitUnit = "By"
+  GoMemoryLimitDescription = "Go runtime memory limit configured by the user, if a limit exists."
+  // GoMemoryUsed is the metric conforming to the "go.memory.used" semantic
+  // conventions. It represents the memory used by the Go runtime.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  GoMemoryUsedName = "go.memory.used"
+  GoMemoryUsedUnit = "By"
+  GoMemoryUsedDescription = "Memory used by the Go runtime."
+  // GoProcessorLimit is the metric conforming to the "go.processor.limit"
+  // semantic conventions. It represents the number of OS threads that can
+  // execute user-level Go code simultaneously.
+  // Instrument: updowncounter
+  // Unit: {thread}
+  // Stability: development
+  GoProcessorLimitName = "go.processor.limit"
+  GoProcessorLimitUnit = "{thread}"
+  GoProcessorLimitDescription = "The number of OS threads that can execute user-level Go code simultaneously."
+  // GoScheduleDuration is the metric conforming to the "go.schedule.duration"
+  // semantic conventions. It represents the time goroutines have spent in the
+  // scheduler in a runnable state before actually running.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  GoScheduleDurationName = "go.schedule.duration"
+  GoScheduleDurationUnit = "s"
+  GoScheduleDurationDescription = "The time goroutines have spent in the scheduler in a runnable state before actually running."
+  // HTTPClientActiveRequests is the metric conforming to the
+  // "http.client.active_requests" semantic conventions. It represents the number
+  // of active HTTP requests.
+  // Instrument: updowncounter
+  // Unit: {request}
+  // Stability: development
+  HTTPClientActiveRequestsName = "http.client.active_requests"
+  HTTPClientActiveRequestsUnit = "{request}"
+  HTTPClientActiveRequestsDescription = "Number of active HTTP requests."
+  // HTTPClientConnectionDuration is the metric conforming to the
+  // "http.client.connection.duration" semantic conventions. It represents the
+  // duration of the successfully established outbound HTTP connections.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  HTTPClientConnectionDurationName = "http.client.connection.duration"
+  HTTPClientConnectionDurationUnit = "s"
+  HTTPClientConnectionDurationDescription = "The duration of the successfully established outbound HTTP connections."
+  // HTTPClientOpenConnections is the metric conforming to the
+  // "http.client.open_connections" semantic conventions. It represents the
+  // number of outbound HTTP connections that are currently active or idle on the
+  // client.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: development
+  HTTPClientOpenConnectionsName = "http.client.open_connections"
+  HTTPClientOpenConnectionsUnit = "{connection}"
+  HTTPClientOpenConnectionsDescription = "Number of outbound HTTP connections that are currently active or idle on the client."
+  // HTTPClientRequestBodySize is the metric conforming to the
+  // "http.client.request.body.size" semantic conventions. It represents the size
+  // of HTTP client request bodies.
+  // Instrument: histogram
+  // Unit: By
+  // Stability: development
+  HTTPClientRequestBodySizeName = "http.client.request.body.size"
+  HTTPClientRequestBodySizeUnit = "By"
+  HTTPClientRequestBodySizeDescription = "Size of HTTP client request bodies."
+  // HTTPClientRequestDuration is the metric conforming to the
+  // "http.client.request.duration" semantic conventions. It represents the
+  // duration of HTTP client requests.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: stable
+  HTTPClientRequestDurationName = "http.client.request.duration"
+  HTTPClientRequestDurationUnit = "s"
+  HTTPClientRequestDurationDescription = "Duration of HTTP client requests."
+  // HTTPClientResponseBodySize is the metric conforming to the
+  // "http.client.response.body.size" semantic conventions. It represents the
+  // size of HTTP client response bodies.
+  // Instrument: histogram
+  // Unit: By
+  // Stability: development
+  HTTPClientResponseBodySizeName = "http.client.response.body.size"
+  HTTPClientResponseBodySizeUnit = "By"
+  HTTPClientResponseBodySizeDescription = "Size of HTTP client response bodies."
+  // HTTPServerActiveRequests is the metric conforming to the
+  // "http.server.active_requests" semantic conventions. It represents the number
+  // of active HTTP server requests.
+  // Instrument: updowncounter
+  // Unit: {request}
+  // Stability: development
+  HTTPServerActiveRequestsName = "http.server.active_requests"
+  HTTPServerActiveRequestsUnit = "{request}"
+  HTTPServerActiveRequestsDescription = "Number of active HTTP server requests."
+  // HTTPServerRequestBodySize is the metric conforming to the
+  // "http.server.request.body.size" semantic conventions. It represents the size
+  // of HTTP server request bodies.
+  // Instrument: histogram
+  // Unit: By
+  // Stability: development
+  HTTPServerRequestBodySizeName = "http.server.request.body.size"
+  HTTPServerRequestBodySizeUnit = "By"
+  HTTPServerRequestBodySizeDescription = "Size of HTTP server request bodies."
+  // HTTPServerRequestDuration is the metric conforming to the
+  // "http.server.request.duration" semantic conventions. It represents the
+  // duration of HTTP server requests.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: stable
+  HTTPServerRequestDurationName = "http.server.request.duration"
+  HTTPServerRequestDurationUnit = "s"
+  HTTPServerRequestDurationDescription = "Duration of HTTP server requests."
+  // HTTPServerResponseBodySize is the metric conforming to the
+  // "http.server.response.body.size" semantic conventions. It represents the
+  // size of HTTP server response bodies.
+  // Instrument: histogram
+  // Unit: By
+  // Stability: development
+  HTTPServerResponseBodySizeName = "http.server.response.body.size"
+  HTTPServerResponseBodySizeUnit = "By"
+  HTTPServerResponseBodySizeDescription = "Size of HTTP server response bodies."
+  // HwEnergy is the metric conforming to the "hw.energy" semantic conventions.
+  // It represents the energy consumed by the component.
+  // Instrument: counter
+  // Unit: J
+  // Stability: development
+  HwEnergyName = "hw.energy"
+  HwEnergyUnit = "J"
+  HwEnergyDescription = "Energy consumed by the component"
+  // HwErrors is the metric conforming to the "hw.errors" semantic conventions.
+  // It represents the number of errors encountered by the component.
+  // Instrument: counter
+  // Unit: {error}
+  // Stability: development
+  HwErrorsName = "hw.errors"
+  HwErrorsUnit = "{error}"
+  HwErrorsDescription = "Number of errors encountered by the component"
+  // HwPower is the metric conforming to the "hw.power" semantic conventions. It
+  // represents the instantaneous power consumed by the component.
+  // Instrument: gauge
+  // Unit: W
+  // Stability: development
+  HwPowerName = "hw.power"
+  HwPowerUnit = "W"
+  HwPowerDescription = "Instantaneous power consumed by the component"
+  // HwStatus is the metric conforming to the "hw.status" semantic conventions.
+  // It represents the operational status: `1` (true) or `0` (false) for each of
+  // the possible states.
+  // Instrument: updowncounter
+  // Unit: 1
+  // Stability: development
+  HwStatusName = "hw.status"
+  HwStatusUnit = "1"
+  HwStatusDescription = "Operational status: `1` (true) or `0` (false) for each of the possible states"
+  // K8SCronJobActiveJobs is the metric conforming to the
+  // "k8s.cronjob.active_jobs" semantic conventions. It represents the number of
+  // actively running jobs for a cronjob.
+  // Instrument: updowncounter
+  // Unit: {job}
+  // Stability: development
+  K8SCronJobActiveJobsName = "k8s.cronjob.active_jobs"
+  K8SCronJobActiveJobsUnit = "{job}"
+  K8SCronJobActiveJobsDescription = "The number of actively running jobs for a cronjob"
+  // K8SDaemonSetCurrentScheduledNodes is the metric conforming to the
+  // "k8s.daemonset.current_scheduled_nodes" semantic conventions. It represents
+  // the number of nodes that are running at least 1 daemon pod and are supposed
+  // to run the daemon pod.
+  // Instrument: updowncounter
+  // Unit: {node}
+  // Stability: development
+  K8SDaemonSetCurrentScheduledNodesName = "k8s.daemonset.current_scheduled_nodes"
+  K8SDaemonSetCurrentScheduledNodesUnit = "{node}"
+  K8SDaemonSetCurrentScheduledNodesDescription = "Number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod"
+  // K8SDaemonSetDesiredScheduledNodes is the metric conforming to the
+  // "k8s.daemonset.desired_scheduled_nodes" semantic conventions. It represents
+  // the number of nodes that should be running the daemon pod (including nodes
+  // currently running the daemon pod).
+  // Instrument: updowncounter
+  // Unit: {node}
+  // Stability: development
+  K8SDaemonSetDesiredScheduledNodesName = "k8s.daemonset.desired_scheduled_nodes"
+  K8SDaemonSetDesiredScheduledNodesUnit = "{node}"
+  K8SDaemonSetDesiredScheduledNodesDescription = "Number of nodes that should be running the daemon pod (including nodes currently running the daemon pod)"
+  // K8SDaemonSetMisscheduledNodes is the metric conforming to the
+  // "k8s.daemonset.misscheduled_nodes" semantic conventions. It represents the
+  // number of nodes that are running the daemon pod, but are not supposed to run
+  // the daemon pod.
+  // Instrument: updowncounter
+  // Unit: {node}
+  // Stability: development
+  K8SDaemonSetMisscheduledNodesName = "k8s.daemonset.misscheduled_nodes"
+  K8SDaemonSetMisscheduledNodesUnit = "{node}"
+  K8SDaemonSetMisscheduledNodesDescription = "Number of nodes that are running the daemon pod, but are not supposed to run the daemon pod"
+  // K8SDaemonSetReadyNodes is the metric conforming to the
+  // "k8s.daemonset.ready_nodes" semantic conventions. It represents the number
+  // of nodes that should be running the daemon pod and have one or more of the
+  // daemon pod running and ready.
+  // Instrument: updowncounter
+  // Unit: {node}
+  // Stability: development
+  K8SDaemonSetReadyNodesName = "k8s.daemonset.ready_nodes"
+  K8SDaemonSetReadyNodesUnit = "{node}"
+  K8SDaemonSetReadyNodesDescription = "Number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready"
+  // K8SDeploymentAvailablePods is the metric conforming to the
+  // "k8s.deployment.available_pods" semantic conventions. It represents the
+  // total number of available replica pods (ready for at least minReadySeconds)
+  // targeted by this deployment.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SDeploymentAvailablePodsName = "k8s.deployment.available_pods"
+  K8SDeploymentAvailablePodsUnit = "{pod}"
+  K8SDeploymentAvailablePodsDescription = "Total number of available replica pods (ready for at least minReadySeconds) targeted by this deployment"
+  // K8SDeploymentDesiredPods is the metric conforming to the
+  // "k8s.deployment.desired_pods" semantic conventions. It represents the number
+  // of desired replica pods in this deployment.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SDeploymentDesiredPodsName = "k8s.deployment.desired_pods"
+  K8SDeploymentDesiredPodsUnit = "{pod}"
+  K8SDeploymentDesiredPodsDescription = "Number of desired replica pods in this deployment"
+  // K8SHpaCurrentPods is the metric conforming to the "k8s.hpa.current_pods"
+  // semantic conventions. It represents the current number of replica pods
+  // managed by this horizontal pod autoscaler, as last seen by the autoscaler.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SHpaCurrentPodsName = "k8s.hpa.current_pods"
+  K8SHpaCurrentPodsUnit = "{pod}"
+  K8SHpaCurrentPodsDescription = "Current number of replica pods managed by this horizontal pod autoscaler, as last seen by the autoscaler"
+  // K8SHpaDesiredPods is the metric conforming to the "k8s.hpa.desired_pods"
+  // semantic conventions. It represents the desired number of replica pods
+  // managed by this horizontal pod autoscaler, as last calculated by the
+  // autoscaler.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SHpaDesiredPodsName = "k8s.hpa.desired_pods"
+  K8SHpaDesiredPodsUnit = "{pod}"
+  K8SHpaDesiredPodsDescription = "Desired number of replica pods managed by this horizontal pod autoscaler, as last calculated by the autoscaler"
+  // K8SHpaMaxPods is the metric conforming to the "k8s.hpa.max_pods" semantic
+  // conventions. It represents the upper limit for the number of replica pods to
+  // which the autoscaler can scale up.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SHpaMaxPodsName = "k8s.hpa.max_pods"
+  K8SHpaMaxPodsUnit = "{pod}"
+  K8SHpaMaxPodsDescription = "The upper limit for the number of replica pods to which the autoscaler can scale up"
+  // K8SHpaMinPods is the metric conforming to the "k8s.hpa.min_pods" semantic
+  // conventions. It represents the lower limit for the number of replica pods to
+  // which the autoscaler can scale down.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SHpaMinPodsName = "k8s.hpa.min_pods"
+  K8SHpaMinPodsUnit = "{pod}"
+  K8SHpaMinPodsDescription = "The lower limit for the number of replica pods to which the autoscaler can scale down"
+  // K8SJobActivePods is the metric conforming to the "k8s.job.active_pods"
+  // semantic conventions. It represents the number of pending and actively
+  // running pods for a job.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SJobActivePodsName = "k8s.job.active_pods"
+  K8SJobActivePodsUnit = "{pod}"
+  K8SJobActivePodsDescription = "The number of pending and actively running pods for a job"
+  // K8SJobDesiredSuccessfulPods is the metric conforming to the
+  // "k8s.job.desired_successful_pods" semantic conventions. It represents the
+  // desired number of successfully finished pods the job should be run with.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SJobDesiredSuccessfulPodsName = "k8s.job.desired_successful_pods"
+  K8SJobDesiredSuccessfulPodsUnit = "{pod}"
+  K8SJobDesiredSuccessfulPodsDescription = "The desired number of successfully finished pods the job should be run with"
+  // K8SJobFailedPods is the metric conforming to the "k8s.job.failed_pods"
+  // semantic conventions. It represents the number of pods which reached phase
+  // Failed for a job.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SJobFailedPodsName = "k8s.job.failed_pods"
+  K8SJobFailedPodsUnit = "{pod}"
+  K8SJobFailedPodsDescription = "The number of pods which reached phase Failed for a job"
+  // K8SJobMaxParallelPods is the metric conforming to the
+  // "k8s.job.max_parallel_pods" semantic conventions. It represents the max
+  // desired number of pods the job should run at any given time.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SJobMaxParallelPodsName = "k8s.job.max_parallel_pods"
+  K8SJobMaxParallelPodsUnit = "{pod}"
+  K8SJobMaxParallelPodsDescription = "The max desired number of pods the job should run at any given time"
+  // K8SJobSuccessfulPods is the metric conforming to the
+  // "k8s.job.successful_pods" semantic conventions. It represents the number of
+  // pods which reached phase Succeeded for a job.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SJobSuccessfulPodsName = "k8s.job.successful_pods"
+  K8SJobSuccessfulPodsUnit = "{pod}"
+  K8SJobSuccessfulPodsDescription = "The number of pods which reached phase Succeeded for a job"
+  // K8SNamespacePhase is the metric conforming to the "k8s.namespace.phase"
+  // semantic conventions. It represents the describes number of K8s namespaces
+  // that are currently in a given phase.
+  // Instrument: updowncounter
+  // Unit: {namespace}
+  // Stability: development
+  K8SNamespacePhaseName = "k8s.namespace.phase"
+  K8SNamespacePhaseUnit = "{namespace}"
+  K8SNamespacePhaseDescription = "Describes number of K8s namespaces that are currently in a given phase."
+  // K8SNodeCPUTime is the metric conforming to the "k8s.node.cpu.time" semantic
+  // conventions. It represents the total CPU time consumed.
+  // Instrument: counter
+  // Unit: s
+  // Stability: development
+  K8SNodeCPUTimeName = "k8s.node.cpu.time"
+  K8SNodeCPUTimeUnit = "s"
+  K8SNodeCPUTimeDescription = "Total CPU time consumed"
+  // K8SNodeCPUUsage is the metric conforming to the "k8s.node.cpu.usage"
+  // semantic conventions. It represents the node's CPU usage, measured in cpus.
+  // Range from 0 to the number of allocatable CPUs.
+  // Instrument: gauge
+  // Unit: {cpu}
+  // Stability: development
+  K8SNodeCPUUsageName = "k8s.node.cpu.usage"
+  K8SNodeCPUUsageUnit = "{cpu}"
+  K8SNodeCPUUsageDescription = "Node's CPU usage, measured in cpus. Range from 0 to the number of allocatable CPUs"
+  // K8SNodeMemoryUsage is the metric conforming to the "k8s.node.memory.usage"
+  // semantic conventions. It represents the memory usage of the Node.
+  // Instrument: gauge
+  // Unit: By
+  // Stability: development
+  K8SNodeMemoryUsageName = "k8s.node.memory.usage"
+  K8SNodeMemoryUsageUnit = "By"
+  K8SNodeMemoryUsageDescription = "Memory usage of the Node"
+  // K8SNodeNetworkErrors is the metric conforming to the
+  // "k8s.node.network.errors" semantic conventions. It represents the node
+  // network errors.
+  // Instrument: counter
+  // Unit: {error}
+  // Stability: development
+  K8SNodeNetworkErrorsName = "k8s.node.network.errors"
+  K8SNodeNetworkErrorsUnit = "{error}"
+  K8SNodeNetworkErrorsDescription = "Node network errors"
+  // K8SNodeNetworkIo is the metric conforming to the "k8s.node.network.io"
+  // semantic conventions. It represents the network bytes for the Node.
+  // Instrument: counter
+  // Unit: By
+  // Stability: development
+  K8SNodeNetworkIoName = "k8s.node.network.io"
+  K8SNodeNetworkIoUnit = "By"
+  K8SNodeNetworkIoDescription = "Network bytes for the Node"
+  // K8SNodeUptime is the metric conforming to the "k8s.node.uptime" semantic
+  // conventions. It represents the time the Node has been running.
+  // Instrument: gauge
+  // Unit: s
+  // Stability: development
+  K8SNodeUptimeName = "k8s.node.uptime"
+  K8SNodeUptimeUnit = "s"
+  K8SNodeUptimeDescription = "The time the Node has been running"
+  // K8SPodCPUTime is the metric conforming to the "k8s.pod.cpu.time" semantic
+  // conventions. It represents the total CPU time consumed.
+  // Instrument: counter
+  // Unit: s
+  // Stability: development
+  K8SPodCPUTimeName = "k8s.pod.cpu.time"
+  K8SPodCPUTimeUnit = "s"
+  K8SPodCPUTimeDescription = "Total CPU time consumed"
+  // K8SPodCPUUsage is the metric conforming to the "k8s.pod.cpu.usage" semantic
+  // conventions. It represents the pod's CPU usage, measured in cpus. Range from
+  // 0 to the number of allocatable CPUs.
+  // Instrument: gauge
+  // Unit: {cpu}
+  // Stability: development
+  K8SPodCPUUsageName = "k8s.pod.cpu.usage"
+  K8SPodCPUUsageUnit = "{cpu}"
+  K8SPodCPUUsageDescription = "Pod's CPU usage, measured in cpus. Range from 0 to the number of allocatable CPUs"
+  // K8SPodMemoryUsage is the metric conforming to the "k8s.pod.memory.usage"
+  // semantic conventions. It represents the memory usage of the Pod.
+  // Instrument: gauge
+  // Unit: By
+  // Stability: development
+  K8SPodMemoryUsageName = "k8s.pod.memory.usage"
+  K8SPodMemoryUsageUnit = "By"
+  K8SPodMemoryUsageDescription = "Memory usage of the Pod"
+  // K8SPodNetworkErrors is the metric conforming to the "k8s.pod.network.errors"
+  // semantic conventions. It represents the pod network errors.
+  // Instrument: counter
+  // Unit: {error}
+  // Stability: development
+  K8SPodNetworkErrorsName = "k8s.pod.network.errors"
+  K8SPodNetworkErrorsUnit = "{error}"
+  K8SPodNetworkErrorsDescription = "Pod network errors"
+  // K8SPodNetworkIo is the metric conforming to the "k8s.pod.network.io"
+  // semantic conventions. It represents the network bytes for the Pod.
+  // Instrument: counter
+  // Unit: By
+  // Stability: development
+  K8SPodNetworkIoName = "k8s.pod.network.io"
+  K8SPodNetworkIoUnit = "By"
+  K8SPodNetworkIoDescription = "Network bytes for the Pod"
+  // K8SPodUptime is the metric conforming to the "k8s.pod.uptime" semantic
+  // conventions. It represents the time the Pod has been running.
+  // Instrument: gauge
+  // Unit: s
+  // Stability: development
+  K8SPodUptimeName = "k8s.pod.uptime"
+  K8SPodUptimeUnit = "s"
+  K8SPodUptimeDescription = "The time the Pod has been running"
+  // K8SReplicaSetAvailablePods is the metric conforming to the
+  // "k8s.replicaset.available_pods" semantic conventions. It represents the
+  // total number of available replica pods (ready for at least minReadySeconds)
+  // targeted by this replicaset.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SReplicaSetAvailablePodsName = "k8s.replicaset.available_pods"
+  K8SReplicaSetAvailablePodsUnit = "{pod}"
+  K8SReplicaSetAvailablePodsDescription = "Total number of available replica pods (ready for at least minReadySeconds) targeted by this replicaset"
+  // K8SReplicaSetDesiredPods is the metric conforming to the
+  // "k8s.replicaset.desired_pods" semantic conventions. It represents the number
+  // of desired replica pods in this replicaset.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SReplicaSetDesiredPodsName = "k8s.replicaset.desired_pods"
+  K8SReplicaSetDesiredPodsUnit = "{pod}"
+  K8SReplicaSetDesiredPodsDescription = "Number of desired replica pods in this replicaset"
+  // K8SReplicationControllerAvailablePods is the metric conforming to the
+  // "k8s.replication_controller.available_pods" semantic conventions. It
+  // represents the total number of available replica pods (ready for at least
+  // minReadySeconds) targeted by this replication controller.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SReplicationControllerAvailablePodsName = "k8s.replication_controller.available_pods"
+  K8SReplicationControllerAvailablePodsUnit = "{pod}"
+  K8SReplicationControllerAvailablePodsDescription = "Total number of available replica pods (ready for at least minReadySeconds) targeted by this replication controller"
+  // K8SReplicationControllerDesiredPods is the metric conforming to the
+  // "k8s.replication_controller.desired_pods" semantic conventions. It
+  // represents the number of desired replica pods in this replication
+  // controller.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SReplicationControllerDesiredPodsName = "k8s.replication_controller.desired_pods"
+  K8SReplicationControllerDesiredPodsUnit = "{pod}"
+  K8SReplicationControllerDesiredPodsDescription = "Number of desired replica pods in this replication controller"
+  // K8SStatefulSetCurrentPods is the metric conforming to the
+  // "k8s.statefulset.current_pods" semantic conventions. It represents the
+  // number of replica pods created by the statefulset controller from the
+  // statefulset version indicated by currentRevision.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SStatefulSetCurrentPodsName = "k8s.statefulset.current_pods"
+  K8SStatefulSetCurrentPodsUnit = "{pod}"
+  K8SStatefulSetCurrentPodsDescription = "The number of replica pods created by the statefulset controller from the statefulset version indicated by currentRevision"
+  // K8SStatefulSetDesiredPods is the metric conforming to the
+  // "k8s.statefulset.desired_pods" semantic conventions. It represents the
+  // number of desired replica pods in this statefulset.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SStatefulSetDesiredPodsName = "k8s.statefulset.desired_pods"
+  K8SStatefulSetDesiredPodsUnit = "{pod}"
+  K8SStatefulSetDesiredPodsDescription = "Number of desired replica pods in this statefulset"
+  // K8SStatefulSetReadyPods is the metric conforming to the
+  // "k8s.statefulset.ready_pods" semantic conventions. It represents the number
+  // of replica pods created for this statefulset with a Ready Condition.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SStatefulSetReadyPodsName = "k8s.statefulset.ready_pods"
+  K8SStatefulSetReadyPodsUnit = "{pod}"
+  K8SStatefulSetReadyPodsDescription = "The number of replica pods created for this statefulset with a Ready Condition"
+  // K8SStatefulSetUpdatedPods is the metric conforming to the
+  // "k8s.statefulset.updated_pods" semantic conventions. It represents the
+  // number of replica pods created by the statefulset controller from the
+  // statefulset version indicated by updateRevision.
+  // Instrument: updowncounter
+  // Unit: {pod}
+  // Stability: development
+  K8SStatefulSetUpdatedPodsName = "k8s.statefulset.updated_pods"
+  K8SStatefulSetUpdatedPodsUnit = "{pod}"
+  K8SStatefulSetUpdatedPodsDescription = "Number of replica pods created by the statefulset controller from the statefulset version indicated by updateRevision"
+  // KestrelActiveConnections is the metric conforming to the
+  // "kestrel.active_connections" semantic conventions. It represents the number
+  // of connections that are currently active on the server.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: stable
+  KestrelActiveConnectionsName = "kestrel.active_connections"
+  KestrelActiveConnectionsUnit = "{connection}"
+  KestrelActiveConnectionsDescription = "Number of connections that are currently active on the server."
+  // KestrelActiveTLSHandshakes is the metric conforming to the
+  // "kestrel.active_tls_handshakes" semantic conventions. It represents the
+  // number of TLS handshakes that are currently in progress on the server.
+  // Instrument: updowncounter
+  // Unit: {handshake}
+  // Stability: stable
+  KestrelActiveTLSHandshakesName = "kestrel.active_tls_handshakes"
+  KestrelActiveTLSHandshakesUnit = "{handshake}"
+  KestrelActiveTLSHandshakesDescription = "Number of TLS handshakes that are currently in progress on the server."
+  // KestrelConnectionDuration is the metric conforming to the
+  // "kestrel.connection.duration" semantic conventions. It represents the
+  // duration of connections on the server.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: stable
+  KestrelConnectionDurationName = "kestrel.connection.duration"
+  KestrelConnectionDurationUnit = "s"
+  KestrelConnectionDurationDescription = "The duration of connections on the server."
+  // KestrelQueuedConnections is the metric conforming to the
+  // "kestrel.queued_connections" semantic conventions. It represents the number
+  // of connections that are currently queued and are waiting to start.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: stable
+  KestrelQueuedConnectionsName = "kestrel.queued_connections"
+  KestrelQueuedConnectionsUnit = "{connection}"
+  KestrelQueuedConnectionsDescription = "Number of connections that are currently queued and are waiting to start."
+  // KestrelQueuedRequests is the metric conforming to the
+  // "kestrel.queued_requests" semantic conventions. It represents the number of
+  // HTTP requests on multiplexed connections (HTTP/2 and HTTP/3) that are
+  // currently queued and are waiting to start.
+  // Instrument: updowncounter
+  // Unit: {request}
+  // Stability: stable
+  KestrelQueuedRequestsName = "kestrel.queued_requests"
+  KestrelQueuedRequestsUnit = "{request}"
+  KestrelQueuedRequestsDescription = "Number of HTTP requests on multiplexed connections (HTTP/2 and HTTP/3) that are currently queued and are waiting to start."
+  // KestrelRejectedConnections is the metric conforming to the
+  // "kestrel.rejected_connections" semantic conventions. It represents the
+  // number of connections rejected by the server.
+  // Instrument: counter
+  // Unit: {connection}
+  // Stability: stable
+  KestrelRejectedConnectionsName = "kestrel.rejected_connections"
+  KestrelRejectedConnectionsUnit = "{connection}"
+  KestrelRejectedConnectionsDescription = "Number of connections rejected by the server."
+  // KestrelTLSHandshakeDuration is the metric conforming to the
+  // "kestrel.tls_handshake.duration" semantic conventions. It represents the
+  // duration of TLS handshakes on the server.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: stable
+  KestrelTLSHandshakeDurationName = "kestrel.tls_handshake.duration"
+  KestrelTLSHandshakeDurationUnit = "s"
+  KestrelTLSHandshakeDurationDescription = "The duration of TLS handshakes on the server."
+  // KestrelUpgradedConnections is the metric conforming to the
+  // "kestrel.upgraded_connections" semantic conventions. It represents the
+  // number of connections that are currently upgraded (WebSockets). .
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: stable
+  KestrelUpgradedConnectionsName = "kestrel.upgraded_connections"
+  KestrelUpgradedConnectionsUnit = "{connection}"
+  KestrelUpgradedConnectionsDescription = "Number of connections that are currently upgraded (WebSockets). ."
+  // MessagingClientConsumedMessages is the metric conforming to the
+  // "messaging.client.consumed.messages" semantic conventions. It represents the
+  // number of messages that were delivered to the application.
+  // Instrument: counter
+  // Unit: {message}
+  // Stability: development
+  MessagingClientConsumedMessagesName = "messaging.client.consumed.messages"
+  MessagingClientConsumedMessagesUnit = "{message}"
+  MessagingClientConsumedMessagesDescription = "Number of messages that were delivered to the application."
+  // MessagingClientOperationDuration is the metric conforming to the
+  // "messaging.client.operation.duration" semantic conventions. It represents
+  // the duration of messaging operation initiated by a producer or consumer
+  // client.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  MessagingClientOperationDurationName = "messaging.client.operation.duration"
+  MessagingClientOperationDurationUnit = "s"
+  MessagingClientOperationDurationDescription = "Duration of messaging operation initiated by a producer or consumer client."
+  // MessagingClientPublishedMessages is the metric conforming to the
+  // "messaging.client.published.messages" semantic conventions. It represents
+  // the deprecated. Use `messaging.client.sent.messages` instead.
+  // Instrument: counter
+  // Unit: {message}
+  // Stability: development
+  // Deprecated: Replaced by `messaging.client.sent.messages`.
+  MessagingClientPublishedMessagesName = "messaging.client.published.messages"
+  MessagingClientPublishedMessagesUnit = "{message}"
+  MessagingClientPublishedMessagesDescription = "Deprecated. Use `messaging.client.sent.messages` instead."
+  // MessagingClientSentMessages is the metric conforming to the
+  // "messaging.client.sent.messages" semantic conventions. It represents the
+  // number of messages producer attempted to send to the broker.
+  // Instrument: counter
+  // Unit: {message}
+  // Stability: development
+  MessagingClientSentMessagesName = "messaging.client.sent.messages"
+  MessagingClientSentMessagesUnit = "{message}"
+  MessagingClientSentMessagesDescription = "Number of messages producer attempted to send to the broker."
+  // MessagingProcessDuration is the metric conforming to the
+  // "messaging.process.duration" semantic conventions. It represents the
+  // duration of processing operation.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  MessagingProcessDurationName = "messaging.process.duration"
+  MessagingProcessDurationUnit = "s"
+  MessagingProcessDurationDescription = "Duration of processing operation."
+  // MessagingProcessMessages is the metric conforming to the
+  // "messaging.process.messages" semantic conventions. It represents the
+  // deprecated. Use `messaging.client.consumed.messages` instead.
+  // Instrument: counter
+  // Unit: {message}
+  // Stability: development
+  // Deprecated: Replaced by `messaging.client.consumed.messages`.
+  MessagingProcessMessagesName = "messaging.process.messages"
+  MessagingProcessMessagesUnit = "{message}"
+  MessagingProcessMessagesDescription = "Deprecated. Use `messaging.client.consumed.messages` instead."
+  // MessagingPublishDuration is the metric conforming to the
+  // "messaging.publish.duration" semantic conventions. It represents the
+  // deprecated. Use `messaging.client.operation.duration` instead.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  // Deprecated: Replaced by `messaging.client.operation.duration`.
+  MessagingPublishDurationName = "messaging.publish.duration"
+  MessagingPublishDurationUnit = "s"
+  MessagingPublishDurationDescription = "Deprecated. Use `messaging.client.operation.duration` instead."
+  // MessagingPublishMessages is the metric conforming to the
+  // "messaging.publish.messages" semantic conventions. It represents the
+  // deprecated. Use `messaging.client.produced.messages` instead.
+  // Instrument: counter
+  // Unit: {message}
+  // Stability: development
+  // Deprecated: Replaced by `messaging.client.produced.messages`.
+  MessagingPublishMessagesName = "messaging.publish.messages"
+  MessagingPublishMessagesUnit = "{message}"
+  MessagingPublishMessagesDescription = "Deprecated. Use `messaging.client.produced.messages` instead."
+  // MessagingReceiveDuration is the metric conforming to the
+  // "messaging.receive.duration" semantic conventions. It represents the
+  // deprecated. Use `messaging.client.operation.duration` instead.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: development
+  // Deprecated: Replaced by `messaging.client.operation.duration`.
+  MessagingReceiveDurationName = "messaging.receive.duration"
+  MessagingReceiveDurationUnit = "s"
+  MessagingReceiveDurationDescription = "Deprecated. Use `messaging.client.operation.duration` instead."
+  // MessagingReceiveMessages is the metric conforming to the
+  // "messaging.receive.messages" semantic conventions. It represents the
+  // deprecated. Use `messaging.client.consumed.messages` instead.
+  // Instrument: counter
+  // Unit: {message}
+  // Stability: development
+  // Deprecated: Replaced by `messaging.client.consumed.messages`.
+  MessagingReceiveMessagesName = "messaging.receive.messages"
+  MessagingReceiveMessagesUnit = "{message}"
+  MessagingReceiveMessagesDescription = "Deprecated. Use `messaging.client.consumed.messages` instead."
+  // ProcessContextSwitches is the metric conforming to the
+  // "process.context_switches" semantic conventions. It represents the number of
+  // times the process has been context switched.
+  // Instrument: counter
+  // Unit: {count}
+  // Stability: development
+  ProcessContextSwitchesName = "process.context_switches"
+  ProcessContextSwitchesUnit = "{count}"
+  ProcessContextSwitchesDescription = "Number of times the process has been context switched."
+  // ProcessCPUTime is the metric conforming to the "process.cpu.time" semantic
+  // conventions. It represents the total CPU seconds broken down by different
+  // states.
+  // Instrument: counter
+  // Unit: s
+  // Stability: development
+  ProcessCPUTimeName = "process.cpu.time"
+  ProcessCPUTimeUnit = "s"
+  ProcessCPUTimeDescription = "Total CPU seconds broken down by different states."
+  // ProcessCPUUtilization is the metric conforming to the
+  // "process.cpu.utilization" semantic conventions. It represents the difference
+  // in process.cpu.time since the last measurement, divided by the elapsed time
+  // and number of CPUs available to the process.
+  // Instrument: gauge
+  // Unit: 1
+  // Stability: development
+  ProcessCPUUtilizationName = "process.cpu.utilization"
+  ProcessCPUUtilizationUnit = "1"
+  ProcessCPUUtilizationDescription = "Difference in process.cpu.time since the last measurement, divided by the elapsed time and number of CPUs available to the process."
+  // ProcessDiskIo is the metric conforming to the "process.disk.io" semantic
+  // conventions. It represents the disk bytes transferred.
+  // Instrument: counter
+  // Unit: By
+  // Stability: development
+  ProcessDiskIoName = "process.disk.io"
+  ProcessDiskIoUnit = "By"
+  ProcessDiskIoDescription = "Disk bytes transferred."
+  // ProcessMemoryUsage is the metric conforming to the "process.memory.usage"
+  // semantic conventions. It represents the amount of physical memory in use.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  ProcessMemoryUsageName = "process.memory.usage"
+  ProcessMemoryUsageUnit = "By"
+  ProcessMemoryUsageDescription = "The amount of physical memory in use."
+  // ProcessMemoryVirtual is the metric conforming to the
+  // "process.memory.virtual" semantic conventions. It represents the amount of
+  // committed virtual memory.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  ProcessMemoryVirtualName = "process.memory.virtual"
+  ProcessMemoryVirtualUnit = "By"
+  ProcessMemoryVirtualDescription = "The amount of committed virtual memory."
+  // ProcessNetworkIo is the metric conforming to the "process.network.io"
+  // semantic conventions. It represents the network bytes transferred.
+  // Instrument: counter
+  // Unit: By
+  // Stability: development
+  ProcessNetworkIoName = "process.network.io"
+  ProcessNetworkIoUnit = "By"
+  ProcessNetworkIoDescription = "Network bytes transferred."
+  // ProcessOpenFileDescriptorCount is the metric conforming to the
+  // "process.open_file_descriptor.count" semantic conventions. It represents the
+  // number of file descriptors in use by the process.
+  // Instrument: updowncounter
+  // Unit: {count}
+  // Stability: development
+  ProcessOpenFileDescriptorCountName = "process.open_file_descriptor.count"
+  ProcessOpenFileDescriptorCountUnit = "{count}"
+  ProcessOpenFileDescriptorCountDescription = "Number of file descriptors in use by the process."
+  // ProcessPagingFaults is the metric conforming to the "process.paging.faults"
+  // semantic conventions. It represents the number of page faults the process
+  // has made.
+  // Instrument: counter
+  // Unit: {fault}
+  // Stability: development
+  ProcessPagingFaultsName = "process.paging.faults"
+  ProcessPagingFaultsUnit = "{fault}"
+  ProcessPagingFaultsDescription = "Number of page faults the process has made."
+  // ProcessThreadCount is the metric conforming to the "process.thread.count"
+  // semantic conventions. It represents the process threads count.
+  // Instrument: updowncounter
+  // Unit: {thread}
+  // Stability: development
+  ProcessThreadCountName = "process.thread.count"
+  ProcessThreadCountUnit = "{thread}"
+  ProcessThreadCountDescription = "Process threads count."
+  // ProcessUptime is the metric conforming to the "process.uptime" semantic
+  // conventions. It represents the time the process has been running.
+  // Instrument: gauge
+  // Unit: s
+  // Stability: development
+  ProcessUptimeName = "process.uptime"
+  ProcessUptimeUnit = "s"
+  ProcessUptimeDescription = "The time the process has been running."
+  // RPCClientDuration is the metric conforming to the "rpc.client.duration"
+  // semantic conventions. It represents the measures the duration of outbound
+  // RPC.
+  // Instrument: histogram
+  // Unit: ms
+  // Stability: development
+  RPCClientDurationName = "rpc.client.duration"
+  RPCClientDurationUnit = "ms"
+  RPCClientDurationDescription = "Measures the duration of outbound RPC."
+  // RPCClientRequestSize is the metric conforming to the
+  // "rpc.client.request.size" semantic conventions. It represents the measures
+  // the size of RPC request messages (uncompressed).
+  // Instrument: histogram
+  // Unit: By
+  // Stability: development
+  RPCClientRequestSizeName = "rpc.client.request.size"
+  RPCClientRequestSizeUnit = "By"
+  RPCClientRequestSizeDescription = "Measures the size of RPC request messages (uncompressed)."
+  // RPCClientRequestsPerRPC is the metric conforming to the
+  // "rpc.client.requests_per_rpc" semantic conventions. It represents the
+  // measures the number of messages received per RPC.
+  // Instrument: histogram
+  // Unit: {count}
+  // Stability: development
+  RPCClientRequestsPerRPCName = "rpc.client.requests_per_rpc"
+  RPCClientRequestsPerRPCUnit = "{count}"
+  RPCClientRequestsPerRPCDescription = "Measures the number of messages received per RPC."
+  // RPCClientResponseSize is the metric conforming to the
+  // "rpc.client.response.size" semantic conventions. It represents the measures
+  // the size of RPC response messages (uncompressed).
+  // Instrument: histogram
+  // Unit: By
+  // Stability: development
+  RPCClientResponseSizeName = "rpc.client.response.size"
+  RPCClientResponseSizeUnit = "By"
+  RPCClientResponseSizeDescription = "Measures the size of RPC response messages (uncompressed)."
+  // RPCClientResponsesPerRPC is the metric conforming to the
+  // "rpc.client.responses_per_rpc" semantic conventions. It represents the
+  // measures the number of messages sent per RPC.
+  // Instrument: histogram
+  // Unit: {count}
+  // Stability: development
+  RPCClientResponsesPerRPCName = "rpc.client.responses_per_rpc"
+  RPCClientResponsesPerRPCUnit = "{count}"
+  RPCClientResponsesPerRPCDescription = "Measures the number of messages sent per RPC."
+  // RPCServerDuration is the metric conforming to the "rpc.server.duration"
+  // semantic conventions. It represents the measures the duration of inbound
+  // RPC.
+  // Instrument: histogram
+  // Unit: ms
+  // Stability: development
+  RPCServerDurationName = "rpc.server.duration"
+  RPCServerDurationUnit = "ms"
+  RPCServerDurationDescription = "Measures the duration of inbound RPC."
+  // RPCServerRequestSize is the metric conforming to the
+  // "rpc.server.request.size" semantic conventions. It represents the measures
+  // the size of RPC request messages (uncompressed).
+  // Instrument: histogram
+  // Unit: By
+  // Stability: development
+  RPCServerRequestSizeName = "rpc.server.request.size"
+  RPCServerRequestSizeUnit = "By"
+  RPCServerRequestSizeDescription = "Measures the size of RPC request messages (uncompressed)."
+  // RPCServerRequestsPerRPC is the metric conforming to the
+  // "rpc.server.requests_per_rpc" semantic conventions. It represents the
+  // measures the number of messages received per RPC.
+  // Instrument: histogram
+  // Unit: {count}
+  // Stability: development
+  RPCServerRequestsPerRPCName = "rpc.server.requests_per_rpc"
+  RPCServerRequestsPerRPCUnit = "{count}"
+  RPCServerRequestsPerRPCDescription = "Measures the number of messages received per RPC."
+  // RPCServerResponseSize is the metric conforming to the
+  // "rpc.server.response.size" semantic conventions. It represents the measures
+  // the size of RPC response messages (uncompressed).
+  // Instrument: histogram
+  // Unit: By
+  // Stability: development
+  RPCServerResponseSizeName = "rpc.server.response.size"
+  RPCServerResponseSizeUnit = "By"
+  RPCServerResponseSizeDescription = "Measures the size of RPC response messages (uncompressed)."
+  // RPCServerResponsesPerRPC is the metric conforming to the
+  // "rpc.server.responses_per_rpc" semantic conventions. It represents the
+  // measures the number of messages sent per RPC.
+  // Instrument: histogram
+  // Unit: {count}
+  // Stability: development
+  RPCServerResponsesPerRPCName = "rpc.server.responses_per_rpc"
+  RPCServerResponsesPerRPCUnit = "{count}"
+  RPCServerResponsesPerRPCDescription = "Measures the number of messages sent per RPC."
+  // SignalrServerActiveConnections is the metric conforming to the
+  // "signalr.server.active_connections" semantic conventions. It represents the
+  // number of connections that are currently active on the server.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: stable
+  SignalrServerActiveConnectionsName = "signalr.server.active_connections"
+  SignalrServerActiveConnectionsUnit = "{connection}"
+  SignalrServerActiveConnectionsDescription = "Number of connections that are currently active on the server."
+  // SignalrServerConnectionDuration is the metric conforming to the
+  // "signalr.server.connection.duration" semantic conventions. It represents the
+  // duration of connections on the server.
+  // Instrument: histogram
+  // Unit: s
+  // Stability: stable
+  SignalrServerConnectionDurationName = "signalr.server.connection.duration"
+  SignalrServerConnectionDurationUnit = "s"
+  SignalrServerConnectionDurationDescription = "The duration of connections on the server."
+  // SystemCPUFrequency is the metric conforming to the "system.cpu.frequency"
+  // semantic conventions. It represents the reports the current frequency of the
+  // CPU in Hz.
+  // Instrument: gauge
+  // Unit: {Hz}
+  // Stability: development
+  SystemCPUFrequencyName = "system.cpu.frequency"
+  SystemCPUFrequencyUnit = "{Hz}"
+  SystemCPUFrequencyDescription = "Reports the current frequency of the CPU in Hz"
+  // SystemCPULogicalCount is the metric conforming to the
+  // "system.cpu.logical.count" semantic conventions. It represents the reports
+  // the number of logical (virtual) processor cores created by the operating
+  // system to manage multitasking.
+  // Instrument: updowncounter
+  // Unit: {cpu}
+  // Stability: development
+  SystemCPULogicalCountName = "system.cpu.logical.count"
+  SystemCPULogicalCountUnit = "{cpu}"
+  SystemCPULogicalCountDescription = "Reports the number of logical (virtual) processor cores created by the operating system to manage multitasking"
+  // SystemCPUPhysicalCount is the metric conforming to the
+  // "system.cpu.physical.count" semantic conventions. It represents the reports
+  // the number of actual physical processor cores on the hardware.
+  // Instrument: updowncounter
+  // Unit: {cpu}
+  // Stability: development
+  SystemCPUPhysicalCountName = "system.cpu.physical.count"
+  SystemCPUPhysicalCountUnit = "{cpu}"
+  SystemCPUPhysicalCountDescription = "Reports the number of actual physical processor cores on the hardware"
+  // SystemCPUTime is the metric conforming to the "system.cpu.time" semantic
+  // conventions. It represents the seconds each logical CPU spent on each mode.
+  // Instrument: counter
+  // Unit: s
+  // Stability: development
+  SystemCPUTimeName = "system.cpu.time"
+  SystemCPUTimeUnit = "s"
+  SystemCPUTimeDescription = "Seconds each logical CPU spent on each mode"
+  // SystemCPUUtilization is the metric conforming to the
+  // "system.cpu.utilization" semantic conventions. It represents the difference
+  // in system.cpu.time since the last measurement, divided by the elapsed time
+  // and number of logical CPUs.
+  // Instrument: gauge
+  // Unit: 1
+  // Stability: development
+  SystemCPUUtilizationName = "system.cpu.utilization"
+  SystemCPUUtilizationUnit = "1"
+  SystemCPUUtilizationDescription = "Difference in system.cpu.time since the last measurement, divided by the elapsed time and number of logical CPUs"
+  // SystemDiskIo is the metric conforming to the "system.disk.io" semantic
+  // conventions.
+  // Instrument: counter
+  // Unit: By
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemDiskIoName = "system.disk.io"
+  SystemDiskIoUnit = "By"
+  // SystemDiskIoTime is the metric conforming to the "system.disk.io_time"
+  // semantic conventions. It represents the time disk spent activated.
+  // Instrument: counter
+  // Unit: s
+  // Stability: development
+  SystemDiskIoTimeName = "system.disk.io_time"
+  SystemDiskIoTimeUnit = "s"
+  SystemDiskIoTimeDescription = "Time disk spent activated"
+  // SystemDiskLimit is the metric conforming to the "system.disk.limit" semantic
+  // conventions. It represents the total storage capacity of the disk.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  SystemDiskLimitName = "system.disk.limit"
+  SystemDiskLimitUnit = "By"
+  SystemDiskLimitDescription = "The total storage capacity of the disk"
+  // SystemDiskMerged is the metric conforming to the "system.disk.merged"
+  // semantic conventions.
+  // Instrument: counter
+  // Unit: {operation}
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemDiskMergedName = "system.disk.merged"
+  SystemDiskMergedUnit = "{operation}"
+  // SystemDiskOperationTime is the metric conforming to the
+  // "system.disk.operation_time" semantic conventions. It represents the sum of
+  // the time each operation took to complete.
+  // Instrument: counter
+  // Unit: s
+  // Stability: development
+  SystemDiskOperationTimeName = "system.disk.operation_time"
+  SystemDiskOperationTimeUnit = "s"
+  SystemDiskOperationTimeDescription = "Sum of the time each operation took to complete"
+  // SystemDiskOperations is the metric conforming to the
+  // "system.disk.operations" semantic conventions.
+  // Instrument: counter
+  // Unit: {operation}
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemDiskOperationsName = "system.disk.operations"
+  SystemDiskOperationsUnit = "{operation}"
+  // SystemFilesystemLimit is the metric conforming to the
+  // "system.filesystem.limit" semantic conventions. It represents the total
+  // storage capacity of the filesystem.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  SystemFilesystemLimitName = "system.filesystem.limit"
+  SystemFilesystemLimitUnit = "By"
+  SystemFilesystemLimitDescription = "The total storage capacity of the filesystem"
+  // SystemFilesystemUsage is the metric conforming to the
+  // "system.filesystem.usage" semantic conventions. It represents the reports a
+  // filesystem's space usage across different states.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  SystemFilesystemUsageName = "system.filesystem.usage"
+  SystemFilesystemUsageUnit = "By"
+  SystemFilesystemUsageDescription = "Reports a filesystem's space usage across different states."
+  // SystemFilesystemUtilization is the metric conforming to the
+  // "system.filesystem.utilization" semantic conventions.
+  // Instrument: gauge
+  // Unit: 1
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemFilesystemUtilizationName = "system.filesystem.utilization"
+  SystemFilesystemUtilizationUnit = "1"
+  // SystemLinuxMemoryAvailable is the metric conforming to the
+  // "system.linux.memory.available" semantic conventions. It represents an
+  // estimate of how much memory is available for starting new applications,
+  // without causing swapping.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  SystemLinuxMemoryAvailableName = "system.linux.memory.available"
+  SystemLinuxMemoryAvailableUnit = "By"
+  SystemLinuxMemoryAvailableDescription = "An estimate of how much memory is available for starting new applications, without causing swapping"
+  // SystemLinuxMemorySlabUsage is the metric conforming to the
+  // "system.linux.memory.slab.usage" semantic conventions. It represents the
+  // reports the memory used by the Linux kernel for managing caches of
+  // frequently used objects.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  SystemLinuxMemorySlabUsageName = "system.linux.memory.slab.usage"
+  SystemLinuxMemorySlabUsageUnit = "By"
+  SystemLinuxMemorySlabUsageDescription = "Reports the memory used by the Linux kernel for managing caches of frequently used objects."
+  // SystemMemoryLimit is the metric conforming to the "system.memory.limit"
+  // semantic conventions. It represents the total memory available in the
+  // system.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  SystemMemoryLimitName = "system.memory.limit"
+  SystemMemoryLimitUnit = "By"
+  SystemMemoryLimitDescription = "Total memory available in the system."
+  // SystemMemoryShared is the metric conforming to the "system.memory.shared"
+  // semantic conventions. It represents the shared memory used (mostly by
+  // tmpfs).
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  SystemMemorySharedName = "system.memory.shared"
+  SystemMemorySharedUnit = "By"
+  SystemMemorySharedDescription = "Shared memory used (mostly by tmpfs)."
+  // SystemMemoryUsage is the metric conforming to the "system.memory.usage"
+  // semantic conventions. It represents the reports memory in use by state.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  SystemMemoryUsageName = "system.memory.usage"
+  SystemMemoryUsageUnit = "By"
+  SystemMemoryUsageDescription = "Reports memory in use by state."
+  // SystemMemoryUtilization is the metric conforming to the
+  // "system.memory.utilization" semantic conventions.
+  // Instrument: gauge
+  // Unit: 1
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemMemoryUtilizationName = "system.memory.utilization"
+  SystemMemoryUtilizationUnit = "1"
+  // SystemNetworkConnections is the metric conforming to the
+  // "system.network.connections" semantic conventions.
+  // Instrument: updowncounter
+  // Unit: {connection}
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemNetworkConnectionsName = "system.network.connections"
+  SystemNetworkConnectionsUnit = "{connection}"
+  // SystemNetworkDropped is the metric conforming to the
+  // "system.network.dropped" semantic conventions. It represents the count of
+  // packets that are dropped or discarded even though there was no error.
+  // Instrument: counter
+  // Unit: {packet}
+  // Stability: development
+  SystemNetworkDroppedName = "system.network.dropped"
+  SystemNetworkDroppedUnit = "{packet}"
+  SystemNetworkDroppedDescription = "Count of packets that are dropped or discarded even though there was no error"
+  // SystemNetworkErrors is the metric conforming to the "system.network.errors"
+  // semantic conventions. It represents the count of network errors detected.
+  // Instrument: counter
+  // Unit: {error}
+  // Stability: development
+  SystemNetworkErrorsName = "system.network.errors"
+  SystemNetworkErrorsUnit = "{error}"
+  SystemNetworkErrorsDescription = "Count of network errors detected"
+  // SystemNetworkIo is the metric conforming to the "system.network.io" semantic
+  // conventions.
+  // Instrument: counter
+  // Unit: By
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemNetworkIoName = "system.network.io"
+  SystemNetworkIoUnit = "By"
+  // SystemNetworkPackets is the metric conforming to the
+  // "system.network.packets" semantic conventions.
+  // Instrument: counter
+  // Unit: {packet}
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemNetworkPacketsName = "system.network.packets"
+  SystemNetworkPacketsUnit = "{packet}"
+  // SystemPagingFaults is the metric conforming to the "system.paging.faults"
+  // semantic conventions.
+  // Instrument: counter
+  // Unit: {fault}
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemPagingFaultsName = "system.paging.faults"
+  SystemPagingFaultsUnit = "{fault}"
+  // SystemPagingOperations is the metric conforming to the
+  // "system.paging.operations" semantic conventions.
+  // Instrument: counter
+  // Unit: {operation}
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemPagingOperationsName = "system.paging.operations"
+  SystemPagingOperationsUnit = "{operation}"
+  // SystemPagingUsage is the metric conforming to the "system.paging.usage"
+  // semantic conventions. It represents the unix swap or windows pagefile usage.
+  // Instrument: updowncounter
+  // Unit: By
+  // Stability: development
+  SystemPagingUsageName = "system.paging.usage"
+  SystemPagingUsageUnit = "By"
+  SystemPagingUsageDescription = "Unix swap or windows pagefile usage"
+  // SystemPagingUtilization is the metric conforming to the
+  // "system.paging.utilization" semantic conventions.
+  // Instrument: gauge
+  // Unit: 1
+  // Stability: development
+  // NOTE: The description (brief) for this metric is not defined in the semantic-conventions repository.
+  SystemPagingUtilizationName = "system.paging.utilization"
+  SystemPagingUtilizationUnit = "1"
+  // SystemProcessCount is the metric conforming to the "system.process.count"
+  // semantic conventions. It represents the total number of processes in each
+  // state.
+  // Instrument: updowncounter
+  // Unit: {process}
+  // Stability: development
+  SystemProcessCountName = "system.process.count"
+  SystemProcessCountUnit = "{process}"
+  SystemProcessCountDescription = "Total number of processes in each state"
+  // SystemProcessCreated is the metric conforming to the
+  // "system.process.created" semantic conventions. It represents the total
+  // number of processes created over uptime of the host.
+  // Instrument: counter
+  // Unit: {process}
+  // Stability: development
+  SystemProcessCreatedName = "system.process.created"
+  SystemProcessCreatedUnit = "{process}"
+  SystemProcessCreatedDescription = "Total number of processes created over uptime of the host"
+  // SystemUptime is the metric conforming to the "system.uptime" semantic
+  // conventions. It represents the time the system has been running.
+  // Instrument: gauge
+  // Unit: s
+  // Stability: development
+  SystemUptimeName = "system.uptime"
+  SystemUptimeUnit = "s"
+  SystemUptimeDescription = "The time the system has been running"
+  // VCSChangeCount is the metric conforming to the "vcs.change.count" semantic
+  // conventions. It represents the number of changes (pull requests/merge
+  // requests/changelists) in a repository, categorized by their state (e.g. open
+  // or merged).
+  // Instrument: updowncounter
+  // Unit: {change}
+  // Stability: development
+  VCSChangeCountName = "vcs.change.count"
+  VCSChangeCountUnit = "{change}"
+  VCSChangeCountDescription = "The number of changes (pull requests/merge requests/changelists) in a repository, categorized by their state (e.g. open or merged)"
+  // VCSChangeDuration is the metric conforming to the "vcs.change.duration"
+  // semantic conventions. It represents the time duration a change (pull
+  // request/merge request/changelist) has been in a given state.
+  // Instrument: gauge
+  // Unit: s
+  // Stability: development
+  VCSChangeDurationName = "vcs.change.duration"
+  VCSChangeDurationUnit = "s"
+  VCSChangeDurationDescription = "The time duration a change (pull request/merge request/changelist) has been in a given state."
+  // VCSChangeTimeToApproval is the metric conforming to the
+  // "vcs.change.time_to_approval" semantic conventions. It represents the amount
+  // of time since its creation it took a change (pull request/merge
+  // request/changelist) to get the first approval.
+  // Instrument: gauge
+  // Unit: s
+  // Stability: development
+  VCSChangeTimeToApprovalName = "vcs.change.time_to_approval"
+  VCSChangeTimeToApprovalUnit = "s"
+  VCSChangeTimeToApprovalDescription = "The amount of time since its creation it took a change (pull request/merge request/changelist) to get the first approval."
+  // VCSChangeTimeToMerge is the metric conforming to the
+  // "vcs.change.time_to_merge" semantic conventions. It represents the amount of
+  // time since its creation it took a change (pull request/merge
+  // request/changelist) to get merged into the target(base) ref.
+  // Instrument: gauge
+  // Unit: s
+  // Stability: development
+  VCSChangeTimeToMergeName = "vcs.change.time_to_merge"
+  VCSChangeTimeToMergeUnit = "s"
+  VCSChangeTimeToMergeDescription = "The amount of time since its creation it took a change (pull request/merge request/changelist) to get merged into the target(base) ref."
+  // VCSContributorCount is the metric conforming to the "vcs.contributor.count"
+  // semantic conventions. It represents the number of unique contributors to a
+  // repository.
+  // Instrument: gauge
+  // Unit: {contributor}
+  // Stability: development
+  VCSContributorCountName = "vcs.contributor.count"
+  VCSContributorCountUnit = "{contributor}"
+  VCSContributorCountDescription = "The number of unique contributors to a repository"
+  // VCSRefCount is the metric conforming to the "vcs.ref.count" semantic
+  // conventions. It represents the number of refs of type branch or tag in a
+  // repository.
+  // Instrument: updowncounter
+  // Unit: {ref}
+  // Stability: development
+  VCSRefCountName = "vcs.ref.count"
+  VCSRefCountUnit = "{ref}"
+  VCSRefCountDescription = "The number of refs of type branch or tag in a repository."
+  // VCSRefLinesDelta is the metric conforming to the "vcs.ref.lines_delta"
+  // semantic conventions. It represents the number of lines added/removed in a
+  // ref (branch) relative to the ref from the `vcs.ref.base.name` attribute.
+  // Instrument: gauge
+  // Unit: {line}
+  // Stability: development
+  VCSRefLinesDeltaName = "vcs.ref.lines_delta"
+  VCSRefLinesDeltaUnit = "{line}"
+  VCSRefLinesDeltaDescription = "The number of lines added/removed in a ref (branch) relative to the ref from the `vcs.ref.base.name` attribute."
+  // VCSRefRevisionsDelta is the metric conforming to the
+  // "vcs.ref.revisions_delta" semantic conventions. It represents the number of
+  // revisions (commits) a ref (branch) is ahead/behind the branch from the
+  // `vcs.ref.base.name` attribute.
+  // Instrument: gauge
+  // Unit: {revision}
+  // Stability: development
+  VCSRefRevisionsDeltaName = "vcs.ref.revisions_delta"
+  VCSRefRevisionsDeltaUnit = "{revision}"
+  VCSRefRevisionsDeltaDescription = "The number of revisions (commits) a ref (branch) is ahead/behind the branch from the `vcs.ref.base.name` attribute"
+  // VCSRefTime is the metric conforming to the "vcs.ref.time" semantic
+  // conventions. It represents the time a ref (branch) created from the default
+  // branch (trunk) has existed. The `ref.type` attribute will always be `branch`
+  // .
+  // Instrument: gauge
+  // Unit: s
+  // Stability: development
+  VCSRefTimeName = "vcs.ref.time"
+  VCSRefTimeUnit = "s"
+  VCSRefTimeDescription = "Time a ref (branch) created from the default branch (trunk) has existed. The `ref.type` attribute will always be `branch`"
+  // VCSRepositoryCount is the metric conforming to the "vcs.repository.count"
+  // semantic conventions. It represents the number of repositories in an
+  // organization.
+  // Instrument: updowncounter
+  // Unit: {repository}
+  // Stability: development
+  VCSRepositoryCountName = "vcs.repository.count"
+  VCSRepositoryCountUnit = "{repository}"
+  VCSRepositoryCountDescription = "The number of repositories in an organization."
+)
\ No newline at end of file
diff --git a/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/schema.go b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/schema.go
new file mode 100644
index 0000000000..b2e7a515ac
--- /dev/null
+++ b/vendor/go.opentelemetry.io/otel/semconv/v1.30.0/schema.go
@@ -0,0 +1,9 @@
+// Copyright The OpenTelemetry Authors
+// SPDX-License-Identifier: Apache-2.0
+
+package semconv // import "go.opentelemetry.io/otel/semconv/v1.30.0"
+
+// SchemaURL is the schema URL that matches the version of the semantic conventions
+// that this package defines. Semconv packages starting from v1.4.0 must declare
+// non-empty schema URL in the form https://opentelemetry.io/schemas/<version>
+const SchemaURL = "https://opentelemetry.io/schemas/1.30.0"
diff --git a/vendor/go.opentelemetry.io/otel/trace/auto.go b/vendor/go.opentelemetry.io/otel/trace/auto.go
index 7e2910025a..d90af8f673 100644
--- a/vendor/go.opentelemetry.io/otel/trace/auto.go
+++ b/vendor/go.opentelemetry.io/otel/trace/auto.go
@@ -57,14 +57,15 @@ type autoTracer struct {
 var _ Tracer = autoTracer{}
 
 func (t autoTracer) Start(ctx context.Context, name string, opts ...SpanStartOption) (context.Context, Span) {
-	var psc SpanContext
+	var psc, sc SpanContext
 	sampled := true
 	span := new(autoSpan)
 
 	// Ask eBPF for sampling decision and span context info.
-	t.start(ctx, span, &psc, &sampled, &span.spanContext)
+	t.start(ctx, span, &psc, &sampled, &sc)
 
 	span.sampled.Store(sampled)
+	span.spanContext = sc
 
 	ctx = ContextWithSpan(ctx, span)
 
diff --git a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/span.go b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/span.go
index 3c5e1cdb1b..e7ca62c660 100644
--- a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/span.go
+++ b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/span.go
@@ -251,13 +251,20 @@ func (s *Span) UnmarshalJSON(data []byte) error {
 type SpanFlags int32
 
 const (
+	// SpanFlagsTraceFlagsMask is a mask for trace-flags.
+	//
 	// Bits 0-7 are used for trace flags.
 	SpanFlagsTraceFlagsMask SpanFlags = 255
-	// Bits 8 and 9 are used to indicate that the parent span or link span is remote.
-	// Bit 8 (`HAS_IS_REMOTE`) indicates whether the value is known.
-	// Bit 9 (`IS_REMOTE`) indicates whether the span or link is remote.
+	// SpanFlagsContextHasIsRemoteMask is a mask for HAS_IS_REMOTE status.
+	//
+	// Bits 8 and 9 are used to indicate that the parent span or link span is
+	// remote. Bit 8 (`HAS_IS_REMOTE`) indicates whether the value is known.
 	SpanFlagsContextHasIsRemoteMask SpanFlags = 256
-	// SpanFlagsContextHasIsRemoteMask indicates the Span is remote.
+	// SpanFlagsContextIsRemoteMask is a mask for IS_REMOTE status.
+	//
+	// Bits 8 and 9 are used to indicate that the parent span or link span is
+	// remote. Bit 9 (`IS_REMOTE`) indicates whether the span or link is
+	// remote.
 	SpanFlagsContextIsRemoteMask SpanFlags = 512
 )
 
@@ -266,27 +273,31 @@ const (
 type SpanKind int32
 
 const (
-	// Indicates that the span represents an internal operation within an application,
-	// as opposed to an operation happening at the boundaries. Default value.
+	// SpanKindInternal indicates that the span represents an internal
+	// operation within an application, as opposed to an operation happening at
+	// the boundaries.
 	SpanKindInternal SpanKind = 1
-	// Indicates that the span covers server-side handling of an RPC or other
-	// remote network request.
+	// SpanKindServer indicates that the span covers server-side handling of an
+	// RPC or other remote network request.
 	SpanKindServer SpanKind = 2
-	// Indicates that the span describes a request to some remote service.
+	// SpanKindClient indicates that the span describes a request to some
+	// remote service.
 	SpanKindClient SpanKind = 3
-	// Indicates that the span describes a producer sending a message to a broker.
-	// Unlike CLIENT and SERVER, there is often no direct critical path latency relationship
-	// between producer and consumer spans. A PRODUCER span ends when the message was accepted
-	// by the broker while the logical processing of the message might span a much longer time.
+	// SpanKindProducer indicates that the span describes a producer sending a
+	// message to a broker. Unlike SpanKindClient and SpanKindServer, there is
+	// often no direct critical path latency relationship between producer and
+	// consumer spans. A SpanKindProducer span ends when the message was
+	// accepted by the broker while the logical processing of the message might
+	// span a much longer time.
 	SpanKindProducer SpanKind = 4
-	// Indicates that the span describes consumer receiving a message from a broker.
-	// Like the PRODUCER kind, there is often no direct critical path latency relationship
-	// between producer and consumer spans.
+	// SpanKindConsumer indicates that the span describes a consumer receiving
+	// a message from a broker. Like SpanKindProducer, there is often no direct
+	// critical path latency relationship between producer and consumer spans.
 	SpanKindConsumer SpanKind = 5
 )
 
-// Event is a time-stamped annotation of the span, consisting of user-supplied
-// text description and key-value pairs.
+// SpanEvent is a time-stamped annotation of the span, consisting of
+// user-supplied text description and key-value pairs.
 type SpanEvent struct {
 	// time_unix_nano is the time the event occurred.
 	Time time.Time `json:"timeUnixNano,omitempty"`
@@ -369,10 +380,11 @@ func (se *SpanEvent) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
-// A pointer from the current span to another span in the same trace or in a
-// different trace. For example, this can be used in batching operations,
-// where a single batch handler processes multiple requests from different
-// traces or when the handler receives a request from a different project.
+// SpanLink is a reference from the current span to another span in the same
+// trace or in a different trace. For example, this can be used in batching
+// operations, where a single batch handler processes multiple requests from
+// different traces or when the handler receives a request from a different
+// project.
 type SpanLink struct {
 	// A unique identifier of a trace that this linked span is part of. The ID is a
 	// 16-byte array.
diff --git a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/status.go b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/status.go
index 1d013a8fa8..1039bf40cd 100644
--- a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/status.go
+++ b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/status.go
@@ -3,17 +3,19 @@
 
 package telemetry // import "go.opentelemetry.io/otel/trace/internal/telemetry"
 
+// StatusCode is the status of a Span.
+//
 // For the semantics of status codes see
 // https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/trace/api.md#set-status
 type StatusCode int32
 
 const (
-	// The default status.
+	// StatusCodeUnset is the default status.
 	StatusCodeUnset StatusCode = 0
-	// The Span has been validated by an Application developer or Operator to
-	// have completed successfully.
+	// StatusCodeOK is used when the Span has been validated by an Application
+	// developer or Operator to have completed successfully.
 	StatusCodeOK StatusCode = 1
-	// The Span contains an error.
+	// StatusCodeError is used when the Span contains an error.
 	StatusCodeError StatusCode = 2
 )
 
@@ -30,7 +32,7 @@ func (s StatusCode) String() string {
 	return "<unknown telemetry.StatusCode>"
 }
 
-// The Status type defines a logical error model that is suitable for different
+// Status defines a logical error model that is suitable for different
 // programming environments, including REST APIs and RPC APIs.
 type Status struct {
 	// A developer-facing human readable error message.
diff --git a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/traces.go b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/traces.go
index b039407081..e5f10767ca 100644
--- a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/traces.go
+++ b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/traces.go
@@ -71,7 +71,7 @@ func (td *Traces) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
-// A collection of ScopeSpans from a Resource.
+// ResourceSpans is a collection of ScopeSpans from a Resource.
 type ResourceSpans struct {
 	// The resource for the spans in this message.
 	// If this field is not set then no resource info is known.
@@ -128,7 +128,7 @@ func (rs *ResourceSpans) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
-// A collection of Spans produced by an InstrumentationScope.
+// ScopeSpans is a collection of Spans produced by an InstrumentationScope.
 type ScopeSpans struct {
 	// The instrumentation scope information for the spans in this message.
 	// Semantically when InstrumentationScope isn't set, it is equivalent with
diff --git a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/value.go b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/value.go
index 7251492da0..ae9ce102a9 100644
--- a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/value.go
+++ b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/value.go
@@ -316,7 +316,7 @@ func (v Value) String() string {
 	case ValueKindBool:
 		return strconv.FormatBool(v.asBool())
 	case ValueKindBytes:
-		return fmt.Sprint(v.asBytes())
+		return string(v.asBytes())
 	case ValueKindMap:
 		return fmt.Sprint(v.asMap())
 	case ValueKindSlice:
diff --git a/vendor/go.opentelemetry.io/otel/trace/noop.go b/vendor/go.opentelemetry.io/otel/trace/noop.go
index c8b1ae5d67..0f56e4dbb3 100644
--- a/vendor/go.opentelemetry.io/otel/trace/noop.go
+++ b/vendor/go.opentelemetry.io/otel/trace/noop.go
@@ -95,6 +95,8 @@ var autoInstEnabled = new(bool)
 // tracerProvider return a noopTracerProvider if autoEnabled is false,
 // otherwise it will return a TracerProvider from the sdk package used in
 // auto-instrumentation.
+//
+//go:noinline
 func (noopSpan) tracerProvider(autoEnabled *bool) TracerProvider {
 	if *autoEnabled {
 		return newAutoTracerProvider()
diff --git a/vendor/go.opentelemetry.io/otel/verify_readmes.sh b/vendor/go.opentelemetry.io/otel/verify_readmes.sh
deleted file mode 100644
index 1e87855eea..0000000000
--- a/vendor/go.opentelemetry.io/otel/verify_readmes.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-
-# Copyright The OpenTelemetry Authors
-# SPDX-License-Identifier: Apache-2.0
-
-set -euo pipefail
-
-dirs=$(find . -type d -not -path "*/internal*" -not -path "*/test*" -not -path "*/example*" -not -path "*/.*" | sort)
-
-missingReadme=false
-for dir in $dirs; do
-	if [ ! -f "$dir/README.md" ]; then
-		echo "couldn't find README.md for $dir"
-		missingReadme=true
-	fi
-done
-
-if [ "$missingReadme" = true ] ; then
-	echo "Error: some READMEs couldn't be found."
-	exit 1
-fi
diff --git a/vendor/go.opentelemetry.io/otel/version.go b/vendor/go.opentelemetry.io/otel/version.go
index d5fa71f674..ac3c0b15da 100644
--- a/vendor/go.opentelemetry.io/otel/version.go
+++ b/vendor/go.opentelemetry.io/otel/version.go
@@ -5,5 +5,5 @@ package otel // import "go.opentelemetry.io/otel"
 
 // Version is the current release version of OpenTelemetry in use.
 func Version() string {
-	return "1.35.0"
+	return "1.36.0"
 }
diff --git a/vendor/go.opentelemetry.io/otel/versions.yaml b/vendor/go.opentelemetry.io/otel/versions.yaml
index 2b4cb4b418..79f82f3d05 100644
--- a/vendor/go.opentelemetry.io/otel/versions.yaml
+++ b/vendor/go.opentelemetry.io/otel/versions.yaml
@@ -3,7 +3,7 @@
 
 module-sets:
   stable-v1:
-    version: v1.35.0
+    version: v1.36.0
     modules:
       - go.opentelemetry.io/otel
       - go.opentelemetry.io/otel/bridge/opencensus
@@ -23,11 +23,11 @@ module-sets:
       - go.opentelemetry.io/otel/sdk/metric
       - go.opentelemetry.io/otel/trace
   experimental-metrics:
-    version: v0.57.0
+    version: v0.58.0
     modules:
       - go.opentelemetry.io/otel/exporters/prometheus
   experimental-logs:
-    version: v0.11.0
+    version: v0.12.0
     modules:
       - go.opentelemetry.io/otel/log
       - go.opentelemetry.io/otel/sdk/log
@@ -40,4 +40,6 @@ module-sets:
       - go.opentelemetry.io/otel/schema
 excluded-modules:
   - go.opentelemetry.io/otel/internal/tools
+  - go.opentelemetry.io/otel/log/logtest
+  - go.opentelemetry.io/otel/sdk/log/logtest
   - go.opentelemetry.io/otel/trace/internal/telemetry/test
diff --git a/vendor/goa.design/goa/v3/pkg/version.go b/vendor/goa.design/goa/v3/pkg/version.go
index cece3fef6b..027e0aae31 100644
--- a/vendor/goa.design/goa/v3/pkg/version.go
+++ b/vendor/goa.design/goa/v3/pkg/version.go
@@ -12,7 +12,7 @@ const (
 	// Minor version number
 	Minor = 20
 	// Build number
-	Build = 0
+	Build = 1
 	// Suffix - set to empty string in release tag commits.
 	Suffix = ""
 )
diff --git a/vendor/golang.org/x/crypto/argon2/argon2.go b/vendor/golang.org/x/crypto/argon2/argon2.go
deleted file mode 100644
index 29f0a2de45..0000000000
--- a/vendor/golang.org/x/crypto/argon2/argon2.go
+++ /dev/null
@@ -1,283 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package argon2 implements the key derivation function Argon2.
-// Argon2 was selected as the winner of the Password Hashing Competition and can
-// be used to derive cryptographic keys from passwords.
-//
-// For a detailed specification of Argon2 see [1].
-//
-// If you aren't sure which function you need, use Argon2id (IDKey) and
-// the parameter recommendations for your scenario.
-//
-// # Argon2i
-//
-// Argon2i (implemented by Key) is the side-channel resistant version of Argon2.
-// It uses data-independent memory access, which is preferred for password
-// hashing and password-based key derivation. Argon2i requires more passes over
-// memory than Argon2id to protect from trade-off attacks. The recommended
-// parameters (taken from [2]) for non-interactive operations are time=3 and to
-// use the maximum available memory.
-//
-// # Argon2id
-//
-// Argon2id (implemented by IDKey) is a hybrid version of Argon2 combining
-// Argon2i and Argon2d. It uses data-independent memory access for the first
-// half of the first iteration over the memory and data-dependent memory access
-// for the rest. Argon2id is side-channel resistant and provides better brute-
-// force cost savings due to time-memory tradeoffs than Argon2i. The recommended
-// parameters for non-interactive operations (taken from [2]) are time=1 and to
-// use the maximum available memory.
-//
-// [1] https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf
-// [2] https://tools.ietf.org/html/draft-irtf-cfrg-argon2-03#section-9.3
-package argon2
-
-import (
-	"encoding/binary"
-	"sync"
-
-	"golang.org/x/crypto/blake2b"
-)
-
-// The Argon2 version implemented by this package.
-const Version = 0x13
-
-const (
-	argon2d = iota
-	argon2i
-	argon2id
-)
-
-// Key derives a key from the password, salt, and cost parameters using Argon2i
-// returning a byte slice of length keyLen that can be used as cryptographic
-// key. The CPU cost and parallelism degree must be greater than zero.
-//
-// For example, you can get a derived key for e.g. AES-256 (which needs a
-// 32-byte key) by doing:
-//
-//	key := argon2.Key([]byte("some password"), salt, 3, 32*1024, 4, 32)
-//
-// The draft RFC recommends[2] time=3, and memory=32*1024 is a sensible number.
-// If using that amount of memory (32 MB) is not possible in some contexts then
-// the time parameter can be increased to compensate.
-//
-// The time parameter specifies the number of passes over the memory and the
-// memory parameter specifies the size of the memory in KiB. For example
-// memory=32*1024 sets the memory cost to ~32 MB. The number of threads can be
-// adjusted to the number of available CPUs. The cost parameters should be
-// increased as memory latency and CPU parallelism increases. Remember to get a
-// good random salt.
-func Key(password, salt []byte, time, memory uint32, threads uint8, keyLen uint32) []byte {
-	return deriveKey(argon2i, password, salt, nil, nil, time, memory, threads, keyLen)
-}
-
-// IDKey derives a key from the password, salt, and cost parameters using
-// Argon2id returning a byte slice of length keyLen that can be used as
-// cryptographic key. The CPU cost and parallelism degree must be greater than
-// zero.
-//
-// For example, you can get a derived key for e.g. AES-256 (which needs a
-// 32-byte key) by doing:
-//
-//	key := argon2.IDKey([]byte("some password"), salt, 1, 64*1024, 4, 32)
-//
-// The draft RFC recommends[2] time=1, and memory=64*1024 is a sensible number.
-// If using that amount of memory (64 MB) is not possible in some contexts then
-// the time parameter can be increased to compensate.
-//
-// The time parameter specifies the number of passes over the memory and the
-// memory parameter specifies the size of the memory in KiB. For example
-// memory=64*1024 sets the memory cost to ~64 MB. The number of threads can be
-// adjusted to the numbers of available CPUs. The cost parameters should be
-// increased as memory latency and CPU parallelism increases. Remember to get a
-// good random salt.
-func IDKey(password, salt []byte, time, memory uint32, threads uint8, keyLen uint32) []byte {
-	return deriveKey(argon2id, password, salt, nil, nil, time, memory, threads, keyLen)
-}
-
-func deriveKey(mode int, password, salt, secret, data []byte, time, memory uint32, threads uint8, keyLen uint32) []byte {
-	if time < 1 {
-		panic("argon2: number of rounds too small")
-	}
-	if threads < 1 {
-		panic("argon2: parallelism degree too low")
-	}
-	h0 := initHash(password, salt, secret, data, time, memory, uint32(threads), keyLen, mode)
-
-	memory = memory / (syncPoints * uint32(threads)) * (syncPoints * uint32(threads))
-	if memory < 2*syncPoints*uint32(threads) {
-		memory = 2 * syncPoints * uint32(threads)
-	}
-	B := initBlocks(&h0, memory, uint32(threads))
-	processBlocks(B, time, memory, uint32(threads), mode)
-	return extractKey(B, memory, uint32(threads), keyLen)
-}
-
-const (
-	blockLength = 128
-	syncPoints  = 4
-)
-
-type block [blockLength]uint64
-
-func initHash(password, salt, key, data []byte, time, memory, threads, keyLen uint32, mode int) [blake2b.Size + 8]byte {
-	var (
-		h0     [blake2b.Size + 8]byte
-		params [24]byte
-		tmp    [4]byte
-	)
-
-	b2, _ := blake2b.New512(nil)
-	binary.LittleEndian.PutUint32(params[0:4], threads)
-	binary.LittleEndian.PutUint32(params[4:8], keyLen)
-	binary.LittleEndian.PutUint32(params[8:12], memory)
-	binary.LittleEndian.PutUint32(params[12:16], time)
-	binary.LittleEndian.PutUint32(params[16:20], uint32(Version))
-	binary.LittleEndian.PutUint32(params[20:24], uint32(mode))
-	b2.Write(params[:])
-	binary.LittleEndian.PutUint32(tmp[:], uint32(len(password)))
-	b2.Write(tmp[:])
-	b2.Write(password)
-	binary.LittleEndian.PutUint32(tmp[:], uint32(len(salt)))
-	b2.Write(tmp[:])
-	b2.Write(salt)
-	binary.LittleEndian.PutUint32(tmp[:], uint32(len(key)))
-	b2.Write(tmp[:])
-	b2.Write(key)
-	binary.LittleEndian.PutUint32(tmp[:], uint32(len(data)))
-	b2.Write(tmp[:])
-	b2.Write(data)
-	b2.Sum(h0[:0])
-	return h0
-}
-
-func initBlocks(h0 *[blake2b.Size + 8]byte, memory, threads uint32) []block {
-	var block0 [1024]byte
-	B := make([]block, memory)
-	for lane := uint32(0); lane < threads; lane++ {
-		j := lane * (memory / threads)
-		binary.LittleEndian.PutUint32(h0[blake2b.Size+4:], lane)
-
-		binary.LittleEndian.PutUint32(h0[blake2b.Size:], 0)
-		blake2bHash(block0[:], h0[:])
-		for i := range B[j+0] {
-			B[j+0][i] = binary.LittleEndian.Uint64(block0[i*8:])
-		}
-
-		binary.LittleEndian.PutUint32(h0[blake2b.Size:], 1)
-		blake2bHash(block0[:], h0[:])
-		for i := range B[j+1] {
-			B[j+1][i] = binary.LittleEndian.Uint64(block0[i*8:])
-		}
-	}
-	return B
-}
-
-func processBlocks(B []block, time, memory, threads uint32, mode int) {
-	lanes := memory / threads
-	segments := lanes / syncPoints
-
-	processSegment := func(n, slice, lane uint32, wg *sync.WaitGroup) {
-		var addresses, in, zero block
-		if mode == argon2i || (mode == argon2id && n == 0 && slice < syncPoints/2) {
-			in[0] = uint64(n)
-			in[1] = uint64(lane)
-			in[2] = uint64(slice)
-			in[3] = uint64(memory)
-			in[4] = uint64(time)
-			in[5] = uint64(mode)
-		}
-
-		index := uint32(0)
-		if n == 0 && slice == 0 {
-			index = 2 // we have already generated the first two blocks
-			if mode == argon2i || mode == argon2id {
-				in[6]++
-				processBlock(&addresses, &in, &zero)
-				processBlock(&addresses, &addresses, &zero)
-			}
-		}
-
-		offset := lane*lanes + slice*segments + index
-		var random uint64
-		for index < segments {
-			prev := offset - 1
-			if index == 0 && slice == 0 {
-				prev += lanes // last block in lane
-			}
-			if mode == argon2i || (mode == argon2id && n == 0 && slice < syncPoints/2) {
-				if index%blockLength == 0 {
-					in[6]++
-					processBlock(&addresses, &in, &zero)
-					processBlock(&addresses, &addresses, &zero)
-				}
-				random = addresses[index%blockLength]
-			} else {
-				random = B[prev][0]
-			}
-			newOffset := indexAlpha(random, lanes, segments, threads, n, slice, lane, index)
-			processBlockXOR(&B[offset], &B[prev], &B[newOffset])
-			index, offset = index+1, offset+1
-		}
-		wg.Done()
-	}
-
-	for n := uint32(0); n < time; n++ {
-		for slice := uint32(0); slice < syncPoints; slice++ {
-			var wg sync.WaitGroup
-			for lane := uint32(0); lane < threads; lane++ {
-				wg.Add(1)
-				go processSegment(n, slice, lane, &wg)
-			}
-			wg.Wait()
-		}
-	}
-
-}
-
-func extractKey(B []block, memory, threads, keyLen uint32) []byte {
-	lanes := memory / threads
-	for lane := uint32(0); lane < threads-1; lane++ {
-		for i, v := range B[(lane*lanes)+lanes-1] {
-			B[memory-1][i] ^= v
-		}
-	}
-
-	var block [1024]byte
-	for i, v := range B[memory-1] {
-		binary.LittleEndian.PutUint64(block[i*8:], v)
-	}
-	key := make([]byte, keyLen)
-	blake2bHash(key, block[:])
-	return key
-}
-
-func indexAlpha(rand uint64, lanes, segments, threads, n, slice, lane, index uint32) uint32 {
-	refLane := uint32(rand>>32) % threads
-	if n == 0 && slice == 0 {
-		refLane = lane
-	}
-	m, s := 3*segments, ((slice+1)%syncPoints)*segments
-	if lane == refLane {
-		m += index
-	}
-	if n == 0 {
-		m, s = slice*segments, 0
-		if slice == 0 || lane == refLane {
-			m += index
-		}
-	}
-	if index == 0 || lane == refLane {
-		m--
-	}
-	return phi(rand, uint64(m), uint64(s), refLane, lanes)
-}
-
-func phi(rand, m, s uint64, lane, lanes uint32) uint32 {
-	p := rand & 0xFFFFFFFF
-	p = (p * p) >> 32
-	p = (p * m) >> 32
-	return lane*lanes + uint32((s+m-(p+1))%uint64(lanes))
-}
diff --git a/vendor/golang.org/x/crypto/argon2/blake2b.go b/vendor/golang.org/x/crypto/argon2/blake2b.go
deleted file mode 100644
index 10f46948dc..0000000000
--- a/vendor/golang.org/x/crypto/argon2/blake2b.go
+++ /dev/null
@@ -1,53 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package argon2
-
-import (
-	"encoding/binary"
-	"hash"
-
-	"golang.org/x/crypto/blake2b"
-)
-
-// blake2bHash computes an arbitrary long hash value of in
-// and writes the hash to out.
-func blake2bHash(out []byte, in []byte) {
-	var b2 hash.Hash
-	if n := len(out); n < blake2b.Size {
-		b2, _ = blake2b.New(n, nil)
-	} else {
-		b2, _ = blake2b.New512(nil)
-	}
-
-	var buffer [blake2b.Size]byte
-	binary.LittleEndian.PutUint32(buffer[:4], uint32(len(out)))
-	b2.Write(buffer[:4])
-	b2.Write(in)
-
-	if len(out) <= blake2b.Size {
-		b2.Sum(out[:0])
-		return
-	}
-
-	outLen := len(out)
-	b2.Sum(buffer[:0])
-	b2.Reset()
-	copy(out, buffer[:32])
-	out = out[32:]
-	for len(out) > blake2b.Size {
-		b2.Write(buffer[:])
-		b2.Sum(buffer[:0])
-		copy(out, buffer[:32])
-		out = out[32:]
-		b2.Reset()
-	}
-
-	if outLen%blake2b.Size > 0 { // outLen > 64
-		r := ((outLen + 31) / 32) - 2 // ⌈τ /32⌉-2
-		b2, _ = blake2b.New(outLen-32*r, nil)
-	}
-	b2.Write(buffer[:])
-	b2.Sum(out[:0])
-}
diff --git a/vendor/golang.org/x/crypto/argon2/blamka_amd64.go b/vendor/golang.org/x/crypto/argon2/blamka_amd64.go
deleted file mode 100644
index 063e7784f8..0000000000
--- a/vendor/golang.org/x/crypto/argon2/blamka_amd64.go
+++ /dev/null
@@ -1,60 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build amd64 && gc && !purego
-
-package argon2
-
-import "golang.org/x/sys/cpu"
-
-func init() {
-	useSSE4 = cpu.X86.HasSSE41
-}
-
-//go:noescape
-func mixBlocksSSE2(out, a, b, c *block)
-
-//go:noescape
-func xorBlocksSSE2(out, a, b, c *block)
-
-//go:noescape
-func blamkaSSE4(b *block)
-
-func processBlockSSE(out, in1, in2 *block, xor bool) {
-	var t block
-	mixBlocksSSE2(&t, in1, in2, &t)
-	if useSSE4 {
-		blamkaSSE4(&t)
-	} else {
-		for i := 0; i < blockLength; i += 16 {
-			blamkaGeneric(
-				&t[i+0], &t[i+1], &t[i+2], &t[i+3],
-				&t[i+4], &t[i+5], &t[i+6], &t[i+7],
-				&t[i+8], &t[i+9], &t[i+10], &t[i+11],
-				&t[i+12], &t[i+13], &t[i+14], &t[i+15],
-			)
-		}
-		for i := 0; i < blockLength/8; i += 2 {
-			blamkaGeneric(
-				&t[i], &t[i+1], &t[16+i], &t[16+i+1],
-				&t[32+i], &t[32+i+1], &t[48+i], &t[48+i+1],
-				&t[64+i], &t[64+i+1], &t[80+i], &t[80+i+1],
-				&t[96+i], &t[96+i+1], &t[112+i], &t[112+i+1],
-			)
-		}
-	}
-	if xor {
-		xorBlocksSSE2(out, in1, in2, &t)
-	} else {
-		mixBlocksSSE2(out, in1, in2, &t)
-	}
-}
-
-func processBlock(out, in1, in2 *block) {
-	processBlockSSE(out, in1, in2, false)
-}
-
-func processBlockXOR(out, in1, in2 *block) {
-	processBlockSSE(out, in1, in2, true)
-}
diff --git a/vendor/golang.org/x/crypto/argon2/blamka_amd64.s b/vendor/golang.org/x/crypto/argon2/blamka_amd64.s
deleted file mode 100644
index c3895478ed..0000000000
--- a/vendor/golang.org/x/crypto/argon2/blamka_amd64.s
+++ /dev/null
@@ -1,2791 +0,0 @@
-// Code generated by command: go run blamka_amd64.go -out ../blamka_amd64.s -pkg argon2. DO NOT EDIT.
-
-//go:build amd64 && gc && !purego
-
-#include "textflag.h"
-
-// func blamkaSSE4(b *block)
-// Requires: SSE2, SSSE3
-TEXT ·blamkaSSE4(SB), NOSPLIT, $0-8
-	MOVQ       b+0(FP), AX
-	MOVOU      ·c40<>+0(SB), X10
-	MOVOU      ·c48<>+0(SB), X11
-	MOVOU      (AX), X0
-	MOVOU      16(AX), X1
-	MOVOU      32(AX), X2
-	MOVOU      48(AX), X3
-	MOVOU      64(AX), X4
-	MOVOU      80(AX), X5
-	MOVOU      96(AX), X6
-	MOVOU      112(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, (AX)
-	MOVOU      X1, 16(AX)
-	MOVOU      X2, 32(AX)
-	MOVOU      X3, 48(AX)
-	MOVOU      X4, 64(AX)
-	MOVOU      X5, 80(AX)
-	MOVOU      X6, 96(AX)
-	MOVOU      X7, 112(AX)
-	MOVOU      128(AX), X0
-	MOVOU      144(AX), X1
-	MOVOU      160(AX), X2
-	MOVOU      176(AX), X3
-	MOVOU      192(AX), X4
-	MOVOU      208(AX), X5
-	MOVOU      224(AX), X6
-	MOVOU      240(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 128(AX)
-	MOVOU      X1, 144(AX)
-	MOVOU      X2, 160(AX)
-	MOVOU      X3, 176(AX)
-	MOVOU      X4, 192(AX)
-	MOVOU      X5, 208(AX)
-	MOVOU      X6, 224(AX)
-	MOVOU      X7, 240(AX)
-	MOVOU      256(AX), X0
-	MOVOU      272(AX), X1
-	MOVOU      288(AX), X2
-	MOVOU      304(AX), X3
-	MOVOU      320(AX), X4
-	MOVOU      336(AX), X5
-	MOVOU      352(AX), X6
-	MOVOU      368(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 256(AX)
-	MOVOU      X1, 272(AX)
-	MOVOU      X2, 288(AX)
-	MOVOU      X3, 304(AX)
-	MOVOU      X4, 320(AX)
-	MOVOU      X5, 336(AX)
-	MOVOU      X6, 352(AX)
-	MOVOU      X7, 368(AX)
-	MOVOU      384(AX), X0
-	MOVOU      400(AX), X1
-	MOVOU      416(AX), X2
-	MOVOU      432(AX), X3
-	MOVOU      448(AX), X4
-	MOVOU      464(AX), X5
-	MOVOU      480(AX), X6
-	MOVOU      496(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 384(AX)
-	MOVOU      X1, 400(AX)
-	MOVOU      X2, 416(AX)
-	MOVOU      X3, 432(AX)
-	MOVOU      X4, 448(AX)
-	MOVOU      X5, 464(AX)
-	MOVOU      X6, 480(AX)
-	MOVOU      X7, 496(AX)
-	MOVOU      512(AX), X0
-	MOVOU      528(AX), X1
-	MOVOU      544(AX), X2
-	MOVOU      560(AX), X3
-	MOVOU      576(AX), X4
-	MOVOU      592(AX), X5
-	MOVOU      608(AX), X6
-	MOVOU      624(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 512(AX)
-	MOVOU      X1, 528(AX)
-	MOVOU      X2, 544(AX)
-	MOVOU      X3, 560(AX)
-	MOVOU      X4, 576(AX)
-	MOVOU      X5, 592(AX)
-	MOVOU      X6, 608(AX)
-	MOVOU      X7, 624(AX)
-	MOVOU      640(AX), X0
-	MOVOU      656(AX), X1
-	MOVOU      672(AX), X2
-	MOVOU      688(AX), X3
-	MOVOU      704(AX), X4
-	MOVOU      720(AX), X5
-	MOVOU      736(AX), X6
-	MOVOU      752(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 640(AX)
-	MOVOU      X1, 656(AX)
-	MOVOU      X2, 672(AX)
-	MOVOU      X3, 688(AX)
-	MOVOU      X4, 704(AX)
-	MOVOU      X5, 720(AX)
-	MOVOU      X6, 736(AX)
-	MOVOU      X7, 752(AX)
-	MOVOU      768(AX), X0
-	MOVOU      784(AX), X1
-	MOVOU      800(AX), X2
-	MOVOU      816(AX), X3
-	MOVOU      832(AX), X4
-	MOVOU      848(AX), X5
-	MOVOU      864(AX), X6
-	MOVOU      880(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 768(AX)
-	MOVOU      X1, 784(AX)
-	MOVOU      X2, 800(AX)
-	MOVOU      X3, 816(AX)
-	MOVOU      X4, 832(AX)
-	MOVOU      X5, 848(AX)
-	MOVOU      X6, 864(AX)
-	MOVOU      X7, 880(AX)
-	MOVOU      896(AX), X0
-	MOVOU      912(AX), X1
-	MOVOU      928(AX), X2
-	MOVOU      944(AX), X3
-	MOVOU      960(AX), X4
-	MOVOU      976(AX), X5
-	MOVOU      992(AX), X6
-	MOVOU      1008(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 896(AX)
-	MOVOU      X1, 912(AX)
-	MOVOU      X2, 928(AX)
-	MOVOU      X3, 944(AX)
-	MOVOU      X4, 960(AX)
-	MOVOU      X5, 976(AX)
-	MOVOU      X6, 992(AX)
-	MOVOU      X7, 1008(AX)
-	MOVOU      (AX), X0
-	MOVOU      128(AX), X1
-	MOVOU      256(AX), X2
-	MOVOU      384(AX), X3
-	MOVOU      512(AX), X4
-	MOVOU      640(AX), X5
-	MOVOU      768(AX), X6
-	MOVOU      896(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, (AX)
-	MOVOU      X1, 128(AX)
-	MOVOU      X2, 256(AX)
-	MOVOU      X3, 384(AX)
-	MOVOU      X4, 512(AX)
-	MOVOU      X5, 640(AX)
-	MOVOU      X6, 768(AX)
-	MOVOU      X7, 896(AX)
-	MOVOU      16(AX), X0
-	MOVOU      144(AX), X1
-	MOVOU      272(AX), X2
-	MOVOU      400(AX), X3
-	MOVOU      528(AX), X4
-	MOVOU      656(AX), X5
-	MOVOU      784(AX), X6
-	MOVOU      912(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 16(AX)
-	MOVOU      X1, 144(AX)
-	MOVOU      X2, 272(AX)
-	MOVOU      X3, 400(AX)
-	MOVOU      X4, 528(AX)
-	MOVOU      X5, 656(AX)
-	MOVOU      X6, 784(AX)
-	MOVOU      X7, 912(AX)
-	MOVOU      32(AX), X0
-	MOVOU      160(AX), X1
-	MOVOU      288(AX), X2
-	MOVOU      416(AX), X3
-	MOVOU      544(AX), X4
-	MOVOU      672(AX), X5
-	MOVOU      800(AX), X6
-	MOVOU      928(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 32(AX)
-	MOVOU      X1, 160(AX)
-	MOVOU      X2, 288(AX)
-	MOVOU      X3, 416(AX)
-	MOVOU      X4, 544(AX)
-	MOVOU      X5, 672(AX)
-	MOVOU      X6, 800(AX)
-	MOVOU      X7, 928(AX)
-	MOVOU      48(AX), X0
-	MOVOU      176(AX), X1
-	MOVOU      304(AX), X2
-	MOVOU      432(AX), X3
-	MOVOU      560(AX), X4
-	MOVOU      688(AX), X5
-	MOVOU      816(AX), X6
-	MOVOU      944(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 48(AX)
-	MOVOU      X1, 176(AX)
-	MOVOU      X2, 304(AX)
-	MOVOU      X3, 432(AX)
-	MOVOU      X4, 560(AX)
-	MOVOU      X5, 688(AX)
-	MOVOU      X6, 816(AX)
-	MOVOU      X7, 944(AX)
-	MOVOU      64(AX), X0
-	MOVOU      192(AX), X1
-	MOVOU      320(AX), X2
-	MOVOU      448(AX), X3
-	MOVOU      576(AX), X4
-	MOVOU      704(AX), X5
-	MOVOU      832(AX), X6
-	MOVOU      960(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 64(AX)
-	MOVOU      X1, 192(AX)
-	MOVOU      X2, 320(AX)
-	MOVOU      X3, 448(AX)
-	MOVOU      X4, 576(AX)
-	MOVOU      X5, 704(AX)
-	MOVOU      X6, 832(AX)
-	MOVOU      X7, 960(AX)
-	MOVOU      80(AX), X0
-	MOVOU      208(AX), X1
-	MOVOU      336(AX), X2
-	MOVOU      464(AX), X3
-	MOVOU      592(AX), X4
-	MOVOU      720(AX), X5
-	MOVOU      848(AX), X6
-	MOVOU      976(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 80(AX)
-	MOVOU      X1, 208(AX)
-	MOVOU      X2, 336(AX)
-	MOVOU      X3, 464(AX)
-	MOVOU      X4, 592(AX)
-	MOVOU      X5, 720(AX)
-	MOVOU      X6, 848(AX)
-	MOVOU      X7, 976(AX)
-	MOVOU      96(AX), X0
-	MOVOU      224(AX), X1
-	MOVOU      352(AX), X2
-	MOVOU      480(AX), X3
-	MOVOU      608(AX), X4
-	MOVOU      736(AX), X5
-	MOVOU      864(AX), X6
-	MOVOU      992(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 96(AX)
-	MOVOU      X1, 224(AX)
-	MOVOU      X2, 352(AX)
-	MOVOU      X3, 480(AX)
-	MOVOU      X4, 608(AX)
-	MOVOU      X5, 736(AX)
-	MOVOU      X6, 864(AX)
-	MOVOU      X7, 992(AX)
-	MOVOU      112(AX), X0
-	MOVOU      240(AX), X1
-	MOVOU      368(AX), X2
-	MOVOU      496(AX), X3
-	MOVOU      624(AX), X4
-	MOVOU      752(AX), X5
-	MOVOU      880(AX), X6
-	MOVOU      1008(AX), X7
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X6, X8
-	PUNPCKLQDQ X6, X9
-	PUNPCKHQDQ X7, X6
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X7, X9
-	MOVO       X8, X7
-	MOVO       X2, X8
-	PUNPCKHQDQ X9, X7
-	PUNPCKLQDQ X3, X9
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X3
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFD     $0xb1, X6, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	PSHUFB     X10, X2
-	MOVO       X0, X8
-	PMULULQ    X2, X8
-	PADDQ      X2, X0
-	PADDQ      X8, X0
-	PADDQ      X8, X0
-	PXOR       X0, X6
-	PSHUFB     X11, X6
-	MOVO       X4, X8
-	PMULULQ    X6, X8
-	PADDQ      X6, X4
-	PADDQ      X8, X4
-	PADDQ      X8, X4
-	PXOR       X4, X2
-	MOVO       X2, X8
-	PADDQ      X2, X8
-	PSRLQ      $0x3f, X2
-	PXOR       X8, X2
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFD     $0xb1, X7, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	PSHUFB     X10, X3
-	MOVO       X1, X8
-	PMULULQ    X3, X8
-	PADDQ      X3, X1
-	PADDQ      X8, X1
-	PADDQ      X8, X1
-	PXOR       X1, X7
-	PSHUFB     X11, X7
-	MOVO       X5, X8
-	PMULULQ    X7, X8
-	PADDQ      X7, X5
-	PADDQ      X8, X5
-	PADDQ      X8, X5
-	PXOR       X5, X3
-	MOVO       X3, X8
-	PADDQ      X3, X8
-	PSRLQ      $0x3f, X3
-	PXOR       X8, X3
-	MOVO       X4, X8
-	MOVO       X5, X4
-	MOVO       X8, X5
-	MOVO       X2, X8
-	PUNPCKLQDQ X2, X9
-	PUNPCKHQDQ X3, X2
-	PUNPCKHQDQ X9, X2
-	PUNPCKLQDQ X3, X9
-	MOVO       X8, X3
-	MOVO       X6, X8
-	PUNPCKHQDQ X9, X3
-	PUNPCKLQDQ X7, X9
-	PUNPCKHQDQ X9, X6
-	PUNPCKLQDQ X8, X9
-	PUNPCKHQDQ X9, X7
-	MOVOU      X0, 112(AX)
-	MOVOU      X1, 240(AX)
-	MOVOU      X2, 368(AX)
-	MOVOU      X3, 496(AX)
-	MOVOU      X4, 624(AX)
-	MOVOU      X5, 752(AX)
-	MOVOU      X6, 880(AX)
-	MOVOU      X7, 1008(AX)
-	RET
-
-DATA ·c40<>+0(SB)/8, $0x0201000706050403
-DATA ·c40<>+8(SB)/8, $0x0a09080f0e0d0c0b
-GLOBL ·c40<>(SB), RODATA|NOPTR, $16
-
-DATA ·c48<>+0(SB)/8, $0x0100070605040302
-DATA ·c48<>+8(SB)/8, $0x09080f0e0d0c0b0a
-GLOBL ·c48<>(SB), RODATA|NOPTR, $16
-
-// func mixBlocksSSE2(out *block, a *block, b *block, c *block)
-// Requires: SSE2
-TEXT ·mixBlocksSSE2(SB), NOSPLIT, $0-32
-	MOVQ out+0(FP), DX
-	MOVQ a+8(FP), AX
-	MOVQ b+16(FP), BX
-	MOVQ c+24(FP), CX
-	MOVQ $0x00000080, DI
-
-loop:
-	MOVOU (AX), X0
-	MOVOU (BX), X1
-	MOVOU (CX), X2
-	PXOR  X1, X0
-	PXOR  X2, X0
-	MOVOU X0, (DX)
-	ADDQ  $0x10, AX
-	ADDQ  $0x10, BX
-	ADDQ  $0x10, CX
-	ADDQ  $0x10, DX
-	SUBQ  $0x02, DI
-	JA    loop
-	RET
-
-// func xorBlocksSSE2(out *block, a *block, b *block, c *block)
-// Requires: SSE2
-TEXT ·xorBlocksSSE2(SB), NOSPLIT, $0-32
-	MOVQ out+0(FP), DX
-	MOVQ a+8(FP), AX
-	MOVQ b+16(FP), BX
-	MOVQ c+24(FP), CX
-	MOVQ $0x00000080, DI
-
-loop:
-	MOVOU (AX), X0
-	MOVOU (BX), X1
-	MOVOU (CX), X2
-	MOVOU (DX), X3
-	PXOR  X1, X0
-	PXOR  X2, X0
-	PXOR  X3, X0
-	MOVOU X0, (DX)
-	ADDQ  $0x10, AX
-	ADDQ  $0x10, BX
-	ADDQ  $0x10, CX
-	ADDQ  $0x10, DX
-	SUBQ  $0x02, DI
-	JA    loop
-	RET
diff --git a/vendor/golang.org/x/crypto/argon2/blamka_generic.go b/vendor/golang.org/x/crypto/argon2/blamka_generic.go
deleted file mode 100644
index a481b2243f..0000000000
--- a/vendor/golang.org/x/crypto/argon2/blamka_generic.go
+++ /dev/null
@@ -1,163 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package argon2
-
-var useSSE4 bool
-
-func processBlockGeneric(out, in1, in2 *block, xor bool) {
-	var t block
-	for i := range t {
-		t[i] = in1[i] ^ in2[i]
-	}
-	for i := 0; i < blockLength; i += 16 {
-		blamkaGeneric(
-			&t[i+0], &t[i+1], &t[i+2], &t[i+3],
-			&t[i+4], &t[i+5], &t[i+6], &t[i+7],
-			&t[i+8], &t[i+9], &t[i+10], &t[i+11],
-			&t[i+12], &t[i+13], &t[i+14], &t[i+15],
-		)
-	}
-	for i := 0; i < blockLength/8; i += 2 {
-		blamkaGeneric(
-			&t[i], &t[i+1], &t[16+i], &t[16+i+1],
-			&t[32+i], &t[32+i+1], &t[48+i], &t[48+i+1],
-			&t[64+i], &t[64+i+1], &t[80+i], &t[80+i+1],
-			&t[96+i], &t[96+i+1], &t[112+i], &t[112+i+1],
-		)
-	}
-	if xor {
-		for i := range t {
-			out[i] ^= in1[i] ^ in2[i] ^ t[i]
-		}
-	} else {
-		for i := range t {
-			out[i] = in1[i] ^ in2[i] ^ t[i]
-		}
-	}
-}
-
-func blamkaGeneric(t00, t01, t02, t03, t04, t05, t06, t07, t08, t09, t10, t11, t12, t13, t14, t15 *uint64) {
-	v00, v01, v02, v03 := *t00, *t01, *t02, *t03
-	v04, v05, v06, v07 := *t04, *t05, *t06, *t07
-	v08, v09, v10, v11 := *t08, *t09, *t10, *t11
-	v12, v13, v14, v15 := *t12, *t13, *t14, *t15
-
-	v00 += v04 + 2*uint64(uint32(v00))*uint64(uint32(v04))
-	v12 ^= v00
-	v12 = v12>>32 | v12<<32
-	v08 += v12 + 2*uint64(uint32(v08))*uint64(uint32(v12))
-	v04 ^= v08
-	v04 = v04>>24 | v04<<40
-
-	v00 += v04 + 2*uint64(uint32(v00))*uint64(uint32(v04))
-	v12 ^= v00
-	v12 = v12>>16 | v12<<48
-	v08 += v12 + 2*uint64(uint32(v08))*uint64(uint32(v12))
-	v04 ^= v08
-	v04 = v04>>63 | v04<<1
-
-	v01 += v05 + 2*uint64(uint32(v01))*uint64(uint32(v05))
-	v13 ^= v01
-	v13 = v13>>32 | v13<<32
-	v09 += v13 + 2*uint64(uint32(v09))*uint64(uint32(v13))
-	v05 ^= v09
-	v05 = v05>>24 | v05<<40
-
-	v01 += v05 + 2*uint64(uint32(v01))*uint64(uint32(v05))
-	v13 ^= v01
-	v13 = v13>>16 | v13<<48
-	v09 += v13 + 2*uint64(uint32(v09))*uint64(uint32(v13))
-	v05 ^= v09
-	v05 = v05>>63 | v05<<1
-
-	v02 += v06 + 2*uint64(uint32(v02))*uint64(uint32(v06))
-	v14 ^= v02
-	v14 = v14>>32 | v14<<32
-	v10 += v14 + 2*uint64(uint32(v10))*uint64(uint32(v14))
-	v06 ^= v10
-	v06 = v06>>24 | v06<<40
-
-	v02 += v06 + 2*uint64(uint32(v02))*uint64(uint32(v06))
-	v14 ^= v02
-	v14 = v14>>16 | v14<<48
-	v10 += v14 + 2*uint64(uint32(v10))*uint64(uint32(v14))
-	v06 ^= v10
-	v06 = v06>>63 | v06<<1
-
-	v03 += v07 + 2*uint64(uint32(v03))*uint64(uint32(v07))
-	v15 ^= v03
-	v15 = v15>>32 | v15<<32
-	v11 += v15 + 2*uint64(uint32(v11))*uint64(uint32(v15))
-	v07 ^= v11
-	v07 = v07>>24 | v07<<40
-
-	v03 += v07 + 2*uint64(uint32(v03))*uint64(uint32(v07))
-	v15 ^= v03
-	v15 = v15>>16 | v15<<48
-	v11 += v15 + 2*uint64(uint32(v11))*uint64(uint32(v15))
-	v07 ^= v11
-	v07 = v07>>63 | v07<<1
-
-	v00 += v05 + 2*uint64(uint32(v00))*uint64(uint32(v05))
-	v15 ^= v00
-	v15 = v15>>32 | v15<<32
-	v10 += v15 + 2*uint64(uint32(v10))*uint64(uint32(v15))
-	v05 ^= v10
-	v05 = v05>>24 | v05<<40
-
-	v00 += v05 + 2*uint64(uint32(v00))*uint64(uint32(v05))
-	v15 ^= v00
-	v15 = v15>>16 | v15<<48
-	v10 += v15 + 2*uint64(uint32(v10))*uint64(uint32(v15))
-	v05 ^= v10
-	v05 = v05>>63 | v05<<1
-
-	v01 += v06 + 2*uint64(uint32(v01))*uint64(uint32(v06))
-	v12 ^= v01
-	v12 = v12>>32 | v12<<32
-	v11 += v12 + 2*uint64(uint32(v11))*uint64(uint32(v12))
-	v06 ^= v11
-	v06 = v06>>24 | v06<<40
-
-	v01 += v06 + 2*uint64(uint32(v01))*uint64(uint32(v06))
-	v12 ^= v01
-	v12 = v12>>16 | v12<<48
-	v11 += v12 + 2*uint64(uint32(v11))*uint64(uint32(v12))
-	v06 ^= v11
-	v06 = v06>>63 | v06<<1
-
-	v02 += v07 + 2*uint64(uint32(v02))*uint64(uint32(v07))
-	v13 ^= v02
-	v13 = v13>>32 | v13<<32
-	v08 += v13 + 2*uint64(uint32(v08))*uint64(uint32(v13))
-	v07 ^= v08
-	v07 = v07>>24 | v07<<40
-
-	v02 += v07 + 2*uint64(uint32(v02))*uint64(uint32(v07))
-	v13 ^= v02
-	v13 = v13>>16 | v13<<48
-	v08 += v13 + 2*uint64(uint32(v08))*uint64(uint32(v13))
-	v07 ^= v08
-	v07 = v07>>63 | v07<<1
-
-	v03 += v04 + 2*uint64(uint32(v03))*uint64(uint32(v04))
-	v14 ^= v03
-	v14 = v14>>32 | v14<<32
-	v09 += v14 + 2*uint64(uint32(v09))*uint64(uint32(v14))
-	v04 ^= v09
-	v04 = v04>>24 | v04<<40
-
-	v03 += v04 + 2*uint64(uint32(v03))*uint64(uint32(v04))
-	v14 ^= v03
-	v14 = v14>>16 | v14<<48
-	v09 += v14 + 2*uint64(uint32(v09))*uint64(uint32(v14))
-	v04 ^= v09
-	v04 = v04>>63 | v04<<1
-
-	*t00, *t01, *t02, *t03 = v00, v01, v02, v03
-	*t04, *t05, *t06, *t07 = v04, v05, v06, v07
-	*t08, *t09, *t10, *t11 = v08, v09, v10, v11
-	*t12, *t13, *t14, *t15 = v12, v13, v14, v15
-}
diff --git a/vendor/golang.org/x/crypto/argon2/blamka_ref.go b/vendor/golang.org/x/crypto/argon2/blamka_ref.go
deleted file mode 100644
index 16d58c650e..0000000000
--- a/vendor/golang.org/x/crypto/argon2/blamka_ref.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !amd64 || purego || !gc
-
-package argon2
-
-func processBlock(out, in1, in2 *block) {
-	processBlockGeneric(out, in1, in2, false)
-}
-
-func processBlockXOR(out, in1, in2 *block) {
-	processBlockGeneric(out, in1, in2, true)
-}
diff --git a/vendor/golang.org/x/crypto/ssh/certs.go b/vendor/golang.org/x/crypto/ssh/certs.go
index 27d0e14aa9..a3dc629c62 100644
--- a/vendor/golang.org/x/crypto/ssh/certs.go
+++ b/vendor/golang.org/x/crypto/ssh/certs.go
@@ -20,14 +20,19 @@ import (
 // returned by MultiAlgorithmSigner and don't appear in the Signature.Format
 // field.
 const (
-	CertAlgoRSAv01        = "ssh-rsa-cert-v01@openssh.com"
-	CertAlgoDSAv01        = "ssh-dss-cert-v01@openssh.com"
-	CertAlgoECDSA256v01   = "ecdsa-sha2-nistp256-cert-v01@openssh.com"
-	CertAlgoECDSA384v01   = "ecdsa-sha2-nistp384-cert-v01@openssh.com"
-	CertAlgoECDSA521v01   = "ecdsa-sha2-nistp521-cert-v01@openssh.com"
-	CertAlgoSKECDSA256v01 = "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com"
-	CertAlgoED25519v01    = "ssh-ed25519-cert-v01@openssh.com"
-	CertAlgoSKED25519v01  = "sk-ssh-ed25519-cert-v01@openssh.com"
+	CertAlgoRSAv01 = "ssh-rsa-cert-v01@openssh.com"
+	// Deprecated: DSA is only supported at insecure key sizes, and was removed
+	// from major implementations.
+	CertAlgoDSAv01 = InsecureCertAlgoDSAv01
+	// Deprecated: DSA is only supported at insecure key sizes, and was removed
+	// from major implementations.
+	InsecureCertAlgoDSAv01 = "ssh-dss-cert-v01@openssh.com"
+	CertAlgoECDSA256v01    = "ecdsa-sha2-nistp256-cert-v01@openssh.com"
+	CertAlgoECDSA384v01    = "ecdsa-sha2-nistp384-cert-v01@openssh.com"
+	CertAlgoECDSA521v01    = "ecdsa-sha2-nistp521-cert-v01@openssh.com"
+	CertAlgoSKECDSA256v01  = "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com"
+	CertAlgoED25519v01     = "ssh-ed25519-cert-v01@openssh.com"
+	CertAlgoSKED25519v01   = "sk-ssh-ed25519-cert-v01@openssh.com"
 
 	// CertAlgoRSASHA256v01 and CertAlgoRSASHA512v01 can't appear as a
 	// Certificate.Type (or PublicKey.Type), but only in
@@ -485,16 +490,16 @@ func (c *Certificate) SignCert(rand io.Reader, authority Signer) error {
 //
 // This map must be kept in sync with the one in agent/client.go.
 var certKeyAlgoNames = map[string]string{
-	CertAlgoRSAv01:        KeyAlgoRSA,
-	CertAlgoRSASHA256v01:  KeyAlgoRSASHA256,
-	CertAlgoRSASHA512v01:  KeyAlgoRSASHA512,
-	CertAlgoDSAv01:        KeyAlgoDSA,
-	CertAlgoECDSA256v01:   KeyAlgoECDSA256,
-	CertAlgoECDSA384v01:   KeyAlgoECDSA384,
-	CertAlgoECDSA521v01:   KeyAlgoECDSA521,
-	CertAlgoSKECDSA256v01: KeyAlgoSKECDSA256,
-	CertAlgoED25519v01:    KeyAlgoED25519,
-	CertAlgoSKED25519v01:  KeyAlgoSKED25519,
+	CertAlgoRSAv01:         KeyAlgoRSA,
+	CertAlgoRSASHA256v01:   KeyAlgoRSASHA256,
+	CertAlgoRSASHA512v01:   KeyAlgoRSASHA512,
+	InsecureCertAlgoDSAv01: InsecureKeyAlgoDSA,
+	CertAlgoECDSA256v01:    KeyAlgoECDSA256,
+	CertAlgoECDSA384v01:    KeyAlgoECDSA384,
+	CertAlgoECDSA521v01:    KeyAlgoECDSA521,
+	CertAlgoSKECDSA256v01:  KeyAlgoSKECDSA256,
+	CertAlgoED25519v01:     KeyAlgoED25519,
+	CertAlgoSKED25519v01:   KeyAlgoSKED25519,
 }
 
 // underlyingAlgo returns the signature algorithm associated with algo (which is
diff --git a/vendor/golang.org/x/crypto/ssh/cipher.go b/vendor/golang.org/x/crypto/ssh/cipher.go
index 741e984f33..6a5b582aa9 100644
--- a/vendor/golang.org/x/crypto/ssh/cipher.go
+++ b/vendor/golang.org/x/crypto/ssh/cipher.go
@@ -58,11 +58,11 @@ func newRC4(key, iv []byte) (cipher.Stream, error) {
 type cipherMode struct {
 	keySize int
 	ivSize  int
-	create  func(key, iv []byte, macKey []byte, algs directionAlgorithms) (packetCipher, error)
+	create  func(key, iv []byte, macKey []byte, algs DirectionAlgorithms) (packetCipher, error)
 }
 
-func streamCipherMode(skip int, createFunc func(key, iv []byte) (cipher.Stream, error)) func(key, iv []byte, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
-	return func(key, iv, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
+func streamCipherMode(skip int, createFunc func(key, iv []byte) (cipher.Stream, error)) func(key, iv []byte, macKey []byte, algs DirectionAlgorithms) (packetCipher, error) {
+	return func(key, iv, macKey []byte, algs DirectionAlgorithms) (packetCipher, error) {
 		stream, err := createFunc(key, iv)
 		if err != nil {
 			return nil, err
@@ -98,36 +98,36 @@ func streamCipherMode(skip int, createFunc func(key, iv []byte) (cipher.Stream,
 var cipherModes = map[string]*cipherMode{
 	// Ciphers from RFC 4344, which introduced many CTR-based ciphers. Algorithms
 	// are defined in the order specified in the RFC.
-	"aes128-ctr": {16, aes.BlockSize, streamCipherMode(0, newAESCTR)},
-	"aes192-ctr": {24, aes.BlockSize, streamCipherMode(0, newAESCTR)},
-	"aes256-ctr": {32, aes.BlockSize, streamCipherMode(0, newAESCTR)},
+	CipherAES128CTR: {16, aes.BlockSize, streamCipherMode(0, newAESCTR)},
+	CipherAES192CTR: {24, aes.BlockSize, streamCipherMode(0, newAESCTR)},
+	CipherAES256CTR: {32, aes.BlockSize, streamCipherMode(0, newAESCTR)},
 
 	// Ciphers from RFC 4345, which introduces security-improved arcfour ciphers.
 	// They are defined in the order specified in the RFC.
-	"arcfour128": {16, 0, streamCipherMode(1536, newRC4)},
-	"arcfour256": {32, 0, streamCipherMode(1536, newRC4)},
+	InsecureCipherRC4128: {16, 0, streamCipherMode(1536, newRC4)},
+	InsecureCipherRC4256: {32, 0, streamCipherMode(1536, newRC4)},
 
 	// Cipher defined in RFC 4253, which describes SSH Transport Layer Protocol.
 	// Note that this cipher is not safe, as stated in RFC 4253: "Arcfour (and
 	// RC4) has problems with weak keys, and should be used with caution."
 	// RFC 4345 introduces improved versions of Arcfour.
-	"arcfour": {16, 0, streamCipherMode(0, newRC4)},
+	InsecureCipherRC4: {16, 0, streamCipherMode(0, newRC4)},
 
 	// AEAD ciphers
-	gcm128CipherID:     {16, 12, newGCMCipher},
-	gcm256CipherID:     {32, 12, newGCMCipher},
-	chacha20Poly1305ID: {64, 0, newChaCha20Cipher},
+	CipherAES128GCM:        {16, 12, newGCMCipher},
+	CipherAES256GCM:        {32, 12, newGCMCipher},
+	CipherChaCha20Poly1305: {64, 0, newChaCha20Cipher},
 
 	// CBC mode is insecure and so is not included in the default config.
 	// (See https://www.ieee-security.org/TC/SP2013/papers/4977a526.pdf). If absolutely
 	// needed, it's possible to specify a custom Config to enable it.
 	// You should expect that an active attacker can recover plaintext if
 	// you do.
-	aes128cbcID: {16, aes.BlockSize, newAESCBCCipher},
+	InsecureCipherAES128CBC: {16, aes.BlockSize, newAESCBCCipher},
 
 	// 3des-cbc is insecure and is not included in the default
 	// config.
-	tripledescbcID: {24, des.BlockSize, newTripleDESCBCCipher},
+	InsecureCipherTripleDESCBC: {24, des.BlockSize, newTripleDESCBCCipher},
 }
 
 // prefixLen is the length of the packet prefix that contains the packet length
@@ -307,7 +307,7 @@ type gcmCipher struct {
 	buf    []byte
 }
 
-func newGCMCipher(key, iv, unusedMacKey []byte, unusedAlgs directionAlgorithms) (packetCipher, error) {
+func newGCMCipher(key, iv, unusedMacKey []byte, unusedAlgs DirectionAlgorithms) (packetCipher, error) {
 	c, err := aes.NewCipher(key)
 	if err != nil {
 		return nil, err
@@ -429,7 +429,7 @@ type cbcCipher struct {
 	oracleCamouflage uint32
 }
 
-func newCBCCipher(c cipher.Block, key, iv, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
+func newCBCCipher(c cipher.Block, key, iv, macKey []byte, algs DirectionAlgorithms) (packetCipher, error) {
 	cbc := &cbcCipher{
 		mac:        macModes[algs.MAC].new(macKey),
 		decrypter:  cipher.NewCBCDecrypter(c, iv),
@@ -443,7 +443,7 @@ func newCBCCipher(c cipher.Block, key, iv, macKey []byte, algs directionAlgorith
 	return cbc, nil
 }
 
-func newAESCBCCipher(key, iv, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
+func newAESCBCCipher(key, iv, macKey []byte, algs DirectionAlgorithms) (packetCipher, error) {
 	c, err := aes.NewCipher(key)
 	if err != nil {
 		return nil, err
@@ -457,7 +457,7 @@ func newAESCBCCipher(key, iv, macKey []byte, algs directionAlgorithms) (packetCi
 	return cbc, nil
 }
 
-func newTripleDESCBCCipher(key, iv, macKey []byte, algs directionAlgorithms) (packetCipher, error) {
+func newTripleDESCBCCipher(key, iv, macKey []byte, algs DirectionAlgorithms) (packetCipher, error) {
 	c, err := des.NewTripleDESCipher(key)
 	if err != nil {
 		return nil, err
@@ -635,8 +635,6 @@ func (c *cbcCipher) writeCipherPacket(seqNum uint32, w io.Writer, rand io.Reader
 	return nil
 }
 
-const chacha20Poly1305ID = "chacha20-poly1305@openssh.com"
-
 // chacha20Poly1305Cipher implements the chacha20-poly1305@openssh.com
 // AEAD, which is described here:
 //
@@ -650,7 +648,7 @@ type chacha20Poly1305Cipher struct {
 	buf        []byte
 }
 
-func newChaCha20Cipher(key, unusedIV, unusedMACKey []byte, unusedAlgs directionAlgorithms) (packetCipher, error) {
+func newChaCha20Cipher(key, unusedIV, unusedMACKey []byte, unusedAlgs DirectionAlgorithms) (packetCipher, error) {
 	if len(key) != 64 {
 		panic(len(key))
 	}
diff --git a/vendor/golang.org/x/crypto/ssh/client.go b/vendor/golang.org/x/crypto/ssh/client.go
index fd8c49749e..33079789bc 100644
--- a/vendor/golang.org/x/crypto/ssh/client.go
+++ b/vendor/golang.org/x/crypto/ssh/client.go
@@ -110,6 +110,7 @@ func (c *connection) clientHandshake(dialAddress string, config *ClientConfig) e
 	}
 
 	c.sessionID = c.transport.getSessionID()
+	c.algorithms = c.transport.getAlgorithms()
 	return c.clientAuthenticate(config)
 }
 
diff --git a/vendor/golang.org/x/crypto/ssh/common.go b/vendor/golang.org/x/crypto/ssh/common.go
index 7e9c2cbc64..0415d33968 100644
--- a/vendor/golang.org/x/crypto/ssh/common.go
+++ b/vendor/golang.org/x/crypto/ssh/common.go
@@ -10,6 +10,7 @@ import (
 	"fmt"
 	"io"
 	"math"
+	"slices"
 	"sync"
 
 	_ "crypto/sha1"
@@ -24,69 +25,258 @@ const (
 	serviceSSH      = "ssh-connection"
 )
 
-// supportedCiphers lists ciphers we support but might not recommend.
-var supportedCiphers = []string{
-	"aes128-ctr", "aes192-ctr", "aes256-ctr",
-	"aes128-gcm@openssh.com", gcm256CipherID,
-	chacha20Poly1305ID,
-	"arcfour256", "arcfour128", "arcfour",
-	aes128cbcID,
-	tripledescbcID,
-}
-
-// preferredCiphers specifies the default preference for ciphers.
-var preferredCiphers = []string{
-	"aes128-gcm@openssh.com", gcm256CipherID,
-	chacha20Poly1305ID,
-	"aes128-ctr", "aes192-ctr", "aes256-ctr",
-}
-
-// supportedKexAlgos specifies the supported key-exchange algorithms in
-// preference order.
-var supportedKexAlgos = []string{
-	kexAlgoCurve25519SHA256, kexAlgoCurve25519SHA256LibSSH,
-	// P384 and P521 are not constant-time yet, but since we don't
-	// reuse ephemeral keys, using them for ECDH should be OK.
-	kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
-	kexAlgoDH14SHA256, kexAlgoDH16SHA512, kexAlgoDH14SHA1,
-	kexAlgoDH1SHA1,
-}
+// The ciphers currently or previously implemented by this library, to use in
+// [Config.Ciphers]. For a list, see the [Algorithms.Ciphers] returned by
+// [SupportedAlgorithms] or [InsecureAlgorithms].
+const (
+	CipherAES128GCM            = "aes128-gcm@openssh.com"
+	CipherAES256GCM            = "aes256-gcm@openssh.com"
+	CipherChaCha20Poly1305     = "chacha20-poly1305@openssh.com"
+	CipherAES128CTR            = "aes128-ctr"
+	CipherAES192CTR            = "aes192-ctr"
+	CipherAES256CTR            = "aes256-ctr"
+	InsecureCipherAES128CBC    = "aes128-cbc"
+	InsecureCipherTripleDESCBC = "3des-cbc"
+	InsecureCipherRC4          = "arcfour"
+	InsecureCipherRC4128       = "arcfour128"
+	InsecureCipherRC4256       = "arcfour256"
+)
 
-// serverForbiddenKexAlgos contains key exchange algorithms, that are forbidden
-// for the server half.
-var serverForbiddenKexAlgos = map[string]struct{}{
-	kexAlgoDHGEXSHA1:   {}, // server half implementation is only minimal to satisfy the automated tests
-	kexAlgoDHGEXSHA256: {}, // server half implementation is only minimal to satisfy the automated tests
-}
+// The key exchanges currently or previously implemented by this library, to use
+// in [Config.KeyExchanges]. For a list, see the
+// [Algorithms.KeyExchanges] returned by [SupportedAlgorithms] or
+// [InsecureAlgorithms].
+const (
+	InsecureKeyExchangeDH1SHA1   = "diffie-hellman-group1-sha1"
+	InsecureKeyExchangeDH14SHA1  = "diffie-hellman-group14-sha1"
+	KeyExchangeDH14SHA256        = "diffie-hellman-group14-sha256"
+	KeyExchangeDH16SHA512        = "diffie-hellman-group16-sha512"
+	KeyExchangeECDHP256          = "ecdh-sha2-nistp256"
+	KeyExchangeECDHP384          = "ecdh-sha2-nistp384"
+	KeyExchangeECDHP521          = "ecdh-sha2-nistp521"
+	KeyExchangeCurve25519        = "curve25519-sha256"
+	InsecureKeyExchangeDHGEXSHA1 = "diffie-hellman-group-exchange-sha1"
+	KeyExchangeDHGEXSHA256       = "diffie-hellman-group-exchange-sha256"
+	// KeyExchangeMLKEM768X25519 is supported from Go 1.24.
+	KeyExchangeMLKEM768X25519 = "mlkem768x25519-sha256"
+
+	// An alias for KeyExchangeCurve25519SHA256. This kex ID will be added if
+	// KeyExchangeCurve25519SHA256 is requested for backward compatibility with
+	// OpenSSH versions up to 7.2.
+	keyExchangeCurve25519LibSSH = "curve25519-sha256@libssh.org"
+)
 
-// preferredKexAlgos specifies the default preference for key-exchange
-// algorithms in preference order. The diffie-hellman-group16-sha512 algorithm
-// is disabled by default because it is a bit slower than the others.
-var preferredKexAlgos = []string{
-	kexAlgoCurve25519SHA256, kexAlgoCurve25519SHA256LibSSH,
-	kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
-	kexAlgoDH14SHA256, kexAlgoDH14SHA1,
-}
+// The message authentication code (MAC) currently or previously implemented by
+// this library, to use in [Config.MACs]. For a list, see the
+// [Algorithms.MACs] returned by [SupportedAlgorithms] or
+// [InsecureAlgorithms].
+const (
+	HMACSHA256ETM      = "hmac-sha2-256-etm@openssh.com"
+	HMACSHA512ETM      = "hmac-sha2-512-etm@openssh.com"
+	HMACSHA256         = "hmac-sha2-256"
+	HMACSHA512         = "hmac-sha2-512"
+	HMACSHA1           = "hmac-sha1"
+	InsecureHMACSHA196 = "hmac-sha1-96"
+)
 
-// supportedHostKeyAlgos specifies the supported host-key algorithms (i.e. methods
-// of authenticating servers) in preference order.
-var supportedHostKeyAlgos = []string{
-	CertAlgoRSASHA256v01, CertAlgoRSASHA512v01,
-	CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01,
-	CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01,
+var (
+	// supportedKexAlgos specifies key-exchange algorithms implemented by this
+	// package in preference order, excluding those with security issues.
+	supportedKexAlgos = []string{
+		KeyExchangeCurve25519,
+		KeyExchangeECDHP256,
+		KeyExchangeECDHP384,
+		KeyExchangeECDHP521,
+		KeyExchangeDH14SHA256,
+		KeyExchangeDH16SHA512,
+		KeyExchangeDHGEXSHA256,
+	}
+	// defaultKexAlgos specifies the default preference for key-exchange
+	// algorithms in preference order.
+	defaultKexAlgos = []string{
+		KeyExchangeCurve25519,
+		KeyExchangeECDHP256,
+		KeyExchangeECDHP384,
+		KeyExchangeECDHP521,
+		KeyExchangeDH14SHA256,
+		InsecureKeyExchangeDH14SHA1,
+	}
+	// insecureKexAlgos specifies key-exchange algorithms implemented by this
+	// package and which have security issues.
+	insecureKexAlgos = []string{
+		InsecureKeyExchangeDH14SHA1,
+		InsecureKeyExchangeDH1SHA1,
+		InsecureKeyExchangeDHGEXSHA1,
+	}
+	// supportedCiphers specifies cipher algorithms implemented by this package
+	// in preference order, excluding those with security issues.
+	supportedCiphers = []string{
+		CipherAES128GCM,
+		CipherAES256GCM,
+		CipherChaCha20Poly1305,
+		CipherAES128CTR,
+		CipherAES192CTR,
+		CipherAES256CTR,
+	}
+	// defaultCiphers specifies the default preference for ciphers algorithms
+	// in preference order.
+	defaultCiphers = supportedCiphers
+	// insecureCiphers specifies cipher algorithms implemented by this
+	// package and which have security issues.
+	insecureCiphers = []string{
+		InsecureCipherAES128CBC,
+		InsecureCipherTripleDESCBC,
+		InsecureCipherRC4256,
+		InsecureCipherRC4128,
+		InsecureCipherRC4,
+	}
+	// supportedMACs specifies MAC algorithms implemented by this package in
+	// preference order, excluding those with security issues.
+	supportedMACs = []string{
+		HMACSHA256ETM,
+		HMACSHA512ETM,
+		HMACSHA256,
+		HMACSHA512,
+		HMACSHA1,
+	}
+	// defaultMACs specifies the default preference for MAC algorithms in
+	// preference order.
+	defaultMACs = []string{
+		HMACSHA256ETM,
+		HMACSHA512ETM,
+		HMACSHA256,
+		HMACSHA512,
+		HMACSHA1,
+		InsecureHMACSHA196,
+	}
+	// insecureMACs specifies MAC algorithms implemented by this
+	// package and which have security issues.
+	insecureMACs = []string{
+		InsecureHMACSHA196,
+	}
+	// supportedHostKeyAlgos specifies the supported host-key algorithms (i.e.
+	// methods of authenticating servers) implemented by this package in
+	// preference order, excluding those with security issues.
+	supportedHostKeyAlgos = []string{
+		CertAlgoRSASHA256v01,
+		CertAlgoRSASHA512v01,
+		CertAlgoECDSA256v01,
+		CertAlgoECDSA384v01,
+		CertAlgoECDSA521v01,
+		CertAlgoED25519v01,
+		KeyAlgoRSASHA256,
+		KeyAlgoRSASHA512,
+		KeyAlgoECDSA256,
+		KeyAlgoECDSA384,
+		KeyAlgoECDSA521,
+		KeyAlgoED25519,
+	}
+	// defaultHostKeyAlgos specifies the default preference for host-key
+	// algorithms in preference order.
+	defaultHostKeyAlgos = []string{
+		CertAlgoRSASHA256v01,
+		CertAlgoRSASHA512v01,
+		CertAlgoRSAv01,
+		InsecureCertAlgoDSAv01,
+		CertAlgoECDSA256v01,
+		CertAlgoECDSA384v01,
+		CertAlgoECDSA521v01,
+		CertAlgoED25519v01,
+		KeyAlgoECDSA256,
+		KeyAlgoECDSA384,
+		KeyAlgoECDSA521,
+		KeyAlgoRSASHA256,
+		KeyAlgoRSASHA512,
+		KeyAlgoRSA,
+		InsecureKeyAlgoDSA,
+		KeyAlgoED25519,
+	}
+	// insecureHostKeyAlgos specifies host-key algorithms implemented by this
+	// package and which have security issues.
+	insecureHostKeyAlgos = []string{
+		KeyAlgoRSA,
+		InsecureKeyAlgoDSA,
+		CertAlgoRSAv01,
+		InsecureCertAlgoDSAv01,
+	}
+	// supportedPubKeyAuthAlgos specifies the supported client public key
+	// authentication algorithms. Note that this doesn't include certificate
+	// types since those use the underlying algorithm. Order is irrelevant.
+	supportedPubKeyAuthAlgos = []string{
+		KeyAlgoED25519,
+		KeyAlgoSKED25519,
+		KeyAlgoSKECDSA256,
+		KeyAlgoECDSA256,
+		KeyAlgoECDSA384,
+		KeyAlgoECDSA521,
+		KeyAlgoRSASHA256,
+		KeyAlgoRSASHA512,
+	}
 
-	KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521,
-	KeyAlgoRSASHA256, KeyAlgoRSASHA512,
-	KeyAlgoRSA, KeyAlgoDSA,
+	// defaultPubKeyAuthAlgos specifies the preferred client public key
+	// authentication algorithms. This list is sent to the client if it supports
+	// the server-sig-algs extension. Order is irrelevant.
+	defaultPubKeyAuthAlgos = []string{
+		KeyAlgoED25519,
+		KeyAlgoSKED25519,
+		KeyAlgoSKECDSA256,
+		KeyAlgoECDSA256,
+		KeyAlgoECDSA384,
+		KeyAlgoECDSA521,
+		KeyAlgoRSASHA256,
+		KeyAlgoRSASHA512,
+		KeyAlgoRSA,
+		InsecureKeyAlgoDSA,
+	}
+	// insecurePubKeyAuthAlgos specifies client public key authentication
+	// algorithms implemented by this package and which have security issues.
+	insecurePubKeyAuthAlgos = []string{
+		KeyAlgoRSA,
+		InsecureKeyAlgoDSA,
+	}
+)
 
-	KeyAlgoED25519,
+// NegotiatedAlgorithms defines algorithms negotiated between client and server.
+type NegotiatedAlgorithms struct {
+	KeyExchange string
+	HostKey     string
+	Read        DirectionAlgorithms
+	Write       DirectionAlgorithms
+}
+
+// Algorithms defines a set of algorithms that can be configured in the client
+// or server config for negotiation during a handshake.
+type Algorithms struct {
+	KeyExchanges   []string
+	Ciphers        []string
+	MACs           []string
+	HostKeys       []string
+	PublicKeyAuths []string
+}
+
+// SupportedAlgorithms returns algorithms currently implemented by this package,
+// excluding those with security issues, which are returned by
+// InsecureAlgorithms. The algorithms listed here are in preference order.
+func SupportedAlgorithms() Algorithms {
+	return Algorithms{
+		Ciphers:        slices.Clone(supportedCiphers),
+		MACs:           slices.Clone(supportedMACs),
+		KeyExchanges:   slices.Clone(supportedKexAlgos),
+		HostKeys:       slices.Clone(supportedHostKeyAlgos),
+		PublicKeyAuths: slices.Clone(supportedPubKeyAuthAlgos),
+	}
 }
 
-// supportedMACs specifies a default set of MAC algorithms in preference order.
-// This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
-// because they have reached the end of their useful life.
-var supportedMACs = []string{
-	"hmac-sha2-256-etm@openssh.com", "hmac-sha2-512-etm@openssh.com", "hmac-sha2-256", "hmac-sha2-512", "hmac-sha1", "hmac-sha1-96",
+// InsecureAlgorithms returns algorithms currently implemented by this package
+// and which have security issues.
+func InsecureAlgorithms() Algorithms {
+	return Algorithms{
+		KeyExchanges:   slices.Clone(insecureKexAlgos),
+		Ciphers:        slices.Clone(insecureCiphers),
+		MACs:           slices.Clone(insecureMACs),
+		HostKeys:       slices.Clone(insecureHostKeyAlgos),
+		PublicKeyAuths: slices.Clone(insecurePubKeyAuthAlgos),
+	}
 }
 
 var supportedCompressions = []string{compressionNone}
@@ -94,13 +284,13 @@ var supportedCompressions = []string{compressionNone}
 // hashFuncs keeps the mapping of supported signature algorithms to their
 // respective hashes needed for signing and verification.
 var hashFuncs = map[string]crypto.Hash{
-	KeyAlgoRSA:       crypto.SHA1,
-	KeyAlgoRSASHA256: crypto.SHA256,
-	KeyAlgoRSASHA512: crypto.SHA512,
-	KeyAlgoDSA:       crypto.SHA1,
-	KeyAlgoECDSA256:  crypto.SHA256,
-	KeyAlgoECDSA384:  crypto.SHA384,
-	KeyAlgoECDSA521:  crypto.SHA512,
+	KeyAlgoRSA:         crypto.SHA1,
+	KeyAlgoRSASHA256:   crypto.SHA256,
+	KeyAlgoRSASHA512:   crypto.SHA512,
+	InsecureKeyAlgoDSA: crypto.SHA1,
+	KeyAlgoECDSA256:    crypto.SHA256,
+	KeyAlgoECDSA384:    crypto.SHA384,
+	KeyAlgoECDSA521:    crypto.SHA512,
 	// KeyAlgoED25519 doesn't pre-hash.
 	KeyAlgoSKECDSA256: crypto.SHA256,
 	KeyAlgoSKED25519:  crypto.SHA256,
@@ -135,18 +325,6 @@ func isRSACert(algo string) bool {
 	return isRSA(algo)
 }
 
-// supportedPubKeyAuthAlgos specifies the supported client public key
-// authentication algorithms. Note that this doesn't include certificate types
-// since those use the underlying algorithm. This list is sent to the client if
-// it supports the server-sig-algs extension. Order is irrelevant.
-var supportedPubKeyAuthAlgos = []string{
-	KeyAlgoED25519,
-	KeyAlgoSKED25519, KeyAlgoSKECDSA256,
-	KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521,
-	KeyAlgoRSASHA256, KeyAlgoRSASHA512, KeyAlgoRSA,
-	KeyAlgoDSA,
-}
-
 // unexpectedMessageError results when the SSH message that we received didn't
 // match what we wanted.
 func unexpectedMessageError(expected, got uint8) error {
@@ -169,20 +347,21 @@ func findCommon(what string, client []string, server []string) (common string, e
 	return "", fmt.Errorf("ssh: no common algorithm for %s; client offered: %v, server offered: %v", what, client, server)
 }
 
-// directionAlgorithms records algorithm choices in one direction (either read or write)
-type directionAlgorithms struct {
+// DirectionAlgorithms defines the algorithms negotiated in one direction
+// (either read or write).
+type DirectionAlgorithms struct {
 	Cipher      string
 	MAC         string
-	Compression string
+	compression string
 }
 
 // rekeyBytes returns a rekeying intervals in bytes.
-func (a *directionAlgorithms) rekeyBytes() int64 {
+func (a *DirectionAlgorithms) rekeyBytes() int64 {
 	// According to RFC 4344 block ciphers should rekey after
 	// 2^(BLOCKSIZE/4) blocks. For all AES flavors BLOCKSIZE is
 	// 128.
 	switch a.Cipher {
-	case "aes128-ctr", "aes192-ctr", "aes256-ctr", gcm128CipherID, gcm256CipherID, aes128cbcID:
+	case CipherAES128CTR, CipherAES192CTR, CipherAES256CTR, CipherAES128GCM, CipherAES256GCM, InsecureCipherAES128CBC:
 		return 16 * (1 << 32)
 
 	}
@@ -192,32 +371,25 @@ func (a *directionAlgorithms) rekeyBytes() int64 {
 }
 
 var aeadCiphers = map[string]bool{
-	gcm128CipherID:     true,
-	gcm256CipherID:     true,
-	chacha20Poly1305ID: true,
-}
-
-type algorithms struct {
-	kex     string
-	hostKey string
-	w       directionAlgorithms
-	r       directionAlgorithms
+	CipherAES128GCM:        true,
+	CipherAES256GCM:        true,
+	CipherChaCha20Poly1305: true,
 }
 
-func findAgreedAlgorithms(isClient bool, clientKexInit, serverKexInit *kexInitMsg) (algs *algorithms, err error) {
-	result := &algorithms{}
+func findAgreedAlgorithms(isClient bool, clientKexInit, serverKexInit *kexInitMsg) (algs *NegotiatedAlgorithms, err error) {
+	result := &NegotiatedAlgorithms{}
 
-	result.kex, err = findCommon("key exchange", clientKexInit.KexAlgos, serverKexInit.KexAlgos)
+	result.KeyExchange, err = findCommon("key exchange", clientKexInit.KexAlgos, serverKexInit.KexAlgos)
 	if err != nil {
 		return
 	}
 
-	result.hostKey, err = findCommon("host key", clientKexInit.ServerHostKeyAlgos, serverKexInit.ServerHostKeyAlgos)
+	result.HostKey, err = findCommon("host key", clientKexInit.ServerHostKeyAlgos, serverKexInit.ServerHostKeyAlgos)
 	if err != nil {
 		return
 	}
 
-	stoc, ctos := &result.w, &result.r
+	stoc, ctos := &result.Write, &result.Read
 	if isClient {
 		ctos, stoc = stoc, ctos
 	}
@@ -246,12 +418,12 @@ func findAgreedAlgorithms(isClient bool, clientKexInit, serverKexInit *kexInitMs
 		}
 	}
 
-	ctos.Compression, err = findCommon("client to server compression", clientKexInit.CompressionClientServer, serverKexInit.CompressionClientServer)
+	ctos.compression, err = findCommon("client to server compression", clientKexInit.CompressionClientServer, serverKexInit.CompressionClientServer)
 	if err != nil {
 		return
 	}
 
-	stoc.Compression, err = findCommon("server to client compression", clientKexInit.CompressionServerClient, serverKexInit.CompressionServerClient)
+	stoc.compression, err = findCommon("server to client compression", clientKexInit.CompressionServerClient, serverKexInit.CompressionServerClient)
 	if err != nil {
 		return
 	}
@@ -297,7 +469,7 @@ func (c *Config) SetDefaults() {
 		c.Rand = rand.Reader
 	}
 	if c.Ciphers == nil {
-		c.Ciphers = preferredCiphers
+		c.Ciphers = defaultCiphers
 	}
 	var ciphers []string
 	for _, c := range c.Ciphers {
@@ -309,19 +481,22 @@ func (c *Config) SetDefaults() {
 	c.Ciphers = ciphers
 
 	if c.KeyExchanges == nil {
-		c.KeyExchanges = preferredKexAlgos
+		c.KeyExchanges = defaultKexAlgos
 	}
 	var kexs []string
 	for _, k := range c.KeyExchanges {
 		if kexAlgoMap[k] != nil {
 			// Ignore the KEX if we have no kexAlgoMap definition.
 			kexs = append(kexs, k)
+			if k == KeyExchangeCurve25519 && !contains(c.KeyExchanges, keyExchangeCurve25519LibSSH) {
+				kexs = append(kexs, keyExchangeCurve25519LibSSH)
+			}
 		}
 	}
 	c.KeyExchanges = kexs
 
 	if c.MACs == nil {
-		c.MACs = supportedMACs
+		c.MACs = defaultMACs
 	}
 	var macs []string
 	for _, m := range c.MACs {
diff --git a/vendor/golang.org/x/crypto/ssh/connection.go b/vendor/golang.org/x/crypto/ssh/connection.go
index 8f345ee924..613a71a7b3 100644
--- a/vendor/golang.org/x/crypto/ssh/connection.go
+++ b/vendor/golang.org/x/crypto/ssh/connection.go
@@ -74,6 +74,13 @@ type Conn interface {
 	//   Disconnect
 }
 
+// AlgorithmsConnMetadata is a ConnMetadata that can return the algorithms
+// negotiated between client and server.
+type AlgorithmsConnMetadata interface {
+	ConnMetadata
+	Algorithms() NegotiatedAlgorithms
+}
+
 // DiscardRequests consumes and rejects all requests from the
 // passed-in channel.
 func DiscardRequests(in <-chan *Request) {
@@ -106,6 +113,7 @@ type sshConn struct {
 	sessionID     []byte
 	clientVersion []byte
 	serverVersion []byte
+	algorithms    NegotiatedAlgorithms
 }
 
 func dup(src []byte) []byte {
@@ -141,3 +149,7 @@ func (c *sshConn) ClientVersion() []byte {
 func (c *sshConn) ServerVersion() []byte {
 	return dup(c.serverVersion)
 }
+
+func (c *sshConn) Algorithms() NegotiatedAlgorithms {
+	return c.algorithms
+}
diff --git a/vendor/golang.org/x/crypto/ssh/handshake.go b/vendor/golang.org/x/crypto/ssh/handshake.go
index b6bf546b49..a90bfe331c 100644
--- a/vendor/golang.org/x/crypto/ssh/handshake.go
+++ b/vendor/golang.org/x/crypto/ssh/handshake.go
@@ -38,7 +38,7 @@ type keyingTransport interface {
 	// prepareKeyChange sets up a key change. The key change for a
 	// direction will be effected if a msgNewKeys message is sent
 	// or received.
-	prepareKeyChange(*algorithms, *kexResult) error
+	prepareKeyChange(*NegotiatedAlgorithms, *kexResult) error
 
 	// setStrictMode sets the strict KEX mode, notably triggering
 	// sequence number resets on sending or receiving msgNewKeys.
@@ -115,7 +115,7 @@ type handshakeTransport struct {
 	bannerCallback BannerCallback
 
 	// Algorithms agreed in the last key exchange.
-	algorithms *algorithms
+	algorithms *NegotiatedAlgorithms
 
 	// Counters exclusively owned by readLoop.
 	readPacketsLeft uint32
@@ -164,7 +164,7 @@ func newClientTransport(conn keyingTransport, clientVersion, serverVersion []byt
 	if config.HostKeyAlgorithms != nil {
 		t.hostKeyAlgorithms = config.HostKeyAlgorithms
 	} else {
-		t.hostKeyAlgorithms = supportedHostKeyAlgos
+		t.hostKeyAlgorithms = defaultHostKeyAlgos
 	}
 	go t.readLoop()
 	go t.kexLoop()
@@ -184,6 +184,10 @@ func (t *handshakeTransport) getSessionID() []byte {
 	return t.sessionID
 }
 
+func (t *handshakeTransport) getAlgorithms() NegotiatedAlgorithms {
+	return *t.algorithms
+}
+
 // waitSession waits for the session to be established. This should be
 // the first thing to call after instantiating handshakeTransport.
 func (t *handshakeTransport) waitSession() error {
@@ -290,7 +294,7 @@ func (t *handshakeTransport) resetWriteThresholds() {
 	if t.config.RekeyThreshold > 0 {
 		t.writeBytesLeft = int64(t.config.RekeyThreshold)
 	} else if t.algorithms != nil {
-		t.writeBytesLeft = t.algorithms.w.rekeyBytes()
+		t.writeBytesLeft = t.algorithms.Write.rekeyBytes()
 	} else {
 		t.writeBytesLeft = 1 << 30
 	}
@@ -407,7 +411,7 @@ func (t *handshakeTransport) resetReadThresholds() {
 	if t.config.RekeyThreshold > 0 {
 		t.readBytesLeft = int64(t.config.RekeyThreshold)
 	} else if t.algorithms != nil {
-		t.readBytesLeft = t.algorithms.r.rekeyBytes()
+		t.readBytesLeft = t.algorithms.Read.rekeyBytes()
 	} else {
 		t.readBytesLeft = 1 << 30
 	}
@@ -700,9 +704,9 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 		}
 	}
 
-	kex, ok := kexAlgoMap[t.algorithms.kex]
+	kex, ok := kexAlgoMap[t.algorithms.KeyExchange]
 	if !ok {
-		return fmt.Errorf("ssh: unexpected key exchange algorithm %v", t.algorithms.kex)
+		return fmt.Errorf("ssh: unexpected key exchange algorithm %v", t.algorithms.KeyExchange)
 	}
 
 	var result *kexResult
@@ -809,12 +813,12 @@ func pickHostKey(hostKeys []Signer, algo string) AlgorithmSigner {
 }
 
 func (t *handshakeTransport) server(kex kexAlgorithm, magics *handshakeMagics) (*kexResult, error) {
-	hostKey := pickHostKey(t.hostKeys, t.algorithms.hostKey)
+	hostKey := pickHostKey(t.hostKeys, t.algorithms.HostKey)
 	if hostKey == nil {
 		return nil, errors.New("ssh: internal error: negotiated unsupported signature type")
 	}
 
-	r, err := kex.Server(t.conn, t.config.Rand, magics, hostKey, t.algorithms.hostKey)
+	r, err := kex.Server(t.conn, t.config.Rand, magics, hostKey, t.algorithms.HostKey)
 	return r, err
 }
 
@@ -829,7 +833,7 @@ func (t *handshakeTransport) client(kex kexAlgorithm, magics *handshakeMagics) (
 		return nil, err
 	}
 
-	if err := verifyHostKeySignature(hostKey, t.algorithms.hostKey, result); err != nil {
+	if err := verifyHostKeySignature(hostKey, t.algorithms.HostKey, result); err != nil {
 		return nil, err
 	}
 
diff --git a/vendor/golang.org/x/crypto/ssh/kex.go b/vendor/golang.org/x/crypto/ssh/kex.go
index 8a05f79902..cf388a92aa 100644
--- a/vendor/golang.org/x/crypto/ssh/kex.go
+++ b/vendor/golang.org/x/crypto/ssh/kex.go
@@ -20,21 +20,18 @@ import (
 )
 
 const (
-	kexAlgoDH1SHA1                = "diffie-hellman-group1-sha1"
-	kexAlgoDH14SHA1               = "diffie-hellman-group14-sha1"
-	kexAlgoDH14SHA256             = "diffie-hellman-group14-sha256"
-	kexAlgoDH16SHA512             = "diffie-hellman-group16-sha512"
-	kexAlgoECDH256                = "ecdh-sha2-nistp256"
-	kexAlgoECDH384                = "ecdh-sha2-nistp384"
-	kexAlgoECDH521                = "ecdh-sha2-nistp521"
-	kexAlgoCurve25519SHA256LibSSH = "curve25519-sha256@libssh.org"
-	kexAlgoCurve25519SHA256       = "curve25519-sha256"
-
-	// For the following kex only the client half contains a production
-	// ready implementation. The server half only consists of a minimal
-	// implementation to satisfy the automated tests.
-	kexAlgoDHGEXSHA1   = "diffie-hellman-group-exchange-sha1"
-	kexAlgoDHGEXSHA256 = "diffie-hellman-group-exchange-sha256"
+	// This is the group called diffie-hellman-group1-sha1 in RFC 4253 and
+	// Oakley Group 2 in RFC 2409.
+	oakleyGroup2 = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF"
+	// This is the group called diffie-hellman-group14-sha1 in RFC 4253 and
+	// Oakley Group 14 in RFC 3526.
+	oakleyGroup14 = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF"
+	// This is the group called diffie-hellman-group15-sha512 in RFC 8268 and
+	// Oakley Group 15 in RFC 3526.
+	oakleyGroup15 = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"
+	// This is the group called diffie-hellman-group16-sha512 in RFC 8268 and
+	// Oakley Group 16 in RFC 3526.
+	oakleyGroup16 = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF"
 )
 
 // kexResult captures the outcome of a key exchange.
@@ -402,53 +399,46 @@ func ecHash(curve elliptic.Curve) crypto.Hash {
 var kexAlgoMap = map[string]kexAlgorithm{}
 
 func init() {
-	// This is the group called diffie-hellman-group1-sha1 in
-	// RFC 4253 and Oakley Group 2 in RFC 2409.
-	p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF", 16)
-	kexAlgoMap[kexAlgoDH1SHA1] = &dhGroup{
+	p, _ := new(big.Int).SetString(oakleyGroup2, 16)
+	kexAlgoMap[InsecureKeyExchangeDH1SHA1] = &dhGroup{
 		g:        new(big.Int).SetInt64(2),
 		p:        p,
 		pMinus1:  new(big.Int).Sub(p, bigOne),
 		hashFunc: crypto.SHA1,
 	}
 
-	// This are the groups called diffie-hellman-group14-sha1 and
-	// diffie-hellman-group14-sha256 in RFC 4253 and RFC 8268,
-	// and Oakley Group 14 in RFC 3526.
-	p, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16)
+	p, _ = new(big.Int).SetString(oakleyGroup14, 16)
 	group14 := &dhGroup{
 		g:       new(big.Int).SetInt64(2),
 		p:       p,
 		pMinus1: new(big.Int).Sub(p, bigOne),
 	}
 
-	kexAlgoMap[kexAlgoDH14SHA1] = &dhGroup{
+	kexAlgoMap[InsecureKeyExchangeDH14SHA1] = &dhGroup{
 		g: group14.g, p: group14.p, pMinus1: group14.pMinus1,
 		hashFunc: crypto.SHA1,
 	}
-	kexAlgoMap[kexAlgoDH14SHA256] = &dhGroup{
+	kexAlgoMap[KeyExchangeDH14SHA256] = &dhGroup{
 		g: group14.g, p: group14.p, pMinus1: group14.pMinus1,
 		hashFunc: crypto.SHA256,
 	}
 
-	// This is the group called diffie-hellman-group16-sha512 in RFC
-	// 8268 and Oakley Group 16 in RFC 3526.
-	p, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF", 16)
+	p, _ = new(big.Int).SetString(oakleyGroup16, 16)
 
-	kexAlgoMap[kexAlgoDH16SHA512] = &dhGroup{
+	kexAlgoMap[KeyExchangeDH16SHA512] = &dhGroup{
 		g:        new(big.Int).SetInt64(2),
 		p:        p,
 		pMinus1:  new(big.Int).Sub(p, bigOne),
 		hashFunc: crypto.SHA512,
 	}
 
-	kexAlgoMap[kexAlgoECDH521] = &ecdh{elliptic.P521()}
-	kexAlgoMap[kexAlgoECDH384] = &ecdh{elliptic.P384()}
-	kexAlgoMap[kexAlgoECDH256] = &ecdh{elliptic.P256()}
-	kexAlgoMap[kexAlgoCurve25519SHA256] = &curve25519sha256{}
-	kexAlgoMap[kexAlgoCurve25519SHA256LibSSH] = &curve25519sha256{}
-	kexAlgoMap[kexAlgoDHGEXSHA1] = &dhGEXSHA{hashFunc: crypto.SHA1}
-	kexAlgoMap[kexAlgoDHGEXSHA256] = &dhGEXSHA{hashFunc: crypto.SHA256}
+	kexAlgoMap[KeyExchangeECDHP521] = &ecdh{elliptic.P521()}
+	kexAlgoMap[KeyExchangeECDHP384] = &ecdh{elliptic.P384()}
+	kexAlgoMap[KeyExchangeECDHP256] = &ecdh{elliptic.P256()}
+	kexAlgoMap[KeyExchangeCurve25519] = &curve25519sha256{}
+	kexAlgoMap[keyExchangeCurve25519LibSSH] = &curve25519sha256{}
+	kexAlgoMap[InsecureKeyExchangeDHGEXSHA1] = &dhGEXSHA{hashFunc: crypto.SHA1}
+	kexAlgoMap[KeyExchangeDHGEXSHA256] = &dhGEXSHA{hashFunc: crypto.SHA256}
 }
 
 // curve25519sha256 implements the curve25519-sha256 (formerly known as
@@ -601,9 +591,9 @@ const (
 func (gex *dhGEXSHA) Client(c packetConn, randSource io.Reader, magics *handshakeMagics) (*kexResult, error) {
 	// Send GexRequest
 	kexDHGexRequest := kexDHGexRequestMsg{
-		MinBits:      dhGroupExchangeMinimumBits,
-		PreferedBits: dhGroupExchangePreferredBits,
-		MaxBits:      dhGroupExchangeMaximumBits,
+		MinBits:       dhGroupExchangeMinimumBits,
+		PreferredBits: dhGroupExchangePreferredBits,
+		MaxBits:       dhGroupExchangeMaximumBits,
 	}
 	if err := c.writePacket(Marshal(&kexDHGexRequest)); err != nil {
 		return nil, err
@@ -690,9 +680,7 @@ func (gex *dhGEXSHA) Client(c packetConn, randSource io.Reader, magics *handshak
 }
 
 // Server half implementation of the Diffie Hellman Key Exchange with SHA1 and SHA256.
-//
-// This is a minimal implementation to satisfy the automated tests.
-func (gex dhGEXSHA) Server(c packetConn, randSource io.Reader, magics *handshakeMagics, priv AlgorithmSigner, algo string) (result *kexResult, err error) {
+func (gex *dhGEXSHA) Server(c packetConn, randSource io.Reader, magics *handshakeMagics, priv AlgorithmSigner, algo string) (result *kexResult, err error) {
 	// Receive GexRequest
 	packet, err := c.readPacket()
 	if err != nil {
@@ -702,13 +690,32 @@ func (gex dhGEXSHA) Server(c packetConn, randSource io.Reader, magics *handshake
 	if err = Unmarshal(packet, &kexDHGexRequest); err != nil {
 		return
 	}
+	// We check that the request received is valid and that the MaxBits
+	// requested are at least equal to our supported minimum. This is the same
+	// check done in OpenSSH:
+	// https://github.com/openssh/openssh-portable/blob/80a2f64b/kexgexs.c#L94
+	//
+	// Furthermore, we also check that the required MinBits are less than or
+	// equal to 4096 because we can use up to Oakley Group 16.
+	if kexDHGexRequest.MaxBits < kexDHGexRequest.MinBits || kexDHGexRequest.PreferredBits < kexDHGexRequest.MinBits ||
+		kexDHGexRequest.MaxBits < kexDHGexRequest.PreferredBits || kexDHGexRequest.MaxBits < dhGroupExchangeMinimumBits ||
+		kexDHGexRequest.MinBits > 4096 {
+		return nil, fmt.Errorf("ssh: DH GEX request out of range, min: %d, max: %d, preferred: %d", kexDHGexRequest.MinBits,
+			kexDHGexRequest.MaxBits, kexDHGexRequest.PreferredBits)
+	}
+
+	var p *big.Int
+	// We hardcode sending Oakley Group 14 (2048 bits), Oakley Group 15 (3072
+	// bits) or Oakley Group 16 (4096 bits), based on the requested max size.
+	if kexDHGexRequest.MaxBits < 3072 {
+		p, _ = new(big.Int).SetString(oakleyGroup14, 16)
+	} else if kexDHGexRequest.MaxBits < 4096 {
+		p, _ = new(big.Int).SetString(oakleyGroup15, 16)
+	} else {
+		p, _ = new(big.Int).SetString(oakleyGroup16, 16)
+	}
 
-	// Send GexGroup
-	// This is the group called diffie-hellman-group14-sha1 in RFC
-	// 4253 and Oakley Group 14 in RFC 3526.
-	p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16)
 	g := big.NewInt(2)
-
 	msg := &kexDHGexGroupMsg{
 		P: p,
 		G: g,
@@ -746,9 +753,9 @@ func (gex dhGEXSHA) Server(c packetConn, randSource io.Reader, magics *handshake
 	h := gex.hashFunc.New()
 	magics.write(h)
 	writeString(h, hostKeyBytes)
-	binary.Write(h, binary.BigEndian, uint32(dhGroupExchangeMinimumBits))
-	binary.Write(h, binary.BigEndian, uint32(dhGroupExchangePreferredBits))
-	binary.Write(h, binary.BigEndian, uint32(dhGroupExchangeMaximumBits))
+	binary.Write(h, binary.BigEndian, kexDHGexRequest.MinBits)
+	binary.Write(h, binary.BigEndian, kexDHGexRequest.PreferredBits)
+	binary.Write(h, binary.BigEndian, kexDHGexRequest.MaxBits)
 	writeInt(h, p)
 	writeInt(h, g)
 	writeInt(h, kexDHGexInit.X)
diff --git a/vendor/golang.org/x/crypto/ssh/keys.go b/vendor/golang.org/x/crypto/ssh/keys.go
index 98e6706d5d..566e09d5a1 100644
--- a/vendor/golang.org/x/crypto/ssh/keys.go
+++ b/vendor/golang.org/x/crypto/ssh/keys.go
@@ -36,14 +36,19 @@ import (
 // ClientConfig.HostKeyAlgorithms, Signature.Format, or as AlgorithmSigner
 // arguments.
 const (
-	KeyAlgoRSA        = "ssh-rsa"
-	KeyAlgoDSA        = "ssh-dss"
-	KeyAlgoECDSA256   = "ecdsa-sha2-nistp256"
-	KeyAlgoSKECDSA256 = "sk-ecdsa-sha2-nistp256@openssh.com"
-	KeyAlgoECDSA384   = "ecdsa-sha2-nistp384"
-	KeyAlgoECDSA521   = "ecdsa-sha2-nistp521"
-	KeyAlgoED25519    = "ssh-ed25519"
-	KeyAlgoSKED25519  = "sk-ssh-ed25519@openssh.com"
+	KeyAlgoRSA = "ssh-rsa"
+	// Deprecated: DSA is only supported at insecure key sizes, and was removed
+	// from major implementations.
+	KeyAlgoDSA = InsecureKeyAlgoDSA
+	// Deprecated: DSA is only supported at insecure key sizes, and was removed
+	// from major implementations.
+	InsecureKeyAlgoDSA = "ssh-dss"
+	KeyAlgoECDSA256    = "ecdsa-sha2-nistp256"
+	KeyAlgoSKECDSA256  = "sk-ecdsa-sha2-nistp256@openssh.com"
+	KeyAlgoECDSA384    = "ecdsa-sha2-nistp384"
+	KeyAlgoECDSA521    = "ecdsa-sha2-nistp521"
+	KeyAlgoED25519     = "ssh-ed25519"
+	KeyAlgoSKED25519   = "sk-ssh-ed25519@openssh.com"
 
 	// KeyAlgoRSASHA256 and KeyAlgoRSASHA512 are only public key algorithms, not
 	// public key formats, so they can't appear as a PublicKey.Type. The
@@ -67,7 +72,7 @@ func parsePubKey(in []byte, algo string) (pubKey PublicKey, rest []byte, err err
 	switch algo {
 	case KeyAlgoRSA:
 		return parseRSA(in)
-	case KeyAlgoDSA:
+	case InsecureKeyAlgoDSA:
 		return parseDSA(in)
 	case KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521:
 		return parseECDSA(in)
@@ -77,7 +82,7 @@ func parsePubKey(in []byte, algo string) (pubKey PublicKey, rest []byte, err err
 		return parseED25519(in)
 	case KeyAlgoSKED25519:
 		return parseSKEd25519(in)
-	case CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoSKECDSA256v01, CertAlgoED25519v01, CertAlgoSKED25519v01:
+	case CertAlgoRSAv01, InsecureCertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoSKECDSA256v01, CertAlgoED25519v01, CertAlgoSKED25519v01:
 		cert, err := parseCert(in, certKeyAlgoNames[algo])
 		if err != nil {
 			return nil, nil, err
diff --git a/vendor/golang.org/x/crypto/ssh/mac.go b/vendor/golang.org/x/crypto/ssh/mac.go
index 06a1b27507..de2639d57f 100644
--- a/vendor/golang.org/x/crypto/ssh/mac.go
+++ b/vendor/golang.org/x/crypto/ssh/mac.go
@@ -47,22 +47,22 @@ func (t truncatingMAC) Size() int {
 func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() }
 
 var macModes = map[string]*macMode{
-	"hmac-sha2-512-etm@openssh.com": {64, true, func(key []byte) hash.Hash {
+	HMACSHA512ETM: {64, true, func(key []byte) hash.Hash {
 		return hmac.New(sha512.New, key)
 	}},
-	"hmac-sha2-256-etm@openssh.com": {32, true, func(key []byte) hash.Hash {
+	HMACSHA256ETM: {32, true, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
 	}},
-	"hmac-sha2-512": {64, false, func(key []byte) hash.Hash {
+	HMACSHA512: {64, false, func(key []byte) hash.Hash {
 		return hmac.New(sha512.New, key)
 	}},
-	"hmac-sha2-256": {32, false, func(key []byte) hash.Hash {
+	HMACSHA256: {32, false, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
 	}},
-	"hmac-sha1": {20, false, func(key []byte) hash.Hash {
+	HMACSHA1: {20, false, func(key []byte) hash.Hash {
 		return hmac.New(sha1.New, key)
 	}},
-	"hmac-sha1-96": {20, false, func(key []byte) hash.Hash {
+	InsecureHMACSHA196: {20, false, func(key []byte) hash.Hash {
 		return truncatingMAC{12, hmac.New(sha1.New, key)}
 	}},
 }
diff --git a/vendor/golang.org/x/crypto/ssh/messages.go b/vendor/golang.org/x/crypto/ssh/messages.go
index 118427bc05..251b9d06a3 100644
--- a/vendor/golang.org/x/crypto/ssh/messages.go
+++ b/vendor/golang.org/x/crypto/ssh/messages.go
@@ -122,9 +122,9 @@ type kexDHGexReplyMsg struct {
 const msgKexDHGexRequest = 34
 
 type kexDHGexRequestMsg struct {
-	MinBits      uint32 `sshtype:"34"`
-	PreferedBits uint32
-	MaxBits      uint32
+	MinBits       uint32 `sshtype:"34"`
+	PreferredBits uint32
+	MaxBits       uint32
 }
 
 // See RFC 4253, section 10.
diff --git a/vendor/golang.org/x/crypto/ssh/mlkem.go b/vendor/golang.org/x/crypto/ssh/mlkem.go
new file mode 100644
index 0000000000..657e1079d4
--- /dev/null
+++ b/vendor/golang.org/x/crypto/ssh/mlkem.go
@@ -0,0 +1,183 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build go1.24
+
+package ssh
+
+import (
+	"crypto"
+	"crypto/mlkem"
+	"crypto/sha256"
+	"errors"
+	"fmt"
+	"io"
+	"runtime"
+	"slices"
+
+	"golang.org/x/crypto/curve25519"
+)
+
+func init() {
+	// After Go 1.24rc1 mlkem swapped the order of return values of Encapsulate.
+	// See #70950.
+	if runtime.Version() == "go1.24rc1" {
+		return
+	}
+	supportedKexAlgos = slices.Insert(supportedKexAlgos, 0, KeyExchangeMLKEM768X25519)
+	defaultKexAlgos = slices.Insert(defaultKexAlgos, 0, KeyExchangeMLKEM768X25519)
+	kexAlgoMap[KeyExchangeMLKEM768X25519] = &mlkem768WithCurve25519sha256{}
+}
+
+// mlkem768WithCurve25519sha256 implements the hybrid ML-KEM768 with
+// curve25519-sha256 key exchange method, as described by
+// draft-kampanakis-curdle-ssh-pq-ke-05 section 2.3.3.
+type mlkem768WithCurve25519sha256 struct{}
+
+func (kex *mlkem768WithCurve25519sha256) Client(c packetConn, rand io.Reader, magics *handshakeMagics) (*kexResult, error) {
+	var c25519kp curve25519KeyPair
+	if err := c25519kp.generate(rand); err != nil {
+		return nil, err
+	}
+
+	seed := make([]byte, mlkem.SeedSize)
+	if _, err := io.ReadFull(rand, seed); err != nil {
+		return nil, err
+	}
+
+	mlkemDk, err := mlkem.NewDecapsulationKey768(seed)
+	if err != nil {
+		return nil, err
+	}
+
+	hybridKey := append(mlkemDk.EncapsulationKey().Bytes(), c25519kp.pub[:]...)
+	if err := c.writePacket(Marshal(&kexECDHInitMsg{hybridKey})); err != nil {
+		return nil, err
+	}
+
+	packet, err := c.readPacket()
+	if err != nil {
+		return nil, err
+	}
+
+	var reply kexECDHReplyMsg
+	if err = Unmarshal(packet, &reply); err != nil {
+		return nil, err
+	}
+
+	if len(reply.EphemeralPubKey) != mlkem.CiphertextSize768+32 {
+		return nil, errors.New("ssh: peer's mlkem768x25519 public value has wrong length")
+	}
+
+	// Perform KEM decapsulate operation to obtain shared key from ML-KEM.
+	mlkem768Secret, err := mlkemDk.Decapsulate(reply.EphemeralPubKey[:mlkem.CiphertextSize768])
+	if err != nil {
+		return nil, err
+	}
+
+	// Complete Curve25519 ECDH to obtain its shared key.
+	c25519Secret, err := curve25519.X25519(c25519kp.priv[:], reply.EphemeralPubKey[mlkem.CiphertextSize768:])
+	if err != nil {
+		return nil, fmt.Errorf("ssh: peer's mlkem768x25519 public value is not valid: %w", err)
+	}
+	// Compute actual shared key.
+	h := sha256.New()
+	h.Write(mlkem768Secret)
+	h.Write(c25519Secret)
+	secret := h.Sum(nil)
+
+	h.Reset()
+	magics.write(h)
+	writeString(h, reply.HostKey)
+	writeString(h, hybridKey)
+	writeString(h, reply.EphemeralPubKey)
+
+	K := make([]byte, stringLength(len(secret)))
+	marshalString(K, secret)
+	h.Write(K)
+
+	return &kexResult{
+		H:         h.Sum(nil),
+		K:         K,
+		HostKey:   reply.HostKey,
+		Signature: reply.Signature,
+		Hash:      crypto.SHA256,
+	}, nil
+}
+
+func (kex *mlkem768WithCurve25519sha256) Server(c packetConn, rand io.Reader, magics *handshakeMagics, priv AlgorithmSigner, algo string) (*kexResult, error) {
+	packet, err := c.readPacket()
+	if err != nil {
+		return nil, err
+	}
+
+	var kexInit kexECDHInitMsg
+	if err = Unmarshal(packet, &kexInit); err != nil {
+		return nil, err
+	}
+
+	if len(kexInit.ClientPubKey) != mlkem.EncapsulationKeySize768+32 {
+		return nil, errors.New("ssh: peer's ML-KEM768/curve25519 public value has wrong length")
+	}
+
+	encapsulationKey, err := mlkem.NewEncapsulationKey768(kexInit.ClientPubKey[:mlkem.EncapsulationKeySize768])
+	if err != nil {
+		return nil, fmt.Errorf("ssh: peer's ML-KEM768 encapsulation key is not valid: %w", err)
+	}
+	// Perform KEM encapsulate operation to obtain ciphertext and shared key.
+	mlkem768Secret, mlkem768Ciphertext := encapsulationKey.Encapsulate()
+
+	// Perform server side of Curve25519 ECDH to obtain server public value and
+	// shared key.
+	var c25519kp curve25519KeyPair
+	if err := c25519kp.generate(rand); err != nil {
+		return nil, err
+	}
+	c25519Secret, err := curve25519.X25519(c25519kp.priv[:], kexInit.ClientPubKey[mlkem.EncapsulationKeySize768:])
+	if err != nil {
+		return nil, fmt.Errorf("ssh: peer's ML-KEM768/curve25519 public value is not valid: %w", err)
+	}
+	hybridKey := append(mlkem768Ciphertext, c25519kp.pub[:]...)
+
+	// Compute actual shared key.
+	h := sha256.New()
+	h.Write(mlkem768Secret)
+	h.Write(c25519Secret)
+	secret := h.Sum(nil)
+
+	hostKeyBytes := priv.PublicKey().Marshal()
+
+	h.Reset()
+	magics.write(h)
+	writeString(h, hostKeyBytes)
+	writeString(h, kexInit.ClientPubKey)
+	writeString(h, hybridKey)
+
+	K := make([]byte, stringLength(len(secret)))
+	marshalString(K, secret)
+	h.Write(K)
+
+	H := h.Sum(nil)
+
+	sig, err := signAndMarshal(priv, rand, H, algo)
+	if err != nil {
+		return nil, err
+	}
+
+	reply := kexECDHReplyMsg{
+		EphemeralPubKey: hybridKey,
+		HostKey:         hostKeyBytes,
+		Signature:       sig,
+	}
+	if err := c.writePacket(Marshal(&reply)); err != nil {
+		return nil, err
+	}
+	return &kexResult{
+		H:         H,
+		K:         K,
+		HostKey:   hostKeyBytes,
+		Signature: sig,
+		Hash:      crypto.SHA256,
+	}, nil
+}
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index 1839ddc6a4..98679ba5b6 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -243,22 +243,15 @@ func NewServerConn(c net.Conn, config *ServerConfig) (*ServerConn, <-chan NewCha
 		fullConf.MaxAuthTries = 6
 	}
 	if len(fullConf.PublicKeyAuthAlgorithms) == 0 {
-		fullConf.PublicKeyAuthAlgorithms = supportedPubKeyAuthAlgos
+		fullConf.PublicKeyAuthAlgorithms = defaultPubKeyAuthAlgos
 	} else {
 		for _, algo := range fullConf.PublicKeyAuthAlgorithms {
-			if !contains(supportedPubKeyAuthAlgos, algo) {
+			if !contains(SupportedAlgorithms().PublicKeyAuths, algo) && !contains(InsecureAlgorithms().PublicKeyAuths, algo) {
 				c.Close()
 				return nil, nil, nil, fmt.Errorf("ssh: unsupported public key authentication algorithm %s", algo)
 			}
 		}
 	}
-	// Check if the config contains any unsupported key exchanges
-	for _, kex := range fullConf.KeyExchanges {
-		if _, ok := serverForbiddenKexAlgos[kex]; ok {
-			c.Close()
-			return nil, nil, nil, fmt.Errorf("ssh: unsupported key exchange %s for server", kex)
-		}
-	}
 
 	s := &connection{
 		sshConn: sshConn{conn: c},
@@ -315,6 +308,7 @@ func (s *connection) serverHandshake(config *ServerConfig) (*Permissions, error)
 
 	// We just did the key change, so the session ID is established.
 	s.sessionID = s.transport.getSessionID()
+	s.algorithms = s.transport.getAlgorithms()
 
 	var packet []byte
 	if packet, err = s.transport.readPacket(); err != nil {
diff --git a/vendor/golang.org/x/crypto/ssh/transport.go b/vendor/golang.org/x/crypto/ssh/transport.go
index 0424d2d37c..663619845c 100644
--- a/vendor/golang.org/x/crypto/ssh/transport.go
+++ b/vendor/golang.org/x/crypto/ssh/transport.go
@@ -16,13 +16,6 @@ import (
 // wire. No message decoding is done, to minimize the impact on timing.
 const debugTransport = false
 
-const (
-	gcm128CipherID = "aes128-gcm@openssh.com"
-	gcm256CipherID = "aes256-gcm@openssh.com"
-	aes128cbcID    = "aes128-cbc"
-	tripledescbcID = "3des-cbc"
-)
-
 // packetConn represents a transport that implements packet based
 // operations.
 type packetConn interface {
@@ -92,14 +85,14 @@ func (t *transport) setInitialKEXDone() {
 // prepareKeyChange sets up key material for a keychange. The key changes in
 // both directions are triggered by reading and writing a msgNewKey packet
 // respectively.
-func (t *transport) prepareKeyChange(algs *algorithms, kexResult *kexResult) error {
-	ciph, err := newPacketCipher(t.reader.dir, algs.r, kexResult)
+func (t *transport) prepareKeyChange(algs *NegotiatedAlgorithms, kexResult *kexResult) error {
+	ciph, err := newPacketCipher(t.reader.dir, algs.Read, kexResult)
 	if err != nil {
 		return err
 	}
 	t.reader.pendingKeyChange <- ciph
 
-	ciph, err = newPacketCipher(t.writer.dir, algs.w, kexResult)
+	ciph, err = newPacketCipher(t.writer.dir, algs.Write, kexResult)
 	if err != nil {
 		return err
 	}
@@ -259,7 +252,7 @@ var (
 // setupKeys sets the cipher and MAC keys from kex.K, kex.H and sessionId, as
 // described in RFC 4253, section 6.4. direction should either be serverKeys
 // (to setup server->client keys) or clientKeys (for client->server keys).
-func newPacketCipher(d direction, algs directionAlgorithms, kex *kexResult) (packetCipher, error) {
+func newPacketCipher(d direction, algs DirectionAlgorithms, kex *kexResult) (packetCipher, error) {
 	cipherMode := cipherModes[algs.Cipher]
 
 	iv := make([]byte, cipherMode.ivSize)
diff --git a/vendor/golang.org/x/exp/maps/maps.go b/vendor/golang.org/x/exp/maps/maps.go
index c25939b92b..4a9747ef40 100644
--- a/vendor/golang.org/x/exp/maps/maps.go
+++ b/vendor/golang.org/x/exp/maps/maps.go
@@ -7,17 +7,13 @@ package maps
 
 import "maps"
 
-// TODO(adonovan): when https://go.dev/issue/32816 is accepted, all of
-// these functions except Keys and Values should be annotated
-// (provisionally with "//go:fix inline") so that tools can safely and
-// automatically replace calls to exp/maps with calls to std maps by
-// inlining them.
-
 // Keys returns the keys of the map m.
 // The keys will be in an indeterminate order.
+//
+// The simplest true equivalent using the standard library  is:
+//
+//	slices.AppendSeq(make([]K, 0, len(m)), maps.Keys(m))
 func Keys[M ~map[K]V, K comparable, V any](m M) []K {
-	// The simplest true equivalent using std is:
-	// return slices.AppendSeq(make([]K, 0, len(m)), maps.Keys(m)).
 
 	r := make([]K, 0, len(m))
 	for k := range m {
@@ -28,9 +24,11 @@ func Keys[M ~map[K]V, K comparable, V any](m M) []K {
 
 // Values returns the values of the map m.
 // The values will be in an indeterminate order.
+//
+// The simplest true equivalent using the standard library is:
+//
+//	slices.AppendSeq(make([]V, 0, len(m)), maps.Values(m))
 func Values[M ~map[K]V, K comparable, V any](m M) []V {
-	// The simplest true equivalent using std is:
-	// return slices.AppendSeq(make([]V, 0, len(m)), maps.Values(m)).
 
 	r := make([]V, 0, len(m))
 	for _, v := range m {
@@ -41,23 +39,31 @@ func Values[M ~map[K]V, K comparable, V any](m M) []V {
 
 // Equal reports whether two maps contain the same key/value pairs.
 // Values are compared using ==.
+//
+//go:fix inline
 func Equal[M1, M2 ~map[K]V, K, V comparable](m1 M1, m2 M2) bool {
 	return maps.Equal(m1, m2)
 }
 
 // EqualFunc is like Equal, but compares values using eq.
 // Keys are still compared with ==.
+//
+//go:fix inline
 func EqualFunc[M1 ~map[K]V1, M2 ~map[K]V2, K comparable, V1, V2 any](m1 M1, m2 M2, eq func(V1, V2) bool) bool {
 	return maps.EqualFunc(m1, m2, eq)
 }
 
 // Clear removes all entries from m, leaving it empty.
+//
+//go:fix inline
 func Clear[M ~map[K]V, K comparable, V any](m M) {
 	clear(m)
 }
 
 // Clone returns a copy of m.  This is a shallow clone:
 // the new keys and values are set using ordinary assignment.
+//
+//go:fix inline
 func Clone[M ~map[K]V, K comparable, V any](m M) M {
 	return maps.Clone(m)
 }
@@ -66,11 +72,15 @@ func Clone[M ~map[K]V, K comparable, V any](m M) M {
 // When a key in src is already present in dst,
 // the value in dst will be overwritten by the value associated
 // with the key in src.
+//
+//go:fix inline
 func Copy[M1 ~map[K]V, M2 ~map[K]V, K comparable, V any](dst M1, src M2) {
 	maps.Copy(dst, src)
 }
 
 // DeleteFunc deletes any key/value pairs from m for which del returns true.
+//
+//go:fix inline
 func DeleteFunc[M ~map[K]V, K comparable, V any](m M, del func(K, V) bool) {
 	maps.DeleteFunc(m, del)
 }
diff --git a/vendor/golang.org/x/exp/slices/slices.go b/vendor/golang.org/x/exp/slices/slices.go
index 757383ea1c..da0df370da 100644
--- a/vendor/golang.org/x/exp/slices/slices.go
+++ b/vendor/golang.org/x/exp/slices/slices.go
@@ -10,16 +10,13 @@ import (
 	"slices"
 )
 
-// TODO(adonovan): when https://go.dev/issue/32816 is accepted, all of
-// these functions should be annotated (provisionally with "//go:fix
-// inline") so that tools can safely and automatically replace calls
-// to exp/slices with calls to std slices by inlining them.
-
 // Equal reports whether two slices are equal: the same length and all
 // elements equal. If the lengths are different, Equal returns false.
 // Otherwise, the elements are compared in increasing index order, and the
 // comparison stops at the first unequal pair.
 // Floating point NaNs are not considered equal.
+//
+//go:fix inline
 func Equal[S ~[]E, E comparable](s1, s2 S) bool {
 	return slices.Equal(s1, s2)
 }
@@ -29,6 +26,8 @@ func Equal[S ~[]E, E comparable](s1, s2 S) bool {
 // EqualFunc returns false. Otherwise, the elements are compared in
 // increasing index order, and the comparison stops at the first index
 // for which eq returns false.
+//
+//go:fix inline
 func EqualFunc[S1 ~[]E1, S2 ~[]E2, E1, E2 any](s1 S1, s2 S2, eq func(E1, E2) bool) bool {
 	return slices.EqualFunc(s1, s2, eq)
 }
@@ -40,6 +39,8 @@ func EqualFunc[S1 ~[]E1, S2 ~[]E2, E1, E2 any](s1 S1, s2 S2, eq func(E1, E2) boo
 // If both slices are equal until one of them ends, the shorter slice is
 // considered less than the longer one.
 // The result is 0 if s1 == s2, -1 if s1 < s2, and +1 if s1 > s2.
+//
+//go:fix inline
 func Compare[S ~[]E, E cmp.Ordered](s1, s2 S) int {
 	return slices.Compare(s1, s2)
 }
@@ -49,29 +50,39 @@ func Compare[S ~[]E, E cmp.Ordered](s1, s2 S) int {
 // The result is the first non-zero result of cmp; if cmp always
 // returns 0 the result is 0 if len(s1) == len(s2), -1 if len(s1) < len(s2),
 // and +1 if len(s1) > len(s2).
+//
+//go:fix inline
 func CompareFunc[S1 ~[]E1, S2 ~[]E2, E1, E2 any](s1 S1, s2 S2, cmp func(E1, E2) int) int {
 	return slices.CompareFunc(s1, s2, cmp)
 }
 
 // Index returns the index of the first occurrence of v in s,
 // or -1 if not present.
+//
+//go:fix inline
 func Index[S ~[]E, E comparable](s S, v E) int {
 	return slices.Index(s, v)
 }
 
 // IndexFunc returns the first index i satisfying f(s[i]),
 // or -1 if none do.
+//
+//go:fix inline
 func IndexFunc[S ~[]E, E any](s S, f func(E) bool) int {
 	return slices.IndexFunc(s, f)
 }
 
 // Contains reports whether v is present in s.
+//
+//go:fix inline
 func Contains[S ~[]E, E comparable](s S, v E) bool {
 	return slices.Contains(s, v)
 }
 
 // ContainsFunc reports whether at least one
 // element e of s satisfies f(e).
+//
+//go:fix inline
 func ContainsFunc[S ~[]E, E any](s S, f func(E) bool) bool {
 	return slices.ContainsFunc(s, f)
 }
@@ -83,6 +94,8 @@ func ContainsFunc[S ~[]E, E any](s S, f func(E) bool) bool {
 // and r[i+len(v)] == value originally at r[i].
 // Insert panics if i is out of range.
 // This function is O(len(s) + len(v)).
+//
+//go:fix inline
 func Insert[S ~[]E, E any](s S, i int, v ...E) S {
 	return slices.Insert(s, i, v...)
 }
@@ -92,6 +105,8 @@ func Insert[S ~[]E, E any](s S, i int, v ...E) S {
 // Delete is O(len(s)-i), so if many items must be deleted, it is better to
 // make a single call deleting them all together than to delete one at a time.
 // Delete zeroes the elements s[len(s)-(j-i):len(s)].
+//
+//go:fix inline
 func Delete[S ~[]E, E any](s S, i, j int) S {
 	return slices.Delete(s, i, j)
 }
@@ -99,6 +114,8 @@ func Delete[S ~[]E, E any](s S, i, j int) S {
 // DeleteFunc removes any elements from s for which del returns true,
 // returning the modified slice.
 // DeleteFunc zeroes the elements between the new length and the original length.
+//
+//go:fix inline
 func DeleteFunc[S ~[]E, E any](s S, del func(E) bool) S {
 	return slices.DeleteFunc(s, del)
 }
@@ -106,12 +123,16 @@ func DeleteFunc[S ~[]E, E any](s S, del func(E) bool) S {
 // Replace replaces the elements s[i:j] by the given v, and returns the
 // modified slice. Replace panics if s[i:j] is not a valid slice of s.
 // When len(v) < (j-i), Replace zeroes the elements between the new length and the original length.
+//
+//go:fix inline
 func Replace[S ~[]E, E any](s S, i, j int, v ...E) S {
 	return slices.Replace(s, i, j, v...)
 }
 
 // Clone returns a copy of the slice.
 // The elements are copied using assignment, so this is a shallow clone.
+//
+//go:fix inline
 func Clone[S ~[]E, E any](s S) S {
 	return slices.Clone(s)
 }
@@ -121,6 +142,8 @@ func Clone[S ~[]E, E any](s S) S {
 // Compact modifies the contents of the slice s and returns the modified slice,
 // which may have a smaller length.
 // Compact zeroes the elements between the new length and the original length.
+//
+//go:fix inline
 func Compact[S ~[]E, E comparable](s S) S {
 	return slices.Compact(s)
 }
@@ -128,6 +151,8 @@ func Compact[S ~[]E, E comparable](s S) S {
 // CompactFunc is like [Compact] but uses an equality function to compare elements.
 // For runs of elements that compare equal, CompactFunc keeps the first one.
 // CompactFunc zeroes the elements between the new length and the original length.
+//
+//go:fix inline
 func CompactFunc[S ~[]E, E any](s S, eq func(E, E) bool) S {
 	return slices.CompactFunc(s, eq)
 }
@@ -136,16 +161,22 @@ func CompactFunc[S ~[]E, E any](s S, eq func(E, E) bool) S {
 // another n elements. After Grow(n), at least n elements can be appended
 // to the slice without another allocation. If n is negative or too large to
 // allocate the memory, Grow panics.
+//
+//go:fix inline
 func Grow[S ~[]E, E any](s S, n int) S {
 	return slices.Grow(s, n)
 }
 
 // Clip removes unused capacity from the slice, returning s[:len(s):len(s)].
+//
+//go:fix inline
 func Clip[S ~[]E, E any](s S) S {
 	return slices.Clip(s)
 }
 
 // Reverse reverses the elements of the slice in place.
+//
+//go:fix inline
 func Reverse[S ~[]E, E any](s S) {
 	slices.Reverse(s)
 }
diff --git a/vendor/golang.org/x/exp/slices/sort.go b/vendor/golang.org/x/exp/slices/sort.go
index e270a74652..bd91a8d402 100644
--- a/vendor/golang.org/x/exp/slices/sort.go
+++ b/vendor/golang.org/x/exp/slices/sort.go
@@ -9,11 +9,10 @@ import (
 	"slices"
 )
 
-// TODO(adonovan): add a "//go:fix inline" annotation to each function
-// in this file; see https://go.dev/issue/32816.
-
 // Sort sorts a slice of any ordered type in ascending order.
 // When sorting floating-point numbers, NaNs are ordered before other values.
+//
+//go:fix inline
 func Sort[S ~[]E, E cmp.Ordered](x S) {
 	slices.Sort(x)
 }
@@ -27,23 +26,31 @@ func Sort[S ~[]E, E cmp.Ordered](x S) {
 // SortFunc requires that cmp is a strict weak ordering.
 // See https://en.wikipedia.org/wiki/Weak_ordering#Strict_weak_orderings.
 // To indicate 'uncomparable', return 0 from the function.
+//
+//go:fix inline
 func SortFunc[S ~[]E, E any](x S, cmp func(a, b E) int) {
 	slices.SortFunc(x, cmp)
 }
 
 // SortStableFunc sorts the slice x while keeping the original order of equal
 // elements, using cmp to compare elements in the same way as [SortFunc].
+//
+//go:fix inline
 func SortStableFunc[S ~[]E, E any](x S, cmp func(a, b E) int) {
 	slices.SortStableFunc(x, cmp)
 }
 
 // IsSorted reports whether x is sorted in ascending order.
+//
+//go:fix inline
 func IsSorted[S ~[]E, E cmp.Ordered](x S) bool {
 	return slices.IsSorted(x)
 }
 
 // IsSortedFunc reports whether x is sorted in ascending order, with cmp as the
 // comparison function as defined by [SortFunc].
+//
+//go:fix inline
 func IsSortedFunc[S ~[]E, E any](x S, cmp func(a, b E) int) bool {
 	return slices.IsSortedFunc(x, cmp)
 }
@@ -51,6 +58,8 @@ func IsSortedFunc[S ~[]E, E any](x S, cmp func(a, b E) int) bool {
 // Min returns the minimal value in x. It panics if x is empty.
 // For floating-point numbers, Min propagates NaNs (any NaN value in x
 // forces the output to be NaN).
+//
+//go:fix inline
 func Min[S ~[]E, E cmp.Ordered](x S) E {
 	return slices.Min(x)
 }
@@ -58,6 +67,8 @@ func Min[S ~[]E, E cmp.Ordered](x S) E {
 // MinFunc returns the minimal value in x, using cmp to compare elements.
 // It panics if x is empty. If there is more than one minimal element
 // according to the cmp function, MinFunc returns the first one.
+//
+//go:fix inline
 func MinFunc[S ~[]E, E any](x S, cmp func(a, b E) int) E {
 	return slices.MinFunc(x, cmp)
 }
@@ -65,6 +76,8 @@ func MinFunc[S ~[]E, E any](x S, cmp func(a, b E) int) E {
 // Max returns the maximal value in x. It panics if x is empty.
 // For floating-point E, Max propagates NaNs (any NaN value in x
 // forces the output to be NaN).
+//
+//go:fix inline
 func Max[S ~[]E, E cmp.Ordered](x S) E {
 	return slices.Max(x)
 }
@@ -72,6 +85,8 @@ func Max[S ~[]E, E cmp.Ordered](x S) E {
 // MaxFunc returns the maximal value in x, using cmp to compare elements.
 // It panics if x is empty. If there is more than one maximal element
 // according to the cmp function, MaxFunc returns the first one.
+//
+//go:fix inline
 func MaxFunc[S ~[]E, E any](x S, cmp func(a, b E) int) E {
 	return slices.MaxFunc(x, cmp)
 }
@@ -80,6 +95,8 @@ func MaxFunc[S ~[]E, E any](x S, cmp func(a, b E) int) E {
 // where target is found, or the position where target would appear in the
 // sort order; it also returns a bool saying whether the target is really found
 // in the slice. The slice must be sorted in increasing order.
+//
+//go:fix inline
 func BinarySearch[S ~[]E, E cmp.Ordered](x S, target E) (int, bool) {
 	return slices.BinarySearch(x, target)
 }
@@ -91,6 +108,8 @@ func BinarySearch[S ~[]E, E cmp.Ordered](x S, target E) (int, bool) {
 // or a positive number if the slice element follows the target.
 // cmp must implement the same ordering as the slice, such that if
 // cmp(a, t) < 0 and cmp(b, t) >= 0, then a must precede b in the slice.
+//
+//go:fix inline
 func BinarySearchFunc[S ~[]E, E, T any](x S, target T, cmp func(E, T) int) (int, bool) {
 	return slices.BinarySearchFunc(x, target, cmp)
 }
diff --git a/vendor/golang.org/x/mod/semver/semver.go b/vendor/golang.org/x/mod/semver/semver.go
index 9a2dfd33a7..628f8fd687 100644
--- a/vendor/golang.org/x/mod/semver/semver.go
+++ b/vendor/golang.org/x/mod/semver/semver.go
@@ -22,7 +22,10 @@
 // as shorthands for vMAJOR.0.0 and vMAJOR.MINOR.0.
 package semver
 
-import "sort"
+import (
+	"slices"
+	"strings"
+)
 
 // parsed returns the parsed form of a semantic version string.
 type parsed struct {
@@ -154,19 +157,22 @@ func Max(v, w string) string {
 // ByVersion implements [sort.Interface] for sorting semantic version strings.
 type ByVersion []string
 
-func (vs ByVersion) Len() int      { return len(vs) }
-func (vs ByVersion) Swap(i, j int) { vs[i], vs[j] = vs[j], vs[i] }
-func (vs ByVersion) Less(i, j int) bool {
-	cmp := Compare(vs[i], vs[j])
-	if cmp != 0 {
-		return cmp < 0
-	}
-	return vs[i] < vs[j]
-}
+func (vs ByVersion) Len() int           { return len(vs) }
+func (vs ByVersion) Swap(i, j int)      { vs[i], vs[j] = vs[j], vs[i] }
+func (vs ByVersion) Less(i, j int) bool { return compareVersion(vs[i], vs[j]) < 0 }
 
-// Sort sorts a list of semantic version strings using [ByVersion].
+// Sort sorts a list of semantic version strings using [Compare] and falls back
+// to use [strings.Compare] if both versions are considered equal.
 func Sort(list []string) {
-	sort.Sort(ByVersion(list))
+	slices.SortFunc(list, compareVersion)
+}
+
+func compareVersion(a, b string) int {
+	cmp := Compare(a, b)
+	if cmp != 0 {
+		return cmp
+	}
+	return strings.Compare(a, b)
 }
 
 func parse(v string) (p parsed, ok bool) {
diff --git a/vendor/golang.org/x/mod/sumdb/dirhash/hash.go b/vendor/golang.org/x/mod/sumdb/dirhash/hash.go
index 51ec4db873..117985ac30 100644
--- a/vendor/golang.org/x/mod/sumdb/dirhash/hash.go
+++ b/vendor/golang.org/x/mod/sumdb/dirhash/hash.go
@@ -16,7 +16,7 @@ import (
 	"io"
 	"os"
 	"path/filepath"
-	"sort"
+	"slices"
 	"strings"
 )
 
@@ -36,7 +36,7 @@ type Hash func(files []string, open func(string) (io.ReadCloser, error)) (string
 //	sha256sum $(find . -type f | sort) | sha256sum
 //
 // More precisely, the hashed summary contains a single line for each file in the list,
-// ordered by sort.Strings applied to the file names, where each line consists of
+// ordered by [slices.Sort] applied to the file names, where each line consists of
 // the hexadecimal SHA-256 hash of the file content,
 // two spaces (U+0020), the file name, and a newline (U+000A).
 //
@@ -44,7 +44,7 @@ type Hash func(files []string, open func(string) (io.ReadCloser, error)) (string
 func Hash1(files []string, open func(string) (io.ReadCloser, error)) (string, error) {
 	h := sha256.New()
 	files = append([]string(nil), files...)
-	sort.Strings(files)
+	slices.Sort(files)
 	for _, file := range files {
 		if strings.Contains(file, "\n") {
 			return "", errors.New("dirhash: filenames with newlines are not supported")
diff --git a/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go b/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go
deleted file mode 100644
index e0df203cea..0000000000
--- a/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go
+++ /dev/null
@@ -1,71 +0,0 @@
-// Copyright 2016 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package ctxhttp provides helper functions for performing context-aware HTTP requests.
-package ctxhttp
-
-import (
-	"context"
-	"io"
-	"net/http"
-	"net/url"
-	"strings"
-)
-
-// Do sends an HTTP request with the provided http.Client and returns
-// an HTTP response.
-//
-// If the client is nil, http.DefaultClient is used.
-//
-// The provided ctx must be non-nil. If it is canceled or times out,
-// ctx.Err() will be returned.
-func Do(ctx context.Context, client *http.Client, req *http.Request) (*http.Response, error) {
-	if client == nil {
-		client = http.DefaultClient
-	}
-	resp, err := client.Do(req.WithContext(ctx))
-	// If we got an error, and the context has been canceled,
-	// the context's error is probably more useful.
-	if err != nil {
-		select {
-		case <-ctx.Done():
-			err = ctx.Err()
-		default:
-		}
-	}
-	return resp, err
-}
-
-// Get issues a GET request via the Do function.
-func Get(ctx context.Context, client *http.Client, url string) (*http.Response, error) {
-	req, err := http.NewRequest("GET", url, nil)
-	if err != nil {
-		return nil, err
-	}
-	return Do(ctx, client, req)
-}
-
-// Head issues a HEAD request via the Do function.
-func Head(ctx context.Context, client *http.Client, url string) (*http.Response, error) {
-	req, err := http.NewRequest("HEAD", url, nil)
-	if err != nil {
-		return nil, err
-	}
-	return Do(ctx, client, req)
-}
-
-// Post issues a POST request via the Do function.
-func Post(ctx context.Context, client *http.Client, url string, bodyType string, body io.Reader) (*http.Response, error) {
-	req, err := http.NewRequest("POST", url, body)
-	if err != nil {
-		return nil, err
-	}
-	req.Header.Set("Content-Type", bodyType)
-	return Do(ctx, client, req)
-}
-
-// PostForm issues a POST request via the Do function.
-func PostForm(ctx context.Context, client *http.Client, url string, data url.Values) (*http.Response, error) {
-	return Post(ctx, client, url, "application/x-www-form-urlencoded", strings.NewReader(data.Encode()))
-}
diff --git a/vendor/golang.org/x/net/http2/frame.go b/vendor/golang.org/x/net/http2/frame.go
index 97bd8b06f7..db3264da8c 100644
--- a/vendor/golang.org/x/net/http2/frame.go
+++ b/vendor/golang.org/x/net/http2/frame.go
@@ -39,7 +39,7 @@ const (
 	FrameContinuation FrameType = 0x9
 )
 
-var frameName = map[FrameType]string{
+var frameNames = [...]string{
 	FrameData:         "DATA",
 	FrameHeaders:      "HEADERS",
 	FramePriority:     "PRIORITY",
@@ -53,10 +53,10 @@ var frameName = map[FrameType]string{
 }
 
 func (t FrameType) String() string {
-	if s, ok := frameName[t]; ok {
-		return s
+	if int(t) < len(frameNames) {
+		return frameNames[t]
 	}
-	return fmt.Sprintf("UNKNOWN_FRAME_TYPE_%d", uint8(t))
+	return fmt.Sprintf("UNKNOWN_FRAME_TYPE_%d", t)
 }
 
 // Flags is a bitmask of HTTP/2 flags.
@@ -124,7 +124,7 @@ var flagName = map[FrameType]map[Flags]string{
 // might be 0).
 type frameParser func(fc *frameCache, fh FrameHeader, countError func(string), payload []byte) (Frame, error)
 
-var frameParsers = map[FrameType]frameParser{
+var frameParsers = [...]frameParser{
 	FrameData:         parseDataFrame,
 	FrameHeaders:      parseHeadersFrame,
 	FramePriority:     parsePriorityFrame,
@@ -138,8 +138,8 @@ var frameParsers = map[FrameType]frameParser{
 }
 
 func typeFrameParser(t FrameType) frameParser {
-	if f := frameParsers[t]; f != nil {
-		return f
+	if int(t) < len(frameParsers) {
+		return frameParsers[t]
 	}
 	return parseUnknownFrame
 }
@@ -509,7 +509,7 @@ func (fr *Framer) ReadFrame() (Frame, error) {
 	}
 	if fh.Length > fr.maxReadSize {
 		if fh == invalidHTTP1LookingFrameHeader() {
-			return nil, fmt.Errorf("http2: failed reading the frame payload: %w, note that the frame header looked like an HTTP/1.1 header", err)
+			return nil, fmt.Errorf("http2: failed reading the frame payload: %w, note that the frame header looked like an HTTP/1.1 header", ErrFrameTooLarge)
 		}
 		return nil, ErrFrameTooLarge
 	}
diff --git a/vendor/golang.org/x/net/trace/events.go b/vendor/golang.org/x/net/trace/events.go
index c646a6952e..3aaffdd1f7 100644
--- a/vendor/golang.org/x/net/trace/events.go
+++ b/vendor/golang.org/x/net/trace/events.go
@@ -508,7 +508,7 @@ const eventsHTML = `
 	<tr class="first">
 		<td class="when">{{$el.When}}</td>
 		<td class="elapsed">{{$el.ElapsedTime}}</td>
-		<td>{{$el.Title}}
+		<td>{{$el.Title}}</td>
 	</tr>
 	{{if $.Expanded}}
 	<tr>
diff --git a/vendor/golang.org/x/oauth2/authhandler/authhandler.go b/vendor/golang.org/x/oauth2/authhandler/authhandler.go
index 9bc6cd7bc5..46d1396f1f 100644
--- a/vendor/golang.org/x/oauth2/authhandler/authhandler.go
+++ b/vendor/golang.org/x/oauth2/authhandler/authhandler.go
@@ -34,7 +34,7 @@ type PKCEParams struct {
 // and returns an auth code and state upon approval.
 type AuthorizationHandler func(authCodeURL string) (code string, state string, err error)
 
-// TokenSourceWithPKCE is an enhanced version of TokenSource with PKCE support.
+// TokenSourceWithPKCE is an enhanced version of [oauth2.TokenSource] with PKCE support.
 //
 // The pkce parameter supports PKCE flow, which uses code challenge and code verifier
 // to prevent CSRF attacks. A unique code challenge and code verifier should be generated
@@ -43,12 +43,12 @@ func TokenSourceWithPKCE(ctx context.Context, config *oauth2.Config, state strin
 	return oauth2.ReuseTokenSource(nil, authHandlerSource{config: config, ctx: ctx, authHandler: authHandler, state: state, pkce: pkce})
 }
 
-// TokenSource returns an oauth2.TokenSource that fetches access tokens
+// TokenSource returns an [oauth2.TokenSource] that fetches access tokens
 // using 3-legged-OAuth flow.
 //
-// The provided context.Context is used for oauth2 Exchange operation.
+// The provided [context.Context] is used for oauth2 Exchange operation.
 //
-// The provided oauth2.Config should be a full configuration containing AuthURL,
+// The provided [oauth2.Config] should be a full configuration containing AuthURL,
 // TokenURL, and Scope.
 //
 // An environment-specific AuthorizationHandler is used to obtain user consent.
diff --git a/vendor/golang.org/x/oauth2/google/externalaccount/aws.go b/vendor/golang.org/x/oauth2/google/externalaccount/aws.go
index 55d59999e0..e1a735e01b 100644
--- a/vendor/golang.org/x/oauth2/google/externalaccount/aws.go
+++ b/vendor/golang.org/x/oauth2/google/externalaccount/aws.go
@@ -14,7 +14,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"os"
@@ -170,7 +169,7 @@ func requestDataHash(req *http.Request) (string, error) {
 		}
 		defer requestBody.Close()
 
-		requestData, err = ioutil.ReadAll(io.LimitReader(requestBody, 1<<20))
+		requestData, err = io.ReadAll(io.LimitReader(requestBody, 1<<20))
 		if err != nil {
 			return "", err
 		}
@@ -419,7 +418,7 @@ func (cs *awsCredentialSource) getAWSSessionToken() (string, error) {
 	}
 	defer resp.Body.Close()
 
-	respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	respBody, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return "", err
 	}
@@ -462,7 +461,7 @@ func (cs *awsCredentialSource) getRegion(headers map[string]string) (string, err
 	}
 	defer resp.Body.Close()
 
-	respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	respBody, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return "", err
 	}
@@ -531,7 +530,7 @@ func (cs *awsCredentialSource) getMetadataSecurityCredentials(roleName string, h
 	}
 	defer resp.Body.Close()
 
-	respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	respBody, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return result, err
 	}
@@ -564,7 +563,7 @@ func (cs *awsCredentialSource) getMetadataRoleName(headers map[string]string) (s
 	}
 	defer resp.Body.Close()
 
-	respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	respBody, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return "", err
 	}
diff --git a/vendor/golang.org/x/oauth2/google/externalaccount/basecredentials.go b/vendor/golang.org/x/oauth2/google/externalaccount/basecredentials.go
index aa0bba2eb3..6f7662170e 100644
--- a/vendor/golang.org/x/oauth2/google/externalaccount/basecredentials.go
+++ b/vendor/golang.org/x/oauth2/google/externalaccount/basecredentials.go
@@ -486,11 +486,11 @@ func (ts tokenSource) Token() (*oauth2.Token, error) {
 		ClientID:     conf.ClientID,
 		ClientSecret: conf.ClientSecret,
 	}
-	var options map[string]interface{}
+	var options map[string]any
 	// Do not pass workforce_pool_user_project when client authentication is used.
 	// The client ID is sufficient for determining the user project.
 	if conf.WorkforcePoolUserProject != "" && conf.ClientID == "" {
-		options = map[string]interface{}{
+		options = map[string]any{
 			"userProject": conf.WorkforcePoolUserProject,
 		}
 	}
diff --git a/vendor/golang.org/x/oauth2/google/externalaccount/executablecredsource.go b/vendor/golang.org/x/oauth2/google/externalaccount/executablecredsource.go
index dca5681a46..b173c61f06 100644
--- a/vendor/golang.org/x/oauth2/google/externalaccount/executablecredsource.go
+++ b/vendor/golang.org/x/oauth2/google/externalaccount/executablecredsource.go
@@ -11,7 +11,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"os/exec"
 	"regexp"
@@ -258,7 +257,7 @@ func (cs executableCredentialSource) getTokenFromOutputFile() (token string, err
 	}
 	defer file.Close()
 
-	data, err := ioutil.ReadAll(io.LimitReader(file, 1<<20))
+	data, err := io.ReadAll(io.LimitReader(file, 1<<20))
 	if err != nil || len(data) == 0 {
 		// Cachefile exists, but no data found. Get new credential.
 		return "", nil
diff --git a/vendor/golang.org/x/oauth2/google/externalaccount/filecredsource.go b/vendor/golang.org/x/oauth2/google/externalaccount/filecredsource.go
index 33766b9722..46ebc18361 100644
--- a/vendor/golang.org/x/oauth2/google/externalaccount/filecredsource.go
+++ b/vendor/golang.org/x/oauth2/google/externalaccount/filecredsource.go
@@ -10,7 +10,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 )
 
@@ -29,14 +28,14 @@ func (cs fileCredentialSource) subjectToken() (string, error) {
 		return "", fmt.Errorf("oauth2/google/externalaccount: failed to open credential file %q", cs.File)
 	}
 	defer tokenFile.Close()
-	tokenBytes, err := ioutil.ReadAll(io.LimitReader(tokenFile, 1<<20))
+	tokenBytes, err := io.ReadAll(io.LimitReader(tokenFile, 1<<20))
 	if err != nil {
 		return "", fmt.Errorf("oauth2/google/externalaccount: failed to read credential file: %v", err)
 	}
 	tokenBytes = bytes.TrimSpace(tokenBytes)
 	switch cs.Format.Type {
 	case "json":
-		jsonData := make(map[string]interface{})
+		jsonData := make(map[string]any)
 		err = json.Unmarshal(tokenBytes, &jsonData)
 		if err != nil {
 			return "", fmt.Errorf("oauth2/google/externalaccount: failed to unmarshal subject token file: %v", err)
diff --git a/vendor/golang.org/x/oauth2/google/externalaccount/urlcredsource.go b/vendor/golang.org/x/oauth2/google/externalaccount/urlcredsource.go
index 71a7184e01..65bfd2046c 100644
--- a/vendor/golang.org/x/oauth2/google/externalaccount/urlcredsource.go
+++ b/vendor/golang.org/x/oauth2/google/externalaccount/urlcredsource.go
@@ -10,7 +10,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 
 	"golang.org/x/oauth2"
@@ -44,7 +43,7 @@ func (cs urlCredentialSource) subjectToken() (string, error) {
 	}
 	defer resp.Body.Close()
 
-	respBody, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	respBody, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return "", fmt.Errorf("oauth2/google/externalaccount: invalid body in subject token URL query: %v", err)
 	}
@@ -54,7 +53,7 @@ func (cs urlCredentialSource) subjectToken() (string, error) {
 
 	switch cs.Format.Type {
 	case "json":
-		jsonData := make(map[string]interface{})
+		jsonData := make(map[string]any)
 		err = json.Unmarshal(respBody, &jsonData)
 		if err != nil {
 			return "", fmt.Errorf("oauth2/google/externalaccount: failed to unmarshal subject token file: %v", err)
diff --git a/vendor/golang.org/x/oauth2/google/google.go b/vendor/golang.org/x/oauth2/google/google.go
index 7b82e7a083..e2eb9c9272 100644
--- a/vendor/golang.org/x/oauth2/google/google.go
+++ b/vendor/golang.org/x/oauth2/google/google.go
@@ -285,27 +285,23 @@ func (cs computeSource) Token() (*oauth2.Token, error) {
 	if err != nil {
 		return nil, err
 	}
-	var res struct {
-		AccessToken  string `json:"access_token"`
-		ExpiresInSec int    `json:"expires_in"`
-		TokenType    string `json:"token_type"`
-	}
+	var res oauth2.Token
 	err = json.NewDecoder(strings.NewReader(tokenJSON)).Decode(&res)
 	if err != nil {
 		return nil, fmt.Errorf("oauth2/google: invalid token JSON from metadata: %v", err)
 	}
-	if res.ExpiresInSec == 0 || res.AccessToken == "" {
+	if res.ExpiresIn == 0 || res.AccessToken == "" {
 		return nil, fmt.Errorf("oauth2/google: incomplete token received from metadata")
 	}
 	tok := &oauth2.Token{
 		AccessToken: res.AccessToken,
 		TokenType:   res.TokenType,
-		Expiry:      time.Now().Add(time.Duration(res.ExpiresInSec) * time.Second),
+		Expiry:      time.Now().Add(time.Duration(res.ExpiresIn) * time.Second),
 	}
 	// NOTE(cbro): add hidden metadata about where the token is from.
 	// This is needed for detection by client libraries to know that credentials come from the metadata server.
 	// This may be removed in a future version of this library.
-	return tok.WithExtra(map[string]interface{}{
+	return tok.WithExtra(map[string]any{
 		"oauth2.google.tokenSource":    "compute-metadata",
 		"oauth2.google.serviceAccount": acct,
 	}), nil
diff --git a/vendor/golang.org/x/oauth2/google/internal/impersonate/impersonate.go b/vendor/golang.org/x/oauth2/google/internal/impersonate/impersonate.go
index 6bc3af1103..eaa8b5c71f 100644
--- a/vendor/golang.org/x/oauth2/google/internal/impersonate/impersonate.go
+++ b/vendor/golang.org/x/oauth2/google/internal/impersonate/impersonate.go
@@ -10,7 +10,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"time"
 
@@ -81,7 +80,7 @@ func (its ImpersonateTokenSource) Token() (*oauth2.Token, error) {
 		return nil, fmt.Errorf("oauth2/google: unable to generate access token: %v", err)
 	}
 	defer resp.Body.Close()
-	body, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	body, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return nil, fmt.Errorf("oauth2/google: unable to read body: %v", err)
 	}
diff --git a/vendor/golang.org/x/oauth2/google/internal/stsexchange/sts_exchange.go b/vendor/golang.org/x/oauth2/google/internal/stsexchange/sts_exchange.go
index 1a0bebd159..edf700e215 100644
--- a/vendor/golang.org/x/oauth2/google/internal/stsexchange/sts_exchange.go
+++ b/vendor/golang.org/x/oauth2/google/internal/stsexchange/sts_exchange.go
@@ -9,7 +9,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"strconv"
@@ -28,7 +27,7 @@ func defaultHeader() http.Header {
 // The first 4 fields are all mandatory.  headers can be used to pass additional
 // headers beyond the bare minimum required by the token exchange.  options can
 // be used to pass additional JSON-structured options to the remote server.
-func ExchangeToken(ctx context.Context, endpoint string, request *TokenExchangeRequest, authentication ClientAuthentication, headers http.Header, options map[string]interface{}) (*Response, error) {
+func ExchangeToken(ctx context.Context, endpoint string, request *TokenExchangeRequest, authentication ClientAuthentication, headers http.Header, options map[string]any) (*Response, error) {
 	data := url.Values{}
 	data.Set("audience", request.Audience)
 	data.Set("grant_type", "urn:ietf:params:oauth:grant-type:token-exchange")
@@ -82,7 +81,7 @@ func makeRequest(ctx context.Context, endpoint string, data url.Values, authenti
 	}
 	defer resp.Body.Close()
 
-	body, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	body, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/golang.org/x/oauth2/internal/doc.go b/vendor/golang.org/x/oauth2/internal/doc.go
index 03265e888a..8c7c475f2d 100644
--- a/vendor/golang.org/x/oauth2/internal/doc.go
+++ b/vendor/golang.org/x/oauth2/internal/doc.go
@@ -2,5 +2,5 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-// Package internal contains support packages for oauth2 package.
+// Package internal contains support packages for [golang.org/x/oauth2].
 package internal
diff --git a/vendor/golang.org/x/oauth2/internal/oauth2.go b/vendor/golang.org/x/oauth2/internal/oauth2.go
index 14989beaf4..71ea6ad1f5 100644
--- a/vendor/golang.org/x/oauth2/internal/oauth2.go
+++ b/vendor/golang.org/x/oauth2/internal/oauth2.go
@@ -13,7 +13,7 @@ import (
 )
 
 // ParseKey converts the binary contents of a private key file
-// to an *rsa.PrivateKey. It detects whether the private key is in a
+// to an [*rsa.PrivateKey]. It detects whether the private key is in a
 // PEM container or not. If so, it extracts the private key
 // from PEM container before conversion. It only supports PEM
 // containers with no passphrase.
diff --git a/vendor/golang.org/x/oauth2/internal/token.go b/vendor/golang.org/x/oauth2/internal/token.go
index e83ddeef0f..8389f24629 100644
--- a/vendor/golang.org/x/oauth2/internal/token.go
+++ b/vendor/golang.org/x/oauth2/internal/token.go
@@ -10,7 +10,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"math"
 	"mime"
 	"net/http"
@@ -26,9 +25,9 @@ import (
 // the requests to access protected resources on the OAuth 2.0
 // provider's backend.
 //
-// This type is a mirror of oauth2.Token and exists to break
+// This type is a mirror of [golang.org/x/oauth2.Token] and exists to break
 // an otherwise-circular dependency. Other internal packages
-// should convert this Token into an oauth2.Token before use.
+// should convert this Token into an [golang.org/x/oauth2.Token] before use.
 type Token struct {
 	// AccessToken is the token that authorizes and authenticates
 	// the requests.
@@ -50,9 +49,16 @@ type Token struct {
 	// mechanisms for that TokenSource will not be used.
 	Expiry time.Time
 
+	// ExpiresIn is the OAuth2 wire format "expires_in" field,
+	// which specifies how many seconds later the token expires,
+	// relative to an unknown time base approximately around "now".
+	// It is the application's responsibility to populate
+	// `Expiry` from `ExpiresIn` when required.
+	ExpiresIn int64 `json:"expires_in,omitempty"`
+
 	// Raw optionally contains extra metadata from the server
 	// when updating a token.
-	Raw interface{}
+	Raw any
 }
 
 // tokenJSON is the struct representing the HTTP response from OAuth2
@@ -99,14 +105,6 @@ func (e *expirationTime) UnmarshalJSON(b []byte) error {
 	return nil
 }
 
-// RegisterBrokenAuthHeaderProvider previously did something. It is now a no-op.
-//
-// Deprecated: this function no longer does anything. Caller code that
-// wants to avoid potential extra HTTP requests made during
-// auto-probing of the provider's auth style should set
-// Endpoint.AuthStyle.
-func RegisterBrokenAuthHeaderProvider(tokenURL string) {}
-
 // AuthStyle is a copy of the golang.org/x/oauth2 package's AuthStyle type.
 type AuthStyle int
 
@@ -143,6 +141,11 @@ func (lc *LazyAuthStyleCache) Get() *AuthStyleCache {
 	return c
 }
 
+type authStyleCacheKey struct {
+	url      string
+	clientID string
+}
+
 // AuthStyleCache is the set of tokenURLs we've successfully used via
 // RetrieveToken and which style auth we ended up using.
 // It's called a cache, but it doesn't (yet?) shrink. It's expected that
@@ -150,26 +153,26 @@ func (lc *LazyAuthStyleCache) Get() *AuthStyleCache {
 // small.
 type AuthStyleCache struct {
 	mu sync.Mutex
-	m  map[string]AuthStyle // keyed by tokenURL
+	m  map[authStyleCacheKey]AuthStyle
 }
 
 // lookupAuthStyle reports which auth style we last used with tokenURL
 // when calling RetrieveToken and whether we have ever done so.
-func (c *AuthStyleCache) lookupAuthStyle(tokenURL string) (style AuthStyle, ok bool) {
+func (c *AuthStyleCache) lookupAuthStyle(tokenURL, clientID string) (style AuthStyle, ok bool) {
 	c.mu.Lock()
 	defer c.mu.Unlock()
-	style, ok = c.m[tokenURL]
+	style, ok = c.m[authStyleCacheKey{tokenURL, clientID}]
 	return
 }
 
 // setAuthStyle adds an entry to authStyleCache, documented above.
-func (c *AuthStyleCache) setAuthStyle(tokenURL string, v AuthStyle) {
+func (c *AuthStyleCache) setAuthStyle(tokenURL, clientID string, v AuthStyle) {
 	c.mu.Lock()
 	defer c.mu.Unlock()
 	if c.m == nil {
-		c.m = make(map[string]AuthStyle)
+		c.m = make(map[authStyleCacheKey]AuthStyle)
 	}
-	c.m[tokenURL] = v
+	c.m[authStyleCacheKey{tokenURL, clientID}] = v
 }
 
 // newTokenRequest returns a new *http.Request to retrieve a new token
@@ -210,9 +213,9 @@ func cloneURLValues(v url.Values) url.Values {
 }
 
 func RetrieveToken(ctx context.Context, clientID, clientSecret, tokenURL string, v url.Values, authStyle AuthStyle, styleCache *AuthStyleCache) (*Token, error) {
-	needsAuthStyleProbe := authStyle == 0
+	needsAuthStyleProbe := authStyle == AuthStyleUnknown
 	if needsAuthStyleProbe {
-		if style, ok := styleCache.lookupAuthStyle(tokenURL); ok {
+		if style, ok := styleCache.lookupAuthStyle(tokenURL, clientID); ok {
 			authStyle = style
 			needsAuthStyleProbe = false
 		} else {
@@ -242,7 +245,7 @@ func RetrieveToken(ctx context.Context, clientID, clientSecret, tokenURL string,
 		token, err = doTokenRoundTrip(ctx, req)
 	}
 	if needsAuthStyleProbe && err == nil {
-		styleCache.setAuthStyle(tokenURL, authStyle)
+		styleCache.setAuthStyle(tokenURL, clientID, authStyle)
 	}
 	// Don't overwrite `RefreshToken` with an empty value
 	// if this was a token refreshing request.
@@ -257,7 +260,7 @@ func doTokenRoundTrip(ctx context.Context, req *http.Request) (*Token, error) {
 	if err != nil {
 		return nil, err
 	}
-	body, err := ioutil.ReadAll(io.LimitReader(r.Body, 1<<20))
+	body, err := io.ReadAll(io.LimitReader(r.Body, 1<<20))
 	r.Body.Close()
 	if err != nil {
 		return nil, fmt.Errorf("oauth2: cannot fetch token: %v", err)
@@ -312,7 +315,8 @@ func doTokenRoundTrip(ctx context.Context, req *http.Request) (*Token, error) {
 			TokenType:    tj.TokenType,
 			RefreshToken: tj.RefreshToken,
 			Expiry:       tj.expiry(),
-			Raw:          make(map[string]interface{}),
+			ExpiresIn:    int64(tj.ExpiresIn),
+			Raw:          make(map[string]any),
 		}
 		json.Unmarshal(body, &token.Raw) // no error checks for optional fields
 	}
diff --git a/vendor/golang.org/x/oauth2/internal/transport.go b/vendor/golang.org/x/oauth2/internal/transport.go
index b9db01ddfd..afc0aeb274 100644
--- a/vendor/golang.org/x/oauth2/internal/transport.go
+++ b/vendor/golang.org/x/oauth2/internal/transport.go
@@ -9,8 +9,8 @@ import (
 	"net/http"
 )
 
-// HTTPClient is the context key to use with golang.org/x/net/context's
-// WithValue function to associate an *http.Client value with a context.
+// HTTPClient is the context key to use with [context.WithValue]
+// to associate an [*http.Client] value with a context.
 var HTTPClient ContextKey
 
 // ContextKey is just an empty struct. It exists so HTTPClient can be
diff --git a/vendor/golang.org/x/oauth2/jws/jws.go b/vendor/golang.org/x/oauth2/jws/jws.go
index 27ab06139a..9bc484406e 100644
--- a/vendor/golang.org/x/oauth2/jws/jws.go
+++ b/vendor/golang.org/x/oauth2/jws/jws.go
@@ -4,7 +4,7 @@
 
 // Package jws provides a partial implementation
 // of JSON Web Signature encoding and decoding.
-// It exists to support the golang.org/x/oauth2 package.
+// It exists to support the [golang.org/x/oauth2] package.
 //
 // See RFC 7515.
 //
@@ -48,7 +48,7 @@ type ClaimSet struct {
 
 	// See http://tools.ietf.org/html/draft-jones-json-web-token-10#section-4.3
 	// This array is marshalled using custom code (see (c *ClaimSet) encode()).
-	PrivateClaims map[string]interface{} `json:"-"`
+	PrivateClaims map[string]any `json:"-"`
 }
 
 func (c *ClaimSet) encode() (string, error) {
@@ -152,7 +152,7 @@ func EncodeWithSigner(header *Header, c *ClaimSet, sg Signer) (string, error) {
 }
 
 // Encode encodes a signed JWS with provided header and claim set.
-// This invokes EncodeWithSigner using crypto/rsa.SignPKCS1v15 with the given RSA private key.
+// This invokes [EncodeWithSigner] using [crypto/rsa.SignPKCS1v15] with the given RSA private key.
 func Encode(header *Header, c *ClaimSet, key *rsa.PrivateKey) (string, error) {
 	sg := func(data []byte) (sig []byte, err error) {
 		h := sha256.New()
diff --git a/vendor/golang.org/x/oauth2/jwt/jwt.go b/vendor/golang.org/x/oauth2/jwt/jwt.go
index b2bf18298b..38a92daca8 100644
--- a/vendor/golang.org/x/oauth2/jwt/jwt.go
+++ b/vendor/golang.org/x/oauth2/jwt/jwt.go
@@ -13,7 +13,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"strings"
@@ -69,7 +68,7 @@ type Config struct {
 
 	// PrivateClaims optionally specifies custom private claims in the JWT.
 	// See http://tools.ietf.org/html/draft-jones-json-web-token-10#section-4.3
-	PrivateClaims map[string]interface{}
+	PrivateClaims map[string]any
 
 	// UseIDToken optionally specifies whether ID token should be used instead
 	// of access token when the server returns both.
@@ -136,7 +135,7 @@ func (js jwtSource) Token() (*oauth2.Token, error) {
 		return nil, fmt.Errorf("oauth2: cannot fetch token: %v", err)
 	}
 	defer resp.Body.Close()
-	body, err := ioutil.ReadAll(io.LimitReader(resp.Body, 1<<20))
+	body, err := io.ReadAll(io.LimitReader(resp.Body, 1<<20))
 	if err != nil {
 		return nil, fmt.Errorf("oauth2: cannot fetch token: %v", err)
 	}
@@ -148,10 +147,8 @@ func (js jwtSource) Token() (*oauth2.Token, error) {
 	}
 	// tokenRes is the JSON response body.
 	var tokenRes struct {
-		AccessToken string `json:"access_token"`
-		TokenType   string `json:"token_type"`
-		IDToken     string `json:"id_token"`
-		ExpiresIn   int64  `json:"expires_in"` // relative seconds from now
+		oauth2.Token
+		IDToken string `json:"id_token"`
 	}
 	if err := json.Unmarshal(body, &tokenRes); err != nil {
 		return nil, fmt.Errorf("oauth2: cannot fetch token: %v", err)
@@ -160,7 +157,7 @@ func (js jwtSource) Token() (*oauth2.Token, error) {
 		AccessToken: tokenRes.AccessToken,
 		TokenType:   tokenRes.TokenType,
 	}
-	raw := make(map[string]interface{})
+	raw := make(map[string]any)
 	json.Unmarshal(body, &raw) // no error checks for optional fields
 	token = token.WithExtra(raw)
 
diff --git a/vendor/golang.org/x/oauth2/oauth2.go b/vendor/golang.org/x/oauth2/oauth2.go
index eacdd7fd93..de34feb844 100644
--- a/vendor/golang.org/x/oauth2/oauth2.go
+++ b/vendor/golang.org/x/oauth2/oauth2.go
@@ -22,9 +22,9 @@ import (
 )
 
 // NoContext is the default context you should supply if not using
-// your own context.Context (see https://golang.org/x/net/context).
+// your own [context.Context].
 //
-// Deprecated: Use context.Background() or context.TODO() instead.
+// Deprecated: Use [context.Background] or [context.TODO] instead.
 var NoContext = context.TODO()
 
 // RegisterBrokenAuthHeaderProvider previously did something. It is now a no-op.
@@ -37,8 +37,8 @@ func RegisterBrokenAuthHeaderProvider(tokenURL string) {}
 
 // Config describes a typical 3-legged OAuth2 flow, with both the
 // client application information and the server's endpoint URLs.
-// For the client credentials 2-legged OAuth2 flow, see the clientcredentials
-// package (https://golang.org/x/oauth2/clientcredentials).
+// For the client credentials 2-legged OAuth2 flow, see the
+// [golang.org/x/oauth2/clientcredentials] package.
 type Config struct {
 	// ClientID is the application's ID.
 	ClientID string
@@ -46,7 +46,7 @@ type Config struct {
 	// ClientSecret is the application's secret.
 	ClientSecret string
 
-	// Endpoint contains the resource server's token endpoint
+	// Endpoint contains the authorization server's token endpoint
 	// URLs. These are constants specific to each server and are
 	// often available via site-specific packages, such as
 	// google.Endpoint or github.Endpoint.
@@ -135,7 +135,7 @@ type setParam struct{ k, v string }
 
 func (p setParam) setValue(m url.Values) { m.Set(p.k, p.v) }
 
-// SetAuthURLParam builds an AuthCodeOption which passes key/value parameters
+// SetAuthURLParam builds an [AuthCodeOption] which passes key/value parameters
 // to a provider's authorization endpoint.
 func SetAuthURLParam(key, value string) AuthCodeOption {
 	return setParam{key, value}
@@ -148,8 +148,8 @@ func SetAuthURLParam(key, value string) AuthCodeOption {
 // request and callback. The authorization server includes this value when
 // redirecting the user agent back to the client.
 //
-// Opts may include AccessTypeOnline or AccessTypeOffline, as well
-// as ApprovalForce.
+// Opts may include [AccessTypeOnline] or [AccessTypeOffline], as well
+// as [ApprovalForce].
 //
 // To protect against CSRF attacks, opts should include a PKCE challenge
 // (S256ChallengeOption). Not all servers support PKCE. An alternative is to
@@ -194,7 +194,7 @@ func (c *Config) AuthCodeURL(state string, opts ...AuthCodeOption) string {
 // and when other authorization grant types are not available."
 // See https://tools.ietf.org/html/rfc6749#section-4.3 for more info.
 //
-// The provided context optionally controls which HTTP client is used. See the HTTPClient variable.
+// The provided context optionally controls which HTTP client is used. See the [HTTPClient] variable.
 func (c *Config) PasswordCredentialsToken(ctx context.Context, username, password string) (*Token, error) {
 	v := url.Values{
 		"grant_type": {"password"},
@@ -212,10 +212,10 @@ func (c *Config) PasswordCredentialsToken(ctx context.Context, username, passwor
 // It is used after a resource provider redirects the user back
 // to the Redirect URI (the URL obtained from AuthCodeURL).
 //
-// The provided context optionally controls which HTTP client is used. See the HTTPClient variable.
+// The provided context optionally controls which HTTP client is used. See the [HTTPClient] variable.
 //
-// The code will be in the *http.Request.FormValue("code"). Before
-// calling Exchange, be sure to validate FormValue("state") if you are
+// The code will be in the [http.Request.FormValue]("code"). Before
+// calling Exchange, be sure to validate [http.Request.FormValue]("state") if you are
 // using it to protect against CSRF attacks.
 //
 // If using PKCE to protect against CSRF attacks, opts should include a
@@ -242,10 +242,10 @@ func (c *Config) Client(ctx context.Context, t *Token) *http.Client {
 	return NewClient(ctx, c.TokenSource(ctx, t))
 }
 
-// TokenSource returns a TokenSource that returns t until t expires,
+// TokenSource returns a [TokenSource] that returns t until t expires,
 // automatically refreshing it as necessary using the provided context.
 //
-// Most users will use Config.Client instead.
+// Most users will use [Config.Client] instead.
 func (c *Config) TokenSource(ctx context.Context, t *Token) TokenSource {
 	tkr := &tokenRefresher{
 		ctx:  ctx,
@@ -260,7 +260,7 @@ func (c *Config) TokenSource(ctx context.Context, t *Token) TokenSource {
 	}
 }
 
-// tokenRefresher is a TokenSource that makes "grant_type"=="refresh_token"
+// tokenRefresher is a TokenSource that makes "grant_type=refresh_token"
 // HTTP requests to renew a token using a RefreshToken.
 type tokenRefresher struct {
 	ctx          context.Context // used to get HTTP requests
@@ -305,8 +305,7 @@ type reuseTokenSource struct {
 }
 
 // Token returns the current token if it's still valid, else will
-// refresh the current token (using r.Context for HTTP client
-// information) and return the new one.
+// refresh the current token and return the new one.
 func (s *reuseTokenSource) Token() (*Token, error) {
 	s.mu.Lock()
 	defer s.mu.Unlock()
@@ -322,7 +321,7 @@ func (s *reuseTokenSource) Token() (*Token, error) {
 	return t, nil
 }
 
-// StaticTokenSource returns a TokenSource that always returns the same token.
+// StaticTokenSource returns a [TokenSource] that always returns the same token.
 // Because the provided token t is never refreshed, StaticTokenSource is only
 // useful for tokens that never expire.
 func StaticTokenSource(t *Token) TokenSource {
@@ -338,16 +337,16 @@ func (s staticTokenSource) Token() (*Token, error) {
 	return s.t, nil
 }
 
-// HTTPClient is the context key to use with golang.org/x/net/context's
-// WithValue function to associate an *http.Client value with a context.
+// HTTPClient is the context key to use with [context.WithValue]
+// to associate a [*http.Client] value with a context.
 var HTTPClient internal.ContextKey
 
-// NewClient creates an *http.Client from a Context and TokenSource.
+// NewClient creates an [*http.Client] from a [context.Context] and [TokenSource].
 // The returned client is not valid beyond the lifetime of the context.
 //
-// Note that if a custom *http.Client is provided via the Context it
+// Note that if a custom [*http.Client] is provided via the [context.Context] it
 // is used only for token acquisition and is not used to configure the
-// *http.Client returned from NewClient.
+// [*http.Client] returned from NewClient.
 //
 // As a special case, if src is nil, a non-OAuth2 client is returned
 // using the provided context. This exists to support related OAuth2
@@ -368,7 +367,7 @@ func NewClient(ctx context.Context, src TokenSource) *http.Client {
 	}
 }
 
-// ReuseTokenSource returns a TokenSource which repeatedly returns the
+// ReuseTokenSource returns a [TokenSource] which repeatedly returns the
 // same token as long as it's valid, starting with t.
 // When its cached token is invalid, a new token is obtained from src.
 //
@@ -376,10 +375,10 @@ func NewClient(ctx context.Context, src TokenSource) *http.Client {
 // (such as a file on disk) between runs of a program, rather than
 // obtaining new tokens unnecessarily.
 //
-// The initial token t may be nil, in which case the TokenSource is
+// The initial token t may be nil, in which case the [TokenSource] is
 // wrapped in a caching version if it isn't one already. This also
 // means it's always safe to wrap ReuseTokenSource around any other
-// TokenSource without adverse effects.
+// [TokenSource] without adverse effects.
 func ReuseTokenSource(t *Token, src TokenSource) TokenSource {
 	// Don't wrap a reuseTokenSource in itself. That would work,
 	// but cause an unnecessary number of mutex operations.
@@ -397,8 +396,8 @@ func ReuseTokenSource(t *Token, src TokenSource) TokenSource {
 	}
 }
 
-// ReuseTokenSourceWithExpiry returns a TokenSource that acts in the same manner as the
-// TokenSource returned by ReuseTokenSource, except the expiry buffer is
+// ReuseTokenSourceWithExpiry returns a [TokenSource] that acts in the same manner as the
+// [TokenSource] returned by [ReuseTokenSource], except the expiry buffer is
 // configurable. The expiration time of a token is calculated as
 // t.Expiry.Add(-earlyExpiry).
 func ReuseTokenSourceWithExpiry(t *Token, src TokenSource, earlyExpiry time.Duration) TokenSource {
diff --git a/vendor/golang.org/x/oauth2/pkce.go b/vendor/golang.org/x/oauth2/pkce.go
index 6a95da975c..cea8374d51 100644
--- a/vendor/golang.org/x/oauth2/pkce.go
+++ b/vendor/golang.org/x/oauth2/pkce.go
@@ -1,6 +1,7 @@
 // Copyright 2023 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
+
 package oauth2
 
 import (
@@ -20,9 +21,9 @@ const (
 // This follows recommendations in RFC 7636.
 //
 // A fresh verifier should be generated for each authorization.
-// S256ChallengeOption(verifier) should then be passed to Config.AuthCodeURL
-// (or Config.DeviceAuth) and VerifierOption(verifier) to Config.Exchange
-// (or Config.DeviceAccessToken).
+// The resulting verifier should be passed to [Config.AuthCodeURL] or [Config.DeviceAuth]
+// with [S256ChallengeOption], and to [Config.Exchange] or [Config.DeviceAccessToken]
+// with [VerifierOption].
 func GenerateVerifier() string {
 	// "RECOMMENDED that the output of a suitable random number generator be
 	// used to create a 32-octet sequence.  The octet sequence is then
@@ -36,22 +37,22 @@ func GenerateVerifier() string {
 	return base64.RawURLEncoding.EncodeToString(data)
 }
 
-// VerifierOption returns a PKCE code verifier AuthCodeOption. It should be
-// passed to Config.Exchange or Config.DeviceAccessToken only.
+// VerifierOption returns a PKCE code verifier [AuthCodeOption]. It should only be
+// passed to [Config.Exchange] or [Config.DeviceAccessToken].
 func VerifierOption(verifier string) AuthCodeOption {
 	return setParam{k: codeVerifierKey, v: verifier}
 }
 
 // S256ChallengeFromVerifier returns a PKCE code challenge derived from verifier with method S256.
 //
-// Prefer to use S256ChallengeOption where possible.
+// Prefer to use [S256ChallengeOption] where possible.
 func S256ChallengeFromVerifier(verifier string) string {
 	sha := sha256.Sum256([]byte(verifier))
 	return base64.RawURLEncoding.EncodeToString(sha[:])
 }
 
 // S256ChallengeOption derives a PKCE code challenge derived from verifier with
-// method S256. It should be passed to Config.AuthCodeURL or Config.DeviceAuth
+// method S256. It should be passed to [Config.AuthCodeURL] or [Config.DeviceAuth]
 // only.
 func S256ChallengeOption(verifier string) AuthCodeOption {
 	return challengeOption{
diff --git a/vendor/golang.org/x/oauth2/token.go b/vendor/golang.org/x/oauth2/token.go
index 8c31136c40..239ec32962 100644
--- a/vendor/golang.org/x/oauth2/token.go
+++ b/vendor/golang.org/x/oauth2/token.go
@@ -44,7 +44,7 @@ type Token struct {
 
 	// Expiry is the optional expiration time of the access token.
 	//
-	// If zero, TokenSource implementations will reuse the same
+	// If zero, [TokenSource] implementations will reuse the same
 	// token forever and RefreshToken or equivalent
 	// mechanisms for that TokenSource will not be used.
 	Expiry time.Time `json:"expiry,omitempty"`
@@ -58,7 +58,7 @@ type Token struct {
 
 	// raw optionally contains extra metadata from the server
 	// when updating a token.
-	raw interface{}
+	raw any
 
 	// expiryDelta is used to calculate when a token is considered
 	// expired, by subtracting from Expiry. If zero, defaultExpiryDelta
@@ -86,16 +86,16 @@ func (t *Token) Type() string {
 // SetAuthHeader sets the Authorization header to r using the access
 // token in t.
 //
-// This method is unnecessary when using Transport or an HTTP Client
+// This method is unnecessary when using [Transport] or an HTTP Client
 // returned by this package.
 func (t *Token) SetAuthHeader(r *http.Request) {
 	r.Header.Set("Authorization", t.Type()+" "+t.AccessToken)
 }
 
-// WithExtra returns a new Token that's a clone of t, but using the
+// WithExtra returns a new [Token] that's a clone of t, but using the
 // provided raw extra map. This is only intended for use by packages
 // implementing derivative OAuth2 flows.
-func (t *Token) WithExtra(extra interface{}) *Token {
+func (t *Token) WithExtra(extra any) *Token {
 	t2 := new(Token)
 	*t2 = *t
 	t2.raw = extra
@@ -105,8 +105,8 @@ func (t *Token) WithExtra(extra interface{}) *Token {
 // Extra returns an extra field.
 // Extra fields are key-value pairs returned by the server as a
 // part of the token retrieval response.
-func (t *Token) Extra(key string) interface{} {
-	if raw, ok := t.raw.(map[string]interface{}); ok {
+func (t *Token) Extra(key string) any {
+	if raw, ok := t.raw.(map[string]any); ok {
 		return raw[key]
 	}
 
@@ -163,6 +163,7 @@ func tokenFromInternal(t *internal.Token) *Token {
 		TokenType:    t.TokenType,
 		RefreshToken: t.RefreshToken,
 		Expiry:       t.Expiry,
+		ExpiresIn:    t.ExpiresIn,
 		raw:          t.Raw,
 	}
 }
diff --git a/vendor/golang.org/x/oauth2/transport.go b/vendor/golang.org/x/oauth2/transport.go
index 90657915fb..8bbebbac9e 100644
--- a/vendor/golang.org/x/oauth2/transport.go
+++ b/vendor/golang.org/x/oauth2/transport.go
@@ -11,12 +11,12 @@ import (
 	"sync"
 )
 
-// Transport is an http.RoundTripper that makes OAuth 2.0 HTTP requests,
-// wrapping a base RoundTripper and adding an Authorization header
-// with a token from the supplied Sources.
+// Transport is an [http.RoundTripper] that makes OAuth 2.0 HTTP requests,
+// wrapping a base [http.RoundTripper] and adding an Authorization header
+// with a token from the supplied [TokenSource].
 //
 // Transport is a low-level mechanism. Most code will use the
-// higher-level Config.Client method instead.
+// higher-level [Config.Client] method instead.
 type Transport struct {
 	// Source supplies the token to add to outgoing requests'
 	// Authorization headers.
@@ -47,7 +47,7 @@ func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error) {
 		return nil, err
 	}
 
-	req2 := cloneRequest(req) // per RoundTripper contract
+	req2 := req.Clone(req.Context())
 	token.SetAuthHeader(req2)
 
 	// req.Body is assumed to be closed by the base RoundTripper.
@@ -73,17 +73,3 @@ func (t *Transport) base() http.RoundTripper {
 	}
 	return http.DefaultTransport
 }
-
-// cloneRequest returns a clone of the provided *http.Request.
-// The clone is a shallow copy of the struct and its Header map.
-func cloneRequest(r *http.Request) *http.Request {
-	// shallow copy of the struct
-	r2 := new(http.Request)
-	*r2 = *r
-	// deep copy of the Header
-	r2.Header = make(http.Header, len(r.Header))
-	for k, s := range r.Header {
-		r2.Header[k] = append([]string(nil), s...)
-	}
-	return r2
-}
diff --git a/vendor/golang.org/x/sync/errgroup/errgroup.go b/vendor/golang.org/x/sync/errgroup/errgroup.go
index f8c3c09265..cb6bb9ad3b 100644
--- a/vendor/golang.org/x/sync/errgroup/errgroup.go
+++ b/vendor/golang.org/x/sync/errgroup/errgroup.go
@@ -12,6 +12,8 @@ package errgroup
 import (
 	"context"
 	"fmt"
+	"runtime"
+	"runtime/debug"
 	"sync"
 )
 
@@ -31,6 +33,10 @@ type Group struct {
 
 	errOnce sync.Once
 	err     error
+
+	mu         sync.Mutex
+	panicValue any  // = PanicError | PanicValue; non-nil if some Group.Go goroutine panicked.
+	abnormal   bool // some Group.Go goroutine terminated abnormally (panic or goexit).
 }
 
 func (g *Group) done() {
@@ -50,33 +56,78 @@ func WithContext(ctx context.Context) (*Group, context.Context) {
 	return &Group{cancel: cancel}, ctx
 }
 
-// Wait blocks until all function calls from the Go method have returned, then
-// returns the first non-nil error (if any) from them.
+// Wait blocks until all function calls from the Go method have returned
+// normally, then returns the first non-nil error (if any) from them.
+//
+// If any of the calls panics, Wait panics with a [PanicValue];
+// and if any of them calls [runtime.Goexit], Wait calls runtime.Goexit.
 func (g *Group) Wait() error {
 	g.wg.Wait()
 	if g.cancel != nil {
 		g.cancel(g.err)
 	}
+	if g.panicValue != nil {
+		panic(g.panicValue)
+	}
+	if g.abnormal {
+		runtime.Goexit()
+	}
 	return g.err
 }
 
 // Go calls the given function in a new goroutine.
+//
 // The first call to Go must happen before a Wait.
 // It blocks until the new goroutine can be added without the number of
-// active goroutines in the group exceeding the configured limit.
+// goroutines in the group exceeding the configured limit.
 //
-// The first call to return a non-nil error cancels the group's context, if the
-// group was created by calling WithContext. The error will be returned by Wait.
+// The first goroutine in the group that returns a non-nil error, panics, or
+// invokes [runtime.Goexit] will cancel the associated Context, if any.
 func (g *Group) Go(f func() error) {
 	if g.sem != nil {
 		g.sem <- token{}
 	}
 
+	g.add(f)
+}
+
+func (g *Group) add(f func() error) {
 	g.wg.Add(1)
 	go func() {
 		defer g.done()
+		normalReturn := false
+		defer func() {
+			if normalReturn {
+				return
+			}
+			v := recover()
+			g.mu.Lock()
+			defer g.mu.Unlock()
+			if !g.abnormal {
+				if g.cancel != nil {
+					g.cancel(g.err)
+				}
+				g.abnormal = true
+			}
+			if v != nil && g.panicValue == nil {
+				switch v := v.(type) {
+				case error:
+					g.panicValue = PanicError{
+						Recovered: v,
+						Stack:     debug.Stack(),
+					}
+				default:
+					g.panicValue = PanicValue{
+						Recovered: v,
+						Stack:     debug.Stack(),
+					}
+				}
+			}
+		}()
 
-		if err := f(); err != nil {
+		err := f()
+		normalReturn = true
+		if err != nil {
 			g.errOnce.Do(func() {
 				g.err = err
 				if g.cancel != nil {
@@ -101,19 +152,7 @@ func (g *Group) TryGo(f func() error) bool {
 		}
 	}
 
-	g.wg.Add(1)
-	go func() {
-		defer g.done()
-
-		if err := f(); err != nil {
-			g.errOnce.Do(func() {
-				g.err = err
-				if g.cancel != nil {
-					g.cancel(g.err)
-				}
-			})
-		}
-	}()
+	g.add(f)
 	return true
 }
 
@@ -135,3 +174,34 @@ func (g *Group) SetLimit(n int) {
 	}
 	g.sem = make(chan token, n)
 }
+
+// PanicError wraps an error recovered from an unhandled panic
+// when calling a function passed to Go or TryGo.
+type PanicError struct {
+	Recovered error
+	Stack     []byte // result of call to [debug.Stack]
+}
+
+func (p PanicError) Error() string {
+	if len(p.Stack) > 0 {
+		return fmt.Sprintf("recovered from errgroup.Group: %v\n%s", p.Recovered, p.Stack)
+	}
+	return fmt.Sprintf("recovered from errgroup.Group: %v", p.Recovered)
+}
+
+func (p PanicError) Unwrap() error { return p.Recovered }
+
+// PanicValue wraps a value that does not implement the error interface,
+// recovered from an unhandled panic when calling a function passed to Go or
+// TryGo.
+type PanicValue struct {
+	Recovered any
+	Stack     []byte // result of call to [debug.Stack]
+}
+
+func (p PanicValue) String() string {
+	if len(p.Stack) > 0 {
+		return fmt.Sprintf("recovered from errgroup.Group: %v\n%s", p.Recovered, p.Stack)
+	}
+	return fmt.Sprintf("recovered from errgroup.Group: %v", p.Recovered)
+}
diff --git a/vendor/golang.org/x/time/rate/sometimes.go b/vendor/golang.org/x/time/rate/sometimes.go
index 6ba99ddb67..9b83932692 100644
--- a/vendor/golang.org/x/time/rate/sometimes.go
+++ b/vendor/golang.org/x/time/rate/sometimes.go
@@ -61,7 +61,9 @@ func (s *Sometimes) Do(f func()) {
 		(s.Every > 0 && s.count%s.Every == 0) ||
 		(s.Interval > 0 && time.Since(s.last) >= s.Interval) {
 		f()
-		s.last = time.Now()
+		if s.Interval > 0 {
+			s.last = time.Now()
+		}
 	}
 	s.count++
 }
diff --git a/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-api.json b/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-api.json
index b263324717..1949c777bf 100644
--- a/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-api.json
+++ b/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-api.json
@@ -15,6 +15,13 @@
   "description": "Creates short-lived credentials for impersonating IAM service accounts. Disabling this API also disables the IAM API (iam.googleapis.com). However, enabling this API doesn't enable the IAM API. ",
   "discoveryVersion": "v1",
   "documentationLink": "https://cloud.google.com/iam/docs/creating-short-lived-service-account-credentials",
+  "endpoints": [
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://iamcredentials.us-east7.rep.googleapis.com/",
+      "location": "us-east7"
+    }
+  ],
   "fullyEncodeReservedExpansion": true,
   "icons": {
     "x16": "http://www.google.com/images/icons/product/search-16.gif",
@@ -105,8 +112,68 @@
   },
   "protocol": "rest",
   "resources": {
+    "locations": {
+      "resources": {
+        "workforcePools": {
+          "methods": {
+            "getAllowedLocations": {
+              "description": "Returns the trust boundary info for a given workforce pool.",
+              "flatPath": "v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/allowedLocations",
+              "httpMethod": "GET",
+              "id": "iamcredentials.locations.workforcePools.getAllowedLocations",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Required. Resource name of workforce pool.",
+                  "location": "path",
+                  "pattern": "^locations/[^/]+/workforcePools/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/{+name}/allowedLocations",
+              "response": {
+                "$ref": "WorkforcePoolAllowedLocations"
+              }
+            }
+          }
+        }
+      }
+    },
     "projects": {
       "resources": {
+        "locations": {
+          "resources": {
+            "workloadIdentityPools": {
+              "methods": {
+                "getAllowedLocations": {
+                  "description": "Returns the trust boundary info for a given workload identity pool.",
+                  "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/allowedLocations",
+                  "httpMethod": "GET",
+                  "id": "iamcredentials.projects.locations.workloadIdentityPools.getAllowedLocations",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "Required. Resource name of workload identity pool.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/{+name}/allowedLocations",
+                  "response": {
+                    "$ref": "WorkloadIdentityPoolAllowedLocations"
+                  }
+                }
+              }
+            }
+          }
+        },
         "serviceAccounts": {
           "methods": {
             "generateAccessToken": {
@@ -248,7 +315,7 @@
       }
     }
   },
-  "revision": "20241024",
+  "revision": "20250417",
   "rootUrl": "https://iamcredentials.googleapis.com/",
   "schemas": {
     "GenerateAccessTokenRequest": {
@@ -308,6 +375,10 @@
         "includeEmail": {
           "description": "Include the service account email in the token. If set to `true`, the token will contain `email` and `email_verified` claims.",
           "type": "boolean"
+        },
+        "organizationNumberIncluded": {
+          "description": "Include the organization number of the service account in the token. If set to `true`, the token will contain a `google.organization_number` claim. The value of the claim will be `null` if the service account isn't associated with an organization.",
+          "type": "boolean"
         }
       },
       "type": "object"
@@ -316,7 +387,7 @@
       "id": "GenerateIdTokenResponse",
       "properties": {
         "token": {
-          "description": "The OpenId Connect ID token.",
+          "description": "The OpenId Connect ID token. The token is a JSON Web Token (JWT) that contains a payload with claims. See the [JSON Web Token spec](https://tools.ietf.org/html/rfc7519) for more information. Here is an example of a decoded JWT payload: ``` { \"iss\": \"https://accounts.google.com\", \"iat\": 1496953245, \"exp\": 1496953245, \"aud\": \"https://www.example.com\", \"sub\": \"107517467455664443765\", \"azp\": \"107517467455664443765\", \"email\": \"my-iam-account@my-project.iam.gserviceaccount.com\", \"email_verified\": true, \"google\": { \"organization_number\": 123456 } } ```",
           "type": "string"
         }
       },
@@ -405,6 +476,46 @@
         }
       },
       "type": "object"
+    },
+    "WorkforcePoolAllowedLocations": {
+      "description": "Represents a list of allowed locations for given workforce pool.",
+      "id": "WorkforcePoolAllowedLocations",
+      "properties": {
+        "encodedLocations": {
+          "description": "Output only. The hex encoded bitmap of the trust boundary locations",
+          "readOnly": true,
+          "type": "string"
+        },
+        "locations": {
+          "description": "Output only. The human readable trust boundary locations. For example, [\"us-central1\", \"europe-west1\"]",
+          "items": {
+            "type": "string"
+          },
+          "readOnly": true,
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "WorkloadIdentityPoolAllowedLocations": {
+      "description": "Represents a list of allowed locations for given workload identity pool.",
+      "id": "WorkloadIdentityPoolAllowedLocations",
+      "properties": {
+        "encodedLocations": {
+          "description": "Output only. The hex encoded bitmap of the trust boundary locations",
+          "readOnly": true,
+          "type": "string"
+        },
+        "locations": {
+          "description": "Output only. The human readable trust boundary locations. For example, [\"us-central1\", \"europe-west1\"]",
+          "items": {
+            "type": "string"
+          },
+          "readOnly": true,
+          "type": "array"
+        }
+      },
+      "type": "object"
     }
   },
   "servicePath": "",
diff --git a/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-gen.go b/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-gen.go
index 949fa87374..fb81ad5146 100644
--- a/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-gen.go
+++ b/vendor/google.golang.org/api/iamcredentials/v1/iamcredentials-gen.go
@@ -119,10 +119,8 @@ func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, err
 		return nil, err
 	}
 	s := &Service{client: client, BasePath: basePath, logger: internaloption.GetLogger(opts)}
+	s.Locations = NewLocationsService(s)
 	s.Projects = NewProjectsService(s)
-	if err != nil {
-		return nil, err
-	}
 	if endpoint != "" {
 		s.BasePath = endpoint
 	}
@@ -147,6 +145,8 @@ type Service struct {
 	BasePath  string // API endpoint base URL
 	UserAgent string // optional additional User-Agent fragment
 
+	Locations *LocationsService
+
 	Projects *ProjectsService
 }
 
@@ -157,8 +157,30 @@ func (s *Service) userAgent() string {
 	return googleapi.UserAgent + " " + s.UserAgent
 }
 
+func NewLocationsService(s *Service) *LocationsService {
+	rs := &LocationsService{s: s}
+	rs.WorkforcePools = NewLocationsWorkforcePoolsService(s)
+	return rs
+}
+
+type LocationsService struct {
+	s *Service
+
+	WorkforcePools *LocationsWorkforcePoolsService
+}
+
+func NewLocationsWorkforcePoolsService(s *Service) *LocationsWorkforcePoolsService {
+	rs := &LocationsWorkforcePoolsService{s: s}
+	return rs
+}
+
+type LocationsWorkforcePoolsService struct {
+	s *Service
+}
+
 func NewProjectsService(s *Service) *ProjectsService {
 	rs := &ProjectsService{s: s}
+	rs.Locations = NewProjectsLocationsService(s)
 	rs.ServiceAccounts = NewProjectsServiceAccountsService(s)
 	return rs
 }
@@ -166,9 +188,32 @@ func NewProjectsService(s *Service) *ProjectsService {
 type ProjectsService struct {
 	s *Service
 
+	Locations *ProjectsLocationsService
+
 	ServiceAccounts *ProjectsServiceAccountsService
 }
 
+func NewProjectsLocationsService(s *Service) *ProjectsLocationsService {
+	rs := &ProjectsLocationsService{s: s}
+	rs.WorkloadIdentityPools = NewProjectsLocationsWorkloadIdentityPoolsService(s)
+	return rs
+}
+
+type ProjectsLocationsService struct {
+	s *Service
+
+	WorkloadIdentityPools *ProjectsLocationsWorkloadIdentityPoolsService
+}
+
+func NewProjectsLocationsWorkloadIdentityPoolsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsService {
+	rs := &ProjectsLocationsWorkloadIdentityPoolsService{s: s}
+	return rs
+}
+
+type ProjectsLocationsWorkloadIdentityPoolsService struct {
+	s *Service
+}
+
 func NewProjectsServiceAccountsService(s *Service) *ProjectsServiceAccountsService {
 	rs := &ProjectsServiceAccountsService{s: s}
 	return rs
@@ -267,6 +312,11 @@ type GenerateIdTokenRequest struct {
 	// IncludeEmail: Include the service account email in the token. If set to
 	// `true`, the token will contain `email` and `email_verified` claims.
 	IncludeEmail bool `json:"includeEmail,omitempty"`
+	// OrganizationNumberIncluded: Include the organization number of the service
+	// account in the token. If set to `true`, the token will contain a
+	// `google.organization_number` claim. The value of the claim will be `null` if
+	// the service account isn't associated with an organization.
+	OrganizationNumberIncluded bool `json:"organizationNumberIncluded,omitempty"`
 	// ForceSendFields is a list of field names (e.g. "Audience") to
 	// unconditionally include in API requests. By default, fields with empty or
 	// default values are omitted from API requests. See
@@ -286,7 +336,15 @@ func (s GenerateIdTokenRequest) MarshalJSON() ([]byte, error) {
 }
 
 type GenerateIdTokenResponse struct {
-	// Token: The OpenId Connect ID token.
+	// Token: The OpenId Connect ID token. The token is a JSON Web Token (JWT) that
+	// contains a payload with claims. See the JSON Web Token spec
+	// (https://tools.ietf.org/html/rfc7519) for more information. Here is an
+	// example of a decoded JWT payload: ``` { "iss":
+	// "https://accounts.google.com", "iat": 1496953245, "exp": 1496953245, "aud":
+	// "https://www.example.com", "sub": "107517467455664443765", "azp":
+	// "107517467455664443765", "email":
+	// "my-iam-account@my-project.iam.gserviceaccount.com", "email_verified": true,
+	// "google": { "organization_number": 123456 } } ```
 	Token string `json:"token,omitempty"`
 
 	// ServerResponse contains the HTTP response code and headers from the server.
@@ -479,6 +537,288 @@ func (s SignJwtResponse) MarshalJSON() ([]byte, error) {
 	return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields)
 }
 
+// WorkforcePoolAllowedLocations: Represents a list of allowed locations for
+// given workforce pool.
+type WorkforcePoolAllowedLocations struct {
+	// EncodedLocations: Output only. The hex encoded bitmap of the trust boundary
+	// locations
+	EncodedLocations string `json:"encodedLocations,omitempty"`
+	// Locations: Output only. The human readable trust boundary locations. For
+	// example, ["us-central1", "europe-west1"]
+	Locations []string `json:"locations,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the server.
+	googleapi.ServerResponse `json:"-"`
+	// ForceSendFields is a list of field names (e.g. "EncodedLocations") to
+	// unconditionally include in API requests. By default, fields with empty or
+	// default values are omitted from API requests. See
+	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
+	// details.
+	ForceSendFields []string `json:"-"`
+	// NullFields is a list of field names (e.g. "EncodedLocations") to include in
+	// API requests with the JSON null value. By default, fields with empty values
+	// are omitted from API requests. See
+	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
+	NullFields []string `json:"-"`
+}
+
+func (s WorkforcePoolAllowedLocations) MarshalJSON() ([]byte, error) {
+	type NoMethod WorkforcePoolAllowedLocations
+	return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields)
+}
+
+// WorkloadIdentityPoolAllowedLocations: Represents a list of allowed locations
+// for given workload identity pool.
+type WorkloadIdentityPoolAllowedLocations struct {
+	// EncodedLocations: Output only. The hex encoded bitmap of the trust boundary
+	// locations
+	EncodedLocations string `json:"encodedLocations,omitempty"`
+	// Locations: Output only. The human readable trust boundary locations. For
+	// example, ["us-central1", "europe-west1"]
+	Locations []string `json:"locations,omitempty"`
+
+	// ServerResponse contains the HTTP response code and headers from the server.
+	googleapi.ServerResponse `json:"-"`
+	// ForceSendFields is a list of field names (e.g. "EncodedLocations") to
+	// unconditionally include in API requests. By default, fields with empty or
+	// default values are omitted from API requests. See
+	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
+	// details.
+	ForceSendFields []string `json:"-"`
+	// NullFields is a list of field names (e.g. "EncodedLocations") to include in
+	// API requests with the JSON null value. By default, fields with empty values
+	// are omitted from API requests. See
+	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
+	NullFields []string `json:"-"`
+}
+
+func (s WorkloadIdentityPoolAllowedLocations) MarshalJSON() ([]byte, error) {
+	type NoMethod WorkloadIdentityPoolAllowedLocations
+	return gensupport.MarshalJSON(NoMethod(s), s.ForceSendFields, s.NullFields)
+}
+
+type LocationsWorkforcePoolsGetAllowedLocationsCall struct {
+	s            *Service
+	name         string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// GetAllowedLocations: Returns the trust boundary info for a given workforce
+// pool.
+//
+// - name: Resource name of workforce pool.
+func (r *LocationsWorkforcePoolsService) GetAllowedLocations(name string) *LocationsWorkforcePoolsGetAllowedLocationsCall {
+	c := &LocationsWorkforcePoolsGetAllowedLocationsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
+// details.
+func (c *LocationsWorkforcePoolsGetAllowedLocationsCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsGetAllowedLocationsCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets an optional parameter which makes the operation fail if the
+// object's ETag matches the given value. This is useful for getting updates
+// only after the object has changed since the last request.
+func (c *LocationsWorkforcePoolsGetAllowedLocationsCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsGetAllowedLocationsCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method.
+func (c *LocationsWorkforcePoolsGetAllowedLocationsCall) Context(ctx context.Context) *LocationsWorkforcePoolsGetAllowedLocationsCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns a http.Header that can be modified by the caller to add
+// headers to the request.
+func (c *LocationsWorkforcePoolsGetAllowedLocationsCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *LocationsWorkforcePoolsGetAllowedLocationsCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	c.urlParams_.Set("alt", alt)
+	c.urlParams_.Set("prettyPrint", "false")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/allowedLocations")
+	urls += "?" + c.urlParams_.Encode()
+	req, err := http.NewRequest("GET", urls, nil)
+	if err != nil {
+		return nil, err
+	}
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	c.s.logger.DebugContext(c.ctx_, "api request", "serviceName", apiName, "rpcName", "iamcredentials.locations.workforcePools.getAllowedLocations", "request", internallog.HTTPRequest(req, nil))
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "iamcredentials.locations.workforcePools.getAllowedLocations" call.
+// Any non-2xx status code is an error. Response headers are in either
+// *WorkforcePoolAllowedLocations.ServerResponse.Header or (if a response was
+// returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *LocationsWorkforcePoolsGetAllowedLocationsCall) Do(opts ...googleapi.CallOption) (*WorkforcePoolAllowedLocations, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, gensupport.WrapError(&googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		})
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, gensupport.WrapError(err)
+	}
+	ret := &WorkforcePoolAllowedLocations{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	b, err := gensupport.DecodeResponseBytes(target, res)
+	if err != nil {
+		return nil, err
+	}
+	c.s.logger.DebugContext(c.ctx_, "api response", "serviceName", apiName, "rpcName", "iamcredentials.locations.workforcePools.getAllowedLocations", "response", internallog.HTTPResponse(res, b))
+	return ret, nil
+}
+
+type ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall struct {
+	s            *Service
+	name         string
+	urlParams_   gensupport.URLParams
+	ifNoneMatch_ string
+	ctx_         context.Context
+	header_      http.Header
+}
+
+// GetAllowedLocations: Returns the trust boundary info for a given workload
+// identity pool.
+//
+// - name: Resource name of workload identity pool.
+func (r *ProjectsLocationsWorkloadIdentityPoolsService) GetAllowedLocations(name string) *ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall {
+	c := &ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
+	c.name = name
+	return c
+}
+
+// Fields allows partial responses to be retrieved. See
+// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
+// details.
+func (c *ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall {
+	c.urlParams_.Set("fields", googleapi.CombineFields(s))
+	return c
+}
+
+// IfNoneMatch sets an optional parameter which makes the operation fail if the
+// object's ETag matches the given value. This is useful for getting updates
+// only after the object has changed since the last request.
+func (c *ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall {
+	c.ifNoneMatch_ = entityTag
+	return c
+}
+
+// Context sets the context to be used in this call's Do method.
+func (c *ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall {
+	c.ctx_ = ctx
+	return c
+}
+
+// Header returns a http.Header that can be modified by the caller to add
+// headers to the request.
+func (c *ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall) Header() http.Header {
+	if c.header_ == nil {
+		c.header_ = make(http.Header)
+	}
+	return c.header_
+}
+
+func (c *ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall) doRequest(alt string) (*http.Response, error) {
+	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
+	if c.ifNoneMatch_ != "" {
+		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
+	}
+	c.urlParams_.Set("alt", alt)
+	c.urlParams_.Set("prettyPrint", "false")
+	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/allowedLocations")
+	urls += "?" + c.urlParams_.Encode()
+	req, err := http.NewRequest("GET", urls, nil)
+	if err != nil {
+		return nil, err
+	}
+	req.Header = reqHeaders
+	googleapi.Expand(req.URL, map[string]string{
+		"name": c.name,
+	})
+	c.s.logger.DebugContext(c.ctx_, "api request", "serviceName", apiName, "rpcName", "iamcredentials.projects.locations.workloadIdentityPools.getAllowedLocations", "request", internallog.HTTPRequest(req, nil))
+	return gensupport.SendRequest(c.ctx_, c.s.client, req)
+}
+
+// Do executes the "iamcredentials.projects.locations.workloadIdentityPools.getAllowedLocations" call.
+// Any non-2xx status code is an error. Response headers are in either
+// *WorkloadIdentityPoolAllowedLocations.ServerResponse.Header or (if a
+// response was returned at all) in error.(*googleapi.Error).Header. Use
+// googleapi.IsNotModified to check whether the returned error was because
+// http.StatusNotModified was returned.
+func (c *ProjectsLocationsWorkloadIdentityPoolsGetAllowedLocationsCall) Do(opts ...googleapi.CallOption) (*WorkloadIdentityPoolAllowedLocations, error) {
+	gensupport.SetOptions(c.urlParams_, opts...)
+	res, err := c.doRequest("json")
+	if res != nil && res.StatusCode == http.StatusNotModified {
+		if res.Body != nil {
+			res.Body.Close()
+		}
+		return nil, gensupport.WrapError(&googleapi.Error{
+			Code:   res.StatusCode,
+			Header: res.Header,
+		})
+	}
+	if err != nil {
+		return nil, err
+	}
+	defer googleapi.CloseBody(res)
+	if err := googleapi.CheckResponse(res); err != nil {
+		return nil, gensupport.WrapError(err)
+	}
+	ret := &WorkloadIdentityPoolAllowedLocations{
+		ServerResponse: googleapi.ServerResponse{
+			Header:         res.Header,
+			HTTPStatusCode: res.StatusCode,
+		},
+	}
+	target := &ret
+	b, err := gensupport.DecodeResponseBytes(target, res)
+	if err != nil {
+		return nil, err
+	}
+	c.s.logger.DebugContext(c.ctx_, "api response", "serviceName", apiName, "rpcName", "iamcredentials.projects.locations.workloadIdentityPools.getAllowedLocations", "response", internallog.HTTPResponse(res, b))
+	return ret, nil
+}
+
 type ProjectsServiceAccountsGenerateAccessTokenCall struct {
 	s                          *Service
 	name                       string
diff --git a/vendor/google.golang.org/api/internal/cba.go b/vendor/google.golang.org/api/internal/cba.go
index fbf4ef1c6e..7b13dc8369 100644
--- a/vendor/google.golang.org/api/internal/cba.go
+++ b/vendor/google.golang.org/api/internal/cba.go
@@ -42,7 +42,6 @@ import (
 	"strings"
 
 	"github.com/google/s2a-go"
-	"github.com/google/s2a-go/fallback"
 	"google.golang.org/api/internal/cert"
 	"google.golang.org/grpc/credentials"
 )
@@ -242,17 +241,8 @@ func GetGRPCTransportConfigAndEndpoint(settings *DialSettings) (credentials.Tran
 		return defaultTransportCreds, config.endpoint, nil
 	}
 
-	var fallbackOpts *s2a.FallbackOptions
-	// In case of S2A failure, fall back to the endpoint that would've been used without S2A.
-	if fallbackHandshake, err := fallback.DefaultFallbackClientHandshakeFunc(config.endpoint); err == nil {
-		fallbackOpts = &s2a.FallbackOptions{
-			FallbackClientHandshakeFunc: fallbackHandshake,
-		}
-	}
-
 	s2aTransportCreds, err := s2a.NewClientCreds(&s2a.ClientOptions{
-		S2AAddress:   config.s2aAddress,
-		FallbackOpts: fallbackOpts,
+		S2AAddress: config.s2aAddress,
 	})
 	if err != nil {
 		// Use default if we cannot initialize S2A client transport credentials.
@@ -273,22 +263,8 @@ func GetHTTPTransportConfigAndEndpoint(settings *DialSettings) (cert.Source, fun
 		return config.clientCertSource, nil, config.endpoint, nil
 	}
 
-	var fallbackOpts *s2a.FallbackOptions
-	// In case of S2A failure, fall back to the endpoint that would've been used without S2A.
-	if fallbackURL, err := url.Parse(config.endpoint); err == nil {
-		if fallbackDialer, fallbackServerAddr, err := fallback.DefaultFallbackDialerAndAddress(fallbackURL.Hostname()); err == nil {
-			fallbackOpts = &s2a.FallbackOptions{
-				FallbackDialer: &s2a.FallbackDialer{
-					Dialer:     fallbackDialer,
-					ServerAddr: fallbackServerAddr,
-				},
-			}
-		}
-	}
-
 	dialTLSContextFunc := s2a.NewS2ADialTLSContextFunc(&s2a.ClientOptions{
-		S2AAddress:   config.s2aAddress,
-		FallbackOpts: fallbackOpts,
+		S2AAddress: config.s2aAddress,
 	})
 	return nil, dialTLSContextFunc, config.s2aMTLSEndpoint, nil
 }
diff --git a/vendor/google.golang.org/api/internal/creds.go b/vendor/google.golang.org/api/internal/creds.go
index 86861e2438..92bb42c321 100644
--- a/vendor/google.golang.org/api/internal/creds.go
+++ b/vendor/google.golang.org/api/internal/creds.go
@@ -47,7 +47,13 @@ func Creds(ctx context.Context, ds *DialSettings) (*google.Credentials, error) {
 // options provided via [option.ClientOption], including legacy oauth2/google
 // options. If there are no applicable options, then it returns the result of
 // [cloud.google.com/go/auth/credentials.DetectDefault].
+// Note: If NoAuth is true, when [google.golang.org/api/option.WithoutAuthentication]
+// is passed, then no authentication will be performed and this function will
+// return nil, nil.
 func AuthCreds(ctx context.Context, settings *DialSettings) (*auth.Credentials, error) {
+	if settings.NoAuth {
+		return nil, nil
+	}
 	if settings.AuthCredentials != nil {
 		return settings.AuthCredentials, nil
 	}
diff --git a/vendor/google.golang.org/api/internal/settings.go b/vendor/google.golang.org/api/internal/settings.go
index beec4ea0dd..a81d149ae2 100644
--- a/vendor/google.golang.org/api/internal/settings.go
+++ b/vendor/google.golang.org/api/internal/settings.go
@@ -110,6 +110,9 @@ func (ds *DialSettings) IsNewAuthLibraryEnabled() bool {
 	if ds.EnableNewAuthLibrary {
 		return true
 	}
+	if ds.AuthCredentials != nil {
+		return true
+	}
 	if b, err := strconv.ParseBool(os.Getenv(newAuthLibEnvVar)); err == nil {
 		return b
 	}
diff --git a/vendor/google.golang.org/api/internal/version.go b/vendor/google.golang.org/api/internal/version.go
index 0dfaa1cd3d..27c3d5dd34 100644
--- a/vendor/google.golang.org/api/internal/version.go
+++ b/vendor/google.golang.org/api/internal/version.go
@@ -5,4 +5,4 @@
 package internal
 
 // Version is the current tagged release of the library.
-const Version = "0.229.0"
+const Version = "0.237.0"
diff --git a/vendor/google.golang.org/api/option/internaloption/internaloption.go b/vendor/google.golang.org/api/option/internaloption/internaloption.go
index 18fec9c984..931f093d89 100644
--- a/vendor/google.golang.org/api/option/internaloption/internaloption.go
+++ b/vendor/google.golang.org/api/option/internaloption/internaloption.go
@@ -289,21 +289,22 @@ func GetLogger(opts []option.ClientOption) *slog.Logger {
 // options provided via [option.ClientOption], including legacy oauth2/google
 // options, in this order:
 //
-// * [option.WithAuthCredentials]
-// * [option/internaloption.WithCredentials] (internal use only)
-// * [option.WithCredentials]
-// * [option.WithTokenSource]
+//   - [option.WithoutAuthentication]
+//   - [option.WithAuthCredentials]
+//   - [WithCredentials] (internal use only)
+//   - [option.WithCredentials]
+//   - [option.WithTokenSource]
 //
 // If there are no applicable credentials options, then it passes the
 // following options to [cloud.google.com/go/auth/credentials.DetectDefault] and
 // returns the result:
 //
-// * [option.WithAudiences]
-// * [option.WithCredentialsFile]
-// * [option.WithCredentialsJSON]
-// * [option.WithScopes]
-// * [option/internaloption.WithDefaultScopes] (internal use only)
-// * [option/internaloption.EnableJwtWithScope] (internal use only)
+//   - [option.WithAudiences]
+//   - [option.WithCredentialsFile]
+//   - [option.WithCredentialsJSON]
+//   - [option.WithScopes]
+//   - [WithDefaultScopes] (internal use only)
+//   - [EnableJwtWithScope] (internal use only)
 //
 // This function should only be used internally by generated clients. This is an
 // EXPERIMENTAL API and may be changed or removed in the future.
diff --git a/vendor/google.golang.org/api/storage/v1/storage-api.json b/vendor/google.golang.org/api/storage/v1/storage-api.json
index 25602e2258..905cf577d1 100644
--- a/vendor/google.golang.org/api/storage/v1/storage-api.json
+++ b/vendor/google.golang.org/api/storage/v1/storage-api.json
@@ -52,6 +52,11 @@
       "endpointUrl": "https://storage.asia-northeast2.rep.googleapis.com/",
       "location": "asia-northeast2"
     },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://storage.asia-northeast3.rep.googleapis.com/",
+      "location": "asia-northeast3"
+    },
     {
       "description": "Regional Endpoint",
       "endpointUrl": "https://storage.asia-south1.rep.googleapis.com/",
@@ -206,9 +211,49 @@
       "description": "Regional Endpoint",
       "endpointUrl": "https://storage.us-west4.rep.googleapis.com/",
       "location": "us-west4"
+    },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://storage.northamerica-northeast2.rep.googleapis.com/",
+      "location": "northamerica-northeast2"
+    },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://storage.southamerica-east1.rep.googleapis.com/",
+      "location": "southamerica-east1"
+    },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://storage.southamerica-west1.rep.googleapis.com/",
+      "location": "southamerica-west1"
+    },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://storage.me-central1.rep.googleapis.com/",
+      "location": "me-central1"
+    },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://storage.northamerica-northeast1.rep.googleapis.com/",
+      "location": "northamerica-northeast1"
+    },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://storage.europe-north2.rep.googleapis.com/",
+      "location": "europe-north2"
+    },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://storage.us-west8.rep.googleapis.com/",
+      "location": "us-west8"
+    },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://storage.northamerica-south1.rep.googleapis.com/",
+      "location": "northamerica-south1"
     }
   ],
-  "etag": "\"363938303832303939373531303639383731\"",
+  "etag": "\"36383730363437323837383838393538333732\"",
   "icons": {
     "x16": "https://www.google.com/images/icons/product/cloud_storage-16.png",
     "x32": "https://www.google.com/images/icons/product/cloud_storage-32.png"
@@ -227,10 +272,12 @@
       "default": "json",
       "description": "Data format for the response.",
       "enum": [
-        "json"
+        "json",
+        "media"
       ],
       "enumDescriptions": [
-        "Responses with Content-Type of application/json"
+        "Responses with Content-Type of application/json",
+        "Responses containing object data"
       ],
       "location": "query",
       "type": "string"
@@ -3409,6 +3456,19 @@
               "location": "query",
               "type": "string"
             },
+            "projection": {
+              "description": "Set of properties to return. Defaults to noAcl.",
+              "enum": [
+                "full",
+                "noAcl"
+              ],
+              "enumDescriptions": [
+                "Include all properties.",
+                "Omit the owner, acl property."
+              ],
+              "location": "query",
+              "type": "string"
+            },
             "sourceObject": {
               "description": "Name of the source object. For information about how to URL encode object names to be path safe, see [Encoding URI Path Parts](https://cloud.google.com/storage/docs/request-endpoints#encoding).",
               "location": "path",
@@ -4479,7 +4539,7 @@
       }
     }
   },
-  "revision": "20250312",
+  "revision": "20250605",
   "rootUrl": "https://storage.googleapis.com/",
   "schemas": {
     "AdvanceRelocateBucketOperationRequest": {
@@ -4771,6 +4831,14 @@
         "ipFilter": {
           "description": "The bucket's IP filter configuration. Specifies the network sources that are allowed to access the operations on the bucket, as well as its underlying objects. Only enforced when the mode is set to 'Enabled'.",
           "properties": {
+            "allowAllServiceAgentAccess": {
+              "description": "Whether to allow all service agents to access the bucket regardless of the IP filter configuration.",
+              "type": "boolean"
+            },
+            "allowCrossOrgVpcs": {
+              "description": "Whether to allow cross-org VPCs in the bucket's IP filter configuration.",
+              "type": "boolean"
+            },
             "mode": {
               "description": "The mode of the IP filter. Valid values are 'Enabled' and 'Disabled'.",
               "type": "string"
diff --git a/vendor/google.golang.org/api/storage/v1/storage-gen.go b/vendor/google.golang.org/api/storage/v1/storage-gen.go
index 976b3c1d10..bb4f817344 100644
--- a/vendor/google.golang.org/api/storage/v1/storage-gen.go
+++ b/vendor/google.golang.org/api/storage/v1/storage-gen.go
@@ -155,9 +155,6 @@ func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, err
 	s.Objects = NewObjectsService(s)
 	s.Operations = NewOperationsService(s)
 	s.Projects = NewProjectsService(s)
-	if err != nil {
-		return nil, err
-	}
 	if endpoint != "" {
 		s.BasePath = endpoint
 	}
@@ -855,6 +852,12 @@ func (s BucketIamConfigurationUniformBucketLevelAccess) MarshalJSON() ([]byte, e
 // sources that are allowed to access the operations on the bucket, as well as
 // its underlying objects. Only enforced when the mode is set to 'Enabled'.
 type BucketIpFilter struct {
+	// AllowAllServiceAgentAccess: Whether to allow all service agents to access
+	// the bucket regardless of the IP filter configuration.
+	AllowAllServiceAgentAccess bool `json:"allowAllServiceAgentAccess,omitempty"`
+	// AllowCrossOrgVpcs: Whether to allow cross-org VPCs in the bucket's IP filter
+	// configuration.
+	AllowCrossOrgVpcs bool `json:"allowCrossOrgVpcs,omitempty"`
 	// Mode: The mode of the IP filter. Valid values are 'Enabled' and 'Disabled'.
 	Mode string `json:"mode,omitempty"`
 	// PublicNetworkSource: The public network source of the bucket's IP filter.
@@ -862,15 +865,15 @@ type BucketIpFilter struct {
 	// VpcNetworkSources: The list of VPC network
 	// (https://cloud.google.com/vpc/docs/vpc) sources of the bucket's IP filter.
 	VpcNetworkSources []*BucketIpFilterVpcNetworkSources `json:"vpcNetworkSources,omitempty"`
-	// ForceSendFields is a list of field names (e.g. "Mode") to unconditionally
-	// include in API requests. By default, fields with empty or default values are
-	// omitted from API requests. See
+	// ForceSendFields is a list of field names (e.g. "AllowAllServiceAgentAccess")
+	// to unconditionally include in API requests. By default, fields with empty or
+	// default values are omitted from API requests. See
 	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
 	// details.
 	ForceSendFields []string `json:"-"`
-	// NullFields is a list of field names (e.g. "Mode") to include in API requests
-	// with the JSON null value. By default, fields with empty values are omitted
-	// from API requests. See
+	// NullFields is a list of field names (e.g. "AllowAllServiceAgentAccess") to
+	// include in API requests with the JSON null value. By default, fields with
+	// empty values are omitted from API requests. See
 	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
 	NullFields []string `json:"-"`
 }
@@ -11231,6 +11234,18 @@ func (c *ObjectsMoveCall) IfSourceMetagenerationNotMatch(ifSourceMetagenerationN
 	return c
 }
 
+// Projection sets the optional parameter "projection": Set of properties to
+// return. Defaults to noAcl.
+//
+// Possible values:
+//
+//	"full" - Include all properties.
+//	"noAcl" - Omit the owner, acl property.
+func (c *ObjectsMoveCall) Projection(projection string) *ObjectsMoveCall {
+	c.urlParams_.Set("projection", projection)
+	return c
+}
+
 // UserProject sets the optional parameter "userProject": The project to be
 // billed for this request. Required for Requester Pays buckets.
 func (c *ObjectsMoveCall) UserProject(userProject string) *ObjectsMoveCall {
diff --git a/vendor/google.golang.org/grpc/CONTRIBUTING.md b/vendor/google.golang.org/grpc/CONTRIBUTING.md
index d9bfa6e1e7..1de0ce6669 100644
--- a/vendor/google.golang.org/grpc/CONTRIBUTING.md
+++ b/vendor/google.golang.org/grpc/CONTRIBUTING.md
@@ -1,73 +1,102 @@
 # How to contribute
 
-We definitely welcome your patches and contributions to gRPC! Please read the gRPC
-organization's [governance rules](https://github.com/grpc/grpc-community/blob/master/governance.md)
-and [contribution guidelines](https://github.com/grpc/grpc-community/blob/master/CONTRIBUTING.md) before proceeding.
+We welcome your patches and contributions to gRPC! Please read the gRPC
+organization's [governance
+rules](https://github.com/grpc/grpc-community/blob/master/governance.md) before
+proceeding.
 
 If you are new to GitHub, please start by reading [Pull Request howto](https://help.github.com/articles/about-pull-requests/)
 
 ## Legal requirements
 
 In order to protect both you and ourselves, you will need to sign the
-[Contributor License Agreement](https://identity.linuxfoundation.org/projects/cncf).
+[Contributor License
+Agreement](https://identity.linuxfoundation.org/projects/cncf). When you create
+your first PR, a link will be added as a comment that contains the steps needed
+to complete this process.
 
-## Guidelines for Pull Requests
-How to get your contributions merged smoothly and quickly.
+## Getting Started
 
-- Create **small PRs** that are narrowly focused on **addressing a single
-  concern**. We often times receive PRs that are trying to fix several things at
-  a time, but only one fix is considered acceptable, nothing gets merged and
-  both author's & review's time is wasted. Create more PRs to address different
-  concerns and everyone will be happy.
+A great way to start is by searching through our open issues. [Unassigned issues
+labeled as "help
+wanted"](https://github.com/grpc/grpc-go/issues?q=sort%3Aupdated-desc%20is%3Aissue%20is%3Aopen%20label%3A%22Status%3A%20Help%20Wanted%22%20no%3Aassignee)
+are especially nice for first-time contributors, as they should be well-defined
+problems that already have agreed-upon solutions.
 
-- If you are searching for features to work on, issues labeled [Status: Help
-  Wanted](https://github.com/grpc/grpc-go/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc+label%3A%22Status%3A+Help+Wanted%22)
-  is a great place to start. These issues are well-documented and usually can be
-  resolved with a single pull request.
+## Code Style
 
-- If you are adding a new file, make sure it has the copyright message template
-  at the top as a comment. You can copy over the message from an existing file
-  and update the year.
+We follow [Google's published Go style
+guide](https://google.github.io/styleguide/go/). Note that there are three
+primary documents that make up this style guide; please follow them as closely
+as possible. If a reviewer recommends something that contradicts those
+guidelines, there may be valid reasons to do so, but it should be rare.
 
-- The grpc package should only depend on standard Go packages and a small number
-  of exceptions. If your contribution introduces new dependencies which are NOT
-  in the [list](https://godoc.org/google.golang.org/grpc?imports), you need a
-  discussion with gRPC-Go authors and consultants.
+## Guidelines for Pull Requests
 
-- For speculative changes, consider opening an issue and discussing it first. If
-  you are suggesting a behavioral or API change, consider starting with a [gRFC
-  proposal](https://github.com/grpc/proposal).
+How to get your contributions merged smoothly and quickly:
+
+- Create **small PRs** that are narrowly focused on **addressing a single
+  concern**. We often receive PRs that attempt to fix several things at the same
+  time, and if one part of the PR has a problem, that will hold up the entire
+  PR.
+
+- For **speculative changes**, consider opening an issue and discussing it
+  first. If you are suggesting a behavioral or API change, consider starting
+  with a [gRFC proposal](https://github.com/grpc/proposal). Many new features
+  that are not bug fixes will require cross-language agreement.
+
+- If you want to fix **formatting or style**, consider whether your changes are
+  an obvious improvement or might be considered a personal preference. If a
+  style change is based on preference, it likely will not be accepted. If it
+  corrects widely agreed-upon anti-patterns, then please do create a PR and
+  explain the benefits of the change.
+
+- For correcting **misspellings**, please be aware that we use some terms that
+  are sometimes flagged by spell checkers. As an example, "if an only if" is
+  often written as "iff". Please do not make spelling correction changes unless
+  you are certain they are misspellings.
 
 - Provide a good **PR description** as a record of **what** change is being made
   and **why** it was made. Link to a GitHub issue if it exists.
 
-- If you want to fix formatting or style, consider whether your changes are an
-  obvious improvement or might be considered a personal preference. If a style
-  change is based on preference, it likely will not be accepted. If it corrects
-  widely agreed-upon anti-patterns, then please do create a PR and explain the
-  benefits of the change.
+- Maintain a **clean commit history** and use **meaningful commit messages**.
+  PRs with messy commit histories are difficult to review and won't be merged.
+  Before sending your PR, ensure your changes are based on top of the latest
+  `upstream/master` commits, and avoid rebasing in the middle of a code review.
+  You should **never use `git push -f`** unless absolutely necessary during a
+  review, as it can interfere with GitHub's tracking of comments.
 
-- Unless your PR is trivial, you should expect there will be reviewer comments
-  that you'll need to address before merging. We'll mark it as `Status: Requires
-  Reporter Clarification` if we expect you to respond to these comments in a
-  timely manner. If the PR remains inactive for 6 days, it will be marked as
-  `stale` and automatically close 7 days after that if we don't hear back from
-  you.
+- **All tests need to be passing** before your change can be merged. We
+  recommend you run tests locally before creating your PR to catch breakages
+  early on:
 
-- Maintain **clean commit history** and use **meaningful commit messages**. PRs
-  with messy commit history are difficult to review and won't be merged. Use
-  `rebase -i upstream/master` to curate your commit history and/or to bring in
-  latest changes from master (but avoid rebasing in the middle of a code
-  review).
+  - `./scripts/vet.sh` to catch vet errors.
+  - `go test -cpu 1,4 -timeout 7m ./...` to run the tests.
+  - `go test -race -cpu 1,4 -timeout 7m ./...` to run tests in race mode.
 
-- Keep your PR up to date with upstream/master (if there are merge conflicts, we
-  can't really merge your change).
+  Note that we have a multi-module repo, so `go test` commands may need to be
+  run from the root of each module in order to cause all tests to run.
 
-- **All tests need to be passing** before your change can be merged. We
-  recommend you **run tests locally** before creating your PR to catch breakages
-  early on.
-  - `./scripts/vet.sh` to catch vet errors
-  - `go test -cpu 1,4 -timeout 7m ./...` to run the tests
-  - `go test -race -cpu 1,4 -timeout 7m ./...` to run tests in race mode
+  *Alternatively*, you may find it easier to push your changes to your fork on
+  GitHub, which will trigger a GitHub Actions run that you can use to verify
+  everything is passing.
+
+- If you are adding a new file, make sure it has the **copyright message**
+  template at the top as a comment. You can copy the message from an existing
+  file and update the year.
+
+- The grpc package should only depend on standard Go packages and a small number
+  of exceptions. **If your contribution introduces new dependencies**, you will
+  need a discussion with gRPC-Go maintainers. A GitHub action check will run on
+  every PR, and will flag any transitive dependency changes from any public
+  package.
+
+- Unless your PR is trivial, you should **expect reviewer comments** that you
+  will need to address before merging. We'll label the PR as `Status: Requires
+  Reporter Clarification` if we expect you to respond to these comments in a
+  timely manner. If the PR remains inactive for 6 days, it will be marked as
+  `stale`, and we will automatically close it after 7 days if we don't hear back
+  from you. Please feel free to ping issues or bugs if you do not get a response
+  within a week.
 
-- Exceptions to the rules can be made if there's a compelling reason for doing so.
+- Exceptions to the rules can be made if there's a compelling reason to do so.
diff --git a/vendor/google.golang.org/grpc/README.md b/vendor/google.golang.org/grpc/README.md
index b572707c62..f9a88d597e 100644
--- a/vendor/google.golang.org/grpc/README.md
+++ b/vendor/google.golang.org/grpc/README.md
@@ -32,6 +32,7 @@ import "google.golang.org/grpc"
 - [Low-level technical docs](Documentation) from this repository
 - [Performance benchmark][]
 - [Examples](examples)
+- [Contribution guidelines](CONTRIBUTING.md)
 
 ## FAQ
 
diff --git a/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer.pb.go b/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer.pb.go
index 732eb56bbd..01ac7f6f34 100644
--- a/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer.pb.go
+++ b/vendor/google.golang.org/grpc/balancer/grpclb/grpc_lb_v1/load_balancer.pb.go
@@ -19,7 +19,7 @@
 
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.36.5
+// 	protoc-gen-go v1.36.6
 // 	protoc        v5.27.1
 // source: grpc/lb/v1/load_balancer.proto
 
@@ -642,115 +642,47 @@ func (x *Server) GetDrop() bool {
 
 var File_grpc_lb_v1_load_balancer_proto protoreflect.FileDescriptor
 
-var file_grpc_lb_v1_load_balancer_proto_rawDesc = string([]byte{
-	0x0a, 0x1e, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x6c, 0x62, 0x2f, 0x76, 0x31, 0x2f, 0x6c, 0x6f, 0x61,
-	0x64, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x12, 0x0a, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x62, 0x2e, 0x76, 0x31, 0x1a, 0x1e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75,
-	0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69,
-	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc1, 0x01,
-	0x0a, 0x12, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x12, 0x50, 0x0a, 0x0f, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f,
-	0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x62, 0x2e, 0x76, 0x31, 0x2e, 0x49, 0x6e, 0x69, 0x74, 0x69,
-	0x61, 0x6c, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71,
-	0x75, 0x65, 0x73, 0x74, 0x48, 0x00, 0x52, 0x0e, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3c, 0x0a, 0x0c, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
-	0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67,
-	0x72, 0x70, 0x63, 0x2e, 0x6c, 0x62, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74,
-	0x53, 0x74, 0x61, 0x74, 0x73, 0x48, 0x00, 0x52, 0x0b, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53,
-	0x74, 0x61, 0x74, 0x73, 0x42, 0x1b, 0x0a, 0x19, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x62, 0x61, 0x6c,
-	0x61, 0x6e, 0x63, 0x65, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x74, 0x79, 0x70,
-	0x65, 0x22, 0x2f, 0x0a, 0x19, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x4c, 0x6f, 0x61, 0x64,
-	0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x12,
-	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x22, 0x60, 0x0a, 0x13, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74,
-	0x73, 0x50, 0x65, 0x72, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x2c, 0x0a, 0x12, 0x6c, 0x6f, 0x61,
-	0x64, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x6c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e,
-	0x63, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1b, 0x0a, 0x09, 0x6e, 0x75, 0x6d, 0x5f, 0x63,
-	0x61, 0x6c, 0x6c, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x08, 0x6e, 0x75, 0x6d, 0x43,
-	0x61, 0x6c, 0x6c, 0x73, 0x22, 0xb0, 0x03, 0x0a, 0x0b, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53,
-	0x74, 0x61, 0x74, 0x73, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
-	0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74,
-	0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x2a,
-	0x0a, 0x11, 0x6e, 0x75, 0x6d, 0x5f, 0x63, 0x61, 0x6c, 0x6c, 0x73, 0x5f, 0x73, 0x74, 0x61, 0x72,
-	0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0f, 0x6e, 0x75, 0x6d, 0x43, 0x61,
-	0x6c, 0x6c, 0x73, 0x53, 0x74, 0x61, 0x72, 0x74, 0x65, 0x64, 0x12, 0x2c, 0x0a, 0x12, 0x6e, 0x75,
-	0x6d, 0x5f, 0x63, 0x61, 0x6c, 0x6c, 0x73, 0x5f, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x65, 0x64,
-	0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x10, 0x6e, 0x75, 0x6d, 0x43, 0x61, 0x6c, 0x6c, 0x73,
-	0x46, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x65, 0x64, 0x12, 0x5d, 0x0a, 0x2d, 0x6e, 0x75, 0x6d, 0x5f,
-	0x63, 0x61, 0x6c, 0x6c, 0x73, 0x5f, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x65, 0x64, 0x5f, 0x77,
-	0x69, 0x74, 0x68, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x66, 0x61, 0x69, 0x6c, 0x65,
-	0x64, 0x5f, 0x74, 0x6f, 0x5f, 0x73, 0x65, 0x6e, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52,
-	0x26, 0x6e, 0x75, 0x6d, 0x43, 0x61, 0x6c, 0x6c, 0x73, 0x46, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x65,
-	0x64, 0x57, 0x69, 0x74, 0x68, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x46, 0x61, 0x69, 0x6c, 0x65,
-	0x64, 0x54, 0x6f, 0x53, 0x65, 0x6e, 0x64, 0x12, 0x48, 0x0a, 0x21, 0x6e, 0x75, 0x6d, 0x5f, 0x63,
-	0x61, 0x6c, 0x6c, 0x73, 0x5f, 0x66, 0x69, 0x6e, 0x69, 0x73, 0x68, 0x65, 0x64, 0x5f, 0x6b, 0x6e,
-	0x6f, 0x77, 0x6e, 0x5f, 0x72, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65, 0x64, 0x18, 0x07, 0x20, 0x01,
-	0x28, 0x03, 0x52, 0x1d, 0x6e, 0x75, 0x6d, 0x43, 0x61, 0x6c, 0x6c, 0x73, 0x46, 0x69, 0x6e, 0x69,
-	0x73, 0x68, 0x65, 0x64, 0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x52, 0x65, 0x63, 0x65, 0x69, 0x76, 0x65,
-	0x64, 0x12, 0x58, 0x0a, 0x18, 0x63, 0x61, 0x6c, 0x6c, 0x73, 0x5f, 0x66, 0x69, 0x6e, 0x69, 0x73,
-	0x68, 0x65, 0x64, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x5f, 0x64, 0x72, 0x6f, 0x70, 0x18, 0x08, 0x20,
-	0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x62, 0x2e, 0x76, 0x31,
-	0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, 0x50, 0x65, 0x72, 0x54,
-	0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x15, 0x63, 0x61, 0x6c, 0x6c, 0x73, 0x46, 0x69, 0x6e, 0x69, 0x73,
-	0x68, 0x65, 0x64, 0x57, 0x69, 0x74, 0x68, 0x44, 0x72, 0x6f, 0x70, 0x4a, 0x04, 0x08, 0x04, 0x10,
-	0x05, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x22, 0x90, 0x02, 0x0a, 0x13, 0x4c, 0x6f, 0x61, 0x64,
-	0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12,
-	0x53, 0x0a, 0x10, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f,
-	0x6e, 0x73, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x72, 0x70, 0x63,
-	0x2e, 0x6c, 0x62, 0x2e, 0x76, 0x31, 0x2e, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x4c, 0x6f,
-	0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
-	0x65, 0x48, 0x00, 0x52, 0x0f, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x52, 0x65, 0x73, 0x70,
-	0x6f, 0x6e, 0x73, 0x65, 0x12, 0x39, 0x0a, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x6c,
-	0x69, 0x73, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x67, 0x72, 0x70, 0x63,
-	0x2e, 0x6c, 0x62, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4c, 0x69, 0x73,
-	0x74, 0x48, 0x00, 0x52, 0x0a, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x12,
-	0x4b, 0x0a, 0x11, 0x66, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x72, 0x65, 0x73, 0x70,
-	0x6f, 0x6e, 0x73, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x72, 0x70,
-	0x63, 0x2e, 0x6c, 0x62, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b,
-	0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x48, 0x00, 0x52, 0x10, 0x66, 0x61, 0x6c, 0x6c,
-	0x62, 0x61, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x1c, 0x0a, 0x1a,
-	0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x72, 0x65, 0x73,
-	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x22, 0x12, 0x0a, 0x10, 0x46, 0x61,
-	0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x7e,
-	0x0a, 0x1a, 0x49, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c,
-	0x61, 0x6e, 0x63, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x5a, 0x0a, 0x1c,
-	0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x73, 0x5f, 0x72, 0x65, 0x70,
-	0x6f, 0x72, 0x74, 0x5f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x18, 0x02, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x19, 0x63,
-	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x65, 0x70, 0x6f, 0x72, 0x74,
-	0x49, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x22, 0x40,
-	0x0a, 0x0a, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x2c, 0x0a, 0x07,
-	0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x12, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x62, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65,
-	0x72, 0x52, 0x07, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04,
-	0x22, 0x83, 0x01, 0x0a, 0x06, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x1d, 0x0a, 0x0a, 0x69,
-	0x70, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52,
-	0x09, 0x69, 0x70, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x6f,
-	0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x04, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x2c,
-	0x0a, 0x12, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x5f, 0x74,
-	0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x6c, 0x6f, 0x61, 0x64,
-	0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x12, 0x0a, 0x04,
-	0x64, 0x72, 0x6f, 0x70, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x04, 0x64, 0x72, 0x6f, 0x70,
-	0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x32, 0x62, 0x0a, 0x0c, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61,
-	0x6c, 0x61, 0x6e, 0x63, 0x65, 0x72, 0x12, 0x52, 0x0a, 0x0b, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63,
-	0x65, 0x4c, 0x6f, 0x61, 0x64, 0x12, 0x1e, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x62, 0x2e,
-	0x76, 0x31, 0x2e, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x62, 0x2e,
-	0x76, 0x31, 0x2e, 0x4c, 0x6f, 0x61, 0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x52, 0x65,
-	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x28, 0x01, 0x30, 0x01, 0x42, 0x57, 0x0a, 0x0d, 0x69, 0x6f,
-	0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x62, 0x2e, 0x76, 0x31, 0x42, 0x11, 0x4c, 0x6f, 0x61,
-	0x64, 0x42, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
-	0x5a, 0x31, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e,
-	0x6f, 0x72, 0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x62, 0x61, 0x6c, 0x61, 0x6e, 0x63, 0x65,
-	0x72, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x6c, 0x62, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x6c, 0x62,
-	0x5f, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
-})
+const file_grpc_lb_v1_load_balancer_proto_rawDesc = "" +
+	"\n" +
+	"\x1egrpc/lb/v1/load_balancer.proto\x12\n" +
+	"grpc.lb.v1\x1a\x1egoogle/protobuf/duration.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xc1\x01\n" +
+	"\x12LoadBalanceRequest\x12P\n" +
+	"\x0finitial_request\x18\x01 \x01(\v2%.grpc.lb.v1.InitialLoadBalanceRequestH\x00R\x0einitialRequest\x12<\n" +
+	"\fclient_stats\x18\x02 \x01(\v2\x17.grpc.lb.v1.ClientStatsH\x00R\vclientStatsB\x1b\n" +
+	"\x19load_balance_request_type\"/\n" +
+	"\x19InitialLoadBalanceRequest\x12\x12\n" +
+	"\x04name\x18\x01 \x01(\tR\x04name\"`\n" +
+	"\x13ClientStatsPerToken\x12,\n" +
+	"\x12load_balance_token\x18\x01 \x01(\tR\x10loadBalanceToken\x12\x1b\n" +
+	"\tnum_calls\x18\x02 \x01(\x03R\bnumCalls\"\xb0\x03\n" +
+	"\vClientStats\x128\n" +
+	"\ttimestamp\x18\x01 \x01(\v2\x1a.google.protobuf.TimestampR\ttimestamp\x12*\n" +
+	"\x11num_calls_started\x18\x02 \x01(\x03R\x0fnumCallsStarted\x12,\n" +
+	"\x12num_calls_finished\x18\x03 \x01(\x03R\x10numCallsFinished\x12]\n" +
+	"-num_calls_finished_with_client_failed_to_send\x18\x06 \x01(\x03R&numCallsFinishedWithClientFailedToSend\x12H\n" +
+	"!num_calls_finished_known_received\x18\a \x01(\x03R\x1dnumCallsFinishedKnownReceived\x12X\n" +
+	"\x18calls_finished_with_drop\x18\b \x03(\v2\x1f.grpc.lb.v1.ClientStatsPerTokenR\x15callsFinishedWithDropJ\x04\b\x04\x10\x05J\x04\b\x05\x10\x06\"\x90\x02\n" +
+	"\x13LoadBalanceResponse\x12S\n" +
+	"\x10initial_response\x18\x01 \x01(\v2&.grpc.lb.v1.InitialLoadBalanceResponseH\x00R\x0finitialResponse\x129\n" +
+	"\vserver_list\x18\x02 \x01(\v2\x16.grpc.lb.v1.ServerListH\x00R\n" +
+	"serverList\x12K\n" +
+	"\x11fallback_response\x18\x03 \x01(\v2\x1c.grpc.lb.v1.FallbackResponseH\x00R\x10fallbackResponseB\x1c\n" +
+	"\x1aload_balance_response_type\"\x12\n" +
+	"\x10FallbackResponse\"~\n" +
+	"\x1aInitialLoadBalanceResponse\x12Z\n" +
+	"\x1cclient_stats_report_interval\x18\x02 \x01(\v2\x19.google.protobuf.DurationR\x19clientStatsReportIntervalJ\x04\b\x01\x10\x02\"@\n" +
+	"\n" +
+	"ServerList\x12,\n" +
+	"\aservers\x18\x01 \x03(\v2\x12.grpc.lb.v1.ServerR\aserversJ\x04\b\x03\x10\x04\"\x83\x01\n" +
+	"\x06Server\x12\x1d\n" +
+	"\n" +
+	"ip_address\x18\x01 \x01(\fR\tipAddress\x12\x12\n" +
+	"\x04port\x18\x02 \x01(\x05R\x04port\x12,\n" +
+	"\x12load_balance_token\x18\x03 \x01(\tR\x10loadBalanceToken\x12\x12\n" +
+	"\x04drop\x18\x04 \x01(\bR\x04dropJ\x04\b\x05\x10\x062b\n" +
+	"\fLoadBalancer\x12R\n" +
+	"\vBalanceLoad\x12\x1e.grpc.lb.v1.LoadBalanceRequest\x1a\x1f.grpc.lb.v1.LoadBalanceResponse(\x010\x01BW\n" +
+	"\rio.grpc.lb.v1B\x11LoadBalancerProtoP\x01Z1google.golang.org/grpc/balancer/grpclb/grpc_lb_v1b\x06proto3"
 
 var (
 	file_grpc_lb_v1_load_balancer_proto_rawDescOnce sync.Once
diff --git a/vendor/google.golang.org/grpc/balancer/leastrequest/leastrequest.go b/vendor/google.golang.org/grpc/balancer/leastrequest/leastrequest.go
index dd46dfa8fa..f758f954e9 100644
--- a/vendor/google.golang.org/grpc/balancer/leastrequest/leastrequest.go
+++ b/vendor/google.golang.org/grpc/balancer/leastrequest/leastrequest.go
@@ -97,11 +97,8 @@ func (bb) Build(cc balancer.ClientConn, bOpts balancer.BuildOptions) balancer.Ba
 }
 
 type leastRequestBalancer struct {
-	// Embeds balancer.Balancer because needs to intercept UpdateClientConnState
-	// to learn about choiceCount.
-	balancer.Balancer
-	// Embeds balancer.ClientConn because needs to intercept UpdateState calls
-	// from the child balancer.
+	// Embeds balancer.ClientConn because we need to intercept UpdateState
+	// calls from the child balancer.
 	balancer.ClientConn
 	child  balancer.Balancer
 	logger *internalgrpclog.PrefixLogger
@@ -118,6 +115,21 @@ func (lrb *leastRequestBalancer) Close() {
 	lrb.endpointRPCCounts = nil
 }
 
+func (lrb *leastRequestBalancer) UpdateSubConnState(sc balancer.SubConn, state balancer.SubConnState) {
+	lrb.logger.Errorf("UpdateSubConnState(%v, %+v) called unexpectedly", sc, state)
+}
+
+func (lrb *leastRequestBalancer) ResolverError(err error) {
+	// Will cause inline picker update from endpoint sharding.
+	lrb.child.ResolverError(err)
+}
+
+func (lrb *leastRequestBalancer) ExitIdle() {
+	if ei, ok := lrb.child.(balancer.ExitIdler); ok { // Should always be ok, as child is endpoint sharding.
+		ei.ExitIdle()
+	}
+}
+
 func (lrb *leastRequestBalancer) UpdateClientConnState(ccs balancer.ClientConnState) error {
 	lrCfg, ok := ccs.BalancerConfig.(*LBConfig)
 	if !ok {
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/config.go b/vendor/google.golang.org/grpc/balancer/ringhash/config.go
similarity index 85%
rename from vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/config.go
rename to vendor/google.golang.org/grpc/balancer/ringhash/config.go
index 044d698a27..65d9e8e46f 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/config.go
+++ b/vendor/google.golang.org/grpc/balancer/ringhash/config.go
@@ -25,26 +25,17 @@ import (
 
 	"google.golang.org/grpc/internal/envconfig"
 	"google.golang.org/grpc/internal/metadata"
-	"google.golang.org/grpc/serviceconfig"
+	iringhash "google.golang.org/grpc/internal/ringhash"
 )
 
-// LBConfig is the balancer config for ring_hash balancer.
-type LBConfig struct {
-	serviceconfig.LoadBalancingConfig `json:"-"`
-
-	MinRingSize       uint64 `json:"minRingSize,omitempty"`
-	MaxRingSize       uint64 `json:"maxRingSize,omitempty"`
-	RequestHashHeader string `json:"requestHashHeader,omitempty"`
-}
-
 const (
 	defaultMinSize         = 1024
 	defaultMaxSize         = 4096
 	ringHashSizeUpperBound = 8 * 1024 * 1024 // 8M
 )
 
-func parseConfig(c json.RawMessage) (*LBConfig, error) {
-	var cfg LBConfig
+func parseConfig(c json.RawMessage) (*iringhash.LBConfig, error) {
+	var cfg iringhash.LBConfig
 	if err := json.Unmarshal(c, &cfg); err != nil {
 		return nil, err
 	}
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/logging.go b/vendor/google.golang.org/grpc/balancer/ringhash/logging.go
similarity index 100%
rename from vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/logging.go
rename to vendor/google.golang.org/grpc/balancer/ringhash/logging.go
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/picker.go b/vendor/google.golang.org/grpc/balancer/ringhash/picker.go
similarity index 97%
rename from vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/picker.go
rename to vendor/google.golang.org/grpc/balancer/ringhash/picker.go
index 1488d78062..96f72905ec 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/picker.go
+++ b/vendor/google.golang.org/grpc/balancer/ringhash/picker.go
@@ -23,8 +23,10 @@ import (
 	"strings"
 
 	xxhash "github.com/cespare/xxhash/v2"
+
 	"google.golang.org/grpc/balancer"
 	"google.golang.org/grpc/connectivity"
+	iringhash "google.golang.org/grpc/internal/ringhash"
 	"google.golang.org/grpc/metadata"
 )
 
@@ -55,7 +57,7 @@ func (p *picker) Pick(info balancer.PickInfo) (balancer.PickResult, error) {
 	var requestHash uint64
 	if p.requestHashHeader == "" {
 		var ok bool
-		if requestHash, ok = XDSRequestHash(info.Ctx); !ok {
+		if requestHash, ok = iringhash.XDSRequestHash(info.Ctx); !ok {
 			return balancer.PickResult{}, fmt.Errorf("ringhash: expected xDS config selector to set the request hash")
 		}
 	} else {
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/ring.go b/vendor/google.golang.org/grpc/balancer/ringhash/ring.go
similarity index 100%
rename from vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/ring.go
rename to vendor/google.golang.org/grpc/balancer/ringhash/ring.go
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/ringhash.go b/vendor/google.golang.org/grpc/balancer/ringhash/ringhash.go
similarity index 95%
rename from vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/ringhash.go
rename to vendor/google.golang.org/grpc/balancer/ringhash/ringhash.go
index 87d26db3c9..acd9ae3afe 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/ringhash.go
+++ b/vendor/google.golang.org/grpc/balancer/ringhash/ringhash.go
@@ -16,7 +16,16 @@
  *
  */
 
-// Package ringhash implements the ringhash balancer.
+// Package ringhash implements the ringhash balancer. See the following
+// gRFCs for details:
+// - https://github.com/grpc/proposal/blob/master/A42-xds-ring-hash-lb-policy.md
+// - https://github.com/grpc/proposal/blob/master/A61-IPv4-IPv6-dualstack-backends.md#ring-hash
+// - https://github.com/grpc/proposal/blob/master/A76-ring-hash-improvements.md
+//
+// # Experimental
+//
+// Notice: This package is EXPERIMENTAL and may be changed or removed in a
+// later release.
 package ringhash
 
 import (
@@ -36,6 +45,7 @@ import (
 	"google.golang.org/grpc/internal/balancer/weight"
 	"google.golang.org/grpc/internal/grpclog"
 	"google.golang.org/grpc/internal/pretty"
+	iringhash "google.golang.org/grpc/internal/ringhash"
 	"google.golang.org/grpc/resolver"
 	"google.golang.org/grpc/resolver/ringhash"
 	"google.golang.org/grpc/serviceconfig"
@@ -85,7 +95,7 @@ type ringhashBalancer struct {
 	child  balancer.Balancer
 
 	mu                   sync.Mutex
-	config               *LBConfig
+	config               *iringhash.LBConfig
 	inhibitChildUpdates  bool
 	shouldRegenerateRing bool
 	endpointStates       *resolver.EndpointMap[*endpointState]
@@ -173,7 +183,7 @@ func (b *ringhashBalancer) UpdateClientConnState(ccs balancer.ClientConnState) e
 		b.logger.Infof("Received update from resolver, balancer config: %+v", pretty.ToJSON(ccs.BalancerConfig))
 	}
 
-	newConfig, ok := ccs.BalancerConfig.(*LBConfig)
+	newConfig, ok := ccs.BalancerConfig.(*iringhash.LBConfig)
 	if !ok {
 		return fmt.Errorf("unexpected balancer config with type: %T", ccs.BalancerConfig)
 	}
diff --git a/vendor/google.golang.org/grpc/balancer/weightedroundrobin/balancer.go b/vendor/google.golang.org/grpc/balancer/weightedroundrobin/balancer.go
index 0ee7076011..e6fe5a37ac 100644
--- a/vendor/google.golang.org/grpc/balancer/weightedroundrobin/balancer.go
+++ b/vendor/google.golang.org/grpc/balancer/weightedroundrobin/balancer.go
@@ -497,7 +497,6 @@ func (p *picker) start(stopPicker *grpcsync.Event) {
 // that listener.
 type endpointWeight struct {
 	// The following fields are immutable.
-	balancer.SubConn
 	logger          *grpclog.PrefixLogger
 	target          string
 	metricsRecorder estats.MetricsRecorder
@@ -527,7 +526,7 @@ type endpointWeight struct {
 
 func (w *endpointWeight) OnLoadReport(load *v3orcapb.OrcaLoadReport) {
 	if w.logger.V(2) {
-		w.logger.Infof("Received load report for subchannel %v: %v", w.SubConn, load)
+		w.logger.Infof("Received load report for subchannel %v: %v", w.pickedSC, load)
 	}
 	// Update weights of this endpoint according to the reported load.
 	utilization := load.ApplicationUtilization
@@ -536,7 +535,7 @@ func (w *endpointWeight) OnLoadReport(load *v3orcapb.OrcaLoadReport) {
 	}
 	if utilization == 0 || load.RpsFractional == 0 {
 		if w.logger.V(2) {
-			w.logger.Infof("Ignoring empty load report for subchannel %v", w.SubConn)
+			w.logger.Infof("Ignoring empty load report for subchannel %v", w.pickedSC)
 		}
 		return
 	}
@@ -547,7 +546,7 @@ func (w *endpointWeight) OnLoadReport(load *v3orcapb.OrcaLoadReport) {
 	errorRate := load.Eps / load.RpsFractional
 	w.weightVal = load.RpsFractional / (utilization + errorRate*w.cfg.ErrorUtilizationPenalty)
 	if w.logger.V(2) {
-		w.logger.Infof("New weight for subchannel %v: %v", w.SubConn, w.weightVal)
+		w.logger.Infof("New weight for subchannel %v: %v", w.pickedSC, w.weightVal)
 	}
 
 	w.lastUpdated = internal.TimeNow()
diff --git a/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go b/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go
index 825c31795f..b1364a0325 100644
--- a/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go
+++ b/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go
@@ -18,7 +18,7 @@
 
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.36.5
+// 	protoc-gen-go v1.36.6
 // 	protoc        v5.27.1
 // source: grpc/binlog/v1/binarylog.proto
 
@@ -858,133 +858,68 @@ func (x *Address) GetIpPort() uint32 {
 
 var File_grpc_binlog_v1_binarylog_proto protoreflect.FileDescriptor
 
-var file_grpc_binlog_v1_binarylog_proto_rawDesc = string([]byte{
-	0x0a, 0x1e, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x62, 0x69, 0x6e, 0x6c, 0x6f, 0x67, 0x2f, 0x76, 0x31,
-	0x2f, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x12, 0x11, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67,
-	0x2e, 0x76, 0x31, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70,
-	0x72, 0x6f, 0x74, 0x6f, 0x22, 0xbb, 0x07, 0x0a, 0x0c, 0x47, 0x72, 0x70, 0x63, 0x4c, 0x6f, 0x67,
-	0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
-	0x6d, 0x70, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73,
-	0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12,
-	0x17, 0x0a, 0x07, 0x63, 0x61, 0x6c, 0x6c, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04,
-	0x52, 0x06, 0x63, 0x61, 0x6c, 0x6c, 0x49, 0x64, 0x12, 0x35, 0x0a, 0x17, 0x73, 0x65, 0x71, 0x75,
-	0x65, 0x6e, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x69, 0x6e, 0x5f, 0x63,
-	0x61, 0x6c, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x14, 0x73, 0x65, 0x71, 0x75, 0x65,
-	0x6e, 0x63, 0x65, 0x49, 0x64, 0x57, 0x69, 0x74, 0x68, 0x69, 0x6e, 0x43, 0x61, 0x6c, 0x6c, 0x12,
-	0x3d, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2e, 0x76,
-	0x31, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x4c, 0x6f, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x2e, 0x45,
-	0x76, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x3e,
-	0x0a, 0x06, 0x6c, 0x6f, 0x67, 0x67, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x26,
-	0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2e,
-	0x76, 0x31, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x4c, 0x6f, 0x67, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x2e,
-	0x4c, 0x6f, 0x67, 0x67, 0x65, 0x72, 0x52, 0x06, 0x6c, 0x6f, 0x67, 0x67, 0x65, 0x72, 0x12, 0x46,
-	0x0a, 0x0d, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18,
-	0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e,
-	0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74,
-	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0c, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
-	0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x46, 0x0a, 0x0d, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72,
-	0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2e, 0x76,
-	0x31, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x48, 0x00,
-	0x52, 0x0c, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x12, 0x36,
-	0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32,
-	0x1a, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67,
-	0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x48, 0x00, 0x52, 0x07, 0x6d,
-	0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x36, 0x0a, 0x07, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x65,
-	0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x62,
-	0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x72, 0x61, 0x69,
-	0x6c, 0x65, 0x72, 0x48, 0x00, 0x52, 0x07, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x65, 0x72, 0x12, 0x2b,
-	0x0a, 0x11, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x5f, 0x74, 0x72, 0x75, 0x6e, 0x63, 0x61,
-	0x74, 0x65, 0x64, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x52, 0x10, 0x70, 0x61, 0x79, 0x6c, 0x6f,
-	0x61, 0x64, 0x54, 0x72, 0x75, 0x6e, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x2e, 0x0a, 0x04, 0x70,
-	0x65, 0x65, 0x72, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x72, 0x70, 0x63,
-	0x2e, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64,
-	0x64, 0x72, 0x65, 0x73, 0x73, 0x52, 0x04, 0x70, 0x65, 0x65, 0x72, 0x22, 0xf5, 0x01, 0x0a, 0x09,
-	0x45, 0x76, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, 0x12, 0x45, 0x56, 0x45,
-	0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10,
-	0x00, 0x12, 0x1c, 0x0a, 0x18, 0x45, 0x56, 0x45, 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f,
-	0x43, 0x4c, 0x49, 0x45, 0x4e, 0x54, 0x5f, 0x48, 0x45, 0x41, 0x44, 0x45, 0x52, 0x10, 0x01, 0x12,
-	0x1c, 0x0a, 0x18, 0x45, 0x56, 0x45, 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x45,
-	0x52, 0x56, 0x45, 0x52, 0x5f, 0x48, 0x45, 0x41, 0x44, 0x45, 0x52, 0x10, 0x02, 0x12, 0x1d, 0x0a,
-	0x19, 0x45, 0x56, 0x45, 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x43, 0x4c, 0x49, 0x45,
-	0x4e, 0x54, 0x5f, 0x4d, 0x45, 0x53, 0x53, 0x41, 0x47, 0x45, 0x10, 0x03, 0x12, 0x1d, 0x0a, 0x19,
-	0x45, 0x56, 0x45, 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x45, 0x52, 0x56, 0x45,
-	0x52, 0x5f, 0x4d, 0x45, 0x53, 0x53, 0x41, 0x47, 0x45, 0x10, 0x04, 0x12, 0x20, 0x0a, 0x1c, 0x45,
-	0x56, 0x45, 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x43, 0x4c, 0x49, 0x45, 0x4e, 0x54,
-	0x5f, 0x48, 0x41, 0x4c, 0x46, 0x5f, 0x43, 0x4c, 0x4f, 0x53, 0x45, 0x10, 0x05, 0x12, 0x1d, 0x0a,
-	0x19, 0x45, 0x56, 0x45, 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x45, 0x52, 0x56,
-	0x45, 0x52, 0x5f, 0x54, 0x52, 0x41, 0x49, 0x4c, 0x45, 0x52, 0x10, 0x06, 0x12, 0x15, 0x0a, 0x11,
-	0x45, 0x56, 0x45, 0x4e, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x43, 0x41, 0x4e, 0x43, 0x45,
-	0x4c, 0x10, 0x07, 0x22, 0x42, 0x0a, 0x06, 0x4c, 0x6f, 0x67, 0x67, 0x65, 0x72, 0x12, 0x12, 0x0a,
-	0x0e, 0x4c, 0x4f, 0x47, 0x47, 0x45, 0x52, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10,
-	0x00, 0x12, 0x11, 0x0a, 0x0d, 0x4c, 0x4f, 0x47, 0x47, 0x45, 0x52, 0x5f, 0x43, 0x4c, 0x49, 0x45,
-	0x4e, 0x54, 0x10, 0x01, 0x12, 0x11, 0x0a, 0x0d, 0x4c, 0x4f, 0x47, 0x47, 0x45, 0x52, 0x5f, 0x53,
-	0x45, 0x52, 0x56, 0x45, 0x52, 0x10, 0x02, 0x42, 0x09, 0x0a, 0x07, 0x70, 0x61, 0x79, 0x6c, 0x6f,
-	0x61, 0x64, 0x22, 0xbb, 0x01, 0x0a, 0x0c, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x48, 0x65, 0x61,
-	0x64, 0x65, 0x72, 0x12, 0x37, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e,
-	0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61,
-	0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x1f, 0x0a, 0x0b,
-	0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
-	0x09, 0x52, 0x0a, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a,
-	0x09, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x09, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x33, 0x0a, 0x07, 0x74,
-	0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
-	0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x07, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74,
-	0x22, 0x47, 0x0a, 0x0c, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
-	0x12, 0x37, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79,
-	0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52,
-	0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x22, 0xb1, 0x01, 0x0a, 0x07, 0x54, 0x72,
-	0x61, 0x69, 0x6c, 0x65, 0x72, 0x12, 0x37, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74,
-	0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x62,
-	0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x65, 0x74, 0x61,
-	0x64, 0x61, 0x74, 0x61, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x1f,
-	0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x0d, 0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x12,
-	0x25, 0x0a, 0x0e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x5f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67,
-	0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x4d,
-	0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x25, 0x0a, 0x0e, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
-	0x5f, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0d,
-	0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x22, 0x35, 0x0a,
-	0x07, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x6c, 0x65, 0x6e, 0x67,
-	0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68,
-	0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04,
-	0x64, 0x61, 0x74, 0x61, 0x22, 0x42, 0x0a, 0x08, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61,
-	0x12, 0x36, 0x0a, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
-	0x20, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67,
-	0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x45, 0x6e, 0x74, 0x72,
-	0x79, 0x52, 0x05, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x22, 0x37, 0x0a, 0x0d, 0x4d, 0x65, 0x74, 0x61,
-	0x64, 0x61, 0x74, 0x61, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76,
-	0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75,
-	0x65, 0x22, 0xb8, 0x01, 0x0a, 0x07, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x33, 0x0a,
-	0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1f, 0x2e, 0x67, 0x72,
-	0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2e, 0x76, 0x31, 0x2e,
-	0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79,
-	0x70, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x09, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x17, 0x0a, 0x07,
-	0x69, 0x70, 0x5f, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x69,
-	0x70, 0x50, 0x6f, 0x72, 0x74, 0x22, 0x45, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x10, 0x0a,
-	0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12,
-	0x0d, 0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x50, 0x56, 0x34, 0x10, 0x01, 0x12, 0x0d,
-	0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x50, 0x56, 0x36, 0x10, 0x02, 0x12, 0x0d, 0x0a,
-	0x09, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x49, 0x58, 0x10, 0x03, 0x42, 0x5c, 0x0a, 0x14,
-	0x69, 0x6f, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x62, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f,
-	0x67, 0x2e, 0x76, 0x31, 0x42, 0x0e, 0x42, 0x69, 0x6e, 0x61, 0x72, 0x79, 0x4c, 0x6f, 0x67, 0x50,
-	0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x32, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67,
-	0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x62,
-	0x69, 0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x62, 0x69,
-	0x6e, 0x61, 0x72, 0x79, 0x6c, 0x6f, 0x67, 0x5f, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x33,
-})
+const file_grpc_binlog_v1_binarylog_proto_rawDesc = "" +
+	"\n" +
+	"\x1egrpc/binlog/v1/binarylog.proto\x12\x11grpc.binarylog.v1\x1a\x1egoogle/protobuf/duration.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xbb\a\n" +
+	"\fGrpcLogEntry\x128\n" +
+	"\ttimestamp\x18\x01 \x01(\v2\x1a.google.protobuf.TimestampR\ttimestamp\x12\x17\n" +
+	"\acall_id\x18\x02 \x01(\x04R\x06callId\x125\n" +
+	"\x17sequence_id_within_call\x18\x03 \x01(\x04R\x14sequenceIdWithinCall\x12=\n" +
+	"\x04type\x18\x04 \x01(\x0e2).grpc.binarylog.v1.GrpcLogEntry.EventTypeR\x04type\x12>\n" +
+	"\x06logger\x18\x05 \x01(\x0e2&.grpc.binarylog.v1.GrpcLogEntry.LoggerR\x06logger\x12F\n" +
+	"\rclient_header\x18\x06 \x01(\v2\x1f.grpc.binarylog.v1.ClientHeaderH\x00R\fclientHeader\x12F\n" +
+	"\rserver_header\x18\a \x01(\v2\x1f.grpc.binarylog.v1.ServerHeaderH\x00R\fserverHeader\x126\n" +
+	"\amessage\x18\b \x01(\v2\x1a.grpc.binarylog.v1.MessageH\x00R\amessage\x126\n" +
+	"\atrailer\x18\t \x01(\v2\x1a.grpc.binarylog.v1.TrailerH\x00R\atrailer\x12+\n" +
+	"\x11payload_truncated\x18\n" +
+	" \x01(\bR\x10payloadTruncated\x12.\n" +
+	"\x04peer\x18\v \x01(\v2\x1a.grpc.binarylog.v1.AddressR\x04peer\"\xf5\x01\n" +
+	"\tEventType\x12\x16\n" +
+	"\x12EVENT_TYPE_UNKNOWN\x10\x00\x12\x1c\n" +
+	"\x18EVENT_TYPE_CLIENT_HEADER\x10\x01\x12\x1c\n" +
+	"\x18EVENT_TYPE_SERVER_HEADER\x10\x02\x12\x1d\n" +
+	"\x19EVENT_TYPE_CLIENT_MESSAGE\x10\x03\x12\x1d\n" +
+	"\x19EVENT_TYPE_SERVER_MESSAGE\x10\x04\x12 \n" +
+	"\x1cEVENT_TYPE_CLIENT_HALF_CLOSE\x10\x05\x12\x1d\n" +
+	"\x19EVENT_TYPE_SERVER_TRAILER\x10\x06\x12\x15\n" +
+	"\x11EVENT_TYPE_CANCEL\x10\a\"B\n" +
+	"\x06Logger\x12\x12\n" +
+	"\x0eLOGGER_UNKNOWN\x10\x00\x12\x11\n" +
+	"\rLOGGER_CLIENT\x10\x01\x12\x11\n" +
+	"\rLOGGER_SERVER\x10\x02B\t\n" +
+	"\apayload\"\xbb\x01\n" +
+	"\fClientHeader\x127\n" +
+	"\bmetadata\x18\x01 \x01(\v2\x1b.grpc.binarylog.v1.MetadataR\bmetadata\x12\x1f\n" +
+	"\vmethod_name\x18\x02 \x01(\tR\n" +
+	"methodName\x12\x1c\n" +
+	"\tauthority\x18\x03 \x01(\tR\tauthority\x123\n" +
+	"\atimeout\x18\x04 \x01(\v2\x19.google.protobuf.DurationR\atimeout\"G\n" +
+	"\fServerHeader\x127\n" +
+	"\bmetadata\x18\x01 \x01(\v2\x1b.grpc.binarylog.v1.MetadataR\bmetadata\"\xb1\x01\n" +
+	"\aTrailer\x127\n" +
+	"\bmetadata\x18\x01 \x01(\v2\x1b.grpc.binarylog.v1.MetadataR\bmetadata\x12\x1f\n" +
+	"\vstatus_code\x18\x02 \x01(\rR\n" +
+	"statusCode\x12%\n" +
+	"\x0estatus_message\x18\x03 \x01(\tR\rstatusMessage\x12%\n" +
+	"\x0estatus_details\x18\x04 \x01(\fR\rstatusDetails\"5\n" +
+	"\aMessage\x12\x16\n" +
+	"\x06length\x18\x01 \x01(\rR\x06length\x12\x12\n" +
+	"\x04data\x18\x02 \x01(\fR\x04data\"B\n" +
+	"\bMetadata\x126\n" +
+	"\x05entry\x18\x01 \x03(\v2 .grpc.binarylog.v1.MetadataEntryR\x05entry\"7\n" +
+	"\rMetadataEntry\x12\x10\n" +
+	"\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" +
+	"\x05value\x18\x02 \x01(\fR\x05value\"\xb8\x01\n" +
+	"\aAddress\x123\n" +
+	"\x04type\x18\x01 \x01(\x0e2\x1f.grpc.binarylog.v1.Address.TypeR\x04type\x12\x18\n" +
+	"\aaddress\x18\x02 \x01(\tR\aaddress\x12\x17\n" +
+	"\aip_port\x18\x03 \x01(\rR\x06ipPort\"E\n" +
+	"\x04Type\x12\x10\n" +
+	"\fTYPE_UNKNOWN\x10\x00\x12\r\n" +
+	"\tTYPE_IPV4\x10\x01\x12\r\n" +
+	"\tTYPE_IPV6\x10\x02\x12\r\n" +
+	"\tTYPE_UNIX\x10\x03B\\\n" +
+	"\x14io.grpc.binarylog.v1B\x0eBinaryLogProtoP\x01Z2google.golang.org/grpc/binarylog/grpc_binarylog_v1b\x06proto3"
 
 var (
 	file_grpc_binlog_v1_binarylog_proto_rawDescOnce sync.Once
diff --git a/vendor/google.golang.org/grpc/clientconn.go b/vendor/google.golang.org/grpc/clientconn.go
index 4f350ca56a..cd3eaf8ddc 100644
--- a/vendor/google.golang.org/grpc/clientconn.go
+++ b/vendor/google.golang.org/grpc/clientconn.go
@@ -689,22 +689,31 @@ func (cc *ClientConn) Connect() {
 	cc.mu.Unlock()
 }
 
-// waitForResolvedAddrs blocks until the resolver has provided addresses or the
-// context expires.  Returns nil unless the context expires first; otherwise
-// returns a status error based on the context.
-func (cc *ClientConn) waitForResolvedAddrs(ctx context.Context) error {
+// waitForResolvedAddrs blocks until the resolver provides addresses or the
+// context expires, whichever happens first.
+//
+// Error is nil unless the context expires first; otherwise returns a status
+// error based on the context.
+//
+// The returned boolean indicates whether it did block or not. If the
+// resolution has already happened once before, it returns false without
+// blocking. Otherwise, it wait for the resolution and return true if
+// resolution has succeeded or return false along with error if resolution has
+// failed.
+func (cc *ClientConn) waitForResolvedAddrs(ctx context.Context) (bool, error) {
 	// This is on the RPC path, so we use a fast path to avoid the
 	// more-expensive "select" below after the resolver has returned once.
 	if cc.firstResolveEvent.HasFired() {
-		return nil
+		return false, nil
 	}
+	internal.NewStreamWaitingForResolver()
 	select {
 	case <-cc.firstResolveEvent.Done():
-		return nil
+		return true, nil
 	case <-ctx.Done():
-		return status.FromContextError(ctx.Err()).Err()
+		return false, status.FromContextError(ctx.Err()).Err()
 	case <-cc.ctx.Done():
-		return ErrClientConnClosing
+		return false, ErrClientConnClosing
 	}
 }
 
diff --git a/vendor/google.golang.org/grpc/credentials/alts/alts.go b/vendor/google.golang.org/grpc/credentials/alts/alts.go
index afcdb8a0db..35539eb1ad 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/alts.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/alts.go
@@ -133,10 +133,11 @@ func DefaultServerOptions() *ServerOptions {
 // altsTC is the credentials required for authenticating a connection using ALTS.
 // It implements credentials.TransportCredentials interface.
 type altsTC struct {
-	info      *credentials.ProtocolInfo
-	side      core.Side
-	accounts  []string
-	hsAddress string
+	info             *credentials.ProtocolInfo
+	side             core.Side
+	accounts         []string
+	hsAddress        string
+	boundAccessToken string
 }
 
 // NewClientCreds constructs a client-side ALTS TransportCredentials object.
@@ -198,6 +199,7 @@ func (g *altsTC) ClientHandshake(ctx context.Context, addr string, rawConn net.C
 		MaxRpcVersion: maxRPCVersion,
 		MinRpcVersion: minRPCVersion,
 	}
+	opts.BoundAccessToken = g.boundAccessToken
 	chs, err := handshaker.NewClientHandshaker(ctx, hsConn, rawConn, opts)
 	if err != nil {
 		return nil, nil, err
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/conn/common.go b/vendor/google.golang.org/grpc/credentials/alts/internal/conn/common.go
index 1795d0c9e3..46617132a4 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/conn/common.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/conn/common.go
@@ -54,11 +54,10 @@ func SliceForAppend(in []byte, n int) (head, tail []byte) {
 func ParseFramedMsg(b []byte, maxLen uint32) ([]byte, []byte, error) {
 	// If the size field is not complete, return the provided buffer as
 	// remaining buffer.
-	if len(b) < MsgLenFieldSize {
+	length, sufficientBytes := parseMessageLength(b)
+	if !sufficientBytes {
 		return nil, b, nil
 	}
-	msgLenField := b[:MsgLenFieldSize]
-	length := binary.LittleEndian.Uint32(msgLenField)
 	if length > maxLen {
 		return nil, nil, fmt.Errorf("received the frame length %d larger than the limit %d", length, maxLen)
 	}
@@ -68,3 +67,14 @@ func ParseFramedMsg(b []byte, maxLen uint32) ([]byte, []byte, error) {
 	}
 	return b[:MsgLenFieldSize+length], b[MsgLenFieldSize+length:], nil
 }
+
+// parseMessageLength returns the message length based on frame header. It also
+// returns a boolean indicating if the buffer contains sufficient bytes to parse
+// the length header. If there are insufficient bytes, (0, false) is returned.
+func parseMessageLength(b []byte) (uint32, bool) {
+	if len(b) < MsgLenFieldSize {
+		return 0, false
+	}
+	msgLenField := b[:MsgLenFieldSize]
+	return binary.LittleEndian.Uint32(msgLenField), true
+}
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/conn/record.go b/vendor/google.golang.org/grpc/credentials/alts/internal/conn/record.go
index f1ea7bb208..f9d2646d4b 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/conn/record.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/conn/record.go
@@ -31,14 +31,18 @@ import (
 
 // ALTSRecordCrypto is the interface for gRPC ALTS record protocol.
 type ALTSRecordCrypto interface {
-	// Encrypt encrypts the plaintext and computes the tag (if any) of dst
-	// and plaintext. dst and plaintext may fully overlap or not at all.
+	// Encrypt encrypts the plaintext, computes the tag (if any) of dst and
+	// plaintext, and appends the result to dst, returning the updated slice.
+	// dst and plaintext may fully overlap or not at all.
 	Encrypt(dst, plaintext []byte) ([]byte, error)
 	// EncryptionOverhead returns the tag size (if any) in bytes.
 	EncryptionOverhead() int
-	// Decrypt decrypts ciphertext and verify the tag (if any). dst and
-	// ciphertext may alias exactly or not at all. To reuse ciphertext's
-	// storage for the decrypted output, use ciphertext[:0] as dst.
+	// Decrypt decrypts ciphertext and verifies the tag (if any). If successful,
+	// this function appends the resulting plaintext to dst, returning the
+	// updated slice. dst and ciphertext may alias exactly or not at all. To
+	// reuse ciphertext's storage for the decrypted output, use ciphertext[:0]
+	// as dst. Even if the function fails, the contents of dst, up to its
+	// capacity, may be overwritten.
 	Decrypt(dst, ciphertext []byte) ([]byte, error)
 }
 
@@ -63,6 +67,8 @@ const (
 	// The maximum write buffer size. This *must* be multiple of
 	// altsRecordDefaultLength.
 	altsWriteBufferMaxSize = 512 * 1024 // 512KiB
+	// The initial buffer used to read from the network.
+	altsReadBufferInitialSize = 32 * 1024 // 32KiB
 )
 
 var (
@@ -83,7 +89,7 @@ type conn struct {
 	net.Conn
 	crypto ALTSRecordCrypto
 	// buf holds data that has been read from the connection and decrypted,
-	// but has not yet been returned by Read.
+	// but has not yet been returned by Read. It is a sub-slice of protected.
 	buf                []byte
 	payloadLengthLimit int
 	// protected holds data read from the network but have not yet been
@@ -111,21 +117,13 @@ func NewConn(c net.Conn, side core.Side, recordProtocol string, key []byte, prot
 	}
 	overhead := MsgLenFieldSize + msgTypeFieldSize + crypto.EncryptionOverhead()
 	payloadLengthLimit := altsRecordDefaultLength - overhead
-	var protectedBuf []byte
-	if protected == nil {
-		// We pre-allocate protected to be of size
-		// 2*altsRecordDefaultLength-1 during initialization. We only
-		// read from the network into protected when protected does not
-		// contain a complete frame, which is at most
-		// altsRecordDefaultLength-1 (bytes). And we read at most
-		// altsRecordDefaultLength (bytes) data into protected at one
-		// time. Therefore, 2*altsRecordDefaultLength-1 is large enough
-		// to buffer data read from the network.
-		protectedBuf = make([]byte, 0, 2*altsRecordDefaultLength-1)
-	} else {
-		protectedBuf = make([]byte, len(protected))
-		copy(protectedBuf, protected)
-	}
+	// We pre-allocate protected to be of size 32KB during initialization.
+	// We increase the size of the buffer by the required amount if it can't
+	// hold a complete encrypted record.
+	protectedBuf := make([]byte, max(altsReadBufferInitialSize, len(protected)))
+	// Copy additional data from hanshaker service.
+	copy(protectedBuf, protected)
+	protectedBuf = protectedBuf[:len(protected)]
 
 	altsConn := &conn{
 		Conn:               c,
@@ -162,11 +160,26 @@ func (p *conn) Read(b []byte) (n int, err error) {
 		// Check whether a complete frame has been received yet.
 		for len(framedMsg) == 0 {
 			if len(p.protected) == cap(p.protected) {
-				tmp := make([]byte, len(p.protected), cap(p.protected)+altsRecordDefaultLength)
-				copy(tmp, p.protected)
-				p.protected = tmp
+				// We can parse the length header to know exactly how large
+				// the buffer needs to be to hold the entire frame.
+				length, didParse := parseMessageLength(p.protected)
+				if !didParse {
+					// The protected buffer is initialized with a capacity of
+					// larger than 4B. It should always hold the message length
+					// header.
+					panic(fmt.Sprintf("protected buffer length shorter than expected: %d vs %d", len(p.protected), MsgLenFieldSize))
+				}
+				oldProtectedBuf := p.protected
+				// The new buffer must be able to hold the message length header
+				// and the entire message.
+				requiredCapacity := int(length) + MsgLenFieldSize
+				p.protected = make([]byte, requiredCapacity)
+				// Copy the contents of the old buffer and set the length of the
+				// new buffer to the number of bytes already read.
+				copy(p.protected, oldProtectedBuf)
+				p.protected = p.protected[:len(oldProtectedBuf)]
 			}
-			n, err = p.Conn.Read(p.protected[len(p.protected):min(cap(p.protected), len(p.protected)+altsRecordDefaultLength)])
+			n, err = p.Conn.Read(p.protected[len(p.protected):cap(p.protected)])
 			if err != nil {
 				return 0, err
 			}
@@ -185,6 +198,15 @@ func (p *conn) Read(b []byte) (n int, err error) {
 		}
 		ciphertext := msg[msgTypeFieldSize:]
 
+		// Decrypt directly into the buffer, avoiding a copy from p.buf if
+		// possible.
+		if len(b) >= len(ciphertext) {
+			dec, err := p.crypto.Decrypt(b[:0], ciphertext)
+			if err != nil {
+				return 0, err
+			}
+			return len(dec), nil
+		}
 		// Decrypt requires that if the dst and ciphertext alias, they
 		// must alias exactly. Code here used to use msg[:0], but msg
 		// starts MsgLenFieldSize+msgTypeFieldSize bytes earlier than
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/handshaker/handshaker.go b/vendor/google.golang.org/grpc/credentials/alts/internal/handshaker/handshaker.go
index 50721f690a..0360842eb8 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/handshaker/handshaker.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/handshaker/handshaker.go
@@ -88,6 +88,8 @@ type ClientHandshakerOptions struct {
 	TargetServiceAccounts []string
 	// RPCVersions specifies the gRPC versions accepted by the client.
 	RPCVersions *altspb.RpcProtocolVersions
+	// BoundAccessToken is a bound access token to be sent to the server for authentication.
+	BoundAccessToken string
 }
 
 // ServerHandshakerOptions contains the server handshaker options that can
@@ -195,7 +197,9 @@ func (h *altsHandshaker) ClientHandshake(ctx context.Context) (net.Conn, credent
 			},
 		},
 	}
-
+	if h.clientOpts.BoundAccessToken != "" {
+		req.GetClientStart().AccessToken = h.clientOpts.BoundAccessToken
+	}
 	conn, result, err := h.doHandshake(req)
 	if err != nil {
 		return nil, nil, err
@@ -308,6 +312,7 @@ func (h *altsHandshaker) accessHandshakerService(req *altspb.HandshakerReq) (*al
 // whatever received from the network and send it to the handshaker service.
 func (h *altsHandshaker) processUntilDone(resp *altspb.HandshakerResp, extra []byte) (*altspb.HandshakerResult, []byte, error) {
 	var lastWriteTime time.Time
+	buf := make([]byte, frameLimit)
 	for {
 		if len(resp.OutFrames) > 0 {
 			lastWriteTime = time.Now()
@@ -318,7 +323,6 @@ func (h *altsHandshaker) processUntilDone(resp *altspb.HandshakerResp, extra []b
 		if resp.Result != nil {
 			return resp.Result, extra, nil
 		}
-		buf := make([]byte, frameLimit)
 		n, err := h.conn.Read(buf)
 		if err != nil && err != io.EOF {
 			return nil, nil, err
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/handshaker/service/service.go b/vendor/google.golang.org/grpc/credentials/alts/internal/handshaker/service/service.go
index e0a1afc118..2580995d99 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/handshaker/service/service.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/handshaker/service/service.go
@@ -22,9 +22,12 @@ package service
 
 import (
 	"sync"
+	"time"
 
 	grpc "google.golang.org/grpc"
 	"google.golang.org/grpc/credentials/insecure"
+	"google.golang.org/grpc/internal/envconfig"
+	"google.golang.org/grpc/keepalive"
 )
 
 var (
@@ -50,7 +53,17 @@ func Dial(hsAddress string) (*grpc.ClientConn, error) {
 		// Disable the service config to avoid unnecessary TXT record lookups that
 		// cause timeouts with some versions of systemd-resolved.
 		var err error
-		hsConn, err = grpc.NewClient(hsAddress, grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithDisableServiceConfig())
+		opts := []grpc.DialOption{
+			grpc.WithTransportCredentials(insecure.NewCredentials()),
+			grpc.WithDisableServiceConfig(),
+		}
+		if envconfig.ALTSHandshakerKeepaliveParams {
+			opts = append(opts, grpc.WithKeepaliveParams(keepalive.ClientParameters{
+				Timeout: 10 * time.Second,
+				Time:    10 * time.Minute,
+			}))
+		}
+		hsConn, err = grpc.NewClient(hsAddress, opts...)
 		if err != nil {
 			return nil, err
 		}
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/altscontext.pb.go b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/altscontext.pb.go
index ac2957a4ed..331dd6c846 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/altscontext.pb.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/altscontext.pb.go
@@ -17,7 +17,7 @@
 
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.36.5
+// 	protoc-gen-go v1.36.6
 // 	protoc        v5.27.1
 // source: grpc/gcp/altscontext.proto
 
@@ -139,52 +139,21 @@ func (x *AltsContext) GetPeerAttributes() map[string]string {
 
 var File_grpc_gcp_altscontext_proto protoreflect.FileDescriptor
 
-var file_grpc_gcp_altscontext_proto_rawDesc = string([]byte{
-	0x0a, 0x1a, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x67, 0x63, 0x70, 0x2f, 0x61, 0x6c, 0x74, 0x73, 0x63,
-	0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x08, 0x67, 0x72,
-	0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x1a, 0x28, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x67, 0x63, 0x70,
-	0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x65, 0x63, 0x75, 0x72,
-	0x69, 0x74, 0x79, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x22, 0xf1, 0x03, 0x0a, 0x0b, 0x41, 0x6c, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74,
-	0x12, 0x31, 0x0a, 0x14, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x13,
-	0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f,
-	0x63, 0x6f, 0x6c, 0x12, 0x27, 0x0a, 0x0f, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x5f, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x65,
-	0x63, 0x6f, 0x72, 0x64, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x3e, 0x0a, 0x0e,
-	0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x03,
-	0x20, 0x01, 0x28, 0x0e, 0x32, 0x17, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e,
-	0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x52, 0x0d, 0x73,
-	0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x12, 0x30, 0x0a, 0x14,
-	0x70, 0x65, 0x65, 0x72, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63,
-	0x6f, 0x75, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x70, 0x65, 0x65, 0x72,
-	0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x32,
-	0x0a, 0x15, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f,
-	0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x13, 0x6c,
-	0x6f, 0x63, 0x61, 0x6c, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75,
-	0x6e, 0x74, 0x12, 0x49, 0x0a, 0x11, 0x70, 0x65, 0x65, 0x72, 0x5f, 0x72, 0x70, 0x63, 0x5f, 0x76,
-	0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x52, 0x70, 0x63, 0x50, 0x72, 0x6f, 0x74,
-	0x6f, 0x63, 0x6f, 0x6c, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x0f, 0x70, 0x65,
-	0x65, 0x72, 0x52, 0x70, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x52, 0x0a,
-	0x0f, 0x70, 0x65, 0x65, 0x72, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73,
-	0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63,
-	0x70, 0x2e, 0x41, 0x6c, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x2e, 0x50, 0x65,
-	0x65, 0x72, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72,
-	0x79, 0x52, 0x0e, 0x70, 0x65, 0x65, 0x72, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65,
-	0x73, 0x1a, 0x41, 0x0a, 0x13, 0x50, 0x65, 0x65, 0x72, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75,
-	0x74, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61,
-	0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65,
-	0x3a, 0x02, 0x38, 0x01, 0x42, 0x6c, 0x0a, 0x15, 0x69, 0x6f, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e,
-	0x61, 0x6c, 0x74, 0x73, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x42, 0x10, 0x41,
-	0x6c, 0x74, 0x73, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
-	0x01, 0x5a, 0x3f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67,
-	0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e,
-	0x74, 0x69, 0x61, 0x6c, 0x73, 0x2f, 0x61, 0x6c, 0x74, 0x73, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72,
-	0x6e, 0x61, 0x6c, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x67,
-	0x63, 0x70, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
-})
+const file_grpc_gcp_altscontext_proto_rawDesc = "" +
+	"\n" +
+	"\x1agrpc/gcp/altscontext.proto\x12\bgrpc.gcp\x1a(grpc/gcp/transport_security_common.proto\"\xf1\x03\n" +
+	"\vAltsContext\x121\n" +
+	"\x14application_protocol\x18\x01 \x01(\tR\x13applicationProtocol\x12'\n" +
+	"\x0frecord_protocol\x18\x02 \x01(\tR\x0erecordProtocol\x12>\n" +
+	"\x0esecurity_level\x18\x03 \x01(\x0e2\x17.grpc.gcp.SecurityLevelR\rsecurityLevel\x120\n" +
+	"\x14peer_service_account\x18\x04 \x01(\tR\x12peerServiceAccount\x122\n" +
+	"\x15local_service_account\x18\x05 \x01(\tR\x13localServiceAccount\x12I\n" +
+	"\x11peer_rpc_versions\x18\x06 \x01(\v2\x1d.grpc.gcp.RpcProtocolVersionsR\x0fpeerRpcVersions\x12R\n" +
+	"\x0fpeer_attributes\x18\a \x03(\v2).grpc.gcp.AltsContext.PeerAttributesEntryR\x0epeerAttributes\x1aA\n" +
+	"\x13PeerAttributesEntry\x12\x10\n" +
+	"\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" +
+	"\x05value\x18\x02 \x01(\tR\x05value:\x028\x01Bl\n" +
+	"\x15io.grpc.alts.internalB\x10AltsContextProtoP\x01Z?google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcpb\x06proto3"
 
 var (
 	file_grpc_gcp_altscontext_proto_rawDescOnce sync.Once
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker.pb.go b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker.pb.go
index 12759ac28f..6370b2a6d2 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker.pb.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/handshaker.pb.go
@@ -17,7 +17,7 @@
 
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.36.5
+// 	protoc-gen-go v1.36.6
 // 	protoc        v5.27.1
 // source: grpc/gcp/handshaker.proto
 
@@ -331,9 +331,11 @@ type StartClientHandshakeReq struct {
 	// ALTS connections. The access token that should be used to authenticate to
 	// the peer. The access token MUST be strongly bound to the ALTS credentials
 	// used to establish the connection that the token is sent over.
-	AccessToken   string `protobuf:"bytes,11,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
+	AccessToken string `protobuf:"bytes,11,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"`
+	// (Optional) Ordered transport protocol preferences supported by the client.
+	TransportProtocolPreferences *TransportProtocolPreferences `protobuf:"bytes,12,opt,name=transport_protocol_preferences,json=transportProtocolPreferences,proto3" json:"transport_protocol_preferences,omitempty"`
+	unknownFields                protoimpl.UnknownFields
+	sizeCache                    protoimpl.SizeCache
 }
 
 func (x *StartClientHandshakeReq) Reset() {
@@ -443,6 +445,13 @@ func (x *StartClientHandshakeReq) GetAccessToken() string {
 	return ""
 }
 
+func (x *StartClientHandshakeReq) GetTransportProtocolPreferences() *TransportProtocolPreferences {
+	if x != nil {
+		return x.TransportProtocolPreferences
+	}
+	return nil
+}
+
 type ServerHandshakeParameters struct {
 	state protoimpl.MessageState `protogen:"open.v1"`
 	// The record protocols supported by the server, e.g.,
@@ -534,9 +543,11 @@ type StartServerHandshakeReq struct {
 	// (Optional) RPC protocol versions supported by the server.
 	RpcVersions *RpcProtocolVersions `protobuf:"bytes,6,opt,name=rpc_versions,json=rpcVersions,proto3" json:"rpc_versions,omitempty"`
 	// (Optional) Maximum frame size supported by the server.
-	MaxFrameSize  uint32 `protobuf:"varint,7,opt,name=max_frame_size,json=maxFrameSize,proto3" json:"max_frame_size,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
+	MaxFrameSize uint32 `protobuf:"varint,7,opt,name=max_frame_size,json=maxFrameSize,proto3" json:"max_frame_size,omitempty"`
+	// (Optional) Transport protocol preferences supported by the server.
+	TransportProtocolPreferences *TransportProtocolPreferences `protobuf:"bytes,8,opt,name=transport_protocol_preferences,json=transportProtocolPreferences,proto3" json:"transport_protocol_preferences,omitempty"`
+	unknownFields                protoimpl.UnknownFields
+	sizeCache                    protoimpl.SizeCache
 }
 
 func (x *StartServerHandshakeReq) Reset() {
@@ -618,6 +629,13 @@ func (x *StartServerHandshakeReq) GetMaxFrameSize() uint32 {
 	return 0
 }
 
+func (x *StartServerHandshakeReq) GetTransportProtocolPreferences() *TransportProtocolPreferences {
+	if x != nil {
+		return x.TransportProtocolPreferences
+	}
+	return nil
+}
+
 type NextHandshakeMessageReq struct {
 	state protoimpl.MessageState `protogen:"open.v1"`
 	// Bytes in out_frames returned from the peer's HandshakerResp. It is possible
@@ -798,9 +816,11 @@ type HandshakerResult struct {
 	// The RPC protocol versions supported by the peer.
 	PeerRpcVersions *RpcProtocolVersions `protobuf:"bytes,7,opt,name=peer_rpc_versions,json=peerRpcVersions,proto3" json:"peer_rpc_versions,omitempty"`
 	// The maximum frame size of the peer.
-	MaxFrameSize  uint32 `protobuf:"varint,8,opt,name=max_frame_size,json=maxFrameSize,proto3" json:"max_frame_size,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
+	MaxFrameSize uint32 `protobuf:"varint,8,opt,name=max_frame_size,json=maxFrameSize,proto3" json:"max_frame_size,omitempty"`
+	// (Optional) The transport protocol negotiated for this connection.
+	TransportProtocol *NegotiatedTransportProtocol `protobuf:"bytes,9,opt,name=transport_protocol,json=transportProtocol,proto3" json:"transport_protocol,omitempty"`
+	unknownFields     protoimpl.UnknownFields
+	sizeCache         protoimpl.SizeCache
 }
 
 func (x *HandshakerResult) Reset() {
@@ -889,6 +909,13 @@ func (x *HandshakerResult) GetMaxFrameSize() uint32 {
 	return 0
 }
 
+func (x *HandshakerResult) GetTransportProtocol() *NegotiatedTransportProtocol {
+	if x != nil {
+		return x.TransportProtocol
+	}
+	return nil
+}
+
 type HandshakerStatus struct {
 	state protoimpl.MessageState `protogen:"open.v1"`
 	// The status code. This could be the gRPC status code.
@@ -1024,206 +1051,94 @@ func (x *HandshakerResp) GetStatus() *HandshakerStatus {
 
 var File_grpc_gcp_handshaker_proto protoreflect.FileDescriptor
 
-var file_grpc_gcp_handshaker_proto_rawDesc = string([]byte{
-	0x0a, 0x19, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x67, 0x63, 0x70, 0x2f, 0x68, 0x61, 0x6e, 0x64, 0x73,
-	0x68, 0x61, 0x6b, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x08, 0x67, 0x72, 0x70,
-	0x63, 0x2e, 0x67, 0x63, 0x70, 0x1a, 0x28, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x67, 0x63, 0x70, 0x2f,
-	0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69,
-	0x74, 0x79, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22,
-	0x74, 0x0a, 0x08, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x69,
-	0x70, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x09, 0x69, 0x70, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x6f,
-	0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x04, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x35,
-	0x0a, 0x08, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e,
-	0x32, 0x19, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x4e, 0x65, 0x74, 0x77,
-	0x6f, 0x72, 0x6b, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x52, 0x08, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x22, 0xe8, 0x01, 0x0a, 0x08, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69,
-	0x74, 0x79, 0x12, 0x29, 0x0a, 0x0f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x61, 0x63,
-	0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x0e, 0x73,
-	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x1c, 0x0a,
-	0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48,
-	0x00, 0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x42, 0x0a, 0x0a, 0x61,
-	0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32,
-	0x22, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x49, 0x64, 0x65, 0x6e, 0x74,
-	0x69, 0x74, 0x79, 0x2e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x45, 0x6e,
-	0x74, 0x72, 0x79, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x1a,
-	0x3d, 0x0a, 0x0f, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x45, 0x6e, 0x74,
-	0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x10,
-	0x0a, 0x0e, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x5f, 0x6f, 0x6e, 0x65, 0x6f, 0x66,
-	0x22, 0xfb, 0x04, 0x0a, 0x17, 0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74,
-	0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x52, 0x65, 0x71, 0x12, 0x5b, 0x0a, 0x1b,
-	0x68, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x5f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69,
-	0x74, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28,
-	0x0e, 0x32, 0x1b, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x48, 0x61, 0x6e,
-	0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x52, 0x19,
-	0x68, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74,
-	0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x33, 0x0a, 0x15, 0x61, 0x70, 0x70,
-	0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
-	0x6c, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x14, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63,
-	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x12, 0x29,
-	0x0a, 0x10, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
-	0x6c, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0f, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64,
-	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x12, 0x3f, 0x0a, 0x11, 0x74, 0x61, 0x72,
-	0x67, 0x65, 0x74, 0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x69, 0x65, 0x73, 0x18, 0x04,
-	0x20, 0x03, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e,
-	0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x10, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74,
-	0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x39, 0x0a, 0x0e, 0x6c, 0x6f,
-	0x63, 0x61, 0x6c, 0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x18, 0x05, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x49, 0x64,
-	0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x0d, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x49, 0x64, 0x65,
-	0x6e, 0x74, 0x69, 0x74, 0x79, 0x12, 0x39, 0x0a, 0x0e, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x65,
-	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e,
-	0x74, 0x52, 0x0d, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
-	0x12, 0x3b, 0x0a, 0x0f, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f,
-	0x69, 0x6e, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x72, 0x70, 0x63,
-	0x2e, 0x67, 0x63, 0x70, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x0e, 0x72,
-	0x65, 0x6d, 0x6f, 0x74, 0x65, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x1f, 0x0a,
-	0x0b, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x08, 0x20, 0x01,
-	0x28, 0x09, 0x52, 0x0a, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x40,
-	0x0a, 0x0c, 0x72, 0x70, 0x63, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x09,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e,
-	0x52, 0x70, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x56, 0x65, 0x72, 0x73, 0x69,
-	0x6f, 0x6e, 0x73, 0x52, 0x0b, 0x72, 0x70, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73,
-	0x12, 0x24, 0x0a, 0x0e, 0x6d, 0x61, 0x78, 0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x5f, 0x73, 0x69,
-	0x7a, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0c, 0x6d, 0x61, 0x78, 0x46, 0x72, 0x61,
-	0x6d, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x12, 0x26, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73,
-	0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0x80, 0x01,
-	0x01, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0xaf,
-	0x01, 0x0a, 0x19, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61,
-	0x6b, 0x65, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x12, 0x29, 0x0a, 0x10,
-	0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73,
-	0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0f, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x50, 0x72,
-	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x12, 0x3d, 0x0a, 0x10, 0x6c, 0x6f, 0x63, 0x61, 0x6c,
-	0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x69, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28,
-	0x0b, 0x32, 0x12, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x49, 0x64, 0x65,
-	0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x0f, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x49, 0x64, 0x65, 0x6e,
-	0x74, 0x69, 0x74, 0x69, 0x65, 0x73, 0x12, 0x1e, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18,
-	0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0x80, 0x01, 0x01, 0x48, 0x00, 0x52, 0x05, 0x74, 0x6f,
-	0x6b, 0x65, 0x6e, 0x88, 0x01, 0x01, 0x42, 0x08, 0x0a, 0x06, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e,
-	0x22, 0xa5, 0x04, 0x0a, 0x17, 0x53, 0x74, 0x61, 0x72, 0x74, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
-	0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x52, 0x65, 0x71, 0x12, 0x33, 0x0a, 0x15,
-	0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x63, 0x6f, 0x6c, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x14, 0x61, 0x70, 0x70,
-	0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
-	0x73, 0x12, 0x6d, 0x0a, 0x14, 0x68, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x5f, 0x70,
-	0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32,
-	0x3a, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x53, 0x74, 0x61, 0x72, 0x74,
-	0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x52,
-	0x65, 0x71, 0x2e, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x50, 0x61, 0x72, 0x61,
-	0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x13, 0x68, 0x61, 0x6e,
-	0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73,
-	0x12, 0x19, 0x0a, 0x08, 0x69, 0x6e, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01,
-	0x28, 0x0c, 0x52, 0x07, 0x69, 0x6e, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x39, 0x0a, 0x0e, 0x6c,
-	0x6f, 0x63, 0x61, 0x6c, 0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x04, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x45,
-	0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x0d, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x45, 0x6e,
-	0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x3b, 0x0a, 0x0f, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65,
-	0x5f, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32,
-	0x12, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x45, 0x6e, 0x64, 0x70, 0x6f,
-	0x69, 0x6e, 0x74, 0x52, 0x0e, 0x72, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x45, 0x6e, 0x64, 0x70, 0x6f,
-	0x69, 0x6e, 0x74, 0x12, 0x40, 0x0a, 0x0c, 0x72, 0x70, 0x63, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69,
-	0x6f, 0x6e, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x72, 0x70, 0x63,
-	0x2e, 0x67, 0x63, 0x70, 0x2e, 0x52, 0x70, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c,
-	0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x0b, 0x72, 0x70, 0x63, 0x56, 0x65, 0x72,
-	0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24, 0x0a, 0x0e, 0x6d, 0x61, 0x78, 0x5f, 0x66, 0x72, 0x61,
-	0x6d, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0c, 0x6d,
-	0x61, 0x78, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x1a, 0x6b, 0x0a, 0x18, 0x48,
-	0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65,
-	0x72, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x39, 0x0a, 0x05, 0x76, 0x61, 0x6c,
-	0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e,
-	0x67, 0x63, 0x70, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68,
-	0x61, 0x6b, 0x65, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x52, 0x05, 0x76,
-	0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x62, 0x0a, 0x17, 0x4e, 0x65, 0x78, 0x74,
-	0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65,
-	0x52, 0x65, 0x71, 0x12, 0x19, 0x0a, 0x08, 0x69, 0x6e, 0x5f, 0x62, 0x79, 0x74, 0x65, 0x73, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x07, 0x69, 0x6e, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x2c,
-	0x0a, 0x12, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x5f, 0x6c, 0x61, 0x74, 0x65, 0x6e, 0x63,
-	0x79, 0x5f, 0x6d, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x10, 0x6e, 0x65, 0x74, 0x77,
-	0x6f, 0x72, 0x6b, 0x4c, 0x61, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x4d, 0x73, 0x22, 0xe5, 0x01, 0x0a,
-	0x0d, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x72, 0x52, 0x65, 0x71, 0x12, 0x46,
-	0x0a, 0x0c, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e,
-	0x53, 0x74, 0x61, 0x72, 0x74, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x48, 0x61, 0x6e, 0x64, 0x73,
-	0x68, 0x61, 0x6b, 0x65, 0x52, 0x65, 0x71, 0x48, 0x00, 0x52, 0x0b, 0x63, 0x6c, 0x69, 0x65, 0x6e,
-	0x74, 0x53, 0x74, 0x61, 0x72, 0x74, 0x12, 0x46, 0x0a, 0x0c, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72,
-	0x5f, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67,
-	0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x53, 0x74, 0x61, 0x72, 0x74, 0x53, 0x65, 0x72,
-	0x76, 0x65, 0x72, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x52, 0x65, 0x71, 0x48,
-	0x00, 0x52, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x53, 0x74, 0x61, 0x72, 0x74, 0x12, 0x37,
-	0x0a, 0x04, 0x6e, 0x65, 0x78, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67,
-	0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x4e, 0x65, 0x78, 0x74, 0x48, 0x61, 0x6e, 0x64,
-	0x73, 0x68, 0x61, 0x6b, 0x65, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x52, 0x65, 0x71, 0x48,
-	0x00, 0x52, 0x04, 0x6e, 0x65, 0x78, 0x74, 0x42, 0x0b, 0x0a, 0x09, 0x72, 0x65, 0x71, 0x5f, 0x6f,
-	0x6e, 0x65, 0x6f, 0x66, 0x22, 0x9a, 0x03, 0x0a, 0x10, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61,
-	0x6b, 0x65, 0x72, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x31, 0x0a, 0x14, 0x61, 0x70, 0x70,
-	0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f,
-	0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x13, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61,
-	0x74, 0x69, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x27, 0x0a, 0x0f,
-	0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18,
-	0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x50, 0x72, 0x6f,
-	0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x19, 0x0a, 0x08, 0x6b, 0x65, 0x79, 0x5f, 0x64, 0x61, 0x74,
-	0x61, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x07, 0x6b, 0x65, 0x79, 0x44, 0x61, 0x74, 0x61,
-	0x12, 0x37, 0x0a, 0x0d, 0x70, 0x65, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74,
-	0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67,
-	0x63, 0x70, 0x2e, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x0c, 0x70, 0x65, 0x65,
-	0x72, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x12, 0x39, 0x0a, 0x0e, 0x6c, 0x6f, 0x63,
-	0x61, 0x6c, 0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28,
-	0x0b, 0x32, 0x12, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x49, 0x64, 0x65,
-	0x6e, 0x74, 0x69, 0x74, 0x79, 0x52, 0x0d, 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x49, 0x64, 0x65, 0x6e,
-	0x74, 0x69, 0x74, 0x79, 0x12, 0x2a, 0x0a, 0x11, 0x6b, 0x65, 0x65, 0x70, 0x5f, 0x63, 0x68, 0x61,
-	0x6e, 0x6e, 0x65, 0x6c, 0x5f, 0x6f, 0x70, 0x65, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52,
-	0x0f, 0x6b, 0x65, 0x65, 0x70, 0x43, 0x68, 0x61, 0x6e, 0x6e, 0x65, 0x6c, 0x4f, 0x70, 0x65, 0x6e,
-	0x12, 0x49, 0x0a, 0x11, 0x70, 0x65, 0x65, 0x72, 0x5f, 0x72, 0x70, 0x63, 0x5f, 0x76, 0x65, 0x72,
-	0x73, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x72,
-	0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x52, 0x70, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63,
-	0x6f, 0x6c, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x0f, 0x70, 0x65, 0x65, 0x72,
-	0x52, 0x70, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24, 0x0a, 0x0e, 0x6d,
-	0x61, 0x78, 0x5f, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x08, 0x20,
-	0x01, 0x28, 0x0d, 0x52, 0x0c, 0x6d, 0x61, 0x78, 0x46, 0x72, 0x61, 0x6d, 0x65, 0x53, 0x69, 0x7a,
-	0x65, 0x22, 0x40, 0x0a, 0x10, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x72, 0x53,
-	0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x0d, 0x52, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x64, 0x65, 0x74,
-	0x61, 0x69, 0x6c, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x64, 0x65, 0x74, 0x61,
-	0x69, 0x6c, 0x73, 0x22, 0xbe, 0x01, 0x0a, 0x0e, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b,
-	0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x12, 0x1d, 0x0a, 0x0a, 0x6f, 0x75, 0x74, 0x5f, 0x66, 0x72,
-	0x61, 0x6d, 0x65, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x6f, 0x75, 0x74, 0x46,
-	0x72, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x62, 0x79, 0x74, 0x65, 0x73, 0x5f, 0x63,
-	0x6f, 0x6e, 0x73, 0x75, 0x6d, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0d, 0x62,
-	0x79, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6d, 0x65, 0x64, 0x12, 0x32, 0x0a, 0x06,
-	0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67,
-	0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b,
-	0x65, 0x72, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, 0x06, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74,
-	0x12, 0x32, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x1a, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x48, 0x61, 0x6e, 0x64,
-	0x73, 0x68, 0x61, 0x6b, 0x65, 0x72, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x06, 0x73, 0x74,
-	0x61, 0x74, 0x75, 0x73, 0x2a, 0x4a, 0x0a, 0x11, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b,
-	0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x22, 0x0a, 0x1e, 0x48, 0x41, 0x4e,
-	0x44, 0x53, 0x48, 0x41, 0x4b, 0x45, 0x5f, 0x50, 0x52, 0x4f, 0x54, 0x4f, 0x43, 0x4f, 0x4c, 0x5f,
-	0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x07, 0x0a,
-	0x03, 0x54, 0x4c, 0x53, 0x10, 0x01, 0x12, 0x08, 0x0a, 0x04, 0x41, 0x4c, 0x54, 0x53, 0x10, 0x02,
-	0x2a, 0x45, 0x0a, 0x0f, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x50, 0x72, 0x6f, 0x74, 0x6f,
-	0x63, 0x6f, 0x6c, 0x12, 0x20, 0x0a, 0x1c, 0x4e, 0x45, 0x54, 0x57, 0x4f, 0x52, 0x4b, 0x5f, 0x50,
-	0x52, 0x4f, 0x54, 0x4f, 0x43, 0x4f, 0x4c, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46,
-	0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x07, 0x0a, 0x03, 0x54, 0x43, 0x50, 0x10, 0x01, 0x12, 0x07,
-	0x0a, 0x03, 0x55, 0x44, 0x50, 0x10, 0x02, 0x32, 0x5b, 0x0a, 0x11, 0x48, 0x61, 0x6e, 0x64, 0x73,
-	0x68, 0x61, 0x6b, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x46, 0x0a, 0x0b,
-	0x44, 0x6f, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x12, 0x17, 0x2e, 0x67, 0x72,
-	0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65,
-	0x72, 0x52, 0x65, 0x71, 0x1a, 0x18, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e,
-	0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x22, 0x00,
-	0x28, 0x01, 0x30, 0x01, 0x42, 0x6b, 0x0a, 0x15, 0x69, 0x6f, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e,
-	0x61, 0x6c, 0x74, 0x73, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x42, 0x0f, 0x48,
-	0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
-	0x5a, 0x3f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e,
-	0x6f, 0x72, 0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74,
-	0x69, 0x61, 0x6c, 0x73, 0x2f, 0x61, 0x6c, 0x74, 0x73, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e,
-	0x61, 0x6c, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x67, 0x63,
-	0x70, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
-})
+const file_grpc_gcp_handshaker_proto_rawDesc = "" +
+	"\n" +
+	"\x19grpc/gcp/handshaker.proto\x12\bgrpc.gcp\x1a(grpc/gcp/transport_security_common.proto\"t\n" +
+	"\bEndpoint\x12\x1d\n" +
+	"\n" +
+	"ip_address\x18\x01 \x01(\tR\tipAddress\x12\x12\n" +
+	"\x04port\x18\x02 \x01(\x05R\x04port\x125\n" +
+	"\bprotocol\x18\x03 \x01(\x0e2\x19.grpc.gcp.NetworkProtocolR\bprotocol\"\xe8\x01\n" +
+	"\bIdentity\x12)\n" +
+	"\x0fservice_account\x18\x01 \x01(\tH\x00R\x0eserviceAccount\x12\x1c\n" +
+	"\bhostname\x18\x02 \x01(\tH\x00R\bhostname\x12B\n" +
+	"\n" +
+	"attributes\x18\x03 \x03(\v2\".grpc.gcp.Identity.AttributesEntryR\n" +
+	"attributes\x1a=\n" +
+	"\x0fAttributesEntry\x12\x10\n" +
+	"\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" +
+	"\x05value\x18\x02 \x01(\tR\x05value:\x028\x01B\x10\n" +
+	"\x0eidentity_oneof\"\xe9\x05\n" +
+	"\x17StartClientHandshakeReq\x12[\n" +
+	"\x1bhandshake_security_protocol\x18\x01 \x01(\x0e2\x1b.grpc.gcp.HandshakeProtocolR\x19handshakeSecurityProtocol\x123\n" +
+	"\x15application_protocols\x18\x02 \x03(\tR\x14applicationProtocols\x12)\n" +
+	"\x10record_protocols\x18\x03 \x03(\tR\x0frecordProtocols\x12?\n" +
+	"\x11target_identities\x18\x04 \x03(\v2\x12.grpc.gcp.IdentityR\x10targetIdentities\x129\n" +
+	"\x0elocal_identity\x18\x05 \x01(\v2\x12.grpc.gcp.IdentityR\rlocalIdentity\x129\n" +
+	"\x0elocal_endpoint\x18\x06 \x01(\v2\x12.grpc.gcp.EndpointR\rlocalEndpoint\x12;\n" +
+	"\x0fremote_endpoint\x18\a \x01(\v2\x12.grpc.gcp.EndpointR\x0eremoteEndpoint\x12\x1f\n" +
+	"\vtarget_name\x18\b \x01(\tR\n" +
+	"targetName\x12@\n" +
+	"\frpc_versions\x18\t \x01(\v2\x1d.grpc.gcp.RpcProtocolVersionsR\vrpcVersions\x12$\n" +
+	"\x0emax_frame_size\x18\n" +
+	" \x01(\rR\fmaxFrameSize\x12&\n" +
+	"\faccess_token\x18\v \x01(\tB\x03\x80\x01\x01R\vaccessToken\x12l\n" +
+	"\x1etransport_protocol_preferences\x18\f \x01(\v2&.grpc.gcp.TransportProtocolPreferencesR\x1ctransportProtocolPreferences\"\xaf\x01\n" +
+	"\x19ServerHandshakeParameters\x12)\n" +
+	"\x10record_protocols\x18\x01 \x03(\tR\x0frecordProtocols\x12=\n" +
+	"\x10local_identities\x18\x02 \x03(\v2\x12.grpc.gcp.IdentityR\x0flocalIdentities\x12\x1e\n" +
+	"\x05token\x18\x03 \x01(\tB\x03\x80\x01\x01H\x00R\x05token\x88\x01\x01B\b\n" +
+	"\x06_token\"\x93\x05\n" +
+	"\x17StartServerHandshakeReq\x123\n" +
+	"\x15application_protocols\x18\x01 \x03(\tR\x14applicationProtocols\x12m\n" +
+	"\x14handshake_parameters\x18\x02 \x03(\v2:.grpc.gcp.StartServerHandshakeReq.HandshakeParametersEntryR\x13handshakeParameters\x12\x19\n" +
+	"\bin_bytes\x18\x03 \x01(\fR\ainBytes\x129\n" +
+	"\x0elocal_endpoint\x18\x04 \x01(\v2\x12.grpc.gcp.EndpointR\rlocalEndpoint\x12;\n" +
+	"\x0fremote_endpoint\x18\x05 \x01(\v2\x12.grpc.gcp.EndpointR\x0eremoteEndpoint\x12@\n" +
+	"\frpc_versions\x18\x06 \x01(\v2\x1d.grpc.gcp.RpcProtocolVersionsR\vrpcVersions\x12$\n" +
+	"\x0emax_frame_size\x18\a \x01(\rR\fmaxFrameSize\x12l\n" +
+	"\x1etransport_protocol_preferences\x18\b \x01(\v2&.grpc.gcp.TransportProtocolPreferencesR\x1ctransportProtocolPreferences\x1ak\n" +
+	"\x18HandshakeParametersEntry\x12\x10\n" +
+	"\x03key\x18\x01 \x01(\x05R\x03key\x129\n" +
+	"\x05value\x18\x02 \x01(\v2#.grpc.gcp.ServerHandshakeParametersR\x05value:\x028\x01\"b\n" +
+	"\x17NextHandshakeMessageReq\x12\x19\n" +
+	"\bin_bytes\x18\x01 \x01(\fR\ainBytes\x12,\n" +
+	"\x12network_latency_ms\x18\x02 \x01(\rR\x10networkLatencyMs\"\xe5\x01\n" +
+	"\rHandshakerReq\x12F\n" +
+	"\fclient_start\x18\x01 \x01(\v2!.grpc.gcp.StartClientHandshakeReqH\x00R\vclientStart\x12F\n" +
+	"\fserver_start\x18\x02 \x01(\v2!.grpc.gcp.StartServerHandshakeReqH\x00R\vserverStart\x127\n" +
+	"\x04next\x18\x03 \x01(\v2!.grpc.gcp.NextHandshakeMessageReqH\x00R\x04nextB\v\n" +
+	"\treq_oneof\"\xf0\x03\n" +
+	"\x10HandshakerResult\x121\n" +
+	"\x14application_protocol\x18\x01 \x01(\tR\x13applicationProtocol\x12'\n" +
+	"\x0frecord_protocol\x18\x02 \x01(\tR\x0erecordProtocol\x12\x19\n" +
+	"\bkey_data\x18\x03 \x01(\fR\akeyData\x127\n" +
+	"\rpeer_identity\x18\x04 \x01(\v2\x12.grpc.gcp.IdentityR\fpeerIdentity\x129\n" +
+	"\x0elocal_identity\x18\x05 \x01(\v2\x12.grpc.gcp.IdentityR\rlocalIdentity\x12*\n" +
+	"\x11keep_channel_open\x18\x06 \x01(\bR\x0fkeepChannelOpen\x12I\n" +
+	"\x11peer_rpc_versions\x18\a \x01(\v2\x1d.grpc.gcp.RpcProtocolVersionsR\x0fpeerRpcVersions\x12$\n" +
+	"\x0emax_frame_size\x18\b \x01(\rR\fmaxFrameSize\x12T\n" +
+	"\x12transport_protocol\x18\t \x01(\v2%.grpc.gcp.NegotiatedTransportProtocolR\x11transportProtocol\"@\n" +
+	"\x10HandshakerStatus\x12\x12\n" +
+	"\x04code\x18\x01 \x01(\rR\x04code\x12\x18\n" +
+	"\adetails\x18\x02 \x01(\tR\adetails\"\xbe\x01\n" +
+	"\x0eHandshakerResp\x12\x1d\n" +
+	"\n" +
+	"out_frames\x18\x01 \x01(\fR\toutFrames\x12%\n" +
+	"\x0ebytes_consumed\x18\x02 \x01(\rR\rbytesConsumed\x122\n" +
+	"\x06result\x18\x03 \x01(\v2\x1a.grpc.gcp.HandshakerResultR\x06result\x122\n" +
+	"\x06status\x18\x04 \x01(\v2\x1a.grpc.gcp.HandshakerStatusR\x06status*J\n" +
+	"\x11HandshakeProtocol\x12\"\n" +
+	"\x1eHANDSHAKE_PROTOCOL_UNSPECIFIED\x10\x00\x12\a\n" +
+	"\x03TLS\x10\x01\x12\b\n" +
+	"\x04ALTS\x10\x02*E\n" +
+	"\x0fNetworkProtocol\x12 \n" +
+	"\x1cNETWORK_PROTOCOL_UNSPECIFIED\x10\x00\x12\a\n" +
+	"\x03TCP\x10\x01\x12\a\n" +
+	"\x03UDP\x10\x022[\n" +
+	"\x11HandshakerService\x12F\n" +
+	"\vDoHandshake\x12\x17.grpc.gcp.HandshakerReq\x1a\x18.grpc.gcp.HandshakerResp\"\x00(\x010\x01Bk\n" +
+	"\x15io.grpc.alts.internalB\x0fHandshakerProtoP\x01Z?google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcpb\x06proto3"
 
 var (
 	file_grpc_gcp_handshaker_proto_rawDescOnce sync.Once
@@ -1240,21 +1155,23 @@ func file_grpc_gcp_handshaker_proto_rawDescGZIP() []byte {
 var file_grpc_gcp_handshaker_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
 var file_grpc_gcp_handshaker_proto_msgTypes = make([]protoimpl.MessageInfo, 12)
 var file_grpc_gcp_handshaker_proto_goTypes = []any{
-	(HandshakeProtocol)(0),            // 0: grpc.gcp.HandshakeProtocol
-	(NetworkProtocol)(0),              // 1: grpc.gcp.NetworkProtocol
-	(*Endpoint)(nil),                  // 2: grpc.gcp.Endpoint
-	(*Identity)(nil),                  // 3: grpc.gcp.Identity
-	(*StartClientHandshakeReq)(nil),   // 4: grpc.gcp.StartClientHandshakeReq
-	(*ServerHandshakeParameters)(nil), // 5: grpc.gcp.ServerHandshakeParameters
-	(*StartServerHandshakeReq)(nil),   // 6: grpc.gcp.StartServerHandshakeReq
-	(*NextHandshakeMessageReq)(nil),   // 7: grpc.gcp.NextHandshakeMessageReq
-	(*HandshakerReq)(nil),             // 8: grpc.gcp.HandshakerReq
-	(*HandshakerResult)(nil),          // 9: grpc.gcp.HandshakerResult
-	(*HandshakerStatus)(nil),          // 10: grpc.gcp.HandshakerStatus
-	(*HandshakerResp)(nil),            // 11: grpc.gcp.HandshakerResp
-	nil,                               // 12: grpc.gcp.Identity.AttributesEntry
-	nil,                               // 13: grpc.gcp.StartServerHandshakeReq.HandshakeParametersEntry
-	(*RpcProtocolVersions)(nil),       // 14: grpc.gcp.RpcProtocolVersions
+	(HandshakeProtocol)(0),               // 0: grpc.gcp.HandshakeProtocol
+	(NetworkProtocol)(0),                 // 1: grpc.gcp.NetworkProtocol
+	(*Endpoint)(nil),                     // 2: grpc.gcp.Endpoint
+	(*Identity)(nil),                     // 3: grpc.gcp.Identity
+	(*StartClientHandshakeReq)(nil),      // 4: grpc.gcp.StartClientHandshakeReq
+	(*ServerHandshakeParameters)(nil),    // 5: grpc.gcp.ServerHandshakeParameters
+	(*StartServerHandshakeReq)(nil),      // 6: grpc.gcp.StartServerHandshakeReq
+	(*NextHandshakeMessageReq)(nil),      // 7: grpc.gcp.NextHandshakeMessageReq
+	(*HandshakerReq)(nil),                // 8: grpc.gcp.HandshakerReq
+	(*HandshakerResult)(nil),             // 9: grpc.gcp.HandshakerResult
+	(*HandshakerStatus)(nil),             // 10: grpc.gcp.HandshakerStatus
+	(*HandshakerResp)(nil),               // 11: grpc.gcp.HandshakerResp
+	nil,                                  // 12: grpc.gcp.Identity.AttributesEntry
+	nil,                                  // 13: grpc.gcp.StartServerHandshakeReq.HandshakeParametersEntry
+	(*RpcProtocolVersions)(nil),          // 14: grpc.gcp.RpcProtocolVersions
+	(*TransportProtocolPreferences)(nil), // 15: grpc.gcp.TransportProtocolPreferences
+	(*NegotiatedTransportProtocol)(nil),  // 16: grpc.gcp.NegotiatedTransportProtocol
 }
 var file_grpc_gcp_handshaker_proto_depIdxs = []int32{
 	1,  // 0: grpc.gcp.Endpoint.protocol:type_name -> grpc.gcp.NetworkProtocol
@@ -1265,27 +1182,30 @@ var file_grpc_gcp_handshaker_proto_depIdxs = []int32{
 	2,  // 5: grpc.gcp.StartClientHandshakeReq.local_endpoint:type_name -> grpc.gcp.Endpoint
 	2,  // 6: grpc.gcp.StartClientHandshakeReq.remote_endpoint:type_name -> grpc.gcp.Endpoint
 	14, // 7: grpc.gcp.StartClientHandshakeReq.rpc_versions:type_name -> grpc.gcp.RpcProtocolVersions
-	3,  // 8: grpc.gcp.ServerHandshakeParameters.local_identities:type_name -> grpc.gcp.Identity
-	13, // 9: grpc.gcp.StartServerHandshakeReq.handshake_parameters:type_name -> grpc.gcp.StartServerHandshakeReq.HandshakeParametersEntry
-	2,  // 10: grpc.gcp.StartServerHandshakeReq.local_endpoint:type_name -> grpc.gcp.Endpoint
-	2,  // 11: grpc.gcp.StartServerHandshakeReq.remote_endpoint:type_name -> grpc.gcp.Endpoint
-	14, // 12: grpc.gcp.StartServerHandshakeReq.rpc_versions:type_name -> grpc.gcp.RpcProtocolVersions
-	4,  // 13: grpc.gcp.HandshakerReq.client_start:type_name -> grpc.gcp.StartClientHandshakeReq
-	6,  // 14: grpc.gcp.HandshakerReq.server_start:type_name -> grpc.gcp.StartServerHandshakeReq
-	7,  // 15: grpc.gcp.HandshakerReq.next:type_name -> grpc.gcp.NextHandshakeMessageReq
-	3,  // 16: grpc.gcp.HandshakerResult.peer_identity:type_name -> grpc.gcp.Identity
-	3,  // 17: grpc.gcp.HandshakerResult.local_identity:type_name -> grpc.gcp.Identity
-	14, // 18: grpc.gcp.HandshakerResult.peer_rpc_versions:type_name -> grpc.gcp.RpcProtocolVersions
-	9,  // 19: grpc.gcp.HandshakerResp.result:type_name -> grpc.gcp.HandshakerResult
-	10, // 20: grpc.gcp.HandshakerResp.status:type_name -> grpc.gcp.HandshakerStatus
-	5,  // 21: grpc.gcp.StartServerHandshakeReq.HandshakeParametersEntry.value:type_name -> grpc.gcp.ServerHandshakeParameters
-	8,  // 22: grpc.gcp.HandshakerService.DoHandshake:input_type -> grpc.gcp.HandshakerReq
-	11, // 23: grpc.gcp.HandshakerService.DoHandshake:output_type -> grpc.gcp.HandshakerResp
-	23, // [23:24] is the sub-list for method output_type
-	22, // [22:23] is the sub-list for method input_type
-	22, // [22:22] is the sub-list for extension type_name
-	22, // [22:22] is the sub-list for extension extendee
-	0,  // [0:22] is the sub-list for field type_name
+	15, // 8: grpc.gcp.StartClientHandshakeReq.transport_protocol_preferences:type_name -> grpc.gcp.TransportProtocolPreferences
+	3,  // 9: grpc.gcp.ServerHandshakeParameters.local_identities:type_name -> grpc.gcp.Identity
+	13, // 10: grpc.gcp.StartServerHandshakeReq.handshake_parameters:type_name -> grpc.gcp.StartServerHandshakeReq.HandshakeParametersEntry
+	2,  // 11: grpc.gcp.StartServerHandshakeReq.local_endpoint:type_name -> grpc.gcp.Endpoint
+	2,  // 12: grpc.gcp.StartServerHandshakeReq.remote_endpoint:type_name -> grpc.gcp.Endpoint
+	14, // 13: grpc.gcp.StartServerHandshakeReq.rpc_versions:type_name -> grpc.gcp.RpcProtocolVersions
+	15, // 14: grpc.gcp.StartServerHandshakeReq.transport_protocol_preferences:type_name -> grpc.gcp.TransportProtocolPreferences
+	4,  // 15: grpc.gcp.HandshakerReq.client_start:type_name -> grpc.gcp.StartClientHandshakeReq
+	6,  // 16: grpc.gcp.HandshakerReq.server_start:type_name -> grpc.gcp.StartServerHandshakeReq
+	7,  // 17: grpc.gcp.HandshakerReq.next:type_name -> grpc.gcp.NextHandshakeMessageReq
+	3,  // 18: grpc.gcp.HandshakerResult.peer_identity:type_name -> grpc.gcp.Identity
+	3,  // 19: grpc.gcp.HandshakerResult.local_identity:type_name -> grpc.gcp.Identity
+	14, // 20: grpc.gcp.HandshakerResult.peer_rpc_versions:type_name -> grpc.gcp.RpcProtocolVersions
+	16, // 21: grpc.gcp.HandshakerResult.transport_protocol:type_name -> grpc.gcp.NegotiatedTransportProtocol
+	9,  // 22: grpc.gcp.HandshakerResp.result:type_name -> grpc.gcp.HandshakerResult
+	10, // 23: grpc.gcp.HandshakerResp.status:type_name -> grpc.gcp.HandshakerStatus
+	5,  // 24: grpc.gcp.StartServerHandshakeReq.HandshakeParametersEntry.value:type_name -> grpc.gcp.ServerHandshakeParameters
+	8,  // 25: grpc.gcp.HandshakerService.DoHandshake:input_type -> grpc.gcp.HandshakerReq
+	11, // 26: grpc.gcp.HandshakerService.DoHandshake:output_type -> grpc.gcp.HandshakerResp
+	26, // [26:27] is the sub-list for method output_type
+	25, // [25:26] is the sub-list for method input_type
+	25, // [25:25] is the sub-list for extension type_name
+	25, // [25:25] is the sub-list for extension extendee
+	0,  // [0:25] is the sub-list for field type_name
 }
 
 func init() { file_grpc_gcp_handshaker_proto_init() }
diff --git a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/transport_security_common.pb.go b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/transport_security_common.pb.go
index 5d38a74c64..cf48193cb2 100644
--- a/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/transport_security_common.pb.go
+++ b/vendor/google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp/transport_security_common.pb.go
@@ -17,7 +17,7 @@
 
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.36.5
+// 	protoc-gen-go v1.36.6
 // 	protoc        v5.27.1
 // source: grpc/gcp/transport_security_common.proto
 
@@ -144,6 +144,97 @@ func (x *RpcProtocolVersions) GetMinRpcVersion() *RpcProtocolVersions_Version {
 	return nil
 }
 
+// The ordered list of protocols that the client wishes to use, or the set
+// that the server supports.
+type TransportProtocolPreferences struct {
+	state             protoimpl.MessageState `protogen:"open.v1"`
+	TransportProtocol []string               `protobuf:"bytes,1,rep,name=transport_protocol,json=transportProtocol,proto3" json:"transport_protocol,omitempty"`
+	unknownFields     protoimpl.UnknownFields
+	sizeCache         protoimpl.SizeCache
+}
+
+func (x *TransportProtocolPreferences) Reset() {
+	*x = TransportProtocolPreferences{}
+	mi := &file_grpc_gcp_transport_security_common_proto_msgTypes[1]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
+}
+
+func (x *TransportProtocolPreferences) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TransportProtocolPreferences) ProtoMessage() {}
+
+func (x *TransportProtocolPreferences) ProtoReflect() protoreflect.Message {
+	mi := &file_grpc_gcp_transport_security_common_proto_msgTypes[1]
+	if x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TransportProtocolPreferences.ProtoReflect.Descriptor instead.
+func (*TransportProtocolPreferences) Descriptor() ([]byte, []int) {
+	return file_grpc_gcp_transport_security_common_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *TransportProtocolPreferences) GetTransportProtocol() []string {
+	if x != nil {
+		return x.TransportProtocol
+	}
+	return nil
+}
+
+// The negotiated transport protocol.
+type NegotiatedTransportProtocol struct {
+	state             protoimpl.MessageState `protogen:"open.v1"`
+	TransportProtocol string                 `protobuf:"bytes,1,opt,name=transport_protocol,json=transportProtocol,proto3" json:"transport_protocol,omitempty"`
+	unknownFields     protoimpl.UnknownFields
+	sizeCache         protoimpl.SizeCache
+}
+
+func (x *NegotiatedTransportProtocol) Reset() {
+	*x = NegotiatedTransportProtocol{}
+	mi := &file_grpc_gcp_transport_security_common_proto_msgTypes[2]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
+}
+
+func (x *NegotiatedTransportProtocol) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*NegotiatedTransportProtocol) ProtoMessage() {}
+
+func (x *NegotiatedTransportProtocol) ProtoReflect() protoreflect.Message {
+	mi := &file_grpc_gcp_transport_security_common_proto_msgTypes[2]
+	if x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use NegotiatedTransportProtocol.ProtoReflect.Descriptor instead.
+func (*NegotiatedTransportProtocol) Descriptor() ([]byte, []int) {
+	return file_grpc_gcp_transport_security_common_proto_rawDescGZIP(), []int{2}
+}
+
+func (x *NegotiatedTransportProtocol) GetTransportProtocol() string {
+	if x != nil {
+		return x.TransportProtocol
+	}
+	return ""
+}
+
 // RPC version contains a major version and a minor version.
 type RpcProtocolVersions_Version struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
@@ -155,7 +246,7 @@ type RpcProtocolVersions_Version struct {
 
 func (x *RpcProtocolVersions_Version) Reset() {
 	*x = RpcProtocolVersions_Version{}
-	mi := &file_grpc_gcp_transport_security_common_proto_msgTypes[1]
+	mi := &file_grpc_gcp_transport_security_common_proto_msgTypes[3]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -167,7 +258,7 @@ func (x *RpcProtocolVersions_Version) String() string {
 func (*RpcProtocolVersions_Version) ProtoMessage() {}
 
 func (x *RpcProtocolVersions_Version) ProtoReflect() protoreflect.Message {
-	mi := &file_grpc_gcp_transport_security_common_proto_msgTypes[1]
+	mi := &file_grpc_gcp_transport_security_common_proto_msgTypes[3]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -199,40 +290,24 @@ func (x *RpcProtocolVersions_Version) GetMinor() uint32 {
 
 var File_grpc_gcp_transport_security_common_proto protoreflect.FileDescriptor
 
-var file_grpc_gcp_transport_security_common_proto_rawDesc = string([]byte{
-	0x0a, 0x28, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x67, 0x63, 0x70, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73,
-	0x70, 0x6f, 0x72, 0x74, 0x5f, 0x73, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x5f, 0x63, 0x6f,
-	0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x08, 0x67, 0x72, 0x70, 0x63,
-	0x2e, 0x67, 0x63, 0x70, 0x22, 0xea, 0x01, 0x0a, 0x13, 0x52, 0x70, 0x63, 0x50, 0x72, 0x6f, 0x74,
-	0x6f, 0x63, 0x6f, 0x6c, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x4d, 0x0a, 0x0f,
-	0x6d, 0x61, 0x78, 0x5f, 0x72, 0x70, 0x63, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70,
-	0x2e, 0x52, 0x70, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x56, 0x65, 0x72, 0x73,
-	0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x6d, 0x61,
-	0x78, 0x52, 0x70, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x4d, 0x0a, 0x0f, 0x6d,
-	0x69, 0x6e, 0x5f, 0x72, 0x70, 0x63, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x67, 0x63, 0x70, 0x2e,
-	0x52, 0x70, 0x63, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x56, 0x65, 0x72, 0x73, 0x69,
-	0x6f, 0x6e, 0x73, 0x2e, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x0d, 0x6d, 0x69, 0x6e,
-	0x52, 0x70, 0x63, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x1a, 0x35, 0x0a, 0x07, 0x56, 0x65,
-	0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x14, 0x0a, 0x05, 0x6d, 0x61, 0x6a, 0x6f, 0x72, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x6d, 0x61, 0x6a, 0x6f, 0x72, 0x12, 0x14, 0x0a, 0x05, 0x6d,
-	0x69, 0x6e, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x6d, 0x69, 0x6e, 0x6f,
-	0x72, 0x2a, 0x51, 0x0a, 0x0d, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79, 0x4c, 0x65, 0x76,
-	0x65, 0x6c, 0x12, 0x11, 0x0a, 0x0d, 0x53, 0x45, 0x43, 0x55, 0x52, 0x49, 0x54, 0x59, 0x5f, 0x4e,
-	0x4f, 0x4e, 0x45, 0x10, 0x00, 0x12, 0x12, 0x0a, 0x0e, 0x49, 0x4e, 0x54, 0x45, 0x47, 0x52, 0x49,
-	0x54, 0x59, 0x5f, 0x4f, 0x4e, 0x4c, 0x59, 0x10, 0x01, 0x12, 0x19, 0x0a, 0x15, 0x49, 0x4e, 0x54,
-	0x45, 0x47, 0x52, 0x49, 0x54, 0x59, 0x5f, 0x41, 0x4e, 0x44, 0x5f, 0x50, 0x52, 0x49, 0x56, 0x41,
-	0x43, 0x59, 0x10, 0x02, 0x42, 0x78, 0x0a, 0x15, 0x69, 0x6f, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e,
-	0x61, 0x6c, 0x74, 0x73, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x42, 0x1c, 0x54,
-	0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79,
-	0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x3f, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67,
-	0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c,
-	0x73, 0x2f, 0x61, 0x6c, 0x74, 0x73, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x67, 0x63, 0x70, 0x62, 0x06,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
-})
+const file_grpc_gcp_transport_security_common_proto_rawDesc = "" +
+	"\n" +
+	"(grpc/gcp/transport_security_common.proto\x12\bgrpc.gcp\"\xea\x01\n" +
+	"\x13RpcProtocolVersions\x12M\n" +
+	"\x0fmax_rpc_version\x18\x01 \x01(\v2%.grpc.gcp.RpcProtocolVersions.VersionR\rmaxRpcVersion\x12M\n" +
+	"\x0fmin_rpc_version\x18\x02 \x01(\v2%.grpc.gcp.RpcProtocolVersions.VersionR\rminRpcVersion\x1a5\n" +
+	"\aVersion\x12\x14\n" +
+	"\x05major\x18\x01 \x01(\rR\x05major\x12\x14\n" +
+	"\x05minor\x18\x02 \x01(\rR\x05minor\"M\n" +
+	"\x1cTransportProtocolPreferences\x12-\n" +
+	"\x12transport_protocol\x18\x01 \x03(\tR\x11transportProtocol\"L\n" +
+	"\x1bNegotiatedTransportProtocol\x12-\n" +
+	"\x12transport_protocol\x18\x01 \x01(\tR\x11transportProtocol*Q\n" +
+	"\rSecurityLevel\x12\x11\n" +
+	"\rSECURITY_NONE\x10\x00\x12\x12\n" +
+	"\x0eINTEGRITY_ONLY\x10\x01\x12\x19\n" +
+	"\x15INTEGRITY_AND_PRIVACY\x10\x02Bx\n" +
+	"\x15io.grpc.alts.internalB\x1cTransportSecurityCommonProtoP\x01Z?google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcpb\x06proto3"
 
 var (
 	file_grpc_gcp_transport_security_common_proto_rawDescOnce sync.Once
@@ -247,15 +322,17 @@ func file_grpc_gcp_transport_security_common_proto_rawDescGZIP() []byte {
 }
 
 var file_grpc_gcp_transport_security_common_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
-var file_grpc_gcp_transport_security_common_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_grpc_gcp_transport_security_common_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
 var file_grpc_gcp_transport_security_common_proto_goTypes = []any{
-	(SecurityLevel)(0),                  // 0: grpc.gcp.SecurityLevel
-	(*RpcProtocolVersions)(nil),         // 1: grpc.gcp.RpcProtocolVersions
-	(*RpcProtocolVersions_Version)(nil), // 2: grpc.gcp.RpcProtocolVersions.Version
+	(SecurityLevel)(0),                   // 0: grpc.gcp.SecurityLevel
+	(*RpcProtocolVersions)(nil),          // 1: grpc.gcp.RpcProtocolVersions
+	(*TransportProtocolPreferences)(nil), // 2: grpc.gcp.TransportProtocolPreferences
+	(*NegotiatedTransportProtocol)(nil),  // 3: grpc.gcp.NegotiatedTransportProtocol
+	(*RpcProtocolVersions_Version)(nil),  // 4: grpc.gcp.RpcProtocolVersions.Version
 }
 var file_grpc_gcp_transport_security_common_proto_depIdxs = []int32{
-	2, // 0: grpc.gcp.RpcProtocolVersions.max_rpc_version:type_name -> grpc.gcp.RpcProtocolVersions.Version
-	2, // 1: grpc.gcp.RpcProtocolVersions.min_rpc_version:type_name -> grpc.gcp.RpcProtocolVersions.Version
+	4, // 0: grpc.gcp.RpcProtocolVersions.max_rpc_version:type_name -> grpc.gcp.RpcProtocolVersions.Version
+	4, // 1: grpc.gcp.RpcProtocolVersions.min_rpc_version:type_name -> grpc.gcp.RpcProtocolVersions.Version
 	2, // [2:2] is the sub-list for method output_type
 	2, // [2:2] is the sub-list for method input_type
 	2, // [2:2] is the sub-list for extension type_name
@@ -274,7 +351,7 @@ func file_grpc_gcp_transport_security_common_proto_init() {
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: unsafe.Slice(unsafe.StringData(file_grpc_gcp_transport_security_common_proto_rawDesc), len(file_grpc_gcp_transport_security_common_proto_rawDesc)),
 			NumEnums:      1,
-			NumMessages:   2,
+			NumMessages:   4,
 			NumExtensions: 0,
 			NumServices:   0,
 		},
diff --git a/vendor/google.golang.org/grpc/credentials/credentials.go b/vendor/google.golang.org/grpc/credentials/credentials.go
index 665e790bb0..a63ab606e6 100644
--- a/vendor/google.golang.org/grpc/credentials/credentials.go
+++ b/vendor/google.golang.org/grpc/credentials/credentials.go
@@ -120,6 +120,20 @@ type AuthInfo interface {
 	AuthType() string
 }
 
+// AuthorityValidator validates the authority used to override the `:authority`
+// header. This is an optional interface that implementations of AuthInfo can
+// implement if they support per-RPC authority overrides. It is invoked when the
+// application attempts to override the HTTP/2 `:authority` header using the
+// CallAuthority call option.
+type AuthorityValidator interface {
+	// ValidateAuthority checks the authority value used to override the
+	// `:authority` header. The authority parameter is the override value
+	// provided by the application via the CallAuthority option. This value
+	// typically corresponds to the server hostname or endpoint the RPC is
+	// targeting. It returns non-nil error if the validation fails.
+	ValidateAuthority(authority string) error
+}
+
 // ErrConnDispatched indicates that rawConn has been dispatched out of gRPC
 // and the caller should not close rawConn.
 var ErrConnDispatched = errors.New("credentials: rawConn is dispatched out of gRPC")
@@ -207,14 +221,32 @@ type RequestInfo struct {
 	AuthInfo AuthInfo
 }
 
+// requestInfoKey is a struct to be used as the key to store RequestInfo in a
+// context.
+type requestInfoKey struct{}
+
 // RequestInfoFromContext extracts the RequestInfo from the context if it exists.
 //
 // This API is experimental.
 func RequestInfoFromContext(ctx context.Context) (ri RequestInfo, ok bool) {
-	ri, ok = icredentials.RequestInfoFromContext(ctx).(RequestInfo)
+	ri, ok = ctx.Value(requestInfoKey{}).(RequestInfo)
 	return ri, ok
 }
 
+// NewContextWithRequestInfo creates a new context from ctx and attaches ri to it.
+//
+// This RequestInfo will be accessible via RequestInfoFromContext.
+//
+// Intended to be used from tests for PerRPCCredentials implementations (that
+// often need to check connection's SecurityLevel). Should not be used from
+// non-test code: the gRPC client already prepares a context with the correct
+// RequestInfo attached when calling PerRPCCredentials.GetRequestMetadata.
+//
+// This API is experimental.
+func NewContextWithRequestInfo(ctx context.Context, ri RequestInfo) context.Context {
+	return context.WithValue(ctx, requestInfoKey{}, ri)
+}
+
 // ClientHandshakeInfo holds data to be passed to ClientHandshake. This makes
 // it possible to pass arbitrary data to the handshaker from gRPC, resolver,
 // balancer etc. Individual credential implementations control the actual
diff --git a/vendor/google.golang.org/grpc/credentials/insecure/insecure.go b/vendor/google.golang.org/grpc/credentials/insecure/insecure.go
index 4c805c6446..93156c0f34 100644
--- a/vendor/google.golang.org/grpc/credentials/insecure/insecure.go
+++ b/vendor/google.golang.org/grpc/credentials/insecure/insecure.go
@@ -30,7 +30,7 @@ import (
 // NewCredentials returns a credentials which disables transport security.
 //
 // Note that using this credentials with per-RPC credentials which require
-// transport security is incompatible and will cause grpc.Dial() to fail.
+// transport security is incompatible and will cause RPCs to fail.
 func NewCredentials() credentials.TransportCredentials {
 	return insecureTC{}
 }
@@ -71,6 +71,12 @@ func (info) AuthType() string {
 	return "insecure"
 }
 
+// ValidateAuthority allows any value to be overridden for the :authority
+// header.
+func (info) ValidateAuthority(string) error {
+	return nil
+}
+
 // insecureBundle implements an insecure bundle.
 // An insecure bundle provides a thin wrapper around insecureTC to support
 // the credentials.Bundle interface.
diff --git a/vendor/google.golang.org/grpc/credentials/tls.go b/vendor/google.golang.org/grpc/credentials/tls.go
index bd5fe22b6a..20f65f7bd9 100644
--- a/vendor/google.golang.org/grpc/credentials/tls.go
+++ b/vendor/google.golang.org/grpc/credentials/tls.go
@@ -22,6 +22,7 @@ import (
 	"context"
 	"crypto/tls"
 	"crypto/x509"
+	"errors"
 	"fmt"
 	"net"
 	"net/url"
@@ -50,6 +51,21 @@ func (t TLSInfo) AuthType() string {
 	return "tls"
 }
 
+// ValidateAuthority validates the provided authority being used to override the
+// :authority header by verifying it against the peer certificates. It returns a
+// non-nil error if the validation fails.
+func (t TLSInfo) ValidateAuthority(authority string) error {
+	var errs []error
+	for _, cert := range t.State.PeerCertificates {
+		var err error
+		if err = cert.VerifyHostname(authority); err == nil {
+			return nil
+		}
+		errs = append(errs, err)
+	}
+	return fmt.Errorf("credentials: invalid authority %q: %v", authority, errors.Join(errs...))
+}
+
 // cipherSuiteLookup returns the string version of a TLS cipher suite ID.
 func cipherSuiteLookup(cipherSuiteID uint16) string {
 	for _, s := range tls.CipherSuites() {
diff --git a/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/builder.go b/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/builder.go
index ad4207892b..a7f2f79106 100644
--- a/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/builder.go
+++ b/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/builder.go
@@ -24,6 +24,7 @@ import (
 	"time"
 
 	"google.golang.org/grpc/credentials/tls/certprovider"
+	"google.golang.org/grpc/internal/envconfig"
 	"google.golang.org/protobuf/encoding/protojson"
 	"google.golang.org/protobuf/types/known/durationpb"
 )
@@ -63,19 +64,24 @@ func pluginConfigFromJSON(jd json.RawMessage) (Options, error) {
 	// is that the refresh_interval is represented here as a duration proto,
 	// while in the latter a time.Duration is used.
 	cfg := &struct {
-		CertificateFile   string          `json:"certificate_file,omitempty"`
-		PrivateKeyFile    string          `json:"private_key_file,omitempty"`
-		CACertificateFile string          `json:"ca_certificate_file,omitempty"`
-		RefreshInterval   json.RawMessage `json:"refresh_interval,omitempty"`
+		CertificateFile          string          `json:"certificate_file,omitempty"`
+		PrivateKeyFile           string          `json:"private_key_file,omitempty"`
+		CACertificateFile        string          `json:"ca_certificate_file,omitempty"`
+		SPIFFETrustBundleMapFile string          `json:"spiffe_trust_bundle_map_file,omitempty"`
+		RefreshInterval          json.RawMessage `json:"refresh_interval,omitempty"`
 	}{}
 	if err := json.Unmarshal(jd, cfg); err != nil {
 		return Options{}, fmt.Errorf("pemfile: json.Unmarshal(%s) failed: %v", string(jd), err)
 	}
+	if !envconfig.XDSSPIFFEEnabled {
+		cfg.SPIFFETrustBundleMapFile = ""
+	}
 
 	opts := Options{
-		CertFile: cfg.CertificateFile,
-		KeyFile:  cfg.PrivateKeyFile,
-		RootFile: cfg.CACertificateFile,
+		CertFile:            cfg.CertificateFile,
+		KeyFile:             cfg.PrivateKeyFile,
+		RootFile:            cfg.CACertificateFile,
+		SPIFFEBundleMapFile: cfg.SPIFFETrustBundleMapFile,
 		// Refresh interval is the only field in the configuration for which we
 		// support a default value. We cannot possibly have valid defaults for
 		// file paths to watch. Also, it is valid to specify an empty path for
diff --git a/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/watcher.go b/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/watcher.go
index d7b5e1f127..bc9c545a7b 100644
--- a/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/watcher.go
+++ b/vendor/google.golang.org/grpc/credentials/tls/certprovider/pemfile/watcher.go
@@ -115,7 +115,7 @@ func newProvider(o Options) certprovider.Provider {
 	if o.CertFile != "" && o.KeyFile != "" {
 		provider.identityDistributor = newDistributor()
 	}
-	if o.RootFile != "" {
+	if o.RootFile != "" || o.SPIFFEBundleMapFile != "" {
 		provider.rootDistributor = newDistributor()
 	}
 
diff --git a/vendor/google.golang.org/grpc/dialoptions.go b/vendor/google.golang.org/grpc/dialoptions.go
index 405a2ffeb3..050ba0f161 100644
--- a/vendor/google.golang.org/grpc/dialoptions.go
+++ b/vendor/google.golang.org/grpc/dialoptions.go
@@ -360,7 +360,7 @@ func WithReturnConnectionError() DialOption {
 //
 // Note that using this DialOption with per-RPC credentials (through
 // WithCredentialsBundle or WithPerRPCCredentials) which require transport
-// security is incompatible and will cause grpc.Dial() to fail.
+// security is incompatible and will cause RPCs to fail.
 //
 // Deprecated: use WithTransportCredentials and insecure.NewCredentials()
 // instead. Will be supported throughout 1.x.
diff --git a/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go b/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
index faa59e4182..22d263fb94 100644
--- a/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
+++ b/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
@@ -17,7 +17,7 @@
 
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.36.5
+// 	protoc-gen-go v1.36.6
 // 	protoc        v5.27.1
 // source: grpc/health/v1/health.proto
 
@@ -261,63 +261,29 @@ func (x *HealthListResponse) GetStatuses() map[string]*HealthCheckResponse {
 
 var File_grpc_health_v1_health_proto protoreflect.FileDescriptor
 
-var file_grpc_health_v1_health_proto_rawDesc = string([]byte{
-	0x0a, 0x1b, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2f, 0x76, 0x31,
-	0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0e, 0x67,
-	0x72, 0x70, 0x63, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2e, 0x76, 0x31, 0x22, 0x2e, 0x0a,
-	0x12, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75,
-	0x65, 0x73, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x22, 0xb1, 0x01,
-	0x0a, 0x13, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73,
-	0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x49, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x31, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x68, 0x65, 0x61,
-	0x6c, 0x74, 0x68, 0x2e, 0x76, 0x31, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65,
-	0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69,
-	0x6e, 0x67, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73,
-	0x22, 0x4f, 0x0a, 0x0d, 0x53, 0x65, 0x72, 0x76, 0x69, 0x6e, 0x67, 0x53, 0x74, 0x61, 0x74, 0x75,
-	0x73, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0b,
-	0x0a, 0x07, 0x53, 0x45, 0x52, 0x56, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x4e,
-	0x4f, 0x54, 0x5f, 0x53, 0x45, 0x52, 0x56, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x12, 0x13, 0x0a, 0x0f,
-	0x53, 0x45, 0x52, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10,
-	0x03, 0x22, 0x13, 0x0a, 0x11, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x4c, 0x69, 0x73, 0x74, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0xc4, 0x01, 0x0a, 0x12, 0x48, 0x65, 0x61, 0x6c, 0x74,
-	0x68, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4c, 0x0a,
-	0x08, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
-	0x30, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2e, 0x76, 0x31,
-	0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f,
-	0x6e, 0x73, 0x65, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72,
-	0x79, 0x52, 0x08, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x1a, 0x60, 0x0a, 0x0d, 0x53,
-	0x74, 0x61, 0x74, 0x75, 0x73, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03,
-	0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x39,
-	0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x23, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2e, 0x76, 0x31, 0x2e, 0x48,
-	0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
-	0x73, 0x65, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x32, 0xfd, 0x01,
-	0x0a, 0x06, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x12, 0x50, 0x0a, 0x05, 0x43, 0x68, 0x65, 0x63,
-	0x6b, 0x12, 0x22, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2e,
-	0x76, 0x31, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x68, 0x65, 0x61,
-	0x6c, 0x74, 0x68, 0x2e, 0x76, 0x31, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65,
-	0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4d, 0x0a, 0x04, 0x4c, 0x69,
-	0x73, 0x74, 0x12, 0x21, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
-	0x2e, 0x76, 0x31, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x68, 0x65, 0x61,
-	0x6c, 0x74, 0x68, 0x2e, 0x76, 0x31, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x4c, 0x69, 0x73,
-	0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x52, 0x0a, 0x05, 0x57, 0x61, 0x74,
-	0x63, 0x68, 0x12, 0x22, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
-	0x2e, 0x76, 0x31, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52,
-	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x68, 0x65,
-	0x61, 0x6c, 0x74, 0x68, 0x2e, 0x76, 0x31, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x43, 0x68,
-	0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x30, 0x01, 0x42, 0x70, 0x0a,
-	0x11, 0x69, 0x6f, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2e,
-	0x76, 0x31, 0x42, 0x0b, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50,
-	0x01, 0x5a, 0x2c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67,
-	0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68,
-	0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x76, 0x31, 0xa2,
-	0x02, 0x0c, 0x47, 0x72, 0x70, 0x63, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x56, 0x31, 0xaa, 0x02,
-	0x0e, 0x47, 0x72, 0x70, 0x63, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x2e, 0x56, 0x31, 0x62,
-	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
-})
+const file_grpc_health_v1_health_proto_rawDesc = "" +
+	"\n" +
+	"\x1bgrpc/health/v1/health.proto\x12\x0egrpc.health.v1\".\n" +
+	"\x12HealthCheckRequest\x12\x18\n" +
+	"\aservice\x18\x01 \x01(\tR\aservice\"\xb1\x01\n" +
+	"\x13HealthCheckResponse\x12I\n" +
+	"\x06status\x18\x01 \x01(\x0e21.grpc.health.v1.HealthCheckResponse.ServingStatusR\x06status\"O\n" +
+	"\rServingStatus\x12\v\n" +
+	"\aUNKNOWN\x10\x00\x12\v\n" +
+	"\aSERVING\x10\x01\x12\x0f\n" +
+	"\vNOT_SERVING\x10\x02\x12\x13\n" +
+	"\x0fSERVICE_UNKNOWN\x10\x03\"\x13\n" +
+	"\x11HealthListRequest\"\xc4\x01\n" +
+	"\x12HealthListResponse\x12L\n" +
+	"\bstatuses\x18\x01 \x03(\v20.grpc.health.v1.HealthListResponse.StatusesEntryR\bstatuses\x1a`\n" +
+	"\rStatusesEntry\x12\x10\n" +
+	"\x03key\x18\x01 \x01(\tR\x03key\x129\n" +
+	"\x05value\x18\x02 \x01(\v2#.grpc.health.v1.HealthCheckResponseR\x05value:\x028\x012\xfd\x01\n" +
+	"\x06Health\x12P\n" +
+	"\x05Check\x12\".grpc.health.v1.HealthCheckRequest\x1a#.grpc.health.v1.HealthCheckResponse\x12M\n" +
+	"\x04List\x12!.grpc.health.v1.HealthListRequest\x1a\".grpc.health.v1.HealthListResponse\x12R\n" +
+	"\x05Watch\x12\".grpc.health.v1.HealthCheckRequest\x1a#.grpc.health.v1.HealthCheckResponse0\x01Bp\n" +
+	"\x11io.grpc.health.v1B\vHealthProtoP\x01Z,google.golang.org/grpc/health/grpc_health_v1\xa2\x02\fGrpcHealthV1\xaa\x02\x0eGrpc.Health.V1b\x06proto3"
 
 var (
 	file_grpc_health_v1_health_proto_rawDescOnce sync.Once
diff --git a/vendor/google.golang.org/grpc/internal/credentials/credentials.go b/vendor/google.golang.org/grpc/internal/credentials/credentials.go
index 9deee7f651..48b22d9cf0 100644
--- a/vendor/google.golang.org/grpc/internal/credentials/credentials.go
+++ b/vendor/google.golang.org/grpc/internal/credentials/credentials.go
@@ -20,20 +20,6 @@ import (
 	"context"
 )
 
-// requestInfoKey is a struct to be used as the key to store RequestInfo in a
-// context.
-type requestInfoKey struct{}
-
-// NewRequestInfoContext creates a context with ri.
-func NewRequestInfoContext(ctx context.Context, ri any) context.Context {
-	return context.WithValue(ctx, requestInfoKey{}, ri)
-}
-
-// RequestInfoFromContext extracts the RequestInfo from ctx.
-func RequestInfoFromContext(ctx context.Context) any {
-	return ctx.Value(requestInfoKey{})
-}
-
 // clientHandshakeInfoKey is a struct used as the key to store
 // ClientHandshakeInfo in a context.
 type clientHandshakeInfoKey struct{}
diff --git a/vendor/google.golang.org/grpc/internal/credentials/spiffe/spiffe.go b/vendor/google.golang.org/grpc/internal/credentials/spiffe/spiffe.go
index e8a9cef8b2..7be008a198 100644
--- a/vendor/google.golang.org/grpc/internal/credentials/spiffe/spiffe.go
+++ b/vendor/google.golang.org/grpc/internal/credentials/spiffe/spiffe.go
@@ -22,6 +22,7 @@
 package spiffe
 
 import (
+	"crypto/x509"
 	"encoding/json"
 	"fmt"
 
@@ -61,3 +62,46 @@ func BundleMapFromBytes(bundleMapBytes []byte) (map[string]*spiffebundle.Bundle,
 	}
 	return bundleMap, nil
 }
+
+// GetRootsFromSPIFFEBundleMap returns the root trust certificates from the
+// SPIFFE bundle map for the given trust domain from the leaf certificate.
+func GetRootsFromSPIFFEBundleMap(bundleMap map[string]*spiffebundle.Bundle, leafCert *x509.Certificate) (*x509.CertPool, error) {
+	// 1. Upon receiving a peer certificate, verify that it is a well-formed SPIFFE
+	//    leaf certificate.  In particular, it must have a single URI SAN containing
+	//    a well-formed SPIFFE ID ([SPIFFE ID format]).
+	spiffeID, err := idFromCert(leafCert)
+	if err != nil {
+		return nil, fmt.Errorf("spiffe: could not get spiffe ID from peer leaf cert but verification with spiffe trust map was configured: %v", err)
+	}
+
+	// 2. Use the trust domain in the peer certificate's SPIFFE ID to lookup
+	//    the SPIFFE trust bundle. If the trust domain is not contained in the
+	//    configured trust map, reject the certificate.
+	spiffeBundle, ok := bundleMap[spiffeID.TrustDomain().Name()]
+	if !ok {
+		return nil, fmt.Errorf("spiffe: no bundle found for peer certificates trust domain %q but verification with a SPIFFE trust map was configured", spiffeID.TrustDomain().Name())
+	}
+	roots := spiffeBundle.X509Authorities()
+	rootPool := x509.NewCertPool()
+	for _, root := range roots {
+		rootPool.AddCert(root)
+	}
+	return rootPool, nil
+}
+
+// idFromCert parses the SPIFFE ID from the x509.Certificate. If the certificate
+// does not have a valid SPIFFE ID, returns an error.
+func idFromCert(cert *x509.Certificate) (*spiffeid.ID, error) {
+	if cert == nil {
+		return nil, fmt.Errorf("input cert is nil")
+	}
+	// A valid SPIFFE Certificate should have exactly one URI.
+	if len(cert.URIs) != 1 {
+		return nil, fmt.Errorf("input cert has %v URIs but should have 1", len(cert.URIs))
+	}
+	id, err := spiffeid.FromURI(cert.URIs[0])
+	if err != nil {
+		return nil, fmt.Errorf("invalid spiffeid: %v", err)
+	}
+	return &id, nil
+}
diff --git a/vendor/google.golang.org/grpc/internal/credentials/xds/handshake_info.go b/vendor/google.golang.org/grpc/internal/credentials/xds/handshake_info.go
index dcff7ad622..81074bedb4 100644
--- a/vendor/google.golang.org/grpc/internal/credentials/xds/handshake_info.go
+++ b/vendor/google.golang.org/grpc/internal/credentials/xds/handshake_info.go
@@ -31,6 +31,7 @@ import (
 	"google.golang.org/grpc/attributes"
 	"google.golang.org/grpc/credentials/tls/certprovider"
 	"google.golang.org/grpc/internal"
+	"google.golang.org/grpc/internal/credentials/spiffe"
 	"google.golang.org/grpc/internal/xds/matcher"
 	"google.golang.org/grpc/resolver"
 )
@@ -144,6 +145,7 @@ func (hi *HandshakeInfo) ClientSideTLSConfig(ctx context.Context) (*tls.Config,
 		return nil, fmt.Errorf("xds: fetching trusted roots from CertificateProvider failed: %v", err)
 	}
 	cfg.RootCAs = km.Roots
+	cfg.VerifyPeerCertificate = hi.buildVerifyFunc(km, true)
 
 	if idProv != nil {
 		km, err := idProv.KeyMaterial(ctx)
@@ -155,6 +157,60 @@ func (hi *HandshakeInfo) ClientSideTLSConfig(ctx context.Context) (*tls.Config,
 	return cfg, nil
 }
 
+func (hi *HandshakeInfo) buildVerifyFunc(km *certprovider.KeyMaterial, isClient bool) func(rawCerts [][]byte, _ [][]*x509.Certificate) error {
+	return func(rawCerts [][]byte, _ [][]*x509.Certificate) error {
+		// Parse all raw certificates presented by the peer.
+		var certs []*x509.Certificate
+		for _, rc := range rawCerts {
+			cert, err := x509.ParseCertificate(rc)
+			if err != nil {
+				return err
+			}
+			certs = append(certs, cert)
+		}
+
+		// Build the intermediates list and verify that the leaf certificate is
+		// signed by one of the root certificates. If a SPIFFE Bundle Map is
+		// configured, it is used to get the root certs. Otherwise, the
+		// configured roots in the root provider are used.
+		intermediates := x509.NewCertPool()
+		for _, cert := range certs[1:] {
+			intermediates.AddCert(cert)
+		}
+		roots := km.Roots
+		// If a SPIFFE Bundle Map is configured, find the roots for the trust
+		// domain of the leaf certificate.
+		if km.SPIFFEBundleMap != nil {
+			var err error
+			roots, err = spiffe.GetRootsFromSPIFFEBundleMap(km.SPIFFEBundleMap, certs[0])
+			if err != nil {
+				return err
+			}
+		}
+		opts := x509.VerifyOptions{
+			Roots:         roots,
+			Intermediates: intermediates,
+			KeyUsages:     []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
+		}
+		if isClient {
+			opts.KeyUsages = []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}
+		} else {
+			opts.KeyUsages = []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}
+		}
+		if _, err := certs[0].Verify(opts); err != nil {
+			return err
+		}
+		// The SANs sent by the MeshCA are encoded as SPIFFE IDs. We need to
+		// only look at the SANs on the leaf cert.
+		if cert := certs[0]; !hi.MatchingSANExists(cert) {
+			// TODO: Print the complete certificate once the x509 package
+			// supports a String() method on the Certificate type.
+			return fmt.Errorf("xds: received SANs {DNSNames: %v, EmailAddresses: %v, IPAddresses: %v, URIs: %v} do not match any of the accepted SANs", cert.DNSNames, cert.EmailAddresses, cert.IPAddresses, cert.URIs)
+		}
+		return nil
+	}
+}
+
 // ServerSideTLSConfig constructs a tls.Config to be used in a server-side
 // handshake based on the contents of the HandshakeInfo.
 func (hi *HandshakeInfo) ServerSideTLSConfig(ctx context.Context) (*tls.Config, error) {
@@ -186,7 +242,15 @@ func (hi *HandshakeInfo) ServerSideTLSConfig(ctx context.Context) (*tls.Config,
 		if err != nil {
 			return nil, fmt.Errorf("xds: fetching trusted roots from CertificateProvider failed: %v", err)
 		}
-		cfg.ClientCAs = km.Roots
+		if km.SPIFFEBundleMap != nil && hi.requireClientCert {
+			// ClientAuth, if set greater than tls.RequireAnyClientCert, must be
+			// dropped to tls.RequireAnyClientCert so that custom verification
+			// to use SPIFFE Bundles is done.
+			cfg.ClientAuth = tls.RequireAnyClientCert
+			cfg.VerifyPeerCertificate = hi.buildVerifyFunc(km, false)
+		} else {
+			cfg.ClientCAs = km.Roots
+		}
 	}
 	return cfg, nil
 }
diff --git a/vendor/google.golang.org/grpc/internal/envconfig/envconfig.go b/vendor/google.golang.org/grpc/internal/envconfig/envconfig.go
index cc5713fd9d..f5f2bdeb86 100644
--- a/vendor/google.golang.org/grpc/internal/envconfig/envconfig.go
+++ b/vendor/google.golang.org/grpc/internal/envconfig/envconfig.go
@@ -36,7 +36,7 @@ var (
 	// LeastRequestLB is set if we should support the least_request_experimental
 	// LB policy, which can be enabled by setting the environment variable
 	// "GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST" to "true".
-	LeastRequestLB = boolFromEnv("GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST", false)
+	LeastRequestLB = boolFromEnv("GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST", true)
 	// ALTSMaxConcurrentHandshakes is the maximum number of concurrent ALTS
 	// handshakes that can be performed.
 	ALTSMaxConcurrentHandshakes = uint64FromEnv("GRPC_ALTS_MAX_CONCURRENT_HANDSHAKES", 100, 1, 100)
@@ -69,6 +69,10 @@ var (
 	// to gRFC A76. It can be enabled by setting the environment variable
 	// "GRPC_EXPERIMENTAL_RING_HASH_SET_REQUEST_HASH_KEY" to "true".
 	RingHashSetRequestHashKey = boolFromEnv("GRPC_EXPERIMENTAL_RING_HASH_SET_REQUEST_HASH_KEY", false)
+
+	// ALTSHandshakerKeepaliveParams is set if we should add the
+	// KeepaliveParams when dial the ALTS handshaker service.
+	ALTSHandshakerKeepaliveParams = boolFromEnv("GRPC_EXPERIMENTAL_ALTS_HANDSHAKER_KEEPALIVE_PARAMS", false)
 )
 
 func boolFromEnv(envVar string, def bool) bool {
diff --git a/vendor/google.golang.org/grpc/internal/envconfig/xds.go b/vendor/google.golang.org/grpc/internal/envconfig/xds.go
index 2eb97f832b..e87551552a 100644
--- a/vendor/google.golang.org/grpc/internal/envconfig/xds.go
+++ b/vendor/google.golang.org/grpc/internal/envconfig/xds.go
@@ -63,4 +63,9 @@ var (
 	// For more details, see:
 	// https://github.com/grpc/proposal/blob/master/A82-xds-system-root-certs.md.
 	XDSSystemRootCertsEnabled = boolFromEnv("GRPC_EXPERIMENTAL_XDS_SYSTEM_ROOT_CERTS", false)
+
+	// XDSSPIFFEEnabled controls if SPIFFE Bundle Maps can be used as roots of
+	// trust.  For more details, see:
+	// https://github.com/grpc/proposal/blob/master/A87-mtls-spiffe-support.md
+	XDSSPIFFEEnabled = boolFromEnv("GRPC_EXPERIMENTAL_XDS_MTLS_SPIFFE", false)
 )
diff --git a/vendor/google.golang.org/grpc/internal/grpcsync/event.go b/vendor/google.golang.org/grpc/internal/grpcsync/event.go
index fbe697c376..d788c24930 100644
--- a/vendor/google.golang.org/grpc/internal/grpcsync/event.go
+++ b/vendor/google.golang.org/grpc/internal/grpcsync/event.go
@@ -21,28 +21,25 @@
 package grpcsync
 
 import (
-	"sync"
 	"sync/atomic"
 )
 
 // Event represents a one-time event that may occur in the future.
 type Event struct {
-	fired int32
+	fired atomic.Bool
 	c     chan struct{}
-	o     sync.Once
 }
 
 // Fire causes e to complete.  It is safe to call multiple times, and
 // concurrently.  It returns true iff this call to Fire caused the signaling
-// channel returned by Done to close.
+// channel returned by Done to close. If Fire returns false, it is possible
+// the Done channel has not been closed yet.
 func (e *Event) Fire() bool {
-	ret := false
-	e.o.Do(func() {
-		atomic.StoreInt32(&e.fired, 1)
+	if e.fired.CompareAndSwap(false, true) {
 		close(e.c)
-		ret = true
-	})
-	return ret
+		return true
+	}
+	return false
 }
 
 // Done returns a channel that will be closed when Fire is called.
@@ -52,7 +49,7 @@ func (e *Event) Done() <-chan struct{} {
 
 // HasFired returns true if Fire has been called.
 func (e *Event) HasFired() bool {
-	return atomic.LoadInt32(&e.fired) == 1
+	return e.fired.Load()
 }
 
 // NewEvent returns a new, ready-to-use Event.
diff --git a/vendor/google.golang.org/grpc/internal/internal.go b/vendor/google.golang.org/grpc/internal/internal.go
index 2ce012cda1..3ac798e8e6 100644
--- a/vendor/google.golang.org/grpc/internal/internal.go
+++ b/vendor/google.golang.org/grpc/internal/internal.go
@@ -266,6 +266,13 @@ var (
 	TimeAfterFunc = func(d time.Duration, f func()) Timer {
 		return time.AfterFunc(d, f)
 	}
+
+	// NewStreamWaitingForResolver is a test hook that is triggered when a
+	// new stream blocks while waiting for name resolution. This can be
+	// used in tests to synchronize resolver updates and avoid race conditions.
+	// When set, the function will be called before the stream enters
+	// the blocking state.
+	NewStreamWaitingForResolver = func() {}
 )
 
 // HealthChecker defines the signature of the client-side LB channel health
diff --git a/vendor/google.golang.org/grpc/internal/proto/grpc_lookup_v1/rls.pb.go b/vendor/google.golang.org/grpc/internal/proto/grpc_lookup_v1/rls.pb.go
index c5c777c1fa..3503f7d3e2 100644
--- a/vendor/google.golang.org/grpc/internal/proto/grpc_lookup_v1/rls.pb.go
+++ b/vendor/google.golang.org/grpc/internal/proto/grpc_lookup_v1/rls.pb.go
@@ -14,7 +14,7 @@
 
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.36.5
+// 	protoc-gen-go v1.36.6
 // 	protoc        v5.27.1
 // source: grpc/lookup/v1/rls.proto
 
@@ -237,62 +237,35 @@ func (x *RouteLookupResponse) GetExtensions() []*anypb.Any {
 
 var File_grpc_lookup_v1_rls_proto protoreflect.FileDescriptor
 
-var file_grpc_lookup_v1_rls_proto_rawDesc = string([]byte{
-	0x0a, 0x18, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2f, 0x76, 0x31,
-	0x2f, 0x72, 0x6c, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0e, 0x67, 0x72, 0x70, 0x63,
-	0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xb9, 0x03, 0x0a, 0x12, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4c,
-	0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1f, 0x0a, 0x0b,
-	0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28,
-	0x09, 0x52, 0x0a, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x41, 0x0a,
-	0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x2e, 0x52,
-	0x6f, 0x75, 0x74, 0x65, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
-	0x74, 0x2e, 0x52, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x52, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e,
-	0x12, 0x2a, 0x0a, 0x11, 0x73, 0x74, 0x61, 0x6c, 0x65, 0x5f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
-	0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x73, 0x74, 0x61,
-	0x6c, 0x65, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x44, 0x61, 0x74, 0x61, 0x12, 0x47, 0x0a, 0x07,
-	0x6b, 0x65, 0x79, 0x5f, 0x6d, 0x61, 0x70, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x2e, 0x52,
-	0x6f, 0x75, 0x74, 0x65, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
-	0x74, 0x2e, 0x4b, 0x65, 0x79, 0x4d, 0x61, 0x70, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x06, 0x6b,
-	0x65, 0x79, 0x4d, 0x61, 0x70, 0x12, 0x34, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69,
-	0x6f, 0x6e, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52,
-	0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x39, 0x0a, 0x0b, 0x4b,
-	0x65, 0x79, 0x4d, 0x61, 0x70, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65,
-	0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05,
-	0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c,
-	0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x3f, 0x0a, 0x06, 0x52, 0x65, 0x61, 0x73, 0x6f, 0x6e,
-	0x12, 0x12, 0x0a, 0x0e, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f,
-	0x57, 0x4e, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, 0x4d,
-	0x49, 0x53, 0x53, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f,
-	0x53, 0x54, 0x41, 0x4c, 0x45, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08,
-	0x02, 0x10, 0x03, 0x52, 0x06, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x04, 0x70, 0x61, 0x74,
-	0x68, 0x22, 0x94, 0x01, 0x0a, 0x13, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4c, 0x6f, 0x6f, 0x6b, 0x75,
-	0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x74, 0x61, 0x72,
-	0x67, 0x65, 0x74, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x74, 0x61, 0x72, 0x67,
-	0x65, 0x74, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x64, 0x61,
-	0x74, 0x61, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
-	0x44, 0x61, 0x74, 0x61, 0x12, 0x34, 0x0a, 0x0a, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
-	0x6e, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0a,
-	0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02,
-	0x52, 0x06, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x32, 0x6e, 0x0a, 0x12, 0x52, 0x6f, 0x75, 0x74,
-	0x65, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x58,
-	0x0a, 0x0b, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x12, 0x22, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x2e, 0x52,
-	0x6f, 0x75, 0x74, 0x65, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
-	0x74, 0x1a, 0x23, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e,
-	0x76, 0x31, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x52, 0x65,
-	0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x4d, 0x0a, 0x11, 0x69, 0x6f, 0x2e, 0x67,
-	0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x42, 0x08, 0x52,
-	0x6c, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x2c, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x72, 0x70,
-	0x63, 0x2f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x6c, 0x6f,
-	0x6f, 0x6b, 0x75, 0x70, 0x5f, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
-})
+const file_grpc_lookup_v1_rls_proto_rawDesc = "" +
+	"\n" +
+	"\x18grpc/lookup/v1/rls.proto\x12\x0egrpc.lookup.v1\x1a\x19google/protobuf/any.proto\"\xb9\x03\n" +
+	"\x12RouteLookupRequest\x12\x1f\n" +
+	"\vtarget_type\x18\x03 \x01(\tR\n" +
+	"targetType\x12A\n" +
+	"\x06reason\x18\x05 \x01(\x0e2).grpc.lookup.v1.RouteLookupRequest.ReasonR\x06reason\x12*\n" +
+	"\x11stale_header_data\x18\x06 \x01(\tR\x0fstaleHeaderData\x12G\n" +
+	"\akey_map\x18\x04 \x03(\v2..grpc.lookup.v1.RouteLookupRequest.KeyMapEntryR\x06keyMap\x124\n" +
+	"\n" +
+	"extensions\x18\a \x03(\v2\x14.google.protobuf.AnyR\n" +
+	"extensions\x1a9\n" +
+	"\vKeyMapEntry\x12\x10\n" +
+	"\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" +
+	"\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"?\n" +
+	"\x06Reason\x12\x12\n" +
+	"\x0eREASON_UNKNOWN\x10\x00\x12\x0f\n" +
+	"\vREASON_MISS\x10\x01\x12\x10\n" +
+	"\fREASON_STALE\x10\x02J\x04\b\x01\x10\x02J\x04\b\x02\x10\x03R\x06serverR\x04path\"\x94\x01\n" +
+	"\x13RouteLookupResponse\x12\x18\n" +
+	"\atargets\x18\x03 \x03(\tR\atargets\x12\x1f\n" +
+	"\vheader_data\x18\x02 \x01(\tR\n" +
+	"headerData\x124\n" +
+	"\n" +
+	"extensions\x18\x04 \x03(\v2\x14.google.protobuf.AnyR\n" +
+	"extensionsJ\x04\b\x01\x10\x02R\x06target2n\n" +
+	"\x12RouteLookupService\x12X\n" +
+	"\vRouteLookup\x12\".grpc.lookup.v1.RouteLookupRequest\x1a#.grpc.lookup.v1.RouteLookupResponse\"\x00BM\n" +
+	"\x11io.grpc.lookup.v1B\bRlsProtoP\x01Z,google.golang.org/grpc/lookup/grpc_lookup_v1b\x06proto3"
 
 var (
 	file_grpc_lookup_v1_rls_proto_rawDescOnce sync.Once
diff --git a/vendor/google.golang.org/grpc/internal/proto/grpc_lookup_v1/rls_config.pb.go b/vendor/google.golang.org/grpc/internal/proto/grpc_lookup_v1/rls_config.pb.go
index 89fdb7fcff..9e24bbde8b 100644
--- a/vendor/google.golang.org/grpc/internal/proto/grpc_lookup_v1/rls_config.pb.go
+++ b/vendor/google.golang.org/grpc/internal/proto/grpc_lookup_v1/rls_config.pb.go
@@ -14,7 +14,7 @@
 
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.36.5
+// 	protoc-gen-go v1.36.6
 // 	protoc        v5.27.1
 // source: grpc/lookup/v1/rls_config.proto
 
@@ -655,123 +655,53 @@ func (x *GrpcKeyBuilder_ExtraKeys) GetMethod() string {
 
 var File_grpc_lookup_v1_rls_config_proto protoreflect.FileDescriptor
 
-var file_grpc_lookup_v1_rls_config_proto_rawDesc = string([]byte{
-	0x0a, 0x1f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2f, 0x76, 0x31,
-	0x2f, 0x72, 0x6c, 0x73, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x12, 0x0e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76,
-	0x31, 0x1a, 0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
-	0x75, 0x66, 0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x22, 0x5c, 0x0a, 0x0b, 0x4e, 0x61, 0x6d, 0x65, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x65, 0x72,
-	0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b,
-	0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28,
-	0x09, 0x52, 0x05, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x72, 0x65, 0x71, 0x75,
-	0x69, 0x72, 0x65, 0x64, 0x5f, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08,
-	0x52, 0x0d, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x4d, 0x61, 0x74, 0x63, 0x68, 0x22,
-	0xf0, 0x03, 0x0a, 0x0e, 0x47, 0x72, 0x70, 0x63, 0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64,
-	0x65, 0x72, 0x12, 0x39, 0x0a, 0x05, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28,
-	0x0b, 0x32, 0x23, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e,
-	0x76, 0x31, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65,
-	0x72, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x52, 0x05, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x47, 0x0a,
-	0x0a, 0x65, 0x78, 0x74, 0x72, 0x61, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28,
-	0x0b, 0x32, 0x28, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e,
-	0x76, 0x31, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65,
-	0x72, 0x2e, 0x45, 0x78, 0x74, 0x72, 0x61, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x09, 0x65, 0x78, 0x74,
-	0x72, 0x61, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x35, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
-	0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c,
-	0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x4d, 0x61, 0x74,
-	0x63, 0x68, 0x65, 0x72, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x55, 0x0a,
-	0x0d, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x04,
-	0x20, 0x03, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b,
-	0x75, 0x70, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x4b, 0x65, 0x79, 0x42, 0x75, 0x69,
-	0x6c, 0x64, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x74, 0x4b, 0x65, 0x79,
-	0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0c, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x74,
-	0x4b, 0x65, 0x79, 0x73, 0x1a, 0x38, 0x0a, 0x04, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x18, 0x0a, 0x07,
-	0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73,
-	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64,
-	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x1a, 0x51,
-	0x0a, 0x09, 0x45, 0x78, 0x74, 0x72, 0x61, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x68,
-	0x6f, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, 0x6f, 0x73, 0x74, 0x12,
-	0x18, 0x0a, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x65, 0x74,
-	0x68, 0x6f, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f,
-	0x64, 0x1a, 0x3f, 0x0a, 0x11, 0x43, 0x6f, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x74, 0x4b, 0x65, 0x79,
-	0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75,
-	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02,
-	0x38, 0x01, 0x22, 0x89, 0x03, 0x0a, 0x0e, 0x48, 0x74, 0x74, 0x70, 0x4b, 0x65, 0x79, 0x42, 0x75,
-	0x69, 0x6c, 0x64, 0x65, 0x72, 0x12, 0x23, 0x0a, 0x0d, 0x68, 0x6f, 0x73, 0x74, 0x5f, 0x70, 0x61,
-	0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x68, 0x6f,
-	0x73, 0x74, 0x50, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x12, 0x23, 0x0a, 0x0d, 0x70, 0x61,
-	0x74, 0x68, 0x5f, 0x70, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28,
-	0x09, 0x52, 0x0c, 0x70, 0x61, 0x74, 0x68, 0x50, 0x61, 0x74, 0x74, 0x65, 0x72, 0x6e, 0x73, 0x12,
-	0x46, 0x0a, 0x10, 0x71, 0x75, 0x65, 0x72, 0x79, 0x5f, 0x70, 0x61, 0x72, 0x61, 0x6d, 0x65, 0x74,
-	0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x67, 0x72, 0x70, 0x63,
-	0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x4d,
-	0x61, 0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x0f, 0x71, 0x75, 0x65, 0x72, 0x79, 0x50, 0x61, 0x72,
-	0x61, 0x6d, 0x65, 0x74, 0x65, 0x72, 0x73, 0x12, 0x35, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65,
-	0x72, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e,
-	0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x4d, 0x61,
-	0x74, 0x63, 0x68, 0x65, 0x72, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x55,
-	0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18,
-	0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x30, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f,
-	0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x2e, 0x48, 0x74, 0x74, 0x70, 0x4b, 0x65, 0x79, 0x42, 0x75,
-	0x69, 0x6c, 0x64, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x74, 0x4b, 0x65,
-	0x79, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0c, 0x63, 0x6f, 0x6e, 0x73, 0x74, 0x61, 0x6e,
-	0x74, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18,
-	0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x1a, 0x3f, 0x0a,
-	0x11, 0x43, 0x6f, 0x6e, 0x73, 0x74, 0x61, 0x6e, 0x74, 0x4b, 0x65, 0x79, 0x73, 0x45, 0x6e, 0x74,
-	0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0xa6,
-	0x04, 0x0a, 0x11, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x43, 0x6f,
-	0x6e, 0x66, 0x69, 0x67, 0x12, 0x49, 0x0a, 0x10, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x6b, 0x65, 0x79,
-	0x62, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e,
-	0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x2e,
-	0x48, 0x74, 0x74, 0x70, 0x4b, 0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x52, 0x0f,
-	0x68, 0x74, 0x74, 0x70, 0x4b, 0x65, 0x79, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x73, 0x12,
-	0x49, 0x0a, 0x10, 0x67, 0x72, 0x70, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x62, 0x75, 0x69, 0x6c, 0x64,
-	0x65, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x67, 0x72, 0x70, 0x63,
-	0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x72, 0x70, 0x63, 0x4b,
-	0x65, 0x79, 0x42, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x52, 0x0f, 0x67, 0x72, 0x70, 0x63, 0x4b,
-	0x65, 0x79, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x65, 0x72, 0x73, 0x12, 0x25, 0x0a, 0x0e, 0x6c, 0x6f,
-	0x6f, 0x6b, 0x75, 0x70, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x03, 0x20, 0x01,
-	0x28, 0x09, 0x52, 0x0d, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
-	0x65, 0x12, 0x4f, 0x0a, 0x16, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x5f, 0x73, 0x65, 0x72, 0x76,
-	0x69, 0x63, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28,
-	0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x14, 0x6c, 0x6f,
-	0x6f, 0x6b, 0x75, 0x70, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x6f,
-	0x75, 0x74, 0x12, 0x32, 0x0a, 0x07, 0x6d, 0x61, 0x78, 0x5f, 0x61, 0x67, 0x65, 0x18, 0x05, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x06,
-	0x6d, 0x61, 0x78, 0x41, 0x67, 0x65, 0x12, 0x36, 0x0a, 0x09, 0x73, 0x74, 0x61, 0x6c, 0x65, 0x5f,
-	0x61, 0x67, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61,
-	0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x73, 0x74, 0x61, 0x6c, 0x65, 0x41, 0x67, 0x65, 0x12, 0x28,
-	0x0a, 0x10, 0x63, 0x61, 0x63, 0x68, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x5f, 0x62, 0x79, 0x74,
-	0x65, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x63, 0x61, 0x63, 0x68, 0x65, 0x53,
-	0x69, 0x7a, 0x65, 0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x23, 0x0a, 0x0d, 0x76, 0x61, 0x6c, 0x69,
-	0x64, 0x5f, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52,
-	0x0c, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x12, 0x25, 0x0a,
-	0x0e, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x18,
-	0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x54, 0x61,
-	0x72, 0x67, 0x65, 0x74, 0x4a, 0x04, 0x08, 0x0a, 0x10, 0x0b, 0x52, 0x1b, 0x72, 0x65, 0x71, 0x75,
-	0x65, 0x73, 0x74, 0x5f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x69, 0x6e, 0x67, 0x5f, 0x73,
-	0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x22, 0x70, 0x0a, 0x1b, 0x52, 0x6f, 0x75, 0x74, 0x65,
-	0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x43, 0x6c, 0x75, 0x73, 0x74, 0x65, 0x72, 0x53, 0x70, 0x65,
-	0x63, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x51, 0x0a, 0x13, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f,
-	0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75,
-	0x70, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x4c, 0x6f, 0x6f, 0x6b, 0x75, 0x70,
-	0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x11, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x4c, 0x6f, 0x6f,
-	0x6b, 0x75, 0x70, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x42, 0x53, 0x0a, 0x11, 0x69, 0x6f, 0x2e,
-	0x67, 0x72, 0x70, 0x63, 0x2e, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2e, 0x76, 0x31, 0x42, 0x0e,
-	0x52, 0x6c, 0x73, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
-	0x5a, 0x2c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e,
-	0x6f, 0x72, 0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x2f,
-	0x67, 0x72, 0x70, 0x63, 0x5f, 0x6c, 0x6f, 0x6f, 0x6b, 0x75, 0x70, 0x5f, 0x76, 0x31, 0x62, 0x06,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
-})
+const file_grpc_lookup_v1_rls_config_proto_rawDesc = "" +
+	"\n" +
+	"\x1fgrpc/lookup/v1/rls_config.proto\x12\x0egrpc.lookup.v1\x1a\x1egoogle/protobuf/duration.proto\"\\\n" +
+	"\vNameMatcher\x12\x10\n" +
+	"\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" +
+	"\x05names\x18\x02 \x03(\tR\x05names\x12%\n" +
+	"\x0erequired_match\x18\x03 \x01(\bR\rrequiredMatch\"\xf0\x03\n" +
+	"\x0eGrpcKeyBuilder\x129\n" +
+	"\x05names\x18\x01 \x03(\v2#.grpc.lookup.v1.GrpcKeyBuilder.NameR\x05names\x12G\n" +
+	"\n" +
+	"extra_keys\x18\x03 \x01(\v2(.grpc.lookup.v1.GrpcKeyBuilder.ExtraKeysR\textraKeys\x125\n" +
+	"\aheaders\x18\x02 \x03(\v2\x1b.grpc.lookup.v1.NameMatcherR\aheaders\x12U\n" +
+	"\rconstant_keys\x18\x04 \x03(\v20.grpc.lookup.v1.GrpcKeyBuilder.ConstantKeysEntryR\fconstantKeys\x1a8\n" +
+	"\x04Name\x12\x18\n" +
+	"\aservice\x18\x01 \x01(\tR\aservice\x12\x16\n" +
+	"\x06method\x18\x02 \x01(\tR\x06method\x1aQ\n" +
+	"\tExtraKeys\x12\x12\n" +
+	"\x04host\x18\x01 \x01(\tR\x04host\x12\x18\n" +
+	"\aservice\x18\x02 \x01(\tR\aservice\x12\x16\n" +
+	"\x06method\x18\x03 \x01(\tR\x06method\x1a?\n" +
+	"\x11ConstantKeysEntry\x12\x10\n" +
+	"\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" +
+	"\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"\x89\x03\n" +
+	"\x0eHttpKeyBuilder\x12#\n" +
+	"\rhost_patterns\x18\x01 \x03(\tR\fhostPatterns\x12#\n" +
+	"\rpath_patterns\x18\x02 \x03(\tR\fpathPatterns\x12F\n" +
+	"\x10query_parameters\x18\x03 \x03(\v2\x1b.grpc.lookup.v1.NameMatcherR\x0fqueryParameters\x125\n" +
+	"\aheaders\x18\x04 \x03(\v2\x1b.grpc.lookup.v1.NameMatcherR\aheaders\x12U\n" +
+	"\rconstant_keys\x18\x05 \x03(\v20.grpc.lookup.v1.HttpKeyBuilder.ConstantKeysEntryR\fconstantKeys\x12\x16\n" +
+	"\x06method\x18\x06 \x01(\tR\x06method\x1a?\n" +
+	"\x11ConstantKeysEntry\x12\x10\n" +
+	"\x03key\x18\x01 \x01(\tR\x03key\x12\x14\n" +
+	"\x05value\x18\x02 \x01(\tR\x05value:\x028\x01\"\xa6\x04\n" +
+	"\x11RouteLookupConfig\x12I\n" +
+	"\x10http_keybuilders\x18\x01 \x03(\v2\x1e.grpc.lookup.v1.HttpKeyBuilderR\x0fhttpKeybuilders\x12I\n" +
+	"\x10grpc_keybuilders\x18\x02 \x03(\v2\x1e.grpc.lookup.v1.GrpcKeyBuilderR\x0fgrpcKeybuilders\x12%\n" +
+	"\x0elookup_service\x18\x03 \x01(\tR\rlookupService\x12O\n" +
+	"\x16lookup_service_timeout\x18\x04 \x01(\v2\x19.google.protobuf.DurationR\x14lookupServiceTimeout\x122\n" +
+	"\amax_age\x18\x05 \x01(\v2\x19.google.protobuf.DurationR\x06maxAge\x126\n" +
+	"\tstale_age\x18\x06 \x01(\v2\x19.google.protobuf.DurationR\bstaleAge\x12(\n" +
+	"\x10cache_size_bytes\x18\a \x01(\x03R\x0ecacheSizeBytes\x12#\n" +
+	"\rvalid_targets\x18\b \x03(\tR\fvalidTargets\x12%\n" +
+	"\x0edefault_target\x18\t \x01(\tR\rdefaultTargetJ\x04\b\n" +
+	"\x10\vR\x1brequest_processing_strategy\"p\n" +
+	"\x1bRouteLookupClusterSpecifier\x12Q\n" +
+	"\x13route_lookup_config\x18\x01 \x01(\v2!.grpc.lookup.v1.RouteLookupConfigR\x11routeLookupConfigBS\n" +
+	"\x11io.grpc.lookup.v1B\x0eRlsConfigProtoP\x01Z,google.golang.org/grpc/lookup/grpc_lookup_v1b\x06proto3"
 
 var (
 	file_grpc_lookup_v1_rls_config_proto_rawDescOnce sync.Once
diff --git a/vendor/google.golang.org/grpc/internal/resolver/delegatingresolver/delegatingresolver.go b/vendor/google.golang.org/grpc/internal/resolver/delegatingresolver/delegatingresolver.go
index 7b93f692be..20b8fb098a 100644
--- a/vendor/google.golang.org/grpc/internal/resolver/delegatingresolver/delegatingresolver.go
+++ b/vendor/google.golang.org/grpc/internal/resolver/delegatingresolver/delegatingresolver.go
@@ -28,6 +28,8 @@ import (
 
 	"google.golang.org/grpc/grpclog"
 	"google.golang.org/grpc/internal/proxyattributes"
+	"google.golang.org/grpc/internal/transport"
+	"google.golang.org/grpc/internal/transport/networktype"
 	"google.golang.org/grpc/resolver"
 	"google.golang.org/grpc/serviceconfig"
 )
@@ -40,7 +42,7 @@ var (
 
 // delegatingResolver manages both target URI and proxy address resolution by
 // delegating these tasks to separate child resolvers. Essentially, it acts as
-// a intermediary between the gRPC ClientConn and the child resolvers.
+// an intermediary between the gRPC ClientConn and the child resolvers.
 //
 // It implements the [resolver.Resolver] interface.
 type delegatingResolver struct {
@@ -48,6 +50,9 @@ type delegatingResolver struct {
 	cc       resolver.ClientConn // gRPC ClientConn
 	proxyURL *url.URL            // proxy URL, derived from proxy environment and target
 
+	// We do not hold both mu and childMu in the same goroutine. Avoid holding
+	// both locks when calling into the child, as the child resolver may
+	// synchronously callback into the channel.
 	mu                  sync.Mutex         // protects all the fields below
 	targetResolverState *resolver.State    // state of the target resolver
 	proxyAddrs          []resolver.Address // resolved proxy addresses; empty if no proxy is configured
@@ -66,8 +71,8 @@ func (nopResolver) ResolveNow(resolver.ResolveNowOptions) {}
 
 func (nopResolver) Close() {}
 
-// proxyURLForTarget determines the proxy URL for the given address based on
-// the environment. It can return the following:
+// proxyURLForTarget determines the proxy URL for the given address based on the
+// environment. It can return the following:
 //   - nil URL, nil error: No proxy is configured or the address is excluded
 //     using the `NO_PROXY` environment variable or if req.URL.Host is
 //     "localhost" (with or without // a port number)
@@ -86,7 +91,8 @@ func proxyURLForTarget(address string) (*url.URL, error) {
 // resolvers:
 //   - one to resolve the proxy address specified using the supported
 //     environment variables. This uses the registered resolver for the "dns"
-//     scheme.
+//     scheme. It is lazily built when a target resolver update contains at least
+//     one TCP address.
 //   - one to resolve the target URI using the resolver specified by the scheme
 //     in the target URI or specified by the user using the WithResolvers dial
 //     option. As a special case, if the target URI's scheme is "dns" and a
@@ -95,8 +101,10 @@ func proxyURLForTarget(address string) (*url.URL, error) {
 //     resolution is enabled using the dial option.
 func New(target resolver.Target, cc resolver.ClientConn, opts resolver.BuildOptions, targetResolverBuilder resolver.Builder, targetResolutionEnabled bool) (resolver.Resolver, error) {
 	r := &delegatingResolver{
-		target: target,
-		cc:     cc,
+		target:         target,
+		cc:             cc,
+		proxyResolver:  nopResolver{},
+		targetResolver: nopResolver{},
 	}
 
 	var err error
@@ -123,37 +131,26 @@ func New(target resolver.Target, cc resolver.ClientConn, opts resolver.BuildOpti
 	// resolution should be handled by the proxy, not the client. Therefore, we
 	// bypass the target resolver and store the unresolved target address.
 	if target.URL.Scheme == "dns" && !targetResolutionEnabled {
-		state := resolver.State{
+		r.targetResolverState = &resolver.State{
 			Addresses: []resolver.Address{{Addr: target.Endpoint()}},
 			Endpoints: []resolver.Endpoint{{Addresses: []resolver.Address{{Addr: target.Endpoint()}}}},
 		}
-		r.targetResolverState = &state
-	} else {
-		wcc := &wrappingClientConn{
-			stateListener: r.updateTargetResolverState,
-			parent:        r,
-		}
-		if r.targetResolver, err = targetResolverBuilder.Build(target, wcc, opts); err != nil {
-			return nil, fmt.Errorf("delegating_resolver: unable to build the resolver for target %s: %v", target, err)
-		}
-	}
-
-	if r.proxyResolver, err = r.proxyURIResolver(opts); err != nil {
-		return nil, fmt.Errorf("delegating_resolver: failed to build resolver for proxy URL %q: %v", r.proxyURL, err)
+		r.updateTargetResolverState(*r.targetResolverState)
+		return r, nil
 	}
-
-	if r.targetResolver == nil {
-		r.targetResolver = nopResolver{}
+	wcc := &wrappingClientConn{
+		stateListener: r.updateTargetResolverState,
+		parent:        r,
 	}
-	if r.proxyResolver == nil {
-		r.proxyResolver = nopResolver{}
+	if r.targetResolver, err = targetResolverBuilder.Build(target, wcc, opts); err != nil {
+		return nil, fmt.Errorf("delegating_resolver: unable to build the resolver for target %s: %v", target, err)
 	}
 	return r, nil
 }
 
-// proxyURIResolver creates a resolver for resolving proxy URIs using the
-// "dns" scheme. It adjusts the proxyURL to conform to the "dns:///" format and
-// builds a resolver with a wrappingClientConn to capture resolved addresses.
+// proxyURIResolver creates a resolver for resolving proxy URIs using the "dns"
+// scheme. It adjusts the proxyURL to conform to the "dns:///" format and builds
+// a resolver with a wrappingClientConn to capture resolved addresses.
 func (r *delegatingResolver) proxyURIResolver(opts resolver.BuildOptions) (resolver.Resolver, error) {
 	proxyBuilder := resolver.Get("dns")
 	if proxyBuilder == nil {
@@ -189,18 +186,58 @@ func (r *delegatingResolver) Close() {
 	r.proxyResolver = nil
 }
 
-// updateClientConnStateLocked creates a list of combined addresses by
-// pairing each proxy address with every target address. For each pair, it
-// generates a new [resolver.Address] using the proxy address, and adding the
-// target address as the attribute along with user info. It returns nil if
-// either resolver has not sent update even once and returns the error from
-// ClientConn update once both resolvers have sent update atleast once.
+func needsProxyResolver(state *resolver.State) bool {
+	for _, addr := range state.Addresses {
+		if !skipProxy(addr) {
+			return true
+		}
+	}
+	for _, endpoint := range state.Endpoints {
+		for _, addr := range endpoint.Addresses {
+			if !skipProxy(addr) {
+				return true
+			}
+		}
+	}
+	return false
+}
+
+func skipProxy(address resolver.Address) bool {
+	// Avoid proxy when network is not tcp.
+	networkType, ok := networktype.Get(address)
+	if !ok {
+		networkType, _ = transport.ParseDialTarget(address.Addr)
+	}
+	if networkType != "tcp" {
+		return true
+	}
+
+	req := &http.Request{URL: &url.URL{
+		Scheme: "https",
+		Host:   address.Addr,
+	}}
+	// Avoid proxy when address included in `NO_PROXY` environment variable or
+	// fails to get the proxy address.
+	url, err := HTTPSProxyFromEnvironment(req)
+	if err != nil || url == nil {
+		return true
+	}
+	return false
+}
+
+// updateClientConnStateLocked constructs a combined list of addresses by
+// pairing each proxy address with every target address of type TCP. For each
+// pair, it creates a new [resolver.Address] using the proxy address and
+// attaches the corresponding target address and user info as attributes. Target
+// addresses that are not of type TCP are appended to the list as-is. The
+// function returns nil if either resolver has not yet provided an update, and
+// returns the result of ClientConn.UpdateState once both resolvers have
+// provided at least one update.
 func (r *delegatingResolver) updateClientConnStateLocked() error {
 	if r.targetResolverState == nil || r.proxyAddrs == nil {
 		return nil
 	}
 
-	curState := *r.targetResolverState
 	// If multiple resolved proxy addresses are present, we send only the
 	// unresolved proxy host and let net.Dial handle the proxy host name
 	// resolution when creating the transport. Sending all resolved addresses
@@ -218,24 +255,29 @@ func (r *delegatingResolver) updateClientConnStateLocked() error {
 	}
 	var addresses []resolver.Address
 	for _, targetAddr := range (*r.targetResolverState).Addresses {
+		if skipProxy(targetAddr) {
+			addresses = append(addresses, targetAddr)
+			continue
+		}
 		addresses = append(addresses, proxyattributes.Set(proxyAddr, proxyattributes.Options{
 			User:        r.proxyURL.User,
 			ConnectAddr: targetAddr.Addr,
 		}))
 	}
 
-	// Create a list of combined endpoints by pairing all proxy endpoints
-	// with every target endpoint. Each time, it constructs a new
-	// [resolver.Endpoint] using the all addresses from all the proxy endpoint
-	// and the target addresses from one endpoint. The target address and user
-	// information from the proxy URL are added as attributes to the proxy
-	// address.The resulting list of addresses is then grouped into endpoints,
-	// covering all combinations of proxy and target endpoints.
+	// For each target endpoint, construct a new [resolver.Endpoint] that
+	// includes all addresses from all proxy endpoints and the addresses from
+	// that target endpoint, preserving the number of target endpoints.
 	var endpoints []resolver.Endpoint
 	for _, endpt := range (*r.targetResolverState).Endpoints {
 		var addrs []resolver.Address
-		for _, proxyAddr := range r.proxyAddrs {
-			for _, targetAddr := range endpt.Addresses {
+		for _, targetAddr := range endpt.Addresses {
+			// Avoid proxy when network is not tcp.
+			if skipProxy(targetAddr) {
+				addrs = append(addrs, targetAddr)
+				continue
+			}
+			for _, proxyAddr := range r.proxyAddrs {
 				addrs = append(addrs, proxyattributes.Set(proxyAddr, proxyattributes.Options{
 					User:        r.proxyURL.User,
 					ConnectAddr: targetAddr.Addr,
@@ -246,8 +288,9 @@ func (r *delegatingResolver) updateClientConnStateLocked() error {
 	}
 	// Use the targetResolverState for its service config and attributes
 	// contents. The state update is only sent after both the target and proxy
-	// resolvers have sent their updates, and curState has been updated with
-	// the combined addresses.
+	// resolvers have sent their updates, and curState has been updated with the
+	// combined addresses.
+	curState := *r.targetResolverState
 	curState.Addresses = addresses
 	curState.Endpoints = endpoints
 	return r.cc.UpdateState(curState)
@@ -257,7 +300,8 @@ func (r *delegatingResolver) updateClientConnStateLocked() error {
 // addresses and endpoints, marking the resolver as ready, and triggering a
 // state update if both proxy and target resolvers are ready. If the ClientConn
 // returns a non-nil error, it calls `ResolveNow()` on the target resolver.  It
-// is a StateListener function of wrappingClientConn passed to the proxy resolver.
+// is a StateListener function of wrappingClientConn passed to the proxy
+// resolver.
 func (r *delegatingResolver) updateProxyResolverState(state resolver.State) error {
 	r.mu.Lock()
 	defer r.mu.Unlock()
@@ -265,8 +309,8 @@ func (r *delegatingResolver) updateProxyResolverState(state resolver.State) erro
 		logger.Infof("Addresses received from proxy resolver: %s", state.Addresses)
 	}
 	if len(state.Endpoints) > 0 {
-		// We expect exactly one address per endpoint because the proxy
-		// resolver uses "dns" resolution.
+		// We expect exactly one address per endpoint because the proxy resolver
+		// uses "dns" resolution.
 		r.proxyAddrs = make([]resolver.Address, 0, len(state.Endpoints))
 		for _, endpoint := range state.Endpoints {
 			r.proxyAddrs = append(r.proxyAddrs, endpoint.Addresses...)
@@ -294,11 +338,14 @@ func (r *delegatingResolver) updateProxyResolverState(state resolver.State) erro
 	return err
 }
 
-// updateTargetResolverState updates the target resolver state by storing target
-// addresses, endpoints, and service config, marking the resolver as ready, and
-// triggering a state update if both resolvers are ready. If the ClientConn
-// returns a non-nil error, it calls `ResolveNow()` on the proxy resolver. It
-// is a StateListener function of wrappingClientConn passed to the target resolver.
+// updateTargetResolverState is the StateListener function provided to the
+// target resolver via wrappingClientConn. It updates the resolver state and
+// marks the target resolver as ready. If the update includes at least one TCP
+// address and the proxy resolver has not yet been constructed, it initializes
+// the proxy resolver. A combined state update is triggered once both resolvers
+// are ready. If all addresses are non-TCP, it proceeds without waiting for the
+// proxy resolver. If ClientConn.UpdateState returns a non-nil error,
+// ResolveNow() is called on the proxy resolver.
 func (r *delegatingResolver) updateTargetResolverState(state resolver.State) error {
 	r.mu.Lock()
 	defer r.mu.Unlock()
@@ -307,6 +354,32 @@ func (r *delegatingResolver) updateTargetResolverState(state resolver.State) err
 		logger.Infof("Addresses received from target resolver: %v", state.Addresses)
 	}
 	r.targetResolverState = &state
+	// If all addresses returned by the target resolver have a non-TCP network
+	// type, or are listed in the `NO_PROXY` environment variable, do not wait
+	// for proxy update.
+	if !needsProxyResolver(r.targetResolverState) {
+		return r.cc.UpdateState(*r.targetResolverState)
+	}
+
+	// The proxy resolver may be rebuilt multiple times, specifically each time
+	// the target resolver sends an update, even if the target resolver is built
+	// successfully but building the proxy resolver fails.
+	if len(r.proxyAddrs) == 0 {
+		go func() {
+			r.childMu.Lock()
+			defer r.childMu.Unlock()
+			if _, ok := r.proxyResolver.(nopResolver); !ok {
+				return
+			}
+			proxyResolver, err := r.proxyURIResolver(resolver.BuildOptions{})
+			if err != nil {
+				r.cc.ReportError(fmt.Errorf("delegating_resolver: unable to build the proxy resolver: %v", err))
+				return
+			}
+			r.proxyResolver = proxyResolver
+		}()
+	}
+
 	err := r.updateClientConnStateLocked()
 	if err != nil {
 		go func() {
@@ -335,7 +408,8 @@ func (wcc *wrappingClientConn) UpdateState(state resolver.State) error {
 	return wcc.stateListener(state)
 }
 
-// ReportError intercepts errors from the child resolvers and passes them to ClientConn.
+// ReportError intercepts errors from the child resolvers and passes them to
+// ClientConn.
 func (wcc *wrappingClientConn) ReportError(err error) {
 	wcc.parent.cc.ReportError(err)
 }
@@ -346,8 +420,8 @@ func (wcc *wrappingClientConn) NewAddress(addrs []resolver.Address) {
 	wcc.UpdateState(resolver.State{Addresses: addrs})
 }
 
-// ParseServiceConfig parses the provided service config and returns an
-// object that provides the parsed config.
+// ParseServiceConfig parses the provided service config and returns an object
+// that provides the parsed config.
 func (wcc *wrappingClientConn) ParseServiceConfig(serviceConfigJSON string) *serviceconfig.ParseResult {
 	return wcc.parent.cc.ParseServiceConfig(serviceConfigJSON)
 }
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/util.go b/vendor/google.golang.org/grpc/internal/ringhash/ringhash.go
similarity index 64%
rename from vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/util.go
rename to vendor/google.golang.org/grpc/internal/ringhash/ringhash.go
index 371c3c3e35..c75ac1ce69 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/ringhash/util.go
+++ b/vendor/google.golang.org/grpc/internal/ringhash/ringhash.go
@@ -1,6 +1,6 @@
 /*
  *
- * Copyright 2021 gRPC authors.
+ * Copyright 2025 gRPC authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,12 +16,28 @@
  *
  */
 
+// Package ringhash (internal) contains functions and types that need to be
+// shared by the ring hash balancer and other gRPC code (such as xDS)
+// without being exported.
 package ringhash
 
 import (
 	"context"
+
+	"google.golang.org/grpc/serviceconfig"
 )
 
+// LBConfig is the balancer config for ring_hash balancer.
+type LBConfig struct {
+	serviceconfig.LoadBalancingConfig `json:"-"`
+
+	MinRingSize       uint64 `json:"minRingSize,omitempty"`
+	MaxRingSize       uint64 `json:"maxRingSize,omitempty"`
+	RequestHashHeader string `json:"requestHashHeader,omitempty"`
+}
+
+// xdsHashKey is the type used as the key to store request hash in the context
+// used when combining the Ring Hash load balancing policy with xDS.
 type xdsHashKey struct{}
 
 // XDSRequestHash returns the request hash in the context and true if it was set
diff --git a/vendor/google.golang.org/grpc/internal/status/status.go b/vendor/google.golang.org/grpc/internal/status/status.go
index 1186f1e9a9..aad171cd02 100644
--- a/vendor/google.golang.org/grpc/internal/status/status.go
+++ b/vendor/google.golang.org/grpc/internal/status/status.go
@@ -236,3 +236,11 @@ func IsRestrictedControlPlaneCode(s *Status) bool {
 	}
 	return false
 }
+
+// RawStatusProto returns the internal protobuf message for use by gRPC itself.
+func RawStatusProto(s *Status) *spb.Status {
+	if s == nil {
+		return nil
+	}
+	return s.s
+}
diff --git a/vendor/google.golang.org/grpc/internal/transport/http2_client.go b/vendor/google.golang.org/grpc/internal/transport/http2_client.go
index ae9316662e..ef56592b94 100644
--- a/vendor/google.golang.org/grpc/internal/transport/http2_client.go
+++ b/vendor/google.golang.org/grpc/internal/transport/http2_client.go
@@ -176,7 +176,7 @@ func dial(ctx context.Context, fn func(context.Context, string) (net.Conn, error
 		return fn(ctx, address)
 	}
 	if !ok {
-		networkType, address = parseDialTarget(address)
+		networkType, address = ParseDialTarget(address)
 	}
 	if opts, present := proxyattributes.Get(addr); present {
 		return proxyDial(ctx, addr, grpcUA, opts)
@@ -545,7 +545,7 @@ func (t *http2Client) createHeaderFields(ctx context.Context, callHdr *CallHdr)
 		Method:   callHdr.Method,
 		AuthInfo: t.authInfo,
 	}
-	ctxWithRequestInfo := icredentials.NewRequestInfoContext(ctx, ri)
+	ctxWithRequestInfo := credentials.NewContextWithRequestInfo(ctx, ri)
 	authData, err := t.getTrAuthData(ctxWithRequestInfo, aud)
 	if err != nil {
 		return nil, err
@@ -592,6 +592,9 @@ func (t *http2Client) createHeaderFields(ctx context.Context, callHdr *CallHdr)
 		// Send out timeout regardless its value. The server can detect timeout context by itself.
 		// TODO(mmukhi): Perhaps this field should be updated when actually writing out to the wire.
 		timeout := time.Until(dl)
+		if timeout <= 0 {
+			return nil, status.Error(codes.DeadlineExceeded, context.DeadlineExceeded.Error())
+		}
 		headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-timeout", Value: grpcutil.EncodeDuration(timeout)})
 	}
 	for k, v := range authData {
@@ -749,6 +752,25 @@ func (t *http2Client) NewStream(ctx context.Context, callHdr *CallHdr) (*ClientS
 		callHdr = &newCallHdr
 	}
 
+	// The authority specified via the `CallAuthority` CallOption takes the
+	// highest precedence when determining the `:authority` header. It overrides
+	// any value present in the Host field of CallHdr. Before applying this
+	// override, the authority string is validated. If the credentials do not
+	// implement the AuthorityValidator interface, or if validation fails, the
+	// RPC is failed with a status code of `UNAVAILABLE`.
+	if callHdr.Authority != "" {
+		auth, ok := t.authInfo.(credentials.AuthorityValidator)
+		if !ok {
+			return nil, &NewStreamError{Err: status.Errorf(codes.Unavailable, "credentials type %q does not implement the AuthorityValidator interface, but authority override specified with CallAuthority call option", t.authInfo.AuthType())}
+		}
+		if err := auth.ValidateAuthority(callHdr.Authority); err != nil {
+			return nil, &NewStreamError{Err: status.Errorf(codes.Unavailable, "failed to validate authority %q : %v", callHdr.Authority, err)}
+		}
+		newCallHdr := *callHdr
+		newCallHdr.Host = callHdr.Authority
+		callHdr = &newCallHdr
+	}
+
 	headerFields, err := t.createHeaderFields(ctx, callHdr)
 	if err != nil {
 		return nil, &NewStreamError{Err: err, AllowTransparentRetry: false}
@@ -1242,7 +1264,8 @@ func (t *http2Client) handleRSTStream(f *http2.RSTStreamFrame) {
 			statusCode = codes.DeadlineExceeded
 		}
 	}
-	t.closeStream(s, io.EOF, false, http2.ErrCodeNo, status.Newf(statusCode, "stream terminated by RST_STREAM with error code: %v", f.ErrCode), nil, false)
+	st := status.Newf(statusCode, "stream terminated by RST_STREAM with error code: %v", f.ErrCode)
+	t.closeStream(s, st.Err(), false, http2.ErrCodeNo, st, nil, false)
 }
 
 func (t *http2Client) handleSettings(f *http2.SettingsFrame, isFirst bool) {
diff --git a/vendor/google.golang.org/grpc/internal/transport/http2_server.go b/vendor/google.golang.org/grpc/internal/transport/http2_server.go
index 7e53eb1735..e4c3731bdb 100644
--- a/vendor/google.golang.org/grpc/internal/transport/http2_server.go
+++ b/vendor/google.golang.org/grpc/internal/transport/http2_server.go
@@ -39,6 +39,7 @@ import (
 	"google.golang.org/grpc/internal/grpclog"
 	"google.golang.org/grpc/internal/grpcutil"
 	"google.golang.org/grpc/internal/pretty"
+	istatus "google.golang.org/grpc/internal/status"
 	"google.golang.org/grpc/internal/syscall"
 	"google.golang.org/grpc/mem"
 	"google.golang.org/protobuf/proto"
@@ -1055,7 +1056,7 @@ func (t *http2Server) writeHeaderLocked(s *ServerStream) error {
 	return nil
 }
 
-// WriteStatus sends stream status to the client and terminates the stream.
+// writeStatus sends stream status to the client and terminates the stream.
 // There is no further I/O operations being able to perform on this stream.
 // TODO(zhaoq): Now it indicates the end of entire stream. Revisit if early
 // OK is adopted.
@@ -1083,7 +1084,7 @@ func (t *http2Server) writeStatus(s *ServerStream, st *status.Status) error {
 	headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-status", Value: strconv.Itoa(int(st.Code()))})
 	headerFields = append(headerFields, hpack.HeaderField{Name: "grpc-message", Value: encodeGrpcMessage(st.Message())})
 
-	if p := st.Proto(); p != nil && len(p.Details) > 0 {
+	if p := istatus.RawStatusProto(st); len(p.GetDetails()) > 0 {
 		// Do not use the user's grpc-status-details-bin (if present) if we are
 		// even attempting to set our own.
 		delete(s.trailer, grpcStatusDetailsBinHeader)
diff --git a/vendor/google.golang.org/grpc/internal/transport/http_util.go b/vendor/google.golang.org/grpc/internal/transport/http_util.go
index 3613d7b648..607d2c4cee 100644
--- a/vendor/google.golang.org/grpc/internal/transport/http_util.go
+++ b/vendor/google.golang.org/grpc/internal/transport/http_util.go
@@ -196,11 +196,14 @@ func decodeTimeout(s string) (time.Duration, error) {
 	if !ok {
 		return 0, fmt.Errorf("transport: timeout unit is not recognized: %q", s)
 	}
-	t, err := strconv.ParseInt(s[:size-1], 10, 64)
+	t, err := strconv.ParseUint(s[:size-1], 10, 64)
 	if err != nil {
 		return 0, err
 	}
-	const maxHours = math.MaxInt64 / int64(time.Hour)
+	if t == 0 {
+		return 0, fmt.Errorf("transport: timeout must be positive: %q", s)
+	}
+	const maxHours = math.MaxInt64 / uint64(time.Hour)
 	if d == time.Hour && t > maxHours {
 		// This timeout would overflow math.MaxInt64; clamp it.
 		return time.Duration(math.MaxInt64), nil
@@ -439,8 +442,8 @@ func getWriteBufferPool(size int) *sync.Pool {
 	return pool
 }
 
-// parseDialTarget returns the network and address to pass to dialer.
-func parseDialTarget(target string) (string, string) {
+// ParseDialTarget returns the network and address to pass to dialer.
+func ParseDialTarget(target string) (string, string) {
 	net := "tcp"
 	m1 := strings.Index(target, ":")
 	m2 := strings.Index(target, ":/")
diff --git a/vendor/google.golang.org/grpc/internal/transport/transport.go b/vendor/google.golang.org/grpc/internal/transport/transport.go
index af4a4aeab1..1730a639f9 100644
--- a/vendor/google.golang.org/grpc/internal/transport/transport.go
+++ b/vendor/google.golang.org/grpc/internal/transport/transport.go
@@ -540,6 +540,11 @@ type CallHdr struct {
 	PreviousAttempts int // value of grpc-previous-rpc-attempts header to set
 
 	DoneFunc func() // called when the stream is finished
+
+	// Authority is used to explicitly override the `:authority` header. If set,
+	// this value takes precedence over the Host field and will be used as the
+	// value for the `:authority` header.
+	Authority string
 }
 
 // ClientTransport is the common interface for all gRPC client-side transport
diff --git a/vendor/google.golang.org/grpc/internal/xds/bootstrap/bootstrap.go b/vendor/google.golang.org/grpc/internal/xds/bootstrap/bootstrap.go
index 69b7ee80dc..142e803930 100644
--- a/vendor/google.golang.org/grpc/internal/xds/bootstrap/bootstrap.go
+++ b/vendor/google.golang.org/grpc/internal/xds/bootstrap/bootstrap.go
@@ -206,7 +206,7 @@ func (sc *ServerConfig) ServerFeatures() []string {
 //
 // This feature controls the behavior of the xDS client when the server deletes
 // a previously sent Listener or Cluster resource. If set, the xDS client will
-// not invoke the watchers' OnResourceDoesNotExist() method when a resource is
+// not invoke the watchers' ResourceError() method when a resource is
 // deleted, nor will it remove the existing resource value from its cache.
 func (sc *ServerConfig) ServerFeaturesIgnoreResourceDeletion() bool {
 	for _, sf := range sc.serverFeatures {
diff --git a/vendor/google.golang.org/grpc/internal/xds/bootstrap/tlscreds/bundle.go b/vendor/google.golang.org/grpc/internal/xds/bootstrap/tlscreds/bundle.go
index ed90720b58..dda233137e 100644
--- a/vendor/google.golang.org/grpc/internal/xds/bootstrap/tlscreds/bundle.go
+++ b/vendor/google.golang.org/grpc/internal/xds/bootstrap/tlscreds/bundle.go
@@ -23,15 +23,20 @@ package tlscreds
 import (
 	"context"
 	"crypto/tls"
+	"crypto/x509"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"net"
 	"sync"
+	"time"
 
+	"github.com/spiffe/go-spiffe/v2/bundle/spiffebundle"
 	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/credentials/tls/certprovider"
 	"google.golang.org/grpc/credentials/tls/certprovider/pemfile"
+	"google.golang.org/grpc/internal/credentials/spiffe"
+	"google.golang.org/grpc/internal/envconfig"
 )
 
 // bundle is an implementation of credentials.Bundle which implements mTLS
@@ -48,9 +53,10 @@ type bundle struct {
 // See gRFC A65: github.com/grpc/proposal/blob/master/A65-xds-mtls-creds-in-bootstrap.md
 func NewBundle(jd json.RawMessage) (credentials.Bundle, func(), error) {
 	cfg := &struct {
-		CertificateFile   string `json:"certificate_file"`
-		CACertificateFile string `json:"ca_certificate_file"`
-		PrivateKeyFile    string `json:"private_key_file"`
+		CertificateFile          string `json:"certificate_file"`
+		CACertificateFile        string `json:"ca_certificate_file"`
+		PrivateKeyFile           string `json:"private_key_file"`
+		SPIFFETrustBundleMapFile string `json:"spiffe_trust_bundle_map_file"`
 	}{}
 
 	if jd != nil {
@@ -59,7 +65,10 @@ func NewBundle(jd json.RawMessage) (credentials.Bundle, func(), error) {
 		}
 	} // Else the config field is absent. Treat it as an empty config.
 
-	if cfg.CACertificateFile == "" && cfg.CertificateFile == "" && cfg.PrivateKeyFile == "" {
+	if !envconfig.XDSSPIFFEEnabled {
+		cfg.SPIFFETrustBundleMapFile = ""
+	}
+	if cfg.CACertificateFile == "" && cfg.CertificateFile == "" && cfg.PrivateKeyFile == "" && cfg.SPIFFETrustBundleMapFile == "" {
 		// We cannot use (and do not need) a file_watcher provider in this case,
 		// and can simply directly use the TLS transport credentials.
 		// Quoting A65:
@@ -69,6 +78,8 @@ func NewBundle(jd json.RawMessage) (credentials.Bundle, func(), error) {
 		// > provider, at least one of the "certificate_file" or
 		// > "ca_certificate_file" fields must be specified, whereas in this
 		// > configuration, it is acceptable to specify neither one.
+		// Further, with the introduction of SPIFFE Trust Map support, we also
+		// check for this value.
 		return &bundle{transportCredentials: credentials.NewTLS(&tls.Config{})}, func() {}, nil
 	}
 	// Otherwise we need to use a file_watcher provider to watch the CA,
@@ -114,9 +125,18 @@ func (c *reloadingCreds) ClientHandshake(ctx context.Context, authority string,
 	if err != nil {
 		return nil, nil, err
 	}
-	config := &tls.Config{
-		RootCAs:      km.Roots,
-		Certificates: km.Certs,
+	var config *tls.Config
+	if km.SPIFFEBundleMap != nil {
+		config = &tls.Config{
+			InsecureSkipVerify:    true,
+			VerifyPeerCertificate: buildSPIFFEVerifyFunc(km.SPIFFEBundleMap),
+			Certificates:          km.Certs,
+		}
+	} else {
+		config = &tls.Config{
+			RootCAs:      km.Roots,
+			Certificates: km.Certs,
+		}
 	}
 	return credentials.NewTLS(config).ClientHandshake(ctx, authority, rawConn)
 }
@@ -136,3 +156,39 @@ func (c *reloadingCreds) OverrideServerName(string) error {
 func (c *reloadingCreds) ServerHandshake(net.Conn) (net.Conn, credentials.AuthInfo, error) {
 	return nil, nil, errors.New("server handshake is not supported by xDS client TLS credentials")
 }
+
+func buildSPIFFEVerifyFunc(spiffeBundleMap map[string]*spiffebundle.Bundle) func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
+	return func(rawCerts [][]byte, _ [][]*x509.Certificate) error {
+		rawCertList := make([]*x509.Certificate, len(rawCerts))
+		for i, asn1Data := range rawCerts {
+			cert, err := x509.ParseCertificate(asn1Data)
+			if err != nil {
+				return fmt.Errorf("spiffe: verify function could not parse input certificate: %v", err)
+			}
+			rawCertList[i] = cert
+		}
+		if len(rawCertList) == 0 {
+			return fmt.Errorf("spiffe: verify function has no valid input certificates")
+		}
+		leafCert := rawCertList[0]
+		roots, err := spiffe.GetRootsFromSPIFFEBundleMap(spiffeBundleMap, leafCert)
+		if err != nil {
+			return err
+		}
+
+		opts := x509.VerifyOptions{
+			Roots:         roots,
+			CurrentTime:   time.Now(),
+			Intermediates: x509.NewCertPool(),
+		}
+
+		for _, cert := range rawCertList[1:] {
+			opts.Intermediates.AddCert(cert)
+		}
+		// The verified chain is (surprisingly) unused.
+		if _, err = rawCertList[0].Verify(opts); err != nil {
+			return fmt.Errorf("spiffe: x509 certificate Verify failed: %v", err)
+		}
+		return nil
+	}
+}
diff --git a/vendor/google.golang.org/grpc/rpc_util.go b/vendor/google.golang.org/grpc/rpc_util.go
index ad20e9dff2..47ea09f5c9 100644
--- a/vendor/google.golang.org/grpc/rpc_util.go
+++ b/vendor/google.golang.org/grpc/rpc_util.go
@@ -160,6 +160,7 @@ type callInfo struct {
 	codec                 baseCodec
 	maxRetryRPCBufferSize int
 	onFinish              []func(err error)
+	authority             string
 }
 
 func defaultCallInfo() *callInfo {
@@ -365,6 +366,36 @@ func (o MaxRecvMsgSizeCallOption) before(c *callInfo) error {
 }
 func (o MaxRecvMsgSizeCallOption) after(*callInfo, *csAttempt) {}
 
+// CallAuthority returns a CallOption that sets the HTTP/2 :authority header of
+// an RPC to the specified value. When using CallAuthority, the credentials in
+// use must implement the AuthorityValidator interface.
+//
+// # Experimental
+//
+// Notice: This API is EXPERIMENTAL and may be changed or removed in a later
+// release.
+func CallAuthority(authority string) CallOption {
+	return AuthorityOverrideCallOption{Authority: authority}
+}
+
+// AuthorityOverrideCallOption is a CallOption that indicates the HTTP/2
+// :authority header value to use for the call.
+//
+// # Experimental
+//
+// Notice: This type is EXPERIMENTAL and may be changed or removed in a later
+// release.
+type AuthorityOverrideCallOption struct {
+	Authority string
+}
+
+func (o AuthorityOverrideCallOption) before(c *callInfo) error {
+	c.authority = o.Authority
+	return nil
+}
+
+func (o AuthorityOverrideCallOption) after(*callInfo, *csAttempt) {}
+
 // MaxCallSendMsgSize returns a CallOption which sets the maximum message size
 // in bytes the client can send. If this is not set, gRPC uses the default
 // `math.MaxInt32`.
diff --git a/vendor/google.golang.org/grpc/stats/handlers.go b/vendor/google.golang.org/grpc/stats/handlers.go
index dc03731e45..67194a592f 100644
--- a/vendor/google.golang.org/grpc/stats/handlers.go
+++ b/vendor/google.golang.org/grpc/stats/handlers.go
@@ -38,6 +38,15 @@ type RPCTagInfo struct {
 	// FailFast indicates if this RPC is failfast.
 	// This field is only valid on client side, it's always false on server side.
 	FailFast bool
+	// NameResolutionDelay indicates if the RPC needed to wait for the
+	// initial name resolver update before it could begin. This should only
+	// happen if the channel is IDLE when the RPC is started.  Note that
+	// all retry or hedging attempts for an RPC that experienced a delay
+	// will have it set.
+	//
+	// This field is only valid on the client side; it is always false on
+	// the server side.
+	NameResolutionDelay bool
 }
 
 // Handler defines the interface for the related stats handling (e.g., RPCs, connections).
diff --git a/vendor/google.golang.org/grpc/stats/opentelemetry/client_metrics.go b/vendor/google.golang.org/grpc/stats/opentelemetry/client_metrics.go
index 4fffba60fb..7422bebd4f 100644
--- a/vendor/google.golang.org/grpc/stats/opentelemetry/client_metrics.go
+++ b/vendor/google.golang.org/grpc/stats/opentelemetry/client_metrics.go
@@ -21,27 +21,23 @@ import (
 	"sync/atomic"
 	"time"
 
-	otelcodes "go.opentelemetry.io/otel/codes"
-	"go.opentelemetry.io/otel/trace"
+	otelattribute "go.opentelemetry.io/otel/attribute"
+	otelmetric "go.opentelemetry.io/otel/metric"
 	"google.golang.org/grpc"
-	grpccodes "google.golang.org/grpc/codes"
 	estats "google.golang.org/grpc/experimental/stats"
 	istats "google.golang.org/grpc/internal/stats"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/stats"
 	"google.golang.org/grpc/status"
-
-	otelattribute "go.opentelemetry.io/otel/attribute"
-	otelmetric "go.opentelemetry.io/otel/metric"
 )
 
-type clientStatsHandler struct {
+type clientMetricsHandler struct {
 	estats.MetricsRecorder
 	options       Options
 	clientMetrics clientMetrics
 }
 
-func (h *clientStatsHandler) initializeMetrics() {
+func (h *clientMetricsHandler) initializeMetrics() {
 	// Will set no metrics to record, logically making this stats handler a
 	// no-op.
 	if h.options.MetricsOptions.MeterProvider == nil {
@@ -71,12 +67,25 @@ func (h *clientStatsHandler) initializeMetrics() {
 	rm.registerMetrics(metrics, meter)
 }
 
-func (h *clientStatsHandler) unaryInterceptor(ctx context.Context, method string, req, reply any, cc *grpc.ClientConn, invoker grpc.UnaryInvoker, opts ...grpc.CallOption) error {
-	ci := &callInfo{
-		target: cc.CanonicalTarget(),
-		method: h.determineMethod(method, opts...),
+// getOrCreateCallInfo returns the existing callInfo from context if present,
+// or creates and attaches a new one.
+func getOrCreateCallInfo(ctx context.Context, cc *grpc.ClientConn, method string, opts ...grpc.CallOption) (context.Context, *callInfo) {
+	ci := getCallInfo(ctx)
+	if ci == nil {
+		if logger.V(2) {
+			logger.Info("Creating new CallInfo since its not present in context")
+		}
+		ci = &callInfo{
+			target: cc.CanonicalTarget(),
+			method: determineMethod(method, opts...),
+		}
+		ctx = setCallInfo(ctx, ci)
 	}
-	ctx = setCallInfo(ctx, ci)
+	return ctx, ci
+}
+
+func (h *clientMetricsHandler) unaryInterceptor(ctx context.Context, method string, req, reply any, cc *grpc.ClientConn, invoker grpc.UnaryInvoker, opts ...grpc.CallOption) error {
+	ctx, ci := getOrCreateCallInfo(ctx, cc, method, opts...)
 
 	if h.options.MetricsOptions.pluginOption != nil {
 		md := h.options.MetricsOptions.pluginOption.GetMetadata()
@@ -88,19 +97,15 @@ func (h *clientStatsHandler) unaryInterceptor(ctx context.Context, method string
 	}
 
 	startTime := time.Now()
-	var span trace.Span
-	if h.options.isTracingEnabled() {
-		ctx, span = h.createCallTraceSpan(ctx, method)
-	}
 	err := invoker(ctx, method, req, reply, cc, opts...)
-	h.perCallTracesAndMetrics(ctx, err, startTime, ci, span)
+	h.perCallMetrics(ctx, err, startTime, ci)
 	return err
 }
 
 // determineMethod determines the method to record attributes with. This will be
 // "other" if StaticMethod isn't specified or if method filter is set and
 // specifies, the method name as is otherwise.
-func (h *clientStatsHandler) determineMethod(method string, opts ...grpc.CallOption) string {
+func determineMethod(method string, opts ...grpc.CallOption) string {
 	for _, opt := range opts {
 		if _, ok := opt.(grpc.StaticMethodCallOption); ok {
 			return removeLeadingSlash(method)
@@ -109,12 +114,8 @@ func (h *clientStatsHandler) determineMethod(method string, opts ...grpc.CallOpt
 	return "other"
 }
 
-func (h *clientStatsHandler) streamInterceptor(ctx context.Context, desc *grpc.StreamDesc, cc *grpc.ClientConn, method string, streamer grpc.Streamer, opts ...grpc.CallOption) (grpc.ClientStream, error) {
-	ci := &callInfo{
-		target: cc.CanonicalTarget(),
-		method: h.determineMethod(method, opts...),
-	}
-	ctx = setCallInfo(ctx, ci)
+func (h *clientMetricsHandler) streamInterceptor(ctx context.Context, desc *grpc.StreamDesc, cc *grpc.ClientConn, method string, streamer grpc.Streamer, opts ...grpc.CallOption) (grpc.ClientStream, error) {
+	ctx, ci := getOrCreateCallInfo(ctx, cc, method, opts...)
 
 	if h.options.MetricsOptions.pluginOption != nil {
 		md := h.options.MetricsOptions.pluginOption.GetMetadata()
@@ -126,49 +127,45 @@ func (h *clientStatsHandler) streamInterceptor(ctx context.Context, desc *grpc.S
 	}
 
 	startTime := time.Now()
-	var span trace.Span
-	if h.options.isTracingEnabled() {
-		ctx, span = h.createCallTraceSpan(ctx, method)
-	}
 	callback := func(err error) {
-		h.perCallTracesAndMetrics(ctx, err, startTime, ci, span)
+		h.perCallMetrics(ctx, err, startTime, ci)
 	}
 	opts = append([]grpc.CallOption{grpc.OnFinish(callback)}, opts...)
 	return streamer(ctx, desc, cc, method, opts...)
 }
 
-// perCallTracesAndMetrics records per call trace spans and metrics.
-func (h *clientStatsHandler) perCallTracesAndMetrics(ctx context.Context, err error, startTime time.Time, ci *callInfo, ts trace.Span) {
-	if h.options.isTracingEnabled() {
-		s := status.Convert(err)
-		if s.Code() == grpccodes.OK {
-			ts.SetStatus(otelcodes.Ok, s.Message())
-		} else {
-			ts.SetStatus(otelcodes.Error, s.Message())
-		}
-		ts.End()
-	}
-	if h.options.isMetricsEnabled() {
-		callLatency := float64(time.Since(startTime)) / float64(time.Second)
-		attrs := otelmetric.WithAttributeSet(otelattribute.NewSet(
-			otelattribute.String("grpc.method", ci.method),
-			otelattribute.String("grpc.target", ci.target),
-			otelattribute.String("grpc.status", canonicalString(status.Code(err))),
-		))
-		h.clientMetrics.callDuration.Record(ctx, callLatency, attrs)
-	}
+// perCallMetrics records per call metrics for both unary and stream calls.
+func (h *clientMetricsHandler) perCallMetrics(ctx context.Context, err error, startTime time.Time, ci *callInfo) {
+	callLatency := float64(time.Since(startTime)) / float64(time.Second)
+	attrs := otelmetric.WithAttributeSet(otelattribute.NewSet(
+		otelattribute.String("grpc.method", ci.method),
+		otelattribute.String("grpc.target", ci.target),
+		otelattribute.String("grpc.status", canonicalString(status.Code(err))),
+	))
+	h.clientMetrics.callDuration.Record(ctx, callLatency, attrs)
 }
 
 // TagConn exists to satisfy stats.Handler.
-func (h *clientStatsHandler) TagConn(ctx context.Context, _ *stats.ConnTagInfo) context.Context {
+func (h *clientMetricsHandler) TagConn(ctx context.Context, _ *stats.ConnTagInfo) context.Context {
 	return ctx
 }
 
 // HandleConn exists to satisfy stats.Handler.
-func (h *clientStatsHandler) HandleConn(context.Context, stats.ConnStats) {}
+func (h *clientMetricsHandler) HandleConn(context.Context, stats.ConnStats) {}
+
+// getOrCreateRPCAttemptInfo retrieves or creates an rpc attemptInfo object
+// and ensures it is set in the context along with the rpcInfo.
+func getOrCreateRPCAttemptInfo(ctx context.Context) (context.Context, *attemptInfo) {
+	ri := getRPCInfo(ctx)
+	if ri != nil {
+		return ctx, ri.ai
+	}
+	ri = &rpcInfo{ai: &attemptInfo{}}
+	return setRPCInfo(ctx, ri), ri.ai
+}
 
-// TagRPC implements per RPC attempt context management.
-func (h *clientStatsHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo) context.Context {
+// TagRPC implements per RPC attempt context management for metrics.
+func (h *clientMetricsHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo) context.Context {
 	// Numerous stats handlers can be used for the same channel. The cluster
 	// impl balancer which writes to this will only write once, thus have this
 	// stats handler's per attempt scoped context point to the same optional
@@ -185,34 +182,25 @@ func (h *clientStatsHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo)
 		}
 		ctx = istats.SetLabels(ctx, labels)
 	}
-	ai := &attemptInfo{
-		startTime: time.Now(),
-		xdsLabels: labels.TelemetryLabels,
-		method:    removeLeadingSlash(info.FullMethodName),
-	}
-	if h.options.isTracingEnabled() {
-		ctx, ai = h.traceTagRPC(ctx, ai)
-	}
-	return setRPCInfo(ctx, &rpcInfo{
-		ai: ai,
-	})
+	ctx, ai := getOrCreateRPCAttemptInfo(ctx)
+	ai.startTime = time.Now()
+	ai.xdsLabels = labels.TelemetryLabels
+	ai.method = removeLeadingSlash(info.FullMethodName)
+
+	return setRPCInfo(ctx, &rpcInfo{ai: ai})
 }
 
-func (h *clientStatsHandler) HandleRPC(ctx context.Context, rs stats.RPCStats) {
+// HandleRPC handles per RPC stats implementation.
+func (h *clientMetricsHandler) HandleRPC(ctx context.Context, rs stats.RPCStats) {
 	ri := getRPCInfo(ctx)
 	if ri == nil {
 		logger.Error("ctx passed into client side stats handler metrics event handling has no client attempt data present")
 		return
 	}
-	if h.options.isMetricsEnabled() {
-		h.processRPCEvent(ctx, rs, ri.ai)
-	}
-	if h.options.isTracingEnabled() {
-		populateSpan(rs, ri.ai)
-	}
+	h.processRPCEvent(ctx, rs, ri.ai)
 }
 
-func (h *clientStatsHandler) processRPCEvent(ctx context.Context, s stats.RPCStats, ai *attemptInfo) {
+func (h *clientMetricsHandler) processRPCEvent(ctx context.Context, s stats.RPCStats, ai *attemptInfo) {
 	switch st := s.(type) {
 	case *stats.Begin:
 		ci := getCallInfo(ctx)
@@ -240,7 +228,7 @@ func (h *clientStatsHandler) processRPCEvent(ctx context.Context, s stats.RPCSta
 	}
 }
 
-func (h *clientStatsHandler) setLabelsFromPluginOption(ai *attemptInfo, incomingMetadata metadata.MD) {
+func (h *clientMetricsHandler) setLabelsFromPluginOption(ai *attemptInfo, incomingMetadata metadata.MD) {
 	if ai.pluginOptionLabels == nil && h.options.MetricsOptions.pluginOption != nil {
 		labels := h.options.MetricsOptions.pluginOption.GetLabels(incomingMetadata)
 		if labels == nil {
@@ -250,7 +238,7 @@ func (h *clientStatsHandler) setLabelsFromPluginOption(ai *attemptInfo, incoming
 	}
 }
 
-func (h *clientStatsHandler) processRPCEnd(ctx context.Context, ai *attemptInfo, e *stats.End) {
+func (h *clientMetricsHandler) processRPCEnd(ctx context.Context, ai *attemptInfo, e *stats.End) {
 	ci := getCallInfo(ctx)
 	if ci == nil {
 		logger.Error("ctx passed into client side stats handler metrics event handling has no metrics data present")
diff --git a/vendor/google.golang.org/grpc/stats/opentelemetry/client_tracing.go b/vendor/google.golang.org/grpc/stats/opentelemetry/client_tracing.go
index 2cc974b56c..868d6a2fc9 100644
--- a/vendor/google.golang.org/grpc/stats/opentelemetry/client_tracing.go
+++ b/vendor/google.golang.org/grpc/stats/opentelemetry/client_tracing.go
@@ -18,21 +18,80 @@ package opentelemetry
 
 import (
 	"context"
+	"log"
 	"strings"
 
+	otelcodes "go.opentelemetry.io/otel/codes"
 	"go.opentelemetry.io/otel/trace"
 	"google.golang.org/grpc"
+	grpccodes "google.golang.org/grpc/codes"
+	"google.golang.org/grpc/stats"
 	otelinternaltracing "google.golang.org/grpc/stats/opentelemetry/internal/tracing"
+	"google.golang.org/grpc/status"
 )
 
-const tracerName = "grpc-go"
+const (
+	delayedResolutionEventName = "Delayed name resolution complete"
+	tracerName                 = "grpc-go"
+)
+
+type clientTracingHandler struct {
+	options Options
+}
+
+func (h *clientTracingHandler) initializeTraces() {
+	if h.options.TraceOptions.TracerProvider == nil {
+		log.Printf("TracerProvider is not provided in client TraceOptions")
+		return
+	}
+}
+
+func (h *clientTracingHandler) unaryInterceptor(ctx context.Context, method string, req, reply any, cc *grpc.ClientConn, invoker grpc.UnaryInvoker, opts ...grpc.CallOption) error {
+	ctx, _ = getOrCreateCallInfo(ctx, cc, method, opts...)
+
+	var span trace.Span
+	ctx, span = h.createCallTraceSpan(ctx, method)
+	err := invoker(ctx, method, req, reply, cc, opts...)
+	h.finishTrace(err, span)
+	return err
+}
+
+func (h *clientTracingHandler) streamInterceptor(ctx context.Context, desc *grpc.StreamDesc, cc *grpc.ClientConn, method string, streamer grpc.Streamer, opts ...grpc.CallOption) (grpc.ClientStream, error) {
+	ctx, _ = getOrCreateCallInfo(ctx, cc, method, opts...)
+
+	var span trace.Span
+	ctx, span = h.createCallTraceSpan(ctx, method)
+	callback := func(err error) { h.finishTrace(err, span) }
+	opts = append([]grpc.CallOption{grpc.OnFinish(callback)}, opts...)
+	return streamer(ctx, desc, cc, method, opts...)
+}
+
+// finishTrace sets the span status based on the RPC result and ends the span.
+// It is used to finalize tracing for both unary and streaming calls.
+func (h *clientTracingHandler) finishTrace(err error, ts trace.Span) {
+	s := status.Convert(err)
+	if s.Code() == grpccodes.OK {
+		ts.SetStatus(otelcodes.Ok, s.Message())
+	} else {
+		ts.SetStatus(otelcodes.Error, s.Message())
+	}
+	ts.End()
+}
 
 // traceTagRPC populates provided context with a new span using the
 // TextMapPropagator supplied in trace options and internal itracing.carrier.
 // It creates a new outgoing carrier which serializes information about this
 // span into gRPC Metadata, if TextMapPropagator is provided in the trace
 // options. if TextMapPropagator is not provided, it returns the context as is.
-func (h *clientStatsHandler) traceTagRPC(ctx context.Context, ai *attemptInfo) (context.Context, *attemptInfo) {
+func (h *clientTracingHandler) traceTagRPC(ctx context.Context, ai *attemptInfo, nameResolutionDelayed bool) (context.Context, *attemptInfo) {
+	// Add a "Delayed name resolution complete" event to the call span
+	// if there was name resolution delay. In case of multiple retry attempts,
+	// ensure that event is added only once.
+	callSpan := trace.SpanFromContext(ctx)
+	ci := getCallInfo(ctx)
+	if nameResolutionDelayed && !ci.nameResolutionEventAdded.Swap(true) && callSpan.SpanContext().IsValid() {
+		callSpan.AddEvent(delayedResolutionEventName)
+	}
 	mn := "Attempt." + strings.Replace(ai.method, "/", ".", -1)
 	tracer := h.options.TraceOptions.TracerProvider.Tracer(tracerName, trace.WithInstrumentationVersion(grpc.Version))
 	ctx, span := tracer.Start(ctx, mn)
@@ -44,13 +103,34 @@ func (h *clientStatsHandler) traceTagRPC(ctx context.Context, ai *attemptInfo) (
 
 // createCallTraceSpan creates a call span to put in the provided context using
 // provided TraceProvider. If TraceProvider is nil, it returns context as is.
-func (h *clientStatsHandler) createCallTraceSpan(ctx context.Context, method string) (context.Context, trace.Span) {
-	if h.options.TraceOptions.TracerProvider == nil {
-		logger.Error("TraceProvider is not provided in trace options")
-		return ctx, nil
-	}
-	mn := strings.Replace(removeLeadingSlash(method), "/", ".", -1)
+func (h *clientTracingHandler) createCallTraceSpan(ctx context.Context, method string) (context.Context, trace.Span) {
+	mn := "Sent." + strings.Replace(removeLeadingSlash(method), "/", ".", -1)
 	tracer := h.options.TraceOptions.TracerProvider.Tracer(tracerName, trace.WithInstrumentationVersion(grpc.Version))
 	ctx, span := tracer.Start(ctx, mn, trace.WithSpanKind(trace.SpanKindClient))
 	return ctx, span
 }
+
+// TagConn exists to satisfy stats.Handler for tracing.
+func (h *clientTracingHandler) TagConn(ctx context.Context, _ *stats.ConnTagInfo) context.Context {
+	return ctx
+}
+
+// HandleConn exists to satisfy stats.Handler for tracing.
+func (h *clientTracingHandler) HandleConn(context.Context, stats.ConnStats) {}
+
+// TagRPC implements per RPC attempt context management for traces.
+func (h *clientTracingHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo) context.Context {
+	ctx, ai := getOrCreateRPCAttemptInfo(ctx)
+	ctx, ai = h.traceTagRPC(ctx, ai, info.NameResolutionDelay)
+	return setRPCInfo(ctx, &rpcInfo{ai: ai})
+}
+
+// HandleRPC handles per RPC tracing implementation.
+func (h *clientTracingHandler) HandleRPC(ctx context.Context, rs stats.RPCStats) {
+	ri := getRPCInfo(ctx)
+	if ri == nil {
+		logger.Error("ctx passed into client side tracing handler trace event handling has no client attempt data present")
+		return
+	}
+	populateSpan(rs, ri.ai)
+}
diff --git a/vendor/google.golang.org/grpc/stats/opentelemetry/opentelemetry.go b/vendor/google.golang.org/grpc/stats/opentelemetry/opentelemetry.go
index d99169e2da..cd01f86c49 100644
--- a/vendor/google.golang.org/grpc/stats/opentelemetry/opentelemetry.go
+++ b/vendor/google.golang.org/grpc/stats/opentelemetry/opentelemetry.go
@@ -25,6 +25,7 @@ package opentelemetry
 import (
 	"context"
 	"strings"
+	"sync/atomic"
 	"time"
 
 	otelattribute "go.opentelemetry.io/otel/attribute"
@@ -117,10 +118,23 @@ type MetricsOptions struct {
 // MeterProvider. If the passed in Meter Provider does not have the view
 // configured for an individual metric turned on, the API call in this component
 // will create a default view for that metric.
+//
+// For the traces supported by this instrumentation code, provide an
+// implementation of a TextMapPropagator and OpenTelemetry TracerProvider.
 func DialOption(o Options) grpc.DialOption {
-	csh := &clientStatsHandler{options: o}
-	csh.initializeMetrics()
-	return joinDialOptions(grpc.WithChainUnaryInterceptor(csh.unaryInterceptor), grpc.WithChainStreamInterceptor(csh.streamInterceptor), grpc.WithStatsHandler(csh))
+	var metricsOpts, tracingOpts []grpc.DialOption
+
+	if o.isMetricsEnabled() {
+		metricsHandler := &clientMetricsHandler{options: o}
+		metricsHandler.initializeMetrics()
+		metricsOpts = append(metricsOpts, grpc.WithChainUnaryInterceptor(metricsHandler.unaryInterceptor), grpc.WithChainStreamInterceptor(metricsHandler.streamInterceptor), grpc.WithStatsHandler(metricsHandler))
+	}
+	if o.isTracingEnabled() {
+		tracingHandler := &clientTracingHandler{options: o}
+		tracingHandler.initializeTraces()
+		tracingOpts = append(tracingOpts, grpc.WithChainUnaryInterceptor(tracingHandler.unaryInterceptor), grpc.WithChainStreamInterceptor(tracingHandler.streamInterceptor), grpc.WithStatsHandler(tracingHandler))
+	}
+	return joinDialOptions(append(metricsOpts, tracingOpts...)...)
 }
 
 var joinServerOptions = internal.JoinServerOptions.(func(...grpc.ServerOption) grpc.ServerOption)
@@ -137,10 +151,23 @@ var joinServerOptions = internal.JoinServerOptions.(func(...grpc.ServerOption) g
 // MeterProvider. If the passed in Meter Provider does not have the view
 // configured for an individual metric turned on, the API call in this component
 // will create a default view for that metric.
+//
+// For the traces supported by this instrumentation code, provide an
+// implementation of a TextMapPropagator and OpenTelemetry TracerProvider.
 func ServerOption(o Options) grpc.ServerOption {
-	ssh := &serverStatsHandler{options: o}
-	ssh.initializeMetrics()
-	return joinServerOptions(grpc.ChainUnaryInterceptor(ssh.unaryInterceptor), grpc.ChainStreamInterceptor(ssh.streamInterceptor), grpc.StatsHandler(ssh))
+	var metricsOpts, tracingOpts []grpc.ServerOption
+
+	if o.isMetricsEnabled() {
+		metricsHandler := &serverMetricsHandler{options: o}
+		metricsHandler.initializeMetrics()
+		metricsOpts = append(metricsOpts, grpc.ChainUnaryInterceptor(metricsHandler.unaryInterceptor), grpc.ChainStreamInterceptor(metricsHandler.streamInterceptor), grpc.StatsHandler(metricsHandler))
+	}
+	if o.isTracingEnabled() {
+		tracingHandler := &serverTracingHandler{options: o}
+		tracingHandler.initializeTraces()
+		tracingOpts = append(tracingOpts, grpc.StatsHandler(tracingHandler))
+	}
+	return joinServerOptions(append(metricsOpts, tracingOpts...)...)
 }
 
 // callInfo is information pertaining to the lifespan of the RPC client side.
@@ -148,6 +175,10 @@ type callInfo struct {
 	target string
 
 	method string
+
+	// nameResolutionEventAdded is set when the resolver delay trace event
+	// is added. Prevents duplicate events, since it is reported per-attempt.
+	nameResolutionEventAdded atomic.Bool
 }
 
 type callInfoKey struct{}
diff --git a/vendor/google.golang.org/grpc/stats/opentelemetry/server_metrics.go b/vendor/google.golang.org/grpc/stats/opentelemetry/server_metrics.go
index da3f60a9eb..a02fc33b94 100644
--- a/vendor/google.golang.org/grpc/stats/opentelemetry/server_metrics.go
+++ b/vendor/google.golang.org/grpc/stats/opentelemetry/server_metrics.go
@@ -21,24 +21,24 @@ import (
 	"sync/atomic"
 	"time"
 
+	otelattribute "go.opentelemetry.io/otel/attribute"
+	otelmetric "go.opentelemetry.io/otel/metric"
+
 	"google.golang.org/grpc"
 	estats "google.golang.org/grpc/experimental/stats"
 	"google.golang.org/grpc/internal"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/stats"
 	"google.golang.org/grpc/status"
-
-	otelattribute "go.opentelemetry.io/otel/attribute"
-	otelmetric "go.opentelemetry.io/otel/metric"
 )
 
-type serverStatsHandler struct {
+type serverMetricsHandler struct {
 	estats.MetricsRecorder
 	options       Options
 	serverMetrics serverMetrics
 }
 
-func (h *serverStatsHandler) initializeMetrics() {
+func (h *serverMetricsHandler) initializeMetrics() {
 	// Will set no metrics to record, logically making this stats handler a
 	// no-op.
 	if h.options.MetricsOptions.MeterProvider == nil {
@@ -90,7 +90,7 @@ func (s *attachLabelsTransportStream) SendHeader(md metadata.MD) error {
 	return s.ServerTransportStream.SendHeader(md)
 }
 
-func (h *serverStatsHandler) unaryInterceptor(ctx context.Context, req any, _ *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error) {
+func (h *serverMetricsHandler) unaryInterceptor(ctx context.Context, req any, _ *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error) {
 	var metadataExchangeLabels metadata.MD
 	if h.options.MetricsOptions.pluginOption != nil {
 		metadataExchangeLabels = h.options.MetricsOptions.pluginOption.GetMetadata()
@@ -151,7 +151,7 @@ func (s *attachLabelsStream) SendMsg(m any) error {
 	return s.ServerStream.SendMsg(m)
 }
 
-func (h *serverStatsHandler) streamInterceptor(srv any, ss grpc.ServerStream, _ *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
+func (h *serverMetricsHandler) streamInterceptor(srv any, ss grpc.ServerStream, _ *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
 	var metadataExchangeLabels metadata.MD
 	if h.options.MetricsOptions.pluginOption != nil {
 		metadataExchangeLabels = h.options.MetricsOptions.pluginOption.GetMetadata()
@@ -171,15 +171,15 @@ func (h *serverStatsHandler) streamInterceptor(srv any, ss grpc.ServerStream, _
 }
 
 // TagConn exists to satisfy stats.Handler.
-func (h *serverStatsHandler) TagConn(ctx context.Context, _ *stats.ConnTagInfo) context.Context {
+func (h *serverMetricsHandler) TagConn(ctx context.Context, _ *stats.ConnTagInfo) context.Context {
 	return ctx
 }
 
 // HandleConn exists to satisfy stats.Handler.
-func (h *serverStatsHandler) HandleConn(context.Context, stats.ConnStats) {}
+func (h *serverMetricsHandler) HandleConn(context.Context, stats.ConnStats) {}
 
-// TagRPC implements per RPC context management.
-func (h *serverStatsHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo) context.Context {
+// TagRPC implements per RPC context management for metrics.
+func (h *serverMetricsHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo) context.Context {
 	method := info.FullMethodName
 	if h.options.MetricsOptions.MethodAttributeFilter != nil {
 		if !h.options.MetricsOptions.MethodAttributeFilter(method) {
@@ -196,35 +196,24 @@ func (h *serverStatsHandler) TagRPC(ctx context.Context, info *stats.RPCTagInfo)
 			method = "other"
 		}
 	}
+	ctx, ai := getOrCreateRPCAttemptInfo(ctx)
+	ai.startTime = time.Now()
+	ai.method = removeLeadingSlash(method)
 
-	ai := &attemptInfo{
-		startTime: time.Now(),
-		method:    removeLeadingSlash(method),
-	}
-	if h.options.isTracingEnabled() {
-		ctx, ai = h.traceTagRPC(ctx, ai)
-	}
-	return setRPCInfo(ctx, &rpcInfo{
-		ai: ai,
-	})
+	return setRPCInfo(ctx, &rpcInfo{ai: ai})
 }
 
-// HandleRPC implements per RPC tracing and stats implementation.
-func (h *serverStatsHandler) HandleRPC(ctx context.Context, rs stats.RPCStats) {
+// HandleRPC handles per RPC stats implementation.
+func (h *serverMetricsHandler) HandleRPC(ctx context.Context, rs stats.RPCStats) {
 	ri := getRPCInfo(ctx)
 	if ri == nil {
 		logger.Error("ctx passed into server side stats handler metrics event handling has no server call data present")
 		return
 	}
-	if h.options.isTracingEnabled() {
-		populateSpan(rs, ri.ai)
-	}
-	if h.options.isMetricsEnabled() {
-		h.processRPCData(ctx, rs, ri.ai)
-	}
+	h.processRPCData(ctx, rs, ri.ai)
 }
 
-func (h *serverStatsHandler) processRPCData(ctx context.Context, s stats.RPCStats, ai *attemptInfo) {
+func (h *serverMetricsHandler) processRPCData(ctx context.Context, s stats.RPCStats, ai *attemptInfo) {
 	switch st := s.(type) {
 	case *stats.InHeader:
 		if ai.pluginOptionLabels == nil && h.options.MetricsOptions.pluginOption != nil {
@@ -248,7 +237,7 @@ func (h *serverStatsHandler) processRPCData(ctx context.Context, s stats.RPCStat
 	}
 }
 
-func (h *serverStatsHandler) processRPCEnd(ctx context.Context, ai *attemptInfo, e *stats.End) {
+func (h *serverMetricsHandler) processRPCEnd(ctx context.Context, ai *attemptInfo, e *stats.End) {
 	latency := float64(time.Since(ai.startTime)) / float64(time.Second)
 	st := "OK"
 	if e.Error != nil {
diff --git a/vendor/google.golang.org/grpc/stats/opentelemetry/server_tracing.go b/vendor/google.golang.org/grpc/stats/opentelemetry/server_tracing.go
index f04d28c52e..0e2181bf11 100644
--- a/vendor/google.golang.org/grpc/stats/opentelemetry/server_tracing.go
+++ b/vendor/google.golang.org/grpc/stats/opentelemetry/server_tracing.go
@@ -18,13 +18,33 @@ package opentelemetry
 
 import (
 	"context"
+	"log"
 	"strings"
 
 	"go.opentelemetry.io/otel/trace"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/stats"
 	otelinternaltracing "google.golang.org/grpc/stats/opentelemetry/internal/tracing"
 )
 
+type serverTracingHandler struct {
+	options Options
+}
+
+func (h *serverTracingHandler) initializeTraces() {
+	if h.options.TraceOptions.TracerProvider == nil {
+		log.Printf("TracerProvider is not provided in server TraceOptions")
+		return
+	}
+}
+
+// TagRPC implements per RPC attempt context management for traces.
+func (h *serverTracingHandler) TagRPC(ctx context.Context, _ *stats.RPCTagInfo) context.Context {
+	ctx, ai := getOrCreateRPCAttemptInfo(ctx)
+	ctx, ai = h.traceTagRPC(ctx, ai)
+	return setRPCInfo(ctx, &rpcInfo{ai: ai})
+}
+
 // traceTagRPC populates context with new span data using the TextMapPropagator
 // supplied in trace options and internal itracing.Carrier. It creates a new
 // incoming carrier which extracts an existing span context (if present) by
@@ -32,8 +52,8 @@ import (
 // is set as parent of the new span otherwise new span remains the root span.
 // If TextMapPropagator is not provided in the trace options, it returns context
 // as is.
-func (h *serverStatsHandler) traceTagRPC(ctx context.Context, ai *attemptInfo) (context.Context, *attemptInfo) {
-	mn := strings.Replace(ai.method, "/", ".", -1)
+func (h *serverTracingHandler) traceTagRPC(ctx context.Context, ai *attemptInfo) (context.Context, *attemptInfo) {
+	mn := "Recv." + strings.Replace(ai.method, "/", ".", -1)
 	var span trace.Span
 	tracer := h.options.TraceOptions.TracerProvider.Tracer(tracerName, trace.WithInstrumentationVersion(grpc.Version))
 	ctx = h.options.TraceOptions.TextMapPropagator.Extract(ctx, otelinternaltracing.NewIncomingCarrier(ctx))
@@ -44,3 +64,21 @@ func (h *serverStatsHandler) traceTagRPC(ctx context.Context, ai *attemptInfo) (
 	ai.traceSpan = span
 	return ctx, ai
 }
+
+// HandleRPC handles per RPC tracing implementation.
+func (h *serverTracingHandler) HandleRPC(ctx context.Context, rs stats.RPCStats) {
+	ri := getRPCInfo(ctx)
+	if ri == nil {
+		logger.Error("ctx passed into server side tracing handler trace event handling has no server call data present")
+		return
+	}
+	populateSpan(rs, ri.ai)
+}
+
+// TagConn exists to satisfy stats.Handler for tracing.
+func (h *serverTracingHandler) TagConn(ctx context.Context, _ *stats.ConnTagInfo) context.Context {
+	return ctx
+}
+
+// HandleConn exists to satisfy stats.Handler for tracing.
+func (h *serverTracingHandler) HandleConn(context.Context, stats.ConnStats) {}
diff --git a/vendor/google.golang.org/grpc/stats/opentelemetry/trace.go b/vendor/google.golang.org/grpc/stats/opentelemetry/trace.go
index 4a49d8b033..efafdd0756 100644
--- a/vendor/google.golang.org/grpc/stats/opentelemetry/trace.go
+++ b/vendor/google.golang.org/grpc/stats/opentelemetry/trace.go
@@ -57,18 +57,24 @@ func populateSpan(rs stats.RPCStats, ai *attemptInfo) {
 	case *stats.InPayload:
 		// message id - "must be calculated as two different counters starting
 		// from one for sent messages and one for received messages."
-		span.AddEvent("Inbound compressed message", trace.WithAttributes(
+		attrs := []attribute.KeyValue{
 			attribute.Int64("sequence-number", int64(ai.countRecvMsg)),
 			attribute.Int64("message-size", int64(rs.Length)),
-			attribute.Int64("message-size-compressed", int64(rs.CompressedLength)),
-		))
+		}
+		if rs.CompressedLength != rs.Length {
+			attrs = append(attrs, attribute.Int64("message-size-compressed", int64(rs.CompressedLength)))
+		}
+		span.AddEvent("Inbound message", trace.WithAttributes(attrs...))
 		ai.countRecvMsg++
 	case *stats.OutPayload:
-		span.AddEvent("Outbound compressed message", trace.WithAttributes(
+		attrs := []attribute.KeyValue{
 			attribute.Int64("sequence-number", int64(ai.countSentMsg)),
 			attribute.Int64("message-size", int64(rs.Length)),
-			attribute.Int64("message-size-compressed", int64(rs.CompressedLength)),
-		))
+		}
+		if rs.CompressedLength != rs.Length {
+			attrs = append(attrs, attribute.Int64("message-size-compressed", int64(rs.CompressedLength)))
+		}
+		span.AddEvent("Outbound message", trace.WithAttributes(attrs...))
 		ai.countSentMsg++
 	case *stats.End:
 		if rs.Error != nil {
diff --git a/vendor/google.golang.org/grpc/stream.go b/vendor/google.golang.org/grpc/stream.go
index 12163150ba..d58bb6471a 100644
--- a/vendor/google.golang.org/grpc/stream.go
+++ b/vendor/google.golang.org/grpc/stream.go
@@ -101,9 +101,9 @@ type ClientStream interface {
 	// It must only be called after stream.CloseAndRecv has returned, or
 	// stream.Recv has returned a non-nil error (including io.EOF).
 	Trailer() metadata.MD
-	// CloseSend closes the send direction of the stream. It closes the stream
-	// when non-nil error is met. It is also not safe to call CloseSend
-	// concurrently with SendMsg.
+	// CloseSend closes the send direction of the stream. This method always
+	// returns a nil error. The status of the stream may be discovered using
+	// RecvMsg. It is also not safe to call CloseSend concurrently with SendMsg.
 	CloseSend() error
 	// Context returns the context for this stream.
 	//
@@ -212,14 +212,15 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 	}
 	// Provide an opportunity for the first RPC to see the first service config
 	// provided by the resolver.
-	if err := cc.waitForResolvedAddrs(ctx); err != nil {
+	nameResolutionDelayed, err := cc.waitForResolvedAddrs(ctx)
+	if err != nil {
 		return nil, err
 	}
 
 	var mc serviceconfig.MethodConfig
 	var onCommit func()
 	newStream := func(ctx context.Context, done func()) (iresolver.ClientStream, error) {
-		return newClientStreamWithParams(ctx, desc, cc, method, mc, onCommit, done, opts...)
+		return newClientStreamWithParams(ctx, desc, cc, method, mc, onCommit, done, nameResolutionDelayed, opts...)
 	}
 
 	rpcInfo := iresolver.RPCInfo{Context: ctx, Method: method}
@@ -257,7 +258,7 @@ func newClientStream(ctx context.Context, desc *StreamDesc, cc *ClientConn, meth
 	return newStream(ctx, func() {})
 }
 
-func newClientStreamWithParams(ctx context.Context, desc *StreamDesc, cc *ClientConn, method string, mc serviceconfig.MethodConfig, onCommit, doneFunc func(), opts ...CallOption) (_ iresolver.ClientStream, err error) {
+func newClientStreamWithParams(ctx context.Context, desc *StreamDesc, cc *ClientConn, method string, mc serviceconfig.MethodConfig, onCommit, doneFunc func(), nameResolutionDelayed bool, opts ...CallOption) (_ iresolver.ClientStream, err error) {
 	callInfo := defaultCallInfo()
 	if mc.WaitForReady != nil {
 		callInfo.failFast = !*mc.WaitForReady
@@ -296,6 +297,7 @@ func newClientStreamWithParams(ctx context.Context, desc *StreamDesc, cc *Client
 		Method:         method,
 		ContentSubtype: callInfo.contentSubtype,
 		DoneFunc:       doneFunc,
+		Authority:      callInfo.authority,
 	}
 
 	// Set our outgoing compression according to the UseCompressor CallOption, if
@@ -321,19 +323,20 @@ func newClientStreamWithParams(ctx context.Context, desc *StreamDesc, cc *Client
 	}
 
 	cs := &clientStream{
-		callHdr:      callHdr,
-		ctx:          ctx,
-		methodConfig: &mc,
-		opts:         opts,
-		callInfo:     callInfo,
-		cc:           cc,
-		desc:         desc,
-		codec:        callInfo.codec,
-		compressorV0: compressorV0,
-		compressorV1: compressorV1,
-		cancel:       cancel,
-		firstAttempt: true,
-		onCommit:     onCommit,
+		callHdr:             callHdr,
+		ctx:                 ctx,
+		methodConfig:        &mc,
+		opts:                opts,
+		callInfo:            callInfo,
+		cc:                  cc,
+		desc:                desc,
+		codec:               callInfo.codec,
+		compressorV0:        compressorV0,
+		compressorV1:        compressorV1,
+		cancel:              cancel,
+		firstAttempt:        true,
+		onCommit:            onCommit,
+		nameResolutionDelay: nameResolutionDelayed,
 	}
 	if !cc.dopts.disableRetry {
 		cs.retryThrottler = cc.retryThrottler.Load().(*retryThrottler)
@@ -417,7 +420,7 @@ func (cs *clientStream) newAttemptLocked(isTransparent bool) (*csAttempt, error)
 	var beginTime time.Time
 	shs := cs.cc.dopts.copts.StatsHandlers
 	for _, sh := range shs {
-		ctx = sh.TagRPC(ctx, &stats.RPCTagInfo{FullMethodName: method, FailFast: cs.callInfo.failFast})
+		ctx = sh.TagRPC(ctx, &stats.RPCTagInfo{FullMethodName: method, FailFast: cs.callInfo.failFast, NameResolutionDelay: cs.nameResolutionDelay})
 		beginTime = time.Now()
 		begin := &stats.Begin{
 			Client:                    true,
@@ -573,6 +576,9 @@ type clientStream struct {
 	onCommit         func()
 	replayBuffer     []replayOp // operations to replay on retry
 	replayBufferSize int        // current size of replayBuffer
+	// nameResolutionDelay indicates if there was a delay in the name resolution.
+	// This field is only valid on client side, it's always false on server side.
+	nameResolutionDelay bool
 }
 
 type replayOp struct {
@@ -987,7 +993,7 @@ func (cs *clientStream) RecvMsg(m any) error {
 
 func (cs *clientStream) CloseSend() error {
 	if cs.sentLast {
-		// TODO: return an error and finish the stream instead, due to API misuse?
+		// Return a nil error on repeated calls to this method.
 		return nil
 	}
 	cs.sentLast = true
@@ -1008,7 +1014,10 @@ func (cs *clientStream) CloseSend() error {
 			binlog.Log(cs.ctx, chc)
 		}
 	}
-	// We never returned an error here for reasons.
+	// We don't return an error here as we expect users to read all messages
+	// from the stream and get the RPC status from RecvMsg().  Note that
+	// SendMsg() must return an error when one occurs so the application
+	// knows to stop sending messages, but that does not apply here.
 	return nil
 }
 
@@ -1372,7 +1381,7 @@ func (as *addrConnStream) Trailer() metadata.MD {
 
 func (as *addrConnStream) CloseSend() error {
 	if as.sentLast {
-		// TODO: return an error and finish the stream instead, due to API misuse?
+		// Return a nil error on repeated calls to this method.
 		return nil
 	}
 	as.sentLast = true
diff --git a/vendor/google.golang.org/grpc/version.go b/vendor/google.golang.org/grpc/version.go
index 90237b1dbb..bd82673dc9 100644
--- a/vendor/google.golang.org/grpc/version.go
+++ b/vendor/google.golang.org/grpc/version.go
@@ -19,4 +19,4 @@
 package grpc
 
 // Version is the current grpc version.
-const Version = "1.72.0"
+const Version = "1.73.0"
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cdsbalancer.go b/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cdsbalancer.go
index 3572ff3433..fa34748c88 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cdsbalancer.go
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cdsbalancer.go
@@ -542,38 +542,27 @@ func (b *cdsBalancer) onClusterUpdate(name string, update xdsresource.ClusterUpd
 	}
 }
 
-// Handles an error Cluster update from the xDS client. Propagates the error
-// down to the child policy if one exists, or puts the channel in
-// TRANSIENT_FAILURE.
+// Handles an ambient error Cluster update from the xDS client to not stop
+// using the previously seen resource.
 //
 // Only executed in the context of a serializer callback.
-func (b *cdsBalancer) onClusterError(name string, err error) {
-	b.logger.Warningf("Cluster resource %q received error update: %v", name, err)
+func (b *cdsBalancer) onClusterAmbientError(name string, err error) {
+	b.logger.Warningf("Cluster resource %q received ambient error update: %v", name, err)
 
-	if b.childLB != nil {
-		if xdsresource.ErrType(err) != xdsresource.ErrorTypeConnection {
-			// Connection errors will be sent to the child balancers directly.
-			// There's no need to forward them.
-			b.childLB.ResolverError(err)
-		}
-	} else {
-		// If child balancer was never created, fail the RPCs with
-		// errors.
-		b.ccw.UpdateState(balancer.State{
-			ConnectivityState: connectivity.TransientFailure,
-			Picker:            base.NewErrPicker(fmt.Errorf("%q: %v", name, err)),
-		})
+	if xdsresource.ErrType(err) != xdsresource.ErrorTypeConnection && b.childLB != nil {
+		// Connection errors will be sent to the child balancers directly.
+		// There's no need to forward them.
+		b.childLB.ResolverError(err)
 	}
 }
 
-// Handles a resource-not-found error from the xDS client. Propagates the error
-// down to the child policy if one exists, or puts the channel in
-// TRANSIENT_FAILURE.
+// Handles an error Cluster update from the xDS client to stop using the
+// previously seen resource. Propagates the error down to the child policy
+// if one exists, and puts the channel in TRANSIENT_FAILURE.
 //
 // Only executed in the context of a serializer callback.
-func (b *cdsBalancer) onClusterResourceNotFound(name string) {
-	b.logger.Warningf("CDS watch for resource %q reported resource-does-not-exist error", name)
-	err := b.annotateErrorWithNodeID(xdsresource.NewErrorf(xdsresource.ErrorTypeResourceNotFound, "cluster %q not found", name))
+func (b *cdsBalancer) onClusterResourceError(name string, err error) {
+	b.logger.Warningf("CDS watch for resource %q reported resource error", name)
 	b.closeChildPolicyAndReportTF(err)
 }
 
@@ -677,6 +666,14 @@ func (b *cdsBalancer) generateDMsForCluster(name string, depth int, dms []cluste
 	return append(dms, dm), true, nil
 }
 
+func (b *cdsBalancer) onClusterError(name string, err error) {
+	if b.childLB != nil {
+		b.onClusterAmbientError(name, err)
+	} else {
+		b.onClusterResourceError(name, err)
+	}
+}
+
 // ccWrapper wraps the balancer.ClientConn passed to the CDS balancer at
 // creation and intercepts the NewSubConn() and UpdateAddresses() call from the
 // child policy to add security configuration required by xDS credentials.
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cluster_watcher.go b/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cluster_watcher.go
index 835461d099..a9adea0c80 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cluster_watcher.go
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/cdsbalancer/cluster_watcher.go
@@ -32,19 +32,19 @@ type clusterWatcher struct {
 	parent *cdsBalancer
 }
 
-func (cw *clusterWatcher) OnUpdate(u *xdsresource.ClusterResourceData, onDone xdsresource.OnDoneFunc) {
+func (cw *clusterWatcher) ResourceChanged(u *xdsresource.ClusterResourceData, onDone func()) {
 	handleUpdate := func(context.Context) { cw.parent.onClusterUpdate(cw.name, u.Resource); onDone() }
 	cw.parent.serializer.ScheduleOr(handleUpdate, onDone)
 }
 
-func (cw *clusterWatcher) OnError(err error, onDone xdsresource.OnDoneFunc) {
-	handleError := func(context.Context) { cw.parent.onClusterError(cw.name, err); onDone() }
-	cw.parent.serializer.ScheduleOr(handleError, onDone)
+func (cw *clusterWatcher) ResourceError(err error, onDone func()) {
+	handleResourceError := func(context.Context) { cw.parent.onClusterResourceError(cw.name, err); onDone() }
+	cw.parent.serializer.ScheduleOr(handleResourceError, onDone)
 }
 
-func (cw *clusterWatcher) OnResourceDoesNotExist(onDone xdsresource.OnDoneFunc) {
-	handleNotFound := func(context.Context) { cw.parent.onClusterResourceNotFound(cw.name); onDone() }
-	cw.parent.serializer.ScheduleOr(handleNotFound, onDone)
+func (cw *clusterWatcher) AmbientError(err error, onDone func()) {
+	handleError := func(context.Context) { cw.parent.onClusterAmbientError(cw.name, err); onDone() }
+	cw.parent.serializer.ScheduleOr(handleError, onDone)
 }
 
 // watcherState groups the state associated with a clusterWatcher.
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/clusterimpl/picker.go b/vendor/google.golang.org/grpc/xds/internal/balancer/clusterimpl/picker.go
index cd94182fa7..018122f2c6 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/clusterimpl/picker.go
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/clusterimpl/picker.go
@@ -139,13 +139,9 @@ func (d *picker) Pick(info balancer.PickInfo) (balancer.PickResult, error) {
 		// This OK check also covers the case err!=nil, because SubConn will be
 		// nil.
 		pr.SubConn = scw.SubConn
-		var e error
 		// If locality ID isn't found in the wrapper, an empty locality ID will
 		// be used.
-		lIDStr, e = scw.localityID().ToString()
-		if e != nil {
-			logger.Infof("failed to marshal LocalityID: %#v, loads won't be reported", scw.localityID())
-		}
+		lIDStr = scw.localityID().ToString()
 	}
 
 	if err != nil {
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/configbuilder.go b/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/configbuilder.go
index fb2bc76291..72a023646a 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/configbuilder.go
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/configbuilder.go
@@ -257,10 +257,7 @@ func priorityLocalitiesToClusterImpl(localities []xdsresource.Locality, priority
 		if locality.Weight != 0 {
 			lw = locality.Weight
 		}
-		localityStr, err := locality.ID.ToString()
-		if err != nil {
-			localityStr = fmt.Sprintf("%+v", locality.ID)
-		}
+		localityStr := locality.ID.ToString()
 		for _, endpoint := range locality.Endpoints {
 			// Filter out all "unhealthy" endpoints (unknown and healthy are
 			// both considered to be healthy:
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/resource_resolver.go b/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/resource_resolver.go
index d9315c3ace..c1a656c597 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/resource_resolver.go
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/resource_resolver.go
@@ -38,7 +38,7 @@ type resourceUpdate struct {
 	priorities []priorityConfig
 	// To be invoked once the update is completely processed, or is dropped in
 	// favor of a newer update.
-	onDone xdsresource.OnDoneFunc
+	onDone func()
 }
 
 // topLevelResolver is used by concrete endpointsResolver implementations for
@@ -50,7 +50,7 @@ type topLevelResolver interface {
 	// endpointsResolver implementation. The onDone callback is to be invoked
 	// once the update is completely processed, or is dropped in favor of a
 	// newer update.
-	onUpdate(onDone xdsresource.OnDoneFunc)
+	onUpdate(onDone func())
 }
 
 // endpointsResolver wraps the functionality to resolve a given resource name to
@@ -282,7 +282,7 @@ func (rr *resourceResolver) stop(closing bool) {
 // clusterresolver LB policy.
 //
 // Caller must hold rr.mu.
-func (rr *resourceResolver) generateLocked(onDone xdsresource.OnDoneFunc) {
+func (rr *resourceResolver) generateLocked(onDone func()) {
 	var ret []priorityConfig
 	for _, rDM := range rr.children {
 		u, ok := rDM.r.lastUpdate()
@@ -312,7 +312,7 @@ func (rr *resourceResolver) generateLocked(onDone xdsresource.OnDoneFunc) {
 	rr.updateChannel <- &resourceUpdate{priorities: ret, onDone: onDone}
 }
 
-func (rr *resourceResolver) onUpdate(onDone xdsresource.OnDoneFunc) {
+func (rr *resourceResolver) onUpdate(onDone func()) {
 	handleUpdate := func(context.Context) {
 		rr.mu.Lock()
 		rr.generateLocked(onDone)
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/resource_resolver_eds.go b/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/resource_resolver_eds.go
index 31a06c4c7c..043def9507 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/resource_resolver_eds.go
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/clusterresolver/resource_resolver_eds.go
@@ -75,8 +75,8 @@ func newEDSResolver(nameToWatch string, producer xdsresource.Producer, topLevelR
 	return ret
 }
 
-// OnUpdate is invoked to report an update for the resource being watched.
-func (er *edsDiscoveryMechanism) OnUpdate(update *xdsresource.EndpointsResourceData, onDone xdsresource.OnDoneFunc) {
+// ResourceChanged is invoked to report an update for the resource being watched.
+func (er *edsDiscoveryMechanism) ResourceChanged(update *xdsresource.EndpointsResourceData, onDone func()) {
 	if er.stopped.HasFired() {
 		onDone()
 		return
@@ -89,54 +89,36 @@ func (er *edsDiscoveryMechanism) OnUpdate(update *xdsresource.EndpointsResourceD
 	er.topLevelResolver.onUpdate(onDone)
 }
 
-func (er *edsDiscoveryMechanism) OnError(err error, onDone xdsresource.OnDoneFunc) {
+func (er *edsDiscoveryMechanism) ResourceError(err error, onDone func()) {
 	if er.stopped.HasFired() {
 		onDone()
 		return
 	}
 
 	if er.logger.V(2) {
-		er.logger.Infof("EDS discovery mechanism for resource %q reported error: %v", er.nameToWatch, err)
+		er.logger.Infof("EDS discovery mechanism for resource %q reported resource error: %v", er.nameToWatch, err)
 	}
 
-	er.mu.Lock()
-	if er.update != nil {
-		// Continue using a previously received good configuration if one
-		// exists.
-		er.mu.Unlock()
-		onDone()
-		return
-	}
-
-	// Else report an empty update that would result in no priority child being
+	// Report an empty update that would result in no priority child being
 	// created for this discovery mechanism. This would result in the priority
 	// LB policy reporting TRANSIENT_FAILURE (as there would be no priorities or
 	// localities) if this was the only discovery mechanism, or would result in
 	// the priority LB policy using a lower priority discovery mechanism when
 	// that becomes available.
+	er.mu.Lock()
 	er.update = &xdsresource.EndpointsUpdate{}
 	er.mu.Unlock()
 
 	er.topLevelResolver.onUpdate(onDone)
 }
 
-func (er *edsDiscoveryMechanism) OnResourceDoesNotExist(onDone xdsresource.OnDoneFunc) {
+func (er *edsDiscoveryMechanism) AmbientError(err error, onDone func()) {
 	if er.stopped.HasFired() {
 		onDone()
 		return
 	}
 
-	er.logger.Warningf("EDS discovery mechanism for resource %q reported resource-does-not-exist error", er.nameToWatch)
-
-	// Report an empty update that would result in no priority child being
-	// created for this discovery mechanism. This would result in the priority
-	// LB policy reporting TRANSIENT_FAILURE (as there would be no priorities or
-	// localities) if this was the only discovery mechanism, or would result in
-	// the priority LB policy using a lower priority discovery mechanism when
-	// that becomes available.
-	er.mu.Lock()
-	er.update = &xdsresource.EndpointsUpdate{}
-	er.mu.Unlock()
-
-	er.topLevelResolver.onUpdate(onDone)
+	if er.logger.V(2) {
+		er.logger.Infof("EDS discovery mechanism for resource %q reported ambient error: %v", er.nameToWatch, err)
+	}
 }
diff --git a/vendor/google.golang.org/grpc/xds/internal/balancer/wrrlocality/balancer.go b/vendor/google.golang.org/grpc/xds/internal/balancer/wrrlocality/balancer.go
index 2b289a8114..065de200f4 100644
--- a/vendor/google.golang.org/grpc/xds/internal/balancer/wrrlocality/balancer.go
+++ b/vendor/google.golang.org/grpc/xds/internal/balancer/wrrlocality/balancer.go
@@ -167,11 +167,7 @@ func (b *wrrLocalityBalancer) UpdateClientConnState(s balancer.ClientConnState)
 		// shouldn't happen though (this attribute that is set actually gets
 		// used to build localities in the first place), and thus don't error
 		// out, and just build a weighted target with undefined behavior.
-		locality, err := internal.GetLocalityID(addr).ToString()
-		if err != nil {
-			// Should never happen.
-			logger.Errorf("Failed to marshal LocalityID: %v, skipping this locality in weighted target")
-		}
+		locality := internal.GetLocalityID(addr).ToString()
 		ai, ok := getAddrInfo(addr)
 		if !ok {
 			return fmt.Errorf("xds_wrr_locality: missing locality weight information in address %q", addr)
diff --git a/vendor/google.golang.org/grpc/xds/internal/internal.go b/vendor/google.golang.org/grpc/xds/internal/internal.go
index 74c9195215..23db64a4d4 100644
--- a/vendor/google.golang.org/grpc/xds/internal/internal.go
+++ b/vendor/google.golang.org/grpc/xds/internal/internal.go
@@ -20,7 +20,6 @@
 package internal
 
 import (
-	"encoding/json"
 	"fmt"
 
 	"google.golang.org/grpc/resolver"
@@ -36,14 +35,10 @@ type LocalityID struct {
 	SubZone string `json:"subZone,omitempty"`
 }
 
-// ToString generates a string representation of LocalityID by marshalling it into
-// json. Not calling it String() so printf won't call it.
-func (l LocalityID) ToString() (string, error) {
-	b, err := json.Marshal(l)
-	if err != nil {
-		return "", err
-	}
-	return string(b), nil
+// ToString generates a string representation of LocalityID in the format
+// specified in gRFC A76. Not calling it String() so printf won't call it.
+func (l LocalityID) ToString() string {
+	return fmt.Sprintf("{region=%q, zone=%q, sub_zone=%q}", l.Region, l.Zone, l.SubZone)
 }
 
 // Equal allows the values to be compared by Attributes.Equal.
@@ -60,10 +55,10 @@ func (l LocalityID) Empty() bool {
 	return l.Region == "" && l.Zone == "" && l.SubZone == ""
 }
 
-// LocalityIDFromString converts a json representation of locality, into a
-// LocalityID struct.
+// LocalityIDFromString converts a string representation of locality as
+// specified in gRFC A76, into a LocalityID struct.
 func LocalityIDFromString(s string) (ret LocalityID, _ error) {
-	err := json.Unmarshal([]byte(s), &ret)
+	_, err := fmt.Sscanf(s, "{region=%q, zone=%q, sub_zone=%q}", &ret.Region, &ret.Zone, &ret.SubZone)
 	if err != nil {
 		return LocalityID{}, fmt.Errorf("%s is not a well formatted locality ID, error: %v", s, err)
 	}
diff --git a/vendor/google.golang.org/grpc/xds/internal/resolver/serviceconfig.go b/vendor/google.golang.org/grpc/xds/internal/resolver/serviceconfig.go
index dbefe9801c..40f038b8a6 100644
--- a/vendor/google.golang.org/grpc/xds/internal/resolver/serviceconfig.go
+++ b/vendor/google.golang.org/grpc/xds/internal/resolver/serviceconfig.go
@@ -32,12 +32,12 @@ import (
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/internal/grpcutil"
 	iresolver "google.golang.org/grpc/internal/resolver"
+	iringhash "google.golang.org/grpc/internal/ringhash"
 	"google.golang.org/grpc/internal/serviceconfig"
 	"google.golang.org/grpc/internal/wrr"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/status"
 	"google.golang.org/grpc/xds/internal/balancer/clustermanager"
-	"google.golang.org/grpc/xds/internal/balancer/ringhash"
 	"google.golang.org/grpc/xds/internal/httpfilter"
 	"google.golang.org/grpc/xds/internal/xdsclient/xdsresource"
 )
@@ -141,8 +141,8 @@ type erroringConfigSelector struct {
 	err error
 }
 
-func newErroringConfigSelector(xdsNodeID string) *erroringConfigSelector {
-	return &erroringConfigSelector{err: annotateErrorWithNodeID(status.Errorf(codes.Unavailable, "no valid clusters"), xdsNodeID)}
+func newErroringConfigSelector(err error, xdsNodeID string) *erroringConfigSelector {
+	return &erroringConfigSelector{err: annotateErrorWithNodeID(status.Error(codes.Unavailable, err.Error()), xdsNodeID)}
 }
 
 func (cs *erroringConfigSelector) SelectConfig(iresolver.RPCInfo) (*iresolver.RPCConfig, error) {
@@ -203,7 +203,7 @@ func (cs *configSelector) SelectConfig(rpcInfo iresolver.RPCInfo) (*iresolver.RP
 	}
 
 	lbCtx := clustermanager.SetPickedCluster(rpcInfo.Context, cluster.name)
-	lbCtx = ringhash.SetXDSRequestHash(lbCtx, cs.generateHash(rpcInfo, rt.hashPolicies))
+	lbCtx = iringhash.SetXDSRequestHash(lbCtx, cs.generateHash(rpcInfo, rt.hashPolicies))
 
 	config := &iresolver.RPCConfig{
 		// Communicate to the LB policy the chosen cluster and request hash, if Ring Hash LB policy.
diff --git a/vendor/google.golang.org/grpc/xds/internal/resolver/watch_service.go b/vendor/google.golang.org/grpc/xds/internal/resolver/watch_service.go
index 0de6604484..e8d52d0e07 100644
--- a/vendor/google.golang.org/grpc/xds/internal/resolver/watch_service.go
+++ b/vendor/google.golang.org/grpc/xds/internal/resolver/watch_service.go
@@ -36,19 +36,19 @@ func newListenerWatcher(resourceName string, parent *xdsResolver) *listenerWatch
 	return lw
 }
 
-func (l *listenerWatcher) OnUpdate(update *xdsresource.ListenerResourceData, onDone xdsresource.OnDoneFunc) {
+func (l *listenerWatcher) ResourceChanged(update *xdsresource.ListenerResourceData, onDone func()) {
 	handleUpdate := func(context.Context) { l.parent.onListenerResourceUpdate(update.Resource); onDone() }
 	l.parent.serializer.ScheduleOr(handleUpdate, onDone)
 }
 
-func (l *listenerWatcher) OnError(err error, onDone xdsresource.OnDoneFunc) {
+func (l *listenerWatcher) ResourceError(err error, onDone func()) {
 	handleError := func(context.Context) { l.parent.onListenerResourceError(err); onDone() }
 	l.parent.serializer.ScheduleOr(handleError, onDone)
 }
 
-func (l *listenerWatcher) OnResourceDoesNotExist(onDone xdsresource.OnDoneFunc) {
-	handleNotFound := func(context.Context) { l.parent.onListenerResourceNotFound(); onDone() }
-	l.parent.serializer.ScheduleOr(handleNotFound, onDone)
+func (l *listenerWatcher) AmbientError(err error, onDone func()) {
+	handleError := func(context.Context) { l.parent.onListenerResourceAmbientError(err); onDone() }
+	l.parent.serializer.ScheduleOr(handleError, onDone)
 }
 
 func (l *listenerWatcher) stop() {
@@ -68,7 +68,7 @@ func newRouteConfigWatcher(resourceName string, parent *xdsResolver) *routeConfi
 	return rw
 }
 
-func (r *routeConfigWatcher) OnUpdate(u *xdsresource.RouteConfigResourceData, onDone xdsresource.OnDoneFunc) {
+func (r *routeConfigWatcher) ResourceChanged(u *xdsresource.RouteConfigResourceData, onDone func()) {
 	handleUpdate := func(context.Context) {
 		r.parent.onRouteConfigResourceUpdate(r.resourceName, u.Resource)
 		onDone()
@@ -76,14 +76,14 @@ func (r *routeConfigWatcher) OnUpdate(u *xdsresource.RouteConfigResourceData, on
 	r.parent.serializer.ScheduleOr(handleUpdate, onDone)
 }
 
-func (r *routeConfigWatcher) OnError(err error, onDone xdsresource.OnDoneFunc) {
+func (r *routeConfigWatcher) ResourceError(err error, onDone func()) {
 	handleError := func(context.Context) { r.parent.onRouteConfigResourceError(r.resourceName, err); onDone() }
 	r.parent.serializer.ScheduleOr(handleError, onDone)
 }
 
-func (r *routeConfigWatcher) OnResourceDoesNotExist(onDone xdsresource.OnDoneFunc) {
-	handleNotFound := func(context.Context) { r.parent.onRouteConfigResourceNotFound(r.resourceName); onDone() }
-	r.parent.serializer.ScheduleOr(handleNotFound, onDone)
+func (r *routeConfigWatcher) AmbientError(err error, onDone func()) {
+	handleError := func(context.Context) { r.parent.onRouteConfigResourceAmbientError(r.resourceName, err); onDone() }
+	r.parent.serializer.ScheduleOr(handleError, onDone)
 }
 
 func (r *routeConfigWatcher) stop() {
diff --git a/vendor/google.golang.org/grpc/xds/internal/resolver/xds_resolver.go b/vendor/google.golang.org/grpc/xds/internal/resolver/xds_resolver.go
index 3f9e187cc9..a66719d068 100644
--- a/vendor/google.golang.org/grpc/xds/internal/resolver/xds_resolver.go
+++ b/vendor/google.golang.org/grpc/xds/internal/resolver/xds_resolver.go
@@ -459,7 +459,10 @@ func (r *xdsResolver) onResolutionComplete() {
 func (r *xdsResolver) applyRouteConfigUpdate(update xdsresource.RouteConfigUpdate) {
 	matchVh := xdsresource.FindBestMatchingVirtualHost(r.dataplaneAuthority, update.VirtualHosts)
 	if matchVh == nil {
-		r.onError(fmt.Errorf("no matching virtual host found for %q", r.dataplaneAuthority))
+		// TODO(purnesh42h): Should this be a resource or ambient error? Note
+		// that its being called only from resource update methods when we have
+		// finished removing the previous update.
+		r.onAmbientError(fmt.Errorf("no matching virtual host found for %q", r.dataplaneAuthority))
 		return
 	}
 	r.currentRouteConfig = update
@@ -469,12 +472,12 @@ func (r *xdsResolver) applyRouteConfigUpdate(update xdsresource.RouteConfigUpdat
 	r.onResolutionComplete()
 }
 
-// onError propagates the error up to the channel. And since this is invoked
-// only for non resource-not-found errors, we don't have to update resolver
+// onAmbientError propagates the error up to the channel. And since this is
+// invoked only for non resource errors, we don't have to update resolver
 // state and we can keep using the old config.
 //
 // Only executed in the context of a serializer callback.
-func (r *xdsResolver) onError(err error) {
+func (r *xdsResolver) onAmbientError(err error) {
 	r.cc.ReportError(err)
 }
 
@@ -482,7 +485,7 @@ func (r *xdsResolver) onError(err error) {
 // are removed.
 //
 // Only executed in the context of a serializer callback.
-func (r *xdsResolver) onResourceNotFound() {
+func (r *xdsResolver) onResourceError(err error) {
 	// We cannot remove clusters from the service config that have ongoing RPCs.
 	// Instead, what we can do is to send an erroring config selector
 	// along with normal service config. This will ensure that new RPCs will
@@ -491,7 +494,7 @@ func (r *xdsResolver) onResourceNotFound() {
 	// service config with no addresses. This results in the pick-first
 	// LB policy being configured on the channel, and since there are no
 	// address, pick-first will put the channel in TRANSIENT_FAILURE.
-	cs := newErroringConfigSelector(r.xdsClient.BootstrapConfig().Node().GetId())
+	cs := newErroringConfigSelector(err, r.xdsClient.BootstrapConfig().Node().GetId())
 	r.sendNewServiceConfig(cs)
 
 	// Stop and dereference the active config selector, if one exists.
@@ -546,16 +549,18 @@ func (r *xdsResolver) onListenerResourceUpdate(update xdsresource.ListenerUpdate
 	r.routeConfigWatcher = newRouteConfigWatcher(r.rdsResourceName, r)
 }
 
-func (r *xdsResolver) onListenerResourceError(err error) {
+func (r *xdsResolver) onListenerResourceAmbientError(err error) {
 	if r.logger.V(2) {
-		r.logger.Infof("Received error for Listener resource %q: %v", r.ldsResourceName, err)
+		r.logger.Infof("Received ambient error for Listener resource %q: %v", r.ldsResourceName, err)
 	}
-	r.onError(err)
+	r.onAmbientError(err)
 }
 
 // Only executed in the context of a serializer callback.
-func (r *xdsResolver) onListenerResourceNotFound() {
-	r.logger.Warningf("Received resource-not-found-error for Listener resource %q", r.ldsResourceName)
+func (r *xdsResolver) onListenerResourceError(err error) {
+	if r.logger.V(2) {
+		r.logger.Infof("Received resource error for Listener resource %q: %v", r.ldsResourceName, err)
+	}
 
 	r.listenerUpdateRecvd = false
 	if r.routeConfigWatcher != nil {
@@ -566,7 +571,7 @@ func (r *xdsResolver) onListenerResourceNotFound() {
 	r.routeConfigUpdateRecvd = false
 	r.routeConfigWatcher = nil
 
-	r.onResourceNotFound()
+	r.onResourceError(err)
 }
 
 // Only executed in the context of a serializer callback.
@@ -584,21 +589,23 @@ func (r *xdsResolver) onRouteConfigResourceUpdate(name string, update xdsresourc
 }
 
 // Only executed in the context of a serializer callback.
-func (r *xdsResolver) onRouteConfigResourceError(name string, err error) {
+func (r *xdsResolver) onRouteConfigResourceAmbientError(name string, err error) {
 	if r.logger.V(2) {
-		r.logger.Infof("Received error for RouteConfiguration resource %q: %v", name, err)
+		r.logger.Infof("Received ambient error for RouteConfiguration resource %q: %v", name, err)
 	}
-	r.onError(err)
+	r.onAmbientError(err)
 }
 
 // Only executed in the context of a serializer callback.
-func (r *xdsResolver) onRouteConfigResourceNotFound(name string) {
-	r.logger.Warningf("Received resource-not-found-error for RouteConfiguration resource %q", name)
+func (r *xdsResolver) onRouteConfigResourceError(name string, err error) {
+	if r.logger.V(2) {
+		r.logger.Infof("Received resource error for RouteConfiguration resource %q: %v", name, err)
+	}
 
 	if r.rdsResourceName != name {
 		return
 	}
-	r.onResourceNotFound()
+	r.onResourceError(err)
 }
 
 // Only executed in the context of a serializer callback.
diff --git a/vendor/google.golang.org/grpc/xds/internal/server/listener_wrapper.go b/vendor/google.golang.org/grpc/xds/internal/server/listener_wrapper.go
index 62d59c4872..2c32ace8ab 100644
--- a/vendor/google.golang.org/grpc/xds/internal/server/listener_wrapper.go
+++ b/vendor/google.golang.org/grpc/xds/internal/server/listener_wrapper.go
@@ -159,36 +159,6 @@ type listenerWrapper struct {
 	rdsHandler *rdsHandler
 }
 
-func (l *listenerWrapper) handleLDSUpdate(update xdsresource.ListenerUpdate) {
-	ilc := update.InboundListenerCfg
-	// Make sure that the socket address on the received Listener resource
-	// matches the address of the net.Listener passed to us by the user. This
-	// check is done here instead of at the XDSClient layer because of the
-	// following couple of reasons:
-	// - XDSClient cannot know the listening address of every listener in the
-	//   system, and hence cannot perform this check.
-	// - this is a very context-dependent check and only the server has the
-	//   appropriate context to perform this check.
-	//
-	// What this means is that the XDSClient has ACKed a resource which can push
-	// the server into a "not serving" mode. This is not ideal, but this is
-	// what we have decided to do.
-	if ilc.Address != l.addr || ilc.Port != l.port {
-		l.mu.Lock()
-		err := l.annotateErrorWithNodeID(fmt.Errorf("address (%s:%s) in Listener update does not match listening address: (%s:%s)", ilc.Address, ilc.Port, l.addr, l.port))
-		l.switchModeLocked(connectivity.ServingModeNotServing, err)
-		l.mu.Unlock()
-		return
-	}
-
-	l.pendingFilterChainManager = ilc.FilterChains
-	l.rdsHandler.updateRouteNamesToWatch(ilc.FilterChains.RouteConfigNames)
-
-	if l.rdsHandler.determineRouteConfigurationReady() {
-		l.maybeUpdateFilterChains()
-	}
-}
-
 // maybeUpdateFilterChains swaps in the pending filter chain manager to the
 // active one if the pending filter chain manager is present. If a swap occurs,
 // it also drains (gracefully stops) any connections that were accepted on the
@@ -408,19 +378,6 @@ func (l *listenerWrapper) switchModeLocked(newMode connectivity.ServingMode, err
 	}
 }
 
-func (l *listenerWrapper) annotateErrorWithNodeID(err error) error {
-	return fmt.Errorf("[xDS node id: %v]: %w", l.xdsNodeID, err)
-}
-
-func (l *listenerWrapper) onLDSResourceDoesNotExist(err error) {
-	l.mu.Lock()
-	defer l.mu.Unlock()
-	l.switchModeLocked(connectivity.ServingModeNotServing, l.annotateErrorWithNodeID(err))
-	l.activeFilterChainManager = nil
-	l.pendingFilterChainManager = nil
-	l.rdsHandler.updateRouteNamesToWatch(make(map[string]bool))
-}
-
 // ldsWatcher implements the xdsresource.ListenerWatcher interface and is
 // passed to the WatchListener API.
 type ldsWatcher struct {
@@ -429,7 +386,7 @@ type ldsWatcher struct {
 	name   string
 }
 
-func (lw *ldsWatcher) OnUpdate(update *xdsresource.ListenerResourceData, onDone xdsresource.OnDoneFunc) {
+func (lw *ldsWatcher) ResourceChanged(update *xdsresource.ListenerResourceData, onDone func()) {
 	defer onDone()
 	if lw.parent.closed.HasFired() {
 		lw.logger.Warningf("Resource %q received update: %#v after listener was closed", lw.name, update)
@@ -438,30 +395,64 @@ func (lw *ldsWatcher) OnUpdate(update *xdsresource.ListenerResourceData, onDone
 	if lw.logger.V(2) {
 		lw.logger.Infof("LDS watch for resource %q received update: %#v", lw.name, update.Resource)
 	}
-	lw.parent.handleLDSUpdate(update.Resource)
+	l := lw.parent
+	ilc := update.Resource.InboundListenerCfg
+	// Make sure that the socket address on the received Listener resource
+	// matches the address of the net.Listener passed to us by the user. This
+	// check is done here instead of at the XDSClient layer because of the
+	// following couple of reasons:
+	// - XDSClient cannot know the listening address of every listener in the
+	//   system, and hence cannot perform this check.
+	// - this is a very context-dependent check and only the server has the
+	//   appropriate context to perform this check.
+	//
+	// What this means is that the XDSClient has ACKed a resource which can push
+	// the server into a "not serving" mode. This is not ideal, but this is
+	// what we have decided to do.
+	if ilc.Address != l.addr || ilc.Port != l.port {
+		// TODO(purnesh42h): Are there any other cases where this can be
+		// treated as an ambient error?
+		l.mu.Lock()
+		err := fmt.Errorf("[xDS node id: %v]: %w", l.xdsNodeID, fmt.Errorf("address (%s:%s) in Listener update does not match listening address: (%s:%s)", ilc.Address, ilc.Port, l.addr, l.port))
+		l.switchModeLocked(connectivity.ServingModeNotServing, err)
+		l.mu.Unlock()
+		return
+	}
+
+	l.pendingFilterChainManager = ilc.FilterChains
+	l.rdsHandler.updateRouteNamesToWatch(ilc.FilterChains.RouteConfigNames)
+
+	if l.rdsHandler.determineRouteConfigurationReady() {
+		l.maybeUpdateFilterChains()
+	}
 }
 
-func (lw *ldsWatcher) OnError(err error, onDone xdsresource.OnDoneFunc) {
+func (lw *ldsWatcher) ResourceError(err error, onDone func()) {
 	defer onDone()
 	if lw.parent.closed.HasFired() {
-		lw.logger.Warningf("Resource %q received error: %v after listener was closed", lw.name, err)
+		lw.logger.Warningf("Resource %q received resource error: %v after listener was closed", lw.name, err)
 		return
 	}
 	if lw.logger.V(2) {
-		lw.logger.Infof("LDS watch for resource %q reported error: %v", lw.name, err)
+		lw.logger.Infof("LDS watch for resource %q reported resource error: %v", lw.name, err)
 	}
-	// For errors which are anything other than "resource-not-found", we
-	// continue to use the old configuration.
+
+	l := lw.parent
+	l.mu.Lock()
+	defer l.mu.Unlock()
+	l.switchModeLocked(connectivity.ServingModeNotServing, err)
+	l.activeFilterChainManager = nil
+	l.pendingFilterChainManager = nil
+	l.rdsHandler.updateRouteNamesToWatch(make(map[string]bool))
 }
 
-func (lw *ldsWatcher) OnResourceDoesNotExist(onDone xdsresource.OnDoneFunc) {
+func (lw *ldsWatcher) AmbientError(err error, onDone func()) {
 	defer onDone()
 	if lw.parent.closed.HasFired() {
-		lw.logger.Warningf("Resource %q received resource-does-not-exist error after listener was closed", lw.name)
+		lw.logger.Warningf("Resource %q received ambient error: %v after listener was closed", lw.name, err)
 		return
 	}
-	lw.logger.Warningf("LDS watch for resource %q reported resource-does-not-exist error", lw.name)
-
-	err := xdsresource.NewErrorf(xdsresource.ErrorTypeResourceNotFound, "resource name %q of type Listener not found in received response", lw.name)
-	lw.parent.onLDSResourceDoesNotExist(err)
+	if lw.logger.V(2) {
+		lw.logger.Infof("LDS watch for resource %q reported ambient error: %v", lw.name, err)
+	}
 }
diff --git a/vendor/google.golang.org/grpc/xds/internal/server/rds_handler.go b/vendor/google.golang.org/grpc/xds/internal/server/rds_handler.go
index 29bbf1804d..4b8eb22de8 100644
--- a/vendor/google.golang.org/grpc/xds/internal/server/rds_handler.go
+++ b/vendor/google.golang.org/grpc/xds/internal/server/rds_handler.go
@@ -19,7 +19,6 @@
 package server
 
 import (
-	"fmt"
 	"sync"
 
 	igrpclog "google.golang.org/grpc/internal/grpclog"
@@ -109,21 +108,6 @@ func (rh *rdsHandler) determineRouteConfigurationReady() bool {
 	return len(rh.updates) == len(rh.cancels)
 }
 
-// Must be called from an xDS Client Callback.
-func (rh *rdsHandler) handleRouteUpdate(routeName string, update rdsWatcherUpdate) {
-	rwu := rh.updates[routeName]
-
-	// Accept the new update if any of the following are true:
-	// 1. we had no valid update data.
-	// 2. the update is valid.
-	// 3. the update error is ResourceNotFound.
-	if rwu.data == nil || update.err == nil || xdsresource.ErrType(update.err) == xdsresource.ErrorTypeResourceNotFound {
-		rwu = update
-	}
-	rh.updates[routeName] = rwu
-	rh.callback(routeName, rwu)
-}
-
 // close() is meant to be called by wrapped listener when the wrapped listener
 // is closed, and it cleans up resources by canceling all the active RDS
 // watches.
@@ -151,7 +135,7 @@ type rdsWatcher struct {
 	canceled bool // eats callbacks if true
 }
 
-func (rw *rdsWatcher) OnUpdate(update *xdsresource.RouteConfigResourceData, onDone xdsresource.OnDoneFunc) {
+func (rw *rdsWatcher) ResourceChanged(update *xdsresource.RouteConfigResourceData, onDone func()) {
 	defer onDone()
 	rw.mu.Lock()
 	if rw.canceled {
@@ -162,10 +146,14 @@ func (rw *rdsWatcher) OnUpdate(update *xdsresource.RouteConfigResourceData, onDo
 	if rw.logger.V(2) {
 		rw.logger.Infof("RDS watch for resource %q received update: %#v", rw.routeName, update.Resource)
 	}
-	rw.parent.handleRouteUpdate(rw.routeName, rdsWatcherUpdate{data: &update.Resource})
+
+	routeName := rw.routeName
+	rwu := rdsWatcherUpdate{data: &update.Resource}
+	rw.parent.updates[routeName] = rwu
+	rw.parent.callback(routeName, rwu)
 }
 
-func (rw *rdsWatcher) OnError(err error, onDone xdsresource.OnDoneFunc) {
+func (rw *rdsWatcher) ResourceError(err error, onDone func()) {
 	defer onDone()
 	rw.mu.Lock()
 	if rw.canceled {
@@ -174,12 +162,16 @@ func (rw *rdsWatcher) OnError(err error, onDone xdsresource.OnDoneFunc) {
 	}
 	rw.mu.Unlock()
 	if rw.logger.V(2) {
-		rw.logger.Infof("RDS watch for resource %q reported error: %v", rw.routeName, err)
+		rw.logger.Infof("RDS watch for resource %q reported resource error", rw.routeName)
 	}
-	rw.parent.handleRouteUpdate(rw.routeName, rdsWatcherUpdate{err: err})
+
+	routeName := rw.routeName
+	rwu := rdsWatcherUpdate{err: err}
+	rw.parent.updates[routeName] = rwu
+	rw.parent.callback(routeName, rwu)
 }
 
-func (rw *rdsWatcher) OnResourceDoesNotExist(onDone xdsresource.OnDoneFunc) {
+func (rw *rdsWatcher) AmbientError(err error, onDone func()) {
 	defer onDone()
 	rw.mu.Lock()
 	if rw.canceled {
@@ -187,8 +179,10 @@ func (rw *rdsWatcher) OnResourceDoesNotExist(onDone xdsresource.OnDoneFunc) {
 		return
 	}
 	rw.mu.Unlock()
-	rw.logger.Warningf("RDS watch for resource %q reported resource-does-not-exist error", rw.routeName)
-	err := xdsresource.NewErrorf(xdsresource.ErrorTypeResourceNotFound, "resource name %q of type RouteConfiguration not found in received response", rw.routeName)
-	err = fmt.Errorf("[xDS node id: %v]: %w", rw.parent.xdsNodeID, err)
-	rw.parent.handleRouteUpdate(rw.routeName, rdsWatcherUpdate{err: err})
+	if rw.logger.V(2) {
+		rw.logger.Infof("RDS watch for resource %q reported ambient error: %v", rw.routeName, err)
+	}
+	routeName := rw.routeName
+	rwu := rw.parent.updates[routeName]
+	rw.parent.callback(routeName, rwu)
 }
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/authority.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/authority.go
index 05c3e49b2c..ec3a7352f9 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/authority.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/authority.go
@@ -238,9 +238,15 @@ func (a *authority) propagateConnectivityErrorToAllWatchers(err error) {
 	for _, rType := range a.resources {
 		for _, state := range rType {
 			for watcher := range state.watchers {
-				a.watcherCallbackSerializer.TrySchedule(func(context.Context) {
-					watcher.OnError(xdsresource.NewErrorf(xdsresource.ErrorTypeConnection, "xds: error received from xDS stream: %v", err), func() {})
-				})
+				if state.cache == nil {
+					a.watcherCallbackSerializer.TrySchedule(func(context.Context) {
+						watcher.ResourceError(xdsresource.NewErrorf(xdsresource.ErrorTypeConnection, "xds: error received from xDS stream: %v", err), func() {})
+					})
+				} else {
+					a.watcherCallbackSerializer.TrySchedule(func(context.Context) {
+						watcher.AmbientError(xdsresource.NewErrorf(xdsresource.ErrorTypeConnection, "xds: error received from xDS stream: %v", err), func() {})
+					})
+				}
 			}
 		}
 	}
@@ -369,7 +375,11 @@ func (a *authority) handleADSResourceUpdate(serverConfig *bootstrap.ServerConfig
 				watcher := watcher
 				err := uErr.Err
 				watcherCnt.Add(1)
-				funcsToSchedule = append(funcsToSchedule, func(context.Context) { watcher.OnError(err, done) })
+				if state.cache == nil {
+					funcsToSchedule = append(funcsToSchedule, func(context.Context) { watcher.ResourceError(err, done) })
+				} else {
+					funcsToSchedule = append(funcsToSchedule, func(context.Context) { watcher.AmbientError(err, done) })
+				}
 			}
 			continue
 		}
@@ -396,7 +406,7 @@ func (a *authority) handleADSResourceUpdate(serverConfig *bootstrap.ServerConfig
 				watcher := watcher
 				resource := uErr.Resource
 				watcherCnt.Add(1)
-				funcsToSchedule = append(funcsToSchedule, func(context.Context) { watcher.OnUpdate(resource, done) })
+				funcsToSchedule = append(funcsToSchedule, func(context.Context) { watcher.ResourceChanged(resource, done) })
 			}
 		}
 
@@ -454,7 +464,7 @@ func (a *authority) handleADSResourceUpdate(serverConfig *bootstrap.ServerConfig
 			// `ignore_resource_deletion` server feature is enabled through the
 			// bootstrap configuration. If the resource deletion is to be
 			// ignored, the resource is not removed from the cache and the
-			// corresponding OnResourceDoesNotExist() callback is not invoked on
+			// corresponding ResourceError() callback is not invoked on
 			// the watchers.
 			if !state.deletionIgnored {
 				state.deletionIgnored = true
@@ -473,7 +483,9 @@ func (a *authority) handleADSResourceUpdate(serverConfig *bootstrap.ServerConfig
 		for watcher := range state.watchers {
 			watcher := watcher
 			watcherCnt.Add(1)
-			funcsToSchedule = append(funcsToSchedule, func(context.Context) { watcher.OnResourceDoesNotExist(done) })
+			funcsToSchedule = append(funcsToSchedule, func(context.Context) {
+				watcher.ResourceError(xdsresource.NewErrorf(xdsresource.ErrorTypeResourceNotFound, "xds: resource %q of type %q has been removed", name, rType.TypeName()), done)
+			})
 		}
 	}
 }
@@ -515,7 +527,9 @@ func (a *authority) handleADSResourceDoesNotExist(rType xdsresource.Type, resour
 	state.md = xdsresource.UpdateMetadata{Status: xdsresource.ServiceStatusNotExist}
 	for watcher := range state.watchers {
 		watcher := watcher
-		a.watcherCallbackSerializer.TrySchedule(func(context.Context) { watcher.OnResourceDoesNotExist(func() {}) })
+		a.watcherCallbackSerializer.TrySchedule(func(context.Context) {
+			watcher.ResourceError(xdsresource.NewErrorf(xdsresource.ErrorTypeResourceNotFound, "xds: resource %q of type %q does not exist", resourceName, rType.TypeName()), func() {})
+		})
 	}
 }
 
@@ -606,7 +620,7 @@ func (a *authority) watchResource(rType xdsresource.Type, resourceName string, w
 
 		xdsChannel, err := a.xdsChannelToUse()
 		if err != nil {
-			a.watcherCallbackSerializer.TrySchedule(func(context.Context) { watcher.OnError(err, func() {}) })
+			a.watcherCallbackSerializer.TrySchedule(func(context.Context) { watcher.ResourceError(err, func() {}) })
 			return
 		}
 
@@ -647,7 +661,7 @@ func (a *authority) watchResource(rType xdsresource.Type, resourceName string, w
 			// xdsClientSerializer callback. Hence making a copy of the cached
 			// resource here for watchCallbackSerializer.
 			resource := state.cache
-			a.watcherCallbackSerializer.TrySchedule(func(context.Context) { watcher.OnUpdate(resource, func() {}) })
+			a.watcherCallbackSerializer.TrySchedule(func(context.Context) { watcher.ResourceChanged(resource, func() {}) })
 		}
 		// If last update was NACK'd, notify the new watcher of error
 		// immediately as well.
@@ -659,12 +673,18 @@ func (a *authority) watchResource(rType xdsresource.Type, resourceName string, w
 			// xdsClientSerializer callback. Hence making a copy of the error
 			// here for watchCallbackSerializer.
 			err := state.md.ErrState.Err
-			a.watcherCallbackSerializer.TrySchedule(func(context.Context) { watcher.OnError(err, func() {}) })
+			if state.cache == nil {
+				a.watcherCallbackSerializer.TrySchedule(func(context.Context) { watcher.ResourceError(err, func() {}) })
+			} else {
+				a.watcherCallbackSerializer.TrySchedule(func(context.Context) { watcher.AmbientError(err, func() {}) })
+			}
 		}
 		// If the metadata field is updated to indicate that the management
 		// server does not have this resource, notify the new watcher.
 		if state.md.Status == xdsresource.ServiceStatusNotExist {
-			a.watcherCallbackSerializer.TrySchedule(func(context.Context) { watcher.OnResourceDoesNotExist(func() {}) })
+			a.watcherCallbackSerializer.TrySchedule(func(context.Context) {
+				watcher.ResourceError(xdsresource.NewErrorf(xdsresource.ErrorTypeResourceNotFound, "xds: resource %q of type %q does not exist", resourceName, rType.TypeName()), func() {})
+			})
 		}
 		cleanup = a.unwatchResource(rType, resourceName, watcher)
 	}, func() {
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/clientimpl_watchers.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/clientimpl_watchers.go
index c080a0b4c8..2cce17b05a 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/clientimpl_watchers.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/clientimpl_watchers.go
@@ -33,8 +33,12 @@ type wrappingWatcher struct {
 	nodeID string
 }
 
-func (w *wrappingWatcher) OnError(err error, done xdsresource.OnDoneFunc) {
-	w.ResourceWatcher.OnError(fmt.Errorf("[xDS node id: %v]: %w", w.nodeID, err), done)
+func (w *wrappingWatcher) ResourceError(err error, done func()) {
+	w.ResourceWatcher.ResourceError(fmt.Errorf("[xDS node id: %v]: %w", w.nodeID, err), done)
+}
+
+func (w *wrappingWatcher) AmbientError(err error, done func()) {
+	w.ResourceWatcher.AmbientError(fmt.Errorf("[xDS node id: %v]: %w", w.nodeID, err), done)
 }
 
 // WatchResource uses xDS to discover the resource associated with the provided
@@ -60,8 +64,8 @@ func (c *clientImpl) WatchResource(rType xdsresource.Type, resourceName string,
 	}
 
 	if err := c.resourceTypes.maybeRegister(rType); err != nil {
-		logger.Warningf("Watch registered for name %q of type %q which is already registered", rType.TypeName(), resourceName)
-		c.serializer.TrySchedule(func(context.Context) { watcher.OnError(err, func() {}) })
+		logger.Warningf("Watch registered for type %q, which is already registered", rType.TypeName())
+		c.serializer.TrySchedule(func(context.Context) { watcher.ResourceError(err, func() {}) })
 		return func() {}
 	}
 
@@ -69,7 +73,7 @@ func (c *clientImpl) WatchResource(rType xdsresource.Type, resourceName string,
 	a := c.getAuthorityForResource(n)
 	if a == nil {
 		logger.Warningf("Watch registered for name %q of type %q, authority %q is not found", rType.TypeName(), resourceName, n.Authority)
-		watcher.OnError(fmt.Errorf("authority %q not found in bootstrap config for resource %q", n.Authority, resourceName), func() {})
+		watcher.ResourceError(fmt.Errorf("authority %q not found in bootstrap config for resource %q", n.Authority, resourceName), func() {})
 		return func() {}
 	}
 	// The watchResource method on the authority is invoked with n.String()
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/transport/lrs/lrs_stream.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/transport/lrs/lrs_stream.go
index e33ac694df..7260816b67 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/transport/lrs/lrs_stream.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/transport/lrs/lrs_stream.go
@@ -241,11 +241,11 @@ func (lrs *StreamImpl) recvFirstLoadStatsResponse(stream transport.StreamingCall
 		lrs.logger.Infof("Received first LoadStatsResponse: %s", pretty.ToJSON(resp))
 	}
 
-	internal := resp.GetLoadReportingInterval()
-	if internal.CheckValid() != nil {
+	interval := resp.GetLoadReportingInterval()
+	if err := interval.CheckValid(); err != nil {
 		return nil, 0, fmt.Errorf("lrs: invalid load_reporting_interval: %v", err)
 	}
-	loadReportingInterval := internal.AsDuration()
+	loadReportingInterval := interval.AsDuration()
 
 	clusters := resp.Clusters
 	if resp.SendAllClusters {
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdslbregistry/converter/converter.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdslbregistry/converter/converter.go
index 3c48f1bdea..f0d064c679 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdslbregistry/converter/converter.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdslbregistry/converter/converter.go
@@ -30,11 +30,12 @@ import (
 	"google.golang.org/grpc/balancer"
 	"google.golang.org/grpc/balancer/leastrequest"
 	"google.golang.org/grpc/balancer/pickfirst"
+	"google.golang.org/grpc/balancer/ringhash"
 	"google.golang.org/grpc/balancer/roundrobin"
 	"google.golang.org/grpc/balancer/weightedroundrobin"
 	"google.golang.org/grpc/internal/envconfig"
+	iringhash "google.golang.org/grpc/internal/ringhash"
 	internalserviceconfig "google.golang.org/grpc/internal/serviceconfig"
-	"google.golang.org/grpc/xds/internal/balancer/ringhash"
 	"google.golang.org/grpc/xds/internal/balancer/wrrlocality"
 	"google.golang.org/grpc/xds/internal/xdsclient/xdslbregistry"
 	"google.golang.org/protobuf/proto"
@@ -83,7 +84,7 @@ func convertRingHashProtoToServiceConfig(rawProto []byte, _ int) (json.RawMessag
 		maxSize = max.GetValue()
 	}
 
-	rhCfg := &ringhash.LBConfig{
+	rhCfg := &iringhash.LBConfig{
 		MinRingSize: minSize,
 		MaxRingSize: maxSize,
 	}
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdslbregistry/xdslbregistry.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdslbregistry/xdslbregistry.go
index a7782709d4..88ee9fab7a 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdslbregistry/xdslbregistry.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdslbregistry/xdslbregistry.go
@@ -69,8 +69,6 @@ func ConvertToServiceConfig(lbPolicy *v3clusterpb.LoadBalancingPolicy, depth int
 		converter := m[policy.GetTypedExtensionConfig().GetTypedConfig().GetTypeUrl()]
 		// "Any entry not in the above list is unsupported and will be skipped."
 		// - A52
-		// This includes Least Request as well, since grpc-go does not support
-		// the Least Request Load Balancing Policy.
 		if converter == nil {
 			continue
 		}
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/cluster_resource_type.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/cluster_resource_type.go
index 8e9375fcbb..3d85c31ff4 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/cluster_resource_type.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/cluster_resource_type.go
@@ -108,41 +108,40 @@ func (c *ClusterResourceData) Raw() *anypb.Any {
 }
 
 // ClusterWatcher wraps the callbacks to be invoked for different events
-// corresponding to the cluster resource being watched.
+// corresponding to the cluster resource being watched. gRFC A88 contains an
+// exhaustive list of what method is invoked under what conditions.
 type ClusterWatcher interface {
-	// OnUpdate is invoked to report an update for the resource being watched.
-	OnUpdate(*ClusterResourceData, OnDoneFunc)
-
-	// OnError is invoked under different error conditions including but not
-	// limited to the following:
-	//	- authority mentioned in the resource is not found
-	//	- resource name parsing error
-	//	- resource deserialization error
-	//	- resource validation error
-	//	- ADS stream failure
-	//	- connection failure
-	OnError(error, OnDoneFunc)
-
-	// OnResourceDoesNotExist is invoked for a specific error condition where
-	// the requested resource is not found on the xDS management server.
-	OnResourceDoesNotExist(OnDoneFunc)
+	// ResourceChanged indicates a new version of the resource is available.
+	ResourceChanged(resource *ClusterResourceData, done func())
+
+	// ResourceError indicates an error occurred while trying to fetch or
+	// decode the associated resource. The previous version of the resource
+	// should be considered invalid.
+	ResourceError(err error, done func())
+
+	// AmbientError indicates an error occurred after a resource has been
+	// received that should not modify the use of that resource but may provide
+	// useful information about the state of the XDSClient for debugging
+	// purposes. The previous version of the resource should still be
+	// considered valid.
+	AmbientError(err error, done func())
 }
 
 type delegatingClusterWatcher struct {
 	watcher ClusterWatcher
 }
 
-func (d *delegatingClusterWatcher) OnUpdate(data ResourceData, onDone OnDoneFunc) {
+func (d *delegatingClusterWatcher) ResourceChanged(data ResourceData, onDone func()) {
 	c := data.(*ClusterResourceData)
-	d.watcher.OnUpdate(c, onDone)
+	d.watcher.ResourceChanged(c, onDone)
 }
 
-func (d *delegatingClusterWatcher) OnError(err error, onDone OnDoneFunc) {
-	d.watcher.OnError(err, onDone)
+func (d *delegatingClusterWatcher) ResourceError(err error, onDone func()) {
+	d.watcher.ResourceError(err, onDone)
 }
 
-func (d *delegatingClusterWatcher) OnResourceDoesNotExist(onDone OnDoneFunc) {
-	d.watcher.OnResourceDoesNotExist(onDone)
+func (d *delegatingClusterWatcher) AmbientError(err error, onDone func()) {
+	d.watcher.AmbientError(err, onDone)
 }
 
 // WatchCluster uses xDS to discover the configuration associated with the
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/endpoints_resource_type.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/endpoints_resource_type.go
index 94c03d0c52..de574dd8d3 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/endpoints_resource_type.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/endpoints_resource_type.go
@@ -104,41 +104,40 @@ func (e *EndpointsResourceData) Raw() *anypb.Any {
 }
 
 // EndpointsWatcher wraps the callbacks to be invoked for different
-// events corresponding to the endpoints resource being watched.
+// events corresponding to the endpoints resource being watched. gRFC A88
+// contains an exhaustive list of what method is invoked under what conditions.
 type EndpointsWatcher interface {
-	// OnUpdate is invoked to report an update for the resource being watched.
-	OnUpdate(*EndpointsResourceData, OnDoneFunc)
-
-	// OnError is invoked under different error conditions including but not
-	// limited to the following:
-	//	- authority mentioned in the resource is not found
-	//	- resource name parsing error
-	//	- resource deserialization error
-	//	- resource validation error
-	//	- ADS stream failure
-	//	- connection failure
-	OnError(error, OnDoneFunc)
-
-	// OnResourceDoesNotExist is invoked for a specific error condition where
-	// the requested resource is not found on the xDS management server.
-	OnResourceDoesNotExist(OnDoneFunc)
+	// ResourceChanged indicates a new version of the resource is available.
+	ResourceChanged(resource *EndpointsResourceData, done func())
+
+	// ResourceError indicates an error occurred while trying to fetch or
+	// decode the associated resource. The previous version of the resource
+	// should be considered invalid.
+	ResourceError(err error, done func())
+
+	// AmbientError indicates an error occurred after a resource has been
+	// received that should not modify the use of that resource but may provide
+	// useful information about the state of the XDSClient for debugging
+	// purposes. The previous version of the resource should still be
+	// considered valid.
+	AmbientError(err error, done func())
 }
 
 type delegatingEndpointsWatcher struct {
 	watcher EndpointsWatcher
 }
 
-func (d *delegatingEndpointsWatcher) OnUpdate(data ResourceData, onDone OnDoneFunc) {
+func (d *delegatingEndpointsWatcher) ResourceChanged(data ResourceData, onDone func()) {
 	e := data.(*EndpointsResourceData)
-	d.watcher.OnUpdate(e, onDone)
+	d.watcher.ResourceChanged(e, onDone)
 }
 
-func (d *delegatingEndpointsWatcher) OnError(err error, onDone OnDoneFunc) {
-	d.watcher.OnError(err, onDone)
+func (d *delegatingEndpointsWatcher) ResourceError(err error, onDone func()) {
+	d.watcher.ResourceError(err, onDone)
 }
 
-func (d *delegatingEndpointsWatcher) OnResourceDoesNotExist(onDone OnDoneFunc) {
-	d.watcher.OnResourceDoesNotExist(onDone)
+func (d *delegatingEndpointsWatcher) AmbientError(err error, onDone func()) {
+	d.watcher.AmbientError(err, onDone)
 }
 
 // WatchEndpoints uses xDS to discover the configuration associated with the
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/listener_resource_type.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/listener_resource_type.go
index e3ca1134a0..0f49e6c56a 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/listener_resource_type.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/listener_resource_type.go
@@ -141,41 +141,39 @@ func (l *ListenerResourceData) Raw() *anypb.Any {
 }
 
 // ListenerWatcher wraps the callbacks to be invoked for different
-// events corresponding to the listener resource being watched.
+// events corresponding to the listener resource being watched. gRFC A88
+// contains an exhaustive list of what method is invoked under what conditions.
 type ListenerWatcher interface {
-	// OnUpdate is invoked to report an update for the resource being watched.
-	OnUpdate(*ListenerResourceData, OnDoneFunc)
-
-	// OnError is invoked under different error conditions including but not
-	// limited to the following:
-	//	- authority mentioned in the resource is not found
-	//	- resource name parsing error
-	//	- resource deserialization error
-	//	- resource validation error
-	//	- ADS stream failure
-	//	- connection failure
-	OnError(error, OnDoneFunc)
-
-	// OnResourceDoesNotExist is invoked for a specific error condition where
-	// the requested resource is not found on the xDS management server.
-	OnResourceDoesNotExist(OnDoneFunc)
+	// ResourceChanged indicates a new version of the resource is available.
+	ResourceChanged(resource *ListenerResourceData, done func())
+
+	// ResourceError indicates an error occurred while trying to fetch or
+	// decode the associated resource. The previous version of the resource
+	// should be considered invalid.
+	ResourceError(err error, done func())
+
+	// AmbientError indicates an error occurred after a resource has been
+	// received that should not modify the use of that resource but may provide
+	// useful information about the state of the XDSClient for debugging
+	// purposes. The previous version of the resource should still be
+	// considered valid.
+	AmbientError(err error, done func())
 }
 
 type delegatingListenerWatcher struct {
 	watcher ListenerWatcher
 }
 
-func (d *delegatingListenerWatcher) OnUpdate(data ResourceData, onDone OnDoneFunc) {
+func (d *delegatingListenerWatcher) ResourceChanged(data ResourceData, onDone func()) {
 	l := data.(*ListenerResourceData)
-	d.watcher.OnUpdate(l, onDone)
+	d.watcher.ResourceChanged(l, onDone)
 }
-
-func (d *delegatingListenerWatcher) OnError(err error, onDone OnDoneFunc) {
-	d.watcher.OnError(err, onDone)
+func (d *delegatingListenerWatcher) ResourceError(err error, onDone func()) {
+	d.watcher.ResourceError(err, onDone)
 }
 
-func (d *delegatingListenerWatcher) OnResourceDoesNotExist(onDone OnDoneFunc) {
-	d.watcher.OnResourceDoesNotExist(onDone)
+func (d *delegatingListenerWatcher) AmbientError(err error, onDone func()) {
+	d.watcher.AmbientError(err, onDone)
 }
 
 // WatchListener uses xDS to discover the configuration associated with the
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/resource_type.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/resource_type.go
index e14f56f781..c22c5a6a3a 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/resource_type.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/resource_type.go
@@ -52,33 +52,30 @@ type Producer interface {
 	WatchResource(rType Type, resourceName string, watcher ResourceWatcher) (cancel func())
 }
 
-// OnDoneFunc is a function to be invoked by watcher implementations upon
-// completing the processing of a callback from the xDS client. Failure to
-// invoke this callback prevents the xDS client from reading further messages
-// from the xDS server.
-type OnDoneFunc func()
-
-// ResourceWatcher wraps the callbacks to be invoked for different events
-// corresponding to the resource being watched.
+// ResourceWatcher is notified of the resource updates and errors that are
+// received by the xDS client from the management server.
+//
+// All methods contain a done parameter which should be called when processing
+// of the update has completed.  For example, if processing a resource requires
+// watching new resources, registration of those new watchers should be
+// completed before done is called, which can happen after the ResourceWatcher
+// method has returned. Failure to call done will prevent the xDS client from
+// providing future ResourceWatcher notifications.
 type ResourceWatcher interface {
-	// OnUpdate is invoked to report an update for the resource being watched.
-	// The ResourceData parameter needs to be type asserted to the appropriate
-	// type for the resource being watched.
-	OnUpdate(ResourceData, OnDoneFunc)
-
-	// OnError is invoked under different error conditions including but not
-	// limited to the following:
-	//	- authority mentioned in the resource is not found
-	//	- resource name parsing error
-	//	- resource deserialization error
-	//	- resource validation error
-	//	- ADS stream failure
-	//	- connection failure
-	OnError(error, OnDoneFunc)
-
-	// OnResourceDoesNotExist is invoked for a specific error condition where
-	// the requested resource is not found on the xDS management server.
-	OnResourceDoesNotExist(OnDoneFunc)
+	// ResourceChanged indicates a new version of the resource is available.
+	ResourceChanged(resourceData ResourceData, done func())
+
+	// ResourceError indicates an error occurred while trying to fetch or
+	// decode the associated resource. The previous version of the resource
+	// should be considered invalid.
+	ResourceError(err error, done func())
+
+	// AmbientError indicates an error occurred after a resource has been
+	// received that should not modify the use of that resource but may provide
+	// useful information about the state of the XDSClient for debugging
+	// purposes. The previous version of the resource should still be
+	// considered valid.
+	AmbientError(err error, done func())
 }
 
 // TODO: Once the implementation is complete, rename this interface as
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/route_config_resource_type.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/route_config_resource_type.go
index 98ac313288..c292b1b8ef 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/route_config_resource_type.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/route_config_resource_type.go
@@ -105,41 +105,41 @@ func (r *RouteConfigResourceData) Raw() *anypb.Any {
 }
 
 // RouteConfigWatcher wraps the callbacks to be invoked for different
-// events corresponding to the route configuration resource being watched.
+// events corresponding to the route configuration resource being watched. gRFC
+// A88 contains an exhaustive list of what method is invoked under what
+// conditions.
 type RouteConfigWatcher interface {
-	// OnUpdate is invoked to report an update for the resource being watched.
-	OnUpdate(*RouteConfigResourceData, OnDoneFunc)
-
-	// OnError is invoked under different error conditions including but not
-	// limited to the following:
-	//	- authority mentioned in the resource is not found
-	//	- resource name parsing error
-	//	- resource deserialization error
-	//	- resource validation error
-	//	- ADS stream failure
-	//	- connection failure
-	OnError(error, OnDoneFunc)
-
-	// OnResourceDoesNotExist is invoked for a specific error condition where
-	// the requested resource is not found on the xDS management server.
-	OnResourceDoesNotExist(OnDoneFunc)
+	// ResourceChanged indicates a new version of the resource is available.
+	ResourceChanged(resource *RouteConfigResourceData, done func())
+
+	// ResourceError indicates an error occurred while trying to fetch or
+	// decode the associated resource. The previous version of the resource
+	// should be considered invalid.
+	ResourceError(err error, done func())
+
+	// AmbientError indicates an error occurred after a resource has been
+	// received that should not modify the use of that resource but may provide
+	// useful information about the state of the XDSClient for debugging
+	// purposes. The previous version of the resource should still be
+	// considered valid.
+	AmbientError(err error, done func())
 }
 
 type delegatingRouteConfigWatcher struct {
 	watcher RouteConfigWatcher
 }
 
-func (d *delegatingRouteConfigWatcher) OnUpdate(data ResourceData, onDone OnDoneFunc) {
+func (d *delegatingRouteConfigWatcher) ResourceChanged(data ResourceData, onDone func()) {
 	rc := data.(*RouteConfigResourceData)
-	d.watcher.OnUpdate(rc, onDone)
+	d.watcher.ResourceChanged(rc, onDone)
 }
 
-func (d *delegatingRouteConfigWatcher) OnError(err error, onDone OnDoneFunc) {
-	d.watcher.OnError(err, onDone)
+func (d *delegatingRouteConfigWatcher) ResourceError(err error, onDone func()) {
+	d.watcher.ResourceError(err, onDone)
 }
 
-func (d *delegatingRouteConfigWatcher) OnResourceDoesNotExist(onDone OnDoneFunc) {
-	d.watcher.OnResourceDoesNotExist(onDone)
+func (d *delegatingRouteConfigWatcher) AmbientError(err error, onDone func()) {
+	d.watcher.AmbientError(err, onDone)
 }
 
 // WatchRouteConfig uses xDS to discover the configuration associated with the
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/unmarshal_eds.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/unmarshal_eds.go
index 26e16ce47a..8a7397d160 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/unmarshal_eds.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/unmarshal_eds.go
@@ -169,7 +169,7 @@ func parseEDSRespProto(m *v3endpointpb.ClusterLoadAssignment) (EndpointsUpdate,
 			Zone:    l.Zone,
 			SubZone: l.SubZone,
 		}
-		lidStr, _ := lid.ToString()
+		lidStr := lid.ToString()
 
 		// "Since an xDS configuration can place a given locality under multiple
 		// priorities, it is possible to see locality weight attributes with
diff --git a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/unmarshal_lds.go b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/unmarshal_lds.go
index 1b0d4599f1..475300cefc 100644
--- a/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/unmarshal_lds.go
+++ b/vendor/google.golang.org/grpc/xds/internal/xdsclient/xdsresource/unmarshal_lds.go
@@ -250,7 +250,7 @@ func processServerSideListener(lis *v3listenerpb.Listener) (*ListenerUpdate, err
 	if n := len(lis.ListenerFilters); n != 0 {
 		return nil, fmt.Errorf("unsupported field 'listener_filters' contains %d entries", n)
 	}
-	if useOrigDst := lis.GetUseOriginalDst(); useOrigDst != nil && useOrigDst.GetValue() {
+	if lis.GetUseOriginalDst().GetValue() {
 		return nil, errors.New("unsupported field 'use_original_dst' is present and set to true")
 	}
 	addr := lis.GetAddress()
diff --git a/vendor/k8s.io/api/admissionregistration/v1/doc.go b/vendor/k8s.io/api/admissionregistration/v1/doc.go
index ca0086188a..ec0ebb9c49 100644
--- a/vendor/k8s.io/api/admissionregistration/v1/doc.go
+++ b/vendor/k8s.io/api/admissionregistration/v1/doc.go
@@ -24,4 +24,4 @@ limitations under the License.
 // AdmissionConfiguration and AdmissionPluginConfiguration are legacy static admission plugin configuration
 // MutatingWebhookConfiguration and ValidatingWebhookConfiguration are for the
 // new dynamic admission controller configuration.
-package v1 // import "k8s.io/api/admissionregistration/v1"
+package v1
diff --git a/vendor/k8s.io/api/admissionregistration/v1alpha1/doc.go b/vendor/k8s.io/api/admissionregistration/v1alpha1/doc.go
index 98066211d8..344af9ae09 100644
--- a/vendor/k8s.io/api/admissionregistration/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/admissionregistration/v1alpha1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 // +groupName=admissionregistration.k8s.io
 
 // Package v1alpha1 is the v1alpha1 version of the API.
-package v1alpha1 // import "k8s.io/api/admissionregistration/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/api/admissionregistration/v1alpha1/generated.proto b/vendor/k8s.io/api/admissionregistration/v1alpha1/generated.proto
index 88344ce87a..d23f21cc84 100644
--- a/vendor/k8s.io/api/admissionregistration/v1alpha1/generated.proto
+++ b/vendor/k8s.io/api/admissionregistration/v1alpha1/generated.proto
@@ -272,9 +272,9 @@ message MatchResources {
   // +optional
   optional .k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector namespaceSelector = 1;
 
-  // ObjectSelector decides whether to run the validation based on if the
+  // ObjectSelector decides whether to run the policy based on if the
   // object has matching labels. objectSelector is evaluated against both
-  // the oldObject and newObject that would be sent to the cel validation, and
+  // the oldObject and newObject that would be sent to the policy's expression (CEL), and
   // is considered to match if either object matches the selector. A null
   // object (oldObject in the case of create, or newObject in the case of
   // delete) or an object that cannot have labels (like a
@@ -286,13 +286,13 @@ message MatchResources {
   // +optional
   optional .k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector objectSelector = 2;
 
-  // ResourceRules describes what operations on what resources/subresources the ValidatingAdmissionPolicy matches.
+  // ResourceRules describes what operations on what resources/subresources the admission policy matches.
   // The policy cares about an operation if it matches _any_ Rule.
   // +listType=atomic
   // +optional
   repeated NamedRuleWithOperations resourceRules = 3;
 
-  // ExcludeResourceRules describes what operations on what resources/subresources the ValidatingAdmissionPolicy should not care about.
+  // ExcludeResourceRules describes what operations on what resources/subresources the policy should not care about.
   // The exclude rules take precedence over include rules (if a resource matches both, it is excluded)
   // +listType=atomic
   // +optional
@@ -304,12 +304,13 @@ message MatchResources {
   // - Exact: match a request only if it exactly matches a specified rule.
   // For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
   // but "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
-  // a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the ValidatingAdmissionPolicy.
+  // the admission policy does not consider requests to apps/v1beta1 or extensions/v1beta1 API groups.
   //
   // - Equivalent: match a request if modifies a resource listed in rules, even via another API group or version.
   // For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
   // and "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
-  // a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the ValidatingAdmissionPolicy.
+  // the admission policy **does** consider requests made to apps/v1beta1 or extensions/v1beta1
+  // API groups. The API server translates the request to a matched resource API if necessary.
   //
   // Defaults to "Equivalent"
   // +optional
diff --git a/vendor/k8s.io/api/admissionregistration/v1alpha1/types.go b/vendor/k8s.io/api/admissionregistration/v1alpha1/types.go
index ee50fbe2d4..f183498a55 100644
--- a/vendor/k8s.io/api/admissionregistration/v1alpha1/types.go
+++ b/vendor/k8s.io/api/admissionregistration/v1alpha1/types.go
@@ -56,9 +56,9 @@ const (
 type FailurePolicyType string
 
 const (
-	// Ignore means that an error calling the webhook is ignored.
+	// Ignore means that an error calling the admission webhook or admission policy is ignored.
 	Ignore FailurePolicyType = "Ignore"
-	// Fail means that an error calling the webhook causes the admission to fail.
+	// Fail means that an error calling the admission webhook or admission policy causes resource admission to fail.
 	Fail FailurePolicyType = "Fail"
 )
 
@@ -67,9 +67,11 @@ const (
 type MatchPolicyType string
 
 const (
-	// Exact means requests should only be sent to the webhook if they exactly match a given rule.
+	// Exact means requests should only be sent to the admission webhook or admission policy if they exactly match a given rule.
 	Exact MatchPolicyType = "Exact"
-	// Equivalent means requests should be sent to the webhook if they modify a resource listed in rules via another API group or version.
+	// Equivalent means requests should be sent to the admission webhook or admission policy if they modify a resource listed
+	// in rules via an equivalent API group or version. For example, `autoscaling/v1` and `autoscaling/v2`
+	// HorizontalPodAutoscalers are equivalent: the same set of resources appear via both APIs.
 	Equivalent MatchPolicyType = "Equivalent"
 )
 
@@ -577,9 +579,9 @@ type MatchResources struct {
 	// Default to the empty LabelSelector, which matches everything.
 	// +optional
 	NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty" protobuf:"bytes,1,opt,name=namespaceSelector"`
-	// ObjectSelector decides whether to run the validation based on if the
+	// ObjectSelector decides whether to run the policy based on if the
 	// object has matching labels. objectSelector is evaluated against both
-	// the oldObject and newObject that would be sent to the cel validation, and
+	// the oldObject and newObject that would be sent to the policy's expression (CEL), and
 	// is considered to match if either object matches the selector. A null
 	// object (oldObject in the case of create, or newObject in the case of
 	// delete) or an object that cannot have labels (like a
@@ -590,12 +592,12 @@ type MatchResources struct {
 	// Default to the empty LabelSelector, which matches everything.
 	// +optional
 	ObjectSelector *metav1.LabelSelector `json:"objectSelector,omitempty" protobuf:"bytes,2,opt,name=objectSelector"`
-	// ResourceRules describes what operations on what resources/subresources the ValidatingAdmissionPolicy matches.
+	// ResourceRules describes what operations on what resources/subresources the admission policy matches.
 	// The policy cares about an operation if it matches _any_ Rule.
 	// +listType=atomic
 	// +optional
 	ResourceRules []NamedRuleWithOperations `json:"resourceRules,omitempty" protobuf:"bytes,3,rep,name=resourceRules"`
-	// ExcludeResourceRules describes what operations on what resources/subresources the ValidatingAdmissionPolicy should not care about.
+	// ExcludeResourceRules describes what operations on what resources/subresources the policy should not care about.
 	// The exclude rules take precedence over include rules (if a resource matches both, it is excluded)
 	// +listType=atomic
 	// +optional
@@ -606,12 +608,13 @@ type MatchResources struct {
 	// - Exact: match a request only if it exactly matches a specified rule.
 	// For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
 	// but "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
-	// a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the ValidatingAdmissionPolicy.
+	// the admission policy does not consider requests to apps/v1beta1 or extensions/v1beta1 API groups.
 	//
 	// - Equivalent: match a request if modifies a resource listed in rules, even via another API group or version.
 	// For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1,
 	// and "rules" only included `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]`,
-	// a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the ValidatingAdmissionPolicy.
+	// the admission policy **does** consider requests made to apps/v1beta1 or extensions/v1beta1
+	// API groups. The API server translates the request to a matched resource API if necessary.
 	//
 	// Defaults to "Equivalent"
 	// +optional
diff --git a/vendor/k8s.io/api/admissionregistration/v1alpha1/types_swagger_doc_generated.go b/vendor/k8s.io/api/admissionregistration/v1alpha1/types_swagger_doc_generated.go
index 32222a81b8..116e56e065 100644
--- a/vendor/k8s.io/api/admissionregistration/v1alpha1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/admissionregistration/v1alpha1/types_swagger_doc_generated.go
@@ -68,10 +68,10 @@ func (JSONPatch) SwaggerDoc() map[string]string {
 var map_MatchResources = map[string]string{
 	"":                     "MatchResources decides whether to run the admission control policy on an object based on whether it meets the match criteria. The exclude rules take precedence over include rules (if a resource matches both, it is excluded)",
 	"namespaceSelector":    "NamespaceSelector decides whether to run the admission control policy on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the policy.\n\nFor example, to run the webhook on any objects whose namespace is not associated with \"runlevel\" of \"0\" or \"1\";  you will set the selector as follows: \"namespaceSelector\": {\n  \"matchExpressions\": [\n    {\n      \"key\": \"runlevel\",\n      \"operator\": \"NotIn\",\n      \"values\": [\n        \"0\",\n        \"1\"\n      ]\n    }\n  ]\n}\n\nIf instead you want to only run the policy on any objects whose namespace is associated with the \"environment\" of \"prod\" or \"staging\"; you will set the selector as follows: \"namespaceSelector\": {\n  \"matchExpressions\": [\n    {\n      \"key\": \"environment\",\n      \"operator\": \"In\",\n      \"values\": [\n        \"prod\",\n        \"staging\"\n      ]\n    }\n  ]\n}\n\nSee https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ for more examples of label selectors.\n\nDefault to the empty LabelSelector, which matches everything.",
-	"objectSelector":       "ObjectSelector decides whether to run the validation based on if the object has matching labels. objectSelector is evaluated against both the oldObject and newObject that would be sent to the cel validation, and is considered to match if either object matches the selector. A null object (oldObject in the case of create, or newObject in the case of delete) or an object that cannot have labels (like a DeploymentRollback or a PodProxyOptions object) is not considered to match. Use the object selector only if the webhook is opt-in, because end users may skip the admission webhook by setting the labels. Default to the empty LabelSelector, which matches everything.",
-	"resourceRules":        "ResourceRules describes what operations on what resources/subresources the ValidatingAdmissionPolicy matches. The policy cares about an operation if it matches _any_ Rule.",
-	"excludeResourceRules": "ExcludeResourceRules describes what operations on what resources/subresources the ValidatingAdmissionPolicy should not care about. The exclude rules take precedence over include rules (if a resource matches both, it is excluded)",
-	"matchPolicy":          "matchPolicy defines how the \"MatchResources\" list is used to match incoming requests. Allowed values are \"Exact\" or \"Equivalent\".\n\n- Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but \"rules\" only included `apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources: [\"deployments\"]`, a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the ValidatingAdmissionPolicy.\n\n- Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and \"rules\" only included `apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources: [\"deployments\"]`, a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the ValidatingAdmissionPolicy.\n\nDefaults to \"Equivalent\"",
+	"objectSelector":       "ObjectSelector decides whether to run the policy based on if the object has matching labels. objectSelector is evaluated against both the oldObject and newObject that would be sent to the policy's expression (CEL), and is considered to match if either object matches the selector. A null object (oldObject in the case of create, or newObject in the case of delete) or an object that cannot have labels (like a DeploymentRollback or a PodProxyOptions object) is not considered to match. Use the object selector only if the webhook is opt-in, because end users may skip the admission webhook by setting the labels. Default to the empty LabelSelector, which matches everything.",
+	"resourceRules":        "ResourceRules describes what operations on what resources/subresources the admission policy matches. The policy cares about an operation if it matches _any_ Rule.",
+	"excludeResourceRules": "ExcludeResourceRules describes what operations on what resources/subresources the policy should not care about. The exclude rules take precedence over include rules (if a resource matches both, it is excluded)",
+	"matchPolicy":          "matchPolicy defines how the \"MatchResources\" list is used to match incoming requests. Allowed values are \"Exact\" or \"Equivalent\".\n\n- Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but \"rules\" only included `apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources: [\"deployments\"]`, the admission policy does not consider requests to apps/v1beta1 or extensions/v1beta1 API groups.\n\n- Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and \"rules\" only included `apiGroups:[\"apps\"], apiVersions:[\"v1\"], resources: [\"deployments\"]`, the admission policy **does** consider requests made to apps/v1beta1 or extensions/v1beta1 API groups. The API server translates the request to a matched resource API if necessary.\n\nDefaults to \"Equivalent\"",
 }
 
 func (MatchResources) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/admissionregistration/v1beta1/doc.go b/vendor/k8s.io/api/admissionregistration/v1beta1/doc.go
index 0095cb257a..40d8315738 100644
--- a/vendor/k8s.io/api/admissionregistration/v1beta1/doc.go
+++ b/vendor/k8s.io/api/admissionregistration/v1beta1/doc.go
@@ -24,4 +24,4 @@ limitations under the License.
 // AdmissionConfiguration and AdmissionPluginConfiguration are legacy static admission plugin configuration
 // MutatingWebhookConfiguration and ValidatingWebhookConfiguration are for the
 // new dynamic admission controller configuration.
-package v1beta1 // import "k8s.io/api/admissionregistration/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/apidiscovery/v2/doc.go b/vendor/k8s.io/api/apidiscovery/v2/doc.go
index 4f3ad5f139..f46d33e942 100644
--- a/vendor/k8s.io/api/apidiscovery/v2/doc.go
+++ b/vendor/k8s.io/api/apidiscovery/v2/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=apidiscovery.k8s.io
 
-package v2 // import "k8s.io/api/apidiscovery/v2"
+package v2
diff --git a/vendor/k8s.io/api/apidiscovery/v2beta1/doc.go b/vendor/k8s.io/api/apidiscovery/v2beta1/doc.go
index e85da226e0..d4fceab68d 100644
--- a/vendor/k8s.io/api/apidiscovery/v2beta1/doc.go
+++ b/vendor/k8s.io/api/apidiscovery/v2beta1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=apidiscovery.k8s.io
 
-package v2beta1 // import "k8s.io/api/apidiscovery/v2beta1"
+package v2beta1
diff --git a/vendor/k8s.io/api/apiserverinternal/v1alpha1/doc.go b/vendor/k8s.io/api/apiserverinternal/v1alpha1/doc.go
index a4da95d44d..867d741651 100644
--- a/vendor/k8s.io/api/apiserverinternal/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/apiserverinternal/v1alpha1/doc.go
@@ -22,4 +22,4 @@ limitations under the License.
 
 // Package v1alpha1 contains the v1alpha1 version of the API used by the
 // apiservers themselves.
-package v1alpha1 // import "k8s.io/api/apiserverinternal/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/api/apps/v1/doc.go b/vendor/k8s.io/api/apps/v1/doc.go
index d189e860f2..51fe12c53d 100644
--- a/vendor/k8s.io/api/apps/v1/doc.go
+++ b/vendor/k8s.io/api/apps/v1/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1 // import "k8s.io/api/apps/v1"
+package v1
diff --git a/vendor/k8s.io/api/apps/v1/generated.pb.go b/vendor/k8s.io/api/apps/v1/generated.pb.go
index ea62a099fe..eacc25931b 100644
--- a/vendor/k8s.io/api/apps/v1/generated.pb.go
+++ b/vendor/k8s.io/api/apps/v1/generated.pb.go
@@ -928,145 +928,147 @@ func init() {
 }
 
 var fileDescriptor_5b781835628d5338 = []byte{
-	// 2194 bytes of a gzipped FileDescriptorProto
+	// 2225 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x5a, 0xcd, 0x6f, 0x1b, 0xc7,
-	0x15, 0xd7, 0xf2, 0x43, 0xa2, 0x86, 0x96, 0x64, 0x8f, 0x54, 0x89, 0xb1, 0x1b, 0xd2, 0xdd, 0xb8,
-	0xb6, 0x12, 0xc7, 0x64, 0xed, 0x38, 0x41, 0xe0, 0x14, 0x09, 0x44, 0x2a, 0x4d, 0xd3, 0xe8, 0xab,
-	0x43, 0xcb, 0x01, 0xdc, 0xb4, 0xe8, 0x68, 0x39, 0xa6, 0x36, 0xde, 0x2f, 0xec, 0x0e, 0x15, 0x0b,
-	0xbd, 0x14, 0x05, 0x7a, 0xeb, 0xa1, 0x7f, 0x43, 0xff, 0x81, 0xa2, 0x28, 0x9a, 0x5b, 0x10, 0x04,
-	0xbd, 0xf8, 0x52, 0x20, 0xe8, 0xa5, 0x39, 0x11, 0x35, 0x73, 0x2a, 0x8a, 0xde, 0xda, 0x8b, 0x2f,
-	0x2d, 0x66, 0x76, 0xf6, 0x7b, 0x56, 0xa4, 0xe4, 0x58, 0x69, 0x82, 0xdc, 0xb8, 0x33, 0xbf, 0xf7,
-	0xdb, 0x37, 0x33, 0xef, 0xcd, 0xfb, 0xcd, 0x2c, 0x81, 0x7a, 0xff, 0x55, 0xaf, 0xa9, 0xdb, 0x2d,
-	0xec, 0xe8, 0x2d, 0xec, 0x38, 0x5e, 0xeb, 0xe0, 0x7a, 0xab, 0x4f, 0x2c, 0xe2, 0x62, 0x4a, 0x7a,
-	0x4d, 0xc7, 0xb5, 0xa9, 0x0d, 0xa1, 0x8f, 0x69, 0x62, 0x47, 0x6f, 0x32, 0x4c, 0xf3, 0xe0, 0xfa,
-	0xf9, 0x6b, 0x7d, 0x9d, 0xee, 0x0f, 0xf6, 0x9a, 0x9a, 0x6d, 0xb6, 0xfa, 0x76, 0xdf, 0x6e, 0x71,
-	0xe8, 0xde, 0xe0, 0x1e, 0x7f, 0xe2, 0x0f, 0xfc, 0x97, 0x4f, 0x71, 0x3e, 0xfe, 0x1a, 0xcd, 0x76,
-	0x89, 0xe4, 0x35, 0xe7, 0x6f, 0x46, 0x18, 0x13, 0x6b, 0xfb, 0xba, 0x45, 0xdc, 0xc3, 0x96, 0x73,
-	0xbf, 0xcf, 0x1a, 0xbc, 0x96, 0x49, 0x28, 0x96, 0x59, 0xb5, 0xf2, 0xac, 0xdc, 0x81, 0x45, 0x75,
-	0x93, 0x64, 0x0c, 0x5e, 0x19, 0x67, 0xe0, 0x69, 0xfb, 0xc4, 0xc4, 0x19, 0xbb, 0x97, 0xf2, 0xec,
-	0x06, 0x54, 0x37, 0x5a, 0xba, 0x45, 0x3d, 0xea, 0xa6, 0x8d, 0xd4, 0xff, 0x28, 0x00, 0x76, 0x6c,
-	0x8b, 0xba, 0xb6, 0x61, 0x10, 0x17, 0x91, 0x03, 0xdd, 0xd3, 0x6d, 0x0b, 0xfe, 0x1c, 0x54, 0xd8,
-	0x78, 0x7a, 0x98, 0xe2, 0x9a, 0x72, 0x51, 0x59, 0xad, 0xde, 0xf8, 0x5e, 0x33, 0x9a, 0xe4, 0x90,
-	0xbe, 0xe9, 0xdc, 0xef, 0xb3, 0x06, 0xaf, 0xc9, 0xd0, 0xcd, 0x83, 0xeb, 0xcd, 0xed, 0xbd, 0xf7,
-	0x89, 0x46, 0x37, 0x09, 0xc5, 0x6d, 0xf8, 0x70, 0xd8, 0x98, 0x1a, 0x0d, 0x1b, 0x20, 0x6a, 0x43,
-	0x21, 0x2b, 0xdc, 0x06, 0x25, 0xce, 0x5e, 0xe0, 0xec, 0xd7, 0x72, 0xd9, 0xc5, 0xa0, 0x9b, 0x08,
-	0x7f, 0xf0, 0xe6, 0x03, 0x4a, 0x2c, 0xe6, 0x5e, 0xfb, 0x8c, 0xa0, 0x2e, 0xad, 0x63, 0x8a, 0x11,
-	0x27, 0x82, 0x2f, 0x82, 0x8a, 0x2b, 0xdc, 0xaf, 0x15, 0x2f, 0x2a, 0xab, 0xc5, 0xf6, 0x59, 0x81,
-	0xaa, 0x04, 0xc3, 0x42, 0x21, 0x42, 0xfd, 0xb3, 0x02, 0x96, 0xb3, 0xe3, 0xde, 0xd0, 0x3d, 0x0a,
-	0xdf, 0xcb, 0x8c, 0xbd, 0x39, 0xd9, 0xd8, 0x99, 0x35, 0x1f, 0x79, 0xf8, 0xe2, 0xa0, 0x25, 0x36,
-	0xee, 0x77, 0x40, 0x59, 0xa7, 0xc4, 0xf4, 0x6a, 0x85, 0x8b, 0xc5, 0xd5, 0xea, 0x8d, 0xcb, 0xcd,
-	0x6c, 0xec, 0x36, 0xb3, 0x8e, 0xb5, 0xe7, 0x04, 0x65, 0xf9, 0x6d, 0x66, 0x8c, 0x7c, 0x0e, 0xf5,
-	0xbf, 0x0a, 0x98, 0x5d, 0xc7, 0xc4, 0xb4, 0xad, 0x2e, 0xa1, 0xa7, 0xb0, 0x68, 0x1d, 0x50, 0xf2,
-	0x1c, 0xa2, 0x89, 0x45, 0xfb, 0x8e, 0xcc, 0xf7, 0xd0, 0x9d, 0xae, 0x43, 0xb4, 0x68, 0xa1, 0xd8,
-	0x13, 0xe2, 0xc6, 0xf0, 0x1d, 0x30, 0xed, 0x51, 0x4c, 0x07, 0x1e, 0x5f, 0xa6, 0xea, 0x8d, 0xe7,
-	0x8e, 0xa6, 0xe1, 0xd0, 0xf6, 0xbc, 0x20, 0x9a, 0xf6, 0x9f, 0x91, 0xa0, 0x50, 0xff, 0x51, 0x00,
-	0x30, 0xc4, 0x76, 0x6c, 0xab, 0xa7, 0x53, 0x16, 0xbf, 0xb7, 0x40, 0x89, 0x1e, 0x3a, 0x84, 0x4f,
-	0xc3, 0x6c, 0xfb, 0x72, 0xe0, 0xc5, 0xed, 0x43, 0x87, 0x3c, 0x1e, 0x36, 0x96, 0xb3, 0x16, 0xac,
-	0x07, 0x71, 0x1b, 0xb8, 0x11, 0xfa, 0x57, 0xe0, 0xd6, 0x37, 0x93, 0xaf, 0x7e, 0x3c, 0x6c, 0x48,
-	0x36, 0x8b, 0x66, 0xc8, 0x94, 0x74, 0x10, 0x1e, 0x00, 0x68, 0x60, 0x8f, 0xde, 0x76, 0xb1, 0xe5,
-	0xf9, 0x6f, 0xd2, 0x4d, 0x22, 0x46, 0xfe, 0xc2, 0x64, 0xcb, 0xc3, 0x2c, 0xda, 0xe7, 0x85, 0x17,
-	0x70, 0x23, 0xc3, 0x86, 0x24, 0x6f, 0x80, 0x97, 0xc1, 0xb4, 0x4b, 0xb0, 0x67, 0x5b, 0xb5, 0x12,
-	0x1f, 0x45, 0x38, 0x81, 0x88, 0xb7, 0x22, 0xd1, 0x0b, 0x9f, 0x07, 0x33, 0x26, 0xf1, 0x3c, 0xdc,
-	0x27, 0xb5, 0x32, 0x07, 0x2e, 0x08, 0xe0, 0xcc, 0xa6, 0xdf, 0x8c, 0x82, 0x7e, 0xf5, 0x0f, 0x0a,
-	0x98, 0x0b, 0x67, 0xee, 0x14, 0x52, 0xa5, 0x9d, 0x4c, 0x95, 0x67, 0x8f, 0x8c, 0x93, 0x9c, 0x0c,
-	0xf9, 0xb8, 0x18, 0xf3, 0x99, 0x05, 0x21, 0xfc, 0x29, 0xa8, 0x78, 0xc4, 0x20, 0x1a, 0xb5, 0x5d,
-	0xe1, 0xf3, 0x4b, 0x13, 0xfa, 0x8c, 0xf7, 0x88, 0xd1, 0x15, 0xa6, 0xed, 0x33, 0xcc, 0xe9, 0xe0,
-	0x09, 0x85, 0x94, 0xf0, 0xc7, 0xa0, 0x42, 0x89, 0xe9, 0x18, 0x98, 0x12, 0x91, 0x26, 0x89, 0xf8,
-	0x66, 0xe1, 0xc2, 0xc8, 0x76, 0xec, 0xde, 0x6d, 0x01, 0xe3, 0x89, 0x12, 0xce, 0x43, 0xd0, 0x8a,
-	0x42, 0x1a, 0x78, 0x1f, 0xcc, 0x0f, 0x9c, 0x1e, 0x43, 0x52, 0xb6, 0x75, 0xf7, 0x0f, 0x45, 0xf8,
-	0x5c, 0x3d, 0x72, 0x42, 0x76, 0x13, 0x26, 0xed, 0x65, 0xf1, 0x82, 0xf9, 0x64, 0x3b, 0x4a, 0x51,
-	0xc3, 0x35, 0xb0, 0x60, 0xea, 0x16, 0x22, 0xb8, 0x77, 0xd8, 0x25, 0x9a, 0x6d, 0xf5, 0x3c, 0x1e,
-	0x40, 0xe5, 0xf6, 0x8a, 0x20, 0x58, 0xd8, 0x4c, 0x76, 0xa3, 0x34, 0x1e, 0x6e, 0x80, 0xa5, 0x60,
-	0x9f, 0xfd, 0xa1, 0xee, 0x51, 0xdb, 0x3d, 0xdc, 0xd0, 0x4d, 0x9d, 0xd6, 0xa6, 0x39, 0x4f, 0x6d,
-	0x34, 0x6c, 0x2c, 0x21, 0x49, 0x3f, 0x92, 0x5a, 0xa9, 0xbf, 0x99, 0x06, 0x0b, 0xa9, 0xdd, 0x00,
-	0xde, 0x01, 0xcb, 0xda, 0xc0, 0x75, 0x89, 0x45, 0xb7, 0x06, 0xe6, 0x1e, 0x71, 0xbb, 0xda, 0x3e,
-	0xe9, 0x0d, 0x0c, 0xd2, 0xe3, 0x2b, 0x5a, 0x6e, 0xd7, 0x85, 0xaf, 0xcb, 0x1d, 0x29, 0x0a, 0xe5,
-	0x58, 0xc3, 0x1f, 0x01, 0x68, 0xf1, 0xa6, 0x4d, 0xdd, 0xf3, 0x42, 0xce, 0x02, 0xe7, 0x0c, 0x13,
-	0x70, 0x2b, 0x83, 0x40, 0x12, 0x2b, 0xe6, 0x63, 0x8f, 0x78, 0xba, 0x4b, 0x7a, 0x69, 0x1f, 0x8b,
-	0x49, 0x1f, 0xd7, 0xa5, 0x28, 0x94, 0x63, 0x0d, 0x5f, 0x06, 0x55, 0xff, 0x6d, 0x7c, 0xce, 0xc5,
-	0xe2, 0x2c, 0x0a, 0xb2, 0xea, 0x56, 0xd4, 0x85, 0xe2, 0x38, 0x36, 0x34, 0x7b, 0xcf, 0x23, 0xee,
-	0x01, 0xe9, 0xbd, 0xe5, 0x6b, 0x00, 0x56, 0x28, 0xcb, 0xbc, 0x50, 0x86, 0x43, 0xdb, 0xce, 0x20,
-	0x90, 0xc4, 0x8a, 0x0d, 0xcd, 0x8f, 0x9a, 0xcc, 0xd0, 0xa6, 0x93, 0x43, 0xdb, 0x95, 0xa2, 0x50,
-	0x8e, 0x35, 0x8b, 0x3d, 0xdf, 0xe5, 0xb5, 0x03, 0xac, 0x1b, 0x78, 0xcf, 0x20, 0xb5, 0x99, 0x64,
-	0xec, 0x6d, 0x25, 0xbb, 0x51, 0x1a, 0x0f, 0xdf, 0x02, 0xe7, 0xfc, 0xa6, 0x5d, 0x0b, 0x87, 0x24,
-	0x15, 0x4e, 0xf2, 0x8c, 0x20, 0x39, 0xb7, 0x95, 0x06, 0xa0, 0xac, 0x0d, 0xbc, 0x05, 0xe6, 0x35,
-	0xdb, 0x30, 0x78, 0x3c, 0x76, 0xec, 0x81, 0x45, 0x6b, 0xb3, 0x9c, 0x05, 0xb2, 0x1c, 0xea, 0x24,
-	0x7a, 0x50, 0x0a, 0x09, 0xef, 0x02, 0xa0, 0x05, 0xe5, 0xc0, 0xab, 0x81, 0xfc, 0x42, 0x9f, 0xad,
-	0x43, 0x51, 0x01, 0x0e, 0x9b, 0x3c, 0x14, 0x63, 0x53, 0x3f, 0x56, 0xc0, 0x4a, 0x4e, 0x8e, 0xc3,
-	0x37, 0x12, 0x55, 0xef, 0x6a, 0xaa, 0xea, 0x5d, 0xc8, 0x31, 0x8b, 0x95, 0x3e, 0x0d, 0xcc, 0x31,
-	0xdd, 0xa1, 0x5b, 0x7d, 0x1f, 0x22, 0x76, 0xb0, 0x17, 0x64, 0xbe, 0xa3, 0x38, 0x30, 0xda, 0x86,
-	0xcf, 0x8d, 0x86, 0x8d, 0xb9, 0x44, 0x1f, 0x4a, 0x72, 0xaa, 0xbf, 0x2a, 0x00, 0xb0, 0x4e, 0x1c,
-	0xc3, 0x3e, 0x34, 0x89, 0x75, 0x1a, 0xaa, 0x65, 0x3d, 0xa1, 0x5a, 0x54, 0xe9, 0x42, 0x84, 0xfe,
-	0xe4, 0xca, 0x96, 0x8d, 0x94, 0x6c, 0xb9, 0x34, 0x86, 0xe7, 0x68, 0xdd, 0xf2, 0xb7, 0x22, 0x58,
-	0x8c, 0xc0, 0x91, 0x70, 0x79, 0x2d, 0xb1, 0x84, 0x57, 0x52, 0x4b, 0xb8, 0x22, 0x31, 0x79, 0x6a,
-	0xca, 0xe5, 0x7d, 0x30, 0xcf, 0x74, 0x85, 0xbf, 0x6a, 0x5c, 0xb5, 0x4c, 0x1f, 0x5b, 0xb5, 0x84,
-	0x55, 0x67, 0x23, 0xc1, 0x84, 0x52, 0xcc, 0x39, 0x2a, 0x69, 0xe6, 0xab, 0xa8, 0x92, 0xfe, 0xa8,
-	0x80, 0xf9, 0x68, 0x99, 0x4e, 0x41, 0x26, 0x75, 0x92, 0x32, 0xa9, 0x7e, 0x74, 0x5c, 0xe6, 0xe8,
-	0xa4, 0xbf, 0x96, 0xe2, 0x5e, 0x73, 0xa1, 0xb4, 0xca, 0x0e, 0x54, 0x8e, 0xa1, 0x6b, 0xd8, 0x13,
-	0x65, 0xf5, 0x8c, 0x7f, 0x98, 0xf2, 0xdb, 0x50, 0xd8, 0x9b, 0x90, 0x54, 0x85, 0xa7, 0x2b, 0xa9,
-	0x8a, 0x5f, 0x8c, 0xa4, 0xba, 0x0d, 0x2a, 0x5e, 0x20, 0xa6, 0x4a, 0x9c, 0xf2, 0xf2, 0xb8, 0x74,
-	0x16, 0x3a, 0x2a, 0x64, 0x0d, 0x15, 0x54, 0xc8, 0x24, 0xd3, 0x4e, 0xe5, 0x2f, 0x53, 0x3b, 0xb1,
-	0xf0, 0x76, 0xf0, 0xc0, 0x23, 0x3d, 0x9e, 0x4a, 0x95, 0x28, 0xbc, 0x77, 0x78, 0x2b, 0x12, 0xbd,
-	0x70, 0x17, 0xac, 0x38, 0xae, 0xdd, 0x77, 0x89, 0xe7, 0xad, 0x13, 0xdc, 0x33, 0x74, 0x8b, 0x04,
-	0x03, 0xf0, 0xab, 0xde, 0x85, 0xd1, 0xb0, 0xb1, 0xb2, 0x23, 0x87, 0xa0, 0x3c, 0x5b, 0xf5, 0xa3,
-	0x12, 0x38, 0x9b, 0xde, 0x11, 0x73, 0x84, 0x88, 0x72, 0x22, 0x21, 0xf2, 0x62, 0x2c, 0x44, 0x7d,
-	0x95, 0x16, 0x3b, 0xf3, 0x67, 0xc2, 0x74, 0x0d, 0x2c, 0x08, 0xe1, 0x11, 0x74, 0x0a, 0x29, 0x16,
-	0x2e, 0xcf, 0x6e, 0xb2, 0x1b, 0xa5, 0xf1, 0xf0, 0x35, 0x30, 0xe7, 0x72, 0x6d, 0x15, 0x10, 0xf8,
-	0xfa, 0xe4, 0x5b, 0x82, 0x60, 0x0e, 0xc5, 0x3b, 0x51, 0x12, 0xcb, 0xb4, 0x49, 0x24, 0x39, 0x02,
-	0x82, 0x52, 0x52, 0x9b, 0xac, 0xa5, 0x01, 0x28, 0x6b, 0x03, 0x37, 0xc1, 0xe2, 0xc0, 0xca, 0x52,
-	0xf9, 0xb1, 0x76, 0x41, 0x50, 0x2d, 0xee, 0x66, 0x21, 0x48, 0x66, 0x07, 0x7f, 0x92, 0x90, 0x2b,
-	0xd3, 0x7c, 0x17, 0xb9, 0x72, 0x74, 0x3a, 0x4c, 0xac, 0x57, 0x24, 0x3a, 0xaa, 0x32, 0xa9, 0x8e,
-	0x52, 0x3f, 0x54, 0x00, 0xcc, 0xa6, 0xe0, 0xd8, 0xc3, 0x7d, 0xc6, 0x22, 0x56, 0x22, 0x7b, 0x72,
-	0x85, 0x73, 0x75, 0xbc, 0xc2, 0x89, 0x76, 0xd0, 0xc9, 0x24, 0x8e, 0x98, 0xde, 0xd3, 0xb9, 0x98,
-	0x99, 0x40, 0xe2, 0x44, 0xfe, 0x3c, 0x99, 0xc4, 0x89, 0xf1, 0x1c, 0x2d, 0x71, 0xfe, 0x59, 0x00,
-	0x8b, 0x11, 0x78, 0x62, 0x89, 0x23, 0x31, 0xf9, 0xe6, 0x72, 0x66, 0x32, 0xd9, 0x11, 0x4d, 0xdd,
-	0xff, 0x89, 0xec, 0x88, 0x1c, 0xca, 0x91, 0x1d, 0xbf, 0x2f, 0xc4, 0xbd, 0x3e, 0xa6, 0xec, 0xf8,
-	0x02, 0xae, 0x2a, 0xbe, 0x72, 0xca, 0x45, 0xfd, 0xa4, 0x08, 0xce, 0xa6, 0x53, 0x30, 0x51, 0x07,
-	0x95, 0xb1, 0x75, 0x70, 0x07, 0x2c, 0xdd, 0x1b, 0x18, 0xc6, 0x21, 0x1f, 0x43, 0xac, 0x18, 0xfa,
-	0x15, 0xf4, 0xdb, 0xc2, 0x72, 0xe9, 0x07, 0x12, 0x0c, 0x92, 0x5a, 0x66, 0xcb, 0x62, 0xe9, 0x49,
-	0xcb, 0x62, 0xf9, 0x04, 0x65, 0x51, 0xae, 0x2c, 0x8a, 0x27, 0x52, 0x16, 0x13, 0xd7, 0x44, 0xc9,
-	0x76, 0x35, 0xf6, 0x0c, 0x3f, 0x52, 0xc0, 0xb2, 0xfc, 0xf8, 0x0c, 0x0d, 0x30, 0x6f, 0xe2, 0x07,
-	0xf1, 0xcb, 0x8b, 0x71, 0x05, 0x63, 0x40, 0x75, 0xa3, 0xe9, 0x7f, 0xdd, 0x69, 0xbe, 0x6d, 0xd1,
-	0x6d, 0xb7, 0x4b, 0x5d, 0xdd, 0xea, 0xfb, 0x05, 0x76, 0x33, 0xc1, 0x85, 0x52, 0xdc, 0xf0, 0x2e,
-	0xa8, 0x98, 0xf8, 0x41, 0x77, 0xe0, 0xf6, 0x83, 0x42, 0x78, 0xfc, 0xf7, 0xf0, 0xd8, 0xdf, 0x14,
-	0x2c, 0x28, 0xe4, 0x53, 0x3f, 0x57, 0xc0, 0x4a, 0x4e, 0x05, 0xfd, 0x1a, 0x8d, 0xf2, 0x23, 0x05,
-	0x5c, 0x4c, 0x8c, 0x92, 0x65, 0x24, 0xb9, 0x37, 0x30, 0x78, 0x72, 0x0a, 0xc1, 0x72, 0x15, 0xcc,
-	0x3a, 0xd8, 0xa5, 0x7a, 0xa8, 0x74, 0xcb, 0xed, 0xb9, 0xd1, 0xb0, 0x31, 0xbb, 0x13, 0x34, 0xa2,
-	0xa8, 0x5f, 0x32, 0x37, 0x85, 0xa7, 0x37, 0x37, 0xea, 0xaf, 0x0b, 0xa0, 0x1a, 0x73, 0xf9, 0x14,
-	0xa4, 0xca, 0x9b, 0x09, 0xa9, 0x22, 0xfd, 0xf8, 0x13, 0x9f, 0xc3, 0x3c, 0xad, 0xb2, 0x99, 0xd2,
-	0x2a, 0xdf, 0x1d, 0x47, 0x74, 0xb4, 0x58, 0xf9, 0x57, 0x01, 0x2c, 0xc5, 0xd0, 0x91, 0x5a, 0xf9,
-	0x7e, 0x42, 0xad, 0xac, 0xa6, 0xd4, 0x4a, 0x4d, 0x66, 0xf3, 0x8d, 0x5c, 0x19, 0x2f, 0x57, 0xfe,
-	0xa4, 0x80, 0x85, 0xd8, 0xdc, 0x9d, 0x82, 0x5e, 0x59, 0x4f, 0xea, 0x95, 0xc6, 0x98, 0x78, 0xc9,
-	0x11, 0x2c, 0xb7, 0xc0, 0x62, 0x0c, 0xb4, 0xed, 0xf6, 0x74, 0x0b, 0x1b, 0x1e, 0x7c, 0x0e, 0x94,
-	0x3d, 0x8a, 0x5d, 0x1a, 0x64, 0x77, 0x60, 0xdb, 0x65, 0x8d, 0xc8, 0xef, 0x53, 0xff, 0xad, 0x80,
-	0x56, 0xcc, 0x78, 0x87, 0xb8, 0x9e, 0xee, 0x51, 0x62, 0xd1, 0x3b, 0xb6, 0x31, 0x30, 0x49, 0xc7,
-	0xc0, 0xba, 0x89, 0x08, 0x6b, 0xd0, 0x6d, 0x6b, 0xc7, 0x36, 0x74, 0xed, 0x10, 0x62, 0x50, 0xfd,
-	0x60, 0x9f, 0x58, 0xeb, 0xc4, 0x20, 0x54, 0x7c, 0xde, 0x98, 0x6d, 0xbf, 0x11, 0xdc, 0xf6, 0xbf,
-	0x1b, 0x75, 0x3d, 0x1e, 0x36, 0x56, 0x27, 0x61, 0xe4, 0xc1, 0x19, 0xe7, 0x84, 0x3f, 0x03, 0x80,
-	0x3d, 0x76, 0x35, 0x1c, 0x7c, 0xec, 0x98, 0x6d, 0xbf, 0x1e, 0xa4, 0xf0, 0xbb, 0x61, 0xcf, 0xb1,
-	0x5e, 0x10, 0x63, 0x54, 0x7f, 0x57, 0x49, 0x2c, 0xf5, 0xd7, 0xfe, 0x6e, 0xe9, 0x17, 0x60, 0xe9,
-	0x20, 0x9a, 0x9d, 0x00, 0xc0, 0x34, 0x11, 0x8b, 0xbb, 0xe7, 0xa5, 0xf4, 0xb2, 0x79, 0x8d, 0x94,
-	0xd8, 0x1d, 0x09, 0x1d, 0x92, 0xbe, 0x04, 0xbe, 0x0c, 0xaa, 0x4c, 0xcb, 0xe8, 0x1a, 0xd9, 0xc2,
-	0x66, 0x90, 0x86, 0xe1, 0xd7, 0xa1, 0x6e, 0xd4, 0x85, 0xe2, 0x38, 0xb8, 0x0f, 0x16, 0x1d, 0xbb,
-	0xb7, 0x89, 0x2d, 0xdc, 0x27, 0xac, 0x42, 0xfb, 0x4b, 0xc9, 0x6f, 0x9d, 0x66, 0xdb, 0xaf, 0x04,
-	0x37, 0x0a, 0x3b, 0x59, 0x08, 0x3b, 0xb1, 0x49, 0x9a, 0x79, 0x10, 0xc8, 0x28, 0xa1, 0x99, 0xf9,
-	0x98, 0x39, 0x93, 0xf9, 0x07, 0x88, 0x2c, 0x1f, 0x4f, 0xf8, 0x39, 0x33, 0xef, 0x3e, 0xad, 0x72,
-	0xa2, 0xfb, 0x34, 0xc9, 0x89, 0x63, 0xf6, 0x98, 0x27, 0x8e, 0x4f, 0x14, 0x70, 0xc9, 0x99, 0x20,
-	0x8d, 0x6a, 0x80, 0x4f, 0x4b, 0x67, 0xcc, 0xb4, 0x4c, 0x92, 0x91, 0xed, 0xd5, 0xd1, 0xb0, 0x71,
-	0x69, 0x12, 0x24, 0x9a, 0xc8, 0x35, 0x96, 0x34, 0xb6, 0xd8, 0xf9, 0x6a, 0x55, 0xee, 0xe6, 0x95,
-	0x31, 0x6e, 0x06, 0x1b, 0xa5, 0x9f, 0x87, 0xc1, 0x13, 0x0a, 0x69, 0xd4, 0x0f, 0xcb, 0xe0, 0x5c,
-	0xa6, 0x5a, 0x7f, 0x89, 0x77, 0x85, 0x99, 0x13, 0x4d, 0xf1, 0x18, 0x27, 0x9a, 0x35, 0xb0, 0x20,
-	0x3e, 0x30, 0xa7, 0x0e, 0x44, 0x61, 0x98, 0x74, 0x92, 0xdd, 0x28, 0x8d, 0x97, 0xdd, 0x55, 0x96,
-	0x8f, 0x79, 0x57, 0x19, 0xf7, 0x42, 0xfc, 0x2f, 0xca, 0xcf, 0xe7, 0xac, 0x17, 0xe2, 0xef, 0x51,
-	0x69, 0x3c, 0x7c, 0x3d, 0x48, 0xd6, 0x90, 0x61, 0x86, 0x33, 0xa4, 0xb2, 0x2f, 0x24, 0x48, 0xa1,
-	0x9f, 0xe8, 0x23, 0xea, 0x7b, 0x92, 0x8f, 0xa8, 0xab, 0x63, 0xc2, 0x6c, 0xf2, 0x6b, 0x49, 0xe9,
-	0xa1, 0xb3, 0x7a, 0xfc, 0x43, 0xa7, 0xfa, 0x17, 0x05, 0x3c, 0x93, 0xbb, 0x4d, 0xc1, 0xb5, 0x84,
-	0x7a, 0xbc, 0x96, 0x52, 0x8f, 0xcf, 0xe6, 0x1a, 0xc6, 0x24, 0xa4, 0x29, 0xbf, 0xb1, 0xbc, 0x39,
-	0xf6, 0xc6, 0x52, 0x72, 0x12, 0x19, 0x7f, 0x75, 0xd9, 0x7e, 0xf5, 0xe1, 0xa3, 0xfa, 0xd4, 0xa7,
-	0x8f, 0xea, 0x53, 0x9f, 0x3d, 0xaa, 0x4f, 0xfd, 0x72, 0x54, 0x57, 0x1e, 0x8e, 0xea, 0xca, 0xa7,
-	0xa3, 0xba, 0xf2, 0xd9, 0xa8, 0xae, 0xfc, 0x7d, 0x54, 0x57, 0x7e, 0xfb, 0x79, 0x7d, 0xea, 0x2e,
-	0xcc, 0xfe, 0x2b, 0xf3, 0x7f, 0x01, 0x00, 0x00, 0xff, 0xff, 0xd3, 0xfa, 0xed, 0x70, 0xaa, 0x29,
-	0x00, 0x00,
+	0x15, 0xd7, 0x52, 0xa4, 0x44, 0x0d, 0x2d, 0xc9, 0x1e, 0xa9, 0x12, 0x63, 0x37, 0xa4, 0xbb, 0x71,
+	0x6d, 0x25, 0x8e, 0xc9, 0xda, 0x71, 0x82, 0xc0, 0x29, 0x12, 0x88, 0x54, 0x9a, 0xba, 0xd1, 0x57,
+	0x87, 0x92, 0x03, 0xb8, 0x69, 0xd1, 0xd1, 0x72, 0x4c, 0x6d, 0xbc, 0x5f, 0xd8, 0x1d, 0x2a, 0x16,
+	0x7a, 0x29, 0x0a, 0x14, 0xe8, 0x21, 0x87, 0xfe, 0x0d, 0xfd, 0x07, 0x8a, 0xa2, 0x68, 0x6e, 0x45,
+	0x50, 0xf4, 0xe2, 0x4b, 0x81, 0xa0, 0x97, 0xe6, 0x44, 0xd4, 0xcc, 0xa9, 0x28, 0x7a, 0x6b, 0x2f,
+	0xbe, 0xb4, 0x98, 0xd9, 0xd9, 0xef, 0x59, 0x91, 0x92, 0x63, 0xa5, 0x09, 0x7c, 0xe3, 0xce, 0x7b,
+	0xef, 0x37, 0x6f, 0x66, 0xde, 0x9b, 0xf7, 0x9b, 0x19, 0x02, 0xf5, 0xfe, 0xeb, 0x5e, 0x43, 0xb7,
+	0x9b, 0xd8, 0xd1, 0x9b, 0xd8, 0x71, 0xbc, 0xe6, 0xc1, 0xf5, 0x66, 0x8f, 0x58, 0xc4, 0xc5, 0x94,
+	0x74, 0x1b, 0x8e, 0x6b, 0x53, 0x1b, 0x42, 0x5f, 0xa7, 0x81, 0x1d, 0xbd, 0xc1, 0x74, 0x1a, 0x07,
+	0xd7, 0xcf, 0x5f, 0xeb, 0xe9, 0x74, 0xbf, 0xbf, 0xd7, 0xd0, 0x6c, 0xb3, 0xd9, 0xb3, 0x7b, 0x76,
+	0x93, 0xab, 0xee, 0xf5, 0xef, 0xf1, 0x2f, 0xfe, 0xc1, 0x7f, 0xf9, 0x10, 0xe7, 0xe3, 0xdd, 0x68,
+	0xb6, 0x4b, 0x24, 0xdd, 0x9c, 0xbf, 0x19, 0xe9, 0x98, 0x58, 0xdb, 0xd7, 0x2d, 0xe2, 0x1e, 0x36,
+	0x9d, 0xfb, 0x3d, 0xd6, 0xe0, 0x35, 0x4d, 0x42, 0xb1, 0xcc, 0xaa, 0x99, 0x67, 0xe5, 0xf6, 0x2d,
+	0xaa, 0x9b, 0x24, 0x63, 0xf0, 0xda, 0x28, 0x03, 0x4f, 0xdb, 0x27, 0x26, 0xce, 0xd8, 0xbd, 0x92,
+	0x67, 0xd7, 0xa7, 0xba, 0xd1, 0xd4, 0x2d, 0xea, 0x51, 0x37, 0x6d, 0xa4, 0xfe, 0x47, 0x01, 0xb0,
+	0x6d, 0x5b, 0xd4, 0xb5, 0x0d, 0x83, 0xb8, 0x88, 0x1c, 0xe8, 0x9e, 0x6e, 0x5b, 0xf0, 0xa7, 0xa0,
+	0xcc, 0xc6, 0xd3, 0xc5, 0x14, 0x57, 0x95, 0x8b, 0xca, 0x4a, 0xe5, 0xc6, 0x77, 0x1a, 0xd1, 0x24,
+	0x87, 0xf0, 0x0d, 0xe7, 0x7e, 0x8f, 0x35, 0x78, 0x0d, 0xa6, 0xdd, 0x38, 0xb8, 0xde, 0xd8, 0xda,
+	0xfb, 0x80, 0x68, 0x74, 0x83, 0x50, 0xdc, 0x82, 0x0f, 0x07, 0xf5, 0x89, 0xe1, 0xa0, 0x0e, 0xa2,
+	0x36, 0x14, 0xa2, 0xc2, 0x2d, 0x50, 0xe4, 0xe8, 0x05, 0x8e, 0x7e, 0x2d, 0x17, 0x5d, 0x0c, 0xba,
+	0x81, 0xf0, 0x87, 0x6f, 0x3f, 0xa0, 0xc4, 0x62, 0xee, 0xb5, 0xce, 0x08, 0xe8, 0xe2, 0x1a, 0xa6,
+	0x18, 0x71, 0x20, 0xf8, 0x32, 0x28, 0xbb, 0xc2, 0xfd, 0xea, 0xe4, 0x45, 0x65, 0x65, 0xb2, 0x75,
+	0x56, 0x68, 0x95, 0x83, 0x61, 0xa1, 0x50, 0x43, 0xfd, 0xb3, 0x02, 0x96, 0xb2, 0xe3, 0x5e, 0xd7,
+	0x3d, 0x0a, 0xdf, 0xcf, 0x8c, 0xbd, 0x31, 0xde, 0xd8, 0x99, 0x35, 0x1f, 0x79, 0xd8, 0x71, 0xd0,
+	0x12, 0x1b, 0xf7, 0xbb, 0xa0, 0xa4, 0x53, 0x62, 0x7a, 0xd5, 0xc2, 0xc5, 0xc9, 0x95, 0xca, 0x8d,
+	0xcb, 0x8d, 0x6c, 0xec, 0x36, 0xb2, 0x8e, 0xb5, 0x66, 0x05, 0x64, 0xe9, 0x36, 0x33, 0x46, 0x3e,
+	0x86, 0xfa, 0x5f, 0x05, 0xcc, 0xac, 0x61, 0x62, 0xda, 0x56, 0x87, 0xd0, 0x53, 0x58, 0xb4, 0x36,
+	0x28, 0x7a, 0x0e, 0xd1, 0xc4, 0xa2, 0x7d, 0x4b, 0xe6, 0x7b, 0xe8, 0x4e, 0xc7, 0x21, 0x5a, 0xb4,
+	0x50, 0xec, 0x0b, 0x71, 0x63, 0xf8, 0x2e, 0x98, 0xf2, 0x28, 0xa6, 0x7d, 0x8f, 0x2f, 0x53, 0xe5,
+	0xc6, 0x0b, 0x47, 0xc3, 0x70, 0xd5, 0xd6, 0x9c, 0x00, 0x9a, 0xf2, 0xbf, 0x91, 0x80, 0x50, 0xff,
+	0x51, 0x00, 0x30, 0xd4, 0x6d, 0xdb, 0x56, 0x57, 0xa7, 0x2c, 0x7e, 0x6f, 0x81, 0x22, 0x3d, 0x74,
+	0x08, 0x9f, 0x86, 0x99, 0xd6, 0xe5, 0xc0, 0x8b, 0x9d, 0x43, 0x87, 0x3c, 0x1e, 0xd4, 0x97, 0xb2,
+	0x16, 0x4c, 0x82, 0xb8, 0x0d, 0x5c, 0x0f, 0xfd, 0x2b, 0x70, 0xeb, 0x9b, 0xc9, 0xae, 0x1f, 0x0f,
+	0xea, 0x92, 0xcd, 0xa2, 0x11, 0x22, 0x25, 0x1d, 0x84, 0x07, 0x00, 0x1a, 0xd8, 0xa3, 0x3b, 0x2e,
+	0xb6, 0x3c, 0xbf, 0x27, 0xdd, 0x24, 0x62, 0xe4, 0x2f, 0x8d, 0xb7, 0x3c, 0xcc, 0xa2, 0x75, 0x5e,
+	0x78, 0x01, 0xd7, 0x33, 0x68, 0x48, 0xd2, 0x03, 0xbc, 0x0c, 0xa6, 0x5c, 0x82, 0x3d, 0xdb, 0xaa,
+	0x16, 0xf9, 0x28, 0xc2, 0x09, 0x44, 0xbc, 0x15, 0x09, 0x29, 0x7c, 0x11, 0x4c, 0x9b, 0xc4, 0xf3,
+	0x70, 0x8f, 0x54, 0x4b, 0x5c, 0x71, 0x5e, 0x28, 0x4e, 0x6f, 0xf8, 0xcd, 0x28, 0x90, 0xab, 0xbf,
+	0x53, 0xc0, 0x6c, 0x38, 0x73, 0xa7, 0x90, 0x2a, 0xad, 0x64, 0xaa, 0x3c, 0x7f, 0x64, 0x9c, 0xe4,
+	0x64, 0xc8, 0x27, 0x93, 0x31, 0x9f, 0x59, 0x10, 0xc2, 0x1f, 0x83, 0xb2, 0x47, 0x0c, 0xa2, 0x51,
+	0xdb, 0x15, 0x3e, 0xbf, 0x32, 0xa6, 0xcf, 0x78, 0x8f, 0x18, 0x1d, 0x61, 0xda, 0x3a, 0xc3, 0x9c,
+	0x0e, 0xbe, 0x50, 0x08, 0x09, 0x7f, 0x08, 0xca, 0x94, 0x98, 0x8e, 0x81, 0x29, 0x11, 0x69, 0x92,
+	0x88, 0x6f, 0x16, 0x2e, 0x0c, 0x6c, 0xdb, 0xee, 0xee, 0x08, 0x35, 0x9e, 0x28, 0xe1, 0x3c, 0x04,
+	0xad, 0x28, 0x84, 0x81, 0xf7, 0xc1, 0x5c, 0xdf, 0xe9, 0x32, 0x4d, 0xca, 0xb6, 0xee, 0xde, 0xa1,
+	0x08, 0x9f, 0xab, 0x47, 0x4e, 0xc8, 0x6e, 0xc2, 0xa4, 0xb5, 0x24, 0x3a, 0x98, 0x4b, 0xb6, 0xa3,
+	0x14, 0x34, 0x5c, 0x05, 0xf3, 0xa6, 0x6e, 0x21, 0x82, 0xbb, 0x87, 0x1d, 0xa2, 0xd9, 0x56, 0xd7,
+	0xe3, 0x01, 0x54, 0x6a, 0x2d, 0x0b, 0x80, 0xf9, 0x8d, 0xa4, 0x18, 0xa5, 0xf5, 0xe1, 0x3a, 0x58,
+	0x0c, 0xf6, 0xd9, 0xef, 0xeb, 0x1e, 0xb5, 0xdd, 0xc3, 0x75, 0xdd, 0xd4, 0x69, 0x75, 0x8a, 0xe3,
+	0x54, 0x87, 0x83, 0xfa, 0x22, 0x92, 0xc8, 0x91, 0xd4, 0x4a, 0xfd, 0x68, 0x0a, 0xcc, 0xa7, 0x76,
+	0x03, 0x78, 0x07, 0x2c, 0x69, 0x7d, 0xd7, 0x25, 0x16, 0xdd, 0xec, 0x9b, 0x7b, 0xc4, 0xed, 0x68,
+	0xfb, 0xa4, 0xdb, 0x37, 0x48, 0x97, 0xaf, 0x68, 0xa9, 0x55, 0x13, 0xbe, 0x2e, 0xb5, 0xa5, 0x5a,
+	0x28, 0xc7, 0x1a, 0xfe, 0x00, 0x40, 0x8b, 0x37, 0x6d, 0xe8, 0x9e, 0x17, 0x62, 0x16, 0x38, 0x66,
+	0x98, 0x80, 0x9b, 0x19, 0x0d, 0x24, 0xb1, 0x62, 0x3e, 0x76, 0x89, 0xa7, 0xbb, 0xa4, 0x9b, 0xf6,
+	0x71, 0x32, 0xe9, 0xe3, 0x9a, 0x54, 0x0b, 0xe5, 0x58, 0xc3, 0x57, 0x41, 0xc5, 0xef, 0x8d, 0xcf,
+	0xb9, 0x58, 0x9c, 0x05, 0x01, 0x56, 0xd9, 0x8c, 0x44, 0x28, 0xae, 0xc7, 0x86, 0x66, 0xef, 0x79,
+	0xc4, 0x3d, 0x20, 0xdd, 0x77, 0x7c, 0x0e, 0xc0, 0x0a, 0x65, 0x89, 0x17, 0xca, 0x70, 0x68, 0x5b,
+	0x19, 0x0d, 0x24, 0xb1, 0x62, 0x43, 0xf3, 0xa3, 0x26, 0x33, 0xb4, 0xa9, 0xe4, 0xd0, 0x76, 0xa5,
+	0x5a, 0x28, 0xc7, 0x9a, 0xc5, 0x9e, 0xef, 0xf2, 0xea, 0x01, 0xd6, 0x0d, 0xbc, 0x67, 0x90, 0xea,
+	0x74, 0x32, 0xf6, 0x36, 0x93, 0x62, 0x94, 0xd6, 0x87, 0xef, 0x80, 0x73, 0x7e, 0xd3, 0xae, 0x85,
+	0x43, 0x90, 0x32, 0x07, 0x79, 0x4e, 0x80, 0x9c, 0xdb, 0x4c, 0x2b, 0xa0, 0xac, 0x0d, 0xbc, 0x05,
+	0xe6, 0x34, 0xdb, 0x30, 0x78, 0x3c, 0xb6, 0xed, 0xbe, 0x45, 0xab, 0x33, 0x1c, 0x05, 0xb2, 0x1c,
+	0x6a, 0x27, 0x24, 0x28, 0xa5, 0x09, 0xef, 0x02, 0xa0, 0x05, 0xe5, 0xc0, 0xab, 0x82, 0xfc, 0x42,
+	0x9f, 0xad, 0x43, 0x51, 0x01, 0x0e, 0x9b, 0x3c, 0x14, 0x43, 0x53, 0x3f, 0x51, 0xc0, 0x72, 0x4e,
+	0x8e, 0xc3, 0xb7, 0x12, 0x55, 0xef, 0x6a, 0xaa, 0xea, 0x5d, 0xc8, 0x31, 0x8b, 0x95, 0x3e, 0x0d,
+	0xcc, 0x32, 0xde, 0xa1, 0x5b, 0x3d, 0x5f, 0x45, 0xec, 0x60, 0x2f, 0xc9, 0x7c, 0x47, 0x71, 0xc5,
+	0x68, 0x1b, 0x3e, 0x37, 0x1c, 0xd4, 0x67, 0x13, 0x32, 0x94, 0xc4, 0x54, 0x7f, 0x51, 0x00, 0x60,
+	0x8d, 0x38, 0x86, 0x7d, 0x68, 0x12, 0xeb, 0x34, 0x58, 0xcb, 0x5a, 0x82, 0xb5, 0xa8, 0xd2, 0x85,
+	0x08, 0xfd, 0xc9, 0xa5, 0x2d, 0xeb, 0x29, 0xda, 0x72, 0x69, 0x04, 0xce, 0xd1, 0xbc, 0xe5, 0x6f,
+	0x93, 0x60, 0x21, 0x52, 0x8e, 0x88, 0xcb, 0x1b, 0x89, 0x25, 0xbc, 0x92, 0x5a, 0xc2, 0x65, 0x89,
+	0xc9, 0x53, 0x63, 0x2e, 0x1f, 0x80, 0x39, 0xc6, 0x2b, 0xfc, 0x55, 0xe3, 0xac, 0x65, 0xea, 0xd8,
+	0xac, 0x25, 0xac, 0x3a, 0xeb, 0x09, 0x24, 0x94, 0x42, 0xce, 0x61, 0x49, 0xd3, 0x5f, 0x45, 0x96,
+	0xf4, 0x7b, 0x05, 0xcc, 0x45, 0xcb, 0x74, 0x0a, 0x34, 0xa9, 0x9d, 0xa4, 0x49, 0xb5, 0xa3, 0xe3,
+	0x32, 0x87, 0x27, 0xfd, 0xb5, 0x18, 0xf7, 0x9a, 0x13, 0xa5, 0x15, 0x76, 0xa0, 0x72, 0x0c, 0x5d,
+	0xc3, 0x9e, 0x28, 0xab, 0x67, 0xfc, 0xc3, 0x94, 0xdf, 0x86, 0x42, 0x69, 0x82, 0x52, 0x15, 0x9e,
+	0x2e, 0xa5, 0x9a, 0xfc, 0x62, 0x28, 0xd5, 0x0e, 0x28, 0x7b, 0x01, 0x99, 0x2a, 0x72, 0xc8, 0xcb,
+	0xa3, 0xd2, 0x59, 0xf0, 0xa8, 0x10, 0x35, 0x64, 0x50, 0x21, 0x92, 0x8c, 0x3b, 0x95, 0xbe, 0x4c,
+	0xee, 0xc4, 0xc2, 0xdb, 0xc1, 0x7d, 0x8f, 0x74, 0x79, 0x2a, 0x95, 0xa3, 0xf0, 0xde, 0xe6, 0xad,
+	0x48, 0x48, 0xe1, 0x2e, 0x58, 0x76, 0x5c, 0xbb, 0xe7, 0x12, 0xcf, 0x5b, 0x23, 0xb8, 0x6b, 0xe8,
+	0x16, 0x09, 0x06, 0xe0, 0x57, 0xbd, 0x0b, 0xc3, 0x41, 0x7d, 0x79, 0x5b, 0xae, 0x82, 0xf2, 0x6c,
+	0xd5, 0x5f, 0x95, 0xc0, 0xd9, 0xf4, 0x8e, 0x98, 0x43, 0x44, 0x94, 0x13, 0x11, 0x91, 0x97, 0x63,
+	0x21, 0xea, 0xb3, 0xb4, 0xd8, 0x99, 0x3f, 0x13, 0xa6, 0xab, 0x60, 0x5e, 0x10, 0x8f, 0x40, 0x28,
+	0xa8, 0x58, 0xb8, 0x3c, 0xbb, 0x49, 0x31, 0x4a, 0xeb, 0xc3, 0x37, 0xc0, 0xac, 0xcb, 0xb9, 0x55,
+	0x00, 0xe0, 0xf3, 0x93, 0x6f, 0x08, 0x80, 0x59, 0x14, 0x17, 0xa2, 0xa4, 0x2e, 0xe3, 0x26, 0x11,
+	0xe5, 0x08, 0x00, 0x8a, 0x49, 0x6e, 0xb2, 0x9a, 0x56, 0x40, 0x59, 0x1b, 0xb8, 0x01, 0x16, 0xfa,
+	0x56, 0x16, 0xca, 0x8f, 0xb5, 0x0b, 0x02, 0x6a, 0x61, 0x37, 0xab, 0x82, 0x64, 0x76, 0xf0, 0x36,
+	0x58, 0xa0, 0xc4, 0x35, 0x75, 0x0b, 0x53, 0xdd, 0xea, 0x85, 0x70, 0xfe, 0xca, 0x2f, 0x33, 0xa8,
+	0x9d, 0xac, 0x18, 0xc9, 0x6c, 0xe0, 0x8f, 0x12, 0xcc, 0x67, 0x8a, 0x6f, 0x48, 0x57, 0x8e, 0xce,
+	0xac, 0xb1, 0xa9, 0x8f, 0x84, 0x92, 0x95, 0xc7, 0xa5, 0x64, 0xea, 0xc7, 0x0a, 0x80, 0xd9, 0x6c,
+	0x1e, 0x79, 0x4f, 0x90, 0xb1, 0x88, 0x55, 0xdb, 0xae, 0x9c, 0x2c, 0x5d, 0x1d, 0x4d, 0x96, 0xa2,
+	0xcd, 0x78, 0x3c, 0xb6, 0x24, 0xa6, 0xf7, 0x74, 0xee, 0x78, 0xc6, 0x60, 0x4b, 0x91, 0x3f, 0x4f,
+	0xc6, 0x96, 0x62, 0x38, 0x47, 0xb3, 0xa5, 0x7f, 0x16, 0xc0, 0x42, 0xa4, 0x3c, 0x36, 0x5b, 0x92,
+	0x98, 0x3c, 0xbb, 0xe7, 0x19, 0x8f, 0xc1, 0x44, 0x53, 0xf7, 0x7f, 0xc2, 0x60, 0x22, 0x87, 0x72,
+	0x18, 0xcc, 0x6f, 0x0b, 0x71, 0xaf, 0x8f, 0xc9, 0x60, 0xbe, 0x80, 0x5b, 0x8f, 0xaf, 0x1c, 0x09,
+	0x52, 0x3f, 0x2a, 0x82, 0xb3, 0xe9, 0x14, 0x4c, 0x94, 0x54, 0x65, 0x64, 0x49, 0xdd, 0x06, 0x8b,
+	0xf7, 0xfa, 0x86, 0x71, 0xc8, 0xc7, 0x10, 0xab, 0xab, 0x7e, 0x31, 0xfe, 0xa6, 0xb0, 0x5c, 0xfc,
+	0x9e, 0x44, 0x07, 0x49, 0x2d, 0xb3, 0x15, 0xb6, 0xf8, 0xa4, 0x15, 0xb6, 0x74, 0x82, 0x0a, 0x9b,
+	0x53, 0x12, 0xa7, 0x4f, 0x50, 0x12, 0xe5, 0x7c, 0x67, 0xf2, 0x44, 0x7c, 0x67, 0xec, 0xf2, 0x2a,
+	0xd9, 0xf9, 0x46, 0xde, 0x2c, 0x0c, 0x15, 0xb0, 0x24, 0x3f, 0xd4, 0x43, 0x03, 0xcc, 0x99, 0xf8,
+	0x41, 0xfc, 0x4a, 0x65, 0x54, 0xed, 0xe9, 0x53, 0xdd, 0x68, 0xf8, 0x6f, 0x4e, 0x8d, 0xdb, 0x16,
+	0xdd, 0x72, 0x3b, 0xd4, 0xd5, 0xad, 0x9e, 0x5f, 0xab, 0x37, 0x12, 0x58, 0x28, 0x85, 0x0d, 0xef,
+	0x82, 0xb2, 0x89, 0x1f, 0x74, 0xfa, 0x6e, 0x2f, 0xa8, 0xa9, 0xc7, 0xef, 0x87, 0xa7, 0xd1, 0x86,
+	0x40, 0x41, 0x21, 0x9e, 0xfa, 0xb9, 0x02, 0x96, 0x73, 0x8a, 0xf1, 0xd7, 0x68, 0x94, 0x7f, 0x54,
+	0xc0, 0xc5, 0xc4, 0x28, 0x59, 0x72, 0x93, 0x7b, 0x7d, 0x83, 0xe7, 0xb9, 0xe0, 0x3e, 0x57, 0xc1,
+	0x8c, 0x83, 0x5d, 0xaa, 0x87, 0xfc, 0xbb, 0xd4, 0x9a, 0x1d, 0x0e, 0xea, 0x33, 0xdb, 0x41, 0x23,
+	0x8a, 0xe4, 0x92, 0xb9, 0x29, 0x3c, 0xbd, 0xb9, 0x51, 0x7f, 0x59, 0x00, 0x95, 0x98, 0xcb, 0xa7,
+	0xc0, 0x7a, 0xde, 0x4e, 0xb0, 0x1e, 0xe9, 0x93, 0x54, 0x7c, 0x0e, 0xf3, 0x68, 0xcf, 0x46, 0x8a,
+	0xf6, 0x7c, 0x7b, 0x14, 0xd0, 0xd1, 0xbc, 0xe7, 0x5f, 0x05, 0xb0, 0x18, 0xd3, 0x8e, 0x88, 0xcf,
+	0x77, 0x13, 0xc4, 0x67, 0x25, 0x45, 0x7c, 0xaa, 0x32, 0x9b, 0x67, 0xcc, 0x67, 0x34, 0xf3, 0xf9,
+	0x83, 0x02, 0xe6, 0x63, 0x73, 0x77, 0x0a, 0xd4, 0x67, 0x2d, 0x49, 0x7d, 0xea, 0x23, 0xe2, 0x25,
+	0x87, 0xfb, 0xdc, 0x02, 0x0b, 0x31, 0xa5, 0x2d, 0xb7, 0xab, 0x5b, 0xd8, 0xf0, 0xe0, 0x0b, 0xa0,
+	0xe4, 0x51, 0xec, 0xd2, 0x20, 0xbb, 0x03, 0xdb, 0x0e, 0x6b, 0x44, 0xbe, 0x4c, 0xfd, 0xb7, 0x02,
+	0x9a, 0x31, 0xe3, 0x6d, 0xe2, 0x7a, 0xba, 0x47, 0x89, 0x45, 0xef, 0xd8, 0x46, 0xdf, 0x24, 0x6d,
+	0x03, 0xeb, 0x26, 0x22, 0xac, 0x41, 0xb7, 0xad, 0x6d, 0xdb, 0xd0, 0xb5, 0x43, 0x88, 0x41, 0xe5,
+	0xc3, 0x7d, 0x62, 0xad, 0x11, 0x83, 0x50, 0xf1, 0xe8, 0x32, 0xd3, 0x7a, 0x2b, 0x78, 0x83, 0x78,
+	0x2f, 0x12, 0x3d, 0x1e, 0xd4, 0x57, 0xc6, 0x41, 0xe4, 0xc1, 0x19, 0xc7, 0x84, 0x3f, 0x01, 0x80,
+	0x7d, 0x76, 0x34, 0x1c, 0x3c, 0xc1, 0xcc, 0xb4, 0xde, 0x0c, 0x52, 0xf8, 0xbd, 0x50, 0x72, 0xac,
+	0x0e, 0x62, 0x88, 0xea, 0x6f, 0xca, 0x89, 0xa5, 0xfe, 0xda, 0xdf, 0x78, 0xfd, 0x0c, 0x2c, 0x1e,
+	0x44, 0xb3, 0x13, 0x28, 0x30, 0x7a, 0xc5, 0xe2, 0xee, 0x45, 0x29, 0xbc, 0x6c, 0x5e, 0x23, 0x52,
+	0x77, 0x47, 0x02, 0x87, 0xa4, 0x9d, 0xc0, 0x57, 0x41, 0x85, 0x71, 0x19, 0x5d, 0x23, 0x9b, 0xd8,
+	0x0c, 0xd2, 0x30, 0x7c, 0xb3, 0xea, 0x44, 0x22, 0x14, 0xd7, 0x83, 0xfb, 0x60, 0xc1, 0xb1, 0xbb,
+	0x1b, 0xd8, 0xc2, 0x3d, 0xc2, 0x2a, 0xb4, 0xbf, 0x94, 0xfc, 0x2e, 0x6c, 0xa6, 0xf5, 0x5a, 0x70,
+	0xcf, 0xb1, 0x9d, 0x55, 0x61, 0x87, 0x3f, 0x49, 0x33, 0x0f, 0x02, 0x19, 0x24, 0x34, 0x33, 0x4f,
+	0xac, 0xd3, 0x99, 0xff, 0xa5, 0xc8, 0xf2, 0xf1, 0x84, 0x8f, 0xac, 0x79, 0xb7, 0x7c, 0xe5, 0x13,
+	0xdd, 0xf2, 0x49, 0x0e, 0x2f, 0x33, 0xc7, 0x3c, 0xbc, 0xfc, 0x49, 0x01, 0x97, 0x9c, 0x31, 0xd2,
+	0xa8, 0x0a, 0xf8, 0xb4, 0xb4, 0x47, 0x4c, 0xcb, 0x38, 0x19, 0xd9, 0x5a, 0x19, 0x0e, 0xea, 0x97,
+	0xc6, 0xd1, 0x44, 0x63, 0xb9, 0xc6, 0x92, 0xc6, 0x16, 0x3b, 0x5f, 0xb5, 0xc2, 0xdd, 0xbc, 0x32,
+	0xc2, 0xcd, 0x60, 0xa3, 0xf4, 0xf3, 0x30, 0xf8, 0x42, 0x21, 0x8c, 0xfa, 0x71, 0x09, 0x9c, 0xcb,
+	0x54, 0xeb, 0x2f, 0xf1, 0x06, 0x33, 0x73, 0x38, 0x9a, 0x3c, 0xc6, 0xe1, 0x68, 0x15, 0xcc, 0x8b,
+	0x67, 0xef, 0xd4, 0xd9, 0x2a, 0x0c, 0x93, 0x76, 0x52, 0x8c, 0xd2, 0xfa, 0xb2, 0x1b, 0xd4, 0xd2,
+	0x31, 0x6f, 0x50, 0xe3, 0x5e, 0x88, 0x7f, 0x6b, 0xf9, 0xf9, 0x9c, 0xf5, 0x42, 0xfc, 0x69, 0x2b,
+	0xad, 0x0f, 0xdf, 0x0c, 0x92, 0x35, 0x44, 0x98, 0xe6, 0x08, 0xa9, 0xec, 0x0b, 0x01, 0x52, 0xda,
+	0x4f, 0xf4, 0xb4, 0xfb, 0xbe, 0xe4, 0x69, 0x77, 0x65, 0x44, 0x98, 0x8d, 0x7f, 0xc3, 0x29, 0x3d,
+	0xbf, 0x56, 0x8e, 0x7f, 0x7e, 0x55, 0xff, 0xa2, 0x80, 0xe7, 0x72, 0xb7, 0x29, 0xb8, 0x9a, 0x60,
+	0x8f, 0xd7, 0x52, 0xec, 0xf1, 0xf9, 0x5c, 0xc3, 0x18, 0x85, 0x34, 0xe5, 0x97, 0x9f, 0x37, 0x47,
+	0x5e, 0x7e, 0x4a, 0x4e, 0x22, 0xa3, 0x6f, 0x41, 0x5b, 0xaf, 0x3f, 0x7c, 0x54, 0x9b, 0xf8, 0xf4,
+	0x51, 0x6d, 0xe2, 0xb3, 0x47, 0xb5, 0x89, 0x9f, 0x0f, 0x6b, 0xca, 0xc3, 0x61, 0x4d, 0xf9, 0x74,
+	0x58, 0x53, 0x3e, 0x1b, 0xd6, 0x94, 0xbf, 0x0f, 0x6b, 0xca, 0xaf, 0x3f, 0xaf, 0x4d, 0xdc, 0x85,
+	0xd9, 0xff, 0x8a, 0xfe, 0x2f, 0x00, 0x00, 0xff, 0xff, 0x5f, 0x0a, 0xea, 0xf9, 0x40, 0x2a, 0x00,
+	0x00,
 }
 
 func (m *ControllerRevision) Marshal() (dAtA []byte, err error) {
@@ -1748,6 +1750,11 @@ func (m *DeploymentStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.TerminatingReplicas != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.TerminatingReplicas))
+		i--
+		dAtA[i] = 0x48
+	}
 	if m.CollisionCount != nil {
 		i = encodeVarintGenerated(dAtA, i, uint64(*m.CollisionCount))
 		i--
@@ -2054,6 +2061,11 @@ func (m *ReplicaSetStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.TerminatingReplicas != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.TerminatingReplicas))
+		i--
+		dAtA[i] = 0x38
+	}
 	if len(m.Conditions) > 0 {
 		for iNdEx := len(m.Conditions) - 1; iNdEx >= 0; iNdEx-- {
 			{
@@ -2915,6 +2927,9 @@ func (m *DeploymentStatus) Size() (n int) {
 	if m.CollisionCount != nil {
 		n += 1 + sovGenerated(uint64(*m.CollisionCount))
 	}
+	if m.TerminatingReplicas != nil {
+		n += 1 + sovGenerated(uint64(*m.TerminatingReplicas))
+	}
 	return n
 }
 
@@ -3020,6 +3035,9 @@ func (m *ReplicaSetStatus) Size() (n int) {
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
+	if m.TerminatingReplicas != nil {
+		n += 1 + sovGenerated(uint64(*m.TerminatingReplicas))
+	}
 	return n
 }
 
@@ -3435,6 +3453,7 @@ func (this *DeploymentStatus) String() string {
 		`Conditions:` + repeatedStringForConditions + `,`,
 		`ReadyReplicas:` + fmt.Sprintf("%v", this.ReadyReplicas) + `,`,
 		`CollisionCount:` + valueToStringGenerated(this.CollisionCount) + `,`,
+		`TerminatingReplicas:` + valueToStringGenerated(this.TerminatingReplicas) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3521,6 +3540,7 @@ func (this *ReplicaSetStatus) String() string {
 		`ReadyReplicas:` + fmt.Sprintf("%v", this.ReadyReplicas) + `,`,
 		`AvailableReplicas:` + fmt.Sprintf("%v", this.AvailableReplicas) + `,`,
 		`Conditions:` + repeatedStringForConditions + `,`,
+		`TerminatingReplicas:` + valueToStringGenerated(this.TerminatingReplicas) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -5941,6 +5961,26 @@ func (m *DeploymentStatus) Unmarshal(dAtA []byte) error {
 				}
 			}
 			m.CollisionCount = &v
+		case 9:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TerminatingReplicas", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.TerminatingReplicas = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -6873,6 +6913,26 @@ func (m *ReplicaSetStatus) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 7:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TerminatingReplicas", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.TerminatingReplicas = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/apps/v1/generated.proto b/vendor/k8s.io/api/apps/v1/generated.proto
index 388e638f4d..38c8997e99 100644
--- a/vendor/k8s.io/api/apps/v1/generated.proto
+++ b/vendor/k8s.io/api/apps/v1/generated.proto
@@ -318,19 +318,19 @@ message DeploymentStatus {
   // +optional
   optional int64 observedGeneration = 1;
 
-  // Total number of non-terminated pods targeted by this deployment (their labels match the selector).
+  // Total number of non-terminating pods targeted by this deployment (their labels match the selector).
   // +optional
   optional int32 replicas = 2;
 
-  // Total number of non-terminated pods targeted by this deployment that have the desired template spec.
+  // Total number of non-terminating pods targeted by this deployment that have the desired template spec.
   // +optional
   optional int32 updatedReplicas = 3;
 
-  // readyReplicas is the number of pods targeted by this Deployment with a Ready Condition.
+  // Total number of non-terminating pods targeted by this Deployment with a Ready Condition.
   // +optional
   optional int32 readyReplicas = 7;
 
-  // Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+  // Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.
   // +optional
   optional int32 availableReplicas = 4;
 
@@ -340,6 +340,13 @@ message DeploymentStatus {
   // +optional
   optional int32 unavailableReplicas = 5;
 
+  // Total number of terminating pods targeted by this deployment. Terminating pods have a non-null
+  // .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.
+  //
+  // This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+  // +optional
+  optional int32 terminatingReplicas = 9;
+
   // Represents the latest available observations of a deployment's current state.
   // +patchMergeKey=type
   // +patchStrategy=merge
@@ -421,16 +428,16 @@ message ReplicaSetList {
   optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
 
   // List of ReplicaSets.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
   repeated ReplicaSet items = 2;
 }
 
 // ReplicaSetSpec is the specification of a ReplicaSet.
 message ReplicaSetSpec {
-  // Replicas is the number of desired replicas.
+  // Replicas is the number of desired pods.
   // This is a pointer to distinguish between explicit zero and unspecified.
   // Defaults to 1.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
   // +optional
   optional int32 replicas = 1;
 
@@ -448,29 +455,36 @@ message ReplicaSetSpec {
 
   // Template is the object that describes the pod that will be created if
   // insufficient replicas are detected.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/#pod-template
   // +optional
   optional .k8s.io.api.core.v1.PodTemplateSpec template = 3;
 }
 
 // ReplicaSetStatus represents the current status of a ReplicaSet.
 message ReplicaSetStatus {
-  // Replicas is the most recently observed number of replicas.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+  // Replicas is the most recently observed number of non-terminating pods.
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
   optional int32 replicas = 1;
 
-  // The number of pods that have labels matching the labels of the pod template of the replicaset.
+  // The number of non-terminating pods that have labels matching the labels of the pod template of the replicaset.
   // +optional
   optional int32 fullyLabeledReplicas = 2;
 
-  // readyReplicas is the number of pods targeted by this ReplicaSet with a Ready Condition.
+  // The number of non-terminating pods targeted by this ReplicaSet with a Ready Condition.
   // +optional
   optional int32 readyReplicas = 4;
 
-  // The number of available replicas (ready for at least minReadySeconds) for this replica set.
+  // The number of available non-terminating pods (ready for at least minReadySeconds) for this replica set.
   // +optional
   optional int32 availableReplicas = 5;
 
+  // The number of terminating pods for this replica set. Terminating pods have a non-null .metadata.deletionTimestamp
+  // and have not yet reached the Failed or Succeeded .status.phase.
+  //
+  // This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+  // +optional
+  optional int32 terminatingReplicas = 7;
+
   // ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
   // +optional
   optional int64 observedGeneration = 3;
@@ -702,6 +716,7 @@ message StatefulSetSpec {
   // the network identity of the set. Pods get DNS/hostnames that follow the
   // pattern: pod-specific-string.serviceName.default.svc.cluster.local
   // where "pod-specific-string" is managed by the StatefulSet controller.
+  // +optional
   optional string serviceName = 5;
 
   // podManagementPolicy controls how pods are created during initial scale up,
diff --git a/vendor/k8s.io/api/apps/v1/types.go b/vendor/k8s.io/api/apps/v1/types.go
index a68690b447..1362d875d8 100644
--- a/vendor/k8s.io/api/apps/v1/types.go
+++ b/vendor/k8s.io/api/apps/v1/types.go
@@ -220,6 +220,7 @@ type StatefulSetSpec struct {
 	// the network identity of the set. Pods get DNS/hostnames that follow the
 	// pattern: pod-specific-string.serviceName.default.svc.cluster.local
 	// where "pod-specific-string" is managed by the StatefulSet controller.
+	// +optional
 	ServiceName string `json:"serviceName" protobuf:"bytes,5,opt,name=serviceName"`
 
 	// podManagementPolicy controls how pods are created during initial scale up,
@@ -486,19 +487,19 @@ type DeploymentStatus struct {
 	// +optional
 	ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,1,opt,name=observedGeneration"`
 
-	// Total number of non-terminated pods targeted by this deployment (their labels match the selector).
+	// Total number of non-terminating pods targeted by this deployment (their labels match the selector).
 	// +optional
 	Replicas int32 `json:"replicas,omitempty" protobuf:"varint,2,opt,name=replicas"`
 
-	// Total number of non-terminated pods targeted by this deployment that have the desired template spec.
+	// Total number of non-terminating pods targeted by this deployment that have the desired template spec.
 	// +optional
 	UpdatedReplicas int32 `json:"updatedReplicas,omitempty" protobuf:"varint,3,opt,name=updatedReplicas"`
 
-	// readyReplicas is the number of pods targeted by this Deployment with a Ready Condition.
+	// Total number of non-terminating pods targeted by this Deployment with a Ready Condition.
 	// +optional
 	ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,7,opt,name=readyReplicas"`
 
-	// Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+	// Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.
 	// +optional
 	AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,4,opt,name=availableReplicas"`
 
@@ -508,6 +509,13 @@ type DeploymentStatus struct {
 	// +optional
 	UnavailableReplicas int32 `json:"unavailableReplicas,omitempty" protobuf:"varint,5,opt,name=unavailableReplicas"`
 
+	// Total number of terminating pods targeted by this deployment. Terminating pods have a non-null
+	// .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.
+	//
+	// This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+	// +optional
+	TerminatingReplicas *int32 `json:"terminatingReplicas,omitempty" protobuf:"varint,9,opt,name=terminatingReplicas"`
+
 	// Represents the latest available observations of a deployment's current state.
 	// +patchMergeKey=type
 	// +patchStrategy=merge
@@ -839,16 +847,16 @@ type ReplicaSetList struct {
 	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
 
 	// List of ReplicaSets.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
 	Items []ReplicaSet `json:"items" protobuf:"bytes,2,rep,name=items"`
 }
 
 // ReplicaSetSpec is the specification of a ReplicaSet.
 type ReplicaSetSpec struct {
-	// Replicas is the number of desired replicas.
+	// Replicas is the number of desired pods.
 	// This is a pointer to distinguish between explicit zero and unspecified.
 	// Defaults to 1.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
 	// +optional
 	Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"`
 
@@ -866,29 +874,36 @@ type ReplicaSetSpec struct {
 
 	// Template is the object that describes the pod that will be created if
 	// insufficient replicas are detected.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/#pod-template
 	// +optional
 	Template v1.PodTemplateSpec `json:"template,omitempty" protobuf:"bytes,3,opt,name=template"`
 }
 
 // ReplicaSetStatus represents the current status of a ReplicaSet.
 type ReplicaSetStatus struct {
-	// Replicas is the most recently observed number of replicas.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+	// Replicas is the most recently observed number of non-terminating pods.
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
 	Replicas int32 `json:"replicas" protobuf:"varint,1,opt,name=replicas"`
 
-	// The number of pods that have labels matching the labels of the pod template of the replicaset.
+	// The number of non-terminating pods that have labels matching the labels of the pod template of the replicaset.
 	// +optional
 	FullyLabeledReplicas int32 `json:"fullyLabeledReplicas,omitempty" protobuf:"varint,2,opt,name=fullyLabeledReplicas"`
 
-	// readyReplicas is the number of pods targeted by this ReplicaSet with a Ready Condition.
+	// The number of non-terminating pods targeted by this ReplicaSet with a Ready Condition.
 	// +optional
 	ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,4,opt,name=readyReplicas"`
 
-	// The number of available replicas (ready for at least minReadySeconds) for this replica set.
+	// The number of available non-terminating pods (ready for at least minReadySeconds) for this replica set.
 	// +optional
 	AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,5,opt,name=availableReplicas"`
 
+	// The number of terminating pods for this replica set. Terminating pods have a non-null .metadata.deletionTimestamp
+	// and have not yet reached the Failed or Succeeded .status.phase.
+	//
+	// This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+	// +optional
+	TerminatingReplicas *int32 `json:"terminatingReplicas,omitempty" protobuf:"varint,7,opt,name=terminatingReplicas"`
+
 	// ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
 	// +optional
 	ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,3,opt,name=observedGeneration"`
diff --git a/vendor/k8s.io/api/apps/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/apps/v1/types_swagger_doc_generated.go
index 341ecdadb2..f44ba7bc33 100644
--- a/vendor/k8s.io/api/apps/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/apps/v1/types_swagger_doc_generated.go
@@ -177,11 +177,12 @@ func (DeploymentSpec) SwaggerDoc() map[string]string {
 var map_DeploymentStatus = map[string]string{
 	"":                    "DeploymentStatus is the most recently observed status of the Deployment.",
 	"observedGeneration":  "The generation observed by the deployment controller.",
-	"replicas":            "Total number of non-terminated pods targeted by this deployment (their labels match the selector).",
-	"updatedReplicas":     "Total number of non-terminated pods targeted by this deployment that have the desired template spec.",
-	"readyReplicas":       "readyReplicas is the number of pods targeted by this Deployment with a Ready Condition.",
-	"availableReplicas":   "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.",
+	"replicas":            "Total number of non-terminating pods targeted by this deployment (their labels match the selector).",
+	"updatedReplicas":     "Total number of non-terminating pods targeted by this deployment that have the desired template spec.",
+	"readyReplicas":       "Total number of non-terminating pods targeted by this Deployment with a Ready Condition.",
+	"availableReplicas":   "Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.",
 	"unavailableReplicas": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.",
+	"terminatingReplicas": "Total number of terminating pods targeted by this deployment. Terminating pods have a non-null .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.\n\nThis is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.",
 	"conditions":          "Represents the latest available observations of a deployment's current state.",
 	"collisionCount":      "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.",
 }
@@ -227,7 +228,7 @@ func (ReplicaSetCondition) SwaggerDoc() map[string]string {
 var map_ReplicaSetList = map[string]string{
 	"":         "ReplicaSetList is a collection of ReplicaSets.",
 	"metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
-	"items":    "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller",
+	"items":    "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset",
 }
 
 func (ReplicaSetList) SwaggerDoc() map[string]string {
@@ -236,10 +237,10 @@ func (ReplicaSetList) SwaggerDoc() map[string]string {
 
 var map_ReplicaSetSpec = map[string]string{
 	"":                "ReplicaSetSpec is the specification of a ReplicaSet.",
-	"replicas":        "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller",
+	"replicas":        "Replicas is the number of desired pods. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset",
 	"minReadySeconds": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)",
 	"selector":        "Selector is a label query over pods that should match the replica count. Label keys and values that must match in order to be controlled by this replica set. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors",
-	"template":        "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template",
+	"template":        "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/#pod-template",
 }
 
 func (ReplicaSetSpec) SwaggerDoc() map[string]string {
@@ -248,10 +249,11 @@ func (ReplicaSetSpec) SwaggerDoc() map[string]string {
 
 var map_ReplicaSetStatus = map[string]string{
 	"":                     "ReplicaSetStatus represents the current status of a ReplicaSet.",
-	"replicas":             "Replicas is the most recently observed number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller",
-	"fullyLabeledReplicas": "The number of pods that have labels matching the labels of the pod template of the replicaset.",
-	"readyReplicas":        "readyReplicas is the number of pods targeted by this ReplicaSet with a Ready Condition.",
-	"availableReplicas":    "The number of available replicas (ready for at least minReadySeconds) for this replica set.",
+	"replicas":             "Replicas is the most recently observed number of non-terminating pods. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset",
+	"fullyLabeledReplicas": "The number of non-terminating pods that have labels matching the labels of the pod template of the replicaset.",
+	"readyReplicas":        "The number of non-terminating pods targeted by this ReplicaSet with a Ready Condition.",
+	"availableReplicas":    "The number of available non-terminating pods (ready for at least minReadySeconds) for this replica set.",
+	"terminatingReplicas":  "The number of terminating pods for this replica set. Terminating pods have a non-null .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.\n\nThis is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.",
 	"observedGeneration":   "ObservedGeneration reflects the generation of the most recently observed ReplicaSet.",
 	"conditions":           "Represents the latest available observations of a replica set's current state.",
 }
diff --git a/vendor/k8s.io/api/apps/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/apps/v1/zz_generated.deepcopy.go
index 6912986ac3..9e67658ba6 100644
--- a/vendor/k8s.io/api/apps/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/apps/v1/zz_generated.deepcopy.go
@@ -363,6 +363,11 @@ func (in *DeploymentSpec) DeepCopy() *DeploymentSpec {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) {
 	*out = *in
+	if in.TerminatingReplicas != nil {
+		in, out := &in.TerminatingReplicas, &out.TerminatingReplicas
+		*out = new(int32)
+		**out = **in
+	}
 	if in.Conditions != nil {
 		in, out := &in.Conditions, &out.Conditions
 		*out = make([]DeploymentCondition, len(*in))
@@ -517,6 +522,11 @@ func (in *ReplicaSetSpec) DeepCopy() *ReplicaSetSpec {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ReplicaSetStatus) DeepCopyInto(out *ReplicaSetStatus) {
 	*out = *in
+	if in.TerminatingReplicas != nil {
+		in, out := &in.TerminatingReplicas, &out.TerminatingReplicas
+		*out = new(int32)
+		**out = **in
+	}
 	if in.Conditions != nil {
 		in, out := &in.Conditions, &out.Conditions
 		*out = make([]ReplicaSetCondition, len(*in))
diff --git a/vendor/k8s.io/api/apps/v1beta1/doc.go b/vendor/k8s.io/api/apps/v1beta1/doc.go
index 38a358551a..7770fab5d2 100644
--- a/vendor/k8s.io/api/apps/v1beta1/doc.go
+++ b/vendor/k8s.io/api/apps/v1beta1/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1beta1 // import "k8s.io/api/apps/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/apps/v1beta1/generated.pb.go b/vendor/k8s.io/api/apps/v1beta1/generated.pb.go
index 76e755b4a3..ae84aaf487 100644
--- a/vendor/k8s.io/api/apps/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/api/apps/v1beta1/generated.pb.go
@@ -728,134 +728,135 @@ func init() {
 }
 
 var fileDescriptor_2747f709ac7c95e7 = []byte{
-	// 2018 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xdc, 0x59, 0xcd, 0x6f, 0x1b, 0xc7,
-	0x15, 0xf7, 0x52, 0xa2, 0x44, 0x3d, 0x45, 0x94, 0x3d, 0x52, 0x2d, 0x46, 0x69, 0x25, 0x61, 0x63,
-	0xc4, 0x4a, 0x62, 0x2f, 0x63, 0x25, 0x0d, 0x12, 0xbb, 0x75, 0x21, 0x4a, 0x6e, 0xec, 0x40, 0x8a,
-	0x94, 0x91, 0x64, 0xa3, 0xe9, 0x07, 0x32, 0x22, 0xc7, 0xd4, 0x46, 0xfb, 0x85, 0xdd, 0x21, 0x63,
-	0xa2, 0x97, 0xfe, 0x01, 0x05, 0xd2, 0x73, 0xff, 0x8a, 0xf6, 0xd4, 0xa2, 0x45, 0x2f, 0x3d, 0x14,
-	0x3e, 0x06, 0xbd, 0x34, 0x27, 0xa2, 0x66, 0xae, 0xed, 0xad, 0xbd, 0x18, 0x28, 0x50, 0xcc, 0xec,
-	0xec, 0xf7, 0xae, 0xb4, 0x2c, 0x60, 0x01, 0xcd, 0x8d, 0x3b, 0xef, 0xbd, 0xdf, 0x7b, 0xf3, 0xe6,
-	0xbd, 0x37, 0xef, 0x0d, 0xe1, 0xfa, 0xe9, 0x7b, 0x9e, 0xa6, 0xdb, 0x4d, 0xe2, 0xe8, 0x4d, 0xe2,
-	0x38, 0x5e, 0xb3, 0x7f, 0xeb, 0x98, 0x32, 0x72, 0xab, 0xd9, 0xa5, 0x16, 0x75, 0x09, 0xa3, 0x1d,
-	0xcd, 0x71, 0x6d, 0x66, 0xa3, 0x25, 0x9f, 0x51, 0x23, 0x8e, 0xae, 0x71, 0x46, 0x4d, 0x32, 0x2e,
-	0xdf, 0xec, 0xea, 0xec, 0xa4, 0x77, 0xac, 0xb5, 0x6d, 0xb3, 0xd9, 0xb5, 0xbb, 0x76, 0x53, 0xf0,
-	0x1f, 0xf7, 0x1e, 0x8b, 0x2f, 0xf1, 0x21, 0x7e, 0xf9, 0x38, 0xcb, 0x6a, 0x4c, 0x61, 0xdb, 0x76,
-	0x69, 0xb3, 0x9f, 0xd1, 0xb5, 0xfc, 0x4e, 0xc4, 0x63, 0x92, 0xf6, 0x89, 0x6e, 0x51, 0x77, 0xd0,
-	0x74, 0x4e, 0xbb, 0x7c, 0xc1, 0x6b, 0x9a, 0x94, 0x91, 0x3c, 0xa9, 0x66, 0x91, 0x94, 0xdb, 0xb3,
-	0x98, 0x6e, 0xd2, 0x8c, 0xc0, 0xbb, 0xe7, 0x09, 0x78, 0xed, 0x13, 0x6a, 0x92, 0x8c, 0xdc, 0xdb,
-	0x45, 0x72, 0x3d, 0xa6, 0x1b, 0x4d, 0xdd, 0x62, 0x1e, 0x73, 0xd3, 0x42, 0xea, 0xbf, 0x15, 0x40,
-	0x5b, 0xb6, 0xc5, 0x5c, 0xdb, 0x30, 0xa8, 0x8b, 0x69, 0x5f, 0xf7, 0x74, 0xdb, 0x42, 0x9f, 0x42,
-	0x8d, 0xef, 0xa7, 0x43, 0x18, 0x69, 0x28, 0x6b, 0xca, 0xfa, 0xec, 0xc6, 0x5b, 0x5a, 0xe4, 0xe9,
-	0x10, 0x5e, 0x73, 0x4e, 0xbb, 0x7c, 0xc1, 0xd3, 0x38, 0xb7, 0xd6, 0xbf, 0xa5, 0xed, 0x1d, 0x7f,
-	0x46, 0xdb, 0x6c, 0x97, 0x32, 0xd2, 0x42, 0x4f, 0x87, 0xab, 0x97, 0x46, 0xc3, 0x55, 0x88, 0xd6,
-	0x70, 0x88, 0x8a, 0xf6, 0x60, 0x52, 0xa0, 0x57, 0x04, 0xfa, 0xcd, 0x42, 0x74, 0xb9, 0x69, 0x0d,
-	0x93, 0xcf, 0xef, 0x3d, 0x61, 0xd4, 0xe2, 0xe6, 0xb5, 0x5e, 0x92, 0xd0, 0x93, 0xdb, 0x84, 0x11,
-	0x2c, 0x80, 0xd0, 0x0d, 0xa8, 0xb9, 0xd2, 0xfc, 0xc6, 0xc4, 0x9a, 0xb2, 0x3e, 0xd1, 0xba, 0x2c,
-	0xb9, 0x6a, 0xc1, 0xb6, 0x70, 0xc8, 0xa1, 0x3e, 0x55, 0xe0, 0x6a, 0x76, 0xdf, 0x3b, 0xba, 0xc7,
-	0xd0, 0x4f, 0x32, 0x7b, 0xd7, 0xca, 0xed, 0x9d, 0x4b, 0x8b, 0x9d, 0x87, 0x8a, 0x83, 0x95, 0xd8,
-	0xbe, 0xf7, 0xa1, 0xaa, 0x33, 0x6a, 0x7a, 0x8d, 0xca, 0xda, 0xc4, 0xfa, 0xec, 0xc6, 0x9b, 0x5a,
-	0x41, 0x00, 0x6b, 0x59, 0xeb, 0x5a, 0x73, 0x12, 0xb7, 0xfa, 0x80, 0x23, 0x60, 0x1f, 0x48, 0xfd,
-	0x65, 0x05, 0x60, 0x9b, 0x3a, 0x86, 0x3d, 0x30, 0xa9, 0xc5, 0x2e, 0xe0, 0xe8, 0x1e, 0xc0, 0xa4,
-	0xe7, 0xd0, 0xb6, 0x3c, 0xba, 0xeb, 0x85, 0x3b, 0x88, 0x8c, 0x3a, 0x70, 0x68, 0x3b, 0x3a, 0x34,
-	0xfe, 0x85, 0x05, 0x04, 0xfa, 0x18, 0xa6, 0x3c, 0x46, 0x58, 0xcf, 0x13, 0x47, 0x36, 0xbb, 0xf1,
-	0x7a, 0x19, 0x30, 0x21, 0xd0, 0xaa, 0x4b, 0xb8, 0x29, 0xff, 0x1b, 0x4b, 0x20, 0xf5, 0x6f, 0x13,
-	0xb0, 0x10, 0x31, 0x6f, 0xd9, 0x56, 0x47, 0x67, 0x3c, 0xa4, 0xef, 0xc0, 0x24, 0x1b, 0x38, 0x54,
-	0xf8, 0x64, 0xa6, 0x75, 0x3d, 0x30, 0xe6, 0x70, 0xe0, 0xd0, 0xe7, 0xc3, 0xd5, 0xa5, 0x1c, 0x11,
-	0x4e, 0xc2, 0x42, 0x08, 0xed, 0x84, 0x76, 0x56, 0x84, 0xf8, 0x3b, 0x49, 0xe5, 0xcf, 0x87, 0xab,
-	0x39, 0x05, 0x44, 0x0b, 0x91, 0x92, 0x26, 0xa2, 0xcf, 0xa0, 0x6e, 0x10, 0x8f, 0x1d, 0x39, 0x1d,
-	0xc2, 0xe8, 0xa1, 0x6e, 0xd2, 0xc6, 0x94, 0xd8, 0xfd, 0x1b, 0xe5, 0x0e, 0x8a, 0x4b, 0xb4, 0xae,
-	0x4a, 0x0b, 0xea, 0x3b, 0x09, 0x24, 0x9c, 0x42, 0x46, 0x7d, 0x40, 0x7c, 0xe5, 0xd0, 0x25, 0x96,
-	0xe7, 0xef, 0x8a, 0xeb, 0x9b, 0x1e, 0x5b, 0xdf, 0xb2, 0xd4, 0x87, 0x76, 0x32, 0x68, 0x38, 0x47,
-	0x03, 0x7a, 0x0d, 0xa6, 0x5c, 0x4a, 0x3c, 0xdb, 0x6a, 0x4c, 0x0a, 0x8f, 0x85, 0xc7, 0x85, 0xc5,
-	0x2a, 0x96, 0x54, 0xf4, 0x3a, 0x4c, 0x9b, 0xd4, 0xf3, 0x48, 0x97, 0x36, 0xaa, 0x82, 0x71, 0x5e,
-	0x32, 0x4e, 0xef, 0xfa, 0xcb, 0x38, 0xa0, 0xab, 0xbf, 0x57, 0xa0, 0x1e, 0x1d, 0xd3, 0x05, 0xe4,
-	0xea, 0xfd, 0x64, 0xae, 0xbe, 0x5a, 0x22, 0x38, 0x0b, 0x72, 0xf4, 0x1f, 0x15, 0x40, 0x11, 0x13,
-	0xb6, 0x0d, 0xe3, 0x98, 0xb4, 0x4f, 0xd1, 0x1a, 0x4c, 0x5a, 0xc4, 0x0c, 0x62, 0x32, 0x4c, 0x90,
-	0x8f, 0x88, 0x49, 0xb1, 0xa0, 0xa0, 0x2f, 0x14, 0x40, 0x3d, 0x71, 0x9a, 0x9d, 0x4d, 0xcb, 0xb2,
-	0x19, 0xe1, 0x0e, 0x0e, 0x0c, 0xda, 0x2a, 0x61, 0x50, 0xa0, 0x4b, 0x3b, 0xca, 0xa0, 0xdc, 0xb3,
-	0x98, 0x3b, 0x88, 0x0e, 0x36, 0xcb, 0x80, 0x73, 0x54, 0xa3, 0x1f, 0x03, 0xb8, 0x12, 0xf3, 0xd0,
-	0x96, 0x69, 0x5b, 0x5c, 0x03, 0x02, 0xf5, 0x5b, 0xb6, 0xf5, 0x58, 0xef, 0x46, 0x85, 0x05, 0x87,
-	0x10, 0x38, 0x06, 0xb7, 0x7c, 0x0f, 0x96, 0x0a, 0xec, 0x44, 0x97, 0x61, 0xe2, 0x94, 0x0e, 0x7c,
-	0x57, 0x61, 0xfe, 0x13, 0x2d, 0x42, 0xb5, 0x4f, 0x8c, 0x1e, 0xf5, 0x73, 0x12, 0xfb, 0x1f, 0xb7,
-	0x2b, 0xef, 0x29, 0xea, 0x6f, 0xaa, 0xf1, 0x48, 0xe1, 0xf5, 0x06, 0xad, 0xf3, 0xeb, 0xc1, 0x31,
-	0xf4, 0x36, 0xf1, 0x04, 0x46, 0xb5, 0xf5, 0x92, 0x7f, 0x35, 0xf8, 0x6b, 0x38, 0xa4, 0xa2, 0x9f,
-	0x42, 0xcd, 0xa3, 0x06, 0x6d, 0x33, 0xdb, 0x95, 0x25, 0xee, 0xed, 0x92, 0x31, 0x45, 0x8e, 0xa9,
-	0x71, 0x20, 0x45, 0x7d, 0xf8, 0xe0, 0x0b, 0x87, 0x90, 0xe8, 0x63, 0xa8, 0x31, 0x6a, 0x3a, 0x06,
-	0x61, 0x54, 0x7a, 0x2f, 0x11, 0x57, 0xbc, 0x76, 0x70, 0xb0, 0x7d, 0xbb, 0x73, 0x28, 0xd9, 0x44,
-	0xf5, 0x0c, 0xe3, 0x34, 0x58, 0xc5, 0x21, 0x0c, 0xfa, 0x11, 0xd4, 0x3c, 0xc6, 0x6f, 0xf5, 0xee,
-	0x40, 0x64, 0xdb, 0x59, 0xd7, 0x4a, 0xbc, 0x8e, 0xfa, 0x22, 0x11, 0x74, 0xb0, 0x82, 0x43, 0x38,
-	0xb4, 0x09, 0xf3, 0xa6, 0x6e, 0x61, 0x4a, 0x3a, 0x83, 0x03, 0xda, 0xb6, 0xad, 0x8e, 0x27, 0xd2,
-	0xb4, 0xda, 0x5a, 0x92, 0x42, 0xf3, 0xbb, 0x49, 0x32, 0x4e, 0xf3, 0xa3, 0x1d, 0x58, 0x0c, 0xae,
-	0xdd, 0xfb, 0xba, 0xc7, 0x6c, 0x77, 0xb0, 0xa3, 0x9b, 0x3a, 0x13, 0x35, 0xaf, 0xda, 0x6a, 0x8c,
-	0x86, 0xab, 0x8b, 0x38, 0x87, 0x8e, 0x73, 0xa5, 0x78, 0x5d, 0x71, 0x48, 0xcf, 0xa3, 0x1d, 0x51,
-	0xc3, 0x6a, 0x51, 0x5d, 0xd9, 0x17, 0xab, 0x58, 0x52, 0xd1, 0xa3, 0x44, 0x98, 0xd6, 0xc6, 0x0b,
-	0xd3, 0x7a, 0x71, 0x88, 0xa2, 0x23, 0x58, 0x72, 0x5c, 0xbb, 0xeb, 0x52, 0xcf, 0xdb, 0xa6, 0xa4,
-	0x63, 0xe8, 0x16, 0x0d, 0x3c, 0x33, 0x23, 0x76, 0xf4, 0xca, 0x68, 0xb8, 0xba, 0xb4, 0x9f, 0xcf,
-	0x82, 0x8b, 0x64, 0xd5, 0x3f, 0x4f, 0xc2, 0xe5, 0xf4, 0x1d, 0x87, 0x3e, 0x04, 0x64, 0x1f, 0x7b,
-	0xd4, 0xed, 0xd3, 0xce, 0x07, 0x7e, 0xe3, 0xc6, 0xbb, 0x1b, 0x45, 0x74, 0x37, 0x61, 0xde, 0xee,
-	0x65, 0x38, 0x70, 0x8e, 0x94, 0xdf, 0x1f, 0xc9, 0x04, 0xa8, 0x08, 0x43, 0x63, 0xfd, 0x51, 0x26,
-	0x09, 0x36, 0x61, 0x5e, 0xe6, 0x7e, 0x40, 0x14, 0xc1, 0x1a, 0x3b, 0xf7, 0xa3, 0x24, 0x19, 0xa7,
-	0xf9, 0xd1, 0x1d, 0x98, 0x73, 0x79, 0x1c, 0x84, 0x00, 0xd3, 0x02, 0xe0, 0x5b, 0x12, 0x60, 0x0e,
-	0xc7, 0x89, 0x38, 0xc9, 0x8b, 0x3e, 0x80, 0x2b, 0xa4, 0x4f, 0x74, 0x83, 0x1c, 0x1b, 0x34, 0x04,
-	0x98, 0x14, 0x00, 0x2f, 0x4b, 0x80, 0x2b, 0x9b, 0x69, 0x06, 0x9c, 0x95, 0x41, 0xbb, 0xb0, 0xd0,
-	0xb3, 0xb2, 0x50, 0x7e, 0x10, 0xbf, 0x22, 0xa1, 0x16, 0x8e, 0xb2, 0x2c, 0x38, 0x4f, 0x0e, 0x7d,
-	0x0a, 0xd0, 0x0e, 0x6e, 0x75, 0xaf, 0x31, 0x25, 0xca, 0xf0, 0x8d, 0x12, 0xc9, 0x16, 0xb6, 0x02,
-	0x51, 0x09, 0x0c, 0x97, 0x3c, 0x1c, 0xc3, 0x44, 0xb7, 0xa1, 0xde, 0xb6, 0x0d, 0x43, 0x44, 0xfe,
-	0x96, 0xdd, 0xb3, 0x98, 0x08, 0xde, 0x6a, 0x0b, 0xf1, 0xcb, 0x7e, 0x2b, 0x41, 0xc1, 0x29, 0x4e,
-	0xf5, 0x8f, 0x4a, 0xfc, 0x9a, 0x09, 0xd2, 0x19, 0xdd, 0x4e, 0xb4, 0x3e, 0xaf, 0xa5, 0x5a, 0x9f,
-	0xab, 0x59, 0x89, 0x58, 0xe7, 0xa3, 0xc3, 0x1c, 0x0f, 0x7e, 0xdd, 0xea, 0xfa, 0x07, 0x2e, 0x4b,
-	0xe2, 0x5b, 0x67, 0xa6, 0x52, 0xc8, 0x1d, 0xbb, 0x18, 0xaf, 0x88, 0x33, 0x8f, 0x13, 0x71, 0x12,
-	0x59, 0xbd, 0x0b, 0xf5, 0x64, 0x1e, 0x26, 0x7a, 0x7a, 0xe5, 0xdc, 0x9e, 0xfe, 0x6b, 0x05, 0x96,
-	0x0a, 0xb4, 0x23, 0x03, 0xea, 0x26, 0x79, 0x12, 0x3b, 0xe6, 0x73, 0x7b, 0x63, 0x3e, 0x35, 0x69,
-	0xfe, 0xd4, 0xa4, 0x3d, 0xb0, 0xd8, 0x9e, 0x7b, 0xc0, 0x5c, 0xdd, 0xea, 0xfa, 0xe7, 0xb0, 0x9b,
-	0xc0, 0xc2, 0x29, 0x6c, 0xf4, 0x09, 0xd4, 0x4c, 0xf2, 0xe4, 0xa0, 0xe7, 0x76, 0xf3, 0xfc, 0x55,
-	0x4e, 0x8f, 0xb8, 0x3f, 0x76, 0x25, 0x0a, 0x0e, 0xf1, 0xd4, 0x3f, 0x29, 0xb0, 0x96, 0xd8, 0x25,
-	0xaf, 0x15, 0xf4, 0x71, 0xcf, 0x38, 0xa0, 0xd1, 0x89, 0xbf, 0x09, 0x33, 0x0e, 0x71, 0x99, 0x1e,
-	0xd6, 0x8b, 0x6a, 0x6b, 0x6e, 0x34, 0x5c, 0x9d, 0xd9, 0x0f, 0x16, 0x71, 0x44, 0xcf, 0xf1, 0x4d,
-	0xe5, 0xc5, 0xf9, 0x46, 0xfd, 0x8f, 0x02, 0xd5, 0x83, 0x36, 0x31, 0xe8, 0x05, 0x4c, 0x2a, 0xdb,
-	0x89, 0x49, 0x45, 0x2d, 0x8c, 0x59, 0x61, 0x4f, 0xe1, 0x90, 0xb2, 0x93, 0x1a, 0x52, 0xae, 0x9d,
-	0x83, 0x73, 0xf6, 0x7c, 0xf2, 0x3e, 0xcc, 0x84, 0xea, 0x12, 0x45, 0x59, 0x39, 0xaf, 0x28, 0xab,
-	0xbf, 0xae, 0xc0, 0x6c, 0x4c, 0xc5, 0x78, 0xd2, 0xdc, 0xdd, 0xb1, 0xbe, 0x86, 0x17, 0xae, 0x8d,
-	0x32, 0x1b, 0xd1, 0x82, 0x1e, 0xc6, 0x6f, 0x17, 0xa3, 0x66, 0x21, 0xdb, 0xda, 0xdc, 0x85, 0x3a,
-	0x23, 0x6e, 0x97, 0xb2, 0x80, 0x26, 0x1c, 0x36, 0x13, 0xcd, 0x2a, 0x87, 0x09, 0x2a, 0x4e, 0x71,
-	0x2f, 0xdf, 0x81, 0xb9, 0x84, 0xb2, 0xb1, 0x7a, 0xbe, 0x2f, 0xb8, 0x73, 0xa2, 0x54, 0xb8, 0x80,
-	0xe8, 0xfa, 0x30, 0x11, 0x5d, 0xeb, 0xc5, 0xce, 0x8c, 0x25, 0x68, 0x51, 0x8c, 0xe1, 0x54, 0x8c,
-	0xbd, 0x51, 0x0a, 0xed, 0xec, 0x48, 0xfb, 0x67, 0x05, 0x16, 0x63, 0xdc, 0xd1, 0x28, 0xfc, 0xbd,
-	0xc4, 0x7d, 0xb0, 0x9e, 0xba, 0x0f, 0x1a, 0x79, 0x32, 0x2f, 0x6c, 0x16, 0xce, 0x9f, 0x4f, 0x27,
-	0xfe, 0x1f, 0xe7, 0xd3, 0x3f, 0x28, 0x30, 0x1f, 0xf3, 0xdd, 0x05, 0x0c, 0xa8, 0x0f, 0x92, 0x03,
-	0xea, 0xb5, 0x32, 0x41, 0x53, 0x30, 0xa1, 0xde, 0x86, 0x85, 0x18, 0xd3, 0x9e, 0xdb, 0xd1, 0x2d,
-	0x62, 0x78, 0xe8, 0x55, 0xa8, 0x7a, 0x8c, 0xb8, 0x2c, 0xb8, 0x44, 0x02, 0xd9, 0x03, 0xbe, 0x88,
-	0x7d, 0x9a, 0xfa, 0x2f, 0x05, 0x9a, 0x31, 0xe1, 0x7d, 0xea, 0x7a, 0xba, 0xc7, 0xa8, 0xc5, 0x1e,
-	0xda, 0x46, 0xcf, 0xa4, 0x5b, 0x06, 0xd1, 0x4d, 0x4c, 0xf9, 0x82, 0x6e, 0x5b, 0xfb, 0xb6, 0xa1,
-	0xb7, 0x07, 0x88, 0xc0, 0xec, 0xe7, 0x27, 0xd4, 0xda, 0xa6, 0x06, 0x65, 0xb4, 0x23, 0x43, 0xf1,
-	0x07, 0x12, 0x7e, 0xf6, 0x51, 0x44, 0x7a, 0x3e, 0x5c, 0x5d, 0x2f, 0x83, 0x28, 0x22, 0x34, 0x8e,
-	0x89, 0x7e, 0x06, 0xc0, 0x3f, 0x45, 0x2d, 0xeb, 0xc8, 0x60, 0xbd, 0x1b, 0x64, 0xf4, 0xa3, 0x90,
-	0x32, 0x96, 0x82, 0x18, 0xa2, 0xfa, 0xdb, 0x5a, 0xe2, 0xbc, 0xbf, 0xf1, 0x63, 0xe6, 0xcf, 0x61,
-	0xb1, 0x1f, 0x79, 0x27, 0x60, 0xe0, 0x6d, 0xf9, 0x44, 0xfa, 0xe9, 0x2e, 0x84, 0xcf, 0xf3, 0x6b,
-	0xeb, 0xdb, 0x52, 0xc9, 0xe2, 0xc3, 0x1c, 0x38, 0x9c, 0xab, 0x04, 0x7d, 0x17, 0x66, 0xf9, 0x48,
-	0xa3, 0xb7, 0xe9, 0x47, 0xc4, 0x0c, 0x72, 0x71, 0x21, 0x88, 0x97, 0x83, 0x88, 0x84, 0xe3, 0x7c,
-	0xe8, 0x04, 0x16, 0x1c, 0xbb, 0xb3, 0x4b, 0x2c, 0xd2, 0xa5, 0xbc, 0x11, 0xf4, 0x8f, 0x52, 0xcc,
-	0x9e, 0x33, 0xad, 0x77, 0x83, 0xf6, 0x7f, 0x3f, 0xcb, 0xf2, 0x9c, 0x0f, 0x71, 0xd9, 0x65, 0x11,
-	0x04, 0x79, 0x90, 0xc8, 0x85, 0x7a, 0x4f, 0xf6, 0x63, 0x72, 0x14, 0xf7, 0x1f, 0xd9, 0x36, 0xca,
-	0x24, 0xe5, 0x51, 0x42, 0x32, 0xba, 0x30, 0x93, 0xeb, 0x38, 0xa5, 0xa1, 0x70, 0xb4, 0xae, 0xfd,
-	0x4f, 0xa3, 0x75, 0xce, 0xac, 0x3f, 0x33, 0xe6, 0xac, 0xff, 0x17, 0x05, 0xae, 0x39, 0x25, 0x72,
-	0xa9, 0x01, 0xc2, 0x37, 0xf7, 0xcb, 0xf8, 0xa6, 0x4c, 0x6e, 0xb6, 0xd6, 0x47, 0xc3, 0xd5, 0x6b,
-	0x65, 0x38, 0x71, 0x29, 0xfb, 0xd0, 0x43, 0xa8, 0xd9, 0xb2, 0x06, 0x36, 0x66, 0x85, 0xad, 0x37,
-	0xca, 0xd8, 0x1a, 0xd4, 0x4d, 0x3f, 0x2d, 0x83, 0x2f, 0x1c, 0x62, 0xa9, 0xbf, 0xab, 0xc2, 0x95,
-	0xcc, 0x0d, 0x8e, 0x7e, 0x78, 0xc6, 0x9c, 0x7f, 0xf5, 0x85, 0xcd, 0xf8, 0x99, 0x01, 0x7d, 0x62,
-	0x8c, 0x01, 0x7d, 0x13, 0xe6, 0xdb, 0x3d, 0xd7, 0xa5, 0x16, 0x4b, 0x8d, 0xe7, 0x61, 0xb0, 0x6c,
-	0x25, 0xc9, 0x38, 0xcd, 0x9f, 0xf7, 0xc6, 0x50, 0x1d, 0xf3, 0x8d, 0x21, 0x6e, 0x85, 0x9c, 0x13,
-	0xfd, 0xd4, 0xce, 0x5a, 0x21, 0xc7, 0xc5, 0x34, 0x3f, 0x6f, 0x5a, 0x7d, 0xd4, 0x10, 0x61, 0x3a,
-	0xd9, 0xb4, 0x1e, 0x25, 0xa8, 0x38, 0xc5, 0x9d, 0x33, 0xaf, 0xcf, 0x94, 0x9d, 0xd7, 0x11, 0x49,
-	0xbc, 0x26, 0x80, 0xa8, 0xa3, 0x37, 0xcb, 0xc4, 0x59, 0xf9, 0xe7, 0x84, 0xdc, 0x87, 0x94, 0xd9,
-	0xf1, 0x1f, 0x52, 0xd4, 0xbf, 0x2a, 0xf0, 0x72, 0x61, 0xc5, 0x42, 0x9b, 0x89, 0x96, 0xf2, 0x66,
-	0xaa, 0xa5, 0xfc, 0x4e, 0xa1, 0x60, 0xac, 0xaf, 0x74, 0xf3, 0x5f, 0x1a, 0xde, 0x2f, 0xf7, 0xd2,
-	0x90, 0x33, 0x05, 0x9f, 0xff, 0xe4, 0xd0, 0xfa, 0xfe, 0xd3, 0x67, 0x2b, 0x97, 0xbe, 0x7c, 0xb6,
-	0x72, 0xe9, 0xab, 0x67, 0x2b, 0x97, 0x7e, 0x31, 0x5a, 0x51, 0x9e, 0x8e, 0x56, 0x94, 0x2f, 0x47,
-	0x2b, 0xca, 0x57, 0xa3, 0x15, 0xe5, 0xef, 0xa3, 0x15, 0xe5, 0x57, 0x5f, 0xaf, 0x5c, 0xfa, 0x64,
-	0xa9, 0xe0, 0xdf, 0xe8, 0xff, 0x06, 0x00, 0x00, 0xff, 0xff, 0xb9, 0xc9, 0xe6, 0x8c, 0xa7, 0x1e,
-	0x00, 0x00,
+	// 2041 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xdc, 0x59, 0xdd, 0x6f, 0x1b, 0xc7,
+	0x11, 0xd7, 0x51, 0xa2, 0x44, 0x8d, 0x22, 0xca, 0x5e, 0xa9, 0x16, 0xa3, 0xb4, 0x92, 0x70, 0x31,
+	0x62, 0x25, 0xb1, 0x8f, 0xb1, 0x92, 0x06, 0x89, 0xdd, 0xba, 0x10, 0x25, 0x37, 0x56, 0x20, 0x45,
+	0xca, 0x4a, 0xb2, 0xd1, 0xf4, 0x03, 0x59, 0x91, 0x6b, 0xea, 0xa2, 0xfb, 0xc2, 0xdd, 0x52, 0x31,
+	0xd1, 0x97, 0xfe, 0x01, 0x2d, 0xd2, 0xe7, 0xfe, 0x15, 0xed, 0x53, 0x8b, 0x16, 0x7d, 0x2d, 0xfc,
+	0x18, 0xf4, 0xa5, 0x79, 0x22, 0x6a, 0xe6, 0xb5, 0x7d, 0x6b, 0x5f, 0x0c, 0x14, 0x28, 0x76, 0x6f,
+	0xef, 0xfb, 0x4e, 0x3a, 0x16, 0xb0, 0x80, 0xe6, 0x8d, 0xb7, 0x33, 0xf3, 0x9b, 0xd9, 0xd9, 0x99,
+	0xd9, 0x99, 0x25, 0xdc, 0x38, 0x7d, 0xcf, 0xd3, 0x74, 0xbb, 0x49, 0x1c, 0xbd, 0x49, 0x1c, 0xc7,
+	0x6b, 0x9e, 0xdd, 0x3e, 0xa6, 0x8c, 0xdc, 0x6e, 0x76, 0xa9, 0x45, 0x5d, 0xc2, 0x68, 0x47, 0x73,
+	0x5c, 0x9b, 0xd9, 0x68, 0xd1, 0x67, 0xd4, 0x88, 0xa3, 0x6b, 0x9c, 0x51, 0x93, 0x8c, 0x4b, 0xb7,
+	0xba, 0x3a, 0x3b, 0xe9, 0x1d, 0x6b, 0x6d, 0xdb, 0x6c, 0x76, 0xed, 0xae, 0xdd, 0x14, 0xfc, 0xc7,
+	0xbd, 0xc7, 0xe2, 0x4b, 0x7c, 0x88, 0x5f, 0x3e, 0xce, 0x92, 0x1a, 0x53, 0xd8, 0xb6, 0x5d, 0xda,
+	0x3c, 0xcb, 0xe8, 0x5a, 0x7a, 0x27, 0xe2, 0x31, 0x49, 0xfb, 0x44, 0xb7, 0xa8, 0xdb, 0x6f, 0x3a,
+	0xa7, 0x5d, 0xbe, 0xe0, 0x35, 0x4d, 0xca, 0x48, 0x9e, 0x54, 0xb3, 0x48, 0xca, 0xed, 0x59, 0x4c,
+	0x37, 0x69, 0x46, 0xe0, 0xdd, 0x8b, 0x04, 0xbc, 0xf6, 0x09, 0x35, 0x49, 0x46, 0xee, 0xed, 0x22,
+	0xb9, 0x1e, 0xd3, 0x8d, 0xa6, 0x6e, 0x31, 0x8f, 0xb9, 0x69, 0x21, 0xf5, 0xdf, 0x0a, 0xa0, 0x4d,
+	0xdb, 0x62, 0xae, 0x6d, 0x18, 0xd4, 0xc5, 0xf4, 0x4c, 0xf7, 0x74, 0xdb, 0x42, 0x9f, 0x42, 0x8d,
+	0xef, 0xa7, 0x43, 0x18, 0x69, 0x28, 0xab, 0xca, 0xda, 0xcc, 0xfa, 0x5b, 0x5a, 0xe4, 0xe9, 0x10,
+	0x5e, 0x73, 0x4e, 0xbb, 0x7c, 0xc1, 0xd3, 0x38, 0xb7, 0x76, 0x76, 0x5b, 0xdb, 0x3b, 0xfe, 0x8c,
+	0xb6, 0xd9, 0x2e, 0x65, 0xa4, 0x85, 0x9e, 0x0e, 0x56, 0xc6, 0x86, 0x83, 0x15, 0x88, 0xd6, 0x70,
+	0x88, 0x8a, 0xf6, 0x60, 0x42, 0xa0, 0x57, 0x04, 0xfa, 0xad, 0x42, 0x74, 0xb9, 0x69, 0x0d, 0x93,
+	0xcf, 0xef, 0x3f, 0x61, 0xd4, 0xe2, 0xe6, 0xb5, 0x5e, 0x92, 0xd0, 0x13, 0x5b, 0x84, 0x11, 0x2c,
+	0x80, 0xd0, 0x4d, 0xa8, 0xb9, 0xd2, 0xfc, 0xc6, 0xf8, 0xaa, 0xb2, 0x36, 0xde, 0xba, 0x22, 0xb9,
+	0x6a, 0xc1, 0xb6, 0x70, 0xc8, 0xa1, 0x3e, 0x55, 0xe0, 0x5a, 0x76, 0xdf, 0x3b, 0xba, 0xc7, 0xd0,
+	0x4f, 0x32, 0x7b, 0xd7, 0xca, 0xed, 0x9d, 0x4b, 0x8b, 0x9d, 0x87, 0x8a, 0x83, 0x95, 0xd8, 0xbe,
+	0xf7, 0xa1, 0xaa, 0x33, 0x6a, 0x7a, 0x8d, 0xca, 0xea, 0xf8, 0xda, 0xcc, 0xfa, 0x9b, 0x5a, 0x41,
+	0x00, 0x6b, 0x59, 0xeb, 0x5a, 0xb3, 0x12, 0xb7, 0xba, 0xcd, 0x11, 0xb0, 0x0f, 0xa4, 0xfe, 0xb2,
+	0x02, 0xb0, 0x45, 0x1d, 0xc3, 0xee, 0x9b, 0xd4, 0x62, 0x97, 0x70, 0x74, 0xdb, 0x30, 0xe1, 0x39,
+	0xb4, 0x2d, 0x8f, 0xee, 0x46, 0xe1, 0x0e, 0x22, 0xa3, 0x0e, 0x1c, 0xda, 0x8e, 0x0e, 0x8d, 0x7f,
+	0x61, 0x01, 0x81, 0x3e, 0x86, 0x49, 0x8f, 0x11, 0xd6, 0xf3, 0xc4, 0x91, 0xcd, 0xac, 0xbf, 0x5e,
+	0x06, 0x4c, 0x08, 0xb4, 0xea, 0x12, 0x6e, 0xd2, 0xff, 0xc6, 0x12, 0x48, 0xfd, 0xdb, 0x38, 0xcc,
+	0x47, 0xcc, 0x9b, 0xb6, 0xd5, 0xd1, 0x19, 0x0f, 0xe9, 0xbb, 0x30, 0xc1, 0xfa, 0x0e, 0x15, 0x3e,
+	0x99, 0x6e, 0xdd, 0x08, 0x8c, 0x39, 0xec, 0x3b, 0xf4, 0xf9, 0x60, 0x65, 0x31, 0x47, 0x84, 0x93,
+	0xb0, 0x10, 0x42, 0x3b, 0xa1, 0x9d, 0x15, 0x21, 0xfe, 0x4e, 0x52, 0xf9, 0xf3, 0xc1, 0x4a, 0x4e,
+	0x01, 0xd1, 0x42, 0xa4, 0xa4, 0x89, 0xe8, 0x33, 0xa8, 0x1b, 0xc4, 0x63, 0x47, 0x4e, 0x87, 0x30,
+	0x7a, 0xa8, 0x9b, 0xb4, 0x31, 0x29, 0x76, 0xff, 0x46, 0xb9, 0x83, 0xe2, 0x12, 0xad, 0x6b, 0xd2,
+	0x82, 0xfa, 0x4e, 0x02, 0x09, 0xa7, 0x90, 0xd1, 0x19, 0x20, 0xbe, 0x72, 0xe8, 0x12, 0xcb, 0xf3,
+	0x77, 0xc5, 0xf5, 0x4d, 0x8d, 0xac, 0x6f, 0x49, 0xea, 0x43, 0x3b, 0x19, 0x34, 0x9c, 0xa3, 0x01,
+	0xbd, 0x06, 0x93, 0x2e, 0x25, 0x9e, 0x6d, 0x35, 0x26, 0x84, 0xc7, 0xc2, 0xe3, 0xc2, 0x62, 0x15,
+	0x4b, 0x2a, 0x7a, 0x1d, 0xa6, 0x4c, 0xea, 0x79, 0xa4, 0x4b, 0x1b, 0x55, 0xc1, 0x38, 0x27, 0x19,
+	0xa7, 0x76, 0xfd, 0x65, 0x1c, 0xd0, 0xd5, 0x3f, 0x28, 0x50, 0x8f, 0x8e, 0xe9, 0x12, 0x72, 0xf5,
+	0x41, 0x32, 0x57, 0x5f, 0x2d, 0x11, 0x9c, 0x05, 0x39, 0xfa, 0x8f, 0x0a, 0xa0, 0x88, 0x09, 0xdb,
+	0x86, 0x71, 0x4c, 0xda, 0xa7, 0x68, 0x15, 0x26, 0x2c, 0x62, 0x06, 0x31, 0x19, 0x26, 0xc8, 0x47,
+	0xc4, 0xa4, 0x58, 0x50, 0xd0, 0x17, 0x0a, 0xa0, 0x9e, 0x38, 0xcd, 0xce, 0x86, 0x65, 0xd9, 0x8c,
+	0x70, 0x07, 0x07, 0x06, 0x6d, 0x96, 0x30, 0x28, 0xd0, 0xa5, 0x1d, 0x65, 0x50, 0xee, 0x5b, 0xcc,
+	0xed, 0x47, 0x07, 0x9b, 0x65, 0xc0, 0x39, 0xaa, 0xd1, 0x8f, 0x01, 0x5c, 0x89, 0x79, 0x68, 0xcb,
+	0xb4, 0x2d, 0xae, 0x01, 0x81, 0xfa, 0x4d, 0xdb, 0x7a, 0xac, 0x77, 0xa3, 0xc2, 0x82, 0x43, 0x08,
+	0x1c, 0x83, 0x5b, 0xba, 0x0f, 0x8b, 0x05, 0x76, 0xa2, 0x2b, 0x30, 0x7e, 0x4a, 0xfb, 0xbe, 0xab,
+	0x30, 0xff, 0x89, 0x16, 0xa0, 0x7a, 0x46, 0x8c, 0x1e, 0xf5, 0x73, 0x12, 0xfb, 0x1f, 0x77, 0x2a,
+	0xef, 0x29, 0xea, 0x6f, 0xab, 0xf1, 0x48, 0xe1, 0xf5, 0x06, 0xad, 0xf1, 0xeb, 0xc1, 0x31, 0xf4,
+	0x36, 0xf1, 0x04, 0x46, 0xb5, 0xf5, 0x92, 0x7f, 0x35, 0xf8, 0x6b, 0x38, 0xa4, 0xa2, 0x9f, 0x42,
+	0xcd, 0xa3, 0x06, 0x6d, 0x33, 0xdb, 0x95, 0x25, 0xee, 0xed, 0x92, 0x31, 0x45, 0x8e, 0xa9, 0x71,
+	0x20, 0x45, 0x7d, 0xf8, 0xe0, 0x0b, 0x87, 0x90, 0xe8, 0x63, 0xa8, 0x31, 0x6a, 0x3a, 0x06, 0x61,
+	0x54, 0x7a, 0x2f, 0x11, 0x57, 0xbc, 0x76, 0x70, 0xb0, 0x7d, 0xbb, 0x73, 0x28, 0xd9, 0x44, 0xf5,
+	0x0c, 0xe3, 0x34, 0x58, 0xc5, 0x21, 0x0c, 0xfa, 0x11, 0xd4, 0x3c, 0xc6, 0x6f, 0xf5, 0x6e, 0x5f,
+	0x64, 0xdb, 0x79, 0xd7, 0x4a, 0xbc, 0x8e, 0xfa, 0x22, 0x11, 0x74, 0xb0, 0x82, 0x43, 0x38, 0xb4,
+	0x01, 0x73, 0xa6, 0x6e, 0x61, 0x4a, 0x3a, 0xfd, 0x03, 0xda, 0xb6, 0xad, 0x8e, 0x27, 0xd2, 0xb4,
+	0xda, 0x5a, 0x94, 0x42, 0x73, 0xbb, 0x49, 0x32, 0x4e, 0xf3, 0xa3, 0x1d, 0x58, 0x08, 0xae, 0xdd,
+	0x07, 0xba, 0xc7, 0x6c, 0xb7, 0xbf, 0xa3, 0x9b, 0x3a, 0x13, 0x35, 0xaf, 0xda, 0x6a, 0x0c, 0x07,
+	0x2b, 0x0b, 0x38, 0x87, 0x8e, 0x73, 0xa5, 0x78, 0x5d, 0x71, 0x48, 0xcf, 0xa3, 0x1d, 0x51, 0xc3,
+	0x6a, 0x51, 0x5d, 0xd9, 0x17, 0xab, 0x58, 0x52, 0xd1, 0xa3, 0x44, 0x98, 0xd6, 0x46, 0x0b, 0xd3,
+	0x7a, 0x71, 0x88, 0xa2, 0x23, 0x58, 0x74, 0x5c, 0xbb, 0xeb, 0x52, 0xcf, 0xdb, 0xa2, 0xa4, 0x63,
+	0xe8, 0x16, 0x0d, 0x3c, 0x33, 0x2d, 0x76, 0xf4, 0xca, 0x70, 0xb0, 0xb2, 0xb8, 0x9f, 0xcf, 0x82,
+	0x8b, 0x64, 0xd5, 0x5f, 0x55, 0xe1, 0x4a, 0xfa, 0x8e, 0x43, 0x1f, 0x02, 0xb2, 0x8f, 0x3d, 0xea,
+	0x9e, 0xd1, 0xce, 0x07, 0x7e, 0xe3, 0xc6, 0xbb, 0x1b, 0x45, 0x74, 0x37, 0x61, 0xde, 0xee, 0x65,
+	0x38, 0x70, 0x8e, 0x94, 0xdf, 0x1f, 0xc9, 0x04, 0xa8, 0x08, 0x43, 0x63, 0xfd, 0x51, 0x26, 0x09,
+	0x36, 0x60, 0x4e, 0xe6, 0x7e, 0x40, 0x14, 0xc1, 0x1a, 0x3b, 0xf7, 0xa3, 0x24, 0x19, 0xa7, 0xf9,
+	0xd1, 0x5d, 0x98, 0x75, 0x79, 0x1c, 0x84, 0x00, 0x53, 0x02, 0xe0, 0x5b, 0x12, 0x60, 0x16, 0xc7,
+	0x89, 0x38, 0xc9, 0x8b, 0x3e, 0x80, 0xab, 0xe4, 0x8c, 0xe8, 0x06, 0x39, 0x36, 0x68, 0x08, 0x30,
+	0x21, 0x00, 0x5e, 0x96, 0x00, 0x57, 0x37, 0xd2, 0x0c, 0x38, 0x2b, 0x83, 0x76, 0x61, 0xbe, 0x67,
+	0x65, 0xa1, 0xfc, 0x20, 0x7e, 0x45, 0x42, 0xcd, 0x1f, 0x65, 0x59, 0x70, 0x9e, 0x1c, 0xda, 0x86,
+	0x79, 0x46, 0x5d, 0x53, 0xb7, 0x08, 0xd3, 0xad, 0x6e, 0x08, 0xe7, 0x9f, 0xfc, 0x22, 0x87, 0x3a,
+	0xcc, 0x92, 0x71, 0x9e, 0x0c, 0xfa, 0x14, 0xa0, 0x1d, 0x34, 0x08, 0x5e, 0x63, 0x52, 0x54, 0xf4,
+	0x9b, 0x25, 0xf2, 0x36, 0xec, 0x2a, 0xa2, 0x6a, 0x1a, 0x2e, 0x79, 0x38, 0x86, 0x89, 0xee, 0x40,
+	0xbd, 0x6d, 0x1b, 0x86, 0x48, 0xa2, 0x4d, 0xbb, 0x67, 0x31, 0x91, 0x07, 0xd5, 0x16, 0xe2, 0x7d,
+	0xc3, 0x66, 0x82, 0x82, 0x53, 0x9c, 0xea, 0x9f, 0x94, 0xf8, 0x8d, 0x15, 0x54, 0x06, 0x74, 0x27,
+	0xd1, 0x45, 0xbd, 0x96, 0xea, 0xa2, 0xae, 0x65, 0x25, 0x62, 0x4d, 0x94, 0x0e, 0xb3, 0x3c, 0x8f,
+	0x74, 0xab, 0xeb, 0xc7, 0x8e, 0xac, 0xae, 0x6f, 0x9d, 0x9b, 0x95, 0x21, 0x77, 0xec, 0x8e, 0xbd,
+	0x2a, 0xc2, 0x27, 0x4e, 0xc4, 0x49, 0x64, 0xf5, 0x1e, 0xd4, 0x93, 0x29, 0x9d, 0x18, 0x0f, 0x94,
+	0x0b, 0xc7, 0x83, 0xaf, 0x15, 0x58, 0x2c, 0xd0, 0x8e, 0x0c, 0xa8, 0x9b, 0xe4, 0x49, 0x2c, 0x62,
+	0x2e, 0x6c, 0xb3, 0xf9, 0x00, 0xa6, 0xf9, 0x03, 0x98, 0xb6, 0x6d, 0xb1, 0x3d, 0xf7, 0x80, 0xb9,
+	0xba, 0xd5, 0xf5, 0xcf, 0x61, 0x37, 0x81, 0x85, 0x53, 0xd8, 0xe8, 0x13, 0xa8, 0x99, 0xe4, 0xc9,
+	0x41, 0xcf, 0xed, 0xe6, 0xf9, 0xab, 0x9c, 0x1e, 0x71, 0x15, 0xed, 0x4a, 0x14, 0x1c, 0xe2, 0xa9,
+	0x7f, 0x56, 0x60, 0x35, 0xb1, 0x4b, 0x5e, 0x76, 0xe8, 0xe3, 0x9e, 0x71, 0x40, 0xa3, 0x13, 0x7f,
+	0x13, 0xa6, 0x1d, 0xe2, 0x32, 0x3d, 0x2c, 0x3d, 0xd5, 0xd6, 0xec, 0x70, 0xb0, 0x32, 0xbd, 0x1f,
+	0x2c, 0xe2, 0x88, 0x9e, 0xe3, 0x9b, 0xca, 0x8b, 0xf3, 0x8d, 0xfa, 0x1f, 0x05, 0xaa, 0x07, 0x6d,
+	0x62, 0xd0, 0x4b, 0x18, 0x7a, 0xb6, 0x12, 0x43, 0x8f, 0x5a, 0x18, 0xb3, 0xc2, 0x9e, 0xc2, 0x79,
+	0x67, 0x27, 0x35, 0xef, 0x5c, 0xbf, 0x00, 0xe7, 0xfc, 0x51, 0xe7, 0x7d, 0x98, 0x0e, 0xd5, 0x25,
+	0xea, 0xbb, 0x72, 0x51, 0x7d, 0x57, 0x7f, 0x53, 0x81, 0x99, 0x98, 0x8a, 0xd1, 0xa4, 0xb9, 0xbb,
+	0x63, 0x2d, 0x12, 0x2f, 0x5c, 0xeb, 0x65, 0x36, 0xa2, 0x05, 0xed, 0x90, 0xdf, 0x79, 0x46, 0x7d,
+	0x47, 0xb6, 0x4b, 0xba, 0x07, 0x75, 0x46, 0xdc, 0x2e, 0x65, 0x01, 0x4d, 0x38, 0x6c, 0x3a, 0x1a,
+	0x7b, 0x0e, 0x13, 0x54, 0x9c, 0xe2, 0x5e, 0xba, 0x0b, 0xb3, 0x09, 0x65, 0x23, 0xb5, 0x8f, 0x5f,
+	0x70, 0xe7, 0x44, 0xa9, 0x70, 0x09, 0xd1, 0xf5, 0x61, 0x22, 0xba, 0xd6, 0x8a, 0x9d, 0x19, 0x4b,
+	0xd0, 0xa2, 0x18, 0xc3, 0xa9, 0x18, 0x7b, 0xa3, 0x14, 0xda, 0xf9, 0x91, 0xf6, 0xcf, 0x0a, 0x2c,
+	0xc4, 0xb8, 0xa3, 0xa9, 0xfa, 0x7b, 0x89, 0xfb, 0x60, 0x2d, 0x75, 0x1f, 0x34, 0xf2, 0x64, 0x5e,
+	0xd8, 0x58, 0x9d, 0x3f, 0xea, 0x8e, 0xff, 0x3f, 0x8e, 0xba, 0x7f, 0x54, 0x60, 0x2e, 0xe6, 0xbb,
+	0x4b, 0x98, 0x75, 0xb7, 0x93, 0xb3, 0xee, 0xf5, 0x32, 0x41, 0x53, 0x30, 0xec, 0xde, 0x81, 0xf9,
+	0x18, 0xd3, 0x9e, 0xdb, 0xd1, 0x2d, 0x62, 0x78, 0xe8, 0x55, 0xa8, 0x7a, 0x8c, 0xb8, 0x2c, 0xb8,
+	0x44, 0x02, 0xd9, 0x03, 0xbe, 0x88, 0x7d, 0x9a, 0xfa, 0x2f, 0x05, 0x9a, 0x31, 0xe1, 0x7d, 0xea,
+	0x7a, 0xba, 0xc7, 0xa8, 0xc5, 0x1e, 0xda, 0x46, 0xcf, 0xa4, 0x9b, 0x06, 0xd1, 0x4d, 0x4c, 0xf9,
+	0x82, 0x6e, 0x5b, 0xfb, 0xb6, 0xa1, 0xb7, 0xfb, 0x88, 0xc0, 0xcc, 0xe7, 0x27, 0xd4, 0xda, 0xa2,
+	0x06, 0x65, 0xb4, 0x23, 0x43, 0xf1, 0x07, 0x12, 0x7e, 0xe6, 0x51, 0x44, 0x7a, 0x3e, 0x58, 0x59,
+	0x2b, 0x83, 0x28, 0x22, 0x34, 0x8e, 0x89, 0x7e, 0x06, 0xc0, 0x3f, 0x45, 0x2d, 0xeb, 0xc8, 0x60,
+	0xbd, 0x17, 0x64, 0xf4, 0xa3, 0x90, 0x32, 0x92, 0x82, 0x18, 0xa2, 0xfa, 0xbb, 0x5a, 0xe2, 0xbc,
+	0xbf, 0xf1, 0x13, 0xeb, 0xcf, 0x61, 0xe1, 0x2c, 0xf2, 0x4e, 0xc0, 0xc0, 0x3b, 0xfc, 0xf1, 0xf4,
+	0x2b, 0x60, 0x08, 0x9f, 0xe7, 0xd7, 0xd6, 0xb7, 0xa5, 0x92, 0x85, 0x87, 0x39, 0x70, 0x38, 0x57,
+	0x09, 0xfa, 0x2e, 0xcc, 0xf0, 0xe9, 0x48, 0x6f, 0xd3, 0x8f, 0x88, 0x19, 0xe4, 0xe2, 0x7c, 0x10,
+	0x2f, 0x07, 0x11, 0x09, 0xc7, 0xf9, 0xd0, 0x09, 0xcc, 0x3b, 0x76, 0x67, 0x97, 0x58, 0xa4, 0x4b,
+	0x79, 0x23, 0xe8, 0x1f, 0xa5, 0x18, 0x63, 0xa7, 0x5b, 0xef, 0x06, 0x93, 0xc4, 0x7e, 0x96, 0xe5,
+	0x39, 0x9f, 0x07, 0xb3, 0xcb, 0x22, 0x08, 0xf2, 0x20, 0x91, 0x0b, 0xf5, 0x9e, 0xec, 0xc7, 0xe4,
+	0x54, 0xef, 0xbf, 0xd7, 0xad, 0x97, 0x49, 0xca, 0xa3, 0x84, 0x64, 0x74, 0x61, 0x26, 0xd7, 0x71,
+	0x4a, 0x43, 0xe1, 0x94, 0x5e, 0xfb, 0x9f, 0xa6, 0xf4, 0x9c, 0x67, 0x83, 0xe9, 0x11, 0x9f, 0x0d,
+	0xfe, 0xa2, 0xc0, 0x75, 0xa7, 0x44, 0x2e, 0x35, 0x40, 0xf8, 0xe6, 0x41, 0x19, 0xdf, 0x94, 0xc9,
+	0xcd, 0xd6, 0xda, 0x70, 0xb0, 0x72, 0xbd, 0x0c, 0x27, 0x2e, 0x65, 0x1f, 0x7a, 0x08, 0x35, 0x5b,
+	0xd6, 0xc0, 0xc6, 0x8c, 0xb0, 0xf5, 0x66, 0x19, 0x5b, 0x83, 0xba, 0xe9, 0xa7, 0x65, 0xf0, 0x85,
+	0x43, 0x2c, 0xf5, 0xf7, 0x55, 0xb8, 0x9a, 0xb9, 0xc1, 0xd1, 0x0f, 0xcf, 0x79, 0x32, 0xb8, 0xf6,
+	0xc2, 0x9e, 0x0b, 0x32, 0xb3, 0xfe, 0xf8, 0x08, 0xb3, 0xfe, 0x06, 0xcc, 0xb5, 0x7b, 0xae, 0x4b,
+	0x2d, 0x96, 0x9a, 0xf4, 0xc3, 0x60, 0xd9, 0x4c, 0x92, 0x71, 0x9a, 0x3f, 0xef, 0xb9, 0xa2, 0x3a,
+	0xe2, 0x73, 0x45, 0xdc, 0x0a, 0x39, 0x27, 0xfa, 0xa9, 0x9d, 0xb5, 0x42, 0x8e, 0x8b, 0x69, 0x7e,
+	0xde, 0xb4, 0xfa, 0xa8, 0x21, 0xc2, 0x54, 0xb2, 0x69, 0x3d, 0x4a, 0x50, 0x71, 0x8a, 0x3b, 0x67,
+	0x5e, 0x9f, 0x2e, 0x3b, 0xaf, 0x23, 0x92, 0x78, 0x4d, 0x00, 0x51, 0x47, 0x6f, 0x95, 0x89, 0xb3,
+	0xf2, 0xcf, 0x09, 0xb9, 0x6f, 0x32, 0x33, 0xa3, 0xbf, 0xc9, 0xa8, 0x7f, 0x55, 0xe0, 0xe5, 0xc2,
+	0x8a, 0x85, 0x36, 0x12, 0x2d, 0xe5, 0xad, 0x54, 0x4b, 0xf9, 0x9d, 0x42, 0xc1, 0x58, 0x5f, 0xe9,
+	0xe6, 0xbf, 0x34, 0xbc, 0x5f, 0xee, 0xa5, 0x21, 0x67, 0x0a, 0xbe, 0xf8, 0xc9, 0xa1, 0xf5, 0xfd,
+	0xa7, 0xcf, 0x96, 0xc7, 0xbe, 0x7c, 0xb6, 0x3c, 0xf6, 0xd5, 0xb3, 0xe5, 0xb1, 0x5f, 0x0c, 0x97,
+	0x95, 0xa7, 0xc3, 0x65, 0xe5, 0xcb, 0xe1, 0xb2, 0xf2, 0xd5, 0x70, 0x59, 0xf9, 0xfb, 0x70, 0x59,
+	0xf9, 0xf5, 0xd7, 0xcb, 0x63, 0x9f, 0x2c, 0x16, 0xfc, 0xb1, 0xfd, 0xdf, 0x00, 0x00, 0x00, 0xff,
+	0xff, 0x40, 0xa4, 0x4b, 0xb9, 0xf2, 0x1e, 0x00, 0x00,
 }
 
 func (m *ControllerRevision) Marshal() (dAtA []byte, err error) {
@@ -1289,6 +1290,11 @@ func (m *DeploymentStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.TerminatingReplicas != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.TerminatingReplicas))
+		i--
+		dAtA[i] = 0x48
+	}
 	if m.CollisionCount != nil {
 		i = encodeVarintGenerated(dAtA, i, uint64(*m.CollisionCount))
 		i--
@@ -2225,6 +2231,9 @@ func (m *DeploymentStatus) Size() (n int) {
 	if m.CollisionCount != nil {
 		n += 1 + sovGenerated(uint64(*m.CollisionCount))
 	}
+	if m.TerminatingReplicas != nil {
+		n += 1 + sovGenerated(uint64(*m.TerminatingReplicas))
+	}
 	return n
 }
 
@@ -2627,6 +2636,7 @@ func (this *DeploymentStatus) String() string {
 		`Conditions:` + repeatedStringForConditions + `,`,
 		`ReadyReplicas:` + fmt.Sprintf("%v", this.ReadyReplicas) + `,`,
 		`CollisionCount:` + valueToStringGenerated(this.CollisionCount) + `,`,
+		`TerminatingReplicas:` + valueToStringGenerated(this.TerminatingReplicas) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -4337,6 +4347,26 @@ func (m *DeploymentStatus) Unmarshal(dAtA []byte) error {
 				}
 			}
 			m.CollisionCount = &v
+		case 9:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TerminatingReplicas", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.TerminatingReplicas = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/apps/v1beta1/generated.proto b/vendor/k8s.io/api/apps/v1beta1/generated.proto
index 46d7bfdf92..0601efc3c4 100644
--- a/vendor/k8s.io/api/apps/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/apps/v1beta1/generated.proto
@@ -179,33 +179,40 @@ message DeploymentSpec {
 
 // DeploymentStatus is the most recently observed status of the Deployment.
 message DeploymentStatus {
-  // observedGeneration is the generation observed by the deployment controller.
+  // The generation observed by the deployment controller.
   // +optional
   optional int64 observedGeneration = 1;
 
-  // replicas is the total number of non-terminated pods targeted by this deployment (their labels match the selector).
+  // Total number of non-terminating pods targeted by this deployment (their labels match the selector).
   // +optional
   optional int32 replicas = 2;
 
-  // updatedReplicas is the total number of non-terminated pods targeted by this deployment that have the desired template spec.
+  // Total number of non-terminating pods targeted by this deployment that have the desired template spec.
   // +optional
   optional int32 updatedReplicas = 3;
 
-  // readyReplicas is the number of pods targeted by this Deployment controller with a Ready Condition.
+  // Total number of non-terminating pods targeted by this Deployment with a Ready Condition.
   // +optional
   optional int32 readyReplicas = 7;
 
-  // Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+  // Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.
   // +optional
   optional int32 availableReplicas = 4;
 
-  // unavailableReplicas is the total number of unavailable pods targeted by this deployment. This is the total number of
+  // Total number of unavailable pods targeted by this deployment. This is the total number of
   // pods that are still required for the deployment to have 100% available capacity. They may
   // either be pods that are running but not yet available or pods that still have not been created.
   // +optional
   optional int32 unavailableReplicas = 5;
 
-  // Conditions represent the latest available observations of a deployment's current state.
+  // Total number of terminating pods targeted by this deployment. Terminating pods have a non-null
+  // .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.
+  //
+  // This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+  // +optional
+  optional int32 terminatingReplicas = 9;
+
+  // Represents the latest available observations of a deployment's current state.
   // +patchMergeKey=type
   // +patchStrategy=merge
   // +listType=map
@@ -455,6 +462,7 @@ message StatefulSetSpec {
   // the network identity of the set. Pods get DNS/hostnames that follow the
   // pattern: pod-specific-string.serviceName.default.svc.cluster.local
   // where "pod-specific-string" is managed by the StatefulSet controller.
+  // +optional
   optional string serviceName = 5;
 
   // podManagementPolicy controls how pods are created during initial scale up,
diff --git a/vendor/k8s.io/api/apps/v1beta1/types.go b/vendor/k8s.io/api/apps/v1beta1/types.go
index bc48519578..5530c990da 100644
--- a/vendor/k8s.io/api/apps/v1beta1/types.go
+++ b/vendor/k8s.io/api/apps/v1beta1/types.go
@@ -259,6 +259,7 @@ type StatefulSetSpec struct {
 	// the network identity of the set. Pods get DNS/hostnames that follow the
 	// pattern: pod-specific-string.serviceName.default.svc.cluster.local
 	// where "pod-specific-string" is managed by the StatefulSet controller.
+	// +optional
 	ServiceName string `json:"serviceName" protobuf:"bytes,5,opt,name=serviceName"`
 
 	// podManagementPolicy controls how pods are created during initial scale up,
@@ -548,33 +549,40 @@ type RollingUpdateDeployment struct {
 
 // DeploymentStatus is the most recently observed status of the Deployment.
 type DeploymentStatus struct {
-	// observedGeneration is the generation observed by the deployment controller.
+	// The generation observed by the deployment controller.
 	// +optional
 	ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,1,opt,name=observedGeneration"`
 
-	// replicas is the total number of non-terminated pods targeted by this deployment (their labels match the selector).
+	// Total number of non-terminating pods targeted by this deployment (their labels match the selector).
 	// +optional
 	Replicas int32 `json:"replicas,omitempty" protobuf:"varint,2,opt,name=replicas"`
 
-	// updatedReplicas is the total number of non-terminated pods targeted by this deployment that have the desired template spec.
+	// Total number of non-terminating pods targeted by this deployment that have the desired template spec.
 	// +optional
 	UpdatedReplicas int32 `json:"updatedReplicas,omitempty" protobuf:"varint,3,opt,name=updatedReplicas"`
 
-	// readyReplicas is the number of pods targeted by this Deployment controller with a Ready Condition.
+	// Total number of non-terminating pods targeted by this Deployment with a Ready Condition.
 	// +optional
 	ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,7,opt,name=readyReplicas"`
 
-	// Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+	// Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.
 	// +optional
 	AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,4,opt,name=availableReplicas"`
 
-	// unavailableReplicas is the total number of unavailable pods targeted by this deployment. This is the total number of
+	// Total number of unavailable pods targeted by this deployment. This is the total number of
 	// pods that are still required for the deployment to have 100% available capacity. They may
 	// either be pods that are running but not yet available or pods that still have not been created.
 	// +optional
 	UnavailableReplicas int32 `json:"unavailableReplicas,omitempty" protobuf:"varint,5,opt,name=unavailableReplicas"`
 
-	// Conditions represent the latest available observations of a deployment's current state.
+	// Total number of terminating pods targeted by this deployment. Terminating pods have a non-null
+	// .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.
+	//
+	// This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+	// +optional
+	TerminatingReplicas *int32 `json:"terminatingReplicas,omitempty" protobuf:"varint,9,opt,name=terminatingReplicas"`
+
+	// Represents the latest available observations of a deployment's current state.
 	// +patchMergeKey=type
 	// +patchStrategy=merge
 	// +listType=map
diff --git a/vendor/k8s.io/api/apps/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/apps/v1beta1/types_swagger_doc_generated.go
index 1381d75dc0..02ea5f7f26 100644
--- a/vendor/k8s.io/api/apps/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/apps/v1beta1/types_swagger_doc_generated.go
@@ -113,13 +113,14 @@ func (DeploymentSpec) SwaggerDoc() map[string]string {
 
 var map_DeploymentStatus = map[string]string{
 	"":                    "DeploymentStatus is the most recently observed status of the Deployment.",
-	"observedGeneration":  "observedGeneration is the generation observed by the deployment controller.",
-	"replicas":            "replicas is the total number of non-terminated pods targeted by this deployment (their labels match the selector).",
-	"updatedReplicas":     "updatedReplicas is the total number of non-terminated pods targeted by this deployment that have the desired template spec.",
-	"readyReplicas":       "readyReplicas is the number of pods targeted by this Deployment controller with a Ready Condition.",
-	"availableReplicas":   "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.",
-	"unavailableReplicas": "unavailableReplicas is the total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.",
-	"conditions":          "Conditions represent the latest available observations of a deployment's current state.",
+	"observedGeneration":  "The generation observed by the deployment controller.",
+	"replicas":            "Total number of non-terminating pods targeted by this deployment (their labels match the selector).",
+	"updatedReplicas":     "Total number of non-terminating pods targeted by this deployment that have the desired template spec.",
+	"readyReplicas":       "Total number of non-terminating pods targeted by this Deployment with a Ready Condition.",
+	"availableReplicas":   "Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.",
+	"unavailableReplicas": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.",
+	"terminatingReplicas": "Total number of terminating pods targeted by this deployment. Terminating pods have a non-null .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.\n\nThis is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.",
+	"conditions":          "Represents the latest available observations of a deployment's current state.",
 	"collisionCount":      "collisionCount is the count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.",
 }
 
diff --git a/vendor/k8s.io/api/apps/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/apps/v1beta1/zz_generated.deepcopy.go
index dd73f1a5a9..e8594766c7 100644
--- a/vendor/k8s.io/api/apps/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/apps/v1beta1/zz_generated.deepcopy.go
@@ -246,6 +246,11 @@ func (in *DeploymentSpec) DeepCopy() *DeploymentSpec {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) {
 	*out = *in
+	if in.TerminatingReplicas != nil {
+		in, out := &in.TerminatingReplicas, &out.TerminatingReplicas
+		*out = new(int32)
+		**out = **in
+	}
 	if in.Conditions != nil {
 		in, out := &in.Conditions, &out.Conditions
 		*out = make([]DeploymentCondition, len(*in))
diff --git a/vendor/k8s.io/api/apps/v1beta2/doc.go b/vendor/k8s.io/api/apps/v1beta2/doc.go
index ac91fddfd5..7d28fe42df 100644
--- a/vendor/k8s.io/api/apps/v1beta2/doc.go
+++ b/vendor/k8s.io/api/apps/v1beta2/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1beta2 // import "k8s.io/api/apps/v1beta2"
+package v1beta2
diff --git a/vendor/k8s.io/api/apps/v1beta2/generated.pb.go b/vendor/k8s.io/api/apps/v1beta2/generated.pb.go
index 1c3d3be5bc..9fcba6feb1 100644
--- a/vendor/k8s.io/api/apps/v1beta2/generated.pb.go
+++ b/vendor/k8s.io/api/apps/v1beta2/generated.pb.go
@@ -1017,153 +1017,155 @@ func init() {
 }
 
 var fileDescriptor_c423c016abf485d4 = []byte{
-	// 2328 bytes of a gzipped FileDescriptorProto
+	// 2359 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x5a, 0xcd, 0x6f, 0x1b, 0xc7,
-	0x15, 0xf7, 0xf2, 0x43, 0x26, 0x87, 0x96, 0x64, 0x8f, 0x54, 0x89, 0xb1, 0x5b, 0xd2, 0x58, 0x1b,
-	0xb6, 0x12, 0xdb, 0xa4, 0xad, 0x7c, 0x20, 0xb1, 0xdb, 0x04, 0xa2, 0x94, 0xda, 0x0e, 0xf4, 0xc1,
-	0x0c, 0x2d, 0x07, 0x0d, 0xfa, 0xe1, 0x11, 0x39, 0xa6, 0x36, 0xde, 0x2f, 0xec, 0x0e, 0x15, 0x13,
-	0xbd, 0xf4, 0x5a, 0xa0, 0x40, 0xdb, 0x6b, 0xff, 0x89, 0xa2, 0x97, 0xa2, 0x68, 0xd0, 0x4b, 0x11,
-	0x04, 0x3e, 0x06, 0xbd, 0x24, 0x27, 0xa2, 0x66, 0x4e, 0x45, 0xd1, 0x5b, 0x7b, 0x31, 0x50, 0xa0,
-	0x98, 0xd9, 0xd9, 0xef, 0x5d, 0x73, 0xa9, 0xd8, 0x4a, 0x13, 0xe4, 0xc6, 0x9d, 0xf7, 0xde, 0x6f,
-	0xde, 0xcc, 0xbc, 0x37, 0xef, 0x37, 0x33, 0x04, 0x17, 0x1f, 0xbc, 0x6e, 0x37, 0x14, 0xa3, 0x89,
-	0x4d, 0xa5, 0x89, 0x4d, 0xd3, 0x6e, 0x1e, 0x5c, 0xdb, 0x23, 0x14, 0xaf, 0x36, 0xfb, 0x44, 0x27,
-	0x16, 0xa6, 0xa4, 0xd7, 0x30, 0x2d, 0x83, 0x1a, 0x70, 0xd9, 0x51, 0x6c, 0x60, 0x53, 0x69, 0x30,
-	0xc5, 0x86, 0x50, 0x3c, 0x7d, 0xa5, 0xaf, 0xd0, 0xfd, 0xc1, 0x5e, 0xa3, 0x6b, 0x68, 0xcd, 0xbe,
-	0xd1, 0x37, 0x9a, 0x5c, 0x7f, 0x6f, 0x70, 0x9f, 0x7f, 0xf1, 0x0f, 0xfe, 0xcb, 0xc1, 0x39, 0x2d,
-	0x07, 0x3a, 0xec, 0x1a, 0x16, 0x69, 0x1e, 0x5c, 0x8b, 0xf6, 0x75, 0xfa, 0x15, 0x5f, 0x47, 0xc3,
-	0xdd, 0x7d, 0x45, 0x27, 0xd6, 0xb0, 0x69, 0x3e, 0xe8, 0xb3, 0x06, 0xbb, 0xa9, 0x11, 0x8a, 0x93,
-	0xac, 0x9a, 0x69, 0x56, 0xd6, 0x40, 0xa7, 0x8a, 0x46, 0x62, 0x06, 0xaf, 0x4d, 0x32, 0xb0, 0xbb,
-	0xfb, 0x44, 0xc3, 0x31, 0xbb, 0x97, 0xd3, 0xec, 0x06, 0x54, 0x51, 0x9b, 0x8a, 0x4e, 0x6d, 0x6a,
-	0x45, 0x8d, 0xe4, 0xff, 0x48, 0x00, 0xae, 0x1b, 0x3a, 0xb5, 0x0c, 0x55, 0x25, 0x16, 0x22, 0x07,
-	0x8a, 0xad, 0x18, 0x3a, 0xbc, 0x07, 0x4a, 0x6c, 0x3c, 0x3d, 0x4c, 0x71, 0x55, 0x3a, 0x2b, 0xad,
-	0x54, 0x56, 0xaf, 0x36, 0xfc, 0x99, 0xf6, 0xe0, 0x1b, 0xe6, 0x83, 0x3e, 0x6b, 0xb0, 0x1b, 0x4c,
-	0xbb, 0x71, 0x70, 0xad, 0xb1, 0xb3, 0xf7, 0x01, 0xe9, 0xd2, 0x2d, 0x42, 0x71, 0x0b, 0x3e, 0x1a,
-	0xd5, 0x8f, 0x8d, 0x47, 0x75, 0xe0, 0xb7, 0x21, 0x0f, 0x15, 0xee, 0x80, 0x02, 0x47, 0xcf, 0x71,
-	0xf4, 0x2b, 0xa9, 0xe8, 0x62, 0xd0, 0x0d, 0x84, 0x3f, 0x7c, 0xfb, 0x21, 0x25, 0x3a, 0x73, 0xaf,
-	0x75, 0x42, 0x40, 0x17, 0x36, 0x30, 0xc5, 0x88, 0x03, 0xc1, 0xcb, 0xa0, 0x64, 0x09, 0xf7, 0xab,
-	0xf9, 0xb3, 0xd2, 0x4a, 0xbe, 0x75, 0x52, 0x68, 0x95, 0xdc, 0x61, 0x21, 0x4f, 0x43, 0x7e, 0x24,
-	0x81, 0xa5, 0xf8, 0xb8, 0x37, 0x15, 0x9b, 0xc2, 0x1f, 0xc7, 0xc6, 0xde, 0xc8, 0x36, 0x76, 0x66,
-	0xcd, 0x47, 0xee, 0x75, 0xec, 0xb6, 0x04, 0xc6, 0xdd, 0x06, 0x45, 0x85, 0x12, 0xcd, 0xae, 0xe6,
-	0xce, 0xe6, 0x57, 0x2a, 0xab, 0x97, 0x1a, 0x29, 0x01, 0xdc, 0x88, 0x7b, 0xd7, 0x9a, 0x15, 0xb8,
-	0xc5, 0xdb, 0x0c, 0x01, 0x39, 0x40, 0xf2, 0x2f, 0x73, 0xa0, 0xbc, 0x81, 0x89, 0x66, 0xe8, 0x1d,
-	0x42, 0x8f, 0x60, 0xe5, 0x6e, 0x81, 0x82, 0x6d, 0x92, 0xae, 0x58, 0xb9, 0x0b, 0xa9, 0x03, 0xf0,
-	0x7c, 0xea, 0x98, 0xa4, 0xeb, 0x2f, 0x19, 0xfb, 0x42, 0x1c, 0x01, 0xb6, 0xc1, 0x8c, 0x4d, 0x31,
-	0x1d, 0xd8, 0x7c, 0xc1, 0x2a, 0xab, 0x2b, 0x19, 0xb0, 0xb8, 0x7e, 0x6b, 0x4e, 0xa0, 0xcd, 0x38,
-	0xdf, 0x48, 0xe0, 0xc8, 0xff, 0xc8, 0x01, 0xe8, 0xe9, 0xae, 0x1b, 0x7a, 0x4f, 0xa1, 0x2c, 0x9c,
-	0xaf, 0x83, 0x02, 0x1d, 0x9a, 0x84, 0x4f, 0x48, 0xb9, 0x75, 0xc1, 0x75, 0xe5, 0xce, 0xd0, 0x24,
-	0x4f, 0x46, 0xf5, 0xa5, 0xb8, 0x05, 0x93, 0x20, 0x6e, 0x03, 0x37, 0x3d, 0x27, 0x73, 0xdc, 0xfa,
-	0x95, 0x70, 0xd7, 0x4f, 0x46, 0xf5, 0x84, 0xbd, 0xa3, 0xe1, 0x21, 0x85, 0x1d, 0x84, 0x07, 0x00,
-	0xaa, 0xd8, 0xa6, 0x77, 0x2c, 0xac, 0xdb, 0x4e, 0x4f, 0x8a, 0x46, 0xc4, 0xf0, 0x5f, 0xca, 0xb6,
-	0x50, 0xcc, 0xa2, 0x75, 0x5a, 0x78, 0x01, 0x37, 0x63, 0x68, 0x28, 0xa1, 0x07, 0x78, 0x01, 0xcc,
-	0x58, 0x04, 0xdb, 0x86, 0x5e, 0x2d, 0xf0, 0x51, 0x78, 0x13, 0x88, 0x78, 0x2b, 0x12, 0x52, 0xf8,
-	0x22, 0x38, 0xae, 0x11, 0xdb, 0xc6, 0x7d, 0x52, 0x2d, 0x72, 0xc5, 0x79, 0xa1, 0x78, 0x7c, 0xcb,
-	0x69, 0x46, 0xae, 0x5c, 0xfe, 0xa3, 0x04, 0x66, 0xbd, 0x99, 0x3b, 0x82, 0xcc, 0xb9, 0x19, 0xce,
-	0x1c, 0x79, 0x72, 0xb0, 0xa4, 0x24, 0xcc, 0xc7, 0xf9, 0x80, 0xe3, 0x2c, 0x1c, 0xe1, 0x4f, 0x40,
-	0xc9, 0x26, 0x2a, 0xe9, 0x52, 0xc3, 0x12, 0x8e, 0xbf, 0x9c, 0xd1, 0x71, 0xbc, 0x47, 0xd4, 0x8e,
-	0x30, 0x6d, 0x9d, 0x60, 0x9e, 0xbb, 0x5f, 0xc8, 0x83, 0x84, 0xef, 0x82, 0x12, 0x25, 0x9a, 0xa9,
-	0x62, 0x4a, 0x44, 0xd6, 0x9c, 0x0b, 0x3a, 0xcf, 0x62, 0x86, 0x81, 0xb5, 0x8d, 0xde, 0x1d, 0xa1,
-	0xc6, 0x53, 0xc6, 0x9b, 0x0c, 0xb7, 0x15, 0x79, 0x30, 0xd0, 0x04, 0x73, 0x03, 0xb3, 0xc7, 0x34,
-	0x29, 0xdb, 0xce, 0xfb, 0x43, 0x11, 0x43, 0x57, 0x27, 0xcf, 0xca, 0x6e, 0xc8, 0xae, 0xb5, 0x24,
-	0x7a, 0x99, 0x0b, 0xb7, 0xa3, 0x08, 0x3e, 0x5c, 0x03, 0xf3, 0x9a, 0xa2, 0x23, 0x82, 0x7b, 0xc3,
-	0x0e, 0xe9, 0x1a, 0x7a, 0xcf, 0xe6, 0xa1, 0x54, 0x6c, 0x2d, 0x0b, 0x80, 0xf9, 0xad, 0xb0, 0x18,
-	0x45, 0xf5, 0xe1, 0x26, 0x58, 0x74, 0x37, 0xe0, 0x5b, 0x8a, 0x4d, 0x0d, 0x6b, 0xb8, 0xa9, 0x68,
-	0x0a, 0xad, 0xce, 0x70, 0x9c, 0xea, 0x78, 0x54, 0x5f, 0x44, 0x09, 0x72, 0x94, 0x68, 0x25, 0xff,
-	0x76, 0x06, 0xcc, 0x47, 0xf6, 0x05, 0x78, 0x17, 0x2c, 0x75, 0x07, 0x96, 0x45, 0x74, 0xba, 0x3d,
-	0xd0, 0xf6, 0x88, 0xd5, 0xe9, 0xee, 0x93, 0xde, 0x40, 0x25, 0x3d, 0xbe, 0xac, 0xc5, 0x56, 0x4d,
-	0xf8, 0xba, 0xb4, 0x9e, 0xa8, 0x85, 0x52, 0xac, 0xe1, 0x3b, 0x00, 0xea, 0xbc, 0x69, 0x4b, 0xb1,
-	0x6d, 0x0f, 0x33, 0xc7, 0x31, 0xbd, 0x54, 0xdc, 0x8e, 0x69, 0xa0, 0x04, 0x2b, 0xe6, 0x63, 0x8f,
-	0xd8, 0x8a, 0x45, 0x7a, 0x51, 0x1f, 0xf3, 0x61, 0x1f, 0x37, 0x12, 0xb5, 0x50, 0x8a, 0x35, 0x7c,
-	0x15, 0x54, 0x9c, 0xde, 0xf8, 0x9c, 0x8b, 0xc5, 0x59, 0x10, 0x60, 0x95, 0x6d, 0x5f, 0x84, 0x82,
-	0x7a, 0x6c, 0x68, 0xc6, 0x9e, 0x4d, 0xac, 0x03, 0xd2, 0xbb, 0xe9, 0x90, 0x03, 0x56, 0x41, 0x8b,
-	0xbc, 0x82, 0x7a, 0x43, 0xdb, 0x89, 0x69, 0xa0, 0x04, 0x2b, 0x36, 0x34, 0x27, 0x6a, 0x62, 0x43,
-	0x9b, 0x09, 0x0f, 0x6d, 0x37, 0x51, 0x0b, 0xa5, 0x58, 0xb3, 0xd8, 0x73, 0x5c, 0x5e, 0x3b, 0xc0,
-	0x8a, 0x8a, 0xf7, 0x54, 0x52, 0x3d, 0x1e, 0x8e, 0xbd, 0xed, 0xb0, 0x18, 0x45, 0xf5, 0xe1, 0x4d,
-	0x70, 0xca, 0x69, 0xda, 0xd5, 0xb1, 0x07, 0x52, 0xe2, 0x20, 0x2f, 0x08, 0x90, 0x53, 0xdb, 0x51,
-	0x05, 0x14, 0xb7, 0x81, 0xd7, 0xc1, 0x5c, 0xd7, 0x50, 0x55, 0x1e, 0x8f, 0xeb, 0xc6, 0x40, 0xa7,
-	0xd5, 0x32, 0x47, 0x81, 0x2c, 0x87, 0xd6, 0x43, 0x12, 0x14, 0xd1, 0x84, 0x3f, 0x03, 0xa0, 0xeb,
-	0x16, 0x06, 0xbb, 0x0a, 0x26, 0x30, 0x80, 0x78, 0x59, 0xf2, 0x2b, 0xb3, 0xd7, 0x64, 0xa3, 0x00,
-	0xa4, 0xfc, 0xb1, 0x04, 0x96, 0x53, 0x12, 0x1d, 0xbe, 0x15, 0x2a, 0x82, 0x97, 0x22, 0x45, 0xf0,
-	0x4c, 0x8a, 0x59, 0xa0, 0x12, 0xee, 0x83, 0x59, 0x46, 0x48, 0x14, 0xbd, 0xef, 0xa8, 0x88, 0xbd,
-	0xac, 0x99, 0x3a, 0x00, 0x14, 0xd4, 0xf6, 0x77, 0xe5, 0x53, 0xe3, 0x51, 0x7d, 0x36, 0x24, 0x43,
-	0x61, 0x60, 0xf9, 0x57, 0x39, 0x00, 0x36, 0x88, 0xa9, 0x1a, 0x43, 0x8d, 0xe8, 0x47, 0xc1, 0x69,
-	0x6e, 0x87, 0x38, 0xcd, 0xc5, 0xf4, 0x25, 0xf1, 0x9c, 0x4a, 0x25, 0x35, 0xef, 0x46, 0x48, 0xcd,
-	0x8b, 0x59, 0xc0, 0x9e, 0xce, 0x6a, 0x3e, 0xcb, 0x83, 0x05, 0x5f, 0xd9, 0xa7, 0x35, 0x37, 0x42,
-	0x2b, 0x7a, 0x31, 0xb2, 0xa2, 0xcb, 0x09, 0x26, 0xcf, 0x8d, 0xd7, 0x7c, 0x00, 0xe6, 0x18, 0xeb,
-	0x70, 0xd6, 0x8f, 0x73, 0x9a, 0x99, 0xa9, 0x39, 0x8d, 0x57, 0x89, 0x36, 0x43, 0x48, 0x28, 0x82,
-	0x9c, 0xc2, 0xa1, 0x8e, 0x7f, 0x1d, 0x39, 0xd4, 0x9f, 0x24, 0x30, 0xe7, 0x2f, 0xd3, 0x11, 0x90,
-	0xa8, 0x5b, 0x61, 0x12, 0x75, 0x2e, 0x43, 0x70, 0xa6, 0xb0, 0xa8, 0xcf, 0x0a, 0x41, 0xd7, 0x39,
-	0x8d, 0x5a, 0x61, 0x47, 0x30, 0x53, 0x55, 0xba, 0xd8, 0x16, 0xf5, 0xf6, 0x84, 0x73, 0xfc, 0x72,
-	0xda, 0x90, 0x27, 0x0d, 0x11, 0xae, 0xdc, 0xf3, 0x25, 0x5c, 0xf9, 0x67, 0x43, 0xb8, 0x7e, 0x04,
-	0x4a, 0xb6, 0x4b, 0xb5, 0x0a, 0x1c, 0xf2, 0x52, 0xa6, 0xc4, 0x16, 0x2c, 0xcb, 0x83, 0xf6, 0xf8,
-	0x95, 0x07, 0x97, 0xc4, 0xac, 0x8a, 0x5f, 0x25, 0xb3, 0x62, 0x81, 0x6e, 0xe2, 0x81, 0x4d, 0x7a,
-	0x3c, 0xa9, 0x4a, 0x7e, 0xa0, 0xb7, 0x79, 0x2b, 0x12, 0x52, 0xb8, 0x0b, 0x96, 0x4d, 0xcb, 0xe8,
-	0x5b, 0xc4, 0xb6, 0x37, 0x08, 0xee, 0xa9, 0x8a, 0x4e, 0xdc, 0x01, 0x38, 0x35, 0xf1, 0xcc, 0x78,
-	0x54, 0x5f, 0x6e, 0x27, 0xab, 0xa0, 0x34, 0x5b, 0xf9, 0xaf, 0x05, 0x70, 0x32, 0xba, 0x37, 0xa6,
-	0xd0, 0x14, 0xe9, 0x50, 0x34, 0xe5, 0x72, 0x20, 0x4e, 0x1d, 0x0e, 0x17, 0xb8, 0x2a, 0x88, 0xc5,
-	0xea, 0x1a, 0x98, 0x17, 0xb4, 0xc4, 0x15, 0x0a, 0xa2, 0xe6, 0x2d, 0xcf, 0x6e, 0x58, 0x8c, 0xa2,
-	0xfa, 0xf0, 0x06, 0x98, 0xb5, 0x38, 0xf3, 0x72, 0x01, 0x1c, 0xf6, 0xf2, 0x1d, 0x01, 0x30, 0x8b,
-	0x82, 0x42, 0x14, 0xd6, 0x65, 0xcc, 0xc5, 0x27, 0x24, 0x2e, 0x40, 0x21, 0xcc, 0x5c, 0xd6, 0xa2,
-	0x0a, 0x28, 0x6e, 0x03, 0xb7, 0xc0, 0xc2, 0x40, 0x8f, 0x43, 0x39, 0xb1, 0x76, 0x46, 0x40, 0x2d,
-	0xec, 0xc6, 0x55, 0x50, 0x92, 0x1d, 0xbc, 0x17, 0x22, 0x33, 0x33, 0x7c, 0x3f, 0xb9, 0x9c, 0x21,
-	0x27, 0x32, 0xb3, 0x99, 0x04, 0xaa, 0x55, 0xca, 0x4a, 0xb5, 0xe4, 0x8f, 0x24, 0x00, 0xe3, 0x79,
-	0x38, 0xf1, 0x26, 0x20, 0x66, 0x11, 0xa8, 0x98, 0x4a, 0x32, 0xff, 0xb9, 0x9a, 0x91, 0xff, 0xf8,
-	0x1b, 0x6a, 0x36, 0x02, 0x24, 0x26, 0xfa, 0x68, 0x2e, 0x75, 0xb2, 0x12, 0x20, 0xdf, 0xa9, 0x67,
-	0x40, 0x80, 0x02, 0x60, 0x4f, 0x27, 0x40, 0xff, 0xcc, 0x81, 0x05, 0x5f, 0x39, 0x33, 0x01, 0x4a,
-	0x30, 0xf9, 0xf6, 0x62, 0x27, 0x1b, 0x29, 0xf1, 0xa7, 0xee, 0xff, 0x89, 0x94, 0xf8, 0x5e, 0xa5,
-	0x90, 0x92, 0xdf, 0xe7, 0x82, 0xae, 0x4f, 0x49, 0x4a, 0x9e, 0xc1, 0x0d, 0xc7, 0xd7, 0x8e, 0xd7,
-	0xc8, 0x9f, 0xe4, 0xc1, 0xc9, 0x68, 0x1e, 0x86, 0x0a, 0xa4, 0x34, 0xb1, 0x40, 0xb6, 0xc1, 0xe2,
-	0xfd, 0x81, 0xaa, 0x0e, 0xf9, 0x18, 0x02, 0x55, 0xd2, 0x29, 0xad, 0xdf, 0x15, 0x96, 0x8b, 0x3f,
-	0x4c, 0xd0, 0x41, 0x89, 0x96, 0xf1, 0x7a, 0x59, 0xf8, 0xb2, 0xf5, 0xb2, 0x78, 0x88, 0x7a, 0x99,
-	0x4c, 0x39, 0xf2, 0x87, 0xa2, 0x1c, 0xd3, 0x15, 0xcb, 0x84, 0x8d, 0x6b, 0xe2, 0xd1, 0x7f, 0x2c,
-	0x81, 0xa5, 0xe4, 0x03, 0x37, 0x54, 0xc1, 0x9c, 0x86, 0x1f, 0x06, 0x2f, 0x3e, 0x26, 0x15, 0x91,
-	0x01, 0x55, 0xd4, 0x86, 0xf3, 0x64, 0xd4, 0xb8, 0xad, 0xd3, 0x1d, 0xab, 0x43, 0x2d, 0x45, 0xef,
-	0x3b, 0x95, 0x77, 0x2b, 0x84, 0x85, 0x22, 0xd8, 0xf0, 0x7d, 0x50, 0xd2, 0xf0, 0xc3, 0xce, 0xc0,
-	0xea, 0x27, 0x55, 0xc8, 0x6c, 0xfd, 0xf0, 0x04, 0xd8, 0x12, 0x28, 0xc8, 0xc3, 0x93, 0xbf, 0x90,
-	0xc0, 0x72, 0x4a, 0x55, 0xfd, 0x06, 0x8d, 0xf2, 0x2f, 0x12, 0x38, 0x1b, 0x1a, 0x25, 0x4b, 0x4b,
-	0x72, 0x7f, 0xa0, 0xf2, 0x0c, 0x15, 0x4c, 0xe6, 0x12, 0x28, 0x9b, 0xd8, 0xa2, 0x8a, 0xc7, 0x83,
-	0x8b, 0xad, 0xd9, 0xf1, 0xa8, 0x5e, 0x6e, 0xbb, 0x8d, 0xc8, 0x97, 0x27, 0xcc, 0x4d, 0xee, 0xf9,
-	0xcd, 0x8d, 0xfc, 0x5f, 0x09, 0x14, 0x3b, 0x5d, 0xac, 0x92, 0x23, 0x20, 0x2e, 0x1b, 0x21, 0xe2,
-	0x92, 0xfe, 0x28, 0xc0, 0xfd, 0x49, 0xe5, 0x2c, 0x9b, 0x11, 0xce, 0x72, 0x7e, 0x02, 0xce, 0xd3,
-	0xe9, 0xca, 0x1b, 0xa0, 0xec, 0x75, 0x37, 0xdd, 0x5e, 0x2a, 0xff, 0x2e, 0x07, 0x2a, 0x81, 0x2e,
-	0xa6, 0xdc, 0x89, 0xef, 0x85, 0xca, 0x0f, 0xdb, 0x63, 0x56, 0xb3, 0x0c, 0xa4, 0xe1, 0x96, 0x9a,
-	0xb7, 0x75, 0x6a, 0x05, 0xcf, 0xaa, 0xf1, 0x0a, 0xf4, 0x26, 0x98, 0xa3, 0xd8, 0xea, 0x13, 0xea,
-	0xca, 0xf8, 0x84, 0x95, 0xfd, 0xbb, 0x9b, 0x3b, 0x21, 0x29, 0x8a, 0x68, 0x9f, 0xbe, 0x01, 0x66,
-	0x43, 0x9d, 0xc1, 0x93, 0x20, 0xff, 0x80, 0x0c, 0x1d, 0x06, 0x87, 0xd8, 0x4f, 0xb8, 0x08, 0x8a,
-	0x07, 0x58, 0x1d, 0x38, 0x21, 0x5a, 0x46, 0xce, 0xc7, 0xf5, 0xdc, 0xeb, 0x92, 0xfc, 0x6b, 0x36,
-	0x39, 0x7e, 0x2a, 0x1c, 0x41, 0x74, 0xbd, 0x13, 0x8a, 0xae, 0xf4, 0xf7, 0xc9, 0x60, 0x82, 0xa6,
-	0xc5, 0x18, 0x8a, 0xc4, 0xd8, 0x4b, 0x99, 0xd0, 0x9e, 0x1e, 0x69, 0xff, 0xca, 0x81, 0xc5, 0x80,
-	0xb6, 0xcf, 0x8c, 0xbf, 0x1f, 0x62, 0xc6, 0x2b, 0x11, 0x66, 0x5c, 0x4d, 0xb2, 0xf9, 0x96, 0x1a,
-	0x4f, 0xa6, 0xc6, 0x7f, 0x96, 0xc0, 0x7c, 0x60, 0xee, 0x8e, 0x80, 0x1b, 0xdf, 0x0e, 0x73, 0xe3,
-	0xf3, 0x59, 0x82, 0x26, 0x85, 0x1c, 0x5f, 0x07, 0x0b, 0x01, 0xa5, 0x1d, 0xab, 0xa7, 0xe8, 0x58,
-	0xb5, 0xe1, 0x39, 0x50, 0xb4, 0x29, 0xb6, 0xa8, 0x5b, 0x44, 0x5c, 0xdb, 0x0e, 0x6b, 0x44, 0x8e,
-	0x4c, 0xfe, 0xb7, 0x04, 0x9a, 0x01, 0xe3, 0x36, 0xb1, 0x6c, 0xc5, 0xa6, 0x44, 0xa7, 0x77, 0x0d,
-	0x75, 0xa0, 0x91, 0x75, 0x15, 0x2b, 0x1a, 0x22, 0xac, 0x41, 0x31, 0xf4, 0xb6, 0xa1, 0x2a, 0xdd,
-	0x21, 0xc4, 0xa0, 0xf2, 0xe1, 0x3e, 0xd1, 0x37, 0x88, 0x4a, 0xa8, 0x78, 0x81, 0x2b, 0xb7, 0xde,
-	0x72, 0x1f, 0xa4, 0xde, 0xf3, 0x45, 0x4f, 0x46, 0xf5, 0x95, 0x2c, 0x88, 0x3c, 0x42, 0x83, 0x98,
-	0xf0, 0xa7, 0x00, 0xb0, 0x4f, 0xbe, 0x97, 0xf5, 0x44, 0xb0, 0xbe, 0xe9, 0x66, 0xf4, 0x7b, 0x9e,
-	0x64, 0xaa, 0x0e, 0x02, 0x88, 0xf2, 0x1f, 0x4a, 0xa1, 0xf5, 0xfe, 0xc6, 0xdf, 0x72, 0xfe, 0x1c,
-	0x2c, 0x1e, 0xf8, 0xb3, 0xe3, 0x2a, 0x30, 0xfe, 0x9d, 0x8f, 0x9e, 0xe4, 0x3d, 0xf8, 0xa4, 0x79,
-	0xf5, 0x59, 0xff, 0xdd, 0x04, 0x38, 0x94, 0xd8, 0x09, 0x7c, 0x15, 0x54, 0x18, 0x6f, 0x56, 0xba,
-	0x64, 0x1b, 0x6b, 0x6e, 0x2e, 0x7a, 0x0f, 0x98, 0x1d, 0x5f, 0x84, 0x82, 0x7a, 0x70, 0x1f, 0x2c,
-	0x98, 0x46, 0x6f, 0x0b, 0xeb, 0xb8, 0x4f, 0x18, 0x11, 0x74, 0x96, 0x92, 0x5f, 0x7d, 0x96, 0x5b,
-	0xaf, 0xb9, 0xd7, 0x5a, 0xed, 0xb8, 0xca, 0x93, 0x51, 0x7d, 0x39, 0xa1, 0x99, 0x07, 0x41, 0x12,
-	0x24, 0xb4, 0x62, 0x8f, 0xee, 0xce, 0xa3, 0xc3, 0x6a, 0x96, 0xa4, 0x3c, 0xe4, 0xb3, 0x7b, 0xda,
-	0xcd, 0x6e, 0xe9, 0x50, 0x37, 0xbb, 0x09, 0x47, 0xdc, 0xf2, 0x94, 0x47, 0xdc, 0x4f, 0x24, 0x70,
-	0xde, 0xcc, 0x90, 0x4b, 0x55, 0xc0, 0xe7, 0xe6, 0x56, 0x96, 0xb9, 0xc9, 0x92, 0x9b, 0xad, 0x95,
-	0xf1, 0xa8, 0x7e, 0x3e, 0x8b, 0x26, 0xca, 0xe4, 0x1f, 0xbc, 0x0b, 0x4a, 0x86, 0xd8, 0x03, 0xab,
-	0x15, 0xee, 0xeb, 0xe5, 0x2c, 0xbe, 0xba, 0xfb, 0xa6, 0x93, 0x96, 0xee, 0x17, 0xf2, 0xb0, 0xe4,
-	0x8f, 0x8a, 0xe0, 0x54, 0xac, 0x82, 0x7f, 0x85, 0xf7, 0xd7, 0xb1, 0xc3, 0x74, 0x7e, 0x8a, 0xc3,
-	0xf4, 0x1a, 0x98, 0x17, 0x7f, 0x89, 0x88, 0x9c, 0xc5, 0xbd, 0x80, 0x59, 0x0f, 0x8b, 0x51, 0x54,
-	0x3f, 0xe9, 0xfe, 0xbc, 0x38, 0xe5, 0xfd, 0x79, 0xd0, 0x0b, 0xf1, 0x17, 0x3f, 0x27, 0xbd, 0xe3,
-	0x5e, 0x88, 0x7f, 0xfa, 0x45, 0xf5, 0x19, 0x71, 0x75, 0x50, 0x3d, 0x84, 0xe3, 0x61, 0xe2, 0xba,
-	0x1b, 0x92, 0xa2, 0x88, 0xf6, 0x97, 0x7a, 0xf6, 0xc7, 0x09, 0xcf, 0xfe, 0x57, 0xb2, 0xc4, 0x5a,
-	0xf6, 0xab, 0xf2, 0xc4, 0x4b, 0x8f, 0xca, 0xf4, 0x97, 0x1e, 0xf2, 0xdf, 0x24, 0xf0, 0x42, 0xea,
-	0xae, 0x05, 0xd7, 0x42, 0xb4, 0xf2, 0x4a, 0x84, 0x56, 0x7e, 0x2f, 0xd5, 0x30, 0xc0, 0x2d, 0xad,
-	0xe4, 0x5b, 0xf4, 0x37, 0xb2, 0xdd, 0xa2, 0x27, 0x9c, 0x84, 0x27, 0x5f, 0xa7, 0xb7, 0x7e, 0xf0,
-	0xe8, 0x71, 0xed, 0xd8, 0xa7, 0x8f, 0x6b, 0xc7, 0x3e, 0x7f, 0x5c, 0x3b, 0xf6, 0x8b, 0x71, 0x4d,
-	0x7a, 0x34, 0xae, 0x49, 0x9f, 0x8e, 0x6b, 0xd2, 0xe7, 0xe3, 0x9a, 0xf4, 0xf7, 0x71, 0x4d, 0xfa,
-	0xcd, 0x17, 0xb5, 0x63, 0xef, 0x2f, 0xa7, 0xfc, 0xe9, 0xf8, 0x7f, 0x01, 0x00, 0x00, 0xff, 0xff,
-	0xa4, 0x79, 0xcd, 0x52, 0x8e, 0x2c, 0x00, 0x00,
+	0x15, 0xf7, 0x92, 0xa2, 0x44, 0x0e, 0x2d, 0xc9, 0x1e, 0xa9, 0x22, 0x63, 0xb7, 0xa4, 0xb1, 0x36,
+	0x6c, 0x25, 0xb6, 0x49, 0x5b, 0xf9, 0x40, 0x62, 0xb7, 0x09, 0x44, 0x29, 0xb5, 0x1d, 0x48, 0x32,
+	0x33, 0xb4, 0x1c, 0x34, 0xe8, 0x87, 0x47, 0xe4, 0x98, 0xda, 0x78, 0xbf, 0xb0, 0x3b, 0x54, 0x4c,
+	0xf4, 0xd2, 0x6b, 0x81, 0x16, 0x6d, 0xae, 0xfd, 0x27, 0x8a, 0x5e, 0x8a, 0xa2, 0x41, 0x6f, 0x41,
+	0xe1, 0x63, 0xd0, 0x4b, 0x72, 0x22, 0x6a, 0xe6, 0x54, 0x14, 0xbd, 0xb5, 0x17, 0x03, 0x05, 0x8a,
+	0x99, 0x9d, 0xfd, 0xde, 0x35, 0x97, 0x8a, 0xad, 0x34, 0x41, 0x6e, 0xdc, 0x79, 0xef, 0xfd, 0xe6,
+	0xcd, 0xcc, 0x7b, 0xf3, 0x7e, 0xfb, 0xb8, 0xe0, 0xc2, 0x83, 0xd7, 0xed, 0x86, 0x62, 0x34, 0xb1,
+	0xa9, 0x34, 0xb1, 0x69, 0xda, 0xcd, 0x83, 0xab, 0x7b, 0x84, 0xe2, 0xb5, 0x66, 0x9f, 0xe8, 0xc4,
+	0xc2, 0x94, 0xf4, 0x1a, 0xa6, 0x65, 0x50, 0x03, 0x56, 0x1c, 0xc5, 0x06, 0x36, 0x95, 0x06, 0x53,
+	0x6c, 0x08, 0xc5, 0x53, 0x97, 0xfb, 0x0a, 0xdd, 0x1f, 0xec, 0x35, 0xba, 0x86, 0xd6, 0xec, 0x1b,
+	0x7d, 0xa3, 0xc9, 0xf5, 0xf7, 0x06, 0xf7, 0xf9, 0x13, 0x7f, 0xe0, 0xbf, 0x1c, 0x9c, 0x53, 0x72,
+	0x60, 0xc2, 0xae, 0x61, 0x91, 0xe6, 0xc1, 0xd5, 0xe8, 0x5c, 0xa7, 0x5e, 0xf1, 0x75, 0x34, 0xdc,
+	0xdd, 0x57, 0x74, 0x62, 0x0d, 0x9b, 0xe6, 0x83, 0x3e, 0x1b, 0xb0, 0x9b, 0x1a, 0xa1, 0x38, 0xc9,
+	0xaa, 0x99, 0x66, 0x65, 0x0d, 0x74, 0xaa, 0x68, 0x24, 0x66, 0xf0, 0xda, 0x24, 0x03, 0xbb, 0xbb,
+	0x4f, 0x34, 0x1c, 0xb3, 0x7b, 0x39, 0xcd, 0x6e, 0x40, 0x15, 0xb5, 0xa9, 0xe8, 0xd4, 0xa6, 0x56,
+	0xd4, 0x48, 0xfe, 0x8f, 0x04, 0xe0, 0x86, 0xa1, 0x53, 0xcb, 0x50, 0x55, 0x62, 0x21, 0x72, 0xa0,
+	0xd8, 0x8a, 0xa1, 0xc3, 0x7b, 0xa0, 0xc8, 0xd6, 0xd3, 0xc3, 0x14, 0x57, 0xa5, 0x33, 0xd2, 0x6a,
+	0x79, 0xed, 0x4a, 0xc3, 0xdf, 0x69, 0x0f, 0xbe, 0x61, 0x3e, 0xe8, 0xb3, 0x01, 0xbb, 0xc1, 0xb4,
+	0x1b, 0x07, 0x57, 0x1b, 0xb7, 0xf7, 0x3e, 0x20, 0x5d, 0xba, 0x4d, 0x28, 0x6e, 0xc1, 0x47, 0xa3,
+	0xfa, 0xb1, 0xf1, 0xa8, 0x0e, 0xfc, 0x31, 0xe4, 0xa1, 0xc2, 0xdb, 0x60, 0x86, 0xa3, 0xe7, 0x38,
+	0xfa, 0xe5, 0x54, 0x74, 0xb1, 0xe8, 0x06, 0xc2, 0x1f, 0xbe, 0xfd, 0x90, 0x12, 0x9d, 0xb9, 0xd7,
+	0x3a, 0x2e, 0xa0, 0x67, 0x36, 0x31, 0xc5, 0x88, 0x03, 0xc1, 0x4b, 0xa0, 0x68, 0x09, 0xf7, 0xab,
+	0xf9, 0x33, 0xd2, 0x6a, 0xbe, 0x75, 0x42, 0x68, 0x15, 0xdd, 0x65, 0x21, 0x4f, 0x43, 0x7e, 0x24,
+	0x81, 0x95, 0xf8, 0xba, 0xb7, 0x14, 0x9b, 0xc2, 0x1f, 0xc7, 0xd6, 0xde, 0xc8, 0xb6, 0x76, 0x66,
+	0xcd, 0x57, 0xee, 0x4d, 0xec, 0x8e, 0x04, 0xd6, 0xdd, 0x06, 0x05, 0x85, 0x12, 0xcd, 0xae, 0xe6,
+	0xce, 0xe4, 0x57, 0xcb, 0x6b, 0x17, 0x1b, 0x29, 0x01, 0xdc, 0x88, 0x7b, 0xd7, 0x9a, 0x17, 0xb8,
+	0x85, 0x5b, 0x0c, 0x01, 0x39, 0x40, 0xf2, 0x2f, 0x73, 0xa0, 0xb4, 0x89, 0x89, 0x66, 0xe8, 0x1d,
+	0x42, 0x8f, 0xe0, 0xe4, 0x6e, 0x82, 0x19, 0xdb, 0x24, 0x5d, 0x71, 0x72, 0xe7, 0x53, 0x17, 0xe0,
+	0xf9, 0xd4, 0x31, 0x49, 0xd7, 0x3f, 0x32, 0xf6, 0x84, 0x38, 0x02, 0x6c, 0x83, 0x59, 0x9b, 0x62,
+	0x3a, 0xb0, 0xf9, 0x81, 0x95, 0xd7, 0x56, 0x33, 0x60, 0x71, 0xfd, 0xd6, 0x82, 0x40, 0x9b, 0x75,
+	0x9e, 0x91, 0xc0, 0x91, 0xff, 0x91, 0x03, 0xd0, 0xd3, 0xdd, 0x30, 0xf4, 0x9e, 0x42, 0x59, 0x38,
+	0x5f, 0x03, 0x33, 0x74, 0x68, 0x12, 0xbe, 0x21, 0xa5, 0xd6, 0x79, 0xd7, 0x95, 0x3b, 0x43, 0x93,
+	0x3c, 0x19, 0xd5, 0x57, 0xe2, 0x16, 0x4c, 0x82, 0xb8, 0x0d, 0xdc, 0xf2, 0x9c, 0xcc, 0x71, 0xeb,
+	0x57, 0xc2, 0x53, 0x3f, 0x19, 0xd5, 0x13, 0xee, 0x8e, 0x86, 0x87, 0x14, 0x76, 0x10, 0x1e, 0x00,
+	0xa8, 0x62, 0x9b, 0xde, 0xb1, 0xb0, 0x6e, 0x3b, 0x33, 0x29, 0x1a, 0x11, 0xcb, 0x7f, 0x29, 0xdb,
+	0x41, 0x31, 0x8b, 0xd6, 0x29, 0xe1, 0x05, 0xdc, 0x8a, 0xa1, 0xa1, 0x84, 0x19, 0xe0, 0x79, 0x30,
+	0x6b, 0x11, 0x6c, 0x1b, 0x7a, 0x75, 0x86, 0xaf, 0xc2, 0xdb, 0x40, 0xc4, 0x47, 0x91, 0x90, 0xc2,
+	0x17, 0xc1, 0x9c, 0x46, 0x6c, 0x1b, 0xf7, 0x49, 0xb5, 0xc0, 0x15, 0x17, 0x85, 0xe2, 0xdc, 0xb6,
+	0x33, 0x8c, 0x5c, 0xb9, 0xfc, 0x47, 0x09, 0xcc, 0x7b, 0x3b, 0x77, 0x04, 0x99, 0x73, 0x23, 0x9c,
+	0x39, 0xf2, 0xe4, 0x60, 0x49, 0x49, 0x98, 0x4f, 0xf2, 0x01, 0xc7, 0x59, 0x38, 0xc2, 0x9f, 0x80,
+	0xa2, 0x4d, 0x54, 0xd2, 0xa5, 0x86, 0x25, 0x1c, 0x7f, 0x39, 0xa3, 0xe3, 0x78, 0x8f, 0xa8, 0x1d,
+	0x61, 0xda, 0x3a, 0xce, 0x3c, 0x77, 0x9f, 0x90, 0x07, 0x09, 0xdf, 0x05, 0x45, 0x4a, 0x34, 0x53,
+	0xc5, 0x94, 0x88, 0xac, 0x39, 0x1b, 0x74, 0x9e, 0xc5, 0x0c, 0x03, 0x6b, 0x1b, 0xbd, 0x3b, 0x42,
+	0x8d, 0xa7, 0x8c, 0xb7, 0x19, 0xee, 0x28, 0xf2, 0x60, 0xa0, 0x09, 0x16, 0x06, 0x66, 0x8f, 0x69,
+	0x52, 0x76, 0x9d, 0xf7, 0x87, 0x22, 0x86, 0xae, 0x4c, 0xde, 0x95, 0xdd, 0x90, 0x5d, 0x6b, 0x45,
+	0xcc, 0xb2, 0x10, 0x1e, 0x47, 0x11, 0x7c, 0xb8, 0x0e, 0x16, 0x35, 0x45, 0x47, 0x04, 0xf7, 0x86,
+	0x1d, 0xd2, 0x35, 0xf4, 0x9e, 0xcd, 0x43, 0xa9, 0xd0, 0xaa, 0x08, 0x80, 0xc5, 0xed, 0xb0, 0x18,
+	0x45, 0xf5, 0xe1, 0x16, 0x58, 0x76, 0x2f, 0xe0, 0x9b, 0x8a, 0x4d, 0x0d, 0x6b, 0xb8, 0xa5, 0x68,
+	0x0a, 0xad, 0xce, 0x72, 0x9c, 0xea, 0x78, 0x54, 0x5f, 0x46, 0x09, 0x72, 0x94, 0x68, 0x25, 0x7f,
+	0x34, 0x0b, 0x16, 0x23, 0xf7, 0x02, 0xbc, 0x0b, 0x56, 0xba, 0x03, 0xcb, 0x22, 0x3a, 0xdd, 0x19,
+	0x68, 0x7b, 0xc4, 0xea, 0x74, 0xf7, 0x49, 0x6f, 0xa0, 0x92, 0x1e, 0x3f, 0xd6, 0x42, 0xab, 0x26,
+	0x7c, 0x5d, 0xd9, 0x48, 0xd4, 0x42, 0x29, 0xd6, 0xf0, 0x1d, 0x00, 0x75, 0x3e, 0xb4, 0xad, 0xd8,
+	0xb6, 0x87, 0x99, 0xe3, 0x98, 0x5e, 0x2a, 0xee, 0xc4, 0x34, 0x50, 0x82, 0x15, 0xf3, 0xb1, 0x47,
+	0x6c, 0xc5, 0x22, 0xbd, 0xa8, 0x8f, 0xf9, 0xb0, 0x8f, 0x9b, 0x89, 0x5a, 0x28, 0xc5, 0x1a, 0xbe,
+	0x0a, 0xca, 0xce, 0x6c, 0x7c, 0xcf, 0xc5, 0xe1, 0x2c, 0x09, 0xb0, 0xf2, 0x8e, 0x2f, 0x42, 0x41,
+	0x3d, 0xb6, 0x34, 0x63, 0xcf, 0x26, 0xd6, 0x01, 0xe9, 0xdd, 0x70, 0xc8, 0x01, 0xab, 0xa0, 0x05,
+	0x5e, 0x41, 0xbd, 0xa5, 0xdd, 0x8e, 0x69, 0xa0, 0x04, 0x2b, 0xb6, 0x34, 0x27, 0x6a, 0x62, 0x4b,
+	0x9b, 0x0d, 0x2f, 0x6d, 0x37, 0x51, 0x0b, 0xa5, 0x58, 0xb3, 0xd8, 0x73, 0x5c, 0x5e, 0x3f, 0xc0,
+	0x8a, 0x8a, 0xf7, 0x54, 0x52, 0x9d, 0x0b, 0xc7, 0xde, 0x4e, 0x58, 0x8c, 0xa2, 0xfa, 0xf0, 0x06,
+	0x38, 0xe9, 0x0c, 0xed, 0xea, 0xd8, 0x03, 0x29, 0x72, 0x90, 0x17, 0x04, 0xc8, 0xc9, 0x9d, 0xa8,
+	0x02, 0x8a, 0xdb, 0xc0, 0x6b, 0x60, 0xa1, 0x6b, 0xa8, 0x2a, 0x8f, 0xc7, 0x0d, 0x63, 0xa0, 0xd3,
+	0x6a, 0x89, 0xa3, 0x40, 0x96, 0x43, 0x1b, 0x21, 0x09, 0x8a, 0x68, 0xc2, 0x9f, 0x01, 0xd0, 0x75,
+	0x0b, 0x83, 0x5d, 0x05, 0x13, 0x18, 0x40, 0xbc, 0x2c, 0xf9, 0x95, 0xd9, 0x1b, 0xb2, 0x51, 0x00,
+	0x52, 0xfe, 0x44, 0x02, 0x95, 0x94, 0x44, 0x87, 0x6f, 0x85, 0x8a, 0xe0, 0xc5, 0x48, 0x11, 0x3c,
+	0x9d, 0x62, 0x16, 0xa8, 0x84, 0xfb, 0x60, 0x9e, 0x11, 0x12, 0x45, 0xef, 0x3b, 0x2a, 0xe2, 0x2e,
+	0x6b, 0xa6, 0x2e, 0x00, 0x05, 0xb5, 0xfd, 0x5b, 0xf9, 0xe4, 0x78, 0x54, 0x9f, 0x0f, 0xc9, 0x50,
+	0x18, 0x58, 0xfe, 0x55, 0x0e, 0x80, 0x4d, 0x62, 0xaa, 0xc6, 0x50, 0x23, 0xfa, 0x51, 0x70, 0x9a,
+	0x5b, 0x21, 0x4e, 0x73, 0x21, 0xfd, 0x48, 0x3c, 0xa7, 0x52, 0x49, 0xcd, 0xbb, 0x11, 0x52, 0xf3,
+	0x62, 0x16, 0xb0, 0xa7, 0xb3, 0x9a, 0xcf, 0xf2, 0x60, 0xc9, 0x57, 0xf6, 0x69, 0xcd, 0xf5, 0xd0,
+	0x89, 0x5e, 0x88, 0x9c, 0x68, 0x25, 0xc1, 0xe4, 0xb9, 0xf1, 0x9a, 0x0f, 0xc0, 0x02, 0x63, 0x1d,
+	0xce, 0xf9, 0x71, 0x4e, 0x33, 0x3b, 0x35, 0xa7, 0xf1, 0x2a, 0xd1, 0x56, 0x08, 0x09, 0x45, 0x90,
+	0x53, 0x38, 0xd4, 0xdc, 0xd7, 0x91, 0x43, 0xfd, 0x49, 0x02, 0x0b, 0xfe, 0x31, 0x1d, 0x01, 0x89,
+	0xba, 0x19, 0x26, 0x51, 0x67, 0x33, 0x04, 0x67, 0x0a, 0x8b, 0xfa, 0x6c, 0x26, 0xe8, 0x3a, 0xa7,
+	0x51, 0xab, 0xec, 0x15, 0xcc, 0x54, 0x95, 0x2e, 0xb6, 0x45, 0xbd, 0x3d, 0xee, 0xbc, 0x7e, 0x39,
+	0x63, 0xc8, 0x93, 0x86, 0x08, 0x57, 0xee, 0xf9, 0x12, 0xae, 0xfc, 0xb3, 0x21, 0x5c, 0x3f, 0x02,
+	0x45, 0xdb, 0xa5, 0x5a, 0x33, 0x1c, 0xf2, 0x62, 0xa6, 0xc4, 0x16, 0x2c, 0xcb, 0x83, 0xf6, 0xf8,
+	0x95, 0x07, 0x97, 0xc4, 0xac, 0x0a, 0x5f, 0x25, 0xb3, 0x62, 0x81, 0x6e, 0xe2, 0x81, 0x4d, 0x7a,
+	0x3c, 0xa9, 0x8a, 0x7e, 0xa0, 0xb7, 0xf9, 0x28, 0x12, 0x52, 0xb8, 0x0b, 0x2a, 0xa6, 0x65, 0xf4,
+	0x2d, 0x62, 0xdb, 0x9b, 0x04, 0xf7, 0x54, 0x45, 0x27, 0xee, 0x02, 0x9c, 0x9a, 0x78, 0x7a, 0x3c,
+	0xaa, 0x57, 0xda, 0xc9, 0x2a, 0x28, 0xcd, 0x56, 0xfe, 0x75, 0x01, 0x9c, 0x88, 0xde, 0x8d, 0x29,
+	0x34, 0x45, 0x3a, 0x14, 0x4d, 0xb9, 0x14, 0x88, 0x53, 0x87, 0xc3, 0x05, 0x5a, 0x05, 0xb1, 0x58,
+	0x5d, 0x07, 0x8b, 0x82, 0x96, 0xb8, 0x42, 0x41, 0xd4, 0xbc, 0xe3, 0xd9, 0x0d, 0x8b, 0x51, 0x54,
+	0x1f, 0x5e, 0x07, 0xf3, 0x16, 0x67, 0x5e, 0x2e, 0x80, 0xc3, 0x5e, 0xbe, 0x23, 0x00, 0xe6, 0x51,
+	0x50, 0x88, 0xc2, 0xba, 0x8c, 0xb9, 0xf8, 0x84, 0xc4, 0x05, 0x98, 0x09, 0x33, 0x97, 0xf5, 0xa8,
+	0x02, 0x8a, 0xdb, 0xc0, 0x6d, 0xb0, 0x34, 0xd0, 0xe3, 0x50, 0x4e, 0xac, 0x9d, 0x16, 0x50, 0x4b,
+	0xbb, 0x71, 0x15, 0x94, 0x64, 0x07, 0x6f, 0x81, 0x25, 0x4a, 0x2c, 0x4d, 0xd1, 0x31, 0x55, 0xf4,
+	0xbe, 0x07, 0xe7, 0x9c, 0x7c, 0x85, 0x41, 0xdd, 0x89, 0x8b, 0x51, 0x92, 0x0d, 0xbc, 0x17, 0xe2,
+	0x45, 0xb3, 0xfc, 0x6a, 0xba, 0x94, 0x21, 0xbd, 0x32, 0x13, 0xa3, 0x04, 0xd6, 0x56, 0xcc, 0xca,
+	0xda, 0xe4, 0x8f, 0x25, 0x00, 0xe3, 0x29, 0x3d, 0xb1, 0xa9, 0x10, 0xb3, 0x08, 0x14, 0x5f, 0x25,
+	0x99, 0x4a, 0x5d, 0xc9, 0x48, 0xa5, 0xfc, 0xbb, 0x39, 0x1b, 0x97, 0x12, 0x1b, 0x7d, 0x34, 0xfd,
+	0xa1, 0xac, 0x5c, 0xca, 0x77, 0xea, 0x19, 0x70, 0xa9, 0x00, 0xd8, 0xd3, 0xb9, 0xd4, 0x3f, 0x73,
+	0x60, 0xc9, 0x57, 0xce, 0xcc, 0xa5, 0x12, 0x4c, 0xbe, 0xed, 0x11, 0x65, 0xe3, 0x37, 0xfe, 0xd6,
+	0xfd, 0x3f, 0xf1, 0x1b, 0xdf, 0xab, 0x14, 0x7e, 0xf3, 0xfb, 0x5c, 0xd0, 0xf5, 0x29, 0xf9, 0xcd,
+	0x33, 0x68, 0x96, 0x7c, 0xed, 0x28, 0x92, 0xfc, 0xd1, 0x0c, 0x38, 0x11, 0xcd, 0xc3, 0x50, 0xad,
+	0x95, 0x26, 0xd6, 0xda, 0x36, 0x58, 0xbe, 0x3f, 0x50, 0xd5, 0x21, 0x5f, 0x43, 0xa0, 0xe0, 0x3a,
+	0x55, 0xfa, 0xbb, 0xc2, 0x72, 0xf9, 0x87, 0x09, 0x3a, 0x28, 0xd1, 0x32, 0x5e, 0x7a, 0x67, 0xbe,
+	0x6c, 0xe9, 0x2d, 0x1c, 0xa2, 0xf4, 0xa6, 0xd4, 0xca, 0xb9, 0x43, 0xd4, 0xca, 0x64, 0x22, 0x94,
+	0x3f, 0x14, 0x11, 0x9a, 0xae, 0xee, 0x26, 0xdc, 0x81, 0x13, 0x1b, 0x12, 0x63, 0x09, 0xac, 0x24,
+	0xb7, 0x01, 0xa0, 0x0a, 0x16, 0x34, 0xfc, 0x30, 0xd8, 0x8e, 0x99, 0x54, 0x8f, 0x06, 0x54, 0x51,
+	0x1b, 0xce, 0x1f, 0x59, 0x8d, 0x5b, 0x3a, 0xbd, 0x6d, 0x75, 0xa8, 0xa5, 0xe8, 0x7d, 0xa7, 0x88,
+	0x6f, 0x87, 0xb0, 0x50, 0x04, 0x1b, 0xbe, 0x0f, 0x8a, 0x1a, 0x7e, 0xd8, 0x19, 0x58, 0xfd, 0xa4,
+	0x62, 0x9b, 0x6d, 0x1e, 0x9e, 0x4b, 0xdb, 0x02, 0x05, 0x79, 0x78, 0xf2, 0x17, 0x12, 0xa8, 0xa4,
+	0x14, 0xe8, 0x6f, 0xd0, 0x2a, 0xff, 0x22, 0x81, 0x33, 0xa1, 0x55, 0xb2, 0x0c, 0x27, 0xf7, 0x07,
+	0x2a, 0x4f, 0x76, 0x41, 0x8a, 0x2e, 0x82, 0x92, 0x89, 0x2d, 0xaa, 0x78, 0xec, 0xbc, 0xd0, 0x9a,
+	0x1f, 0x8f, 0xea, 0xa5, 0xb6, 0x3b, 0x88, 0x7c, 0x79, 0xc2, 0xde, 0xe4, 0x9e, 0xdf, 0xde, 0xc8,
+	0xff, 0x95, 0x40, 0xa1, 0xd3, 0xc5, 0x2a, 0x39, 0x02, 0x0e, 0xb4, 0x19, 0xe2, 0x40, 0xe9, 0x7f,
+	0x55, 0x70, 0x7f, 0x52, 0xe9, 0xcf, 0x56, 0x84, 0xfe, 0x9c, 0x9b, 0x80, 0xf3, 0x74, 0xe6, 0xf3,
+	0x06, 0x28, 0x79, 0xd3, 0x4d, 0x77, 0x2d, 0xcb, 0xbf, 0xcb, 0x81, 0x72, 0x60, 0x8a, 0x29, 0x2f,
+	0xf5, 0x7b, 0xa1, 0x4a, 0xc6, 0xee, 0x98, 0xb5, 0x2c, 0x0b, 0x69, 0xb8, 0x55, 0xeb, 0x6d, 0x9d,
+	0x5a, 0xc1, 0x37, 0xe8, 0x78, 0x31, 0x7b, 0x13, 0x2c, 0x50, 0x6c, 0xf5, 0x09, 0x75, 0x65, 0x7c,
+	0xc3, 0x4a, 0x7e, 0x47, 0xe9, 0x4e, 0x48, 0x8a, 0x22, 0xda, 0xa7, 0xae, 0x83, 0xf9, 0xd0, 0x64,
+	0xf0, 0x04, 0xc8, 0x3f, 0x20, 0x43, 0x87, 0x0c, 0x22, 0xf6, 0x13, 0x2e, 0x83, 0xc2, 0x01, 0x56,
+	0x07, 0x4e, 0x88, 0x96, 0x90, 0xf3, 0x70, 0x2d, 0xf7, 0xba, 0x24, 0xff, 0x86, 0x6d, 0x8e, 0x9f,
+	0x0a, 0x47, 0x10, 0x5d, 0xef, 0x84, 0xa2, 0x2b, 0xfd, 0x5f, 0xd3, 0x60, 0x82, 0xa6, 0xc5, 0x18,
+	0x8a, 0xc4, 0xd8, 0x4b, 0x99, 0xd0, 0x9e, 0x1e, 0x69, 0xff, 0xca, 0x81, 0xe5, 0x80, 0xb6, 0x4f,
+	0xb2, 0xbf, 0x1f, 0x22, 0xd9, 0xab, 0x11, 0x92, 0x5d, 0x4d, 0xb2, 0xf9, 0x96, 0x65, 0x4f, 0x66,
+	0xd9, 0x7f, 0x96, 0xc0, 0x62, 0x60, 0xef, 0x8e, 0x80, 0x66, 0xdf, 0x0a, 0xd3, 0xec, 0x73, 0x59,
+	0x82, 0x26, 0x85, 0x67, 0x5f, 0x03, 0x4b, 0x01, 0xa5, 0xdb, 0x56, 0x4f, 0xd1, 0xb1, 0x6a, 0xc3,
+	0xb3, 0xa0, 0x60, 0x53, 0x6c, 0x51, 0xb7, 0x88, 0xb8, 0xb6, 0x1d, 0x36, 0x88, 0x1c, 0x99, 0xfc,
+	0x6f, 0x09, 0x34, 0x03, 0xc6, 0x6d, 0x62, 0xd9, 0x8a, 0x4d, 0x89, 0x4e, 0xef, 0x1a, 0xea, 0x40,
+	0x23, 0x1b, 0x2a, 0x56, 0x34, 0x44, 0xd8, 0x80, 0x62, 0xe8, 0x6d, 0x43, 0x55, 0xba, 0x43, 0x88,
+	0x41, 0xf9, 0xc3, 0x7d, 0xa2, 0x6f, 0x12, 0x95, 0x50, 0xf1, 0xbf, 0x60, 0xa9, 0xf5, 0x96, 0xfb,
+	0x37, 0xd9, 0x7b, 0xbe, 0xe8, 0xc9, 0xa8, 0xbe, 0x9a, 0x05, 0x91, 0x47, 0x68, 0x10, 0x13, 0xfe,
+	0x14, 0x00, 0xf6, 0xc8, 0xef, 0xb2, 0x9e, 0x08, 0xd6, 0x37, 0xdd, 0x8c, 0x7e, 0xcf, 0x93, 0x4c,
+	0x35, 0x41, 0x00, 0x51, 0xfe, 0x43, 0x31, 0x74, 0xde, 0xdf, 0xf8, 0xde, 0xeb, 0xcf, 0xc1, 0xf2,
+	0x81, 0xbf, 0x3b, 0xae, 0x02, 0xa3, 0xf2, 0xf9, 0x68, 0x53, 0xc0, 0x83, 0x4f, 0xda, 0x57, 0xff,
+	0x05, 0xe2, 0x6e, 0x02, 0x1c, 0x4a, 0x9c, 0x04, 0xbe, 0x0a, 0xca, 0x8c, 0x37, 0x2b, 0x5d, 0xb2,
+	0x83, 0x35, 0x37, 0x17, 0xbd, 0xbf, 0x55, 0x3b, 0xbe, 0x08, 0x05, 0xf5, 0xe0, 0x3e, 0x58, 0x32,
+	0x8d, 0xde, 0x36, 0xd6, 0x71, 0x9f, 0x30, 0x22, 0xe8, 0x1c, 0x25, 0x6f, 0xc8, 0x96, 0x5a, 0xaf,
+	0xb9, 0xcd, 0xb6, 0x76, 0x5c, 0xe5, 0xc9, 0xa8, 0x5e, 0x49, 0x18, 0xe6, 0x41, 0x90, 0x04, 0x09,
+	0xad, 0xd8, 0xa7, 0x00, 0xce, 0x5f, 0x21, 0x6b, 0x59, 0x92, 0xf2, 0x90, 0x1f, 0x03, 0xa4, 0xf5,
+	0x9b, 0x8b, 0x87, 0xea, 0x37, 0x27, 0xbc, 0x2d, 0x97, 0xa6, 0x7c, 0x5b, 0xfe, 0xab, 0x04, 0xce,
+	0x99, 0x19, 0x72, 0xa9, 0x0a, 0xf8, 0xde, 0xdc, 0xcc, 0xb2, 0x37, 0x59, 0x72, 0xb3, 0xb5, 0x3a,
+	0x1e, 0xd5, 0xcf, 0x65, 0xd1, 0x44, 0x99, 0xfc, 0x83, 0x77, 0x41, 0xd1, 0x10, 0x77, 0x60, 0xb5,
+	0xcc, 0x7d, 0xbd, 0x94, 0xc5, 0x57, 0xf7, 0xde, 0x74, 0xd2, 0xd2, 0x7d, 0x42, 0x1e, 0x96, 0xfc,
+	0x71, 0x01, 0x9c, 0x8c, 0x55, 0xf0, 0xaf, 0xb0, 0xab, 0x1e, 0x7b, 0x2f, 0xcf, 0x4f, 0xf1, 0x5e,
+	0xbe, 0x0e, 0x16, 0xc5, 0x87, 0x1a, 0x91, 0xd7, 0x7a, 0x2f, 0x60, 0x36, 0xc2, 0x62, 0x14, 0xd5,
+	0x4f, 0xea, 0xea, 0x17, 0xa6, 0xec, 0xea, 0x07, 0xbd, 0x10, 0x1f, 0x1e, 0x3a, 0xe9, 0x1d, 0xf7,
+	0x42, 0x7c, 0x7f, 0x18, 0xd5, 0x67, 0xc4, 0xd5, 0x41, 0xf5, 0x10, 0xe6, 0xc2, 0xc4, 0x75, 0x37,
+	0x24, 0x45, 0x11, 0xed, 0x2f, 0xf5, 0x31, 0x02, 0x4e, 0xf8, 0x18, 0xe1, 0x72, 0x96, 0x58, 0xcb,
+	0xde, 0x75, 0x4f, 0xec, 0x9f, 0x94, 0xa7, 0xef, 0x9f, 0xc8, 0x7f, 0x93, 0xc0, 0x0b, 0xa9, 0xb7,
+	0x16, 0x5c, 0x0f, 0xd1, 0xca, 0xcb, 0x11, 0x5a, 0xf9, 0xbd, 0x54, 0xc3, 0x00, 0xb7, 0xb4, 0x92,
+	0x1b, 0xf2, 0x6f, 0x64, 0x6b, 0xc8, 0x27, 0xbc, 0x09, 0x4f, 0xee, 0xcc, 0xb7, 0x7e, 0xf0, 0xe8,
+	0x71, 0xed, 0xd8, 0xa7, 0x8f, 0x6b, 0xc7, 0x3e, 0x7f, 0x5c, 0x3b, 0xf6, 0x8b, 0x71, 0x4d, 0x7a,
+	0x34, 0xae, 0x49, 0x9f, 0x8e, 0x6b, 0xd2, 0xe7, 0xe3, 0x9a, 0xf4, 0xf7, 0x71, 0x4d, 0xfa, 0xed,
+	0x17, 0xb5, 0x63, 0xef, 0x57, 0x52, 0x3e, 0x85, 0xfe, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xd4,
+	0x01, 0x82, 0xf5, 0x24, 0x2d, 0x00, 0x00,
 }
 
 func (m *ControllerRevision) Marshal() (dAtA []byte, err error) {
@@ -1845,6 +1847,11 @@ func (m *DeploymentStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.TerminatingReplicas != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.TerminatingReplicas))
+		i--
+		dAtA[i] = 0x48
+	}
 	if m.CollisionCount != nil {
 		i = encodeVarintGenerated(dAtA, i, uint64(*m.CollisionCount))
 		i--
@@ -2151,6 +2158,11 @@ func (m *ReplicaSetStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.TerminatingReplicas != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.TerminatingReplicas))
+		i--
+		dAtA[i] = 0x38
+	}
 	if len(m.Conditions) > 0 {
 		for iNdEx := len(m.Conditions) - 1; iNdEx >= 0; iNdEx-- {
 			{
@@ -3146,6 +3158,9 @@ func (m *DeploymentStatus) Size() (n int) {
 	if m.CollisionCount != nil {
 		n += 1 + sovGenerated(uint64(*m.CollisionCount))
 	}
+	if m.TerminatingReplicas != nil {
+		n += 1 + sovGenerated(uint64(*m.TerminatingReplicas))
+	}
 	return n
 }
 
@@ -3251,6 +3266,9 @@ func (m *ReplicaSetStatus) Size() (n int) {
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
+	if m.TerminatingReplicas != nil {
+		n += 1 + sovGenerated(uint64(*m.TerminatingReplicas))
+	}
 	return n
 }
 
@@ -3711,6 +3729,7 @@ func (this *DeploymentStatus) String() string {
 		`Conditions:` + repeatedStringForConditions + `,`,
 		`ReadyReplicas:` + fmt.Sprintf("%v", this.ReadyReplicas) + `,`,
 		`CollisionCount:` + valueToStringGenerated(this.CollisionCount) + `,`,
+		`TerminatingReplicas:` + valueToStringGenerated(this.TerminatingReplicas) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3797,6 +3816,7 @@ func (this *ReplicaSetStatus) String() string {
 		`ReadyReplicas:` + fmt.Sprintf("%v", this.ReadyReplicas) + `,`,
 		`AvailableReplicas:` + fmt.Sprintf("%v", this.AvailableReplicas) + `,`,
 		`Conditions:` + repeatedStringForConditions + `,`,
+		`TerminatingReplicas:` + valueToStringGenerated(this.TerminatingReplicas) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -6261,6 +6281,26 @@ func (m *DeploymentStatus) Unmarshal(dAtA []byte) error {
 				}
 			}
 			m.CollisionCount = &v
+		case 9:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TerminatingReplicas", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.TerminatingReplicas = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -7193,6 +7233,26 @@ func (m *ReplicaSetStatus) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 7:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TerminatingReplicas", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.TerminatingReplicas = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/apps/v1beta2/generated.proto b/vendor/k8s.io/api/apps/v1beta2/generated.proto
index c08a4c78bc..68c463e257 100644
--- a/vendor/k8s.io/api/apps/v1beta2/generated.proto
+++ b/vendor/k8s.io/api/apps/v1beta2/generated.proto
@@ -323,19 +323,19 @@ message DeploymentStatus {
   // +optional
   optional int64 observedGeneration = 1;
 
-  // Total number of non-terminated pods targeted by this deployment (their labels match the selector).
+  // Total number of non-terminating pods targeted by this deployment (their labels match the selector).
   // +optional
   optional int32 replicas = 2;
 
-  // Total number of non-terminated pods targeted by this deployment that have the desired template spec.
+  // Total number of non-terminating pods targeted by this deployment that have the desired template spec.
   // +optional
   optional int32 updatedReplicas = 3;
 
-  // readyReplicas is the number of pods targeted by this Deployment controller with a Ready Condition.
+  // Total number of non-terminating pods targeted by this Deployment with a Ready Condition.
   // +optional
   optional int32 readyReplicas = 7;
 
-  // Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+  // Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.
   // +optional
   optional int32 availableReplicas = 4;
 
@@ -345,6 +345,13 @@ message DeploymentStatus {
   // +optional
   optional int32 unavailableReplicas = 5;
 
+  // Total number of terminating pods targeted by this deployment. Terminating pods have a non-null
+  // .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.
+  //
+  // This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+  // +optional
+  optional int32 terminatingReplicas = 9;
+
   // Represents the latest available observations of a deployment's current state.
   // +patchMergeKey=type
   // +patchStrategy=merge
@@ -427,16 +434,16 @@ message ReplicaSetList {
   optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
 
   // List of ReplicaSets.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
   repeated ReplicaSet items = 2;
 }
 
 // ReplicaSetSpec is the specification of a ReplicaSet.
 message ReplicaSetSpec {
-  // Replicas is the number of desired replicas.
+  // Replicas is the number of desired pods.
   // This is a pointer to distinguish between explicit zero and unspecified.
   // Defaults to 1.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
   // +optional
   optional int32 replicas = 1;
 
@@ -454,29 +461,36 @@ message ReplicaSetSpec {
 
   // Template is the object that describes the pod that will be created if
   // insufficient replicas are detected.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/#pod-template
   // +optional
   optional .k8s.io.api.core.v1.PodTemplateSpec template = 3;
 }
 
 // ReplicaSetStatus represents the current status of a ReplicaSet.
 message ReplicaSetStatus {
-  // Replicas is the most recently observed number of replicas.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+  // Replicas is the most recently observed number of non-terminating pods.
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
   optional int32 replicas = 1;
 
-  // The number of pods that have labels matching the labels of the pod template of the replicaset.
+  // The number of non-terminating pods that have labels matching the labels of the pod template of the replicaset.
   // +optional
   optional int32 fullyLabeledReplicas = 2;
 
-  // readyReplicas is the number of pods targeted by this ReplicaSet controller with a Ready Condition.
+  // The number of non-terminating pods targeted by this ReplicaSet with a Ready Condition.
   // +optional
   optional int32 readyReplicas = 4;
 
-  // The number of available replicas (ready for at least minReadySeconds) for this replica set.
+  // The number of available non-terminating pods (ready for at least minReadySeconds) for this replica set.
   // +optional
   optional int32 availableReplicas = 5;
 
+  // The number of terminating pods for this replica set. Terminating pods have a non-null .metadata.deletionTimestamp
+  // and have not yet reached the Failed or Succeeded .status.phase.
+  //
+  // This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+  // +optional
+  optional int32 terminatingReplicas = 7;
+
   // ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
   // +optional
   optional int64 observedGeneration = 3;
@@ -747,6 +761,7 @@ message StatefulSetSpec {
   // the network identity of the set. Pods get DNS/hostnames that follow the
   // pattern: pod-specific-string.serviceName.default.svc.cluster.local
   // where "pod-specific-string" is managed by the StatefulSet controller.
+  // +optional
   optional string serviceName = 5;
 
   // podManagementPolicy controls how pods are created during initial scale up,
diff --git a/vendor/k8s.io/api/apps/v1beta2/types.go b/vendor/k8s.io/api/apps/v1beta2/types.go
index c2624a941d..491afc59f5 100644
--- a/vendor/k8s.io/api/apps/v1beta2/types.go
+++ b/vendor/k8s.io/api/apps/v1beta2/types.go
@@ -269,6 +269,7 @@ type StatefulSetSpec struct {
 	// the network identity of the set. Pods get DNS/hostnames that follow the
 	// pattern: pod-specific-string.serviceName.default.svc.cluster.local
 	// where "pod-specific-string" is managed by the StatefulSet controller.
+	// +optional
 	ServiceName string `json:"serviceName" protobuf:"bytes,5,opt,name=serviceName"`
 
 	// podManagementPolicy controls how pods are created during initial scale up,
@@ -530,19 +531,19 @@ type DeploymentStatus struct {
 	// +optional
 	ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,1,opt,name=observedGeneration"`
 
-	// Total number of non-terminated pods targeted by this deployment (their labels match the selector).
+	// Total number of non-terminating pods targeted by this deployment (their labels match the selector).
 	// +optional
 	Replicas int32 `json:"replicas,omitempty" protobuf:"varint,2,opt,name=replicas"`
 
-	// Total number of non-terminated pods targeted by this deployment that have the desired template spec.
+	// Total number of non-terminating pods targeted by this deployment that have the desired template spec.
 	// +optional
 	UpdatedReplicas int32 `json:"updatedReplicas,omitempty" protobuf:"varint,3,opt,name=updatedReplicas"`
 
-	// readyReplicas is the number of pods targeted by this Deployment controller with a Ready Condition.
+	// Total number of non-terminating pods targeted by this Deployment with a Ready Condition.
 	// +optional
 	ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,7,opt,name=readyReplicas"`
 
-	// Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+	// Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.
 	// +optional
 	AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,4,opt,name=availableReplicas"`
 
@@ -552,6 +553,13 @@ type DeploymentStatus struct {
 	// +optional
 	UnavailableReplicas int32 `json:"unavailableReplicas,omitempty" protobuf:"varint,5,opt,name=unavailableReplicas"`
 
+	// Total number of terminating pods targeted by this deployment. Terminating pods have a non-null
+	// .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.
+	//
+	// This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+	// +optional
+	TerminatingReplicas *int32 `json:"terminatingReplicas,omitempty" protobuf:"varint,9,opt,name=terminatingReplicas"`
+
 	// Represents the latest available observations of a deployment's current state.
 	// +patchMergeKey=type
 	// +patchStrategy=merge
@@ -897,16 +905,16 @@ type ReplicaSetList struct {
 	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
 
 	// List of ReplicaSets.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
 	Items []ReplicaSet `json:"items" protobuf:"bytes,2,rep,name=items"`
 }
 
 // ReplicaSetSpec is the specification of a ReplicaSet.
 type ReplicaSetSpec struct {
-	// Replicas is the number of desired replicas.
+	// Replicas is the number of desired pods.
 	// This is a pointer to distinguish between explicit zero and unspecified.
 	// Defaults to 1.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
 	// +optional
 	Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"`
 
@@ -924,29 +932,36 @@ type ReplicaSetSpec struct {
 
 	// Template is the object that describes the pod that will be created if
 	// insufficient replicas are detected.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/#pod-template
 	// +optional
 	Template v1.PodTemplateSpec `json:"template,omitempty" protobuf:"bytes,3,opt,name=template"`
 }
 
 // ReplicaSetStatus represents the current status of a ReplicaSet.
 type ReplicaSetStatus struct {
-	// Replicas is the most recently observed number of replicas.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+	// Replicas is the most recently observed number of non-terminating pods.
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
 	Replicas int32 `json:"replicas" protobuf:"varint,1,opt,name=replicas"`
 
-	// The number of pods that have labels matching the labels of the pod template of the replicaset.
+	// The number of non-terminating pods that have labels matching the labels of the pod template of the replicaset.
 	// +optional
 	FullyLabeledReplicas int32 `json:"fullyLabeledReplicas,omitempty" protobuf:"varint,2,opt,name=fullyLabeledReplicas"`
 
-	// readyReplicas is the number of pods targeted by this ReplicaSet controller with a Ready Condition.
+	// The number of non-terminating pods targeted by this ReplicaSet with a Ready Condition.
 	// +optional
 	ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,4,opt,name=readyReplicas"`
 
-	// The number of available replicas (ready for at least minReadySeconds) for this replica set.
+	// The number of available non-terminating pods (ready for at least minReadySeconds) for this replica set.
 	// +optional
 	AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,5,opt,name=availableReplicas"`
 
+	// The number of terminating pods for this replica set. Terminating pods have a non-null .metadata.deletionTimestamp
+	// and have not yet reached the Failed or Succeeded .status.phase.
+	//
+	// This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+	// +optional
+	TerminatingReplicas *int32 `json:"terminatingReplicas,omitempty" protobuf:"varint,7,opt,name=terminatingReplicas"`
+
 	// ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
 	// +optional
 	ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,3,opt,name=observedGeneration"`
diff --git a/vendor/k8s.io/api/apps/v1beta2/types_swagger_doc_generated.go b/vendor/k8s.io/api/apps/v1beta2/types_swagger_doc_generated.go
index beec4b7555..4089434151 100644
--- a/vendor/k8s.io/api/apps/v1beta2/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/apps/v1beta2/types_swagger_doc_generated.go
@@ -177,11 +177,12 @@ func (DeploymentSpec) SwaggerDoc() map[string]string {
 var map_DeploymentStatus = map[string]string{
 	"":                    "DeploymentStatus is the most recently observed status of the Deployment.",
 	"observedGeneration":  "The generation observed by the deployment controller.",
-	"replicas":            "Total number of non-terminated pods targeted by this deployment (their labels match the selector).",
-	"updatedReplicas":     "Total number of non-terminated pods targeted by this deployment that have the desired template spec.",
-	"readyReplicas":       "readyReplicas is the number of pods targeted by this Deployment controller with a Ready Condition.",
-	"availableReplicas":   "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.",
+	"replicas":            "Total number of non-terminating pods targeted by this deployment (their labels match the selector).",
+	"updatedReplicas":     "Total number of non-terminating pods targeted by this deployment that have the desired template spec.",
+	"readyReplicas":       "Total number of non-terminating pods targeted by this Deployment with a Ready Condition.",
+	"availableReplicas":   "Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.",
 	"unavailableReplicas": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.",
+	"terminatingReplicas": "Total number of terminating pods targeted by this deployment. Terminating pods have a non-null .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.\n\nThis is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.",
 	"conditions":          "Represents the latest available observations of a deployment's current state.",
 	"collisionCount":      "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.",
 }
@@ -227,7 +228,7 @@ func (ReplicaSetCondition) SwaggerDoc() map[string]string {
 var map_ReplicaSetList = map[string]string{
 	"":         "ReplicaSetList is a collection of ReplicaSets.",
 	"metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
-	"items":    "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller",
+	"items":    "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset",
 }
 
 func (ReplicaSetList) SwaggerDoc() map[string]string {
@@ -236,10 +237,10 @@ func (ReplicaSetList) SwaggerDoc() map[string]string {
 
 var map_ReplicaSetSpec = map[string]string{
 	"":                "ReplicaSetSpec is the specification of a ReplicaSet.",
-	"replicas":        "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller",
+	"replicas":        "Replicas is the number of desired pods. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset",
 	"minReadySeconds": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)",
 	"selector":        "Selector is a label query over pods that should match the replica count. Label keys and values that must match in order to be controlled by this replica set. It must match the pod template's labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors",
-	"template":        "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template",
+	"template":        "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/#pod-template",
 }
 
 func (ReplicaSetSpec) SwaggerDoc() map[string]string {
@@ -248,10 +249,11 @@ func (ReplicaSetSpec) SwaggerDoc() map[string]string {
 
 var map_ReplicaSetStatus = map[string]string{
 	"":                     "ReplicaSetStatus represents the current status of a ReplicaSet.",
-	"replicas":             "Replicas is the most recently observed number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller",
-	"fullyLabeledReplicas": "The number of pods that have labels matching the labels of the pod template of the replicaset.",
-	"readyReplicas":        "readyReplicas is the number of pods targeted by this ReplicaSet controller with a Ready Condition.",
-	"availableReplicas":    "The number of available replicas (ready for at least minReadySeconds) for this replica set.",
+	"replicas":             "Replicas is the most recently observed number of non-terminating pods. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset",
+	"fullyLabeledReplicas": "The number of non-terminating pods that have labels matching the labels of the pod template of the replicaset.",
+	"readyReplicas":        "The number of non-terminating pods targeted by this ReplicaSet with a Ready Condition.",
+	"availableReplicas":    "The number of available non-terminating pods (ready for at least minReadySeconds) for this replica set.",
+	"terminatingReplicas":  "The number of terminating pods for this replica set. Terminating pods have a non-null .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.\n\nThis is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.",
 	"observedGeneration":   "ObservedGeneration reflects the generation of the most recently observed ReplicaSet.",
 	"conditions":           "Represents the latest available observations of a replica set's current state.",
 }
diff --git a/vendor/k8s.io/api/apps/v1beta2/zz_generated.deepcopy.go b/vendor/k8s.io/api/apps/v1beta2/zz_generated.deepcopy.go
index cd92792db5..917ad4a22f 100644
--- a/vendor/k8s.io/api/apps/v1beta2/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/apps/v1beta2/zz_generated.deepcopy.go
@@ -363,6 +363,11 @@ func (in *DeploymentSpec) DeepCopy() *DeploymentSpec {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) {
 	*out = *in
+	if in.TerminatingReplicas != nil {
+		in, out := &in.TerminatingReplicas, &out.TerminatingReplicas
+		*out = new(int32)
+		**out = **in
+	}
 	if in.Conditions != nil {
 		in, out := &in.Conditions, &out.Conditions
 		*out = make([]DeploymentCondition, len(*in))
@@ -517,6 +522,11 @@ func (in *ReplicaSetSpec) DeepCopy() *ReplicaSetSpec {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ReplicaSetStatus) DeepCopyInto(out *ReplicaSetStatus) {
 	*out = *in
+	if in.TerminatingReplicas != nil {
+		in, out := &in.TerminatingReplicas, &out.TerminatingReplicas
+		*out = new(int32)
+		**out = **in
+	}
 	if in.Conditions != nil {
 		in, out := &in.Conditions, &out.Conditions
 		*out = make([]ReplicaSetCondition, len(*in))
diff --git a/vendor/k8s.io/api/authentication/v1/doc.go b/vendor/k8s.io/api/authentication/v1/doc.go
index 3bdc89badc..dc3aed4e4f 100644
--- a/vendor/k8s.io/api/authentication/v1/doc.go
+++ b/vendor/k8s.io/api/authentication/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1 // import "k8s.io/api/authentication/v1"
+package v1
diff --git a/vendor/k8s.io/api/authentication/v1alpha1/doc.go b/vendor/k8s.io/api/authentication/v1alpha1/doc.go
index eb32def904..c199ccd499 100644
--- a/vendor/k8s.io/api/authentication/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/authentication/v1alpha1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1alpha1 // import "k8s.io/api/authentication/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/api/authentication/v1beta1/doc.go b/vendor/k8s.io/api/authentication/v1beta1/doc.go
index 2a2b176e43..af63dc845b 100644
--- a/vendor/k8s.io/api/authentication/v1beta1/doc.go
+++ b/vendor/k8s.io/api/authentication/v1beta1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1beta1 // import "k8s.io/api/authentication/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/authorization/v1/doc.go b/vendor/k8s.io/api/authorization/v1/doc.go
index 77e5a19c4c..40bf8006e0 100644
--- a/vendor/k8s.io/api/authorization/v1/doc.go
+++ b/vendor/k8s.io/api/authorization/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=authorization.k8s.io
 
-package v1 // import "k8s.io/api/authorization/v1"
+package v1
diff --git a/vendor/k8s.io/api/authorization/v1beta1/doc.go b/vendor/k8s.io/api/authorization/v1beta1/doc.go
index c996e35ccc..9f7332d493 100644
--- a/vendor/k8s.io/api/authorization/v1beta1/doc.go
+++ b/vendor/k8s.io/api/authorization/v1beta1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=authorization.k8s.io
 
-package v1beta1 // import "k8s.io/api/authorization/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/autoscaling/v1/doc.go b/vendor/k8s.io/api/autoscaling/v1/doc.go
index d64c9cbc1a..4ee085e165 100644
--- a/vendor/k8s.io/api/autoscaling/v1/doc.go
+++ b/vendor/k8s.io/api/autoscaling/v1/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1 // import "k8s.io/api/autoscaling/v1"
+package v1
diff --git a/vendor/k8s.io/api/autoscaling/v2/doc.go b/vendor/k8s.io/api/autoscaling/v2/doc.go
index aafa2d4de2..8dea6339df 100644
--- a/vendor/k8s.io/api/autoscaling/v2/doc.go
+++ b/vendor/k8s.io/api/autoscaling/v2/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v2 // import "k8s.io/api/autoscaling/v2"
+package v2
diff --git a/vendor/k8s.io/api/autoscaling/v2/generated.pb.go b/vendor/k8s.io/api/autoscaling/v2/generated.pb.go
index ece6dedadb..40b60ebeca 100644
--- a/vendor/k8s.io/api/autoscaling/v2/generated.pb.go
+++ b/vendor/k8s.io/api/autoscaling/v2/generated.pb.go
@@ -751,115 +751,116 @@ func init() {
 }
 
 var fileDescriptor_4d5f2c8767749221 = []byte{
-	// 1722 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x59, 0xcb, 0x8f, 0x1b, 0x49,
-	0x19, 0x9f, 0xb6, 0x3d, 0xaf, 0xf2, 0x3c, 0x2b, 0x2f, 0x67, 0xa2, 0xd8, 0xa3, 0x26, 0x90, 0x07,
-	0xa4, 0x4d, 0x4c, 0x88, 0x22, 0x72, 0x40, 0xd3, 0x13, 0x20, 0xa3, 0xcc, 0x30, 0x4e, 0x39, 0xc9,
-	0x00, 0x02, 0x94, 0x72, 0x77, 0x8d, 0xa7, 0x18, 0xbb, 0xdb, 0xea, 0x6e, 0x3b, 0x99, 0x48, 0x48,
-	0x5c, 0xb8, 0x23, 0x50, 0x84, 0xf8, 0x1f, 0x22, 0x4e, 0xa0, 0x70, 0x00, 0x09, 0x69, 0xf7, 0x90,
-	0xcb, 0x4a, 0x39, 0xec, 0x21, 0x27, 0x6b, 0xe3, 0x95, 0xf6, 0xb8, 0x7f, 0x40, 0x4e, 0xab, 0x7a,
-	0xf4, 0xd3, 0xaf, 0x71, 0x76, 0x32, 0xd2, 0xdc, 0x5c, 0x55, 0xdf, 0xf7, 0xfb, 0x1e, 0xf5, 0xbd,
-	0xaa, 0x0d, 0xae, 0xee, 0xdf, 0x76, 0x35, 0x6a, 0x17, 0x71, 0x93, 0x16, 0x71, 0xcb, 0xb3, 0x5d,
-	0x03, 0xd7, 0xa9, 0x55, 0x2b, 0xb6, 0x4b, 0xc5, 0x1a, 0xb1, 0x88, 0x83, 0x3d, 0x62, 0x6a, 0x4d,
-	0xc7, 0xf6, 0x6c, 0x78, 0x5e, 0x90, 0x6a, 0xb8, 0x49, 0xb5, 0x08, 0xa9, 0xd6, 0x2e, 0xad, 0x5c,
-	0xaf, 0x51, 0x6f, 0xaf, 0x55, 0xd5, 0x0c, 0xbb, 0x51, 0xac, 0xd9, 0x35, 0xbb, 0xc8, 0x39, 0xaa,
-	0xad, 0x5d, 0xbe, 0xe2, 0x0b, 0xfe, 0x4b, 0x20, 0xad, 0xa8, 0x11, 0xa1, 0x86, 0xed, 0x90, 0x62,
-	0xfb, 0x46, 0x52, 0xda, 0xca, 0xcd, 0x90, 0xa6, 0x81, 0x8d, 0x3d, 0x6a, 0x11, 0xe7, 0xa0, 0xd8,
-	0xdc, 0xaf, 0x71, 0x26, 0x87, 0xb8, 0x76, 0xcb, 0x31, 0xc8, 0x58, 0x5c, 0x6e, 0xb1, 0x41, 0x3c,
-	0xdc, 0x4f, 0x56, 0x71, 0x10, 0x97, 0xd3, 0xb2, 0x3c, 0xda, 0xe8, 0x15, 0x73, 0x6b, 0x14, 0x83,
-	0x6b, 0xec, 0x91, 0x06, 0x4e, 0xf2, 0xa9, 0x5f, 0x29, 0xe0, 0xe2, 0xba, 0x6d, 0x79, 0x98, 0x71,
-	0x20, 0x69, 0xc4, 0x16, 0xf1, 0x1c, 0x6a, 0x54, 0xf8, 0x6f, 0xb8, 0x0e, 0x32, 0x16, 0x6e, 0x90,
-	0x9c, 0xb2, 0xaa, 0x5c, 0x99, 0xd5, 0x8b, 0xaf, 0x3b, 0x85, 0x89, 0x6e, 0xa7, 0x90, 0xf9, 0x25,
-	0x6e, 0x90, 0xf7, 0x9d, 0x42, 0xa1, 0xd7, 0x71, 0x9a, 0x0f, 0xc3, 0x48, 0x10, 0x67, 0x86, 0xdb,
-	0x60, 0xca, 0xc3, 0x4e, 0x8d, 0x78, 0xb9, 0xd4, 0xaa, 0x72, 0x25, 0x5b, 0xba, 0xac, 0x0d, 0xbc,
-	0x3a, 0x4d, 0x48, 0x7f, 0xc8, 0xc9, 0xf5, 0x05, 0x29, 0x6f, 0x4a, 0xac, 0x91, 0x84, 0x81, 0x45,
-	0x30, 0x6b, 0xf8, 0x6a, 0xe7, 0xd2, 0x5c, 0xb5, 0x65, 0x49, 0x3a, 0x1b, 0xda, 0x13, 0xd2, 0xa8,
-	0x5f, 0x0f, 0x31, 0xd4, 0xc3, 0x5e, 0xcb, 0x3d, 0x1a, 0x43, 0x77, 0xc0, 0xb4, 0xd1, 0x72, 0x1c,
-	0x62, 0xf9, 0x96, 0xfe, 0x60, 0xa4, 0xa5, 0x8f, 0x71, 0xbd, 0x45, 0x84, 0x0e, 0xfa, 0xa2, 0x94,
-	0x3a, 0xbd, 0x2e, 0x40, 0x90, 0x8f, 0x36, 0xbe, 0xc1, 0x2f, 0x14, 0x70, 0x61, 0xdd, 0xb1, 0x5d,
-	0xf7, 0x31, 0x71, 0x5c, 0x6a, 0x5b, 0xdb, 0xd5, 0x3f, 0x10, 0xc3, 0x43, 0x64, 0x97, 0x38, 0xc4,
-	0x32, 0x08, 0x5c, 0x05, 0x99, 0x7d, 0x6a, 0x99, 0xd2, 0xdc, 0x39, 0xdf, 0xdc, 0xfb, 0xd4, 0x32,
-	0x11, 0x3f, 0x61, 0x14, 0xdc, 0x21, 0xa9, 0x38, 0x45, 0xc4, 0xda, 0x12, 0x00, 0xb8, 0x49, 0xa5,
-	0x00, 0xa9, 0x15, 0x94, 0x74, 0x60, 0xad, 0xbc, 0x21, 0x4f, 0x50, 0x84, 0x4a, 0xfd, 0xaf, 0x02,
-	0x4e, 0xff, 0xec, 0x99, 0x47, 0x1c, 0x0b, 0xd7, 0x63, 0x81, 0x56, 0x01, 0x53, 0x0d, 0xbe, 0xe6,
-	0x2a, 0x65, 0x4b, 0xdf, 0x1f, 0xe9, 0xb9, 0x0d, 0x93, 0x58, 0x1e, 0xdd, 0xa5, 0xc4, 0x09, 0xe3,
-	0x44, 0x9c, 0x20, 0x09, 0x75, 0xe4, 0x81, 0xa7, 0x7e, 0xda, 0xab, 0xbe, 0x08, 0x9f, 0x8f, 0xa2,
-	0xfe, 0xc7, 0x0a, 0x27, 0xf5, 0x9f, 0x0a, 0x58, 0xba, 0x57, 0x5e, 0xab, 0x08, 0xee, 0xb2, 0x5d,
-	0xa7, 0xc6, 0x01, 0xbc, 0x0d, 0x32, 0xde, 0x41, 0xd3, 0xcf, 0x80, 0x4b, 0xfe, 0x85, 0x3f, 0x3c,
-	0x68, 0xb2, 0x0c, 0x38, 0x9d, 0xa4, 0x67, 0xfb, 0x88, 0x73, 0xc0, 0xef, 0x80, 0xc9, 0x36, 0x93,
-	0xcb, 0xb5, 0x9c, 0xd4, 0xe7, 0x25, 0xeb, 0x24, 0x57, 0x06, 0x89, 0x33, 0x78, 0x07, 0xcc, 0x37,
-	0x89, 0x43, 0x6d, 0xb3, 0x42, 0x0c, 0xdb, 0x32, 0x5d, 0x1e, 0x30, 0x93, 0xfa, 0x19, 0x49, 0x3c,
-	0x5f, 0x8e, 0x1e, 0xa2, 0x38, 0xad, 0xfa, 0x8f, 0x14, 0x58, 0x0c, 0x15, 0x40, 0xad, 0x3a, 0x71,
-	0xe1, 0xef, 0xc1, 0x8a, 0xeb, 0xe1, 0x2a, 0xad, 0xd3, 0xe7, 0xd8, 0xa3, 0xb6, 0xb5, 0x43, 0x2d,
-	0xd3, 0x7e, 0x1a, 0x47, 0xcf, 0x77, 0x3b, 0x85, 0x95, 0xca, 0x40, 0x2a, 0x34, 0x04, 0x01, 0xde,
-	0x07, 0x73, 0x2e, 0xa9, 0x13, 0xc3, 0x13, 0xf6, 0x4a, 0xbf, 0x5c, 0xee, 0x76, 0x0a, 0x73, 0x95,
-	0xc8, 0xfe, 0xfb, 0x4e, 0xe1, 0x54, 0xcc, 0x31, 0xe2, 0x10, 0xc5, 0x98, 0xe1, 0xaf, 0xc1, 0x4c,
-	0x93, 0xfd, 0xa2, 0xc4, 0xcd, 0xa5, 0x56, 0xd3, 0x23, 0x22, 0x24, 0xe9, 0x6b, 0x7d, 0x49, 0x7a,
-	0x69, 0xa6, 0x2c, 0x41, 0x50, 0x00, 0xa7, 0xbe, 0x4a, 0x81, 0x73, 0xf7, 0x6c, 0x87, 0x3e, 0x67,
-	0xc9, 0x5f, 0x2f, 0xdb, 0xe6, 0x9a, 0x04, 0x23, 0x0e, 0x7c, 0x02, 0x66, 0x58, 0x93, 0x31, 0xb1,
-	0x87, 0x65, 0x60, 0xfe, 0x30, 0x22, 0x36, 0xe8, 0x15, 0x5a, 0x73, 0xbf, 0xc6, 0x36, 0x5c, 0x8d,
-	0x51, 0x6b, 0xed, 0x1b, 0x9a, 0xa8, 0x17, 0x5b, 0xc4, 0xc3, 0x61, 0x4a, 0x87, 0x7b, 0x28, 0x40,
-	0x85, 0xbf, 0x02, 0x19, 0xb7, 0x49, 0x0c, 0x19, 0xa0, 0xb7, 0x86, 0x19, 0xd5, 0x5f, 0xc7, 0x4a,
-	0x93, 0x18, 0x61, 0x79, 0x61, 0x2b, 0xc4, 0x11, 0xe1, 0x13, 0x30, 0xe5, 0xf2, 0x40, 0xe6, 0x77,
-	0x99, 0x2d, 0xdd, 0xfe, 0x00, 0x6c, 0x91, 0x08, 0x41, 0x7e, 0x89, 0x35, 0x92, 0xb8, 0xea, 0x67,
-	0x0a, 0x28, 0x0c, 0xe0, 0xd4, 0xc9, 0x1e, 0x6e, 0x53, 0xdb, 0x81, 0x0f, 0xc0, 0x34, 0xdf, 0x79,
-	0xd4, 0x94, 0x0e, 0xbc, 0x76, 0xa8, 0x7b, 0xe3, 0x21, 0xaa, 0x67, 0x59, 0xf6, 0x55, 0x04, 0x3b,
-	0xf2, 0x71, 0xe0, 0x0e, 0x98, 0xe5, 0x3f, 0xef, 0xda, 0x4f, 0x2d, 0xe9, 0xb7, 0x71, 0x40, 0xe7,
-	0x59, 0xd1, 0xaf, 0xf8, 0x00, 0x28, 0xc4, 0x52, 0xff, 0x9c, 0x06, 0xab, 0x03, 0xec, 0x59, 0xb7,
-	0x2d, 0x93, 0xb2, 0x18, 0x87, 0xf7, 0x62, 0x69, 0x7e, 0x33, 0x91, 0xe6, 0x97, 0x46, 0xf1, 0x47,
-	0xd2, 0x7e, 0x33, 0xb8, 0xa0, 0x54, 0x0c, 0x4b, 0xba, 0xf9, 0x7d, 0xa7, 0xd0, 0x67, 0xb0, 0xd2,
-	0x02, 0xa4, 0xf8, 0x65, 0xc0, 0x36, 0x80, 0x75, 0xec, 0x7a, 0x0f, 0x1d, 0x6c, 0xb9, 0x42, 0x12,
-	0x6d, 0x10, 0x79, 0xf5, 0xd7, 0x0e, 0x17, 0xb4, 0x8c, 0x43, 0x5f, 0x91, 0x5a, 0xc0, 0xcd, 0x1e,
-	0x34, 0xd4, 0x47, 0x02, 0xfc, 0x1e, 0x98, 0x72, 0x08, 0x76, 0x6d, 0x2b, 0x97, 0xe1, 0x56, 0x04,
-	0xc1, 0x82, 0xf8, 0x2e, 0x92, 0xa7, 0xf0, 0x2a, 0x98, 0x6e, 0x10, 0xd7, 0xc5, 0x35, 0x92, 0x9b,
-	0xe4, 0x84, 0x41, 0x79, 0xdd, 0x12, 0xdb, 0xc8, 0x3f, 0x57, 0x3f, 0x57, 0xc0, 0x85, 0x01, 0x7e,
-	0xdc, 0xa4, 0xae, 0x07, 0x7f, 0xdb, 0x93, 0x95, 0xda, 0xe1, 0x0c, 0x64, 0xdc, 0x3c, 0x27, 0x83,
-	0x7a, 0xe0, 0xef, 0x44, 0x32, 0x72, 0x07, 0x4c, 0x52, 0x8f, 0x34, 0xfc, 0x3a, 0x53, 0x1a, 0x3f,
-	0x6d, 0xc2, 0x0a, 0xbe, 0xc1, 0x80, 0x90, 0xc0, 0x53, 0x5f, 0xa5, 0x07, 0x9a, 0xc5, 0xd2, 0x16,
-	0xb6, 0xc1, 0x02, 0x5f, 0xc9, 0x9e, 0x49, 0x76, 0xa5, 0x71, 0xc3, 0x8a, 0xc2, 0x90, 0x19, 0x45,
-	0x3f, 0x2b, 0xb5, 0x58, 0xa8, 0xc4, 0x50, 0x51, 0x42, 0x0a, 0xbc, 0x01, 0xb2, 0x0d, 0x6a, 0x21,
-	0xd2, 0xac, 0x53, 0x03, 0xbb, 0xb2, 0x09, 0x2d, 0x76, 0x3b, 0x85, 0xec, 0x56, 0xb8, 0x8d, 0xa2,
-	0x34, 0xf0, 0xc7, 0x20, 0xdb, 0xc0, 0xcf, 0x02, 0x16, 0xd1, 0x2c, 0x4e, 0x49, 0x79, 0xd9, 0xad,
-	0xf0, 0x08, 0x45, 0xe9, 0x60, 0x99, 0xc5, 0x00, 0x6b, 0xb3, 0x6e, 0x2e, 0xc3, 0x9d, 0xfb, 0xdd,
-	0x91, 0x0d, 0x99, 0x97, 0xb7, 0x48, 0xa8, 0x70, 0x6e, 0xe4, 0xc3, 0x40, 0x13, 0xcc, 0x54, 0x65,
-	0xa9, 0xe1, 0x61, 0x95, 0x2d, 0xfd, 0xe4, 0x03, 0xee, 0x4b, 0x22, 0xe8, 0x73, 0x2c, 0x24, 0xfc,
-	0x15, 0x0a, 0x90, 0xd5, 0x97, 0x19, 0x70, 0x71, 0x68, 0x89, 0x84, 0x3f, 0x07, 0xd0, 0xae, 0xba,
-	0xc4, 0x69, 0x13, 0xf3, 0x17, 0xe2, 0x91, 0xc0, 0x66, 0x3a, 0x76, 0x7f, 0x69, 0xfd, 0x2c, 0xcb,
-	0xa6, 0xed, 0x9e, 0x53, 0xd4, 0x87, 0x03, 0x1a, 0x60, 0x9e, 0xe5, 0x98, 0xb8, 0x31, 0x2a, 0xc7,
-	0xc7, 0xf1, 0x12, 0x78, 0x99, 0x4d, 0x03, 0x9b, 0x51, 0x10, 0x14, 0xc7, 0x84, 0x6b, 0x60, 0x51,
-	0x4e, 0x32, 0x89, 0x1b, 0x3c, 0x27, 0xfd, 0xbc, 0xb8, 0x1e, 0x3f, 0x46, 0x49, 0x7a, 0x06, 0x61,
-	0x12, 0x97, 0x3a, 0xc4, 0x0c, 0x20, 0x32, 0x71, 0x88, 0xbb, 0xf1, 0x63, 0x94, 0xa4, 0x87, 0x35,
-	0xb0, 0x20, 0x51, 0xe5, 0xad, 0xe6, 0x26, 0x79, 0x4c, 0x8c, 0x1e, 0x32, 0x65, 0x5b, 0x0a, 0xe2,
-	0x7b, 0x3d, 0x06, 0x83, 0x12, 0xb0, 0xd0, 0x06, 0xc0, 0xf0, 0x8b, 0xa6, 0x9b, 0x9b, 0xe2, 0x42,
-	0xee, 0x8c, 0x1f, 0x25, 0x41, 0xe1, 0x0d, 0x3b, 0x7a, 0xb0, 0xe5, 0xa2, 0x88, 0x08, 0xf5, 0x6f,
-	0x0a, 0x58, 0x4a, 0x0e, 0xa9, 0xc1, 0x7b, 0x40, 0x19, 0xf8, 0x1e, 0xf8, 0x1d, 0x98, 0x11, 0x33,
-	0x8f, 0xed, 0xc8, 0x6b, 0xff, 0xd1, 0x21, 0xcb, 0x1a, 0xae, 0x92, 0x7a, 0x45, 0xb2, 0x8a, 0x20,
-	0xf6, 0x57, 0x28, 0x80, 0x54, 0x5f, 0x64, 0x00, 0x08, 0x73, 0x0a, 0xde, 0x8c, 0xf5, 0xb1, 0xd5,
-	0x44, 0x1f, 0x5b, 0x8a, 0x3e, 0x2e, 0x22, 0x3d, 0xeb, 0x01, 0x98, 0xb2, 0x79, 0x99, 0x91, 0x1a,
-	0x5e, 0x1f, 0xe2, 0xc7, 0x60, 0xde, 0x09, 0x80, 0x74, 0xc0, 0x1a, 0x83, 0xac, 0x53, 0x12, 0x08,
-	0x6e, 0x80, 0x4c, 0xd3, 0x36, 0xfd, 0x29, 0x65, 0xd8, 0x58, 0x57, 0xb6, 0x4d, 0x37, 0x06, 0x37,
-	0xc3, 0x34, 0x66, 0xbb, 0x88, 0x43, 0xb0, 0x29, 0xd1, 0xff, 0x94, 0xc0, 0xc3, 0x31, 0x5b, 0x2a,
-	0x0e, 0x81, 0xeb, 0xf7, 0x60, 0x17, 0xde, 0xf3, 0x4f, 0x50, 0x00, 0x07, 0xff, 0x08, 0x96, 0x8d,
-	0xe4, 0x03, 0x38, 0x37, 0x3d, 0x72, 0xb0, 0x1a, 0xfa, 0x75, 0x40, 0x3f, 0xd3, 0xed, 0x14, 0x96,
-	0x7b, 0x48, 0x50, 0xaf, 0x24, 0x66, 0x19, 0x91, 0xef, 0x26, 0x59, 0xe7, 0x86, 0x59, 0xd6, 0xef,
-	0x85, 0x28, 0x2c, 0xf3, 0x4f, 0x50, 0x00, 0xa7, 0xfe, 0x3d, 0x03, 0xe6, 0x62, 0x6f, 0xb1, 0x63,
-	0x8e, 0x0c, 0x91, 0xcc, 0x47, 0x16, 0x19, 0x02, 0xee, 0x48, 0x23, 0x43, 0x40, 0x1e, 0x53, 0x64,
-	0x08, 0x61, 0xc7, 0x14, 0x19, 0x11, 0xcb, 0xfa, 0x44, 0xc6, 0x27, 0x29, 0x3f, 0x32, 0xc4, 0xb0,
-	0x70, 0xb8, 0xc8, 0x10, 0xb4, 0x91, 0xc8, 0xd8, 0x8e, 0x3e, 0x6f, 0x47, 0xcc, 0x6a, 0x9a, 0xef,
-	0x56, 0xed, 0x41, 0x0b, 0x5b, 0x1e, 0xf5, 0x0e, 0xf4, 0xd9, 0x9e, 0xa7, 0xb0, 0x09, 0xe6, 0x70,
-	0x9b, 0x38, 0xb8, 0x46, 0xf8, 0xb6, 0x8c, 0x8f, 0x71, 0x71, 0x97, 0xd8, 0x4b, 0x74, 0x2d, 0x82,
-	0x83, 0x62, 0xa8, 0xac, 0xa5, 0xcb, 0xf5, 0x23, 0x2f, 0x78, 0xe2, 0xca, 0x2e, 0xc7, 0x5b, 0xfa,
-	0x5a, 0xcf, 0x29, 0xea, 0xc3, 0xa1, 0xfe, 0x35, 0x05, 0x96, 0x7b, 0x3e, 0x2e, 0x84, 0x4e, 0x51,
-	0x3e, 0x92, 0x53, 0x52, 0xc7, 0xe8, 0x94, 0xf4, 0xd8, 0x4e, 0xf9, 0x77, 0x0a, 0xc0, 0xde, 0xfe,
-	0x00, 0x0f, 0xf8, 0x58, 0x61, 0x38, 0xb4, 0x4a, 0x4c, 0x71, 0xfc, 0x2d, 0x67, 0xe0, 0xe8, 0x38,
-	0x12, 0x85, 0x45, 0x49, 0x39, 0x47, 0xff, 0x91, 0x35, 0xfc, 0xa4, 0x95, 0x3e, 0xb2, 0x4f, 0x5a,
-	0xea, 0xff, 0x92, 0x7e, 0x3b, 0x81, 0x9f, 0xcf, 0xfa, 0xdd, 0x72, 0xfa, 0x78, 0x6e, 0x59, 0xfd,
-	0x8f, 0x02, 0x96, 0x92, 0x63, 0xc4, 0x09, 0xf9, 0x76, 0xfa, 0xff, 0xb8, 0xea, 0x27, 0xf1, 0xbb,
-	0xe9, 0x4b, 0x05, 0x9c, 0x3e, 0x39, 0x7f, 0x93, 0xa8, 0xff, 0xea, 0x55, 0xf7, 0x04, 0xfc, 0xd9,
-	0xa1, 0xff, 0xf4, 0xf5, 0xbb, 0xfc, 0xc4, 0x9b, 0x77, 0xf9, 0x89, 0xb7, 0xef, 0xf2, 0x13, 0x7f,
-	0xea, 0xe6, 0x95, 0xd7, 0xdd, 0xbc, 0xf2, 0xa6, 0x9b, 0x57, 0xde, 0x76, 0xf3, 0xca, 0x17, 0xdd,
-	0xbc, 0xf2, 0x97, 0x2f, 0xf3, 0x13, 0xbf, 0x39, 0x3f, 0xf0, 0x9f, 0xc2, 0x6f, 0x02, 0x00, 0x00,
-	0xff, 0xff, 0xca, 0x8b, 0x47, 0xba, 0x45, 0x1c, 0x00, 0x00,
+	// 1742 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x59, 0xc9, 0x8f, 0x1b, 0x4b,
+	0x19, 0x9f, 0xb6, 0x3d, 0x5b, 0x79, 0xd6, 0xca, 0xe6, 0x4c, 0x14, 0x7b, 0xd4, 0x04, 0xb2, 0x40,
+	0xda, 0xc4, 0x84, 0x28, 0x22, 0x07, 0x34, 0x3d, 0x01, 0x32, 0xca, 0x0c, 0xe3, 0x94, 0x27, 0x19,
+	0x76, 0xa5, 0xdc, 0x5d, 0xe3, 0x29, 0xc6, 0xee, 0xb6, 0xba, 0xdb, 0x4e, 0x26, 0x12, 0x12, 0x17,
+	0xee, 0x08, 0x14, 0xf1, 0x4f, 0x44, 0x9c, 0x40, 0xe1, 0x00, 0x12, 0x12, 0x1c, 0x72, 0x41, 0xca,
+	0x81, 0x43, 0x4e, 0x16, 0x31, 0xd2, 0x3b, 0xbe, 0xe3, 0x3b, 0xe4, 0xf4, 0x54, 0x4b, 0xaf, 0xde,
+	0xc6, 0x79, 0x93, 0x91, 0xe6, 0xe6, 0xaa, 0xfa, 0xbe, 0xdf, 0xb7, 0xd4, 0xb7, 0x55, 0x1b, 0x5c,
+	0x3f, 0xb8, 0xeb, 0x6a, 0xd4, 0x2e, 0xe2, 0x26, 0x2d, 0xe2, 0x96, 0x67, 0xbb, 0x06, 0xae, 0x53,
+	0xab, 0x56, 0x6c, 0x97, 0x8a, 0x35, 0x62, 0x11, 0x07, 0x7b, 0xc4, 0xd4, 0x9a, 0x8e, 0xed, 0xd9,
+	0xf0, 0xa2, 0x20, 0xd5, 0x70, 0x93, 0x6a, 0x11, 0x52, 0xad, 0x5d, 0x5a, 0xb9, 0x59, 0xa3, 0xde,
+	0x7e, 0xab, 0xaa, 0x19, 0x76, 0xa3, 0x58, 0xb3, 0x6b, 0x76, 0x91, 0x73, 0x54, 0x5b, 0x7b, 0x7c,
+	0xc5, 0x17, 0xfc, 0x97, 0x40, 0x5a, 0x51, 0x23, 0x42, 0x0d, 0xdb, 0x21, 0xc5, 0xf6, 0xad, 0xa4,
+	0xb4, 0x95, 0xdb, 0x21, 0x4d, 0x03, 0x1b, 0xfb, 0xd4, 0x22, 0xce, 0x61, 0xb1, 0x79, 0x50, 0xe3,
+	0x4c, 0x0e, 0x71, 0xed, 0x96, 0x63, 0x90, 0xb1, 0xb8, 0xdc, 0x62, 0x83, 0x78, 0xb8, 0x9f, 0xac,
+	0xe2, 0x20, 0x2e, 0xa7, 0x65, 0x79, 0xb4, 0xd1, 0x2b, 0xe6, 0xce, 0x28, 0x06, 0xd7, 0xd8, 0x27,
+	0x0d, 0x9c, 0xe4, 0x53, 0x3f, 0x53, 0xc0, 0xe5, 0x75, 0xdb, 0xf2, 0x30, 0xe3, 0x40, 0xd2, 0x88,
+	0x2d, 0xe2, 0x39, 0xd4, 0xa8, 0xf0, 0xdf, 0x70, 0x1d, 0x64, 0x2c, 0xdc, 0x20, 0x39, 0x65, 0x55,
+	0xb9, 0x36, 0xab, 0x17, 0xdf, 0x74, 0x0a, 0x13, 0xdd, 0x4e, 0x21, 0xf3, 0x63, 0xdc, 0x20, 0x1f,
+	0x3a, 0x85, 0x42, 0xaf, 0xe3, 0x34, 0x1f, 0x86, 0x91, 0x20, 0xce, 0x0c, 0xb7, 0xc1, 0x94, 0x87,
+	0x9d, 0x1a, 0xf1, 0x72, 0xa9, 0x55, 0xe5, 0x5a, 0xb6, 0x74, 0x55, 0x1b, 0x78, 0x75, 0x9a, 0x90,
+	0xbe, 0xc3, 0xc9, 0xf5, 0x05, 0x29, 0x6f, 0x4a, 0xac, 0x91, 0x84, 0x81, 0x45, 0x30, 0x6b, 0xf8,
+	0x6a, 0xe7, 0xd2, 0x5c, 0xb5, 0x65, 0x49, 0x3a, 0x1b, 0xda, 0x13, 0xd2, 0xa8, 0x9f, 0x0f, 0x31,
+	0xd4, 0xc3, 0x5e, 0xcb, 0x3d, 0x1e, 0x43, 0x77, 0xc1, 0xb4, 0xd1, 0x72, 0x1c, 0x62, 0xf9, 0x96,
+	0x7e, 0x6b, 0xa4, 0xa5, 0x4f, 0x70, 0xbd, 0x45, 0x84, 0x0e, 0xfa, 0xa2, 0x94, 0x3a, 0xbd, 0x2e,
+	0x40, 0x90, 0x8f, 0x36, 0xbe, 0xc1, 0x2f, 0x15, 0x70, 0x69, 0xdd, 0xb1, 0x5d, 0xf7, 0x09, 0x71,
+	0x5c, 0x6a, 0x5b, 0xdb, 0xd5, 0x5f, 0x13, 0xc3, 0x43, 0x64, 0x8f, 0x38, 0xc4, 0x32, 0x08, 0x5c,
+	0x05, 0x99, 0x03, 0x6a, 0x99, 0xd2, 0xdc, 0x39, 0xdf, 0xdc, 0x87, 0xd4, 0x32, 0x11, 0x3f, 0x61,
+	0x14, 0xdc, 0x21, 0xa9, 0x38, 0x45, 0xc4, 0xda, 0x12, 0x00, 0xb8, 0x49, 0xa5, 0x00, 0xa9, 0x15,
+	0x94, 0x74, 0x60, 0xad, 0xbc, 0x21, 0x4f, 0x50, 0x84, 0x4a, 0xfd, 0xbb, 0x02, 0xce, 0xfe, 0xe0,
+	0xb9, 0x47, 0x1c, 0x0b, 0xd7, 0x63, 0x81, 0x56, 0x01, 0x53, 0x0d, 0xbe, 0xe6, 0x2a, 0x65, 0x4b,
+	0xdf, 0x1c, 0xe9, 0xb9, 0x0d, 0x93, 0x58, 0x1e, 0xdd, 0xa3, 0xc4, 0x09, 0xe3, 0x44, 0x9c, 0x20,
+	0x09, 0x75, 0xec, 0x81, 0xa7, 0xfe, 0xbb, 0x57, 0x7d, 0x11, 0x3e, 0x9f, 0x44, 0xfd, 0x4f, 0x15,
+	0x4e, 0xea, 0x9f, 0x15, 0xb0, 0xf4, 0xa0, 0xbc, 0x56, 0x11, 0xdc, 0x65, 0xbb, 0x4e, 0x8d, 0x43,
+	0x78, 0x17, 0x64, 0xbc, 0xc3, 0xa6, 0x9f, 0x01, 0x57, 0xfc, 0x0b, 0xdf, 0x39, 0x6c, 0xb2, 0x0c,
+	0x38, 0x9b, 0xa4, 0x67, 0xfb, 0x88, 0x73, 0xc0, 0xaf, 0x81, 0xc9, 0x36, 0x93, 0xcb, 0xb5, 0x9c,
+	0xd4, 0xe7, 0x25, 0xeb, 0x24, 0x57, 0x06, 0x89, 0x33, 0x78, 0x0f, 0xcc, 0x37, 0x89, 0x43, 0x6d,
+	0xb3, 0x42, 0x0c, 0xdb, 0x32, 0x5d, 0x1e, 0x30, 0x93, 0xfa, 0x39, 0x49, 0x3c, 0x5f, 0x8e, 0x1e,
+	0xa2, 0x38, 0xad, 0xfa, 0x45, 0x0a, 0x2c, 0x86, 0x0a, 0xa0, 0x56, 0x9d, 0xb8, 0xf0, 0x57, 0x60,
+	0xc5, 0xf5, 0x70, 0x95, 0xd6, 0xe9, 0x0b, 0xec, 0x51, 0xdb, 0xda, 0xa5, 0x96, 0x69, 0x3f, 0x8b,
+	0xa3, 0xe7, 0xbb, 0x9d, 0xc2, 0x4a, 0x65, 0x20, 0x15, 0x1a, 0x82, 0x00, 0x1f, 0x82, 0x39, 0x97,
+	0xd4, 0x89, 0xe1, 0x09, 0x7b, 0xa5, 0x5f, 0xae, 0x76, 0x3b, 0x85, 0xb9, 0x4a, 0x64, 0xff, 0x43,
+	0xa7, 0x70, 0x26, 0xe6, 0x18, 0x71, 0x88, 0x62, 0xcc, 0xf0, 0xa7, 0x60, 0xa6, 0xc9, 0x7e, 0x51,
+	0xe2, 0xe6, 0x52, 0xab, 0xe9, 0x11, 0x11, 0x92, 0xf4, 0xb5, 0xbe, 0x24, 0xbd, 0x34, 0x53, 0x96,
+	0x20, 0x28, 0x80, 0x83, 0x3f, 0x07, 0xb3, 0x9e, 0x5d, 0x27, 0x0e, 0xb6, 0x0c, 0x92, 0xcb, 0xf0,
+	0x38, 0xd1, 0x22, 0xd8, 0x41, 0x43, 0xd0, 0x9a, 0x07, 0x35, 0x2e, 0xcc, 0xef, 0x56, 0xda, 0xa3,
+	0x16, 0xb6, 0x3c, 0xea, 0x1d, 0xea, 0xf3, 0xac, 0x8e, 0xec, 0xf8, 0x20, 0x28, 0xc4, 0x53, 0x5f,
+	0xa7, 0xc0, 0x85, 0x07, 0xb6, 0x43, 0x5f, 0xb0, 0xca, 0x52, 0x2f, 0xdb, 0xe6, 0x9a, 0xd4, 0x94,
+	0x38, 0xf0, 0x29, 0x98, 0x61, 0x1d, 0xcc, 0xc4, 0x1e, 0x96, 0x51, 0xff, 0xed, 0x61, 0x72, 0x5d,
+	0x8d, 0x51, 0x6b, 0xed, 0x5b, 0x9a, 0x28, 0x46, 0x5b, 0xc4, 0xc3, 0x61, 0xbd, 0x08, 0xf7, 0x50,
+	0x80, 0x0a, 0x7f, 0x02, 0x32, 0x6e, 0x93, 0x18, 0x32, 0xfa, 0xef, 0x0c, 0xf3, 0x58, 0x7f, 0x1d,
+	0x2b, 0x4d, 0x62, 0x84, 0xb5, 0x8b, 0xad, 0x10, 0x47, 0x84, 0x4f, 0xc1, 0x94, 0xcb, 0xb3, 0x84,
+	0x07, 0x4a, 0xb6, 0x74, 0xf7, 0x23, 0xb0, 0x45, 0x96, 0x05, 0xc9, 0x2b, 0xd6, 0x48, 0xe2, 0xaa,
+	0xff, 0x51, 0x40, 0x61, 0x00, 0xa7, 0x4e, 0xf6, 0x71, 0x9b, 0xda, 0x0e, 0x7c, 0x04, 0xa6, 0xf9,
+	0xce, 0xe3, 0xa6, 0x74, 0xe0, 0x8d, 0x23, 0x05, 0x05, 0x8f, 0x7f, 0x3d, 0xcb, 0x52, 0xbb, 0x22,
+	0xd8, 0x91, 0x8f, 0x03, 0x77, 0xc1, 0x2c, 0xff, 0x79, 0xdf, 0x7e, 0x66, 0x49, 0xbf, 0x8d, 0x03,
+	0xca, 0x23, 0xa1, 0xe2, 0x03, 0xa0, 0x10, 0x4b, 0xfd, 0x5d, 0x1a, 0xac, 0x0e, 0xb0, 0x67, 0xdd,
+	0xb6, 0x4c, 0xca, 0x12, 0x08, 0x3e, 0x88, 0xd5, 0x90, 0xdb, 0x89, 0x1a, 0x72, 0x65, 0x14, 0x7f,
+	0xa4, 0xa6, 0x6c, 0x06, 0x17, 0x94, 0x8a, 0x61, 0x49, 0x37, 0x7f, 0xe8, 0x14, 0xfa, 0x4c, 0x6d,
+	0x5a, 0x80, 0x14, 0xbf, 0x0c, 0xd8, 0x06, 0xb0, 0x8e, 0x5d, 0x6f, 0xc7, 0xc1, 0x96, 0x2b, 0x24,
+	0xd1, 0x06, 0x91, 0x57, 0x7f, 0xe3, 0x68, 0x41, 0xcb, 0x38, 0xf4, 0x15, 0xa9, 0x05, 0xdc, 0xec,
+	0x41, 0x43, 0x7d, 0x24, 0xc0, 0x6f, 0x80, 0x29, 0x87, 0x60, 0xd7, 0xb6, 0x78, 0x62, 0xce, 0x86,
+	0xc1, 0x82, 0xf8, 0x2e, 0x92, 0xa7, 0xf0, 0x3a, 0x98, 0x6e, 0x10, 0xd7, 0xc5, 0x35, 0x92, 0x9b,
+	0xe4, 0x84, 0x41, 0xed, 0xde, 0x12, 0xdb, 0xc8, 0x3f, 0x57, 0xff, 0xab, 0x80, 0x4b, 0x03, 0xfc,
+	0xb8, 0x49, 0x5d, 0x0f, 0xfe, 0xa2, 0x27, 0x2b, 0xb5, 0xa3, 0x19, 0xc8, 0xb8, 0x79, 0x4e, 0x06,
+	0xc5, 0xc6, 0xdf, 0x89, 0x64, 0xe4, 0x2e, 0x98, 0xa4, 0x1e, 0x69, 0xf8, 0x45, 0xac, 0x34, 0x7e,
+	0xda, 0x84, 0xed, 0x61, 0x83, 0x01, 0x21, 0x81, 0xa7, 0xbe, 0x4e, 0x0f, 0x34, 0x8b, 0xa5, 0x2d,
+	0x6c, 0x83, 0x05, 0xbe, 0x92, 0x0d, 0x99, 0xec, 0x49, 0xe3, 0x86, 0x15, 0x85, 0x21, 0x03, 0x90,
+	0x7e, 0x5e, 0x6a, 0xb1, 0x50, 0x89, 0xa1, 0xa2, 0x84, 0x14, 0x78, 0x0b, 0x64, 0x1b, 0xd4, 0x42,
+	0xa4, 0x59, 0xa7, 0x06, 0x76, 0x65, 0x87, 0x5b, 0xec, 0x76, 0x0a, 0xd9, 0xad, 0x70, 0x1b, 0x45,
+	0x69, 0xe0, 0x77, 0x41, 0xb6, 0x81, 0x9f, 0x07, 0x2c, 0xa2, 0x13, 0x9d, 0x91, 0xf2, 0xb2, 0x5b,
+	0xe1, 0x11, 0x8a, 0xd2, 0xc1, 0x32, 0x8b, 0x01, 0xd6, 0xc3, 0xdd, 0x5c, 0x86, 0x3b, 0xf7, 0xeb,
+	0x23, 0xbb, 0x3d, 0x2f, 0x6f, 0x91, 0x50, 0xe1, 0xdc, 0xc8, 0x87, 0x81, 0x26, 0x98, 0xa9, 0xca,
+	0x52, 0xc3, 0xc3, 0x2a, 0x5b, 0xfa, 0xde, 0x47, 0xdc, 0x97, 0x44, 0xd0, 0xe7, 0x58, 0x48, 0xf8,
+	0x2b, 0x14, 0x20, 0xab, 0xaf, 0x32, 0xe0, 0xf2, 0xd0, 0x12, 0x09, 0x7f, 0x08, 0xa0, 0x5d, 0x75,
+	0x89, 0xd3, 0x26, 0xe6, 0x8f, 0xc4, 0x0b, 0x84, 0x0d, 0x8c, 0xec, 0xfe, 0xd2, 0xfa, 0x79, 0x96,
+	0x4d, 0xdb, 0x3d, 0xa7, 0xa8, 0x0f, 0x07, 0x34, 0xc0, 0x3c, 0xcb, 0x31, 0x71, 0x63, 0x54, 0xce,
+	0xa6, 0xe3, 0x25, 0xf0, 0x32, 0x1b, 0x35, 0x36, 0xa3, 0x20, 0x28, 0x8e, 0x09, 0xd7, 0xc0, 0xa2,
+	0x1c, 0x93, 0x12, 0x37, 0x78, 0x41, 0xfa, 0x79, 0x71, 0x3d, 0x7e, 0x8c, 0x92, 0xf4, 0x0c, 0xc2,
+	0x24, 0x2e, 0x75, 0x88, 0x19, 0x40, 0x64, 0xe2, 0x10, 0xf7, 0xe3, 0xc7, 0x28, 0x49, 0x0f, 0x6b,
+	0x60, 0x41, 0xa2, 0xca, 0x5b, 0xcd, 0x4d, 0xf2, 0x98, 0x18, 0x3d, 0xc1, 0xca, 0xb6, 0x14, 0xc4,
+	0xf7, 0x7a, 0x0c, 0x06, 0x25, 0x60, 0xa1, 0x0d, 0x80, 0xe1, 0x17, 0x4d, 0x37, 0x37, 0xc5, 0x85,
+	0xdc, 0x1b, 0x3f, 0x4a, 0x82, 0xc2, 0x1b, 0x76, 0xf4, 0x60, 0xcb, 0x45, 0x11, 0x11, 0xea, 0x1f,
+	0x15, 0xb0, 0x94, 0x9c, 0x80, 0x83, 0xc7, 0x86, 0x32, 0xf0, 0xb1, 0xf1, 0x4b, 0x30, 0x23, 0x06,
+	0x2a, 0xdb, 0x91, 0xd7, 0xfe, 0x9d, 0x23, 0x96, 0x35, 0x5c, 0x25, 0xf5, 0x8a, 0x64, 0x15, 0x41,
+	0xec, 0xaf, 0x50, 0x00, 0xa9, 0xbe, 0xcc, 0x00, 0x10, 0xe6, 0x14, 0xbc, 0x1d, 0xeb, 0x63, 0xab,
+	0x89, 0x3e, 0xb6, 0x14, 0x7d, 0xb9, 0x44, 0x7a, 0xd6, 0x23, 0x30, 0x65, 0xf3, 0x32, 0x23, 0x35,
+	0xbc, 0x39, 0xc4, 0x8f, 0xc1, 0xbc, 0x13, 0x00, 0xe9, 0x80, 0x35, 0x06, 0x59, 0xa7, 0x24, 0x10,
+	0xdc, 0x00, 0x99, 0xa6, 0x6d, 0xfa, 0x53, 0xca, 0xb0, 0x99, 0xb1, 0x6c, 0x9b, 0x6e, 0x0c, 0x6e,
+	0x86, 0x69, 0xcc, 0x76, 0x11, 0x87, 0x60, 0x23, 0xa8, 0x3f, 0xf9, 0xc9, 0x31, 0xb1, 0x38, 0x04,
+	0xae, 0xdf, 0xd7, 0x00, 0xe1, 0x3d, 0xff, 0x04, 0x05, 0x70, 0xf0, 0x37, 0x60, 0xd9, 0x48, 0xbe,
+	0xae, 0x73, 0xd3, 0x23, 0x07, 0xab, 0xa1, 0x9f, 0x1e, 0xf4, 0x73, 0xdd, 0x4e, 0x61, 0xb9, 0x87,
+	0x04, 0xf5, 0x4a, 0x62, 0x96, 0x11, 0xf9, 0x28, 0x93, 0x75, 0x6e, 0x98, 0x65, 0xfd, 0x9e, 0x9f,
+	0xc2, 0x32, 0xff, 0x04, 0x05, 0x70, 0xea, 0x9f, 0x32, 0x60, 0x2e, 0xf6, 0xd0, 0x3b, 0xe1, 0xc8,
+	0x10, 0xc9, 0x7c, 0x6c, 0x91, 0x21, 0xe0, 0x8e, 0x35, 0x32, 0x04, 0xe4, 0x09, 0x45, 0x86, 0x10,
+	0x76, 0x42, 0x91, 0x11, 0xb1, 0xac, 0x4f, 0x64, 0xfc, 0x2b, 0xe5, 0x47, 0x86, 0x18, 0x16, 0x8e,
+	0x16, 0x19, 0x82, 0x36, 0x12, 0x19, 0xdb, 0xd1, 0xb7, 0xf3, 0xf8, 0x2f, 0xb7, 0xd9, 0x9e, 0x77,
+	0xb6, 0x09, 0xe6, 0x70, 0x9b, 0x38, 0xb8, 0x46, 0xf8, 0xb6, 0x8c, 0x8f, 0x71, 0x71, 0x97, 0xd8,
+	0x33, 0x77, 0x2d, 0x82, 0x83, 0x62, 0xa8, 0xac, 0xa5, 0xcb, 0xf5, 0x63, 0x2f, 0x78, 0x3f, 0xcb,
+	0x2e, 0xc7, 0x5b, 0xfa, 0x5a, 0xcf, 0x29, 0xea, 0xc3, 0xa1, 0xfe, 0x21, 0x05, 0x96, 0x7b, 0xbe,
+	0x5c, 0x84, 0x4e, 0x51, 0x3e, 0x91, 0x53, 0x52, 0x27, 0xe8, 0x94, 0xf4, 0xd8, 0x4e, 0xf9, 0x6b,
+	0x0a, 0xc0, 0xde, 0xfe, 0x00, 0x0f, 0xf9, 0x58, 0x61, 0x38, 0xb4, 0x4a, 0x4c, 0x71, 0xfc, 0x15,
+	0x67, 0xe0, 0xe8, 0x38, 0x12, 0x85, 0x45, 0x49, 0x39, 0xc7, 0xff, 0x05, 0x37, 0xfc, 0x5e, 0x96,
+	0x3e, 0xb6, 0xef, 0x65, 0xea, 0x3f, 0x92, 0x7e, 0x3b, 0x85, 0xdf, 0xe6, 0xfa, 0xdd, 0x72, 0xfa,
+	0x64, 0x6e, 0x59, 0xfd, 0x9b, 0x02, 0x96, 0x92, 0x63, 0xc4, 0x29, 0xf9, 0x30, 0xfb, 0xcf, 0xb8,
+	0xea, 0xa7, 0xf1, 0xa3, 0xec, 0x2b, 0x05, 0x9c, 0x3d, 0x3d, 0xff, 0xc1, 0xa8, 0x7f, 0xe9, 0x55,
+	0xf7, 0x14, 0xfc, 0x93, 0xa2, 0x7f, 0xff, 0xcd, 0xfb, 0xfc, 0xc4, 0xdb, 0xf7, 0xf9, 0x89, 0x77,
+	0xef, 0xf3, 0x13, 0xbf, 0xed, 0xe6, 0x95, 0x37, 0xdd, 0xbc, 0xf2, 0xb6, 0x9b, 0x57, 0xde, 0x75,
+	0xf3, 0xca, 0xff, 0xba, 0x79, 0xe5, 0xf7, 0xff, 0xcf, 0x4f, 0xfc, 0xec, 0xe2, 0xc0, 0xbf, 0x21,
+	0xbf, 0x0c, 0x00, 0x00, 0xff, 0xff, 0xbe, 0x23, 0xae, 0x54, 0xa2, 0x1c, 0x00, 0x00,
 }
 
 func (m *ContainerResourceMetricSource) Marshal() (dAtA []byte, err error) {
@@ -1126,6 +1127,18 @@ func (m *HPAScalingRules) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.Tolerance != nil {
+		{
+			size, err := m.Tolerance.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x22
+	}
 	if m.StabilizationWindowSeconds != nil {
 		i = encodeVarintGenerated(dAtA, i, uint64(*m.StabilizationWindowSeconds))
 		i--
@@ -2203,6 +2216,10 @@ func (m *HPAScalingRules) Size() (n int) {
 	if m.StabilizationWindowSeconds != nil {
 		n += 1 + sovGenerated(uint64(*m.StabilizationWindowSeconds))
 	}
+	if m.Tolerance != nil {
+		l = m.Tolerance.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -2619,6 +2636,7 @@ func (this *HPAScalingRules) String() string {
 		`SelectPolicy:` + valueToStringGenerated(this.SelectPolicy) + `,`,
 		`Policies:` + repeatedStringForPolicies + `,`,
 		`StabilizationWindowSeconds:` + valueToStringGenerated(this.StabilizationWindowSeconds) + `,`,
+		`Tolerance:` + strings.Replace(fmt.Sprintf("%v", this.Tolerance), "Quantity", "resource.Quantity", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3770,6 +3788,42 @@ func (m *HPAScalingRules) Unmarshal(dAtA []byte) error {
 				}
 			}
 			m.StabilizationWindowSeconds = &v
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Tolerance", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Tolerance == nil {
+				m.Tolerance = &resource.Quantity{}
+			}
+			if err := m.Tolerance.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/autoscaling/v2/generated.proto b/vendor/k8s.io/api/autoscaling/v2/generated.proto
index 4e6dc0592a..04c34d6e16 100644
--- a/vendor/k8s.io/api/autoscaling/v2/generated.proto
+++ b/vendor/k8s.io/api/autoscaling/v2/generated.proto
@@ -112,12 +112,18 @@ message HPAScalingPolicy {
   optional int32 periodSeconds = 3;
 }
 
-// HPAScalingRules configures the scaling behavior for one direction.
-// These Rules are applied after calculating DesiredReplicas from metrics for the HPA.
+// HPAScalingRules configures the scaling behavior for one direction via
+// scaling Policy Rules and a configurable metric tolerance.
+//
+// Scaling Policy Rules are applied after calculating DesiredReplicas from metrics for the HPA.
 // They can limit the scaling velocity by specifying scaling policies.
 // They can prevent flapping by specifying the stabilization window, so that the
 // number of replicas is not set instantly, instead, the safest value from the stabilization
 // window is chosen.
+//
+// The tolerance is applied to the metric values and prevents scaling too
+// eagerly for small metric variations. (Note that setting a tolerance requires
+// enabling the alpha HPAConfigurableTolerance feature gate.)
 message HPAScalingRules {
   // stabilizationWindowSeconds is the number of seconds for which past recommendations should be
   // considered while scaling up or scaling down.
@@ -134,10 +140,28 @@ message HPAScalingRules {
   optional string selectPolicy = 1;
 
   // policies is a list of potential scaling polices which can be used during scaling.
-  // At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid
+  // If not set, use the default values:
+  // - For scale up: allow doubling the number of pods, or an absolute change of 4 pods in a 15s window.
+  // - For scale down: allow all pods to be removed in a 15s window.
   // +listType=atomic
   // +optional
   repeated HPAScalingPolicy policies = 2;
+
+  // tolerance is the tolerance on the ratio between the current and desired
+  // metric value under which no updates are made to the desired number of
+  // replicas (e.g. 0.01 for 1%). Must be greater than or equal to zero. If not
+  // set, the default cluster-wide tolerance is applied (by default 10%).
+  //
+  // For example, if autoscaling is configured with a memory consumption target of 100Mi,
+  // and scale-down and scale-up tolerances of 5% and 1% respectively, scaling will be
+  // triggered when the actual consumption falls below 95Mi or exceeds 101Mi.
+  //
+  // This is an alpha field and requires enabling the HPAConfigurableTolerance
+  // feature gate.
+  //
+  // +featureGate=HPAConfigurableTolerance
+  // +optional
+  optional .k8s.io.apimachinery.pkg.api.resource.Quantity tolerance = 4;
 }
 
 // HorizontalPodAutoscaler is the configuration for a horizontal pod
diff --git a/vendor/k8s.io/api/autoscaling/v2/types.go b/vendor/k8s.io/api/autoscaling/v2/types.go
index 99e8db09dc..9ce69b1edc 100644
--- a/vendor/k8s.io/api/autoscaling/v2/types.go
+++ b/vendor/k8s.io/api/autoscaling/v2/types.go
@@ -171,12 +171,18 @@ const (
 	DisabledPolicySelect ScalingPolicySelect = "Disabled"
 )
 
-// HPAScalingRules configures the scaling behavior for one direction.
-// These Rules are applied after calculating DesiredReplicas from metrics for the HPA.
+// HPAScalingRules configures the scaling behavior for one direction via
+// scaling Policy Rules and a configurable metric tolerance.
+//
+// Scaling Policy Rules are applied after calculating DesiredReplicas from metrics for the HPA.
 // They can limit the scaling velocity by specifying scaling policies.
 // They can prevent flapping by specifying the stabilization window, so that the
 // number of replicas is not set instantly, instead, the safest value from the stabilization
 // window is chosen.
+//
+// The tolerance is applied to the metric values and prevents scaling too
+// eagerly for small metric variations. (Note that setting a tolerance requires
+// enabling the alpha HPAConfigurableTolerance feature gate.)
 type HPAScalingRules struct {
 	// stabilizationWindowSeconds is the number of seconds for which past recommendations should be
 	// considered while scaling up or scaling down.
@@ -193,10 +199,28 @@ type HPAScalingRules struct {
 	SelectPolicy *ScalingPolicySelect `json:"selectPolicy,omitempty" protobuf:"bytes,1,opt,name=selectPolicy"`
 
 	// policies is a list of potential scaling polices which can be used during scaling.
-	// At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid
+	// If not set, use the default values:
+	// - For scale up: allow doubling the number of pods, or an absolute change of 4 pods in a 15s window.
+	// - For scale down: allow all pods to be removed in a 15s window.
 	// +listType=atomic
 	// +optional
 	Policies []HPAScalingPolicy `json:"policies,omitempty" listType:"atomic" protobuf:"bytes,2,rep,name=policies"`
+
+	// tolerance is the tolerance on the ratio between the current and desired
+	// metric value under which no updates are made to the desired number of
+	// replicas (e.g. 0.01 for 1%). Must be greater than or equal to zero. If not
+	// set, the default cluster-wide tolerance is applied (by default 10%).
+	//
+	// For example, if autoscaling is configured with a memory consumption target of 100Mi,
+	// and scale-down and scale-up tolerances of 5% and 1% respectively, scaling will be
+	// triggered when the actual consumption falls below 95Mi or exceeds 101Mi.
+	//
+	// This is an alpha field and requires enabling the HPAConfigurableTolerance
+	// feature gate.
+	//
+	// +featureGate=HPAConfigurableTolerance
+	// +optional
+	Tolerance *resource.Quantity `json:"tolerance,omitempty" protobuf:"bytes,4,opt,name=tolerance"`
 }
 
 // HPAScalingPolicyType is the type of the policy which could be used while making scaling decisions.
diff --git a/vendor/k8s.io/api/autoscaling/v2/types_swagger_doc_generated.go b/vendor/k8s.io/api/autoscaling/v2/types_swagger_doc_generated.go
index 649cd04a03..017fefcde7 100644
--- a/vendor/k8s.io/api/autoscaling/v2/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/autoscaling/v2/types_swagger_doc_generated.go
@@ -92,10 +92,11 @@ func (HPAScalingPolicy) SwaggerDoc() map[string]string {
 }
 
 var map_HPAScalingRules = map[string]string{
-	"":                           "HPAScalingRules configures the scaling behavior for one direction. These Rules are applied after calculating DesiredReplicas from metrics for the HPA. They can limit the scaling velocity by specifying scaling policies. They can prevent flapping by specifying the stabilization window, so that the number of replicas is not set instantly, instead, the safest value from the stabilization window is chosen.",
+	"":                           "HPAScalingRules configures the scaling behavior for one direction via scaling Policy Rules and a configurable metric tolerance.\n\nScaling Policy Rules are applied after calculating DesiredReplicas from metrics for the HPA. They can limit the scaling velocity by specifying scaling policies. They can prevent flapping by specifying the stabilization window, so that the number of replicas is not set instantly, instead, the safest value from the stabilization window is chosen.\n\nThe tolerance is applied to the metric values and prevents scaling too eagerly for small metric variations. (Note that setting a tolerance requires enabling the alpha HPAConfigurableTolerance feature gate.)",
 	"stabilizationWindowSeconds": "stabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long).",
 	"selectPolicy":               "selectPolicy is used to specify which policy should be used. If not set, the default value Max is used.",
-	"policies":                   "policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid",
+	"policies":                   "policies is a list of potential scaling polices which can be used during scaling. If not set, use the default values: - For scale up: allow doubling the number of pods, or an absolute change of 4 pods in a 15s window. - For scale down: allow all pods to be removed in a 15s window.",
+	"tolerance":                  "tolerance is the tolerance on the ratio between the current and desired metric value under which no updates are made to the desired number of replicas (e.g. 0.01 for 1%). Must be greater than or equal to zero. If not set, the default cluster-wide tolerance is applied (by default 10%).\n\nFor example, if autoscaling is configured with a memory consumption target of 100Mi, and scale-down and scale-up tolerances of 5% and 1% respectively, scaling will be triggered when the actual consumption falls below 95Mi or exceeds 101Mi.\n\nThis is an alpha field and requires enabling the HPAConfigurableTolerance feature gate.",
 }
 
 func (HPAScalingRules) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/autoscaling/v2/zz_generated.deepcopy.go b/vendor/k8s.io/api/autoscaling/v2/zz_generated.deepcopy.go
index 125708d6fd..5fbcf9f807 100644
--- a/vendor/k8s.io/api/autoscaling/v2/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/autoscaling/v2/zz_generated.deepcopy.go
@@ -146,6 +146,11 @@ func (in *HPAScalingRules) DeepCopyInto(out *HPAScalingRules) {
 		*out = make([]HPAScalingPolicy, len(*in))
 		copy(*out, *in)
 	}
+	if in.Tolerance != nil {
+		in, out := &in.Tolerance, &out.Tolerance
+		x := (*in).DeepCopy()
+		*out = &x
+	}
 	return
 }
 
diff --git a/vendor/k8s.io/api/autoscaling/v2beta1/doc.go b/vendor/k8s.io/api/autoscaling/v2beta1/doc.go
index 25ca507bba..eac92e86e8 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta1/doc.go
+++ b/vendor/k8s.io/api/autoscaling/v2beta1/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v2beta1 // import "k8s.io/api/autoscaling/v2beta1"
+package v2beta1
diff --git a/vendor/k8s.io/api/autoscaling/v2beta2/doc.go b/vendor/k8s.io/api/autoscaling/v2beta2/doc.go
index 76fb0aff87..1500372978 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta2/doc.go
+++ b/vendor/k8s.io/api/autoscaling/v2beta2/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v2beta2 // import "k8s.io/api/autoscaling/v2beta2"
+package v2beta2
diff --git a/vendor/k8s.io/api/batch/v1/doc.go b/vendor/k8s.io/api/batch/v1/doc.go
index cb5cbb6002..69088e2c5b 100644
--- a/vendor/k8s.io/api/batch/v1/doc.go
+++ b/vendor/k8s.io/api/batch/v1/doc.go
@@ -18,4 +18,4 @@ limitations under the License.
 // +k8s:protobuf-gen=package
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
-package v1 // import "k8s.io/api/batch/v1"
+package v1
diff --git a/vendor/k8s.io/api/batch/v1/generated.proto b/vendor/k8s.io/api/batch/v1/generated.proto
index 361ebdca12..d3aeae0adb 100644
--- a/vendor/k8s.io/api/batch/v1/generated.proto
+++ b/vendor/k8s.io/api/batch/v1/generated.proto
@@ -222,8 +222,6 @@ message JobSpec {
   // When the field is specified, it must be immutable and works only for the Indexed Jobs.
   // Once the Job meets the SuccessPolicy, the lingering pods are terminated.
   //
-  // This field is beta-level. To use this field, you must enable the
-  // `JobSuccessPolicy` feature gate (enabled by default).
   // +optional
   optional SuccessPolicy successPolicy = 16;
 
@@ -238,8 +236,6 @@ message JobSpec {
   // batch.kubernetes.io/job-index-failure-count annotation. It can only
   // be set when Job's completionMode=Indexed, and the Pod's restart
   // policy is Never. The field is immutable.
-  // This field is beta-level. It can be used when the `JobBackoffLimitPerIndex`
-  // feature gate is enabled (enabled by default).
   // +optional
   optional int32 backoffLimitPerIndex = 12;
 
@@ -251,8 +247,6 @@ message JobSpec {
   // It can only be specified when backoffLimitPerIndex is set.
   // It can be null or up to completions. It is required and must be
   // less than or equal to 10^4 when is completions greater than 10^5.
-  // This field is beta-level. It can be used when the `JobBackoffLimitPerIndex`
-  // feature gate is enabled (enabled by default).
   // +optional
   optional int32 maxFailedIndexes = 13;
 
@@ -442,8 +436,6 @@ message JobStatus {
   // represented as "1,3-5,7".
   // The set of failed indexes cannot overlap with the set of completed indexes.
   //
-  // This field is beta-level. It can be used when the `JobBackoffLimitPerIndex`
-  // feature gate is enabled (enabled by default).
   // +optional
   optional string failedIndexes = 10;
 
@@ -554,8 +546,6 @@ message PodFailurePolicyRule {
   //   running pods are terminated.
   // - FailIndex: indicates that the pod's index is marked as Failed and will
   //   not be restarted.
-  //   This value is beta-level. It can be used when the
-  //   `JobBackoffLimitPerIndex` feature gate is enabled (enabled by default).
   // - Ignore: indicates that the counter towards the .backoffLimit is not
   //   incremented and a replacement pod is created.
   // - Count: indicates that the pod is handled in the default way - the
diff --git a/vendor/k8s.io/api/batch/v1/types.go b/vendor/k8s.io/api/batch/v1/types.go
index 8e9a761b95..6c0007c21e 100644
--- a/vendor/k8s.io/api/batch/v1/types.go
+++ b/vendor/k8s.io/api/batch/v1/types.go
@@ -128,7 +128,6 @@ const (
 	// This is an action which might be taken on a pod failure - mark the
 	// Job's index as failed to avoid restarts within this index. This action
 	// can only be used when backoffLimitPerIndex is set.
-	// This value is beta-level.
 	PodFailurePolicyActionFailIndex PodFailurePolicyAction = "FailIndex"
 
 	// This is an action which might be taken on a pod failure - the counter towards
@@ -223,8 +222,6 @@ type PodFailurePolicyRule struct {
 	//   running pods are terminated.
 	// - FailIndex: indicates that the pod's index is marked as Failed and will
 	//   not be restarted.
-	//   This value is beta-level. It can be used when the
-	//   `JobBackoffLimitPerIndex` feature gate is enabled (enabled by default).
 	// - Ignore: indicates that the counter towards the .backoffLimit is not
 	//   incremented and a replacement pod is created.
 	// - Count: indicates that the pod is handled in the default way - the
@@ -346,8 +343,6 @@ type JobSpec struct {
 	// When the field is specified, it must be immutable and works only for the Indexed Jobs.
 	// Once the Job meets the SuccessPolicy, the lingering pods are terminated.
 	//
-	// This field is beta-level. To use this field, you must enable the
-	// `JobSuccessPolicy` feature gate (enabled by default).
 	// +optional
 	SuccessPolicy *SuccessPolicy `json:"successPolicy,omitempty" protobuf:"bytes,16,opt,name=successPolicy"`
 
@@ -362,8 +357,6 @@ type JobSpec struct {
 	// batch.kubernetes.io/job-index-failure-count annotation. It can only
 	// be set when Job's completionMode=Indexed, and the Pod's restart
 	// policy is Never. The field is immutable.
-	// This field is beta-level. It can be used when the `JobBackoffLimitPerIndex`
-	// feature gate is enabled (enabled by default).
 	// +optional
 	BackoffLimitPerIndex *int32 `json:"backoffLimitPerIndex,omitempty" protobuf:"varint,12,opt,name=backoffLimitPerIndex"`
 
@@ -375,8 +368,6 @@ type JobSpec struct {
 	// It can only be specified when backoffLimitPerIndex is set.
 	// It can be null or up to completions. It is required and must be
 	// less than or equal to 10^4 when is completions greater than 10^5.
-	// This field is beta-level. It can be used when the `JobBackoffLimitPerIndex`
-	// feature gate is enabled (enabled by default).
 	// +optional
 	MaxFailedIndexes *int32 `json:"maxFailedIndexes,omitempty" protobuf:"varint,13,opt,name=maxFailedIndexes"`
 
@@ -571,8 +562,6 @@ type JobStatus struct {
 	// represented as "1,3-5,7".
 	// The set of failed indexes cannot overlap with the set of completed indexes.
 	//
-	// This field is beta-level. It can be used when the `JobBackoffLimitPerIndex`
-	// feature gate is enabled (enabled by default).
 	// +optional
 	FailedIndexes *string `json:"failedIndexes,omitempty" protobuf:"bytes,10,opt,name=failedIndexes"`
 
@@ -647,13 +636,9 @@ const (
 	JobReasonFailedIndexes string = "FailedIndexes"
 	// JobReasonSuccessPolicy reason indicates a SuccessCriteriaMet condition is added due to
 	// a Job met successPolicy.
-	// https://kep.k8s.io/3998
-	// This is currently a beta field.
 	JobReasonSuccessPolicy string = "SuccessPolicy"
 	// JobReasonCompletionsReached reason indicates a SuccessCriteriaMet condition is added due to
 	// a number of succeeded Job pods met completions.
-	// - https://kep.k8s.io/3998
-	// This is currently a beta field.
 	JobReasonCompletionsReached string = "CompletionsReached"
 )
 
diff --git a/vendor/k8s.io/api/batch/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/batch/v1/types_swagger_doc_generated.go
index 893f3371f0..ffd4e4f5fe 100644
--- a/vendor/k8s.io/api/batch/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/batch/v1/types_swagger_doc_generated.go
@@ -116,10 +116,10 @@ var map_JobSpec = map[string]string{
 	"completions":             "Specifies the desired number of successfully finished pods the job should be run with.  Setting to null means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value.  Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/",
 	"activeDeadlineSeconds":   "Specifies the duration in seconds relative to the startTime that the job may be continuously active before the system tries to terminate it; value must be positive integer. If a Job is suspended (at creation or through an update), this timer will effectively be stopped and reset when the Job is resumed again.",
 	"podFailurePolicy":        "Specifies the policy of handling failed pods. In particular, it allows to specify the set of actions and conditions which need to be satisfied to take the associated action. If empty, the default behaviour applies - the counter of failed pods, represented by the jobs's .status.failed field, is incremented and it is checked against the backoffLimit. This field cannot be used in combination with restartPolicy=OnFailure.",
-	"successPolicy":           "successPolicy specifies the policy when the Job can be declared as succeeded. If empty, the default behavior applies - the Job is declared as succeeded only when the number of succeeded pods equals to the completions. When the field is specified, it must be immutable and works only for the Indexed Jobs. Once the Job meets the SuccessPolicy, the lingering pods are terminated.\n\nThis field is beta-level. To use this field, you must enable the `JobSuccessPolicy` feature gate (enabled by default).",
+	"successPolicy":           "successPolicy specifies the policy when the Job can be declared as succeeded. If empty, the default behavior applies - the Job is declared as succeeded only when the number of succeeded pods equals to the completions. When the field is specified, it must be immutable and works only for the Indexed Jobs. Once the Job meets the SuccessPolicy, the lingering pods are terminated.",
 	"backoffLimit":            "Specifies the number of retries before marking this job failed. Defaults to 6",
-	"backoffLimitPerIndex":    "Specifies the limit for the number of retries within an index before marking this index as failed. When enabled the number of failures per index is kept in the pod's batch.kubernetes.io/job-index-failure-count annotation. It can only be set when Job's completionMode=Indexed, and the Pod's restart policy is Never. The field is immutable. This field is beta-level. It can be used when the `JobBackoffLimitPerIndex` feature gate is enabled (enabled by default).",
-	"maxFailedIndexes":        "Specifies the maximal number of failed indexes before marking the Job as failed, when backoffLimitPerIndex is set. Once the number of failed indexes exceeds this number the entire Job is marked as Failed and its execution is terminated. When left as null the job continues execution of all of its indexes and is marked with the `Complete` Job condition. It can only be specified when backoffLimitPerIndex is set. It can be null or up to completions. It is required and must be less than or equal to 10^4 when is completions greater than 10^5. This field is beta-level. It can be used when the `JobBackoffLimitPerIndex` feature gate is enabled (enabled by default).",
+	"backoffLimitPerIndex":    "Specifies the limit for the number of retries within an index before marking this index as failed. When enabled the number of failures per index is kept in the pod's batch.kubernetes.io/job-index-failure-count annotation. It can only be set when Job's completionMode=Indexed, and the Pod's restart policy is Never. The field is immutable.",
+	"maxFailedIndexes":        "Specifies the maximal number of failed indexes before marking the Job as failed, when backoffLimitPerIndex is set. Once the number of failed indexes exceeds this number the entire Job is marked as Failed and its execution is terminated. When left as null the job continues execution of all of its indexes and is marked with the `Complete` Job condition. It can only be specified when backoffLimitPerIndex is set. It can be null or up to completions. It is required and must be less than or equal to 10^4 when is completions greater than 10^5.",
 	"selector":                "A label query over pods that should match the pod count. Normally, the system sets this field for you. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors",
 	"manualSelector":          "manualSelector controls generation of pod labels and pod selectors. Leave `manualSelector` unset unless you are certain what you are doing. When false or unset, the system pick labels unique to this job and appends those labels to the pod template.  When true, the user is responsible for picking unique labels and specifying the selector.  Failure to pick a unique label may cause this and other jobs to not function correctly.  However, You may see `manualSelector=true` in jobs that were created with the old `extensions/v1beta1` API. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector",
 	"template":                "Describes the pod that will be created when executing a job. The only allowed template.spec.restartPolicy values are \"Never\" or \"OnFailure\". More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/",
@@ -144,7 +144,7 @@ var map_JobStatus = map[string]string{
 	"failed":                  "The number of pods which reached phase Failed. The value increases monotonically.",
 	"terminating":             "The number of pods which are terminating (in phase Pending or Running and have a deletionTimestamp).\n\nThis field is beta-level. The job controller populates the field when the feature gate JobPodReplacementPolicy is enabled (enabled by default).",
 	"completedIndexes":        "completedIndexes holds the completed indexes when .spec.completionMode = \"Indexed\" in a text format. The indexes are represented as decimal integers separated by commas. The numbers are listed in increasing order. Three or more consecutive numbers are compressed and represented by the first and last element of the series, separated by a hyphen. For example, if the completed indexes are 1, 3, 4, 5 and 7, they are represented as \"1,3-5,7\".",
-	"failedIndexes":           "FailedIndexes holds the failed indexes when spec.backoffLimitPerIndex is set. The indexes are represented in the text format analogous as for the `completedIndexes` field, ie. they are kept as decimal integers separated by commas. The numbers are listed in increasing order. Three or more consecutive numbers are compressed and represented by the first and last element of the series, separated by a hyphen. For example, if the failed indexes are 1, 3, 4, 5 and 7, they are represented as \"1,3-5,7\". The set of failed indexes cannot overlap with the set of completed indexes.\n\nThis field is beta-level. It can be used when the `JobBackoffLimitPerIndex` feature gate is enabled (enabled by default).",
+	"failedIndexes":           "FailedIndexes holds the failed indexes when spec.backoffLimitPerIndex is set. The indexes are represented in the text format analogous as for the `completedIndexes` field, ie. they are kept as decimal integers separated by commas. The numbers are listed in increasing order. Three or more consecutive numbers are compressed and represented by the first and last element of the series, separated by a hyphen. For example, if the failed indexes are 1, 3, 4, 5 and 7, they are represented as \"1,3-5,7\". The set of failed indexes cannot overlap with the set of completed indexes.",
 	"uncountedTerminatedPods": "uncountedTerminatedPods holds the UIDs of Pods that have terminated but the job controller hasn't yet accounted for in the status counters.\n\nThe job controller creates pods with a finalizer. When a pod terminates (succeeded or failed), the controller does three steps to account for it in the job status:\n\n1. Add the pod UID to the arrays in this field. 2. Remove the pod finalizer. 3. Remove the pod UID from the arrays while increasing the corresponding\n    counter.\n\nOld jobs might not be tracked using this field, in which case the field remains null. The structure is empty for finished jobs.",
 	"ready":                   "The number of active pods which have a Ready condition and are not terminating (without a deletionTimestamp).",
 }
@@ -195,7 +195,7 @@ func (PodFailurePolicyOnPodConditionsPattern) SwaggerDoc() map[string]string {
 
 var map_PodFailurePolicyRule = map[string]string{
 	"":                "PodFailurePolicyRule describes how a pod failure is handled when the requirements are met. One of onExitCodes and onPodConditions, but not both, can be used in each rule.",
-	"action":          "Specifies the action taken on a pod failure when the requirements are satisfied. Possible values are:\n\n- FailJob: indicates that the pod's job is marked as Failed and all\n  running pods are terminated.\n- FailIndex: indicates that the pod's index is marked as Failed and will\n  not be restarted.\n  This value is beta-level. It can be used when the\n  `JobBackoffLimitPerIndex` feature gate is enabled (enabled by default).\n- Ignore: indicates that the counter towards the .backoffLimit is not\n  incremented and a replacement pod is created.\n- Count: indicates that the pod is handled in the default way - the\n  counter towards the .backoffLimit is incremented.\nAdditional values are considered to be added in the future. Clients should react to an unknown action by skipping the rule.",
+	"action":          "Specifies the action taken on a pod failure when the requirements are satisfied. Possible values are:\n\n- FailJob: indicates that the pod's job is marked as Failed and all\n  running pods are terminated.\n- FailIndex: indicates that the pod's index is marked as Failed and will\n  not be restarted.\n- Ignore: indicates that the counter towards the .backoffLimit is not\n  incremented and a replacement pod is created.\n- Count: indicates that the pod is handled in the default way - the\n  counter towards the .backoffLimit is incremented.\nAdditional values are considered to be added in the future. Clients should react to an unknown action by skipping the rule.",
 	"onExitCodes":     "Represents the requirement on the container exit codes.",
 	"onPodConditions": "Represents the requirement on the pod conditions. The requirement is represented as a list of pod condition patterns. The requirement is satisfied if at least one pattern matches an actual pod condition. At most 20 elements are allowed.",
 }
diff --git a/vendor/k8s.io/api/batch/v1beta1/doc.go b/vendor/k8s.io/api/batch/v1beta1/doc.go
index cb2572f5da..3430d6939d 100644
--- a/vendor/k8s.io/api/batch/v1beta1/doc.go
+++ b/vendor/k8s.io/api/batch/v1beta1/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1beta1 // import "k8s.io/api/batch/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/certificates/v1/doc.go b/vendor/k8s.io/api/certificates/v1/doc.go
index 78434478e8..6c16fc29b8 100644
--- a/vendor/k8s.io/api/certificates/v1/doc.go
+++ b/vendor/k8s.io/api/certificates/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=certificates.k8s.io
 
-package v1 // import "k8s.io/api/certificates/v1"
+package v1
diff --git a/vendor/k8s.io/api/certificates/v1alpha1/doc.go b/vendor/k8s.io/api/certificates/v1alpha1/doc.go
index d83d0e8207..01481df8e5 100644
--- a/vendor/k8s.io/api/certificates/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/certificates/v1alpha1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=certificates.k8s.io
 
-package v1alpha1 // import "k8s.io/api/certificates/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/api/certificates/v1beta1/doc.go b/vendor/k8s.io/api/certificates/v1beta1/doc.go
index 1165518c67..81608a554c 100644
--- a/vendor/k8s.io/api/certificates/v1beta1/doc.go
+++ b/vendor/k8s.io/api/certificates/v1beta1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=certificates.k8s.io
 
-package v1beta1 // import "k8s.io/api/certificates/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/certificates/v1beta1/generated.pb.go b/vendor/k8s.io/api/certificates/v1beta1/generated.pb.go
index b6d8ab3f59..199a54496a 100644
--- a/vendor/k8s.io/api/certificates/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/api/certificates/v1beta1/generated.pb.go
@@ -186,10 +186,94 @@ func (m *CertificateSigningRequestStatus) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_CertificateSigningRequestStatus proto.InternalMessageInfo
 
+func (m *ClusterTrustBundle) Reset()      { *m = ClusterTrustBundle{} }
+func (*ClusterTrustBundle) ProtoMessage() {}
+func (*ClusterTrustBundle) Descriptor() ([]byte, []int) {
+	return fileDescriptor_6529c11a462c48a5, []int{5}
+}
+func (m *ClusterTrustBundle) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ClusterTrustBundle) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ClusterTrustBundle) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ClusterTrustBundle.Merge(m, src)
+}
+func (m *ClusterTrustBundle) XXX_Size() int {
+	return m.Size()
+}
+func (m *ClusterTrustBundle) XXX_DiscardUnknown() {
+	xxx_messageInfo_ClusterTrustBundle.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ClusterTrustBundle proto.InternalMessageInfo
+
+func (m *ClusterTrustBundleList) Reset()      { *m = ClusterTrustBundleList{} }
+func (*ClusterTrustBundleList) ProtoMessage() {}
+func (*ClusterTrustBundleList) Descriptor() ([]byte, []int) {
+	return fileDescriptor_6529c11a462c48a5, []int{6}
+}
+func (m *ClusterTrustBundleList) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ClusterTrustBundleList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ClusterTrustBundleList) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ClusterTrustBundleList.Merge(m, src)
+}
+func (m *ClusterTrustBundleList) XXX_Size() int {
+	return m.Size()
+}
+func (m *ClusterTrustBundleList) XXX_DiscardUnknown() {
+	xxx_messageInfo_ClusterTrustBundleList.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ClusterTrustBundleList proto.InternalMessageInfo
+
+func (m *ClusterTrustBundleSpec) Reset()      { *m = ClusterTrustBundleSpec{} }
+func (*ClusterTrustBundleSpec) ProtoMessage() {}
+func (*ClusterTrustBundleSpec) Descriptor() ([]byte, []int) {
+	return fileDescriptor_6529c11a462c48a5, []int{7}
+}
+func (m *ClusterTrustBundleSpec) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ClusterTrustBundleSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ClusterTrustBundleSpec) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ClusterTrustBundleSpec.Merge(m, src)
+}
+func (m *ClusterTrustBundleSpec) XXX_Size() int {
+	return m.Size()
+}
+func (m *ClusterTrustBundleSpec) XXX_DiscardUnknown() {
+	xxx_messageInfo_ClusterTrustBundleSpec.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ClusterTrustBundleSpec proto.InternalMessageInfo
+
 func (m *ExtraValue) Reset()      { *m = ExtraValue{} }
 func (*ExtraValue) ProtoMessage() {}
 func (*ExtraValue) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6529c11a462c48a5, []int{5}
+	return fileDescriptor_6529c11a462c48a5, []int{8}
 }
 func (m *ExtraValue) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -221,6 +305,9 @@ func init() {
 	proto.RegisterType((*CertificateSigningRequestSpec)(nil), "k8s.io.api.certificates.v1beta1.CertificateSigningRequestSpec")
 	proto.RegisterMapType((map[string]ExtraValue)(nil), "k8s.io.api.certificates.v1beta1.CertificateSigningRequestSpec.ExtraEntry")
 	proto.RegisterType((*CertificateSigningRequestStatus)(nil), "k8s.io.api.certificates.v1beta1.CertificateSigningRequestStatus")
+	proto.RegisterType((*ClusterTrustBundle)(nil), "k8s.io.api.certificates.v1beta1.ClusterTrustBundle")
+	proto.RegisterType((*ClusterTrustBundleList)(nil), "k8s.io.api.certificates.v1beta1.ClusterTrustBundleList")
+	proto.RegisterType((*ClusterTrustBundleSpec)(nil), "k8s.io.api.certificates.v1beta1.ClusterTrustBundleSpec")
 	proto.RegisterType((*ExtraValue)(nil), "k8s.io.api.certificates.v1beta1.ExtraValue")
 }
 
@@ -229,64 +316,69 @@ func init() {
 }
 
 var fileDescriptor_6529c11a462c48a5 = []byte{
-	// 901 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x56, 0x4d, 0x6f, 0x1b, 0x45,
-	0x18, 0xf6, 0xc6, 0x1f, 0xb1, 0xc7, 0x21, 0x6d, 0x47, 0x50, 0x2d, 0x96, 0xea, 0xb5, 0x56, 0x80,
-	0xc2, 0xd7, 0x2c, 0xa9, 0x2a, 0x88, 0x72, 0x40, 0xb0, 0x21, 0x42, 0x11, 0x29, 0x48, 0x93, 0x84,
-	0x03, 0x42, 0xa2, 0x93, 0xf5, 0xdb, 0xcd, 0x34, 0xdd, 0x0f, 0x76, 0x66, 0x4d, 0x7d, 0xeb, 0x4f,
-	0xe0, 0xc8, 0x91, 0xff, 0xc0, 0x9f, 0x08, 0x07, 0xa4, 0x1e, 0x7b, 0x40, 0x16, 0x71, 0xff, 0x45,
-	0x4e, 0x68, 0x66, 0xc7, 0x6b, 0xc7, 0x4e, 0x70, 0x69, 0x6f, 0x3b, 0xcf, 0xbc, 0xcf, 0xf3, 0xbc,
-	0xf3, 0xce, 0xfb, 0x8e, 0x8d, 0xbc, 0xd3, 0x2d, 0x41, 0x78, 0xe2, 0xb1, 0x94, 0x7b, 0x01, 0x64,
-	0x92, 0x3f, 0xe4, 0x01, 0x93, 0x20, 0xbc, 0xc1, 0xe6, 0x31, 0x48, 0xb6, 0xe9, 0x85, 0x10, 0x43,
-	0xc6, 0x24, 0xf4, 0x49, 0x9a, 0x25, 0x32, 0xc1, 0x4e, 0x41, 0x20, 0x2c, 0xe5, 0x64, 0x96, 0x40,
-	0x0c, 0xa1, 0xf3, 0x71, 0xc8, 0xe5, 0x49, 0x7e, 0x4c, 0x82, 0x24, 0xf2, 0xc2, 0x24, 0x4c, 0x3c,
-	0xcd, 0x3b, 0xce, 0x1f, 0xea, 0x95, 0x5e, 0xe8, 0xaf, 0x42, 0xaf, 0xe3, 0xce, 0x26, 0x90, 0x64,
-	0xe0, 0x0d, 0x16, 0x3c, 0x3b, 0xf7, 0xa6, 0x31, 0x11, 0x0b, 0x4e, 0x78, 0x0c, 0xd9, 0xd0, 0x4b,
-	0x4f, 0x43, 0x05, 0x08, 0x2f, 0x02, 0xc9, 0xae, 0x62, 0x79, 0xd7, 0xb1, 0xb2, 0x3c, 0x96, 0x3c,
-	0x82, 0x05, 0xc2, 0xa7, 0xcb, 0x08, 0x22, 0x38, 0x81, 0x88, 0xcd, 0xf3, 0xdc, 0x3f, 0x57, 0xd0,
-	0xdb, 0x3b, 0xd3, 0x52, 0x1c, 0xf0, 0x30, 0xe6, 0x71, 0x48, 0xe1, 0xe7, 0x1c, 0x84, 0xc4, 0x0f,
-	0x50, 0x53, 0x65, 0xd8, 0x67, 0x92, 0xd9, 0x56, 0xcf, 0xda, 0x68, 0xdf, 0xfd, 0x84, 0x4c, 0x6b,
-	0x58, 0x1a, 0x91, 0xf4, 0x34, 0x54, 0x80, 0x20, 0x2a, 0x9a, 0x0c, 0x36, 0xc9, 0x77, 0xc7, 0x8f,
-	0x20, 0x90, 0xf7, 0x41, 0x32, 0x1f, 0x9f, 0x8d, 0x9c, 0xca, 0x78, 0xe4, 0xa0, 0x29, 0x46, 0x4b,
-	0x55, 0xfc, 0x00, 0xd5, 0x44, 0x0a, 0x81, 0xbd, 0xa2, 0xd5, 0x3f, 0x27, 0x4b, 0x6e, 0x88, 0x5c,
-	0x9b, 0xeb, 0x41, 0x0a, 0x81, 0xbf, 0x66, 0xbc, 0x6a, 0x6a, 0x45, 0xb5, 0x32, 0x3e, 0x41, 0x0d,
-	0x21, 0x99, 0xcc, 0x85, 0x5d, 0xd5, 0x1e, 0x5f, 0xbc, 0x86, 0x87, 0xd6, 0xf1, 0xd7, 0x8d, 0x4b,
-	0xa3, 0x58, 0x53, 0xa3, 0xef, 0xbe, 0xa8, 0x22, 0xf7, 0x5a, 0xee, 0x4e, 0x12, 0xf7, 0xb9, 0xe4,
-	0x49, 0x8c, 0xb7, 0x50, 0x4d, 0x0e, 0x53, 0xd0, 0x05, 0x6d, 0xf9, 0xef, 0x4c, 0x52, 0x3e, 0x1c,
-	0xa6, 0x70, 0x31, 0x72, 0xde, 0x9c, 0x8f, 0x57, 0x38, 0xd5, 0x0c, 0xbc, 0x5f, 0x1e, 0xa5, 0xa1,
-	0xb9, 0xf7, 0x2e, 0x27, 0x72, 0x31, 0x72, 0xae, 0xe8, 0x48, 0x52, 0x2a, 0x5d, 0x4e, 0x17, 0xbf,
-	0x87, 0x1a, 0x19, 0x30, 0x91, 0xc4, 0xba, 0xf8, 0xad, 0xe9, 0xb1, 0xa8, 0x46, 0xa9, 0xd9, 0xc5,
-	0xef, 0xa3, 0xd5, 0x08, 0x84, 0x60, 0x21, 0xe8, 0x0a, 0xb6, 0xfc, 0x1b, 0x26, 0x70, 0xf5, 0x7e,
-	0x01, 0xd3, 0xc9, 0x3e, 0x7e, 0x84, 0xd6, 0x1f, 0x33, 0x21, 0x8f, 0xd2, 0x3e, 0x93, 0x70, 0xc8,
-	0x23, 0xb0, 0x6b, 0xba, 0xe6, 0x1f, 0xbc, 0x5c, 0xd7, 0x28, 0x86, 0x7f, 0xdb, 0xa8, 0xaf, 0xef,
-	0x5f, 0x52, 0xa2, 0x73, 0xca, 0x78, 0x80, 0xb0, 0x42, 0x0e, 0x33, 0x16, 0x8b, 0xa2, 0x50, 0xca,
-	0xaf, 0xfe, 0xbf, 0xfd, 0x3a, 0xc6, 0x0f, 0xef, 0x2f, 0xa8, 0xd1, 0x2b, 0x1c, 0xdc, 0x91, 0x85,
-	0xee, 0x5c, 0x7b, 0xcb, 0xfb, 0x5c, 0x48, 0xfc, 0xe3, 0xc2, 0xd4, 0x90, 0x97, 0xcb, 0x47, 0xb1,
-	0xf5, 0xcc, 0xdc, 0x34, 0x39, 0x35, 0x27, 0xc8, 0xcc, 0xc4, 0xfc, 0x84, 0xea, 0x5c, 0x42, 0x24,
-	0xec, 0x95, 0x5e, 0x75, 0xa3, 0x7d, 0x77, 0xfb, 0xd5, 0xdb, 0xd9, 0x7f, 0xc3, 0xd8, 0xd4, 0xf7,
-	0x94, 0x20, 0x2d, 0x74, 0xdd, 0x3f, 0x6a, 0xff, 0x71, 0x40, 0x35, 0x58, 0xf8, 0x5d, 0xb4, 0x9a,
-	0x15, 0x4b, 0x7d, 0xbe, 0x35, 0xbf, 0xad, 0xba, 0xc1, 0x44, 0xd0, 0xc9, 0x1e, 0x26, 0x08, 0x09,
-	0x1e, 0xc6, 0x90, 0x7d, 0xcb, 0x22, 0xb0, 0x57, 0x8b, 0x26, 0x53, 0x2f, 0xc1, 0x41, 0x89, 0xd2,
-	0x99, 0x08, 0xbc, 0x83, 0x6e, 0xc1, 0x93, 0x94, 0x67, 0x4c, 0x37, 0x2b, 0x04, 0x49, 0xdc, 0x17,
-	0x76, 0xb3, 0x67, 0x6d, 0xd4, 0xfd, 0xb7, 0xc6, 0x23, 0xe7, 0xd6, 0xee, 0xfc, 0x26, 0x5d, 0x8c,
-	0xc7, 0x04, 0x35, 0x72, 0xd5, 0x8b, 0xc2, 0xae, 0xf7, 0xaa, 0x1b, 0x2d, 0xff, 0xb6, 0xea, 0xe8,
-	0x23, 0x8d, 0x5c, 0x8c, 0x9c, 0xe6, 0x37, 0x30, 0xd4, 0x0b, 0x6a, 0xa2, 0xf0, 0x47, 0xa8, 0x99,
-	0x0b, 0xc8, 0x62, 0x95, 0x62, 0x31, 0x07, 0x65, 0xf1, 0x8f, 0x0c, 0x4e, 0xcb, 0x08, 0x7c, 0x07,
-	0x55, 0x73, 0xde, 0x37, 0x73, 0xd0, 0x36, 0x81, 0xd5, 0xa3, 0xbd, 0xaf, 0xa8, 0xc2, 0xb1, 0x8b,
-	0x1a, 0x61, 0x96, 0xe4, 0xa9, 0xb0, 0x6b, 0xda, 0x1c, 0x29, 0xf3, 0xaf, 0x35, 0x42, 0xcd, 0x0e,
-	0x8e, 0x51, 0x1d, 0x9e, 0xc8, 0x8c, 0xd9, 0x0d, 0x7d, 0x7f, 0x7b, 0xaf, 0xf7, 0xe4, 0x91, 0x5d,
-	0xa5, 0xb5, 0x1b, 0xcb, 0x6c, 0x38, 0xbd, 0x4e, 0x8d, 0xd1, 0xc2, 0xa6, 0x03, 0x08, 0x4d, 0x63,
-	0xf0, 0x4d, 0x54, 0x3d, 0x85, 0x61, 0xf1, 0xf6, 0x50, 0xf5, 0x89, 0xbf, 0x44, 0xf5, 0x01, 0x7b,
-	0x9c, 0x83, 0x79, 0x82, 0x3f, 0x5c, 0x9a, 0x8f, 0x56, 0xfb, 0x5e, 0x51, 0x68, 0xc1, 0xdc, 0x5e,
-	0xd9, 0xb2, 0xdc, 0xbf, 0x2c, 0xe4, 0x2c, 0x79, 0x38, 0xf1, 0x2f, 0x08, 0x05, 0x93, 0xc7, 0x48,
-	0xd8, 0x96, 0x3e, 0xff, 0xce, 0xab, 0x9f, 0xbf, 0x7c, 0xd8, 0xa6, 0xbf, 0x31, 0x25, 0x24, 0xe8,
-	0x8c, 0x15, 0xde, 0x44, 0xed, 0x19, 0x69, 0x7d, 0xd2, 0x35, 0xff, 0xc6, 0x78, 0xe4, 0xb4, 0x67,
-	0xc4, 0xe9, 0x6c, 0x8c, 0xfb, 0x99, 0x29, 0x9b, 0x3e, 0x28, 0x76, 0x26, 0x43, 0x67, 0xe9, 0x7b,
-	0x6d, 0xcd, 0x0f, 0xcd, 0x76, 0xf3, 0xb7, 0xdf, 0x9d, 0xca, 0xd3, 0xbf, 0x7b, 0x15, 0x7f, 0xf7,
-	0xec, 0xbc, 0x5b, 0x79, 0x76, 0xde, 0xad, 0x3c, 0x3f, 0xef, 0x56, 0x9e, 0x8e, 0xbb, 0xd6, 0xd9,
-	0xb8, 0x6b, 0x3d, 0x1b, 0x77, 0xad, 0xe7, 0xe3, 0xae, 0xf5, 0xcf, 0xb8, 0x6b, 0xfd, 0xfa, 0xa2,
-	0x5b, 0xf9, 0xc1, 0x59, 0xf2, 0xdf, 0xe5, 0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x35, 0x2f, 0x11,
-	0xe8, 0xdd, 0x08, 0x00, 0x00,
+	// 991 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0x4f, 0x6f, 0xe3, 0x44,
+	0x14, 0x8f, 0x9b, 0x3f, 0x4d, 0x26, 0xa5, 0xbb, 0x3b, 0x40, 0x65, 0x22, 0x6d, 0x1c, 0x59, 0x80,
+	0xca, 0x3f, 0x9b, 0x96, 0x85, 0xad, 0x7a, 0x40, 0xe0, 0x50, 0xa1, 0x8a, 0x2e, 0x48, 0xd3, 0x16,
+	0x01, 0x42, 0x62, 0xa7, 0xce, 0x5b, 0xd7, 0xdb, 0xc6, 0x36, 0x9e, 0x71, 0xd8, 0xdc, 0x56, 0xe2,
+	0x0b, 0x70, 0xe4, 0xc8, 0x77, 0xe0, 0x4b, 0x94, 0x03, 0x52, 0xb9, 0xed, 0x01, 0x45, 0x34, 0xfb,
+	0x2d, 0x7a, 0x42, 0x33, 0x9e, 0x38, 0x4e, 0xd2, 0x90, 0xa5, 0x2b, 0xed, 0x2d, 0xf3, 0xe6, 0xfd,
+	0x7e, 0xbf, 0xf7, 0x9e, 0xdf, 0x7b, 0x13, 0x64, 0x9f, 0x6c, 0x31, 0xcb, 0x0f, 0x6d, 0x1a, 0xf9,
+	0xb6, 0x0b, 0x31, 0xf7, 0x1f, 0xf8, 0x2e, 0xe5, 0xc0, 0xec, 0xde, 0xc6, 0x11, 0x70, 0xba, 0x61,
+	0x7b, 0x10, 0x40, 0x4c, 0x39, 0x74, 0xac, 0x28, 0x0e, 0x79, 0x88, 0x8d, 0x14, 0x60, 0xd1, 0xc8,
+	0xb7, 0xf2, 0x00, 0x4b, 0x01, 0x1a, 0xef, 0x79, 0x3e, 0x3f, 0x4e, 0x8e, 0x2c, 0x37, 0xec, 0xda,
+	0x5e, 0xe8, 0x85, 0xb6, 0xc4, 0x1d, 0x25, 0x0f, 0xe4, 0x49, 0x1e, 0xe4, 0xaf, 0x94, 0xaf, 0x61,
+	0xe6, 0x03, 0x08, 0x63, 0xb0, 0x7b, 0x33, 0x9a, 0x8d, 0x3b, 0x63, 0x9f, 0x2e, 0x75, 0x8f, 0xfd,
+	0x00, 0xe2, 0xbe, 0x1d, 0x9d, 0x78, 0xc2, 0xc0, 0xec, 0x2e, 0x70, 0x7a, 0x15, 0xca, 0x9e, 0x87,
+	0x8a, 0x93, 0x80, 0xfb, 0x5d, 0x98, 0x01, 0x7c, 0xb4, 0x08, 0xc0, 0xdc, 0x63, 0xe8, 0xd2, 0x69,
+	0x9c, 0xf9, 0xc7, 0x12, 0x7a, 0xad, 0x3d, 0x2e, 0xc5, 0xbe, 0xef, 0x05, 0x7e, 0xe0, 0x11, 0xf8,
+	0x31, 0x01, 0xc6, 0xf1, 0x7d, 0x54, 0x15, 0x11, 0x76, 0x28, 0xa7, 0xba, 0xd6, 0xd2, 0xd6, 0xeb,
+	0x9b, 0xef, 0x5b, 0xe3, 0x1a, 0x66, 0x42, 0x56, 0x74, 0xe2, 0x09, 0x03, 0xb3, 0x84, 0xb7, 0xd5,
+	0xdb, 0xb0, 0xbe, 0x3a, 0x7a, 0x08, 0x2e, 0xbf, 0x07, 0x9c, 0x3a, 0xf8, 0x6c, 0x60, 0x14, 0x86,
+	0x03, 0x03, 0x8d, 0x6d, 0x24, 0x63, 0xc5, 0xf7, 0x51, 0x89, 0x45, 0xe0, 0xea, 0x4b, 0x92, 0xfd,
+	0x63, 0x6b, 0xc1, 0x17, 0xb2, 0xe6, 0xc6, 0xba, 0x1f, 0x81, 0xeb, 0xac, 0x28, 0xad, 0x92, 0x38,
+	0x11, 0xc9, 0x8c, 0x8f, 0x51, 0x85, 0x71, 0xca, 0x13, 0xa6, 0x17, 0xa5, 0xc6, 0x27, 0xcf, 0xa1,
+	0x21, 0x79, 0x9c, 0x55, 0xa5, 0x52, 0x49, 0xcf, 0x44, 0xf1, 0x9b, 0x4f, 0x8b, 0xc8, 0x9c, 0x8b,
+	0x6d, 0x87, 0x41, 0xc7, 0xe7, 0x7e, 0x18, 0xe0, 0x2d, 0x54, 0xe2, 0xfd, 0x08, 0x64, 0x41, 0x6b,
+	0xce, 0xeb, 0xa3, 0x90, 0x0f, 0xfa, 0x11, 0x5c, 0x0e, 0x8c, 0x57, 0xa6, 0xfd, 0x85, 0x9d, 0x48,
+	0x04, 0xde, 0xcb, 0x52, 0xa9, 0x48, 0xec, 0x9d, 0xc9, 0x40, 0x2e, 0x07, 0xc6, 0x15, 0x1d, 0x69,
+	0x65, 0x4c, 0x93, 0xe1, 0xe2, 0x37, 0x51, 0x25, 0x06, 0xca, 0xc2, 0x40, 0x16, 0xbf, 0x36, 0x4e,
+	0x8b, 0x48, 0x2b, 0x51, 0xb7, 0xf8, 0x2d, 0xb4, 0xdc, 0x05, 0xc6, 0xa8, 0x07, 0xb2, 0x82, 0x35,
+	0xe7, 0x86, 0x72, 0x5c, 0xbe, 0x97, 0x9a, 0xc9, 0xe8, 0x1e, 0x3f, 0x44, 0xab, 0xa7, 0x94, 0xf1,
+	0xc3, 0xa8, 0x43, 0x39, 0x1c, 0xf8, 0x5d, 0xd0, 0x4b, 0xb2, 0xe6, 0x6f, 0x3f, 0x5b, 0xd7, 0x08,
+	0x84, 0xb3, 0xa6, 0xd8, 0x57, 0xf7, 0x26, 0x98, 0xc8, 0x14, 0x33, 0xee, 0x21, 0x2c, 0x2c, 0x07,
+	0x31, 0x0d, 0x58, 0x5a, 0x28, 0xa1, 0x57, 0xfe, 0xdf, 0x7a, 0x0d, 0xa5, 0x87, 0xf7, 0x66, 0xd8,
+	0xc8, 0x15, 0x0a, 0xe6, 0x40, 0x43, 0xb7, 0xe7, 0x7e, 0xe5, 0x3d, 0x9f, 0x71, 0xfc, 0xfd, 0xcc,
+	0xd4, 0x58, 0xcf, 0x16, 0x8f, 0x40, 0xcb, 0x99, 0xb9, 0xa9, 0x62, 0xaa, 0x8e, 0x2c, 0xb9, 0x89,
+	0xf9, 0x01, 0x95, 0x7d, 0x0e, 0x5d, 0xa6, 0x2f, 0xb5, 0x8a, 0xeb, 0xf5, 0xcd, 0xed, 0xeb, 0xb7,
+	0xb3, 0xf3, 0x92, 0x92, 0x29, 0xef, 0x0a, 0x42, 0x92, 0xf2, 0x9a, 0xbf, 0x97, 0xfe, 0x23, 0x41,
+	0x31, 0x58, 0xf8, 0x0d, 0xb4, 0x1c, 0xa7, 0x47, 0x99, 0xdf, 0x8a, 0x53, 0x17, 0xdd, 0xa0, 0x3c,
+	0xc8, 0xe8, 0x0e, 0x5b, 0x08, 0x31, 0xdf, 0x0b, 0x20, 0xfe, 0x92, 0x76, 0x41, 0x5f, 0x4e, 0x9b,
+	0x4c, 0x6c, 0x82, 0xfd, 0xcc, 0x4a, 0x72, 0x1e, 0xb8, 0x8d, 0x6e, 0xc1, 0xa3, 0xc8, 0x8f, 0xa9,
+	0x6c, 0x56, 0x70, 0xc3, 0xa0, 0xc3, 0xf4, 0x6a, 0x4b, 0x5b, 0x2f, 0x3b, 0xaf, 0x0e, 0x07, 0xc6,
+	0xad, 0x9d, 0xe9, 0x4b, 0x32, 0xeb, 0x8f, 0x2d, 0x54, 0x49, 0x44, 0x2f, 0x32, 0xbd, 0xdc, 0x2a,
+	0xae, 0xd7, 0x9c, 0x35, 0xd1, 0xd1, 0x87, 0xd2, 0x72, 0x39, 0x30, 0xaa, 0x5f, 0x40, 0x5f, 0x1e,
+	0x88, 0xf2, 0xc2, 0xef, 0xa2, 0x6a, 0xc2, 0x20, 0x0e, 0x44, 0x88, 0xe9, 0x1c, 0x64, 0xc5, 0x3f,
+	0x54, 0x76, 0x92, 0x79, 0xe0, 0xdb, 0xa8, 0x98, 0xf8, 0x1d, 0x35, 0x07, 0x75, 0xe5, 0x58, 0x3c,
+	0xdc, 0xfd, 0x8c, 0x08, 0x3b, 0x36, 0x51, 0xc5, 0x8b, 0xc3, 0x24, 0x62, 0x7a, 0x49, 0x8a, 0x23,
+	0x21, 0xfe, 0xb9, 0xb4, 0x10, 0x75, 0x83, 0x03, 0x54, 0x86, 0x47, 0x3c, 0xa6, 0x7a, 0x45, 0x7e,
+	0xbf, 0xdd, 0xe7, 0x5b, 0x79, 0xd6, 0x8e, 0xe0, 0xda, 0x09, 0x78, 0xdc, 0x1f, 0x7f, 0x4e, 0x69,
+	0x23, 0xa9, 0x4c, 0x03, 0x10, 0x1a, 0xfb, 0xe0, 0x9b, 0xa8, 0x78, 0x02, 0xfd, 0x74, 0xf7, 0x10,
+	0xf1, 0x13, 0x7f, 0x8a, 0xca, 0x3d, 0x7a, 0x9a, 0x80, 0x5a, 0xc1, 0xef, 0x2c, 0x8c, 0x47, 0xb2,
+	0x7d, 0x2d, 0x20, 0x24, 0x45, 0x6e, 0x2f, 0x6d, 0x69, 0xe6, 0x9f, 0x1a, 0x32, 0x16, 0x2c, 0x4e,
+	0xfc, 0x13, 0x42, 0xee, 0x68, 0x19, 0x31, 0x5d, 0x93, 0xf9, 0xb7, 0xaf, 0x9f, 0x7f, 0xb6, 0xd8,
+	0xc6, 0x6f, 0x4c, 0x66, 0x62, 0x24, 0x27, 0x85, 0x37, 0x50, 0x3d, 0x47, 0x2d, 0x33, 0x5d, 0x71,
+	0x6e, 0x0c, 0x07, 0x46, 0x3d, 0x47, 0x4e, 0xf2, 0x3e, 0xe6, 0x5f, 0x1a, 0xc2, 0xed, 0xd3, 0x84,
+	0x71, 0x88, 0x0f, 0xe2, 0x84, 0x71, 0x27, 0x09, 0x3a, 0xa7, 0xf0, 0x02, 0x5e, 0xc4, 0x6f, 0x27,
+	0x5e, 0xc4, 0xbb, 0x8b, 0xcb, 0x33, 0x13, 0xe4, 0xbc, 0xa7, 0xd0, 0x3c, 0xd7, 0xd0, 0xda, 0xac,
+	0xfb, 0x0b, 0xd8, 0x59, 0xdf, 0x4c, 0xee, 0xac, 0x0f, 0xae, 0x91, 0xd4, 0x9c, 0x65, 0xf5, 0xf3,
+	0x95, 0x29, 0xc9, 0x2d, 0xb5, 0x39, 0xb1, 0x7e, 0xd2, 0xd7, 0x36, 0x2b, 0xfd, 0x9c, 0x15, 0xf4,
+	0x21, 0xaa, 0xf3, 0x31, 0x8d, 0x5a, 0x08, 0x2f, 0x2b, 0x50, 0x3d, 0xa7, 0x40, 0xf2, 0x7e, 0xe6,
+	0x5d, 0x35, 0x63, 0x72, 0x2a, 0xb0, 0x31, 0xca, 0x56, 0x93, 0x4b, 0xa0, 0x36, 0x1d, 0xf4, 0x76,
+	0xf5, 0xd7, 0xdf, 0x8c, 0xc2, 0xe3, 0xbf, 0x5b, 0x05, 0x67, 0xe7, 0xec, 0xa2, 0x59, 0x38, 0xbf,
+	0x68, 0x16, 0x9e, 0x5c, 0x34, 0x0b, 0x8f, 0x87, 0x4d, 0xed, 0x6c, 0xd8, 0xd4, 0xce, 0x87, 0x4d,
+	0xed, 0xc9, 0xb0, 0xa9, 0xfd, 0x33, 0x6c, 0x6a, 0xbf, 0x3c, 0x6d, 0x16, 0xbe, 0x33, 0x16, 0xfc,
+	0xd1, 0xfd, 0x37, 0x00, 0x00, 0xff, 0xff, 0x17, 0xbe, 0xe3, 0x02, 0x0a, 0x0b, 0x00, 0x00,
 }
 
 func (m *CertificateSigningRequest) Marshal() (dAtA []byte, err error) {
@@ -595,6 +687,129 @@ func (m *CertificateSigningRequestStatus) MarshalToSizedBuffer(dAtA []byte) (int
 	return len(dAtA) - i, nil
 }
 
+func (m *ClusterTrustBundle) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ClusterTrustBundle) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ClusterTrustBundle) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ClusterTrustBundleList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ClusterTrustBundleList) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ClusterTrustBundleList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Items) > 0 {
+		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	{
+		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ClusterTrustBundleSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ClusterTrustBundleSpec) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ClusterTrustBundleSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	i -= len(m.TrustBundle)
+	copy(dAtA[i:], m.TrustBundle)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.TrustBundle)))
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.SignerName)
+	copy(dAtA[i:], m.SignerName)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.SignerName)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
 func (m ExtraValue) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -755,6 +970,49 @@ func (m *CertificateSigningRequestStatus) Size() (n int) {
 	return n
 }
 
+func (m *ClusterTrustBundle) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ClusterTrustBundleList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ClusterTrustBundleSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.SignerName)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.TrustBundle)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
 func (m ExtraValue) Size() (n int) {
 	if m == nil {
 		return 0
@@ -862,6 +1120,44 @@ func (this *CertificateSigningRequestStatus) String() string {
 	}, "")
 	return s
 }
+func (this *ClusterTrustBundle) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ClusterTrustBundle{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "ClusterTrustBundleSpec", "ClusterTrustBundleSpec", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ClusterTrustBundleList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForItems := "[]ClusterTrustBundle{"
+	for _, f := range this.Items {
+		repeatedStringForItems += strings.Replace(strings.Replace(f.String(), "ClusterTrustBundle", "ClusterTrustBundle", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForItems += "}"
+	s := strings.Join([]string{`&ClusterTrustBundleList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + repeatedStringForItems + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ClusterTrustBundleSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ClusterTrustBundleSpec{`,
+		`SignerName:` + fmt.Sprintf("%v", this.SignerName) + `,`,
+		`TrustBundle:` + fmt.Sprintf("%v", this.TrustBundle) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func valueToStringGenerated(v interface{}) string {
 	rv := reflect.ValueOf(v)
 	if rv.IsNil() {
@@ -1892,6 +2188,353 @@ func (m *CertificateSigningRequestStatus) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
+func (m *ClusterTrustBundle) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ClusterTrustBundle: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ClusterTrustBundle: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ClusterTrustBundleList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ClusterTrustBundleList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ClusterTrustBundleList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, ClusterTrustBundle{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ClusterTrustBundleSpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ClusterTrustBundleSpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ClusterTrustBundleSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field SignerName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.SignerName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TrustBundle", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.TrustBundle = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func (m *ExtraValue) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
diff --git a/vendor/k8s.io/api/certificates/v1beta1/generated.proto b/vendor/k8s.io/api/certificates/v1beta1/generated.proto
index f3ec4c06e4..7c48270f65 100644
--- a/vendor/k8s.io/api/certificates/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/certificates/v1beta1/generated.proto
@@ -190,6 +190,79 @@ message CertificateSigningRequestStatus {
   optional bytes certificate = 2;
 }
 
+// ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors
+// (root certificates).
+//
+// ClusterTrustBundle objects are considered to be readable by any authenticated
+// user in the cluster, because they can be mounted by pods using the
+// `clusterTrustBundle` projection.  All service accounts have read access to
+// ClusterTrustBundles by default.  Users who only have namespace-level access
+// to a cluster can read ClusterTrustBundles by impersonating a serviceaccount
+// that they have access to.
+//
+// It can be optionally associated with a particular assigner, in which case it
+// contains one valid set of trust anchors for that signer. Signers may have
+// multiple associated ClusterTrustBundles; each is an independent set of trust
+// anchors for that signer. Admission control is used to enforce that only users
+// with permissions on the signer can create or modify the corresponding bundle.
+message ClusterTrustBundle {
+  // metadata contains the object metadata.
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // spec contains the signer (if any) and trust anchors.
+  optional ClusterTrustBundleSpec spec = 2;
+}
+
+// ClusterTrustBundleList is a collection of ClusterTrustBundle objects
+message ClusterTrustBundleList {
+  // metadata contains the list metadata.
+  //
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // items is a collection of ClusterTrustBundle objects
+  repeated ClusterTrustBundle items = 2;
+}
+
+// ClusterTrustBundleSpec contains the signer and trust anchors.
+message ClusterTrustBundleSpec {
+  // signerName indicates the associated signer, if any.
+  //
+  // In order to create or update a ClusterTrustBundle that sets signerName,
+  // you must have the following cluster-scoped permission:
+  // group=certificates.k8s.io resource=signers resourceName=<the signer name>
+  // verb=attest.
+  //
+  // If signerName is not empty, then the ClusterTrustBundle object must be
+  // named with the signer name as a prefix (translating slashes to colons).
+  // For example, for the signer name `example.com/foo`, valid
+  // ClusterTrustBundle object names include `example.com:foo:abc` and
+  // `example.com:foo:v1`.
+  //
+  // If signerName is empty, then the ClusterTrustBundle object's name must
+  // not have such a prefix.
+  //
+  // List/watch requests for ClusterTrustBundles can filter on this field
+  // using a `spec.signerName=NAME` field selector.
+  //
+  // +optional
+  optional string signerName = 1;
+
+  // trustBundle contains the individual X.509 trust anchors for this
+  // bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.
+  //
+  // The data must consist only of PEM certificate blocks that parse as valid
+  // X.509 certificates.  Each certificate must include a basic constraints
+  // extension with the CA bit set.  The API server will reject objects that
+  // contain duplicate certificates, or that use PEM block headers.
+  //
+  // Users of ClusterTrustBundles, including Kubelet, are free to reorder and
+  // deduplicate certificate blocks in this file according to their own logic,
+  // as well as to drop PEM block headers and inter-block data.
+  optional string trustBundle = 2;
+}
+
 // ExtraValue masks the value so protobuf can generate
 // +protobuf.nullable=true
 // +protobuf.options.(gogoproto.goproto_stringer)=false
diff --git a/vendor/k8s.io/api/certificates/v1beta1/register.go b/vendor/k8s.io/api/certificates/v1beta1/register.go
index b4f3af9b9c..800dccd07d 100644
--- a/vendor/k8s.io/api/certificates/v1beta1/register.go
+++ b/vendor/k8s.io/api/certificates/v1beta1/register.go
@@ -51,6 +51,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 	scheme.AddKnownTypes(SchemeGroupVersion,
 		&CertificateSigningRequest{},
 		&CertificateSigningRequestList{},
+		&ClusterTrustBundle{},
+		&ClusterTrustBundleList{},
 	)
 
 	// Add the watch version that applies
diff --git a/vendor/k8s.io/api/certificates/v1beta1/types.go b/vendor/k8s.io/api/certificates/v1beta1/types.go
index 7e5a5c198a..1ce104807d 100644
--- a/vendor/k8s.io/api/certificates/v1beta1/types.go
+++ b/vendor/k8s.io/api/certificates/v1beta1/types.go
@@ -262,3 +262,88 @@ const (
 	UsageMicrosoftSGC      KeyUsage = "microsoft sgc"
 	UsageNetscapeSGC       KeyUsage = "netscape sgc"
 )
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors
+// (root certificates).
+//
+// ClusterTrustBundle objects are considered to be readable by any authenticated
+// user in the cluster, because they can be mounted by pods using the
+// `clusterTrustBundle` projection.  All service accounts have read access to
+// ClusterTrustBundles by default.  Users who only have namespace-level access
+// to a cluster can read ClusterTrustBundles by impersonating a serviceaccount
+// that they have access to.
+//
+// It can be optionally associated with a particular assigner, in which case it
+// contains one valid set of trust anchors for that signer. Signers may have
+// multiple associated ClusterTrustBundles; each is an independent set of trust
+// anchors for that signer. Admission control is used to enforce that only users
+// with permissions on the signer can create or modify the corresponding bundle.
+type ClusterTrustBundle struct {
+	metav1.TypeMeta `json:",inline"`
+
+	// metadata contains the object metadata.
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// spec contains the signer (if any) and trust anchors.
+	Spec ClusterTrustBundleSpec `json:"spec" protobuf:"bytes,2,opt,name=spec"`
+}
+
+// ClusterTrustBundleSpec contains the signer and trust anchors.
+type ClusterTrustBundleSpec struct {
+	// signerName indicates the associated signer, if any.
+	//
+	// In order to create or update a ClusterTrustBundle that sets signerName,
+	// you must have the following cluster-scoped permission:
+	// group=certificates.k8s.io resource=signers resourceName=<the signer name>
+	// verb=attest.
+	//
+	// If signerName is not empty, then the ClusterTrustBundle object must be
+	// named with the signer name as a prefix (translating slashes to colons).
+	// For example, for the signer name `example.com/foo`, valid
+	// ClusterTrustBundle object names include `example.com:foo:abc` and
+	// `example.com:foo:v1`.
+	//
+	// If signerName is empty, then the ClusterTrustBundle object's name must
+	// not have such a prefix.
+	//
+	// List/watch requests for ClusterTrustBundles can filter on this field
+	// using a `spec.signerName=NAME` field selector.
+	//
+	// +optional
+	SignerName string `json:"signerName,omitempty" protobuf:"bytes,1,opt,name=signerName"`
+
+	// trustBundle contains the individual X.509 trust anchors for this
+	// bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.
+	//
+	// The data must consist only of PEM certificate blocks that parse as valid
+	// X.509 certificates.  Each certificate must include a basic constraints
+	// extension with the CA bit set.  The API server will reject objects that
+	// contain duplicate certificates, or that use PEM block headers.
+	//
+	// Users of ClusterTrustBundles, including Kubelet, are free to reorder and
+	// deduplicate certificate blocks in this file according to their own logic,
+	// as well as to drop PEM block headers and inter-block data.
+	TrustBundle string `json:"trustBundle" protobuf:"bytes,2,opt,name=trustBundle"`
+}
+
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ClusterTrustBundleList is a collection of ClusterTrustBundle objects
+type ClusterTrustBundleList struct {
+	metav1.TypeMeta `json:",inline"`
+
+	// metadata contains the list metadata.
+	//
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// items is a collection of ClusterTrustBundle objects
+	Items []ClusterTrustBundle `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
diff --git a/vendor/k8s.io/api/certificates/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/certificates/v1beta1/types_swagger_doc_generated.go
index f9ab1f13de..58c69e54d3 100644
--- a/vendor/k8s.io/api/certificates/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/certificates/v1beta1/types_swagger_doc_generated.go
@@ -75,4 +75,34 @@ func (CertificateSigningRequestStatus) SwaggerDoc() map[string]string {
 	return map_CertificateSigningRequestStatus
 }
 
+var map_ClusterTrustBundle = map[string]string{
+	"":         "ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).\n\nClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection.  All service accounts have read access to ClusterTrustBundles by default.  Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.\n\nIt can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.",
+	"metadata": "metadata contains the object metadata.",
+	"spec":     "spec contains the signer (if any) and trust anchors.",
+}
+
+func (ClusterTrustBundle) SwaggerDoc() map[string]string {
+	return map_ClusterTrustBundle
+}
+
+var map_ClusterTrustBundleList = map[string]string{
+	"":         "ClusterTrustBundleList is a collection of ClusterTrustBundle objects",
+	"metadata": "metadata contains the list metadata.",
+	"items":    "items is a collection of ClusterTrustBundle objects",
+}
+
+func (ClusterTrustBundleList) SwaggerDoc() map[string]string {
+	return map_ClusterTrustBundleList
+}
+
+var map_ClusterTrustBundleSpec = map[string]string{
+	"":            "ClusterTrustBundleSpec contains the signer and trust anchors.",
+	"signerName":  "signerName indicates the associated signer, if any.\n\nIn order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName=<the signer name> verb=attest.\n\nIf signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`.\n\nIf signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix.\n\nList/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector.",
+	"trustBundle": "trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.\n\nThe data must consist only of PEM certificate blocks that parse as valid X.509 certificates.  Each certificate must include a basic constraints extension with the CA bit set.  The API server will reject objects that contain duplicate certificates, or that use PEM block headers.\n\nUsers of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data.",
+}
+
+func (ClusterTrustBundleSpec) SwaggerDoc() map[string]string {
+	return map_ClusterTrustBundleSpec
+}
+
 // AUTO-GENERATED FUNCTIONS END HERE
diff --git a/vendor/k8s.io/api/certificates/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/certificates/v1beta1/zz_generated.deepcopy.go
index a315e2ac60..854e834739 100644
--- a/vendor/k8s.io/api/certificates/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/certificates/v1beta1/zz_generated.deepcopy.go
@@ -188,6 +188,82 @@ func (in *CertificateSigningRequestStatus) DeepCopy() *CertificateSigningRequest
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ClusterTrustBundle) DeepCopyInto(out *ClusterTrustBundle) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	out.Spec = in.Spec
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterTrustBundle.
+func (in *ClusterTrustBundle) DeepCopy() *ClusterTrustBundle {
+	if in == nil {
+		return nil
+	}
+	out := new(ClusterTrustBundle)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ClusterTrustBundle) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ClusterTrustBundleList) DeepCopyInto(out *ClusterTrustBundleList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]ClusterTrustBundle, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterTrustBundleList.
+func (in *ClusterTrustBundleList) DeepCopy() *ClusterTrustBundleList {
+	if in == nil {
+		return nil
+	}
+	out := new(ClusterTrustBundleList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ClusterTrustBundleList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ClusterTrustBundleSpec) DeepCopyInto(out *ClusterTrustBundleSpec) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterTrustBundleSpec.
+func (in *ClusterTrustBundleSpec) DeepCopy() *ClusterTrustBundleSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(ClusterTrustBundleSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in ExtraValue) DeepCopyInto(out *ExtraValue) {
 	{
diff --git a/vendor/k8s.io/api/certificates/v1beta1/zz_generated.prerelease-lifecycle.go b/vendor/k8s.io/api/certificates/v1beta1/zz_generated.prerelease-lifecycle.go
index 480a329361..062b46f164 100644
--- a/vendor/k8s.io/api/certificates/v1beta1/zz_generated.prerelease-lifecycle.go
+++ b/vendor/k8s.io/api/certificates/v1beta1/zz_generated.prerelease-lifecycle.go
@@ -72,3 +72,39 @@ func (in *CertificateSigningRequestList) APILifecycleReplacement() schema.GroupV
 func (in *CertificateSigningRequestList) APILifecycleRemoved() (major, minor int) {
 	return 1, 22
 }
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *ClusterTrustBundle) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *ClusterTrustBundle) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *ClusterTrustBundle) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *ClusterTrustBundleList) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *ClusterTrustBundleList) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *ClusterTrustBundleList) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
diff --git a/vendor/k8s.io/api/coordination/v1/doc.go b/vendor/k8s.io/api/coordination/v1/doc.go
index 9b2fbbda3a..82ae6340c7 100644
--- a/vendor/k8s.io/api/coordination/v1/doc.go
+++ b/vendor/k8s.io/api/coordination/v1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=coordination.k8s.io
 
-package v1 // import "k8s.io/api/coordination/v1"
+package v1
diff --git a/vendor/k8s.io/api/coordination/v1alpha2/doc.go b/vendor/k8s.io/api/coordination/v1alpha2/doc.go
index 5e6d655302..dff7df47fc 100644
--- a/vendor/k8s.io/api/coordination/v1alpha2/doc.go
+++ b/vendor/k8s.io/api/coordination/v1alpha2/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=coordination.k8s.io
 
-package v1alpha2 // import "k8s.io/api/coordination/v1alpha2"
+package v1alpha2
diff --git a/vendor/k8s.io/api/coordination/v1alpha2/generated.proto b/vendor/k8s.io/api/coordination/v1alpha2/generated.proto
index 7e56cd7f96..250c6113ec 100644
--- a/vendor/k8s.io/api/coordination/v1alpha2/generated.proto
+++ b/vendor/k8s.io/api/coordination/v1alpha2/generated.proto
@@ -92,8 +92,6 @@ message LeaseCandidateSpec {
   // If multiple candidates for the same Lease return different strategies, the strategy provided
   // by the candidate with the latest BinaryVersion will be used. If there is still conflict,
   // this is a user error and coordinated leader election will not operate the Lease until resolved.
-  // (Alpha) Using this field requires the CoordinatedLeaderElection feature gate to be enabled.
-  // +featureGate=CoordinatedLeaderElection
   // +required
   optional string strategy = 6;
 }
diff --git a/vendor/k8s.io/api/coordination/v1alpha2/types.go b/vendor/k8s.io/api/coordination/v1alpha2/types.go
index 2f53b097a2..13e1deb067 100644
--- a/vendor/k8s.io/api/coordination/v1alpha2/types.go
+++ b/vendor/k8s.io/api/coordination/v1alpha2/types.go
@@ -73,8 +73,6 @@ type LeaseCandidateSpec struct {
 	// If multiple candidates for the same Lease return different strategies, the strategy provided
 	// by the candidate with the latest BinaryVersion will be used. If there is still conflict,
 	// this is a user error and coordinated leader election will not operate the Lease until resolved.
-	// (Alpha) Using this field requires the CoordinatedLeaderElection feature gate to be enabled.
-	// +featureGate=CoordinatedLeaderElection
 	// +required
 	Strategy v1.CoordinatedLeaseStrategy `json:"strategy,omitempty" protobuf:"bytes,6,opt,name=strategy"`
 }
diff --git a/vendor/k8s.io/api/coordination/v1alpha2/types_swagger_doc_generated.go b/vendor/k8s.io/api/coordination/v1alpha2/types_swagger_doc_generated.go
index 39534e6adb..f7e29849e4 100644
--- a/vendor/k8s.io/api/coordination/v1alpha2/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/coordination/v1alpha2/types_swagger_doc_generated.go
@@ -54,7 +54,7 @@ var map_LeaseCandidateSpec = map[string]string{
 	"renewTime":        "RenewTime is the time that the LeaseCandidate was last updated. Any time a Lease needs to do leader election, the PingTime field is updated to signal to the LeaseCandidate that they should update the RenewTime. Old LeaseCandidate objects are also garbage collected if it has been hours since the last renew. The PingTime field is updated regularly to prevent garbage collection for still active LeaseCandidates.",
 	"binaryVersion":    "BinaryVersion is the binary version. It must be in a semver format without leading `v`. This field is required.",
 	"emulationVersion": "EmulationVersion is the emulation version. It must be in a semver format without leading `v`. EmulationVersion must be less than or equal to BinaryVersion. This field is required when strategy is \"OldestEmulationVersion\"",
-	"strategy":         "Strategy is the strategy that coordinated leader election will use for picking the leader. If multiple candidates for the same Lease return different strategies, the strategy provided by the candidate with the latest BinaryVersion will be used. If there is still conflict, this is a user error and coordinated leader election will not operate the Lease until resolved. (Alpha) Using this field requires the CoordinatedLeaderElection feature gate to be enabled.",
+	"strategy":         "Strategy is the strategy that coordinated leader election will use for picking the leader. If multiple candidates for the same Lease return different strategies, the strategy provided by the candidate with the latest BinaryVersion will be used. If there is still conflict, this is a user error and coordinated leader election will not operate the Lease until resolved.",
 }
 
 func (LeaseCandidateSpec) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/coordination/v1beta1/doc.go b/vendor/k8s.io/api/coordination/v1beta1/doc.go
index e733411aa9..cab8becf67 100644
--- a/vendor/k8s.io/api/coordination/v1beta1/doc.go
+++ b/vendor/k8s.io/api/coordination/v1beta1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=coordination.k8s.io
 
-package v1beta1 // import "k8s.io/api/coordination/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/coordination/v1beta1/generated.pb.go b/vendor/k8s.io/api/coordination/v1beta1/generated.pb.go
index bea9b8146a..52fd4167fa 100644
--- a/vendor/k8s.io/api/coordination/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/api/coordination/v1beta1/generated.pb.go
@@ -74,10 +74,94 @@ func (m *Lease) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_Lease proto.InternalMessageInfo
 
+func (m *LeaseCandidate) Reset()      { *m = LeaseCandidate{} }
+func (*LeaseCandidate) ProtoMessage() {}
+func (*LeaseCandidate) Descriptor() ([]byte, []int) {
+	return fileDescriptor_8d4e223b8bb23da3, []int{1}
+}
+func (m *LeaseCandidate) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *LeaseCandidate) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *LeaseCandidate) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_LeaseCandidate.Merge(m, src)
+}
+func (m *LeaseCandidate) XXX_Size() int {
+	return m.Size()
+}
+func (m *LeaseCandidate) XXX_DiscardUnknown() {
+	xxx_messageInfo_LeaseCandidate.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_LeaseCandidate proto.InternalMessageInfo
+
+func (m *LeaseCandidateList) Reset()      { *m = LeaseCandidateList{} }
+func (*LeaseCandidateList) ProtoMessage() {}
+func (*LeaseCandidateList) Descriptor() ([]byte, []int) {
+	return fileDescriptor_8d4e223b8bb23da3, []int{2}
+}
+func (m *LeaseCandidateList) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *LeaseCandidateList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *LeaseCandidateList) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_LeaseCandidateList.Merge(m, src)
+}
+func (m *LeaseCandidateList) XXX_Size() int {
+	return m.Size()
+}
+func (m *LeaseCandidateList) XXX_DiscardUnknown() {
+	xxx_messageInfo_LeaseCandidateList.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_LeaseCandidateList proto.InternalMessageInfo
+
+func (m *LeaseCandidateSpec) Reset()      { *m = LeaseCandidateSpec{} }
+func (*LeaseCandidateSpec) ProtoMessage() {}
+func (*LeaseCandidateSpec) Descriptor() ([]byte, []int) {
+	return fileDescriptor_8d4e223b8bb23da3, []int{3}
+}
+func (m *LeaseCandidateSpec) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *LeaseCandidateSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *LeaseCandidateSpec) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_LeaseCandidateSpec.Merge(m, src)
+}
+func (m *LeaseCandidateSpec) XXX_Size() int {
+	return m.Size()
+}
+func (m *LeaseCandidateSpec) XXX_DiscardUnknown() {
+	xxx_messageInfo_LeaseCandidateSpec.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_LeaseCandidateSpec proto.InternalMessageInfo
+
 func (m *LeaseList) Reset()      { *m = LeaseList{} }
 func (*LeaseList) ProtoMessage() {}
 func (*LeaseList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_8d4e223b8bb23da3, []int{1}
+	return fileDescriptor_8d4e223b8bb23da3, []int{4}
 }
 func (m *LeaseList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -105,7 +189,7 @@ var xxx_messageInfo_LeaseList proto.InternalMessageInfo
 func (m *LeaseSpec) Reset()      { *m = LeaseSpec{} }
 func (*LeaseSpec) ProtoMessage() {}
 func (*LeaseSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_8d4e223b8bb23da3, []int{2}
+	return fileDescriptor_8d4e223b8bb23da3, []int{5}
 }
 func (m *LeaseSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -132,6 +216,9 @@ var xxx_messageInfo_LeaseSpec proto.InternalMessageInfo
 
 func init() {
 	proto.RegisterType((*Lease)(nil), "k8s.io.api.coordination.v1beta1.Lease")
+	proto.RegisterType((*LeaseCandidate)(nil), "k8s.io.api.coordination.v1beta1.LeaseCandidate")
+	proto.RegisterType((*LeaseCandidateList)(nil), "k8s.io.api.coordination.v1beta1.LeaseCandidateList")
+	proto.RegisterType((*LeaseCandidateSpec)(nil), "k8s.io.api.coordination.v1beta1.LeaseCandidateSpec")
 	proto.RegisterType((*LeaseList)(nil), "k8s.io.api.coordination.v1beta1.LeaseList")
 	proto.RegisterType((*LeaseSpec)(nil), "k8s.io.api.coordination.v1beta1.LeaseSpec")
 }
@@ -141,45 +228,54 @@ func init() {
 }
 
 var fileDescriptor_8d4e223b8bb23da3 = []byte{
-	// 600 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x94, 0xdf, 0x4e, 0xd4, 0x4e,
-	0x14, 0xc7, 0xb7, 0xb0, 0xfb, 0xfb, 0xb1, 0xb3, 0xf2, 0x27, 0x23, 0x17, 0x0d, 0x17, 0x2d, 0xe1,
-	0xc2, 0x10, 0x12, 0xa7, 0x82, 0xc6, 0x18, 0x13, 0x13, 0x2d, 0x9a, 0x48, 0x2c, 0xd1, 0x14, 0xae,
-	0x0c, 0x89, 0xce, 0xb6, 0x87, 0xee, 0x08, 0xed, 0xd4, 0x99, 0x59, 0x0c, 0x77, 0x3e, 0x82, 0x4f,
-	0xa3, 0xf1, 0x0d, 0xb8, 0xe4, 0x92, 0xab, 0x46, 0xc6, 0xb7, 0xf0, 0xca, 0xcc, 0x6c, 0x61, 0x61,
-	0x81, 0xb0, 0xf1, 0x6e, 0xe7, 0x9c, 0xf3, 0xfd, 0x9c, 0xef, 0x9c, 0xb3, 0x53, 0x14, 0xec, 0x3d,
-	0x91, 0x84, 0xf1, 0x80, 0x96, 0x2c, 0x48, 0x38, 0x17, 0x29, 0x2b, 0xa8, 0x62, 0xbc, 0x08, 0x0e,
-	0x56, 0xbb, 0xa0, 0xe8, 0x6a, 0x90, 0x41, 0x01, 0x82, 0x2a, 0x48, 0x49, 0x29, 0xb8, 0xe2, 0xd8,
-	0x1f, 0x08, 0x08, 0x2d, 0x19, 0xb9, 0x28, 0x20, 0xb5, 0x60, 0xe1, 0x7e, 0xc6, 0x54, 0xaf, 0xdf,
-	0x25, 0x09, 0xcf, 0x83, 0x8c, 0x67, 0x3c, 0xb0, 0xba, 0x6e, 0x7f, 0xd7, 0x9e, 0xec, 0xc1, 0xfe,
-	0x1a, 0xf0, 0x16, 0x56, 0x6e, 0x36, 0x30, 0xda, 0x7b, 0xe1, 0xd1, 0xb0, 0x36, 0xa7, 0x49, 0x8f,
-	0x15, 0x20, 0x0e, 0x83, 0x72, 0x2f, 0x33, 0x01, 0x19, 0xe4, 0xa0, 0xe8, 0x75, 0xaa, 0xe0, 0x26,
-	0x95, 0xe8, 0x17, 0x8a, 0xe5, 0x70, 0x45, 0xf0, 0xf8, 0x36, 0x81, 0x4c, 0x7a, 0x90, 0xd3, 0x51,
-	0xdd, 0xd2, 0x0f, 0x07, 0xb5, 0x22, 0xa0, 0x12, 0xf0, 0x47, 0x34, 0x65, 0xdc, 0xa4, 0x54, 0x51,
-	0xd7, 0x59, 0x74, 0x96, 0x3b, 0x6b, 0x0f, 0xc8, 0x70, 0x6e, 0xe7, 0x50, 0x52, 0xee, 0x65, 0x26,
-	0x20, 0x89, 0xa9, 0x26, 0x07, 0xab, 0xe4, 0x6d, 0xf7, 0x13, 0x24, 0x6a, 0x13, 0x14, 0x0d, 0xf1,
-	0x51, 0xe5, 0x37, 0x74, 0xe5, 0xa3, 0x61, 0x2c, 0x3e, 0xa7, 0xe2, 0x08, 0x35, 0x65, 0x09, 0x89,
-	0x3b, 0x61, 0xe9, 0x2b, 0xe4, 0x96, 0xad, 0x10, 0xeb, 0x6b, 0xab, 0x84, 0x24, 0xbc, 0x53, 0x73,
-	0x9b, 0xe6, 0x14, 0x5b, 0xca, 0xd2, 0x77, 0x07, 0xb5, 0x6d, 0x45, 0xc4, 0xa4, 0xc2, 0x3b, 0x57,
-	0xdc, 0x93, 0xf1, 0xdc, 0x1b, 0xb5, 0xf5, 0x3e, 0x57, 0xf7, 0x98, 0x3a, 0x8b, 0x5c, 0x70, 0xfe,
-	0x06, 0xb5, 0x98, 0x82, 0x5c, 0xba, 0x13, 0x8b, 0x93, 0xcb, 0x9d, 0xb5, 0x7b, 0xe3, 0x59, 0x0f,
-	0xa7, 0x6b, 0x64, 0x6b, 0xc3, 0x88, 0xe3, 0x01, 0x63, 0xe9, 0x67, 0xb3, 0x36, 0x6e, 0x2e, 0x83,
-	0x9f, 0xa2, 0x99, 0x1e, 0xdf, 0x4f, 0x41, 0x6c, 0xa4, 0x50, 0x28, 0xa6, 0x0e, 0xad, 0xfd, 0x76,
-	0x88, 0x75, 0xe5, 0xcf, 0xbc, 0xbe, 0x94, 0x89, 0x47, 0x2a, 0x71, 0x84, 0xe6, 0xf7, 0x0d, 0xe8,
-	0x65, 0x5f, 0xd8, 0xf6, 0x5b, 0x90, 0xf0, 0x22, 0x95, 0x76, 0xc0, 0xad, 0xd0, 0xd5, 0x95, 0x3f,
-	0x1f, 0x5d, 0x93, 0x8f, 0xaf, 0x55, 0xe1, 0x2e, 0xea, 0xd0, 0xe4, 0x73, 0x9f, 0x09, 0xd8, 0x66,
-	0x39, 0xb8, 0x93, 0x76, 0x8a, 0xc1, 0x78, 0x53, 0xdc, 0x64, 0x89, 0xe0, 0x46, 0x16, 0xce, 0xea,
-	0xca, 0xef, 0xbc, 0x18, 0x72, 0xe2, 0x8b, 0x50, 0xbc, 0x83, 0xda, 0x02, 0x0a, 0xf8, 0x62, 0x3b,
-	0x34, 0xff, 0xad, 0xc3, 0xb4, 0xae, 0xfc, 0x76, 0x7c, 0x46, 0x89, 0x87, 0x40, 0xfc, 0x1c, 0xcd,
-	0xd9, 0x9b, 0x6d, 0x0b, 0x5a, 0x48, 0x66, 0xee, 0x26, 0xdd, 0x96, 0x9d, 0xc5, 0xbc, 0xae, 0xfc,
-	0xb9, 0x68, 0x24, 0x17, 0x5f, 0xa9, 0xc6, 0x1f, 0xd0, 0x94, 0x54, 0xe6, 0x7d, 0x64, 0x87, 0xee,
-	0x7f, 0x76, 0x0f, 0xeb, 0xe6, 0x2f, 0xb1, 0x55, 0xc7, 0xfe, 0x54, 0xfe, 0xc3, 0x9b, 0xdf, 0x3e,
-	0x59, 0x3f, 0x3b, 0x43, 0x3a, 0x58, 0x70, 0x2d, 0x8b, 0xcf, 0xa1, 0xf8, 0x19, 0x9a, 0x2d, 0x05,
-	0xec, 0x82, 0x10, 0x90, 0x0e, 0xb6, 0xeb, 0xfe, 0x6f, 0xfb, 0xdc, 0xd5, 0x95, 0x3f, 0xfb, 0xee,
-	0x72, 0x2a, 0x1e, 0xad, 0x0d, 0x5f, 0x1d, 0x9d, 0x7a, 0x8d, 0xe3, 0x53, 0xaf, 0x71, 0x72, 0xea,
-	0x35, 0xbe, 0x6a, 0xcf, 0x39, 0xd2, 0x9e, 0x73, 0xac, 0x3d, 0xe7, 0x44, 0x7b, 0xce, 0x2f, 0xed,
-	0x39, 0xdf, 0x7e, 0x7b, 0x8d, 0xf7, 0xfe, 0x2d, 0x1f, 0xc8, 0xbf, 0x01, 0x00, 0x00, 0xff, 0xff,
-	0x57, 0x93, 0xf3, 0xef, 0x42, 0x05, 0x00, 0x00,
+	// 750 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x56, 0xdd, 0x4e, 0x1b, 0x39,
+	0x18, 0xcd, 0x40, 0xb2, 0x9b, 0x38, 0x04, 0xb2, 0x5e, 0x56, 0x1a, 0x71, 0x31, 0x83, 0x72, 0xb1,
+	0x42, 0x48, 0xeb, 0x59, 0x60, 0xb5, 0x5a, 0x6d, 0x55, 0xa9, 0x1d, 0x40, 0x2d, 0x6a, 0x68, 0x91,
+	0xa1, 0x95, 0x5a, 0x21, 0xb5, 0xce, 0x8c, 0x99, 0xb8, 0x30, 0x3f, 0xf5, 0x38, 0x54, 0xb9, 0xeb,
+	0x23, 0xf4, 0x69, 0x5a, 0xf5, 0x0d, 0xd2, 0x3b, 0x2e, 0xb9, 0x8a, 0xca, 0x54, 0xea, 0x43, 0xf4,
+	0xaa, 0xb2, 0x33, 0xf9, 0x27, 0x22, 0x6d, 0x11, 0x77, 0xf1, 0xf7, 0x9d, 0x73, 0xfc, 0x1d, 0xfb,
+	0x38, 0x1a, 0x60, 0x1d, 0xff, 0x17, 0x23, 0x16, 0x5a, 0x24, 0x62, 0x96, 0x13, 0x86, 0xdc, 0x65,
+	0x01, 0x11, 0x2c, 0x0c, 0xac, 0xd3, 0xb5, 0x1a, 0x15, 0x64, 0xcd, 0xf2, 0x68, 0x40, 0x39, 0x11,
+	0xd4, 0x45, 0x11, 0x0f, 0x45, 0x08, 0xcd, 0x0e, 0x01, 0x91, 0x88, 0xa1, 0x41, 0x02, 0x4a, 0x09,
+	0x4b, 0x7f, 0x79, 0x4c, 0xd4, 0x1b, 0x35, 0xe4, 0x84, 0xbe, 0xe5, 0x85, 0x5e, 0x68, 0x29, 0x5e,
+	0xad, 0x71, 0xa4, 0x56, 0x6a, 0xa1, 0x7e, 0x75, 0xf4, 0x96, 0x56, 0x27, 0x0f, 0x30, 0xba, 0xf7,
+	0xd2, 0x3f, 0x7d, 0xac, 0x4f, 0x9c, 0x3a, 0x0b, 0x28, 0x6f, 0x5a, 0xd1, 0xb1, 0x27, 0x0b, 0xb1,
+	0xe5, 0x53, 0x41, 0x2e, 0x63, 0x59, 0x93, 0x58, 0xbc, 0x11, 0x08, 0xe6, 0xd3, 0x31, 0xc2, 0xbf,
+	0x57, 0x11, 0x62, 0xa7, 0x4e, 0x7d, 0x32, 0xca, 0xab, 0xbc, 0xd7, 0x40, 0xae, 0x4a, 0x49, 0x4c,
+	0xe1, 0x0b, 0x90, 0x97, 0xd3, 0xb8, 0x44, 0x10, 0x5d, 0x5b, 0xd6, 0x56, 0x8a, 0xeb, 0x7f, 0xa3,
+	0xfe, 0xb9, 0xf5, 0x44, 0x51, 0x74, 0xec, 0xc9, 0x42, 0x8c, 0x24, 0x1a, 0x9d, 0xae, 0xa1, 0x47,
+	0xb5, 0x97, 0xd4, 0x11, 0xbb, 0x54, 0x10, 0x1b, 0xb6, 0xda, 0x66, 0x26, 0x69, 0x9b, 0xa0, 0x5f,
+	0xc3, 0x3d, 0x55, 0x58, 0x05, 0xd9, 0x38, 0xa2, 0x8e, 0x3e, 0xa3, 0xd4, 0x57, 0xd1, 0x15, 0xb7,
+	0x82, 0xd4, 0x5c, 0xfb, 0x11, 0x75, 0xec, 0xb9, 0x54, 0x37, 0x2b, 0x57, 0x58, 0xa9, 0x54, 0x3e,
+	0x6a, 0x60, 0x5e, 0x21, 0x36, 0x49, 0xe0, 0x32, 0x97, 0x88, 0x9b, 0xb0, 0xf0, 0x78, 0xc8, 0xc2,
+	0xc6, 0x74, 0x16, 0x7a, 0x03, 0x4e, 0xf4, 0xd2, 0xd2, 0x00, 0x1c, 0x86, 0x56, 0x59, 0x2c, 0xe0,
+	0xe1, 0x98, 0x1f, 0x34, 0x9d, 0x1f, 0xc9, 0x56, 0x6e, 0xca, 0xe9, 0x66, 0xf9, 0x6e, 0x65, 0xc0,
+	0xcb, 0x01, 0xc8, 0x31, 0x41, 0xfd, 0x58, 0x9f, 0x59, 0x9e, 0x5d, 0x29, 0xae, 0x5b, 0xdf, 0x69,
+	0xc6, 0x2e, 0xa5, 0xda, 0xb9, 0x1d, 0xa9, 0x82, 0x3b, 0x62, 0x95, 0x2f, 0xb3, 0xa3, 0x56, 0xa4,
+	0x4f, 0x68, 0x81, 0xc2, 0x89, 0xac, 0x3e, 0x24, 0x3e, 0x55, 0x5e, 0x0a, 0xf6, 0x6f, 0x29, 0xbf,
+	0x50, 0xed, 0x36, 0x70, 0x1f, 0x03, 0x9f, 0x82, 0x7c, 0xc4, 0x02, 0xef, 0x80, 0xf9, 0x34, 0x3d,
+	0x6d, 0x6b, 0x3a, 0xef, 0xbb, 0xcc, 0xe1, 0xa1, 0xa4, 0xd9, 0x73, 0xd2, 0xf8, 0x5e, 0x2a, 0x82,
+	0x7b, 0x72, 0xf0, 0x10, 0x14, 0x38, 0x0d, 0xe8, 0x6b, 0xa5, 0x3d, 0xfb, 0x63, 0xda, 0x25, 0x39,
+	0x38, 0xee, 0xaa, 0xe0, 0xbe, 0x20, 0xbc, 0x05, 0x4a, 0x35, 0x16, 0x10, 0xde, 0x7c, 0x42, 0x79,
+	0xcc, 0xc2, 0x40, 0xcf, 0x2a, 0xb7, 0x7f, 0xa4, 0x6e, 0x4b, 0xf6, 0x60, 0x13, 0x0f, 0x63, 0xe1,
+	0x16, 0x28, 0x53, 0xbf, 0x71, 0xa2, 0xce, 0xbd, 0xcb, 0xcf, 0x29, 0xbe, 0x9e, 0xf2, 0xcb, 0xdb,
+	0x23, 0x7d, 0x3c, 0xc6, 0x80, 0x0e, 0xc8, 0xc7, 0x42, 0xbe, 0x72, 0xaf, 0xa9, 0xff, 0xa2, 0xd8,
+	0xf7, 0xba, 0x39, 0xd8, 0x4f, 0xeb, 0x5f, 0xdb, 0xe6, 0xc6, 0xe4, 0x7f, 0x31, 0xb4, 0xd9, 0x5d,
+	0x53, 0xb7, 0xf3, 0x0a, 0x53, 0x1a, 0xee, 0x09, 0x57, 0xde, 0x69, 0xa0, 0x73, 0x73, 0x37, 0x10,
+	0xd5, 0x07, 0xc3, 0x51, 0xfd, 0x73, 0xba, 0xa8, 0x4e, 0x48, 0xe8, 0x87, 0x6c, 0x3a, 0xb8, 0x0a,
+	0xe6, 0xff, 0x60, 0xbe, 0x1e, 0x9e, 0xb8, 0x94, 0xef, 0xb8, 0x34, 0x10, 0x4c, 0x34, 0xd3, 0x74,
+	0xc2, 0xa4, 0x6d, 0xce, 0xdf, 0x1f, 0xea, 0xe0, 0x11, 0x24, 0xac, 0x82, 0x45, 0x15, 0xd8, 0xad,
+	0x06, 0x57, 0xdb, 0xef, 0x53, 0x27, 0x0c, 0xdc, 0x58, 0xe5, 0x35, 0x67, 0xeb, 0x49, 0xdb, 0x5c,
+	0xac, 0x5e, 0xd2, 0xc7, 0x97, 0xb2, 0x60, 0x0d, 0x14, 0x89, 0xf3, 0xaa, 0xc1, 0x38, 0xfd, 0x99,
+	0x60, 0x2e, 0x24, 0x6d, 0xb3, 0x78, 0xb7, 0xaf, 0x83, 0x07, 0x45, 0x87, 0xa3, 0x9f, 0xbd, 0xee,
+	0xe8, 0xdf, 0x01, 0x65, 0xe5, 0xec, 0x80, 0x93, 0x20, 0x66, 0xd2, 0x5b, 0xac, 0xd2, 0x9b, 0xb3,
+	0x17, 0x65, 0x72, 0xab, 0x23, 0x3d, 0x3c, 0x86, 0x86, 0xcf, 0xc7, 0x92, 0xbb, 0x79, 0xad, 0xa9,
+	0x85, 0xb7, 0xc1, 0x42, 0xc4, 0xe9, 0x11, 0xe5, 0x9c, 0xba, 0x9d, 0xdb, 0xd5, 0x7f, 0x55, 0xfb,
+	0xfc, 0x9e, 0xb4, 0xcd, 0x85, 0xbd, 0xe1, 0x16, 0x1e, 0xc5, 0xda, 0xdb, 0xad, 0x0b, 0x23, 0x73,
+	0x76, 0x61, 0x64, 0xce, 0x2f, 0x8c, 0xcc, 0x9b, 0xc4, 0xd0, 0x5a, 0x89, 0xa1, 0x9d, 0x25, 0x86,
+	0x76, 0x9e, 0x18, 0xda, 0xa7, 0xc4, 0xd0, 0xde, 0x7e, 0x36, 0x32, 0xcf, 0xcc, 0x2b, 0x3e, 0x50,
+	0xbe, 0x05, 0x00, 0x00, 0xff, 0xff, 0xff, 0x56, 0x51, 0x57, 0xc2, 0x08, 0x00, 0x00,
 }
 
 func (m *Lease) Marshal() (dAtA []byte, err error) {
@@ -225,6 +321,163 @@ func (m *Lease) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
+func (m *LeaseCandidate) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *LeaseCandidate) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *LeaseCandidate) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *LeaseCandidateList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *LeaseCandidateList) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *LeaseCandidateList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Items) > 0 {
+		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	{
+		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *LeaseCandidateSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *LeaseCandidateSpec) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *LeaseCandidateSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	i -= len(m.Strategy)
+	copy(dAtA[i:], m.Strategy)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Strategy)))
+	i--
+	dAtA[i] = 0x32
+	i -= len(m.EmulationVersion)
+	copy(dAtA[i:], m.EmulationVersion)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.EmulationVersion)))
+	i--
+	dAtA[i] = 0x2a
+	i -= len(m.BinaryVersion)
+	copy(dAtA[i:], m.BinaryVersion)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.BinaryVersion)))
+	i--
+	dAtA[i] = 0x22
+	if m.RenewTime != nil {
+		{
+			size, err := m.RenewTime.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x1a
+	}
+	if m.PingTime != nil {
+		{
+			size, err := m.PingTime.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x12
+	}
+	i -= len(m.LeaseName)
+	copy(dAtA[i:], m.LeaseName)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.LeaseName)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
 func (m *LeaseList) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -374,6 +627,61 @@ func (m *Lease) Size() (n int) {
 	return n
 }
 
+func (m *LeaseCandidate) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *LeaseCandidateList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *LeaseCandidateSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.LeaseName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.PingTime != nil {
+		l = m.PingTime.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.RenewTime != nil {
+		l = m.RenewTime.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	l = len(m.BinaryVersion)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.EmulationVersion)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Strategy)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
 func (m *LeaseList) Size() (n int) {
 	if m == nil {
 		return 0
@@ -443,6 +751,48 @@ func (this *Lease) String() string {
 	}, "")
 	return s
 }
+func (this *LeaseCandidate) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&LeaseCandidate{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "LeaseCandidateSpec", "LeaseCandidateSpec", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *LeaseCandidateList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForItems := "[]LeaseCandidate{"
+	for _, f := range this.Items {
+		repeatedStringForItems += strings.Replace(strings.Replace(f.String(), "LeaseCandidate", "LeaseCandidate", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForItems += "}"
+	s := strings.Join([]string{`&LeaseCandidateList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + repeatedStringForItems + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *LeaseCandidateSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&LeaseCandidateSpec{`,
+		`LeaseName:` + fmt.Sprintf("%v", this.LeaseName) + `,`,
+		`PingTime:` + strings.Replace(fmt.Sprintf("%v", this.PingTime), "MicroTime", "v1.MicroTime", 1) + `,`,
+		`RenewTime:` + strings.Replace(fmt.Sprintf("%v", this.RenewTime), "MicroTime", "v1.MicroTime", 1) + `,`,
+		`BinaryVersion:` + fmt.Sprintf("%v", this.BinaryVersion) + `,`,
+		`EmulationVersion:` + fmt.Sprintf("%v", this.EmulationVersion) + `,`,
+		`Strategy:` + fmt.Sprintf("%v", this.Strategy) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *LeaseList) String() string {
 	if this == nil {
 		return "nil"
@@ -599,6 +949,489 @@ func (m *Lease) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
+func (m *LeaseCandidate) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: LeaseCandidate: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: LeaseCandidate: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *LeaseCandidateList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: LeaseCandidateList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: LeaseCandidateList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, LeaseCandidate{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *LeaseCandidateSpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: LeaseCandidateSpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: LeaseCandidateSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field LeaseName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.LeaseName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PingTime", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.PingTime == nil {
+				m.PingTime = &v1.MicroTime{}
+			}
+			if err := m.PingTime.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field RenewTime", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.RenewTime == nil {
+				m.RenewTime = &v1.MicroTime{}
+			}
+			if err := m.RenewTime.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field BinaryVersion", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.BinaryVersion = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field EmulationVersion", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.EmulationVersion = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Strategy", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Strategy = k8s_io_api_coordination_v1.CoordinatedLeaseStrategy(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func (m *LeaseList) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
diff --git a/vendor/k8s.io/api/coordination/v1beta1/generated.proto b/vendor/k8s.io/api/coordination/v1beta1/generated.proto
index 088811a74b..7ca043f528 100644
--- a/vendor/k8s.io/api/coordination/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/coordination/v1beta1/generated.proto
@@ -41,6 +41,75 @@ message Lease {
   optional LeaseSpec spec = 2;
 }
 
+// LeaseCandidate defines a candidate for a Lease object.
+// Candidates are created such that coordinated leader election will pick the best leader from the list of candidates.
+message LeaseCandidate {
+  // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // spec contains the specification of the Lease.
+  // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+  // +optional
+  optional LeaseCandidateSpec spec = 2;
+}
+
+// LeaseCandidateList is a list of Lease objects.
+message LeaseCandidateList {
+  // Standard list metadata.
+  // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // items is a list of schema objects.
+  repeated LeaseCandidate items = 2;
+}
+
+// LeaseCandidateSpec is a specification of a Lease.
+message LeaseCandidateSpec {
+  // LeaseName is the name of the lease for which this candidate is contending.
+  // The limits on this field are the same as on Lease.name. Multiple lease candidates
+  // may reference the same Lease.name.
+  // This field is immutable.
+  // +required
+  optional string leaseName = 1;
+
+  // PingTime is the last time that the server has requested the LeaseCandidate
+  // to renew. It is only done during leader election to check if any
+  // LeaseCandidates have become ineligible. When PingTime is updated, the
+  // LeaseCandidate will respond by updating RenewTime.
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime pingTime = 2;
+
+  // RenewTime is the time that the LeaseCandidate was last updated.
+  // Any time a Lease needs to do leader election, the PingTime field
+  // is updated to signal to the LeaseCandidate that they should update
+  // the RenewTime.
+  // Old LeaseCandidate objects are also garbage collected if it has been hours
+  // since the last renew. The PingTime field is updated regularly to prevent
+  // garbage collection for still active LeaseCandidates.
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.MicroTime renewTime = 3;
+
+  // BinaryVersion is the binary version. It must be in a semver format without leading `v`.
+  // This field is required.
+  // +required
+  optional string binaryVersion = 4;
+
+  // EmulationVersion is the emulation version. It must be in a semver format without leading `v`.
+  // EmulationVersion must be less than or equal to BinaryVersion.
+  // This field is required when strategy is "OldestEmulationVersion"
+  // +optional
+  optional string emulationVersion = 5;
+
+  // Strategy is the strategy that coordinated leader election will use for picking the leader.
+  // If multiple candidates for the same Lease return different strategies, the strategy provided
+  // by the candidate with the latest BinaryVersion will be used. If there is still conflict,
+  // this is a user error and coordinated leader election will not operate the Lease until resolved.
+  // +required
+  optional string strategy = 6;
+}
+
 // LeaseList is a list of Lease objects.
 message LeaseList {
   // Standard list metadata.
diff --git a/vendor/k8s.io/api/coordination/v1beta1/register.go b/vendor/k8s.io/api/coordination/v1beta1/register.go
index 85efaa64e7..bd00164233 100644
--- a/vendor/k8s.io/api/coordination/v1beta1/register.go
+++ b/vendor/k8s.io/api/coordination/v1beta1/register.go
@@ -46,6 +46,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 	scheme.AddKnownTypes(SchemeGroupVersion,
 		&Lease{},
 		&LeaseList{},
+		&LeaseCandidate{},
+		&LeaseCandidateList{},
 	)
 
 	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
diff --git a/vendor/k8s.io/api/coordination/v1beta1/types.go b/vendor/k8s.io/api/coordination/v1beta1/types.go
index d63fc30a9e..781d29efce 100644
--- a/vendor/k8s.io/api/coordination/v1beta1/types.go
+++ b/vendor/k8s.io/api/coordination/v1beta1/types.go
@@ -91,3 +91,76 @@ type LeaseList struct {
 	// items is a list of schema objects.
 	Items []Lease `json:"items" protobuf:"bytes,2,rep,name=items"`
 }
+
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// LeaseCandidate defines a candidate for a Lease object.
+// Candidates are created such that coordinated leader election will pick the best leader from the list of candidates.
+type LeaseCandidate struct {
+	metav1.TypeMeta `json:",inline"`
+	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// spec contains the specification of the Lease.
+	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+	// +optional
+	Spec LeaseCandidateSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+}
+
+// LeaseCandidateSpec is a specification of a Lease.
+type LeaseCandidateSpec struct {
+	// LeaseName is the name of the lease for which this candidate is contending.
+	// The limits on this field are the same as on Lease.name. Multiple lease candidates
+	// may reference the same Lease.name.
+	// This field is immutable.
+	// +required
+	LeaseName string `json:"leaseName" protobuf:"bytes,1,name=leaseName"`
+	// PingTime is the last time that the server has requested the LeaseCandidate
+	// to renew. It is only done during leader election to check if any
+	// LeaseCandidates have become ineligible. When PingTime is updated, the
+	// LeaseCandidate will respond by updating RenewTime.
+	// +optional
+	PingTime *metav1.MicroTime `json:"pingTime,omitempty" protobuf:"bytes,2,opt,name=pingTime"`
+	// RenewTime is the time that the LeaseCandidate was last updated.
+	// Any time a Lease needs to do leader election, the PingTime field
+	// is updated to signal to the LeaseCandidate that they should update
+	// the RenewTime.
+	// Old LeaseCandidate objects are also garbage collected if it has been hours
+	// since the last renew. The PingTime field is updated regularly to prevent
+	// garbage collection for still active LeaseCandidates.
+	// +optional
+	RenewTime *metav1.MicroTime `json:"renewTime,omitempty" protobuf:"bytes,3,opt,name=renewTime"`
+	// BinaryVersion is the binary version. It must be in a semver format without leading `v`.
+	// This field is required.
+	// +required
+	BinaryVersion string `json:"binaryVersion" protobuf:"bytes,4,name=binaryVersion"`
+	// EmulationVersion is the emulation version. It must be in a semver format without leading `v`.
+	// EmulationVersion must be less than or equal to BinaryVersion.
+	// This field is required when strategy is "OldestEmulationVersion"
+	// +optional
+	EmulationVersion string `json:"emulationVersion,omitempty" protobuf:"bytes,5,opt,name=emulationVersion"`
+	// Strategy is the strategy that coordinated leader election will use for picking the leader.
+	// If multiple candidates for the same Lease return different strategies, the strategy provided
+	// by the candidate with the latest BinaryVersion will be used. If there is still conflict,
+	// this is a user error and coordinated leader election will not operate the Lease until resolved.
+	// +required
+	Strategy v1.CoordinatedLeaseStrategy `json:"strategy,omitempty" protobuf:"bytes,6,opt,name=strategy"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// LeaseCandidateList is a list of Lease objects.
+type LeaseCandidateList struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard list metadata.
+	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// items is a list of schema objects.
+	Items []LeaseCandidate `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
diff --git a/vendor/k8s.io/api/coordination/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/coordination/v1beta1/types_swagger_doc_generated.go
index 50fe8ea189..35812b77f3 100644
--- a/vendor/k8s.io/api/coordination/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/coordination/v1beta1/types_swagger_doc_generated.go
@@ -37,6 +37,40 @@ func (Lease) SwaggerDoc() map[string]string {
 	return map_Lease
 }
 
+var map_LeaseCandidate = map[string]string{
+	"":         "LeaseCandidate defines a candidate for a Lease object. Candidates are created such that coordinated leader election will pick the best leader from the list of candidates.",
+	"metadata": "More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
+	"spec":     "spec contains the specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
+}
+
+func (LeaseCandidate) SwaggerDoc() map[string]string {
+	return map_LeaseCandidate
+}
+
+var map_LeaseCandidateList = map[string]string{
+	"":         "LeaseCandidateList is a list of Lease objects.",
+	"metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
+	"items":    "items is a list of schema objects.",
+}
+
+func (LeaseCandidateList) SwaggerDoc() map[string]string {
+	return map_LeaseCandidateList
+}
+
+var map_LeaseCandidateSpec = map[string]string{
+	"":                 "LeaseCandidateSpec is a specification of a Lease.",
+	"leaseName":        "LeaseName is the name of the lease for which this candidate is contending. The limits on this field are the same as on Lease.name. Multiple lease candidates may reference the same Lease.name. This field is immutable.",
+	"pingTime":         "PingTime is the last time that the server has requested the LeaseCandidate to renew. It is only done during leader election to check if any LeaseCandidates have become ineligible. When PingTime is updated, the LeaseCandidate will respond by updating RenewTime.",
+	"renewTime":        "RenewTime is the time that the LeaseCandidate was last updated. Any time a Lease needs to do leader election, the PingTime field is updated to signal to the LeaseCandidate that they should update the RenewTime. Old LeaseCandidate objects are also garbage collected if it has been hours since the last renew. The PingTime field is updated regularly to prevent garbage collection for still active LeaseCandidates.",
+	"binaryVersion":    "BinaryVersion is the binary version. It must be in a semver format without leading `v`. This field is required.",
+	"emulationVersion": "EmulationVersion is the emulation version. It must be in a semver format without leading `v`. EmulationVersion must be less than or equal to BinaryVersion. This field is required when strategy is \"OldestEmulationVersion\"",
+	"strategy":         "Strategy is the strategy that coordinated leader election will use for picking the leader. If multiple candidates for the same Lease return different strategies, the strategy provided by the candidate with the latest BinaryVersion will be used. If there is still conflict, this is a user error and coordinated leader election will not operate the Lease until resolved.",
+}
+
+func (LeaseCandidateSpec) SwaggerDoc() map[string]string {
+	return map_LeaseCandidateSpec
+}
+
 var map_LeaseList = map[string]string{
 	"":         "LeaseList is a list of Lease objects.",
 	"metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
diff --git a/vendor/k8s.io/api/coordination/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/coordination/v1beta1/zz_generated.deepcopy.go
index dcef1e346a..b990ee247f 100644
--- a/vendor/k8s.io/api/coordination/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/coordination/v1beta1/zz_generated.deepcopy.go
@@ -53,6 +53,90 @@ func (in *Lease) DeepCopyObject() runtime.Object {
 	return nil
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *LeaseCandidate) DeepCopyInto(out *LeaseCandidate) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LeaseCandidate.
+func (in *LeaseCandidate) DeepCopy() *LeaseCandidate {
+	if in == nil {
+		return nil
+	}
+	out := new(LeaseCandidate)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *LeaseCandidate) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *LeaseCandidateList) DeepCopyInto(out *LeaseCandidateList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]LeaseCandidate, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LeaseCandidateList.
+func (in *LeaseCandidateList) DeepCopy() *LeaseCandidateList {
+	if in == nil {
+		return nil
+	}
+	out := new(LeaseCandidateList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *LeaseCandidateList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *LeaseCandidateSpec) DeepCopyInto(out *LeaseCandidateSpec) {
+	*out = *in
+	if in.PingTime != nil {
+		in, out := &in.PingTime, &out.PingTime
+		*out = (*in).DeepCopy()
+	}
+	if in.RenewTime != nil {
+		in, out := &in.RenewTime, &out.RenewTime
+		*out = (*in).DeepCopy()
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LeaseCandidateSpec.
+func (in *LeaseCandidateSpec) DeepCopy() *LeaseCandidateSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(LeaseCandidateSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *LeaseList) DeepCopyInto(out *LeaseList) {
 	*out = *in
diff --git a/vendor/k8s.io/api/coordination/v1beta1/zz_generated.prerelease-lifecycle.go b/vendor/k8s.io/api/coordination/v1beta1/zz_generated.prerelease-lifecycle.go
index 18926aa108..73636edfa3 100644
--- a/vendor/k8s.io/api/coordination/v1beta1/zz_generated.prerelease-lifecycle.go
+++ b/vendor/k8s.io/api/coordination/v1beta1/zz_generated.prerelease-lifecycle.go
@@ -49,6 +49,42 @@ func (in *Lease) APILifecycleRemoved() (major, minor int) {
 	return 1, 22
 }
 
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *LeaseCandidate) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *LeaseCandidate) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *LeaseCandidate) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *LeaseCandidateList) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *LeaseCandidateList) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *LeaseCandidateList) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
 // APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
 // It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
 func (in *LeaseList) APILifecycleIntroduced() (major, minor int) {
diff --git a/vendor/k8s.io/api/core/v1/doc.go b/vendor/k8s.io/api/core/v1/doc.go
index bc0041b331..e4e9196aeb 100644
--- a/vendor/k8s.io/api/core/v1/doc.go
+++ b/vendor/k8s.io/api/core/v1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 // +groupName=
 
 // Package v1 is the v1 version of the core API.
-package v1 // import "k8s.io/api/core/v1"
+package v1
diff --git a/vendor/k8s.io/api/core/v1/generated.pb.go b/vendor/k8s.io/api/core/v1/generated.pb.go
index 9d466c6d79..a4b8f58429 100644
--- a/vendor/k8s.io/api/core/v1/generated.pb.go
+++ b/vendor/k8s.io/api/core/v1/generated.pb.go
@@ -3213,10 +3213,38 @@ func (m *NodeStatus) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_NodeStatus proto.InternalMessageInfo
 
+func (m *NodeSwapStatus) Reset()      { *m = NodeSwapStatus{} }
+func (*NodeSwapStatus) ProtoMessage() {}
+func (*NodeSwapStatus) Descriptor() ([]byte, []int) {
+	return fileDescriptor_6c07b07c062484ab, []int{113}
+}
+func (m *NodeSwapStatus) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *NodeSwapStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *NodeSwapStatus) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_NodeSwapStatus.Merge(m, src)
+}
+func (m *NodeSwapStatus) XXX_Size() int {
+	return m.Size()
+}
+func (m *NodeSwapStatus) XXX_DiscardUnknown() {
+	xxx_messageInfo_NodeSwapStatus.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_NodeSwapStatus proto.InternalMessageInfo
+
 func (m *NodeSystemInfo) Reset()      { *m = NodeSystemInfo{} }
 func (*NodeSystemInfo) ProtoMessage() {}
 func (*NodeSystemInfo) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{113}
+	return fileDescriptor_6c07b07c062484ab, []int{114}
 }
 func (m *NodeSystemInfo) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3244,7 +3272,7 @@ var xxx_messageInfo_NodeSystemInfo proto.InternalMessageInfo
 func (m *ObjectFieldSelector) Reset()      { *m = ObjectFieldSelector{} }
 func (*ObjectFieldSelector) ProtoMessage() {}
 func (*ObjectFieldSelector) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{114}
+	return fileDescriptor_6c07b07c062484ab, []int{115}
 }
 func (m *ObjectFieldSelector) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3272,7 +3300,7 @@ var xxx_messageInfo_ObjectFieldSelector proto.InternalMessageInfo
 func (m *ObjectReference) Reset()      { *m = ObjectReference{} }
 func (*ObjectReference) ProtoMessage() {}
 func (*ObjectReference) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{115}
+	return fileDescriptor_6c07b07c062484ab, []int{116}
 }
 func (m *ObjectReference) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3300,7 +3328,7 @@ var xxx_messageInfo_ObjectReference proto.InternalMessageInfo
 func (m *PersistentVolume) Reset()      { *m = PersistentVolume{} }
 func (*PersistentVolume) ProtoMessage() {}
 func (*PersistentVolume) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{116}
+	return fileDescriptor_6c07b07c062484ab, []int{117}
 }
 func (m *PersistentVolume) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3328,7 +3356,7 @@ var xxx_messageInfo_PersistentVolume proto.InternalMessageInfo
 func (m *PersistentVolumeClaim) Reset()      { *m = PersistentVolumeClaim{} }
 func (*PersistentVolumeClaim) ProtoMessage() {}
 func (*PersistentVolumeClaim) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{117}
+	return fileDescriptor_6c07b07c062484ab, []int{118}
 }
 func (m *PersistentVolumeClaim) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3356,7 +3384,7 @@ var xxx_messageInfo_PersistentVolumeClaim proto.InternalMessageInfo
 func (m *PersistentVolumeClaimCondition) Reset()      { *m = PersistentVolumeClaimCondition{} }
 func (*PersistentVolumeClaimCondition) ProtoMessage() {}
 func (*PersistentVolumeClaimCondition) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{118}
+	return fileDescriptor_6c07b07c062484ab, []int{119}
 }
 func (m *PersistentVolumeClaimCondition) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3384,7 +3412,7 @@ var xxx_messageInfo_PersistentVolumeClaimCondition proto.InternalMessageInfo
 func (m *PersistentVolumeClaimList) Reset()      { *m = PersistentVolumeClaimList{} }
 func (*PersistentVolumeClaimList) ProtoMessage() {}
 func (*PersistentVolumeClaimList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{119}
+	return fileDescriptor_6c07b07c062484ab, []int{120}
 }
 func (m *PersistentVolumeClaimList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3412,7 +3440,7 @@ var xxx_messageInfo_PersistentVolumeClaimList proto.InternalMessageInfo
 func (m *PersistentVolumeClaimSpec) Reset()      { *m = PersistentVolumeClaimSpec{} }
 func (*PersistentVolumeClaimSpec) ProtoMessage() {}
 func (*PersistentVolumeClaimSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{120}
+	return fileDescriptor_6c07b07c062484ab, []int{121}
 }
 func (m *PersistentVolumeClaimSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3440,7 +3468,7 @@ var xxx_messageInfo_PersistentVolumeClaimSpec proto.InternalMessageInfo
 func (m *PersistentVolumeClaimStatus) Reset()      { *m = PersistentVolumeClaimStatus{} }
 func (*PersistentVolumeClaimStatus) ProtoMessage() {}
 func (*PersistentVolumeClaimStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{121}
+	return fileDescriptor_6c07b07c062484ab, []int{122}
 }
 func (m *PersistentVolumeClaimStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3468,7 +3496,7 @@ var xxx_messageInfo_PersistentVolumeClaimStatus proto.InternalMessageInfo
 func (m *PersistentVolumeClaimTemplate) Reset()      { *m = PersistentVolumeClaimTemplate{} }
 func (*PersistentVolumeClaimTemplate) ProtoMessage() {}
 func (*PersistentVolumeClaimTemplate) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{122}
+	return fileDescriptor_6c07b07c062484ab, []int{123}
 }
 func (m *PersistentVolumeClaimTemplate) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3496,7 +3524,7 @@ var xxx_messageInfo_PersistentVolumeClaimTemplate proto.InternalMessageInfo
 func (m *PersistentVolumeClaimVolumeSource) Reset()      { *m = PersistentVolumeClaimVolumeSource{} }
 func (*PersistentVolumeClaimVolumeSource) ProtoMessage() {}
 func (*PersistentVolumeClaimVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{123}
+	return fileDescriptor_6c07b07c062484ab, []int{124}
 }
 func (m *PersistentVolumeClaimVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3524,7 +3552,7 @@ var xxx_messageInfo_PersistentVolumeClaimVolumeSource proto.InternalMessageInfo
 func (m *PersistentVolumeList) Reset()      { *m = PersistentVolumeList{} }
 func (*PersistentVolumeList) ProtoMessage() {}
 func (*PersistentVolumeList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{124}
+	return fileDescriptor_6c07b07c062484ab, []int{125}
 }
 func (m *PersistentVolumeList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3552,7 +3580,7 @@ var xxx_messageInfo_PersistentVolumeList proto.InternalMessageInfo
 func (m *PersistentVolumeSource) Reset()      { *m = PersistentVolumeSource{} }
 func (*PersistentVolumeSource) ProtoMessage() {}
 func (*PersistentVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{125}
+	return fileDescriptor_6c07b07c062484ab, []int{126}
 }
 func (m *PersistentVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3580,7 +3608,7 @@ var xxx_messageInfo_PersistentVolumeSource proto.InternalMessageInfo
 func (m *PersistentVolumeSpec) Reset()      { *m = PersistentVolumeSpec{} }
 func (*PersistentVolumeSpec) ProtoMessage() {}
 func (*PersistentVolumeSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{126}
+	return fileDescriptor_6c07b07c062484ab, []int{127}
 }
 func (m *PersistentVolumeSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3608,7 +3636,7 @@ var xxx_messageInfo_PersistentVolumeSpec proto.InternalMessageInfo
 func (m *PersistentVolumeStatus) Reset()      { *m = PersistentVolumeStatus{} }
 func (*PersistentVolumeStatus) ProtoMessage() {}
 func (*PersistentVolumeStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{127}
+	return fileDescriptor_6c07b07c062484ab, []int{128}
 }
 func (m *PersistentVolumeStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3636,7 +3664,7 @@ var xxx_messageInfo_PersistentVolumeStatus proto.InternalMessageInfo
 func (m *PhotonPersistentDiskVolumeSource) Reset()      { *m = PhotonPersistentDiskVolumeSource{} }
 func (*PhotonPersistentDiskVolumeSource) ProtoMessage() {}
 func (*PhotonPersistentDiskVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{128}
+	return fileDescriptor_6c07b07c062484ab, []int{129}
 }
 func (m *PhotonPersistentDiskVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3664,7 +3692,7 @@ var xxx_messageInfo_PhotonPersistentDiskVolumeSource proto.InternalMessageInfo
 func (m *Pod) Reset()      { *m = Pod{} }
 func (*Pod) ProtoMessage() {}
 func (*Pod) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{129}
+	return fileDescriptor_6c07b07c062484ab, []int{130}
 }
 func (m *Pod) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3692,7 +3720,7 @@ var xxx_messageInfo_Pod proto.InternalMessageInfo
 func (m *PodAffinity) Reset()      { *m = PodAffinity{} }
 func (*PodAffinity) ProtoMessage() {}
 func (*PodAffinity) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{130}
+	return fileDescriptor_6c07b07c062484ab, []int{131}
 }
 func (m *PodAffinity) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3720,7 +3748,7 @@ var xxx_messageInfo_PodAffinity proto.InternalMessageInfo
 func (m *PodAffinityTerm) Reset()      { *m = PodAffinityTerm{} }
 func (*PodAffinityTerm) ProtoMessage() {}
 func (*PodAffinityTerm) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{131}
+	return fileDescriptor_6c07b07c062484ab, []int{132}
 }
 func (m *PodAffinityTerm) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3748,7 +3776,7 @@ var xxx_messageInfo_PodAffinityTerm proto.InternalMessageInfo
 func (m *PodAntiAffinity) Reset()      { *m = PodAntiAffinity{} }
 func (*PodAntiAffinity) ProtoMessage() {}
 func (*PodAntiAffinity) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{132}
+	return fileDescriptor_6c07b07c062484ab, []int{133}
 }
 func (m *PodAntiAffinity) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3776,7 +3804,7 @@ var xxx_messageInfo_PodAntiAffinity proto.InternalMessageInfo
 func (m *PodAttachOptions) Reset()      { *m = PodAttachOptions{} }
 func (*PodAttachOptions) ProtoMessage() {}
 func (*PodAttachOptions) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{133}
+	return fileDescriptor_6c07b07c062484ab, []int{134}
 }
 func (m *PodAttachOptions) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3804,7 +3832,7 @@ var xxx_messageInfo_PodAttachOptions proto.InternalMessageInfo
 func (m *PodCondition) Reset()      { *m = PodCondition{} }
 func (*PodCondition) ProtoMessage() {}
 func (*PodCondition) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{134}
+	return fileDescriptor_6c07b07c062484ab, []int{135}
 }
 func (m *PodCondition) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3832,7 +3860,7 @@ var xxx_messageInfo_PodCondition proto.InternalMessageInfo
 func (m *PodDNSConfig) Reset()      { *m = PodDNSConfig{} }
 func (*PodDNSConfig) ProtoMessage() {}
 func (*PodDNSConfig) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{135}
+	return fileDescriptor_6c07b07c062484ab, []int{136}
 }
 func (m *PodDNSConfig) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3860,7 +3888,7 @@ var xxx_messageInfo_PodDNSConfig proto.InternalMessageInfo
 func (m *PodDNSConfigOption) Reset()      { *m = PodDNSConfigOption{} }
 func (*PodDNSConfigOption) ProtoMessage() {}
 func (*PodDNSConfigOption) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{136}
+	return fileDescriptor_6c07b07c062484ab, []int{137}
 }
 func (m *PodDNSConfigOption) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3888,7 +3916,7 @@ var xxx_messageInfo_PodDNSConfigOption proto.InternalMessageInfo
 func (m *PodExecOptions) Reset()      { *m = PodExecOptions{} }
 func (*PodExecOptions) ProtoMessage() {}
 func (*PodExecOptions) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{137}
+	return fileDescriptor_6c07b07c062484ab, []int{138}
 }
 func (m *PodExecOptions) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3916,7 +3944,7 @@ var xxx_messageInfo_PodExecOptions proto.InternalMessageInfo
 func (m *PodIP) Reset()      { *m = PodIP{} }
 func (*PodIP) ProtoMessage() {}
 func (*PodIP) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{138}
+	return fileDescriptor_6c07b07c062484ab, []int{139}
 }
 func (m *PodIP) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3944,7 +3972,7 @@ var xxx_messageInfo_PodIP proto.InternalMessageInfo
 func (m *PodList) Reset()      { *m = PodList{} }
 func (*PodList) ProtoMessage() {}
 func (*PodList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{139}
+	return fileDescriptor_6c07b07c062484ab, []int{140}
 }
 func (m *PodList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -3972,7 +4000,7 @@ var xxx_messageInfo_PodList proto.InternalMessageInfo
 func (m *PodLogOptions) Reset()      { *m = PodLogOptions{} }
 func (*PodLogOptions) ProtoMessage() {}
 func (*PodLogOptions) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{140}
+	return fileDescriptor_6c07b07c062484ab, []int{141}
 }
 func (m *PodLogOptions) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4000,7 +4028,7 @@ var xxx_messageInfo_PodLogOptions proto.InternalMessageInfo
 func (m *PodOS) Reset()      { *m = PodOS{} }
 func (*PodOS) ProtoMessage() {}
 func (*PodOS) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{141}
+	return fileDescriptor_6c07b07c062484ab, []int{142}
 }
 func (m *PodOS) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4028,7 +4056,7 @@ var xxx_messageInfo_PodOS proto.InternalMessageInfo
 func (m *PodPortForwardOptions) Reset()      { *m = PodPortForwardOptions{} }
 func (*PodPortForwardOptions) ProtoMessage() {}
 func (*PodPortForwardOptions) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{142}
+	return fileDescriptor_6c07b07c062484ab, []int{143}
 }
 func (m *PodPortForwardOptions) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4056,7 +4084,7 @@ var xxx_messageInfo_PodPortForwardOptions proto.InternalMessageInfo
 func (m *PodProxyOptions) Reset()      { *m = PodProxyOptions{} }
 func (*PodProxyOptions) ProtoMessage() {}
 func (*PodProxyOptions) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{143}
+	return fileDescriptor_6c07b07c062484ab, []int{144}
 }
 func (m *PodProxyOptions) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4084,7 +4112,7 @@ var xxx_messageInfo_PodProxyOptions proto.InternalMessageInfo
 func (m *PodReadinessGate) Reset()      { *m = PodReadinessGate{} }
 func (*PodReadinessGate) ProtoMessage() {}
 func (*PodReadinessGate) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{144}
+	return fileDescriptor_6c07b07c062484ab, []int{145}
 }
 func (m *PodReadinessGate) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4112,7 +4140,7 @@ var xxx_messageInfo_PodReadinessGate proto.InternalMessageInfo
 func (m *PodResourceClaim) Reset()      { *m = PodResourceClaim{} }
 func (*PodResourceClaim) ProtoMessage() {}
 func (*PodResourceClaim) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{145}
+	return fileDescriptor_6c07b07c062484ab, []int{146}
 }
 func (m *PodResourceClaim) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4140,7 +4168,7 @@ var xxx_messageInfo_PodResourceClaim proto.InternalMessageInfo
 func (m *PodResourceClaimStatus) Reset()      { *m = PodResourceClaimStatus{} }
 func (*PodResourceClaimStatus) ProtoMessage() {}
 func (*PodResourceClaimStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{146}
+	return fileDescriptor_6c07b07c062484ab, []int{147}
 }
 func (m *PodResourceClaimStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4168,7 +4196,7 @@ var xxx_messageInfo_PodResourceClaimStatus proto.InternalMessageInfo
 func (m *PodSchedulingGate) Reset()      { *m = PodSchedulingGate{} }
 func (*PodSchedulingGate) ProtoMessage() {}
 func (*PodSchedulingGate) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{147}
+	return fileDescriptor_6c07b07c062484ab, []int{148}
 }
 func (m *PodSchedulingGate) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4196,7 +4224,7 @@ var xxx_messageInfo_PodSchedulingGate proto.InternalMessageInfo
 func (m *PodSecurityContext) Reset()      { *m = PodSecurityContext{} }
 func (*PodSecurityContext) ProtoMessage() {}
 func (*PodSecurityContext) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{148}
+	return fileDescriptor_6c07b07c062484ab, []int{149}
 }
 func (m *PodSecurityContext) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4224,7 +4252,7 @@ var xxx_messageInfo_PodSecurityContext proto.InternalMessageInfo
 func (m *PodSignature) Reset()      { *m = PodSignature{} }
 func (*PodSignature) ProtoMessage() {}
 func (*PodSignature) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{149}
+	return fileDescriptor_6c07b07c062484ab, []int{150}
 }
 func (m *PodSignature) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4252,7 +4280,7 @@ var xxx_messageInfo_PodSignature proto.InternalMessageInfo
 func (m *PodSpec) Reset()      { *m = PodSpec{} }
 func (*PodSpec) ProtoMessage() {}
 func (*PodSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{150}
+	return fileDescriptor_6c07b07c062484ab, []int{151}
 }
 func (m *PodSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4280,7 +4308,7 @@ var xxx_messageInfo_PodSpec proto.InternalMessageInfo
 func (m *PodStatus) Reset()      { *m = PodStatus{} }
 func (*PodStatus) ProtoMessage() {}
 func (*PodStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{151}
+	return fileDescriptor_6c07b07c062484ab, []int{152}
 }
 func (m *PodStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4308,7 +4336,7 @@ var xxx_messageInfo_PodStatus proto.InternalMessageInfo
 func (m *PodStatusResult) Reset()      { *m = PodStatusResult{} }
 func (*PodStatusResult) ProtoMessage() {}
 func (*PodStatusResult) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{152}
+	return fileDescriptor_6c07b07c062484ab, []int{153}
 }
 func (m *PodStatusResult) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4336,7 +4364,7 @@ var xxx_messageInfo_PodStatusResult proto.InternalMessageInfo
 func (m *PodTemplate) Reset()      { *m = PodTemplate{} }
 func (*PodTemplate) ProtoMessage() {}
 func (*PodTemplate) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{153}
+	return fileDescriptor_6c07b07c062484ab, []int{154}
 }
 func (m *PodTemplate) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4364,7 +4392,7 @@ var xxx_messageInfo_PodTemplate proto.InternalMessageInfo
 func (m *PodTemplateList) Reset()      { *m = PodTemplateList{} }
 func (*PodTemplateList) ProtoMessage() {}
 func (*PodTemplateList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{154}
+	return fileDescriptor_6c07b07c062484ab, []int{155}
 }
 func (m *PodTemplateList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4392,7 +4420,7 @@ var xxx_messageInfo_PodTemplateList proto.InternalMessageInfo
 func (m *PodTemplateSpec) Reset()      { *m = PodTemplateSpec{} }
 func (*PodTemplateSpec) ProtoMessage() {}
 func (*PodTemplateSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{155}
+	return fileDescriptor_6c07b07c062484ab, []int{156}
 }
 func (m *PodTemplateSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4420,7 +4448,7 @@ var xxx_messageInfo_PodTemplateSpec proto.InternalMessageInfo
 func (m *PortStatus) Reset()      { *m = PortStatus{} }
 func (*PortStatus) ProtoMessage() {}
 func (*PortStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{156}
+	return fileDescriptor_6c07b07c062484ab, []int{157}
 }
 func (m *PortStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4448,7 +4476,7 @@ var xxx_messageInfo_PortStatus proto.InternalMessageInfo
 func (m *PortworxVolumeSource) Reset()      { *m = PortworxVolumeSource{} }
 func (*PortworxVolumeSource) ProtoMessage() {}
 func (*PortworxVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{157}
+	return fileDescriptor_6c07b07c062484ab, []int{158}
 }
 func (m *PortworxVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4476,7 +4504,7 @@ var xxx_messageInfo_PortworxVolumeSource proto.InternalMessageInfo
 func (m *Preconditions) Reset()      { *m = Preconditions{} }
 func (*Preconditions) ProtoMessage() {}
 func (*Preconditions) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{158}
+	return fileDescriptor_6c07b07c062484ab, []int{159}
 }
 func (m *Preconditions) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4504,7 +4532,7 @@ var xxx_messageInfo_Preconditions proto.InternalMessageInfo
 func (m *PreferAvoidPodsEntry) Reset()      { *m = PreferAvoidPodsEntry{} }
 func (*PreferAvoidPodsEntry) ProtoMessage() {}
 func (*PreferAvoidPodsEntry) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{159}
+	return fileDescriptor_6c07b07c062484ab, []int{160}
 }
 func (m *PreferAvoidPodsEntry) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4532,7 +4560,7 @@ var xxx_messageInfo_PreferAvoidPodsEntry proto.InternalMessageInfo
 func (m *PreferredSchedulingTerm) Reset()      { *m = PreferredSchedulingTerm{} }
 func (*PreferredSchedulingTerm) ProtoMessage() {}
 func (*PreferredSchedulingTerm) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{160}
+	return fileDescriptor_6c07b07c062484ab, []int{161}
 }
 func (m *PreferredSchedulingTerm) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4560,7 +4588,7 @@ var xxx_messageInfo_PreferredSchedulingTerm proto.InternalMessageInfo
 func (m *Probe) Reset()      { *m = Probe{} }
 func (*Probe) ProtoMessage() {}
 func (*Probe) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{161}
+	return fileDescriptor_6c07b07c062484ab, []int{162}
 }
 func (m *Probe) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4588,7 +4616,7 @@ var xxx_messageInfo_Probe proto.InternalMessageInfo
 func (m *ProbeHandler) Reset()      { *m = ProbeHandler{} }
 func (*ProbeHandler) ProtoMessage() {}
 func (*ProbeHandler) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{162}
+	return fileDescriptor_6c07b07c062484ab, []int{163}
 }
 func (m *ProbeHandler) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4616,7 +4644,7 @@ var xxx_messageInfo_ProbeHandler proto.InternalMessageInfo
 func (m *ProjectedVolumeSource) Reset()      { *m = ProjectedVolumeSource{} }
 func (*ProjectedVolumeSource) ProtoMessage() {}
 func (*ProjectedVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{163}
+	return fileDescriptor_6c07b07c062484ab, []int{164}
 }
 func (m *ProjectedVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4644,7 +4672,7 @@ var xxx_messageInfo_ProjectedVolumeSource proto.InternalMessageInfo
 func (m *QuobyteVolumeSource) Reset()      { *m = QuobyteVolumeSource{} }
 func (*QuobyteVolumeSource) ProtoMessage() {}
 func (*QuobyteVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{164}
+	return fileDescriptor_6c07b07c062484ab, []int{165}
 }
 func (m *QuobyteVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4672,7 +4700,7 @@ var xxx_messageInfo_QuobyteVolumeSource proto.InternalMessageInfo
 func (m *RBDPersistentVolumeSource) Reset()      { *m = RBDPersistentVolumeSource{} }
 func (*RBDPersistentVolumeSource) ProtoMessage() {}
 func (*RBDPersistentVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{165}
+	return fileDescriptor_6c07b07c062484ab, []int{166}
 }
 func (m *RBDPersistentVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4700,7 +4728,7 @@ var xxx_messageInfo_RBDPersistentVolumeSource proto.InternalMessageInfo
 func (m *RBDVolumeSource) Reset()      { *m = RBDVolumeSource{} }
 func (*RBDVolumeSource) ProtoMessage() {}
 func (*RBDVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{166}
+	return fileDescriptor_6c07b07c062484ab, []int{167}
 }
 func (m *RBDVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4728,7 +4756,7 @@ var xxx_messageInfo_RBDVolumeSource proto.InternalMessageInfo
 func (m *RangeAllocation) Reset()      { *m = RangeAllocation{} }
 func (*RangeAllocation) ProtoMessage() {}
 func (*RangeAllocation) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{167}
+	return fileDescriptor_6c07b07c062484ab, []int{168}
 }
 func (m *RangeAllocation) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4756,7 +4784,7 @@ var xxx_messageInfo_RangeAllocation proto.InternalMessageInfo
 func (m *ReplicationController) Reset()      { *m = ReplicationController{} }
 func (*ReplicationController) ProtoMessage() {}
 func (*ReplicationController) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{168}
+	return fileDescriptor_6c07b07c062484ab, []int{169}
 }
 func (m *ReplicationController) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4784,7 +4812,7 @@ var xxx_messageInfo_ReplicationController proto.InternalMessageInfo
 func (m *ReplicationControllerCondition) Reset()      { *m = ReplicationControllerCondition{} }
 func (*ReplicationControllerCondition) ProtoMessage() {}
 func (*ReplicationControllerCondition) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{169}
+	return fileDescriptor_6c07b07c062484ab, []int{170}
 }
 func (m *ReplicationControllerCondition) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4812,7 +4840,7 @@ var xxx_messageInfo_ReplicationControllerCondition proto.InternalMessageInfo
 func (m *ReplicationControllerList) Reset()      { *m = ReplicationControllerList{} }
 func (*ReplicationControllerList) ProtoMessage() {}
 func (*ReplicationControllerList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{170}
+	return fileDescriptor_6c07b07c062484ab, []int{171}
 }
 func (m *ReplicationControllerList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4840,7 +4868,7 @@ var xxx_messageInfo_ReplicationControllerList proto.InternalMessageInfo
 func (m *ReplicationControllerSpec) Reset()      { *m = ReplicationControllerSpec{} }
 func (*ReplicationControllerSpec) ProtoMessage() {}
 func (*ReplicationControllerSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{171}
+	return fileDescriptor_6c07b07c062484ab, []int{172}
 }
 func (m *ReplicationControllerSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4868,7 +4896,7 @@ var xxx_messageInfo_ReplicationControllerSpec proto.InternalMessageInfo
 func (m *ReplicationControllerStatus) Reset()      { *m = ReplicationControllerStatus{} }
 func (*ReplicationControllerStatus) ProtoMessage() {}
 func (*ReplicationControllerStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{172}
+	return fileDescriptor_6c07b07c062484ab, []int{173}
 }
 func (m *ReplicationControllerStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4896,7 +4924,7 @@ var xxx_messageInfo_ReplicationControllerStatus proto.InternalMessageInfo
 func (m *ResourceClaim) Reset()      { *m = ResourceClaim{} }
 func (*ResourceClaim) ProtoMessage() {}
 func (*ResourceClaim) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{173}
+	return fileDescriptor_6c07b07c062484ab, []int{174}
 }
 func (m *ResourceClaim) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4924,7 +4952,7 @@ var xxx_messageInfo_ResourceClaim proto.InternalMessageInfo
 func (m *ResourceFieldSelector) Reset()      { *m = ResourceFieldSelector{} }
 func (*ResourceFieldSelector) ProtoMessage() {}
 func (*ResourceFieldSelector) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{174}
+	return fileDescriptor_6c07b07c062484ab, []int{175}
 }
 func (m *ResourceFieldSelector) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4952,7 +4980,7 @@ var xxx_messageInfo_ResourceFieldSelector proto.InternalMessageInfo
 func (m *ResourceHealth) Reset()      { *m = ResourceHealth{} }
 func (*ResourceHealth) ProtoMessage() {}
 func (*ResourceHealth) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{175}
+	return fileDescriptor_6c07b07c062484ab, []int{176}
 }
 func (m *ResourceHealth) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -4980,7 +5008,7 @@ var xxx_messageInfo_ResourceHealth proto.InternalMessageInfo
 func (m *ResourceQuota) Reset()      { *m = ResourceQuota{} }
 func (*ResourceQuota) ProtoMessage() {}
 func (*ResourceQuota) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{176}
+	return fileDescriptor_6c07b07c062484ab, []int{177}
 }
 func (m *ResourceQuota) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5008,7 +5036,7 @@ var xxx_messageInfo_ResourceQuota proto.InternalMessageInfo
 func (m *ResourceQuotaList) Reset()      { *m = ResourceQuotaList{} }
 func (*ResourceQuotaList) ProtoMessage() {}
 func (*ResourceQuotaList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{177}
+	return fileDescriptor_6c07b07c062484ab, []int{178}
 }
 func (m *ResourceQuotaList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5036,7 +5064,7 @@ var xxx_messageInfo_ResourceQuotaList proto.InternalMessageInfo
 func (m *ResourceQuotaSpec) Reset()      { *m = ResourceQuotaSpec{} }
 func (*ResourceQuotaSpec) ProtoMessage() {}
 func (*ResourceQuotaSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{178}
+	return fileDescriptor_6c07b07c062484ab, []int{179}
 }
 func (m *ResourceQuotaSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5064,7 +5092,7 @@ var xxx_messageInfo_ResourceQuotaSpec proto.InternalMessageInfo
 func (m *ResourceQuotaStatus) Reset()      { *m = ResourceQuotaStatus{} }
 func (*ResourceQuotaStatus) ProtoMessage() {}
 func (*ResourceQuotaStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{179}
+	return fileDescriptor_6c07b07c062484ab, []int{180}
 }
 func (m *ResourceQuotaStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5092,7 +5120,7 @@ var xxx_messageInfo_ResourceQuotaStatus proto.InternalMessageInfo
 func (m *ResourceRequirements) Reset()      { *m = ResourceRequirements{} }
 func (*ResourceRequirements) ProtoMessage() {}
 func (*ResourceRequirements) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{180}
+	return fileDescriptor_6c07b07c062484ab, []int{181}
 }
 func (m *ResourceRequirements) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5120,7 +5148,7 @@ var xxx_messageInfo_ResourceRequirements proto.InternalMessageInfo
 func (m *ResourceStatus) Reset()      { *m = ResourceStatus{} }
 func (*ResourceStatus) ProtoMessage() {}
 func (*ResourceStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{181}
+	return fileDescriptor_6c07b07c062484ab, []int{182}
 }
 func (m *ResourceStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5148,7 +5176,7 @@ var xxx_messageInfo_ResourceStatus proto.InternalMessageInfo
 func (m *SELinuxOptions) Reset()      { *m = SELinuxOptions{} }
 func (*SELinuxOptions) ProtoMessage() {}
 func (*SELinuxOptions) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{182}
+	return fileDescriptor_6c07b07c062484ab, []int{183}
 }
 func (m *SELinuxOptions) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5176,7 +5204,7 @@ var xxx_messageInfo_SELinuxOptions proto.InternalMessageInfo
 func (m *ScaleIOPersistentVolumeSource) Reset()      { *m = ScaleIOPersistentVolumeSource{} }
 func (*ScaleIOPersistentVolumeSource) ProtoMessage() {}
 func (*ScaleIOPersistentVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{183}
+	return fileDescriptor_6c07b07c062484ab, []int{184}
 }
 func (m *ScaleIOPersistentVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5204,7 +5232,7 @@ var xxx_messageInfo_ScaleIOPersistentVolumeSource proto.InternalMessageInfo
 func (m *ScaleIOVolumeSource) Reset()      { *m = ScaleIOVolumeSource{} }
 func (*ScaleIOVolumeSource) ProtoMessage() {}
 func (*ScaleIOVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{184}
+	return fileDescriptor_6c07b07c062484ab, []int{185}
 }
 func (m *ScaleIOVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5232,7 +5260,7 @@ var xxx_messageInfo_ScaleIOVolumeSource proto.InternalMessageInfo
 func (m *ScopeSelector) Reset()      { *m = ScopeSelector{} }
 func (*ScopeSelector) ProtoMessage() {}
 func (*ScopeSelector) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{185}
+	return fileDescriptor_6c07b07c062484ab, []int{186}
 }
 func (m *ScopeSelector) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5260,7 +5288,7 @@ var xxx_messageInfo_ScopeSelector proto.InternalMessageInfo
 func (m *ScopedResourceSelectorRequirement) Reset()      { *m = ScopedResourceSelectorRequirement{} }
 func (*ScopedResourceSelectorRequirement) ProtoMessage() {}
 func (*ScopedResourceSelectorRequirement) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{186}
+	return fileDescriptor_6c07b07c062484ab, []int{187}
 }
 func (m *ScopedResourceSelectorRequirement) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5288,7 +5316,7 @@ var xxx_messageInfo_ScopedResourceSelectorRequirement proto.InternalMessageInfo
 func (m *SeccompProfile) Reset()      { *m = SeccompProfile{} }
 func (*SeccompProfile) ProtoMessage() {}
 func (*SeccompProfile) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{187}
+	return fileDescriptor_6c07b07c062484ab, []int{188}
 }
 func (m *SeccompProfile) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5316,7 +5344,7 @@ var xxx_messageInfo_SeccompProfile proto.InternalMessageInfo
 func (m *Secret) Reset()      { *m = Secret{} }
 func (*Secret) ProtoMessage() {}
 func (*Secret) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{188}
+	return fileDescriptor_6c07b07c062484ab, []int{189}
 }
 func (m *Secret) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5344,7 +5372,7 @@ var xxx_messageInfo_Secret proto.InternalMessageInfo
 func (m *SecretEnvSource) Reset()      { *m = SecretEnvSource{} }
 func (*SecretEnvSource) ProtoMessage() {}
 func (*SecretEnvSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{189}
+	return fileDescriptor_6c07b07c062484ab, []int{190}
 }
 func (m *SecretEnvSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5372,7 +5400,7 @@ var xxx_messageInfo_SecretEnvSource proto.InternalMessageInfo
 func (m *SecretKeySelector) Reset()      { *m = SecretKeySelector{} }
 func (*SecretKeySelector) ProtoMessage() {}
 func (*SecretKeySelector) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{190}
+	return fileDescriptor_6c07b07c062484ab, []int{191}
 }
 func (m *SecretKeySelector) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5400,7 +5428,7 @@ var xxx_messageInfo_SecretKeySelector proto.InternalMessageInfo
 func (m *SecretList) Reset()      { *m = SecretList{} }
 func (*SecretList) ProtoMessage() {}
 func (*SecretList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{191}
+	return fileDescriptor_6c07b07c062484ab, []int{192}
 }
 func (m *SecretList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5428,7 +5456,7 @@ var xxx_messageInfo_SecretList proto.InternalMessageInfo
 func (m *SecretProjection) Reset()      { *m = SecretProjection{} }
 func (*SecretProjection) ProtoMessage() {}
 func (*SecretProjection) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{192}
+	return fileDescriptor_6c07b07c062484ab, []int{193}
 }
 func (m *SecretProjection) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5456,7 +5484,7 @@ var xxx_messageInfo_SecretProjection proto.InternalMessageInfo
 func (m *SecretReference) Reset()      { *m = SecretReference{} }
 func (*SecretReference) ProtoMessage() {}
 func (*SecretReference) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{193}
+	return fileDescriptor_6c07b07c062484ab, []int{194}
 }
 func (m *SecretReference) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5484,7 +5512,7 @@ var xxx_messageInfo_SecretReference proto.InternalMessageInfo
 func (m *SecretVolumeSource) Reset()      { *m = SecretVolumeSource{} }
 func (*SecretVolumeSource) ProtoMessage() {}
 func (*SecretVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{194}
+	return fileDescriptor_6c07b07c062484ab, []int{195}
 }
 func (m *SecretVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5512,7 +5540,7 @@ var xxx_messageInfo_SecretVolumeSource proto.InternalMessageInfo
 func (m *SecurityContext) Reset()      { *m = SecurityContext{} }
 func (*SecurityContext) ProtoMessage() {}
 func (*SecurityContext) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{195}
+	return fileDescriptor_6c07b07c062484ab, []int{196}
 }
 func (m *SecurityContext) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5540,7 +5568,7 @@ var xxx_messageInfo_SecurityContext proto.InternalMessageInfo
 func (m *SerializedReference) Reset()      { *m = SerializedReference{} }
 func (*SerializedReference) ProtoMessage() {}
 func (*SerializedReference) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{196}
+	return fileDescriptor_6c07b07c062484ab, []int{197}
 }
 func (m *SerializedReference) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5568,7 +5596,7 @@ var xxx_messageInfo_SerializedReference proto.InternalMessageInfo
 func (m *Service) Reset()      { *m = Service{} }
 func (*Service) ProtoMessage() {}
 func (*Service) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{197}
+	return fileDescriptor_6c07b07c062484ab, []int{198}
 }
 func (m *Service) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5596,7 +5624,7 @@ var xxx_messageInfo_Service proto.InternalMessageInfo
 func (m *ServiceAccount) Reset()      { *m = ServiceAccount{} }
 func (*ServiceAccount) ProtoMessage() {}
 func (*ServiceAccount) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{198}
+	return fileDescriptor_6c07b07c062484ab, []int{199}
 }
 func (m *ServiceAccount) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5624,7 +5652,7 @@ var xxx_messageInfo_ServiceAccount proto.InternalMessageInfo
 func (m *ServiceAccountList) Reset()      { *m = ServiceAccountList{} }
 func (*ServiceAccountList) ProtoMessage() {}
 func (*ServiceAccountList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{199}
+	return fileDescriptor_6c07b07c062484ab, []int{200}
 }
 func (m *ServiceAccountList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5652,7 +5680,7 @@ var xxx_messageInfo_ServiceAccountList proto.InternalMessageInfo
 func (m *ServiceAccountTokenProjection) Reset()      { *m = ServiceAccountTokenProjection{} }
 func (*ServiceAccountTokenProjection) ProtoMessage() {}
 func (*ServiceAccountTokenProjection) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{200}
+	return fileDescriptor_6c07b07c062484ab, []int{201}
 }
 func (m *ServiceAccountTokenProjection) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5680,7 +5708,7 @@ var xxx_messageInfo_ServiceAccountTokenProjection proto.InternalMessageInfo
 func (m *ServiceList) Reset()      { *m = ServiceList{} }
 func (*ServiceList) ProtoMessage() {}
 func (*ServiceList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{201}
+	return fileDescriptor_6c07b07c062484ab, []int{202}
 }
 func (m *ServiceList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5708,7 +5736,7 @@ var xxx_messageInfo_ServiceList proto.InternalMessageInfo
 func (m *ServicePort) Reset()      { *m = ServicePort{} }
 func (*ServicePort) ProtoMessage() {}
 func (*ServicePort) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{202}
+	return fileDescriptor_6c07b07c062484ab, []int{203}
 }
 func (m *ServicePort) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5736,7 +5764,7 @@ var xxx_messageInfo_ServicePort proto.InternalMessageInfo
 func (m *ServiceProxyOptions) Reset()      { *m = ServiceProxyOptions{} }
 func (*ServiceProxyOptions) ProtoMessage() {}
 func (*ServiceProxyOptions) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{203}
+	return fileDescriptor_6c07b07c062484ab, []int{204}
 }
 func (m *ServiceProxyOptions) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5764,7 +5792,7 @@ var xxx_messageInfo_ServiceProxyOptions proto.InternalMessageInfo
 func (m *ServiceSpec) Reset()      { *m = ServiceSpec{} }
 func (*ServiceSpec) ProtoMessage() {}
 func (*ServiceSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{204}
+	return fileDescriptor_6c07b07c062484ab, []int{205}
 }
 func (m *ServiceSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5792,7 +5820,7 @@ var xxx_messageInfo_ServiceSpec proto.InternalMessageInfo
 func (m *ServiceStatus) Reset()      { *m = ServiceStatus{} }
 func (*ServiceStatus) ProtoMessage() {}
 func (*ServiceStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{205}
+	return fileDescriptor_6c07b07c062484ab, []int{206}
 }
 func (m *ServiceStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5820,7 +5848,7 @@ var xxx_messageInfo_ServiceStatus proto.InternalMessageInfo
 func (m *SessionAffinityConfig) Reset()      { *m = SessionAffinityConfig{} }
 func (*SessionAffinityConfig) ProtoMessage() {}
 func (*SessionAffinityConfig) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{206}
+	return fileDescriptor_6c07b07c062484ab, []int{207}
 }
 func (m *SessionAffinityConfig) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5848,7 +5876,7 @@ var xxx_messageInfo_SessionAffinityConfig proto.InternalMessageInfo
 func (m *SleepAction) Reset()      { *m = SleepAction{} }
 func (*SleepAction) ProtoMessage() {}
 func (*SleepAction) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{207}
+	return fileDescriptor_6c07b07c062484ab, []int{208}
 }
 func (m *SleepAction) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5876,7 +5904,7 @@ var xxx_messageInfo_SleepAction proto.InternalMessageInfo
 func (m *StorageOSPersistentVolumeSource) Reset()      { *m = StorageOSPersistentVolumeSource{} }
 func (*StorageOSPersistentVolumeSource) ProtoMessage() {}
 func (*StorageOSPersistentVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{208}
+	return fileDescriptor_6c07b07c062484ab, []int{209}
 }
 func (m *StorageOSPersistentVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5904,7 +5932,7 @@ var xxx_messageInfo_StorageOSPersistentVolumeSource proto.InternalMessageInfo
 func (m *StorageOSVolumeSource) Reset()      { *m = StorageOSVolumeSource{} }
 func (*StorageOSVolumeSource) ProtoMessage() {}
 func (*StorageOSVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{209}
+	return fileDescriptor_6c07b07c062484ab, []int{210}
 }
 func (m *StorageOSVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5932,7 +5960,7 @@ var xxx_messageInfo_StorageOSVolumeSource proto.InternalMessageInfo
 func (m *Sysctl) Reset()      { *m = Sysctl{} }
 func (*Sysctl) ProtoMessage() {}
 func (*Sysctl) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{210}
+	return fileDescriptor_6c07b07c062484ab, []int{211}
 }
 func (m *Sysctl) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5960,7 +5988,7 @@ var xxx_messageInfo_Sysctl proto.InternalMessageInfo
 func (m *TCPSocketAction) Reset()      { *m = TCPSocketAction{} }
 func (*TCPSocketAction) ProtoMessage() {}
 func (*TCPSocketAction) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{211}
+	return fileDescriptor_6c07b07c062484ab, []int{212}
 }
 func (m *TCPSocketAction) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -5988,7 +6016,7 @@ var xxx_messageInfo_TCPSocketAction proto.InternalMessageInfo
 func (m *Taint) Reset()      { *m = Taint{} }
 func (*Taint) ProtoMessage() {}
 func (*Taint) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{212}
+	return fileDescriptor_6c07b07c062484ab, []int{213}
 }
 func (m *Taint) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6016,7 +6044,7 @@ var xxx_messageInfo_Taint proto.InternalMessageInfo
 func (m *Toleration) Reset()      { *m = Toleration{} }
 func (*Toleration) ProtoMessage() {}
 func (*Toleration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{213}
+	return fileDescriptor_6c07b07c062484ab, []int{214}
 }
 func (m *Toleration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6044,7 +6072,7 @@ var xxx_messageInfo_Toleration proto.InternalMessageInfo
 func (m *TopologySelectorLabelRequirement) Reset()      { *m = TopologySelectorLabelRequirement{} }
 func (*TopologySelectorLabelRequirement) ProtoMessage() {}
 func (*TopologySelectorLabelRequirement) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{214}
+	return fileDescriptor_6c07b07c062484ab, []int{215}
 }
 func (m *TopologySelectorLabelRequirement) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6072,7 +6100,7 @@ var xxx_messageInfo_TopologySelectorLabelRequirement proto.InternalMessageInfo
 func (m *TopologySelectorTerm) Reset()      { *m = TopologySelectorTerm{} }
 func (*TopologySelectorTerm) ProtoMessage() {}
 func (*TopologySelectorTerm) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{215}
+	return fileDescriptor_6c07b07c062484ab, []int{216}
 }
 func (m *TopologySelectorTerm) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6100,7 +6128,7 @@ var xxx_messageInfo_TopologySelectorTerm proto.InternalMessageInfo
 func (m *TopologySpreadConstraint) Reset()      { *m = TopologySpreadConstraint{} }
 func (*TopologySpreadConstraint) ProtoMessage() {}
 func (*TopologySpreadConstraint) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{216}
+	return fileDescriptor_6c07b07c062484ab, []int{217}
 }
 func (m *TopologySpreadConstraint) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6128,7 +6156,7 @@ var xxx_messageInfo_TopologySpreadConstraint proto.InternalMessageInfo
 func (m *TypedLocalObjectReference) Reset()      { *m = TypedLocalObjectReference{} }
 func (*TypedLocalObjectReference) ProtoMessage() {}
 func (*TypedLocalObjectReference) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{217}
+	return fileDescriptor_6c07b07c062484ab, []int{218}
 }
 func (m *TypedLocalObjectReference) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6156,7 +6184,7 @@ var xxx_messageInfo_TypedLocalObjectReference proto.InternalMessageInfo
 func (m *TypedObjectReference) Reset()      { *m = TypedObjectReference{} }
 func (*TypedObjectReference) ProtoMessage() {}
 func (*TypedObjectReference) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{218}
+	return fileDescriptor_6c07b07c062484ab, []int{219}
 }
 func (m *TypedObjectReference) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6184,7 +6212,7 @@ var xxx_messageInfo_TypedObjectReference proto.InternalMessageInfo
 func (m *Volume) Reset()      { *m = Volume{} }
 func (*Volume) ProtoMessage() {}
 func (*Volume) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{219}
+	return fileDescriptor_6c07b07c062484ab, []int{220}
 }
 func (m *Volume) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6212,7 +6240,7 @@ var xxx_messageInfo_Volume proto.InternalMessageInfo
 func (m *VolumeDevice) Reset()      { *m = VolumeDevice{} }
 func (*VolumeDevice) ProtoMessage() {}
 func (*VolumeDevice) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{220}
+	return fileDescriptor_6c07b07c062484ab, []int{221}
 }
 func (m *VolumeDevice) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6240,7 +6268,7 @@ var xxx_messageInfo_VolumeDevice proto.InternalMessageInfo
 func (m *VolumeMount) Reset()      { *m = VolumeMount{} }
 func (*VolumeMount) ProtoMessage() {}
 func (*VolumeMount) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{221}
+	return fileDescriptor_6c07b07c062484ab, []int{222}
 }
 func (m *VolumeMount) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6268,7 +6296,7 @@ var xxx_messageInfo_VolumeMount proto.InternalMessageInfo
 func (m *VolumeMountStatus) Reset()      { *m = VolumeMountStatus{} }
 func (*VolumeMountStatus) ProtoMessage() {}
 func (*VolumeMountStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{222}
+	return fileDescriptor_6c07b07c062484ab, []int{223}
 }
 func (m *VolumeMountStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6296,7 +6324,7 @@ var xxx_messageInfo_VolumeMountStatus proto.InternalMessageInfo
 func (m *VolumeNodeAffinity) Reset()      { *m = VolumeNodeAffinity{} }
 func (*VolumeNodeAffinity) ProtoMessage() {}
 func (*VolumeNodeAffinity) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{223}
+	return fileDescriptor_6c07b07c062484ab, []int{224}
 }
 func (m *VolumeNodeAffinity) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6324,7 +6352,7 @@ var xxx_messageInfo_VolumeNodeAffinity proto.InternalMessageInfo
 func (m *VolumeProjection) Reset()      { *m = VolumeProjection{} }
 func (*VolumeProjection) ProtoMessage() {}
 func (*VolumeProjection) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{224}
+	return fileDescriptor_6c07b07c062484ab, []int{225}
 }
 func (m *VolumeProjection) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6352,7 +6380,7 @@ var xxx_messageInfo_VolumeProjection proto.InternalMessageInfo
 func (m *VolumeResourceRequirements) Reset()      { *m = VolumeResourceRequirements{} }
 func (*VolumeResourceRequirements) ProtoMessage() {}
 func (*VolumeResourceRequirements) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{225}
+	return fileDescriptor_6c07b07c062484ab, []int{226}
 }
 func (m *VolumeResourceRequirements) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6380,7 +6408,7 @@ var xxx_messageInfo_VolumeResourceRequirements proto.InternalMessageInfo
 func (m *VolumeSource) Reset()      { *m = VolumeSource{} }
 func (*VolumeSource) ProtoMessage() {}
 func (*VolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{226}
+	return fileDescriptor_6c07b07c062484ab, []int{227}
 }
 func (m *VolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6408,7 +6436,7 @@ var xxx_messageInfo_VolumeSource proto.InternalMessageInfo
 func (m *VsphereVirtualDiskVolumeSource) Reset()      { *m = VsphereVirtualDiskVolumeSource{} }
 func (*VsphereVirtualDiskVolumeSource) ProtoMessage() {}
 func (*VsphereVirtualDiskVolumeSource) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{227}
+	return fileDescriptor_6c07b07c062484ab, []int{228}
 }
 func (m *VsphereVirtualDiskVolumeSource) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6436,7 +6464,7 @@ var xxx_messageInfo_VsphereVirtualDiskVolumeSource proto.InternalMessageInfo
 func (m *WeightedPodAffinityTerm) Reset()      { *m = WeightedPodAffinityTerm{} }
 func (*WeightedPodAffinityTerm) ProtoMessage() {}
 func (*WeightedPodAffinityTerm) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{228}
+	return fileDescriptor_6c07b07c062484ab, []int{229}
 }
 func (m *WeightedPodAffinityTerm) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6464,7 +6492,7 @@ var xxx_messageInfo_WeightedPodAffinityTerm proto.InternalMessageInfo
 func (m *WindowsSecurityContextOptions) Reset()      { *m = WindowsSecurityContextOptions{} }
 func (*WindowsSecurityContextOptions) ProtoMessage() {}
 func (*WindowsSecurityContextOptions) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6c07b07c062484ab, []int{229}
+	return fileDescriptor_6c07b07c062484ab, []int{230}
 }
 func (m *WindowsSecurityContextOptions) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -6617,6 +6645,7 @@ func init() {
 	proto.RegisterType((*NodeStatus)(nil), "k8s.io.api.core.v1.NodeStatus")
 	proto.RegisterMapType((ResourceList)(nil), "k8s.io.api.core.v1.NodeStatus.AllocatableEntry")
 	proto.RegisterMapType((ResourceList)(nil), "k8s.io.api.core.v1.NodeStatus.CapacityEntry")
+	proto.RegisterType((*NodeSwapStatus)(nil), "k8s.io.api.core.v1.NodeSwapStatus")
 	proto.RegisterType((*NodeSystemInfo)(nil), "k8s.io.api.core.v1.NodeSystemInfo")
 	proto.RegisterType((*ObjectFieldSelector)(nil), "k8s.io.api.core.v1.ObjectFieldSelector")
 	proto.RegisterType((*ObjectReference)(nil), "k8s.io.api.core.v1.ObjectReference")
@@ -6758,1015 +6787,1020 @@ func init() {
 }
 
 var fileDescriptor_6c07b07c062484ab = []byte{
-	// 16114 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0xbd, 0x69, 0x90, 0x64, 0xd9,
-	0x59, 0x28, 0xa6, 0x9b, 0x59, 0xeb, 0x57, 0xfb, 0xa9, 0x5e, 0xaa, 0x6b, 0xba, 0x3b, 0x7b, 0xee,
-	0xcc, 0xf4, 0xf4, 0x6c, 0xd5, 0xea, 0x59, 0x34, 0xad, 0x99, 0xd1, 0x30, 0xb5, 0x76, 0xd7, 0x74,
-	0x57, 0x75, 0xce, 0xc9, 0xaa, 0x6e, 0x69, 0x34, 0x12, 0xba, 0x9d, 0x79, 0xaa, 0xea, 0xaa, 0x32,
-	0xef, 0xcd, 0xb9, 0xf7, 0x66, 0x75, 0x57, 0x5b, 0x04, 0x20, 0x8c, 0x40, 0x02, 0x47, 0x28, 0x08,
-	0x6c, 0x1c, 0x82, 0xe0, 0x07, 0x60, 0x16, 0xcb, 0x60, 0x64, 0x61, 0xc0, 0x88, 0xcd, 0x36, 0x8e,
-	0x00, 0xff, 0xc0, 0x98, 0x08, 0x4b, 0x84, 0x09, 0x17, 0x56, 0xe1, 0x08, 0x82, 0x1f, 0x06, 0x82,
-	0xf7, 0x7e, 0xbc, 0x57, 0xc1, 0x7b, 0xbc, 0x38, 0xeb, 0x3d, 0xe7, 0x2e, 0x99, 0x59, 0x3d, 0xdd,
-	0xa5, 0x91, 0x62, 0xfe, 0x65, 0x9e, 0xef, 0x3b, 0xdf, 0x39, 0xf7, 0xac, 0xdf, 0xf9, 0x56, 0xb0,
-	0xb7, 0x2f, 0x87, 0x33, 0xae, 0x7f, 0xd1, 0x69, 0xba, 0x17, 0xab, 0x7e, 0x40, 0x2e, 0xee, 0x5c,
-	0xba, 0xb8, 0x49, 0x3c, 0x12, 0x38, 0x11, 0xa9, 0xcd, 0x34, 0x03, 0x3f, 0xf2, 0x11, 0xe2, 0x38,
-	0x33, 0x4e, 0xd3, 0x9d, 0xa1, 0x38, 0x33, 0x3b, 0x97, 0xa6, 0x9f, 0xdb, 0x74, 0xa3, 0xad, 0xd6,
-	0xed, 0x99, 0xaa, 0xdf, 0xb8, 0xb8, 0xe9, 0x6f, 0xfa, 0x17, 0x19, 0xea, 0xed, 0xd6, 0x06, 0xfb,
-	0xc7, 0xfe, 0xb0, 0x5f, 0x9c, 0xc4, 0xf4, 0x8b, 0x71, 0x33, 0x0d, 0xa7, 0xba, 0xe5, 0x7a, 0x24,
-	0xd8, 0xbd, 0xd8, 0xdc, 0xde, 0x64, 0xed, 0x06, 0x24, 0xf4, 0x5b, 0x41, 0x95, 0x24, 0x1b, 0x6e,
-	0x5b, 0x2b, 0xbc, 0xd8, 0x20, 0x91, 0x93, 0xd1, 0xdd, 0xe9, 0x8b, 0x79, 0xb5, 0x82, 0x96, 0x17,
-	0xb9, 0x8d, 0x74, 0x33, 0x1f, 0xe9, 0x54, 0x21, 0xac, 0x6e, 0x91, 0x86, 0x93, 0xaa, 0xf7, 0x42,
-	0x5e, 0xbd, 0x56, 0xe4, 0xd6, 0x2f, 0xba, 0x5e, 0x14, 0x46, 0x41, 0xb2, 0x92, 0xfd, 0x2d, 0x0b,
-	0xce, 0xcd, 0xde, 0xaa, 0x2c, 0xd6, 0x9d, 0x30, 0x72, 0xab, 0x73, 0x75, 0xbf, 0xba, 0x5d, 0x89,
-	0xfc, 0x80, 0xdc, 0xf4, 0xeb, 0xad, 0x06, 0xa9, 0xb0, 0x81, 0x40, 0xcf, 0xc2, 0xc0, 0x0e, 0xfb,
-	0xbf, 0xbc, 0x30, 0x65, 0x9d, 0xb3, 0x2e, 0x0c, 0xce, 0x8d, 0xff, 0xe9, 0x5e, 0xe9, 0x43, 0xfb,
-	0x7b, 0xa5, 0x81, 0x9b, 0xa2, 0x1c, 0x2b, 0x0c, 0x74, 0x1e, 0xfa, 0x36, 0xc2, 0xb5, 0xdd, 0x26,
-	0x99, 0x2a, 0x30, 0xdc, 0x51, 0x81, 0xdb, 0xb7, 0x54, 0xa1, 0xa5, 0x58, 0x40, 0xd1, 0x45, 0x18,
-	0x6c, 0x3a, 0x41, 0xe4, 0x46, 0xae, 0xef, 0x4d, 0x15, 0xcf, 0x59, 0x17, 0x7a, 0xe7, 0x26, 0x04,
-	0xea, 0x60, 0x59, 0x02, 0x70, 0x8c, 0x43, 0xbb, 0x11, 0x10, 0xa7, 0x76, 0xc3, 0xab, 0xef, 0x4e,
-	0xf5, 0x9c, 0xb3, 0x2e, 0x0c, 0xc4, 0xdd, 0xc0, 0xa2, 0x1c, 0x2b, 0x0c, 0xfb, 0x2b, 0x05, 0x18,
-	0x98, 0xdd, 0xd8, 0x70, 0x3d, 0x37, 0xda, 0x45, 0x37, 0x61, 0xd8, 0xf3, 0x6b, 0x44, 0xfe, 0x67,
-	0x5f, 0x31, 0xf4, 0xfc, 0xb9, 0x99, 0xf4, 0x52, 0x9a, 0x59, 0xd5, 0xf0, 0xe6, 0xc6, 0xf7, 0xf7,
-	0x4a, 0xc3, 0x7a, 0x09, 0x36, 0xe8, 0x20, 0x0c, 0x43, 0x4d, 0xbf, 0xa6, 0xc8, 0x16, 0x18, 0xd9,
-	0x52, 0x16, 0xd9, 0x72, 0x8c, 0x36, 0x37, 0xb6, 0xbf, 0x57, 0x1a, 0xd2, 0x0a, 0xb0, 0x4e, 0x04,
-	0xdd, 0x86, 0x31, 0xfa, 0xd7, 0x8b, 0x5c, 0x45, 0xb7, 0xc8, 0xe8, 0x3e, 0x96, 0x47, 0x57, 0x43,
-	0x9d, 0x9b, 0xdc, 0xdf, 0x2b, 0x8d, 0x25, 0x0a, 0x71, 0x92, 0xa0, 0xfd, 0x93, 0x16, 0x8c, 0xcd,
-	0x36, 0x9b, 0xb3, 0x41, 0xc3, 0x0f, 0xca, 0x81, 0xbf, 0xe1, 0xd6, 0x09, 0x7a, 0x19, 0x7a, 0x22,
-	0x3a, 0x6b, 0x7c, 0x86, 0x1f, 0x13, 0x43, 0xdb, 0x43, 0xe7, 0xea, 0x60, 0xaf, 0x34, 0x99, 0x40,
-	0x67, 0x53, 0xc9, 0x2a, 0xa0, 0x37, 0x60, 0xbc, 0xee, 0x57, 0x9d, 0xfa, 0x96, 0x1f, 0x46, 0x02,
-	0x2a, 0xa6, 0xfe, 0xd8, 0xfe, 0x5e, 0x69, 0xfc, 0x7a, 0x02, 0x86, 0x53, 0xd8, 0xf6, 0x3d, 0x18,
-	0x9d, 0x8d, 0x22, 0xa7, 0xba, 0x45, 0x6a, 0x7c, 0x41, 0xa1, 0x17, 0xa1, 0xc7, 0x73, 0x1a, 0xb2,
-	0x33, 0xe7, 0x64, 0x67, 0x56, 0x9d, 0x06, 0xed, 0xcc, 0xf8, 0xba, 0xe7, 0xbe, 0xdb, 0x12, 0x8b,
-	0x94, 0x96, 0x61, 0x86, 0x8d, 0x9e, 0x07, 0xa8, 0x91, 0x1d, 0xb7, 0x4a, 0xca, 0x4e, 0xb4, 0x25,
-	0xfa, 0x80, 0x44, 0x5d, 0x58, 0x50, 0x10, 0xac, 0x61, 0xd9, 0x77, 0x61, 0x70, 0x76, 0xc7, 0x77,
-	0x6b, 0x65, 0xbf, 0x16, 0xa2, 0x6d, 0x18, 0x6b, 0x06, 0x64, 0x83, 0x04, 0xaa, 0x68, 0xca, 0x3a,
-	0x57, 0xbc, 0x30, 0xf4, 0xfc, 0x85, 0xcc, 0xb1, 0x37, 0x51, 0x17, 0xbd, 0x28, 0xd8, 0x9d, 0x3b,
-	0x29, 0xda, 0x1b, 0x4b, 0x40, 0x71, 0x92, 0xb2, 0xfd, 0x27, 0x05, 0x38, 0x3e, 0x7b, 0xaf, 0x15,
-	0x90, 0x05, 0x37, 0xdc, 0x4e, 0x6e, 0xb8, 0x9a, 0x1b, 0x6e, 0xaf, 0xc6, 0x23, 0xa0, 0x56, 0xfa,
-	0x82, 0x28, 0xc7, 0x0a, 0x03, 0x3d, 0x07, 0xfd, 0xf4, 0xf7, 0x3a, 0x5e, 0x16, 0x9f, 0x3c, 0x29,
-	0x90, 0x87, 0x16, 0x9c, 0xc8, 0x59, 0xe0, 0x20, 0x2c, 0x71, 0xd0, 0x0a, 0x0c, 0x55, 0xd9, 0xf9,
-	0xb0, 0xb9, 0xe2, 0xd7, 0x08, 0x5b, 0x5b, 0x83, 0x73, 0xcf, 0x50, 0xf4, 0xf9, 0xb8, 0xf8, 0x60,
-	0xaf, 0x34, 0xc5, 0xfb, 0x26, 0x48, 0x68, 0x30, 0xac, 0xd7, 0x47, 0xb6, 0xda, 0xee, 0x3d, 0x8c,
-	0x12, 0x64, 0x6c, 0xf5, 0x0b, 0xda, 0xce, 0xed, 0x65, 0x3b, 0x77, 0x38, 0x7b, 0xd7, 0xa2, 0x4b,
-	0xd0, 0xb3, 0xed, 0x7a, 0xb5, 0xa9, 0x3e, 0x46, 0xeb, 0x0c, 0x9d, 0xf3, 0x6b, 0xae, 0x57, 0x3b,
-	0xd8, 0x2b, 0x4d, 0x18, 0xdd, 0xa1, 0x85, 0x98, 0xa1, 0xda, 0xff, 0xc6, 0x82, 0x12, 0x83, 0x2d,
-	0xb9, 0x75, 0x52, 0x26, 0x41, 0xe8, 0x86, 0x11, 0xf1, 0x22, 0x63, 0x40, 0x9f, 0x07, 0x08, 0x49,
-	0x35, 0x20, 0x91, 0x36, 0xa4, 0x6a, 0x61, 0x54, 0x14, 0x04, 0x6b, 0x58, 0xf4, 0x7c, 0x0a, 0xb7,
-	0x9c, 0x80, 0xad, 0x2f, 0x31, 0xb0, 0xea, 0x7c, 0xaa, 0x48, 0x00, 0x8e, 0x71, 0x8c, 0xf3, 0xa9,
-	0xd8, 0xe9, 0x7c, 0x42, 0x1f, 0x83, 0xb1, 0xb8, 0xb1, 0xb0, 0xe9, 0x54, 0xe5, 0x00, 0xb2, 0x1d,
-	0x5c, 0x31, 0x41, 0x38, 0x89, 0x6b, 0xff, 0xb7, 0x96, 0x58, 0x3c, 0xf4, 0xab, 0xdf, 0xe7, 0xdf,
-	0x6a, 0xff, 0xae, 0x05, 0xfd, 0x73, 0xae, 0x57, 0x73, 0xbd, 0x4d, 0xf4, 0x19, 0x18, 0xa0, 0x57,
-	0x65, 0xcd, 0x89, 0x1c, 0x71, 0x0c, 0x7f, 0x58, 0xdb, 0x5b, 0xea, 0xe6, 0x9a, 0x69, 0x6e, 0x6f,
-	0xd2, 0x82, 0x70, 0x86, 0x62, 0xd3, 0xdd, 0x76, 0xe3, 0xf6, 0x67, 0x49, 0x35, 0x5a, 0x21, 0x91,
-	0x13, 0x7f, 0x4e, 0x5c, 0x86, 0x15, 0x55, 0x74, 0x0d, 0xfa, 0x22, 0x27, 0xd8, 0x24, 0x91, 0x38,
-	0x8f, 0x33, 0xcf, 0x4d, 0x5e, 0x13, 0xd3, 0x1d, 0x49, 0xbc, 0x2a, 0x89, 0x6f, 0xa9, 0x35, 0x56,
-	0x15, 0x0b, 0x12, 0xf6, 0x7f, 0xe8, 0x87, 0x53, 0xf3, 0x95, 0xe5, 0x9c, 0x75, 0x75, 0x1e, 0xfa,
-	0x6a, 0x81, 0xbb, 0x43, 0x02, 0x31, 0xce, 0x8a, 0xca, 0x02, 0x2b, 0xc5, 0x02, 0x8a, 0x2e, 0xc3,
-	0x30, 0xbf, 0x1f, 0xaf, 0x3a, 0x5e, 0x2d, 0x3e, 0x1e, 0x05, 0xf6, 0xf0, 0x4d, 0x0d, 0x86, 0x0d,
-	0xcc, 0x43, 0x2e, 0xaa, 0xf3, 0x89, 0xcd, 0x98, 0x77, 0xf7, 0x7e, 0xd1, 0x82, 0x71, 0xde, 0xcc,
-	0x6c, 0x14, 0x05, 0xee, 0xed, 0x56, 0x44, 0xc2, 0xa9, 0x5e, 0x76, 0xd2, 0xcd, 0x67, 0x8d, 0x56,
-	0xee, 0x08, 0xcc, 0xdc, 0x4c, 0x50, 0xe1, 0x87, 0xe0, 0x94, 0x68, 0x77, 0x3c, 0x09, 0xc6, 0xa9,
-	0x66, 0xd1, 0x8f, 0x58, 0x30, 0x5d, 0xf5, 0xbd, 0x28, 0xf0, 0xeb, 0x75, 0x12, 0x94, 0x5b, 0xb7,
-	0xeb, 0x6e, 0xb8, 0xc5, 0xd7, 0x29, 0x26, 0x1b, 0xec, 0x24, 0xc8, 0x99, 0x43, 0x85, 0x24, 0xe6,
-	0xf0, 0xec, 0xfe, 0x5e, 0x69, 0x7a, 0x3e, 0x97, 0x14, 0x6e, 0xd3, 0x0c, 0xda, 0x06, 0x44, 0x6f,
-	0xf6, 0x4a, 0xe4, 0x6c, 0x92, 0xb8, 0xf1, 0xfe, 0xee, 0x1b, 0x3f, 0xb1, 0xbf, 0x57, 0x42, 0xab,
-	0x29, 0x12, 0x38, 0x83, 0x2c, 0x7a, 0x17, 0x8e, 0xd1, 0xd2, 0xd4, 0xb7, 0x0e, 0x74, 0xdf, 0xdc,
-	0xd4, 0xfe, 0x5e, 0xe9, 0xd8, 0x6a, 0x06, 0x11, 0x9c, 0x49, 0x1a, 0xfd, 0x90, 0x05, 0xa7, 0xe2,
-	0xcf, 0x5f, 0xbc, 0xdb, 0x74, 0xbc, 0x5a, 0xdc, 0xf0, 0x60, 0xf7, 0x0d, 0xd3, 0x33, 0xf9, 0xd4,
-	0x7c, 0x1e, 0x25, 0x9c, 0xdf, 0x08, 0xf2, 0x60, 0x92, 0x76, 0x2d, 0xd9, 0x36, 0x74, 0xdf, 0xf6,
-	0xc9, 0xfd, 0xbd, 0xd2, 0xe4, 0x6a, 0x9a, 0x06, 0xce, 0x22, 0x3c, 0x3d, 0x0f, 0xc7, 0x33, 0x57,
-	0x27, 0x1a, 0x87, 0xe2, 0x36, 0xe1, 0x4c, 0xe0, 0x20, 0xa6, 0x3f, 0xd1, 0x31, 0xe8, 0xdd, 0x71,
-	0xea, 0x2d, 0xb1, 0x31, 0x31, 0xff, 0xf3, 0x4a, 0xe1, 0xb2, 0x65, 0xff, 0x6f, 0x45, 0x18, 0x9b,
-	0xaf, 0x2c, 0xdf, 0xd7, 0xae, 0xd7, 0xaf, 0xbd, 0x42, 0xdb, 0x6b, 0x2f, 0xbe, 0x44, 0x8b, 0xb9,
-	0x97, 0xe8, 0x0f, 0x66, 0x6c, 0xd9, 0x1e, 0xb6, 0x65, 0x3f, 0x9a, 0xb3, 0x65, 0x1f, 0xf0, 0x46,
-	0xdd, 0xc9, 0x59, 0xb5, 0xbd, 0x6c, 0x02, 0x33, 0x39, 0x24, 0xc6, 0xfb, 0x25, 0x8f, 0xda, 0x43,
-	0x2e, 0xdd, 0x07, 0x33, 0x8f, 0x55, 0x18, 0x9e, 0x77, 0x9a, 0xce, 0x6d, 0xb7, 0xee, 0x46, 0x2e,
-	0x09, 0xd1, 0x93, 0x50, 0x74, 0x6a, 0x35, 0xc6, 0xdd, 0x0d, 0xce, 0x1d, 0xdf, 0xdf, 0x2b, 0x15,
-	0x67, 0x6b, 0x94, 0xcd, 0x00, 0x85, 0xb5, 0x8b, 0x29, 0x06, 0x7a, 0x1a, 0x7a, 0x6a, 0x81, 0xdf,
-	0x9c, 0x2a, 0x30, 0x4c, 0xba, 0xcb, 0x7b, 0x16, 0x02, 0xbf, 0x99, 0x40, 0x65, 0x38, 0xf6, 0x1f,
-	0x17, 0xe0, 0xf4, 0x3c, 0x69, 0x6e, 0x2d, 0x55, 0x72, 0xee, 0x8b, 0x0b, 0x30, 0xd0, 0xf0, 0x3d,
-	0x37, 0xf2, 0x83, 0x50, 0x34, 0xcd, 0x56, 0xc4, 0x8a, 0x28, 0xc3, 0x0a, 0x8a, 0xce, 0x41, 0x4f,
-	0x33, 0x66, 0x62, 0x87, 0x25, 0x03, 0xcc, 0xd8, 0x57, 0x06, 0xa1, 0x18, 0xad, 0x90, 0x04, 0x62,
-	0xc5, 0x28, 0x8c, 0xf5, 0x90, 0x04, 0x98, 0x41, 0x62, 0x4e, 0x80, 0xf2, 0x08, 0xe2, 0x46, 0x48,
-	0x70, 0x02, 0x14, 0x82, 0x35, 0x2c, 0x54, 0x86, 0xc1, 0x30, 0x31, 0xb3, 0x5d, 0x6d, 0xcd, 0x11,
-	0xc6, 0x2a, 0xa8, 0x99, 0x8c, 0x89, 0x18, 0x37, 0x58, 0x5f, 0x47, 0x56, 0xe1, 0x1b, 0x05, 0x40,
-	0x7c, 0x08, 0xbf, 0xcb, 0x06, 0x6e, 0x3d, 0x3d, 0x70, 0xdd, 0x6f, 0x89, 0x07, 0x35, 0x7a, 0xff,
-	0xd6, 0x82, 0xd3, 0xf3, 0xae, 0x57, 0x23, 0x41, 0xce, 0x02, 0x7c, 0x38, 0x4f, 0xf9, 0xc3, 0x31,
-	0x29, 0xc6, 0x12, 0xeb, 0x79, 0x00, 0x4b, 0xcc, 0xfe, 0x47, 0x0b, 0x10, 0xff, 0xec, 0xf7, 0xdd,
-	0xc7, 0xae, 0xa7, 0x3f, 0xf6, 0x01, 0x2c, 0x0b, 0xfb, 0x3a, 0x8c, 0xce, 0xd7, 0x5d, 0xe2, 0x45,
-	0xcb, 0xe5, 0x79, 0xdf, 0xdb, 0x70, 0x37, 0xd1, 0x2b, 0x30, 0x1a, 0xb9, 0x0d, 0xe2, 0xb7, 0xa2,
-	0x0a, 0xa9, 0xfa, 0x1e, 0x7b, 0xb9, 0x5a, 0x17, 0x7a, 0xe7, 0xd0, 0xfe, 0x5e, 0x69, 0x74, 0xcd,
-	0x80, 0xe0, 0x04, 0xa6, 0xfd, 0xcb, 0xf4, 0xdc, 0xaa, 0xb7, 0xc2, 0x88, 0x04, 0x6b, 0x41, 0x2b,
-	0x8c, 0xe6, 0x5a, 0x94, 0xf7, 0x2c, 0x07, 0x3e, 0xed, 0x8e, 0xeb, 0x7b, 0xe8, 0xb4, 0xf1, 0x1c,
-	0x1f, 0x90, 0x4f, 0x71, 0xf1, 0xec, 0x9e, 0x01, 0x08, 0xdd, 0x4d, 0x8f, 0x04, 0xda, 0xf3, 0x61,
-	0x94, 0x6d, 0x15, 0x55, 0x8a, 0x35, 0x0c, 0x54, 0x87, 0x91, 0xba, 0x73, 0x9b, 0xd4, 0x2b, 0xa4,
-	0x4e, 0xaa, 0x91, 0x1f, 0x08, 0xf9, 0xc6, 0x0b, 0xdd, 0xbd, 0x03, 0xae, 0xeb, 0x55, 0xe7, 0x26,
-	0xf6, 0xf7, 0x4a, 0x23, 0x46, 0x11, 0x36, 0x89, 0xd3, 0xa3, 0xc3, 0x6f, 0xd2, 0xaf, 0x70, 0xea,
-	0xfa, 0xe3, 0xf3, 0x86, 0x28, 0xc3, 0x0a, 0xaa, 0x8e, 0x8e, 0x9e, 0xbc, 0xa3, 0xc3, 0xfe, 0x6b,
-	0xba, 0xd0, 0xfc, 0x46, 0xd3, 0xf7, 0x88, 0x17, 0xcd, 0xfb, 0x5e, 0x8d, 0x4b, 0xa6, 0x5e, 0x31,
-	0x44, 0x27, 0xe7, 0x13, 0xa2, 0x93, 0x13, 0xe9, 0x1a, 0x9a, 0xf4, 0xe4, 0xa3, 0xd0, 0x17, 0x46,
-	0x4e, 0xd4, 0x0a, 0xc5, 0xc0, 0x3d, 0x2a, 0x97, 0x5d, 0x85, 0x95, 0x1e, 0xec, 0x95, 0xc6, 0x54,
-	0x35, 0x5e, 0x84, 0x45, 0x05, 0xf4, 0x14, 0xf4, 0x37, 0x48, 0x18, 0x3a, 0x9b, 0x92, 0x6d, 0x18,
-	0x13, 0x75, 0xfb, 0x57, 0x78, 0x31, 0x96, 0x70, 0xf4, 0x18, 0xf4, 0x92, 0x20, 0xf0, 0x03, 0xf1,
-	0x6d, 0x23, 0x02, 0xb1, 0x77, 0x91, 0x16, 0x62, 0x0e, 0xb3, 0xff, 0x0f, 0x0b, 0xc6, 0x54, 0x5f,
-	0x79, 0x5b, 0x47, 0xf0, 0x5c, 0x7b, 0x1b, 0xa0, 0x2a, 0x3f, 0x30, 0x64, 0xd7, 0xec, 0xd0, 0xf3,
-	0xe7, 0x33, 0x39, 0x9a, 0xd4, 0x30, 0xc6, 0x94, 0x55, 0x51, 0x88, 0x35, 0x6a, 0xf6, 0x1f, 0x58,
-	0x30, 0x99, 0xf8, 0xa2, 0xeb, 0x6e, 0x18, 0xa1, 0x77, 0x52, 0x5f, 0x35, 0xd3, 0xe5, 0xe2, 0x73,
-	0x43, 0xfe, 0x4d, 0x6a, 0xcf, 0xcb, 0x12, 0xed, 0x8b, 0xae, 0x42, 0xaf, 0x1b, 0x91, 0x86, 0xfc,
-	0x98, 0xc7, 0xda, 0x7e, 0x0c, 0xef, 0x55, 0x3c, 0x23, 0xcb, 0xb4, 0x26, 0xe6, 0x04, 0xec, 0x3f,
-	0x2e, 0xc2, 0x20, 0xdf, 0xdf, 0x2b, 0x4e, 0xf3, 0x08, 0xe6, 0xe2, 0x19, 0x18, 0x74, 0x1b, 0x8d,
-	0x56, 0xe4, 0xdc, 0x16, 0xf7, 0xde, 0x00, 0x3f, 0x83, 0x96, 0x65, 0x21, 0x8e, 0xe1, 0x68, 0x19,
-	0x7a, 0x58, 0x57, 0xf8, 0x57, 0x3e, 0x99, 0xfd, 0x95, 0xa2, 0xef, 0x33, 0x0b, 0x4e, 0xe4, 0x70,
-	0x96, 0x53, 0xed, 0x2b, 0x5a, 0x84, 0x19, 0x09, 0xe4, 0x00, 0xdc, 0x76, 0x3d, 0x27, 0xd8, 0xa5,
-	0x65, 0x53, 0x45, 0x46, 0xf0, 0xb9, 0xf6, 0x04, 0xe7, 0x14, 0x3e, 0x27, 0xab, 0x3e, 0x2c, 0x06,
-	0x60, 0x8d, 0xe8, 0xf4, 0xcb, 0x30, 0xa8, 0x90, 0x0f, 0xc3, 0x39, 0x4e, 0x7f, 0x0c, 0xc6, 0x12,
-	0x6d, 0x75, 0xaa, 0x3e, 0xac, 0x33, 0x9e, 0xbf, 0xc7, 0x8e, 0x0c, 0xd1, 0xeb, 0x45, 0x6f, 0x47,
-	0xdc, 0x4d, 0xf7, 0xe0, 0x58, 0x3d, 0xe3, 0xc8, 0x17, 0xf3, 0xda, 0xfd, 0x15, 0x71, 0x5a, 0x7c,
-	0xf6, 0xb1, 0x2c, 0x28, 0xce, 0x6c, 0xc3, 0x38, 0x11, 0x0b, 0xed, 0x4e, 0x44, 0x7a, 0xde, 0x1d,
-	0x53, 0x9d, 0xbf, 0x46, 0x76, 0xd5, 0xa1, 0xfa, 0x9d, 0xec, 0xfe, 0x19, 0x3e, 0xfa, 0xfc, 0xb8,
-	0x1c, 0x12, 0x04, 0x8a, 0xd7, 0xc8, 0x2e, 0x9f, 0x0a, 0xfd, 0xeb, 0x8a, 0x6d, 0xbf, 0xee, 0x6b,
-	0x16, 0x8c, 0xa8, 0xaf, 0x3b, 0x82, 0x73, 0x61, 0xce, 0x3c, 0x17, 0xce, 0xb4, 0x5d, 0xe0, 0x39,
-	0x27, 0xc2, 0x37, 0x0a, 0x70, 0x4a, 0xe1, 0xd0, 0x47, 0x14, 0xff, 0x23, 0x56, 0xd5, 0x45, 0x18,
-	0xf4, 0x94, 0x38, 0xd1, 0x32, 0xe5, 0x78, 0xb1, 0x30, 0x31, 0xc6, 0xa1, 0x57, 0x9e, 0x17, 0x5f,
-	0xda, 0xc3, 0xba, 0x9c, 0x5d, 0x5c, 0xee, 0x73, 0x50, 0x6c, 0xb9, 0x35, 0x71, 0xc1, 0x7c, 0x58,
-	0x8e, 0xf6, 0xfa, 0xf2, 0xc2, 0xc1, 0x5e, 0xe9, 0xd1, 0x3c, 0x95, 0x13, 0xbd, 0xd9, 0xc2, 0x99,
-	0xf5, 0xe5, 0x05, 0x4c, 0x2b, 0xa3, 0x59, 0x18, 0x93, 0x5a, 0xb5, 0x9b, 0x94, 0x2f, 0xf5, 0x3d,
-	0x71, 0x0f, 0x29, 0x61, 0x39, 0x36, 0xc1, 0x38, 0x89, 0x8f, 0x16, 0x60, 0x7c, 0xbb, 0x75, 0x9b,
-	0xd4, 0x49, 0xc4, 0x3f, 0xf8, 0x1a, 0xe1, 0xa2, 0xe4, 0xc1, 0xf8, 0x09, 0x7b, 0x2d, 0x01, 0xc7,
-	0xa9, 0x1a, 0xf6, 0xbf, 0xb2, 0xfb, 0x40, 0x8c, 0x9e, 0xc6, 0xdf, 0x7c, 0x27, 0x97, 0x73, 0x37,
-	0xab, 0xe2, 0x1a, 0xd9, 0x5d, 0xf3, 0x29, 0x1f, 0x92, 0xbd, 0x2a, 0x8c, 0x35, 0xdf, 0xd3, 0x76,
-	0xcd, 0xff, 0x56, 0x01, 0x8e, 0xab, 0x11, 0x30, 0xb8, 0xe5, 0xef, 0xf6, 0x31, 0xb8, 0x04, 0x43,
-	0x35, 0xb2, 0xe1, 0xb4, 0xea, 0x91, 0xd2, 0x6b, 0xf4, 0x72, 0x55, 0xdb, 0x42, 0x5c, 0x8c, 0x75,
-	0x9c, 0x43, 0x0c, 0xdb, 0xaf, 0x8f, 0xb0, 0x8b, 0x38, 0x72, 0xe8, 0x1a, 0x57, 0xbb, 0xc6, 0xca,
-	0xdd, 0x35, 0x8f, 0x41, 0xaf, 0xdb, 0xa0, 0x8c, 0x59, 0xc1, 0xe4, 0xb7, 0x96, 0x69, 0x21, 0xe6,
-	0x30, 0xf4, 0x04, 0xf4, 0x57, 0xfd, 0x46, 0xc3, 0xf1, 0x6a, 0xec, 0xca, 0x1b, 0x9c, 0x1b, 0xa2,
-	0xbc, 0xdb, 0x3c, 0x2f, 0xc2, 0x12, 0x46, 0x99, 0x6f, 0x27, 0xd8, 0xe4, 0xc2, 0x1e, 0xc1, 0x7c,
-	0xcf, 0x06, 0x9b, 0x21, 0x66, 0xa5, 0xf4, 0xad, 0x7a, 0xc7, 0x0f, 0xb6, 0x5d, 0x6f, 0x73, 0xc1,
-	0x0d, 0xc4, 0x96, 0x50, 0x77, 0xe1, 0x2d, 0x05, 0xc1, 0x1a, 0x16, 0x5a, 0x82, 0xde, 0xa6, 0x1f,
-	0x44, 0xe1, 0x54, 0x1f, 0x1b, 0xee, 0x47, 0x73, 0x0e, 0x22, 0xfe, 0xb5, 0x65, 0x3f, 0x88, 0xe2,
-	0x0f, 0xa0, 0xff, 0x42, 0xcc, 0xab, 0xa3, 0xeb, 0xd0, 0x4f, 0xbc, 0x9d, 0xa5, 0xc0, 0x6f, 0x4c,
-	0x4d, 0xe6, 0x53, 0x5a, 0xe4, 0x28, 0x7c, 0x99, 0xc5, 0x3c, 0xaa, 0x28, 0xc6, 0x92, 0x04, 0xfa,
-	0x28, 0x14, 0x89, 0xb7, 0x33, 0xd5, 0xcf, 0x28, 0x4d, 0xe7, 0x50, 0xba, 0xe9, 0x04, 0xf1, 0x99,
-	0xbf, 0xe8, 0xed, 0x60, 0x5a, 0x07, 0x7d, 0x02, 0x06, 0xe5, 0x81, 0x11, 0x0a, 0x29, 0x6a, 0xe6,
-	0x82, 0x95, 0xc7, 0x0c, 0x26, 0xef, 0xb6, 0xdc, 0x80, 0x34, 0x88, 0x17, 0x85, 0xf1, 0x09, 0x29,
-	0xa1, 0x21, 0x8e, 0xa9, 0xa1, 0x2a, 0x0c, 0x07, 0x24, 0x74, 0xef, 0x91, 0xb2, 0x5f, 0x77, 0xab,
-	0xbb, 0x53, 0x27, 0x59, 0xf7, 0x9e, 0x6a, 0x3b, 0x64, 0x58, 0xab, 0x10, 0x4b, 0xf9, 0xf5, 0x52,
-	0x6c, 0x10, 0x45, 0x6f, 0xc1, 0x48, 0x40, 0xc2, 0xc8, 0x09, 0x22, 0xd1, 0xca, 0x94, 0xd2, 0xca,
-	0x8d, 0x60, 0x1d, 0xc0, 0x9f, 0x13, 0x71, 0x33, 0x31, 0x04, 0x9b, 0x14, 0xd0, 0x27, 0xa4, 0xca,
-	0x61, 0xc5, 0x6f, 0x79, 0x51, 0x38, 0x35, 0xc8, 0xfa, 0x9d, 0xa9, 0x9b, 0xbe, 0x19, 0xe3, 0x25,
-	0x75, 0x12, 0xbc, 0x32, 0x36, 0x48, 0xa1, 0x4f, 0xc1, 0x08, 0xff, 0xcf, 0x55, 0xaa, 0xe1, 0xd4,
-	0x71, 0x46, 0xfb, 0x5c, 0x3e, 0x6d, 0x8e, 0x38, 0x77, 0x5c, 0x10, 0x1f, 0xd1, 0x4b, 0x43, 0x6c,
-	0x52, 0x43, 0x18, 0x46, 0xea, 0xee, 0x0e, 0xf1, 0x48, 0x18, 0x96, 0x03, 0xff, 0x36, 0x11, 0x12,
-	0xe2, 0x53, 0xd9, 0x2a, 0x58, 0xff, 0x36, 0x11, 0x8f, 0x40, 0xbd, 0x0e, 0x36, 0x49, 0xa0, 0x75,
-	0x18, 0xa5, 0x4f, 0x72, 0x37, 0x26, 0x3a, 0xd4, 0x89, 0x28, 0x7b, 0x38, 0x63, 0xa3, 0x12, 0x4e,
-	0x10, 0x41, 0x37, 0x60, 0x98, 0x8d, 0x79, 0xab, 0xc9, 0x89, 0x9e, 0xe8, 0x44, 0x94, 0x19, 0x14,
-	0x54, 0xb4, 0x2a, 0xd8, 0x20, 0x80, 0xde, 0x84, 0xc1, 0xba, 0xbb, 0x41, 0xaa, 0xbb, 0xd5, 0x3a,
-	0x99, 0x1a, 0x66, 0xd4, 0x32, 0x0f, 0xc3, 0xeb, 0x12, 0x89, 0xf3, 0xe7, 0xea, 0x2f, 0x8e, 0xab,
-	0xa3, 0x9b, 0x70, 0x22, 0x22, 0x41, 0xc3, 0xf5, 0x1c, 0x7a, 0x88, 0x89, 0x27, 0x21, 0xd3, 0x8c,
-	0x8f, 0xb0, 0xd5, 0x75, 0x56, 0xcc, 0xc6, 0x89, 0xb5, 0x4c, 0x2c, 0x9c, 0x53, 0x1b, 0xdd, 0x85,
-	0xa9, 0x0c, 0x08, 0x5f, 0xb7, 0xc7, 0x18, 0xe5, 0xd7, 0x04, 0xe5, 0xa9, 0xb5, 0x1c, 0xbc, 0x83,
-	0x36, 0x30, 0x9c, 0x4b, 0x1d, 0xdd, 0x80, 0x31, 0x76, 0x72, 0x96, 0x5b, 0xf5, 0xba, 0x68, 0x70,
-	0x94, 0x35, 0xf8, 0x84, 0xe4, 0x23, 0x96, 0x4d, 0xf0, 0xc1, 0x5e, 0x09, 0xe2, 0x7f, 0x38, 0x59,
-	0x1b, 0xdd, 0x66, 0x4a, 0xd8, 0x56, 0xe0, 0x46, 0xbb, 0x74, 0x57, 0x91, 0xbb, 0xd1, 0xd4, 0x58,
-	0x5b, 0x81, 0x94, 0x8e, 0xaa, 0x34, 0xb5, 0x7a, 0x21, 0x4e, 0x12, 0xa4, 0x57, 0x41, 0x18, 0xd5,
-	0x5c, 0x6f, 0x6a, 0x9c, 0xbf, 0xa7, 0xe4, 0x49, 0x5a, 0xa1, 0x85, 0x98, 0xc3, 0x98, 0x02, 0x96,
-	0xfe, 0xb8, 0x41, 0x6f, 0xdc, 0x09, 0x86, 0x18, 0x2b, 0x60, 0x25, 0x00, 0xc7, 0x38, 0x94, 0x09,
-	0x8e, 0xa2, 0xdd, 0x29, 0xc4, 0x50, 0xd5, 0x81, 0xb8, 0xb6, 0xf6, 0x09, 0x4c, 0xcb, 0xed, 0xdb,
-	0x30, 0xaa, 0x8e, 0x09, 0x36, 0x26, 0xa8, 0x04, 0xbd, 0x8c, 0xed, 0x13, 0xe2, 0xd3, 0x41, 0xda,
-	0x05, 0xc6, 0x12, 0x62, 0x5e, 0xce, 0xba, 0xe0, 0xde, 0x23, 0x73, 0xbb, 0x11, 0xe1, 0xb2, 0x88,
-	0xa2, 0xd6, 0x05, 0x09, 0xc0, 0x31, 0x8e, 0xfd, 0x1f, 0x39, 0xfb, 0x1c, 0xdf, 0x12, 0x5d, 0xdc,
-	0x8b, 0xcf, 0xc2, 0x00, 0x33, 0xfc, 0xf0, 0x03, 0xae, 0x9d, 0xed, 0x8d, 0x19, 0xe6, 0xab, 0xa2,
-	0x1c, 0x2b, 0x0c, 0xf4, 0x2a, 0x8c, 0x54, 0xf5, 0x06, 0xc4, 0xa5, 0xae, 0x8e, 0x11, 0xa3, 0x75,
-	0x6c, 0xe2, 0xa2, 0xcb, 0x30, 0xc0, 0x6c, 0x9c, 0xaa, 0x7e, 0x5d, 0x70, 0x9b, 0x92, 0x33, 0x19,
-	0x28, 0x8b, 0xf2, 0x03, 0xed, 0x37, 0x56, 0xd8, 0xe8, 0x3c, 0xf4, 0xd1, 0x2e, 0x2c, 0x97, 0xc5,
-	0x75, 0xaa, 0x24, 0x81, 0x57, 0x59, 0x29, 0x16, 0x50, 0xfb, 0x0f, 0x2c, 0xc6, 0x4b, 0xa5, 0xcf,
-	0x7c, 0x74, 0x95, 0x5d, 0x1a, 0xec, 0x06, 0xd1, 0xb4, 0xf0, 0x8f, 0x6b, 0x37, 0x81, 0x82, 0x1d,
-	0x24, 0xfe, 0x63, 0xa3, 0x26, 0x7a, 0x3b, 0x79, 0x33, 0x70, 0x86, 0xe2, 0x45, 0x39, 0x04, 0xc9,
-	0xdb, 0xe1, 0x91, 0xf8, 0x8a, 0xa3, 0xfd, 0x69, 0x77, 0x45, 0xd8, 0x3f, 0x55, 0xd0, 0x56, 0x49,
-	0x25, 0x72, 0x22, 0x82, 0xca, 0xd0, 0x7f, 0xc7, 0x71, 0x23, 0xd7, 0xdb, 0x14, 0x7c, 0x5f, 0xfb,
-	0x8b, 0x8e, 0x55, 0xba, 0xc5, 0x2b, 0x70, 0xee, 0x45, 0xfc, 0xc1, 0x92, 0x0c, 0xa5, 0x18, 0xb4,
-	0x3c, 0x8f, 0x52, 0x2c, 0x74, 0x4b, 0x11, 0xf3, 0x0a, 0x9c, 0xa2, 0xf8, 0x83, 0x25, 0x19, 0xf4,
-	0x0e, 0x80, 0x3c, 0x21, 0x48, 0x4d, 0xc8, 0x0e, 0x9f, 0xed, 0x4c, 0x74, 0x4d, 0xd5, 0xe1, 0xc2,
-	0xc9, 0xf8, 0x3f, 0xd6, 0xe8, 0xd9, 0x91, 0x36, 0xa7, 0x7a, 0x67, 0xd0, 0x27, 0xe9, 0x16, 0x75,
-	0x82, 0x88, 0xd4, 0x66, 0x23, 0x31, 0x38, 0x4f, 0x77, 0xf7, 0x38, 0x5c, 0x73, 0x1b, 0x44, 0xdf,
-	0xce, 0x82, 0x08, 0x8e, 0xe9, 0xd9, 0xbf, 0x53, 0x84, 0xa9, 0xbc, 0xee, 0xd2, 0x4d, 0x43, 0xee,
-	0xba, 0xd1, 0x3c, 0x65, 0x6b, 0x2d, 0x73, 0xd3, 0x2c, 0x8a, 0x72, 0xac, 0x30, 0xe8, 0xea, 0x0d,
-	0xdd, 0x4d, 0xf9, 0xb6, 0xef, 0x8d, 0x57, 0x6f, 0x85, 0x95, 0x62, 0x01, 0xa5, 0x78, 0x01, 0x71,
-	0x42, 0x61, 0x7c, 0xa7, 0xad, 0x72, 0xcc, 0x4a, 0xb1, 0x80, 0xea, 0x52, 0xc6, 0x9e, 0x0e, 0x52,
-	0x46, 0x63, 0x88, 0x7a, 0x1f, 0xec, 0x10, 0xa1, 0x4f, 0x03, 0x6c, 0xb8, 0x9e, 0x1b, 0x6e, 0x31,
-	0xea, 0x7d, 0x87, 0xa6, 0xae, 0x98, 0xe2, 0x25, 0x45, 0x05, 0x6b, 0x14, 0xd1, 0x4b, 0x30, 0xa4,
-	0x0e, 0x90, 0xe5, 0x05, 0xa6, 0xfa, 0xd7, 0x4c, 0xa9, 0xe2, 0xd3, 0x74, 0x01, 0xeb, 0x78, 0xf6,
-	0x67, 0x93, 0xeb, 0x45, 0xec, 0x00, 0x6d, 0x7c, 0xad, 0x6e, 0xc7, 0xb7, 0xd0, 0x7e, 0x7c, 0xed,
-	0x9f, 0x19, 0x84, 0x31, 0xa3, 0xb1, 0x56, 0xd8, 0xc5, 0x99, 0x7b, 0x85, 0x5e, 0x40, 0x4e, 0x44,
-	0xc4, 0xfe, 0xb3, 0x3b, 0x6f, 0x15, 0xfd, 0x92, 0xa2, 0x3b, 0x80, 0xd7, 0x47, 0x9f, 0x86, 0xc1,
-	0xba, 0x13, 0x32, 0x89, 0x25, 0x11, 0xfb, 0xae, 0x1b, 0x62, 0xf1, 0x83, 0xd0, 0x09, 0x23, 0xed,
-	0xd6, 0xe7, 0xb4, 0x63, 0x92, 0xf4, 0xa6, 0xa4, 0xfc, 0x95, 0xb4, 0xee, 0x54, 0x9d, 0xa0, 0x4c,
-	0xd8, 0x2e, 0xe6, 0x30, 0x74, 0x99, 0x1d, 0xad, 0x74, 0x55, 0xcc, 0x53, 0x6e, 0x94, 0x2d, 0xb3,
-	0x5e, 0x83, 0xc9, 0x56, 0x30, 0x6c, 0x60, 0xc6, 0x6f, 0xb2, 0xbe, 0x36, 0x6f, 0xb2, 0xa7, 0xa0,
-	0x9f, 0xfd, 0x50, 0x2b, 0x40, 0xcd, 0xc6, 0x32, 0x2f, 0xc6, 0x12, 0x9e, 0x5c, 0x30, 0x03, 0xdd,
-	0x2d, 0x18, 0xfa, 0xea, 0x13, 0x8b, 0x9a, 0x99, 0x5d, 0x0c, 0xf0, 0x53, 0x4e, 0x2c, 0x79, 0x2c,
-	0x61, 0xe8, 0x57, 0x2c, 0x40, 0x4e, 0x9d, 0xbe, 0x96, 0x69, 0xb1, 0x7a, 0xdc, 0x00, 0x63, 0xb5,
-	0x5f, 0xed, 0x38, 0xec, 0xad, 0x70, 0x66, 0x36, 0x55, 0x9b, 0x4b, 0x4a, 0x5f, 0x11, 0x5d, 0x44,
-	0x69, 0x04, 0xfd, 0x32, 0xba, 0xee, 0x86, 0xd1, 0xe7, 0xff, 0x26, 0x71, 0x39, 0x65, 0x74, 0x09,
-	0xad, 0xeb, 0x8f, 0xaf, 0xa1, 0x43, 0x3e, 0xbe, 0x46, 0x72, 0x1f, 0x5e, 0xdf, 0x9f, 0x78, 0xc0,
-	0x0c, 0xb3, 0x2f, 0x7f, 0xa2, 0xc3, 0x03, 0x46, 0x88, 0xd3, 0xbb, 0x79, 0xc6, 0x94, 0x85, 0x1e,
-	0x78, 0x84, 0x75, 0xb9, 0xfd, 0x23, 0x78, 0x3d, 0x24, 0xc1, 0xdc, 0x29, 0xa9, 0x26, 0x3e, 0xd0,
-	0x79, 0x0f, 0x4d, 0x6f, 0xfc, 0x43, 0x16, 0x4c, 0xa5, 0x07, 0x88, 0x77, 0x69, 0x6a, 0x94, 0xf5,
-	0xdf, 0x6e, 0x37, 0x32, 0xa2, 0xf3, 0xd2, 0xdc, 0x75, 0x6a, 0x36, 0x87, 0x16, 0xce, 0x6d, 0x65,
-	0xba, 0x05, 0x27, 0x73, 0xe6, 0x3d, 0x43, 0x6a, 0xbd, 0xa0, 0x4b, 0xad, 0x3b, 0xc8, 0x3a, 0x67,
-	0xe4, 0xcc, 0xcc, 0xbc, 0xd5, 0x72, 0xbc, 0xc8, 0x8d, 0x76, 0x75, 0x29, 0xb7, 0x07, 0xe6, 0x80,
-	0xa0, 0x4f, 0x41, 0x6f, 0xdd, 0xf5, 0x5a, 0x77, 0xc5, 0x4d, 0x79, 0x3e, 0xfb, 0x11, 0xe3, 0xb5,
-	0xee, 0x9a, 0x43, 0x5c, 0xa2, 0x1b, 0x92, 0x95, 0x1f, 0xec, 0x95, 0x50, 0x1a, 0x01, 0x73, 0xaa,
-	0xf6, 0xd3, 0x30, 0xba, 0xe0, 0x90, 0x86, 0xef, 0x2d, 0x7a, 0xb5, 0xa6, 0xef, 0x7a, 0x11, 0x9a,
-	0x82, 0x1e, 0xc6, 0x22, 0xf2, 0x0b, 0xb2, 0x87, 0x0e, 0x21, 0x66, 0x25, 0xf6, 0x26, 0x1c, 0x5f,
-	0xf0, 0xef, 0x78, 0x77, 0x9c, 0xa0, 0x36, 0x5b, 0x5e, 0xd6, 0xa4, 0x7e, 0xab, 0x52, 0xea, 0x64,
-	0xe5, 0xbf, 0xe9, 0xb5, 0x9a, 0x7c, 0x29, 0x2d, 0xb9, 0x75, 0x92, 0x23, 0x9b, 0xfd, 0x99, 0x82,
-	0xd1, 0x52, 0x8c, 0xaf, 0x34, 0x8b, 0x56, 0xae, 0x51, 0xc2, 0x5b, 0x30, 0xb0, 0xe1, 0x92, 0x7a,
-	0x0d, 0x93, 0x0d, 0x31, 0x1b, 0x4f, 0xe6, 0x9b, 0x2d, 0x2e, 0x51, 0x4c, 0xa5, 0x02, 0x65, 0x32,
-	0xab, 0x25, 0x51, 0x19, 0x2b, 0x32, 0x68, 0x1b, 0xc6, 0xe5, 0x9c, 0x49, 0xa8, 0x38, 0xb5, 0x9f,
-	0x6a, 0xb7, 0x08, 0x4d, 0xe2, 0xcc, 0x84, 0x1b, 0x27, 0xc8, 0xe0, 0x14, 0x61, 0x74, 0x1a, 0x7a,
-	0x1a, 0x94, 0x3f, 0xe9, 0x61, 0xc3, 0xcf, 0x84, 0x54, 0x4c, 0xde, 0xc6, 0x4a, 0xed, 0x9f, 0xb3,
-	0xe0, 0x64, 0x6a, 0x64, 0x84, 0xdc, 0xf1, 0x01, 0xcf, 0x42, 0x52, 0x0e, 0x58, 0xe8, 0x2c, 0x07,
-	0xb4, 0xff, 0x3b, 0x0b, 0x8e, 0x2d, 0x36, 0x9a, 0xd1, 0xee, 0x82, 0x6b, 0x5a, 0x10, 0xbc, 0x0c,
-	0x7d, 0x0d, 0x52, 0x73, 0x5b, 0x0d, 0x31, 0x73, 0x25, 0x79, 0x87, 0xaf, 0xb0, 0x52, 0x7a, 0x0e,
-	0x54, 0x22, 0x3f, 0x70, 0x36, 0x09, 0x2f, 0xc0, 0x02, 0x9d, 0x71, 0x42, 0xee, 0x3d, 0x72, 0xdd,
-	0x6d, 0xb8, 0xd1, 0xfd, 0xed, 0x2e, 0xa1, 0xfc, 0x97, 0x44, 0x70, 0x4c, 0xcf, 0xfe, 0x96, 0x05,
-	0x63, 0x72, 0xdd, 0xcf, 0xd6, 0x6a, 0x01, 0x09, 0x43, 0x34, 0x0d, 0x05, 0xb7, 0x29, 0x7a, 0x09,
-	0xa2, 0x97, 0x85, 0xe5, 0x32, 0x2e, 0xb8, 0x4d, 0xf9, 0xe8, 0x62, 0x6c, 0x42, 0xd1, 0xb4, 0x83,
-	0xb8, 0x2a, 0xca, 0xb1, 0xc2, 0x40, 0x17, 0x60, 0xc0, 0xf3, 0x6b, 0xfc, 0xdd, 0x22, 0x34, 0xe1,
-	0x14, 0x73, 0x55, 0x94, 0x61, 0x05, 0x45, 0x65, 0x18, 0xe4, 0x56, 0xb2, 0xf1, 0xa2, 0xed, 0xca,
-	0xd6, 0x96, 0x7d, 0xd9, 0x9a, 0xac, 0x89, 0x63, 0x22, 0xf6, 0x1f, 0x59, 0x30, 0x2c, 0xbf, 0xac,
-	0xcb, 0x17, 0x25, 0xdd, 0x5a, 0xf1, 0x6b, 0x32, 0xde, 0x5a, 0xf4, 0x45, 0xc8, 0x20, 0xc6, 0x43,
-	0xb0, 0x78, 0xa8, 0x87, 0xe0, 0x25, 0x18, 0x72, 0x9a, 0xcd, 0xb2, 0xf9, 0x8a, 0x64, 0x4b, 0x69,
-	0x36, 0x2e, 0xc6, 0x3a, 0x8e, 0xfd, 0xb3, 0x05, 0x18, 0x95, 0x5f, 0x50, 0x69, 0xdd, 0x0e, 0x49,
-	0x84, 0xd6, 0x60, 0xd0, 0xe1, 0xb3, 0x44, 0xe4, 0x22, 0x7f, 0x2c, 0x5b, 0xba, 0x69, 0x4c, 0x69,
-	0xcc, 0x0e, 0xcf, 0xca, 0xda, 0x38, 0x26, 0x84, 0xea, 0x30, 0xe1, 0xf9, 0x11, 0x63, 0x8d, 0x14,
-	0xbc, 0x9d, 0xc2, 0x39, 0x49, 0xfd, 0x94, 0xa0, 0x3e, 0xb1, 0x9a, 0xa4, 0x82, 0xd3, 0x84, 0xd1,
-	0xa2, 0x94, 0x18, 0x17, 0xf3, 0x45, 0x7d, 0xfa, 0xc4, 0x65, 0x0b, 0x8c, 0xed, 0xdf, 0xb7, 0x60,
-	0x50, 0xa2, 0x1d, 0x85, 0x6d, 0xc1, 0x0a, 0xf4, 0x87, 0x6c, 0x12, 0xe4, 0xd0, 0xd8, 0xed, 0x3a,
-	0xce, 0xe7, 0x2b, 0xe6, 0xf8, 0xf8, 0xff, 0x10, 0x4b, 0x1a, 0x4c, 0x61, 0xa8, 0xba, 0xff, 0x3e,
-	0x51, 0x18, 0xaa, 0xfe, 0xe4, 0x5c, 0x4a, 0x7f, 0xc7, 0xfa, 0xac, 0x49, 0xe0, 0xe9, 0xc3, 0xa4,
-	0x19, 0x90, 0x0d, 0xf7, 0x6e, 0xf2, 0x61, 0x52, 0x66, 0xa5, 0x58, 0x40, 0xd1, 0x3b, 0x30, 0x5c,
-	0x95, 0x9a, 0xa2, 0x78, 0x87, 0x9f, 0x6f, 0xab, 0xb5, 0x54, 0x0a, 0x6e, 0x2e, 0xe9, 0x9c, 0xd7,
-	0xea, 0x63, 0x83, 0x9a, 0x69, 0x05, 0x56, 0xec, 0x64, 0x05, 0x16, 0xd3, 0xcd, 0xb7, 0x89, 0xfa,
-	0x79, 0x0b, 0xfa, 0xb8, 0x86, 0xa0, 0x3b, 0x05, 0x8d, 0xa6, 0xef, 0x8f, 0xc7, 0xee, 0x26, 0x2d,
-	0x14, 0x9c, 0x0d, 0x5a, 0x81, 0x41, 0xf6, 0x83, 0x69, 0x38, 0x8a, 0xf9, 0x3e, 0x63, 0xbc, 0x55,
-	0xbd, 0x83, 0x37, 0x65, 0x35, 0x1c, 0x53, 0xb0, 0x7f, 0xba, 0x48, 0x4f, 0xb7, 0x18, 0xd5, 0xb8,
-	0xf4, 0xad, 0x87, 0x77, 0xe9, 0x17, 0x1e, 0xd6, 0xa5, 0xbf, 0x09, 0x63, 0x55, 0xcd, 0x3a, 0x20,
-	0x9e, 0xc9, 0x0b, 0x6d, 0x17, 0x89, 0x66, 0x48, 0xc0, 0x65, 0xa8, 0xf3, 0x26, 0x11, 0x9c, 0xa4,
-	0x8a, 0x3e, 0x09, 0xc3, 0x7c, 0x9e, 0x45, 0x2b, 0xdc, 0x90, 0xee, 0x89, 0xfc, 0xf5, 0xa2, 0x37,
-	0xc1, 0x65, 0xee, 0x5a, 0x75, 0x6c, 0x10, 0xb3, 0xff, 0xc9, 0x02, 0xb4, 0xd8, 0xdc, 0x22, 0x0d,
-	0x12, 0x38, 0xf5, 0x58, 0xc9, 0xf7, 0x25, 0x0b, 0xa6, 0x48, 0xaa, 0x78, 0xde, 0x6f, 0x34, 0xc4,
-	0x93, 0x3e, 0x47, 0xea, 0xb4, 0x98, 0x53, 0x27, 0x66, 0xeb, 0xf3, 0x30, 0x70, 0x6e, 0x7b, 0x68,
-	0x05, 0x26, 0xf9, 0x2d, 0xa9, 0x00, 0x9a, 0xad, 0xdd, 0x23, 0x82, 0xf0, 0xe4, 0x5a, 0x1a, 0x05,
-	0x67, 0xd5, 0xb3, 0x7f, 0x7f, 0x04, 0x72, 0x7b, 0xf1, 0x81, 0x76, 0xf3, 0x03, 0xed, 0xe6, 0x07,
-	0xda, 0xcd, 0x0f, 0xb4, 0x9b, 0x1f, 0x68, 0x37, 0x3f, 0xd0, 0x6e, 0xbe, 0x4f, 0xb5, 0x9b, 0xff,
-	0xa5, 0x05, 0xc7, 0xd5, 0xf5, 0x65, 0x3c, 0xd8, 0x3f, 0x07, 0x93, 0x7c, 0xbb, 0xcd, 0xd7, 0x1d,
-	0xb7, 0xb1, 0x46, 0x1a, 0xcd, 0xba, 0x13, 0x49, 0x1b, 0xa6, 0x4b, 0x99, 0x2b, 0x37, 0xe1, 0x28,
-	0x61, 0x54, 0xe4, 0x1e, 0x67, 0x19, 0x00, 0x9c, 0xd5, 0x8c, 0xfd, 0x3b, 0x03, 0xd0, 0xbb, 0xb8,
-	0x43, 0xbc, 0xe8, 0x08, 0x9e, 0x36, 0x55, 0x18, 0x75, 0xbd, 0x1d, 0xbf, 0xbe, 0x43, 0x6a, 0x1c,
-	0x7e, 0x98, 0x17, 0xf8, 0x09, 0x41, 0x7a, 0x74, 0xd9, 0x20, 0x81, 0x13, 0x24, 0x1f, 0x86, 0x8e,
-	0xe8, 0x0a, 0xf4, 0xf1, 0xcb, 0x47, 0x28, 0x88, 0x32, 0xcf, 0x6c, 0x36, 0x88, 0xe2, 0x4a, 0x8d,
-	0xf5, 0x57, 0xfc, 0x72, 0x13, 0xd5, 0xd1, 0x67, 0x61, 0x74, 0xc3, 0x0d, 0xc2, 0x68, 0xcd, 0x6d,
-	0xd0, 0xab, 0xa1, 0xd1, 0xbc, 0x0f, 0x9d, 0x90, 0x1a, 0x87, 0x25, 0x83, 0x12, 0x4e, 0x50, 0x46,
-	0x9b, 0x30, 0x52, 0x77, 0xf4, 0xa6, 0xfa, 0x0f, 0xdd, 0x94, 0xba, 0x1d, 0xae, 0xeb, 0x84, 0xb0,
-	0x49, 0x97, 0x6e, 0xa7, 0x2a, 0x53, 0x6b, 0x0c, 0x30, 0x71, 0x86, 0xda, 0x4e, 0x5c, 0x9f, 0xc1,
-	0x61, 0x94, 0x41, 0x63, 0xee, 0x06, 0x83, 0x26, 0x83, 0xa6, 0x39, 0x15, 0x7c, 0x06, 0x06, 0x09,
-	0x1d, 0x42, 0x4a, 0x58, 0x5c, 0x30, 0x17, 0xbb, 0xeb, 0xeb, 0x8a, 0x5b, 0x0d, 0x7c, 0x53, 0x1b,
-	0xb7, 0x28, 0x29, 0xe1, 0x98, 0x28, 0x9a, 0x87, 0xbe, 0x90, 0x04, 0xae, 0x92, 0xf8, 0xb7, 0x99,
-	0x46, 0x86, 0xc6, 0x5d, 0x1a, 0xf9, 0x6f, 0x2c, 0xaa, 0xd2, 0xe5, 0xe5, 0x30, 0x51, 0x2c, 0xbb,
-	0x0c, 0xb4, 0xe5, 0x35, 0xcb, 0x4a, 0xb1, 0x80, 0xa2, 0x37, 0xa1, 0x3f, 0x20, 0x75, 0xa6, 0xee,
-	0x1d, 0xe9, 0x7e, 0x91, 0x73, 0xed, 0x31, 0xaf, 0x87, 0x25, 0x01, 0x74, 0x0d, 0x50, 0x40, 0x28,
-	0x83, 0xe7, 0x7a, 0x9b, 0xca, 0x08, 0x5f, 0x1c, 0xb4, 0x8a, 0x91, 0xc6, 0x31, 0x86, 0xf4, 0x66,
-	0xc5, 0x19, 0xd5, 0xd0, 0x15, 0x98, 0x50, 0xa5, 0xcb, 0x5e, 0x18, 0x39, 0xf4, 0x80, 0x1b, 0x63,
-	0xb4, 0x94, 0x7c, 0x05, 0x27, 0x11, 0x70, 0xba, 0x8e, 0xfd, 0x6b, 0x16, 0xf0, 0x71, 0x3e, 0x02,
-	0xa9, 0xc2, 0xeb, 0xa6, 0x54, 0xe1, 0x54, 0xee, 0xcc, 0xe5, 0x48, 0x14, 0x7e, 0xcd, 0x82, 0x21,
-	0x6d, 0x66, 0xe3, 0x35, 0x6b, 0xb5, 0x59, 0xb3, 0x2d, 0x18, 0xa7, 0x2b, 0xfd, 0xc6, 0xed, 0x90,
-	0x04, 0x3b, 0xa4, 0xc6, 0x16, 0x66, 0xe1, 0xfe, 0x16, 0xa6, 0x32, 0xf8, 0xbd, 0x9e, 0x20, 0x88,
-	0x53, 0x4d, 0xd8, 0x9f, 0x91, 0x5d, 0x55, 0xf6, 0xd1, 0x55, 0x35, 0xe7, 0x09, 0xfb, 0x68, 0x35,
-	0xab, 0x38, 0xc6, 0xa1, 0x5b, 0x6d, 0xcb, 0x0f, 0xa3, 0xa4, 0x7d, 0xf4, 0x55, 0x3f, 0x8c, 0x30,
-	0x83, 0xd8, 0x2f, 0x00, 0x2c, 0xde, 0x25, 0x55, 0xbe, 0x62, 0xf5, 0x47, 0x8f, 0x95, 0xff, 0xe8,
-	0xb1, 0xff, 0xd2, 0x82, 0xd1, 0xa5, 0x79, 0xe3, 0xe6, 0x9a, 0x01, 0xe0, 0x2f, 0xb5, 0x5b, 0xb7,
-	0x56, 0xa5, 0x91, 0x0e, 0xb7, 0x53, 0x50, 0xa5, 0x58, 0xc3, 0x40, 0xa7, 0xa0, 0x58, 0x6f, 0x79,
-	0x42, 0xec, 0xd9, 0x4f, 0xaf, 0xc7, 0xeb, 0x2d, 0x0f, 0xd3, 0x32, 0xcd, 0x93, 0xad, 0xd8, 0xb5,
-	0x27, 0x5b, 0xc7, 0x80, 0x3a, 0xa8, 0x04, 0xbd, 0x77, 0xee, 0xb8, 0x35, 0x1e, 0x27, 0x40, 0x18,
-	0x10, 0xdd, 0xba, 0xb5, 0xbc, 0x10, 0x62, 0x5e, 0x6e, 0x7f, 0xb9, 0x08, 0xd3, 0x4b, 0x75, 0x72,
-	0xf7, 0x3d, 0xc6, 0x4a, 0xe8, 0xd6, 0x0f, 0xef, 0x70, 0x02, 0xa4, 0xc3, 0xfa, 0x5a, 0x76, 0x1e,
-	0x8f, 0x0d, 0xe8, 0xe7, 0xe6, 0xc1, 0x32, 0x72, 0x42, 0xa6, 0x52, 0x36, 0x7f, 0x40, 0x66, 0xb8,
-	0x99, 0xb1, 0x50, 0xca, 0xaa, 0x0b, 0x53, 0x94, 0x62, 0x49, 0x7c, 0xfa, 0x15, 0x18, 0xd6, 0x31,
-	0x0f, 0xe5, 0xf5, 0xfc, 0xc3, 0x45, 0x18, 0xa7, 0x3d, 0x78, 0xa8, 0x13, 0xb1, 0x9e, 0x9e, 0x88,
-	0x07, 0xed, 0xf9, 0xda, 0x79, 0x36, 0xde, 0x49, 0xce, 0xc6, 0xa5, 0xbc, 0xd9, 0x38, 0xea, 0x39,
-	0xf8, 0x11, 0x0b, 0x26, 0x97, 0xea, 0x7e, 0x75, 0x3b, 0xe1, 0x9d, 0xfa, 0x12, 0x0c, 0xd1, 0xe3,
-	0x38, 0x34, 0x02, 0xb5, 0x18, 0xa1, 0x7b, 0x04, 0x08, 0xeb, 0x78, 0x5a, 0xb5, 0xf5, 0xf5, 0xe5,
-	0x85, 0xac, 0x88, 0x3f, 0x02, 0x84, 0x75, 0x3c, 0xfb, 0xcf, 0x2d, 0x38, 0x73, 0x65, 0x7e, 0x31,
-	0x5e, 0x8a, 0xa9, 0xa0, 0x43, 0xe7, 0xa1, 0xaf, 0x59, 0xd3, 0xba, 0x12, 0x8b, 0x85, 0x17, 0x58,
-	0x2f, 0x04, 0xf4, 0xfd, 0x12, 0xdf, 0x6b, 0x1d, 0xe0, 0x0a, 0x2e, 0xcf, 0x8b, 0x73, 0x57, 0x6a,
-	0x81, 0xac, 0x5c, 0x2d, 0xd0, 0x13, 0xd0, 0x4f, 0xef, 0x05, 0xb7, 0x2a, 0xfb, 0xcd, 0xcd, 0x2e,
-	0x78, 0x11, 0x96, 0x30, 0xfb, 0x57, 0x2d, 0x98, 0xbc, 0xe2, 0x46, 0xf4, 0xd2, 0x4e, 0x46, 0xd5,
-	0xa1, 0xb7, 0x76, 0xe8, 0x46, 0x7e, 0xb0, 0x9b, 0x8c, 0xaa, 0x83, 0x15, 0x04, 0x6b, 0x58, 0xfc,
-	0x83, 0x76, 0x5c, 0xe6, 0xef, 0x52, 0x30, 0xf5, 0x6e, 0x58, 0x94, 0x63, 0x85, 0x41, 0xc7, 0xab,
-	0xe6, 0x06, 0x4c, 0x64, 0xb9, 0x2b, 0x0e, 0x6e, 0x35, 0x5e, 0x0b, 0x12, 0x80, 0x63, 0x1c, 0xfb,
-	0x1f, 0x2c, 0x28, 0x5d, 0xe1, 0x5e, 0xbb, 0x1b, 0x61, 0xce, 0xa1, 0xfb, 0x02, 0x0c, 0x12, 0xa9,
-	0x20, 0x10, 0xbd, 0x56, 0x8c, 0xa8, 0xd2, 0x1c, 0xf0, 0xe0, 0x3e, 0x0a, 0xaf, 0x0b, 0x17, 0xfa,
-	0xc3, 0xf9, 0x40, 0x2f, 0x01, 0x22, 0x7a, 0x5b, 0x7a, 0xb4, 0x23, 0x16, 0x36, 0x65, 0x31, 0x05,
-	0xc5, 0x19, 0x35, 0xec, 0x9f, 0xb3, 0xe0, 0xb8, 0xfa, 0xe0, 0xf7, 0xdd, 0x67, 0xda, 0x5f, 0x2f,
-	0xc0, 0xc8, 0xd5, 0xb5, 0xb5, 0xf2, 0x15, 0x12, 0x69, 0xab, 0xb2, 0xbd, 0xda, 0x1f, 0x6b, 0xda,
-	0xcb, 0x76, 0x6f, 0xc4, 0x56, 0xe4, 0xd6, 0x67, 0x78, 0x0c, 0xbf, 0x99, 0x65, 0x2f, 0xba, 0x11,
-	0x54, 0xa2, 0xc0, 0xf5, 0x36, 0x33, 0x57, 0xba, 0xe4, 0x59, 0x8a, 0x79, 0x3c, 0x0b, 0x7a, 0x01,
-	0xfa, 0x58, 0x10, 0x41, 0x39, 0x09, 0x8f, 0xa8, 0x27, 0x16, 0x2b, 0x3d, 0xd8, 0x2b, 0x0d, 0xae,
-	0xe3, 0x65, 0xfe, 0x07, 0x0b, 0x54, 0xb4, 0x0e, 0x43, 0x5b, 0x51, 0xd4, 0xbc, 0x4a, 0x9c, 0x1a,
-	0x09, 0xe4, 0x29, 0x7b, 0x36, 0xeb, 0x94, 0xa5, 0x83, 0xc0, 0xd1, 0xe2, 0x83, 0x29, 0x2e, 0x0b,
-	0xb1, 0x4e, 0xc7, 0xae, 0x00, 0xc4, 0xb0, 0x07, 0xa4, 0xb8, 0xb1, 0xd7, 0x60, 0x90, 0x7e, 0xee,
-	0x6c, 0xdd, 0x75, 0xda, 0xab, 0xc6, 0x9f, 0x81, 0x41, 0xa9, 0xf8, 0x0e, 0x45, 0x88, 0x0f, 0x76,
-	0x23, 0x49, 0xbd, 0x78, 0x88, 0x63, 0xb8, 0xfd, 0x38, 0x08, 0x0b, 0xe0, 0x76, 0x24, 0xed, 0x0d,
-	0x38, 0xc6, 0x4c, 0x99, 0x9d, 0x68, 0xcb, 0x58, 0xa3, 0x9d, 0x17, 0xc3, 0xb3, 0xe2, 0x5d, 0xc7,
-	0xbf, 0x6c, 0x4a, 0x73, 0x21, 0x1f, 0x96, 0x14, 0xe3, 0x37, 0x9e, 0xfd, 0xf7, 0x3d, 0xf0, 0xc8,
-	0x72, 0x25, 0x3f, 0x36, 0xd5, 0x65, 0x18, 0xe6, 0xec, 0x22, 0x5d, 0x1a, 0x4e, 0x5d, 0xb4, 0xab,
-	0x24, 0xa0, 0x6b, 0x1a, 0x0c, 0x1b, 0x98, 0xe8, 0x0c, 0x14, 0xdd, 0x77, 0xbd, 0xa4, 0x83, 0xe5,
-	0xf2, 0x5b, 0xab, 0x98, 0x96, 0x53, 0x30, 0xe5, 0x3c, 0xf9, 0x91, 0xae, 0xc0, 0x8a, 0xfb, 0x7c,
-	0x1d, 0x46, 0xdd, 0xb0, 0x1a, 0xba, 0xcb, 0x1e, 0xdd, 0xa7, 0xda, 0x4e, 0x57, 0x32, 0x07, 0xda,
-	0x69, 0x05, 0xc5, 0x09, 0x6c, 0xed, 0x7e, 0xe9, 0xed, 0x9a, 0x7b, 0xed, 0x18, 0x19, 0x83, 0x1e,
-	0xff, 0x4d, 0xf6, 0x75, 0x21, 0x13, 0xc1, 0x8b, 0xe3, 0x9f, 0x7f, 0x70, 0x88, 0x25, 0x8c, 0x3e,
-	0xe8, 0xaa, 0x5b, 0x4e, 0x73, 0xb6, 0x15, 0x6d, 0x2d, 0xb8, 0x61, 0xd5, 0xdf, 0x21, 0xc1, 0x2e,
-	0x7b, 0x8b, 0x0f, 0xc4, 0x0f, 0x3a, 0x05, 0x98, 0xbf, 0x3a, 0x5b, 0xa6, 0x98, 0x38, 0x5d, 0x07,
-	0xcd, 0xc2, 0x98, 0x2c, 0xac, 0x90, 0x90, 0x5d, 0x01, 0x43, 0x8c, 0x8c, 0x72, 0x79, 0x14, 0xc5,
-	0x8a, 0x48, 0x12, 0xdf, 0x64, 0x70, 0xe1, 0x41, 0x30, 0xb8, 0x2f, 0xc3, 0x88, 0xeb, 0xb9, 0x91,
-	0xeb, 0x44, 0x3e, 0xd7, 0x1f, 0xf1, 0x67, 0x37, 0x13, 0x30, 0x2f, 0xeb, 0x00, 0x6c, 0xe2, 0xd9,
-	0xff, 0x5f, 0x0f, 0x4c, 0xb0, 0x69, 0xfb, 0x60, 0x85, 0x7d, 0x2f, 0xad, 0xb0, 0xf5, 0xf4, 0x0a,
-	0x7b, 0x10, 0x9c, 0xfb, 0x7d, 0x2f, 0xb3, 0x2f, 0x58, 0x30, 0xc1, 0x64, 0xdc, 0xc6, 0x32, 0xbb,
-	0x08, 0x83, 0x81, 0xe1, 0x8d, 0x3a, 0xa8, 0x2b, 0xb5, 0xa4, 0x63, 0x69, 0x8c, 0x83, 0xde, 0x00,
-	0x68, 0xc6, 0x32, 0xf4, 0x82, 0x11, 0x42, 0x14, 0x72, 0xc5, 0xe7, 0x5a, 0x1d, 0xfb, 0xb3, 0x30,
-	0xa8, 0xdc, 0x4d, 0xa5, 0xbf, 0xb9, 0x95, 0xe3, 0x6f, 0xde, 0x99, 0x8d, 0x90, 0xb6, 0x71, 0xc5,
-	0x4c, 0xdb, 0xb8, 0xaf, 0x5a, 0x10, 0x6b, 0x38, 0xd0, 0x5b, 0x30, 0xd8, 0xf4, 0x99, 0x41, 0x74,
-	0x20, 0xbd, 0x0c, 0x1e, 0x6f, 0xab, 0x22, 0xe1, 0x71, 0x02, 0x03, 0x3e, 0x1d, 0x65, 0x59, 0x15,
-	0xc7, 0x54, 0xd0, 0x35, 0xe8, 0x6f, 0x06, 0xa4, 0x12, 0xb1, 0x20, 0x56, 0xdd, 0x13, 0xe4, 0xcb,
-	0x97, 0x57, 0xc4, 0x92, 0x82, 0xfd, 0x1b, 0x05, 0x18, 0x4f, 0xa2, 0xa2, 0xd7, 0xa0, 0x87, 0xdc,
-	0x25, 0x55, 0xd1, 0xdf, 0x4c, 0x9e, 0x20, 0x96, 0x91, 0xf0, 0x01, 0xa0, 0xff, 0x31, 0xab, 0x85,
-	0xae, 0x42, 0x3f, 0x65, 0x08, 0xae, 0xa8, 0x80, 0x8d, 0x8f, 0xe6, 0x31, 0x15, 0x8a, 0xb3, 0xe2,
-	0x9d, 0x13, 0x45, 0x58, 0x56, 0x67, 0x06, 0x69, 0xd5, 0x66, 0x85, 0xbe, 0xb5, 0xa2, 0x76, 0x22,
-	0x81, 0xb5, 0xf9, 0x32, 0x47, 0x12, 0xd4, 0xb8, 0x41, 0x9a, 0x2c, 0xc4, 0x31, 0x11, 0xf4, 0x06,
-	0xf4, 0x86, 0x75, 0x42, 0x9a, 0xc2, 0xe2, 0x20, 0x53, 0xca, 0x59, 0xa1, 0x08, 0x82, 0x12, 0x93,
-	0x8a, 0xb0, 0x02, 0xcc, 0x2b, 0xda, 0xbf, 0x65, 0x01, 0x70, 0x0b, 0x3e, 0xc7, 0xdb, 0x24, 0x47,
-	0xa0, 0x18, 0x58, 0x80, 0x9e, 0xb0, 0x49, 0xaa, 0xed, 0xac, 0xfd, 0xe3, 0xfe, 0x54, 0x9a, 0xa4,
-	0x1a, 0xaf, 0x59, 0xfa, 0x0f, 0xb3, 0xda, 0xf6, 0x8f, 0x02, 0x8c, 0xc6, 0x68, 0xcb, 0x11, 0x69,
-	0xa0, 0xe7, 0x8c, 0x28, 0x37, 0xa7, 0x12, 0x51, 0x6e, 0x06, 0x19, 0xb6, 0x26, 0x83, 0xfe, 0x2c,
-	0x14, 0x1b, 0xce, 0x5d, 0x21, 0x64, 0x7c, 0xa6, 0x7d, 0x37, 0x28, 0xfd, 0x99, 0x15, 0xe7, 0x2e,
-	0x7f, 0x87, 0x3f, 0x23, 0xf7, 0xd8, 0x8a, 0x73, 0xb7, 0xa3, 0x45, 0x3a, 0x6d, 0x84, 0xb5, 0xe5,
-	0x7a, 0xc2, 0x38, 0xad, 0xab, 0xb6, 0x5c, 0x2f, 0xd9, 0x96, 0xeb, 0x75, 0xd1, 0x96, 0xeb, 0xa1,
-	0x7b, 0xd0, 0x2f, 0x6c, 0x47, 0x45, 0xf8, 0xbd, 0x8b, 0x5d, 0xb4, 0x27, 0x4c, 0x4f, 0x79, 0x9b,
-	0x17, 0xa5, 0x9c, 0x41, 0x94, 0x76, 0x6c, 0x57, 0x36, 0x88, 0xfe, 0x2b, 0x0b, 0x46, 0xc5, 0x6f,
-	0x4c, 0xde, 0x6d, 0x91, 0x30, 0x12, 0x7c, 0xf8, 0x47, 0xba, 0xef, 0x83, 0xa8, 0xc8, 0xbb, 0xf2,
-	0x11, 0x79, 0x65, 0x9a, 0xc0, 0x8e, 0x3d, 0x4a, 0xf4, 0x02, 0xfd, 0x86, 0x05, 0xc7, 0x1a, 0xce,
-	0x5d, 0xde, 0x22, 0x2f, 0xc3, 0x4e, 0xe4, 0xfa, 0xc2, 0x06, 0xe3, 0xb5, 0xee, 0xa6, 0x3f, 0x55,
-	0x9d, 0x77, 0x52, 0x2a, 0x5c, 0x8f, 0x65, 0xa1, 0x74, 0xec, 0x6a, 0x66, 0xbf, 0xa6, 0x37, 0x60,
-	0x40, 0xae, 0xb7, 0x87, 0x69, 0x18, 0xcf, 0xda, 0x11, 0x6b, 0xed, 0xa1, 0xb6, 0xf3, 0x59, 0x18,
-	0xd6, 0xd7, 0xd8, 0x43, 0x6d, 0xeb, 0x5d, 0x98, 0xcc, 0x58, 0x4b, 0x0f, 0xb5, 0xc9, 0x3b, 0x70,
-	0x2a, 0x77, 0x7d, 0x3c, 0x54, 0xc7, 0x86, 0xaf, 0x5b, 0xfa, 0x39, 0x78, 0x04, 0xda, 0x99, 0x79,
-	0x53, 0x3b, 0x73, 0xb6, 0xfd, 0xce, 0xc9, 0x51, 0xd1, 0xbc, 0xa3, 0x77, 0x9a, 0x9e, 0xea, 0xe8,
-	0x4d, 0xe8, 0xab, 0xd3, 0x12, 0x69, 0x81, 0x6c, 0x77, 0xde, 0x91, 0x31, 0x5f, 0xcc, 0xca, 0x43,
-	0x2c, 0x28, 0xd8, 0x5f, 0xb1, 0x20, 0xc3, 0x35, 0x83, 0xf2, 0x49, 0x2d, 0xb7, 0xc6, 0x86, 0xa4,
-	0x18, 0xf3, 0x49, 0x2a, 0x08, 0xcc, 0x19, 0x28, 0x6e, 0xba, 0x35, 0xe1, 0x59, 0xac, 0xc0, 0x57,
-	0x28, 0x78, 0xd3, 0xad, 0xa1, 0x25, 0x40, 0x61, 0xab, 0xd9, 0xac, 0x33, 0xb3, 0x25, 0xa7, 0x7e,
-	0x25, 0xf0, 0x5b, 0x4d, 0x6e, 0x6e, 0x5c, 0xe4, 0x42, 0xa2, 0x4a, 0x0a, 0x8a, 0x33, 0x6a, 0xd8,
-	0xbf, 0x6b, 0x41, 0xcf, 0x11, 0x4c, 0x13, 0x36, 0xa7, 0xe9, 0xb9, 0x5c, 0xd2, 0x22, 0x6b, 0xc3,
-	0x0c, 0x76, 0xee, 0x2c, 0xde, 0x8d, 0x88, 0x17, 0x32, 0x86, 0x23, 0x73, 0xd6, 0xf6, 0x2c, 0x98,
-	0xbc, 0xee, 0x3b, 0xb5, 0x39, 0xa7, 0xee, 0x78, 0x55, 0x12, 0x2c, 0x7b, 0x9b, 0x87, 0xb2, 0xed,
-	0x2f, 0x74, 0xb4, 0xed, 0xbf, 0x0c, 0x7d, 0x6e, 0x53, 0x0b, 0xfb, 0x7e, 0x8e, 0xce, 0xee, 0x72,
-	0x59, 0x44, 0x7c, 0x47, 0x46, 0xe3, 0xac, 0x14, 0x0b, 0x7c, 0xba, 0x2c, 0xb9, 0x51, 0x5d, 0x4f,
-	0xfe, 0xb2, 0xa4, 0x6f, 0x9d, 0x64, 0x38, 0x33, 0xc3, 0xfc, 0x7b, 0x0b, 0x8c, 0x26, 0x84, 0x07,
-	0x23, 0x86, 0x7e, 0x97, 0x7f, 0xa9, 0x58, 0x9b, 0x4f, 0x66, 0xbf, 0x41, 0x52, 0x03, 0xa3, 0xf9,
-	0xe6, 0xf1, 0x02, 0x2c, 0x09, 0xd9, 0x97, 0x21, 0x33, 0xfc, 0x4c, 0x67, 0xf9, 0x92, 0xfd, 0x09,
-	0x98, 0x60, 0x35, 0x0f, 0x29, 0xbb, 0xb1, 0x13, 0x52, 0xf1, 0x8c, 0x08, 0xbe, 0xf6, 0xff, 0x6d,
-	0x01, 0x5a, 0xf1, 0x6b, 0xee, 0xc6, 0xae, 0x20, 0xce, 0xbf, 0xff, 0x5d, 0x28, 0xf1, 0xc7, 0x71,
-	0x32, 0xca, 0xed, 0x7c, 0xdd, 0x09, 0x43, 0x4d, 0x22, 0xff, 0xa4, 0x68, 0xb7, 0xb4, 0xd6, 0x1e,
-	0x1d, 0x77, 0xa2, 0x87, 0xde, 0x4a, 0x04, 0x1d, 0xfc, 0x68, 0x2a, 0xe8, 0xe0, 0x93, 0x99, 0x76,
-	0x31, 0xe9, 0xde, 0xcb, 0x60, 0x84, 0xf6, 0x17, 0x2d, 0x18, 0x5b, 0x4d, 0x44, 0x6d, 0x3d, 0xcf,
-	0x8c, 0x04, 0x32, 0x34, 0x4d, 0x15, 0x56, 0x8a, 0x05, 0xf4, 0x81, 0x4b, 0x62, 0xff, 0xd5, 0x82,
-	0x38, 0xdc, 0xd5, 0x11, 0xb0, 0xdc, 0xf3, 0x06, 0xcb, 0x9d, 0xf9, 0x7c, 0x51, 0xdd, 0xc9, 0xe3,
-	0xb8, 0xd1, 0x35, 0x35, 0x27, 0x6d, 0x5e, 0x2e, 0x31, 0x19, 0xbe, 0xcf, 0x46, 0xcd, 0x89, 0x53,
-	0xb3, 0xf1, 0xcd, 0x02, 0x20, 0x85, 0xdb, 0x75, 0xa0, 0xca, 0x74, 0x8d, 0x07, 0x13, 0xa8, 0x72,
-	0x07, 0x10, 0x33, 0x73, 0x09, 0x1c, 0x2f, 0xe4, 0x64, 0x5d, 0x21, 0x7b, 0x3e, 0x9c, 0x0d, 0xcd,
-	0xb4, 0xf4, 0x5c, 0xbd, 0x9e, 0xa2, 0x86, 0x33, 0x5a, 0xd0, 0xcc, 0x97, 0x7a, 0xbb, 0x35, 0x5f,
-	0xea, 0xeb, 0xe0, 0x82, 0xfd, 0x35, 0x0b, 0x46, 0xd4, 0x30, 0xbd, 0x4f, 0x5c, 0x40, 0x54, 0x7f,
-	0x72, 0xee, 0x95, 0xb2, 0xd6, 0x65, 0xc6, 0x0c, 0x7c, 0x1f, 0x73, 0xa5, 0x77, 0xea, 0xee, 0x3d,
-	0xa2, 0xe2, 0x29, 0x97, 0x84, 0x6b, 0xbc, 0x28, 0x3d, 0xd8, 0x2b, 0x8d, 0xa8, 0x7f, 0x3c, 0x82,
-	0x6b, 0x5c, 0xc5, 0xfe, 0x25, 0xba, 0xd9, 0xcd, 0xa5, 0x88, 0x5e, 0x82, 0xde, 0xe6, 0x96, 0x13,
-	0x92, 0x84, 0xab, 0x5c, 0x6f, 0x99, 0x16, 0x1e, 0xec, 0x95, 0x46, 0x55, 0x05, 0x56, 0x82, 0x39,
-	0x76, 0xf7, 0xe1, 0x3f, 0xd3, 0x8b, 0xb3, 0x63, 0xf8, 0xcf, 0x7f, 0xb2, 0xa0, 0x67, 0x95, 0xde,
-	0x5e, 0x0f, 0xff, 0x08, 0x78, 0xdd, 0x38, 0x02, 0x4e, 0xe7, 0x65, 0x16, 0xca, 0xdd, 0xfd, 0x4b,
-	0x89, 0xdd, 0x7f, 0x36, 0x97, 0x42, 0xfb, 0x8d, 0xdf, 0x80, 0x21, 0x96, 0xaf, 0x48, 0xb8, 0x05,
-	0xbe, 0x60, 0x6c, 0xf8, 0x52, 0x62, 0xc3, 0x8f, 0x69, 0xa8, 0xda, 0x4e, 0x7f, 0x0a, 0xfa, 0x85,
-	0x9f, 0x59, 0x32, 0x22, 0x81, 0xc0, 0xc5, 0x12, 0x6e, 0xff, 0x7c, 0x11, 0x8c, 0xfc, 0x48, 0xe8,
-	0xf7, 0x2d, 0x98, 0x09, 0xb8, 0xfd, 0x79, 0x6d, 0xa1, 0x15, 0xb8, 0xde, 0x66, 0xa5, 0xba, 0x45,
-	0x6a, 0xad, 0xba, 0xeb, 0x6d, 0x2e, 0x6f, 0x7a, 0xbe, 0x2a, 0x5e, 0xbc, 0x4b, 0xaa, 0x2d, 0xa6,
-	0x1b, 0xee, 0x90, 0x8c, 0x49, 0xf9, 0x71, 0x3c, 0xbf, 0xbf, 0x57, 0x9a, 0xc1, 0x87, 0xa2, 0x8d,
-	0x0f, 0xd9, 0x17, 0xf4, 0xe7, 0x16, 0x5c, 0xe4, 0x79, 0x7a, 0xba, 0xef, 0x7f, 0x1b, 0x09, 0x47,
-	0x59, 0x92, 0x8a, 0x89, 0xac, 0x91, 0xa0, 0x31, 0xf7, 0xb2, 0x18, 0xd0, 0x8b, 0xe5, 0xc3, 0xb5,
-	0x85, 0x0f, 0xdb, 0x39, 0xfb, 0x7f, 0x2e, 0xc2, 0x88, 0x08, 0x13, 0x29, 0xee, 0x80, 0x97, 0x8c,
-	0x25, 0xf1, 0x68, 0x62, 0x49, 0x4c, 0x18, 0xc8, 0x0f, 0xe6, 0xf8, 0x0f, 0x61, 0x82, 0x1e, 0xce,
-	0x57, 0x89, 0x13, 0x44, 0xb7, 0x89, 0xc3, 0xad, 0x12, 0x8b, 0x87, 0x3e, 0xfd, 0x95, 0x78, 0xfc,
-	0x7a, 0x92, 0x18, 0x4e, 0xd3, 0xff, 0x5e, 0xba, 0x73, 0x3c, 0x18, 0x4f, 0x45, 0xfa, 0x7c, 0x1b,
-	0x06, 0x95, 0x93, 0x94, 0x38, 0x74, 0xda, 0x07, 0xcc, 0x4d, 0x52, 0xe0, 0x42, 0xcf, 0xd8, 0x41,
-	0x2f, 0x26, 0x67, 0xff, 0x66, 0xc1, 0x68, 0x90, 0x4f, 0xe2, 0x2a, 0x0c, 0x38, 0x21, 0x0b, 0xe2,
-	0x5d, 0x6b, 0x27, 0x97, 0x4e, 0x35, 0xc3, 0x1c, 0xd5, 0x66, 0x45, 0x4d, 0xac, 0x68, 0xa0, 0xab,
-	0xdc, 0xf6, 0x73, 0x87, 0xb4, 0x13, 0x4a, 0xa7, 0xa8, 0x81, 0xb4, 0x0e, 0xdd, 0x21, 0x58, 0xd4,
-	0x47, 0x9f, 0xe2, 0xc6, 0xb9, 0xd7, 0x3c, 0xff, 0x8e, 0x77, 0xc5, 0xf7, 0x65, 0x48, 0xa0, 0xee,
-	0x08, 0x4e, 0x48, 0x93, 0x5c, 0x55, 0x1d, 0x9b, 0xd4, 0xba, 0x0b, 0x9d, 0xfd, 0x39, 0x60, 0x79,
-	0x49, 0xcc, 0x98, 0x04, 0x21, 0x22, 0x30, 0x26, 0x62, 0x90, 0xca, 0x32, 0x31, 0x76, 0x99, 0xcf,
-	0x6f, 0xb3, 0x76, 0xac, 0xc7, 0xb9, 0x66, 0x92, 0xc0, 0x49, 0x9a, 0xf6, 0x16, 0x3f, 0x84, 0x97,
-	0x88, 0x13, 0xb5, 0x02, 0x12, 0xa2, 0x8f, 0xc3, 0x54, 0xfa, 0x65, 0x2c, 0xd4, 0x21, 0x16, 0xe3,
-	0x9e, 0x4f, 0xef, 0xef, 0x95, 0xa6, 0x2a, 0x39, 0x38, 0x38, 0xb7, 0xb6, 0xfd, 0x2b, 0x16, 0x30,
-	0x4f, 0xf0, 0x23, 0xe0, 0x7c, 0x3e, 0x66, 0x72, 0x3e, 0x53, 0x79, 0xd3, 0x99, 0xc3, 0xf4, 0xbc,
-	0xc8, 0xd7, 0x70, 0x39, 0xf0, 0xef, 0xee, 0x0a, 0xdb, 0xad, 0xce, 0xcf, 0x38, 0xfb, 0xcb, 0x16,
-	0xb0, 0x24, 0x3e, 0x98, 0xbf, 0xda, 0xa5, 0x82, 0xa3, 0xb3, 0x59, 0xc2, 0xc7, 0x61, 0x60, 0x43,
-	0x0c, 0x7f, 0x86, 0xd0, 0xc9, 0xe8, 0xb0, 0x49, 0x5b, 0x4e, 0x9a, 0xf0, 0xe8, 0x14, 0xff, 0xb0,
-	0xa2, 0x66, 0xff, 0xf7, 0x16, 0x4c, 0xe7, 0x57, 0x43, 0xeb, 0x70, 0x32, 0x20, 0xd5, 0x56, 0x10,
-	0xd2, 0x2d, 0x21, 0x1e, 0x40, 0xc2, 0x29, 0x8a, 0x4f, 0xf5, 0x23, 0xfb, 0x7b, 0xa5, 0x93, 0x38,
-	0x1b, 0x05, 0xe7, 0xd5, 0x45, 0xaf, 0xc0, 0x68, 0x2b, 0xe4, 0x9c, 0x1f, 0x63, 0xba, 0x42, 0x11,
-	0x29, 0x9a, 0xf9, 0x0d, 0xad, 0x1b, 0x10, 0x9c, 0xc0, 0xb4, 0x7f, 0x80, 0x2f, 0x47, 0x15, 0x2c,
-	0xba, 0x01, 0x13, 0x9e, 0xf6, 0x9f, 0xde, 0x80, 0xf2, 0xa9, 0xff, 0x78, 0xa7, 0x5b, 0x9f, 0x5d,
-	0x97, 0x9a, 0xaf, 0x7a, 0x82, 0x0c, 0x4e, 0x53, 0xb6, 0x7f, 0xc1, 0x82, 0x93, 0x3a, 0xa2, 0xe6,
-	0x0e, 0xd7, 0x49, 0x97, 0xb7, 0x00, 0x03, 0x7e, 0x93, 0x04, 0x4e, 0xe4, 0x07, 0xe2, 0x9a, 0xbb,
-	0x20, 0x57, 0xe8, 0x0d, 0x51, 0x7e, 0x20, 0x92, 0xd7, 0x48, 0xea, 0xb2, 0x1c, 0xab, 0x9a, 0xc8,
-	0x86, 0x3e, 0x26, 0x40, 0x0c, 0x85, 0xe3, 0x23, 0x3b, 0xb4, 0x98, 0x7d, 0x4a, 0x88, 0x05, 0xc4,
-	0xfe, 0x7b, 0x8b, 0xaf, 0x4f, 0xbd, 0xeb, 0xe8, 0x5d, 0x18, 0x6f, 0x38, 0x51, 0x75, 0x6b, 0xf1,
-	0x6e, 0x33, 0xe0, 0x2a, 0x5a, 0x39, 0x4e, 0xcf, 0x74, 0x1a, 0x27, 0xed, 0x23, 0x63, 0x03, 0xe9,
-	0x95, 0x04, 0x31, 0x9c, 0x22, 0x8f, 0x6e, 0xc3, 0x10, 0x2b, 0x63, 0x3e, 0xbd, 0x61, 0x3b, 0x5e,
-	0x26, 0xaf, 0x35, 0x65, 0xe2, 0xb3, 0x12, 0xd3, 0xc1, 0x3a, 0x51, 0xfb, 0xab, 0x45, 0x7e, 0x68,
-	0xb0, 0xb7, 0xc7, 0x53, 0xd0, 0xdf, 0xf4, 0x6b, 0xf3, 0xcb, 0x0b, 0x58, 0xcc, 0x82, 0xba, 0xf7,
-	0xca, 0xbc, 0x18, 0x4b, 0x38, 0xba, 0x00, 0x03, 0xe2, 0xa7, 0x54, 0xa9, 0xb3, 0x3d, 0x22, 0xf0,
-	0x42, 0xac, 0xa0, 0xe8, 0x79, 0x80, 0x66, 0xe0, 0xef, 0xb8, 0x35, 0x16, 0x89, 0xa9, 0x68, 0x5a,
-	0xe7, 0x95, 0x15, 0x04, 0x6b, 0x58, 0xe8, 0x55, 0x18, 0x69, 0x79, 0x21, 0xe7, 0x9f, 0xb4, 0x78,
-	0xf7, 0xca, 0x6e, 0x6c, 0x5d, 0x07, 0x62, 0x13, 0x17, 0xcd, 0x42, 0x5f, 0xe4, 0x30, 0x6b, 0xb3,
-	0xde, 0x7c, 0x23, 0xfa, 0x35, 0x8a, 0xa1, 0x67, 0x96, 0xa3, 0x15, 0xb0, 0xa8, 0x88, 0xde, 0x96,
-	0xee, 0xf5, 0xfc, 0x26, 0x12, 0xde, 0x2b, 0xdd, 0xdd, 0x5a, 0x9a, 0x73, 0xbd, 0xf0, 0x8a, 0x31,
-	0x68, 0xa1, 0x57, 0x00, 0xc8, 0xdd, 0x88, 0x04, 0x9e, 0x53, 0x57, 0x36, 0xa2, 0x8a, 0x91, 0x59,
-	0xf0, 0x57, 0xfd, 0x68, 0x3d, 0x24, 0x8b, 0x0a, 0x03, 0x6b, 0xd8, 0xf6, 0x8f, 0x0e, 0x01, 0xc4,
-	0x0f, 0x0d, 0x74, 0x0f, 0x06, 0xaa, 0x4e, 0xd3, 0xa9, 0xf2, 0xb4, 0xa9, 0xc5, 0x3c, 0xaf, 0xe7,
-	0xb8, 0xc6, 0xcc, 0xbc, 0x40, 0xe7, 0xca, 0x1b, 0x19, 0x32, 0x7c, 0x40, 0x16, 0x77, 0x54, 0xd8,
-	0xa8, 0xf6, 0xd0, 0x17, 0x2c, 0x18, 0x12, 0x91, 0x8e, 0xd8, 0x0c, 0x15, 0xf2, 0xf5, 0x6d, 0x5a,
-	0xfb, 0xb3, 0x71, 0x0d, 0xde, 0x85, 0x17, 0xe4, 0x0a, 0xd5, 0x20, 0x1d, 0x7b, 0xa1, 0x37, 0x8c,
-	0x3e, 0x2c, 0xdf, 0xb6, 0x45, 0x63, 0x28, 0xd5, 0xdb, 0x76, 0x90, 0x5d, 0x35, 0xfa, 0xb3, 0x76,
-	0xdd, 0x78, 0xd6, 0xf6, 0xe4, 0xfb, 0x0f, 0x1b, 0xfc, 0x76, 0xa7, 0x17, 0x2d, 0x2a, 0xeb, 0xb1,
-	0x44, 0x7a, 0xf3, 0x9d, 0x5e, 0xb5, 0x87, 0x5d, 0x87, 0x38, 0x22, 0x9f, 0x85, 0xb1, 0x9a, 0xc9,
-	0xb5, 0x88, 0x95, 0xf8, 0x64, 0x1e, 0xdd, 0x04, 0x93, 0x13, 0xf3, 0x29, 0x09, 0x00, 0x4e, 0x12,
-	0x46, 0x65, 0x1e, 0x5a, 0x66, 0xd9, 0xdb, 0xf0, 0x85, 0x07, 0x95, 0x9d, 0x3b, 0x97, 0xbb, 0x61,
-	0x44, 0x1a, 0x14, 0x33, 0x66, 0x12, 0x56, 0x45, 0x5d, 0xac, 0xa8, 0xa0, 0x37, 0xa1, 0x8f, 0x79,
-	0x3d, 0x86, 0x53, 0x03, 0xf9, 0x6a, 0x0d, 0x33, 0x12, 0x6a, 0xbc, 0x21, 0xd9, 0xdf, 0x10, 0x0b,
-	0x0a, 0xe8, 0xaa, 0xf4, 0x29, 0x0e, 0x97, 0xbd, 0xf5, 0x90, 0x30, 0x9f, 0xe2, 0xc1, 0xb9, 0xc7,
-	0x63, 0x77, 0x61, 0x5e, 0x9e, 0x99, 0x7f, 0xd6, 0xa8, 0x49, 0xd9, 0x3e, 0xf1, 0x5f, 0xa6, 0xb5,
-	0x15, 0x71, 0xdb, 0x32, 0xbb, 0x67, 0xa6, 0xbe, 0x8d, 0x87, 0xf3, 0xa6, 0x49, 0x02, 0x27, 0x69,
-	0x52, 0x16, 0x9a, 0xef, 0x7a, 0xe1, 0x83, 0xd5, 0xe9, 0xec, 0xe0, 0x92, 0x03, 0x76, 0x1b, 0xf1,
-	0x12, 0x2c, 0xea, 0x23, 0x17, 0xc6, 0x02, 0x83, 0xbd, 0x90, 0xe1, 0xd6, 0xce, 0x77, 0xc7, 0xc4,
-	0x68, 0x81, 0xfc, 0x4d, 0x32, 0x38, 0x49, 0x17, 0xbd, 0xa9, 0x31, 0x4a, 0x23, 0xed, 0x5f, 0xfe,
-	0x9d, 0x58, 0xa3, 0xe9, 0x6d, 0x18, 0x31, 0x0e, 0x9b, 0x87, 0xaa, 0x82, 0xf4, 0x60, 0x3c, 0x79,
-	0xb2, 0x3c, 0x54, 0xcd, 0xe3, 0xdf, 0xf6, 0xc0, 0xa8, 0xb9, 0x13, 0xd0, 0x45, 0x18, 0x14, 0x44,
-	0x54, 0x46, 0x2b, 0xb5, 0xb9, 0x57, 0x24, 0x00, 0xc7, 0x38, 0x2c, 0x91, 0x19, 0xab, 0xae, 0xf9,
-	0x0a, 0xc4, 0x89, 0xcc, 0x14, 0x04, 0x6b, 0x58, 0xf4, 0x01, 0x7b, 0xdb, 0xf7, 0x23, 0x75, 0x8f,
-	0xaa, 0xed, 0x32, 0xc7, 0x4a, 0xb1, 0x80, 0xd2, 0xfb, 0x73, 0x9b, 0x04, 0x1e, 0xa9, 0x9b, 0x29,
-	0x1d, 0xd4, 0xfd, 0x79, 0x4d, 0x07, 0x62, 0x13, 0x97, 0x72, 0x01, 0x7e, 0xc8, 0xf6, 0x9f, 0x78,
-	0x26, 0xc7, 0xbe, 0x17, 0x15, 0x1e, 0x45, 0x42, 0xc2, 0xd1, 0x27, 0xe0, 0xa4, 0x0a, 0x9f, 0x28,
-	0x56, 0x97, 0x6c, 0xb1, 0xcf, 0x90, 0x6a, 0x9d, 0x9c, 0xcf, 0x46, 0xc3, 0x79, 0xf5, 0xd1, 0xeb,
-	0x30, 0x2a, 0x9e, 0x52, 0x92, 0x62, 0xbf, 0x69, 0x48, 0x78, 0xcd, 0x80, 0xe2, 0x04, 0xb6, 0x4c,
-	0x4a, 0xc1, 0xde, 0x18, 0x92, 0xc2, 0x40, 0x3a, 0x29, 0x85, 0x0e, 0xc7, 0xa9, 0x1a, 0x68, 0x16,
-	0xc6, 0x38, 0xeb, 0xe8, 0x7a, 0x9b, 0x7c, 0x4e, 0x84, 0x67, 0xa7, 0xda, 0x54, 0x37, 0x4c, 0x30,
-	0x4e, 0xe2, 0xa3, 0xcb, 0x30, 0xec, 0x04, 0xd5, 0x2d, 0x37, 0x22, 0x55, 0xba, 0x33, 0x98, 0x2d,
-	0x9f, 0x66, 0x89, 0x39, 0xab, 0xc1, 0xb0, 0x81, 0x69, 0xdf, 0x83, 0xc9, 0x8c, 0xf0, 0x32, 0x74,
-	0xe1, 0x38, 0x4d, 0x57, 0x7e, 0x53, 0xc2, 0xdd, 0x61, 0xb6, 0xbc, 0x2c, 0xbf, 0x46, 0xc3, 0xa2,
-	0xab, 0x93, 0x85, 0xa1, 0xd1, 0x92, 0x6f, 0xab, 0xd5, 0xb9, 0x24, 0x01, 0x38, 0xc6, 0xb1, 0xff,
-	0xb9, 0x00, 0x63, 0x19, 0x0a, 0x3a, 0x96, 0x00, 0x3a, 0xf1, 0xd2, 0x8a, 0xf3, 0x3d, 0x9b, 0x39,
-	0x4e, 0x0a, 0x87, 0xc8, 0x71, 0x52, 0xec, 0x94, 0xe3, 0xa4, 0xe7, 0xbd, 0xe4, 0x38, 0x31, 0x47,
-	0xac, 0xb7, 0xab, 0x11, 0xcb, 0xc8, 0x8b, 0xd2, 0x77, 0xc8, 0xbc, 0x28, 0xc6, 0xa0, 0xf7, 0x77,
-	0x31, 0xe8, 0x3f, 0x5d, 0x80, 0xf1, 0xa4, 0x6e, 0xef, 0x08, 0xe4, 0xe3, 0x6f, 0x1a, 0xf2, 0xf1,
-	0x0b, 0xdd, 0x78, 0xe2, 0xe7, 0xca, 0xca, 0x71, 0x42, 0x56, 0xfe, 0x74, 0x57, 0xd4, 0xda, 0xcb,
-	0xcd, 0x7f, 0xb1, 0x00, 0xc7, 0x33, 0x55, 0x9e, 0x47, 0x30, 0x36, 0x37, 0x8c, 0xb1, 0x79, 0xae,
-	0xeb, 0x28, 0x05, 0xb9, 0x03, 0x74, 0x2b, 0x31, 0x40, 0x17, 0xbb, 0x27, 0xd9, 0x7e, 0x94, 0xbe,
-	0x55, 0x84, 0xb3, 0x99, 0xf5, 0x62, 0xf1, 0xf2, 0x92, 0x21, 0x5e, 0x7e, 0x3e, 0x21, 0x5e, 0xb6,
-	0xdb, 0xd7, 0x7e, 0x30, 0xf2, 0x66, 0xe1, 0xad, 0xcf, 0x62, 0x8e, 0xdc, 0xa7, 0xac, 0xd9, 0xf0,
-	0xd6, 0x57, 0x84, 0xb0, 0x49, 0xf7, 0x7b, 0x49, 0xc6, 0xfc, 0x67, 0x16, 0x9c, 0xca, 0x9c, 0x9b,
-	0x23, 0x90, 0xf4, 0xad, 0x9a, 0x92, 0xbe, 0xa7, 0xba, 0x5e, 0xad, 0x39, 0xa2, 0xbf, 0x2f, 0xf6,
-	0xe5, 0x7c, 0x0b, 0x13, 0x40, 0xdc, 0x80, 0x21, 0xa7, 0x5a, 0x25, 0x61, 0xb8, 0xe2, 0xd7, 0x54,
-	0x3a, 0x84, 0xe7, 0xd8, 0xf3, 0x30, 0x2e, 0x3e, 0xd8, 0x2b, 0x4d, 0x27, 0x49, 0xc4, 0x60, 0xac,
-	0x53, 0x40, 0x9f, 0x82, 0x81, 0x50, 0x66, 0xb2, 0xec, 0xb9, 0xff, 0x4c, 0x96, 0x8c, 0xc9, 0x55,
-	0x02, 0x16, 0x45, 0x12, 0x7d, 0xbf, 0x1e, 0xfd, 0xa9, 0x8d, 0x68, 0x91, 0x77, 0xf2, 0x3e, 0x62,
-	0x40, 0x3d, 0x0f, 0xb0, 0xa3, 0x5e, 0x32, 0x49, 0xe1, 0x89, 0xf6, 0xc6, 0xd1, 0xb0, 0xd0, 0x1b,
-	0x30, 0x1e, 0xf2, 0xc0, 0xa7, 0xb1, 0x91, 0x0a, 0x5f, 0x8b, 0x2c, 0x76, 0x5c, 0x25, 0x01, 0xc3,
-	0x29, 0x6c, 0xb4, 0x24, 0x5b, 0x65, 0xe6, 0x48, 0x7c, 0x79, 0x9e, 0x8f, 0x5b, 0x14, 0x26, 0x49,
-	0xc7, 0x92, 0x93, 0xc0, 0x86, 0x5f, 0xab, 0x89, 0x3e, 0x05, 0x40, 0x17, 0x91, 0x10, 0xa2, 0xf4,
-	0xe7, 0x1f, 0xa1, 0xf4, 0x6c, 0xa9, 0x65, 0x7a, 0x32, 0x30, 0x37, 0xfb, 0x05, 0x45, 0x04, 0x6b,
-	0x04, 0x91, 0x03, 0x23, 0xf1, 0xbf, 0x38, 0x47, 0xfb, 0x85, 0xdc, 0x16, 0x92, 0xc4, 0x99, 0x82,
-	0x61, 0x41, 0x27, 0x81, 0x4d, 0x8a, 0xe8, 0x93, 0x70, 0x6a, 0x27, 0xd7, 0xf2, 0x87, 0x73, 0x82,
-	0x2c, 0xe9, 0x7a, 0xbe, 0xbd, 0x4f, 0x7e, 0x7d, 0xfb, 0x7f, 0x07, 0x78, 0xa4, 0xcd, 0x49, 0x8f,
-	0x66, 0x4d, 0xad, 0xfd, 0x33, 0x49, 0xc9, 0xc6, 0x74, 0x66, 0x65, 0x43, 0xd4, 0x91, 0xd8, 0x50,
-	0x85, 0xf7, 0xbc, 0xa1, 0x7e, 0xc2, 0xd2, 0x64, 0x4e, 0xdc, 0xa6, 0xfb, 0x63, 0x87, 0xbc, 0xc1,
-	0x1e, 0xa0, 0x10, 0x6a, 0x23, 0x43, 0x92, 0xf3, 0x7c, 0xd7, 0xdd, 0xe9, 0x5e, 0xb4, 0xf3, 0xf5,
-	0xec, 0x80, 0xef, 0x5c, 0xc8, 0x73, 0xe5, 0xb0, 0xdf, 0x7f, 0x54, 0xc1, 0xdf, 0xbf, 0x69, 0xc1,
-	0xa9, 0x54, 0x31, 0xef, 0x03, 0x09, 0x45, 0xb4, 0xbb, 0xd5, 0xf7, 0xdc, 0x79, 0x49, 0x90, 0x7f,
-	0xc3, 0x55, 0xf1, 0x0d, 0xa7, 0x72, 0xf1, 0x92, 0x5d, 0xff, 0xd2, 0xdf, 0x94, 0x26, 0x59, 0x03,
-	0x26, 0x22, 0xce, 0xef, 0x3a, 0x6a, 0xc2, 0xb9, 0x6a, 0x2b, 0x08, 0xe2, 0xc5, 0x9a, 0xb1, 0x39,
-	0xf9, 0x5b, 0xef, 0xf1, 0xfd, 0xbd, 0xd2, 0xb9, 0xf9, 0x0e, 0xb8, 0xb8, 0x23, 0x35, 0xe4, 0x01,
-	0x6a, 0xa4, 0xec, 0xeb, 0xd8, 0x01, 0x90, 0x23, 0x87, 0x49, 0x5b, 0xe3, 0x71, 0x4b, 0xd9, 0x0c,
-	0x2b, 0xbd, 0x0c, 0xca, 0x47, 0x2b, 0x3d, 0xf9, 0xce, 0xc4, 0xa5, 0x9f, 0xbe, 0x0e, 0x67, 0xdb,
-	0x2f, 0xa6, 0x43, 0x85, 0x72, 0xf8, 0x4b, 0x0b, 0xce, 0xb4, 0x8d, 0x17, 0xf6, 0x5d, 0xf8, 0x58,
-	0xb0, 0x3f, 0x6f, 0xc1, 0xa3, 0x99, 0x35, 0x92, 0x4e, 0x78, 0x55, 0x5a, 0xa8, 0x99, 0xa3, 0xc6,
-	0x91, 0x73, 0x24, 0x00, 0xc7, 0x38, 0x86, 0xc5, 0x66, 0xa1, 0xa3, 0xc5, 0xe6, 0x1f, 0x59, 0x90,
-	0xba, 0xea, 0x8f, 0x80, 0xf3, 0x5c, 0x36, 0x39, 0xcf, 0xc7, 0xbb, 0x19, 0xcd, 0x1c, 0xa6, 0xf3,
-	0x1f, 0xc7, 0xe0, 0x44, 0x8e, 0x27, 0xf6, 0x0e, 0x4c, 0x6c, 0x56, 0x89, 0x19, 0x7a, 0xa3, 0x5d,
-	0x48, 0xba, 0xb6, 0x71, 0x3a, 0xe6, 0x8e, 0xef, 0xef, 0x95, 0x26, 0x52, 0x28, 0x38, 0xdd, 0x04,
-	0xfa, 0xbc, 0x05, 0xc7, 0x9c, 0x3b, 0xe1, 0x22, 0x7d, 0x41, 0xb8, 0xd5, 0xb9, 0xba, 0x5f, 0xdd,
-	0xa6, 0x8c, 0x99, 0xdc, 0x56, 0x2f, 0x66, 0x0a, 0xa3, 0x6f, 0x55, 0x52, 0xf8, 0x46, 0xf3, 0x53,
-	0xfb, 0x7b, 0xa5, 0x63, 0x59, 0x58, 0x38, 0xb3, 0x2d, 0x84, 0x45, 0xc6, 0x2f, 0x27, 0xda, 0x6a,
-	0x17, 0x1c, 0x26, 0xcb, 0x65, 0x9e, 0xb3, 0xc4, 0x12, 0x82, 0x15, 0x1d, 0xf4, 0x19, 0x18, 0xdc,
-	0x94, 0x71, 0x20, 0x32, 0x58, 0xee, 0x78, 0x20, 0xdb, 0x47, 0xc7, 0xe0, 0x26, 0x30, 0x0a, 0x09,
-	0xc7, 0x44, 0xd1, 0xeb, 0x50, 0xf4, 0x36, 0x42, 0x11, 0xa2, 0x2e, 0xdb, 0x12, 0xd7, 0xb4, 0x75,
-	0xe6, 0x21, 0x98, 0x56, 0x97, 0x2a, 0x98, 0x56, 0x44, 0x57, 0xa1, 0x18, 0xdc, 0xae, 0x09, 0x4d,
-	0x4a, 0xe6, 0x26, 0xc5, 0x73, 0x0b, 0x39, 0xbd, 0x62, 0x94, 0xf0, 0xdc, 0x02, 0xa6, 0x24, 0x50,
-	0x19, 0x7a, 0x99, 0xfb, 0xb2, 0x60, 0x6d, 0x33, 0x9f, 0xf2, 0x6d, 0xc2, 0x00, 0x70, 0x8f, 0x44,
-	0x86, 0x80, 0x39, 0x21, 0xb4, 0x06, 0x7d, 0x55, 0xd7, 0xab, 0x91, 0x40, 0xf0, 0xb2, 0x1f, 0xce,
-	0xd4, 0x99, 0x30, 0x8c, 0x1c, 0x9a, 0x5c, 0x85, 0xc0, 0x30, 0xb0, 0xa0, 0xc5, 0xa8, 0x92, 0xe6,
-	0xd6, 0x86, 0xbc, 0xb1, 0xb2, 0xa9, 0x92, 0xe6, 0xd6, 0x52, 0xa5, 0x2d, 0x55, 0x86, 0x81, 0x05,
-	0x2d, 0xf4, 0x0a, 0x14, 0x36, 0xaa, 0xc2, 0x35, 0x39, 0x53, 0x79, 0x62, 0x46, 0xd1, 0x9a, 0xeb,
-	0xdb, 0xdf, 0x2b, 0x15, 0x96, 0xe6, 0x71, 0x61, 0xa3, 0x8a, 0x56, 0xa1, 0x7f, 0x83, 0xc7, 0xdd,
-	0x11, 0xfa, 0x91, 0x27, 0xb3, 0x43, 0x02, 0xa5, 0x42, 0xf3, 0x70, 0xef, 0x52, 0x01, 0xc0, 0x92,
-	0x08, 0x4b, 0x40, 0xa5, 0xe2, 0x07, 0x89, 0xf0, 0xa5, 0x33, 0x87, 0x8b, 0xf9, 0xc4, 0x9f, 0x1a,
-	0x71, 0x14, 0x22, 0xac, 0x51, 0xa4, 0xab, 0xda, 0xb9, 0xd7, 0x0a, 0x58, 0x6e, 0x0b, 0xa1, 0x1a,
-	0xc9, 0x5c, 0xd5, 0xb3, 0x12, 0xa9, 0xdd, 0xaa, 0x56, 0x48, 0x38, 0x26, 0x8a, 0xb6, 0x61, 0x64,
-	0x27, 0x6c, 0x6e, 0x11, 0xb9, 0xa5, 0x59, 0xd8, 0xbb, 0x1c, 0x6e, 0xf6, 0xa6, 0x40, 0x74, 0x83,
-	0xa8, 0xe5, 0xd4, 0x53, 0xa7, 0x10, 0x7b, 0xd6, 0xdc, 0xd4, 0x89, 0x61, 0x93, 0x36, 0x1d, 0xfe,
-	0x77, 0x5b, 0xfe, 0xed, 0xdd, 0x88, 0x88, 0xa8, 0xa3, 0x99, 0xc3, 0xff, 0x16, 0x47, 0x49, 0x0f,
-	0xbf, 0x00, 0x60, 0x49, 0x04, 0xdd, 0x14, 0xc3, 0xc3, 0x4e, 0xcf, 0xf1, 0xfc, 0x90, 0xe6, 0xb3,
-	0x12, 0x29, 0x67, 0x50, 0xd8, 0x69, 0x19, 0x93, 0x62, 0xa7, 0x64, 0x73, 0xcb, 0x8f, 0x7c, 0x2f,
-	0x71, 0x42, 0x4f, 0xe4, 0x9f, 0x92, 0xe5, 0x0c, 0xfc, 0xf4, 0x29, 0x99, 0x85, 0x85, 0x33, 0xdb,
-	0x42, 0x35, 0x18, 0x6d, 0xfa, 0x41, 0x74, 0xc7, 0x0f, 0xe4, 0xfa, 0x42, 0x6d, 0x04, 0xa5, 0x06,
-	0xa6, 0x68, 0x91, 0x19, 0xe6, 0x98, 0x10, 0x9c, 0xa0, 0x89, 0x3e, 0x0e, 0xfd, 0x61, 0xd5, 0xa9,
-	0x93, 0xe5, 0x1b, 0x53, 0x93, 0xf9, 0xd7, 0x4f, 0x85, 0xa3, 0xe4, 0xac, 0x2e, 0x1e, 0x36, 0x89,
-	0xa3, 0x60, 0x49, 0x0e, 0x2d, 0x41, 0x2f, 0x4b, 0xec, 0xcc, 0x42, 0xe4, 0xe6, 0x44, 0x66, 0x4f,
-	0xb9, 0xd5, 0xf0, 0xb3, 0x89, 0x15, 0x63, 0x5e, 0x9d, 0xee, 0x01, 0x21, 0x29, 0xf0, 0xc3, 0xa9,
-	0xe3, 0xf9, 0x7b, 0x40, 0x08, 0x18, 0x6e, 0x54, 0xda, 0xed, 0x01, 0x85, 0x84, 0x63, 0xa2, 0xf4,
-	0x64, 0xa6, 0xa7, 0xe9, 0x89, 0x36, 0x26, 0x93, 0xb9, 0x67, 0x29, 0x3b, 0x99, 0xe9, 0x49, 0x4a,
-	0x49, 0xd8, 0x7f, 0x30, 0x90, 0xe6, 0x59, 0x98, 0x84, 0xe9, 0x3f, 0xb7, 0x52, 0x36, 0x13, 0x1f,
-	0xe9, 0x56, 0xe0, 0xfd, 0x00, 0x1f, 0xae, 0x9f, 0xb7, 0xe0, 0x44, 0x33, 0xf3, 0x43, 0x04, 0x03,
-	0xd0, 0x9d, 0xdc, 0x9c, 0x7f, 0xba, 0x0a, 0xa7, 0x9c, 0x0d, 0xc7, 0x39, 0x2d, 0x25, 0x85, 0x03,
-	0xc5, 0xf7, 0x2c, 0x1c, 0x58, 0x81, 0x81, 0x2a, 0x7f, 0xc9, 0xc9, 0x34, 0x00, 0x5d, 0x05, 0x03,
-	0x65, 0xac, 0x84, 0x78, 0x02, 0x6e, 0x60, 0x45, 0x02, 0xfd, 0xa4, 0x05, 0x67, 0x92, 0x5d, 0xc7,
-	0x84, 0x81, 0x85, 0xc1, 0x24, 0x17, 0x6b, 0x2d, 0x89, 0xef, 0x4f, 0xf1, 0xff, 0x06, 0xf2, 0x41,
-	0x27, 0x04, 0xdc, 0xbe, 0x31, 0xb4, 0x90, 0x21, 0x57, 0xeb, 0x33, 0x35, 0x8a, 0x5d, 0xc8, 0xd6,
-	0x5e, 0x84, 0xe1, 0x86, 0xdf, 0xf2, 0x22, 0x61, 0xf7, 0x28, 0x8c, 0xa7, 0x98, 0xd1, 0xd0, 0x8a,
-	0x56, 0x8e, 0x0d, 0xac, 0x84, 0x44, 0x6e, 0xe0, 0xbe, 0x25, 0x72, 0xef, 0xc0, 0xb0, 0xa7, 0xb9,
-	0x04, 0xb4, 0x7b, 0xc1, 0x0a, 0xe9, 0xa2, 0x86, 0xcd, 0x7b, 0xa9, 0x97, 0x60, 0x83, 0x5a, 0x7b,
-	0x69, 0x19, 0xbc, 0x37, 0x69, 0xd9, 0x91, 0x3e, 0x89, 0xed, 0x5f, 0x2f, 0x64, 0xbc, 0x18, 0xb8,
-	0x54, 0xee, 0x35, 0x53, 0x2a, 0x77, 0x3e, 0x29, 0x95, 0x4b, 0xa9, 0xaa, 0x0c, 0x81, 0x5c, 0xf7,
-	0x19, 0x25, 0xbb, 0x0e, 0xf0, 0xfc, 0xc3, 0x16, 0x9c, 0x64, 0xba, 0x0f, 0xda, 0xc0, 0x7b, 0xd6,
-	0x77, 0x30, 0x93, 0xd4, 0xeb, 0xd9, 0xe4, 0x70, 0x5e, 0x3b, 0x76, 0x1d, 0xce, 0x75, 0xba, 0x77,
-	0x99, 0x85, 0x6f, 0x4d, 0x19, 0x47, 0xc4, 0x16, 0xbe, 0xb5, 0xe5, 0x05, 0xcc, 0x20, 0xdd, 0x86,
-	0x2f, 0xb4, 0xff, 0x7f, 0x0b, 0x8a, 0x65, 0xbf, 0x76, 0x04, 0x2f, 0xfa, 0x8f, 0x19, 0x2f, 0xfa,
-	0x47, 0xb2, 0x6f, 0xfc, 0x5a, 0xae, 0xb2, 0x6f, 0x31, 0xa1, 0xec, 0x3b, 0x93, 0x47, 0xa0, 0xbd,
-	0x6a, 0xef, 0x97, 0x8a, 0x30, 0x54, 0xf6, 0x6b, 0x6a, 0x9f, 0xfd, 0xaf, 0xf7, 0xe3, 0xc8, 0x93,
-	0x9b, 0x7d, 0x4a, 0xa3, 0xcc, 0x2c, 0x7a, 0x65, 0xdc, 0x89, 0xef, 0x32, 0x7f, 0x9e, 0x5b, 0xc4,
-	0xdd, 0xdc, 0x8a, 0x48, 0x2d, 0xf9, 0x39, 0x47, 0xe7, 0xcf, 0xf3, 0xed, 0x22, 0x8c, 0x25, 0x5a,
-	0x47, 0x75, 0x18, 0xa9, 0xeb, 0xaa, 0x24, 0xb1, 0x4e, 0xef, 0x4b, 0x0b, 0x25, 0xfc, 0x21, 0xb4,
-	0x22, 0x6c, 0x12, 0x47, 0x33, 0x00, 0x9e, 0x6e, 0x15, 0xae, 0x02, 0x15, 0x6b, 0x16, 0xe1, 0x1a,
-	0x06, 0x7a, 0x09, 0x86, 0x22, 0xbf, 0xe9, 0xd7, 0xfd, 0xcd, 0xdd, 0x6b, 0x44, 0x46, 0xb6, 0x54,
-	0x46, 0xc3, 0x6b, 0x31, 0x08, 0xeb, 0x78, 0xe8, 0x2e, 0x4c, 0x28, 0x22, 0x95, 0x07, 0xa0, 0x5e,
-	0x63, 0x62, 0x93, 0xd5, 0x24, 0x45, 0x9c, 0x6e, 0x04, 0xbd, 0x02, 0xa3, 0xcc, 0x7a, 0x99, 0xd5,
-	0xbf, 0x46, 0x76, 0x65, 0xc4, 0x63, 0xc6, 0x61, 0xaf, 0x18, 0x10, 0x9c, 0xc0, 0x44, 0xf3, 0x30,
-	0xd1, 0x70, 0xc3, 0x44, 0xf5, 0x3e, 0x56, 0x9d, 0x75, 0x60, 0x25, 0x09, 0xc4, 0x69, 0x7c, 0xfb,
-	0x57, 0xc5, 0x1c, 0x7b, 0x91, 0xfb, 0xc1, 0x76, 0x7c, 0x7f, 0x6f, 0xc7, 0x6f, 0x59, 0x30, 0x4e,
-	0x5b, 0x67, 0x26, 0x99, 0x92, 0x91, 0x52, 0x39, 0x31, 0xac, 0x36, 0x39, 0x31, 0xce, 0xd3, 0x63,
-	0xbb, 0xe6, 0xb7, 0x22, 0x21, 0x1d, 0xd5, 0xce, 0x65, 0x5a, 0x8a, 0x05, 0x54, 0xe0, 0x91, 0x20,
-	0x10, 0x7e, 0xef, 0x3a, 0x1e, 0x09, 0x02, 0x2c, 0xa0, 0x32, 0x65, 0x46, 0x4f, 0x76, 0xca, 0x0c,
-	0x1e, 0xf9, 0x5c, 0x58, 0xc1, 0x09, 0x96, 0x56, 0x8b, 0x7c, 0x2e, 0xcd, 0xe3, 0x62, 0x1c, 0xfb,
-	0xeb, 0x45, 0x18, 0x2e, 0xfb, 0xb5, 0xd8, 0xb0, 0xe3, 0x45, 0xc3, 0xb0, 0xe3, 0x5c, 0xc2, 0xb0,
-	0x63, 0x5c, 0xc7, 0xfd, 0xc0, 0x8c, 0xe3, 0x3b, 0x65, 0xc6, 0xf1, 0x87, 0x16, 0x9b, 0xb5, 0x85,
-	0xd5, 0x0a, 0xb7, 0xf0, 0x45, 0x97, 0x60, 0x88, 0x9d, 0x70, 0x2c, 0xd0, 0x82, 0xb4, 0x76, 0x60,
-	0x29, 0x2c, 0x57, 0xe3, 0x62, 0xac, 0xe3, 0xa0, 0x0b, 0x30, 0x10, 0x12, 0x27, 0xa8, 0x6e, 0xa9,
-	0xe3, 0x5d, 0x98, 0x26, 0xf0, 0x32, 0xac, 0xa0, 0xe8, 0xad, 0x38, 0xe8, 0x76, 0x31, 0xdf, 0x5c,
-	0x58, 0xef, 0x0f, 0xdf, 0x22, 0xf9, 0x91, 0xb6, 0xed, 0x5b, 0x80, 0xd2, 0xf8, 0x5d, 0xf8, 0x5f,
-	0x95, 0xcc, 0xb0, 0xb0, 0x83, 0xa9, 0x90, 0xb0, 0xff, 0x62, 0xc1, 0x68, 0xd9, 0xaf, 0xd1, 0xad,
-	0xfb, 0xbd, 0xb4, 0x4f, 0xf5, 0x8c, 0x03, 0x7d, 0x6d, 0x32, 0x0e, 0x3c, 0x06, 0xbd, 0x65, 0xbf,
-	0xd6, 0x21, 0x74, 0xed, 0x7f, 0x63, 0x41, 0x7f, 0xd9, 0xaf, 0x1d, 0x81, 0xe2, 0xe5, 0x35, 0x53,
-	0xf1, 0x72, 0x32, 0x67, 0xdd, 0xe4, 0xe8, 0x5a, 0xfe, 0xa4, 0x07, 0x46, 0x68, 0x3f, 0xfd, 0x4d,
-	0x39, 0x95, 0xc6, 0xb0, 0x59, 0x5d, 0x0c, 0x1b, 0x7d, 0x06, 0xf8, 0xf5, 0xba, 0x7f, 0x27, 0x39,
-	0xad, 0x4b, 0xac, 0x14, 0x0b, 0x28, 0x7a, 0x16, 0x06, 0x9a, 0x01, 0xd9, 0x71, 0x7d, 0xc1, 0x5f,
-	0x6b, 0x6a, 0xac, 0xb2, 0x28, 0xc7, 0x0a, 0x83, 0x3e, 0xbc, 0x43, 0xd7, 0xa3, 0xbc, 0x44, 0xd5,
-	0xf7, 0x6a, 0x5c, 0x37, 0x51, 0x14, 0x69, 0xb1, 0xb4, 0x72, 0x6c, 0x60, 0xa1, 0x5b, 0x30, 0xc8,
-	0xfe, 0xb3, 0x63, 0xa7, 0xf7, 0xd0, 0xc7, 0x8e, 0x48, 0x14, 0x2c, 0x08, 0xe0, 0x98, 0x16, 0x7a,
-	0x1e, 0x20, 0x92, 0xa9, 0x65, 0x42, 0x11, 0xc2, 0x54, 0xbd, 0x45, 0x54, 0xd2, 0x99, 0x10, 0x6b,
-	0x58, 0xe8, 0x19, 0x18, 0x8c, 0x1c, 0xb7, 0x7e, 0xdd, 0xf5, 0x98, 0xfe, 0x9e, 0xf6, 0x5f, 0xe4,
-	0xeb, 0x15, 0x85, 0x38, 0x86, 0x53, 0x5e, 0x90, 0xc5, 0x84, 0x9a, 0xdb, 0x8d, 0x44, 0x6a, 0xba,
-	0x22, 0xe7, 0x05, 0xaf, 0xab, 0x52, 0xac, 0x61, 0xa0, 0x2d, 0x38, 0xed, 0x7a, 0x2c, 0x85, 0x14,
-	0xa9, 0x6c, 0xbb, 0xcd, 0xb5, 0xeb, 0x95, 0x9b, 0x24, 0x70, 0x37, 0x76, 0xe7, 0x9c, 0xea, 0x36,
-	0xf1, 0x64, 0x42, 0xfc, 0xc7, 0x45, 0x17, 0x4f, 0x2f, 0xb7, 0xc1, 0xc5, 0x6d, 0x29, 0x21, 0x9b,
-	0x6e, 0xc7, 0x80, 0x38, 0x0d, 0x21, 0x13, 0xe0, 0xe9, 0x67, 0x58, 0x09, 0x16, 0x10, 0xfb, 0x05,
-	0xb6, 0x27, 0x6e, 0x54, 0xd0, 0xd3, 0xc6, 0xf1, 0x72, 0x42, 0x3f, 0x5e, 0x0e, 0xf6, 0x4a, 0x7d,
-	0x37, 0x2a, 0x5a, 0x7c, 0xa0, 0xcb, 0x70, 0xbc, 0xec, 0xd7, 0xca, 0x7e, 0x10, 0x2d, 0xf9, 0xc1,
-	0x1d, 0x27, 0xa8, 0xc9, 0x25, 0x58, 0x92, 0x11, 0x92, 0xe8, 0x19, 0xdb, 0xcb, 0x4f, 0x20, 0x23,
-	0xfa, 0xd1, 0x0b, 0x8c, 0xab, 0x3b, 0xa4, 0x43, 0x6a, 0x95, 0xf1, 0x17, 0x2a, 0x51, 0xdb, 0x15,
-	0x27, 0x22, 0xe8, 0x06, 0x8c, 0x54, 0xf5, 0xab, 0x56, 0x54, 0x7f, 0x4a, 0x5e, 0x76, 0xc6, 0x3d,
-	0x9c, 0x79, 0x37, 0x9b, 0xf5, 0xed, 0x6f, 0x5a, 0xa2, 0x15, 0x2e, 0xad, 0xe0, 0x76, 0xaf, 0x9d,
-	0xcf, 0xdc, 0x79, 0x98, 0x08, 0xf4, 0x2a, 0x9a, 0xfd, 0xd8, 0x71, 0x9e, 0xf9, 0x26, 0x01, 0xc4,
-	0x69, 0x7c, 0xf4, 0x49, 0x38, 0x65, 0x14, 0x4a, 0x55, 0xba, 0x96, 0x7f, 0x9a, 0xc9, 0x73, 0x70,
-	0x1e, 0x12, 0xce, 0xaf, 0x6f, 0xff, 0x20, 0x9c, 0x48, 0x7e, 0x97, 0x90, 0xb0, 0xdc, 0xe7, 0xd7,
-	0x15, 0x0e, 0xf7, 0x75, 0xf6, 0x4b, 0x30, 0x41, 0x9f, 0xde, 0x8a, 0x8d, 0x64, 0xf3, 0xd7, 0x39,
-	0x08, 0xd5, 0x6f, 0x0e, 0xb0, 0x6b, 0x30, 0x91, 0x7d, 0x0d, 0x7d, 0x1a, 0x46, 0x43, 0xc2, 0x22,
-	0xaf, 0x49, 0xc9, 0x5e, 0x1b, 0x6f, 0xf2, 0xca, 0xa2, 0x8e, 0xc9, 0x5f, 0x2f, 0x66, 0x19, 0x4e,
-	0x50, 0x43, 0x0d, 0x18, 0xbd, 0xe3, 0x7a, 0x35, 0xff, 0x4e, 0x28, 0xe9, 0x0f, 0xe4, 0xab, 0x09,
-	0x6e, 0x71, 0xcc, 0x44, 0x1f, 0x8d, 0xe6, 0x6e, 0x19, 0xc4, 0x70, 0x82, 0x38, 0x3d, 0x6a, 0x82,
-	0x96, 0x37, 0x1b, 0xae, 0x87, 0x24, 0x10, 0x71, 0xe1, 0xd8, 0x51, 0x83, 0x65, 0x21, 0x8e, 0xe1,
-	0xf4, 0xa8, 0x61, 0x7f, 0x98, 0x3b, 0x3a, 0x3b, 0xcb, 0xc4, 0x51, 0x83, 0x55, 0x29, 0xd6, 0x30,
-	0xe8, 0x51, 0xcc, 0xfe, 0xad, 0xfa, 0x1e, 0xf6, 0xfd, 0x48, 0x1e, 0xde, 0x2c, 0x55, 0xa5, 0x56,
-	0x8e, 0x0d, 0xac, 0x9c, 0x28, 0x74, 0x3d, 0x87, 0x8d, 0x42, 0x87, 0xa2, 0x36, 0x1e, 0xf8, 0x3c,
-	0x1a, 0xf2, 0xe5, 0x76, 0x1e, 0xf8, 0x07, 0xf7, 0xe5, 0x9d, 0x4f, 0x79, 0x81, 0x0d, 0x31, 0x40,
-	0xbd, 0x3c, 0xcc, 0x1e, 0x53, 0x64, 0x56, 0xf8, 0xe8, 0x48, 0x18, 0x5a, 0x84, 0xfe, 0x70, 0x37,
-	0xac, 0x46, 0xf5, 0xb0, 0x5d, 0x3a, 0xd2, 0x0a, 0x43, 0xd1, 0xb2, 0x61, 0xf3, 0x2a, 0x58, 0xd6,
-	0x45, 0x55, 0x98, 0x14, 0x14, 0xe7, 0xb7, 0x1c, 0x4f, 0x25, 0x49, 0xe4, 0x16, 0x8b, 0x97, 0xf6,
-	0xf7, 0x4a, 0x93, 0xa2, 0x65, 0x1d, 0x7c, 0xb0, 0x57, 0xa2, 0x5b, 0x32, 0x03, 0x82, 0xb3, 0xa8,
-	0xf1, 0x25, 0x5f, 0xad, 0xfa, 0x8d, 0x66, 0x39, 0xf0, 0x37, 0xdc, 0x3a, 0x69, 0xa7, 0x0c, 0xae,
-	0x18, 0x98, 0x62, 0xc9, 0x1b, 0x65, 0x38, 0x41, 0x0d, 0xdd, 0x86, 0x31, 0xa7, 0xd9, 0x9c, 0x0d,
-	0x1a, 0x7e, 0x20, 0x1b, 0x18, 0xca, 0xd7, 0x2a, 0xcc, 0x9a, 0xa8, 0x3c, 0x47, 0x62, 0xa2, 0x10,
-	0x27, 0x09, 0xd2, 0x81, 0x12, 0x1b, 0xcd, 0x18, 0xa8, 0x91, 0x78, 0xa0, 0xc4, 0xbe, 0xcc, 0x18,
-	0xa8, 0x0c, 0x08, 0xce, 0xa2, 0x66, 0xff, 0x00, 0x63, 0xfc, 0x2b, 0xee, 0xa6, 0xc7, 0x9c, 0xe3,
-	0x50, 0x03, 0x46, 0x9a, 0xec, 0xd8, 0x17, 0xf9, 0xcb, 0xc4, 0x51, 0xf1, 0x62, 0x97, 0xc2, 0xcb,
-	0x3b, 0x2c, 0x03, 0xab, 0x61, 0xc4, 0x5a, 0xd6, 0xc9, 0x61, 0x93, 0xba, 0xfd, 0x8b, 0xd3, 0x8c,
-	0x75, 0xac, 0x70, 0x89, 0x64, 0xbf, 0x70, 0x55, 0x14, 0x32, 0x88, 0xe9, 0x7c, 0xd9, 0x7f, 0xbc,
-	0xbe, 0x84, 0xbb, 0x23, 0x96, 0x75, 0xd1, 0xa7, 0x60, 0x94, 0x3e, 0xe9, 0x15, 0xfb, 0x16, 0x4e,
-	0x1d, 0xcb, 0x8f, 0x81, 0xa5, 0xb0, 0xf4, 0xdc, 0x86, 0x7a, 0x65, 0x9c, 0x20, 0x86, 0xde, 0x62,
-	0x76, 0x9d, 0x92, 0x74, 0xa1, 0x1b, 0xd2, 0xba, 0x09, 0xa7, 0x24, 0xab, 0x11, 0x41, 0x2d, 0x98,
-	0x4c, 0x67, 0x70, 0x0e, 0xa7, 0xec, 0xfc, 0xb7, 0x51, 0x3a, 0x09, 0x73, 0x9c, 0x84, 0x2e, 0x0d,
-	0x0b, 0x71, 0x16, 0x7d, 0x74, 0x3d, 0x99, 0x5f, 0xb7, 0x68, 0x68, 0x0d, 0x52, 0x39, 0x76, 0x47,
-	0xda, 0xa6, 0xd6, 0xdd, 0x84, 0x33, 0x5a, 0x8a, 0xd2, 0x2b, 0x81, 0xc3, 0xec, 0x8a, 0x5c, 0x76,
-	0x1b, 0x69, 0x4c, 0xed, 0xa3, 0xfb, 0x7b, 0xa5, 0x33, 0x6b, 0xed, 0x10, 0x71, 0x7b, 0x3a, 0xe8,
-	0x06, 0x1c, 0xe7, 0x11, 0x5c, 0x16, 0x88, 0x53, 0xab, 0xbb, 0x9e, 0xe2, 0x9a, 0xf9, 0xd9, 0x75,
-	0x6a, 0x7f, 0xaf, 0x74, 0x7c, 0x36, 0x0b, 0x01, 0x67, 0xd7, 0x43, 0xaf, 0xc1, 0x60, 0xcd, 0x93,
-	0xa7, 0x6c, 0x9f, 0x91, 0x05, 0x76, 0x70, 0x61, 0xb5, 0xa2, 0xbe, 0x3f, 0xfe, 0x83, 0xe3, 0x0a,
-	0x68, 0x93, 0xab, 0xad, 0x94, 0xac, 0xb1, 0x3f, 0x15, 0xd8, 0x33, 0x29, 0x8e, 0x37, 0x42, 0x22,
-	0x70, 0x7d, 0xad, 0x72, 0xb9, 0x33, 0xa2, 0x25, 0x18, 0x84, 0xd1, 0x9b, 0x80, 0x44, 0xb6, 0xa1,
-	0xd9, 0x2a, 0x4b, 0x8e, 0xa7, 0xd9, 0x92, 0x2a, 0x11, 0x42, 0x25, 0x85, 0x81, 0x33, 0x6a, 0xa1,
-	0xab, 0xf4, 0x78, 0xd4, 0x4b, 0xc5, 0xf1, 0xab, 0x72, 0x8d, 0x2f, 0x90, 0x66, 0x40, 0x98, 0xf9,
-	0xa3, 0x49, 0x11, 0x27, 0xea, 0xa1, 0x1a, 0x9c, 0x76, 0x5a, 0x91, 0xcf, 0x34, 0x82, 0x26, 0xea,
-	0x9a, 0xbf, 0x4d, 0x3c, 0xa6, 0x8c, 0x1f, 0x60, 0x01, 0x43, 0x4f, 0xcf, 0xb6, 0xc1, 0xc3, 0x6d,
-	0xa9, 0xd0, 0xe7, 0x14, 0x1d, 0x0b, 0x4d, 0x59, 0x67, 0x78, 0x77, 0x73, 0x0d, 0xb6, 0xc4, 0x40,
-	0x2f, 0xc1, 0xd0, 0x96, 0x1f, 0x46, 0xab, 0x24, 0xba, 0xe3, 0x07, 0xdb, 0x22, 0xbd, 0x41, 0x9c,
-	0x52, 0x26, 0x06, 0x61, 0x1d, 0x0f, 0x3d, 0x05, 0xfd, 0xcc, 0x54, 0x6c, 0x79, 0x81, 0xdd, 0xb5,
-	0x03, 0xf1, 0x19, 0x73, 0x95, 0x17, 0x63, 0x09, 0x97, 0xa8, 0xcb, 0xe5, 0x79, 0x76, 0x1c, 0x27,
-	0x50, 0x97, 0xcb, 0xf3, 0x58, 0xc2, 0xe9, 0x72, 0x0d, 0xb7, 0x9c, 0x80, 0x94, 0x03, 0xbf, 0x4a,
-	0x42, 0x2d, 0x91, 0xd1, 0x23, 0x3c, 0x79, 0x03, 0x5d, 0xae, 0x95, 0x2c, 0x04, 0x9c, 0x5d, 0x0f,
-	0x91, 0x74, 0x7a, 0xde, 0xd1, 0x7c, 0x55, 0x69, 0x9a, 0x1d, 0xec, 0x32, 0x43, 0xaf, 0x07, 0xe3,
-	0x2a, 0x31, 0x30, 0x4f, 0xd7, 0x10, 0x4e, 0x8d, 0xb1, 0xb5, 0xdd, 0x7d, 0xae, 0x07, 0xa5, 0x7c,
-	0x5e, 0x4e, 0x50, 0xc2, 0x29, 0xda, 0x46, 0x44, 0xda, 0xf1, 0x8e, 0x11, 0x69, 0x2f, 0xc2, 0x60,
-	0xd8, 0xba, 0x5d, 0xf3, 0x1b, 0x8e, 0xeb, 0x31, 0x8b, 0x1b, 0xed, 0xe1, 0x5e, 0x91, 0x00, 0x1c,
-	0xe3, 0xa0, 0x25, 0x18, 0x70, 0xa4, 0x66, 0x19, 0xe5, 0x07, 0xdb, 0x53, 0xfa, 0x64, 0x1e, 0x7f,
-	0x4a, 0xea, 0x92, 0x55, 0x5d, 0xf4, 0x2a, 0x8c, 0x88, 0x80, 0x1e, 0x22, 0x97, 0xfe, 0xa4, 0xe9,
-	0xbe, 0x5c, 0xd1, 0x81, 0xd8, 0xc4, 0x45, 0xeb, 0x30, 0x14, 0xf9, 0x75, 0xe6, 0x83, 0x4b, 0xb9,
-	0xe4, 0x13, 0xf9, 0x31, 0x71, 0xd7, 0x14, 0x9a, 0xae, 0xf3, 0x50, 0x55, 0xb1, 0x4e, 0x07, 0xad,
-	0xf1, 0xf5, 0xce, 0xd2, 0x16, 0x91, 0x50, 0x24, 0x63, 0x3f, 0x93, 0x67, 0x2e, 0xc9, 0xd0, 0xcc,
-	0xed, 0x20, 0x6a, 0x62, 0x9d, 0x0c, 0xba, 0x02, 0x13, 0xcd, 0xc0, 0xf5, 0xd9, 0x9a, 0x50, 0x9a,
-	0xf2, 0x29, 0x33, 0x49, 0x69, 0x39, 0x89, 0x80, 0xd3, 0x75, 0x58, 0x3c, 0x16, 0x51, 0x38, 0x75,
-	0x8a, 0x27, 0x5a, 0xe3, 0x72, 0x10, 0x5e, 0x86, 0x15, 0x14, 0xad, 0xb0, 0x93, 0x98, 0x8b, 0xf0,
-	0xa6, 0xa6, 0xf3, 0xbd, 0xfc, 0x75, 0x51, 0x1f, 0xe7, 0xfd, 0xd5, 0x5f, 0x1c, 0x53, 0x40, 0x35,
-	0x2d, 0xbf, 0x39, 0x7d, 0x41, 0x85, 0x53, 0xa7, 0xdb, 0xd8, 0xeb, 0x26, 0x9e, 0xcb, 0x31, 0x43,
-	0x60, 0x14, 0x87, 0x38, 0x41, 0x13, 0xbd, 0x01, 0xe3, 0x22, 0x58, 0x41, 0x3c, 0x4c, 0x67, 0x62,
-	0x9f, 0x26, 0x9c, 0x80, 0xe1, 0x14, 0x36, 0x4f, 0x74, 0xe6, 0xdc, 0xae, 0x13, 0x71, 0xf4, 0x5d,
-	0x77, 0xbd, 0xed, 0x70, 0xea, 0x2c, 0x3b, 0x1f, 0x44, 0xa2, 0xb3, 0x24, 0x14, 0x67, 0xd4, 0x40,
-	0x6b, 0x30, 0xde, 0x0c, 0x08, 0x69, 0xb0, 0x77, 0x92, 0xb8, 0xcf, 0x4a, 0x3c, 0x1c, 0x11, 0xed,
-	0x49, 0x39, 0x01, 0x3b, 0xc8, 0x28, 0xc3, 0x29, 0x0a, 0xe8, 0x0e, 0x0c, 0xf8, 0x3b, 0x24, 0xd8,
-	0x22, 0x4e, 0x6d, 0xea, 0x5c, 0x1b, 0x4f, 0x3b, 0x71, 0xb9, 0xdd, 0x10, 0xb8, 0x09, 0x43, 0x24,
-	0x59, 0xdc, 0xd9, 0x10, 0x49, 0x36, 0x86, 0xfe, 0x0b, 0x0b, 0x4e, 0x49, 0xd5, 0x5e, 0xa5, 0x49,
-	0x47, 0x7d, 0xde, 0xf7, 0xc2, 0x28, 0xe0, 0x01, 0x74, 0x1e, 0xcd, 0x0f, 0x2a, 0xb3, 0x96, 0x53,
-	0x49, 0x69, 0x11, 0x4e, 0xe5, 0x61, 0x84, 0x38, 0xbf, 0x45, 0xfa, 0xb2, 0x0f, 0x49, 0x24, 0x0f,
-	0xa3, 0xd9, 0x70, 0xe9, 0xad, 0x85, 0xd5, 0xa9, 0xc7, 0x78, 0xf4, 0x1f, 0xba, 0x19, 0x2a, 0x49,
-	0x20, 0x4e, 0xe3, 0xa3, 0x4b, 0x50, 0xf0, 0xc3, 0xa9, 0xc7, 0xdb, 0xa4, 0xc4, 0xf7, 0x6b, 0x37,
-	0x2a, 0xdc, 0x20, 0xf5, 0x46, 0x05, 0x17, 0xfc, 0x50, 0x26, 0x1b, 0xa3, 0xcf, 0xd9, 0x70, 0xea,
-	0x09, 0x2e, 0x73, 0x96, 0xc9, 0xc6, 0x58, 0x21, 0x8e, 0xe1, 0x68, 0x0b, 0xc6, 0x42, 0x43, 0x6c,
-	0x10, 0x4e, 0x9d, 0x67, 0x23, 0xf5, 0x44, 0xde, 0xa4, 0x19, 0xd8, 0x5a, 0x16, 0x20, 0x93, 0x0a,
-	0x4e, 0x92, 0xe5, 0xbb, 0x4b, 0x13, 0x5c, 0x84, 0x53, 0x4f, 0x76, 0xd8, 0x5d, 0x1a, 0xb2, 0xbe,
-	0xbb, 0x74, 0x1a, 0x38, 0x41, 0x13, 0xad, 0xeb, 0x6e, 0x8c, 0x17, 0xf2, 0x8d, 0x1b, 0x33, 0x1d,
-	0x18, 0x47, 0xf2, 0x9c, 0x17, 0xa7, 0xbf, 0x0f, 0x26, 0x52, 0x5c, 0xd8, 0x61, 0x7c, 0x3a, 0xa6,
-	0xb7, 0x61, 0xc4, 0x58, 0xe9, 0x0f, 0xd5, 0xe4, 0xe7, 0xcf, 0x06, 0x61, 0x50, 0x99, 0x62, 0xa0,
-	0x8b, 0xa6, 0x95, 0xcf, 0xa9, 0xa4, 0x95, 0xcf, 0x40, 0xd9, 0xaf, 0x19, 0x86, 0x3d, 0x6b, 0x19,
-	0xb1, 0x72, 0xf3, 0xce, 0xd5, 0xee, 0x1d, 0xcf, 0x34, 0xf5, 0x52, 0xb1, 0x6b, 0x73, 0xa1, 0x9e,
-	0xb6, 0x1a, 0xab, 0x2b, 0x30, 0xe1, 0xf9, 0x8c, 0xf5, 0x27, 0x35, 0xc9, 0xd7, 0x31, 0xf6, 0x6d,
-	0x50, 0x8f, 0xe5, 0x96, 0x40, 0xc0, 0xe9, 0x3a, 0xb4, 0x41, 0xce, 0x7f, 0x25, 0x55, 0x64, 0x9c,
-	0x3d, 0xc3, 0x02, 0x4a, 0x9f, 0x9c, 0xfc, 0x57, 0x38, 0x35, 0x9e, 0xff, 0xe4, 0xe4, 0x95, 0x92,
-	0x3c, 0x5e, 0x28, 0x79, 0x3c, 0xa6, 0x11, 0x6a, 0xfa, 0xb5, 0xe5, 0xb2, 0x78, 0x3d, 0x68, 0x51,
-	0xec, 0x6b, 0xcb, 0x65, 0xcc, 0x61, 0x68, 0x16, 0xfa, 0xd8, 0x0f, 0x19, 0x23, 0x27, 0x6f, 0xf7,
-	0x2f, 0x97, 0xb5, 0x1c, 0xaa, 0xac, 0x02, 0x16, 0x15, 0x99, 0xc4, 0x9f, 0x3e, 0xb9, 0x98, 0xc4,
-	0xbf, 0xff, 0x3e, 0x25, 0xfe, 0x92, 0x00, 0x8e, 0x69, 0xa1, 0xbb, 0x70, 0xdc, 0x78, 0xe6, 0x2a,
-	0x4f, 0x3c, 0xc8, 0x37, 0x06, 0x48, 0x20, 0xcf, 0x9d, 0x11, 0x9d, 0x3e, 0xbe, 0x9c, 0x45, 0x09,
-	0x67, 0x37, 0x80, 0xea, 0x30, 0x51, 0x4d, 0xb5, 0x3a, 0xd0, 0x7d, 0xab, 0x6a, 0x5d, 0xa4, 0x5b,
-	0x4c, 0x13, 0x46, 0xaf, 0xc2, 0xc0, 0xbb, 0x3e, 0x37, 0xdc, 0x13, 0x2f, 0x1e, 0x19, 0x05, 0x66,
-	0xe0, 0xad, 0x1b, 0x15, 0x56, 0x7e, 0xb0, 0x57, 0x1a, 0x2a, 0xfb, 0x35, 0xf9, 0x17, 0xab, 0x0a,
-	0xe8, 0xc7, 0x2c, 0x98, 0x4e, 0xbf, 0xa3, 0x55, 0xa7, 0x47, 0xba, 0xef, 0xb4, 0x2d, 0x1a, 0x9d,
-	0x5e, 0xcc, 0x25, 0x87, 0xdb, 0x34, 0x85, 0x3e, 0x4a, 0xf7, 0x53, 0xe8, 0xde, 0x23, 0x22, 0x01,
-	0xfd, 0xa3, 0xf1, 0x7e, 0xa2, 0xa5, 0x07, 0x7b, 0xa5, 0x31, 0x7e, 0xe0, 0xba, 0xf7, 0x54, 0xbc,
-	0x7d, 0x5e, 0x01, 0xfd, 0x20, 0x1c, 0x0f, 0xd2, 0x72, 0x6d, 0x22, 0x79, 0xfb, 0xa7, 0xbb, 0x39,
-	0xbc, 0x93, 0x13, 0x8e, 0xb3, 0x08, 0xe2, 0xec, 0x76, 0xec, 0xdf, 0xb3, 0x98, 0x3e, 0x43, 0x74,
-	0x8b, 0x84, 0xad, 0x7a, 0x74, 0x04, 0xc6, 0x72, 0x8b, 0x86, 0x3d, 0xc1, 0x7d, 0x5b, 0xbb, 0xfd,
-	0x2f, 0x16, 0xb3, 0x76, 0x3b, 0x42, 0xbf, 0xbd, 0xb7, 0x60, 0x20, 0x12, 0xad, 0x89, 0xae, 0xe7,
-	0x59, 0xe6, 0xc8, 0x4e, 0x31, 0x8b, 0x3f, 0xf5, 0x76, 0x92, 0xa5, 0x58, 0x91, 0xb1, 0xff, 0x47,
-	0x3e, 0x03, 0x12, 0x72, 0x04, 0x6a, 0xdb, 0x05, 0x53, 0x6d, 0x5b, 0xea, 0xf0, 0x05, 0x39, 0xea,
-	0xdb, 0xff, 0xc1, 0xec, 0x37, 0x93, 0x19, 0xbe, 0xdf, 0xcd, 0x2c, 0xed, 0x2f, 0x5a, 0x00, 0x71,
-	0x82, 0x93, 0x2e, 0x12, 0x4e, 0x5f, 0xa6, 0xaf, 0x25, 0x3f, 0xf2, 0xab, 0x7e, 0x5d, 0xa8, 0x8d,
-	0x4e, 0xc7, 0x9a, 0x63, 0x5e, 0x7e, 0xa0, 0xfd, 0xc6, 0x0a, 0x1b, 0x95, 0x64, 0xc4, 0xe1, 0x62,
-	0x6c, 0xcb, 0x60, 0x44, 0x1b, 0xfe, 0x8a, 0x05, 0xc7, 0xb2, 0x9c, 0x40, 0xe8, 0xdb, 0x9b, 0x4b,
-	0x4f, 0x95, 0x09, 0xac, 0x9a, 0xcd, 0x9b, 0xa2, 0x1c, 0x2b, 0x8c, 0xae, 0x33, 0x79, 0x1f, 0x2e,
-	0xf9, 0xc6, 0x0d, 0x18, 0x29, 0x07, 0x44, 0xe3, 0x2f, 0x5e, 0x8f, 0xf3, 0x02, 0x0d, 0xce, 0x3d,
-	0x7b, 0xe8, 0xc8, 0x4a, 0xf6, 0x57, 0x0b, 0x70, 0x8c, 0x1b, 0x72, 0xcd, 0xee, 0xf8, 0x6e, 0xad,
-	0xec, 0xd7, 0x84, 0xeb, 0xee, 0xdb, 0x30, 0xdc, 0xd4, 0x44, 0xde, 0xed, 0x02, 0xc9, 0xeb, 0xa2,
-	0xf1, 0x58, 0x48, 0xa7, 0x97, 0x62, 0x83, 0x16, 0xaa, 0xc1, 0x30, 0xd9, 0x71, 0xab, 0xca, 0x1a,
-	0xa8, 0x70, 0xe8, 0x4b, 0x5a, 0xb5, 0xb2, 0xa8, 0xd1, 0xc1, 0x06, 0xd5, 0xae, 0xcd, 0xaf, 0x35,
-	0x16, 0xad, 0xa7, 0x83, 0x05, 0xd0, 0xcf, 0x5a, 0x70, 0x32, 0x27, 0xec, 0x3c, 0x6d, 0xee, 0x0e,
-	0x33, 0x99, 0x13, 0xcb, 0x56, 0x35, 0xc7, 0x0d, 0xe9, 0xb0, 0x80, 0xa2, 0x8f, 0x03, 0x34, 0xe3,
-	0x94, 0x9b, 0x1d, 0xe2, 0x73, 0x1b, 0x91, 0x7a, 0xb5, 0xa0, 0xab, 0x2a, 0x33, 0xa7, 0x46, 0xcb,
-	0xfe, 0x4a, 0x0f, 0xf4, 0x32, 0xc3, 0x2b, 0x54, 0x86, 0xfe, 0x2d, 0x1e, 0x13, 0xb0, 0xed, 0xbc,
-	0x51, 0x5c, 0x19, 0x64, 0x30, 0x9e, 0x37, 0xad, 0x14, 0x4b, 0x32, 0x68, 0x05, 0x26, 0x79, 0x3a,
-	0xd1, 0xfa, 0x02, 0xa9, 0x3b, 0xbb, 0x52, 0x9a, 0x5c, 0x60, 0x9f, 0xaa, 0xa4, 0xea, 0xcb, 0x69,
-	0x14, 0x9c, 0x55, 0x0f, 0xbd, 0x0e, 0xa3, 0xf4, 0x75, 0xef, 0xb7, 0x22, 0x49, 0x89, 0xe7, 0xef,
-	0x54, 0x0f, 0x9e, 0x35, 0x03, 0x8a, 0x13, 0xd8, 0xe8, 0x55, 0x18, 0x69, 0xa6, 0xe4, 0xe6, 0xbd,
-	0xb1, 0x80, 0xc9, 0x94, 0x95, 0x9b, 0xb8, 0xcc, 0x0f, 0xa4, 0xc5, 0xbc, 0x5e, 0xd6, 0xb6, 0x02,
-	0x12, 0x6e, 0xf9, 0xf5, 0x1a, 0xe3, 0x80, 0x7b, 0x35, 0x3f, 0x90, 0x04, 0x1c, 0xa7, 0x6a, 0x50,
-	0x2a, 0x1b, 0x8e, 0x5b, 0x6f, 0x05, 0x24, 0xa6, 0xd2, 0x67, 0x52, 0x59, 0x4a, 0xc0, 0x71, 0xaa,
-	0x46, 0x67, 0x85, 0x40, 0xff, 0x83, 0x51, 0x08, 0xd8, 0xbf, 0x5c, 0x00, 0x63, 0x6a, 0xbf, 0x87,
-	0xf3, 0x8a, 0xbe, 0x06, 0x3d, 0x9b, 0x41, 0xb3, 0x2a, 0x8c, 0x0c, 0x33, 0xbf, 0xec, 0x0a, 0x2e,
-	0xcf, 0xeb, 0x5f, 0x46, 0xff, 0x63, 0x56, 0x8b, 0xee, 0xf1, 0xe3, 0xe5, 0xc0, 0xa7, 0x97, 0x9c,
-	0x0c, 0x1b, 0xaa, 0xdc, 0xad, 0xfa, 0xe5, 0x1b, 0xbb, 0x4d, 0x80, 0x6d, 0xe1, 0x33, 0xc2, 0x29,
-	0x18, 0xf6, 0x78, 0x15, 0xf1, 0xc2, 0x96, 0x54, 0xd0, 0x25, 0x18, 0x12, 0xa9, 0x1e, 0x99, 0x57,
-	0x10, 0xdf, 0x4c, 0xcc, 0x7e, 0x70, 0x21, 0x2e, 0xc6, 0x3a, 0x8e, 0xfd, 0xe3, 0x05, 0x98, 0xcc,
-	0x70, 0xeb, 0xe4, 0xd7, 0xc8, 0xa6, 0x1b, 0x46, 0xc1, 0x6e, 0xf2, 0x72, 0xc2, 0xa2, 0x1c, 0x2b,
-	0x0c, 0x7a, 0x56, 0xf1, 0x8b, 0x2a, 0x79, 0x39, 0x09, 0xb7, 0x29, 0x01, 0x3d, 0xdc, 0xe5, 0x44,
-	0xaf, 0xed, 0x56, 0x48, 0x64, 0x2c, 0x7f, 0x75, 0x6d, 0x33, 0x63, 0x03, 0x06, 0xa1, 0x4f, 0xc0,
-	0x4d, 0xa5, 0x41, 0xd7, 0x9e, 0x80, 0x5c, 0x87, 0xce, 0x61, 0xb4, 0x73, 0x11, 0xf1, 0x1c, 0x2f,
-	0x12, 0x0f, 0xc5, 0x38, 0xc6, 0x33, 0x2b, 0xc5, 0x02, 0x6a, 0x7f, 0xb9, 0x08, 0xa7, 0x72, 0x1d,
-	0xbd, 0x69, 0xd7, 0x1b, 0xbe, 0xe7, 0x46, 0xbe, 0x32, 0xcc, 0xe4, 0x71, 0x9d, 0x49, 0x73, 0x6b,
-	0x45, 0x94, 0x63, 0x85, 0x81, 0xce, 0x43, 0x2f, 0x93, 0xb5, 0x27, 0xd3, 0xbc, 0xe1, 0xb9, 0x05,
-	0x1e, 0x31, 0x93, 0x83, 0xb5, 0x5b, 0xbd, 0xd8, 0xf6, 0x56, 0x7f, 0x8c, 0x72, 0x30, 0x7e, 0x3d,
-	0x79, 0xa1, 0xd0, 0xee, 0xfa, 0x7e, 0x1d, 0x33, 0x20, 0x7a, 0x42, 0x8c, 0x57, 0xc2, 0x12, 0x11,
-	0x3b, 0x35, 0x3f, 0xd4, 0x06, 0xed, 0x29, 0xe8, 0xdf, 0x26, 0xbb, 0x81, 0xeb, 0x6d, 0x26, 0x2d,
-	0x54, 0xaf, 0xf1, 0x62, 0x2c, 0xe1, 0x66, 0x56, 0xf3, 0xfe, 0x07, 0x91, 0xd5, 0x5c, 0x5f, 0x01,
-	0x03, 0x1d, 0xd9, 0x93, 0x9f, 0x28, 0xc2, 0x18, 0x9e, 0x5b, 0xf8, 0x60, 0x22, 0xd6, 0xd3, 0x13,
-	0xf1, 0x20, 0x92, 0x7f, 0x1f, 0x6e, 0x36, 0x7e, 0xdb, 0x82, 0x31, 0x96, 0x70, 0x52, 0x44, 0x69,
-	0x71, 0x7d, 0xef, 0x08, 0x9e, 0x02, 0x8f, 0x41, 0x6f, 0x40, 0x1b, 0x15, 0x33, 0xa8, 0xf6, 0x38,
-	0xeb, 0x09, 0xe6, 0x30, 0x74, 0x1a, 0x7a, 0x58, 0x17, 0xe8, 0xe4, 0x0d, 0xf3, 0x23, 0x78, 0xc1,
-	0x89, 0x1c, 0xcc, 0x4a, 0x59, 0xbc, 0x48, 0x4c, 0x9a, 0x75, 0x97, 0x77, 0x3a, 0xb6, 0x84, 0x78,
-	0x7f, 0x84, 0x80, 0xc9, 0xec, 0xda, 0x7b, 0x8b, 0x17, 0x99, 0x4d, 0xb2, 0xfd, 0x33, 0xfb, 0x1f,
-	0x0a, 0x70, 0x36, 0xb3, 0x5e, 0xd7, 0xf1, 0x22, 0xdb, 0xd7, 0x7e, 0x98, 0xe9, 0xe9, 0x8a, 0x47,
-	0x68, 0xff, 0xdf, 0xd3, 0x2d, 0xf7, 0xdf, 0xdb, 0x45, 0x18, 0xc7, 0xcc, 0x21, 0x7b, 0x9f, 0x84,
-	0x71, 0xcc, 0xec, 0x5b, 0x8e, 0x98, 0xe0, 0x5f, 0x0b, 0x39, 0xdf, 0xc2, 0x04, 0x06, 0x17, 0xe8,
-	0x39, 0xc3, 0x80, 0xa1, 0x7c, 0x84, 0xf3, 0x33, 0x86, 0x97, 0x61, 0x05, 0x45, 0xb3, 0x30, 0xd6,
-	0x70, 0x3d, 0x7a, 0xf8, 0xec, 0x9a, 0xac, 0xb8, 0x52, 0x91, 0xac, 0x98, 0x60, 0x9c, 0xc4, 0x47,
-	0xae, 0x16, 0xe2, 0x91, 0x7f, 0xdd, 0xab, 0x87, 0xda, 0x75, 0x33, 0xa6, 0x95, 0x88, 0x1a, 0xc5,
-	0x8c, 0x70, 0x8f, 0x2b, 0x9a, 0x9c, 0xa8, 0xd8, 0xbd, 0x9c, 0x68, 0x38, 0x5b, 0x46, 0x34, 0xfd,
-	0x2a, 0x8c, 0xdc, 0xb7, 0x6e, 0xc4, 0xfe, 0x56, 0x11, 0x1e, 0x69, 0xb3, 0xed, 0xf9, 0x59, 0x6f,
-	0xcc, 0x81, 0x76, 0xd6, 0xa7, 0xe6, 0xa1, 0x0c, 0xc7, 0x36, 0x5a, 0xf5, 0xfa, 0x2e, 0x73, 0x74,
-	0x23, 0x35, 0x89, 0x21, 0x78, 0x4a, 0x29, 0x1c, 0x39, 0xb6, 0x94, 0x81, 0x83, 0x33, 0x6b, 0xd2,
-	0x27, 0x16, 0xbd, 0x49, 0x76, 0x15, 0xa9, 0xc4, 0x13, 0x0b, 0xeb, 0x40, 0x6c, 0xe2, 0xa2, 0x2b,
-	0x30, 0xe1, 0xec, 0x38, 0x2e, 0x4f, 0xef, 0x21, 0x09, 0xf0, 0x37, 0x96, 0x92, 0x45, 0xcf, 0x26,
-	0x11, 0x70, 0xba, 0x0e, 0x7a, 0x13, 0x90, 0x7f, 0x9b, 0x39, 0xcf, 0xd4, 0xae, 0x10, 0x4f, 0x28,
-	0xf3, 0xd9, 0xdc, 0x15, 0xe3, 0x23, 0xe1, 0x46, 0x0a, 0x03, 0x67, 0xd4, 0x4a, 0x04, 0x1b, 0xec,
-	0xcb, 0x0f, 0x36, 0xd8, 0xfe, 0x5c, 0xec, 0x98, 0x19, 0xf1, 0x1d, 0x18, 0x39, 0xac, 0xb5, 0xf7,
-	0x53, 0xd0, 0x1f, 0x88, 0x9c, 0xf3, 0x09, 0xaf, 0x72, 0x99, 0x91, 0x5b, 0xc2, 0xed, 0xff, 0xc7,
-	0x02, 0x25, 0x4b, 0x36, 0xe3, 0x8a, 0xbf, 0xca, 0x4c, 0xd7, 0xb9, 0x14, 0x5c, 0x0b, 0x25, 0x76,
-	0x5c, 0x33, 0x5d, 0x8f, 0x81, 0xd8, 0xc4, 0xe5, 0xcb, 0x2d, 0x8c, 0x23, 0x58, 0x18, 0x0f, 0x08,
-	0xa1, 0x35, 0x54, 0x18, 0xe8, 0x13, 0xd0, 0x5f, 0x73, 0x77, 0xdc, 0x50, 0xc8, 0xd1, 0x0e, 0xad,
-	0xb7, 0x8b, 0xbf, 0x6f, 0x81, 0x93, 0xc1, 0x92, 0x9e, 0xfd, 0x53, 0x16, 0x28, 0x75, 0xe7, 0x55,
-	0xe2, 0xd4, 0xa3, 0x2d, 0xf4, 0x06, 0x80, 0xa4, 0xa0, 0x64, 0x6f, 0xd2, 0x08, 0x0b, 0xb0, 0x82,
-	0x1c, 0x18, 0xff, 0xb0, 0x56, 0x07, 0xbd, 0x0e, 0x7d, 0x5b, 0x8c, 0x96, 0xf8, 0xb6, 0xf3, 0x4a,
-	0xd5, 0xc5, 0x4a, 0x0f, 0xf6, 0x4a, 0xc7, 0xcc, 0x36, 0xe5, 0x2d, 0xc6, 0x6b, 0xd9, 0x3f, 0x51,
-	0x88, 0xe7, 0xf4, 0xad, 0x96, 0x1f, 0x39, 0x47, 0xc0, 0x89, 0x5c, 0x31, 0x38, 0x91, 0x27, 0xda,
-	0xe9, 0x73, 0x59, 0x97, 0x72, 0x39, 0x90, 0x1b, 0x09, 0x0e, 0xe4, 0xc9, 0xce, 0xa4, 0xda, 0x73,
-	0x1e, 0xff, 0x93, 0x05, 0x13, 0x06, 0xfe, 0x11, 0x5c, 0x80, 0x4b, 0xe6, 0x05, 0xf8, 0x68, 0xc7,
-	0x6f, 0xc8, 0xb9, 0xf8, 0x7e, 0xb4, 0x98, 0xe8, 0x3b, 0xbb, 0xf0, 0xde, 0x85, 0x9e, 0x2d, 0x27,
-	0xa8, 0x89, 0x77, 0xfd, 0xc5, 0xae, 0xc6, 0x7a, 0xe6, 0xaa, 0x13, 0x08, 0x03, 0x8e, 0x67, 0xe5,
-	0xa8, 0xd3, 0xa2, 0x8e, 0xc6, 0x1b, 0xac, 0x29, 0x74, 0x19, 0xfa, 0xc2, 0xaa, 0xdf, 0x54, 0x7e,
-	0x80, 0x2c, 0x5d, 0x78, 0x85, 0x95, 0x1c, 0xec, 0x95, 0x90, 0xd9, 0x1c, 0x2d, 0xc6, 0x02, 0x1f,
-	0xbd, 0x0d, 0x23, 0xec, 0x97, 0xb2, 0xa6, 0x2c, 0xe6, 0x4b, 0x60, 0x2a, 0x3a, 0x22, 0x37, 0x35,
-	0x36, 0x8a, 0xb0, 0x49, 0x6a, 0x7a, 0x13, 0x06, 0xd5, 0x67, 0x3d, 0x54, 0x6d, 0xfd, 0xff, 0x59,
-	0x84, 0xc9, 0x8c, 0x35, 0x87, 0x42, 0x63, 0x26, 0x2e, 0x75, 0xb9, 0x54, 0xdf, 0xe3, 0x5c, 0x84,
-	0xec, 0x01, 0x58, 0x13, 0x6b, 0xab, 0xeb, 0x46, 0xd7, 0x43, 0x92, 0x6c, 0x94, 0x16, 0x75, 0x6e,
-	0x94, 0x36, 0x76, 0x64, 0x43, 0x4d, 0x1b, 0x52, 0x3d, 0x7d, 0xa8, 0x73, 0xfa, 0x87, 0x3d, 0x70,
-	0x2c, 0xcb, 0xc4, 0x04, 0x7d, 0x0e, 0xfa, 0x98, 0xa3, 0x9a, 0x14, 0x9c, 0xbd, 0xd8, 0xad, 0x71,
-	0xca, 0x0c, 0xf3, 0x75, 0x13, 0xa1, 0x69, 0x67, 0xe4, 0x71, 0xc4, 0x0b, 0x3b, 0x0e, 0xb3, 0x68,
-	0x93, 0x85, 0x8c, 0x12, 0xb7, 0xa7, 0x3c, 0x3e, 0x3e, 0xd2, 0x75, 0x07, 0xc4, 0xfd, 0x1b, 0x26,
-	0x2c, 0xb5, 0x64, 0x71, 0x67, 0x4b, 0x2d, 0xd9, 0x32, 0x5a, 0x86, 0xbe, 0x2a, 0x37, 0x01, 0x2a,
-	0x76, 0x3e, 0xc2, 0xb8, 0xfd, 0x8f, 0x3a, 0x80, 0x85, 0xdd, 0x8f, 0x20, 0x30, 0xed, 0xc2, 0x90,
-	0x36, 0x30, 0x0f, 0x75, 0xf1, 0x6c, 0xd3, 0x8b, 0x4f, 0x1b, 0x82, 0x87, 0xba, 0x80, 0x7e, 0x46,
-	0xbb, 0xfb, 0xc5, 0x79, 0xf0, 0x61, 0x83, 0x77, 0x3a, 0x9d, 0x70, 0x1f, 0x4c, 0xec, 0x2b, 0xc6,
-	0x4b, 0x55, 0xcc, 0x98, 0xee, 0xb9, 0xa9, 0xa1, 0xcc, 0x0b, 0xbf, 0x7d, 0x1c, 0x77, 0xfb, 0x67,
-	0x2d, 0x48, 0x38, 0x78, 0x29, 0x71, 0xa7, 0x95, 0x2b, 0xee, 0x3c, 0x07, 0x3d, 0x81, 0x5f, 0x27,
-	0xc9, 0xd4, 0xfb, 0xd8, 0xaf, 0x13, 0xcc, 0x20, 0x14, 0x23, 0x8a, 0x85, 0x58, 0xc3, 0xfa, 0x03,
-	0x5d, 0x3c, 0xbd, 0x1f, 0x83, 0xde, 0x3a, 0xd9, 0x21, 0xf5, 0x64, 0x86, 0xd4, 0xeb, 0xb4, 0x10,
-	0x73, 0x98, 0xfd, 0xdb, 0x3d, 0x70, 0xa6, 0x6d, 0x64, 0x39, 0xca, 0x60, 0x6e, 0x3a, 0x11, 0xb9,
-	0xe3, 0xec, 0x26, 0x33, 0x03, 0x5e, 0xe1, 0xc5, 0x58, 0xc2, 0x99, 0xb3, 0x35, 0xcf, 0x94, 0x93,
-	0x10, 0x0e, 0x8b, 0x04, 0x39, 0x02, 0x6a, 0x0a, 0x1b, 0x8b, 0x0f, 0x42, 0xd8, 0xf8, 0x3c, 0x40,
-	0x18, 0xd6, 0xb9, 0x1d, 0x67, 0x4d, 0x78, 0x71, 0xc7, 0x19, 0x95, 0x2a, 0xd7, 0x05, 0x04, 0x6b,
-	0x58, 0x68, 0x01, 0xc6, 0x9b, 0x81, 0x1f, 0x71, 0x59, 0xfb, 0x02, 0x37, 0x75, 0xee, 0x35, 0x83,
-	0x7a, 0x95, 0x13, 0x70, 0x9c, 0xaa, 0x81, 0x5e, 0x82, 0x21, 0x11, 0xe8, 0xab, 0xec, 0xfb, 0x75,
-	0x21, 0xde, 0x53, 0xd6, 0xbf, 0x95, 0x18, 0x84, 0x75, 0x3c, 0xad, 0x1a, 0x13, 0xe0, 0xf7, 0x67,
-	0x56, 0xe3, 0x42, 0x7c, 0x0d, 0x2f, 0x91, 0x14, 0x60, 0xa0, 0xab, 0xa4, 0x00, 0xb1, 0xc0, 0x73,
-	0xb0, 0x6b, 0x7d, 0x32, 0x74, 0x14, 0x11, 0x7e, 0xad, 0x07, 0x26, 0xc5, 0xc2, 0x79, 0xd8, 0xcb,
-	0x65, 0x3d, 0xbd, 0x5c, 0x1e, 0x84, 0x48, 0xf4, 0x83, 0x35, 0x73, 0xd4, 0x6b, 0xe6, 0x27, 0x2d,
-	0x30, 0x79, 0x48, 0xf4, 0x9f, 0xe5, 0xa6, 0x56, 0x7d, 0x29, 0x97, 0x27, 0x8d, 0x23, 0x86, 0xbf,
-	0xb7, 0x24, 0xab, 0xf6, 0xff, 0x65, 0xc1, 0xa3, 0x1d, 0x29, 0xa2, 0x45, 0x18, 0x64, 0x8c, 0xae,
-	0xf6, 0x2e, 0x7e, 0x52, 0xb9, 0x42, 0x48, 0x40, 0x0e, 0xdf, 0x1d, 0xd7, 0x44, 0x8b, 0xa9, 0x1c,
-	0xb6, 0x4f, 0x65, 0xe4, 0xb0, 0x3d, 0x6e, 0x0c, 0xcf, 0x7d, 0x26, 0xb1, 0xfd, 0x12, 0xbd, 0x71,
-	0x4c, 0x7f, 0xca, 0x8f, 0x18, 0xe2, 0x5c, 0x3b, 0x21, 0xce, 0x45, 0x26, 0xb6, 0x76, 0x87, 0xbc,
-	0x01, 0xe3, 0x2c, 0x02, 0x28, 0x73, 0xcc, 0x11, 0x8e, 0x98, 0x85, 0xd8, 0xf8, 0xfe, 0x7a, 0x02,
-	0x86, 0x53, 0xd8, 0xf6, 0xdf, 0x15, 0xa1, 0x8f, 0x6f, 0xbf, 0x23, 0x78, 0xf8, 0x3e, 0x03, 0x83,
-	0x6e, 0xa3, 0xd1, 0xe2, 0x69, 0x49, 0x7b, 0x63, 0x53, 0xee, 0x65, 0x59, 0x88, 0x63, 0x38, 0x5a,
-	0x12, 0x9a, 0x84, 0x36, 0x41, 0xc6, 0x79, 0xc7, 0x67, 0x16, 0x9c, 0xc8, 0xe1, 0x5c, 0x9c, 0xba,
-	0x67, 0x63, 0x9d, 0x03, 0xfa, 0x34, 0x40, 0x18, 0x05, 0xae, 0xb7, 0x49, 0xcb, 0x44, 0x26, 0x8a,
-	0xa7, 0xdb, 0x50, 0xab, 0x28, 0x64, 0x4e, 0x33, 0x3e, 0x73, 0x14, 0x00, 0x6b, 0x14, 0xd1, 0x8c,
-	0x71, 0xd3, 0x4f, 0x27, 0xe6, 0x0e, 0x38, 0xd5, 0x78, 0xce, 0xa6, 0x5f, 0x86, 0x41, 0x45, 0xbc,
-	0x93, 0x5c, 0x71, 0x58, 0x67, 0xd8, 0x3e, 0x06, 0x63, 0x89, 0xbe, 0x1d, 0x4a, 0x2c, 0xf9, 0x3b,
-	0x16, 0x8c, 0xf1, 0xce, 0x2c, 0x7a, 0x3b, 0xe2, 0x36, 0xb8, 0x07, 0xc7, 0xea, 0x19, 0xa7, 0xb2,
-	0x98, 0xfe, 0xee, 0x4f, 0x71, 0x25, 0x86, 0xcc, 0x82, 0xe2, 0xcc, 0x36, 0xd0, 0x05, 0xba, 0xe3,
-	0xe8, 0xa9, 0xeb, 0xd4, 0x45, 0x34, 0x91, 0x61, 0xbe, 0xdb, 0x78, 0x19, 0x56, 0x50, 0xfb, 0xaf,
-	0x2c, 0x98, 0xe0, 0x3d, 0xbf, 0x46, 0x76, 0xd5, 0xd9, 0xf4, 0x9d, 0xec, 0xbb, 0x48, 0x88, 0x5d,
-	0xc8, 0x49, 0x88, 0xad, 0x7f, 0x5a, 0xb1, 0xed, 0xa7, 0x7d, 0xd5, 0x02, 0xb1, 0x42, 0x8e, 0x40,
-	0xd2, 0xf2, 0x7d, 0xa6, 0xa4, 0x65, 0x3a, 0x7f, 0x13, 0xe4, 0x88, 0x58, 0xfe, 0xc5, 0x82, 0x71,
-	0x8e, 0x10, 0x5b, 0x41, 0x7c, 0x47, 0xe7, 0x61, 0xce, 0xfc, 0xa2, 0x4c, 0xb3, 0xd6, 0x6b, 0x64,
-	0x77, 0xcd, 0x2f, 0x3b, 0xd1, 0x56, 0xf6, 0x47, 0x19, 0x93, 0xd5, 0xd3, 0x76, 0xb2, 0x6a, 0x72,
-	0x03, 0x19, 0x89, 0x17, 0x3b, 0x08, 0x80, 0x0f, 0x9b, 0x78, 0xd1, 0xfe, 0x7b, 0x0b, 0x10, 0x6f,
-	0xc6, 0x60, 0xdc, 0x28, 0x3b, 0xc4, 0x4a, 0xb5, 0x8b, 0x2e, 0x3e, 0x9a, 0x14, 0x04, 0x6b, 0x58,
-	0x0f, 0x64, 0x78, 0x12, 0xa6, 0x2c, 0xc5, 0xce, 0xa6, 0x2c, 0x87, 0x18, 0xd1, 0xaf, 0xf6, 0x43,
-	0xd2, 0x15, 0x13, 0xdd, 0x84, 0xe1, 0xaa, 0xd3, 0x74, 0x6e, 0xbb, 0x75, 0x37, 0x72, 0x49, 0xd8,
-	0xce, 0xce, 0x6d, 0x5e, 0xc3, 0x13, 0xc6, 0x07, 0x5a, 0x09, 0x36, 0xe8, 0xa0, 0x19, 0x80, 0x66,
-	0xe0, 0xee, 0xb8, 0x75, 0xb2, 0xc9, 0x04, 0x42, 0x2c, 0x7e, 0x11, 0x37, 0xba, 0x93, 0xa5, 0x58,
-	0xc3, 0xc8, 0x08, 0x1b, 0x52, 0x7c, 0xc8, 0x61, 0x43, 0xe0, 0xc8, 0xc2, 0x86, 0xf4, 0x1c, 0x2a,
-	0x6c, 0xc8, 0xc0, 0xa1, 0xc3, 0x86, 0xf4, 0x76, 0x15, 0x36, 0x04, 0xc3, 0x09, 0xc9, 0x7b, 0xd2,
-	0xff, 0x4b, 0x6e, 0x9d, 0x88, 0x07, 0x07, 0x0f, 0xba, 0x34, 0xbd, 0xbf, 0x57, 0x3a, 0x81, 0x33,
-	0x31, 0x70, 0x4e, 0x4d, 0xf4, 0x71, 0x98, 0x72, 0xea, 0x75, 0xff, 0x8e, 0x9a, 0xd4, 0xc5, 0xb0,
-	0xea, 0xd4, 0xb9, 0x72, 0xa9, 0x9f, 0x51, 0x3d, 0xbd, 0xbf, 0x57, 0x9a, 0x9a, 0xcd, 0xc1, 0xc1,
-	0xb9, 0xb5, 0xd1, 0x6b, 0x30, 0xd8, 0x0c, 0xfc, 0xea, 0x8a, 0xe6, 0x2f, 0x7e, 0x96, 0x0e, 0x60,
-	0x59, 0x16, 0x1e, 0xec, 0x95, 0x46, 0xd4, 0x1f, 0x76, 0xe1, 0xc7, 0x15, 0x32, 0x22, 0x72, 0x0c,
-	0x3d, 0xec, 0x88, 0x1c, 0xc3, 0x0f, 0x38, 0x22, 0x87, 0xbd, 0x0d, 0x93, 0x15, 0x12, 0xb8, 0x4e,
-	0xdd, 0xbd, 0x47, 0x79, 0x72, 0x79, 0x06, 0xae, 0xc1, 0x60, 0x90, 0x38, 0xf5, 0xbb, 0x0a, 0x2e,
-	0xae, 0xc9, 0x65, 0xe4, 0x29, 0x1f, 0x13, 0xb2, 0xff, 0xbd, 0x05, 0xfd, 0xc2, 0xbd, 0xf3, 0x08,
-	0x38, 0xd3, 0x59, 0x43, 0x25, 0x53, 0xca, 0x9e, 0x14, 0xd6, 0x99, 0x5c, 0x65, 0xcc, 0x72, 0x42,
-	0x19, 0xf3, 0x68, 0x3b, 0x22, 0xed, 0xd5, 0x30, 0xff, 0x75, 0x91, 0xbe, 0x10, 0x8c, 0x40, 0x03,
-	0x0f, 0x7f, 0x08, 0x56, 0xa1, 0x3f, 0x14, 0x8e, 0xee, 0x85, 0x7c, 0x5f, 0x9e, 0xe4, 0x24, 0xc6,
-	0x36, 0x90, 0xc2, 0xb5, 0x5d, 0x12, 0xc9, 0xf4, 0xa0, 0x2f, 0x3e, 0x44, 0x0f, 0xfa, 0x4e, 0xa1,
-	0x18, 0x7a, 0x1e, 0x44, 0x28, 0x06, 0xfb, 0x1b, 0xec, 0x76, 0xd6, 0xcb, 0x8f, 0x80, 0x71, 0xbb,
-	0x62, 0xde, 0xe3, 0x76, 0x9b, 0x95, 0x25, 0x3a, 0x95, 0xc3, 0xc0, 0xfd, 0x96, 0x05, 0x67, 0x32,
-	0xbe, 0x4a, 0xe3, 0xe6, 0x9e, 0x85, 0x01, 0xa7, 0x55, 0x73, 0xd5, 0x5e, 0xd6, 0xb4, 0xc5, 0xb3,
-	0xa2, 0x1c, 0x2b, 0x0c, 0x34, 0x0f, 0x13, 0xe4, 0x6e, 0xd3, 0xe5, 0x6a, 0x78, 0xdd, 0x74, 0xbc,
-	0xc8, 0x7d, 0x82, 0x17, 0x93, 0x40, 0x9c, 0xc6, 0x57, 0xe1, 0xdc, 0x8a, 0xb9, 0xe1, 0xdc, 0x7e,
-	0xdd, 0x82, 0x21, 0xe5, 0xea, 0xfd, 0xd0, 0x47, 0xfb, 0x0d, 0x73, 0xb4, 0x1f, 0x69, 0x33, 0xda,
-	0x39, 0xc3, 0xfc, 0x97, 0x05, 0xd5, 0xdf, 0xb2, 0x1f, 0x44, 0x5d, 0x70, 0x89, 0xf7, 0xef, 0xf6,
-	0x72, 0x09, 0x86, 0x9c, 0x66, 0x53, 0x02, 0xa4, 0xfd, 0x22, 0x4b, 0x15, 0x11, 0x17, 0x63, 0x1d,
-	0x47, 0x79, 0xe1, 0x14, 0x73, 0xbd, 0x70, 0x6a, 0x00, 0x91, 0x13, 0x6c, 0x92, 0x88, 0x96, 0x09,
-	0x73, 0xeb, 0xfc, 0xf3, 0xa6, 0x15, 0xb9, 0xf5, 0x19, 0xd7, 0x8b, 0xc2, 0x28, 0x98, 0x59, 0xf6,
-	0xa2, 0x1b, 0x01, 0x7f, 0xa6, 0x6a, 0x41, 0x13, 0x15, 0x2d, 0xac, 0xd1, 0x95, 0x61, 0x4d, 0x58,
-	0x1b, 0xbd, 0xa6, 0x21, 0xcc, 0xaa, 0x28, 0xc7, 0x0a, 0xc3, 0x7e, 0x99, 0xdd, 0x3e, 0x6c, 0x4c,
-	0x0f, 0x17, 0x0c, 0xf0, 0x1f, 0x86, 0xd5, 0x6c, 0x30, 0x95, 0xf0, 0x82, 0x1e, 0x72, 0xb0, 0xfd,
-	0x61, 0x4f, 0x1b, 0xd6, 0xfd, 0x59, 0xe3, 0xb8, 0x84, 0xe8, 0x93, 0x29, 0xe3, 0xa6, 0xe7, 0x3a,
-	0xdc, 0x1a, 0x87, 0x30, 0x67, 0x62, 0x79, 0xe3, 0x58, 0x56, 0xad, 0xe5, 0xb2, 0xd8, 0x17, 0x5a,
-	0xde, 0x38, 0x01, 0xc0, 0x31, 0x0e, 0x65, 0xd8, 0xd4, 0x9f, 0x70, 0x0a, 0xc5, 0xe1, 0xc5, 0x15,
-	0x76, 0x88, 0x35, 0x0c, 0x74, 0x51, 0x08, 0x2d, 0xb8, 0xee, 0xe1, 0x91, 0x84, 0xd0, 0x42, 0x0e,
-	0x97, 0x26, 0x69, 0xba, 0x04, 0x43, 0xe4, 0x6e, 0x44, 0x02, 0xcf, 0xa9, 0xd3, 0x16, 0x7a, 0xe3,
-	0x88, 0xb8, 0x8b, 0x71, 0x31, 0xd6, 0x71, 0xd0, 0x1a, 0x8c, 0x85, 0x5c, 0x96, 0xa7, 0x92, 0x5a,
-	0x70, 0x99, 0xe8, 0xd3, 0xca, 0xc9, 0xde, 0x04, 0x1f, 0xb0, 0x22, 0x7e, 0x3a, 0xc9, 0xd0, 0x23,
-	0x49, 0x12, 0xe8, 0x75, 0x18, 0xad, 0xfb, 0x4e, 0x6d, 0xce, 0xa9, 0x3b, 0x5e, 0x95, 0x8d, 0xcf,
-	0x80, 0x11, 0x7f, 0x72, 0xf4, 0xba, 0x01, 0xc5, 0x09, 0x6c, 0xca, 0x20, 0xea, 0x25, 0x22, 0x11,
-	0x8b, 0xe3, 0x6d, 0x92, 0x70, 0x6a, 0x90, 0x7d, 0x15, 0x63, 0x10, 0xaf, 0xe7, 0xe0, 0xe0, 0xdc,
-	0xda, 0xe8, 0x32, 0x0c, 0xcb, 0xcf, 0xd7, 0x22, 0xf5, 0xc4, 0x0e, 0x4d, 0x1a, 0x0c, 0x1b, 0x98,
-	0x28, 0x84, 0xe3, 0xf2, 0xff, 0x5a, 0xe0, 0x6c, 0x6c, 0xb8, 0x55, 0x11, 0xbe, 0x82, 0x3b, 0x7f,
-	0x7f, 0x4c, 0x7a, 0x9a, 0x2e, 0x66, 0x21, 0x1d, 0xec, 0x95, 0x4e, 0x8b, 0x51, 0xcb, 0x84, 0xe3,
-	0x6c, 0xda, 0x68, 0x05, 0x26, 0xb9, 0x0d, 0xcc, 0xfc, 0x16, 0xa9, 0x6e, 0xcb, 0x0d, 0xc7, 0xb8,
-	0x46, 0xcd, 0xf1, 0xe7, 0x6a, 0x1a, 0x05, 0x67, 0xd5, 0x43, 0xef, 0xc0, 0x54, 0xb3, 0x75, 0xbb,
-	0xee, 0x86, 0x5b, 0xab, 0x7e, 0xc4, 0x4c, 0xc8, 0x66, 0x6b, 0xb5, 0x80, 0x84, 0xdc, 0x37, 0x98,
-	0x5d, 0xbd, 0x32, 0xba, 0x52, 0x39, 0x07, 0x0f, 0xe7, 0x52, 0x40, 0xf7, 0xe0, 0x78, 0x62, 0x21,
-	0x88, 0x30, 0x29, 0xa3, 0xf9, 0x29, 0xad, 0x2a, 0x59, 0x15, 0x44, 0xc4, 0xa1, 0x2c, 0x10, 0xce,
-	0x6e, 0x02, 0xbd, 0x02, 0xe0, 0x36, 0x97, 0x9c, 0x86, 0x5b, 0xa7, 0xcf, 0xd1, 0x49, 0xb6, 0x46,
-	0xe8, 0xd3, 0x04, 0x96, 0xcb, 0xb2, 0x94, 0x9e, 0xcd, 0xe2, 0xdf, 0x2e, 0xd6, 0xb0, 0xd1, 0x75,
-	0x18, 0x15, 0xff, 0x76, 0xc5, 0x94, 0x4e, 0xa8, 0xec, 0xa7, 0xa3, 0xb2, 0x86, 0x9a, 0xc7, 0x44,
-	0x09, 0x4e, 0xd4, 0x45, 0x9b, 0x70, 0x46, 0xa6, 0x5e, 0xd5, 0xd7, 0xa7, 0x9c, 0x83, 0x90, 0xe5,
-	0x91, 0x1a, 0xe0, 0x3e, 0x45, 0xb3, 0xed, 0x10, 0x71, 0x7b, 0x3a, 0xf4, 0x5e, 0xd7, 0x97, 0x39,
-	0xf7, 0x18, 0x3f, 0x1e, 0x47, 0xf1, 0xbc, 0x9e, 0x04, 0xe2, 0x34, 0x3e, 0xf2, 0xe1, 0xb8, 0xeb,
-	0x65, 0xad, 0xea, 0x13, 0x8c, 0xd0, 0x47, 0xb9, 0xb3, 0x7c, 0xfb, 0x15, 0x9d, 0x09, 0xc7, 0xd9,
-	0x74, 0xd1, 0x32, 0x4c, 0x46, 0xbc, 0x60, 0xc1, 0x0d, 0x79, 0x9a, 0x1a, 0xfa, 0xec, 0x3b, 0xc9,
-	0x9a, 0x3b, 0x49, 0x57, 0xf3, 0x5a, 0x1a, 0x8c, 0xb3, 0xea, 0xbc, 0x37, 0x03, 0xd0, 0x6f, 0x5a,
-	0xb4, 0xb6, 0xc6, 0xe8, 0xa3, 0xcf, 0xc0, 0xb0, 0x3e, 0x3e, 0x82, 0x69, 0x39, 0x9f, 0xcd, 0x07,
-	0x6b, 0xc7, 0x0b, 0x7f, 0x26, 0xa8, 0x23, 0x44, 0x87, 0x61, 0x83, 0x22, 0xaa, 0x66, 0x04, 0xb9,
-	0xb8, 0xd8, 0x1d, 0x53, 0xd4, 0xbd, 0xfd, 0x23, 0x81, 0xec, 0x9d, 0x83, 0xae, 0xc3, 0x40, 0xb5,
-	0xee, 0x12, 0x2f, 0x5a, 0x2e, 0xb7, 0x0b, 0xae, 0x3a, 0x2f, 0x70, 0xc4, 0x56, 0x14, 0xd9, 0xa5,
-	0x78, 0x19, 0x56, 0x14, 0xec, 0xcb, 0x30, 0x54, 0xa9, 0x13, 0xd2, 0xe4, 0x7e, 0x5c, 0xe8, 0x29,
-	0xf6, 0x30, 0x61, 0xac, 0xa5, 0xc5, 0x58, 0x4b, 0xfd, 0xcd, 0xc1, 0x98, 0x4a, 0x09, 0xb7, 0xff,
-	0xb8, 0x00, 0xa5, 0x0e, 0x49, 0xce, 0x12, 0xfa, 0x36, 0xab, 0x2b, 0x7d, 0xdb, 0x2c, 0x8c, 0xc5,
-	0xff, 0x74, 0x51, 0x9e, 0x32, 0x86, 0xbe, 0x69, 0x82, 0x71, 0x12, 0xbf, 0x6b, 0xbf, 0x16, 0x5d,
-	0x65, 0xd7, 0xd3, 0xd1, 0x33, 0xcb, 0x50, 0xd5, 0xf7, 0x76, 0xff, 0xf6, 0xce, 0x55, 0xbb, 0xda,
-	0xdf, 0x28, 0xc0, 0x71, 0x35, 0x84, 0xdf, 0xbb, 0x03, 0xb7, 0x9e, 0x1e, 0xb8, 0x07, 0xa0, 0xb4,
-	0xb6, 0x6f, 0x40, 0x1f, 0x8f, 0xf8, 0xda, 0x05, 0xcf, 0xff, 0x98, 0x19, 0x7c, 0x5f, 0xb1, 0x99,
-	0x46, 0x00, 0xfe, 0x1f, 0xb3, 0x60, 0x2c, 0xe1, 0x20, 0x89, 0xb0, 0xe6, 0x45, 0x7f, 0x3f, 0x7c,
-	0x79, 0x16, 0xc7, 0x7f, 0x0e, 0x7a, 0xb6, 0x7c, 0x65, 0xa4, 0xac, 0x30, 0xae, 0xfa, 0x61, 0x84,
-	0x19, 0xc4, 0xfe, 0x6b, 0x0b, 0x7a, 0xd7, 0x1c, 0xd7, 0x8b, 0xa4, 0xf6, 0xc3, 0xca, 0xd1, 0x7e,
-	0x74, 0xf3, 0x5d, 0xe8, 0x25, 0xe8, 0x23, 0x1b, 0x1b, 0xa4, 0x1a, 0x89, 0x59, 0x95, 0xd1, 0x34,
-	0xfa, 0x16, 0x59, 0x29, 0x65, 0x42, 0x59, 0x63, 0xfc, 0x2f, 0x16, 0xc8, 0xe8, 0x16, 0x0c, 0x46,
-	0x6e, 0x83, 0xcc, 0xd6, 0x6a, 0xc2, 0x26, 0xe0, 0x3e, 0x42, 0xc0, 0xac, 0x49, 0x02, 0x38, 0xa6,
-	0x65, 0x7f, 0xb9, 0x00, 0x10, 0x47, 0x98, 0xeb, 0xf4, 0x89, 0x73, 0x29, 0x6d, 0xf1, 0xf9, 0x0c,
-	0x6d, 0x31, 0x8a, 0x09, 0x66, 0xa8, 0x8a, 0xd5, 0x30, 0x15, 0xbb, 0x1a, 0xa6, 0x9e, 0xc3, 0x0c,
-	0xd3, 0x3c, 0x4c, 0xc4, 0x11, 0xf2, 0xcc, 0x00, 0xa1, 0xec, 0xfe, 0x5e, 0x4b, 0x02, 0x71, 0x1a,
-	0xdf, 0x26, 0x70, 0x4e, 0x05, 0x0a, 0x13, 0x77, 0x21, 0x73, 0x25, 0xd0, 0xb5, 0xef, 0x1d, 0xc6,
-	0x29, 0x56, 0x87, 0x17, 0x72, 0xd5, 0xe1, 0xbf, 0x60, 0xc1, 0xb1, 0x64, 0x3b, 0xcc, 0xef, 0xfe,
-	0x8b, 0x16, 0x1c, 0x8f, 0x73, 0xfc, 0xa4, 0x4d, 0x10, 0x5e, 0x6c, 0x1b, 0xfc, 0x2c, 0xa7, 0xc7,
-	0x71, 0xd8, 0x96, 0x95, 0x2c, 0xd2, 0x38, 0xbb, 0x45, 0xfb, 0xdf, 0xf5, 0xc0, 0x54, 0x5e, 0xd4,
-	0x34, 0xe6, 0x69, 0xe4, 0xdc, 0xad, 0x6c, 0x93, 0x3b, 0xc2, 0x9f, 0x23, 0xf6, 0x34, 0xe2, 0xc5,
-	0x58, 0xc2, 0x93, 0x69, 0x9d, 0x0a, 0x5d, 0xa6, 0x75, 0xda, 0x82, 0x89, 0x3b, 0x5b, 0xc4, 0x5b,
-	0xf7, 0x42, 0x27, 0x72, 0xc3, 0x0d, 0x97, 0x29, 0xd0, 0xf9, 0xba, 0x79, 0x45, 0x7a, 0x5d, 0xdc,
-	0x4a, 0x22, 0x1c, 0xec, 0x95, 0xce, 0x18, 0x05, 0x71, 0x97, 0xf9, 0x41, 0x82, 0xd3, 0x44, 0xd3,
-	0x59, 0xb1, 0x7a, 0x1e, 0x72, 0x56, 0xac, 0x86, 0x2b, 0xcc, 0x6e, 0xa4, 0x1b, 0x09, 0x7b, 0xb6,
-	0xae, 0xa8, 0x52, 0xac, 0x61, 0xa0, 0x4f, 0x01, 0xd2, 0xd3, 0x1a, 0x1a, 0x41, 0x6b, 0x9f, 0xdb,
-	0xdf, 0x2b, 0xa1, 0xd5, 0x14, 0xf4, 0x60, 0xaf, 0x34, 0x49, 0x4b, 0x97, 0x3d, 0xfa, 0xfc, 0x8d,
-	0x23, 0xfd, 0x65, 0x10, 0x42, 0xb7, 0x60, 0x9c, 0x96, 0xb2, 0x1d, 0x25, 0x23, 0xe2, 0xf2, 0x27,
-	0xeb, 0x33, 0xfb, 0x7b, 0xa5, 0xf1, 0xd5, 0x04, 0x2c, 0x8f, 0x74, 0x8a, 0x48, 0x46, 0x72, 0xac,
-	0x81, 0x6e, 0x93, 0x63, 0xd9, 0x5f, 0xb4, 0xe0, 0x14, 0xbd, 0xe0, 0x6a, 0xd7, 0x73, 0xb4, 0xe8,
-	0x4e, 0xd3, 0xe5, 0x7a, 0x1a, 0x71, 0xd5, 0x30, 0x59, 0x5d, 0x79, 0x99, 0x6b, 0x69, 0x14, 0x94,
-	0x9e, 0xf0, 0xdb, 0xae, 0x57, 0x4b, 0x9e, 0xf0, 0xd7, 0x5c, 0xaf, 0x86, 0x19, 0x44, 0x5d, 0x59,
-	0xc5, 0xdc, 0x08, 0xfb, 0x5f, 0xa3, 0x7b, 0x95, 0xf6, 0xe5, 0x3b, 0xda, 0x0d, 0xf4, 0x8c, 0xae,
-	0x53, 0x15, 0xe6, 0x93, 0xb9, 0xfa, 0xd4, 0x2f, 0x58, 0x20, 0xbc, 0xdf, 0xbb, 0xb8, 0x93, 0xdf,
-	0x86, 0xe1, 0x9d, 0x74, 0xca, 0xd7, 0x73, 0xf9, 0xe1, 0x00, 0x44, 0xa2, 0x57, 0xc5, 0xa2, 0x1b,
-	0xe9, 0x5d, 0x0d, 0x5a, 0x76, 0x0d, 0x04, 0x74, 0x81, 0x30, 0xad, 0x46, 0xe7, 0xde, 0x3c, 0x0f,
-	0x50, 0x63, 0xb8, 0x2c, 0x0f, 0x7c, 0xc1, 0xe4, 0xb8, 0x16, 0x14, 0x04, 0x6b, 0x58, 0xf6, 0xaf,
-	0x16, 0x61, 0x48, 0xa6, 0x18, 0x6d, 0x79, 0xdd, 0xc8, 0x1e, 0x75, 0xc6, 0xa9, 0xd0, 0x91, 0x71,
-	0x7a, 0x07, 0x26, 0x02, 0x52, 0x6d, 0x05, 0xa1, 0xbb, 0x43, 0x24, 0x58, 0x6c, 0x92, 0x19, 0x9e,
-	0xe0, 0x21, 0x01, 0x3c, 0x60, 0x21, 0xb2, 0x12, 0x85, 0x4c, 0x69, 0x9c, 0x26, 0x84, 0x2e, 0xc2,
-	0x20, 0x13, 0xbd, 0x97, 0x63, 0x81, 0xb0, 0x12, 0x7c, 0xad, 0x48, 0x00, 0x8e, 0x71, 0xd8, 0xe3,
-	0xa0, 0x75, 0x9b, 0xa1, 0x27, 0x3c, 0xc1, 0x2b, 0xbc, 0x18, 0x4b, 0x38, 0xfa, 0x38, 0x8c, 0xf3,
-	0x7a, 0x81, 0xdf, 0x74, 0x36, 0xb9, 0x4a, 0xb0, 0x57, 0x85, 0xd7, 0x19, 0x5f, 0x49, 0xc0, 0x0e,
-	0xf6, 0x4a, 0xc7, 0x92, 0x65, 0xac, 0xdb, 0x29, 0x2a, 0xcc, 0xf2, 0x8f, 0x37, 0x42, 0xef, 0x8c,
-	0x94, 0xc1, 0x60, 0x0c, 0xc2, 0x3a, 0x9e, 0xfd, 0xcf, 0x16, 0x4c, 0x68, 0x53, 0xd5, 0x75, 0x8e,
-	0x0d, 0x63, 0x90, 0x0a, 0x5d, 0x0c, 0xd2, 0xe1, 0xa2, 0x3d, 0x64, 0xce, 0x70, 0xcf, 0x03, 0x9a,
-	0x61, 0xfb, 0x33, 0x80, 0xd2, 0xf9, 0x6b, 0xd1, 0x9b, 0xdc, 0x90, 0xdf, 0x0d, 0x48, 0xad, 0x9d,
-	0xc2, 0x5f, 0x8f, 0x9c, 0x23, 0x3d, 0x57, 0x79, 0x2d, 0xac, 0xea, 0xdb, 0x3f, 0xde, 0x03, 0xe3,
-	0xc9, 0x58, 0x1d, 0xe8, 0x2a, 0xf4, 0x71, 0x2e, 0x5d, 0x90, 0x6f, 0x63, 0x4f, 0xa6, 0x45, 0xf8,
-	0xe0, 0xf9, 0x6f, 0x38, 0x77, 0x2f, 0xea, 0xa3, 0x77, 0x60, 0xa8, 0xe6, 0xdf, 0xf1, 0xee, 0x38,
-	0x41, 0x6d, 0xb6, 0xbc, 0x2c, 0x4e, 0x88, 0x4c, 0x01, 0xd4, 0x42, 0x8c, 0xa6, 0x47, 0x0d, 0x61,
-	0xb6, 0x13, 0x31, 0x08, 0xeb, 0xe4, 0xd0, 0x1a, 0x4b, 0xc9, 0xb4, 0xe1, 0x6e, 0xae, 0x38, 0xcd,
-	0x76, 0x5e, 0x5d, 0xf3, 0x12, 0x49, 0xa3, 0x3c, 0x22, 0xf2, 0x36, 0x71, 0x00, 0x8e, 0x09, 0xa1,
-	0xcf, 0xc1, 0x64, 0x98, 0xa3, 0x12, 0xcb, 0x4b, 0x67, 0xde, 0x4e, 0x4b, 0xc4, 0x85, 0x29, 0x59,
-	0xca, 0xb3, 0xac, 0x66, 0xd0, 0x5d, 0x40, 0x42, 0xf4, 0xbc, 0x16, 0xb4, 0xc2, 0x68, 0xae, 0xe5,
-	0xd5, 0xea, 0x32, 0x65, 0xd3, 0x87, 0xb3, 0xe5, 0x04, 0x49, 0x6c, 0xad, 0x6d, 0x16, 0x12, 0x38,
-	0x8d, 0x81, 0x33, 0xda, 0xb0, 0xbf, 0xd0, 0x03, 0xd3, 0x32, 0x61, 0x74, 0x86, 0xf7, 0xca, 0xe7,
-	0xad, 0x84, 0xfb, 0xca, 0x2b, 0xf9, 0x07, 0xfd, 0x43, 0x73, 0x62, 0xf9, 0x52, 0xda, 0x89, 0xe5,
-	0xb5, 0x43, 0x76, 0xe3, 0x81, 0xb9, 0xb2, 0x7c, 0xcf, 0xfa, 0x9f, 0xec, 0x1f, 0x03, 0xe3, 0x6a,
-	0x46, 0x98, 0xc7, 0x5b, 0x2f, 0x4b, 0xd5, 0x51, 0xce, 0xf3, 0xff, 0xaa, 0xc0, 0x31, 0x2e, 0xfb,
-	0x61, 0x19, 0x95, 0x9d, 0x9d, 0xb3, 0x8a, 0x0e, 0xa5, 0x49, 0x1a, 0xcd, 0x68, 0x77, 0xc1, 0x0d,
-	0x44, 0x8f, 0x33, 0x69, 0x2e, 0x0a, 0x9c, 0x34, 0x4d, 0x09, 0xc1, 0x8a, 0x0e, 0xda, 0x81, 0x89,
-	0x4d, 0x16, 0xf1, 0x49, 0xcb, 0xdd, 0x2c, 0xce, 0x85, 0xcc, 0x7d, 0x7b, 0x65, 0x7e, 0x31, 0x3f,
-	0xd1, 0x33, 0x7f, 0xfc, 0xa5, 0x50, 0x70, 0xba, 0x09, 0xba, 0x35, 0x8e, 0x39, 0x77, 0xc2, 0xc5,
-	0xba, 0x13, 0x46, 0x6e, 0x75, 0xae, 0xee, 0x57, 0xb7, 0x2b, 0x91, 0x1f, 0xc8, 0x04, 0x8f, 0x99,
-	0x6f, 0xaf, 0xd9, 0x5b, 0x95, 0x14, 0xbe, 0xd1, 0xfc, 0xd4, 0xfe, 0x5e, 0xe9, 0x58, 0x16, 0x16,
-	0xce, 0x6c, 0x0b, 0xad, 0x42, 0xff, 0xa6, 0x1b, 0x61, 0xd2, 0xf4, 0xc5, 0x69, 0x91, 0x79, 0x14,
-	0x5e, 0xe1, 0x28, 0x46, 0x4b, 0x2c, 0x22, 0x95, 0x00, 0x60, 0x49, 0x04, 0xbd, 0xa9, 0x2e, 0x81,
-	0xbe, 0x7c, 0x01, 0x6c, 0xda, 0xf6, 0x2e, 0xf3, 0x1a, 0x78, 0x1d, 0x8a, 0xde, 0x46, 0xd8, 0x2e,
-	0x16, 0xcf, 0xea, 0x92, 0x21, 0x3f, 0x9b, 0xeb, 0xa7, 0x4f, 0xe3, 0xd5, 0xa5, 0x0a, 0xa6, 0x15,
-	0x99, 0xdb, 0x6b, 0x58, 0x0d, 0x5d, 0x91, 0x2c, 0x2a, 0xd3, 0x0b, 0x78, 0xb9, 0x32, 0x5f, 0x59,
-	0x36, 0x68, 0xb0, 0xa8, 0x86, 0xac, 0x18, 0xf3, 0xea, 0xe8, 0x26, 0x0c, 0x6e, 0xf2, 0x83, 0x6f,
-	0x23, 0x14, 0x49, 0xe3, 0x33, 0x2f, 0xa3, 0x2b, 0x12, 0xc9, 0xa0, 0xc7, 0xae, 0x0c, 0x05, 0xc2,
-	0x31, 0x29, 0xf4, 0x05, 0x0b, 0x8e, 0x27, 0xb3, 0xee, 0x33, 0x67, 0x35, 0x61, 0xa6, 0x96, 0xe9,
-	0x00, 0x50, 0xce, 0xaa, 0x60, 0x34, 0xc8, 0xd4, 0x2f, 0x99, 0x68, 0x38, 0xbb, 0x39, 0x3a, 0xd0,
-	0xc1, 0xed, 0x5a, 0xbb, 0xfc, 0x42, 0x89, 0xc0, 0x44, 0x7c, 0xa0, 0xf1, 0xdc, 0x02, 0xa6, 0x15,
-	0xd1, 0x1a, 0xc0, 0x46, 0x9d, 0x88, 0x88, 0x8f, 0xc2, 0x28, 0x2a, 0xf3, 0xf6, 0x5f, 0x52, 0x58,
-	0x82, 0x0e, 0x7b, 0x89, 0xc6, 0xa5, 0x58, 0xa3, 0x43, 0x97, 0x52, 0xd5, 0xf5, 0x6a, 0x24, 0x60,
-	0xca, 0xad, 0x9c, 0xa5, 0x34, 0xcf, 0x30, 0xd2, 0x4b, 0x89, 0x97, 0x63, 0x41, 0x81, 0xd1, 0x22,
-	0xcd, 0xad, 0x8d, 0xb0, 0x5d, 0x26, 0x8b, 0x79, 0xd2, 0xdc, 0x4a, 0x2c, 0x28, 0x4e, 0x8b, 0x95,
-	0x63, 0x41, 0x81, 0x6e, 0x99, 0x0d, 0xba, 0x81, 0x48, 0x30, 0x35, 0x96, 0xbf, 0x65, 0x96, 0x38,
-	0x4a, 0x7a, 0xcb, 0x08, 0x00, 0x96, 0x44, 0xd0, 0xa7, 0x4d, 0x6e, 0x67, 0x9c, 0xd1, 0x7c, 0xa6,
-	0x03, 0xb7, 0x63, 0xd0, 0x6d, 0xcf, 0xef, 0xbc, 0x02, 0x85, 0x8d, 0x2a, 0x53, 0x8a, 0xe5, 0xe8,
-	0x0c, 0x96, 0xe6, 0x0d, 0x6a, 0x2c, 0x32, 0xfc, 0xd2, 0x3c, 0x2e, 0x6c, 0x54, 0xe9, 0xd2, 0x77,
-	0xee, 0xb5, 0x02, 0xb2, 0xe4, 0xd6, 0x89, 0xc8, 0x6a, 0x91, 0xb9, 0xf4, 0x67, 0x25, 0x52, 0x7a,
-	0xe9, 0x2b, 0x10, 0x8e, 0x49, 0x51, 0xba, 0x31, 0x0f, 0x36, 0x99, 0x4f, 0x57, 0xb1, 0x5a, 0x69,
-	0xba, 0x99, 0x5c, 0xd8, 0x36, 0x8c, 0xec, 0x84, 0xcd, 0x2d, 0x22, 0x4f, 0x45, 0xa6, 0xae, 0xcb,
-	0x89, 0x54, 0x71, 0x53, 0x20, 0xba, 0x41, 0xd4, 0x72, 0xea, 0xa9, 0x83, 0x9c, 0x89, 0x56, 0x6e,
-	0xea, 0xc4, 0xb0, 0x49, 0x9b, 0x2e, 0x84, 0x77, 0x79, 0x38, 0x39, 0xa6, 0xb8, 0xcb, 0x59, 0x08,
-	0x19, 0x11, 0xe7, 0xf8, 0x42, 0x10, 0x00, 0x2c, 0x89, 0xa8, 0xc1, 0x66, 0x17, 0xd0, 0x89, 0x0e,
-	0x83, 0x9d, 0xea, 0x6f, 0x3c, 0xd8, 0xec, 0xc2, 0x89, 0x49, 0xb1, 0x8b, 0xa6, 0xb9, 0xe5, 0x47,
-	0xbe, 0x97, 0xb8, 0xe4, 0x4e, 0xe6, 0x5f, 0x34, 0xe5, 0x0c, 0xfc, 0xf4, 0x45, 0x93, 0x85, 0x85,
-	0x33, 0xdb, 0xa2, 0x1f, 0xd7, 0x94, 0x91, 0x01, 0x45, 0xe6, 0x8d, 0xa7, 0x72, 0x02, 0x6b, 0xa6,
-	0xc3, 0x07, 0xf2, 0x8f, 0x53, 0x20, 0x1c, 0x93, 0x42, 0x35, 0x18, 0x6d, 0x1a, 0x11, 0x67, 0x59,
-	0x06, 0x91, 0x1c, 0xbe, 0x20, 0x2b, 0x36, 0x2d, 0x97, 0x10, 0x99, 0x10, 0x9c, 0xa0, 0xc9, 0x2c,
-	0xf7, 0xb8, 0xab, 0x1f, 0x4b, 0x30, 0x92, 0x33, 0xd5, 0x19, 0xde, 0x80, 0x7c, 0xaa, 0x05, 0x00,
-	0x4b, 0x22, 0x74, 0x34, 0x84, 0x83, 0x9a, 0x1f, 0xb2, 0x3c, 0x3d, 0x79, 0x0a, 0xf6, 0x2c, 0x35,
-	0x91, 0x0c, 0xb3, 0x2e, 0x40, 0x38, 0x26, 0x45, 0x4f, 0x72, 0x7a, 0xe1, 0x9d, 0xce, 0x3f, 0xc9,
-	0x93, 0xd7, 0x1d, 0x3b, 0xc9, 0xe9, 0x65, 0x57, 0x14, 0x57, 0x9d, 0x8a, 0x0a, 0xce, 0x72, 0x8c,
-	0xe4, 0xf4, 0x4b, 0x85, 0x15, 0x4f, 0xf7, 0x4b, 0x81, 0x70, 0x4c, 0x8a, 0x5d, 0xc5, 0x2c, 0x34,
-	0xdd, 0xd9, 0x36, 0x57, 0x31, 0x45, 0xc8, 0xb8, 0x8a, 0xb5, 0xd0, 0x75, 0xf6, 0x8f, 0x17, 0xe0,
-	0x6c, 0xfb, 0x7d, 0x1b, 0xeb, 0xd0, 0xca, 0xb1, 0xcd, 0x52, 0x42, 0x87, 0xc6, 0x25, 0x3a, 0x31,
-	0x56, 0xd7, 0x01, 0x87, 0xaf, 0xc0, 0x84, 0x72, 0x47, 0xac, 0xbb, 0xd5, 0x5d, 0x2d, 0xb1, 0xa8,
-	0x0a, 0xcd, 0x53, 0x49, 0x22, 0xe0, 0x74, 0x1d, 0x34, 0x0b, 0x63, 0x46, 0xe1, 0xf2, 0x82, 0x78,
-	0xfe, 0xc7, 0xd9, 0x31, 0x4c, 0x30, 0x4e, 0xe2, 0xdb, 0xbf, 0x66, 0xc1, 0xc9, 0x9c, 0x3c, 0xf3,
-	0x5d, 0xc7, 0xd3, 0xdd, 0x80, 0xb1, 0xa6, 0x59, 0xb5, 0x43, 0x08, 0x70, 0x23, 0x9b, 0xbd, 0xea,
-	0x6b, 0x02, 0x80, 0x93, 0x44, 0xed, 0x5f, 0x29, 0xc0, 0x99, 0xb6, 0xf6, 0xf5, 0x08, 0xc3, 0x89,
-	0xcd, 0x46, 0xe8, 0xcc, 0x07, 0xa4, 0x46, 0xbc, 0xc8, 0x75, 0xea, 0x95, 0x26, 0xa9, 0x6a, 0x5a,
-	0x50, 0x66, 0xa8, 0x7e, 0x65, 0xa5, 0x32, 0x9b, 0xc6, 0xc0, 0x39, 0x35, 0xd1, 0x12, 0xa0, 0x34,
-	0x44, 0xcc, 0x30, 0x7b, 0xe2, 0xa6, 0xe9, 0xe1, 0x8c, 0x1a, 0xe8, 0x65, 0x18, 0x51, 0x76, 0xfb,
-	0xda, 0x8c, 0xb3, 0x0b, 0x02, 0xeb, 0x00, 0x6c, 0xe2, 0xa1, 0x4b, 0x3c, 0x6d, 0x92, 0x48, 0xb0,
-	0x25, 0x54, 0xa6, 0x63, 0x32, 0x27, 0x92, 0x28, 0xc6, 0x3a, 0xce, 0xdc, 0xe5, 0x3f, 0xfd, 0xf6,
-	0xd9, 0x0f, 0xfd, 0xc5, 0xb7, 0xcf, 0x7e, 0xe8, 0xaf, 0xbe, 0x7d, 0xf6, 0x43, 0x3f, 0xb4, 0x7f,
-	0xd6, 0xfa, 0xd3, 0xfd, 0xb3, 0xd6, 0x5f, 0xec, 0x9f, 0xb5, 0xfe, 0x6a, 0xff, 0xac, 0xf5, 0xff,
-	0xee, 0x9f, 0xb5, 0xbe, 0xfc, 0xb7, 0x67, 0x3f, 0xf4, 0x36, 0x8a, 0x23, 0x54, 0x5f, 0xa4, 0xb3,
-	0x73, 0x71, 0xe7, 0xd2, 0x7f, 0x0a, 0x00, 0x00, 0xff, 0xff, 0x60, 0x45, 0x7a, 0xd6, 0xa3, 0x24,
-	0x01, 0x00,
+	// 16206 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0xbd, 0x69, 0x90, 0x1c, 0xc9,
+	0x75, 0x30, 0xc6, 0xea, 0x9e, 0xf3, 0xcd, 0x9d, 0xb8, 0x06, 0xb3, 0x00, 0x1a, 0x5b, 0xbb, 0x8b,
+	0xc5, 0x5e, 0x03, 0x62, 0x0f, 0x2e, 0xb8, 0xbb, 0x5c, 0xed, 0x9c, 0x40, 0x2f, 0x30, 0x83, 0xde,
+	0xec, 0x01, 0x40, 0x2e, 0x97, 0x14, 0x0b, 0xdd, 0x39, 0x33, 0xc5, 0xe9, 0xae, 0xea, 0xad, 0xaa,
+	0x1e, 0x60, 0x60, 0x2a, 0x24, 0x51, 0x16, 0x25, 0x52, 0x72, 0x04, 0x43, 0x21, 0x59, 0x0e, 0x4a,
+	0xa1, 0x1f, 0xba, 0x65, 0x5a, 0xb2, 0x68, 0xc9, 0x92, 0x2c, 0xea, 0xb2, 0x2d, 0x47, 0xc8, 0xfe,
+	0x21, 0x4b, 0x8a, 0x30, 0xa9, 0xb0, 0xc2, 0x23, 0x73, 0x6c, 0x87, 0x42, 0x3f, 0x2c, 0x29, 0x64,
+	0xff, 0xb0, 0x27, 0xf4, 0x7d, 0xfc, 0x22, 0xcf, 0xca, 0xac, 0xa3, 0xbb, 0x07, 0x0b, 0x0c, 0x97,
+	0x8c, 0xfd, 0xd7, 0x9d, 0xef, 0xe5, 0xcb, 0xac, 0x3c, 0x5f, 0xbe, 0x13, 0xec, 0xad, 0x4b, 0xe1,
+	0xac, 0xeb, 0x5f, 0x70, 0x5a, 0xee, 0x85, 0x9a, 0x1f, 0x90, 0x0b, 0xdb, 0x17, 0x2f, 0x6c, 0x10,
+	0x8f, 0x04, 0x4e, 0x44, 0xea, 0xb3, 0xad, 0xc0, 0x8f, 0x7c, 0x84, 0x38, 0xce, 0xac, 0xd3, 0x72,
+	0x67, 0x29, 0xce, 0xec, 0xf6, 0xc5, 0x99, 0xe7, 0x36, 0xdc, 0x68, 0xb3, 0x7d, 0x7b, 0xb6, 0xe6,
+	0x37, 0x2f, 0x6c, 0xf8, 0x1b, 0xfe, 0x05, 0x86, 0x7a, 0xbb, 0xbd, 0xce, 0xfe, 0xb1, 0x3f, 0xec,
+	0x17, 0x27, 0x31, 0xf3, 0x62, 0xdc, 0x4c, 0xd3, 0xa9, 0x6d, 0xba, 0x1e, 0x09, 0x76, 0x2e, 0xb4,
+	0xb6, 0x36, 0x58, 0xbb, 0x01, 0x09, 0xfd, 0x76, 0x50, 0x23, 0xc9, 0x86, 0x3b, 0xd6, 0x0a, 0x2f,
+	0x34, 0x49, 0xe4, 0x64, 0x74, 0x77, 0xe6, 0x42, 0x5e, 0xad, 0xa0, 0xed, 0x45, 0x6e, 0x33, 0xdd,
+	0xcc, 0x47, 0xba, 0x55, 0x08, 0x6b, 0x9b, 0xa4, 0xe9, 0xa4, 0xea, 0xbd, 0x90, 0x57, 0xaf, 0x1d,
+	0xb9, 0x8d, 0x0b, 0xae, 0x17, 0x85, 0x51, 0x90, 0xac, 0x64, 0x7f, 0xd3, 0x82, 0xb3, 0x73, 0xb7,
+	0xaa, 0x4b, 0x0d, 0x27, 0x8c, 0xdc, 0xda, 0x7c, 0xc3, 0xaf, 0x6d, 0x55, 0x23, 0x3f, 0x20, 0x37,
+	0xfd, 0x46, 0xbb, 0x49, 0xaa, 0x6c, 0x20, 0xd0, 0xb3, 0x30, 0xb4, 0xcd, 0xfe, 0x97, 0x17, 0xa7,
+	0xad, 0xb3, 0xd6, 0xf9, 0xe1, 0xf9, 0xc9, 0xbf, 0xd8, 0x2d, 0x7d, 0x68, 0x6f, 0xb7, 0x34, 0x74,
+	0x53, 0x94, 0x63, 0x85, 0x81, 0xce, 0xc1, 0xc0, 0x7a, 0xb8, 0xb6, 0xd3, 0x22, 0xd3, 0x05, 0x86,
+	0x3b, 0x2e, 0x70, 0x07, 0x96, 0xab, 0xb4, 0x14, 0x0b, 0x28, 0xba, 0x00, 0xc3, 0x2d, 0x27, 0x88,
+	0xdc, 0xc8, 0xf5, 0xbd, 0xe9, 0xe2, 0x59, 0xeb, 0x7c, 0xff, 0xfc, 0x94, 0x40, 0x1d, 0xae, 0x48,
+	0x00, 0x8e, 0x71, 0x68, 0x37, 0x02, 0xe2, 0xd4, 0xaf, 0x7b, 0x8d, 0x9d, 0xe9, 0xbe, 0xb3, 0xd6,
+	0xf9, 0xa1, 0xb8, 0x1b, 0x58, 0x94, 0x63, 0x85, 0x61, 0x7f, 0xa5, 0x00, 0x43, 0x73, 0xeb, 0xeb,
+	0xae, 0xe7, 0x46, 0x3b, 0xe8, 0x26, 0x8c, 0x7a, 0x7e, 0x9d, 0xc8, 0xff, 0xec, 0x2b, 0x46, 0x9e,
+	0x3f, 0x3b, 0x9b, 0x5e, 0x4a, 0xb3, 0xab, 0x1a, 0xde, 0xfc, 0xe4, 0xde, 0x6e, 0x69, 0x54, 0x2f,
+	0xc1, 0x06, 0x1d, 0x84, 0x61, 0xa4, 0xe5, 0xd7, 0x15, 0xd9, 0x02, 0x23, 0x5b, 0xca, 0x22, 0x5b,
+	0x89, 0xd1, 0xe6, 0x27, 0xf6, 0x76, 0x4b, 0x23, 0x5a, 0x01, 0xd6, 0x89, 0xa0, 0xdb, 0x30, 0x41,
+	0xff, 0x7a, 0x91, 0xab, 0xe8, 0x16, 0x19, 0xdd, 0xc7, 0xf2, 0xe8, 0x6a, 0xa8, 0xf3, 0x47, 0xf6,
+	0x76, 0x4b, 0x13, 0x89, 0x42, 0x9c, 0x24, 0x68, 0xff, 0xa4, 0x05, 0x13, 0x73, 0xad, 0xd6, 0x5c,
+	0xd0, 0xf4, 0x83, 0x4a, 0xe0, 0xaf, 0xbb, 0x0d, 0x82, 0x5e, 0x86, 0xbe, 0x88, 0xce, 0x1a, 0x9f,
+	0xe1, 0xc7, 0xc4, 0xd0, 0xf6, 0xd1, 0xb9, 0xda, 0xdf, 0x2d, 0x1d, 0x49, 0xa0, 0xb3, 0xa9, 0x64,
+	0x15, 0xd0, 0x1b, 0x30, 0xd9, 0xf0, 0x6b, 0x4e, 0x63, 0xd3, 0x0f, 0x23, 0x01, 0x15, 0x53, 0x7f,
+	0x74, 0x6f, 0xb7, 0x34, 0x79, 0x2d, 0x01, 0xc3, 0x29, 0x6c, 0xfb, 0x1e, 0x8c, 0xcf, 0x45, 0x91,
+	0x53, 0xdb, 0x24, 0x75, 0xbe, 0xa0, 0xd0, 0x8b, 0xd0, 0xe7, 0x39, 0x4d, 0xd9, 0x99, 0xb3, 0xb2,
+	0x33, 0xab, 0x4e, 0x93, 0x76, 0x66, 0xf2, 0x86, 0xe7, 0xbe, 0xdb, 0x16, 0x8b, 0x94, 0x96, 0x61,
+	0x86, 0x8d, 0x9e, 0x07, 0xa8, 0x93, 0x6d, 0xb7, 0x46, 0x2a, 0x4e, 0xb4, 0x29, 0xfa, 0x80, 0x44,
+	0x5d, 0x58, 0x54, 0x10, 0xac, 0x61, 0xd9, 0x77, 0x61, 0x78, 0x6e, 0xdb, 0x77, 0xeb, 0x15, 0xbf,
+	0x1e, 0xa2, 0x2d, 0x98, 0x68, 0x05, 0x64, 0x9d, 0x04, 0xaa, 0x68, 0xda, 0x3a, 0x5b, 0x3c, 0x3f,
+	0xf2, 0xfc, 0xf9, 0xcc, 0xb1, 0x37, 0x51, 0x97, 0xbc, 0x28, 0xd8, 0x99, 0x3f, 0x21, 0xda, 0x9b,
+	0x48, 0x40, 0x71, 0x92, 0xb2, 0xfd, 0xe7, 0x05, 0x38, 0x36, 0x77, 0xaf, 0x1d, 0x90, 0x45, 0x37,
+	0xdc, 0x4a, 0x6e, 0xb8, 0xba, 0x1b, 0x6e, 0xad, 0xc6, 0x23, 0xa0, 0x56, 0xfa, 0xa2, 0x28, 0xc7,
+	0x0a, 0x03, 0x3d, 0x07, 0x83, 0xf4, 0xf7, 0x0d, 0x5c, 0x16, 0x9f, 0x7c, 0x44, 0x20, 0x8f, 0x2c,
+	0x3a, 0x91, 0xb3, 0xc8, 0x41, 0x58, 0xe2, 0xa0, 0x15, 0x18, 0xa9, 0xb1, 0xf3, 0x61, 0x63, 0xc5,
+	0xaf, 0x13, 0xb6, 0xb6, 0x86, 0xe7, 0x9f, 0xa1, 0xe8, 0x0b, 0x71, 0xf1, 0xfe, 0x6e, 0x69, 0x9a,
+	0xf7, 0x4d, 0x90, 0xd0, 0x60, 0x58, 0xaf, 0x8f, 0x6c, 0xb5, 0xdd, 0xfb, 0x18, 0x25, 0xc8, 0xd8,
+	0xea, 0xe7, 0xb5, 0x9d, 0xdb, 0xcf, 0x76, 0xee, 0x68, 0xf6, 0xae, 0x45, 0x17, 0xa1, 0x6f, 0xcb,
+	0xf5, 0xea, 0xd3, 0x03, 0x8c, 0xd6, 0x69, 0x3a, 0xe7, 0x57, 0x5d, 0xaf, 0xbe, 0xbf, 0x5b, 0x9a,
+	0x32, 0xba, 0x43, 0x0b, 0x31, 0x43, 0xb5, 0xff, 0x1f, 0x0b, 0x4a, 0x0c, 0xb6, 0xec, 0x36, 0x48,
+	0x85, 0x04, 0xa1, 0x1b, 0x46, 0xc4, 0x8b, 0x8c, 0x01, 0x7d, 0x1e, 0x20, 0x24, 0xb5, 0x80, 0x44,
+	0xda, 0x90, 0xaa, 0x85, 0x51, 0x55, 0x10, 0xac, 0x61, 0xd1, 0xf3, 0x29, 0xdc, 0x74, 0x02, 0xb6,
+	0xbe, 0xc4, 0xc0, 0xaa, 0xf3, 0xa9, 0x2a, 0x01, 0x38, 0xc6, 0x31, 0xce, 0xa7, 0x62, 0xb7, 0xf3,
+	0x09, 0x7d, 0x0c, 0x26, 0xe2, 0xc6, 0xc2, 0x96, 0x53, 0x93, 0x03, 0xc8, 0x76, 0x70, 0xd5, 0x04,
+	0xe1, 0x24, 0xae, 0xfd, 0x9f, 0x5b, 0x62, 0xf1, 0xd0, 0xaf, 0x7e, 0x9f, 0x7f, 0xab, 0xfd, 0x07,
+	0x16, 0x0c, 0xce, 0xbb, 0x5e, 0xdd, 0xf5, 0x36, 0xd0, 0x67, 0x60, 0x88, 0x5e, 0x95, 0x75, 0x27,
+	0x72, 0xc4, 0x31, 0xfc, 0x61, 0x6d, 0x6f, 0xa9, 0x9b, 0x6b, 0xb6, 0xb5, 0xb5, 0x41, 0x0b, 0xc2,
+	0x59, 0x8a, 0x4d, 0x77, 0xdb, 0xf5, 0xdb, 0x9f, 0x25, 0xb5, 0x68, 0x85, 0x44, 0x4e, 0xfc, 0x39,
+	0x71, 0x19, 0x56, 0x54, 0xd1, 0x55, 0x18, 0x88, 0x9c, 0x60, 0x83, 0x44, 0xe2, 0x3c, 0xce, 0x3c,
+	0x37, 0x79, 0x4d, 0x4c, 0x77, 0x24, 0xf1, 0x6a, 0x24, 0xbe, 0xa5, 0xd6, 0x58, 0x55, 0x2c, 0x48,
+	0xd8, 0xff, 0x6e, 0x10, 0x4e, 0x2e, 0x54, 0xcb, 0x39, 0xeb, 0xea, 0x1c, 0x0c, 0xd4, 0x03, 0x77,
+	0x9b, 0x04, 0x62, 0x9c, 0x15, 0x95, 0x45, 0x56, 0x8a, 0x05, 0x14, 0x5d, 0x82, 0x51, 0x7e, 0x3f,
+	0x5e, 0x71, 0xbc, 0x7a, 0x7c, 0x3c, 0x0a, 0xec, 0xd1, 0x9b, 0x1a, 0x0c, 0x1b, 0x98, 0x07, 0x5c,
+	0x54, 0xe7, 0x12, 0x9b, 0x31, 0xef, 0xee, 0xfd, 0xa2, 0x05, 0x93, 0xbc, 0x99, 0xb9, 0x28, 0x0a,
+	0xdc, 0xdb, 0xed, 0x88, 0x84, 0xd3, 0xfd, 0xec, 0xa4, 0x5b, 0xc8, 0x1a, 0xad, 0xdc, 0x11, 0x98,
+	0xbd, 0x99, 0xa0, 0xc2, 0x0f, 0xc1, 0x69, 0xd1, 0xee, 0x64, 0x12, 0x8c, 0x53, 0xcd, 0xa2, 0x1f,
+	0xb1, 0x60, 0xa6, 0xe6, 0x7b, 0x51, 0xe0, 0x37, 0x1a, 0x24, 0xa8, 0xb4, 0x6f, 0x37, 0xdc, 0x70,
+	0x93, 0xaf, 0x53, 0x4c, 0xd6, 0xd9, 0x49, 0x90, 0x33, 0x87, 0x0a, 0x49, 0xcc, 0xe1, 0x99, 0xbd,
+	0xdd, 0xd2, 0xcc, 0x42, 0x2e, 0x29, 0xdc, 0xa1, 0x19, 0xb4, 0x05, 0x88, 0xde, 0xec, 0xd5, 0xc8,
+	0xd9, 0x20, 0x71, 0xe3, 0x83, 0xbd, 0x37, 0x7e, 0x7c, 0x6f, 0xb7, 0x84, 0x56, 0x53, 0x24, 0x70,
+	0x06, 0x59, 0xf4, 0x2e, 0x1c, 0xa5, 0xa5, 0xa9, 0x6f, 0x1d, 0xea, 0xbd, 0xb9, 0xe9, 0xbd, 0xdd,
+	0xd2, 0xd1, 0xd5, 0x0c, 0x22, 0x38, 0x93, 0x34, 0xfa, 0x21, 0x0b, 0x4e, 0xc6, 0x9f, 0xbf, 0x74,
+	0xb7, 0xe5, 0x78, 0xf5, 0xb8, 0xe1, 0xe1, 0xde, 0x1b, 0xa6, 0x67, 0xf2, 0xc9, 0x85, 0x3c, 0x4a,
+	0x38, 0xbf, 0x11, 0xe4, 0xc1, 0x11, 0xda, 0xb5, 0x64, 0xdb, 0xd0, 0x7b, 0xdb, 0x27, 0xf6, 0x76,
+	0x4b, 0x47, 0x56, 0xd3, 0x34, 0x70, 0x16, 0xe1, 0x99, 0x05, 0x38, 0x96, 0xb9, 0x3a, 0xd1, 0x24,
+	0x14, 0xb7, 0x08, 0x67, 0x02, 0x87, 0x31, 0xfd, 0x89, 0x8e, 0x42, 0xff, 0xb6, 0xd3, 0x68, 0x8b,
+	0x8d, 0x89, 0xf9, 0x9f, 0x57, 0x0a, 0x97, 0x2c, 0xfb, 0x7f, 0x28, 0xc2, 0xc4, 0x42, 0xb5, 0x7c,
+	0x5f, 0xbb, 0x5e, 0xbf, 0xf6, 0x0a, 0x1d, 0xaf, 0xbd, 0xf8, 0x12, 0x2d, 0xe6, 0x5e, 0xa2, 0x3f,
+	0x98, 0xb1, 0x65, 0xfb, 0xd8, 0x96, 0xfd, 0x68, 0xce, 0x96, 0x7d, 0xc0, 0x1b, 0x75, 0x3b, 0x67,
+	0xd5, 0xf6, 0xb3, 0x09, 0xcc, 0xe4, 0x90, 0x18, 0xef, 0x97, 0x3c, 0x6a, 0x0f, 0xb8, 0x74, 0x1f,
+	0xcc, 0x3c, 0xd6, 0x60, 0x74, 0xc1, 0x69, 0x39, 0xb7, 0xdd, 0x86, 0x1b, 0xb9, 0x24, 0x44, 0x4f,
+	0x42, 0xd1, 0xa9, 0xd7, 0x19, 0x77, 0x37, 0x3c, 0x7f, 0x6c, 0x6f, 0xb7, 0x54, 0x9c, 0xab, 0x53,
+	0x36, 0x03, 0x14, 0xd6, 0x0e, 0xa6, 0x18, 0xe8, 0x69, 0xe8, 0xab, 0x07, 0x7e, 0x6b, 0xba, 0xc0,
+	0x30, 0xe9, 0x2e, 0xef, 0x5b, 0x0c, 0xfc, 0x56, 0x02, 0x95, 0xe1, 0xd8, 0x7f, 0x56, 0x80, 0x53,
+	0x0b, 0xa4, 0xb5, 0xb9, 0x5c, 0xcd, 0xb9, 0x2f, 0xce, 0xc3, 0x50, 0xd3, 0xf7, 0xdc, 0xc8, 0x0f,
+	0x42, 0xd1, 0x34, 0x5b, 0x11, 0x2b, 0xa2, 0x0c, 0x2b, 0x28, 0x3a, 0x0b, 0x7d, 0xad, 0x98, 0x89,
+	0x1d, 0x95, 0x0c, 0x30, 0x63, 0x5f, 0x19, 0x84, 0x62, 0xb4, 0x43, 0x12, 0x88, 0x15, 0xa3, 0x30,
+	0x6e, 0x84, 0x24, 0xc0, 0x0c, 0x12, 0x73, 0x02, 0x94, 0x47, 0x10, 0x37, 0x42, 0x82, 0x13, 0xa0,
+	0x10, 0xac, 0x61, 0xa1, 0x0a, 0x0c, 0x87, 0x89, 0x99, 0xed, 0x69, 0x6b, 0x8e, 0x31, 0x56, 0x41,
+	0xcd, 0x64, 0x4c, 0xc4, 0xb8, 0xc1, 0x06, 0xba, 0xb2, 0x0a, 0x5f, 0x2f, 0x00, 0xe2, 0x43, 0xf8,
+	0x5d, 0x36, 0x70, 0x37, 0xd2, 0x03, 0xd7, 0xfb, 0x96, 0x78, 0x50, 0xa3, 0xf7, 0xff, 0x5a, 0x70,
+	0x6a, 0xc1, 0xf5, 0xea, 0x24, 0xc8, 0x59, 0x80, 0x0f, 0xe7, 0x29, 0x7f, 0x30, 0x26, 0xc5, 0x58,
+	0x62, 0x7d, 0x0f, 0x60, 0x89, 0xd9, 0xff, 0x6c, 0x01, 0xe2, 0x9f, 0xfd, 0xbe, 0xfb, 0xd8, 0x1b,
+	0xe9, 0x8f, 0x7d, 0x00, 0xcb, 0xc2, 0xbe, 0x06, 0xe3, 0x0b, 0x0d, 0x97, 0x78, 0x51, 0xb9, 0xb2,
+	0xe0, 0x7b, 0xeb, 0xee, 0x06, 0x7a, 0x05, 0xc6, 0x23, 0xb7, 0x49, 0xfc, 0x76, 0x54, 0x25, 0x35,
+	0xdf, 0x63, 0x2f, 0x57, 0xeb, 0x7c, 0xff, 0x3c, 0xda, 0xdb, 0x2d, 0x8d, 0xaf, 0x19, 0x10, 0x9c,
+	0xc0, 0xb4, 0x7f, 0x95, 0x9e, 0x5b, 0x8d, 0x76, 0x18, 0x91, 0x60, 0x2d, 0x68, 0x87, 0xd1, 0x7c,
+	0x9b, 0xf2, 0x9e, 0x95, 0xc0, 0xa7, 0xdd, 0x71, 0x7d, 0x0f, 0x9d, 0x32, 0x9e, 0xe3, 0x43, 0xf2,
+	0x29, 0x2e, 0x9e, 0xdd, 0xb3, 0x00, 0xa1, 0xbb, 0xe1, 0x91, 0x40, 0x7b, 0x3e, 0x8c, 0xb3, 0xad,
+	0xa2, 0x4a, 0xb1, 0x86, 0x81, 0x1a, 0x30, 0xd6, 0x70, 0x6e, 0x93, 0x46, 0x95, 0x34, 0x48, 0x2d,
+	0xf2, 0x03, 0x21, 0xdf, 0x78, 0xa1, 0xb7, 0x77, 0xc0, 0x35, 0xbd, 0xea, 0xfc, 0xd4, 0xde, 0x6e,
+	0x69, 0xcc, 0x28, 0xc2, 0x26, 0x71, 0x7a, 0x74, 0xf8, 0x2d, 0xfa, 0x15, 0x4e, 0x43, 0x7f, 0x7c,
+	0x5e, 0x17, 0x65, 0x58, 0x41, 0xd5, 0xd1, 0xd1, 0x97, 0x77, 0x74, 0xd8, 0x7f, 0x47, 0x17, 0x9a,
+	0xdf, 0x6c, 0xf9, 0x1e, 0xf1, 0xa2, 0x05, 0xdf, 0xab, 0x73, 0xc9, 0xd4, 0x2b, 0x86, 0xe8, 0xe4,
+	0x5c, 0x42, 0x74, 0x72, 0x3c, 0x5d, 0x43, 0x93, 0x9e, 0x7c, 0x14, 0x06, 0xc2, 0xc8, 0x89, 0xda,
+	0xa1, 0x18, 0xb8, 0x47, 0xe5, 0xb2, 0xab, 0xb2, 0xd2, 0xfd, 0xdd, 0xd2, 0x84, 0xaa, 0xc6, 0x8b,
+	0xb0, 0xa8, 0x80, 0x9e, 0x82, 0xc1, 0x26, 0x09, 0x43, 0x67, 0x43, 0xb2, 0x0d, 0x13, 0xa2, 0xee,
+	0xe0, 0x0a, 0x2f, 0xc6, 0x12, 0x8e, 0x1e, 0x83, 0x7e, 0x12, 0x04, 0x7e, 0x20, 0xbe, 0x6d, 0x4c,
+	0x20, 0xf6, 0x2f, 0xd1, 0x42, 0xcc, 0x61, 0xf6, 0xff, 0x6c, 0xc1, 0x84, 0xea, 0x2b, 0x6f, 0xeb,
+	0x10, 0x9e, 0x6b, 0x6f, 0x03, 0xd4, 0xe4, 0x07, 0x86, 0xec, 0x9a, 0x1d, 0x79, 0xfe, 0x5c, 0x26,
+	0x47, 0x93, 0x1a, 0xc6, 0x98, 0xb2, 0x2a, 0x0a, 0xb1, 0x46, 0xcd, 0xfe, 0x63, 0x0b, 0x8e, 0x24,
+	0xbe, 0xe8, 0x9a, 0x1b, 0x46, 0xe8, 0x9d, 0xd4, 0x57, 0xcd, 0xf6, 0xb8, 0xf8, 0xdc, 0x90, 0x7f,
+	0x93, 0xda, 0xf3, 0xb2, 0x44, 0xfb, 0xa2, 0x2b, 0xd0, 0xef, 0x46, 0xa4, 0x29, 0x3f, 0xe6, 0xb1,
+	0x8e, 0x1f, 0xc3, 0x7b, 0x15, 0xcf, 0x48, 0x99, 0xd6, 0xc4, 0x9c, 0x80, 0xfd, 0x67, 0x45, 0x18,
+	0xe6, 0xfb, 0x7b, 0xc5, 0x69, 0x1d, 0xc2, 0x5c, 0x3c, 0x03, 0xc3, 0x6e, 0xb3, 0xd9, 0x8e, 0x9c,
+	0xdb, 0xe2, 0xde, 0x1b, 0xe2, 0x67, 0x50, 0x59, 0x16, 0xe2, 0x18, 0x8e, 0xca, 0xd0, 0xc7, 0xba,
+	0xc2, 0xbf, 0xf2, 0xc9, 0xec, 0xaf, 0x14, 0x7d, 0x9f, 0x5d, 0x74, 0x22, 0x87, 0xb3, 0x9c, 0x6a,
+	0x5f, 0xd1, 0x22, 0xcc, 0x48, 0x20, 0x07, 0xe0, 0xb6, 0xeb, 0x39, 0xc1, 0x0e, 0x2d, 0x9b, 0x2e,
+	0x32, 0x82, 0xcf, 0x75, 0x26, 0x38, 0xaf, 0xf0, 0x39, 0x59, 0xf5, 0x61, 0x31, 0x00, 0x6b, 0x44,
+	0x67, 0x5e, 0x86, 0x61, 0x85, 0x7c, 0x10, 0xce, 0x71, 0xe6, 0x63, 0x30, 0x91, 0x68, 0xab, 0x5b,
+	0xf5, 0x51, 0x9d, 0xf1, 0xfc, 0x43, 0x76, 0x64, 0x88, 0x5e, 0x2f, 0x79, 0xdb, 0xe2, 0x6e, 0xba,
+	0x07, 0x47, 0x1b, 0x19, 0x47, 0xbe, 0x98, 0xd7, 0xde, 0xaf, 0x88, 0x53, 0xe2, 0xb3, 0x8f, 0x66,
+	0x41, 0x71, 0x66, 0x1b, 0xc6, 0x89, 0x58, 0xe8, 0x74, 0x22, 0xd2, 0xf3, 0xee, 0xa8, 0xea, 0xfc,
+	0x55, 0xb2, 0xa3, 0x0e, 0xd5, 0xef, 0x64, 0xf7, 0x4f, 0xf3, 0xd1, 0xe7, 0xc7, 0xe5, 0x88, 0x20,
+	0x50, 0xbc, 0x4a, 0x76, 0xf8, 0x54, 0xe8, 0x5f, 0x57, 0xec, 0xf8, 0x75, 0x5f, 0xb3, 0x60, 0x4c,
+	0x7d, 0xdd, 0x21, 0x9c, 0x0b, 0xf3, 0xe6, 0xb9, 0x70, 0xba, 0xe3, 0x02, 0xcf, 0x39, 0x11, 0xbe,
+	0x5e, 0x80, 0x93, 0x0a, 0x87, 0x3e, 0xa2, 0xf8, 0x1f, 0xb1, 0xaa, 0x2e, 0xc0, 0xb0, 0xa7, 0xc4,
+	0x89, 0x96, 0x29, 0xc7, 0x8b, 0x85, 0x89, 0x31, 0x0e, 0xbd, 0xf2, 0xbc, 0xf8, 0xd2, 0x1e, 0xd5,
+	0xe5, 0xec, 0xe2, 0x72, 0x9f, 0x87, 0x62, 0xdb, 0xad, 0x8b, 0x0b, 0xe6, 0xc3, 0x72, 0xb4, 0x6f,
+	0x94, 0x17, 0xf7, 0x77, 0x4b, 0x8f, 0xe6, 0xa9, 0x9c, 0xe8, 0xcd, 0x16, 0xce, 0xde, 0x28, 0x2f,
+	0x62, 0x5a, 0x19, 0xcd, 0xc1, 0x84, 0xd4, 0xaa, 0xdd, 0xa4, 0x7c, 0xa9, 0xef, 0x89, 0x7b, 0x48,
+	0x09, 0xcb, 0xb1, 0x09, 0xc6, 0x49, 0x7c, 0xb4, 0x08, 0x93, 0x5b, 0xed, 0xdb, 0xa4, 0x41, 0x22,
+	0xfe, 0xc1, 0x57, 0x09, 0x17, 0x25, 0x0f, 0xc7, 0x4f, 0xd8, 0xab, 0x09, 0x38, 0x4e, 0xd5, 0xb0,
+	0xbf, 0xcd, 0xee, 0x03, 0x31, 0x7a, 0x1a, 0x7f, 0xf3, 0x9d, 0x5c, 0xce, 0xbd, 0xac, 0x8a, 0xab,
+	0x64, 0x67, 0xcd, 0xa7, 0x7c, 0x48, 0xf6, 0xaa, 0x30, 0xd6, 0x7c, 0x5f, 0xc7, 0x35, 0xff, 0xbb,
+	0x05, 0x38, 0xa6, 0x46, 0xc0, 0xe0, 0x96, 0xbf, 0xdb, 0xc7, 0xe0, 0x22, 0x8c, 0xd4, 0xc9, 0xba,
+	0xd3, 0x6e, 0x44, 0x4a, 0xaf, 0xd1, 0xcf, 0x55, 0x6d, 0x8b, 0x71, 0x31, 0xd6, 0x71, 0x0e, 0x30,
+	0x6c, 0xbf, 0x39, 0xc6, 0x2e, 0xe2, 0xc8, 0xa1, 0x6b, 0x5c, 0xed, 0x1a, 0x2b, 0x77, 0xd7, 0x3c,
+	0x06, 0xfd, 0x6e, 0x93, 0x32, 0x66, 0x05, 0x93, 0xdf, 0x2a, 0xd3, 0x42, 0xcc, 0x61, 0xe8, 0x09,
+	0x18, 0xac, 0xf9, 0xcd, 0xa6, 0xe3, 0xd5, 0xd9, 0x95, 0x37, 0x3c, 0x3f, 0x42, 0x79, 0xb7, 0x05,
+	0x5e, 0x84, 0x25, 0x8c, 0x32, 0xdf, 0x4e, 0xb0, 0xc1, 0x85, 0x3d, 0x82, 0xf9, 0x9e, 0x0b, 0x36,
+	0x42, 0xcc, 0x4a, 0xe9, 0x5b, 0xf5, 0x8e, 0x1f, 0x6c, 0xb9, 0xde, 0xc6, 0xa2, 0x1b, 0x88, 0x2d,
+	0xa1, 0xee, 0xc2, 0x5b, 0x0a, 0x82, 0x35, 0x2c, 0xb4, 0x0c, 0xfd, 0x2d, 0x3f, 0x88, 0xc2, 0xe9,
+	0x01, 0x36, 0xdc, 0x8f, 0xe6, 0x1c, 0x44, 0xfc, 0x6b, 0x2b, 0x7e, 0x10, 0xc5, 0x1f, 0x40, 0xff,
+	0x85, 0x98, 0x57, 0x47, 0xd7, 0x60, 0x90, 0x78, 0xdb, 0xcb, 0x81, 0xdf, 0x9c, 0x3e, 0x92, 0x4f,
+	0x69, 0x89, 0xa3, 0xf0, 0x65, 0x16, 0xf3, 0xa8, 0xa2, 0x18, 0x4b, 0x12, 0xe8, 0xa3, 0x50, 0x24,
+	0xde, 0xf6, 0xf4, 0x20, 0xa3, 0x34, 0x93, 0x43, 0xe9, 0xa6, 0x13, 0xc4, 0x67, 0xfe, 0x92, 0xb7,
+	0x8d, 0x69, 0x1d, 0xf4, 0x09, 0x18, 0x96, 0x07, 0x46, 0x28, 0xa4, 0xa8, 0x99, 0x0b, 0x56, 0x1e,
+	0x33, 0x98, 0xbc, 0xdb, 0x76, 0x03, 0xd2, 0x24, 0x5e, 0x14, 0xc6, 0x27, 0xa4, 0x84, 0x86, 0x38,
+	0xa6, 0x86, 0x6a, 0x30, 0x1a, 0x90, 0xd0, 0xbd, 0x47, 0x2a, 0x7e, 0xc3, 0xad, 0xed, 0x4c, 0x9f,
+	0x60, 0xdd, 0x7b, 0xaa, 0xe3, 0x90, 0x61, 0xad, 0x42, 0x2c, 0xe5, 0xd7, 0x4b, 0xb1, 0x41, 0x14,
+	0xbd, 0x05, 0x63, 0x01, 0x09, 0x23, 0x27, 0x88, 0x44, 0x2b, 0xd3, 0x4a, 0x2b, 0x37, 0x86, 0x75,
+	0x00, 0x7f, 0x4e, 0xc4, 0xcd, 0xc4, 0x10, 0x6c, 0x52, 0x40, 0x9f, 0x90, 0x2a, 0x87, 0x15, 0xbf,
+	0xed, 0x45, 0xe1, 0xf4, 0x30, 0xeb, 0x77, 0xa6, 0x6e, 0xfa, 0x66, 0x8c, 0x97, 0xd4, 0x49, 0xf0,
+	0xca, 0xd8, 0x20, 0x85, 0x3e, 0x05, 0x63, 0xfc, 0x3f, 0x57, 0xa9, 0x86, 0xd3, 0xc7, 0x18, 0xed,
+	0xb3, 0xf9, 0xb4, 0x39, 0xe2, 0xfc, 0x31, 0x41, 0x7c, 0x4c, 0x2f, 0x0d, 0xb1, 0x49, 0x0d, 0x61,
+	0x18, 0x6b, 0xb8, 0xdb, 0xc4, 0x23, 0x61, 0x58, 0x09, 0xfc, 0xdb, 0x44, 0x48, 0x88, 0x4f, 0x66,
+	0xab, 0x60, 0xfd, 0xdb, 0x44, 0x3c, 0x02, 0xf5, 0x3a, 0xd8, 0x24, 0x81, 0x6e, 0xc0, 0x38, 0x7d,
+	0x92, 0xbb, 0x31, 0xd1, 0x91, 0x6e, 0x44, 0xd9, 0xc3, 0x19, 0x1b, 0x95, 0x70, 0x82, 0x08, 0xba,
+	0x0e, 0xa3, 0x6c, 0xcc, 0xdb, 0x2d, 0x4e, 0xf4, 0x78, 0x37, 0xa2, 0xcc, 0xa0, 0xa0, 0xaa, 0x55,
+	0xc1, 0x06, 0x01, 0xf4, 0x26, 0x0c, 0x37, 0xdc, 0x75, 0x52, 0xdb, 0xa9, 0x35, 0xc8, 0xf4, 0x28,
+	0xa3, 0x96, 0x79, 0x18, 0x5e, 0x93, 0x48, 0x9c, 0x3f, 0x57, 0x7f, 0x71, 0x5c, 0x1d, 0xdd, 0x84,
+	0xe3, 0x11, 0x09, 0x9a, 0xae, 0xe7, 0xd0, 0x43, 0x4c, 0x3c, 0x09, 0x99, 0x66, 0x7c, 0x8c, 0xad,
+	0xae, 0x33, 0x62, 0x36, 0x8e, 0xaf, 0x65, 0x62, 0xe1, 0x9c, 0xda, 0xe8, 0x2e, 0x4c, 0x67, 0x40,
+	0xf8, 0xba, 0x3d, 0xca, 0x28, 0xbf, 0x26, 0x28, 0x4f, 0xaf, 0xe5, 0xe0, 0xed, 0x77, 0x80, 0xe1,
+	0x5c, 0xea, 0xe8, 0x3a, 0x4c, 0xb0, 0x93, 0xb3, 0xd2, 0x6e, 0x34, 0x44, 0x83, 0xe3, 0xac, 0xc1,
+	0x27, 0x24, 0x1f, 0x51, 0x36, 0xc1, 0xfb, 0xbb, 0x25, 0x88, 0xff, 0xe1, 0x64, 0x6d, 0x74, 0x9b,
+	0x29, 0x61, 0xdb, 0x81, 0x1b, 0xed, 0xd0, 0x5d, 0x45, 0xee, 0x46, 0xd3, 0x13, 0x1d, 0x05, 0x52,
+	0x3a, 0xaa, 0xd2, 0xd4, 0xea, 0x85, 0x38, 0x49, 0x90, 0x5e, 0x05, 0x61, 0x54, 0x77, 0xbd, 0xe9,
+	0x49, 0xfe, 0x9e, 0x92, 0x27, 0x69, 0x95, 0x16, 0x62, 0x0e, 0x63, 0x0a, 0x58, 0xfa, 0xe3, 0x3a,
+	0xbd, 0x71, 0xa7, 0x18, 0x62, 0xac, 0x80, 0x95, 0x00, 0x1c, 0xe3, 0x50, 0x26, 0x38, 0x8a, 0x76,
+	0xa6, 0x11, 0x43, 0x55, 0x07, 0xe2, 0xda, 0xda, 0x27, 0x30, 0x2d, 0xb7, 0x6f, 0xc3, 0xb8, 0x3a,
+	0x26, 0xd8, 0x98, 0xa0, 0x12, 0xf4, 0x33, 0xb6, 0x4f, 0x88, 0x4f, 0x87, 0x69, 0x17, 0x18, 0x4b,
+	0x88, 0x79, 0x39, 0xeb, 0x82, 0x7b, 0x8f, 0xcc, 0xef, 0x44, 0x84, 0xcb, 0x22, 0x8a, 0x5a, 0x17,
+	0x24, 0x00, 0xc7, 0x38, 0xf6, 0xbf, 0xe7, 0xec, 0x73, 0x7c, 0x4b, 0xf4, 0x70, 0x2f, 0x3e, 0x0b,
+	0x43, 0xcc, 0xf0, 0xc3, 0x0f, 0xb8, 0x76, 0xb6, 0x3f, 0x66, 0x98, 0xaf, 0x88, 0x72, 0xac, 0x30,
+	0xd0, 0xab, 0x30, 0x56, 0xd3, 0x1b, 0x10, 0x97, 0xba, 0x3a, 0x46, 0x8c, 0xd6, 0xb1, 0x89, 0x8b,
+	0x2e, 0xc1, 0x10, 0xb3, 0x71, 0xaa, 0xf9, 0x0d, 0xc1, 0x6d, 0x4a, 0xce, 0x64, 0xa8, 0x22, 0xca,
+	0xf7, 0xb5, 0xdf, 0x58, 0x61, 0xa3, 0x73, 0x30, 0x40, 0xbb, 0x50, 0xae, 0x88, 0xeb, 0x54, 0x49,
+	0x02, 0xaf, 0xb0, 0x52, 0x2c, 0xa0, 0xf6, 0x1f, 0x5b, 0x8c, 0x97, 0x4a, 0x9f, 0xf9, 0xe8, 0x0a,
+	0xbb, 0x34, 0xd8, 0x0d, 0xa2, 0x69, 0xe1, 0x1f, 0xd7, 0x6e, 0x02, 0x05, 0xdb, 0x4f, 0xfc, 0xc7,
+	0x46, 0x4d, 0xf4, 0x76, 0xf2, 0x66, 0xe0, 0x0c, 0xc5, 0x8b, 0x72, 0x08, 0x92, 0xb7, 0xc3, 0x23,
+	0xf1, 0x15, 0x47, 0xfb, 0xd3, 0xe9, 0x8a, 0xb0, 0x7f, 0xaa, 0xa0, 0xad, 0x92, 0x6a, 0xe4, 0x44,
+	0x04, 0x55, 0x60, 0xf0, 0x8e, 0xe3, 0x46, 0xae, 0xb7, 0x21, 0xf8, 0xbe, 0xce, 0x17, 0x1d, 0xab,
+	0x74, 0x8b, 0x57, 0xe0, 0xdc, 0x8b, 0xf8, 0x83, 0x25, 0x19, 0x4a, 0x31, 0x68, 0x7b, 0x1e, 0xa5,
+	0x58, 0xe8, 0x95, 0x22, 0xe6, 0x15, 0x38, 0x45, 0xf1, 0x07, 0x4b, 0x32, 0xe8, 0x1d, 0x00, 0x79,
+	0x42, 0x90, 0xba, 0x90, 0x1d, 0x3e, 0xdb, 0x9d, 0xe8, 0x9a, 0xaa, 0xc3, 0x85, 0x93, 0xf1, 0x7f,
+	0xac, 0xd1, 0xb3, 0x23, 0x6d, 0x4e, 0xf5, 0xce, 0xa0, 0x4f, 0xd2, 0x2d, 0xea, 0x04, 0x11, 0xa9,
+	0xcf, 0x45, 0x62, 0x70, 0x9e, 0xee, 0xed, 0x71, 0xb8, 0xe6, 0x36, 0x89, 0xbe, 0x9d, 0x05, 0x11,
+	0x1c, 0xd3, 0xb3, 0x7f, 0xbf, 0x08, 0xd3, 0x79, 0xdd, 0xa5, 0x9b, 0x86, 0xdc, 0x75, 0xa3, 0x05,
+	0xca, 0xd6, 0x5a, 0xe6, 0xa6, 0x59, 0x12, 0xe5, 0x58, 0x61, 0xd0, 0xd5, 0x1b, 0xba, 0x1b, 0xf2,
+	0x6d, 0xdf, 0x1f, 0xaf, 0xde, 0x2a, 0x2b, 0xc5, 0x02, 0x4a, 0xf1, 0x02, 0xe2, 0x84, 0xc2, 0xf8,
+	0x4e, 0x5b, 0xe5, 0x98, 0x95, 0x62, 0x01, 0xd5, 0xa5, 0x8c, 0x7d, 0x5d, 0xa4, 0x8c, 0xc6, 0x10,
+	0xf5, 0x3f, 0xd8, 0x21, 0x42, 0x9f, 0x06, 0x58, 0x77, 0x3d, 0x37, 0xdc, 0x64, 0xd4, 0x07, 0x0e,
+	0x4c, 0x5d, 0x31, 0xc5, 0xcb, 0x8a, 0x0a, 0xd6, 0x28, 0xa2, 0x97, 0x60, 0x44, 0x1d, 0x20, 0xe5,
+	0x45, 0xa6, 0xfa, 0xd7, 0x4c, 0xa9, 0xe2, 0xd3, 0x74, 0x11, 0xeb, 0x78, 0xf6, 0x67, 0x93, 0xeb,
+	0x45, 0xec, 0x00, 0x6d, 0x7c, 0xad, 0x5e, 0xc7, 0xb7, 0xd0, 0x79, 0x7c, 0xed, 0xbf, 0x1e, 0x86,
+	0x09, 0xa3, 0xb1, 0x76, 0xd8, 0xc3, 0x99, 0x7b, 0x99, 0x5e, 0x40, 0x4e, 0x44, 0xc4, 0xfe, 0xb3,
+	0xbb, 0x6f, 0x15, 0xfd, 0x92, 0xa2, 0x3b, 0x80, 0xd7, 0x47, 0x9f, 0x86, 0xe1, 0x86, 0x13, 0x32,
+	0x89, 0x25, 0x11, 0xfb, 0xae, 0x17, 0x62, 0xf1, 0x83, 0xd0, 0x09, 0x23, 0xed, 0xd6, 0xe7, 0xb4,
+	0x63, 0x92, 0xf4, 0xa6, 0xa4, 0xfc, 0x95, 0xb4, 0xee, 0x54, 0x9d, 0xa0, 0x4c, 0xd8, 0x0e, 0xe6,
+	0x30, 0x74, 0x89, 0x1d, 0xad, 0x74, 0x55, 0x2c, 0x50, 0x6e, 0x94, 0x2d, 0xb3, 0x7e, 0x83, 0xc9,
+	0x56, 0x30, 0x6c, 0x60, 0xc6, 0x6f, 0xb2, 0x81, 0x0e, 0x6f, 0xb2, 0xa7, 0x60, 0x90, 0xfd, 0x50,
+	0x2b, 0x40, 0xcd, 0x46, 0x99, 0x17, 0x63, 0x09, 0x4f, 0x2e, 0x98, 0xa1, 0xde, 0x16, 0x0c, 0x7d,
+	0xf5, 0x89, 0x45, 0xcd, 0xcc, 0x2e, 0x86, 0xf8, 0x29, 0x27, 0x96, 0x3c, 0x96, 0x30, 0xf4, 0x6b,
+	0x16, 0x20, 0xa7, 0x41, 0x5f, 0xcb, 0xb4, 0x58, 0x3d, 0x6e, 0x80, 0xb1, 0xda, 0xaf, 0x76, 0x1d,
+	0xf6, 0x76, 0x38, 0x3b, 0x97, 0xaa, 0xcd, 0x25, 0xa5, 0xaf, 0x88, 0x2e, 0xa2, 0x34, 0x82, 0x7e,
+	0x19, 0x5d, 0x73, 0xc3, 0xe8, 0xf3, 0x7f, 0x9f, 0xb8, 0x9c, 0x32, 0xba, 0x84, 0x6e, 0xe8, 0x8f,
+	0xaf, 0x91, 0x03, 0x3e, 0xbe, 0xc6, 0x72, 0x1f, 0x5e, 0xdf, 0x9f, 0x78, 0xc0, 0x8c, 0xb2, 0x2f,
+	0x7f, 0xa2, 0xcb, 0x03, 0x46, 0x88, 0xd3, 0x7b, 0x79, 0xc6, 0x54, 0x84, 0x1e, 0x78, 0x8c, 0x75,
+	0xb9, 0xf3, 0x23, 0xf8, 0x46, 0x48, 0x82, 0xf9, 0x93, 0x52, 0x4d, 0xbc, 0xaf, 0xf3, 0x1e, 0x9a,
+	0xde, 0xf8, 0x87, 0x2c, 0x98, 0x4e, 0x0f, 0x10, 0xef, 0xd2, 0xf4, 0x38, 0xeb, 0xbf, 0xdd, 0x69,
+	0x64, 0x44, 0xe7, 0xa5, 0xb9, 0xeb, 0xf4, 0x5c, 0x0e, 0x2d, 0x9c, 0xdb, 0x0a, 0xba, 0x04, 0x10,
+	0x46, 0x7e, 0x8b, 0x9f, 0xf5, 0x8c, 0x99, 0x1d, 0x66, 0x06, 0x17, 0x50, 0x55, 0xa5, 0xfb, 0xf1,
+	0x5d, 0xa0, 0xe1, 0xce, 0xb4, 0xe1, 0x44, 0xce, 0x8a, 0xc9, 0x90, 0x77, 0x2f, 0xea, 0xf2, 0xee,
+	0x2e, 0x52, 0xd2, 0x59, 0x39, 0xa7, 0xb3, 0x6f, 0xb5, 0x1d, 0x2f, 0x72, 0xa3, 0x1d, 0x5d, 0x3e,
+	0xee, 0x81, 0x39, 0x94, 0xe8, 0x53, 0xd0, 0xdf, 0x70, 0xbd, 0xf6, 0x5d, 0x71, 0xc7, 0x9e, 0xcb,
+	0x7e, 0xfe, 0x78, 0xed, 0xbb, 0xe6, 0xe4, 0x94, 0xe8, 0x56, 0x66, 0xe5, 0xfb, 0xbb, 0x25, 0x94,
+	0x46, 0xc0, 0x9c, 0xaa, 0xfd, 0x34, 0x8c, 0x2f, 0x3a, 0xa4, 0xe9, 0x7b, 0x4b, 0x5e, 0xbd, 0xe5,
+	0xbb, 0x5e, 0x84, 0xa6, 0xa1, 0x8f, 0x31, 0x97, 0xfc, 0x6a, 0xed, 0xa3, 0x83, 0x8f, 0x59, 0x89,
+	0xbd, 0x01, 0xc7, 0x16, 0xfd, 0x3b, 0xde, 0x1d, 0x27, 0xa8, 0xcf, 0x55, 0xca, 0x9a, 0xbc, 0x70,
+	0x55, 0xca, 0xab, 0xac, 0x7c, 0x69, 0x80, 0x56, 0x93, 0x2f, 0xc2, 0x65, 0xb7, 0x41, 0x72, 0xa4,
+	0xba, 0x3f, 0x5b, 0x30, 0x5a, 0x8a, 0xf1, 0x95, 0x4e, 0xd2, 0xca, 0x35, 0x67, 0x78, 0x0b, 0x86,
+	0xd6, 0x5d, 0xd2, 0xa8, 0x63, 0xb2, 0x2e, 0x66, 0xe3, 0xc9, 0x7c, 0x83, 0xc7, 0x65, 0x8a, 0xa9,
+	0x94, 0xa7, 0x4c, 0xda, 0xb5, 0x2c, 0x2a, 0x63, 0x45, 0x06, 0x6d, 0xc1, 0xa4, 0x9c, 0x33, 0x09,
+	0x15, 0xe7, 0xfd, 0x53, 0x9d, 0x96, 0xaf, 0x49, 0x9c, 0x19, 0x7f, 0xe3, 0x04, 0x19, 0x9c, 0x22,
+	0x8c, 0x4e, 0x41, 0x5f, 0x93, 0x72, 0x36, 0x7d, 0x6c, 0xf8, 0x99, 0x78, 0x8b, 0x49, 0xea, 0x58,
+	0xa9, 0xfd, 0xf3, 0x16, 0x9c, 0x48, 0x8d, 0x8c, 0x90, 0x58, 0x3e, 0xe0, 0x59, 0x48, 0x4a, 0x10,
+	0x0b, 0xdd, 0x25, 0x88, 0xf6, 0x7f, 0x61, 0xc1, 0xd1, 0xa5, 0x66, 0x2b, 0xda, 0x59, 0x74, 0x4d,
+	0xdb, 0x83, 0x97, 0x61, 0xa0, 0x49, 0xea, 0x6e, 0xbb, 0x29, 0x66, 0xae, 0x24, 0x6f, 0xff, 0x15,
+	0x56, 0x4a, 0x4f, 0x90, 0x6a, 0xe4, 0x07, 0xce, 0x06, 0xe1, 0x05, 0x58, 0xa0, 0x33, 0x1e, 0xca,
+	0xbd, 0x47, 0xae, 0xb9, 0x4d, 0x37, 0xba, 0xbf, 0xdd, 0x25, 0xcc, 0x06, 0x24, 0x11, 0x1c, 0xd3,
+	0xb3, 0xbf, 0x69, 0xc1, 0x84, 0x5c, 0xf7, 0x73, 0xf5, 0x7a, 0x40, 0xc2, 0x10, 0xcd, 0x40, 0xc1,
+	0x6d, 0x89, 0x5e, 0x82, 0xe8, 0x65, 0xa1, 0x5c, 0xc1, 0x05, 0xb7, 0x25, 0x9f, 0x6b, 0x8c, 0xc1,
+	0x28, 0x9a, 0x16, 0x14, 0x57, 0x44, 0x39, 0x56, 0x18, 0xe8, 0x3c, 0x0c, 0x79, 0x7e, 0x9d, 0xbf,
+	0x78, 0x84, 0x0e, 0x9d, 0x62, 0xae, 0x8a, 0x32, 0xac, 0xa0, 0xa8, 0x02, 0xc3, 0xdc, 0xbe, 0x36,
+	0x5e, 0xb4, 0x3d, 0x59, 0xe9, 0xb2, 0x2f, 0x5b, 0x93, 0x35, 0x71, 0x4c, 0xc4, 0xfe, 0x53, 0x0b,
+	0x46, 0xe5, 0x97, 0xf5, 0xf8, 0x16, 0xa5, 0x5b, 0x2b, 0x7e, 0x87, 0xc6, 0x5b, 0x8b, 0xbe, 0x25,
+	0x19, 0xc4, 0x78, 0x42, 0x16, 0x0f, 0xf4, 0x84, 0xbc, 0x08, 0x23, 0x4e, 0xab, 0x55, 0x31, 0xdf,
+	0x9f, 0x6c, 0x29, 0xcd, 0xc5, 0xc5, 0x58, 0xc7, 0xb1, 0x7f, 0xae, 0x00, 0xe3, 0xf2, 0x0b, 0xaa,
+	0xed, 0xdb, 0x21, 0x89, 0xd0, 0x1a, 0x0c, 0x3b, 0x7c, 0x96, 0x88, 0x5c, 0xe4, 0x8f, 0x65, 0xcb,
+	0x45, 0x8d, 0x29, 0x8d, 0x19, 0xe9, 0x39, 0x59, 0x1b, 0xc7, 0x84, 0x50, 0x03, 0xa6, 0x3c, 0x3f,
+	0x62, 0x4c, 0x95, 0x82, 0x77, 0x52, 0x55, 0x27, 0xa9, 0x9f, 0x14, 0xd4, 0xa7, 0x56, 0x93, 0x54,
+	0x70, 0x9a, 0x30, 0x5a, 0x92, 0xb2, 0xe6, 0x62, 0xbe, 0x90, 0x50, 0x9f, 0xb8, 0x6c, 0x51, 0xb3,
+	0xfd, 0x47, 0x16, 0x0c, 0x4b, 0xb4, 0xc3, 0xb0, 0x4a, 0x58, 0x81, 0xc1, 0x90, 0x4d, 0x82, 0x1c,
+	0x1a, 0xbb, 0x53, 0xc7, 0xf9, 0x7c, 0xc5, 0xbc, 0x22, 0xff, 0x1f, 0x62, 0x49, 0x83, 0xa9, 0x1a,
+	0x55, 0xf7, 0xdf, 0x27, 0xaa, 0x46, 0xd5, 0x9f, 0x9c, 0x4b, 0xe9, 0x1f, 0x58, 0x9f, 0x35, 0xd9,
+	0x3d, 0x7d, 0xd2, 0xb4, 0x02, 0xb2, 0xee, 0xde, 0x4d, 0x3e, 0x69, 0x2a, 0xac, 0x14, 0x0b, 0x28,
+	0x7a, 0x07, 0x46, 0x6b, 0x52, 0xc7, 0x14, 0xef, 0xf0, 0x73, 0x1d, 0xf5, 0x9d, 0x4a, 0x35, 0xce,
+	0x65, 0xa4, 0x0b, 0x5a, 0x7d, 0x6c, 0x50, 0x33, 0xed, 0xc7, 0x8a, 0xdd, 0xec, 0xc7, 0x62, 0xba,
+	0xf9, 0xd6, 0x54, 0xbf, 0x60, 0xc1, 0x00, 0xd7, 0x2d, 0xf4, 0xa6, 0xda, 0xd1, 0x2c, 0x05, 0xe2,
+	0xb1, 0xbb, 0x49, 0x0b, 0x05, 0x67, 0x83, 0x56, 0x60, 0x98, 0xfd, 0x60, 0xba, 0x91, 0x62, 0xbe,
+	0xb7, 0x19, 0x6f, 0x55, 0xef, 0xe0, 0x4d, 0x59, 0x0d, 0xc7, 0x14, 0xec, 0x9f, 0x2e, 0xd2, 0xd3,
+	0x2d, 0x46, 0x35, 0x2e, 0x7d, 0xeb, 0xe1, 0x5d, 0xfa, 0x85, 0x87, 0x75, 0xe9, 0x6f, 0xc0, 0x44,
+	0x4d, 0xb3, 0x2b, 0x88, 0x67, 0xf2, 0x7c, 0xc7, 0x45, 0xa2, 0x99, 0x20, 0x70, 0xe9, 0xeb, 0x82,
+	0x49, 0x04, 0x27, 0xa9, 0xa2, 0x4f, 0xc2, 0x28, 0x9f, 0x67, 0xd1, 0x0a, 0x37, 0xc1, 0x7b, 0x22,
+	0x7f, 0xbd, 0xe8, 0x4d, 0x70, 0x69, 0xbd, 0x56, 0x1d, 0x1b, 0xc4, 0xec, 0x7f, 0xb1, 0x00, 0x2d,
+	0xb5, 0x36, 0x49, 0x93, 0x04, 0x4e, 0x23, 0x56, 0x0f, 0x7e, 0xc9, 0x82, 0x69, 0x92, 0x2a, 0x5e,
+	0xf0, 0x9b, 0x4d, 0x21, 0x0c, 0xc8, 0x91, 0x57, 0x2d, 0xe5, 0xd4, 0x89, 0x1f, 0x04, 0x79, 0x18,
+	0x38, 0xb7, 0x3d, 0xb4, 0x02, 0x47, 0xf8, 0x2d, 0xa9, 0x00, 0x9a, 0x95, 0xde, 0x23, 0x82, 0xf0,
+	0x91, 0xb5, 0x34, 0x0a, 0xce, 0xaa, 0x67, 0xff, 0xd1, 0x18, 0xe4, 0xf6, 0xe2, 0x03, 0xbd, 0xe8,
+	0x07, 0x7a, 0xd1, 0x0f, 0xf4, 0xa2, 0x1f, 0xe8, 0x45, 0x3f, 0xd0, 0x8b, 0x7e, 0xa0, 0x17, 0x7d,
+	0x9f, 0xea, 0x45, 0x7f, 0xc6, 0x82, 0x63, 0xea, 0xfa, 0x32, 0x1e, 0xec, 0x9f, 0x83, 0x23, 0x7c,
+	0xbb, 0x2d, 0x34, 0x1c, 0xb7, 0xb9, 0x46, 0x9a, 0xad, 0x86, 0x13, 0x49, 0xeb, 0xa7, 0x8b, 0x99,
+	0x2b, 0x37, 0xe1, 0x62, 0x61, 0x54, 0xe4, 0xbe, 0x6a, 0x19, 0x00, 0x9c, 0xd5, 0x8c, 0xfd, 0xfb,
+	0x43, 0xd0, 0xbf, 0xb4, 0x4d, 0xbc, 0xe8, 0x10, 0x9e, 0x36, 0x35, 0x18, 0x77, 0xbd, 0x6d, 0xbf,
+	0xb1, 0x4d, 0xea, 0x1c, 0x7e, 0x90, 0x17, 0xf8, 0x71, 0x41, 0x7a, 0xbc, 0x6c, 0x90, 0xc0, 0x09,
+	0x92, 0x0f, 0x43, 0xbb, 0x74, 0x19, 0x06, 0xf8, 0xe5, 0x23, 0x54, 0x4b, 0x99, 0x67, 0x36, 0x1b,
+	0x44, 0x71, 0xa5, 0xc6, 0x9a, 0x2f, 0x7e, 0xb9, 0x89, 0xea, 0xe8, 0xb3, 0x30, 0xbe, 0xee, 0x06,
+	0x61, 0xb4, 0xe6, 0x36, 0xe9, 0xd5, 0xd0, 0x6c, 0xdd, 0x87, 0x36, 0x49, 0x8d, 0xc3, 0xb2, 0x41,
+	0x09, 0x27, 0x28, 0xa3, 0x0d, 0x18, 0x6b, 0x38, 0x7a, 0x53, 0x83, 0x07, 0x6e, 0x4a, 0xdd, 0x0e,
+	0xd7, 0x74, 0x42, 0xd8, 0xa4, 0x4b, 0xb7, 0x53, 0x8d, 0x29, 0x44, 0x86, 0x98, 0x38, 0x43, 0x6d,
+	0x27, 0xae, 0x09, 0xe1, 0x30, 0xca, 0xa0, 0x31, 0x47, 0x85, 0x61, 0x93, 0x41, 0xd3, 0xdc, 0x11,
+	0x3e, 0x03, 0xc3, 0x84, 0x0e, 0x21, 0x25, 0x2c, 0x2e, 0x98, 0x0b, 0xbd, 0xf5, 0x75, 0xc5, 0xad,
+	0x05, 0xbe, 0xa9, 0xc7, 0x5b, 0x92, 0x94, 0x70, 0x4c, 0x14, 0x2d, 0xc0, 0x40, 0x48, 0x02, 0x57,
+	0xe9, 0x0a, 0x3a, 0x4c, 0x23, 0x43, 0xe3, 0xce, 0x90, 0xfc, 0x37, 0x16, 0x55, 0xe9, 0xf2, 0x72,
+	0x98, 0x28, 0x96, 0x5d, 0x06, 0xda, 0xf2, 0x9a, 0x63, 0xa5, 0x58, 0x40, 0xd1, 0x9b, 0x30, 0x18,
+	0x90, 0x06, 0x53, 0x14, 0x8f, 0xf5, 0xbe, 0xc8, 0xb9, 0xde, 0x99, 0xd7, 0xc3, 0x92, 0x00, 0xba,
+	0x0a, 0x28, 0x20, 0x94, 0xc1, 0x73, 0xbd, 0x0d, 0x65, 0xbe, 0x2f, 0x0e, 0x5a, 0xc5, 0x48, 0xe3,
+	0x18, 0x43, 0xfa, 0xc1, 0xe2, 0x8c, 0x6a, 0xe8, 0x32, 0x4c, 0xa9, 0xd2, 0xb2, 0x17, 0x46, 0x0e,
+	0x3d, 0xe0, 0xb8, 0xb8, 0x5e, 0xc9, 0x57, 0x70, 0x12, 0x01, 0xa7, 0xeb, 0xd8, 0xbf, 0x61, 0x01,
+	0x1f, 0xe7, 0x43, 0x90, 0x2a, 0xbc, 0x6e, 0x4a, 0x15, 0x4e, 0xe6, 0xce, 0x5c, 0x8e, 0x44, 0xe1,
+	0x37, 0x2c, 0x18, 0xd1, 0x66, 0x36, 0x5e, 0xb3, 0x56, 0x87, 0x35, 0xdb, 0x86, 0x49, 0xba, 0xd2,
+	0xaf, 0xdf, 0x0e, 0x49, 0xb0, 0x4d, 0xea, 0x6c, 0x61, 0x16, 0xee, 0x6f, 0x61, 0x2a, 0x53, 0xe1,
+	0x6b, 0x09, 0x82, 0x38, 0xd5, 0x84, 0xfd, 0x19, 0xd9, 0x55, 0x65, 0x59, 0x5d, 0x53, 0x73, 0x9e,
+	0xb0, 0xac, 0x56, 0xb3, 0x8a, 0x63, 0x1c, 0xba, 0xd5, 0x36, 0xfd, 0x30, 0x4a, 0x5a, 0x56, 0x5f,
+	0xf1, 0xc3, 0x08, 0x33, 0x88, 0xfd, 0x02, 0xc0, 0xd2, 0x5d, 0x52, 0xe3, 0x2b, 0x56, 0x7f, 0xf4,
+	0x58, 0xf9, 0x8f, 0x1e, 0xfb, 0x6f, 0x2c, 0x18, 0x5f, 0x5e, 0x30, 0x6e, 0xae, 0x59, 0x00, 0xfe,
+	0x52, 0xbb, 0x75, 0x6b, 0x55, 0x9a, 0xf7, 0x70, 0x0b, 0x07, 0x55, 0x8a, 0x35, 0x0c, 0x74, 0x12,
+	0x8a, 0x8d, 0xb6, 0x27, 0xc4, 0x9e, 0x83, 0xf4, 0x7a, 0xbc, 0xd6, 0xf6, 0x30, 0x2d, 0xd3, 0x7c,
+	0xe0, 0x8a, 0x3d, 0xfb, 0xc0, 0x75, 0x0d, 0xc5, 0x83, 0x4a, 0xd0, 0x7f, 0xe7, 0x8e, 0x5b, 0xe7,
+	0x11, 0x06, 0x84, 0xe9, 0xd1, 0xad, 0x5b, 0xe5, 0xc5, 0x10, 0xf3, 0x72, 0xfb, 0xcb, 0x45, 0x98,
+	0x59, 0x6e, 0x90, 0xbb, 0xef, 0x31, 0xca, 0x42, 0xaf, 0x1e, 0x7c, 0x07, 0x13, 0x20, 0x1d, 0xd4,
+	0x4b, 0xb3, 0xfb, 0x78, 0xac, 0xc3, 0x20, 0x37, 0x2c, 0x96, 0x31, 0x17, 0x32, 0xd5, 0xb9, 0xf9,
+	0x03, 0x32, 0xcb, 0x0d, 0x94, 0x85, 0x3a, 0x57, 0x5d, 0x98, 0xa2, 0x14, 0x4b, 0xe2, 0x33, 0xaf,
+	0xc0, 0xa8, 0x8e, 0x79, 0x20, 0x7f, 0xe9, 0x1f, 0x2e, 0xc2, 0x24, 0xed, 0xc1, 0x43, 0x9d, 0x88,
+	0x1b, 0xe9, 0x89, 0x78, 0xd0, 0x3e, 0xb3, 0xdd, 0x67, 0xe3, 0x9d, 0xe4, 0x6c, 0x5c, 0xcc, 0x9b,
+	0x8d, 0xc3, 0x9e, 0x83, 0x1f, 0xb1, 0xe0, 0xc8, 0x72, 0xc3, 0xaf, 0x6d, 0x25, 0xfc, 0x5a, 0x5f,
+	0x82, 0x11, 0x7a, 0x1c, 0x87, 0x46, 0x88, 0x17, 0x23, 0xe8, 0x8f, 0x00, 0x61, 0x1d, 0x4f, 0xab,
+	0x76, 0xe3, 0x46, 0x79, 0x31, 0x2b, 0x56, 0x90, 0x00, 0x61, 0x1d, 0xcf, 0xfe, 0x4b, 0x0b, 0x4e,
+	0x5f, 0x5e, 0x58, 0x8a, 0x97, 0x62, 0x2a, 0x5c, 0xd1, 0x39, 0x18, 0x68, 0xd5, 0xb5, 0xae, 0xc4,
+	0x62, 0xe1, 0x45, 0xd6, 0x0b, 0x01, 0x7d, 0xbf, 0x44, 0x06, 0xbb, 0x01, 0x70, 0x19, 0x57, 0x16,
+	0xc4, 0xb9, 0x2b, 0xb5, 0x40, 0x56, 0xae, 0x16, 0xe8, 0x09, 0x18, 0xa4, 0xf7, 0x82, 0x5b, 0x93,
+	0xfd, 0xe6, 0x06, 0x1b, 0xbc, 0x08, 0x4b, 0x98, 0xfd, 0xeb, 0x16, 0x1c, 0xb9, 0xec, 0x46, 0xf4,
+	0xd2, 0x4e, 0xc6, 0xe3, 0xa1, 0xb7, 0x76, 0xe8, 0x46, 0x7e, 0xb0, 0x93, 0x8c, 0xc7, 0x83, 0x15,
+	0x04, 0x6b, 0x58, 0xfc, 0x83, 0xb6, 0x5d, 0xe6, 0x29, 0x53, 0x30, 0xf5, 0x6e, 0x58, 0x94, 0x63,
+	0x85, 0x41, 0xc7, 0xab, 0xee, 0x06, 0x4c, 0x64, 0xb9, 0x23, 0x0e, 0x6e, 0x35, 0x5e, 0x8b, 0x12,
+	0x80, 0x63, 0x1c, 0xfb, 0x9f, 0x2c, 0x28, 0x5d, 0xe6, 0xfe, 0xbe, 0xeb, 0x61, 0xce, 0xa1, 0xfb,
+	0x02, 0x0c, 0x13, 0xa9, 0x20, 0x10, 0xbd, 0x56, 0x8c, 0xa8, 0xd2, 0x1c, 0xf0, 0xb0, 0x40, 0x0a,
+	0xaf, 0x07, 0xe7, 0xfb, 0x83, 0x79, 0x4f, 0x2f, 0x03, 0x22, 0x7a, 0x5b, 0x7a, 0x9c, 0x24, 0x16,
+	0x70, 0x65, 0x29, 0x05, 0xc5, 0x19, 0x35, 0xec, 0x9f, 0xb7, 0xe0, 0x98, 0xfa, 0xe0, 0xf7, 0xdd,
+	0x67, 0xda, 0xbf, 0x53, 0x80, 0xb1, 0x2b, 0x6b, 0x6b, 0x95, 0xcb, 0x24, 0xd2, 0x56, 0x65, 0x67,
+	0xb5, 0x3f, 0xd6, 0xb4, 0x97, 0x9d, 0xde, 0x88, 0xed, 0xc8, 0x6d, 0xcc, 0xf2, 0xe8, 0x7f, 0xb3,
+	0x65, 0x2f, 0xba, 0x1e, 0x54, 0xa3, 0xc0, 0xf5, 0x36, 0x32, 0x57, 0xba, 0xe4, 0x59, 0x8a, 0x79,
+	0x3c, 0x0b, 0x7a, 0x01, 0x06, 0x58, 0xf8, 0x41, 0x39, 0x09, 0x8f, 0xa8, 0x27, 0x16, 0x2b, 0xdd,
+	0xdf, 0x2d, 0x0d, 0xdf, 0xc0, 0x65, 0xfe, 0x07, 0x0b, 0x54, 0x74, 0x03, 0x46, 0x36, 0xa3, 0xa8,
+	0x75, 0x85, 0x38, 0x75, 0x12, 0xc8, 0x53, 0xf6, 0x4c, 0xd6, 0x29, 0x4b, 0x07, 0x81, 0xa3, 0xc5,
+	0x07, 0x53, 0x5c, 0x16, 0x62, 0x9d, 0x8e, 0x5d, 0x05, 0x88, 0x61, 0x0f, 0x48, 0x71, 0x63, 0xaf,
+	0xc1, 0x30, 0xfd, 0xdc, 0xb9, 0x86, 0xeb, 0x74, 0x56, 0x8d, 0x3f, 0x03, 0xc3, 0x52, 0xf1, 0x1d,
+	0x8a, 0xe0, 0x20, 0xec, 0x46, 0x92, 0x7a, 0xf1, 0x10, 0xc7, 0x70, 0xfb, 0x71, 0x10, 0xb6, 0xc3,
+	0x9d, 0x48, 0xda, 0xeb, 0x70, 0x94, 0x19, 0x41, 0x3b, 0xd1, 0xa6, 0xb1, 0x46, 0xbb, 0x2f, 0x86,
+	0x67, 0xc5, 0xbb, 0xae, 0xa0, 0xec, 0x7d, 0xa4, 0xf3, 0xf9, 0xa8, 0xa4, 0x18, 0xbf, 0xf1, 0xec,
+	0x7f, 0xec, 0x83, 0x47, 0xca, 0xd5, 0xfc, 0xa8, 0x56, 0x97, 0x60, 0x94, 0xb3, 0x8b, 0x74, 0x69,
+	0x38, 0x0d, 0xd1, 0xae, 0x92, 0x80, 0xae, 0x69, 0x30, 0x6c, 0x60, 0xa2, 0xd3, 0x50, 0x74, 0xdf,
+	0xf5, 0x92, 0xae, 0x99, 0xe5, 0xb7, 0x56, 0x31, 0x2d, 0xa7, 0x60, 0xca, 0x79, 0xf2, 0x23, 0x5d,
+	0x81, 0x15, 0xf7, 0xf9, 0x3a, 0x8c, 0xbb, 0x61, 0x2d, 0x74, 0xcb, 0x1e, 0xdd, 0xa7, 0xda, 0x4e,
+	0x57, 0x32, 0x07, 0xda, 0x69, 0x05, 0xc5, 0x09, 0x6c, 0xed, 0x7e, 0xe9, 0xef, 0x99, 0x7b, 0xed,
+	0x1a, 0x53, 0x83, 0x1e, 0xff, 0x2d, 0xf6, 0x75, 0x21, 0x13, 0xc1, 0x8b, 0xe3, 0x9f, 0x7f, 0x70,
+	0x88, 0x25, 0x8c, 0x3e, 0xe8, 0x6a, 0x9b, 0x4e, 0x6b, 0xae, 0x1d, 0x6d, 0x2e, 0xba, 0x61, 0xcd,
+	0xdf, 0x26, 0xc1, 0x0e, 0x7b, 0x8b, 0x0f, 0xc5, 0x0f, 0x3a, 0x05, 0x58, 0xb8, 0x32, 0x57, 0xa1,
+	0x98, 0x38, 0x5d, 0x07, 0xcd, 0xc1, 0x84, 0x2c, 0xac, 0x92, 0x90, 0x5d, 0x01, 0x23, 0x8c, 0x8c,
+	0x72, 0x96, 0x14, 0xc5, 0x8a, 0x48, 0x12, 0xdf, 0x64, 0x70, 0xe1, 0x41, 0x30, 0xb8, 0x2f, 0xc3,
+	0x98, 0xeb, 0xb9, 0x91, 0xeb, 0x44, 0x3e, 0xd7, 0x1f, 0xf1, 0x67, 0x37, 0x13, 0x30, 0x97, 0x75,
+	0x00, 0x36, 0xf1, 0xec, 0xff, 0xb3, 0x0f, 0xa6, 0xd8, 0xb4, 0x7d, 0xb0, 0xc2, 0xbe, 0x97, 0x56,
+	0xd8, 0x8d, 0xf4, 0x0a, 0x7b, 0x10, 0x9c, 0xfb, 0x7d, 0x2f, 0xb3, 0x2f, 0x58, 0x30, 0xc5, 0x64,
+	0xdc, 0xc6, 0x32, 0xbb, 0x00, 0xc3, 0x81, 0xe1, 0xc7, 0x3a, 0xac, 0x2b, 0xb5, 0xa4, 0x4b, 0x6a,
+	0x8c, 0x83, 0xde, 0x00, 0x68, 0xc5, 0x32, 0xf4, 0x82, 0x11, 0x7c, 0x14, 0x72, 0xc5, 0xe7, 0x5a,
+	0x1d, 0xfb, 0xb3, 0x30, 0xac, 0x1c, 0x55, 0xa5, 0xa7, 0xba, 0x95, 0xe3, 0xa9, 0xde, 0x9d, 0x8d,
+	0x90, 0xb6, 0x71, 0xc5, 0x4c, 0xdb, 0xb8, 0xff, 0xcb, 0x82, 0x58, 0xc3, 0x81, 0xde, 0x82, 0xe1,
+	0x96, 0xcf, 0x4c, 0xa9, 0x03, 0xe9, 0x9f, 0xf0, 0x78, 0x47, 0x15, 0x09, 0x8f, 0x30, 0x18, 0xf0,
+	0xe9, 0xa8, 0xc8, 0xaa, 0x38, 0xa6, 0x82, 0xae, 0xc2, 0x60, 0x2b, 0x20, 0xd5, 0x88, 0x85, 0xbf,
+	0xea, 0x9d, 0x20, 0x5f, 0xbe, 0xbc, 0x22, 0x96, 0x14, 0x12, 0x96, 0xa9, 0xc5, 0xde, 0x2d, 0x53,
+	0xed, 0xdf, 0x2a, 0xc0, 0x64, 0xb2, 0x11, 0xf4, 0x1a, 0xf4, 0x91, 0xbb, 0xa4, 0x26, 0xbe, 0x34,
+	0x93, 0x9b, 0x88, 0xa5, 0x2b, 0x7c, 0xe8, 0xe8, 0x7f, 0xcc, 0x6a, 0xa1, 0x2b, 0x30, 0x48, 0x59,
+	0x89, 0xcb, 0x2a, 0x48, 0xe4, 0xa3, 0x79, 0xec, 0x88, 0xe2, 0xc9, 0xf8, 0x67, 0x89, 0x22, 0x2c,
+	0xab, 0x33, 0x53, 0xb6, 0x5a, 0xab, 0x4a, 0x5f, 0x69, 0x51, 0x27, 0x61, 0xc2, 0xda, 0x42, 0x85,
+	0x23, 0x09, 0x6a, 0xdc, 0x94, 0x4d, 0x16, 0xe2, 0x98, 0x08, 0x7a, 0x03, 0xfa, 0xc3, 0x06, 0x21,
+	0x2d, 0x61, 0xab, 0x90, 0x29, 0x1f, 0xad, 0x52, 0x04, 0x41, 0x89, 0xc9, 0x53, 0x58, 0x01, 0xe6,
+	0x15, 0xed, 0xdf, 0xb5, 0x00, 0xb8, 0xed, 0x9f, 0xe3, 0x6d, 0x90, 0x43, 0x50, 0x29, 0x2c, 0x42,
+	0x5f, 0xd8, 0x22, 0xb5, 0x4e, 0x1e, 0x06, 0x71, 0x7f, 0xaa, 0x2d, 0x52, 0x8b, 0x57, 0x3b, 0xfd,
+	0x87, 0x59, 0x6d, 0xfb, 0x47, 0x01, 0xc6, 0x63, 0xb4, 0x72, 0x44, 0x9a, 0xe8, 0x39, 0x23, 0xb2,
+	0xce, 0xc9, 0x44, 0x64, 0x9d, 0x61, 0x86, 0xad, 0x49, 0xaf, 0x3f, 0x0b, 0xc5, 0xa6, 0x73, 0x57,
+	0x88, 0x27, 0x9f, 0xe9, 0xdc, 0x0d, 0x4a, 0x7f, 0x76, 0xc5, 0xb9, 0xcb, 0x5f, 0xf0, 0xcf, 0xc8,
+	0xdd, 0xb9, 0xe2, 0xdc, 0xed, 0x6a, 0x05, 0x4f, 0x1b, 0x61, 0x6d, 0xb9, 0x9e, 0x30, 0x6b, 0xeb,
+	0xa9, 0x2d, 0xd7, 0x4b, 0xb6, 0xe5, 0x7a, 0x3d, 0xb4, 0xe5, 0x7a, 0xe8, 0x1e, 0x0c, 0x0a, 0xab,
+	0x53, 0x11, 0xf2, 0xef, 0x42, 0x0f, 0xed, 0x09, 0xa3, 0x55, 0xde, 0xe6, 0x05, 0x29, 0xa1, 0x10,
+	0xa5, 0x5d, 0xdb, 0x95, 0x0d, 0xa2, 0xff, 0xd4, 0x82, 0x71, 0xf1, 0x1b, 0x93, 0x77, 0xdb, 0x24,
+	0x8c, 0x04, 0x07, 0xff, 0x91, 0xde, 0xfb, 0x20, 0x2a, 0xf2, 0xae, 0x7c, 0x44, 0x5e, 0xb6, 0x26,
+	0xb0, 0x6b, 0x8f, 0x12, 0xbd, 0x40, 0xbf, 0x65, 0xc1, 0xd1, 0xa6, 0x73, 0x97, 0xb7, 0xc8, 0xcb,
+	0xb0, 0x13, 0xb9, 0xbe, 0xb0, 0xde, 0x78, 0xad, 0xb7, 0xe9, 0x4f, 0x55, 0xe7, 0x9d, 0x94, 0xaa,
+	0xda, 0xa3, 0x59, 0x28, 0x5d, 0xbb, 0x9a, 0xd9, 0xaf, 0x99, 0x75, 0x18, 0x92, 0xeb, 0xed, 0x61,
+	0x9a, 0xd4, 0xb3, 0x76, 0xc4, 0x5a, 0x7b, 0xa8, 0xed, 0x7c, 0x16, 0x46, 0xf5, 0x35, 0xf6, 0x50,
+	0xdb, 0x7a, 0x17, 0x8e, 0x64, 0xac, 0xa5, 0x87, 0xda, 0xe4, 0x1d, 0x38, 0x99, 0xbb, 0x3e, 0x1e,
+	0xaa, 0x4b, 0xc4, 0xef, 0x58, 0xfa, 0x39, 0x78, 0x08, 0x7a, 0x9d, 0x05, 0x53, 0xaf, 0x73, 0xa6,
+	0xf3, 0xce, 0xc9, 0x51, 0xee, 0xbc, 0xa3, 0x77, 0x9a, 0x9e, 0xea, 0xe8, 0x4d, 0x18, 0x68, 0xd0,
+	0x12, 0x69, 0xbb, 0x6c, 0x77, 0xdf, 0x91, 0x31, 0x47, 0xcd, 0xca, 0x43, 0x2c, 0x28, 0xd8, 0x5f,
+	0xb1, 0x20, 0xc3, 0xa9, 0x83, 0x72, 0x58, 0x6d, 0xb7, 0xce, 0x86, 0xa4, 0x18, 0x73, 0x58, 0x2a,
+	0xf0, 0xcc, 0x69, 0x28, 0x6e, 0xb8, 0x75, 0xe1, 0xcd, 0xac, 0xc0, 0x97, 0x29, 0x78, 0xc3, 0xad,
+	0xa3, 0x65, 0x40, 0x61, 0xbb, 0xd5, 0x6a, 0x30, 0x83, 0x27, 0xa7, 0x71, 0x39, 0xf0, 0xdb, 0x2d,
+	0x6e, 0xa8, 0x5c, 0xe4, 0xe2, 0xa5, 0x6a, 0x0a, 0x8a, 0x33, 0x6a, 0xd8, 0x7f, 0x60, 0x41, 0xdf,
+	0x21, 0x4c, 0x13, 0x36, 0xa7, 0xe9, 0xb9, 0x5c, 0xd2, 0x22, 0x53, 0xc4, 0x2c, 0x76, 0xee, 0x2c,
+	0xdd, 0x8d, 0x88, 0x17, 0x32, 0x86, 0x23, 0x73, 0xd6, 0x76, 0x2d, 0x38, 0x72, 0xcd, 0x77, 0xea,
+	0xf3, 0x4e, 0xc3, 0xf1, 0x6a, 0x24, 0x28, 0x7b, 0x1b, 0x07, 0xf2, 0x0a, 0x28, 0x74, 0xf5, 0x0a,
+	0xb8, 0x04, 0x03, 0x6e, 0x4b, 0x0b, 0x35, 0x7f, 0x96, 0xce, 0x6e, 0xb9, 0x22, 0xa2, 0xcc, 0x23,
+	0xa3, 0x71, 0x56, 0x8a, 0x05, 0x3e, 0x5d, 0x96, 0xdc, 0x1c, 0xaf, 0x2f, 0x7f, 0x59, 0xd2, 0x57,
+	0x52, 0x32, 0x84, 0x9a, 0x61, 0x38, 0xbe, 0x09, 0x46, 0x13, 0xc2, 0x4d, 0x0a, 0xc3, 0xa0, 0xcb,
+	0xbf, 0x54, 0xac, 0xcd, 0x27, 0xb3, 0x5f, 0x2f, 0xa9, 0x81, 0xd1, 0xfc, 0x01, 0x79, 0x01, 0x96,
+	0x84, 0xec, 0x4b, 0x90, 0x19, 0xf2, 0xa6, 0xbb, 0x64, 0xca, 0xfe, 0x04, 0x4c, 0xb1, 0x9a, 0x07,
+	0x94, 0xfa, 0xd8, 0x09, 0x79, 0x7a, 0x46, 0xd4, 0x60, 0xfb, 0x7f, 0xb5, 0x00, 0xad, 0xf8, 0x75,
+	0x77, 0x7d, 0x47, 0x10, 0xe7, 0xdf, 0xff, 0x2e, 0x94, 0xf8, 0xb3, 0x3a, 0x19, 0x59, 0x77, 0xa1,
+	0xe1, 0x84, 0xa1, 0x26, 0xcb, 0x7f, 0x52, 0xb4, 0x5b, 0x5a, 0xeb, 0x8c, 0x8e, 0xbb, 0xd1, 0x43,
+	0x6f, 0x25, 0x02, 0x1d, 0x7e, 0x34, 0x15, 0xe8, 0xf0, 0xc9, 0x4c, 0x8b, 0x9a, 0x74, 0xef, 0x65,
+	0x00, 0x44, 0xfb, 0x8b, 0x16, 0x4c, 0xac, 0x26, 0x22, 0xc5, 0x9e, 0x63, 0xe6, 0x05, 0x19, 0x3a,
+	0xaa, 0x2a, 0x2b, 0xc5, 0x02, 0xfa, 0xc0, 0x65, 0xb8, 0xdf, 0xb6, 0x20, 0x0e, 0xb1, 0x75, 0x08,
+	0x2c, 0xf7, 0x82, 0xc1, 0x72, 0x67, 0x3e, 0x5f, 0x54, 0x77, 0xf2, 0x38, 0x6e, 0x74, 0x55, 0xcd,
+	0x49, 0x87, 0x97, 0x4b, 0x4c, 0x86, 0xef, 0xb3, 0x71, 0x73, 0xe2, 0xd4, 0x6c, 0x7c, 0xa3, 0x00,
+	0x48, 0xe1, 0xf6, 0x1c, 0x1c, 0x33, 0x5d, 0xe3, 0xc1, 0x04, 0xc7, 0xdc, 0x06, 0xc4, 0x0c, 0x64,
+	0x02, 0xc7, 0x0b, 0x39, 0x59, 0x57, 0x48, 0xad, 0x0f, 0x66, 0x7d, 0x33, 0x23, 0xbd, 0x65, 0xaf,
+	0xa5, 0xa8, 0xe1, 0x8c, 0x16, 0x34, 0xc3, 0xa7, 0xfe, 0x5e, 0x0d, 0x9f, 0x06, 0xba, 0xb8, 0x7d,
+	0x7f, 0xcd, 0x82, 0x31, 0x35, 0x4c, 0xef, 0x13, 0xe7, 0x11, 0xd5, 0x9f, 0x9c, 0x7b, 0xa5, 0xa2,
+	0x75, 0x99, 0x31, 0x03, 0xdf, 0xc7, 0xdc, 0xf7, 0x9d, 0x86, 0x7b, 0x8f, 0xa8, 0x18, 0xce, 0x25,
+	0xe1, 0x8e, 0x2f, 0x4a, 0xf7, 0x77, 0x4b, 0x63, 0xea, 0x1f, 0x8f, 0x1a, 0x1b, 0x57, 0xb1, 0x7f,
+	0x99, 0x6e, 0x76, 0x73, 0x29, 0xa2, 0x97, 0xa0, 0xbf, 0xb5, 0xe9, 0x84, 0x24, 0xe1, 0x64, 0xd7,
+	0x5f, 0xa1, 0x85, 0xfb, 0xbb, 0xa5, 0x71, 0x55, 0x81, 0x95, 0x60, 0x8e, 0xdd, 0x7b, 0xc8, 0xd1,
+	0xf4, 0xe2, 0xec, 0x1a, 0x72, 0xf4, 0x5f, 0x2c, 0xe8, 0x5b, 0xa5, 0xb7, 0xd7, 0xc3, 0x3f, 0x02,
+	0x5e, 0x37, 0x8e, 0x80, 0x53, 0x79, 0xd9, 0x8c, 0x72, 0x77, 0xff, 0x72, 0x62, 0xf7, 0x9f, 0xc9,
+	0xa5, 0xd0, 0x79, 0xe3, 0x37, 0x61, 0x84, 0xe5, 0x48, 0x12, 0x0e, 0x85, 0x2f, 0x18, 0x1b, 0xbe,
+	0x94, 0xd8, 0xf0, 0x13, 0x1a, 0xaa, 0xb6, 0xd3, 0x9f, 0x82, 0x41, 0xe1, 0xa1, 0x96, 0x8c, 0x82,
+	0x20, 0x70, 0xb1, 0x84, 0xdb, 0xbf, 0x50, 0x04, 0x23, 0x27, 0x13, 0xfa, 0x23, 0x0b, 0x66, 0x03,
+	0x6e, 0xb9, 0x5e, 0x5f, 0x6c, 0x07, 0xae, 0xb7, 0x51, 0xad, 0x6d, 0x92, 0x7a, 0xbb, 0xe1, 0x7a,
+	0x1b, 0xe5, 0x0d, 0xcf, 0x57, 0xc5, 0x4b, 0x77, 0x49, 0xad, 0xcd, 0xb4, 0xca, 0x5d, 0x12, 0x40,
+	0x29, 0x0f, 0x90, 0xe7, 0xf7, 0x76, 0x4b, 0xb3, 0xf8, 0x40, 0xb4, 0xf1, 0x01, 0xfb, 0x82, 0xfe,
+	0xd2, 0x82, 0x0b, 0x3c, 0x37, 0x50, 0xef, 0xfd, 0xef, 0x20, 0xe1, 0xa8, 0x48, 0x52, 0x31, 0x91,
+	0x35, 0x12, 0x34, 0xe7, 0x5f, 0x16, 0x03, 0x7a, 0xa1, 0x72, 0xb0, 0xb6, 0xf0, 0x41, 0x3b, 0x67,
+	0xff, 0xb7, 0x45, 0x18, 0x13, 0xa1, 0x29, 0xc5, 0x1d, 0xf0, 0x92, 0xb1, 0x24, 0x1e, 0x4d, 0x2c,
+	0x89, 0x29, 0x03, 0xf9, 0xc1, 0x1c, 0xff, 0x21, 0x4c, 0xd1, 0xc3, 0xf9, 0x0a, 0x71, 0x82, 0xe8,
+	0x36, 0x71, 0xb8, 0x3d, 0x63, 0xf1, 0xc0, 0xa7, 0xbf, 0x12, 0xac, 0x5f, 0x4b, 0x12, 0xc3, 0x69,
+	0xfa, 0xdf, 0x4b, 0x77, 0x8e, 0x07, 0x93, 0xa9, 0xe8, 0xa2, 0x6f, 0xc3, 0xb0, 0x72, 0xaf, 0x12,
+	0x87, 0x4e, 0xe7, 0x20, 0xbd, 0x49, 0x0a, 0x5c, 0xe8, 0x19, 0xbb, 0xf6, 0xc5, 0xe4, 0xec, 0xdf,
+	0x2e, 0x18, 0x0d, 0xf2, 0x49, 0x5c, 0x85, 0x21, 0x27, 0x64, 0x81, 0xc3, 0xeb, 0x9d, 0x24, 0xda,
+	0xa9, 0x66, 0x98, 0x8b, 0xdb, 0x9c, 0xa8, 0x89, 0x15, 0x0d, 0x74, 0x85, 0x5b, 0x8d, 0x6e, 0x93,
+	0x4e, 0xe2, 0xec, 0x14, 0x35, 0x90, 0x76, 0xa5, 0xdb, 0x04, 0x8b, 0xfa, 0xe8, 0x53, 0xdc, 0xac,
+	0xf7, 0xaa, 0xe7, 0xdf, 0xf1, 0x2e, 0xfb, 0xbe, 0x0c, 0x43, 0xd4, 0x1b, 0xc1, 0x29, 0x69, 0xcc,
+	0xab, 0xaa, 0x63, 0x93, 0x5a, 0x6f, 0xe1, 0xba, 0x3f, 0x07, 0x2c, 0x17, 0x8a, 0x19, 0xcd, 0x20,
+	0x44, 0x04, 0x26, 0x44, 0xdc, 0x53, 0x59, 0x26, 0xc6, 0x2e, 0xf3, 0xf9, 0x6d, 0xd6, 0x8e, 0x35,
+	0x40, 0x57, 0x4d, 0x12, 0x38, 0x49, 0xd3, 0xde, 0xe4, 0x87, 0xf0, 0x32, 0x71, 0xa2, 0x76, 0x40,
+	0x42, 0xf4, 0x71, 0x98, 0x4e, 0xbf, 0x8c, 0x85, 0x22, 0xc5, 0x62, 0xdc, 0xf3, 0xa9, 0xbd, 0xdd,
+	0xd2, 0x74, 0x35, 0x07, 0x07, 0xe7, 0xd6, 0xb6, 0x7f, 0xcd, 0x02, 0xe6, 0x43, 0x7e, 0x08, 0x9c,
+	0xcf, 0xc7, 0x4c, 0xce, 0x67, 0x3a, 0x6f, 0x3a, 0x73, 0x98, 0x9e, 0x17, 0xf9, 0x1a, 0xae, 0x04,
+	0xfe, 0xdd, 0x1d, 0x61, 0xf5, 0xd5, 0xfd, 0x19, 0x67, 0x7f, 0xd9, 0x02, 0x96, 0x38, 0x08, 0xf3,
+	0x57, 0xbb, 0x54, 0x70, 0x74, 0x37, 0x68, 0xf8, 0x38, 0x0c, 0xad, 0x8b, 0xe1, 0xcf, 0x10, 0x3a,
+	0x19, 0x1d, 0x36, 0x69, 0xcb, 0x49, 0x13, 0xbe, 0xa0, 0xe2, 0x1f, 0x56, 0xd4, 0xec, 0xff, 0xd2,
+	0x82, 0x99, 0xfc, 0x6a, 0xe8, 0x06, 0x9c, 0x08, 0x48, 0xad, 0x1d, 0x84, 0x74, 0x4b, 0x88, 0x07,
+	0x90, 0x70, 0xa7, 0xe2, 0x53, 0xfd, 0xc8, 0xde, 0x6e, 0xe9, 0x04, 0xce, 0x46, 0xc1, 0x79, 0x75,
+	0xd1, 0x2b, 0x30, 0xde, 0x0e, 0x39, 0xe7, 0xc7, 0x98, 0xae, 0x50, 0x44, 0xa7, 0x66, 0x1e, 0x47,
+	0x37, 0x0c, 0x08, 0x4e, 0x60, 0xda, 0x3f, 0xc0, 0x97, 0xa3, 0x0a, 0x50, 0xdd, 0x84, 0x29, 0x4f,
+	0xfb, 0x4f, 0x6f, 0x40, 0xf9, 0xd4, 0x7f, 0xbc, 0xdb, 0xad, 0xcf, 0xae, 0x4b, 0xcd, 0xcb, 0x3d,
+	0x41, 0x06, 0xa7, 0x29, 0xdb, 0xbf, 0x68, 0xc1, 0x09, 0x1d, 0x51, 0x73, 0xa4, 0xeb, 0xa6, 0x05,
+	0x5c, 0x84, 0x21, 0xbf, 0x45, 0x02, 0x27, 0xf2, 0x03, 0x71, 0xcd, 0x9d, 0x97, 0x2b, 0xf4, 0xba,
+	0x28, 0xdf, 0x17, 0x09, 0x73, 0x24, 0x75, 0x59, 0x8e, 0x55, 0x4d, 0x64, 0xc3, 0x00, 0x13, 0x20,
+	0x86, 0xc2, 0x65, 0x92, 0x1d, 0x5a, 0xcc, 0xb2, 0x25, 0xc4, 0x02, 0x62, 0xff, 0xa3, 0xc5, 0xd7,
+	0xa7, 0xde, 0x75, 0xf4, 0x2e, 0x4c, 0x36, 0x9d, 0xa8, 0xb6, 0xb9, 0x74, 0xb7, 0x15, 0x70, 0xe5,
+	0xae, 0x1c, 0xa7, 0x67, 0xba, 0x8d, 0x93, 0xf6, 0x91, 0xb1, 0x69, 0xf5, 0x4a, 0x82, 0x18, 0x4e,
+	0x91, 0x47, 0xb7, 0x61, 0x84, 0x95, 0x31, 0x6f, 0xe0, 0xb0, 0x13, 0x2f, 0x93, 0xd7, 0x9a, 0x32,
+	0x0e, 0x5a, 0x89, 0xe9, 0x60, 0x9d, 0xa8, 0xfd, 0xd5, 0x22, 0x3f, 0x34, 0xd8, 0xdb, 0xe3, 0x29,
+	0x18, 0x6c, 0xf9, 0xf5, 0x85, 0xf2, 0x22, 0x16, 0xb3, 0xa0, 0xee, 0xbd, 0x0a, 0x2f, 0xc6, 0x12,
+	0x8e, 0xce, 0xc3, 0x90, 0xf8, 0x29, 0x95, 0xf1, 0x6c, 0x8f, 0x08, 0xbc, 0x10, 0x2b, 0x28, 0x7a,
+	0x1e, 0xa0, 0x15, 0xf8, 0xdb, 0x6e, 0x9d, 0x45, 0x7f, 0x2a, 0x9a, 0x76, 0x7d, 0x15, 0x05, 0xc1,
+	0x1a, 0x16, 0x7a, 0x15, 0xc6, 0xda, 0x5e, 0xc8, 0xf9, 0x27, 0x2d, 0xc6, 0xbe, 0xb2, 0x38, 0xbb,
+	0xa1, 0x03, 0xb1, 0x89, 0x8b, 0xe6, 0x60, 0x20, 0x72, 0x98, 0x9d, 0x5a, 0x7f, 0xbe, 0xf9, 0xfd,
+	0x1a, 0xc5, 0xd0, 0xb3, 0xd9, 0xd1, 0x0a, 0x58, 0x54, 0x44, 0x6f, 0x4b, 0xc7, 0x7c, 0x7e, 0x13,
+	0x09, 0xbf, 0x97, 0xde, 0x6e, 0x2d, 0xcd, 0x2d, 0x5f, 0xf8, 0xd3, 0x18, 0xb4, 0xd0, 0x2b, 0x00,
+	0xe4, 0x6e, 0x44, 0x02, 0xcf, 0x69, 0x28, 0xeb, 0x52, 0xc5, 0xc8, 0x2c, 0xfa, 0xab, 0x7e, 0x74,
+	0x23, 0x24, 0x4b, 0x0a, 0x03, 0x6b, 0xd8, 0xf6, 0x8f, 0x8e, 0x00, 0xc4, 0x0f, 0x0d, 0x74, 0x0f,
+	0x86, 0x6a, 0x4e, 0xcb, 0xa9, 0xf1, 0x54, 0xad, 0xc5, 0x3c, 0x7f, 0xe9, 0xb8, 0xc6, 0xec, 0x82,
+	0x40, 0xe7, 0xca, 0x1b, 0x19, 0xa6, 0x7c, 0x48, 0x16, 0x77, 0x55, 0xd8, 0xa8, 0xf6, 0xd0, 0x17,
+	0x2c, 0x18, 0x11, 0xd1, 0x95, 0xd8, 0x0c, 0x15, 0xf2, 0xf5, 0x6d, 0x5a, 0xfb, 0x73, 0x71, 0x0d,
+	0xde, 0x85, 0x17, 0xe4, 0x0a, 0xd5, 0x20, 0x5d, 0x7b, 0xa1, 0x37, 0x8c, 0x3e, 0x2c, 0xdf, 0xb6,
+	0x45, 0x63, 0x28, 0xd5, 0xdb, 0x76, 0x98, 0x5d, 0x35, 0xfa, 0xb3, 0xf6, 0x86, 0xf1, 0xac, 0xed,
+	0xcb, 0xf7, 0x3c, 0x36, 0xf8, 0xed, 0x6e, 0x2f, 0x5a, 0x54, 0xd1, 0xa3, 0x90, 0xf4, 0xe7, 0xbb,
+	0xcb, 0x6a, 0x0f, 0xbb, 0x2e, 0x11, 0x48, 0x3e, 0x0b, 0x13, 0x75, 0x93, 0x6b, 0x11, 0x2b, 0xf1,
+	0xc9, 0x3c, 0xba, 0x09, 0x26, 0x27, 0xe6, 0x53, 0x12, 0x00, 0x9c, 0x24, 0x8c, 0x2a, 0x3c, 0x28,
+	0x4d, 0xd9, 0x5b, 0xf7, 0x85, 0xef, 0x95, 0x9d, 0x3b, 0x97, 0x3b, 0x61, 0x44, 0x9a, 0x14, 0x33,
+	0x66, 0x12, 0x56, 0x45, 0x5d, 0xac, 0xa8, 0xa0, 0x37, 0x61, 0x80, 0xf9, 0x4b, 0x86, 0xd3, 0x43,
+	0xf9, 0x6a, 0x0d, 0x33, 0xfa, 0x6a, 0xbc, 0x21, 0xd9, 0xdf, 0x10, 0x0b, 0x0a, 0xe8, 0x8a, 0xf4,
+	0x46, 0x0e, 0xcb, 0xde, 0x8d, 0x90, 0x30, 0x6f, 0xe4, 0xe1, 0xf9, 0xc7, 0x63, 0x47, 0x63, 0x5e,
+	0x9e, 0x99, 0xf3, 0xd6, 0xa8, 0x49, 0xd9, 0x3e, 0xf1, 0x5f, 0xa6, 0xd2, 0x15, 0xb1, 0xe2, 0x32,
+	0xbb, 0x67, 0xa6, 0xdb, 0x8d, 0x87, 0xf3, 0xa6, 0x49, 0x02, 0x27, 0x69, 0x52, 0x16, 0x9a, 0xef,
+	0x7a, 0xe1, 0xbd, 0xd5, 0xed, 0xec, 0xe0, 0x92, 0x03, 0x76, 0x1b, 0xf1, 0x12, 0x2c, 0xea, 0x23,
+	0x17, 0x26, 0x02, 0x83, 0xbd, 0x90, 0x21, 0xde, 0xce, 0xf5, 0xc6, 0xc4, 0x68, 0xc9, 0x03, 0x4c,
+	0x32, 0x38, 0x49, 0x17, 0xbd, 0xa9, 0x31, 0x4a, 0x63, 0x9d, 0x5f, 0xfe, 0xdd, 0x58, 0xa3, 0x99,
+	0x2d, 0x18, 0x33, 0x0e, 0x9b, 0x87, 0xaa, 0x82, 0xf4, 0x60, 0x32, 0x79, 0xb2, 0x3c, 0x54, 0xcd,
+	0xe3, 0x2b, 0x30, 0xce, 0x36, 0xc2, 0x1d, 0xa7, 0x25, 0x8e, 0xe2, 0xf3, 0xc6, 0x51, 0x6c, 0x9d,
+	0x2f, 0xf2, 0x81, 0x91, 0x43, 0x10, 0x1f, 0x9c, 0xf6, 0xaf, 0xf4, 0x8b, 0xca, 0x6a, 0x17, 0xa1,
+	0x0b, 0x30, 0x2c, 0x3a, 0xa0, 0x32, 0x70, 0xa9, 0x83, 0x61, 0x45, 0x02, 0x70, 0x8c, 0xc3, 0x12,
+	0xaf, 0xb1, 0xea, 0x9a, 0x87, 0x42, 0x9c, 0x78, 0x4d, 0x41, 0xb0, 0x86, 0x45, 0x1f, 0xbf, 0xb7,
+	0x7d, 0x3f, 0x52, 0x77, 0xb0, 0xda, 0x6a, 0xf3, 0xac, 0x14, 0x0b, 0x28, 0xbd, 0x7b, 0xb7, 0x48,
+	0xe0, 0x91, 0x86, 0x99, 0x82, 0x42, 0xdd, 0xbd, 0x57, 0x75, 0x20, 0x36, 0x71, 0x29, 0x07, 0xe1,
+	0x87, 0x6c, 0xef, 0x8a, 0x27, 0x76, 0xec, 0xf1, 0x51, 0xe5, 0xb1, 0x2b, 0x24, 0x1c, 0x7d, 0x02,
+	0x4e, 0xa8, 0x70, 0x8f, 0x62, 0x65, 0xca, 0x16, 0x07, 0x0c, 0x89, 0xd8, 0x89, 0x85, 0x6c, 0x34,
+	0x9c, 0x57, 0x1f, 0xbd, 0x0e, 0xe3, 0xe2, 0x19, 0x26, 0x29, 0x0e, 0x9a, 0xe6, 0x8b, 0x57, 0x0d,
+	0x28, 0x4e, 0x60, 0xcb, 0x24, 0x1a, 0xec, 0x7d, 0x22, 0x29, 0x0c, 0xa5, 0x93, 0x68, 0xe8, 0x70,
+	0x9c, 0xaa, 0x81, 0xe6, 0x60, 0x82, 0xb3, 0x9d, 0xae, 0xb7, 0xc1, 0xe7, 0x44, 0xf8, 0x93, 0xaa,
+	0x0d, 0x79, 0xdd, 0x04, 0xe3, 0x24, 0x3e, 0xba, 0x04, 0xa3, 0x4e, 0x50, 0xdb, 0x74, 0x23, 0x52,
+	0xa3, 0xbb, 0x8a, 0x59, 0x10, 0x6a, 0xf6, 0x9f, 0x73, 0x1a, 0x0c, 0x1b, 0x98, 0xe8, 0x0d, 0xe8,
+	0x0b, 0xef, 0x38, 0x2d, 0x71, 0xfa, 0xe4, 0x1f, 0xe5, 0x6a, 0x05, 0x73, 0xd3, 0x2f, 0xfa, 0x1f,
+	0xb3, 0x9a, 0xf6, 0x3d, 0x38, 0x92, 0x11, 0x16, 0x87, 0x2e, 0x3d, 0xa7, 0xe5, 0xca, 0x51, 0x49,
+	0xb8, 0x69, 0xcc, 0x55, 0xca, 0x72, 0x3c, 0x34, 0x2c, 0xba, 0xbe, 0x59, 0xf8, 0x1c, 0x2d, 0xdd,
+	0xb8, 0x5a, 0xdf, 0xcb, 0x12, 0x80, 0x63, 0x1c, 0xfb, 0x5f, 0x0b, 0x30, 0x91, 0xa1, 0x1e, 0x64,
+	0x29, 0xaf, 0x13, 0xef, 0xbc, 0x38, 0xc3, 0xb5, 0x99, 0xd5, 0xa5, 0x70, 0x80, 0xac, 0x2e, 0xc5,
+	0x6e, 0x59, 0x5d, 0xfa, 0xde, 0x4b, 0x56, 0x17, 0x73, 0xc4, 0xfa, 0x7b, 0x1a, 0xb1, 0x8c, 0x4c,
+	0x30, 0x03, 0x07, 0xcc, 0x04, 0x63, 0x0c, 0xfa, 0x60, 0x0f, 0x83, 0xfe, 0xd3, 0x05, 0x98, 0x4c,
+	0x6a, 0x16, 0x0f, 0x41, 0x3a, 0xff, 0xa6, 0x21, 0x9d, 0x3f, 0xdf, 0x4b, 0x04, 0x81, 0x5c, 0x49,
+	0x3d, 0x4e, 0x48, 0xea, 0x9f, 0xee, 0x89, 0x5a, 0x67, 0xa9, 0xfd, 0x2f, 0x15, 0xe0, 0x58, 0xa6,
+	0xc2, 0xf5, 0x10, 0xc6, 0xe6, 0xba, 0x31, 0x36, 0xcf, 0xf5, 0x1c, 0x5d, 0x21, 0x77, 0x80, 0x6e,
+	0x25, 0x06, 0xe8, 0x42, 0xef, 0x24, 0x3b, 0x8f, 0xd2, 0x37, 0x8b, 0x70, 0x26, 0xb3, 0x5e, 0x2c,
+	0xdc, 0x5e, 0x36, 0x84, 0xdb, 0xcf, 0x27, 0x84, 0xdb, 0x76, 0xe7, 0xda, 0x0f, 0x46, 0xda, 0x2d,
+	0xa2, 0x0c, 0xb0, 0x58, 0x29, 0xf7, 0x29, 0xe9, 0x36, 0xa2, 0x0c, 0x28, 0x42, 0xd8, 0xa4, 0xfb,
+	0xbd, 0x24, 0xe1, 0xfe, 0x1f, 0x2d, 0x38, 0x99, 0x39, 0x37, 0x87, 0x20, 0x67, 0x5c, 0x35, 0xe5,
+	0x8c, 0x4f, 0xf5, 0xbc, 0x5a, 0x73, 0x04, 0x8f, 0x5f, 0x1c, 0xc8, 0xf9, 0x16, 0x26, 0xfe, 0xb8,
+	0x0e, 0x23, 0x4e, 0xad, 0x46, 0xc2, 0x70, 0xc5, 0xaf, 0xab, 0x04, 0x10, 0xcf, 0xb1, 0xc7, 0x69,
+	0x5c, 0xbc, 0xbf, 0x5b, 0x9a, 0x49, 0x92, 0x88, 0xc1, 0x58, 0xa7, 0x80, 0x3e, 0x05, 0x43, 0xa1,
+	0xcc, 0xdd, 0xd9, 0x77, 0xff, 0xb9, 0x3b, 0x19, 0x27, 0xa9, 0xc4, 0x3b, 0x8a, 0x24, 0xfa, 0x7e,
+	0x3d, 0x6a, 0x55, 0x07, 0xc1, 0x26, 0xef, 0xe4, 0x7d, 0xc4, 0xae, 0x7a, 0x1e, 0x60, 0x5b, 0xbd,
+	0xa3, 0x92, 0xa2, 0x1b, 0xed, 0x85, 0xa5, 0x61, 0xa1, 0x37, 0x60, 0x32, 0xe4, 0x01, 0x5b, 0x63,
+	0x13, 0x19, 0xbe, 0x16, 0x59, 0xcc, 0xbb, 0x6a, 0x02, 0x86, 0x53, 0xd8, 0x68, 0x59, 0xb6, 0xca,
+	0x8c, 0xa1, 0xf8, 0xf2, 0x3c, 0x17, 0xb7, 0x28, 0x0c, 0xa2, 0x8e, 0x26, 0x27, 0x81, 0x0d, 0xbf,
+	0x56, 0x13, 0x7d, 0x0a, 0x80, 0x2e, 0x22, 0x21, 0xc2, 0x19, 0xcc, 0x3f, 0x42, 0xe9, 0xd9, 0x52,
+	0xcf, 0xf4, 0xc0, 0x60, 0xe1, 0x01, 0x16, 0x15, 0x11, 0xac, 0x11, 0x44, 0x0e, 0x8c, 0xc5, 0xff,
+	0xe2, 0xac, 0xf4, 0xe7, 0x73, 0x5b, 0x48, 0x12, 0x67, 0xea, 0x8d, 0x45, 0x9d, 0x04, 0x36, 0x29,
+	0xa2, 0x4f, 0xc2, 0xc9, 0xed, 0x5c, 0xbb, 0x23, 0xce, 0x4b, 0xb2, 0x34, 0xf3, 0xf9, 0xd6, 0x46,
+	0xf9, 0xf5, 0xed, 0xff, 0x09, 0xe0, 0x91, 0x0e, 0x27, 0x3d, 0x9a, 0x33, 0x6d, 0x06, 0x9e, 0x49,
+	0xca, 0x55, 0x66, 0x32, 0x2b, 0x1b, 0x82, 0x96, 0xc4, 0x86, 0x2a, 0xbc, 0xe7, 0x0d, 0xf5, 0x13,
+	0x96, 0xf6, 0xcc, 0xe2, 0x16, 0xe5, 0x1f, 0x3b, 0xe0, 0x0d, 0xf6, 0x00, 0x45, 0x60, 0xeb, 0x19,
+	0x72, 0xa4, 0xe7, 0x7b, 0xee, 0x4e, 0xef, 0x82, 0xa5, 0xdf, 0xc9, 0x0e, 0x71, 0xcf, 0x45, 0x4c,
+	0x97, 0x0f, 0xfa, 0xfd, 0x87, 0x15, 0xee, 0xfe, 0x1b, 0x16, 0x9c, 0x4c, 0x15, 0xf3, 0x3e, 0x90,
+	0x50, 0x44, 0xe9, 0x5b, 0x7d, 0xcf, 0x9d, 0x97, 0x04, 0xf9, 0x37, 0x5c, 0x11, 0xdf, 0x70, 0x32,
+	0x17, 0x2f, 0xd9, 0xf5, 0x2f, 0xfd, 0x7d, 0xe9, 0x08, 0x6b, 0xc0, 0x44, 0xc4, 0xf9, 0x5d, 0x47,
+	0x2d, 0x38, 0x5b, 0x6b, 0x07, 0x41, 0xbc, 0x58, 0x33, 0x36, 0x27, 0x7f, 0x2d, 0x3e, 0xbe, 0xb7,
+	0x5b, 0x3a, 0xbb, 0xd0, 0x05, 0x17, 0x77, 0xa5, 0x86, 0x3c, 0x40, 0xcd, 0x94, 0x75, 0x1f, 0x3b,
+	0x00, 0x72, 0xa4, 0x40, 0x69, 0x5b, 0x40, 0x6e, 0xa7, 0x9b, 0x61, 0x23, 0x98, 0x41, 0xf9, 0x70,
+	0x65, 0x37, 0xdf, 0x99, 0x78, 0xfa, 0x33, 0xd7, 0xe0, 0x4c, 0xe7, 0xc5, 0x74, 0xa0, 0x10, 0x14,
+	0x7f, 0x63, 0xc1, 0xe9, 0x8e, 0x71, 0xce, 0xbe, 0x0b, 0x1f, 0x0b, 0xf6, 0xe7, 0x2d, 0x78, 0x34,
+	0xb3, 0x46, 0xd2, 0x79, 0xb0, 0x46, 0x0b, 0x35, 0x63, 0xd8, 0x38, 0xe2, 0x8f, 0x04, 0xe0, 0x18,
+	0xc7, 0xb0, 0x17, 0x2d, 0x74, 0xb5, 0x17, 0xfd, 0x53, 0x0b, 0x52, 0x57, 0xfd, 0x21, 0x70, 0x9e,
+	0x65, 0x93, 0xf3, 0x7c, 0xbc, 0x97, 0xd1, 0xcc, 0x61, 0x3a, 0xff, 0x79, 0x02, 0x8e, 0xe7, 0x78,
+	0x90, 0x6f, 0xc3, 0xd4, 0x46, 0x8d, 0x98, 0x21, 0x43, 0x3a, 0x85, 0xd2, 0xeb, 0x18, 0x5f, 0x64,
+	0xfe, 0xd8, 0xde, 0x6e, 0x69, 0x2a, 0x85, 0x82, 0xd3, 0x4d, 0xa0, 0xcf, 0x5b, 0x70, 0xd4, 0xb9,
+	0x13, 0x2e, 0xd1, 0x17, 0x84, 0x5b, 0x9b, 0x6f, 0xf8, 0xb5, 0x2d, 0xca, 0x98, 0xc9, 0x6d, 0xf5,
+	0x62, 0xa6, 0x28, 0xfc, 0x56, 0x35, 0x85, 0x6f, 0x34, 0x3f, 0xbd, 0xb7, 0x5b, 0x3a, 0x9a, 0x85,
+	0x85, 0x33, 0xdb, 0x42, 0x58, 0xe4, 0x38, 0x73, 0xa2, 0xcd, 0x4e, 0x41, 0x6d, 0xb2, 0x5c, 0xfd,
+	0x39, 0x4b, 0x2c, 0x21, 0x58, 0xd1, 0x41, 0x9f, 0x81, 0xe1, 0x0d, 0x19, 0xbf, 0x22, 0x83, 0xe5,
+	0x8e, 0x07, 0xb2, 0x73, 0x54, 0x0f, 0x6e, 0x80, 0xa3, 0x90, 0x70, 0x4c, 0x14, 0xbd, 0x0e, 0x45,
+	0x6f, 0x3d, 0x14, 0xa1, 0xf5, 0xb2, 0xed, 0x80, 0x4d, 0x4b, 0x6b, 0x1e, 0x3a, 0x6a, 0x75, 0xb9,
+	0x8a, 0x69, 0x45, 0x74, 0x05, 0x8a, 0xc1, 0xed, 0xba, 0xd0, 0xe3, 0x64, 0x6e, 0x52, 0x3c, 0xbf,
+	0x98, 0xd3, 0x2b, 0x46, 0x09, 0xcf, 0x2f, 0x62, 0x4a, 0x02, 0x55, 0xa0, 0x9f, 0xb9, 0x5d, 0x0b,
+	0xd6, 0x36, 0xf3, 0x29, 0xdf, 0x21, 0x7c, 0x01, 0xf7, 0x87, 0x64, 0x08, 0x98, 0x13, 0x42, 0x6b,
+	0x30, 0x50, 0x73, 0xbd, 0x3a, 0x09, 0x04, 0x2f, 0xfb, 0xe1, 0x4c, 0x8d, 0x0d, 0xc3, 0xc8, 0xa1,
+	0xc9, 0x15, 0x18, 0x0c, 0x03, 0x0b, 0x5a, 0x8c, 0x2a, 0x69, 0x6d, 0xae, 0xcb, 0x1b, 0x2b, 0x9b,
+	0x2a, 0x69, 0x6d, 0x2e, 0x57, 0x3b, 0x52, 0x65, 0x18, 0x58, 0xd0, 0x42, 0xaf, 0x40, 0x61, 0xbd,
+	0x26, 0x5c, 0xaa, 0x33, 0xc5, 0x9b, 0x66, 0xf4, 0xaf, 0xf9, 0x81, 0xbd, 0xdd, 0x52, 0x61, 0x79,
+	0x01, 0x17, 0xd6, 0x6b, 0x68, 0x15, 0x06, 0xd7, 0x79, 0xbc, 0x20, 0x21, 0x1f, 0x7d, 0x32, 0x3b,
+	0x94, 0x51, 0x2a, 0xa4, 0x10, 0xf7, 0x6d, 0x15, 0x00, 0x2c, 0x89, 0xb0, 0x94, 0x5b, 0x2a, 0xee,
+	0x91, 0x08, 0xbb, 0x3a, 0x7b, 0xb0, 0x58, 0x55, 0xfc, 0xa9, 0x11, 0x47, 0x4f, 0xc2, 0x1a, 0x45,
+	0xba, 0xaa, 0x9d, 0x7b, 0xed, 0x80, 0xe5, 0xe4, 0x10, 0x8a, 0x99, 0xcc, 0x55, 0x3d, 0x27, 0x91,
+	0x3a, 0xad, 0x6a, 0x85, 0x84, 0x63, 0xa2, 0x68, 0x0b, 0xc6, 0xb6, 0xc3, 0xd6, 0x26, 0x91, 0x5b,
+	0x9a, 0x85, 0xeb, 0xcb, 0xe1, 0x66, 0x6f, 0x0a, 0x44, 0x37, 0x88, 0xda, 0x4e, 0x23, 0x75, 0x0a,
+	0xb1, 0x67, 0xcd, 0x4d, 0x9d, 0x18, 0x36, 0x69, 0xd3, 0xe1, 0x7f, 0xb7, 0xed, 0xdf, 0xde, 0x89,
+	0x88, 0x88, 0x96, 0x9a, 0x39, 0xfc, 0x6f, 0x71, 0x94, 0xf4, 0xf0, 0x0b, 0x00, 0x96, 0x44, 0xd0,
+	0x4d, 0x31, 0x3c, 0xec, 0xf4, 0x9c, 0xcc, 0x0f, 0xc5, 0x3e, 0x27, 0x91, 0x72, 0x06, 0x85, 0x9d,
+	0x96, 0x31, 0x29, 0x76, 0x4a, 0xb6, 0x36, 0xfd, 0xc8, 0xf7, 0x12, 0x27, 0xf4, 0x54, 0xfe, 0x29,
+	0x59, 0xc9, 0xc0, 0x4f, 0x9f, 0x92, 0x59, 0x58, 0x38, 0xb3, 0x2d, 0x54, 0x87, 0xf1, 0x96, 0x1f,
+	0x44, 0x77, 0xfc, 0x40, 0xae, 0x2f, 0xd4, 0x41, 0x50, 0x6a, 0x60, 0x8a, 0x16, 0x99, 0x59, 0x90,
+	0x09, 0xc1, 0x09, 0x9a, 0xe8, 0xe3, 0x30, 0x18, 0xd6, 0x9c, 0x06, 0x29, 0x5f, 0x9f, 0x3e, 0x92,
+	0x7f, 0xfd, 0x54, 0x39, 0x4a, 0xce, 0xea, 0xe2, 0xe1, 0x9e, 0x38, 0x0a, 0x96, 0xe4, 0xd0, 0x32,
+	0xf4, 0xb3, 0x54, 0xd6, 0x2c, 0xb4, 0x6f, 0x4e, 0x44, 0xf9, 0x94, 0x53, 0x0f, 0x3f, 0x9b, 0x58,
+	0x31, 0xe6, 0xd5, 0xe9, 0x1e, 0x10, 0x92, 0x02, 0x3f, 0x9c, 0x3e, 0x96, 0xbf, 0x07, 0x84, 0x80,
+	0xe1, 0x7a, 0xb5, 0xd3, 0x1e, 0x50, 0x48, 0x38, 0x26, 0x4a, 0x4f, 0x66, 0x7a, 0x9a, 0x1e, 0xef,
+	0x60, 0xb0, 0x99, 0x7b, 0x96, 0xb2, 0x93, 0x99, 0x9e, 0xa4, 0x94, 0x84, 0xfd, 0xc7, 0x43, 0x69,
+	0x9e, 0x85, 0x49, 0x98, 0xfe, 0x63, 0x2b, 0x65, 0xb1, 0xf1, 0x91, 0x5e, 0x05, 0xde, 0x0f, 0xf0,
+	0xe1, 0xfa, 0x79, 0x0b, 0x8e, 0xb7, 0x32, 0x3f, 0x44, 0x30, 0x00, 0xbd, 0xc9, 0xcd, 0xf9, 0xa7,
+	0xab, 0x30, 0xd0, 0xd9, 0x70, 0x9c, 0xd3, 0x52, 0x52, 0x38, 0x50, 0x7c, 0xcf, 0xc2, 0x81, 0x15,
+	0x18, 0xaa, 0xf1, 0x97, 0x9c, 0x4c, 0x5f, 0xd0, 0x53, 0x10, 0x53, 0xae, 0xa7, 0x15, 0x15, 0xb1,
+	0x22, 0x81, 0x7e, 0xd2, 0x82, 0xd3, 0xc9, 0xae, 0x63, 0xc2, 0xc0, 0xc2, 0x5c, 0x93, 0x8b, 0xb5,
+	0x96, 0xc5, 0xf7, 0xa7, 0xf8, 0x7f, 0x03, 0x79, 0xbf, 0x1b, 0x02, 0xee, 0xdc, 0x18, 0x5a, 0xcc,
+	0x90, 0xab, 0x0d, 0x98, 0x3a, 0xc9, 0x1e, 0x64, 0x6b, 0x2f, 0xc2, 0x68, 0xd3, 0x6f, 0x7b, 0x91,
+	0xb0, 0xba, 0x14, 0xa6, 0x5b, 0xcc, 0x64, 0x69, 0x45, 0x2b, 0xc7, 0x06, 0x56, 0x42, 0x22, 0x37,
+	0x74, 0xdf, 0x12, 0xb9, 0x77, 0x60, 0xd4, 0xd3, 0x1c, 0x12, 0x3a, 0xbd, 0x60, 0x85, 0x74, 0x51,
+	0xc3, 0xe6, 0xbd, 0xd4, 0x4b, 0xb0, 0x41, 0xad, 0xb3, 0xb4, 0x0c, 0xde, 0x9b, 0xb4, 0xec, 0x50,
+	0x9f, 0xc4, 0xf6, 0x6f, 0x16, 0x32, 0x5e, 0x0c, 0x5c, 0x2a, 0xf7, 0x9a, 0x29, 0x95, 0x3b, 0x97,
+	0x94, 0xca, 0xa5, 0x54, 0x55, 0x86, 0x40, 0xae, 0xf7, 0x1c, 0x9a, 0x3d, 0x07, 0xa6, 0xfe, 0x61,
+	0x0b, 0x4e, 0x30, 0xdd, 0x07, 0x6d, 0xe0, 0x3d, 0xeb, 0x3b, 0x98, 0x41, 0xec, 0xb5, 0x6c, 0x72,
+	0x38, 0xaf, 0x1d, 0xbb, 0x01, 0x67, 0xbb, 0xdd, 0xbb, 0xcc, 0xbe, 0xb8, 0xae, 0xcc, 0x2b, 0x62,
+	0xfb, 0xe2, 0x7a, 0x79, 0x11, 0x33, 0x48, 0xaf, 0x61, 0x17, 0xed, 0xff, 0xdb, 0x82, 0x62, 0xc5,
+	0xaf, 0x1f, 0xc2, 0x8b, 0xfe, 0x63, 0xc6, 0x8b, 0xfe, 0x91, 0xec, 0x1b, 0xbf, 0x9e, 0xab, 0xec,
+	0x5b, 0x4a, 0x28, 0xfb, 0x4e, 0xe7, 0x11, 0xe8, 0xac, 0xda, 0xfb, 0xe5, 0x22, 0x8c, 0x54, 0xfc,
+	0xba, 0xda, 0x67, 0xff, 0xfd, 0xfd, 0xb8, 0x11, 0xe5, 0x66, 0xcd, 0xd2, 0x28, 0x33, 0x7b, 0x62,
+	0x19, 0xf5, 0xe2, 0xbb, 0xcc, 0x9b, 0xe8, 0x16, 0x71, 0x37, 0x36, 0x23, 0x52, 0x4f, 0x7e, 0xce,
+	0xe1, 0x79, 0x13, 0x7d, 0xab, 0x08, 0x13, 0x89, 0xd6, 0x51, 0x03, 0xc6, 0x1a, 0xba, 0x2a, 0x49,
+	0xac, 0xd3, 0xfb, 0xd2, 0x42, 0x09, 0x6f, 0x0c, 0xad, 0x08, 0x9b, 0xc4, 0xd1, 0x2c, 0x80, 0xa7,
+	0xdb, 0xa4, 0xab, 0x00, 0xcb, 0x9a, 0x3d, 0xba, 0x86, 0x81, 0x5e, 0x82, 0x91, 0xc8, 0x6f, 0xf9,
+	0x0d, 0x7f, 0x63, 0xe7, 0x2a, 0x91, 0x11, 0x39, 0x95, 0xc9, 0xf2, 0x5a, 0x0c, 0xc2, 0x3a, 0x1e,
+	0xba, 0x0b, 0x53, 0x8a, 0x48, 0xf5, 0x01, 0xa8, 0xd7, 0x98, 0xd8, 0x64, 0x35, 0x49, 0x11, 0xa7,
+	0x1b, 0x41, 0xaf, 0xc0, 0x38, 0xb3, 0x9d, 0x66, 0xf5, 0xaf, 0x92, 0x1d, 0x19, 0xa9, 0x99, 0x71,
+	0xd8, 0x2b, 0x06, 0x04, 0x27, 0x30, 0xd1, 0x02, 0x4c, 0x35, 0xdd, 0x30, 0x51, 0x7d, 0x80, 0x55,
+	0x67, 0x1d, 0x58, 0x49, 0x02, 0x71, 0x1a, 0xdf, 0xfe, 0x75, 0x31, 0xc7, 0x5e, 0xe4, 0x7e, 0xb0,
+	0x1d, 0xdf, 0xdf, 0xdb, 0xf1, 0x9b, 0x16, 0x4c, 0xd2, 0xd6, 0x99, 0x41, 0xa8, 0x64, 0xa4, 0x54,
+	0x2e, 0x0f, 0xab, 0x43, 0x2e, 0x8f, 0x73, 0xf4, 0xd8, 0xae, 0xfb, 0xed, 0x48, 0x48, 0x47, 0xb5,
+	0x73, 0x99, 0x96, 0x62, 0x01, 0x15, 0x78, 0x24, 0x08, 0x84, 0xd7, 0xbd, 0x8e, 0x47, 0x82, 0x00,
+	0x0b, 0xa8, 0x4c, 0xf5, 0xd1, 0x97, 0x9d, 0xea, 0x83, 0x47, 0x6c, 0x17, 0x76, 0x74, 0x82, 0xa5,
+	0xd5, 0x22, 0xb6, 0x4b, 0x03, 0xbb, 0x18, 0xc7, 0xfe, 0x76, 0x11, 0x46, 0x2b, 0x7e, 0x3d, 0x36,
+	0xec, 0x78, 0xd1, 0x30, 0xec, 0x38, 0x9b, 0x30, 0xec, 0x98, 0xd4, 0x71, 0x35, 0x33, 0x8e, 0x37,
+	0x01, 0xf9, 0x22, 0x90, 0xfc, 0x65, 0xe2, 0x31, 0xbb, 0x37, 0x61, 0xa8, 0x57, 0x8c, 0xcd, 0x1e,
+	0xae, 0xa7, 0x30, 0x70, 0x46, 0xad, 0x0f, 0x4c, 0x42, 0x0e, 0xd7, 0x24, 0xe4, 0x4f, 0x2c, 0xb6,
+	0x02, 0x16, 0x57, 0xab, 0xdc, 0x56, 0x19, 0x5d, 0x84, 0x11, 0x76, 0x5a, 0xb2, 0x90, 0x11, 0xd2,
+	0x72, 0x82, 0xa5, 0xf1, 0x5c, 0x8d, 0x8b, 0xb1, 0x8e, 0x83, 0xce, 0xc3, 0x50, 0x48, 0x9c, 0xa0,
+	0xb6, 0xa9, 0xae, 0x0a, 0x61, 0xe6, 0xc0, 0xcb, 0xb0, 0x82, 0xa2, 0xb7, 0xe2, 0xc0, 0xe3, 0xc5,
+	0x7c, 0xc3, 0x67, 0xbd, 0x3f, 0x7c, 0xbb, 0xe5, 0x47, 0x1b, 0xb7, 0x6f, 0x01, 0x4a, 0xe3, 0xf7,
+	0xe0, 0x49, 0x56, 0x32, 0x43, 0xe3, 0x0e, 0xa7, 0xc2, 0xe2, 0xfe, 0x9b, 0x05, 0xe3, 0x15, 0xbf,
+	0x4e, 0x8f, 0x81, 0xef, 0xa5, 0x3d, 0xaf, 0x67, 0x5d, 0x18, 0xe8, 0x90, 0x75, 0xe1, 0x31, 0xe8,
+	0xaf, 0xf8, 0xf5, 0x2e, 0xe1, 0x7b, 0x7f, 0xc5, 0x82, 0xc1, 0x8a, 0x5f, 0x3f, 0x04, 0x25, 0xce,
+	0x6b, 0xa6, 0x12, 0xe7, 0x44, 0xce, 0xba, 0xc9, 0xd1, 0xdb, 0xfc, 0x79, 0x1f, 0x8c, 0xd1, 0x7e,
+	0xfa, 0x1b, 0x72, 0x2a, 0x8d, 0x61, 0xb3, 0x7a, 0x18, 0x36, 0xfa, 0xa4, 0xf0, 0x1b, 0x0d, 0xff,
+	0x4e, 0x72, 0x5a, 0x97, 0x59, 0x29, 0x16, 0x50, 0xf4, 0x2c, 0x0c, 0xb5, 0x02, 0xb2, 0xed, 0xfa,
+	0x82, 0x57, 0xd7, 0x54, 0x62, 0x15, 0x51, 0x8e, 0x15, 0x06, 0x7d, 0xc4, 0x87, 0xae, 0x47, 0xf9,
+	0x92, 0x9a, 0xef, 0xd5, 0xb9, 0x9e, 0xa3, 0x28, 0x52, 0x83, 0x69, 0xe5, 0xd8, 0xc0, 0x42, 0xb7,
+	0x60, 0x98, 0xfd, 0x67, 0xc7, 0x4e, 0xff, 0x81, 0x8f, 0x1d, 0x91, 0x2c, 0x59, 0x10, 0xc0, 0x31,
+	0x2d, 0xf4, 0x3c, 0x40, 0x24, 0xd3, 0xeb, 0x84, 0x22, 0x8c, 0xab, 0x7a, 0xd7, 0xa8, 0xc4, 0x3b,
+	0x21, 0xd6, 0xb0, 0xd0, 0x33, 0x30, 0x1c, 0x39, 0x6e, 0xe3, 0x9a, 0xeb, 0x31, 0x5b, 0x00, 0xda,
+	0x7f, 0x91, 0xb3, 0x58, 0x14, 0xe2, 0x18, 0x4e, 0xf9, 0x4a, 0x16, 0xdd, 0x6a, 0x7e, 0x27, 0x12,
+	0xe9, 0xf9, 0x8a, 0x9c, 0xaf, 0xbc, 0xa6, 0x4a, 0xb1, 0x86, 0x81, 0x36, 0xe1, 0x94, 0xeb, 0xb1,
+	0x34, 0x5a, 0xa4, 0xba, 0xe5, 0xb6, 0xd6, 0xae, 0x55, 0x6f, 0x92, 0xc0, 0x5d, 0xdf, 0x99, 0x77,
+	0x6a, 0x5b, 0xc4, 0xab, 0x33, 0xb1, 0xc3, 0xd0, 0xfc, 0xe3, 0xa2, 0x8b, 0xa7, 0xca, 0x1d, 0x70,
+	0x71, 0x47, 0x4a, 0xc8, 0xa6, 0xdb, 0x31, 0x20, 0x4e, 0x53, 0xc8, 0x17, 0x78, 0x0a, 0x1e, 0x56,
+	0x82, 0x05, 0xc4, 0x7e, 0x81, 0xed, 0x89, 0xeb, 0x55, 0xf4, 0xb4, 0x71, 0xbc, 0x1c, 0xd7, 0x8f,
+	0x97, 0xfd, 0xdd, 0xd2, 0xc0, 0xf5, 0xaa, 0x16, 0xe9, 0xe8, 0x12, 0x1c, 0xab, 0xf8, 0xf5, 0x8a,
+	0x1f, 0x44, 0xcb, 0x7e, 0x70, 0xc7, 0x09, 0xea, 0x72, 0x09, 0x96, 0x64, 0xac, 0x27, 0x7a, 0xc6,
+	0xf6, 0xf3, 0x13, 0xc8, 0x88, 0xe3, 0xf4, 0x02, 0xe3, 0x10, 0x0f, 0xe8, 0x5a, 0x5b, 0x63, 0xbc,
+	0x8a, 0x4a, 0x56, 0x77, 0xd9, 0x89, 0x08, 0xba, 0x0e, 0x63, 0x35, 0xfd, 0xda, 0x16, 0xd5, 0x9f,
+	0x92, 0x97, 0x9d, 0x71, 0xa7, 0x67, 0xde, 0xf3, 0x66, 0x7d, 0xfb, 0x1b, 0x96, 0x68, 0x85, 0x4b,
+	0x3e, 0xb8, 0x0d, 0x6d, 0xf7, 0x33, 0x77, 0x01, 0xa6, 0x02, 0xbd, 0x8a, 0x66, 0x8b, 0x76, 0x8c,
+	0x67, 0xff, 0x49, 0x00, 0x71, 0x1a, 0x1f, 0x7d, 0x12, 0x4e, 0x1a, 0x85, 0x52, 0x2d, 0xaf, 0xe5,
+	0xe0, 0x66, 0xb2, 0x21, 0x9c, 0x87, 0x84, 0xf3, 0xeb, 0xdb, 0x3f, 0x08, 0xc7, 0x93, 0xdf, 0x25,
+	0xa4, 0x35, 0xf7, 0xf9, 0x75, 0x85, 0x83, 0x7d, 0x9d, 0xfd, 0x12, 0x4c, 0xd1, 0x67, 0xbc, 0x62,
+	0x49, 0xd9, 0xfc, 0x75, 0x0f, 0xa7, 0xf5, 0xdb, 0x43, 0xec, 0x1a, 0x4c, 0x64, 0xa0, 0x43, 0x9f,
+	0x86, 0xf1, 0x90, 0xb0, 0x18, 0x72, 0x52, 0x4a, 0xd8, 0xc1, 0x2f, 0xbe, 0xba, 0xa4, 0x63, 0xf2,
+	0x97, 0x90, 0x59, 0x86, 0x13, 0xd4, 0x50, 0x13, 0xc6, 0xef, 0xb8, 0x5e, 0xdd, 0xbf, 0x13, 0x4a,
+	0xfa, 0x43, 0xf9, 0x2a, 0x87, 0x5b, 0x1c, 0x33, 0xd1, 0x47, 0xa3, 0xb9, 0x5b, 0x06, 0x31, 0x9c,
+	0x20, 0x4e, 0x8f, 0x9a, 0xa0, 0xed, 0xcd, 0x85, 0x37, 0x42, 0x12, 0x88, 0x08, 0x77, 0xec, 0xa8,
+	0xc1, 0xb2, 0x10, 0xc7, 0x70, 0x7a, 0xd4, 0xb0, 0x3f, 0xcc, 0xb1, 0x9e, 0x9d, 0x65, 0xe2, 0xa8,
+	0xc1, 0xaa, 0x14, 0x6b, 0x18, 0xf4, 0x28, 0x66, 0xff, 0x56, 0x7d, 0x0f, 0xfb, 0x7e, 0x24, 0x0f,
+	0x6f, 0x96, 0xae, 0x53, 0x2b, 0xc7, 0x06, 0x56, 0x4e, 0x3c, 0xbd, 0xbe, 0x83, 0xc6, 0xd3, 0x43,
+	0x51, 0x87, 0x58, 0x02, 0x3c, 0x22, 0xf4, 0xa5, 0x4e, 0xb1, 0x04, 0xf6, 0xef, 0x2b, 0xce, 0x00,
+	0xe5, 0x05, 0xd6, 0xc5, 0x00, 0xf5, 0xf3, 0x80, 0x81, 0x4c, 0x29, 0x5a, 0xe5, 0xa3, 0x23, 0x61,
+	0x68, 0x09, 0x06, 0xc3, 0x9d, 0xb0, 0x16, 0x35, 0xc2, 0x4e, 0x29, 0x59, 0xab, 0x0c, 0x45, 0xcb,
+	0x08, 0xce, 0xab, 0x60, 0x59, 0x17, 0xd5, 0xe0, 0x88, 0xa0, 0xb8, 0xb0, 0xe9, 0x78, 0x2a, 0x51,
+	0x24, 0xb7, 0x7e, 0xbc, 0xb8, 0xb7, 0x5b, 0x3a, 0x22, 0x5a, 0xd6, 0xc1, 0xfb, 0xbb, 0x25, 0xba,
+	0x25, 0x33, 0x20, 0x38, 0x8b, 0x1a, 0x5f, 0xf2, 0xb5, 0x9a, 0xdf, 0x6c, 0x55, 0x02, 0x7f, 0xdd,
+	0x6d, 0x90, 0x4e, 0x8a, 0xe5, 0xaa, 0x81, 0x29, 0x96, 0xbc, 0x51, 0x86, 0x13, 0xd4, 0xd0, 0x6d,
+	0x98, 0x70, 0x5a, 0xad, 0xb9, 0xa0, 0xe9, 0x07, 0xb2, 0x81, 0x91, 0x7c, 0x0d, 0xc5, 0x9c, 0x89,
+	0xca, 0xf3, 0x44, 0x26, 0x0a, 0x71, 0x92, 0x20, 0x1d, 0x28, 0xb1, 0xd1, 0x8c, 0x81, 0x1a, 0x8b,
+	0x07, 0x4a, 0xec, 0xcb, 0x8c, 0x81, 0xca, 0x80, 0xe0, 0x2c, 0x6a, 0xf6, 0x0f, 0x30, 0xc6, 0x9f,
+	0xc5, 0x9b, 0x66, 0x6e, 0x46, 0x4d, 0x18, 0x6b, 0xb1, 0x63, 0x5f, 0xe4, 0x70, 0x13, 0x47, 0xc5,
+	0x8b, 0x3d, 0x0a, 0x42, 0xef, 0xb0, 0x2c, 0xb4, 0x86, 0x41, 0x6c, 0x45, 0x27, 0x87, 0x4d, 0xea,
+	0xf6, 0x2f, 0xcd, 0x30, 0xd6, 0xb1, 0xca, 0xa5, 0x9b, 0x83, 0xc2, 0xe9, 0x52, 0xc8, 0x33, 0x66,
+	0xf2, 0xf5, 0x08, 0xf1, 0xfa, 0x12, 0x8e, 0x9b, 0x58, 0xd6, 0x45, 0x9f, 0x82, 0x71, 0xd7, 0x73,
+	0xe3, 0xec, 0xcd, 0xe1, 0xf4, 0xd1, 0xfc, 0x68, 0x5e, 0x0a, 0x4b, 0xcf, 0xef, 0xa8, 0x57, 0xc6,
+	0x09, 0x62, 0xe8, 0x2d, 0x66, 0x23, 0x2a, 0x49, 0x17, 0x7a, 0x21, 0xad, 0x9b, 0x83, 0x4a, 0xb2,
+	0x1a, 0x11, 0xd4, 0x86, 0x23, 0xe9, 0x2c, 0xd6, 0xe1, 0xb4, 0x9d, 0xff, 0x36, 0x4a, 0x27, 0xa2,
+	0x8e, 0x13, 0xf1, 0xa5, 0x61, 0x21, 0xce, 0xa2, 0x8f, 0xae, 0x25, 0x73, 0x0c, 0x17, 0x0d, 0x0d,
+	0x44, 0x2a, 0xcf, 0xf0, 0x58, 0xc7, 0xf4, 0xc2, 0x1b, 0x70, 0x5a, 0x4b, 0xd3, 0x7a, 0x39, 0x70,
+	0x98, 0x8d, 0x92, 0xcb, 0x6e, 0x23, 0x8d, 0xa9, 0x7d, 0x74, 0x6f, 0xb7, 0x74, 0x7a, 0xad, 0x13,
+	0x22, 0xee, 0x4c, 0x07, 0x5d, 0x87, 0x63, 0x3c, 0x16, 0xcd, 0x22, 0x71, 0xea, 0x0d, 0xd7, 0x53,
+	0x5c, 0x33, 0x3f, 0xbb, 0x4e, 0xee, 0xed, 0x96, 0x8e, 0xcd, 0x65, 0x21, 0xe0, 0xec, 0x7a, 0xe8,
+	0x35, 0x18, 0xae, 0x7b, 0xf2, 0x94, 0x1d, 0x30, 0x32, 0xe1, 0x0e, 0x2f, 0xae, 0x56, 0xd5, 0xf7,
+	0xc7, 0x7f, 0x70, 0x5c, 0x01, 0x6d, 0x70, 0x15, 0x98, 0x92, 0x5b, 0x0e, 0xa6, 0x42, 0x94, 0x26,
+	0x45, 0xfb, 0x46, 0x70, 0x07, 0xae, 0xfb, 0x55, 0x0e, 0x80, 0x46, 0xdc, 0x07, 0x83, 0x30, 0x7a,
+	0x13, 0x90, 0xc8, 0xb8, 0x34, 0x57, 0x63, 0x09, 0x02, 0x35, 0xbb, 0x54, 0x25, 0x42, 0xa8, 0xa6,
+	0x30, 0x70, 0x46, 0x2d, 0x74, 0x85, 0x1e, 0x8f, 0x7a, 0xa9, 0x38, 0x7e, 0x55, 0xbe, 0xf5, 0x45,
+	0xd2, 0x0a, 0x08, 0x33, 0xa5, 0x34, 0x29, 0xe2, 0x44, 0x3d, 0x54, 0x87, 0x53, 0x4e, 0x3b, 0xf2,
+	0x99, 0x76, 0xd1, 0x44, 0x5d, 0xf3, 0xb7, 0x88, 0xc7, 0x14, 0xfb, 0x43, 0x2c, 0xf4, 0xe9, 0xa9,
+	0xb9, 0x0e, 0x78, 0xb8, 0x23, 0x15, 0xfa, 0x9c, 0xa2, 0x63, 0xa1, 0x29, 0xfe, 0x0c, 0x3f, 0x75,
+	0xae, 0x0d, 0x97, 0x18, 0xe8, 0x25, 0x18, 0xd9, 0xf4, 0xc3, 0x68, 0x95, 0x44, 0x77, 0xfc, 0x60,
+	0x4b, 0xa4, 0x78, 0x88, 0xd3, 0xea, 0xc4, 0x20, 0xac, 0xe3, 0xa1, 0xa7, 0x60, 0x90, 0x99, 0x9d,
+	0x95, 0x17, 0xd9, 0x5d, 0x3b, 0x14, 0x9f, 0x31, 0x57, 0x78, 0x31, 0x96, 0x70, 0x89, 0x5a, 0xae,
+	0x2c, 0xb0, 0xe3, 0x38, 0x81, 0x5a, 0xae, 0x2c, 0x60, 0x09, 0xa7, 0xcb, 0x35, 0xdc, 0x74, 0x02,
+	0x52, 0x09, 0xfc, 0x1a, 0x09, 0xb5, 0x64, 0x4e, 0x8f, 0xf0, 0x04, 0x16, 0x74, 0xb9, 0x56, 0xb3,
+	0x10, 0x70, 0x76, 0x3d, 0x44, 0xd2, 0x29, 0x8a, 0xc7, 0xf3, 0xd5, 0xae, 0x69, 0x76, 0xb0, 0xc7,
+	0x2c, 0xc5, 0x1e, 0x4c, 0xaa, 0xe4, 0xc8, 0x3c, 0x65, 0x45, 0x38, 0x3d, 0xc1, 0xd6, 0x76, 0xef,
+	0xf9, 0x2e, 0x94, 0x22, 0xbb, 0x9c, 0xa0, 0x84, 0x53, 0xb4, 0x8d, 0xd8, 0xba, 0x93, 0x5d, 0x63,
+	0xeb, 0x5e, 0x80, 0xe1, 0xb0, 0x7d, 0xbb, 0xee, 0x37, 0x1d, 0xd7, 0x63, 0xd6, 0x3b, 0xda, 0xc3,
+	0xbd, 0x2a, 0x01, 0x38, 0xc6, 0x41, 0xcb, 0x30, 0xe4, 0x48, 0x2d, 0x35, 0xca, 0x0f, 0x1b, 0xa8,
+	0x74, 0xd3, 0x3c, 0x92, 0x96, 0xd4, 0x4b, 0xab, 0xba, 0xe8, 0x55, 0x18, 0x13, 0xa1, 0x49, 0x78,
+	0x14, 0x1e, 0x66, 0x5d, 0xa3, 0x39, 0x53, 0x57, 0x75, 0x20, 0x36, 0x71, 0xd1, 0x0d, 0x18, 0x89,
+	0xfc, 0x86, 0x90, 0x71, 0x86, 0xd3, 0xc7, 0xf3, 0xa3, 0xfb, 0xae, 0x29, 0x34, 0x5d, 0x7f, 0xa2,
+	0xaa, 0x62, 0x9d, 0x0e, 0x5a, 0xe3, 0xeb, 0x9d, 0xa5, 0x6e, 0x22, 0xa1, 0x48, 0x48, 0x7f, 0x3a,
+	0xcf, 0xf4, 0x92, 0xa1, 0x99, 0xdb, 0x41, 0xd4, 0xc4, 0x3a, 0x19, 0x74, 0x19, 0xa6, 0x5a, 0x81,
+	0xeb, 0xb3, 0x35, 0xa1, 0xb4, 0xee, 0xd3, 0x66, 0xa2, 0xd6, 0x4a, 0x12, 0x01, 0xa7, 0xeb, 0xb0,
+	0xc8, 0x32, 0xa2, 0x70, 0xfa, 0x24, 0x4f, 0x36, 0xc7, 0xe5, 0x20, 0xbc, 0x0c, 0x2b, 0x28, 0x5a,
+	0x61, 0x27, 0x31, 0x17, 0xe1, 0x4d, 0xcf, 0xe4, 0xc7, 0x2b, 0xd0, 0x45, 0x7d, 0x9c, 0xf7, 0x57,
+	0x7f, 0x71, 0x4c, 0x01, 0xd5, 0xb5, 0x1c, 0xef, 0xf4, 0x05, 0x15, 0x4e, 0x9f, 0xea, 0x60, 0xfb,
+	0x9b, 0x78, 0x2e, 0xc7, 0x0c, 0x81, 0x51, 0x1c, 0xe2, 0x04, 0x4d, 0xf4, 0x06, 0x4c, 0x8a, 0xb0,
+	0x0b, 0xf1, 0x30, 0x9d, 0x8e, 0xfd, 0xa3, 0x70, 0x02, 0x86, 0x53, 0xd8, 0x3c, 0xd9, 0x9b, 0x73,
+	0xbb, 0x41, 0xc4, 0xd1, 0x77, 0xcd, 0xf5, 0xb6, 0xc2, 0xe9, 0x33, 0xec, 0x7c, 0x10, 0xc9, 0xde,
+	0x92, 0x50, 0x9c, 0x51, 0x03, 0xad, 0xc1, 0x64, 0x2b, 0x20, 0xa4, 0xc9, 0xde, 0x49, 0xe2, 0x3e,
+	0x2b, 0xf1, 0xc0, 0x4a, 0xb4, 0x27, 0x95, 0x04, 0x6c, 0x3f, 0xa3, 0x0c, 0xa7, 0x28, 0xa0, 0x3b,
+	0x30, 0xe4, 0x6f, 0x93, 0x60, 0x93, 0x38, 0xf5, 0xe9, 0xb3, 0x1d, 0xbc, 0xf6, 0xc4, 0xe5, 0x76,
+	0x5d, 0xe0, 0x26, 0x8c, 0x9a, 0x64, 0x71, 0x77, 0xa3, 0x26, 0xd9, 0x18, 0xfa, 0x4f, 0x2c, 0x38,
+	0x29, 0xd5, 0x84, 0xd5, 0x16, 0x1d, 0xf5, 0x05, 0xdf, 0x0b, 0xa3, 0x80, 0x87, 0x02, 0x7a, 0x34,
+	0x3f, 0x3c, 0xce, 0x5a, 0x4e, 0x25, 0xa5, 0x45, 0x38, 0x99, 0x87, 0x11, 0xe2, 0xfc, 0x16, 0xe9,
+	0xcb, 0x3e, 0x24, 0x91, 0x3c, 0x8c, 0xe6, 0xc2, 0xe5, 0xb7, 0x16, 0x57, 0xa7, 0x1f, 0xe3, 0x71,
+	0x8c, 0xe8, 0x66, 0xa8, 0x26, 0x81, 0x38, 0x8d, 0x8f, 0x2e, 0x42, 0xc1, 0x0f, 0xa7, 0x1f, 0x67,
+	0x6b, 0xfb, 0x64, 0xce, 0x38, 0x5e, 0xaf, 0x72, 0xe3, 0xd6, 0xeb, 0x55, 0x5c, 0xf0, 0x43, 0x99,
+	0x70, 0x8d, 0x3e, 0x67, 0xc3, 0xe9, 0x27, 0xb8, 0xcc, 0x59, 0x26, 0x5c, 0x63, 0x85, 0x38, 0x86,
+	0xa3, 0x4d, 0x98, 0x08, 0x0d, 0xb1, 0x41, 0x38, 0x7d, 0x8e, 0x8d, 0xd4, 0x13, 0x79, 0x93, 0x66,
+	0x60, 0x6b, 0x99, 0x90, 0x4c, 0x2a, 0x38, 0x49, 0x96, 0xef, 0x2e, 0x4d, 0x70, 0x11, 0x4e, 0x3f,
+	0xd9, 0x65, 0x77, 0x69, 0xc8, 0xfa, 0xee, 0xd2, 0x69, 0xe0, 0x04, 0x4d, 0x74, 0x43, 0x77, 0x89,
+	0x3c, 0x9f, 0x6f, 0x28, 0x99, 0xe9, 0x0c, 0x39, 0x96, 0xe7, 0x08, 0x39, 0xf3, 0x7d, 0x30, 0x95,
+	0xe2, 0xc2, 0x0e, 0xe2, 0x1f, 0x32, 0xb3, 0x05, 0x63, 0xc6, 0x4a, 0x7f, 0xa8, 0xe6, 0x43, 0x3f,
+	0x03, 0x30, 0xac, 0xcc, 0x3a, 0x72, 0xf4, 0x6c, 0x53, 0xf7, 0xa5, 0x67, 0xbb, 0x60, 0x5a, 0x1f,
+	0x9d, 0x4c, 0x5a, 0x1f, 0x0d, 0x55, 0xfc, 0xba, 0x61, 0x70, 0xb4, 0x96, 0x11, 0x41, 0x38, 0xef,
+	0x8c, 0xee, 0xdd, 0x21, 0x4e, 0x53, 0x55, 0x15, 0x7b, 0x36, 0x63, 0xea, 0xeb, 0xa8, 0xfd, 0xba,
+	0x0c, 0x53, 0x9e, 0xcf, 0x9e, 0x11, 0xa4, 0x2e, 0x79, 0x44, 0xc6, 0x0a, 0x0e, 0xeb, 0x11, 0xee,
+	0x12, 0x08, 0x38, 0x5d, 0x87, 0x36, 0xc8, 0x79, 0xb9, 0xa4, 0xba, 0x8d, 0xb3, 0x7a, 0x58, 0x40,
+	0xe9, 0xf3, 0x95, 0xff, 0x0a, 0xa7, 0x27, 0xf3, 0x9f, 0xaf, 0xbc, 0x52, 0x92, 0x5f, 0x0c, 0x25,
+	0xbf, 0xc8, 0xb4, 0x4b, 0x2d, 0xbf, 0x5e, 0xae, 0x88, 0x97, 0x88, 0x16, 0xdb, 0xbf, 0x5e, 0xae,
+	0x60, 0x0e, 0x43, 0x73, 0x30, 0xc0, 0x7e, 0xc8, 0xc8, 0x41, 0x79, 0x27, 0x49, 0xb9, 0xa2, 0xe5,
+	0xa4, 0x65, 0x15, 0xb0, 0xa8, 0xc8, 0xb4, 0x07, 0xf4, 0xf9, 0xc6, 0xb4, 0x07, 0x83, 0xf7, 0xa9,
+	0x3d, 0x90, 0x04, 0x70, 0x4c, 0x0b, 0xdd, 0x85, 0x63, 0xc6, 0x93, 0x59, 0x79, 0x08, 0x42, 0xbe,
+	0x91, 0x42, 0x02, 0x79, 0xfe, 0xb4, 0xe8, 0xf4, 0xb1, 0x72, 0x16, 0x25, 0x9c, 0xdd, 0x00, 0x6a,
+	0xc0, 0x54, 0x2d, 0xd5, 0xea, 0x50, 0xef, 0xad, 0xaa, 0x75, 0x91, 0x6e, 0x31, 0x4d, 0x18, 0xbd,
+	0x0a, 0x43, 0xef, 0xfa, 0xdc, 0xa0, 0x50, 0xbc, 0x9e, 0x64, 0x7c, 0x9b, 0xa1, 0xb7, 0xae, 0x57,
+	0x59, 0xf9, 0xfe, 0x6e, 0x69, 0xa4, 0xe2, 0xd7, 0xe5, 0x5f, 0xac, 0x2a, 0xa0, 0x1f, 0xb3, 0x60,
+	0x26, 0xfd, 0x26, 0x57, 0x9d, 0x1e, 0xeb, 0xbd, 0xd3, 0xb6, 0x68, 0x74, 0x66, 0x29, 0x97, 0x1c,
+	0xee, 0xd0, 0x14, 0xfa, 0x28, 0xdd, 0x4f, 0xa1, 0x7b, 0x8f, 0x88, 0x84, 0xfe, 0x8f, 0xc6, 0xfb,
+	0x89, 0x96, 0xee, 0xef, 0x96, 0x26, 0xf8, 0xe1, 0xed, 0xde, 0x53, 0x59, 0x08, 0x78, 0x05, 0xf4,
+	0x83, 0x70, 0x2c, 0x48, 0xcb, 0xc8, 0x89, 0x7c, 0x27, 0x3c, 0xdd, 0xcb, 0x45, 0x90, 0x9c, 0x70,
+	0x9c, 0x45, 0x10, 0x67, 0xb7, 0x63, 0xff, 0xa1, 0xc5, 0x74, 0x23, 0xa2, 0x5b, 0x24, 0x6c, 0x37,
+	0xa2, 0x43, 0x30, 0xe2, 0x5b, 0x32, 0x6c, 0x13, 0xee, 0xdb, 0x0a, 0xef, 0xbf, 0xb3, 0x98, 0x15,
+	0xde, 0x21, 0xfa, 0x13, 0xbe, 0x05, 0x43, 0x91, 0x68, 0x4d, 0x74, 0x3d, 0xcf, 0x62, 0x48, 0x76,
+	0x8a, 0x59, 0x22, 0xaa, 0x77, 0x98, 0x2c, 0xc5, 0x8a, 0x8c, 0xfd, 0x5f, 0xf3, 0x19, 0x90, 0x90,
+	0x43, 0x50, 0x01, 0x2f, 0x9a, 0x2a, 0xe0, 0x52, 0x97, 0x2f, 0xc8, 0x51, 0x05, 0xff, 0x57, 0x66,
+	0xbf, 0x99, 0xfc, 0xf1, 0xfd, 0x6e, 0xfe, 0x69, 0x7f, 0xd1, 0x02, 0x88, 0xd3, 0xbe, 0xf4, 0x90,
+	0xc0, 0xfb, 0x12, 0x7d, 0x79, 0xf9, 0x91, 0x5f, 0xf3, 0x1b, 0x42, 0x05, 0x75, 0x2a, 0xd6, 0x42,
+	0xf3, 0xf2, 0x7d, 0xed, 0x37, 0x56, 0xd8, 0xa8, 0x24, 0xe3, 0x30, 0x17, 0x63, 0xbb, 0x08, 0x23,
+	0x06, 0xf3, 0x57, 0x2c, 0x38, 0x9a, 0xe5, 0x9c, 0x42, 0xdf, 0xf1, 0x5c, 0x12, 0xab, 0x4c, 0x73,
+	0xd5, 0x6c, 0xde, 0x14, 0xe5, 0x58, 0x61, 0xf4, 0x9c, 0x19, 0xfd, 0x60, 0x29, 0x49, 0xae, 0xc3,
+	0x58, 0x25, 0x20, 0x1a, 0x7f, 0xf1, 0x7a, 0x9c, 0x2d, 0x69, 0x78, 0xfe, 0xd9, 0x03, 0x47, 0x7c,
+	0xb2, 0xbf, 0x5a, 0x80, 0xa3, 0xdc, 0xc0, 0x6c, 0x6e, 0xdb, 0x77, 0xeb, 0x15, 0xbf, 0x2e, 0x5c,
+	0x8a, 0xdf, 0x86, 0xd1, 0x96, 0x26, 0x3e, 0xef, 0x14, 0x5e, 0x5f, 0x17, 0xb3, 0xc7, 0x02, 0x3f,
+	0xbd, 0x14, 0x1b, 0xb4, 0x50, 0x1d, 0x46, 0xc9, 0xb6, 0x5b, 0x53, 0x96, 0x45, 0x85, 0x03, 0x5f,
+	0xd2, 0xaa, 0x95, 0x25, 0x8d, 0x0e, 0x36, 0xa8, 0xf6, 0x6c, 0x16, 0xae, 0xb1, 0x68, 0x7d, 0x5d,
+	0xac, 0x89, 0x7e, 0xce, 0x82, 0x13, 0x39, 0xc1, 0xf8, 0x69, 0x73, 0x77, 0x98, 0x29, 0x9f, 0x58,
+	0xb6, 0xaa, 0x39, 0x6e, 0xe0, 0x87, 0x05, 0x14, 0x7d, 0x1c, 0xa0, 0x15, 0xa7, 0x30, 0xed, 0x12,
+	0xb5, 0xdc, 0x88, 0x5f, 0xac, 0x85, 0xa2, 0x55, 0x99, 0x4e, 0x35, 0x5a, 0xf6, 0x57, 0xfa, 0xa0,
+	0x9f, 0x19, 0x71, 0xa1, 0x0a, 0x0c, 0x6e, 0xf2, 0x48, 0x89, 0x1d, 0xe7, 0x8d, 0xe2, 0xca, 0xd0,
+	0x8b, 0xf1, 0xbc, 0x69, 0xa5, 0x58, 0x92, 0x41, 0x2b, 0x70, 0x84, 0xa7, 0x67, 0x6d, 0x2c, 0x92,
+	0x86, 0xb3, 0x23, 0x25, 0xd3, 0x05, 0xf6, 0xa9, 0x4a, 0x42, 0x5f, 0x4e, 0xa3, 0xe0, 0xac, 0x7a,
+	0xe8, 0x75, 0x18, 0x8f, 0xdc, 0x26, 0xf1, 0xdb, 0x91, 0xa4, 0xc4, 0xf3, 0xa1, 0xaa, 0xc7, 0xd3,
+	0x9a, 0x01, 0xc5, 0x09, 0x6c, 0xf4, 0x2a, 0x8c, 0xb5, 0x52, 0x32, 0xf8, 0xfe, 0x58, 0x58, 0x65,
+	0xca, 0xdd, 0x4d, 0x5c, 0xe6, 0x9f, 0xd2, 0x66, 0xde, 0x38, 0x6b, 0x9b, 0x01, 0x09, 0x37, 0xfd,
+	0x46, 0x9d, 0x71, 0xc0, 0xfd, 0x9a, 0x7f, 0x4a, 0x02, 0x8e, 0x53, 0x35, 0x28, 0x95, 0x75, 0xc7,
+	0x6d, 0xb4, 0x03, 0x12, 0x53, 0x19, 0x30, 0xa9, 0x2c, 0x27, 0xe0, 0x38, 0x55, 0xa3, 0xbb, 0x72,
+	0x61, 0xf0, 0xc1, 0x28, 0x17, 0xec, 0x5f, 0x2d, 0x80, 0x31, 0xb5, 0xdf, 0xc3, 0xd9, 0x56, 0x5f,
+	0x83, 0xbe, 0x8d, 0xa0, 0x55, 0x13, 0x06, 0x8b, 0x99, 0x5f, 0x76, 0x19, 0x57, 0x16, 0xf4, 0x2f,
+	0xa3, 0xff, 0x31, 0xab, 0x45, 0xf7, 0xf8, 0xb1, 0x4a, 0xe0, 0xd3, 0x4b, 0x4e, 0x06, 0x53, 0x55,
+	0x6e, 0x60, 0x83, 0xf2, 0xbd, 0xde, 0x21, 0xec, 0xb8, 0xf0, 0x65, 0xe1, 0x14, 0x0c, 0xdb, 0xbe,
+	0xaa, 0x78, 0xad, 0x4b, 0x2a, 0xe8, 0x22, 0x8c, 0x88, 0x04, 0x98, 0xcc, 0x5b, 0x89, 0x6f, 0x26,
+	0x66, 0x8b, 0xb8, 0x18, 0x17, 0x63, 0x1d, 0xc7, 0xfe, 0xf1, 0x02, 0x1c, 0xc9, 0x70, 0x37, 0xe5,
+	0xd7, 0xc8, 0x86, 0x1b, 0x46, 0xc1, 0x4e, 0xf2, 0x72, 0xc2, 0xa2, 0x1c, 0x2b, 0x0c, 0x7a, 0x56,
+	0xf1, 0x8b, 0x2a, 0x79, 0x39, 0x09, 0x77, 0x2e, 0x01, 0x3d, 0xd8, 0xe5, 0x44, 0xaf, 0xed, 0x76,
+	0x48, 0x64, 0x86, 0x03, 0x75, 0x6d, 0x33, 0xc3, 0x05, 0x06, 0xa1, 0x4f, 0xc0, 0x0d, 0xa5, 0x8d,
+	0xd7, 0x9e, 0x80, 0x5c, 0x1f, 0xcf, 0x61, 0xb4, 0x73, 0x11, 0xf1, 0x1c, 0x2f, 0x12, 0x0f, 0xc5,
+	0x38, 0xf2, 0x35, 0x2b, 0xc5, 0x02, 0x6a, 0x7f, 0xb9, 0x08, 0x27, 0x73, 0x1d, 0xd0, 0x69, 0xd7,
+	0x9b, 0xbe, 0xe7, 0x46, 0xbe, 0x32, 0xf2, 0xe4, 0xd1, 0xae, 0x49, 0x6b, 0x73, 0x45, 0x94, 0x63,
+	0x85, 0x81, 0xce, 0x41, 0x3f, 0x93, 0xdb, 0x27, 0x93, 0xdf, 0xe1, 0xf9, 0x45, 0x1e, 0x0b, 0x94,
+	0x83, 0xb5, 0x5b, 0xbd, 0xd8, 0xf1, 0x56, 0x7f, 0x8c, 0x72, 0x30, 0x7e, 0x23, 0x79, 0xa1, 0xd0,
+	0xee, 0xfa, 0x7e, 0x03, 0x33, 0x20, 0x7a, 0x42, 0x8c, 0x57, 0xc2, 0xaa, 0x11, 0x3b, 0x75, 0x3f,
+	0xd4, 0x06, 0xed, 0x29, 0x18, 0xdc, 0x22, 0x3b, 0x81, 0xeb, 0x6d, 0x24, 0xad, 0x5d, 0xaf, 0xf2,
+	0x62, 0x2c, 0xe1, 0x66, 0x96, 0xf8, 0xc1, 0x07, 0x91, 0x25, 0x5e, 0x5f, 0x01, 0x43, 0x5d, 0xd9,
+	0x93, 0x9f, 0x28, 0xc2, 0x04, 0x9e, 0x5f, 0xfc, 0x60, 0x22, 0x6e, 0xa4, 0x27, 0xe2, 0x41, 0x24,
+	0x53, 0x3f, 0xd8, 0x6c, 0xfc, 0x9e, 0x05, 0x13, 0x2c, 0x0d, 0xa7, 0x88, 0x1e, 0xe3, 0xfa, 0xde,
+	0x21, 0x3c, 0x05, 0x1e, 0x83, 0xfe, 0x80, 0x36, 0x2a, 0x66, 0x50, 0xed, 0x71, 0xd6, 0x13, 0xcc,
+	0x61, 0xe8, 0x14, 0xf4, 0xb1, 0x2e, 0xd0, 0xc9, 0x1b, 0xe5, 0x47, 0xf0, 0xa2, 0x13, 0x39, 0x98,
+	0x95, 0xb2, 0x38, 0x96, 0x98, 0xb4, 0x1a, 0x2e, 0xef, 0x74, 0x6c, 0x55, 0xf1, 0xfe, 0x08, 0x4d,
+	0x93, 0xd9, 0xb5, 0xf7, 0x16, 0xc7, 0x32, 0x9b, 0x64, 0xe7, 0x67, 0xf6, 0x3f, 0x15, 0xe0, 0x4c,
+	0x66, 0xbd, 0x9e, 0xe3, 0x58, 0x76, 0xae, 0xfd, 0x30, 0x93, 0xf6, 0x15, 0x0f, 0xd1, 0x97, 0xa0,
+	0xaf, 0x57, 0xee, 0xbf, 0xbf, 0x87, 0xf0, 0x92, 0x99, 0x43, 0xf6, 0x3e, 0x09, 0x2f, 0x99, 0xd9,
+	0xb7, 0x1c, 0x31, 0xc1, 0xb7, 0x0b, 0x39, 0xdf, 0xc2, 0x04, 0x06, 0xe7, 0xe9, 0x39, 0xc3, 0x80,
+	0xa1, 0x7c, 0x84, 0xf3, 0x33, 0x86, 0x97, 0x61, 0x05, 0x45, 0x73, 0x30, 0xd1, 0x74, 0x3d, 0x7a,
+	0xf8, 0xec, 0x98, 0xac, 0xb8, 0x52, 0xb7, 0xac, 0x98, 0x60, 0x9c, 0xc4, 0x47, 0xae, 0x16, 0x7a,
+	0x92, 0x7f, 0xdd, 0xab, 0x07, 0xda, 0x75, 0xb3, 0xa6, 0xc5, 0x89, 0x1a, 0xc5, 0x8c, 0x30, 0x94,
+	0x2b, 0x9a, 0x9c, 0xa8, 0xd8, 0xbb, 0x9c, 0x68, 0x34, 0x5b, 0x46, 0x34, 0xf3, 0x2a, 0x8c, 0xdd,
+	0xb7, 0x9e, 0xc5, 0xfe, 0x66, 0x11, 0x1e, 0xe9, 0xb0, 0xed, 0xf9, 0x59, 0x6f, 0xcc, 0x81, 0x76,
+	0xd6, 0xa7, 0xe6, 0xa1, 0x02, 0x47, 0xd7, 0xdb, 0x8d, 0xc6, 0x0e, 0x73, 0xc0, 0x23, 0x75, 0x89,
+	0x21, 0x78, 0x4a, 0x29, 0x1c, 0x39, 0xba, 0x9c, 0x81, 0x83, 0x33, 0x6b, 0xd2, 0x27, 0x16, 0xbd,
+	0x49, 0x76, 0x14, 0xa9, 0xc4, 0x13, 0x0b, 0xeb, 0x40, 0x6c, 0xe2, 0xa2, 0xcb, 0x30, 0xe5, 0x6c,
+	0x3b, 0x2e, 0x4f, 0x7a, 0x22, 0x09, 0xf0, 0x37, 0x96, 0x92, 0x45, 0xcf, 0x25, 0x11, 0x70, 0xba,
+	0x4e, 0x8e, 0x4a, 0xa8, 0x78, 0x5f, 0x2a, 0x21, 0x33, 0x08, 0xe2, 0x40, 0x7e, 0x10, 0xc4, 0xce,
+	0xe7, 0x62, 0xd7, 0x7c, 0x91, 0xef, 0xc0, 0xd8, 0x41, 0x2d, 0xc7, 0x9f, 0x82, 0xc1, 0x40, 0x64,
+	0xe2, 0x4f, 0x78, 0xbb, 0xcb, 0x3c, 0xe5, 0x12, 0x6e, 0xff, 0x6f, 0x16, 0x28, 0x59, 0xb2, 0x19,
+	0xef, 0xfc, 0x55, 0x66, 0x06, 0xcf, 0xa5, 0xe0, 0x5a, 0x88, 0xb3, 0x63, 0x9a, 0x19, 0x7c, 0x0c,
+	0xc4, 0x26, 0x2e, 0x5f, 0x6e, 0x61, 0x1c, 0x59, 0xc3, 0x78, 0x40, 0x08, 0x0d, 0xa4, 0xc2, 0x40,
+	0x9f, 0x80, 0xc1, 0xba, 0xbb, 0xed, 0x86, 0x42, 0x8e, 0x76, 0x60, 0x1d, 0x60, 0xfc, 0x7d, 0x8b,
+	0x9c, 0x0c, 0x96, 0xf4, 0xec, 0x9f, 0xb2, 0x40, 0xa9, 0x4e, 0xaf, 0x10, 0xa7, 0x11, 0x6d, 0xa2,
+	0x37, 0x00, 0x24, 0x05, 0x25, 0x7b, 0x93, 0x06, 0x5d, 0x80, 0x15, 0x64, 0xdf, 0xf8, 0x87, 0xb5,
+	0x3a, 0xe8, 0x75, 0x18, 0xd8, 0x64, 0xb4, 0xc4, 0xb7, 0x9d, 0x53, 0xaa, 0x2e, 0x56, 0xba, 0xbf,
+	0x5b, 0x3a, 0x6a, 0xb6, 0x29, 0x6f, 0x31, 0x5e, 0xcb, 0xfe, 0x89, 0x42, 0x3c, 0xa7, 0x6f, 0xb5,
+	0xfd, 0xc8, 0x39, 0x04, 0x4e, 0xe4, 0xb2, 0xc1, 0x89, 0x3c, 0xd1, 0x49, 0x37, 0xcc, 0xba, 0x94,
+	0xcb, 0x81, 0x5c, 0x4f, 0x70, 0x20, 0x4f, 0x76, 0x27, 0xd5, 0x99, 0xf3, 0xf8, 0x6f, 0x2c, 0x98,
+	0x32, 0xf0, 0x0f, 0xe1, 0x02, 0x5c, 0x36, 0x2f, 0xc0, 0x47, 0xbb, 0x7e, 0x43, 0xce, 0xc5, 0xf7,
+	0xa3, 0xc5, 0x44, 0xdf, 0xd9, 0x85, 0xf7, 0x2e, 0xf4, 0x6d, 0x3a, 0x41, 0x5d, 0xbc, 0xeb, 0x2f,
+	0xf4, 0x34, 0xd6, 0xb3, 0x57, 0x9c, 0x40, 0x18, 0x83, 0x3c, 0x2b, 0x47, 0x9d, 0x16, 0x75, 0x35,
+	0x04, 0x61, 0x4d, 0xa1, 0x4b, 0x30, 0x10, 0xd6, 0xfc, 0x96, 0xf2, 0x29, 0x64, 0x49, 0xd4, 0xab,
+	0xac, 0x64, 0x7f, 0xb7, 0x84, 0xcc, 0xe6, 0x68, 0x31, 0x16, 0xf8, 0xe8, 0x6d, 0x18, 0x63, 0xbf,
+	0x94, 0x65, 0x66, 0x31, 0x5f, 0x02, 0x53, 0xd5, 0x11, 0xb9, 0xd9, 0xb2, 0x51, 0x84, 0x4d, 0x52,
+	0x33, 0x1b, 0x30, 0xac, 0x3e, 0xeb, 0xa1, 0x6a, 0xfe, 0xff, 0xba, 0x08, 0x47, 0x32, 0xd6, 0x1c,
+	0x0a, 0x8d, 0x99, 0xb8, 0xd8, 0xe3, 0x52, 0x7d, 0x8f, 0x73, 0x11, 0xb2, 0x07, 0x60, 0x5d, 0xac,
+	0xad, 0x9e, 0x1b, 0xbd, 0x11, 0x92, 0x64, 0xa3, 0xb4, 0xa8, 0x7b, 0xa3, 0xb4, 0xb1, 0x43, 0x1b,
+	0x6a, 0xda, 0x90, 0xea, 0xe9, 0x43, 0x9d, 0xd3, 0x3f, 0xe9, 0x83, 0xa3, 0x59, 0xe6, 0x2a, 0xe8,
+	0x73, 0x30, 0xc0, 0x9c, 0xde, 0xa4, 0xe0, 0xec, 0xc5, 0x5e, 0x0d, 0x5d, 0x66, 0x99, 0xdf, 0x9c,
+	0x08, 0x99, 0x3b, 0x2b, 0x8f, 0x23, 0x5e, 0xd8, 0x75, 0x98, 0x45, 0x9b, 0x2c, 0x94, 0x95, 0xb8,
+	0x3d, 0xe5, 0xf1, 0xf1, 0x91, 0x9e, 0x3b, 0x20, 0xee, 0xdf, 0x30, 0x61, 0xf5, 0x25, 0x8b, 0xbb,
+	0x5b, 0x7d, 0xc9, 0x96, 0x51, 0x19, 0x06, 0x6a, 0xdc, 0x9c, 0xa8, 0xd8, 0xfd, 0x08, 0xe3, 0xb6,
+	0x44, 0xea, 0x00, 0x16, 0x36, 0x44, 0x82, 0xc0, 0x8c, 0x0b, 0x23, 0xda, 0xc0, 0x3c, 0xd4, 0xc5,
+	0xb3, 0x45, 0x2f, 0x3e, 0x6d, 0x08, 0x1e, 0xea, 0x02, 0xfa, 0x59, 0xed, 0xee, 0x17, 0xe7, 0xc1,
+	0x87, 0x0d, 0xde, 0xe9, 0x54, 0xc2, 0x15, 0x31, 0xb1, 0xaf, 0x18, 0x2f, 0x55, 0x35, 0x63, 0xcd,
+	0xe7, 0x26, 0xcc, 0x32, 0x2f, 0xfc, 0xce, 0xf1, 0xe5, 0xed, 0x9f, 0xb3, 0x20, 0xe1, 0x2c, 0xa6,
+	0xc4, 0x9d, 0x56, 0xae, 0xb8, 0xf3, 0x2c, 0xf4, 0x05, 0x7e, 0x43, 0xf2, 0x53, 0x0a, 0x03, 0xfb,
+	0x0d, 0x82, 0x19, 0x84, 0x62, 0x44, 0xb1, 0x10, 0x6b, 0x54, 0x7f, 0xa0, 0x8b, 0xa7, 0xf7, 0x63,
+	0xd0, 0xdf, 0x20, 0xdb, 0xa4, 0x91, 0xcc, 0x1b, 0x7b, 0x8d, 0x16, 0x62, 0x0e, 0xb3, 0x7f, 0xaf,
+	0x0f, 0x4e, 0x77, 0x8c, 0x78, 0x47, 0x19, 0xcc, 0x0d, 0x27, 0x22, 0x77, 0x9c, 0x9d, 0x64, 0xbe,
+	0xc4, 0xcb, 0xbc, 0x18, 0x4b, 0x38, 0x73, 0xdc, 0xe6, 0x39, 0x80, 0x12, 0xc2, 0x61, 0x91, 0xfa,
+	0x47, 0x40, 0x4d, 0x61, 0x63, 0xf1, 0x41, 0x08, 0x1b, 0x9f, 0x07, 0x08, 0xc3, 0x06, 0xb7, 0x09,
+	0xad, 0x0b, 0x8f, 0xf0, 0x38, 0x57, 0x54, 0xf5, 0x9a, 0x80, 0x60, 0x0d, 0x0b, 0x2d, 0xc2, 0x64,
+	0x2b, 0xf0, 0x23, 0x2e, 0x6b, 0x5f, 0xe4, 0x66, 0xd3, 0xfd, 0x66, 0xb0, 0xb1, 0x4a, 0x02, 0x8e,
+	0x53, 0x35, 0xd0, 0x4b, 0x30, 0x22, 0x02, 0x90, 0x55, 0x7c, 0xbf, 0x21, 0xc4, 0x7b, 0xca, 0x92,
+	0xb8, 0x1a, 0x83, 0xb0, 0x8e, 0xa7, 0x55, 0x63, 0x02, 0xfc, 0xc1, 0xcc, 0x6a, 0x5c, 0x88, 0xaf,
+	0xe1, 0x25, 0x92, 0x15, 0x0c, 0xf5, 0x94, 0xac, 0x20, 0x16, 0x78, 0x0e, 0xf7, 0xac, 0x4f, 0x86,
+	0xae, 0x22, 0xc2, 0xaf, 0xf5, 0xc1, 0x11, 0xb1, 0x70, 0x1e, 0xf6, 0x72, 0xb9, 0x91, 0x5e, 0x2e,
+	0x0f, 0x42, 0x24, 0xfa, 0xc1, 0x9a, 0x39, 0xec, 0x35, 0xf3, 0x93, 0x16, 0x98, 0x3c, 0x24, 0xfa,
+	0x8f, 0x72, 0x13, 0xce, 0xbe, 0x94, 0xcb, 0x93, 0xc6, 0x91, 0xcc, 0xdf, 0x5b, 0xea, 0x59, 0xfb,
+	0x7f, 0xb1, 0xe0, 0xd1, 0xae, 0x14, 0xd1, 0x12, 0x0c, 0x33, 0x46, 0x57, 0x7b, 0x17, 0x3f, 0xa9,
+	0xdc, 0x2a, 0x24, 0x20, 0x87, 0xef, 0x8e, 0x6b, 0xa2, 0xa5, 0x54, 0x66, 0xdf, 0xa7, 0x32, 0x32,
+	0xfb, 0x1e, 0x33, 0x86, 0xe7, 0x3e, 0x53, 0xfb, 0x7e, 0x89, 0xde, 0x38, 0xa6, 0x6f, 0xe6, 0x47,
+	0x0c, 0x71, 0xae, 0x9d, 0x10, 0xe7, 0x22, 0x13, 0x5b, 0xbb, 0x43, 0xde, 0x80, 0x49, 0x16, 0x99,
+	0x94, 0x39, 0xf9, 0x08, 0xa7, 0xce, 0x42, 0x6c, 0xc8, 0x7f, 0x2d, 0x01, 0xc3, 0x29, 0x6c, 0xfb,
+	0x1f, 0x8a, 0x30, 0xc0, 0xb7, 0xdf, 0x21, 0x3c, 0x7c, 0x9f, 0x81, 0x61, 0xb7, 0xd9, 0x6c, 0xf3,
+	0x64, 0xad, 0xfd, 0xb1, 0x59, 0x78, 0x59, 0x16, 0xe2, 0x18, 0x8e, 0x96, 0x85, 0x26, 0xa1, 0x43,
+	0xf0, 0x73, 0xde, 0xf1, 0xd9, 0x45, 0x27, 0x72, 0x38, 0x17, 0xa7, 0xee, 0xd9, 0x58, 0xe7, 0x80,
+	0x3e, 0x0d, 0x10, 0x46, 0x81, 0xeb, 0x6d, 0xd0, 0x32, 0x91, 0x21, 0xe3, 0xe9, 0x0e, 0xd4, 0xaa,
+	0x0a, 0x99, 0xd3, 0x8c, 0xcf, 0x1c, 0x05, 0xc0, 0x1a, 0x45, 0x34, 0x6b, 0xdc, 0xf4, 0x33, 0x89,
+	0xb9, 0x03, 0x4e, 0x35, 0x9e, 0xb3, 0x99, 0x97, 0x61, 0x58, 0x11, 0xef, 0x26, 0x57, 0x1c, 0xd5,
+	0x19, 0xb6, 0x8f, 0xc1, 0x44, 0xa2, 0x6f, 0x07, 0x12, 0x4b, 0xfe, 0xbe, 0x05, 0x13, 0xbc, 0x33,
+	0x4b, 0xde, 0xb6, 0xb8, 0x0d, 0xee, 0xc1, 0xd1, 0x46, 0xc6, 0xa9, 0x2c, 0xa6, 0xbf, 0xf7, 0x53,
+	0x5c, 0x89, 0x21, 0xb3, 0xa0, 0x38, 0xb3, 0x0d, 0x74, 0x9e, 0xee, 0x38, 0x7a, 0xea, 0x3a, 0x0d,
+	0x11, 0x99, 0x64, 0x94, 0xef, 0x36, 0x5e, 0x86, 0x15, 0xd4, 0xfe, 0x5b, 0x0b, 0xa6, 0x78, 0xcf,
+	0xaf, 0x92, 0x1d, 0x75, 0x36, 0x7d, 0x27, 0xfb, 0x2e, 0xd2, 0x84, 0x17, 0x72, 0xd2, 0x84, 0xeb,
+	0x9f, 0x56, 0xec, 0xf8, 0x69, 0x5f, 0xb5, 0x40, 0xac, 0x90, 0x43, 0x90, 0xb4, 0x7c, 0x9f, 0x29,
+	0x69, 0x99, 0xc9, 0xdf, 0x04, 0x39, 0x22, 0x96, 0x7f, 0xb3, 0x60, 0x92, 0x23, 0xc4, 0x56, 0x10,
+	0xdf, 0xd1, 0x79, 0x98, 0x37, 0xbf, 0x28, 0xd3, 0xac, 0xf5, 0x2a, 0xd9, 0x59, 0xf3, 0x2b, 0x4e,
+	0xb4, 0x99, 0xfd, 0x51, 0xc6, 0x64, 0xf5, 0x75, 0x9c, 0xac, 0xba, 0xdc, 0x40, 0x46, 0x42, 0xc8,
+	0x2e, 0x02, 0xe0, 0x83, 0x26, 0x84, 0xb4, 0xff, 0xd1, 0x02, 0xc4, 0x9b, 0x31, 0x18, 0x37, 0xca,
+	0x0e, 0xb1, 0x52, 0xed, 0xa2, 0x8b, 0x8f, 0x26, 0x05, 0xc1, 0x1a, 0xd6, 0x03, 0x19, 0x9e, 0x84,
+	0x29, 0x4b, 0xb1, 0xbb, 0x29, 0xcb, 0x01, 0x46, 0xf4, 0xab, 0x83, 0x90, 0x74, 0xeb, 0x44, 0x37,
+	0x61, 0xb4, 0xe6, 0xb4, 0x9c, 0xdb, 0x6e, 0xc3, 0x8d, 0x5c, 0x12, 0x76, 0xb2, 0x73, 0x5b, 0xd0,
+	0xf0, 0x84, 0xf1, 0x81, 0x56, 0x82, 0x0d, 0x3a, 0x68, 0x16, 0xa0, 0x15, 0xb8, 0xdb, 0x6e, 0x83,
+	0x6c, 0x30, 0x81, 0x10, 0x8b, 0x85, 0xc4, 0x8d, 0xee, 0x64, 0x29, 0xd6, 0x30, 0x32, 0x42, 0x90,
+	0x14, 0x1f, 0x72, 0x08, 0x12, 0x38, 0xb4, 0x10, 0x24, 0x7d, 0x07, 0x0a, 0x41, 0x32, 0x74, 0xe0,
+	0x10, 0x24, 0xfd, 0x3d, 0x85, 0x20, 0xc1, 0x70, 0x5c, 0xf2, 0x9e, 0xf4, 0xff, 0xb2, 0xdb, 0x20,
+	0xe2, 0xc1, 0xc1, 0x03, 0x38, 0xcd, 0xec, 0xed, 0x96, 0x8e, 0xe3, 0x4c, 0x0c, 0x9c, 0x53, 0x13,
+	0x7d, 0x1c, 0xa6, 0x9d, 0x46, 0xc3, 0xbf, 0xa3, 0x26, 0x75, 0x29, 0xac, 0x39, 0x8d, 0x38, 0xae,
+	0xdf, 0xd0, 0xfc, 0xa9, 0xbd, 0xdd, 0xd2, 0xf4, 0x5c, 0x0e, 0x0e, 0xce, 0xad, 0x8d, 0x5e, 0x83,
+	0xe1, 0x56, 0xe0, 0xd7, 0x56, 0x34, 0xdf, 0xf3, 0x33, 0x74, 0x00, 0x2b, 0xb2, 0x70, 0x7f, 0xb7,
+	0x34, 0xa6, 0xfe, 0xb0, 0x0b, 0x3f, 0xae, 0x90, 0x11, 0xdd, 0x63, 0xe4, 0x61, 0x47, 0xf7, 0x18,
+	0x7d, 0xc0, 0xd1, 0x3d, 0xec, 0x2d, 0x38, 0x52, 0x25, 0x81, 0xeb, 0x34, 0xdc, 0x7b, 0x94, 0x27,
+	0x97, 0x67, 0xe0, 0x1a, 0x0c, 0x07, 0x89, 0x53, 0xbf, 0xa7, 0xa0, 0xe7, 0x9a, 0x5c, 0x46, 0x9e,
+	0xf2, 0x31, 0x21, 0xfb, 0xff, 0xb7, 0x60, 0x50, 0xb8, 0x8a, 0x1e, 0x02, 0x67, 0x3a, 0x67, 0xa8,
+	0x64, 0x4a, 0xd9, 0x93, 0xc2, 0x3a, 0x93, 0xab, 0x8c, 0x29, 0x27, 0x94, 0x31, 0x8f, 0x76, 0x22,
+	0xd2, 0x59, 0x0d, 0xf3, 0x9f, 0x15, 0xe9, 0x0b, 0xc1, 0x08, 0x5a, 0xf0, 0xf0, 0x87, 0x60, 0x15,
+	0x06, 0x43, 0xe1, 0x34, 0x5f, 0xc8, 0xf7, 0xe5, 0x49, 0x4e, 0x62, 0x6c, 0x03, 0x29, 0xdc, 0xe4,
+	0x25, 0x91, 0x4c, 0x6f, 0xfc, 0xe2, 0x43, 0xf4, 0xc6, 0xef, 0x16, 0xd6, 0xa1, 0xef, 0x41, 0x84,
+	0x75, 0xb0, 0xbf, 0xce, 0x6e, 0x67, 0xbd, 0xfc, 0x10, 0x18, 0xb7, 0xcb, 0xe6, 0x3d, 0x6e, 0x77,
+	0x58, 0x59, 0xa2, 0x53, 0x39, 0x0c, 0xdc, 0xef, 0x5a, 0x70, 0x3a, 0xe3, 0xab, 0x34, 0x6e, 0xee,
+	0x59, 0x18, 0x72, 0xda, 0x75, 0x57, 0xed, 0x65, 0x4d, 0x5b, 0x3c, 0x27, 0xca, 0xb1, 0xc2, 0x40,
+	0x0b, 0x30, 0x45, 0xee, 0xb6, 0x5c, 0xae, 0x86, 0xd7, 0x4d, 0xc7, 0x8b, 0xdc, 0xbf, 0x78, 0x29,
+	0x09, 0xc4, 0x69, 0x7c, 0x15, 0x1a, 0xae, 0x98, 0x1b, 0x1a, 0xee, 0x37, 0x2d, 0x18, 0x51, 0x6e,
+	0xe3, 0x0f, 0x7d, 0xb4, 0xdf, 0x30, 0x47, 0xfb, 0x91, 0x0e, 0xa3, 0x9d, 0x33, 0xcc, 0x7f, 0x53,
+	0x50, 0xfd, 0xad, 0xf8, 0x41, 0xd4, 0x03, 0x97, 0x78, 0xff, 0x6e, 0x2f, 0x17, 0x61, 0xc4, 0x69,
+	0xb5, 0x24, 0x40, 0xda, 0x2f, 0xb2, 0x14, 0x16, 0x71, 0x31, 0xd6, 0x71, 0x94, 0x17, 0x4e, 0x31,
+	0xd7, 0x0b, 0xa7, 0x0e, 0x10, 0x39, 0xc1, 0x06, 0x89, 0x68, 0x99, 0x30, 0xb7, 0xce, 0x3f, 0x6f,
+	0xda, 0x91, 0xdb, 0x98, 0x75, 0xbd, 0x28, 0x8c, 0x82, 0xd9, 0xb2, 0x17, 0x5d, 0x0f, 0xf8, 0x33,
+	0x55, 0x0b, 0xc0, 0xa8, 0x68, 0x61, 0x8d, 0xae, 0x0c, 0x91, 0xc2, 0xda, 0xe8, 0x37, 0x0d, 0x61,
+	0x56, 0x45, 0x39, 0x56, 0x18, 0xf6, 0xcb, 0xec, 0xf6, 0x61, 0x63, 0x7a, 0xb0, 0xc0, 0x82, 0xff,
+	0x34, 0xaa, 0x66, 0x83, 0xa9, 0x84, 0x17, 0xf5, 0xf0, 0x85, 0x9d, 0x0f, 0x7b, 0xda, 0xb0, 0xee,
+	0xcf, 0x1a, 0xc7, 0x38, 0x44, 0x9f, 0x4c, 0x19, 0x37, 0x3d, 0xd7, 0xe5, 0xd6, 0x38, 0x80, 0x39,
+	0x13, 0xcb, 0x67, 0xc7, 0xb2, 0x7d, 0x95, 0x2b, 0x62, 0x5f, 0x68, 0xf9, 0xec, 0x04, 0x00, 0xc7,
+	0x38, 0x94, 0x61, 0x53, 0x7f, 0xc2, 0x69, 0x14, 0x87, 0x3d, 0x57, 0xd8, 0x21, 0xd6, 0x30, 0xd0,
+	0x05, 0x21, 0xb4, 0xe0, 0xba, 0x87, 0x47, 0x12, 0x42, 0x0b, 0x39, 0x5c, 0x9a, 0xa4, 0xe9, 0x22,
+	0x8c, 0x90, 0xbb, 0x11, 0x09, 0x3c, 0xa7, 0x41, 0x5b, 0xe8, 0x8f, 0xa3, 0xeb, 0x2e, 0xc5, 0xc5,
+	0x58, 0xc7, 0x41, 0x6b, 0x30, 0x11, 0x72, 0x59, 0x9e, 0x4a, 0xb6, 0xc1, 0x65, 0xa2, 0x4f, 0x2b,
+	0x87, 0x7d, 0x13, 0xbc, 0xcf, 0x8a, 0xf8, 0xe9, 0x24, 0xc3, 0x98, 0x24, 0x49, 0xa0, 0xd7, 0x61,
+	0xbc, 0xe1, 0x3b, 0xf5, 0x79, 0xa7, 0xe1, 0x78, 0x35, 0x36, 0x3e, 0x43, 0x46, 0x2c, 0xcb, 0xf1,
+	0x6b, 0x06, 0x14, 0x27, 0xb0, 0x29, 0x83, 0xa8, 0x97, 0x88, 0x04, 0x31, 0x8e, 0xb7, 0x41, 0xc2,
+	0xe9, 0x61, 0xf6, 0x55, 0x8c, 0x41, 0xbc, 0x96, 0x83, 0x83, 0x73, 0x6b, 0xa3, 0x4b, 0x30, 0x2a,
+	0x3f, 0x5f, 0x8b, 0xfa, 0x13, 0x3b, 0x34, 0x69, 0x30, 0x6c, 0x60, 0xa2, 0x10, 0x8e, 0xc9, 0xff,
+	0x6b, 0x81, 0xb3, 0xbe, 0xee, 0xd6, 0x44, 0x28, 0x0c, 0xee, 0xfc, 0xfd, 0x31, 0xe9, 0x69, 0xba,
+	0x94, 0x85, 0xb4, 0xbf, 0x5b, 0x3a, 0x25, 0x46, 0x2d, 0x13, 0x8e, 0xb3, 0x69, 0xa3, 0x15, 0x38,
+	0xc2, 0x6d, 0x60, 0x16, 0x36, 0x49, 0x6d, 0x4b, 0x6e, 0x38, 0xc6, 0x35, 0x6a, 0x8e, 0x3f, 0x57,
+	0xd2, 0x28, 0x38, 0xab, 0x1e, 0x7a, 0x07, 0xa6, 0x5b, 0xed, 0xdb, 0x0d, 0x37, 0xdc, 0x5c, 0xf5,
+	0x23, 0x66, 0x42, 0x36, 0x57, 0xaf, 0x07, 0x24, 0xe4, 0xbe, 0xc1, 0xec, 0xea, 0x95, 0x91, 0x9a,
+	0x2a, 0x39, 0x78, 0x38, 0x97, 0x02, 0xba, 0x07, 0xc7, 0x12, 0x0b, 0x41, 0x84, 0x5c, 0x19, 0xcf,
+	0x4f, 0xb5, 0x55, 0xcd, 0xaa, 0x20, 0xa2, 0x17, 0x65, 0x81, 0x70, 0x76, 0x13, 0xe8, 0x15, 0x00,
+	0xb7, 0xb5, 0xec, 0x34, 0xdd, 0x06, 0x7d, 0x8e, 0x1e, 0x61, 0x6b, 0x84, 0x3e, 0x4d, 0xa0, 0x5c,
+	0x91, 0xa5, 0xf4, 0x6c, 0x16, 0xff, 0x76, 0xb0, 0x86, 0x8d, 0xae, 0xc1, 0xb8, 0xf8, 0xb7, 0x23,
+	0xa6, 0x74, 0x4a, 0x65, 0x65, 0x1d, 0x97, 0x35, 0xd4, 0x3c, 0x26, 0x4a, 0x70, 0xa2, 0x2e, 0xda,
+	0x80, 0xd3, 0x32, 0x25, 0xac, 0xbe, 0x3e, 0xe5, 0x1c, 0x84, 0x2c, 0xbf, 0xd5, 0x10, 0xf7, 0x29,
+	0x9a, 0xeb, 0x84, 0x88, 0x3b, 0xd3, 0xa1, 0xf7, 0xba, 0xbe, 0xcc, 0xb9, 0xc7, 0xf8, 0xb1, 0x38,
+	0x22, 0xe8, 0xb5, 0x24, 0x10, 0xa7, 0xf1, 0x91, 0x0f, 0xc7, 0x5c, 0x2f, 0x6b, 0x55, 0x1f, 0x67,
+	0x84, 0x3e, 0xca, 0x9d, 0xe5, 0x3b, 0xaf, 0xe8, 0x4c, 0x38, 0xce, 0xa6, 0x8b, 0xca, 0x70, 0x24,
+	0xe2, 0x05, 0x8b, 0x6e, 0xc8, 0xd3, 0xe7, 0xd0, 0x67, 0xdf, 0x09, 0xd6, 0xdc, 0x09, 0xba, 0x9a,
+	0xd7, 0xd2, 0x60, 0x9c, 0x55, 0xe7, 0xbd, 0x19, 0x80, 0x7e, 0xc3, 0xa2, 0xb5, 0x35, 0x46, 0x1f,
+	0x7d, 0x06, 0x46, 0xf5, 0xf1, 0x11, 0x4c, 0xcb, 0xb9, 0x6c, 0x3e, 0x58, 0x3b, 0x5e, 0xf8, 0x33,
+	0x41, 0x1d, 0x21, 0x3a, 0x0c, 0x1b, 0x14, 0x51, 0x2d, 0x23, 0xc8, 0xc5, 0x85, 0xde, 0x98, 0xa2,
+	0xde, 0xed, 0x1f, 0x09, 0x64, 0xef, 0x1c, 0x74, 0x0d, 0x86, 0x6a, 0x0d, 0x97, 0x78, 0x51, 0xb9,
+	0xd2, 0x29, 0x50, 0xeb, 0x82, 0xc0, 0x11, 0x5b, 0x51, 0x64, 0xbd, 0xe2, 0x65, 0x58, 0x51, 0xb0,
+	0x2f, 0xc1, 0x48, 0xb5, 0x41, 0x48, 0x8b, 0xfb, 0x71, 0xa1, 0xa7, 0xd8, 0xc3, 0x84, 0xb1, 0x96,
+	0x16, 0x63, 0x2d, 0xf5, 0x37, 0x07, 0x63, 0x2a, 0x25, 0xdc, 0xfe, 0xb3, 0x02, 0x94, 0xba, 0x24,
+	0x5f, 0x4b, 0xe8, 0xdb, 0xac, 0x9e, 0xf4, 0x6d, 0x73, 0x30, 0x11, 0xff, 0xd3, 0x45, 0x79, 0xca,
+	0x18, 0xfa, 0xa6, 0x09, 0xc6, 0x49, 0xfc, 0x9e, 0xfd, 0x5a, 0x74, 0x95, 0x5d, 0x5f, 0x57, 0xcf,
+	0x2c, 0x43, 0x55, 0xdf, 0xdf, 0xfb, 0xdb, 0x3b, 0x57, 0xed, 0x6a, 0x7f, 0xbd, 0x00, 0xc7, 0xd4,
+	0x10, 0x7e, 0xef, 0x0e, 0xdc, 0x8d, 0xf4, 0xc0, 0x3d, 0x00, 0xa5, 0xb5, 0x7d, 0x1d, 0x06, 0x78,
+	0xf4, 0xd8, 0x1e, 0x78, 0xfe, 0xc7, 0xcc, 0x40, 0xfe, 0x8a, 0xcd, 0x34, 0x82, 0xf9, 0xff, 0x98,
+	0x05, 0x13, 0x09, 0x07, 0x49, 0x84, 0x35, 0x2f, 0xfa, 0xfb, 0xe1, 0xcb, 0xb3, 0x38, 0xfe, 0xb3,
+	0xd0, 0xb7, 0xe9, 0x2b, 0x23, 0x65, 0x85, 0x71, 0xc5, 0x0f, 0x23, 0xcc, 0x20, 0xf6, 0xdf, 0x59,
+	0xd0, 0xbf, 0xe6, 0xb8, 0x5e, 0x24, 0xb5, 0x1f, 0x56, 0x8e, 0xf6, 0xa3, 0x97, 0xef, 0x42, 0x2f,
+	0xc1, 0x00, 0x59, 0x5f, 0x27, 0xb5, 0x48, 0xcc, 0xaa, 0x8c, 0xa6, 0x31, 0xb0, 0xc4, 0x4a, 0x29,
+	0x13, 0xca, 0x1a, 0xe3, 0x7f, 0xb1, 0x40, 0x46, 0xb7, 0x60, 0x38, 0x72, 0x9b, 0x64, 0xae, 0x5e,
+	0x17, 0x36, 0x01, 0xf7, 0x11, 0x02, 0x66, 0x4d, 0x12, 0xc0, 0x31, 0x2d, 0xfb, 0xcb, 0x05, 0x80,
+	0x38, 0x5a, 0x5d, 0xb7, 0x4f, 0x9c, 0x4f, 0x69, 0x8b, 0xcf, 0x65, 0x68, 0x8b, 0x51, 0x4c, 0x30,
+	0x43, 0x55, 0xac, 0x86, 0xa9, 0xd8, 0xd3, 0x30, 0xf5, 0x1d, 0x64, 0x98, 0x16, 0x60, 0x2a, 0x8e,
+	0xb6, 0x67, 0x06, 0x1b, 0x65, 0xf7, 0xf7, 0x5a, 0x12, 0x88, 0xd3, 0xf8, 0x36, 0x81, 0xb3, 0x2a,
+	0xe8, 0x98, 0xb8, 0x0b, 0x99, 0x2b, 0x81, 0xae, 0x7d, 0xef, 0x32, 0x4e, 0xb1, 0x3a, 0xbc, 0x90,
+	0xab, 0x0e, 0xff, 0x45, 0x0b, 0x8e, 0x26, 0xdb, 0x61, 0x7e, 0xf7, 0x5f, 0xb4, 0xe0, 0x58, 0x9c,
+	0x7b, 0x28, 0x6d, 0x82, 0xf0, 0x62, 0xc7, 0x40, 0x6a, 0x39, 0x3d, 0x8e, 0xc3, 0xb6, 0xac, 0x64,
+	0x91, 0xc6, 0xd9, 0x2d, 0xda, 0xff, 0x5f, 0x1f, 0x4c, 0xe7, 0x45, 0x60, 0x63, 0x9e, 0x46, 0xce,
+	0xdd, 0xea, 0x16, 0xb9, 0x23, 0xfc, 0x39, 0x62, 0x4f, 0x23, 0x5e, 0x8c, 0x25, 0x3c, 0x99, 0x6e,
+	0xaa, 0xd0, 0x63, 0xba, 0xa9, 0x4d, 0x98, 0xba, 0xb3, 0x49, 0xbc, 0x1b, 0x5e, 0xe8, 0x44, 0x6e,
+	0xb8, 0xee, 0x32, 0x05, 0x3a, 0x5f, 0x37, 0xaf, 0x48, 0xaf, 0x8b, 0x5b, 0x49, 0x84, 0xfd, 0xdd,
+	0xd2, 0x69, 0xa3, 0x20, 0xee, 0x32, 0x3f, 0x48, 0x70, 0x9a, 0x68, 0x3a, 0x5b, 0x57, 0xdf, 0x43,
+	0xce, 0xd6, 0xd5, 0x74, 0x85, 0xd9, 0x8d, 0x74, 0x23, 0x61, 0xcf, 0xd6, 0x15, 0x55, 0x8a, 0x35,
+	0x0c, 0xf4, 0x29, 0x40, 0x7a, 0xba, 0x45, 0x23, 0x00, 0xee, 0x73, 0x7b, 0xbb, 0x25, 0xb4, 0x9a,
+	0x82, 0xee, 0xef, 0x96, 0x8e, 0xd0, 0xd2, 0xb2, 0x47, 0x9f, 0xbf, 0x71, 0xd4, 0xc0, 0x0c, 0x42,
+	0xe8, 0x16, 0x4c, 0xd2, 0x52, 0xb6, 0xa3, 0x64, 0x74, 0x5d, 0xfe, 0x64, 0x7d, 0x66, 0x6f, 0xb7,
+	0x34, 0xb9, 0x9a, 0x80, 0xe5, 0x91, 0x4e, 0x11, 0xc9, 0x48, 0xda, 0x35, 0xd4, 0x6b, 0xd2, 0x2e,
+	0xfb, 0x8b, 0x16, 0x9c, 0xa4, 0x17, 0x5c, 0xfd, 0x5a, 0x8e, 0x16, 0xdd, 0x69, 0xb9, 0x5c, 0x4f,
+	0x23, 0xae, 0x1a, 0x26, 0xab, 0xab, 0x94, 0xb9, 0x96, 0x46, 0x41, 0xe9, 0x09, 0xbf, 0xe5, 0x7a,
+	0xf5, 0xe4, 0x09, 0x7f, 0xd5, 0xf5, 0xea, 0x98, 0x41, 0xd4, 0x95, 0x55, 0xcc, 0x8d, 0xd6, 0xff,
+	0x35, 0xba, 0x57, 0x69, 0x5f, 0xbe, 0xa3, 0xdd, 0x40, 0xcf, 0xe8, 0x3a, 0x55, 0x61, 0x3e, 0x99,
+	0xab, 0x4f, 0xfd, 0x82, 0x05, 0xc2, 0xfb, 0xbd, 0x87, 0x3b, 0xf9, 0x6d, 0x18, 0xdd, 0x4e, 0xa7,
+	0xa2, 0x3d, 0x9b, 0x1f, 0x0e, 0x40, 0x24, 0xa0, 0x55, 0x2c, 0xba, 0x91, 0x76, 0xd6, 0xa0, 0x65,
+	0xd7, 0x41, 0x40, 0x17, 0x09, 0xd3, 0x6a, 0x74, 0xef, 0xcd, 0xf3, 0x00, 0x75, 0x86, 0xcb, 0xf2,
+	0xd3, 0x17, 0x4c, 0x8e, 0x6b, 0x51, 0x41, 0xb0, 0x86, 0x65, 0xff, 0x7a, 0x11, 0x46, 0x64, 0xea,
+	0xd3, 0xb6, 0xd7, 0x8b, 0xec, 0x51, 0x67, 0x9c, 0x0a, 0x5d, 0x19, 0xa7, 0x77, 0x60, 0x2a, 0x20,
+	0xb5, 0x76, 0x10, 0xba, 0xdb, 0x44, 0x82, 0xc5, 0x26, 0x99, 0xe5, 0xc9, 0x22, 0x12, 0xc0, 0x7d,
+	0x16, 0x22, 0x2b, 0x51, 0xc8, 0x94, 0xc6, 0x69, 0x42, 0xe8, 0x02, 0x0c, 0x33, 0xd1, 0x7b, 0x25,
+	0x16, 0x08, 0x2b, 0xc1, 0xd7, 0x8a, 0x04, 0xe0, 0x18, 0x87, 0x3d, 0x0e, 0xda, 0xb7, 0x19, 0x7a,
+	0xc2, 0x13, 0xbc, 0xca, 0x8b, 0xb1, 0x84, 0xa3, 0x8f, 0xc3, 0x24, 0xaf, 0x17, 0xf8, 0x2d, 0x67,
+	0x83, 0xab, 0x04, 0xfb, 0x55, 0x78, 0x9d, 0xc9, 0x95, 0x04, 0x6c, 0x7f, 0xb7, 0x74, 0x34, 0x59,
+	0xc6, 0xba, 0x9d, 0xa2, 0xc2, 0x2c, 0xff, 0x78, 0x23, 0xf4, 0xce, 0x48, 0x19, 0x0c, 0xc6, 0x20,
+	0xac, 0xe3, 0xd9, 0xff, 0x6a, 0xc1, 0x94, 0x36, 0x55, 0x3d, 0xe7, 0xeb, 0x30, 0x06, 0xa9, 0xd0,
+	0xc3, 0x20, 0x1d, 0x2c, 0xda, 0x43, 0xe6, 0x0c, 0xf7, 0x3d, 0xa0, 0x19, 0xb6, 0x3f, 0x03, 0x28,
+	0x9d, 0x57, 0x17, 0xbd, 0xc9, 0x0d, 0xf9, 0xdd, 0x80, 0xd4, 0x3b, 0x29, 0xfc, 0xf5, 0xc8, 0x39,
+	0xd2, 0x73, 0x95, 0xd7, 0xc2, 0xaa, 0xbe, 0xfd, 0xe3, 0x7d, 0x30, 0x99, 0x8c, 0xd5, 0x81, 0xae,
+	0xc0, 0x00, 0xe7, 0xd2, 0x05, 0xf9, 0x0e, 0xf6, 0x64, 0x5a, 0x84, 0x0f, 0x9e, 0x4b, 0x87, 0x73,
+	0xf7, 0xa2, 0x3e, 0x7a, 0x07, 0x46, 0xea, 0xfe, 0x1d, 0xef, 0x8e, 0x13, 0xd4, 0xe7, 0x2a, 0x65,
+	0x71, 0x42, 0x64, 0x0a, 0xa0, 0x16, 0x63, 0x34, 0x3d, 0x6a, 0x08, 0xb3, 0x9d, 0x88, 0x41, 0x58,
+	0x27, 0x87, 0xd6, 0x58, 0x7a, 0xa7, 0x75, 0x77, 0x63, 0xc5, 0x69, 0x75, 0xf2, 0xea, 0x5a, 0x90,
+	0x48, 0x1a, 0xe5, 0x31, 0x91, 0x03, 0x8a, 0x03, 0x70, 0x4c, 0x08, 0x7d, 0x0e, 0x8e, 0x84, 0x39,
+	0x2a, 0xb1, 0xbc, 0x34, 0xeb, 0x9d, 0xb4, 0x44, 0x5c, 0x98, 0x92, 0xa5, 0x3c, 0xcb, 0x6a, 0x06,
+	0xdd, 0x05, 0x24, 0x44, 0xcf, 0x6b, 0x41, 0x3b, 0x8c, 0xe6, 0xdb, 0x5e, 0xbd, 0x21, 0xd3, 0x3f,
+	0x7d, 0x38, 0x5b, 0x4e, 0x90, 0xc4, 0xd6, 0xda, 0x66, 0xe1, 0x85, 0xd3, 0x18, 0x38, 0xa3, 0x0d,
+	0xfb, 0x0b, 0x7d, 0x30, 0x23, 0x13, 0x59, 0x67, 0x78, 0xaf, 0x7c, 0xde, 0x4a, 0xb8, 0xaf, 0xbc,
+	0x92, 0x7f, 0xd0, 0x3f, 0x34, 0x27, 0x96, 0x2f, 0xa5, 0x9d, 0x58, 0x5e, 0x3b, 0x60, 0x37, 0x1e,
+	0x98, 0x2b, 0xcb, 0xf7, 0xac, 0xff, 0xc9, 0xde, 0x51, 0x30, 0xae, 0x66, 0x84, 0x79, 0xec, 0xf6,
+	0x8a, 0x54, 0x1d, 0xe5, 0x3c, 0xff, 0xaf, 0x08, 0x1c, 0xe3, 0xb2, 0x1f, 0x95, 0x11, 0xde, 0xd9,
+	0x39, 0xab, 0xe8, 0x50, 0x9a, 0xa4, 0xd9, 0x8a, 0x76, 0x16, 0xdd, 0x40, 0xf4, 0x38, 0x93, 0xe6,
+	0x92, 0xc0, 0x49, 0xd3, 0x94, 0x10, 0xac, 0xe8, 0xa0, 0x6d, 0x98, 0xda, 0x60, 0x11, 0x9f, 0xb4,
+	0x9c, 0xd2, 0xe2, 0x5c, 0xc8, 0xdc, 0xb7, 0x97, 0x17, 0x96, 0xf2, 0x13, 0x50, 0xf3, 0xc7, 0x5f,
+	0x0a, 0x05, 0xa7, 0x9b, 0xa0, 0x5b, 0xe3, 0xa8, 0x73, 0x27, 0x5c, 0x6a, 0x38, 0x61, 0xe4, 0xd6,
+	0xe6, 0x1b, 0x7e, 0x6d, 0xab, 0x1a, 0xf9, 0x81, 0x4c, 0x16, 0x99, 0xf9, 0xf6, 0x9a, 0xbb, 0x55,
+	0x4d, 0xe1, 0x1b, 0xcd, 0x4f, 0xef, 0xed, 0x96, 0x8e, 0x66, 0x61, 0xe1, 0xcc, 0xb6, 0xd0, 0x2a,
+	0x0c, 0x6e, 0xb8, 0x11, 0x26, 0x2d, 0x5f, 0x9c, 0x16, 0x99, 0x47, 0xe1, 0x65, 0x8e, 0x62, 0xb4,
+	0xc4, 0x22, 0x52, 0x09, 0x00, 0x96, 0x44, 0xd0, 0x9b, 0xea, 0x12, 0x18, 0xc8, 0x17, 0xc0, 0xa6,
+	0x6d, 0xef, 0x32, 0xaf, 0x81, 0xd7, 0xa1, 0xe8, 0xad, 0x87, 0x9d, 0x62, 0xf1, 0xac, 0x2e, 0x1b,
+	0xf2, 0xb3, 0xf9, 0x41, 0xfa, 0x34, 0x5e, 0x5d, 0xae, 0x62, 0x5a, 0x91, 0xb9, 0xbd, 0x86, 0xb5,
+	0xd0, 0x15, 0x89, 0xa7, 0x32, 0xbd, 0x80, 0xcb, 0xd5, 0x85, 0x6a, 0xd9, 0xa0, 0xc1, 0xa2, 0x1a,
+	0xb2, 0x62, 0xcc, 0xab, 0xa3, 0x9b, 0x30, 0xbc, 0xc1, 0x0f, 0xbe, 0xf5, 0x50, 0x24, 0xb3, 0xcf,
+	0xbc, 0x8c, 0x2e, 0x4b, 0x24, 0x83, 0x1e, 0xbb, 0x32, 0x14, 0x08, 0xc7, 0xa4, 0xd0, 0x17, 0x2c,
+	0x38, 0xd6, 0x4a, 0x48, 0x50, 0x99, 0xb3, 0x9a, 0x30, 0x53, 0xcb, 0x74, 0x00, 0xa8, 0x64, 0x55,
+	0x30, 0x1a, 0x64, 0xea, 0x97, 0x4c, 0x34, 0x9c, 0xdd, 0x1c, 0x1d, 0xe8, 0xe0, 0x76, 0xbd, 0x53,
+	0xae, 0xa2, 0x44, 0x60, 0x22, 0x3e, 0xd0, 0x78, 0x7e, 0x11, 0xd3, 0x8a, 0x68, 0x0d, 0x60, 0xbd,
+	0x41, 0x44, 0xc4, 0x47, 0x61, 0x14, 0x95, 0x79, 0xfb, 0x2f, 0x2b, 0x2c, 0x41, 0x87, 0xbd, 0x44,
+	0xe3, 0x52, 0xac, 0xd1, 0xa1, 0x4b, 0xa9, 0xe6, 0x7a, 0x75, 0x12, 0x30, 0xe5, 0x56, 0xce, 0x52,
+	0x5a, 0x60, 0x18, 0xe9, 0xa5, 0xc4, 0xcb, 0xb1, 0xa0, 0xc0, 0x68, 0x91, 0xd6, 0xe6, 0x7a, 0xd8,
+	0x29, 0x2b, 0xc6, 0x02, 0x69, 0x6d, 0x26, 0x16, 0x14, 0xa7, 0xc5, 0xca, 0xb1, 0xa0, 0x40, 0xb7,
+	0xcc, 0x3a, 0xdd, 0x40, 0x24, 0x98, 0x9e, 0xc8, 0xdf, 0x32, 0xcb, 0x1c, 0x25, 0xbd, 0x65, 0x04,
+	0x00, 0x4b, 0x22, 0xe8, 0xd3, 0x26, 0xb7, 0x33, 0xc9, 0x68, 0x3e, 0xd3, 0x85, 0xdb, 0x31, 0xe8,
+	0x76, 0xe6, 0x77, 0x5e, 0x81, 0xc2, 0x7a, 0x8d, 0x29, 0xc5, 0x72, 0x74, 0x06, 0xcb, 0x0b, 0x06,
+	0x35, 0x16, 0x65, 0x7e, 0x79, 0x01, 0x17, 0xd6, 0x6b, 0x74, 0xe9, 0x3b, 0xf7, 0xda, 0x01, 0x59,
+	0x76, 0x1b, 0x44, 0x64, 0xc8, 0xc8, 0x5c, 0xfa, 0x73, 0x12, 0x29, 0xbd, 0xf4, 0x15, 0x08, 0xc7,
+	0xa4, 0x28, 0xdd, 0x98, 0x07, 0x3b, 0x92, 0x4f, 0x57, 0xb1, 0x5a, 0x69, 0xba, 0x99, 0x5c, 0xd8,
+	0x16, 0x8c, 0x6d, 0x87, 0xad, 0x4d, 0x22, 0x4f, 0x45, 0xa6, 0xae, 0xcb, 0x89, 0x54, 0x71, 0x53,
+	0x20, 0xba, 0x41, 0xd4, 0x76, 0x1a, 0xa9, 0x83, 0x9c, 0x89, 0x56, 0x6e, 0xea, 0xc4, 0xb0, 0x49,
+	0x9b, 0x2e, 0x84, 0x77, 0x79, 0x38, 0x39, 0xa6, 0xb8, 0xcb, 0x59, 0x08, 0x19, 0x11, 0xe7, 0xf8,
+	0x42, 0x10, 0x00, 0x2c, 0x89, 0xa8, 0xc1, 0x66, 0x17, 0xd0, 0xf1, 0x2e, 0x83, 0x9d, 0xea, 0x6f,
+	0x3c, 0xd8, 0xec, 0xc2, 0x89, 0x49, 0xb1, 0x8b, 0xa6, 0xb5, 0xe9, 0x47, 0xbe, 0x97, 0xb8, 0xe4,
+	0x4e, 0xe4, 0x5f, 0x34, 0x95, 0x0c, 0xfc, 0xf4, 0x45, 0x93, 0x85, 0x85, 0x33, 0xdb, 0xa2, 0x1f,
+	0xd7, 0x92, 0x91, 0x01, 0x45, 0x16, 0x8f, 0xa7, 0x72, 0x02, 0x6b, 0xa6, 0xc3, 0x07, 0xf2, 0x8f,
+	0x53, 0x20, 0x1c, 0x93, 0x42, 0x75, 0x18, 0x6f, 0x19, 0x11, 0x67, 0x59, 0x36, 0x92, 0x1c, 0xbe,
+	0x20, 0x2b, 0x36, 0x2d, 0x97, 0x10, 0x99, 0x10, 0x9c, 0xa0, 0xc9, 0x2c, 0xf7, 0xb8, 0xab, 0x1f,
+	0x4b, 0x56, 0x92, 0x33, 0xd5, 0x19, 0xde, 0x80, 0x7c, 0xaa, 0x05, 0x00, 0x4b, 0x22, 0x74, 0x34,
+	0x84, 0x83, 0x9a, 0x1f, 0xb2, 0x9c, 0x3f, 0x79, 0x0a, 0xf6, 0x2c, 0x35, 0x91, 0x0c, 0xb3, 0x2e,
+	0x40, 0x38, 0x26, 0x45, 0x4f, 0x72, 0x7a, 0xe1, 0x9d, 0xca, 0x3f, 0xc9, 0x93, 0xd7, 0x1d, 0x3b,
+	0xc9, 0xe9, 0x65, 0x57, 0x14, 0x57, 0x9d, 0x8a, 0x0a, 0xce, 0xf2, 0x95, 0xe4, 0xf4, 0x4b, 0x85,
+	0x15, 0x4f, 0xf7, 0x4b, 0x81, 0x70, 0x4c, 0x8a, 0x5d, 0xc5, 0x2c, 0x34, 0xdd, 0x99, 0x0e, 0x57,
+	0x31, 0x45, 0xc8, 0xb8, 0x8a, 0xb5, 0xd0, 0x75, 0xf6, 0x8f, 0x17, 0xe0, 0x4c, 0xe7, 0x7d, 0x1b,
+	0xeb, 0xd0, 0x2a, 0xb1, 0xcd, 0x52, 0x42, 0x87, 0xc6, 0x25, 0x3a, 0x31, 0x56, 0xcf, 0x01, 0x87,
+	0x2f, 0xc3, 0x94, 0x72, 0x47, 0x6c, 0xb8, 0xb5, 0x1d, 0x2d, 0x49, 0xa9, 0x0a, 0xcd, 0x53, 0x4d,
+	0x22, 0xe0, 0x74, 0x1d, 0x34, 0x07, 0x13, 0x46, 0x61, 0x79, 0x51, 0x3c, 0xff, 0xe3, 0x4c, 0x1b,
+	0x26, 0x18, 0x27, 0xf1, 0xed, 0xdf, 0xb0, 0xe0, 0x44, 0x4e, 0xfe, 0xfb, 0x9e, 0xe3, 0xe9, 0xae,
+	0xc3, 0x44, 0xcb, 0xac, 0xda, 0x25, 0x04, 0xb8, 0x91, 0x65, 0x5f, 0xf5, 0x35, 0x01, 0xc0, 0x49,
+	0xa2, 0xf6, 0xaf, 0x15, 0xe0, 0x74, 0x47, 0xfb, 0x7a, 0x84, 0xe1, 0xf8, 0x46, 0x33, 0x74, 0x16,
+	0x02, 0x52, 0x27, 0x5e, 0xe4, 0x3a, 0x8d, 0x6a, 0x8b, 0xd4, 0x34, 0x2d, 0x28, 0x33, 0x54, 0xbf,
+	0xbc, 0x52, 0x9d, 0x4b, 0x63, 0xe0, 0x9c, 0x9a, 0x68, 0x19, 0x50, 0x1a, 0x22, 0x66, 0x98, 0x3d,
+	0x71, 0xd3, 0xf4, 0x70, 0x46, 0x0d, 0xf4, 0x32, 0x8c, 0x29, 0xbb, 0x7d, 0x6d, 0xc6, 0xd9, 0x05,
+	0x81, 0x75, 0x00, 0x36, 0xf1, 0xd0, 0x45, 0x9e, 0x82, 0x49, 0x24, 0xeb, 0x12, 0x2a, 0xd3, 0x09,
+	0x99, 0x5f, 0x49, 0x14, 0x63, 0x1d, 0x67, 0xfe, 0xd2, 0x5f, 0x7c, 0xeb, 0xcc, 0x87, 0xfe, 0xea,
+	0x5b, 0x67, 0x3e, 0xf4, 0xb7, 0xdf, 0x3a, 0xf3, 0xa1, 0x1f, 0xda, 0x3b, 0x63, 0xfd, 0xc5, 0xde,
+	0x19, 0xeb, 0xaf, 0xf6, 0xce, 0x58, 0x7f, 0xbb, 0x77, 0xc6, 0xfa, 0xdf, 0xf7, 0xce, 0x58, 0x5f,
+	0xfe, 0x3f, 0xce, 0x7c, 0xe8, 0x6d, 0x14, 0x47, 0xa8, 0xbe, 0x40, 0x67, 0xe7, 0xc2, 0xf6, 0xc5,
+	0xff, 0x10, 0x00, 0x00, 0xff, 0xff, 0xf5, 0xf1, 0x8c, 0x4c, 0x2d, 0x26, 0x01, 0x00,
 }
 
 func (m *AWSElasticBlockStoreVolumeSource) Marshal() (dAtA []byte, err error) {
@@ -9887,6 +9921,13 @@ func (m *ContainerStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.StopSignal != nil {
+		i -= len(*m.StopSignal)
+		copy(dAtA[i:], *m.StopSignal)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.StopSignal)))
+		i--
+		dAtA[i] = 0x7a
+	}
 	if len(m.AllocatedResourcesStatus) > 0 {
 		for iNdEx := len(m.AllocatedResourcesStatus) - 1; iNdEx >= 0; iNdEx-- {
 			{
@@ -12258,6 +12299,13 @@ func (m *Lifecycle) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.StopSignal != nil {
+		i -= len(*m.StopSignal)
+		copy(dAtA[i:], *m.StopSignal)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.StopSignal)))
+		i--
+		dAtA[i] = 0x1a
+	}
 	if m.PreStop != nil {
 		{
 			size, err := m.PreStop.MarshalToSizedBuffer(dAtA[:i])
@@ -14135,6 +14183,34 @@ func (m *NodeStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
+func (m *NodeSwapStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *NodeSwapStatus) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *NodeSwapStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.Capacity != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.Capacity))
+		i--
+		dAtA[i] = 0x8
+	}
+	return len(dAtA) - i, nil
+}
+
 func (m *NodeSystemInfo) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -14155,6 +14231,18 @@ func (m *NodeSystemInfo) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.Swap != nil {
+		{
+			size, err := m.Swap.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x5a
+	}
 	i -= len(m.Architecture)
 	copy(dAtA[i:], m.Architecture)
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Architecture)))
@@ -15723,6 +15811,9 @@ func (m *PodCondition) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ObservedGeneration))
+	i--
+	dAtA[i] = 0x38
 	i -= len(m.Message)
 	copy(dAtA[i:], m.Message)
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Message)))
@@ -16994,6 +17085,11 @@ func (m *PodStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ObservedGeneration))
+	i--
+	dAtA[i] = 0x1
+	i--
+	dAtA[i] = 0x88
 	if len(m.HostIPs) > 0 {
 		for iNdEx := len(m.HostIPs) - 1; iNdEx >= 0; iNdEx-- {
 			{
@@ -22542,6 +22638,10 @@ func (m *ContainerStatus) Size() (n int) {
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
+	if m.StopSignal != nil {
+		l = len(*m.StopSignal)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -23382,6 +23482,10 @@ func (m *Lifecycle) Size() (n int) {
 		l = m.PreStop.Size()
 		n += 1 + l + sovGenerated(uint64(l))
 	}
+	if m.StopSignal != nil {
+		l = len(*m.StopSignal)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -24067,6 +24171,18 @@ func (m *NodeStatus) Size() (n int) {
 	return n
 }
 
+func (m *NodeSwapStatus) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.Capacity != nil {
+		n += 1 + sovGenerated(uint64(*m.Capacity))
+	}
+	return n
+}
+
 func (m *NodeSystemInfo) Size() (n int) {
 	if m == nil {
 		return 0
@@ -24093,6 +24209,10 @@ func (m *NodeSystemInfo) Size() (n int) {
 	n += 1 + l + sovGenerated(uint64(l))
 	l = len(m.Architecture)
 	n += 1 + l + sovGenerated(uint64(l))
+	if m.Swap != nil {
+		l = m.Swap.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
@@ -24650,6 +24770,7 @@ func (m *PodCondition) Size() (n int) {
 	n += 1 + l + sovGenerated(uint64(l))
 	l = len(m.Message)
 	n += 1 + l + sovGenerated(uint64(l))
+	n += 1 + sovGenerated(uint64(m.ObservedGeneration))
 	return n
 }
 
@@ -25174,6 +25295,7 @@ func (m *PodStatus) Size() (n int) {
 			n += 2 + l + sovGenerated(uint64(l))
 		}
 	}
+	n += 2 + sovGenerated(uint64(m.ObservedGeneration))
 	return n
 }
 
@@ -27457,6 +27579,7 @@ func (this *ContainerStatus) String() string {
 		`VolumeMounts:` + repeatedStringForVolumeMounts + `,`,
 		`User:` + strings.Replace(this.User.String(), "ContainerUser", "ContainerUser", 1) + `,`,
 		`AllocatedResourcesStatus:` + repeatedStringForAllocatedResourcesStatus + `,`,
+		`StopSignal:` + valueToStringGenerated(this.StopSignal) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -28080,6 +28203,7 @@ func (this *Lifecycle) String() string {
 	s := strings.Join([]string{`&Lifecycle{`,
 		`PostStart:` + strings.Replace(this.PostStart.String(), "LifecycleHandler", "LifecycleHandler", 1) + `,`,
 		`PreStop:` + strings.Replace(this.PreStop.String(), "LifecycleHandler", "LifecycleHandler", 1) + `,`,
+		`StopSignal:` + valueToStringGenerated(this.StopSignal) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -28658,6 +28782,16 @@ func (this *NodeStatus) String() string {
 	}, "")
 	return s
 }
+func (this *NodeSwapStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&NodeSwapStatus{`,
+		`Capacity:` + valueToStringGenerated(this.Capacity) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *NodeSystemInfo) String() string {
 	if this == nil {
 		return "nil"
@@ -28673,6 +28807,7 @@ func (this *NodeSystemInfo) String() string {
 		`KubeProxyVersion:` + fmt.Sprintf("%v", this.KubeProxyVersion) + `,`,
 		`OperatingSystem:` + fmt.Sprintf("%v", this.OperatingSystem) + `,`,
 		`Architecture:` + fmt.Sprintf("%v", this.Architecture) + `,`,
+		`Swap:` + strings.Replace(this.Swap.String(), "NodeSwapStatus", "NodeSwapStatus", 1) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -29045,6 +29180,7 @@ func (this *PodCondition) String() string {
 		`LastTransitionTime:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.LastTransitionTime), "Time", "v1.Time", 1), `&`, ``, 1) + `,`,
 		`Reason:` + fmt.Sprintf("%v", this.Reason) + `,`,
 		`Message:` + fmt.Sprintf("%v", this.Message) + `,`,
+		`ObservedGeneration:` + fmt.Sprintf("%v", this.ObservedGeneration) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -29427,6 +29563,7 @@ func (this *PodStatus) String() string {
 		`Resize:` + fmt.Sprintf("%v", this.Resize) + `,`,
 		`ResourceClaimStatuses:` + repeatedStringForResourceClaimStatuses + `,`,
 		`HostIPs:` + repeatedStringForHostIPs + `,`,
+		`ObservedGeneration:` + fmt.Sprintf("%v", this.ObservedGeneration) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -37794,88 +37931,122 @@ func (m *ContainerStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.Resources == nil {
-				m.Resources = &ResourceRequirements{}
-			}
-			if err := m.Resources.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 12:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field VolumeMounts", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.VolumeMounts = append(m.VolumeMounts, VolumeMountStatus{})
-			if err := m.VolumeMounts[len(m.VolumeMounts)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 13:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field User", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			if m.User == nil {
-				m.User = &ContainerUser{}
-			}
-			if err := m.User.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.Resources == nil {
+				m.Resources = &ResourceRequirements{}
+			}
+			if err := m.Resources.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 12:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field VolumeMounts", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.VolumeMounts = append(m.VolumeMounts, VolumeMountStatus{})
+			if err := m.VolumeMounts[len(m.VolumeMounts)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 13:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field User", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.User == nil {
+				m.User = &ContainerUser{}
+			}
+			if err := m.User.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 14:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllocatedResourcesStatus", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.AllocatedResourcesStatus = append(m.AllocatedResourcesStatus, ResourceStatus{})
+			if err := m.AllocatedResourcesStatus[len(m.AllocatedResourcesStatus)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 14:
+		case 15:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field AllocatedResourcesStatus", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field StopSignal", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -37885,25 +38056,24 @@ func (m *ContainerStatus) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.AllocatedResourcesStatus = append(m.AllocatedResourcesStatus, ResourceStatus{})
-			if err := m.AllocatedResourcesStatus[len(m.AllocatedResourcesStatus)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			s := Signal(dAtA[iNdEx:postIndex])
+			m.StopSignal = &s
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -45056,6 +45226,39 @@ func (m *Lifecycle) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field StopSignal", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := Signal(dAtA[iNdEx:postIndex])
+			m.StopSignal = &s
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -50743,6 +50946,76 @@ func (m *NodeStatus) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
+func (m *NodeSwapStatus) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: NodeSwapStatus: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: NodeSwapStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Capacity", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.Capacity = &v
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func (m *NodeSystemInfo) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
@@ -51092,6 +51365,42 @@ func (m *NodeSystemInfo) Unmarshal(dAtA []byte) error {
 			}
 			m.Architecture = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
+		case 11:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Swap", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Swap == nil {
+				m.Swap = &NodeSwapStatus{}
+			}
+			if err := m.Swap.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -56087,6 +56396,25 @@ func (m *PodCondition) Unmarshal(dAtA []byte) error {
 			}
 			m.Message = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
+		case 7:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObservedGeneration", wireType)
+			}
+			m.ObservedGeneration = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.ObservedGeneration |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -60340,6 +60668,25 @@ func (m *PodStatus) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 17:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObservedGeneration", wireType)
+			}
+			m.ObservedGeneration = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.ObservedGeneration |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/core/v1/generated.proto b/vendor/k8s.io/api/core/v1/generated.proto
index 08706987c5..9b48fb1c39 100644
--- a/vendor/k8s.io/api/core/v1/generated.proto
+++ b/vendor/k8s.io/api/core/v1/generated.proto
@@ -1103,6 +1103,11 @@ message ContainerStatus {
   // +listType=map
   // +listMapKey=name
   repeated ResourceStatus allocatedResourcesStatus = 14;
+
+  // StopSignal reports the effective stop signal for this container
+  // +featureGate=ContainerStopSignals
+  // +optional
+  optional string stopSignal = 15;
 }
 
 // ContainerUser represents user identity information
@@ -1194,6 +1199,7 @@ message EmptyDirVolumeSource {
 }
 
 // EndpointAddress is a tuple that describes single IP address.
+// Deprecated: This API is deprecated in v1.33+.
 // +structType=atomic
 message EndpointAddress {
   // The IP of this endpoint.
@@ -1215,6 +1221,7 @@ message EndpointAddress {
 }
 
 // EndpointPort is a tuple that describes a single port.
+// Deprecated: This API is deprecated in v1.33+.
 // +structType=atomic
 message EndpointPort {
   // The name of this port.  This must match the 'name' field in the
@@ -1265,6 +1272,8 @@ message EndpointPort {
 //
 // 	a: [ 10.10.1.1:8675, 10.10.2.2:8675 ],
 // 	b: [ 10.10.1.1:309, 10.10.2.2:309 ]
+//
+// Deprecated: This API is deprecated in v1.33+.
 message EndpointSubset {
   // IP addresses which offer the related ports that are marked as ready. These endpoints
   // should be considered safe for load balancers and clients to utilize.
@@ -1298,6 +1307,11 @@ message EndpointSubset {
 // 	     Ports: [{"name": "a", "port": 93}, {"name": "b", "port": 76}]
 // 	   },
 // 	]
+//
+// Endpoints is a legacy API and does not contain information about all Service features.
+// Use discoveryv1.EndpointSlice for complete information about Service endpoints.
+//
+// Deprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.
 message Endpoints {
   // Standard object's metadata.
   // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
@@ -1317,6 +1331,7 @@ message Endpoints {
 }
 
 // EndpointsList is a list of endpoints.
+// Deprecated: This API is deprecated in v1.33+.
 message EndpointsList {
   // Standard list metadata.
   // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
@@ -1327,9 +1342,9 @@ message EndpointsList {
   repeated Endpoints items = 2;
 }
 
-// EnvFromSource represents the source of a set of ConfigMaps
+// EnvFromSource represents the source of a set of ConfigMaps or Secrets
 message EnvFromSource {
-  // An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+  // Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER.
   // +optional
   optional string prefix = 1;
 
@@ -2198,6 +2213,12 @@ message Lifecycle {
   // More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
   // +optional
   optional LifecycleHandler preStop = 2;
+
+  // StopSignal defines which signal will be sent to a container when it is being stopped.
+  // If not specified, the default is defined by the container runtime in use.
+  // StopSignal can only be set for Pods with a non-empty .spec.os.name
+  // +optional
+  optional string stopSignal = 3;
 }
 
 // LifecycleHandler defines a specific action that should be taken in a lifecycle
@@ -2862,6 +2883,13 @@ message NodeStatus {
   optional NodeFeatures features = 13;
 }
 
+// NodeSwapStatus represents swap memory information.
+message NodeSwapStatus {
+  // Total amount of swap memory in bytes.
+  // +optional
+  optional int64 capacity = 1;
+}
+
 // NodeSystemInfo is a set of ids/uuids to uniquely identify the node.
 message NodeSystemInfo {
   // MachineID reported by the node. For unique machine identification
@@ -2897,6 +2925,9 @@ message NodeSystemInfo {
 
   // The Architecture reported by the node
   optional string architecture = 10;
+
+  // Swap Info reported by the node.
+  optional NodeSwapStatus swap = 11;
 }
 
 // ObjectFieldSelector selects an APIVersioned field of an object.
@@ -3615,7 +3646,6 @@ message PodAffinityTerm {
   // pod labels will be ignored. The default value is empty.
   // The same key is forbidden to exist in both matchLabelKeys and labelSelector.
   // Also, matchLabelKeys cannot be set when labelSelector isn't set.
-  // This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
   //
   // +listType=atomic
   // +optional
@@ -3629,7 +3659,6 @@ message PodAffinityTerm {
   // pod labels will be ignored. The default value is empty.
   // The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
   // Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
-  // This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
   //
   // +listType=atomic
   // +optional
@@ -3702,6 +3731,12 @@ message PodCondition {
   // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
   optional string type = 1;
 
+  // If set, this represents the .metadata.generation that the pod condition was set based upon.
+  // This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.
+  // +featureGate=PodObservedGenerationTracking
+  // +optional
+  optional int64 observedGeneration = 7;
+
   // Status is the status of the condition.
   // Can be True, False, Unknown.
   // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
@@ -4138,7 +4173,7 @@ message PodSpec {
   // Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
   // The resourceRequirements of an init container are taken into account during scheduling
   // by finding the highest request/limit for each resource type, and then using the max of
-  // of that value or the sum of the normal containers. Limits are applied to init containers
+  // that value or the sum of the normal containers. Limits are applied to init containers
   // in a similar fashion.
   // Init containers cannot currently be added or removed.
   // Cannot be updated.
@@ -4487,6 +4522,12 @@ message PodSpec {
 // state of a system, especially if the node that hosts the pod cannot contact the control
 // plane.
 message PodStatus {
+  // If set, this represents the .metadata.generation that the pod status was set based upon.
+  // This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.
+  // +featureGate=PodObservedGenerationTracking
+  // +optional
+  optional int64 observedGeneration = 17;
+
   // The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle.
   // The conditions array, the reason and message fields, and the individual container status
   // arrays contain more detail about the pod's status.
@@ -4618,6 +4659,9 @@ message PodStatus {
   // Status of resources resize desired for pod's containers.
   // It is empty if no resources resize is pending.
   // Any changes to container resources will automatically set this to "Proposed"
+  // Deprecated: Resize status is moved to two pod conditions PodResizePending and PodResizeInProgress.
+  // PodResizePending will track states where the spec has been resized, but the Kubelet has not yet allocated the resources.
+  // PodResizeInProgress will track in-progress resizes, and should be present whenever allocated resources != acknowledged resources.
   // +featureGate=InPlacePodVerticalScaling
   // +optional
   optional string resize = 14;
@@ -5063,12 +5107,18 @@ message ReplicationControllerSpec {
   // Defaults to 1.
   // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
   // +optional
+  // +k8s:optional
+  // +default=1
+  // +k8s:minimum=0
   optional int32 replicas = 1;
 
   // Minimum number of seconds for which a newly created pod should be ready
   // without any of its container crashing, for it to be considered available.
   // Defaults to 0 (pod will be considered available as soon as it is ready)
   // +optional
+  // +k8s:optional
+  // +default=0
+  // +k8s:minimum=0
   optional int32 minReadySeconds = 4;
 
   // Selector is a label query over pods that should match the Replicas count.
@@ -6110,13 +6160,12 @@ message ServiceSpec {
   // +optional
   optional string internalTrafficPolicy = 22;
 
-  // TrafficDistribution offers a way to express preferences for how traffic is
-  // distributed to Service endpoints. Implementations can use this field as a
-  // hint, but are not required to guarantee strict adherence. If the field is
-  // not set, the implementation will apply its default routing strategy. If set
-  // to "PreferClose", implementations should prioritize endpoints that are
-  // topologically close (e.g., same zone).
-  // This is a beta field and requires enabling ServiceTrafficDistribution feature.
+  // TrafficDistribution offers a way to express preferences for how traffic
+  // is distributed to Service endpoints. Implementations can use this field
+  // as a hint, but are not required to guarantee strict adherence. If the
+  // field is not set, the implementation will apply its default routing
+  // strategy. If set to "PreferClose", implementations should prioritize
+  // endpoints that are in the same zone.
   // +featureGate=ServiceTrafficDistribution
   // +optional
   optional string trafficDistribution = 23;
@@ -6411,7 +6460,6 @@ message TopologySpreadConstraint {
   // - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
   //
   // If this value is nil, the behavior is equivalent to the Honor policy.
-  // This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
   // +optional
   optional string nodeAffinityPolicy = 6;
 
@@ -6422,7 +6470,6 @@ message TopologySpreadConstraint {
   // - Ignore: node taints are ignored. All nodes are included.
   //
   // If this value is nil, the behavior is equivalent to the Ignore policy.
-  // This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
   // +optional
   optional string nodeTaintsPolicy = 7;
 
@@ -6854,7 +6901,7 @@ message VolumeSource {
   // The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.
   // The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.
   // The volume will be mounted read-only (ro) and non-executable files (noexec).
-  // Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).
+  // Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33.
   // The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.
   // +featureGate=ImageVolume
   // +optional
diff --git a/vendor/k8s.io/api/core/v1/lifecycle.go b/vendor/k8s.io/api/core/v1/lifecycle.go
index 21ca90e815..21b931b67a 100644
--- a/vendor/k8s.io/api/core/v1/lifecycle.go
+++ b/vendor/k8s.io/api/core/v1/lifecycle.go
@@ -16,6 +16,10 @@ limitations under the License.
 
 package v1
 
+import (
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
 // APILifecycleIntroduced returns the release in which the API struct was introduced as int versions of major and minor for comparison.
 func (in *ComponentStatus) APILifecycleIntroduced() (major, minor int) {
 	return 1, 0
@@ -35,3 +39,23 @@ func (in *ComponentStatusList) APILifecycleIntroduced() (major, minor int) {
 func (in *ComponentStatusList) APILifecycleDeprecated() (major, minor int) {
 	return 1, 19
 }
+
+// APILifecycleDeprecated returns the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+func (in *Endpoints) APILifecycleDeprecated() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleReplacement returns the GVK of the replacement for the given API
+func (in *Endpoints) APILifecycleReplacement() schema.GroupVersionKind {
+	return schema.GroupVersionKind{Group: "discovery.k8s.io", Version: "v1", Kind: "EndpointSlice"}
+}
+
+// APILifecycleDeprecated returns the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+func (in *EndpointsList) APILifecycleDeprecated() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleReplacement returns the GVK of the replacement for the given API
+func (in *EndpointsList) APILifecycleReplacement() schema.GroupVersionKind {
+	return schema.GroupVersionKind{Group: "discovery.k8s.io", Version: "v1", Kind: "EndpointSliceList"}
+}
diff --git a/vendor/k8s.io/api/core/v1/types.go b/vendor/k8s.io/api/core/v1/types.go
index fb2c1c7453..f7641e485a 100644
--- a/vendor/k8s.io/api/core/v1/types.go
+++ b/vendor/k8s.io/api/core/v1/types.go
@@ -217,7 +217,7 @@ type VolumeSource struct {
 	// The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field.
 	// The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images.
 	// The volume will be mounted read-only (ro) and non-executable files (noexec).
-	// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath).
+	// Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33.
 	// The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.
 	// +featureGate=ImageVolume
 	// +optional
@@ -2437,9 +2437,9 @@ type SecretKeySelector struct {
 	Optional *bool `json:"optional,omitempty" protobuf:"varint,3,opt,name=optional"`
 }
 
-// EnvFromSource represents the source of a set of ConfigMaps
+// EnvFromSource represents the source of a set of ConfigMaps or Secrets
 type EnvFromSource struct {
-	// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+	// Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER.
 	// +optional
 	Prefix string `json:"prefix,omitempty" protobuf:"bytes,1,opt,name=prefix"`
 	// The ConfigMap to select from
@@ -2980,6 +2980,78 @@ type LifecycleHandler struct {
 	Sleep *SleepAction `json:"sleep,omitempty" protobuf:"bytes,4,opt,name=sleep"`
 }
 
+// Signal defines the stop signal of containers
+// +enum
+type Signal string
+
+const (
+	SIGABRT         Signal = "SIGABRT"
+	SIGALRM         Signal = "SIGALRM"
+	SIGBUS          Signal = "SIGBUS"
+	SIGCHLD         Signal = "SIGCHLD"
+	SIGCLD          Signal = "SIGCLD"
+	SIGCONT         Signal = "SIGCONT"
+	SIGFPE          Signal = "SIGFPE"
+	SIGHUP          Signal = "SIGHUP"
+	SIGILL          Signal = "SIGILL"
+	SIGINT          Signal = "SIGINT"
+	SIGIO           Signal = "SIGIO"
+	SIGIOT          Signal = "SIGIOT"
+	SIGKILL         Signal = "SIGKILL"
+	SIGPIPE         Signal = "SIGPIPE"
+	SIGPOLL         Signal = "SIGPOLL"
+	SIGPROF         Signal = "SIGPROF"
+	SIGPWR          Signal = "SIGPWR"
+	SIGQUIT         Signal = "SIGQUIT"
+	SIGSEGV         Signal = "SIGSEGV"
+	SIGSTKFLT       Signal = "SIGSTKFLT"
+	SIGSTOP         Signal = "SIGSTOP"
+	SIGSYS          Signal = "SIGSYS"
+	SIGTERM         Signal = "SIGTERM"
+	SIGTRAP         Signal = "SIGTRAP"
+	SIGTSTP         Signal = "SIGTSTP"
+	SIGTTIN         Signal = "SIGTTIN"
+	SIGTTOU         Signal = "SIGTTOU"
+	SIGURG          Signal = "SIGURG"
+	SIGUSR1         Signal = "SIGUSR1"
+	SIGUSR2         Signal = "SIGUSR2"
+	SIGVTALRM       Signal = "SIGVTALRM"
+	SIGWINCH        Signal = "SIGWINCH"
+	SIGXCPU         Signal = "SIGXCPU"
+	SIGXFSZ         Signal = "SIGXFSZ"
+	SIGRTMIN        Signal = "SIGRTMIN"
+	SIGRTMINPLUS1   Signal = "SIGRTMIN+1"
+	SIGRTMINPLUS2   Signal = "SIGRTMIN+2"
+	SIGRTMINPLUS3   Signal = "SIGRTMIN+3"
+	SIGRTMINPLUS4   Signal = "SIGRTMIN+4"
+	SIGRTMINPLUS5   Signal = "SIGRTMIN+5"
+	SIGRTMINPLUS6   Signal = "SIGRTMIN+6"
+	SIGRTMINPLUS7   Signal = "SIGRTMIN+7"
+	SIGRTMINPLUS8   Signal = "SIGRTMIN+8"
+	SIGRTMINPLUS9   Signal = "SIGRTMIN+9"
+	SIGRTMINPLUS10  Signal = "SIGRTMIN+10"
+	SIGRTMINPLUS11  Signal = "SIGRTMIN+11"
+	SIGRTMINPLUS12  Signal = "SIGRTMIN+12"
+	SIGRTMINPLUS13  Signal = "SIGRTMIN+13"
+	SIGRTMINPLUS14  Signal = "SIGRTMIN+14"
+	SIGRTMINPLUS15  Signal = "SIGRTMIN+15"
+	SIGRTMAXMINUS14 Signal = "SIGRTMAX-14"
+	SIGRTMAXMINUS13 Signal = "SIGRTMAX-13"
+	SIGRTMAXMINUS12 Signal = "SIGRTMAX-12"
+	SIGRTMAXMINUS11 Signal = "SIGRTMAX-11"
+	SIGRTMAXMINUS10 Signal = "SIGRTMAX-10"
+	SIGRTMAXMINUS9  Signal = "SIGRTMAX-9"
+	SIGRTMAXMINUS8  Signal = "SIGRTMAX-8"
+	SIGRTMAXMINUS7  Signal = "SIGRTMAX-7"
+	SIGRTMAXMINUS6  Signal = "SIGRTMAX-6"
+	SIGRTMAXMINUS5  Signal = "SIGRTMAX-5"
+	SIGRTMAXMINUS4  Signal = "SIGRTMAX-4"
+	SIGRTMAXMINUS3  Signal = "SIGRTMAX-3"
+	SIGRTMAXMINUS2  Signal = "SIGRTMAX-2"
+	SIGRTMAXMINUS1  Signal = "SIGRTMAX-1"
+	SIGRTMAX        Signal = "SIGRTMAX"
+)
+
 // Lifecycle describes actions that the management system should take in response to container lifecycle
 // events. For the PostStart and PreStop lifecycle handlers, management of the container blocks
 // until the action is complete, unless the container process fails, in which case the handler is aborted.
@@ -3001,6 +3073,11 @@ type Lifecycle struct {
 	// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
 	// +optional
 	PreStop *LifecycleHandler `json:"preStop,omitempty" protobuf:"bytes,2,opt,name=preStop"`
+	// StopSignal defines which signal will be sent to a container when it is being stopped.
+	// If not specified, the default is defined by the container runtime in use.
+	// StopSignal can only be set for Pods with a non-empty .spec.os.name
+	// +optional
+	StopSignal *Signal `json:"stopSignal,omitempty" protobuf:"bytes,3,opt,name=stopSignal"`
 }
 
 type ConditionStatus string
@@ -3154,6 +3231,10 @@ type ContainerStatus struct {
 	// +listType=map
 	// +listMapKey=name
 	AllocatedResourcesStatus []ResourceStatus `json:"allocatedResourcesStatus,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,14,rep,name=allocatedResourcesStatus"`
+	// StopSignal reports the effective stop signal for this container
+	// +featureGate=ContainerStopSignals
+	// +optional
+	StopSignal *Signal `json:"stopSignal,omitempty" protobuf:"bytes,15,opt,name=stopSignal"`
 }
 
 // ResourceStatus represents the status of a single resource allocated to a Pod.
@@ -3278,6 +3359,17 @@ const (
 	// PodReadyToStartContainers pod sandbox is successfully configured and
 	// the pod is ready to launch containers.
 	PodReadyToStartContainers PodConditionType = "PodReadyToStartContainers"
+	// PodResizePending indicates that the pod has been resized, but kubelet has not
+	// yet allocated the resources. If both PodResizePending and PodResizeInProgress
+	// are set, it means that a new resize was requested in the middle of a previous
+	// pod resize that is still in progress.
+	PodResizePending PodConditionType = "PodResizePending"
+	// PodResizeInProgress indicates that a resize is in progress, and is present whenever
+	// the Kubelet has allocated resources for the resize, but has not yet actuated all of
+	// the required changes.
+	// If both PodResizePending and PodResizeInProgress are set, it means that a new resize was
+	// requested in the middle of a previous pod resize that is still in progress.
+	PodResizeInProgress PodConditionType = "PodResizeInProgress"
 )
 
 // These are reasons for a pod's transition to a condition.
@@ -3301,6 +3393,18 @@ const (
 	// PodReasonPreemptionByScheduler reason in DisruptionTarget pod condition indicates that the
 	// disruption was initiated by scheduler's preemption.
 	PodReasonPreemptionByScheduler = "PreemptionByScheduler"
+
+	// PodReasonDeferred reason in PodResizePending pod condition indicates the proposed resize is feasible in
+	// theory (it fits on this node) but is not possible right now.
+	PodReasonDeferred = "Deferred"
+
+	// PodReasonInfeasible reason in PodResizePending pod condition indicates the proposed resize is not
+	// feasible and is rejected; it may not be re-evaluated
+	PodReasonInfeasible = "Infeasible"
+
+	// PodReasonError reason in PodResizeInProgress pod condition indicates that an error occurred while
+	// actuating the resize.
+	PodReasonError = "Error"
 )
 
 // PodCondition contains details for the current condition of this pod.
@@ -3308,6 +3412,11 @@ type PodCondition struct {
 	// Type is the type of the condition.
 	// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
 	Type PodConditionType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=PodConditionType"`
+	// If set, this represents the .metadata.generation that the pod condition was set based upon.
+	// This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.
+	// +featureGate=PodObservedGenerationTracking
+	// +optional
+	ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,7,opt,name=observedGeneration"`
 	// Status is the status of the condition.
 	// Can be True, False, Unknown.
 	// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
@@ -3326,12 +3435,10 @@ type PodCondition struct {
 	Message string `json:"message,omitempty" protobuf:"bytes,6,opt,name=message"`
 }
 
-// PodResizeStatus shows status of desired resize of a pod's containers.
+// Deprecated: PodResizeStatus shows status of desired resize of a pod's containers.
 type PodResizeStatus string
 
 const (
-	// Pod resources resize has been requested and will be evaluated by node.
-	PodResizeStatusProposed PodResizeStatus = "Proposed"
 	// Pod resources resize has been accepted by node and is being actuated.
 	PodResizeStatusInProgress PodResizeStatus = "InProgress"
 	// Node cannot resize the pod at this time and will keep retrying.
@@ -3627,7 +3734,6 @@ type PodAffinityTerm struct {
 	// pod labels will be ignored. The default value is empty.
 	// The same key is forbidden to exist in both matchLabelKeys and labelSelector.
 	// Also, matchLabelKeys cannot be set when labelSelector isn't set.
-	// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
 	//
 	// +listType=atomic
 	// +optional
@@ -3640,7 +3746,6 @@ type PodAffinityTerm struct {
 	// pod labels will be ignored. The default value is empty.
 	// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
 	// Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
-	// This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
 	//
 	// +listType=atomic
 	// +optional
@@ -3792,7 +3897,7 @@ type PodSpec struct {
 	// Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
 	// The resourceRequirements of an init container are taken into account during scheduling
 	// by finding the highest request/limit for each resource type, and then using the max of
-	// of that value or the sum of the normal containers. Limits are applied to init containers
+	// that value or the sum of the normal containers. Limits are applied to init containers
 	// in a similar fashion.
 	// Init containers cannot currently be added or removed.
 	// Cannot be updated.
@@ -4301,7 +4406,6 @@ type TopologySpreadConstraint struct {
 	// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.
 	//
 	// If this value is nil, the behavior is equivalent to the Honor policy.
-	// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
 	// +optional
 	NodeAffinityPolicy *NodeInclusionPolicy `json:"nodeAffinityPolicy,omitempty" protobuf:"bytes,6,opt,name=nodeAffinityPolicy"`
 	// NodeTaintsPolicy indicates how we will treat node taints when calculating
@@ -4311,7 +4415,6 @@ type TopologySpreadConstraint struct {
 	// - Ignore: node taints are ignored. All nodes are included.
 	//
 	// If this value is nil, the behavior is equivalent to the Ignore policy.
-	// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
 	// +optional
 	NodeTaintsPolicy *NodeInclusionPolicy `json:"nodeTaintsPolicy,omitempty" protobuf:"bytes,7,opt,name=nodeTaintsPolicy"`
 	// MatchLabelKeys is a set of pod label keys to select the pods over which
@@ -4841,6 +4944,11 @@ type EphemeralContainer struct {
 // state of a system, especially if the node that hosts the pod cannot contact the control
 // plane.
 type PodStatus struct {
+	// If set, this represents the .metadata.generation that the pod status was set based upon.
+	// This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.
+	// +featureGate=PodObservedGenerationTracking
+	// +optional
+	ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,17,opt,name=observedGeneration"`
 	// The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle.
 	// The conditions array, the reason and message fields, and the individual container status
 	// arrays contain more detail about the pod's status.
@@ -4968,6 +5076,9 @@ type PodStatus struct {
 	// Status of resources resize desired for pod's containers.
 	// It is empty if no resources resize is pending.
 	// Any changes to container resources will automatically set this to "Proposed"
+	// Deprecated: Resize status is moved to two pod conditions PodResizePending and PodResizeInProgress.
+	// PodResizePending will track states where the spec has been resized, but the Kubelet has not yet allocated the resources.
+	// PodResizeInProgress will track in-progress resizes, and should be present whenever allocated resources != acknowledged resources.
 	// +featureGate=InPlacePodVerticalScaling
 	// +optional
 	Resize PodResizeStatus `json:"resize,omitempty" protobuf:"bytes,14,opt,name=resize,casttype=PodResizeStatus"`
@@ -5099,12 +5210,18 @@ type ReplicationControllerSpec struct {
 	// Defaults to 1.
 	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
 	// +optional
+	// +k8s:optional
+	// +default=1
+	// +k8s:minimum=0
 	Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"`
 
 	// Minimum number of seconds for which a newly created pod should be ready
 	// without any of its container crashing, for it to be considered available.
 	// Defaults to 0 (pod will be considered available as soon as it is ready)
 	// +optional
+	// +k8s:optional
+	// +default=0
+	// +k8s:minimum=0
 	MinReadySeconds int32 `json:"minReadySeconds,omitempty" protobuf:"varint,4,opt,name=minReadySeconds"`
 
 	// Selector is a label query over pods that should match the Replicas count.
@@ -5334,14 +5451,27 @@ const (
 
 // These are valid values for the TrafficDistribution field of a Service.
 const (
-	// Indicates a preference for routing traffic to endpoints that are
-	// topologically proximate to the client. The interpretation of "topologically
-	// proximate" may vary across implementations and could encompass endpoints
-	// within the same node, rack, zone, or even region. Setting this value gives
-	// implementations permission to make different tradeoffs, e.g. optimizing for
-	// proximity rather than equal distribution of load. Users should not set this
-	// value if such tradeoffs are not acceptable.
+	// Indicates a preference for routing traffic to endpoints that are in the same
+	// zone as the client. Users should not set this value unless they have ensured
+	// that clients and endpoints are distributed in such a way that the "same zone"
+	// preference will not result in endpoints getting overloaded.
 	ServiceTrafficDistributionPreferClose = "PreferClose"
+
+	// Indicates a preference for routing traffic to endpoints that are in the same
+	// zone as the client. Users should not set this value unless they have ensured
+	// that clients and endpoints are distributed in such a way that the "same zone"
+	// preference will not result in endpoints getting overloaded.
+	// This is an alias for "PreferClose", but it is an Alpha feature and is only
+	// recognized if the PreferSameTrafficDistribution feature gate is enabled.
+	ServiceTrafficDistributionPreferSameZone = "PreferSameZone"
+
+	// Indicates a preference for routing traffic to endpoints that are on the same
+	// node as the client. Users should not set this value unless they have ensured
+	// that clients and endpoints are distributed in such a way that the "same node"
+	// preference will not result in endpoints getting overloaded.
+	// This is an Alpha feature and is only recognized if the
+	// PreferSameTrafficDistribution feature gate is enabled.
+	ServiceTrafficDistributionPreferSameNode = "PreferSameNode"
 )
 
 // These are the valid conditions of a service.
@@ -5689,13 +5819,12 @@ type ServiceSpec struct {
 	// +optional
 	InternalTrafficPolicy *ServiceInternalTrafficPolicy `json:"internalTrafficPolicy,omitempty" protobuf:"bytes,22,opt,name=internalTrafficPolicy"`
 
-	// TrafficDistribution offers a way to express preferences for how traffic is
-	// distributed to Service endpoints. Implementations can use this field as a
-	// hint, but are not required to guarantee strict adherence. If the field is
-	// not set, the implementation will apply its default routing strategy. If set
-	// to "PreferClose", implementations should prioritize endpoints that are
-	// topologically close (e.g., same zone).
-	// This is a beta field and requires enabling ServiceTrafficDistribution feature.
+	// TrafficDistribution offers a way to express preferences for how traffic
+	// is distributed to Service endpoints. Implementations can use this field
+	// as a hint, but are not required to guarantee strict adherence. If the
+	// field is not set, the implementation will apply its default routing
+	// strategy. If set to "PreferClose", implementations should prioritize
+	// endpoints that are in the same zone.
 	// +featureGate=ServiceTrafficDistribution
 	// +optional
 	TrafficDistribution *string `json:"trafficDistribution,omitempty" protobuf:"bytes,23,opt,name=trafficDistribution"`
@@ -5888,6 +6017,11 @@ type ServiceAccountList struct {
 //	     Ports: [{"name": "a", "port": 93}, {"name": "b", "port": 76}]
 //	   },
 //	]
+//
+// Endpoints is a legacy API and does not contain information about all Service features.
+// Use discoveryv1.EndpointSlice for complete information about Service endpoints.
+//
+// Deprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.
 type Endpoints struct {
 	metav1.TypeMeta `json:",inline"`
 	// Standard object's metadata.
@@ -5920,6 +6054,8 @@ type Endpoints struct {
 //
 //	a: [ 10.10.1.1:8675, 10.10.2.2:8675 ],
 //	b: [ 10.10.1.1:309, 10.10.2.2:309 ]
+//
+// Deprecated: This API is deprecated in v1.33+.
 type EndpointSubset struct {
 	// IP addresses which offer the related ports that are marked as ready. These endpoints
 	// should be considered safe for load balancers and clients to utilize.
@@ -5939,6 +6075,7 @@ type EndpointSubset struct {
 }
 
 // EndpointAddress is a tuple that describes single IP address.
+// Deprecated: This API is deprecated in v1.33+.
 // +structType=atomic
 type EndpointAddress struct {
 	// The IP of this endpoint.
@@ -5957,6 +6094,7 @@ type EndpointAddress struct {
 }
 
 // EndpointPort is a tuple that describes a single port.
+// Deprecated: This API is deprecated in v1.33+.
 // +structType=atomic
 type EndpointPort struct {
 	// The name of this port.  This must match the 'name' field in the
@@ -5998,6 +6136,7 @@ type EndpointPort struct {
 // +k8s:prerelease-lifecycle-gen:introduced=1.0
 
 // EndpointsList is a list of endpoints.
+// Deprecated: This API is deprecated in v1.33+.
 type EndpointsList struct {
 	metav1.TypeMeta `json:",inline"`
 	// Standard list metadata.
@@ -6166,6 +6305,15 @@ type NodeSystemInfo struct {
 	OperatingSystem string `json:"operatingSystem" protobuf:"bytes,9,opt,name=operatingSystem"`
 	// The Architecture reported by the node
 	Architecture string `json:"architecture" protobuf:"bytes,10,opt,name=architecture"`
+	// Swap Info reported by the node.
+	Swap *NodeSwapStatus `json:"swap,omitempty" protobuf:"bytes,11,opt,name=swap"`
+}
+
+// NodeSwapStatus represents swap memory information.
+type NodeSwapStatus struct {
+	// Total amount of swap memory in bytes.
+	// +optional
+	Capacity *int64 `json:"capacity,omitempty" protobuf:"varint,1,opt,name=capacity"`
 }
 
 // NodeConfigStatus describes the status of the config assigned by Node.Spec.ConfigSource.
@@ -7267,6 +7415,9 @@ const (
 	ResourceQuotaScopePriorityClass ResourceQuotaScope = "PriorityClass"
 	// Match all pod objects that have cross-namespace pod (anti)affinity mentioned.
 	ResourceQuotaScopeCrossNamespacePodAffinity ResourceQuotaScope = "CrossNamespacePodAffinity"
+
+	// Match all pvc objects that have volume attributes class mentioned.
+	ResourceQuotaScopeVolumeAttributesClass ResourceQuotaScope = "VolumeAttributesClass"
 )
 
 // ResourceQuotaSpec defines the desired hard limits to enforce for Quota.
diff --git a/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go
index 89ce3d2303..9e987eefdd 100644
--- a/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go
@@ -474,6 +474,7 @@ var map_ContainerStatus = map[string]string{
 	"volumeMounts":             "Status of volume mounts.",
 	"user":                     "User represents user identity information initially attached to the first process of the container",
 	"allocatedResourcesStatus": "AllocatedResourcesStatus represents the status of various resources allocated for this Pod.",
+	"stopSignal":               "StopSignal reports the effective stop signal for this container",
 }
 
 func (ContainerStatus) SwaggerDoc() map[string]string {
@@ -540,7 +541,7 @@ func (EmptyDirVolumeSource) SwaggerDoc() map[string]string {
 }
 
 var map_EndpointAddress = map[string]string{
-	"":          "EndpointAddress is a tuple that describes single IP address.",
+	"":          "EndpointAddress is a tuple that describes single IP address. Deprecated: This API is deprecated in v1.33+.",
 	"ip":        "The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16).",
 	"hostname":  "The Hostname of this endpoint",
 	"nodeName":  "Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.",
@@ -552,7 +553,7 @@ func (EndpointAddress) SwaggerDoc() map[string]string {
 }
 
 var map_EndpointPort = map[string]string{
-	"":            "EndpointPort is a tuple that describes a single port.",
+	"":            "EndpointPort is a tuple that describes a single port. Deprecated: This API is deprecated in v1.33+.",
 	"name":        "The name of this port.  This must match the 'name' field in the corresponding ServicePort. Must be a DNS_LABEL. Optional only if one port is defined.",
 	"port":        "The port number of the endpoint.",
 	"protocol":    "The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.",
@@ -564,7 +565,7 @@ func (EndpointPort) SwaggerDoc() map[string]string {
 }
 
 var map_EndpointSubset = map[string]string{
-	"":                  "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t  Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t  Ports:     [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]",
+	"":                  "EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:\n\n\t{\n\t  Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t  Ports:     [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t}\n\nThe resulting set of endpoints can be viewed as:\n\n\ta: [ 10.10.1.1:8675, 10.10.2.2:8675 ],\n\tb: [ 10.10.1.1:309, 10.10.2.2:309 ]\n\nDeprecated: This API is deprecated in v1.33+.",
 	"addresses":         "IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.",
 	"notReadyAddresses": "IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.",
 	"ports":             "Port numbers available on the related IP addresses.",
@@ -575,7 +576,7 @@ func (EndpointSubset) SwaggerDoc() map[string]string {
 }
 
 var map_Endpoints = map[string]string{
-	"":         "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t   {\n\t     Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t     Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t   },\n\t   {\n\t     Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t     Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t   },\n\t]",
+	"":         "Endpoints is a collection of endpoints that implement the actual service. Example:\n\n\t Name: \"mysvc\",\n\t Subsets: [\n\t   {\n\t     Addresses: [{\"ip\": \"10.10.1.1\"}, {\"ip\": \"10.10.2.2\"}],\n\t     Ports: [{\"name\": \"a\", \"port\": 8675}, {\"name\": \"b\", \"port\": 309}]\n\t   },\n\t   {\n\t     Addresses: [{\"ip\": \"10.10.3.3\"}],\n\t     Ports: [{\"name\": \"a\", \"port\": 93}, {\"name\": \"b\", \"port\": 76}]\n\t   },\n\t]\n\nEndpoints is a legacy API and does not contain information about all Service features. Use discoveryv1.EndpointSlice for complete information about Service endpoints.\n\nDeprecated: This API is deprecated in v1.33+. Use discoveryv1.EndpointSlice.",
 	"metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
 	"subsets":  "The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.",
 }
@@ -585,7 +586,7 @@ func (Endpoints) SwaggerDoc() map[string]string {
 }
 
 var map_EndpointsList = map[string]string{
-	"":         "EndpointsList is a list of endpoints.",
+	"":         "EndpointsList is a list of endpoints. Deprecated: This API is deprecated in v1.33+.",
 	"metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
 	"items":    "List of endpoints.",
 }
@@ -595,8 +596,8 @@ func (EndpointsList) SwaggerDoc() map[string]string {
 }
 
 var map_EnvFromSource = map[string]string{
-	"":             "EnvFromSource represents the source of a set of ConfigMaps",
-	"prefix":       "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.",
+	"":             "EnvFromSource represents the source of a set of ConfigMaps or Secrets",
+	"prefix":       "Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER.",
 	"configMapRef": "The ConfigMap to select from",
 	"secretRef":    "The Secret to select from",
 }
@@ -957,9 +958,10 @@ func (KeyToPath) SwaggerDoc() map[string]string {
 }
 
 var map_Lifecycle = map[string]string{
-	"":          "Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.",
-	"postStart": "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks",
-	"preStop":   "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks",
+	"":           "Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.",
+	"postStart":  "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks",
+	"preStop":    "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks",
+	"stopSignal": "StopSignal defines which signal will be sent to a container when it is being stopped. If not specified, the default is defined by the container runtime in use. StopSignal can only be set for Pods with a non-empty .spec.os.name",
 }
 
 func (Lifecycle) SwaggerDoc() map[string]string {
@@ -1335,6 +1337,15 @@ func (NodeStatus) SwaggerDoc() map[string]string {
 	return map_NodeStatus
 }
 
+var map_NodeSwapStatus = map[string]string{
+	"":         "NodeSwapStatus represents swap memory information.",
+	"capacity": "Total amount of swap memory in bytes.",
+}
+
+func (NodeSwapStatus) SwaggerDoc() map[string]string {
+	return map_NodeSwapStatus
+}
+
 var map_NodeSystemInfo = map[string]string{
 	"":                        "NodeSystemInfo is a set of ids/uuids to uniquely identify the node.",
 	"machineID":               "MachineID reported by the node. For unique machine identification in the cluster this field is preferred. Learn more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html",
@@ -1347,6 +1358,7 @@ var map_NodeSystemInfo = map[string]string{
 	"kubeProxyVersion":        "Deprecated: KubeProxy Version reported by the node.",
 	"operatingSystem":         "The Operating System reported by the node",
 	"architecture":            "The Architecture reported by the node",
+	"swap":                    "Swap Info reported by the node.",
 }
 
 func (NodeSystemInfo) SwaggerDoc() map[string]string {
@@ -1583,8 +1595,8 @@ var map_PodAffinityTerm = map[string]string{
 	"namespaces":        "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".",
 	"topologyKey":       "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.",
 	"namespaceSelector": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.",
-	"matchLabelKeys":    "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
-	"mismatchLabelKeys": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+	"matchLabelKeys":    "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set.",
+	"mismatchLabelKeys": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set.",
 }
 
 func (PodAffinityTerm) SwaggerDoc() map[string]string {
@@ -1617,6 +1629,7 @@ func (PodAttachOptions) SwaggerDoc() map[string]string {
 var map_PodCondition = map[string]string{
 	"":                   "PodCondition contains details for the current condition of this pod.",
 	"type":               "Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions",
+	"observedGeneration": "If set, this represents the .metadata.generation that the pod condition was set based upon. This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.",
 	"status":             "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions",
 	"lastProbeTime":      "Last time we probed the condition.",
 	"lastTransitionTime": "Last time the condition transitioned from one status to another.",
@@ -1799,7 +1812,7 @@ func (PodSignature) SwaggerDoc() map[string]string {
 var map_PodSpec = map[string]string{
 	"":                              "PodSpec is a description of a pod.",
 	"volumes":                       "List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes",
-	"initContainers":                "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/",
+	"initContainers":                "List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/",
 	"containers":                    "List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.",
 	"ephemeralContainers":           "List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing pod to perform user-initiated actions such as debugging. This list cannot be specified when creating a pod, and it cannot be modified by updating the pod spec. In order to add an ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource.",
 	"restartPolicy":                 "Restart policy for all containers within the pod. One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy",
@@ -1846,6 +1859,7 @@ func (PodSpec) SwaggerDoc() map[string]string {
 
 var map_PodStatus = map[string]string{
 	"":                           "PodStatus represents information about the status of a pod. Status may trail the actual state of a system, especially if the node that hosts the pod cannot contact the control plane.",
+	"observedGeneration":         "If set, this represents the .metadata.generation that the pod status was set based upon. This is an alpha field. Enable PodObservedGenerationTracking to be able to use this field.",
 	"phase":                      "The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:\n\nPending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.\n\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase",
 	"conditions":                 "Current service state of pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions",
 	"message":                    "A human readable message indicating details about why the pod is in this condition.",
@@ -1860,7 +1874,7 @@ var map_PodStatus = map[string]string{
 	"containerStatuses":          "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status",
 	"qosClass":                   "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/#quality-of-service-classes",
 	"ephemeralContainerStatuses": "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status",
-	"resize":                     "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\"",
+	"resize":                     "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\" Deprecated: Resize status is moved to two pod conditions PodResizePending and PodResizeInProgress. PodResizePending will track states where the spec has been resized, but the Kubelet has not yet allocated the resources. PodResizeInProgress will track in-progress resizes, and should be present whenever allocated resources != acknowledged resources.",
 	"resourceClaimStatuses":      "Status of resource claims.",
 }
 
@@ -2487,7 +2501,7 @@ var map_ServiceSpec = map[string]string{
 	"allocateLoadBalancerNodePorts": "allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer.  Default is \"true\". It may be set to \"false\" if the cluster load-balancer does not rely on NodePorts.  If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type.",
 	"loadBalancerClass":             "loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. \"internal-vip\" or \"example.com/internal-vip\". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type.",
 	"internalTrafficPolicy":         "InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to \"Local\", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, \"Cluster\", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features).",
-	"trafficDistribution":           "TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation will apply its default routing strategy. If set to \"PreferClose\", implementations should prioritize endpoints that are topologically close (e.g., same zone). This is a beta field and requires enabling ServiceTrafficDistribution feature.",
+	"trafficDistribution":           "TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation will apply its default routing strategy. If set to \"PreferClose\", implementations should prioritize endpoints that are in the same zone.",
 }
 
 func (ServiceSpec) SwaggerDoc() map[string]string {
@@ -2619,8 +2633,8 @@ var map_TopologySpreadConstraint = map[string]string{
 	"whenUnsatisfiable":  "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location,\n  but giving higher precedence to topologies that would help reduce the\n  skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: ",
 	"labelSelector":      "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain.",
 	"minDomains":         "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: ",
-	"nodeAffinityPolicy": "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.",
-	"nodeTaintsPolicy":   "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.",
+	"nodeAffinityPolicy": "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\nIf this value is nil, the behavior is equivalent to the Honor policy.",
+	"nodeTaintsPolicy":   "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.",
 	"matchLabelKeys":     "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector.\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).",
 }
 
@@ -2760,7 +2774,7 @@ var map_VolumeSource = map[string]string{
 	"storageos":             "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. Deprecated: StorageOS is deprecated and the in-tree storageos type is no longer supported.",
 	"csi":                   "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers.",
 	"ephemeral":             "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.\n\nUse this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity\n   tracking are needed,\nc) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through\n   a PersistentVolumeClaim (see EphemeralVolumeSource for more\n   information on the connection between this volume type\n   and PersistentVolumeClaim).\n\nUse PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.\n\nA pod can use both types of ephemeral volumes and persistent volumes at the same time.",
-	"image":                 "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.",
+	"image":                 "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided:\n\n- Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails.\n\nThe volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.",
 }
 
 func (VolumeSource) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/core/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/core/v1/zz_generated.deepcopy.go
index 3f669092ef..619c525427 100644
--- a/vendor/k8s.io/api/core/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/core/v1/zz_generated.deepcopy.go
@@ -1055,6 +1055,11 @@ func (in *ContainerStatus) DeepCopyInto(out *ContainerStatus) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.StopSignal != nil {
+		in, out := &in.StopSignal, &out.StopSignal
+		*out = new(Signal)
+		**out = **in
+	}
 	return
 }
 
@@ -2101,6 +2106,11 @@ func (in *Lifecycle) DeepCopyInto(out *Lifecycle) {
 		*out = new(LifecycleHandler)
 		(*in).DeepCopyInto(*out)
 	}
+	if in.StopSignal != nil {
+		in, out := &in.StopSignal, &out.StopSignal
+		*out = new(Signal)
+		**out = **in
+	}
 	return
 }
 
@@ -3002,7 +3012,7 @@ func (in *NodeStatus) DeepCopyInto(out *NodeStatus) {
 		copy(*out, *in)
 	}
 	out.DaemonEndpoints = in.DaemonEndpoints
-	out.NodeInfo = in.NodeInfo
+	in.NodeInfo.DeepCopyInto(&out.NodeInfo)
 	if in.Images != nil {
 		in, out := &in.Images, &out.Images
 		*out = make([]ContainerImage, len(*in))
@@ -3050,9 +3060,35 @@ func (in *NodeStatus) DeepCopy() *NodeStatus {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NodeSwapStatus) DeepCopyInto(out *NodeSwapStatus) {
+	*out = *in
+	if in.Capacity != nil {
+		in, out := &in.Capacity, &out.Capacity
+		*out = new(int64)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSwapStatus.
+func (in *NodeSwapStatus) DeepCopy() *NodeSwapStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(NodeSwapStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *NodeSystemInfo) DeepCopyInto(out *NodeSystemInfo) {
 	*out = *in
+	if in.Swap != nil {
+		in, out := &in.Swap, &out.Swap
+		*out = new(NodeSwapStatus)
+		(*in).DeepCopyInto(*out)
+	}
 	return
 }
 
diff --git a/vendor/k8s.io/api/discovery/v1/doc.go b/vendor/k8s.io/api/discovery/v1/doc.go
index 01913669ff..43e30b7f43 100644
--- a/vendor/k8s.io/api/discovery/v1/doc.go
+++ b/vendor/k8s.io/api/discovery/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=discovery.k8s.io
 
-package v1 // import "k8s.io/api/discovery/v1"
+package v1
diff --git a/vendor/k8s.io/api/discovery/v1/generated.pb.go b/vendor/k8s.io/api/discovery/v1/generated.pb.go
index 5792481dc1..443ff8f8f3 100644
--- a/vendor/k8s.io/api/discovery/v1/generated.pb.go
+++ b/vendor/k8s.io/api/discovery/v1/generated.pb.go
@@ -214,10 +214,38 @@ func (m *EndpointSliceList) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_EndpointSliceList proto.InternalMessageInfo
 
+func (m *ForNode) Reset()      { *m = ForNode{} }
+func (*ForNode) ProtoMessage() {}
+func (*ForNode) Descriptor() ([]byte, []int) {
+	return fileDescriptor_2237b452324cf77e, []int{6}
+}
+func (m *ForNode) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ForNode) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ForNode) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ForNode.Merge(m, src)
+}
+func (m *ForNode) XXX_Size() int {
+	return m.Size()
+}
+func (m *ForNode) XXX_DiscardUnknown() {
+	xxx_messageInfo_ForNode.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ForNode proto.InternalMessageInfo
+
 func (m *ForZone) Reset()      { *m = ForZone{} }
 func (*ForZone) ProtoMessage() {}
 func (*ForZone) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2237b452324cf77e, []int{6}
+	return fileDescriptor_2237b452324cf77e, []int{7}
 }
 func (m *ForZone) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -250,6 +278,7 @@ func init() {
 	proto.RegisterType((*EndpointPort)(nil), "k8s.io.api.discovery.v1.EndpointPort")
 	proto.RegisterType((*EndpointSlice)(nil), "k8s.io.api.discovery.v1.EndpointSlice")
 	proto.RegisterType((*EndpointSliceList)(nil), "k8s.io.api.discovery.v1.EndpointSliceList")
+	proto.RegisterType((*ForNode)(nil), "k8s.io.api.discovery.v1.ForNode")
 	proto.RegisterType((*ForZone)(nil), "k8s.io.api.discovery.v1.ForZone")
 }
 
@@ -258,62 +287,64 @@ func init() {
 }
 
 var fileDescriptor_2237b452324cf77e = []byte{
-	// 877 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x55, 0x4d, 0x6f, 0xdc, 0x44,
-	0x18, 0x5e, 0x67, 0x63, 0x62, 0x8f, 0x13, 0xd1, 0x8e, 0x90, 0x62, 0x2d, 0xc8, 0x5e, 0x8c, 0x0a,
-	0x2b, 0x45, 0x78, 0x49, 0x84, 0x50, 0x41, 0xe2, 0x10, 0xd3, 0xd0, 0xf2, 0x15, 0xa2, 0x69, 0x4e,
-	0x15, 0x52, 0x71, 0xec, 0x37, 0x5e, 0x93, 0xd8, 0x63, 0x79, 0x26, 0x2b, 0x2d, 0x27, 0x2e, 0x9c,
-	0xe1, 0x17, 0x71, 0x44, 0x39, 0xf6, 0x46, 0x4f, 0x16, 0x31, 0x7f, 0x81, 0x53, 0x4f, 0x68, 0xc6,
-	0x9f, 0x61, 0xb3, 0xda, 0xde, 0x3c, 0xcf, 0x3c, 0xcf, 0xfb, 0xf1, 0xcc, 0xcc, 0x6b, 0xf4, 0xc1,
-	0xc5, 0x43, 0xe6, 0xc6, 0x74, 0xea, 0x67, 0xf1, 0x34, 0x8c, 0x59, 0x40, 0xe7, 0x90, 0x2f, 0xa6,
-	0xf3, 0xfd, 0x69, 0x04, 0x29, 0xe4, 0x3e, 0x87, 0xd0, 0xcd, 0x72, 0xca, 0x29, 0xde, 0xad, 0x88,
-	0xae, 0x9f, 0xc5, 0x6e, 0x4b, 0x74, 0xe7, 0xfb, 0xa3, 0x0f, 0xa3, 0x98, 0xcf, 0xae, 0xce, 0xdc,
-	0x80, 0x26, 0xd3, 0x88, 0x46, 0x74, 0x2a, 0xf9, 0x67, 0x57, 0xe7, 0x72, 0x25, 0x17, 0xf2, 0xab,
-	0x8a, 0x33, 0x72, 0x7a, 0x09, 0x03, 0x9a, 0xc3, 0x1d, 0xb9, 0x46, 0x1f, 0x77, 0x9c, 0xc4, 0x0f,
-	0x66, 0x71, 0x2a, 0x6a, 0xca, 0x2e, 0x22, 0x01, 0xb0, 0x69, 0x02, 0xdc, 0xbf, 0x4b, 0x35, 0x5d,
-	0xa5, 0xca, 0xaf, 0x52, 0x1e, 0x27, 0xb0, 0x24, 0xf8, 0x64, 0x9d, 0x80, 0x05, 0x33, 0x48, 0xfc,
-	0xff, 0xeb, 0x9c, 0x7f, 0x37, 0x91, 0x76, 0x94, 0x86, 0x19, 0x8d, 0x53, 0x8e, 0xf7, 0x90, 0xee,
-	0x87, 0x61, 0x0e, 0x8c, 0x01, 0x33, 0x95, 0xf1, 0x70, 0xa2, 0x7b, 0x3b, 0x65, 0x61, 0xeb, 0x87,
-	0x0d, 0x48, 0xba, 0x7d, 0xfc, 0x1c, 0xa1, 0x80, 0xa6, 0x61, 0xcc, 0x63, 0x9a, 0x32, 0x73, 0x63,
-	0xac, 0x4c, 0x8c, 0x83, 0x3d, 0x77, 0x85, 0xb3, 0x6e, 0x93, 0xe3, 0x8b, 0x56, 0xe2, 0xe1, 0xeb,
-	0xc2, 0x1e, 0x94, 0x85, 0x8d, 0x3a, 0x8c, 0xf4, 0x42, 0xe2, 0x09, 0xd2, 0x66, 0x94, 0xf1, 0xd4,
-	0x4f, 0xc0, 0x1c, 0x8e, 0x95, 0x89, 0xee, 0x6d, 0x97, 0x85, 0xad, 0x3d, 0xa9, 0x31, 0xd2, 0xee,
-	0xe2, 0x13, 0xa4, 0x73, 0x3f, 0x8f, 0x80, 0x13, 0x38, 0x37, 0x37, 0x65, 0x25, 0xef, 0xf5, 0x2b,
-	0x11, 0x67, 0x23, 0x8a, 0xf8, 0xfe, 0xec, 0x27, 0x08, 0x04, 0x09, 0x72, 0x48, 0x03, 0xa8, 0x9a,
-	0x3b, 0x6d, 0x94, 0xa4, 0x0b, 0x82, 0x7f, 0x55, 0x10, 0x0e, 0x21, 0xcb, 0x21, 0x10, 0x5e, 0x9d,
-	0xd2, 0x8c, 0x5e, 0xd2, 0x68, 0x61, 0xaa, 0xe3, 0xe1, 0xc4, 0x38, 0xf8, 0x74, 0x6d, 0x97, 0xee,
-	0xa3, 0x25, 0xed, 0x51, 0xca, 0xf3, 0x85, 0x37, 0xaa, 0x7b, 0xc6, 0xcb, 0x04, 0x72, 0x47, 0x42,
-	0xe1, 0x41, 0x4a, 0x43, 0x38, 0x16, 0x1e, 0xbc, 0xd1, 0x79, 0x70, 0x5c, 0x63, 0xa4, 0xdd, 0xc5,
-	0xef, 0xa0, 0xcd, 0x9f, 0x69, 0x0a, 0xe6, 0x96, 0x64, 0x69, 0x65, 0x61, 0x6f, 0x3e, 0xa3, 0x29,
-	0x10, 0x89, 0xe2, 0xc7, 0x48, 0x9d, 0xc5, 0x29, 0x67, 0xa6, 0x26, 0xdd, 0x79, 0x7f, 0x6d, 0x07,
-	0x4f, 0x04, 0xdb, 0xd3, 0xcb, 0xc2, 0x56, 0xe5, 0x27, 0xa9, 0xf4, 0xa3, 0x23, 0xb4, 0xbb, 0xa2,
-	0x37, 0x7c, 0x0f, 0x0d, 0x2f, 0x60, 0x61, 0x2a, 0xa2, 0x00, 0x22, 0x3e, 0xf1, 0x5b, 0x48, 0x9d,
-	0xfb, 0x97, 0x57, 0x20, 0x6f, 0x87, 0x4e, 0xaa, 0xc5, 0x67, 0x1b, 0x0f, 0x15, 0xe7, 0x37, 0x05,
-	0xe1, 0xe5, 0x2b, 0x81, 0x6d, 0xa4, 0xe6, 0xe0, 0x87, 0x55, 0x10, 0xad, 0x4a, 0x4f, 0x04, 0x40,
-	0x2a, 0x1c, 0x3f, 0x40, 0x5b, 0x0c, 0xf2, 0x79, 0x9c, 0x46, 0x32, 0xa6, 0xe6, 0x19, 0x65, 0x61,
-	0x6f, 0x3d, 0xad, 0x20, 0xd2, 0xec, 0xe1, 0x7d, 0x64, 0x70, 0xc8, 0x93, 0x38, 0xf5, 0xb9, 0xa0,
-	0x0e, 0x25, 0xf5, 0xcd, 0xb2, 0xb0, 0x8d, 0xd3, 0x0e, 0x26, 0x7d, 0x8e, 0xf3, 0x1c, 0xed, 0xdc,
-	0xea, 0x1d, 0x1f, 0x23, 0xed, 0x9c, 0xe6, 0xc2, 0xc3, 0xea, 0x2d, 0x18, 0x07, 0xe3, 0x95, 0xae,
-	0x7d, 0x59, 0x11, 0xbd, 0x7b, 0xf5, 0xf1, 0x6a, 0x35, 0xc0, 0x48, 0x1b, 0xc3, 0xf9, 0x53, 0x41,
-	0xdb, 0x4d, 0x86, 0x13, 0x9a, 0x73, 0x71, 0x62, 0xf2, 0x6e, 0x2b, 0xdd, 0x89, 0xc9, 0x33, 0x95,
-	0x28, 0x7e, 0x8c, 0x34, 0xf9, 0x42, 0x03, 0x7a, 0x59, 0xd9, 0xe7, 0xed, 0x89, 0xc0, 0x27, 0x35,
-	0xf6, 0xaa, 0xb0, 0xdf, 0x5e, 0x9e, 0x3e, 0x6e, 0xb3, 0x4d, 0x5a, 0xb1, 0x48, 0x93, 0xd1, 0x9c,
-	0x4b, 0x13, 0xd4, 0x2a, 0x8d, 0x48, 0x4f, 0x24, 0x2a, 0x9c, 0xf2, 0xb3, 0xac, 0x91, 0xc9, 0xc7,
-	0xa3, 0x57, 0x4e, 0x1d, 0x76, 0x30, 0xe9, 0x73, 0x9c, 0xbf, 0x36, 0x3a, 0xab, 0x9e, 0x5e, 0xc6,
-	0x01, 0xe0, 0x1f, 0x91, 0x26, 0x06, 0x59, 0xe8, 0x73, 0x5f, 0x76, 0x63, 0x1c, 0x7c, 0xd4, 0xb3,
-	0xaa, 0x9d, 0x47, 0x6e, 0x76, 0x11, 0x09, 0x80, 0xb9, 0x82, 0xdd, 0x3d, 0xc8, 0xef, 0x80, 0xfb,
-	0xdd, 0x34, 0xe8, 0x30, 0xd2, 0x46, 0xc5, 0x8f, 0x90, 0x51, 0x4f, 0x9e, 0xd3, 0x45, 0x06, 0x75,
-	0x99, 0x4e, 0x2d, 0x31, 0x0e, 0xbb, 0xad, 0x57, 0xb7, 0x97, 0xa4, 0x2f, 0xc3, 0x04, 0xe9, 0x50,
-	0x17, 0x2e, 0x26, 0x96, 0x38, 0xd3, 0x77, 0xd7, 0xbe, 0x04, 0xef, 0x7e, 0x9d, 0x46, 0x6f, 0x10,
-	0x46, 0xba, 0x30, 0xf8, 0x6b, 0xa4, 0x0a, 0x23, 0x99, 0x39, 0x94, 0xf1, 0x1e, 0xac, 0x8d, 0x27,
-	0xcc, 0xf7, 0x76, 0xea, 0x98, 0xaa, 0x58, 0x31, 0x52, 0x85, 0x70, 0xfe, 0x50, 0xd0, 0xfd, 0x5b,
-	0xce, 0x7e, 0x1b, 0x33, 0x8e, 0x7f, 0x58, 0x72, 0xd7, 0x7d, 0x3d, 0x77, 0x85, 0x5a, 0x7a, 0xdb,
-	0x5e, 0xcb, 0x06, 0xe9, 0x39, 0xfb, 0x0d, 0x52, 0x63, 0x0e, 0x49, 0xe3, 0xc7, 0xfa, 0xc9, 0x20,
-	0x0b, 0xeb, 0x1a, 0xf8, 0x4a, 0x88, 0x49, 0x15, 0xc3, 0xd9, 0x43, 0x5b, 0xf5, 0xcd, 0xc7, 0xe3,
-	0x5b, 0xb7, 0x7b, 0xbb, 0xa6, 0xf7, 0x6e, 0xb8, 0xf7, 0xf9, 0xf5, 0x8d, 0x35, 0x78, 0x71, 0x63,
-	0x0d, 0x5e, 0xde, 0x58, 0x83, 0x5f, 0x4a, 0x4b, 0xb9, 0x2e, 0x2d, 0xe5, 0x45, 0x69, 0x29, 0x2f,
-	0x4b, 0x4b, 0xf9, 0xbb, 0xb4, 0x94, 0xdf, 0xff, 0xb1, 0x06, 0xcf, 0x76, 0x57, 0xfc, 0xd4, 0xff,
-	0x0b, 0x00, 0x00, 0xff, 0xff, 0x76, 0x4b, 0x26, 0xe3, 0xee, 0x07, 0x00, 0x00,
+	// 902 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x56, 0xcf, 0x6f, 0xe3, 0x44,
+	0x14, 0x8e, 0x9b, 0x9a, 0xda, 0xe3, 0x56, 0xec, 0x8e, 0x90, 0x6a, 0x05, 0x64, 0x07, 0xa3, 0x85,
+	0x48, 0x15, 0x0e, 0xad, 0x10, 0x5a, 0x90, 0x38, 0xd4, 0x6c, 0xd9, 0xe5, 0x57, 0xa9, 0x66, 0x7b,
+	0x5a, 0x21, 0x81, 0x6b, 0xbf, 0x3a, 0xa6, 0x8d, 0xc7, 0xf2, 0x4c, 0x22, 0x85, 0x13, 0x17, 0xce,
+	0xf0, 0x9f, 0xf0, 0x1f, 0x70, 0x44, 0x3d, 0xee, 0x8d, 0x3d, 0x59, 0xd4, 0xfc, 0x0b, 0x9c, 0xf6,
+	0x84, 0x66, 0xfc, 0x33, 0xa4, 0x51, 0xf6, 0xe6, 0xf9, 0xe6, 0x7b, 0xdf, 0x7b, 0xf3, 0xcd, 0x7b,
+	0x23, 0xa3, 0xf7, 0xae, 0x1e, 0x32, 0x37, 0xa6, 0x63, 0x3f, 0x8d, 0xc7, 0x61, 0xcc, 0x02, 0x3a,
+	0x87, 0x6c, 0x31, 0x9e, 0x1f, 0x8e, 0x23, 0x48, 0x20, 0xf3, 0x39, 0x84, 0x6e, 0x9a, 0x51, 0x4e,
+	0xf1, 0x7e, 0x49, 0x74, 0xfd, 0x34, 0x76, 0x1b, 0xa2, 0x3b, 0x3f, 0x1c, 0xbc, 0x1f, 0xc5, 0x7c,
+	0x32, 0xbb, 0x70, 0x03, 0x3a, 0x1d, 0x47, 0x34, 0xa2, 0x63, 0xc9, 0xbf, 0x98, 0x5d, 0xca, 0x95,
+	0x5c, 0xc8, 0xaf, 0x52, 0x67, 0xe0, 0x74, 0x12, 0x06, 0x34, 0x83, 0x3b, 0x72, 0x0d, 0x3e, 0x6c,
+	0x39, 0x53, 0x3f, 0x98, 0xc4, 0x89, 0xa8, 0x29, 0xbd, 0x8a, 0x04, 0xc0, 0xc6, 0x53, 0xe0, 0xfe,
+	0x5d, 0x51, 0xe3, 0x75, 0x51, 0xd9, 0x2c, 0xe1, 0xf1, 0x14, 0x56, 0x02, 0x3e, 0xda, 0x14, 0xc0,
+	0x82, 0x09, 0x4c, 0xfd, 0xff, 0xc7, 0x39, 0xff, 0x6e, 0x23, 0xed, 0x24, 0x09, 0x53, 0x1a, 0x27,
+	0x1c, 0x1f, 0x20, 0xdd, 0x0f, 0xc3, 0x0c, 0x18, 0x03, 0x66, 0x2a, 0xc3, 0xfe, 0x48, 0xf7, 0xf6,
+	0x8a, 0xdc, 0xd6, 0x8f, 0x6b, 0x90, 0xb4, 0xfb, 0xf8, 0x7b, 0x84, 0x02, 0x9a, 0x84, 0x31, 0x8f,
+	0x69, 0xc2, 0xcc, 0xad, 0xa1, 0x32, 0x32, 0x8e, 0x0e, 0xdc, 0x35, 0xce, 0xba, 0x75, 0x8e, 0xcf,
+	0x9a, 0x10, 0x0f, 0xdf, 0xe4, 0x76, 0xaf, 0xc8, 0x6d, 0xd4, 0x62, 0xa4, 0x23, 0x89, 0x47, 0x48,
+	0x9b, 0x50, 0xc6, 0x13, 0x7f, 0x0a, 0x66, 0x7f, 0xa8, 0x8c, 0x74, 0x6f, 0xb7, 0xc8, 0x6d, 0xed,
+	0x49, 0x85, 0x91, 0x66, 0x17, 0x9f, 0x21, 0x9d, 0xfb, 0x59, 0x04, 0x9c, 0xc0, 0xa5, 0xb9, 0x2d,
+	0x2b, 0x79, 0xa7, 0x5b, 0x89, 0xb8, 0x1b, 0x51, 0xc4, 0xb7, 0x17, 0x3f, 0x42, 0x20, 0x48, 0x90,
+	0x41, 0x12, 0x40, 0x79, 0xb8, 0xf3, 0x3a, 0x92, 0xb4, 0x22, 0xf8, 0x17, 0x05, 0xe1, 0x10, 0xd2,
+	0x0c, 0x02, 0xe1, 0xd5, 0x39, 0x4d, 0xe9, 0x35, 0x8d, 0x16, 0xa6, 0x3a, 0xec, 0x8f, 0x8c, 0xa3,
+	0x8f, 0x37, 0x9e, 0xd2, 0x7d, 0xb4, 0x12, 0x7b, 0x92, 0xf0, 0x6c, 0xe1, 0x0d, 0xaa, 0x33, 0xe3,
+	0x55, 0x02, 0xb9, 0x23, 0xa1, 0xf0, 0x20, 0xa1, 0x21, 0x9c, 0x0a, 0x0f, 0x5e, 0x6b, 0x3d, 0x38,
+	0xad, 0x30, 0xd2, 0xec, 0xe2, 0xb7, 0xd0, 0xf6, 0x4f, 0x34, 0x01, 0x73, 0x47, 0xb2, 0xb4, 0x22,
+	0xb7, 0xb7, 0x9f, 0xd1, 0x04, 0x88, 0x44, 0xf1, 0x63, 0xa4, 0x4e, 0xe2, 0x84, 0x33, 0x53, 0x93,
+	0xee, 0xbc, 0xbb, 0xf1, 0x04, 0x4f, 0x04, 0xdb, 0xd3, 0x8b, 0xdc, 0x56, 0xe5, 0x27, 0x29, 0xe3,
+	0x07, 0x27, 0x68, 0x7f, 0xcd, 0xd9, 0xf0, 0x3d, 0xd4, 0xbf, 0x82, 0x85, 0xa9, 0x88, 0x02, 0x88,
+	0xf8, 0xc4, 0x6f, 0x20, 0x75, 0xee, 0x5f, 0xcf, 0x40, 0x76, 0x87, 0x4e, 0xca, 0xc5, 0x27, 0x5b,
+	0x0f, 0x15, 0xe7, 0x57, 0x05, 0xe1, 0xd5, 0x96, 0xc0, 0x36, 0x52, 0x33, 0xf0, 0xc3, 0x52, 0x44,
+	0x2b, 0xd3, 0x13, 0x01, 0x90, 0x12, 0xc7, 0x0f, 0xd0, 0x0e, 0x83, 0x6c, 0x1e, 0x27, 0x91, 0xd4,
+	0xd4, 0x3c, 0xa3, 0xc8, 0xed, 0x9d, 0xa7, 0x25, 0x44, 0xea, 0x3d, 0x7c, 0x88, 0x0c, 0x0e, 0xd9,
+	0x34, 0x4e, 0x7c, 0x2e, 0xa8, 0x7d, 0x49, 0x7d, 0xbd, 0xc8, 0x6d, 0xe3, 0xbc, 0x85, 0x49, 0x97,
+	0xe3, 0xfc, 0xae, 0xa0, 0xbd, 0xa5, 0xc3, 0xe3, 0x53, 0xa4, 0x5d, 0xd2, 0x4c, 0x98, 0x58, 0x0e,
+	0x83, 0x71, 0x34, 0x5c, 0x6b, 0xdb, 0xe7, 0x25, 0xd1, 0xbb, 0x57, 0xdd, 0xaf, 0x56, 0x01, 0x8c,
+	0x34, 0x1a, 0x95, 0x9e, 0xb8, 0x3a, 0x31, 0x2e, 0x1b, 0xf5, 0x04, 0x71, 0x49, 0x4f, 0x46, 0x92,
+	0x46, 0xc3, 0xf9, 0x53, 0x41, 0xbb, 0x75, 0xc5, 0x67, 0x34, 0xe3, 0xa2, 0x05, 0xe4, 0xb0, 0x28,
+	0x6d, 0x0b, 0xc8, 0x26, 0x91, 0x28, 0x7e, 0x8c, 0x34, 0x39, 0xf2, 0x01, 0xbd, 0x2e, 0xef, 0xc3,
+	0x3b, 0x10, 0xc2, 0x67, 0x15, 0xf6, 0x32, 0xb7, 0xdf, 0x5c, 0x7d, 0xce, 0xdc, 0x7a, 0x9b, 0x34,
+	0xc1, 0x22, 0x4d, 0x4a, 0x33, 0x2e, 0x5d, 0x55, 0xcb, 0x34, 0x22, 0x3d, 0x91, 0xa8, 0xb0, 0xde,
+	0x4f, 0xd3, 0x3a, 0x4c, 0x4e, 0xa3, 0x5e, 0x5a, 0x7f, 0xdc, 0xc2, 0xa4, 0xcb, 0x71, 0xfe, 0xda,
+	0x6a, 0xad, 0x7f, 0x7a, 0x1d, 0x07, 0x80, 0x7f, 0x40, 0x9a, 0x78, 0x19, 0x43, 0x9f, 0xfb, 0xf2,
+	0x34, 0xc6, 0xd1, 0x07, 0x1d, 0xab, 0x9a, 0x07, 0xce, 0x4d, 0xaf, 0x22, 0x01, 0x30, 0x57, 0xb0,
+	0xdb, 0x09, 0xff, 0x06, 0xb8, 0xdf, 0x3e, 0x2f, 0x2d, 0x46, 0x1a, 0x55, 0xfc, 0x08, 0x19, 0xd5,
+	0x53, 0x76, 0xbe, 0x48, 0xa1, 0x2a, 0xd3, 0xa9, 0x42, 0x8c, 0xe3, 0x76, 0xeb, 0xe5, 0xf2, 0x92,
+	0x74, 0xc3, 0x30, 0x41, 0x3a, 0x54, 0x85, 0xd7, 0x77, 0xfa, 0xf6, 0xc6, 0xd1, 0xf2, 0xee, 0x57,
+	0x69, 0xf4, 0x1a, 0x61, 0xa4, 0x95, 0xc1, 0x5f, 0x22, 0x55, 0x18, 0xc9, 0xcc, 0xbe, 0xd4, 0x7b,
+	0xb0, 0x51, 0x4f, 0x98, 0xef, 0xed, 0x55, 0x9a, 0xaa, 0x58, 0x31, 0x52, 0x4a, 0x38, 0x7f, 0x28,
+	0xe8, 0xfe, 0x92, 0xb3, 0x5f, 0xc7, 0x8c, 0xe3, 0xef, 0x56, 0xdc, 0x75, 0x5f, 0xcd, 0x5d, 0x11,
+	0x2d, 0xbd, 0x6d, 0xda, 0xb2, 0x46, 0x3a, 0xce, 0x7e, 0x85, 0xd4, 0x98, 0xc3, 0xb4, 0xf6, 0x63,
+	0xf3, 0x53, 0x23, 0x0b, 0x6b, 0x0f, 0xf0, 0x85, 0x08, 0x26, 0xa5, 0x86, 0x73, 0x80, 0x76, 0xaa,
+	0xce, 0xc7, 0xc3, 0xa5, 0xee, 0xde, 0xad, 0xe8, 0x9d, 0x0e, 0xaf, 0xc8, 0x62, 0xd8, 0x36, 0x93,
+	0xbd, 0x4f, 0x6f, 0x6e, 0xad, 0xde, 0xf3, 0x5b, 0xab, 0xf7, 0xe2, 0xd6, 0xea, 0xfd, 0x5c, 0x58,
+	0xca, 0x4d, 0x61, 0x29, 0xcf, 0x0b, 0x4b, 0x79, 0x51, 0x58, 0xca, 0xdf, 0x85, 0xa5, 0xfc, 0xf6,
+	0x8f, 0xd5, 0x7b, 0xb6, 0xbf, 0xe6, 0x97, 0xe2, 0xbf, 0x00, 0x00, 0x00, 0xff, 0xff, 0xf4, 0xfc,
+	0xbe, 0xad, 0x6c, 0x08, 0x00, 0x00,
 }
 
 func (m *Endpoint) Marshal() (dAtA []byte, err error) {
@@ -500,6 +531,20 @@ func (m *EndpointHints) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if len(m.ForNodes) > 0 {
+		for iNdEx := len(m.ForNodes) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.ForNodes[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
 	if len(m.ForZones) > 0 {
 		for iNdEx := len(m.ForZones) - 1; iNdEx >= 0; iNdEx-- {
 			{
@@ -679,6 +724,34 @@ func (m *EndpointSliceList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
+func (m *ForNode) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ForNode) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ForNode) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
 func (m *ForZone) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -793,6 +866,12 @@ func (m *EndpointHints) Size() (n int) {
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
+	if len(m.ForNodes) > 0 {
+		for _, e := range m.ForNodes {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -862,6 +941,17 @@ func (m *EndpointSliceList) Size() (n int) {
 	return n
 }
 
+func (m *ForNode) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
 func (m *ForZone) Size() (n int) {
 	if m == nil {
 		return 0
@@ -927,8 +1017,14 @@ func (this *EndpointHints) String() string {
 		repeatedStringForForZones += strings.Replace(strings.Replace(f.String(), "ForZone", "ForZone", 1), `&`, ``, 1) + ","
 	}
 	repeatedStringForForZones += "}"
+	repeatedStringForForNodes := "[]ForNode{"
+	for _, f := range this.ForNodes {
+		repeatedStringForForNodes += strings.Replace(strings.Replace(f.String(), "ForNode", "ForNode", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForForNodes += "}"
 	s := strings.Join([]string{`&EndpointHints{`,
 		`ForZones:` + repeatedStringForForZones + `,`,
+		`ForNodes:` + repeatedStringForForNodes + `,`,
 		`}`,
 	}, "")
 	return s
@@ -985,6 +1081,16 @@ func (this *EndpointSliceList) String() string {
 	}, "")
 	return s
 }
+func (this *ForNode) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ForNode{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *ForZone) String() string {
 	if this == nil {
 		return "nil"
@@ -1592,6 +1698,40 @@ func (m *EndpointHints) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ForNodes", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.ForNodes = append(m.ForNodes, ForNode{})
+			if err := m.ForNodes[len(m.ForNodes)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -2082,6 +2222,88 @@ func (m *EndpointSliceList) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
+func (m *ForNode) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ForNode: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ForNode: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func (m *ForZone) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
diff --git a/vendor/k8s.io/api/discovery/v1/generated.proto b/vendor/k8s.io/api/discovery/v1/generated.proto
index 8ddf0dc5d3..569d8a916e 100644
--- a/vendor/k8s.io/api/discovery/v1/generated.proto
+++ b/vendor/k8s.io/api/discovery/v1/generated.proto
@@ -31,12 +31,12 @@ option go_package = "k8s.io/api/discovery/v1";
 
 // Endpoint represents a single logical "backend" implementing a service.
 message Endpoint {
-  // addresses of this endpoint. The contents of this field are interpreted
-  // according to the corresponding EndpointSlice addressType field. Consumers
-  // must handle different types of addresses in the context of their own
-  // capabilities. This must contain at least one address but no more than
-  // 100. These are all assumed to be fungible and clients may choose to only
-  // use the first element. Refer to: https://issue.k8s.io/106267
+  // addresses of this endpoint. For EndpointSlices of addressType "IPv4" or "IPv6",
+  // the values are IP addresses in canonical form. The syntax and semantics of
+  // other addressType values are not defined. This must contain at least one
+  // address but no more than 100. EndpointSlices generated by the EndpointSlice
+  // controller will always have exactly 1 address. No semantics are defined for
+  // additional addresses beyond the first, and kube-proxy does not look at them.
   // +listType=set
   repeated string addresses = 1;
 
@@ -82,36 +82,42 @@ message Endpoint {
 
 // EndpointConditions represents the current condition of an endpoint.
 message EndpointConditions {
-  // ready indicates that this endpoint is prepared to receive traffic,
+  // ready indicates that this endpoint is ready to receive traffic,
   // according to whatever system is managing the endpoint. A nil value
-  // indicates an unknown state. In most cases consumers should interpret this
-  // unknown state as ready. For compatibility reasons, ready should never be
-  // "true" for terminating endpoints, except when the normal readiness
-  // behavior is being explicitly overridden, for example when the associated
-  // Service has set the publishNotReadyAddresses flag.
+  // should be interpreted as "true". In general, an endpoint should be
+  // marked ready if it is serving and not terminating, though this can
+  // be overridden in some cases, such as when the associated Service has
+  // set the publishNotReadyAddresses flag.
   // +optional
   optional bool ready = 1;
 
-  // serving is identical to ready except that it is set regardless of the
-  // terminating state of endpoints. This condition should be set to true for
-  // a ready endpoint that is terminating. If nil, consumers should defer to
-  // the ready condition.
+  // serving indicates that this endpoint is able to receive traffic,
+  // according to whatever system is managing the endpoint. For endpoints
+  // backed by pods, the EndpointSlice controller will mark the endpoint
+  // as serving if the pod's Ready condition is True. A nil value should be
+  // interpreted as "true".
   // +optional
   optional bool serving = 2;
 
   // terminating indicates that this endpoint is terminating. A nil value
-  // indicates an unknown state. Consumers should interpret this unknown state
-  // to mean that the endpoint is not terminating.
+  // should be interpreted as "false".
   // +optional
   optional bool terminating = 3;
 }
 
 // EndpointHints provides hints describing how an endpoint should be consumed.
 message EndpointHints {
-  // forZones indicates the zone(s) this endpoint should be consumed by to
-  // enable topology aware routing.
+  // forZones indicates the zone(s) this endpoint should be consumed by when
+  // using topology aware routing. May contain a maximum of 8 entries.
   // +listType=atomic
   repeated ForZone forZones = 1;
+
+  // forNodes indicates the node(s) this endpoint should be consumed by when
+  // using topology aware routing. May contain a maximum of 8 entries.
+  // This is an Alpha feature and is only used when the PreferSameTrafficDistribution
+  // feature gate is enabled.
+  // +listType=atomic
+  repeated ForNode forNodes = 2;
 }
 
 // EndpointPort represents a Port used by an EndpointSlice
@@ -132,8 +138,9 @@ message EndpointPort {
   optional string protocol = 2;
 
   // port represents the port number of the endpoint.
-  // If this is not specified, ports are not restricted and must be
-  // interpreted in the context of the specific consumer.
+  // If the EndpointSlice is derived from a Kubernetes service, this must be set
+  // to the service's target port. EndpointSlices used for other purposes may have
+  // a nil port.
   optional int32 port = 3;
 
   // The application protocol for this port.
@@ -155,9 +162,12 @@ message EndpointPort {
   optional string appProtocol = 4;
 }
 
-// EndpointSlice represents a subset of the endpoints that implement a service.
-// For a given service there may be multiple EndpointSlice objects, selected by
-// labels, which must be joined to produce the full set of endpoints.
+// EndpointSlice represents a set of service endpoints. Most EndpointSlices are created by
+// the EndpointSlice controller to represent the Pods selected by Service objects. For a
+// given service there may be multiple EndpointSlice objects which must be joined to
+// produce the full set of endpoints; you can find all of the slices for a given service
+// by listing EndpointSlices in the service's namespace whose `kubernetes.io/service-name`
+// label contains the service's name.
 message EndpointSlice {
   // Standard object's metadata.
   // +optional
@@ -169,7 +179,10 @@ message EndpointSlice {
   // supported:
   // * IPv4: Represents an IPv4 Address.
   // * IPv6: Represents an IPv6 Address.
-  // * FQDN: Represents a Fully Qualified Domain Name.
+  // * FQDN: Represents a Fully Qualified Domain Name. (Deprecated)
+  // The EndpointSlice controller only generates, and kube-proxy only processes,
+  // slices of addressType "IPv4" and "IPv6". No semantics are defined for
+  // the "FQDN" type.
   optional string addressType = 4;
 
   // endpoints is a list of unique endpoints in this slice. Each slice may
@@ -178,10 +191,11 @@ message EndpointSlice {
   repeated Endpoint endpoints = 2;
 
   // ports specifies the list of network ports exposed by each endpoint in
-  // this slice. Each port must have a unique name. When ports is empty, it
-  // indicates that there are no defined ports. When a port is defined with a
-  // nil port value, it indicates "all ports". Each slice may include a
+  // this slice. Each port must have a unique name. Each slice may include a
   // maximum of 100 ports.
+  // Services always have at least 1 port, so EndpointSlices generated by the
+  // EndpointSlice controller will likewise always have at least 1 port.
+  // EndpointSlices used for other purposes may have an empty ports list.
   // +optional
   // +listType=atomic
   repeated EndpointPort ports = 3;
@@ -197,6 +211,12 @@ message EndpointSliceList {
   repeated EndpointSlice items = 2;
 }
 
+// ForNode provides information about which nodes should consume this endpoint.
+message ForNode {
+  // name represents the name of the node.
+  optional string name = 1;
+}
+
 // ForZone provides information about which zones should consume this endpoint.
 message ForZone {
   // name represents the name of the zone.
diff --git a/vendor/k8s.io/api/discovery/v1/types.go b/vendor/k8s.io/api/discovery/v1/types.go
index d6a9d0fced..6f26953169 100644
--- a/vendor/k8s.io/api/discovery/v1/types.go
+++ b/vendor/k8s.io/api/discovery/v1/types.go
@@ -25,9 +25,12 @@ import (
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 // +k8s:prerelease-lifecycle-gen:introduced=1.21
 
-// EndpointSlice represents a subset of the endpoints that implement a service.
-// For a given service there may be multiple EndpointSlice objects, selected by
-// labels, which must be joined to produce the full set of endpoints.
+// EndpointSlice represents a set of service endpoints. Most EndpointSlices are created by
+// the EndpointSlice controller to represent the Pods selected by Service objects. For a
+// given service there may be multiple EndpointSlice objects which must be joined to
+// produce the full set of endpoints; you can find all of the slices for a given service
+// by listing EndpointSlices in the service's namespace whose `kubernetes.io/service-name`
+// label contains the service's name.
 type EndpointSlice struct {
 	metav1.TypeMeta `json:",inline"`
 
@@ -41,7 +44,10 @@ type EndpointSlice struct {
 	// supported:
 	// * IPv4: Represents an IPv4 Address.
 	// * IPv6: Represents an IPv6 Address.
-	// * FQDN: Represents a Fully Qualified Domain Name.
+	// * FQDN: Represents a Fully Qualified Domain Name. (Deprecated)
+	// The EndpointSlice controller only generates, and kube-proxy only processes,
+	// slices of addressType "IPv4" and "IPv6". No semantics are defined for
+	// the "FQDN" type.
 	AddressType AddressType `json:"addressType" protobuf:"bytes,4,rep,name=addressType"`
 
 	// endpoints is a list of unique endpoints in this slice. Each slice may
@@ -50,10 +56,11 @@ type EndpointSlice struct {
 	Endpoints []Endpoint `json:"endpoints" protobuf:"bytes,2,rep,name=endpoints"`
 
 	// ports specifies the list of network ports exposed by each endpoint in
-	// this slice. Each port must have a unique name. When ports is empty, it
-	// indicates that there are no defined ports. When a port is defined with a
-	// nil port value, it indicates "all ports". Each slice may include a
+	// this slice. Each port must have a unique name. Each slice may include a
 	// maximum of 100 ports.
+	// Services always have at least 1 port, so EndpointSlices generated by the
+	// EndpointSlice controller will likewise always have at least 1 port.
+	// EndpointSlices used for other purposes may have an empty ports list.
 	// +optional
 	// +listType=atomic
 	Ports []EndpointPort `json:"ports" protobuf:"bytes,3,rep,name=ports"`
@@ -76,12 +83,12 @@ const (
 
 // Endpoint represents a single logical "backend" implementing a service.
 type Endpoint struct {
-	// addresses of this endpoint. The contents of this field are interpreted
-	// according to the corresponding EndpointSlice addressType field. Consumers
-	// must handle different types of addresses in the context of their own
-	// capabilities. This must contain at least one address but no more than
-	// 100. These are all assumed to be fungible and clients may choose to only
-	// use the first element. Refer to: https://issue.k8s.io/106267
+	// addresses of this endpoint. For EndpointSlices of addressType "IPv4" or "IPv6",
+	// the values are IP addresses in canonical form. The syntax and semantics of
+	// other addressType values are not defined. This must contain at least one
+	// address but no more than 100. EndpointSlices generated by the EndpointSlice
+	// controller will always have exactly 1 address. No semantics are defined for
+	// additional addresses beyond the first, and kube-proxy does not look at them.
 	// +listType=set
 	Addresses []string `json:"addresses" protobuf:"bytes,1,rep,name=addresses"`
 
@@ -127,36 +134,42 @@ type Endpoint struct {
 
 // EndpointConditions represents the current condition of an endpoint.
 type EndpointConditions struct {
-	// ready indicates that this endpoint is prepared to receive traffic,
+	// ready indicates that this endpoint is ready to receive traffic,
 	// according to whatever system is managing the endpoint. A nil value
-	// indicates an unknown state. In most cases consumers should interpret this
-	// unknown state as ready. For compatibility reasons, ready should never be
-	// "true" for terminating endpoints, except when the normal readiness
-	// behavior is being explicitly overridden, for example when the associated
-	// Service has set the publishNotReadyAddresses flag.
+	// should be interpreted as "true". In general, an endpoint should be
+	// marked ready if it is serving and not terminating, though this can
+	// be overridden in some cases, such as when the associated Service has
+	// set the publishNotReadyAddresses flag.
 	// +optional
 	Ready *bool `json:"ready,omitempty" protobuf:"bytes,1,name=ready"`
 
-	// serving is identical to ready except that it is set regardless of the
-	// terminating state of endpoints. This condition should be set to true for
-	// a ready endpoint that is terminating. If nil, consumers should defer to
-	// the ready condition.
+	// serving indicates that this endpoint is able to receive traffic,
+	// according to whatever system is managing the endpoint. For endpoints
+	// backed by pods, the EndpointSlice controller will mark the endpoint
+	// as serving if the pod's Ready condition is True. A nil value should be
+	// interpreted as "true".
 	// +optional
 	Serving *bool `json:"serving,omitempty" protobuf:"bytes,2,name=serving"`
 
 	// terminating indicates that this endpoint is terminating. A nil value
-	// indicates an unknown state. Consumers should interpret this unknown state
-	// to mean that the endpoint is not terminating.
+	// should be interpreted as "false".
 	// +optional
 	Terminating *bool `json:"terminating,omitempty" protobuf:"bytes,3,name=terminating"`
 }
 
 // EndpointHints provides hints describing how an endpoint should be consumed.
 type EndpointHints struct {
-	// forZones indicates the zone(s) this endpoint should be consumed by to
-	// enable topology aware routing.
+	// forZones indicates the zone(s) this endpoint should be consumed by when
+	// using topology aware routing. May contain a maximum of 8 entries.
 	// +listType=atomic
 	ForZones []ForZone `json:"forZones,omitempty" protobuf:"bytes,1,name=forZones"`
+
+	// forNodes indicates the node(s) this endpoint should be consumed by when
+	// using topology aware routing. May contain a maximum of 8 entries.
+	// This is an Alpha feature and is only used when the PreferSameTrafficDistribution
+	// feature gate is enabled.
+	// +listType=atomic
+	ForNodes []ForNode `json:"forNodes,omitempty" protobuf:"bytes,2,name=forNodes"`
 }
 
 // ForZone provides information about which zones should consume this endpoint.
@@ -165,6 +178,12 @@ type ForZone struct {
 	Name string `json:"name" protobuf:"bytes,1,name=name"`
 }
 
+// ForNode provides information about which nodes should consume this endpoint.
+type ForNode struct {
+	// name represents the name of the node.
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+}
+
 // EndpointPort represents a Port used by an EndpointSlice
 // +structType=atomic
 type EndpointPort struct {
@@ -183,8 +202,9 @@ type EndpointPort struct {
 	Protocol *v1.Protocol `json:"protocol,omitempty" protobuf:"bytes,2,name=protocol"`
 
 	// port represents the port number of the endpoint.
-	// If this is not specified, ports are not restricted and must be
-	// interpreted in the context of the specific consumer.
+	// If the EndpointSlice is derived from a Kubernetes service, this must be set
+	// to the service's target port. EndpointSlices used for other purposes may have
+	// a nil port.
 	Port *int32 `json:"port,omitempty" protobuf:"bytes,3,opt,name=port"`
 
 	// The application protocol for this port.
diff --git a/vendor/k8s.io/api/discovery/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/discovery/v1/types_swagger_doc_generated.go
index 41c3060568..ac5b853b9e 100644
--- a/vendor/k8s.io/api/discovery/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/discovery/v1/types_swagger_doc_generated.go
@@ -29,7 +29,7 @@ package v1
 // AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT.
 var map_Endpoint = map[string]string{
 	"":                   "Endpoint represents a single logical \"backend\" implementing a service.",
-	"addresses":          "addresses of this endpoint. The contents of this field are interpreted according to the corresponding EndpointSlice addressType field. Consumers must handle different types of addresses in the context of their own capabilities. This must contain at least one address but no more than 100. These are all assumed to be fungible and clients may choose to only use the first element. Refer to: https://issue.k8s.io/106267",
+	"addresses":          "addresses of this endpoint. For EndpointSlices of addressType \"IPv4\" or \"IPv6\", the values are IP addresses in canonical form. The syntax and semantics of other addressType values are not defined. This must contain at least one address but no more than 100. EndpointSlices generated by the EndpointSlice controller will always have exactly 1 address. No semantics are defined for additional addresses beyond the first, and kube-proxy does not look at them.",
 	"conditions":         "conditions contains information about the current status of the endpoint.",
 	"hostname":           "hostname of this endpoint. This field may be used by consumers of endpoints to distinguish endpoints from each other (e.g. in DNS names). Multiple endpoints which use the same hostname should be considered fungible (e.g. multiple A values in DNS). Must be lowercase and pass DNS Label (RFC 1123) validation.",
 	"targetRef":          "targetRef is a reference to a Kubernetes object that represents this endpoint.",
@@ -45,9 +45,9 @@ func (Endpoint) SwaggerDoc() map[string]string {
 
 var map_EndpointConditions = map[string]string{
 	"":            "EndpointConditions represents the current condition of an endpoint.",
-	"ready":       "ready indicates that this endpoint is prepared to receive traffic, according to whatever system is managing the endpoint. A nil value indicates an unknown state. In most cases consumers should interpret this unknown state as ready. For compatibility reasons, ready should never be \"true\" for terminating endpoints, except when the normal readiness behavior is being explicitly overridden, for example when the associated Service has set the publishNotReadyAddresses flag.",
-	"serving":     "serving is identical to ready except that it is set regardless of the terminating state of endpoints. This condition should be set to true for a ready endpoint that is terminating. If nil, consumers should defer to the ready condition.",
-	"terminating": "terminating indicates that this endpoint is terminating. A nil value indicates an unknown state. Consumers should interpret this unknown state to mean that the endpoint is not terminating.",
+	"ready":       "ready indicates that this endpoint is ready to receive traffic, according to whatever system is managing the endpoint. A nil value should be interpreted as \"true\". In general, an endpoint should be marked ready if it is serving and not terminating, though this can be overridden in some cases, such as when the associated Service has set the publishNotReadyAddresses flag.",
+	"serving":     "serving indicates that this endpoint is able to receive traffic, according to whatever system is managing the endpoint. For endpoints backed by pods, the EndpointSlice controller will mark the endpoint as serving if the pod's Ready condition is True. A nil value should be interpreted as \"true\".",
+	"terminating": "terminating indicates that this endpoint is terminating. A nil value should be interpreted as \"false\".",
 }
 
 func (EndpointConditions) SwaggerDoc() map[string]string {
@@ -56,7 +56,8 @@ func (EndpointConditions) SwaggerDoc() map[string]string {
 
 var map_EndpointHints = map[string]string{
 	"":         "EndpointHints provides hints describing how an endpoint should be consumed.",
-	"forZones": "forZones indicates the zone(s) this endpoint should be consumed by to enable topology aware routing.",
+	"forZones": "forZones indicates the zone(s) this endpoint should be consumed by when using topology aware routing. May contain a maximum of 8 entries.",
+	"forNodes": "forNodes indicates the node(s) this endpoint should be consumed by when using topology aware routing. May contain a maximum of 8 entries. This is an Alpha feature and is only used when the PreferSameTrafficDistribution feature gate is enabled.",
 }
 
 func (EndpointHints) SwaggerDoc() map[string]string {
@@ -67,7 +68,7 @@ var map_EndpointPort = map[string]string{
 	"":            "EndpointPort represents a Port used by an EndpointSlice",
 	"name":        "name represents the name of this port. All ports in an EndpointSlice must have a unique name. If the EndpointSlice is derived from a Kubernetes service, this corresponds to the Service.ports[].name. Name must either be an empty string or pass DNS_LABEL validation: * must be no more than 63 characters long. * must consist of lower case alphanumeric characters or '-'. * must start and end with an alphanumeric character. Default is empty string.",
 	"protocol":    "protocol represents the IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.",
-	"port":        "port represents the port number of the endpoint. If this is not specified, ports are not restricted and must be interpreted in the context of the specific consumer.",
+	"port":        "port represents the port number of the endpoint. If the EndpointSlice is derived from a Kubernetes service, this must be set to the service's target port. EndpointSlices used for other purposes may have a nil port.",
 	"appProtocol": "The application protocol for this port. This is used as a hint for implementations to offer richer behavior for protocols that they understand. This field follows standard Kubernetes label syntax. Valid values are either:\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names).\n\n* Kubernetes-defined prefixed names:\n  * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n  * 'kubernetes.io/ws'  - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n  * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.",
 }
 
@@ -76,11 +77,11 @@ func (EndpointPort) SwaggerDoc() map[string]string {
 }
 
 var map_EndpointSlice = map[string]string{
-	"":            "EndpointSlice represents a subset of the endpoints that implement a service. For a given service there may be multiple EndpointSlice objects, selected by labels, which must be joined to produce the full set of endpoints.",
+	"":            "EndpointSlice represents a set of service endpoints. Most EndpointSlices are created by the EndpointSlice controller to represent the Pods selected by Service objects. For a given service there may be multiple EndpointSlice objects which must be joined to produce the full set of endpoints; you can find all of the slices for a given service by listing EndpointSlices in the service's namespace whose `kubernetes.io/service-name` label contains the service's name.",
 	"metadata":    "Standard object's metadata.",
-	"addressType": "addressType specifies the type of address carried by this EndpointSlice. All addresses in this slice must be the same type. This field is immutable after creation. The following address types are currently supported: * IPv4: Represents an IPv4 Address. * IPv6: Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name.",
+	"addressType": "addressType specifies the type of address carried by this EndpointSlice. All addresses in this slice must be the same type. This field is immutable after creation. The following address types are currently supported: * IPv4: Represents an IPv4 Address. * IPv6: Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name. (Deprecated) The EndpointSlice controller only generates, and kube-proxy only processes, slices of addressType \"IPv4\" and \"IPv6\". No semantics are defined for the \"FQDN\" type.",
 	"endpoints":   "endpoints is a list of unique endpoints in this slice. Each slice may include a maximum of 1000 endpoints.",
-	"ports":       "ports specifies the list of network ports exposed by each endpoint in this slice. Each port must have a unique name. When ports is empty, it indicates that there are no defined ports. When a port is defined with a nil port value, it indicates \"all ports\". Each slice may include a maximum of 100 ports.",
+	"ports":       "ports specifies the list of network ports exposed by each endpoint in this slice. Each port must have a unique name. Each slice may include a maximum of 100 ports. Services always have at least 1 port, so EndpointSlices generated by the EndpointSlice controller will likewise always have at least 1 port. EndpointSlices used for other purposes may have an empty ports list.",
 }
 
 func (EndpointSlice) SwaggerDoc() map[string]string {
@@ -97,6 +98,15 @@ func (EndpointSliceList) SwaggerDoc() map[string]string {
 	return map_EndpointSliceList
 }
 
+var map_ForNode = map[string]string{
+	"":     "ForNode provides information about which nodes should consume this endpoint.",
+	"name": "name represents the name of the node.",
+}
+
+func (ForNode) SwaggerDoc() map[string]string {
+	return map_ForNode
+}
+
 var map_ForZone = map[string]string{
 	"":     "ForZone provides information about which zones should consume this endpoint.",
 	"name": "name represents the name of the zone.",
diff --git a/vendor/k8s.io/api/discovery/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/discovery/v1/zz_generated.deepcopy.go
index caa872af00..60eada3b9f 100644
--- a/vendor/k8s.io/api/discovery/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/discovery/v1/zz_generated.deepcopy.go
@@ -119,6 +119,11 @@ func (in *EndpointHints) DeepCopyInto(out *EndpointHints) {
 		*out = make([]ForZone, len(*in))
 		copy(*out, *in)
 	}
+	if in.ForNodes != nil {
+		in, out := &in.ForNodes, &out.ForNodes
+		*out = make([]ForNode, len(*in))
+		copy(*out, *in)
+	}
 	return
 }
 
@@ -241,6 +246,22 @@ func (in *EndpointSliceList) DeepCopyObject() runtime.Object {
 	return nil
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ForNode) DeepCopyInto(out *ForNode) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForNode.
+func (in *ForNode) DeepCopy() *ForNode {
+	if in == nil {
+		return nil
+	}
+	out := new(ForNode)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ForZone) DeepCopyInto(out *ForZone) {
 	*out = *in
diff --git a/vendor/k8s.io/api/discovery/v1beta1/doc.go b/vendor/k8s.io/api/discovery/v1beta1/doc.go
index 7d7084802d..f12087eff1 100644
--- a/vendor/k8s.io/api/discovery/v1beta1/doc.go
+++ b/vendor/k8s.io/api/discovery/v1beta1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=discovery.k8s.io
 
-package v1beta1 // import "k8s.io/api/discovery/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/discovery/v1beta1/generated.pb.go b/vendor/k8s.io/api/discovery/v1beta1/generated.pb.go
index 46935574bf..de32577864 100644
--- a/vendor/k8s.io/api/discovery/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/api/discovery/v1beta1/generated.pb.go
@@ -214,10 +214,38 @@ func (m *EndpointSliceList) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_EndpointSliceList proto.InternalMessageInfo
 
+func (m *ForNode) Reset()      { *m = ForNode{} }
+func (*ForNode) ProtoMessage() {}
+func (*ForNode) Descriptor() ([]byte, []int) {
+	return fileDescriptor_6555bad15de200e0, []int{6}
+}
+func (m *ForNode) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ForNode) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ForNode) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ForNode.Merge(m, src)
+}
+func (m *ForNode) XXX_Size() int {
+	return m.Size()
+}
+func (m *ForNode) XXX_DiscardUnknown() {
+	xxx_messageInfo_ForNode.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ForNode proto.InternalMessageInfo
+
 func (m *ForZone) Reset()      { *m = ForZone{} }
 func (*ForZone) ProtoMessage() {}
 func (*ForZone) Descriptor() ([]byte, []int) {
-	return fileDescriptor_6555bad15de200e0, []int{6}
+	return fileDescriptor_6555bad15de200e0, []int{7}
 }
 func (m *ForZone) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -250,6 +278,7 @@ func init() {
 	proto.RegisterType((*EndpointPort)(nil), "k8s.io.api.discovery.v1beta1.EndpointPort")
 	proto.RegisterType((*EndpointSlice)(nil), "k8s.io.api.discovery.v1beta1.EndpointSlice")
 	proto.RegisterType((*EndpointSliceList)(nil), "k8s.io.api.discovery.v1beta1.EndpointSliceList")
+	proto.RegisterType((*ForNode)(nil), "k8s.io.api.discovery.v1beta1.ForNode")
 	proto.RegisterType((*ForZone)(nil), "k8s.io.api.discovery.v1beta1.ForZone")
 }
 
@@ -258,61 +287,62 @@ func init() {
 }
 
 var fileDescriptor_6555bad15de200e0 = []byte{
-	// 857 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x55, 0x4f, 0x6f, 0xe4, 0x34,
-	0x14, 0x9f, 0x74, 0x1a, 0x9a, 0x78, 0x5a, 0xb1, 0x6b, 0x71, 0x18, 0x95, 0x2a, 0x19, 0x05, 0x2d,
+	// 877 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x56, 0x4f, 0x6f, 0xe4, 0x34,
+	0x1c, 0x9d, 0x74, 0x1a, 0x9a, 0x78, 0x5a, 0xb1, 0x6b, 0x71, 0x18, 0x95, 0x2a, 0x19, 0x05, 0x2d,
 	0x1a, 0x51, 0x48, 0x68, 0xb5, 0x42, 0x2b, 0x38, 0x35, 0xb0, 0xb0, 0x48, 0xcb, 0x6e, 0xe5, 0x56,
 	0x42, 0x5a, 0x71, 0xc0, 0x93, 0xb8, 0x19, 0xd3, 0x26, 0x8e, 0x62, 0x77, 0xa4, 0xb9, 0xf1, 0x0d,
-	0xe0, 0xb3, 0xf0, 0x15, 0x90, 0x50, 0x8f, 0x7b, 0xdc, 0x53, 0xc4, 0x84, 0x6f, 0xb1, 0x27, 0x64,
-	0xc7, 0xf9, 0x33, 0x0c, 0x94, 0xb9, 0xc5, 0x3f, 0xbf, 0xdf, 0xef, 0xbd, 0xf7, 0x7b, 0xb6, 0x03,
-	0x3e, 0xbe, 0x7e, 0xc2, 0x7d, 0xca, 0x02, 0x9c, 0xd3, 0x20, 0xa6, 0x3c, 0x62, 0x0b, 0x52, 0x2c,
-	0x83, 0xc5, 0xc9, 0x8c, 0x08, 0x7c, 0x12, 0x24, 0x24, 0x23, 0x05, 0x16, 0x24, 0xf6, 0xf3, 0x82,
-	0x09, 0x06, 0x8f, 0xea, 0x68, 0x1f, 0xe7, 0xd4, 0x6f, 0xa3, 0x7d, 0x1d, 0x7d, 0xf8, 0x49, 0x42,
-	0xc5, 0xfc, 0x76, 0xe6, 0x47, 0x2c, 0x0d, 0x12, 0x96, 0xb0, 0x40, 0x91, 0x66, 0xb7, 0x57, 0x6a,
-	0xa5, 0x16, 0xea, 0xab, 0x16, 0x3b, 0xf4, 0x7a, 0xa9, 0x23, 0x56, 0x90, 0x60, 0xb1, 0x91, 0xf0,
-	0xf0, 0x71, 0x17, 0x93, 0xe2, 0x68, 0x4e, 0x33, 0x59, 0x5d, 0x7e, 0x9d, 0x48, 0x80, 0x07, 0x29,
-	0x11, 0xf8, 0xdf, 0x58, 0xc1, 0x7f, 0xb1, 0x8a, 0xdb, 0x4c, 0xd0, 0x94, 0x6c, 0x10, 0x3e, 0xfb,
-	0x3f, 0x02, 0x8f, 0xe6, 0x24, 0xc5, 0xff, 0xe4, 0x79, 0xbf, 0xed, 0x02, 0xeb, 0x69, 0x16, 0xe7,
-	0x8c, 0x66, 0x02, 0x1e, 0x03, 0x1b, 0xc7, 0x71, 0x41, 0x38, 0x27, 0x7c, 0x6c, 0x4c, 0x86, 0x53,
-	0x3b, 0x3c, 0xa8, 0x4a, 0xd7, 0x3e, 0x6b, 0x40, 0xd4, 0xed, 0xc3, 0x18, 0x80, 0x88, 0x65, 0x31,
-	0x15, 0x94, 0x65, 0x7c, 0xbc, 0x33, 0x31, 0xa6, 0xa3, 0xd3, 0x4f, 0xfd, 0xfb, 0xec, 0xf5, 0x9b,
-	0x44, 0x5f, 0xb6, 0xbc, 0x10, 0xde, 0x95, 0xee, 0xa0, 0x2a, 0x5d, 0xd0, 0x61, 0xa8, 0xa7, 0x0b,
-	0xa7, 0xc0, 0x9a, 0x33, 0x2e, 0x32, 0x9c, 0x92, 0xf1, 0x70, 0x62, 0x4c, 0xed, 0x70, 0xbf, 0x2a,
-	0x5d, 0xeb, 0x99, 0xc6, 0x50, 0xbb, 0x0b, 0xcf, 0x81, 0x2d, 0x70, 0x91, 0x10, 0x81, 0xc8, 0xd5,
-	0x78, 0x57, 0x95, 0xf3, 0x41, 0xbf, 0x1c, 0x39, 0x20, 0x7f, 0x71, 0xe2, 0xbf, 0x9c, 0xfd, 0x44,
-	0x22, 0x19, 0x44, 0x0a, 0x92, 0x45, 0xa4, 0xee, 0xf0, 0xb2, 0x61, 0xa2, 0x4e, 0x04, 0xce, 0x80,
-	0x25, 0x58, 0xce, 0x6e, 0x58, 0xb2, 0x1c, 0x9b, 0x93, 0xe1, 0x74, 0x74, 0xfa, 0x78, 0xbb, 0xfe,
-	0xfc, 0x4b, 0x4d, 0x7b, 0x9a, 0x89, 0x62, 0x19, 0x3e, 0xd0, 0x3d, 0x5a, 0x0d, 0x8c, 0x5a, 0x5d,
-	0xd9, 0x5f, 0xc6, 0x62, 0xf2, 0x42, 0xf6, 0xf7, 0x4e, 0xd7, 0xdf, 0x0b, 0x8d, 0xa1, 0x76, 0x17,
-	0x3e, 0x07, 0xe6, 0x9c, 0x66, 0x82, 0x8f, 0xf7, 0x54, 0x6f, 0xc7, 0xdb, 0x95, 0xf2, 0x4c, 0x52,
-	0x42, 0xbb, 0x2a, 0x5d, 0x53, 0x7d, 0xa2, 0x5a, 0xe4, 0xf0, 0x0b, 0x70, 0xb0, 0x56, 0x24, 0x7c,
-	0x00, 0x86, 0xd7, 0x64, 0x39, 0x36, 0x64, 0x0d, 0x48, 0x7e, 0xc2, 0xf7, 0x80, 0xb9, 0xc0, 0x37,
-	0xb7, 0x44, 0xcd, 0xd6, 0x46, 0xf5, 0xe2, 0xf3, 0x9d, 0x27, 0x86, 0xf7, 0x8b, 0x01, 0xe0, 0xe6,
-	0x2c, 0xa1, 0x0b, 0xcc, 0x82, 0xe0, 0xb8, 0x16, 0xb1, 0xea, 0xa4, 0x48, 0x02, 0xa8, 0xc6, 0xe1,
-	0x23, 0xb0, 0xc7, 0x49, 0xb1, 0xa0, 0x59, 0xa2, 0x34, 0xad, 0x70, 0x54, 0x95, 0xee, 0xde, 0x45,
-	0x0d, 0xa1, 0x66, 0x0f, 0x9e, 0x80, 0x91, 0x20, 0x45, 0x4a, 0x33, 0x2c, 0x64, 0xe8, 0x50, 0x85,
-	0xbe, 0x5b, 0x95, 0xee, 0xe8, 0xb2, 0x83, 0x51, 0x3f, 0xc6, 0x8b, 0xc1, 0xc1, 0x5a, 0xc7, 0xf0,
-	0x02, 0x58, 0x57, 0xac, 0x78, 0xc5, 0x32, 0x7d, 0x92, 0x47, 0xa7, 0x8f, 0xee, 0x37, 0xec, 0xeb,
-	0x3a, 0xba, 0x1b, 0x96, 0x06, 0x38, 0x6a, 0x85, 0xbc, 0x3f, 0x0c, 0xb0, 0xdf, 0xa4, 0x39, 0x67,
-	0x85, 0x80, 0x47, 0x60, 0x57, 0x9d, 0x4c, 0xe5, 0x5a, 0x68, 0x55, 0xa5, 0xbb, 0xab, 0xa6, 0xa6,
-	0x50, 0xf8, 0x0d, 0xb0, 0xd4, 0x25, 0x8b, 0xd8, 0x4d, 0xed, 0x61, 0x78, 0x2c, 0x85, 0xcf, 0x35,
-	0xf6, 0xb6, 0x74, 0xdf, 0xdf, 0x7c, 0x40, 0xfc, 0x66, 0x1b, 0xb5, 0x64, 0x99, 0x26, 0x67, 0x85,
-	0x50, 0x4e, 0x98, 0x75, 0x1a, 0x99, 0x1e, 0x29, 0x54, 0xda, 0x85, 0xf3, 0xbc, 0xa1, 0xa9, 0xa3,
-	0x6f, 0xd7, 0x76, 0x9d, 0x75, 0x30, 0xea, 0xc7, 0x78, 0xab, 0x9d, 0xce, 0xaf, 0x8b, 0x1b, 0x1a,
-	0x11, 0xf8, 0x23, 0xb0, 0xe4, 0x5b, 0x14, 0x63, 0x81, 0x55, 0x37, 0xeb, 0x77, 0xb9, 0x7d, 0x52,
-	0xfc, 0xfc, 0x3a, 0x91, 0x00, 0xf7, 0x65, 0x74, 0x77, 0x9d, 0xbe, 0x23, 0x02, 0x77, 0x77, 0xb9,
-	0xc3, 0x50, 0xab, 0x0a, 0xbf, 0x02, 0x23, 0xfd, 0x78, 0x5c, 0x2e, 0x73, 0xa2, 0xcb, 0xf4, 0x34,
-	0x65, 0x74, 0xd6, 0x6d, 0xbd, 0x5d, 0x5f, 0xa2, 0x3e, 0x0d, 0x7e, 0x0f, 0x6c, 0xa2, 0x0b, 0x97,
-	0x8f, 0x8e, 0x1c, 0xec, 0x87, 0xdb, 0xdd, 0x84, 0xf0, 0xa1, 0xce, 0x65, 0x37, 0x08, 0x47, 0x9d,
-	0x16, 0x7c, 0x09, 0x4c, 0xe9, 0x26, 0x1f, 0x0f, 0x95, 0xe8, 0x47, 0xdb, 0x89, 0xca, 0x31, 0x84,
-	0x07, 0x5a, 0xd8, 0x94, 0x2b, 0x8e, 0x6a, 0x1d, 0xef, 0x77, 0x03, 0x3c, 0x5c, 0xf3, 0xf8, 0x39,
-	0xe5, 0x02, 0xfe, 0xb0, 0xe1, 0xb3, 0xbf, 0x9d, 0xcf, 0x92, 0xad, 0x5c, 0x6e, 0x0f, 0x68, 0x83,
-	0xf4, 0x3c, 0x3e, 0x07, 0x26, 0x15, 0x24, 0x6d, 0x9c, 0xd9, 0xf2, 0x8d, 0x50, 0xd5, 0x75, 0x5d,
-	0x7c, 0x2b, 0x15, 0x50, 0x2d, 0xe4, 0x1d, 0x83, 0x3d, 0x7d, 0x11, 0xe0, 0x64, 0xed, 0xb0, 0xef,
-	0xeb, 0xf0, 0xde, 0x81, 0x0f, 0xc3, 0xbb, 0x95, 0x33, 0x78, 0xbd, 0x72, 0x06, 0x6f, 0x56, 0xce,
-	0xe0, 0xe7, 0xca, 0x31, 0xee, 0x2a, 0xc7, 0x78, 0x5d, 0x39, 0xc6, 0x9b, 0xca, 0x31, 0xfe, 0xac,
-	0x1c, 0xe3, 0xd7, 0xbf, 0x9c, 0xc1, 0xab, 0xa3, 0xfb, 0x7e, 0xd8, 0x7f, 0x07, 0x00, 0x00, 0xff,
-	0xff, 0x1c, 0xe6, 0x20, 0x06, 0xcf, 0x07, 0x00, 0x00,
+	0xe0, 0xb3, 0x70, 0xe3, 0x8c, 0x84, 0x7a, 0xdc, 0xe3, 0x9e, 0x22, 0x1a, 0xbe, 0xc5, 0x9e, 0x90,
+	0x1d, 0xe7, 0xcf, 0x30, 0xd0, 0xce, 0x2d, 0x7e, 0x7e, 0xef, 0xfd, 0xfe, 0xd9, 0x56, 0xc0, 0xc7,
+	0x97, 0x4f, 0xb8, 0x4f, 0x59, 0x80, 0x73, 0x1a, 0xc4, 0x94, 0x47, 0x6c, 0x41, 0x8a, 0x65, 0xb0,
+	0x38, 0x9a, 0x11, 0x81, 0x8f, 0x82, 0x84, 0x64, 0xa4, 0xc0, 0x82, 0xc4, 0x7e, 0x5e, 0x30, 0xc1,
+	0xe0, 0x41, 0xcd, 0xf6, 0x71, 0x4e, 0xfd, 0x96, 0xed, 0x6b, 0xf6, 0xfe, 0x27, 0x09, 0x15, 0xf3,
+	0xeb, 0x99, 0x1f, 0xb1, 0x34, 0x48, 0x58, 0xc2, 0x02, 0x25, 0x9a, 0x5d, 0x5f, 0xa8, 0x95, 0x5a,
+	0xa8, 0xaf, 0xda, 0x6c, 0xdf, 0xeb, 0x85, 0x8e, 0x58, 0x41, 0x82, 0xc5, 0x5a, 0xc0, 0xfd, 0xc7,
+	0x1d, 0x27, 0xc5, 0xd1, 0x9c, 0x66, 0x32, 0xbb, 0xfc, 0x32, 0x91, 0x00, 0x0f, 0x52, 0x22, 0xf0,
+	0x7f, 0xa9, 0x82, 0xff, 0x53, 0x15, 0xd7, 0x99, 0xa0, 0x29, 0x59, 0x13, 0x7c, 0x76, 0x9f, 0x80,
+	0x47, 0x73, 0x92, 0xe2, 0x7f, 0xeb, 0xbc, 0xdf, 0xb6, 0x81, 0xf5, 0x34, 0x8b, 0x73, 0x46, 0x33,
+	0x01, 0x0f, 0x81, 0x8d, 0xe3, 0xb8, 0x20, 0x9c, 0x13, 0x3e, 0x36, 0x26, 0xc3, 0xa9, 0x1d, 0xee,
+	0x55, 0xa5, 0x6b, 0x9f, 0x34, 0x20, 0xea, 0xf6, 0x61, 0x0c, 0x40, 0xc4, 0xb2, 0x98, 0x0a, 0xca,
+	0x32, 0x3e, 0xde, 0x9a, 0x18, 0xd3, 0xd1, 0xf1, 0xa7, 0xfe, 0x5d, 0xed, 0xf5, 0x9b, 0x40, 0x5f,
+	0xb6, 0xba, 0x10, 0xde, 0x94, 0xee, 0xa0, 0x2a, 0x5d, 0xd0, 0x61, 0xa8, 0xe7, 0x0b, 0xa7, 0xc0,
+	0x9a, 0x33, 0x2e, 0x32, 0x9c, 0x92, 0xf1, 0x70, 0x62, 0x4c, 0xed, 0x70, 0xb7, 0x2a, 0x5d, 0xeb,
+	0x99, 0xc6, 0x50, 0xbb, 0x0b, 0x4f, 0x81, 0x2d, 0x70, 0x91, 0x10, 0x81, 0xc8, 0xc5, 0x78, 0x5b,
+	0xa5, 0xf3, 0x41, 0x3f, 0x1d, 0x39, 0x20, 0x7f, 0x71, 0xe4, 0xbf, 0x9c, 0xfd, 0x44, 0x22, 0x49,
+	0x22, 0x05, 0xc9, 0x22, 0x52, 0x57, 0x78, 0xde, 0x28, 0x51, 0x67, 0x02, 0x67, 0xc0, 0x12, 0x2c,
+	0x67, 0x57, 0x2c, 0x59, 0x8e, 0xcd, 0xc9, 0x70, 0x3a, 0x3a, 0x7e, 0xbc, 0x59, 0x7d, 0xfe, 0xb9,
+	0x96, 0x3d, 0xcd, 0x44, 0xb1, 0x0c, 0x1f, 0xe8, 0x1a, 0xad, 0x06, 0x46, 0xad, 0xaf, 0xac, 0x2f,
+	0x63, 0x31, 0x79, 0x21, 0xeb, 0x7b, 0xa7, 0xab, 0xef, 0x85, 0xc6, 0x50, 0xbb, 0x0b, 0x9f, 0x03,
+	0x73, 0x4e, 0x33, 0xc1, 0xc7, 0x3b, 0xaa, 0xb6, 0xc3, 0xcd, 0x52, 0x79, 0x26, 0x25, 0xa1, 0x5d,
+	0x95, 0xae, 0xa9, 0x3e, 0x51, 0x6d, 0xb2, 0xff, 0x05, 0xd8, 0x5b, 0x49, 0x12, 0x3e, 0x00, 0xc3,
+	0x4b, 0xb2, 0x1c, 0x1b, 0x32, 0x07, 0x24, 0x3f, 0xe1, 0x7b, 0xc0, 0x5c, 0xe0, 0xab, 0x6b, 0xa2,
+	0x66, 0x6b, 0xa3, 0x7a, 0xf1, 0xf9, 0xd6, 0x13, 0xc3, 0xfb, 0xc5, 0x00, 0x70, 0x7d, 0x96, 0xd0,
+	0x05, 0x66, 0x41, 0x70, 0x5c, 0x9b, 0x58, 0x75, 0x50, 0x24, 0x01, 0x54, 0xe3, 0xf0, 0x11, 0xd8,
+	0xe1, 0xa4, 0x58, 0xd0, 0x2c, 0x51, 0x9e, 0x56, 0x38, 0xaa, 0x4a, 0x77, 0xe7, 0xac, 0x86, 0x50,
+	0xb3, 0x07, 0x8f, 0xc0, 0x48, 0x90, 0x22, 0xa5, 0x19, 0x16, 0x92, 0x3a, 0x54, 0xd4, 0x77, 0xab,
+	0xd2, 0x1d, 0x9d, 0x77, 0x30, 0xea, 0x73, 0xbc, 0xdf, 0x0d, 0xb0, 0xb7, 0x52, 0x32, 0x3c, 0x03,
+	0xd6, 0x05, 0x2b, 0x5e, 0xb1, 0x4c, 0x1f, 0xe5, 0xd1, 0xf1, 0xa3, 0xbb, 0x3b, 0xf6, 0x75, 0xcd,
+	0xee, 0xa6, 0xa5, 0x01, 0x8e, 0x5a, 0x23, 0x6d, 0x2a, 0x87, 0x23, 0x4f, 0xfc, 0x66, 0xa6, 0x92,
+	0xbd, 0x62, 0xaa, 0xe4, 0xa8, 0x35, 0xf2, 0xfe, 0x34, 0xc0, 0x6e, 0x93, 0xfb, 0x29, 0x2b, 0x04,
+	0x3c, 0x00, 0xdb, 0xea, 0xbc, 0xab, 0x59, 0x84, 0x56, 0x55, 0xba, 0xdb, 0xea, 0x2c, 0x28, 0x14,
+	0x7e, 0x03, 0x2c, 0x75, 0x75, 0x23, 0x76, 0x55, 0x4f, 0x26, 0x3c, 0x94, 0xc6, 0xa7, 0x1a, 0x7b,
+	0x5b, 0xba, 0xef, 0xaf, 0x3f, 0x4b, 0x7e, 0xb3, 0x8d, 0x5a, 0xb1, 0x0c, 0x93, 0xb3, 0x42, 0xa8,
+	0xfe, 0x9a, 0x75, 0x18, 0x19, 0x1e, 0x29, 0x54, 0x0e, 0x01, 0xe7, 0x79, 0x23, 0x53, 0x17, 0xca,
+	0xae, 0x87, 0x70, 0xd2, 0xc1, 0xa8, 0xcf, 0xf1, 0x6e, 0xb7, 0xba, 0x21, 0x9c, 0x5d, 0xd1, 0x88,
+	0xc0, 0x1f, 0x81, 0x25, 0x5f, 0xb8, 0x18, 0x0b, 0xac, 0xaa, 0x59, 0x7d, 0x21, 0xda, 0x87, 0xca,
+	0xcf, 0x2f, 0x13, 0x09, 0x70, 0x5f, 0xb2, 0xbb, 0x4b, 0xfa, 0x1d, 0x11, 0xb8, 0x7b, 0x21, 0x3a,
+	0x0c, 0xb5, 0xae, 0xf0, 0x2b, 0x30, 0xd2, 0x4f, 0xd2, 0xf9, 0x32, 0x27, 0x3a, 0x4d, 0x4f, 0x4b,
+	0x46, 0x27, 0xdd, 0xd6, 0xdb, 0xd5, 0x25, 0xea, 0xcb, 0xe0, 0xf7, 0xc0, 0x26, 0x3a, 0xf1, 0x66,
+	0xb0, 0x1f, 0x6e, 0x76, 0xbf, 0xc2, 0x87, 0x3a, 0x96, 0xdd, 0x20, 0x1c, 0x75, 0x5e, 0xf0, 0x25,
+	0x30, 0x65, 0x37, 0xf9, 0x78, 0xa8, 0x4c, 0x3f, 0xda, 0xcc, 0x54, 0x8e, 0x21, 0xdc, 0xd3, 0xc6,
+	0xa6, 0x5c, 0x71, 0x54, 0xfb, 0x78, 0x7f, 0x18, 0xe0, 0xe1, 0x4a, 0x8f, 0x9f, 0x53, 0x2e, 0xe0,
+	0x0f, 0x6b, 0x7d, 0xf6, 0x37, 0xeb, 0xb3, 0x54, 0xab, 0x2e, 0xb7, 0x07, 0xb4, 0x41, 0x7a, 0x3d,
+	0x3e, 0x05, 0x26, 0x15, 0x24, 0x6d, 0x3a, 0xb3, 0xe1, 0xcb, 0xa3, 0xb2, 0xeb, 0xaa, 0xf8, 0x56,
+	0x3a, 0xa0, 0xda, 0xc8, 0x3b, 0x04, 0x3b, 0xfa, 0x22, 0xc0, 0xc9, 0xca, 0x61, 0xdf, 0xd5, 0xf4,
+	0xde, 0x81, 0xd7, 0x64, 0x79, 0x01, 0xef, 0x27, 0x87, 0xe1, 0xcd, 0xad, 0x33, 0x78, 0x7d, 0xeb,
+	0x0c, 0xde, 0xdc, 0x3a, 0x83, 0x9f, 0x2b, 0xc7, 0xb8, 0xa9, 0x1c, 0xe3, 0x75, 0xe5, 0x18, 0x6f,
+	0x2a, 0xc7, 0xf8, 0xab, 0x72, 0x8c, 0x5f, 0xff, 0x76, 0x06, 0xaf, 0x0e, 0xee, 0xfa, 0x67, 0xf8,
+	0x27, 0x00, 0x00, 0xff, 0xff, 0x76, 0x8e, 0x48, 0x7e, 0x52, 0x08, 0x00, 0x00,
 }
 
 func (m *Endpoint) Marshal() (dAtA []byte, err error) {
@@ -492,6 +522,20 @@ func (m *EndpointHints) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if len(m.ForNodes) > 0 {
+		for iNdEx := len(m.ForNodes) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.ForNodes[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
 	if len(m.ForZones) > 0 {
 		for iNdEx := len(m.ForZones) - 1; iNdEx >= 0; iNdEx-- {
 			{
@@ -671,6 +715,34 @@ func (m *EndpointSliceList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
+func (m *ForNode) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ForNode) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ForNode) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
 func (m *ForZone) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -781,6 +853,12 @@ func (m *EndpointHints) Size() (n int) {
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
+	if len(m.ForNodes) > 0 {
+		for _, e := range m.ForNodes {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -850,6 +928,17 @@ func (m *EndpointSliceList) Size() (n int) {
 	return n
 }
 
+func (m *ForNode) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
 func (m *ForZone) Size() (n int) {
 	if m == nil {
 		return 0
@@ -914,8 +1003,14 @@ func (this *EndpointHints) String() string {
 		repeatedStringForForZones += strings.Replace(strings.Replace(f.String(), "ForZone", "ForZone", 1), `&`, ``, 1) + ","
 	}
 	repeatedStringForForZones += "}"
+	repeatedStringForForNodes := "[]ForNode{"
+	for _, f := range this.ForNodes {
+		repeatedStringForForNodes += strings.Replace(strings.Replace(f.String(), "ForNode", "ForNode", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForForNodes += "}"
 	s := strings.Join([]string{`&EndpointHints{`,
 		`ForZones:` + repeatedStringForForZones + `,`,
+		`ForNodes:` + repeatedStringForForNodes + `,`,
 		`}`,
 	}, "")
 	return s
@@ -972,6 +1067,16 @@ func (this *EndpointSliceList) String() string {
 	}, "")
 	return s
 }
+func (this *ForNode) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ForNode{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *ForZone) String() string {
 	if this == nil {
 		return "nil"
@@ -1546,6 +1651,40 @@ func (m *EndpointHints) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ForNodes", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.ForNodes = append(m.ForNodes, ForNode{})
+			if err := m.ForNodes[len(m.ForNodes)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -2036,6 +2175,88 @@ func (m *EndpointSliceList) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
+func (m *ForNode) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ForNode: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ForNode: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
 func (m *ForZone) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
diff --git a/vendor/k8s.io/api/discovery/v1beta1/generated.proto b/vendor/k8s.io/api/discovery/v1beta1/generated.proto
index 55828dd97d..907050da1c 100644
--- a/vendor/k8s.io/api/discovery/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/discovery/v1beta1/generated.proto
@@ -114,6 +114,13 @@ message EndpointHints {
   // enable topology aware routing. May contain a maximum of 8 entries.
   // +listType=atomic
   repeated ForZone forZones = 1;
+
+  // forNodes indicates the node(s) this endpoint should be consumed by when
+  // using topology aware routing. May contain a maximum of 8 entries.
+  // This is an Alpha feature and is only used when the PreferSameTrafficDistribution
+  // feature gate is enabled.
+  // +listType=atomic
+  repeated ForNode forNodes = 2;
 }
 
 // EndpointPort represents a Port used by an EndpointSlice
@@ -189,6 +196,12 @@ message EndpointSliceList {
   repeated EndpointSlice items = 2;
 }
 
+// ForNode provides information about which nodes should consume this endpoint.
+message ForNode {
+  // name represents the name of the node.
+  optional string name = 1;
+}
+
 // ForZone provides information about which zones should consume this endpoint.
 message ForZone {
   // name represents the name of the zone.
diff --git a/vendor/k8s.io/api/discovery/v1beta1/types.go b/vendor/k8s.io/api/discovery/v1beta1/types.go
index defd8e2ce6..fa9d1eae43 100644
--- a/vendor/k8s.io/api/discovery/v1beta1/types.go
+++ b/vendor/k8s.io/api/discovery/v1beta1/types.go
@@ -161,6 +161,13 @@ type EndpointHints struct {
 	// enable topology aware routing. May contain a maximum of 8 entries.
 	// +listType=atomic
 	ForZones []ForZone `json:"forZones,omitempty" protobuf:"bytes,1,name=forZones"`
+
+	// forNodes indicates the node(s) this endpoint should be consumed by when
+	// using topology aware routing. May contain a maximum of 8 entries.
+	// This is an Alpha feature and is only used when the PreferSameTrafficDistribution
+	// feature gate is enabled.
+	// +listType=atomic
+	ForNodes []ForNode `json:"forNodes,omitempty" protobuf:"bytes,2,name=forNodes"`
 }
 
 // ForZone provides information about which zones should consume this endpoint.
@@ -169,6 +176,12 @@ type ForZone struct {
 	Name string `json:"name" protobuf:"bytes,1,name=name"`
 }
 
+// ForNode provides information about which nodes should consume this endpoint.
+type ForNode struct {
+	// name represents the name of the node.
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+}
+
 // EndpointPort represents a Port used by an EndpointSlice
 type EndpointPort struct {
 	// name represents the name of this port. All ports in an EndpointSlice must have a unique name.
diff --git a/vendor/k8s.io/api/discovery/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/discovery/v1beta1/types_swagger_doc_generated.go
index 847d4d58e0..72aa0cb9b2 100644
--- a/vendor/k8s.io/api/discovery/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/discovery/v1beta1/types_swagger_doc_generated.go
@@ -56,6 +56,7 @@ func (EndpointConditions) SwaggerDoc() map[string]string {
 var map_EndpointHints = map[string]string{
 	"":         "EndpointHints provides hints describing how an endpoint should be consumed.",
 	"forZones": "forZones indicates the zone(s) this endpoint should be consumed by to enable topology aware routing. May contain a maximum of 8 entries.",
+	"forNodes": "forNodes indicates the node(s) this endpoint should be consumed by when using topology aware routing. May contain a maximum of 8 entries. This is an Alpha feature and is only used when the PreferSameTrafficDistribution feature gate is enabled.",
 }
 
 func (EndpointHints) SwaggerDoc() map[string]string {
@@ -96,6 +97,15 @@ func (EndpointSliceList) SwaggerDoc() map[string]string {
 	return map_EndpointSliceList
 }
 
+var map_ForNode = map[string]string{
+	"":     "ForNode provides information about which nodes should consume this endpoint.",
+	"name": "name represents the name of the node.",
+}
+
+func (ForNode) SwaggerDoc() map[string]string {
+	return map_ForNode
+}
+
 var map_ForZone = map[string]string{
 	"":     "ForZone provides information about which zones should consume this endpoint.",
 	"name": "name represents the name of the zone.",
diff --git a/vendor/k8s.io/api/discovery/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/discovery/v1beta1/zz_generated.deepcopy.go
index 13b9544b0c..72490d6adf 100644
--- a/vendor/k8s.io/api/discovery/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/discovery/v1beta1/zz_generated.deepcopy.go
@@ -114,6 +114,11 @@ func (in *EndpointHints) DeepCopyInto(out *EndpointHints) {
 		*out = make([]ForZone, len(*in))
 		copy(*out, *in)
 	}
+	if in.ForNodes != nil {
+		in, out := &in.ForNodes, &out.ForNodes
+		*out = make([]ForNode, len(*in))
+		copy(*out, *in)
+	}
 	return
 }
 
@@ -236,6 +241,22 @@ func (in *EndpointSliceList) DeepCopyObject() runtime.Object {
 	return nil
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ForNode) DeepCopyInto(out *ForNode) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForNode.
+func (in *ForNode) DeepCopy() *ForNode {
+	if in == nil {
+		return nil
+	}
+	out := new(ForNode)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ForZone) DeepCopyInto(out *ForZone) {
 	*out = *in
diff --git a/vendor/k8s.io/api/events/v1/doc.go b/vendor/k8s.io/api/events/v1/doc.go
index 5fe700ffcf..911639044f 100644
--- a/vendor/k8s.io/api/events/v1/doc.go
+++ b/vendor/k8s.io/api/events/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=events.k8s.io
 
-package v1 // import "k8s.io/api/events/v1"
+package v1
diff --git a/vendor/k8s.io/api/events/v1beta1/doc.go b/vendor/k8s.io/api/events/v1beta1/doc.go
index 46048a65b4..e4864294fd 100644
--- a/vendor/k8s.io/api/events/v1beta1/doc.go
+++ b/vendor/k8s.io/api/events/v1beta1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=events.k8s.io
 
-package v1beta1 // import "k8s.io/api/events/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/extensions/v1beta1/doc.go b/vendor/k8s.io/api/extensions/v1beta1/doc.go
index c9af49d55c..7770fab5d2 100644
--- a/vendor/k8s.io/api/extensions/v1beta1/doc.go
+++ b/vendor/k8s.io/api/extensions/v1beta1/doc.go
@@ -19,4 +19,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1beta1 // import "k8s.io/api/extensions/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/extensions/v1beta1/generated.pb.go b/vendor/k8s.io/api/extensions/v1beta1/generated.pb.go
index 818486f39d..35b9a4ff2a 100644
--- a/vendor/k8s.io/api/extensions/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/api/extensions/v1beta1/generated.pb.go
@@ -1364,185 +1364,187 @@ func init() {
 }
 
 var fileDescriptor_90a532284de28347 = []byte{
-	// 2842 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x5b, 0xcd, 0x6f, 0x24, 0x47,
-	0x15, 0xdf, 0x9e, 0xf1, 0xd8, 0xe3, 0xe7, 0xb5, 0xbd, 0x5b, 0xeb, 0xac, 0x1d, 0x2f, 0xb1, 0xa3,
-	0x46, 0x84, 0x4d, 0xd8, 0x9d, 0x61, 0x37, 0xc9, 0x92, 0x0f, 0x29, 0x61, 0xc7, 0xbb, 0xc9, 0x3a,
-	0xb1, 0xc7, 0x93, 0x9a, 0x71, 0x82, 0x22, 0x02, 0xb4, 0x7b, 0xca, 0xe3, 0x8e, 0x7b, 0xba, 0x47,
-	0xdd, 0x35, 0x66, 0x7d, 0x03, 0xc1, 0x25, 0x27, 0xb8, 0x04, 0x38, 0x22, 0x21, 0x71, 0xe5, 0xca,
-	0x21, 0x44, 0x20, 0x82, 0xb4, 0x42, 0x1c, 0x22, 0x71, 0x20, 0x27, 0x8b, 0x38, 0x27, 0xc4, 0x3f,
-	0x80, 0xf6, 0x84, 0xea, 0xa3, 0xab, 0xbf, 0xed, 0x1e, 0xe3, 0x58, 0x04, 0x71, 0x5a, 0x4f, 0xbd,
-	0xf7, 0x7e, 0xf5, 0xaa, 0xea, 0xd5, 0x7b, 0xbf, 0xaa, 0xea, 0x85, 0xeb, 0xbb, 0xcf, 0xf9, 0x35,
-	0xcb, 0xad, 0x1b, 0x03, 0xab, 0x4e, 0xee, 0x53, 0xe2, 0xf8, 0x96, 0xeb, 0xf8, 0xf5, 0xbd, 0x1b,
-	0x5b, 0x84, 0x1a, 0x37, 0xea, 0x3d, 0xe2, 0x10, 0xcf, 0xa0, 0xa4, 0x5b, 0x1b, 0x78, 0x2e, 0x75,
-	0xd1, 0x63, 0x42, 0xbd, 0x66, 0x0c, 0xac, 0x5a, 0xa8, 0x5e, 0x93, 0xea, 0x8b, 0xd7, 0x7b, 0x16,
-	0xdd, 0x19, 0x6e, 0xd5, 0x4c, 0xb7, 0x5f, 0xef, 0xb9, 0x3d, 0xb7, 0xce, 0xad, 0xb6, 0x86, 0xdb,
-	0xfc, 0x17, 0xff, 0xc1, 0xff, 0x12, 0x68, 0x8b, 0x7a, 0xa4, 0x73, 0xd3, 0xf5, 0x48, 0x7d, 0x2f,
-	0xd5, 0xe3, 0xe2, 0x33, 0xa1, 0x4e, 0xdf, 0x30, 0x77, 0x2c, 0x87, 0x78, 0xfb, 0xf5, 0xc1, 0x6e,
-	0x8f, 0x35, 0xf8, 0xf5, 0x3e, 0xa1, 0x46, 0x96, 0x55, 0x3d, 0xcf, 0xca, 0x1b, 0x3a, 0xd4, 0xea,
-	0x93, 0x94, 0xc1, 0xad, 0xe3, 0x0c, 0x7c, 0x73, 0x87, 0xf4, 0x8d, 0x94, 0xdd, 0xd3, 0x79, 0x76,
-	0x43, 0x6a, 0xd9, 0x75, 0xcb, 0xa1, 0x3e, 0xf5, 0x92, 0x46, 0xfa, 0xfb, 0x25, 0x98, 0xbc, 0x63,
-	0x90, 0xbe, 0xeb, 0xb4, 0x09, 0x45, 0xdf, 0x83, 0x2a, 0x1b, 0x46, 0xd7, 0xa0, 0xc6, 0x82, 0xf6,
-	0xb8, 0x76, 0x75, 0xea, 0xe6, 0xd7, 0x6b, 0xe1, 0x34, 0x2b, 0xd4, 0xda, 0x60, 0xb7, 0xc7, 0x1a,
-	0xfc, 0x1a, 0xd3, 0xae, 0xed, 0xdd, 0xa8, 0x6d, 0x6c, 0xbd, 0x4b, 0x4c, 0xba, 0x4e, 0xa8, 0xd1,
-	0x40, 0x0f, 0x0e, 0x96, 0xcf, 0x1d, 0x1e, 0x2c, 0x43, 0xd8, 0x86, 0x15, 0x2a, 0x6a, 0xc2, 0x98,
-	0x3f, 0x20, 0xe6, 0x42, 0x89, 0xa3, 0x5f, 0xab, 0x1d, 0xb9, 0x88, 0x35, 0xe5, 0x59, 0x7b, 0x40,
-	0xcc, 0xc6, 0x79, 0x89, 0x3c, 0xc6, 0x7e, 0x61, 0x8e, 0x83, 0xde, 0x84, 0x71, 0x9f, 0x1a, 0x74,
-	0xe8, 0x2f, 0x94, 0x39, 0x62, 0xad, 0x30, 0x22, 0xb7, 0x6a, 0xcc, 0x48, 0xcc, 0x71, 0xf1, 0x1b,
-	0x4b, 0x34, 0xfd, 0x1f, 0x25, 0x40, 0x4a, 0x77, 0xc5, 0x75, 0xba, 0x16, 0xb5, 0x5c, 0x07, 0xbd,
-	0x00, 0x63, 0x74, 0x7f, 0x40, 0xf8, 0xe4, 0x4c, 0x36, 0x9e, 0x08, 0x1c, 0xea, 0xec, 0x0f, 0xc8,
-	0xc3, 0x83, 0xe5, 0xcb, 0x69, 0x0b, 0x26, 0xc1, 0xdc, 0x06, 0xad, 0x29, 0x57, 0x4b, 0xdc, 0xfa,
-	0x99, 0x78, 0xd7, 0x0f, 0x0f, 0x96, 0x33, 0x82, 0xb0, 0xa6, 0x90, 0xe2, 0x0e, 0xa2, 0x3d, 0x40,
-	0xb6, 0xe1, 0xd3, 0x8e, 0x67, 0x38, 0xbe, 0xe8, 0xc9, 0xea, 0x13, 0x39, 0x09, 0x4f, 0x15, 0x5b,
-	0x34, 0x66, 0xd1, 0x58, 0x94, 0x5e, 0xa0, 0xb5, 0x14, 0x1a, 0xce, 0xe8, 0x01, 0x3d, 0x01, 0xe3,
-	0x1e, 0x31, 0x7c, 0xd7, 0x59, 0x18, 0xe3, 0xa3, 0x50, 0x13, 0x88, 0x79, 0x2b, 0x96, 0x52, 0xf4,
-	0x24, 0x4c, 0xf4, 0x89, 0xef, 0x1b, 0x3d, 0xb2, 0x50, 0xe1, 0x8a, 0xb3, 0x52, 0x71, 0x62, 0x5d,
-	0x34, 0xe3, 0x40, 0xae, 0x7f, 0xa0, 0xc1, 0xb4, 0x9a, 0xb9, 0x35, 0xcb, 0xa7, 0xe8, 0xdb, 0xa9,
-	0x38, 0xac, 0x15, 0x1b, 0x12, 0xb3, 0xe6, 0x51, 0x78, 0x41, 0xf6, 0x56, 0x0d, 0x5a, 0x22, 0x31,
-	0xb8, 0x0e, 0x15, 0x8b, 0x92, 0x3e, 0x5b, 0x87, 0xf2, 0xd5, 0xa9, 0x9b, 0x57, 0x8b, 0x86, 0x4c,
-	0x63, 0x5a, 0x82, 0x56, 0x56, 0x99, 0x39, 0x16, 0x28, 0xfa, 0xcf, 0xc6, 0x22, 0xee, 0xb3, 0xd0,
-	0x44, 0xef, 0x40, 0xd5, 0x27, 0x36, 0x31, 0xa9, 0xeb, 0x49, 0xf7, 0x9f, 0x2e, 0xe8, 0xbe, 0xb1,
-	0x45, 0xec, 0xb6, 0x34, 0x6d, 0x9c, 0x67, 0xfe, 0x07, 0xbf, 0xb0, 0x82, 0x44, 0x6f, 0x40, 0x95,
-	0x92, 0xfe, 0xc0, 0x36, 0x28, 0x91, 0xfb, 0xe8, 0xcb, 0xd1, 0x21, 0xb0, 0xc8, 0x61, 0x60, 0x2d,
-	0xb7, 0xdb, 0x91, 0x6a, 0x7c, 0xfb, 0xa8, 0x29, 0x09, 0x5a, 0xb1, 0x82, 0x41, 0x7b, 0x30, 0x33,
-	0x1c, 0x74, 0x99, 0x26, 0x65, 0xd9, 0xa1, 0xb7, 0x2f, 0x23, 0xe9, 0x56, 0xd1, 0xb9, 0xd9, 0x8c,
-	0x59, 0x37, 0x2e, 0xcb, 0xbe, 0x66, 0xe2, 0xed, 0x38, 0xd1, 0x0b, 0xba, 0x0d, 0xb3, 0x7d, 0xcb,
-	0xc1, 0xc4, 0xe8, 0xee, 0xb7, 0x89, 0xe9, 0x3a, 0x5d, 0x9f, 0x87, 0x55, 0xa5, 0x31, 0x2f, 0x01,
-	0x66, 0xd7, 0xe3, 0x62, 0x9c, 0xd4, 0x47, 0xaf, 0x01, 0x0a, 0x86, 0xf1, 0xaa, 0x48, 0x6e, 0x96,
-	0xeb, 0xf0, 0x98, 0x2b, 0x87, 0xc1, 0xdd, 0x49, 0x69, 0xe0, 0x0c, 0x2b, 0xb4, 0x06, 0x73, 0x1e,
-	0xd9, 0xb3, 0xd8, 0x18, 0xef, 0x59, 0x3e, 0x75, 0xbd, 0xfd, 0x35, 0xab, 0x6f, 0xd1, 0x85, 0x71,
-	0xee, 0xd3, 0xc2, 0xe1, 0xc1, 0xf2, 0x1c, 0xce, 0x90, 0xe3, 0x4c, 0x2b, 0xfd, 0xe7, 0xe3, 0x30,
-	0x9b, 0xc8, 0x37, 0xe8, 0x4d, 0xb8, 0x6c, 0x0e, 0x3d, 0x8f, 0x38, 0xb4, 0x39, 0xec, 0x6f, 0x11,
-	0xaf, 0x6d, 0xee, 0x90, 0xee, 0xd0, 0x26, 0x5d, 0x1e, 0x28, 0x95, 0xc6, 0x92, 0xf4, 0xf8, 0xf2,
-	0x4a, 0xa6, 0x16, 0xce, 0xb1, 0x66, 0xb3, 0xe0, 0xf0, 0xa6, 0x75, 0xcb, 0xf7, 0x15, 0x66, 0x89,
-	0x63, 0xaa, 0x59, 0x68, 0xa6, 0x34, 0x70, 0x86, 0x15, 0xf3, 0xb1, 0x4b, 0x7c, 0xcb, 0x23, 0xdd,
-	0xa4, 0x8f, 0xe5, 0xb8, 0x8f, 0x77, 0x32, 0xb5, 0x70, 0x8e, 0x35, 0x7a, 0x16, 0xa6, 0x44, 0x6f,
-	0x7c, 0xfd, 0xe4, 0x42, 0x5f, 0x92, 0x60, 0x53, 0xcd, 0x50, 0x84, 0xa3, 0x7a, 0x6c, 0x68, 0xee,
-	0x96, 0x4f, 0xbc, 0x3d, 0xd2, 0xcd, 0x5f, 0xe0, 0x8d, 0x94, 0x06, 0xce, 0xb0, 0x62, 0x43, 0x13,
-	0x11, 0x98, 0x1a, 0xda, 0x78, 0x7c, 0x68, 0x9b, 0x99, 0x5a, 0x38, 0xc7, 0x9a, 0xc5, 0xb1, 0x70,
-	0xf9, 0xf6, 0x9e, 0x61, 0xd9, 0xc6, 0x96, 0x4d, 0x16, 0x26, 0xe2, 0x71, 0xdc, 0x8c, 0x8b, 0x71,
-	0x52, 0x1f, 0xbd, 0x0a, 0x17, 0x45, 0xd3, 0xa6, 0x63, 0x28, 0x90, 0x2a, 0x07, 0x79, 0x54, 0x82,
-	0x5c, 0x6c, 0x26, 0x15, 0x70, 0xda, 0x06, 0xbd, 0x00, 0x33, 0xa6, 0x6b, 0xdb, 0x3c, 0x1e, 0x57,
-	0xdc, 0xa1, 0x43, 0x17, 0x26, 0x39, 0x0a, 0x62, 0xfb, 0x71, 0x25, 0x26, 0xc1, 0x09, 0x4d, 0x44,
-	0x00, 0xcc, 0xa0, 0xe0, 0xf8, 0x0b, 0xc0, 0xf3, 0xe3, 0x8d, 0xa2, 0x39, 0x40, 0x95, 0xaa, 0x90,
-	0x03, 0xa8, 0x26, 0x1f, 0x47, 0x80, 0xf5, 0x3f, 0x6b, 0x30, 0x9f, 0x93, 0x3a, 0xd0, 0xcb, 0xb1,
-	0x12, 0xfb, 0xb5, 0x44, 0x89, 0xbd, 0x92, 0x63, 0x16, 0xa9, 0xb3, 0x0e, 0x4c, 0x7b, 0x6c, 0x54,
-	0x4e, 0x4f, 0xa8, 0xc8, 0x1c, 0xf9, 0xec, 0x31, 0xc3, 0xc0, 0x51, 0x9b, 0x30, 0xe7, 0x5f, 0x3c,
-	0x3c, 0x58, 0x9e, 0x8e, 0xc9, 0x70, 0x1c, 0x5e, 0xff, 0x45, 0x09, 0xe0, 0x0e, 0x19, 0xd8, 0xee,
-	0x7e, 0x9f, 0x38, 0x67, 0xc1, 0xa1, 0x36, 0x62, 0x1c, 0xea, 0xfa, 0x71, 0xcb, 0xa3, 0x5c, 0xcb,
-	0x25, 0x51, 0x6f, 0x25, 0x48, 0x54, 0xbd, 0x38, 0xe4, 0xd1, 0x2c, 0xea, 0x6f, 0x65, 0xb8, 0x14,
-	0x2a, 0x87, 0x34, 0xea, 0xc5, 0xd8, 0x1a, 0x7f, 0x35, 0xb1, 0xc6, 0xf3, 0x19, 0x26, 0x9f, 0x1b,
-	0x8f, 0x7a, 0x17, 0x66, 0x18, 0xcb, 0x11, 0x6b, 0xc9, 0x39, 0xd4, 0xf8, 0xc8, 0x1c, 0x4a, 0x55,
-	0xbb, 0xb5, 0x18, 0x12, 0x4e, 0x20, 0xe7, 0x70, 0xb6, 0x89, 0x2f, 0x22, 0x67, 0xfb, 0x50, 0x83,
-	0x99, 0x70, 0x99, 0xce, 0x80, 0xb4, 0x35, 0xe3, 0xa4, 0xed, 0xc9, 0xc2, 0x21, 0x9a, 0xc3, 0xda,
-	0xfe, 0xc5, 0x08, 0xbe, 0x52, 0x62, 0x1b, 0x7c, 0xcb, 0x30, 0x77, 0xd1, 0xe3, 0x30, 0xe6, 0x18,
-	0xfd, 0x20, 0x32, 0xd5, 0x66, 0x69, 0x1a, 0x7d, 0x82, 0xb9, 0x04, 0xbd, 0xaf, 0x01, 0x92, 0x55,
-	0xe0, 0xb6, 0xe3, 0xb8, 0xd4, 0x10, 0xb9, 0x52, 0xb8, 0xb5, 0x5a, 0xd8, 0xad, 0xa0, 0xc7, 0xda,
-	0x66, 0x0a, 0xeb, 0xae, 0x43, 0xbd, 0xfd, 0x70, 0x91, 0xd3, 0x0a, 0x38, 0xc3, 0x01, 0x64, 0x00,
-	0x78, 0x12, 0xb3, 0xe3, 0xca, 0x8d, 0x7c, 0xbd, 0x40, 0xce, 0x63, 0x06, 0x2b, 0xae, 0xb3, 0x6d,
-	0xf5, 0xc2, 0xb4, 0x83, 0x15, 0x10, 0x8e, 0x80, 0x2e, 0xde, 0x85, 0xf9, 0x1c, 0x6f, 0xd1, 0x05,
-	0x28, 0xef, 0x92, 0x7d, 0x31, 0x6d, 0x98, 0xfd, 0x89, 0xe6, 0xa0, 0xb2, 0x67, 0xd8, 0x43, 0x91,
-	0x7e, 0x27, 0xb1, 0xf8, 0xf1, 0x42, 0xe9, 0x39, 0x4d, 0xff, 0xa0, 0x12, 0x8d, 0x1d, 0xce, 0x98,
-	0xaf, 0x42, 0xd5, 0x23, 0x03, 0xdb, 0x32, 0x0d, 0x5f, 0x12, 0x21, 0x4e, 0x7e, 0xb1, 0x6c, 0xc3,
-	0x4a, 0x1a, 0xe3, 0xd6, 0xa5, 0xcf, 0x97, 0x5b, 0x97, 0x4f, 0x87, 0x5b, 0x7f, 0x17, 0xaa, 0x7e,
-	0xc0, 0xaa, 0xc7, 0x38, 0xe4, 0x8d, 0x11, 0xf2, 0xab, 0x24, 0xd4, 0xaa, 0x03, 0x45, 0xa5, 0x15,
-	0x68, 0x16, 0x89, 0xae, 0x8c, 0x48, 0xa2, 0x4f, 0x95, 0xf8, 0xb2, 0x7c, 0x33, 0x30, 0x86, 0x3e,
-	0xe9, 0xf2, 0xdc, 0x56, 0x0d, 0xf3, 0x4d, 0x8b, 0xb7, 0x62, 0x29, 0x45, 0xef, 0xc4, 0x42, 0xb6,
-	0x7a, 0x92, 0x90, 0x9d, 0xc9, 0x0f, 0x57, 0xb4, 0x09, 0xf3, 0x03, 0xcf, 0xed, 0x79, 0xc4, 0xf7,
-	0xef, 0x10, 0xa3, 0x6b, 0x5b, 0x0e, 0x09, 0xe6, 0x47, 0x30, 0xa2, 0x2b, 0x87, 0x07, 0xcb, 0xf3,
-	0xad, 0x6c, 0x15, 0x9c, 0x67, 0xab, 0x3f, 0x18, 0x83, 0x0b, 0xc9, 0x0a, 0x98, 0x43, 0x52, 0xb5,
-	0x13, 0x91, 0xd4, 0x6b, 0x91, 0xcd, 0x20, 0x18, 0xbc, 0x5a, 0xfd, 0x8c, 0x0d, 0x71, 0x1b, 0x66,
-	0x65, 0x36, 0x08, 0x84, 0x92, 0xa6, 0xab, 0xd5, 0xdf, 0x8c, 0x8b, 0x71, 0x52, 0x1f, 0xbd, 0x08,
-	0xd3, 0x1e, 0xe7, 0xdd, 0x01, 0x80, 0xe0, 0xae, 0x8f, 0x48, 0x80, 0x69, 0x1c, 0x15, 0xe2, 0xb8,
-	0x2e, 0xe3, 0xad, 0x21, 0x1d, 0x0d, 0x00, 0xc6, 0xe2, 0xbc, 0xf5, 0x76, 0x52, 0x01, 0xa7, 0x6d,
-	0xd0, 0x3a, 0x5c, 0x1a, 0x3a, 0x69, 0x28, 0x11, 0xca, 0x57, 0x24, 0xd4, 0xa5, 0xcd, 0xb4, 0x0a,
-	0xce, 0xb2, 0x43, 0xdb, 0x31, 0x2a, 0x3b, 0xce, 0xd3, 0xf3, 0xcd, 0xc2, 0x1b, 0xaf, 0x30, 0x97,
-	0xcd, 0xa0, 0xdb, 0xd5, 0xa2, 0x74, 0x5b, 0xff, 0x83, 0x16, 0x2d, 0x42, 0x8a, 0x02, 0x1f, 0x77,
-	0xcb, 0x94, 0xb2, 0x88, 0xb0, 0x23, 0x37, 0x9b, 0xfd, 0xde, 0x1a, 0x89, 0xfd, 0x86, 0xc5, 0xf3,
-	0x78, 0xfa, 0xfb, 0x47, 0x0d, 0x66, 0xef, 0x75, 0x3a, 0xad, 0x55, 0x87, 0xef, 0x96, 0x96, 0x41,
-	0x77, 0x58, 0x15, 0x1d, 0x18, 0x74, 0x27, 0x59, 0x45, 0x99, 0x0c, 0x73, 0x09, 0x7a, 0x06, 0xaa,
-	0xec, 0x5f, 0xe6, 0x38, 0x0f, 0xd7, 0x49, 0x9e, 0x64, 0xaa, 0x2d, 0xd9, 0xf6, 0x30, 0xf2, 0x37,
-	0x56, 0x9a, 0xe8, 0x5b, 0x30, 0xc1, 0xf6, 0x36, 0x71, 0xba, 0x05, 0xc9, 0xaf, 0x74, 0xaa, 0x21,
-	0x8c, 0x42, 0x3e, 0x23, 0x1b, 0x70, 0x00, 0xa7, 0xef, 0xc2, 0x5c, 0x64, 0x10, 0x78, 0x68, 0x93,
-	0x37, 0x59, 0xbd, 0x42, 0x6d, 0xa8, 0xb0, 0xde, 0x59, 0x55, 0x2a, 0x17, 0xb8, 0x5e, 0x4c, 0x4c,
-	0x44, 0xc8, 0x3d, 0xd8, 0x2f, 0x1f, 0x0b, 0x2c, 0x7d, 0x03, 0x26, 0x56, 0x5b, 0x0d, 0xdb, 0x15,
-	0x7c, 0xc3, 0xb4, 0xba, 0x5e, 0x72, 0xa6, 0x56, 0x56, 0xef, 0x60, 0xcc, 0x25, 0x48, 0x87, 0x71,
-	0x72, 0xdf, 0x24, 0x03, 0xca, 0x29, 0xc6, 0x64, 0x03, 0x58, 0x22, 0xbd, 0xcb, 0x5b, 0xb0, 0x94,
-	0xe8, 0x3f, 0x29, 0xc1, 0x84, 0xec, 0xf6, 0x0c, 0xce, 0x1f, 0x6b, 0xb1, 0xf3, 0xc7, 0x53, 0xc5,
-	0x96, 0x20, 0xf7, 0xf0, 0xd1, 0x49, 0x1c, 0x3e, 0xae, 0x15, 0xc4, 0x3b, 0xfa, 0xe4, 0xf1, 0x5e,
-	0x09, 0x66, 0xe2, 0x8b, 0x8f, 0x9e, 0x85, 0x29, 0x96, 0x6a, 0x2d, 0x93, 0x34, 0x43, 0x86, 0xa7,
-	0xae, 0x1f, 0xda, 0xa1, 0x08, 0x47, 0xf5, 0x50, 0x4f, 0x99, 0xb5, 0x5c, 0x8f, 0xca, 0x41, 0xe7,
-	0x4f, 0xe9, 0x90, 0x5a, 0x76, 0x4d, 0x5c, 0xb6, 0xd7, 0x56, 0x1d, 0xba, 0xe1, 0xb5, 0xa9, 0x67,
-	0x39, 0xbd, 0x54, 0x47, 0x0c, 0x0c, 0x47, 0x91, 0xd1, 0x5b, 0x2c, 0xed, 0xfb, 0xee, 0xd0, 0x33,
-	0x49, 0x16, 0x7d, 0x0b, 0xa8, 0x07, 0xdb, 0x08, 0xdd, 0x35, 0xd7, 0x34, 0x6c, 0xb1, 0x38, 0x98,
-	0x6c, 0x13, 0x8f, 0x38, 0x26, 0x09, 0x28, 0x93, 0x80, 0xc0, 0x0a, 0x4c, 0xff, 0xad, 0x06, 0x53,
-	0x72, 0x2e, 0xce, 0x80, 0xa8, 0xbf, 0x1e, 0x27, 0xea, 0x4f, 0x14, 0xdc, 0xa1, 0xd9, 0x2c, 0xfd,
-	0x77, 0x1a, 0x2c, 0x06, 0xae, 0xbb, 0x46, 0xb7, 0x61, 0xd8, 0x86, 0x63, 0x12, 0x2f, 0x88, 0xf5,
-	0x45, 0x28, 0x59, 0x03, 0xb9, 0x92, 0x20, 0x01, 0x4a, 0xab, 0x2d, 0x5c, 0xb2, 0x06, 0xac, 0x8a,
-	0xee, 0xb8, 0x3e, 0xe5, 0x6c, 0x5e, 0x1c, 0x14, 0x95, 0xd7, 0xf7, 0x64, 0x3b, 0x56, 0x1a, 0x68,
-	0x13, 0x2a, 0x03, 0xd7, 0xa3, 0xac, 0x72, 0x95, 0x13, 0xeb, 0x7b, 0x84, 0xd7, 0x6c, 0xdd, 0x64,
-	0x20, 0x86, 0x3b, 0x9d, 0xc1, 0x60, 0x81, 0xa6, 0xff, 0x50, 0x83, 0x47, 0x33, 0xfc, 0x97, 0xa4,
-	0xa1, 0x0b, 0x13, 0x96, 0x10, 0xca, 0xf4, 0xf2, 0x7c, 0xb1, 0x6e, 0x33, 0xa6, 0x22, 0x4c, 0x6d,
-	0x41, 0x0a, 0x0b, 0xa0, 0xf5, 0x5f, 0x69, 0x70, 0x31, 0xe5, 0x2f, 0x4f, 0xd1, 0x2c, 0x9e, 0x25,
-	0xdb, 0x56, 0x29, 0x9a, 0x85, 0x25, 0x97, 0xa0, 0xd7, 0xa1, 0xca, 0xdf, 0x88, 0x4c, 0xd7, 0x96,
-	0x13, 0x58, 0x0f, 0x26, 0xb0, 0x25, 0xdb, 0x1f, 0x1e, 0x2c, 0x5f, 0xc9, 0x38, 0x6b, 0x07, 0x62,
-	0xac, 0x00, 0xd0, 0x32, 0x54, 0x88, 0xe7, 0xb9, 0x9e, 0x4c, 0xf6, 0x93, 0x6c, 0xa6, 0xee, 0xb2,
-	0x06, 0x2c, 0xda, 0xf5, 0x5f, 0x87, 0x41, 0xca, 0xb2, 0x2f, 0xf3, 0x8f, 0x2d, 0x4e, 0x32, 0x31,
-	0xb2, 0xa5, 0xc3, 0x5c, 0x82, 0x86, 0x70, 0xc1, 0x4a, 0xa4, 0x6b, 0xb9, 0x3b, 0xeb, 0xc5, 0xa6,
-	0x51, 0x99, 0x35, 0x16, 0x24, 0xfc, 0x85, 0xa4, 0x04, 0xa7, 0xba, 0xd0, 0x09, 0xa4, 0xb4, 0xd0,
-	0x1b, 0x30, 0xb6, 0x43, 0xe9, 0x20, 0xe3, 0xb2, 0xff, 0x98, 0x22, 0x11, 0xba, 0x50, 0xe5, 0xa3,
-	0xeb, 0x74, 0x5a, 0x98, 0x43, 0xe9, 0xbf, 0x2f, 0xa9, 0xf9, 0xe0, 0x27, 0xa4, 0x6f, 0xaa, 0xd1,
-	0xae, 0xd8, 0x86, 0xef, 0xf3, 0x14, 0x26, 0x4e, 0xf3, 0x73, 0x11, 0xc7, 0x95, 0x0c, 0xa7, 0xb4,
-	0x51, 0x27, 0x2c, 0x9e, 0xda, 0x49, 0x8a, 0xe7, 0x54, 0x56, 0xe1, 0x44, 0xf7, 0xa0, 0x4c, 0xed,
-	0xa2, 0xa7, 0x72, 0x89, 0xd8, 0x59, 0x6b, 0x37, 0xa6, 0xe4, 0x94, 0x97, 0x3b, 0x6b, 0x6d, 0xcc,
-	0x20, 0xd0, 0x06, 0x54, 0xbc, 0xa1, 0x4d, 0x58, 0x1d, 0x28, 0x17, 0xaf, 0x2b, 0x6c, 0x06, 0xc3,
-	0xcd, 0xc7, 0x7e, 0xf9, 0x58, 0xe0, 0xe8, 0x3f, 0xd2, 0x60, 0x3a, 0x56, 0x2d, 0x90, 0x07, 0xe7,
-	0xed, 0xc8, 0xde, 0x91, 0xf3, 0xf0, 0xdc, 0xe8, 0xbb, 0x4e, 0x6e, 0xfa, 0x39, 0xd9, 0xef, 0xf9,
-	0xa8, 0x0c, 0xc7, 0xfa, 0xd0, 0x0d, 0x80, 0x70, 0xd8, 0x6c, 0x1f, 0xb0, 0xe0, 0x15, 0x1b, 0x5e,
-	0xee, 0x03, 0x16, 0xd3, 0x3e, 0x16, 0xed, 0xe8, 0x26, 0x80, 0x4f, 0x4c, 0x8f, 0xd0, 0x66, 0x98,
-	0xb8, 0x54, 0x39, 0x6e, 0x2b, 0x09, 0x8e, 0x68, 0xe9, 0x7f, 0xd2, 0x60, 0xba, 0x49, 0xe8, 0xf7,
-	0x5d, 0x6f, 0xb7, 0xe5, 0xda, 0x96, 0xb9, 0x7f, 0x06, 0x24, 0x00, 0xc7, 0x48, 0xc0, 0x71, 0xf9,
-	0x32, 0xe6, 0x5d, 0x1e, 0x15, 0xd0, 0x3f, 0xd4, 0x60, 0x3e, 0xa6, 0x79, 0x37, 0xcc, 0x07, 0x2a,
-	0x41, 0x6b, 0x85, 0x12, 0x74, 0x0c, 0x86, 0x25, 0xb5, 0xec, 0x04, 0x8d, 0xd6, 0xa0, 0x44, 0x5d,
-	0x19, 0xbd, 0xa3, 0x61, 0x12, 0xe2, 0x85, 0x35, 0xa7, 0xe3, 0xe2, 0x12, 0x75, 0xd9, 0x42, 0x2c,
-	0xc4, 0xb4, 0xa2, 0x19, 0xed, 0x73, 0x1a, 0x01, 0x86, 0xb1, 0x6d, 0xcf, 0xed, 0x9f, 0x78, 0x0c,
-	0x6a, 0x21, 0x5e, 0xf1, 0xdc, 0x3e, 0xe6, 0x58, 0xfa, 0x47, 0x1a, 0x5c, 0x8c, 0x69, 0x9e, 0x01,
-	0x6f, 0x78, 0x23, 0xce, 0x1b, 0xae, 0x8d, 0x32, 0x90, 0x1c, 0xf6, 0xf0, 0x51, 0x29, 0x31, 0x0c,
-	0x36, 0x60, 0xb4, 0x0d, 0x53, 0x03, 0xb7, 0xdb, 0x3e, 0x85, 0x07, 0xda, 0x59, 0xc6, 0xe7, 0x5a,
-	0x21, 0x16, 0x8e, 0x02, 0xa3, 0xfb, 0x70, 0x91, 0x51, 0x0b, 0x7f, 0x60, 0x98, 0xa4, 0x7d, 0x0a,
-	0x57, 0x56, 0x8f, 0xf0, 0x17, 0xa0, 0x24, 0x22, 0x4e, 0x77, 0x82, 0xd6, 0x61, 0xc2, 0x1a, 0xf0,
-	0xf3, 0x85, 0x24, 0x92, 0xc7, 0x92, 0x30, 0x71, 0x1a, 0x11, 0x29, 0x5e, 0xfe, 0xc0, 0x01, 0x86,
-	0xfe, 0xd7, 0x64, 0x34, 0x70, 0xba, 0xfa, 0x6a, 0x84, 0x1e, 0xc8, 0xb7, 0x9a, 0x93, 0x51, 0x83,
-	0xa6, 0x64, 0x22, 0x27, 0x65, 0xd6, 0xd5, 0x04, 0x6f, 0xf9, 0x0a, 0x4c, 0x10, 0xa7, 0xcb, 0xc9,
-	0xba, 0xb8, 0x08, 0xe1, 0xa3, 0xba, 0x2b, 0x9a, 0x70, 0x20, 0xd3, 0x7f, 0x5c, 0x4e, 0x8c, 0x8a,
-	0x97, 0xd9, 0x77, 0x4f, 0x2d, 0x38, 0x14, 0xe1, 0xcf, 0x0d, 0x90, 0xad, 0x90, 0xfe, 0x89, 0x98,
-	0xff, 0xc6, 0x28, 0x31, 0x1f, 0xad, 0x7f, 0xb9, 0xe4, 0x0f, 0x7d, 0x07, 0xc6, 0x89, 0xe8, 0x42,
-	0x54, 0xd5, 0x5b, 0xa3, 0x74, 0x11, 0xa6, 0xdf, 0xf0, 0x9c, 0x25, 0xdb, 0x24, 0x2a, 0x7a, 0x99,
-	0xcd, 0x17, 0xd3, 0x65, 0xc7, 0x12, 0xc1, 0x9e, 0x27, 0x1b, 0x8f, 0x89, 0x61, 0xab, 0xe6, 0x87,
-	0x07, 0xcb, 0x10, 0xfe, 0xc4, 0x51, 0x0b, 0xfe, 0x7a, 0x26, 0xef, 0x6c, 0xce, 0xe6, 0x0b, 0xa4,
-	0xd1, 0x5e, 0xcf, 0x42, 0xd7, 0x4e, 0xed, 0xf5, 0x2c, 0x02, 0x79, 0xf4, 0x19, 0xf6, 0x9f, 0x25,
-	0xb8, 0x14, 0x2a, 0x17, 0x7e, 0x3d, 0xcb, 0x30, 0xf9, 0xff, 0x57, 0x48, 0xc5, 0x5e, 0xb4, 0xc2,
-	0xa9, 0xfb, 0xef, 0x7b, 0xd1, 0x0a, 0x7d, 0xcb, 0xa9, 0x76, 0xbf, 0x29, 0x45, 0x07, 0x30, 0xe2,
-	0xb3, 0xca, 0x29, 0x7c, 0x88, 0xf3, 0x85, 0x7b, 0x99, 0xd1, 0xff, 0x52, 0x86, 0x0b, 0xc9, 0xdd,
-	0x18, 0xbb, 0x7d, 0xd7, 0x8e, 0xbd, 0x7d, 0x6f, 0xc1, 0xdc, 0xf6, 0xd0, 0xb6, 0xf7, 0xf9, 0x18,
-	0x22, 0x57, 0xf0, 0xe2, 0xde, 0xfe, 0x4b, 0xd2, 0x72, 0xee, 0x95, 0x0c, 0x1d, 0x9c, 0x69, 0x99,
-	0xbe, 0x8c, 0x1f, 0xfb, 0x4f, 0x2f, 0xe3, 0x2b, 0x27, 0xb8, 0x8c, 0xcf, 0x7e, 0xcf, 0x28, 0x9f,
-	0xe8, 0x3d, 0xe3, 0x24, 0x37, 0xf1, 0x19, 0x49, 0xec, 0xd8, 0xaf, 0x4a, 0x5e, 0x82, 0x99, 0xf8,
-	0xeb, 0x90, 0x58, 0x4b, 0xf1, 0x40, 0x25, 0xdf, 0x62, 0x22, 0x6b, 0x29, 0xda, 0xb1, 0xd2, 0xd0,
-	0x0f, 0x35, 0xb8, 0x9c, 0xfd, 0x15, 0x08, 0xb2, 0x61, 0xa6, 0x6f, 0xdc, 0x8f, 0x7e, 0x99, 0xa3,
-	0x9d, 0x90, 0xad, 0xf0, 0x67, 0x81, 0xf5, 0x18, 0x16, 0x4e, 0x60, 0xa3, 0xb7, 0xa1, 0xda, 0x37,
-	0xee, 0xb7, 0x87, 0x5e, 0x8f, 0x9c, 0x98, 0x15, 0xf1, 0x6d, 0xb4, 0x2e, 0x51, 0xb0, 0xc2, 0xd3,
-	0x3f, 0xd3, 0x60, 0x3e, 0xe7, 0xb2, 0xff, 0x7f, 0x68, 0x94, 0xef, 0x95, 0xa0, 0xd2, 0x36, 0x0d,
-	0x9b, 0x9c, 0x01, 0xa1, 0x78, 0x2d, 0x46, 0x28, 0x8e, 0xfb, 0x9a, 0x94, 0x7b, 0x95, 0xcb, 0x25,
-	0x70, 0x82, 0x4b, 0x3c, 0x55, 0x08, 0xed, 0x68, 0x1a, 0xf1, 0x3c, 0x4c, 0xaa, 0x4e, 0x47, 0xcb,
-	0x6e, 0xfa, 0x2f, 0x4b, 0x30, 0x15, 0xe9, 0x62, 0xc4, 0xdc, 0xb8, 0x1d, 0x2b, 0x08, 0xe5, 0x02,
-	0x37, 0x2d, 0x91, 0xbe, 0x6a, 0x41, 0x09, 0x10, 0x5f, 0x43, 0x84, 0xef, 0xdf, 0xe9, 0xca, 0xf0,
-	0x12, 0xcc, 0x50, 0xc3, 0xeb, 0x11, 0xaa, 0x68, 0xbb, 0xb8, 0x64, 0x54, 0x9f, 0xe5, 0x74, 0x62,
-	0x52, 0x9c, 0xd0, 0x5e, 0x7c, 0x11, 0xa6, 0x63, 0x9d, 0x8d, 0xf2, 0x31, 0x43, 0x63, 0xe5, 0xc1,
-	0xa7, 0x4b, 0xe7, 0x3e, 0xfe, 0x74, 0xe9, 0xdc, 0x27, 0x9f, 0x2e, 0x9d, 0xfb, 0xc1, 0xe1, 0x92,
-	0xf6, 0xe0, 0x70, 0x49, 0xfb, 0xf8, 0x70, 0x49, 0xfb, 0xe4, 0x70, 0x49, 0xfb, 0xfb, 0xe1, 0x92,
-	0xf6, 0xd3, 0xcf, 0x96, 0xce, 0xbd, 0xfd, 0xd8, 0x91, 0xff, 0xb7, 0xe1, 0xdf, 0x01, 0x00, 0x00,
-	0xff, 0xff, 0x5f, 0xd8, 0x14, 0x50, 0xfb, 0x30, 0x00, 0x00,
+	// 2875 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x5b, 0xcf, 0x6f, 0x24, 0x47,
+	0xf5, 0xdf, 0x9e, 0xf1, 0xd8, 0xe3, 0xe7, 0xb5, 0xbd, 0x5b, 0xeb, 0xac, 0x1d, 0xef, 0x37, 0x76,
+	0xd4, 0x5f, 0x11, 0x36, 0x61, 0x77, 0x86, 0xdd, 0x24, 0x4b, 0x7e, 0x48, 0x09, 0x3b, 0xde, 0x4d,
+	0xd6, 0x89, 0x7f, 0x4c, 0x6a, 0xc6, 0x09, 0x8a, 0x08, 0xd0, 0xee, 0x29, 0x8f, 0x3b, 0xee, 0xe9,
+	0x1e, 0x75, 0xd7, 0x98, 0xf5, 0x0d, 0x04, 0x97, 0x9c, 0x40, 0x42, 0x21, 0x1c, 0x91, 0x90, 0xb8,
+	0x72, 0xe5, 0x10, 0x22, 0x10, 0x41, 0x8a, 0x38, 0x45, 0xe2, 0x40, 0x4e, 0x16, 0x71, 0x4e, 0x88,
+	0x7f, 0x00, 0xed, 0x09, 0xd5, 0x8f, 0xae, 0xfe, 0x6d, 0xf7, 0x0c, 0x5e, 0x8b, 0x20, 0x4e, 0xeb,
+	0xa9, 0xf7, 0xde, 0xa7, 0x5e, 0x55, 0xbd, 0x7a, 0xef, 0x53, 0x55, 0xbd, 0x70, 0x7d, 0xef, 0x39,
+	0xbf, 0x66, 0xb9, 0x75, 0xa3, 0x6f, 0xd5, 0xc9, 0x7d, 0x4a, 0x1c, 0xdf, 0x72, 0x1d, 0xbf, 0xbe,
+	0x7f, 0x63, 0x9b, 0x50, 0xe3, 0x46, 0xbd, 0x4b, 0x1c, 0xe2, 0x19, 0x94, 0x74, 0x6a, 0x7d, 0xcf,
+	0xa5, 0x2e, 0x7a, 0x4c, 0xa8, 0xd7, 0x8c, 0xbe, 0x55, 0x0b, 0xd5, 0x6b, 0x52, 0x7d, 0xf1, 0x7a,
+	0xd7, 0xa2, 0xbb, 0x83, 0xed, 0x9a, 0xe9, 0xf6, 0xea, 0x5d, 0xb7, 0xeb, 0xd6, 0xb9, 0xd5, 0xf6,
+	0x60, 0x87, 0xff, 0xe2, 0x3f, 0xf8, 0x5f, 0x02, 0x6d, 0x51, 0x8f, 0x74, 0x6e, 0xba, 0x1e, 0xa9,
+	0xef, 0xa7, 0x7a, 0x5c, 0x7c, 0x26, 0xd4, 0xe9, 0x19, 0xe6, 0xae, 0xe5, 0x10, 0xef, 0xa0, 0xde,
+	0xdf, 0xeb, 0xb2, 0x06, 0xbf, 0xde, 0x23, 0xd4, 0xc8, 0xb2, 0xaa, 0xe7, 0x59, 0x79, 0x03, 0x87,
+	0x5a, 0x3d, 0x92, 0x32, 0xb8, 0x75, 0x92, 0x81, 0x6f, 0xee, 0x92, 0x9e, 0x91, 0xb2, 0x7b, 0x3a,
+	0xcf, 0x6e, 0x40, 0x2d, 0xbb, 0x6e, 0x39, 0xd4, 0xa7, 0x5e, 0xd2, 0x48, 0x7f, 0xbf, 0x04, 0x93,
+	0x77, 0x0c, 0xd2, 0x73, 0x9d, 0x16, 0xa1, 0xe8, 0x7b, 0x50, 0x65, 0xc3, 0xe8, 0x18, 0xd4, 0x58,
+	0xd0, 0x1e, 0xd7, 0xae, 0x4e, 0xdd, 0xfc, 0x7a, 0x2d, 0x9c, 0x66, 0x85, 0x5a, 0xeb, 0xef, 0x75,
+	0x59, 0x83, 0x5f, 0x63, 0xda, 0xb5, 0xfd, 0x1b, 0xb5, 0xcd, 0xed, 0x77, 0x89, 0x49, 0xd7, 0x09,
+	0x35, 0x1a, 0xe8, 0x93, 0xc3, 0xe5, 0x73, 0x47, 0x87, 0xcb, 0x10, 0xb6, 0x61, 0x85, 0x8a, 0x36,
+	0x60, 0xcc, 0xef, 0x13, 0x73, 0xa1, 0xc4, 0xd1, 0xaf, 0xd5, 0x8e, 0x5d, 0xc4, 0x9a, 0xf2, 0xac,
+	0xd5, 0x27, 0x66, 0xe3, 0xbc, 0x44, 0x1e, 0x63, 0xbf, 0x30, 0xc7, 0x41, 0x6f, 0xc2, 0xb8, 0x4f,
+	0x0d, 0x3a, 0xf0, 0x17, 0xca, 0x1c, 0xb1, 0x56, 0x18, 0x91, 0x5b, 0x35, 0x66, 0x24, 0xe6, 0xb8,
+	0xf8, 0x8d, 0x25, 0x9a, 0xfe, 0xf7, 0x12, 0x20, 0xa5, 0xbb, 0xe2, 0x3a, 0x1d, 0x8b, 0x5a, 0xae,
+	0x83, 0x5e, 0x80, 0x31, 0x7a, 0xd0, 0x27, 0x7c, 0x72, 0x26, 0x1b, 0x4f, 0x04, 0x0e, 0xb5, 0x0f,
+	0xfa, 0xe4, 0xc1, 0xe1, 0xf2, 0xe5, 0xb4, 0x05, 0x93, 0x60, 0x6e, 0x83, 0xd6, 0x94, 0xab, 0x25,
+	0x6e, 0xfd, 0x4c, 0xbc, 0xeb, 0x07, 0x87, 0xcb, 0x19, 0x41, 0x58, 0x53, 0x48, 0x71, 0x07, 0xd1,
+	0x3e, 0x20, 0xdb, 0xf0, 0x69, 0xdb, 0x33, 0x1c, 0x5f, 0xf4, 0x64, 0xf5, 0x88, 0x9c, 0x84, 0xa7,
+	0x8a, 0x2d, 0x1a, 0xb3, 0x68, 0x2c, 0x4a, 0x2f, 0xd0, 0x5a, 0x0a, 0x0d, 0x67, 0xf4, 0x80, 0x9e,
+	0x80, 0x71, 0x8f, 0x18, 0xbe, 0xeb, 0x2c, 0x8c, 0xf1, 0x51, 0xa8, 0x09, 0xc4, 0xbc, 0x15, 0x4b,
+	0x29, 0x7a, 0x12, 0x26, 0x7a, 0xc4, 0xf7, 0x8d, 0x2e, 0x59, 0xa8, 0x70, 0xc5, 0x59, 0xa9, 0x38,
+	0xb1, 0x2e, 0x9a, 0x71, 0x20, 0xd7, 0x3f, 0xd4, 0x60, 0x5a, 0xcd, 0xdc, 0x9a, 0xe5, 0x53, 0xf4,
+	0xed, 0x54, 0x1c, 0xd6, 0x8a, 0x0d, 0x89, 0x59, 0xf3, 0x28, 0xbc, 0x20, 0x7b, 0xab, 0x06, 0x2d,
+	0x91, 0x18, 0x5c, 0x87, 0x8a, 0x45, 0x49, 0x8f, 0xad, 0x43, 0xf9, 0xea, 0xd4, 0xcd, 0xab, 0x45,
+	0x43, 0xa6, 0x31, 0x2d, 0x41, 0x2b, 0xab, 0xcc, 0x1c, 0x0b, 0x14, 0xfd, 0xe7, 0x63, 0x11, 0xf7,
+	0x59, 0x68, 0xa2, 0x77, 0xa0, 0xea, 0x13, 0x9b, 0x98, 0xd4, 0xf5, 0xa4, 0xfb, 0x4f, 0x17, 0x74,
+	0xdf, 0xd8, 0x26, 0x76, 0x4b, 0x9a, 0x36, 0xce, 0x33, 0xff, 0x83, 0x5f, 0x58, 0x41, 0xa2, 0x37,
+	0xa0, 0x4a, 0x49, 0xaf, 0x6f, 0x1b, 0x94, 0xc8, 0x7d, 0xf4, 0xff, 0xd1, 0x21, 0xb0, 0xc8, 0x61,
+	0x60, 0x4d, 0xb7, 0xd3, 0x96, 0x6a, 0x7c, 0xfb, 0xa8, 0x29, 0x09, 0x5a, 0xb1, 0x82, 0x41, 0xfb,
+	0x30, 0x33, 0xe8, 0x77, 0x98, 0x26, 0x65, 0xd9, 0xa1, 0x7b, 0x20, 0x23, 0xe9, 0x56, 0xd1, 0xb9,
+	0xd9, 0x8a, 0x59, 0x37, 0x2e, 0xcb, 0xbe, 0x66, 0xe2, 0xed, 0x38, 0xd1, 0x0b, 0xba, 0x0d, 0xb3,
+	0x3d, 0xcb, 0xc1, 0xc4, 0xe8, 0x1c, 0xb4, 0x88, 0xe9, 0x3a, 0x1d, 0x9f, 0x87, 0x55, 0xa5, 0x31,
+	0x2f, 0x01, 0x66, 0xd7, 0xe3, 0x62, 0x9c, 0xd4, 0x47, 0xaf, 0x01, 0x0a, 0x86, 0xf1, 0xaa, 0x48,
+	0x6e, 0x96, 0xeb, 0xf0, 0x98, 0x2b, 0x87, 0xc1, 0xdd, 0x4e, 0x69, 0xe0, 0x0c, 0x2b, 0xb4, 0x06,
+	0x73, 0x1e, 0xd9, 0xb7, 0xd8, 0x18, 0xef, 0x59, 0x3e, 0x75, 0xbd, 0x83, 0x35, 0xab, 0x67, 0xd1,
+	0x85, 0x71, 0xee, 0xd3, 0xc2, 0xd1, 0xe1, 0xf2, 0x1c, 0xce, 0x90, 0xe3, 0x4c, 0x2b, 0xfd, 0x83,
+	0x71, 0x98, 0x4d, 0xe4, 0x1b, 0xf4, 0x26, 0x5c, 0x36, 0x07, 0x9e, 0x47, 0x1c, 0xba, 0x31, 0xe8,
+	0x6d, 0x13, 0xaf, 0x65, 0xee, 0x92, 0xce, 0xc0, 0x26, 0x1d, 0x1e, 0x28, 0x95, 0xc6, 0x92, 0xf4,
+	0xf8, 0xf2, 0x4a, 0xa6, 0x16, 0xce, 0xb1, 0x66, 0xb3, 0xe0, 0xf0, 0xa6, 0x75, 0xcb, 0xf7, 0x15,
+	0x66, 0x89, 0x63, 0xaa, 0x59, 0xd8, 0x48, 0x69, 0xe0, 0x0c, 0x2b, 0xe6, 0x63, 0x87, 0xf8, 0x96,
+	0x47, 0x3a, 0x49, 0x1f, 0xcb, 0x71, 0x1f, 0xef, 0x64, 0x6a, 0xe1, 0x1c, 0x6b, 0xf4, 0x2c, 0x4c,
+	0x89, 0xde, 0xf8, 0xfa, 0xc9, 0x85, 0xbe, 0x24, 0xc1, 0xa6, 0x36, 0x42, 0x11, 0x8e, 0xea, 0xb1,
+	0xa1, 0xb9, 0xdb, 0x3e, 0xf1, 0xf6, 0x49, 0x27, 0x7f, 0x81, 0x37, 0x53, 0x1a, 0x38, 0xc3, 0x8a,
+	0x0d, 0x4d, 0x44, 0x60, 0x6a, 0x68, 0xe3, 0xf1, 0xa1, 0x6d, 0x65, 0x6a, 0xe1, 0x1c, 0x6b, 0x16,
+	0xc7, 0xc2, 0xe5, 0xdb, 0xfb, 0x86, 0x65, 0x1b, 0xdb, 0x36, 0x59, 0x98, 0x88, 0xc7, 0xf1, 0x46,
+	0x5c, 0x8c, 0x93, 0xfa, 0xe8, 0x55, 0xb8, 0x28, 0x9a, 0xb6, 0x1c, 0x43, 0x81, 0x54, 0x39, 0xc8,
+	0xa3, 0x12, 0xe4, 0xe2, 0x46, 0x52, 0x01, 0xa7, 0x6d, 0xd0, 0x0b, 0x30, 0x63, 0xba, 0xb6, 0xcd,
+	0xe3, 0x71, 0xc5, 0x1d, 0x38, 0x74, 0x61, 0x92, 0xa3, 0x20, 0xb6, 0x1f, 0x57, 0x62, 0x12, 0x9c,
+	0xd0, 0x44, 0x04, 0xc0, 0x0c, 0x0a, 0x8e, 0xbf, 0x00, 0x3c, 0x3f, 0xde, 0x28, 0x9a, 0x03, 0x54,
+	0xa9, 0x0a, 0x39, 0x80, 0x6a, 0xf2, 0x71, 0x04, 0x58, 0xff, 0xb3, 0x06, 0xf3, 0x39, 0xa9, 0x03,
+	0xbd, 0x1c, 0x2b, 0xb1, 0x5f, 0x4b, 0x94, 0xd8, 0x2b, 0x39, 0x66, 0x91, 0x3a, 0xeb, 0xc0, 0xb4,
+	0xc7, 0x46, 0xe5, 0x74, 0x85, 0x8a, 0xcc, 0x91, 0xcf, 0x9e, 0x30, 0x0c, 0x1c, 0xb5, 0x09, 0x73,
+	0xfe, 0xc5, 0xa3, 0xc3, 0xe5, 0xe9, 0x98, 0x0c, 0xc7, 0xe1, 0xf5, 0x5f, 0x94, 0x00, 0xee, 0x90,
+	0xbe, 0xed, 0x1e, 0xf4, 0x88, 0x73, 0x16, 0x1c, 0x6a, 0x33, 0xc6, 0xa1, 0xae, 0x9f, 0xb4, 0x3c,
+	0xca, 0xb5, 0x5c, 0x12, 0xf5, 0x56, 0x82, 0x44, 0xd5, 0x8b, 0x43, 0x1e, 0xcf, 0xa2, 0xfe, 0x5a,
+	0x86, 0x4b, 0xa1, 0x72, 0x48, 0xa3, 0x5e, 0x8c, 0xad, 0xf1, 0x57, 0x13, 0x6b, 0x3c, 0x9f, 0x61,
+	0xf2, 0xd0, 0x78, 0xd4, 0xbb, 0x30, 0xc3, 0x58, 0x8e, 0x58, 0x4b, 0xce, 0xa1, 0xc6, 0x87, 0xe6,
+	0x50, 0xaa, 0xda, 0xad, 0xc5, 0x90, 0x70, 0x02, 0x39, 0x87, 0xb3, 0x4d, 0x7c, 0x19, 0x39, 0xdb,
+	0x47, 0x1a, 0xcc, 0x84, 0xcb, 0x74, 0x06, 0xa4, 0x6d, 0x23, 0x4e, 0xda, 0x9e, 0x2c, 0x1c, 0xa2,
+	0x39, 0xac, 0xed, 0x9f, 0x8c, 0xe0, 0x2b, 0x25, 0xb6, 0xc1, 0xb7, 0x0d, 0x73, 0x0f, 0x3d, 0x0e,
+	0x63, 0x8e, 0xd1, 0x0b, 0x22, 0x53, 0x6d, 0x96, 0x0d, 0xa3, 0x47, 0x30, 0x97, 0xa0, 0xf7, 0x35,
+	0x40, 0xb2, 0x0a, 0xdc, 0x76, 0x1c, 0x97, 0x1a, 0x22, 0x57, 0x0a, 0xb7, 0x56, 0x0b, 0xbb, 0x15,
+	0xf4, 0x58, 0xdb, 0x4a, 0x61, 0xdd, 0x75, 0xa8, 0x77, 0x10, 0x2e, 0x72, 0x5a, 0x01, 0x67, 0x38,
+	0x80, 0x0c, 0x00, 0x4f, 0x62, 0xb6, 0x5d, 0xb9, 0x91, 0xaf, 0x17, 0xc8, 0x79, 0xcc, 0x60, 0xc5,
+	0x75, 0x76, 0xac, 0x6e, 0x98, 0x76, 0xb0, 0x02, 0xc2, 0x11, 0xd0, 0xc5, 0xbb, 0x30, 0x9f, 0xe3,
+	0x2d, 0xba, 0x00, 0xe5, 0x3d, 0x72, 0x20, 0xa6, 0x0d, 0xb3, 0x3f, 0xd1, 0x1c, 0x54, 0xf6, 0x0d,
+	0x7b, 0x20, 0xd2, 0xef, 0x24, 0x16, 0x3f, 0x5e, 0x28, 0x3d, 0xa7, 0xe9, 0x1f, 0x56, 0xa2, 0xb1,
+	0xc3, 0x19, 0xf3, 0x55, 0xa8, 0x7a, 0xa4, 0x6f, 0x5b, 0xa6, 0xe1, 0x4b, 0x22, 0xc4, 0xc9, 0x2f,
+	0x96, 0x6d, 0x58, 0x49, 0x63, 0xdc, 0xba, 0xf4, 0x70, 0xb9, 0x75, 0xf9, 0x74, 0xb8, 0xf5, 0x77,
+	0xa1, 0xea, 0x07, 0xac, 0x7a, 0x8c, 0x43, 0xde, 0x18, 0x22, 0xbf, 0x4a, 0x42, 0xad, 0x3a, 0x50,
+	0x54, 0x5a, 0x81, 0x66, 0x91, 0xe8, 0xca, 0x90, 0x24, 0xfa, 0x54, 0x89, 0x2f, 0xcb, 0x37, 0x7d,
+	0x63, 0xe0, 0x93, 0x0e, 0xcf, 0x6d, 0xd5, 0x30, 0xdf, 0x34, 0x79, 0x2b, 0x96, 0x52, 0xf4, 0x4e,
+	0x2c, 0x64, 0xab, 0xa3, 0x84, 0xec, 0x4c, 0x7e, 0xb8, 0xa2, 0x2d, 0x98, 0xef, 0x7b, 0x6e, 0xd7,
+	0x23, 0xbe, 0x7f, 0x87, 0x18, 0x1d, 0xdb, 0x72, 0x48, 0x30, 0x3f, 0x82, 0x11, 0x5d, 0x39, 0x3a,
+	0x5c, 0x9e, 0x6f, 0x66, 0xab, 0xe0, 0x3c, 0x5b, 0xfd, 0x67, 0x15, 0xb8, 0x90, 0xac, 0x80, 0x39,
+	0x24, 0x55, 0x1b, 0x89, 0xa4, 0x5e, 0x8b, 0x6c, 0x06, 0xc1, 0xe0, 0xd5, 0xea, 0x67, 0x6c, 0x88,
+	0xdb, 0x30, 0x2b, 0xb3, 0x41, 0x20, 0x94, 0x34, 0x5d, 0xad, 0xfe, 0x56, 0x5c, 0x8c, 0x93, 0xfa,
+	0xe8, 0x45, 0x98, 0xf6, 0x38, 0xef, 0x0e, 0x00, 0x04, 0x77, 0x7d, 0x44, 0x02, 0x4c, 0xe3, 0xa8,
+	0x10, 0xc7, 0x75, 0x19, 0x6f, 0x0d, 0xe9, 0x68, 0x00, 0x30, 0x16, 0xe7, 0xad, 0xb7, 0x93, 0x0a,
+	0x38, 0x6d, 0x83, 0xd6, 0xe1, 0xd2, 0xc0, 0x49, 0x43, 0x89, 0x50, 0xbe, 0x22, 0xa1, 0x2e, 0x6d,
+	0xa5, 0x55, 0x70, 0x96, 0x1d, 0x5a, 0x85, 0x4b, 0x94, 0x78, 0x3d, 0xcb, 0x31, 0xa8, 0xe5, 0x74,
+	0x15, 0x9c, 0x58, 0xf9, 0x79, 0x06, 0xd5, 0x4e, 0x8b, 0x71, 0x96, 0x0d, 0xda, 0x89, 0xb1, 0xe2,
+	0x71, 0x9e, 0xe9, 0x6f, 0x16, 0xde, 0xc3, 0x85, 0x69, 0x71, 0x06, 0x73, 0xaf, 0x16, 0x65, 0xee,
+	0xfa, 0x1f, 0xb4, 0x68, 0x3d, 0x53, 0x6c, 0xfa, 0xa4, 0x0b, 0xab, 0x94, 0x45, 0x84, 0x68, 0xb9,
+	0xd9, 0x44, 0xfa, 0xd6, 0x50, 0x44, 0x3a, 0xac, 0xc3, 0x27, 0x33, 0xe9, 0x3f, 0x6a, 0x30, 0x7b,
+	0xaf, 0xdd, 0x6e, 0xae, 0x3a, 0x7c, 0xe3, 0x35, 0x0d, 0xba, 0xcb, 0x0a, 0x72, 0xdf, 0xa0, 0xbb,
+	0xc9, 0x82, 0xcc, 0x64, 0x98, 0x4b, 0xd0, 0x33, 0x50, 0x65, 0xff, 0x32, 0xc7, 0x79, 0xe4, 0x4f,
+	0xf2, 0x7c, 0x55, 0x6d, 0xca, 0xb6, 0x07, 0x91, 0xbf, 0xb1, 0xd2, 0x44, 0xdf, 0x82, 0x09, 0x96,
+	0x26, 0x88, 0xd3, 0x29, 0xc8, 0xa3, 0xa5, 0x53, 0x0d, 0x61, 0x14, 0x52, 0x23, 0xd9, 0x80, 0x03,
+	0x38, 0x7d, 0x0f, 0xe6, 0x22, 0x83, 0xc0, 0x03, 0x9b, 0xbc, 0xc9, 0x4a, 0x1f, 0x6a, 0x41, 0x85,
+	0xf5, 0xce, 0x0a, 0x5c, 0xb9, 0xc0, 0x4d, 0x65, 0x62, 0x22, 0x42, 0x1a, 0xc3, 0x7e, 0xf9, 0x58,
+	0x60, 0xe9, 0x9b, 0x30, 0xb1, 0xda, 0x6c, 0xd8, 0xae, 0xa0, 0x2e, 0xa6, 0xd5, 0xf1, 0x92, 0x33,
+	0xb5, 0xb2, 0x7a, 0x07, 0x63, 0x2e, 0x41, 0x3a, 0x8c, 0x93, 0xfb, 0x26, 0xe9, 0x53, 0xce, 0x56,
+	0x26, 0x1b, 0xc0, 0x72, 0xf2, 0x5d, 0xde, 0x82, 0xa5, 0x44, 0xff, 0x49, 0x09, 0x26, 0x64, 0xb7,
+	0x67, 0x70, 0x94, 0x59, 0x8b, 0x1d, 0x65, 0x9e, 0x2a, 0xb6, 0x04, 0xb9, 0xe7, 0x98, 0x76, 0xe2,
+	0x1c, 0x73, 0xad, 0x20, 0xde, 0xf1, 0x87, 0x98, 0xf7, 0x4a, 0x30, 0x13, 0x5f, 0x7c, 0xf4, 0x2c,
+	0x4c, 0xb1, 0xac, 0x6d, 0x99, 0x64, 0x23, 0x24, 0x8b, 0xea, 0x26, 0xa3, 0x15, 0x8a, 0x70, 0x54,
+	0x0f, 0x75, 0x95, 0x59, 0xd3, 0xf5, 0xa8, 0x1c, 0x74, 0xfe, 0x94, 0x0e, 0xa8, 0x65, 0xd7, 0xc4,
+	0xbd, 0x7d, 0x6d, 0xd5, 0xa1, 0x9b, 0x5e, 0x8b, 0x7a, 0x96, 0xd3, 0x4d, 0x75, 0xc4, 0xc0, 0x70,
+	0x14, 0x19, 0xbd, 0xc5, 0x2a, 0x88, 0xef, 0x0e, 0x3c, 0x93, 0x64, 0x31, 0xc1, 0x80, 0xc5, 0xb0,
+	0x8d, 0xd0, 0x59, 0x73, 0x4d, 0xc3, 0x16, 0x8b, 0x83, 0xc9, 0x0e, 0xf1, 0x88, 0x63, 0x92, 0x80,
+	0x7d, 0x09, 0x08, 0xac, 0xc0, 0xf4, 0xdf, 0x6a, 0x30, 0x25, 0xe7, 0xe2, 0x0c, 0x38, 0xff, 0xeb,
+	0x71, 0xce, 0xff, 0x44, 0xc1, 0x1d, 0x9a, 0x4d, 0xf8, 0x7f, 0xa7, 0xc1, 0x62, 0xe0, 0xba, 0x6b,
+	0x74, 0x1a, 0x86, 0x6d, 0x38, 0x26, 0xf1, 0x82, 0x58, 0x5f, 0x84, 0x92, 0xd5, 0x97, 0x2b, 0x09,
+	0x12, 0xa0, 0xb4, 0xda, 0xc4, 0x25, 0xab, 0xcf, 0x0a, 0xf2, 0xae, 0xeb, 0x53, 0x7e, 0x30, 0x10,
+	0x67, 0x4e, 0xe5, 0xf5, 0x3d, 0xd9, 0x8e, 0x95, 0x06, 0xda, 0x82, 0x4a, 0xdf, 0xf5, 0x28, 0x2b,
+	0x82, 0xe5, 0xc4, 0xfa, 0x1e, 0xe3, 0x35, 0x5b, 0x37, 0x19, 0x88, 0xe1, 0x4e, 0x67, 0x30, 0x58,
+	0xa0, 0xe9, 0x3f, 0xd4, 0xe0, 0xd1, 0x0c, 0xff, 0x25, 0xff, 0xe8, 0xc0, 0x84, 0x25, 0x84, 0x32,
+	0xbd, 0x3c, 0x5f, 0xac, 0xdb, 0x8c, 0xa9, 0x08, 0x53, 0x5b, 0x90, 0xc2, 0x02, 0x68, 0xfd, 0x57,
+	0x1a, 0x5c, 0x4c, 0xf9, 0xcb, 0x53, 0x34, 0x8b, 0x67, 0x49, 0xdc, 0x55, 0x8a, 0x66, 0x61, 0xc9,
+	0x25, 0xe8, 0x75, 0xa8, 0xf2, 0xe7, 0x26, 0xd3, 0xb5, 0xe5, 0x04, 0xd6, 0x83, 0x09, 0x6c, 0xca,
+	0xf6, 0x07, 0x87, 0xcb, 0x57, 0x32, 0x8e, 0xed, 0x81, 0x18, 0x2b, 0x00, 0xb4, 0x0c, 0x15, 0xe2,
+	0x79, 0xae, 0x27, 0x93, 0xfd, 0x24, 0x9b, 0xa9, 0xbb, 0xac, 0x01, 0x8b, 0x76, 0xfd, 0xd7, 0x61,
+	0x90, 0xb2, 0xec, 0xcb, 0xfc, 0x63, 0x8b, 0x93, 0x4c, 0x8c, 0x6c, 0xe9, 0x30, 0x97, 0xa0, 0x01,
+	0x5c, 0xb0, 0x12, 0xe9, 0x5a, 0xee, 0xce, 0x7a, 0xb1, 0x69, 0x54, 0x66, 0x8d, 0x05, 0x09, 0x7f,
+	0x21, 0x29, 0xc1, 0xa9, 0x2e, 0x74, 0x02, 0x29, 0x2d, 0xf4, 0x06, 0x8c, 0xed, 0x52, 0xda, 0xcf,
+	0x78, 0x37, 0x38, 0xa1, 0x48, 0x84, 0x2e, 0x54, 0xf9, 0xe8, 0xda, 0xed, 0x26, 0xe6, 0x50, 0xfa,
+	0xef, 0x4b, 0x6a, 0x3e, 0xf8, 0x61, 0xeb, 0x9b, 0x6a, 0xb4, 0x2b, 0xb6, 0xe1, 0xfb, 0x3c, 0x85,
+	0x89, 0x8b, 0x81, 0xb9, 0x88, 0xe3, 0x4a, 0x86, 0x53, 0xda, 0xa8, 0x1d, 0x16, 0x4f, 0x6d, 0x94,
+	0xe2, 0x39, 0x95, 0x55, 0x38, 0xd1, 0x3d, 0x28, 0x53, 0xbb, 0xe8, 0x01, 0x5f, 0x22, 0xb6, 0xd7,
+	0x5a, 0x8d, 0x29, 0x39, 0xe5, 0xe5, 0xf6, 0x5a, 0x0b, 0x33, 0x08, 0xb4, 0x09, 0x15, 0x6f, 0x60,
+	0x13, 0x56, 0x07, 0xca, 0xc5, 0xeb, 0x0a, 0x9b, 0xc1, 0x70, 0xf3, 0xb1, 0x5f, 0x3e, 0x16, 0x38,
+	0xfa, 0x8f, 0x34, 0x98, 0x8e, 0x55, 0x0b, 0xe4, 0xc1, 0x79, 0x3b, 0xb2, 0x77, 0xe4, 0x3c, 0x3c,
+	0x37, 0xfc, 0xae, 0x93, 0x9b, 0x7e, 0x4e, 0xf6, 0x7b, 0x3e, 0x2a, 0xc3, 0xb1, 0x3e, 0x74, 0x03,
+	0x20, 0x1c, 0x36, 0xdb, 0x07, 0x2c, 0x78, 0xc5, 0x86, 0x97, 0xfb, 0x80, 0xc5, 0xb4, 0x8f, 0x45,
+	0x3b, 0xba, 0x09, 0xe0, 0x13, 0xd3, 0x23, 0x74, 0x23, 0x4c, 0x5c, 0xaa, 0x1c, 0xb7, 0x94, 0x04,
+	0x47, 0xb4, 0xf4, 0x3f, 0x69, 0x30, 0xbd, 0x41, 0xe8, 0xf7, 0x5d, 0x6f, 0xaf, 0xe9, 0xda, 0x96,
+	0x79, 0x70, 0x06, 0x24, 0x00, 0xc7, 0x48, 0xc0, 0x49, 0xf9, 0x32, 0xe6, 0x5d, 0x1e, 0x15, 0xd0,
+	0x3f, 0xd2, 0x60, 0x3e, 0xa6, 0x79, 0x37, 0xcc, 0x07, 0x2a, 0x41, 0x6b, 0x85, 0x12, 0x74, 0x0c,
+	0x86, 0x25, 0xb5, 0xec, 0x04, 0x8d, 0xd6, 0xa0, 0x44, 0x5d, 0x19, 0xbd, 0xc3, 0x61, 0x12, 0xe2,
+	0x85, 0x35, 0xa7, 0xed, 0xe2, 0x12, 0x75, 0xd9, 0x42, 0x2c, 0xc4, 0xb4, 0xa2, 0x19, 0xed, 0x21,
+	0x8d, 0x00, 0xc3, 0xd8, 0x8e, 0xe7, 0xf6, 0x46, 0x1e, 0x83, 0x5a, 0x88, 0x57, 0x3c, 0xb7, 0x87,
+	0x39, 0x96, 0xfe, 0xb1, 0x06, 0x17, 0x63, 0x9a, 0x67, 0xc0, 0x1b, 0xde, 0x88, 0xf3, 0x86, 0x6b,
+	0xc3, 0x0c, 0x24, 0x87, 0x3d, 0x7c, 0x5c, 0x4a, 0x0c, 0x83, 0x0d, 0x18, 0xed, 0xc0, 0x54, 0xdf,
+	0xed, 0xb4, 0x4e, 0xe1, 0xad, 0x77, 0x96, 0xf1, 0xb9, 0x66, 0x88, 0x85, 0xa3, 0xc0, 0xe8, 0x3e,
+	0x5c, 0x64, 0xd4, 0xc2, 0xef, 0x1b, 0x26, 0x69, 0x9d, 0xc2, 0xed, 0xd7, 0x23, 0xfc, 0x31, 0x29,
+	0x89, 0x88, 0xd3, 0x9d, 0xa0, 0x75, 0x98, 0xb0, 0xfa, 0xfc, 0x7c, 0x21, 0x89, 0xe4, 0x89, 0x24,
+	0x4c, 0x9c, 0x46, 0x44, 0x8a, 0x97, 0x3f, 0x70, 0x80, 0xa1, 0xff, 0x25, 0x19, 0x0d, 0x9c, 0xae,
+	0xbe, 0x1a, 0xa1, 0x07, 0xf2, 0xd9, 0x67, 0x34, 0x6a, 0xb0, 0x21, 0x99, 0xc8, 0xa8, 0xcc, 0xba,
+	0x9a, 0xe0, 0x2d, 0x5f, 0x81, 0x09, 0xe2, 0x74, 0x38, 0x59, 0x17, 0x77, 0x2a, 0x7c, 0x54, 0x77,
+	0x45, 0x13, 0x0e, 0x64, 0xfa, 0x8f, 0xcb, 0x89, 0x51, 0xf1, 0x32, 0xfb, 0xee, 0xa9, 0x05, 0x87,
+	0x22, 0xfc, 0xb9, 0x01, 0xb2, 0x1d, 0xd2, 0x3f, 0x11, 0xf3, 0xdf, 0x18, 0x26, 0xe6, 0xa3, 0xf5,
+	0x2f, 0x97, 0xfc, 0xa1, 0xef, 0xc0, 0x38, 0x11, 0x5d, 0x88, 0xaa, 0x7a, 0x6b, 0x98, 0x2e, 0xc2,
+	0xf4, 0x1b, 0x9e, 0xb3, 0x64, 0x9b, 0x44, 0x45, 0x2f, 0xb3, 0xf9, 0x62, 0xba, 0xec, 0x58, 0x22,
+	0xd8, 0xf3, 0x64, 0xe3, 0x31, 0x31, 0x6c, 0xd5, 0xfc, 0xe0, 0x70, 0x19, 0xc2, 0x9f, 0x38, 0x6a,
+	0xc1, 0x1f, 0xe2, 0xe4, 0x9d, 0xcd, 0xd9, 0x7c, 0xcc, 0x34, 0xdc, 0x43, 0x5c, 0xe8, 0xda, 0xa9,
+	0x3d, 0xc4, 0x45, 0x20, 0x8f, 0x3f, 0xc3, 0xfe, 0xa3, 0x04, 0x97, 0x42, 0xe5, 0xc2, 0x0f, 0x71,
+	0x19, 0x26, 0xff, 0xfb, 0xa0, 0xa9, 0xd8, 0xe3, 0x58, 0x38, 0x75, 0xff, 0x79, 0x8f, 0x63, 0xa1,
+	0x6f, 0x39, 0xd5, 0xee, 0x37, 0xa5, 0xe8, 0x00, 0x86, 0x7c, 0xa1, 0x39, 0x85, 0x6f, 0x7a, 0xbe,
+	0x74, 0x8f, 0x3c, 0xfa, 0x07, 0x63, 0x70, 0x21, 0xb9, 0x1b, 0x63, 0x17, 0xf9, 0xda, 0x89, 0x17,
+	0xf9, 0x4d, 0x98, 0xdb, 0x19, 0xd8, 0xf6, 0x01, 0x1f, 0x43, 0xe4, 0x36, 0x5f, 0x3c, 0x01, 0xfc,
+	0x9f, 0xb4, 0x9c, 0x7b, 0x25, 0x43, 0x07, 0x67, 0x5a, 0xa6, 0xef, 0xf5, 0xc7, 0xfe, 0xdd, 0x7b,
+	0xfd, 0xca, 0x08, 0xf7, 0xfa, 0x39, 0x17, 0xf1, 0x13, 0x23, 0x5c, 0xc4, 0x67, 0xbf, 0xb2, 0x94,
+	0x47, 0x7a, 0x65, 0x19, 0xe5, 0x52, 0x3f, 0x23, 0x1f, 0x9e, 0xf8, 0xad, 0xcb, 0x4b, 0x30, 0x13,
+	0x7f, 0xb3, 0x12, 0x61, 0x21, 0x9e, 0xcd, 0xe4, 0x0b, 0x51, 0x24, 0x2c, 0x44, 0x3b, 0x56, 0x1a,
+	0xfa, 0x91, 0x06, 0x97, 0xb3, 0xbf, 0x4d, 0x41, 0x36, 0xcc, 0xf4, 0x8c, 0xfb, 0xd1, 0xef, 0x85,
+	0xb4, 0x11, 0x89, 0x0f, 0x7f, 0x61, 0x58, 0x8f, 0x61, 0xe1, 0x04, 0x36, 0x7a, 0x1b, 0xaa, 0x3d,
+	0xe3, 0x7e, 0x6b, 0xe0, 0x75, 0xc9, 0xc8, 0x04, 0x8b, 0xef, 0xc8, 0x75, 0x89, 0x82, 0x15, 0x9e,
+	0xfe, 0x85, 0x06, 0xf3, 0x39, 0xef, 0x06, 0xff, 0x45, 0xa3, 0x7c, 0xaf, 0x04, 0x95, 0x96, 0x69,
+	0xd8, 0xe4, 0x0c, 0xb8, 0xc9, 0x6b, 0x31, 0x6e, 0x72, 0xd2, 0x37, 0xae, 0xdc, 0xab, 0x5c, 0x5a,
+	0x82, 0x13, 0xb4, 0xe4, 0xa9, 0x42, 0x68, 0xc7, 0x33, 0x92, 0xe7, 0x61, 0x52, 0x75, 0x3a, 0x5c,
+	0xa2, 0xd4, 0x7f, 0x59, 0x82, 0xa9, 0x48, 0x17, 0x43, 0xa6, 0xd9, 0x9d, 0x58, 0x6d, 0x29, 0x17,
+	0xb8, 0xb4, 0x89, 0xf4, 0x55, 0x0b, 0xaa, 0x89, 0xf8, 0x46, 0x23, 0x7c, 0x95, 0x4f, 0x17, 0x99,
+	0x97, 0x60, 0x86, 0x1a, 0x5e, 0x97, 0x50, 0x75, 0x02, 0x10, 0xf7, 0x95, 0xea, 0x63, 0xa1, 0x76,
+	0x4c, 0x8a, 0x13, 0xda, 0x8b, 0x2f, 0xc2, 0x74, 0xac, 0xb3, 0x61, 0x3e, 0xb1, 0x68, 0xac, 0x7c,
+	0xf2, 0xf9, 0xd2, 0xb9, 0x4f, 0x3f, 0x5f, 0x3a, 0xf7, 0xd9, 0xe7, 0x4b, 0xe7, 0x7e, 0x70, 0xb4,
+	0xa4, 0x7d, 0x72, 0xb4, 0xa4, 0x7d, 0x7a, 0xb4, 0xa4, 0x7d, 0x76, 0xb4, 0xa4, 0xfd, 0xed, 0x68,
+	0x49, 0xfb, 0xe9, 0x17, 0x4b, 0xe7, 0xde, 0x7e, 0xec, 0xd8, 0xff, 0x71, 0xf1, 0xaf, 0x00, 0x00,
+	0x00, 0xff, 0xff, 0x6a, 0x79, 0xb9, 0xab, 0x91, 0x31, 0x00, 0x00,
 }
 
 func (m *DaemonSet) Marshal() (dAtA []byte, err error) {
@@ -2208,6 +2210,11 @@ func (m *DeploymentStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.TerminatingReplicas != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.TerminatingReplicas))
+		i--
+		dAtA[i] = 0x48
+	}
 	if m.CollisionCount != nil {
 		i = encodeVarintGenerated(dAtA, i, uint64(*m.CollisionCount))
 		i--
@@ -3486,6 +3493,11 @@ func (m *ReplicaSetStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.TerminatingReplicas != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.TerminatingReplicas))
+		i--
+		dAtA[i] = 0x38
+	}
 	if len(m.Conditions) > 0 {
 		for iNdEx := len(m.Conditions) - 1; iNdEx >= 0; iNdEx-- {
 			{
@@ -4024,6 +4036,9 @@ func (m *DeploymentStatus) Size() (n int) {
 	if m.CollisionCount != nil {
 		n += 1 + sovGenerated(uint64(*m.CollisionCount))
 	}
+	if m.TerminatingReplicas != nil {
+		n += 1 + sovGenerated(uint64(*m.TerminatingReplicas))
+	}
 	return n
 }
 
@@ -4502,6 +4517,9 @@ func (m *ReplicaSetStatus) Size() (n int) {
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
+	if m.TerminatingReplicas != nil {
+		n += 1 + sovGenerated(uint64(*m.TerminatingReplicas))
+	}
 	return n
 }
 
@@ -4793,6 +4811,7 @@ func (this *DeploymentStatus) String() string {
 		`Conditions:` + repeatedStringForConditions + `,`,
 		`ReadyReplicas:` + fmt.Sprintf("%v", this.ReadyReplicas) + `,`,
 		`CollisionCount:` + valueToStringGenerated(this.CollisionCount) + `,`,
+		`TerminatingReplicas:` + valueToStringGenerated(this.TerminatingReplicas) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -5182,6 +5201,7 @@ func (this *ReplicaSetStatus) String() string {
 		`ReadyReplicas:` + fmt.Sprintf("%v", this.ReadyReplicas) + `,`,
 		`AvailableReplicas:` + fmt.Sprintf("%v", this.AvailableReplicas) + `,`,
 		`Conditions:` + repeatedStringForConditions + `,`,
+		`TerminatingReplicas:` + valueToStringGenerated(this.TerminatingReplicas) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -7567,6 +7587,26 @@ func (m *DeploymentStatus) Unmarshal(dAtA []byte) error {
 				}
 			}
 			m.CollisionCount = &v
+		case 9:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TerminatingReplicas", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.TerminatingReplicas = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -11162,6 +11202,26 @@ func (m *ReplicaSetStatus) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 7:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TerminatingReplicas", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.TerminatingReplicas = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/extensions/v1beta1/generated.proto b/vendor/k8s.io/api/extensions/v1beta1/generated.proto
index 9bbcaa0e26..70fcec0cc5 100644
--- a/vendor/k8s.io/api/extensions/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/extensions/v1beta1/generated.proto
@@ -320,19 +320,19 @@ message DeploymentStatus {
   // +optional
   optional int64 observedGeneration = 1;
 
-  // Total number of non-terminated pods targeted by this deployment (their labels match the selector).
+  // Total number of non-terminating pods targeted by this deployment (their labels match the selector).
   // +optional
   optional int32 replicas = 2;
 
-  // Total number of non-terminated pods targeted by this deployment that have the desired template spec.
+  // Total number of non-terminating pods targeted by this deployment that have the desired template spec.
   // +optional
   optional int32 updatedReplicas = 3;
 
-  // Total number of ready pods targeted by this deployment.
+  // Total number of non-terminating pods targeted by this Deployment with a Ready Condition.
   // +optional
   optional int32 readyReplicas = 7;
 
-  // Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+  // Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.
   // +optional
   optional int32 availableReplicas = 4;
 
@@ -342,6 +342,13 @@ message DeploymentStatus {
   // +optional
   optional int32 unavailableReplicas = 5;
 
+  // Total number of terminating pods targeted by this deployment. Terminating pods have a non-null
+  // .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.
+  //
+  // This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+  // +optional
+  optional int32 terminatingReplicas = 9;
+
   // Represents the latest available observations of a deployment's current state.
   // +patchMergeKey=type
   // +patchStrategy=merge
@@ -863,16 +870,16 @@ message ReplicaSetList {
   optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
 
   // List of ReplicaSets.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
   repeated ReplicaSet items = 2;
 }
 
 // ReplicaSetSpec is the specification of a ReplicaSet.
 message ReplicaSetSpec {
-  // Replicas is the number of desired replicas.
+  // Replicas is the number of desired pods.
   // This is a pointer to distinguish between explicit zero and unspecified.
   // Defaults to 1.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
   // +optional
   optional int32 replicas = 1;
 
@@ -891,29 +898,36 @@ message ReplicaSetSpec {
 
   // Template is the object that describes the pod that will be created if
   // insufficient replicas are detected.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/#pod-template
   // +optional
   optional .k8s.io.api.core.v1.PodTemplateSpec template = 3;
 }
 
 // ReplicaSetStatus represents the current status of a ReplicaSet.
 message ReplicaSetStatus {
-  // Replicas is the most recently observed number of replicas.
-  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+  // Replicas is the most recently observed number of non-terminating pods.
+  // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
   optional int32 replicas = 1;
 
-  // The number of pods that have labels matching the labels of the pod template of the replicaset.
+  // The number of non-terminating pods that have labels matching the labels of the pod template of the replicaset.
   // +optional
   optional int32 fullyLabeledReplicas = 2;
 
-  // The number of ready replicas for this replica set.
+  // The number of non-terminating pods targeted by this ReplicaSet with a Ready Condition.
   // +optional
   optional int32 readyReplicas = 4;
 
-  // The number of available replicas (ready for at least minReadySeconds) for this replica set.
+  // The number of available non-terminating pods (ready for at least minReadySeconds) for this replica set.
   // +optional
   optional int32 availableReplicas = 5;
 
+  // The number of terminating pods for this replica set. Terminating pods have a non-null .metadata.deletionTimestamp
+  // and have not yet reached the Failed or Succeeded .status.phase.
+  //
+  // This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+  // +optional
+  optional int32 terminatingReplicas = 7;
+
   // ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
   // +optional
   optional int64 observedGeneration = 3;
diff --git a/vendor/k8s.io/api/extensions/v1beta1/types.go b/vendor/k8s.io/api/extensions/v1beta1/types.go
index 09f58692f4..b80a7a7e16 100644
--- a/vendor/k8s.io/api/extensions/v1beta1/types.go
+++ b/vendor/k8s.io/api/extensions/v1beta1/types.go
@@ -245,19 +245,19 @@ type DeploymentStatus struct {
 	// +optional
 	ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,1,opt,name=observedGeneration"`
 
-	// Total number of non-terminated pods targeted by this deployment (their labels match the selector).
+	// Total number of non-terminating pods targeted by this deployment (their labels match the selector).
 	// +optional
 	Replicas int32 `json:"replicas,omitempty" protobuf:"varint,2,opt,name=replicas"`
 
-	// Total number of non-terminated pods targeted by this deployment that have the desired template spec.
+	// Total number of non-terminating pods targeted by this deployment that have the desired template spec.
 	// +optional
 	UpdatedReplicas int32 `json:"updatedReplicas,omitempty" protobuf:"varint,3,opt,name=updatedReplicas"`
 
-	// Total number of ready pods targeted by this deployment.
+	// Total number of non-terminating pods targeted by this Deployment with a Ready Condition.
 	// +optional
 	ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,7,opt,name=readyReplicas"`
 
-	// Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+	// Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.
 	// +optional
 	AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,4,opt,name=availableReplicas"`
 
@@ -267,6 +267,13 @@ type DeploymentStatus struct {
 	// +optional
 	UnavailableReplicas int32 `json:"unavailableReplicas,omitempty" protobuf:"varint,5,opt,name=unavailableReplicas"`
 
+	// Total number of terminating pods targeted by this deployment. Terminating pods have a non-null
+	// .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.
+	//
+	// This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+	// +optional
+	TerminatingReplicas *int32 `json:"terminatingReplicas,omitempty" protobuf:"varint,9,opt,name=terminatingReplicas"`
+
 	// Represents the latest available observations of a deployment's current state.
 	// +patchMergeKey=type
 	// +patchStrategy=merge
@@ -941,16 +948,16 @@ type ReplicaSetList struct {
 	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
 
 	// List of ReplicaSets.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
 	Items []ReplicaSet `json:"items" protobuf:"bytes,2,rep,name=items"`
 }
 
 // ReplicaSetSpec is the specification of a ReplicaSet.
 type ReplicaSetSpec struct {
-	// Replicas is the number of desired replicas.
+	// Replicas is the number of desired pods.
 	// This is a pointer to distinguish between explicit zero and unspecified.
 	// Defaults to 1.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
 	// +optional
 	Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"`
 
@@ -969,29 +976,36 @@ type ReplicaSetSpec struct {
 
 	// Template is the object that describes the pod that will be created if
 	// insufficient replicas are detected.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/#pod-template
 	// +optional
 	Template v1.PodTemplateSpec `json:"template,omitempty" protobuf:"bytes,3,opt,name=template"`
 }
 
 // ReplicaSetStatus represents the current status of a ReplicaSet.
 type ReplicaSetStatus struct {
-	// Replicas is the most recently observed number of replicas.
-	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+	// Replicas is the most recently observed number of non-terminating pods.
+	// More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset
 	Replicas int32 `json:"replicas" protobuf:"varint,1,opt,name=replicas"`
 
-	// The number of pods that have labels matching the labels of the pod template of the replicaset.
+	// The number of non-terminating pods that have labels matching the labels of the pod template of the replicaset.
 	// +optional
 	FullyLabeledReplicas int32 `json:"fullyLabeledReplicas,omitempty" protobuf:"varint,2,opt,name=fullyLabeledReplicas"`
 
-	// The number of ready replicas for this replica set.
+	// The number of non-terminating pods targeted by this ReplicaSet with a Ready Condition.
 	// +optional
 	ReadyReplicas int32 `json:"readyReplicas,omitempty" protobuf:"varint,4,opt,name=readyReplicas"`
 
-	// The number of available replicas (ready for at least minReadySeconds) for this replica set.
+	// The number of available non-terminating pods (ready for at least minReadySeconds) for this replica set.
 	// +optional
 	AvailableReplicas int32 `json:"availableReplicas,omitempty" protobuf:"varint,5,opt,name=availableReplicas"`
 
+	// The number of terminating pods for this replica set. Terminating pods have a non-null .metadata.deletionTimestamp
+	// and have not yet reached the Failed or Succeeded .status.phase.
+	//
+	// This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.
+	// +optional
+	TerminatingReplicas *int32 `json:"terminatingReplicas,omitempty" protobuf:"varint,7,opt,name=terminatingReplicas"`
+
 	// ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
 	// +optional
 	ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,3,opt,name=observedGeneration"`
diff --git a/vendor/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go
index 408022c9d8..923fab3aa1 100644
--- a/vendor/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/extensions/v1beta1/types_swagger_doc_generated.go
@@ -169,11 +169,12 @@ func (DeploymentSpec) SwaggerDoc() map[string]string {
 var map_DeploymentStatus = map[string]string{
 	"":                    "DeploymentStatus is the most recently observed status of the Deployment.",
 	"observedGeneration":  "The generation observed by the deployment controller.",
-	"replicas":            "Total number of non-terminated pods targeted by this deployment (their labels match the selector).",
-	"updatedReplicas":     "Total number of non-terminated pods targeted by this deployment that have the desired template spec.",
-	"readyReplicas":       "Total number of ready pods targeted by this deployment.",
-	"availableReplicas":   "Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.",
+	"replicas":            "Total number of non-terminating pods targeted by this deployment (their labels match the selector).",
+	"updatedReplicas":     "Total number of non-terminating pods targeted by this deployment that have the desired template spec.",
+	"readyReplicas":       "Total number of non-terminating pods targeted by this Deployment with a Ready Condition.",
+	"availableReplicas":   "Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment.",
 	"unavailableReplicas": "Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.",
+	"terminatingReplicas": "Total number of terminating pods targeted by this deployment. Terminating pods have a non-null .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.\n\nThis is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.",
 	"conditions":          "Represents the latest available observations of a deployment's current state.",
 	"collisionCount":      "Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.",
 }
@@ -435,7 +436,7 @@ func (ReplicaSetCondition) SwaggerDoc() map[string]string {
 var map_ReplicaSetList = map[string]string{
 	"":         "ReplicaSetList is a collection of ReplicaSets.",
 	"metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
-	"items":    "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller",
+	"items":    "List of ReplicaSets. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset",
 }
 
 func (ReplicaSetList) SwaggerDoc() map[string]string {
@@ -444,10 +445,10 @@ func (ReplicaSetList) SwaggerDoc() map[string]string {
 
 var map_ReplicaSetSpec = map[string]string{
 	"":                "ReplicaSetSpec is the specification of a ReplicaSet.",
-	"replicas":        "Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller",
+	"replicas":        "Replicas is the number of desired pods. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset",
 	"minReadySeconds": "Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)",
 	"selector":        "Selector is a label query over pods that should match the replica count. If the selector is empty, it is defaulted to the labels present on the pod template. Label keys and values that must match in order to be controlled by this replica set. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors",
-	"template":        "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template",
+	"template":        "Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/#pod-template",
 }
 
 func (ReplicaSetSpec) SwaggerDoc() map[string]string {
@@ -456,10 +457,11 @@ func (ReplicaSetSpec) SwaggerDoc() map[string]string {
 
 var map_ReplicaSetStatus = map[string]string{
 	"":                     "ReplicaSetStatus represents the current status of a ReplicaSet.",
-	"replicas":             "Replicas is the most recently observed number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller",
-	"fullyLabeledReplicas": "The number of pods that have labels matching the labels of the pod template of the replicaset.",
-	"readyReplicas":        "The number of ready replicas for this replica set.",
-	"availableReplicas":    "The number of available replicas (ready for at least minReadySeconds) for this replica set.",
+	"replicas":             "Replicas is the most recently observed number of non-terminating pods. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset",
+	"fullyLabeledReplicas": "The number of non-terminating pods that have labels matching the labels of the pod template of the replicaset.",
+	"readyReplicas":        "The number of non-terminating pods targeted by this ReplicaSet with a Ready Condition.",
+	"availableReplicas":    "The number of available non-terminating pods (ready for at least minReadySeconds) for this replica set.",
+	"terminatingReplicas":  "The number of terminating pods for this replica set. Terminating pods have a non-null .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase.\n\nThis is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field.",
 	"observedGeneration":   "ObservedGeneration reflects the generation of the most recently observed ReplicaSet.",
 	"conditions":           "Represents the latest available observations of a replica set's current state.",
 }
diff --git a/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
index 6b474ae483..2c7a8524ea 100644
--- a/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/extensions/v1beta1/zz_generated.deepcopy.go
@@ -341,6 +341,11 @@ func (in *DeploymentSpec) DeepCopy() *DeploymentSpec {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) {
 	*out = *in
+	if in.TerminatingReplicas != nil {
+		in, out := &in.TerminatingReplicas, &out.TerminatingReplicas
+		*out = new(int32)
+		**out = **in
+	}
 	if in.Conditions != nil {
 		in, out := &in.Conditions, &out.Conditions
 		*out = make([]DeploymentCondition, len(*in))
@@ -1045,6 +1050,11 @@ func (in *ReplicaSetSpec) DeepCopy() *ReplicaSetSpec {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ReplicaSetStatus) DeepCopyInto(out *ReplicaSetStatus) {
 	*out = *in
+	if in.TerminatingReplicas != nil {
+		in, out := &in.TerminatingReplicas, &out.TerminatingReplicas
+		*out = new(int32)
+		**out = **in
+	}
 	if in.Conditions != nil {
 		in, out := &in.Conditions, &out.Conditions
 		*out = make([]ReplicaSetCondition, len(*in))
diff --git a/vendor/k8s.io/api/flowcontrol/v1/doc.go b/vendor/k8s.io/api/flowcontrol/v1/doc.go
index c9e7db1589..ad5f457919 100644
--- a/vendor/k8s.io/api/flowcontrol/v1/doc.go
+++ b/vendor/k8s.io/api/flowcontrol/v1/doc.go
@@ -22,4 +22,4 @@ limitations under the License.
 // +groupName=flowcontrol.apiserver.k8s.io
 
 // Package v1 holds api types of version v1 for group "flowcontrol.apiserver.k8s.io".
-package v1 // import "k8s.io/api/flowcontrol/v1"
+package v1
diff --git a/vendor/k8s.io/api/flowcontrol/v1beta1/doc.go b/vendor/k8s.io/api/flowcontrol/v1beta1/doc.go
index 50897b7eb5..20268c1f2d 100644
--- a/vendor/k8s.io/api/flowcontrol/v1beta1/doc.go
+++ b/vendor/k8s.io/api/flowcontrol/v1beta1/doc.go
@@ -22,4 +22,4 @@ limitations under the License.
 // +groupName=flowcontrol.apiserver.k8s.io
 
 // Package v1beta1 holds api types of version v1alpha1 for group "flowcontrol.apiserver.k8s.io".
-package v1beta1 // import "k8s.io/api/flowcontrol/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/flowcontrol/v1beta2/doc.go b/vendor/k8s.io/api/flowcontrol/v1beta2/doc.go
index 53b460d374..2dcad11ad9 100644
--- a/vendor/k8s.io/api/flowcontrol/v1beta2/doc.go
+++ b/vendor/k8s.io/api/flowcontrol/v1beta2/doc.go
@@ -22,4 +22,4 @@ limitations under the License.
 // +groupName=flowcontrol.apiserver.k8s.io
 
 // Package v1beta2 holds api types of version v1alpha1 for group "flowcontrol.apiserver.k8s.io".
-package v1beta2 // import "k8s.io/api/flowcontrol/v1beta2"
+package v1beta2
diff --git a/vendor/k8s.io/api/flowcontrol/v1beta3/doc.go b/vendor/k8s.io/api/flowcontrol/v1beta3/doc.go
index cd60cfef7f..95f4430d38 100644
--- a/vendor/k8s.io/api/flowcontrol/v1beta3/doc.go
+++ b/vendor/k8s.io/api/flowcontrol/v1beta3/doc.go
@@ -22,4 +22,4 @@ limitations under the License.
 // +groupName=flowcontrol.apiserver.k8s.io
 
 // Package v1beta3 holds api types of version v1beta3 for group "flowcontrol.apiserver.k8s.io".
-package v1beta3 // import "k8s.io/api/flowcontrol/v1beta3"
+package v1beta3
diff --git a/vendor/k8s.io/api/imagepolicy/v1alpha1/doc.go b/vendor/k8s.io/api/imagepolicy/v1alpha1/doc.go
index 5db6d52d47..f5fbbdbf0c 100644
--- a/vendor/k8s.io/api/imagepolicy/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/imagepolicy/v1alpha1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 
 // +groupName=imagepolicy.k8s.io
 
-package v1alpha1 // import "k8s.io/api/imagepolicy/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/api/networking/v1/doc.go b/vendor/k8s.io/api/networking/v1/doc.go
index 1d13e7bab3..e2093b7df6 100644
--- a/vendor/k8s.io/api/networking/v1/doc.go
+++ b/vendor/k8s.io/api/networking/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=networking.k8s.io
 
-package v1 // import "k8s.io/api/networking/v1"
+package v1
diff --git a/vendor/k8s.io/api/networking/v1/generated.pb.go b/vendor/k8s.io/api/networking/v1/generated.pb.go
index 7c023e6903..062382b633 100644
--- a/vendor/k8s.io/api/networking/v1/generated.pb.go
+++ b/vendor/k8s.io/api/networking/v1/generated.pb.go
@@ -104,10 +104,94 @@ func (m *HTTPIngressRuleValue) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_HTTPIngressRuleValue proto.InternalMessageInfo
 
+func (m *IPAddress) Reset()      { *m = IPAddress{} }
+func (*IPAddress) ProtoMessage() {}
+func (*IPAddress) Descriptor() ([]byte, []int) {
+	return fileDescriptor_2c41434372fec1d7, []int{2}
+}
+func (m *IPAddress) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *IPAddress) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *IPAddress) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_IPAddress.Merge(m, src)
+}
+func (m *IPAddress) XXX_Size() int {
+	return m.Size()
+}
+func (m *IPAddress) XXX_DiscardUnknown() {
+	xxx_messageInfo_IPAddress.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_IPAddress proto.InternalMessageInfo
+
+func (m *IPAddressList) Reset()      { *m = IPAddressList{} }
+func (*IPAddressList) ProtoMessage() {}
+func (*IPAddressList) Descriptor() ([]byte, []int) {
+	return fileDescriptor_2c41434372fec1d7, []int{3}
+}
+func (m *IPAddressList) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *IPAddressList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *IPAddressList) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_IPAddressList.Merge(m, src)
+}
+func (m *IPAddressList) XXX_Size() int {
+	return m.Size()
+}
+func (m *IPAddressList) XXX_DiscardUnknown() {
+	xxx_messageInfo_IPAddressList.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_IPAddressList proto.InternalMessageInfo
+
+func (m *IPAddressSpec) Reset()      { *m = IPAddressSpec{} }
+func (*IPAddressSpec) ProtoMessage() {}
+func (*IPAddressSpec) Descriptor() ([]byte, []int) {
+	return fileDescriptor_2c41434372fec1d7, []int{4}
+}
+func (m *IPAddressSpec) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *IPAddressSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *IPAddressSpec) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_IPAddressSpec.Merge(m, src)
+}
+func (m *IPAddressSpec) XXX_Size() int {
+	return m.Size()
+}
+func (m *IPAddressSpec) XXX_DiscardUnknown() {
+	xxx_messageInfo_IPAddressSpec.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_IPAddressSpec proto.InternalMessageInfo
+
 func (m *IPBlock) Reset()      { *m = IPBlock{} }
 func (*IPBlock) ProtoMessage() {}
 func (*IPBlock) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{2}
+	return fileDescriptor_2c41434372fec1d7, []int{5}
 }
 func (m *IPBlock) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -135,7 +219,7 @@ var xxx_messageInfo_IPBlock proto.InternalMessageInfo
 func (m *Ingress) Reset()      { *m = Ingress{} }
 func (*Ingress) ProtoMessage() {}
 func (*Ingress) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{3}
+	return fileDescriptor_2c41434372fec1d7, []int{6}
 }
 func (m *Ingress) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -163,7 +247,7 @@ var xxx_messageInfo_Ingress proto.InternalMessageInfo
 func (m *IngressBackend) Reset()      { *m = IngressBackend{} }
 func (*IngressBackend) ProtoMessage() {}
 func (*IngressBackend) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{4}
+	return fileDescriptor_2c41434372fec1d7, []int{7}
 }
 func (m *IngressBackend) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -191,7 +275,7 @@ var xxx_messageInfo_IngressBackend proto.InternalMessageInfo
 func (m *IngressClass) Reset()      { *m = IngressClass{} }
 func (*IngressClass) ProtoMessage() {}
 func (*IngressClass) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{5}
+	return fileDescriptor_2c41434372fec1d7, []int{8}
 }
 func (m *IngressClass) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -219,7 +303,7 @@ var xxx_messageInfo_IngressClass proto.InternalMessageInfo
 func (m *IngressClassList) Reset()      { *m = IngressClassList{} }
 func (*IngressClassList) ProtoMessage() {}
 func (*IngressClassList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{6}
+	return fileDescriptor_2c41434372fec1d7, []int{9}
 }
 func (m *IngressClassList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -247,7 +331,7 @@ var xxx_messageInfo_IngressClassList proto.InternalMessageInfo
 func (m *IngressClassParametersReference) Reset()      { *m = IngressClassParametersReference{} }
 func (*IngressClassParametersReference) ProtoMessage() {}
 func (*IngressClassParametersReference) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{7}
+	return fileDescriptor_2c41434372fec1d7, []int{10}
 }
 func (m *IngressClassParametersReference) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -275,7 +359,7 @@ var xxx_messageInfo_IngressClassParametersReference proto.InternalMessageInfo
 func (m *IngressClassSpec) Reset()      { *m = IngressClassSpec{} }
 func (*IngressClassSpec) ProtoMessage() {}
 func (*IngressClassSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{8}
+	return fileDescriptor_2c41434372fec1d7, []int{11}
 }
 func (m *IngressClassSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -303,7 +387,7 @@ var xxx_messageInfo_IngressClassSpec proto.InternalMessageInfo
 func (m *IngressList) Reset()      { *m = IngressList{} }
 func (*IngressList) ProtoMessage() {}
 func (*IngressList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{9}
+	return fileDescriptor_2c41434372fec1d7, []int{12}
 }
 func (m *IngressList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -331,7 +415,7 @@ var xxx_messageInfo_IngressList proto.InternalMessageInfo
 func (m *IngressLoadBalancerIngress) Reset()      { *m = IngressLoadBalancerIngress{} }
 func (*IngressLoadBalancerIngress) ProtoMessage() {}
 func (*IngressLoadBalancerIngress) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{10}
+	return fileDescriptor_2c41434372fec1d7, []int{13}
 }
 func (m *IngressLoadBalancerIngress) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -359,7 +443,7 @@ var xxx_messageInfo_IngressLoadBalancerIngress proto.InternalMessageInfo
 func (m *IngressLoadBalancerStatus) Reset()      { *m = IngressLoadBalancerStatus{} }
 func (*IngressLoadBalancerStatus) ProtoMessage() {}
 func (*IngressLoadBalancerStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{11}
+	return fileDescriptor_2c41434372fec1d7, []int{14}
 }
 func (m *IngressLoadBalancerStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -387,7 +471,7 @@ var xxx_messageInfo_IngressLoadBalancerStatus proto.InternalMessageInfo
 func (m *IngressPortStatus) Reset()      { *m = IngressPortStatus{} }
 func (*IngressPortStatus) ProtoMessage() {}
 func (*IngressPortStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{12}
+	return fileDescriptor_2c41434372fec1d7, []int{15}
 }
 func (m *IngressPortStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -415,7 +499,7 @@ var xxx_messageInfo_IngressPortStatus proto.InternalMessageInfo
 func (m *IngressRule) Reset()      { *m = IngressRule{} }
 func (*IngressRule) ProtoMessage() {}
 func (*IngressRule) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{13}
+	return fileDescriptor_2c41434372fec1d7, []int{16}
 }
 func (m *IngressRule) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -443,7 +527,7 @@ var xxx_messageInfo_IngressRule proto.InternalMessageInfo
 func (m *IngressRuleValue) Reset()      { *m = IngressRuleValue{} }
 func (*IngressRuleValue) ProtoMessage() {}
 func (*IngressRuleValue) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{14}
+	return fileDescriptor_2c41434372fec1d7, []int{17}
 }
 func (m *IngressRuleValue) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -471,7 +555,7 @@ var xxx_messageInfo_IngressRuleValue proto.InternalMessageInfo
 func (m *IngressServiceBackend) Reset()      { *m = IngressServiceBackend{} }
 func (*IngressServiceBackend) ProtoMessage() {}
 func (*IngressServiceBackend) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{15}
+	return fileDescriptor_2c41434372fec1d7, []int{18}
 }
 func (m *IngressServiceBackend) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -499,7 +583,7 @@ var xxx_messageInfo_IngressServiceBackend proto.InternalMessageInfo
 func (m *IngressSpec) Reset()      { *m = IngressSpec{} }
 func (*IngressSpec) ProtoMessage() {}
 func (*IngressSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{16}
+	return fileDescriptor_2c41434372fec1d7, []int{19}
 }
 func (m *IngressSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -527,7 +611,7 @@ var xxx_messageInfo_IngressSpec proto.InternalMessageInfo
 func (m *IngressStatus) Reset()      { *m = IngressStatus{} }
 func (*IngressStatus) ProtoMessage() {}
 func (*IngressStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{17}
+	return fileDescriptor_2c41434372fec1d7, []int{20}
 }
 func (m *IngressStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -555,7 +639,7 @@ var xxx_messageInfo_IngressStatus proto.InternalMessageInfo
 func (m *IngressTLS) Reset()      { *m = IngressTLS{} }
 func (*IngressTLS) ProtoMessage() {}
 func (*IngressTLS) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{18}
+	return fileDescriptor_2c41434372fec1d7, []int{21}
 }
 func (m *IngressTLS) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -583,7 +667,7 @@ var xxx_messageInfo_IngressTLS proto.InternalMessageInfo
 func (m *NetworkPolicy) Reset()      { *m = NetworkPolicy{} }
 func (*NetworkPolicy) ProtoMessage() {}
 func (*NetworkPolicy) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{19}
+	return fileDescriptor_2c41434372fec1d7, []int{22}
 }
 func (m *NetworkPolicy) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -611,7 +695,7 @@ var xxx_messageInfo_NetworkPolicy proto.InternalMessageInfo
 func (m *NetworkPolicyEgressRule) Reset()      { *m = NetworkPolicyEgressRule{} }
 func (*NetworkPolicyEgressRule) ProtoMessage() {}
 func (*NetworkPolicyEgressRule) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{20}
+	return fileDescriptor_2c41434372fec1d7, []int{23}
 }
 func (m *NetworkPolicyEgressRule) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -639,7 +723,7 @@ var xxx_messageInfo_NetworkPolicyEgressRule proto.InternalMessageInfo
 func (m *NetworkPolicyIngressRule) Reset()      { *m = NetworkPolicyIngressRule{} }
 func (*NetworkPolicyIngressRule) ProtoMessage() {}
 func (*NetworkPolicyIngressRule) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{21}
+	return fileDescriptor_2c41434372fec1d7, []int{24}
 }
 func (m *NetworkPolicyIngressRule) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -667,7 +751,7 @@ var xxx_messageInfo_NetworkPolicyIngressRule proto.InternalMessageInfo
 func (m *NetworkPolicyList) Reset()      { *m = NetworkPolicyList{} }
 func (*NetworkPolicyList) ProtoMessage() {}
 func (*NetworkPolicyList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{22}
+	return fileDescriptor_2c41434372fec1d7, []int{25}
 }
 func (m *NetworkPolicyList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -695,7 +779,7 @@ var xxx_messageInfo_NetworkPolicyList proto.InternalMessageInfo
 func (m *NetworkPolicyPeer) Reset()      { *m = NetworkPolicyPeer{} }
 func (*NetworkPolicyPeer) ProtoMessage() {}
 func (*NetworkPolicyPeer) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{23}
+	return fileDescriptor_2c41434372fec1d7, []int{26}
 }
 func (m *NetworkPolicyPeer) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -723,7 +807,7 @@ var xxx_messageInfo_NetworkPolicyPeer proto.InternalMessageInfo
 func (m *NetworkPolicyPort) Reset()      { *m = NetworkPolicyPort{} }
 func (*NetworkPolicyPort) ProtoMessage() {}
 func (*NetworkPolicyPort) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{24}
+	return fileDescriptor_2c41434372fec1d7, []int{27}
 }
 func (m *NetworkPolicyPort) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -751,7 +835,7 @@ var xxx_messageInfo_NetworkPolicyPort proto.InternalMessageInfo
 func (m *NetworkPolicySpec) Reset()      { *m = NetworkPolicySpec{} }
 func (*NetworkPolicySpec) ProtoMessage() {}
 func (*NetworkPolicySpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{25}
+	return fileDescriptor_2c41434372fec1d7, []int{28}
 }
 func (m *NetworkPolicySpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -776,10 +860,38 @@ func (m *NetworkPolicySpec) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_NetworkPolicySpec proto.InternalMessageInfo
 
+func (m *ParentReference) Reset()      { *m = ParentReference{} }
+func (*ParentReference) ProtoMessage() {}
+func (*ParentReference) Descriptor() ([]byte, []int) {
+	return fileDescriptor_2c41434372fec1d7, []int{29}
+}
+func (m *ParentReference) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ParentReference) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ParentReference) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ParentReference.Merge(m, src)
+}
+func (m *ParentReference) XXX_Size() int {
+	return m.Size()
+}
+func (m *ParentReference) XXX_DiscardUnknown() {
+	xxx_messageInfo_ParentReference.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ParentReference proto.InternalMessageInfo
+
 func (m *ServiceBackendPort) Reset()      { *m = ServiceBackendPort{} }
 func (*ServiceBackendPort) ProtoMessage() {}
 func (*ServiceBackendPort) Descriptor() ([]byte, []int) {
-	return fileDescriptor_2c41434372fec1d7, []int{26}
+	return fileDescriptor_2c41434372fec1d7, []int{30}
 }
 func (m *ServiceBackendPort) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -804,9 +916,124 @@ func (m *ServiceBackendPort) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_ServiceBackendPort proto.InternalMessageInfo
 
+func (m *ServiceCIDR) Reset()      { *m = ServiceCIDR{} }
+func (*ServiceCIDR) ProtoMessage() {}
+func (*ServiceCIDR) Descriptor() ([]byte, []int) {
+	return fileDescriptor_2c41434372fec1d7, []int{31}
+}
+func (m *ServiceCIDR) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ServiceCIDR) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ServiceCIDR) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ServiceCIDR.Merge(m, src)
+}
+func (m *ServiceCIDR) XXX_Size() int {
+	return m.Size()
+}
+func (m *ServiceCIDR) XXX_DiscardUnknown() {
+	xxx_messageInfo_ServiceCIDR.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ServiceCIDR proto.InternalMessageInfo
+
+func (m *ServiceCIDRList) Reset()      { *m = ServiceCIDRList{} }
+func (*ServiceCIDRList) ProtoMessage() {}
+func (*ServiceCIDRList) Descriptor() ([]byte, []int) {
+	return fileDescriptor_2c41434372fec1d7, []int{32}
+}
+func (m *ServiceCIDRList) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ServiceCIDRList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ServiceCIDRList) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ServiceCIDRList.Merge(m, src)
+}
+func (m *ServiceCIDRList) XXX_Size() int {
+	return m.Size()
+}
+func (m *ServiceCIDRList) XXX_DiscardUnknown() {
+	xxx_messageInfo_ServiceCIDRList.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ServiceCIDRList proto.InternalMessageInfo
+
+func (m *ServiceCIDRSpec) Reset()      { *m = ServiceCIDRSpec{} }
+func (*ServiceCIDRSpec) ProtoMessage() {}
+func (*ServiceCIDRSpec) Descriptor() ([]byte, []int) {
+	return fileDescriptor_2c41434372fec1d7, []int{33}
+}
+func (m *ServiceCIDRSpec) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ServiceCIDRSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ServiceCIDRSpec) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ServiceCIDRSpec.Merge(m, src)
+}
+func (m *ServiceCIDRSpec) XXX_Size() int {
+	return m.Size()
+}
+func (m *ServiceCIDRSpec) XXX_DiscardUnknown() {
+	xxx_messageInfo_ServiceCIDRSpec.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ServiceCIDRSpec proto.InternalMessageInfo
+
+func (m *ServiceCIDRStatus) Reset()      { *m = ServiceCIDRStatus{} }
+func (*ServiceCIDRStatus) ProtoMessage() {}
+func (*ServiceCIDRStatus) Descriptor() ([]byte, []int) {
+	return fileDescriptor_2c41434372fec1d7, []int{34}
+}
+func (m *ServiceCIDRStatus) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ServiceCIDRStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ServiceCIDRStatus) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ServiceCIDRStatus.Merge(m, src)
+}
+func (m *ServiceCIDRStatus) XXX_Size() int {
+	return m.Size()
+}
+func (m *ServiceCIDRStatus) XXX_DiscardUnknown() {
+	xxx_messageInfo_ServiceCIDRStatus.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ServiceCIDRStatus proto.InternalMessageInfo
+
 func init() {
 	proto.RegisterType((*HTTPIngressPath)(nil), "k8s.io.api.networking.v1.HTTPIngressPath")
 	proto.RegisterType((*HTTPIngressRuleValue)(nil), "k8s.io.api.networking.v1.HTTPIngressRuleValue")
+	proto.RegisterType((*IPAddress)(nil), "k8s.io.api.networking.v1.IPAddress")
+	proto.RegisterType((*IPAddressList)(nil), "k8s.io.api.networking.v1.IPAddressList")
+	proto.RegisterType((*IPAddressSpec)(nil), "k8s.io.api.networking.v1.IPAddressSpec")
 	proto.RegisterType((*IPBlock)(nil), "k8s.io.api.networking.v1.IPBlock")
 	proto.RegisterType((*Ingress)(nil), "k8s.io.api.networking.v1.Ingress")
 	proto.RegisterType((*IngressBackend)(nil), "k8s.io.api.networking.v1.IngressBackend")
@@ -831,7 +1058,12 @@ func init() {
 	proto.RegisterType((*NetworkPolicyPeer)(nil), "k8s.io.api.networking.v1.NetworkPolicyPeer")
 	proto.RegisterType((*NetworkPolicyPort)(nil), "k8s.io.api.networking.v1.NetworkPolicyPort")
 	proto.RegisterType((*NetworkPolicySpec)(nil), "k8s.io.api.networking.v1.NetworkPolicySpec")
+	proto.RegisterType((*ParentReference)(nil), "k8s.io.api.networking.v1.ParentReference")
 	proto.RegisterType((*ServiceBackendPort)(nil), "k8s.io.api.networking.v1.ServiceBackendPort")
+	proto.RegisterType((*ServiceCIDR)(nil), "k8s.io.api.networking.v1.ServiceCIDR")
+	proto.RegisterType((*ServiceCIDRList)(nil), "k8s.io.api.networking.v1.ServiceCIDRList")
+	proto.RegisterType((*ServiceCIDRSpec)(nil), "k8s.io.api.networking.v1.ServiceCIDRSpec")
+	proto.RegisterType((*ServiceCIDRStatus)(nil), "k8s.io.api.networking.v1.ServiceCIDRStatus")
 }
 
 func init() {
@@ -839,111 +1071,125 @@ func init() {
 }
 
 var fileDescriptor_2c41434372fec1d7 = []byte{
-	// 1652 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x58, 0x4b, 0x6f, 0x1b, 0x55,
-	0x14, 0xce, 0x38, 0x71, 0xec, 0x1c, 0x27, 0x69, 0x72, 0x69, 0x85, 0x09, 0xc2, 0x0e, 0x23, 0xda,
-	0x06, 0xda, 0xda, 0x34, 0xad, 0x10, 0x6c, 0x78, 0x4c, 0x9a, 0xa6, 0xa1, 0xa9, 0x63, 0x5d, 0x5b,
-	0x45, 0x20, 0x1e, 0x9d, 0x8c, 0x6f, 0x9c, 0x69, 0xc6, 0x33, 0xa3, 0x3b, 0xd7, 0xa5, 0x95, 0x10,
-	0x62, 0xc3, 0x82, 0x1d, 0x7f, 0x01, 0xf1, 0x0b, 0x10, 0x2c, 0x90, 0x10, 0x14, 0x36, 0xa8, 0xcb,
-	0x4a, 0x6c, 0xba, 0xc1, 0xa2, 0xe6, 0x5f, 0x64, 0x85, 0xee, 0x63, 0x1e, 0x7e, 0xd5, 0xa6, 0xaa,
-	0xb2, 0x4a, 0xee, 0x39, 0xe7, 0x7e, 0xe7, 0x71, 0xcf, 0x6b, 0x0c, 0x6b, 0x87, 0x6f, 0x06, 0x25,
-	0xdb, 0x2b, 0x9b, 0xbe, 0x5d, 0x76, 0x09, 0xfb, 0xdc, 0xa3, 0x87, 0xb6, 0xdb, 0x2c, 0xdf, 0xb9,
-	0x58, 0x6e, 0x12, 0x97, 0x50, 0x93, 0x91, 0x46, 0xc9, 0xa7, 0x1e, 0xf3, 0x50, 0x5e, 0x4a, 0x96,
-	0x4c, 0xdf, 0x2e, 0xc5, 0x92, 0xa5, 0x3b, 0x17, 0x57, 0x2e, 0x34, 0x6d, 0x76, 0xd0, 0xde, 0x2b,
-	0x59, 0x5e, 0xab, 0xdc, 0xf4, 0x9a, 0x5e, 0x59, 0x5c, 0xd8, 0x6b, 0xef, 0x8b, 0x93, 0x38, 0x88,
-	0xff, 0x24, 0xd0, 0x8a, 0x9e, 0x50, 0x69, 0x79, 0x94, 0x0c, 0x51, 0xb6, 0x72, 0x39, 0x96, 0x69,
-	0x99, 0xd6, 0x81, 0xed, 0x12, 0x7a, 0xaf, 0xec, 0x1f, 0x36, 0x39, 0x21, 0x28, 0xb7, 0x08, 0x33,
-	0x87, 0xdd, 0x2a, 0x8f, 0xba, 0x45, 0xdb, 0x2e, 0xb3, 0x5b, 0x64, 0xe0, 0xc2, 0x1b, 0xe3, 0x2e,
-	0x04, 0xd6, 0x01, 0x69, 0x99, 0x03, 0xf7, 0x2e, 0x8d, 0xba, 0xd7, 0x66, 0xb6, 0x53, 0xb6, 0x5d,
-	0x16, 0x30, 0xda, 0x7f, 0x49, 0xff, 0x4d, 0x83, 0x13, 0xd7, 0xea, 0xf5, 0xea, 0xb6, 0xdb, 0xa4,
-	0x24, 0x08, 0xaa, 0x26, 0x3b, 0x40, 0xab, 0x30, 0xe3, 0x9b, 0xec, 0x20, 0xaf, 0xad, 0x6a, 0x6b,
-	0x73, 0xc6, 0xfc, 0x83, 0x4e, 0x71, 0xaa, 0xdb, 0x29, 0xce, 0x70, 0x1e, 0x16, 0x1c, 0x74, 0x19,
-	0xb2, 0xfc, 0x6f, 0xfd, 0x9e, 0x4f, 0xf2, 0xd3, 0x42, 0x2a, 0xdf, 0xed, 0x14, 0xb3, 0x55, 0x45,
-	0x3b, 0x4a, 0xfc, 0x8f, 0x23, 0x49, 0x54, 0x83, 0xcc, 0x9e, 0x69, 0x1d, 0x12, 0xb7, 0x91, 0x4f,
-	0xad, 0x6a, 0x6b, 0xb9, 0xf5, 0xb5, 0xd2, 0xa8, 0xe7, 0x2b, 0x29, 0x7b, 0x0c, 0x29, 0x6f, 0x9c,
-	0x50, 0x46, 0x64, 0x14, 0x01, 0x87, 0x48, 0xfa, 0x3e, 0x9c, 0x4c, 0xd8, 0x8f, 0xdb, 0x0e, 0xb9,
-	0x69, 0x3a, 0x6d, 0x82, 0x2a, 0x90, 0xe6, 0x8a, 0x83, 0xbc, 0xb6, 0x3a, 0xbd, 0x96, 0x5b, 0x7f,
-	0x75, 0xb4, 0xaa, 0x3e, 0xf7, 0x8d, 0x05, 0xa5, 0x2b, 0xcd, 0x4f, 0x01, 0x96, 0x30, 0xfa, 0x2e,
-	0x64, 0xb6, 0xab, 0x86, 0xe3, 0x59, 0x87, 0x3c, 0x3e, 0x96, 0xdd, 0xa0, 0xfd, 0xf1, 0xd9, 0xd8,
-	0xbe, 0x82, 0xb1, 0xe0, 0x20, 0x1d, 0x66, 0xc9, 0x5d, 0x8b, 0xf8, 0x2c, 0x9f, 0x5a, 0x9d, 0x5e,
-	0x9b, 0x33, 0xa0, 0xdb, 0x29, 0xce, 0x6e, 0x0a, 0x0a, 0x56, 0x1c, 0xfd, 0xeb, 0x14, 0x64, 0x94,
-	0x5a, 0x74, 0x0b, 0xb2, 0x3c, 0x7d, 0x1a, 0x26, 0x33, 0x05, 0x6a, 0x6e, 0xfd, 0xf5, 0x84, 0xbd,
-	0xd1, 0x6b, 0x96, 0xfc, 0xc3, 0x26, 0x27, 0x04, 0x25, 0x2e, 0xcd, 0x6d, 0xdf, 0xdd, 0xbb, 0x4d,
-	0x2c, 0x76, 0x83, 0x30, 0xd3, 0x40, 0xca, 0x0e, 0x88, 0x69, 0x38, 0x42, 0x45, 0x5b, 0x30, 0x13,
-	0xf8, 0xc4, 0x52, 0x81, 0x3f, 0x3d, 0x36, 0xf0, 0x35, 0x9f, 0x58, 0xb1, 0x6b, 0xfc, 0x84, 0x05,
-	0x00, 0xda, 0x85, 0xd9, 0x80, 0x99, 0xac, 0x1d, 0x88, 0x87, 0xcf, 0xad, 0x9f, 0x1d, 0x0f, 0x25,
-	0xc4, 0x8d, 0x45, 0x05, 0x36, 0x2b, 0xcf, 0x58, 0xc1, 0xe8, 0x7f, 0x68, 0xb0, 0xd8, 0xfb, 0xda,
-	0xe8, 0x26, 0x64, 0x02, 0x42, 0xef, 0xd8, 0x16, 0xc9, 0xcf, 0x08, 0x25, 0xe5, 0xf1, 0x4a, 0xa4,
-	0x7c, 0x98, 0x2f, 0x39, 0x9e, 0x2b, 0x8a, 0x86, 0x43, 0x30, 0xf4, 0x01, 0x64, 0x29, 0x09, 0xbc,
-	0x36, 0xb5, 0x88, 0xb2, 0xfe, 0x42, 0x12, 0x98, 0xd7, 0x3d, 0x87, 0xe4, 0xc9, 0xda, 0xd8, 0xf1,
-	0x2c, 0xd3, 0x91, 0xa1, 0xc4, 0x64, 0x9f, 0x50, 0xe2, 0x5a, 0xc4, 0x98, 0xe7, 0x59, 0x8e, 0x15,
-	0x04, 0x8e, 0xc0, 0x78, 0x15, 0xcd, 0x2b, 0x43, 0x36, 0x1c, 0xf3, 0x58, 0x1e, 0x74, 0xa7, 0xe7,
-	0x41, 0x5f, 0x1b, 0x1b, 0x20, 0x61, 0xd7, 0xa8, 0x57, 0xd5, 0x7f, 0xd5, 0x60, 0x29, 0x29, 0xb8,
-	0x63, 0x07, 0x0c, 0x7d, 0x3c, 0xe0, 0x44, 0x69, 0x32, 0x27, 0xf8, 0x6d, 0xe1, 0xc2, 0x92, 0x52,
-	0x95, 0x0d, 0x29, 0x09, 0x07, 0xae, 0x43, 0xda, 0x66, 0xa4, 0x15, 0x88, 0x12, 0xc9, 0xad, 0x9f,
-	0x99, 0xcc, 0x83, 0xb8, 0x3a, 0xb7, 0xf9, 0x65, 0x2c, 0x31, 0xf4, 0xbf, 0x35, 0x28, 0x26, 0xc5,
-	0xaa, 0x26, 0x35, 0x5b, 0x84, 0x11, 0x1a, 0x44, 0x8f, 0x87, 0xd6, 0x20, 0x6b, 0x56, 0xb7, 0xb7,
-	0xa8, 0xd7, 0xf6, 0xc3, 0xd2, 0xe5, 0xa6, 0xbd, 0xa7, 0x68, 0x38, 0xe2, 0xf2, 0x02, 0x3f, 0xb4,
-	0x55, 0x97, 0x4a, 0x14, 0xf8, 0x75, 0xdb, 0x6d, 0x60, 0xc1, 0xe1, 0x12, 0xae, 0xd9, 0x0a, 0x9b,
-	0x5f, 0x24, 0x51, 0x31, 0x5b, 0x04, 0x0b, 0x0e, 0x2a, 0x42, 0x3a, 0xb0, 0x3c, 0x5f, 0x66, 0xf0,
-	0x9c, 0x31, 0xc7, 0x4d, 0xae, 0x71, 0x02, 0x96, 0x74, 0x74, 0x0e, 0xe6, 0xb8, 0x60, 0xe0, 0x9b,
-	0x16, 0xc9, 0xa7, 0x85, 0xd0, 0x42, 0xb7, 0x53, 0x9c, 0xab, 0x84, 0x44, 0x1c, 0xf3, 0xf5, 0x1f,
-	0xfa, 0xde, 0x87, 0x3f, 0x1d, 0x5a, 0x07, 0xb0, 0x3c, 0x97, 0x51, 0xcf, 0x71, 0x48, 0xd8, 0x8d,
-	0xa2, 0xa4, 0xd9, 0x88, 0x38, 0x38, 0x21, 0x85, 0x6c, 0x00, 0x3f, 0x8a, 0x8d, 0x4a, 0x9e, 0xb7,
-	0x26, 0x0b, 0xfd, 0x90, 0x98, 0x1a, 0x8b, 0x5c, 0x55, 0x82, 0x91, 0x00, 0xd7, 0x7f, 0xd4, 0x20,
-	0xa7, 0xee, 0x1f, 0x43, 0x3a, 0x5d, 0xed, 0x4d, 0xa7, 0x97, 0xc7, 0x8f, 0x96, 0xe1, 0x99, 0xf4,
-	0xb3, 0x06, 0x2b, 0xa1, 0xd5, 0x9e, 0xd9, 0x30, 0x4c, 0xc7, 0x74, 0x2d, 0x42, 0xc3, 0x4e, 0xbd,
-	0x02, 0x29, 0x3b, 0x4c, 0x1f, 0x50, 0x00, 0xa9, 0xed, 0x2a, 0x4e, 0xd9, 0x3e, 0x3a, 0x0f, 0xd9,
-	0x03, 0x2f, 0x60, 0x22, 0x31, 0x64, 0xea, 0x44, 0x06, 0x5f, 0x53, 0x74, 0x1c, 0x49, 0xa0, 0x2a,
-	0xa4, 0x7d, 0x8f, 0xb2, 0x20, 0x3f, 0x23, 0x0c, 0x3e, 0x37, 0xd6, 0xe0, 0xaa, 0x47, 0x99, 0xea,
-	0xa5, 0xf1, 0x88, 0xe2, 0x08, 0x58, 0x02, 0xe9, 0x5f, 0xc0, 0x0b, 0x43, 0x2c, 0x97, 0x57, 0xd0,
-	0x67, 0x90, 0xb1, 0x25, 0x53, 0x4d, 0xc4, 0xcb, 0x63, 0x15, 0x0e, 0xf1, 0x3f, 0x1e, 0xc4, 0xe1,
-	0xc0, 0x0d, 0x51, 0xf5, 0xef, 0x35, 0x58, 0x1e, 0xb0, 0x54, 0xec, 0x12, 0x1e, 0x65, 0x22, 0x62,
-	0xe9, 0xc4, 0x2e, 0xe1, 0x51, 0x86, 0x05, 0x07, 0x5d, 0x87, 0xac, 0x58, 0x45, 0x2c, 0xcf, 0x51,
-	0x51, 0x2b, 0x87, 0x51, 0xab, 0x2a, 0xfa, 0x51, 0xa7, 0xf8, 0xe2, 0xe0, 0x7e, 0x56, 0x0a, 0xd9,
-	0x38, 0x02, 0xe0, 0x55, 0x47, 0x28, 0xf5, 0xa8, 0x2a, 0x4c, 0x51, 0x75, 0x9b, 0x9c, 0x80, 0x25,
-	0x5d, 0xff, 0x2e, 0x4e, 0x4a, 0xbe, 0x2b, 0x70, 0xfb, 0xf8, 0x8b, 0xf4, 0xcf, 0x72, 0xfe, 0x5e,
-	0x58, 0x70, 0x90, 0x0f, 0x4b, 0x76, 0xdf, 0x72, 0x31, 0x71, 0xd3, 0x8d, 0x6e, 0x18, 0x79, 0x85,
-	0xbc, 0xd4, 0xcf, 0xc1, 0x03, 0xe8, 0xfa, 0x2d, 0x18, 0x90, 0xe2, 0xed, 0xfe, 0x80, 0x31, 0x7f,
-	0x48, 0xe1, 0x8c, 0xde, 0x66, 0x62, 0xed, 0x59, 0xe1, 0x53, 0xbd, 0x5e, 0xc5, 0x02, 0x45, 0xff,
-	0x46, 0x83, 0x53, 0x43, 0x07, 0x67, 0xd4, 0xd8, 0xb4, 0x91, 0x8d, 0xad, 0xa2, 0x5e, 0x54, 0xc6,
-	0xe0, 0xfc, 0x68, 0x4b, 0x7a, 0x91, 0xf9, 0x8b, 0x0f, 0x7b, 0x7f, 0xfd, 0xcf, 0x54, 0xf4, 0x22,
-	0xa2, 0xab, 0xbd, 0x1b, 0xc5, 0x5b, 0x74, 0x1d, 0xae, 0x59, 0xf5, 0xd0, 0x93, 0x89, 0xf8, 0x45,
-	0x3c, 0x3c, 0x20, 0x8d, 0x1a, 0xb0, 0xd8, 0x20, 0xfb, 0x66, 0xdb, 0x61, 0x4a, 0xb7, 0x8a, 0xda,
-	0xe4, 0xeb, 0x26, 0xea, 0x76, 0x8a, 0x8b, 0x57, 0x7a, 0x30, 0x70, 0x1f, 0x26, 0xda, 0x80, 0x69,
-	0xe6, 0x84, 0xed, 0xe6, 0x95, 0xb1, 0xd0, 0xf5, 0x9d, 0x9a, 0x91, 0x53, 0xee, 0x4f, 0xd7, 0x77,
-	0x6a, 0x98, 0xdf, 0x46, 0xef, 0x43, 0x9a, 0xb6, 0x1d, 0xc2, 0x97, 0xa9, 0xe9, 0x89, 0xf6, 0x32,
-	0xfe, 0xa6, 0x71, 0xf9, 0xf3, 0x53, 0x80, 0x25, 0x84, 0xfe, 0x25, 0x2c, 0xf4, 0x6c, 0x5c, 0xa8,
-	0x05, 0xf3, 0x4e, 0xa2, 0x84, 0x55, 0x14, 0x2e, 0xfd, 0xaf, 0xba, 0x57, 0x0d, 0xe7, 0xa4, 0xd2,
-	0x38, 0x9f, 0xe4, 0xe1, 0x1e, 0x78, 0xdd, 0x04, 0x88, 0x7d, 0xe5, 0x95, 0xc8, 0xcb, 0x47, 0x76,
-	0x1b, 0x55, 0x89, 0xbc, 0xaa, 0x02, 0x2c, 0xe9, 0x7c, 0x7a, 0x05, 0xc4, 0xa2, 0x84, 0x55, 0xe2,
-	0x7e, 0x19, 0x4d, 0xaf, 0x5a, 0xc4, 0xc1, 0x09, 0x29, 0xfd, 0x77, 0x0d, 0x16, 0x2a, 0xd2, 0xe4,
-	0xaa, 0xe7, 0xd8, 0xd6, 0xbd, 0x63, 0x58, 0xb4, 0x6e, 0xf4, 0x2c, 0x5a, 0x4f, 0x68, 0xd3, 0x3d,
-	0x86, 0x8d, 0xdc, 0xb4, 0x7e, 0xd2, 0xe0, 0xf9, 0x1e, 0xc9, 0xcd, 0xb8, 0x19, 0x45, 0x23, 0x41,
-	0x1b, 0x37, 0x12, 0x7a, 0x10, 0x44, 0x69, 0x0d, 0x1d, 0x09, 0x68, 0x0b, 0x52, 0xcc, 0x53, 0x39,
-	0x3a, 0x31, 0x1c, 0x21, 0x34, 0x9e, 0x6d, 0x75, 0x0f, 0xa7, 0x98, 0xa7, 0xff, 0xa2, 0x41, 0xbe,
-	0x47, 0x2a, 0xd9, 0x44, 0x9f, 0xbd, 0xdd, 0x37, 0x60, 0x66, 0x9f, 0x7a, 0xad, 0xa7, 0xb1, 0x3c,
-	0x0a, 0xfa, 0x55, 0xea, 0xb5, 0xb0, 0x80, 0xd1, 0xef, 0x6b, 0xb0, 0xdc, 0x23, 0x79, 0x0c, 0x0b,
-	0xc9, 0x4e, 0xef, 0x42, 0x72, 0x76, 0x42, 0x1f, 0x46, 0xac, 0x25, 0xf7, 0x53, 0x7d, 0x1e, 0x70,
-	0x5f, 0xd1, 0x3e, 0xe4, 0x7c, 0xaf, 0x51, 0x23, 0x0e, 0xb1, 0x98, 0x37, 0xac, 0xc0, 0x9f, 0xe4,
-	0x84, 0xb9, 0x47, 0x9c, 0xf0, 0xaa, 0x71, 0xa2, 0xdb, 0x29, 0xe6, 0xaa, 0x31, 0x16, 0x4e, 0x02,
-	0xa3, 0xbb, 0xb0, 0x1c, 0xed, 0xa2, 0x91, 0xb6, 0xd4, 0xd3, 0x6b, 0x3b, 0xd5, 0xed, 0x14, 0x97,
-	0x2b, 0xfd, 0x88, 0x78, 0x50, 0x09, 0xba, 0x06, 0x19, 0xdb, 0x17, 0x9f, 0xdd, 0xea, 0x8b, 0xed,
-	0x49, 0x8b, 0x9d, 0xfc, 0x3e, 0x97, 0x1f, 0x7f, 0xea, 0x80, 0xc3, 0xeb, 0xfa, 0x5f, 0xfd, 0x39,
-	0xc0, 0x13, 0x0e, 0x6d, 0x25, 0xb6, 0x0f, 0x39, 0xf3, 0xce, 0x3d, 0xdd, 0xe6, 0xd1, 0x3b, 0x16,
-	0x47, 0x37, 0xa1, 0x36, 0xb3, 0x9d, 0x92, 0xfc, 0x31, 0xa6, 0xb4, 0xed, 0xb2, 0x5d, 0x5a, 0x63,
-	0xd4, 0x76, 0x9b, 0x72, 0x44, 0x27, 0xd6, 0xa2, 0xd3, 0x90, 0x51, 0x53, 0x53, 0x38, 0x9e, 0x96,
-	0x5e, 0x6d, 0x4a, 0x12, 0x0e, 0x79, 0xfa, 0x51, 0x7f, 0x5e, 0x88, 0x19, 0x7a, 0xfb, 0x99, 0xe5,
-	0xc5, 0x73, 0x2a, 0x1b, 0x47, 0xe7, 0xc6, 0x27, 0xf1, 0x62, 0x29, 0x33, 0x7d, 0x7d, 0xc2, 0x4c,
-	0x4f, 0x4e, 0xb4, 0x91, 0x6b, 0x25, 0xfa, 0x10, 0x66, 0x89, 0x44, 0x97, 0x23, 0xf2, 0xe2, 0x84,
-	0xe8, 0x71, 0x5b, 0x8d, 0x7f, 0x79, 0x50, 0x34, 0x05, 0x88, 0xde, 0xe1, 0x51, 0xe2, 0xb2, 0xfc,
-	0x83, 0x5f, 0xee, 0xe1, 0x73, 0xc6, 0x4b, 0xd2, 0xd9, 0x88, 0x7c, 0xc4, 0x3f, 0x70, 0xa2, 0x23,
-	0x4e, 0xde, 0xd0, 0x3f, 0x05, 0x34, 0xb8, 0xe4, 0x4c, 0xb0, 0x42, 0x9d, 0x81, 0x59, 0xb7, 0xdd,
-	0xda, 0x23, 0xb2, 0x86, 0xd2, 0xb1, 0x81, 0x15, 0x41, 0xc5, 0x8a, 0x6b, 0xbc, 0xfd, 0xe0, 0x71,
-	0x61, 0xea, 0xe1, 0xe3, 0xc2, 0xd4, 0xa3, 0xc7, 0x85, 0xa9, 0xaf, 0xba, 0x05, 0xed, 0x41, 0xb7,
-	0xa0, 0x3d, 0xec, 0x16, 0xb4, 0x47, 0xdd, 0x82, 0xf6, 0x4f, 0xb7, 0xa0, 0x7d, 0xfb, 0x6f, 0x61,
-	0xea, 0xa3, 0xfc, 0xa8, 0x5f, 0x4b, 0xff, 0x0b, 0x00, 0x00, 0xff, 0xff, 0x24, 0x03, 0xec, 0x04,
-	0x48, 0x15, 0x00, 0x00,
+	// 1884 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x59, 0xcd, 0x8f, 0x1b, 0x49,
+	0x15, 0x9f, 0xf6, 0x8c, 0x67, 0xec, 0xe7, 0xf9, 0xc8, 0x14, 0x59, 0x61, 0x06, 0x61, 0x87, 0x5e,
+	0xb2, 0x3b, 0x4b, 0x76, 0x6d, 0x32, 0x1b, 0x21, 0xb8, 0x00, 0xdb, 0x93, 0x6c, 0xe2, 0xcd, 0xc4,
+	0xb1, 0xca, 0x56, 0x10, 0x88, 0x8f, 0xed, 0x69, 0xd7, 0x78, 0x7a, 0xa7, 0xdd, 0xd5, 0xaa, 0x2e,
+	0x87, 0x44, 0x42, 0x88, 0x0b, 0x07, 0x6e, 0xf0, 0x27, 0x20, 0xfe, 0x02, 0x04, 0xd2, 0xae, 0xb4,
+	0x82, 0x85, 0x0b, 0xca, 0x71, 0x25, 0x2e, 0x7b, 0xc1, 0x22, 0xe6, 0xbf, 0xc8, 0x09, 0xd5, 0x47,
+	0x7f, 0xd9, 0xee, 0xb1, 0x89, 0x22, 0x9f, 0xc6, 0xfd, 0xde, 0xab, 0xdf, 0x7b, 0xf5, 0xea, 0x7d,
+	0x55, 0x0d, 0x1c, 0x5e, 0x7c, 0x27, 0x6c, 0xb8, 0xb4, 0x69, 0x07, 0x6e, 0xd3, 0x27, 0xfc, 0x17,
+	0x94, 0x5d, 0xb8, 0xfe, 0xa0, 0xf9, 0xf8, 0x66, 0x73, 0x40, 0x7c, 0xc2, 0x6c, 0x4e, 0xfa, 0x8d,
+	0x80, 0x51, 0x4e, 0x51, 0x55, 0x49, 0x36, 0xec, 0xc0, 0x6d, 0x24, 0x92, 0x8d, 0xc7, 0x37, 0x0f,
+	0xde, 0x19, 0xb8, 0xfc, 0x7c, 0x74, 0xda, 0x70, 0xe8, 0xb0, 0x39, 0xa0, 0x03, 0xda, 0x94, 0x0b,
+	0x4e, 0x47, 0x67, 0xf2, 0x4b, 0x7e, 0xc8, 0x5f, 0x0a, 0xe8, 0xc0, 0x4c, 0xa9, 0x74, 0x28, 0x23,
+	0x73, 0x94, 0x1d, 0xdc, 0x4a, 0x64, 0x86, 0xb6, 0x73, 0xee, 0xfa, 0x84, 0x3d, 0x6d, 0x06, 0x17,
+	0x03, 0x41, 0x08, 0x9b, 0x43, 0xc2, 0xed, 0x79, 0xab, 0x9a, 0x79, 0xab, 0xd8, 0xc8, 0xe7, 0xee,
+	0x90, 0xcc, 0x2c, 0xf8, 0xf6, 0xa2, 0x05, 0xa1, 0x73, 0x4e, 0x86, 0xf6, 0xcc, 0xba, 0x77, 0xf3,
+	0xd6, 0x8d, 0xb8, 0xeb, 0x35, 0x5d, 0x9f, 0x87, 0x9c, 0x4d, 0x2f, 0x32, 0xff, 0x66, 0xc0, 0xde,
+	0xbd, 0x5e, 0xaf, 0xd3, 0xf2, 0x07, 0x8c, 0x84, 0x61, 0xc7, 0xe6, 0xe7, 0xe8, 0x1a, 0x6c, 0x04,
+	0x36, 0x3f, 0xaf, 0x1a, 0xd7, 0x8c, 0xc3, 0xb2, 0xb5, 0xfd, 0x6c, 0x5c, 0x5f, 0x9b, 0x8c, 0xeb,
+	0x1b, 0x82, 0x87, 0x25, 0x07, 0xdd, 0x82, 0x92, 0xf8, 0xdb, 0x7b, 0x1a, 0x90, 0xea, 0xba, 0x94,
+	0xaa, 0x4e, 0xc6, 0xf5, 0x52, 0x47, 0xd3, 0x5e, 0xa4, 0x7e, 0xe3, 0x58, 0x12, 0x75, 0x61, 0xeb,
+	0xd4, 0x76, 0x2e, 0x88, 0xdf, 0xaf, 0x16, 0xae, 0x19, 0x87, 0x95, 0xa3, 0xc3, 0x46, 0xde, 0xf1,
+	0x35, 0xb4, 0x3d, 0x96, 0x92, 0xb7, 0xf6, 0xb4, 0x11, 0x5b, 0x9a, 0x80, 0x23, 0x24, 0xf3, 0x0c,
+	0xae, 0xa6, 0xec, 0xc7, 0x23, 0x8f, 0x3c, 0xb2, 0xbd, 0x11, 0x41, 0x6d, 0x28, 0x0a, 0xc5, 0x61,
+	0xd5, 0xb8, 0xb6, 0x7e, 0x58, 0x39, 0x7a, 0x2b, 0x5f, 0xd5, 0xd4, 0xf6, 0xad, 0x1d, 0xad, 0xab,
+	0x28, 0xbe, 0x42, 0xac, 0x60, 0xcc, 0x4f, 0x0c, 0x28, 0xb7, 0x3a, 0xef, 0xf5, 0xfb, 0x42, 0x0e,
+	0x7d, 0x08, 0x25, 0x71, 0xde, 0x7d, 0x9b, 0xdb, 0xd2, 0x4d, 0x95, 0xa3, 0x6f, 0xa5, 0x14, 0xc4,
+	0xee, 0x6f, 0x04, 0x17, 0x03, 0x41, 0x08, 0x1b, 0x42, 0x5a, 0x28, 0x7b, 0x78, 0xfa, 0x11, 0x71,
+	0xf8, 0x03, 0xc2, 0x6d, 0x0b, 0x69, 0x3d, 0x90, 0xd0, 0x70, 0x8c, 0x8a, 0x5a, 0xb0, 0x11, 0x06,
+	0xc4, 0xd1, 0x9e, 0x7a, 0xf3, 0x12, 0x4f, 0x45, 0x46, 0x75, 0x03, 0xe2, 0x24, 0xa7, 0x25, 0xbe,
+	0xb0, 0x84, 0x30, 0x3f, 0x36, 0x60, 0x27, 0x96, 0x3a, 0x71, 0x43, 0x8e, 0x7e, 0x32, 0x63, 0x7e,
+	0x63, 0x39, 0xf3, 0xc5, 0x6a, 0x69, 0xfc, 0x15, 0xad, 0xa7, 0x14, 0x51, 0x52, 0xa6, 0xdf, 0x83,
+	0xa2, 0xcb, 0xc9, 0x30, 0xac, 0x16, 0xa4, 0xeb, 0x5f, 0x5f, 0xc2, 0xf6, 0xc4, 0xe9, 0x2d, 0xb1,
+	0x12, 0x2b, 0x00, 0x73, 0x90, 0x32, 0x5c, 0x6c, 0x08, 0x3d, 0x82, 0x72, 0x60, 0x33, 0xe2, 0x73,
+	0x4c, 0xce, 0xb4, 0xe5, 0x97, 0x9c, 0x6c, 0x27, 0x12, 0x25, 0x8c, 0xf8, 0x0e, 0xb1, 0x76, 0x26,
+	0xe3, 0x7a, 0x39, 0x26, 0xe2, 0x04, 0xca, 0x7c, 0x08, 0x5b, 0xad, 0x8e, 0xe5, 0x51, 0xe7, 0x42,
+	0x44, 0xbf, 0xe3, 0xf6, 0xd9, 0x74, 0xf4, 0x1f, 0xb7, 0x6e, 0x63, 0x2c, 0x39, 0xc8, 0x84, 0x4d,
+	0xf2, 0xc4, 0x21, 0x01, 0x97, 0x1b, 0x2c, 0x5b, 0x30, 0x19, 0xd7, 0x37, 0xef, 0x48, 0x0a, 0xd6,
+	0x1c, 0xf3, 0x37, 0x05, 0xd8, 0xd2, 0x41, 0xb5, 0x82, 0x60, 0xb9, 0x9b, 0x09, 0x96, 0xeb, 0x0b,
+	0xd3, 0x2a, 0x2f, 0x54, 0xd0, 0x43, 0xd8, 0x0c, 0xb9, 0xcd, 0x47, 0xa1, 0x4c, 0xeb, 0xcb, 0xe3,
+	0x4e, 0x43, 0x49, 0x71, 0x6b, 0x57, 0x83, 0x6d, 0xaa, 0x6f, 0xac, 0x61, 0xcc, 0x7f, 0x18, 0xb0,
+	0x9b, 0xcd, 0x65, 0xf4, 0x08, 0xb6, 0x42, 0xc2, 0x1e, 0xbb, 0x0e, 0xa9, 0x6e, 0x48, 0x25, 0xcd,
+	0xc5, 0x4a, 0x94, 0x7c, 0x54, 0x0d, 0x2a, 0xa2, 0x12, 0x68, 0x1a, 0x8e, 0xc0, 0xd0, 0x0f, 0xa1,
+	0xc4, 0x48, 0x48, 0x47, 0xcc, 0x21, 0xda, 0xfa, 0x77, 0xd2, 0xc0, 0xa2, 0xaa, 0x0b, 0x48, 0x51,
+	0x8a, 0xfa, 0x27, 0xd4, 0xb1, 0x3d, 0xe5, 0xca, 0x24, 0x3c, 0xb6, 0x45, 0x3c, 0x63, 0x0d, 0x81,
+	0x63, 0x30, 0x51, 0x23, 0xb7, 0xb5, 0x21, 0xc7, 0x9e, 0xbd, 0x92, 0x03, 0x3d, 0xc9, 0x1c, 0xe8,
+	0x37, 0x17, 0x3a, 0x48, 0xda, 0x95, 0x5b, 0x00, 0xfe, 0x6a, 0xc0, 0x95, 0xb4, 0xe0, 0x0a, 0x6a,
+	0xc0, 0xfd, 0x6c, 0x0d, 0x78, 0x63, 0xb9, 0x1d, 0xe4, 0x94, 0x81, 0x7f, 0x1b, 0x50, 0x4f, 0x8b,
+	0x75, 0x6c, 0x66, 0x0f, 0x09, 0x27, 0x2c, 0x8c, 0x0f, 0x0f, 0x1d, 0x42, 0xc9, 0xee, 0xb4, 0xee,
+	0x32, 0x3a, 0x0a, 0xa2, 0xd4, 0x15, 0xa6, 0xbd, 0xa7, 0x69, 0x38, 0xe6, 0x8a, 0x04, 0xbf, 0x70,
+	0x75, 0x0f, 0x4a, 0x25, 0xf8, 0x7d, 0xd7, 0xef, 0x63, 0xc9, 0x11, 0x12, 0xbe, 0x3d, 0x8c, 0x5a,
+	0x5b, 0x2c, 0xd1, 0xb6, 0x87, 0x04, 0x4b, 0x0e, 0xaa, 0x43, 0x31, 0x74, 0x68, 0xa0, 0x22, 0xb8,
+	0x6c, 0x95, 0x85, 0xc9, 0x5d, 0x41, 0xc0, 0x8a, 0x8e, 0x6e, 0x40, 0x59, 0x08, 0x86, 0x81, 0xed,
+	0x90, 0x6a, 0x51, 0x0a, 0xc9, 0xea, 0xd3, 0x8e, 0x88, 0x38, 0xe1, 0x9b, 0x7f, 0x9a, 0x3a, 0x1f,
+	0x59, 0xea, 0x8e, 0x00, 0x1c, 0xea, 0x73, 0x46, 0x3d, 0x8f, 0x44, 0xd5, 0x28, 0x0e, 0x9a, 0xe3,
+	0x98, 0x83, 0x53, 0x52, 0xc8, 0x05, 0x08, 0x62, 0xdf, 0xe8, 0xe0, 0xf9, 0xee, 0x72, 0xae, 0x9f,
+	0xe3, 0x53, 0x6b, 0x57, 0xa8, 0x4a, 0x31, 0x52, 0xe0, 0xe6, 0x9f, 0x0d, 0xa8, 0xe8, 0xf5, 0x2b,
+	0x08, 0xa7, 0xf7, 0xb3, 0xe1, 0xf4, 0xf5, 0xc5, 0x83, 0xc3, 0xfc, 0x48, 0xfa, 0xc4, 0x80, 0x83,
+	0xc8, 0x6a, 0x6a, 0xf7, 0x2d, 0xdb, 0xb3, 0x7d, 0x87, 0xb0, 0xa8, 0x52, 0x1f, 0x40, 0xc1, 0x8d,
+	0xc2, 0x07, 0x34, 0x40, 0xa1, 0xd5, 0xc1, 0x05, 0x37, 0x40, 0x6f, 0x43, 0xe9, 0x9c, 0x86, 0x5c,
+	0x06, 0x86, 0x0a, 0x9d, 0xd8, 0xe0, 0x7b, 0x9a, 0x8e, 0x63, 0x09, 0xd4, 0x81, 0x62, 0x40, 0x19,
+	0x0f, 0xab, 0x1b, 0xd2, 0xe0, 0x1b, 0x0b, 0x0d, 0xee, 0x50, 0xc6, 0x75, 0x2d, 0x4d, 0x06, 0x10,
+	0x81, 0x80, 0x15, 0x90, 0xf9, 0x4b, 0xf8, 0xca, 0x1c, 0xcb, 0xd5, 0x12, 0xf4, 0x73, 0xd8, 0x72,
+	0x15, 0x53, 0xcf, 0x3b, 0xb7, 0x16, 0x2a, 0x9c, 0xb3, 0xff, 0x64, 0xcc, 0x8a, 0xc6, 0xa9, 0x08,
+	0xd5, 0xfc, 0xa3, 0x01, 0xfb, 0x33, 0x96, 0xca, 0x49, 0x91, 0x32, 0x2e, 0x3d, 0x56, 0x4c, 0x4d,
+	0x8a, 0x94, 0x71, 0x2c, 0x39, 0xe8, 0x3e, 0x94, 0xe4, 0xa0, 0xe9, 0x50, 0x4f, 0x7b, 0xad, 0x19,
+	0x79, 0xad, 0xa3, 0xe9, 0x2f, 0xc6, 0xf5, 0xaf, 0xce, 0x4e, 0xdf, 0x8d, 0x88, 0x8d, 0x63, 0x00,
+	0x91, 0x75, 0x84, 0x31, 0xca, 0x74, 0x62, 0xca, 0xac, 0xbb, 0x23, 0x08, 0x58, 0xd1, 0xcd, 0x3f,
+	0x24, 0x41, 0x29, 0x26, 0x41, 0x61, 0x9f, 0x38, 0x91, 0xe9, 0x5e, 0x2e, 0xce, 0x0b, 0x4b, 0x0e,
+	0x0a, 0xe0, 0x8a, 0x3b, 0x35, 0x3a, 0x2e, 0x5d, 0x74, 0xe3, 0x15, 0x56, 0x55, 0x23, 0x5f, 0x99,
+	0xe6, 0xe0, 0x19, 0x74, 0xf3, 0x43, 0x98, 0x91, 0x12, 0xe5, 0xfe, 0x9c, 0xf3, 0x60, 0x4e, 0xe2,
+	0xe4, 0xcf, 0xaa, 0x89, 0xf6, 0x92, 0xdc, 0x53, 0xaf, 0xd7, 0xc1, 0x12, 0xc5, 0xfc, 0xad, 0x01,
+	0xaf, 0xcd, 0x6d, 0x9c, 0x71, 0x61, 0x33, 0x72, 0x0b, 0x5b, 0x5b, 0x9f, 0xa8, 0xf2, 0xc1, 0xdb,
+	0xf9, 0x96, 0x64, 0x91, 0xc5, 0x89, 0xcf, 0x3b, 0x7f, 0xf3, 0x9f, 0x85, 0xf8, 0x44, 0x64, 0x55,
+	0xfb, 0x41, 0xec, 0x6f, 0x59, 0x75, 0x84, 0x66, 0x5d, 0x43, 0xaf, 0xa6, 0xfc, 0x17, 0xf3, 0xf0,
+	0x8c, 0x34, 0xea, 0xc3, 0x6e, 0x9f, 0x9c, 0xd9, 0x23, 0x8f, 0x6b, 0xdd, 0xda, 0x6b, 0xcb, 0x5f,
+	0x26, 0xd0, 0x64, 0x5c, 0xdf, 0xbd, 0x9d, 0xc1, 0xc0, 0x53, 0x98, 0xe8, 0x18, 0xd6, 0xb9, 0x17,
+	0x95, 0x9b, 0x6f, 0x2c, 0x84, 0xee, 0x9d, 0x74, 0xad, 0x8a, 0xde, 0xfe, 0x7a, 0xef, 0xa4, 0x8b,
+	0xc5, 0x6a, 0xf4, 0x01, 0x14, 0xd9, 0xc8, 0x23, 0x62, 0x98, 0x5a, 0x5f, 0x6a, 0x2e, 0x13, 0x67,
+	0x9a, 0xa4, 0xbf, 0xf8, 0x0a, 0xb1, 0x82, 0x30, 0x7f, 0x05, 0x3b, 0x99, 0x89, 0x0b, 0x0d, 0x61,
+	0xdb, 0x4b, 0xa5, 0xb0, 0xf6, 0xc2, 0xbb, 0xff, 0x57, 0xde, 0xeb, 0x82, 0x73, 0x55, 0x6b, 0xdc,
+	0x4e, 0xf3, 0x70, 0x06, 0xde, 0xb4, 0x01, 0x92, 0xbd, 0x8a, 0x4c, 0x14, 0xe9, 0xa3, 0xaa, 0x8d,
+	0xce, 0x44, 0x91, 0x55, 0x21, 0x56, 0x74, 0xd1, 0xbd, 0x42, 0xe2, 0x30, 0xc2, 0xdb, 0x49, 0xbd,
+	0x8c, 0xbb, 0x57, 0x37, 0xe6, 0xe0, 0x94, 0x94, 0xf9, 0x77, 0x03, 0x76, 0xda, 0xca, 0xe4, 0x0e,
+	0xf5, 0x5c, 0xe7, 0xe9, 0x0a, 0x06, 0xad, 0x07, 0x99, 0x41, 0xeb, 0x92, 0x32, 0x9d, 0x31, 0x2c,
+	0x77, 0xd2, 0xfa, 0x8b, 0x01, 0x5f, 0xce, 0x48, 0xde, 0x49, 0x8a, 0x51, 0xdc, 0x12, 0x8c, 0x45,
+	0x2d, 0x21, 0x83, 0x20, 0x53, 0x6b, 0x6e, 0x4b, 0x40, 0x77, 0xa1, 0xc0, 0xa9, 0x8e, 0xd1, 0xa5,
+	0xe1, 0x08, 0x61, 0x49, 0x6f, 0xeb, 0x51, 0x5c, 0xe0, 0xd4, 0xfc, 0xd4, 0x80, 0x6a, 0x46, 0x2a,
+	0x5d, 0x44, 0x5f, 0xbd, 0xdd, 0x0f, 0x60, 0xe3, 0x8c, 0xd1, 0xe1, 0xcb, 0x58, 0x1e, 0x3b, 0xfd,
+	0x7d, 0x46, 0x87, 0x58, 0xc2, 0x98, 0x9f, 0x19, 0xb0, 0x9f, 0x91, 0x5c, 0xc1, 0x40, 0x72, 0x92,
+	0x1d, 0x48, 0xde, 0x5c, 0x72, 0x0f, 0x39, 0x63, 0xc9, 0x67, 0x85, 0xa9, 0x1d, 0x88, 0xbd, 0xa2,
+	0x33, 0xa8, 0x04, 0xb4, 0xdf, 0x25, 0x1e, 0x71, 0x38, 0x9d, 0x97, 0xe0, 0x97, 0x6d, 0xc2, 0x3e,
+	0x25, 0x5e, 0xb4, 0xd4, 0xda, 0x9b, 0x8c, 0xeb, 0x95, 0x4e, 0x82, 0x85, 0xd3, 0xc0, 0xe8, 0x09,
+	0xec, 0xc7, 0xb3, 0x68, 0xac, 0xad, 0xf0, 0xf2, 0xda, 0x5e, 0x9b, 0x8c, 0xeb, 0xfb, 0xed, 0x69,
+	0x44, 0x3c, 0xab, 0x04, 0xdd, 0x83, 0x2d, 0x37, 0x90, 0xd7, 0x6e, 0x7d, 0x63, 0xbb, 0x6c, 0xb0,
+	0x53, 0xf7, 0x73, 0x75, 0xf9, 0xd3, 0x1f, 0x38, 0x5a, 0x6e, 0xfe, 0x6b, 0x3a, 0x06, 0x44, 0xc0,
+	0xa1, 0xbb, 0xa9, 0xe9, 0x43, 0xf5, 0xbc, 0x1b, 0x2f, 0x37, 0x79, 0x64, 0xdb, 0x62, 0x7e, 0x11,
+	0x1a, 0x71, 0xd7, 0x6b, 0xa8, 0xa7, 0xb6, 0x46, 0xcb, 0xe7, 0x0f, 0x59, 0x97, 0x33, 0xd7, 0x1f,
+	0xa8, 0x16, 0x9d, 0x1a, 0x8b, 0xae, 0xc3, 0x96, 0xee, 0x9a, 0x72, 0xe3, 0x45, 0xb5, 0xab, 0x3b,
+	0x8a, 0x84, 0x23, 0x9e, 0xf9, 0x62, 0x3a, 0x2e, 0x64, 0x0f, 0xfd, 0xe8, 0x95, 0xc5, 0xc5, 0x97,
+	0x74, 0x34, 0xe6, 0xc7, 0xc6, 0x4f, 0x93, 0xc1, 0x52, 0x45, 0xfa, 0xd1, 0x92, 0x91, 0x9e, 0xee,
+	0x68, 0xb9, 0x63, 0x25, 0xfa, 0x11, 0x6c, 0x12, 0x85, 0xae, 0x5a, 0xe4, 0xcd, 0x25, 0xd1, 0x93,
+	0xb2, 0x9a, 0xbc, 0x3c, 0x68, 0x9a, 0x06, 0x44, 0xdf, 0x17, 0x5e, 0x12, 0xb2, 0xe2, 0xc2, 0xaf,
+	0xe6, 0xf0, 0xb2, 0xf5, 0x35, 0xb5, 0xd9, 0x98, 0xfc, 0x42, 0x5c, 0x70, 0xe2, 0x4f, 0x9c, 0x5e,
+	0x61, 0x7e, 0x6c, 0xc0, 0xde, 0xd4, 0x0b, 0x12, 0x7a, 0x1d, 0x8a, 0x83, 0xd4, 0x15, 0x33, 0xce,
+	0x66, 0x75, 0xc7, 0x54, 0x3c, 0x71, 0x53, 0x88, 0x1f, 0x22, 0xa6, 0x6e, 0x0a, 0xb3, 0xaf, 0x0b,
+	0xa8, 0x99, 0xbe, 0x29, 0xaa, 0xc1, 0x76, 0x5f, 0x8b, 0xcf, 0xbd, 0x2d, 0xc6, 0x43, 0xdc, 0x46,
+	0xde, 0x10, 0x67, 0xfe, 0x0c, 0xd0, 0xec, 0x78, 0xb6, 0xc4, 0xf0, 0xf7, 0x06, 0x6c, 0xfa, 0xa3,
+	0xe1, 0x29, 0x51, 0xd9, 0x5f, 0x4c, 0x5c, 0xdb, 0x96, 0x54, 0xac, 0xb9, 0xe6, 0xef, 0x0b, 0x50,
+	0xd1, 0x0a, 0x8e, 0x5b, 0xb7, 0xf1, 0x0a, 0xda, 0xf4, 0xfd, 0x4c, 0x9b, 0x7e, 0x6b, 0xe1, 0x58,
+	0x2a, 0xcc, 0xca, 0x7d, 0xe4, 0xea, 0x4e, 0x3d, 0x72, 0xdd, 0x58, 0x0e, 0xee, 0xf2, 0x87, 0xae,
+	0x4f, 0x0d, 0xd8, 0x4b, 0x49, 0xaf, 0xa0, 0x05, 0x7d, 0x90, 0x6d, 0x41, 0xd7, 0x97, 0xda, 0x45,
+	0x4e, 0x03, 0x3a, 0xca, 0x18, 0x2f, 0xab, 0x4c, 0x1d, 0x8a, 0x8e, 0xdb, 0x67, 0x99, 0x11, 0x4f,
+	0x30, 0x43, 0xac, 0xe8, 0xe6, 0x13, 0xd8, 0x9f, 0x71, 0x0f, 0x72, 0xe4, 0xab, 0x45, 0xdf, 0xe5,
+	0x2e, 0xf5, 0xa3, 0x89, 0xa1, 0xb9, 0xdc, 0xa6, 0x8f, 0xa3, 0x75, 0x99, 0x67, 0x0e, 0x0d, 0x85,
+	0x53, 0xb0, 0xd6, 0xf7, 0x9e, 0x3d, 0xaf, 0xad, 0x7d, 0xfe, 0xbc, 0xb6, 0xf6, 0xc5, 0xf3, 0xda,
+	0xda, 0xaf, 0x27, 0x35, 0xe3, 0xd9, 0xa4, 0x66, 0x7c, 0x3e, 0xa9, 0x19, 0x5f, 0x4c, 0x6a, 0xc6,
+	0x7f, 0x26, 0x35, 0xe3, 0x77, 0xff, 0xad, 0xad, 0xfd, 0xb8, 0x9a, 0xf7, 0x5f, 0xa4, 0xff, 0x05,
+	0x00, 0x00, 0xff, 0xff, 0xb5, 0x6b, 0x8c, 0x52, 0x60, 0x1a, 0x00, 0x00,
 }
 
 func (m *HTTPIngressPath) Marshal() (dAtA []byte, err error) {
@@ -1028,7 +1274,7 @@ func (m *HTTPIngressRuleValue) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
-func (m *IPBlock) Marshal() (dAtA []byte, err error) {
+func (m *IPAddress) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -1038,34 +1284,40 @@ func (m *IPBlock) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *IPBlock) MarshalTo(dAtA []byte) (int, error) {
+func (m *IPAddress) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *IPBlock) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *IPAddress) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	if len(m.Except) > 0 {
-		for iNdEx := len(m.Except) - 1; iNdEx >= 0; iNdEx-- {
-			i -= len(m.Except[iNdEx])
-			copy(dAtA[i:], m.Except[iNdEx])
-			i = encodeVarintGenerated(dAtA, i, uint64(len(m.Except[iNdEx])))
-			i--
-			dAtA[i] = 0x12
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
 		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	i -= len(m.CIDR)
-	copy(dAtA[i:], m.CIDR)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.CIDR)))
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *Ingress) Marshal() (dAtA []byte, err error) {
+func (m *IPAddressList) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -1075,38 +1327,32 @@ func (m *Ingress) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *Ingress) MarshalTo(dAtA []byte) (int, error) {
+func (m *IPAddressList) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *Ingress) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *IPAddressList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	{
-		size, err := m.Status.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
-	}
-	i--
-	dAtA[i] = 0x1a
-	{
-		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
+	if len(m.Items) > 0 {
+		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
 		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	i--
-	dAtA[i] = 0x12
 	{
-		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
 		if err != nil {
 			return 0, err
 		}
@@ -1118,7 +1364,7 @@ func (m *Ingress) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
-func (m *IngressBackend) Marshal() (dAtA []byte, err error) {
+func (m *IPAddressSpec) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -1128,19 +1374,19 @@ func (m *IngressBackend) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *IngressBackend) MarshalTo(dAtA []byte) (int, error) {
+func (m *IPAddressSpec) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *IngressBackend) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *IPAddressSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	if m.Service != nil {
+	if m.ParentRef != nil {
 		{
-			size, err := m.Service.MarshalToSizedBuffer(dAtA[:i])
+			size, err := m.ParentRef.MarshalToSizedBuffer(dAtA[:i])
 			if err != nil {
 				return 0, err
 			}
@@ -1148,15 +1394,140 @@ func (m *IngressBackend) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 			i = encodeVarintGenerated(dAtA, i, uint64(size))
 		}
 		i--
-		dAtA[i] = 0x22
+		dAtA[i] = 0xa
 	}
-	if m.Resource != nil {
-		{
-			size, err := m.Resource.MarshalToSizedBuffer(dAtA[:i])
-			if err != nil {
-				return 0, err
-			}
-			i -= size
+	return len(dAtA) - i, nil
+}
+
+func (m *IPBlock) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *IPBlock) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *IPBlock) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Except) > 0 {
+		for iNdEx := len(m.Except) - 1; iNdEx >= 0; iNdEx-- {
+			i -= len(m.Except[iNdEx])
+			copy(dAtA[i:], m.Except[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(m.Except[iNdEx])))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.CIDR)
+	copy(dAtA[i:], m.CIDR)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.CIDR)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *Ingress) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *Ingress) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *Ingress) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Status.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x1a
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *IngressBackend) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *IngressBackend) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *IngressBackend) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.Service != nil {
+		{
+			size, err := m.Service.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x22
+	}
+	if m.Resource != nil {
+		{
+			size, err := m.Resource.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
 			i = encodeVarintGenerated(dAtA, i, uint64(size))
 		}
 		i--
@@ -2137,6 +2508,49 @@ func (m *NetworkPolicySpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
+func (m *ParentReference) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ParentReference) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ParentReference) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0x22
+	i -= len(m.Namespace)
+	copy(dAtA[i:], m.Namespace)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Namespace)))
+	i--
+	dAtA[i] = 0x1a
+	i -= len(m.Resource)
+	copy(dAtA[i:], m.Resource)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Resource)))
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Group)
+	copy(dAtA[i:], m.Group)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Group)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
 func (m *ServiceBackendPort) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -2168,72 +2582,284 @@ func (m *ServiceBackendPort) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
-func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
-	offset -= sovGenerated(v)
-	base := offset
-	for v >= 1<<7 {
-		dAtA[offset] = uint8(v&0x7f | 0x80)
-		v >>= 7
-		offset++
+func (m *ServiceCIDR) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
 	}
-	dAtA[offset] = uint8(v)
-	return base
+	return dAtA[:n], nil
 }
-func (m *HTTPIngressPath) Size() (n int) {
-	if m == nil {
-		return 0
-	}
-	var l int
-	_ = l
-	l = len(m.Path)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Backend.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	if m.PathType != nil {
-		l = len(*m.PathType)
-		n += 1 + l + sovGenerated(uint64(l))
-	}
-	return n
+
+func (m *ServiceCIDR) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *HTTPIngressRuleValue) Size() (n int) {
-	if m == nil {
-		return 0
-	}
+func (m *ServiceCIDR) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
 	var l int
 	_ = l
-	if len(m.Paths) > 0 {
-		for _, e := range m.Paths {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
+	{
+		size, err := m.Status.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
 		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	return n
-}
-
-func (m *IPBlock) Size() (n int) {
-	if m == nil {
-		return 0
+	i--
+	dAtA[i] = 0x1a
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	var l int
-	_ = l
-	l = len(m.CIDR)
-	n += 1 + l + sovGenerated(uint64(l))
-	if len(m.Except) > 0 {
-		for _, s := range m.Except {
-			l = len(s)
-			n += 1 + l + sovGenerated(uint64(l))
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
 		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	return n
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
 }
 
-func (m *Ingress) Size() (n int) {
-	if m == nil {
-		return 0
+func (m *ServiceCIDRList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
 	}
-	var l int
-	_ = l
+	return dAtA[:n], nil
+}
+
+func (m *ServiceCIDRList) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ServiceCIDRList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Items) > 0 {
+		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	{
+		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ServiceCIDRSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ServiceCIDRSpec) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ServiceCIDRSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.CIDRs) > 0 {
+		for iNdEx := len(m.CIDRs) - 1; iNdEx >= 0; iNdEx-- {
+			i -= len(m.CIDRs[iNdEx])
+			copy(dAtA[i:], m.CIDRs[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(m.CIDRs[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+		}
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *ServiceCIDRStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ServiceCIDRStatus) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ServiceCIDRStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Conditions) > 0 {
+		for iNdEx := len(m.Conditions) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Conditions[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0xa
+		}
+	}
+	return len(dAtA) - i, nil
+}
+
+func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
+	offset -= sovGenerated(v)
+	base := offset
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return base
+}
+func (m *HTTPIngressPath) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Path)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Backend.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.PathType != nil {
+		l = len(*m.PathType)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *HTTPIngressRuleValue) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Paths) > 0 {
+		for _, e := range m.Paths {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *IPAddress) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *IPAddressList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *IPAddressSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.ParentRef != nil {
+		l = m.ParentRef.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *IPBlock) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.CIDR)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Except) > 0 {
+		for _, s := range m.Except {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *Ingress) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
 	l = m.ObjectMeta.Size()
 	n += 1 + l + sovGenerated(uint64(l))
 	l = m.Spec.Size()
@@ -2635,6 +3261,23 @@ func (m *NetworkPolicySpec) Size() (n int) {
 	return n
 }
 
+func (m *ParentReference) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Group)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Resource)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Namespace)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
 func (m *ServiceBackendPort) Size() (n int) {
 	if m == nil {
 		return 0
@@ -2647,39 +3290,138 @@ func (m *ServiceBackendPort) Size() (n int) {
 	return n
 }
 
-func sovGenerated(x uint64) (n int) {
-	return (math_bits.Len64(x|1) + 6) / 7
-}
-func sozGenerated(x uint64) (n int) {
-	return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
-}
-func (this *HTTPIngressPath) String() string {
-	if this == nil {
-		return "nil"
+func (m *ServiceCIDR) Size() (n int) {
+	if m == nil {
+		return 0
 	}
-	s := strings.Join([]string{`&HTTPIngressPath{`,
-		`Path:` + fmt.Sprintf("%v", this.Path) + `,`,
-		`Backend:` + strings.Replace(strings.Replace(this.Backend.String(), "IngressBackend", "IngressBackend", 1), `&`, ``, 1) + `,`,
-		`PathType:` + valueToStringGenerated(this.PathType) + `,`,
-		`}`,
-	}, "")
-	return s
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Status.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
 }
-func (this *HTTPIngressRuleValue) String() string {
-	if this == nil {
-		return "nil"
+
+func (m *ServiceCIDRList) Size() (n int) {
+	if m == nil {
+		return 0
 	}
-	repeatedStringForPaths := "[]HTTPIngressPath{"
-	for _, f := range this.Paths {
-		repeatedStringForPaths += strings.Replace(strings.Replace(f.String(), "HTTPIngressPath", "HTTPIngressPath", 1), `&`, ``, 1) + ","
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
 	}
-	repeatedStringForPaths += "}"
+	return n
+}
+
+func (m *ServiceCIDRSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.CIDRs) > 0 {
+		for _, s := range m.CIDRs {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ServiceCIDRStatus) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Conditions) > 0 {
+		for _, e := range m.Conditions {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func sovGenerated(x uint64) (n int) {
+	return (math_bits.Len64(x|1) + 6) / 7
+}
+func sozGenerated(x uint64) (n int) {
+	return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (this *HTTPIngressPath) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&HTTPIngressPath{`,
+		`Path:` + fmt.Sprintf("%v", this.Path) + `,`,
+		`Backend:` + strings.Replace(strings.Replace(this.Backend.String(), "IngressBackend", "IngressBackend", 1), `&`, ``, 1) + `,`,
+		`PathType:` + valueToStringGenerated(this.PathType) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *HTTPIngressRuleValue) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForPaths := "[]HTTPIngressPath{"
+	for _, f := range this.Paths {
+		repeatedStringForPaths += strings.Replace(strings.Replace(f.String(), "HTTPIngressPath", "HTTPIngressPath", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForPaths += "}"
 	s := strings.Join([]string{`&HTTPIngressRuleValue{`,
 		`Paths:` + repeatedStringForPaths + `,`,
 		`}`,
 	}, "")
 	return s
 }
+func (this *IPAddress) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&IPAddress{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "IPAddressSpec", "IPAddressSpec", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *IPAddressList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForItems := "[]IPAddress{"
+	for _, f := range this.Items {
+		repeatedStringForItems += strings.Replace(strings.Replace(f.String(), "IPAddress", "IPAddress", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForItems += "}"
+	s := strings.Join([]string{`&IPAddressList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + repeatedStringForItems + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *IPAddressSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&IPAddressSpec{`,
+		`ParentRef:` + strings.Replace(this.ParentRef.String(), "ParentReference", "ParentReference", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *IPBlock) String() string {
 	if this == nil {
 		return "nil"
@@ -3018,6 +3760,19 @@ func (this *NetworkPolicySpec) String() string {
 	}, "")
 	return s
 }
+func (this *ParentReference) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ParentReference{`,
+		`Group:` + fmt.Sprintf("%v", this.Group) + `,`,
+		`Resource:` + fmt.Sprintf("%v", this.Resource) + `,`,
+		`Namespace:` + fmt.Sprintf("%v", this.Namespace) + `,`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *ServiceBackendPort) String() string {
 	if this == nil {
 		return "nil"
@@ -3029,6 +3784,59 @@ func (this *ServiceBackendPort) String() string {
 	}, "")
 	return s
 }
+func (this *ServiceCIDR) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ServiceCIDR{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "ServiceCIDRSpec", "ServiceCIDRSpec", 1), `&`, ``, 1) + `,`,
+		`Status:` + strings.Replace(strings.Replace(this.Status.String(), "ServiceCIDRStatus", "ServiceCIDRStatus", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ServiceCIDRList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForItems := "[]ServiceCIDR{"
+	for _, f := range this.Items {
+		repeatedStringForItems += strings.Replace(strings.Replace(f.String(), "ServiceCIDR", "ServiceCIDR", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForItems += "}"
+	s := strings.Join([]string{`&ServiceCIDRList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + repeatedStringForItems + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ServiceCIDRSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ServiceCIDRSpec{`,
+		`CIDRs:` + fmt.Sprintf("%v", this.CIDRs) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ServiceCIDRStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForConditions := "[]Condition{"
+	for _, f := range this.Conditions {
+		repeatedStringForConditions += fmt.Sprintf("%v", f) + ","
+	}
+	repeatedStringForConditions += "}"
+	s := strings.Join([]string{`&ServiceCIDRStatus{`,
+		`Conditions:` + repeatedStringForConditions + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func valueToStringGenerated(v interface{}) string {
 	rv := reflect.ValueOf(v)
 	if rv.IsNil() {
@@ -3269,7 +4077,7 @@ func (m *HTTPIngressRuleValue) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IPBlock) Unmarshal(dAtA []byte) error {
+func (m *IPAddress) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -3292,17 +4100,17 @@ func (m *IPBlock) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IPBlock: wiretype end group for non-group")
+			return fmt.Errorf("proto: IPAddress: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IPBlock: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IPAddress: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field CIDR", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -3312,29 +4120,30 @@ func (m *IPBlock) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.CIDR = string(dAtA[iNdEx:postIndex])
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Except", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -3344,23 +4153,24 @@ func (m *IPBlock) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Except = append(m.Except, string(dAtA[iNdEx:postIndex]))
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -3383,7 +4193,7 @@ func (m *IPBlock) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *Ingress) Unmarshal(dAtA []byte) error {
+func (m *IPAddressList) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -3406,15 +4216,15 @@ func (m *Ingress) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: Ingress: wiretype end group for non-group")
+			return fmt.Errorf("proto: IPAddressList: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: Ingress: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IPAddressList: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -3441,46 +4251,13 @@ func (m *Ingress) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 3:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -3507,7 +4284,8 @@ func (m *Ingress) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Items = append(m.Items, IPAddress{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -3532,7 +4310,7 @@ func (m *Ingress) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressBackend) Unmarshal(dAtA []byte) error {
+func (m *IPAddressSpec) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -3555,51 +4333,15 @@ func (m *IngressBackend) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressBackend: wiretype end group for non-group")
+			return fmt.Errorf("proto: IPAddressSpec: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressBackend: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IPAddressSpec: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
-		case 3:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Resource", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			if m.Resource == nil {
-				m.Resource = &v11.TypedLocalObjectReference{}
-			}
-			if err := m.Resource.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 4:
+		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Service", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ParentRef", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -3626,10 +4368,10 @@ func (m *IngressBackend) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.Service == nil {
-				m.Service = &IngressServiceBackend{}
+			if m.ParentRef == nil {
+				m.ParentRef = &ParentReference{}
 			}
-			if err := m.Service.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.ParentRef.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -3654,7 +4396,7 @@ func (m *IngressBackend) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressClass) Unmarshal(dAtA []byte) error {
+func (m *IPBlock) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -3677,17 +4419,17 @@ func (m *IngressClass) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressClass: wiretype end group for non-group")
+			return fmt.Errorf("proto: IPBlock: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressClass: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IPBlock: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field CIDR", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -3697,30 +4439,29 @@ func (m *IngressClass) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.CIDR = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Except", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -3730,24 +4471,23 @@ func (m *IngressClass) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Except = append(m.Except, string(dAtA[iNdEx:postIndex]))
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -3770,7 +4510,7 @@ func (m *IngressClass) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressClassList) Unmarshal(dAtA []byte) error {
+func (m *Ingress) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -3793,15 +4533,15 @@ func (m *IngressClassList) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressClassList: wiretype end group for non-group")
+			return fmt.Errorf("proto: Ingress: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressClassList: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: Ingress: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -3828,13 +4568,13 @@ func (m *IngressClassList) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -3861,8 +4601,40 @@ func (m *IngressClassList) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Items = append(m.Items, IngressClass{})
-			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -3887,7 +4659,7 @@ func (m *IngressClassList) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressClassParametersReference) Unmarshal(dAtA []byte) error {
+func (m *IngressBackend) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -3910,50 +4682,17 @@ func (m *IngressClassParametersReference) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressClassParametersReference: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressBackend: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressClassParametersReference: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressBackend: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
-		case 1:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field APIGroup", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			s := string(dAtA[iNdEx:postIndex])
-			m.APIGroup = &s
-			iNdEx = postIndex
-		case 2:
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Kind", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Resource", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -3963,61 +4702,33 @@ func (m *IngressClassParametersReference) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Kind = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 3:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
+			if m.Resource == nil {
+				m.Resource = &v11.TypedLocalObjectReference{}
 			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
+			if err := m.Resource.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-			m.Name = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Scope", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Service", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -4027,57 +4738,27 @@ func (m *IngressClassParametersReference) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			s := string(dAtA[iNdEx:postIndex])
-			m.Scope = &s
-			iNdEx = postIndex
-		case 5:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Namespace", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
+			if m.Service == nil {
+				m.Service = &IngressServiceBackend{}
 			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
+			if err := m.Service.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-			s := string(dAtA[iNdEx:postIndex])
-			m.Namespace = &s
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -4100,7 +4781,7 @@ func (m *IngressClassParametersReference) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressClassSpec) Unmarshal(dAtA []byte) error {
+func (m *IngressClass) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4123,17 +4804,17 @@ func (m *IngressClassSpec) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressClassSpec: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressClass: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressClassSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressClass: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Controller", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -4143,27 +4824,28 @@ func (m *IngressClassSpec) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Controller = string(dAtA[iNdEx:postIndex])
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Parameters", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4190,10 +4872,7 @@ func (m *IngressClassSpec) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.Parameters == nil {
-				m.Parameters = &IngressClassParametersReference{}
-			}
-			if err := m.Parameters.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -4218,7 +4897,7 @@ func (m *IngressClassSpec) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressList) Unmarshal(dAtA []byte) error {
+func (m *IngressClassList) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4241,10 +4920,10 @@ func (m *IngressList) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressList: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressClassList: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressList: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressClassList: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
@@ -4309,7 +4988,7 @@ func (m *IngressList) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Items = append(m.Items, Ingress{})
+			m.Items = append(m.Items, IngressClass{})
 			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
@@ -4335,7 +5014,7 @@ func (m *IngressList) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressLoadBalancerIngress) Unmarshal(dAtA []byte) error {
+func (m *IngressClassParametersReference) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4358,15 +5037,15 @@ func (m *IngressLoadBalancerIngress) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressLoadBalancerIngress: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressClassParametersReference: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressLoadBalancerIngress: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressClassParametersReference: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field IP", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field APIGroup", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -4394,11 +5073,12 @@ func (m *IngressLoadBalancerIngress) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.IP = string(dAtA[iNdEx:postIndex])
+			s := string(dAtA[iNdEx:postIndex])
+			m.APIGroup = &s
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Hostname", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Kind", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -4426,13 +5106,45 @@ func (m *IngressLoadBalancerIngress) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Hostname = string(dAtA[iNdEx:postIndex])
+			m.Kind = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Ports", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Scope", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -4442,25 +5154,57 @@ func (m *IngressLoadBalancerIngress) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Ports = append(m.Ports, IngressPortStatus{})
-			if err := m.Ports[len(m.Ports)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
+			s := string(dAtA[iNdEx:postIndex])
+			m.Scope = &s
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Namespace", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
 			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.Namespace = &s
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -4483,7 +5227,7 @@ func (m *IngressLoadBalancerIngress) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressLoadBalancerStatus) Unmarshal(dAtA []byte) error {
+func (m *IngressClassSpec) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4506,15 +5250,47 @@ func (m *IngressLoadBalancerStatus) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressLoadBalancerStatus: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressClassSpec: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressLoadBalancerStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressClassSpec: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Ingress", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Controller", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Controller = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Parameters", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4541,8 +5317,10 @@ func (m *IngressLoadBalancerStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Ingress = append(m.Ingress, IngressLoadBalancerIngress{})
-			if err := m.Ingress[len(m.Ingress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.Parameters == nil {
+				m.Parameters = &IngressClassParametersReference{}
+			}
+			if err := m.Parameters.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -4567,7 +5345,7 @@ func (m *IngressLoadBalancerStatus) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressPortStatus) Unmarshal(dAtA []byte) error {
+func (m *IngressList) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4590,36 +5368,17 @@ func (m *IngressPortStatus) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressPortStatus: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressList: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressPortStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressList: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType)
-			}
-			m.Port = 0
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				m.Port |= int32(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Protocol", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -4629,29 +5388,30 @@ func (m *IngressPortStatus) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Protocol = k8s_io_api_core_v1.Protocol(dAtA[iNdEx:postIndex])
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
-		case 3:
+		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Error", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -4661,24 +5421,25 @@ func (m *IngressPortStatus) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			s := string(dAtA[iNdEx:postIndex])
-			m.Error = &s
+			m.Items = append(m.Items, Ingress{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -4701,7 +5462,7 @@ func (m *IngressPortStatus) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressRule) Unmarshal(dAtA []byte) error {
+func (m *IngressLoadBalancerIngress) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4724,15 +5485,15 @@ func (m *IngressRule) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressRule: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressLoadBalancerIngress: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressRule: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressLoadBalancerIngress: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Host", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field IP", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -4760,11 +5521,43 @@ func (m *IngressRule) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Host = string(dAtA[iNdEx:postIndex])
+			m.IP = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field IngressRuleValue", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Hostname", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Hostname = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Ports", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4791,7 +5584,8 @@ func (m *IngressRule) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.IngressRuleValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Ports = append(m.Ports, IngressPortStatus{})
+			if err := m.Ports[len(m.Ports)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -4816,7 +5610,7 @@ func (m *IngressRule) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressRuleValue) Unmarshal(dAtA []byte) error {
+func (m *IngressLoadBalancerStatus) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4839,15 +5633,15 @@ func (m *IngressRuleValue) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressRuleValue: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressLoadBalancerStatus: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressRuleValue: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressLoadBalancerStatus: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field HTTP", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Ingress", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4874,10 +5668,8 @@ func (m *IngressRuleValue) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.HTTP == nil {
-				m.HTTP = &HTTPIngressRuleValue{}
-			}
-			if err := m.HTTP.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Ingress = append(m.Ingress, IngressLoadBalancerIngress{})
+			if err := m.Ingress[len(m.Ingress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -4902,7 +5694,7 @@ func (m *IngressRuleValue) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressServiceBackend) Unmarshal(dAtA []byte) error {
+func (m *IngressPortStatus) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4925,15 +5717,34 @@ func (m *IngressServiceBackend) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressServiceBackend: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressPortStatus: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressServiceBackend: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressPortStatus: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType)
+			}
+			m.Port = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Port |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Protocol", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -4961,13 +5772,13 @@ func (m *IngressServiceBackend) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Name = string(dAtA[iNdEx:postIndex])
+			m.Protocol = k8s_io_api_core_v1.Protocol(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
-		case 2:
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Error", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -4977,24 +5788,24 @@ func (m *IngressServiceBackend) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Port.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.Error = &s
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -5017,7 +5828,7 @@ func (m *IngressServiceBackend) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressSpec) Unmarshal(dAtA []byte) error {
+func (m *IngressRule) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5040,17 +5851,17 @@ func (m *IngressSpec) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressSpec: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressRule: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressRule: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DefaultBackend", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Host", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5060,65 +5871,27 @@ func (m *IngressSpec) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.DefaultBackend == nil {
-				m.DefaultBackend = &IngressBackend{}
-			}
-			if err := m.DefaultBackend.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Host = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field TLS", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.TLS = append(m.TLS, IngressTLS{})
-			if err := m.TLS[len(m.TLS)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 3:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Rules", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field IngressRuleValue", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5145,44 +5918,10 @@ func (m *IngressSpec) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Rules = append(m.Rules, IngressRule{})
-			if err := m.Rules[len(m.Rules)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.IngressRuleValue.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 4:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field IngressClassName", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			s := string(dAtA[iNdEx:postIndex])
-			m.IngressClassName = &s
-			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -5204,7 +5943,7 @@ func (m *IngressSpec) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressStatus) Unmarshal(dAtA []byte) error {
+func (m *IngressRuleValue) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5227,15 +5966,15 @@ func (m *IngressStatus) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressStatus: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressRuleValue: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressRuleValue: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field LoadBalancer", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field HTTP", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5262,7 +6001,10 @@ func (m *IngressStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.LoadBalancer.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.HTTP == nil {
+				m.HTTP = &HTTPIngressRuleValue{}
+			}
+			if err := m.HTTP.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5287,7 +6029,7 @@ func (m *IngressStatus) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *IngressTLS) Unmarshal(dAtA []byte) error {
+func (m *IngressServiceBackend) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5310,15 +6052,15 @@ func (m *IngressTLS) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: IngressTLS: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressServiceBackend: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: IngressTLS: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressServiceBackend: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Hosts", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -5346,13 +6088,13 @@ func (m *IngressTLS) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Hosts = append(m.Hosts, string(dAtA[iNdEx:postIndex]))
+			m.Name = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field SecretName", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5362,23 +6104,24 @@ func (m *IngressTLS) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.SecretName = string(dAtA[iNdEx:postIndex])
+			if err := m.Port.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -5401,7 +6144,7 @@ func (m *IngressTLS) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *NetworkPolicy) Unmarshal(dAtA []byte) error {
+func (m *IngressSpec) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5424,15 +6167,15 @@ func (m *NetworkPolicy) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: NetworkPolicy: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressSpec: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: NetworkPolicy: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressSpec: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field DefaultBackend", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5459,13 +6202,16 @@ func (m *NetworkPolicy) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.DefaultBackend == nil {
+				m.DefaultBackend = &IngressBackend{}
+			}
+			if err := m.DefaultBackend.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field TLS", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5492,63 +6238,14 @@ func (m *NetworkPolicy) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.TLS = append(m.TLS, IngressTLS{})
+			if err := m.TLS[len(m.TLS)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		default:
-			iNdEx = preIndex
-			skippy, err := skipGenerated(dAtA[iNdEx:])
-			if err != nil {
-				return err
-			}
-			if (skippy < 0) || (iNdEx+skippy) < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if (iNdEx + skippy) > l {
-				return io.ErrUnexpectedEOF
-			}
-			iNdEx += skippy
-		}
-	}
-
-	if iNdEx > l {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-func (m *NetworkPolicyEgressRule) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
-	for iNdEx < l {
-		preIndex := iNdEx
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return ErrIntOverflowGenerated
-			}
-			if iNdEx >= l {
-				return io.ErrUnexpectedEOF
-			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= uint64(b&0x7F) << shift
-			if b < 0x80 {
-				break
-			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: NetworkPolicyEgressRule: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: NetworkPolicyEgressRule: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Ports", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Rules", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5575,16 +6272,99 @@ func (m *NetworkPolicyEgressRule) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Ports = append(m.Ports, NetworkPolicyPort{})
-			if err := m.Ports[len(m.Ports)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Rules = append(m.Rules, IngressRule{})
+			if err := m.Rules[len(m.Rules)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 2:
+		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field To", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field IngressClassName", wireType)
 			}
-			var msglen int
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.IngressClassName = &s
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *IngressStatus) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: IngressStatus: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: IngressStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field LoadBalancer", wireType)
+			}
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5609,8 +6389,7 @@ func (m *NetworkPolicyEgressRule) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.To = append(m.To, NetworkPolicyPeer{})
-			if err := m.To[len(m.To)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.LoadBalancer.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5635,7 +6414,7 @@ func (m *NetworkPolicyEgressRule) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *NetworkPolicyIngressRule) Unmarshal(dAtA []byte) error {
+func (m *IngressTLS) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5658,15 +6437,129 @@ func (m *NetworkPolicyIngressRule) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: NetworkPolicyIngressRule: wiretype end group for non-group")
+			return fmt.Errorf("proto: IngressTLS: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: NetworkPolicyIngressRule: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: IngressTLS: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Ports", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Hosts", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Hosts = append(m.Hosts, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field SecretName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.SecretName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *NetworkPolicy) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: NetworkPolicy: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: NetworkPolicy: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5693,14 +6586,13 @@ func (m *NetworkPolicyIngressRule) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Ports = append(m.Ports, NetworkPolicyPort{})
-			if err := m.Ports[len(m.Ports)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field From", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5727,10 +6619,1020 @@ func (m *NetworkPolicyIngressRule) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.From = append(m.From, NetworkPolicyPeer{})
-			if err := m.From[len(m.From)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
 				return err
 			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *NetworkPolicyEgressRule) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: NetworkPolicyEgressRule: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: NetworkPolicyEgressRule: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Ports", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Ports = append(m.Ports, NetworkPolicyPort{})
+			if err := m.Ports[len(m.Ports)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field To", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.To = append(m.To, NetworkPolicyPeer{})
+			if err := m.To[len(m.To)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *NetworkPolicyIngressRule) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: NetworkPolicyIngressRule: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: NetworkPolicyIngressRule: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Ports", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Ports = append(m.Ports, NetworkPolicyPort{})
+			if err := m.Ports[len(m.Ports)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field From", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.From = append(m.From, NetworkPolicyPeer{})
+			if err := m.From[len(m.From)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *NetworkPolicyList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: NetworkPolicyList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: NetworkPolicyList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, NetworkPolicy{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *NetworkPolicyPeer) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: NetworkPolicyPeer: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: NetworkPolicyPeer: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PodSelector", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.PodSelector == nil {
+				m.PodSelector = &v1.LabelSelector{}
+			}
+			if err := m.PodSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NamespaceSelector", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.NamespaceSelector == nil {
+				m.NamespaceSelector = &v1.LabelSelector{}
+			}
+			if err := m.NamespaceSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field IPBlock", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.IPBlock == nil {
+				m.IPBlock = &IPBlock{}
+			}
+			if err := m.IPBlock.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *NetworkPolicyPort) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: NetworkPolicyPort: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: NetworkPolicyPort: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Protocol", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := k8s_io_api_core_v1.Protocol(dAtA[iNdEx:postIndex])
+			m.Protocol = &s
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Port == nil {
+				m.Port = &intstr.IntOrString{}
+			}
+			if err := m.Port.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field EndPort", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.EndPort = &v
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *NetworkPolicySpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: NetworkPolicySpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: NetworkPolicySpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PodSelector", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.PodSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Ingress", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Ingress = append(m.Ingress, NetworkPolicyIngressRule{})
+			if err := m.Ingress[len(m.Ingress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Egress", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Egress = append(m.Egress, NetworkPolicyEgressRule{})
+			if err := m.Egress[len(m.Egress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PolicyTypes", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.PolicyTypes = append(m.PolicyTypes, PolicyType(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ParentReference) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ParentReference: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ParentReference: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Group", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Group = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Resource", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Resource = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Namespace", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Namespace = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -5753,7 +7655,7 @@ func (m *NetworkPolicyIngressRule) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *NetworkPolicyList) Unmarshal(dAtA []byte) error {
+func (m *ServiceBackendPort) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5776,17 +7678,17 @@ func (m *NetworkPolicyList) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: NetworkPolicyList: wiretype end group for non-group")
+			return fmt.Errorf("proto: ServiceBackendPort: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: NetworkPolicyList: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: ServiceBackendPort: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5796,30 +7698,29 @@ func (m *NetworkPolicyList) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Name = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Number", wireType)
 			}
-			var msglen int
+			m.Number = 0
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5829,26 +7730,11 @@ func (m *NetworkPolicyList) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				m.Number |= int32(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.Items = append(m.Items, NetworkPolicy{})
-			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -5870,7 +7756,7 @@ func (m *NetworkPolicyList) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *NetworkPolicyPeer) Unmarshal(dAtA []byte) error {
+func (m *ServiceCIDR) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5893,15 +7779,15 @@ func (m *NetworkPolicyPeer) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: NetworkPolicyPeer: wiretype end group for non-group")
+			return fmt.Errorf("proto: ServiceCIDR: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: NetworkPolicyPeer: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: ServiceCIDR: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field PodSelector", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5928,16 +7814,13 @@ func (m *NetworkPolicyPeer) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.PodSelector == nil {
-				m.PodSelector = &v1.LabelSelector{}
-			}
-			if err := m.PodSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field NamespaceSelector", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5964,16 +7847,13 @@ func (m *NetworkPolicyPeer) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.NamespaceSelector == nil {
-				m.NamespaceSelector = &v1.LabelSelector{}
-			}
-			if err := m.NamespaceSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field IPBlock", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -6000,10 +7880,7 @@ func (m *NetworkPolicyPeer) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.IPBlock == nil {
-				m.IPBlock = &IPBlock{}
-			}
-			if err := m.IPBlock.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -6028,7 +7905,7 @@ func (m *NetworkPolicyPeer) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *NetworkPolicyPort) Unmarshal(dAtA []byte) error {
+func (m *ServiceCIDRList) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -6051,17 +7928,17 @@ func (m *NetworkPolicyPort) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: NetworkPolicyPort: wiretype end group for non-group")
+			return fmt.Errorf("proto: ServiceCIDRList: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: NetworkPolicyPort: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: ServiceCIDRList: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Protocol", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -6071,28 +7948,28 @@ func (m *NetworkPolicyPort) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			s := k8s_io_api_core_v1.Protocol(dAtA[iNdEx:postIndex])
-			m.Protocol = &s
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Port", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -6119,33 +7996,11 @@ func (m *NetworkPolicyPort) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.Port == nil {
-				m.Port = &intstr.IntOrString{}
-			}
-			if err := m.Port.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Items = append(m.Items, ServiceCIDR{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 3:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field EndPort", wireType)
-			}
-			var v int32
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				v |= int32(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			m.EndPort = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -6167,7 +8022,7 @@ func (m *NetworkPolicyPort) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *NetworkPolicySpec) Unmarshal(dAtA []byte) error {
+func (m *ServiceCIDRSpec) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -6190,116 +8045,15 @@ func (m *NetworkPolicySpec) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: NetworkPolicySpec: wiretype end group for non-group")
+			return fmt.Errorf("proto: ServiceCIDRSpec: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: NetworkPolicySpec: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: ServiceCIDRSpec: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field PodSelector", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			if err := m.PodSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 2:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Ingress", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.Ingress = append(m.Ingress, NetworkPolicyIngressRule{})
-			if err := m.Ingress[len(m.Ingress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 3:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Egress", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.Egress = append(m.Egress, NetworkPolicyEgressRule{})
-			if err := m.Egress[len(m.Egress)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 4:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field PolicyTypes", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field CIDRs", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6327,7 +8081,7 @@ func (m *NetworkPolicySpec) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.PolicyTypes = append(m.PolicyTypes, PolicyType(dAtA[iNdEx:postIndex]))
+			m.CIDRs = append(m.CIDRs, string(dAtA[iNdEx:postIndex]))
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -6350,7 +8104,7 @@ func (m *NetworkPolicySpec) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *ServiceBackendPort) Unmarshal(dAtA []byte) error {
+func (m *ServiceCIDRStatus) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -6373,17 +8127,17 @@ func (m *ServiceBackendPort) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: ServiceBackendPort: wiretype end group for non-group")
+			return fmt.Errorf("proto: ServiceCIDRStatus: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: ServiceBackendPort: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: ServiceCIDRStatus: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Conditions", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -6393,43 +8147,26 @@ func (m *ServiceBackendPort) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Name = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 2:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Number", wireType)
-			}
-			m.Number = 0
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				m.Number |= int32(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
+			m.Conditions = append(m.Conditions, v1.Condition{})
+			if err := m.Conditions[len(m.Conditions)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/networking/v1/generated.proto b/vendor/k8s.io/api/networking/v1/generated.proto
index c72fdc8f37..e3e3e9215e 100644
--- a/vendor/k8s.io/api/networking/v1/generated.proto
+++ b/vendor/k8s.io/api/networking/v1/generated.proto
@@ -72,6 +72,44 @@ message HTTPIngressRuleValue {
   repeated HTTPIngressPath paths = 1;
 }
 
+// IPAddress represents a single IP of a single IP Family. The object is designed to be used by APIs
+// that operate on IP addresses. The object is used by the Service core API for allocation of IP addresses.
+// An IP address can be represented in different formats, to guarantee the uniqueness of the IP,
+// the name of the object is the IP address in canonical format, four decimal digits separated
+// by dots suppressing leading zeros for IPv4 and the representation defined by RFC 5952 for IPv6.
+// Valid: 192.168.1.5 or 2001:db8::1 or 2001:db8:aaaa:bbbb:cccc:dddd:eeee:1
+// Invalid: 10.01.2.3 or 2001:db8:0:0:0::1
+message IPAddress {
+  // Standard object's metadata.
+  // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // spec is the desired state of the IPAddress.
+  // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+  // +optional
+  optional IPAddressSpec spec = 2;
+}
+
+// IPAddressList contains a list of IPAddress.
+message IPAddressList {
+  // Standard object's metadata.
+  // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // items is the list of IPAddresses.
+  repeated IPAddress items = 2;
+}
+
+// IPAddressSpec describe the attributes in an IP Address.
+message IPAddressSpec {
+  // ParentRef references the resource that an IPAddress is attached to.
+  // An IPAddress must reference a parent object.
+  // +required
+  optional ParentReference parentRef = 1;
+}
+
 // IPBlock describes a particular CIDR (Ex. "192.168.1.0/24","2001:db8::/64") that is allowed
 // to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs
 // that should not be included within this rule.
@@ -540,6 +578,25 @@ message NetworkPolicySpec {
   repeated string policyTypes = 4;
 }
 
+// ParentReference describes a reference to a parent object.
+message ParentReference {
+  // Group is the group of the object being referenced.
+  // +optional
+  optional string group = 1;
+
+  // Resource is the resource of the object being referenced.
+  // +required
+  optional string resource = 2;
+
+  // Namespace is the namespace of the object being referenced.
+  // +optional
+  optional string namespace = 3;
+
+  // Name is the name of the object being referenced.
+  // +required
+  optional string name = 4;
+}
+
 // ServiceBackendPort is the service port being referenced.
 // +structType=atomic
 message ServiceBackendPort {
@@ -554,3 +611,55 @@ message ServiceBackendPort {
   optional int32 number = 2;
 }
 
+// ServiceCIDR defines a range of IP addresses using CIDR format (e.g. 192.168.0.0/24 or 2001:db2::/64).
+// This range is used to allocate ClusterIPs to Service objects.
+message ServiceCIDR {
+  // Standard object's metadata.
+  // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // spec is the desired state of the ServiceCIDR.
+  // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+  // +optional
+  optional ServiceCIDRSpec spec = 2;
+
+  // status represents the current state of the ServiceCIDR.
+  // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+  // +optional
+  optional ServiceCIDRStatus status = 3;
+}
+
+// ServiceCIDRList contains a list of ServiceCIDR objects.
+message ServiceCIDRList {
+  // Standard object's metadata.
+  // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // items is the list of ServiceCIDRs.
+  repeated ServiceCIDR items = 2;
+}
+
+// ServiceCIDRSpec define the CIDRs the user wants to use for allocating ClusterIPs for Services.
+message ServiceCIDRSpec {
+  // CIDRs defines the IP blocks in CIDR notation (e.g. "192.168.0.0/24" or "2001:db8::/64")
+  // from which to assign service cluster IPs. Max of two CIDRs is allowed, one of each IP family.
+  // This field is immutable.
+  // +optional
+  // +listType=atomic
+  repeated string cidrs = 1;
+}
+
+// ServiceCIDRStatus describes the current state of the ServiceCIDR.
+message ServiceCIDRStatus {
+  // conditions holds an array of metav1.Condition that describe the state of the ServiceCIDR.
+  // Current service state
+  // +optional
+  // +patchMergeKey=type
+  // +patchStrategy=merge
+  // +listType=map
+  // +listMapKey=type
+  repeated .k8s.io.apimachinery.pkg.apis.meta.v1.Condition conditions = 1;
+}
+
diff --git a/vendor/k8s.io/api/networking/v1/register.go b/vendor/k8s.io/api/networking/v1/register.go
index a200d54370..b9bdcb78c9 100644
--- a/vendor/k8s.io/api/networking/v1/register.go
+++ b/vendor/k8s.io/api/networking/v1/register.go
@@ -50,6 +50,10 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 		&IngressClassList{},
 		&NetworkPolicy{},
 		&NetworkPolicyList{},
+		&IPAddress{},
+		&IPAddressList{},
+		&ServiceCIDR{},
+		&ServiceCIDRList{},
 	)
 
 	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
diff --git a/vendor/k8s.io/api/networking/v1/types.go b/vendor/k8s.io/api/networking/v1/types.go
index d75e27558d..216647ceeb 100644
--- a/vendor/k8s.io/api/networking/v1/types.go
+++ b/vendor/k8s.io/api/networking/v1/types.go
@@ -635,3 +635,133 @@ type IngressClassList struct {
 	// items is the list of IngressClasses.
 	Items []IngressClass `json:"items" protobuf:"bytes,2,rep,name=items"`
 }
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// IPAddress represents a single IP of a single IP Family. The object is designed to be used by APIs
+// that operate on IP addresses. The object is used by the Service core API for allocation of IP addresses.
+// An IP address can be represented in different formats, to guarantee the uniqueness of the IP,
+// the name of the object is the IP address in canonical format, four decimal digits separated
+// by dots suppressing leading zeros for IPv4 and the representation defined by RFC 5952 for IPv6.
+// Valid: 192.168.1.5 or 2001:db8::1 or 2001:db8:aaaa:bbbb:cccc:dddd:eeee:1
+// Invalid: 10.01.2.3 or 2001:db8:0:0:0::1
+type IPAddress struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard object's metadata.
+	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+	// spec is the desired state of the IPAddress.
+	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+	// +optional
+	Spec IPAddressSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+}
+
+// IPAddressSpec describe the attributes in an IP Address.
+type IPAddressSpec struct {
+	// ParentRef references the resource that an IPAddress is attached to.
+	// An IPAddress must reference a parent object.
+	// +required
+	ParentRef *ParentReference `json:"parentRef,omitempty" protobuf:"bytes,1,opt,name=parentRef"`
+}
+
+// ParentReference describes a reference to a parent object.
+type ParentReference struct {
+	// Group is the group of the object being referenced.
+	// +optional
+	Group string `json:"group,omitempty" protobuf:"bytes,1,opt,name=group"`
+	// Resource is the resource of the object being referenced.
+	// +required
+	Resource string `json:"resource,omitempty" protobuf:"bytes,2,opt,name=resource"`
+	// Namespace is the namespace of the object being referenced.
+	// +optional
+	Namespace string `json:"namespace,omitempty" protobuf:"bytes,3,opt,name=namespace"`
+	// Name is the name of the object being referenced.
+	// +required
+	Name string `json:"name,omitempty" protobuf:"bytes,4,opt,name=name"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// IPAddressList contains a list of IPAddress.
+type IPAddressList struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard object's metadata.
+	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+	// items is the list of IPAddresses.
+	Items []IPAddress `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// ServiceCIDR defines a range of IP addresses using CIDR format (e.g. 192.168.0.0/24 or 2001:db2::/64).
+// This range is used to allocate ClusterIPs to Service objects.
+type ServiceCIDR struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard object's metadata.
+	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+	// spec is the desired state of the ServiceCIDR.
+	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+	// +optional
+	Spec ServiceCIDRSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
+	// status represents the current state of the ServiceCIDR.
+	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+	// +optional
+	Status ServiceCIDRStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
+}
+
+// ServiceCIDRSpec define the CIDRs the user wants to use for allocating ClusterIPs for Services.
+type ServiceCIDRSpec struct {
+	// CIDRs defines the IP blocks in CIDR notation (e.g. "192.168.0.0/24" or "2001:db8::/64")
+	// from which to assign service cluster IPs. Max of two CIDRs is allowed, one of each IP family.
+	// This field is immutable.
+	// +optional
+	// +listType=atomic
+	CIDRs []string `json:"cidrs,omitempty" protobuf:"bytes,1,opt,name=cidrs"`
+}
+
+const (
+	// ServiceCIDRConditionReady represents status of a ServiceCIDR that is ready to be used by the
+	// apiserver to allocate ClusterIPs for Services.
+	ServiceCIDRConditionReady = "Ready"
+	// ServiceCIDRReasonTerminating represents a reason where a ServiceCIDR is not ready because it is
+	// being deleted.
+	ServiceCIDRReasonTerminating = "Terminating"
+)
+
+// ServiceCIDRStatus describes the current state of the ServiceCIDR.
+type ServiceCIDRStatus struct {
+	// conditions holds an array of metav1.Condition that describe the state of the ServiceCIDR.
+	// Current service state
+	// +optional
+	// +patchMergeKey=type
+	// +patchStrategy=merge
+	// +listType=map
+	// +listMapKey=type
+	Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// ServiceCIDRList contains a list of ServiceCIDR objects.
+type ServiceCIDRList struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard object's metadata.
+	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+	// items is the list of ServiceCIDRs.
+	Items []ServiceCIDR `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
diff --git a/vendor/k8s.io/api/networking/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/networking/v1/types_swagger_doc_generated.go
index ff080540d3..0e294848ba 100644
--- a/vendor/k8s.io/api/networking/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/networking/v1/types_swagger_doc_generated.go
@@ -47,6 +47,35 @@ func (HTTPIngressRuleValue) SwaggerDoc() map[string]string {
 	return map_HTTPIngressRuleValue
 }
 
+var map_IPAddress = map[string]string{
+	"":         "IPAddress represents a single IP of a single IP Family. The object is designed to be used by APIs that operate on IP addresses. The object is used by the Service core API for allocation of IP addresses. An IP address can be represented in different formats, to guarantee the uniqueness of the IP, the name of the object is the IP address in canonical format, four decimal digits separated by dots suppressing leading zeros for IPv4 and the representation defined by RFC 5952 for IPv6. Valid: 192.168.1.5 or 2001:db8::1 or 2001:db8:aaaa:bbbb:cccc:dddd:eeee:1 Invalid: 10.01.2.3 or 2001:db8:0:0:0::1",
+	"metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
+	"spec":     "spec is the desired state of the IPAddress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
+}
+
+func (IPAddress) SwaggerDoc() map[string]string {
+	return map_IPAddress
+}
+
+var map_IPAddressList = map[string]string{
+	"":         "IPAddressList contains a list of IPAddress.",
+	"metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
+	"items":    "items is the list of IPAddresses.",
+}
+
+func (IPAddressList) SwaggerDoc() map[string]string {
+	return map_IPAddressList
+}
+
+var map_IPAddressSpec = map[string]string{
+	"":          "IPAddressSpec describe the attributes in an IP Address.",
+	"parentRef": "ParentRef references the resource that an IPAddress is attached to. An IPAddress must reference a parent object.",
+}
+
+func (IPAddressSpec) SwaggerDoc() map[string]string {
+	return map_IPAddressSpec
+}
+
 var map_IPBlock = map[string]string{
 	"":       "IPBlock describes a particular CIDR (Ex. \"192.168.1.0/24\",\"2001:db8::/64\") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.",
 	"cidr":   "cidr is a string representing the IPBlock Valid examples are \"192.168.1.0/24\" or \"2001:db8::/64\"",
@@ -294,6 +323,18 @@ func (NetworkPolicySpec) SwaggerDoc() map[string]string {
 	return map_NetworkPolicySpec
 }
 
+var map_ParentReference = map[string]string{
+	"":          "ParentReference describes a reference to a parent object.",
+	"group":     "Group is the group of the object being referenced.",
+	"resource":  "Resource is the resource of the object being referenced.",
+	"namespace": "Namespace is the namespace of the object being referenced.",
+	"name":      "Name is the name of the object being referenced.",
+}
+
+func (ParentReference) SwaggerDoc() map[string]string {
+	return map_ParentReference
+}
+
 var map_ServiceBackendPort = map[string]string{
 	"":       "ServiceBackendPort is the service port being referenced.",
 	"name":   "name is the name of the port on the Service. This is a mutually exclusive setting with \"Number\".",
@@ -304,4 +345,43 @@ func (ServiceBackendPort) SwaggerDoc() map[string]string {
 	return map_ServiceBackendPort
 }
 
+var map_ServiceCIDR = map[string]string{
+	"":         "ServiceCIDR defines a range of IP addresses using CIDR format (e.g. 192.168.0.0/24 or 2001:db2::/64). This range is used to allocate ClusterIPs to Service objects.",
+	"metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
+	"spec":     "spec is the desired state of the ServiceCIDR. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
+	"status":   "status represents the current state of the ServiceCIDR. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status",
+}
+
+func (ServiceCIDR) SwaggerDoc() map[string]string {
+	return map_ServiceCIDR
+}
+
+var map_ServiceCIDRList = map[string]string{
+	"":         "ServiceCIDRList contains a list of ServiceCIDR objects.",
+	"metadata": "Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata",
+	"items":    "items is the list of ServiceCIDRs.",
+}
+
+func (ServiceCIDRList) SwaggerDoc() map[string]string {
+	return map_ServiceCIDRList
+}
+
+var map_ServiceCIDRSpec = map[string]string{
+	"":      "ServiceCIDRSpec define the CIDRs the user wants to use for allocating ClusterIPs for Services.",
+	"cidrs": "CIDRs defines the IP blocks in CIDR notation (e.g. \"192.168.0.0/24\" or \"2001:db8::/64\") from which to assign service cluster IPs. Max of two CIDRs is allowed, one of each IP family. This field is immutable.",
+}
+
+func (ServiceCIDRSpec) SwaggerDoc() map[string]string {
+	return map_ServiceCIDRSpec
+}
+
+var map_ServiceCIDRStatus = map[string]string{
+	"":           "ServiceCIDRStatus describes the current state of the ServiceCIDR.",
+	"conditions": "conditions holds an array of metav1.Condition that describe the state of the ServiceCIDR. Current service state",
+}
+
+func (ServiceCIDRStatus) SwaggerDoc() map[string]string {
+	return map_ServiceCIDRStatus
+}
+
 // AUTO-GENERATED FUNCTIONS END HERE
diff --git a/vendor/k8s.io/api/networking/v1/well_known_labels.go b/vendor/k8s.io/api/networking/v1/well_known_labels.go
new file mode 100644
index 0000000000..28e2e8f3f6
--- /dev/null
+++ b/vendor/k8s.io/api/networking/v1/well_known_labels.go
@@ -0,0 +1,33 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1
+
+const (
+
+	// TODO: Use IPFamily as field with a field selector,And the value is set based on
+	// the name at create time and immutable.
+	// LabelIPAddressFamily is used to indicate the IP family of a Kubernetes IPAddress.
+	// This label simplify dual-stack client operations allowing to obtain the list of
+	// IP addresses filtered by family.
+	LabelIPAddressFamily = "ipaddress.kubernetes.io/ip-family"
+	// LabelManagedBy is used to indicate the controller or entity that manages
+	// an IPAddress. This label aims to enable different IPAddress
+	// objects to be managed by different controllers or entities within the
+	// same cluster. It is highly recommended to configure this label for all
+	// IPAddress objects.
+	LabelManagedBy = "ipaddress.kubernetes.io/managed-by"
+)
diff --git a/vendor/k8s.io/api/networking/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/networking/v1/zz_generated.deepcopy.go
index 540873833f..9ce6435a46 100644
--- a/vendor/k8s.io/api/networking/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/networking/v1/zz_generated.deepcopy.go
@@ -73,6 +73,87 @@ func (in *HTTPIngressRuleValue) DeepCopy() *HTTPIngressRuleValue {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IPAddress) DeepCopyInto(out *IPAddress) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPAddress.
+func (in *IPAddress) DeepCopy() *IPAddress {
+	if in == nil {
+		return nil
+	}
+	out := new(IPAddress)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *IPAddress) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IPAddressList) DeepCopyInto(out *IPAddressList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]IPAddress, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPAddressList.
+func (in *IPAddressList) DeepCopy() *IPAddressList {
+	if in == nil {
+		return nil
+	}
+	out := new(IPAddressList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *IPAddressList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IPAddressSpec) DeepCopyInto(out *IPAddressSpec) {
+	*out = *in
+	if in.ParentRef != nil {
+		in, out := &in.ParentRef, &out.ParentRef
+		*out = new(ParentReference)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPAddressSpec.
+func (in *IPAddressSpec) DeepCopy() *IPAddressSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(IPAddressSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *IPBlock) DeepCopyInto(out *IPBlock) {
 	*out = *in
@@ -711,6 +792,22 @@ func (in *NetworkPolicySpec) DeepCopy() *NetworkPolicySpec {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ParentReference) DeepCopyInto(out *ParentReference) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ParentReference.
+func (in *ParentReference) DeepCopy() *ParentReference {
+	if in == nil {
+		return nil
+	}
+	out := new(ParentReference)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ServiceBackendPort) DeepCopyInto(out *ServiceBackendPort) {
 	*out = *in
@@ -726,3 +823,108 @@ func (in *ServiceBackendPort) DeepCopy() *ServiceBackendPort {
 	in.DeepCopyInto(out)
 	return out
 }
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ServiceCIDR) DeepCopyInto(out *ServiceCIDR) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceCIDR.
+func (in *ServiceCIDR) DeepCopy() *ServiceCIDR {
+	if in == nil {
+		return nil
+	}
+	out := new(ServiceCIDR)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ServiceCIDR) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ServiceCIDRList) DeepCopyInto(out *ServiceCIDRList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]ServiceCIDR, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceCIDRList.
+func (in *ServiceCIDRList) DeepCopy() *ServiceCIDRList {
+	if in == nil {
+		return nil
+	}
+	out := new(ServiceCIDRList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ServiceCIDRList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ServiceCIDRSpec) DeepCopyInto(out *ServiceCIDRSpec) {
+	*out = *in
+	if in.CIDRs != nil {
+		in, out := &in.CIDRs, &out.CIDRs
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceCIDRSpec.
+func (in *ServiceCIDRSpec) DeepCopy() *ServiceCIDRSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(ServiceCIDRSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ServiceCIDRStatus) DeepCopyInto(out *ServiceCIDRStatus) {
+	*out = *in
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]metav1.Condition, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceCIDRStatus.
+func (in *ServiceCIDRStatus) DeepCopy() *ServiceCIDRStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(ServiceCIDRStatus)
+	in.DeepCopyInto(out)
+	return out
+}
diff --git a/vendor/k8s.io/api/networking/v1/zz_generated.prerelease-lifecycle.go b/vendor/k8s.io/api/networking/v1/zz_generated.prerelease-lifecycle.go
index 21e8c671a5..6894d8c539 100644
--- a/vendor/k8s.io/api/networking/v1/zz_generated.prerelease-lifecycle.go
+++ b/vendor/k8s.io/api/networking/v1/zz_generated.prerelease-lifecycle.go
@@ -21,6 +21,18 @@ limitations under the License.
 
 package v1
 
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *IPAddress) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *IPAddressList) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
 // APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
 // It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
 func (in *Ingress) APILifecycleIntroduced() (major, minor int) {
@@ -56,3 +68,15 @@ func (in *NetworkPolicy) APILifecycleIntroduced() (major, minor int) {
 func (in *NetworkPolicyList) APILifecycleIntroduced() (major, minor int) {
 	return 1, 19
 }
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *ServiceCIDR) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *ServiceCIDRList) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
diff --git a/vendor/k8s.io/api/networking/v1alpha1/doc.go b/vendor/k8s.io/api/networking/v1alpha1/doc.go
index 3827b0418f..55264ae707 100644
--- a/vendor/k8s.io/api/networking/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/networking/v1alpha1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=networking.k8s.io
 
-package v1alpha1 // import "k8s.io/api/networking/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/api/networking/v1beta1/doc.go b/vendor/k8s.io/api/networking/v1beta1/doc.go
index fa6d01cea0..c5a03e04e8 100644
--- a/vendor/k8s.io/api/networking/v1beta1/doc.go
+++ b/vendor/k8s.io/api/networking/v1beta1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=networking.k8s.io
 
-package v1beta1 // import "k8s.io/api/networking/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/node/v1/doc.go b/vendor/k8s.io/api/node/v1/doc.go
index 57ca52445b..3239af7039 100644
--- a/vendor/k8s.io/api/node/v1/doc.go
+++ b/vendor/k8s.io/api/node/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=node.k8s.io
 
-package v1 // import "k8s.io/api/node/v1"
+package v1
diff --git a/vendor/k8s.io/api/node/v1alpha1/doc.go b/vendor/k8s.io/api/node/v1alpha1/doc.go
index dfe99540b5..2f3d46ac20 100644
--- a/vendor/k8s.io/api/node/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/node/v1alpha1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 
 // +groupName=node.k8s.io
 
-package v1alpha1 // import "k8s.io/api/node/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/api/node/v1beta1/doc.go b/vendor/k8s.io/api/node/v1beta1/doc.go
index c76ba89c48..7b47c8df66 100644
--- a/vendor/k8s.io/api/node/v1beta1/doc.go
+++ b/vendor/k8s.io/api/node/v1beta1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=node.k8s.io
 
-package v1beta1 // import "k8s.io/api/node/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/policy/v1/doc.go b/vendor/k8s.io/api/policy/v1/doc.go
index c51e02685a..ff47e7fd49 100644
--- a/vendor/k8s.io/api/policy/v1/doc.go
+++ b/vendor/k8s.io/api/policy/v1/doc.go
@@ -22,4 +22,4 @@ limitations under the License.
 // Package policy is for any kind of policy object.  Suitable examples, even if
 // they aren't all here, are PodDisruptionBudget,
 // NetworkPolicy, etc.
-package v1 // import "k8s.io/api/policy/v1"
+package v1
diff --git a/vendor/k8s.io/api/policy/v1/generated.proto b/vendor/k8s.io/api/policy/v1/generated.proto
index 57128e8112..9534890723 100644
--- a/vendor/k8s.io/api/policy/v1/generated.proto
+++ b/vendor/k8s.io/api/policy/v1/generated.proto
@@ -115,9 +115,6 @@ message PodDisruptionBudgetSpec {
   // Additional policies may be added in the future.
   // Clients making eviction decisions should disallow eviction of unhealthy pods
   // if they encounter an unrecognized policy in this field.
-  //
-  // This field is beta-level. The eviction API uses this field when
-  // the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default).
   // +optional
   optional string unhealthyPodEvictionPolicy = 4;
 }
diff --git a/vendor/k8s.io/api/policy/v1/types.go b/vendor/k8s.io/api/policy/v1/types.go
index f05367ebe4..4e74367894 100644
--- a/vendor/k8s.io/api/policy/v1/types.go
+++ b/vendor/k8s.io/api/policy/v1/types.go
@@ -70,9 +70,6 @@ type PodDisruptionBudgetSpec struct {
 	// Additional policies may be added in the future.
 	// Clients making eviction decisions should disallow eviction of unhealthy pods
 	// if they encounter an unrecognized policy in this field.
-	//
-	// This field is beta-level. The eviction API uses this field when
-	// the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default).
 	// +optional
 	UnhealthyPodEvictionPolicy *UnhealthyPodEvictionPolicyType `json:"unhealthyPodEvictionPolicy,omitempty" protobuf:"bytes,4,opt,name=unhealthyPodEvictionPolicy"`
 }
diff --git a/vendor/k8s.io/api/policy/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/policy/v1/types_swagger_doc_generated.go
index 799b0794a9..9b2f5b9450 100644
--- a/vendor/k8s.io/api/policy/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/policy/v1/types_swagger_doc_generated.go
@@ -63,7 +63,7 @@ var map_PodDisruptionBudgetSpec = map[string]string{
 	"minAvailable":               "An eviction is allowed if at least \"minAvailable\" pods selected by \"selector\" will still be available after the eviction, i.e. even in the absence of the evicted pod.  So for example you can prevent all voluntary evictions by specifying \"100%\".",
 	"selector":                   "Label query over pods whose evictions are managed by the disruption budget. A null selector will match no pods, while an empty ({}) selector will select all pods within the namespace.",
 	"maxUnavailable":             "An eviction is allowed if at most \"maxUnavailable\" pods selected by \"selector\" are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with \"minAvailable\".",
-	"unhealthyPodEvictionPolicy": "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods should be considered for eviction. Current implementation considers healthy pods, as pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\nValid policies are IfHealthyBudget and AlwaysAllow. If no policy is specified, the default behavior will be used, which corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"), but not yet healthy can be evicted only if the guarded application is not disrupted (status.currentHealthy is at least equal to status.desiredHealthy). Healthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"), but not yet healthy are considered disrupted and can be evicted regardless of whether the criteria in a PDB is met. This means perspective running pods of a disrupted application might not get a chance to become healthy. Healthy pods will be subject to the PDB for eviction.\n\nAdditional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field.\n\nThis field is beta-level. The eviction API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default).",
+	"unhealthyPodEvictionPolicy": "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods should be considered for eviction. Current implementation considers healthy pods, as pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\nValid policies are IfHealthyBudget and AlwaysAllow. If no policy is specified, the default behavior will be used, which corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"), but not yet healthy can be evicted only if the guarded application is not disrupted (status.currentHealthy is at least equal to status.desiredHealthy). Healthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"), but not yet healthy are considered disrupted and can be evicted regardless of whether the criteria in a PDB is met. This means perspective running pods of a disrupted application might not get a chance to become healthy. Healthy pods will be subject to the PDB for eviction.\n\nAdditional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field.",
 }
 
 func (PodDisruptionBudgetSpec) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/policy/v1beta1/doc.go b/vendor/k8s.io/api/policy/v1beta1/doc.go
index 76da54b4c7..777106c600 100644
--- a/vendor/k8s.io/api/policy/v1beta1/doc.go
+++ b/vendor/k8s.io/api/policy/v1beta1/doc.go
@@ -22,4 +22,4 @@ limitations under the License.
 // Package policy is for any kind of policy object.  Suitable examples, even if
 // they aren't all here, are PodDisruptionBudget,
 // NetworkPolicy, etc.
-package v1beta1 // import "k8s.io/api/policy/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/policy/v1beta1/generated.proto b/vendor/k8s.io/api/policy/v1beta1/generated.proto
index 91e33f2332..e0cbe00f1c 100644
--- a/vendor/k8s.io/api/policy/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/policy/v1beta1/generated.proto
@@ -115,9 +115,6 @@ message PodDisruptionBudgetSpec {
   // Additional policies may be added in the future.
   // Clients making eviction decisions should disallow eviction of unhealthy pods
   // if they encounter an unrecognized policy in this field.
-  //
-  // This field is beta-level. The eviction API uses this field when
-  // the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default).
   // +optional
   optional string unhealthyPodEvictionPolicy = 4;
 }
diff --git a/vendor/k8s.io/api/policy/v1beta1/types.go b/vendor/k8s.io/api/policy/v1beta1/types.go
index bc5f970d27..9bba454f94 100644
--- a/vendor/k8s.io/api/policy/v1beta1/types.go
+++ b/vendor/k8s.io/api/policy/v1beta1/types.go
@@ -67,9 +67,6 @@ type PodDisruptionBudgetSpec struct {
 	// Additional policies may be added in the future.
 	// Clients making eviction decisions should disallow eviction of unhealthy pods
 	// if they encounter an unrecognized policy in this field.
-	//
-	// This field is beta-level. The eviction API uses this field when
-	// the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default).
 	// +optional
 	UnhealthyPodEvictionPolicy *UnhealthyPodEvictionPolicyType `json:"unhealthyPodEvictionPolicy,omitempty" protobuf:"bytes,4,opt,name=unhealthyPodEvictionPolicy"`
 }
diff --git a/vendor/k8s.io/api/policy/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/policy/v1beta1/types_swagger_doc_generated.go
index 4a79d75949..cffc9a548c 100644
--- a/vendor/k8s.io/api/policy/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/policy/v1beta1/types_swagger_doc_generated.go
@@ -63,7 +63,7 @@ var map_PodDisruptionBudgetSpec = map[string]string{
 	"minAvailable":               "An eviction is allowed if at least \"minAvailable\" pods selected by \"selector\" will still be available after the eviction, i.e. even in the absence of the evicted pod.  So for example you can prevent all voluntary evictions by specifying \"100%\".",
 	"selector":                   "Label query over pods whose evictions are managed by the disruption budget. A null selector selects no pods. An empty selector ({}) also selects no pods, which differs from standard behavior of selecting all pods. In policy/v1, an empty selector will select all pods in the namespace.",
 	"maxUnavailable":             "An eviction is allowed if at most \"maxUnavailable\" pods selected by \"selector\" are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with \"minAvailable\".",
-	"unhealthyPodEvictionPolicy": "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods should be considered for eviction. Current implementation considers healthy pods, as pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\nValid policies are IfHealthyBudget and AlwaysAllow. If no policy is specified, the default behavior will be used, which corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"), but not yet healthy can be evicted only if the guarded application is not disrupted (status.currentHealthy is at least equal to status.desiredHealthy). Healthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"), but not yet healthy are considered disrupted and can be evicted regardless of whether the criteria in a PDB is met. This means perspective running pods of a disrupted application might not get a chance to become healthy. Healthy pods will be subject to the PDB for eviction.\n\nAdditional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field.\n\nThis field is beta-level. The eviction API uses this field when the feature gate PDBUnhealthyPodEvictionPolicy is enabled (enabled by default).",
+	"unhealthyPodEvictionPolicy": "UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods should be considered for eviction. Current implementation considers healthy pods, as pods that have status.conditions item with type=\"Ready\",status=\"True\".\n\nValid policies are IfHealthyBudget and AlwaysAllow. If no policy is specified, the default behavior will be used, which corresponds to the IfHealthyBudget policy.\n\nIfHealthyBudget policy means that running pods (status.phase=\"Running\"), but not yet healthy can be evicted only if the guarded application is not disrupted (status.currentHealthy is at least equal to status.desiredHealthy). Healthy pods will be subject to the PDB for eviction.\n\nAlwaysAllow policy means that all running pods (status.phase=\"Running\"), but not yet healthy are considered disrupted and can be evicted regardless of whether the criteria in a PDB is met. This means perspective running pods of a disrupted application might not get a chance to become healthy. Healthy pods will be subject to the PDB for eviction.\n\nAdditional policies may be added in the future. Clients making eviction decisions should disallow eviction of unhealthy pods if they encounter an unrecognized policy in this field.",
 }
 
 func (PodDisruptionBudgetSpec) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/rbac/v1/doc.go b/vendor/k8s.io/api/rbac/v1/doc.go
index b0e4e5b5b5..408546274b 100644
--- a/vendor/k8s.io/api/rbac/v1/doc.go
+++ b/vendor/k8s.io/api/rbac/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=rbac.authorization.k8s.io
 
-package v1 // import "k8s.io/api/rbac/v1"
+package v1
diff --git a/vendor/k8s.io/api/rbac/v1alpha1/doc.go b/vendor/k8s.io/api/rbac/v1alpha1/doc.go
index 918b8a337c..70d3c0e971 100644
--- a/vendor/k8s.io/api/rbac/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/rbac/v1alpha1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 
 // +groupName=rbac.authorization.k8s.io
 
-package v1alpha1 // import "k8s.io/api/rbac/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/api/rbac/v1beta1/doc.go b/vendor/k8s.io/api/rbac/v1beta1/doc.go
index 156f273e69..504a58d8bf 100644
--- a/vendor/k8s.io/api/rbac/v1beta1/doc.go
+++ b/vendor/k8s.io/api/rbac/v1beta1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=rbac.authorization.k8s.io
 
-package v1beta1 // import "k8s.io/api/rbac/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/resource/v1alpha3/doc.go b/vendor/k8s.io/api/resource/v1alpha3/doc.go
index ffc21307d0..82e64f1d00 100644
--- a/vendor/k8s.io/api/resource/v1alpha3/doc.go
+++ b/vendor/k8s.io/api/resource/v1alpha3/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 // +groupName=resource.k8s.io
 
 // Package v1alpha3 is the v1alpha3 version of the resource API.
-package v1alpha3 // import "k8s.io/api/resource/v1alpha3"
+package v1alpha3
diff --git a/vendor/k8s.io/api/resource/v1alpha3/generated.pb.go b/vendor/k8s.io/api/resource/v1alpha3/generated.pb.go
index 540f7b8184..716492fea4 100644
--- a/vendor/k8s.io/api/resource/v1alpha3/generated.pb.go
+++ b/vendor/k8s.io/api/resource/v1alpha3/generated.pb.go
@@ -29,6 +29,7 @@ import (
 	v11 "k8s.io/api/core/v1"
 	resource "k8s.io/apimachinery/pkg/api/resource"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
 
 	math "math"
 	math_bits "math/bits"
@@ -161,10 +162,66 @@ func (m *CELDeviceSelector) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_CELDeviceSelector proto.InternalMessageInfo
 
+func (m *Counter) Reset()      { *m = Counter{} }
+func (*Counter) ProtoMessage() {}
+func (*Counter) Descriptor() ([]byte, []int) {
+	return fileDescriptor_66649ee9bbcd89d2, []int{4}
+}
+func (m *Counter) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *Counter) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *Counter) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_Counter.Merge(m, src)
+}
+func (m *Counter) XXX_Size() int {
+	return m.Size()
+}
+func (m *Counter) XXX_DiscardUnknown() {
+	xxx_messageInfo_Counter.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_Counter proto.InternalMessageInfo
+
+func (m *CounterSet) Reset()      { *m = CounterSet{} }
+func (*CounterSet) ProtoMessage() {}
+func (*CounterSet) Descriptor() ([]byte, []int) {
+	return fileDescriptor_66649ee9bbcd89d2, []int{5}
+}
+func (m *CounterSet) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *CounterSet) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *CounterSet) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_CounterSet.Merge(m, src)
+}
+func (m *CounterSet) XXX_Size() int {
+	return m.Size()
+}
+func (m *CounterSet) XXX_DiscardUnknown() {
+	xxx_messageInfo_CounterSet.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_CounterSet proto.InternalMessageInfo
+
 func (m *Device) Reset()      { *m = Device{} }
 func (*Device) ProtoMessage() {}
 func (*Device) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{4}
+	return fileDescriptor_66649ee9bbcd89d2, []int{6}
 }
 func (m *Device) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -192,7 +249,7 @@ var xxx_messageInfo_Device proto.InternalMessageInfo
 func (m *DeviceAllocationConfiguration) Reset()      { *m = DeviceAllocationConfiguration{} }
 func (*DeviceAllocationConfiguration) ProtoMessage() {}
 func (*DeviceAllocationConfiguration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{5}
+	return fileDescriptor_66649ee9bbcd89d2, []int{7}
 }
 func (m *DeviceAllocationConfiguration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -220,7 +277,7 @@ var xxx_messageInfo_DeviceAllocationConfiguration proto.InternalMessageInfo
 func (m *DeviceAllocationResult) Reset()      { *m = DeviceAllocationResult{} }
 func (*DeviceAllocationResult) ProtoMessage() {}
 func (*DeviceAllocationResult) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{6}
+	return fileDescriptor_66649ee9bbcd89d2, []int{8}
 }
 func (m *DeviceAllocationResult) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -248,7 +305,7 @@ var xxx_messageInfo_DeviceAllocationResult proto.InternalMessageInfo
 func (m *DeviceAttribute) Reset()      { *m = DeviceAttribute{} }
 func (*DeviceAttribute) ProtoMessage() {}
 func (*DeviceAttribute) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{7}
+	return fileDescriptor_66649ee9bbcd89d2, []int{9}
 }
 func (m *DeviceAttribute) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -276,7 +333,7 @@ var xxx_messageInfo_DeviceAttribute proto.InternalMessageInfo
 func (m *DeviceClaim) Reset()      { *m = DeviceClaim{} }
 func (*DeviceClaim) ProtoMessage() {}
 func (*DeviceClaim) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{8}
+	return fileDescriptor_66649ee9bbcd89d2, []int{10}
 }
 func (m *DeviceClaim) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -304,7 +361,7 @@ var xxx_messageInfo_DeviceClaim proto.InternalMessageInfo
 func (m *DeviceClaimConfiguration) Reset()      { *m = DeviceClaimConfiguration{} }
 func (*DeviceClaimConfiguration) ProtoMessage() {}
 func (*DeviceClaimConfiguration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{9}
+	return fileDescriptor_66649ee9bbcd89d2, []int{11}
 }
 func (m *DeviceClaimConfiguration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -332,7 +389,7 @@ var xxx_messageInfo_DeviceClaimConfiguration proto.InternalMessageInfo
 func (m *DeviceClass) Reset()      { *m = DeviceClass{} }
 func (*DeviceClass) ProtoMessage() {}
 func (*DeviceClass) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{10}
+	return fileDescriptor_66649ee9bbcd89d2, []int{12}
 }
 func (m *DeviceClass) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -360,7 +417,7 @@ var xxx_messageInfo_DeviceClass proto.InternalMessageInfo
 func (m *DeviceClassConfiguration) Reset()      { *m = DeviceClassConfiguration{} }
 func (*DeviceClassConfiguration) ProtoMessage() {}
 func (*DeviceClassConfiguration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{11}
+	return fileDescriptor_66649ee9bbcd89d2, []int{13}
 }
 func (m *DeviceClassConfiguration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -388,7 +445,7 @@ var xxx_messageInfo_DeviceClassConfiguration proto.InternalMessageInfo
 func (m *DeviceClassList) Reset()      { *m = DeviceClassList{} }
 func (*DeviceClassList) ProtoMessage() {}
 func (*DeviceClassList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{12}
+	return fileDescriptor_66649ee9bbcd89d2, []int{14}
 }
 func (m *DeviceClassList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -416,7 +473,7 @@ var xxx_messageInfo_DeviceClassList proto.InternalMessageInfo
 func (m *DeviceClassSpec) Reset()      { *m = DeviceClassSpec{} }
 func (*DeviceClassSpec) ProtoMessage() {}
 func (*DeviceClassSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{13}
+	return fileDescriptor_66649ee9bbcd89d2, []int{15}
 }
 func (m *DeviceClassSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -444,7 +501,7 @@ var xxx_messageInfo_DeviceClassSpec proto.InternalMessageInfo
 func (m *DeviceConfiguration) Reset()      { *m = DeviceConfiguration{} }
 func (*DeviceConfiguration) ProtoMessage() {}
 func (*DeviceConfiguration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{14}
+	return fileDescriptor_66649ee9bbcd89d2, []int{16}
 }
 func (m *DeviceConfiguration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -472,7 +529,7 @@ var xxx_messageInfo_DeviceConfiguration proto.InternalMessageInfo
 func (m *DeviceConstraint) Reset()      { *m = DeviceConstraint{} }
 func (*DeviceConstraint) ProtoMessage() {}
 func (*DeviceConstraint) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{15}
+	return fileDescriptor_66649ee9bbcd89d2, []int{17}
 }
 func (m *DeviceConstraint) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -497,10 +554,38 @@ func (m *DeviceConstraint) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_DeviceConstraint proto.InternalMessageInfo
 
+func (m *DeviceCounterConsumption) Reset()      { *m = DeviceCounterConsumption{} }
+func (*DeviceCounterConsumption) ProtoMessage() {}
+func (*DeviceCounterConsumption) Descriptor() ([]byte, []int) {
+	return fileDescriptor_66649ee9bbcd89d2, []int{18}
+}
+func (m *DeviceCounterConsumption) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceCounterConsumption) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceCounterConsumption) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceCounterConsumption.Merge(m, src)
+}
+func (m *DeviceCounterConsumption) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceCounterConsumption) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceCounterConsumption.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceCounterConsumption proto.InternalMessageInfo
+
 func (m *DeviceRequest) Reset()      { *m = DeviceRequest{} }
 func (*DeviceRequest) ProtoMessage() {}
 func (*DeviceRequest) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{16}
+	return fileDescriptor_66649ee9bbcd89d2, []int{19}
 }
 func (m *DeviceRequest) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -528,7 +613,7 @@ var xxx_messageInfo_DeviceRequest proto.InternalMessageInfo
 func (m *DeviceRequestAllocationResult) Reset()      { *m = DeviceRequestAllocationResult{} }
 func (*DeviceRequestAllocationResult) ProtoMessage() {}
 func (*DeviceRequestAllocationResult) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{17}
+	return fileDescriptor_66649ee9bbcd89d2, []int{20}
 }
 func (m *DeviceRequestAllocationResult) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -556,7 +641,7 @@ var xxx_messageInfo_DeviceRequestAllocationResult proto.InternalMessageInfo
 func (m *DeviceSelector) Reset()      { *m = DeviceSelector{} }
 func (*DeviceSelector) ProtoMessage() {}
 func (*DeviceSelector) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{18}
+	return fileDescriptor_66649ee9bbcd89d2, []int{21}
 }
 func (m *DeviceSelector) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -581,10 +666,206 @@ func (m *DeviceSelector) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_DeviceSelector proto.InternalMessageInfo
 
+func (m *DeviceSubRequest) Reset()      { *m = DeviceSubRequest{} }
+func (*DeviceSubRequest) ProtoMessage() {}
+func (*DeviceSubRequest) Descriptor() ([]byte, []int) {
+	return fileDescriptor_66649ee9bbcd89d2, []int{22}
+}
+func (m *DeviceSubRequest) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceSubRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceSubRequest) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceSubRequest.Merge(m, src)
+}
+func (m *DeviceSubRequest) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceSubRequest) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceSubRequest.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceSubRequest proto.InternalMessageInfo
+
+func (m *DeviceTaint) Reset()      { *m = DeviceTaint{} }
+func (*DeviceTaint) ProtoMessage() {}
+func (*DeviceTaint) Descriptor() ([]byte, []int) {
+	return fileDescriptor_66649ee9bbcd89d2, []int{23}
+}
+func (m *DeviceTaint) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceTaint) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceTaint) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceTaint.Merge(m, src)
+}
+func (m *DeviceTaint) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceTaint) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceTaint.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceTaint proto.InternalMessageInfo
+
+func (m *DeviceTaintRule) Reset()      { *m = DeviceTaintRule{} }
+func (*DeviceTaintRule) ProtoMessage() {}
+func (*DeviceTaintRule) Descriptor() ([]byte, []int) {
+	return fileDescriptor_66649ee9bbcd89d2, []int{24}
+}
+func (m *DeviceTaintRule) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceTaintRule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceTaintRule) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceTaintRule.Merge(m, src)
+}
+func (m *DeviceTaintRule) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceTaintRule) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceTaintRule.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceTaintRule proto.InternalMessageInfo
+
+func (m *DeviceTaintRuleList) Reset()      { *m = DeviceTaintRuleList{} }
+func (*DeviceTaintRuleList) ProtoMessage() {}
+func (*DeviceTaintRuleList) Descriptor() ([]byte, []int) {
+	return fileDescriptor_66649ee9bbcd89d2, []int{25}
+}
+func (m *DeviceTaintRuleList) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceTaintRuleList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceTaintRuleList) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceTaintRuleList.Merge(m, src)
+}
+func (m *DeviceTaintRuleList) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceTaintRuleList) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceTaintRuleList.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceTaintRuleList proto.InternalMessageInfo
+
+func (m *DeviceTaintRuleSpec) Reset()      { *m = DeviceTaintRuleSpec{} }
+func (*DeviceTaintRuleSpec) ProtoMessage() {}
+func (*DeviceTaintRuleSpec) Descriptor() ([]byte, []int) {
+	return fileDescriptor_66649ee9bbcd89d2, []int{26}
+}
+func (m *DeviceTaintRuleSpec) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceTaintRuleSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceTaintRuleSpec) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceTaintRuleSpec.Merge(m, src)
+}
+func (m *DeviceTaintRuleSpec) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceTaintRuleSpec) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceTaintRuleSpec.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceTaintRuleSpec proto.InternalMessageInfo
+
+func (m *DeviceTaintSelector) Reset()      { *m = DeviceTaintSelector{} }
+func (*DeviceTaintSelector) ProtoMessage() {}
+func (*DeviceTaintSelector) Descriptor() ([]byte, []int) {
+	return fileDescriptor_66649ee9bbcd89d2, []int{27}
+}
+func (m *DeviceTaintSelector) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceTaintSelector) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceTaintSelector) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceTaintSelector.Merge(m, src)
+}
+func (m *DeviceTaintSelector) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceTaintSelector) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceTaintSelector.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceTaintSelector proto.InternalMessageInfo
+
+func (m *DeviceToleration) Reset()      { *m = DeviceToleration{} }
+func (*DeviceToleration) ProtoMessage() {}
+func (*DeviceToleration) Descriptor() ([]byte, []int) {
+	return fileDescriptor_66649ee9bbcd89d2, []int{28}
+}
+func (m *DeviceToleration) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceToleration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceToleration) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceToleration.Merge(m, src)
+}
+func (m *DeviceToleration) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceToleration) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceToleration.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceToleration proto.InternalMessageInfo
+
 func (m *NetworkDeviceData) Reset()      { *m = NetworkDeviceData{} }
 func (*NetworkDeviceData) ProtoMessage() {}
 func (*NetworkDeviceData) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{19}
+	return fileDescriptor_66649ee9bbcd89d2, []int{29}
 }
 func (m *NetworkDeviceData) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -612,7 +893,7 @@ var xxx_messageInfo_NetworkDeviceData proto.InternalMessageInfo
 func (m *OpaqueDeviceConfiguration) Reset()      { *m = OpaqueDeviceConfiguration{} }
 func (*OpaqueDeviceConfiguration) ProtoMessage() {}
 func (*OpaqueDeviceConfiguration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{20}
+	return fileDescriptor_66649ee9bbcd89d2, []int{30}
 }
 func (m *OpaqueDeviceConfiguration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -640,7 +921,7 @@ var xxx_messageInfo_OpaqueDeviceConfiguration proto.InternalMessageInfo
 func (m *ResourceClaim) Reset()      { *m = ResourceClaim{} }
 func (*ResourceClaim) ProtoMessage() {}
 func (*ResourceClaim) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{21}
+	return fileDescriptor_66649ee9bbcd89d2, []int{31}
 }
 func (m *ResourceClaim) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -668,7 +949,7 @@ var xxx_messageInfo_ResourceClaim proto.InternalMessageInfo
 func (m *ResourceClaimConsumerReference) Reset()      { *m = ResourceClaimConsumerReference{} }
 func (*ResourceClaimConsumerReference) ProtoMessage() {}
 func (*ResourceClaimConsumerReference) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{22}
+	return fileDescriptor_66649ee9bbcd89d2, []int{32}
 }
 func (m *ResourceClaimConsumerReference) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -696,7 +977,7 @@ var xxx_messageInfo_ResourceClaimConsumerReference proto.InternalMessageInfo
 func (m *ResourceClaimList) Reset()      { *m = ResourceClaimList{} }
 func (*ResourceClaimList) ProtoMessage() {}
 func (*ResourceClaimList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{23}
+	return fileDescriptor_66649ee9bbcd89d2, []int{33}
 }
 func (m *ResourceClaimList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -724,7 +1005,7 @@ var xxx_messageInfo_ResourceClaimList proto.InternalMessageInfo
 func (m *ResourceClaimSpec) Reset()      { *m = ResourceClaimSpec{} }
 func (*ResourceClaimSpec) ProtoMessage() {}
 func (*ResourceClaimSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{24}
+	return fileDescriptor_66649ee9bbcd89d2, []int{34}
 }
 func (m *ResourceClaimSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -752,7 +1033,7 @@ var xxx_messageInfo_ResourceClaimSpec proto.InternalMessageInfo
 func (m *ResourceClaimStatus) Reset()      { *m = ResourceClaimStatus{} }
 func (*ResourceClaimStatus) ProtoMessage() {}
 func (*ResourceClaimStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{25}
+	return fileDescriptor_66649ee9bbcd89d2, []int{35}
 }
 func (m *ResourceClaimStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -780,7 +1061,7 @@ var xxx_messageInfo_ResourceClaimStatus proto.InternalMessageInfo
 func (m *ResourceClaimTemplate) Reset()      { *m = ResourceClaimTemplate{} }
 func (*ResourceClaimTemplate) ProtoMessage() {}
 func (*ResourceClaimTemplate) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{26}
+	return fileDescriptor_66649ee9bbcd89d2, []int{36}
 }
 func (m *ResourceClaimTemplate) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -808,7 +1089,7 @@ var xxx_messageInfo_ResourceClaimTemplate proto.InternalMessageInfo
 func (m *ResourceClaimTemplateList) Reset()      { *m = ResourceClaimTemplateList{} }
 func (*ResourceClaimTemplateList) ProtoMessage() {}
 func (*ResourceClaimTemplateList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{27}
+	return fileDescriptor_66649ee9bbcd89d2, []int{37}
 }
 func (m *ResourceClaimTemplateList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -836,7 +1117,7 @@ var xxx_messageInfo_ResourceClaimTemplateList proto.InternalMessageInfo
 func (m *ResourceClaimTemplateSpec) Reset()      { *m = ResourceClaimTemplateSpec{} }
 func (*ResourceClaimTemplateSpec) ProtoMessage() {}
 func (*ResourceClaimTemplateSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{28}
+	return fileDescriptor_66649ee9bbcd89d2, []int{38}
 }
 func (m *ResourceClaimTemplateSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -864,7 +1145,7 @@ var xxx_messageInfo_ResourceClaimTemplateSpec proto.InternalMessageInfo
 func (m *ResourcePool) Reset()      { *m = ResourcePool{} }
 func (*ResourcePool) ProtoMessage() {}
 func (*ResourcePool) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{29}
+	return fileDescriptor_66649ee9bbcd89d2, []int{39}
 }
 func (m *ResourcePool) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -892,7 +1173,7 @@ var xxx_messageInfo_ResourcePool proto.InternalMessageInfo
 func (m *ResourceSlice) Reset()      { *m = ResourceSlice{} }
 func (*ResourceSlice) ProtoMessage() {}
 func (*ResourceSlice) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{30}
+	return fileDescriptor_66649ee9bbcd89d2, []int{40}
 }
 func (m *ResourceSlice) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -920,7 +1201,7 @@ var xxx_messageInfo_ResourceSlice proto.InternalMessageInfo
 func (m *ResourceSliceList) Reset()      { *m = ResourceSliceList{} }
 func (*ResourceSliceList) ProtoMessage() {}
 func (*ResourceSliceList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{31}
+	return fileDescriptor_66649ee9bbcd89d2, []int{41}
 }
 func (m *ResourceSliceList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -948,7 +1229,7 @@ var xxx_messageInfo_ResourceSliceList proto.InternalMessageInfo
 func (m *ResourceSliceSpec) Reset()      { *m = ResourceSliceSpec{} }
 func (*ResourceSliceSpec) ProtoMessage() {}
 func (*ResourceSliceSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_66649ee9bbcd89d2, []int{32}
+	return fileDescriptor_66649ee9bbcd89d2, []int{42}
 }
 func (m *ResourceSliceSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -980,6 +1261,9 @@ func init() {
 	proto.RegisterMapType((map[QualifiedName]DeviceAttribute)(nil), "k8s.io.api.resource.v1alpha3.BasicDevice.AttributesEntry")
 	proto.RegisterMapType((map[QualifiedName]resource.Quantity)(nil), "k8s.io.api.resource.v1alpha3.BasicDevice.CapacityEntry")
 	proto.RegisterType((*CELDeviceSelector)(nil), "k8s.io.api.resource.v1alpha3.CELDeviceSelector")
+	proto.RegisterType((*Counter)(nil), "k8s.io.api.resource.v1alpha3.Counter")
+	proto.RegisterType((*CounterSet)(nil), "k8s.io.api.resource.v1alpha3.CounterSet")
+	proto.RegisterMapType((map[string]Counter)(nil), "k8s.io.api.resource.v1alpha3.CounterSet.CountersEntry")
 	proto.RegisterType((*Device)(nil), "k8s.io.api.resource.v1alpha3.Device")
 	proto.RegisterType((*DeviceAllocationConfiguration)(nil), "k8s.io.api.resource.v1alpha3.DeviceAllocationConfiguration")
 	proto.RegisterType((*DeviceAllocationResult)(nil), "k8s.io.api.resource.v1alpha3.DeviceAllocationResult")
@@ -992,9 +1276,18 @@ func init() {
 	proto.RegisterType((*DeviceClassSpec)(nil), "k8s.io.api.resource.v1alpha3.DeviceClassSpec")
 	proto.RegisterType((*DeviceConfiguration)(nil), "k8s.io.api.resource.v1alpha3.DeviceConfiguration")
 	proto.RegisterType((*DeviceConstraint)(nil), "k8s.io.api.resource.v1alpha3.DeviceConstraint")
+	proto.RegisterType((*DeviceCounterConsumption)(nil), "k8s.io.api.resource.v1alpha3.DeviceCounterConsumption")
+	proto.RegisterMapType((map[string]Counter)(nil), "k8s.io.api.resource.v1alpha3.DeviceCounterConsumption.CountersEntry")
 	proto.RegisterType((*DeviceRequest)(nil), "k8s.io.api.resource.v1alpha3.DeviceRequest")
 	proto.RegisterType((*DeviceRequestAllocationResult)(nil), "k8s.io.api.resource.v1alpha3.DeviceRequestAllocationResult")
 	proto.RegisterType((*DeviceSelector)(nil), "k8s.io.api.resource.v1alpha3.DeviceSelector")
+	proto.RegisterType((*DeviceSubRequest)(nil), "k8s.io.api.resource.v1alpha3.DeviceSubRequest")
+	proto.RegisterType((*DeviceTaint)(nil), "k8s.io.api.resource.v1alpha3.DeviceTaint")
+	proto.RegisterType((*DeviceTaintRule)(nil), "k8s.io.api.resource.v1alpha3.DeviceTaintRule")
+	proto.RegisterType((*DeviceTaintRuleList)(nil), "k8s.io.api.resource.v1alpha3.DeviceTaintRuleList")
+	proto.RegisterType((*DeviceTaintRuleSpec)(nil), "k8s.io.api.resource.v1alpha3.DeviceTaintRuleSpec")
+	proto.RegisterType((*DeviceTaintSelector)(nil), "k8s.io.api.resource.v1alpha3.DeviceTaintSelector")
+	proto.RegisterType((*DeviceToleration)(nil), "k8s.io.api.resource.v1alpha3.DeviceToleration")
 	proto.RegisterType((*NetworkDeviceData)(nil), "k8s.io.api.resource.v1alpha3.NetworkDeviceData")
 	proto.RegisterType((*OpaqueDeviceConfiguration)(nil), "k8s.io.api.resource.v1alpha3.OpaqueDeviceConfiguration")
 	proto.RegisterType((*ResourceClaim)(nil), "k8s.io.api.resource.v1alpha3.ResourceClaim")
@@ -1016,134 +1309,172 @@ func init() {
 }
 
 var fileDescriptor_66649ee9bbcd89d2 = []byte{
-	// 2030 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x19, 0xcd, 0x6f, 0x1c, 0x57,
-	0xdd, 0xb3, 0xe3, 0xcf, 0xdf, 0xfa, 0x2b, 0x2f, 0xa4, 0x38, 0xa6, 0xec, 0x3a, 0x53, 0x04, 0x4e,
-	0x9b, 0xee, 0x36, 0x4e, 0xd5, 0x16, 0xc2, 0x01, 0x8f, 0xed, 0x06, 0x47, 0x89, 0xe3, 0x3c, 0xb7,
-	0x11, 0x81, 0x12, 0x78, 0x9e, 0x7d, 0xb6, 0x07, 0xcf, 0xce, 0x4c, 0xe7, 0xbd, 0x71, 0xea, 0x0b,
-	0xaa, 0xe0, 0x1e, 0xf1, 0x0f, 0x20, 0x0e, 0x48, 0x48, 0x5c, 0x80, 0xff, 0x00, 0x24, 0x90, 0x88,
-	0xe0, 0x12, 0x09, 0x0e, 0x3d, 0x2d, 0xcd, 0x22, 0xce, 0xdc, 0x73, 0x42, 0xef, 0xcd, 0x9b, 0xcf,
-	0xdd, 0x71, 0xc6, 0x55, 0xb1, 0xd2, 0xdb, 0xce, 0xef, 0xfb, 0xfd, 0xbe, 0xdf, 0x5b, 0xb8, 0x72,
-	0xf8, 0x0e, 0x6b, 0xd9, 0x5e, 0x9b, 0xf8, 0x76, 0x3b, 0xa0, 0xcc, 0x0b, 0x03, 0x8b, 0xb6, 0x8f,
-	0xae, 0x12, 0xc7, 0x3f, 0x20, 0xd7, 0xda, 0xfb, 0xd4, 0xa5, 0x01, 0xe1, 0xb4, 0xd3, 0xf2, 0x03,
-	0x8f, 0x7b, 0xe8, 0xe5, 0x88, 0xba, 0x45, 0x7c, 0xbb, 0x15, 0x53, 0xb7, 0x62, 0xea, 0xc5, 0xd7,
-	0xf7, 0x6d, 0x7e, 0x10, 0xee, 0xb6, 0x2c, 0xaf, 0xdb, 0xde, 0xf7, 0xf6, 0xbd, 0xb6, 0x64, 0xda,
-	0x0d, 0xf7, 0xe4, 0x97, 0xfc, 0x90, 0xbf, 0x22, 0x61, 0x8b, 0x46, 0x46, 0xb5, 0xe5, 0x05, 0x42,
-	0x6d, 0x51, 0xe1, 0xe2, 0x9b, 0x29, 0x4d, 0x97, 0x58, 0x07, 0xb6, 0x4b, 0x83, 0xe3, 0xb6, 0x7f,
-	0xb8, 0x9f, 0xb7, 0xf7, 0x34, 0x5c, 0xac, 0xdd, 0xa5, 0x9c, 0x0c, 0xd3, 0xd5, 0x2e, 0xe3, 0x0a,
-	0x42, 0x97, 0xdb, 0xdd, 0x41, 0x35, 0x6f, 0x3d, 0x8f, 0x81, 0x59, 0x07, 0xb4, 0x4b, 0x8a, 0x7c,
-	0xc6, 0xaf, 0x75, 0xb8, 0xb0, 0xea, 0x38, 0x9e, 0x25, 0x60, 0xeb, 0xf4, 0xc8, 0xb6, 0xe8, 0x0e,
-	0x27, 0x3c, 0x64, 0xe8, 0xeb, 0x30, 0xde, 0x09, 0xec, 0x23, 0x1a, 0x2c, 0x68, 0x4b, 0xda, 0xf2,
-	0x94, 0x39, 0xfb, 0xb8, 0xd7, 0x1c, 0xe9, 0xf7, 0x9a, 0xe3, 0xeb, 0x12, 0x8a, 0x15, 0x16, 0x2d,
-	0xc1, 0xa8, 0xef, 0x79, 0xce, 0x42, 0x4d, 0x52, 0x4d, 0x2b, 0xaa, 0xd1, 0x6d, 0xcf, 0x73, 0xb0,
-	0xc4, 0x48, 0x49, 0x52, 0xf2, 0x82, 0x5e, 0x90, 0x24, 0xa1, 0x58, 0x61, 0x91, 0x05, 0x60, 0x79,
-	0x6e, 0xc7, 0xe6, 0xb6, 0xe7, 0xb2, 0x85, 0xd1, 0x25, 0x7d, 0xb9, 0xbe, 0xd2, 0x6e, 0xa5, 0x61,
-	0x4e, 0x0e, 0xd6, 0xf2, 0x0f, 0xf7, 0x05, 0x80, 0xb5, 0x84, 0xff, 0x5a, 0x47, 0x57, 0x5b, 0x6b,
-	0x31, 0x9f, 0x89, 0x94, 0x70, 0x48, 0x40, 0x0c, 0x67, 0xc4, 0xa2, 0x3b, 0x30, 0xda, 0x21, 0x9c,
-	0x2c, 0x8c, 0x2d, 0x69, 0xcb, 0xf5, 0x95, 0xd7, 0x4b, 0xc5, 0x2b, 0xbf, 0xb5, 0x30, 0x79, 0xb8,
-	0xf1, 0x11, 0xa7, 0x2e, 0x13, 0xc2, 0x93, 0xd3, 0xad, 0x13, 0x4e, 0xb0, 0x14, 0x84, 0x76, 0xa1,
-	0xee, 0x52, 0xfe, 0xd0, 0x0b, 0x0e, 0x05, 0x70, 0x61, 0x5c, 0xca, 0xcd, 0x9a, 0x3d, 0x98, 0x9d,
-	0xad, 0x2d, 0xc5, 0x20, 0xcf, 0x2d, 0xd8, 0xcc, 0xb9, 0x7e, 0xaf, 0x59, 0xdf, 0x4a, 0xe5, 0xe0,
-	0xac, 0x50, 0xe3, 0xef, 0x1a, 0xcc, 0xab, 0x28, 0xd9, 0x9e, 0x8b, 0x29, 0x0b, 0x1d, 0x8e, 0x7e,
-	0x04, 0x13, 0x91, 0xe3, 0x98, 0x8c, 0x50, 0x7d, 0xe5, 0xcd, 0x93, 0x95, 0x46, 0xda, 0x8a, 0x62,
-	0xcc, 0x39, 0x75, 0xa6, 0x89, 0x08, 0xcf, 0x70, 0x2c, 0x15, 0xdd, 0x83, 0x69, 0xd7, 0xeb, 0xd0,
-	0x1d, 0xea, 0x50, 0x8b, 0x7b, 0x81, 0x8c, 0x5e, 0x7d, 0x65, 0x29, 0xab, 0x45, 0xd4, 0x8a, 0xf0,
-	0xff, 0x56, 0x86, 0xce, 0x9c, 0xef, 0xf7, 0x9a, 0xd3, 0x59, 0x08, 0xce, 0xc9, 0x31, 0x3e, 0xd5,
-	0xa1, 0x6e, 0x12, 0x66, 0x5b, 0x91, 0x46, 0xf4, 0x53, 0x00, 0xc2, 0x79, 0x60, 0xef, 0x86, 0x5c,
-	0x9e, 0x45, 0xc4, 0xfd, 0x9b, 0x27, 0x9f, 0x25, 0xc3, 0xde, 0x5a, 0x4d, 0x78, 0x37, 0x5c, 0x1e,
-	0x1c, 0x9b, 0xaf, 0xc4, 0x19, 0x90, 0x22, 0x7e, 0xf6, 0xaf, 0xe6, 0xcc, 0xdd, 0x90, 0x38, 0xf6,
-	0x9e, 0x4d, 0x3b, 0x5b, 0xa4, 0x4b, 0x71, 0x46, 0x23, 0x3a, 0x82, 0x49, 0x8b, 0xf8, 0xc4, 0xb2,
-	0xf9, 0xf1, 0x42, 0x4d, 0x6a, 0x7f, 0xbb, 0xba, 0xf6, 0x35, 0xc5, 0x19, 0xe9, 0xbe, 0xa4, 0x74,
-	0x4f, 0xc6, 0xe0, 0x41, 0xcd, 0x89, 0xae, 0x45, 0x07, 0xe6, 0x0a, 0xb6, 0xa3, 0x79, 0xd0, 0x0f,
-	0xe9, 0x71, 0x54, 0x71, 0x58, 0xfc, 0x44, 0x6b, 0x30, 0x76, 0x44, 0x9c, 0x90, 0xca, 0xfa, 0xca,
-	0x27, 0x6c, 0x79, 0x8c, 0x63, 0xa9, 0x38, 0xe2, 0xfd, 0x56, 0xed, 0x1d, 0x6d, 0xf1, 0x10, 0x66,
-	0x72, 0xb6, 0x0e, 0xd1, 0xb5, 0x9e, 0xd7, 0xd5, 0x3a, 0xa9, 0xf6, 0x52, 0xe5, 0x77, 0x43, 0xe2,
-	0x72, 0x9b, 0x1f, 0x67, 0x94, 0x19, 0x37, 0xe0, 0xdc, 0xda, 0xc6, 0x2d, 0xd5, 0x4f, 0x54, 0xdc,
-	0xd1, 0x0a, 0x00, 0xfd, 0xc8, 0x0f, 0x28, 0x13, 0xb5, 0xa4, 0xba, 0x4a, 0x52, 0xae, 0x1b, 0x09,
-	0x06, 0x67, 0xa8, 0x8c, 0x23, 0x50, 0x5d, 0x42, 0xf4, 0x19, 0x97, 0x74, 0xa9, 0xe2, 0x4b, 0x2a,
-	0x51, 0xfa, 0x54, 0x62, 0xd0, 0x4d, 0x18, 0xdb, 0x15, 0x91, 0x51, 0xe6, 0x5f, 0xae, 0x1c, 0x44,
-	0x73, 0xaa, 0xdf, 0x6b, 0x8e, 0x49, 0x00, 0x8e, 0x44, 0x18, 0x8f, 0x6a, 0xf0, 0xd5, 0x62, 0xc1,
-	0xac, 0x79, 0xee, 0x9e, 0xbd, 0x1f, 0x06, 0xf2, 0x03, 0x7d, 0x07, 0xc6, 0x23, 0x91, 0xca, 0xa2,
-	0xe5, 0xb8, 0xab, 0xed, 0x48, 0xe8, 0xb3, 0x5e, 0xf3, 0xa5, 0x22, 0x6b, 0x84, 0xc1, 0x8a, 0x0f,
-	0x2d, 0xc3, 0x64, 0x40, 0x3f, 0x0c, 0x29, 0xe3, 0x4c, 0xe6, 0xdd, 0x94, 0x39, 0x2d, 0x52, 0x07,
-	0x2b, 0x18, 0x4e, 0xb0, 0xe8, 0x63, 0x0d, 0xce, 0x47, 0x55, 0x99, 0xb3, 0x41, 0x55, 0xe4, 0xd5,
-	0x2a, 0x39, 0x91, 0x63, 0x34, 0xbf, 0xa2, 0x8c, 0x3d, 0x3f, 0x04, 0x89, 0x87, 0xa9, 0x32, 0xfe,
-	0xa3, 0xc1, 0x4b, 0xc3, 0x3b, 0x08, 0xda, 0x83, 0x89, 0x40, 0xfe, 0x8a, 0x8b, 0xf7, 0x7a, 0x15,
-	0x83, 0xd4, 0x31, 0xcb, 0xfb, 0x51, 0xf4, 0xcd, 0x70, 0x2c, 0x1c, 0x59, 0x30, 0x6e, 0x49, 0x9b,
-	0x54, 0x95, 0x5e, 0x3f, 0x5d, 0xbf, 0xcb, 0x7b, 0x20, 0x19, 0x42, 0x11, 0x18, 0x2b, 0xd1, 0xc6,
-	0x6f, 0x35, 0x98, 0x2b, 0x54, 0x11, 0x6a, 0x80, 0x6e, 0xbb, 0x5c, 0xa6, 0x95, 0x1e, 0xc5, 0x68,
-	0xd3, 0xe5, 0xf7, 0x44, 0xb2, 0x63, 0x81, 0x40, 0x97, 0x60, 0x74, 0x57, 0x8c, 0x40, 0x11, 0x8e,
-	0x49, 0x73, 0xa6, 0xdf, 0x6b, 0x4e, 0x99, 0x9e, 0xe7, 0x44, 0x14, 0x12, 0x85, 0xbe, 0x01, 0xe3,
-	0x8c, 0x07, 0xb6, 0xbb, 0xbf, 0x30, 0x2a, 0xb3, 0x45, 0xf6, 0xfb, 0x1d, 0x09, 0x89, 0xc8, 0x14,
-	0x1a, 0xbd, 0x0a, 0x13, 0x47, 0x34, 0x90, 0x15, 0x32, 0x26, 0x29, 0x65, 0x37, 0xbd, 0x17, 0x81,
-	0x22, 0xd2, 0x98, 0xc0, 0xf8, 0x7d, 0x0d, 0xea, 0x2a, 0x80, 0x0e, 0xb1, 0xbb, 0xe8, 0x7e, 0x26,
-	0xa1, 0xa2, 0x48, 0xbc, 0x76, 0x8a, 0x48, 0x98, 0xf3, 0x71, 0xf3, 0x1a, 0x92, 0x81, 0x14, 0xea,
-	0x96, 0xe7, 0x32, 0x1e, 0x10, 0xdb, 0x55, 0xe9, 0x9a, 0x6f, 0x10, 0x27, 0x25, 0x9e, 0x62, 0x33,
-	0xcf, 0x2b, 0x05, 0xf5, 0x14, 0xc6, 0x70, 0x56, 0x2e, 0x7a, 0x90, 0x84, 0x58, 0x97, 0x1a, 0xde,
-	0xaa, 0xa4, 0x41, 0x1c, 0xbe, 0x5a, 0x74, 0xff, 0xaa, 0xc1, 0x42, 0x19, 0x53, 0xae, 0x1e, 0xb5,
-	0xcf, 0x54, 0x8f, 0xb5, 0xb3, 0xab, 0xc7, 0x3f, 0x69, 0x99, 0xd8, 0x33, 0x86, 0x7e, 0x0c, 0x93,
-	0x62, 0x19, 0x92, 0xbb, 0x4d, 0xb4, 0x0e, 0xbc, 0x51, 0x6d, 0x75, 0xba, 0xb3, 0xfb, 0x13, 0x6a,
-	0xf1, 0xdb, 0x94, 0x93, 0xb4, 0x19, 0xa7, 0x30, 0x9c, 0x48, 0x15, 0x9b, 0x13, 0xf3, 0xa9, 0x75,
-	0x9a, 0x41, 0x24, 0x4d, 0xdb, 0xf1, 0xa9, 0x95, 0xf6, 0x6b, 0xf1, 0x85, 0xa5, 0x20, 0xe3, 0x97,
-	0xd9, 0x60, 0x30, 0x96, 0x0f, 0x46, 0x99, 0x8b, 0xb5, 0xb3, 0x73, 0xf1, 0x1f, 0x93, 0x56, 0x20,
-	0xed, 0xbb, 0x65, 0x33, 0x8e, 0x3e, 0x18, 0x70, 0x73, 0xab, 0x9a, 0x9b, 0x05, 0xb7, 0x74, 0x72,
-	0x52, 0x65, 0x31, 0x24, 0xe3, 0xe2, 0x2d, 0x18, 0xb3, 0x39, 0xed, 0xc6, 0xf5, 0x75, 0xb9, 0xb2,
-	0x8f, 0xcd, 0x19, 0x25, 0x75, 0x6c, 0x53, 0xf0, 0xe3, 0x48, 0x8c, 0xf1, 0x24, 0x7f, 0x02, 0xe1,
-	0x7b, 0xf4, 0x43, 0x98, 0x62, 0x6a, 0x22, 0xc7, 0x5d, 0xe2, 0x4a, 0x15, 0x3d, 0xc9, 0x7a, 0x77,
-	0x4e, 0xa9, 0x9a, 0x8a, 0x21, 0x0c, 0xa7, 0x12, 0x33, 0x15, 0x5c, 0x3b, 0x55, 0x05, 0x17, 0xe2,
-	0x5f, 0x5a, 0xc1, 0x01, 0x0c, 0x0b, 0x20, 0xfa, 0x01, 0x8c, 0x7b, 0x3e, 0xf9, 0x30, 0xa4, 0x2a,
-	0x2a, 0xcf, 0xd9, 0xe0, 0xee, 0x48, 0xda, 0x61, 0x69, 0x02, 0x42, 0x67, 0x84, 0xc6, 0x4a, 0xa4,
-	0xf1, 0x48, 0x83, 0xf9, 0x62, 0x33, 0x3b, 0x45, 0xb7, 0xd8, 0x86, 0xd9, 0x2e, 0xe1, 0xd6, 0x41,
-	0x32, 0x50, 0xd4, 0x5d, 0x69, 0xb9, 0xdf, 0x6b, 0xce, 0xde, 0xce, 0x61, 0x9e, 0xf5, 0x9a, 0xe8,
-	0xdd, 0xd0, 0x71, 0x8e, 0xf3, 0x3b, 0x63, 0x81, 0xdf, 0xf8, 0xb9, 0x0e, 0x33, 0xb9, 0xde, 0x5d,
-	0x61, 0x3b, 0x5a, 0x85, 0xb9, 0x4e, 0xea, 0x6c, 0x81, 0x50, 0x66, 0x7c, 0x59, 0x11, 0x67, 0x33,
-	0x45, 0xf2, 0x15, 0xe9, 0xf3, 0xa9, 0xa3, 0x7f, 0xee, 0xa9, 0x73, 0x0f, 0x66, 0x49, 0x32, 0xad,
-	0x6f, 0x7b, 0x1d, 0xaa, 0x66, 0x65, 0x4b, 0x71, 0xcd, 0xae, 0xe6, 0xb0, 0xcf, 0x7a, 0xcd, 0x2f,
-	0x15, 0x67, 0xbc, 0x80, 0xe3, 0x82, 0x14, 0xf4, 0x0a, 0x8c, 0x59, 0x5e, 0xe8, 0x72, 0x39, 0x50,
-	0xf5, 0xb4, 0x54, 0xd6, 0x04, 0x10, 0x47, 0x38, 0x74, 0x15, 0xea, 0xa4, 0xd3, 0xb5, 0xdd, 0x55,
-	0xcb, 0xa2, 0x8c, 0xc9, 0x6b, 0xdc, 0x64, 0x34, 0xa5, 0x57, 0x53, 0x30, 0xce, 0xd2, 0x18, 0xff,
-	0xd5, 0xe2, 0x1d, 0xb1, 0x64, 0x97, 0x41, 0x97, 0xc5, 0x66, 0x24, 0x51, 0x2a, 0x30, 0x99, 0xe5,
-	0x46, 0x82, 0x71, 0x8c, 0xcf, 0x5c, 0xb7, 0x6b, 0x95, 0xae, 0xdb, 0x7a, 0x85, 0xeb, 0xf6, 0xe8,
-	0x89, 0xd7, 0xed, 0xc2, 0x89, 0xc7, 0x2a, 0x9c, 0xf8, 0x03, 0x98, 0x2d, 0xec, 0xf4, 0x37, 0x41,
-	0xb7, 0xa8, 0xa3, 0x8a, 0xee, 0x39, 0xb7, 0xde, 0x81, 0x1b, 0x81, 0x39, 0xd1, 0xef, 0x35, 0xf5,
-	0xb5, 0x8d, 0x5b, 0x58, 0x08, 0x31, 0x7e, 0xa7, 0xc1, 0xb9, 0x81, 0x9b, 0x31, 0xba, 0x0e, 0x33,
-	0xb6, 0xcb, 0x69, 0xb0, 0x47, 0x2c, 0xba, 0x95, 0xa6, 0xf8, 0x05, 0x75, 0xaa, 0x99, 0xcd, 0x2c,
-	0x12, 0xe7, 0x69, 0xd1, 0x45, 0xd0, 0x6d, 0x3f, 0xde, 0xae, 0xa5, 0xb6, 0xcd, 0x6d, 0x86, 0x05,
-	0x4c, 0xd4, 0xc3, 0x01, 0x09, 0x3a, 0x0f, 0x49, 0x40, 0x57, 0x3b, 0x1d, 0x71, 0xdf, 0x50, 0x3e,
-	0x4d, 0xea, 0xe1, 0xbb, 0x79, 0x34, 0x2e, 0xd2, 0x1b, 0xbf, 0xd1, 0xe0, 0x62, 0x69, 0x27, 0xa9,
-	0xfc, 0x80, 0x42, 0x00, 0x7c, 0x12, 0x90, 0x2e, 0xe5, 0x34, 0x60, 0x43, 0xa6, 0x6b, 0x85, 0x77,
-	0x89, 0x64, 0x70, 0x6f, 0x27, 0x82, 0x70, 0x46, 0xa8, 0xf1, 0xab, 0x1a, 0xcc, 0x60, 0x15, 0x8f,
-	0x68, 0x55, 0xfc, 0xff, 0xaf, 0x0b, 0x77, 0x73, 0xeb, 0xc2, 0x73, 0x52, 0x23, 0x67, 0x5c, 0xd9,
-	0xc2, 0x80, 0xee, 0x8b, 0x25, 0x9a, 0xf0, 0x90, 0x55, 0xbb, 0xf8, 0xe4, 0x85, 0x4a, 0xc6, 0x34,
-	0x08, 0xd1, 0x37, 0x56, 0x02, 0x8d, 0xbe, 0x06, 0x8d, 0x1c, 0xbd, 0xe8, 0xf4, 0x61, 0x97, 0x06,
-	0x98, 0xee, 0xd1, 0x80, 0xba, 0x16, 0x45, 0x57, 0x60, 0x92, 0xf8, 0xf6, 0x8d, 0xc0, 0x0b, 0x7d,
-	0x15, 0xd1, 0x64, 0x94, 0xaf, 0x6e, 0x6f, 0x4a, 0x38, 0x4e, 0x28, 0x04, 0x75, 0x6c, 0x91, 0xca,
-	0xab, 0xcc, 0x7a, 0x1d, 0xc1, 0x71, 0x42, 0x91, 0xb4, 0xef, 0xd1, 0xd2, 0xf6, 0x6d, 0x82, 0x1e,
-	0xda, 0x1d, 0x75, 0x27, 0x78, 0x43, 0x11, 0xe8, 0xef, 0x6f, 0xae, 0x3f, 0xeb, 0x35, 0x2f, 0x95,
-	0x3d, 0xfe, 0xf1, 0x63, 0x9f, 0xb2, 0xd6, 0xfb, 0x9b, 0xeb, 0x58, 0x30, 0x1b, 0x7f, 0xd6, 0xe0,
-	0x5c, 0xee, 0x90, 0x67, 0xb0, 0xd2, 0x6c, 0xe7, 0x57, 0x9a, 0xd7, 0x4e, 0x11, 0xb2, 0x92, 0xa5,
-	0xc6, 0x2e, 0x1c, 0x42, 0x6e, 0x35, 0xef, 0x15, 0x1f, 0xc3, 0x2e, 0x57, 0xbe, 0x39, 0x94, 0xbf,
-	0x80, 0x19, 0x7f, 0xab, 0xc1, 0xf9, 0x21, 0x59, 0x84, 0x1e, 0x00, 0xa4, 0x33, 0x66, 0x88, 0xd3,
-	0x86, 0x28, 0x1c, 0xb8, 0xe7, 0xce, 0xca, 0x27, 0xaa, 0x14, 0x9a, 0x91, 0x88, 0x18, 0xd4, 0x03,
-	0xca, 0x68, 0x70, 0x44, 0x3b, 0xef, 0x7a, 0x81, 0x72, 0xdd, 0xb7, 0x4f, 0xe1, 0xba, 0x81, 0xec,
-	0x4d, 0xef, 0x5e, 0x38, 0x15, 0x8c, 0xb3, 0x5a, 0xd0, 0x83, 0xd4, 0x85, 0xd1, 0xdb, 0xeb, 0xb5,
-	0x4a, 0x27, 0xca, 0x3f, 0x1b, 0x9f, 0xe0, 0xcc, 0x7f, 0x6a, 0x70, 0x21, 0x67, 0xe4, 0x7b, 0xb4,
-	0xeb, 0x3b, 0x84, 0xd3, 0x33, 0x68, 0x46, 0xf7, 0x73, 0xcd, 0xe8, 0xed, 0x53, 0x78, 0x32, 0x36,
-	0xb2, 0xf4, 0x16, 0xf3, 0x0f, 0x0d, 0x2e, 0x0e, 0xe5, 0x38, 0x83, 0xe2, 0xfa, 0x5e, 0xbe, 0xb8,
-	0xae, 0x7d, 0x86, 0x73, 0x95, 0xdf, 0x1c, 0x2e, 0x96, 0xfa, 0xe1, 0x0b, 0x39, 0x3d, 0x8c, 0x3f,
-	0x68, 0x30, 0x1d, 0x53, 0x8a, 0x75, 0xa9, 0xc2, 0xce, 0xbc, 0x02, 0xa0, 0xfe, 0x30, 0x89, 0x6f,
-	0xf7, 0x7a, 0x6a, 0xf7, 0x8d, 0x04, 0x83, 0x33, 0x54, 0xe8, 0x26, 0xa0, 0xd8, 0xc2, 0x1d, 0x47,
-	0x2e, 0x05, 0x62, 0xf5, 0xd4, 0x25, 0xef, 0xa2, 0xe2, 0x45, 0x78, 0x80, 0x02, 0x0f, 0xe1, 0x32,
-	0xfe, 0xa2, 0xa5, 0x73, 0x5b, 0x82, 0x5f, 0x54, 0xcf, 0x4b, 0xe3, 0x4a, 0x3d, 0x9f, 0x9d, 0x3b,
-	0x92, 0xf2, 0x85, 0x9d, 0x3b, 0xd2, 0xba, 0x92, 0x92, 0x78, 0xa4, 0x17, 0x4e, 0x21, 0x4b, 0xa1,
-	0xea, 0x96, 0x77, 0x2b, 0xf3, 0x37, 0x59, 0x7d, 0xe5, 0xd5, 0x6a, 0xe6, 0x88, 0x34, 0x1d, 0xba,
-	0xe3, 0x5f, 0x81, 0x49, 0xd7, 0xeb, 0x44, 0xfb, 0x70, 0x61, 0xbb, 0xd8, 0x52, 0x70, 0x9c, 0x50,
-	0x0c, 0xfc, 0x91, 0x33, 0xfa, 0xf9, 0xfc, 0x91, 0x23, 0x37, 0x22, 0xc7, 0x11, 0x04, 0xf1, 0xf5,
-	0x21, 0xdd, 0x88, 0x14, 0x1c, 0x27, 0x14, 0xe8, 0x4e, 0x3a, 0x5f, 0xc6, 0x65, 0x4c, 0xbe, 0x56,
-	0x65, 0x44, 0x97, 0x0f, 0x14, 0xd3, 0x7c, 0xfc, 0xb4, 0x31, 0xf2, 0xe4, 0x69, 0x63, 0xe4, 0x93,
-	0xa7, 0x8d, 0x91, 0x8f, 0xfb, 0x0d, 0xed, 0x71, 0xbf, 0xa1, 0x3d, 0xe9, 0x37, 0xb4, 0x4f, 0xfa,
-	0x0d, 0xed, 0xd3, 0x7e, 0x43, 0xfb, 0xc5, 0xbf, 0x1b, 0x23, 0xdf, 0x7f, 0xf9, 0xa4, 0x7f, 0x95,
-	0xff, 0x17, 0x00, 0x00, 0xff, 0xff, 0xbd, 0x60, 0x85, 0x64, 0x74, 0x1e, 0x00, 0x00,
+	// 2635 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x1a, 0x5b, 0x6f, 0x1c, 0x57,
+	0x39, 0xb3, 0xbb, 0x5e, 0xaf, 0xbf, 0x8d, 0x1d, 0xfb, 0x84, 0x84, 0x8d, 0x49, 0x77, 0x93, 0x09,
+	0x17, 0xa7, 0x75, 0xd6, 0x8d, 0x53, 0xb5, 0x85, 0x80, 0x84, 0xd7, 0x76, 0x52, 0xa7, 0x89, 0xe3,
+	0x9c, 0x75, 0x03, 0x81, 0x12, 0x18, 0xcf, 0x1e, 0xdb, 0x83, 0x67, 0x67, 0xa6, 0x73, 0x66, 0x9d,
+	0x5a, 0x42, 0xa8, 0xe2, 0x07, 0x54, 0xbc, 0xf2, 0x80, 0x2a, 0xf1, 0x50, 0x89, 0x17, 0xe0, 0x99,
+	0x17, 0x90, 0x40, 0x6a, 0x04, 0x3c, 0x44, 0xa2, 0x42, 0x15, 0x12, 0x0b, 0x59, 0x84, 0xf8, 0x0b,
+	0xc8, 0x4f, 0xe8, 0x5c, 0xe6, 0xba, 0x3b, 0xce, 0xac, 0x49, 0xac, 0x20, 0xf5, 0x6d, 0xf7, 0x3b,
+	0xdf, 0xed, 0x7c, 0xf7, 0x73, 0xe6, 0xc0, 0xec, 0xce, 0xeb, 0xb4, 0x6e, 0xd8, 0x73, 0x9a, 0x63,
+	0xcc, 0xb9, 0x84, 0xda, 0x1d, 0x57, 0x27, 0x73, 0xbb, 0x97, 0x35, 0xd3, 0xd9, 0xd6, 0xae, 0xcc,
+	0x6d, 0x11, 0x8b, 0xb8, 0x9a, 0x47, 0x5a, 0x75, 0xc7, 0xb5, 0x3d, 0x1b, 0x9d, 0x15, 0xd8, 0x75,
+	0xcd, 0x31, 0xea, 0x3e, 0x76, 0xdd, 0xc7, 0x9e, 0xbe, 0xb4, 0x65, 0x78, 0xdb, 0x9d, 0x8d, 0xba,
+	0x6e, 0xb7, 0xe7, 0xb6, 0xec, 0x2d, 0x7b, 0x8e, 0x13, 0x6d, 0x74, 0x36, 0xf9, 0x3f, 0xfe, 0x87,
+	0xff, 0x12, 0xcc, 0xa6, 0xd5, 0x88, 0x68, 0xdd, 0x76, 0x99, 0xd8, 0xa4, 0xc0, 0xe9, 0x57, 0x42,
+	0x9c, 0xb6, 0xa6, 0x6f, 0x1b, 0x16, 0x71, 0xf7, 0xe6, 0x9c, 0x9d, 0xad, 0xb8, 0xbe, 0xc3, 0x50,
+	0xd1, 0xb9, 0x36, 0xf1, 0xb4, 0x41, 0xb2, 0xe6, 0xd2, 0xa8, 0xdc, 0x8e, 0xe5, 0x19, 0xed, 0x7e,
+	0x31, 0xaf, 0x3e, 0x89, 0x80, 0xea, 0xdb, 0xa4, 0xad, 0x25, 0xe9, 0xd4, 0x0f, 0xf2, 0x70, 0x6a,
+	0xc1, 0x34, 0x6d, 0x9d, 0xc1, 0x96, 0xc8, 0xae, 0xa1, 0x93, 0xa6, 0xa7, 0x79, 0x1d, 0x8a, 0xbe,
+	0x08, 0xc5, 0x96, 0x6b, 0xec, 0x12, 0xb7, 0xa2, 0x9c, 0x53, 0x66, 0xc6, 0x1a, 0x13, 0x0f, 0xbb,
+	0xb5, 0x63, 0xbd, 0x6e, 0xad, 0xb8, 0xc4, 0xa1, 0x58, 0xae, 0xa2, 0x73, 0x50, 0x70, 0x6c, 0xdb,
+	0xac, 0xe4, 0x38, 0xd6, 0x71, 0x89, 0x55, 0x58, 0xb3, 0x6d, 0x13, 0xf3, 0x15, 0xce, 0x89, 0x73,
+	0xae, 0xe4, 0x13, 0x9c, 0x38, 0x14, 0xcb, 0x55, 0xa4, 0x03, 0xe8, 0xb6, 0xd5, 0x32, 0x3c, 0xc3,
+	0xb6, 0x68, 0xa5, 0x70, 0x2e, 0x3f, 0x53, 0x9e, 0x9f, 0xab, 0x87, 0x6e, 0x0e, 0x36, 0x56, 0x77,
+	0x76, 0xb6, 0x18, 0x80, 0xd6, 0x99, 0xfd, 0xea, 0xbb, 0x97, 0xeb, 0x8b, 0x3e, 0x5d, 0x03, 0x49,
+	0xe6, 0x10, 0x80, 0x28, 0x8e, 0xb0, 0x45, 0x6f, 0x42, 0xa1, 0xa5, 0x79, 0x5a, 0x65, 0xe4, 0x9c,
+	0x32, 0x53, 0x9e, 0xbf, 0x94, 0xca, 0x5e, 0xda, 0xad, 0x8e, 0xb5, 0x07, 0xcb, 0xef, 0x7a, 0xc4,
+	0xa2, 0x8c, 0x79, 0x89, 0xed, 0x6c, 0x49, 0xf3, 0x34, 0xcc, 0x99, 0xa0, 0x0d, 0x28, 0x5b, 0xc4,
+	0x7b, 0x60, 0xbb, 0x3b, 0x0c, 0x58, 0x29, 0x72, 0x9e, 0x51, 0x95, 0xfb, 0x23, 0xb3, 0xbe, 0x2a,
+	0x09, 0xf8, 0x9e, 0x19, 0x59, 0xe3, 0x44, 0xaf, 0x5b, 0x2b, 0xaf, 0x86, 0x7c, 0x70, 0x94, 0xa9,
+	0xfa, 0x47, 0x05, 0x26, 0xa5, 0x87, 0x0c, 0xdb, 0xc2, 0x84, 0x76, 0x4c, 0x0f, 0x7d, 0x17, 0x46,
+	0x85, 0xd1, 0x28, 0xf7, 0x4e, 0x79, 0xfe, 0x95, 0x83, 0x85, 0x0a, 0x69, 0x49, 0x36, 0x8d, 0x13,
+	0xd2, 0x58, 0xa3, 0x62, 0x9d, 0x62, 0x9f, 0x2b, 0xba, 0x0b, 0xc7, 0x2d, 0xbb, 0x45, 0x9a, 0xc4,
+	0x24, 0xba, 0x67, 0xbb, 0xdc, 0x73, 0xe5, 0xf9, 0x73, 0x51, 0x29, 0x2c, 0x4f, 0x98, 0xed, 0x57,
+	0x23, 0x78, 0x8d, 0xc9, 0x5e, 0xb7, 0x76, 0x3c, 0x0a, 0xc1, 0x31, 0x3e, 0xea, 0xdf, 0x8a, 0x50,
+	0x6e, 0x68, 0xd4, 0xd0, 0x85, 0x44, 0xf4, 0x43, 0x00, 0xcd, 0xf3, 0x5c, 0x63, 0xa3, 0xe3, 0xf1,
+	0xbd, 0x30, 0x9f, 0x7f, 0xf9, 0xe0, 0xbd, 0x44, 0xc8, 0xeb, 0x0b, 0x01, 0xed, 0xb2, 0xe5, 0xb9,
+	0x7b, 0x8d, 0x0b, 0xbe, 0xf7, 0xc3, 0x85, 0x1f, 0xfd, 0xbd, 0x36, 0x7e, 0xa7, 0xa3, 0x99, 0xc6,
+	0xa6, 0x41, 0x5a, 0xab, 0x5a, 0x9b, 0xe0, 0x88, 0x44, 0xb4, 0x0b, 0x25, 0x5d, 0x73, 0x34, 0xdd,
+	0xf0, 0xf6, 0x2a, 0x39, 0x2e, 0xfd, 0xb5, 0xec, 0xd2, 0x17, 0x25, 0xa5, 0x90, 0x7d, 0x5e, 0xca,
+	0x2e, 0xf9, 0xe0, 0x7e, 0xc9, 0x81, 0x2c, 0xf4, 0x03, 0x98, 0xd4, 0x6d, 0x8b, 0x76, 0xda, 0x84,
+	0x2e, 0xda, 0x1d, 0xcb, 0x23, 0x2e, 0xad, 0xe4, 0xb9, 0xfc, 0x57, 0xb3, 0x78, 0x52, 0xd2, 0x2c,
+	0x72, 0x16, 0x0e, 0x0f, 0xfc, 0x8a, 0x14, 0x3f, 0xb9, 0x98, 0xe0, 0x8b, 0xfb, 0x24, 0xa1, 0x19,
+	0x28, 0x31, 0xaf, 0x30, 0x9d, 0x2a, 0x05, 0x91, 0xb7, 0x4c, 0xf1, 0x55, 0x09, 0xc3, 0xc1, 0x6a,
+	0x5f, 0x1c, 0x8c, 0x3c, 0x9d, 0x38, 0x60, 0x1a, 0x68, 0xa6, 0xc9, 0x10, 0x28, 0x4f, 0x9b, 0x92,
+	0xd0, 0x60, 0x41, 0xc2, 0x70, 0xb0, 0x8a, 0xee, 0x40, 0xd1, 0xd3, 0x0c, 0xcb, 0xa3, 0x95, 0x51,
+	0x6e, 0x9f, 0x8b, 0x59, 0xec, 0xb3, 0xce, 0x28, 0xc2, 0x42, 0xc3, 0xff, 0x52, 0x2c, 0x19, 0x4d,
+	0x9b, 0x70, 0x22, 0x11, 0x38, 0x68, 0x12, 0xf2, 0x3b, 0x64, 0x4f, 0x94, 0x3a, 0xcc, 0x7e, 0xa2,
+	0x45, 0x18, 0xd9, 0xd5, 0xcc, 0x0e, 0xe1, 0x85, 0x2d, 0x5e, 0x29, 0xd2, 0x13, 0xcc, 0xe7, 0x8a,
+	0x05, 0xed, 0x57, 0x72, 0xaf, 0x2b, 0xd3, 0x3b, 0x30, 0x1e, 0x0b, 0x94, 0x01, 0xb2, 0x96, 0xe2,
+	0xb2, 0xea, 0x07, 0x15, 0xbd, 0x50, 0xf8, 0x9d, 0x8e, 0x66, 0x79, 0x86, 0xb7, 0x17, 0x11, 0xa6,
+	0x5e, 0x87, 0xa9, 0xc5, 0xe5, 0x9b, 0xb2, 0x90, 0xfb, 0xc6, 0x9e, 0x07, 0x20, 0xef, 0x3a, 0x2e,
+	0xa1, 0xac, 0x88, 0xc9, 0x72, 0x1e, 0xd4, 0xc9, 0xe5, 0x60, 0x05, 0x47, 0xb0, 0xd4, 0xfb, 0x30,
+	0x2a, 0xc3, 0x05, 0x35, 0x7d, 0xed, 0x94, 0xc3, 0x68, 0xd7, 0x18, 0x97, 0x92, 0x46, 0xee, 0x32,
+	0x26, 0x52, 0x59, 0xf5, 0x3f, 0x0a, 0x80, 0x14, 0xd0, 0x24, 0x1e, 0xeb, 0x22, 0x16, 0x8b, 0x46,
+	0x25, 0xde, 0x45, 0x78, 0x34, 0xf2, 0x15, 0xd4, 0x82, 0x92, 0xee, 0x67, 0x4a, 0x2e, 0x4b, 0xa6,
+	0x84, 0xdc, 0xfd, 0x9f, 0xb2, 0x48, 0x4c, 0x06, 0x89, 0xea, 0x67, 0x48, 0xc0, 0x79, 0x7a, 0x03,
+	0xc6, 0x63, 0xc8, 0x03, 0x9c, 0x75, 0x35, 0xee, 0xac, 0x2f, 0x64, 0xd2, 0x22, 0xea, 0xa3, 0x5d,
+	0x90, 0x9d, 0x2f, 0xc3, 0xae, 0x6f, 0xc0, 0xc8, 0x06, 0xab, 0x38, 0x52, 0xd8, 0xc5, 0xcc, 0xc5,
+	0xa9, 0x31, 0xc6, 0x4c, 0xce, 0x01, 0x58, 0xb0, 0x50, 0xdf, 0xcf, 0xc1, 0x0b, 0xc9, 0x46, 0xb0,
+	0x68, 0x5b, 0x9b, 0xc6, 0x56, 0xc7, 0xe5, 0x7f, 0xd0, 0xd7, 0xa1, 0x28, 0x58, 0x4a, 0x8d, 0x66,
+	0xfc, 0x04, 0x6a, 0x72, 0xe8, 0x7e, 0xb7, 0x76, 0x3a, 0x49, 0x2a, 0x56, 0xb0, 0xa4, 0x63, 0x79,
+	0xed, 0x92, 0x77, 0x3a, 0x84, 0x7a, 0xc2, 0x4b, 0xb2, 0xb2, 0x60, 0x09, 0xc3, 0xc1, 0x2a, 0x7a,
+	0x4f, 0x81, 0x93, 0x2d, 0x59, 0xcc, 0x22, 0x3a, 0xc8, 0x4e, 0x73, 0x39, 0x5b, 0x15, 0x8c, 0x10,
+	0x36, 0x3e, 0x27, 0x95, 0x3d, 0x39, 0x60, 0x11, 0x0f, 0x12, 0xa5, 0xfe, 0x4b, 0x81, 0xd3, 0x83,
+	0x3b, 0x23, 0xda, 0x84, 0x51, 0x97, 0xff, 0xf2, 0x9b, 0xd2, 0xd5, 0x2c, 0x0a, 0xc9, 0x6d, 0xa6,
+	0xf7, 0x59, 0xf1, 0x9f, 0x62, 0x9f, 0x39, 0xd2, 0xa1, 0xa8, 0x73, 0x9d, 0x64, 0x4c, 0x5f, 0x1d,
+	0xae, 0x8f, 0xc7, 0x2d, 0x10, 0xd4, 0x3b, 0x01, 0xc6, 0x92, 0xb5, 0xfa, 0x73, 0x05, 0x4e, 0x24,
+	0x0a, 0x14, 0xaa, 0x42, 0xde, 0xb0, 0x3c, 0x1e, 0x56, 0x79, 0xe1, 0xa3, 0x15, 0xcb, 0x13, 0x19,
+	0xca, 0x16, 0xd0, 0x79, 0x28, 0x6c, 0xb0, 0xb1, 0x2e, 0xcf, 0x8b, 0xf3, 0x78, 0xaf, 0x5b, 0x1b,
+	0x6b, 0xd8, 0xb6, 0x29, 0x30, 0xf8, 0x12, 0xfa, 0x12, 0x14, 0xa9, 0xe7, 0x1a, 0xd6, 0x96, 0xec,
+	0x21, 0x7c, 0x8e, 0x69, 0x72, 0x88, 0x40, 0x93, 0xcb, 0xe8, 0x45, 0x18, 0xdd, 0x25, 0x2e, 0x2f,
+	0x3e, 0x23, 0x1c, 0x93, 0x77, 0x87, 0xbb, 0x02, 0x24, 0x50, 0x7d, 0x04, 0xf5, 0x97, 0x39, 0x28,
+	0x4b, 0x07, 0x9a, 0x9a, 0xd1, 0x46, 0xf7, 0x22, 0x01, 0x25, 0x3c, 0xf1, 0xd2, 0x10, 0x9e, 0x08,
+	0x73, 0x7d, 0x40, 0x04, 0x12, 0x28, 0xb3, 0xce, 0xe8, 0xb9, 0xa2, 0xbd, 0x08, 0x07, 0xd4, 0x33,
+	0x06, 0x9e, 0x24, 0x6b, 0x9c, 0x94, 0x02, 0xca, 0x21, 0x8c, 0xe2, 0x28, 0x5f, 0x74, 0x3f, 0x70,
+	0xf1, 0x30, 0x0d, 0x9e, 0x6d, 0x3e, 0x9b, 0x77, 0x3f, 0x52, 0xa0, 0x92, 0x46, 0x14, 0xcb, 0x47,
+	0xe5, 0x50, 0xf9, 0x98, 0x3b, 0xba, 0x7c, 0xfc, 0xad, 0x12, 0xf1, 0x3d, 0xa5, 0xe8, 0x7b, 0x50,
+	0x62, 0x03, 0x3e, 0x9f, 0xd7, 0x45, 0xef, 0x79, 0x39, 0xdb, 0x71, 0xe0, 0xf6, 0xc6, 0xf7, 0x89,
+	0xee, 0xdd, 0x22, 0x9e, 0x16, 0xf6, 0xb9, 0x10, 0x86, 0x03, 0xae, 0xe8, 0x36, 0x14, 0xa8, 0x43,
+	0xf4, 0x61, 0x7a, 0x3c, 0x57, 0xad, 0xe9, 0x10, 0x3d, 0xac, 0xd7, 0xec, 0x1f, 0xe6, 0x8c, 0xd4,
+	0x9f, 0x46, 0x9d, 0x41, 0x69, 0xdc, 0x19, 0x69, 0x26, 0x56, 0x8e, 0xce, 0xc4, 0xbf, 0x09, 0x4a,
+	0x01, 0xd7, 0xef, 0xa6, 0x41, 0x3d, 0xf4, 0x76, 0x9f, 0x99, 0xeb, 0xd9, 0xcc, 0xcc, 0xa8, 0xb9,
+	0x91, 0x83, 0x2c, 0xf3, 0x21, 0x11, 0x13, 0xaf, 0xc2, 0x88, 0xe1, 0x91, 0xb6, 0x9f, 0x5f, 0x17,
+	0x33, 0xdb, 0x38, 0x1c, 0x1c, 0x56, 0x18, 0x3d, 0x16, 0x6c, 0xd4, 0x47, 0xf1, 0x1d, 0x30, 0xdb,
+	0xa3, 0xef, 0xc0, 0x18, 0x95, 0xc3, 0x8e, 0x5f, 0x25, 0x66, 0xb3, 0xc8, 0x09, 0xc6, 0xd5, 0x29,
+	0x29, 0x6a, 0xcc, 0x87, 0x50, 0x1c, 0x72, 0x8c, 0x64, 0x70, 0x6e, 0xa8, 0x0c, 0x4e, 0xf8, 0x3f,
+	0x35, 0x83, 0x5d, 0x18, 0xe4, 0x40, 0xf4, 0x6d, 0x28, 0xda, 0x8e, 0xf6, 0x4e, 0x30, 0x78, 0x3d,
+	0xe1, 0x64, 0x72, 0x9b, 0xe3, 0x0e, 0x0a, 0x13, 0x60, 0x32, 0xc5, 0x32, 0x96, 0x2c, 0xd5, 0xf7,
+	0x15, 0x98, 0x4c, 0x16, 0xb3, 0x21, 0xaa, 0xc5, 0x1a, 0x4c, 0xb4, 0x35, 0x4f, 0xdf, 0x0e, 0x1a,
+	0x8a, 0x3c, 0xff, 0xcf, 0xf4, 0xba, 0xb5, 0x89, 0x5b, 0xb1, 0x95, 0xfd, 0x6e, 0x0d, 0x5d, 0xeb,
+	0x98, 0xe6, 0x5e, 0xfc, 0x2c, 0x94, 0xa0, 0x57, 0x3f, 0xcc, 0x05, 0x99, 0xd3, 0x77, 0xb8, 0x61,
+	0x13, 0xac, 0x1e, 0x8c, 0x73, 0xc9, 0x09, 0x36, 0x1c, 0xf4, 0x70, 0x04, 0x0b, 0xb9, 0x7d, 0x03,
+	0xe3, 0xd2, 0xe1, 0x8e, 0x56, 0xcf, 0xd9, 0xf8, 0xf8, 0xd7, 0x02, 0x8c, 0xc7, 0x9a, 0x5c, 0x86,
+	0x31, 0x72, 0x01, 0x4e, 0xb4, 0xc2, 0xa8, 0xe4, 0xe7, 0x3e, 0xe1, 0xaf, 0xcf, 0x4a, 0xe4, 0x68,
+	0x4a, 0x71, 0xba, 0x24, 0x7e, 0x3c, 0xc7, 0xf2, 0x4f, 0x3d, 0xc7, 0xee, 0xc2, 0x84, 0x16, 0x8c,
+	0x35, 0xb7, 0xec, 0x96, 0x7f, 0x30, 0xad, 0x4b, 0xaa, 0x89, 0x85, 0xd8, 0xea, 0x7e, 0xb7, 0xf6,
+	0x99, 0xe4, 0x30, 0xc4, 0xe0, 0x38, 0xc1, 0x05, 0x5d, 0x80, 0x11, 0xee, 0x1d, 0x3e, 0x79, 0xe4,
+	0xc3, 0x9a, 0xc2, 0x0d, 0x8b, 0xc5, 0x1a, 0xba, 0x0c, 0x65, 0xad, 0xd5, 0x36, 0xac, 0x05, 0x5d,
+	0x27, 0xd4, 0x3f, 0x90, 0xf2, 0x71, 0x66, 0x21, 0x04, 0xe3, 0x28, 0x0e, 0xb2, 0x60, 0x62, 0xd3,
+	0x70, 0xa9, 0xb7, 0xb0, 0xab, 0x19, 0xa6, 0xb6, 0x61, 0x12, 0x79, 0x3c, 0xcd, 0x34, 0x3f, 0x34,
+	0x3b, 0x1b, 0xfe, 0x80, 0x72, 0xda, 0xdf, 0xdf, 0xb5, 0x18, 0x37, 0x9c, 0xe0, 0xce, 0x86, 0x15,
+	0xcf, 0x36, 0x89, 0xc8, 0x68, 0x5a, 0x29, 0x65, 0x17, 0xb6, 0x1e, 0x90, 0x85, 0xc3, 0x4a, 0x08,
+	0xa3, 0x38, 0xca, 0x57, 0xfd, 0x4b, 0x70, 0x46, 0x48, 0x99, 0x65, 0xd1, 0x45, 0x36, 0x19, 0xf3,
+	0x25, 0x19, 0x6f, 0x91, 0xe1, 0x96, 0x83, 0xb1, 0xbf, 0x1e, 0xb9, 0x42, 0xcc, 0x65, 0xba, 0x42,
+	0xcc, 0x67, 0xb8, 0x42, 0x2c, 0x1c, 0x78, 0x85, 0x98, 0x70, 0xe4, 0x48, 0x06, 0x47, 0x26, 0x0c,
+	0x5b, 0x7c, 0x46, 0x86, 0x7d, 0x1b, 0x26, 0x12, 0xa7, 0xf2, 0x1b, 0x90, 0xd7, 0x89, 0x29, 0x6b,
+	0xfb, 0x13, 0x2e, 0x0d, 0xfb, 0xce, 0xf4, 0x8d, 0xd1, 0x5e, 0xb7, 0x96, 0x5f, 0x5c, 0xbe, 0x89,
+	0x19, 0x13, 0xf5, 0xd7, 0x79, 0xbf, 0x9a, 0x87, 0xa1, 0xf5, 0x69, 0x59, 0xf8, 0x5f, 0xcb, 0x42,
+	0x22, 0x34, 0x46, 0x9f, 0x51, 0x68, 0xfc, 0x3b, 0x18, 0x7b, 0xf9, 0x3d, 0x15, 0x7a, 0x21, 0xd2,
+	0x33, 0x1a, 0x65, 0x49, 0x9e, 0x7f, 0x93, 0xec, 0x89, 0x06, 0x72, 0x21, 0xda, 0x40, 0xc6, 0x06,
+	0x5f, 0xaf, 0xa0, 0xab, 0x50, 0x24, 0x9b, 0x9b, 0x44, 0xf7, 0x64, 0x52, 0xf9, 0x17, 0xa3, 0xc5,
+	0x65, 0x0e, 0xdd, 0xef, 0xd6, 0xa6, 0x22, 0x22, 0x05, 0x10, 0x4b, 0x12, 0xf4, 0x0d, 0x18, 0xf3,
+	0x8c, 0x36, 0x59, 0x68, 0xb5, 0x48, 0x8b, 0xdb, 0xbb, 0x3c, 0xff, 0x62, 0xb6, 0x89, 0x70, 0xdd,
+	0x68, 0x13, 0x71, 0x58, 0x5c, 0xf7, 0x19, 0xe0, 0x90, 0x97, 0xfa, 0x30, 0x98, 0xdd, 0xb8, 0x58,
+	0xdc, 0x31, 0xc9, 0x11, 0x0c, 0xf9, 0xcd, 0xd8, 0x90, 0x7f, 0x39, 0xf3, 0xfd, 0x21, 0x53, 0x2f,
+	0x75, 0xd0, 0xff, 0x48, 0xf1, 0x87, 0xb6, 0x00, 0xf7, 0x08, 0x86, 0x69, 0x1c, 0x1f, 0xa6, 0x2f,
+	0x0d, 0xb5, 0x97, 0x94, 0x81, 0xfa, 0xe3, 0xfe, 0x9d, 0xf0, 0xa1, 0xba, 0x0d, 0x13, 0xad, 0x58,
+	0xaa, 0x0e, 0x73, 0x4e, 0xe1, 0xac, 0x82, 0x1c, 0x47, 0x2c, 0x53, 0xe3, 0x79, 0x8f, 0x13, 0xcc,
+	0xd9, 0x39, 0x81, 0x5f, 0xcf, 0x66, 0xbb, 0xe9, 0x8a, 0x5e, 0xf3, 0x06, 0xdb, 0x12, 0xfa, 0x0b,
+	0x36, 0xea, 0x4f, 0x72, 0xb1, 0x6d, 0x05, 0x72, 0xbe, 0xd6, 0x5f, 0xf3, 0x44, 0xa6, 0x9d, 0xcc,
+	0x54, 0xef, 0xd4, 0x44, 0x4f, 0x83, 0x01, 0xfd, 0xec, 0x6c, 0xac, 0x9f, 0x95, 0x12, 0xbd, 0x4c,
+	0x4d, 0xf4, 0x32, 0x18, 0xd0, 0xc7, 0x62, 0x55, 0x75, 0xe4, 0x69, 0x57, 0x55, 0xf5, 0x67, 0x39,
+	0xbf, 0x5d, 0x84, 0x45, 0xe9, 0x49, 0x65, 0xe7, 0x0d, 0x28, 0xd9, 0x0e, 0xc3, 0xb5, 0xfd, 0xad,
+	0xcf, 0xfa, 0x81, 0x7a, 0x5b, 0xc2, 0xf7, 0xbb, 0xb5, 0x4a, 0x92, 0xad, 0xbf, 0x86, 0x03, 0xea,
+	0xb0, 0x80, 0xe5, 0x33, 0x15, 0xb0, 0xc2, 0xf0, 0x05, 0x6c, 0x11, 0xa6, 0xc2, 0x02, 0xdb, 0x24,
+	0xba, 0x6d, 0xb5, 0xa8, 0xac, 0xf4, 0xa7, 0x7a, 0xdd, 0xda, 0xd4, 0x7a, 0x72, 0x11, 0xf7, 0xe3,
+	0xab, 0xbf, 0x50, 0x60, 0xaa, 0xef, 0x63, 0x1d, 0xba, 0x0a, 0xe3, 0x06, 0x9b, 0xc8, 0x37, 0x35,
+	0x9d, 0x44, 0x82, 0xe7, 0x94, 0x54, 0x6f, 0x7c, 0x25, 0xba, 0x88, 0xe3, 0xb8, 0xe8, 0x0c, 0xe4,
+	0x0d, 0xc7, 0xbf, 0x18, 0xe5, 0x1d, 0x7c, 0x65, 0x8d, 0x62, 0x06, 0x63, 0xad, 0x78, 0x5b, 0x73,
+	0x5b, 0x0f, 0x34, 0x97, 0xd5, 0x4a, 0x97, 0x4d, 0x2f, 0xf9, 0x78, 0x2b, 0x7e, 0x23, 0xbe, 0x8c,
+	0x93, 0xf8, 0xea, 0x87, 0x0a, 0x9c, 0x49, 0x3d, 0x04, 0x66, 0xfe, 0x9e, 0xab, 0x01, 0x38, 0x9a,
+	0xab, 0xb5, 0x89, 0x3c, 0x38, 0x1d, 0xe2, 0x33, 0x69, 0x50, 0x8e, 0xd7, 0x02, 0x46, 0x38, 0xc2,
+	0x54, 0xfd, 0x20, 0x07, 0xe3, 0x58, 0x46, 0xb0, 0xb8, 0xe5, 0x7b, 0xf6, 0x4d, 0xe0, 0x4e, 0xac,
+	0x09, 0x3c, 0x61, 0xdc, 0x8a, 0x29, 0x97, 0xd6, 0x02, 0xd0, 0x3d, 0x28, 0x52, 0xfe, 0xad, 0x3c,
+	0xdb, 0x9d, 0x75, 0x9c, 0x29, 0x27, 0x0c, 0x9d, 0x20, 0xfe, 0x63, 0xc9, 0x50, 0xed, 0x29, 0x50,
+	0x8d, 0xe1, 0xcb, 0x8f, 0x7a, 0x2e, 0x26, 0x9b, 0xc4, 0x25, 0x96, 0x4e, 0xd0, 0x2c, 0x94, 0x34,
+	0xc7, 0xb8, 0xee, 0xda, 0x1d, 0x47, 0x7a, 0x34, 0x68, 0x1c, 0x0b, 0x6b, 0x2b, 0x1c, 0x8e, 0x03,
+	0x0c, 0x86, 0xed, 0x6b, 0x24, 0xe3, 0x2a, 0x72, 0x33, 0x2a, 0xe0, 0x38, 0xc0, 0x08, 0x26, 0xc7,
+	0x42, 0xea, 0xe4, 0xd8, 0x80, 0x7c, 0xc7, 0x68, 0xc9, 0xeb, 0xdc, 0x97, 0xfd, 0x62, 0xf1, 0xd6,
+	0xca, 0xd2, 0x7e, 0xb7, 0x76, 0x3e, 0xed, 0x2d, 0x82, 0xb7, 0xe7, 0x10, 0x5a, 0x7f, 0x6b, 0x65,
+	0x09, 0x33, 0x62, 0xf5, 0x77, 0x0a, 0x4c, 0xc5, 0x36, 0x79, 0x04, 0x0d, 0x74, 0x2d, 0xde, 0x40,
+	0x5f, 0x1a, 0xc2, 0x65, 0x29, 0xed, 0xd3, 0x48, 0x6c, 0x82, 0xf7, 0xce, 0xf5, 0xe4, 0xf7, 0xf9,
+	0x8b, 0x99, 0x2f, 0x7d, 0xd3, 0x3f, 0xca, 0xab, 0x7f, 0xc8, 0xc1, 0xc9, 0x01, 0x51, 0x84, 0xee,
+	0x03, 0x84, 0xe3, 0xed, 0x00, 0xa3, 0x0d, 0x10, 0xd8, 0xf7, 0x89, 0x62, 0x82, 0x7f, 0x35, 0x0f,
+	0xa1, 0x11, 0x8e, 0x88, 0x42, 0xd9, 0x25, 0x94, 0xb8, 0xbb, 0xa4, 0x75, 0x8d, 0x57, 0x7f, 0x66,
+	0xba, 0xaf, 0x0e, 0x61, 0xba, 0xbe, 0xe8, 0x0d, 0xa7, 0x62, 0x1c, 0x32, 0xc6, 0x51, 0x29, 0xe8,
+	0x7e, 0x68, 0x42, 0xf1, 0x14, 0xe4, 0x4a, 0xa6, 0x1d, 0xc5, 0x5f, 0xb1, 0x1c, 0x60, 0xcc, 0x8f,
+	0x15, 0x38, 0x15, 0x53, 0x72, 0x9d, 0xb4, 0x1d, 0x53, 0xf3, 0x8e, 0x62, 0x22, 0xbd, 0x17, 0x2b,
+	0x46, 0xaf, 0x0d, 0x61, 0x49, 0x5f, 0xc9, 0xd4, 0xb9, 0xf4, 0xcf, 0x0a, 0x9c, 0x19, 0x48, 0x71,
+	0x04, 0xc9, 0xf5, 0xcd, 0x78, 0x72, 0x5d, 0x39, 0xc4, 0xbe, 0xd2, 0x2f, 0x7d, 0xcf, 0xa4, 0xda,
+	0xe1, 0xff, 0xb2, 0x7b, 0xa8, 0xbf, 0x52, 0xe0, 0xb8, 0x8f, 0xc9, 0xa6, 0xc3, 0x0c, 0xc7, 0xf5,
+	0x79, 0x00, 0xf9, 0x7e, 0xcb, 0xff, 0x30, 0x93, 0x0f, 0xf5, 0xbe, 0x1e, 0xac, 0xe0, 0x08, 0x16,
+	0xba, 0x01, 0xc8, 0xd7, 0xb0, 0x69, 0xfa, 0xd7, 0x9b, 0xbc, 0x05, 0xe4, 0x1b, 0xd3, 0x92, 0x16,
+	0xe1, 0x3e, 0x0c, 0x3c, 0x80, 0x4a, 0xfd, 0xbd, 0x12, 0xf6, 0x6d, 0x0e, 0x7e, 0x5e, 0x2d, 0xcf,
+	0x95, 0x4b, 0xb5, 0x7c, 0xb4, 0xef, 0x70, 0xcc, 0xe7, 0xb6, 0xef, 0x70, 0xed, 0x52, 0x52, 0xe2,
+	0x4f, 0x85, 0xc4, 0x2e, 0x78, 0x2a, 0x64, 0x9d, 0xf2, 0x6e, 0x46, 0x5e, 0xed, 0xc5, 0x4f, 0xf7,
+	0x07, 0xa8, 0xc3, 0xc2, 0x74, 0xe0, 0xf5, 0xdc, 0x6c, 0xe4, 0x3d, 0x51, 0x62, 0xba, 0xc8, 0xf0,
+	0xa6, 0xa8, 0xf0, 0x94, 0xde, 0x14, 0xcd, 0x46, 0xde, 0x14, 0x89, 0x9b, 0xbf, 0x70, 0x22, 0xea,
+	0x7f, 0x57, 0x74, 0x3b, 0xec, 0x2f, 0xe2, 0xce, 0xef, 0xf3, 0x59, 0x5a, 0xf4, 0x01, 0x4f, 0xe6,
+	0x30, 0x9c, 0x76, 0x88, 0x2b, 0xc0, 0xa1, 0x96, 0x2c, 0x53, 0x47, 0xb9, 0x32, 0xd3, 0xbd, 0x6e,
+	0xed, 0xf4, 0xda, 0x40, 0x0c, 0x9c, 0x42, 0x89, 0xb6, 0x61, 0x82, 0x6e, 0x6b, 0x2e, 0x69, 0x05,
+	0x8f, 0xc4, 0xc4, 0xc5, 0xef, 0x4c, 0xd6, 0xa7, 0x2f, 0xe1, 0xfd, 0x72, 0x33, 0xc6, 0x07, 0x27,
+	0xf8, 0x36, 0x1a, 0x0f, 0x1f, 0x57, 0x8f, 0x3d, 0x7a, 0x5c, 0x3d, 0xf6, 0xc9, 0xe3, 0xea, 0xb1,
+	0xf7, 0x7a, 0x55, 0xe5, 0x61, 0xaf, 0xaa, 0x3c, 0xea, 0x55, 0x95, 0x4f, 0x7a, 0x55, 0xe5, 0x1f,
+	0xbd, 0xaa, 0xf2, 0xe3, 0x7f, 0x56, 0x8f, 0x7d, 0xeb, 0xec, 0x41, 0x4f, 0x74, 0xff, 0x1b, 0x00,
+	0x00, 0xff, 0xff, 0xa5, 0x57, 0x37, 0xad, 0xc1, 0x2b, 0x00, 0x00,
 }
 
 func (m *AllocatedDeviceStatus) Marshal() (dAtA []byte, err error) {
@@ -1178,16 +1509,18 @@ func (m *AllocatedDeviceStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 		i--
 		dAtA[i] = 0x32
 	}
-	{
-		size, err := m.Data.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
+	if m.Data != nil {
+		{
+			size, err := m.Data.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
 		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
+		i--
+		dAtA[i] = 0x2a
 	}
-	i--
-	dAtA[i] = 0x2a
 	if len(m.Conditions) > 0 {
 		for iNdEx := len(m.Conditions) - 1; iNdEx >= 0; iNdEx-- {
 			{
@@ -1285,17 +1618,10 @@ func (m *BasicDevice) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
-	if len(m.Capacity) > 0 {
-		keysForCapacity := make([]string, 0, len(m.Capacity))
-		for k := range m.Capacity {
-			keysForCapacity = append(keysForCapacity, string(k))
-		}
-		github_com_gogo_protobuf_sortkeys.Strings(keysForCapacity)
-		for iNdEx := len(keysForCapacity) - 1; iNdEx >= 0; iNdEx-- {
-			v := m.Capacity[QualifiedName(keysForCapacity[iNdEx])]
-			baseI := i
+	if len(m.Taints) > 0 {
+		for iNdEx := len(m.Taints) - 1; iNdEx >= 0; iNdEx-- {
 			{
-				size, err := (&v).MarshalToSizedBuffer(dAtA[:i])
+				size, err := m.Taints[iNdEx].MarshalToSizedBuffer(dAtA[:i])
 				if err != nil {
 					return 0, err
 				}
@@ -1303,21 +1629,85 @@ func (m *BasicDevice) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 				i = encodeVarintGenerated(dAtA, i, uint64(size))
 			}
 			i--
-			dAtA[i] = 0x12
-			i -= len(keysForCapacity[iNdEx])
-			copy(dAtA[i:], keysForCapacity[iNdEx])
-			i = encodeVarintGenerated(dAtA, i, uint64(len(keysForCapacity[iNdEx])))
-			i--
-			dAtA[i] = 0xa
-			i = encodeVarintGenerated(dAtA, i, uint64(baseI-i))
-			i--
-			dAtA[i] = 0x12
+			dAtA[i] = 0x3a
 		}
 	}
-	if len(m.Attributes) > 0 {
-		keysForAttributes := make([]string, 0, len(m.Attributes))
-		for k := range m.Attributes {
-			keysForAttributes = append(keysForAttributes, string(k))
+	if m.AllNodes != nil {
+		i--
+		if *m.AllNodes {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i--
+		dAtA[i] = 0x30
+	}
+	if m.NodeSelector != nil {
+		{
+			size, err := m.NodeSelector.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x2a
+	}
+	if m.NodeName != nil {
+		i -= len(*m.NodeName)
+		copy(dAtA[i:], *m.NodeName)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.NodeName)))
+		i--
+		dAtA[i] = 0x22
+	}
+	if len(m.ConsumesCounters) > 0 {
+		for iNdEx := len(m.ConsumesCounters) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.ConsumesCounters[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x1a
+		}
+	}
+	if len(m.Capacity) > 0 {
+		keysForCapacity := make([]string, 0, len(m.Capacity))
+		for k := range m.Capacity {
+			keysForCapacity = append(keysForCapacity, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForCapacity)
+		for iNdEx := len(keysForCapacity) - 1; iNdEx >= 0; iNdEx-- {
+			v := m.Capacity[QualifiedName(keysForCapacity[iNdEx])]
+			baseI := i
+			{
+				size, err := (&v).MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+			i -= len(keysForCapacity[iNdEx])
+			copy(dAtA[i:], keysForCapacity[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(keysForCapacity[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+			i = encodeVarintGenerated(dAtA, i, uint64(baseI-i))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	if len(m.Attributes) > 0 {
+		keysForAttributes := make([]string, 0, len(m.Attributes))
+		for k := range m.Attributes {
+			keysForAttributes = append(keysForAttributes, string(k))
 		}
 		github_com_gogo_protobuf_sortkeys.Strings(keysForAttributes)
 		for iNdEx := len(keysForAttributes) - 1; iNdEx >= 0; iNdEx-- {
@@ -1374,6 +1764,96 @@ func (m *CELDeviceSelector) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
+func (m *Counter) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *Counter) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *Counter) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Value.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *CounterSet) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *CounterSet) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *CounterSet) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Counters) > 0 {
+		keysForCounters := make([]string, 0, len(m.Counters))
+		for k := range m.Counters {
+			keysForCounters = append(keysForCounters, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+		for iNdEx := len(keysForCounters) - 1; iNdEx >= 0; iNdEx-- {
+			v := m.Counters[string(keysForCounters[iNdEx])]
+			baseI := i
+			{
+				size, err := (&v).MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+			i -= len(keysForCounters[iNdEx])
+			copy(dAtA[i:], keysForCounters[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(keysForCounters[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+			i = encodeVarintGenerated(dAtA, i, uint64(baseI-i))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
 func (m *Device) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -1919,6 +2399,63 @@ func (m *DeviceConstraint) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
+func (m *DeviceCounterConsumption) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceCounterConsumption) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceCounterConsumption) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Counters) > 0 {
+		keysForCounters := make([]string, 0, len(m.Counters))
+		for k := range m.Counters {
+			keysForCounters = append(keysForCounters, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+		for iNdEx := len(keysForCounters) - 1; iNdEx >= 0; iNdEx-- {
+			v := m.Counters[string(keysForCounters[iNdEx])]
+			baseI := i
+			{
+				size, err := (&v).MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+			i -= len(keysForCounters[iNdEx])
+			copy(dAtA[i:], keysForCounters[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(keysForCounters[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+			i = encodeVarintGenerated(dAtA, i, uint64(baseI-i))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.CounterSet)
+	copy(dAtA[i:], m.CounterSet)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.CounterSet)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
 func (m *DeviceRequest) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -1939,6 +2476,34 @@ func (m *DeviceRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if len(m.Tolerations) > 0 {
+		for iNdEx := len(m.Tolerations) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Tolerations[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x42
+		}
+	}
+	if len(m.FirstAvailable) > 0 {
+		for iNdEx := len(m.FirstAvailable) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.FirstAvailable[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x3a
+		}
+	}
 	if m.AdminAccess != nil {
 		i--
 		if *m.AdminAccess {
@@ -2004,6 +2569,20 @@ func (m *DeviceRequestAllocationResult) MarshalToSizedBuffer(dAtA []byte) (int,
 	_ = i
 	var l int
 	_ = l
+	if len(m.Tolerations) > 0 {
+		for iNdEx := len(m.Tolerations) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Tolerations[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x32
+		}
+	}
 	if m.AdminAccess != nil {
 		i--
 		if *m.AdminAccess {
@@ -2072,7 +2651,7 @@ func (m *DeviceSelector) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
-func (m *NetworkDeviceData) Marshal() (dAtA []byte, err error) {
+func (m *DeviceSubRequest) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2082,77 +2661,66 @@ func (m *NetworkDeviceData) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *NetworkDeviceData) MarshalTo(dAtA []byte) (int, error) {
+func (m *DeviceSubRequest) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *NetworkDeviceData) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *DeviceSubRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	i -= len(m.HardwareAddress)
-	copy(dAtA[i:], m.HardwareAddress)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.HardwareAddress)))
-	i--
-	dAtA[i] = 0x1a
-	if len(m.IPs) > 0 {
-		for iNdEx := len(m.IPs) - 1; iNdEx >= 0; iNdEx-- {
-			i -= len(m.IPs[iNdEx])
-			copy(dAtA[i:], m.IPs[iNdEx])
-			i = encodeVarintGenerated(dAtA, i, uint64(len(m.IPs[iNdEx])))
+	if len(m.Tolerations) > 0 {
+		for iNdEx := len(m.Tolerations) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Tolerations[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
 			i--
-			dAtA[i] = 0x12
+			dAtA[i] = 0x3a
 		}
 	}
-	i -= len(m.InterfaceName)
-	copy(dAtA[i:], m.InterfaceName)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.InterfaceName)))
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Count))
 	i--
-	dAtA[i] = 0xa
-	return len(dAtA) - i, nil
-}
-
-func (m *OpaqueDeviceConfiguration) Marshal() (dAtA []byte, err error) {
-	size := m.Size()
-	dAtA = make([]byte, size)
-	n, err := m.MarshalToSizedBuffer(dAtA[:size])
-	if err != nil {
-		return nil, err
-	}
-	return dAtA[:n], nil
-}
-
-func (m *OpaqueDeviceConfiguration) MarshalTo(dAtA []byte) (int, error) {
-	size := m.Size()
-	return m.MarshalToSizedBuffer(dAtA[:size])
-}
-
-func (m *OpaqueDeviceConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
-	i := len(dAtA)
-	_ = i
-	var l int
-	_ = l
-	{
-		size, err := m.Parameters.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
+	dAtA[i] = 0x28
+	i -= len(m.AllocationMode)
+	copy(dAtA[i:], m.AllocationMode)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.AllocationMode)))
+	i--
+	dAtA[i] = 0x22
+	if len(m.Selectors) > 0 {
+		for iNdEx := len(m.Selectors) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Selectors[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x1a
 		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
+	i -= len(m.DeviceClassName)
+	copy(dAtA[i:], m.DeviceClassName)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.DeviceClassName)))
 	i--
 	dAtA[i] = 0x12
-	i -= len(m.Driver)
-	copy(dAtA[i:], m.Driver)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceClaim) Marshal() (dAtA []byte, err error) {
+func (m *DeviceTaint) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2162,50 +2730,47 @@ func (m *ResourceClaim) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceClaim) MarshalTo(dAtA []byte) (int, error) {
+func (m *DeviceTaint) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceClaim) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *DeviceTaint) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	{
-		size, err := m.Status.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
+	if m.TimeAdded != nil {
+		{
+			size, err := m.TimeAdded.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
 		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
+		i--
+		dAtA[i] = 0x22
 	}
+	i -= len(m.Effect)
+	copy(dAtA[i:], m.Effect)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Effect)))
 	i--
 	dAtA[i] = 0x1a
-	{
-		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
-	}
+	i -= len(m.Value)
+	copy(dAtA[i:], m.Value)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Value)))
 	i--
 	dAtA[i] = 0x12
-	{
-		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
-	}
+	i -= len(m.Key)
+	copy(dAtA[i:], m.Key)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Key)))
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceClaimConsumerReference) Marshal() (dAtA []byte, err error) {
+func (m *DeviceTaintRule) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2215,40 +2780,40 @@ func (m *ResourceClaimConsumerReference) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceClaimConsumerReference) MarshalTo(dAtA []byte) (int, error) {
+func (m *DeviceTaintRule) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceClaimConsumerReference) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *DeviceTaintRule) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	i -= len(m.UID)
-	copy(dAtA[i:], m.UID)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.UID)))
-	i--
-	dAtA[i] = 0x2a
-	i -= len(m.Name)
-	copy(dAtA[i:], m.Name)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
-	i--
-	dAtA[i] = 0x22
-	i -= len(m.Resource)
-	copy(dAtA[i:], m.Resource)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Resource)))
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
 	i--
-	dAtA[i] = 0x1a
-	i -= len(m.APIGroup)
-	copy(dAtA[i:], m.APIGroup)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.APIGroup)))
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceClaimList) Marshal() (dAtA []byte, err error) {
+func (m *DeviceTaintRuleList) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2258,12 +2823,12 @@ func (m *ResourceClaimList) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceClaimList) MarshalTo(dAtA []byte) (int, error) {
+func (m *DeviceTaintRuleList) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceClaimList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *DeviceTaintRuleList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
@@ -2295,7 +2860,7 @@ func (m *ResourceClaimList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceClaimSpec) Marshal() (dAtA []byte, err error) {
+func (m *DeviceTaintRuleSpec) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2305,18 +2870,18 @@ func (m *ResourceClaimSpec) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceClaimSpec) MarshalTo(dAtA []byte) (int, error) {
+func (m *DeviceTaintRuleSpec) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceClaimSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *DeviceTaintRuleSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
 	{
-		size, err := m.Devices.MarshalToSizedBuffer(dAtA[:i])
+		size, err := m.Taint.MarshalToSizedBuffer(dAtA[:i])
 		if err != nil {
 			return 0, err
 		}
@@ -2324,11 +2889,23 @@ func (m *ResourceClaimSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
 	i--
-	dAtA[i] = 0xa
+	dAtA[i] = 0x12
+	if m.DeviceSelector != nil {
+		{
+			size, err := m.DeviceSelector.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0xa
+	}
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceClaimStatus) Marshal() (dAtA []byte, err error) {
+func (m *DeviceTaintSelector) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2338,20 +2915,20 @@ func (m *ResourceClaimStatus) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceClaimStatus) MarshalTo(dAtA []byte) (int, error) {
+func (m *DeviceTaintSelector) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceClaimStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *DeviceTaintSelector) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	if len(m.Devices) > 0 {
-		for iNdEx := len(m.Devices) - 1; iNdEx >= 0; iNdEx-- {
+	if len(m.Selectors) > 0 {
+		for iNdEx := len(m.Selectors) - 1; iNdEx >= 0; iNdEx-- {
 			{
-				size, err := m.Devices[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				size, err := m.Selectors[iNdEx].MarshalToSizedBuffer(dAtA[:i])
 				if err != nil {
 					return 0, err
 				}
@@ -2359,39 +2936,41 @@ func (m *ResourceClaimStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 				i = encodeVarintGenerated(dAtA, i, uint64(size))
 			}
 			i--
-			dAtA[i] = 0x22
+			dAtA[i] = 0x2a
 		}
 	}
-	if len(m.ReservedFor) > 0 {
-		for iNdEx := len(m.ReservedFor) - 1; iNdEx >= 0; iNdEx-- {
-			{
-				size, err := m.ReservedFor[iNdEx].MarshalToSizedBuffer(dAtA[:i])
-				if err != nil {
-					return 0, err
-				}
-				i -= size
-				i = encodeVarintGenerated(dAtA, i, uint64(size))
-			}
-			i--
-			dAtA[i] = 0x12
-		}
+	if m.Device != nil {
+		i -= len(*m.Device)
+		copy(dAtA[i:], *m.Device)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.Device)))
+		i--
+		dAtA[i] = 0x22
 	}
-	if m.Allocation != nil {
-		{
-			size, err := m.Allocation.MarshalToSizedBuffer(dAtA[:i])
-			if err != nil {
-				return 0, err
-			}
-			i -= size
-			i = encodeVarintGenerated(dAtA, i, uint64(size))
-		}
+	if m.Pool != nil {
+		i -= len(*m.Pool)
+		copy(dAtA[i:], *m.Pool)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.Pool)))
+		i--
+		dAtA[i] = 0x1a
+	}
+	if m.Driver != nil {
+		i -= len(*m.Driver)
+		copy(dAtA[i:], *m.Driver)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.Driver)))
+		i--
+		dAtA[i] = 0x12
+	}
+	if m.DeviceClassName != nil {
+		i -= len(*m.DeviceClassName)
+		copy(dAtA[i:], *m.DeviceClassName)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.DeviceClassName)))
 		i--
 		dAtA[i] = 0xa
 	}
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceClaimTemplate) Marshal() (dAtA []byte, err error) {
+func (m *DeviceToleration) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2401,40 +2980,45 @@ func (m *ResourceClaimTemplate) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceClaimTemplate) MarshalTo(dAtA []byte) (int, error) {
+func (m *DeviceToleration) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceClaimTemplate) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *DeviceToleration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	{
-		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	if m.TolerationSeconds != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.TolerationSeconds))
+		i--
+		dAtA[i] = 0x28
 	}
+	i -= len(m.Effect)
+	copy(dAtA[i:], m.Effect)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Effect)))
+	i--
+	dAtA[i] = 0x22
+	i -= len(m.Value)
+	copy(dAtA[i:], m.Value)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Value)))
+	i--
+	dAtA[i] = 0x1a
+	i -= len(m.Operator)
+	copy(dAtA[i:], m.Operator)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Operator)))
 	i--
 	dAtA[i] = 0x12
-	{
-		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
-	}
+	i -= len(m.Key)
+	copy(dAtA[i:], m.Key)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Key)))
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceClaimTemplateList) Marshal() (dAtA []byte, err error) {
+func (m *NetworkDeviceData) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2444,44 +3028,39 @@ func (m *ResourceClaimTemplateList) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceClaimTemplateList) MarshalTo(dAtA []byte) (int, error) {
+func (m *NetworkDeviceData) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceClaimTemplateList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *NetworkDeviceData) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	if len(m.Items) > 0 {
-		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
-			{
-				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
-				if err != nil {
-					return 0, err
-				}
-				i -= size
-				i = encodeVarintGenerated(dAtA, i, uint64(size))
-			}
+	i -= len(m.HardwareAddress)
+	copy(dAtA[i:], m.HardwareAddress)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.HardwareAddress)))
+	i--
+	dAtA[i] = 0x1a
+	if len(m.IPs) > 0 {
+		for iNdEx := len(m.IPs) - 1; iNdEx >= 0; iNdEx-- {
+			i -= len(m.IPs[iNdEx])
+			copy(dAtA[i:], m.IPs[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(m.IPs[iNdEx])))
 			i--
 			dAtA[i] = 0x12
 		}
 	}
-	{
-		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
-	}
+	i -= len(m.InterfaceName)
+	copy(dAtA[i:], m.InterfaceName)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.InterfaceName)))
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceClaimTemplateSpec) Marshal() (dAtA []byte, err error) {
+func (m *OpaqueDeviceConfiguration) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2491,18 +3070,18 @@ func (m *ResourceClaimTemplateSpec) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceClaimTemplateSpec) MarshalTo(dAtA []byte) (int, error) {
+func (m *OpaqueDeviceConfiguration) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceClaimTemplateSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *OpaqueDeviceConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
 	{
-		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		size, err := m.Parameters.MarshalToSizedBuffer(dAtA[:i])
 		if err != nil {
 			return 0, err
 		}
@@ -2511,20 +3090,15 @@ func (m *ResourceClaimTemplateSpec) MarshalToSizedBuffer(dAtA []byte) (int, erro
 	}
 	i--
 	dAtA[i] = 0x12
-	{
-		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
-	}
+	i -= len(m.Driver)
+	copy(dAtA[i:], m.Driver)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourcePool) Marshal() (dAtA []byte, err error) {
+func (m *ResourceClaim) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2534,31 +3108,50 @@ func (m *ResourcePool) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourcePool) MarshalTo(dAtA []byte) (int, error) {
+func (m *ResourceClaim) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourcePool) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *ResourceClaim) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	i = encodeVarintGenerated(dAtA, i, uint64(m.ResourceSliceCount))
-	i--
-	dAtA[i] = 0x18
-	i = encodeVarintGenerated(dAtA, i, uint64(m.Generation))
-	i--
-	dAtA[i] = 0x10
-	i -= len(m.Name)
-	copy(dAtA[i:], m.Name)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	{
+		size, err := m.Status.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x1a
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceSlice) Marshal() (dAtA []byte, err error) {
+func (m *ResourceClaimConsumerReference) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2568,40 +3161,40 @@ func (m *ResourceSlice) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceSlice) MarshalTo(dAtA []byte) (int, error) {
+func (m *ResourceClaimConsumerReference) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceSlice) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *ResourceClaimConsumerReference) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	{
-		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
-	}
+	i -= len(m.UID)
+	copy(dAtA[i:], m.UID)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.UID)))
 	i--
-	dAtA[i] = 0x12
-	{
-		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
-	}
+	dAtA[i] = 0x2a
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0x22
+	i -= len(m.Resource)
+	copy(dAtA[i:], m.Resource)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Resource)))
+	i--
+	dAtA[i] = 0x1a
+	i -= len(m.APIGroup)
+	copy(dAtA[i:], m.APIGroup)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.APIGroup)))
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceSliceList) Marshal() (dAtA []byte, err error) {
+func (m *ResourceClaimList) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2611,12 +3204,12 @@ func (m *ResourceSliceList) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceSliceList) MarshalTo(dAtA []byte) (int, error) {
+func (m *ResourceClaimList) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceSliceList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *ResourceClaimList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
@@ -2648,7 +3241,7 @@ func (m *ResourceSliceList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceSliceSpec) Marshal() (dAtA []byte, err error) {
+func (m *ResourceClaimSpec) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2658,12 +3251,45 @@ func (m *ResourceSliceSpec) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceSliceSpec) MarshalTo(dAtA []byte) (int, error) {
+func (m *ResourceClaimSpec) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceSliceSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *ResourceClaimSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Devices.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaimStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaimStatus) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
@@ -2679,20 +3305,26 @@ func (m *ResourceSliceSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 				i = encodeVarintGenerated(dAtA, i, uint64(size))
 			}
 			i--
-			dAtA[i] = 0x32
+			dAtA[i] = 0x22
 		}
 	}
-	i--
-	if m.AllNodes {
-		dAtA[i] = 1
-	} else {
-		dAtA[i] = 0
+	if len(m.ReservedFor) > 0 {
+		for iNdEx := len(m.ReservedFor) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.ReservedFor[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
 	}
-	i--
-	dAtA[i] = 0x28
-	if m.NodeSelector != nil {
+	if m.Allocation != nil {
 		{
-			size, err := m.NodeSelector.MarshalToSizedBuffer(dAtA[:i])
+			size, err := m.Allocation.MarshalToSizedBuffer(dAtA[:i])
 			if err != nil {
 				return 0, err
 			}
@@ -2700,15 +3332,33 @@ func (m *ResourceSliceSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 			i = encodeVarintGenerated(dAtA, i, uint64(size))
 		}
 		i--
-		dAtA[i] = 0x22
+		dAtA[i] = 0xa
 	}
-	i -= len(m.NodeName)
-	copy(dAtA[i:], m.NodeName)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.NodeName)))
-	i--
-	dAtA[i] = 0x1a
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaimTemplate) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaimTemplate) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimTemplate) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
 	{
-		size, err := m.Pool.MarshalToSizedBuffer(dAtA[:i])
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
 		if err != nil {
 			return 0, err
 		}
@@ -2717,282 +3367,432 @@ func (m *ResourceSliceSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	}
 	i--
 	dAtA[i] = 0x12
-	i -= len(m.Driver)
-	copy(dAtA[i:], m.Driver)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
-	offset -= sovGenerated(v)
-	base := offset
-	for v >= 1<<7 {
-		dAtA[offset] = uint8(v&0x7f | 0x80)
-		v >>= 7
-		offset++
+func (m *ResourceClaimTemplateList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
 	}
-	dAtA[offset] = uint8(v)
-	return base
+	return dAtA[:n], nil
 }
-func (m *AllocatedDeviceStatus) Size() (n int) {
-	if m == nil {
-		return 0
-	}
+
+func (m *ResourceClaimTemplateList) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimTemplateList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
 	var l int
 	_ = l
-	l = len(m.Driver)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.Pool)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.Device)
-	n += 1 + l + sovGenerated(uint64(l))
-	if len(m.Conditions) > 0 {
-		for _, e := range m.Conditions {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
 		}
 	}
-	l = m.Data.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	if m.NetworkData != nil {
-		l = m.NetworkData.Size()
-		n += 1 + l + sovGenerated(uint64(l))
+	{
+		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	return n
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
 }
 
-func (m *AllocationResult) Size() (n int) {
-	if m == nil {
-		return 0
-	}
-	var l int
-	_ = l
-	l = m.Devices.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	if m.NodeSelector != nil {
-		l = m.NodeSelector.Size()
-		n += 1 + l + sovGenerated(uint64(l))
+func (m *ResourceClaimTemplateSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
 	}
-	return n
+	return dAtA[:n], nil
 }
 
-func (m *BasicDevice) Size() (n int) {
-	if m == nil {
-		return 0
-	}
+func (m *ResourceClaimTemplateSpec) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimTemplateSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
 	var l int
 	_ = l
-	if len(m.Attributes) > 0 {
-		for k, v := range m.Attributes {
-			_ = k
-			_ = v
-			l = v.Size()
-			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
-			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
 		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	if len(m.Capacity) > 0 {
-		for k, v := range m.Capacity {
-			_ = k
-			_ = v
-			l = v.Size()
-			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
-			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
 		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	return n
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
 }
 
-func (m *CELDeviceSelector) Size() (n int) {
-	if m == nil {
-		return 0
+func (m *ResourcePool) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
 	}
-	var l int
-	_ = l
-	l = len(m.Expression)
-	n += 1 + l + sovGenerated(uint64(l))
-	return n
+	return dAtA[:n], nil
 }
 
-func (m *Device) Size() (n int) {
-	if m == nil {
-		return 0
-	}
-	var l int
-	_ = l
-	l = len(m.Name)
-	n += 1 + l + sovGenerated(uint64(l))
-	if m.Basic != nil {
-		l = m.Basic.Size()
-		n += 1 + l + sovGenerated(uint64(l))
-	}
-	return n
+func (m *ResourcePool) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *DeviceAllocationConfiguration) Size() (n int) {
-	if m == nil {
-		return 0
-	}
+func (m *ResourcePool) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
 	var l int
 	_ = l
-	l = len(m.Source)
-	n += 1 + l + sovGenerated(uint64(l))
-	if len(m.Requests) > 0 {
-		for _, s := range m.Requests {
-			l = len(s)
-			n += 1 + l + sovGenerated(uint64(l))
-		}
-	}
-	l = m.DeviceConfiguration.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	return n
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ResourceSliceCount))
+	i--
+	dAtA[i] = 0x18
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Generation))
+	i--
+	dAtA[i] = 0x10
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
 }
 
-func (m *DeviceAllocationResult) Size() (n int) {
-	if m == nil {
-		return 0
+func (m *ResourceSlice) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
 	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceSlice) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceSlice) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
 	var l int
 	_ = l
-	if len(m.Results) > 0 {
-		for _, e := range m.Results {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
 		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	if len(m.Config) > 0 {
-		for _, e := range m.Config {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
 		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	return n
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
 }
 
-func (m *DeviceAttribute) Size() (n int) {
-	if m == nil {
-		return 0
-	}
-	var l int
-	_ = l
-	if m.IntValue != nil {
-		n += 1 + sovGenerated(uint64(*m.IntValue))
-	}
-	if m.BoolValue != nil {
-		n += 2
-	}
-	if m.StringValue != nil {
-		l = len(*m.StringValue)
-		n += 1 + l + sovGenerated(uint64(l))
-	}
-	if m.VersionValue != nil {
-		l = len(*m.VersionValue)
-		n += 1 + l + sovGenerated(uint64(l))
+func (m *ResourceSliceList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
 	}
-	return n
+	return dAtA[:n], nil
 }
 
-func (m *DeviceClaim) Size() (n int) {
-	if m == nil {
-		return 0
-	}
+func (m *ResourceSliceList) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceSliceList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
 	var l int
 	_ = l
-	if len(m.Requests) > 0 {
-		for _, e := range m.Requests {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
-		}
-	}
-	if len(m.Constraints) > 0 {
-		for _, e := range m.Constraints {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
 		}
 	}
-	if len(m.Config) > 0 {
-		for _, e := range m.Config {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
+	{
+		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
 		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	return n
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
 }
 
-func (m *DeviceClaimConfiguration) Size() (n int) {
-	if m == nil {
-		return 0
+func (m *ResourceSliceSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
 	}
-	var l int
-	_ = l
-	if len(m.Requests) > 0 {
-		for _, s := range m.Requests {
-			l = len(s)
-			n += 1 + l + sovGenerated(uint64(l))
+	return dAtA[:n], nil
+}
+
+func (m *ResourceSliceSpec) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceSliceSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.SharedCounters) > 0 {
+		for iNdEx := len(m.SharedCounters) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.SharedCounters[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x42
 		}
 	}
-	l = m.DeviceConfiguration.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	return n
+	if m.PerDeviceNodeSelection != nil {
+		i--
+		if *m.PerDeviceNodeSelection {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i--
+		dAtA[i] = 0x38
+	}
+	if len(m.Devices) > 0 {
+		for iNdEx := len(m.Devices) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Devices[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x32
+		}
+	}
+	i--
+	if m.AllNodes {
+		dAtA[i] = 1
+	} else {
+		dAtA[i] = 0
+	}
+	i--
+	dAtA[i] = 0x28
+	if m.NodeSelector != nil {
+		{
+			size, err := m.NodeSelector.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x22
+	}
+	i -= len(m.NodeName)
+	copy(dAtA[i:], m.NodeName)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.NodeName)))
+	i--
+	dAtA[i] = 0x1a
+	{
+		size, err := m.Pool.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Driver)
+	copy(dAtA[i:], m.Driver)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
 }
 
-func (m *DeviceClass) Size() (n int) {
+func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
+	offset -= sovGenerated(v)
+	base := offset
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return base
+}
+func (m *AllocatedDeviceStatus) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = m.ObjectMeta.Size()
+	l = len(m.Driver)
 	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Spec.Size()
+	l = len(m.Pool)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Device)
 	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Conditions) > 0 {
+		for _, e := range m.Conditions {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if m.Data != nil {
+		l = m.Data.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.NetworkData != nil {
+		l = m.NetworkData.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
-func (m *DeviceClassConfiguration) Size() (n int) {
+func (m *AllocationResult) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = m.DeviceConfiguration.Size()
+	l = m.Devices.Size()
 	n += 1 + l + sovGenerated(uint64(l))
+	if m.NodeSelector != nil {
+		l = m.NodeSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
-func (m *DeviceClassList) Size() (n int) {
+func (m *BasicDevice) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = m.ListMeta.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	if len(m.Items) > 0 {
-		for _, e := range m.Items {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Attributes) > 0 {
+		for k, v := range m.Attributes {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
 		}
 	}
-	return n
-}
-
-func (m *DeviceClassSpec) Size() (n int) {
-	if m == nil {
-		return 0
+	if len(m.Capacity) > 0 {
+		for k, v := range m.Capacity {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
 	}
-	var l int
-	_ = l
-	if len(m.Selectors) > 0 {
-		for _, e := range m.Selectors {
+	if len(m.ConsumesCounters) > 0 {
+		for _, e := range m.ConsumesCounters {
 			l = e.Size()
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
-	if len(m.Config) > 0 {
-		for _, e := range m.Config {
+	if m.NodeName != nil {
+		l = len(*m.NodeName)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.NodeSelector != nil {
+		l = m.NodeSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.AllNodes != nil {
+		n += 2
+	}
+	if len(m.Taints) > 0 {
+		for _, e := range m.Taints {
 			l = e.Size()
 			n += 1 + l + sovGenerated(uint64(l))
 		}
@@ -3000,39 +3800,29 @@ func (m *DeviceClassSpec) Size() (n int) {
 	return n
 }
 
-func (m *DeviceConfiguration) Size() (n int) {
+func (m *CELDeviceSelector) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	if m.Opaque != nil {
-		l = m.Opaque.Size()
-		n += 1 + l + sovGenerated(uint64(l))
-	}
+	l = len(m.Expression)
+	n += 1 + l + sovGenerated(uint64(l))
 	return n
 }
 
-func (m *DeviceConstraint) Size() (n int) {
+func (m *Counter) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	if len(m.Requests) > 0 {
-		for _, s := range m.Requests {
-			l = len(s)
-			n += 1 + l + sovGenerated(uint64(l))
-		}
-	}
-	if m.MatchAttribute != nil {
-		l = len(*m.MatchAttribute)
-		n += 1 + l + sovGenerated(uint64(l))
-	}
+	l = m.Value.Size()
+	n += 1 + l + sovGenerated(uint64(l))
 	return n
 }
 
-func (m *DeviceRequest) Size() (n int) {
+func (m *CounterSet) Size() (n int) {
 	if m == nil {
 		return 0
 	}
@@ -3040,89 +3830,141 @@ func (m *DeviceRequest) Size() (n int) {
 	_ = l
 	l = len(m.Name)
 	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.DeviceClassName)
-	n += 1 + l + sovGenerated(uint64(l))
-	if len(m.Selectors) > 0 {
-		for _, e := range m.Selectors {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Counters) > 0 {
+		for k, v := range m.Counters {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
 		}
 	}
-	l = len(m.AllocationMode)
-	n += 1 + l + sovGenerated(uint64(l))
-	n += 1 + sovGenerated(uint64(m.Count))
-	if m.AdminAccess != nil {
-		n += 2
-	}
 	return n
 }
 
-func (m *DeviceRequestAllocationResult) Size() (n int) {
+func (m *Device) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = len(m.Request)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.Driver)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.Pool)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.Device)
+	l = len(m.Name)
 	n += 1 + l + sovGenerated(uint64(l))
-	if m.AdminAccess != nil {
-		n += 2
+	if m.Basic != nil {
+		l = m.Basic.Size()
+		n += 1 + l + sovGenerated(uint64(l))
 	}
 	return n
 }
 
-func (m *DeviceSelector) Size() (n int) {
+func (m *DeviceAllocationConfiguration) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	if m.CEL != nil {
-		l = m.CEL.Size()
-		n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Source)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Requests) > 0 {
+		for _, s := range m.Requests {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
 	}
+	l = m.DeviceConfiguration.Size()
+	n += 1 + l + sovGenerated(uint64(l))
 	return n
 }
 
-func (m *NetworkDeviceData) Size() (n int) {
+func (m *DeviceAllocationResult) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = len(m.InterfaceName)
-	n += 1 + l + sovGenerated(uint64(l))
-	if len(m.IPs) > 0 {
-		for _, s := range m.IPs {
-			l = len(s)
+	if len(m.Results) > 0 {
+		for _, e := range m.Results {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Config) > 0 {
+		for _, e := range m.Config {
+			l = e.Size()
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
-	l = len(m.HardwareAddress)
-	n += 1 + l + sovGenerated(uint64(l))
 	return n
 }
 
-func (m *OpaqueDeviceConfiguration) Size() (n int) {
+func (m *DeviceAttribute) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = len(m.Driver)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Parameters.Size()
+	if m.IntValue != nil {
+		n += 1 + sovGenerated(uint64(*m.IntValue))
+	}
+	if m.BoolValue != nil {
+		n += 2
+	}
+	if m.StringValue != nil {
+		l = len(*m.StringValue)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.VersionValue != nil {
+		l = len(*m.VersionValue)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *DeviceClaim) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Requests) > 0 {
+		for _, e := range m.Requests {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Constraints) > 0 {
+		for _, e := range m.Constraints {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Config) > 0 {
+		for _, e := range m.Config {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *DeviceClaimConfiguration) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Requests) > 0 {
+		for _, s := range m.Requests {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	l = m.DeviceConfiguration.Size()
 	n += 1 + l + sovGenerated(uint64(l))
 	return n
 }
 
-func (m *ResourceClaim) Size() (n int) {
+func (m *DeviceClass) Size() (n int) {
 	if m == nil {
 		return 0
 	}
@@ -3132,29 +3974,21 @@ func (m *ResourceClaim) Size() (n int) {
 	n += 1 + l + sovGenerated(uint64(l))
 	l = m.Spec.Size()
 	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Status.Size()
-	n += 1 + l + sovGenerated(uint64(l))
 	return n
 }
 
-func (m *ResourceClaimConsumerReference) Size() (n int) {
+func (m *DeviceClassConfiguration) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = len(m.APIGroup)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.Resource)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.Name)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.UID)
+	l = m.DeviceConfiguration.Size()
 	n += 1 + l + sovGenerated(uint64(l))
 	return n
 }
 
-func (m *ResourceClaimList) Size() (n int) {
+func (m *DeviceClassList) Size() (n int) {
 	if m == nil {
 		return 0
 	}
@@ -3171,65 +4005,135 @@ func (m *ResourceClaimList) Size() (n int) {
 	return n
 }
 
-func (m *ResourceClaimSpec) Size() (n int) {
+func (m *DeviceClassSpec) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = m.Devices.Size()
-	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Selectors) > 0 {
+		for _, e := range m.Selectors {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Config) > 0 {
+		for _, e := range m.Config {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
 	return n
 }
 
-func (m *ResourceClaimStatus) Size() (n int) {
+func (m *DeviceConfiguration) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	if m.Allocation != nil {
-		l = m.Allocation.Size()
+	if m.Opaque != nil {
+		l = m.Opaque.Size()
 		n += 1 + l + sovGenerated(uint64(l))
 	}
-	if len(m.ReservedFor) > 0 {
-		for _, e := range m.ReservedFor {
-			l = e.Size()
+	return n
+}
+
+func (m *DeviceConstraint) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Requests) > 0 {
+		for _, s := range m.Requests {
+			l = len(s)
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
-	if len(m.Devices) > 0 {
-		for _, e := range m.Devices {
-			l = e.Size()
-			n += 1 + l + sovGenerated(uint64(l))
+	if m.MatchAttribute != nil {
+		l = len(*m.MatchAttribute)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *DeviceCounterConsumption) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.CounterSet)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Counters) > 0 {
+		for k, v := range m.Counters {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
 		}
 	}
 	return n
 }
 
-func (m *ResourceClaimTemplate) Size() (n int) {
+func (m *DeviceRequest) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = m.ObjectMeta.Size()
+	l = len(m.Name)
 	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Spec.Size()
+	l = len(m.DeviceClassName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Selectors) > 0 {
+		for _, e := range m.Selectors {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	l = len(m.AllocationMode)
 	n += 1 + l + sovGenerated(uint64(l))
+	n += 1 + sovGenerated(uint64(m.Count))
+	if m.AdminAccess != nil {
+		n += 2
+	}
+	if len(m.FirstAvailable) > 0 {
+		for _, e := range m.FirstAvailable {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Tolerations) > 0 {
+		for _, e := range m.Tolerations {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
 	return n
 }
 
-func (m *ResourceClaimTemplateList) Size() (n int) {
+func (m *DeviceRequestAllocationResult) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = m.ListMeta.Size()
+	l = len(m.Request)
 	n += 1 + l + sovGenerated(uint64(l))
-	if len(m.Items) > 0 {
-		for _, e := range m.Items {
+	l = len(m.Driver)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Pool)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Device)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.AdminAccess != nil {
+		n += 2
+	}
+	if len(m.Tolerations) > 0 {
+		for _, e := range m.Tolerations {
 			l = e.Size()
 			n += 1 + l + sovGenerated(uint64(l))
 		}
@@ -3237,33 +4141,67 @@ func (m *ResourceClaimTemplateList) Size() (n int) {
 	return n
 }
 
-func (m *ResourceClaimTemplateSpec) Size() (n int) {
+func (m *DeviceSelector) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = m.ObjectMeta.Size()
+	if m.CEL != nil {
+		l = m.CEL.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *DeviceSubRequest) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
 	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Spec.Size()
+	l = len(m.DeviceClassName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Selectors) > 0 {
+		for _, e := range m.Selectors {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	l = len(m.AllocationMode)
 	n += 1 + l + sovGenerated(uint64(l))
+	n += 1 + sovGenerated(uint64(m.Count))
+	if len(m.Tolerations) > 0 {
+		for _, e := range m.Tolerations {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
 	return n
 }
 
-func (m *ResourcePool) Size() (n int) {
+func (m *DeviceTaint) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = len(m.Name)
+	l = len(m.Key)
 	n += 1 + l + sovGenerated(uint64(l))
-	n += 1 + sovGenerated(uint64(m.Generation))
-	n += 1 + sovGenerated(uint64(m.ResourceSliceCount))
+	l = len(m.Value)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Effect)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.TimeAdded != nil {
+		l = m.TimeAdded.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
-func (m *ResourceSlice) Size() (n int) {
+func (m *DeviceTaintRule) Size() (n int) {
 	if m == nil {
 		return 0
 	}
@@ -3276,7 +4214,7 @@ func (m *ResourceSlice) Size() (n int) {
 	return n
 }
 
-func (m *ResourceSliceList) Size() (n int) {
+func (m *DeviceTaintRuleList) Size() (n int) {
 	if m == nil {
 		return 0
 	}
@@ -3293,25 +4231,45 @@ func (m *ResourceSliceList) Size() (n int) {
 	return n
 }
 
-func (m *ResourceSliceSpec) Size() (n int) {
+func (m *DeviceTaintRuleSpec) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = len(m.Driver)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Pool.Size()
-	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.NodeName)
+	if m.DeviceSelector != nil {
+		l = m.DeviceSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	l = m.Taint.Size()
 	n += 1 + l + sovGenerated(uint64(l))
-	if m.NodeSelector != nil {
-		l = m.NodeSelector.Size()
+	return n
+}
+
+func (m *DeviceTaintSelector) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.DeviceClassName != nil {
+		l = len(*m.DeviceClassName)
 		n += 1 + l + sovGenerated(uint64(l))
 	}
-	n += 2
-	if len(m.Devices) > 0 {
-		for _, e := range m.Devices {
+	if m.Driver != nil {
+		l = len(*m.Driver)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.Pool != nil {
+		l = len(*m.Pool)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.Device != nil {
+		l = len(*m.Device)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if len(m.Selectors) > 0 {
+		for _, e := range m.Selectors {
 			l = e.Size()
 			n += 1 + l + sovGenerated(uint64(l))
 		}
@@ -3319,15 +4277,273 @@ func (m *ResourceSliceSpec) Size() (n int) {
 	return n
 }
 
-func sovGenerated(x uint64) (n int) {
-	return (math_bits.Len64(x|1) + 6) / 7
-}
-func sozGenerated(x uint64) (n int) {
-	return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
-}
-func (this *AllocatedDeviceStatus) String() string {
-	if this == nil {
-		return "nil"
+func (m *DeviceToleration) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Key)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Operator)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Value)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Effect)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.TolerationSeconds != nil {
+		n += 1 + sovGenerated(uint64(*m.TolerationSeconds))
+	}
+	return n
+}
+
+func (m *NetworkDeviceData) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.InterfaceName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.IPs) > 0 {
+		for _, s := range m.IPs {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	l = len(m.HardwareAddress)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *OpaqueDeviceConfiguration) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Driver)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Parameters.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaim) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Status.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaimConsumerReference) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.APIGroup)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Resource)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.UID)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaimList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ResourceClaimSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.Devices.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaimStatus) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.Allocation != nil {
+		l = m.Allocation.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if len(m.ReservedFor) > 0 {
+		for _, e := range m.ReservedFor {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Devices) > 0 {
+		for _, e := range m.Devices {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ResourceClaimTemplate) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaimTemplateList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ResourceClaimTemplateSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourcePool) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	n += 1 + sovGenerated(uint64(m.Generation))
+	n += 1 + sovGenerated(uint64(m.ResourceSliceCount))
+	return n
+}
+
+func (m *ResourceSlice) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceSliceList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ResourceSliceSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Driver)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Pool.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.NodeName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.NodeSelector != nil {
+		l = m.NodeSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	n += 2
+	if len(m.Devices) > 0 {
+		for _, e := range m.Devices {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if m.PerDeviceNodeSelection != nil {
+		n += 2
+	}
+	if len(m.SharedCounters) > 0 {
+		for _, e := range m.SharedCounters {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func sovGenerated(x uint64) (n int) {
+	return (math_bits.Len64(x|1) + 6) / 7
+}
+func sozGenerated(x uint64) (n int) {
+	return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (this *AllocatedDeviceStatus) String() string {
+	if this == nil {
+		return "nil"
 	}
 	repeatedStringForConditions := "[]Condition{"
 	for _, f := range this.Conditions {
@@ -3339,7 +4555,7 @@ func (this *AllocatedDeviceStatus) String() string {
 		`Pool:` + fmt.Sprintf("%v", this.Pool) + `,`,
 		`Device:` + fmt.Sprintf("%v", this.Device) + `,`,
 		`Conditions:` + repeatedStringForConditions + `,`,
-		`Data:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Data), "RawExtension", "runtime.RawExtension", 1), `&`, ``, 1) + `,`,
+		`Data:` + strings.Replace(fmt.Sprintf("%v", this.Data), "RawExtension", "runtime.RawExtension", 1) + `,`,
 		`NetworkData:` + strings.Replace(this.NetworkData.String(), "NetworkDeviceData", "NetworkDeviceData", 1) + `,`,
 		`}`,
 	}, "")
@@ -3360,7 +4576,17 @@ func (this *BasicDevice) String() string {
 	if this == nil {
 		return "nil"
 	}
-	keysForAttributes := make([]string, 0, len(this.Attributes))
+	repeatedStringForConsumesCounters := "[]DeviceCounterConsumption{"
+	for _, f := range this.ConsumesCounters {
+		repeatedStringForConsumesCounters += strings.Replace(strings.Replace(f.String(), "DeviceCounterConsumption", "DeviceCounterConsumption", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForConsumesCounters += "}"
+	repeatedStringForTaints := "[]DeviceTaint{"
+	for _, f := range this.Taints {
+		repeatedStringForTaints += strings.Replace(strings.Replace(f.String(), "DeviceTaint", "DeviceTaint", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForTaints += "}"
+	keysForAttributes := make([]string, 0, len(this.Attributes))
 	for k := range this.Attributes {
 		keysForAttributes = append(keysForAttributes, string(k))
 	}
@@ -3383,6 +4609,11 @@ func (this *BasicDevice) String() string {
 	s := strings.Join([]string{`&BasicDevice{`,
 		`Attributes:` + mapStringForAttributes + `,`,
 		`Capacity:` + mapStringForCapacity + `,`,
+		`ConsumesCounters:` + repeatedStringForConsumesCounters + `,`,
+		`NodeName:` + valueToStringGenerated(this.NodeName) + `,`,
+		`NodeSelector:` + strings.Replace(fmt.Sprintf("%v", this.NodeSelector), "NodeSelector", "v11.NodeSelector", 1) + `,`,
+		`AllNodes:` + valueToStringGenerated(this.AllNodes) + `,`,
+		`Taints:` + repeatedStringForTaints + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3397,6 +4628,37 @@ func (this *CELDeviceSelector) String() string {
 	}, "")
 	return s
 }
+func (this *Counter) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&Counter{`,
+		`Value:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Value), "Quantity", "resource.Quantity", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *CounterSet) String() string {
+	if this == nil {
+		return "nil"
+	}
+	keysForCounters := make([]string, 0, len(this.Counters))
+	for k := range this.Counters {
+		keysForCounters = append(keysForCounters, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+	mapStringForCounters := "map[string]Counter{"
+	for _, k := range keysForCounters {
+		mapStringForCounters += fmt.Sprintf("%v: %v,", k, this.Counters[k])
+	}
+	mapStringForCounters += "}"
+	s := strings.Join([]string{`&CounterSet{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`Counters:` + mapStringForCounters + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *Device) String() string {
 	if this == nil {
 		return "nil"
@@ -3571,6 +4833,27 @@ func (this *DeviceConstraint) String() string {
 	}, "")
 	return s
 }
+func (this *DeviceCounterConsumption) String() string {
+	if this == nil {
+		return "nil"
+	}
+	keysForCounters := make([]string, 0, len(this.Counters))
+	for k := range this.Counters {
+		keysForCounters = append(keysForCounters, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+	mapStringForCounters := "map[string]Counter{"
+	for _, k := range keysForCounters {
+		mapStringForCounters += fmt.Sprintf("%v: %v,", k, this.Counters[k])
+	}
+	mapStringForCounters += "}"
+	s := strings.Join([]string{`&DeviceCounterConsumption{`,
+		`CounterSet:` + fmt.Sprintf("%v", this.CounterSet) + `,`,
+		`Counters:` + mapStringForCounters + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *DeviceRequest) String() string {
 	if this == nil {
 		return "nil"
@@ -3580,6 +4863,16 @@ func (this *DeviceRequest) String() string {
 		repeatedStringForSelectors += strings.Replace(strings.Replace(f.String(), "DeviceSelector", "DeviceSelector", 1), `&`, ``, 1) + ","
 	}
 	repeatedStringForSelectors += "}"
+	repeatedStringForFirstAvailable := "[]DeviceSubRequest{"
+	for _, f := range this.FirstAvailable {
+		repeatedStringForFirstAvailable += strings.Replace(strings.Replace(f.String(), "DeviceSubRequest", "DeviceSubRequest", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForFirstAvailable += "}"
+	repeatedStringForTolerations := "[]DeviceToleration{"
+	for _, f := range this.Tolerations {
+		repeatedStringForTolerations += strings.Replace(strings.Replace(f.String(), "DeviceToleration", "DeviceToleration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForTolerations += "}"
 	s := strings.Join([]string{`&DeviceRequest{`,
 		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
 		`DeviceClassName:` + fmt.Sprintf("%v", this.DeviceClassName) + `,`,
@@ -3587,6 +4880,8 @@ func (this *DeviceRequest) String() string {
 		`AllocationMode:` + fmt.Sprintf("%v", this.AllocationMode) + `,`,
 		`Count:` + fmt.Sprintf("%v", this.Count) + `,`,
 		`AdminAccess:` + valueToStringGenerated(this.AdminAccess) + `,`,
+		`FirstAvailable:` + repeatedStringForFirstAvailable + `,`,
+		`Tolerations:` + repeatedStringForTolerations + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3595,12 +4890,18 @@ func (this *DeviceRequestAllocationResult) String() string {
 	if this == nil {
 		return "nil"
 	}
+	repeatedStringForTolerations := "[]DeviceToleration{"
+	for _, f := range this.Tolerations {
+		repeatedStringForTolerations += strings.Replace(strings.Replace(f.String(), "DeviceToleration", "DeviceToleration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForTolerations += "}"
 	s := strings.Join([]string{`&DeviceRequestAllocationResult{`,
 		`Request:` + fmt.Sprintf("%v", this.Request) + `,`,
 		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
 		`Pool:` + fmt.Sprintf("%v", this.Pool) + `,`,
 		`Device:` + fmt.Sprintf("%v", this.Device) + `,`,
 		`AdminAccess:` + valueToStringGenerated(this.AdminAccess) + `,`,
+		`Tolerations:` + repeatedStringForTolerations + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3615,6 +4916,115 @@ func (this *DeviceSelector) String() string {
 	}, "")
 	return s
 }
+func (this *DeviceSubRequest) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForSelectors := "[]DeviceSelector{"
+	for _, f := range this.Selectors {
+		repeatedStringForSelectors += strings.Replace(strings.Replace(f.String(), "DeviceSelector", "DeviceSelector", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForSelectors += "}"
+	repeatedStringForTolerations := "[]DeviceToleration{"
+	for _, f := range this.Tolerations {
+		repeatedStringForTolerations += strings.Replace(strings.Replace(f.String(), "DeviceToleration", "DeviceToleration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForTolerations += "}"
+	s := strings.Join([]string{`&DeviceSubRequest{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`DeviceClassName:` + fmt.Sprintf("%v", this.DeviceClassName) + `,`,
+		`Selectors:` + repeatedStringForSelectors + `,`,
+		`AllocationMode:` + fmt.Sprintf("%v", this.AllocationMode) + `,`,
+		`Count:` + fmt.Sprintf("%v", this.Count) + `,`,
+		`Tolerations:` + repeatedStringForTolerations + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceTaint) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceTaint{`,
+		`Key:` + fmt.Sprintf("%v", this.Key) + `,`,
+		`Value:` + fmt.Sprintf("%v", this.Value) + `,`,
+		`Effect:` + fmt.Sprintf("%v", this.Effect) + `,`,
+		`TimeAdded:` + strings.Replace(fmt.Sprintf("%v", this.TimeAdded), "Time", "v1.Time", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceTaintRule) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceTaintRule{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "DeviceTaintRuleSpec", "DeviceTaintRuleSpec", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceTaintRuleList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForItems := "[]DeviceTaintRule{"
+	for _, f := range this.Items {
+		repeatedStringForItems += strings.Replace(strings.Replace(f.String(), "DeviceTaintRule", "DeviceTaintRule", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForItems += "}"
+	s := strings.Join([]string{`&DeviceTaintRuleList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + repeatedStringForItems + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceTaintRuleSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceTaintRuleSpec{`,
+		`DeviceSelector:` + strings.Replace(this.DeviceSelector.String(), "DeviceTaintSelector", "DeviceTaintSelector", 1) + `,`,
+		`Taint:` + strings.Replace(strings.Replace(this.Taint.String(), "DeviceTaint", "DeviceTaint", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceTaintSelector) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForSelectors := "[]DeviceSelector{"
+	for _, f := range this.Selectors {
+		repeatedStringForSelectors += strings.Replace(strings.Replace(f.String(), "DeviceSelector", "DeviceSelector", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForSelectors += "}"
+	s := strings.Join([]string{`&DeviceTaintSelector{`,
+		`DeviceClassName:` + valueToStringGenerated(this.DeviceClassName) + `,`,
+		`Driver:` + valueToStringGenerated(this.Driver) + `,`,
+		`Pool:` + valueToStringGenerated(this.Pool) + `,`,
+		`Device:` + valueToStringGenerated(this.Device) + `,`,
+		`Selectors:` + repeatedStringForSelectors + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceToleration) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceToleration{`,
+		`Key:` + fmt.Sprintf("%v", this.Key) + `,`,
+		`Operator:` + fmt.Sprintf("%v", this.Operator) + `,`,
+		`Value:` + fmt.Sprintf("%v", this.Value) + `,`,
+		`Effect:` + fmt.Sprintf("%v", this.Effect) + `,`,
+		`TolerationSeconds:` + valueToStringGenerated(this.TolerationSeconds) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *NetworkDeviceData) String() string {
 	if this == nil {
 		return "nil"
@@ -3797,6 +5207,11 @@ func (this *ResourceSliceSpec) String() string {
 		repeatedStringForDevices += strings.Replace(strings.Replace(f.String(), "Device", "Device", 1), `&`, ``, 1) + ","
 	}
 	repeatedStringForDevices += "}"
+	repeatedStringForSharedCounters := "[]CounterSet{"
+	for _, f := range this.SharedCounters {
+		repeatedStringForSharedCounters += strings.Replace(strings.Replace(f.String(), "CounterSet", "CounterSet", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForSharedCounters += "}"
 	s := strings.Join([]string{`&ResourceSliceSpec{`,
 		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
 		`Pool:` + strings.Replace(strings.Replace(this.Pool.String(), "ResourcePool", "ResourcePool", 1), `&`, ``, 1) + `,`,
@@ -3804,6 +5219,8 @@ func (this *ResourceSliceSpec) String() string {
 		`NodeSelector:` + strings.Replace(fmt.Sprintf("%v", this.NodeSelector), "NodeSelector", "v11.NodeSelector", 1) + `,`,
 		`AllNodes:` + fmt.Sprintf("%v", this.AllNodes) + `,`,
 		`Devices:` + repeatedStringForDevices + `,`,
+		`PerDeviceNodeSelection:` + valueToStringGenerated(this.PerDeviceNodeSelection) + `,`,
+		`SharedCounters:` + repeatedStringForSharedCounters + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3813,10 +5230,1915 @@ func valueToStringGenerated(v interface{}) string {
 	if rv.IsNil() {
 		return "nil"
 	}
-	pv := reflect.Indirect(rv).Interface()
-	return fmt.Sprintf("*%v", pv)
+	pv := reflect.Indirect(rv).Interface()
+	return fmt.Sprintf("*%v", pv)
+}
+func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: AllocatedDeviceStatus: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: AllocatedDeviceStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Driver = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Pool", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Pool = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Device", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Device = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Conditions", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Conditions = append(m.Conditions, v1.Condition{})
+			if err := m.Conditions[len(m.Conditions)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Data", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Data == nil {
+				m.Data = &runtime.RawExtension{}
+			}
+			if err := m.Data.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NetworkData", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.NetworkData == nil {
+				m.NetworkData = &NetworkDeviceData{}
+			}
+			if err := m.NetworkData.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *AllocationResult) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: AllocationResult: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: AllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Devices", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Devices.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeSelector", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.NodeSelector == nil {
+				m.NodeSelector = &v11.NodeSelector{}
+			}
+			if err := m.NodeSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *BasicDevice) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: BasicDevice: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: BasicDevice: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Attributes", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Attributes == nil {
+				m.Attributes = make(map[QualifiedName]DeviceAttribute)
+			}
+			var mapkey QualifiedName
+			mapvalue := &DeviceAttribute{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = QualifiedName(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapmsglen int
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapmsglen |= int(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					if mapmsglen < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postmsgIndex := iNdEx + mapmsglen
+					if postmsgIndex < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postmsgIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = &DeviceAttribute{}
+					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+						return err
+					}
+					iNdEx = postmsgIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipGenerated(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
+			}
+			m.Attributes[QualifiedName(mapkey)] = *mapvalue
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Capacity", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Capacity == nil {
+				m.Capacity = make(map[QualifiedName]resource.Quantity)
+			}
+			var mapkey QualifiedName
+			mapvalue := &resource.Quantity{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = QualifiedName(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapmsglen int
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapmsglen |= int(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					if mapmsglen < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postmsgIndex := iNdEx + mapmsglen
+					if postmsgIndex < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postmsgIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = &resource.Quantity{}
+					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+						return err
+					}
+					iNdEx = postmsgIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipGenerated(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
+			}
+			m.Capacity[QualifiedName(mapkey)] = *mapvalue
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ConsumesCounters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.ConsumesCounters = append(m.ConsumesCounters, DeviceCounterConsumption{})
+			if err := m.ConsumesCounters[len(m.ConsumesCounters)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.NodeName = &s
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeSelector", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.NodeSelector == nil {
+				m.NodeSelector = &v11.NodeSelector{}
+			}
+			if err := m.NodeSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 6:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllNodes", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AllNodes = &b
+		case 7:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Taints", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Taints = append(m.Taints, DeviceTaint{})
+			if err := m.Taints[len(m.Taints)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *CELDeviceSelector) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: CELDeviceSelector: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: CELDeviceSelector: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Expression", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Expression = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *Counter) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: Counter: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: Counter: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Value.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *CounterSet) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: CounterSet: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: CounterSet: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Counters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Counters == nil {
+				m.Counters = make(map[string]Counter)
+			}
+			var mapkey string
+			mapvalue := &Counter{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = string(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapmsglen int
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapmsglen |= int(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					if mapmsglen < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postmsgIndex := iNdEx + mapmsglen
+					if postmsgIndex < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postmsgIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = &Counter{}
+					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+						return err
+					}
+					iNdEx = postmsgIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipGenerated(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
+			}
+			m.Counters[mapkey] = *mapvalue
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *Device) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: Device: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: Device: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Basic", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Basic == nil {
+				m.Basic = &BasicDevice{}
+			}
+			if err := m.Basic.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceAllocationConfiguration: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceAllocationConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Source", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Source = AllocationConfigSource(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceAllocationResult: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceAllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Results", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Results = append(m.Results, DeviceRequestAllocationResult{})
+			if err := m.Results[len(m.Results)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Config = append(m.Config, DeviceAllocationConfiguration{})
+			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceAttribute: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceAttribute: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 2:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field IntValue", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.IntValue = &v
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field BoolValue", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.BoolValue = &b
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field StringValue", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.StringValue = &s
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field VersionValue", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.VersionValue = &s
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClaim: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClaim: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Requests = append(m.Requests, DeviceRequest{})
+			if err := m.Requests[len(m.Requests)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Constraints", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Constraints = append(m.Constraints, DeviceConstraint{})
+			if err := m.Constraints[len(m.Constraints)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Config = append(m.Config, DeviceClaimConfiguration{})
+			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
 }
-func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
+func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -3839,15 +7161,15 @@ func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: AllocatedDeviceStatus: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceClaimConfiguration: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: AllocatedDeviceStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceClaimConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -3875,13 +7197,13 @@ func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Driver = string(dAtA[iNdEx:postIndex])
+			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Pool", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -3891,29 +7213,80 @@ func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Pool = string(dAtA[iNdEx:postIndex])
+			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
-		case 3:
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClass) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClass: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClass: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Device", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -3923,27 +7296,28 @@ func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Device = string(dAtA[iNdEx:postIndex])
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
-		case 4:
+		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Conditions", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -3970,14 +7344,63 @@ func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Conditions = append(m.Conditions, v1.Condition{})
-			if err := m.Conditions[len(m.Conditions)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 5:
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClassConfiguration) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClassConfiguration: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClassConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Data", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4004,13 +7427,63 @@ func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Data.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 6:
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClassList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClassList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field NetworkData", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4037,10 +7510,41 @@ func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.NetworkData == nil {
-				m.NetworkData = &NetworkDeviceData{}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-			if err := m.NetworkData.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, DeviceClass{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -4065,7 +7569,7 @@ func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *AllocationResult) Unmarshal(dAtA []byte) error {
+func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4088,15 +7592,15 @@ func (m *AllocationResult) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: AllocationResult: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceClassSpec: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: AllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceClassSpec: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Devices", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4123,13 +7627,14 @@ func (m *AllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Devices.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Selectors = append(m.Selectors, DeviceSelector{})
+			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 3:
+		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field NodeSelector", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4156,10 +7661,8 @@ func (m *AllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.NodeSelector == nil {
-				m.NodeSelector = &v11.NodeSelector{}
-			}
-			if err := m.NodeSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Config = append(m.Config, DeviceClassConfiguration{})
+			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -4184,7 +7687,7 @@ func (m *AllocationResult) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *BasicDevice) Unmarshal(dAtA []byte) error {
+func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4207,144 +7710,15 @@ func (m *BasicDevice) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: BasicDevice: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceConfiguration: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: BasicDevice: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Attributes", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			if m.Attributes == nil {
-				m.Attributes = make(map[QualifiedName]DeviceAttribute)
-			}
-			var mapkey QualifiedName
-			mapvalue := &DeviceAttribute{}
-			for iNdEx < postIndex {
-				entryPreIndex := iNdEx
-				var wire uint64
-				for shift := uint(0); ; shift += 7 {
-					if shift >= 64 {
-						return ErrIntOverflowGenerated
-					}
-					if iNdEx >= l {
-						return io.ErrUnexpectedEOF
-					}
-					b := dAtA[iNdEx]
-					iNdEx++
-					wire |= uint64(b&0x7F) << shift
-					if b < 0x80 {
-						break
-					}
-				}
-				fieldNum := int32(wire >> 3)
-				if fieldNum == 1 {
-					var stringLenmapkey uint64
-					for shift := uint(0); ; shift += 7 {
-						if shift >= 64 {
-							return ErrIntOverflowGenerated
-						}
-						if iNdEx >= l {
-							return io.ErrUnexpectedEOF
-						}
-						b := dAtA[iNdEx]
-						iNdEx++
-						stringLenmapkey |= uint64(b&0x7F) << shift
-						if b < 0x80 {
-							break
-						}
-					}
-					intStringLenmapkey := int(stringLenmapkey)
-					if intStringLenmapkey < 0 {
-						return ErrInvalidLengthGenerated
-					}
-					postStringIndexmapkey := iNdEx + intStringLenmapkey
-					if postStringIndexmapkey < 0 {
-						return ErrInvalidLengthGenerated
-					}
-					if postStringIndexmapkey > l {
-						return io.ErrUnexpectedEOF
-					}
-					mapkey = QualifiedName(dAtA[iNdEx:postStringIndexmapkey])
-					iNdEx = postStringIndexmapkey
-				} else if fieldNum == 2 {
-					var mapmsglen int
-					for shift := uint(0); ; shift += 7 {
-						if shift >= 64 {
-							return ErrIntOverflowGenerated
-						}
-						if iNdEx >= l {
-							return io.ErrUnexpectedEOF
-						}
-						b := dAtA[iNdEx]
-						iNdEx++
-						mapmsglen |= int(b&0x7F) << shift
-						if b < 0x80 {
-							break
-						}
-					}
-					if mapmsglen < 0 {
-						return ErrInvalidLengthGenerated
-					}
-					postmsgIndex := iNdEx + mapmsglen
-					if postmsgIndex < 0 {
-						return ErrInvalidLengthGenerated
-					}
-					if postmsgIndex > l {
-						return io.ErrUnexpectedEOF
-					}
-					mapvalue = &DeviceAttribute{}
-					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
-						return err
-					}
-					iNdEx = postmsgIndex
-				} else {
-					iNdEx = entryPreIndex
-					skippy, err := skipGenerated(dAtA[iNdEx:])
-					if err != nil {
-						return err
-					}
-					if (skippy < 0) || (iNdEx+skippy) < 0 {
-						return ErrInvalidLengthGenerated
-					}
-					if (iNdEx + skippy) > postIndex {
-						return io.ErrUnexpectedEOF
-					}
-					iNdEx += skippy
-				}
-			}
-			m.Attributes[QualifiedName(mapkey)] = *mapvalue
-			iNdEx = postIndex
-		case 2:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Capacity", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Opaque", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4371,105 +7745,12 @@ func (m *BasicDevice) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.Capacity == nil {
-				m.Capacity = make(map[QualifiedName]resource.Quantity)
+			if m.Opaque == nil {
+				m.Opaque = &OpaqueDeviceConfiguration{}
 			}
-			var mapkey QualifiedName
-			mapvalue := &resource.Quantity{}
-			for iNdEx < postIndex {
-				entryPreIndex := iNdEx
-				var wire uint64
-				for shift := uint(0); ; shift += 7 {
-					if shift >= 64 {
-						return ErrIntOverflowGenerated
-					}
-					if iNdEx >= l {
-						return io.ErrUnexpectedEOF
-					}
-					b := dAtA[iNdEx]
-					iNdEx++
-					wire |= uint64(b&0x7F) << shift
-					if b < 0x80 {
-						break
-					}
-				}
-				fieldNum := int32(wire >> 3)
-				if fieldNum == 1 {
-					var stringLenmapkey uint64
-					for shift := uint(0); ; shift += 7 {
-						if shift >= 64 {
-							return ErrIntOverflowGenerated
-						}
-						if iNdEx >= l {
-							return io.ErrUnexpectedEOF
-						}
-						b := dAtA[iNdEx]
-						iNdEx++
-						stringLenmapkey |= uint64(b&0x7F) << shift
-						if b < 0x80 {
-							break
-						}
-					}
-					intStringLenmapkey := int(stringLenmapkey)
-					if intStringLenmapkey < 0 {
-						return ErrInvalidLengthGenerated
-					}
-					postStringIndexmapkey := iNdEx + intStringLenmapkey
-					if postStringIndexmapkey < 0 {
-						return ErrInvalidLengthGenerated
-					}
-					if postStringIndexmapkey > l {
-						return io.ErrUnexpectedEOF
-					}
-					mapkey = QualifiedName(dAtA[iNdEx:postStringIndexmapkey])
-					iNdEx = postStringIndexmapkey
-				} else if fieldNum == 2 {
-					var mapmsglen int
-					for shift := uint(0); ; shift += 7 {
-						if shift >= 64 {
-							return ErrIntOverflowGenerated
-						}
-						if iNdEx >= l {
-							return io.ErrUnexpectedEOF
-						}
-						b := dAtA[iNdEx]
-						iNdEx++
-						mapmsglen |= int(b&0x7F) << shift
-						if b < 0x80 {
-							break
-						}
-					}
-					if mapmsglen < 0 {
-						return ErrInvalidLengthGenerated
-					}
-					postmsgIndex := iNdEx + mapmsglen
-					if postmsgIndex < 0 {
-						return ErrInvalidLengthGenerated
-					}
-					if postmsgIndex > l {
-						return io.ErrUnexpectedEOF
-					}
-					mapvalue = &resource.Quantity{}
-					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
-						return err
-					}
-					iNdEx = postmsgIndex
-				} else {
-					iNdEx = entryPreIndex
-					skippy, err := skipGenerated(dAtA[iNdEx:])
-					if err != nil {
-						return err
-					}
-					if (skippy < 0) || (iNdEx+skippy) < 0 {
-						return ErrInvalidLengthGenerated
-					}
-					if (iNdEx + skippy) > postIndex {
-						return io.ErrUnexpectedEOF
-					}
-					iNdEx += skippy
-				}
+			if err := m.Opaque.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-			m.Capacity[QualifiedName(mapkey)] = *mapvalue
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -4492,7 +7773,7 @@ func (m *BasicDevice) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *CELDeviceSelector) Unmarshal(dAtA []byte) error {
+func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4515,15 +7796,15 @@ func (m *CELDeviceSelector) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: CELDeviceSelector: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceConstraint: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: CELDeviceSelector: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceConstraint: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Expression", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -4551,7 +7832,40 @@ func (m *CELDeviceSelector) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Expression = string(dAtA[iNdEx:postIndex])
+			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MatchAttribute", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := FullyQualifiedName(dAtA[iNdEx:postIndex])
+			m.MatchAttribute = &s
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -4574,7 +7888,7 @@ func (m *CELDeviceSelector) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *Device) Unmarshal(dAtA []byte) error {
+func (m *DeviceCounterConsumption) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4597,15 +7911,15 @@ func (m *Device) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: Device: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceCounterConsumption: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: Device: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceCounterConsumption: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field CounterSet", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -4633,11 +7947,11 @@ func (m *Device) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Name = string(dAtA[iNdEx:postIndex])
+			m.CounterSet = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Basic", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Counters", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4664,12 +7978,105 @@ func (m *Device) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.Basic == nil {
-				m.Basic = &BasicDevice{}
+			if m.Counters == nil {
+				m.Counters = make(map[string]Counter)
 			}
-			if err := m.Basic.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
+			var mapkey string
+			mapvalue := &Counter{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = string(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapmsglen int
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapmsglen |= int(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					if mapmsglen < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postmsgIndex := iNdEx + mapmsglen
+					if postmsgIndex < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postmsgIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = &Counter{}
+					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+						return err
+					}
+					iNdEx = postmsgIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipGenerated(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
 			}
+			m.Counters[mapkey] = *mapvalue
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -4692,7 +8099,7 @@ func (m *Device) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
+func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4715,15 +8122,15 @@ func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceAllocationConfiguration: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceRequest: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceAllocationConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceRequest: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Source", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -4751,11 +8158,11 @@ func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Source = AllocationConfigSource(dAtA[iNdEx:postIndex])
+			m.Name = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceClassName", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -4783,11 +8190,11 @@ func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			m.DeviceClassName = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4814,63 +8221,86 @@ func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Selectors = append(m.Selectors, DeviceSelector{})
+			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		default:
-			iNdEx = preIndex
-			skippy, err := skipGenerated(dAtA[iNdEx:])
-			if err != nil {
-				return err
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllocationMode", wireType)
 			}
-			if (skippy < 0) || (iNdEx+skippy) < 0 {
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			if (iNdEx + skippy) > l {
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			iNdEx += skippy
-		}
-	}
-
-	if iNdEx > l {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
-	for iNdEx < l {
-		preIndex := iNdEx
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return ErrIntOverflowGenerated
+			m.AllocationMode = DeviceAllocationMode(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Count", wireType)
 			}
-			if iNdEx >= l {
-				return io.ErrUnexpectedEOF
+			m.Count = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Count |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
 			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= uint64(b&0x7F) << shift
-			if b < 0x80 {
-				break
+		case 6:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AdminAccess", wireType)
 			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceAllocationResult: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceAllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AdminAccess = &b
+		case 7:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Results", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field FirstAvailable", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4897,14 +8327,14 @@ func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Results = append(m.Results, DeviceRequestAllocationResult{})
-			if err := m.Results[len(m.Results)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.FirstAvailable = append(m.FirstAvailable, DeviceSubRequest{})
+			if err := m.FirstAvailable[len(m.FirstAvailable)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		case 2:
+		case 8:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Tolerations", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4931,8 +8361,8 @@ func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Config = append(m.Config, DeviceAllocationConfiguration{})
-			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Tolerations = append(m.Tolerations, DeviceToleration{})
+			if err := m.Tolerations[len(m.Tolerations)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -4957,7 +8387,7 @@ func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
+func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4980,17 +8410,17 @@ func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceAttribute: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceRequestAllocationResult: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceAttribute: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceRequestAllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
-		case 2:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field IntValue", wireType)
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Request", wireType)
 			}
-			var v int64
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5000,17 +8430,29 @@ func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				v |= int64(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			m.IntValue = &v
-		case 3:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field BoolValue", wireType)
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
 			}
-			var v int
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Request = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+			}
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5020,16 +8462,27 @@ func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				v |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			b := bool(v != 0)
-			m.BoolValue = &b
-		case 4:
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Driver = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field StringValue", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Pool", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -5057,12 +8510,11 @@ func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			s := string(dAtA[iNdEx:postIndex])
-			m.StringValue = &s
+			m.Pool = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
-		case 5:
+		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field VersionValue", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Device", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -5090,8 +8542,62 @@ func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			s := string(dAtA[iNdEx:postIndex])
-			m.VersionValue = &s
+			m.Device = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AdminAccess", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AdminAccess = &b
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Tolerations", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Tolerations = append(m.Tolerations, DeviceToleration{})
+			if err := m.Tolerations[len(m.Tolerations)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -5114,7 +8620,7 @@ func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
+func (m *DeviceSelector) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5137,49 +8643,15 @@ func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClaim: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceSelector: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClaim: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceSelector: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			m.Requests = append(m.Requests, DeviceRequest{})
-			if err := m.Requests[len(m.Requests)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 2:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Constraints", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field CEL", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5206,42 +8678,10 @@ func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Constraints = append(m.Constraints, DeviceConstraint{})
-			if err := m.Constraints[len(m.Constraints)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 3:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
-			}
-			var msglen int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				msglen |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
+			if m.CEL == nil {
+				m.CEL = &CELDeviceSelector{}
 			}
-			m.Config = append(m.Config, DeviceClaimConfiguration{})
-			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.CEL.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5266,7 +8706,7 @@ func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
+func (m *DeviceSubRequest) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5289,15 +8729,47 @@ func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClaimConfiguration: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceSubRequest: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClaimConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceSubRequest: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceClassName", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -5325,11 +8797,11 @@ func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			m.DeviceClassName = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
-		case 2:
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5356,65 +8828,16 @@ func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Selectors = append(m.Selectors, DeviceSelector{})
+			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
-		default:
-			iNdEx = preIndex
-			skippy, err := skipGenerated(dAtA[iNdEx:])
-			if err != nil {
-				return err
-			}
-			if (skippy < 0) || (iNdEx+skippy) < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if (iNdEx + skippy) > l {
-				return io.ErrUnexpectedEOF
-			}
-			iNdEx += skippy
-		}
-	}
-
-	if iNdEx > l {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-func (m *DeviceClass) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
-	for iNdEx < l {
-		preIndex := iNdEx
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return ErrIntOverflowGenerated
-			}
-			if iNdEx >= l {
-				return io.ErrUnexpectedEOF
-			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= uint64(b&0x7F) << shift
-			if b < 0x80 {
-				break
-			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClass: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClass: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
+		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field AllocationMode", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5424,28 +8847,46 @@ func (m *DeviceClass) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.AllocationMode = DeviceAllocationMode(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
-		case 2:
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Count", wireType)
+			}
+			m.Count = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Count |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 7:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Tolerations", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5472,7 +8913,8 @@ func (m *DeviceClass) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Tolerations = append(m.Tolerations, DeviceToleration{})
+			if err := m.Tolerations[len(m.Tolerations)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5497,7 +8939,7 @@ func (m *DeviceClass) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceClassConfiguration) Unmarshal(dAtA []byte) error {
+func (m *DeviceTaint) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5520,17 +8962,17 @@ func (m *DeviceClassConfiguration) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClassConfiguration: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceTaint: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClassConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceTaint: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Key", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5540,80 +8982,61 @@ func (m *DeviceClassConfiguration) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Key = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
-		default:
-			iNdEx = preIndex
-			skippy, err := skipGenerated(dAtA[iNdEx:])
-			if err != nil {
-				return err
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
 			}
-			if (skippy < 0) || (iNdEx+skippy) < 0 {
-				return ErrInvalidLengthGenerated
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
 			}
-			if (iNdEx + skippy) > l {
-				return io.ErrUnexpectedEOF
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
 			}
-			iNdEx += skippy
-		}
-	}
-
-	if iNdEx > l {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
-	for iNdEx < l {
-		preIndex := iNdEx
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return ErrIntOverflowGenerated
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
 			}
-			if iNdEx >= l {
+			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= uint64(b&0x7F) << shift
-			if b < 0x80 {
-				break
-			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClassList: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClassList: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
+			m.Value = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Effect", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5623,28 +9046,27 @@ func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Effect = DeviceTaintEffect(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
-		case 2:
+		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field TimeAdded", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5671,8 +9093,10 @@ func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Items = append(m.Items, DeviceClass{})
-			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.TimeAdded == nil {
+				m.TimeAdded = &v1.Time{}
+			}
+			if err := m.TimeAdded.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5697,7 +9121,7 @@ func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
+func (m *DeviceTaintRule) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5720,15 +9144,15 @@ func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClassSpec: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceTaintRule: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClassSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceTaintRule: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5755,14 +9179,13 @@ func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Selectors = append(m.Selectors, DeviceSelector{})
-			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5789,8 +9212,7 @@ func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Config = append(m.Config, DeviceClassConfiguration{})
-			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5815,7 +9237,7 @@ func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
+func (m *DeviceTaintRuleList) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5838,15 +9260,15 @@ func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceConfiguration: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceTaintRuleList: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceTaintRuleList: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Opaque", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5873,10 +9295,41 @@ func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.Opaque == nil {
-				m.Opaque = &OpaqueDeviceConfiguration{}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
 			}
-			if err := m.Opaque.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Items = append(m.Items, DeviceTaintRule{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5901,7 +9354,7 @@ func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
+func (m *DeviceTaintRuleSpec) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5924,17 +9377,17 @@ func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceConstraint: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceTaintRuleSpec: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceConstraint: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceTaintRuleSpec: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceSelector", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5944,29 +9397,33 @@ func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			if m.DeviceSelector == nil {
+				m.DeviceSelector = &DeviceTaintSelector{}
+			}
+			if err := m.DeviceSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field MatchAttribute", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Taint", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5976,24 +9433,24 @@ func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			s := FullyQualifiedName(dAtA[iNdEx:postIndex])
-			m.MatchAttribute = &s
+			if err := m.Taint.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -6016,7 +9473,7 @@ func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
+func (m *DeviceTaintSelector) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -6039,15 +9496,15 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceRequest: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceTaintSelector: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceTaintSelector: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceClassName", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6075,11 +9532,12 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Name = string(dAtA[iNdEx:postIndex])
+			s := string(dAtA[iNdEx:postIndex])
+			m.DeviceClassName = &s
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DeviceClassName", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6107,13 +9565,14 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.DeviceClassName = string(dAtA[iNdEx:postIndex])
+			s := string(dAtA[iNdEx:postIndex])
+			m.Driver = &s
 			iNdEx = postIndex
 		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Pool", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -6123,29 +9582,28 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Selectors = append(m.Selectors, DeviceSelector{})
-			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.Pool = &s
 			iNdEx = postIndex
 		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field AllocationMode", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Device", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6173,13 +9631,14 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.AllocationMode = DeviceAllocationMode(dAtA[iNdEx:postIndex])
+			s := string(dAtA[iNdEx:postIndex])
+			m.Device = &s
 			iNdEx = postIndex
 		case 5:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Count", wireType)
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
 			}
-			m.Count = 0
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -6189,32 +9648,26 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				m.Count |= int64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-		case 6:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field AdminAccess", wireType)
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
 			}
-			var v int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				v |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
 			}
-			b := bool(v != 0)
-			m.AdminAccess = &b
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Selectors = append(m.Selectors, DeviceSelector{})
+			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -6236,7 +9689,7 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
+func (m *DeviceToleration) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -6259,15 +9712,15 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceRequestAllocationResult: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceToleration: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceRequestAllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceToleration: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Request", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Key", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6295,11 +9748,11 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Request = string(dAtA[iNdEx:postIndex])
+			m.Key = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Operator", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6327,11 +9780,11 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Driver = string(dAtA[iNdEx:postIndex])
+			m.Operator = DeviceTolerationOperator(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Pool", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6359,11 +9812,11 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Pool = string(dAtA[iNdEx:postIndex])
+			m.Value = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Device", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Effect", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6391,84 +9844,13 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Device = string(dAtA[iNdEx:postIndex])
+			m.Effect = DeviceTaintEffect(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 5:
 			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field AdminAccess", wireType)
-			}
-			var v int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				v |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			b := bool(v != 0)
-			m.AdminAccess = &b
-		default:
-			iNdEx = preIndex
-			skippy, err := skipGenerated(dAtA[iNdEx:])
-			if err != nil {
-				return err
-			}
-			if (skippy < 0) || (iNdEx+skippy) < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if (iNdEx + skippy) > l {
-				return io.ErrUnexpectedEOF
-			}
-			iNdEx += skippy
-		}
-	}
-
-	if iNdEx > l {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-func (m *DeviceSelector) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
-	for iNdEx < l {
-		preIndex := iNdEx
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return ErrIntOverflowGenerated
-			}
-			if iNdEx >= l {
-				return io.ErrUnexpectedEOF
-			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= uint64(b&0x7F) << shift
-			if b < 0x80 {
-				break
-			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceSelector: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceSelector: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field CEL", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field TolerationSeconds", wireType)
 			}
-			var msglen int
+			var v int64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -6478,28 +9860,12 @@ func (m *DeviceSelector) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				v |= int64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			if m.CEL == nil {
-				m.CEL = &CELDeviceSelector{}
-			}
-			if err := m.CEL.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
+			m.TolerationSeconds = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -8381,6 +11747,61 @@ func (m *ResourceSliceSpec) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 7:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PerDeviceNodeSelection", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.PerDeviceNodeSelection = &b
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field SharedCounters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.SharedCounters = append(m.SharedCounters, CounterSet{})
+			if err := m.SharedCounters[len(m.SharedCounters)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/resource/v1alpha3/generated.proto b/vendor/k8s.io/api/resource/v1alpha3/generated.proto
index e802a01439..103cafc6ad 100644
--- a/vendor/k8s.io/api/resource/v1alpha3/generated.proto
+++ b/vendor/k8s.io/api/resource/v1alpha3/generated.proto
@@ -62,6 +62,8 @@ message AllocatedDeviceStatus {
   // If the device has been configured according to the class and claim
   // config references, the `Ready` condition should be True.
   //
+  // Must not contain more than 8 entries.
+  //
   // +optional
   // +listType=map
   // +listMapKey=type
@@ -111,6 +113,64 @@ message BasicDevice {
   //
   // +optional
   map<string, .k8s.io.apimachinery.pkg.api.resource.Quantity> capacity = 2;
+
+  // ConsumesCounters defines a list of references to sharedCounters
+  // and the set of counters that the device will
+  // consume from those counter sets.
+  //
+  // There can only be a single entry per counterSet.
+  //
+  // The total number of device counter consumption entries
+  // must be <= 32. In addition, the total number in the
+  // entire ResourceSlice must be <= 1024 (for example,
+  // 64 devices with 16 counters each).
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRAPartitionableDevices
+  repeated DeviceCounterConsumption consumesCounters = 3;
+
+  // NodeName identifies the node where the device is available.
+  //
+  // Must only be set if Spec.PerDeviceNodeSelection is set to true.
+  // At most one of NodeName, NodeSelector and AllNodes can be set.
+  //
+  // +optional
+  // +oneOf=DeviceNodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional string nodeName = 4;
+
+  // NodeSelector defines the nodes where the device is available.
+  //
+  // Must only be set if Spec.PerDeviceNodeSelection is set to true.
+  // At most one of NodeName, NodeSelector and AllNodes can be set.
+  //
+  // +optional
+  // +oneOf=DeviceNodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional .k8s.io.api.core.v1.NodeSelector nodeSelector = 5;
+
+  // AllNodes indicates that all nodes have access to the device.
+  //
+  // Must only be set if Spec.PerDeviceNodeSelection is set to true.
+  // At most one of NodeName, NodeSelector and AllNodes can be set.
+  //
+  // +optional
+  // +oneOf=DeviceNodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional bool allNodes = 6;
+
+  // If specified, these are the driver-defined taints.
+  //
+  // The maximum number of taints is 4.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceTaint taints = 7;
 }
 
 // CELDeviceSelector contains a CEL expression for selecting a device.
@@ -170,6 +230,42 @@ message CELDeviceSelector {
   optional string expression = 1;
 }
 
+// Counter describes a quantity associated with a device.
+message Counter {
+  // Value defines how much of a certain device counter is available.
+  //
+  // +required
+  optional .k8s.io.apimachinery.pkg.api.resource.Quantity value = 1;
+}
+
+// CounterSet defines a named set of counters
+// that are available to be used by devices defined in the
+// ResourceSlice.
+//
+// The counters are not allocatable by themselves, but
+// can be referenced by devices. When a device is allocated,
+// the portion of counters it uses will no longer be available for use
+// by other devices.
+message CounterSet {
+  // CounterSet is the name of the set from which the
+  // counters defined will be consumed.
+  //
+  // +required
+  optional string name = 1;
+
+  // Counters defines the counters that will be consumed by the device.
+  // The name of each counter must be unique in that set and must be a DNS label.
+  //
+  // To ensure this uniqueness, capacities defined by the vendor
+  // must be listed without the driver name as domain prefix in
+  // their name. All others must be listed with their domain prefix.
+  //
+  // The maximum number of counters is 32.
+  //
+  // +required
+  map<string, Counter> counters = 2;
+}
+
 // Device represents one individual hardware instance that can be selected based
 // on its attributes. Besides the name, exactly one field must be set.
 message Device {
@@ -198,6 +294,10 @@ message DeviceAllocationConfiguration {
   // Requests lists the names of requests where the configuration applies.
   // If empty, its applies to all requests.
   //
+  // References to subrequests must include the name of the main request
+  // and may include the subrequest using the format <main request>[/<subrequest>]. If just
+  // the main request is given, the configuration applies to all subrequests.
+  //
   // +optional
   // +listType=atomic
   repeated string requests = 2;
@@ -284,6 +384,10 @@ message DeviceClaimConfiguration {
   // Requests lists the names of requests where the configuration applies.
   // If empty, it applies to all requests.
   //
+  // References to subrequests must include the name of the main request
+  // and may include the subrequest using the format <main request>[/<subrequest>]. If just
+  // the main request is given, the configuration applies to all subrequests.
+  //
   // +optional
   // +listType=atomic
   repeated string requests = 1;
@@ -368,6 +472,10 @@ message DeviceConstraint {
   // constraint. If this is not specified, this constraint applies to all
   // requests in this claim.
   //
+  // References to subrequests must include the name of the main request
+  // and may include the subrequest using the format <main request>[/<subrequest>]. If just
+  // the main request is given, the constraint applies to all subrequests.
+  //
   // +optional
   // +listType=atomic
   repeated string requests = 1;
@@ -390,14 +498,30 @@ message DeviceConstraint {
   optional string matchAttribute = 2;
 }
 
+// DeviceCounterConsumption defines a set of counters that
+// a device will consume from a CounterSet.
+message DeviceCounterConsumption {
+  // CounterSet defines the set from which the
+  // counters defined will be consumed.
+  //
+  // +required
+  optional string counterSet = 1;
+
+  // Counters defines the Counter that will be consumed by
+  // the device.
+  //
+  // The maximum number counters in a device is 32.
+  // In addition, the maximum number of all counters
+  // in all devices is 1024 (for example, 64 devices with
+  // 16 counters each).
+  //
+  // +required
+  map<string, Counter> counters = 2;
+}
+
 // DeviceRequest is a request for devices required for a claim.
 // This is typically a request for a single resource like a device, but can
 // also ask for several identical devices.
-//
-// A DeviceClassName is currently required. Clients must check that it is
-// indeed set. It's absence indicates that something changed in a way that
-// is not supported by the client yet, in which case it must refuse to
-// handle the request.
 message DeviceRequest {
   // Name can be used to reference this request in a pod.spec.containers[].resources.claims
   // entry and in a constraint of the claim.
@@ -411,7 +535,10 @@ message DeviceRequest {
   // additional configuration and selectors to be inherited by this
   // request.
   //
-  // A class is required. Which classes are available depends on the cluster.
+  // A class is required if no subrequests are specified in the
+  // firstAvailable list and no class can be set if subrequests
+  // are specified in the firstAvailable list.
+  // Which classes are available depends on the cluster.
   //
   // Administrators may use this to restrict which devices may get
   // requested by only installing classes with selectors for permitted
@@ -419,7 +546,8 @@ message DeviceRequest {
   // then administrators can create an empty DeviceClass for users
   // to reference.
   //
-  // +required
+  // +optional
+  // +oneOf=deviceRequestType
   optional string deviceClassName = 2;
 
   // Selectors define criteria which must be satisfied by a specific
@@ -427,6 +555,9 @@ message DeviceRequest {
   // request. All selectors must be satisfied for a device to be
   // considered.
   //
+  // This field can only be set when deviceClassName is set and no subrequests
+  // are specified in the firstAvailable list.
+  //
   // +optional
   // +listType=atomic
   repeated DeviceSelector selectors = 3;
@@ -439,13 +570,17 @@ message DeviceRequest {
   //   count field.
   //
   // - All: This request is for all of the matching devices in a pool.
+  //   At least one device must exist on the node for the allocation to succeed.
   //   Allocation will fail if some devices are already allocated,
   //   unless adminAccess is requested.
   //
-  // If AlloctionMode is not specified, the default mode is ExactCount. If
+  // If AllocationMode is not specified, the default mode is ExactCount. If
   // the mode is ExactCount and count is not specified, the default count is
   // one. Any other requests must specify this field.
   //
+  // This field can only be set when deviceClassName is set and no subrequests
+  // are specified in the firstAvailable list.
+  //
   // More modes may get added in the future. Clients must refuse to handle
   // requests with unknown modes.
   //
@@ -455,6 +590,9 @@ message DeviceRequest {
   // Count is used only when the count mode is "ExactCount". Must be greater than zero.
   // If AllocationMode is ExactCount and this field is not specified, the default is one.
   //
+  // This field can only be set when deviceClassName is set and no subrequests
+  // are specified in the firstAvailable list.
+  //
   // +optional
   // +oneOf=AllocationMode
   optional int64 count = 5;
@@ -465,6 +603,9 @@ message DeviceRequest {
   // all ordinary claims to the device with respect to access modes and
   // any resource allocations.
   //
+  // This field can only be set when deviceClassName is set and no subrequests
+  // are specified in the firstAvailable list.
+  //
   // This is an alpha field and requires enabling the DRAAdminAccess
   // feature gate. Admin access is disabled if this field is unset or
   // set to false, otherwise it is enabled.
@@ -472,13 +613,65 @@ message DeviceRequest {
   // +optional
   // +featureGate=DRAAdminAccess
   optional bool adminAccess = 6;
+
+  // FirstAvailable contains subrequests, of which exactly one will be
+  // satisfied by the scheduler to satisfy this request. It tries to
+  // satisfy them in the order in which they are listed here. So if
+  // there are two entries in the list, the scheduler will only check
+  // the second one if it determines that the first one cannot be used.
+  //
+  // This field may only be set in the entries of DeviceClaim.Requests.
+  //
+  // DRA does not yet implement scoring, so the scheduler will
+  // select the first set of devices that satisfies all the
+  // requests in the claim. And if the requirements can
+  // be satisfied on more than one node, other scheduling features
+  // will determine which node is chosen. This means that the set of
+  // devices allocated to a claim might not be the optimal set
+  // available to the cluster. Scoring will be implemented later.
+  //
+  // +optional
+  // +oneOf=deviceRequestType
+  // +listType=atomic
+  // +featureGate=DRAPrioritizedList
+  repeated DeviceSubRequest firstAvailable = 7;
+
+  // If specified, the request's tolerations.
+  //
+  // Tolerations for NoSchedule are required to allocate a
+  // device which has a taint with that effect. The same applies
+  // to NoExecute.
+  //
+  // In addition, should any of the allocated devices get tainted
+  // with NoExecute after allocation and that effect is not tolerated,
+  // then all pods consuming the ResourceClaim get deleted to evict
+  // them. The scheduler will not let new pods reserve the claim while
+  // it has these tainted devices. Once all pods are evicted, the
+  // claim will get deallocated.
+  //
+  // The maximum number of tolerations is 16.
+  //
+  // This field can only be set when deviceClassName is set and no subrequests
+  // are specified in the firstAvailable list.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceToleration tolerations = 8;
 }
 
 // DeviceRequestAllocationResult contains the allocation result for one request.
 message DeviceRequestAllocationResult {
   // Request is the name of the request in the claim which caused this
-  // device to be allocated. Multiple devices may have been allocated
-  // per request.
+  // device to be allocated. If it references a subrequest in the
+  // firstAvailable list on a DeviceRequest, this field must
+  // include both the name of the main request and the subrequest
+  // using the format <main request>/<subrequest>.
+  //
+  // Multiple devices may have been allocated per request.
   //
   // +required
   optional string request = 1;
@@ -519,6 +712,19 @@ message DeviceRequestAllocationResult {
   // +optional
   // +featureGate=DRAAdminAccess
   optional bool adminAccess = 5;
+
+  // A copy of all tolerations specified in the request at the time
+  // when the device got allocated.
+  //
+  // The maximum number of tolerations is 16.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceToleration tolerations = 6;
 }
 
 // DeviceSelector must have exactly one field set.
@@ -530,6 +736,262 @@ message DeviceSelector {
   optional CELDeviceSelector cel = 1;
 }
 
+// DeviceSubRequest describes a request for device provided in the
+// claim.spec.devices.requests[].firstAvailable array. Each
+// is typically a request for a single resource like a device, but can
+// also ask for several identical devices.
+//
+// DeviceSubRequest is similar to Request, but doesn't expose the AdminAccess
+// or FirstAvailable fields, as those can only be set on the top-level request.
+// AdminAccess is not supported for requests with a prioritized list, and
+// recursive FirstAvailable fields are not supported.
+message DeviceSubRequest {
+  // Name can be used to reference this subrequest in the list of constraints
+  // or the list of configurations for the claim. References must use the
+  // format <main request>/<subrequest>.
+  //
+  // Must be a DNS label.
+  //
+  // +required
+  optional string name = 1;
+
+  // DeviceClassName references a specific DeviceClass, which can define
+  // additional configuration and selectors to be inherited by this
+  // subrequest.
+  //
+  // A class is required. Which classes are available depends on the cluster.
+  //
+  // Administrators may use this to restrict which devices may get
+  // requested by only installing classes with selectors for permitted
+  // devices. If users are free to request anything without restrictions,
+  // then administrators can create an empty DeviceClass for users
+  // to reference.
+  //
+  // +required
+  optional string deviceClassName = 2;
+
+  // Selectors define criteria which must be satisfied by a specific
+  // device in order for that device to be considered for this
+  // request. All selectors must be satisfied for a device to be
+  // considered.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceSelector selectors = 3;
+
+  // AllocationMode and its related fields define how devices are allocated
+  // to satisfy this request. Supported values are:
+  //
+  // - ExactCount: This request is for a specific number of devices.
+  //   This is the default. The exact number is provided in the
+  //   count field.
+  //
+  // - All: This request is for all of the matching devices in a pool.
+  //   Allocation will fail if some devices are already allocated,
+  //   unless adminAccess is requested.
+  //
+  // If AllocationMode is not specified, the default mode is ExactCount. If
+  // the mode is ExactCount and count is not specified, the default count is
+  // one. Any other requests must specify this field.
+  //
+  // More modes may get added in the future. Clients must refuse to handle
+  // requests with unknown modes.
+  //
+  // +optional
+  optional string allocationMode = 4;
+
+  // Count is used only when the count mode is "ExactCount". Must be greater than zero.
+  // If AllocationMode is ExactCount and this field is not specified, the default is one.
+  //
+  // +optional
+  // +oneOf=AllocationMode
+  optional int64 count = 5;
+
+  // If specified, the request's tolerations.
+  //
+  // Tolerations for NoSchedule are required to allocate a
+  // device which has a taint with that effect. The same applies
+  // to NoExecute.
+  //
+  // In addition, should any of the allocated devices get tainted
+  // with NoExecute after allocation and that effect is not tolerated,
+  // then all pods consuming the ResourceClaim get deleted to evict
+  // them. The scheduler will not let new pods reserve the claim while
+  // it has these tainted devices. Once all pods are evicted, the
+  // claim will get deallocated.
+  //
+  // The maximum number of tolerations is 16.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceToleration tolerations = 7;
+}
+
+// The device this taint is attached to has the "effect" on
+// any claim which does not tolerate the taint and, through the claim,
+// to pods using the claim.
+message DeviceTaint {
+  // The taint key to be applied to a device.
+  // Must be a label name.
+  //
+  // +required
+  optional string key = 1;
+
+  // The taint value corresponding to the taint key.
+  // Must be a label value.
+  //
+  // +optional
+  optional string value = 2;
+
+  // The effect of the taint on claims that do not tolerate the taint
+  // and through such claims on the pods using them.
+  // Valid effects are NoSchedule and NoExecute. PreferNoSchedule as used for
+  // nodes is not valid here.
+  //
+  // +required
+  optional string effect = 3;
+
+  // TimeAdded represents the time at which the taint was added.
+  // Added automatically during create or update if not set.
+  //
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.Time timeAdded = 4;
+}
+
+// DeviceTaintRule adds one taint to all devices which match the selector.
+// This has the same effect as if the taint was specified directly
+// in the ResourceSlice by the DRA driver.
+message DeviceTaintRule {
+  // Standard object metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // Spec specifies the selector and one taint.
+  //
+  // Changing the spec automatically increments the metadata.generation number.
+  optional DeviceTaintRuleSpec spec = 2;
+}
+
+// DeviceTaintRuleList is a collection of DeviceTaintRules.
+message DeviceTaintRuleList {
+  // Standard list metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // Items is the list of DeviceTaintRules.
+  repeated DeviceTaintRule items = 2;
+}
+
+// DeviceTaintRuleSpec specifies the selector and one taint.
+message DeviceTaintRuleSpec {
+  // DeviceSelector defines which device(s) the taint is applied to.
+  // All selector criteria must be satified for a device to
+  // match. The empty selector matches all devices. Without
+  // a selector, no devices are matches.
+  //
+  // +optional
+  optional DeviceTaintSelector deviceSelector = 1;
+
+  // The taint that gets applied to matching devices.
+  //
+  // +required
+  optional DeviceTaint taint = 2;
+}
+
+// DeviceTaintSelector defines which device(s) a DeviceTaintRule applies to.
+// The empty selector matches all devices. Without a selector, no devices
+// are matched.
+message DeviceTaintSelector {
+  // If DeviceClassName is set, the selectors defined there must be
+  // satisfied by a device to be selected. This field corresponds
+  // to class.metadata.name.
+  //
+  // +optional
+  optional string deviceClassName = 1;
+
+  // If driver is set, only devices from that driver are selected.
+  // This fields corresponds to slice.spec.driver.
+  //
+  // +optional
+  optional string driver = 2;
+
+  // If pool is set, only devices in that pool are selected.
+  //
+  // Also setting the driver name may be useful to avoid
+  // ambiguity when different drivers use the same pool name,
+  // but this is not required because selecting pools from
+  // different drivers may also be useful, for example when
+  // drivers with node-local devices use the node name as
+  // their pool name.
+  //
+  // +optional
+  optional string pool = 3;
+
+  // If device is set, only devices with that name are selected.
+  // This field corresponds to slice.spec.devices[].name.
+  //
+  // Setting also driver and pool may be required to avoid ambiguity,
+  // but is not required.
+  //
+  // +optional
+  optional string device = 4;
+
+  // Selectors contains the same selection criteria as a ResourceClaim.
+  // Currently, CEL expressions are supported. All of these selectors
+  // must be satisfied.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceSelector selectors = 5;
+}
+
+// The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches
+// the triple <key,value,effect> using the matching operator <operator>.
+message DeviceToleration {
+  // Key is the taint key that the toleration applies to. Empty means match all taint keys.
+  // If the key is empty, operator must be Exists; this combination means to match all values and all keys.
+  // Must be a label name.
+  //
+  // +optional
+  optional string key = 1;
+
+  // Operator represents a key's relationship to the value.
+  // Valid operators are Exists and Equal. Defaults to Equal.
+  // Exists is equivalent to wildcard for value, so that a ResourceClaim can
+  // tolerate all taints of a particular category.
+  //
+  // +optional
+  // +default="Equal"
+  optional string operator = 2;
+
+  // Value is the taint value the toleration matches to.
+  // If the operator is Exists, the value must be empty, otherwise just a regular string.
+  // Must be a label value.
+  //
+  // +optional
+  optional string value = 3;
+
+  // Effect indicates the taint effect to match. Empty means match all taint effects.
+  // When specified, allowed values are NoSchedule and NoExecute.
+  //
+  // +optional
+  optional string effect = 4;
+
+  // TolerationSeconds represents the period of time the toleration (which must be
+  // of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
+  // it is not set, which means tolerate the taint forever (do not evict). Zero and
+  // negative values will be treated as 0 (evict immediately) by the system.
+  // If larger than zero, the time when the pod needs to be evicted is calculated as <time when
+  // taint was adedd> + <toleration seconds>.
+  //
+  // +optional
+  optional int64 tolerationSeconds = 5;
+}
+
 // NetworkDeviceData provides network-related details for the allocated device.
 // This information may be filled by drivers or other components to configure
 // or identify the device within a network context.
@@ -549,6 +1011,8 @@ message NetworkDeviceData {
   // associated subnet mask.
   // e.g.: "192.0.2.5/24" for IPv4 and "2001:db8::5/64" for IPv6.
   //
+  // Must not contain more than 16 entries.
+  //
   // +optional
   // +listType=atomic
   repeated string ips = 2;
@@ -847,7 +1311,7 @@ message ResourceSliceSpec {
   // new nodes of the same type as some old node might also make new
   // resources available.
   //
-  // Exactly one of NodeName, NodeSelector and AllNodes must be set.
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
   // This field is immutable.
   //
   // +optional
@@ -859,7 +1323,7 @@ message ResourceSliceSpec {
   //
   // Must use exactly one term.
   //
-  // Exactly one of NodeName, NodeSelector and AllNodes must be set.
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
   //
   // +optional
   // +oneOf=NodeSelection
@@ -867,7 +1331,7 @@ message ResourceSliceSpec {
 
   // AllNodes indicates that all nodes have access to the resources in the pool.
   //
-  // Exactly one of NodeName, NodeSelector and AllNodes must be set.
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
   //
   // +optional
   // +oneOf=NodeSelection
@@ -880,5 +1344,29 @@ message ResourceSliceSpec {
   // +optional
   // +listType=atomic
   repeated Device devices = 6;
+
+  // PerDeviceNodeSelection defines whether the access from nodes to
+  // resources in the pool is set on the ResourceSlice level or on each
+  // device. If it is set to true, every device defined the ResourceSlice
+  // must specify this individually.
+  //
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+  //
+  // +optional
+  // +oneOf=NodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional bool perDeviceNodeSelection = 7;
+
+  // SharedCounters defines a list of counter sets, each of which
+  // has a name and a list of counters available.
+  //
+  // The names of the SharedCounters must be unique in the ResourceSlice.
+  //
+  // The maximum number of SharedCounters is 32.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRAPartitionableDevices
+  repeated CounterSet sharedCounters = 8;
 }
 
diff --git a/vendor/k8s.io/api/resource/v1alpha3/register.go b/vendor/k8s.io/api/resource/v1alpha3/register.go
index 8573758e31..b02ba0e28b 100644
--- a/vendor/k8s.io/api/resource/v1alpha3/register.go
+++ b/vendor/k8s.io/api/resource/v1alpha3/register.go
@@ -52,6 +52,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 		&ResourceClaimTemplateList{},
 		&ResourceSlice{},
 		&ResourceSliceList{},
+		&DeviceTaintRule{},
+		&DeviceTaintRuleList{},
 	)
 
 	// Add the watch version that applies
diff --git a/vendor/k8s.io/api/resource/v1alpha3/types.go b/vendor/k8s.io/api/resource/v1alpha3/types.go
index 49d7c86de3..29a4b0343f 100644
--- a/vendor/k8s.io/api/resource/v1alpha3/types.go
+++ b/vendor/k8s.io/api/resource/v1alpha3/types.go
@@ -110,7 +110,7 @@ type ResourceSliceSpec struct {
 	// new nodes of the same type as some old node might also make new
 	// resources available.
 	//
-	// Exactly one of NodeName, NodeSelector and AllNodes must be set.
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
 	// This field is immutable.
 	//
 	// +optional
@@ -122,7 +122,7 @@ type ResourceSliceSpec struct {
 	//
 	// Must use exactly one term.
 	//
-	// Exactly one of NodeName, NodeSelector and AllNodes must be set.
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
 	//
 	// +optional
 	// +oneOf=NodeSelection
@@ -130,7 +130,7 @@ type ResourceSliceSpec struct {
 
 	// AllNodes indicates that all nodes have access to the resources in the pool.
 	//
-	// Exactly one of NodeName, NodeSelector and AllNodes must be set.
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
 	//
 	// +optional
 	// +oneOf=NodeSelection
@@ -143,6 +143,66 @@ type ResourceSliceSpec struct {
 	// +optional
 	// +listType=atomic
 	Devices []Device `json:"devices" protobuf:"bytes,6,name=devices"`
+
+	// PerDeviceNodeSelection defines whether the access from nodes to
+	// resources in the pool is set on the ResourceSlice level or on each
+	// device. If it is set to true, every device defined the ResourceSlice
+	// must specify this individually.
+	//
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+	//
+	// +optional
+	// +oneOf=NodeSelection
+	// +featureGate=DRAPartitionableDevices
+	PerDeviceNodeSelection *bool `json:"perDeviceNodeSelection,omitempty" protobuf:"bytes,7,name=perDeviceNodeSelection"`
+
+	// SharedCounters defines a list of counter sets, each of which
+	// has a name and a list of counters available.
+	//
+	// The names of the SharedCounters must be unique in the ResourceSlice.
+	//
+	// The maximum number of SharedCounters is 32.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRAPartitionableDevices
+	SharedCounters []CounterSet `json:"sharedCounters,omitempty" protobuf:"bytes,8,name=sharedCounters"`
+}
+
+// CounterSet defines a named set of counters
+// that are available to be used by devices defined in the
+// ResourceSlice.
+//
+// The counters are not allocatable by themselves, but
+// can be referenced by devices. When a device is allocated,
+// the portion of counters it uses will no longer be available for use
+// by other devices.
+type CounterSet struct {
+	// CounterSet is the name of the set from which the
+	// counters defined will be consumed.
+	//
+	// +required
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+
+	// Counters defines the counters that will be consumed by the device.
+	// The name of each counter must be unique in that set and must be a DNS label.
+	//
+	// To ensure this uniqueness, capacities defined by the vendor
+	// must be listed without the driver name as domain prefix in
+	// their name. All others must be listed with their domain prefix.
+	//
+	// The maximum number of counters is 32.
+	//
+	// +required
+	Counters map[string]Counter `json:"counters,omitempty" protobuf:"bytes,2,name=counters"`
+}
+
+// Counter describes a quantity associated with a device.
+type Counter struct {
+	// Value defines how much of a certain device counter is available.
+	//
+	// +required
+	Value resource.Quantity `json:"value" protobuf:"bytes,1,rep,name=value"`
 }
 
 // DriverNameMaxLength is the maximum valid length of a driver name in the
@@ -223,11 +283,98 @@ type BasicDevice struct {
 	//
 	// +optional
 	Capacity map[QualifiedName]resource.Quantity `json:"capacity,omitempty" protobuf:"bytes,2,rep,name=capacity"`
+
+	// ConsumesCounters defines a list of references to sharedCounters
+	// and the set of counters that the device will
+	// consume from those counter sets.
+	//
+	// There can only be a single entry per counterSet.
+	//
+	// The total number of device counter consumption entries
+	// must be <= 32. In addition, the total number in the
+	// entire ResourceSlice must be <= 1024 (for example,
+	// 64 devices with 16 counters each).
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRAPartitionableDevices
+	ConsumesCounters []DeviceCounterConsumption `json:"consumesCounters,omitempty" protobuf:"bytes,3,rep,name=consumesCounters"`
+
+	// NodeName identifies the node where the device is available.
+	//
+	// Must only be set if Spec.PerDeviceNodeSelection is set to true.
+	// At most one of NodeName, NodeSelector and AllNodes can be set.
+	//
+	// +optional
+	// +oneOf=DeviceNodeSelection
+	// +featureGate=DRAPartitionableDevices
+	NodeName *string `json:"nodeName,omitempty" protobuf:"bytes,4,opt,name=nodeName"`
+
+	// NodeSelector defines the nodes where the device is available.
+	//
+	// Must only be set if Spec.PerDeviceNodeSelection is set to true.
+	// At most one of NodeName, NodeSelector and AllNodes can be set.
+	//
+	// +optional
+	// +oneOf=DeviceNodeSelection
+	// +featureGate=DRAPartitionableDevices
+	NodeSelector *v1.NodeSelector `json:"nodeSelector,omitempty" protobuf:"bytes,5,opt,name=nodeSelector"`
+
+	// AllNodes indicates that all nodes have access to the device.
+	//
+	// Must only be set if Spec.PerDeviceNodeSelection is set to true.
+	// At most one of NodeName, NodeSelector and AllNodes can be set.
+	//
+	// +optional
+	// +oneOf=DeviceNodeSelection
+	// +featureGate=DRAPartitionableDevices
+	AllNodes *bool `json:"allNodes,omitempty" protobuf:"bytes,6,opt,name=allNodes"`
+
+	// If specified, these are the driver-defined taints.
+	//
+	// The maximum number of taints is 4.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Taints []DeviceTaint `json:"taints,omitempty" protobuf:"bytes,7,rep,name=taints"`
+}
+
+// DeviceCounterConsumption defines a set of counters that
+// a device will consume from a CounterSet.
+type DeviceCounterConsumption struct {
+	// CounterSet defines the set from which the
+	// counters defined will be consumed.
+	//
+	// +required
+	CounterSet string `json:"counterSet" protobuf:"bytes,1,opt,name=counterSet"`
+
+	// Counters defines the Counter that will be consumed by
+	// the device.
+	//
+	// The maximum number counters in a device is 32.
+	// In addition, the maximum number of all counters
+	// in all devices is 1024 (for example, 64 devices with
+	// 16 counters each).
+	//
+	// +required
+	Counters map[string]Counter `json:"counters,omitempty" protobuf:"bytes,2,opt,name=counters"`
 }
 
 // Limit for the sum of the number of entries in both attributes and capacity.
 const ResourceSliceMaxAttributesAndCapacitiesPerDevice = 32
 
+// Limit for the total number of counters in each device.
+const ResourceSliceMaxCountersPerDevice = 32
+
+// Limit for the total number of counters defined in devices in
+// a ResourceSlice. We want to allow up to 64 devices to specify
+// up to 16 counters, so the limit for the ResourceSlice will be 1024.
+const ResourceSliceMaxDeviceCountersPerSlice = 1024 // 64 * 16
+
 // QualifiedName is the name of a device attribute or capacity.
 //
 // Attributes and capacities are defined either by the owner of the specific
@@ -290,6 +437,64 @@ type DeviceAttribute struct {
 // DeviceAttributeMaxValueLength is the maximum length of a string or version attribute value.
 const DeviceAttributeMaxValueLength = 64
 
+// DeviceTaintsMaxLength is the maximum number of taints per device.
+const DeviceTaintsMaxLength = 4
+
+// The device this taint is attached to has the "effect" on
+// any claim which does not tolerate the taint and, through the claim,
+// to pods using the claim.
+type DeviceTaint struct {
+	// The taint key to be applied to a device.
+	// Must be a label name.
+	//
+	// +required
+	Key string `json:"key" protobuf:"bytes,1,name=key"`
+
+	// The taint value corresponding to the taint key.
+	// Must be a label value.
+	//
+	// +optional
+	Value string `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"`
+
+	// The effect of the taint on claims that do not tolerate the taint
+	// and through such claims on the pods using them.
+	// Valid effects are NoSchedule and NoExecute. PreferNoSchedule as used for
+	// nodes is not valid here.
+	//
+	// +required
+	Effect DeviceTaintEffect `json:"effect" protobuf:"bytes,3,name=effect,casttype=DeviceTaintEffect"`
+
+	// ^^^^
+	//
+	// Implementing PreferNoSchedule would depend on a scoring solution for DRA.
+	// It might get added as part of that.
+
+	// TimeAdded represents the time at which the taint was added.
+	// Added automatically during create or update if not set.
+	//
+	// +optional
+	TimeAdded *metav1.Time `json:"timeAdded,omitempty" protobuf:"bytes,4,opt,name=timeAdded"`
+
+	// ^^^
+	//
+	// This field was defined as "It is only written for NoExecute taints." for node taints.
+	// But in practice, Kubernetes never did anything with it (no validation, no defaulting,
+	// ignored during pod eviction in pkg/controller/tainteviction).
+}
+
+// +enum
+type DeviceTaintEffect string
+
+const (
+	// Do not allow new pods to schedule which use a tainted device unless they tolerate the taint,
+	// but allow all pods submitted to Kubelet without going through the scheduler
+	// to start, and allow all already-running pods to continue running.
+	DeviceTaintEffectNoSchedule DeviceTaintEffect = "NoSchedule"
+
+	// Evict any already-running pods that do not tolerate the device taint.
+	DeviceTaintEffectNoExecute DeviceTaintEffect = "NoExecute"
+)
+
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 // +k8s:prerelease-lifecycle-gen:introduced=1.31
 // +k8s:prerelease-lifecycle-gen:replacement=resource.k8s.io,v1beta1,ResourceSliceList
@@ -383,14 +588,18 @@ const (
 	DeviceConfigMaxSize      = 32
 )
 
+// DRAAdminNamespaceLabelKey is a label key used to grant administrative access
+// to certain resource.k8s.io API types within a namespace. When this label is
+// set on a namespace with the value "true" (case-sensitive), it allows the use
+// of adminAccess: true in any namespaced resource.k8s.io API types. Currently,
+// this permission applies to ResourceClaim and ResourceClaimTemplate objects.
+const (
+	DRAAdminNamespaceLabelKey = "resource.k8s.io/admin-access"
+)
+
 // DeviceRequest is a request for devices required for a claim.
 // This is typically a request for a single resource like a device, but can
 // also ask for several identical devices.
-//
-// A DeviceClassName is currently required. Clients must check that it is
-// indeed set. It's absence indicates that something changed in a way that
-// is not supported by the client yet, in which case it must refuse to
-// handle the request.
 type DeviceRequest struct {
 	// Name can be used to reference this request in a pod.spec.containers[].resources.claims
 	// entry and in a constraint of the claim.
@@ -404,7 +613,10 @@ type DeviceRequest struct {
 	// additional configuration and selectors to be inherited by this
 	// request.
 	//
-	// A class is required. Which classes are available depends on the cluster.
+	// A class is required if no subrequests are specified in the
+	// firstAvailable list and no class can be set if subrequests
+	// are specified in the firstAvailable list.
+	// Which classes are available depends on the cluster.
 	//
 	// Administrators may use this to restrict which devices may get
 	// requested by only installing classes with selectors for permitted
@@ -412,7 +624,8 @@ type DeviceRequest struct {
 	// then administrators can create an empty DeviceClass for users
 	// to reference.
 	//
-	// +required
+	// +optional
+	// +oneOf=deviceRequestType
 	DeviceClassName string `json:"deviceClassName" protobuf:"bytes,2,name=deviceClassName"`
 
 	// Selectors define criteria which must be satisfied by a specific
@@ -420,6 +633,9 @@ type DeviceRequest struct {
 	// request. All selectors must be satisfied for a device to be
 	// considered.
 	//
+	// This field can only be set when deviceClassName is set and no subrequests
+	// are specified in the firstAvailable list.
+	//
 	// +optional
 	// +listType=atomic
 	Selectors []DeviceSelector `json:"selectors,omitempty" protobuf:"bytes,3,name=selectors"`
@@ -432,13 +648,17 @@ type DeviceRequest struct {
 	//   count field.
 	//
 	// - All: This request is for all of the matching devices in a pool.
+	//   At least one device must exist on the node for the allocation to succeed.
 	//   Allocation will fail if some devices are already allocated,
 	//   unless adminAccess is requested.
 	//
-	// If AlloctionMode is not specified, the default mode is ExactCount. If
+	// If AllocationMode is not specified, the default mode is ExactCount. If
 	// the mode is ExactCount and count is not specified, the default count is
 	// one. Any other requests must specify this field.
 	//
+	// This field can only be set when deviceClassName is set and no subrequests
+	// are specified in the firstAvailable list.
+	//
 	// More modes may get added in the future. Clients must refuse to handle
 	// requests with unknown modes.
 	//
@@ -448,6 +668,9 @@ type DeviceRequest struct {
 	// Count is used only when the count mode is "ExactCount". Must be greater than zero.
 	// If AllocationMode is ExactCount and this field is not specified, the default is one.
 	//
+	// This field can only be set when deviceClassName is set and no subrequests
+	// are specified in the firstAvailable list.
+	//
 	// +optional
 	// +oneOf=AllocationMode
 	Count int64 `json:"count,omitempty" protobuf:"bytes,5,opt,name=count"`
@@ -458,6 +681,9 @@ type DeviceRequest struct {
 	// all ordinary claims to the device with respect to access modes and
 	// any resource allocations.
 	//
+	// This field can only be set when deviceClassName is set and no subrequests
+	// are specified in the firstAvailable list.
+	//
 	// This is an alpha field and requires enabling the DRAAdminAccess
 	// feature gate. Admin access is disabled if this field is unset or
 	// set to false, otherwise it is enabled.
@@ -465,10 +691,155 @@ type DeviceRequest struct {
 	// +optional
 	// +featureGate=DRAAdminAccess
 	AdminAccess *bool `json:"adminAccess,omitempty" protobuf:"bytes,6,opt,name=adminAccess"`
+
+	// FirstAvailable contains subrequests, of which exactly one will be
+	// satisfied by the scheduler to satisfy this request. It tries to
+	// satisfy them in the order in which they are listed here. So if
+	// there are two entries in the list, the scheduler will only check
+	// the second one if it determines that the first one cannot be used.
+	//
+	// This field may only be set in the entries of DeviceClaim.Requests.
+	//
+	// DRA does not yet implement scoring, so the scheduler will
+	// select the first set of devices that satisfies all the
+	// requests in the claim. And if the requirements can
+	// be satisfied on more than one node, other scheduling features
+	// will determine which node is chosen. This means that the set of
+	// devices allocated to a claim might not be the optimal set
+	// available to the cluster. Scoring will be implemented later.
+	//
+	// +optional
+	// +oneOf=deviceRequestType
+	// +listType=atomic
+	// +featureGate=DRAPrioritizedList
+	FirstAvailable []DeviceSubRequest `json:"firstAvailable,omitempty" protobuf:"bytes,7,name=firstAvailable"`
+
+	// If specified, the request's tolerations.
+	//
+	// Tolerations for NoSchedule are required to allocate a
+	// device which has a taint with that effect. The same applies
+	// to NoExecute.
+	//
+	// In addition, should any of the allocated devices get tainted
+	// with NoExecute after allocation and that effect is not tolerated,
+	// then all pods consuming the ResourceClaim get deleted to evict
+	// them. The scheduler will not let new pods reserve the claim while
+	// it has these tainted devices. Once all pods are evicted, the
+	// claim will get deallocated.
+	//
+	// The maximum number of tolerations is 16.
+	//
+	// This field can only be set when deviceClassName is set and no subrequests
+	// are specified in the firstAvailable list.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Tolerations []DeviceToleration `json:"tolerations,omitempty" protobuf:"bytes,8,opt,name=tolerations"`
+}
+
+// DeviceSubRequest describes a request for device provided in the
+// claim.spec.devices.requests[].firstAvailable array. Each
+// is typically a request for a single resource like a device, but can
+// also ask for several identical devices.
+//
+// DeviceSubRequest is similar to Request, but doesn't expose the AdminAccess
+// or FirstAvailable fields, as those can only be set on the top-level request.
+// AdminAccess is not supported for requests with a prioritized list, and
+// recursive FirstAvailable fields are not supported.
+type DeviceSubRequest struct {
+	// Name can be used to reference this subrequest in the list of constraints
+	// or the list of configurations for the claim. References must use the
+	// format <main request>/<subrequest>.
+	//
+	// Must be a DNS label.
+	//
+	// +required
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+
+	// DeviceClassName references a specific DeviceClass, which can define
+	// additional configuration and selectors to be inherited by this
+	// subrequest.
+	//
+	// A class is required. Which classes are available depends on the cluster.
+	//
+	// Administrators may use this to restrict which devices may get
+	// requested by only installing classes with selectors for permitted
+	// devices. If users are free to request anything without restrictions,
+	// then administrators can create an empty DeviceClass for users
+	// to reference.
+	//
+	// +required
+	DeviceClassName string `json:"deviceClassName" protobuf:"bytes,2,name=deviceClassName"`
+
+	// Selectors define criteria which must be satisfied by a specific
+	// device in order for that device to be considered for this
+	// request. All selectors must be satisfied for a device to be
+	// considered.
+	//
+	// +optional
+	// +listType=atomic
+	Selectors []DeviceSelector `json:"selectors,omitempty" protobuf:"bytes,3,name=selectors"`
+
+	// AllocationMode and its related fields define how devices are allocated
+	// to satisfy this request. Supported values are:
+	//
+	// - ExactCount: This request is for a specific number of devices.
+	//   This is the default. The exact number is provided in the
+	//   count field.
+	//
+	// - All: This request is for all of the matching devices in a pool.
+	//   Allocation will fail if some devices are already allocated,
+	//   unless adminAccess is requested.
+	//
+	// If AllocationMode is not specified, the default mode is ExactCount. If
+	// the mode is ExactCount and count is not specified, the default count is
+	// one. Any other requests must specify this field.
+	//
+	// More modes may get added in the future. Clients must refuse to handle
+	// requests with unknown modes.
+	//
+	// +optional
+	AllocationMode DeviceAllocationMode `json:"allocationMode,omitempty" protobuf:"bytes,4,opt,name=allocationMode"`
+
+	// Count is used only when the count mode is "ExactCount". Must be greater than zero.
+	// If AllocationMode is ExactCount and this field is not specified, the default is one.
+	//
+	// +optional
+	// +oneOf=AllocationMode
+	Count int64 `json:"count,omitempty" protobuf:"bytes,5,opt,name=count"`
+
+	// If specified, the request's tolerations.
+	//
+	// Tolerations for NoSchedule are required to allocate a
+	// device which has a taint with that effect. The same applies
+	// to NoExecute.
+	//
+	// In addition, should any of the allocated devices get tainted
+	// with NoExecute after allocation and that effect is not tolerated,
+	// then all pods consuming the ResourceClaim get deleted to evict
+	// them. The scheduler will not let new pods reserve the claim while
+	// it has these tainted devices. Once all pods are evicted, the
+	// claim will get deallocated.
+	//
+	// The maximum number of tolerations is 16.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Tolerations []DeviceToleration `json:"tolerations,omitempty" protobuf:"bytes,7,opt,name=tolerations"`
 }
 
 const (
-	DeviceSelectorsMaxSize = 32
+	DeviceSelectorsMaxSize             = 32
+	FirstAvailableDeviceRequestMaxSize = 8
+	DeviceTolerationsMaxLength         = 16
 )
 
 type DeviceAllocationMode string
@@ -581,6 +952,10 @@ type DeviceConstraint struct {
 	// constraint. If this is not specified, this constraint applies to all
 	// requests in this claim.
 	//
+	// References to subrequests must include the name of the main request
+	// and may include the subrequest using the format <main request>[/<subrequest>]. If just
+	// the main request is given, the constraint applies to all subrequests.
+	//
 	// +optional
 	// +listType=atomic
 	Requests []string `json:"requests,omitempty" protobuf:"bytes,1,opt,name=requests"`
@@ -618,6 +993,10 @@ type DeviceClaimConfiguration struct {
 	// Requests lists the names of requests where the configuration applies.
 	// If empty, it applies to all requests.
 	//
+	// References to subrequests must include the name of the main request
+	// and may include the subrequest using the format <main request>[/<subrequest>]. If just
+	// the main request is given, the configuration applies to all subrequests.
+	//
 	// +optional
 	// +listType=atomic
 	Requests []string `json:"requests,omitempty" protobuf:"bytes,1,opt,name=requests"`
@@ -666,6 +1045,59 @@ type OpaqueDeviceConfiguration struct {
 // [OpaqueDeviceConfiguration.Parameters] field.
 const OpaqueParametersMaxLength = 10 * 1024
 
+// The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches
+// the triple <key,value,effect> using the matching operator <operator>.
+type DeviceToleration struct {
+	// Key is the taint key that the toleration applies to. Empty means match all taint keys.
+	// If the key is empty, operator must be Exists; this combination means to match all values and all keys.
+	// Must be a label name.
+	//
+	// +optional
+	Key string `json:"key,omitempty" protobuf:"bytes,1,opt,name=key"`
+
+	// Operator represents a key's relationship to the value.
+	// Valid operators are Exists and Equal. Defaults to Equal.
+	// Exists is equivalent to wildcard for value, so that a ResourceClaim can
+	// tolerate all taints of a particular category.
+	//
+	// +optional
+	// +default="Equal"
+	Operator DeviceTolerationOperator `json:"operator,omitempty" protobuf:"bytes,2,opt,name=operator,casttype=DeviceTolerationOperator"`
+
+	// Value is the taint value the toleration matches to.
+	// If the operator is Exists, the value must be empty, otherwise just a regular string.
+	// Must be a label value.
+	//
+	// +optional
+	Value string `json:"value,omitempty" protobuf:"bytes,3,opt,name=value"`
+
+	// Effect indicates the taint effect to match. Empty means match all taint effects.
+	// When specified, allowed values are NoSchedule and NoExecute.
+	//
+	// +optional
+	Effect DeviceTaintEffect `json:"effect,omitempty" protobuf:"bytes,4,opt,name=effect,casttype=DeviceTaintEffect"`
+
+	// TolerationSeconds represents the period of time the toleration (which must be
+	// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
+	// it is not set, which means tolerate the taint forever (do not evict). Zero and
+	// negative values will be treated as 0 (evict immediately) by the system.
+	// If larger than zero, the time when the pod needs to be evicted is calculated as <time when
+	// taint was adedd> + <toleration seconds>.
+	//
+	// +optional
+	TolerationSeconds *int64 `json:"tolerationSeconds,omitempty" protobuf:"varint,5,opt,name=tolerationSeconds"`
+}
+
+// A toleration operator is the set of operators that can be used in a toleration.
+//
+// +enum
+type DeviceTolerationOperator string
+
+const (
+	DeviceTolerationOpExists DeviceTolerationOperator = "Exists"
+	DeviceTolerationOpEqual  DeviceTolerationOperator = "Equal"
+)
+
 // ResourceClaimStatus tracks whether the resource has been allocated and what
 // the result of that was.
 type ResourceClaimStatus struct {
@@ -790,8 +1222,12 @@ const AllocationResultsMaxSize = 32
 // DeviceRequestAllocationResult contains the allocation result for one request.
 type DeviceRequestAllocationResult struct {
 	// Request is the name of the request in the claim which caused this
-	// device to be allocated. Multiple devices may have been allocated
-	// per request.
+	// device to be allocated. If it references a subrequest in the
+	// firstAvailable list on a DeviceRequest, this field must
+	// include both the name of the main request and the subrequest
+	// using the format <main request>/<subrequest>.
+	//
+	// Multiple devices may have been allocated per request.
 	//
 	// +required
 	Request string `json:"request" protobuf:"bytes,1,name=request"`
@@ -832,6 +1268,19 @@ type DeviceRequestAllocationResult struct {
 	// +optional
 	// +featureGate=DRAAdminAccess
 	AdminAccess *bool `json:"adminAccess" protobuf:"bytes,5,name=adminAccess"`
+
+	// A copy of all tolerations specified in the request at the time
+	// when the device got allocated.
+	//
+	// The maximum number of tolerations is 16.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Tolerations []DeviceToleration `json:"tolerations,omitempty" protobuf:"bytes,6,opt,name=tolerations"`
 }
 
 // DeviceAllocationConfiguration gets embedded in an AllocationResult.
@@ -846,6 +1295,10 @@ type DeviceAllocationConfiguration struct {
 	// Requests lists the names of requests where the configuration applies.
 	// If empty, its applies to all requests.
 	//
+	// References to subrequests must include the name of the main request
+	// and may include the subrequest using the format <main request>[/<subrequest>]. If just
+	// the main request is given, the configuration applies to all subrequests.
+	//
 	// +optional
 	// +listType=atomic
 	Requests []string `json:"requests,omitempty" protobuf:"bytes,2,opt,name=requests"`
@@ -1003,6 +1456,24 @@ type ResourceClaimTemplateList struct {
 	Items []ResourceClaimTemplate `json:"items" protobuf:"bytes,2,rep,name=items"`
 }
 
+const (
+	// AllocatedDeviceStatusMaxConditions represents the maximum number of
+	// conditions in a device status.
+	AllocatedDeviceStatusMaxConditions int = 8
+	// AllocatedDeviceStatusDataMaxLength represents the maximum length of the
+	// raw data in the Data field in a device status.
+	AllocatedDeviceStatusDataMaxLength int = 10 * 1024
+	// NetworkDeviceDataMaxIPs represents the maximum number of IPs in the networkData
+	// field in a device status.
+	NetworkDeviceDataMaxIPs int = 16
+	// NetworkDeviceDataInterfaceNameMaxLength represents the maximum number of characters
+	// for the networkData.interfaceName field in a device status.
+	NetworkDeviceDataInterfaceNameMaxLength int = 256
+	// NetworkDeviceDataHardwareAddressMaxLength represents the maximum number of characters
+	// for the networkData.hardwareAddress field in a device status.
+	NetworkDeviceDataHardwareAddressMaxLength int = 128
+)
+
 // AllocatedDeviceStatus contains the status of an allocated device, if the
 // driver chooses to report it. This may include driver-specific information.
 type AllocatedDeviceStatus struct {
@@ -1035,6 +1506,8 @@ type AllocatedDeviceStatus struct {
 	// If the device has been configured according to the class and claim
 	// config references, the `Ready` condition should be True.
 	//
+	// Must not contain more than 8 entries.
+	//
 	// +optional
 	// +listType=map
 	// +listMapKey=type
@@ -1045,7 +1518,7 @@ type AllocatedDeviceStatus struct {
 	// The length of the raw data must be smaller or equal to 10 Ki.
 	//
 	// +optional
-	Data runtime.RawExtension `json:"data,omitempty" protobuf:"bytes,5,opt,name=data"`
+	Data *runtime.RawExtension `json:"data,omitempty" protobuf:"bytes,5,opt,name=data"`
 
 	// NetworkData contains network-related information specific to the device.
 	//
@@ -1072,6 +1545,8 @@ type NetworkDeviceData struct {
 	// associated subnet mask.
 	// e.g.: "192.0.2.5/24" for IPv4 and "2001:db8::5/64" for IPv6.
 	//
+	// Must not contain more than 16 entries.
+	//
 	// +optional
 	// +listType=atomic
 	IPs []string `json:"ips,omitempty" protobuf:"bytes,2,opt,name=ips"`
@@ -1083,3 +1558,107 @@ type NetworkDeviceData struct {
 	// +optional
 	HardwareAddress string `json:"hardwareAddress,omitempty" protobuf:"bytes,3,opt,name=hardwareAddress"`
 }
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// DeviceTaintRule adds one taint to all devices which match the selector.
+// This has the same effect as if the taint was specified directly
+// in the ResourceSlice by the DRA driver.
+type DeviceTaintRule struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard object metadata
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Spec specifies the selector and one taint.
+	//
+	// Changing the spec automatically increments the metadata.generation number.
+	Spec DeviceTaintRuleSpec `json:"spec" protobuf:"bytes,2,name=spec"`
+
+	// ^^^
+	// A spec gets added because adding a status seems likely.
+	// Such a status could provide feedback on applying the
+	// eviction and/or statistics (number of matching devices,
+	// affected allocated claims, pods remaining to be evicted,
+	// etc.).
+}
+
+// DeviceTaintRuleSpec specifies the selector and one taint.
+type DeviceTaintRuleSpec struct {
+	// DeviceSelector defines which device(s) the taint is applied to.
+	// All selector criteria must be satified for a device to
+	// match. The empty selector matches all devices. Without
+	// a selector, no devices are matches.
+	//
+	// +optional
+	DeviceSelector *DeviceTaintSelector `json:"deviceSelector,omitempty" protobuf:"bytes,1,opt,name=deviceSelector"`
+
+	// The taint that gets applied to matching devices.
+	//
+	// +required
+	Taint DeviceTaint `json:"taint,omitempty" protobuf:"bytes,2,rep,name=taint"`
+}
+
+// DeviceTaintSelector defines which device(s) a DeviceTaintRule applies to.
+// The empty selector matches all devices. Without a selector, no devices
+// are matched.
+type DeviceTaintSelector struct {
+	// If DeviceClassName is set, the selectors defined there must be
+	// satisfied by a device to be selected. This field corresponds
+	// to class.metadata.name.
+	//
+	// +optional
+	DeviceClassName *string `json:"deviceClassName,omitempty" protobuf:"bytes,1,opt,name=deviceClassName"`
+
+	// If driver is set, only devices from that driver are selected.
+	// This fields corresponds to slice.spec.driver.
+	//
+	// +optional
+	Driver *string `json:"driver,omitempty" protobuf:"bytes,2,opt,name=driver"`
+
+	// If pool is set, only devices in that pool are selected.
+	//
+	// Also setting the driver name may be useful to avoid
+	// ambiguity when different drivers use the same pool name,
+	// but this is not required because selecting pools from
+	// different drivers may also be useful, for example when
+	// drivers with node-local devices use the node name as
+	// their pool name.
+	//
+	// +optional
+	Pool *string `json:"pool,omitempty" protobuf:"bytes,3,opt,name=pool"`
+
+	// If device is set, only devices with that name are selected.
+	// This field corresponds to slice.spec.devices[].name.
+	//
+	// Setting also driver and pool may be required to avoid ambiguity,
+	// but is not required.
+	//
+	// +optional
+	Device *string `json:"device,omitempty" protobuf:"bytes,4,opt,name=device"`
+
+	// Selectors contains the same selection criteria as a ResourceClaim.
+	// Currently, CEL expressions are supported. All of these selectors
+	// must be satisfied.
+	//
+	// +optional
+	// +listType=atomic
+	Selectors []DeviceSelector `json:"selectors,omitempty" protobuf:"bytes,5,rep,name=selectors"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// DeviceTaintRuleList is a collection of DeviceTaintRules.
+type DeviceTaintRuleList struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard list metadata
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Items is the list of DeviceTaintRules.
+	Items []DeviceTaintRule `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
diff --git a/vendor/k8s.io/api/resource/v1alpha3/types_swagger_doc_generated.go b/vendor/k8s.io/api/resource/v1alpha3/types_swagger_doc_generated.go
index b41609d118..291cce7eba 100644
--- a/vendor/k8s.io/api/resource/v1alpha3/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/resource/v1alpha3/types_swagger_doc_generated.go
@@ -32,7 +32,7 @@ var map_AllocatedDeviceStatus = map[string]string{
 	"driver":      "Driver specifies the name of the DRA driver whose kubelet plugin should be invoked to process the allocation once the claim is needed on a node.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver.",
 	"pool":        "This name together with the driver name and the device name field identify which device was allocated (`<driver name>/<pool name>/<device name>`).\n\nMust not be longer than 253 characters and may contain one or more DNS sub-domains separated by slashes.",
 	"device":      "Device references one device instance via its name in the driver's resource pool. It must be a DNS label.",
-	"conditions":  "Conditions contains the latest observation of the device's state. If the device has been configured according to the class and claim config references, the `Ready` condition should be True.",
+	"conditions":  "Conditions contains the latest observation of the device's state. If the device has been configured according to the class and claim config references, the `Ready` condition should be True.\n\nMust not contain more than 8 entries.",
 	"data":        "Data contains arbitrary driver-specific data.\n\nThe length of the raw data must be smaller or equal to 10 Ki.",
 	"networkData": "NetworkData contains network-related information specific to the device.",
 }
@@ -52,9 +52,14 @@ func (AllocationResult) SwaggerDoc() map[string]string {
 }
 
 var map_BasicDevice = map[string]string{
-	"":           "BasicDevice defines one device instance.",
-	"attributes": "Attributes defines the set of attributes for this device. The name of each attribute must be unique in that set.\n\nThe maximum number of attributes and capacities combined is 32.",
-	"capacity":   "Capacity defines the set of capacities for this device. The name of each capacity must be unique in that set.\n\nThe maximum number of attributes and capacities combined is 32.",
+	"":                 "BasicDevice defines one device instance.",
+	"attributes":       "Attributes defines the set of attributes for this device. The name of each attribute must be unique in that set.\n\nThe maximum number of attributes and capacities combined is 32.",
+	"capacity":         "Capacity defines the set of capacities for this device. The name of each capacity must be unique in that set.\n\nThe maximum number of attributes and capacities combined is 32.",
+	"consumesCounters": "ConsumesCounters defines a list of references to sharedCounters and the set of counters that the device will consume from those counter sets.\n\nThere can only be a single entry per counterSet.\n\nThe total number of device counter consumption entries must be <= 32. In addition, the total number in the entire ResourceSlice must be <= 1024 (for example, 64 devices with 16 counters each).",
+	"nodeName":         "NodeName identifies the node where the device is available.\n\nMust only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.",
+	"nodeSelector":     "NodeSelector defines the nodes where the device is available.\n\nMust only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.",
+	"allNodes":         "AllNodes indicates that all nodes have access to the device.\n\nMust only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.",
+	"taints":           "If specified, these are the driver-defined taints.\n\nThe maximum number of taints is 4.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
 }
 
 func (BasicDevice) SwaggerDoc() map[string]string {
@@ -70,6 +75,25 @@ func (CELDeviceSelector) SwaggerDoc() map[string]string {
 	return map_CELDeviceSelector
 }
 
+var map_Counter = map[string]string{
+	"":      "Counter describes a quantity associated with a device.",
+	"value": "Value defines how much of a certain device counter is available.",
+}
+
+func (Counter) SwaggerDoc() map[string]string {
+	return map_Counter
+}
+
+var map_CounterSet = map[string]string{
+	"":         "CounterSet defines a named set of counters that are available to be used by devices defined in the ResourceSlice.\n\nThe counters are not allocatable by themselves, but can be referenced by devices. When a device is allocated, the portion of counters it uses will no longer be available for use by other devices.",
+	"name":     "CounterSet is the name of the set from which the counters defined will be consumed.",
+	"counters": "Counters defines the counters that will be consumed by the device. The name of each counter must be unique in that set and must be a DNS label.\n\nTo ensure this uniqueness, capacities defined by the vendor must be listed without the driver name as domain prefix in their name. All others must be listed with their domain prefix.\n\nThe maximum number of counters is 32.",
+}
+
+func (CounterSet) SwaggerDoc() map[string]string {
+	return map_CounterSet
+}
+
 var map_Device = map[string]string{
 	"":      "Device represents one individual hardware instance that can be selected based on its attributes. Besides the name, exactly one field must be set.",
 	"name":  "Name is unique identifier among all devices managed by the driver in the pool. It must be a DNS label.",
@@ -83,7 +107,7 @@ func (Device) SwaggerDoc() map[string]string {
 var map_DeviceAllocationConfiguration = map[string]string{
 	"":         "DeviceAllocationConfiguration gets embedded in an AllocationResult.",
 	"source":   "Source records whether the configuration comes from a class and thus is not something that a normal user would have been able to set or from a claim.",
-	"requests": "Requests lists the names of requests where the configuration applies. If empty, its applies to all requests.",
+	"requests": "Requests lists the names of requests where the configuration applies. If empty, its applies to all requests.\n\nReferences to subrequests must include the name of the main request and may include the subrequest using the format <main request>[/<subrequest>]. If just the main request is given, the configuration applies to all subrequests.",
 }
 
 func (DeviceAllocationConfiguration) SwaggerDoc() map[string]string {
@@ -125,7 +149,7 @@ func (DeviceClaim) SwaggerDoc() map[string]string {
 
 var map_DeviceClaimConfiguration = map[string]string{
 	"":         "DeviceClaimConfiguration is used for configuration parameters in DeviceClaim.",
-	"requests": "Requests lists the names of requests where the configuration applies. If empty, it applies to all requests.",
+	"requests": "Requests lists the names of requests where the configuration applies. If empty, it applies to all requests.\n\nReferences to subrequests must include the name of the main request and may include the subrequest using the format <main request>[/<subrequest>]. If just the main request is given, the configuration applies to all subrequests.",
 }
 
 func (DeviceClaimConfiguration) SwaggerDoc() map[string]string {
@@ -181,7 +205,7 @@ func (DeviceConfiguration) SwaggerDoc() map[string]string {
 
 var map_DeviceConstraint = map[string]string{
 	"":               "DeviceConstraint must have exactly one field set besides Requests.",
-	"requests":       "Requests is a list of the one or more requests in this claim which must co-satisfy this constraint. If a request is fulfilled by multiple devices, then all of the devices must satisfy the constraint. If this is not specified, this constraint applies to all requests in this claim.",
+	"requests":       "Requests is a list of the one or more requests in this claim which must co-satisfy this constraint. If a request is fulfilled by multiple devices, then all of the devices must satisfy the constraint. If this is not specified, this constraint applies to all requests in this claim.\n\nReferences to subrequests must include the name of the main request and may include the subrequest using the format <main request>[/<subrequest>]. If just the main request is given, the constraint applies to all subrequests.",
 	"matchAttribute": "MatchAttribute requires that all devices in question have this attribute and that its type and value are the same across those devices.\n\nFor example, if you specified \"dra.example.com/numa\" (a hypothetical example!), then only devices in the same NUMA node will be chosen. A device which does not have that attribute will not be chosen. All devices should use a value of the same type for this attribute because that is part of its specification, but if one device doesn't, then it also will not be chosen.\n\nMust include the domain qualifier.",
 }
 
@@ -189,14 +213,26 @@ func (DeviceConstraint) SwaggerDoc() map[string]string {
 	return map_DeviceConstraint
 }
 
+var map_DeviceCounterConsumption = map[string]string{
+	"":           "DeviceCounterConsumption defines a set of counters that a device will consume from a CounterSet.",
+	"counterSet": "CounterSet defines the set from which the counters defined will be consumed.",
+	"counters":   "Counters defines the Counter that will be consumed by the device.\n\nThe maximum number counters in a device is 32. In addition, the maximum number of all counters in all devices is 1024 (for example, 64 devices with 16 counters each).",
+}
+
+func (DeviceCounterConsumption) SwaggerDoc() map[string]string {
+	return map_DeviceCounterConsumption
+}
+
 var map_DeviceRequest = map[string]string{
-	"":                "DeviceRequest is a request for devices required for a claim. This is typically a request for a single resource like a device, but can also ask for several identical devices.\n\nA DeviceClassName is currently required. Clients must check that it is indeed set. It's absence indicates that something changed in a way that is not supported by the client yet, in which case it must refuse to handle the request.",
+	"":                "DeviceRequest is a request for devices required for a claim. This is typically a request for a single resource like a device, but can also ask for several identical devices.",
 	"name":            "Name can be used to reference this request in a pod.spec.containers[].resources.claims entry and in a constraint of the claim.\n\nMust be a DNS label.",
-	"deviceClassName": "DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this request.\n\nA class is required. Which classes are available depends on the cluster.\n\nAdministrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.",
-	"selectors":       "Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this request. All selectors must be satisfied for a device to be considered.",
-	"allocationMode":  "AllocationMode and its related fields define how devices are allocated to satisfy this request. Supported values are:\n\n- ExactCount: This request is for a specific number of devices.\n  This is the default. The exact number is provided in the\n  count field.\n\n- All: This request is for all of the matching devices in a pool.\n  Allocation will fail if some devices are already allocated,\n  unless adminAccess is requested.\n\nIf AlloctionMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other requests must specify this field.\n\nMore modes may get added in the future. Clients must refuse to handle requests with unknown modes.",
-	"count":           "Count is used only when the count mode is \"ExactCount\". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.",
-	"adminAccess":     "AdminAccess indicates that this is a claim for administrative access to the device(s). Claims with AdminAccess are expected to be used for monitoring or other management services for a device.  They ignore all ordinary claims to the device with respect to access modes and any resource allocations.\n\nThis is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.",
+	"deviceClassName": "DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this request.\n\nA class is required if no subrequests are specified in the firstAvailable list and no class can be set if subrequests are specified in the firstAvailable list. Which classes are available depends on the cluster.\n\nAdministrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.",
+	"selectors":       "Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this request. All selectors must be satisfied for a device to be considered.\n\nThis field can only be set when deviceClassName is set and no subrequests are specified in the firstAvailable list.",
+	"allocationMode":  "AllocationMode and its related fields define how devices are allocated to satisfy this request. Supported values are:\n\n- ExactCount: This request is for a specific number of devices.\n  This is the default. The exact number is provided in the\n  count field.\n\n- All: This request is for all of the matching devices in a pool.\n  At least one device must exist on the node for the allocation to succeed.\n  Allocation will fail if some devices are already allocated,\n  unless adminAccess is requested.\n\nIf AllocationMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other requests must specify this field.\n\nThis field can only be set when deviceClassName is set and no subrequests are specified in the firstAvailable list.\n\nMore modes may get added in the future. Clients must refuse to handle requests with unknown modes.",
+	"count":           "Count is used only when the count mode is \"ExactCount\". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.\n\nThis field can only be set when deviceClassName is set and no subrequests are specified in the firstAvailable list.",
+	"adminAccess":     "AdminAccess indicates that this is a claim for administrative access to the device(s). Claims with AdminAccess are expected to be used for monitoring or other management services for a device.  They ignore all ordinary claims to the device with respect to access modes and any resource allocations.\n\nThis field can only be set when deviceClassName is set and no subrequests are specified in the firstAvailable list.\n\nThis is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.",
+	"firstAvailable":  "FirstAvailable contains subrequests, of which exactly one will be satisfied by the scheduler to satisfy this request. It tries to satisfy them in the order in which they are listed here. So if there are two entries in the list, the scheduler will only check the second one if it determines that the first one cannot be used.\n\nThis field may only be set in the entries of DeviceClaim.Requests.\n\nDRA does not yet implement scoring, so the scheduler will select the first set of devices that satisfies all the requests in the claim. And if the requirements can be satisfied on more than one node, other scheduling features will determine which node is chosen. This means that the set of devices allocated to a claim might not be the optimal set available to the cluster. Scoring will be implemented later.",
+	"tolerations":     "If specified, the request's tolerations.\n\nTolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute.\n\nIn addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated.\n\nThe maximum number of tolerations is 16.\n\nThis field can only be set when deviceClassName is set and no subrequests are specified in the firstAvailable list.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
 }
 
 func (DeviceRequest) SwaggerDoc() map[string]string {
@@ -205,11 +241,12 @@ func (DeviceRequest) SwaggerDoc() map[string]string {
 
 var map_DeviceRequestAllocationResult = map[string]string{
 	"":            "DeviceRequestAllocationResult contains the allocation result for one request.",
-	"request":     "Request is the name of the request in the claim which caused this device to be allocated. Multiple devices may have been allocated per request.",
+	"request":     "Request is the name of the request in the claim which caused this device to be allocated. If it references a subrequest in the firstAvailable list on a DeviceRequest, this field must include both the name of the main request and the subrequest using the format <main request>/<subrequest>.\n\nMultiple devices may have been allocated per request.",
 	"driver":      "Driver specifies the name of the DRA driver whose kubelet plugin should be invoked to process the allocation once the claim is needed on a node.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver.",
 	"pool":        "This name together with the driver name and the device name field identify which device was allocated (`<driver name>/<pool name>/<device name>`).\n\nMust not be longer than 253 characters and may contain one or more DNS sub-domains separated by slashes.",
 	"device":      "Device references one device instance via its name in the driver's resource pool. It must be a DNS label.",
 	"adminAccess": "AdminAccess indicates that this device was allocated for administrative access. See the corresponding request field for a definition of mode.\n\nThis is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.",
+	"tolerations": "A copy of all tolerations specified in the request at the time when the device got allocated.\n\nThe maximum number of tolerations is 16.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
 }
 
 func (DeviceRequestAllocationResult) SwaggerDoc() map[string]string {
@@ -225,10 +262,92 @@ func (DeviceSelector) SwaggerDoc() map[string]string {
 	return map_DeviceSelector
 }
 
+var map_DeviceSubRequest = map[string]string{
+	"":                "DeviceSubRequest describes a request for device provided in the claim.spec.devices.requests[].firstAvailable array. Each is typically a request for a single resource like a device, but can also ask for several identical devices.\n\nDeviceSubRequest is similar to Request, but doesn't expose the AdminAccess or FirstAvailable fields, as those can only be set on the top-level request. AdminAccess is not supported for requests with a prioritized list, and recursive FirstAvailable fields are not supported.",
+	"name":            "Name can be used to reference this subrequest in the list of constraints or the list of configurations for the claim. References must use the format <main request>/<subrequest>.\n\nMust be a DNS label.",
+	"deviceClassName": "DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this subrequest.\n\nA class is required. Which classes are available depends on the cluster.\n\nAdministrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.",
+	"selectors":       "Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this request. All selectors must be satisfied for a device to be considered.",
+	"allocationMode":  "AllocationMode and its related fields define how devices are allocated to satisfy this request. Supported values are:\n\n- ExactCount: This request is for a specific number of devices.\n  This is the default. The exact number is provided in the\n  count field.\n\n- All: This request is for all of the matching devices in a pool.\n  Allocation will fail if some devices are already allocated,\n  unless adminAccess is requested.\n\nIf AllocationMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other requests must specify this field.\n\nMore modes may get added in the future. Clients must refuse to handle requests with unknown modes.",
+	"count":           "Count is used only when the count mode is \"ExactCount\". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.",
+	"tolerations":     "If specified, the request's tolerations.\n\nTolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute.\n\nIn addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated.\n\nThe maximum number of tolerations is 16.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
+}
+
+func (DeviceSubRequest) SwaggerDoc() map[string]string {
+	return map_DeviceSubRequest
+}
+
+var map_DeviceTaint = map[string]string{
+	"":          "The device this taint is attached to has the \"effect\" on any claim which does not tolerate the taint and, through the claim, to pods using the claim.",
+	"key":       "The taint key to be applied to a device. Must be a label name.",
+	"value":     "The taint value corresponding to the taint key. Must be a label value.",
+	"effect":    "The effect of the taint on claims that do not tolerate the taint and through such claims on the pods using them. Valid effects are NoSchedule and NoExecute. PreferNoSchedule as used for nodes is not valid here.",
+	"timeAdded": "TimeAdded represents the time at which the taint was added. Added automatically during create or update if not set.",
+}
+
+func (DeviceTaint) SwaggerDoc() map[string]string {
+	return map_DeviceTaint
+}
+
+var map_DeviceTaintRule = map[string]string{
+	"":         "DeviceTaintRule adds one taint to all devices which match the selector. This has the same effect as if the taint was specified directly in the ResourceSlice by the DRA driver.",
+	"metadata": "Standard object metadata",
+	"spec":     "Spec specifies the selector and one taint.\n\nChanging the spec automatically increments the metadata.generation number.",
+}
+
+func (DeviceTaintRule) SwaggerDoc() map[string]string {
+	return map_DeviceTaintRule
+}
+
+var map_DeviceTaintRuleList = map[string]string{
+	"":         "DeviceTaintRuleList is a collection of DeviceTaintRules.",
+	"metadata": "Standard list metadata",
+	"items":    "Items is the list of DeviceTaintRules.",
+}
+
+func (DeviceTaintRuleList) SwaggerDoc() map[string]string {
+	return map_DeviceTaintRuleList
+}
+
+var map_DeviceTaintRuleSpec = map[string]string{
+	"":               "DeviceTaintRuleSpec specifies the selector and one taint.",
+	"deviceSelector": "DeviceSelector defines which device(s) the taint is applied to. All selector criteria must be satified for a device to match. The empty selector matches all devices. Without a selector, no devices are matches.",
+	"taint":          "The taint that gets applied to matching devices.",
+}
+
+func (DeviceTaintRuleSpec) SwaggerDoc() map[string]string {
+	return map_DeviceTaintRuleSpec
+}
+
+var map_DeviceTaintSelector = map[string]string{
+	"":                "DeviceTaintSelector defines which device(s) a DeviceTaintRule applies to. The empty selector matches all devices. Without a selector, no devices are matched.",
+	"deviceClassName": "If DeviceClassName is set, the selectors defined there must be satisfied by a device to be selected. This field corresponds to class.metadata.name.",
+	"driver":          "If driver is set, only devices from that driver are selected. This fields corresponds to slice.spec.driver.",
+	"pool":            "If pool is set, only devices in that pool are selected.\n\nAlso setting the driver name may be useful to avoid ambiguity when different drivers use the same pool name, but this is not required because selecting pools from different drivers may also be useful, for example when drivers with node-local devices use the node name as their pool name.",
+	"device":          "If device is set, only devices with that name are selected. This field corresponds to slice.spec.devices[].name.\n\nSetting also driver and pool may be required to avoid ambiguity, but is not required.",
+	"selectors":       "Selectors contains the same selection criteria as a ResourceClaim. Currently, CEL expressions are supported. All of these selectors must be satisfied.",
+}
+
+func (DeviceTaintSelector) SwaggerDoc() map[string]string {
+	return map_DeviceTaintSelector
+}
+
+var map_DeviceToleration = map[string]string{
+	"":                  "The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.",
+	"key":               "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. Must be a label name.",
+	"operator":          "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a ResourceClaim can tolerate all taints of a particular category.",
+	"value":             "Value is the taint value the toleration matches to. If the operator is Exists, the value must be empty, otherwise just a regular string. Must be a label value.",
+	"effect":            "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule and NoExecute.",
+	"tolerationSeconds": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. If larger than zero, the time when the pod needs to be evicted is calculated as <time when taint was adedd> + <toleration seconds>.",
+}
+
+func (DeviceToleration) SwaggerDoc() map[string]string {
+	return map_DeviceToleration
+}
+
 var map_NetworkDeviceData = map[string]string{
 	"":                "NetworkDeviceData provides network-related details for the allocated device. This information may be filled by drivers or other components to configure or identify the device within a network context.",
 	"interfaceName":   "InterfaceName specifies the name of the network interface associated with the allocated device. This might be the name of a physical or virtual network interface being configured in the pod.\n\nMust not be longer than 256 characters.",
-	"ips":             "IPs lists the network addresses assigned to the device's network interface. This can include both IPv4 and IPv6 addresses. The IPs are in the CIDR notation, which includes both the address and the associated subnet mask. e.g.: \"192.0.2.5/24\" for IPv4 and \"2001:db8::5/64\" for IPv6.",
+	"ips":             "IPs lists the network addresses assigned to the device's network interface. This can include both IPv4 and IPv6 addresses. The IPs are in the CIDR notation, which includes both the address and the associated subnet mask. e.g.: \"192.0.2.5/24\" for IPv4 and \"2001:db8::5/64\" for IPv6.\n\nMust not contain more than 16 entries.",
 	"hardwareAddress": "HardwareAddress represents the hardware address (e.g. MAC Address) of the device's network interface.\n\nMust not be longer than 128 characters.",
 }
 
@@ -361,13 +480,15 @@ func (ResourceSliceList) SwaggerDoc() map[string]string {
 }
 
 var map_ResourceSliceSpec = map[string]string{
-	"":             "ResourceSliceSpec contains the information published by the driver in one ResourceSlice.",
-	"driver":       "Driver identifies the DRA driver providing the capacity information. A field selector can be used to list only ResourceSlice objects with a certain driver name.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. This field is immutable.",
-	"pool":         "Pool describes the pool that this ResourceSlice belongs to.",
-	"nodeName":     "NodeName identifies the node which provides the resources in this pool. A field selector can be used to list only ResourceSlice objects belonging to a certain node.\n\nThis field can be used to limit access from nodes to ResourceSlices with the same node name. It also indicates to autoscalers that adding new nodes of the same type as some old node might also make new resources available.\n\nExactly one of NodeName, NodeSelector and AllNodes must be set. This field is immutable.",
-	"nodeSelector": "NodeSelector defines which nodes have access to the resources in the pool, when that pool is not limited to a single node.\n\nMust use exactly one term.\n\nExactly one of NodeName, NodeSelector and AllNodes must be set.",
-	"allNodes":     "AllNodes indicates that all nodes have access to the resources in the pool.\n\nExactly one of NodeName, NodeSelector and AllNodes must be set.",
-	"devices":      "Devices lists some or all of the devices in this pool.\n\nMust not have more than 128 entries.",
+	"":                       "ResourceSliceSpec contains the information published by the driver in one ResourceSlice.",
+	"driver":                 "Driver identifies the DRA driver providing the capacity information. A field selector can be used to list only ResourceSlice objects with a certain driver name.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. This field is immutable.",
+	"pool":                   "Pool describes the pool that this ResourceSlice belongs to.",
+	"nodeName":               "NodeName identifies the node which provides the resources in this pool. A field selector can be used to list only ResourceSlice objects belonging to a certain node.\n\nThis field can be used to limit access from nodes to ResourceSlices with the same node name. It also indicates to autoscalers that adding new nodes of the same type as some old node might also make new resources available.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set. This field is immutable.",
+	"nodeSelector":           "NodeSelector defines which nodes have access to the resources in the pool, when that pool is not limited to a single node.\n\nMust use exactly one term.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.",
+	"allNodes":               "AllNodes indicates that all nodes have access to the resources in the pool.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.",
+	"devices":                "Devices lists some or all of the devices in this pool.\n\nMust not have more than 128 entries.",
+	"perDeviceNodeSelection": "PerDeviceNodeSelection defines whether the access from nodes to resources in the pool is set on the ResourceSlice level or on each device. If it is set to true, every device defined the ResourceSlice must specify this individually.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.",
+	"sharedCounters":         "SharedCounters defines a list of counter sets, each of which has a name and a list of counters available.\n\nThe names of the SharedCounters must be unique in the ResourceSlice.\n\nThe maximum number of SharedCounters is 32.",
 }
 
 func (ResourceSliceSpec) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/resource/v1alpha3/zz_generated.deepcopy.go b/vendor/k8s.io/api/resource/v1alpha3/zz_generated.deepcopy.go
index 07ba47b59b..429cf6aba6 100644
--- a/vendor/k8s.io/api/resource/v1alpha3/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/resource/v1alpha3/zz_generated.deepcopy.go
@@ -38,7 +38,11 @@ func (in *AllocatedDeviceStatus) DeepCopyInto(out *AllocatedDeviceStatus) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
-	in.Data.DeepCopyInto(&out.Data)
+	if in.Data != nil {
+		in, out := &in.Data, &out.Data
+		*out = new(runtime.RawExtension)
+		(*in).DeepCopyInto(*out)
+	}
 	if in.NetworkData != nil {
 		in, out := &in.NetworkData, &out.NetworkData
 		*out = new(NetworkDeviceData)
@@ -96,6 +100,35 @@ func (in *BasicDevice) DeepCopyInto(out *BasicDevice) {
 			(*out)[key] = val.DeepCopy()
 		}
 	}
+	if in.ConsumesCounters != nil {
+		in, out := &in.ConsumesCounters, &out.ConsumesCounters
+		*out = make([]DeviceCounterConsumption, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.NodeName != nil {
+		in, out := &in.NodeName, &out.NodeName
+		*out = new(string)
+		**out = **in
+	}
+	if in.NodeSelector != nil {
+		in, out := &in.NodeSelector, &out.NodeSelector
+		*out = new(corev1.NodeSelector)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.AllNodes != nil {
+		in, out := &in.AllNodes, &out.AllNodes
+		*out = new(bool)
+		**out = **in
+	}
+	if in.Taints != nil {
+		in, out := &in.Taints, &out.Taints
+		*out = make([]DeviceTaint, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 	return
 }
 
@@ -125,6 +158,46 @@ func (in *CELDeviceSelector) DeepCopy() *CELDeviceSelector {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Counter) DeepCopyInto(out *Counter) {
+	*out = *in
+	out.Value = in.Value.DeepCopy()
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Counter.
+func (in *Counter) DeepCopy() *Counter {
+	if in == nil {
+		return nil
+	}
+	out := new(Counter)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CounterSet) DeepCopyInto(out *CounterSet) {
+	*out = *in
+	if in.Counters != nil {
+		in, out := &in.Counters, &out.Counters
+		*out = make(map[string]Counter, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CounterSet.
+func (in *CounterSet) DeepCopy() *CounterSet {
+	if in == nil {
+		return nil
+	}
+	out := new(CounterSet)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Device) DeepCopyInto(out *Device) {
 	*out = *in
@@ -447,6 +520,29 @@ func (in *DeviceConstraint) DeepCopy() *DeviceConstraint {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceCounterConsumption) DeepCopyInto(out *DeviceCounterConsumption) {
+	*out = *in
+	if in.Counters != nil {
+		in, out := &in.Counters, &out.Counters
+		*out = make(map[string]Counter, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceCounterConsumption.
+func (in *DeviceCounterConsumption) DeepCopy() *DeviceCounterConsumption {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceCounterConsumption)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DeviceRequest) DeepCopyInto(out *DeviceRequest) {
 	*out = *in
@@ -462,6 +558,20 @@ func (in *DeviceRequest) DeepCopyInto(out *DeviceRequest) {
 		*out = new(bool)
 		**out = **in
 	}
+	if in.FirstAvailable != nil {
+		in, out := &in.FirstAvailable, &out.FirstAvailable
+		*out = make([]DeviceSubRequest, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.Tolerations != nil {
+		in, out := &in.Tolerations, &out.Tolerations
+		*out = make([]DeviceToleration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 	return
 }
 
@@ -483,6 +593,13 @@ func (in *DeviceRequestAllocationResult) DeepCopyInto(out *DeviceRequestAllocati
 		*out = new(bool)
 		**out = **in
 	}
+	if in.Tolerations != nil {
+		in, out := &in.Tolerations, &out.Tolerations
+		*out = make([]DeviceToleration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 	return
 }
 
@@ -517,6 +634,202 @@ func (in *DeviceSelector) DeepCopy() *DeviceSelector {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceSubRequest) DeepCopyInto(out *DeviceSubRequest) {
+	*out = *in
+	if in.Selectors != nil {
+		in, out := &in.Selectors, &out.Selectors
+		*out = make([]DeviceSelector, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.Tolerations != nil {
+		in, out := &in.Tolerations, &out.Tolerations
+		*out = make([]DeviceToleration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSubRequest.
+func (in *DeviceSubRequest) DeepCopy() *DeviceSubRequest {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceSubRequest)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceTaint) DeepCopyInto(out *DeviceTaint) {
+	*out = *in
+	if in.TimeAdded != nil {
+		in, out := &in.TimeAdded, &out.TimeAdded
+		*out = (*in).DeepCopy()
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceTaint.
+func (in *DeviceTaint) DeepCopy() *DeviceTaint {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceTaint)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceTaintRule) DeepCopyInto(out *DeviceTaintRule) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceTaintRule.
+func (in *DeviceTaintRule) DeepCopy() *DeviceTaintRule {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceTaintRule)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DeviceTaintRule) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceTaintRuleList) DeepCopyInto(out *DeviceTaintRuleList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]DeviceTaintRule, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceTaintRuleList.
+func (in *DeviceTaintRuleList) DeepCopy() *DeviceTaintRuleList {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceTaintRuleList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DeviceTaintRuleList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceTaintRuleSpec) DeepCopyInto(out *DeviceTaintRuleSpec) {
+	*out = *in
+	if in.DeviceSelector != nil {
+		in, out := &in.DeviceSelector, &out.DeviceSelector
+		*out = new(DeviceTaintSelector)
+		(*in).DeepCopyInto(*out)
+	}
+	in.Taint.DeepCopyInto(&out.Taint)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceTaintRuleSpec.
+func (in *DeviceTaintRuleSpec) DeepCopy() *DeviceTaintRuleSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceTaintRuleSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceTaintSelector) DeepCopyInto(out *DeviceTaintSelector) {
+	*out = *in
+	if in.DeviceClassName != nil {
+		in, out := &in.DeviceClassName, &out.DeviceClassName
+		*out = new(string)
+		**out = **in
+	}
+	if in.Driver != nil {
+		in, out := &in.Driver, &out.Driver
+		*out = new(string)
+		**out = **in
+	}
+	if in.Pool != nil {
+		in, out := &in.Pool, &out.Pool
+		*out = new(string)
+		**out = **in
+	}
+	if in.Device != nil {
+		in, out := &in.Device, &out.Device
+		*out = new(string)
+		**out = **in
+	}
+	if in.Selectors != nil {
+		in, out := &in.Selectors, &out.Selectors
+		*out = make([]DeviceSelector, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceTaintSelector.
+func (in *DeviceTaintSelector) DeepCopy() *DeviceTaintSelector {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceTaintSelector)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceToleration) DeepCopyInto(out *DeviceToleration) {
+	*out = *in
+	if in.TolerationSeconds != nil {
+		in, out := &in.TolerationSeconds, &out.TolerationSeconds
+		*out = new(int64)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceToleration.
+func (in *DeviceToleration) DeepCopy() *DeviceToleration {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceToleration)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *NetworkDeviceData) DeepCopyInto(out *NetworkDeviceData) {
 	*out = *in
@@ -852,6 +1165,18 @@ func (in *ResourceSliceSpec) DeepCopyInto(out *ResourceSliceSpec) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.PerDeviceNodeSelection != nil {
+		in, out := &in.PerDeviceNodeSelection, &out.PerDeviceNodeSelection
+		*out = new(bool)
+		**out = **in
+	}
+	if in.SharedCounters != nil {
+		in, out := &in.SharedCounters, &out.SharedCounters
+		*out = make([]CounterSet, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 	return
 }
 
diff --git a/vendor/k8s.io/api/resource/v1alpha3/zz_generated.prerelease-lifecycle.go b/vendor/k8s.io/api/resource/v1alpha3/zz_generated.prerelease-lifecycle.go
index 9f57ab6704..4916aefa6a 100644
--- a/vendor/k8s.io/api/resource/v1alpha3/zz_generated.prerelease-lifecycle.go
+++ b/vendor/k8s.io/api/resource/v1alpha3/zz_generated.prerelease-lifecycle.go
@@ -73,6 +73,42 @@ func (in *DeviceClassList) APILifecycleRemoved() (major, minor int) {
 	return 1, 37
 }
 
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *DeviceTaintRule) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *DeviceTaintRule) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *DeviceTaintRule) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *DeviceTaintRuleList) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *DeviceTaintRuleList) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *DeviceTaintRuleList) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
 // APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
 // It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
 func (in *ResourceClaim) APILifecycleIntroduced() (major, minor int) {
diff --git a/vendor/k8s.io/api/resource/v1beta1/devicetaint.go b/vendor/k8s.io/api/resource/v1beta1/devicetaint.go
new file mode 100644
index 0000000000..a2587eae92
--- /dev/null
+++ b/vendor/k8s.io/api/resource/v1beta1/devicetaint.go
@@ -0,0 +1,35 @@
+/*
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import "fmt"
+
+var _ fmt.Stringer = DeviceTaint{}
+
+// String converts to a string in the format '<key>=<value>:<effect>', '<key>=<value>:', '<key>:<effect>', or '<key>'.
+func (t DeviceTaint) String() string {
+	if len(t.Effect) == 0 {
+		if len(t.Value) == 0 {
+			return fmt.Sprintf("%v", t.Key)
+		}
+		return fmt.Sprintf("%v=%v:", t.Key, t.Value)
+	}
+	if len(t.Value) == 0 {
+		return fmt.Sprintf("%v:%v", t.Key, t.Effect)
+	}
+	return fmt.Sprintf("%v=%v:%v", t.Key, t.Value, t.Effect)
+}
diff --git a/vendor/k8s.io/api/resource/v1beta1/doc.go b/vendor/k8s.io/api/resource/v1beta1/doc.go
index 88c35c6ca7..1e08b69a17 100644
--- a/vendor/k8s.io/api/resource/v1beta1/doc.go
+++ b/vendor/k8s.io/api/resource/v1beta1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 // +groupName=resource.k8s.io
 
 // Package v1beta1 is the v1beta1 version of the resource API.
-package v1beta1 // import "k8s.io/api/resource/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/resource/v1beta1/generated.pb.go b/vendor/k8s.io/api/resource/v1beta1/generated.pb.go
index df4e68f306..ee7b59646c 100644
--- a/vendor/k8s.io/api/resource/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/api/resource/v1beta1/generated.pb.go
@@ -28,6 +28,7 @@ import (
 	github_com_gogo_protobuf_sortkeys "github.com/gogo/protobuf/sortkeys"
 	v11 "k8s.io/api/core/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
 
 	math "math"
 	math_bits "math/bits"
@@ -160,10 +161,66 @@ func (m *CELDeviceSelector) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_CELDeviceSelector proto.InternalMessageInfo
 
+func (m *Counter) Reset()      { *m = Counter{} }
+func (*Counter) ProtoMessage() {}
+func (*Counter) Descriptor() ([]byte, []int) {
+	return fileDescriptor_ba331e3ec6484c27, []int{4}
+}
+func (m *Counter) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *Counter) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *Counter) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_Counter.Merge(m, src)
+}
+func (m *Counter) XXX_Size() int {
+	return m.Size()
+}
+func (m *Counter) XXX_DiscardUnknown() {
+	xxx_messageInfo_Counter.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_Counter proto.InternalMessageInfo
+
+func (m *CounterSet) Reset()      { *m = CounterSet{} }
+func (*CounterSet) ProtoMessage() {}
+func (*CounterSet) Descriptor() ([]byte, []int) {
+	return fileDescriptor_ba331e3ec6484c27, []int{5}
+}
+func (m *CounterSet) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *CounterSet) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *CounterSet) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_CounterSet.Merge(m, src)
+}
+func (m *CounterSet) XXX_Size() int {
+	return m.Size()
+}
+func (m *CounterSet) XXX_DiscardUnknown() {
+	xxx_messageInfo_CounterSet.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_CounterSet proto.InternalMessageInfo
+
 func (m *Device) Reset()      { *m = Device{} }
 func (*Device) ProtoMessage() {}
 func (*Device) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{4}
+	return fileDescriptor_ba331e3ec6484c27, []int{6}
 }
 func (m *Device) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -191,7 +248,7 @@ var xxx_messageInfo_Device proto.InternalMessageInfo
 func (m *DeviceAllocationConfiguration) Reset()      { *m = DeviceAllocationConfiguration{} }
 func (*DeviceAllocationConfiguration) ProtoMessage() {}
 func (*DeviceAllocationConfiguration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{5}
+	return fileDescriptor_ba331e3ec6484c27, []int{7}
 }
 func (m *DeviceAllocationConfiguration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -219,7 +276,7 @@ var xxx_messageInfo_DeviceAllocationConfiguration proto.InternalMessageInfo
 func (m *DeviceAllocationResult) Reset()      { *m = DeviceAllocationResult{} }
 func (*DeviceAllocationResult) ProtoMessage() {}
 func (*DeviceAllocationResult) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{6}
+	return fileDescriptor_ba331e3ec6484c27, []int{8}
 }
 func (m *DeviceAllocationResult) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -247,7 +304,7 @@ var xxx_messageInfo_DeviceAllocationResult proto.InternalMessageInfo
 func (m *DeviceAttribute) Reset()      { *m = DeviceAttribute{} }
 func (*DeviceAttribute) ProtoMessage() {}
 func (*DeviceAttribute) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{7}
+	return fileDescriptor_ba331e3ec6484c27, []int{9}
 }
 func (m *DeviceAttribute) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -275,7 +332,7 @@ var xxx_messageInfo_DeviceAttribute proto.InternalMessageInfo
 func (m *DeviceCapacity) Reset()      { *m = DeviceCapacity{} }
 func (*DeviceCapacity) ProtoMessage() {}
 func (*DeviceCapacity) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{8}
+	return fileDescriptor_ba331e3ec6484c27, []int{10}
 }
 func (m *DeviceCapacity) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -303,7 +360,7 @@ var xxx_messageInfo_DeviceCapacity proto.InternalMessageInfo
 func (m *DeviceClaim) Reset()      { *m = DeviceClaim{} }
 func (*DeviceClaim) ProtoMessage() {}
 func (*DeviceClaim) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{9}
+	return fileDescriptor_ba331e3ec6484c27, []int{11}
 }
 func (m *DeviceClaim) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -331,7 +388,7 @@ var xxx_messageInfo_DeviceClaim proto.InternalMessageInfo
 func (m *DeviceClaimConfiguration) Reset()      { *m = DeviceClaimConfiguration{} }
 func (*DeviceClaimConfiguration) ProtoMessage() {}
 func (*DeviceClaimConfiguration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{10}
+	return fileDescriptor_ba331e3ec6484c27, []int{12}
 }
 func (m *DeviceClaimConfiguration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -359,7 +416,7 @@ var xxx_messageInfo_DeviceClaimConfiguration proto.InternalMessageInfo
 func (m *DeviceClass) Reset()      { *m = DeviceClass{} }
 func (*DeviceClass) ProtoMessage() {}
 func (*DeviceClass) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{11}
+	return fileDescriptor_ba331e3ec6484c27, []int{13}
 }
 func (m *DeviceClass) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -387,7 +444,7 @@ var xxx_messageInfo_DeviceClass proto.InternalMessageInfo
 func (m *DeviceClassConfiguration) Reset()      { *m = DeviceClassConfiguration{} }
 func (*DeviceClassConfiguration) ProtoMessage() {}
 func (*DeviceClassConfiguration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{12}
+	return fileDescriptor_ba331e3ec6484c27, []int{14}
 }
 func (m *DeviceClassConfiguration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -415,7 +472,7 @@ var xxx_messageInfo_DeviceClassConfiguration proto.InternalMessageInfo
 func (m *DeviceClassList) Reset()      { *m = DeviceClassList{} }
 func (*DeviceClassList) ProtoMessage() {}
 func (*DeviceClassList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{13}
+	return fileDescriptor_ba331e3ec6484c27, []int{15}
 }
 func (m *DeviceClassList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -443,7 +500,7 @@ var xxx_messageInfo_DeviceClassList proto.InternalMessageInfo
 func (m *DeviceClassSpec) Reset()      { *m = DeviceClassSpec{} }
 func (*DeviceClassSpec) ProtoMessage() {}
 func (*DeviceClassSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{14}
+	return fileDescriptor_ba331e3ec6484c27, []int{16}
 }
 func (m *DeviceClassSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -471,7 +528,7 @@ var xxx_messageInfo_DeviceClassSpec proto.InternalMessageInfo
 func (m *DeviceConfiguration) Reset()      { *m = DeviceConfiguration{} }
 func (*DeviceConfiguration) ProtoMessage() {}
 func (*DeviceConfiguration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{15}
+	return fileDescriptor_ba331e3ec6484c27, []int{17}
 }
 func (m *DeviceConfiguration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -499,7 +556,7 @@ var xxx_messageInfo_DeviceConfiguration proto.InternalMessageInfo
 func (m *DeviceConstraint) Reset()      { *m = DeviceConstraint{} }
 func (*DeviceConstraint) ProtoMessage() {}
 func (*DeviceConstraint) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{16}
+	return fileDescriptor_ba331e3ec6484c27, []int{18}
 }
 func (m *DeviceConstraint) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -524,10 +581,38 @@ func (m *DeviceConstraint) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_DeviceConstraint proto.InternalMessageInfo
 
+func (m *DeviceCounterConsumption) Reset()      { *m = DeviceCounterConsumption{} }
+func (*DeviceCounterConsumption) ProtoMessage() {}
+func (*DeviceCounterConsumption) Descriptor() ([]byte, []int) {
+	return fileDescriptor_ba331e3ec6484c27, []int{19}
+}
+func (m *DeviceCounterConsumption) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceCounterConsumption) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceCounterConsumption) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceCounterConsumption.Merge(m, src)
+}
+func (m *DeviceCounterConsumption) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceCounterConsumption) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceCounterConsumption.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceCounterConsumption proto.InternalMessageInfo
+
 func (m *DeviceRequest) Reset()      { *m = DeviceRequest{} }
 func (*DeviceRequest) ProtoMessage() {}
 func (*DeviceRequest) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{17}
+	return fileDescriptor_ba331e3ec6484c27, []int{20}
 }
 func (m *DeviceRequest) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -555,7 +640,7 @@ var xxx_messageInfo_DeviceRequest proto.InternalMessageInfo
 func (m *DeviceRequestAllocationResult) Reset()      { *m = DeviceRequestAllocationResult{} }
 func (*DeviceRequestAllocationResult) ProtoMessage() {}
 func (*DeviceRequestAllocationResult) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{18}
+	return fileDescriptor_ba331e3ec6484c27, []int{21}
 }
 func (m *DeviceRequestAllocationResult) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -583,7 +668,7 @@ var xxx_messageInfo_DeviceRequestAllocationResult proto.InternalMessageInfo
 func (m *DeviceSelector) Reset()      { *m = DeviceSelector{} }
 func (*DeviceSelector) ProtoMessage() {}
 func (*DeviceSelector) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{19}
+	return fileDescriptor_ba331e3ec6484c27, []int{22}
 }
 func (m *DeviceSelector) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -608,10 +693,94 @@ func (m *DeviceSelector) XXX_DiscardUnknown() {
 
 var xxx_messageInfo_DeviceSelector proto.InternalMessageInfo
 
+func (m *DeviceSubRequest) Reset()      { *m = DeviceSubRequest{} }
+func (*DeviceSubRequest) ProtoMessage() {}
+func (*DeviceSubRequest) Descriptor() ([]byte, []int) {
+	return fileDescriptor_ba331e3ec6484c27, []int{23}
+}
+func (m *DeviceSubRequest) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceSubRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceSubRequest) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceSubRequest.Merge(m, src)
+}
+func (m *DeviceSubRequest) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceSubRequest) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceSubRequest.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceSubRequest proto.InternalMessageInfo
+
+func (m *DeviceTaint) Reset()      { *m = DeviceTaint{} }
+func (*DeviceTaint) ProtoMessage() {}
+func (*DeviceTaint) Descriptor() ([]byte, []int) {
+	return fileDescriptor_ba331e3ec6484c27, []int{24}
+}
+func (m *DeviceTaint) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceTaint) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceTaint) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceTaint.Merge(m, src)
+}
+func (m *DeviceTaint) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceTaint) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceTaint.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceTaint proto.InternalMessageInfo
+
+func (m *DeviceToleration) Reset()      { *m = DeviceToleration{} }
+func (*DeviceToleration) ProtoMessage() {}
+func (*DeviceToleration) Descriptor() ([]byte, []int) {
+	return fileDescriptor_ba331e3ec6484c27, []int{25}
+}
+func (m *DeviceToleration) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceToleration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceToleration) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceToleration.Merge(m, src)
+}
+func (m *DeviceToleration) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceToleration) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceToleration.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceToleration proto.InternalMessageInfo
+
 func (m *NetworkDeviceData) Reset()      { *m = NetworkDeviceData{} }
 func (*NetworkDeviceData) ProtoMessage() {}
 func (*NetworkDeviceData) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{20}
+	return fileDescriptor_ba331e3ec6484c27, []int{26}
 }
 func (m *NetworkDeviceData) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -639,7 +808,7 @@ var xxx_messageInfo_NetworkDeviceData proto.InternalMessageInfo
 func (m *OpaqueDeviceConfiguration) Reset()      { *m = OpaqueDeviceConfiguration{} }
 func (*OpaqueDeviceConfiguration) ProtoMessage() {}
 func (*OpaqueDeviceConfiguration) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{21}
+	return fileDescriptor_ba331e3ec6484c27, []int{27}
 }
 func (m *OpaqueDeviceConfiguration) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -667,7 +836,7 @@ var xxx_messageInfo_OpaqueDeviceConfiguration proto.InternalMessageInfo
 func (m *ResourceClaim) Reset()      { *m = ResourceClaim{} }
 func (*ResourceClaim) ProtoMessage() {}
 func (*ResourceClaim) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{22}
+	return fileDescriptor_ba331e3ec6484c27, []int{28}
 }
 func (m *ResourceClaim) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -695,7 +864,7 @@ var xxx_messageInfo_ResourceClaim proto.InternalMessageInfo
 func (m *ResourceClaimConsumerReference) Reset()      { *m = ResourceClaimConsumerReference{} }
 func (*ResourceClaimConsumerReference) ProtoMessage() {}
 func (*ResourceClaimConsumerReference) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{23}
+	return fileDescriptor_ba331e3ec6484c27, []int{29}
 }
 func (m *ResourceClaimConsumerReference) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -723,7 +892,7 @@ var xxx_messageInfo_ResourceClaimConsumerReference proto.InternalMessageInfo
 func (m *ResourceClaimList) Reset()      { *m = ResourceClaimList{} }
 func (*ResourceClaimList) ProtoMessage() {}
 func (*ResourceClaimList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{24}
+	return fileDescriptor_ba331e3ec6484c27, []int{30}
 }
 func (m *ResourceClaimList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -751,7 +920,7 @@ var xxx_messageInfo_ResourceClaimList proto.InternalMessageInfo
 func (m *ResourceClaimSpec) Reset()      { *m = ResourceClaimSpec{} }
 func (*ResourceClaimSpec) ProtoMessage() {}
 func (*ResourceClaimSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{25}
+	return fileDescriptor_ba331e3ec6484c27, []int{31}
 }
 func (m *ResourceClaimSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -779,7 +948,7 @@ var xxx_messageInfo_ResourceClaimSpec proto.InternalMessageInfo
 func (m *ResourceClaimStatus) Reset()      { *m = ResourceClaimStatus{} }
 func (*ResourceClaimStatus) ProtoMessage() {}
 func (*ResourceClaimStatus) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{26}
+	return fileDescriptor_ba331e3ec6484c27, []int{32}
 }
 func (m *ResourceClaimStatus) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -807,7 +976,7 @@ var xxx_messageInfo_ResourceClaimStatus proto.InternalMessageInfo
 func (m *ResourceClaimTemplate) Reset()      { *m = ResourceClaimTemplate{} }
 func (*ResourceClaimTemplate) ProtoMessage() {}
 func (*ResourceClaimTemplate) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{27}
+	return fileDescriptor_ba331e3ec6484c27, []int{33}
 }
 func (m *ResourceClaimTemplate) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -835,7 +1004,7 @@ var xxx_messageInfo_ResourceClaimTemplate proto.InternalMessageInfo
 func (m *ResourceClaimTemplateList) Reset()      { *m = ResourceClaimTemplateList{} }
 func (*ResourceClaimTemplateList) ProtoMessage() {}
 func (*ResourceClaimTemplateList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{28}
+	return fileDescriptor_ba331e3ec6484c27, []int{34}
 }
 func (m *ResourceClaimTemplateList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -863,7 +1032,7 @@ var xxx_messageInfo_ResourceClaimTemplateList proto.InternalMessageInfo
 func (m *ResourceClaimTemplateSpec) Reset()      { *m = ResourceClaimTemplateSpec{} }
 func (*ResourceClaimTemplateSpec) ProtoMessage() {}
 func (*ResourceClaimTemplateSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{29}
+	return fileDescriptor_ba331e3ec6484c27, []int{35}
 }
 func (m *ResourceClaimTemplateSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -891,7 +1060,7 @@ var xxx_messageInfo_ResourceClaimTemplateSpec proto.InternalMessageInfo
 func (m *ResourcePool) Reset()      { *m = ResourcePool{} }
 func (*ResourcePool) ProtoMessage() {}
 func (*ResourcePool) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{30}
+	return fileDescriptor_ba331e3ec6484c27, []int{36}
 }
 func (m *ResourcePool) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -919,7 +1088,7 @@ var xxx_messageInfo_ResourcePool proto.InternalMessageInfo
 func (m *ResourceSlice) Reset()      { *m = ResourceSlice{} }
 func (*ResourceSlice) ProtoMessage() {}
 func (*ResourceSlice) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{31}
+	return fileDescriptor_ba331e3ec6484c27, []int{37}
 }
 func (m *ResourceSlice) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -947,7 +1116,7 @@ var xxx_messageInfo_ResourceSlice proto.InternalMessageInfo
 func (m *ResourceSliceList) Reset()      { *m = ResourceSliceList{} }
 func (*ResourceSliceList) ProtoMessage() {}
 func (*ResourceSliceList) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{32}
+	return fileDescriptor_ba331e3ec6484c27, []int{38}
 }
 func (m *ResourceSliceList) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -975,7 +1144,7 @@ var xxx_messageInfo_ResourceSliceList proto.InternalMessageInfo
 func (m *ResourceSliceSpec) Reset()      { *m = ResourceSliceSpec{} }
 func (*ResourceSliceSpec) ProtoMessage() {}
 func (*ResourceSliceSpec) Descriptor() ([]byte, []int) {
-	return fileDescriptor_ba331e3ec6484c27, []int{33}
+	return fileDescriptor_ba331e3ec6484c27, []int{39}
 }
 func (m *ResourceSliceSpec) XXX_Unmarshal(b []byte) error {
 	return m.Unmarshal(b)
@@ -1007,6 +1176,9 @@ func init() {
 	proto.RegisterMapType((map[QualifiedName]DeviceAttribute)(nil), "k8s.io.api.resource.v1beta1.BasicDevice.AttributesEntry")
 	proto.RegisterMapType((map[QualifiedName]DeviceCapacity)(nil), "k8s.io.api.resource.v1beta1.BasicDevice.CapacityEntry")
 	proto.RegisterType((*CELDeviceSelector)(nil), "k8s.io.api.resource.v1beta1.CELDeviceSelector")
+	proto.RegisterType((*Counter)(nil), "k8s.io.api.resource.v1beta1.Counter")
+	proto.RegisterType((*CounterSet)(nil), "k8s.io.api.resource.v1beta1.CounterSet")
+	proto.RegisterMapType((map[string]Counter)(nil), "k8s.io.api.resource.v1beta1.CounterSet.CountersEntry")
 	proto.RegisterType((*Device)(nil), "k8s.io.api.resource.v1beta1.Device")
 	proto.RegisterType((*DeviceAllocationConfiguration)(nil), "k8s.io.api.resource.v1beta1.DeviceAllocationConfiguration")
 	proto.RegisterType((*DeviceAllocationResult)(nil), "k8s.io.api.resource.v1beta1.DeviceAllocationResult")
@@ -1020,9 +1192,14 @@ func init() {
 	proto.RegisterType((*DeviceClassSpec)(nil), "k8s.io.api.resource.v1beta1.DeviceClassSpec")
 	proto.RegisterType((*DeviceConfiguration)(nil), "k8s.io.api.resource.v1beta1.DeviceConfiguration")
 	proto.RegisterType((*DeviceConstraint)(nil), "k8s.io.api.resource.v1beta1.DeviceConstraint")
+	proto.RegisterType((*DeviceCounterConsumption)(nil), "k8s.io.api.resource.v1beta1.DeviceCounterConsumption")
+	proto.RegisterMapType((map[string]Counter)(nil), "k8s.io.api.resource.v1beta1.DeviceCounterConsumption.CountersEntry")
 	proto.RegisterType((*DeviceRequest)(nil), "k8s.io.api.resource.v1beta1.DeviceRequest")
 	proto.RegisterType((*DeviceRequestAllocationResult)(nil), "k8s.io.api.resource.v1beta1.DeviceRequestAllocationResult")
 	proto.RegisterType((*DeviceSelector)(nil), "k8s.io.api.resource.v1beta1.DeviceSelector")
+	proto.RegisterType((*DeviceSubRequest)(nil), "k8s.io.api.resource.v1beta1.DeviceSubRequest")
+	proto.RegisterType((*DeviceTaint)(nil), "k8s.io.api.resource.v1beta1.DeviceTaint")
+	proto.RegisterType((*DeviceToleration)(nil), "k8s.io.api.resource.v1beta1.DeviceToleration")
 	proto.RegisterType((*NetworkDeviceData)(nil), "k8s.io.api.resource.v1beta1.NetworkDeviceData")
 	proto.RegisterType((*OpaqueDeviceConfiguration)(nil), "k8s.io.api.resource.v1beta1.OpaqueDeviceConfiguration")
 	proto.RegisterType((*ResourceClaim)(nil), "k8s.io.api.resource.v1beta1.ResourceClaim")
@@ -1044,136 +1221,165 @@ func init() {
 }
 
 var fileDescriptor_ba331e3ec6484c27 = []byte{
-	// 2051 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x19, 0x4b, 0x8f, 0x1b, 0x49,
-	0x79, 0xda, 0xed, 0x79, 0x7d, 0x9e, 0x57, 0x2a, 0x64, 0x71, 0x26, 0xc2, 0x9e, 0x74, 0x24, 0xf0,
-	0x66, 0xb3, 0xed, 0x8d, 0x81, 0x28, 0xca, 0x5e, 0x70, 0xcf, 0xcc, 0x06, 0x43, 0x32, 0x99, 0xad,
-	0x61, 0x43, 0xb4, 0x6c, 0x10, 0x35, 0xed, 0x9a, 0x99, 0x66, 0xec, 0x6e, 0xa7, 0xbb, 0x7a, 0xb2,
-	0x73, 0x40, 0xa0, 0x3d, 0xaf, 0x10, 0x77, 0xc4, 0x85, 0x03, 0x12, 0x12, 0x42, 0xfc, 0x02, 0x90,
-	0x40, 0x88, 0x88, 0x03, 0xac, 0xe0, 0xb2, 0xe2, 0x60, 0x88, 0xf7, 0x07, 0x70, 0xcf, 0x09, 0x55,
-	0x75, 0xf5, 0xd3, 0x6e, 0xd3, 0x83, 0x96, 0x51, 0xf6, 0xe6, 0xfe, 0xde, 0xf5, 0xbd, 0xab, 0x0c,
-	0xaf, 0x1d, 0xdf, 0xf6, 0x74, 0xcb, 0x69, 0x92, 0x81, 0xd5, 0x74, 0xa9, 0xe7, 0xf8, 0xae, 0x49,
-	0x9b, 0x27, 0x37, 0xf7, 0x29, 0x23, 0x37, 0x9b, 0x87, 0xd4, 0xa6, 0x2e, 0x61, 0xb4, 0xab, 0x0f,
-	0x5c, 0x87, 0x39, 0xe8, 0x4a, 0x40, 0xac, 0x93, 0x81, 0xa5, 0x87, 0xc4, 0xba, 0x24, 0x5e, 0x7f,
-	0xfd, 0xd0, 0x62, 0x47, 0xfe, 0xbe, 0x6e, 0x3a, 0xfd, 0xe6, 0xa1, 0x73, 0xe8, 0x34, 0x05, 0xcf,
-	0xbe, 0x7f, 0x20, 0xbe, 0xc4, 0x87, 0xf8, 0x15, 0xc8, 0x5a, 0xd7, 0x12, 0x8a, 0x4d, 0xc7, 0xe5,
-	0x4a, 0xb3, 0xfa, 0xd6, 0xbf, 0x12, 0xd3, 0xf4, 0x89, 0x79, 0x64, 0xd9, 0xd4, 0x3d, 0x6d, 0x0e,
-	0x8e, 0x0f, 0xd3, 0xd6, 0x9e, 0x85, 0xcb, 0x6b, 0xf6, 0x29, 0x23, 0x93, 0x74, 0x35, 0xf3, 0xb8,
-	0x5c, 0xdf, 0x66, 0x56, 0x7f, 0x5c, 0xcd, 0xad, 0xff, 0xc6, 0xe0, 0x99, 0x47, 0xb4, 0x4f, 0xb2,
-	0x7c, 0xda, 0xcf, 0x55, 0xb8, 0xd4, 0xee, 0xf5, 0x1c, 0x93, 0xc3, 0xb6, 0xe8, 0x89, 0x65, 0xd2,
-	0x3d, 0x46, 0x98, 0xef, 0xa1, 0x2f, 0xc2, 0x5c, 0xd7, 0xb5, 0x4e, 0xa8, 0x5b, 0x55, 0x36, 0x94,
-	0xc6, 0xa2, 0xb1, 0xf2, 0x6c, 0x58, 0x9f, 0x19, 0x0d, 0xeb, 0x73, 0x5b, 0x02, 0x8a, 0x25, 0x16,
-	0x6d, 0x40, 0x79, 0xe0, 0x38, 0xbd, 0x6a, 0x49, 0x50, 0x2d, 0x49, 0xaa, 0xf2, 0xae, 0xe3, 0xf4,
-	0xb0, 0xc0, 0x08, 0x49, 0x42, 0x72, 0x55, 0xcd, 0x48, 0x12, 0x50, 0x2c, 0xb1, 0xc8, 0x04, 0x30,
-	0x1d, 0xbb, 0x6b, 0x31, 0xcb, 0xb1, 0xbd, 0x6a, 0x79, 0x43, 0x6d, 0x54, 0x5a, 0x4d, 0x3d, 0x8e,
-	0x72, 0x74, 0x30, 0x7d, 0x70, 0x7c, 0xc8, 0x01, 0x9e, 0xce, 0xfd, 0xa7, 0x9f, 0xdc, 0xd4, 0x37,
-	0x43, 0x3e, 0x03, 0x49, 0xe1, 0x10, 0x81, 0x3c, 0x9c, 0x10, 0x8b, 0x1e, 0x40, 0xb9, 0x4b, 0x18,
-	0xa9, 0xce, 0x6e, 0x28, 0x8d, 0x4a, 0xeb, 0xf5, 0x5c, 0xf1, 0xd2, 0x6f, 0x3a, 0x26, 0x4f, 0xb7,
-	0xdf, 0x67, 0xd4, 0xf6, 0xb8, 0xf0, 0xe8, 0x74, 0x5b, 0x84, 0x11, 0x2c, 0x04, 0x21, 0x02, 0x15,
-	0x9b, 0xb2, 0xa7, 0x8e, 0x7b, 0xcc, 0x81, 0xd5, 0x39, 0x21, 0x57, 0xd7, 0xa7, 0x24, 0xa7, 0xbe,
-	0x23, 0xe9, 0xc5, 0xb1, 0x39, 0x97, 0xb1, 0x3a, 0x1a, 0xd6, 0x2b, 0x3b, 0xb1, 0x18, 0x9c, 0x94,
-	0xa9, 0xfd, 0x59, 0x81, 0x35, 0x19, 0x24, 0xcb, 0xb1, 0x31, 0xf5, 0xfc, 0x1e, 0x43, 0xdf, 0x85,
-	0xf9, 0xc0, 0x6f, 0x9e, 0x08, 0x50, 0xa5, 0xf5, 0xe5, 0xa9, 0x3a, 0x03, 0x65, 0x59, 0x29, 0xc6,
-	0xaa, 0x3c, 0xd1, 0x7c, 0x80, 0xf7, 0x70, 0x28, 0x14, 0x3d, 0x84, 0x25, 0xdb, 0xe9, 0xd2, 0x3d,
-	0xda, 0xa3, 0x26, 0x73, 0x5c, 0x11, 0xbb, 0x4a, 0x6b, 0x23, 0xa9, 0x84, 0x57, 0x0a, 0xf7, 0xfe,
-	0x4e, 0x82, 0xce, 0x58, 0x1b, 0x0d, 0xeb, 0x4b, 0x49, 0x08, 0x4e, 0xc9, 0xd1, 0xfe, 0xa1, 0x42,
-	0xc5, 0x20, 0x9e, 0x65, 0x06, 0x1a, 0xd1, 0x0f, 0x00, 0x08, 0x63, 0xae, 0xb5, 0xef, 0x33, 0x71,
-	0x14, 0x1e, 0xf5, 0xdb, 0x53, 0x8f, 0x92, 0xe0, 0xd6, 0xdb, 0x11, 0xeb, 0xb6, 0xcd, 0xdc, 0x53,
-	0xe3, 0x5a, 0x18, 0xfe, 0x18, 0xf1, 0xc1, 0x3f, 0xeb, 0xcb, 0x6f, 0xfb, 0xa4, 0x67, 0x1d, 0x58,
-	0xb4, 0xbb, 0x43, 0xfa, 0x14, 0x27, 0x14, 0x22, 0x1f, 0x16, 0x4c, 0x32, 0x20, 0xa6, 0xc5, 0x4e,
-	0xab, 0x25, 0xa1, 0xfc, 0x56, 0x61, 0xe5, 0x9b, 0x92, 0x31, 0x50, 0x7d, 0x55, 0xaa, 0x5e, 0x08,
-	0xc1, 0xe3, 0x8a, 0x23, 0x55, 0xeb, 0xc7, 0xb0, 0x9a, 0x31, 0x1d, 0xad, 0x81, 0x7a, 0x4c, 0x4f,
-	0x83, 0x6a, 0xc3, 0xfc, 0x27, 0x32, 0x60, 0xf6, 0x84, 0xf4, 0x7c, 0x2a, 0x6a, 0xab, 0xd2, 0xba,
-	0x51, 0x24, 0xc0, 0xa1, 0x50, 0x1c, 0xb0, 0xde, 0x29, 0xdd, 0x56, 0xd6, 0x8f, 0x60, 0x39, 0x65,
-	0xea, 0x04, 0x55, 0xed, 0xb4, 0xaa, 0xd7, 0x0a, 0xa8, 0x0a, 0x45, 0x26, 0x34, 0x69, 0x77, 0xe1,
-	0xc2, 0xe6, 0xf6, 0x3d, 0xd9, 0x47, 0x64, 0xc4, 0x51, 0x0b, 0x80, 0xbe, 0x3f, 0x70, 0xa9, 0xc7,
-	0x6b, 0x48, 0x76, 0x93, 0xa8, 0x4c, 0xb7, 0x23, 0x0c, 0x4e, 0x50, 0x69, 0x3e, 0xc8, 0xee, 0xc0,
-	0xfb, 0x8b, 0x4d, 0xfa, 0x54, 0xf2, 0x45, 0x15, 0x28, 0xfc, 0x29, 0x30, 0xa8, 0x03, 0xb3, 0xfb,
-	0x3c, 0x2a, 0xd2, 0xf6, 0x46, 0xd1, 0xf8, 0x19, 0x8b, 0xa3, 0x61, 0x7d, 0x56, 0x00, 0x70, 0x20,
-	0x41, 0xfb, 0xb0, 0x04, 0x5f, 0xc8, 0x56, 0xca, 0xa6, 0x63, 0x1f, 0x58, 0x87, 0xbe, 0x2b, 0x3e,
-	0xd0, 0xd7, 0x60, 0x2e, 0x90, 0x28, 0x0d, 0x6a, 0x84, 0xcd, 0x6c, 0x4f, 0x40, 0x5f, 0x0c, 0xeb,
-	0xaf, 0x64, 0x59, 0x03, 0x0c, 0x96, 0x7c, 0xa8, 0x01, 0x0b, 0x2e, 0x7d, 0xe2, 0x53, 0x8f, 0x79,
-	0x22, 0xe3, 0x16, 0x8d, 0x25, 0x9e, 0x35, 0x58, 0xc2, 0x70, 0x84, 0x45, 0x3f, 0x84, 0x8b, 0x41,
-	0x35, 0xa6, 0x4c, 0x90, 0x95, 0xf8, 0x46, 0x91, 0x10, 0x25, 0xf9, 0x8c, 0x2b, 0xd2, 0xd4, 0x8b,
-	0x13, 0x90, 0x78, 0x92, 0x26, 0xed, 0x13, 0x05, 0x5e, 0x99, 0xdc, 0x38, 0x10, 0x85, 0x79, 0x57,
-	0xfc, 0x0a, 0x6b, 0xf6, 0x4e, 0x01, 0x7b, 0xe4, 0x19, 0xf3, 0xbb, 0x50, 0xf0, 0xed, 0xe1, 0x50,
-	0x36, 0xda, 0x87, 0x39, 0x53, 0x98, 0x24, 0x8b, 0xf3, 0xce, 0x99, 0x9a, 0x5c, 0xfa, 0xfc, 0xd1,
-	0xdc, 0x09, 0xc0, 0x58, 0x4a, 0xd6, 0x7e, 0xa9, 0xc0, 0x6a, 0xa6, 0x7a, 0x50, 0x0d, 0x54, 0xcb,
-	0x66, 0x22, 0xa3, 0xd4, 0x20, 0x3e, 0x1d, 0x9b, 0x3d, 0xe4, 0x79, 0x8e, 0x39, 0x02, 0x5d, 0x85,
-	0xf2, 0x3e, 0x9f, 0x7a, 0x3c, 0x16, 0x0b, 0xc6, 0xf2, 0x68, 0x58, 0x5f, 0x34, 0x1c, 0xa7, 0x17,
-	0x50, 0x08, 0x14, 0xfa, 0x12, 0xcc, 0x79, 0xcc, 0xb5, 0xec, 0xc3, 0x6a, 0x59, 0x64, 0x8a, 0xe8,
-	0xf1, 0x7b, 0x02, 0x12, 0x90, 0x49, 0x34, 0xba, 0x0e, 0xf3, 0x27, 0xd4, 0x15, 0xc5, 0x31, 0x2b,
-	0x28, 0x45, 0x0b, 0x7d, 0x18, 0x80, 0x02, 0xd2, 0x90, 0x40, 0xa3, 0xb0, 0x92, 0xae, 0x3e, 0xb4,
-	0x17, 0x56, 0xae, 0x32, 0x36, 0x79, 0xc6, 0x06, 0x66, 0xec, 0xb1, 0xb7, 0x7d, 0x62, 0x33, 0x8b,
-	0x9d, 0x1a, 0xcb, 0xd2, 0x29, 0xb3, 0x81, 0xa2, 0x40, 0x96, 0xf6, 0xab, 0x12, 0x54, 0xa4, 0x9e,
-	0x1e, 0xb1, 0xfa, 0xe8, 0x51, 0x22, 0x67, 0x83, 0x70, 0x5f, 0x2f, 0x1e, 0x6e, 0x63, 0x2d, 0xec,
-	0x8c, 0x13, 0x72, 0xbc, 0x0b, 0x15, 0xd3, 0xb1, 0x3d, 0xe6, 0x12, 0xcb, 0x96, 0x05, 0x91, 0x1e,
-	0xcb, 0x53, 0x72, 0x5b, 0x72, 0x19, 0x17, 0xa5, 0xfc, 0x4a, 0x0c, 0xf3, 0x70, 0x52, 0x2c, 0x7a,
-	0x1c, 0xa5, 0x91, 0x2a, 0x14, 0x7c, 0xb5, 0x88, 0x02, 0x7e, 0xf2, 0x62, 0x19, 0xf4, 0x47, 0x05,
-	0xaa, 0x79, 0x4c, 0xa9, 0x7a, 0x57, 0xfe, 0x97, 0x7a, 0x2f, 0x9d, 0x5b, 0xbd, 0xff, 0x4e, 0x49,
-	0x84, 0xdd, 0xf3, 0xd0, 0xf7, 0x60, 0x81, 0x6f, 0x58, 0x62, 0x61, 0x52, 0xc6, 0xac, 0x98, 0xb2,
-	0x8f, 0x3d, 0xd8, 0xff, 0x3e, 0x35, 0xd9, 0x7d, 0xca, 0x48, 0xdc, 0xe9, 0x63, 0x18, 0x8e, 0xa4,
-	0xa2, 0x1d, 0x28, 0x7b, 0x03, 0x6a, 0x9e, 0x61, 0xc2, 0x09, 0xcb, 0xf6, 0x06, 0xd4, 0x8c, 0x67,
-	0x01, 0xff, 0xc2, 0x42, 0x8e, 0xf6, 0xd3, 0x64, 0x24, 0x3c, 0x2f, 0x1d, 0x89, 0x1c, 0xff, 0x2a,
-	0xe7, 0xe6, 0xdf, 0xdf, 0x46, 0x9d, 0x46, 0x58, 0x77, 0xcf, 0xf2, 0x18, 0x7a, 0x6f, 0xcc, 0xc7,
-	0x7a, 0x31, 0x1f, 0x73, 0x6e, 0xe1, 0xe1, 0xa8, 0xbc, 0x42, 0x48, 0xc2, 0xbf, 0xf7, 0x61, 0xd6,
-	0x62, 0xb4, 0x1f, 0x16, 0x56, 0xa3, 0xa8, 0x83, 0xe3, 0xbe, 0xd0, 0xe1, 0xec, 0x38, 0x90, 0xa2,
-	0xfd, 0x25, 0x7d, 0x00, 0xee, 0x78, 0xf4, 0x1e, 0x2c, 0x7a, 0x72, 0xd4, 0x87, 0xcd, 0xa1, 0xc8,
-	0xfa, 0x10, 0x2d, 0x8c, 0x17, 0xa4, 0xa6, 0xc5, 0x10, 0xe2, 0xe1, 0x58, 0x60, 0xa2, 0x72, 0x4b,
-	0x67, 0xa9, 0xdc, 0x4c, 0xe8, 0x73, 0x2b, 0xf7, 0x09, 0x4c, 0x8a, 0x1e, 0x7a, 0x17, 0xe6, 0x9c,
-	0x01, 0x79, 0x12, 0x75, 0xd5, 0xe9, 0x3b, 0xe1, 0x03, 0x41, 0x3a, 0x29, 0x45, 0x80, 0xab, 0x0c,
-	0xd0, 0x58, 0x4a, 0xd4, 0x7e, 0xac, 0xc0, 0x5a, 0xb6, 0x85, 0x9d, 0xa1, 0x49, 0xec, 0xc2, 0x4a,
-	0x9f, 0x30, 0xf3, 0x28, 0x9a, 0x55, 0xf2, 0xe6, 0xd5, 0x18, 0x0d, 0xeb, 0x2b, 0xf7, 0x53, 0x98,
-	0x17, 0xc3, 0x3a, 0x7a, 0xcb, 0xef, 0xf5, 0x4e, 0xd3, 0x5b, 0x68, 0x86, 0x5f, 0xfb, 0x40, 0x85,
-	0xe5, 0x54, 0xc3, 0x2e, 0xb0, 0x73, 0xb5, 0x61, 0xb5, 0x1b, 0xfb, 0x9a, 0x23, 0xa4, 0x19, 0x9f,
-	0x97, 0xc4, 0xc9, 0x34, 0x11, 0x7c, 0x59, 0xfa, 0x74, 0xde, 0xa8, 0x9f, 0x76, 0xde, 0x3c, 0x84,
-	0x15, 0x12, 0xed, 0x01, 0xf7, 0x9d, 0x2e, 0x95, 0x53, 0x58, 0x97, 0x5c, 0x2b, 0xed, 0x14, 0xf6,
-	0xc5, 0xb0, 0xfe, 0xb9, 0xec, 0xf6, 0xc0, 0xe1, 0x38, 0x23, 0x05, 0x5d, 0x83, 0x59, 0xd3, 0xf1,
-	0x6d, 0x26, 0x46, 0xb5, 0x1a, 0x97, 0xc9, 0x26, 0x07, 0xe2, 0x00, 0x87, 0x6e, 0x42, 0x85, 0x74,
-	0xfb, 0x96, 0xdd, 0x36, 0x4d, 0xea, 0x79, 0xe2, 0x4e, 0xb8, 0x10, 0xcc, 0xff, 0x76, 0x0c, 0xc6,
-	0x49, 0x1a, 0xed, 0xdf, 0x4a, 0xb8, 0x79, 0xe6, 0x2c, 0x49, 0xe8, 0x55, 0xbe, 0x71, 0x09, 0x94,
-	0x8c, 0x4b, 0x62, 0x6b, 0x12, 0x60, 0x1c, 0xe2, 0x13, 0x77, 0xf7, 0x52, 0xa1, 0xbb, 0xbb, 0x5a,
-	0xe0, 0xee, 0x5e, 0x9e, 0x7a, 0x77, 0xcf, 0x9c, 0x78, 0xb6, 0xc0, 0x89, 0xbf, 0x13, 0xae, 0x32,
-	0xd1, 0x45, 0xa1, 0x03, 0xaa, 0x49, 0x7b, 0x13, 0xba, 0xe0, 0x78, 0x2e, 0x8c, 0xdd, 0x32, 0x8c,
-	0xf9, 0xd1, 0xb0, 0xae, 0x6e, 0x6e, 0xdf, 0xc3, 0x5c, 0x86, 0xf6, 0x6b, 0x05, 0x2e, 0x8c, 0x5d,
-	0xb3, 0xd1, 0x9b, 0xb0, 0x6c, 0xd9, 0x8c, 0xba, 0x07, 0xc4, 0xa4, 0x3b, 0x71, 0x82, 0x5f, 0x92,
-	0x87, 0x5a, 0xee, 0x24, 0x91, 0x38, 0x4d, 0x8b, 0x2e, 0x83, 0x6a, 0x0d, 0xc2, 0x95, 0x5d, 0x68,
-	0xeb, 0xec, 0x7a, 0x98, 0xc3, 0x78, 0x35, 0x1c, 0x11, 0xb7, 0xfb, 0x94, 0xb8, 0xb4, 0xdd, 0xed,
-	0xf2, 0x3b, 0x8c, 0x74, 0x69, 0x54, 0x0d, 0x5f, 0x4f, 0xa3, 0x71, 0x96, 0x5e, 0xfb, 0x85, 0x02,
-	0x97, 0x73, 0xfb, 0x48, 0xe1, 0xc7, 0x18, 0x02, 0x30, 0x20, 0x2e, 0xe9, 0x53, 0x46, 0x5d, 0x4f,
-	0x0e, 0xd5, 0x33, 0xbe, 0x71, 0x44, 0xf3, 0x7a, 0x37, 0x12, 0x84, 0x13, 0x42, 0xb5, 0x9f, 0x95,
-	0x60, 0x19, 0xcb, 0x70, 0x04, 0xcb, 0xe1, 0xff, 0x7f, 0x4b, 0xd8, 0x4d, 0x6d, 0x09, 0xd3, 0x33,
-	0x23, 0x65, 0x5b, 0xde, 0x9e, 0x80, 0x1e, 0xf1, 0xe5, 0x9c, 0x30, 0xdf, 0x2b, 0x74, 0x9b, 0x4a,
-	0xcb, 0x14, 0x7c, 0x71, 0x08, 0x82, 0x6f, 0x2c, 0xe5, 0x69, 0x23, 0x05, 0x6a, 0x29, 0x7a, 0xde,
-	0xe5, 0xfd, 0x3e, 0x75, 0x31, 0x3d, 0xa0, 0x2e, 0xb5, 0x4d, 0x8a, 0x6e, 0xc0, 0x02, 0x19, 0x58,
-	0x77, 0x5d, 0xc7, 0x1f, 0xc8, 0x78, 0x46, 0x23, 0xbc, 0xbd, 0xdb, 0x11, 0x70, 0x1c, 0x51, 0x70,
-	0xea, 0xd0, 0x20, 0x99, 0x55, 0x89, 0x7d, 0x3a, 0x80, 0xe3, 0x88, 0x22, 0x6a, 0xdd, 0xe5, 0xdc,
-	0xd6, 0x6d, 0x80, 0xea, 0x5b, 0x5d, 0x79, 0xd5, 0x78, 0x43, 0x12, 0xa8, 0xef, 0x74, 0xb6, 0x5e,
-	0x0c, 0xeb, 0x57, 0xf3, 0x9e, 0x11, 0xd9, 0xe9, 0x80, 0x7a, 0xfa, 0x3b, 0x9d, 0x2d, 0xcc, 0x99,
-	0xb5, 0xdf, 0x2b, 0x70, 0x21, 0x75, 0xc8, 0x73, 0x58, 0x65, 0x1e, 0xa4, 0x57, 0x99, 0xeb, 0xc5,
-	0x23, 0x96, 0xb3, 0xcc, 0x1c, 0x65, 0xce, 0x20, 0xb6, 0x99, 0xbd, 0xec, 0xb3, 0x5a, 0xa3, 0xe8,
-	0x55, 0x21, 0xff, 0x2d, 0x4d, 0xfb, 0x53, 0x09, 0x2e, 0x4e, 0xc8, 0x21, 0xf4, 0x18, 0x20, 0x1e,
-	0x2f, 0x52, 0xdf, 0xf4, 0xbb, 0xcf, 0xd8, 0xd5, 0x79, 0x45, 0x3c, 0x76, 0xc5, 0xd0, 0x84, 0x40,
-	0xe4, 0x42, 0xc5, 0xa5, 0x1e, 0x75, 0x4f, 0x68, 0xf7, 0x2d, 0xc7, 0x95, 0x7e, 0x7b, 0xb3, 0xb8,
-	0xdf, 0xc6, 0x32, 0x37, 0xbe, 0x69, 0xe1, 0x58, 0x2e, 0x4e, 0x2a, 0x41, 0x8f, 0x63, 0xff, 0x05,
-	0x2f, 0xb8, 0xad, 0x22, 0xe7, 0x49, 0xbf, 0x3d, 0x4f, 0xf1, 0xe4, 0xdf, 0x15, 0xb8, 0x94, 0xb2,
-	0xf1, 0x5b, 0xb4, 0x3f, 0xe8, 0x11, 0x46, 0xcf, 0xa1, 0x0b, 0x3d, 0x4a, 0x75, 0xa1, 0x5b, 0xc5,
-	0xfd, 0x18, 0xda, 0x98, 0x7b, 0x6b, 0xf9, 0x9b, 0x02, 0x97, 0x27, 0x72, 0x9c, 0x43, 0x59, 0x7d,
-	0x3b, 0x5d, 0x56, 0xad, 0xb3, 0x1f, 0x2b, 0xa7, 0xbc, 0xfe, 0x9a, 0x77, 0x28, 0x51, 0x67, 0x9f,
-	0xc1, 0xa1, 0xa1, 0xfd, 0x46, 0x81, 0xa5, 0x90, 0x92, 0xef, 0x48, 0x05, 0xf6, 0xe4, 0x16, 0x80,
-	0xfc, 0xcb, 0x25, 0xbc, 0xc9, 0xab, 0xb1, 0xd9, 0x77, 0x23, 0x0c, 0x4e, 0x50, 0xa1, 0x6f, 0x00,
-	0x0a, 0x0d, 0xdc, 0xeb, 0x89, 0x55, 0x80, 0xef, 0x9b, 0xaa, 0xe0, 0x5d, 0x97, 0xbc, 0x08, 0x8f,
-	0x51, 0xe0, 0x09, 0x5c, 0xda, 0x1f, 0x94, 0x78, 0x5a, 0x0b, 0xf0, 0x4b, 0xea, 0x78, 0x61, 0x5b,
-	0xae, 0xe3, 0x93, 0xe3, 0x46, 0x50, 0xbe, 0xac, 0xe3, 0x46, 0x18, 0x97, 0x53, 0x0f, 0x1f, 0xaa,
-	0x99, 0x43, 0x88, 0x3a, 0x28, 0xba, 0xd9, 0x7d, 0x33, 0xf1, 0x37, 0x5b, 0xa5, 0xf5, 0x6a, 0x21,
-	0x6b, 0x78, 0x8e, 0x4e, 0xdc, 0xea, 0x6f, 0xc0, 0x82, 0xed, 0x74, 0x83, 0x15, 0x38, 0xb3, 0x52,
-	0xec, 0x48, 0x38, 0x8e, 0x28, 0xc6, 0xfe, 0x09, 0x2a, 0x7f, 0x3a, 0xff, 0x04, 0x89, 0x35, 0xa8,
-	0xd7, 0xe3, 0x04, 0xe1, 0x85, 0x21, 0x5e, 0x83, 0x24, 0x1c, 0x47, 0x14, 0x68, 0x27, 0x1e, 0x2c,
-	0x73, 0x22, 0x22, 0xd7, 0x0a, 0x0c, 0xe6, 0xfc, 0x49, 0x62, 0xb4, 0x9f, 0x3d, 0xaf, 0xcd, 0x7c,
-	0xf4, 0xbc, 0x36, 0xf3, 0xf1, 0xf3, 0xda, 0xcc, 0x8f, 0x46, 0x35, 0xe5, 0xd9, 0xa8, 0xa6, 0x7c,
-	0x34, 0xaa, 0x29, 0x1f, 0x8f, 0x6a, 0xca, 0xbf, 0x46, 0x35, 0xe5, 0x27, 0x9f, 0xd4, 0x66, 0xde,
-	0xbd, 0x32, 0xe5, 0x1f, 0xe9, 0xff, 0x04, 0x00, 0x00, 0xff, 0xff, 0x26, 0xe2, 0x5c, 0xf8, 0xaf,
-	0x1e, 0x00, 0x00,
+	// 2527 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x1a, 0xcd, 0x6f, 0x1b, 0x59,
+	0x3d, 0xe3, 0x71, 0x1c, 0xe7, 0xe7, 0x26, 0x4d, 0x5e, 0x69, 0x71, 0x53, 0xad, 0x9d, 0x4e, 0x11,
+	0x9b, 0xed, 0xb6, 0xce, 0x36, 0x40, 0x55, 0xb5, 0x17, 0xec, 0x34, 0xed, 0x86, 0xb6, 0x69, 0xf6,
+	0x39, 0xdb, 0xad, 0x96, 0xed, 0x8a, 0xc9, 0xf8, 0x25, 0x19, 0x62, 0xcf, 0xb8, 0xf3, 0x9e, 0xd3,
+	0x8d, 0x10, 0x62, 0xc5, 0x19, 0x21, 0x8e, 0x48, 0x08, 0x84, 0x10, 0x42, 0x42, 0x42, 0x88, 0x23,
+	0x27, 0x90, 0x40, 0x88, 0xc2, 0x01, 0x56, 0xa0, 0x15, 0x7b, 0x40, 0x86, 0x7a, 0xff, 0x02, 0x2e,
+	0x1c, 0x72, 0x42, 0xef, 0x63, 0x3e, 0xfd, 0xb1, 0x93, 0xd2, 0x46, 0x45, 0xe2, 0x66, 0xff, 0xde,
+	0xef, 0xeb, 0xfd, 0xbe, 0xdf, 0x7b, 0x03, 0xaf, 0xee, 0x5e, 0xa1, 0x15, 0xdb, 0x5d, 0x34, 0xdb,
+	0xf6, 0xa2, 0x47, 0xa8, 0xdb, 0xf1, 0x2c, 0xb2, 0xb8, 0x77, 0x69, 0x93, 0x30, 0xf3, 0xd2, 0xe2,
+	0x36, 0x71, 0x88, 0x67, 0x32, 0xd2, 0xa8, 0xb4, 0x3d, 0x97, 0xb9, 0xe8, 0x8c, 0x44, 0xae, 0x98,
+	0x6d, 0xbb, 0xe2, 0x23, 0x57, 0x14, 0xf2, 0xdc, 0xc5, 0x6d, 0x9b, 0xed, 0x74, 0x36, 0x2b, 0x96,
+	0xdb, 0x5a, 0xdc, 0x76, 0xb7, 0xdd, 0x45, 0x41, 0xb3, 0xd9, 0xd9, 0x12, 0xff, 0xc4, 0x1f, 0xf1,
+	0x4b, 0xf2, 0x9a, 0x33, 0x22, 0x82, 0x2d, 0xd7, 0xe3, 0x42, 0x93, 0xf2, 0xe6, 0x3e, 0x1f, 0xe2,
+	0xb4, 0x4c, 0x6b, 0xc7, 0x76, 0x88, 0xb7, 0xbf, 0xd8, 0xde, 0xdd, 0x8e, 0x6b, 0x7b, 0x18, 0x2a,
+	0xba, 0xd8, 0x22, 0xcc, 0x1c, 0x24, 0x6b, 0x71, 0x18, 0x95, 0xd7, 0x71, 0x98, 0xdd, 0xea, 0x17,
+	0x73, 0xf9, 0x93, 0x08, 0xa8, 0xb5, 0x43, 0x5a, 0x66, 0x92, 0xce, 0xf8, 0x81, 0x0e, 0x27, 0xab,
+	0xcd, 0xa6, 0x6b, 0x71, 0xd8, 0x75, 0xb2, 0x67, 0x5b, 0xa4, 0xce, 0x4c, 0xd6, 0xa1, 0xe8, 0xb3,
+	0x90, 0x6b, 0x78, 0xf6, 0x1e, 0xf1, 0x8a, 0xda, 0xbc, 0xb6, 0x30, 0x59, 0x9b, 0x7e, 0xdc, 0x2d,
+	0x8f, 0xf5, 0xba, 0xe5, 0xdc, 0x75, 0x01, 0xc5, 0x6a, 0x15, 0xcd, 0x43, 0xb6, 0xed, 0xba, 0xcd,
+	0x62, 0x46, 0x60, 0x1d, 0x53, 0x58, 0xd9, 0x75, 0xd7, 0x6d, 0x62, 0xb1, 0x22, 0x38, 0x09, 0xce,
+	0x45, 0x3d, 0xc1, 0x49, 0x40, 0xb1, 0x5a, 0x45, 0x16, 0x80, 0xe5, 0x3a, 0x0d, 0x9b, 0xd9, 0xae,
+	0x43, 0x8b, 0xd9, 0x79, 0x7d, 0xa1, 0xb0, 0xb4, 0x58, 0x09, 0xbd, 0x1c, 0x6c, 0xac, 0xd2, 0xde,
+	0xdd, 0xe6, 0x00, 0x5a, 0xe1, 0xf6, 0xab, 0xec, 0x5d, 0xaa, 0x2c, 0xfb, 0x74, 0x35, 0xa4, 0x98,
+	0x43, 0x00, 0xa2, 0x38, 0xc2, 0x16, 0xdd, 0x82, 0x6c, 0xc3, 0x64, 0x66, 0x71, 0x7c, 0x5e, 0x5b,
+	0x28, 0x2c, 0x5d, 0x1c, 0xca, 0x5e, 0xd9, 0xad, 0x82, 0xcd, 0x47, 0x2b, 0xef, 0x31, 0xe2, 0x50,
+	0xce, 0x3c, 0xcf, 0x77, 0x76, 0xdd, 0x64, 0x26, 0x16, 0x4c, 0x90, 0x09, 0x05, 0x87, 0xb0, 0x47,
+	0xae, 0xb7, 0xcb, 0x81, 0xc5, 0x9c, 0xe0, 0x59, 0xa9, 0x8c, 0x08, 0xcc, 0xca, 0x9a, 0xc2, 0x17,
+	0x5b, 0xe6, 0x54, 0xb5, 0xe3, 0xbd, 0x6e, 0xb9, 0xb0, 0x16, 0xb2, 0xc1, 0x51, 0x9e, 0xc6, 0x1f,
+	0x35, 0x98, 0x51, 0x0e, 0xb2, 0x5d, 0x07, 0x13, 0xda, 0x69, 0x32, 0xf4, 0x2e, 0x4c, 0x48, 0x9b,
+	0x51, 0xe1, 0x9c, 0xc2, 0xd2, 0xe7, 0x46, 0xca, 0x94, 0xc2, 0x92, 0x5c, 0x6a, 0xc7, 0x95, 0xa9,
+	0x26, 0xe4, 0x3a, 0xc5, 0x3e, 0x53, 0x74, 0x0f, 0x8e, 0x39, 0x6e, 0x83, 0xd4, 0x49, 0x93, 0x58,
+	0xcc, 0xf5, 0x84, 0xdf, 0x0a, 0x4b, 0xf3, 0x51, 0x21, 0x3c, 0x4b, 0xb8, 0xe5, 0xd7, 0x22, 0x78,
+	0xb5, 0x99, 0x5e, 0xb7, 0x7c, 0x2c, 0x0a, 0xc1, 0x31, 0x3e, 0xc6, 0x87, 0x39, 0x28, 0xd4, 0x4c,
+	0x6a, 0x5b, 0x52, 0x22, 0xfa, 0x3a, 0x80, 0xc9, 0x98, 0x67, 0x6f, 0x76, 0x98, 0xd8, 0x0a, 0xf7,
+	0xf8, 0x95, 0x91, 0x5b, 0x89, 0x50, 0x57, 0xaa, 0x01, 0xe9, 0x8a, 0xc3, 0xbc, 0xfd, 0xda, 0x39,
+	0xdf, 0xf5, 0xe1, 0xc2, 0x37, 0xff, 0x51, 0x9e, 0x7a, 0xa3, 0x63, 0x36, 0xed, 0x2d, 0x9b, 0x34,
+	0xd6, 0xcc, 0x16, 0xc1, 0x11, 0x81, 0xa8, 0x03, 0x79, 0xcb, 0x6c, 0x9b, 0x96, 0xcd, 0xf6, 0x8b,
+	0x19, 0x21, 0xfc, 0x72, 0x6a, 0xe1, 0xcb, 0x8a, 0x50, 0x8a, 0x3e, 0xab, 0x44, 0xe7, 0x7d, 0x70,
+	0xbf, 0xe0, 0x40, 0x14, 0xfa, 0x1a, 0xcc, 0x58, 0xae, 0x43, 0x3b, 0x2d, 0x42, 0x97, 0xdd, 0x8e,
+	0xc3, 0x88, 0x47, 0x8b, 0xba, 0x10, 0xff, 0x85, 0x14, 0x6e, 0x54, 0x24, 0xcb, 0x82, 0x43, 0x5b,
+	0xc4, 0x7c, 0x51, 0x49, 0x9f, 0x59, 0x4e, 0xb0, 0xc5, 0x7d, 0x82, 0xd0, 0x02, 0xe4, 0xb9, 0x4b,
+	0xb8, 0x4a, 0xc5, 0xac, 0x4c, 0x59, 0xae, 0xf7, 0x9a, 0x82, 0xe1, 0x60, 0xb5, 0x2f, 0x08, 0xc6,
+	0x9f, 0x4d, 0x10, 0x70, 0x0d, 0xcc, 0x66, 0x93, 0x23, 0x50, 0x91, 0x31, 0x79, 0xa9, 0x41, 0x55,
+	0xc1, 0x70, 0xb0, 0x8a, 0xd6, 0x21, 0xc7, 0x4c, 0xdb, 0x61, 0xb4, 0x38, 0x21, 0xcc, 0xb3, 0x90,
+	0xc2, 0x3c, 0x1b, 0x9c, 0x20, 0x2c, 0x31, 0xe2, 0x2f, 0xc5, 0x8a, 0xcf, 0xdc, 0x2e, 0x1c, 0x4f,
+	0x44, 0x0d, 0x9a, 0x01, 0x7d, 0x97, 0xec, 0xcb, 0x22, 0x87, 0xf9, 0x4f, 0x54, 0x83, 0xf1, 0x3d,
+	0xb3, 0xd9, 0x21, 0xa2, 0xa4, 0x15, 0x96, 0x2e, 0xa4, 0xc9, 0x2d, 0x9f, 0x29, 0x96, 0xa4, 0x57,
+	0x33, 0x57, 0xb4, 0xb9, 0x1d, 0x98, 0x8a, 0x45, 0xc9, 0x00, 0x51, 0xd5, 0xb8, 0xa8, 0x57, 0xd3,
+	0xf8, 0x5f, 0xb1, 0x8c, 0x48, 0x32, 0x6e, 0xc2, 0xec, 0xf2, 0xca, 0x6d, 0x55, 0xbe, 0x7d, 0x3b,
+	0x2f, 0x01, 0x90, 0xf7, 0xda, 0x1e, 0xa1, 0xbc, 0x74, 0xa9, 0x22, 0x1e, 0x54, 0xc7, 0x95, 0x60,
+	0x05, 0x47, 0xb0, 0x8c, 0x77, 0x61, 0x42, 0x45, 0x0a, 0xaa, 0xfb, 0xaa, 0x69, 0x7d, 0x55, 0xad,
+	0xaf, 0x10, 0x87, 0xba, 0xbe, 0xd1, 0x31, 0x1d, 0x66, 0xb3, 0xfd, 0xda, 0x94, 0x92, 0x34, 0x7e,
+	0x8f, 0x33, 0x51, 0xca, 0x1a, 0xff, 0xd6, 0x00, 0x94, 0x80, 0x3a, 0x61, 0xbc, 0x77, 0x38, 0x3c,
+	0x10, 0xb5, 0x78, 0xef, 0x10, 0x81, 0x28, 0x56, 0x90, 0x05, 0x79, 0xcb, 0xcf, 0x91, 0x4c, 0x8a,
+	0x1c, 0x09, 0x99, 0xfb, 0x3f, 0x55, 0x71, 0x98, 0x09, 0x32, 0xd4, 0xcf, 0x8d, 0x80, 0xf1, 0x9c,
+	0x09, 0x53, 0x31, 0xe4, 0x01, 0x8e, 0xba, 0x1a, 0x77, 0xd4, 0x67, 0xd2, 0x28, 0x11, 0xf5, 0x50,
+	0x07, 0x54, 0xb7, 0x4b, 0xb1, 0xe7, 0x55, 0x18, 0xdf, 0xe4, 0x95, 0x46, 0xc9, 0x5a, 0x48, 0x5b,
+	0x93, 0x6a, 0x93, 0xdc, 0xde, 0x02, 0x80, 0x25, 0x07, 0xe3, 0x5b, 0x19, 0x78, 0x29, 0x59, 0xfd,
+	0x97, 0x5d, 0x67, 0xcb, 0xde, 0xee, 0x78, 0xe2, 0x0f, 0xfa, 0x22, 0xe4, 0x24, 0x47, 0xa5, 0xd0,
+	0x82, 0x9f, 0x39, 0x75, 0x01, 0x3d, 0xe8, 0x96, 0x4f, 0x25, 0x49, 0xe5, 0x0a, 0x56, 0x74, 0x3c,
+	0x9f, 0x3d, 0xf2, 0xb0, 0x43, 0x28, 0x93, 0x2e, 0x52, 0x15, 0x05, 0x2b, 0x18, 0x0e, 0x56, 0xd1,
+	0x37, 0xe0, 0x44, 0x43, 0xd5, 0xb0, 0x88, 0x0a, 0xaa, 0xbb, 0xbc, 0x96, 0xaa, 0xf6, 0x45, 0xe8,
+	0x6a, 0x67, 0x94, 0xaa, 0x27, 0x06, 0x2c, 0xe2, 0x41, 0x92, 0x8c, 0x8f, 0x35, 0x38, 0x35, 0xb8,
+	0x19, 0x22, 0x02, 0x13, 0x9e, 0xf8, 0xe5, 0xf7, 0xa1, 0xab, 0x29, 0xf4, 0x51, 0x7b, 0x1c, 0xde,
+	0x59, 0xe5, 0x7f, 0x8a, 0x7d, 0xde, 0x68, 0x13, 0x72, 0x96, 0x50, 0x49, 0x45, 0xf3, 0xd5, 0x43,
+	0x35, 0xee, 0xf8, 0xfe, 0x83, 0x22, 0x27, 0xc1, 0x58, 0x71, 0x36, 0x7e, 0xaa, 0xc1, 0xf1, 0x44,
+	0x59, 0x42, 0x25, 0xd0, 0x6d, 0x87, 0x89, 0x88, 0xd2, 0xa5, 0x7f, 0x56, 0x1d, 0x26, 0x53, 0x93,
+	0x2f, 0xa0, 0xb3, 0x90, 0xdd, 0xe4, 0x53, 0x9c, 0x2e, 0x0a, 0xf2, 0x54, 0xaf, 0x5b, 0x9e, 0xac,
+	0xb9, 0x6e, 0x53, 0x62, 0x88, 0x25, 0xf4, 0x32, 0xe4, 0x28, 0xf3, 0x6c, 0x67, 0x5b, 0xf5, 0x0d,
+	0x31, 0xb7, 0xd4, 0x05, 0x44, 0xa2, 0xa9, 0x65, 0x74, 0x1e, 0x26, 0xf6, 0x88, 0x27, 0xaa, 0xce,
+	0xb8, 0xc0, 0x14, 0x1d, 0xe1, 0x9e, 0x04, 0x49, 0x54, 0x1f, 0xc1, 0x20, 0x30, 0x1d, 0x2f, 0x6b,
+	0xcf, 0xa7, 0xee, 0xfc, 0x2c, 0x03, 0x05, 0x25, 0xa7, 0x69, 0xda, 0x2d, 0x74, 0x3f, 0x12, 0xb3,
+	0xd2, 0xdd, 0xe7, 0xd3, 0xbb, 0x3b, 0xac, 0x25, 0x03, 0x62, 0xbc, 0x01, 0x05, 0xde, 0x73, 0x99,
+	0x27, 0x1b, 0x97, 0xf4, 0xf2, 0xc5, 0x74, 0xb1, 0xad, 0xa8, 0x6a, 0x27, 0x14, 0xff, 0x42, 0x08,
+	0xa3, 0x38, 0xca, 0x16, 0x3d, 0x08, 0xc2, 0xe8, 0x10, 0x83, 0x03, 0xdf, 0x79, 0xba, 0x08, 0xfa,
+	0x9d, 0x06, 0xc5, 0x61, 0x44, 0xb1, 0x7c, 0xd7, 0x9e, 0x26, 0xdf, 0x33, 0x47, 0x96, 0xef, 0xbf,
+	0xd6, 0x22, 0x6e, 0xa7, 0x14, 0x7d, 0x05, 0xf2, 0xfc, 0xc4, 0x20, 0x0e, 0x00, 0x5a, 0x9f, 0x16,
+	0x23, 0xce, 0x17, 0x77, 0x37, 0xbf, 0x4a, 0x2c, 0x76, 0x87, 0x30, 0x33, 0x6c, 0xa1, 0x21, 0x0c,
+	0x07, 0x5c, 0xd1, 0x1a, 0x64, 0x69, 0x9b, 0x58, 0x87, 0x18, 0x1d, 0x84, 0x66, 0xf5, 0x36, 0xb1,
+	0xc2, 0x5e, 0xc0, 0xff, 0x61, 0xc1, 0xc7, 0xf8, 0x5e, 0xd4, 0x13, 0x94, 0xc6, 0x3d, 0x31, 0xc4,
+	0xbe, 0xda, 0x91, 0xd9, 0xf7, 0x57, 0x41, 0xa5, 0x11, 0xda, 0xdd, 0xb6, 0x29, 0x43, 0xef, 0xf4,
+	0xd9, 0xb8, 0x92, 0xce, 0xc6, 0x9c, 0x5a, 0x58, 0x38, 0x48, 0x2f, 0x1f, 0x12, 0xb1, 0xef, 0x1d,
+	0x18, 0xb7, 0x19, 0x69, 0xf9, 0x89, 0xb5, 0x90, 0xd6, 0xc0, 0x61, 0x5d, 0x58, 0xe5, 0xe4, 0x58,
+	0x72, 0x31, 0xfe, 0x14, 0xdf, 0x00, 0x37, 0x3c, 0x7a, 0x07, 0x26, 0xa9, 0x9a, 0xa1, 0xfc, 0xe2,
+	0x90, 0x66, 0x2e, 0x0b, 0xe6, 0xdf, 0x59, 0x25, 0x69, 0xd2, 0x87, 0x50, 0x1c, 0x32, 0x8c, 0x64,
+	0x6e, 0xe6, 0x30, 0x99, 0x9b, 0x70, 0xfd, 0xd0, 0xcc, 0x7d, 0x08, 0x83, 0xbc, 0x87, 0xde, 0x86,
+	0x9c, 0xdb, 0x36, 0x1f, 0x06, 0x55, 0x75, 0xf4, 0x39, 0xe7, 0xae, 0x40, 0x1d, 0x14, 0x22, 0xc0,
+	0x45, 0xca, 0x65, 0xac, 0x38, 0x1a, 0xdf, 0xd6, 0x60, 0x26, 0x59, 0xc2, 0x0e, 0x51, 0x24, 0xd6,
+	0x61, 0xba, 0x65, 0x32, 0x6b, 0x27, 0xe8, 0x55, 0xea, 0x26, 0x61, 0xa1, 0xd7, 0x2d, 0x4f, 0xdf,
+	0x89, 0xad, 0x1c, 0x74, 0xcb, 0xe8, 0x46, 0xa7, 0xd9, 0xdc, 0x8f, 0x9f, 0xac, 0x12, 0xf4, 0xc6,
+	0x8f, 0x33, 0x41, 0xce, 0xf4, 0x9d, 0x95, 0xf8, 0x54, 0x6c, 0x05, 0x33, 0x62, 0x72, 0x2a, 0x0e,
+	0xa7, 0x47, 0x1c, 0xc1, 0x42, 0x0f, 0xfb, 0x86, 0xd0, 0xe5, 0xa7, 0x3a, 0xa8, 0xbd, 0x58, 0x23,
+	0xe9, 0xdf, 0xb2, 0x30, 0x15, 0xeb, 0x6b, 0x29, 0x46, 0xd3, 0x2a, 0x1c, 0x6f, 0x84, 0x21, 0x29,
+	0x0e, 0x91, 0xd2, 0x5b, 0x9f, 0x56, 0xc8, 0xd1, 0x6c, 0x12, 0x74, 0x49, 0xfc, 0x78, 0x7a, 0xe9,
+	0xcf, 0x3a, 0xbd, 0xee, 0xc1, 0xb4, 0x19, 0x8c, 0x4b, 0x77, 0xdc, 0x86, 0x7f, 0xc8, 0xad, 0x28,
+	0xaa, 0xe9, 0x6a, 0x6c, 0xf5, 0xa0, 0x5b, 0xfe, 0x54, 0x72, 0xc8, 0xe2, 0x70, 0x9c, 0xe0, 0x82,
+	0xce, 0xc1, 0xb8, 0xf0, 0x8d, 0x98, 0x68, 0xf4, 0xb0, 0x9a, 0x08, 0xbb, 0x62, 0xb9, 0x86, 0x2e,
+	0x41, 0xc1, 0x6c, 0xb4, 0x6c, 0xa7, 0x6a, 0x59, 0x84, 0xfa, 0x87, 0x5b, 0x31, 0x26, 0x55, 0x43,
+	0x30, 0x8e, 0xe2, 0xa0, 0x16, 0x4c, 0x6f, 0xd9, 0x1e, 0x65, 0xd5, 0x3d, 0xd3, 0x6e, 0x9a, 0x9b,
+	0x4d, 0xa2, 0x8e, 0xba, 0x69, 0x26, 0x86, 0x7a, 0x67, 0xd3, 0x9f, 0x48, 0x4e, 0xf9, 0xdb, 0xbb,
+	0x11, 0x63, 0x86, 0x13, 0xcc, 0xf9, 0x74, 0xc2, 0xdc, 0x26, 0x91, 0xd9, 0x4c, 0x8b, 0xf9, 0xd4,
+	0xb2, 0x36, 0x02, 0xaa, 0x70, 0x3a, 0x09, 0x61, 0x14, 0x47, 0xd9, 0x1a, 0x1f, 0x06, 0xa7, 0x8e,
+	0x21, 0x03, 0x32, 0x7a, 0x85, 0x4f, 0xdb, 0x62, 0x49, 0x05, 0x5b, 0x64, 0x62, 0x16, 0x60, 0xec,
+	0xaf, 0x47, 0xee, 0x21, 0x33, 0xa9, 0xee, 0x21, 0xf5, 0x14, 0xf7, 0x90, 0xd9, 0x91, 0xf7, 0x90,
+	0x09, 0x37, 0x8e, 0xa7, 0x70, 0x63, 0xc2, 0xae, 0xb9, 0xe7, 0x63, 0xd7, 0x2f, 0xfb, 0xc3, 0x72,
+	0x70, 0xc6, 0x5f, 0x05, 0xdd, 0x22, 0xcd, 0x01, 0x7d, 0x76, 0x40, 0x05, 0x48, 0x5e, 0x10, 0xd4,
+	0x26, 0x7a, 0xdd, 0xb2, 0xbe, 0xbc, 0x72, 0x1b, 0x73, 0x1e, 0xc6, 0x2f, 0x75, 0xbf, 0x8c, 0x87,
+	0x71, 0xf5, 0xff, 0x8a, 0xf0, 0x5f, 0x56, 0x84, 0x44, 0x5c, 0x4c, 0x3c, 0x9f, 0xb8, 0xf8, 0x57,
+	0x30, 0xe6, 0x8a, 0xeb, 0x2e, 0xf4, 0x52, 0xa4, 0x57, 0xd4, 0x0a, 0x8a, 0x5c, 0xbf, 0x45, 0xf6,
+	0x65, 0xe3, 0x38, 0x17, 0x6d, 0x1c, 0x93, 0x83, 0x4f, 0x4c, 0xe8, 0x1a, 0xe4, 0xc8, 0xd6, 0x16,
+	0xb1, 0x98, 0x4a, 0x28, 0xff, 0x72, 0x35, 0xb7, 0x22, 0xa0, 0x07, 0xdd, 0xf2, 0x6c, 0x44, 0xa4,
+	0x04, 0x62, 0x45, 0x82, 0xde, 0x82, 0x49, 0x66, 0xb7, 0x48, 0xb5, 0xd1, 0x20, 0x0d, 0x61, 0xee,
+	0xf8, 0xf9, 0x6a, 0xc4, 0x10, 0xb8, 0x61, 0xb7, 0x88, 0x3c, 0x7e, 0x6e, 0xf8, 0x0c, 0x70, 0xc8,
+	0xeb, 0x6a, 0xfe, 0xbb, 0x3f, 0x2c, 0x8f, 0xbd, 0xff, 0xf7, 0xf9, 0x31, 0xe3, 0x47, 0x19, 0x3f,
+	0x5c, 0x43, 0xb3, 0x7c, 0xd2, 0xc6, 0x5f, 0x87, 0xbc, 0xdb, 0xe6, 0xb8, 0xae, 0x5f, 0x4c, 0x2e,
+	0xf8, 0x2d, 0xf8, 0xae, 0x82, 0x1f, 0x74, 0xcb, 0xc5, 0x24, 0x5b, 0x7f, 0x0d, 0x07, 0xd4, 0xa1,
+	0x09, 0xf5, 0x54, 0x26, 0xcc, 0x1e, 0xde, 0x84, 0xcb, 0x30, 0x1b, 0xba, 0xb8, 0x4e, 0x2c, 0xd7,
+	0x69, 0x50, 0x15, 0x6a, 0x27, 0x7b, 0xdd, 0xf2, 0xec, 0x46, 0x72, 0x11, 0xf7, 0xe3, 0x1b, 0x3f,
+	0xd7, 0x60, 0xb6, 0xef, 0xc1, 0x01, 0x5d, 0x83, 0x29, 0x9b, 0x0f, 0x03, 0x5b, 0xa6, 0x25, 0xef,
+	0x81, 0xa5, 0xbd, 0x4e, 0x2a, 0xf5, 0xa6, 0x56, 0xa3, 0x8b, 0x38, 0x8e, 0x8b, 0x4e, 0x83, 0x6e,
+	0xb7, 0xfd, 0x8b, 0x1e, 0x51, 0x41, 0x56, 0xd7, 0x29, 0xe6, 0x30, 0x5e, 0x0a, 0x76, 0x4c, 0xaf,
+	0xf1, 0xc8, 0xf4, 0xb8, 0xb7, 0x3c, 0x5e, 0x3b, 0xf5, 0x78, 0x29, 0x78, 0x3d, 0xbe, 0x8c, 0x93,
+	0xf8, 0xc6, 0x4f, 0x34, 0x38, 0x3d, 0x74, 0xfa, 0x4c, 0xfd, 0x24, 0x65, 0x02, 0xb4, 0x4d, 0xcf,
+	0x6c, 0x11, 0x35, 0xb1, 0x3d, 0xc5, 0x4b, 0x4f, 0x30, 0x12, 0xae, 0x07, 0x8c, 0x70, 0x84, 0xa9,
+	0xf1, 0xfd, 0x0c, 0x4c, 0x61, 0x95, 0xba, 0xf2, 0x4a, 0xe1, 0xf9, 0x9f, 0x2d, 0xd7, 0x63, 0x67,
+	0xcb, 0xd1, 0xd5, 0x3e, 0xa6, 0xdb, 0xb0, 0xd3, 0x25, 0xba, 0x0f, 0x39, 0x2a, 0x5e, 0xfb, 0x52,
+	0xdd, 0xc1, 0xc5, 0x79, 0x0a, 0xba, 0xd0, 0x05, 0xf2, 0x3f, 0x56, 0xfc, 0x8c, 0x9e, 0x06, 0xa5,
+	0x18, 0xbe, 0x7a, 0x9a, 0xf0, 0x30, 0xd9, 0x22, 0x1e, 0x71, 0x2c, 0x82, 0x2e, 0x40, 0xde, 0x6c,
+	0xdb, 0x37, 0x3d, 0xb7, 0xd3, 0x56, 0xfe, 0x0c, 0x06, 0xe2, 0xea, 0xfa, 0xaa, 0x80, 0xe3, 0x00,
+	0x83, 0x63, 0xfb, 0x0a, 0xa9, 0xa8, 0x8a, 0xdc, 0xc2, 0x48, 0x38, 0x0e, 0x30, 0x82, 0xbe, 0x95,
+	0x1d, 0xda, 0xb7, 0x6a, 0xa0, 0x77, 0xec, 0x86, 0xba, 0xa0, 0x7a, 0xcd, 0x2f, 0x15, 0x6f, 0xae,
+	0x5e, 0x3f, 0xe8, 0x96, 0xcf, 0x0e, 0x7b, 0x4c, 0x65, 0xfb, 0x6d, 0x42, 0x2b, 0x6f, 0xae, 0x5e,
+	0xc7, 0x9c, 0xd8, 0xf8, 0x8d, 0x06, 0xb3, 0xb1, 0x4d, 0x1e, 0xc1, 0x01, 0xf8, 0x6e, 0xfc, 0x00,
+	0x7c, 0x3e, 0xbd, 0xc7, 0x86, 0x1c, 0x81, 0x77, 0x12, 0x7b, 0x10, 0x67, 0xe0, 0x7a, 0xf2, 0x81,
+	0x71, 0x21, 0xed, 0x05, 0xd3, 0xf0, 0x57, 0x45, 0xe3, 0xf7, 0x19, 0x38, 0x31, 0x20, 0x86, 0xd0,
+	0x03, 0x80, 0xb0, 0xb7, 0x2a, 0x79, 0xa3, 0x7b, 0x64, 0xdf, 0x85, 0xeb, 0xb4, 0x78, 0xf6, 0x0b,
+	0xa1, 0x11, 0x86, 0xc8, 0x83, 0x82, 0x47, 0x28, 0xf1, 0xf6, 0x48, 0xe3, 0x86, 0x28, 0xfc, 0xdc,
+	0x6e, 0xd7, 0xd2, 0xdb, 0xad, 0x2f, 0x72, 0xc3, 0x8e, 0x8c, 0x43, 0xbe, 0x38, 0x2a, 0x04, 0x3d,
+	0x08, 0xed, 0x27, 0xdf, 0xb1, 0x97, 0xd2, 0xec, 0x27, 0xfe, 0x02, 0x3f, 0xc2, 0x92, 0x7f, 0xd5,
+	0xe0, 0x64, 0x4c, 0xc7, 0x0d, 0xd2, 0x6a, 0x37, 0x4d, 0x46, 0x8e, 0xa0, 0x0a, 0xdd, 0x8f, 0x55,
+	0xa1, 0xcb, 0xe9, 0xed, 0xe8, 0xeb, 0x38, 0xf4, 0xae, 0xeb, 0x2f, 0x1a, 0x9c, 0x1e, 0x48, 0x71,
+	0x04, 0x69, 0xf5, 0x56, 0x3c, 0xad, 0x96, 0x0e, 0xbf, 0xad, 0x21, 0xe9, 0xf5, 0xe7, 0x61, 0x9b,
+	0x12, 0x79, 0xf6, 0x3f, 0xd8, 0x34, 0x8c, 0x5f, 0x68, 0x70, 0xcc, 0xc7, 0xe4, 0xa7, 0xab, 0x14,
+	0x87, 0x84, 0x25, 0x00, 0xf5, 0xe1, 0x89, 0x7f, 0xff, 0xab, 0x87, 0x6a, 0xdf, 0x0c, 0x56, 0x70,
+	0x04, 0x0b, 0x7d, 0x09, 0x90, 0xaf, 0x60, 0xbd, 0xe9, 0x5f, 0xa7, 0x88, 0xd2, 0xaf, 0xd7, 0xe6,
+	0x14, 0x2d, 0xc2, 0x7d, 0x18, 0x78, 0x00, 0x95, 0xf1, 0x5b, 0x2d, 0xec, 0xd6, 0x02, 0xfc, 0x82,
+	0x1a, 0x5e, 0xe8, 0x36, 0xd4, 0xf0, 0xd1, 0x76, 0x23, 0x30, 0x5f, 0xd4, 0x76, 0x23, 0x94, 0x1b,
+	0x92, 0x0f, 0x7f, 0xc8, 0x26, 0x36, 0x21, 0xf2, 0x20, 0xed, 0x64, 0x77, 0x2b, 0xf2, 0xb1, 0x51,
+	0x61, 0xe9, 0x95, 0x54, 0xda, 0xf0, 0x18, 0x1d, 0x78, 0x1f, 0x70, 0x21, 0xf2, 0x29, 0x44, 0x62,
+	0xa4, 0x48, 0xf1, 0x39, 0x44, 0xf6, 0x19, 0x7d, 0x0e, 0x71, 0x21, 0xf2, 0x39, 0x84, 0xbc, 0x6a,
+	0x08, 0xc7, 0xa0, 0xfe, 0x4f, 0x22, 0xd6, 0xc2, 0xc6, 0x22, 0x2f, 0x19, 0xce, 0xa5, 0x68, 0xcc,
+	0x23, 0xbe, 0xf4, 0xc1, 0x70, 0xaa, 0x4d, 0x3c, 0x09, 0x0e, 0x95, 0xe4, 0x59, 0x3a, 0x21, 0x74,
+	0x99, 0xeb, 0x75, 0xcb, 0xa7, 0xd6, 0x07, 0x62, 0xe0, 0x21, 0x94, 0x68, 0x1b, 0xa6, 0xe9, 0x8e,
+	0xe9, 0x91, 0x46, 0xf0, 0x75, 0x8b, 0xbc, 0x67, 0x7a, 0x39, 0xe5, 0xcb, 0x7d, 0x78, 0x9b, 0x55,
+	0x8f, 0xb1, 0xc1, 0x09, 0xb6, 0xb5, 0xea, 0xe3, 0x27, 0xa5, 0xb1, 0x0f, 0x9e, 0x94, 0xc6, 0x3e,
+	0x7a, 0x52, 0x1a, 0x7b, 0xbf, 0x57, 0xd2, 0x1e, 0xf7, 0x4a, 0xda, 0x07, 0xbd, 0x92, 0xf6, 0x51,
+	0xaf, 0xa4, 0xfd, 0xb3, 0x57, 0xd2, 0xbe, 0xf3, 0x71, 0x69, 0xec, 0xed, 0x33, 0x23, 0x3e, 0x2a,
+	0xfc, 0x4f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xdc, 0x12, 0xee, 0xf9, 0x72, 0x28, 0x00, 0x00,
 }
 
 func (m *AllocatedDeviceStatus) Marshal() (dAtA []byte, err error) {
@@ -1208,16 +1414,18 @@ func (m *AllocatedDeviceStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 		i--
 		dAtA[i] = 0x32
 	}
-	{
-		size, err := m.Data.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
+	if m.Data != nil {
+		{
+			size, err := m.Data.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
 		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
+		i--
+		dAtA[i] = 0x2a
 	}
-	i--
-	dAtA[i] = 0x2a
 	if len(m.Conditions) > 0 {
 		for iNdEx := len(m.Conditions) - 1; iNdEx >= 0; iNdEx-- {
 			{
@@ -1315,6 +1523,63 @@ func (m *BasicDevice) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if len(m.Taints) > 0 {
+		for iNdEx := len(m.Taints) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Taints[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x3a
+		}
+	}
+	if m.AllNodes != nil {
+		i--
+		if *m.AllNodes {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i--
+		dAtA[i] = 0x30
+	}
+	if m.NodeSelector != nil {
+		{
+			size, err := m.NodeSelector.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x2a
+	}
+	if m.NodeName != nil {
+		i -= len(*m.NodeName)
+		copy(dAtA[i:], *m.NodeName)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.NodeName)))
+		i--
+		dAtA[i] = 0x22
+	}
+	if len(m.ConsumesCounters) > 0 {
+		for iNdEx := len(m.ConsumesCounters) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.ConsumesCounters[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x1a
+		}
+	}
 	if len(m.Capacity) > 0 {
 		keysForCapacity := make([]string, 0, len(m.Capacity))
 		for k := range m.Capacity {
@@ -1404,7 +1669,7 @@ func (m *CELDeviceSelector) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
-func (m *Device) Marshal() (dAtA []byte, err error) {
+func (m *Counter) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -1414,37 +1679,30 @@ func (m *Device) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *Device) MarshalTo(dAtA []byte) (int, error) {
+func (m *Counter) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *Device) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *Counter) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	if m.Basic != nil {
-		{
-			size, err := m.Basic.MarshalToSizedBuffer(dAtA[:i])
-			if err != nil {
-				return 0, err
-			}
-			i -= size
-			i = encodeVarintGenerated(dAtA, i, uint64(size))
+	{
+		size, err := m.Value.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
 		}
-		i--
-		dAtA[i] = 0x12
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
-	i -= len(m.Name)
-	copy(dAtA[i:], m.Name)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *DeviceAllocationConfiguration) Marshal() (dAtA []byte, err error) {
+func (m *CounterSet) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -1454,32 +1712,129 @@ func (m *DeviceAllocationConfiguration) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *DeviceAllocationConfiguration) MarshalTo(dAtA []byte) (int, error) {
+func (m *CounterSet) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *DeviceAllocationConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *CounterSet) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	{
-		size, err := m.DeviceConfiguration.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
-	}
-	i--
-	dAtA[i] = 0x1a
-	if len(m.Requests) > 0 {
-		for iNdEx := len(m.Requests) - 1; iNdEx >= 0; iNdEx-- {
-			i -= len(m.Requests[iNdEx])
-			copy(dAtA[i:], m.Requests[iNdEx])
-			i = encodeVarintGenerated(dAtA, i, uint64(len(m.Requests[iNdEx])))
-			i--
+	if len(m.Counters) > 0 {
+		keysForCounters := make([]string, 0, len(m.Counters))
+		for k := range m.Counters {
+			keysForCounters = append(keysForCounters, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+		for iNdEx := len(keysForCounters) - 1; iNdEx >= 0; iNdEx-- {
+			v := m.Counters[string(keysForCounters[iNdEx])]
+			baseI := i
+			{
+				size, err := (&v).MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+			i -= len(keysForCounters[iNdEx])
+			copy(dAtA[i:], keysForCounters[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(keysForCounters[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+			i = encodeVarintGenerated(dAtA, i, uint64(baseI-i))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *Device) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *Device) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *Device) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.Basic != nil {
+		{
+			size, err := m.Basic.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x12
+	}
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceAllocationConfiguration) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceAllocationConfiguration) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceAllocationConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.DeviceConfiguration.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x1a
+	if len(m.Requests) > 0 {
+		for iNdEx := len(m.Requests) - 1; iNdEx >= 0; iNdEx-- {
+			i -= len(m.Requests[iNdEx])
+			copy(dAtA[i:], m.Requests[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(m.Requests[iNdEx])))
+			i--
 			dAtA[i] = 0x12
 		}
 	}
@@ -1982,6 +2337,63 @@ func (m *DeviceConstraint) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
+func (m *DeviceCounterConsumption) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceCounterConsumption) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceCounterConsumption) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Counters) > 0 {
+		keysForCounters := make([]string, 0, len(m.Counters))
+		for k := range m.Counters {
+			keysForCounters = append(keysForCounters, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+		for iNdEx := len(keysForCounters) - 1; iNdEx >= 0; iNdEx-- {
+			v := m.Counters[string(keysForCounters[iNdEx])]
+			baseI := i
+			{
+				size, err := (&v).MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+			i -= len(keysForCounters[iNdEx])
+			copy(dAtA[i:], keysForCounters[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(keysForCounters[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+			i = encodeVarintGenerated(dAtA, i, uint64(baseI-i))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.CounterSet)
+	copy(dAtA[i:], m.CounterSet)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.CounterSet)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
 func (m *DeviceRequest) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
@@ -2002,6 +2414,34 @@ func (m *DeviceRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if len(m.Tolerations) > 0 {
+		for iNdEx := len(m.Tolerations) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Tolerations[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x42
+		}
+	}
+	if len(m.FirstAvailable) > 0 {
+		for iNdEx := len(m.FirstAvailable) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.FirstAvailable[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x3a
+		}
+	}
 	if m.AdminAccess != nil {
 		i--
 		if *m.AdminAccess {
@@ -2067,6 +2507,20 @@ func (m *DeviceRequestAllocationResult) MarshalToSizedBuffer(dAtA []byte) (int,
 	_ = i
 	var l int
 	_ = l
+	if len(m.Tolerations) > 0 {
+		for iNdEx := len(m.Tolerations) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Tolerations[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x32
+		}
+	}
 	if m.AdminAccess != nil {
 		i--
 		if *m.AdminAccess {
@@ -2135,7 +2589,7 @@ func (m *DeviceSelector) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	return len(dAtA) - i, nil
 }
 
-func (m *NetworkDeviceData) Marshal() (dAtA []byte, err error) {
+func (m *DeviceSubRequest) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2145,39 +2599,66 @@ func (m *NetworkDeviceData) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *NetworkDeviceData) MarshalTo(dAtA []byte) (int, error) {
+func (m *DeviceSubRequest) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *NetworkDeviceData) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *DeviceSubRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	i -= len(m.HardwareAddress)
-	copy(dAtA[i:], m.HardwareAddress)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.HardwareAddress)))
+	if len(m.Tolerations) > 0 {
+		for iNdEx := len(m.Tolerations) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Tolerations[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x3a
+		}
+	}
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Count))
 	i--
-	dAtA[i] = 0x1a
-	if len(m.IPs) > 0 {
-		for iNdEx := len(m.IPs) - 1; iNdEx >= 0; iNdEx-- {
-			i -= len(m.IPs[iNdEx])
-			copy(dAtA[i:], m.IPs[iNdEx])
-			i = encodeVarintGenerated(dAtA, i, uint64(len(m.IPs[iNdEx])))
+	dAtA[i] = 0x28
+	i -= len(m.AllocationMode)
+	copy(dAtA[i:], m.AllocationMode)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.AllocationMode)))
+	i--
+	dAtA[i] = 0x22
+	if len(m.Selectors) > 0 {
+		for iNdEx := len(m.Selectors) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Selectors[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
 			i--
-			dAtA[i] = 0x12
+			dAtA[i] = 0x1a
 		}
 	}
-	i -= len(m.InterfaceName)
-	copy(dAtA[i:], m.InterfaceName)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.InterfaceName)))
+	i -= len(m.DeviceClassName)
+	copy(dAtA[i:], m.DeviceClassName)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.DeviceClassName)))
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *OpaqueDeviceConfiguration) Marshal() (dAtA []byte, err error) {
+func (m *DeviceTaint) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2187,35 +2668,47 @@ func (m *OpaqueDeviceConfiguration) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *OpaqueDeviceConfiguration) MarshalTo(dAtA []byte) (int, error) {
+func (m *DeviceTaint) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *OpaqueDeviceConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *DeviceTaint) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	{
-		size, err := m.Parameters.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
+	if m.TimeAdded != nil {
+		{
+			size, err := m.TimeAdded.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
 		}
-		i -= size
-		i = encodeVarintGenerated(dAtA, i, uint64(size))
+		i--
+		dAtA[i] = 0x22
 	}
+	i -= len(m.Effect)
+	copy(dAtA[i:], m.Effect)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Effect)))
+	i--
+	dAtA[i] = 0x1a
+	i -= len(m.Value)
+	copy(dAtA[i:], m.Value)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Value)))
 	i--
 	dAtA[i] = 0x12
-	i -= len(m.Driver)
-	copy(dAtA[i:], m.Driver)
-	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	i -= len(m.Key)
+	copy(dAtA[i:], m.Key)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Key)))
 	i--
 	dAtA[i] = 0xa
 	return len(dAtA) - i, nil
 }
 
-func (m *ResourceClaim) Marshal() (dAtA []byte, err error) {
+func (m *DeviceToleration) Marshal() (dAtA []byte, err error) {
 	size := m.Size()
 	dAtA = make([]byte, size)
 	n, err := m.MarshalToSizedBuffer(dAtA[:size])
@@ -2225,22 +2718,150 @@ func (m *ResourceClaim) Marshal() (dAtA []byte, err error) {
 	return dAtA[:n], nil
 }
 
-func (m *ResourceClaim) MarshalTo(dAtA []byte) (int, error) {
+func (m *DeviceToleration) MarshalTo(dAtA []byte) (int, error) {
 	size := m.Size()
 	return m.MarshalToSizedBuffer(dAtA[:size])
 }
 
-func (m *ResourceClaim) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+func (m *DeviceToleration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	i := len(dAtA)
 	_ = i
 	var l int
 	_ = l
-	{
-		size, err := m.Status.MarshalToSizedBuffer(dAtA[:i])
-		if err != nil {
-			return 0, err
-		}
-		i -= size
+	if m.TolerationSeconds != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.TolerationSeconds))
+		i--
+		dAtA[i] = 0x28
+	}
+	i -= len(m.Effect)
+	copy(dAtA[i:], m.Effect)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Effect)))
+	i--
+	dAtA[i] = 0x22
+	i -= len(m.Value)
+	copy(dAtA[i:], m.Value)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Value)))
+	i--
+	dAtA[i] = 0x1a
+	i -= len(m.Operator)
+	copy(dAtA[i:], m.Operator)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Operator)))
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Key)
+	copy(dAtA[i:], m.Key)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Key)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *NetworkDeviceData) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *NetworkDeviceData) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *NetworkDeviceData) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	i -= len(m.HardwareAddress)
+	copy(dAtA[i:], m.HardwareAddress)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.HardwareAddress)))
+	i--
+	dAtA[i] = 0x1a
+	if len(m.IPs) > 0 {
+		for iNdEx := len(m.IPs) - 1; iNdEx >= 0; iNdEx-- {
+			i -= len(m.IPs[iNdEx])
+			copy(dAtA[i:], m.IPs[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(m.IPs[iNdEx])))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.InterfaceName)
+	copy(dAtA[i:], m.InterfaceName)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.InterfaceName)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *OpaqueDeviceConfiguration) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *OpaqueDeviceConfiguration) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *OpaqueDeviceConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Parameters.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Driver)
+	copy(dAtA[i:], m.Driver)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaim) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaim) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaim) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Status.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
 		i = encodeVarintGenerated(dAtA, i, uint64(size))
 	}
 	i--
@@ -2731,6 +3352,30 @@ func (m *ResourceSliceSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if len(m.SharedCounters) > 0 {
+		for iNdEx := len(m.SharedCounters) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.SharedCounters[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x42
+		}
+	}
+	if m.PerDeviceNodeSelection != nil {
+		i--
+		if *m.PerDeviceNodeSelection {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i--
+		dAtA[i] = 0x38
+	}
 	if len(m.Devices) > 0 {
 		for iNdEx := len(m.Devices) - 1; iNdEx >= 0; iNdEx-- {
 			{
@@ -2817,8 +3462,10 @@ func (m *AllocatedDeviceStatus) Size() (n int) {
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
-	l = m.Data.Size()
-	n += 1 + l + sovGenerated(uint64(l))
+	if m.Data != nil {
+		l = m.Data.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	if m.NetworkData != nil {
 		l = m.NetworkData.Size()
 		n += 1 + l + sovGenerated(uint64(l))
@@ -2865,6 +3512,29 @@ func (m *BasicDevice) Size() (n int) {
 			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
 		}
 	}
+	if len(m.ConsumesCounters) > 0 {
+		for _, e := range m.ConsumesCounters {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if m.NodeName != nil {
+		l = len(*m.NodeName)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.NodeSelector != nil {
+		l = m.NodeSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.AllNodes != nil {
+		n += 2
+	}
+	if len(m.Taints) > 0 {
+		for _, e := range m.Taints {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -2879,6 +3549,37 @@ func (m *CELDeviceSelector) Size() (n int) {
 	return n
 }
 
+func (m *Counter) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.Value.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *CounterSet) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Counters) > 0 {
+		for k, v := range m.Counters {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	return n
+}
+
 func (m *Device) Size() (n int) {
 	if m == nil {
 		return 0
@@ -3106,6 +3807,26 @@ func (m *DeviceConstraint) Size() (n int) {
 	return n
 }
 
+func (m *DeviceCounterConsumption) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.CounterSet)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Counters) > 0 {
+		for k, v := range m.Counters {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	return n
+}
+
 func (m *DeviceRequest) Size() (n int) {
 	if m == nil {
 		return 0
@@ -3128,6 +3849,18 @@ func (m *DeviceRequest) Size() (n int) {
 	if m.AdminAccess != nil {
 		n += 2
 	}
+	if len(m.FirstAvailable) > 0 {
+		for _, e := range m.FirstAvailable {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Tolerations) > 0 {
+		for _, e := range m.Tolerations {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -3148,6 +3881,12 @@ func (m *DeviceRequestAllocationResult) Size() (n int) {
 	if m.AdminAccess != nil {
 		n += 2
 	}
+	if len(m.Tolerations) > 0 {
+		for _, e := range m.Tolerations {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -3164,77 +3903,144 @@ func (m *DeviceSelector) Size() (n int) {
 	return n
 }
 
-func (m *NetworkDeviceData) Size() (n int) {
+func (m *DeviceSubRequest) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = len(m.InterfaceName)
+	l = len(m.Name)
 	n += 1 + l + sovGenerated(uint64(l))
-	if len(m.IPs) > 0 {
-		for _, s := range m.IPs {
-			l = len(s)
+	l = len(m.DeviceClassName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Selectors) > 0 {
+		for _, e := range m.Selectors {
+			l = e.Size()
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
-	l = len(m.HardwareAddress)
+	l = len(m.AllocationMode)
 	n += 1 + l + sovGenerated(uint64(l))
-	return n
-}
-
-func (m *OpaqueDeviceConfiguration) Size() (n int) {
-	if m == nil {
-		return 0
+	n += 1 + sovGenerated(uint64(m.Count))
+	if len(m.Tolerations) > 0 {
+		for _, e := range m.Tolerations {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
 	}
-	var l int
-	_ = l
-	l = len(m.Driver)
-	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Parameters.Size()
-	n += 1 + l + sovGenerated(uint64(l))
 	return n
 }
 
-func (m *ResourceClaim) Size() (n int) {
+func (m *DeviceTaint) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = m.ObjectMeta.Size()
+	l = len(m.Key)
 	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Spec.Size()
+	l = len(m.Value)
 	n += 1 + l + sovGenerated(uint64(l))
-	l = m.Status.Size()
+	l = len(m.Effect)
 	n += 1 + l + sovGenerated(uint64(l))
+	if m.TimeAdded != nil {
+		l = m.TimeAdded.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
 	return n
 }
 
-func (m *ResourceClaimConsumerReference) Size() (n int) {
+func (m *DeviceToleration) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = len(m.APIGroup)
+	l = len(m.Key)
 	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.Resource)
+	l = len(m.Operator)
 	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.Name)
+	l = len(m.Value)
 	n += 1 + l + sovGenerated(uint64(l))
-	l = len(m.UID)
+	l = len(m.Effect)
 	n += 1 + l + sovGenerated(uint64(l))
+	if m.TolerationSeconds != nil {
+		n += 1 + sovGenerated(uint64(*m.TolerationSeconds))
+	}
 	return n
 }
 
-func (m *ResourceClaimList) Size() (n int) {
+func (m *NetworkDeviceData) Size() (n int) {
 	if m == nil {
 		return 0
 	}
 	var l int
 	_ = l
-	l = m.ListMeta.Size()
+	l = len(m.InterfaceName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.IPs) > 0 {
+		for _, s := range m.IPs {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	l = len(m.HardwareAddress)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *OpaqueDeviceConfiguration) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Driver)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Parameters.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaim) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Status.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaimConsumerReference) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.APIGroup)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Resource)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.UID)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaimList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
 	n += 1 + l + sovGenerated(uint64(l))
 	if len(m.Items) > 0 {
 		for _, e := range m.Items {
@@ -3390,6 +4196,15 @@ func (m *ResourceSliceSpec) Size() (n int) {
 			n += 1 + l + sovGenerated(uint64(l))
 		}
 	}
+	if m.PerDeviceNodeSelection != nil {
+		n += 2
+	}
+	if len(m.SharedCounters) > 0 {
+		for _, e := range m.SharedCounters {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
 	return n
 }
 
@@ -3413,7 +4228,7 @@ func (this *AllocatedDeviceStatus) String() string {
 		`Pool:` + fmt.Sprintf("%v", this.Pool) + `,`,
 		`Device:` + fmt.Sprintf("%v", this.Device) + `,`,
 		`Conditions:` + repeatedStringForConditions + `,`,
-		`Data:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Data), "RawExtension", "runtime.RawExtension", 1), `&`, ``, 1) + `,`,
+		`Data:` + strings.Replace(fmt.Sprintf("%v", this.Data), "RawExtension", "runtime.RawExtension", 1) + `,`,
 		`NetworkData:` + strings.Replace(this.NetworkData.String(), "NetworkDeviceData", "NetworkDeviceData", 1) + `,`,
 		`}`,
 	}, "")
@@ -3434,6 +4249,16 @@ func (this *BasicDevice) String() string {
 	if this == nil {
 		return "nil"
 	}
+	repeatedStringForConsumesCounters := "[]DeviceCounterConsumption{"
+	for _, f := range this.ConsumesCounters {
+		repeatedStringForConsumesCounters += strings.Replace(strings.Replace(f.String(), "DeviceCounterConsumption", "DeviceCounterConsumption", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForConsumesCounters += "}"
+	repeatedStringForTaints := "[]DeviceTaint{"
+	for _, f := range this.Taints {
+		repeatedStringForTaints += fmt.Sprintf("%v", f) + ","
+	}
+	repeatedStringForTaints += "}"
 	keysForAttributes := make([]string, 0, len(this.Attributes))
 	for k := range this.Attributes {
 		keysForAttributes = append(keysForAttributes, string(k))
@@ -3457,6 +4282,11 @@ func (this *BasicDevice) String() string {
 	s := strings.Join([]string{`&BasicDevice{`,
 		`Attributes:` + mapStringForAttributes + `,`,
 		`Capacity:` + mapStringForCapacity + `,`,
+		`ConsumesCounters:` + repeatedStringForConsumesCounters + `,`,
+		`NodeName:` + valueToStringGenerated(this.NodeName) + `,`,
+		`NodeSelector:` + strings.Replace(fmt.Sprintf("%v", this.NodeSelector), "NodeSelector", "v11.NodeSelector", 1) + `,`,
+		`AllNodes:` + valueToStringGenerated(this.AllNodes) + `,`,
+		`Taints:` + repeatedStringForTaints + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3471,6 +4301,37 @@ func (this *CELDeviceSelector) String() string {
 	}, "")
 	return s
 }
+func (this *Counter) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&Counter{`,
+		`Value:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Value), "Quantity", "resource.Quantity", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *CounterSet) String() string {
+	if this == nil {
+		return "nil"
+	}
+	keysForCounters := make([]string, 0, len(this.Counters))
+	for k := range this.Counters {
+		keysForCounters = append(keysForCounters, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+	mapStringForCounters := "map[string]Counter{"
+	for _, k := range keysForCounters {
+		mapStringForCounters += fmt.Sprintf("%v: %v,", k, this.Counters[k])
+	}
+	mapStringForCounters += "}"
+	s := strings.Join([]string{`&CounterSet{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`Counters:` + mapStringForCounters + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *Device) String() string {
 	if this == nil {
 		return "nil"
@@ -3655,6 +4516,27 @@ func (this *DeviceConstraint) String() string {
 	}, "")
 	return s
 }
+func (this *DeviceCounterConsumption) String() string {
+	if this == nil {
+		return "nil"
+	}
+	keysForCounters := make([]string, 0, len(this.Counters))
+	for k := range this.Counters {
+		keysForCounters = append(keysForCounters, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+	mapStringForCounters := "map[string]Counter{"
+	for _, k := range keysForCounters {
+		mapStringForCounters += fmt.Sprintf("%v: %v,", k, this.Counters[k])
+	}
+	mapStringForCounters += "}"
+	s := strings.Join([]string{`&DeviceCounterConsumption{`,
+		`CounterSet:` + fmt.Sprintf("%v", this.CounterSet) + `,`,
+		`Counters:` + mapStringForCounters + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *DeviceRequest) String() string {
 	if this == nil {
 		return "nil"
@@ -3664,6 +4546,16 @@ func (this *DeviceRequest) String() string {
 		repeatedStringForSelectors += strings.Replace(strings.Replace(f.String(), "DeviceSelector", "DeviceSelector", 1), `&`, ``, 1) + ","
 	}
 	repeatedStringForSelectors += "}"
+	repeatedStringForFirstAvailable := "[]DeviceSubRequest{"
+	for _, f := range this.FirstAvailable {
+		repeatedStringForFirstAvailable += strings.Replace(strings.Replace(f.String(), "DeviceSubRequest", "DeviceSubRequest", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForFirstAvailable += "}"
+	repeatedStringForTolerations := "[]DeviceToleration{"
+	for _, f := range this.Tolerations {
+		repeatedStringForTolerations += strings.Replace(strings.Replace(f.String(), "DeviceToleration", "DeviceToleration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForTolerations += "}"
 	s := strings.Join([]string{`&DeviceRequest{`,
 		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
 		`DeviceClassName:` + fmt.Sprintf("%v", this.DeviceClassName) + `,`,
@@ -3671,6 +4563,8 @@ func (this *DeviceRequest) String() string {
 		`AllocationMode:` + fmt.Sprintf("%v", this.AllocationMode) + `,`,
 		`Count:` + fmt.Sprintf("%v", this.Count) + `,`,
 		`AdminAccess:` + valueToStringGenerated(this.AdminAccess) + `,`,
+		`FirstAvailable:` + repeatedStringForFirstAvailable + `,`,
+		`Tolerations:` + repeatedStringForTolerations + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3679,12 +4573,18 @@ func (this *DeviceRequestAllocationResult) String() string {
 	if this == nil {
 		return "nil"
 	}
+	repeatedStringForTolerations := "[]DeviceToleration{"
+	for _, f := range this.Tolerations {
+		repeatedStringForTolerations += strings.Replace(strings.Replace(f.String(), "DeviceToleration", "DeviceToleration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForTolerations += "}"
 	s := strings.Join([]string{`&DeviceRequestAllocationResult{`,
 		`Request:` + fmt.Sprintf("%v", this.Request) + `,`,
 		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
 		`Pool:` + fmt.Sprintf("%v", this.Pool) + `,`,
 		`Device:` + fmt.Sprintf("%v", this.Device) + `,`,
 		`AdminAccess:` + valueToStringGenerated(this.AdminAccess) + `,`,
+		`Tolerations:` + repeatedStringForTolerations + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3699,6 +4599,45 @@ func (this *DeviceSelector) String() string {
 	}, "")
 	return s
 }
+func (this *DeviceSubRequest) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForSelectors := "[]DeviceSelector{"
+	for _, f := range this.Selectors {
+		repeatedStringForSelectors += strings.Replace(strings.Replace(f.String(), "DeviceSelector", "DeviceSelector", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForSelectors += "}"
+	repeatedStringForTolerations := "[]DeviceToleration{"
+	for _, f := range this.Tolerations {
+		repeatedStringForTolerations += strings.Replace(strings.Replace(f.String(), "DeviceToleration", "DeviceToleration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForTolerations += "}"
+	s := strings.Join([]string{`&DeviceSubRequest{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`DeviceClassName:` + fmt.Sprintf("%v", this.DeviceClassName) + `,`,
+		`Selectors:` + repeatedStringForSelectors + `,`,
+		`AllocationMode:` + fmt.Sprintf("%v", this.AllocationMode) + `,`,
+		`Count:` + fmt.Sprintf("%v", this.Count) + `,`,
+		`Tolerations:` + repeatedStringForTolerations + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceToleration) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceToleration{`,
+		`Key:` + fmt.Sprintf("%v", this.Key) + `,`,
+		`Operator:` + fmt.Sprintf("%v", this.Operator) + `,`,
+		`Value:` + fmt.Sprintf("%v", this.Value) + `,`,
+		`Effect:` + fmt.Sprintf("%v", this.Effect) + `,`,
+		`TolerationSeconds:` + valueToStringGenerated(this.TolerationSeconds) + `,`,
+		`}`,
+	}, "")
+	return s
+}
 func (this *NetworkDeviceData) String() string {
 	if this == nil {
 		return "nil"
@@ -3881,6 +4820,11 @@ func (this *ResourceSliceSpec) String() string {
 		repeatedStringForDevices += strings.Replace(strings.Replace(f.String(), "Device", "Device", 1), `&`, ``, 1) + ","
 	}
 	repeatedStringForDevices += "}"
+	repeatedStringForSharedCounters := "[]CounterSet{"
+	for _, f := range this.SharedCounters {
+		repeatedStringForSharedCounters += strings.Replace(strings.Replace(f.String(), "CounterSet", "CounterSet", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForSharedCounters += "}"
 	s := strings.Join([]string{`&ResourceSliceSpec{`,
 		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
 		`Pool:` + strings.Replace(strings.Replace(this.Pool.String(), "ResourcePool", "ResourcePool", 1), `&`, ``, 1) + `,`,
@@ -3888,6 +4832,8 @@ func (this *ResourceSliceSpec) String() string {
 		`NodeSelector:` + strings.Replace(fmt.Sprintf("%v", this.NodeSelector), "NodeSelector", "v11.NodeSelector", 1) + `,`,
 		`AllNodes:` + fmt.Sprintf("%v", this.AllNodes) + `,`,
 		`Devices:` + repeatedStringForDevices + `,`,
+		`PerDeviceNodeSelection:` + valueToStringGenerated(this.PerDeviceNodeSelection) + `,`,
+		`SharedCounters:` + repeatedStringForSharedCounters + `,`,
 		`}`,
 	}, "")
 	return s
@@ -4088,6 +5034,9 @@ func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
+			if m.Data == nil {
+				m.Data = &runtime.RawExtension{}
+			}
 			if err := m.Data.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
@@ -4555,61 +5504,11 @@ func (m *BasicDevice) Unmarshal(dAtA []byte) error {
 			}
 			m.Capacity[QualifiedName(mapkey)] = *mapvalue
 			iNdEx = postIndex
-		default:
-			iNdEx = preIndex
-			skippy, err := skipGenerated(dAtA[iNdEx:])
-			if err != nil {
-				return err
-			}
-			if (skippy < 0) || (iNdEx+skippy) < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if (iNdEx + skippy) > l {
-				return io.ErrUnexpectedEOF
-			}
-			iNdEx += skippy
-		}
-	}
-
-	if iNdEx > l {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-func (m *CELDeviceSelector) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
-	for iNdEx < l {
-		preIndex := iNdEx
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return ErrIntOverflowGenerated
-			}
-			if iNdEx >= l {
-				return io.ErrUnexpectedEOF
-			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= uint64(b&0x7F) << shift
-			if b < 0x80 {
-				break
-			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: CELDeviceSelector: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: CELDeviceSelector: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
+		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Expression", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ConsumesCounters", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -4619,77 +5518,29 @@ func (m *CELDeviceSelector) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Expression = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		default:
-			iNdEx = preIndex
-			skippy, err := skipGenerated(dAtA[iNdEx:])
-			if err != nil {
+			m.ConsumesCounters = append(m.ConsumesCounters, DeviceCounterConsumption{})
+			if err := m.ConsumesCounters[len(m.ConsumesCounters)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
-			if (skippy < 0) || (iNdEx+skippy) < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if (iNdEx + skippy) > l {
-				return io.ErrUnexpectedEOF
-			}
-			iNdEx += skippy
-		}
-	}
-
-	if iNdEx > l {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-func (m *Device) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
-	for iNdEx < l {
-		preIndex := iNdEx
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return ErrIntOverflowGenerated
-			}
-			if iNdEx >= l {
-				return io.ErrUnexpectedEOF
-			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= uint64(b&0x7F) << shift
-			if b < 0x80 {
-				break
-			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: Device: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: Device: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
+			iNdEx = postIndex
+		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeName", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -4717,11 +5568,12 @@ func (m *Device) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Name = string(dAtA[iNdEx:postIndex])
+			s := string(dAtA[iNdEx:postIndex])
+			m.NodeName = &s
 			iNdEx = postIndex
-		case 2:
+		case 5:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Basic", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeSelector", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4748,10 +5600,65 @@ func (m *Device) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.Basic == nil {
-				m.Basic = &BasicDevice{}
-			}
-			if err := m.Basic.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.NodeSelector == nil {
+				m.NodeSelector = &v11.NodeSelector{}
+			}
+			if err := m.NodeSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 6:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllNodes", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AllNodes = &b
+		case 7:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Taints", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Taints = append(m.Taints, DeviceTaint{})
+			if err := m.Taints[len(m.Taints)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -4776,7 +5683,7 @@ func (m *Device) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
+func (m *CELDeviceSelector) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4799,15 +5706,15 @@ func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceAllocationConfiguration: wiretype end group for non-group")
+			return fmt.Errorf("proto: CELDeviceSelector: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceAllocationConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: CELDeviceSelector: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Source", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Expression", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -4835,43 +5742,61 @@ func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Source = AllocationConfigSource(dAtA[iNdEx:postIndex])
+			m.Expression = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
-		case 2:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
 			}
-			if postIndex > l {
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *Counter) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
-			iNdEx = postIndex
-		case 3:
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: Counter: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: Counter: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -4898,7 +5823,7 @@ func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Value.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -4923,7 +5848,7 @@ func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
+func (m *CounterSet) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -4946,17 +5871,17 @@ func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceAllocationResult: wiretype end group for non-group")
+			return fmt.Errorf("proto: CounterSet: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceAllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: CounterSet: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Results", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -4966,29 +5891,27 @@ func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Results = append(m.Results, DeviceRequestAllocationResult{})
-			if err := m.Results[len(m.Results)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Name = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Counters", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5015,10 +5938,105 @@ func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Config = append(m.Config, DeviceAllocationConfiguration{})
-			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
+			if m.Counters == nil {
+				m.Counters = make(map[string]Counter)
+			}
+			var mapkey string
+			mapvalue := &Counter{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = string(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapmsglen int
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapmsglen |= int(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					if mapmsglen < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postmsgIndex := iNdEx + mapmsglen
+					if postmsgIndex < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postmsgIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = &Counter{}
+					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+						return err
+					}
+					iNdEx = postmsgIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipGenerated(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
 			}
+			m.Counters[mapkey] = *mapvalue
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -5041,7 +6059,7 @@ func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
+func (m *Device) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5064,89 +6082,15 @@ func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceAttribute: wiretype end group for non-group")
+			return fmt.Errorf("proto: Device: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceAttribute: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: Device: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
-		case 2:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field IntValue", wireType)
-			}
-			var v int64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				v |= int64(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			m.IntValue = &v
-		case 3:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field BoolValue", wireType)
-			}
-			var v int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				v |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			b := bool(v != 0)
-			m.BoolValue = &b
-		case 4:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field StringValue", wireType)
-			}
-			var stringLen uint64
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + intStringLen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			s := string(dAtA[iNdEx:postIndex])
-			m.StringValue = &s
-			iNdEx = postIndex
-		case 5:
+		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field VersionValue", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -5174,62 +6118,11 @@ func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			s := string(dAtA[iNdEx:postIndex])
-			m.VersionValue = &s
+			m.Name = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
-		default:
-			iNdEx = preIndex
-			skippy, err := skipGenerated(dAtA[iNdEx:])
-			if err != nil {
-				return err
-			}
-			if (skippy < 0) || (iNdEx+skippy) < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if (iNdEx + skippy) > l {
-				return io.ErrUnexpectedEOF
-			}
-			iNdEx += skippy
-		}
-	}
-
-	if iNdEx > l {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-func (m *DeviceCapacity) Unmarshal(dAtA []byte) error {
-	l := len(dAtA)
-	iNdEx := 0
-	for iNdEx < l {
-		preIndex := iNdEx
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return ErrIntOverflowGenerated
-			}
-			if iNdEx >= l {
-				return io.ErrUnexpectedEOF
-			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= uint64(b&0x7F) << shift
-			if b < 0x80 {
-				break
-			}
-		}
-		fieldNum := int32(wire >> 3)
-		wireType := int(wire & 0x7)
-		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceCapacity: wiretype end group for non-group")
-		}
-		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceCapacity: illegal tag %d (wire type %d)", fieldNum, wire)
-		}
-		switch fieldNum {
-		case 1:
+		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Basic", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5256,7 +6149,10 @@ func (m *DeviceCapacity) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Value.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if m.Basic == nil {
+				m.Basic = &BasicDevice{}
+			}
+			if err := m.Basic.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5281,7 +6177,7 @@ func (m *DeviceCapacity) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
+func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5304,17 +6200,17 @@ func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClaim: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceAllocationConfiguration: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClaim: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceAllocationConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Source", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5324,31 +6220,29 @@ func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Requests = append(m.Requests, DeviceRequest{})
-			if err := m.Requests[len(m.Requests)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Source = AllocationConfigSource(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Constraints", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5358,29 +6252,27 @@ func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Constraints = append(m.Constraints, DeviceConstraint{})
-			if err := m.Constraints[len(m.Constraints)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
 			iNdEx = postIndex
 		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5407,8 +6299,7 @@ func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Config = append(m.Config, DeviceClaimConfiguration{})
-			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5433,7 +6324,7 @@ func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
+func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5456,17 +6347,17 @@ func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClaimConfiguration: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceAllocationResult: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClaimConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceAllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Results", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5476,27 +6367,29 @@ func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			m.Results = append(m.Results, DeviceRequestAllocationResult{})
+			if err := m.Results[len(m.Results)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5523,7 +6416,8 @@ func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Config = append(m.Config, DeviceAllocationConfiguration{})
+			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5548,7 +6442,7 @@ func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceClass) Unmarshal(dAtA []byte) error {
+func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5571,17 +6465,17 @@ func (m *DeviceClass) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClass: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceAttribute: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClass: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceAttribute: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
-		case 1:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+		case 2:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field IntValue", wireType)
 			}
-			var msglen int
+			var v int64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5591,30 +6485,17 @@ func (m *DeviceClass) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				v |= int64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
-			if postIndex < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			if postIndex > l {
-				return io.ErrUnexpectedEOF
-			}
-			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
-			iNdEx = postIndex
-		case 2:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			m.IntValue = &v
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field BoolValue", wireType)
 			}
-			var msglen int
+			var v int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5624,24 +6505,78 @@ func (m *DeviceClass) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				v |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
-				return ErrInvalidLengthGenerated
-			}
-			postIndex := iNdEx + msglen
+			b := bool(v != 0)
+			m.BoolValue = &b
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field StringValue", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
+			s := string(dAtA[iNdEx:postIndex])
+			m.StringValue = &s
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field VersionValue", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
 			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.VersionValue = &s
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -5664,7 +6599,7 @@ func (m *DeviceClass) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceClassConfiguration) Unmarshal(dAtA []byte) error {
+func (m *DeviceCapacity) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5687,15 +6622,15 @@ func (m *DeviceClassConfiguration) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClassConfiguration: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceCapacity: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClassConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceCapacity: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5722,7 +6657,7 @@ func (m *DeviceClassConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.Value.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5747,7 +6682,7 @@ func (m *DeviceClassConfiguration) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
+func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5770,15 +6705,15 @@ func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClassList: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceClaim: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClassList: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceClaim: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5805,13 +6740,14 @@ func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Requests = append(m.Requests, DeviceRequest{})
+			if err := m.Requests[len(m.Requests)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Constraints", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5838,8 +6774,42 @@ func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Items = append(m.Items, DeviceClass{})
-			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			m.Constraints = append(m.Constraints, DeviceConstraint{})
+			if err := m.Constraints[len(m.Constraints)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Config = append(m.Config, DeviceClaimConfiguration{})
+			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5864,7 +6834,7 @@ func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
+func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -5887,17 +6857,17 @@ func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceClassSpec: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceClaimConfiguration: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceClassSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceClaimConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -5907,29 +6877,27 @@ func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Selectors = append(m.Selectors, DeviceSelector{})
-			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
-			}
+			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -5956,8 +6924,7 @@ func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Config = append(m.Config, DeviceClassConfiguration{})
-			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -5982,7 +6949,7 @@ func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
+func (m *DeviceClass) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -6005,15 +6972,15 @@ func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceConfiguration: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceClass: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceClass: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Opaque", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
 			}
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
@@ -6040,10 +7007,40 @@ func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.Opaque == nil {
-				m.Opaque = &OpaqueDeviceConfiguration{}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-			if err := m.Opaque.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
 				return err
 			}
 			iNdEx = postIndex
@@ -6068,7 +7065,7 @@ func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
+func (m *DeviceClassConfiguration) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -6091,17 +7088,17 @@ func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceConstraint: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceClassConfiguration: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceConstraint: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceClassConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -6111,29 +7108,1248 @@ func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
-		case 2:
-			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field MatchAttribute", wireType)
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
 			}
-			var stringLen uint64
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClassList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClassList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, DeviceClass{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClassSpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClassSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Selectors = append(m.Selectors, DeviceSelector{})
+			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Config = append(m.Config, DeviceClassConfiguration{})
+			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceConfiguration: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Opaque", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Opaque == nil {
+				m.Opaque = &OpaqueDeviceConfiguration{}
+			}
+			if err := m.Opaque.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceConstraint: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceConstraint: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MatchAttribute", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := FullyQualifiedName(dAtA[iNdEx:postIndex])
+			m.MatchAttribute = &s
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceCounterConsumption) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceCounterConsumption: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceCounterConsumption: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field CounterSet", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.CounterSet = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Counters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Counters == nil {
+				m.Counters = make(map[string]Counter)
+			}
+			var mapkey string
+			mapvalue := &Counter{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = string(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapmsglen int
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapmsglen |= int(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					if mapmsglen < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postmsgIndex := iNdEx + mapmsglen
+					if postmsgIndex < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postmsgIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = &Counter{}
+					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+						return err
+					}
+					iNdEx = postmsgIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipGenerated(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
+			}
+			m.Counters[mapkey] = *mapvalue
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceClassName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.DeviceClassName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Selectors = append(m.Selectors, DeviceSelector{})
+			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllocationMode", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.AllocationMode = DeviceAllocationMode(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Count", wireType)
+			}
+			m.Count = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Count |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 6:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AdminAccess", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AdminAccess = &b
+		case 7:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field FirstAvailable", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.FirstAvailable = append(m.FirstAvailable, DeviceSubRequest{})
+			if err := m.FirstAvailable[len(m.FirstAvailable)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Tolerations", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Tolerations = append(m.Tolerations, DeviceToleration{})
+			if err := m.Tolerations[len(m.Tolerations)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceRequestAllocationResult: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceRequestAllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Request", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Request = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Driver = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Pool", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Pool = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Device", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Device = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AdminAccess", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AdminAccess = &b
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Tolerations", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Tolerations = append(m.Tolerations, DeviceToleration{})
+			if err := m.Tolerations[len(m.Tolerations)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceSelector) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceSelector: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceSelector: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field CEL", wireType)
+			}
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -6143,24 +8359,27 @@ func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			s := FullyQualifiedName(dAtA[iNdEx:postIndex])
-			m.MatchAttribute = &s
+			if m.CEL == nil {
+				m.CEL = &CELDeviceSelector{}
+			}
+			if err := m.CEL.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
@@ -6183,7 +8402,7 @@ func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
+func (m *DeviceSubRequest) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -6206,10 +8425,10 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceRequest: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceSubRequest: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceSubRequest: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
@@ -6361,11 +8580,11 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 					break
 				}
 			}
-		case 6:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field AdminAccess", wireType)
+		case 7:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Tolerations", wireType)
 			}
-			var v int
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -6375,13 +8594,26 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				v |= int(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			b := bool(v != 0)
-			m.AdminAccess = &b
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Tolerations = append(m.Tolerations, DeviceToleration{})
+			if err := m.Tolerations[len(m.Tolerations)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -6403,7 +8635,7 @@ func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
+func (m *DeviceTaint) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -6426,15 +8658,15 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceRequestAllocationResult: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceTaint: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceRequestAllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceTaint: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Request", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Key", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6462,11 +8694,11 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Request = string(dAtA[iNdEx:postIndex])
+			m.Key = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 2:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6494,11 +8726,11 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Driver = string(dAtA[iNdEx:postIndex])
+			m.Value = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 3:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Pool", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Effect", wireType)
 			}
 			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
@@ -6526,13 +8758,13 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Pool = string(dAtA[iNdEx:postIndex])
+			m.Effect = DeviceTaintEffect(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
 		case 4:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field Device", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field TimeAdded", wireType)
 			}
-			var stringLen uint64
+			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -6542,45 +8774,28 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				stringLen |= uint64(b&0x7F) << shift
+				msglen |= int(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			intStringLen := int(stringLen)
-			if intStringLen < 0 {
+			if msglen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + intStringLen
+			postIndex := iNdEx + msglen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			m.Device = string(dAtA[iNdEx:postIndex])
-			iNdEx = postIndex
-		case 5:
-			if wireType != 0 {
-				return fmt.Errorf("proto: wrong wireType = %d for field AdminAccess", wireType)
+			if m.TimeAdded == nil {
+				m.TimeAdded = &v1.Time{}
 			}
-			var v int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return ErrIntOverflowGenerated
-				}
-				if iNdEx >= l {
-					return io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				v |= int(b&0x7F) << shift
-				if b < 0x80 {
-					break
-				}
+			if err := m.TimeAdded.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
 			}
-			b := bool(v != 0)
-			m.AdminAccess = &b
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -6602,7 +8817,7 @@ func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
 	}
 	return nil
 }
-func (m *DeviceSelector) Unmarshal(dAtA []byte) error {
+func (m *DeviceToleration) Unmarshal(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
 	for iNdEx < l {
@@ -6625,17 +8840,17 @@ func (m *DeviceSelector) Unmarshal(dAtA []byte) error {
 		fieldNum := int32(wire >> 3)
 		wireType := int(wire & 0x7)
 		if wireType == 4 {
-			return fmt.Errorf("proto: DeviceSelector: wiretype end group for non-group")
+			return fmt.Errorf("proto: DeviceToleration: wiretype end group for non-group")
 		}
 		if fieldNum <= 0 {
-			return fmt.Errorf("proto: DeviceSelector: illegal tag %d (wire type %d)", fieldNum, wire)
+			return fmt.Errorf("proto: DeviceToleration: illegal tag %d (wire type %d)", fieldNum, wire)
 		}
 		switch fieldNum {
 		case 1:
 			if wireType != 2 {
-				return fmt.Errorf("proto: wrong wireType = %d for field CEL", wireType)
+				return fmt.Errorf("proto: wrong wireType = %d for field Key", wireType)
 			}
-			var msglen int
+			var stringLen uint64
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
 					return ErrIntOverflowGenerated
@@ -6645,28 +8860,140 @@ func (m *DeviceSelector) Unmarshal(dAtA []byte) error {
 				}
 				b := dAtA[iNdEx]
 				iNdEx++
-				msglen |= int(b&0x7F) << shift
+				stringLen |= uint64(b&0x7F) << shift
 				if b < 0x80 {
 					break
 				}
 			}
-			if msglen < 0 {
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
 				return ErrInvalidLengthGenerated
 			}
-			postIndex := iNdEx + msglen
+			postIndex := iNdEx + intStringLen
 			if postIndex < 0 {
 				return ErrInvalidLengthGenerated
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
 			}
-			if m.CEL == nil {
-				m.CEL = &CELDeviceSelector{}
+			m.Key = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Operator", wireType)
 			}
-			if err := m.CEL.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
-				return err
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Operator = DeviceTolerationOperator(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
 			}
+			m.Value = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Effect", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Effect = DeviceTaintEffect(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TolerationSeconds", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.TolerationSeconds = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -8548,6 +10875,61 @@ func (m *ResourceSliceSpec) Unmarshal(dAtA []byte) error {
 				return err
 			}
 			iNdEx = postIndex
+		case 7:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PerDeviceNodeSelection", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.PerDeviceNodeSelection = &b
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field SharedCounters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.SharedCounters = append(m.SharedCounters, CounterSet{})
+			if err := m.SharedCounters[len(m.SharedCounters)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/resource/v1beta1/generated.proto b/vendor/k8s.io/api/resource/v1beta1/generated.proto
index 4ea13e0337..8ca3ad445e 100644
--- a/vendor/k8s.io/api/resource/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/resource/v1beta1/generated.proto
@@ -62,6 +62,8 @@ message AllocatedDeviceStatus {
   // If the device has been configured according to the class and claim
   // config references, the `Ready` condition should be True.
   //
+  // Must not contain more than 8 entries.
+  //
   // +optional
   // +listType=map
   // +listMapKey=type
@@ -111,6 +113,65 @@ message BasicDevice {
   //
   // +optional
   map<string, DeviceCapacity> capacity = 2;
+
+  // ConsumesCounters defines a list of references to sharedCounters
+  // and the set of counters that the device will
+  // consume from those counter sets.
+  //
+  // There can only be a single entry per counterSet.
+  //
+  // The total number of device counter consumption entries
+  // must be <= 32. In addition, the total number in the
+  // entire ResourceSlice must be <= 1024 (for example,
+  // 64 devices with 16 counters each).
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRAPartitionableDevices
+  repeated DeviceCounterConsumption consumesCounters = 3;
+
+  // NodeName identifies the node where the device is available.
+  //
+  // Must only be set if Spec.PerDeviceNodeSelection is set to true.
+  // At most one of NodeName, NodeSelector and AllNodes can be set.
+  //
+  // +optional
+  // +oneOf=DeviceNodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional string nodeName = 4;
+
+  // NodeSelector defines the nodes where the device is available.
+  //
+  // Must use exactly one term.
+  //
+  // Must only be set if Spec.PerDeviceNodeSelection is set to true.
+  // At most one of NodeName, NodeSelector and AllNodes can be set.
+  //
+  // +optional
+  // +oneOf=DeviceNodeSelection
+  optional .k8s.io.api.core.v1.NodeSelector nodeSelector = 5;
+
+  // AllNodes indicates that all nodes have access to the device.
+  //
+  // Must only be set if Spec.PerDeviceNodeSelection is set to true.
+  // At most one of NodeName, NodeSelector and AllNodes can be set.
+  //
+  // +optional
+  // +oneOf=DeviceNodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional bool allNodes = 6;
+
+  // If specified, these are the driver-defined taints.
+  //
+  // The maximum number of taints is 4.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceTaint taints = 7;
 }
 
 // CELDeviceSelector contains a CEL expression for selecting a device.
@@ -170,6 +231,38 @@ message CELDeviceSelector {
   optional string expression = 1;
 }
 
+// Counter describes a quantity associated with a device.
+message Counter {
+  // Value defines how much of a certain device counter is available.
+  //
+  // +required
+  optional .k8s.io.apimachinery.pkg.api.resource.Quantity value = 1;
+}
+
+// CounterSet defines a named set of counters
+// that are available to be used by devices defined in the
+// ResourceSlice.
+//
+// The counters are not allocatable by themselves, but
+// can be referenced by devices. When a device is allocated,
+// the portion of counters it uses will no longer be available for use
+// by other devices.
+message CounterSet {
+  // Name defines the name of the counter set.
+  // It must be a DNS label.
+  //
+  // +required
+  optional string name = 1;
+
+  // Counters defines the set of counters for this CounterSet
+  // The name of each counter must be unique in that set and must be a DNS label.
+  //
+  // The maximum number of counters is 32.
+  //
+  // +required
+  map<string, Counter> counters = 2;
+}
+
 // Device represents one individual hardware instance that can be selected based
 // on its attributes. Besides the name, exactly one field must be set.
 message Device {
@@ -198,6 +291,10 @@ message DeviceAllocationConfiguration {
   // Requests lists the names of requests where the configuration applies.
   // If empty, its applies to all requests.
   //
+  // References to subrequests must include the name of the main request
+  // and may include the subrequest using the format <main request>[/<subrequest>]. If just
+  // the main request is given, the configuration applies to all subrequests.
+  //
   // +optional
   // +listType=atomic
   repeated string requests = 2;
@@ -292,6 +389,10 @@ message DeviceClaimConfiguration {
   // Requests lists the names of requests where the configuration applies.
   // If empty, it applies to all requests.
   //
+  // References to subrequests must include the name of the main request
+  // and may include the subrequest using the format <main request>[/<subrequest>]. If just
+  // the main request is given, the configuration applies to all subrequests.
+  //
   // +optional
   // +listType=atomic
   repeated string requests = 1;
@@ -376,6 +477,10 @@ message DeviceConstraint {
   // constraint. If this is not specified, this constraint applies to all
   // requests in this claim.
   //
+  // References to subrequests must include the name of the main request
+  // and may include the subrequest using the format <main request>[/<subrequest>]. If just
+  // the main request is given, the constraint applies to all subrequests.
+  //
   // +optional
   // +listType=atomic
   repeated string requests = 1;
@@ -398,19 +503,35 @@ message DeviceConstraint {
   optional string matchAttribute = 2;
 }
 
+// DeviceCounterConsumption defines a set of counters that
+// a device will consume from a CounterSet.
+message DeviceCounterConsumption {
+  // CounterSet is the name of the set from which the
+  // counters defined will be consumed.
+  //
+  // +required
+  optional string counterSet = 1;
+
+  // Counters defines the counters that will be consumed by the device.
+  //
+  // The maximum number counters in a device is 32.
+  // In addition, the maximum number of all counters
+  // in all devices is 1024 (for example, 64 devices with
+  // 16 counters each).
+  //
+  // +required
+  map<string, Counter> counters = 2;
+}
+
 // DeviceRequest is a request for devices required for a claim.
 // This is typically a request for a single resource like a device, but can
 // also ask for several identical devices.
-//
-// A DeviceClassName is currently required. Clients must check that it is
-// indeed set. It's absence indicates that something changed in a way that
-// is not supported by the client yet, in which case it must refuse to
-// handle the request.
 message DeviceRequest {
   // Name can be used to reference this request in a pod.spec.containers[].resources.claims
   // entry and in a constraint of the claim.
   //
-  // Must be a DNS label.
+  // Must be a DNS label and unique among all DeviceRequests in a
+  // ResourceClaim.
   //
   // +required
   optional string name = 1;
@@ -419,7 +540,10 @@ message DeviceRequest {
   // additional configuration and selectors to be inherited by this
   // request.
   //
-  // A class is required. Which classes are available depends on the cluster.
+  // A class is required if no subrequests are specified in the
+  // firstAvailable list and no class can be set if subrequests
+  // are specified in the firstAvailable list.
+  // Which classes are available depends on the cluster.
   //
   // Administrators may use this to restrict which devices may get
   // requested by only installing classes with selectors for permitted
@@ -427,7 +551,8 @@ message DeviceRequest {
   // then administrators can create an empty DeviceClass for users
   // to reference.
   //
-  // +required
+  // +optional
+  // +oneOf=deviceRequestType
   optional string deviceClassName = 2;
 
   // Selectors define criteria which must be satisfied by a specific
@@ -435,6 +560,9 @@ message DeviceRequest {
   // request. All selectors must be satisfied for a device to be
   // considered.
   //
+  // This field can only be set when deviceClassName is set and no subrequests
+  // are specified in the firstAvailable list.
+  //
   // +optional
   // +listType=atomic
   repeated DeviceSelector selectors = 3;
@@ -447,13 +575,17 @@ message DeviceRequest {
   //   count field.
   //
   // - All: This request is for all of the matching devices in a pool.
+  //   At least one device must exist on the node for the allocation to succeed.
   //   Allocation will fail if some devices are already allocated,
   //   unless adminAccess is requested.
   //
-  // If AlloctionMode is not specified, the default mode is ExactCount. If
+  // If AllocationMode is not specified, the default mode is ExactCount. If
   // the mode is ExactCount and count is not specified, the default count is
   // one. Any other requests must specify this field.
   //
+  // This field can only be set when deviceClassName is set and no subrequests
+  // are specified in the firstAvailable list.
+  //
   // More modes may get added in the future. Clients must refuse to handle
   // requests with unknown modes.
   //
@@ -463,6 +595,9 @@ message DeviceRequest {
   // Count is used only when the count mode is "ExactCount". Must be greater than zero.
   // If AllocationMode is ExactCount and this field is not specified, the default is one.
   //
+  // This field can only be set when deviceClassName is set and no subrequests
+  // are specified in the firstAvailable list.
+  //
   // +optional
   // +oneOf=AllocationMode
   optional int64 count = 5;
@@ -473,6 +608,9 @@ message DeviceRequest {
   // all ordinary claims to the device with respect to access modes and
   // any resource allocations.
   //
+  // This field can only be set when deviceClassName is set and no subrequests
+  // are specified in the firstAvailable list.
+  //
   // This is an alpha field and requires enabling the DRAAdminAccess
   // feature gate. Admin access is disabled if this field is unset or
   // set to false, otherwise it is enabled.
@@ -480,13 +618,65 @@ message DeviceRequest {
   // +optional
   // +featureGate=DRAAdminAccess
   optional bool adminAccess = 6;
+
+  // FirstAvailable contains subrequests, of which exactly one will be
+  // satisfied by the scheduler to satisfy this request. It tries to
+  // satisfy them in the order in which they are listed here. So if
+  // there are two entries in the list, the scheduler will only check
+  // the second one if it determines that the first one cannot be used.
+  //
+  // This field may only be set in the entries of DeviceClaim.Requests.
+  //
+  // DRA does not yet implement scoring, so the scheduler will
+  // select the first set of devices that satisfies all the
+  // requests in the claim. And if the requirements can
+  // be satisfied on more than one node, other scheduling features
+  // will determine which node is chosen. This means that the set of
+  // devices allocated to a claim might not be the optimal set
+  // available to the cluster. Scoring will be implemented later.
+  //
+  // +optional
+  // +oneOf=deviceRequestType
+  // +listType=atomic
+  // +featureGate=DRAPrioritizedList
+  repeated DeviceSubRequest firstAvailable = 7;
+
+  // If specified, the request's tolerations.
+  //
+  // Tolerations for NoSchedule are required to allocate a
+  // device which has a taint with that effect. The same applies
+  // to NoExecute.
+  //
+  // In addition, should any of the allocated devices get tainted
+  // with NoExecute after allocation and that effect is not tolerated,
+  // then all pods consuming the ResourceClaim get deleted to evict
+  // them. The scheduler will not let new pods reserve the claim while
+  // it has these tainted devices. Once all pods are evicted, the
+  // claim will get deallocated.
+  //
+  // The maximum number of tolerations is 16.
+  //
+  // This field can only be set when deviceClassName is set and no subrequests
+  // are specified in the firstAvailable list.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceToleration tolerations = 8;
 }
 
 // DeviceRequestAllocationResult contains the allocation result for one request.
 message DeviceRequestAllocationResult {
   // Request is the name of the request in the claim which caused this
-  // device to be allocated. Multiple devices may have been allocated
-  // per request.
+  // device to be allocated. If it references a subrequest in the
+  // firstAvailable list on a DeviceRequest, this field must
+  // include both the name of the main request and the subrequest
+  // using the format <main request>/<subrequest>.
+  //
+  // Multiple devices may have been allocated per request.
   //
   // +required
   optional string request = 1;
@@ -527,6 +717,19 @@ message DeviceRequestAllocationResult {
   // +optional
   // +featureGate=DRAAdminAccess
   optional bool adminAccess = 5;
+
+  // A copy of all tolerations specified in the request at the time
+  // when the device got allocated.
+  //
+  // The maximum number of tolerations is 16.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceToleration tolerations = 6;
 }
 
 // DeviceSelector must have exactly one field set.
@@ -538,6 +741,177 @@ message DeviceSelector {
   optional CELDeviceSelector cel = 1;
 }
 
+// DeviceSubRequest describes a request for device provided in the
+// claim.spec.devices.requests[].firstAvailable array. Each
+// is typically a request for a single resource like a device, but can
+// also ask for several identical devices.
+//
+// DeviceSubRequest is similar to Request, but doesn't expose the AdminAccess
+// or FirstAvailable fields, as those can only be set on the top-level request.
+// AdminAccess is not supported for requests with a prioritized list, and
+// recursive FirstAvailable fields are not supported.
+message DeviceSubRequest {
+  // Name can be used to reference this subrequest in the list of constraints
+  // or the list of configurations for the claim. References must use the
+  // format <main request>/<subrequest>.
+  //
+  // Must be a DNS label.
+  //
+  // +required
+  optional string name = 1;
+
+  // DeviceClassName references a specific DeviceClass, which can define
+  // additional configuration and selectors to be inherited by this
+  // subrequest.
+  //
+  // A class is required. Which classes are available depends on the cluster.
+  //
+  // Administrators may use this to restrict which devices may get
+  // requested by only installing classes with selectors for permitted
+  // devices. If users are free to request anything without restrictions,
+  // then administrators can create an empty DeviceClass for users
+  // to reference.
+  //
+  // +required
+  optional string deviceClassName = 2;
+
+  // Selectors define criteria which must be satisfied by a specific
+  // device in order for that device to be considered for this
+  // subrequest. All selectors must be satisfied for a device to be
+  // considered.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceSelector selectors = 3;
+
+  // AllocationMode and its related fields define how devices are allocated
+  // to satisfy this subrequest. Supported values are:
+  //
+  // - ExactCount: This request is for a specific number of devices.
+  //   This is the default. The exact number is provided in the
+  //   count field.
+  //
+  // - All: This subrequest is for all of the matching devices in a pool.
+  //   Allocation will fail if some devices are already allocated,
+  //   unless adminAccess is requested.
+  //
+  // If AllocationMode is not specified, the default mode is ExactCount. If
+  // the mode is ExactCount and count is not specified, the default count is
+  // one. Any other subrequests must specify this field.
+  //
+  // More modes may get added in the future. Clients must refuse to handle
+  // requests with unknown modes.
+  //
+  // +optional
+  optional string allocationMode = 4;
+
+  // Count is used only when the count mode is "ExactCount". Must be greater than zero.
+  // If AllocationMode is ExactCount and this field is not specified, the default is one.
+  //
+  // +optional
+  // +oneOf=AllocationMode
+  optional int64 count = 5;
+
+  // If specified, the request's tolerations.
+  //
+  // Tolerations for NoSchedule are required to allocate a
+  // device which has a taint with that effect. The same applies
+  // to NoExecute.
+  //
+  // In addition, should any of the allocated devices get tainted
+  // with NoExecute after allocation and that effect is not tolerated,
+  // then all pods consuming the ResourceClaim get deleted to evict
+  // them. The scheduler will not let new pods reserve the claim while
+  // it has these tainted devices. Once all pods are evicted, the
+  // claim will get deallocated.
+  //
+  // The maximum number of tolerations is 16.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceToleration tolerations = 7;
+}
+
+// The device this taint is attached to has the "effect" on
+// any claim which does not tolerate the taint and, through the claim,
+// to pods using the claim.
+//
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+message DeviceTaint {
+  // The taint key to be applied to a device.
+  // Must be a label name.
+  //
+  // +required
+  optional string key = 1;
+
+  // The taint value corresponding to the taint key.
+  // Must be a label value.
+  //
+  // +optional
+  optional string value = 2;
+
+  // The effect of the taint on claims that do not tolerate the taint
+  // and through such claims on the pods using them.
+  // Valid effects are NoSchedule and NoExecute. PreferNoSchedule as used for
+  // nodes is not valid here.
+  //
+  // +required
+  optional string effect = 3;
+
+  // TimeAdded represents the time at which the taint was added.
+  // Added automatically during create or update if not set.
+  //
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.Time timeAdded = 4;
+}
+
+// The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches
+// the triple <key,value,effect> using the matching operator <operator>.
+message DeviceToleration {
+  // Key is the taint key that the toleration applies to. Empty means match all taint keys.
+  // If the key is empty, operator must be Exists; this combination means to match all values and all keys.
+  // Must be a label name.
+  //
+  // +optional
+  optional string key = 1;
+
+  // Operator represents a key's relationship to the value.
+  // Valid operators are Exists and Equal. Defaults to Equal.
+  // Exists is equivalent to wildcard for value, so that a ResourceClaim can
+  // tolerate all taints of a particular category.
+  //
+  // +optional
+  // +default="Equal"
+  optional string operator = 2;
+
+  // Value is the taint value the toleration matches to.
+  // If the operator is Exists, the value must be empty, otherwise just a regular string.
+  // Must be a label value.
+  //
+  // +optional
+  optional string value = 3;
+
+  // Effect indicates the taint effect to match. Empty means match all taint effects.
+  // When specified, allowed values are NoSchedule and NoExecute.
+  //
+  // +optional
+  optional string effect = 4;
+
+  // TolerationSeconds represents the period of time the toleration (which must be
+  // of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
+  // it is not set, which means tolerate the taint forever (do not evict). Zero and
+  // negative values will be treated as 0 (evict immediately) by the system.
+  // If larger than zero, the time when the pod needs to be evicted is calculated as <time when
+  // taint was adedd> + <toleration seconds>.
+  //
+  // +optional
+  optional int64 tolerationSeconds = 5;
+}
+
 // NetworkDeviceData provides network-related details for the allocated device.
 // This information may be filled by drivers or other components to configure
 // or identify the device within a network context.
@@ -557,6 +931,8 @@ message NetworkDeviceData {
   // associated subnet mask.
   // e.g.: "192.0.2.5/24" for IPv4 and "2001:db8::5/64" for IPv6.
   //
+  // Must not contain more than 16 entries.
+  //
   // +optional
   // +listType=atomic
   repeated string ips = 2;
@@ -855,7 +1231,7 @@ message ResourceSliceSpec {
   // new nodes of the same type as some old node might also make new
   // resources available.
   //
-  // Exactly one of NodeName, NodeSelector and AllNodes must be set.
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
   // This field is immutable.
   //
   // +optional
@@ -867,7 +1243,7 @@ message ResourceSliceSpec {
   //
   // Must use exactly one term.
   //
-  // Exactly one of NodeName, NodeSelector and AllNodes must be set.
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
   //
   // +optional
   // +oneOf=NodeSelection
@@ -875,7 +1251,7 @@ message ResourceSliceSpec {
 
   // AllNodes indicates that all nodes have access to the resources in the pool.
   //
-  // Exactly one of NodeName, NodeSelector and AllNodes must be set.
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
   //
   // +optional
   // +oneOf=NodeSelection
@@ -888,5 +1264,29 @@ message ResourceSliceSpec {
   // +optional
   // +listType=atomic
   repeated Device devices = 6;
+
+  // PerDeviceNodeSelection defines whether the access from nodes to
+  // resources in the pool is set on the ResourceSlice level or on each
+  // device. If it is set to true, every device defined the ResourceSlice
+  // must specify this individually.
+  //
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+  //
+  // +optional
+  // +oneOf=NodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional bool perDeviceNodeSelection = 7;
+
+  // SharedCounters defines a list of counter sets, each of which
+  // has a name and a list of counters available.
+  //
+  // The names of the SharedCounters must be unique in the ResourceSlice.
+  //
+  // The maximum number of SharedCounters is 32.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRAPartitionableDevices
+  repeated CounterSet sharedCounters = 8;
 }
 
diff --git a/vendor/k8s.io/api/resource/v1beta1/types.go b/vendor/k8s.io/api/resource/v1beta1/types.go
index fbdc35ca86..3c64b426d9 100644
--- a/vendor/k8s.io/api/resource/v1beta1/types.go
+++ b/vendor/k8s.io/api/resource/v1beta1/types.go
@@ -109,7 +109,7 @@ type ResourceSliceSpec struct {
 	// new nodes of the same type as some old node might also make new
 	// resources available.
 	//
-	// Exactly one of NodeName, NodeSelector and AllNodes must be set.
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
 	// This field is immutable.
 	//
 	// +optional
@@ -121,7 +121,7 @@ type ResourceSliceSpec struct {
 	//
 	// Must use exactly one term.
 	//
-	// Exactly one of NodeName, NodeSelector and AllNodes must be set.
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
 	//
 	// +optional
 	// +oneOf=NodeSelection
@@ -129,7 +129,7 @@ type ResourceSliceSpec struct {
 
 	// AllNodes indicates that all nodes have access to the resources in the pool.
 	//
-	// Exactly one of NodeName, NodeSelector and AllNodes must be set.
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
 	//
 	// +optional
 	// +oneOf=NodeSelection
@@ -142,6 +142,62 @@ type ResourceSliceSpec struct {
 	// +optional
 	// +listType=atomic
 	Devices []Device `json:"devices" protobuf:"bytes,6,name=devices"`
+
+	// PerDeviceNodeSelection defines whether the access from nodes to
+	// resources in the pool is set on the ResourceSlice level or on each
+	// device. If it is set to true, every device defined the ResourceSlice
+	// must specify this individually.
+	//
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+	//
+	// +optional
+	// +oneOf=NodeSelection
+	// +featureGate=DRAPartitionableDevices
+	PerDeviceNodeSelection *bool `json:"perDeviceNodeSelection,omitempty" protobuf:"bytes,7,name=perDeviceNodeSelection"`
+
+	// SharedCounters defines a list of counter sets, each of which
+	// has a name and a list of counters available.
+	//
+	// The names of the SharedCounters must be unique in the ResourceSlice.
+	//
+	// The maximum number of SharedCounters is 32.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRAPartitionableDevices
+	SharedCounters []CounterSet `json:"sharedCounters,omitempty" protobuf:"bytes,8,name=sharedCounters"`
+}
+
+// CounterSet defines a named set of counters
+// that are available to be used by devices defined in the
+// ResourceSlice.
+//
+// The counters are not allocatable by themselves, but
+// can be referenced by devices. When a device is allocated,
+// the portion of counters it uses will no longer be available for use
+// by other devices.
+type CounterSet struct {
+	// Name defines the name of the counter set.
+	// It must be a DNS label.
+	//
+	// +required
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+
+	// Counters defines the set of counters for this CounterSet
+	// The name of each counter must be unique in that set and must be a DNS label.
+	//
+	// The maximum number of counters is 32.
+	//
+	// +required
+	Counters map[string]Counter `json:"counters,omitempty" protobuf:"bytes,2,name=counters"`
+}
+
+// Counter describes a quantity associated with a device.
+type Counter struct {
+	// Value defines how much of a certain device counter is available.
+	//
+	// +required
+	Value resource.Quantity `json:"value" protobuf:"bytes,1,rep,name=value"`
 }
 
 // DriverNameMaxLength is the maximum valid length of a driver name in the
@@ -222,6 +278,85 @@ type BasicDevice struct {
 	//
 	// +optional
 	Capacity map[QualifiedName]DeviceCapacity `json:"capacity,omitempty" protobuf:"bytes,2,rep,name=capacity"`
+
+	// ConsumesCounters defines a list of references to sharedCounters
+	// and the set of counters that the device will
+	// consume from those counter sets.
+	//
+	// There can only be a single entry per counterSet.
+	//
+	// The total number of device counter consumption entries
+	// must be <= 32. In addition, the total number in the
+	// entire ResourceSlice must be <= 1024 (for example,
+	// 64 devices with 16 counters each).
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRAPartitionableDevices
+	ConsumesCounters []DeviceCounterConsumption `json:"consumesCounters,omitempty" protobuf:"bytes,3,rep,name=consumesCounters"`
+
+	// NodeName identifies the node where the device is available.
+	//
+	// Must only be set if Spec.PerDeviceNodeSelection is set to true.
+	// At most one of NodeName, NodeSelector and AllNodes can be set.
+	//
+	// +optional
+	// +oneOf=DeviceNodeSelection
+	// +featureGate=DRAPartitionableDevices
+	NodeName *string `json:"nodeName,omitempty" protobuf:"bytes,4,opt,name=nodeName"`
+
+	// NodeSelector defines the nodes where the device is available.
+	//
+	// Must use exactly one term.
+	//
+	// Must only be set if Spec.PerDeviceNodeSelection is set to true.
+	// At most one of NodeName, NodeSelector and AllNodes can be set.
+	//
+	// +optional
+	// +oneOf=DeviceNodeSelection
+	NodeSelector *v1.NodeSelector `json:"nodeSelector,omitempty" protobuf:"bytes,5,opt,name=nodeSelector"`
+
+	// AllNodes indicates that all nodes have access to the device.
+	//
+	// Must only be set if Spec.PerDeviceNodeSelection is set to true.
+	// At most one of NodeName, NodeSelector and AllNodes can be set.
+	//
+	// +optional
+	// +oneOf=DeviceNodeSelection
+	// +featureGate=DRAPartitionableDevices
+	AllNodes *bool `json:"allNodes,omitempty" protobuf:"bytes,6,opt,name=allNodes"`
+
+	// If specified, these are the driver-defined taints.
+	//
+	// The maximum number of taints is 4.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Taints []DeviceTaint `json:"taints,omitempty" protobuf:"bytes,7,rep,name=taints"`
+}
+
+// DeviceCounterConsumption defines a set of counters that
+// a device will consume from a CounterSet.
+type DeviceCounterConsumption struct {
+	// CounterSet is the name of the set from which the
+	// counters defined will be consumed.
+	//
+	// +required
+	CounterSet string `json:"counterSet" protobuf:"bytes,1,opt,name=counterSet"`
+
+	// Counters defines the counters that will be consumed by the device.
+	//
+	// The maximum number counters in a device is 32.
+	// In addition, the maximum number of all counters
+	// in all devices is 1024 (for example, 64 devices with
+	// 16 counters each).
+	//
+	// +required
+	Counters map[string]Counter `json:"counters,omitempty" protobuf:"bytes,2,opt,name=counters"`
 }
 
 // DeviceCapacity describes a quantity associated with a device.
@@ -238,6 +373,14 @@ type DeviceCapacity struct {
 // Limit for the sum of the number of entries in both attributes and capacity.
 const ResourceSliceMaxAttributesAndCapacitiesPerDevice = 32
 
+// Limit for the total number of counters in each device.
+const ResourceSliceMaxCountersPerDevice = 32
+
+// Limit for the total number of counters defined in devices in
+// a ResourceSlice. We want to allow up to 64 devices to specify
+// up to 16 counters, so the limit for the ResourceSlice will be 1024.
+const ResourceSliceMaxDeviceCountersPerSlice = 1024 // 64 * 16
+
 // QualifiedName is the name of a device attribute or capacity.
 //
 // Attributes and capacities are defined either by the owner of the specific
@@ -300,6 +443,66 @@ type DeviceAttribute struct {
 // DeviceAttributeMaxValueLength is the maximum length of a string or version attribute value.
 const DeviceAttributeMaxValueLength = 64
 
+// DeviceTaintsMaxLength is the maximum number of taints per device.
+const DeviceTaintsMaxLength = 4
+
+// The device this taint is attached to has the "effect" on
+// any claim which does not tolerate the taint and, through the claim,
+// to pods using the claim.
+//
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+type DeviceTaint struct {
+	// The taint key to be applied to a device.
+	// Must be a label name.
+	//
+	// +required
+	Key string `json:"key" protobuf:"bytes,1,name=key"`
+
+	// The taint value corresponding to the taint key.
+	// Must be a label value.
+	//
+	// +optional
+	Value string `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"`
+
+	// The effect of the taint on claims that do not tolerate the taint
+	// and through such claims on the pods using them.
+	// Valid effects are NoSchedule and NoExecute. PreferNoSchedule as used for
+	// nodes is not valid here.
+	//
+	// +required
+	Effect DeviceTaintEffect `json:"effect" protobuf:"bytes,3,name=effect,casttype=DeviceTaintEffect"`
+
+	// ^^^^
+	//
+	// Implementing PreferNoSchedule would depend on a scoring solution for DRA.
+	// It might get added as part of that.
+
+	// TimeAdded represents the time at which the taint was added.
+	// Added automatically during create or update if not set.
+	//
+	// +optional
+	TimeAdded *metav1.Time `json:"timeAdded,omitempty" protobuf:"bytes,4,opt,name=timeAdded"`
+
+	// ^^^
+	//
+	// This field was defined as "It is only written for NoExecute taints." for node taints.
+	// But in practice, Kubernetes never did anything with it (no validation, no defaulting,
+	// ignored during pod eviction in pkg/controller/tainteviction).
+}
+
+// +enum
+type DeviceTaintEffect string
+
+const (
+	// Do not allow new pods to schedule which use a tainted device unless they tolerate the taint,
+	// but allow all pods submitted to Kubelet without going through the scheduler
+	// to start, and allow all already-running pods to continue running.
+	DeviceTaintEffectNoSchedule DeviceTaintEffect = "NoSchedule"
+
+	// Evict any already-running pods that do not tolerate the device taint.
+	DeviceTaintEffectNoExecute DeviceTaintEffect = "NoExecute"
+)
+
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 // +k8s:prerelease-lifecycle-gen:introduced=1.32
 
@@ -391,19 +594,24 @@ const (
 	DeviceConfigMaxSize      = 32
 )
 
+// DRAAdminNamespaceLabelKey is a label key used to grant administrative access
+// to certain resource.k8s.io API types within a namespace. When this label is
+// set on a namespace with the value "true" (case-sensitive), it allows the use
+// of adminAccess: true in any namespaced resource.k8s.io API types. Currently,
+// this permission applies to ResourceClaim and ResourceClaimTemplate objects.
+const (
+	DRAAdminNamespaceLabelKey = "resource.k8s.io/admin-access"
+)
+
 // DeviceRequest is a request for devices required for a claim.
 // This is typically a request for a single resource like a device, but can
 // also ask for several identical devices.
-//
-// A DeviceClassName is currently required. Clients must check that it is
-// indeed set. It's absence indicates that something changed in a way that
-// is not supported by the client yet, in which case it must refuse to
-// handle the request.
 type DeviceRequest struct {
 	// Name can be used to reference this request in a pod.spec.containers[].resources.claims
 	// entry and in a constraint of the claim.
 	//
-	// Must be a DNS label.
+	// Must be a DNS label and unique among all DeviceRequests in a
+	// ResourceClaim.
 	//
 	// +required
 	Name string `json:"name" protobuf:"bytes,1,name=name"`
@@ -412,7 +620,10 @@ type DeviceRequest struct {
 	// additional configuration and selectors to be inherited by this
 	// request.
 	//
-	// A class is required. Which classes are available depends on the cluster.
+	// A class is required if no subrequests are specified in the
+	// firstAvailable list and no class can be set if subrequests
+	// are specified in the firstAvailable list.
+	// Which classes are available depends on the cluster.
 	//
 	// Administrators may use this to restrict which devices may get
 	// requested by only installing classes with selectors for permitted
@@ -420,7 +631,8 @@ type DeviceRequest struct {
 	// then administrators can create an empty DeviceClass for users
 	// to reference.
 	//
-	// +required
+	// +optional
+	// +oneOf=deviceRequestType
 	DeviceClassName string `json:"deviceClassName" protobuf:"bytes,2,name=deviceClassName"`
 
 	// Selectors define criteria which must be satisfied by a specific
@@ -428,6 +640,9 @@ type DeviceRequest struct {
 	// request. All selectors must be satisfied for a device to be
 	// considered.
 	//
+	// This field can only be set when deviceClassName is set and no subrequests
+	// are specified in the firstAvailable list.
+	//
 	// +optional
 	// +listType=atomic
 	Selectors []DeviceSelector `json:"selectors,omitempty" protobuf:"bytes,3,name=selectors"`
@@ -440,13 +655,17 @@ type DeviceRequest struct {
 	//   count field.
 	//
 	// - All: This request is for all of the matching devices in a pool.
+	//   At least one device must exist on the node for the allocation to succeed.
 	//   Allocation will fail if some devices are already allocated,
 	//   unless adminAccess is requested.
 	//
-	// If AlloctionMode is not specified, the default mode is ExactCount. If
+	// If AllocationMode is not specified, the default mode is ExactCount. If
 	// the mode is ExactCount and count is not specified, the default count is
 	// one. Any other requests must specify this field.
 	//
+	// This field can only be set when deviceClassName is set and no subrequests
+	// are specified in the firstAvailable list.
+	//
 	// More modes may get added in the future. Clients must refuse to handle
 	// requests with unknown modes.
 	//
@@ -456,6 +675,9 @@ type DeviceRequest struct {
 	// Count is used only when the count mode is "ExactCount". Must be greater than zero.
 	// If AllocationMode is ExactCount and this field is not specified, the default is one.
 	//
+	// This field can only be set when deviceClassName is set and no subrequests
+	// are specified in the firstAvailable list.
+	//
 	// +optional
 	// +oneOf=AllocationMode
 	Count int64 `json:"count,omitempty" protobuf:"bytes,5,opt,name=count"`
@@ -466,6 +688,9 @@ type DeviceRequest struct {
 	// all ordinary claims to the device with respect to access modes and
 	// any resource allocations.
 	//
+	// This field can only be set when deviceClassName is set and no subrequests
+	// are specified in the firstAvailable list.
+	//
 	// This is an alpha field and requires enabling the DRAAdminAccess
 	// feature gate. Admin access is disabled if this field is unset or
 	// set to false, otherwise it is enabled.
@@ -473,10 +698,155 @@ type DeviceRequest struct {
 	// +optional
 	// +featureGate=DRAAdminAccess
 	AdminAccess *bool `json:"adminAccess,omitempty" protobuf:"bytes,6,opt,name=adminAccess"`
+
+	// FirstAvailable contains subrequests, of which exactly one will be
+	// satisfied by the scheduler to satisfy this request. It tries to
+	// satisfy them in the order in which they are listed here. So if
+	// there are two entries in the list, the scheduler will only check
+	// the second one if it determines that the first one cannot be used.
+	//
+	// This field may only be set in the entries of DeviceClaim.Requests.
+	//
+	// DRA does not yet implement scoring, so the scheduler will
+	// select the first set of devices that satisfies all the
+	// requests in the claim. And if the requirements can
+	// be satisfied on more than one node, other scheduling features
+	// will determine which node is chosen. This means that the set of
+	// devices allocated to a claim might not be the optimal set
+	// available to the cluster. Scoring will be implemented later.
+	//
+	// +optional
+	// +oneOf=deviceRequestType
+	// +listType=atomic
+	// +featureGate=DRAPrioritizedList
+	FirstAvailable []DeviceSubRequest `json:"firstAvailable,omitempty" protobuf:"bytes,7,name=firstAvailable"`
+
+	// If specified, the request's tolerations.
+	//
+	// Tolerations for NoSchedule are required to allocate a
+	// device which has a taint with that effect. The same applies
+	// to NoExecute.
+	//
+	// In addition, should any of the allocated devices get tainted
+	// with NoExecute after allocation and that effect is not tolerated,
+	// then all pods consuming the ResourceClaim get deleted to evict
+	// them. The scheduler will not let new pods reserve the claim while
+	// it has these tainted devices. Once all pods are evicted, the
+	// claim will get deallocated.
+	//
+	// The maximum number of tolerations is 16.
+	//
+	// This field can only be set when deviceClassName is set and no subrequests
+	// are specified in the firstAvailable list.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Tolerations []DeviceToleration `json:"tolerations,omitempty" protobuf:"bytes,8,opt,name=tolerations"`
+}
+
+// DeviceSubRequest describes a request for device provided in the
+// claim.spec.devices.requests[].firstAvailable array. Each
+// is typically a request for a single resource like a device, but can
+// also ask for several identical devices.
+//
+// DeviceSubRequest is similar to Request, but doesn't expose the AdminAccess
+// or FirstAvailable fields, as those can only be set on the top-level request.
+// AdminAccess is not supported for requests with a prioritized list, and
+// recursive FirstAvailable fields are not supported.
+type DeviceSubRequest struct {
+	// Name can be used to reference this subrequest in the list of constraints
+	// or the list of configurations for the claim. References must use the
+	// format <main request>/<subrequest>.
+	//
+	// Must be a DNS label.
+	//
+	// +required
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+
+	// DeviceClassName references a specific DeviceClass, which can define
+	// additional configuration and selectors to be inherited by this
+	// subrequest.
+	//
+	// A class is required. Which classes are available depends on the cluster.
+	//
+	// Administrators may use this to restrict which devices may get
+	// requested by only installing classes with selectors for permitted
+	// devices. If users are free to request anything without restrictions,
+	// then administrators can create an empty DeviceClass for users
+	// to reference.
+	//
+	// +required
+	DeviceClassName string `json:"deviceClassName" protobuf:"bytes,2,name=deviceClassName"`
+
+	// Selectors define criteria which must be satisfied by a specific
+	// device in order for that device to be considered for this
+	// subrequest. All selectors must be satisfied for a device to be
+	// considered.
+	//
+	// +optional
+	// +listType=atomic
+	Selectors []DeviceSelector `json:"selectors,omitempty" protobuf:"bytes,3,name=selectors"`
+
+	// AllocationMode and its related fields define how devices are allocated
+	// to satisfy this subrequest. Supported values are:
+	//
+	// - ExactCount: This request is for a specific number of devices.
+	//   This is the default. The exact number is provided in the
+	//   count field.
+	//
+	// - All: This subrequest is for all of the matching devices in a pool.
+	//   Allocation will fail if some devices are already allocated,
+	//   unless adminAccess is requested.
+	//
+	// If AllocationMode is not specified, the default mode is ExactCount. If
+	// the mode is ExactCount and count is not specified, the default count is
+	// one. Any other subrequests must specify this field.
+	//
+	// More modes may get added in the future. Clients must refuse to handle
+	// requests with unknown modes.
+	//
+	// +optional
+	AllocationMode DeviceAllocationMode `json:"allocationMode,omitempty" protobuf:"bytes,4,opt,name=allocationMode"`
+
+	// Count is used only when the count mode is "ExactCount". Must be greater than zero.
+	// If AllocationMode is ExactCount and this field is not specified, the default is one.
+	//
+	// +optional
+	// +oneOf=AllocationMode
+	Count int64 `json:"count,omitempty" protobuf:"bytes,5,opt,name=count"`
+
+	// If specified, the request's tolerations.
+	//
+	// Tolerations for NoSchedule are required to allocate a
+	// device which has a taint with that effect. The same applies
+	// to NoExecute.
+	//
+	// In addition, should any of the allocated devices get tainted
+	// with NoExecute after allocation and that effect is not tolerated,
+	// then all pods consuming the ResourceClaim get deleted to evict
+	// them. The scheduler will not let new pods reserve the claim while
+	// it has these tainted devices. Once all pods are evicted, the
+	// claim will get deallocated.
+	//
+	// The maximum number of tolerations is 16.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Tolerations []DeviceToleration `json:"tolerations,omitempty" protobuf:"bytes,7,opt,name=tolerations"`
 }
 
 const (
-	DeviceSelectorsMaxSize = 32
+	DeviceSelectorsMaxSize             = 32
+	FirstAvailableDeviceRequestMaxSize = 8
+	DeviceTolerationsMaxLength         = 16
 )
 
 type DeviceAllocationMode string
@@ -589,6 +959,10 @@ type DeviceConstraint struct {
 	// constraint. If this is not specified, this constraint applies to all
 	// requests in this claim.
 	//
+	// References to subrequests must include the name of the main request
+	// and may include the subrequest using the format <main request>[/<subrequest>]. If just
+	// the main request is given, the constraint applies to all subrequests.
+	//
 	// +optional
 	// +listType=atomic
 	Requests []string `json:"requests,omitempty" protobuf:"bytes,1,opt,name=requests"`
@@ -626,6 +1000,10 @@ type DeviceClaimConfiguration struct {
 	// Requests lists the names of requests where the configuration applies.
 	// If empty, it applies to all requests.
 	//
+	// References to subrequests must include the name of the main request
+	// and may include the subrequest using the format <main request>[/<subrequest>]. If just
+	// the main request is given, the configuration applies to all subrequests.
+	//
 	// +optional
 	// +listType=atomic
 	Requests []string `json:"requests,omitempty" protobuf:"bytes,1,opt,name=requests"`
@@ -674,6 +1052,59 @@ type OpaqueDeviceConfiguration struct {
 // [OpaqueDeviceConfiguration.Parameters] field.
 const OpaqueParametersMaxLength = 10 * 1024
 
+// The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches
+// the triple <key,value,effect> using the matching operator <operator>.
+type DeviceToleration struct {
+	// Key is the taint key that the toleration applies to. Empty means match all taint keys.
+	// If the key is empty, operator must be Exists; this combination means to match all values and all keys.
+	// Must be a label name.
+	//
+	// +optional
+	Key string `json:"key,omitempty" protobuf:"bytes,1,opt,name=key"`
+
+	// Operator represents a key's relationship to the value.
+	// Valid operators are Exists and Equal. Defaults to Equal.
+	// Exists is equivalent to wildcard for value, so that a ResourceClaim can
+	// tolerate all taints of a particular category.
+	//
+	// +optional
+	// +default="Equal"
+	Operator DeviceTolerationOperator `json:"operator,omitempty" protobuf:"bytes,2,opt,name=operator,casttype=DeviceTolerationOperator"`
+
+	// Value is the taint value the toleration matches to.
+	// If the operator is Exists, the value must be empty, otherwise just a regular string.
+	// Must be a label value.
+	//
+	// +optional
+	Value string `json:"value,omitempty" protobuf:"bytes,3,opt,name=value"`
+
+	// Effect indicates the taint effect to match. Empty means match all taint effects.
+	// When specified, allowed values are NoSchedule and NoExecute.
+	//
+	// +optional
+	Effect DeviceTaintEffect `json:"effect,omitempty" protobuf:"bytes,4,opt,name=effect,casttype=DeviceTaintEffect"`
+
+	// TolerationSeconds represents the period of time the toleration (which must be
+	// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
+	// it is not set, which means tolerate the taint forever (do not evict). Zero and
+	// negative values will be treated as 0 (evict immediately) by the system.
+	// If larger than zero, the time when the pod needs to be evicted is calculated as <time when
+	// taint was adedd> + <toleration seconds>.
+	//
+	// +optional
+	TolerationSeconds *int64 `json:"tolerationSeconds,omitempty" protobuf:"varint,5,opt,name=tolerationSeconds"`
+}
+
+// A toleration operator is the set of operators that can be used in a toleration.
+//
+// +enum
+type DeviceTolerationOperator string
+
+const (
+	DeviceTolerationOpExists DeviceTolerationOperator = "Exists"
+	DeviceTolerationOpEqual  DeviceTolerationOperator = "Equal"
+)
+
 // ResourceClaimStatus tracks whether the resource has been allocated and what
 // the result of that was.
 type ResourceClaimStatus struct {
@@ -798,8 +1229,12 @@ const AllocationResultsMaxSize = 32
 // DeviceRequestAllocationResult contains the allocation result for one request.
 type DeviceRequestAllocationResult struct {
 	// Request is the name of the request in the claim which caused this
-	// device to be allocated. Multiple devices may have been allocated
-	// per request.
+	// device to be allocated. If it references a subrequest in the
+	// firstAvailable list on a DeviceRequest, this field must
+	// include both the name of the main request and the subrequest
+	// using the format <main request>/<subrequest>.
+	//
+	// Multiple devices may have been allocated per request.
 	//
 	// +required
 	Request string `json:"request" protobuf:"bytes,1,name=request"`
@@ -840,6 +1275,19 @@ type DeviceRequestAllocationResult struct {
 	// +optional
 	// +featureGate=DRAAdminAccess
 	AdminAccess *bool `json:"adminAccess" protobuf:"bytes,5,name=adminAccess"`
+
+	// A copy of all tolerations specified in the request at the time
+	// when the device got allocated.
+	//
+	// The maximum number of tolerations is 16.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Tolerations []DeviceToleration `json:"tolerations,omitempty" protobuf:"bytes,6,opt,name=tolerations"`
 }
 
 // DeviceAllocationConfiguration gets embedded in an AllocationResult.
@@ -854,6 +1302,10 @@ type DeviceAllocationConfiguration struct {
 	// Requests lists the names of requests where the configuration applies.
 	// If empty, its applies to all requests.
 	//
+	// References to subrequests must include the name of the main request
+	// and may include the subrequest using the format <main request>[/<subrequest>]. If just
+	// the main request is given, the configuration applies to all subrequests.
+	//
 	// +optional
 	// +listType=atomic
 	Requests []string `json:"requests,omitempty" protobuf:"bytes,2,opt,name=requests"`
@@ -1006,6 +1458,24 @@ type ResourceClaimTemplateList struct {
 	Items []ResourceClaimTemplate `json:"items" protobuf:"bytes,2,rep,name=items"`
 }
 
+const (
+	// AllocatedDeviceStatusMaxConditions represents the maximum number of
+	// conditions in a device status.
+	AllocatedDeviceStatusMaxConditions int = 8
+	// AllocatedDeviceStatusDataMaxLength represents the maximum length of the
+	// raw data in the Data field in a device status.
+	AllocatedDeviceStatusDataMaxLength int = 10 * 1024
+	// NetworkDeviceDataMaxIPs represents the maximum number of IPs in the networkData
+	// field in a device status.
+	NetworkDeviceDataMaxIPs int = 16
+	// NetworkDeviceDataInterfaceNameMaxLength represents the maximum number of characters
+	// for the networkData.interfaceName field in a device status.
+	NetworkDeviceDataInterfaceNameMaxLength int = 256
+	// NetworkDeviceDataHardwareAddressMaxLength represents the maximum number of characters
+	// for the networkData.hardwareAddress field in a device status.
+	NetworkDeviceDataHardwareAddressMaxLength int = 128
+)
+
 // AllocatedDeviceStatus contains the status of an allocated device, if the
 // driver chooses to report it. This may include driver-specific information.
 type AllocatedDeviceStatus struct {
@@ -1038,6 +1508,8 @@ type AllocatedDeviceStatus struct {
 	// If the device has been configured according to the class and claim
 	// config references, the `Ready` condition should be True.
 	//
+	// Must not contain more than 8 entries.
+	//
 	// +optional
 	// +listType=map
 	// +listMapKey=type
@@ -1048,7 +1520,7 @@ type AllocatedDeviceStatus struct {
 	// The length of the raw data must be smaller or equal to 10 Ki.
 	//
 	// +optional
-	Data runtime.RawExtension `json:"data,omitempty" protobuf:"bytes,5,opt,name=data"`
+	Data *runtime.RawExtension `json:"data,omitempty" protobuf:"bytes,5,opt,name=data"`
 
 	// NetworkData contains network-related information specific to the device.
 	//
@@ -1075,6 +1547,8 @@ type NetworkDeviceData struct {
 	// associated subnet mask.
 	// e.g.: "192.0.2.5/24" for IPv4 and "2001:db8::5/64" for IPv6.
 	//
+	// Must not contain more than 16 entries.
+	//
 	// +optional
 	// +listType=atomic
 	IPs []string `json:"ips,omitempty" protobuf:"bytes,2,opt,name=ips"`
diff --git a/vendor/k8s.io/api/resource/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/resource/v1beta1/types_swagger_doc_generated.go
index 4ecc35d08a..cd8b15fe3a 100644
--- a/vendor/k8s.io/api/resource/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/resource/v1beta1/types_swagger_doc_generated.go
@@ -32,7 +32,7 @@ var map_AllocatedDeviceStatus = map[string]string{
 	"driver":      "Driver specifies the name of the DRA driver whose kubelet plugin should be invoked to process the allocation once the claim is needed on a node.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver.",
 	"pool":        "This name together with the driver name and the device name field identify which device was allocated (`<driver name>/<pool name>/<device name>`).\n\nMust not be longer than 253 characters and may contain one or more DNS sub-domains separated by slashes.",
 	"device":      "Device references one device instance via its name in the driver's resource pool. It must be a DNS label.",
-	"conditions":  "Conditions contains the latest observation of the device's state. If the device has been configured according to the class and claim config references, the `Ready` condition should be True.",
+	"conditions":  "Conditions contains the latest observation of the device's state. If the device has been configured according to the class and claim config references, the `Ready` condition should be True.\n\nMust not contain more than 8 entries.",
 	"data":        "Data contains arbitrary driver-specific data.\n\nThe length of the raw data must be smaller or equal to 10 Ki.",
 	"networkData": "NetworkData contains network-related information specific to the device.",
 }
@@ -52,9 +52,14 @@ func (AllocationResult) SwaggerDoc() map[string]string {
 }
 
 var map_BasicDevice = map[string]string{
-	"":           "BasicDevice defines one device instance.",
-	"attributes": "Attributes defines the set of attributes for this device. The name of each attribute must be unique in that set.\n\nThe maximum number of attributes and capacities combined is 32.",
-	"capacity":   "Capacity defines the set of capacities for this device. The name of each capacity must be unique in that set.\n\nThe maximum number of attributes and capacities combined is 32.",
+	"":                 "BasicDevice defines one device instance.",
+	"attributes":       "Attributes defines the set of attributes for this device. The name of each attribute must be unique in that set.\n\nThe maximum number of attributes and capacities combined is 32.",
+	"capacity":         "Capacity defines the set of capacities for this device. The name of each capacity must be unique in that set.\n\nThe maximum number of attributes and capacities combined is 32.",
+	"consumesCounters": "ConsumesCounters defines a list of references to sharedCounters and the set of counters that the device will consume from those counter sets.\n\nThere can only be a single entry per counterSet.\n\nThe total number of device counter consumption entries must be <= 32. In addition, the total number in the entire ResourceSlice must be <= 1024 (for example, 64 devices with 16 counters each).",
+	"nodeName":         "NodeName identifies the node where the device is available.\n\nMust only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.",
+	"nodeSelector":     "NodeSelector defines the nodes where the device is available.\n\nMust use exactly one term.\n\nMust only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.",
+	"allNodes":         "AllNodes indicates that all nodes have access to the device.\n\nMust only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.",
+	"taints":           "If specified, these are the driver-defined taints.\n\nThe maximum number of taints is 4.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
 }
 
 func (BasicDevice) SwaggerDoc() map[string]string {
@@ -70,6 +75,25 @@ func (CELDeviceSelector) SwaggerDoc() map[string]string {
 	return map_CELDeviceSelector
 }
 
+var map_Counter = map[string]string{
+	"":      "Counter describes a quantity associated with a device.",
+	"value": "Value defines how much of a certain device counter is available.",
+}
+
+func (Counter) SwaggerDoc() map[string]string {
+	return map_Counter
+}
+
+var map_CounterSet = map[string]string{
+	"":         "CounterSet defines a named set of counters that are available to be used by devices defined in the ResourceSlice.\n\nThe counters are not allocatable by themselves, but can be referenced by devices. When a device is allocated, the portion of counters it uses will no longer be available for use by other devices.",
+	"name":     "Name defines the name of the counter set. It must be a DNS label.",
+	"counters": "Counters defines the set of counters for this CounterSet The name of each counter must be unique in that set and must be a DNS label.\n\nThe maximum number of counters is 32.",
+}
+
+func (CounterSet) SwaggerDoc() map[string]string {
+	return map_CounterSet
+}
+
 var map_Device = map[string]string{
 	"":      "Device represents one individual hardware instance that can be selected based on its attributes. Besides the name, exactly one field must be set.",
 	"name":  "Name is unique identifier among all devices managed by the driver in the pool. It must be a DNS label.",
@@ -83,7 +107,7 @@ func (Device) SwaggerDoc() map[string]string {
 var map_DeviceAllocationConfiguration = map[string]string{
 	"":         "DeviceAllocationConfiguration gets embedded in an AllocationResult.",
 	"source":   "Source records whether the configuration comes from a class and thus is not something that a normal user would have been able to set or from a claim.",
-	"requests": "Requests lists the names of requests where the configuration applies. If empty, its applies to all requests.",
+	"requests": "Requests lists the names of requests where the configuration applies. If empty, its applies to all requests.\n\nReferences to subrequests must include the name of the main request and may include the subrequest using the format <main request>[/<subrequest>]. If just the main request is given, the configuration applies to all subrequests.",
 }
 
 func (DeviceAllocationConfiguration) SwaggerDoc() map[string]string {
@@ -134,7 +158,7 @@ func (DeviceClaim) SwaggerDoc() map[string]string {
 
 var map_DeviceClaimConfiguration = map[string]string{
 	"":         "DeviceClaimConfiguration is used for configuration parameters in DeviceClaim.",
-	"requests": "Requests lists the names of requests where the configuration applies. If empty, it applies to all requests.",
+	"requests": "Requests lists the names of requests where the configuration applies. If empty, it applies to all requests.\n\nReferences to subrequests must include the name of the main request and may include the subrequest using the format <main request>[/<subrequest>]. If just the main request is given, the configuration applies to all subrequests.",
 }
 
 func (DeviceClaimConfiguration) SwaggerDoc() map[string]string {
@@ -190,7 +214,7 @@ func (DeviceConfiguration) SwaggerDoc() map[string]string {
 
 var map_DeviceConstraint = map[string]string{
 	"":               "DeviceConstraint must have exactly one field set besides Requests.",
-	"requests":       "Requests is a list of the one or more requests in this claim which must co-satisfy this constraint. If a request is fulfilled by multiple devices, then all of the devices must satisfy the constraint. If this is not specified, this constraint applies to all requests in this claim.",
+	"requests":       "Requests is a list of the one or more requests in this claim which must co-satisfy this constraint. If a request is fulfilled by multiple devices, then all of the devices must satisfy the constraint. If this is not specified, this constraint applies to all requests in this claim.\n\nReferences to subrequests must include the name of the main request and may include the subrequest using the format <main request>[/<subrequest>]. If just the main request is given, the constraint applies to all subrequests.",
 	"matchAttribute": "MatchAttribute requires that all devices in question have this attribute and that its type and value are the same across those devices.\n\nFor example, if you specified \"dra.example.com/numa\" (a hypothetical example!), then only devices in the same NUMA node will be chosen. A device which does not have that attribute will not be chosen. All devices should use a value of the same type for this attribute because that is part of its specification, but if one device doesn't, then it also will not be chosen.\n\nMust include the domain qualifier.",
 }
 
@@ -198,14 +222,26 @@ func (DeviceConstraint) SwaggerDoc() map[string]string {
 	return map_DeviceConstraint
 }
 
+var map_DeviceCounterConsumption = map[string]string{
+	"":           "DeviceCounterConsumption defines a set of counters that a device will consume from a CounterSet.",
+	"counterSet": "CounterSet is the name of the set from which the counters defined will be consumed.",
+	"counters":   "Counters defines the counters that will be consumed by the device.\n\nThe maximum number counters in a device is 32. In addition, the maximum number of all counters in all devices is 1024 (for example, 64 devices with 16 counters each).",
+}
+
+func (DeviceCounterConsumption) SwaggerDoc() map[string]string {
+	return map_DeviceCounterConsumption
+}
+
 var map_DeviceRequest = map[string]string{
-	"":                "DeviceRequest is a request for devices required for a claim. This is typically a request for a single resource like a device, but can also ask for several identical devices.\n\nA DeviceClassName is currently required. Clients must check that it is indeed set. It's absence indicates that something changed in a way that is not supported by the client yet, in which case it must refuse to handle the request.",
-	"name":            "Name can be used to reference this request in a pod.spec.containers[].resources.claims entry and in a constraint of the claim.\n\nMust be a DNS label.",
-	"deviceClassName": "DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this request.\n\nA class is required. Which classes are available depends on the cluster.\n\nAdministrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.",
-	"selectors":       "Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this request. All selectors must be satisfied for a device to be considered.",
-	"allocationMode":  "AllocationMode and its related fields define how devices are allocated to satisfy this request. Supported values are:\n\n- ExactCount: This request is for a specific number of devices.\n  This is the default. The exact number is provided in the\n  count field.\n\n- All: This request is for all of the matching devices in a pool.\n  Allocation will fail if some devices are already allocated,\n  unless adminAccess is requested.\n\nIf AlloctionMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other requests must specify this field.\n\nMore modes may get added in the future. Clients must refuse to handle requests with unknown modes.",
-	"count":           "Count is used only when the count mode is \"ExactCount\". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.",
-	"adminAccess":     "AdminAccess indicates that this is a claim for administrative access to the device(s). Claims with AdminAccess are expected to be used for monitoring or other management services for a device.  They ignore all ordinary claims to the device with respect to access modes and any resource allocations.\n\nThis is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.",
+	"":                "DeviceRequest is a request for devices required for a claim. This is typically a request for a single resource like a device, but can also ask for several identical devices.",
+	"name":            "Name can be used to reference this request in a pod.spec.containers[].resources.claims entry and in a constraint of the claim.\n\nMust be a DNS label and unique among all DeviceRequests in a ResourceClaim.",
+	"deviceClassName": "DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this request.\n\nA class is required if no subrequests are specified in the firstAvailable list and no class can be set if subrequests are specified in the firstAvailable list. Which classes are available depends on the cluster.\n\nAdministrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.",
+	"selectors":       "Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this request. All selectors must be satisfied for a device to be considered.\n\nThis field can only be set when deviceClassName is set and no subrequests are specified in the firstAvailable list.",
+	"allocationMode":  "AllocationMode and its related fields define how devices are allocated to satisfy this request. Supported values are:\n\n- ExactCount: This request is for a specific number of devices.\n  This is the default. The exact number is provided in the\n  count field.\n\n- All: This request is for all of the matching devices in a pool.\n  At least one device must exist on the node for the allocation to succeed.\n  Allocation will fail if some devices are already allocated,\n  unless adminAccess is requested.\n\nIf AllocationMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other requests must specify this field.\n\nThis field can only be set when deviceClassName is set and no subrequests are specified in the firstAvailable list.\n\nMore modes may get added in the future. Clients must refuse to handle requests with unknown modes.",
+	"count":           "Count is used only when the count mode is \"ExactCount\". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.\n\nThis field can only be set when deviceClassName is set and no subrequests are specified in the firstAvailable list.",
+	"adminAccess":     "AdminAccess indicates that this is a claim for administrative access to the device(s). Claims with AdminAccess are expected to be used for monitoring or other management services for a device.  They ignore all ordinary claims to the device with respect to access modes and any resource allocations.\n\nThis field can only be set when deviceClassName is set and no subrequests are specified in the firstAvailable list.\n\nThis is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.",
+	"firstAvailable":  "FirstAvailable contains subrequests, of which exactly one will be satisfied by the scheduler to satisfy this request. It tries to satisfy them in the order in which they are listed here. So if there are two entries in the list, the scheduler will only check the second one if it determines that the first one cannot be used.\n\nThis field may only be set in the entries of DeviceClaim.Requests.\n\nDRA does not yet implement scoring, so the scheduler will select the first set of devices that satisfies all the requests in the claim. And if the requirements can be satisfied on more than one node, other scheduling features will determine which node is chosen. This means that the set of devices allocated to a claim might not be the optimal set available to the cluster. Scoring will be implemented later.",
+	"tolerations":     "If specified, the request's tolerations.\n\nTolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute.\n\nIn addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated.\n\nThe maximum number of tolerations is 16.\n\nThis field can only be set when deviceClassName is set and no subrequests are specified in the firstAvailable list.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
 }
 
 func (DeviceRequest) SwaggerDoc() map[string]string {
@@ -214,11 +250,12 @@ func (DeviceRequest) SwaggerDoc() map[string]string {
 
 var map_DeviceRequestAllocationResult = map[string]string{
 	"":            "DeviceRequestAllocationResult contains the allocation result for one request.",
-	"request":     "Request is the name of the request in the claim which caused this device to be allocated. Multiple devices may have been allocated per request.",
+	"request":     "Request is the name of the request in the claim which caused this device to be allocated. If it references a subrequest in the firstAvailable list on a DeviceRequest, this field must include both the name of the main request and the subrequest using the format <main request>/<subrequest>.\n\nMultiple devices may have been allocated per request.",
 	"driver":      "Driver specifies the name of the DRA driver whose kubelet plugin should be invoked to process the allocation once the claim is needed on a node.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver.",
 	"pool":        "This name together with the driver name and the device name field identify which device was allocated (`<driver name>/<pool name>/<device name>`).\n\nMust not be longer than 253 characters and may contain one or more DNS sub-domains separated by slashes.",
 	"device":      "Device references one device instance via its name in the driver's resource pool. It must be a DNS label.",
 	"adminAccess": "AdminAccess indicates that this device was allocated for administrative access. See the corresponding request field for a definition of mode.\n\nThis is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.",
+	"tolerations": "A copy of all tolerations specified in the request at the time when the device got allocated.\n\nThe maximum number of tolerations is 16.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
 }
 
 func (DeviceRequestAllocationResult) SwaggerDoc() map[string]string {
@@ -234,10 +271,49 @@ func (DeviceSelector) SwaggerDoc() map[string]string {
 	return map_DeviceSelector
 }
 
+var map_DeviceSubRequest = map[string]string{
+	"":                "DeviceSubRequest describes a request for device provided in the claim.spec.devices.requests[].firstAvailable array. Each is typically a request for a single resource like a device, but can also ask for several identical devices.\n\nDeviceSubRequest is similar to Request, but doesn't expose the AdminAccess or FirstAvailable fields, as those can only be set on the top-level request. AdminAccess is not supported for requests with a prioritized list, and recursive FirstAvailable fields are not supported.",
+	"name":            "Name can be used to reference this subrequest in the list of constraints or the list of configurations for the claim. References must use the format <main request>/<subrequest>.\n\nMust be a DNS label.",
+	"deviceClassName": "DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this subrequest.\n\nA class is required. Which classes are available depends on the cluster.\n\nAdministrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.",
+	"selectors":       "Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this subrequest. All selectors must be satisfied for a device to be considered.",
+	"allocationMode":  "AllocationMode and its related fields define how devices are allocated to satisfy this subrequest. Supported values are:\n\n- ExactCount: This request is for a specific number of devices.\n  This is the default. The exact number is provided in the\n  count field.\n\n- All: This subrequest is for all of the matching devices in a pool.\n  Allocation will fail if some devices are already allocated,\n  unless adminAccess is requested.\n\nIf AllocationMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other subrequests must specify this field.\n\nMore modes may get added in the future. Clients must refuse to handle requests with unknown modes.",
+	"count":           "Count is used only when the count mode is \"ExactCount\". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.",
+	"tolerations":     "If specified, the request's tolerations.\n\nTolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute.\n\nIn addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated.\n\nThe maximum number of tolerations is 16.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
+}
+
+func (DeviceSubRequest) SwaggerDoc() map[string]string {
+	return map_DeviceSubRequest
+}
+
+var map_DeviceTaint = map[string]string{
+	"":          "The device this taint is attached to has the \"effect\" on any claim which does not tolerate the taint and, through the claim, to pods using the claim.",
+	"key":       "The taint key to be applied to a device. Must be a label name.",
+	"value":     "The taint value corresponding to the taint key. Must be a label value.",
+	"effect":    "The effect of the taint on claims that do not tolerate the taint and through such claims on the pods using them. Valid effects are NoSchedule and NoExecute. PreferNoSchedule as used for nodes is not valid here.",
+	"timeAdded": "TimeAdded represents the time at which the taint was added. Added automatically during create or update if not set.",
+}
+
+func (DeviceTaint) SwaggerDoc() map[string]string {
+	return map_DeviceTaint
+}
+
+var map_DeviceToleration = map[string]string{
+	"":                  "The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.",
+	"key":               "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. Must be a label name.",
+	"operator":          "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a ResourceClaim can tolerate all taints of a particular category.",
+	"value":             "Value is the taint value the toleration matches to. If the operator is Exists, the value must be empty, otherwise just a regular string. Must be a label value.",
+	"effect":            "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule and NoExecute.",
+	"tolerationSeconds": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. If larger than zero, the time when the pod needs to be evicted is calculated as <time when taint was adedd> + <toleration seconds>.",
+}
+
+func (DeviceToleration) SwaggerDoc() map[string]string {
+	return map_DeviceToleration
+}
+
 var map_NetworkDeviceData = map[string]string{
 	"":                "NetworkDeviceData provides network-related details for the allocated device. This information may be filled by drivers or other components to configure or identify the device within a network context.",
 	"interfaceName":   "InterfaceName specifies the name of the network interface associated with the allocated device. This might be the name of a physical or virtual network interface being configured in the pod.\n\nMust not be longer than 256 characters.",
-	"ips":             "IPs lists the network addresses assigned to the device's network interface. This can include both IPv4 and IPv6 addresses. The IPs are in the CIDR notation, which includes both the address and the associated subnet mask. e.g.: \"192.0.2.5/24\" for IPv4 and \"2001:db8::5/64\" for IPv6.",
+	"ips":             "IPs lists the network addresses assigned to the device's network interface. This can include both IPv4 and IPv6 addresses. The IPs are in the CIDR notation, which includes both the address and the associated subnet mask. e.g.: \"192.0.2.5/24\" for IPv4 and \"2001:db8::5/64\" for IPv6.\n\nMust not contain more than 16 entries.",
 	"hardwareAddress": "HardwareAddress represents the hardware address (e.g. MAC Address) of the device's network interface.\n\nMust not be longer than 128 characters.",
 }
 
@@ -370,13 +446,15 @@ func (ResourceSliceList) SwaggerDoc() map[string]string {
 }
 
 var map_ResourceSliceSpec = map[string]string{
-	"":             "ResourceSliceSpec contains the information published by the driver in one ResourceSlice.",
-	"driver":       "Driver identifies the DRA driver providing the capacity information. A field selector can be used to list only ResourceSlice objects with a certain driver name.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. This field is immutable.",
-	"pool":         "Pool describes the pool that this ResourceSlice belongs to.",
-	"nodeName":     "NodeName identifies the node which provides the resources in this pool. A field selector can be used to list only ResourceSlice objects belonging to a certain node.\n\nThis field can be used to limit access from nodes to ResourceSlices with the same node name. It also indicates to autoscalers that adding new nodes of the same type as some old node might also make new resources available.\n\nExactly one of NodeName, NodeSelector and AllNodes must be set. This field is immutable.",
-	"nodeSelector": "NodeSelector defines which nodes have access to the resources in the pool, when that pool is not limited to a single node.\n\nMust use exactly one term.\n\nExactly one of NodeName, NodeSelector and AllNodes must be set.",
-	"allNodes":     "AllNodes indicates that all nodes have access to the resources in the pool.\n\nExactly one of NodeName, NodeSelector and AllNodes must be set.",
-	"devices":      "Devices lists some or all of the devices in this pool.\n\nMust not have more than 128 entries.",
+	"":                       "ResourceSliceSpec contains the information published by the driver in one ResourceSlice.",
+	"driver":                 "Driver identifies the DRA driver providing the capacity information. A field selector can be used to list only ResourceSlice objects with a certain driver name.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. This field is immutable.",
+	"pool":                   "Pool describes the pool that this ResourceSlice belongs to.",
+	"nodeName":               "NodeName identifies the node which provides the resources in this pool. A field selector can be used to list only ResourceSlice objects belonging to a certain node.\n\nThis field can be used to limit access from nodes to ResourceSlices with the same node name. It also indicates to autoscalers that adding new nodes of the same type as some old node might also make new resources available.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set. This field is immutable.",
+	"nodeSelector":           "NodeSelector defines which nodes have access to the resources in the pool, when that pool is not limited to a single node.\n\nMust use exactly one term.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.",
+	"allNodes":               "AllNodes indicates that all nodes have access to the resources in the pool.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.",
+	"devices":                "Devices lists some or all of the devices in this pool.\n\nMust not have more than 128 entries.",
+	"perDeviceNodeSelection": "PerDeviceNodeSelection defines whether the access from nodes to resources in the pool is set on the ResourceSlice level or on each device. If it is set to true, every device defined the ResourceSlice must specify this individually.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.",
+	"sharedCounters":         "SharedCounters defines a list of counter sets, each of which has a name and a list of counters available.\n\nThe names of the SharedCounters must be unique in the ResourceSlice.\n\nThe maximum number of SharedCounters is 32.",
 }
 
 func (ResourceSliceSpec) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/resource/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/resource/v1beta1/zz_generated.deepcopy.go
index 3be61333ff..7732df6a0c 100644
--- a/vendor/k8s.io/api/resource/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/resource/v1beta1/zz_generated.deepcopy.go
@@ -37,7 +37,11 @@ func (in *AllocatedDeviceStatus) DeepCopyInto(out *AllocatedDeviceStatus) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
-	in.Data.DeepCopyInto(&out.Data)
+	if in.Data != nil {
+		in, out := &in.Data, &out.Data
+		*out = new(runtime.RawExtension)
+		(*in).DeepCopyInto(*out)
+	}
 	if in.NetworkData != nil {
 		in, out := &in.NetworkData, &out.NetworkData
 		*out = new(NetworkDeviceData)
@@ -95,6 +99,35 @@ func (in *BasicDevice) DeepCopyInto(out *BasicDevice) {
 			(*out)[key] = *val.DeepCopy()
 		}
 	}
+	if in.ConsumesCounters != nil {
+		in, out := &in.ConsumesCounters, &out.ConsumesCounters
+		*out = make([]DeviceCounterConsumption, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.NodeName != nil {
+		in, out := &in.NodeName, &out.NodeName
+		*out = new(string)
+		**out = **in
+	}
+	if in.NodeSelector != nil {
+		in, out := &in.NodeSelector, &out.NodeSelector
+		*out = new(corev1.NodeSelector)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.AllNodes != nil {
+		in, out := &in.AllNodes, &out.AllNodes
+		*out = new(bool)
+		**out = **in
+	}
+	if in.Taints != nil {
+		in, out := &in.Taints, &out.Taints
+		*out = make([]DeviceTaint, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 	return
 }
 
@@ -124,6 +157,46 @@ func (in *CELDeviceSelector) DeepCopy() *CELDeviceSelector {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Counter) DeepCopyInto(out *Counter) {
+	*out = *in
+	out.Value = in.Value.DeepCopy()
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Counter.
+func (in *Counter) DeepCopy() *Counter {
+	if in == nil {
+		return nil
+	}
+	out := new(Counter)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CounterSet) DeepCopyInto(out *CounterSet) {
+	*out = *in
+	if in.Counters != nil {
+		in, out := &in.Counters, &out.Counters
+		*out = make(map[string]Counter, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CounterSet.
+func (in *CounterSet) DeepCopy() *CounterSet {
+	if in == nil {
+		return nil
+	}
+	out := new(CounterSet)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Device) DeepCopyInto(out *Device) {
 	*out = *in
@@ -463,6 +536,29 @@ func (in *DeviceConstraint) DeepCopy() *DeviceConstraint {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceCounterConsumption) DeepCopyInto(out *DeviceCounterConsumption) {
+	*out = *in
+	if in.Counters != nil {
+		in, out := &in.Counters, &out.Counters
+		*out = make(map[string]Counter, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceCounterConsumption.
+func (in *DeviceCounterConsumption) DeepCopy() *DeviceCounterConsumption {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceCounterConsumption)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DeviceRequest) DeepCopyInto(out *DeviceRequest) {
 	*out = *in
@@ -478,6 +574,20 @@ func (in *DeviceRequest) DeepCopyInto(out *DeviceRequest) {
 		*out = new(bool)
 		**out = **in
 	}
+	if in.FirstAvailable != nil {
+		in, out := &in.FirstAvailable, &out.FirstAvailable
+		*out = make([]DeviceSubRequest, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.Tolerations != nil {
+		in, out := &in.Tolerations, &out.Tolerations
+		*out = make([]DeviceToleration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 	return
 }
 
@@ -499,6 +609,13 @@ func (in *DeviceRequestAllocationResult) DeepCopyInto(out *DeviceRequestAllocati
 		*out = new(bool)
 		**out = **in
 	}
+	if in.Tolerations != nil {
+		in, out := &in.Tolerations, &out.Tolerations
+		*out = make([]DeviceToleration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 	return
 }
 
@@ -533,6 +650,77 @@ func (in *DeviceSelector) DeepCopy() *DeviceSelector {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceSubRequest) DeepCopyInto(out *DeviceSubRequest) {
+	*out = *in
+	if in.Selectors != nil {
+		in, out := &in.Selectors, &out.Selectors
+		*out = make([]DeviceSelector, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.Tolerations != nil {
+		in, out := &in.Tolerations, &out.Tolerations
+		*out = make([]DeviceToleration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSubRequest.
+func (in *DeviceSubRequest) DeepCopy() *DeviceSubRequest {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceSubRequest)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceTaint) DeepCopyInto(out *DeviceTaint) {
+	*out = *in
+	if in.TimeAdded != nil {
+		in, out := &in.TimeAdded, &out.TimeAdded
+		*out = (*in).DeepCopy()
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceTaint.
+func (in *DeviceTaint) DeepCopy() *DeviceTaint {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceTaint)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceToleration) DeepCopyInto(out *DeviceToleration) {
+	*out = *in
+	if in.TolerationSeconds != nil {
+		in, out := &in.TolerationSeconds, &out.TolerationSeconds
+		*out = new(int64)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceToleration.
+func (in *DeviceToleration) DeepCopy() *DeviceToleration {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceToleration)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *NetworkDeviceData) DeepCopyInto(out *NetworkDeviceData) {
 	*out = *in
@@ -868,6 +1056,18 @@ func (in *ResourceSliceSpec) DeepCopyInto(out *ResourceSliceSpec) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.PerDeviceNodeSelection != nil {
+		in, out := &in.PerDeviceNodeSelection, &out.PerDeviceNodeSelection
+		*out = new(bool)
+		**out = **in
+	}
+	if in.SharedCounters != nil {
+		in, out := &in.SharedCounters, &out.SharedCounters
+		*out = make([]CounterSet, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 	return
 }
 
diff --git a/vendor/k8s.io/api/resource/v1beta2/devicetaint.go b/vendor/k8s.io/api/resource/v1beta2/devicetaint.go
new file mode 100644
index 0000000000..c936760022
--- /dev/null
+++ b/vendor/k8s.io/api/resource/v1beta2/devicetaint.go
@@ -0,0 +1,35 @@
+/*
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta2
+
+import "fmt"
+
+var _ fmt.Stringer = DeviceTaint{}
+
+// String converts to a string in the format '<key>=<value>:<effect>', '<key>=<value>:', '<key>:<effect>', or '<key>'.
+func (t DeviceTaint) String() string {
+	if len(t.Effect) == 0 {
+		if len(t.Value) == 0 {
+			return fmt.Sprintf("%v", t.Key)
+		}
+		return fmt.Sprintf("%v=%v:", t.Key, t.Value)
+	}
+	if len(t.Value) == 0 {
+		return fmt.Sprintf("%v:%v", t.Key, t.Effect)
+	}
+	return fmt.Sprintf("%v=%v:%v", t.Key, t.Value, t.Effect)
+}
diff --git a/vendor/k8s.io/api/resource/v1beta2/doc.go b/vendor/k8s.io/api/resource/v1beta2/doc.go
new file mode 100644
index 0000000000..365113ae4e
--- /dev/null
+++ b/vendor/k8s.io/api/resource/v1beta2/doc.go
@@ -0,0 +1,24 @@
+/*
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:openapi-gen=true
+// +k8s:deepcopy-gen=package
+// +k8s:protobuf-gen=package
+// +k8s:prerelease-lifecycle-gen=true
+// +groupName=resource.k8s.io
+
+// Package v1beta2 is the v1beta2 version of the resource API.
+package v1beta2
diff --git a/vendor/k8s.io/api/resource/v1beta2/generated.pb.go b/vendor/k8s.io/api/resource/v1beta2/generated.pb.go
new file mode 100644
index 0000000000..d14cdf56a7
--- /dev/null
+++ b/vendor/k8s.io/api/resource/v1beta2/generated.pb.go
@@ -0,0 +1,11047 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by protoc-gen-gogo. DO NOT EDIT.
+// source: k8s.io/api/resource/v1beta2/generated.proto
+
+package v1beta2
+
+import (
+	fmt "fmt"
+
+	io "io"
+
+	proto "github.com/gogo/protobuf/proto"
+	github_com_gogo_protobuf_sortkeys "github.com/gogo/protobuf/sortkeys"
+	v11 "k8s.io/api/core/v1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+
+	math "math"
+	math_bits "math/bits"
+	reflect "reflect"
+	strings "strings"
+
+	k8s_io_apimachinery_pkg_types "k8s.io/apimachinery/pkg/types"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package
+
+func (m *AllocatedDeviceStatus) Reset()      { *m = AllocatedDeviceStatus{} }
+func (*AllocatedDeviceStatus) ProtoMessage() {}
+func (*AllocatedDeviceStatus) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{0}
+}
+func (m *AllocatedDeviceStatus) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *AllocatedDeviceStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *AllocatedDeviceStatus) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_AllocatedDeviceStatus.Merge(m, src)
+}
+func (m *AllocatedDeviceStatus) XXX_Size() int {
+	return m.Size()
+}
+func (m *AllocatedDeviceStatus) XXX_DiscardUnknown() {
+	xxx_messageInfo_AllocatedDeviceStatus.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_AllocatedDeviceStatus proto.InternalMessageInfo
+
+func (m *AllocationResult) Reset()      { *m = AllocationResult{} }
+func (*AllocationResult) ProtoMessage() {}
+func (*AllocationResult) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{1}
+}
+func (m *AllocationResult) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *AllocationResult) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *AllocationResult) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_AllocationResult.Merge(m, src)
+}
+func (m *AllocationResult) XXX_Size() int {
+	return m.Size()
+}
+func (m *AllocationResult) XXX_DiscardUnknown() {
+	xxx_messageInfo_AllocationResult.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_AllocationResult proto.InternalMessageInfo
+
+func (m *CELDeviceSelector) Reset()      { *m = CELDeviceSelector{} }
+func (*CELDeviceSelector) ProtoMessage() {}
+func (*CELDeviceSelector) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{2}
+}
+func (m *CELDeviceSelector) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *CELDeviceSelector) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *CELDeviceSelector) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_CELDeviceSelector.Merge(m, src)
+}
+func (m *CELDeviceSelector) XXX_Size() int {
+	return m.Size()
+}
+func (m *CELDeviceSelector) XXX_DiscardUnknown() {
+	xxx_messageInfo_CELDeviceSelector.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_CELDeviceSelector proto.InternalMessageInfo
+
+func (m *Counter) Reset()      { *m = Counter{} }
+func (*Counter) ProtoMessage() {}
+func (*Counter) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{3}
+}
+func (m *Counter) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *Counter) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *Counter) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_Counter.Merge(m, src)
+}
+func (m *Counter) XXX_Size() int {
+	return m.Size()
+}
+func (m *Counter) XXX_DiscardUnknown() {
+	xxx_messageInfo_Counter.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_Counter proto.InternalMessageInfo
+
+func (m *CounterSet) Reset()      { *m = CounterSet{} }
+func (*CounterSet) ProtoMessage() {}
+func (*CounterSet) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{4}
+}
+func (m *CounterSet) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *CounterSet) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *CounterSet) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_CounterSet.Merge(m, src)
+}
+func (m *CounterSet) XXX_Size() int {
+	return m.Size()
+}
+func (m *CounterSet) XXX_DiscardUnknown() {
+	xxx_messageInfo_CounterSet.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_CounterSet proto.InternalMessageInfo
+
+func (m *Device) Reset()      { *m = Device{} }
+func (*Device) ProtoMessage() {}
+func (*Device) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{5}
+}
+func (m *Device) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *Device) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *Device) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_Device.Merge(m, src)
+}
+func (m *Device) XXX_Size() int {
+	return m.Size()
+}
+func (m *Device) XXX_DiscardUnknown() {
+	xxx_messageInfo_Device.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_Device proto.InternalMessageInfo
+
+func (m *DeviceAllocationConfiguration) Reset()      { *m = DeviceAllocationConfiguration{} }
+func (*DeviceAllocationConfiguration) ProtoMessage() {}
+func (*DeviceAllocationConfiguration) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{6}
+}
+func (m *DeviceAllocationConfiguration) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceAllocationConfiguration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceAllocationConfiguration) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceAllocationConfiguration.Merge(m, src)
+}
+func (m *DeviceAllocationConfiguration) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceAllocationConfiguration) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceAllocationConfiguration.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceAllocationConfiguration proto.InternalMessageInfo
+
+func (m *DeviceAllocationResult) Reset()      { *m = DeviceAllocationResult{} }
+func (*DeviceAllocationResult) ProtoMessage() {}
+func (*DeviceAllocationResult) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{7}
+}
+func (m *DeviceAllocationResult) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceAllocationResult) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceAllocationResult) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceAllocationResult.Merge(m, src)
+}
+func (m *DeviceAllocationResult) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceAllocationResult) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceAllocationResult.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceAllocationResult proto.InternalMessageInfo
+
+func (m *DeviceAttribute) Reset()      { *m = DeviceAttribute{} }
+func (*DeviceAttribute) ProtoMessage() {}
+func (*DeviceAttribute) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{8}
+}
+func (m *DeviceAttribute) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceAttribute) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceAttribute) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceAttribute.Merge(m, src)
+}
+func (m *DeviceAttribute) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceAttribute) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceAttribute.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceAttribute proto.InternalMessageInfo
+
+func (m *DeviceCapacity) Reset()      { *m = DeviceCapacity{} }
+func (*DeviceCapacity) ProtoMessage() {}
+func (*DeviceCapacity) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{9}
+}
+func (m *DeviceCapacity) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceCapacity) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceCapacity) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceCapacity.Merge(m, src)
+}
+func (m *DeviceCapacity) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceCapacity) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceCapacity.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceCapacity proto.InternalMessageInfo
+
+func (m *DeviceClaim) Reset()      { *m = DeviceClaim{} }
+func (*DeviceClaim) ProtoMessage() {}
+func (*DeviceClaim) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{10}
+}
+func (m *DeviceClaim) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceClaim) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceClaim) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceClaim.Merge(m, src)
+}
+func (m *DeviceClaim) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceClaim) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceClaim.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceClaim proto.InternalMessageInfo
+
+func (m *DeviceClaimConfiguration) Reset()      { *m = DeviceClaimConfiguration{} }
+func (*DeviceClaimConfiguration) ProtoMessage() {}
+func (*DeviceClaimConfiguration) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{11}
+}
+func (m *DeviceClaimConfiguration) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceClaimConfiguration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceClaimConfiguration) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceClaimConfiguration.Merge(m, src)
+}
+func (m *DeviceClaimConfiguration) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceClaimConfiguration) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceClaimConfiguration.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceClaimConfiguration proto.InternalMessageInfo
+
+func (m *DeviceClass) Reset()      { *m = DeviceClass{} }
+func (*DeviceClass) ProtoMessage() {}
+func (*DeviceClass) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{12}
+}
+func (m *DeviceClass) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceClass) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceClass) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceClass.Merge(m, src)
+}
+func (m *DeviceClass) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceClass) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceClass.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceClass proto.InternalMessageInfo
+
+func (m *DeviceClassConfiguration) Reset()      { *m = DeviceClassConfiguration{} }
+func (*DeviceClassConfiguration) ProtoMessage() {}
+func (*DeviceClassConfiguration) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{13}
+}
+func (m *DeviceClassConfiguration) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceClassConfiguration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceClassConfiguration) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceClassConfiguration.Merge(m, src)
+}
+func (m *DeviceClassConfiguration) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceClassConfiguration) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceClassConfiguration.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceClassConfiguration proto.InternalMessageInfo
+
+func (m *DeviceClassList) Reset()      { *m = DeviceClassList{} }
+func (*DeviceClassList) ProtoMessage() {}
+func (*DeviceClassList) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{14}
+}
+func (m *DeviceClassList) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceClassList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceClassList) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceClassList.Merge(m, src)
+}
+func (m *DeviceClassList) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceClassList) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceClassList.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceClassList proto.InternalMessageInfo
+
+func (m *DeviceClassSpec) Reset()      { *m = DeviceClassSpec{} }
+func (*DeviceClassSpec) ProtoMessage() {}
+func (*DeviceClassSpec) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{15}
+}
+func (m *DeviceClassSpec) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceClassSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceClassSpec) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceClassSpec.Merge(m, src)
+}
+func (m *DeviceClassSpec) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceClassSpec) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceClassSpec.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceClassSpec proto.InternalMessageInfo
+
+func (m *DeviceConfiguration) Reset()      { *m = DeviceConfiguration{} }
+func (*DeviceConfiguration) ProtoMessage() {}
+func (*DeviceConfiguration) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{16}
+}
+func (m *DeviceConfiguration) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceConfiguration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceConfiguration) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceConfiguration.Merge(m, src)
+}
+func (m *DeviceConfiguration) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceConfiguration) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceConfiguration.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceConfiguration proto.InternalMessageInfo
+
+func (m *DeviceConstraint) Reset()      { *m = DeviceConstraint{} }
+func (*DeviceConstraint) ProtoMessage() {}
+func (*DeviceConstraint) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{17}
+}
+func (m *DeviceConstraint) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceConstraint) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceConstraint) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceConstraint.Merge(m, src)
+}
+func (m *DeviceConstraint) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceConstraint) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceConstraint.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceConstraint proto.InternalMessageInfo
+
+func (m *DeviceCounterConsumption) Reset()      { *m = DeviceCounterConsumption{} }
+func (*DeviceCounterConsumption) ProtoMessage() {}
+func (*DeviceCounterConsumption) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{18}
+}
+func (m *DeviceCounterConsumption) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceCounterConsumption) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceCounterConsumption) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceCounterConsumption.Merge(m, src)
+}
+func (m *DeviceCounterConsumption) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceCounterConsumption) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceCounterConsumption.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceCounterConsumption proto.InternalMessageInfo
+
+func (m *DeviceRequest) Reset()      { *m = DeviceRequest{} }
+func (*DeviceRequest) ProtoMessage() {}
+func (*DeviceRequest) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{19}
+}
+func (m *DeviceRequest) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceRequest) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceRequest.Merge(m, src)
+}
+func (m *DeviceRequest) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceRequest) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceRequest.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceRequest proto.InternalMessageInfo
+
+func (m *DeviceRequestAllocationResult) Reset()      { *m = DeviceRequestAllocationResult{} }
+func (*DeviceRequestAllocationResult) ProtoMessage() {}
+func (*DeviceRequestAllocationResult) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{20}
+}
+func (m *DeviceRequestAllocationResult) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceRequestAllocationResult) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceRequestAllocationResult) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceRequestAllocationResult.Merge(m, src)
+}
+func (m *DeviceRequestAllocationResult) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceRequestAllocationResult) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceRequestAllocationResult.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceRequestAllocationResult proto.InternalMessageInfo
+
+func (m *DeviceSelector) Reset()      { *m = DeviceSelector{} }
+func (*DeviceSelector) ProtoMessage() {}
+func (*DeviceSelector) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{21}
+}
+func (m *DeviceSelector) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceSelector) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceSelector) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceSelector.Merge(m, src)
+}
+func (m *DeviceSelector) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceSelector) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceSelector.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceSelector proto.InternalMessageInfo
+
+func (m *DeviceSubRequest) Reset()      { *m = DeviceSubRequest{} }
+func (*DeviceSubRequest) ProtoMessage() {}
+func (*DeviceSubRequest) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{22}
+}
+func (m *DeviceSubRequest) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceSubRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceSubRequest) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceSubRequest.Merge(m, src)
+}
+func (m *DeviceSubRequest) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceSubRequest) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceSubRequest.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceSubRequest proto.InternalMessageInfo
+
+func (m *DeviceTaint) Reset()      { *m = DeviceTaint{} }
+func (*DeviceTaint) ProtoMessage() {}
+func (*DeviceTaint) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{23}
+}
+func (m *DeviceTaint) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceTaint) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceTaint) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceTaint.Merge(m, src)
+}
+func (m *DeviceTaint) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceTaint) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceTaint.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceTaint proto.InternalMessageInfo
+
+func (m *DeviceToleration) Reset()      { *m = DeviceToleration{} }
+func (*DeviceToleration) ProtoMessage() {}
+func (*DeviceToleration) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{24}
+}
+func (m *DeviceToleration) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *DeviceToleration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *DeviceToleration) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_DeviceToleration.Merge(m, src)
+}
+func (m *DeviceToleration) XXX_Size() int {
+	return m.Size()
+}
+func (m *DeviceToleration) XXX_DiscardUnknown() {
+	xxx_messageInfo_DeviceToleration.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_DeviceToleration proto.InternalMessageInfo
+
+func (m *ExactDeviceRequest) Reset()      { *m = ExactDeviceRequest{} }
+func (*ExactDeviceRequest) ProtoMessage() {}
+func (*ExactDeviceRequest) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{25}
+}
+func (m *ExactDeviceRequest) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ExactDeviceRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ExactDeviceRequest) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ExactDeviceRequest.Merge(m, src)
+}
+func (m *ExactDeviceRequest) XXX_Size() int {
+	return m.Size()
+}
+func (m *ExactDeviceRequest) XXX_DiscardUnknown() {
+	xxx_messageInfo_ExactDeviceRequest.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ExactDeviceRequest proto.InternalMessageInfo
+
+func (m *NetworkDeviceData) Reset()      { *m = NetworkDeviceData{} }
+func (*NetworkDeviceData) ProtoMessage() {}
+func (*NetworkDeviceData) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{26}
+}
+func (m *NetworkDeviceData) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *NetworkDeviceData) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *NetworkDeviceData) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_NetworkDeviceData.Merge(m, src)
+}
+func (m *NetworkDeviceData) XXX_Size() int {
+	return m.Size()
+}
+func (m *NetworkDeviceData) XXX_DiscardUnknown() {
+	xxx_messageInfo_NetworkDeviceData.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_NetworkDeviceData proto.InternalMessageInfo
+
+func (m *OpaqueDeviceConfiguration) Reset()      { *m = OpaqueDeviceConfiguration{} }
+func (*OpaqueDeviceConfiguration) ProtoMessage() {}
+func (*OpaqueDeviceConfiguration) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{27}
+}
+func (m *OpaqueDeviceConfiguration) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *OpaqueDeviceConfiguration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *OpaqueDeviceConfiguration) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_OpaqueDeviceConfiguration.Merge(m, src)
+}
+func (m *OpaqueDeviceConfiguration) XXX_Size() int {
+	return m.Size()
+}
+func (m *OpaqueDeviceConfiguration) XXX_DiscardUnknown() {
+	xxx_messageInfo_OpaqueDeviceConfiguration.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_OpaqueDeviceConfiguration proto.InternalMessageInfo
+
+func (m *ResourceClaim) Reset()      { *m = ResourceClaim{} }
+func (*ResourceClaim) ProtoMessage() {}
+func (*ResourceClaim) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{28}
+}
+func (m *ResourceClaim) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceClaim) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceClaim) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceClaim.Merge(m, src)
+}
+func (m *ResourceClaim) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceClaim) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceClaim.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceClaim proto.InternalMessageInfo
+
+func (m *ResourceClaimConsumerReference) Reset()      { *m = ResourceClaimConsumerReference{} }
+func (*ResourceClaimConsumerReference) ProtoMessage() {}
+func (*ResourceClaimConsumerReference) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{29}
+}
+func (m *ResourceClaimConsumerReference) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceClaimConsumerReference) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceClaimConsumerReference) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceClaimConsumerReference.Merge(m, src)
+}
+func (m *ResourceClaimConsumerReference) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceClaimConsumerReference) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceClaimConsumerReference.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceClaimConsumerReference proto.InternalMessageInfo
+
+func (m *ResourceClaimList) Reset()      { *m = ResourceClaimList{} }
+func (*ResourceClaimList) ProtoMessage() {}
+func (*ResourceClaimList) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{30}
+}
+func (m *ResourceClaimList) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceClaimList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceClaimList) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceClaimList.Merge(m, src)
+}
+func (m *ResourceClaimList) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceClaimList) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceClaimList.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceClaimList proto.InternalMessageInfo
+
+func (m *ResourceClaimSpec) Reset()      { *m = ResourceClaimSpec{} }
+func (*ResourceClaimSpec) ProtoMessage() {}
+func (*ResourceClaimSpec) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{31}
+}
+func (m *ResourceClaimSpec) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceClaimSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceClaimSpec) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceClaimSpec.Merge(m, src)
+}
+func (m *ResourceClaimSpec) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceClaimSpec) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceClaimSpec.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceClaimSpec proto.InternalMessageInfo
+
+func (m *ResourceClaimStatus) Reset()      { *m = ResourceClaimStatus{} }
+func (*ResourceClaimStatus) ProtoMessage() {}
+func (*ResourceClaimStatus) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{32}
+}
+func (m *ResourceClaimStatus) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceClaimStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceClaimStatus) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceClaimStatus.Merge(m, src)
+}
+func (m *ResourceClaimStatus) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceClaimStatus) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceClaimStatus.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceClaimStatus proto.InternalMessageInfo
+
+func (m *ResourceClaimTemplate) Reset()      { *m = ResourceClaimTemplate{} }
+func (*ResourceClaimTemplate) ProtoMessage() {}
+func (*ResourceClaimTemplate) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{33}
+}
+func (m *ResourceClaimTemplate) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceClaimTemplate) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceClaimTemplate) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceClaimTemplate.Merge(m, src)
+}
+func (m *ResourceClaimTemplate) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceClaimTemplate) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceClaimTemplate.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceClaimTemplate proto.InternalMessageInfo
+
+func (m *ResourceClaimTemplateList) Reset()      { *m = ResourceClaimTemplateList{} }
+func (*ResourceClaimTemplateList) ProtoMessage() {}
+func (*ResourceClaimTemplateList) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{34}
+}
+func (m *ResourceClaimTemplateList) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceClaimTemplateList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceClaimTemplateList) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceClaimTemplateList.Merge(m, src)
+}
+func (m *ResourceClaimTemplateList) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceClaimTemplateList) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceClaimTemplateList.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceClaimTemplateList proto.InternalMessageInfo
+
+func (m *ResourceClaimTemplateSpec) Reset()      { *m = ResourceClaimTemplateSpec{} }
+func (*ResourceClaimTemplateSpec) ProtoMessage() {}
+func (*ResourceClaimTemplateSpec) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{35}
+}
+func (m *ResourceClaimTemplateSpec) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceClaimTemplateSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceClaimTemplateSpec) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceClaimTemplateSpec.Merge(m, src)
+}
+func (m *ResourceClaimTemplateSpec) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceClaimTemplateSpec) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceClaimTemplateSpec.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceClaimTemplateSpec proto.InternalMessageInfo
+
+func (m *ResourcePool) Reset()      { *m = ResourcePool{} }
+func (*ResourcePool) ProtoMessage() {}
+func (*ResourcePool) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{36}
+}
+func (m *ResourcePool) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourcePool) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourcePool) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourcePool.Merge(m, src)
+}
+func (m *ResourcePool) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourcePool) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourcePool.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourcePool proto.InternalMessageInfo
+
+func (m *ResourceSlice) Reset()      { *m = ResourceSlice{} }
+func (*ResourceSlice) ProtoMessage() {}
+func (*ResourceSlice) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{37}
+}
+func (m *ResourceSlice) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceSlice) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceSlice) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceSlice.Merge(m, src)
+}
+func (m *ResourceSlice) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceSlice) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceSlice.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceSlice proto.InternalMessageInfo
+
+func (m *ResourceSliceList) Reset()      { *m = ResourceSliceList{} }
+func (*ResourceSliceList) ProtoMessage() {}
+func (*ResourceSliceList) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{38}
+}
+func (m *ResourceSliceList) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceSliceList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceSliceList) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceSliceList.Merge(m, src)
+}
+func (m *ResourceSliceList) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceSliceList) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceSliceList.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceSliceList proto.InternalMessageInfo
+
+func (m *ResourceSliceSpec) Reset()      { *m = ResourceSliceSpec{} }
+func (*ResourceSliceSpec) ProtoMessage() {}
+func (*ResourceSliceSpec) Descriptor() ([]byte, []int) {
+	return fileDescriptor_57f2e1d27c072d6e, []int{39}
+}
+func (m *ResourceSliceSpec) XXX_Unmarshal(b []byte) error {
+	return m.Unmarshal(b)
+}
+func (m *ResourceSliceSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	b = b[:cap(b)]
+	n, err := m.MarshalToSizedBuffer(b)
+	if err != nil {
+		return nil, err
+	}
+	return b[:n], nil
+}
+func (m *ResourceSliceSpec) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_ResourceSliceSpec.Merge(m, src)
+}
+func (m *ResourceSliceSpec) XXX_Size() int {
+	return m.Size()
+}
+func (m *ResourceSliceSpec) XXX_DiscardUnknown() {
+	xxx_messageInfo_ResourceSliceSpec.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_ResourceSliceSpec proto.InternalMessageInfo
+
+func init() {
+	proto.RegisterType((*AllocatedDeviceStatus)(nil), "k8s.io.api.resource.v1beta2.AllocatedDeviceStatus")
+	proto.RegisterType((*AllocationResult)(nil), "k8s.io.api.resource.v1beta2.AllocationResult")
+	proto.RegisterType((*CELDeviceSelector)(nil), "k8s.io.api.resource.v1beta2.CELDeviceSelector")
+	proto.RegisterType((*Counter)(nil), "k8s.io.api.resource.v1beta2.Counter")
+	proto.RegisterType((*CounterSet)(nil), "k8s.io.api.resource.v1beta2.CounterSet")
+	proto.RegisterMapType((map[string]Counter)(nil), "k8s.io.api.resource.v1beta2.CounterSet.CountersEntry")
+	proto.RegisterType((*Device)(nil), "k8s.io.api.resource.v1beta2.Device")
+	proto.RegisterMapType((map[QualifiedName]DeviceAttribute)(nil), "k8s.io.api.resource.v1beta2.Device.AttributesEntry")
+	proto.RegisterMapType((map[QualifiedName]DeviceCapacity)(nil), "k8s.io.api.resource.v1beta2.Device.CapacityEntry")
+	proto.RegisterType((*DeviceAllocationConfiguration)(nil), "k8s.io.api.resource.v1beta2.DeviceAllocationConfiguration")
+	proto.RegisterType((*DeviceAllocationResult)(nil), "k8s.io.api.resource.v1beta2.DeviceAllocationResult")
+	proto.RegisterType((*DeviceAttribute)(nil), "k8s.io.api.resource.v1beta2.DeviceAttribute")
+	proto.RegisterType((*DeviceCapacity)(nil), "k8s.io.api.resource.v1beta2.DeviceCapacity")
+	proto.RegisterType((*DeviceClaim)(nil), "k8s.io.api.resource.v1beta2.DeviceClaim")
+	proto.RegisterType((*DeviceClaimConfiguration)(nil), "k8s.io.api.resource.v1beta2.DeviceClaimConfiguration")
+	proto.RegisterType((*DeviceClass)(nil), "k8s.io.api.resource.v1beta2.DeviceClass")
+	proto.RegisterType((*DeviceClassConfiguration)(nil), "k8s.io.api.resource.v1beta2.DeviceClassConfiguration")
+	proto.RegisterType((*DeviceClassList)(nil), "k8s.io.api.resource.v1beta2.DeviceClassList")
+	proto.RegisterType((*DeviceClassSpec)(nil), "k8s.io.api.resource.v1beta2.DeviceClassSpec")
+	proto.RegisterType((*DeviceConfiguration)(nil), "k8s.io.api.resource.v1beta2.DeviceConfiguration")
+	proto.RegisterType((*DeviceConstraint)(nil), "k8s.io.api.resource.v1beta2.DeviceConstraint")
+	proto.RegisterType((*DeviceCounterConsumption)(nil), "k8s.io.api.resource.v1beta2.DeviceCounterConsumption")
+	proto.RegisterMapType((map[string]Counter)(nil), "k8s.io.api.resource.v1beta2.DeviceCounterConsumption.CountersEntry")
+	proto.RegisterType((*DeviceRequest)(nil), "k8s.io.api.resource.v1beta2.DeviceRequest")
+	proto.RegisterType((*DeviceRequestAllocationResult)(nil), "k8s.io.api.resource.v1beta2.DeviceRequestAllocationResult")
+	proto.RegisterType((*DeviceSelector)(nil), "k8s.io.api.resource.v1beta2.DeviceSelector")
+	proto.RegisterType((*DeviceSubRequest)(nil), "k8s.io.api.resource.v1beta2.DeviceSubRequest")
+	proto.RegisterType((*DeviceTaint)(nil), "k8s.io.api.resource.v1beta2.DeviceTaint")
+	proto.RegisterType((*DeviceToleration)(nil), "k8s.io.api.resource.v1beta2.DeviceToleration")
+	proto.RegisterType((*ExactDeviceRequest)(nil), "k8s.io.api.resource.v1beta2.ExactDeviceRequest")
+	proto.RegisterType((*NetworkDeviceData)(nil), "k8s.io.api.resource.v1beta2.NetworkDeviceData")
+	proto.RegisterType((*OpaqueDeviceConfiguration)(nil), "k8s.io.api.resource.v1beta2.OpaqueDeviceConfiguration")
+	proto.RegisterType((*ResourceClaim)(nil), "k8s.io.api.resource.v1beta2.ResourceClaim")
+	proto.RegisterType((*ResourceClaimConsumerReference)(nil), "k8s.io.api.resource.v1beta2.ResourceClaimConsumerReference")
+	proto.RegisterType((*ResourceClaimList)(nil), "k8s.io.api.resource.v1beta2.ResourceClaimList")
+	proto.RegisterType((*ResourceClaimSpec)(nil), "k8s.io.api.resource.v1beta2.ResourceClaimSpec")
+	proto.RegisterType((*ResourceClaimStatus)(nil), "k8s.io.api.resource.v1beta2.ResourceClaimStatus")
+	proto.RegisterType((*ResourceClaimTemplate)(nil), "k8s.io.api.resource.v1beta2.ResourceClaimTemplate")
+	proto.RegisterType((*ResourceClaimTemplateList)(nil), "k8s.io.api.resource.v1beta2.ResourceClaimTemplateList")
+	proto.RegisterType((*ResourceClaimTemplateSpec)(nil), "k8s.io.api.resource.v1beta2.ResourceClaimTemplateSpec")
+	proto.RegisterType((*ResourcePool)(nil), "k8s.io.api.resource.v1beta2.ResourcePool")
+	proto.RegisterType((*ResourceSlice)(nil), "k8s.io.api.resource.v1beta2.ResourceSlice")
+	proto.RegisterType((*ResourceSliceList)(nil), "k8s.io.api.resource.v1beta2.ResourceSliceList")
+	proto.RegisterType((*ResourceSliceSpec)(nil), "k8s.io.api.resource.v1beta2.ResourceSliceSpec")
+}
+
+func init() {
+	proto.RegisterFile("k8s.io/api/resource/v1beta2/generated.proto", fileDescriptor_57f2e1d27c072d6e)
+}
+
+var fileDescriptor_57f2e1d27c072d6e = []byte{
+	// 2527 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xd4, 0x5a, 0x4d, 0x6c, 0x1c, 0x49,
+	0x15, 0x76, 0x4f, 0x8f, 0xc7, 0xe3, 0x37, 0xb1, 0x63, 0x57, 0x48, 0x98, 0x38, 0x5a, 0x8f, 0xd3,
+	0x41, 0xac, 0x37, 0x9b, 0xcc, 0x6c, 0x0c, 0x1b, 0xad, 0x92, 0x0b, 0x33, 0x8e, 0x93, 0x35, 0x49,
+	0x1c, 0x6f, 0x8d, 0x37, 0x1b, 0x2d, 0x9b, 0x15, 0xed, 0x9e, 0xb2, 0xdd, 0x78, 0xa6, 0x7b, 0xd2,
+	0x55, 0xe3, 0xc4, 0xe2, 0xc0, 0x8a, 0x33, 0x42, 0x1c, 0x91, 0x10, 0x08, 0x21, 0x84, 0x84, 0x84,
+	0x10, 0x47, 0x4e, 0x20, 0x40, 0x88, 0x08, 0x24, 0x58, 0x81, 0x90, 0xf6, 0x80, 0x06, 0x32, 0x7b,
+	0xe1, 0xca, 0x05, 0x21, 0x9f, 0x50, 0xfd, 0xf4, 0xef, 0xfc, 0x6c, 0x3b, 0x24, 0x56, 0xb8, 0xcd,
+	0xbc, 0x7a, 0xef, 0x7b, 0x55, 0xaf, 0xde, 0x5f, 0x55, 0x35, 0xbc, 0xba, 0xfb, 0x06, 0x2d, 0xdb,
+	0x6e, 0xc5, 0x6c, 0xdb, 0x15, 0x8f, 0x50, 0xb7, 0xe3, 0x59, 0xa4, 0xb2, 0x77, 0x69, 0x93, 0x30,
+	0x73, 0xa9, 0xb2, 0x4d, 0x1c, 0xe2, 0x99, 0x8c, 0x34, 0xca, 0x6d, 0xcf, 0x65, 0x2e, 0x3a, 0x23,
+	0x99, 0xcb, 0x66, 0xdb, 0x2e, 0xfb, 0xcc, 0x65, 0xc5, 0x3c, 0x77, 0x71, 0xdb, 0x66, 0x3b, 0x9d,
+	0xcd, 0xb2, 0xe5, 0xb6, 0x2a, 0xdb, 0xee, 0xb6, 0x5b, 0x11, 0x32, 0x9b, 0x9d, 0x2d, 0xf1, 0x4f,
+	0xfc, 0x11, 0xbf, 0x24, 0xd6, 0x9c, 0x11, 0x51, 0x6c, 0xb9, 0x1e, 0x57, 0x9a, 0xd4, 0x37, 0xf7,
+	0xf9, 0x90, 0xa7, 0x65, 0x5a, 0x3b, 0xb6, 0x43, 0xbc, 0xfd, 0x4a, 0x7b, 0x77, 0x3b, 0x3e, 0xdb,
+	0xc3, 0x48, 0xd1, 0x4a, 0x8b, 0x30, 0x73, 0x90, 0xae, 0xca, 0x30, 0x29, 0xaf, 0xe3, 0x30, 0xbb,
+	0xd5, 0xaf, 0xe6, 0xf2, 0x27, 0x09, 0x50, 0x6b, 0x87, 0xb4, 0xcc, 0xa4, 0x9c, 0xf1, 0x3d, 0x1d,
+	0x4e, 0x56, 0x9b, 0x4d, 0xd7, 0xe2, 0xb4, 0x6b, 0x64, 0xcf, 0xb6, 0x48, 0x9d, 0x99, 0xac, 0x43,
+	0xd1, 0x67, 0x21, 0xd7, 0xf0, 0xec, 0x3d, 0xe2, 0x15, 0xb5, 0x05, 0x6d, 0x71, 0xb2, 0x36, 0xfd,
+	0xb8, 0x5b, 0x1a, 0xeb, 0x75, 0x4b, 0xb9, 0x6b, 0x82, 0x8a, 0xd5, 0x28, 0x5a, 0x80, 0x6c, 0xdb,
+	0x75, 0x9b, 0xc5, 0x8c, 0xe0, 0x3a, 0xa6, 0xb8, 0xb2, 0xeb, 0xae, 0xdb, 0xc4, 0x62, 0x44, 0x20,
+	0x09, 0xe4, 0xa2, 0x9e, 0x40, 0x12, 0x54, 0xac, 0x46, 0x91, 0x05, 0x60, 0xb9, 0x4e, 0xc3, 0x66,
+	0xb6, 0xeb, 0xd0, 0x62, 0x76, 0x41, 0x5f, 0x2c, 0x2c, 0x55, 0xca, 0xe1, 0x2e, 0x07, 0x0b, 0x2b,
+	0xb7, 0x77, 0xb7, 0x39, 0x81, 0x96, 0xb9, 0xfd, 0xca, 0x7b, 0x97, 0xca, 0xcb, 0xbe, 0x5c, 0x0d,
+	0x29, 0x70, 0x08, 0x48, 0x14, 0x47, 0x60, 0xd1, 0x4d, 0xc8, 0x36, 0x4c, 0x66, 0x16, 0xc7, 0x17,
+	0xb4, 0xc5, 0xc2, 0xd2, 0xc5, 0xa1, 0xf0, 0xca, 0x6e, 0x65, 0x6c, 0x3e, 0x5c, 0x79, 0xc4, 0x88,
+	0x43, 0x39, 0x78, 0x9e, 0xaf, 0xec, 0x9a, 0xc9, 0x4c, 0x2c, 0x40, 0x90, 0x09, 0x05, 0x87, 0xb0,
+	0x87, 0xae, 0xb7, 0xcb, 0x89, 0xc5, 0x9c, 0xc0, 0x2c, 0x97, 0x47, 0x38, 0x66, 0x79, 0x4d, 0xf1,
+	0x8b, 0x25, 0x73, 0xa9, 0xda, 0xf1, 0x5e, 0xb7, 0x54, 0x58, 0x0b, 0x61, 0x70, 0x14, 0xd3, 0xf8,
+	0xbd, 0x06, 0x33, 0x6a, 0x83, 0x6c, 0xd7, 0xc1, 0x84, 0x76, 0x9a, 0x0c, 0xbd, 0x0f, 0x13, 0xd2,
+	0x66, 0x54, 0x6c, 0x4e, 0x61, 0xe9, 0x73, 0x23, 0x75, 0x4a, 0x65, 0x49, 0x94, 0xda, 0x71, 0x65,
+	0xaa, 0x09, 0x39, 0x4e, 0xb1, 0x0f, 0x8a, 0xee, 0xc2, 0x31, 0xc7, 0x6d, 0x90, 0x3a, 0x69, 0x12,
+	0x8b, 0xb9, 0x9e, 0xd8, 0xb7, 0xc2, 0xd2, 0x42, 0x54, 0x09, 0x8f, 0x12, 0x6e, 0xf9, 0xb5, 0x08,
+	0x5f, 0x6d, 0xa6, 0xd7, 0x2d, 0x1d, 0x8b, 0x52, 0x70, 0x0c, 0xc7, 0xb8, 0x01, 0xb3, 0xcb, 0x2b,
+	0xb7, 0x94, 0x9b, 0x29, 0x22, 0x5a, 0x02, 0x20, 0x8f, 0xda, 0x1e, 0xa1, 0xdc, 0xc4, 0xca, 0xd9,
+	0x82, 0x5d, 0x5c, 0x09, 0x46, 0x70, 0x84, 0xcb, 0x78, 0x1f, 0x26, 0x96, 0xdd, 0x8e, 0xc3, 0x88,
+	0x87, 0xea, 0x30, 0xbe, 0x67, 0x36, 0x3b, 0x44, 0x59, 0xa2, 0x3c, 0xca, 0x61, 0x42, 0xd3, 0xbc,
+	0xd5, 0x31, 0x1d, 0x66, 0xb3, 0xfd, 0xda, 0x94, 0xd2, 0x34, 0x7e, 0x97, 0x83, 0x60, 0x89, 0x65,
+	0xfc, 0x5b, 0x03, 0x50, 0x0a, 0xea, 0x84, 0x71, 0x1f, 0x77, 0xcc, 0x16, 0x51, 0x93, 0x0b, 0x7c,
+	0x7c, 0xcd, 0x6c, 0x11, 0x2c, 0x46, 0x90, 0x05, 0x79, 0x4b, 0xf2, 0xd3, 0x62, 0x46, 0x78, 0xee,
+	0xeb, 0x23, 0xb7, 0x24, 0x04, 0xf7, 0x7f, 0xd2, 0x15, 0x87, 0x79, 0xfb, 0xb5, 0x19, 0x05, 0x9e,
+	0xf7, 0xc9, 0x38, 0x00, 0x9e, 0x33, 0x61, 0x2a, 0xc6, 0x8c, 0x66, 0x40, 0xdf, 0x25, 0xfb, 0x72,
+	0x5a, 0x98, 0xff, 0x44, 0x57, 0x7c, 0x6b, 0x64, 0x84, 0x35, 0x3e, 0x93, 0x66, 0x12, 0x6a, 0xd1,
+	0x57, 0x32, 0x6f, 0x68, 0xc6, 0x3f, 0x73, 0xa0, 0xc2, 0x32, 0xc5, 0xa2, 0x1f, 0x01, 0x98, 0x8c,
+	0x79, 0xf6, 0x66, 0x87, 0x11, 0x7f, 0xd9, 0x69, 0x3c, 0xb1, 0x5c, 0x0d, 0xa4, 0xe4, 0xa2, 0xcf,
+	0xf9, 0xdb, 0x1d, 0x0e, 0x7c, 0xfd, 0xef, 0xa5, 0xa9, 0xb7, 0x3a, 0x66, 0xd3, 0xde, 0xb2, 0x49,
+	0x43, 0xe8, 0x8c, 0xe8, 0x42, 0x6d, 0xc8, 0x5b, 0x66, 0xdb, 0xb4, 0x6c, 0xb6, 0x5f, 0xd4, 0x85,
+	0xde, 0x4b, 0x69, 0xf4, 0x2e, 0x2b, 0x19, 0xa9, 0xf5, 0x6c, 0x60, 0x6a, 0x45, 0xee, 0xd7, 0x19,
+	0x68, 0x41, 0x5f, 0x85, 0x19, 0xcb, 0x75, 0x68, 0xa7, 0x45, 0xa8, 0xbf, 0x07, 0x2a, 0x45, 0xbd,
+	0x9e, 0x42, 0xb3, 0x12, 0x59, 0x16, 0x08, 0x6d, 0x91, 0xa8, 0x8a, 0x4a, 0xfb, 0xcc, 0x72, 0x02,
+	0x16, 0xf7, 0x29, 0x42, 0x8b, 0x90, 0xe7, 0x71, 0xc4, 0xa7, 0x24, 0x12, 0xd7, 0x64, 0xed, 0x18,
+	0x9f, 0xf7, 0x9a, 0xa2, 0xe1, 0x60, 0xb4, 0x2f, 0x72, 0x73, 0xcf, 0x26, 0x72, 0xf9, 0x0c, 0xcc,
+	0x66, 0x93, 0x33, 0xd0, 0xe2, 0xc4, 0x82, 0xb6, 0x98, 0x97, 0x33, 0xa8, 0x2a, 0x1a, 0x0e, 0x46,
+	0xd1, 0x3a, 0xe4, 0x98, 0x69, 0x3b, 0x8c, 0x16, 0xf3, 0xc2, 0x3c, 0x8b, 0x29, 0xcc, 0xb3, 0xc1,
+	0x05, 0xc2, 0xba, 0x20, 0xfe, 0x52, 0xac, 0x70, 0xe6, 0x76, 0xe1, 0x78, 0xc2, 0x61, 0x06, 0x38,
+	0x7e, 0x2d, 0xee, 0xf8, 0x17, 0xd2, 0x24, 0x44, 0x1f, 0x34, 0x12, 0x00, 0x73, 0x3b, 0x30, 0x15,
+	0xf3, 0x92, 0x01, 0xaa, 0xaa, 0x71, 0x55, 0xaf, 0xa6, 0xd9, 0x7f, 0x05, 0x19, 0x0d, 0xb5, 0x6f,
+	0x64, 0xe0, 0xa5, 0x64, 0x66, 0x5e, 0x76, 0x9d, 0x2d, 0x7b, 0xbb, 0xe3, 0x89, 0x3f, 0xe8, 0x0b,
+	0x90, 0x93, 0x68, 0x2a, 0x06, 0x17, 0x7d, 0x03, 0xd5, 0x05, 0xf5, 0xa0, 0x5b, 0x3a, 0x95, 0x14,
+	0x95, 0x23, 0x58, 0xc9, 0xf1, 0x6d, 0xf3, 0xc8, 0x83, 0x0e, 0xa1, 0x4c, 0xc6, 0xa7, 0x72, 0x1c,
+	0xac, 0x68, 0x38, 0x18, 0x45, 0x5f, 0x83, 0x13, 0x0d, 0xe5, 0xaa, 0x91, 0x29, 0xa8, 0xcc, 0xff,
+	0x5a, 0x2a, 0x17, 0x8f, 0xc8, 0xd5, 0xce, 0xa8, 0xa9, 0x9e, 0x18, 0x30, 0x88, 0x07, 0x69, 0x32,
+	0x3e, 0xd6, 0xe0, 0xd4, 0xe0, 0x42, 0x85, 0x08, 0x4c, 0x78, 0xe2, 0x17, 0x2f, 0x77, 0xdc, 0xa7,
+	0xae, 0xa4, 0x98, 0x8f, 0x5a, 0xe3, 0xf0, 0xaa, 0x27, 0xff, 0x53, 0xec, 0x63, 0xa3, 0x4d, 0xc8,
+	0x59, 0x62, 0x4a, 0x2a, 0x95, 0x5d, 0x39, 0x54, 0x51, 0x8d, 0xaf, 0x3f, 0xf0, 0x65, 0x49, 0xc6,
+	0x0a, 0xd9, 0xf8, 0xb1, 0x06, 0xc7, 0x13, 0xde, 0x87, 0xe6, 0x41, 0xb7, 0x1d, 0x26, 0xbc, 0x49,
+	0x97, 0xfb, 0xb3, 0xea, 0x30, 0x59, 0x8e, 0xf8, 0x00, 0x3a, 0x0b, 0xd9, 0x4d, 0xde, 0x61, 0xe9,
+	0x22, 0xee, 0xa6, 0x7a, 0xdd, 0xd2, 0x64, 0xcd, 0x75, 0x9b, 0x92, 0x43, 0x0c, 0xa1, 0x97, 0x21,
+	0x47, 0x99, 0x67, 0x3b, 0xdb, 0xc5, 0xac, 0xf0, 0x14, 0xd1, 0x53, 0xd4, 0x05, 0x45, 0xb2, 0xa9,
+	0x61, 0x74, 0x1e, 0x26, 0xf6, 0x88, 0x27, 0x2a, 0xad, 0x4c, 0x24, 0x22, 0xf0, 0xef, 0x4a, 0x92,
+	0x64, 0xf5, 0x19, 0x0c, 0x02, 0xd3, 0x71, 0xef, 0x7d, 0x3e, 0xb5, 0xf6, 0x27, 0x19, 0x28, 0x28,
+	0x3d, 0x4d, 0xd3, 0x6e, 0xa1, 0x7b, 0x11, 0x9f, 0x95, 0xdb, 0x7d, 0x3e, 0xfd, 0x76, 0x87, 0xf5,
+	0x73, 0x80, 0x8f, 0x37, 0xa0, 0xc0, 0x53, 0x2b, 0xf3, 0x64, 0x7e, 0x92, 0xbb, 0x7c, 0x31, 0x9d,
+	0x6f, 0x2b, 0xa9, 0xda, 0x09, 0x85, 0x5f, 0x08, 0x69, 0x14, 0x47, 0x61, 0xd1, 0xfd, 0xc0, 0x8d,
+	0xf4, 0xf4, 0xf5, 0x81, 0xaf, 0x3c, 0x9d, 0x07, 0xfd, 0x56, 0x83, 0xe2, 0x30, 0xa1, 0x58, 0xbc,
+	0x6b, 0x4f, 0x13, 0xef, 0x99, 0x23, 0x8b, 0xf7, 0x5f, 0x6a, 0x91, 0x6d, 0xa7, 0x14, 0x7d, 0x19,
+	0xf2, 0xbc, 0x9b, 0x17, 0xcd, 0xb9, 0xd6, 0x37, 0x8b, 0x11, 0xbd, 0xff, 0x9d, 0xcd, 0xaf, 0x10,
+	0x8b, 0xdd, 0x26, 0xcc, 0x0c, 0xdb, 0xc6, 0x90, 0x86, 0x03, 0x54, 0xb4, 0x06, 0x59, 0xda, 0x26,
+	0xd6, 0x21, 0x2a, 0x84, 0x98, 0x59, 0xbd, 0x4d, 0xac, 0xb0, 0xfd, 0xe1, 0xff, 0xb0, 0xc0, 0x31,
+	0xbe, 0x13, 0xdd, 0x09, 0x4a, 0xe3, 0x3b, 0x31, 0xc4, 0xbe, 0xda, 0x91, 0xd9, 0xf7, 0x17, 0x41,
+	0xa6, 0x11, 0xb3, 0xbb, 0x65, 0x53, 0x86, 0xde, 0xeb, 0xb3, 0x71, 0x39, 0x9d, 0x8d, 0xb9, 0xb4,
+	0xb0, 0x70, 0x10, 0x5e, 0x3e, 0x25, 0x62, 0xdf, 0xdb, 0x30, 0x6e, 0x33, 0xd2, 0xf2, 0x03, 0x6b,
+	0x31, 0xad, 0x81, 0xc3, 0xbc, 0xb0, 0xca, 0xc5, 0xb1, 0x44, 0x31, 0xfe, 0x18, 0x5f, 0x00, 0x37,
+	0x3c, 0x7a, 0x0f, 0x26, 0xa9, 0x6a, 0x49, 0xfc, 0xe4, 0x90, 0xa6, 0xfc, 0x06, 0x6d, 0xce, 0xac,
+	0xd2, 0x34, 0xe9, 0x53, 0x28, 0x0e, 0x01, 0x23, 0x91, 0x9b, 0x39, 0x4c, 0xe4, 0x26, 0xb6, 0x7e,
+	0x68, 0xe4, 0x3e, 0x80, 0x41, 0xbb, 0x87, 0xde, 0x85, 0x9c, 0xdb, 0x36, 0x1f, 0x04, 0x59, 0xf5,
+	0xf2, 0x48, 0xad, 0x77, 0x04, 0xeb, 0x20, 0x17, 0x01, 0xae, 0x52, 0x0e, 0x63, 0x85, 0x68, 0x7c,
+	0x53, 0x83, 0x99, 0x64, 0x0a, 0x3b, 0x44, 0x92, 0x58, 0x87, 0xe9, 0x96, 0xc9, 0xac, 0x9d, 0xa0,
+	0x56, 0xa9, 0x53, 0xfe, 0x62, 0xaf, 0x5b, 0x9a, 0xbe, 0x1d, 0x1b, 0x39, 0xe8, 0x96, 0xd0, 0xf5,
+	0x4e, 0xb3, 0xb9, 0x1f, 0x6f, 0xa0, 0x13, 0xf2, 0xc6, 0x0f, 0x33, 0x41, 0xcc, 0xf4, 0xb5, 0xc4,
+	0xfc, 0x24, 0x68, 0x05, 0xe7, 0xa2, 0xe4, 0x49, 0x30, 0x3c, 0x31, 0xe1, 0x08, 0x17, 0x7a, 0xd0,
+	0x77, 0xf0, 0x5a, 0x7e, 0xaa, 0x7e, 0xfc, 0xc5, 0x3a, 0x86, 0xfd, 0x47, 0x83, 0xa9, 0x58, 0x5d,
+	0x4b, 0x71, 0x1a, 0xbb, 0x0b, 0x13, 0xe4, 0x91, 0x69, 0xb1, 0xe6, 0xbe, 0xd2, 0x5a, 0x19, 0xa9,
+	0x75, 0x85, 0xf3, 0xc6, 0x6b, 0x67, 0x81, 0xb7, 0x45, 0x2b, 0x12, 0x03, 0xfb, 0x60, 0xa8, 0x05,
+	0xd3, 0x5b, 0xb6, 0x47, 0x59, 0x75, 0xcf, 0xb4, 0x9b, 0xe6, 0x66, 0x93, 0xa8, 0xba, 0x96, 0xa6,
+	0x70, 0xd6, 0x3b, 0x9b, 0x3e, 0xf8, 0x29, 0x35, 0xe5, 0xe9, 0xeb, 0x31, 0x30, 0x9c, 0x00, 0x37,
+	0xfe, 0x1a, 0xb4, 0xc5, 0x43, 0x3a, 0x38, 0xf4, 0x0a, 0x6f, 0x07, 0xc5, 0x90, 0xb2, 0x46, 0xa4,
+	0xa5, 0x13, 0x64, 0xec, 0x8f, 0x47, 0x2e, 0xb1, 0x32, 0xa9, 0x2e, 0xb1, 0xf4, 0x14, 0x97, 0x58,
+	0xd9, 0x91, 0x97, 0x58, 0x97, 0xa0, 0x60, 0x36, 0x5a, 0xb6, 0x53, 0xb5, 0x2c, 0x42, 0xa9, 0x68,
+	0xb2, 0xf2, 0xb2, 0x1d, 0xab, 0x86, 0x64, 0x1c, 0xe5, 0xe1, 0x6d, 0x09, 0x73, 0x9b, 0x44, 0x86,
+	0x31, 0x2d, 0xe6, 0x52, 0x5b, 0x77, 0x23, 0x90, 0x0a, 0xdb, 0x92, 0x90, 0x46, 0x71, 0x14, 0xd6,
+	0xf8, 0x92, 0xdf, 0xcd, 0x05, 0x67, 0xba, 0x55, 0xd0, 0x2d, 0xd2, 0x1c, 0x50, 0x08, 0x06, 0xb8,
+	0x68, 0xf2, 0xd6, 0xa6, 0x36, 0xd1, 0xeb, 0x96, 0xf4, 0xe5, 0x95, 0x5b, 0x98, 0x63, 0x18, 0x3f,
+	0xd7, 0xfd, 0x3c, 0x13, 0xee, 0x78, 0x0a, 0x97, 0xad, 0xc2, 0xf1, 0x46, 0x98, 0x45, 0xc5, 0xf1,
+	0x56, 0xee, 0xd3, 0xa7, 0x15, 0x73, 0xb4, 0x00, 0x08, 0xb9, 0x24, 0x7f, 0xbc, 0x22, 0xe8, 0xcf,
+	0xba, 0x22, 0xdc, 0x85, 0x69, 0x33, 0x70, 0xbf, 0xdb, 0x6e, 0xc3, 0xdf, 0xfd, 0xb2, 0xef, 0xcc,
+	0xd5, 0xd8, 0xe8, 0x41, 0xb7, 0xf4, 0xa9, 0xe4, 0xb9, 0x80, 0xd3, 0x71, 0x02, 0x05, 0x9d, 0x83,
+	0x71, 0x91, 0x4e, 0x84, 0x7f, 0xe8, 0x61, 0x01, 0x14, 0xa9, 0x00, 0xcb, 0xb1, 0x23, 0xf2, 0x8b,
+	0x7f, 0x05, 0x7d, 0x98, 0x38, 0x76, 0xa3, 0x97, 0x22, 0xc9, 0xac, 0x56, 0x50, 0xe2, 0xfa, 0x4d,
+	0xb2, 0x2f, 0x33, 0xdb, 0xb9, 0x68, 0x66, 0x9b, 0x1c, 0xdc, 0xd2, 0xa3, 0xab, 0x90, 0x23, 0x5b,
+	0x5b, 0xc4, 0x62, 0x2a, 0xa0, 0xfc, 0xfb, 0x9d, 0xdc, 0x8a, 0xa0, 0x1e, 0x74, 0x4b, 0xb3, 0x11,
+	0x95, 0x92, 0x88, 0x95, 0x08, 0x7a, 0x07, 0x26, 0x99, 0xdd, 0x22, 0xd5, 0x46, 0x83, 0x34, 0x84,
+	0xb9, 0xe3, 0x07, 0x80, 0x11, 0x5d, 0xca, 0x86, 0xdd, 0x22, 0xf2, 0x7c, 0xb4, 0xe1, 0x03, 0xe0,
+	0x10, 0xeb, 0x4a, 0xfe, 0xdb, 0xdf, 0x2f, 0x8d, 0x7d, 0xf0, 0xb7, 0x85, 0x31, 0xe3, 0x07, 0x19,
+	0xdf, 0x5d, 0x43, 0xb3, 0x7c, 0xd2, 0xc2, 0xdf, 0x84, 0xbc, 0xdb, 0xe6, 0xbc, 0xae, 0x9f, 0x4c,
+	0x2e, 0xf8, 0x35, 0xe2, 0x8e, 0xa2, 0x1f, 0x74, 0x4b, 0xc5, 0x24, 0xac, 0x3f, 0x86, 0x03, 0xe9,
+	0xd0, 0x84, 0x7a, 0x2a, 0x13, 0x66, 0x0f, 0x6f, 0xc2, 0x65, 0x98, 0x0d, 0xb7, 0xb8, 0x4e, 0x2c,
+	0xd7, 0x69, 0x50, 0xe5, 0x6a, 0x27, 0x7b, 0xdd, 0xd2, 0xec, 0x46, 0x72, 0x10, 0xf7, 0xf3, 0x1b,
+	0x7f, 0xd0, 0x01, 0xf5, 0x17, 0x89, 0x41, 0x31, 0xab, 0xfd, 0x2f, 0x31, 0x9b, 0x79, 0xfe, 0x31,
+	0xab, 0x3f, 0xdb, 0x98, 0xcd, 0x8e, 0x88, 0xd9, 0x17, 0x36, 0xfd, 0xff, 0x54, 0x83, 0xd9, 0xbe,
+	0xb7, 0x07, 0x74, 0x15, 0xa6, 0x6c, 0xde, 0x7b, 0x6c, 0x99, 0x16, 0x89, 0x6c, 0xe5, 0x49, 0x05,
+	0x37, 0xb5, 0x1a, 0x1d, 0xc4, 0x71, 0x5e, 0x74, 0x1a, 0x74, 0xbb, 0xed, 0xdf, 0x2b, 0x89, 0x7a,
+	0xb0, 0xba, 0x4e, 0x31, 0xa7, 0x71, 0x27, 0xd9, 0x31, 0xbd, 0xc6, 0x43, 0xd3, 0xe3, 0xb1, 0xe7,
+	0x71, 0x53, 0xe8, 0x71, 0x27, 0x79, 0x33, 0x3e, 0x8c, 0x93, 0xfc, 0xc6, 0x8f, 0x34, 0x38, 0x3d,
+	0xb4, 0xd9, 0x4d, 0xfd, 0x3a, 0x65, 0x02, 0xb4, 0x4d, 0xcf, 0x6c, 0x11, 0xd5, 0x20, 0x3e, 0xc5,
+	0xa3, 0x4f, 0xd0, 0x81, 0xae, 0x07, 0x40, 0x38, 0x02, 0x6a, 0x7c, 0x37, 0x03, 0x53, 0x58, 0xed,
+	0x90, 0xbc, 0xc1, 0x78, 0xfe, 0x47, 0xd9, 0xf5, 0xd8, 0x51, 0x76, 0x74, 0xed, 0x8e, 0xcd, 0x6d,
+	0xd8, 0x61, 0x16, 0xdd, 0x83, 0x1c, 0x15, 0x0f, 0x7f, 0xa9, 0xae, 0xfc, 0xe2, 0x98, 0x42, 0x2e,
+	0xdc, 0x02, 0xf9, 0x1f, 0x2b, 0x3c, 0xa3, 0xa7, 0xc1, 0x7c, 0x8c, 0x5f, 0x5d, 0x78, 0x7b, 0x98,
+	0x6c, 0x11, 0x8f, 0x38, 0x16, 0x41, 0x17, 0x20, 0x6f, 0xb6, 0xed, 0x1b, 0x9e, 0xdb, 0x69, 0xab,
+	0xfd, 0x0c, 0xfa, 0xef, 0xea, 0xfa, 0xaa, 0xa0, 0xe3, 0x80, 0x83, 0x73, 0xfb, 0x13, 0x52, 0x5e,
+	0x15, 0xb9, 0xf4, 0x91, 0x74, 0x1c, 0x70, 0x04, 0x5d, 0x48, 0x76, 0x68, 0x17, 0x52, 0x03, 0xbd,
+	0x63, 0x37, 0xd4, 0x7d, 0xd8, 0x6b, 0x7e, 0xe2, 0x7f, 0x7b, 0xf5, 0xda, 0x41, 0xb7, 0x74, 0x76,
+	0xd8, 0xbb, 0x2a, 0xdb, 0x6f, 0x13, 0x5a, 0x7e, 0x7b, 0xf5, 0x1a, 0xe6, 0xc2, 0xc6, 0xaf, 0x35,
+	0x98, 0x8d, 0x2d, 0xf2, 0x08, 0xce, 0xdb, 0x77, 0xe2, 0xe7, 0xed, 0xf3, 0xe9, 0x77, 0x6c, 0xc8,
+	0x89, 0x7b, 0x27, 0xb1, 0x06, 0x71, 0xe4, 0xae, 0x27, 0xdf, 0x1a, 0x17, 0xd3, 0xde, 0x67, 0x0d,
+	0x7f, 0x60, 0x34, 0x7e, 0x97, 0x81, 0x13, 0x03, 0x7c, 0x08, 0xdd, 0x07, 0x08, 0xb3, 0xae, 0xd2,
+	0x37, 0x3a, 0x15, 0xf6, 0xdd, 0xef, 0x4e, 0x8b, 0x77, 0xa4, 0x90, 0x1a, 0x01, 0x44, 0x1e, 0x14,
+	0x3c, 0x42, 0x89, 0xb7, 0x47, 0x1a, 0xd7, 0x45, 0x19, 0xe7, 0x76, 0xbb, 0x9a, 0xde, 0x6e, 0x7d,
+	0x9e, 0x1b, 0x26, 0x5e, 0x1c, 0xe2, 0xe2, 0xa8, 0x12, 0x74, 0x3f, 0xb4, 0x9f, 0x7c, 0x2f, 0x5a,
+	0x4a, 0xb3, 0x9e, 0xf8, 0x63, 0xfc, 0x08, 0x4b, 0xfe, 0x45, 0x83, 0x93, 0xb1, 0x39, 0x6e, 0x90,
+	0x56, 0xbb, 0x69, 0x32, 0x72, 0x04, 0x59, 0xe8, 0x5e, 0x2c, 0x0b, 0x5d, 0x4e, 0x6f, 0x47, 0x7f,
+	0x8e, 0x43, 0xaf, 0xd6, 0xfe, 0xac, 0xc1, 0xe9, 0x81, 0x12, 0x47, 0x10, 0x56, 0xef, 0xc4, 0xc3,
+	0x6a, 0xe9, 0xf0, 0xcb, 0x1a, 0x12, 0x5e, 0x7f, 0x1a, 0xb6, 0x28, 0x11, 0x67, 0xff, 0x87, 0x45,
+	0xc3, 0xf8, 0x99, 0x06, 0xc7, 0x7c, 0x4e, 0x7e, 0x56, 0x4e, 0x71, 0xe4, 0x5b, 0x02, 0x50, 0xdf,
+	0xa0, 0xf8, 0xd7, 0xcd, 0x7a, 0x38, 0xed, 0x1b, 0xc1, 0x08, 0x8e, 0x70, 0xa1, 0x2f, 0x02, 0xf2,
+	0x27, 0x58, 0x6f, 0xfa, 0xb7, 0x37, 0x22, 0xf5, 0xeb, 0xb5, 0x39, 0x25, 0x8b, 0x70, 0x1f, 0x07,
+	0x1e, 0x20, 0x65, 0xfc, 0x46, 0x0b, 0xab, 0xb5, 0x20, 0xbf, 0xa0, 0x86, 0x17, 0x73, 0x1b, 0x6a,
+	0xf8, 0x68, 0xb9, 0x11, 0x9c, 0x2f, 0x6a, 0xb9, 0x11, 0x93, 0x1b, 0x12, 0x0f, 0xbf, 0xca, 0x26,
+	0x16, 0x21, 0xe2, 0x20, 0x6d, 0x67, 0x77, 0x33, 0xf2, 0xdd, 0x51, 0x61, 0xe9, 0x95, 0x54, 0xb3,
+	0xe1, 0x3e, 0x3a, 0xf0, 0x76, 0x27, 0xfa, 0xc0, 0xae, 0x1f, 0xea, 0x81, 0x3d, 0xfb, 0x1c, 0x1e,
+	0xd8, 0xc7, 0x47, 0x3e, 0xb0, 0xaf, 0x85, 0x05, 0x45, 0x9e, 0x15, 0xce, 0xa5, 0x28, 0xc8, 0x23,
+	0x3e, 0xf6, 0xc1, 0x70, 0xaa, 0x4d, 0x3c, 0x49, 0x0e, 0x27, 0xc8, 0xa3, 0x53, 0x3e, 0xf4, 0xcf,
+	0xf5, 0xba, 0xa5, 0x53, 0xeb, 0x03, 0x39, 0xf0, 0x10, 0x49, 0xb4, 0x0d, 0xd3, 0x74, 0xc7, 0xf4,
+	0x48, 0x23, 0xf8, 0x56, 0x42, 0x7e, 0x0c, 0xf0, 0x72, 0xca, 0x8f, 0x62, 0xc2, 0xdb, 0xc2, 0x7a,
+	0x0c, 0x06, 0x27, 0x60, 0x6b, 0xd5, 0xc7, 0x4f, 0xe6, 0xc7, 0x3e, 0x7c, 0x32, 0x3f, 0xf6, 0xd1,
+	0x93, 0xf9, 0xb1, 0x0f, 0x7a, 0xf3, 0xda, 0xe3, 0xde, 0xbc, 0xf6, 0x61, 0x6f, 0x5e, 0xfb, 0xa8,
+	0x37, 0xaf, 0xfd, 0xa3, 0x37, 0xaf, 0x7d, 0xeb, 0xe3, 0xf9, 0xb1, 0x77, 0xcf, 0x8c, 0xf8, 0xae,
+	0xf0, 0xbf, 0x01, 0x00, 0x00, 0xff, 0xff, 0x78, 0x9d, 0x7e, 0x7c, 0x75, 0x28, 0x00, 0x00,
+}
+
+func (m *AllocatedDeviceStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *AllocatedDeviceStatus) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *AllocatedDeviceStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.NetworkData != nil {
+		{
+			size, err := m.NetworkData.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x32
+	}
+	if m.Data != nil {
+		{
+			size, err := m.Data.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x2a
+	}
+	if len(m.Conditions) > 0 {
+		for iNdEx := len(m.Conditions) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Conditions[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x22
+		}
+	}
+	i -= len(m.Device)
+	copy(dAtA[i:], m.Device)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Device)))
+	i--
+	dAtA[i] = 0x1a
+	i -= len(m.Pool)
+	copy(dAtA[i:], m.Pool)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Pool)))
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Driver)
+	copy(dAtA[i:], m.Driver)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *AllocationResult) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *AllocationResult) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *AllocationResult) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.NodeSelector != nil {
+		{
+			size, err := m.NodeSelector.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x1a
+	}
+	{
+		size, err := m.Devices.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *CELDeviceSelector) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *CELDeviceSelector) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *CELDeviceSelector) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	i -= len(m.Expression)
+	copy(dAtA[i:], m.Expression)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Expression)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *Counter) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *Counter) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *Counter) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Value.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *CounterSet) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *CounterSet) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *CounterSet) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Counters) > 0 {
+		keysForCounters := make([]string, 0, len(m.Counters))
+		for k := range m.Counters {
+			keysForCounters = append(keysForCounters, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+		for iNdEx := len(keysForCounters) - 1; iNdEx >= 0; iNdEx-- {
+			v := m.Counters[string(keysForCounters[iNdEx])]
+			baseI := i
+			{
+				size, err := (&v).MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+			i -= len(keysForCounters[iNdEx])
+			copy(dAtA[i:], keysForCounters[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(keysForCounters[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+			i = encodeVarintGenerated(dAtA, i, uint64(baseI-i))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *Device) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *Device) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *Device) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Taints) > 0 {
+		for iNdEx := len(m.Taints) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Taints[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x42
+		}
+	}
+	if m.AllNodes != nil {
+		i--
+		if *m.AllNodes {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i--
+		dAtA[i] = 0x38
+	}
+	if m.NodeSelector != nil {
+		{
+			size, err := m.NodeSelector.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x32
+	}
+	if m.NodeName != nil {
+		i -= len(*m.NodeName)
+		copy(dAtA[i:], *m.NodeName)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.NodeName)))
+		i--
+		dAtA[i] = 0x2a
+	}
+	if len(m.ConsumesCounters) > 0 {
+		for iNdEx := len(m.ConsumesCounters) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.ConsumesCounters[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x22
+		}
+	}
+	if len(m.Capacity) > 0 {
+		keysForCapacity := make([]string, 0, len(m.Capacity))
+		for k := range m.Capacity {
+			keysForCapacity = append(keysForCapacity, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForCapacity)
+		for iNdEx := len(keysForCapacity) - 1; iNdEx >= 0; iNdEx-- {
+			v := m.Capacity[QualifiedName(keysForCapacity[iNdEx])]
+			baseI := i
+			{
+				size, err := (&v).MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+			i -= len(keysForCapacity[iNdEx])
+			copy(dAtA[i:], keysForCapacity[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(keysForCapacity[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+			i = encodeVarintGenerated(dAtA, i, uint64(baseI-i))
+			i--
+			dAtA[i] = 0x1a
+		}
+	}
+	if len(m.Attributes) > 0 {
+		keysForAttributes := make([]string, 0, len(m.Attributes))
+		for k := range m.Attributes {
+			keysForAttributes = append(keysForAttributes, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForAttributes)
+		for iNdEx := len(keysForAttributes) - 1; iNdEx >= 0; iNdEx-- {
+			v := m.Attributes[QualifiedName(keysForAttributes[iNdEx])]
+			baseI := i
+			{
+				size, err := (&v).MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+			i -= len(keysForAttributes[iNdEx])
+			copy(dAtA[i:], keysForAttributes[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(keysForAttributes[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+			i = encodeVarintGenerated(dAtA, i, uint64(baseI-i))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceAllocationConfiguration) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceAllocationConfiguration) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceAllocationConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.DeviceConfiguration.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x1a
+	if len(m.Requests) > 0 {
+		for iNdEx := len(m.Requests) - 1; iNdEx >= 0; iNdEx-- {
+			i -= len(m.Requests[iNdEx])
+			copy(dAtA[i:], m.Requests[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(m.Requests[iNdEx])))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.Source)
+	copy(dAtA[i:], m.Source)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Source)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceAllocationResult) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceAllocationResult) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceAllocationResult) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Config) > 0 {
+		for iNdEx := len(m.Config) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Config[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	if len(m.Results) > 0 {
+		for iNdEx := len(m.Results) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Results[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0xa
+		}
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceAttribute) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceAttribute) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceAttribute) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.VersionValue != nil {
+		i -= len(*m.VersionValue)
+		copy(dAtA[i:], *m.VersionValue)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.VersionValue)))
+		i--
+		dAtA[i] = 0x2a
+	}
+	if m.StringValue != nil {
+		i -= len(*m.StringValue)
+		copy(dAtA[i:], *m.StringValue)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.StringValue)))
+		i--
+		dAtA[i] = 0x22
+	}
+	if m.BoolValue != nil {
+		i--
+		if *m.BoolValue {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i--
+		dAtA[i] = 0x18
+	}
+	if m.IntValue != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.IntValue))
+		i--
+		dAtA[i] = 0x10
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceCapacity) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceCapacity) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceCapacity) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Value.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceClaim) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceClaim) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceClaim) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Config) > 0 {
+		for iNdEx := len(m.Config) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Config[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x1a
+		}
+	}
+	if len(m.Constraints) > 0 {
+		for iNdEx := len(m.Constraints) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Constraints[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	if len(m.Requests) > 0 {
+		for iNdEx := len(m.Requests) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Requests[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0xa
+		}
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceClaimConfiguration) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceClaimConfiguration) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceClaimConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.DeviceConfiguration.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	if len(m.Requests) > 0 {
+		for iNdEx := len(m.Requests) - 1; iNdEx >= 0; iNdEx-- {
+			i -= len(m.Requests[iNdEx])
+			copy(dAtA[i:], m.Requests[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(m.Requests[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+		}
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceClass) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceClass) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceClass) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceClassConfiguration) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceClassConfiguration) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceClassConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.DeviceConfiguration.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceClassList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceClassList) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceClassList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Items) > 0 {
+		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	{
+		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceClassSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceClassSpec) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceClassSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Config) > 0 {
+		for iNdEx := len(m.Config) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Config[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	if len(m.Selectors) > 0 {
+		for iNdEx := len(m.Selectors) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Selectors[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0xa
+		}
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceConfiguration) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceConfiguration) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.Opaque != nil {
+		{
+			size, err := m.Opaque.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0xa
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceConstraint) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceConstraint) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceConstraint) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.MatchAttribute != nil {
+		i -= len(*m.MatchAttribute)
+		copy(dAtA[i:], *m.MatchAttribute)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.MatchAttribute)))
+		i--
+		dAtA[i] = 0x12
+	}
+	if len(m.Requests) > 0 {
+		for iNdEx := len(m.Requests) - 1; iNdEx >= 0; iNdEx-- {
+			i -= len(m.Requests[iNdEx])
+			copy(dAtA[i:], m.Requests[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(m.Requests[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+		}
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceCounterConsumption) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceCounterConsumption) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceCounterConsumption) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Counters) > 0 {
+		keysForCounters := make([]string, 0, len(m.Counters))
+		for k := range m.Counters {
+			keysForCounters = append(keysForCounters, string(k))
+		}
+		github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+		for iNdEx := len(keysForCounters) - 1; iNdEx >= 0; iNdEx-- {
+			v := m.Counters[string(keysForCounters[iNdEx])]
+			baseI := i
+			{
+				size, err := (&v).MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+			i -= len(keysForCounters[iNdEx])
+			copy(dAtA[i:], keysForCounters[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(keysForCounters[iNdEx])))
+			i--
+			dAtA[i] = 0xa
+			i = encodeVarintGenerated(dAtA, i, uint64(baseI-i))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.CounterSet)
+	copy(dAtA[i:], m.CounterSet)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.CounterSet)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceRequest) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.FirstAvailable) > 0 {
+		for iNdEx := len(m.FirstAvailable) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.FirstAvailable[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x1a
+		}
+	}
+	if m.Exactly != nil {
+		{
+			size, err := m.Exactly.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x12
+	}
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceRequestAllocationResult) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceRequestAllocationResult) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceRequestAllocationResult) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Tolerations) > 0 {
+		for iNdEx := len(m.Tolerations) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Tolerations[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x32
+		}
+	}
+	if m.AdminAccess != nil {
+		i--
+		if *m.AdminAccess {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i--
+		dAtA[i] = 0x28
+	}
+	i -= len(m.Device)
+	copy(dAtA[i:], m.Device)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Device)))
+	i--
+	dAtA[i] = 0x22
+	i -= len(m.Pool)
+	copy(dAtA[i:], m.Pool)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Pool)))
+	i--
+	dAtA[i] = 0x1a
+	i -= len(m.Driver)
+	copy(dAtA[i:], m.Driver)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Request)
+	copy(dAtA[i:], m.Request)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Request)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceSelector) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceSelector) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceSelector) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.CEL != nil {
+		{
+			size, err := m.CEL.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0xa
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceSubRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceSubRequest) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceSubRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Tolerations) > 0 {
+		for iNdEx := len(m.Tolerations) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Tolerations[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x32
+		}
+	}
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Count))
+	i--
+	dAtA[i] = 0x28
+	i -= len(m.AllocationMode)
+	copy(dAtA[i:], m.AllocationMode)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.AllocationMode)))
+	i--
+	dAtA[i] = 0x22
+	if len(m.Selectors) > 0 {
+		for iNdEx := len(m.Selectors) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Selectors[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x1a
+		}
+	}
+	i -= len(m.DeviceClassName)
+	copy(dAtA[i:], m.DeviceClassName)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.DeviceClassName)))
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceTaint) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceTaint) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceTaint) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.TimeAdded != nil {
+		{
+			size, err := m.TimeAdded.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x22
+	}
+	i -= len(m.Effect)
+	copy(dAtA[i:], m.Effect)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Effect)))
+	i--
+	dAtA[i] = 0x1a
+	i -= len(m.Value)
+	copy(dAtA[i:], m.Value)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Value)))
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Key)
+	copy(dAtA[i:], m.Key)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Key)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *DeviceToleration) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *DeviceToleration) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *DeviceToleration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if m.TolerationSeconds != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.TolerationSeconds))
+		i--
+		dAtA[i] = 0x28
+	}
+	i -= len(m.Effect)
+	copy(dAtA[i:], m.Effect)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Effect)))
+	i--
+	dAtA[i] = 0x22
+	i -= len(m.Value)
+	copy(dAtA[i:], m.Value)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Value)))
+	i--
+	dAtA[i] = 0x1a
+	i -= len(m.Operator)
+	copy(dAtA[i:], m.Operator)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Operator)))
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Key)
+	copy(dAtA[i:], m.Key)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Key)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ExactDeviceRequest) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ExactDeviceRequest) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ExactDeviceRequest) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Tolerations) > 0 {
+		for iNdEx := len(m.Tolerations) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Tolerations[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x32
+		}
+	}
+	if m.AdminAccess != nil {
+		i--
+		if *m.AdminAccess {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i--
+		dAtA[i] = 0x28
+	}
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Count))
+	i--
+	dAtA[i] = 0x20
+	i -= len(m.AllocationMode)
+	copy(dAtA[i:], m.AllocationMode)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.AllocationMode)))
+	i--
+	dAtA[i] = 0x1a
+	if len(m.Selectors) > 0 {
+		for iNdEx := len(m.Selectors) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Selectors[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.DeviceClassName)
+	copy(dAtA[i:], m.DeviceClassName)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.DeviceClassName)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *NetworkDeviceData) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *NetworkDeviceData) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *NetworkDeviceData) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	i -= len(m.HardwareAddress)
+	copy(dAtA[i:], m.HardwareAddress)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.HardwareAddress)))
+	i--
+	dAtA[i] = 0x1a
+	if len(m.IPs) > 0 {
+		for iNdEx := len(m.IPs) - 1; iNdEx >= 0; iNdEx-- {
+			i -= len(m.IPs[iNdEx])
+			copy(dAtA[i:], m.IPs[iNdEx])
+			i = encodeVarintGenerated(dAtA, i, uint64(len(m.IPs[iNdEx])))
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	i -= len(m.InterfaceName)
+	copy(dAtA[i:], m.InterfaceName)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.InterfaceName)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *OpaqueDeviceConfiguration) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *OpaqueDeviceConfiguration) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *OpaqueDeviceConfiguration) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Parameters.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Driver)
+	copy(dAtA[i:], m.Driver)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaim) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaim) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaim) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Status.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x1a
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaimConsumerReference) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaimConsumerReference) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimConsumerReference) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	i -= len(m.UID)
+	copy(dAtA[i:], m.UID)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.UID)))
+	i--
+	dAtA[i] = 0x2a
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0x22
+	i -= len(m.Resource)
+	copy(dAtA[i:], m.Resource)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Resource)))
+	i--
+	dAtA[i] = 0x1a
+	i -= len(m.APIGroup)
+	copy(dAtA[i:], m.APIGroup)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.APIGroup)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaimList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaimList) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Items) > 0 {
+		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	{
+		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaimSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaimSpec) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Devices.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaimStatus) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaimStatus) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimStatus) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Devices) > 0 {
+		for iNdEx := len(m.Devices) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Devices[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x22
+		}
+	}
+	if len(m.ReservedFor) > 0 {
+		for iNdEx := len(m.ReservedFor) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.ReservedFor[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	if m.Allocation != nil {
+		{
+			size, err := m.Allocation.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0xa
+	}
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaimTemplate) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaimTemplate) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimTemplate) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaimTemplateList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaimTemplateList) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimTemplateList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Items) > 0 {
+		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	{
+		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceClaimTemplateSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceClaimTemplateSpec) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceClaimTemplateSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourcePool) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourcePool) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourcePool) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	i = encodeVarintGenerated(dAtA, i, uint64(m.ResourceSliceCount))
+	i--
+	dAtA[i] = 0x18
+	i = encodeVarintGenerated(dAtA, i, uint64(m.Generation))
+	i--
+	dAtA[i] = 0x10
+	i -= len(m.Name)
+	copy(dAtA[i:], m.Name)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Name)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceSlice) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceSlice) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceSlice) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	{
+		size, err := m.Spec.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	{
+		size, err := m.ObjectMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceSliceList) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceSliceList) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceSliceList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.Items) > 0 {
+		for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x12
+		}
+	}
+	{
+		size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func (m *ResourceSliceSpec) Marshal() (dAtA []byte, err error) {
+	size := m.Size()
+	dAtA = make([]byte, size)
+	n, err := m.MarshalToSizedBuffer(dAtA[:size])
+	if err != nil {
+		return nil, err
+	}
+	return dAtA[:n], nil
+}
+
+func (m *ResourceSliceSpec) MarshalTo(dAtA []byte) (int, error) {
+	size := m.Size()
+	return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *ResourceSliceSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+	i := len(dAtA)
+	_ = i
+	var l int
+	_ = l
+	if len(m.SharedCounters) > 0 {
+		for iNdEx := len(m.SharedCounters) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.SharedCounters[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x42
+		}
+	}
+	if m.PerDeviceNodeSelection != nil {
+		i--
+		if *m.PerDeviceNodeSelection {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i--
+		dAtA[i] = 0x38
+	}
+	if len(m.Devices) > 0 {
+		for iNdEx := len(m.Devices) - 1; iNdEx >= 0; iNdEx-- {
+			{
+				size, err := m.Devices[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+				if err != nil {
+					return 0, err
+				}
+				i -= size
+				i = encodeVarintGenerated(dAtA, i, uint64(size))
+			}
+			i--
+			dAtA[i] = 0x32
+		}
+	}
+	if m.AllNodes != nil {
+		i--
+		if *m.AllNodes {
+			dAtA[i] = 1
+		} else {
+			dAtA[i] = 0
+		}
+		i--
+		dAtA[i] = 0x28
+	}
+	if m.NodeSelector != nil {
+		{
+			size, err := m.NodeSelector.MarshalToSizedBuffer(dAtA[:i])
+			if err != nil {
+				return 0, err
+			}
+			i -= size
+			i = encodeVarintGenerated(dAtA, i, uint64(size))
+		}
+		i--
+		dAtA[i] = 0x22
+	}
+	if m.NodeName != nil {
+		i -= len(*m.NodeName)
+		copy(dAtA[i:], *m.NodeName)
+		i = encodeVarintGenerated(dAtA, i, uint64(len(*m.NodeName)))
+		i--
+		dAtA[i] = 0x1a
+	}
+	{
+		size, err := m.Pool.MarshalToSizedBuffer(dAtA[:i])
+		if err != nil {
+			return 0, err
+		}
+		i -= size
+		i = encodeVarintGenerated(dAtA, i, uint64(size))
+	}
+	i--
+	dAtA[i] = 0x12
+	i -= len(m.Driver)
+	copy(dAtA[i:], m.Driver)
+	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Driver)))
+	i--
+	dAtA[i] = 0xa
+	return len(dAtA) - i, nil
+}
+
+func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
+	offset -= sovGenerated(v)
+	base := offset
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return base
+}
+func (m *AllocatedDeviceStatus) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Driver)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Pool)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Device)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Conditions) > 0 {
+		for _, e := range m.Conditions {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if m.Data != nil {
+		l = m.Data.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.NetworkData != nil {
+		l = m.NetworkData.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *AllocationResult) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.Devices.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.NodeSelector != nil {
+		l = m.NodeSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *CELDeviceSelector) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Expression)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *Counter) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.Value.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *CounterSet) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Counters) > 0 {
+		for k, v := range m.Counters {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	return n
+}
+
+func (m *Device) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Attributes) > 0 {
+		for k, v := range m.Attributes {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	if len(m.Capacity) > 0 {
+		for k, v := range m.Capacity {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	if len(m.ConsumesCounters) > 0 {
+		for _, e := range m.ConsumesCounters {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if m.NodeName != nil {
+		l = len(*m.NodeName)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.NodeSelector != nil {
+		l = m.NodeSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.AllNodes != nil {
+		n += 2
+	}
+	if len(m.Taints) > 0 {
+		for _, e := range m.Taints {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *DeviceAllocationConfiguration) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Source)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Requests) > 0 {
+		for _, s := range m.Requests {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	l = m.DeviceConfiguration.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *DeviceAllocationResult) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Results) > 0 {
+		for _, e := range m.Results {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Config) > 0 {
+		for _, e := range m.Config {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *DeviceAttribute) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.IntValue != nil {
+		n += 1 + sovGenerated(uint64(*m.IntValue))
+	}
+	if m.BoolValue != nil {
+		n += 2
+	}
+	if m.StringValue != nil {
+		l = len(*m.StringValue)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.VersionValue != nil {
+		l = len(*m.VersionValue)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *DeviceCapacity) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.Value.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *DeviceClaim) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Requests) > 0 {
+		for _, e := range m.Requests {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Constraints) > 0 {
+		for _, e := range m.Constraints {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Config) > 0 {
+		for _, e := range m.Config {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *DeviceClaimConfiguration) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Requests) > 0 {
+		for _, s := range m.Requests {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	l = m.DeviceConfiguration.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *DeviceClass) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *DeviceClassConfiguration) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.DeviceConfiguration.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *DeviceClassList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *DeviceClassSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Selectors) > 0 {
+		for _, e := range m.Selectors {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Config) > 0 {
+		for _, e := range m.Config {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *DeviceConfiguration) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.Opaque != nil {
+		l = m.Opaque.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *DeviceConstraint) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if len(m.Requests) > 0 {
+		for _, s := range m.Requests {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if m.MatchAttribute != nil {
+		l = len(*m.MatchAttribute)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *DeviceCounterConsumption) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.CounterSet)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Counters) > 0 {
+		for k, v := range m.Counters {
+			_ = k
+			_ = v
+			l = v.Size()
+			mapEntrySize := 1 + len(k) + sovGenerated(uint64(len(k))) + 1 + l + sovGenerated(uint64(l))
+			n += mapEntrySize + 1 + sovGenerated(uint64(mapEntrySize))
+		}
+	}
+	return n
+}
+
+func (m *DeviceRequest) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.Exactly != nil {
+		l = m.Exactly.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if len(m.FirstAvailable) > 0 {
+		for _, e := range m.FirstAvailable {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *DeviceRequestAllocationResult) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Request)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Driver)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Pool)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Device)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.AdminAccess != nil {
+		n += 2
+	}
+	if len(m.Tolerations) > 0 {
+		for _, e := range m.Tolerations {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *DeviceSelector) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.CEL != nil {
+		l = m.CEL.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *DeviceSubRequest) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.DeviceClassName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Selectors) > 0 {
+		for _, e := range m.Selectors {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	l = len(m.AllocationMode)
+	n += 1 + l + sovGenerated(uint64(l))
+	n += 1 + sovGenerated(uint64(m.Count))
+	if len(m.Tolerations) > 0 {
+		for _, e := range m.Tolerations {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *DeviceTaint) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Key)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Value)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Effect)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.TimeAdded != nil {
+		l = m.TimeAdded.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	return n
+}
+
+func (m *DeviceToleration) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Key)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Operator)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Value)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Effect)
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.TolerationSeconds != nil {
+		n += 1 + sovGenerated(uint64(*m.TolerationSeconds))
+	}
+	return n
+}
+
+func (m *ExactDeviceRequest) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.DeviceClassName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Selectors) > 0 {
+		for _, e := range m.Selectors {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	l = len(m.AllocationMode)
+	n += 1 + l + sovGenerated(uint64(l))
+	n += 1 + sovGenerated(uint64(m.Count))
+	if m.AdminAccess != nil {
+		n += 2
+	}
+	if len(m.Tolerations) > 0 {
+		for _, e := range m.Tolerations {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *NetworkDeviceData) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.InterfaceName)
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.IPs) > 0 {
+		for _, s := range m.IPs {
+			l = len(s)
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	l = len(m.HardwareAddress)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *OpaqueDeviceConfiguration) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Driver)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Parameters.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaim) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Status.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaimConsumerReference) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.APIGroup)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Resource)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = len(m.UID)
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaimList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ResourceClaimSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.Devices.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaimStatus) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	if m.Allocation != nil {
+		l = m.Allocation.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if len(m.ReservedFor) > 0 {
+		for _, e := range m.ReservedFor {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if len(m.Devices) > 0 {
+		for _, e := range m.Devices {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ResourceClaimTemplate) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceClaimTemplateList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ResourceClaimTemplateSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourcePool) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Name)
+	n += 1 + l + sovGenerated(uint64(l))
+	n += 1 + sovGenerated(uint64(m.Generation))
+	n += 1 + sovGenerated(uint64(m.ResourceSliceCount))
+	return n
+}
+
+func (m *ResourceSlice) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ObjectMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Spec.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	return n
+}
+
+func (m *ResourceSliceList) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = m.ListMeta.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if len(m.Items) > 0 {
+		for _, e := range m.Items {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func (m *ResourceSliceSpec) Size() (n int) {
+	if m == nil {
+		return 0
+	}
+	var l int
+	_ = l
+	l = len(m.Driver)
+	n += 1 + l + sovGenerated(uint64(l))
+	l = m.Pool.Size()
+	n += 1 + l + sovGenerated(uint64(l))
+	if m.NodeName != nil {
+		l = len(*m.NodeName)
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.NodeSelector != nil {
+		l = m.NodeSelector.Size()
+		n += 1 + l + sovGenerated(uint64(l))
+	}
+	if m.AllNodes != nil {
+		n += 2
+	}
+	if len(m.Devices) > 0 {
+		for _, e := range m.Devices {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	if m.PerDeviceNodeSelection != nil {
+		n += 2
+	}
+	if len(m.SharedCounters) > 0 {
+		for _, e := range m.SharedCounters {
+			l = e.Size()
+			n += 1 + l + sovGenerated(uint64(l))
+		}
+	}
+	return n
+}
+
+func sovGenerated(x uint64) (n int) {
+	return (math_bits.Len64(x|1) + 6) / 7
+}
+func sozGenerated(x uint64) (n int) {
+	return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (this *AllocatedDeviceStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForConditions := "[]Condition{"
+	for _, f := range this.Conditions {
+		repeatedStringForConditions += fmt.Sprintf("%v", f) + ","
+	}
+	repeatedStringForConditions += "}"
+	s := strings.Join([]string{`&AllocatedDeviceStatus{`,
+		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
+		`Pool:` + fmt.Sprintf("%v", this.Pool) + `,`,
+		`Device:` + fmt.Sprintf("%v", this.Device) + `,`,
+		`Conditions:` + repeatedStringForConditions + `,`,
+		`Data:` + strings.Replace(fmt.Sprintf("%v", this.Data), "RawExtension", "runtime.RawExtension", 1) + `,`,
+		`NetworkData:` + strings.Replace(this.NetworkData.String(), "NetworkDeviceData", "NetworkDeviceData", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *AllocationResult) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&AllocationResult{`,
+		`Devices:` + strings.Replace(strings.Replace(this.Devices.String(), "DeviceAllocationResult", "DeviceAllocationResult", 1), `&`, ``, 1) + `,`,
+		`NodeSelector:` + strings.Replace(fmt.Sprintf("%v", this.NodeSelector), "NodeSelector", "v11.NodeSelector", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *CELDeviceSelector) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&CELDeviceSelector{`,
+		`Expression:` + fmt.Sprintf("%v", this.Expression) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *Counter) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&Counter{`,
+		`Value:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Value), "Quantity", "resource.Quantity", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *CounterSet) String() string {
+	if this == nil {
+		return "nil"
+	}
+	keysForCounters := make([]string, 0, len(this.Counters))
+	for k := range this.Counters {
+		keysForCounters = append(keysForCounters, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+	mapStringForCounters := "map[string]Counter{"
+	for _, k := range keysForCounters {
+		mapStringForCounters += fmt.Sprintf("%v: %v,", k, this.Counters[k])
+	}
+	mapStringForCounters += "}"
+	s := strings.Join([]string{`&CounterSet{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`Counters:` + mapStringForCounters + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *Device) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForConsumesCounters := "[]DeviceCounterConsumption{"
+	for _, f := range this.ConsumesCounters {
+		repeatedStringForConsumesCounters += strings.Replace(strings.Replace(f.String(), "DeviceCounterConsumption", "DeviceCounterConsumption", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForConsumesCounters += "}"
+	repeatedStringForTaints := "[]DeviceTaint{"
+	for _, f := range this.Taints {
+		repeatedStringForTaints += fmt.Sprintf("%v", f) + ","
+	}
+	repeatedStringForTaints += "}"
+	keysForAttributes := make([]string, 0, len(this.Attributes))
+	for k := range this.Attributes {
+		keysForAttributes = append(keysForAttributes, string(k))
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForAttributes)
+	mapStringForAttributes := "map[QualifiedName]DeviceAttribute{"
+	for _, k := range keysForAttributes {
+		mapStringForAttributes += fmt.Sprintf("%v: %v,", k, this.Attributes[QualifiedName(k)])
+	}
+	mapStringForAttributes += "}"
+	keysForCapacity := make([]string, 0, len(this.Capacity))
+	for k := range this.Capacity {
+		keysForCapacity = append(keysForCapacity, string(k))
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForCapacity)
+	mapStringForCapacity := "map[QualifiedName]DeviceCapacity{"
+	for _, k := range keysForCapacity {
+		mapStringForCapacity += fmt.Sprintf("%v: %v,", k, this.Capacity[QualifiedName(k)])
+	}
+	mapStringForCapacity += "}"
+	s := strings.Join([]string{`&Device{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`Attributes:` + mapStringForAttributes + `,`,
+		`Capacity:` + mapStringForCapacity + `,`,
+		`ConsumesCounters:` + repeatedStringForConsumesCounters + `,`,
+		`NodeName:` + valueToStringGenerated(this.NodeName) + `,`,
+		`NodeSelector:` + strings.Replace(fmt.Sprintf("%v", this.NodeSelector), "NodeSelector", "v11.NodeSelector", 1) + `,`,
+		`AllNodes:` + valueToStringGenerated(this.AllNodes) + `,`,
+		`Taints:` + repeatedStringForTaints + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceAllocationConfiguration) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceAllocationConfiguration{`,
+		`Source:` + fmt.Sprintf("%v", this.Source) + `,`,
+		`Requests:` + fmt.Sprintf("%v", this.Requests) + `,`,
+		`DeviceConfiguration:` + strings.Replace(strings.Replace(this.DeviceConfiguration.String(), "DeviceConfiguration", "DeviceConfiguration", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceAllocationResult) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForResults := "[]DeviceRequestAllocationResult{"
+	for _, f := range this.Results {
+		repeatedStringForResults += strings.Replace(strings.Replace(f.String(), "DeviceRequestAllocationResult", "DeviceRequestAllocationResult", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForResults += "}"
+	repeatedStringForConfig := "[]DeviceAllocationConfiguration{"
+	for _, f := range this.Config {
+		repeatedStringForConfig += strings.Replace(strings.Replace(f.String(), "DeviceAllocationConfiguration", "DeviceAllocationConfiguration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForConfig += "}"
+	s := strings.Join([]string{`&DeviceAllocationResult{`,
+		`Results:` + repeatedStringForResults + `,`,
+		`Config:` + repeatedStringForConfig + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceAttribute) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceAttribute{`,
+		`IntValue:` + valueToStringGenerated(this.IntValue) + `,`,
+		`BoolValue:` + valueToStringGenerated(this.BoolValue) + `,`,
+		`StringValue:` + valueToStringGenerated(this.StringValue) + `,`,
+		`VersionValue:` + valueToStringGenerated(this.VersionValue) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceCapacity) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceCapacity{`,
+		`Value:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Value), "Quantity", "resource.Quantity", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceClaim) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForRequests := "[]DeviceRequest{"
+	for _, f := range this.Requests {
+		repeatedStringForRequests += strings.Replace(strings.Replace(f.String(), "DeviceRequest", "DeviceRequest", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForRequests += "}"
+	repeatedStringForConstraints := "[]DeviceConstraint{"
+	for _, f := range this.Constraints {
+		repeatedStringForConstraints += strings.Replace(strings.Replace(f.String(), "DeviceConstraint", "DeviceConstraint", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForConstraints += "}"
+	repeatedStringForConfig := "[]DeviceClaimConfiguration{"
+	for _, f := range this.Config {
+		repeatedStringForConfig += strings.Replace(strings.Replace(f.String(), "DeviceClaimConfiguration", "DeviceClaimConfiguration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForConfig += "}"
+	s := strings.Join([]string{`&DeviceClaim{`,
+		`Requests:` + repeatedStringForRequests + `,`,
+		`Constraints:` + repeatedStringForConstraints + `,`,
+		`Config:` + repeatedStringForConfig + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceClaimConfiguration) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceClaimConfiguration{`,
+		`Requests:` + fmt.Sprintf("%v", this.Requests) + `,`,
+		`DeviceConfiguration:` + strings.Replace(strings.Replace(this.DeviceConfiguration.String(), "DeviceConfiguration", "DeviceConfiguration", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceClass) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceClass{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "DeviceClassSpec", "DeviceClassSpec", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceClassConfiguration) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceClassConfiguration{`,
+		`DeviceConfiguration:` + strings.Replace(strings.Replace(this.DeviceConfiguration.String(), "DeviceConfiguration", "DeviceConfiguration", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceClassList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForItems := "[]DeviceClass{"
+	for _, f := range this.Items {
+		repeatedStringForItems += strings.Replace(strings.Replace(f.String(), "DeviceClass", "DeviceClass", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForItems += "}"
+	s := strings.Join([]string{`&DeviceClassList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + repeatedStringForItems + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceClassSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForSelectors := "[]DeviceSelector{"
+	for _, f := range this.Selectors {
+		repeatedStringForSelectors += strings.Replace(strings.Replace(f.String(), "DeviceSelector", "DeviceSelector", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForSelectors += "}"
+	repeatedStringForConfig := "[]DeviceClassConfiguration{"
+	for _, f := range this.Config {
+		repeatedStringForConfig += strings.Replace(strings.Replace(f.String(), "DeviceClassConfiguration", "DeviceClassConfiguration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForConfig += "}"
+	s := strings.Join([]string{`&DeviceClassSpec{`,
+		`Selectors:` + repeatedStringForSelectors + `,`,
+		`Config:` + repeatedStringForConfig + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceConfiguration) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceConfiguration{`,
+		`Opaque:` + strings.Replace(this.Opaque.String(), "OpaqueDeviceConfiguration", "OpaqueDeviceConfiguration", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceConstraint) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceConstraint{`,
+		`Requests:` + fmt.Sprintf("%v", this.Requests) + `,`,
+		`MatchAttribute:` + valueToStringGenerated(this.MatchAttribute) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceCounterConsumption) String() string {
+	if this == nil {
+		return "nil"
+	}
+	keysForCounters := make([]string, 0, len(this.Counters))
+	for k := range this.Counters {
+		keysForCounters = append(keysForCounters, k)
+	}
+	github_com_gogo_protobuf_sortkeys.Strings(keysForCounters)
+	mapStringForCounters := "map[string]Counter{"
+	for _, k := range keysForCounters {
+		mapStringForCounters += fmt.Sprintf("%v: %v,", k, this.Counters[k])
+	}
+	mapStringForCounters += "}"
+	s := strings.Join([]string{`&DeviceCounterConsumption{`,
+		`CounterSet:` + fmt.Sprintf("%v", this.CounterSet) + `,`,
+		`Counters:` + mapStringForCounters + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceRequest) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForFirstAvailable := "[]DeviceSubRequest{"
+	for _, f := range this.FirstAvailable {
+		repeatedStringForFirstAvailable += strings.Replace(strings.Replace(f.String(), "DeviceSubRequest", "DeviceSubRequest", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForFirstAvailable += "}"
+	s := strings.Join([]string{`&DeviceRequest{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`Exactly:` + strings.Replace(this.Exactly.String(), "ExactDeviceRequest", "ExactDeviceRequest", 1) + `,`,
+		`FirstAvailable:` + repeatedStringForFirstAvailable + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceRequestAllocationResult) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForTolerations := "[]DeviceToleration{"
+	for _, f := range this.Tolerations {
+		repeatedStringForTolerations += strings.Replace(strings.Replace(f.String(), "DeviceToleration", "DeviceToleration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForTolerations += "}"
+	s := strings.Join([]string{`&DeviceRequestAllocationResult{`,
+		`Request:` + fmt.Sprintf("%v", this.Request) + `,`,
+		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
+		`Pool:` + fmt.Sprintf("%v", this.Pool) + `,`,
+		`Device:` + fmt.Sprintf("%v", this.Device) + `,`,
+		`AdminAccess:` + valueToStringGenerated(this.AdminAccess) + `,`,
+		`Tolerations:` + repeatedStringForTolerations + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceSelector) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceSelector{`,
+		`CEL:` + strings.Replace(this.CEL.String(), "CELDeviceSelector", "CELDeviceSelector", 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceSubRequest) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForSelectors := "[]DeviceSelector{"
+	for _, f := range this.Selectors {
+		repeatedStringForSelectors += strings.Replace(strings.Replace(f.String(), "DeviceSelector", "DeviceSelector", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForSelectors += "}"
+	repeatedStringForTolerations := "[]DeviceToleration{"
+	for _, f := range this.Tolerations {
+		repeatedStringForTolerations += strings.Replace(strings.Replace(f.String(), "DeviceToleration", "DeviceToleration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForTolerations += "}"
+	s := strings.Join([]string{`&DeviceSubRequest{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`DeviceClassName:` + fmt.Sprintf("%v", this.DeviceClassName) + `,`,
+		`Selectors:` + repeatedStringForSelectors + `,`,
+		`AllocationMode:` + fmt.Sprintf("%v", this.AllocationMode) + `,`,
+		`Count:` + fmt.Sprintf("%v", this.Count) + `,`,
+		`Tolerations:` + repeatedStringForTolerations + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *DeviceToleration) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&DeviceToleration{`,
+		`Key:` + fmt.Sprintf("%v", this.Key) + `,`,
+		`Operator:` + fmt.Sprintf("%v", this.Operator) + `,`,
+		`Value:` + fmt.Sprintf("%v", this.Value) + `,`,
+		`Effect:` + fmt.Sprintf("%v", this.Effect) + `,`,
+		`TolerationSeconds:` + valueToStringGenerated(this.TolerationSeconds) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ExactDeviceRequest) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForSelectors := "[]DeviceSelector{"
+	for _, f := range this.Selectors {
+		repeatedStringForSelectors += strings.Replace(strings.Replace(f.String(), "DeviceSelector", "DeviceSelector", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForSelectors += "}"
+	repeatedStringForTolerations := "[]DeviceToleration{"
+	for _, f := range this.Tolerations {
+		repeatedStringForTolerations += strings.Replace(strings.Replace(f.String(), "DeviceToleration", "DeviceToleration", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForTolerations += "}"
+	s := strings.Join([]string{`&ExactDeviceRequest{`,
+		`DeviceClassName:` + fmt.Sprintf("%v", this.DeviceClassName) + `,`,
+		`Selectors:` + repeatedStringForSelectors + `,`,
+		`AllocationMode:` + fmt.Sprintf("%v", this.AllocationMode) + `,`,
+		`Count:` + fmt.Sprintf("%v", this.Count) + `,`,
+		`AdminAccess:` + valueToStringGenerated(this.AdminAccess) + `,`,
+		`Tolerations:` + repeatedStringForTolerations + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *NetworkDeviceData) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&NetworkDeviceData{`,
+		`InterfaceName:` + fmt.Sprintf("%v", this.InterfaceName) + `,`,
+		`IPs:` + fmt.Sprintf("%v", this.IPs) + `,`,
+		`HardwareAddress:` + fmt.Sprintf("%v", this.HardwareAddress) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *OpaqueDeviceConfiguration) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&OpaqueDeviceConfiguration{`,
+		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
+		`Parameters:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Parameters), "RawExtension", "runtime.RawExtension", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceClaim) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ResourceClaim{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "ResourceClaimSpec", "ResourceClaimSpec", 1), `&`, ``, 1) + `,`,
+		`Status:` + strings.Replace(strings.Replace(this.Status.String(), "ResourceClaimStatus", "ResourceClaimStatus", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceClaimConsumerReference) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ResourceClaimConsumerReference{`,
+		`APIGroup:` + fmt.Sprintf("%v", this.APIGroup) + `,`,
+		`Resource:` + fmt.Sprintf("%v", this.Resource) + `,`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`UID:` + fmt.Sprintf("%v", this.UID) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceClaimList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForItems := "[]ResourceClaim{"
+	for _, f := range this.Items {
+		repeatedStringForItems += strings.Replace(strings.Replace(f.String(), "ResourceClaim", "ResourceClaim", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForItems += "}"
+	s := strings.Join([]string{`&ResourceClaimList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + repeatedStringForItems + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceClaimSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ResourceClaimSpec{`,
+		`Devices:` + strings.Replace(strings.Replace(this.Devices.String(), "DeviceClaim", "DeviceClaim", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceClaimStatus) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForReservedFor := "[]ResourceClaimConsumerReference{"
+	for _, f := range this.ReservedFor {
+		repeatedStringForReservedFor += strings.Replace(strings.Replace(f.String(), "ResourceClaimConsumerReference", "ResourceClaimConsumerReference", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForReservedFor += "}"
+	repeatedStringForDevices := "[]AllocatedDeviceStatus{"
+	for _, f := range this.Devices {
+		repeatedStringForDevices += strings.Replace(strings.Replace(f.String(), "AllocatedDeviceStatus", "AllocatedDeviceStatus", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForDevices += "}"
+	s := strings.Join([]string{`&ResourceClaimStatus{`,
+		`Allocation:` + strings.Replace(this.Allocation.String(), "AllocationResult", "AllocationResult", 1) + `,`,
+		`ReservedFor:` + repeatedStringForReservedFor + `,`,
+		`Devices:` + repeatedStringForDevices + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceClaimTemplate) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ResourceClaimTemplate{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "ResourceClaimTemplateSpec", "ResourceClaimTemplateSpec", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceClaimTemplateList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForItems := "[]ResourceClaimTemplate{"
+	for _, f := range this.Items {
+		repeatedStringForItems += strings.Replace(strings.Replace(f.String(), "ResourceClaimTemplate", "ResourceClaimTemplate", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForItems += "}"
+	s := strings.Join([]string{`&ResourceClaimTemplateList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + repeatedStringForItems + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceClaimTemplateSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ResourceClaimTemplateSpec{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "ResourceClaimSpec", "ResourceClaimSpec", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourcePool) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ResourcePool{`,
+		`Name:` + fmt.Sprintf("%v", this.Name) + `,`,
+		`Generation:` + fmt.Sprintf("%v", this.Generation) + `,`,
+		`ResourceSliceCount:` + fmt.Sprintf("%v", this.ResourceSliceCount) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceSlice) String() string {
+	if this == nil {
+		return "nil"
+	}
+	s := strings.Join([]string{`&ResourceSlice{`,
+		`ObjectMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ObjectMeta), "ObjectMeta", "v1.ObjectMeta", 1), `&`, ``, 1) + `,`,
+		`Spec:` + strings.Replace(strings.Replace(this.Spec.String(), "ResourceSliceSpec", "ResourceSliceSpec", 1), `&`, ``, 1) + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceSliceList) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForItems := "[]ResourceSlice{"
+	for _, f := range this.Items {
+		repeatedStringForItems += strings.Replace(strings.Replace(f.String(), "ResourceSlice", "ResourceSlice", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForItems += "}"
+	s := strings.Join([]string{`&ResourceSliceList{`,
+		`ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`,
+		`Items:` + repeatedStringForItems + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func (this *ResourceSliceSpec) String() string {
+	if this == nil {
+		return "nil"
+	}
+	repeatedStringForDevices := "[]Device{"
+	for _, f := range this.Devices {
+		repeatedStringForDevices += strings.Replace(strings.Replace(f.String(), "Device", "Device", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForDevices += "}"
+	repeatedStringForSharedCounters := "[]CounterSet{"
+	for _, f := range this.SharedCounters {
+		repeatedStringForSharedCounters += strings.Replace(strings.Replace(f.String(), "CounterSet", "CounterSet", 1), `&`, ``, 1) + ","
+	}
+	repeatedStringForSharedCounters += "}"
+	s := strings.Join([]string{`&ResourceSliceSpec{`,
+		`Driver:` + fmt.Sprintf("%v", this.Driver) + `,`,
+		`Pool:` + strings.Replace(strings.Replace(this.Pool.String(), "ResourcePool", "ResourcePool", 1), `&`, ``, 1) + `,`,
+		`NodeName:` + valueToStringGenerated(this.NodeName) + `,`,
+		`NodeSelector:` + strings.Replace(fmt.Sprintf("%v", this.NodeSelector), "NodeSelector", "v11.NodeSelector", 1) + `,`,
+		`AllNodes:` + valueToStringGenerated(this.AllNodes) + `,`,
+		`Devices:` + repeatedStringForDevices + `,`,
+		`PerDeviceNodeSelection:` + valueToStringGenerated(this.PerDeviceNodeSelection) + `,`,
+		`SharedCounters:` + repeatedStringForSharedCounters + `,`,
+		`}`,
+	}, "")
+	return s
+}
+func valueToStringGenerated(v interface{}) string {
+	rv := reflect.ValueOf(v)
+	if rv.IsNil() {
+		return "nil"
+	}
+	pv := reflect.Indirect(rv).Interface()
+	return fmt.Sprintf("*%v", pv)
+}
+func (m *AllocatedDeviceStatus) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: AllocatedDeviceStatus: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: AllocatedDeviceStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Driver = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Pool", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Pool = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Device", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Device = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Conditions", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Conditions = append(m.Conditions, v1.Condition{})
+			if err := m.Conditions[len(m.Conditions)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Data", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Data == nil {
+				m.Data = &runtime.RawExtension{}
+			}
+			if err := m.Data.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NetworkData", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.NetworkData == nil {
+				m.NetworkData = &NetworkDeviceData{}
+			}
+			if err := m.NetworkData.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *AllocationResult) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: AllocationResult: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: AllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Devices", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Devices.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeSelector", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.NodeSelector == nil {
+				m.NodeSelector = &v11.NodeSelector{}
+			}
+			if err := m.NodeSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *CELDeviceSelector) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: CELDeviceSelector: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: CELDeviceSelector: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Expression", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Expression = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *Counter) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: Counter: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: Counter: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Value.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *CounterSet) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: CounterSet: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: CounterSet: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Counters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Counters == nil {
+				m.Counters = make(map[string]Counter)
+			}
+			var mapkey string
+			mapvalue := &Counter{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = string(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapmsglen int
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapmsglen |= int(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					if mapmsglen < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postmsgIndex := iNdEx + mapmsglen
+					if postmsgIndex < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postmsgIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = &Counter{}
+					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+						return err
+					}
+					iNdEx = postmsgIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipGenerated(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
+			}
+			m.Counters[mapkey] = *mapvalue
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *Device) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: Device: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: Device: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Attributes", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Attributes == nil {
+				m.Attributes = make(map[QualifiedName]DeviceAttribute)
+			}
+			var mapkey QualifiedName
+			mapvalue := &DeviceAttribute{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = QualifiedName(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapmsglen int
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapmsglen |= int(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					if mapmsglen < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postmsgIndex := iNdEx + mapmsglen
+					if postmsgIndex < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postmsgIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = &DeviceAttribute{}
+					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+						return err
+					}
+					iNdEx = postmsgIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipGenerated(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
+			}
+			m.Attributes[QualifiedName(mapkey)] = *mapvalue
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Capacity", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Capacity == nil {
+				m.Capacity = make(map[QualifiedName]DeviceCapacity)
+			}
+			var mapkey QualifiedName
+			mapvalue := &DeviceCapacity{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = QualifiedName(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapmsglen int
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapmsglen |= int(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					if mapmsglen < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postmsgIndex := iNdEx + mapmsglen
+					if postmsgIndex < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postmsgIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = &DeviceCapacity{}
+					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+						return err
+					}
+					iNdEx = postmsgIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipGenerated(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
+			}
+			m.Capacity[QualifiedName(mapkey)] = *mapvalue
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ConsumesCounters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.ConsumesCounters = append(m.ConsumesCounters, DeviceCounterConsumption{})
+			if err := m.ConsumesCounters[len(m.ConsumesCounters)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.NodeName = &s
+			iNdEx = postIndex
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeSelector", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.NodeSelector == nil {
+				m.NodeSelector = &v11.NodeSelector{}
+			}
+			if err := m.NodeSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 7:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllNodes", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AllNodes = &b
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Taints", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Taints = append(m.Taints, DeviceTaint{})
+			if err := m.Taints[len(m.Taints)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceAllocationConfiguration) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceAllocationConfiguration: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceAllocationConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Source", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Source = AllocationConfigSource(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceAllocationResult) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceAllocationResult: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceAllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Results", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Results = append(m.Results, DeviceRequestAllocationResult{})
+			if err := m.Results[len(m.Results)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Config = append(m.Config, DeviceAllocationConfiguration{})
+			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceAttribute) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceAttribute: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceAttribute: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 2:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field IntValue", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.IntValue = &v
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field BoolValue", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.BoolValue = &b
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field StringValue", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.StringValue = &s
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field VersionValue", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.VersionValue = &s
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceCapacity) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceCapacity: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceCapacity: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Value.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClaim) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClaim: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClaim: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Requests = append(m.Requests, DeviceRequest{})
+			if err := m.Requests[len(m.Requests)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Constraints", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Constraints = append(m.Constraints, DeviceConstraint{})
+			if err := m.Constraints[len(m.Constraints)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Config = append(m.Config, DeviceClaimConfiguration{})
+			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClaimConfiguration) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClaimConfiguration: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClaimConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClass) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClass: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClass: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClassConfiguration) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClassConfiguration: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClassConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceConfiguration", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.DeviceConfiguration.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClassList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClassList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClassList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, DeviceClass{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceClassSpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceClassSpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceClassSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Selectors = append(m.Selectors, DeviceSelector{})
+			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Config", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Config = append(m.Config, DeviceClassConfiguration{})
+			if err := m.Config[len(m.Config)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceConfiguration) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceConfiguration: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Opaque", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Opaque == nil {
+				m.Opaque = &OpaqueDeviceConfiguration{}
+			}
+			if err := m.Opaque.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceConstraint) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceConstraint: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceConstraint: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Requests", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Requests = append(m.Requests, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field MatchAttribute", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := FullyQualifiedName(dAtA[iNdEx:postIndex])
+			m.MatchAttribute = &s
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceCounterConsumption) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceCounterConsumption: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceCounterConsumption: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field CounterSet", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.CounterSet = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Counters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Counters == nil {
+				m.Counters = make(map[string]Counter)
+			}
+			var mapkey string
+			mapvalue := &Counter{}
+			for iNdEx < postIndex {
+				entryPreIndex := iNdEx
+				var wire uint64
+				for shift := uint(0); ; shift += 7 {
+					if shift >= 64 {
+						return ErrIntOverflowGenerated
+					}
+					if iNdEx >= l {
+						return io.ErrUnexpectedEOF
+					}
+					b := dAtA[iNdEx]
+					iNdEx++
+					wire |= uint64(b&0x7F) << shift
+					if b < 0x80 {
+						break
+					}
+				}
+				fieldNum := int32(wire >> 3)
+				if fieldNum == 1 {
+					var stringLenmapkey uint64
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						stringLenmapkey |= uint64(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					intStringLenmapkey := int(stringLenmapkey)
+					if intStringLenmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postStringIndexmapkey := iNdEx + intStringLenmapkey
+					if postStringIndexmapkey < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postStringIndexmapkey > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapkey = string(dAtA[iNdEx:postStringIndexmapkey])
+					iNdEx = postStringIndexmapkey
+				} else if fieldNum == 2 {
+					var mapmsglen int
+					for shift := uint(0); ; shift += 7 {
+						if shift >= 64 {
+							return ErrIntOverflowGenerated
+						}
+						if iNdEx >= l {
+							return io.ErrUnexpectedEOF
+						}
+						b := dAtA[iNdEx]
+						iNdEx++
+						mapmsglen |= int(b&0x7F) << shift
+						if b < 0x80 {
+							break
+						}
+					}
+					if mapmsglen < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					postmsgIndex := iNdEx + mapmsglen
+					if postmsgIndex < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if postmsgIndex > l {
+						return io.ErrUnexpectedEOF
+					}
+					mapvalue = &Counter{}
+					if err := mapvalue.Unmarshal(dAtA[iNdEx:postmsgIndex]); err != nil {
+						return err
+					}
+					iNdEx = postmsgIndex
+				} else {
+					iNdEx = entryPreIndex
+					skippy, err := skipGenerated(dAtA[iNdEx:])
+					if err != nil {
+						return err
+					}
+					if (skippy < 0) || (iNdEx+skippy) < 0 {
+						return ErrInvalidLengthGenerated
+					}
+					if (iNdEx + skippy) > postIndex {
+						return io.ErrUnexpectedEOF
+					}
+					iNdEx += skippy
+				}
+			}
+			m.Counters[mapkey] = *mapvalue
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Exactly", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Exactly == nil {
+				m.Exactly = &ExactDeviceRequest{}
+			}
+			if err := m.Exactly.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field FirstAvailable", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.FirstAvailable = append(m.FirstAvailable, DeviceSubRequest{})
+			if err := m.FirstAvailable[len(m.FirstAvailable)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceRequestAllocationResult) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceRequestAllocationResult: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceRequestAllocationResult: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Request", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Request = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Driver = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Pool", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Pool = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Device", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Device = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AdminAccess", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AdminAccess = &b
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Tolerations", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Tolerations = append(m.Tolerations, DeviceToleration{})
+			if err := m.Tolerations[len(m.Tolerations)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceSelector) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceSelector: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceSelector: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field CEL", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.CEL == nil {
+				m.CEL = &CELDeviceSelector{}
+			}
+			if err := m.CEL.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceSubRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceSubRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceSubRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceClassName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.DeviceClassName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Selectors = append(m.Selectors, DeviceSelector{})
+			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllocationMode", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.AllocationMode = DeviceAllocationMode(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Count", wireType)
+			}
+			m.Count = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Count |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Tolerations", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Tolerations = append(m.Tolerations, DeviceToleration{})
+			if err := m.Tolerations[len(m.Tolerations)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceTaint) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceTaint: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceTaint: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Key", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Key = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Value = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Effect", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Effect = DeviceTaintEffect(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TimeAdded", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.TimeAdded == nil {
+				m.TimeAdded = &v1.Time{}
+			}
+			if err := m.TimeAdded.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *DeviceToleration) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: DeviceToleration: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: DeviceToleration: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Key", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Key = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Operator", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Operator = DeviceTolerationOperator(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Value", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Value = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Effect", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Effect = DeviceTaintEffect(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TolerationSeconds", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.TolerationSeconds = &v
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ExactDeviceRequest) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ExactDeviceRequest: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ExactDeviceRequest: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceClassName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.DeviceClassName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Selectors", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Selectors = append(m.Selectors, DeviceSelector{})
+			if err := m.Selectors[len(m.Selectors)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllocationMode", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.AllocationMode = DeviceAllocationMode(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Count", wireType)
+			}
+			m.Count = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Count |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AdminAccess", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AdminAccess = &b
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Tolerations", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Tolerations = append(m.Tolerations, DeviceToleration{})
+			if err := m.Tolerations[len(m.Tolerations)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *NetworkDeviceData) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: NetworkDeviceData: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: NetworkDeviceData: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field InterfaceName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.InterfaceName = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field IPs", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.IPs = append(m.IPs, string(dAtA[iNdEx:postIndex]))
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field HardwareAddress", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.HardwareAddress = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *OpaqueDeviceConfiguration) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: OpaqueDeviceConfiguration: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: OpaqueDeviceConfiguration: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Driver = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Parameters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Parameters.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceClaim) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceClaim: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceClaim: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Status", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Status.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceClaimConsumerReference) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceClaimConsumerReference: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceClaimConsumerReference: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field APIGroup", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.APIGroup = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Resource", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Resource = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field UID", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.UID = k8s_io_apimachinery_pkg_types.UID(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceClaimList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceClaimList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceClaimList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, ResourceClaim{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceClaimSpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceClaimSpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceClaimSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Devices", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Devices.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceClaimStatus) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceClaimStatus: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceClaimStatus: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Allocation", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.Allocation == nil {
+				m.Allocation = &AllocationResult{}
+			}
+			if err := m.Allocation.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ReservedFor", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.ReservedFor = append(m.ReservedFor, ResourceClaimConsumerReference{})
+			if err := m.ReservedFor[len(m.ReservedFor)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Devices", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Devices = append(m.Devices, AllocatedDeviceStatus{})
+			if err := m.Devices[len(m.Devices)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceClaimTemplate) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceClaimTemplate: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceClaimTemplate: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceClaimTemplateList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceClaimTemplateList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceClaimTemplateList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, ResourceClaimTemplate{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceClaimTemplateSpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceClaimTemplateSpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceClaimTemplateSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourcePool) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourcePool: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourcePool: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Name = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Generation", wireType)
+			}
+			m.Generation = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.Generation |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ResourceSliceCount", wireType)
+			}
+			m.ResourceSliceCount = 0
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				m.ResourceSliceCount |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceSlice) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceSlice: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceSlice: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ObjectMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ObjectMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Spec", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Spec.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceSliceList) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceSliceList: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceSliceList: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Items = append(m.Items, ResourceSlice{})
+			if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func (m *ResourceSliceSpec) Unmarshal(dAtA []byte) error {
+	l := len(dAtA)
+	iNdEx := 0
+	for iNdEx < l {
+		preIndex := iNdEx
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= uint64(b&0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		fieldNum := int32(wire >> 3)
+		wireType := int(wire & 0x7)
+		if wireType == 4 {
+			return fmt.Errorf("proto: ResourceSliceSpec: wiretype end group for non-group")
+		}
+		if fieldNum <= 0 {
+			return fmt.Errorf("proto: ResourceSliceSpec: illegal tag %d (wire type %d)", fieldNum, wire)
+		}
+		switch fieldNum {
+		case 1:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Driver", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Driver = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 2:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Pool", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if err := m.Pool.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeName", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			s := string(dAtA[iNdEx:postIndex])
+			m.NodeName = &s
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeSelector", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			if m.NodeSelector == nil {
+				m.NodeSelector = &v11.NodeSelector{}
+			}
+			if err := m.NodeSelector.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 5:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field AllNodes", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.AllNodes = &b
+		case 6:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field Devices", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.Devices = append(m.Devices, Device{})
+			if err := m.Devices[len(m.Devices)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		case 7:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field PerDeviceNodeSelection", wireType)
+			}
+			var v int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			b := bool(v != 0)
+			m.PerDeviceNodeSelection = &b
+		case 8:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field SharedCounters", wireType)
+			}
+			var msglen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				msglen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if msglen < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			postIndex := iNdEx + msglen
+			if postIndex < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.SharedCounters = append(m.SharedCounters, CounterSet{})
+			if err := m.SharedCounters[len(m.SharedCounters)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+				return err
+			}
+			iNdEx = postIndex
+		default:
+			iNdEx = preIndex
+			skippy, err := skipGenerated(dAtA[iNdEx:])
+			if err != nil {
+				return err
+			}
+			if (skippy < 0) || (iNdEx+skippy) < 0 {
+				return ErrInvalidLengthGenerated
+			}
+			if (iNdEx + skippy) > l {
+				return io.ErrUnexpectedEOF
+			}
+			iNdEx += skippy
+		}
+	}
+
+	if iNdEx > l {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+func skipGenerated(dAtA []byte) (n int, err error) {
+	l := len(dAtA)
+	iNdEx := 0
+	depth := 0
+	for iNdEx < l {
+		var wire uint64
+		for shift := uint(0); ; shift += 7 {
+			if shift >= 64 {
+				return 0, ErrIntOverflowGenerated
+			}
+			if iNdEx >= l {
+				return 0, io.ErrUnexpectedEOF
+			}
+			b := dAtA[iNdEx]
+			iNdEx++
+			wire |= (uint64(b) & 0x7F) << shift
+			if b < 0x80 {
+				break
+			}
+		}
+		wireType := int(wire & 0x7)
+		switch wireType {
+		case 0:
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				iNdEx++
+				if dAtA[iNdEx-1] < 0x80 {
+					break
+				}
+			}
+		case 1:
+			iNdEx += 8
+		case 2:
+			var length int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return 0, ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return 0, io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				length |= (int(b) & 0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if length < 0 {
+				return 0, ErrInvalidLengthGenerated
+			}
+			iNdEx += length
+		case 3:
+			depth++
+		case 4:
+			if depth == 0 {
+				return 0, ErrUnexpectedEndOfGroupGenerated
+			}
+			depth--
+		case 5:
+			iNdEx += 4
+		default:
+			return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
+		}
+		if iNdEx < 0 {
+			return 0, ErrInvalidLengthGenerated
+		}
+		if depth == 0 {
+			return iNdEx, nil
+		}
+	}
+	return 0, io.ErrUnexpectedEOF
+}
+
+var (
+	ErrInvalidLengthGenerated        = fmt.Errorf("proto: negative length found during unmarshaling")
+	ErrIntOverflowGenerated          = fmt.Errorf("proto: integer overflow")
+	ErrUnexpectedEndOfGroupGenerated = fmt.Errorf("proto: unexpected end of group")
+)
diff --git a/vendor/k8s.io/api/resource/v1beta2/generated.proto b/vendor/k8s.io/api/resource/v1beta2/generated.proto
new file mode 100644
index 0000000000..15ceea25fa
--- /dev/null
+++ b/vendor/k8s.io/api/resource/v1beta2/generated.proto
@@ -0,0 +1,1278 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+
+// This file was autogenerated by go-to-protobuf. Do not edit it manually!
+
+syntax = "proto2";
+
+package k8s.io.api.resource.v1beta2;
+
+import "k8s.io/api/core/v1/generated.proto";
+import "k8s.io/apimachinery/pkg/api/resource/generated.proto";
+import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
+
+// Package-wide variables from generator "generated".
+option go_package = "k8s.io/api/resource/v1beta2";
+
+// AllocatedDeviceStatus contains the status of an allocated device, if the
+// driver chooses to report it. This may include driver-specific information.
+message AllocatedDeviceStatus {
+  // Driver specifies the name of the DRA driver whose kubelet
+  // plugin should be invoked to process the allocation once the claim is
+  // needed on a node.
+  //
+  // Must be a DNS subdomain and should end with a DNS domain owned by the
+  // vendor of the driver.
+  //
+  // +required
+  optional string driver = 1;
+
+  // This name together with the driver name and the device name field
+  // identify which device was allocated (`<driver name>/<pool name>/<device name>`).
+  //
+  // Must not be longer than 253 characters and may contain one or more
+  // DNS sub-domains separated by slashes.
+  //
+  // +required
+  optional string pool = 2;
+
+  // Device references one device instance via its name in the driver's
+  // resource pool. It must be a DNS label.
+  //
+  // +required
+  optional string device = 3;
+
+  // Conditions contains the latest observation of the device's state.
+  // If the device has been configured according to the class and claim
+  // config references, the `Ready` condition should be True.
+  //
+  // Must not contain more than 8 entries.
+  //
+  // +optional
+  // +listType=map
+  // +listMapKey=type
+  repeated .k8s.io.apimachinery.pkg.apis.meta.v1.Condition conditions = 4;
+
+  // Data contains arbitrary driver-specific data.
+  //
+  // The length of the raw data must be smaller or equal to 10 Ki.
+  //
+  // +optional
+  optional .k8s.io.apimachinery.pkg.runtime.RawExtension data = 5;
+
+  // NetworkData contains network-related information specific to the device.
+  //
+  // +optional
+  optional NetworkDeviceData networkData = 6;
+}
+
+// AllocationResult contains attributes of an allocated resource.
+message AllocationResult {
+  // Devices is the result of allocating devices.
+  //
+  // +optional
+  optional DeviceAllocationResult devices = 1;
+
+  // NodeSelector defines where the allocated resources are available. If
+  // unset, they are available everywhere.
+  //
+  // +optional
+  optional .k8s.io.api.core.v1.NodeSelector nodeSelector = 3;
+}
+
+// CELDeviceSelector contains a CEL expression for selecting a device.
+message CELDeviceSelector {
+  // Expression is a CEL expression which evaluates a single device. It
+  // must evaluate to true when the device under consideration satisfies
+  // the desired criteria, and false when it does not. Any other result
+  // is an error and causes allocation of devices to abort.
+  //
+  // The expression's input is an object named "device", which carries
+  // the following properties:
+  //  - driver (string): the name of the driver which defines this device.
+  //  - attributes (map[string]object): the device's attributes, grouped by prefix
+  //    (e.g. device.attributes["dra.example.com"] evaluates to an object with all
+  //    of the attributes which were prefixed by "dra.example.com".
+  //  - capacity (map[string]object): the device's capacities, grouped by prefix.
+  //
+  // Example: Consider a device with driver="dra.example.com", which exposes
+  // two attributes named "model" and "ext.example.com/family" and which
+  // exposes one capacity named "modules". This input to this expression
+  // would have the following fields:
+  //
+  //     device.driver
+  //     device.attributes["dra.example.com"].model
+  //     device.attributes["ext.example.com"].family
+  //     device.capacity["dra.example.com"].modules
+  //
+  // The device.driver field can be used to check for a specific driver,
+  // either as a high-level precondition (i.e. you only want to consider
+  // devices from this driver) or as part of a multi-clause expression
+  // that is meant to consider devices from different drivers.
+  //
+  // The value type of each attribute is defined by the device
+  // definition, and users who write these expressions must consult the
+  // documentation for their specific drivers. The value type of each
+  // capacity is Quantity.
+  //
+  // If an unknown prefix is used as a lookup in either device.attributes
+  // or device.capacity, an empty map will be returned. Any reference to
+  // an unknown field will cause an evaluation error and allocation to
+  // abort.
+  //
+  // A robust expression should check for the existence of attributes
+  // before referencing them.
+  //
+  // For ease of use, the cel.bind() function is enabled, and can be used
+  // to simplify expressions that access multiple attributes with the
+  // same domain. For example:
+  //
+  //     cel.bind(dra, device.attributes["dra.example.com"], dra.someBool && dra.anotherBool)
+  //
+  // The length of the expression must be smaller or equal to 10 Ki. The
+  // cost of evaluating it is also limited based on the estimated number
+  // of logical steps.
+  //
+  // +required
+  optional string expression = 1;
+}
+
+// Counter describes a quantity associated with a device.
+message Counter {
+  // Value defines how much of a certain device counter is available.
+  //
+  // +required
+  optional .k8s.io.apimachinery.pkg.api.resource.Quantity value = 1;
+}
+
+// CounterSet defines a named set of counters
+// that are available to be used by devices defined in the
+// ResourceSlice.
+//
+// The counters are not allocatable by themselves, but
+// can be referenced by devices. When a device is allocated,
+// the portion of counters it uses will no longer be available for use
+// by other devices.
+message CounterSet {
+  // Name defines the name of the counter set.
+  // It must be a DNS label.
+  //
+  // +required
+  optional string name = 1;
+
+  // Counters defines the set of counters for this CounterSet
+  // The name of each counter must be unique in that set and must be a DNS label.
+  //
+  // The maximum number of counters in all sets is 32.
+  //
+  // +required
+  map<string, Counter> counters = 2;
+}
+
+// Device represents one individual hardware instance that can be selected based
+// on its attributes. Besides the name, exactly one field must be set.
+message Device {
+  // Name is unique identifier among all devices managed by
+  // the driver in the pool. It must be a DNS label.
+  //
+  // +required
+  optional string name = 1;
+
+  // Attributes defines the set of attributes for this device.
+  // The name of each attribute must be unique in that set.
+  //
+  // The maximum number of attributes and capacities combined is 32.
+  //
+  // +optional
+  map<string, DeviceAttribute> attributes = 2;
+
+  // Capacity defines the set of capacities for this device.
+  // The name of each capacity must be unique in that set.
+  //
+  // The maximum number of attributes and capacities combined is 32.
+  //
+  // +optional
+  map<string, DeviceCapacity> capacity = 3;
+
+  // ConsumesCounters defines a list of references to sharedCounters
+  // and the set of counters that the device will
+  // consume from those counter sets.
+  //
+  // There can only be a single entry per counterSet.
+  //
+  // The total number of device counter consumption entries
+  // must be <= 32. In addition, the total number in the
+  // entire ResourceSlice must be <= 1024 (for example,
+  // 64 devices with 16 counters each).
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRAPartitionableDevices
+  repeated DeviceCounterConsumption consumesCounters = 4;
+
+  // NodeName identifies the node where the device is available.
+  //
+  // Must only be set if Spec.PerDeviceNodeSelection is set to true.
+  // At most one of NodeName, NodeSelector and AllNodes can be set.
+  //
+  // +optional
+  // +oneOf=DeviceNodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional string nodeName = 5;
+
+  // NodeSelector defines the nodes where the device is available.
+  //
+  // Must use exactly one term.
+  //
+  // Must only be set if Spec.PerDeviceNodeSelection is set to true.
+  // At most one of NodeName, NodeSelector and AllNodes can be set.
+  //
+  // +optional
+  // +oneOf=DeviceNodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional .k8s.io.api.core.v1.NodeSelector nodeSelector = 6;
+
+  // AllNodes indicates that all nodes have access to the device.
+  //
+  // Must only be set if Spec.PerDeviceNodeSelection is set to true.
+  // At most one of NodeName, NodeSelector and AllNodes can be set.
+  //
+  // +optional
+  // +oneOf=DeviceNodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional bool allNodes = 7;
+
+  // If specified, these are the driver-defined taints.
+  //
+  // The maximum number of taints is 4.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceTaint taints = 8;
+}
+
+// DeviceAllocationConfiguration gets embedded in an AllocationResult.
+message DeviceAllocationConfiguration {
+  // Source records whether the configuration comes from a class and thus
+  // is not something that a normal user would have been able to set
+  // or from a claim.
+  //
+  // +required
+  optional string source = 1;
+
+  // Requests lists the names of requests where the configuration applies.
+  // If empty, its applies to all requests.
+  //
+  // References to subrequests must include the name of the main request
+  // and may include the subrequest using the format <main request>[/<subrequest>]. If just
+  // the main request is given, the configuration applies to all subrequests.
+  //
+  // +optional
+  // +listType=atomic
+  repeated string requests = 2;
+
+  optional DeviceConfiguration deviceConfiguration = 3;
+}
+
+// DeviceAllocationResult is the result of allocating devices.
+message DeviceAllocationResult {
+  // Results lists all allocated devices.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceRequestAllocationResult results = 1;
+
+  // This field is a combination of all the claim and class configuration parameters.
+  // Drivers can distinguish between those based on a flag.
+  //
+  // This includes configuration parameters for drivers which have no allocated
+  // devices in the result because it is up to the drivers which configuration
+  // parameters they support. They can silently ignore unknown configuration
+  // parameters.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceAllocationConfiguration config = 2;
+}
+
+// DeviceAttribute must have exactly one field set.
+message DeviceAttribute {
+  // IntValue is a number.
+  //
+  // +optional
+  // +oneOf=ValueType
+  optional int64 int = 2;
+
+  // BoolValue is a true/false value.
+  //
+  // +optional
+  // +oneOf=ValueType
+  optional bool bool = 3;
+
+  // StringValue is a string. Must not be longer than 64 characters.
+  //
+  // +optional
+  // +oneOf=ValueType
+  optional string string = 4;
+
+  // VersionValue is a semantic version according to semver.org spec 2.0.0.
+  // Must not be longer than 64 characters.
+  //
+  // +optional
+  // +oneOf=ValueType
+  optional string version = 5;
+}
+
+// DeviceCapacity describes a quantity associated with a device.
+message DeviceCapacity {
+  // Value defines how much of a certain device capacity is available.
+  //
+  // +required
+  optional .k8s.io.apimachinery.pkg.api.resource.Quantity value = 1;
+}
+
+// DeviceClaim defines how to request devices with a ResourceClaim.
+message DeviceClaim {
+  // Requests represent individual requests for distinct devices which
+  // must all be satisfied. If empty, nothing needs to be allocated.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceRequest requests = 1;
+
+  // These constraints must be satisfied by the set of devices that get
+  // allocated for the claim.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceConstraint constraints = 2;
+
+  // This field holds configuration for multiple potential drivers which
+  // could satisfy requests in this claim. It is ignored while allocating
+  // the claim.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceClaimConfiguration config = 3;
+}
+
+// DeviceClaimConfiguration is used for configuration parameters in DeviceClaim.
+message DeviceClaimConfiguration {
+  // Requests lists the names of requests where the configuration applies.
+  // If empty, it applies to all requests.
+  //
+  // References to subrequests must include the name of the main request
+  // and may include the subrequest using the format <main request>[/<subrequest>]. If just
+  // the main request is given, the configuration applies to all subrequests.
+  //
+  // +optional
+  // +listType=atomic
+  repeated string requests = 1;
+
+  optional DeviceConfiguration deviceConfiguration = 2;
+}
+
+// DeviceClass is a vendor- or admin-provided resource that contains
+// device configuration and selectors. It can be referenced in
+// the device requests of a claim to apply these presets.
+// Cluster scoped.
+//
+// This is an alpha type and requires enabling the DynamicResourceAllocation
+// feature gate.
+message DeviceClass {
+  // Standard object metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // Spec defines what can be allocated and how to configure it.
+  //
+  // This is mutable. Consumers have to be prepared for classes changing
+  // at any time, either because they get updated or replaced. Claim
+  // allocations are done once based on whatever was set in classes at
+  // the time of allocation.
+  //
+  // Changing the spec automatically increments the metadata.generation number.
+  optional DeviceClassSpec spec = 2;
+}
+
+// DeviceClassConfiguration is used in DeviceClass.
+message DeviceClassConfiguration {
+  optional DeviceConfiguration deviceConfiguration = 1;
+}
+
+// DeviceClassList is a collection of classes.
+message DeviceClassList {
+  // Standard list metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // Items is the list of resource classes.
+  repeated DeviceClass items = 2;
+}
+
+// DeviceClassSpec is used in a [DeviceClass] to define what can be allocated
+// and how to configure it.
+message DeviceClassSpec {
+  // Each selector must be satisfied by a device which is claimed via this class.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceSelector selectors = 1;
+
+  // Config defines configuration parameters that apply to each device that is claimed via this class.
+  // Some classses may potentially be satisfied by multiple drivers, so each instance of a vendor
+  // configuration applies to exactly one driver.
+  //
+  // They are passed to the driver, but are not considered while allocating the claim.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceClassConfiguration config = 2;
+}
+
+// DeviceConfiguration must have exactly one field set. It gets embedded
+// inline in some other structs which have other fields, so field names must
+// not conflict with those.
+message DeviceConfiguration {
+  // Opaque provides driver-specific configuration parameters.
+  //
+  // +optional
+  // +oneOf=ConfigurationType
+  optional OpaqueDeviceConfiguration opaque = 1;
+}
+
+// DeviceConstraint must have exactly one field set besides Requests.
+message DeviceConstraint {
+  // Requests is a list of the one or more requests in this claim which
+  // must co-satisfy this constraint. If a request is fulfilled by
+  // multiple devices, then all of the devices must satisfy the
+  // constraint. If this is not specified, this constraint applies to all
+  // requests in this claim.
+  //
+  // References to subrequests must include the name of the main request
+  // and may include the subrequest using the format <main request>[/<subrequest>]. If just
+  // the main request is given, the constraint applies to all subrequests.
+  //
+  // +optional
+  // +listType=atomic
+  repeated string requests = 1;
+
+  // MatchAttribute requires that all devices in question have this
+  // attribute and that its type and value are the same across those
+  // devices.
+  //
+  // For example, if you specified "dra.example.com/numa" (a hypothetical example!),
+  // then only devices in the same NUMA node will be chosen. A device which
+  // does not have that attribute will not be chosen. All devices should
+  // use a value of the same type for this attribute because that is part of
+  // its specification, but if one device doesn't, then it also will not be
+  // chosen.
+  //
+  // Must include the domain qualifier.
+  //
+  // +optional
+  // +oneOf=ConstraintType
+  optional string matchAttribute = 2;
+}
+
+// DeviceCounterConsumption defines a set of counters that
+// a device will consume from a CounterSet.
+message DeviceCounterConsumption {
+  // CounterSet is the name of the set from which the
+  // counters defined will be consumed.
+  //
+  // +required
+  optional string counterSet = 1;
+
+  // Counters defines the counters that will be consumed by the device.
+  //
+  // The maximum number counters in a device is 32.
+  // In addition, the maximum number of all counters
+  // in all devices is 1024 (for example, 64 devices with
+  // 16 counters each).
+  //
+  // +required
+  map<string, Counter> counters = 2;
+}
+
+// DeviceRequest is a request for devices required for a claim.
+// This is typically a request for a single resource like a device, but can
+// also ask for several identical devices. With FirstAvailable it is also
+// possible to provide a prioritized list of requests.
+message DeviceRequest {
+  // Name can be used to reference this request in a pod.spec.containers[].resources.claims
+  // entry and in a constraint of the claim.
+  //
+  // References using the name in the DeviceRequest will uniquely
+  // identify a request when the Exactly field is set. When the
+  // FirstAvailable field is set, a reference to the name of the
+  // DeviceRequest will match whatever subrequest is chosen by the
+  // scheduler.
+  //
+  // Must be a DNS label.
+  //
+  // +required
+  optional string name = 1;
+
+  // Exactly specifies the details for a single request that must
+  // be met exactly for the request to be satisfied.
+  //
+  // One of Exactly or FirstAvailable must be set.
+  //
+  // +optional
+  // +oneOf=deviceRequestType
+  optional ExactDeviceRequest exactly = 2;
+
+  // FirstAvailable contains subrequests, of which exactly one will be
+  // selected by the scheduler. It tries to
+  // satisfy them in the order in which they are listed here. So if
+  // there are two entries in the list, the scheduler will only check
+  // the second one if it determines that the first one can not be used.
+  //
+  // DRA does not yet implement scoring, so the scheduler will
+  // select the first set of devices that satisfies all the
+  // requests in the claim. And if the requirements can
+  // be satisfied on more than one node, other scheduling features
+  // will determine which node is chosen. This means that the set of
+  // devices allocated to a claim might not be the optimal set
+  // available to the cluster. Scoring will be implemented later.
+  //
+  // +optional
+  // +oneOf=deviceRequestType
+  // +listType=atomic
+  // +featureGate=DRAPrioritizedList
+  repeated DeviceSubRequest firstAvailable = 3;
+}
+
+// DeviceRequestAllocationResult contains the allocation result for one request.
+message DeviceRequestAllocationResult {
+  // Request is the name of the request in the claim which caused this
+  // device to be allocated. If it references a subrequest in the
+  // firstAvailable list on a DeviceRequest, this field must
+  // include both the name of the main request and the subrequest
+  // using the format <main request>/<subrequest>.
+  //
+  // Multiple devices may have been allocated per request.
+  //
+  // +required
+  optional string request = 1;
+
+  // Driver specifies the name of the DRA driver whose kubelet
+  // plugin should be invoked to process the allocation once the claim is
+  // needed on a node.
+  //
+  // Must be a DNS subdomain and should end with a DNS domain owned by the
+  // vendor of the driver.
+  //
+  // +required
+  optional string driver = 2;
+
+  // This name together with the driver name and the device name field
+  // identify which device was allocated (`<driver name>/<pool name>/<device name>`).
+  //
+  // Must not be longer than 253 characters and may contain one or more
+  // DNS sub-domains separated by slashes.
+  //
+  // +required
+  optional string pool = 3;
+
+  // Device references one device instance via its name in the driver's
+  // resource pool. It must be a DNS label.
+  //
+  // +required
+  optional string device = 4;
+
+  // AdminAccess indicates that this device was allocated for
+  // administrative access. See the corresponding request field
+  // for a definition of mode.
+  //
+  // This is an alpha field and requires enabling the DRAAdminAccess
+  // feature gate. Admin access is disabled if this field is unset or
+  // set to false, otherwise it is enabled.
+  //
+  // +optional
+  // +featureGate=DRAAdminAccess
+  optional bool adminAccess = 5;
+
+  // A copy of all tolerations specified in the request at the time
+  // when the device got allocated.
+  //
+  // The maximum number of tolerations is 16.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceToleration tolerations = 6;
+}
+
+// DeviceSelector must have exactly one field set.
+message DeviceSelector {
+  // CEL contains a CEL expression for selecting a device.
+  //
+  // +optional
+  // +oneOf=SelectorType
+  optional CELDeviceSelector cel = 1;
+}
+
+// DeviceSubRequest describes a request for device provided in the
+// claim.spec.devices.requests[].firstAvailable array. Each
+// is typically a request for a single resource like a device, but can
+// also ask for several identical devices.
+//
+// DeviceSubRequest is similar to ExactDeviceRequest, but doesn't expose the
+// AdminAccess field as that one is only supported when requesting a
+// specific device.
+message DeviceSubRequest {
+  // Name can be used to reference this subrequest in the list of constraints
+  // or the list of configurations for the claim. References must use the
+  // format <main request>/<subrequest>.
+  //
+  // Must be a DNS label.
+  //
+  // +required
+  optional string name = 1;
+
+  // DeviceClassName references a specific DeviceClass, which can define
+  // additional configuration and selectors to be inherited by this
+  // subrequest.
+  //
+  // A class is required. Which classes are available depends on the cluster.
+  //
+  // Administrators may use this to restrict which devices may get
+  // requested by only installing classes with selectors for permitted
+  // devices. If users are free to request anything without restrictions,
+  // then administrators can create an empty DeviceClass for users
+  // to reference.
+  //
+  // +required
+  optional string deviceClassName = 2;
+
+  // Selectors define criteria which must be satisfied by a specific
+  // device in order for that device to be considered for this
+  // subrequest. All selectors must be satisfied for a device to be
+  // considered.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceSelector selectors = 3;
+
+  // AllocationMode and its related fields define how devices are allocated
+  // to satisfy this subrequest. Supported values are:
+  //
+  // - ExactCount: This request is for a specific number of devices.
+  //   This is the default. The exact number is provided in the
+  //   count field.
+  //
+  // - All: This subrequest is for all of the matching devices in a pool.
+  //   Allocation will fail if some devices are already allocated,
+  //   unless adminAccess is requested.
+  //
+  // If AllocationMode is not specified, the default mode is ExactCount. If
+  // the mode is ExactCount and count is not specified, the default count is
+  // one. Any other subrequests must specify this field.
+  //
+  // More modes may get added in the future. Clients must refuse to handle
+  // requests with unknown modes.
+  //
+  // +optional
+  optional string allocationMode = 4;
+
+  // Count is used only when the count mode is "ExactCount". Must be greater than zero.
+  // If AllocationMode is ExactCount and this field is not specified, the default is one.
+  //
+  // +optional
+  // +oneOf=AllocationMode
+  optional int64 count = 5;
+
+  // If specified, the request's tolerations.
+  //
+  // Tolerations for NoSchedule are required to allocate a
+  // device which has a taint with that effect. The same applies
+  // to NoExecute.
+  //
+  // In addition, should any of the allocated devices get tainted
+  // with NoExecute after allocation and that effect is not tolerated,
+  // then all pods consuming the ResourceClaim get deleted to evict
+  // them. The scheduler will not let new pods reserve the claim while
+  // it has these tainted devices. Once all pods are evicted, the
+  // claim will get deallocated.
+  //
+  // The maximum number of tolerations is 16.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceToleration tolerations = 6;
+}
+
+// The device this taint is attached to has the "effect" on
+// any claim which does not tolerate the taint and, through the claim,
+// to pods using the claim.
+//
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+message DeviceTaint {
+  // The taint key to be applied to a device.
+  // Must be a label name.
+  //
+  // +required
+  optional string key = 1;
+
+  // The taint value corresponding to the taint key.
+  // Must be a label value.
+  //
+  // +optional
+  optional string value = 2;
+
+  // The effect of the taint on claims that do not tolerate the taint
+  // and through such claims on the pods using them.
+  // Valid effects are NoSchedule and NoExecute. PreferNoSchedule as used for
+  // nodes is not valid here.
+  //
+  // +required
+  optional string effect = 3;
+
+  // TimeAdded represents the time at which the taint was added.
+  // Added automatically during create or update if not set.
+  //
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.Time timeAdded = 4;
+}
+
+// The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches
+// the triple <key,value,effect> using the matching operator <operator>.
+message DeviceToleration {
+  // Key is the taint key that the toleration applies to. Empty means match all taint keys.
+  // If the key is empty, operator must be Exists; this combination means to match all values and all keys.
+  // Must be a label name.
+  //
+  // +optional
+  optional string key = 1;
+
+  // Operator represents a key's relationship to the value.
+  // Valid operators are Exists and Equal. Defaults to Equal.
+  // Exists is equivalent to wildcard for value, so that a ResourceClaim can
+  // tolerate all taints of a particular category.
+  //
+  // +optional
+  // +default="Equal"
+  optional string operator = 2;
+
+  // Value is the taint value the toleration matches to.
+  // If the operator is Exists, the value must be empty, otherwise just a regular string.
+  // Must be a label value.
+  //
+  // +optional
+  optional string value = 3;
+
+  // Effect indicates the taint effect to match. Empty means match all taint effects.
+  // When specified, allowed values are NoSchedule and NoExecute.
+  //
+  // +optional
+  optional string effect = 4;
+
+  // TolerationSeconds represents the period of time the toleration (which must be
+  // of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
+  // it is not set, which means tolerate the taint forever (do not evict). Zero and
+  // negative values will be treated as 0 (evict immediately) by the system.
+  // If larger than zero, the time when the pod needs to be evicted is calculated as <time when
+  // taint was adedd> + <toleration seconds>.
+  //
+  // +optional
+  optional int64 tolerationSeconds = 5;
+}
+
+// ExactDeviceRequest is a request for one or more identical devices.
+message ExactDeviceRequest {
+  // DeviceClassName references a specific DeviceClass, which can define
+  // additional configuration and selectors to be inherited by this
+  // request.
+  //
+  // A DeviceClassName is required.
+  //
+  // Administrators may use this to restrict which devices may get
+  // requested by only installing classes with selectors for permitted
+  // devices. If users are free to request anything without restrictions,
+  // then administrators can create an empty DeviceClass for users
+  // to reference.
+  //
+  // +required
+  optional string deviceClassName = 1;
+
+  // Selectors define criteria which must be satisfied by a specific
+  // device in order for that device to be considered for this
+  // request. All selectors must be satisfied for a device to be
+  // considered.
+  //
+  // +optional
+  // +listType=atomic
+  repeated DeviceSelector selectors = 2;
+
+  // AllocationMode and its related fields define how devices are allocated
+  // to satisfy this request. Supported values are:
+  //
+  // - ExactCount: This request is for a specific number of devices.
+  //   This is the default. The exact number is provided in the
+  //   count field.
+  //
+  // - All: This request is for all of the matching devices in a pool.
+  //   At least one device must exist on the node for the allocation to succeed.
+  //   Allocation will fail if some devices are already allocated,
+  //   unless adminAccess is requested.
+  //
+  // If AllocationMode is not specified, the default mode is ExactCount. If
+  // the mode is ExactCount and count is not specified, the default count is
+  // one. Any other requests must specify this field.
+  //
+  // More modes may get added in the future. Clients must refuse to handle
+  // requests with unknown modes.
+  //
+  // +optional
+  optional string allocationMode = 3;
+
+  // Count is used only when the count mode is "ExactCount". Must be greater than zero.
+  // If AllocationMode is ExactCount and this field is not specified, the default is one.
+  //
+  // +optional
+  // +oneOf=AllocationMode
+  optional int64 count = 4;
+
+  // AdminAccess indicates that this is a claim for administrative access
+  // to the device(s). Claims with AdminAccess are expected to be used for
+  // monitoring or other management services for a device.  They ignore
+  // all ordinary claims to the device with respect to access modes and
+  // any resource allocations.
+  //
+  // This is an alpha field and requires enabling the DRAAdminAccess
+  // feature gate. Admin access is disabled if this field is unset or
+  // set to false, otherwise it is enabled.
+  //
+  // +optional
+  // +featureGate=DRAAdminAccess
+  optional bool adminAccess = 5;
+
+  // If specified, the request's tolerations.
+  //
+  // Tolerations for NoSchedule are required to allocate a
+  // device which has a taint with that effect. The same applies
+  // to NoExecute.
+  //
+  // In addition, should any of the allocated devices get tainted
+  // with NoExecute after allocation and that effect is not tolerated,
+  // then all pods consuming the ResourceClaim get deleted to evict
+  // them. The scheduler will not let new pods reserve the claim while
+  // it has these tainted devices. Once all pods are evicted, the
+  // claim will get deallocated.
+  //
+  // The maximum number of tolerations is 16.
+  //
+  // This is an alpha field and requires enabling the DRADeviceTaints
+  // feature gate.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRADeviceTaints
+  repeated DeviceToleration tolerations = 6;
+}
+
+// NetworkDeviceData provides network-related details for the allocated device.
+// This information may be filled by drivers or other components to configure
+// or identify the device within a network context.
+message NetworkDeviceData {
+  // InterfaceName specifies the name of the network interface associated with
+  // the allocated device. This might be the name of a physical or virtual
+  // network interface being configured in the pod.
+  //
+  // Must not be longer than 256 characters.
+  //
+  // +optional
+  optional string interfaceName = 1;
+
+  // IPs lists the network addresses assigned to the device's network interface.
+  // This can include both IPv4 and IPv6 addresses.
+  // The IPs are in the CIDR notation, which includes both the address and the
+  // associated subnet mask.
+  // e.g.: "192.0.2.5/24" for IPv4 and "2001:db8::5/64" for IPv6.
+  //
+  // +optional
+  // +listType=atomic
+  repeated string ips = 2;
+
+  // HardwareAddress represents the hardware address (e.g. MAC Address) of the device's network interface.
+  //
+  // Must not be longer than 128 characters.
+  //
+  // +optional
+  optional string hardwareAddress = 3;
+}
+
+// OpaqueDeviceConfiguration contains configuration parameters for a driver
+// in a format defined by the driver vendor.
+message OpaqueDeviceConfiguration {
+  // Driver is used to determine which kubelet plugin needs
+  // to be passed these configuration parameters.
+  //
+  // An admission policy provided by the driver developer could use this
+  // to decide whether it needs to validate them.
+  //
+  // Must be a DNS subdomain and should end with a DNS domain owned by the
+  // vendor of the driver.
+  //
+  // +required
+  optional string driver = 1;
+
+  // Parameters can contain arbitrary data. It is the responsibility of
+  // the driver developer to handle validation and versioning. Typically this
+  // includes self-identification and a version ("kind" + "apiVersion" for
+  // Kubernetes types), with conversion between different versions.
+  //
+  // The length of the raw data must be smaller or equal to 10 Ki.
+  //
+  // +required
+  optional .k8s.io.apimachinery.pkg.runtime.RawExtension parameters = 2;
+}
+
+// ResourceClaim describes a request for access to resources in the cluster,
+// for use by workloads. For example, if a workload needs an accelerator device
+// with specific properties, this is how that request is expressed. The status
+// stanza tracks whether this claim has been satisfied and what specific
+// resources have been allocated.
+//
+// This is an alpha type and requires enabling the DynamicResourceAllocation
+// feature gate.
+message ResourceClaim {
+  // Standard object metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // Spec describes what is being requested and how to configure it.
+  // The spec is immutable.
+  optional ResourceClaimSpec spec = 2;
+
+  // Status describes whether the claim is ready to use and what has been allocated.
+  // +optional
+  optional ResourceClaimStatus status = 3;
+}
+
+// ResourceClaimConsumerReference contains enough information to let you
+// locate the consumer of a ResourceClaim. The user must be a resource in the same
+// namespace as the ResourceClaim.
+message ResourceClaimConsumerReference {
+  // APIGroup is the group for the resource being referenced. It is
+  // empty for the core API. This matches the group in the APIVersion
+  // that is used when creating the resources.
+  // +optional
+  optional string apiGroup = 1;
+
+  // Resource is the type of resource being referenced, for example "pods".
+  // +required
+  optional string resource = 3;
+
+  // Name is the name of resource being referenced.
+  // +required
+  optional string name = 4;
+
+  // UID identifies exactly one incarnation of the resource.
+  // +required
+  optional string uid = 5;
+}
+
+// ResourceClaimList is a collection of claims.
+message ResourceClaimList {
+  // Standard list metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // Items is the list of resource claims.
+  repeated ResourceClaim items = 2;
+}
+
+// ResourceClaimSpec defines what is being requested in a ResourceClaim and how to configure it.
+message ResourceClaimSpec {
+  // Devices defines how to request devices.
+  //
+  // +optional
+  optional DeviceClaim devices = 1;
+}
+
+// ResourceClaimStatus tracks whether the resource has been allocated and what
+// the result of that was.
+message ResourceClaimStatus {
+  // Allocation is set once the claim has been allocated successfully.
+  //
+  // +optional
+  optional AllocationResult allocation = 1;
+
+  // ReservedFor indicates which entities are currently allowed to use
+  // the claim. A Pod which references a ResourceClaim which is not
+  // reserved for that Pod will not be started. A claim that is in
+  // use or might be in use because it has been reserved must not get
+  // deallocated.
+  //
+  // In a cluster with multiple scheduler instances, two pods might get
+  // scheduled concurrently by different schedulers. When they reference
+  // the same ResourceClaim which already has reached its maximum number
+  // of consumers, only one pod can be scheduled.
+  //
+  // Both schedulers try to add their pod to the claim.status.reservedFor
+  // field, but only the update that reaches the API server first gets
+  // stored. The other one fails with an error and the scheduler
+  // which issued it knows that it must put the pod back into the queue,
+  // waiting for the ResourceClaim to become usable again.
+  //
+  // There can be at most 256 such reservations. This may get increased in
+  // the future, but not reduced.
+  //
+  // +optional
+  // +listType=map
+  // +listMapKey=uid
+  // +patchStrategy=merge
+  // +patchMergeKey=uid
+  repeated ResourceClaimConsumerReference reservedFor = 2;
+
+  // Devices contains the status of each device allocated for this
+  // claim, as reported by the driver. This can include driver-specific
+  // information. Entries are owned by their respective drivers.
+  //
+  // +optional
+  // +listType=map
+  // +listMapKey=driver
+  // +listMapKey=device
+  // +listMapKey=pool
+  // +featureGate=DRAResourceClaimDeviceStatus
+  repeated AllocatedDeviceStatus devices = 4;
+}
+
+// ResourceClaimTemplate is used to produce ResourceClaim objects.
+//
+// This is an alpha type and requires enabling the DynamicResourceAllocation
+// feature gate.
+message ResourceClaimTemplate {
+  // Standard object metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // Describes the ResourceClaim that is to be generated.
+  //
+  // This field is immutable. A ResourceClaim will get created by the
+  // control plane for a Pod when needed and then not get updated
+  // anymore.
+  optional ResourceClaimTemplateSpec spec = 2;
+}
+
+// ResourceClaimTemplateList is a collection of claim templates.
+message ResourceClaimTemplateList {
+  // Standard list metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // Items is the list of resource claim templates.
+  repeated ResourceClaimTemplate items = 2;
+}
+
+// ResourceClaimTemplateSpec contains the metadata and fields for a ResourceClaim.
+message ResourceClaimTemplateSpec {
+  // ObjectMeta may contain labels and annotations that will be copied into the ResourceClaim
+  // when creating it. No other fields are allowed and will be rejected during
+  // validation.
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // Spec for the ResourceClaim. The entire content is copied unchanged
+  // into the ResourceClaim that gets created from this template. The
+  // same fields as in a ResourceClaim are also valid here.
+  optional ResourceClaimSpec spec = 2;
+}
+
+// ResourcePool describes the pool that ResourceSlices belong to.
+message ResourcePool {
+  // Name is used to identify the pool. For node-local devices, this
+  // is often the node name, but this is not required.
+  //
+  // It must not be longer than 253 characters and must consist of one or more DNS sub-domains
+  // separated by slashes. This field is immutable.
+  //
+  // +required
+  optional string name = 1;
+
+  // Generation tracks the change in a pool over time. Whenever a driver
+  // changes something about one or more of the resources in a pool, it
+  // must change the generation in all ResourceSlices which are part of
+  // that pool. Consumers of ResourceSlices should only consider
+  // resources from the pool with the highest generation number. The
+  // generation may be reset by drivers, which should be fine for
+  // consumers, assuming that all ResourceSlices in a pool are updated to
+  // match or deleted.
+  //
+  // Combined with ResourceSliceCount, this mechanism enables consumers to
+  // detect pools which are comprised of multiple ResourceSlices and are
+  // in an incomplete state.
+  //
+  // +required
+  optional int64 generation = 2;
+
+  // ResourceSliceCount is the total number of ResourceSlices in the pool at this
+  // generation number. Must be greater than zero.
+  //
+  // Consumers can use this to check whether they have seen all ResourceSlices
+  // belonging to the same pool.
+  //
+  // +required
+  optional int64 resourceSliceCount = 3;
+}
+
+// ResourceSlice represents one or more resources in a pool of similar resources,
+// managed by a common driver. A pool may span more than one ResourceSlice, and exactly how many
+// ResourceSlices comprise a pool is determined by the driver.
+//
+// At the moment, the only supported resources are devices with attributes and capacities.
+// Each device in a given pool, regardless of how many ResourceSlices, must have a unique name.
+// The ResourceSlice in which a device gets published may change over time. The unique identifier
+// for a device is the tuple <driver name>, <pool name>, <device name>.
+//
+// Whenever a driver needs to update a pool, it increments the pool.Spec.Pool.Generation number
+// and updates all ResourceSlices with that new number and new resource definitions. A consumer
+// must only use ResourceSlices with the highest generation number and ignore all others.
+//
+// When allocating all resources in a pool matching certain criteria or when
+// looking for the best solution among several different alternatives, a
+// consumer should check the number of ResourceSlices in a pool (included in
+// each ResourceSlice) to determine whether its view of a pool is complete and
+// if not, should wait until the driver has completed updating the pool.
+//
+// For resources that are not local to a node, the node name is not set. Instead,
+// the driver may use a node selector to specify where the devices are available.
+//
+// This is an alpha type and requires enabling the DynamicResourceAllocation
+// feature gate.
+message ResourceSlice {
+  // Standard object metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
+
+  // Contains the information published by the driver.
+  //
+  // Changing the spec automatically increments the metadata.generation number.
+  optional ResourceSliceSpec spec = 2;
+}
+
+// ResourceSliceList is a collection of ResourceSlices.
+message ResourceSliceList {
+  // Standard list metadata
+  // +optional
+  optional .k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
+
+  // Items is the list of resource ResourceSlices.
+  repeated ResourceSlice items = 2;
+}
+
+// ResourceSliceSpec contains the information published by the driver in one ResourceSlice.
+message ResourceSliceSpec {
+  // Driver identifies the DRA driver providing the capacity information.
+  // A field selector can be used to list only ResourceSlice
+  // objects with a certain driver name.
+  //
+  // Must be a DNS subdomain and should end with a DNS domain owned by the
+  // vendor of the driver. This field is immutable.
+  //
+  // +required
+  optional string driver = 1;
+
+  // Pool describes the pool that this ResourceSlice belongs to.
+  //
+  // +required
+  optional ResourcePool pool = 2;
+
+  // NodeName identifies the node which provides the resources in this pool.
+  // A field selector can be used to list only ResourceSlice
+  // objects belonging to a certain node.
+  //
+  // This field can be used to limit access from nodes to ResourceSlices with
+  // the same node name. It also indicates to autoscalers that adding
+  // new nodes of the same type as some old node might also make new
+  // resources available.
+  //
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+  // This field is immutable.
+  //
+  // +optional
+  // +oneOf=NodeSelection
+  optional string nodeName = 3;
+
+  // NodeSelector defines which nodes have access to the resources in the pool,
+  // when that pool is not limited to a single node.
+  //
+  // Must use exactly one term.
+  //
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+  //
+  // +optional
+  // +oneOf=NodeSelection
+  optional .k8s.io.api.core.v1.NodeSelector nodeSelector = 4;
+
+  // AllNodes indicates that all nodes have access to the resources in the pool.
+  //
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+  //
+  // +optional
+  // +oneOf=NodeSelection
+  optional bool allNodes = 5;
+
+  // Devices lists some or all of the devices in this pool.
+  //
+  // Must not have more than 128 entries.
+  //
+  // +optional
+  // +listType=atomic
+  repeated Device devices = 6;
+
+  // PerDeviceNodeSelection defines whether the access from nodes to
+  // resources in the pool is set on the ResourceSlice level or on each
+  // device. If it is set to true, every device defined the ResourceSlice
+  // must specify this individually.
+  //
+  // Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+  //
+  // +optional
+  // +oneOf=NodeSelection
+  // +featureGate=DRAPartitionableDevices
+  optional bool perDeviceNodeSelection = 7;
+
+  // SharedCounters defines a list of counter sets, each of which
+  // has a name and a list of counters available.
+  //
+  // The names of the SharedCounters must be unique in the ResourceSlice.
+  //
+  // The maximum number of counters in all sets is 32.
+  //
+  // +optional
+  // +listType=atomic
+  // +featureGate=DRAPartitionableDevices
+  repeated CounterSet sharedCounters = 8;
+}
+
diff --git a/vendor/k8s.io/api/resource/v1beta2/register.go b/vendor/k8s.io/api/resource/v1beta2/register.go
new file mode 100644
index 0000000000..5e676a0549
--- /dev/null
+++ b/vendor/k8s.io/api/resource/v1beta2/register.go
@@ -0,0 +1,60 @@
+/*
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta2
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName is the group name use in this package
+const GroupName = "resource.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta2"}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	// We only register manually written functions here. The registration of the
+	// generated functions takes place in the generated files. The separation
+	// makes the code compile even when the generated files are missing.
+	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+	AddToScheme   = SchemeBuilder.AddToScheme
+)
+
+// Adds the list of known types to the given scheme.
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&DeviceClass{},
+		&DeviceClassList{},
+		&ResourceClaim{},
+		&ResourceClaimList{},
+		&ResourceClaimTemplate{},
+		&ResourceClaimTemplateList{},
+		&ResourceSlice{},
+		&ResourceSliceList{},
+	)
+
+	// Add the watch version that applies
+	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
+	return nil
+}
diff --git a/vendor/k8s.io/api/resource/v1beta2/types.go b/vendor/k8s.io/api/resource/v1beta2/types.go
new file mode 100644
index 0000000000..0d8d42a085
--- /dev/null
+++ b/vendor/k8s.io/api/resource/v1beta2/types.go
@@ -0,0 +1,1552 @@
+/*
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta2
+
+import (
+	v1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/validation"
+)
+
+const (
+	// Finalizer is the finalizer that gets set for claims
+	// which were allocated through a builtin controller.
+	// Reserved for use by Kubernetes, DRA driver controllers must
+	// use their own finalizer.
+	Finalizer = "resource.kubernetes.io/delete-protection"
+)
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// ResourceSlice represents one or more resources in a pool of similar resources,
+// managed by a common driver. A pool may span more than one ResourceSlice, and exactly how many
+// ResourceSlices comprise a pool is determined by the driver.
+//
+// At the moment, the only supported resources are devices with attributes and capacities.
+// Each device in a given pool, regardless of how many ResourceSlices, must have a unique name.
+// The ResourceSlice in which a device gets published may change over time. The unique identifier
+// for a device is the tuple <driver name>, <pool name>, <device name>.
+//
+// Whenever a driver needs to update a pool, it increments the pool.Spec.Pool.Generation number
+// and updates all ResourceSlices with that new number and new resource definitions. A consumer
+// must only use ResourceSlices with the highest generation number and ignore all others.
+//
+// When allocating all resources in a pool matching certain criteria or when
+// looking for the best solution among several different alternatives, a
+// consumer should check the number of ResourceSlices in a pool (included in
+// each ResourceSlice) to determine whether its view of a pool is complete and
+// if not, should wait until the driver has completed updating the pool.
+//
+// For resources that are not local to a node, the node name is not set. Instead,
+// the driver may use a node selector to specify where the devices are available.
+//
+// This is an alpha type and requires enabling the DynamicResourceAllocation
+// feature gate.
+type ResourceSlice struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard object metadata
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Contains the information published by the driver.
+	//
+	// Changing the spec automatically increments the metadata.generation number.
+	Spec ResourceSliceSpec `json:"spec" protobuf:"bytes,2,name=spec"`
+}
+
+const (
+	// ResourceSliceSelectorNodeName can be used in a [metav1.ListOptions]
+	// field selector to filter based on [ResourceSliceSpec.NodeName].
+	ResourceSliceSelectorNodeName = "spec.nodeName"
+	// ResourceSliceSelectorDriver can be used in a [metav1.ListOptions]
+	// field selector to filter based on [ResourceSliceSpec.Driver].
+	ResourceSliceSelectorDriver = "spec.driver"
+)
+
+// ResourceSliceSpec contains the information published by the driver in one ResourceSlice.
+type ResourceSliceSpec struct {
+	// Driver identifies the DRA driver providing the capacity information.
+	// A field selector can be used to list only ResourceSlice
+	// objects with a certain driver name.
+	//
+	// Must be a DNS subdomain and should end with a DNS domain owned by the
+	// vendor of the driver. This field is immutable.
+	//
+	// +required
+	Driver string `json:"driver" protobuf:"bytes,1,name=driver"`
+
+	// Pool describes the pool that this ResourceSlice belongs to.
+	//
+	// +required
+	Pool ResourcePool `json:"pool" protobuf:"bytes,2,name=pool"`
+
+	// NodeName identifies the node which provides the resources in this pool.
+	// A field selector can be used to list only ResourceSlice
+	// objects belonging to a certain node.
+	//
+	// This field can be used to limit access from nodes to ResourceSlices with
+	// the same node name. It also indicates to autoscalers that adding
+	// new nodes of the same type as some old node might also make new
+	// resources available.
+	//
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+	// This field is immutable.
+	//
+	// +optional
+	// +oneOf=NodeSelection
+	NodeName *string `json:"nodeName,omitempty" protobuf:"bytes,3,opt,name=nodeName"`
+
+	// NodeSelector defines which nodes have access to the resources in the pool,
+	// when that pool is not limited to a single node.
+	//
+	// Must use exactly one term.
+	//
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+	//
+	// +optional
+	// +oneOf=NodeSelection
+	NodeSelector *v1.NodeSelector `json:"nodeSelector,omitempty" protobuf:"bytes,4,opt,name=nodeSelector"`
+
+	// AllNodes indicates that all nodes have access to the resources in the pool.
+	//
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+	//
+	// +optional
+	// +oneOf=NodeSelection
+	AllNodes *bool `json:"allNodes,omitempty" protobuf:"bytes,5,opt,name=allNodes"`
+
+	// Devices lists some or all of the devices in this pool.
+	//
+	// Must not have more than 128 entries.
+	//
+	// +optional
+	// +listType=atomic
+	Devices []Device `json:"devices" protobuf:"bytes,6,name=devices"`
+
+	// PerDeviceNodeSelection defines whether the access from nodes to
+	// resources in the pool is set on the ResourceSlice level or on each
+	// device. If it is set to true, every device defined the ResourceSlice
+	// must specify this individually.
+	//
+	// Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
+	//
+	// +optional
+	// +oneOf=NodeSelection
+	// +featureGate=DRAPartitionableDevices
+	PerDeviceNodeSelection *bool `json:"perDeviceNodeSelection,omitempty" protobuf:"bytes,7,name=perDeviceNodeSelection"`
+
+	// SharedCounters defines a list of counter sets, each of which
+	// has a name and a list of counters available.
+	//
+	// The names of the SharedCounters must be unique in the ResourceSlice.
+	//
+	// The maximum number of counters in all sets is 32.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRAPartitionableDevices
+	SharedCounters []CounterSet `json:"sharedCounters,omitempty" protobuf:"bytes,8,name=sharedCounters"`
+}
+
+// CounterSet defines a named set of counters
+// that are available to be used by devices defined in the
+// ResourceSlice.
+//
+// The counters are not allocatable by themselves, but
+// can be referenced by devices. When a device is allocated,
+// the portion of counters it uses will no longer be available for use
+// by other devices.
+type CounterSet struct {
+	// Name defines the name of the counter set.
+	// It must be a DNS label.
+	//
+	// +required
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+
+	// Counters defines the set of counters for this CounterSet
+	// The name of each counter must be unique in that set and must be a DNS label.
+	//
+	// The maximum number of counters in all sets is 32.
+	//
+	// +required
+	Counters map[string]Counter `json:"counters,omitempty" protobuf:"bytes,2,name=counters"`
+}
+
+// DriverNameMaxLength is the maximum valid length of a driver name in the
+// ResourceSliceSpec and other places. It's the same as for CSI driver names.
+const DriverNameMaxLength = 63
+
+// ResourcePool describes the pool that ResourceSlices belong to.
+type ResourcePool struct {
+	// Name is used to identify the pool. For node-local devices, this
+	// is often the node name, but this is not required.
+	//
+	// It must not be longer than 253 characters and must consist of one or more DNS sub-domains
+	// separated by slashes. This field is immutable.
+	//
+	// +required
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+
+	// Generation tracks the change in a pool over time. Whenever a driver
+	// changes something about one or more of the resources in a pool, it
+	// must change the generation in all ResourceSlices which are part of
+	// that pool. Consumers of ResourceSlices should only consider
+	// resources from the pool with the highest generation number. The
+	// generation may be reset by drivers, which should be fine for
+	// consumers, assuming that all ResourceSlices in a pool are updated to
+	// match or deleted.
+	//
+	// Combined with ResourceSliceCount, this mechanism enables consumers to
+	// detect pools which are comprised of multiple ResourceSlices and are
+	// in an incomplete state.
+	//
+	// +required
+	Generation int64 `json:"generation" protobuf:"bytes,2,name=generation"`
+
+	// ResourceSliceCount is the total number of ResourceSlices in the pool at this
+	// generation number. Must be greater than zero.
+	//
+	// Consumers can use this to check whether they have seen all ResourceSlices
+	// belonging to the same pool.
+	//
+	// +required
+	ResourceSliceCount int64 `json:"resourceSliceCount" protobuf:"bytes,3,name=resourceSliceCount"`
+}
+
+const ResourceSliceMaxSharedCapacity = 128
+const ResourceSliceMaxDevices = 128
+const PoolNameMaxLength = validation.DNS1123SubdomainMaxLength // Same as for a single node name.
+
+// Defines the max number of shared counters that can be specified
+// in a ResourceSlice. The number is summed up across all sets.
+const ResourceSliceMaxSharedCounters = 32
+
+// Device represents one individual hardware instance that can be selected based
+// on its attributes. Besides the name, exactly one field must be set.
+type Device struct {
+	// Name is unique identifier among all devices managed by
+	// the driver in the pool. It must be a DNS label.
+	//
+	// +required
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+
+	// Attributes defines the set of attributes for this device.
+	// The name of each attribute must be unique in that set.
+	//
+	// The maximum number of attributes and capacities combined is 32.
+	//
+	// +optional
+	Attributes map[QualifiedName]DeviceAttribute `json:"attributes,omitempty" protobuf:"bytes,2,rep,name=attributes"`
+
+	// Capacity defines the set of capacities for this device.
+	// The name of each capacity must be unique in that set.
+	//
+	// The maximum number of attributes and capacities combined is 32.
+	//
+	// +optional
+	Capacity map[QualifiedName]DeviceCapacity `json:"capacity,omitempty" protobuf:"bytes,3,rep,name=capacity"`
+
+	// ConsumesCounters defines a list of references to sharedCounters
+	// and the set of counters that the device will
+	// consume from those counter sets.
+	//
+	// There can only be a single entry per counterSet.
+	//
+	// The total number of device counter consumption entries
+	// must be <= 32. In addition, the total number in the
+	// entire ResourceSlice must be <= 1024 (for example,
+	// 64 devices with 16 counters each).
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRAPartitionableDevices
+	ConsumesCounters []DeviceCounterConsumption `json:"consumesCounters,omitempty" protobuf:"bytes,4,rep,name=consumesCounters"`
+
+	// NodeName identifies the node where the device is available.
+	//
+	// Must only be set if Spec.PerDeviceNodeSelection is set to true.
+	// At most one of NodeName, NodeSelector and AllNodes can be set.
+	//
+	// +optional
+	// +oneOf=DeviceNodeSelection
+	// +featureGate=DRAPartitionableDevices
+	NodeName *string `json:"nodeName,omitempty" protobuf:"bytes,5,opt,name=nodeName"`
+
+	// NodeSelector defines the nodes where the device is available.
+	//
+	// Must use exactly one term.
+	//
+	// Must only be set if Spec.PerDeviceNodeSelection is set to true.
+	// At most one of NodeName, NodeSelector and AllNodes can be set.
+	//
+	// +optional
+	// +oneOf=DeviceNodeSelection
+	// +featureGate=DRAPartitionableDevices
+	NodeSelector *v1.NodeSelector `json:"nodeSelector,omitempty" protobuf:"bytes,6,opt,name=nodeSelector"`
+
+	// AllNodes indicates that all nodes have access to the device.
+	//
+	// Must only be set if Spec.PerDeviceNodeSelection is set to true.
+	// At most one of NodeName, NodeSelector and AllNodes can be set.
+	//
+	// +optional
+	// +oneOf=DeviceNodeSelection
+	// +featureGate=DRAPartitionableDevices
+	AllNodes *bool `json:"allNodes,omitempty" protobuf:"bytes,7,opt,name=allNodes"`
+
+	// If specified, these are the driver-defined taints.
+	//
+	// The maximum number of taints is 4.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Taints []DeviceTaint `json:"taints,omitempty" protobuf:"bytes,8,rep,name=taints"`
+}
+
+// DeviceCounterConsumption defines a set of counters that
+// a device will consume from a CounterSet.
+type DeviceCounterConsumption struct {
+	// CounterSet is the name of the set from which the
+	// counters defined will be consumed.
+	//
+	// +required
+	CounterSet string `json:"counterSet" protobuf:"bytes,1,opt,name=counterSet"`
+
+	// Counters defines the counters that will be consumed by the device.
+	//
+	// The maximum number counters in a device is 32.
+	// In addition, the maximum number of all counters
+	// in all devices is 1024 (for example, 64 devices with
+	// 16 counters each).
+	//
+	// +required
+	Counters map[string]Counter `json:"counters,omitempty" protobuf:"bytes,2,opt,name=counters"`
+}
+
+// DeviceCapacity describes a quantity associated with a device.
+type DeviceCapacity struct {
+	// Value defines how much of a certain device capacity is available.
+	//
+	// +required
+	Value resource.Quantity `json:"value" protobuf:"bytes,1,rep,name=value"`
+
+	// potential future addition: fields which define how to "consume"
+	// capacity (= share a single device between different consumers).
+}
+
+// Counter describes a quantity associated with a device.
+type Counter struct {
+	// Value defines how much of a certain device counter is available.
+	//
+	// +required
+	Value resource.Quantity `json:"value" protobuf:"bytes,1,rep,name=value"`
+}
+
+// Limit for the sum of the number of entries in both attributes and capacity.
+const ResourceSliceMaxAttributesAndCapacitiesPerDevice = 32
+
+// Limit for the total number of counters in each device.
+const ResourceSliceMaxCountersPerDevice = 32
+
+// Limit for the total number of counters defined in devices in
+// a ResourceSlice. We want to allow up to 64 devices to specify
+// up to 16 counters, so the limit for the ResourceSlice will be 1024.
+const ResourceSliceMaxDeviceCountersPerSlice = 1024 // 64 * 16
+
+// QualifiedName is the name of a device attribute or capacity.
+//
+// Attributes and capacities are defined either by the owner of the specific
+// driver (usually the vendor) or by some 3rd party (e.g. the Kubernetes
+// project). Because they are sometimes compared across devices, a given name
+// is expected to mean the same thing and have the same type on all devices.
+//
+// Names must be either a C identifier (e.g. "theName") or a DNS subdomain
+// followed by a slash ("/") followed by a C identifier
+// (e.g. "dra.example.com/theName"). Names which do not include the
+// domain prefix are assumed to be part of the driver's domain. Attributes
+// or capacities defined by 3rd parties must include the domain prefix.
+//
+// The maximum length for the DNS subdomain is 63 characters (same as
+// for driver names) and the maximum length of the C identifier
+// is 32.
+type QualifiedName string
+
+// FullyQualifiedName is a QualifiedName where the domain is set.
+type FullyQualifiedName string
+
+// DeviceMaxDomainLength is the maximum length of the domain prefix in a fully-qualified name.
+const DeviceMaxDomainLength = 63
+
+// DeviceMaxIDLength is the maximum length of the identifier in a device attribute or capacity name (`<domain>/<ID>`).
+const DeviceMaxIDLength = 32
+
+// DeviceAttribute must have exactly one field set.
+type DeviceAttribute struct {
+	// The Go field names below have a Value suffix to avoid a conflict between the
+	// field "String" and the corresponding method. That method is required.
+	// The Kubernetes API is defined without that suffix to keep it more natural.
+
+	// IntValue is a number.
+	//
+	// +optional
+	// +oneOf=ValueType
+	IntValue *int64 `json:"int,omitempty" protobuf:"varint,2,opt,name=int"`
+
+	// BoolValue is a true/false value.
+	//
+	// +optional
+	// +oneOf=ValueType
+	BoolValue *bool `json:"bool,omitempty" protobuf:"varint,3,opt,name=bool"`
+
+	// StringValue is a string. Must not be longer than 64 characters.
+	//
+	// +optional
+	// +oneOf=ValueType
+	StringValue *string `json:"string,omitempty" protobuf:"bytes,4,opt,name=string"`
+
+	// VersionValue is a semantic version according to semver.org spec 2.0.0.
+	// Must not be longer than 64 characters.
+	//
+	// +optional
+	// +oneOf=ValueType
+	VersionValue *string `json:"version,omitempty" protobuf:"bytes,5,opt,name=version"`
+}
+
+// DeviceAttributeMaxValueLength is the maximum length of a string or version attribute value.
+const DeviceAttributeMaxValueLength = 64
+
+// DeviceTaintsMaxLength is the maximum number of taints per device.
+const DeviceTaintsMaxLength = 4
+
+// The device this taint is attached to has the "effect" on
+// any claim which does not tolerate the taint and, through the claim,
+// to pods using the claim.
+//
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+type DeviceTaint struct {
+	// The taint key to be applied to a device.
+	// Must be a label name.
+	//
+	// +required
+	Key string `json:"key" protobuf:"bytes,1,name=key"`
+
+	// The taint value corresponding to the taint key.
+	// Must be a label value.
+	//
+	// +optional
+	Value string `json:"value,omitempty" protobuf:"bytes,2,opt,name=value"`
+
+	// The effect of the taint on claims that do not tolerate the taint
+	// and through such claims on the pods using them.
+	// Valid effects are NoSchedule and NoExecute. PreferNoSchedule as used for
+	// nodes is not valid here.
+	//
+	// +required
+	Effect DeviceTaintEffect `json:"effect" protobuf:"bytes,3,name=effect,casttype=DeviceTaintEffect"`
+
+	// ^^^^
+	//
+	// Implementing PreferNoSchedule would depend on a scoring solution for DRA.
+	// It might get added as part of that.
+
+	// TimeAdded represents the time at which the taint was added.
+	// Added automatically during create or update if not set.
+	//
+	// +optional
+	TimeAdded *metav1.Time `json:"timeAdded,omitempty" protobuf:"bytes,4,opt,name=timeAdded"`
+
+	// ^^^
+	//
+	// This field was defined as "It is only written for NoExecute taints." for node taints.
+	// But in practice, Kubernetes never did anything with it (no validation, no defaulting,
+	// ignored during pod eviction in pkg/controller/tainteviction).
+}
+
+// +enum
+type DeviceTaintEffect string
+
+const (
+	// Do not allow new pods to schedule which use a tainted device unless they tolerate the taint,
+	// but allow all pods submitted to Kubelet without going through the scheduler
+	// to start, and allow all already-running pods to continue running.
+	DeviceTaintEffectNoSchedule DeviceTaintEffect = "NoSchedule"
+
+	// Evict any already-running pods that do not tolerate the device taint.
+	DeviceTaintEffectNoExecute DeviceTaintEffect = "NoExecute"
+)
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// ResourceSliceList is a collection of ResourceSlices.
+type ResourceSliceList struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard list metadata
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Items is the list of resource ResourceSlices.
+	Items []ResourceSlice `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// ResourceClaim describes a request for access to resources in the cluster,
+// for use by workloads. For example, if a workload needs an accelerator device
+// with specific properties, this is how that request is expressed. The status
+// stanza tracks whether this claim has been satisfied and what specific
+// resources have been allocated.
+//
+// This is an alpha type and requires enabling the DynamicResourceAllocation
+// feature gate.
+type ResourceClaim struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard object metadata
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Spec describes what is being requested and how to configure it.
+	// The spec is immutable.
+	Spec ResourceClaimSpec `json:"spec" protobuf:"bytes,2,name=spec"`
+
+	// Status describes whether the claim is ready to use and what has been allocated.
+	// +optional
+	Status ResourceClaimStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
+}
+
+// ResourceClaimSpec defines what is being requested in a ResourceClaim and how to configure it.
+type ResourceClaimSpec struct {
+	// Devices defines how to request devices.
+	//
+	// +optional
+	Devices DeviceClaim `json:"devices" protobuf:"bytes,1,name=devices"`
+
+	// Controller is tombstoned since Kubernetes 1.32 where
+	// it got removed. May be reused once decoding v1alpha3 is no longer
+	// supported.
+	// Controller string `json:"controller,omitempty" protobuf:"bytes,2,opt,name=controller"`
+}
+
+// DeviceClaim defines how to request devices with a ResourceClaim.
+type DeviceClaim struct {
+	// Requests represent individual requests for distinct devices which
+	// must all be satisfied. If empty, nothing needs to be allocated.
+	//
+	// +optional
+	// +listType=atomic
+	Requests []DeviceRequest `json:"requests" protobuf:"bytes,1,name=requests"`
+
+	// These constraints must be satisfied by the set of devices that get
+	// allocated for the claim.
+	//
+	// +optional
+	// +listType=atomic
+	Constraints []DeviceConstraint `json:"constraints,omitempty" protobuf:"bytes,2,opt,name=constraints"`
+
+	// This field holds configuration for multiple potential drivers which
+	// could satisfy requests in this claim. It is ignored while allocating
+	// the claim.
+	//
+	// +optional
+	// +listType=atomic
+	Config []DeviceClaimConfiguration `json:"config,omitempty" protobuf:"bytes,3,opt,name=config"`
+
+	// Potential future extension, ignored by older schedulers. This is
+	// fine because scoring allows users to define a preference, without
+	// making it a hard requirement.
+	//
+	// Score *SomeScoringStruct
+}
+
+const (
+	DeviceRequestsMaxSize    = AllocationResultsMaxSize
+	DeviceConstraintsMaxSize = 32
+	DeviceConfigMaxSize      = 32
+)
+
+// DRAAdminNamespaceLabelKey is a label key used to grant administrative access
+// to certain resource.k8s.io API types within a namespace. When this label is
+// set on a namespace with the value "true" (case-sensitive), it allows the use
+// of adminAccess: true in any namespaced resource.k8s.io API types. Currently,
+// this permission applies to ResourceClaim and ResourceClaimTemplate objects.
+const (
+	DRAAdminNamespaceLabelKey = "resource.k8s.io/admin-access"
+)
+
+// DeviceRequest is a request for devices required for a claim.
+// This is typically a request for a single resource like a device, but can
+// also ask for several identical devices. With FirstAvailable it is also
+// possible to provide a prioritized list of requests.
+type DeviceRequest struct {
+	// Name can be used to reference this request in a pod.spec.containers[].resources.claims
+	// entry and in a constraint of the claim.
+	//
+	// References using the name in the DeviceRequest will uniquely
+	// identify a request when the Exactly field is set. When the
+	// FirstAvailable field is set, a reference to the name of the
+	// DeviceRequest will match whatever subrequest is chosen by the
+	// scheduler.
+	//
+	// Must be a DNS label.
+	//
+	// +required
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+
+	// Exactly specifies the details for a single request that must
+	// be met exactly for the request to be satisfied.
+	//
+	// One of Exactly or FirstAvailable must be set.
+	//
+	// +optional
+	// +oneOf=deviceRequestType
+	Exactly *ExactDeviceRequest `json:"exactly,omitempty" protobuf:"bytes,2,name=exactly"`
+
+	// FirstAvailable contains subrequests, of which exactly one will be
+	// selected by the scheduler. It tries to
+	// satisfy them in the order in which they are listed here. So if
+	// there are two entries in the list, the scheduler will only check
+	// the second one if it determines that the first one can not be used.
+	//
+	// DRA does not yet implement scoring, so the scheduler will
+	// select the first set of devices that satisfies all the
+	// requests in the claim. And if the requirements can
+	// be satisfied on more than one node, other scheduling features
+	// will determine which node is chosen. This means that the set of
+	// devices allocated to a claim might not be the optimal set
+	// available to the cluster. Scoring will be implemented later.
+	//
+	// +optional
+	// +oneOf=deviceRequestType
+	// +listType=atomic
+	// +featureGate=DRAPrioritizedList
+	FirstAvailable []DeviceSubRequest `json:"firstAvailable,omitempty" protobuf:"bytes,3,name=firstAvailable"`
+}
+
+// ExactDeviceRequest is a request for one or more identical devices.
+type ExactDeviceRequest struct {
+	// DeviceClassName references a specific DeviceClass, which can define
+	// additional configuration and selectors to be inherited by this
+	// request.
+	//
+	// A DeviceClassName is required.
+	//
+	// Administrators may use this to restrict which devices may get
+	// requested by only installing classes with selectors for permitted
+	// devices. If users are free to request anything without restrictions,
+	// then administrators can create an empty DeviceClass for users
+	// to reference.
+	//
+	// +required
+	DeviceClassName string `json:"deviceClassName" protobuf:"bytes,1,name=deviceClassName"`
+
+	// Selectors define criteria which must be satisfied by a specific
+	// device in order for that device to be considered for this
+	// request. All selectors must be satisfied for a device to be
+	// considered.
+	//
+	// +optional
+	// +listType=atomic
+	Selectors []DeviceSelector `json:"selectors,omitempty" protobuf:"bytes,2,name=selectors"`
+
+	// AllocationMode and its related fields define how devices are allocated
+	// to satisfy this request. Supported values are:
+	//
+	// - ExactCount: This request is for a specific number of devices.
+	//   This is the default. The exact number is provided in the
+	//   count field.
+	//
+	// - All: This request is for all of the matching devices in a pool.
+	//   At least one device must exist on the node for the allocation to succeed.
+	//   Allocation will fail if some devices are already allocated,
+	//   unless adminAccess is requested.
+	//
+	// If AllocationMode is not specified, the default mode is ExactCount. If
+	// the mode is ExactCount and count is not specified, the default count is
+	// one. Any other requests must specify this field.
+	//
+	// More modes may get added in the future. Clients must refuse to handle
+	// requests with unknown modes.
+	//
+	// +optional
+	AllocationMode DeviceAllocationMode `json:"allocationMode,omitempty" protobuf:"bytes,3,opt,name=allocationMode"`
+
+	// Count is used only when the count mode is "ExactCount". Must be greater than zero.
+	// If AllocationMode is ExactCount and this field is not specified, the default is one.
+	//
+	// +optional
+	// +oneOf=AllocationMode
+	Count int64 `json:"count,omitempty" protobuf:"bytes,4,opt,name=count"`
+
+	// AdminAccess indicates that this is a claim for administrative access
+	// to the device(s). Claims with AdminAccess are expected to be used for
+	// monitoring or other management services for a device.  They ignore
+	// all ordinary claims to the device with respect to access modes and
+	// any resource allocations.
+	//
+	// This is an alpha field and requires enabling the DRAAdminAccess
+	// feature gate. Admin access is disabled if this field is unset or
+	// set to false, otherwise it is enabled.
+	//
+	// +optional
+	// +featureGate=DRAAdminAccess
+	AdminAccess *bool `json:"adminAccess,omitempty" protobuf:"bytes,5,opt,name=adminAccess"`
+
+	// If specified, the request's tolerations.
+	//
+	// Tolerations for NoSchedule are required to allocate a
+	// device which has a taint with that effect. The same applies
+	// to NoExecute.
+	//
+	// In addition, should any of the allocated devices get tainted
+	// with NoExecute after allocation and that effect is not tolerated,
+	// then all pods consuming the ResourceClaim get deleted to evict
+	// them. The scheduler will not let new pods reserve the claim while
+	// it has these tainted devices. Once all pods are evicted, the
+	// claim will get deallocated.
+	//
+	// The maximum number of tolerations is 16.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Tolerations []DeviceToleration `json:"tolerations,omitempty" protobuf:"bytes,6,opt,name=tolerations"`
+}
+
+// DeviceSubRequest describes a request for device provided in the
+// claim.spec.devices.requests[].firstAvailable array. Each
+// is typically a request for a single resource like a device, but can
+// also ask for several identical devices.
+//
+// DeviceSubRequest is similar to ExactDeviceRequest, but doesn't expose the
+// AdminAccess field as that one is only supported when requesting a
+// specific device.
+type DeviceSubRequest struct {
+	// Name can be used to reference this subrequest in the list of constraints
+	// or the list of configurations for the claim. References must use the
+	// format <main request>/<subrequest>.
+	//
+	// Must be a DNS label.
+	//
+	// +required
+	Name string `json:"name" protobuf:"bytes,1,name=name"`
+
+	// DeviceClassName references a specific DeviceClass, which can define
+	// additional configuration and selectors to be inherited by this
+	// subrequest.
+	//
+	// A class is required. Which classes are available depends on the cluster.
+	//
+	// Administrators may use this to restrict which devices may get
+	// requested by only installing classes with selectors for permitted
+	// devices. If users are free to request anything without restrictions,
+	// then administrators can create an empty DeviceClass for users
+	// to reference.
+	//
+	// +required
+	DeviceClassName string `json:"deviceClassName" protobuf:"bytes,2,name=deviceClassName"`
+
+	// Selectors define criteria which must be satisfied by a specific
+	// device in order for that device to be considered for this
+	// subrequest. All selectors must be satisfied for a device to be
+	// considered.
+	//
+	// +optional
+	// +listType=atomic
+	Selectors []DeviceSelector `json:"selectors,omitempty" protobuf:"bytes,3,name=selectors"`
+
+	// AllocationMode and its related fields define how devices are allocated
+	// to satisfy this subrequest. Supported values are:
+	//
+	// - ExactCount: This request is for a specific number of devices.
+	//   This is the default. The exact number is provided in the
+	//   count field.
+	//
+	// - All: This subrequest is for all of the matching devices in a pool.
+	//   Allocation will fail if some devices are already allocated,
+	//   unless adminAccess is requested.
+	//
+	// If AllocationMode is not specified, the default mode is ExactCount. If
+	// the mode is ExactCount and count is not specified, the default count is
+	// one. Any other subrequests must specify this field.
+	//
+	// More modes may get added in the future. Clients must refuse to handle
+	// requests with unknown modes.
+	//
+	// +optional
+	AllocationMode DeviceAllocationMode `json:"allocationMode,omitempty" protobuf:"bytes,4,opt,name=allocationMode"`
+
+	// Count is used only when the count mode is "ExactCount". Must be greater than zero.
+	// If AllocationMode is ExactCount and this field is not specified, the default is one.
+	//
+	// +optional
+	// +oneOf=AllocationMode
+	Count int64 `json:"count,omitempty" protobuf:"bytes,5,opt,name=count"`
+
+	// If specified, the request's tolerations.
+	//
+	// Tolerations for NoSchedule are required to allocate a
+	// device which has a taint with that effect. The same applies
+	// to NoExecute.
+	//
+	// In addition, should any of the allocated devices get tainted
+	// with NoExecute after allocation and that effect is not tolerated,
+	// then all pods consuming the ResourceClaim get deleted to evict
+	// them. The scheduler will not let new pods reserve the claim while
+	// it has these tainted devices. Once all pods are evicted, the
+	// claim will get deallocated.
+	//
+	// The maximum number of tolerations is 16.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Tolerations []DeviceToleration `json:"tolerations,omitempty" protobuf:"bytes,6,opt,name=tolerations"`
+}
+
+const (
+	DeviceSelectorsMaxSize             = 32
+	FirstAvailableDeviceRequestMaxSize = 8
+	DeviceTolerationsMaxLength         = 16
+)
+
+type DeviceAllocationMode string
+
+// Valid [DeviceRequest.CountMode] values.
+const (
+	DeviceAllocationModeExactCount = DeviceAllocationMode("ExactCount")
+	DeviceAllocationModeAll        = DeviceAllocationMode("All")
+)
+
+// DeviceSelector must have exactly one field set.
+type DeviceSelector struct {
+	// CEL contains a CEL expression for selecting a device.
+	//
+	// +optional
+	// +oneOf=SelectorType
+	CEL *CELDeviceSelector `json:"cel,omitempty" protobuf:"bytes,1,opt,name=cel"`
+}
+
+// CELDeviceSelector contains a CEL expression for selecting a device.
+type CELDeviceSelector struct {
+	// Expression is a CEL expression which evaluates a single device. It
+	// must evaluate to true when the device under consideration satisfies
+	// the desired criteria, and false when it does not. Any other result
+	// is an error and causes allocation of devices to abort.
+	//
+	// The expression's input is an object named "device", which carries
+	// the following properties:
+	//  - driver (string): the name of the driver which defines this device.
+	//  - attributes (map[string]object): the device's attributes, grouped by prefix
+	//    (e.g. device.attributes["dra.example.com"] evaluates to an object with all
+	//    of the attributes which were prefixed by "dra.example.com".
+	//  - capacity (map[string]object): the device's capacities, grouped by prefix.
+	//
+	// Example: Consider a device with driver="dra.example.com", which exposes
+	// two attributes named "model" and "ext.example.com/family" and which
+	// exposes one capacity named "modules". This input to this expression
+	// would have the following fields:
+	//
+	//     device.driver
+	//     device.attributes["dra.example.com"].model
+	//     device.attributes["ext.example.com"].family
+	//     device.capacity["dra.example.com"].modules
+	//
+	// The device.driver field can be used to check for a specific driver,
+	// either as a high-level precondition (i.e. you only want to consider
+	// devices from this driver) or as part of a multi-clause expression
+	// that is meant to consider devices from different drivers.
+	//
+	// The value type of each attribute is defined by the device
+	// definition, and users who write these expressions must consult the
+	// documentation for their specific drivers. The value type of each
+	// capacity is Quantity.
+	//
+	// If an unknown prefix is used as a lookup in either device.attributes
+	// or device.capacity, an empty map will be returned. Any reference to
+	// an unknown field will cause an evaluation error and allocation to
+	// abort.
+	//
+	// A robust expression should check for the existence of attributes
+	// before referencing them.
+	//
+	// For ease of use, the cel.bind() function is enabled, and can be used
+	// to simplify expressions that access multiple attributes with the
+	// same domain. For example:
+	//
+	//     cel.bind(dra, device.attributes["dra.example.com"], dra.someBool && dra.anotherBool)
+	//
+	// The length of the expression must be smaller or equal to 10 Ki. The
+	// cost of evaluating it is also limited based on the estimated number
+	// of logical steps.
+	//
+	// +required
+	Expression string `json:"expression" protobuf:"bytes,1,name=expression"`
+}
+
+// CELSelectorExpressionMaxCost specifies the cost limit for a single CEL selector
+// evaluation.
+//
+// There is no overall budget for selecting a device, so the actual time
+// required for that is proportional to the number of CEL selectors and how
+// often they need to be evaluated, which can vary depending on several factors
+// (number of devices, cluster utilization, additional constraints).
+//
+// Validation against this limit and [CELSelectorExpressionMaxLength] happens
+// only when setting an expression for the first time or when changing it. If
+// the limits are changed in a future Kubernetes release, existing users are
+// guaranteed that existing expressions will continue to be valid.
+//
+// However, the kube-scheduler also applies this cost limit at runtime, so it
+// could happen that a valid expression fails at runtime after an up- or
+// downgrade. This can also happen without version skew when the cost estimate
+// underestimated the actual cost. That this might happen is the reason why
+// kube-scheduler enforces the runtime limit instead of relying on validation.
+//
+// According to
+// https://github.com/kubernetes/kubernetes/blob/4aeaf1e99e82da8334c0d6dddd848a194cd44b4f/staging/src/k8s.io/apiserver/pkg/apis/cel/config.go#L20-L22,
+// this gives roughly 0.1 second for each expression evaluation.
+// However, this depends on how fast the machine is.
+const CELSelectorExpressionMaxCost = 1000000
+
+// CELSelectorExpressionMaxLength is the maximum length of a CEL selector expression string.
+const CELSelectorExpressionMaxLength = 10 * 1024
+
+// DeviceConstraint must have exactly one field set besides Requests.
+type DeviceConstraint struct {
+	// Requests is a list of the one or more requests in this claim which
+	// must co-satisfy this constraint. If a request is fulfilled by
+	// multiple devices, then all of the devices must satisfy the
+	// constraint. If this is not specified, this constraint applies to all
+	// requests in this claim.
+	//
+	// References to subrequests must include the name of the main request
+	// and may include the subrequest using the format <main request>[/<subrequest>]. If just
+	// the main request is given, the constraint applies to all subrequests.
+	//
+	// +optional
+	// +listType=atomic
+	Requests []string `json:"requests,omitempty" protobuf:"bytes,1,opt,name=requests"`
+
+	// MatchAttribute requires that all devices in question have this
+	// attribute and that its type and value are the same across those
+	// devices.
+	//
+	// For example, if you specified "dra.example.com/numa" (a hypothetical example!),
+	// then only devices in the same NUMA node will be chosen. A device which
+	// does not have that attribute will not be chosen. All devices should
+	// use a value of the same type for this attribute because that is part of
+	// its specification, but if one device doesn't, then it also will not be
+	// chosen.
+	//
+	// Must include the domain qualifier.
+	//
+	// +optional
+	// +oneOf=ConstraintType
+	MatchAttribute *FullyQualifiedName `json:"matchAttribute,omitempty" protobuf:"bytes,2,opt,name=matchAttribute"`
+
+	// Potential future extension, not part of the current design:
+	// A CEL expression which compares different devices and returns
+	// true if they match.
+	//
+	// Because it would be part of a one-of, old schedulers will not
+	// accidentally ignore this additional, for them unknown match
+	// criteria.
+	//
+	// MatchExpression string
+}
+
+// DeviceClaimConfiguration is used for configuration parameters in DeviceClaim.
+type DeviceClaimConfiguration struct {
+	// Requests lists the names of requests where the configuration applies.
+	// If empty, it applies to all requests.
+	//
+	// References to subrequests must include the name of the main request
+	// and may include the subrequest using the format <main request>[/<subrequest>]. If just
+	// the main request is given, the configuration applies to all subrequests.
+	//
+	// +optional
+	// +listType=atomic
+	Requests []string `json:"requests,omitempty" protobuf:"bytes,1,opt,name=requests"`
+
+	DeviceConfiguration `json:",inline" protobuf:"bytes,2,name=deviceConfiguration"`
+}
+
+// DeviceConfiguration must have exactly one field set. It gets embedded
+// inline in some other structs which have other fields, so field names must
+// not conflict with those.
+type DeviceConfiguration struct {
+	// Opaque provides driver-specific configuration parameters.
+	//
+	// +optional
+	// +oneOf=ConfigurationType
+	Opaque *OpaqueDeviceConfiguration `json:"opaque,omitempty" protobuf:"bytes,1,opt,name=opaque"`
+}
+
+// OpaqueDeviceConfiguration contains configuration parameters for a driver
+// in a format defined by the driver vendor.
+type OpaqueDeviceConfiguration struct {
+	// Driver is used to determine which kubelet plugin needs
+	// to be passed these configuration parameters.
+	//
+	// An admission policy provided by the driver developer could use this
+	// to decide whether it needs to validate them.
+	//
+	// Must be a DNS subdomain and should end with a DNS domain owned by the
+	// vendor of the driver.
+	//
+	// +required
+	Driver string `json:"driver" protobuf:"bytes,1,name=driver"`
+
+	// Parameters can contain arbitrary data. It is the responsibility of
+	// the driver developer to handle validation and versioning. Typically this
+	// includes self-identification and a version ("kind" + "apiVersion" for
+	// Kubernetes types), with conversion between different versions.
+	//
+	// The length of the raw data must be smaller or equal to 10 Ki.
+	//
+	// +required
+	Parameters runtime.RawExtension `json:"parameters" protobuf:"bytes,2,name=parameters"`
+}
+
+// OpaqueParametersMaxLength is the maximum length of the raw data in an
+// [OpaqueDeviceConfiguration.Parameters] field.
+const OpaqueParametersMaxLength = 10 * 1024
+
+// The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches
+// the triple <key,value,effect> using the matching operator <operator>.
+type DeviceToleration struct {
+	// Key is the taint key that the toleration applies to. Empty means match all taint keys.
+	// If the key is empty, operator must be Exists; this combination means to match all values and all keys.
+	// Must be a label name.
+	//
+	// +optional
+	Key string `json:"key,omitempty" protobuf:"bytes,1,opt,name=key"`
+
+	// Operator represents a key's relationship to the value.
+	// Valid operators are Exists and Equal. Defaults to Equal.
+	// Exists is equivalent to wildcard for value, so that a ResourceClaim can
+	// tolerate all taints of a particular category.
+	//
+	// +optional
+	// +default="Equal"
+	Operator DeviceTolerationOperator `json:"operator,omitempty" protobuf:"bytes,2,opt,name=operator,casttype=DeviceTolerationOperator"`
+
+	// Value is the taint value the toleration matches to.
+	// If the operator is Exists, the value must be empty, otherwise just a regular string.
+	// Must be a label value.
+	//
+	// +optional
+	Value string `json:"value,omitempty" protobuf:"bytes,3,opt,name=value"`
+
+	// Effect indicates the taint effect to match. Empty means match all taint effects.
+	// When specified, allowed values are NoSchedule and NoExecute.
+	//
+	// +optional
+	Effect DeviceTaintEffect `json:"effect,omitempty" protobuf:"bytes,4,opt,name=effect,casttype=DeviceTaintEffect"`
+
+	// TolerationSeconds represents the period of time the toleration (which must be
+	// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
+	// it is not set, which means tolerate the taint forever (do not evict). Zero and
+	// negative values will be treated as 0 (evict immediately) by the system.
+	// If larger than zero, the time when the pod needs to be evicted is calculated as <time when
+	// taint was adedd> + <toleration seconds>.
+	//
+	// +optional
+	TolerationSeconds *int64 `json:"tolerationSeconds,omitempty" protobuf:"varint,5,opt,name=tolerationSeconds"`
+}
+
+// A toleration operator is the set of operators that can be used in a toleration.
+//
+// +enum
+type DeviceTolerationOperator string
+
+const (
+	DeviceTolerationOpExists DeviceTolerationOperator = "Exists"
+	DeviceTolerationOpEqual  DeviceTolerationOperator = "Equal"
+)
+
+// ResourceClaimStatus tracks whether the resource has been allocated and what
+// the result of that was.
+type ResourceClaimStatus struct {
+	// Allocation is set once the claim has been allocated successfully.
+	//
+	// +optional
+	Allocation *AllocationResult `json:"allocation,omitempty" protobuf:"bytes,1,opt,name=allocation"`
+
+	// ReservedFor indicates which entities are currently allowed to use
+	// the claim. A Pod which references a ResourceClaim which is not
+	// reserved for that Pod will not be started. A claim that is in
+	// use or might be in use because it has been reserved must not get
+	// deallocated.
+	//
+	// In a cluster with multiple scheduler instances, two pods might get
+	// scheduled concurrently by different schedulers. When they reference
+	// the same ResourceClaim which already has reached its maximum number
+	// of consumers, only one pod can be scheduled.
+	//
+	// Both schedulers try to add their pod to the claim.status.reservedFor
+	// field, but only the update that reaches the API server first gets
+	// stored. The other one fails with an error and the scheduler
+	// which issued it knows that it must put the pod back into the queue,
+	// waiting for the ResourceClaim to become usable again.
+	//
+	// There can be at most 256 such reservations. This may get increased in
+	// the future, but not reduced.
+	//
+	// +optional
+	// +listType=map
+	// +listMapKey=uid
+	// +patchStrategy=merge
+	// +patchMergeKey=uid
+	ReservedFor []ResourceClaimConsumerReference `json:"reservedFor,omitempty" protobuf:"bytes,2,opt,name=reservedFor" patchStrategy:"merge" patchMergeKey:"uid"`
+
+	// DeallocationRequested is tombstoned since Kubernetes 1.32 where
+	// it got removed. May be reused once decoding v1alpha3 is no longer
+	// supported.
+	// DeallocationRequested bool `json:"deallocationRequested,omitempty" protobuf:"bytes,3,opt,name=deallocationRequested"`
+
+	// Devices contains the status of each device allocated for this
+	// claim, as reported by the driver. This can include driver-specific
+	// information. Entries are owned by their respective drivers.
+	//
+	// +optional
+	// +listType=map
+	// +listMapKey=driver
+	// +listMapKey=device
+	// +listMapKey=pool
+	// +featureGate=DRAResourceClaimDeviceStatus
+	Devices []AllocatedDeviceStatus `json:"devices,omitempty" protobuf:"bytes,4,opt,name=devices"`
+}
+
+// ResourceClaimReservedForMaxSize is the maximum number of entries in
+// claim.status.reservedFor.
+const ResourceClaimReservedForMaxSize = 256
+
+// ResourceClaimConsumerReference contains enough information to let you
+// locate the consumer of a ResourceClaim. The user must be a resource in the same
+// namespace as the ResourceClaim.
+type ResourceClaimConsumerReference struct {
+	// APIGroup is the group for the resource being referenced. It is
+	// empty for the core API. This matches the group in the APIVersion
+	// that is used when creating the resources.
+	// +optional
+	APIGroup string `json:"apiGroup,omitempty" protobuf:"bytes,1,opt,name=apiGroup"`
+	// Resource is the type of resource being referenced, for example "pods".
+	// +required
+	Resource string `json:"resource" protobuf:"bytes,3,name=resource"`
+	// Name is the name of resource being referenced.
+	// +required
+	Name string `json:"name" protobuf:"bytes,4,name=name"`
+	// UID identifies exactly one incarnation of the resource.
+	// +required
+	UID types.UID `json:"uid" protobuf:"bytes,5,name=uid"`
+}
+
+// AllocationResult contains attributes of an allocated resource.
+type AllocationResult struct {
+	// Devices is the result of allocating devices.
+	//
+	// +optional
+	Devices DeviceAllocationResult `json:"devices,omitempty" protobuf:"bytes,1,opt,name=devices"`
+
+	// NodeSelector defines where the allocated resources are available. If
+	// unset, they are available everywhere.
+	//
+	// +optional
+	NodeSelector *v1.NodeSelector `json:"nodeSelector,omitempty" protobuf:"bytes,3,opt,name=nodeSelector"`
+
+	// Controller is tombstoned since Kubernetes 1.32 where
+	// it got removed. May be reused once decoding v1alpha3 is no longer
+	// supported.
+	// Controller string `json:"controller,omitempty" protobuf:"bytes,4,opt,name=controller"`
+}
+
+// DeviceAllocationResult is the result of allocating devices.
+type DeviceAllocationResult struct {
+	// Results lists all allocated devices.
+	//
+	// +optional
+	// +listType=atomic
+	Results []DeviceRequestAllocationResult `json:"results,omitempty" protobuf:"bytes,1,opt,name=results"`
+
+	// This field is a combination of all the claim and class configuration parameters.
+	// Drivers can distinguish between those based on a flag.
+	//
+	// This includes configuration parameters for drivers which have no allocated
+	// devices in the result because it is up to the drivers which configuration
+	// parameters they support. They can silently ignore unknown configuration
+	// parameters.
+	//
+	// +optional
+	// +listType=atomic
+	Config []DeviceAllocationConfiguration `json:"config,omitempty" protobuf:"bytes,2,opt,name=config"`
+}
+
+// AllocationResultsMaxSize represents the maximum number of
+// entries in allocation.devices.results.
+const AllocationResultsMaxSize = 32
+
+// DeviceRequestAllocationResult contains the allocation result for one request.
+type DeviceRequestAllocationResult struct {
+	// Request is the name of the request in the claim which caused this
+	// device to be allocated. If it references a subrequest in the
+	// firstAvailable list on a DeviceRequest, this field must
+	// include both the name of the main request and the subrequest
+	// using the format <main request>/<subrequest>.
+	//
+	// Multiple devices may have been allocated per request.
+	//
+	// +required
+	Request string `json:"request" protobuf:"bytes,1,name=request"`
+
+	// Driver specifies the name of the DRA driver whose kubelet
+	// plugin should be invoked to process the allocation once the claim is
+	// needed on a node.
+	//
+	// Must be a DNS subdomain and should end with a DNS domain owned by the
+	// vendor of the driver.
+	//
+	// +required
+	Driver string `json:"driver" protobuf:"bytes,2,name=driver"`
+
+	// This name together with the driver name and the device name field
+	// identify which device was allocated (`<driver name>/<pool name>/<device name>`).
+	//
+	// Must not be longer than 253 characters and may contain one or more
+	// DNS sub-domains separated by slashes.
+	//
+	// +required
+	Pool string `json:"pool" protobuf:"bytes,3,name=pool"`
+
+	// Device references one device instance via its name in the driver's
+	// resource pool. It must be a DNS label.
+	//
+	// +required
+	Device string `json:"device" protobuf:"bytes,4,name=device"`
+
+	// AdminAccess indicates that this device was allocated for
+	// administrative access. See the corresponding request field
+	// for a definition of mode.
+	//
+	// This is an alpha field and requires enabling the DRAAdminAccess
+	// feature gate. Admin access is disabled if this field is unset or
+	// set to false, otherwise it is enabled.
+	//
+	// +optional
+	// +featureGate=DRAAdminAccess
+	AdminAccess *bool `json:"adminAccess" protobuf:"bytes,5,name=adminAccess"`
+
+	// A copy of all tolerations specified in the request at the time
+	// when the device got allocated.
+	//
+	// The maximum number of tolerations is 16.
+	//
+	// This is an alpha field and requires enabling the DRADeviceTaints
+	// feature gate.
+	//
+	// +optional
+	// +listType=atomic
+	// +featureGate=DRADeviceTaints
+	Tolerations []DeviceToleration `json:"tolerations,omitempty" protobuf:"bytes,6,opt,name=tolerations"`
+}
+
+// DeviceAllocationConfiguration gets embedded in an AllocationResult.
+type DeviceAllocationConfiguration struct {
+	// Source records whether the configuration comes from a class and thus
+	// is not something that a normal user would have been able to set
+	// or from a claim.
+	//
+	// +required
+	Source AllocationConfigSource `json:"source" protobuf:"bytes,1,name=source"`
+
+	// Requests lists the names of requests where the configuration applies.
+	// If empty, its applies to all requests.
+	//
+	// References to subrequests must include the name of the main request
+	// and may include the subrequest using the format <main request>[/<subrequest>]. If just
+	// the main request is given, the configuration applies to all subrequests.
+	//
+	// +optional
+	// +listType=atomic
+	Requests []string `json:"requests,omitempty" protobuf:"bytes,2,opt,name=requests"`
+
+	DeviceConfiguration `json:",inline" protobuf:"bytes,3,name=deviceConfiguration"`
+}
+
+type AllocationConfigSource string
+
+// Valid [DeviceAllocationConfiguration.Source] values.
+const (
+	AllocationConfigSourceClass = "FromClass"
+	AllocationConfigSourceClaim = "FromClaim"
+)
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// ResourceClaimList is a collection of claims.
+type ResourceClaimList struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard list metadata
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Items is the list of resource claims.
+	Items []ResourceClaim `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// +genclient
+// +genclient:nonNamespaced
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// DeviceClass is a vendor- or admin-provided resource that contains
+// device configuration and selectors. It can be referenced in
+// the device requests of a claim to apply these presets.
+// Cluster scoped.
+//
+// This is an alpha type and requires enabling the DynamicResourceAllocation
+// feature gate.
+type DeviceClass struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard object metadata
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Spec defines what can be allocated and how to configure it.
+	//
+	// This is mutable. Consumers have to be prepared for classes changing
+	// at any time, either because they get updated or replaced. Claim
+	// allocations are done once based on whatever was set in classes at
+	// the time of allocation.
+	//
+	// Changing the spec automatically increments the metadata.generation number.
+	Spec DeviceClassSpec `json:"spec" protobuf:"bytes,2,name=spec"`
+}
+
+// DeviceClassSpec is used in a [DeviceClass] to define what can be allocated
+// and how to configure it.
+type DeviceClassSpec struct {
+	// Each selector must be satisfied by a device which is claimed via this class.
+	//
+	// +optional
+	// +listType=atomic
+	Selectors []DeviceSelector `json:"selectors,omitempty" protobuf:"bytes,1,opt,name=selectors"`
+
+	// Config defines configuration parameters that apply to each device that is claimed via this class.
+	// Some classses may potentially be satisfied by multiple drivers, so each instance of a vendor
+	// configuration applies to exactly one driver.
+	//
+	// They are passed to the driver, but are not considered while allocating the claim.
+	//
+	// +optional
+	// +listType=atomic
+	Config []DeviceClassConfiguration `json:"config,omitempty" protobuf:"bytes,2,opt,name=config"`
+
+	// SuitableNodes is tombstoned since Kubernetes 1.32 where
+	// it got removed. May be reused once decoding v1alpha3 is no longer
+	// supported.
+	// SuitableNodes *v1.NodeSelector `json:"suitableNodes,omitempty" protobuf:"bytes,3,opt,name=suitableNodes"`
+}
+
+// DeviceClassConfiguration is used in DeviceClass.
+type DeviceClassConfiguration struct {
+	DeviceConfiguration `json:",inline" protobuf:"bytes,1,opt,name=deviceConfiguration"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// DeviceClassList is a collection of classes.
+type DeviceClassList struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard list metadata
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Items is the list of resource classes.
+	Items []DeviceClass `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// ResourceClaimTemplate is used to produce ResourceClaim objects.
+//
+// This is an alpha type and requires enabling the DynamicResourceAllocation
+// feature gate.
+type ResourceClaimTemplate struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard object metadata
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Describes the ResourceClaim that is to be generated.
+	//
+	// This field is immutable. A ResourceClaim will get created by the
+	// control plane for a Pod when needed and then not get updated
+	// anymore.
+	Spec ResourceClaimTemplateSpec `json:"spec" protobuf:"bytes,2,name=spec"`
+}
+
+// ResourceClaimTemplateSpec contains the metadata and fields for a ResourceClaim.
+type ResourceClaimTemplateSpec struct {
+	// ObjectMeta may contain labels and annotations that will be copied into the ResourceClaim
+	// when creating it. No other fields are allowed and will be rejected during
+	// validation.
+	// +optional
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Spec for the ResourceClaim. The entire content is copied unchanged
+	// into the ResourceClaim that gets created from this template. The
+	// same fields as in a ResourceClaim are also valid here.
+	Spec ResourceClaimSpec `json:"spec" protobuf:"bytes,2,name=spec"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:prerelease-lifecycle-gen:introduced=1.33
+
+// ResourceClaimTemplateList is a collection of claim templates.
+type ResourceClaimTemplateList struct {
+	metav1.TypeMeta `json:",inline"`
+	// Standard list metadata
+	// +optional
+	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+
+	// Items is the list of resource claim templates.
+	Items []ResourceClaimTemplate `json:"items" protobuf:"bytes,2,rep,name=items"`
+}
+
+const (
+	// AllocatedDeviceStatusMaxConditions represents the maximum number of
+	// conditions in a device status.
+	AllocatedDeviceStatusMaxConditions int = 8
+	// AllocatedDeviceStatusDataMaxLength represents the maximum length of the
+	// raw data in the Data field in a device status.
+	AllocatedDeviceStatusDataMaxLength int = 10 * 1024
+	// NetworkDeviceDataMaxIPs represents the maximum number of IPs in the networkData
+	// field in a device status.
+	NetworkDeviceDataMaxIPs int = 16
+	// NetworkDeviceDataInterfaceNameMaxLength represents the maximum number of characters
+	// for the networkData.interfaceName field in a device status.
+	NetworkDeviceDataInterfaceNameMaxLength int = 256
+	// NetworkDeviceDataHardwareAddressMaxLength represents the maximum number of characters
+	// for the networkData.hardwareAddress field in a device status.
+	NetworkDeviceDataHardwareAddressMaxLength int = 128
+)
+
+// AllocatedDeviceStatus contains the status of an allocated device, if the
+// driver chooses to report it. This may include driver-specific information.
+type AllocatedDeviceStatus struct {
+	// Driver specifies the name of the DRA driver whose kubelet
+	// plugin should be invoked to process the allocation once the claim is
+	// needed on a node.
+	//
+	// Must be a DNS subdomain and should end with a DNS domain owned by the
+	// vendor of the driver.
+	//
+	// +required
+	Driver string `json:"driver" protobuf:"bytes,1,rep,name=driver"`
+
+	// This name together with the driver name and the device name field
+	// identify which device was allocated (`<driver name>/<pool name>/<device name>`).
+	//
+	// Must not be longer than 253 characters and may contain one or more
+	// DNS sub-domains separated by slashes.
+	//
+	// +required
+	Pool string `json:"pool" protobuf:"bytes,2,rep,name=pool"`
+
+	// Device references one device instance via its name in the driver's
+	// resource pool. It must be a DNS label.
+	//
+	// +required
+	Device string `json:"device" protobuf:"bytes,3,rep,name=device"`
+
+	// Conditions contains the latest observation of the device's state.
+	// If the device has been configured according to the class and claim
+	// config references, the `Ready` condition should be True.
+	//
+	// Must not contain more than 8 entries.
+	//
+	// +optional
+	// +listType=map
+	// +listMapKey=type
+	Conditions []metav1.Condition `json:"conditions" protobuf:"bytes,4,opt,name=conditions"`
+
+	// Data contains arbitrary driver-specific data.
+	//
+	// The length of the raw data must be smaller or equal to 10 Ki.
+	//
+	// +optional
+	Data *runtime.RawExtension `json:"data,omitempty" protobuf:"bytes,5,opt,name=data"`
+
+	// NetworkData contains network-related information specific to the device.
+	//
+	// +optional
+	NetworkData *NetworkDeviceData `json:"networkData,omitempty" protobuf:"bytes,6,opt,name=networkData"`
+}
+
+// NetworkDeviceData provides network-related details for the allocated device.
+// This information may be filled by drivers or other components to configure
+// or identify the device within a network context.
+type NetworkDeviceData struct {
+	// InterfaceName specifies the name of the network interface associated with
+	// the allocated device. This might be the name of a physical or virtual
+	// network interface being configured in the pod.
+	//
+	// Must not be longer than 256 characters.
+	//
+	// +optional
+	InterfaceName string `json:"interfaceName,omitempty" protobuf:"bytes,1,opt,name=interfaceName"`
+
+	// IPs lists the network addresses assigned to the device's network interface.
+	// This can include both IPv4 and IPv6 addresses.
+	// The IPs are in the CIDR notation, which includes both the address and the
+	// associated subnet mask.
+	// e.g.: "192.0.2.5/24" for IPv4 and "2001:db8::5/64" for IPv6.
+	//
+	// +optional
+	// +listType=atomic
+	IPs []string `json:"ips,omitempty" protobuf:"bytes,2,opt,name=ips"`
+
+	// HardwareAddress represents the hardware address (e.g. MAC Address) of the device's network interface.
+	//
+	// Must not be longer than 128 characters.
+	//
+	// +optional
+	HardwareAddress string `json:"hardwareAddress,omitempty" protobuf:"bytes,3,opt,name=hardwareAddress"`
+}
diff --git a/vendor/k8s.io/api/resource/v1beta2/types_swagger_doc_generated.go b/vendor/k8s.io/api/resource/v1beta2/types_swagger_doc_generated.go
new file mode 100644
index 0000000000..e1c893e1b6
--- /dev/null
+++ b/vendor/k8s.io/api/resource/v1beta2/types_swagger_doc_generated.go
@@ -0,0 +1,464 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta2
+
+// This file contains a collection of methods that can be used from go-restful to
+// generate Swagger API documentation for its models. Please read this PR for more
+// information on the implementation: https://github.com/emicklei/go-restful/pull/215
+//
+// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if
+// they are on one line! For multiple line or blocks that you want to ignore use ---.
+// Any context after a --- is ignored.
+//
+// Those methods can be generated by using hack/update-codegen.sh
+
+// AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT.
+var map_AllocatedDeviceStatus = map[string]string{
+	"":            "AllocatedDeviceStatus contains the status of an allocated device, if the driver chooses to report it. This may include driver-specific information.",
+	"driver":      "Driver specifies the name of the DRA driver whose kubelet plugin should be invoked to process the allocation once the claim is needed on a node.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver.",
+	"pool":        "This name together with the driver name and the device name field identify which device was allocated (`<driver name>/<pool name>/<device name>`).\n\nMust not be longer than 253 characters and may contain one or more DNS sub-domains separated by slashes.",
+	"device":      "Device references one device instance via its name in the driver's resource pool. It must be a DNS label.",
+	"conditions":  "Conditions contains the latest observation of the device's state. If the device has been configured according to the class and claim config references, the `Ready` condition should be True.\n\nMust not contain more than 8 entries.",
+	"data":        "Data contains arbitrary driver-specific data.\n\nThe length of the raw data must be smaller or equal to 10 Ki.",
+	"networkData": "NetworkData contains network-related information specific to the device.",
+}
+
+func (AllocatedDeviceStatus) SwaggerDoc() map[string]string {
+	return map_AllocatedDeviceStatus
+}
+
+var map_AllocationResult = map[string]string{
+	"":             "AllocationResult contains attributes of an allocated resource.",
+	"devices":      "Devices is the result of allocating devices.",
+	"nodeSelector": "NodeSelector defines where the allocated resources are available. If unset, they are available everywhere.",
+}
+
+func (AllocationResult) SwaggerDoc() map[string]string {
+	return map_AllocationResult
+}
+
+var map_CELDeviceSelector = map[string]string{
+	"":           "CELDeviceSelector contains a CEL expression for selecting a device.",
+	"expression": "Expression is a CEL expression which evaluates a single device. It must evaluate to true when the device under consideration satisfies the desired criteria, and false when it does not. Any other result is an error and causes allocation of devices to abort.\n\nThe expression's input is an object named \"device\", which carries the following properties:\n - driver (string): the name of the driver which defines this device.\n - attributes (map[string]object): the device's attributes, grouped by prefix\n   (e.g. device.attributes[\"dra.example.com\"] evaluates to an object with all\n   of the attributes which were prefixed by \"dra.example.com\".\n - capacity (map[string]object): the device's capacities, grouped by prefix.\n\nExample: Consider a device with driver=\"dra.example.com\", which exposes two attributes named \"model\" and \"ext.example.com/family\" and which exposes one capacity named \"modules\". This input to this expression would have the following fields:\n\n    device.driver\n    device.attributes[\"dra.example.com\"].model\n    device.attributes[\"ext.example.com\"].family\n    device.capacity[\"dra.example.com\"].modules\n\nThe device.driver field can be used to check for a specific driver, either as a high-level precondition (i.e. you only want to consider devices from this driver) or as part of a multi-clause expression that is meant to consider devices from different drivers.\n\nThe value type of each attribute is defined by the device definition, and users who write these expressions must consult the documentation for their specific drivers. The value type of each capacity is Quantity.\n\nIf an unknown prefix is used as a lookup in either device.attributes or device.capacity, an empty map will be returned. Any reference to an unknown field will cause an evaluation error and allocation to abort.\n\nA robust expression should check for the existence of attributes before referencing them.\n\nFor ease of use, the cel.bind() function is enabled, and can be used to simplify expressions that access multiple attributes with the same domain. For example:\n\n    cel.bind(dra, device.attributes[\"dra.example.com\"], dra.someBool && dra.anotherBool)\n\nThe length of the expression must be smaller or equal to 10 Ki. The cost of evaluating it is also limited based on the estimated number of logical steps.",
+}
+
+func (CELDeviceSelector) SwaggerDoc() map[string]string {
+	return map_CELDeviceSelector
+}
+
+var map_Counter = map[string]string{
+	"":      "Counter describes a quantity associated with a device.",
+	"value": "Value defines how much of a certain device counter is available.",
+}
+
+func (Counter) SwaggerDoc() map[string]string {
+	return map_Counter
+}
+
+var map_CounterSet = map[string]string{
+	"":         "CounterSet defines a named set of counters that are available to be used by devices defined in the ResourceSlice.\n\nThe counters are not allocatable by themselves, but can be referenced by devices. When a device is allocated, the portion of counters it uses will no longer be available for use by other devices.",
+	"name":     "Name defines the name of the counter set. It must be a DNS label.",
+	"counters": "Counters defines the set of counters for this CounterSet The name of each counter must be unique in that set and must be a DNS label.\n\nThe maximum number of counters in all sets is 32.",
+}
+
+func (CounterSet) SwaggerDoc() map[string]string {
+	return map_CounterSet
+}
+
+var map_Device = map[string]string{
+	"":                 "Device represents one individual hardware instance that can be selected based on its attributes. Besides the name, exactly one field must be set.",
+	"name":             "Name is unique identifier among all devices managed by the driver in the pool. It must be a DNS label.",
+	"attributes":       "Attributes defines the set of attributes for this device. The name of each attribute must be unique in that set.\n\nThe maximum number of attributes and capacities combined is 32.",
+	"capacity":         "Capacity defines the set of capacities for this device. The name of each capacity must be unique in that set.\n\nThe maximum number of attributes and capacities combined is 32.",
+	"consumesCounters": "ConsumesCounters defines a list of references to sharedCounters and the set of counters that the device will consume from those counter sets.\n\nThere can only be a single entry per counterSet.\n\nThe total number of device counter consumption entries must be <= 32. In addition, the total number in the entire ResourceSlice must be <= 1024 (for example, 64 devices with 16 counters each).",
+	"nodeName":         "NodeName identifies the node where the device is available.\n\nMust only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.",
+	"nodeSelector":     "NodeSelector defines the nodes where the device is available.\n\nMust use exactly one term.\n\nMust only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.",
+	"allNodes":         "AllNodes indicates that all nodes have access to the device.\n\nMust only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.",
+	"taints":           "If specified, these are the driver-defined taints.\n\nThe maximum number of taints is 4.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
+}
+
+func (Device) SwaggerDoc() map[string]string {
+	return map_Device
+}
+
+var map_DeviceAllocationConfiguration = map[string]string{
+	"":         "DeviceAllocationConfiguration gets embedded in an AllocationResult.",
+	"source":   "Source records whether the configuration comes from a class and thus is not something that a normal user would have been able to set or from a claim.",
+	"requests": "Requests lists the names of requests where the configuration applies. If empty, its applies to all requests.\n\nReferences to subrequests must include the name of the main request and may include the subrequest using the format <main request>[/<subrequest>]. If just the main request is given, the configuration applies to all subrequests.",
+}
+
+func (DeviceAllocationConfiguration) SwaggerDoc() map[string]string {
+	return map_DeviceAllocationConfiguration
+}
+
+var map_DeviceAllocationResult = map[string]string{
+	"":        "DeviceAllocationResult is the result of allocating devices.",
+	"results": "Results lists all allocated devices.",
+	"config":  "This field is a combination of all the claim and class configuration parameters. Drivers can distinguish between those based on a flag.\n\nThis includes configuration parameters for drivers which have no allocated devices in the result because it is up to the drivers which configuration parameters they support. They can silently ignore unknown configuration parameters.",
+}
+
+func (DeviceAllocationResult) SwaggerDoc() map[string]string {
+	return map_DeviceAllocationResult
+}
+
+var map_DeviceAttribute = map[string]string{
+	"":        "DeviceAttribute must have exactly one field set.",
+	"int":     "IntValue is a number.",
+	"bool":    "BoolValue is a true/false value.",
+	"string":  "StringValue is a string. Must not be longer than 64 characters.",
+	"version": "VersionValue is a semantic version according to semver.org spec 2.0.0. Must not be longer than 64 characters.",
+}
+
+func (DeviceAttribute) SwaggerDoc() map[string]string {
+	return map_DeviceAttribute
+}
+
+var map_DeviceCapacity = map[string]string{
+	"":      "DeviceCapacity describes a quantity associated with a device.",
+	"value": "Value defines how much of a certain device capacity is available.",
+}
+
+func (DeviceCapacity) SwaggerDoc() map[string]string {
+	return map_DeviceCapacity
+}
+
+var map_DeviceClaim = map[string]string{
+	"":            "DeviceClaim defines how to request devices with a ResourceClaim.",
+	"requests":    "Requests represent individual requests for distinct devices which must all be satisfied. If empty, nothing needs to be allocated.",
+	"constraints": "These constraints must be satisfied by the set of devices that get allocated for the claim.",
+	"config":      "This field holds configuration for multiple potential drivers which could satisfy requests in this claim. It is ignored while allocating the claim.",
+}
+
+func (DeviceClaim) SwaggerDoc() map[string]string {
+	return map_DeviceClaim
+}
+
+var map_DeviceClaimConfiguration = map[string]string{
+	"":         "DeviceClaimConfiguration is used for configuration parameters in DeviceClaim.",
+	"requests": "Requests lists the names of requests where the configuration applies. If empty, it applies to all requests.\n\nReferences to subrequests must include the name of the main request and may include the subrequest using the format <main request>[/<subrequest>]. If just the main request is given, the configuration applies to all subrequests.",
+}
+
+func (DeviceClaimConfiguration) SwaggerDoc() map[string]string {
+	return map_DeviceClaimConfiguration
+}
+
+var map_DeviceClass = map[string]string{
+	"":         "DeviceClass is a vendor- or admin-provided resource that contains device configuration and selectors. It can be referenced in the device requests of a claim to apply these presets. Cluster scoped.\n\nThis is an alpha type and requires enabling the DynamicResourceAllocation feature gate.",
+	"metadata": "Standard object metadata",
+	"spec":     "Spec defines what can be allocated and how to configure it.\n\nThis is mutable. Consumers have to be prepared for classes changing at any time, either because they get updated or replaced. Claim allocations are done once based on whatever was set in classes at the time of allocation.\n\nChanging the spec automatically increments the metadata.generation number.",
+}
+
+func (DeviceClass) SwaggerDoc() map[string]string {
+	return map_DeviceClass
+}
+
+var map_DeviceClassConfiguration = map[string]string{
+	"": "DeviceClassConfiguration is used in DeviceClass.",
+}
+
+func (DeviceClassConfiguration) SwaggerDoc() map[string]string {
+	return map_DeviceClassConfiguration
+}
+
+var map_DeviceClassList = map[string]string{
+	"":         "DeviceClassList is a collection of classes.",
+	"metadata": "Standard list metadata",
+	"items":    "Items is the list of resource classes.",
+}
+
+func (DeviceClassList) SwaggerDoc() map[string]string {
+	return map_DeviceClassList
+}
+
+var map_DeviceClassSpec = map[string]string{
+	"":          "DeviceClassSpec is used in a [DeviceClass] to define what can be allocated and how to configure it.",
+	"selectors": "Each selector must be satisfied by a device which is claimed via this class.",
+	"config":    "Config defines configuration parameters that apply to each device that is claimed via this class. Some classses may potentially be satisfied by multiple drivers, so each instance of a vendor configuration applies to exactly one driver.\n\nThey are passed to the driver, but are not considered while allocating the claim.",
+}
+
+func (DeviceClassSpec) SwaggerDoc() map[string]string {
+	return map_DeviceClassSpec
+}
+
+var map_DeviceConfiguration = map[string]string{
+	"":       "DeviceConfiguration must have exactly one field set. It gets embedded inline in some other structs which have other fields, so field names must not conflict with those.",
+	"opaque": "Opaque provides driver-specific configuration parameters.",
+}
+
+func (DeviceConfiguration) SwaggerDoc() map[string]string {
+	return map_DeviceConfiguration
+}
+
+var map_DeviceConstraint = map[string]string{
+	"":               "DeviceConstraint must have exactly one field set besides Requests.",
+	"requests":       "Requests is a list of the one or more requests in this claim which must co-satisfy this constraint. If a request is fulfilled by multiple devices, then all of the devices must satisfy the constraint. If this is not specified, this constraint applies to all requests in this claim.\n\nReferences to subrequests must include the name of the main request and may include the subrequest using the format <main request>[/<subrequest>]. If just the main request is given, the constraint applies to all subrequests.",
+	"matchAttribute": "MatchAttribute requires that all devices in question have this attribute and that its type and value are the same across those devices.\n\nFor example, if you specified \"dra.example.com/numa\" (a hypothetical example!), then only devices in the same NUMA node will be chosen. A device which does not have that attribute will not be chosen. All devices should use a value of the same type for this attribute because that is part of its specification, but if one device doesn't, then it also will not be chosen.\n\nMust include the domain qualifier.",
+}
+
+func (DeviceConstraint) SwaggerDoc() map[string]string {
+	return map_DeviceConstraint
+}
+
+var map_DeviceCounterConsumption = map[string]string{
+	"":           "DeviceCounterConsumption defines a set of counters that a device will consume from a CounterSet.",
+	"counterSet": "CounterSet is the name of the set from which the counters defined will be consumed.",
+	"counters":   "Counters defines the counters that will be consumed by the device.\n\nThe maximum number counters in a device is 32. In addition, the maximum number of all counters in all devices is 1024 (for example, 64 devices with 16 counters each).",
+}
+
+func (DeviceCounterConsumption) SwaggerDoc() map[string]string {
+	return map_DeviceCounterConsumption
+}
+
+var map_DeviceRequest = map[string]string{
+	"":               "DeviceRequest is a request for devices required for a claim. This is typically a request for a single resource like a device, but can also ask for several identical devices. With FirstAvailable it is also possible to provide a prioritized list of requests.",
+	"name":           "Name can be used to reference this request in a pod.spec.containers[].resources.claims entry and in a constraint of the claim.\n\nReferences using the name in the DeviceRequest will uniquely identify a request when the Exactly field is set. When the FirstAvailable field is set, a reference to the name of the DeviceRequest will match whatever subrequest is chosen by the scheduler.\n\nMust be a DNS label.",
+	"exactly":        "Exactly specifies the details for a single request that must be met exactly for the request to be satisfied.\n\nOne of Exactly or FirstAvailable must be set.",
+	"firstAvailable": "FirstAvailable contains subrequests, of which exactly one will be selected by the scheduler. It tries to satisfy them in the order in which they are listed here. So if there are two entries in the list, the scheduler will only check the second one if it determines that the first one can not be used.\n\nDRA does not yet implement scoring, so the scheduler will select the first set of devices that satisfies all the requests in the claim. And if the requirements can be satisfied on more than one node, other scheduling features will determine which node is chosen. This means that the set of devices allocated to a claim might not be the optimal set available to the cluster. Scoring will be implemented later.",
+}
+
+func (DeviceRequest) SwaggerDoc() map[string]string {
+	return map_DeviceRequest
+}
+
+var map_DeviceRequestAllocationResult = map[string]string{
+	"":            "DeviceRequestAllocationResult contains the allocation result for one request.",
+	"request":     "Request is the name of the request in the claim which caused this device to be allocated. If it references a subrequest in the firstAvailable list on a DeviceRequest, this field must include both the name of the main request and the subrequest using the format <main request>/<subrequest>.\n\nMultiple devices may have been allocated per request.",
+	"driver":      "Driver specifies the name of the DRA driver whose kubelet plugin should be invoked to process the allocation once the claim is needed on a node.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver.",
+	"pool":        "This name together with the driver name and the device name field identify which device was allocated (`<driver name>/<pool name>/<device name>`).\n\nMust not be longer than 253 characters and may contain one or more DNS sub-domains separated by slashes.",
+	"device":      "Device references one device instance via its name in the driver's resource pool. It must be a DNS label.",
+	"adminAccess": "AdminAccess indicates that this device was allocated for administrative access. See the corresponding request field for a definition of mode.\n\nThis is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.",
+	"tolerations": "A copy of all tolerations specified in the request at the time when the device got allocated.\n\nThe maximum number of tolerations is 16.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
+}
+
+func (DeviceRequestAllocationResult) SwaggerDoc() map[string]string {
+	return map_DeviceRequestAllocationResult
+}
+
+var map_DeviceSelector = map[string]string{
+	"":    "DeviceSelector must have exactly one field set.",
+	"cel": "CEL contains a CEL expression for selecting a device.",
+}
+
+func (DeviceSelector) SwaggerDoc() map[string]string {
+	return map_DeviceSelector
+}
+
+var map_DeviceSubRequest = map[string]string{
+	"":                "DeviceSubRequest describes a request for device provided in the claim.spec.devices.requests[].firstAvailable array. Each is typically a request for a single resource like a device, but can also ask for several identical devices.\n\nDeviceSubRequest is similar to ExactDeviceRequest, but doesn't expose the AdminAccess field as that one is only supported when requesting a specific device.",
+	"name":            "Name can be used to reference this subrequest in the list of constraints or the list of configurations for the claim. References must use the format <main request>/<subrequest>.\n\nMust be a DNS label.",
+	"deviceClassName": "DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this subrequest.\n\nA class is required. Which classes are available depends on the cluster.\n\nAdministrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.",
+	"selectors":       "Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this subrequest. All selectors must be satisfied for a device to be considered.",
+	"allocationMode":  "AllocationMode and its related fields define how devices are allocated to satisfy this subrequest. Supported values are:\n\n- ExactCount: This request is for a specific number of devices.\n  This is the default. The exact number is provided in the\n  count field.\n\n- All: This subrequest is for all of the matching devices in a pool.\n  Allocation will fail if some devices are already allocated,\n  unless adminAccess is requested.\n\nIf AllocationMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other subrequests must specify this field.\n\nMore modes may get added in the future. Clients must refuse to handle requests with unknown modes.",
+	"count":           "Count is used only when the count mode is \"ExactCount\". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.",
+	"tolerations":     "If specified, the request's tolerations.\n\nTolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute.\n\nIn addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated.\n\nThe maximum number of tolerations is 16.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
+}
+
+func (DeviceSubRequest) SwaggerDoc() map[string]string {
+	return map_DeviceSubRequest
+}
+
+var map_DeviceTaint = map[string]string{
+	"":          "The device this taint is attached to has the \"effect\" on any claim which does not tolerate the taint and, through the claim, to pods using the claim.",
+	"key":       "The taint key to be applied to a device. Must be a label name.",
+	"value":     "The taint value corresponding to the taint key. Must be a label value.",
+	"effect":    "The effect of the taint on claims that do not tolerate the taint and through such claims on the pods using them. Valid effects are NoSchedule and NoExecute. PreferNoSchedule as used for nodes is not valid here.",
+	"timeAdded": "TimeAdded represents the time at which the taint was added. Added automatically during create or update if not set.",
+}
+
+func (DeviceTaint) SwaggerDoc() map[string]string {
+	return map_DeviceTaint
+}
+
+var map_DeviceToleration = map[string]string{
+	"":                  "The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.",
+	"key":               "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. Must be a label name.",
+	"operator":          "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a ResourceClaim can tolerate all taints of a particular category.",
+	"value":             "Value is the taint value the toleration matches to. If the operator is Exists, the value must be empty, otherwise just a regular string. Must be a label value.",
+	"effect":            "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule and NoExecute.",
+	"tolerationSeconds": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. If larger than zero, the time when the pod needs to be evicted is calculated as <time when taint was adedd> + <toleration seconds>.",
+}
+
+func (DeviceToleration) SwaggerDoc() map[string]string {
+	return map_DeviceToleration
+}
+
+var map_ExactDeviceRequest = map[string]string{
+	"":                "ExactDeviceRequest is a request for one or more identical devices.",
+	"deviceClassName": "DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this request.\n\nA DeviceClassName is required.\n\nAdministrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.",
+	"selectors":       "Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this request. All selectors must be satisfied for a device to be considered.",
+	"allocationMode":  "AllocationMode and its related fields define how devices are allocated to satisfy this request. Supported values are:\n\n- ExactCount: This request is for a specific number of devices.\n  This is the default. The exact number is provided in the\n  count field.\n\n- All: This request is for all of the matching devices in a pool.\n  At least one device must exist on the node for the allocation to succeed.\n  Allocation will fail if some devices are already allocated,\n  unless adminAccess is requested.\n\nIf AllocationMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other requests must specify this field.\n\nMore modes may get added in the future. Clients must refuse to handle requests with unknown modes.",
+	"count":           "Count is used only when the count mode is \"ExactCount\". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.",
+	"adminAccess":     "AdminAccess indicates that this is a claim for administrative access to the device(s). Claims with AdminAccess are expected to be used for monitoring or other management services for a device.  They ignore all ordinary claims to the device with respect to access modes and any resource allocations.\n\nThis is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.",
+	"tolerations":     "If specified, the request's tolerations.\n\nTolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute.\n\nIn addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated.\n\nThe maximum number of tolerations is 16.\n\nThis is an alpha field and requires enabling the DRADeviceTaints feature gate.",
+}
+
+func (ExactDeviceRequest) SwaggerDoc() map[string]string {
+	return map_ExactDeviceRequest
+}
+
+var map_NetworkDeviceData = map[string]string{
+	"":                "NetworkDeviceData provides network-related details for the allocated device. This information may be filled by drivers or other components to configure or identify the device within a network context.",
+	"interfaceName":   "InterfaceName specifies the name of the network interface associated with the allocated device. This might be the name of a physical or virtual network interface being configured in the pod.\n\nMust not be longer than 256 characters.",
+	"ips":             "IPs lists the network addresses assigned to the device's network interface. This can include both IPv4 and IPv6 addresses. The IPs are in the CIDR notation, which includes both the address and the associated subnet mask. e.g.: \"192.0.2.5/24\" for IPv4 and \"2001:db8::5/64\" for IPv6.",
+	"hardwareAddress": "HardwareAddress represents the hardware address (e.g. MAC Address) of the device's network interface.\n\nMust not be longer than 128 characters.",
+}
+
+func (NetworkDeviceData) SwaggerDoc() map[string]string {
+	return map_NetworkDeviceData
+}
+
+var map_OpaqueDeviceConfiguration = map[string]string{
+	"":           "OpaqueDeviceConfiguration contains configuration parameters for a driver in a format defined by the driver vendor.",
+	"driver":     "Driver is used to determine which kubelet plugin needs to be passed these configuration parameters.\n\nAn admission policy provided by the driver developer could use this to decide whether it needs to validate them.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver.",
+	"parameters": "Parameters can contain arbitrary data. It is the responsibility of the driver developer to handle validation and versioning. Typically this includes self-identification and a version (\"kind\" + \"apiVersion\" for Kubernetes types), with conversion between different versions.\n\nThe length of the raw data must be smaller or equal to 10 Ki.",
+}
+
+func (OpaqueDeviceConfiguration) SwaggerDoc() map[string]string {
+	return map_OpaqueDeviceConfiguration
+}
+
+var map_ResourceClaim = map[string]string{
+	"":         "ResourceClaim describes a request for access to resources in the cluster, for use by workloads. For example, if a workload needs an accelerator device with specific properties, this is how that request is expressed. The status stanza tracks whether this claim has been satisfied and what specific resources have been allocated.\n\nThis is an alpha type and requires enabling the DynamicResourceAllocation feature gate.",
+	"metadata": "Standard object metadata",
+	"spec":     "Spec describes what is being requested and how to configure it. The spec is immutable.",
+	"status":   "Status describes whether the claim is ready to use and what has been allocated.",
+}
+
+func (ResourceClaim) SwaggerDoc() map[string]string {
+	return map_ResourceClaim
+}
+
+var map_ResourceClaimConsumerReference = map[string]string{
+	"":         "ResourceClaimConsumerReference contains enough information to let you locate the consumer of a ResourceClaim. The user must be a resource in the same namespace as the ResourceClaim.",
+	"apiGroup": "APIGroup is the group for the resource being referenced. It is empty for the core API. This matches the group in the APIVersion that is used when creating the resources.",
+	"resource": "Resource is the type of resource being referenced, for example \"pods\".",
+	"name":     "Name is the name of resource being referenced.",
+	"uid":      "UID identifies exactly one incarnation of the resource.",
+}
+
+func (ResourceClaimConsumerReference) SwaggerDoc() map[string]string {
+	return map_ResourceClaimConsumerReference
+}
+
+var map_ResourceClaimList = map[string]string{
+	"":         "ResourceClaimList is a collection of claims.",
+	"metadata": "Standard list metadata",
+	"items":    "Items is the list of resource claims.",
+}
+
+func (ResourceClaimList) SwaggerDoc() map[string]string {
+	return map_ResourceClaimList
+}
+
+var map_ResourceClaimSpec = map[string]string{
+	"":        "ResourceClaimSpec defines what is being requested in a ResourceClaim and how to configure it.",
+	"devices": "Devices defines how to request devices.",
+}
+
+func (ResourceClaimSpec) SwaggerDoc() map[string]string {
+	return map_ResourceClaimSpec
+}
+
+var map_ResourceClaimStatus = map[string]string{
+	"":            "ResourceClaimStatus tracks whether the resource has been allocated and what the result of that was.",
+	"allocation":  "Allocation is set once the claim has been allocated successfully.",
+	"reservedFor": "ReservedFor indicates which entities are currently allowed to use the claim. A Pod which references a ResourceClaim which is not reserved for that Pod will not be started. A claim that is in use or might be in use because it has been reserved must not get deallocated.\n\nIn a cluster with multiple scheduler instances, two pods might get scheduled concurrently by different schedulers. When they reference the same ResourceClaim which already has reached its maximum number of consumers, only one pod can be scheduled.\n\nBoth schedulers try to add their pod to the claim.status.reservedFor field, but only the update that reaches the API server first gets stored. The other one fails with an error and the scheduler which issued it knows that it must put the pod back into the queue, waiting for the ResourceClaim to become usable again.\n\nThere can be at most 256 such reservations. This may get increased in the future, but not reduced.",
+	"devices":     "Devices contains the status of each device allocated for this claim, as reported by the driver. This can include driver-specific information. Entries are owned by their respective drivers.",
+}
+
+func (ResourceClaimStatus) SwaggerDoc() map[string]string {
+	return map_ResourceClaimStatus
+}
+
+var map_ResourceClaimTemplate = map[string]string{
+	"":         "ResourceClaimTemplate is used to produce ResourceClaim objects.\n\nThis is an alpha type and requires enabling the DynamicResourceAllocation feature gate.",
+	"metadata": "Standard object metadata",
+	"spec":     "Describes the ResourceClaim that is to be generated.\n\nThis field is immutable. A ResourceClaim will get created by the control plane for a Pod when needed and then not get updated anymore.",
+}
+
+func (ResourceClaimTemplate) SwaggerDoc() map[string]string {
+	return map_ResourceClaimTemplate
+}
+
+var map_ResourceClaimTemplateList = map[string]string{
+	"":         "ResourceClaimTemplateList is a collection of claim templates.",
+	"metadata": "Standard list metadata",
+	"items":    "Items is the list of resource claim templates.",
+}
+
+func (ResourceClaimTemplateList) SwaggerDoc() map[string]string {
+	return map_ResourceClaimTemplateList
+}
+
+var map_ResourceClaimTemplateSpec = map[string]string{
+	"":         "ResourceClaimTemplateSpec contains the metadata and fields for a ResourceClaim.",
+	"metadata": "ObjectMeta may contain labels and annotations that will be copied into the ResourceClaim when creating it. No other fields are allowed and will be rejected during validation.",
+	"spec":     "Spec for the ResourceClaim. The entire content is copied unchanged into the ResourceClaim that gets created from this template. The same fields as in a ResourceClaim are also valid here.",
+}
+
+func (ResourceClaimTemplateSpec) SwaggerDoc() map[string]string {
+	return map_ResourceClaimTemplateSpec
+}
+
+var map_ResourcePool = map[string]string{
+	"":                   "ResourcePool describes the pool that ResourceSlices belong to.",
+	"name":               "Name is used to identify the pool. For node-local devices, this is often the node name, but this is not required.\n\nIt must not be longer than 253 characters and must consist of one or more DNS sub-domains separated by slashes. This field is immutable.",
+	"generation":         "Generation tracks the change in a pool over time. Whenever a driver changes something about one or more of the resources in a pool, it must change the generation in all ResourceSlices which are part of that pool. Consumers of ResourceSlices should only consider resources from the pool with the highest generation number. The generation may be reset by drivers, which should be fine for consumers, assuming that all ResourceSlices in a pool are updated to match or deleted.\n\nCombined with ResourceSliceCount, this mechanism enables consumers to detect pools which are comprised of multiple ResourceSlices and are in an incomplete state.",
+	"resourceSliceCount": "ResourceSliceCount is the total number of ResourceSlices in the pool at this generation number. Must be greater than zero.\n\nConsumers can use this to check whether they have seen all ResourceSlices belonging to the same pool.",
+}
+
+func (ResourcePool) SwaggerDoc() map[string]string {
+	return map_ResourcePool
+}
+
+var map_ResourceSlice = map[string]string{
+	"":         "ResourceSlice represents one or more resources in a pool of similar resources, managed by a common driver. A pool may span more than one ResourceSlice, and exactly how many ResourceSlices comprise a pool is determined by the driver.\n\nAt the moment, the only supported resources are devices with attributes and capacities. Each device in a given pool, regardless of how many ResourceSlices, must have a unique name. The ResourceSlice in which a device gets published may change over time. The unique identifier for a device is the tuple <driver name>, <pool name>, <device name>.\n\nWhenever a driver needs to update a pool, it increments the pool.Spec.Pool.Generation number and updates all ResourceSlices with that new number and new resource definitions. A consumer must only use ResourceSlices with the highest generation number and ignore all others.\n\nWhen allocating all resources in a pool matching certain criteria or when looking for the best solution among several different alternatives, a consumer should check the number of ResourceSlices in a pool (included in each ResourceSlice) to determine whether its view of a pool is complete and if not, should wait until the driver has completed updating the pool.\n\nFor resources that are not local to a node, the node name is not set. Instead, the driver may use a node selector to specify where the devices are available.\n\nThis is an alpha type and requires enabling the DynamicResourceAllocation feature gate.",
+	"metadata": "Standard object metadata",
+	"spec":     "Contains the information published by the driver.\n\nChanging the spec automatically increments the metadata.generation number.",
+}
+
+func (ResourceSlice) SwaggerDoc() map[string]string {
+	return map_ResourceSlice
+}
+
+var map_ResourceSliceList = map[string]string{
+	"":         "ResourceSliceList is a collection of ResourceSlices.",
+	"metadata": "Standard list metadata",
+	"items":    "Items is the list of resource ResourceSlices.",
+}
+
+func (ResourceSliceList) SwaggerDoc() map[string]string {
+	return map_ResourceSliceList
+}
+
+var map_ResourceSliceSpec = map[string]string{
+	"":                       "ResourceSliceSpec contains the information published by the driver in one ResourceSlice.",
+	"driver":                 "Driver identifies the DRA driver providing the capacity information. A field selector can be used to list only ResourceSlice objects with a certain driver name.\n\nMust be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. This field is immutable.",
+	"pool":                   "Pool describes the pool that this ResourceSlice belongs to.",
+	"nodeName":               "NodeName identifies the node which provides the resources in this pool. A field selector can be used to list only ResourceSlice objects belonging to a certain node.\n\nThis field can be used to limit access from nodes to ResourceSlices with the same node name. It also indicates to autoscalers that adding new nodes of the same type as some old node might also make new resources available.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set. This field is immutable.",
+	"nodeSelector":           "NodeSelector defines which nodes have access to the resources in the pool, when that pool is not limited to a single node.\n\nMust use exactly one term.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.",
+	"allNodes":               "AllNodes indicates that all nodes have access to the resources in the pool.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.",
+	"devices":                "Devices lists some or all of the devices in this pool.\n\nMust not have more than 128 entries.",
+	"perDeviceNodeSelection": "PerDeviceNodeSelection defines whether the access from nodes to resources in the pool is set on the ResourceSlice level or on each device. If it is set to true, every device defined the ResourceSlice must specify this individually.\n\nExactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.",
+	"sharedCounters":         "SharedCounters defines a list of counter sets, each of which has a name and a list of counters available.\n\nThe names of the SharedCounters must be unique in the ResourceSlice.\n\nThe maximum number of counters in all sets is 32.",
+}
+
+func (ResourceSliceSpec) SwaggerDoc() map[string]string {
+	return map_ResourceSliceSpec
+}
+
+// AUTO-GENERATED FUNCTIONS END HERE
diff --git a/vendor/k8s.io/api/resource/v1beta2/zz_generated.deepcopy.go b/vendor/k8s.io/api/resource/v1beta2/zz_generated.deepcopy.go
new file mode 100644
index 0000000000..1e8b73dd80
--- /dev/null
+++ b/vendor/k8s.io/api/resource/v1beta2/zz_generated.deepcopy.go
@@ -0,0 +1,1092 @@
+//go:build !ignore_autogenerated
+// +build !ignore_autogenerated
+
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	corev1 "k8s.io/api/core/v1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AllocatedDeviceStatus) DeepCopyInto(out *AllocatedDeviceStatus) {
+	*out = *in
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]v1.Condition, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.Data != nil {
+		in, out := &in.Data, &out.Data
+		*out = new(runtime.RawExtension)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.NetworkData != nil {
+		in, out := &in.NetworkData, &out.NetworkData
+		*out = new(NetworkDeviceData)
+		(*in).DeepCopyInto(*out)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllocatedDeviceStatus.
+func (in *AllocatedDeviceStatus) DeepCopy() *AllocatedDeviceStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(AllocatedDeviceStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AllocationResult) DeepCopyInto(out *AllocationResult) {
+	*out = *in
+	in.Devices.DeepCopyInto(&out.Devices)
+	if in.NodeSelector != nil {
+		in, out := &in.NodeSelector, &out.NodeSelector
+		*out = new(corev1.NodeSelector)
+		(*in).DeepCopyInto(*out)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllocationResult.
+func (in *AllocationResult) DeepCopy() *AllocationResult {
+	if in == nil {
+		return nil
+	}
+	out := new(AllocationResult)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CELDeviceSelector) DeepCopyInto(out *CELDeviceSelector) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CELDeviceSelector.
+func (in *CELDeviceSelector) DeepCopy() *CELDeviceSelector {
+	if in == nil {
+		return nil
+	}
+	out := new(CELDeviceSelector)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Counter) DeepCopyInto(out *Counter) {
+	*out = *in
+	out.Value = in.Value.DeepCopy()
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Counter.
+func (in *Counter) DeepCopy() *Counter {
+	if in == nil {
+		return nil
+	}
+	out := new(Counter)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CounterSet) DeepCopyInto(out *CounterSet) {
+	*out = *in
+	if in.Counters != nil {
+		in, out := &in.Counters, &out.Counters
+		*out = make(map[string]Counter, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CounterSet.
+func (in *CounterSet) DeepCopy() *CounterSet {
+	if in == nil {
+		return nil
+	}
+	out := new(CounterSet)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Device) DeepCopyInto(out *Device) {
+	*out = *in
+	if in.Attributes != nil {
+		in, out := &in.Attributes, &out.Attributes
+		*out = make(map[QualifiedName]DeviceAttribute, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+	}
+	if in.Capacity != nil {
+		in, out := &in.Capacity, &out.Capacity
+		*out = make(map[QualifiedName]DeviceCapacity, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+	}
+	if in.ConsumesCounters != nil {
+		in, out := &in.ConsumesCounters, &out.ConsumesCounters
+		*out = make([]DeviceCounterConsumption, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.NodeName != nil {
+		in, out := &in.NodeName, &out.NodeName
+		*out = new(string)
+		**out = **in
+	}
+	if in.NodeSelector != nil {
+		in, out := &in.NodeSelector, &out.NodeSelector
+		*out = new(corev1.NodeSelector)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.AllNodes != nil {
+		in, out := &in.AllNodes, &out.AllNodes
+		*out = new(bool)
+		**out = **in
+	}
+	if in.Taints != nil {
+		in, out := &in.Taints, &out.Taints
+		*out = make([]DeviceTaint, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Device.
+func (in *Device) DeepCopy() *Device {
+	if in == nil {
+		return nil
+	}
+	out := new(Device)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceAllocationConfiguration) DeepCopyInto(out *DeviceAllocationConfiguration) {
+	*out = *in
+	if in.Requests != nil {
+		in, out := &in.Requests, &out.Requests
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	in.DeviceConfiguration.DeepCopyInto(&out.DeviceConfiguration)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceAllocationConfiguration.
+func (in *DeviceAllocationConfiguration) DeepCopy() *DeviceAllocationConfiguration {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceAllocationConfiguration)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceAllocationResult) DeepCopyInto(out *DeviceAllocationResult) {
+	*out = *in
+	if in.Results != nil {
+		in, out := &in.Results, &out.Results
+		*out = make([]DeviceRequestAllocationResult, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.Config != nil {
+		in, out := &in.Config, &out.Config
+		*out = make([]DeviceAllocationConfiguration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceAllocationResult.
+func (in *DeviceAllocationResult) DeepCopy() *DeviceAllocationResult {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceAllocationResult)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceAttribute) DeepCopyInto(out *DeviceAttribute) {
+	*out = *in
+	if in.IntValue != nil {
+		in, out := &in.IntValue, &out.IntValue
+		*out = new(int64)
+		**out = **in
+	}
+	if in.BoolValue != nil {
+		in, out := &in.BoolValue, &out.BoolValue
+		*out = new(bool)
+		**out = **in
+	}
+	if in.StringValue != nil {
+		in, out := &in.StringValue, &out.StringValue
+		*out = new(string)
+		**out = **in
+	}
+	if in.VersionValue != nil {
+		in, out := &in.VersionValue, &out.VersionValue
+		*out = new(string)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceAttribute.
+func (in *DeviceAttribute) DeepCopy() *DeviceAttribute {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceAttribute)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceCapacity) DeepCopyInto(out *DeviceCapacity) {
+	*out = *in
+	out.Value = in.Value.DeepCopy()
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceCapacity.
+func (in *DeviceCapacity) DeepCopy() *DeviceCapacity {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceCapacity)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceClaim) DeepCopyInto(out *DeviceClaim) {
+	*out = *in
+	if in.Requests != nil {
+		in, out := &in.Requests, &out.Requests
+		*out = make([]DeviceRequest, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.Constraints != nil {
+		in, out := &in.Constraints, &out.Constraints
+		*out = make([]DeviceConstraint, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.Config != nil {
+		in, out := &in.Config, &out.Config
+		*out = make([]DeviceClaimConfiguration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceClaim.
+func (in *DeviceClaim) DeepCopy() *DeviceClaim {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceClaim)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceClaimConfiguration) DeepCopyInto(out *DeviceClaimConfiguration) {
+	*out = *in
+	if in.Requests != nil {
+		in, out := &in.Requests, &out.Requests
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	in.DeviceConfiguration.DeepCopyInto(&out.DeviceConfiguration)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceClaimConfiguration.
+func (in *DeviceClaimConfiguration) DeepCopy() *DeviceClaimConfiguration {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceClaimConfiguration)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceClass) DeepCopyInto(out *DeviceClass) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceClass.
+func (in *DeviceClass) DeepCopy() *DeviceClass {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceClass)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DeviceClass) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceClassConfiguration) DeepCopyInto(out *DeviceClassConfiguration) {
+	*out = *in
+	in.DeviceConfiguration.DeepCopyInto(&out.DeviceConfiguration)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceClassConfiguration.
+func (in *DeviceClassConfiguration) DeepCopy() *DeviceClassConfiguration {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceClassConfiguration)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceClassList) DeepCopyInto(out *DeviceClassList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]DeviceClass, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceClassList.
+func (in *DeviceClassList) DeepCopy() *DeviceClassList {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceClassList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DeviceClassList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceClassSpec) DeepCopyInto(out *DeviceClassSpec) {
+	*out = *in
+	if in.Selectors != nil {
+		in, out := &in.Selectors, &out.Selectors
+		*out = make([]DeviceSelector, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.Config != nil {
+		in, out := &in.Config, &out.Config
+		*out = make([]DeviceClassConfiguration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceClassSpec.
+func (in *DeviceClassSpec) DeepCopy() *DeviceClassSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceClassSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceConfiguration) DeepCopyInto(out *DeviceConfiguration) {
+	*out = *in
+	if in.Opaque != nil {
+		in, out := &in.Opaque, &out.Opaque
+		*out = new(OpaqueDeviceConfiguration)
+		(*in).DeepCopyInto(*out)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceConfiguration.
+func (in *DeviceConfiguration) DeepCopy() *DeviceConfiguration {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceConfiguration)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceConstraint) DeepCopyInto(out *DeviceConstraint) {
+	*out = *in
+	if in.Requests != nil {
+		in, out := &in.Requests, &out.Requests
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.MatchAttribute != nil {
+		in, out := &in.MatchAttribute, &out.MatchAttribute
+		*out = new(FullyQualifiedName)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceConstraint.
+func (in *DeviceConstraint) DeepCopy() *DeviceConstraint {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceConstraint)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceCounterConsumption) DeepCopyInto(out *DeviceCounterConsumption) {
+	*out = *in
+	if in.Counters != nil {
+		in, out := &in.Counters, &out.Counters
+		*out = make(map[string]Counter, len(*in))
+		for key, val := range *in {
+			(*out)[key] = *val.DeepCopy()
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceCounterConsumption.
+func (in *DeviceCounterConsumption) DeepCopy() *DeviceCounterConsumption {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceCounterConsumption)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceRequest) DeepCopyInto(out *DeviceRequest) {
+	*out = *in
+	if in.Exactly != nil {
+		in, out := &in.Exactly, &out.Exactly
+		*out = new(ExactDeviceRequest)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.FirstAvailable != nil {
+		in, out := &in.FirstAvailable, &out.FirstAvailable
+		*out = make([]DeviceSubRequest, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceRequest.
+func (in *DeviceRequest) DeepCopy() *DeviceRequest {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceRequest)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceRequestAllocationResult) DeepCopyInto(out *DeviceRequestAllocationResult) {
+	*out = *in
+	if in.AdminAccess != nil {
+		in, out := &in.AdminAccess, &out.AdminAccess
+		*out = new(bool)
+		**out = **in
+	}
+	if in.Tolerations != nil {
+		in, out := &in.Tolerations, &out.Tolerations
+		*out = make([]DeviceToleration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceRequestAllocationResult.
+func (in *DeviceRequestAllocationResult) DeepCopy() *DeviceRequestAllocationResult {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceRequestAllocationResult)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceSelector) DeepCopyInto(out *DeviceSelector) {
+	*out = *in
+	if in.CEL != nil {
+		in, out := &in.CEL, &out.CEL
+		*out = new(CELDeviceSelector)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSelector.
+func (in *DeviceSelector) DeepCopy() *DeviceSelector {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceSelector)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceSubRequest) DeepCopyInto(out *DeviceSubRequest) {
+	*out = *in
+	if in.Selectors != nil {
+		in, out := &in.Selectors, &out.Selectors
+		*out = make([]DeviceSelector, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.Tolerations != nil {
+		in, out := &in.Tolerations, &out.Tolerations
+		*out = make([]DeviceToleration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceSubRequest.
+func (in *DeviceSubRequest) DeepCopy() *DeviceSubRequest {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceSubRequest)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceTaint) DeepCopyInto(out *DeviceTaint) {
+	*out = *in
+	if in.TimeAdded != nil {
+		in, out := &in.TimeAdded, &out.TimeAdded
+		*out = (*in).DeepCopy()
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceTaint.
+func (in *DeviceTaint) DeepCopy() *DeviceTaint {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceTaint)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeviceToleration) DeepCopyInto(out *DeviceToleration) {
+	*out = *in
+	if in.TolerationSeconds != nil {
+		in, out := &in.TolerationSeconds, &out.TolerationSeconds
+		*out = new(int64)
+		**out = **in
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeviceToleration.
+func (in *DeviceToleration) DeepCopy() *DeviceToleration {
+	if in == nil {
+		return nil
+	}
+	out := new(DeviceToleration)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExactDeviceRequest) DeepCopyInto(out *ExactDeviceRequest) {
+	*out = *in
+	if in.Selectors != nil {
+		in, out := &in.Selectors, &out.Selectors
+		*out = make([]DeviceSelector, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.AdminAccess != nil {
+		in, out := &in.AdminAccess, &out.AdminAccess
+		*out = new(bool)
+		**out = **in
+	}
+	if in.Tolerations != nil {
+		in, out := &in.Tolerations, &out.Tolerations
+		*out = make([]DeviceToleration, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExactDeviceRequest.
+func (in *ExactDeviceRequest) DeepCopy() *ExactDeviceRequest {
+	if in == nil {
+		return nil
+	}
+	out := new(ExactDeviceRequest)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *NetworkDeviceData) DeepCopyInto(out *NetworkDeviceData) {
+	*out = *in
+	if in.IPs != nil {
+		in, out := &in.IPs, &out.IPs
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkDeviceData.
+func (in *NetworkDeviceData) DeepCopy() *NetworkDeviceData {
+	if in == nil {
+		return nil
+	}
+	out := new(NetworkDeviceData)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *OpaqueDeviceConfiguration) DeepCopyInto(out *OpaqueDeviceConfiguration) {
+	*out = *in
+	in.Parameters.DeepCopyInto(&out.Parameters)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpaqueDeviceConfiguration.
+func (in *OpaqueDeviceConfiguration) DeepCopy() *OpaqueDeviceConfiguration {
+	if in == nil {
+		return nil
+	}
+	out := new(OpaqueDeviceConfiguration)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceClaim) DeepCopyInto(out *ResourceClaim) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceClaim.
+func (in *ResourceClaim) DeepCopy() *ResourceClaim {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceClaim)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ResourceClaim) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceClaimConsumerReference) DeepCopyInto(out *ResourceClaimConsumerReference) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceClaimConsumerReference.
+func (in *ResourceClaimConsumerReference) DeepCopy() *ResourceClaimConsumerReference {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceClaimConsumerReference)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceClaimList) DeepCopyInto(out *ResourceClaimList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]ResourceClaim, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceClaimList.
+func (in *ResourceClaimList) DeepCopy() *ResourceClaimList {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceClaimList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ResourceClaimList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceClaimSpec) DeepCopyInto(out *ResourceClaimSpec) {
+	*out = *in
+	in.Devices.DeepCopyInto(&out.Devices)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceClaimSpec.
+func (in *ResourceClaimSpec) DeepCopy() *ResourceClaimSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceClaimSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceClaimStatus) DeepCopyInto(out *ResourceClaimStatus) {
+	*out = *in
+	if in.Allocation != nil {
+		in, out := &in.Allocation, &out.Allocation
+		*out = new(AllocationResult)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.ReservedFor != nil {
+		in, out := &in.ReservedFor, &out.ReservedFor
+		*out = make([]ResourceClaimConsumerReference, len(*in))
+		copy(*out, *in)
+	}
+	if in.Devices != nil {
+		in, out := &in.Devices, &out.Devices
+		*out = make([]AllocatedDeviceStatus, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceClaimStatus.
+func (in *ResourceClaimStatus) DeepCopy() *ResourceClaimStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceClaimStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceClaimTemplate) DeepCopyInto(out *ResourceClaimTemplate) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceClaimTemplate.
+func (in *ResourceClaimTemplate) DeepCopy() *ResourceClaimTemplate {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceClaimTemplate)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ResourceClaimTemplate) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceClaimTemplateList) DeepCopyInto(out *ResourceClaimTemplateList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]ResourceClaimTemplate, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceClaimTemplateList.
+func (in *ResourceClaimTemplateList) DeepCopy() *ResourceClaimTemplateList {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceClaimTemplateList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ResourceClaimTemplateList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceClaimTemplateSpec) DeepCopyInto(out *ResourceClaimTemplateSpec) {
+	*out = *in
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceClaimTemplateSpec.
+func (in *ResourceClaimTemplateSpec) DeepCopy() *ResourceClaimTemplateSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceClaimTemplateSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourcePool) DeepCopyInto(out *ResourcePool) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourcePool.
+func (in *ResourcePool) DeepCopy() *ResourcePool {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourcePool)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceSlice) DeepCopyInto(out *ResourceSlice) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceSlice.
+func (in *ResourceSlice) DeepCopy() *ResourceSlice {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceSlice)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ResourceSlice) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceSliceList) DeepCopyInto(out *ResourceSliceList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]ResourceSlice, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceSliceList.
+func (in *ResourceSliceList) DeepCopy() *ResourceSliceList {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceSliceList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ResourceSliceList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceSliceSpec) DeepCopyInto(out *ResourceSliceSpec) {
+	*out = *in
+	out.Pool = in.Pool
+	if in.NodeName != nil {
+		in, out := &in.NodeName, &out.NodeName
+		*out = new(string)
+		**out = **in
+	}
+	if in.NodeSelector != nil {
+		in, out := &in.NodeSelector, &out.NodeSelector
+		*out = new(corev1.NodeSelector)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.AllNodes != nil {
+		in, out := &in.AllNodes, &out.AllNodes
+		*out = new(bool)
+		**out = **in
+	}
+	if in.Devices != nil {
+		in, out := &in.Devices, &out.Devices
+		*out = make([]Device, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.PerDeviceNodeSelection != nil {
+		in, out := &in.PerDeviceNodeSelection, &out.PerDeviceNodeSelection
+		*out = new(bool)
+		**out = **in
+	}
+	if in.SharedCounters != nil {
+		in, out := &in.SharedCounters, &out.SharedCounters
+		*out = make([]CounterSet, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceSliceSpec.
+func (in *ResourceSliceSpec) DeepCopy() *ResourceSliceSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(ResourceSliceSpec)
+	in.DeepCopyInto(out)
+	return out
+}
diff --git a/vendor/k8s.io/api/resource/v1beta2/zz_generated.prerelease-lifecycle.go b/vendor/k8s.io/api/resource/v1beta2/zz_generated.prerelease-lifecycle.go
new file mode 100644
index 0000000000..898b1aed35
--- /dev/null
+++ b/vendor/k8s.io/api/resource/v1beta2/zz_generated.prerelease-lifecycle.go
@@ -0,0 +1,166 @@
+//go:build !ignore_autogenerated
+// +build !ignore_autogenerated
+
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by prerelease-lifecycle-gen. DO NOT EDIT.
+
+package v1beta2
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *DeviceClass) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *DeviceClass) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *DeviceClass) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *DeviceClassList) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *DeviceClassList) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *DeviceClassList) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *ResourceClaim) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *ResourceClaim) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *ResourceClaim) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *ResourceClaimList) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *ResourceClaimList) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *ResourceClaimList) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *ResourceClaimTemplate) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *ResourceClaimTemplate) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *ResourceClaimTemplate) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *ResourceClaimTemplateList) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *ResourceClaimTemplateList) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *ResourceClaimTemplateList) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *ResourceSlice) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *ResourceSlice) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *ResourceSlice) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
+
+// APILifecycleIntroduced is an autogenerated function, returning the release in which the API struct was introduced as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:introduced" tags in types.go.
+func (in *ResourceSliceList) APILifecycleIntroduced() (major, minor int) {
+	return 1, 33
+}
+
+// APILifecycleDeprecated is an autogenerated function, returning the release in which the API struct was or will be deprecated as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:deprecated" tags in types.go or  "k8s:prerelease-lifecycle-gen:introduced" plus three minor.
+func (in *ResourceSliceList) APILifecycleDeprecated() (major, minor int) {
+	return 1, 36
+}
+
+// APILifecycleRemoved is an autogenerated function, returning the release in which the API is no longer served as int versions of major and minor for comparison.
+// It is controlled by "k8s:prerelease-lifecycle-gen:removed" tags in types.go or  "k8s:prerelease-lifecycle-gen:deprecated" plus three minor.
+func (in *ResourceSliceList) APILifecycleRemoved() (major, minor int) {
+	return 1, 39
+}
diff --git a/vendor/k8s.io/api/scheduling/v1/doc.go b/vendor/k8s.io/api/scheduling/v1/doc.go
index ee3c668471..c587bee9ea 100644
--- a/vendor/k8s.io/api/scheduling/v1/doc.go
+++ b/vendor/k8s.io/api/scheduling/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=scheduling.k8s.io
 
-package v1 // import "k8s.io/api/scheduling/v1"
+package v1
diff --git a/vendor/k8s.io/api/scheduling/v1alpha1/doc.go b/vendor/k8s.io/api/scheduling/v1alpha1/doc.go
index cff47e1f4a..476ab6f66c 100644
--- a/vendor/k8s.io/api/scheduling/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/scheduling/v1alpha1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 
 // +groupName=scheduling.k8s.io
 
-package v1alpha1 // import "k8s.io/api/scheduling/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/api/scheduling/v1beta1/doc.go b/vendor/k8s.io/api/scheduling/v1beta1/doc.go
index 152d241fbd..1bc3610611 100644
--- a/vendor/k8s.io/api/scheduling/v1beta1/doc.go
+++ b/vendor/k8s.io/api/scheduling/v1beta1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=scheduling.k8s.io
 
-package v1beta1 // import "k8s.io/api/scheduling/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/storage/v1/doc.go b/vendor/k8s.io/api/storage/v1/doc.go
index e2310dac23..162a99522e 100644
--- a/vendor/k8s.io/api/storage/v1/doc.go
+++ b/vendor/k8s.io/api/storage/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1 // import "k8s.io/api/storage/v1"
+package v1
diff --git a/vendor/k8s.io/api/storage/v1/generated.pb.go b/vendor/k8s.io/api/storage/v1/generated.pb.go
index 11c8c97c24..b6624d0650 100644
--- a/vendor/k8s.io/api/storage/v1/generated.pb.go
+++ b/vendor/k8s.io/api/storage/v1/generated.pb.go
@@ -609,111 +609,114 @@ func init() {
 }
 
 var fileDescriptor_662262cc70094b41 = []byte{
-	// 1655 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x58, 0xbd, 0x6f, 0x1b, 0xc9,
-	0x15, 0xd7, 0x8a, 0xd4, 0xd7, 0x50, 0xb2, 0xa4, 0x91, 0xe4, 0x30, 0x2a, 0x48, 0x61, 0xed, 0x24,
-	0xb2, 0x13, 0x2f, 0x6d, 0xd9, 0x31, 0x0c, 0x07, 0x2e, 0xb4, 0x12, 0x1d, 0x0b, 0x11, 0x25, 0x65,
-	0xa8, 0x18, 0x46, 0x90, 0x04, 0x1e, 0xed, 0x8e, 0xa8, 0xb1, 0xb8, 0x1f, 0xde, 0x19, 0x2a, 0x62,
-	0xaa, 0xa4, 0x49, 0x17, 0x20, 0x69, 0xf3, 0x57, 0x24, 0x40, 0xd2, 0x5c, 0x79, 0xc5, 0xc1, 0xd7,
-	0x19, 0x57, 0xb9, 0x22, 0xce, 0xbc, 0xfa, 0xae, 0xbc, 0x42, 0xd5, 0x61, 0x66, 0x87, 0xdc, 0x0f,
-	0x2e, 0x65, 0xa9, 0x61, 0xc7, 0x99, 0xf7, 0xde, 0xef, 0xbd, 0x99, 0xf7, 0xde, 0x6f, 0xde, 0x12,
-	0xfc, 0xe4, 0xf4, 0x09, 0x33, 0xa8, 0x57, 0xc1, 0x3e, 0xad, 0x30, 0xee, 0x05, 0xb8, 0x41, 0x2a,
-	0x67, 0x0f, 0x2a, 0x0d, 0xe2, 0x92, 0x00, 0x73, 0x62, 0x1b, 0x7e, 0xe0, 0x71, 0x0f, 0xae, 0x84,
-	0x6a, 0x06, 0xf6, 0xa9, 0xa1, 0xd4, 0x8c, 0xb3, 0x07, 0xab, 0xf7, 0x1a, 0x94, 0x9f, 0xb4, 0x8e,
-	0x0c, 0xcb, 0x73, 0x2a, 0x0d, 0xaf, 0xe1, 0x55, 0xa4, 0xf6, 0x51, 0xeb, 0x58, 0xae, 0xe4, 0x42,
-	0xfe, 0x0a, 0x51, 0x56, 0xf5, 0x98, 0x33, 0xcb, 0x0b, 0xb2, 0x3c, 0xad, 0x3e, 0x8a, 0x74, 0x1c,
-	0x6c, 0x9d, 0x50, 0x97, 0x04, 0xed, 0x8a, 0x7f, 0xda, 0x90, 0x46, 0x01, 0x61, 0x5e, 0x2b, 0xb0,
-	0xc8, 0xb5, 0xac, 0x58, 0xc5, 0x21, 0x1c, 0x67, 0xf9, 0xaa, 0x0c, 0xb3, 0x0a, 0x5a, 0x2e, 0xa7,
-	0xce, 0xa0, 0x9b, 0xc7, 0x9f, 0x32, 0x60, 0xd6, 0x09, 0x71, 0x70, 0xda, 0x4e, 0xff, 0xbf, 0x06,
-	0x66, 0xb6, 0xea, 0x3b, 0xdb, 0x01, 0x3d, 0x23, 0x01, 0x7c, 0x0d, 0xa6, 0x45, 0x44, 0x36, 0xe6,
-	0xb8, 0xa8, 0xad, 0x69, 0xeb, 0x85, 0x8d, 0xfb, 0x46, 0x74, 0xbf, 0x7d, 0x60, 0xc3, 0x3f, 0x6d,
-	0x88, 0x0d, 0x66, 0x08, 0x6d, 0xe3, 0xec, 0x81, 0xb1, 0x7f, 0xf4, 0x86, 0x58, 0xbc, 0x46, 0x38,
-	0x36, 0xe1, 0xbb, 0x4e, 0x79, 0xac, 0xdb, 0x29, 0x83, 0x68, 0x0f, 0xf5, 0x51, 0xe1, 0x73, 0x90,
-	0x67, 0x3e, 0xb1, 0x8a, 0xe3, 0x12, 0xfd, 0xb6, 0x91, 0x99, 0x3d, 0xa3, 0x1f, 0x51, 0xdd, 0x27,
-	0x96, 0x39, 0xab, 0x10, 0xf3, 0x62, 0x85, 0xa4, 0xbd, 0xfe, 0x3f, 0x0d, 0xcc, 0xf5, 0xb5, 0x76,
-	0x29, 0xe3, 0xf0, 0x0f, 0x03, 0xb1, 0x1b, 0x57, 0x8b, 0x5d, 0x58, 0xcb, 0xc8, 0x17, 0x94, 0x9f,
-	0xe9, 0xde, 0x4e, 0x2c, 0xee, 0x2a, 0x98, 0xa0, 0x9c, 0x38, 0xac, 0x38, 0xbe, 0x96, 0x5b, 0x2f,
-	0x6c, 0xac, 0x7d, 0x2a, 0x70, 0x73, 0x4e, 0x81, 0x4d, 0xec, 0x08, 0x33, 0x14, 0x5a, 0xeb, 0x5f,
-	0xe5, 0x63, 0x61, 0x8b, 0xe3, 0xc0, 0xa7, 0xe0, 0x06, 0xe6, 0x1c, 0x5b, 0x27, 0x88, 0xbc, 0x6d,
-	0xd1, 0x80, 0xd8, 0x32, 0xf8, 0x69, 0x13, 0x76, 0x3b, 0xe5, 0x1b, 0x9b, 0x09, 0x09, 0x4a, 0x69,
-	0x0a, 0x5b, 0xdf, 0xb3, 0x77, 0xdc, 0x63, 0x6f, 0xdf, 0xad, 0x79, 0x2d, 0x97, 0xcb, 0x6b, 0x55,
-	0xb6, 0x07, 0x09, 0x09, 0x4a, 0x69, 0x42, 0x0b, 0x2c, 0x9f, 0x79, 0xcd, 0x96, 0x43, 0x76, 0xe9,
-	0x31, 0xb1, 0xda, 0x56, 0x93, 0xd4, 0x3c, 0x9b, 0xb0, 0x62, 0x6e, 0x2d, 0xb7, 0x3e, 0x63, 0x56,
-	0xba, 0x9d, 0xf2, 0xf2, 0xcb, 0x0c, 0xf9, 0x45, 0xa7, 0xbc, 0x94, 0xb1, 0x8f, 0x32, 0xc1, 0xe0,
-	0x33, 0x30, 0xaf, 0x2e, 0x67, 0x0b, 0xfb, 0xd8, 0xa2, 0xbc, 0x5d, 0xcc, 0xcb, 0x08, 0x97, 0xba,
-	0x9d, 0xf2, 0x7c, 0x3d, 0x29, 0x42, 0x69, 0x5d, 0xf8, 0x02, 0xcc, 0x1d, 0xb3, 0x5f, 0x07, 0x5e,
-	0xcb, 0x3f, 0xf0, 0x9a, 0xd4, 0x6a, 0x17, 0x27, 0xd6, 0xb4, 0xf5, 0x19, 0x53, 0xef, 0x76, 0xca,
-	0x73, 0xcf, 0xeb, 0x31, 0xc1, 0x45, 0x7a, 0x03, 0x25, 0x0d, 0xe1, 0x6b, 0x30, 0xc7, 0xbd, 0x53,
-	0xe2, 0x8a, 0xab, 0x23, 0x8c, 0xb3, 0xe2, 0xa4, 0x4c, 0xe3, 0xad, 0x21, 0x69, 0x3c, 0x8c, 0xe9,
-	0x9a, 0x2b, 0x2a, 0x93, 0x73, 0xf1, 0x5d, 0x86, 0x92, 0x80, 0x70, 0x0b, 0x2c, 0x06, 0x61, 0x5e,
-	0x18, 0x22, 0x7e, 0xeb, 0xa8, 0x49, 0xd9, 0x49, 0x71, 0x4a, 0x1e, 0x76, 0xa5, 0xdb, 0x29, 0x2f,
-	0xa2, 0xb4, 0x10, 0x0d, 0xea, 0xc3, 0x47, 0x60, 0x96, 0x91, 0x5d, 0xea, 0xb6, 0xce, 0xc3, 0x74,
-	0x4e, 0x4b, 0xfb, 0x85, 0x6e, 0xa7, 0x3c, 0x5b, 0xaf, 0x46, 0xfb, 0x28, 0xa1, 0xa5, 0xff, 0x57,
-	0x03, 0x53, 0x5b, 0xf5, 0x9d, 0x3d, 0xcf, 0x26, 0x23, 0xe8, 0xe0, 0xed, 0x44, 0x07, 0xeb, 0xc3,
-	0x1b, 0x41, 0xc4, 0x33, 0xb4, 0x7f, 0xbf, 0x0b, 0xfb, 0x57, 0xe8, 0x28, 0xee, 0x59, 0x03, 0x79,
-	0x17, 0x3b, 0x44, 0x46, 0x3d, 0x13, 0xd9, 0xec, 0x61, 0x87, 0x20, 0x29, 0x81, 0x3f, 0x05, 0x93,
-	0xae, 0x67, 0x93, 0x9d, 0x6d, 0xe9, 0x7b, 0xc6, 0xbc, 0xa1, 0x74, 0x26, 0xf7, 0xe4, 0x2e, 0x52,
-	0x52, 0x71, 0x8b, 0xdc, 0xf3, 0xbd, 0xa6, 0xd7, 0x68, 0xff, 0x86, 0xb4, 0x7b, 0x25, 0x2d, 0x6f,
-	0xf1, 0x30, 0xb6, 0x8f, 0x12, 0x5a, 0xf0, 0x8f, 0xa0, 0x80, 0x9b, 0x4d, 0xcf, 0xc2, 0x1c, 0x1f,
-	0x35, 0x89, 0xac, 0xd3, 0xc2, 0xc6, 0xdd, 0x21, 0xc7, 0x0b, 0x5b, 0x40, 0xf8, 0x45, 0x8a, 0xf8,
-	0x99, 0x39, 0xdf, 0xed, 0x94, 0x0b, 0x9b, 0x11, 0x04, 0x8a, 0xe3, 0xe9, 0xff, 0xd1, 0x40, 0x41,
-	0x1d, 0x78, 0x04, 0x74, 0xb5, 0x95, 0xa4, 0xab, 0xd2, 0xe5, 0x59, 0x1a, 0x42, 0x56, 0x7f, 0xea,
-	0x47, 0x2c, 0x99, 0x6a, 0x1f, 0x4c, 0xd9, 0x32, 0x55, 0xac, 0xa8, 0x49, 0xd4, 0xdb, 0x97, 0xa3,
-	0x2a, 0x22, 0x9c, 0x57, 0xd8, 0x53, 0xe1, 0x9a, 0xa1, 0x1e, 0x8a, 0xfe, 0x7d, 0x0e, 0xc0, 0xad,
-	0xfa, 0x4e, 0x8a, 0x06, 0x46, 0x50, 0xc2, 0x14, 0xcc, 0x8a, 0x52, 0xe9, 0x15, 0x83, 0x2a, 0xe5,
-	0x87, 0x57, 0xbc, 0x7f, 0x7c, 0x44, 0x9a, 0x75, 0xd2, 0x24, 0x16, 0xf7, 0x82, 0xb0, 0xaa, 0xf6,
-	0x62, 0x60, 0x28, 0x01, 0x0d, 0xb7, 0xc1, 0x42, 0x8f, 0xd5, 0x9a, 0x98, 0x31, 0x51, 0xcd, 0xc5,
-	0x9c, 0xac, 0xde, 0xa2, 0x0a, 0x71, 0xa1, 0x9e, 0x92, 0xa3, 0x01, 0x0b, 0xf8, 0x0a, 0x4c, 0x5b,
-	0x71, 0x02, 0xfd, 0x44, 0xb1, 0x18, 0xbd, 0x69, 0xc4, 0xf8, 0x6d, 0x0b, 0xbb, 0x9c, 0xf2, 0xb6,
-	0x39, 0x2b, 0x0a, 0xa5, 0xcf, 0xb4, 0x7d, 0x34, 0xc8, 0xc0, 0xa2, 0x83, 0xcf, 0xa9, 0xd3, 0x72,
-	0xc2, 0x92, 0xae, 0xd3, 0xbf, 0x10, 0x49, 0xb3, 0xd7, 0x77, 0x21, 0x69, 0xae, 0x96, 0x06, 0x43,
-	0x83, 0xf8, 0xfa, 0x17, 0x1a, 0xb8, 0x39, 0x98, 0xf8, 0x11, 0xb4, 0xc5, 0x5e, 0xb2, 0x2d, 0xee,
-	0x0c, 0x2f, 0xe0, 0x54, 0x6c, 0x43, 0x3a, 0xe4, 0x1f, 0x93, 0x60, 0x36, 0x9e, 0xbe, 0x11, 0xd4,
-	0xee, 0x2f, 0x41, 0xc1, 0x0f, 0xbc, 0x33, 0xca, 0xa8, 0xe7, 0x92, 0x40, 0x31, 0xe1, 0x92, 0x32,
-	0x29, 0x1c, 0x44, 0x22, 0x14, 0xd7, 0x83, 0x0d, 0x00, 0x7c, 0x1c, 0x60, 0x87, 0x70, 0xd1, 0xbf,
-	0x39, 0x79, 0xfc, 0x87, 0x43, 0x8e, 0x1f, 0x3f, 0x91, 0x71, 0xd0, 0xb7, 0xaa, 0xba, 0x3c, 0x68,
-	0x47, 0xd1, 0x45, 0x02, 0x14, 0x83, 0x86, 0xa7, 0x60, 0x2e, 0x20, 0x56, 0x13, 0x53, 0x47, 0xbd,
-	0xd9, 0x79, 0x19, 0x61, 0x55, 0x3c, 0xa0, 0x28, 0x2e, 0xb8, 0xe8, 0x94, 0xef, 0x0f, 0x4e, 0xdd,
-	0xc6, 0x01, 0x09, 0x18, 0x65, 0x9c, 0xb8, 0x3c, 0x2c, 0x98, 0x84, 0x0d, 0x4a, 0x62, 0x0b, 0xa6,
-	0x77, 0xc4, 0x13, 0xb8, 0xef, 0x73, 0xea, 0xb9, 0xac, 0x38, 0x11, 0x31, 0x7d, 0x2d, 0xb6, 0x8f,
-	0x12, 0x5a, 0x70, 0x17, 0x2c, 0x0b, 0x66, 0xfe, 0x73, 0xe8, 0xa0, 0x7a, 0xee, 0x63, 0x57, 0xdc,
-	0x52, 0x71, 0x52, 0xbe, 0xb6, 0x45, 0x31, 0xfa, 0x6c, 0x66, 0xc8, 0x51, 0xa6, 0x15, 0x7c, 0x05,
-	0x16, 0xc3, 0xd9, 0xc7, 0xa4, 0xae, 0x4d, 0xdd, 0x86, 0x98, 0x7c, 0xe4, 0xc3, 0x3f, 0x63, 0xde,
-	0x15, 0x1d, 0xf1, 0x32, 0x2d, 0xbc, 0xc8, 0xda, 0x44, 0x83, 0x20, 0xf0, 0x2d, 0x58, 0x94, 0x1e,
-	0x89, 0xad, 0xe8, 0x84, 0x12, 0x56, 0x9c, 0x96, 0xa9, 0x5b, 0x8f, 0xa7, 0x4e, 0x5c, 0x5d, 0x38,
-	0xb5, 0x84, 0xa4, 0xd3, 0x23, 0xa7, 0x43, 0x12, 0x38, 0xe6, 0x8f, 0x55, 0xbe, 0x16, 0x37, 0xd3,
-	0x50, 0x68, 0x10, 0x7d, 0xf5, 0x19, 0x98, 0x4f, 0x25, 0x1c, 0x2e, 0x80, 0xdc, 0x29, 0x69, 0x87,
-	0xcf, 0x32, 0x12, 0x3f, 0xe1, 0x32, 0x98, 0x38, 0xc3, 0xcd, 0x16, 0x09, 0x8b, 0x0f, 0x85, 0x8b,
-	0xa7, 0xe3, 0x4f, 0x34, 0xfd, 0x33, 0x0d, 0x24, 0xe8, 0x6c, 0x04, 0x2d, 0xfd, 0x22, 0xd9, 0xd2,
-	0xb7, 0xae, 0x50, 0xd3, 0x43, 0x9a, 0xf9, 0x6f, 0x1a, 0x98, 0x8d, 0x8f, 0x78, 0xf0, 0x17, 0x60,
-	0x1a, 0xb7, 0x6c, 0x4a, 0x5c, 0xab, 0x37, 0x95, 0xf4, 0x03, 0xd9, 0x54, 0xfb, 0xa8, 0xaf, 0x21,
-	0x06, 0x40, 0x72, 0xee, 0xd3, 0x00, 0x8b, 0x22, 0xab, 0x13, 0xcb, 0x73, 0x6d, 0x26, 0x6f, 0x28,
-	0x17, 0x32, 0x63, 0x35, 0x2d, 0x44, 0x83, 0xfa, 0xfa, 0xbf, 0xc7, 0xc1, 0x42, 0x58, 0x1b, 0xe1,
-	0xe8, 0xef, 0x10, 0x97, 0x8f, 0x80, 0x54, 0x6a, 0x89, 0x99, 0xee, 0xe7, 0x97, 0x0e, 0x3d, 0x51,
-	0x60, 0xc3, 0x86, 0x3b, 0xf8, 0x3b, 0x30, 0xc9, 0x38, 0xe6, 0x2d, 0x26, 0x9f, 0xba, 0xc2, 0xc6,
-	0xbd, 0xab, 0x02, 0x4a, 0xa3, 0x68, 0xae, 0x0b, 0xd7, 0x48, 0x81, 0xe9, 0x9f, 0x6b, 0x60, 0x39,
-	0x6d, 0x32, 0x82, 0x0a, 0xdb, 0x4d, 0x56, 0xd8, 0xcf, 0xae, 0x78, 0x98, 0x61, 0x5f, 0x80, 0x1a,
-	0xb8, 0x39, 0x70, 0x6e, 0xf9, 0x92, 0x0a, 0x5e, 0xf2, 0x53, 0xec, 0xb7, 0x17, 0x4d, 0xc4, 0x92,
-	0x97, 0x0e, 0x32, 0xe4, 0x28, 0xd3, 0x0a, 0xbe, 0x01, 0x0b, 0xd4, 0x6d, 0x52, 0x97, 0xa8, 0x87,
-	0x37, 0xca, 0x6f, 0x26, 0x79, 0xa4, 0x91, 0x65, 0x72, 0x97, 0xc5, 0x7c, 0xb2, 0x93, 0x42, 0x41,
-	0x03, 0xb8, 0xfa, 0x97, 0x19, 0x99, 0x91, 0x33, 0xa3, 0x68, 0x21, 0xb9, 0x43, 0x82, 0x81, 0x16,
-	0x52, 0xfb, 0xa8, 0xaf, 0x21, 0xeb, 0x46, 0x5e, 0x85, 0x0a, 0xf4, 0xca, 0x75, 0x23, 0x8d, 0x62,
-	0x75, 0x23, 0xd7, 0x48, 0x81, 0x89, 0x20, 0xc4, 0x4c, 0x16, 0x9b, 0xbd, 0xfa, 0x41, 0xec, 0xa9,
-	0x7d, 0xd4, 0xd7, 0xd0, 0xbf, 0xcd, 0x65, 0x24, 0x48, 0x16, 0x60, 0xec, 0x34, 0xbd, 0xaf, 0xf4,
-	0xf4, 0x69, 0xec, 0xfe, 0x69, 0x6c, 0xf8, 0x2f, 0x0d, 0x40, 0xdc, 0x87, 0xa8, 0xf5, 0x0a, 0x34,
-	0xac, 0xa2, 0xea, 0xb5, 0x5a, 0xc2, 0xd8, 0x1c, 0xc0, 0x09, 0x5f, 0xe3, 0x55, 0xe5, 0x1f, 0x0e,
-	0x2a, 0xa0, 0x0c, 0xe7, 0xd0, 0x06, 0x85, 0x70, 0xb7, 0x1a, 0x04, 0x5e, 0xa0, 0xda, 0x53, 0xbf,
-	0x34, 0x16, 0xa9, 0x69, 0x96, 0xe4, 0xc7, 0x4d, 0x64, 0x7a, 0xd1, 0x29, 0x17, 0x62, 0x72, 0x14,
-	0x87, 0x15, 0x5e, 0x6c, 0x12, 0x79, 0xc9, 0x5f, 0xcf, 0xcb, 0x36, 0x19, 0xee, 0x25, 0x06, 0xbb,
-	0x5a, 0x05, 0x3f, 0x1a, 0x72, 0x2d, 0xd7, 0x7a, 0xb3, 0xfe, 0xae, 0x81, 0xb8, 0x0f, 0xb8, 0x0b,
-	0xf2, 0x9c, 0xaa, 0xae, 0x4b, 0x7e, 0x00, 0x5e, 0x42, 0x24, 0x87, 0xd4, 0x21, 0x11, 0x15, 0x8a,
-	0x15, 0x92, 0x28, 0xf0, 0x0e, 0x98, 0x72, 0x08, 0x63, 0xb8, 0xa1, 0x3c, 0x47, 0x9f, 0x43, 0xb5,
-	0x70, 0x1b, 0xf5, 0xe4, 0xfa, 0x63, 0xb0, 0x94, 0xf1, 0x59, 0x09, 0xcb, 0x60, 0xc2, 0x92, 0x7f,
-	0x06, 0x88, 0x80, 0x26, 0xcc, 0x19, 0xc1, 0x28, 0x5b, 0xf2, 0x5f, 0x80, 0x70, 0xdf, 0xfc, 0xd5,
-	0xbb, 0x8f, 0xa5, 0xb1, 0xf7, 0x1f, 0x4b, 0x63, 0x1f, 0x3e, 0x96, 0xc6, 0xfe, 0xda, 0x2d, 0x69,
-	0xef, 0xba, 0x25, 0xed, 0x7d, 0xb7, 0xa4, 0x7d, 0xe8, 0x96, 0xb4, 0xaf, 0xbb, 0x25, 0xed, 0x9f,
-	0xdf, 0x94, 0xc6, 0x7e, 0xbf, 0x92, 0xf9, 0x77, 0xea, 0x0f, 0x01, 0x00, 0x00, 0xff, 0xff, 0x7a,
-	0x55, 0x95, 0x9f, 0x66, 0x15, 0x00, 0x00,
+	// 1711 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x58, 0x4b, 0x73, 0x2b, 0x47,
+	0x15, 0xf6, 0x58, 0x96, 0x6d, 0xb5, 0xac, 0x6b, 0xbb, 0xaf, 0x1d, 0x06, 0x2f, 0x24, 0xd7, 0x24,
+	0x04, 0x27, 0x21, 0xa3, 0x5c, 0x27, 0xa4, 0x52, 0xa1, 0xb2, 0xf0, 0xc8, 0x0a, 0x71, 0x61, 0xd9,
+	0xa6, 0xe5, 0xa4, 0x52, 0x14, 0x50, 0x69, 0xcf, 0xb4, 0xe5, 0x8e, 0x35, 0x8f, 0x4c, 0xb7, 0x84,
+	0xc5, 0x0a, 0x7e, 0x00, 0x55, 0xb0, 0xe5, 0x57, 0x40, 0x01, 0x1b, 0x96, 0x2c, 0xa8, 0x0b, 0xab,
+	0x14, 0xab, 0xbb, 0x52, 0x71, 0xc5, 0x1a, 0x96, 0x2c, 0xbc, 0x4a, 0x75, 0x4f, 0x4b, 0xf3, 0xd0,
+	0xc8, 0x8f, 0x8d, 0x76, 0xea, 0xf3, 0xf8, 0xce, 0xe9, 0x3e, 0xa7, 0xbf, 0x3e, 0x23, 0xf0, 0x9d,
+	0xeb, 0x0f, 0x98, 0x49, 0xfd, 0x3a, 0x0e, 0x68, 0x9d, 0x71, 0x3f, 0xc4, 0x1d, 0x52, 0xef, 0x3f,
+	0xab, 0x77, 0x88, 0x47, 0x42, 0xcc, 0x89, 0x63, 0x06, 0xa1, 0xcf, 0x7d, 0xb8, 0x1d, 0x99, 0x99,
+	0x38, 0xa0, 0xa6, 0x32, 0x33, 0xfb, 0xcf, 0x76, 0xde, 0xee, 0x50, 0x7e, 0xd5, 0xbb, 0x30, 0x6d,
+	0xdf, 0xad, 0x77, 0xfc, 0x8e, 0x5f, 0x97, 0xd6, 0x17, 0xbd, 0x4b, 0xb9, 0x92, 0x0b, 0xf9, 0x2b,
+	0x42, 0xd9, 0x31, 0x12, 0xc1, 0x6c, 0x3f, 0xcc, 0x8b, 0xb4, 0xf3, 0x5e, 0x6c, 0xe3, 0x62, 0xfb,
+	0x8a, 0x7a, 0x24, 0x1c, 0xd4, 0x83, 0xeb, 0x8e, 0x74, 0x0a, 0x09, 0xf3, 0x7b, 0xa1, 0x4d, 0x1e,
+	0xe5, 0xc5, 0xea, 0x2e, 0xe1, 0x38, 0x2f, 0x56, 0x7d, 0x96, 0x57, 0xd8, 0xf3, 0x38, 0x75, 0xa7,
+	0xc3, 0xbc, 0x7f, 0x9f, 0x03, 0xb3, 0xaf, 0x88, 0x8b, 0xb3, 0x7e, 0xc6, 0x5f, 0x34, 0x50, 0x6a,
+	0xb4, 0x8f, 0x0e, 0x43, 0xda, 0x27, 0x21, 0xfc, 0x02, 0xac, 0x8a, 0x8c, 0x1c, 0xcc, 0xb1, 0xae,
+	0xed, 0x6a, 0x7b, 0xe5, 0xfd, 0x77, 0xcc, 0xf8, 0x7c, 0x27, 0xc0, 0x66, 0x70, 0xdd, 0x11, 0x02,
+	0x66, 0x0a, 0x6b, 0xb3, 0xff, 0xcc, 0x3c, 0xbd, 0xf8, 0x92, 0xd8, 0xbc, 0x45, 0x38, 0xb6, 0xe0,
+	0xf3, 0x61, 0x6d, 0x61, 0x34, 0xac, 0x81, 0x58, 0x86, 0x26, 0xa8, 0xf0, 0x63, 0xb0, 0xc4, 0x02,
+	0x62, 0xeb, 0x8b, 0x12, 0xfd, 0x35, 0x33, 0xb7, 0x7a, 0xe6, 0x24, 0xa3, 0x76, 0x40, 0x6c, 0x6b,
+	0x4d, 0x21, 0x2e, 0x89, 0x15, 0x92, 0xfe, 0xc6, 0x9f, 0x35, 0x50, 0x99, 0x58, 0x1d, 0x53, 0xc6,
+	0xe1, 0x4f, 0xa7, 0x72, 0x37, 0x1f, 0x96, 0xbb, 0xf0, 0x96, 0x99, 0x6f, 0xa8, 0x38, 0xab, 0x63,
+	0x49, 0x22, 0xef, 0x26, 0x28, 0x52, 0x4e, 0x5c, 0xa6, 0x2f, 0xee, 0x16, 0xf6, 0xca, 0xfb, 0xbb,
+	0xf7, 0x25, 0x6e, 0x55, 0x14, 0x58, 0xf1, 0x48, 0xb8, 0xa1, 0xc8, 0xdb, 0xf8, 0x67, 0x31, 0x91,
+	0xb6, 0xd8, 0x0e, 0xfc, 0x10, 0x3c, 0xc1, 0x9c, 0x63, 0xfb, 0x0a, 0x91, 0xaf, 0x7a, 0x34, 0x24,
+	0x8e, 0x4c, 0x7e, 0xd5, 0x82, 0xa3, 0x61, 0xed, 0xc9, 0x41, 0x4a, 0x83, 0x32, 0x96, 0xc2, 0x37,
+	0xf0, 0x9d, 0x23, 0xef, 0xd2, 0x3f, 0xf5, 0x5a, 0x7e, 0xcf, 0xe3, 0xf2, 0x58, 0x95, 0xef, 0x59,
+	0x4a, 0x83, 0x32, 0x96, 0xd0, 0x06, 0x5b, 0x7d, 0xbf, 0xdb, 0x73, 0xc9, 0x31, 0xbd, 0x24, 0xf6,
+	0xc0, 0xee, 0x92, 0x96, 0xef, 0x10, 0xa6, 0x17, 0x76, 0x0b, 0x7b, 0x25, 0xab, 0x3e, 0x1a, 0xd6,
+	0xb6, 0x3e, 0xcb, 0xd1, 0xdf, 0x0e, 0x6b, 0x4f, 0x73, 0xe4, 0x28, 0x17, 0x0c, 0x7e, 0x04, 0xd6,
+	0xd5, 0xe1, 0x34, 0x70, 0x80, 0x6d, 0xca, 0x07, 0xfa, 0x92, 0xcc, 0xf0, 0xe9, 0x68, 0x58, 0x5b,
+	0x6f, 0xa7, 0x55, 0x28, 0x6b, 0x0b, 0x3f, 0x01, 0x95, 0x4b, 0xf6, 0xc3, 0xd0, 0xef, 0x05, 0x67,
+	0x7e, 0x97, 0xda, 0x03, 0xbd, 0xb8, 0xab, 0xed, 0x95, 0x2c, 0x63, 0x34, 0xac, 0x55, 0x3e, 0x6e,
+	0x27, 0x14, 0xb7, 0x59, 0x01, 0x4a, 0x3b, 0xc2, 0x2f, 0x40, 0x85, 0xfb, 0xd7, 0xc4, 0x13, 0x47,
+	0x47, 0x18, 0x67, 0xfa, 0xb2, 0x2c, 0xe3, 0xab, 0x33, 0xca, 0x78, 0x9e, 0xb0, 0xb5, 0xb6, 0x55,
+	0x25, 0x2b, 0x49, 0x29, 0x43, 0x69, 0x40, 0xd8, 0x00, 0x9b, 0x61, 0x54, 0x17, 0x86, 0x48, 0xd0,
+	0xbb, 0xe8, 0x52, 0x76, 0xa5, 0xaf, 0xc8, 0xcd, 0x6e, 0x8f, 0x86, 0xb5, 0x4d, 0x94, 0x55, 0xa2,
+	0x69, 0x7b, 0xf8, 0x1e, 0x58, 0x63, 0xe4, 0x98, 0x7a, 0xbd, 0x9b, 0xa8, 0x9c, 0xab, 0xd2, 0x7f,
+	0x63, 0x34, 0xac, 0xad, 0xb5, 0x9b, 0xb1, 0x1c, 0xa5, 0xac, 0x60, 0x1f, 0x18, 0x9e, 0xef, 0x90,
+	0x83, 0x6e, 0xd7, 0xb7, 0x31, 0xc7, 0x17, 0x5d, 0xf2, 0x69, 0xe0, 0x60, 0x4e, 0xce, 0x48, 0x48,
+	0x7d, 0xa7, 0x4d, 0x6c, 0xdf, 0x73, 0x98, 0x5e, 0xda, 0xd5, 0xf6, 0x0a, 0xd6, 0xeb, 0xa3, 0x61,
+	0xcd, 0x38, 0xb9, 0xd7, 0x1a, 0x3d, 0x00, 0xd1, 0xf8, 0xa3, 0x06, 0x56, 0x1a, 0xed, 0x23, 0x81,
+	0x36, 0x07, 0xe6, 0x38, 0x4c, 0x31, 0x87, 0x31, 0xfb, 0x02, 0x8a, 0x7c, 0x66, 0xf2, 0xc6, 0xff,
+	0x22, 0xde, 0x10, 0x36, 0x8a, 0xf3, 0x76, 0xc1, 0x92, 0x87, 0x5d, 0x22, 0xb3, 0x2e, 0xc5, 0x3e,
+	0x27, 0xd8, 0x25, 0x48, 0x6a, 0xe0, 0xeb, 0x60, 0x59, 0x9c, 0xc6, 0xd1, 0xa1, 0x8c, 0x5d, 0xb2,
+	0x9e, 0x28, 0x9b, 0xe5, 0x13, 0x29, 0x45, 0x4a, 0x2b, 0xaa, 0xc7, 0xfd, 0xc0, 0xef, 0xfa, 0x9d,
+	0xc1, 0x8f, 0xc8, 0x60, 0x7c, 0x95, 0x64, 0xf5, 0xce, 0x13, 0x72, 0x94, 0xb2, 0x82, 0x3f, 0x03,
+	0x65, 0x1c, 0x9f, 0xb3, 0xbc, 0x1f, 0xe5, 0xfd, 0x37, 0x67, 0x6c, 0x2f, 0xba, 0x7a, 0x22, 0x2e,
+	0x52, 0x0f, 0x0e, 0xb3, 0xd6, 0x47, 0xc3, 0x5a, 0x39, 0x51, 0x2a, 0x94, 0xc4, 0x33, 0xfe, 0xa0,
+	0x81, 0xb2, 0xda, 0xf0, 0x1c, 0x68, 0xb2, 0x91, 0xa6, 0xc9, 0xea, 0xdd, 0x55, 0x9a, 0x41, 0x92,
+	0x3f, 0x9f, 0x64, 0x2c, 0x19, 0xf2, 0x14, 0xac, 0x38, 0xb2, 0x54, 0x4c, 0xd7, 0x24, 0xea, 0x6b,
+	0x77, 0xa3, 0x2a, 0x02, 0x5e, 0x57, 0xd8, 0x2b, 0xd1, 0x9a, 0xa1, 0x31, 0x8a, 0xf1, 0xff, 0x02,
+	0x80, 0x8d, 0xf6, 0x51, 0x86, 0x7e, 0xe6, 0xd0, 0xc2, 0x14, 0xac, 0x89, 0x56, 0x19, 0x37, 0x83,
+	0x6a, 0xe5, 0x77, 0x1f, 0x78, 0xfe, 0xf8, 0x82, 0x74, 0xdb, 0xa4, 0x4b, 0x6c, 0xee, 0x87, 0x51,
+	0x57, 0x9d, 0x24, 0xc0, 0x50, 0x0a, 0x1a, 0x1e, 0x82, 0x8d, 0x31, 0x9b, 0x76, 0x31, 0x63, 0xa2,
+	0x9b, 0xf5, 0x82, 0xec, 0x5e, 0x5d, 0xa5, 0xb8, 0xd1, 0xce, 0xe8, 0xd1, 0x94, 0x07, 0xfc, 0x1c,
+	0xac, 0xda, 0x49, 0xe2, 0xbe, 0xa7, 0x59, 0xcc, 0xf1, 0x14, 0x64, 0xfe, 0xb8, 0x87, 0x3d, 0x4e,
+	0xf9, 0xc0, 0x5a, 0x13, 0x8d, 0x32, 0x61, 0xf8, 0x09, 0x1a, 0x64, 0x60, 0xd3, 0xc5, 0x37, 0xd4,
+	0xed, 0xb9, 0x51, 0x4b, 0xb7, 0xe9, 0x2f, 0x89, 0xa4, 0xf7, 0xc7, 0x87, 0x90, 0xf4, 0xda, 0xca,
+	0x82, 0xa1, 0x69, 0x7c, 0xe3, 0xef, 0x1a, 0x78, 0x65, 0xba, 0xf0, 0x73, 0xb8, 0x16, 0x27, 0xe9,
+	0x6b, 0xf1, 0xc6, 0xec, 0x06, 0xce, 0xe4, 0x36, 0xe3, 0x86, 0xfc, 0x66, 0x19, 0xac, 0x25, 0xcb,
+	0x37, 0x87, 0xde, 0xfd, 0x3e, 0x28, 0x07, 0xa1, 0xdf, 0xa7, 0x8c, 0xfa, 0x1e, 0x09, 0x15, 0x13,
+	0x3e, 0x55, 0x2e, 0xe5, 0xb3, 0x58, 0x85, 0x92, 0x76, 0xb0, 0x03, 0x40, 0x80, 0x43, 0xec, 0x12,
+	0x2e, 0xee, 0x6f, 0x41, 0x6e, 0xff, 0xdd, 0x19, 0xdb, 0x4f, 0xee, 0xc8, 0x3c, 0x9b, 0x78, 0x35,
+	0x3d, 0x1e, 0x0e, 0xe2, 0xec, 0x62, 0x05, 0x4a, 0x40, 0xc3, 0x6b, 0x50, 0x09, 0x89, 0xdd, 0xc5,
+	0xd4, 0x55, 0xb3, 0xc2, 0x92, 0xcc, 0xb0, 0x29, 0x1e, 0x6e, 0x94, 0x54, 0xdc, 0x0e, 0x6b, 0xef,
+	0x4c, 0x4f, 0xfb, 0xe6, 0x19, 0x09, 0x19, 0x65, 0x9c, 0x78, 0x3c, 0x6a, 0x98, 0x94, 0x0f, 0x4a,
+	0x63, 0x0b, 0xa6, 0x77, 0xc5, 0xd3, 0x7b, 0x1a, 0x70, 0xea, 0x7b, 0x4c, 0x2f, 0xc6, 0x4c, 0xdf,
+	0x4a, 0xc8, 0x51, 0xca, 0x0a, 0x1e, 0x83, 0x2d, 0xc1, 0xcc, 0xbf, 0x88, 0x02, 0x34, 0x6f, 0x02,
+	0xec, 0x89, 0x53, 0xd2, 0x97, 0xe5, 0x2b, 0xaf, 0x8b, 0x91, 0xeb, 0x20, 0x47, 0x8f, 0x72, 0xbd,
+	0xe0, 0xe7, 0x60, 0x33, 0x9a, 0xb9, 0x2c, 0xea, 0x39, 0xd4, 0xeb, 0x88, 0x89, 0x4b, 0x0e, 0x1c,
+	0x25, 0xeb, 0x4d, 0x71, 0x23, 0x3e, 0xcb, 0x2a, 0x6f, 0xf3, 0x84, 0x68, 0x1a, 0x04, 0x7e, 0x05,
+	0x36, 0x65, 0x44, 0xe2, 0x28, 0x3a, 0xa1, 0x84, 0xe9, 0xab, 0xb2, 0x74, 0x7b, 0xc9, 0xd2, 0x89,
+	0xa3, 0x8b, 0xa6, 0xa5, 0x88, 0x74, 0xc6, 0xe4, 0x74, 0x4e, 0x42, 0xd7, 0xfa, 0xb6, 0xaa, 0xd7,
+	0xe6, 0x41, 0x16, 0x0a, 0x4d, 0xa3, 0xef, 0x7c, 0x04, 0xd6, 0x33, 0x05, 0x87, 0x1b, 0xa0, 0x70,
+	0x4d, 0x06, 0xd1, 0xb3, 0x8c, 0xc4, 0x4f, 0xb8, 0x05, 0x8a, 0x7d, 0xdc, 0xed, 0x91, 0xa8, 0xf9,
+	0x50, 0xb4, 0xf8, 0x70, 0xf1, 0x03, 0xcd, 0xf8, 0xab, 0x06, 0x52, 0x74, 0x36, 0x87, 0x2b, 0xfd,
+	0x49, 0xfa, 0x4a, 0xbf, 0xfa, 0x80, 0x9e, 0x9e, 0x71, 0x99, 0x7f, 0xad, 0x81, 0xb5, 0xe4, 0x68,
+	0x09, 0xbf, 0x07, 0x56, 0x71, 0xcf, 0xa1, 0xc4, 0xb3, 0xc7, 0x53, 0xc9, 0x24, 0x91, 0x03, 0x25,
+	0x47, 0x13, 0x0b, 0x31, 0x78, 0x92, 0x9b, 0x80, 0x86, 0x58, 0x34, 0xd9, 0x78, 0xd8, 0x5b, 0x94,
+	0xc3, 0x9e, 0x64, 0xc6, 0x66, 0x56, 0x89, 0xa6, 0xed, 0x8d, 0xdf, 0x2f, 0x82, 0x8d, 0xa8, 0x37,
+	0xa2, 0x4f, 0x0e, 0x97, 0x78, 0x7c, 0x0e, 0xa4, 0xd2, 0x4a, 0xcd, 0x74, 0x6f, 0xdd, 0x39, 0xf4,
+	0xc4, 0x89, 0xcd, 0x1a, 0xee, 0xe0, 0xa7, 0x60, 0x99, 0x71, 0xcc, 0x7b, 0x4c, 0x3e, 0x75, 0xe5,
+	0xfd, 0xb7, 0x1f, 0x0a, 0x28, 0x9d, 0xe2, 0xb9, 0x2e, 0x5a, 0x23, 0x05, 0x66, 0xfc, 0x4d, 0x03,
+	0x5b, 0x59, 0x97, 0x39, 0x74, 0xd8, 0x71, 0xba, 0xc3, 0xbe, 0xfb, 0xc0, 0xcd, 0xcc, 0xe8, 0xb2,
+	0x7f, 0x69, 0xe0, 0x95, 0xa9, 0x7d, 0xcb, 0x97, 0x54, 0xf0, 0x52, 0x90, 0x61, 0xbf, 0x93, 0x78,
+	0x22, 0x96, 0xbc, 0x74, 0x96, 0xa3, 0x47, 0xb9, 0x5e, 0xf0, 0x4b, 0xb0, 0x41, 0xbd, 0x2e, 0xf5,
+	0x88, 0x7a, 0x78, 0xe3, 0xfa, 0xe6, 0x92, 0x47, 0x16, 0x59, 0x16, 0x77, 0x4b, 0xcc, 0x27, 0x47,
+	0x19, 0x14, 0x34, 0x85, 0x6b, 0xfc, 0x23, 0xa7, 0x32, 0x72, 0x66, 0x14, 0x57, 0x48, 0x4a, 0x48,
+	0x38, 0x75, 0x85, 0x94, 0x1c, 0x4d, 0x2c, 0x64, 0xdf, 0xc8, 0xa3, 0x50, 0x89, 0x3e, 0xb8, 0x6f,
+	0xa4, 0x53, 0xa2, 0x6f, 0xe4, 0x1a, 0x29, 0x30, 0x91, 0x84, 0x98, 0xc9, 0x12, 0xb3, 0xd7, 0x24,
+	0x89, 0x13, 0x25, 0x47, 0x13, 0x0b, 0xe3, 0xbf, 0x85, 0x9c, 0x02, 0xc9, 0x06, 0x4c, 0xec, 0x66,
+	0xfc, 0xef, 0x40, 0x76, 0x37, 0xce, 0x64, 0x37, 0x0e, 0xfc, 0x9d, 0x06, 0x20, 0x9e, 0x40, 0xb4,
+	0xc6, 0x0d, 0x1a, 0x75, 0x51, 0xf3, 0x51, 0x57, 0xc2, 0x3c, 0x98, 0xc2, 0x89, 0x5e, 0xe3, 0x1d,
+	0x15, 0x1f, 0x4e, 0x1b, 0xa0, 0x9c, 0xe0, 0xd0, 0x01, 0xe5, 0x48, 0xda, 0x0c, 0x43, 0x3f, 0x54,
+	0xd7, 0xd3, 0xb8, 0x33, 0x17, 0x69, 0x69, 0x55, 0xe5, 0xc7, 0x4d, 0xec, 0x7a, 0x3b, 0xac, 0x95,
+	0x13, 0x7a, 0x94, 0x84, 0x15, 0x51, 0x1c, 0x12, 0x47, 0x59, 0x7a, 0x5c, 0x94, 0x43, 0x32, 0x3b,
+	0x4a, 0x02, 0x76, 0xa7, 0x09, 0xbe, 0x35, 0xe3, 0x58, 0x1e, 0xf5, 0x66, 0xfd, 0x49, 0x03, 0xc9,
+	0x18, 0xf0, 0x18, 0x2c, 0x71, 0xaa, 0x6e, 0x5d, 0xfa, 0x03, 0xf0, 0x0e, 0x22, 0x39, 0xa7, 0x2e,
+	0x89, 0xa9, 0x50, 0xac, 0x90, 0x44, 0x81, 0x6f, 0x80, 0x15, 0x97, 0x30, 0x86, 0x3b, 0x2a, 0x72,
+	0xfc, 0x39, 0xd4, 0x8a, 0xc4, 0x68, 0xac, 0x87, 0x6f, 0x81, 0x12, 0x11, 0x19, 0x34, 0xc4, 0x00,
+	0x21, 0x2a, 0x53, 0xb4, 0x2a, 0xa3, 0x61, 0xad, 0xd4, 0x1c, 0x0b, 0x51, 0xac, 0x37, 0xde, 0x07,
+	0x4f, 0x73, 0xbe, 0x41, 0x61, 0x0d, 0x14, 0x6d, 0xf9, 0x8f, 0x85, 0x26, 0xfd, 0x4b, 0x82, 0x7e,
+	0x1a, 0xf2, 0xaf, 0x8a, 0x48, 0x6e, 0xfd, 0xe0, 0xf9, 0xcb, 0xea, 0xc2, 0xd7, 0x2f, 0xab, 0x0b,
+	0x2f, 0x5e, 0x56, 0x17, 0x7e, 0x35, 0xaa, 0x6a, 0xcf, 0x47, 0x55, 0xed, 0xeb, 0x51, 0x55, 0x7b,
+	0x31, 0xaa, 0x6a, 0xff, 0x1e, 0x55, 0xb5, 0xdf, 0xfe, 0xa7, 0xba, 0xf0, 0x93, 0xed, 0xdc, 0xff,
+	0x7c, 0xbf, 0x09, 0x00, 0x00, 0xff, 0xff, 0x39, 0x5a, 0x51, 0xe9, 0x0b, 0x16, 0x00, 0x00,
 }
 
 func (m *CSIDriver) Marshal() (dAtA []byte, err error) {
@@ -826,6 +829,11 @@ func (m *CSIDriverSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.NodeAllocatableUpdatePeriodSeconds != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.NodeAllocatableUpdatePeriodSeconds))
+		i--
+		dAtA[i] = 0x48
+	}
 	if m.SELinuxMount != nil {
 		i--
 		if *m.SELinuxMount {
@@ -1684,6 +1692,11 @@ func (m *VolumeError) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.ErrorCode != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.ErrorCode))
+		i--
+		dAtA[i] = 0x18
+	}
 	i -= len(m.Message)
 	copy(dAtA[i:], m.Message)
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Message)))
@@ -1808,6 +1821,9 @@ func (m *CSIDriverSpec) Size() (n int) {
 	if m.SELinuxMount != nil {
 		n += 2
 	}
+	if m.NodeAllocatableUpdatePeriodSeconds != nil {
+		n += 1 + sovGenerated(uint64(*m.NodeAllocatableUpdatePeriodSeconds))
+	}
 	return n
 }
 
@@ -2096,6 +2112,9 @@ func (m *VolumeError) Size() (n int) {
 	n += 1 + l + sovGenerated(uint64(l))
 	l = len(m.Message)
 	n += 1 + l + sovGenerated(uint64(l))
+	if m.ErrorCode != nil {
+		n += 1 + sovGenerated(uint64(*m.ErrorCode))
+	}
 	return n
 }
 
@@ -2162,6 +2181,7 @@ func (this *CSIDriverSpec) String() string {
 		`TokenRequests:` + repeatedStringForTokenRequests + `,`,
 		`RequiresRepublish:` + valueToStringGenerated(this.RequiresRepublish) + `,`,
 		`SELinuxMount:` + valueToStringGenerated(this.SELinuxMount) + `,`,
+		`NodeAllocatableUpdatePeriodSeconds:` + valueToStringGenerated(this.NodeAllocatableUpdatePeriodSeconds) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -2391,6 +2411,7 @@ func (this *VolumeError) String() string {
 	s := strings.Join([]string{`&VolumeError{`,
 		`Time:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Time), "Time", "v1.Time", 1), `&`, ``, 1) + `,`,
 		`Message:` + fmt.Sprintf("%v", this.Message) + `,`,
+		`ErrorCode:` + valueToStringGenerated(this.ErrorCode) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -2879,6 +2900,26 @@ func (m *CSIDriverSpec) Unmarshal(dAtA []byte) error {
 			}
 			b := bool(v != 0)
 			m.SELinuxMount = &b
+		case 9:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeAllocatableUpdatePeriodSeconds", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.NodeAllocatableUpdatePeriodSeconds = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -5248,6 +5289,26 @@ func (m *VolumeError) Unmarshal(dAtA []byte) error {
 			}
 			m.Message = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ErrorCode", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.ErrorCode = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/storage/v1/generated.proto b/vendor/k8s.io/api/storage/v1/generated.proto
index dfc309bb42..0e8ce7587e 100644
--- a/vendor/k8s.io/api/storage/v1/generated.proto
+++ b/vendor/k8s.io/api/storage/v1/generated.proto
@@ -212,6 +212,20 @@ message CSIDriverSpec {
   // +featureGate=SELinuxMountReadWriteOncePod
   // +optional
   optional bool seLinuxMount = 8;
+
+  // nodeAllocatableUpdatePeriodSeconds specifies the interval between periodic updates of
+  // the CSINode allocatable capacity for this driver. When set, both periodic updates and
+  // updates triggered by capacity-related failures are enabled. If not set, no updates
+  // occur (neither periodic nor upon detecting capacity-related failures), and the
+  // allocatable.count remains static. The minimum allowed value for this field is 10 seconds.
+  //
+  // This is an alpha feature and requires the MutableCSINodeAllocatableCount feature gate to be enabled.
+  //
+  // This field is mutable.
+  //
+  // +featureGate=MutableCSINodeAllocatableCount
+  // +optional
+  optional int64 nodeAllocatableUpdatePeriodSeconds = 9;
 }
 
 // CSINode holds information about all CSI drivers installed on a node.
@@ -561,6 +575,14 @@ message VolumeError {
   // information.
   // +optional
   optional string message = 2;
+
+  // errorCode is a numeric gRPC code representing the error encountered during Attach or Detach operations.
+  //
+  // This is an optional, alpha field that requires the MutableCSINodeAllocatableCount feature gate being enabled to be set.
+  //
+  // +featureGate=MutableCSINodeAllocatableCount
+  // +optional
+  optional int32 errorCode = 3;
 }
 
 // VolumeNodeResources is a set of resource limits for scheduling of volumes.
diff --git a/vendor/k8s.io/api/storage/v1/types.go b/vendor/k8s.io/api/storage/v1/types.go
index 3936dc83bc..16ceca9044 100644
--- a/vendor/k8s.io/api/storage/v1/types.go
+++ b/vendor/k8s.io/api/storage/v1/types.go
@@ -226,6 +226,14 @@ type VolumeError struct {
 	// information.
 	// +optional
 	Message string `json:"message,omitempty" protobuf:"bytes,2,opt,name=message"`
+
+	// errorCode is a numeric gRPC code representing the error encountered during Attach or Detach operations.
+	//
+	// This is an optional, alpha field that requires the MutableCSINodeAllocatableCount feature gate being enabled to be set.
+	//
+	// +featureGate=MutableCSINodeAllocatableCount
+	// +optional
+	ErrorCode *int32 `json:"errorCode,omitempty" protobuf:"varint,3,opt,name=errorCode"`
 }
 
 // +genclient
@@ -422,6 +430,20 @@ type CSIDriverSpec struct {
 	// +featureGate=SELinuxMountReadWriteOncePod
 	// +optional
 	SELinuxMount *bool `json:"seLinuxMount,omitempty" protobuf:"varint,8,opt,name=seLinuxMount"`
+
+	// nodeAllocatableUpdatePeriodSeconds specifies the interval between periodic updates of
+	// the CSINode allocatable capacity for this driver. When set, both periodic updates and
+	// updates triggered by capacity-related failures are enabled. If not set, no updates
+	// occur (neither periodic nor upon detecting capacity-related failures), and the
+	// allocatable.count remains static. The minimum allowed value for this field is 10 seconds.
+	//
+	// This is an alpha feature and requires the MutableCSINodeAllocatableCount feature gate to be enabled.
+	//
+	// This field is mutable.
+	//
+	// +featureGate=MutableCSINodeAllocatableCount
+	// +optional
+	NodeAllocatableUpdatePeriodSeconds *int64 `json:"nodeAllocatableUpdatePeriodSeconds,omitempty" protobuf:"varint,9,opt,name=nodeAllocatableUpdatePeriodSeconds"`
 }
 
 // FSGroupPolicy specifies if a CSI Driver supports modifying
diff --git a/vendor/k8s.io/api/storage/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/storage/v1/types_swagger_doc_generated.go
index eee18bd182..80c84edd2e 100644
--- a/vendor/k8s.io/api/storage/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/storage/v1/types_swagger_doc_generated.go
@@ -48,15 +48,16 @@ func (CSIDriverList) SwaggerDoc() map[string]string {
 }
 
 var map_CSIDriverSpec = map[string]string{
-	"":                     "CSIDriverSpec is the specification of a CSIDriver.",
-	"attachRequired":       "attachRequired indicates this CSI volume driver requires an attach operation (because it implements the CSI ControllerPublishVolume() method), and that the Kubernetes attach detach controller should call the attach volume interface which checks the volumeattachment status and waits until the volume is attached before proceeding to mounting. The CSI external-attacher coordinates with CSI volume driver and updates the volumeattachment status when the attach operation is complete. If the CSIDriverRegistry feature gate is enabled and the value is specified to false, the attach operation will be skipped. Otherwise the attach operation will be called.\n\nThis field is immutable.",
-	"podInfoOnMount":       "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.",
-	"volumeLifecycleModes": "volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is \"Persistent\", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism.\n\nThe other mode is \"Ephemeral\". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume.\n\nFor more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future.\n\nThis field is beta. This field is immutable.",
-	"storageCapacity":      "storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information, if set to true.\n\nThe check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.\n\nAlternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.\n\nThis field was immutable in Kubernetes <= 1.22 and now is mutable.",
-	"fsGroupPolicy":        "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
-	"tokenRequests":        "tokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: \"csi.storage.k8s.io/serviceAccount.tokens\": {\n  \"<audience>\": {\n    \"token\": <token>,\n    \"expirationTimestamp\": <expiration timestamp in RFC3339>,\n  },\n  ...\n}\n\nNote: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.",
-	"requiresRepublish":    "requiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false.\n\nNote: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.",
-	"seLinuxMount":         "seLinuxMount specifies if the CSI driver supports \"-o context\" mount option.\n\nWhen \"true\", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different `-o context` options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with \"-o context=xyz\" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context.\n\nWhen \"false\", Kubernetes won't pass any special SELinux mount options to the driver. This is typical for volumes that represent subdirectories of a bigger shared filesystem.\n\nDefault is \"false\".",
+	"":                                   "CSIDriverSpec is the specification of a CSIDriver.",
+	"attachRequired":                     "attachRequired indicates this CSI volume driver requires an attach operation (because it implements the CSI ControllerPublishVolume() method), and that the Kubernetes attach detach controller should call the attach volume interface which checks the volumeattachment status and waits until the volume is attached before proceeding to mounting. The CSI external-attacher coordinates with CSI volume driver and updates the volumeattachment status when the attach operation is complete. If the CSIDriverRegistry feature gate is enabled and the value is specified to false, the attach operation will be skipped. Otherwise the attach operation will be called.\n\nThis field is immutable.",
+	"podInfoOnMount":                     "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.",
+	"volumeLifecycleModes":               "volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is \"Persistent\", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism.\n\nThe other mode is \"Ephemeral\". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume.\n\nFor more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future.\n\nThis field is beta. This field is immutable.",
+	"storageCapacity":                    "storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information, if set to true.\n\nThe check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.\n\nAlternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.\n\nThis field was immutable in Kubernetes <= 1.22 and now is mutable.",
+	"fsGroupPolicy":                      "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
+	"tokenRequests":                      "tokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: \"csi.storage.k8s.io/serviceAccount.tokens\": {\n  \"<audience>\": {\n    \"token\": <token>,\n    \"expirationTimestamp\": <expiration timestamp in RFC3339>,\n  },\n  ...\n}\n\nNote: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.",
+	"requiresRepublish":                  "requiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false.\n\nNote: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.",
+	"seLinuxMount":                       "seLinuxMount specifies if the CSI driver supports \"-o context\" mount option.\n\nWhen \"true\", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different `-o context` options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with \"-o context=xyz\" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context.\n\nWhen \"false\", Kubernetes won't pass any special SELinux mount options to the driver. This is typical for volumes that represent subdirectories of a bigger shared filesystem.\n\nDefault is \"false\".",
+	"nodeAllocatableUpdatePeriodSeconds": "nodeAllocatableUpdatePeriodSeconds specifies the interval between periodic updates of the CSINode allocatable capacity for this driver. When set, both periodic updates and updates triggered by capacity-related failures are enabled. If not set, no updates occur (neither periodic nor upon detecting capacity-related failures), and the allocatable.count remains static. The minimum allowed value for this field is 10 seconds.\n\nThis is an alpha feature and requires the MutableCSINodeAllocatableCount feature gate to be enabled.\n\nThis field is mutable.",
 }
 
 func (CSIDriverSpec) SwaggerDoc() map[string]string {
@@ -217,9 +218,10 @@ func (VolumeAttachmentStatus) SwaggerDoc() map[string]string {
 }
 
 var map_VolumeError = map[string]string{
-	"":        "VolumeError captures an error encountered during a volume operation.",
-	"time":    "time represents the time the error was encountered.",
-	"message": "message represents the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.",
+	"":          "VolumeError captures an error encountered during a volume operation.",
+	"time":      "time represents the time the error was encountered.",
+	"message":   "message represents the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.",
+	"errorCode": "errorCode is a numeric gRPC code representing the error encountered during Attach or Detach operations.\n\nThis is an optional, alpha field that requires the MutableCSINodeAllocatableCount feature gate being enabled to be set.",
 }
 
 func (VolumeError) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/storage/v1/zz_generated.deepcopy.go b/vendor/k8s.io/api/storage/v1/zz_generated.deepcopy.go
index 74ae83bca8..e159fc93d9 100644
--- a/vendor/k8s.io/api/storage/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/storage/v1/zz_generated.deepcopy.go
@@ -132,6 +132,11 @@ func (in *CSIDriverSpec) DeepCopyInto(out *CSIDriverSpec) {
 		*out = new(bool)
 		**out = **in
 	}
+	if in.NodeAllocatableUpdatePeriodSeconds != nil {
+		in, out := &in.NodeAllocatableUpdatePeriodSeconds, &out.NodeAllocatableUpdatePeriodSeconds
+		*out = new(int64)
+		**out = **in
+	}
 	return
 }
 
@@ -583,6 +588,11 @@ func (in *VolumeAttachmentStatus) DeepCopy() *VolumeAttachmentStatus {
 func (in *VolumeError) DeepCopyInto(out *VolumeError) {
 	*out = *in
 	in.Time.DeepCopyInto(&out.Time)
+	if in.ErrorCode != nil {
+		in, out := &in.ErrorCode, &out.ErrorCode
+		*out = new(int32)
+		**out = **in
+	}
 	return
 }
 
diff --git a/vendor/k8s.io/api/storage/v1alpha1/doc.go b/vendor/k8s.io/api/storage/v1alpha1/doc.go
index 87440b47ae..90af522ade 100644
--- a/vendor/k8s.io/api/storage/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/storage/v1alpha1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1alpha1 // import "k8s.io/api/storage/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/api/storage/v1alpha1/generated.pb.go b/vendor/k8s.io/api/storage/v1alpha1/generated.pb.go
index 86343b170a..c0a2f36aaf 100644
--- a/vendor/k8s.io/api/storage/v1alpha1/generated.pb.go
+++ b/vendor/k8s.io/api/storage/v1alpha1/generated.pb.go
@@ -347,71 +347,72 @@ func init() {
 }
 
 var fileDescriptor_02e7952e43280c27 = []byte{
-	// 1009 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x57, 0x3d, 0x6f, 0x23, 0x45,
-	0x18, 0xce, 0xda, 0xce, 0x9d, 0x6f, 0x1c, 0x38, 0xdf, 0xc8, 0x77, 0x18, 0x9f, 0xb4, 0x3e, 0xb9,
-	0x32, 0x1f, 0x37, 0x4b, 0x02, 0x42, 0x27, 0x24, 0x0a, 0x6f, 0x92, 0x22, 0x22, 0x09, 0xc7, 0x38,
-	0x02, 0x04, 0x14, 0x8c, 0xd7, 0x83, 0x3d, 0x89, 0xf7, 0x43, 0x33, 0xb3, 0x16, 0xa6, 0xa2, 0xa2,
-	0xa6, 0xe3, 0x1f, 0xf0, 0x5b, 0x52, 0x20, 0x71, 0xba, 0xea, 0x2a, 0x8b, 0x2c, 0xfc, 0x06, 0x0a,
-	0x1a, 0xd0, 0xce, 0x8e, 0xd7, 0x1b, 0xaf, 0x1d, 0x9c, 0x14, 0xe9, 0x3c, 0x33, 0xef, 0xfb, 0x3c,
-	0xef, 0xc7, 0xf3, 0xbe, 0x9b, 0x80, 0x77, 0xce, 0x9e, 0x09, 0xc4, 0x7c, 0x8b, 0x04, 0xcc, 0x12,
-	0xd2, 0xe7, 0x64, 0x40, 0xad, 0xf1, 0x36, 0x19, 0x05, 0x43, 0xb2, 0x6d, 0x0d, 0xa8, 0x47, 0x39,
-	0x91, 0xb4, 0x8f, 0x02, 0xee, 0x4b, 0x1f, 0x3e, 0x4e, 0x8c, 0x11, 0x09, 0x18, 0xd2, 0xc6, 0x68,
-	0x66, 0xdc, 0x78, 0x3a, 0x60, 0x72, 0x18, 0xf6, 0x90, 0xe3, 0xbb, 0xd6, 0xc0, 0x1f, 0xf8, 0x96,
-	0xf2, 0xe9, 0x85, 0xdf, 0xa9, 0x93, 0x3a, 0xa8, 0x5f, 0x09, 0x56, 0xa3, 0x95, 0x21, 0x76, 0x7c,
-	0x1e, 0xb3, 0x2e, 0xf2, 0x35, 0x3e, 0x98, 0xdb, 0xb8, 0xc4, 0x19, 0x32, 0x8f, 0xf2, 0x89, 0x15,
-	0x9c, 0x0d, 0x94, 0x13, 0xa7, 0xc2, 0x0f, 0xb9, 0x43, 0xaf, 0xe5, 0x25, 0x2c, 0x97, 0x4a, 0xb2,
-	0x8c, 0xcb, 0x5a, 0xe5, 0xc5, 0x43, 0x4f, 0x32, 0x37, 0x4f, 0xf3, 0xe1, 0xff, 0x39, 0x08, 0x67,
-	0x48, 0x5d, 0xb2, 0xe8, 0xd7, 0xfa, 0xbb, 0x08, 0xe0, 0x6e, 0xf7, 0xa0, 0x9b, 0xd4, 0x6f, 0x97,
-	0x04, 0xc4, 0x61, 0x72, 0x02, 0xbf, 0x05, 0xe5, 0x38, 0xb4, 0x3e, 0x91, 0xa4, 0x6e, 0x3c, 0x31,
-	0xda, 0x95, 0x9d, 0xf7, 0xd0, 0xbc, 0xdc, 0x29, 0x03, 0x0a, 0xce, 0x06, 0xf1, 0x85, 0x40, 0xb1,
-	0x35, 0x1a, 0x6f, 0xa3, 0x4f, 0x7b, 0xa7, 0xd4, 0x91, 0x47, 0x54, 0x12, 0x1b, 0x9e, 0x4f, 0x9b,
-	0x1b, 0xd1, 0xb4, 0x09, 0xe6, 0x77, 0x38, 0x45, 0x85, 0x0c, 0x6c, 0x79, 0x7e, 0x9f, 0x9e, 0xf8,
-	0x81, 0x3f, 0xf2, 0x07, 0x93, 0x7a, 0x41, 0xb1, 0xbc, 0xbf, 0x1e, 0xcb, 0x21, 0xe9, 0xd1, 0x51,
-	0x97, 0x8e, 0xa8, 0x23, 0x7d, 0x6e, 0x57, 0xa3, 0x69, 0x73, 0xeb, 0x38, 0x03, 0x86, 0x2f, 0x41,
-	0xc3, 0x3d, 0x50, 0xd5, 0xfa, 0xd8, 0x1d, 0x11, 0x21, 0x8e, 0x89, 0x4b, 0xeb, 0xc5, 0x27, 0x46,
-	0xfb, 0x9e, 0x5d, 0xd7, 0x21, 0x56, 0xbb, 0x0b, 0xef, 0x38, 0xe7, 0x01, 0xbf, 0x04, 0x65, 0x47,
-	0x97, 0xa7, 0x5e, 0x52, 0xc1, 0xa2, 0xab, 0x82, 0x45, 0x33, 0x45, 0xa0, 0xcf, 0x42, 0xe2, 0x49,
-	0x26, 0x27, 0xf6, 0x56, 0x34, 0x6d, 0x96, 0x67, 0x25, 0xc6, 0x29, 0x1a, 0x14, 0xe0, 0x81, 0x4b,
-	0xbe, 0x67, 0x6e, 0xe8, 0x7e, 0xee, 0x8f, 0x42, 0x97, 0x76, 0xd9, 0x0f, 0xb4, 0xbe, 0x79, 0x23,
-	0x8a, 0x87, 0xd1, 0xb4, 0xf9, 0xe0, 0x68, 0x11, 0x0c, 0xe7, 0xf1, 0x5b, 0xbf, 0x19, 0xe0, 0x51,
-	0xbe, 0xf1, 0x87, 0x4c, 0x48, 0xf8, 0x4d, 0xae, 0xf9, 0x68, 0xcd, 0xb6, 0x30, 0x91, 0xb4, 0xbe,
-	0xaa, 0xeb, 0x5a, 0x9e, 0xdd, 0x64, 0x1a, 0x7f, 0x02, 0x36, 0x99, 0xa4, 0xae, 0xa8, 0x17, 0x9e,
-	0x14, 0xdb, 0x95, 0x1d, 0x0b, 0x5d, 0x31, 0xc6, 0x28, 0x1f, 0xa1, 0xfd, 0x9a, 0xc6, 0xde, 0x3c,
-	0x88, 0x51, 0x70, 0x02, 0xd6, 0xfa, 0xb5, 0x00, 0xaa, 0x49, 0x76, 0x1d, 0x29, 0x89, 0x33, 0x74,
-	0xa9, 0x27, 0x6f, 0x41, 0xc5, 0x5d, 0x50, 0x12, 0x01, 0x75, 0xb4, 0x7a, 0xb7, 0xaf, 0xcc, 0x65,
-	0x31, 0xbc, 0x6e, 0x40, 0x1d, 0x7b, 0x4b, 0xc3, 0x97, 0xe2, 0x13, 0x56, 0x60, 0xf0, 0x6b, 0x70,
-	0x47, 0x48, 0x22, 0x43, 0xa1, 0x54, 0x7a, 0x79, 0x28, 0xd6, 0x80, 0x55, 0xae, 0xf6, 0xeb, 0x1a,
-	0xf8, 0x4e, 0x72, 0xc6, 0x1a, 0xb2, 0x75, 0x6e, 0x80, 0xda, 0xa2, 0xcb, 0x2d, 0x74, 0x1d, 0x5f,
-	0xee, 0xfa, 0xd3, 0x6b, 0xa5, 0xb4, 0xa2, 0xe7, 0x2f, 0x0d, 0xf0, 0x28, 0x97, 0xbd, 0x1a, 0x08,
-	0x78, 0x08, 0x6a, 0x01, 0xe5, 0x82, 0x09, 0x49, 0x3d, 0x99, 0xd8, 0xa8, 0xb1, 0x37, 0x92, 0xb1,
-	0x8f, 0xa6, 0xcd, 0xda, 0xf3, 0x25, 0xef, 0x78, 0xa9, 0x17, 0x3c, 0x05, 0x55, 0xe6, 0x8d, 0x98,
-	0x47, 0xf5, 0xfc, 0xcc, 0x3b, 0xde, 0xce, 0xe6, 0x11, 0x7f, 0x38, 0xe2, 0x82, 0x2c, 0x22, 0xab,
-	0x46, 0xd7, 0xe2, 0x35, 0x73, 0xb0, 0x80, 0x82, 0x73, 0xb8, 0xad, 0xdf, 0x97, 0xf4, 0x27, 0x7e,
-	0x80, 0xef, 0x82, 0x32, 0x51, 0x37, 0x94, 0xeb, 0x34, 0xd2, 0x7a, 0x77, 0xf4, 0x3d, 0x4e, 0x2d,
-	0x94, 0x86, 0x54, 0x29, 0x96, 0x2c, 0xd6, 0x35, 0x34, 0xa4, 0x5c, 0x33, 0x1a, 0x52, 0x67, 0xac,
-	0x21, 0xe3, 0x50, 0xe2, 0x05, 0x9b, 0x59, 0xa4, 0x69, 0x28, 0xc7, 0xfa, 0x1e, 0xa7, 0x16, 0xad,
-	0x7f, 0x8b, 0x4b, 0xda, 0xa4, 0xc4, 0x98, 0xc9, 0xa9, 0xaf, 0x72, 0x2a, 0xe7, 0x72, 0xea, 0xa7,
-	0x39, 0xf5, 0xe1, 0x2f, 0x06, 0x80, 0x24, 0x85, 0x38, 0x9a, 0x89, 0x35, 0x51, 0xd4, 0x27, 0x37,
-	0x18, 0x12, 0xd4, 0xc9, 0xa1, 0xed, 0x7b, 0x92, 0x4f, 0xec, 0x86, 0x8e, 0x02, 0xe6, 0x0d, 0xf0,
-	0x92, 0x10, 0xe0, 0x29, 0xa8, 0x24, 0xb7, 0xfb, 0x9c, 0xfb, 0x5c, 0x8f, 0x6d, 0x7b, 0x8d, 0x88,
-	0x94, 0xbd, 0x6d, 0x46, 0xd3, 0x66, 0xa5, 0x33, 0x07, 0xf8, 0x67, 0xda, 0xac, 0x64, 0xde, 0x71,
-	0x16, 0x3c, 0xe6, 0xea, 0xd3, 0x39, 0x57, 0xe9, 0x26, 0x5c, 0x7b, 0x74, 0x35, 0x57, 0x06, 0xbc,
-	0xb1, 0x0f, 0xde, 0x58, 0x51, 0x22, 0x58, 0x05, 0xc5, 0x33, 0x3a, 0x49, 0x94, 0x88, 0xe3, 0x9f,
-	0xb0, 0x06, 0x36, 0xc7, 0x64, 0x14, 0x26, 0x8a, 0xbb, 0x87, 0x93, 0xc3, 0x47, 0x85, 0x67, 0x46,
-	0xeb, 0xaf, 0x02, 0x78, 0x98, 0x76, 0x80, 0xb3, 0x5e, 0x28, 0xa9, 0x50, 0x1f, 0xd6, 0x5b, 0xd8,
-	0xd0, 0x3b, 0x00, 0xf4, 0x39, 0x1b, 0x53, 0xae, 0xd4, 0xaa, 0x42, 0x9b, 0x7b, 0xec, 0xa5, 0x2f,
-	0x38, 0x63, 0x05, 0xc7, 0x00, 0x04, 0x84, 0x13, 0x97, 0x4a, 0xca, 0xe3, 0x25, 0x1c, 0xeb, 0xcb,
-	0x5e, 0x4f, 0x5f, 0xd9, 0xec, 0xd0, 0xf3, 0x14, 0x24, 0x91, 0x55, 0xca, 0x3b, 0x7f, 0xc0, 0x19,
-	0xa6, 0xc6, 0xc7, 0xe0, 0xfe, 0x82, 0xcb, 0xb5, 0xca, 0xfc, 0xd2, 0x00, 0x6f, 0x2e, 0x0d, 0xe4,
-	0x16, 0xf6, 0xfb, 0x17, 0x97, 0xf7, 0xfb, 0xce, 0xf5, 0xab, 0xb5, 0x62, 0xc9, 0xff, 0x64, 0x80,
-	0xac, 0x3e, 0xe1, 0x21, 0x28, 0xc5, 0x7f, 0xcf, 0xea, 0x14, 0xde, 0x5e, 0x2f, 0x85, 0x13, 0xe6,
-	0xd2, 0xf9, 0xa7, 0x36, 0x3e, 0x61, 0x85, 0x02, 0xdf, 0x02, 0x77, 0x5d, 0x2a, 0x04, 0x19, 0xcc,
-	0xa4, 0x71, 0x5f, 0x1b, 0xdd, 0x3d, 0x4a, 0xae, 0xf1, 0xec, 0xdd, 0xee, 0x9c, 0x5f, 0x98, 0x1b,
-	0x2f, 0x2e, 0xcc, 0x8d, 0x57, 0x17, 0xe6, 0xc6, 0x8f, 0x91, 0x69, 0x9c, 0x47, 0xa6, 0xf1, 0x22,
-	0x32, 0x8d, 0x57, 0x91, 0x69, 0xfc, 0x11, 0x99, 0xc6, 0xcf, 0x7f, 0x9a, 0x1b, 0x5f, 0x3d, 0xbe,
-	0xe2, 0x3f, 0x98, 0xff, 0x02, 0x00, 0x00, 0xff, 0xff, 0xd7, 0x19, 0x2c, 0xaa, 0xdf, 0x0c, 0x00,
-	0x00,
+	// 1031 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x57, 0x4d, 0x6f, 0x1b, 0x45,
+	0x18, 0xce, 0xfa, 0xa3, 0x75, 0xc6, 0x29, 0x75, 0x47, 0x6e, 0x31, 0xae, 0xb4, 0xae, 0x7c, 0x32,
+	0x94, 0xee, 0x92, 0x80, 0x50, 0x85, 0xc4, 0xc1, 0x9b, 0xe4, 0x10, 0x91, 0x84, 0x32, 0x8e, 0x00,
+	0x01, 0x07, 0xc6, 0xeb, 0xc1, 0x9e, 0xc4, 0xfb, 0xa1, 0x99, 0x59, 0x0b, 0x73, 0xe2, 0x27, 0x70,
+	0xe3, 0x1f, 0xf0, 0x07, 0xf8, 0x13, 0x39, 0x20, 0x51, 0xf5, 0xd4, 0x93, 0x45, 0x16, 0x7e, 0x03,
+	0x07, 0x2e, 0xa0, 0x9d, 0x1d, 0xef, 0x6e, 0xbc, 0x76, 0x70, 0x72, 0xc8, 0xcd, 0xf3, 0x7e, 0x3c,
+	0xef, 0xd7, 0xf3, 0xbe, 0x9b, 0x80, 0xa7, 0x67, 0xcf, 0xb9, 0x41, 0x3d, 0x13, 0xfb, 0xd4, 0xe4,
+	0xc2, 0x63, 0x78, 0x48, 0xcc, 0xc9, 0x36, 0x1e, 0xfb, 0x23, 0xbc, 0x6d, 0x0e, 0x89, 0x4b, 0x18,
+	0x16, 0x64, 0x60, 0xf8, 0xcc, 0x13, 0x1e, 0x7c, 0x1c, 0x1b, 0x1b, 0xd8, 0xa7, 0x86, 0x32, 0x36,
+	0xe6, 0xc6, 0xcd, 0x67, 0x43, 0x2a, 0x46, 0x41, 0xdf, 0xb0, 0x3d, 0xc7, 0x1c, 0x7a, 0x43, 0xcf,
+	0x94, 0x3e, 0xfd, 0xe0, 0x3b, 0xf9, 0x92, 0x0f, 0xf9, 0x2b, 0xc6, 0x6a, 0xb6, 0x33, 0x81, 0x6d,
+	0x8f, 0x45, 0x51, 0x17, 0xe3, 0x35, 0x3f, 0x48, 0x6d, 0x1c, 0x6c, 0x8f, 0xa8, 0x4b, 0xd8, 0xd4,
+	0xf4, 0xcf, 0x86, 0xd2, 0x89, 0x11, 0xee, 0x05, 0xcc, 0x26, 0xd7, 0xf2, 0xe2, 0xa6, 0x43, 0x04,
+	0x5e, 0x16, 0xcb, 0x5c, 0xe5, 0xc5, 0x02, 0x57, 0x50, 0x27, 0x1f, 0xe6, 0xc3, 0xff, 0x73, 0xe0,
+	0xf6, 0x88, 0x38, 0x78, 0xd1, 0xaf, 0xfd, 0x77, 0x11, 0xc0, 0xdd, 0xde, 0x41, 0x2f, 0xee, 0xdf,
+	0x2e, 0xf6, 0xb1, 0x4d, 0xc5, 0x14, 0x7e, 0x0b, 0x2a, 0x51, 0x6a, 0x03, 0x2c, 0x70, 0x43, 0x7b,
+	0xa2, 0x75, 0xaa, 0x3b, 0xef, 0x19, 0x69, 0xbb, 0x93, 0x08, 0x86, 0x7f, 0x36, 0x8c, 0x04, 0xdc,
+	0x88, 0xac, 0x8d, 0xc9, 0xb6, 0xf1, 0x69, 0xff, 0x94, 0xd8, 0xe2, 0x88, 0x08, 0x6c, 0xc1, 0xf3,
+	0x59, 0x6b, 0x23, 0x9c, 0xb5, 0x40, 0x2a, 0x43, 0x09, 0x2a, 0xa4, 0x60, 0xcb, 0xf5, 0x06, 0xe4,
+	0xc4, 0xf3, 0xbd, 0xb1, 0x37, 0x9c, 0x36, 0x0a, 0x32, 0xca, 0xfb, 0xeb, 0x45, 0x39, 0xc4, 0x7d,
+	0x32, 0xee, 0x91, 0x31, 0xb1, 0x85, 0xc7, 0xac, 0x5a, 0x38, 0x6b, 0x6d, 0x1d, 0x67, 0xc0, 0xd0,
+	0x25, 0x68, 0xb8, 0x07, 0x6a, 0x8a, 0x1f, 0xbb, 0x63, 0xcc, 0xf9, 0x31, 0x76, 0x48, 0xa3, 0xf8,
+	0x44, 0xeb, 0x6c, 0x5a, 0x0d, 0x95, 0x62, 0xad, 0xb7, 0xa0, 0x47, 0x39, 0x0f, 0xf8, 0x25, 0xa8,
+	0xd8, 0xaa, 0x3d, 0x8d, 0x92, 0x4c, 0xd6, 0xb8, 0x2a, 0x59, 0x63, 0xce, 0x08, 0xe3, 0xb3, 0x00,
+	0xbb, 0x82, 0x8a, 0xa9, 0xb5, 0x15, 0xce, 0x5a, 0x95, 0x79, 0x8b, 0x51, 0x82, 0x06, 0x39, 0x78,
+	0xe0, 0xe0, 0xef, 0xa9, 0x13, 0x38, 0x9f, 0x7b, 0xe3, 0xc0, 0x21, 0x3d, 0xfa, 0x03, 0x69, 0x94,
+	0x6f, 0x14, 0xe2, 0x61, 0x38, 0x6b, 0x3d, 0x38, 0x5a, 0x04, 0x43, 0x79, 0xfc, 0xf6, 0x6f, 0x1a,
+	0x78, 0x94, 0x1f, 0xfc, 0x21, 0xe5, 0x02, 0x7e, 0x93, 0x1b, 0xbe, 0xb1, 0xe6, 0x58, 0x28, 0x8f,
+	0x47, 0x5f, 0x53, 0x7d, 0xad, 0xcc, 0x25, 0x99, 0xc1, 0x9f, 0x80, 0x32, 0x15, 0xc4, 0xe1, 0x8d,
+	0xc2, 0x93, 0x62, 0xa7, 0xba, 0x63, 0x1a, 0x57, 0xac, 0xb1, 0x91, 0xcf, 0xd0, 0xba, 0xa7, 0xb0,
+	0xcb, 0x07, 0x11, 0x0a, 0x8a, 0xc1, 0xda, 0xbf, 0x14, 0x40, 0x2d, 0xae, 0xae, 0x2b, 0x04, 0xb6,
+	0x47, 0x0e, 0x71, 0xc5, 0x2d, 0xb0, 0xb8, 0x07, 0x4a, 0xdc, 0x27, 0xb6, 0x62, 0xef, 0xf6, 0x95,
+	0xb5, 0x2c, 0xa6, 0xd7, 0xf3, 0x89, 0x6d, 0x6d, 0x29, 0xf8, 0x52, 0xf4, 0x42, 0x12, 0x0c, 0x7e,
+	0x0d, 0xee, 0x70, 0x81, 0x45, 0xc0, 0x25, 0x4b, 0x2f, 0x2f, 0xc5, 0x1a, 0xb0, 0xd2, 0xd5, 0x7a,
+	0x43, 0x01, 0xdf, 0x89, 0xdf, 0x48, 0x41, 0xb6, 0xcf, 0x35, 0x50, 0x5f, 0x74, 0xb9, 0x85, 0xa9,
+	0xa3, 0xcb, 0x53, 0x7f, 0x76, 0xad, 0x92, 0x56, 0xcc, 0xfc, 0x95, 0x06, 0x1e, 0xe5, 0xaa, 0x97,
+	0x0b, 0x01, 0x0f, 0x41, 0xdd, 0x27, 0x8c, 0x53, 0x2e, 0x88, 0x2b, 0x62, 0x1b, 0xb9, 0xf6, 0x5a,
+	0xbc, 0xf6, 0xe1, 0xac, 0x55, 0x7f, 0xb1, 0x44, 0x8f, 0x96, 0x7a, 0xc1, 0x53, 0x50, 0xa3, 0xee,
+	0x98, 0xba, 0x44, 0xed, 0x4f, 0x3a, 0xf1, 0x4e, 0xb6, 0x8e, 0xe8, 0xc3, 0x11, 0x35, 0x64, 0x11,
+	0x59, 0x0e, 0xba, 0x1e, 0x9d, 0x99, 0x83, 0x05, 0x14, 0x94, 0xc3, 0x6d, 0xff, 0xbe, 0x64, 0x3e,
+	0x91, 0x02, 0xbe, 0x0b, 0x2a, 0x58, 0x4a, 0x08, 0x53, 0x65, 0x24, 0xfd, 0xee, 0x2a, 0x39, 0x4a,
+	0x2c, 0x24, 0x87, 0x64, 0x2b, 0x96, 0x1c, 0xd6, 0x35, 0x38, 0x24, 0x5d, 0x33, 0x1c, 0x92, 0x6f,
+	0xa4, 0x20, 0xa3, 0x54, 0xa2, 0x03, 0x9b, 0x39, 0xa4, 0x49, 0x2a, 0xc7, 0x4a, 0x8e, 0x12, 0x8b,
+	0xf6, 0xbf, 0xc5, 0x25, 0x63, 0x92, 0x64, 0xcc, 0xd4, 0x34, 0x90, 0x35, 0x55, 0x72, 0x35, 0x0d,
+	0x92, 0x9a, 0x06, 0xf0, 0x67, 0x0d, 0x40, 0x9c, 0x40, 0x1c, 0xcd, 0xc9, 0x1a, 0x33, 0xea, 0x93,
+	0x1b, 0x2c, 0x89, 0xd1, 0xcd, 0xa1, 0xed, 0xbb, 0x82, 0x4d, 0xad, 0xa6, 0xca, 0x02, 0xe6, 0x0d,
+	0xd0, 0x92, 0x14, 0xe0, 0x29, 0xa8, 0xc6, 0xd2, 0x7d, 0xc6, 0x3c, 0xa6, 0xd6, 0xb6, 0xb3, 0x46,
+	0x46, 0xd2, 0xde, 0xd2, 0xc3, 0x59, 0xab, 0xda, 0x4d, 0x01, 0xfe, 0x99, 0xb5, 0xaa, 0x19, 0x3d,
+	0xca, 0x82, 0x47, 0xb1, 0x06, 0x24, 0x8d, 0x55, 0xba, 0x49, 0xac, 0x3d, 0xb2, 0x3a, 0x56, 0x06,
+	0xbc, 0xb9, 0x0f, 0xde, 0x5c, 0xd1, 0x22, 0x58, 0x03, 0xc5, 0x33, 0x32, 0x8d, 0x99, 0x88, 0xa2,
+	0x9f, 0xb0, 0x0e, 0xca, 0x13, 0x3c, 0x0e, 0x62, 0xc6, 0x6d, 0xa2, 0xf8, 0xf1, 0x51, 0xe1, 0xb9,
+	0xd6, 0xfe, 0xab, 0x00, 0x1e, 0x26, 0x13, 0x60, 0xb4, 0x1f, 0x08, 0xc2, 0xe5, 0x87, 0xf5, 0x16,
+	0x2e, 0xf4, 0x0e, 0x00, 0x03, 0x46, 0x27, 0x84, 0x49, 0xb6, 0xca, 0xd4, 0x52, 0x8f, 0xbd, 0x44,
+	0x83, 0x32, 0x56, 0x70, 0x02, 0x80, 0x8f, 0x19, 0x76, 0x88, 0x20, 0x2c, 0x3a, 0xc2, 0x11, 0xbf,
+	0xac, 0xf5, 0xf8, 0x95, 0xad, 0xce, 0x78, 0x91, 0x80, 0xc4, 0xb4, 0x4a, 0xe2, 0xa6, 0x0a, 0x94,
+	0x89, 0xd4, 0xfc, 0x18, 0xdc, 0x5f, 0x70, 0xb9, 0x56, 0x9b, 0x5f, 0x69, 0xe0, 0xad, 0xa5, 0x89,
+	0xdc, 0xc2, 0x7d, 0xff, 0xe2, 0xf2, 0x7d, 0xdf, 0xb9, 0x7e, 0xb7, 0x56, 0x1c, 0xf9, 0x5f, 0x35,
+	0x90, 0xe5, 0x27, 0x3c, 0x04, 0xa5, 0xe8, 0xef, 0x59, 0x55, 0xc2, 0x3b, 0xeb, 0x95, 0x70, 0x42,
+	0x1d, 0x92, 0x7e, 0x6a, 0xa3, 0x17, 0x92, 0x28, 0xf0, 0x6d, 0x70, 0xd7, 0x21, 0x9c, 0xe3, 0xe1,
+	0x9c, 0x1a, 0xf7, 0x95, 0xd1, 0xdd, 0xa3, 0x58, 0x8c, 0xe6, 0x7a, 0xf8, 0x14, 0x6c, 0x92, 0x28,
+	0x83, 0x5d, 0x6f, 0x10, 0x5f, 0xbd, 0xb2, 0x75, 0x2f, 0x9c, 0xb5, 0x36, 0xf7, 0xe7, 0x42, 0x94,
+	0xea, 0xad, 0xee, 0xf9, 0x85, 0xbe, 0xf1, 0xf2, 0x42, 0xdf, 0x78, 0x7d, 0xa1, 0x6f, 0xfc, 0x18,
+	0xea, 0xda, 0x79, 0xa8, 0x6b, 0x2f, 0x43, 0x5d, 0x7b, 0x1d, 0xea, 0xda, 0x1f, 0xa1, 0xae, 0xfd,
+	0xf4, 0xa7, 0xbe, 0xf1, 0xd5, 0xe3, 0x2b, 0xfe, 0xdd, 0xf9, 0x2f, 0x00, 0x00, 0xff, 0xff, 0x23,
+	0x8e, 0x6a, 0x20, 0x0c, 0x0d, 0x00, 0x00,
 }
 
 func (m *CSIStorageCapacity) Marshal() (dAtA []byte, err error) {
@@ -928,6 +929,11 @@ func (m *VolumeError) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.ErrorCode != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.ErrorCode))
+		i--
+		dAtA[i] = 0x18
+	}
 	i -= len(m.Message)
 	copy(dAtA[i:], m.Message)
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Message)))
@@ -1137,6 +1143,9 @@ func (m *VolumeError) Size() (n int) {
 	n += 1 + l + sovGenerated(uint64(l))
 	l = len(m.Message)
 	n += 1 + l + sovGenerated(uint64(l))
+	if m.ErrorCode != nil {
+		n += 1 + sovGenerated(uint64(*m.ErrorCode))
+	}
 	return n
 }
 
@@ -1295,6 +1304,7 @@ func (this *VolumeError) String() string {
 	s := strings.Join([]string{`&VolumeError{`,
 		`Time:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Time), "Time", "v1.Time", 1), `&`, ``, 1) + `,`,
 		`Message:` + fmt.Sprintf("%v", this.Message) + `,`,
+		`ErrorCode:` + valueToStringGenerated(this.ErrorCode) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -2901,6 +2911,26 @@ func (m *VolumeError) Unmarshal(dAtA []byte) error {
 			}
 			m.Message = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ErrorCode", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.ErrorCode = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/storage/v1alpha1/generated.proto b/vendor/k8s.io/api/storage/v1alpha1/generated.proto
index 79acbebd83..c1abc3fb36 100644
--- a/vendor/k8s.io/api/storage/v1alpha1/generated.proto
+++ b/vendor/k8s.io/api/storage/v1alpha1/generated.proto
@@ -265,5 +265,13 @@ message VolumeError {
   // information.
   // +optional
   optional string message = 2;
+
+  // errorCode is a numeric gRPC code representing the error encountered during Attach or Detach operations.
+  //
+  // This is an optional, alpha field that requires the MutableCSINodeAllocatableCount feature gate being enabled to be set.
+  //
+  // +featureGate=MutableCSINodeAllocatableCount
+  // +optional
+  optional int32 errorCode = 3;
 }
 
diff --git a/vendor/k8s.io/api/storage/v1alpha1/types.go b/vendor/k8s.io/api/storage/v1alpha1/types.go
index 7ef7353ebc..15a43292fc 100644
--- a/vendor/k8s.io/api/storage/v1alpha1/types.go
+++ b/vendor/k8s.io/api/storage/v1alpha1/types.go
@@ -141,6 +141,14 @@ type VolumeError struct {
 	// information.
 	// +optional
 	Message string `json:"message,omitempty" protobuf:"bytes,2,opt,name=message"`
+
+	// errorCode is a numeric gRPC code representing the error encountered during Attach or Detach operations.
+	//
+	// This is an optional, alpha field that requires the MutableCSINodeAllocatableCount feature gate being enabled to be set.
+	//
+	// +featureGate=MutableCSINodeAllocatableCount
+	// +optional
+	ErrorCode *int32 `json:"errorCode,omitempty" protobuf:"varint,3,opt,name=errorCode"`
 }
 
 // +genclient
diff --git a/vendor/k8s.io/api/storage/v1alpha1/types_swagger_doc_generated.go b/vendor/k8s.io/api/storage/v1alpha1/types_swagger_doc_generated.go
index e44f37b2dd..713498b372 100644
--- a/vendor/k8s.io/api/storage/v1alpha1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/storage/v1alpha1/types_swagger_doc_generated.go
@@ -125,9 +125,10 @@ func (VolumeAttributesClassList) SwaggerDoc() map[string]string {
 }
 
 var map_VolumeError = map[string]string{
-	"":        "VolumeError captures an error encountered during a volume operation.",
-	"time":    "time represents the time the error was encountered.",
-	"message": "message represents the error encountered during Attach or Detach operation. This string maybe logged, so it should not contain sensitive information.",
+	"":          "VolumeError captures an error encountered during a volume operation.",
+	"time":      "time represents the time the error was encountered.",
+	"message":   "message represents the error encountered during Attach or Detach operation. This string maybe logged, so it should not contain sensitive information.",
+	"errorCode": "errorCode is a numeric gRPC code representing the error encountered during Attach or Detach operations.\n\nThis is an optional, alpha field that requires the MutableCSINodeAllocatableCount feature gate being enabled to be set.",
 }
 
 func (VolumeError) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/storage/v1alpha1/zz_generated.deepcopy.go b/vendor/k8s.io/api/storage/v1alpha1/zz_generated.deepcopy.go
index 942871f788..7661a9e1c8 100644
--- a/vendor/k8s.io/api/storage/v1alpha1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/storage/v1alpha1/zz_generated.deepcopy.go
@@ -308,6 +308,11 @@ func (in *VolumeAttributesClassList) DeepCopyObject() runtime.Object {
 func (in *VolumeError) DeepCopyInto(out *VolumeError) {
 	*out = *in
 	in.Time.DeepCopyInto(&out.Time)
+	if in.ErrorCode != nil {
+		in, out := &in.ErrorCode, &out.ErrorCode
+		*out = new(int32)
+		**out = **in
+	}
 	return
 }
 
diff --git a/vendor/k8s.io/api/storage/v1beta1/doc.go b/vendor/k8s.io/api/storage/v1beta1/doc.go
index 75142a62fb..174482b609 100644
--- a/vendor/k8s.io/api/storage/v1beta1/doc.go
+++ b/vendor/k8s.io/api/storage/v1beta1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:openapi-gen=true
 // +k8s:prerelease-lifecycle-gen=true
 
-package v1beta1 // import "k8s.io/api/storage/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/api/storage/v1beta1/generated.pb.go b/vendor/k8s.io/api/storage/v1beta1/generated.pb.go
index 446a40c483..6d75868d6e 100644
--- a/vendor/k8s.io/api/storage/v1beta1/generated.pb.go
+++ b/vendor/k8s.io/api/storage/v1beta1/generated.pb.go
@@ -668,115 +668,119 @@ func init() {
 }
 
 var fileDescriptor_73e4f72503e71065 = []byte{
-	// 1728 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x58, 0xcd, 0x6f, 0x23, 0x49,
-	0x15, 0x4f, 0xc7, 0xce, 0x57, 0x39, 0x99, 0x24, 0x35, 0x99, 0xc5, 0xeb, 0x83, 0x1d, 0x19, 0xc1,
-	0x66, 0x46, 0x4b, 0x7b, 0x12, 0x96, 0xd5, 0x68, 0xa5, 0x95, 0x48, 0x27, 0x81, 0xf5, 0x6e, 0x9c,
-	0xc9, 0x96, 0xa3, 0xd1, 0x6a, 0xc5, 0x81, 0x72, 0xbb, 0xe2, 0xd4, 0xc6, 0xfd, 0xb1, 0x5d, 0xd5,
-	0x21, 0xe6, 0x04, 0x17, 0xce, 0x88, 0x03, 0x7f, 0x01, 0xff, 0x02, 0x48, 0x70, 0xe1, 0xc8, 0x48,
-	0x48, 0x68, 0xe1, 0xc2, 0x9e, 0x2c, 0xc6, 0xf3, 0x27, 0x20, 0x71, 0x88, 0x38, 0xa0, 0xaa, 0x2e,
-	0xf7, 0xb7, 0x27, 0x36, 0x2b, 0xf9, 0xe6, 0x7a, 0x1f, 0xbf, 0x7a, 0x55, 0xef, 0xf7, 0x5e, 0xbd,
-	0x36, 0x78, 0x72, 0xfd, 0x8c, 0xe9, 0xd4, 0x69, 0x60, 0x97, 0x36, 0x18, 0x77, 0x3c, 0xdc, 0x23,
-	0x8d, 0x9b, 0xfd, 0x0e, 0xe1, 0x78, 0xbf, 0xd1, 0x23, 0x36, 0xf1, 0x30, 0x27, 0x5d, 0xdd, 0xf5,
-	0x1c, 0xee, 0xc0, 0x4a, 0x60, 0xab, 0x63, 0x97, 0xea, 0xca, 0x56, 0x57, 0xb6, 0x95, 0xef, 0xf5,
-	0x28, 0xbf, 0xf2, 0x3b, 0xba, 0xe9, 0x58, 0x8d, 0x9e, 0xd3, 0x73, 0x1a, 0xd2, 0xa5, 0xe3, 0x5f,
-	0xca, 0x95, 0x5c, 0xc8, 0x5f, 0x01, 0x54, 0xa5, 0x1e, 0xdb, 0xd6, 0x74, 0x3c, 0xb1, 0x67, 0x7a,
-	0xbb, 0xca, 0x7b, 0x91, 0x8d, 0x85, 0xcd, 0x2b, 0x6a, 0x13, 0x6f, 0xd0, 0x70, 0xaf, 0x7b, 0xd2,
-	0xc9, 0x23, 0xcc, 0xf1, 0x3d, 0x93, 0xcc, 0xe4, 0xc5, 0x1a, 0x16, 0xe1, 0x38, 0x6f, 0xaf, 0xc6,
-	0x24, 0x2f, 0xcf, 0xb7, 0x39, 0xb5, 0xb2, 0xdb, 0xbc, 0x7f, 0x9f, 0x03, 0x33, 0xaf, 0x88, 0x85,
-	0xd3, 0x7e, 0xf5, 0x3f, 0x69, 0x60, 0xed, 0xa8, 0xdd, 0x3c, 0xf6, 0xe8, 0x0d, 0xf1, 0xe0, 0x4f,
-	0xc1, 0xaa, 0x88, 0xa8, 0x8b, 0x39, 0x2e, 0x6b, 0xbb, 0xda, 0x5e, 0xe9, 0xe0, 0xa9, 0x1e, 0x5d,
-	0x72, 0x08, 0xac, 0xbb, 0xd7, 0x3d, 0x21, 0x60, 0xba, 0xb0, 0xd6, 0x6f, 0xf6, 0xf5, 0xe7, 0x9d,
-	0x2f, 0x88, 0xc9, 0x5b, 0x84, 0x63, 0x03, 0xbe, 0x1c, 0xd6, 0x16, 0x46, 0xc3, 0x1a, 0x88, 0x64,
-	0x28, 0x44, 0x85, 0x9f, 0x80, 0x22, 0x73, 0x89, 0x59, 0x5e, 0x94, 0xe8, 0x8f, 0xf5, 0xc9, 0x29,
-	0xd4, 0xc3, 0xb0, 0xda, 0x2e, 0x31, 0x8d, 0x75, 0x05, 0x5b, 0x14, 0x2b, 0x24, 0x41, 0xea, 0x7f,
-	0xd4, 0xc0, 0x46, 0x68, 0x75, 0x4a, 0x19, 0x87, 0x3f, 0xc9, 0x1c, 0x40, 0x9f, 0xee, 0x00, 0xc2,
-	0x5b, 0x86, 0xbf, 0xa5, 0xf6, 0x59, 0x1d, 0x4b, 0x62, 0xc1, 0x7f, 0x0c, 0x96, 0x28, 0x27, 0x16,
-	0x2b, 0x2f, 0xee, 0x16, 0xf6, 0x4a, 0x07, 0xdf, 0x99, 0x2a, 0x7a, 0x63, 0x43, 0x21, 0x2e, 0x35,
-	0x85, 0x2f, 0x0a, 0x20, 0xea, 0xff, 0x2c, 0xc6, 0x62, 0x17, 0x67, 0x82, 0x1f, 0x80, 0x07, 0x98,
-	0x73, 0x6c, 0x5e, 0x21, 0xf2, 0xa5, 0x4f, 0x3d, 0xd2, 0x95, 0x27, 0x58, 0x35, 0xe0, 0x68, 0x58,
-	0x7b, 0x70, 0x98, 0xd0, 0xa0, 0x94, 0xa5, 0xf0, 0x75, 0x9d, 0x6e, 0xd3, 0xbe, 0x74, 0x9e, 0xdb,
-	0x2d, 0xc7, 0xb7, 0xb9, 0xbc, 0x60, 0xe5, 0x7b, 0x9e, 0xd0, 0xa0, 0x94, 0x25, 0x34, 0xc1, 0xce,
-	0x8d, 0xd3, 0xf7, 0x2d, 0x72, 0x4a, 0x2f, 0x89, 0x39, 0x30, 0xfb, 0xa4, 0xe5, 0x74, 0x09, 0x2b,
-	0x17, 0x76, 0x0b, 0x7b, 0x6b, 0x46, 0x63, 0x34, 0xac, 0xed, 0xbc, 0xc8, 0xd1, 0xdf, 0x0d, 0x6b,
-	0x0f, 0x73, 0xe4, 0x28, 0x17, 0x0c, 0x7e, 0x08, 0x36, 0xd5, 0x0d, 0x1d, 0x61, 0x17, 0x9b, 0x94,
-	0x0f, 0xca, 0x45, 0x19, 0xe1, 0xc3, 0xd1, 0xb0, 0xb6, 0xd9, 0x4e, 0xaa, 0x50, 0xda, 0x16, 0x7e,
-	0x04, 0x36, 0x2e, 0xd9, 0x8f, 0x3d, 0xc7, 0x77, 0xcf, 0x9d, 0x3e, 0x35, 0x07, 0xe5, 0xa5, 0x5d,
-	0x6d, 0x6f, 0xcd, 0xa8, 0x8f, 0x86, 0xb5, 0x8d, 0x1f, 0xb5, 0x63, 0x8a, 0xbb, 0xb4, 0x00, 0x25,
-	0x1d, 0x21, 0x01, 0x1b, 0xdc, 0xb9, 0x26, 0xb6, 0xb8, 0x3a, 0xc2, 0x38, 0x2b, 0x2f, 0xcb, 0x5c,
-	0xee, 0xbd, 0x29, 0x97, 0x17, 0x31, 0x07, 0xe3, 0x91, 0x4a, 0xe7, 0x46, 0x5c, 0xca, 0x50, 0x12,
-	0x15, 0x1e, 0x81, 0x6d, 0x2f, 0x48, 0x0e, 0x43, 0xc4, 0xf5, 0x3b, 0x7d, 0xca, 0xae, 0xca, 0x2b,
-	0xf2, 0xc4, 0x8f, 0x46, 0xc3, 0xda, 0x36, 0x4a, 0x2b, 0x51, 0xd6, 0x1e, 0xbe, 0x07, 0xd6, 0x19,
-	0x39, 0xa5, 0xb6, 0x7f, 0x1b, 0xe4, 0x74, 0x55, 0xfa, 0x6f, 0x8d, 0x86, 0xb5, 0xf5, 0xf6, 0x49,
-	0x24, 0x47, 0x09, 0xab, 0xfa, 0x1f, 0x34, 0xb0, 0x72, 0xd4, 0x6e, 0x9e, 0x39, 0x5d, 0x32, 0x87,
-	0x82, 0x6e, 0x26, 0x0a, 0xfa, 0x9d, 0x7b, 0x4a, 0x42, 0x04, 0x35, 0xb1, 0x9c, 0xff, 0x1d, 0x94,
-	0xb3, 0xb0, 0x51, 0xfd, 0x68, 0x17, 0x14, 0x6d, 0x6c, 0x11, 0x19, 0xfa, 0x5a, 0xe4, 0x73, 0x86,
-	0x2d, 0x82, 0xa4, 0x06, 0x7e, 0x17, 0x2c, 0xdb, 0x4e, 0x97, 0x34, 0x8f, 0x65, 0x00, 0x6b, 0xc6,
-	0x03, 0x65, 0xb3, 0x7c, 0x26, 0xa5, 0x48, 0x69, 0xc5, 0x55, 0x72, 0xc7, 0x75, 0xfa, 0x4e, 0x6f,
-	0xf0, 0x09, 0x19, 0x8c, 0xc9, 0x2d, 0xaf, 0xf2, 0x22, 0x26, 0x47, 0x09, 0x2b, 0xd8, 0x01, 0x25,
-	0xdc, 0xef, 0x3b, 0x26, 0xe6, 0xb8, 0xd3, 0x27, 0x92, 0xb1, 0xa5, 0x83, 0xc6, 0x9b, 0xce, 0x18,
-	0x54, 0x84, 0xd8, 0x1c, 0xa9, 0x17, 0x81, 0x19, 0x9b, 0xa3, 0x61, 0xad, 0x74, 0x18, 0xe1, 0xa0,
-	0x38, 0x68, 0xfd, 0xf7, 0x1a, 0x28, 0xa9, 0x53, 0xcf, 0xa1, 0x85, 0x7d, 0x94, 0x6c, 0x61, 0xdf,
-	0x9e, 0x22, 0x5f, 0x13, 0x1a, 0x98, 0x19, 0x86, 0x2d, 0xbb, 0xd7, 0x05, 0x58, 0xe9, 0xca, 0xa4,
-	0xb1, 0xb2, 0x26, 0xa1, 0x1f, 0x4f, 0x01, 0xad, 0x3a, 0xe4, 0xa6, 0xda, 0x60, 0x25, 0x58, 0x33,
-	0x34, 0x86, 0xaa, 0xff, 0xa7, 0x00, 0xe0, 0x51, 0xbb, 0x99, 0xea, 0x0f, 0x73, 0xa0, 0x35, 0x05,
-	0xeb, 0x82, 0x39, 0x63, 0x6e, 0x28, 0x7a, 0x7f, 0x7f, 0xca, 0x4c, 0xe0, 0x0e, 0xe9, 0xb7, 0x49,
-	0x9f, 0x98, 0xdc, 0xf1, 0x02, 0x92, 0x9d, 0xc5, 0xc0, 0x50, 0x02, 0x1a, 0x1e, 0x83, 0xad, 0x71,
-	0xbb, 0xeb, 0x63, 0xc6, 0x04, 0xb9, 0xcb, 0x05, 0x49, 0xe6, 0xb2, 0x0a, 0x71, 0xab, 0x9d, 0xd2,
-	0xa3, 0x8c, 0x07, 0xfc, 0x0c, 0xac, 0x9a, 0xf1, 0xce, 0x7a, 0x0f, 0x6d, 0xf4, 0xf1, 0xc0, 0xa2,
-	0x7f, 0xea, 0x63, 0x9b, 0x53, 0x3e, 0x30, 0xd6, 0x05, 0x65, 0xc2, 0x16, 0x1c, 0xa2, 0x41, 0x06,
-	0xb6, 0x2d, 0x7c, 0x4b, 0x2d, 0xdf, 0x0a, 0xc8, 0xdd, 0xa6, 0x3f, 0x27, 0xb2, 0xff, 0xce, 0xbe,
-	0x85, 0x6c, 0x7d, 0xad, 0x34, 0x18, 0xca, 0xe2, 0xd7, 0xff, 0xaa, 0x81, 0xb7, 0xb2, 0x89, 0x9f,
-	0x43, 0x81, 0xb4, 0x93, 0x05, 0xa2, 0xdf, 0xc3, 0xe2, 0x54, 0x80, 0x13, 0x6a, 0xe5, 0x37, 0xcb,
-	0x60, 0x3d, 0x9e, 0xc3, 0x39, 0x10, 0xf8, 0x07, 0xa0, 0xe4, 0x7a, 0xce, 0x0d, 0x65, 0xd4, 0xb1,
-	0x89, 0xa7, 0xba, 0xe3, 0x43, 0xe5, 0x52, 0x3a, 0x8f, 0x54, 0x28, 0x6e, 0x07, 0xfb, 0x00, 0xb8,
-	0xd8, 0xc3, 0x16, 0xe1, 0xa2, 0x92, 0x0b, 0xf2, 0x0e, 0x9e, 0xbd, 0xe9, 0x0e, 0xe2, 0xc7, 0xd2,
-	0xcf, 0x43, 0xd7, 0x13, 0x9b, 0x7b, 0x83, 0x28, 0xc4, 0x48, 0x81, 0x62, 0xf8, 0xf0, 0x1a, 0x6c,
-	0x78, 0xc4, 0xec, 0x63, 0x6a, 0xa9, 0x67, 0xbd, 0x28, 0xc3, 0x3c, 0x11, 0xcf, 0x2b, 0x8a, 0x2b,
-	0xee, 0x86, 0xb5, 0xa7, 0xd9, 0x11, 0x5d, 0x3f, 0x27, 0x1e, 0xa3, 0x8c, 0x13, 0x9b, 0x07, 0xd4,
-	0x49, 0xf8, 0xa0, 0x24, 0xb6, 0x78, 0x02, 0x2c, 0xf1, 0x40, 0x3e, 0x77, 0x39, 0x75, 0x6c, 0x56,
-	0x5e, 0x8a, 0x9e, 0x80, 0x56, 0x4c, 0x8e, 0x12, 0x56, 0xf0, 0x14, 0xec, 0x88, 0x6e, 0xfd, 0xb3,
-	0x60, 0x83, 0x93, 0x5b, 0x17, 0xdb, 0xe2, 0xaa, 0xca, 0xcb, 0xf2, 0x2d, 0x2e, 0x8b, 0xe9, 0xe8,
-	0x30, 0x47, 0x8f, 0x72, 0xbd, 0xe0, 0x67, 0x60, 0x3b, 0x18, 0x8f, 0x0c, 0x6a, 0x77, 0xa9, 0xdd,
-	0x13, 0xc3, 0x91, 0x1c, 0x0b, 0xd6, 0x8c, 0x27, 0xa2, 0x36, 0x5e, 0xa4, 0x95, 0x77, 0x79, 0x42,
-	0x94, 0x05, 0x81, 0x5f, 0x82, 0x6d, 0xb9, 0x23, 0xe9, 0xaa, 0xc6, 0x42, 0x09, 0x2b, 0xaf, 0x66,
-	0x67, 0x1b, 0x71, 0x75, 0x82, 0x48, 0xe3, 0xf6, 0x33, 0x6e, 0x53, 0x17, 0xc4, 0xb3, 0x8c, 0xb7,
-	0x55, 0xbe, 0xb6, 0x0f, 0xd3, 0x50, 0x28, 0x8b, 0x5e, 0xf9, 0x10, 0x6c, 0xa6, 0x12, 0x0e, 0xb7,
-	0x40, 0xe1, 0x9a, 0x0c, 0x82, 0xf7, 0x1a, 0x89, 0x9f, 0x70, 0x07, 0x2c, 0xdd, 0xe0, 0xbe, 0x4f,
-	0x02, 0x06, 0xa2, 0x60, 0xf1, 0xc1, 0xe2, 0x33, 0xad, 0xfe, 0x67, 0x0d, 0x24, 0x1a, 0xdb, 0x1c,
-	0x8a, 0xbb, 0x95, 0x2c, 0xee, 0xbd, 0x69, 0x89, 0x3d, 0xa1, 0xac, 0x7f, 0xa9, 0x81, 0xf5, 0xf8,
-	0x14, 0x08, 0xdf, 0x05, 0xab, 0xd8, 0xef, 0x52, 0x62, 0x9b, 0xe3, 0x99, 0x25, 0x8c, 0xe6, 0x50,
-	0xc9, 0x51, 0x68, 0x21, 0x66, 0x44, 0x72, 0xeb, 0x52, 0x0f, 0x0b, 0xa6, 0xb5, 0x89, 0xe9, 0xd8,
-	0x5d, 0x26, 0xaf, 0xa9, 0x10, 0x34, 0xca, 0x93, 0xb4, 0x12, 0x65, 0xed, 0xeb, 0xbf, 0x5b, 0x04,
-	0x5b, 0x01, 0x41, 0x82, 0x4f, 0x04, 0x8b, 0xd8, 0x7c, 0x0e, 0xed, 0x05, 0x25, 0xc6, 0xbe, 0xa7,
-	0xf7, 0x8f, 0x44, 0x51, 0x74, 0x93, 0xe6, 0x3f, 0xf8, 0x39, 0x58, 0x66, 0x1c, 0x73, 0x9f, 0xc9,
-	0xe7, 0xaf, 0x74, 0x70, 0x30, 0x13, 0xaa, 0xf4, 0x8c, 0xe6, 0xbf, 0x60, 0x8d, 0x14, 0x62, 0xfd,
-	0x2f, 0x1a, 0xd8, 0x49, 0xbb, 0xcc, 0x81, 0x70, 0x9f, 0x26, 0x09, 0xf7, 0xee, 0x2c, 0x27, 0x9a,
-	0x40, 0xba, 0x7f, 0x68, 0xe0, 0xad, 0xcc, 0xe1, 0xe5, 0x3b, 0x2b, 0x7a, 0x95, 0x9b, 0xea, 0x88,
-	0x67, 0xd1, 0xf8, 0x2c, 0x7b, 0xd5, 0x79, 0x8e, 0x1e, 0xe5, 0x7a, 0xc1, 0x2f, 0xc0, 0x16, 0xb5,
-	0xfb, 0xd4, 0x26, 0xea, 0x59, 0x8e, 0xd2, 0x9d, 0xdb, 0x50, 0xd2, 0xc8, 0x32, 0xcd, 0x3b, 0x62,
-	0x7a, 0x69, 0xa6, 0x50, 0x50, 0x06, 0xb7, 0xfe, 0xb7, 0x9c, 0xf4, 0xc8, 0xb1, 0x52, 0x54, 0x94,
-	0x94, 0x10, 0x2f, 0x53, 0x51, 0x4a, 0x8e, 0x42, 0x0b, 0xc9, 0x20, 0x79, 0x15, 0x2a, 0xd0, 0xd9,
-	0x18, 0x24, 0x3d, 0x63, 0x0c, 0x92, 0x6b, 0xa4, 0x10, 0x45, 0x24, 0x62, 0x6c, 0x8b, 0x8d, 0x67,
-	0x61, 0x24, 0x67, 0x4a, 0x8e, 0x42, 0x8b, 0xfa, 0x7f, 0x0b, 0x39, 0x59, 0x92, 0x54, 0x8c, 0x1d,
-	0x69, 0xfc, 0x85, 0x9f, 0x3e, 0x52, 0x37, 0x3c, 0x52, 0x17, 0xfe, 0x56, 0x03, 0x10, 0x87, 0x10,
-	0xad, 0x31, 0x55, 0x03, 0x3e, 0x7d, 0x3c, 0x7b, 0x85, 0xe8, 0x87, 0x19, 0xb0, 0xe0, 0xad, 0xae,
-	0xa8, 0x20, 0x60, 0xd6, 0x00, 0xe5, 0x44, 0x00, 0x29, 0x28, 0x05, 0xd2, 0x13, 0xcf, 0x73, 0x3c,
-	0x55, 0xb2, 0xef, 0xdc, 0x1f, 0x90, 0x34, 0x37, 0xaa, 0xf2, 0x9b, 0x28, 0xf2, 0xbf, 0x1b, 0xd6,
-	0x4a, 0x31, 0x3d, 0x8a, 0x63, 0x8b, 0xad, 0xba, 0x24, 0xda, 0xaa, 0xf8, 0x7f, 0x6c, 0x75, 0x4c,
-	0x26, 0x6f, 0x15, 0xc3, 0xae, 0x9c, 0x80, 0x6f, 0x4d, 0xb8, 0xa0, 0x99, 0xde, 0xb6, 0xd7, 0x8b,
-	0xe0, 0x51, 0x78, 0xff, 0x1e, 0xed, 0xf8, 0x9c, 0xb0, 0x79, 0x4d, 0x7e, 0x07, 0x00, 0x04, 0x9f,
-	0x4f, 0x92, 0xaa, 0xc1, 0xe0, 0x17, 0x7a, 0x1c, 0x87, 0x1a, 0x14, 0xb3, 0x82, 0x7e, 0xce, 0xd8,
-	0x77, 0x38, 0x15, 0xb9, 0xe2, 0x87, 0x9b, 0x75, 0xfe, 0xfb, 0xa6, 0x13, 0xc4, 0xdf, 0x35, 0xf0,
-	0x76, 0x6e, 0x20, 0x73, 0xe8, 0xec, 0x2f, 0x92, 0x9d, 0x7d, 0x7f, 0xe6, 0xcb, 0x9a, 0xd0, 0xde,
-	0x7f, 0xa5, 0x81, 0x38, 0x3b, 0xe1, 0x29, 0x28, 0x72, 0xaa, 0x7a, 0x78, 0xe9, 0xe0, 0xc9, 0x74,
-	0x27, 0xb8, 0xa0, 0x16, 0x89, 0x9e, 0x58, 0xb1, 0x42, 0x12, 0x05, 0x3e, 0x06, 0x2b, 0x16, 0x61,
-	0x0c, 0xf7, 0xc6, 0xc4, 0x08, 0x3f, 0xbd, 0x5b, 0x81, 0x18, 0x8d, 0xf5, 0xf5, 0xf7, 0xc1, 0xc3,
-	0x9c, 0x3f, 0x33, 0x60, 0x0d, 0x2c, 0x99, 0xf2, 0xcf, 0x28, 0x11, 0xd0, 0x92, 0xb1, 0x26, 0x0e,
-	0x70, 0x24, 0xff, 0x85, 0x0a, 0xe4, 0xc6, 0x0f, 0x5f, 0xbe, 0xaa, 0x2e, 0x7c, 0xf5, 0xaa, 0xba,
-	0xf0, 0xf5, 0xab, 0xea, 0xc2, 0x2f, 0x46, 0x55, 0xed, 0xe5, 0xa8, 0xaa, 0x7d, 0x35, 0xaa, 0x6a,
-	0x5f, 0x8f, 0xaa, 0xda, 0xbf, 0x46, 0x55, 0xed, 0xd7, 0xaf, 0xab, 0x0b, 0x9f, 0x57, 0x26, 0xff,
-	0xcf, 0xff, 0xbf, 0x00, 0x00, 0x00, 0xff, 0xff, 0x3a, 0x30, 0xdb, 0x24, 0x04, 0x18, 0x00, 0x00,
+	// 1787 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xbc, 0x59, 0x4f, 0x6f, 0x24, 0x47,
+	0x15, 0x77, 0x7b, 0xfc, 0x6f, 0x6a, 0xec, 0xb5, 0x5d, 0xeb, 0x0d, 0x13, 0x1f, 0x66, 0xac, 0x46,
+	0x24, 0xde, 0x25, 0xf4, 0xec, 0x9a, 0x10, 0xad, 0x22, 0x45, 0xc2, 0x6d, 0x1b, 0xe2, 0xc4, 0xf6,
+	0x3a, 0x35, 0x66, 0x15, 0x45, 0x1c, 0xa8, 0xe9, 0xae, 0x1d, 0x57, 0x3c, 0xfd, 0x27, 0x5d, 0xd5,
+	0xc6, 0xc3, 0x09, 0xbe, 0x01, 0xe2, 0xc0, 0x27, 0xe0, 0x1b, 0x20, 0x90, 0xe0, 0xc2, 0x91, 0x95,
+	0x90, 0x20, 0x70, 0xca, 0x69, 0xc4, 0x4e, 0x3e, 0x02, 0x12, 0x07, 0x8b, 0x03, 0xaa, 0xea, 0x9a,
+	0xfe, 0x3f, 0xeb, 0x19, 0x90, 0xe6, 0xe6, 0x7a, 0x7f, 0x7e, 0xf5, 0xaa, 0xde, 0x7b, 0xbf, 0x7a,
+	0x3d, 0x06, 0x8f, 0xae, 0x9e, 0x32, 0x83, 0x7a, 0x2d, 0xec, 0xd3, 0x16, 0xe3, 0x5e, 0x80, 0xbb,
+	0xa4, 0x75, 0xfd, 0xa4, 0x43, 0x38, 0x7e, 0xd2, 0xea, 0x12, 0x97, 0x04, 0x98, 0x13, 0xdb, 0xf0,
+	0x03, 0x8f, 0x7b, 0x70, 0x3b, 0xb2, 0x35, 0xb0, 0x4f, 0x0d, 0x65, 0x6b, 0x28, 0xdb, 0xed, 0xef,
+	0x74, 0x29, 0xbf, 0x0c, 0x3b, 0x86, 0xe5, 0x39, 0xad, 0xae, 0xd7, 0xf5, 0x5a, 0xd2, 0xa5, 0x13,
+	0xbe, 0x90, 0x2b, 0xb9, 0x90, 0x7f, 0x45, 0x50, 0xdb, 0x7a, 0x6a, 0x5b, 0xcb, 0x0b, 0xc4, 0x9e,
+	0xf9, 0xed, 0xb6, 0xdf, 0x4d, 0x6c, 0x1c, 0x6c, 0x5d, 0x52, 0x97, 0x04, 0xfd, 0x96, 0x7f, 0xd5,
+	0x95, 0x4e, 0x01, 0x61, 0x5e, 0x18, 0x58, 0x64, 0x2a, 0x2f, 0xd6, 0x72, 0x08, 0xc7, 0x65, 0x7b,
+	0xb5, 0xc6, 0x79, 0x05, 0xa1, 0xcb, 0xa9, 0x53, 0xdc, 0xe6, 0xbd, 0xbb, 0x1c, 0x98, 0x75, 0x49,
+	0x1c, 0x9c, 0xf7, 0xd3, 0xff, 0xa8, 0x81, 0xea, 0x41, 0xfb, 0xf8, 0x30, 0xa0, 0xd7, 0x24, 0x80,
+	0x3f, 0x01, 0x2b, 0x22, 0x22, 0x1b, 0x73, 0x5c, 0xd7, 0x76, 0xb4, 0xdd, 0xda, 0xde, 0x63, 0x23,
+	0xb9, 0xe4, 0x18, 0xd8, 0xf0, 0xaf, 0xba, 0x42, 0xc0, 0x0c, 0x61, 0x6d, 0x5c, 0x3f, 0x31, 0x9e,
+	0x75, 0x3e, 0x27, 0x16, 0x3f, 0x25, 0x1c, 0x9b, 0xf0, 0xe5, 0xa0, 0x39, 0x37, 0x1c, 0x34, 0x41,
+	0x22, 0x43, 0x31, 0x2a, 0xfc, 0x18, 0x2c, 0x30, 0x9f, 0x58, 0xf5, 0x79, 0x89, 0xfe, 0xd0, 0x18,
+	0x9f, 0x42, 0x23, 0x0e, 0xab, 0xed, 0x13, 0xcb, 0x5c, 0x55, 0xb0, 0x0b, 0x62, 0x85, 0x24, 0x88,
+	0xfe, 0x07, 0x0d, 0xac, 0xc5, 0x56, 0x27, 0x94, 0x71, 0xf8, 0xe3, 0xc2, 0x01, 0x8c, 0xc9, 0x0e,
+	0x20, 0xbc, 0x65, 0xf8, 0x1b, 0x6a, 0x9f, 0x95, 0x91, 0x24, 0x15, 0xfc, 0x47, 0x60, 0x91, 0x72,
+	0xe2, 0xb0, 0xfa, 0xfc, 0x4e, 0x65, 0xb7, 0xb6, 0xf7, 0xad, 0x89, 0xa2, 0x37, 0xd7, 0x14, 0xe2,
+	0xe2, 0xb1, 0xf0, 0x45, 0x11, 0x84, 0xfe, 0xb7, 0xc5, 0x54, 0xec, 0xe2, 0x4c, 0xf0, 0x7d, 0x70,
+	0x0f, 0x73, 0x8e, 0xad, 0x4b, 0x44, 0xbe, 0x08, 0x69, 0x40, 0x6c, 0x79, 0x82, 0x15, 0x13, 0x0e,
+	0x07, 0xcd, 0x7b, 0xfb, 0x19, 0x0d, 0xca, 0x59, 0x0a, 0x5f, 0xdf, 0xb3, 0x8f, 0xdd, 0x17, 0xde,
+	0x33, 0xf7, 0xd4, 0x0b, 0x5d, 0x2e, 0x2f, 0x58, 0xf9, 0x9e, 0x67, 0x34, 0x28, 0x67, 0x09, 0x2d,
+	0xb0, 0x75, 0xed, 0xf5, 0x42, 0x87, 0x9c, 0xd0, 0x17, 0xc4, 0xea, 0x5b, 0x3d, 0x72, 0xea, 0xd9,
+	0x84, 0xd5, 0x2b, 0x3b, 0x95, 0xdd, 0xaa, 0xd9, 0x1a, 0x0e, 0x9a, 0x5b, 0xcf, 0x4b, 0xf4, 0xb7,
+	0x83, 0xe6, 0xfd, 0x12, 0x39, 0x2a, 0x05, 0x83, 0x1f, 0x80, 0x75, 0x75, 0x43, 0x07, 0xd8, 0xc7,
+	0x16, 0xe5, 0xfd, 0xfa, 0x82, 0x8c, 0xf0, 0xfe, 0x70, 0xd0, 0x5c, 0x6f, 0x67, 0x55, 0x28, 0x6f,
+	0x0b, 0x3f, 0x04, 0x6b, 0x2f, 0xd8, 0x0f, 0x03, 0x2f, 0xf4, 0xcf, 0xbd, 0x1e, 0xb5, 0xfa, 0xf5,
+	0xc5, 0x1d, 0x6d, 0xb7, 0x6a, 0xea, 0xc3, 0x41, 0x73, 0xed, 0x07, 0xed, 0x94, 0xe2, 0x36, 0x2f,
+	0x40, 0x59, 0x47, 0x48, 0xc0, 0x1a, 0xf7, 0xae, 0x88, 0x2b, 0xae, 0x8e, 0x30, 0xce, 0xea, 0x4b,
+	0x32, 0x97, 0xbb, 0xaf, 0xcb, 0xe5, 0x45, 0xca, 0xc1, 0x7c, 0xa0, 0xd2, 0xb9, 0x96, 0x96, 0x32,
+	0x94, 0x45, 0x85, 0x07, 0x60, 0x33, 0x88, 0x92, 0xc3, 0x10, 0xf1, 0xc3, 0x4e, 0x8f, 0xb2, 0xcb,
+	0xfa, 0xb2, 0x3c, 0xf1, 0x83, 0xe1, 0xa0, 0xb9, 0x89, 0xf2, 0x4a, 0x54, 0xb4, 0x87, 0xef, 0x82,
+	0x55, 0x46, 0x4e, 0xa8, 0x1b, 0xde, 0x44, 0x39, 0x5d, 0x91, 0xfe, 0x1b, 0xc3, 0x41, 0x73, 0xb5,
+	0x7d, 0x94, 0xc8, 0x51, 0xc6, 0x0a, 0x5e, 0x03, 0xdd, 0xf5, 0x6c, 0xb2, 0xdf, 0xeb, 0x79, 0x16,
+	0xe6, 0xb8, 0xd3, 0x23, 0x3f, 0xf2, 0x6d, 0xcc, 0xc9, 0x39, 0x09, 0xa8, 0x67, 0xb7, 0x89, 0xe5,
+	0xb9, 0x36, 0xab, 0x57, 0x77, 0xb4, 0xdd, 0x8a, 0xf9, 0xd6, 0x70, 0xd0, 0xd4, 0xcf, 0xee, 0xb4,
+	0x46, 0x13, 0x20, 0xea, 0xbf, 0xd7, 0xc0, 0xf2, 0x41, 0xfb, 0x58, 0xa0, 0xcd, 0x80, 0x48, 0x8e,
+	0x33, 0x44, 0xf2, 0xf6, 0x1d, 0xad, 0x28, 0x82, 0x1a, 0x4b, 0x23, 0xff, 0x8a, 0x68, 0x44, 0xd8,
+	0x28, 0x1e, 0xdc, 0x01, 0x0b, 0x2e, 0x76, 0x88, 0x0c, 0xbd, 0x9a, 0xf8, 0x9c, 0x61, 0x87, 0x20,
+	0xa9, 0x81, 0x6f, 0x81, 0x25, 0x71, 0x25, 0xc7, 0x87, 0x32, 0x80, 0xaa, 0x79, 0x4f, 0xd9, 0x2c,
+	0x9d, 0x49, 0x29, 0x52, 0x5a, 0x91, 0x42, 0xee, 0xf9, 0x5e, 0xcf, 0xeb, 0xf6, 0x3f, 0x26, 0xfd,
+	0x51, 0x53, 0xc9, 0x14, 0x5e, 0xa4, 0xe4, 0x28, 0x63, 0x05, 0x3b, 0xa0, 0x86, 0x93, 0xcb, 0x96,
+	0x9d, 0x52, 0xdb, 0x6b, 0xbd, 0xee, 0x8c, 0x51, 0x27, 0x8a, 0xcd, 0x91, 0x7a, 0x89, 0x98, 0xb9,
+	0x3e, 0x1c, 0x34, 0x6b, 0xa9, 0xa4, 0xa1, 0x34, 0xa8, 0xfe, 0x3b, 0x0d, 0xd4, 0xd4, 0xa9, 0x67,
+	0x40, 0x9d, 0x1f, 0x66, 0xa9, 0xf3, 0x9b, 0x13, 0xe4, 0x6b, 0x0c, 0x71, 0x5a, 0x71, 0xd8, 0x92,
+	0x35, 0x2f, 0xc0, 0xb2, 0x2d, 0x93, 0xc6, 0xea, 0x9a, 0x84, 0x7e, 0x38, 0x01, 0xb4, 0x62, 0xe6,
+	0x75, 0xb5, 0xc1, 0x72, 0xb4, 0x66, 0x68, 0x04, 0xa5, 0xff, 0xbb, 0x02, 0xe0, 0x41, 0xfb, 0x38,
+	0xc7, 0x4b, 0x33, 0x28, 0x6b, 0x0a, 0x56, 0x45, 0xe5, 0x8c, 0x6a, 0x43, 0x95, 0xf7, 0x77, 0x27,
+	0xcc, 0x04, 0xee, 0x90, 0x5e, 0x9b, 0xf4, 0x88, 0xc5, 0xbd, 0x20, 0x2a, 0xb2, 0xb3, 0x14, 0x18,
+	0xca, 0x40, 0xc3, 0x43, 0xb0, 0x31, 0xa2, 0xd9, 0x1e, 0x66, 0x4c, 0x14, 0x77, 0xbd, 0x22, 0x8b,
+	0xb9, 0xae, 0x42, 0xdc, 0x68, 0xe7, 0xf4, 0xa8, 0xe0, 0x01, 0x3f, 0x05, 0x2b, 0x56, 0x9a, 0xd1,
+	0xef, 0x28, 0x1b, 0x63, 0x34, 0x28, 0x19, 0x9f, 0x84, 0xd8, 0xe5, 0x94, 0xf7, 0xcd, 0x55, 0x51,
+	0x32, 0x31, 0xf5, 0xc7, 0x68, 0x90, 0x81, 0x4d, 0x07, 0xdf, 0x50, 0x27, 0x74, 0xa2, 0xe2, 0x6e,
+	0xd3, 0x9f, 0x11, 0xc9, 0xfb, 0xd3, 0x6f, 0x21, 0x29, 0xf7, 0x34, 0x0f, 0x86, 0x8a, 0xf8, 0xfa,
+	0x5f, 0x34, 0xf0, 0x46, 0x31, 0xf1, 0x33, 0x68, 0x90, 0x76, 0xb6, 0x41, 0x8c, 0x3b, 0xaa, 0x38,
+	0x17, 0xe0, 0x98, 0x5e, 0xf9, 0xd5, 0x12, 0x58, 0x4d, 0xe7, 0x70, 0x06, 0x05, 0xfc, 0x3d, 0x50,
+	0xf3, 0x03, 0xef, 0x9a, 0x32, 0xea, 0xb9, 0x24, 0x50, 0xec, 0x78, 0x5f, 0xb9, 0xd4, 0xce, 0x13,
+	0x15, 0x4a, 0xdb, 0xc1, 0x1e, 0x00, 0x3e, 0x0e, 0xb0, 0x43, 0xb8, 0xe8, 0xe4, 0x8a, 0xbc, 0x83,
+	0xa7, 0xaf, 0xbb, 0x83, 0xf4, 0xb1, 0x8c, 0xf3, 0xd8, 0xf5, 0xc8, 0xe5, 0x41, 0x3f, 0x09, 0x31,
+	0x51, 0xa0, 0x14, 0x3e, 0xbc, 0x02, 0x6b, 0x01, 0xb1, 0x7a, 0x98, 0x3a, 0x6a, 0x9c, 0x58, 0x90,
+	0x61, 0x1e, 0x89, 0x67, 0x1d, 0xa5, 0x15, 0xb7, 0x83, 0xe6, 0xe3, 0xe2, 0xa7, 0x81, 0x71, 0x4e,
+	0x02, 0x46, 0x19, 0x27, 0x2e, 0x8f, 0x4a, 0x27, 0xe3, 0x83, 0xb2, 0xd8, 0xe2, 0x09, 0x70, 0xc4,
+	0xc3, 0xfc, 0xcc, 0xe7, 0xd4, 0x73, 0x59, 0x7d, 0x31, 0x79, 0x02, 0x4e, 0x53, 0x72, 0x94, 0xb1,
+	0x82, 0x27, 0x60, 0x4b, 0xb0, 0xf5, 0x4f, 0xa3, 0x0d, 0x8e, 0x6e, 0x7c, 0xec, 0x8a, 0xab, 0xaa,
+	0x2f, 0xc9, 0x19, 0xa0, 0x2e, 0xa6, 0xb2, 0xfd, 0x12, 0x3d, 0x2a, 0xf5, 0x82, 0x9f, 0x82, 0xcd,
+	0x68, 0x2c, 0x33, 0xa9, 0x6b, 0x53, 0xb7, 0x2b, 0x86, 0x32, 0x39, 0x8e, 0x54, 0xcd, 0x47, 0xa2,
+	0x37, 0x9e, 0xe7, 0x95, 0xb7, 0x65, 0x42, 0x54, 0x04, 0x81, 0x5f, 0x80, 0x4d, 0xb9, 0x23, 0xb1,
+	0x15, 0xb1, 0x50, 0xc2, 0xea, 0x2b, 0xc5, 0x99, 0x4a, 0x5c, 0x9d, 0x28, 0xa4, 0x11, 0xfd, 0x8c,
+	0x68, 0xea, 0x82, 0x04, 0x8e, 0xf9, 0xa6, 0xca, 0xd7, 0xe6, 0x7e, 0x1e, 0x0a, 0x15, 0xd1, 0xb7,
+	0x3f, 0x00, 0xeb, 0xb9, 0x84, 0xc3, 0x0d, 0x50, 0xb9, 0x22, 0xfd, 0xe8, 0xbd, 0x46, 0xe2, 0x4f,
+	0xb8, 0x05, 0x16, 0xaf, 0x71, 0x2f, 0x24, 0x51, 0x05, 0xa2, 0x68, 0xf1, 0xfe, 0xfc, 0x53, 0x4d,
+	0xff, 0x93, 0x06, 0x32, 0xc4, 0x36, 0x83, 0xe6, 0x3e, 0xcd, 0x36, 0xf7, 0xee, 0xa4, 0x85, 0x3d,
+	0xa6, 0xad, 0x7f, 0xa1, 0x81, 0xd5, 0xf4, 0xf4, 0x09, 0xdf, 0x01, 0x2b, 0x38, 0xb4, 0x29, 0x71,
+	0xad, 0xd1, 0xcc, 0x12, 0x47, 0xb3, 0xaf, 0xe4, 0x28, 0xb6, 0x10, 0xb3, 0x29, 0xb9, 0xf1, 0x69,
+	0x80, 0x45, 0xa5, 0x8d, 0xe6, 0xc1, 0x79, 0x39, 0x0f, 0x4a, 0xa2, 0x3c, 0xca, 0x2b, 0x51, 0xd1,
+	0x5e, 0xff, 0xcd, 0x3c, 0xd8, 0x88, 0x0a, 0x24, 0xfa, 0x34, 0x71, 0x88, 0xcb, 0x67, 0x40, 0x2f,
+	0x28, 0x33, 0xf6, 0x3d, 0xbe, 0x7b, 0x24, 0x4a, 0xa2, 0x1b, 0x37, 0xff, 0xc1, 0xcf, 0xc0, 0x12,
+	0xe3, 0x98, 0x87, 0x4c, 0x3e, 0x7f, 0xb5, 0xbd, 0xbd, 0xa9, 0x50, 0xa5, 0x67, 0x32, 0xff, 0x45,
+	0x6b, 0xa4, 0x10, 0xf5, 0x3f, 0x6b, 0x60, 0x2b, 0xef, 0x32, 0x83, 0x82, 0xfb, 0x24, 0x5b, 0x70,
+	0xef, 0x4c, 0x73, 0xa2, 0x31, 0x45, 0xf7, 0x0f, 0x0d, 0xbc, 0x51, 0x38, 0xbc, 0x7c, 0x67, 0x05,
+	0x57, 0xf9, 0x39, 0x46, 0x3c, 0x4b, 0xc6, 0x67, 0xc9, 0x55, 0xe7, 0x25, 0x7a, 0x54, 0xea, 0x05,
+	0x3f, 0x07, 0x1b, 0xd4, 0xed, 0x51, 0x97, 0xa8, 0x67, 0x39, 0x49, 0x77, 0x29, 0xa1, 0xe4, 0x91,
+	0x65, 0x9a, 0xb7, 0xc4, 0xf4, 0x72, 0x9c, 0x43, 0x41, 0x05, 0x5c, 0xfd, 0xaf, 0x25, 0xe9, 0x91,
+	0x63, 0xa5, 0xe8, 0x28, 0x29, 0x21, 0x41, 0xa1, 0xa3, 0x94, 0x1c, 0xc5, 0x16, 0xb2, 0x82, 0xe4,
+	0x55, 0xa8, 0x40, 0xa7, 0xab, 0x20, 0xe9, 0x99, 0xaa, 0x20, 0xb9, 0x46, 0x0a, 0x51, 0x44, 0x22,
+	0xc6, 0xb6, 0xd4, 0x78, 0x16, 0x47, 0x72, 0xa6, 0xe4, 0x28, 0xb6, 0xd0, 0xff, 0x53, 0x29, 0xc9,
+	0x92, 0x2c, 0xc5, 0xd4, 0x91, 0x46, 0xbf, 0x2c, 0xe4, 0x8f, 0x64, 0xc7, 0x47, 0xb2, 0xe1, 0xaf,
+	0x35, 0x00, 0x71, 0x0c, 0x71, 0x3a, 0x2a, 0xd5, 0xa8, 0x9e, 0x3e, 0x9a, 0xbe, 0x43, 0x8c, 0xfd,
+	0x02, 0x58, 0xf4, 0x56, 0x6f, 0xab, 0x20, 0x60, 0xd1, 0x00, 0x95, 0x44, 0x00, 0x29, 0xa8, 0x45,
+	0xd2, 0xa3, 0x20, 0xf0, 0x02, 0xd5, 0xb2, 0x6f, 0xdf, 0x1d, 0x90, 0x34, 0x37, 0x1b, 0xf2, 0x9b,
+	0x28, 0xf1, 0xbf, 0x1d, 0x34, 0x6b, 0x29, 0x3d, 0x4a, 0x63, 0x8b, 0xad, 0x6c, 0x92, 0x6c, 0xb5,
+	0xf0, 0x3f, 0x6c, 0x75, 0x48, 0xc6, 0x6f, 0x95, 0xc2, 0xde, 0x3e, 0x02, 0xdf, 0x18, 0x73, 0x41,
+	0x53, 0xbd, 0x6d, 0x5f, 0xcf, 0x83, 0x07, 0xf1, 0xfd, 0x07, 0xb4, 0x13, 0x72, 0xc2, 0x66, 0x35,
+	0xf9, 0xed, 0x01, 0x10, 0x7d, 0x3e, 0xc9, 0x52, 0x8d, 0x06, 0xbf, 0xd8, 0xe3, 0x30, 0xd6, 0xa0,
+	0x94, 0x15, 0x0c, 0x4b, 0xc6, 0xbe, 0xfd, 0x89, 0x8a, 0x2b, 0x7d, 0xb8, 0x69, 0xe7, 0xbf, 0xff,
+	0x77, 0x82, 0xf8, 0xbb, 0x06, 0xde, 0x2c, 0x0d, 0x64, 0x06, 0xcc, 0xfe, 0x3c, 0xcb, 0xec, 0x4f,
+	0xa6, 0xbe, 0xac, 0x31, 0xf4, 0xfe, 0x5b, 0x0d, 0xa4, 0xab, 0x13, 0x9e, 0x80, 0x05, 0x4e, 0x15,
+	0x87, 0xd7, 0xf6, 0x1e, 0x4d, 0x76, 0x82, 0x0b, 0xea, 0x90, 0xe4, 0x89, 0x15, 0x2b, 0x24, 0x51,
+	0xe0, 0x43, 0xb0, 0xec, 0x10, 0xc6, 0x70, 0x77, 0x54, 0x18, 0xf1, 0xa7, 0xf7, 0x69, 0x24, 0x46,
+	0x23, 0x3d, 0xfc, 0x36, 0xa8, 0x12, 0x11, 0xc1, 0x81, 0x18, 0x51, 0x45, 0x77, 0x2f, 0x9a, 0x6b,
+	0xc3, 0x41, 0xb3, 0x7a, 0x34, 0x12, 0xa2, 0x44, 0xaf, 0xbf, 0x07, 0xee, 0x97, 0xfc, 0xf2, 0x01,
+	0x9b, 0x60, 0xd1, 0x92, 0xbf, 0x98, 0x69, 0xd2, 0xbf, 0x2a, 0x4e, 0x7b, 0x20, 0x7f, 0x2a, 0x8b,
+	0xe4, 0xe6, 0xf7, 0x5f, 0xbe, 0x6a, 0xcc, 0x7d, 0xf9, 0xaa, 0x31, 0xf7, 0xd5, 0xab, 0xc6, 0xdc,
+	0xcf, 0x87, 0x0d, 0xed, 0xe5, 0xb0, 0xa1, 0x7d, 0x39, 0x6c, 0x68, 0x5f, 0x0d, 0x1b, 0xda, 0x3f,
+	0x87, 0x0d, 0xed, 0x97, 0x5f, 0x37, 0xe6, 0x3e, 0xdb, 0x1e, 0xff, 0xcf, 0x88, 0xff, 0x06, 0x00,
+	0x00, 0xff, 0xff, 0x4a, 0x00, 0x2b, 0x10, 0xa9, 0x18, 0x00, 0x00,
 }
 
 func (m *CSIDriver) Marshal() (dAtA []byte, err error) {
@@ -889,6 +893,11 @@ func (m *CSIDriverSpec) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.NodeAllocatableUpdatePeriodSeconds != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.NodeAllocatableUpdatePeriodSeconds))
+		i--
+		dAtA[i] = 0x48
+	}
 	if m.SELinuxMount != nil {
 		i--
 		if *m.SELinuxMount {
@@ -1856,6 +1865,11 @@ func (m *VolumeError) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 	_ = i
 	var l int
 	_ = l
+	if m.ErrorCode != nil {
+		i = encodeVarintGenerated(dAtA, i, uint64(*m.ErrorCode))
+		i--
+		dAtA[i] = 0x18
+	}
 	i -= len(m.Message)
 	copy(dAtA[i:], m.Message)
 	i = encodeVarintGenerated(dAtA, i, uint64(len(m.Message)))
@@ -1980,6 +1994,9 @@ func (m *CSIDriverSpec) Size() (n int) {
 	if m.SELinuxMount != nil {
 		n += 2
 	}
+	if m.NodeAllocatableUpdatePeriodSeconds != nil {
+		n += 1 + sovGenerated(uint64(*m.NodeAllocatableUpdatePeriodSeconds))
+	}
 	return n
 }
 
@@ -2306,6 +2323,9 @@ func (m *VolumeError) Size() (n int) {
 	n += 1 + l + sovGenerated(uint64(l))
 	l = len(m.Message)
 	n += 1 + l + sovGenerated(uint64(l))
+	if m.ErrorCode != nil {
+		n += 1 + sovGenerated(uint64(*m.ErrorCode))
+	}
 	return n
 }
 
@@ -2372,6 +2392,7 @@ func (this *CSIDriverSpec) String() string {
 		`TokenRequests:` + repeatedStringForTokenRequests + `,`,
 		`RequiresRepublish:` + valueToStringGenerated(this.RequiresRepublish) + `,`,
 		`SELinuxMount:` + valueToStringGenerated(this.SELinuxMount) + `,`,
+		`NodeAllocatableUpdatePeriodSeconds:` + valueToStringGenerated(this.NodeAllocatableUpdatePeriodSeconds) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -2639,6 +2660,7 @@ func (this *VolumeError) String() string {
 	s := strings.Join([]string{`&VolumeError{`,
 		`Time:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.Time), "Time", "v1.Time", 1), `&`, ``, 1) + `,`,
 		`Message:` + fmt.Sprintf("%v", this.Message) + `,`,
+		`ErrorCode:` + valueToStringGenerated(this.ErrorCode) + `,`,
 		`}`,
 	}, "")
 	return s
@@ -3127,6 +3149,26 @@ func (m *CSIDriverSpec) Unmarshal(dAtA []byte) error {
 			}
 			b := bool(v != 0)
 			m.SELinuxMount = &b
+		case 9:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field NodeAllocatableUpdatePeriodSeconds", wireType)
+			}
+			var v int64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.NodeAllocatableUpdatePeriodSeconds = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
@@ -5855,6 +5897,26 @@ func (m *VolumeError) Unmarshal(dAtA []byte) error {
 			}
 			m.Message = string(dAtA[iNdEx:postIndex])
 			iNdEx = postIndex
+		case 3:
+			if wireType != 0 {
+				return fmt.Errorf("proto: wrong wireType = %d for field ErrorCode", wireType)
+			}
+			var v int32
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowGenerated
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				v |= int32(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			m.ErrorCode = &v
 		default:
 			iNdEx = preIndex
 			skippy, err := skipGenerated(dAtA[iNdEx:])
diff --git a/vendor/k8s.io/api/storage/v1beta1/generated.proto b/vendor/k8s.io/api/storage/v1beta1/generated.proto
index 64dcc8262e..38e600570e 100644
--- a/vendor/k8s.io/api/storage/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/storage/v1beta1/generated.proto
@@ -214,6 +214,20 @@ message CSIDriverSpec {
   // +featureGate=SELinuxMountReadWriteOncePod
   // +optional
   optional bool seLinuxMount = 8;
+
+  // nodeAllocatableUpdatePeriodSeconds specifies the interval between periodic updates of
+  // the CSINode allocatable capacity for this driver. When set, both periodic updates and
+  // updates triggered by capacity-related failures are enabled. If not set, no updates
+  // occur (neither periodic nor upon detecting capacity-related failures), and the
+  // allocatable.count remains static. The minimum allowed value for this field is 10 seconds.
+  //
+  // This is an alpha feature and requires the MutableCSINodeAllocatableCount feature gate to be enabled.
+  //
+  // This field is mutable.
+  //
+  // +featureGate=MutableCSINodeAllocatableCount
+  // +optional
+  optional int64 nodeAllocatableUpdatePeriodSeconds = 9;
 }
 
 // DEPRECATED - This group version of CSINode is deprecated by storage/v1/CSINode.
@@ -603,6 +617,14 @@ message VolumeError {
   // information.
   // +optional
   optional string message = 2;
+
+  // errorCode is a numeric gRPC code representing the error encountered during Attach or Detach operations.
+  //
+  // This is an optional, alpha field that requires the MutableCSINodeAllocatableCount feature gate being enabled to be set.
+  //
+  // +featureGate=MutableCSINodeAllocatableCount
+  // +optional
+  optional int32 errorCode = 3;
 }
 
 // VolumeNodeResources is a set of resource limits for scheduling of volumes.
diff --git a/vendor/k8s.io/api/storage/v1beta1/types.go b/vendor/k8s.io/api/storage/v1beta1/types.go
index d9b6b76853..2b7f6b78a5 100644
--- a/vendor/k8s.io/api/storage/v1beta1/types.go
+++ b/vendor/k8s.io/api/storage/v1beta1/types.go
@@ -233,6 +233,14 @@ type VolumeError struct {
 	// information.
 	// +optional
 	Message string `json:"message,omitempty" protobuf:"bytes,2,opt,name=message"`
+
+	// errorCode is a numeric gRPC code representing the error encountered during Attach or Detach operations.
+	//
+	// This is an optional, alpha field that requires the MutableCSINodeAllocatableCount feature gate being enabled to be set.
+	//
+	// +featureGate=MutableCSINodeAllocatableCount
+	// +optional
+	ErrorCode *int32 `json:"errorCode,omitempty" protobuf:"varint,3,opt,name=errorCode"`
 }
 
 // +genclient
@@ -435,6 +443,20 @@ type CSIDriverSpec struct {
 	// +featureGate=SELinuxMountReadWriteOncePod
 	// +optional
 	SELinuxMount *bool `json:"seLinuxMount,omitempty" protobuf:"varint,8,opt,name=seLinuxMount"`
+
+	// nodeAllocatableUpdatePeriodSeconds specifies the interval between periodic updates of
+	// the CSINode allocatable capacity for this driver. When set, both periodic updates and
+	// updates triggered by capacity-related failures are enabled. If not set, no updates
+	// occur (neither periodic nor upon detecting capacity-related failures), and the
+	// allocatable.count remains static. The minimum allowed value for this field is 10 seconds.
+	//
+	// This is an alpha feature and requires the MutableCSINodeAllocatableCount feature gate to be enabled.
+	//
+	// This field is mutable.
+	//
+	// +featureGate=MutableCSINodeAllocatableCount
+	// +optional
+	NodeAllocatableUpdatePeriodSeconds *int64 `json:"nodeAllocatableUpdatePeriodSeconds,omitempty" protobuf:"varint,9,opt,name=nodeAllocatableUpdatePeriodSeconds"`
 }
 
 // FSGroupPolicy specifies if a CSI Driver supports modifying
diff --git a/vendor/k8s.io/api/storage/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/storage/v1beta1/types_swagger_doc_generated.go
index 58da44fc84..8f685f196d 100644
--- a/vendor/k8s.io/api/storage/v1beta1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/storage/v1beta1/types_swagger_doc_generated.go
@@ -48,15 +48,16 @@ func (CSIDriverList) SwaggerDoc() map[string]string {
 }
 
 var map_CSIDriverSpec = map[string]string{
-	"":                     "CSIDriverSpec is the specification of a CSIDriver.",
-	"attachRequired":       "attachRequired indicates this CSI volume driver requires an attach operation (because it implements the CSI ControllerPublishVolume() method), and that the Kubernetes attach detach controller should call the attach volume interface which checks the volumeattachment status and waits until the volume is attached before proceeding to mounting. The CSI external-attacher coordinates with CSI volume driver and updates the volumeattachment status when the attach operation is complete. If the CSIDriverRegistry feature gate is enabled and the value is specified to false, the attach operation will be skipped. Otherwise the attach operation will be called.\n\nThis field is immutable.",
-	"podInfoOnMount":       "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field is immutable.",
-	"volumeLifecycleModes": "volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is \"Persistent\", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism.\n\nThe other mode is \"Ephemeral\". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume.\n\nFor more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future.\n\nThis field is immutable.",
-	"storageCapacity":      "storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information, if set to true.\n\nThe check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.\n\nAlternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.\n\nThis field was immutable in Kubernetes <= 1.22 and now is mutable.",
-	"fsGroupPolicy":        "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field is immutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
-	"tokenRequests":        "tokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: \"csi.storage.k8s.io/serviceAccount.tokens\": {\n  \"<audience>\": {\n    \"token\": <token>,\n    \"expirationTimestamp\": <expiration timestamp in RFC3339>,\n  },\n  ...\n}\n\nNote: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.",
-	"requiresRepublish":    "requiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false.\n\nNote: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.",
-	"seLinuxMount":         "seLinuxMount specifies if the CSI driver supports \"-o context\" mount option.\n\nWhen \"true\", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different `-o context` options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with \"-o context=xyz\" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context.\n\nWhen \"false\", Kubernetes won't pass any special SELinux mount options to the driver. This is typical for volumes that represent subdirectories of a bigger shared filesystem.\n\nDefault is \"false\".",
+	"":                                   "CSIDriverSpec is the specification of a CSIDriver.",
+	"attachRequired":                     "attachRequired indicates this CSI volume driver requires an attach operation (because it implements the CSI ControllerPublishVolume() method), and that the Kubernetes attach detach controller should call the attach volume interface which checks the volumeattachment status and waits until the volume is attached before proceeding to mounting. The CSI external-attacher coordinates with CSI volume driver and updates the volumeattachment status when the attach operation is complete. If the CSIDriverRegistry feature gate is enabled and the value is specified to false, the attach operation will be skipped. Otherwise the attach operation will be called.\n\nThis field is immutable.",
+	"podInfoOnMount":                     "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field is immutable.",
+	"volumeLifecycleModes":               "volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is \"Persistent\", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism.\n\nThe other mode is \"Ephemeral\". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume.\n\nFor more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future.\n\nThis field is immutable.",
+	"storageCapacity":                    "storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information, if set to true.\n\nThe check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.\n\nAlternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.\n\nThis field was immutable in Kubernetes <= 1.22 and now is mutable.",
+	"fsGroupPolicy":                      "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field is immutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
+	"tokenRequests":                      "tokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: \"csi.storage.k8s.io/serviceAccount.tokens\": {\n  \"<audience>\": {\n    \"token\": <token>,\n    \"expirationTimestamp\": <expiration timestamp in RFC3339>,\n  },\n  ...\n}\n\nNote: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.",
+	"requiresRepublish":                  "requiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false.\n\nNote: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.",
+	"seLinuxMount":                       "seLinuxMount specifies if the CSI driver supports \"-o context\" mount option.\n\nWhen \"true\", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different `-o context` options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with \"-o context=xyz\" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context.\n\nWhen \"false\", Kubernetes won't pass any special SELinux mount options to the driver. This is typical for volumes that represent subdirectories of a bigger shared filesystem.\n\nDefault is \"false\".",
+	"nodeAllocatableUpdatePeriodSeconds": "nodeAllocatableUpdatePeriodSeconds specifies the interval between periodic updates of the CSINode allocatable capacity for this driver. When set, both periodic updates and updates triggered by capacity-related failures are enabled. If not set, no updates occur (neither periodic nor upon detecting capacity-related failures), and the allocatable.count remains static. The minimum allowed value for this field is 10 seconds.\n\nThis is an alpha feature and requires the MutableCSINodeAllocatableCount feature gate to be enabled.\n\nThis field is mutable.",
 }
 
 func (CSIDriverSpec) SwaggerDoc() map[string]string {
@@ -238,9 +239,10 @@ func (VolumeAttributesClassList) SwaggerDoc() map[string]string {
 }
 
 var map_VolumeError = map[string]string{
-	"":        "VolumeError captures an error encountered during a volume operation.",
-	"time":    "time represents the time the error was encountered.",
-	"message": "message represents the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.",
+	"":          "VolumeError captures an error encountered during a volume operation.",
+	"time":      "time represents the time the error was encountered.",
+	"message":   "message represents the error encountered during Attach or Detach operation. This string may be logged, so it should not contain sensitive information.",
+	"errorCode": "errorCode is a numeric gRPC code representing the error encountered during Attach or Detach operations.\n\nThis is an optional, alpha field that requires the MutableCSINodeAllocatableCount feature gate being enabled to be set.",
 }
 
 func (VolumeError) SwaggerDoc() map[string]string {
diff --git a/vendor/k8s.io/api/storage/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/storage/v1beta1/zz_generated.deepcopy.go
index d87aa6b90b..a5ef9b5c2f 100644
--- a/vendor/k8s.io/api/storage/v1beta1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/api/storage/v1beta1/zz_generated.deepcopy.go
@@ -132,6 +132,11 @@ func (in *CSIDriverSpec) DeepCopyInto(out *CSIDriverSpec) {
 		*out = new(bool)
 		**out = **in
 	}
+	if in.NodeAllocatableUpdatePeriodSeconds != nil {
+		in, out := &in.NodeAllocatableUpdatePeriodSeconds, &out.NodeAllocatableUpdatePeriodSeconds
+		*out = new(int64)
+		**out = **in
+	}
 	return
 }
 
@@ -649,6 +654,11 @@ func (in *VolumeAttributesClassList) DeepCopyObject() runtime.Object {
 func (in *VolumeError) DeepCopyInto(out *VolumeError) {
 	*out = *in
 	in.Time.DeepCopyInto(&out.Time)
+	if in.ErrorCode != nil {
+		in, out := &in.ErrorCode, &out.ErrorCode
+		*out = new(int32)
+		**out = **in
+	}
 	return
 }
 
diff --git a/vendor/k8s.io/api/storagemigration/v1alpha1/doc.go b/vendor/k8s.io/api/storagemigration/v1alpha1/doc.go
index 192f9ff3c3..df8f3a65d4 100644
--- a/vendor/k8s.io/api/storagemigration/v1alpha1/doc.go
+++ b/vendor/k8s.io/api/storagemigration/v1alpha1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 // +k8s:prerelease-lifecycle-gen=true
 // +groupName=storagemigration.k8s.io
 
-package v1alpha1 // import "k8s.io/api/storagemigration/v1alpha1"
+package v1alpha1
diff --git a/vendor/k8s.io/apimachinery/pkg/api/errors/doc.go b/vendor/k8s.io/apimachinery/pkg/api/errors/doc.go
index 167baf680d..58751ed0ec 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/errors/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/errors/doc.go
@@ -15,4 +15,4 @@ limitations under the License.
 */
 
 // Package errors provides detailed error types for api field validation.
-package errors // import "k8s.io/apimachinery/pkg/api/errors"
+package errors
diff --git a/vendor/k8s.io/apimachinery/pkg/api/meta/doc.go b/vendor/k8s.io/apimachinery/pkg/api/meta/doc.go
index b6d42acf8f..a3b18a5c9a 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/meta/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/meta/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // Package meta provides functions for retrieving API metadata from objects
 // belonging to the Kubernetes API
-package meta // import "k8s.io/apimachinery/pkg/api/meta"
+package meta
diff --git a/vendor/k8s.io/apimachinery/pkg/api/meta/help.go b/vendor/k8s.io/apimachinery/pkg/api/meta/help.go
index 1fdd32c4ba..468afd0e9e 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/meta/help.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/meta/help.go
@@ -221,6 +221,9 @@ func extractList(obj runtime.Object, allocNew bool) ([]runtime.Object, error) {
 	if err != nil {
 		return nil, err
 	}
+	if items.IsNil() {
+		return nil, nil
+	}
 	list := make([]runtime.Object, items.Len())
 	if len(list) == 0 {
 		return list, nil
diff --git a/vendor/k8s.io/apimachinery/pkg/api/operation/operation.go b/vendor/k8s.io/apimachinery/pkg/api/operation/operation.go
new file mode 100644
index 0000000000..9f5ae7a9d4
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/api/operation/operation.go
@@ -0,0 +1,56 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package operation
+
+import "k8s.io/apimachinery/pkg/util/sets"
+
+// Operation provides contextual information about a validation request and the API
+// operation being validated.
+// This type is intended for use with generate validation code and may be enhanced
+// in the future to include other information needed to validate requests.
+type Operation struct {
+	// Type is the category of operation being validated.  This does not
+	// differentiate between HTTP verbs like PUT and PATCH, but rather merges
+	// those into a single "Update" category.
+	Type Type
+
+	// Options declare the options enabled for validation.
+	//
+	// Options should be set according to a resource validation strategy before validation
+	// is performed, and must be treated as read-only during validation.
+	//
+	// Options are identified by string names. Option string names may match the name of a feature
+	// gate, in which case the presence of the name in the set indicates that the feature is
+	// considered enabled for the resource being validated.  Note that a resource may have a
+	// feature enabled even when the feature gate is disabled. This can happen when feature is
+	// already in-use by a resource, often because the feature gate was enabled when the
+	// resource first began using the feature.
+	//
+	// Unset options are disabled/false.
+	Options sets.Set[string]
+}
+
+// Code is the request operation to be validated.
+type Type uint32
+
+const (
+	// Create indicates the request being validated is for a resource create operation.
+	Create Type = iota
+
+	// Update indicates the request being validated is for a resource update operation.
+	Update
+)
diff --git a/vendor/k8s.io/apimachinery/pkg/api/validation/doc.go b/vendor/k8s.io/apimachinery/pkg/api/validation/doc.go
index 9f20152e45..9e305b0b18 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/validation/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/validation/doc.go
@@ -15,4 +15,4 @@ limitations under the License.
 */
 
 // Package validation contains generic api type validation functions.
-package validation // import "k8s.io/apimachinery/pkg/api/validation"
+package validation
diff --git a/vendor/k8s.io/apimachinery/pkg/api/validation/generic.go b/vendor/k8s.io/apimachinery/pkg/api/validation/generic.go
index e0b5b14900..f9cada1f0f 100644
--- a/vendor/k8s.io/apimachinery/pkg/api/validation/generic.go
+++ b/vendor/k8s.io/apimachinery/pkg/api/validation/generic.go
@@ -82,7 +82,7 @@ func maskTrailingDash(name string) string {
 func ValidateNonnegativeField(value int64, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
 	if value < 0 {
-		allErrs = append(allErrs, field.Invalid(fldPath, value, IsNegativeErrorMsg))
+		allErrs = append(allErrs, field.Invalid(fldPath, value, IsNegativeErrorMsg).WithOrigin("minimum"))
 	}
 	return allErrs
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go
index 2741ee2c80..1e85c5c43d 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go
@@ -17,4 +17,4 @@ limitations under the License.
 // +k8s:deepcopy-gen=package
 // +k8s:conversion-gen=k8s.io/apimachinery/pkg/apis/meta/v1
 
-package internalversion // import "k8s.io/apimachinery/pkg/apis/meta/internalversion"
+package internalversion
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/types.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/types.go
index 00d2b8c689..8c60e7d2a8 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/types.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/types.go
@@ -41,8 +41,6 @@ type ListOptions struct {
 	// assume bookmarks are returned at any specific interval, nor may they
 	// assume the server will send any BOOKMARK event during a session.
 	// If this is not a watch, this field is ignored.
-	// If the feature gate WatchBookmarks is not enabled in apiserver,
-	// this field is ignored.
 	AllowWatchBookmarks bool
 	// resourceVersion sets a constraint on what resource versions a request may be served from.
 	// See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/doc.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/doc.go
index 7736753d66..617b9a5d30 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=meta.k8s.io
 
-package v1 // import "k8s.io/apimachinery/pkg/apis/meta/v1"
+package v1
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time_fuzz.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time_fuzz.go
index 3cf9d48e96..a5f437b4b3 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time_fuzz.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time_fuzz.go
@@ -20,21 +20,22 @@ limitations under the License.
 package v1
 
 import (
+	"math/rand"
 	"time"
 
-	fuzz "github.com/google/gofuzz"
+	"sigs.k8s.io/randfill"
 )
 
-// Fuzz satisfies fuzz.Interface.
-func (t *MicroTime) Fuzz(c fuzz.Continue) {
+// Fuzz satisfies randfill.SimpleSelfFiller.
+func (t *MicroTime) RandFill(r *rand.Rand) {
 	if t == nil {
 		return
 	}
 	// Allow for about 1000 years of randomness. Accurate to a tenth of
 	// micro second. Leave off nanoseconds because JSON doesn't
 	// represent them so they can't round-trip properly.
-	t.Time = time.Unix(c.Rand.Int63n(1000*365*24*60*60), 1000*c.Rand.Int63n(1000000))
+	t.Time = time.Unix(r.Int63n(1000*365*24*60*60), 1000*r.Int63n(1000000))
 }
 
-// ensure MicroTime implements fuzz.Interface
-var _ fuzz.Interface = &MicroTime{}
+// ensure MicroTime implements randfill.Interface
+var _ randfill.SimpleSelfFiller = &MicroTime{}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/time_fuzz.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/time_fuzz.go
index bf9e21b5bd..48fb978450 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/time_fuzz.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/time_fuzz.go
@@ -20,21 +20,22 @@ limitations under the License.
 package v1
 
 import (
+	"math/rand"
 	"time"
 
-	fuzz "github.com/google/gofuzz"
+	"sigs.k8s.io/randfill"
 )
 
-// Fuzz satisfies fuzz.Interface.
-func (t *Time) Fuzz(c fuzz.Continue) {
+// Fuzz satisfies randfill.SimpleSelfFiller.
+func (t *Time) RandFill(r *rand.Rand) {
 	if t == nil {
 		return
 	}
 	// Allow for about 1000 years of randomness.  Leave off nanoseconds
 	// because JSON doesn't represent them so they can't round-trip
 	// properly.
-	t.Time = time.Unix(c.Rand.Int63n(1000*365*24*60*60), 0)
+	t.Time = time.Unix(r.Int63n(1000*365*24*60*60), 0)
 }
 
-// ensure Time implements fuzz.Interface
-var _ fuzz.Interface = &Time{}
+// ensure Time implements randfill.SimpleSelfFiller
+var _ randfill.SimpleSelfFiller = &Time{}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/helpers.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/helpers.go
index 71f7b163a1..59f43b7bff 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/helpers.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/helpers.go
@@ -188,7 +188,7 @@ func NestedSlice(obj map[string]interface{}, fields ...string) ([]interface{}, b
 // NestedStringMap returns a copy of map[string]string value of a nested field.
 // Returns false if value is not found and an error if not a map[string]interface{} or contains non-string values in the map.
 func NestedStringMap(obj map[string]interface{}, fields ...string) (map[string]string, bool, error) {
-	m, found, err := nestedMapNoCopy(obj, fields...)
+	m, found, err := nestedMapNoCopy(obj, false, fields...)
 	if !found || err != nil {
 		return nil, found, err
 	}
@@ -203,10 +203,32 @@ func NestedStringMap(obj map[string]interface{}, fields ...string) (map[string]s
 	return strMap, true, nil
 }
 
+// NestedNullCoercingStringMap returns a copy of map[string]string value of a nested field.
+// Returns `nil, true, nil` if the value exists and is explicitly null.
+// Returns `nil, false, err` if the value is not a map or a null value, or is a map and contains non-string non-null values.
+// Null values in the map are coerced to "" to match json decoding behavior.
+func NestedNullCoercingStringMap(obj map[string]interface{}, fields ...string) (map[string]string, bool, error) {
+	m, found, err := nestedMapNoCopy(obj, true, fields...)
+	if !found || err != nil || m == nil {
+		return nil, found, err
+	}
+	strMap := make(map[string]string, len(m))
+	for k, v := range m {
+		if str, ok := v.(string); ok {
+			strMap[k] = str
+		} else if v == nil {
+			strMap[k] = ""
+		} else {
+			return nil, false, fmt.Errorf("%v accessor error: contains non-string value in the map under key %q: %v is of the type %T, expected string", jsonPath(fields), k, v, v)
+		}
+	}
+	return strMap, true, nil
+}
+
 // NestedMap returns a deep copy of map[string]interface{} value of a nested field.
 // Returns false if value is not found and an error if not a map[string]interface{}.
 func NestedMap(obj map[string]interface{}, fields ...string) (map[string]interface{}, bool, error) {
-	m, found, err := nestedMapNoCopy(obj, fields...)
+	m, found, err := nestedMapNoCopy(obj, false, fields...)
 	if !found || err != nil {
 		return nil, found, err
 	}
@@ -215,11 +237,14 @@ func NestedMap(obj map[string]interface{}, fields ...string) (map[string]interfa
 
 // nestedMapNoCopy returns a map[string]interface{} value of a nested field.
 // Returns false if value is not found and an error if not a map[string]interface{}.
-func nestedMapNoCopy(obj map[string]interface{}, fields ...string) (map[string]interface{}, bool, error) {
+func nestedMapNoCopy(obj map[string]interface{}, tolerateNil bool, fields ...string) (map[string]interface{}, bool, error) {
 	val, found, err := NestedFieldNoCopy(obj, fields...)
 	if !found || err != nil {
 		return nil, found, err
 	}
+	if val == nil && tolerateNil {
+		return nil, true, nil
+	}
 	m, ok := val.(map[string]interface{})
 	if !ok {
 		return nil, false, fmt.Errorf("%v accessor error: %v is of the type %T, expected map[string]interface{}", jsonPath(fields), val, val)
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/unstructured.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/unstructured.go
index 5e36a91ee4..fdb0c86297 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/unstructured.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/unstructured/unstructured.go
@@ -397,7 +397,7 @@ func (u *Unstructured) SetDeletionGracePeriodSeconds(deletionGracePeriodSeconds
 }
 
 func (u *Unstructured) GetLabels() map[string]string {
-	m, _, _ := NestedStringMap(u.Object, "metadata", "labels")
+	m, _, _ := NestedNullCoercingStringMap(u.Object, "metadata", "labels")
 	return m
 }
 
@@ -410,7 +410,7 @@ func (u *Unstructured) SetLabels(labels map[string]string) {
 }
 
 func (u *Unstructured) GetAnnotations() map[string]string {
-	m, _, _ := NestedStringMap(u.Object, "metadata", "annotations")
+	m, _, _ := NestedNullCoercingStringMap(u.Object, "metadata", "annotations")
 	return m
 }
 
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/validation/validation.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/validation/validation.go
index b1eb1bbfc4..95240b74d2 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/validation/validation.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/validation/validation.go
@@ -104,7 +104,7 @@ func ValidateLabelSelectorRequirement(sr metav1.LabelSelectorRequirement, opts L
 func ValidateLabelName(labelName string, fldPath *field.Path) field.ErrorList {
 	allErrs := field.ErrorList{}
 	for _, msg := range validation.IsQualifiedName(labelName) {
-		allErrs = append(allErrs, field.Invalid(fldPath, labelName, msg))
+		allErrs = append(allErrs, field.Invalid(fldPath, labelName, msg).WithOrigin("labelKey"))
 	}
 	return allErrs
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go
index 20c9d2ec73..46b0e133c3 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
 
 // +groupName=meta.k8s.io
 
-package v1beta1 // import "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/apimachinery/pkg/conversion/doc.go b/vendor/k8s.io/apimachinery/pkg/conversion/doc.go
index 7415d81646..0c46ef2d16 100644
--- a/vendor/k8s.io/apimachinery/pkg/conversion/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/conversion/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 // but for the fields which did not change, copying is automated. This makes it
 // easy to modify the structures you use in memory without affecting the format
 // you store on disk or respond to in your external API calls.
-package conversion // import "k8s.io/apimachinery/pkg/conversion"
+package conversion
diff --git a/vendor/k8s.io/apimachinery/pkg/conversion/queryparams/doc.go b/vendor/k8s.io/apimachinery/pkg/conversion/queryparams/doc.go
index 7b763de6f0..4c1002a4c1 100644
--- a/vendor/k8s.io/apimachinery/pkg/conversion/queryparams/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/conversion/queryparams/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // Package queryparams provides conversion from versioned
 // runtime objects to URL query values
-package queryparams // import "k8s.io/apimachinery/pkg/conversion/queryparams"
+package queryparams
diff --git a/vendor/k8s.io/apimachinery/pkg/fields/doc.go b/vendor/k8s.io/apimachinery/pkg/fields/doc.go
index c39b8039ae..49059e2635 100644
--- a/vendor/k8s.io/apimachinery/pkg/fields/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/fields/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // Package fields implements a simple field system, parsing and matching
 // selectors with sets of fields.
-package fields // import "k8s.io/apimachinery/pkg/fields"
+package fields
diff --git a/vendor/k8s.io/apimachinery/pkg/labels/doc.go b/vendor/k8s.io/apimachinery/pkg/labels/doc.go
index 82de0051bd..35ba788094 100644
--- a/vendor/k8s.io/apimachinery/pkg/labels/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/labels/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // Package labels implements a simple label system, parsing and matching
 // selectors with sets of labels.
-package labels // import "k8s.io/apimachinery/pkg/labels"
+package labels
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/doc.go b/vendor/k8s.io/apimachinery/pkg/runtime/doc.go
index 89feb40103..b54429bd89 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/doc.go
@@ -48,4 +48,4 @@ limitations under the License.
 //
 // As a bonus, a few common types useful from all api objects and versions
 // are provided in types.go.
-package runtime // import "k8s.io/apimachinery/pkg/runtime"
+package runtime
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/interfaces.go b/vendor/k8s.io/apimachinery/pkg/runtime/interfaces.go
index 2703300cd5..202bf4f01a 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/interfaces.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/interfaces.go
@@ -259,6 +259,7 @@ type ObjectDefaulter interface {
 
 type ObjectVersioner interface {
 	ConvertToVersion(in Object, gv GroupVersioner) (out Object, err error)
+	PrioritizedVersionsForGroup(group string) []schema.GroupVersion
 }
 
 // ObjectConvertor converts an object to a different version.
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/scheme.go b/vendor/k8s.io/apimachinery/pkg/runtime/scheme.go
index a5b116718d..fde87f1a13 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/scheme.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/scheme.go
@@ -17,15 +17,18 @@ limitations under the License.
 package runtime
 
 import (
+	"context"
 	"fmt"
 	"reflect"
 	"strings"
 
+	"k8s.io/apimachinery/pkg/api/operation"
 	"k8s.io/apimachinery/pkg/conversion"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/naming"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/apimachinery/pkg/util/validation/field"
 )
 
 // Scheme defines methods for serializing and deserializing API objects, a type
@@ -68,6 +71,12 @@ type Scheme struct {
 	// the provided object must be a pointer.
 	defaulterFuncs map[reflect.Type]func(interface{})
 
+	// validationFuncs is a map to funcs to be called with an object to perform validation.
+	// The provided object must be a pointer.
+	// If oldObject is non-nil, update validation is performed and may perform additional
+	// validation such as transition rules and immutability checks.
+	validationFuncs map[reflect.Type]func(ctx context.Context, op operation.Operation, object, oldObject interface{}, subresources ...string) field.ErrorList
+
 	// converter stores all registered conversion functions. It also has
 	// default converting behavior.
 	converter *conversion.Converter
@@ -96,6 +105,7 @@ func NewScheme() *Scheme {
 		unversionedKinds:          map[string]reflect.Type{},
 		fieldLabelConversionFuncs: map[schema.GroupVersionKind]FieldLabelConversionFunc{},
 		defaulterFuncs:            map[reflect.Type]func(interface{}){},
+		validationFuncs:           map[reflect.Type]func(ctx context.Context, op operation.Operation, object, oldObject interface{}, subresource ...string) field.ErrorList{},
 		versionPriority:           map[string][]string{},
 		schemeName:                naming.GetNameFromCallsite(internalPackages...),
 	}
@@ -347,6 +357,35 @@ func (s *Scheme) Default(src Object) {
 	}
 }
 
+// AddValidationFunc registered a function that can validate the object, and
+// oldObject. These functions will be invoked when Validate() or ValidateUpdate()
+// is called. The function will never be called unless the validated object
+// matches srcType. If this function is invoked twice with the same srcType, the
+// fn passed to the later call will be used instead.
+func (s *Scheme) AddValidationFunc(srcType Object, fn func(ctx context.Context, op operation.Operation, object, oldObject interface{}, subresources ...string) field.ErrorList) {
+	s.validationFuncs[reflect.TypeOf(srcType)] = fn
+}
+
+// Validate validates the provided Object according to the generated declarative validation code.
+// WARNING: This does not validate all objects!  The handwritten validation code in validation.go
+// is not run when this is called.  Only the generated zz_generated.validations.go validation code is run.
+func (s *Scheme) Validate(ctx context.Context, options sets.Set[string], object Object, subresources ...string) field.ErrorList {
+	if fn, ok := s.validationFuncs[reflect.TypeOf(object)]; ok {
+		return fn(ctx, operation.Operation{Type: operation.Create, Options: options}, object, nil, subresources...)
+	}
+	return nil
+}
+
+// ValidateUpdate validates the provided object and oldObject according to the generated declarative validation code.
+// WARNING: This does not validate all objects!  The handwritten validation code in validation.go
+// is not run when this is called.  Only the generated zz_generated.validations.go validation code is run.
+func (s *Scheme) ValidateUpdate(ctx context.Context, options sets.Set[string], object, oldObject Object, subresources ...string) field.ErrorList {
+	if fn, ok := s.validationFuncs[reflect.TypeOf(object)]; ok {
+		return fn(ctx, operation.Operation{Type: operation.Update, Options: options}, object, oldObject, subresources...)
+	}
+	return nil
+}
+
 // Convert will attempt to convert in into out. Both must be pointers. For easy
 // testing of conversion functions. Returns an error if the conversion isn't
 // possible. You can call this with types that haven't been registered (for example,
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/cbor/internal/modes/custom.go b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/cbor/internal/modes/custom.go
index 858529e958..e550ea348d 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/cbor/internal/modes/custom.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/cbor/internal/modes/custom.go
@@ -140,7 +140,7 @@ func (cache *checkers) getCheckerInternal(rt reflect.Type, parent *path) (c chec
 	var wg sync.WaitGroup
 	wg.Add(1)
 	defer wg.Done()
-	c = checker{
+	placeholder := checker{
 		safe: func() bool {
 			wg.Wait()
 			return c.safe()
@@ -150,7 +150,7 @@ func (cache *checkers) getCheckerInternal(rt reflect.Type, parent *path) (c chec
 			return c.check(rv, depth)
 		},
 	}
-	if actual, loaded := cache.m.LoadOrStore(rt, &c); loaded {
+	if actual, loaded := cache.m.LoadOrStore(rt, &placeholder); loaded {
 		// Someone else stored an entry for this type, use it.
 		return *actual.(*checker)
 	}
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/codec_factory.go b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/codec_factory.go
index 77bb307452..81286fccb4 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/codec_factory.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/codec_factory.go
@@ -28,7 +28,7 @@ import (
 func newSerializersForScheme(scheme *runtime.Scheme, mf json.MetaFactory, options CodecFactoryOptions) []runtime.SerializerInfo {
 	jsonSerializer := json.NewSerializerWithOptions(
 		mf, scheme, scheme,
-		json.SerializerOptions{Yaml: false, Pretty: false, Strict: options.Strict},
+		json.SerializerOptions{Yaml: false, Pretty: false, Strict: options.Strict, StreamingCollectionsEncoding: options.StreamingCollectionsEncodingToJSON},
 	)
 	jsonSerializerType := runtime.SerializerInfo{
 		MediaType:        runtime.ContentTypeJSON,
@@ -38,7 +38,7 @@ func newSerializersForScheme(scheme *runtime.Scheme, mf json.MetaFactory, option
 		Serializer:       jsonSerializer,
 		StrictSerializer: json.NewSerializerWithOptions(
 			mf, scheme, scheme,
-			json.SerializerOptions{Yaml: false, Pretty: false, Strict: true},
+			json.SerializerOptions{Yaml: false, Pretty: false, Strict: true, StreamingCollectionsEncoding: options.StreamingCollectionsEncodingToJSON},
 		),
 		StreamSerializer: &runtime.StreamSerializerInfo{
 			EncodesAsText: true,
@@ -61,7 +61,9 @@ func newSerializersForScheme(scheme *runtime.Scheme, mf json.MetaFactory, option
 		mf, scheme, scheme,
 		json.SerializerOptions{Yaml: true, Pretty: false, Strict: true},
 	)
-	protoSerializer := protobuf.NewSerializer(scheme, scheme)
+	protoSerializer := protobuf.NewSerializerWithOptions(scheme, scheme, protobuf.SerializerOptions{
+		StreamingCollectionsEncoding: options.StreamingCollectionsEncodingToProtobuf,
+	})
 	protoRawSerializer := protobuf.NewRawSerializer(scheme, scheme)
 
 	serializers := []runtime.SerializerInfo{
@@ -113,6 +115,9 @@ type CodecFactoryOptions struct {
 	// Pretty includes a pretty serializer along with the non-pretty one
 	Pretty bool
 
+	StreamingCollectionsEncodingToJSON     bool
+	StreamingCollectionsEncodingToProtobuf bool
+
 	serializers []func(runtime.ObjectCreater, runtime.ObjectTyper) runtime.SerializerInfo
 }
 
@@ -147,6 +152,18 @@ func WithSerializer(f func(runtime.ObjectCreater, runtime.ObjectTyper) runtime.S
 	}
 }
 
+func WithStreamingCollectionEncodingToJSON() CodecFactoryOptionsMutator {
+	return func(options *CodecFactoryOptions) {
+		options.StreamingCollectionsEncodingToJSON = true
+	}
+}
+
+func WithStreamingCollectionEncodingToProtobuf() CodecFactoryOptionsMutator {
+	return func(options *CodecFactoryOptions) {
+		options.StreamingCollectionsEncodingToProtobuf = true
+	}
+}
+
 // NewCodecFactory provides methods for retrieving serializers for the supported wire formats
 // and conversion wrappers to define preferred internal and external versions. In the future,
 // as the internal version is used less, callers may instead use a defaulting serializer and
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/collections.go b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/collections.go
new file mode 100644
index 0000000000..075163ddd8
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/collections.go
@@ -0,0 +1,230 @@
+/*
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package json
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"maps"
+	"slices"
+	"sort"
+
+	"k8s.io/apimachinery/pkg/api/meta"
+	"k8s.io/apimachinery/pkg/conversion"
+
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/runtime"
+)
+
+func streamEncodeCollections(obj runtime.Object, w io.Writer) (bool, error) {
+	list, ok := obj.(*unstructured.UnstructuredList)
+	if ok {
+		return true, streamingEncodeUnstructuredList(w, list)
+	}
+	if _, ok := obj.(json.Marshaler); ok {
+		return false, nil
+	}
+	typeMeta, listMeta, items, err := getListMeta(obj)
+	if err == nil {
+		return true, streamingEncodeList(w, typeMeta, listMeta, items)
+	}
+	return false, nil
+}
+
+// getListMeta implements list extraction logic for json stream serialization.
+//
+// Reason for a custom logic instead of reusing accessors from meta package:
+// * Validate json tags to prevent incompatibility with json standard package.
+// * ListMetaAccessor doesn't distinguish empty from nil value.
+// * TypeAccessort reparsing "apiVersion" and serializing it with "{group}/{version}"
+func getListMeta(list runtime.Object) (metav1.TypeMeta, metav1.ListMeta, []runtime.Object, error) {
+	listValue, err := conversion.EnforcePtr(list)
+	if err != nil {
+		return metav1.TypeMeta{}, metav1.ListMeta{}, nil, err
+	}
+	listType := listValue.Type()
+	if listType.NumField() != 3 {
+		return metav1.TypeMeta{}, metav1.ListMeta{}, nil, fmt.Errorf("expected ListType to have 3 fields")
+	}
+	// TypeMeta
+	typeMeta, ok := listValue.Field(0).Interface().(metav1.TypeMeta)
+	if !ok {
+		return metav1.TypeMeta{}, metav1.ListMeta{}, nil, fmt.Errorf("expected TypeMeta field to have TypeMeta type")
+	}
+	if listType.Field(0).Tag.Get("json") != ",inline" {
+		return metav1.TypeMeta{}, metav1.ListMeta{}, nil, fmt.Errorf(`expected TypeMeta json field tag to be ",inline"`)
+	}
+	// ListMeta
+	listMeta, ok := listValue.Field(1).Interface().(metav1.ListMeta)
+	if !ok {
+		return metav1.TypeMeta{}, metav1.ListMeta{}, nil, fmt.Errorf("expected ListMeta field to have ListMeta type")
+	}
+	if listType.Field(1).Tag.Get("json") != "metadata,omitempty" {
+		return metav1.TypeMeta{}, metav1.ListMeta{}, nil, fmt.Errorf(`expected ListMeta json field tag to be "metadata,omitempty"`)
+	}
+	// Items
+	items, err := meta.ExtractList(list)
+	if err != nil {
+		return metav1.TypeMeta{}, metav1.ListMeta{}, nil, err
+	}
+	if listType.Field(2).Tag.Get("json") != "items" {
+		return metav1.TypeMeta{}, metav1.ListMeta{}, nil, fmt.Errorf(`expected Items json field tag to be "items"`)
+	}
+	return typeMeta, listMeta, items, nil
+}
+
+func streamingEncodeList(w io.Writer, typeMeta metav1.TypeMeta, listMeta metav1.ListMeta, items []runtime.Object) error {
+	// Start
+	if _, err := w.Write([]byte(`{`)); err != nil {
+		return err
+	}
+
+	// TypeMeta
+	if typeMeta.Kind != "" {
+		if err := encodeKeyValuePair(w, "kind", typeMeta.Kind, []byte(",")); err != nil {
+			return err
+		}
+	}
+	if typeMeta.APIVersion != "" {
+		if err := encodeKeyValuePair(w, "apiVersion", typeMeta.APIVersion, []byte(",")); err != nil {
+			return err
+		}
+	}
+
+	// ListMeta
+	if err := encodeKeyValuePair(w, "metadata", listMeta, []byte(",")); err != nil {
+		return err
+	}
+
+	// Items
+	if err := encodeItemsObjectSlice(w, items); err != nil {
+		return err
+	}
+
+	// End
+	_, err := w.Write([]byte("}\n"))
+	return err
+}
+
+func encodeItemsObjectSlice(w io.Writer, items []runtime.Object) (err error) {
+	if items == nil {
+		err := encodeKeyValuePair(w, "items", nil, nil)
+		return err
+	}
+	_, err = w.Write([]byte(`"items":[`))
+	if err != nil {
+		return err
+	}
+	suffix := []byte(",")
+	for i, item := range items {
+		if i == len(items)-1 {
+			suffix = nil
+		}
+		err := encodeValue(w, item, suffix)
+		if err != nil {
+			return err
+		}
+	}
+	_, err = w.Write([]byte("]"))
+	if err != nil {
+		return err
+	}
+	return err
+}
+
+func streamingEncodeUnstructuredList(w io.Writer, list *unstructured.UnstructuredList) error {
+	_, err := w.Write([]byte(`{`))
+	if err != nil {
+		return err
+	}
+	keys := slices.Collect(maps.Keys(list.Object))
+	if _, exists := list.Object["items"]; !exists {
+		keys = append(keys, "items")
+	}
+	sort.Strings(keys)
+
+	suffix := []byte(",")
+	for i, key := range keys {
+		if i == len(keys)-1 {
+			suffix = nil
+		}
+		if key == "items" {
+			err = encodeItemsUnstructuredSlice(w, list.Items, suffix)
+		} else {
+			err = encodeKeyValuePair(w, key, list.Object[key], suffix)
+		}
+		if err != nil {
+			return err
+		}
+	}
+	_, err = w.Write([]byte("}\n"))
+	return err
+}
+
+func encodeItemsUnstructuredSlice(w io.Writer, items []unstructured.Unstructured, suffix []byte) (err error) {
+	_, err = w.Write([]byte(`"items":[`))
+	if err != nil {
+		return err
+	}
+	comma := []byte(",")
+	for i, item := range items {
+		if i == len(items)-1 {
+			comma = nil
+		}
+		err := encodeValue(w, item.Object, comma)
+		if err != nil {
+			return err
+		}
+	}
+	_, err = w.Write([]byte("]"))
+	if err != nil {
+		return err
+	}
+	if len(suffix) > 0 {
+		_, err = w.Write(suffix)
+	}
+	return err
+}
+
+func encodeKeyValuePair(w io.Writer, key string, value any, suffix []byte) (err error) {
+	err = encodeValue(w, key, []byte(":"))
+	if err != nil {
+		return err
+	}
+	err = encodeValue(w, value, suffix)
+	if err != nil {
+		return err
+	}
+	return err
+}
+
+func encodeValue(w io.Writer, value any, suffix []byte) error {
+	data, err := json.Marshal(value)
+	if err != nil {
+		return err
+	}
+	_, err = w.Write(data)
+	if err != nil {
+		return err
+	}
+	if len(suffix) > 0 {
+		_, err = w.Write(suffix)
+	}
+	return err
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/json.go b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/json.go
index 1ae4a32eb7..24f66a1017 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/json.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/json/json.go
@@ -36,7 +36,7 @@ import (
 // is not nil, the object has the group, version, and kind fields set.
 // Deprecated: use NewSerializerWithOptions instead.
 func NewSerializer(meta MetaFactory, creater runtime.ObjectCreater, typer runtime.ObjectTyper, pretty bool) *Serializer {
-	return NewSerializerWithOptions(meta, creater, typer, SerializerOptions{false, pretty, false})
+	return NewSerializerWithOptions(meta, creater, typer, SerializerOptions{false, pretty, false, false})
 }
 
 // NewYAMLSerializer creates a YAML serializer that handles encoding versioned objects into the proper YAML form. If typer
@@ -44,7 +44,7 @@ func NewSerializer(meta MetaFactory, creater runtime.ObjectCreater, typer runtim
 // matches JSON, and will error if constructs are used that do not serialize to JSON.
 // Deprecated: use NewSerializerWithOptions instead.
 func NewYAMLSerializer(meta MetaFactory, creater runtime.ObjectCreater, typer runtime.ObjectTyper) *Serializer {
-	return NewSerializerWithOptions(meta, creater, typer, SerializerOptions{true, false, false})
+	return NewSerializerWithOptions(meta, creater, typer, SerializerOptions{true, false, false, false})
 }
 
 // NewSerializerWithOptions creates a JSON/YAML serializer that handles encoding versioned objects into the proper JSON/YAML
@@ -93,6 +93,9 @@ type SerializerOptions struct {
 	// Strict: configures the Serializer to return strictDecodingError's when duplicate fields are present decoding JSON or YAML.
 	// Note that enabling this option is not as performant as the non-strict variant, and should not be used in fast paths.
 	Strict bool
+
+	// StreamingCollectionsEncoding enables encoding collection, one item at the time, drastically reducing memory needed.
+	StreamingCollectionsEncoding bool
 }
 
 // Serializer handles encoding versioned objects into the proper JSON form
@@ -242,6 +245,15 @@ func (s *Serializer) doEncode(obj runtime.Object, w io.Writer) error {
 		_, err = w.Write(data)
 		return err
 	}
+	if s.options.StreamingCollectionsEncoding {
+		ok, err := streamEncodeCollections(obj, w)
+		if err != nil {
+			return err
+		}
+		if ok {
+			return nil
+		}
+	}
 	encoder := json.NewEncoder(w)
 	return encoder.Encode(obj)
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/collections.go b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/collections.go
new file mode 100644
index 0000000000..754a80820b
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/collections.go
@@ -0,0 +1,174 @@
+/*
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package protobuf
+
+import (
+	"errors"
+	"io"
+	"math/bits"
+
+	"github.com/gogo/protobuf/proto"
+
+	"k8s.io/apimachinery/pkg/api/meta"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/conversion"
+	"k8s.io/apimachinery/pkg/runtime"
+)
+
+var (
+	errFieldCount          = errors.New("expected ListType to have 3 fields")
+	errTypeMetaField       = errors.New("expected TypeMeta field to have TypeMeta type")
+	errTypeMetaProtobufTag = errors.New(`expected TypeMeta protobuf field tag to be ""`)
+	errListMetaField       = errors.New("expected ListMeta field to have ListMeta type")
+	errListMetaProtobufTag = errors.New(`expected ListMeta protobuf field tag to be "bytes,1,opt,name=metadata"`)
+	errItemsProtobufTag    = errors.New(`expected Items protobuf field tag to be "bytes,2,rep,name=items"`)
+	errItemsSizer          = errors.New(`expected Items elements to implement proto.Sizer`)
+)
+
+// getStreamingListData implements list extraction logic for protobuf stream serialization.
+//
+// Reason for a custom logic instead of reusing accessors from meta package:
+// * Validate proto tags to prevent incompatibility with proto standard package.
+// * ListMetaAccessor doesn't distinguish empty from nil value.
+// * TypeAccessor reparsing "apiVersion" and serializing it with "{group}/{version}"
+func getStreamingListData(list runtime.Object) (data streamingListData, err error) {
+	listValue, err := conversion.EnforcePtr(list)
+	if err != nil {
+		return data, err
+	}
+	listType := listValue.Type()
+	if listType.NumField() != 3 {
+		return data, errFieldCount
+	}
+	// TypeMeta: validated, but not returned as is not serialized.
+	_, ok := listValue.Field(0).Interface().(metav1.TypeMeta)
+	if !ok {
+		return data, errTypeMetaField
+	}
+	if listType.Field(0).Tag.Get("protobuf") != "" {
+		return data, errTypeMetaProtobufTag
+	}
+	// ListMeta
+	listMeta, ok := listValue.Field(1).Interface().(metav1.ListMeta)
+	if !ok {
+		return data, errListMetaField
+	}
+	// if we were ever to relax the protobuf tag check we should update the hardcoded `0xa` below when writing ListMeta.
+	if listType.Field(1).Tag.Get("protobuf") != "bytes,1,opt,name=metadata" {
+		return data, errListMetaProtobufTag
+	}
+	data.listMeta = listMeta
+	// Items; if we were ever to relax the protobuf tag check we should update the hardcoded `0x12` below when writing Items.
+	if listType.Field(2).Tag.Get("protobuf") != "bytes,2,rep,name=items" {
+		return data, errItemsProtobufTag
+	}
+	items, err := meta.ExtractList(list)
+	if err != nil {
+		return data, err
+	}
+	data.items = items
+	data.totalSize, data.listMetaSize, data.itemsSizes, err = listSize(listMeta, items)
+	return data, err
+}
+
+type streamingListData struct {
+	// totalSize is the total size of the serialized List object, including their proto headers/size bytes
+	totalSize int
+
+	// listMetaSize caches results from .Size() call to listMeta, doesn't include header bytes (field identifier, size)
+	listMetaSize int
+	listMeta     metav1.ListMeta
+
+	// itemsSizes caches results from .Size() call to items, doesn't include header bytes (field identifier, size)
+	itemsSizes []int
+	items      []runtime.Object
+}
+
+// listSize return size of ListMeta and items to be later used for preallocations.
+// listMetaSize and itemSizes do not include header bytes (field identifier, size).
+func listSize(listMeta metav1.ListMeta, items []runtime.Object) (totalSize, listMetaSize int, itemSizes []int, err error) {
+	// ListMeta
+	listMetaSize = listMeta.Size()
+	totalSize += 1 + sovGenerated(uint64(listMetaSize)) + listMetaSize
+	// Items
+	itemSizes = make([]int, len(items))
+	for i, item := range items {
+		sizer, ok := item.(proto.Sizer)
+		if !ok {
+			return totalSize, listMetaSize, nil, errItemsSizer
+		}
+		n := sizer.Size()
+		itemSizes[i] = n
+		totalSize += 1 + sovGenerated(uint64(n)) + n
+	}
+	return totalSize, listMetaSize, itemSizes, nil
+}
+
+func streamingEncodeUnknownList(w io.Writer, unk runtime.Unknown, listData streamingListData, memAlloc runtime.MemoryAllocator) error {
+	_, err := w.Write(protoEncodingPrefix)
+	if err != nil {
+		return err
+	}
+	// encodeList is responsible for encoding the List into the unknown Raw.
+	encodeList := func(writer io.Writer) (int, error) {
+		return streamingEncodeList(writer, listData, memAlloc)
+	}
+	_, err = unk.MarshalToWriter(w, listData.totalSize, encodeList)
+	return err
+}
+
+func streamingEncodeList(w io.Writer, listData streamingListData, memAlloc runtime.MemoryAllocator) (size int, err error) {
+	// ListMeta; 0xa = (1 << 3) | 2; field number: 1, type: 2 (LEN). https://protobuf.dev/programming-guides/encoding/#structure
+	n, err := doEncodeWithHeader(&listData.listMeta, w, 0xa, listData.listMetaSize, memAlloc)
+	size += n
+	if err != nil {
+		return size, err
+	}
+	// Items; 0x12 = (2 << 3) | 2; field number: 2, type: 2 (LEN). https://protobuf.dev/programming-guides/encoding/#structure
+	for i, item := range listData.items {
+		n, err := doEncodeWithHeader(item, w, 0x12, listData.itemsSizes[i], memAlloc)
+		size += n
+		if err != nil {
+			return size, err
+		}
+	}
+	return size, nil
+}
+
+func writeVarintGenerated(w io.Writer, v int) (int, error) {
+	buf := make([]byte, sovGenerated(uint64(v)))
+	encodeVarintGenerated(buf, len(buf), uint64(v))
+	return w.Write(buf)
+}
+
+// sovGenerated is copied from `generated.pb.go` returns size of varint.
+func sovGenerated(v uint64) int {
+	return (bits.Len64(v|1) + 6) / 7
+}
+
+// encodeVarintGenerated is copied from `generated.pb.go` encodes varint.
+func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
+	offset -= sovGenerated(v)
+	base := offset
+	for v >= 1<<7 {
+		dAtA[offset] = uint8(v&0x7f | 0x80)
+		v >>= 7
+		offset++
+	}
+	dAtA[offset] = uint8(v)
+	return base
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/doc.go b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/doc.go
index 72d0ac79b3..381748d69f 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/doc.go
@@ -15,4 +15,4 @@ limitations under the License.
 */
 
 // Package protobuf provides a Kubernetes serializer for the protobuf format.
-package protobuf // import "k8s.io/apimachinery/pkg/runtime/serializer/protobuf"
+package protobuf
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/protobuf.go b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/protobuf.go
index c63e6dc63f..c66c49ac4c 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/protobuf.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/serializer/protobuf/protobuf.go
@@ -72,10 +72,18 @@ func IsNotMarshalable(err error) bool {
 // is passed, the encoded object will have group, version, and kind fields set. If typer is nil, the objects will be written
 // as-is (any type info passed with the object will be used).
 func NewSerializer(creater runtime.ObjectCreater, typer runtime.ObjectTyper) *Serializer {
+	return NewSerializerWithOptions(creater, typer, SerializerOptions{})
+}
+
+// NewSerializerWithOptions creates a Protobuf serializer that handles encoding versioned objects into the proper wire form. If a typer
+// is passed, the encoded object will have group, version, and kind fields set. If typer is nil, the objects will be written
+// as-is (any type info passed with the object will be used).
+func NewSerializerWithOptions(creater runtime.ObjectCreater, typer runtime.ObjectTyper, opts SerializerOptions) *Serializer {
 	return &Serializer{
 		prefix:  protoEncodingPrefix,
 		creater: creater,
 		typer:   typer,
+		options: opts,
 	}
 }
 
@@ -84,6 +92,14 @@ type Serializer struct {
 	prefix  []byte
 	creater runtime.ObjectCreater
 	typer   runtime.ObjectTyper
+
+	options SerializerOptions
+}
+
+// SerializerOptions holds the options which are used to configure a Proto serializer.
+type SerializerOptions struct {
+	// StreamingCollectionsEncoding enables encoding collection, one item at the time, drastically reducing memory needed.
+	StreamingCollectionsEncoding bool
 }
 
 var _ runtime.Serializer = &Serializer{}
@@ -209,6 +225,13 @@ func (s *Serializer) doEncode(obj runtime.Object, w io.Writer, memAlloc runtime.
 			},
 		}
 	}
+	if s.options.StreamingCollectionsEncoding {
+		listData, err := getStreamingListData(obj)
+		if err == nil {
+			// Doesn't honor custom proto marshaling methods (like json streaming), because all proto objects implement proto methods.
+			return streamingEncodeUnknownList(w, unk, listData, memAlloc)
+		}
+	}
 
 	switch t := obj.(type) {
 	case bufferedMarshaller:
@@ -428,6 +451,39 @@ func (s *RawSerializer) encode(obj runtime.Object, w io.Writer, memAlloc runtime
 }
 
 func (s *RawSerializer) doEncode(obj runtime.Object, w io.Writer, memAlloc runtime.MemoryAllocator) error {
+	_, err := doEncode(obj, w, nil, memAlloc)
+	return err
+}
+
+func doEncodeWithHeader(obj any, w io.Writer, field byte, precomputedSize int, memAlloc runtime.MemoryAllocator) (size int, err error) {
+	// Field identifier
+	n, err := w.Write([]byte{field})
+	size += n
+	if err != nil {
+		return size, err
+	}
+	// Size
+	n, err = writeVarintGenerated(w, precomputedSize)
+	size += n
+	if err != nil {
+		return size, err
+	}
+	// Obj
+	n, err = doEncode(obj, w, &precomputedSize, memAlloc)
+	size += n
+	if err != nil {
+		return size, err
+	}
+	if n != precomputedSize {
+		return size, fmt.Errorf("the size value was %d, but doEncode wrote %d bytes to data", precomputedSize, n)
+	}
+	return size, nil
+}
+
+// doEncode encodes provided object into writer using a allocator if possible.
+// Avoids call by object Size if precomputedObjSize is provided.
+// precomputedObjSize should not include header bytes (field identifier, size).
+func doEncode(obj any, w io.Writer, precomputedObjSize *int, memAlloc runtime.MemoryAllocator) (int, error) {
 	if memAlloc == nil {
 		klog.Error("a mandatory memory allocator wasn't provided, this might have a negative impact on performance, check invocations of EncodeWithAllocator method, falling back on runtime.SimpleAllocator")
 		memAlloc = &runtime.SimpleAllocator{}
@@ -436,40 +492,43 @@ func (s *RawSerializer) doEncode(obj runtime.Object, w io.Writer, memAlloc runti
 	case bufferedReverseMarshaller:
 		// this path performs a single allocation during write only when the Allocator wasn't provided
 		// it also requires the caller to implement the more efficient Size and MarshalToSizedBuffer methods
-		encodedSize := uint64(t.Size())
-		data := memAlloc.Allocate(encodedSize)
+		if precomputedObjSize == nil {
+			s := t.Size()
+			precomputedObjSize = &s
+		}
+		data := memAlloc.Allocate(uint64(*precomputedObjSize))
 
 		n, err := t.MarshalToSizedBuffer(data)
 		if err != nil {
-			return err
+			return 0, err
 		}
-		_, err = w.Write(data[:n])
-		return err
+		return w.Write(data[:n])
 
 	case bufferedMarshaller:
 		// this path performs a single allocation during write only when the Allocator wasn't provided
 		// it also requires the caller to implement the more efficient Size and MarshalTo methods
-		encodedSize := uint64(t.Size())
-		data := memAlloc.Allocate(encodedSize)
+		if precomputedObjSize == nil {
+			s := t.Size()
+			precomputedObjSize = &s
+		}
+		data := memAlloc.Allocate(uint64(*precomputedObjSize))
 
 		n, err := t.MarshalTo(data)
 		if err != nil {
-			return err
+			return 0, err
 		}
-		_, err = w.Write(data[:n])
-		return err
+		return w.Write(data[:n])
 
 	case proto.Marshaler:
 		// this path performs extra allocations
 		data, err := t.Marshal()
 		if err != nil {
-			return err
+			return 0, err
 		}
-		_, err = w.Write(data)
-		return err
+		return w.Write(data)
 
 	default:
-		return errNotMarshalable{reflect.TypeOf(obj)}
+		return 0, errNotMarshalable{reflect.TypeOf(obj)}
 	}
 }
 
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/types_proto.go b/vendor/k8s.io/apimachinery/pkg/runtime/types_proto.go
index a82227b239..27a2064c41 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/types_proto.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/types_proto.go
@@ -18,6 +18,7 @@ package runtime
 
 import (
 	"fmt"
+	"io"
 )
 
 type ProtobufMarshaller interface {
@@ -28,6 +29,124 @@ type ProtobufReverseMarshaller interface {
 	MarshalToSizedBuffer(data []byte) (int, error)
 }
 
+const (
+	typeMetaTag        = 0xa
+	rawTag             = 0x12
+	contentEncodingTag = 0x1a
+	contentTypeTag     = 0x22
+
+	// max length of a varint for a uint64
+	maxUint64VarIntLength = 10
+)
+
+// MarshalToWriter allows a caller to provide a streaming writer for raw bytes,
+// instead of populating them inside the Unknown struct.
+// rawSize is the number of bytes rawWriter will write in a success case.
+// writeRaw is called when it is time to write the raw bytes. It must return `rawSize, nil` or an error.
+func (m *Unknown) MarshalToWriter(w io.Writer, rawSize int, writeRaw func(io.Writer) (int, error)) (int, error) {
+	size := 0
+
+	// reuse the buffer for varint marshaling
+	varintBuffer := make([]byte, maxUint64VarIntLength)
+	writeVarint := func(i int) (int, error) {
+		offset := encodeVarintGenerated(varintBuffer, len(varintBuffer), uint64(i))
+		return w.Write(varintBuffer[offset:])
+	}
+
+	// TypeMeta
+	{
+		n, err := w.Write([]byte{typeMetaTag})
+		size += n
+		if err != nil {
+			return size, err
+		}
+
+		typeMetaBytes, err := m.TypeMeta.Marshal()
+		if err != nil {
+			return size, err
+		}
+
+		n, err = writeVarint(len(typeMetaBytes))
+		size += n
+		if err != nil {
+			return size, err
+		}
+
+		n, err = w.Write(typeMetaBytes)
+		size += n
+		if err != nil {
+			return size, err
+		}
+	}
+
+	// Raw, delegating write to writeRaw()
+	{
+		n, err := w.Write([]byte{rawTag})
+		size += n
+		if err != nil {
+			return size, err
+		}
+
+		n, err = writeVarint(rawSize)
+		size += n
+		if err != nil {
+			return size, err
+		}
+
+		n, err = writeRaw(w)
+		size += n
+		if err != nil {
+			return size, err
+		}
+		if n != int(rawSize) {
+			return size, fmt.Errorf("the size value was %d, but encoding wrote %d bytes to data", rawSize, n)
+		}
+	}
+
+	// ContentEncoding
+	{
+		n, err := w.Write([]byte{contentEncodingTag})
+		size += n
+		if err != nil {
+			return size, err
+		}
+
+		n, err = writeVarint(len(m.ContentEncoding))
+		size += n
+		if err != nil {
+			return size, err
+		}
+
+		n, err = w.Write([]byte(m.ContentEncoding))
+		size += n
+		if err != nil {
+			return size, err
+		}
+	}
+
+	// ContentEncoding
+	{
+		n, err := w.Write([]byte{contentTypeTag})
+		size += n
+		if err != nil {
+			return size, err
+		}
+
+		n, err = writeVarint(len(m.ContentType))
+		size += n
+		if err != nil {
+			return size, err
+		}
+
+		n, err = w.Write([]byte(m.ContentType))
+		size += n
+		if err != nil {
+			return size, err
+		}
+	}
+	return size, nil
+}
+
 // NestedMarshalTo allows a caller to avoid extra allocations during serialization of an Unknown
 // that will contain an object that implements ProtobufMarshaller or ProtobufReverseMarshaller.
 func (m *Unknown) NestedMarshalTo(data []byte, b ProtobufMarshaller, size uint64) (int, error) {
@@ -43,12 +162,12 @@ func (m *Unknown) NestedMarshalTo(data []byte, b ProtobufMarshaller, size uint64
 	copy(data[i:], m.ContentType)
 	i = encodeVarintGenerated(data, i, uint64(len(m.ContentType)))
 	i--
-	data[i] = 0x22
+	data[i] = contentTypeTag
 	i -= len(m.ContentEncoding)
 	copy(data[i:], m.ContentEncoding)
 	i = encodeVarintGenerated(data, i, uint64(len(m.ContentEncoding)))
 	i--
-	data[i] = 0x1a
+	data[i] = contentEncodingTag
 	if b != nil {
 		if r, ok := b.(ProtobufReverseMarshaller); ok {
 			n1, err := r.MarshalToSizedBuffer(data[:i])
@@ -75,7 +194,7 @@ func (m *Unknown) NestedMarshalTo(data []byte, b ProtobufMarshaller, size uint64
 		}
 		i = encodeVarintGenerated(data, i, size)
 		i--
-		data[i] = 0x12
+		data[i] = rawTag
 	}
 	n2, err := m.TypeMeta.MarshalToSizedBuffer(data[:i])
 	if err != nil {
@@ -84,6 +203,6 @@ func (m *Unknown) NestedMarshalTo(data []byte, b ProtobufMarshaller, size uint64
 	i -= n2
 	i = encodeVarintGenerated(data, i, uint64(n2))
 	i--
-	data[i] = 0xa
+	data[i] = typeMetaTag
 	return msgSize - i, nil
 }
diff --git a/vendor/k8s.io/apimachinery/pkg/types/doc.go b/vendor/k8s.io/apimachinery/pkg/types/doc.go
index 5667fa9921..783cbcdc8d 100644
--- a/vendor/k8s.io/apimachinery/pkg/types/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/types/doc.go
@@ -15,4 +15,4 @@ limitations under the License.
 */
 
 // Package types implements various generic types used throughout kubernetes.
-package types // import "k8s.io/apimachinery/pkg/types"
+package types
diff --git a/vendor/k8s.io/apimachinery/pkg/util/diff/diff.go b/vendor/k8s.io/apimachinery/pkg/util/diff/diff.go
index fc03018449..38b666ef59 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/diff/diff.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/diff/diff.go
@@ -23,7 +23,7 @@ import (
 	"strings"
 	"text/tabwriter"
 
-	"github.com/google/go-cmp/cmp"
+	"github.com/google/go-cmp/cmp" //nolint:depguard
 	"k8s.io/apimachinery/pkg/util/dump"
 )
 
diff --git a/vendor/k8s.io/apimachinery/pkg/util/errors/doc.go b/vendor/k8s.io/apimachinery/pkg/util/errors/doc.go
index 5d4d6250a3..b3b39bc388 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/errors/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/errors/doc.go
@@ -15,4 +15,4 @@ limitations under the License.
 */
 
 // Package errors implements various utility functions and types around errors.
-package errors // import "k8s.io/apimachinery/pkg/util/errors"
+package errors
diff --git a/vendor/k8s.io/apimachinery/pkg/util/framer/framer.go b/vendor/k8s.io/apimachinery/pkg/util/framer/framer.go
index 1ab8fd396e..f18845a417 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/framer/framer.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/framer/framer.go
@@ -91,12 +91,12 @@ func (r *lengthDelimitedFrameReader) Read(data []byte) (int, error) {
 	}
 	n, err := io.ReadAtLeast(r.r, data[:max], int(max))
 	r.remaining -= n
-	if err == io.ErrShortBuffer || r.remaining > 0 {
-		return n, io.ErrShortBuffer
-	}
 	if err != nil {
 		return n, err
 	}
+	if r.remaining > 0 {
+		return n, io.ErrShortBuffer
+	}
 	if n != expect {
 		return n, io.ErrUnexpectedEOF
 	}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/intstr/instr_fuzz.go b/vendor/k8s.io/apimachinery/pkg/util/intstr/instr_fuzz.go
index a502b5adb6..2d6f6a0ccc 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/intstr/instr_fuzz.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/intstr/instr_fuzz.go
@@ -20,24 +20,24 @@ limitations under the License.
 package intstr
 
 import (
-	fuzz "github.com/google/gofuzz"
+	"sigs.k8s.io/randfill"
 )
 
-// Fuzz satisfies fuzz.Interface
-func (intstr *IntOrString) Fuzz(c fuzz.Continue) {
+// RandFill satisfies randfill.NativeSelfFiller
+func (intstr *IntOrString) RandFill(c randfill.Continue) {
 	if intstr == nil {
 		return
 	}
-	if c.RandBool() {
+	if c.Bool() {
 		intstr.Type = Int
-		c.Fuzz(&intstr.IntVal)
+		c.Fill(&intstr.IntVal)
 		intstr.StrVal = ""
 	} else {
 		intstr.Type = String
 		intstr.IntVal = 0
-		c.Fuzz(&intstr.StrVal)
+		c.Fill(&intstr.StrVal)
 	}
 }
 
 // ensure IntOrString implements fuzz.Interface
-var _ fuzz.Interface = &IntOrString{}
+var _ randfill.NativeSelfFiller = &IntOrString{}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go b/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go
index df374949dd..de97deae03 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go
@@ -36,6 +36,11 @@ var (
 )
 
 // PanicHandlers is a list of functions which will be invoked when a panic happens.
+//
+// The code invoking these handlers prepares a contextual logger so that
+// klog.FromContext(ctx) already skips over the panic handler itself and
+// several other intermediate functions, ideally such that the log output
+// is attributed to the code which triggered the panic.
 var PanicHandlers = []func(context.Context, interface{}){logPanic}
 
 // HandleCrash simply catches a crash and logs an error. Meant to be called via
@@ -45,7 +50,7 @@ var PanicHandlers = []func(context.Context, interface{}){logPanic}
 //
 // E.g., you can provide one or more additional handlers for something like shutting down go routines gracefully.
 //
-// Contextual logging: HandleCrashWithContext should be used instead of HandleCrash in code which supports contextual logging.
+// Contextual logging: HandleCrashWithContext or HandleCrashWithLogger should be used instead of HandleCrash in code which supports contextual logging.
 func HandleCrash(additionalHandlers ...func(interface{})) {
 	if r := recover(); r != nil {
 		additionalHandlersWithContext := make([]func(context.Context, interface{}), len(additionalHandlers))
@@ -74,10 +79,30 @@ func HandleCrashWithContext(ctx context.Context, additionalHandlers ...func(cont
 	}
 }
 
-// handleCrash is the common implementation of HandleCrash and HandleCrash.
+// HandleCrashWithLogger simply catches a crash and logs an error. Meant to be called via
+// defer.  Additional context-specific handlers can be provided, and will be
+// called in case of panic.  HandleCrash actually crashes, after calling the
+// handlers and logging the panic message.
+//
+// E.g., you can provide one or more additional handlers for something like shutting down go routines gracefully.
+func HandleCrashWithLogger(logger klog.Logger, additionalHandlers ...func(context.Context, interface{})) {
+	if r := recover(); r != nil {
+		ctx := klog.NewContext(context.Background(), logger)
+		handleCrash(ctx, r, additionalHandlers...)
+	}
+}
+
+// handleCrash is the common implementation of the HandleCrash* variants.
 // Having those call a common implementation ensures that the stack depth
 // is the same regardless through which path the handlers get invoked.
 func handleCrash(ctx context.Context, r any, additionalHandlers ...func(context.Context, interface{})) {
+	// We don't really know how many call frames to skip because the Go
+	// panic handler is between us and the code where the panic occurred.
+	// If it's one function (as in Go 1.21), then skipping four levels
+	// gets us to the function which called the `defer HandleCrashWithontext(...)`.
+	logger := klog.FromContext(ctx).WithCallDepth(4)
+	ctx = klog.NewContext(ctx, logger)
+
 	for _, fn := range PanicHandlers {
 		fn(ctx, r)
 	}
@@ -106,11 +131,7 @@ func logPanic(ctx context.Context, r interface{}) {
 	stacktrace := make([]byte, size)
 	stacktrace = stacktrace[:runtime.Stack(stacktrace, false)]
 
-	// We don't really know how many call frames to skip because the Go
-	// panic handler is between us and the code where the panic occurred.
-	// If it's one function (as in Go 1.21), then skipping four levels
-	// gets us to the function which called the `defer HandleCrashWithontext(...)`.
-	logger := klog.FromContext(ctx).WithCallDepth(4)
+	logger := klog.FromContext(ctx)
 
 	// For backwards compatibility, conversion to string
 	// is handled here instead of defering to the logging
@@ -176,12 +197,19 @@ func HandleError(err error) {
 // and key/value pairs.
 //
 // This variant should be used instead of HandleError because it supports
-// structured, contextual logging.
+// structured, contextual logging. Alternatively, [HandleErrorWithLogger] can
+// be used if a logger is available instead of a context.
 func HandleErrorWithContext(ctx context.Context, err error, msg string, keysAndValues ...interface{}) {
 	handleError(ctx, err, msg, keysAndValues...)
 }
 
-// handleError is the common implementation of HandleError and HandleErrorWithContext.
+// HandleErrorWithLogger is an alternative to [HandlerErrorWithContext] which accepts
+// a logger for contextual logging.
+func HandleErrorWithLogger(logger klog.Logger, err error, msg string, keysAndValues ...interface{}) {
+	handleError(klog.NewContext(context.Background(), logger), err, msg, keysAndValues...)
+}
+
+// handleError is the common implementation of the HandleError* variants.
 // Using this common implementation ensures that the stack depth
 // is the same regardless through which path the handlers get invoked.
 func handleError(ctx context.Context, err error, msg string, keysAndValues ...interface{}) {
diff --git a/vendor/k8s.io/apimachinery/pkg/util/sets/doc.go b/vendor/k8s.io/apimachinery/pkg/util/sets/doc.go
index fd281bdb88..194883390c 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/sets/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/sets/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // Package sets has generic set and specified sets. Generic set will
 // replace specified ones over time. And specific ones are deprecated.
-package sets // import "k8s.io/apimachinery/pkg/util/sets"
+package sets
diff --git a/vendor/k8s.io/apimachinery/pkg/util/validation/field/error_matcher.go b/vendor/k8s.io/apimachinery/pkg/util/validation/field/error_matcher.go
new file mode 100644
index 0000000000..1d15deae86
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/validation/field/error_matcher.go
@@ -0,0 +1,212 @@
+/*
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package field
+
+import (
+	"fmt"
+	"reflect"
+	"regexp"
+	"strings"
+)
+
+// ErrorMatcher is a helper for comparing Error objects.
+type ErrorMatcher struct {
+	// TODO(thockin): consider whether type is ever NOT required, maybe just
+	// assume it.
+	matchType bool
+	// TODO(thockin): consider whether field could be assumed - if the
+	// "want" error has a nil field, don't match on field.
+	matchField bool
+	// TODO(thockin): consider whether value could be assumed - if the
+	// "want" error has a nil value, don't match on field.
+	matchValue               bool
+	matchOrigin              bool
+	matchDetail              func(want, got string) bool
+	requireOriginWhenInvalid bool
+}
+
+// Matches returns true if the two Error objects match according to the
+// configured criteria.
+func (m ErrorMatcher) Matches(want, got *Error) bool {
+	if m.matchType && want.Type != got.Type {
+		return false
+	}
+	if m.matchField && want.Field != got.Field {
+		return false
+	}
+	if m.matchValue && !reflect.DeepEqual(want.BadValue, got.BadValue) {
+		return false
+	}
+	if m.matchOrigin {
+		if want.Origin != got.Origin {
+			return false
+		}
+		if m.requireOriginWhenInvalid && want.Type == ErrorTypeInvalid {
+			if want.Origin == "" || got.Origin == "" {
+				return false
+			}
+		}
+	}
+	if m.matchDetail != nil && !m.matchDetail(want.Detail, got.Detail) {
+		return false
+	}
+	return true
+}
+
+// Render returns a string representation of the specified Error object,
+// according to the criteria configured in the ErrorMatcher.
+func (m ErrorMatcher) Render(e *Error) string {
+	buf := strings.Builder{}
+
+	comma := func() {
+		if buf.Len() > 0 {
+			buf.WriteString(", ")
+		}
+	}
+
+	if m.matchType {
+		comma()
+		buf.WriteString(fmt.Sprintf("Type=%q", e.Type))
+	}
+	if m.matchField {
+		comma()
+		buf.WriteString(fmt.Sprintf("Field=%q", e.Field))
+	}
+	if m.matchValue {
+		comma()
+		buf.WriteString(fmt.Sprintf("Value=%v", e.BadValue))
+	}
+	if m.matchOrigin || m.requireOriginWhenInvalid && e.Type == ErrorTypeInvalid {
+		comma()
+		buf.WriteString(fmt.Sprintf("Origin=%q", e.Origin))
+	}
+	if m.matchDetail != nil {
+		comma()
+		buf.WriteString(fmt.Sprintf("Detail=%q", e.Detail))
+	}
+	return "{" + buf.String() + "}"
+}
+
+// Exactly returns a derived ErrorMatcher which matches all fields exactly.
+func (m ErrorMatcher) Exactly() ErrorMatcher {
+	return m.ByType().ByField().ByValue().ByOrigin().ByDetailExact()
+}
+
+// ByType returns a derived ErrorMatcher which also matches by type.
+func (m ErrorMatcher) ByType() ErrorMatcher {
+	m.matchType = true
+	return m
+}
+
+// ByField returns a derived ErrorMatcher which also matches by field path.
+func (m ErrorMatcher) ByField() ErrorMatcher {
+	m.matchField = true
+	return m
+}
+
+// ByValue returns a derived ErrorMatcher which also matches by the errant
+// value.
+func (m ErrorMatcher) ByValue() ErrorMatcher {
+	m.matchValue = true
+	return m
+}
+
+// ByOrigin returns a derived ErrorMatcher which also matches by the origin.
+func (m ErrorMatcher) ByOrigin() ErrorMatcher {
+	m.matchOrigin = true
+	return m
+}
+
+// RequireOriginWhenInvalid returns a derived ErrorMatcher which also requires
+// the Origin field to be set when the Type is Invalid and the matcher is
+// matching by Origin.
+func (m ErrorMatcher) RequireOriginWhenInvalid() ErrorMatcher {
+	m.requireOriginWhenInvalid = true
+	return m
+}
+
+// ByDetailExact returns a derived ErrorMatcher which also matches errors by
+// the exact detail string.
+func (m ErrorMatcher) ByDetailExact() ErrorMatcher {
+	m.matchDetail = func(want, got string) bool {
+		return got == want
+	}
+	return m
+}
+
+// ByDetailSubstring returns a derived ErrorMatcher which also matches errors
+// by a substring of the detail string.
+func (m ErrorMatcher) ByDetailSubstring() ErrorMatcher {
+	m.matchDetail = func(want, got string) bool {
+		return strings.Contains(got, want)
+	}
+	return m
+}
+
+// ByDetailRegexp returns a derived ErrorMatcher which also matches errors by a
+// regular expression of the detail string, where the "want" string is assumed
+// to be a valid regular expression.
+func (m ErrorMatcher) ByDetailRegexp() ErrorMatcher {
+	m.matchDetail = func(want, got string) bool {
+		return regexp.MustCompile(want).MatchString(got)
+	}
+	return m
+}
+
+// TestIntf lets users pass a testing.T while not coupling this package to Go's
+// testing package.
+type TestIntf interface {
+	Helper()
+	Errorf(format string, args ...any)
+	Logf(format string, args ...any)
+}
+
+// Test compares two ErrorLists by the criteria configured in this matcher, and
+// fails the test if they don't match. If a given "want" error matches multiple
+// "got" errors, they will all be consumed. This might be OK (e.g. if there are
+// multiple errors on the same field from the same origin) or it might be an
+// insufficiently specific matcher, so these will be logged.
+func (m ErrorMatcher) Test(tb TestIntf, want, got ErrorList) {
+	tb.Helper()
+
+	remaining := got
+	for _, w := range want {
+		tmp := make(ErrorList, 0, len(remaining))
+		n := 0
+		for _, g := range remaining {
+			if m.Matches(w, g) {
+				n++
+			} else {
+				tmp = append(tmp, g)
+			}
+		}
+		if n == 0 {
+			tb.Errorf("expected an error matching:\n%s", m.Render(w))
+		} else if n > 1 {
+			// This is not necessarily and error, but it's worth logging in
+			// case it's not what the test author intended.
+			tb.Logf("multiple errors matched:\n%s", m.Render(w))
+		}
+		remaining = tmp
+	}
+	if len(remaining) > 0 {
+		for _, e := range remaining {
+			exactly := m.Exactly() // makes a copy
+			tb.Errorf("unmatched error:\n%s", exactly.Render(e))
+		}
+	}
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/validation/field/errors.go b/vendor/k8s.io/apimachinery/pkg/util/validation/field/errors.go
index f1634bc0df..840d645ee3 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/validation/field/errors.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/validation/field/errors.go
@@ -33,13 +33,35 @@ type Error struct {
 	Field    string
 	BadValue interface{}
 	Detail   string
+
+	// Origin uniquely identifies where this error was generated from. It is used in testing to
+	// compare expected errors against actual errors without relying on exact detail string matching.
+	// This allows tests to verify the correct validation logic triggered the error
+	// regardless of how the error message might be formatted or localized.
+	//
+	// The value should be either:
+	// - A simple camelCase identifier (e.g., "maximum", "maxItems")
+	// - A structured format using "format=<dash-style-identifier>" for validation errors related to specific formats
+	//   (e.g., "format=dns-label", "format=qualified-name")
+	//
+	// If the Origin corresponds to an existing declarative validation tag or JSON Schema keyword,
+	// use that same name for consistency.
+	//
+	// Origin should be set in the most deeply nested validation function that
+	// can still identify the unique source of the error.
+	Origin string
+
+	// CoveredByDeclarative is true when this error is covered by declarative
+	// validation. This field is to identify errors from imperative validation
+	// that should also be caught by declarative validation.
+	CoveredByDeclarative bool
 }
 
 var _ error = &Error{}
 
 // Error implements the error interface.
-func (v *Error) Error() string {
-	return fmt.Sprintf("%s: %s", v.Field, v.ErrorBody())
+func (e *Error) Error() string {
+	return fmt.Sprintf("%s: %s", e.Field, e.ErrorBody())
 }
 
 type OmitValueType struct{}
@@ -48,21 +70,21 @@ var omitValue = OmitValueType{}
 
 // ErrorBody returns the error message without the field name.  This is useful
 // for building nice-looking higher-level error reporting.
-func (v *Error) ErrorBody() string {
+func (e *Error) ErrorBody() string {
 	var s string
 	switch {
-	case v.Type == ErrorTypeRequired:
-		s = v.Type.String()
-	case v.Type == ErrorTypeForbidden:
-		s = v.Type.String()
-	case v.Type == ErrorTypeTooLong:
-		s = v.Type.String()
-	case v.Type == ErrorTypeInternal:
-		s = v.Type.String()
-	case v.BadValue == omitValue:
-		s = v.Type.String()
+	case e.Type == ErrorTypeRequired:
+		s = e.Type.String()
+	case e.Type == ErrorTypeForbidden:
+		s = e.Type.String()
+	case e.Type == ErrorTypeTooLong:
+		s = e.Type.String()
+	case e.Type == ErrorTypeInternal:
+		s = e.Type.String()
+	case e.BadValue == omitValue:
+		s = e.Type.String()
 	default:
-		value := v.BadValue
+		value := e.BadValue
 		valueType := reflect.TypeOf(value)
 		if value == nil || valueType == nil {
 			value = "null"
@@ -76,26 +98,38 @@ func (v *Error) ErrorBody() string {
 		switch t := value.(type) {
 		case int64, int32, float64, float32, bool:
 			// use simple printer for simple types
-			s = fmt.Sprintf("%s: %v", v.Type, value)
+			s = fmt.Sprintf("%s: %v", e.Type, value)
 		case string:
-			s = fmt.Sprintf("%s: %q", v.Type, t)
+			s = fmt.Sprintf("%s: %q", e.Type, t)
 		case fmt.Stringer:
 			// anything that defines String() is better than raw struct
-			s = fmt.Sprintf("%s: %s", v.Type, t.String())
+			s = fmt.Sprintf("%s: %s", e.Type, t.String())
 		default:
 			// fallback to raw struct
 			// TODO: internal types have panic guards against json.Marshalling to prevent
 			// accidental use of internal types in external serialized form.  For now, use
 			// %#v, although it would be better to show a more expressive output in the future
-			s = fmt.Sprintf("%s: %#v", v.Type, value)
+			s = fmt.Sprintf("%s: %#v", e.Type, value)
 		}
 	}
-	if len(v.Detail) != 0 {
-		s += fmt.Sprintf(": %s", v.Detail)
+	if len(e.Detail) != 0 {
+		s += fmt.Sprintf(": %s", e.Detail)
 	}
 	return s
 }
 
+// WithOrigin adds origin information to the FieldError
+func (e *Error) WithOrigin(o string) *Error {
+	e.Origin = o
+	return e
+}
+
+// MarkCoveredByDeclarative marks the error as covered by declarative validation.
+func (e *Error) MarkCoveredByDeclarative() *Error {
+	e.CoveredByDeclarative = true
+	return e
+}
+
 // ErrorType is a machine readable value providing more detail about why
 // a field is invalid.  These values are expected to match 1-1 with
 // CauseType in api/types.go.
@@ -169,32 +203,32 @@ func (t ErrorType) String() string {
 
 // TypeInvalid returns a *Error indicating "type is invalid"
 func TypeInvalid(field *Path, value interface{}, detail string) *Error {
-	return &Error{ErrorTypeTypeInvalid, field.String(), value, detail}
+	return &Error{ErrorTypeTypeInvalid, field.String(), value, detail, "", false}
 }
 
 // NotFound returns a *Error indicating "value not found".  This is
 // used to report failure to find a requested value (e.g. looking up an ID).
 func NotFound(field *Path, value interface{}) *Error {
-	return &Error{ErrorTypeNotFound, field.String(), value, ""}
+	return &Error{ErrorTypeNotFound, field.String(), value, "", "", false}
 }
 
 // Required returns a *Error indicating "value required".  This is used
 // to report required values that are not provided (e.g. empty strings, null
 // values, or empty arrays).
 func Required(field *Path, detail string) *Error {
-	return &Error{ErrorTypeRequired, field.String(), "", detail}
+	return &Error{ErrorTypeRequired, field.String(), "", detail, "", false}
 }
 
 // Duplicate returns a *Error indicating "duplicate value".  This is
 // used to report collisions of values that must be unique (e.g. names or IDs).
 func Duplicate(field *Path, value interface{}) *Error {
-	return &Error{ErrorTypeDuplicate, field.String(), value, ""}
+	return &Error{ErrorTypeDuplicate, field.String(), value, "", "", false}
 }
 
 // Invalid returns a *Error indicating "invalid value".  This is used
 // to report malformed values (e.g. failed regex match, too long, out of bounds).
 func Invalid(field *Path, value interface{}, detail string) *Error {
-	return &Error{ErrorTypeInvalid, field.String(), value, detail}
+	return &Error{ErrorTypeInvalid, field.String(), value, detail, "", false}
 }
 
 // NotSupported returns a *Error indicating "unsupported value".
@@ -209,7 +243,7 @@ func NotSupported[T ~string](field *Path, value interface{}, validValues []T) *E
 		}
 		detail = "supported values: " + strings.Join(quotedValues, ", ")
 	}
-	return &Error{ErrorTypeNotSupported, field.String(), value, detail}
+	return &Error{ErrorTypeNotSupported, field.String(), value, detail, "", false}
 }
 
 // Forbidden returns a *Error indicating "forbidden".  This is used to
@@ -217,7 +251,7 @@ func NotSupported[T ~string](field *Path, value interface{}, validValues []T) *E
 // some conditions, but which are not permitted by current conditions (e.g.
 // security policy).
 func Forbidden(field *Path, detail string) *Error {
-	return &Error{ErrorTypeForbidden, field.String(), "", detail}
+	return &Error{ErrorTypeForbidden, field.String(), "", detail, "", false}
 }
 
 // TooLong returns a *Error indicating "too long".  This is used to report that
@@ -231,7 +265,7 @@ func TooLong(field *Path, value interface{}, maxLength int) *Error {
 	} else {
 		msg = "value is too long"
 	}
-	return &Error{ErrorTypeTooLong, field.String(), "<value omitted>", msg}
+	return &Error{ErrorTypeTooLong, field.String(), "<value omitted>", msg, "", false}
 }
 
 // TooLongMaxLength returns a *Error indicating "too long".
@@ -259,14 +293,14 @@ func TooMany(field *Path, actualQuantity, maxQuantity int) *Error {
 		actual = omitValue
 	}
 
-	return &Error{ErrorTypeTooMany, field.String(), actual, msg}
+	return &Error{ErrorTypeTooMany, field.String(), actual, msg, "", false}
 }
 
 // InternalError returns a *Error indicating "internal error".  This is used
 // to signal that an error was found that was not directly related to user
 // input.  The err argument must be non-nil.
 func InternalError(field *Path, err error) *Error {
-	return &Error{ErrorTypeInternal, field.String(), nil, err.Error()}
+	return &Error{ErrorTypeInternal, field.String(), nil, err.Error(), "", false}
 }
 
 // ErrorList holds a set of Errors.  It is plausible that we might one day have
@@ -285,6 +319,22 @@ func NewErrorTypeMatcher(t ErrorType) utilerrors.Matcher {
 	}
 }
 
+// WithOrigin sets the origin for all errors in the list and returns the updated list.
+func (list ErrorList) WithOrigin(origin string) ErrorList {
+	for _, err := range list {
+		err.Origin = origin
+	}
+	return list
+}
+
+// MarkCoveredByDeclarative marks all errors in the list as covered by declarative validation.
+func (list ErrorList) MarkCoveredByDeclarative() ErrorList {
+	for _, err := range list {
+		err.CoveredByDeclarative = true
+	}
+	return list
+}
+
 // ToAggregate converts the ErrorList into an errors.Aggregate.
 func (list ErrorList) ToAggregate() utilerrors.Aggregate {
 	if len(list) == 0 {
@@ -321,3 +371,25 @@ func (list ErrorList) Filter(fns ...utilerrors.Matcher) ErrorList {
 	// FilterOut takes an Aggregate and returns an Aggregate
 	return fromAggregate(err.(utilerrors.Aggregate))
 }
+
+// ExtractCoveredByDeclarative returns a new ErrorList containing only the errors that should be covered by declarative validation.
+func (list ErrorList) ExtractCoveredByDeclarative() ErrorList {
+	newList := ErrorList{}
+	for _, err := range list {
+		if err.CoveredByDeclarative {
+			newList = append(newList, err)
+		}
+	}
+	return newList
+}
+
+// RemoveCoveredByDeclarative returns a new ErrorList containing only the errors that should not be covered by declarative validation.
+func (list ErrorList) RemoveCoveredByDeclarative() ErrorList {
+	newList := ErrorList{}
+	for _, err := range list {
+		if !err.CoveredByDeclarative {
+			newList = append(newList, err)
+		}
+	}
+	return newList
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/validation/ip.go b/vendor/k8s.io/apimachinery/pkg/util/validation/ip.go
new file mode 100644
index 0000000000..6e947c74c9
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/validation/ip.go
@@ -0,0 +1,278 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package validation
+
+import (
+	"fmt"
+	"net"
+	"net/netip"
+	"slices"
+
+	"k8s.io/apimachinery/pkg/util/validation/field"
+	"k8s.io/klog/v2"
+	netutils "k8s.io/utils/net"
+)
+
+func parseIP(fldPath *field.Path, value string, strictValidation bool) (net.IP, field.ErrorList) {
+	var allErrors field.ErrorList
+
+	ip := netutils.ParseIPSloppy(value)
+	if ip == nil {
+		allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid IP address, (e.g. 10.9.8.7 or 2001:db8::ffff)"))
+		return nil, allErrors
+	}
+
+	if strictValidation {
+		addr, err := netip.ParseAddr(value)
+		if err != nil {
+			// If netutils.ParseIPSloppy parsed it, but netip.ParseAddr
+			// doesn't, then it must have illegal leading 0s.
+			allErrors = append(allErrors, field.Invalid(fldPath, value, "must not have leading 0s"))
+		}
+		if addr.Is4In6() {
+			allErrors = append(allErrors, field.Invalid(fldPath, value, "must not be an IPv4-mapped IPv6 address"))
+		}
+	}
+
+	return ip, allErrors
+}
+
+// IsValidIPForLegacyField tests that the argument is a valid IP address for a "legacy"
+// API field that predates strict IP validation. In particular, this allows IPs that are
+// not in canonical form (e.g., "FE80:0:0:0:0:0:0:0abc" instead of "fe80::abc").
+//
+// If strictValidation is false, this also allows IPs in certain invalid or ambiguous
+// formats:
+//
+//  1. IPv4 IPs are allowed to have leading "0"s in octets (e.g. "010.002.003.004").
+//     Historically, net.ParseIP (and later netutils.ParseIPSloppy) simply ignored leading
+//     "0"s in IPv4 addresses, but most libc-based software treats 0-prefixed IPv4 octets
+//     as octal, meaning different software might interpret the same string as two
+//     different IPs, potentially leading to security issues. (Current net.ParseIP and
+//     netip.ParseAddr simply reject inputs with leading "0"s.)
+//
+//  2. IPv4-mapped IPv6 IPs (e.g. "::ffff:1.2.3.4") are allowed. These can also lead to
+//     different software interpreting the value in different ways, because they may be
+//     treated as IPv4 by some software and IPv6 by other software. (net.ParseIP and
+//     netip.ParseAddr both allow these, but there are no use cases for representing IPv4
+//     addresses as IPv4-mapped IPv6 addresses in Kubernetes.)
+//
+// Alternatively, when validating an update to an existing field, you can pass a list of
+// IP values from the old object that should be accepted if they appear in the new object
+// even if they are not valid.
+//
+// This function should only be used to validate the existing fields that were
+// historically validated in this way, and strictValidation should be true unless the
+// StrictIPCIDRValidation feature gate is disabled. Use IsValidIP for parsing new fields.
+func IsValidIPForLegacyField(fldPath *field.Path, value string, strictValidation bool, validOldIPs []string) field.ErrorList {
+	if slices.Contains(validOldIPs, value) {
+		return nil
+	}
+	_, allErrors := parseIP(fldPath, value, strictValidation)
+	return allErrors.WithOrigin("format=ip-sloppy")
+}
+
+// IsValidIP tests that the argument is a valid IP address, according to current
+// Kubernetes standards for IP address validation.
+func IsValidIP(fldPath *field.Path, value string) field.ErrorList {
+	ip, allErrors := parseIP(fldPath, value, true)
+	if len(allErrors) != 0 {
+		return allErrors.WithOrigin("format=ip-strict")
+	}
+
+	if value != ip.String() {
+		allErrors = append(allErrors, field.Invalid(fldPath, value, fmt.Sprintf("must be in canonical form (%q)", ip.String())))
+	}
+	return allErrors.WithOrigin("format=ip-strict")
+}
+
+// GetWarningsForIP returns warnings for IP address values in non-standard forms. This
+// should only be used with fields that are validated with IsValidIPForLegacyField().
+func GetWarningsForIP(fldPath *field.Path, value string) []string {
+	ip := netutils.ParseIPSloppy(value)
+	if ip == nil {
+		klog.ErrorS(nil, "GetWarningsForIP called on value that was not validated with IsValidIPForLegacyField", "field", fldPath, "value", value)
+		return nil
+	}
+
+	addr, _ := netip.ParseAddr(value)
+	if !addr.IsValid() || addr.Is4In6() {
+		// This catches 2 cases: leading 0s (if ParseIPSloppy() accepted it but
+		// ParseAddr() doesn't) or IPv4-mapped IPv6 (.Is4In6()). Either way,
+		// re-stringifying the net.IP value will give the preferred form.
+		return []string{
+			fmt.Sprintf("%s: non-standard IP address %q will be considered invalid in a future Kubernetes release: use %q", fldPath, value, ip.String()),
+		}
+	}
+
+	// If ParseIPSloppy() and ParseAddr() both accept it then it's fully valid, though
+	// it may be non-canonical.
+	if addr.Is6() && addr.String() != value {
+		return []string{
+			fmt.Sprintf("%s: IPv6 address %q should be in RFC 5952 canonical format (%q)", fldPath, value, addr.String()),
+		}
+	}
+
+	return nil
+}
+
+func parseCIDR(fldPath *field.Path, value string, strictValidation bool) (*net.IPNet, field.ErrorList) {
+	var allErrors field.ErrorList
+
+	_, ipnet, err := netutils.ParseCIDRSloppy(value)
+	if err != nil {
+		allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid CIDR value, (e.g. 10.9.8.0/24 or 2001:db8::/64)"))
+		return nil, allErrors
+	}
+
+	if strictValidation {
+		prefix, err := netip.ParsePrefix(value)
+		if err != nil {
+			// If netutils.ParseCIDRSloppy parsed it, but netip.ParsePrefix
+			// doesn't, then it must have illegal leading 0s (either in the
+			// IP part or the prefix).
+			allErrors = append(allErrors, field.Invalid(fldPath, value, "must not have leading 0s in IP or prefix length"))
+		} else if prefix.Addr().Is4In6() {
+			allErrors = append(allErrors, field.Invalid(fldPath, value, "must not have an IPv4-mapped IPv6 address"))
+		} else if prefix.Addr() != prefix.Masked().Addr() {
+			allErrors = append(allErrors, field.Invalid(fldPath, value, "must not have bits set beyond the prefix length"))
+		}
+	}
+
+	return ipnet, allErrors
+}
+
+// IsValidCIDRForLegacyField tests that the argument is a valid CIDR value for a "legacy"
+// API field that predates strict IP validation. In particular, this allows IPs that are
+// not in canonical form (e.g., "FE80:0abc:0:0:0:0:0:0/64" instead of "fe80:abc::/64").
+//
+// If strictValidation is false, this also allows CIDR values in certain invalid or
+// ambiguous formats:
+//
+//  1. The IP part of the CIDR value is parsed as with IsValidIPForLegacyField with
+//     strictValidation=false.
+//
+//  2. The CIDR value is allowed to be either a "subnet"/"mask" (with the lower bits after
+//     the prefix length all being 0), or an "interface address" as with `ip addr` (with a
+//     complete IP address and associated subnet length). With strict validation, the
+//     value is required to be in "subnet"/"mask" form.
+//
+//  3. The prefix length is allowed to have leading 0s.
+//
+// Alternatively, when validating an update to an existing field, you can pass a list of
+// CIDR values from the old object that should be accepted if they appear in the new
+// object even if they are not valid.
+//
+// This function should only be used to validate the existing fields that were
+// historically validated in this way, and strictValidation should be true unless the
+// StrictIPCIDRValidation feature gate is disabled. Use IsValidCIDR or
+// IsValidInterfaceAddress for parsing new fields.
+func IsValidCIDRForLegacyField(fldPath *field.Path, value string, strictValidation bool, validOldCIDRs []string) field.ErrorList {
+	if slices.Contains(validOldCIDRs, value) {
+		return nil
+	}
+
+	_, allErrors := parseCIDR(fldPath, value, strictValidation)
+	return allErrors
+}
+
+// IsValidCIDR tests that the argument is a valid CIDR value, according to current
+// Kubernetes standards for CIDR validation. This function is only for
+// "subnet"/"mask"-style CIDR values (e.g., "192.168.1.0/24", with no bits set beyond the
+// prefix length). Use IsValidInterfaceAddress for "ifaddr"-style CIDR values.
+func IsValidCIDR(fldPath *field.Path, value string) field.ErrorList {
+	ipnet, allErrors := parseCIDR(fldPath, value, true)
+	if len(allErrors) != 0 {
+		return allErrors
+	}
+
+	if value != ipnet.String() {
+		allErrors = append(allErrors, field.Invalid(fldPath, value, fmt.Sprintf("must be in canonical form (%q)", ipnet.String())))
+	}
+	return allErrors
+}
+
+// GetWarningsForCIDR returns warnings for CIDR values in non-standard forms. This should
+// only be used with fields that are validated with IsValidCIDRForLegacyField().
+func GetWarningsForCIDR(fldPath *field.Path, value string) []string {
+	ip, ipnet, err := netutils.ParseCIDRSloppy(value)
+	if err != nil {
+		klog.ErrorS(err, "GetWarningsForCIDR called on value that was not validated with IsValidCIDRForLegacyField", "field", fldPath, "value", value)
+		return nil
+	}
+
+	var warnings []string
+
+	// Check for bits set after prefix length
+	if !ip.Equal(ipnet.IP) {
+		_, addrlen := ipnet.Mask.Size()
+		singleIPCIDR := fmt.Sprintf("%s/%d", ip.String(), addrlen)
+		warnings = append(warnings,
+			fmt.Sprintf("%s: CIDR value %q is ambiguous in this context (should be %q or %q?)", fldPath, value, ipnet.String(), singleIPCIDR),
+		)
+	}
+
+	prefix, _ := netip.ParsePrefix(value)
+	addr := prefix.Addr()
+	if !prefix.IsValid() || addr.Is4In6() {
+		// This catches 2 cases: leading 0s (if ParseCIDRSloppy() accepted it but
+		// ParsePrefix() doesn't) or IPv4-mapped IPv6 (.Is4In6()). Either way,
+		// re-stringifying the net.IPNet value will give the preferred form.
+		warnings = append(warnings,
+			fmt.Sprintf("%s: non-standard CIDR value %q will be considered invalid in a future Kubernetes release: use %q", fldPath, value, ipnet.String()),
+		)
+	}
+
+	// If ParseCIDRSloppy() and ParsePrefix() both accept it then it's fully valid,
+	// though it may be non-canonical. But only check this if there are no other
+	// warnings, since either of the other warnings would also cause a round-trip
+	// failure.
+	if len(warnings) == 0 && addr.Is6() && prefix.String() != value {
+		warnings = append(warnings,
+			fmt.Sprintf("%s: IPv6 CIDR value %q should be in RFC 5952 canonical format (%q)", fldPath, value, prefix.String()),
+		)
+	}
+
+	return warnings
+}
+
+// IsValidInterfaceAddress tests that the argument is a valid "ifaddr"-style CIDR value in
+// canonical form (e.g., "192.168.1.5/24", with a complete IP address and associated
+// subnet length). Use IsValidCIDR for "subnet"/"mask"-style CIDR values (e.g.,
+// "192.168.1.0/24").
+func IsValidInterfaceAddress(fldPath *field.Path, value string) field.ErrorList {
+	var allErrors field.ErrorList
+	ip, ipnet, err := netutils.ParseCIDRSloppy(value)
+	if err != nil {
+		allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid address in CIDR form, (e.g. 10.9.8.7/24 or 2001:db8::1/64)"))
+		return allErrors
+	}
+
+	// The canonical form of `value` is not `ipnet.String()`, because `ipnet` doesn't
+	// include the bits after the prefix. We need to construct the canonical form
+	// ourselves from `ip` and `ipnet.Mask`.
+	maskSize, _ := ipnet.Mask.Size()
+	if netutils.IsIPv4(ip) && maskSize > net.IPv4len*8 {
+		// "::ffff:192.168.0.1/120" -> "192.168.0.1/24"
+		maskSize -= (net.IPv6len - net.IPv4len) * 8
+	}
+	canonical := fmt.Sprintf("%s/%d", ip.String(), maskSize)
+	if value != canonical {
+		allErrors = append(allErrors, field.Invalid(fldPath, value, fmt.Sprintf("must be in canonical form (%q)", canonical)))
+	}
+	return allErrors
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go b/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go
index 9bc393cf58..b6be7af1b1 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go
@@ -24,7 +24,6 @@ import (
 	"unicode"
 
 	"k8s.io/apimachinery/pkg/util/validation/field"
-	netutils "k8s.io/utils/net"
 )
 
 const qnameCharFmt string = "[A-Za-z0-9]"
@@ -369,45 +368,6 @@ func IsValidPortName(port string) []string {
 	return errs
 }
 
-// IsValidIP tests that the argument is a valid IP address.
-func IsValidIP(fldPath *field.Path, value string) field.ErrorList {
-	var allErrors field.ErrorList
-	if netutils.ParseIPSloppy(value) == nil {
-		allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid IP address, (e.g. 10.9.8.7 or 2001:db8::ffff)"))
-	}
-	return allErrors
-}
-
-// IsValidIPv4Address tests that the argument is a valid IPv4 address.
-func IsValidIPv4Address(fldPath *field.Path, value string) field.ErrorList {
-	var allErrors field.ErrorList
-	ip := netutils.ParseIPSloppy(value)
-	if ip == nil || ip.To4() == nil {
-		allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid IPv4 address"))
-	}
-	return allErrors
-}
-
-// IsValidIPv6Address tests that the argument is a valid IPv6 address.
-func IsValidIPv6Address(fldPath *field.Path, value string) field.ErrorList {
-	var allErrors field.ErrorList
-	ip := netutils.ParseIPSloppy(value)
-	if ip == nil || ip.To4() != nil {
-		allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid IPv6 address"))
-	}
-	return allErrors
-}
-
-// IsValidCIDR tests that the argument is a valid CIDR value.
-func IsValidCIDR(fldPath *field.Path, value string) field.ErrorList {
-	var allErrors field.ErrorList
-	_, _, err := netutils.ParseCIDRSloppy(value)
-	if err != nil {
-		allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid CIDR value, (e.g. 10.9.8.0/24 or 2001:db8::/64)"))
-	}
-	return allErrors
-}
-
 const percentFmt string = "[0-9]+%"
 const percentErrMsg string = "a valid percent string must be a numeric string followed by an ending '%'"
 
diff --git a/vendor/k8s.io/apimachinery/pkg/util/version/doc.go b/vendor/k8s.io/apimachinery/pkg/util/version/doc.go
index 5b2b22b6d0..da88813da2 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/version/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/version/doc.go
@@ -15,4 +15,4 @@ limitations under the License.
 */
 
 // Package version provides utilities for version number comparisons
-package version // import "k8s.io/apimachinery/pkg/util/version"
+package version
diff --git a/vendor/k8s.io/apimachinery/pkg/util/version/version.go b/vendor/k8s.io/apimachinery/pkg/util/version/version.go
index b7812ff2d1..72c0769e6c 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/version/version.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/version/version.go
@@ -33,7 +33,6 @@ type Version struct {
 	semver        bool
 	preRelease    string
 	buildMetadata string
-	info          apimachineryversion.Info
 }
 
 var (
@@ -456,27 +455,28 @@ func (v *Version) Compare(other string) (int, error) {
 	return v.compareInternal(ov), nil
 }
 
-// WithInfo returns copy of the version object with requested info
+// WithInfo returns copy of the version object.
+// Deprecated: The Info field has been removed from the Version struct. This method no longer modifies the Version object.
 func (v *Version) WithInfo(info apimachineryversion.Info) *Version {
 	result := *v
-	result.info = info
 	return &result
 }
 
+// Info returns the version information of a component.
+// Deprecated: Use Info() from effective version instead.
 func (v *Version) Info() *apimachineryversion.Info {
 	if v == nil {
 		return nil
 	}
 	// in case info is empty, or the major and minor in info is different from the actual major and minor
-	v.info.Major = itoa(v.Major())
-	v.info.Minor = itoa(v.Minor())
-	if v.info.GitVersion == "" {
-		v.info.GitVersion = v.String()
+	return &apimachineryversion.Info{
+		Major:      Itoa(v.Major()),
+		Minor:      Itoa(v.Minor()),
+		GitVersion: v.String(),
 	}
-	return &v.info
 }
 
-func itoa(i uint) string {
+func Itoa(i uint) string {
 	if i == 0 {
 		return ""
 	}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/wait/backoff.go b/vendor/k8s.io/apimachinery/pkg/util/wait/backoff.go
index 4187619256..177be09a95 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/wait/backoff.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/wait/backoff.go
@@ -157,6 +157,8 @@ func (b Backoff) DelayWithReset(c clock.Clock, resetInterval time.Duration) Dela
 // Until is syntactic sugar on top of JitterUntil with zero jitter factor and
 // with sliding = true (which means the timer for period starts after the f
 // completes).
+//
+// Contextual logging: UntilWithContext should be used instead of Until in code which supports contextual logging.
 func Until(f func(), period time.Duration, stopCh <-chan struct{}) {
 	JitterUntil(f, period, 0.0, true, stopCh)
 }
@@ -176,6 +178,8 @@ func UntilWithContext(ctx context.Context, f func(context.Context), period time.
 // NonSlidingUntil is syntactic sugar on top of JitterUntil with zero jitter
 // factor, with sliding = false (meaning the timer for period starts at the same
 // time as the function starts).
+//
+// Contextual logging: NonSlidingUntilWithContext should be used instead of NonSlidingUntil in code which supports contextual logging.
 func NonSlidingUntil(f func(), period time.Duration, stopCh <-chan struct{}) {
 	JitterUntil(f, period, 0.0, false, stopCh)
 }
@@ -200,19 +204,44 @@ func NonSlidingUntilWithContext(ctx context.Context, f func(context.Context), pe
 //
 // Close stopCh to stop. f may not be invoked if stop channel is already
 // closed. Pass NeverStop to if you don't want it stop.
+//
+// Contextual logging: JitterUntilWithContext should be used instead of JitterUntil in code which supports contextual logging.
 func JitterUntil(f func(), period time.Duration, jitterFactor float64, sliding bool, stopCh <-chan struct{}) {
 	BackoffUntil(f, NewJitteredBackoffManager(period, jitterFactor, &clock.RealClock{}), sliding, stopCh)
 }
 
+// JitterUntilWithContext loops until context is done, running f every period.
+//
+// If jitterFactor is positive, the period is jittered before every run of f.
+// If jitterFactor is not positive, the period is unchanged and not jittered.
+//
+// If sliding is true, the period is computed after f runs. If it is false then
+// period includes the runtime for f.
+//
+// Cancel context to stop. f may not be invoked if context is already done.
+func JitterUntilWithContext(ctx context.Context, f func(context.Context), period time.Duration, jitterFactor float64, sliding bool) {
+	BackoffUntilWithContext(ctx, f, NewJitteredBackoffManager(period, jitterFactor, &clock.RealClock{}), sliding)
+}
+
 // BackoffUntil loops until stop channel is closed, run f every duration given by BackoffManager.
 //
 // If sliding is true, the period is computed after f runs. If it is false then
 // period includes the runtime for f.
+//
+// Contextual logging: BackoffUntilWithContext should be used instead of BackoffUntil in code which supports contextual logging.
 func BackoffUntil(f func(), backoff BackoffManager, sliding bool, stopCh <-chan struct{}) {
+	BackoffUntilWithContext(ContextForChannel(stopCh), func(context.Context) { f() }, backoff, sliding)
+}
+
+// BackoffUntilWithContext loops until context is done, run f every duration given by BackoffManager.
+//
+// If sliding is true, the period is computed after f runs. If it is false then
+// period includes the runtime for f.
+func BackoffUntilWithContext(ctx context.Context, f func(ctx context.Context), backoff BackoffManager, sliding bool) {
 	var t clock.Timer
 	for {
 		select {
-		case <-stopCh:
+		case <-ctx.Done():
 			return
 		default:
 		}
@@ -222,8 +251,8 @@ func BackoffUntil(f func(), backoff BackoffManager, sliding bool, stopCh <-chan
 		}
 
 		func() {
-			defer runtime.HandleCrash()
-			f()
+			defer runtime.HandleCrashWithContext(ctx)
+			f(ctx)
 		}()
 
 		if sliding {
@@ -236,7 +265,7 @@ func BackoffUntil(f func(), backoff BackoffManager, sliding bool, stopCh <-chan
 		// In order to mitigate we re-check stopCh at the beginning
 		// of every loop to prevent extra executions of f().
 		select {
-		case <-stopCh:
+		case <-ctx.Done():
 			if !t.Stop() {
 				<-t.C()
 			}
@@ -246,19 +275,6 @@ func BackoffUntil(f func(), backoff BackoffManager, sliding bool, stopCh <-chan
 	}
 }
 
-// JitterUntilWithContext loops until context is done, running f every period.
-//
-// If jitterFactor is positive, the period is jittered before every run of f.
-// If jitterFactor is not positive, the period is unchanged and not jittered.
-//
-// If sliding is true, the period is computed after f runs. If it is false then
-// period includes the runtime for f.
-//
-// Cancel context to stop. f may not be invoked if context is already expired.
-func JitterUntilWithContext(ctx context.Context, f func(context.Context), period time.Duration, jitterFactor float64, sliding bool) {
-	JitterUntil(func() { f(ctx) }, period, jitterFactor, sliding, ctx.Done())
-}
-
 // backoffManager provides simple backoff behavior in a threadsafe manner to a caller.
 type backoffManager struct {
 	backoff        Backoff
diff --git a/vendor/k8s.io/apimachinery/pkg/util/wait/doc.go b/vendor/k8s.io/apimachinery/pkg/util/wait/doc.go
index 3f0c968ec9..ff89dc170e 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/wait/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/wait/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // Package wait provides tools for polling or listening for changes
 // to a condition.
-package wait // import "k8s.io/apimachinery/pkg/util/wait"
+package wait
diff --git a/vendor/k8s.io/apimachinery/pkg/util/wait/loop.go b/vendor/k8s.io/apimachinery/pkg/util/wait/loop.go
index 107bfc132f..9f9b929ffa 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/wait/loop.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/wait/loop.go
@@ -49,7 +49,7 @@ func loopConditionUntilContext(ctx context.Context, t Timer, immediate, sliding
 	// if we haven't requested immediate execution, delay once
 	if immediate {
 		if ok, err := func() (bool, error) {
-			defer runtime.HandleCrash()
+			defer runtime.HandleCrashWithContext(ctx)
 			return condition(ctx)
 		}(); err != nil || ok {
 			return err
@@ -83,7 +83,7 @@ func loopConditionUntilContext(ctx context.Context, t Timer, immediate, sliding
 			t.Next()
 		}
 		if ok, err := func() (bool, error) {
-			defer runtime.HandleCrash()
+			defer runtime.HandleCrashWithContext(ctx)
 			return condition(ctx)
 		}(); err != nil || ok {
 			return err
diff --git a/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go b/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go
index 6805e8cf94..7379a8d5ac 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go
@@ -80,6 +80,10 @@ func Forever(f func(), period time.Duration) {
 	Until(f, period, NeverStop)
 }
 
+// jitterRand is a dedicated random source for jitter calculations.
+// It defaults to rand.Float64, but is a package variable so it can be overridden to make unit tests deterministic.
+var jitterRand = rand.Float64
+
 // Jitter returns a time.Duration between duration and duration + maxFactor *
 // duration.
 //
@@ -89,7 +93,7 @@ func Jitter(duration time.Duration, maxFactor float64) time.Duration {
 	if maxFactor <= 0.0 {
 		maxFactor = 1.0
 	}
-	wait := duration + time.Duration(rand.Float64()*maxFactor*float64(duration))
+	wait := duration + time.Duration(jitterRand()*maxFactor*float64(duration))
 	return wait
 }
 
@@ -141,6 +145,7 @@ func (c channelContext) Value(key any) any           { return nil }
 //
 // Deprecated: Will be removed when the legacy polling methods are removed.
 func runConditionWithCrashProtection(condition ConditionFunc) (bool, error) {
+	//nolint:logcheck // Already deprecated.
 	defer runtime.HandleCrash()
 	return condition()
 }
@@ -150,7 +155,7 @@ func runConditionWithCrashProtection(condition ConditionFunc) (bool, error) {
 //
 // Deprecated: Will be removed when the legacy polling methods are removed.
 func runConditionWithCrashProtectionWithContext(ctx context.Context, condition ConditionWithContextFunc) (bool, error) {
-	defer runtime.HandleCrash()
+	defer runtime.HandleCrashWithContext(ctx)
 	return condition(ctx)
 }
 
diff --git a/vendor/k8s.io/apimachinery/pkg/util/yaml/decoder.go b/vendor/k8s.io/apimachinery/pkg/util/yaml/decoder.go
index 9837b3df28..bd91a189e6 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/yaml/decoder.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/yaml/decoder.go
@@ -20,10 +20,12 @@ import (
 	"bufio"
 	"bytes"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"strings"
 	"unicode"
+	"unicode/utf8"
 
 	jsonutil "k8s.io/apimachinery/pkg/util/json"
 
@@ -92,7 +94,7 @@ func UnmarshalStrict(data []byte, v interface{}) error {
 // YAML decoding path is not used (so that error messages are
 // JSON specific).
 func ToJSON(data []byte) ([]byte, error) {
-	if hasJSONPrefix(data) {
+	if IsJSONBuffer(data) {
 		return data, nil
 	}
 	return yaml.YAMLToJSON(data)
@@ -102,7 +104,8 @@ func ToJSON(data []byte) ([]byte, error) {
 // separating individual documents. It first converts the YAML
 // body to JSON, then unmarshals the JSON.
 type YAMLToJSONDecoder struct {
-	reader Reader
+	reader      Reader
+	inputOffset int
 }
 
 // NewYAMLToJSONDecoder decodes YAML documents from the provided
@@ -121,7 +124,7 @@ func NewYAMLToJSONDecoder(r io.Reader) *YAMLToJSONDecoder {
 // yaml.Unmarshal.
 func (d *YAMLToJSONDecoder) Decode(into interface{}) error {
 	bytes, err := d.reader.Read()
-	if err != nil && err != io.EOF {
+	if err != nil && err != io.EOF { //nolint:errorlint
 		return err
 	}
 
@@ -131,9 +134,14 @@ func (d *YAMLToJSONDecoder) Decode(into interface{}) error {
 			return YAMLSyntaxError{err}
 		}
 	}
+	d.inputOffset += len(bytes)
 	return err
 }
 
+func (d *YAMLToJSONDecoder) InputOffset() int {
+	return d.inputOffset
+}
+
 // YAMLDecoder reads chunks of objects and returns ErrShortBuffer if
 // the data is not sufficient.
 type YAMLDecoder struct {
@@ -229,18 +237,22 @@ func splitYAMLDocument(data []byte, atEOF bool) (advance int, token []byte, err
 	return 0, nil, nil
 }
 
-// decoder is a convenience interface for Decode.
-type decoder interface {
-	Decode(into interface{}) error
-}
-
-// YAMLOrJSONDecoder attempts to decode a stream of JSON documents or
-// YAML documents by sniffing for a leading { character.
+// YAMLOrJSONDecoder attempts to decode a stream of JSON or YAML documents.
+// While JSON is YAML, the way Go's JSON decode defines a multi-document stream
+// is a series of JSON objects (e.g. {}{}), but YAML defines a multi-document
+// stream as a series of documents separated by "---".
+//
+// This decoder will attempt to decode the stream as JSON first, and if that
+// fails, it will switch to YAML. Once it determines the stream is JSON (by
+// finding a non-YAML-delimited series of objects), it will not switch to YAML.
+// Once it switches to YAML it will not switch back to JSON.
 type YAMLOrJSONDecoder struct {
-	r          io.Reader
-	bufferSize int
-
-	decoder decoder
+	json         *json.Decoder
+	jsonConsumed int64 // of the stream total, how much was JSON?
+	yaml         *YAMLToJSONDecoder
+	yamlConsumed int64 // of the stream total, how much was YAML?
+	stream       *StreamReader
+	count        int // how many objects have been decoded
 }
 
 type JSONSyntaxError struct {
@@ -265,31 +277,113 @@ func (e YAMLSyntaxError) Error() string {
 // how far into the stream the decoder will look to figure out whether this
 // is a JSON stream (has whitespace followed by an open brace).
 func NewYAMLOrJSONDecoder(r io.Reader, bufferSize int) *YAMLOrJSONDecoder {
-	return &YAMLOrJSONDecoder{
-		r:          r,
-		bufferSize: bufferSize,
+	d := &YAMLOrJSONDecoder{}
+
+	reader, _, mightBeJSON := GuessJSONStream(r, bufferSize)
+	d.stream = reader
+	if mightBeJSON {
+		d.json = json.NewDecoder(reader)
+	} else {
+		d.yaml = NewYAMLToJSONDecoder(reader)
 	}
+	return d
 }
 
 // Decode unmarshals the next object from the underlying stream into the
 // provide object, or returns an error.
 func (d *YAMLOrJSONDecoder) Decode(into interface{}) error {
-	if d.decoder == nil {
-		buffer, _, isJSON := GuessJSONStream(d.r, d.bufferSize)
-		if isJSON {
-			d.decoder = json.NewDecoder(buffer)
+	// Because we don't know if this is a JSON or YAML stream, a failure from
+	// both decoders is ambiguous. When in doubt, it will return the error from
+	// the JSON decoder.  Unfortunately, this means that if the first document
+	// is invalid YAML, the error won't be awesome.
+	// TODO: the errors from YAML are not great, we could improve them a lot.
+	var firstErr error
+	if d.json != nil {
+		err := d.json.Decode(into)
+		if err == nil {
+			d.count++
+			consumed := d.json.InputOffset() - d.jsonConsumed
+			d.stream.Consume(int(consumed))
+			d.jsonConsumed += consumed
+			return nil
+		}
+		if err == io.EOF { //nolint:errorlint
+			return err
+		}
+		var syntax *json.SyntaxError
+		if ok := errors.As(err, &syntax); ok {
+			firstErr = JSONSyntaxError{
+				Offset: syntax.Offset,
+				Err:    syntax,
+			}
 		} else {
-			d.decoder = NewYAMLToJSONDecoder(buffer)
+			firstErr = err
+		}
+		if d.count > 1 {
+			// If we found 0 or 1 JSON object(s), this stream is still
+			// ambiguous.  But if we found more than 1 JSON object, then this
+			// is an unambiguous JSON stream, and we should not switch to YAML.
+			return err
+		}
+		// If JSON decoding hits the end of one object and then fails on the
+		// next, it leaves any leading whitespace in the buffer, which can
+		// confuse the YAML decoder. We just eat any whitespace we find, up to
+		// and including the first newline.
+		d.stream.Rewind()
+		if err := d.consumeWhitespace(); err == nil {
+			d.yaml = NewYAMLToJSONDecoder(d.stream)
+		}
+		d.json = nil
+	}
+	if d.yaml != nil {
+		err := d.yaml.Decode(into)
+		if err == nil {
+			consumed := int64(d.yaml.InputOffset()) - d.yamlConsumed
+			d.stream.Consume(int(consumed))
+			d.yamlConsumed += consumed
+			d.count++
+			return nil
+		}
+		if err == io.EOF { //nolint:errorlint
+			return err
+		}
+		if firstErr == nil {
+			firstErr = err
 		}
 	}
-	err := d.decoder.Decode(into)
-	if syntax, ok := err.(*json.SyntaxError); ok {
-		return JSONSyntaxError{
-			Offset: syntax.Offset,
-			Err:    syntax,
+	if firstErr != nil {
+		return firstErr
+	}
+	return fmt.Errorf("decoding failed as both JSON and YAML")
+}
+
+func (d *YAMLOrJSONDecoder) consumeWhitespace() error {
+	consumed := 0
+	for {
+		buf, err := d.stream.ReadN(4)
+		if err != nil && err == io.EOF { //nolint:errorlint
+			return err
+		}
+		r, sz := utf8.DecodeRune(buf)
+		if r == utf8.RuneError || sz == 0 {
+			return fmt.Errorf("invalid utf8 rune")
 		}
+		d.stream.RewindN(len(buf) - sz)
+		if !unicode.IsSpace(r) {
+			d.stream.RewindN(sz)
+			d.stream.Consume(consumed)
+			return nil
+		}
+		if r == '\n' {
+			d.stream.Consume(consumed)
+			return nil
+		}
+		if err == io.EOF { //nolint:errorlint
+			break
+		}
+		consumed += sz
 	}
-	return err
+	return io.EOF
 }
 
 type Reader interface {
@@ -311,7 +405,7 @@ func (r *YAMLReader) Read() ([]byte, error) {
 	var buffer bytes.Buffer
 	for {
 		line, err := r.reader.Read()
-		if err != nil && err != io.EOF {
+		if err != nil && err != io.EOF { //nolint:errorlint
 			return nil, err
 		}
 
@@ -329,11 +423,11 @@ func (r *YAMLReader) Read() ([]byte, error) {
 			if buffer.Len() != 0 {
 				return buffer.Bytes(), nil
 			}
-			if err == io.EOF {
+			if err == io.EOF { //nolint:errorlint
 				return nil, err
 			}
 		}
-		if err == io.EOF {
+		if err == io.EOF { //nolint:errorlint
 			if buffer.Len() != 0 {
 				// If we're at EOF, we have a final, non-terminated line. Return it.
 				return buffer.Bytes(), nil
@@ -369,26 +463,20 @@ func (r *LineReader) Read() ([]byte, error) {
 // GuessJSONStream scans the provided reader up to size, looking
 // for an open brace indicating this is JSON. It will return the
 // bufio.Reader it creates for the consumer.
-func GuessJSONStream(r io.Reader, size int) (io.Reader, []byte, bool) {
-	buffer := bufio.NewReaderSize(r, size)
+func GuessJSONStream(r io.Reader, size int) (*StreamReader, []byte, bool) {
+	buffer := NewStreamReader(r, size)
 	b, _ := buffer.Peek(size)
-	return buffer, b, hasJSONPrefix(b)
+	return buffer, b, IsJSONBuffer(b)
 }
 
 // IsJSONBuffer scans the provided buffer, looking
 // for an open brace indicating this is JSON.
 func IsJSONBuffer(buf []byte) bool {
-	return hasJSONPrefix(buf)
+	return hasPrefix(buf, jsonPrefix)
 }
 
 var jsonPrefix = []byte("{")
 
-// hasJSONPrefix returns true if the provided buffer appears to start with
-// a JSON open brace.
-func hasJSONPrefix(buf []byte) bool {
-	return hasPrefix(buf, jsonPrefix)
-}
-
 // Return true if the first non-whitespace bytes in buf is
 // prefix.
 func hasPrefix(buf []byte, prefix []byte) bool {
diff --git a/vendor/k8s.io/apimachinery/pkg/util/yaml/stream_reader.go b/vendor/k8s.io/apimachinery/pkg/util/yaml/stream_reader.go
new file mode 100644
index 0000000000..d06991057f
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/yaml/stream_reader.go
@@ -0,0 +1,130 @@
+/*
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package yaml
+
+import "io"
+
+// StreamReader is a reader designed for consuming streams of variable-length
+// messages. It buffers data until it is explicitly consumed, and can be
+// rewound to re-read previous data.
+type StreamReader struct {
+	r           io.Reader
+	buf         []byte
+	head        int // current read offset into buf
+	ttlConsumed int // number of bytes which have been consumed
+}
+
+// NewStreamReader creates a new StreamReader wrapping the provided
+// io.Reader.
+func NewStreamReader(r io.Reader, size int) *StreamReader {
+	if size == 0 {
+		size = 4096
+	}
+	return &StreamReader{
+		r:   r,
+		buf: make([]byte, 0, size), // Start with a reasonable capacity
+	}
+}
+
+// Read implements io.Reader. It first returns any buffered data after the
+// current offset, and if that's exhausted, reads from the underlying reader
+// and buffers the data. The returned data is not considered consumed until the
+// Consume method is called.
+func (r *StreamReader) Read(p []byte) (n int, err error) {
+	// If we have buffered data, return it
+	if r.head < len(r.buf) {
+		n = copy(p, r.buf[r.head:])
+		r.head += n
+		return n, nil
+	}
+
+	// If we've already hit EOF, return it
+	if r.r == nil {
+		return 0, io.EOF
+	}
+
+	// Read from the underlying reader
+	n, err = r.r.Read(p)
+	if n > 0 {
+		r.buf = append(r.buf, p[:n]...)
+		r.head += n
+	}
+	if err == nil {
+		return n, nil
+	}
+	if err == io.EOF {
+		// Store that we've hit EOF by setting r to nil
+		r.r = nil
+	}
+	return n, err
+}
+
+// ReadN reads exactly n bytes from the reader, blocking until all bytes are
+// read or an error occurs. If an error occurs, the number of bytes read is
+// returned along with the error. If EOF is hit before n bytes are read, this
+// will return the bytes read so far, along with io.EOF. The returned data is
+// not considered consumed until the Consume method is called.
+func (r *StreamReader) ReadN(want int) ([]byte, error) {
+	ret := make([]byte, want)
+	off := 0
+	for off < want {
+		n, err := r.Read(ret[off:])
+		if err != nil {
+			return ret[:off+n], err
+		}
+		off += n
+	}
+	return ret, nil
+}
+
+// Peek returns the next n bytes without advancing the reader. The returned
+// bytes are valid until the next call to Consume.
+func (r *StreamReader) Peek(n int) ([]byte, error) {
+	buf, err := r.ReadN(n)
+	r.RewindN(len(buf))
+	if err != nil {
+		return buf, err
+	}
+	return buf, nil
+}
+
+// Rewind resets the reader to the beginning of the buffered data.
+func (r *StreamReader) Rewind() {
+	r.head = 0
+}
+
+// RewindN rewinds the reader by n bytes. If n is greater than the current
+// buffer, the reader is rewound to the beginning of the buffer.
+func (r *StreamReader) RewindN(n int) {
+	r.head -= min(n, r.head)
+}
+
+// Consume discards up to n bytes of previously read data from the beginning of
+// the buffer. Once consumed, that data is no longer available for rewinding.
+// If n is greater than the current buffer, the buffer is cleared. Consume
+// never consume data from the underlying reader.
+func (r *StreamReader) Consume(n int) {
+	n = min(n, len(r.buf))
+	r.buf = r.buf[n:]
+	r.head -= n
+	r.ttlConsumed += n
+}
+
+// Consumed returns the number of bytes consumed from the input reader.
+func (r *StreamReader) Consumed() int {
+	return r.ttlConsumed
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/version/doc.go b/vendor/k8s.io/apimachinery/pkg/version/doc.go
index 29574fd6d5..5f446a4f4a 100644
--- a/vendor/k8s.io/apimachinery/pkg/version/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/version/doc.go
@@ -16,5 +16,5 @@ limitations under the License.
 
 // +k8s:openapi-gen=true
 
-// Package version supplies the type for version information collected at build time.
-package version // import "k8s.io/apimachinery/pkg/version"
+// Package version supplies the type for version information.
+package version
diff --git a/vendor/k8s.io/apimachinery/pkg/version/types.go b/vendor/k8s.io/apimachinery/pkg/version/types.go
index 72727b503b..6a18f9e91d 100644
--- a/vendor/k8s.io/apimachinery/pkg/version/types.go
+++ b/vendor/k8s.io/apimachinery/pkg/version/types.go
@@ -20,15 +20,25 @@ package version
 // TODO: Add []string of api versions supported? It's still unclear
 // how we'll want to distribute that information.
 type Info struct {
-	Major        string `json:"major"`
-	Minor        string `json:"minor"`
-	GitVersion   string `json:"gitVersion"`
-	GitCommit    string `json:"gitCommit"`
-	GitTreeState string `json:"gitTreeState"`
-	BuildDate    string `json:"buildDate"`
-	GoVersion    string `json:"goVersion"`
-	Compiler     string `json:"compiler"`
-	Platform     string `json:"platform"`
+	// Major is the major version of the binary version
+	Major string `json:"major"`
+	// Minor is the minor version of the binary version
+	Minor string `json:"minor"`
+	// EmulationMajor is the major version of the emulation version
+	EmulationMajor string `json:"emulationMajor,omitempty"`
+	// EmulationMinor is the minor version of the emulation version
+	EmulationMinor string `json:"emulationMinor,omitempty"`
+	// MinCompatibilityMajor is the major version of the minimum compatibility version
+	MinCompatibilityMajor string `json:"minCompatibilityMajor,omitempty"`
+	// MinCompatibilityMinor is the minor version of the minimum compatibility version
+	MinCompatibilityMinor string `json:"minCompatibilityMinor,omitempty"`
+	GitVersion            string `json:"gitVersion"`
+	GitCommit             string `json:"gitCommit"`
+	GitTreeState          string `json:"gitTreeState"`
+	BuildDate             string `json:"buildDate"`
+	GoVersion             string `json:"goVersion"`
+	Compiler              string `json:"compiler"`
+	Platform              string `json:"platform"`
 }
 
 // String returns info as a human-friendly version string.
diff --git a/vendor/k8s.io/apimachinery/pkg/watch/doc.go b/vendor/k8s.io/apimachinery/pkg/watch/doc.go
index 7e6bf3fb95..5fde5e7427 100644
--- a/vendor/k8s.io/apimachinery/pkg/watch/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/watch/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // Package watch contains a generic watchable interface, and a fake for
 // testing code that uses the watch interface.
-package watch // import "k8s.io/apimachinery/pkg/watch"
+package watch
diff --git a/vendor/k8s.io/apimachinery/pkg/watch/streamwatcher.go b/vendor/k8s.io/apimachinery/pkg/watch/streamwatcher.go
index 42dcac2b9e..b422ca9f55 100644
--- a/vendor/k8s.io/apimachinery/pkg/watch/streamwatcher.go
+++ b/vendor/k8s.io/apimachinery/pkg/watch/streamwatcher.go
@@ -51,6 +51,7 @@ type Reporter interface {
 // StreamWatcher turns any stream for which you can write a Decoder interface
 // into a watch.Interface.
 type StreamWatcher struct {
+	logger klog.Logger
 	sync.Mutex
 	source   Decoder
 	reporter Reporter
@@ -59,8 +60,16 @@ type StreamWatcher struct {
 }
 
 // NewStreamWatcher creates a StreamWatcher from the given decoder.
+//
+// Contextual logging: NewStreamWatcherWithLogger should be used instead of NewStreamWatcher in code which supports contextual logging.
 func NewStreamWatcher(d Decoder, r Reporter) *StreamWatcher {
+	return NewStreamWatcherWithLogger(klog.Background(), d, r)
+}
+
+// NewStreamWatcherWithLogger creates a StreamWatcher from the given decoder and logger.
+func NewStreamWatcherWithLogger(logger klog.Logger, d Decoder, r Reporter) *StreamWatcher {
 	sw := &StreamWatcher{
+		logger:   logger,
 		source:   d,
 		reporter: r,
 		// It's easy for a consumer to add buffering via an extra
@@ -98,7 +107,7 @@ func (sw *StreamWatcher) Stop() {
 
 // receive reads result from the decoder in a loop and sends down the result channel.
 func (sw *StreamWatcher) receive() {
-	defer utilruntime.HandleCrash()
+	defer utilruntime.HandleCrashWithLogger(sw.logger)
 	defer close(sw.result)
 	defer sw.Stop()
 	for {
@@ -108,10 +117,10 @@ func (sw *StreamWatcher) receive() {
 			case io.EOF:
 				// watch closed normally
 			case io.ErrUnexpectedEOF:
-				klog.V(1).Infof("Unexpected EOF during watch stream event decoding: %v", err)
+				sw.logger.V(1).Info("Unexpected EOF during watch stream event decoding", "err", err)
 			default:
 				if net.IsProbableEOF(err) || net.IsTimeout(err) {
-					klog.V(5).Infof("Unable to decode an event from the watch stream: %v", err)
+					sw.logger.V(5).Info("Unable to decode an event from the watch stream", "err", err)
 				} else {
 					select {
 					case <-sw.done:
diff --git a/vendor/k8s.io/apimachinery/pkg/watch/watch.go b/vendor/k8s.io/apimachinery/pkg/watch/watch.go
index ce37fd8c18..251459834b 100644
--- a/vendor/k8s.io/apimachinery/pkg/watch/watch.go
+++ b/vendor/k8s.io/apimachinery/pkg/watch/watch.go
@@ -23,6 +23,7 @@ import (
 	"k8s.io/klog/v2"
 
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/utils/ptr"
 )
 
 // Interface can be implemented by anything that knows how to watch and report changes.
@@ -103,29 +104,42 @@ func (w emptyWatch) ResultChan() <-chan Event {
 
 // FakeWatcher lets you test anything that consumes a watch.Interface; threadsafe.
 type FakeWatcher struct {
+	logger  klog.Logger
 	result  chan Event
 	stopped bool
 	sync.Mutex
 }
 
+var _ Interface = &FakeWatcher{}
+
+// Contextual logging: NewFakeWithOptions and a logger in the FakeOptions should be used instead in code which supports contextual logging.
 func NewFake() *FakeWatcher {
-	return &FakeWatcher{
-		result: make(chan Event),
-	}
+	return NewFakeWithOptions(FakeOptions{})
 }
 
+// Contextual logging: NewFakeWithOptions and a logger in the FakeOptions should be used instead in code which supports contextual logging.
 func NewFakeWithChanSize(size int, blocking bool) *FakeWatcher {
+	return NewFakeWithOptions(FakeOptions{ChannelSize: size})
+}
+
+func NewFakeWithOptions(options FakeOptions) *FakeWatcher {
 	return &FakeWatcher{
-		result: make(chan Event, size),
+		logger: ptr.Deref(options.Logger, klog.Background()),
+		result: make(chan Event, options.ChannelSize),
 	}
 }
 
+type FakeOptions struct {
+	Logger      *klog.Logger
+	ChannelSize int
+}
+
 // Stop implements Interface.Stop().
 func (f *FakeWatcher) Stop() {
 	f.Lock()
 	defer f.Unlock()
 	if !f.stopped {
-		klog.V(4).Infof("Stopping fake watcher.")
+		f.logger.V(4).Info("Stopping fake watcher")
 		close(f.result)
 		f.stopped = true
 	}
@@ -176,13 +190,22 @@ func (f *FakeWatcher) Action(action EventType, obj runtime.Object) {
 
 // RaceFreeFakeWatcher lets you test anything that consumes a watch.Interface; threadsafe.
 type RaceFreeFakeWatcher struct {
+	logger  klog.Logger
 	result  chan Event
 	Stopped bool
 	sync.Mutex
 }
 
+var _ Interface = &RaceFreeFakeWatcher{}
+
+// Contextual logging: RaceFreeFakeWatcherWithLogger should be used instead of NewRaceFreeFake in code which supports contextual logging.
 func NewRaceFreeFake() *RaceFreeFakeWatcher {
+	return NewRaceFreeFakeWithLogger(klog.Background())
+}
+
+func NewRaceFreeFakeWithLogger(logger klog.Logger) *RaceFreeFakeWatcher {
 	return &RaceFreeFakeWatcher{
+		logger: logger,
 		result: make(chan Event, DefaultChanSize),
 	}
 }
@@ -192,7 +215,7 @@ func (f *RaceFreeFakeWatcher) Stop() {
 	f.Lock()
 	defer f.Unlock()
 	if !f.Stopped {
-		klog.V(4).Infof("Stopping fake watcher.")
+		f.logger.V(4).Info("Stopping fake watcher")
 		close(f.result)
 		f.Stopped = true
 	}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/OWNERS b/vendor/k8s.io/client-go/applyconfigurations/OWNERS
index ea0928429d..de4067fd35 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/OWNERS
+++ b/vendor/k8s.io/client-go/applyconfigurations/OWNERS
@@ -3,3 +3,4 @@
 approvers:
   - apelisse
   - jpbetz
+  - api-approvers
diff --git a/vendor/k8s.io/client-go/applyconfigurations/apps/v1/deploymentstatus.go b/vendor/k8s.io/client-go/applyconfigurations/apps/v1/deploymentstatus.go
index 747813ade8..8d9e6cca28 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/apps/v1/deploymentstatus.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/apps/v1/deploymentstatus.go
@@ -27,6 +27,7 @@ type DeploymentStatusApplyConfiguration struct {
 	ReadyReplicas       *int32                                  `json:"readyReplicas,omitempty"`
 	AvailableReplicas   *int32                                  `json:"availableReplicas,omitempty"`
 	UnavailableReplicas *int32                                  `json:"unavailableReplicas,omitempty"`
+	TerminatingReplicas *int32                                  `json:"terminatingReplicas,omitempty"`
 	Conditions          []DeploymentConditionApplyConfiguration `json:"conditions,omitempty"`
 	CollisionCount      *int32                                  `json:"collisionCount,omitempty"`
 }
@@ -85,6 +86,14 @@ func (b *DeploymentStatusApplyConfiguration) WithUnavailableReplicas(value int32
 	return b
 }
 
+// WithTerminatingReplicas sets the TerminatingReplicas field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TerminatingReplicas field is set to the value of the last call.
+func (b *DeploymentStatusApplyConfiguration) WithTerminatingReplicas(value int32) *DeploymentStatusApplyConfiguration {
+	b.TerminatingReplicas = &value
+	return b
+}
+
 // WithConditions adds the given value to the Conditions field in the declarative configuration
 // and returns the receiver, so that objects can be build by chaining "With" function invocations.
 // If called multiple times, values provided by each call will be appended to the Conditions field.
diff --git a/vendor/k8s.io/client-go/applyconfigurations/apps/v1/replicasetstatus.go b/vendor/k8s.io/client-go/applyconfigurations/apps/v1/replicasetstatus.go
index a1408ae25e..d11526d60a 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/apps/v1/replicasetstatus.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/apps/v1/replicasetstatus.go
@@ -25,6 +25,7 @@ type ReplicaSetStatusApplyConfiguration struct {
 	FullyLabeledReplicas *int32                                  `json:"fullyLabeledReplicas,omitempty"`
 	ReadyReplicas        *int32                                  `json:"readyReplicas,omitempty"`
 	AvailableReplicas    *int32                                  `json:"availableReplicas,omitempty"`
+	TerminatingReplicas  *int32                                  `json:"terminatingReplicas,omitempty"`
 	ObservedGeneration   *int64                                  `json:"observedGeneration,omitempty"`
 	Conditions           []ReplicaSetConditionApplyConfiguration `json:"conditions,omitempty"`
 }
@@ -67,6 +68,14 @@ func (b *ReplicaSetStatusApplyConfiguration) WithAvailableReplicas(value int32)
 	return b
 }
 
+// WithTerminatingReplicas sets the TerminatingReplicas field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TerminatingReplicas field is set to the value of the last call.
+func (b *ReplicaSetStatusApplyConfiguration) WithTerminatingReplicas(value int32) *ReplicaSetStatusApplyConfiguration {
+	b.TerminatingReplicas = &value
+	return b
+}
+
 // WithObservedGeneration sets the ObservedGeneration field in the declarative configuration to the given value
 // and returns the receiver, so that objects can be built by chaining "With" function invocations.
 // If called multiple times, the ObservedGeneration field is set to the value of the last call.
diff --git a/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta1/deploymentstatus.go b/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta1/deploymentstatus.go
index adc023a34d..36b4fd42b6 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta1/deploymentstatus.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta1/deploymentstatus.go
@@ -27,6 +27,7 @@ type DeploymentStatusApplyConfiguration struct {
 	ReadyReplicas       *int32                                  `json:"readyReplicas,omitempty"`
 	AvailableReplicas   *int32                                  `json:"availableReplicas,omitempty"`
 	UnavailableReplicas *int32                                  `json:"unavailableReplicas,omitempty"`
+	TerminatingReplicas *int32                                  `json:"terminatingReplicas,omitempty"`
 	Conditions          []DeploymentConditionApplyConfiguration `json:"conditions,omitempty"`
 	CollisionCount      *int32                                  `json:"collisionCount,omitempty"`
 }
@@ -85,6 +86,14 @@ func (b *DeploymentStatusApplyConfiguration) WithUnavailableReplicas(value int32
 	return b
 }
 
+// WithTerminatingReplicas sets the TerminatingReplicas field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TerminatingReplicas field is set to the value of the last call.
+func (b *DeploymentStatusApplyConfiguration) WithTerminatingReplicas(value int32) *DeploymentStatusApplyConfiguration {
+	b.TerminatingReplicas = &value
+	return b
+}
+
 // WithConditions adds the given value to the Conditions field in the declarative configuration
 // and returns the receiver, so that objects can be build by chaining "With" function invocations.
 // If called multiple times, values provided by each call will be appended to the Conditions field.
diff --git a/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta2/deploymentstatus.go b/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta2/deploymentstatus.go
index 5fa9122332..554be024d9 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta2/deploymentstatus.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta2/deploymentstatus.go
@@ -27,6 +27,7 @@ type DeploymentStatusApplyConfiguration struct {
 	ReadyReplicas       *int32                                  `json:"readyReplicas,omitempty"`
 	AvailableReplicas   *int32                                  `json:"availableReplicas,omitempty"`
 	UnavailableReplicas *int32                                  `json:"unavailableReplicas,omitempty"`
+	TerminatingReplicas *int32                                  `json:"terminatingReplicas,omitempty"`
 	Conditions          []DeploymentConditionApplyConfiguration `json:"conditions,omitempty"`
 	CollisionCount      *int32                                  `json:"collisionCount,omitempty"`
 }
@@ -85,6 +86,14 @@ func (b *DeploymentStatusApplyConfiguration) WithUnavailableReplicas(value int32
 	return b
 }
 
+// WithTerminatingReplicas sets the TerminatingReplicas field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TerminatingReplicas field is set to the value of the last call.
+func (b *DeploymentStatusApplyConfiguration) WithTerminatingReplicas(value int32) *DeploymentStatusApplyConfiguration {
+	b.TerminatingReplicas = &value
+	return b
+}
+
 // WithConditions adds the given value to the Conditions field in the declarative configuration
 // and returns the receiver, so that objects can be build by chaining "With" function invocations.
 // If called multiple times, values provided by each call will be appended to the Conditions field.
diff --git a/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta2/replicasetstatus.go b/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta2/replicasetstatus.go
index d3c92e274d..13004fde38 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta2/replicasetstatus.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/apps/v1beta2/replicasetstatus.go
@@ -25,6 +25,7 @@ type ReplicaSetStatusApplyConfiguration struct {
 	FullyLabeledReplicas *int32                                  `json:"fullyLabeledReplicas,omitempty"`
 	ReadyReplicas        *int32                                  `json:"readyReplicas,omitempty"`
 	AvailableReplicas    *int32                                  `json:"availableReplicas,omitempty"`
+	TerminatingReplicas  *int32                                  `json:"terminatingReplicas,omitempty"`
 	ObservedGeneration   *int64                                  `json:"observedGeneration,omitempty"`
 	Conditions           []ReplicaSetConditionApplyConfiguration `json:"conditions,omitempty"`
 }
@@ -67,6 +68,14 @@ func (b *ReplicaSetStatusApplyConfiguration) WithAvailableReplicas(value int32)
 	return b
 }
 
+// WithTerminatingReplicas sets the TerminatingReplicas field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TerminatingReplicas field is set to the value of the last call.
+func (b *ReplicaSetStatusApplyConfiguration) WithTerminatingReplicas(value int32) *ReplicaSetStatusApplyConfiguration {
+	b.TerminatingReplicas = &value
+	return b
+}
+
 // WithObservedGeneration sets the ObservedGeneration field in the declarative configuration to the given value
 // and returns the receiver, so that objects can be built by chaining "With" function invocations.
 // If called multiple times, the ObservedGeneration field is set to the value of the last call.
diff --git a/vendor/k8s.io/client-go/applyconfigurations/autoscaling/v2/hpascalingrules.go b/vendor/k8s.io/client-go/applyconfigurations/autoscaling/v2/hpascalingrules.go
index 6a6a2655f5..6fd0f25cc1 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/autoscaling/v2/hpascalingrules.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/autoscaling/v2/hpascalingrules.go
@@ -20,6 +20,7 @@ package v2
 
 import (
 	autoscalingv2 "k8s.io/api/autoscaling/v2"
+	resource "k8s.io/apimachinery/pkg/api/resource"
 )
 
 // HPAScalingRulesApplyConfiguration represents a declarative configuration of the HPAScalingRules type for use
@@ -28,6 +29,7 @@ type HPAScalingRulesApplyConfiguration struct {
 	StabilizationWindowSeconds *int32                               `json:"stabilizationWindowSeconds,omitempty"`
 	SelectPolicy               *autoscalingv2.ScalingPolicySelect   `json:"selectPolicy,omitempty"`
 	Policies                   []HPAScalingPolicyApplyConfiguration `json:"policies,omitempty"`
+	Tolerance                  *resource.Quantity                   `json:"tolerance,omitempty"`
 }
 
 // HPAScalingRulesApplyConfiguration constructs a declarative configuration of the HPAScalingRules type for use with
@@ -64,3 +66,11 @@ func (b *HPAScalingRulesApplyConfiguration) WithPolicies(values ...*HPAScalingPo
 	}
 	return b
 }
+
+// WithTolerance sets the Tolerance field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Tolerance field is set to the value of the last call.
+func (b *HPAScalingRulesApplyConfiguration) WithTolerance(value resource.Quantity) *HPAScalingRulesApplyConfiguration {
+	b.Tolerance = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/certificates/v1beta1/clustertrustbundle.go b/vendor/k8s.io/client-go/applyconfigurations/certificates/v1beta1/clustertrustbundle.go
new file mode 100644
index 0000000000..365fb9b0e0
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/certificates/v1beta1/clustertrustbundle.go
@@ -0,0 +1,253 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	certificatesv1beta1 "k8s.io/api/certificates/v1beta1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	managedfields "k8s.io/apimachinery/pkg/util/managedfields"
+	internal "k8s.io/client-go/applyconfigurations/internal"
+	v1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// ClusterTrustBundleApplyConfiguration represents a declarative configuration of the ClusterTrustBundle type for use
+// with apply.
+type ClusterTrustBundleApplyConfiguration struct {
+	v1.TypeMetaApplyConfiguration    `json:",inline"`
+	*v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
+	Spec                             *ClusterTrustBundleSpecApplyConfiguration `json:"spec,omitempty"`
+}
+
+// ClusterTrustBundle constructs a declarative configuration of the ClusterTrustBundle type for use with
+// apply.
+func ClusterTrustBundle(name string) *ClusterTrustBundleApplyConfiguration {
+	b := &ClusterTrustBundleApplyConfiguration{}
+	b.WithName(name)
+	b.WithKind("ClusterTrustBundle")
+	b.WithAPIVersion("certificates.k8s.io/v1beta1")
+	return b
+}
+
+// ExtractClusterTrustBundle extracts the applied configuration owned by fieldManager from
+// clusterTrustBundle. If no managedFields are found in clusterTrustBundle for fieldManager, a
+// ClusterTrustBundleApplyConfiguration is returned with only the Name, Namespace (if applicable),
+// APIVersion and Kind populated. It is possible that no managed fields were found for because other
+// field managers have taken ownership of all the fields previously owned by fieldManager, or because
+// the fieldManager never owned fields any fields.
+// clusterTrustBundle must be a unmodified ClusterTrustBundle API object that was retrieved from the Kubernetes API.
+// ExtractClusterTrustBundle provides a way to perform a extract/modify-in-place/apply workflow.
+// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously
+// applied if another fieldManager has updated or force applied any of the previously applied fields.
+// Experimental!
+func ExtractClusterTrustBundle(clusterTrustBundle *certificatesv1beta1.ClusterTrustBundle, fieldManager string) (*ClusterTrustBundleApplyConfiguration, error) {
+	return extractClusterTrustBundle(clusterTrustBundle, fieldManager, "")
+}
+
+// ExtractClusterTrustBundleStatus is the same as ExtractClusterTrustBundle except
+// that it extracts the status subresource applied configuration.
+// Experimental!
+func ExtractClusterTrustBundleStatus(clusterTrustBundle *certificatesv1beta1.ClusterTrustBundle, fieldManager string) (*ClusterTrustBundleApplyConfiguration, error) {
+	return extractClusterTrustBundle(clusterTrustBundle, fieldManager, "status")
+}
+
+func extractClusterTrustBundle(clusterTrustBundle *certificatesv1beta1.ClusterTrustBundle, fieldManager string, subresource string) (*ClusterTrustBundleApplyConfiguration, error) {
+	b := &ClusterTrustBundleApplyConfiguration{}
+	err := managedfields.ExtractInto(clusterTrustBundle, internal.Parser().Type("io.k8s.api.certificates.v1beta1.ClusterTrustBundle"), fieldManager, b, subresource)
+	if err != nil {
+		return nil, err
+	}
+	b.WithName(clusterTrustBundle.Name)
+
+	b.WithKind("ClusterTrustBundle")
+	b.WithAPIVersion("certificates.k8s.io/v1beta1")
+	return b, nil
+}
+
+// WithKind sets the Kind field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Kind field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithKind(value string) *ClusterTrustBundleApplyConfiguration {
+	b.TypeMetaApplyConfiguration.Kind = &value
+	return b
+}
+
+// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the APIVersion field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithAPIVersion(value string) *ClusterTrustBundleApplyConfiguration {
+	b.TypeMetaApplyConfiguration.APIVersion = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithName(value string) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Name = &value
+	return b
+}
+
+// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the GenerateName field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithGenerateName(value string) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.GenerateName = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithNamespace(value string) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Namespace = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithUID(value types.UID) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.UID = &value
+	return b
+}
+
+// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceVersion field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithResourceVersion(value string) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.ResourceVersion = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithGeneration(value int64) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Generation = &value
+	return b
+}
+
+// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CreationTimestamp field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.CreationTimestamp = &value
+	return b
+}
+
+// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value
+	return b
+}
+
+// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value
+	return b
+}
+
+// WithLabels puts the entries into the Labels field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Labels field,
+// overwriting an existing map entries in Labels field with the same key.
+func (b *ClusterTrustBundleApplyConfiguration) WithLabels(entries map[string]string) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Labels[k] = v
+	}
+	return b
+}
+
+// WithAnnotations puts the entries into the Annotations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Annotations field,
+// overwriting an existing map entries in Annotations field with the same key.
+func (b *ClusterTrustBundleApplyConfiguration) WithAnnotations(entries map[string]string) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Annotations[k] = v
+	}
+	return b
+}
+
+// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
+func (b *ClusterTrustBundleApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithOwnerReferences")
+		}
+		b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i])
+	}
+	return b
+}
+
+// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Finalizers field.
+func (b *ClusterTrustBundleApplyConfiguration) WithFinalizers(values ...string) *ClusterTrustBundleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i])
+	}
+	return b
+}
+
+func (b *ClusterTrustBundleApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
+	if b.ObjectMetaApplyConfiguration == nil {
+		b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{}
+	}
+}
+
+// WithSpec sets the Spec field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Spec field is set to the value of the last call.
+func (b *ClusterTrustBundleApplyConfiguration) WithSpec(value *ClusterTrustBundleSpecApplyConfiguration) *ClusterTrustBundleApplyConfiguration {
+	b.Spec = value
+	return b
+}
+
+// GetName retrieves the value of the Name field in the declarative configuration.
+func (b *ClusterTrustBundleApplyConfiguration) GetName() *string {
+	b.ensureObjectMetaApplyConfigurationExists()
+	return b.ObjectMetaApplyConfiguration.Name
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/certificates/v1beta1/clustertrustbundlespec.go b/vendor/k8s.io/client-go/applyconfigurations/certificates/v1beta1/clustertrustbundlespec.go
new file mode 100644
index 0000000000..157a9efa84
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/certificates/v1beta1/clustertrustbundlespec.go
@@ -0,0 +1,48 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+// ClusterTrustBundleSpecApplyConfiguration represents a declarative configuration of the ClusterTrustBundleSpec type for use
+// with apply.
+type ClusterTrustBundleSpecApplyConfiguration struct {
+	SignerName  *string `json:"signerName,omitempty"`
+	TrustBundle *string `json:"trustBundle,omitempty"`
+}
+
+// ClusterTrustBundleSpecApplyConfiguration constructs a declarative configuration of the ClusterTrustBundleSpec type for use with
+// apply.
+func ClusterTrustBundleSpec() *ClusterTrustBundleSpecApplyConfiguration {
+	return &ClusterTrustBundleSpecApplyConfiguration{}
+}
+
+// WithSignerName sets the SignerName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the SignerName field is set to the value of the last call.
+func (b *ClusterTrustBundleSpecApplyConfiguration) WithSignerName(value string) *ClusterTrustBundleSpecApplyConfiguration {
+	b.SignerName = &value
+	return b
+}
+
+// WithTrustBundle sets the TrustBundle field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TrustBundle field is set to the value of the last call.
+func (b *ClusterTrustBundleSpecApplyConfiguration) WithTrustBundle(value string) *ClusterTrustBundleSpecApplyConfiguration {
+	b.TrustBundle = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/coordination/v1beta1/leasecandidate.go b/vendor/k8s.io/client-go/applyconfigurations/coordination/v1beta1/leasecandidate.go
new file mode 100644
index 0000000000..2e1c812191
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/coordination/v1beta1/leasecandidate.go
@@ -0,0 +1,255 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	coordinationv1beta1 "k8s.io/api/coordination/v1beta1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	managedfields "k8s.io/apimachinery/pkg/util/managedfields"
+	internal "k8s.io/client-go/applyconfigurations/internal"
+	v1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// LeaseCandidateApplyConfiguration represents a declarative configuration of the LeaseCandidate type for use
+// with apply.
+type LeaseCandidateApplyConfiguration struct {
+	v1.TypeMetaApplyConfiguration    `json:",inline"`
+	*v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
+	Spec                             *LeaseCandidateSpecApplyConfiguration `json:"spec,omitempty"`
+}
+
+// LeaseCandidate constructs a declarative configuration of the LeaseCandidate type for use with
+// apply.
+func LeaseCandidate(name, namespace string) *LeaseCandidateApplyConfiguration {
+	b := &LeaseCandidateApplyConfiguration{}
+	b.WithName(name)
+	b.WithNamespace(namespace)
+	b.WithKind("LeaseCandidate")
+	b.WithAPIVersion("coordination.k8s.io/v1beta1")
+	return b
+}
+
+// ExtractLeaseCandidate extracts the applied configuration owned by fieldManager from
+// leaseCandidate. If no managedFields are found in leaseCandidate for fieldManager, a
+// LeaseCandidateApplyConfiguration is returned with only the Name, Namespace (if applicable),
+// APIVersion and Kind populated. It is possible that no managed fields were found for because other
+// field managers have taken ownership of all the fields previously owned by fieldManager, or because
+// the fieldManager never owned fields any fields.
+// leaseCandidate must be a unmodified LeaseCandidate API object that was retrieved from the Kubernetes API.
+// ExtractLeaseCandidate provides a way to perform a extract/modify-in-place/apply workflow.
+// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously
+// applied if another fieldManager has updated or force applied any of the previously applied fields.
+// Experimental!
+func ExtractLeaseCandidate(leaseCandidate *coordinationv1beta1.LeaseCandidate, fieldManager string) (*LeaseCandidateApplyConfiguration, error) {
+	return extractLeaseCandidate(leaseCandidate, fieldManager, "")
+}
+
+// ExtractLeaseCandidateStatus is the same as ExtractLeaseCandidate except
+// that it extracts the status subresource applied configuration.
+// Experimental!
+func ExtractLeaseCandidateStatus(leaseCandidate *coordinationv1beta1.LeaseCandidate, fieldManager string) (*LeaseCandidateApplyConfiguration, error) {
+	return extractLeaseCandidate(leaseCandidate, fieldManager, "status")
+}
+
+func extractLeaseCandidate(leaseCandidate *coordinationv1beta1.LeaseCandidate, fieldManager string, subresource string) (*LeaseCandidateApplyConfiguration, error) {
+	b := &LeaseCandidateApplyConfiguration{}
+	err := managedfields.ExtractInto(leaseCandidate, internal.Parser().Type("io.k8s.api.coordination.v1beta1.LeaseCandidate"), fieldManager, b, subresource)
+	if err != nil {
+		return nil, err
+	}
+	b.WithName(leaseCandidate.Name)
+	b.WithNamespace(leaseCandidate.Namespace)
+
+	b.WithKind("LeaseCandidate")
+	b.WithAPIVersion("coordination.k8s.io/v1beta1")
+	return b, nil
+}
+
+// WithKind sets the Kind field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Kind field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithKind(value string) *LeaseCandidateApplyConfiguration {
+	b.TypeMetaApplyConfiguration.Kind = &value
+	return b
+}
+
+// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the APIVersion field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithAPIVersion(value string) *LeaseCandidateApplyConfiguration {
+	b.TypeMetaApplyConfiguration.APIVersion = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithName(value string) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Name = &value
+	return b
+}
+
+// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the GenerateName field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithGenerateName(value string) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.GenerateName = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithNamespace(value string) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Namespace = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithUID(value types.UID) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.UID = &value
+	return b
+}
+
+// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceVersion field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithResourceVersion(value string) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.ResourceVersion = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithGeneration(value int64) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Generation = &value
+	return b
+}
+
+// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CreationTimestamp field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithCreationTimestamp(value metav1.Time) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.CreationTimestamp = &value
+	return b
+}
+
+// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value
+	return b
+}
+
+// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value
+	return b
+}
+
+// WithLabels puts the entries into the Labels field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Labels field,
+// overwriting an existing map entries in Labels field with the same key.
+func (b *LeaseCandidateApplyConfiguration) WithLabels(entries map[string]string) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Labels[k] = v
+	}
+	return b
+}
+
+// WithAnnotations puts the entries into the Annotations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Annotations field,
+// overwriting an existing map entries in Annotations field with the same key.
+func (b *LeaseCandidateApplyConfiguration) WithAnnotations(entries map[string]string) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Annotations[k] = v
+	}
+	return b
+}
+
+// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
+func (b *LeaseCandidateApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithOwnerReferences")
+		}
+		b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i])
+	}
+	return b
+}
+
+// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Finalizers field.
+func (b *LeaseCandidateApplyConfiguration) WithFinalizers(values ...string) *LeaseCandidateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i])
+	}
+	return b
+}
+
+func (b *LeaseCandidateApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
+	if b.ObjectMetaApplyConfiguration == nil {
+		b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{}
+	}
+}
+
+// WithSpec sets the Spec field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Spec field is set to the value of the last call.
+func (b *LeaseCandidateApplyConfiguration) WithSpec(value *LeaseCandidateSpecApplyConfiguration) *LeaseCandidateApplyConfiguration {
+	b.Spec = value
+	return b
+}
+
+// GetName retrieves the value of the Name field in the declarative configuration.
+func (b *LeaseCandidateApplyConfiguration) GetName() *string {
+	b.ensureObjectMetaApplyConfigurationExists()
+	return b.ObjectMetaApplyConfiguration.Name
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/coordination/v1beta1/leasecandidatespec.go b/vendor/k8s.io/client-go/applyconfigurations/coordination/v1beta1/leasecandidatespec.go
new file mode 100644
index 0000000000..c3ea12c813
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/coordination/v1beta1/leasecandidatespec.go
@@ -0,0 +1,89 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	coordinationv1 "k8s.io/api/coordination/v1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// LeaseCandidateSpecApplyConfiguration represents a declarative configuration of the LeaseCandidateSpec type for use
+// with apply.
+type LeaseCandidateSpecApplyConfiguration struct {
+	LeaseName        *string                                  `json:"leaseName,omitempty"`
+	PingTime         *v1.MicroTime                            `json:"pingTime,omitempty"`
+	RenewTime        *v1.MicroTime                            `json:"renewTime,omitempty"`
+	BinaryVersion    *string                                  `json:"binaryVersion,omitempty"`
+	EmulationVersion *string                                  `json:"emulationVersion,omitempty"`
+	Strategy         *coordinationv1.CoordinatedLeaseStrategy `json:"strategy,omitempty"`
+}
+
+// LeaseCandidateSpecApplyConfiguration constructs a declarative configuration of the LeaseCandidateSpec type for use with
+// apply.
+func LeaseCandidateSpec() *LeaseCandidateSpecApplyConfiguration {
+	return &LeaseCandidateSpecApplyConfiguration{}
+}
+
+// WithLeaseName sets the LeaseName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the LeaseName field is set to the value of the last call.
+func (b *LeaseCandidateSpecApplyConfiguration) WithLeaseName(value string) *LeaseCandidateSpecApplyConfiguration {
+	b.LeaseName = &value
+	return b
+}
+
+// WithPingTime sets the PingTime field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the PingTime field is set to the value of the last call.
+func (b *LeaseCandidateSpecApplyConfiguration) WithPingTime(value v1.MicroTime) *LeaseCandidateSpecApplyConfiguration {
+	b.PingTime = &value
+	return b
+}
+
+// WithRenewTime sets the RenewTime field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the RenewTime field is set to the value of the last call.
+func (b *LeaseCandidateSpecApplyConfiguration) WithRenewTime(value v1.MicroTime) *LeaseCandidateSpecApplyConfiguration {
+	b.RenewTime = &value
+	return b
+}
+
+// WithBinaryVersion sets the BinaryVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the BinaryVersion field is set to the value of the last call.
+func (b *LeaseCandidateSpecApplyConfiguration) WithBinaryVersion(value string) *LeaseCandidateSpecApplyConfiguration {
+	b.BinaryVersion = &value
+	return b
+}
+
+// WithEmulationVersion sets the EmulationVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the EmulationVersion field is set to the value of the last call.
+func (b *LeaseCandidateSpecApplyConfiguration) WithEmulationVersion(value string) *LeaseCandidateSpecApplyConfiguration {
+	b.EmulationVersion = &value
+	return b
+}
+
+// WithStrategy sets the Strategy field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Strategy field is set to the value of the last call.
+func (b *LeaseCandidateSpecApplyConfiguration) WithStrategy(value coordinationv1.CoordinatedLeaseStrategy) *LeaseCandidateSpecApplyConfiguration {
+	b.Strategy = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/core/v1/containerstatus.go b/vendor/k8s.io/client-go/applyconfigurations/core/v1/containerstatus.go
index 6a28939c2f..8f64501bb1 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/core/v1/containerstatus.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/core/v1/containerstatus.go
@@ -39,6 +39,7 @@ type ContainerStatusApplyConfiguration struct {
 	VolumeMounts             []VolumeMountStatusApplyConfiguration   `json:"volumeMounts,omitempty"`
 	User                     *ContainerUserApplyConfiguration        `json:"user,omitempty"`
 	AllocatedResourcesStatus []ResourceStatusApplyConfiguration      `json:"allocatedResourcesStatus,omitempty"`
+	StopSignal               *corev1.Signal                          `json:"stopSignal,omitempty"`
 }
 
 // ContainerStatusApplyConfiguration constructs a declarative configuration of the ContainerStatus type for use with
@@ -168,3 +169,11 @@ func (b *ContainerStatusApplyConfiguration) WithAllocatedResourcesStatus(values
 	}
 	return b
 }
+
+// WithStopSignal sets the StopSignal field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the StopSignal field is set to the value of the last call.
+func (b *ContainerStatusApplyConfiguration) WithStopSignal(value corev1.Signal) *ContainerStatusApplyConfiguration {
+	b.StopSignal = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/core/v1/lifecycle.go b/vendor/k8s.io/client-go/applyconfigurations/core/v1/lifecycle.go
index e37a30f597..f8c18a7502 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/core/v1/lifecycle.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/core/v1/lifecycle.go
@@ -18,11 +18,16 @@ limitations under the License.
 
 package v1
 
+import (
+	corev1 "k8s.io/api/core/v1"
+)
+
 // LifecycleApplyConfiguration represents a declarative configuration of the Lifecycle type for use
 // with apply.
 type LifecycleApplyConfiguration struct {
-	PostStart *LifecycleHandlerApplyConfiguration `json:"postStart,omitempty"`
-	PreStop   *LifecycleHandlerApplyConfiguration `json:"preStop,omitempty"`
+	PostStart  *LifecycleHandlerApplyConfiguration `json:"postStart,omitempty"`
+	PreStop    *LifecycleHandlerApplyConfiguration `json:"preStop,omitempty"`
+	StopSignal *corev1.Signal                      `json:"stopSignal,omitempty"`
 }
 
 // LifecycleApplyConfiguration constructs a declarative configuration of the Lifecycle type for use with
@@ -46,3 +51,11 @@ func (b *LifecycleApplyConfiguration) WithPreStop(value *LifecycleHandlerApplyCo
 	b.PreStop = value
 	return b
 }
+
+// WithStopSignal sets the StopSignal field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the StopSignal field is set to the value of the last call.
+func (b *LifecycleApplyConfiguration) WithStopSignal(value corev1.Signal) *LifecycleApplyConfiguration {
+	b.StopSignal = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/core/v1/nodeswapstatus.go b/vendor/k8s.io/client-go/applyconfigurations/core/v1/nodeswapstatus.go
new file mode 100644
index 0000000000..2a7a2e685d
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/core/v1/nodeswapstatus.go
@@ -0,0 +1,39 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1
+
+// NodeSwapStatusApplyConfiguration represents a declarative configuration of the NodeSwapStatus type for use
+// with apply.
+type NodeSwapStatusApplyConfiguration struct {
+	Capacity *int64 `json:"capacity,omitempty"`
+}
+
+// NodeSwapStatusApplyConfiguration constructs a declarative configuration of the NodeSwapStatus type for use with
+// apply.
+func NodeSwapStatus() *NodeSwapStatusApplyConfiguration {
+	return &NodeSwapStatusApplyConfiguration{}
+}
+
+// WithCapacity sets the Capacity field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Capacity field is set to the value of the last call.
+func (b *NodeSwapStatusApplyConfiguration) WithCapacity(value int64) *NodeSwapStatusApplyConfiguration {
+	b.Capacity = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/core/v1/nodesysteminfo.go b/vendor/k8s.io/client-go/applyconfigurations/core/v1/nodesysteminfo.go
index 11ac50713c..55effd7171 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/core/v1/nodesysteminfo.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/core/v1/nodesysteminfo.go
@@ -21,16 +21,17 @@ package v1
 // NodeSystemInfoApplyConfiguration represents a declarative configuration of the NodeSystemInfo type for use
 // with apply.
 type NodeSystemInfoApplyConfiguration struct {
-	MachineID               *string `json:"machineID,omitempty"`
-	SystemUUID              *string `json:"systemUUID,omitempty"`
-	BootID                  *string `json:"bootID,omitempty"`
-	KernelVersion           *string `json:"kernelVersion,omitempty"`
-	OSImage                 *string `json:"osImage,omitempty"`
-	ContainerRuntimeVersion *string `json:"containerRuntimeVersion,omitempty"`
-	KubeletVersion          *string `json:"kubeletVersion,omitempty"`
-	KubeProxyVersion        *string `json:"kubeProxyVersion,omitempty"`
-	OperatingSystem         *string `json:"operatingSystem,omitempty"`
-	Architecture            *string `json:"architecture,omitempty"`
+	MachineID               *string                           `json:"machineID,omitempty"`
+	SystemUUID              *string                           `json:"systemUUID,omitempty"`
+	BootID                  *string                           `json:"bootID,omitempty"`
+	KernelVersion           *string                           `json:"kernelVersion,omitempty"`
+	OSImage                 *string                           `json:"osImage,omitempty"`
+	ContainerRuntimeVersion *string                           `json:"containerRuntimeVersion,omitempty"`
+	KubeletVersion          *string                           `json:"kubeletVersion,omitempty"`
+	KubeProxyVersion        *string                           `json:"kubeProxyVersion,omitempty"`
+	OperatingSystem         *string                           `json:"operatingSystem,omitempty"`
+	Architecture            *string                           `json:"architecture,omitempty"`
+	Swap                    *NodeSwapStatusApplyConfiguration `json:"swap,omitempty"`
 }
 
 // NodeSystemInfoApplyConfiguration constructs a declarative configuration of the NodeSystemInfo type for use with
@@ -118,3 +119,11 @@ func (b *NodeSystemInfoApplyConfiguration) WithArchitecture(value string) *NodeS
 	b.Architecture = &value
 	return b
 }
+
+// WithSwap sets the Swap field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Swap field is set to the value of the last call.
+func (b *NodeSystemInfoApplyConfiguration) WithSwap(value *NodeSwapStatusApplyConfiguration) *NodeSystemInfoApplyConfiguration {
+	b.Swap = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/core/v1/podcondition.go b/vendor/k8s.io/client-go/applyconfigurations/core/v1/podcondition.go
index 67cd1bd09b..90bb8711b1 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/core/v1/podcondition.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/core/v1/podcondition.go
@@ -27,6 +27,7 @@ import (
 // with apply.
 type PodConditionApplyConfiguration struct {
 	Type               *corev1.PodConditionType `json:"type,omitempty"`
+	ObservedGeneration *int64                   `json:"observedGeneration,omitempty"`
 	Status             *corev1.ConditionStatus  `json:"status,omitempty"`
 	LastProbeTime      *metav1.Time             `json:"lastProbeTime,omitempty"`
 	LastTransitionTime *metav1.Time             `json:"lastTransitionTime,omitempty"`
@@ -48,6 +49,14 @@ func (b *PodConditionApplyConfiguration) WithType(value corev1.PodConditionType)
 	return b
 }
 
+// WithObservedGeneration sets the ObservedGeneration field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ObservedGeneration field is set to the value of the last call.
+func (b *PodConditionApplyConfiguration) WithObservedGeneration(value int64) *PodConditionApplyConfiguration {
+	b.ObservedGeneration = &value
+	return b
+}
+
 // WithStatus sets the Status field in the declarative configuration to the given value
 // and returns the receiver, so that objects can be built by chaining "With" function invocations.
 // If called multiple times, the Status field is set to the value of the last call.
diff --git a/vendor/k8s.io/client-go/applyconfigurations/core/v1/podstatus.go b/vendor/k8s.io/client-go/applyconfigurations/core/v1/podstatus.go
index b79e1210a9..28ad57bac5 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/core/v1/podstatus.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/core/v1/podstatus.go
@@ -26,6 +26,7 @@ import (
 // PodStatusApplyConfiguration represents a declarative configuration of the PodStatus type for use
 // with apply.
 type PodStatusApplyConfiguration struct {
+	ObservedGeneration         *int64                                     `json:"observedGeneration,omitempty"`
 	Phase                      *corev1.PodPhase                           `json:"phase,omitempty"`
 	Conditions                 []PodConditionApplyConfiguration           `json:"conditions,omitempty"`
 	Message                    *string                                    `json:"message,omitempty"`
@@ -50,6 +51,14 @@ func PodStatus() *PodStatusApplyConfiguration {
 	return &PodStatusApplyConfiguration{}
 }
 
+// WithObservedGeneration sets the ObservedGeneration field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ObservedGeneration field is set to the value of the last call.
+func (b *PodStatusApplyConfiguration) WithObservedGeneration(value int64) *PodStatusApplyConfiguration {
+	b.ObservedGeneration = &value
+	return b
+}
+
 // WithPhase sets the Phase field in the declarative configuration to the given value
 // and returns the receiver, so that objects can be built by chaining "With" function invocations.
 // If called multiple times, the Phase field is set to the value of the last call.
diff --git a/vendor/k8s.io/client-go/applyconfigurations/discovery/v1/endpointhints.go b/vendor/k8s.io/client-go/applyconfigurations/discovery/v1/endpointhints.go
index d2d0f67769..7afda39b6b 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/discovery/v1/endpointhints.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/discovery/v1/endpointhints.go
@@ -22,6 +22,7 @@ package v1
 // with apply.
 type EndpointHintsApplyConfiguration struct {
 	ForZones []ForZoneApplyConfiguration `json:"forZones,omitempty"`
+	ForNodes []ForNodeApplyConfiguration `json:"forNodes,omitempty"`
 }
 
 // EndpointHintsApplyConfiguration constructs a declarative configuration of the EndpointHints type for use with
@@ -42,3 +43,16 @@ func (b *EndpointHintsApplyConfiguration) WithForZones(values ...*ForZoneApplyCo
 	}
 	return b
 }
+
+// WithForNodes adds the given value to the ForNodes field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the ForNodes field.
+func (b *EndpointHintsApplyConfiguration) WithForNodes(values ...*ForNodeApplyConfiguration) *EndpointHintsApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithForNodes")
+		}
+		b.ForNodes = append(b.ForNodes, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/discovery/v1/fornode.go b/vendor/k8s.io/client-go/applyconfigurations/discovery/v1/fornode.go
new file mode 100644
index 0000000000..3b2304d307
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/discovery/v1/fornode.go
@@ -0,0 +1,39 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1
+
+// ForNodeApplyConfiguration represents a declarative configuration of the ForNode type for use
+// with apply.
+type ForNodeApplyConfiguration struct {
+	Name *string `json:"name,omitempty"`
+}
+
+// ForNodeApplyConfiguration constructs a declarative configuration of the ForNode type for use with
+// apply.
+func ForNode() *ForNodeApplyConfiguration {
+	return &ForNodeApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ForNodeApplyConfiguration) WithName(value string) *ForNodeApplyConfiguration {
+	b.Name = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/discovery/v1beta1/endpointhints.go b/vendor/k8s.io/client-go/applyconfigurations/discovery/v1beta1/endpointhints.go
index 99f69027a8..9637f9940f 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/discovery/v1beta1/endpointhints.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/discovery/v1beta1/endpointhints.go
@@ -22,6 +22,7 @@ package v1beta1
 // with apply.
 type EndpointHintsApplyConfiguration struct {
 	ForZones []ForZoneApplyConfiguration `json:"forZones,omitempty"`
+	ForNodes []ForNodeApplyConfiguration `json:"forNodes,omitempty"`
 }
 
 // EndpointHintsApplyConfiguration constructs a declarative configuration of the EndpointHints type for use with
@@ -42,3 +43,16 @@ func (b *EndpointHintsApplyConfiguration) WithForZones(values ...*ForZoneApplyCo
 	}
 	return b
 }
+
+// WithForNodes adds the given value to the ForNodes field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the ForNodes field.
+func (b *EndpointHintsApplyConfiguration) WithForNodes(values ...*ForNodeApplyConfiguration) *EndpointHintsApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithForNodes")
+		}
+		b.ForNodes = append(b.ForNodes, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/discovery/v1beta1/fornode.go b/vendor/k8s.io/client-go/applyconfigurations/discovery/v1beta1/fornode.go
new file mode 100644
index 0000000000..79aff881d2
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/discovery/v1beta1/fornode.go
@@ -0,0 +1,39 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+// ForNodeApplyConfiguration represents a declarative configuration of the ForNode type for use
+// with apply.
+type ForNodeApplyConfiguration struct {
+	Name *string `json:"name,omitempty"`
+}
+
+// ForNodeApplyConfiguration constructs a declarative configuration of the ForNode type for use with
+// apply.
+func ForNode() *ForNodeApplyConfiguration {
+	return &ForNodeApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ForNodeApplyConfiguration) WithName(value string) *ForNodeApplyConfiguration {
+	b.Name = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/doc.go b/vendor/k8s.io/client-go/applyconfigurations/doc.go
index ac426c6075..8efc9523ed 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/doc.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/doc.go
@@ -148,4 +148,4 @@ reconciliation code that performs a "read/modify-in-place/update" (or patch) wor
 	    // apply
 	    applied, err := deploymentClient.Apply(ctx, extractedDeployment, metav1.ApplyOptions{FieldManager: fieldMgr})
 */
-package applyconfigurations // import "k8s.io/client-go/applyconfigurations"
+package applyconfigurations
diff --git a/vendor/k8s.io/client-go/applyconfigurations/extensions/v1beta1/deploymentstatus.go b/vendor/k8s.io/client-go/applyconfigurations/extensions/v1beta1/deploymentstatus.go
index adc023a34d..36b4fd42b6 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/extensions/v1beta1/deploymentstatus.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/extensions/v1beta1/deploymentstatus.go
@@ -27,6 +27,7 @@ type DeploymentStatusApplyConfiguration struct {
 	ReadyReplicas       *int32                                  `json:"readyReplicas,omitempty"`
 	AvailableReplicas   *int32                                  `json:"availableReplicas,omitempty"`
 	UnavailableReplicas *int32                                  `json:"unavailableReplicas,omitempty"`
+	TerminatingReplicas *int32                                  `json:"terminatingReplicas,omitempty"`
 	Conditions          []DeploymentConditionApplyConfiguration `json:"conditions,omitempty"`
 	CollisionCount      *int32                                  `json:"collisionCount,omitempty"`
 }
@@ -85,6 +86,14 @@ func (b *DeploymentStatusApplyConfiguration) WithUnavailableReplicas(value int32
 	return b
 }
 
+// WithTerminatingReplicas sets the TerminatingReplicas field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TerminatingReplicas field is set to the value of the last call.
+func (b *DeploymentStatusApplyConfiguration) WithTerminatingReplicas(value int32) *DeploymentStatusApplyConfiguration {
+	b.TerminatingReplicas = &value
+	return b
+}
+
 // WithConditions adds the given value to the Conditions field in the declarative configuration
 // and returns the receiver, so that objects can be build by chaining "With" function invocations.
 // If called multiple times, values provided by each call will be appended to the Conditions field.
diff --git a/vendor/k8s.io/client-go/applyconfigurations/extensions/v1beta1/replicasetstatus.go b/vendor/k8s.io/client-go/applyconfigurations/extensions/v1beta1/replicasetstatus.go
index 9a5b468a3f..46abc94322 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/extensions/v1beta1/replicasetstatus.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/extensions/v1beta1/replicasetstatus.go
@@ -25,6 +25,7 @@ type ReplicaSetStatusApplyConfiguration struct {
 	FullyLabeledReplicas *int32                                  `json:"fullyLabeledReplicas,omitempty"`
 	ReadyReplicas        *int32                                  `json:"readyReplicas,omitempty"`
 	AvailableReplicas    *int32                                  `json:"availableReplicas,omitempty"`
+	TerminatingReplicas  *int32                                  `json:"terminatingReplicas,omitempty"`
 	ObservedGeneration   *int64                                  `json:"observedGeneration,omitempty"`
 	Conditions           []ReplicaSetConditionApplyConfiguration `json:"conditions,omitempty"`
 }
@@ -67,6 +68,14 @@ func (b *ReplicaSetStatusApplyConfiguration) WithAvailableReplicas(value int32)
 	return b
 }
 
+// WithTerminatingReplicas sets the TerminatingReplicas field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TerminatingReplicas field is set to the value of the last call.
+func (b *ReplicaSetStatusApplyConfiguration) WithTerminatingReplicas(value int32) *ReplicaSetStatusApplyConfiguration {
+	b.TerminatingReplicas = &value
+	return b
+}
+
 // WithObservedGeneration sets the ObservedGeneration field in the declarative configuration to the given value
 // and returns the receiver, so that objects can be built by chaining "With" function invocations.
 // If called multiple times, the ObservedGeneration field is set to the value of the last call.
diff --git a/vendor/k8s.io/client-go/applyconfigurations/internal/internal.go b/vendor/k8s.io/client-go/applyconfigurations/internal/internal.go
index cd9fcd98b7..41332b742f 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/internal/internal.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/internal/internal.go
@@ -1662,6 +1662,9 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: replicas
       type:
         scalar: numeric
+    - name: terminatingReplicas
+      type:
+        scalar: numeric
     - name: unavailableReplicas
       type:
         scalar: numeric
@@ -1761,6 +1764,9 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: numeric
       default: 0
+    - name: terminatingReplicas
+      type:
+        scalar: numeric
 - name: io.k8s.api.apps.v1.RollingUpdateDaemonSet
   map:
     fields:
@@ -2058,6 +2064,9 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: replicas
       type:
         scalar: numeric
+    - name: terminatingReplicas
+      type:
+        scalar: numeric
     - name: unavailableReplicas
       type:
         scalar: numeric
@@ -2476,6 +2485,9 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: replicas
       type:
         scalar: numeric
+    - name: terminatingReplicas
+      type:
+        scalar: numeric
     - name: unavailableReplicas
       type:
         scalar: numeric
@@ -2575,6 +2587,9 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: numeric
       default: 0
+    - name: terminatingReplicas
+      type:
+        scalar: numeric
 - name: io.k8s.api.apps.v1beta2.RollingUpdateDaemonSet
   map:
     fields:
@@ -2919,6 +2934,9 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: stabilizationWindowSeconds
       type:
         scalar: numeric
+    - name: tolerance
+      type:
+        namedType: io.k8s.apimachinery.pkg.api.resource.Quantity
 - name: io.k8s.api.autoscaling.v2.HorizontalPodAutoscaler
   map:
     fields:
@@ -4430,6 +4448,33 @@ var schemaYAML = typed.YAMLObject(`types:
           elementRelationship: associative
           keys:
           - type
+- name: io.k8s.api.certificates.v1beta1.ClusterTrustBundle
+  map:
+    fields:
+    - name: apiVersion
+      type:
+        scalar: string
+    - name: kind
+      type:
+        scalar: string
+    - name: metadata
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta
+      default: {}
+    - name: spec
+      type:
+        namedType: io.k8s.api.certificates.v1beta1.ClusterTrustBundleSpec
+      default: {}
+- name: io.k8s.api.certificates.v1beta1.ClusterTrustBundleSpec
+  map:
+    fields:
+    - name: signerName
+      type:
+        scalar: string
+    - name: trustBundle
+      type:
+        scalar: string
+      default: ""
 - name: io.k8s.api.coordination.v1.Lease
   map:
     fields:
@@ -4528,6 +4573,46 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         namedType: io.k8s.api.coordination.v1beta1.LeaseSpec
       default: {}
+- name: io.k8s.api.coordination.v1beta1.LeaseCandidate
+  map:
+    fields:
+    - name: apiVersion
+      type:
+        scalar: string
+    - name: kind
+      type:
+        scalar: string
+    - name: metadata
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta
+      default: {}
+    - name: spec
+      type:
+        namedType: io.k8s.api.coordination.v1beta1.LeaseCandidateSpec
+      default: {}
+- name: io.k8s.api.coordination.v1beta1.LeaseCandidateSpec
+  map:
+    fields:
+    - name: binaryVersion
+      type:
+        scalar: string
+      default: ""
+    - name: emulationVersion
+      type:
+        scalar: string
+    - name: leaseName
+      type:
+        scalar: string
+      default: ""
+    - name: pingTime
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime
+    - name: renewTime
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.MicroTime
+    - name: strategy
+      type:
+        scalar: string
 - name: io.k8s.api.coordination.v1beta1.LeaseSpec
   map:
     fields:
@@ -5245,6 +5330,9 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         namedType: io.k8s.api.core.v1.ContainerState
       default: {}
+    - name: stopSignal
+      type:
+        scalar: string
     - name: user
       type:
         namedType: io.k8s.api.core.v1.ContainerUser
@@ -5960,6 +6048,9 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: preStop
       type:
         namedType: io.k8s.api.core.v1.LifecycleHandler
+    - name: stopSignal
+      type:
+        scalar: string
 - name: io.k8s.api.core.v1.LifecycleHandler
   map:
     fields:
@@ -6446,6 +6537,12 @@ var schemaYAML = typed.YAMLObject(`types:
           elementType:
             scalar: string
           elementRelationship: atomic
+- name: io.k8s.api.core.v1.NodeSwapStatus
+  map:
+    fields:
+    - name: capacity
+      type:
+        scalar: numeric
 - name: io.k8s.api.core.v1.NodeSystemInfo
   map:
     fields:
@@ -6485,6 +6582,9 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: string
       default: ""
+    - name: swap
+      type:
+        namedType: io.k8s.api.core.v1.NodeSwapStatus
     - name: systemUUID
       type:
         scalar: string
@@ -6911,6 +7011,9 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: message
       type:
         scalar: string
+    - name: observedGeneration
+      type:
+        scalar: numeric
     - name: reason
       type:
         scalar: string
@@ -7275,6 +7378,9 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: nominatedNodeName
       type:
         scalar: string
+    - name: observedGeneration
+      type:
+        scalar: numeric
     - name: phase
       type:
         scalar: string
@@ -7558,9 +7664,11 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: minReadySeconds
       type:
         scalar: numeric
+      default: 0
     - name: replicas
       type:
         scalar: numeric
+      default: 1
     - name: selector
       type:
         map:
@@ -8642,6 +8750,12 @@ var schemaYAML = typed.YAMLObject(`types:
 - name: io.k8s.api.discovery.v1.EndpointHints
   map:
     fields:
+    - name: forNodes
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.discovery.v1.ForNode
+          elementRelationship: atomic
     - name: forZones
       type:
         list:
@@ -8693,6 +8807,13 @@ var schemaYAML = typed.YAMLObject(`types:
           elementType:
             namedType: io.k8s.api.discovery.v1.EndpointPort
           elementRelationship: atomic
+- name: io.k8s.api.discovery.v1.ForNode
+  map:
+    fields:
+    - name: name
+      type:
+        scalar: string
+      default: ""
 - name: io.k8s.api.discovery.v1.ForZone
   map:
     fields:
@@ -8745,6 +8866,12 @@ var schemaYAML = typed.YAMLObject(`types:
 - name: io.k8s.api.discovery.v1beta1.EndpointHints
   map:
     fields:
+    - name: forNodes
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.discovery.v1beta1.ForNode
+          elementRelationship: atomic
     - name: forZones
       type:
         list:
@@ -8795,6 +8922,13 @@ var schemaYAML = typed.YAMLObject(`types:
           elementType:
             namedType: io.k8s.api.discovery.v1beta1.EndpointPort
           elementRelationship: atomic
+- name: io.k8s.api.discovery.v1beta1.ForNode
+  map:
+    fields:
+    - name: name
+      type:
+        scalar: string
+      default: ""
 - name: io.k8s.api.discovery.v1beta1.ForZone
   map:
     fields:
@@ -9153,6 +9287,9 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: replicas
       type:
         scalar: numeric
+    - name: terminatingReplicas
+      type:
+        scalar: numeric
     - name: unavailableReplicas
       type:
         scalar: numeric
@@ -9503,6 +9640,9 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: numeric
       default: 0
+    - name: terminatingReplicas
+      type:
+        scalar: numeric
 - name: io.k8s.api.extensions.v1beta1.RollbackConfig
   map:
     fields:
@@ -10911,6 +11051,29 @@ var schemaYAML = typed.YAMLObject(`types:
           elementType:
             namedType: io.k8s.api.networking.v1.HTTPIngressPath
           elementRelationship: atomic
+- name: io.k8s.api.networking.v1.IPAddress
+  map:
+    fields:
+    - name: apiVersion
+      type:
+        scalar: string
+    - name: kind
+      type:
+        scalar: string
+    - name: metadata
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta
+      default: {}
+    - name: spec
+      type:
+        namedType: io.k8s.api.networking.v1.IPAddressSpec
+      default: {}
+- name: io.k8s.api.networking.v1.IPAddressSpec
+  map:
+    fields:
+    - name: parentRef
+      type:
+        namedType: io.k8s.api.networking.v1.ParentReference
 - name: io.k8s.api.networking.v1.IPBlock
   map:
     fields:
@@ -11194,6 +11357,21 @@ var schemaYAML = typed.YAMLObject(`types:
           elementType:
             scalar: string
           elementRelationship: atomic
+- name: io.k8s.api.networking.v1.ParentReference
+  map:
+    fields:
+    - name: group
+      type:
+        scalar: string
+    - name: name
+      type:
+        scalar: string
+    - name: namespace
+      type:
+        scalar: string
+    - name: resource
+      type:
+        scalar: string
 - name: io.k8s.api.networking.v1.ServiceBackendPort
   map:
     fields:
@@ -11204,6 +11382,47 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: numeric
     elementRelationship: atomic
+- name: io.k8s.api.networking.v1.ServiceCIDR
+  map:
+    fields:
+    - name: apiVersion
+      type:
+        scalar: string
+    - name: kind
+      type:
+        scalar: string
+    - name: metadata
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta
+      default: {}
+    - name: spec
+      type:
+        namedType: io.k8s.api.networking.v1.ServiceCIDRSpec
+      default: {}
+    - name: status
+      type:
+        namedType: io.k8s.api.networking.v1.ServiceCIDRStatus
+      default: {}
+- name: io.k8s.api.networking.v1.ServiceCIDRSpec
+  map:
+    fields:
+    - name: cidrs
+      type:
+        list:
+          elementType:
+            scalar: string
+          elementRelationship: atomic
+- name: io.k8s.api.networking.v1.ServiceCIDRStatus
+  map:
+    fields:
+    - name: conditions
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition
+          elementRelationship: associative
+          keys:
+          - type
 - name: io.k8s.api.networking.v1alpha1.IPAddress
   map:
     fields:
@@ -12396,6 +12615,9 @@ var schemaYAML = typed.YAMLObject(`types:
 - name: io.k8s.api.resource.v1alpha3.BasicDevice
   map:
     fields:
+    - name: allNodes
+      type:
+        scalar: boolean
     - name: attributes
       type:
         map:
@@ -12406,6 +12628,24 @@ var schemaYAML = typed.YAMLObject(`types:
         map:
           elementType:
             namedType: io.k8s.apimachinery.pkg.api.resource.Quantity
+    - name: consumesCounters
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.DeviceCounterConsumption
+          elementRelationship: atomic
+    - name: nodeName
+      type:
+        scalar: string
+    - name: nodeSelector
+      type:
+        namedType: io.k8s.api.core.v1.NodeSelector
+    - name: taints
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.DeviceTaint
+          elementRelationship: atomic
 - name: io.k8s.api.resource.v1alpha3.CELDeviceSelector
   map:
     fields:
@@ -12413,6 +12653,24 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: string
       default: ""
+- name: io.k8s.api.resource.v1alpha3.Counter
+  map:
+    fields:
+    - name: value
+      type:
+        namedType: io.k8s.apimachinery.pkg.api.resource.Quantity
+- name: io.k8s.api.resource.v1alpha3.CounterSet
+  map:
+    fields:
+    - name: counters
+      type:
+        map:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.Counter
+    - name: name
+      type:
+        scalar: string
+      default: ""
 - name: io.k8s.api.resource.v1alpha3.Device
   map:
     fields:
@@ -12552,6 +12810,18 @@ var schemaYAML = typed.YAMLObject(`types:
           elementType:
             scalar: string
           elementRelationship: atomic
+- name: io.k8s.api.resource.v1alpha3.DeviceCounterConsumption
+  map:
+    fields:
+    - name: counterSet
+      type:
+        scalar: string
+      default: ""
+    - name: counters
+      type:
+        map:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.Counter
 - name: io.k8s.api.resource.v1alpha3.DeviceRequest
   map:
     fields:
@@ -12568,6 +12838,12 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: string
       default: ""
+    - name: firstAvailable
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.DeviceSubRequest
+          elementRelationship: atomic
     - name: name
       type:
         scalar: string
@@ -12578,6 +12854,12 @@ var schemaYAML = typed.YAMLObject(`types:
           elementType:
             namedType: io.k8s.api.resource.v1alpha3.DeviceSelector
           elementRelationship: atomic
+    - name: tolerations
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.DeviceToleration
+          elementRelationship: atomic
 - name: io.k8s.api.resource.v1alpha3.DeviceRequestAllocationResult
   map:
     fields:
@@ -12600,29 +12882,148 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: string
       default: ""
+    - name: tolerations
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.DeviceToleration
+          elementRelationship: atomic
 - name: io.k8s.api.resource.v1alpha3.DeviceSelector
   map:
     fields:
     - name: cel
       type:
         namedType: io.k8s.api.resource.v1alpha3.CELDeviceSelector
-- name: io.k8s.api.resource.v1alpha3.NetworkDeviceData
+- name: io.k8s.api.resource.v1alpha3.DeviceSubRequest
   map:
     fields:
-    - name: hardwareAddress
+    - name: allocationMode
       type:
         scalar: string
-    - name: interfaceName
+    - name: count
+      type:
+        scalar: numeric
+    - name: deviceClassName
       type:
         scalar: string
-    - name: ips
+      default: ""
+    - name: name
+      type:
+        scalar: string
+      default: ""
+    - name: selectors
       type:
         list:
           elementType:
-            scalar: string
+            namedType: io.k8s.api.resource.v1alpha3.DeviceSelector
           elementRelationship: atomic
-- name: io.k8s.api.resource.v1alpha3.OpaqueDeviceConfiguration
-  map:
+    - name: tolerations
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.DeviceToleration
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1alpha3.DeviceTaint
+  map:
+    fields:
+    - name: effect
+      type:
+        scalar: string
+      default: ""
+    - name: key
+      type:
+        scalar: string
+      default: ""
+    - name: timeAdded
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time
+    - name: value
+      type:
+        scalar: string
+- name: io.k8s.api.resource.v1alpha3.DeviceTaintRule
+  map:
+    fields:
+    - name: apiVersion
+      type:
+        scalar: string
+    - name: kind
+      type:
+        scalar: string
+    - name: metadata
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta
+      default: {}
+    - name: spec
+      type:
+        namedType: io.k8s.api.resource.v1alpha3.DeviceTaintRuleSpec
+      default: {}
+- name: io.k8s.api.resource.v1alpha3.DeviceTaintRuleSpec
+  map:
+    fields:
+    - name: deviceSelector
+      type:
+        namedType: io.k8s.api.resource.v1alpha3.DeviceTaintSelector
+    - name: taint
+      type:
+        namedType: io.k8s.api.resource.v1alpha3.DeviceTaint
+      default: {}
+- name: io.k8s.api.resource.v1alpha3.DeviceTaintSelector
+  map:
+    fields:
+    - name: device
+      type:
+        scalar: string
+    - name: deviceClassName
+      type:
+        scalar: string
+    - name: driver
+      type:
+        scalar: string
+    - name: pool
+      type:
+        scalar: string
+    - name: selectors
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.DeviceSelector
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1alpha3.DeviceToleration
+  map:
+    fields:
+    - name: effect
+      type:
+        scalar: string
+    - name: key
+      type:
+        scalar: string
+    - name: operator
+      type:
+        scalar: string
+      default: Equal
+    - name: tolerationSeconds
+      type:
+        scalar: numeric
+    - name: value
+      type:
+        scalar: string
+- name: io.k8s.api.resource.v1alpha3.NetworkDeviceData
+  map:
+    fields:
+    - name: hardwareAddress
+      type:
+        scalar: string
+    - name: interfaceName
+      type:
+        scalar: string
+    - name: ips
+      type:
+        list:
+          elementType:
+            scalar: string
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1alpha3.OpaqueDeviceConfiguration
+  map:
     fields:
     - name: driver
       type:
@@ -12677,17 +13078,599 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         namedType: io.k8s.api.resource.v1alpha3.DeviceClaim
       default: {}
-- name: io.k8s.api.resource.v1alpha3.ResourceClaimStatus
+- name: io.k8s.api.resource.v1alpha3.ResourceClaimStatus
+  map:
+    fields:
+    - name: allocation
+      type:
+        namedType: io.k8s.api.resource.v1alpha3.AllocationResult
+    - name: devices
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.AllocatedDeviceStatus
+          elementRelationship: associative
+          keys:
+          - driver
+          - device
+          - pool
+    - name: reservedFor
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.ResourceClaimConsumerReference
+          elementRelationship: associative
+          keys:
+          - uid
+- name: io.k8s.api.resource.v1alpha3.ResourceClaimTemplate
+  map:
+    fields:
+    - name: apiVersion
+      type:
+        scalar: string
+    - name: kind
+      type:
+        scalar: string
+    - name: metadata
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta
+      default: {}
+    - name: spec
+      type:
+        namedType: io.k8s.api.resource.v1alpha3.ResourceClaimTemplateSpec
+      default: {}
+- name: io.k8s.api.resource.v1alpha3.ResourceClaimTemplateSpec
+  map:
+    fields:
+    - name: metadata
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta
+      default: {}
+    - name: spec
+      type:
+        namedType: io.k8s.api.resource.v1alpha3.ResourceClaimSpec
+      default: {}
+- name: io.k8s.api.resource.v1alpha3.ResourcePool
+  map:
+    fields:
+    - name: generation
+      type:
+        scalar: numeric
+      default: 0
+    - name: name
+      type:
+        scalar: string
+      default: ""
+    - name: resourceSliceCount
+      type:
+        scalar: numeric
+      default: 0
+- name: io.k8s.api.resource.v1alpha3.ResourceSlice
+  map:
+    fields:
+    - name: apiVersion
+      type:
+        scalar: string
+    - name: kind
+      type:
+        scalar: string
+    - name: metadata
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta
+      default: {}
+    - name: spec
+      type:
+        namedType: io.k8s.api.resource.v1alpha3.ResourceSliceSpec
+      default: {}
+- name: io.k8s.api.resource.v1alpha3.ResourceSliceSpec
+  map:
+    fields:
+    - name: allNodes
+      type:
+        scalar: boolean
+    - name: devices
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.Device
+          elementRelationship: atomic
+    - name: driver
+      type:
+        scalar: string
+      default: ""
+    - name: nodeName
+      type:
+        scalar: string
+    - name: nodeSelector
+      type:
+        namedType: io.k8s.api.core.v1.NodeSelector
+    - name: perDeviceNodeSelection
+      type:
+        scalar: boolean
+    - name: pool
+      type:
+        namedType: io.k8s.api.resource.v1alpha3.ResourcePool
+      default: {}
+    - name: sharedCounters
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1alpha3.CounterSet
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.AllocatedDeviceStatus
+  map:
+    fields:
+    - name: conditions
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Condition
+          elementRelationship: associative
+          keys:
+          - type
+    - name: data
+      type:
+        namedType: __untyped_atomic_
+    - name: device
+      type:
+        scalar: string
+      default: ""
+    - name: driver
+      type:
+        scalar: string
+      default: ""
+    - name: networkData
+      type:
+        namedType: io.k8s.api.resource.v1beta1.NetworkDeviceData
+    - name: pool
+      type:
+        scalar: string
+      default: ""
+- name: io.k8s.api.resource.v1beta1.AllocationResult
+  map:
+    fields:
+    - name: devices
+      type:
+        namedType: io.k8s.api.resource.v1beta1.DeviceAllocationResult
+      default: {}
+    - name: nodeSelector
+      type:
+        namedType: io.k8s.api.core.v1.NodeSelector
+- name: io.k8s.api.resource.v1beta1.BasicDevice
+  map:
+    fields:
+    - name: allNodes
+      type:
+        scalar: boolean
+    - name: attributes
+      type:
+        map:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceAttribute
+    - name: capacity
+      type:
+        map:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceCapacity
+    - name: consumesCounters
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceCounterConsumption
+          elementRelationship: atomic
+    - name: nodeName
+      type:
+        scalar: string
+    - name: nodeSelector
+      type:
+        namedType: io.k8s.api.core.v1.NodeSelector
+    - name: taints
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceTaint
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.CELDeviceSelector
+  map:
+    fields:
+    - name: expression
+      type:
+        scalar: string
+      default: ""
+- name: io.k8s.api.resource.v1beta1.Counter
+  map:
+    fields:
+    - name: value
+      type:
+        namedType: io.k8s.apimachinery.pkg.api.resource.Quantity
+- name: io.k8s.api.resource.v1beta1.CounterSet
+  map:
+    fields:
+    - name: counters
+      type:
+        map:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.Counter
+    - name: name
+      type:
+        scalar: string
+      default: ""
+- name: io.k8s.api.resource.v1beta1.Device
+  map:
+    fields:
+    - name: basic
+      type:
+        namedType: io.k8s.api.resource.v1beta1.BasicDevice
+    - name: name
+      type:
+        scalar: string
+      default: ""
+- name: io.k8s.api.resource.v1beta1.DeviceAllocationConfiguration
+  map:
+    fields:
+    - name: opaque
+      type:
+        namedType: io.k8s.api.resource.v1beta1.OpaqueDeviceConfiguration
+    - name: requests
+      type:
+        list:
+          elementType:
+            scalar: string
+          elementRelationship: atomic
+    - name: source
+      type:
+        scalar: string
+      default: ""
+- name: io.k8s.api.resource.v1beta1.DeviceAllocationResult
+  map:
+    fields:
+    - name: config
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceAllocationConfiguration
+          elementRelationship: atomic
+    - name: results
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceRequestAllocationResult
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.DeviceAttribute
+  map:
+    fields:
+    - name: bool
+      type:
+        scalar: boolean
+    - name: int
+      type:
+        scalar: numeric
+    - name: string
+      type:
+        scalar: string
+    - name: version
+      type:
+        scalar: string
+- name: io.k8s.api.resource.v1beta1.DeviceCapacity
+  map:
+    fields:
+    - name: value
+      type:
+        namedType: io.k8s.apimachinery.pkg.api.resource.Quantity
+- name: io.k8s.api.resource.v1beta1.DeviceClaim
+  map:
+    fields:
+    - name: config
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceClaimConfiguration
+          elementRelationship: atomic
+    - name: constraints
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceConstraint
+          elementRelationship: atomic
+    - name: requests
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceRequest
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.DeviceClaimConfiguration
+  map:
+    fields:
+    - name: opaque
+      type:
+        namedType: io.k8s.api.resource.v1beta1.OpaqueDeviceConfiguration
+    - name: requests
+      type:
+        list:
+          elementType:
+            scalar: string
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.DeviceClass
+  map:
+    fields:
+    - name: apiVersion
+      type:
+        scalar: string
+    - name: kind
+      type:
+        scalar: string
+    - name: metadata
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta
+      default: {}
+    - name: spec
+      type:
+        namedType: io.k8s.api.resource.v1beta1.DeviceClassSpec
+      default: {}
+- name: io.k8s.api.resource.v1beta1.DeviceClassConfiguration
+  map:
+    fields:
+    - name: opaque
+      type:
+        namedType: io.k8s.api.resource.v1beta1.OpaqueDeviceConfiguration
+- name: io.k8s.api.resource.v1beta1.DeviceClassSpec
+  map:
+    fields:
+    - name: config
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceClassConfiguration
+          elementRelationship: atomic
+    - name: selectors
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceSelector
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.DeviceConstraint
+  map:
+    fields:
+    - name: matchAttribute
+      type:
+        scalar: string
+    - name: requests
+      type:
+        list:
+          elementType:
+            scalar: string
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.DeviceCounterConsumption
+  map:
+    fields:
+    - name: counterSet
+      type:
+        scalar: string
+      default: ""
+    - name: counters
+      type:
+        map:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.Counter
+- name: io.k8s.api.resource.v1beta1.DeviceRequest
+  map:
+    fields:
+    - name: adminAccess
+      type:
+        scalar: boolean
+    - name: allocationMode
+      type:
+        scalar: string
+    - name: count
+      type:
+        scalar: numeric
+    - name: deviceClassName
+      type:
+        scalar: string
+      default: ""
+    - name: firstAvailable
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceSubRequest
+          elementRelationship: atomic
+    - name: name
+      type:
+        scalar: string
+      default: ""
+    - name: selectors
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceSelector
+          elementRelationship: atomic
+    - name: tolerations
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceToleration
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.DeviceRequestAllocationResult
+  map:
+    fields:
+    - name: adminAccess
+      type:
+        scalar: boolean
+    - name: device
+      type:
+        scalar: string
+      default: ""
+    - name: driver
+      type:
+        scalar: string
+      default: ""
+    - name: pool
+      type:
+        scalar: string
+      default: ""
+    - name: request
+      type:
+        scalar: string
+      default: ""
+    - name: tolerations
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceToleration
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.DeviceSelector
+  map:
+    fields:
+    - name: cel
+      type:
+        namedType: io.k8s.api.resource.v1beta1.CELDeviceSelector
+- name: io.k8s.api.resource.v1beta1.DeviceSubRequest
+  map:
+    fields:
+    - name: allocationMode
+      type:
+        scalar: string
+    - name: count
+      type:
+        scalar: numeric
+    - name: deviceClassName
+      type:
+        scalar: string
+      default: ""
+    - name: name
+      type:
+        scalar: string
+      default: ""
+    - name: selectors
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceSelector
+          elementRelationship: atomic
+    - name: tolerations
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.DeviceToleration
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.DeviceTaint
+  map:
+    fields:
+    - name: effect
+      type:
+        scalar: string
+      default: ""
+    - name: key
+      type:
+        scalar: string
+      default: ""
+    - name: timeAdded
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time
+    - name: value
+      type:
+        scalar: string
+- name: io.k8s.api.resource.v1beta1.DeviceToleration
+  map:
+    fields:
+    - name: effect
+      type:
+        scalar: string
+    - name: key
+      type:
+        scalar: string
+    - name: operator
+      type:
+        scalar: string
+      default: Equal
+    - name: tolerationSeconds
+      type:
+        scalar: numeric
+    - name: value
+      type:
+        scalar: string
+- name: io.k8s.api.resource.v1beta1.NetworkDeviceData
+  map:
+    fields:
+    - name: hardwareAddress
+      type:
+        scalar: string
+    - name: interfaceName
+      type:
+        scalar: string
+    - name: ips
+      type:
+        list:
+          elementType:
+            scalar: string
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta1.OpaqueDeviceConfiguration
+  map:
+    fields:
+    - name: driver
+      type:
+        scalar: string
+      default: ""
+    - name: parameters
+      type:
+        namedType: __untyped_atomic_
+- name: io.k8s.api.resource.v1beta1.ResourceClaim
+  map:
+    fields:
+    - name: apiVersion
+      type:
+        scalar: string
+    - name: kind
+      type:
+        scalar: string
+    - name: metadata
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta
+      default: {}
+    - name: spec
+      type:
+        namedType: io.k8s.api.resource.v1beta1.ResourceClaimSpec
+      default: {}
+    - name: status
+      type:
+        namedType: io.k8s.api.resource.v1beta1.ResourceClaimStatus
+      default: {}
+- name: io.k8s.api.resource.v1beta1.ResourceClaimConsumerReference
+  map:
+    fields:
+    - name: apiGroup
+      type:
+        scalar: string
+    - name: name
+      type:
+        scalar: string
+      default: ""
+    - name: resource
+      type:
+        scalar: string
+      default: ""
+    - name: uid
+      type:
+        scalar: string
+      default: ""
+- name: io.k8s.api.resource.v1beta1.ResourceClaimSpec
+  map:
+    fields:
+    - name: devices
+      type:
+        namedType: io.k8s.api.resource.v1beta1.DeviceClaim
+      default: {}
+- name: io.k8s.api.resource.v1beta1.ResourceClaimStatus
   map:
     fields:
     - name: allocation
       type:
-        namedType: io.k8s.api.resource.v1alpha3.AllocationResult
+        namedType: io.k8s.api.resource.v1beta1.AllocationResult
     - name: devices
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1alpha3.AllocatedDeviceStatus
+            namedType: io.k8s.api.resource.v1beta1.AllocatedDeviceStatus
           elementRelationship: associative
           keys:
           - driver
@@ -12697,11 +13680,11 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1alpha3.ResourceClaimConsumerReference
+            namedType: io.k8s.api.resource.v1beta1.ResourceClaimConsumerReference
           elementRelationship: associative
           keys:
           - uid
-- name: io.k8s.api.resource.v1alpha3.ResourceClaimTemplate
+- name: io.k8s.api.resource.v1beta1.ResourceClaimTemplate
   map:
     fields:
     - name: apiVersion
@@ -12716,9 +13699,9 @@ var schemaYAML = typed.YAMLObject(`types:
       default: {}
     - name: spec
       type:
-        namedType: io.k8s.api.resource.v1alpha3.ResourceClaimTemplateSpec
+        namedType: io.k8s.api.resource.v1beta1.ResourceClaimTemplateSpec
       default: {}
-- name: io.k8s.api.resource.v1alpha3.ResourceClaimTemplateSpec
+- name: io.k8s.api.resource.v1beta1.ResourceClaimTemplateSpec
   map:
     fields:
     - name: metadata
@@ -12727,9 +13710,9 @@ var schemaYAML = typed.YAMLObject(`types:
       default: {}
     - name: spec
       type:
-        namedType: io.k8s.api.resource.v1alpha3.ResourceClaimSpec
+        namedType: io.k8s.api.resource.v1beta1.ResourceClaimSpec
       default: {}
-- name: io.k8s.api.resource.v1alpha3.ResourcePool
+- name: io.k8s.api.resource.v1beta1.ResourcePool
   map:
     fields:
     - name: generation
@@ -12744,7 +13727,7 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: numeric
       default: 0
-- name: io.k8s.api.resource.v1alpha3.ResourceSlice
+- name: io.k8s.api.resource.v1beta1.ResourceSlice
   map:
     fields:
     - name: apiVersion
@@ -12759,9 +13742,9 @@ var schemaYAML = typed.YAMLObject(`types:
       default: {}
     - name: spec
       type:
-        namedType: io.k8s.api.resource.v1alpha3.ResourceSliceSpec
+        namedType: io.k8s.api.resource.v1beta1.ResourceSliceSpec
       default: {}
-- name: io.k8s.api.resource.v1alpha3.ResourceSliceSpec
+- name: io.k8s.api.resource.v1beta1.ResourceSliceSpec
   map:
     fields:
     - name: allNodes
@@ -12771,7 +13754,7 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1alpha3.Device
+            namedType: io.k8s.api.resource.v1beta1.Device
           elementRelationship: atomic
     - name: driver
       type:
@@ -12783,11 +13766,20 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: nodeSelector
       type:
         namedType: io.k8s.api.core.v1.NodeSelector
+    - name: perDeviceNodeSelection
+      type:
+        scalar: boolean
     - name: pool
       type:
-        namedType: io.k8s.api.resource.v1alpha3.ResourcePool
+        namedType: io.k8s.api.resource.v1beta1.ResourcePool
       default: {}
-- name: io.k8s.api.resource.v1beta1.AllocatedDeviceStatus
+    - name: sharedCounters
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta1.CounterSet
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta2.AllocatedDeviceStatus
   map:
     fields:
     - name: conditions
@@ -12811,57 +13803,90 @@ var schemaYAML = typed.YAMLObject(`types:
       default: ""
     - name: networkData
       type:
-        namedType: io.k8s.api.resource.v1beta1.NetworkDeviceData
+        namedType: io.k8s.api.resource.v1beta2.NetworkDeviceData
     - name: pool
       type:
         scalar: string
       default: ""
-- name: io.k8s.api.resource.v1beta1.AllocationResult
+- name: io.k8s.api.resource.v1beta2.AllocationResult
   map:
     fields:
     - name: devices
       type:
-        namedType: io.k8s.api.resource.v1beta1.DeviceAllocationResult
+        namedType: io.k8s.api.resource.v1beta2.DeviceAllocationResult
       default: {}
     - name: nodeSelector
       type:
         namedType: io.k8s.api.core.v1.NodeSelector
-- name: io.k8s.api.resource.v1beta1.BasicDevice
+- name: io.k8s.api.resource.v1beta2.CELDeviceSelector
   map:
     fields:
-    - name: attributes
+    - name: expression
       type:
-        map:
-          elementType:
-            namedType: io.k8s.api.resource.v1beta1.DeviceAttribute
-    - name: capacity
+        scalar: string
+      default: ""
+- name: io.k8s.api.resource.v1beta2.Counter
+  map:
+    fields:
+    - name: value
       type:
-        map:
-          elementType:
-            namedType: io.k8s.api.resource.v1beta1.DeviceCapacity
-- name: io.k8s.api.resource.v1beta1.CELDeviceSelector
+        namedType: io.k8s.apimachinery.pkg.api.resource.Quantity
+- name: io.k8s.api.resource.v1beta2.CounterSet
   map:
     fields:
-    - name: expression
+    - name: counters
+      type:
+        map:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.Counter
+    - name: name
       type:
         scalar: string
       default: ""
-- name: io.k8s.api.resource.v1beta1.Device
+- name: io.k8s.api.resource.v1beta2.Device
   map:
     fields:
-    - name: basic
+    - name: allNodes
       type:
-        namedType: io.k8s.api.resource.v1beta1.BasicDevice
+        scalar: boolean
+    - name: attributes
+      type:
+        map:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.DeviceAttribute
+    - name: capacity
+      type:
+        map:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.DeviceCapacity
+    - name: consumesCounters
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.DeviceCounterConsumption
+          elementRelationship: atomic
     - name: name
       type:
         scalar: string
       default: ""
-- name: io.k8s.api.resource.v1beta1.DeviceAllocationConfiguration
+    - name: nodeName
+      type:
+        scalar: string
+    - name: nodeSelector
+      type:
+        namedType: io.k8s.api.core.v1.NodeSelector
+    - name: taints
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.DeviceTaint
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta2.DeviceAllocationConfiguration
   map:
     fields:
     - name: opaque
       type:
-        namedType: io.k8s.api.resource.v1beta1.OpaqueDeviceConfiguration
+        namedType: io.k8s.api.resource.v1beta2.OpaqueDeviceConfiguration
     - name: requests
       type:
         list:
@@ -12872,22 +13897,22 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: string
       default: ""
-- name: io.k8s.api.resource.v1beta1.DeviceAllocationResult
+- name: io.k8s.api.resource.v1beta2.DeviceAllocationResult
   map:
     fields:
     - name: config
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.DeviceAllocationConfiguration
+            namedType: io.k8s.api.resource.v1beta2.DeviceAllocationConfiguration
           elementRelationship: atomic
     - name: results
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.DeviceRequestAllocationResult
+            namedType: io.k8s.api.resource.v1beta2.DeviceRequestAllocationResult
           elementRelationship: atomic
-- name: io.k8s.api.resource.v1beta1.DeviceAttribute
+- name: io.k8s.api.resource.v1beta2.DeviceAttribute
   map:
     fields:
     - name: bool
@@ -12902,46 +13927,46 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: version
       type:
         scalar: string
-- name: io.k8s.api.resource.v1beta1.DeviceCapacity
+- name: io.k8s.api.resource.v1beta2.DeviceCapacity
   map:
     fields:
     - name: value
       type:
         namedType: io.k8s.apimachinery.pkg.api.resource.Quantity
-- name: io.k8s.api.resource.v1beta1.DeviceClaim
+- name: io.k8s.api.resource.v1beta2.DeviceClaim
   map:
     fields:
     - name: config
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.DeviceClaimConfiguration
+            namedType: io.k8s.api.resource.v1beta2.DeviceClaimConfiguration
           elementRelationship: atomic
     - name: constraints
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.DeviceConstraint
+            namedType: io.k8s.api.resource.v1beta2.DeviceConstraint
           elementRelationship: atomic
     - name: requests
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.DeviceRequest
+            namedType: io.k8s.api.resource.v1beta2.DeviceRequest
           elementRelationship: atomic
-- name: io.k8s.api.resource.v1beta1.DeviceClaimConfiguration
+- name: io.k8s.api.resource.v1beta2.DeviceClaimConfiguration
   map:
     fields:
     - name: opaque
       type:
-        namedType: io.k8s.api.resource.v1beta1.OpaqueDeviceConfiguration
+        namedType: io.k8s.api.resource.v1beta2.OpaqueDeviceConfiguration
     - name: requests
       type:
         list:
           elementType:
             scalar: string
           elementRelationship: atomic
-- name: io.k8s.api.resource.v1beta1.DeviceClass
+- name: io.k8s.api.resource.v1beta2.DeviceClass
   map:
     fields:
     - name: apiVersion
@@ -12956,30 +13981,30 @@ var schemaYAML = typed.YAMLObject(`types:
       default: {}
     - name: spec
       type:
-        namedType: io.k8s.api.resource.v1beta1.DeviceClassSpec
+        namedType: io.k8s.api.resource.v1beta2.DeviceClassSpec
       default: {}
-- name: io.k8s.api.resource.v1beta1.DeviceClassConfiguration
+- name: io.k8s.api.resource.v1beta2.DeviceClassConfiguration
   map:
     fields:
     - name: opaque
       type:
-        namedType: io.k8s.api.resource.v1beta1.OpaqueDeviceConfiguration
-- name: io.k8s.api.resource.v1beta1.DeviceClassSpec
+        namedType: io.k8s.api.resource.v1beta2.OpaqueDeviceConfiguration
+- name: io.k8s.api.resource.v1beta2.DeviceClassSpec
   map:
     fields:
     - name: config
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.DeviceClassConfiguration
+            namedType: io.k8s.api.resource.v1beta2.DeviceClassConfiguration
           elementRelationship: atomic
     - name: selectors
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.DeviceSelector
+            namedType: io.k8s.api.resource.v1beta2.DeviceSelector
           elementRelationship: atomic
-- name: io.k8s.api.resource.v1beta1.DeviceConstraint
+- name: io.k8s.api.resource.v1beta2.DeviceConstraint
   map:
     fields:
     - name: matchAttribute
@@ -12991,12 +14016,71 @@ var schemaYAML = typed.YAMLObject(`types:
           elementType:
             scalar: string
           elementRelationship: atomic
-- name: io.k8s.api.resource.v1beta1.DeviceRequest
+- name: io.k8s.api.resource.v1beta2.DeviceCounterConsumption
+  map:
+    fields:
+    - name: counterSet
+      type:
+        scalar: string
+      default: ""
+    - name: counters
+      type:
+        map:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.Counter
+- name: io.k8s.api.resource.v1beta2.DeviceRequest
+  map:
+    fields:
+    - name: exactly
+      type:
+        namedType: io.k8s.api.resource.v1beta2.ExactDeviceRequest
+    - name: firstAvailable
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.DeviceSubRequest
+          elementRelationship: atomic
+    - name: name
+      type:
+        scalar: string
+      default: ""
+- name: io.k8s.api.resource.v1beta2.DeviceRequestAllocationResult
   map:
     fields:
     - name: adminAccess
       type:
         scalar: boolean
+    - name: device
+      type:
+        scalar: string
+      default: ""
+    - name: driver
+      type:
+        scalar: string
+      default: ""
+    - name: pool
+      type:
+        scalar: string
+      default: ""
+    - name: request
+      type:
+        scalar: string
+      default: ""
+    - name: tolerations
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.DeviceToleration
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta2.DeviceSelector
+  map:
+    fields:
+    - name: cel
+      type:
+        namedType: io.k8s.api.resource.v1beta2.CELDeviceSelector
+- name: io.k8s.api.resource.v1beta2.DeviceSubRequest
+  map:
+    fields:
     - name: allocationMode
       type:
         scalar: string
@@ -13015,37 +14099,79 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.DeviceSelector
+            namedType: io.k8s.api.resource.v1beta2.DeviceSelector
           elementRelationship: atomic
-- name: io.k8s.api.resource.v1beta1.DeviceRequestAllocationResult
+    - name: tolerations
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.DeviceToleration
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta2.DeviceTaint
   map:
     fields:
-    - name: adminAccess
-      type:
-        scalar: boolean
-    - name: device
+    - name: effect
       type:
         scalar: string
       default: ""
-    - name: driver
+    - name: key
       type:
         scalar: string
       default: ""
-    - name: pool
+    - name: timeAdded
+      type:
+        namedType: io.k8s.apimachinery.pkg.apis.meta.v1.Time
+    - name: value
       type:
         scalar: string
-      default: ""
-    - name: request
+- name: io.k8s.api.resource.v1beta2.DeviceToleration
+  map:
+    fields:
+    - name: effect
       type:
         scalar: string
-      default: ""
-- name: io.k8s.api.resource.v1beta1.DeviceSelector
+    - name: key
+      type:
+        scalar: string
+    - name: operator
+      type:
+        scalar: string
+      default: Equal
+    - name: tolerationSeconds
+      type:
+        scalar: numeric
+    - name: value
+      type:
+        scalar: string
+- name: io.k8s.api.resource.v1beta2.ExactDeviceRequest
   map:
     fields:
-    - name: cel
+    - name: adminAccess
       type:
-        namedType: io.k8s.api.resource.v1beta1.CELDeviceSelector
-- name: io.k8s.api.resource.v1beta1.NetworkDeviceData
+        scalar: boolean
+    - name: allocationMode
+      type:
+        scalar: string
+    - name: count
+      type:
+        scalar: numeric
+    - name: deviceClassName
+      type:
+        scalar: string
+      default: ""
+    - name: selectors
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.DeviceSelector
+          elementRelationship: atomic
+    - name: tolerations
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.DeviceToleration
+          elementRelationship: atomic
+- name: io.k8s.api.resource.v1beta2.NetworkDeviceData
   map:
     fields:
     - name: hardwareAddress
@@ -13060,7 +14186,7 @@ var schemaYAML = typed.YAMLObject(`types:
           elementType:
             scalar: string
           elementRelationship: atomic
-- name: io.k8s.api.resource.v1beta1.OpaqueDeviceConfiguration
+- name: io.k8s.api.resource.v1beta2.OpaqueDeviceConfiguration
   map:
     fields:
     - name: driver
@@ -13070,7 +14196,7 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: parameters
       type:
         namedType: __untyped_atomic_
-- name: io.k8s.api.resource.v1beta1.ResourceClaim
+- name: io.k8s.api.resource.v1beta2.ResourceClaim
   map:
     fields:
     - name: apiVersion
@@ -13085,13 +14211,13 @@ var schemaYAML = typed.YAMLObject(`types:
       default: {}
     - name: spec
       type:
-        namedType: io.k8s.api.resource.v1beta1.ResourceClaimSpec
+        namedType: io.k8s.api.resource.v1beta2.ResourceClaimSpec
       default: {}
     - name: status
       type:
-        namedType: io.k8s.api.resource.v1beta1.ResourceClaimStatus
+        namedType: io.k8s.api.resource.v1beta2.ResourceClaimStatus
       default: {}
-- name: io.k8s.api.resource.v1beta1.ResourceClaimConsumerReference
+- name: io.k8s.api.resource.v1beta2.ResourceClaimConsumerReference
   map:
     fields:
     - name: apiGroup
@@ -13109,24 +14235,24 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: string
       default: ""
-- name: io.k8s.api.resource.v1beta1.ResourceClaimSpec
+- name: io.k8s.api.resource.v1beta2.ResourceClaimSpec
   map:
     fields:
     - name: devices
       type:
-        namedType: io.k8s.api.resource.v1beta1.DeviceClaim
+        namedType: io.k8s.api.resource.v1beta2.DeviceClaim
       default: {}
-- name: io.k8s.api.resource.v1beta1.ResourceClaimStatus
+- name: io.k8s.api.resource.v1beta2.ResourceClaimStatus
   map:
     fields:
     - name: allocation
       type:
-        namedType: io.k8s.api.resource.v1beta1.AllocationResult
+        namedType: io.k8s.api.resource.v1beta2.AllocationResult
     - name: devices
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.AllocatedDeviceStatus
+            namedType: io.k8s.api.resource.v1beta2.AllocatedDeviceStatus
           elementRelationship: associative
           keys:
           - driver
@@ -13136,11 +14262,11 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.ResourceClaimConsumerReference
+            namedType: io.k8s.api.resource.v1beta2.ResourceClaimConsumerReference
           elementRelationship: associative
           keys:
           - uid
-- name: io.k8s.api.resource.v1beta1.ResourceClaimTemplate
+- name: io.k8s.api.resource.v1beta2.ResourceClaimTemplate
   map:
     fields:
     - name: apiVersion
@@ -13155,9 +14281,9 @@ var schemaYAML = typed.YAMLObject(`types:
       default: {}
     - name: spec
       type:
-        namedType: io.k8s.api.resource.v1beta1.ResourceClaimTemplateSpec
+        namedType: io.k8s.api.resource.v1beta2.ResourceClaimTemplateSpec
       default: {}
-- name: io.k8s.api.resource.v1beta1.ResourceClaimTemplateSpec
+- name: io.k8s.api.resource.v1beta2.ResourceClaimTemplateSpec
   map:
     fields:
     - name: metadata
@@ -13166,9 +14292,9 @@ var schemaYAML = typed.YAMLObject(`types:
       default: {}
     - name: spec
       type:
-        namedType: io.k8s.api.resource.v1beta1.ResourceClaimSpec
+        namedType: io.k8s.api.resource.v1beta2.ResourceClaimSpec
       default: {}
-- name: io.k8s.api.resource.v1beta1.ResourcePool
+- name: io.k8s.api.resource.v1beta2.ResourcePool
   map:
     fields:
     - name: generation
@@ -13183,7 +14309,7 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         scalar: numeric
       default: 0
-- name: io.k8s.api.resource.v1beta1.ResourceSlice
+- name: io.k8s.api.resource.v1beta2.ResourceSlice
   map:
     fields:
     - name: apiVersion
@@ -13198,9 +14324,9 @@ var schemaYAML = typed.YAMLObject(`types:
       default: {}
     - name: spec
       type:
-        namedType: io.k8s.api.resource.v1beta1.ResourceSliceSpec
+        namedType: io.k8s.api.resource.v1beta2.ResourceSliceSpec
       default: {}
-- name: io.k8s.api.resource.v1beta1.ResourceSliceSpec
+- name: io.k8s.api.resource.v1beta2.ResourceSliceSpec
   map:
     fields:
     - name: allNodes
@@ -13210,7 +14336,7 @@ var schemaYAML = typed.YAMLObject(`types:
       type:
         list:
           elementType:
-            namedType: io.k8s.api.resource.v1beta1.Device
+            namedType: io.k8s.api.resource.v1beta2.Device
           elementRelationship: atomic
     - name: driver
       type:
@@ -13222,10 +14348,19 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: nodeSelector
       type:
         namedType: io.k8s.api.core.v1.NodeSelector
+    - name: perDeviceNodeSelection
+      type:
+        scalar: boolean
     - name: pool
       type:
-        namedType: io.k8s.api.resource.v1beta1.ResourcePool
+        namedType: io.k8s.api.resource.v1beta2.ResourcePool
       default: {}
+    - name: sharedCounters
+      type:
+        list:
+          elementType:
+            namedType: io.k8s.api.resource.v1beta2.CounterSet
+          elementRelationship: atomic
 - name: io.k8s.api.scheduling.v1.PriorityClass
   map:
     fields:
@@ -13330,6 +14465,9 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: fsGroupPolicy
       type:
         scalar: string
+    - name: nodeAllocatableUpdatePeriodSeconds
+      type:
+        scalar: numeric
     - name: podInfoOnMount
       type:
         scalar: boolean
@@ -13547,6 +14685,9 @@ var schemaYAML = typed.YAMLObject(`types:
 - name: io.k8s.api.storage.v1.VolumeError
   map:
     fields:
+    - name: errorCode
+      type:
+        scalar: numeric
     - name: message
       type:
         scalar: string
@@ -13673,6 +14814,9 @@ var schemaYAML = typed.YAMLObject(`types:
 - name: io.k8s.api.storage.v1alpha1.VolumeError
   map:
     fields:
+    - name: errorCode
+      type:
+        scalar: numeric
     - name: message
       type:
         scalar: string
@@ -13705,6 +14849,9 @@ var schemaYAML = typed.YAMLObject(`types:
     - name: fsGroupPolicy
       type:
         scalar: string
+    - name: nodeAllocatableUpdatePeriodSeconds
+      type:
+        scalar: numeric
     - name: podInfoOnMount
       type:
         scalar: boolean
@@ -13944,6 +15091,9 @@ var schemaYAML = typed.YAMLObject(`types:
 - name: io.k8s.api.storage.v1beta1.VolumeError
   map:
     fields:
+    - name: errorCode
+      type:
+        scalar: numeric
     - name: message
       type:
         scalar: string
diff --git a/vendor/k8s.io/client-go/applyconfigurations/networking/v1/ipaddress.go b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/ipaddress.go
new file mode 100644
index 0000000000..f3098b96be
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/ipaddress.go
@@ -0,0 +1,253 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	networkingv1 "k8s.io/api/networking/v1"
+	apismetav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	managedfields "k8s.io/apimachinery/pkg/util/managedfields"
+	internal "k8s.io/client-go/applyconfigurations/internal"
+	metav1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// IPAddressApplyConfiguration represents a declarative configuration of the IPAddress type for use
+// with apply.
+type IPAddressApplyConfiguration struct {
+	metav1.TypeMetaApplyConfiguration    `json:",inline"`
+	*metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
+	Spec                                 *IPAddressSpecApplyConfiguration `json:"spec,omitempty"`
+}
+
+// IPAddress constructs a declarative configuration of the IPAddress type for use with
+// apply.
+func IPAddress(name string) *IPAddressApplyConfiguration {
+	b := &IPAddressApplyConfiguration{}
+	b.WithName(name)
+	b.WithKind("IPAddress")
+	b.WithAPIVersion("networking.k8s.io/v1")
+	return b
+}
+
+// ExtractIPAddress extracts the applied configuration owned by fieldManager from
+// iPAddress. If no managedFields are found in iPAddress for fieldManager, a
+// IPAddressApplyConfiguration is returned with only the Name, Namespace (if applicable),
+// APIVersion and Kind populated. It is possible that no managed fields were found for because other
+// field managers have taken ownership of all the fields previously owned by fieldManager, or because
+// the fieldManager never owned fields any fields.
+// iPAddress must be a unmodified IPAddress API object that was retrieved from the Kubernetes API.
+// ExtractIPAddress provides a way to perform a extract/modify-in-place/apply workflow.
+// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously
+// applied if another fieldManager has updated or force applied any of the previously applied fields.
+// Experimental!
+func ExtractIPAddress(iPAddress *networkingv1.IPAddress, fieldManager string) (*IPAddressApplyConfiguration, error) {
+	return extractIPAddress(iPAddress, fieldManager, "")
+}
+
+// ExtractIPAddressStatus is the same as ExtractIPAddress except
+// that it extracts the status subresource applied configuration.
+// Experimental!
+func ExtractIPAddressStatus(iPAddress *networkingv1.IPAddress, fieldManager string) (*IPAddressApplyConfiguration, error) {
+	return extractIPAddress(iPAddress, fieldManager, "status")
+}
+
+func extractIPAddress(iPAddress *networkingv1.IPAddress, fieldManager string, subresource string) (*IPAddressApplyConfiguration, error) {
+	b := &IPAddressApplyConfiguration{}
+	err := managedfields.ExtractInto(iPAddress, internal.Parser().Type("io.k8s.api.networking.v1.IPAddress"), fieldManager, b, subresource)
+	if err != nil {
+		return nil, err
+	}
+	b.WithName(iPAddress.Name)
+
+	b.WithKind("IPAddress")
+	b.WithAPIVersion("networking.k8s.io/v1")
+	return b, nil
+}
+
+// WithKind sets the Kind field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Kind field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithKind(value string) *IPAddressApplyConfiguration {
+	b.TypeMetaApplyConfiguration.Kind = &value
+	return b
+}
+
+// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the APIVersion field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithAPIVersion(value string) *IPAddressApplyConfiguration {
+	b.TypeMetaApplyConfiguration.APIVersion = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithName(value string) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Name = &value
+	return b
+}
+
+// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the GenerateName field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithGenerateName(value string) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.GenerateName = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithNamespace(value string) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Namespace = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithUID(value types.UID) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.UID = &value
+	return b
+}
+
+// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceVersion field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithResourceVersion(value string) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.ResourceVersion = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithGeneration(value int64) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Generation = &value
+	return b
+}
+
+// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CreationTimestamp field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithCreationTimestamp(value apismetav1.Time) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.CreationTimestamp = &value
+	return b
+}
+
+// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithDeletionTimestamp(value apismetav1.Time) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value
+	return b
+}
+
+// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value
+	return b
+}
+
+// WithLabels puts the entries into the Labels field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Labels field,
+// overwriting an existing map entries in Labels field with the same key.
+func (b *IPAddressApplyConfiguration) WithLabels(entries map[string]string) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Labels[k] = v
+	}
+	return b
+}
+
+// WithAnnotations puts the entries into the Annotations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Annotations field,
+// overwriting an existing map entries in Annotations field with the same key.
+func (b *IPAddressApplyConfiguration) WithAnnotations(entries map[string]string) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Annotations[k] = v
+	}
+	return b
+}
+
+// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
+func (b *IPAddressApplyConfiguration) WithOwnerReferences(values ...*metav1.OwnerReferenceApplyConfiguration) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithOwnerReferences")
+		}
+		b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i])
+	}
+	return b
+}
+
+// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Finalizers field.
+func (b *IPAddressApplyConfiguration) WithFinalizers(values ...string) *IPAddressApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i])
+	}
+	return b
+}
+
+func (b *IPAddressApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
+	if b.ObjectMetaApplyConfiguration == nil {
+		b.ObjectMetaApplyConfiguration = &metav1.ObjectMetaApplyConfiguration{}
+	}
+}
+
+// WithSpec sets the Spec field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Spec field is set to the value of the last call.
+func (b *IPAddressApplyConfiguration) WithSpec(value *IPAddressSpecApplyConfiguration) *IPAddressApplyConfiguration {
+	b.Spec = value
+	return b
+}
+
+// GetName retrieves the value of the Name field in the declarative configuration.
+func (b *IPAddressApplyConfiguration) GetName() *string {
+	b.ensureObjectMetaApplyConfigurationExists()
+	return b.ObjectMetaApplyConfiguration.Name
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/networking/v1/ipaddressspec.go b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/ipaddressspec.go
new file mode 100644
index 0000000000..bac6e7912f
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/ipaddressspec.go
@@ -0,0 +1,39 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1
+
+// IPAddressSpecApplyConfiguration represents a declarative configuration of the IPAddressSpec type for use
+// with apply.
+type IPAddressSpecApplyConfiguration struct {
+	ParentRef *ParentReferenceApplyConfiguration `json:"parentRef,omitempty"`
+}
+
+// IPAddressSpecApplyConfiguration constructs a declarative configuration of the IPAddressSpec type for use with
+// apply.
+func IPAddressSpec() *IPAddressSpecApplyConfiguration {
+	return &IPAddressSpecApplyConfiguration{}
+}
+
+// WithParentRef sets the ParentRef field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ParentRef field is set to the value of the last call.
+func (b *IPAddressSpecApplyConfiguration) WithParentRef(value *ParentReferenceApplyConfiguration) *IPAddressSpecApplyConfiguration {
+	b.ParentRef = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/networking/v1/parentreference.go b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/parentreference.go
new file mode 100644
index 0000000000..896c0f8a6d
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/parentreference.go
@@ -0,0 +1,66 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1
+
+// ParentReferenceApplyConfiguration represents a declarative configuration of the ParentReference type for use
+// with apply.
+type ParentReferenceApplyConfiguration struct {
+	Group     *string `json:"group,omitempty"`
+	Resource  *string `json:"resource,omitempty"`
+	Namespace *string `json:"namespace,omitempty"`
+	Name      *string `json:"name,omitempty"`
+}
+
+// ParentReferenceApplyConfiguration constructs a declarative configuration of the ParentReference type for use with
+// apply.
+func ParentReference() *ParentReferenceApplyConfiguration {
+	return &ParentReferenceApplyConfiguration{}
+}
+
+// WithGroup sets the Group field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Group field is set to the value of the last call.
+func (b *ParentReferenceApplyConfiguration) WithGroup(value string) *ParentReferenceApplyConfiguration {
+	b.Group = &value
+	return b
+}
+
+// WithResource sets the Resource field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Resource field is set to the value of the last call.
+func (b *ParentReferenceApplyConfiguration) WithResource(value string) *ParentReferenceApplyConfiguration {
+	b.Resource = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *ParentReferenceApplyConfiguration) WithNamespace(value string) *ParentReferenceApplyConfiguration {
+	b.Namespace = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ParentReferenceApplyConfiguration) WithName(value string) *ParentReferenceApplyConfiguration {
+	b.Name = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/networking/v1/servicecidr.go b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/servicecidr.go
new file mode 100644
index 0000000000..1590c1579c
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/servicecidr.go
@@ -0,0 +1,262 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	networkingv1 "k8s.io/api/networking/v1"
+	apismetav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	managedfields "k8s.io/apimachinery/pkg/util/managedfields"
+	internal "k8s.io/client-go/applyconfigurations/internal"
+	metav1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// ServiceCIDRApplyConfiguration represents a declarative configuration of the ServiceCIDR type for use
+// with apply.
+type ServiceCIDRApplyConfiguration struct {
+	metav1.TypeMetaApplyConfiguration    `json:",inline"`
+	*metav1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
+	Spec                                 *ServiceCIDRSpecApplyConfiguration   `json:"spec,omitempty"`
+	Status                               *ServiceCIDRStatusApplyConfiguration `json:"status,omitempty"`
+}
+
+// ServiceCIDR constructs a declarative configuration of the ServiceCIDR type for use with
+// apply.
+func ServiceCIDR(name string) *ServiceCIDRApplyConfiguration {
+	b := &ServiceCIDRApplyConfiguration{}
+	b.WithName(name)
+	b.WithKind("ServiceCIDR")
+	b.WithAPIVersion("networking.k8s.io/v1")
+	return b
+}
+
+// ExtractServiceCIDR extracts the applied configuration owned by fieldManager from
+// serviceCIDR. If no managedFields are found in serviceCIDR for fieldManager, a
+// ServiceCIDRApplyConfiguration is returned with only the Name, Namespace (if applicable),
+// APIVersion and Kind populated. It is possible that no managed fields were found for because other
+// field managers have taken ownership of all the fields previously owned by fieldManager, or because
+// the fieldManager never owned fields any fields.
+// serviceCIDR must be a unmodified ServiceCIDR API object that was retrieved from the Kubernetes API.
+// ExtractServiceCIDR provides a way to perform a extract/modify-in-place/apply workflow.
+// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously
+// applied if another fieldManager has updated or force applied any of the previously applied fields.
+// Experimental!
+func ExtractServiceCIDR(serviceCIDR *networkingv1.ServiceCIDR, fieldManager string) (*ServiceCIDRApplyConfiguration, error) {
+	return extractServiceCIDR(serviceCIDR, fieldManager, "")
+}
+
+// ExtractServiceCIDRStatus is the same as ExtractServiceCIDR except
+// that it extracts the status subresource applied configuration.
+// Experimental!
+func ExtractServiceCIDRStatus(serviceCIDR *networkingv1.ServiceCIDR, fieldManager string) (*ServiceCIDRApplyConfiguration, error) {
+	return extractServiceCIDR(serviceCIDR, fieldManager, "status")
+}
+
+func extractServiceCIDR(serviceCIDR *networkingv1.ServiceCIDR, fieldManager string, subresource string) (*ServiceCIDRApplyConfiguration, error) {
+	b := &ServiceCIDRApplyConfiguration{}
+	err := managedfields.ExtractInto(serviceCIDR, internal.Parser().Type("io.k8s.api.networking.v1.ServiceCIDR"), fieldManager, b, subresource)
+	if err != nil {
+		return nil, err
+	}
+	b.WithName(serviceCIDR.Name)
+
+	b.WithKind("ServiceCIDR")
+	b.WithAPIVersion("networking.k8s.io/v1")
+	return b, nil
+}
+
+// WithKind sets the Kind field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Kind field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithKind(value string) *ServiceCIDRApplyConfiguration {
+	b.TypeMetaApplyConfiguration.Kind = &value
+	return b
+}
+
+// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the APIVersion field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithAPIVersion(value string) *ServiceCIDRApplyConfiguration {
+	b.TypeMetaApplyConfiguration.APIVersion = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithName(value string) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Name = &value
+	return b
+}
+
+// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the GenerateName field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithGenerateName(value string) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.GenerateName = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithNamespace(value string) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Namespace = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithUID(value types.UID) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.UID = &value
+	return b
+}
+
+// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceVersion field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithResourceVersion(value string) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.ResourceVersion = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithGeneration(value int64) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Generation = &value
+	return b
+}
+
+// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CreationTimestamp field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithCreationTimestamp(value apismetav1.Time) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.CreationTimestamp = &value
+	return b
+}
+
+// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithDeletionTimestamp(value apismetav1.Time) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value
+	return b
+}
+
+// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value
+	return b
+}
+
+// WithLabels puts the entries into the Labels field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Labels field,
+// overwriting an existing map entries in Labels field with the same key.
+func (b *ServiceCIDRApplyConfiguration) WithLabels(entries map[string]string) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Labels[k] = v
+	}
+	return b
+}
+
+// WithAnnotations puts the entries into the Annotations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Annotations field,
+// overwriting an existing map entries in Annotations field with the same key.
+func (b *ServiceCIDRApplyConfiguration) WithAnnotations(entries map[string]string) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Annotations[k] = v
+	}
+	return b
+}
+
+// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
+func (b *ServiceCIDRApplyConfiguration) WithOwnerReferences(values ...*metav1.OwnerReferenceApplyConfiguration) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithOwnerReferences")
+		}
+		b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i])
+	}
+	return b
+}
+
+// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Finalizers field.
+func (b *ServiceCIDRApplyConfiguration) WithFinalizers(values ...string) *ServiceCIDRApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i])
+	}
+	return b
+}
+
+func (b *ServiceCIDRApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
+	if b.ObjectMetaApplyConfiguration == nil {
+		b.ObjectMetaApplyConfiguration = &metav1.ObjectMetaApplyConfiguration{}
+	}
+}
+
+// WithSpec sets the Spec field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Spec field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithSpec(value *ServiceCIDRSpecApplyConfiguration) *ServiceCIDRApplyConfiguration {
+	b.Spec = value
+	return b
+}
+
+// WithStatus sets the Status field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Status field is set to the value of the last call.
+func (b *ServiceCIDRApplyConfiguration) WithStatus(value *ServiceCIDRStatusApplyConfiguration) *ServiceCIDRApplyConfiguration {
+	b.Status = value
+	return b
+}
+
+// GetName retrieves the value of the Name field in the declarative configuration.
+func (b *ServiceCIDRApplyConfiguration) GetName() *string {
+	b.ensureObjectMetaApplyConfigurationExists()
+	return b.ObjectMetaApplyConfiguration.Name
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/networking/v1/servicecidrspec.go b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/servicecidrspec.go
new file mode 100644
index 0000000000..f84b7ba1e0
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/servicecidrspec.go
@@ -0,0 +1,41 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1
+
+// ServiceCIDRSpecApplyConfiguration represents a declarative configuration of the ServiceCIDRSpec type for use
+// with apply.
+type ServiceCIDRSpecApplyConfiguration struct {
+	CIDRs []string `json:"cidrs,omitempty"`
+}
+
+// ServiceCIDRSpecApplyConfiguration constructs a declarative configuration of the ServiceCIDRSpec type for use with
+// apply.
+func ServiceCIDRSpec() *ServiceCIDRSpecApplyConfiguration {
+	return &ServiceCIDRSpecApplyConfiguration{}
+}
+
+// WithCIDRs adds the given value to the CIDRs field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the CIDRs field.
+func (b *ServiceCIDRSpecApplyConfiguration) WithCIDRs(values ...string) *ServiceCIDRSpecApplyConfiguration {
+	for i := range values {
+		b.CIDRs = append(b.CIDRs, values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/networking/v1/servicecidrstatus.go b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/servicecidrstatus.go
new file mode 100644
index 0000000000..9e3d52ae8b
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/networking/v1/servicecidrstatus.go
@@ -0,0 +1,48 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	metav1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// ServiceCIDRStatusApplyConfiguration represents a declarative configuration of the ServiceCIDRStatus type for use
+// with apply.
+type ServiceCIDRStatusApplyConfiguration struct {
+	Conditions []metav1.ConditionApplyConfiguration `json:"conditions,omitempty"`
+}
+
+// ServiceCIDRStatusApplyConfiguration constructs a declarative configuration of the ServiceCIDRStatus type for use with
+// apply.
+func ServiceCIDRStatus() *ServiceCIDRStatusApplyConfiguration {
+	return &ServiceCIDRStatusApplyConfiguration{}
+}
+
+// WithConditions adds the given value to the Conditions field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Conditions field.
+func (b *ServiceCIDRStatusApplyConfiguration) WithConditions(values ...*metav1.ConditionApplyConfiguration) *ServiceCIDRStatusApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithConditions")
+		}
+		b.Conditions = append(b.Conditions, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/basicdevice.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/basicdevice.go
index b58e432947..382ed2a22a 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/basicdevice.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/basicdevice.go
@@ -21,13 +21,19 @@ package v1alpha3
 import (
 	resourcev1alpha3 "k8s.io/api/resource/v1alpha3"
 	resource "k8s.io/apimachinery/pkg/api/resource"
+	v1 "k8s.io/client-go/applyconfigurations/core/v1"
 )
 
 // BasicDeviceApplyConfiguration represents a declarative configuration of the BasicDevice type for use
 // with apply.
 type BasicDeviceApplyConfiguration struct {
-	Attributes map[resourcev1alpha3.QualifiedName]DeviceAttributeApplyConfiguration `json:"attributes,omitempty"`
-	Capacity   map[resourcev1alpha3.QualifiedName]resource.Quantity                 `json:"capacity,omitempty"`
+	Attributes       map[resourcev1alpha3.QualifiedName]DeviceAttributeApplyConfiguration `json:"attributes,omitempty"`
+	Capacity         map[resourcev1alpha3.QualifiedName]resource.Quantity                 `json:"capacity,omitempty"`
+	ConsumesCounters []DeviceCounterConsumptionApplyConfiguration                         `json:"consumesCounters,omitempty"`
+	NodeName         *string                                                              `json:"nodeName,omitempty"`
+	NodeSelector     *v1.NodeSelectorApplyConfiguration                                   `json:"nodeSelector,omitempty"`
+	AllNodes         *bool                                                                `json:"allNodes,omitempty"`
+	Taints           []DeviceTaintApplyConfiguration                                      `json:"taints,omitempty"`
 }
 
 // BasicDeviceApplyConfiguration constructs a declarative configuration of the BasicDevice type for use with
@@ -63,3 +69,53 @@ func (b *BasicDeviceApplyConfiguration) WithCapacity(entries map[resourcev1alpha
 	}
 	return b
 }
+
+// WithConsumesCounters adds the given value to the ConsumesCounters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the ConsumesCounters field.
+func (b *BasicDeviceApplyConfiguration) WithConsumesCounters(values ...*DeviceCounterConsumptionApplyConfiguration) *BasicDeviceApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithConsumesCounters")
+		}
+		b.ConsumesCounters = append(b.ConsumesCounters, *values[i])
+	}
+	return b
+}
+
+// WithNodeName sets the NodeName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeName field is set to the value of the last call.
+func (b *BasicDeviceApplyConfiguration) WithNodeName(value string) *BasicDeviceApplyConfiguration {
+	b.NodeName = &value
+	return b
+}
+
+// WithNodeSelector sets the NodeSelector field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeSelector field is set to the value of the last call.
+func (b *BasicDeviceApplyConfiguration) WithNodeSelector(value *v1.NodeSelectorApplyConfiguration) *BasicDeviceApplyConfiguration {
+	b.NodeSelector = value
+	return b
+}
+
+// WithAllNodes sets the AllNodes field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the AllNodes field is set to the value of the last call.
+func (b *BasicDeviceApplyConfiguration) WithAllNodes(value bool) *BasicDeviceApplyConfiguration {
+	b.AllNodes = &value
+	return b
+}
+
+// WithTaints adds the given value to the Taints field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Taints field.
+func (b *BasicDeviceApplyConfiguration) WithTaints(values ...*DeviceTaintApplyConfiguration) *BasicDeviceApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTaints")
+		}
+		b.Taints = append(b.Taints, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/counter.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/counter.go
new file mode 100644
index 0000000000..10a752ee05
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/counter.go
@@ -0,0 +1,43 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1alpha3
+
+import (
+	resource "k8s.io/apimachinery/pkg/api/resource"
+)
+
+// CounterApplyConfiguration represents a declarative configuration of the Counter type for use
+// with apply.
+type CounterApplyConfiguration struct {
+	Value *resource.Quantity `json:"value,omitempty"`
+}
+
+// CounterApplyConfiguration constructs a declarative configuration of the Counter type for use with
+// apply.
+func Counter() *CounterApplyConfiguration {
+	return &CounterApplyConfiguration{}
+}
+
+// WithValue sets the Value field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Value field is set to the value of the last call.
+func (b *CounterApplyConfiguration) WithValue(value resource.Quantity) *CounterApplyConfiguration {
+	b.Value = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/counterset.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/counterset.go
new file mode 100644
index 0000000000..aa917c6ff8
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/counterset.go
@@ -0,0 +1,54 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1alpha3
+
+// CounterSetApplyConfiguration represents a declarative configuration of the CounterSet type for use
+// with apply.
+type CounterSetApplyConfiguration struct {
+	Name     *string                              `json:"name,omitempty"`
+	Counters map[string]CounterApplyConfiguration `json:"counters,omitempty"`
+}
+
+// CounterSetApplyConfiguration constructs a declarative configuration of the CounterSet type for use with
+// apply.
+func CounterSet() *CounterSetApplyConfiguration {
+	return &CounterSetApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *CounterSetApplyConfiguration) WithName(value string) *CounterSetApplyConfiguration {
+	b.Name = &value
+	return b
+}
+
+// WithCounters puts the entries into the Counters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Counters field,
+// overwriting an existing map entries in Counters field with the same key.
+func (b *CounterSetApplyConfiguration) WithCounters(entries map[string]CounterApplyConfiguration) *CounterSetApplyConfiguration {
+	if b.Counters == nil && len(entries) > 0 {
+		b.Counters = make(map[string]CounterApplyConfiguration, len(entries))
+	}
+	for k, v := range entries {
+		b.Counters[k] = v
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicecounterconsumption.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicecounterconsumption.go
new file mode 100644
index 0000000000..53deb747eb
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicecounterconsumption.go
@@ -0,0 +1,54 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1alpha3
+
+// DeviceCounterConsumptionApplyConfiguration represents a declarative configuration of the DeviceCounterConsumption type for use
+// with apply.
+type DeviceCounterConsumptionApplyConfiguration struct {
+	CounterSet *string                              `json:"counterSet,omitempty"`
+	Counters   map[string]CounterApplyConfiguration `json:"counters,omitempty"`
+}
+
+// DeviceCounterConsumptionApplyConfiguration constructs a declarative configuration of the DeviceCounterConsumption type for use with
+// apply.
+func DeviceCounterConsumption() *DeviceCounterConsumptionApplyConfiguration {
+	return &DeviceCounterConsumptionApplyConfiguration{}
+}
+
+// WithCounterSet sets the CounterSet field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CounterSet field is set to the value of the last call.
+func (b *DeviceCounterConsumptionApplyConfiguration) WithCounterSet(value string) *DeviceCounterConsumptionApplyConfiguration {
+	b.CounterSet = &value
+	return b
+}
+
+// WithCounters puts the entries into the Counters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Counters field,
+// overwriting an existing map entries in Counters field with the same key.
+func (b *DeviceCounterConsumptionApplyConfiguration) WithCounters(entries map[string]CounterApplyConfiguration) *DeviceCounterConsumptionApplyConfiguration {
+	if b.Counters == nil && len(entries) > 0 {
+		b.Counters = make(map[string]CounterApplyConfiguration, len(entries))
+	}
+	for k, v := range entries {
+		b.Counters[k] = v
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicerequest.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicerequest.go
index e5c87efe47..bff72a3f59 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicerequest.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicerequest.go
@@ -31,6 +31,8 @@ type DeviceRequestApplyConfiguration struct {
 	AllocationMode  *resourcev1alpha3.DeviceAllocationMode `json:"allocationMode,omitempty"`
 	Count           *int64                                 `json:"count,omitempty"`
 	AdminAccess     *bool                                  `json:"adminAccess,omitempty"`
+	FirstAvailable  []DeviceSubRequestApplyConfiguration   `json:"firstAvailable,omitempty"`
+	Tolerations     []DeviceTolerationApplyConfiguration   `json:"tolerations,omitempty"`
 }
 
 // DeviceRequestApplyConfiguration constructs a declarative configuration of the DeviceRequest type for use with
@@ -91,3 +93,29 @@ func (b *DeviceRequestApplyConfiguration) WithAdminAccess(value bool) *DeviceReq
 	b.AdminAccess = &value
 	return b
 }
+
+// WithFirstAvailable adds the given value to the FirstAvailable field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the FirstAvailable field.
+func (b *DeviceRequestApplyConfiguration) WithFirstAvailable(values ...*DeviceSubRequestApplyConfiguration) *DeviceRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithFirstAvailable")
+		}
+		b.FirstAvailable = append(b.FirstAvailable, *values[i])
+	}
+	return b
+}
+
+// WithTolerations adds the given value to the Tolerations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Tolerations field.
+func (b *DeviceRequestApplyConfiguration) WithTolerations(values ...*DeviceTolerationApplyConfiguration) *DeviceRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTolerations")
+		}
+		b.Tolerations = append(b.Tolerations, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicerequestallocationresult.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicerequestallocationresult.go
index 4c3cffcf46..ec8c78e2e5 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicerequestallocationresult.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicerequestallocationresult.go
@@ -21,11 +21,12 @@ package v1alpha3
 // DeviceRequestAllocationResultApplyConfiguration represents a declarative configuration of the DeviceRequestAllocationResult type for use
 // with apply.
 type DeviceRequestAllocationResultApplyConfiguration struct {
-	Request     *string `json:"request,omitempty"`
-	Driver      *string `json:"driver,omitempty"`
-	Pool        *string `json:"pool,omitempty"`
-	Device      *string `json:"device,omitempty"`
-	AdminAccess *bool   `json:"adminAccess,omitempty"`
+	Request     *string                              `json:"request,omitempty"`
+	Driver      *string                              `json:"driver,omitempty"`
+	Pool        *string                              `json:"pool,omitempty"`
+	Device      *string                              `json:"device,omitempty"`
+	AdminAccess *bool                                `json:"adminAccess,omitempty"`
+	Tolerations []DeviceTolerationApplyConfiguration `json:"tolerations,omitempty"`
 }
 
 // DeviceRequestAllocationResultApplyConfiguration constructs a declarative configuration of the DeviceRequestAllocationResult type for use with
@@ -73,3 +74,16 @@ func (b *DeviceRequestAllocationResultApplyConfiguration) WithAdminAccess(value
 	b.AdminAccess = &value
 	return b
 }
+
+// WithTolerations adds the given value to the Tolerations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Tolerations field.
+func (b *DeviceRequestAllocationResultApplyConfiguration) WithTolerations(values ...*DeviceTolerationApplyConfiguration) *DeviceRequestAllocationResultApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTolerations")
+		}
+		b.Tolerations = append(b.Tolerations, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicesubrequest.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicesubrequest.go
new file mode 100644
index 0000000000..249dcd1f27
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicesubrequest.go
@@ -0,0 +1,98 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1alpha3
+
+import (
+	resourcev1alpha3 "k8s.io/api/resource/v1alpha3"
+)
+
+// DeviceSubRequestApplyConfiguration represents a declarative configuration of the DeviceSubRequest type for use
+// with apply.
+type DeviceSubRequestApplyConfiguration struct {
+	Name            *string                                `json:"name,omitempty"`
+	DeviceClassName *string                                `json:"deviceClassName,omitempty"`
+	Selectors       []DeviceSelectorApplyConfiguration     `json:"selectors,omitempty"`
+	AllocationMode  *resourcev1alpha3.DeviceAllocationMode `json:"allocationMode,omitempty"`
+	Count           *int64                                 `json:"count,omitempty"`
+	Tolerations     []DeviceTolerationApplyConfiguration   `json:"tolerations,omitempty"`
+}
+
+// DeviceSubRequestApplyConfiguration constructs a declarative configuration of the DeviceSubRequest type for use with
+// apply.
+func DeviceSubRequest() *DeviceSubRequestApplyConfiguration {
+	return &DeviceSubRequestApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithName(value string) *DeviceSubRequestApplyConfiguration {
+	b.Name = &value
+	return b
+}
+
+// WithDeviceClassName sets the DeviceClassName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeviceClassName field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithDeviceClassName(value string) *DeviceSubRequestApplyConfiguration {
+	b.DeviceClassName = &value
+	return b
+}
+
+// WithSelectors adds the given value to the Selectors field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Selectors field.
+func (b *DeviceSubRequestApplyConfiguration) WithSelectors(values ...*DeviceSelectorApplyConfiguration) *DeviceSubRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithSelectors")
+		}
+		b.Selectors = append(b.Selectors, *values[i])
+	}
+	return b
+}
+
+// WithAllocationMode sets the AllocationMode field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the AllocationMode field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithAllocationMode(value resourcev1alpha3.DeviceAllocationMode) *DeviceSubRequestApplyConfiguration {
+	b.AllocationMode = &value
+	return b
+}
+
+// WithCount sets the Count field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Count field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithCount(value int64) *DeviceSubRequestApplyConfiguration {
+	b.Count = &value
+	return b
+}
+
+// WithTolerations adds the given value to the Tolerations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Tolerations field.
+func (b *DeviceSubRequestApplyConfiguration) WithTolerations(values ...*DeviceTolerationApplyConfiguration) *DeviceSubRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTolerations")
+		}
+		b.Tolerations = append(b.Tolerations, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaint.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaint.go
new file mode 100644
index 0000000000..0dcd9a58c3
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaint.go
@@ -0,0 +1,71 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1alpha3
+
+import (
+	resourcev1alpha3 "k8s.io/api/resource/v1alpha3"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// DeviceTaintApplyConfiguration represents a declarative configuration of the DeviceTaint type for use
+// with apply.
+type DeviceTaintApplyConfiguration struct {
+	Key       *string                             `json:"key,omitempty"`
+	Value     *string                             `json:"value,omitempty"`
+	Effect    *resourcev1alpha3.DeviceTaintEffect `json:"effect,omitempty"`
+	TimeAdded *v1.Time                            `json:"timeAdded,omitempty"`
+}
+
+// DeviceTaintApplyConfiguration constructs a declarative configuration of the DeviceTaint type for use with
+// apply.
+func DeviceTaint() *DeviceTaintApplyConfiguration {
+	return &DeviceTaintApplyConfiguration{}
+}
+
+// WithKey sets the Key field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Key field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithKey(value string) *DeviceTaintApplyConfiguration {
+	b.Key = &value
+	return b
+}
+
+// WithValue sets the Value field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Value field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithValue(value string) *DeviceTaintApplyConfiguration {
+	b.Value = &value
+	return b
+}
+
+// WithEffect sets the Effect field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Effect field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithEffect(value resourcev1alpha3.DeviceTaintEffect) *DeviceTaintApplyConfiguration {
+	b.Effect = &value
+	return b
+}
+
+// WithTimeAdded sets the TimeAdded field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TimeAdded field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithTimeAdded(value v1.Time) *DeviceTaintApplyConfiguration {
+	b.TimeAdded = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaintrule.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaintrule.go
new file mode 100644
index 0000000000..d4f84399a3
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaintrule.go
@@ -0,0 +1,253 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1alpha3
+
+import (
+	resourcev1alpha3 "k8s.io/api/resource/v1alpha3"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	managedfields "k8s.io/apimachinery/pkg/util/managedfields"
+	internal "k8s.io/client-go/applyconfigurations/internal"
+	v1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// DeviceTaintRuleApplyConfiguration represents a declarative configuration of the DeviceTaintRule type for use
+// with apply.
+type DeviceTaintRuleApplyConfiguration struct {
+	v1.TypeMetaApplyConfiguration    `json:",inline"`
+	*v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
+	Spec                             *DeviceTaintRuleSpecApplyConfiguration `json:"spec,omitempty"`
+}
+
+// DeviceTaintRule constructs a declarative configuration of the DeviceTaintRule type for use with
+// apply.
+func DeviceTaintRule(name string) *DeviceTaintRuleApplyConfiguration {
+	b := &DeviceTaintRuleApplyConfiguration{}
+	b.WithName(name)
+	b.WithKind("DeviceTaintRule")
+	b.WithAPIVersion("resource.k8s.io/v1alpha3")
+	return b
+}
+
+// ExtractDeviceTaintRule extracts the applied configuration owned by fieldManager from
+// deviceTaintRule. If no managedFields are found in deviceTaintRule for fieldManager, a
+// DeviceTaintRuleApplyConfiguration is returned with only the Name, Namespace (if applicable),
+// APIVersion and Kind populated. It is possible that no managed fields were found for because other
+// field managers have taken ownership of all the fields previously owned by fieldManager, or because
+// the fieldManager never owned fields any fields.
+// deviceTaintRule must be a unmodified DeviceTaintRule API object that was retrieved from the Kubernetes API.
+// ExtractDeviceTaintRule provides a way to perform a extract/modify-in-place/apply workflow.
+// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously
+// applied if another fieldManager has updated or force applied any of the previously applied fields.
+// Experimental!
+func ExtractDeviceTaintRule(deviceTaintRule *resourcev1alpha3.DeviceTaintRule, fieldManager string) (*DeviceTaintRuleApplyConfiguration, error) {
+	return extractDeviceTaintRule(deviceTaintRule, fieldManager, "")
+}
+
+// ExtractDeviceTaintRuleStatus is the same as ExtractDeviceTaintRule except
+// that it extracts the status subresource applied configuration.
+// Experimental!
+func ExtractDeviceTaintRuleStatus(deviceTaintRule *resourcev1alpha3.DeviceTaintRule, fieldManager string) (*DeviceTaintRuleApplyConfiguration, error) {
+	return extractDeviceTaintRule(deviceTaintRule, fieldManager, "status")
+}
+
+func extractDeviceTaintRule(deviceTaintRule *resourcev1alpha3.DeviceTaintRule, fieldManager string, subresource string) (*DeviceTaintRuleApplyConfiguration, error) {
+	b := &DeviceTaintRuleApplyConfiguration{}
+	err := managedfields.ExtractInto(deviceTaintRule, internal.Parser().Type("io.k8s.api.resource.v1alpha3.DeviceTaintRule"), fieldManager, b, subresource)
+	if err != nil {
+		return nil, err
+	}
+	b.WithName(deviceTaintRule.Name)
+
+	b.WithKind("DeviceTaintRule")
+	b.WithAPIVersion("resource.k8s.io/v1alpha3")
+	return b, nil
+}
+
+// WithKind sets the Kind field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Kind field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithKind(value string) *DeviceTaintRuleApplyConfiguration {
+	b.TypeMetaApplyConfiguration.Kind = &value
+	return b
+}
+
+// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the APIVersion field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithAPIVersion(value string) *DeviceTaintRuleApplyConfiguration {
+	b.TypeMetaApplyConfiguration.APIVersion = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithName(value string) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Name = &value
+	return b
+}
+
+// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the GenerateName field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithGenerateName(value string) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.GenerateName = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithNamespace(value string) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Namespace = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithUID(value types.UID) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.UID = &value
+	return b
+}
+
+// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceVersion field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithResourceVersion(value string) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.ResourceVersion = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithGeneration(value int64) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Generation = &value
+	return b
+}
+
+// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CreationTimestamp field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithCreationTimestamp(value metav1.Time) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.CreationTimestamp = &value
+	return b
+}
+
+// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value
+	return b
+}
+
+// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value
+	return b
+}
+
+// WithLabels puts the entries into the Labels field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Labels field,
+// overwriting an existing map entries in Labels field with the same key.
+func (b *DeviceTaintRuleApplyConfiguration) WithLabels(entries map[string]string) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Labels[k] = v
+	}
+	return b
+}
+
+// WithAnnotations puts the entries into the Annotations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Annotations field,
+// overwriting an existing map entries in Annotations field with the same key.
+func (b *DeviceTaintRuleApplyConfiguration) WithAnnotations(entries map[string]string) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Annotations[k] = v
+	}
+	return b
+}
+
+// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
+func (b *DeviceTaintRuleApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithOwnerReferences")
+		}
+		b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i])
+	}
+	return b
+}
+
+// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Finalizers field.
+func (b *DeviceTaintRuleApplyConfiguration) WithFinalizers(values ...string) *DeviceTaintRuleApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i])
+	}
+	return b
+}
+
+func (b *DeviceTaintRuleApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
+	if b.ObjectMetaApplyConfiguration == nil {
+		b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{}
+	}
+}
+
+// WithSpec sets the Spec field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Spec field is set to the value of the last call.
+func (b *DeviceTaintRuleApplyConfiguration) WithSpec(value *DeviceTaintRuleSpecApplyConfiguration) *DeviceTaintRuleApplyConfiguration {
+	b.Spec = value
+	return b
+}
+
+// GetName retrieves the value of the Name field in the declarative configuration.
+func (b *DeviceTaintRuleApplyConfiguration) GetName() *string {
+	b.ensureObjectMetaApplyConfigurationExists()
+	return b.ObjectMetaApplyConfiguration.Name
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaintrulespec.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaintrulespec.go
new file mode 100644
index 0000000000..a14ada3d45
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaintrulespec.go
@@ -0,0 +1,48 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1alpha3
+
+// DeviceTaintRuleSpecApplyConfiguration represents a declarative configuration of the DeviceTaintRuleSpec type for use
+// with apply.
+type DeviceTaintRuleSpecApplyConfiguration struct {
+	DeviceSelector *DeviceTaintSelectorApplyConfiguration `json:"deviceSelector,omitempty"`
+	Taint          *DeviceTaintApplyConfiguration         `json:"taint,omitempty"`
+}
+
+// DeviceTaintRuleSpecApplyConfiguration constructs a declarative configuration of the DeviceTaintRuleSpec type for use with
+// apply.
+func DeviceTaintRuleSpec() *DeviceTaintRuleSpecApplyConfiguration {
+	return &DeviceTaintRuleSpecApplyConfiguration{}
+}
+
+// WithDeviceSelector sets the DeviceSelector field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeviceSelector field is set to the value of the last call.
+func (b *DeviceTaintRuleSpecApplyConfiguration) WithDeviceSelector(value *DeviceTaintSelectorApplyConfiguration) *DeviceTaintRuleSpecApplyConfiguration {
+	b.DeviceSelector = value
+	return b
+}
+
+// WithTaint sets the Taint field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Taint field is set to the value of the last call.
+func (b *DeviceTaintRuleSpecApplyConfiguration) WithTaint(value *DeviceTaintApplyConfiguration) *DeviceTaintRuleSpecApplyConfiguration {
+	b.Taint = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaintselector.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaintselector.go
new file mode 100644
index 0000000000..aecb2aa245
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetaintselector.go
@@ -0,0 +1,80 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1alpha3
+
+// DeviceTaintSelectorApplyConfiguration represents a declarative configuration of the DeviceTaintSelector type for use
+// with apply.
+type DeviceTaintSelectorApplyConfiguration struct {
+	DeviceClassName *string                            `json:"deviceClassName,omitempty"`
+	Driver          *string                            `json:"driver,omitempty"`
+	Pool            *string                            `json:"pool,omitempty"`
+	Device          *string                            `json:"device,omitempty"`
+	Selectors       []DeviceSelectorApplyConfiguration `json:"selectors,omitempty"`
+}
+
+// DeviceTaintSelectorApplyConfiguration constructs a declarative configuration of the DeviceTaintSelector type for use with
+// apply.
+func DeviceTaintSelector() *DeviceTaintSelectorApplyConfiguration {
+	return &DeviceTaintSelectorApplyConfiguration{}
+}
+
+// WithDeviceClassName sets the DeviceClassName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeviceClassName field is set to the value of the last call.
+func (b *DeviceTaintSelectorApplyConfiguration) WithDeviceClassName(value string) *DeviceTaintSelectorApplyConfiguration {
+	b.DeviceClassName = &value
+	return b
+}
+
+// WithDriver sets the Driver field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Driver field is set to the value of the last call.
+func (b *DeviceTaintSelectorApplyConfiguration) WithDriver(value string) *DeviceTaintSelectorApplyConfiguration {
+	b.Driver = &value
+	return b
+}
+
+// WithPool sets the Pool field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Pool field is set to the value of the last call.
+func (b *DeviceTaintSelectorApplyConfiguration) WithPool(value string) *DeviceTaintSelectorApplyConfiguration {
+	b.Pool = &value
+	return b
+}
+
+// WithDevice sets the Device field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Device field is set to the value of the last call.
+func (b *DeviceTaintSelectorApplyConfiguration) WithDevice(value string) *DeviceTaintSelectorApplyConfiguration {
+	b.Device = &value
+	return b
+}
+
+// WithSelectors adds the given value to the Selectors field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Selectors field.
+func (b *DeviceTaintSelectorApplyConfiguration) WithSelectors(values ...*DeviceSelectorApplyConfiguration) *DeviceTaintSelectorApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithSelectors")
+		}
+		b.Selectors = append(b.Selectors, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetoleration.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetoleration.go
new file mode 100644
index 0000000000..fe4a67419a
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/devicetoleration.go
@@ -0,0 +1,79 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1alpha3
+
+import (
+	resourcev1alpha3 "k8s.io/api/resource/v1alpha3"
+)
+
+// DeviceTolerationApplyConfiguration represents a declarative configuration of the DeviceToleration type for use
+// with apply.
+type DeviceTolerationApplyConfiguration struct {
+	Key               *string                                    `json:"key,omitempty"`
+	Operator          *resourcev1alpha3.DeviceTolerationOperator `json:"operator,omitempty"`
+	Value             *string                                    `json:"value,omitempty"`
+	Effect            *resourcev1alpha3.DeviceTaintEffect        `json:"effect,omitempty"`
+	TolerationSeconds *int64                                     `json:"tolerationSeconds,omitempty"`
+}
+
+// DeviceTolerationApplyConfiguration constructs a declarative configuration of the DeviceToleration type for use with
+// apply.
+func DeviceToleration() *DeviceTolerationApplyConfiguration {
+	return &DeviceTolerationApplyConfiguration{}
+}
+
+// WithKey sets the Key field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Key field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithKey(value string) *DeviceTolerationApplyConfiguration {
+	b.Key = &value
+	return b
+}
+
+// WithOperator sets the Operator field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Operator field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithOperator(value resourcev1alpha3.DeviceTolerationOperator) *DeviceTolerationApplyConfiguration {
+	b.Operator = &value
+	return b
+}
+
+// WithValue sets the Value field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Value field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithValue(value string) *DeviceTolerationApplyConfiguration {
+	b.Value = &value
+	return b
+}
+
+// WithEffect sets the Effect field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Effect field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithEffect(value resourcev1alpha3.DeviceTaintEffect) *DeviceTolerationApplyConfiguration {
+	b.Effect = &value
+	return b
+}
+
+// WithTolerationSeconds sets the TolerationSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TolerationSeconds field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithTolerationSeconds(value int64) *DeviceTolerationApplyConfiguration {
+	b.TolerationSeconds = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/resourceslicespec.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/resourceslicespec.go
index 2ded759073..ec490760f3 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/resourceslicespec.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1alpha3/resourceslicespec.go
@@ -25,12 +25,14 @@ import (
 // ResourceSliceSpecApplyConfiguration represents a declarative configuration of the ResourceSliceSpec type for use
 // with apply.
 type ResourceSliceSpecApplyConfiguration struct {
-	Driver       *string                            `json:"driver,omitempty"`
-	Pool         *ResourcePoolApplyConfiguration    `json:"pool,omitempty"`
-	NodeName     *string                            `json:"nodeName,omitempty"`
-	NodeSelector *v1.NodeSelectorApplyConfiguration `json:"nodeSelector,omitempty"`
-	AllNodes     *bool                              `json:"allNodes,omitempty"`
-	Devices      []DeviceApplyConfiguration         `json:"devices,omitempty"`
+	Driver                 *string                            `json:"driver,omitempty"`
+	Pool                   *ResourcePoolApplyConfiguration    `json:"pool,omitempty"`
+	NodeName               *string                            `json:"nodeName,omitempty"`
+	NodeSelector           *v1.NodeSelectorApplyConfiguration `json:"nodeSelector,omitempty"`
+	AllNodes               *bool                              `json:"allNodes,omitempty"`
+	Devices                []DeviceApplyConfiguration         `json:"devices,omitempty"`
+	PerDeviceNodeSelection *bool                              `json:"perDeviceNodeSelection,omitempty"`
+	SharedCounters         []CounterSetApplyConfiguration     `json:"sharedCounters,omitempty"`
 }
 
 // ResourceSliceSpecApplyConfiguration constructs a declarative configuration of the ResourceSliceSpec type for use with
@@ -91,3 +93,24 @@ func (b *ResourceSliceSpecApplyConfiguration) WithDevices(values ...*DeviceApply
 	}
 	return b
 }
+
+// WithPerDeviceNodeSelection sets the PerDeviceNodeSelection field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the PerDeviceNodeSelection field is set to the value of the last call.
+func (b *ResourceSliceSpecApplyConfiguration) WithPerDeviceNodeSelection(value bool) *ResourceSliceSpecApplyConfiguration {
+	b.PerDeviceNodeSelection = &value
+	return b
+}
+
+// WithSharedCounters adds the given value to the SharedCounters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the SharedCounters field.
+func (b *ResourceSliceSpecApplyConfiguration) WithSharedCounters(values ...*CounterSetApplyConfiguration) *ResourceSliceSpecApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithSharedCounters")
+		}
+		b.SharedCounters = append(b.SharedCounters, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/basicdevice.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/basicdevice.go
index 691a8f15aa..065d0bf4f1 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/basicdevice.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/basicdevice.go
@@ -20,13 +20,19 @@ package v1beta1
 
 import (
 	resourcev1beta1 "k8s.io/api/resource/v1beta1"
+	v1 "k8s.io/client-go/applyconfigurations/core/v1"
 )
 
 // BasicDeviceApplyConfiguration represents a declarative configuration of the BasicDevice type for use
 // with apply.
 type BasicDeviceApplyConfiguration struct {
-	Attributes map[resourcev1beta1.QualifiedName]DeviceAttributeApplyConfiguration `json:"attributes,omitempty"`
-	Capacity   map[resourcev1beta1.QualifiedName]DeviceCapacityApplyConfiguration  `json:"capacity,omitempty"`
+	Attributes       map[resourcev1beta1.QualifiedName]DeviceAttributeApplyConfiguration `json:"attributes,omitempty"`
+	Capacity         map[resourcev1beta1.QualifiedName]DeviceCapacityApplyConfiguration  `json:"capacity,omitempty"`
+	ConsumesCounters []DeviceCounterConsumptionApplyConfiguration                        `json:"consumesCounters,omitempty"`
+	NodeName         *string                                                             `json:"nodeName,omitempty"`
+	NodeSelector     *v1.NodeSelectorApplyConfiguration                                  `json:"nodeSelector,omitempty"`
+	AllNodes         *bool                                                               `json:"allNodes,omitempty"`
+	Taints           []DeviceTaintApplyConfiguration                                     `json:"taints,omitempty"`
 }
 
 // BasicDeviceApplyConfiguration constructs a declarative configuration of the BasicDevice type for use with
@@ -62,3 +68,53 @@ func (b *BasicDeviceApplyConfiguration) WithCapacity(entries map[resourcev1beta1
 	}
 	return b
 }
+
+// WithConsumesCounters adds the given value to the ConsumesCounters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the ConsumesCounters field.
+func (b *BasicDeviceApplyConfiguration) WithConsumesCounters(values ...*DeviceCounterConsumptionApplyConfiguration) *BasicDeviceApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithConsumesCounters")
+		}
+		b.ConsumesCounters = append(b.ConsumesCounters, *values[i])
+	}
+	return b
+}
+
+// WithNodeName sets the NodeName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeName field is set to the value of the last call.
+func (b *BasicDeviceApplyConfiguration) WithNodeName(value string) *BasicDeviceApplyConfiguration {
+	b.NodeName = &value
+	return b
+}
+
+// WithNodeSelector sets the NodeSelector field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeSelector field is set to the value of the last call.
+func (b *BasicDeviceApplyConfiguration) WithNodeSelector(value *v1.NodeSelectorApplyConfiguration) *BasicDeviceApplyConfiguration {
+	b.NodeSelector = value
+	return b
+}
+
+// WithAllNodes sets the AllNodes field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the AllNodes field is set to the value of the last call.
+func (b *BasicDeviceApplyConfiguration) WithAllNodes(value bool) *BasicDeviceApplyConfiguration {
+	b.AllNodes = &value
+	return b
+}
+
+// WithTaints adds the given value to the Taints field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Taints field.
+func (b *BasicDeviceApplyConfiguration) WithTaints(values ...*DeviceTaintApplyConfiguration) *BasicDeviceApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTaints")
+		}
+		b.Taints = append(b.Taints, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/counter.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/counter.go
new file mode 100644
index 0000000000..b33ed99a59
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/counter.go
@@ -0,0 +1,43 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	resource "k8s.io/apimachinery/pkg/api/resource"
+)
+
+// CounterApplyConfiguration represents a declarative configuration of the Counter type for use
+// with apply.
+type CounterApplyConfiguration struct {
+	Value *resource.Quantity `json:"value,omitempty"`
+}
+
+// CounterApplyConfiguration constructs a declarative configuration of the Counter type for use with
+// apply.
+func Counter() *CounterApplyConfiguration {
+	return &CounterApplyConfiguration{}
+}
+
+// WithValue sets the Value field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Value field is set to the value of the last call.
+func (b *CounterApplyConfiguration) WithValue(value resource.Quantity) *CounterApplyConfiguration {
+	b.Value = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/counterset.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/counterset.go
new file mode 100644
index 0000000000..7592fa4d5b
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/counterset.go
@@ -0,0 +1,54 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+// CounterSetApplyConfiguration represents a declarative configuration of the CounterSet type for use
+// with apply.
+type CounterSetApplyConfiguration struct {
+	Name     *string                              `json:"name,omitempty"`
+	Counters map[string]CounterApplyConfiguration `json:"counters,omitempty"`
+}
+
+// CounterSetApplyConfiguration constructs a declarative configuration of the CounterSet type for use with
+// apply.
+func CounterSet() *CounterSetApplyConfiguration {
+	return &CounterSetApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *CounterSetApplyConfiguration) WithName(value string) *CounterSetApplyConfiguration {
+	b.Name = &value
+	return b
+}
+
+// WithCounters puts the entries into the Counters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Counters field,
+// overwriting an existing map entries in Counters field with the same key.
+func (b *CounterSetApplyConfiguration) WithCounters(entries map[string]CounterApplyConfiguration) *CounterSetApplyConfiguration {
+	if b.Counters == nil && len(entries) > 0 {
+		b.Counters = make(map[string]CounterApplyConfiguration, len(entries))
+	}
+	for k, v := range entries {
+		b.Counters[k] = v
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicecounterconsumption.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicecounterconsumption.go
new file mode 100644
index 0000000000..a8a8a5f581
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicecounterconsumption.go
@@ -0,0 +1,54 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+// DeviceCounterConsumptionApplyConfiguration represents a declarative configuration of the DeviceCounterConsumption type for use
+// with apply.
+type DeviceCounterConsumptionApplyConfiguration struct {
+	CounterSet *string                              `json:"counterSet,omitempty"`
+	Counters   map[string]CounterApplyConfiguration `json:"counters,omitempty"`
+}
+
+// DeviceCounterConsumptionApplyConfiguration constructs a declarative configuration of the DeviceCounterConsumption type for use with
+// apply.
+func DeviceCounterConsumption() *DeviceCounterConsumptionApplyConfiguration {
+	return &DeviceCounterConsumptionApplyConfiguration{}
+}
+
+// WithCounterSet sets the CounterSet field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CounterSet field is set to the value of the last call.
+func (b *DeviceCounterConsumptionApplyConfiguration) WithCounterSet(value string) *DeviceCounterConsumptionApplyConfiguration {
+	b.CounterSet = &value
+	return b
+}
+
+// WithCounters puts the entries into the Counters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Counters field,
+// overwriting an existing map entries in Counters field with the same key.
+func (b *DeviceCounterConsumptionApplyConfiguration) WithCounters(entries map[string]CounterApplyConfiguration) *DeviceCounterConsumptionApplyConfiguration {
+	if b.Counters == nil && len(entries) > 0 {
+		b.Counters = make(map[string]CounterApplyConfiguration, len(entries))
+	}
+	for k, v := range entries {
+		b.Counters[k] = v
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicerequest.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicerequest.go
index ea454a275c..1be114f02a 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicerequest.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicerequest.go
@@ -31,6 +31,8 @@ type DeviceRequestApplyConfiguration struct {
 	AllocationMode  *resourcev1beta1.DeviceAllocationMode `json:"allocationMode,omitempty"`
 	Count           *int64                                `json:"count,omitempty"`
 	AdminAccess     *bool                                 `json:"adminAccess,omitempty"`
+	FirstAvailable  []DeviceSubRequestApplyConfiguration  `json:"firstAvailable,omitempty"`
+	Tolerations     []DeviceTolerationApplyConfiguration  `json:"tolerations,omitempty"`
 }
 
 // DeviceRequestApplyConfiguration constructs a declarative configuration of the DeviceRequest type for use with
@@ -91,3 +93,29 @@ func (b *DeviceRequestApplyConfiguration) WithAdminAccess(value bool) *DeviceReq
 	b.AdminAccess = &value
 	return b
 }
+
+// WithFirstAvailable adds the given value to the FirstAvailable field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the FirstAvailable field.
+func (b *DeviceRequestApplyConfiguration) WithFirstAvailable(values ...*DeviceSubRequestApplyConfiguration) *DeviceRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithFirstAvailable")
+		}
+		b.FirstAvailable = append(b.FirstAvailable, *values[i])
+	}
+	return b
+}
+
+// WithTolerations adds the given value to the Tolerations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Tolerations field.
+func (b *DeviceRequestApplyConfiguration) WithTolerations(values ...*DeviceTolerationApplyConfiguration) *DeviceRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTolerations")
+		}
+		b.Tolerations = append(b.Tolerations, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicerequestallocationresult.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicerequestallocationresult.go
index c28eb26ab6..aa207351db 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicerequestallocationresult.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicerequestallocationresult.go
@@ -21,11 +21,12 @@ package v1beta1
 // DeviceRequestAllocationResultApplyConfiguration represents a declarative configuration of the DeviceRequestAllocationResult type for use
 // with apply.
 type DeviceRequestAllocationResultApplyConfiguration struct {
-	Request     *string `json:"request,omitempty"`
-	Driver      *string `json:"driver,omitempty"`
-	Pool        *string `json:"pool,omitempty"`
-	Device      *string `json:"device,omitempty"`
-	AdminAccess *bool   `json:"adminAccess,omitempty"`
+	Request     *string                              `json:"request,omitempty"`
+	Driver      *string                              `json:"driver,omitempty"`
+	Pool        *string                              `json:"pool,omitempty"`
+	Device      *string                              `json:"device,omitempty"`
+	AdminAccess *bool                                `json:"adminAccess,omitempty"`
+	Tolerations []DeviceTolerationApplyConfiguration `json:"tolerations,omitempty"`
 }
 
 // DeviceRequestAllocationResultApplyConfiguration constructs a declarative configuration of the DeviceRequestAllocationResult type for use with
@@ -73,3 +74,16 @@ func (b *DeviceRequestAllocationResultApplyConfiguration) WithAdminAccess(value
 	b.AdminAccess = &value
 	return b
 }
+
+// WithTolerations adds the given value to the Tolerations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Tolerations field.
+func (b *DeviceRequestAllocationResultApplyConfiguration) WithTolerations(values ...*DeviceTolerationApplyConfiguration) *DeviceRequestAllocationResultApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTolerations")
+		}
+		b.Tolerations = append(b.Tolerations, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicesubrequest.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicesubrequest.go
new file mode 100644
index 0000000000..f2ea820013
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicesubrequest.go
@@ -0,0 +1,98 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	resourcev1beta1 "k8s.io/api/resource/v1beta1"
+)
+
+// DeviceSubRequestApplyConfiguration represents a declarative configuration of the DeviceSubRequest type for use
+// with apply.
+type DeviceSubRequestApplyConfiguration struct {
+	Name            *string                               `json:"name,omitempty"`
+	DeviceClassName *string                               `json:"deviceClassName,omitempty"`
+	Selectors       []DeviceSelectorApplyConfiguration    `json:"selectors,omitempty"`
+	AllocationMode  *resourcev1beta1.DeviceAllocationMode `json:"allocationMode,omitempty"`
+	Count           *int64                                `json:"count,omitempty"`
+	Tolerations     []DeviceTolerationApplyConfiguration  `json:"tolerations,omitempty"`
+}
+
+// DeviceSubRequestApplyConfiguration constructs a declarative configuration of the DeviceSubRequest type for use with
+// apply.
+func DeviceSubRequest() *DeviceSubRequestApplyConfiguration {
+	return &DeviceSubRequestApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithName(value string) *DeviceSubRequestApplyConfiguration {
+	b.Name = &value
+	return b
+}
+
+// WithDeviceClassName sets the DeviceClassName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeviceClassName field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithDeviceClassName(value string) *DeviceSubRequestApplyConfiguration {
+	b.DeviceClassName = &value
+	return b
+}
+
+// WithSelectors adds the given value to the Selectors field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Selectors field.
+func (b *DeviceSubRequestApplyConfiguration) WithSelectors(values ...*DeviceSelectorApplyConfiguration) *DeviceSubRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithSelectors")
+		}
+		b.Selectors = append(b.Selectors, *values[i])
+	}
+	return b
+}
+
+// WithAllocationMode sets the AllocationMode field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the AllocationMode field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithAllocationMode(value resourcev1beta1.DeviceAllocationMode) *DeviceSubRequestApplyConfiguration {
+	b.AllocationMode = &value
+	return b
+}
+
+// WithCount sets the Count field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Count field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithCount(value int64) *DeviceSubRequestApplyConfiguration {
+	b.Count = &value
+	return b
+}
+
+// WithTolerations adds the given value to the Tolerations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Tolerations field.
+func (b *DeviceSubRequestApplyConfiguration) WithTolerations(values ...*DeviceTolerationApplyConfiguration) *DeviceSubRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTolerations")
+		}
+		b.Tolerations = append(b.Tolerations, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicetaint.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicetaint.go
new file mode 100644
index 0000000000..bfa826f063
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicetaint.go
@@ -0,0 +1,71 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	resourcev1beta1 "k8s.io/api/resource/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// DeviceTaintApplyConfiguration represents a declarative configuration of the DeviceTaint type for use
+// with apply.
+type DeviceTaintApplyConfiguration struct {
+	Key       *string                            `json:"key,omitempty"`
+	Value     *string                            `json:"value,omitempty"`
+	Effect    *resourcev1beta1.DeviceTaintEffect `json:"effect,omitempty"`
+	TimeAdded *v1.Time                           `json:"timeAdded,omitempty"`
+}
+
+// DeviceTaintApplyConfiguration constructs a declarative configuration of the DeviceTaint type for use with
+// apply.
+func DeviceTaint() *DeviceTaintApplyConfiguration {
+	return &DeviceTaintApplyConfiguration{}
+}
+
+// WithKey sets the Key field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Key field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithKey(value string) *DeviceTaintApplyConfiguration {
+	b.Key = &value
+	return b
+}
+
+// WithValue sets the Value field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Value field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithValue(value string) *DeviceTaintApplyConfiguration {
+	b.Value = &value
+	return b
+}
+
+// WithEffect sets the Effect field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Effect field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithEffect(value resourcev1beta1.DeviceTaintEffect) *DeviceTaintApplyConfiguration {
+	b.Effect = &value
+	return b
+}
+
+// WithTimeAdded sets the TimeAdded field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TimeAdded field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithTimeAdded(value v1.Time) *DeviceTaintApplyConfiguration {
+	b.TimeAdded = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicetoleration.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicetoleration.go
new file mode 100644
index 0000000000..977af67043
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/devicetoleration.go
@@ -0,0 +1,79 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	resourcev1beta1 "k8s.io/api/resource/v1beta1"
+)
+
+// DeviceTolerationApplyConfiguration represents a declarative configuration of the DeviceToleration type for use
+// with apply.
+type DeviceTolerationApplyConfiguration struct {
+	Key               *string                                   `json:"key,omitempty"`
+	Operator          *resourcev1beta1.DeviceTolerationOperator `json:"operator,omitempty"`
+	Value             *string                                   `json:"value,omitempty"`
+	Effect            *resourcev1beta1.DeviceTaintEffect        `json:"effect,omitempty"`
+	TolerationSeconds *int64                                    `json:"tolerationSeconds,omitempty"`
+}
+
+// DeviceTolerationApplyConfiguration constructs a declarative configuration of the DeviceToleration type for use with
+// apply.
+func DeviceToleration() *DeviceTolerationApplyConfiguration {
+	return &DeviceTolerationApplyConfiguration{}
+}
+
+// WithKey sets the Key field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Key field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithKey(value string) *DeviceTolerationApplyConfiguration {
+	b.Key = &value
+	return b
+}
+
+// WithOperator sets the Operator field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Operator field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithOperator(value resourcev1beta1.DeviceTolerationOperator) *DeviceTolerationApplyConfiguration {
+	b.Operator = &value
+	return b
+}
+
+// WithValue sets the Value field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Value field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithValue(value string) *DeviceTolerationApplyConfiguration {
+	b.Value = &value
+	return b
+}
+
+// WithEffect sets the Effect field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Effect field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithEffect(value resourcev1beta1.DeviceTaintEffect) *DeviceTolerationApplyConfiguration {
+	b.Effect = &value
+	return b
+}
+
+// WithTolerationSeconds sets the TolerationSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TolerationSeconds field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithTolerationSeconds(value int64) *DeviceTolerationApplyConfiguration {
+	b.TolerationSeconds = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/resourceslicespec.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/resourceslicespec.go
index 75bbb53c87..6eaae7da85 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/resourceslicespec.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta1/resourceslicespec.go
@@ -25,12 +25,14 @@ import (
 // ResourceSliceSpecApplyConfiguration represents a declarative configuration of the ResourceSliceSpec type for use
 // with apply.
 type ResourceSliceSpecApplyConfiguration struct {
-	Driver       *string                            `json:"driver,omitempty"`
-	Pool         *ResourcePoolApplyConfiguration    `json:"pool,omitempty"`
-	NodeName     *string                            `json:"nodeName,omitempty"`
-	NodeSelector *v1.NodeSelectorApplyConfiguration `json:"nodeSelector,omitempty"`
-	AllNodes     *bool                              `json:"allNodes,omitempty"`
-	Devices      []DeviceApplyConfiguration         `json:"devices,omitempty"`
+	Driver                 *string                            `json:"driver,omitempty"`
+	Pool                   *ResourcePoolApplyConfiguration    `json:"pool,omitempty"`
+	NodeName               *string                            `json:"nodeName,omitempty"`
+	NodeSelector           *v1.NodeSelectorApplyConfiguration `json:"nodeSelector,omitempty"`
+	AllNodes               *bool                              `json:"allNodes,omitempty"`
+	Devices                []DeviceApplyConfiguration         `json:"devices,omitempty"`
+	PerDeviceNodeSelection *bool                              `json:"perDeviceNodeSelection,omitempty"`
+	SharedCounters         []CounterSetApplyConfiguration     `json:"sharedCounters,omitempty"`
 }
 
 // ResourceSliceSpecApplyConfiguration constructs a declarative configuration of the ResourceSliceSpec type for use with
@@ -91,3 +93,24 @@ func (b *ResourceSliceSpecApplyConfiguration) WithDevices(values ...*DeviceApply
 	}
 	return b
 }
+
+// WithPerDeviceNodeSelection sets the PerDeviceNodeSelection field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the PerDeviceNodeSelection field is set to the value of the last call.
+func (b *ResourceSliceSpecApplyConfiguration) WithPerDeviceNodeSelection(value bool) *ResourceSliceSpecApplyConfiguration {
+	b.PerDeviceNodeSelection = &value
+	return b
+}
+
+// WithSharedCounters adds the given value to the SharedCounters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the SharedCounters field.
+func (b *ResourceSliceSpecApplyConfiguration) WithSharedCounters(values ...*CounterSetApplyConfiguration) *ResourceSliceSpecApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithSharedCounters")
+		}
+		b.SharedCounters = append(b.SharedCounters, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/allocateddevicestatus.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/allocateddevicestatus.go
new file mode 100644
index 0000000000..a69cf26eb3
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/allocateddevicestatus.go
@@ -0,0 +1,94 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	v1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// AllocatedDeviceStatusApplyConfiguration represents a declarative configuration of the AllocatedDeviceStatus type for use
+// with apply.
+type AllocatedDeviceStatusApplyConfiguration struct {
+	Driver      *string                              `json:"driver,omitempty"`
+	Pool        *string                              `json:"pool,omitempty"`
+	Device      *string                              `json:"device,omitempty"`
+	Conditions  []v1.ConditionApplyConfiguration     `json:"conditions,omitempty"`
+	Data        *runtime.RawExtension                `json:"data,omitempty"`
+	NetworkData *NetworkDeviceDataApplyConfiguration `json:"networkData,omitempty"`
+}
+
+// AllocatedDeviceStatusApplyConfiguration constructs a declarative configuration of the AllocatedDeviceStatus type for use with
+// apply.
+func AllocatedDeviceStatus() *AllocatedDeviceStatusApplyConfiguration {
+	return &AllocatedDeviceStatusApplyConfiguration{}
+}
+
+// WithDriver sets the Driver field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Driver field is set to the value of the last call.
+func (b *AllocatedDeviceStatusApplyConfiguration) WithDriver(value string) *AllocatedDeviceStatusApplyConfiguration {
+	b.Driver = &value
+	return b
+}
+
+// WithPool sets the Pool field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Pool field is set to the value of the last call.
+func (b *AllocatedDeviceStatusApplyConfiguration) WithPool(value string) *AllocatedDeviceStatusApplyConfiguration {
+	b.Pool = &value
+	return b
+}
+
+// WithDevice sets the Device field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Device field is set to the value of the last call.
+func (b *AllocatedDeviceStatusApplyConfiguration) WithDevice(value string) *AllocatedDeviceStatusApplyConfiguration {
+	b.Device = &value
+	return b
+}
+
+// WithConditions adds the given value to the Conditions field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Conditions field.
+func (b *AllocatedDeviceStatusApplyConfiguration) WithConditions(values ...*v1.ConditionApplyConfiguration) *AllocatedDeviceStatusApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithConditions")
+		}
+		b.Conditions = append(b.Conditions, *values[i])
+	}
+	return b
+}
+
+// WithData sets the Data field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Data field is set to the value of the last call.
+func (b *AllocatedDeviceStatusApplyConfiguration) WithData(value runtime.RawExtension) *AllocatedDeviceStatusApplyConfiguration {
+	b.Data = &value
+	return b
+}
+
+// WithNetworkData sets the NetworkData field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NetworkData field is set to the value of the last call.
+func (b *AllocatedDeviceStatusApplyConfiguration) WithNetworkData(value *NetworkDeviceDataApplyConfiguration) *AllocatedDeviceStatusApplyConfiguration {
+	b.NetworkData = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/allocationresult.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/allocationresult.go
new file mode 100644
index 0000000000..a82b01c967
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/allocationresult.go
@@ -0,0 +1,52 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	v1 "k8s.io/client-go/applyconfigurations/core/v1"
+)
+
+// AllocationResultApplyConfiguration represents a declarative configuration of the AllocationResult type for use
+// with apply.
+type AllocationResultApplyConfiguration struct {
+	Devices      *DeviceAllocationResultApplyConfiguration `json:"devices,omitempty"`
+	NodeSelector *v1.NodeSelectorApplyConfiguration        `json:"nodeSelector,omitempty"`
+}
+
+// AllocationResultApplyConfiguration constructs a declarative configuration of the AllocationResult type for use with
+// apply.
+func AllocationResult() *AllocationResultApplyConfiguration {
+	return &AllocationResultApplyConfiguration{}
+}
+
+// WithDevices sets the Devices field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Devices field is set to the value of the last call.
+func (b *AllocationResultApplyConfiguration) WithDevices(value *DeviceAllocationResultApplyConfiguration) *AllocationResultApplyConfiguration {
+	b.Devices = value
+	return b
+}
+
+// WithNodeSelector sets the NodeSelector field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeSelector field is set to the value of the last call.
+func (b *AllocationResultApplyConfiguration) WithNodeSelector(value *v1.NodeSelectorApplyConfiguration) *AllocationResultApplyConfiguration {
+	b.NodeSelector = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/celdeviceselector.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/celdeviceselector.go
new file mode 100644
index 0000000000..c2c3e52f0e
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/celdeviceselector.go
@@ -0,0 +1,39 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// CELDeviceSelectorApplyConfiguration represents a declarative configuration of the CELDeviceSelector type for use
+// with apply.
+type CELDeviceSelectorApplyConfiguration struct {
+	Expression *string `json:"expression,omitempty"`
+}
+
+// CELDeviceSelectorApplyConfiguration constructs a declarative configuration of the CELDeviceSelector type for use with
+// apply.
+func CELDeviceSelector() *CELDeviceSelectorApplyConfiguration {
+	return &CELDeviceSelectorApplyConfiguration{}
+}
+
+// WithExpression sets the Expression field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Expression field is set to the value of the last call.
+func (b *CELDeviceSelectorApplyConfiguration) WithExpression(value string) *CELDeviceSelectorApplyConfiguration {
+	b.Expression = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/counter.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/counter.go
new file mode 100644
index 0000000000..4afdb9a3a5
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/counter.go
@@ -0,0 +1,43 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resource "k8s.io/apimachinery/pkg/api/resource"
+)
+
+// CounterApplyConfiguration represents a declarative configuration of the Counter type for use
+// with apply.
+type CounterApplyConfiguration struct {
+	Value *resource.Quantity `json:"value,omitempty"`
+}
+
+// CounterApplyConfiguration constructs a declarative configuration of the Counter type for use with
+// apply.
+func Counter() *CounterApplyConfiguration {
+	return &CounterApplyConfiguration{}
+}
+
+// WithValue sets the Value field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Value field is set to the value of the last call.
+func (b *CounterApplyConfiguration) WithValue(value resource.Quantity) *CounterApplyConfiguration {
+	b.Value = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/counterset.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/counterset.go
new file mode 100644
index 0000000000..2882b4ef25
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/counterset.go
@@ -0,0 +1,54 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// CounterSetApplyConfiguration represents a declarative configuration of the CounterSet type for use
+// with apply.
+type CounterSetApplyConfiguration struct {
+	Name     *string                              `json:"name,omitempty"`
+	Counters map[string]CounterApplyConfiguration `json:"counters,omitempty"`
+}
+
+// CounterSetApplyConfiguration constructs a declarative configuration of the CounterSet type for use with
+// apply.
+func CounterSet() *CounterSetApplyConfiguration {
+	return &CounterSetApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *CounterSetApplyConfiguration) WithName(value string) *CounterSetApplyConfiguration {
+	b.Name = &value
+	return b
+}
+
+// WithCounters puts the entries into the Counters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Counters field,
+// overwriting an existing map entries in Counters field with the same key.
+func (b *CounterSetApplyConfiguration) WithCounters(entries map[string]CounterApplyConfiguration) *CounterSetApplyConfiguration {
+	if b.Counters == nil && len(entries) > 0 {
+		b.Counters = make(map[string]CounterApplyConfiguration, len(entries))
+	}
+	for k, v := range entries {
+		b.Counters[k] = v
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/device.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/device.go
new file mode 100644
index 0000000000..a05eb513f7
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/device.go
@@ -0,0 +1,129 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	v1 "k8s.io/client-go/applyconfigurations/core/v1"
+)
+
+// DeviceApplyConfiguration represents a declarative configuration of the Device type for use
+// with apply.
+type DeviceApplyConfiguration struct {
+	Name             *string                                                             `json:"name,omitempty"`
+	Attributes       map[resourcev1beta2.QualifiedName]DeviceAttributeApplyConfiguration `json:"attributes,omitempty"`
+	Capacity         map[resourcev1beta2.QualifiedName]DeviceCapacityApplyConfiguration  `json:"capacity,omitempty"`
+	ConsumesCounters []DeviceCounterConsumptionApplyConfiguration                        `json:"consumesCounters,omitempty"`
+	NodeName         *string                                                             `json:"nodeName,omitempty"`
+	NodeSelector     *v1.NodeSelectorApplyConfiguration                                  `json:"nodeSelector,omitempty"`
+	AllNodes         *bool                                                               `json:"allNodes,omitempty"`
+	Taints           []DeviceTaintApplyConfiguration                                     `json:"taints,omitempty"`
+}
+
+// DeviceApplyConfiguration constructs a declarative configuration of the Device type for use with
+// apply.
+func Device() *DeviceApplyConfiguration {
+	return &DeviceApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *DeviceApplyConfiguration) WithName(value string) *DeviceApplyConfiguration {
+	b.Name = &value
+	return b
+}
+
+// WithAttributes puts the entries into the Attributes field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Attributes field,
+// overwriting an existing map entries in Attributes field with the same key.
+func (b *DeviceApplyConfiguration) WithAttributes(entries map[resourcev1beta2.QualifiedName]DeviceAttributeApplyConfiguration) *DeviceApplyConfiguration {
+	if b.Attributes == nil && len(entries) > 0 {
+		b.Attributes = make(map[resourcev1beta2.QualifiedName]DeviceAttributeApplyConfiguration, len(entries))
+	}
+	for k, v := range entries {
+		b.Attributes[k] = v
+	}
+	return b
+}
+
+// WithCapacity puts the entries into the Capacity field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Capacity field,
+// overwriting an existing map entries in Capacity field with the same key.
+func (b *DeviceApplyConfiguration) WithCapacity(entries map[resourcev1beta2.QualifiedName]DeviceCapacityApplyConfiguration) *DeviceApplyConfiguration {
+	if b.Capacity == nil && len(entries) > 0 {
+		b.Capacity = make(map[resourcev1beta2.QualifiedName]DeviceCapacityApplyConfiguration, len(entries))
+	}
+	for k, v := range entries {
+		b.Capacity[k] = v
+	}
+	return b
+}
+
+// WithConsumesCounters adds the given value to the ConsumesCounters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the ConsumesCounters field.
+func (b *DeviceApplyConfiguration) WithConsumesCounters(values ...*DeviceCounterConsumptionApplyConfiguration) *DeviceApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithConsumesCounters")
+		}
+		b.ConsumesCounters = append(b.ConsumesCounters, *values[i])
+	}
+	return b
+}
+
+// WithNodeName sets the NodeName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeName field is set to the value of the last call.
+func (b *DeviceApplyConfiguration) WithNodeName(value string) *DeviceApplyConfiguration {
+	b.NodeName = &value
+	return b
+}
+
+// WithNodeSelector sets the NodeSelector field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeSelector field is set to the value of the last call.
+func (b *DeviceApplyConfiguration) WithNodeSelector(value *v1.NodeSelectorApplyConfiguration) *DeviceApplyConfiguration {
+	b.NodeSelector = value
+	return b
+}
+
+// WithAllNodes sets the AllNodes field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the AllNodes field is set to the value of the last call.
+func (b *DeviceApplyConfiguration) WithAllNodes(value bool) *DeviceApplyConfiguration {
+	b.AllNodes = &value
+	return b
+}
+
+// WithTaints adds the given value to the Taints field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Taints field.
+func (b *DeviceApplyConfiguration) WithTaints(values ...*DeviceTaintApplyConfiguration) *DeviceApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTaints")
+		}
+		b.Taints = append(b.Taints, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceallocationconfiguration.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceallocationconfiguration.go
new file mode 100644
index 0000000000..971fe807c8
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceallocationconfiguration.go
@@ -0,0 +1,63 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+)
+
+// DeviceAllocationConfigurationApplyConfiguration represents a declarative configuration of the DeviceAllocationConfiguration type for use
+// with apply.
+type DeviceAllocationConfigurationApplyConfiguration struct {
+	Source                                *resourcev1beta2.AllocationConfigSource `json:"source,omitempty"`
+	Requests                              []string                                `json:"requests,omitempty"`
+	DeviceConfigurationApplyConfiguration `json:",inline"`
+}
+
+// DeviceAllocationConfigurationApplyConfiguration constructs a declarative configuration of the DeviceAllocationConfiguration type for use with
+// apply.
+func DeviceAllocationConfiguration() *DeviceAllocationConfigurationApplyConfiguration {
+	return &DeviceAllocationConfigurationApplyConfiguration{}
+}
+
+// WithSource sets the Source field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Source field is set to the value of the last call.
+func (b *DeviceAllocationConfigurationApplyConfiguration) WithSource(value resourcev1beta2.AllocationConfigSource) *DeviceAllocationConfigurationApplyConfiguration {
+	b.Source = &value
+	return b
+}
+
+// WithRequests adds the given value to the Requests field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Requests field.
+func (b *DeviceAllocationConfigurationApplyConfiguration) WithRequests(values ...string) *DeviceAllocationConfigurationApplyConfiguration {
+	for i := range values {
+		b.Requests = append(b.Requests, values[i])
+	}
+	return b
+}
+
+// WithOpaque sets the Opaque field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Opaque field is set to the value of the last call.
+func (b *DeviceAllocationConfigurationApplyConfiguration) WithOpaque(value *OpaqueDeviceConfigurationApplyConfiguration) *DeviceAllocationConfigurationApplyConfiguration {
+	b.DeviceConfigurationApplyConfiguration.Opaque = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceallocationresult.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceallocationresult.go
new file mode 100644
index 0000000000..5d9f013073
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceallocationresult.go
@@ -0,0 +1,58 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceAllocationResultApplyConfiguration represents a declarative configuration of the DeviceAllocationResult type for use
+// with apply.
+type DeviceAllocationResultApplyConfiguration struct {
+	Results []DeviceRequestAllocationResultApplyConfiguration `json:"results,omitempty"`
+	Config  []DeviceAllocationConfigurationApplyConfiguration `json:"config,omitempty"`
+}
+
+// DeviceAllocationResultApplyConfiguration constructs a declarative configuration of the DeviceAllocationResult type for use with
+// apply.
+func DeviceAllocationResult() *DeviceAllocationResultApplyConfiguration {
+	return &DeviceAllocationResultApplyConfiguration{}
+}
+
+// WithResults adds the given value to the Results field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Results field.
+func (b *DeviceAllocationResultApplyConfiguration) WithResults(values ...*DeviceRequestAllocationResultApplyConfiguration) *DeviceAllocationResultApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithResults")
+		}
+		b.Results = append(b.Results, *values[i])
+	}
+	return b
+}
+
+// WithConfig adds the given value to the Config field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Config field.
+func (b *DeviceAllocationResultApplyConfiguration) WithConfig(values ...*DeviceAllocationConfigurationApplyConfiguration) *DeviceAllocationResultApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithConfig")
+		}
+		b.Config = append(b.Config, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceattribute.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceattribute.go
new file mode 100644
index 0000000000..c5f88c3f78
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceattribute.go
@@ -0,0 +1,66 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceAttributeApplyConfiguration represents a declarative configuration of the DeviceAttribute type for use
+// with apply.
+type DeviceAttributeApplyConfiguration struct {
+	IntValue     *int64  `json:"int,omitempty"`
+	BoolValue    *bool   `json:"bool,omitempty"`
+	StringValue  *string `json:"string,omitempty"`
+	VersionValue *string `json:"version,omitempty"`
+}
+
+// DeviceAttributeApplyConfiguration constructs a declarative configuration of the DeviceAttribute type for use with
+// apply.
+func DeviceAttribute() *DeviceAttributeApplyConfiguration {
+	return &DeviceAttributeApplyConfiguration{}
+}
+
+// WithIntValue sets the IntValue field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the IntValue field is set to the value of the last call.
+func (b *DeviceAttributeApplyConfiguration) WithIntValue(value int64) *DeviceAttributeApplyConfiguration {
+	b.IntValue = &value
+	return b
+}
+
+// WithBoolValue sets the BoolValue field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the BoolValue field is set to the value of the last call.
+func (b *DeviceAttributeApplyConfiguration) WithBoolValue(value bool) *DeviceAttributeApplyConfiguration {
+	b.BoolValue = &value
+	return b
+}
+
+// WithStringValue sets the StringValue field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the StringValue field is set to the value of the last call.
+func (b *DeviceAttributeApplyConfiguration) WithStringValue(value string) *DeviceAttributeApplyConfiguration {
+	b.StringValue = &value
+	return b
+}
+
+// WithVersionValue sets the VersionValue field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the VersionValue field is set to the value of the last call.
+func (b *DeviceAttributeApplyConfiguration) WithVersionValue(value string) *DeviceAttributeApplyConfiguration {
+	b.VersionValue = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicecapacity.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicecapacity.go
new file mode 100644
index 0000000000..f62168cdee
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicecapacity.go
@@ -0,0 +1,43 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resource "k8s.io/apimachinery/pkg/api/resource"
+)
+
+// DeviceCapacityApplyConfiguration represents a declarative configuration of the DeviceCapacity type for use
+// with apply.
+type DeviceCapacityApplyConfiguration struct {
+	Value *resource.Quantity `json:"value,omitempty"`
+}
+
+// DeviceCapacityApplyConfiguration constructs a declarative configuration of the DeviceCapacity type for use with
+// apply.
+func DeviceCapacity() *DeviceCapacityApplyConfiguration {
+	return &DeviceCapacityApplyConfiguration{}
+}
+
+// WithValue sets the Value field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Value field is set to the value of the last call.
+func (b *DeviceCapacityApplyConfiguration) WithValue(value resource.Quantity) *DeviceCapacityApplyConfiguration {
+	b.Value = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclaim.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclaim.go
new file mode 100644
index 0000000000..33af599ac8
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclaim.go
@@ -0,0 +1,72 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceClaimApplyConfiguration represents a declarative configuration of the DeviceClaim type for use
+// with apply.
+type DeviceClaimApplyConfiguration struct {
+	Requests    []DeviceRequestApplyConfiguration            `json:"requests,omitempty"`
+	Constraints []DeviceConstraintApplyConfiguration         `json:"constraints,omitempty"`
+	Config      []DeviceClaimConfigurationApplyConfiguration `json:"config,omitempty"`
+}
+
+// DeviceClaimApplyConfiguration constructs a declarative configuration of the DeviceClaim type for use with
+// apply.
+func DeviceClaim() *DeviceClaimApplyConfiguration {
+	return &DeviceClaimApplyConfiguration{}
+}
+
+// WithRequests adds the given value to the Requests field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Requests field.
+func (b *DeviceClaimApplyConfiguration) WithRequests(values ...*DeviceRequestApplyConfiguration) *DeviceClaimApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithRequests")
+		}
+		b.Requests = append(b.Requests, *values[i])
+	}
+	return b
+}
+
+// WithConstraints adds the given value to the Constraints field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Constraints field.
+func (b *DeviceClaimApplyConfiguration) WithConstraints(values ...*DeviceConstraintApplyConfiguration) *DeviceClaimApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithConstraints")
+		}
+		b.Constraints = append(b.Constraints, *values[i])
+	}
+	return b
+}
+
+// WithConfig adds the given value to the Config field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Config field.
+func (b *DeviceClaimApplyConfiguration) WithConfig(values ...*DeviceClaimConfigurationApplyConfiguration) *DeviceClaimApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithConfig")
+		}
+		b.Config = append(b.Config, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclaimconfiguration.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclaimconfiguration.go
new file mode 100644
index 0000000000..08464b399a
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclaimconfiguration.go
@@ -0,0 +1,50 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceClaimConfigurationApplyConfiguration represents a declarative configuration of the DeviceClaimConfiguration type for use
+// with apply.
+type DeviceClaimConfigurationApplyConfiguration struct {
+	Requests                              []string `json:"requests,omitempty"`
+	DeviceConfigurationApplyConfiguration `json:",inline"`
+}
+
+// DeviceClaimConfigurationApplyConfiguration constructs a declarative configuration of the DeviceClaimConfiguration type for use with
+// apply.
+func DeviceClaimConfiguration() *DeviceClaimConfigurationApplyConfiguration {
+	return &DeviceClaimConfigurationApplyConfiguration{}
+}
+
+// WithRequests adds the given value to the Requests field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Requests field.
+func (b *DeviceClaimConfigurationApplyConfiguration) WithRequests(values ...string) *DeviceClaimConfigurationApplyConfiguration {
+	for i := range values {
+		b.Requests = append(b.Requests, values[i])
+	}
+	return b
+}
+
+// WithOpaque sets the Opaque field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Opaque field is set to the value of the last call.
+func (b *DeviceClaimConfigurationApplyConfiguration) WithOpaque(value *OpaqueDeviceConfigurationApplyConfiguration) *DeviceClaimConfigurationApplyConfiguration {
+	b.DeviceConfigurationApplyConfiguration.Opaque = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclass.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclass.go
new file mode 100644
index 0000000000..a361f331e1
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclass.go
@@ -0,0 +1,253 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	managedfields "k8s.io/apimachinery/pkg/util/managedfields"
+	internal "k8s.io/client-go/applyconfigurations/internal"
+	v1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// DeviceClassApplyConfiguration represents a declarative configuration of the DeviceClass type for use
+// with apply.
+type DeviceClassApplyConfiguration struct {
+	v1.TypeMetaApplyConfiguration    `json:",inline"`
+	*v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
+	Spec                             *DeviceClassSpecApplyConfiguration `json:"spec,omitempty"`
+}
+
+// DeviceClass constructs a declarative configuration of the DeviceClass type for use with
+// apply.
+func DeviceClass(name string) *DeviceClassApplyConfiguration {
+	b := &DeviceClassApplyConfiguration{}
+	b.WithName(name)
+	b.WithKind("DeviceClass")
+	b.WithAPIVersion("resource.k8s.io/v1beta2")
+	return b
+}
+
+// ExtractDeviceClass extracts the applied configuration owned by fieldManager from
+// deviceClass. If no managedFields are found in deviceClass for fieldManager, a
+// DeviceClassApplyConfiguration is returned with only the Name, Namespace (if applicable),
+// APIVersion and Kind populated. It is possible that no managed fields were found for because other
+// field managers have taken ownership of all the fields previously owned by fieldManager, or because
+// the fieldManager never owned fields any fields.
+// deviceClass must be a unmodified DeviceClass API object that was retrieved from the Kubernetes API.
+// ExtractDeviceClass provides a way to perform a extract/modify-in-place/apply workflow.
+// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously
+// applied if another fieldManager has updated or force applied any of the previously applied fields.
+// Experimental!
+func ExtractDeviceClass(deviceClass *resourcev1beta2.DeviceClass, fieldManager string) (*DeviceClassApplyConfiguration, error) {
+	return extractDeviceClass(deviceClass, fieldManager, "")
+}
+
+// ExtractDeviceClassStatus is the same as ExtractDeviceClass except
+// that it extracts the status subresource applied configuration.
+// Experimental!
+func ExtractDeviceClassStatus(deviceClass *resourcev1beta2.DeviceClass, fieldManager string) (*DeviceClassApplyConfiguration, error) {
+	return extractDeviceClass(deviceClass, fieldManager, "status")
+}
+
+func extractDeviceClass(deviceClass *resourcev1beta2.DeviceClass, fieldManager string, subresource string) (*DeviceClassApplyConfiguration, error) {
+	b := &DeviceClassApplyConfiguration{}
+	err := managedfields.ExtractInto(deviceClass, internal.Parser().Type("io.k8s.api.resource.v1beta2.DeviceClass"), fieldManager, b, subresource)
+	if err != nil {
+		return nil, err
+	}
+	b.WithName(deviceClass.Name)
+
+	b.WithKind("DeviceClass")
+	b.WithAPIVersion("resource.k8s.io/v1beta2")
+	return b, nil
+}
+
+// WithKind sets the Kind field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Kind field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithKind(value string) *DeviceClassApplyConfiguration {
+	b.TypeMetaApplyConfiguration.Kind = &value
+	return b
+}
+
+// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the APIVersion field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithAPIVersion(value string) *DeviceClassApplyConfiguration {
+	b.TypeMetaApplyConfiguration.APIVersion = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithName(value string) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Name = &value
+	return b
+}
+
+// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the GenerateName field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithGenerateName(value string) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.GenerateName = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithNamespace(value string) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Namespace = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithUID(value types.UID) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.UID = &value
+	return b
+}
+
+// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceVersion field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithResourceVersion(value string) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.ResourceVersion = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithGeneration(value int64) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Generation = &value
+	return b
+}
+
+// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CreationTimestamp field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithCreationTimestamp(value metav1.Time) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.CreationTimestamp = &value
+	return b
+}
+
+// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value
+	return b
+}
+
+// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value
+	return b
+}
+
+// WithLabels puts the entries into the Labels field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Labels field,
+// overwriting an existing map entries in Labels field with the same key.
+func (b *DeviceClassApplyConfiguration) WithLabels(entries map[string]string) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Labels[k] = v
+	}
+	return b
+}
+
+// WithAnnotations puts the entries into the Annotations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Annotations field,
+// overwriting an existing map entries in Annotations field with the same key.
+func (b *DeviceClassApplyConfiguration) WithAnnotations(entries map[string]string) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Annotations[k] = v
+	}
+	return b
+}
+
+// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
+func (b *DeviceClassApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithOwnerReferences")
+		}
+		b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i])
+	}
+	return b
+}
+
+// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Finalizers field.
+func (b *DeviceClassApplyConfiguration) WithFinalizers(values ...string) *DeviceClassApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i])
+	}
+	return b
+}
+
+func (b *DeviceClassApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
+	if b.ObjectMetaApplyConfiguration == nil {
+		b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{}
+	}
+}
+
+// WithSpec sets the Spec field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Spec field is set to the value of the last call.
+func (b *DeviceClassApplyConfiguration) WithSpec(value *DeviceClassSpecApplyConfiguration) *DeviceClassApplyConfiguration {
+	b.Spec = value
+	return b
+}
+
+// GetName retrieves the value of the Name field in the declarative configuration.
+func (b *DeviceClassApplyConfiguration) GetName() *string {
+	b.ensureObjectMetaApplyConfigurationExists()
+	return b.ObjectMetaApplyConfiguration.Name
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclassconfiguration.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclassconfiguration.go
new file mode 100644
index 0000000000..9044102802
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclassconfiguration.go
@@ -0,0 +1,39 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceClassConfigurationApplyConfiguration represents a declarative configuration of the DeviceClassConfiguration type for use
+// with apply.
+type DeviceClassConfigurationApplyConfiguration struct {
+	DeviceConfigurationApplyConfiguration `json:",inline"`
+}
+
+// DeviceClassConfigurationApplyConfiguration constructs a declarative configuration of the DeviceClassConfiguration type for use with
+// apply.
+func DeviceClassConfiguration() *DeviceClassConfigurationApplyConfiguration {
+	return &DeviceClassConfigurationApplyConfiguration{}
+}
+
+// WithOpaque sets the Opaque field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Opaque field is set to the value of the last call.
+func (b *DeviceClassConfigurationApplyConfiguration) WithOpaque(value *OpaqueDeviceConfigurationApplyConfiguration) *DeviceClassConfigurationApplyConfiguration {
+	b.DeviceConfigurationApplyConfiguration.Opaque = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclassspec.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclassspec.go
new file mode 100644
index 0000000000..c92a83e6b5
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceclassspec.go
@@ -0,0 +1,58 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceClassSpecApplyConfiguration represents a declarative configuration of the DeviceClassSpec type for use
+// with apply.
+type DeviceClassSpecApplyConfiguration struct {
+	Selectors []DeviceSelectorApplyConfiguration           `json:"selectors,omitempty"`
+	Config    []DeviceClassConfigurationApplyConfiguration `json:"config,omitempty"`
+}
+
+// DeviceClassSpecApplyConfiguration constructs a declarative configuration of the DeviceClassSpec type for use with
+// apply.
+func DeviceClassSpec() *DeviceClassSpecApplyConfiguration {
+	return &DeviceClassSpecApplyConfiguration{}
+}
+
+// WithSelectors adds the given value to the Selectors field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Selectors field.
+func (b *DeviceClassSpecApplyConfiguration) WithSelectors(values ...*DeviceSelectorApplyConfiguration) *DeviceClassSpecApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithSelectors")
+		}
+		b.Selectors = append(b.Selectors, *values[i])
+	}
+	return b
+}
+
+// WithConfig adds the given value to the Config field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Config field.
+func (b *DeviceClassSpecApplyConfiguration) WithConfig(values ...*DeviceClassConfigurationApplyConfiguration) *DeviceClassSpecApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithConfig")
+		}
+		b.Config = append(b.Config, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceconfiguration.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceconfiguration.go
new file mode 100644
index 0000000000..2032433f34
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceconfiguration.go
@@ -0,0 +1,39 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceConfigurationApplyConfiguration represents a declarative configuration of the DeviceConfiguration type for use
+// with apply.
+type DeviceConfigurationApplyConfiguration struct {
+	Opaque *OpaqueDeviceConfigurationApplyConfiguration `json:"opaque,omitempty"`
+}
+
+// DeviceConfigurationApplyConfiguration constructs a declarative configuration of the DeviceConfiguration type for use with
+// apply.
+func DeviceConfiguration() *DeviceConfigurationApplyConfiguration {
+	return &DeviceConfigurationApplyConfiguration{}
+}
+
+// WithOpaque sets the Opaque field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Opaque field is set to the value of the last call.
+func (b *DeviceConfigurationApplyConfiguration) WithOpaque(value *OpaqueDeviceConfigurationApplyConfiguration) *DeviceConfigurationApplyConfiguration {
+	b.Opaque = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceconstraint.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceconstraint.go
new file mode 100644
index 0000000000..460ffdd080
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceconstraint.go
@@ -0,0 +1,54 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+)
+
+// DeviceConstraintApplyConfiguration represents a declarative configuration of the DeviceConstraint type for use
+// with apply.
+type DeviceConstraintApplyConfiguration struct {
+	Requests       []string                            `json:"requests,omitempty"`
+	MatchAttribute *resourcev1beta2.FullyQualifiedName `json:"matchAttribute,omitempty"`
+}
+
+// DeviceConstraintApplyConfiguration constructs a declarative configuration of the DeviceConstraint type for use with
+// apply.
+func DeviceConstraint() *DeviceConstraintApplyConfiguration {
+	return &DeviceConstraintApplyConfiguration{}
+}
+
+// WithRequests adds the given value to the Requests field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Requests field.
+func (b *DeviceConstraintApplyConfiguration) WithRequests(values ...string) *DeviceConstraintApplyConfiguration {
+	for i := range values {
+		b.Requests = append(b.Requests, values[i])
+	}
+	return b
+}
+
+// WithMatchAttribute sets the MatchAttribute field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the MatchAttribute field is set to the value of the last call.
+func (b *DeviceConstraintApplyConfiguration) WithMatchAttribute(value resourcev1beta2.FullyQualifiedName) *DeviceConstraintApplyConfiguration {
+	b.MatchAttribute = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicecounterconsumption.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicecounterconsumption.go
new file mode 100644
index 0000000000..9d6d0a8738
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicecounterconsumption.go
@@ -0,0 +1,54 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceCounterConsumptionApplyConfiguration represents a declarative configuration of the DeviceCounterConsumption type for use
+// with apply.
+type DeviceCounterConsumptionApplyConfiguration struct {
+	CounterSet *string                              `json:"counterSet,omitempty"`
+	Counters   map[string]CounterApplyConfiguration `json:"counters,omitempty"`
+}
+
+// DeviceCounterConsumptionApplyConfiguration constructs a declarative configuration of the DeviceCounterConsumption type for use with
+// apply.
+func DeviceCounterConsumption() *DeviceCounterConsumptionApplyConfiguration {
+	return &DeviceCounterConsumptionApplyConfiguration{}
+}
+
+// WithCounterSet sets the CounterSet field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CounterSet field is set to the value of the last call.
+func (b *DeviceCounterConsumptionApplyConfiguration) WithCounterSet(value string) *DeviceCounterConsumptionApplyConfiguration {
+	b.CounterSet = &value
+	return b
+}
+
+// WithCounters puts the entries into the Counters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Counters field,
+// overwriting an existing map entries in Counters field with the same key.
+func (b *DeviceCounterConsumptionApplyConfiguration) WithCounters(entries map[string]CounterApplyConfiguration) *DeviceCounterConsumptionApplyConfiguration {
+	if b.Counters == nil && len(entries) > 0 {
+		b.Counters = make(map[string]CounterApplyConfiguration, len(entries))
+	}
+	for k, v := range entries {
+		b.Counters[k] = v
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicerequest.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicerequest.go
new file mode 100644
index 0000000000..426c974876
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicerequest.go
@@ -0,0 +1,62 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceRequestApplyConfiguration represents a declarative configuration of the DeviceRequest type for use
+// with apply.
+type DeviceRequestApplyConfiguration struct {
+	Name           *string                               `json:"name,omitempty"`
+	Exactly        *ExactDeviceRequestApplyConfiguration `json:"exactly,omitempty"`
+	FirstAvailable []DeviceSubRequestApplyConfiguration  `json:"firstAvailable,omitempty"`
+}
+
+// DeviceRequestApplyConfiguration constructs a declarative configuration of the DeviceRequest type for use with
+// apply.
+func DeviceRequest() *DeviceRequestApplyConfiguration {
+	return &DeviceRequestApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *DeviceRequestApplyConfiguration) WithName(value string) *DeviceRequestApplyConfiguration {
+	b.Name = &value
+	return b
+}
+
+// WithExactly sets the Exactly field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Exactly field is set to the value of the last call.
+func (b *DeviceRequestApplyConfiguration) WithExactly(value *ExactDeviceRequestApplyConfiguration) *DeviceRequestApplyConfiguration {
+	b.Exactly = value
+	return b
+}
+
+// WithFirstAvailable adds the given value to the FirstAvailable field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the FirstAvailable field.
+func (b *DeviceRequestApplyConfiguration) WithFirstAvailable(values ...*DeviceSubRequestApplyConfiguration) *DeviceRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithFirstAvailable")
+		}
+		b.FirstAvailable = append(b.FirstAvailable, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicerequestallocationresult.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicerequestallocationresult.go
new file mode 100644
index 0000000000..ab826812e6
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicerequestallocationresult.go
@@ -0,0 +1,89 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceRequestAllocationResultApplyConfiguration represents a declarative configuration of the DeviceRequestAllocationResult type for use
+// with apply.
+type DeviceRequestAllocationResultApplyConfiguration struct {
+	Request     *string                              `json:"request,omitempty"`
+	Driver      *string                              `json:"driver,omitempty"`
+	Pool        *string                              `json:"pool,omitempty"`
+	Device      *string                              `json:"device,omitempty"`
+	AdminAccess *bool                                `json:"adminAccess,omitempty"`
+	Tolerations []DeviceTolerationApplyConfiguration `json:"tolerations,omitempty"`
+}
+
+// DeviceRequestAllocationResultApplyConfiguration constructs a declarative configuration of the DeviceRequestAllocationResult type for use with
+// apply.
+func DeviceRequestAllocationResult() *DeviceRequestAllocationResultApplyConfiguration {
+	return &DeviceRequestAllocationResultApplyConfiguration{}
+}
+
+// WithRequest sets the Request field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Request field is set to the value of the last call.
+func (b *DeviceRequestAllocationResultApplyConfiguration) WithRequest(value string) *DeviceRequestAllocationResultApplyConfiguration {
+	b.Request = &value
+	return b
+}
+
+// WithDriver sets the Driver field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Driver field is set to the value of the last call.
+func (b *DeviceRequestAllocationResultApplyConfiguration) WithDriver(value string) *DeviceRequestAllocationResultApplyConfiguration {
+	b.Driver = &value
+	return b
+}
+
+// WithPool sets the Pool field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Pool field is set to the value of the last call.
+func (b *DeviceRequestAllocationResultApplyConfiguration) WithPool(value string) *DeviceRequestAllocationResultApplyConfiguration {
+	b.Pool = &value
+	return b
+}
+
+// WithDevice sets the Device field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Device field is set to the value of the last call.
+func (b *DeviceRequestAllocationResultApplyConfiguration) WithDevice(value string) *DeviceRequestAllocationResultApplyConfiguration {
+	b.Device = &value
+	return b
+}
+
+// WithAdminAccess sets the AdminAccess field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the AdminAccess field is set to the value of the last call.
+func (b *DeviceRequestAllocationResultApplyConfiguration) WithAdminAccess(value bool) *DeviceRequestAllocationResultApplyConfiguration {
+	b.AdminAccess = &value
+	return b
+}
+
+// WithTolerations adds the given value to the Tolerations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Tolerations field.
+func (b *DeviceRequestAllocationResultApplyConfiguration) WithTolerations(values ...*DeviceTolerationApplyConfiguration) *DeviceRequestAllocationResultApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTolerations")
+		}
+		b.Tolerations = append(b.Tolerations, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceselector.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceselector.go
new file mode 100644
index 0000000000..fd064e5f6c
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/deviceselector.go
@@ -0,0 +1,39 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceSelectorApplyConfiguration represents a declarative configuration of the DeviceSelector type for use
+// with apply.
+type DeviceSelectorApplyConfiguration struct {
+	CEL *CELDeviceSelectorApplyConfiguration `json:"cel,omitempty"`
+}
+
+// DeviceSelectorApplyConfiguration constructs a declarative configuration of the DeviceSelector type for use with
+// apply.
+func DeviceSelector() *DeviceSelectorApplyConfiguration {
+	return &DeviceSelectorApplyConfiguration{}
+}
+
+// WithCEL sets the CEL field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CEL field is set to the value of the last call.
+func (b *DeviceSelectorApplyConfiguration) WithCEL(value *CELDeviceSelectorApplyConfiguration) *DeviceSelectorApplyConfiguration {
+	b.CEL = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicesubrequest.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicesubrequest.go
new file mode 100644
index 0000000000..aaf8600adf
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicesubrequest.go
@@ -0,0 +1,98 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+)
+
+// DeviceSubRequestApplyConfiguration represents a declarative configuration of the DeviceSubRequest type for use
+// with apply.
+type DeviceSubRequestApplyConfiguration struct {
+	Name            *string                               `json:"name,omitempty"`
+	DeviceClassName *string                               `json:"deviceClassName,omitempty"`
+	Selectors       []DeviceSelectorApplyConfiguration    `json:"selectors,omitempty"`
+	AllocationMode  *resourcev1beta2.DeviceAllocationMode `json:"allocationMode,omitempty"`
+	Count           *int64                                `json:"count,omitempty"`
+	Tolerations     []DeviceTolerationApplyConfiguration  `json:"tolerations,omitempty"`
+}
+
+// DeviceSubRequestApplyConfiguration constructs a declarative configuration of the DeviceSubRequest type for use with
+// apply.
+func DeviceSubRequest() *DeviceSubRequestApplyConfiguration {
+	return &DeviceSubRequestApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithName(value string) *DeviceSubRequestApplyConfiguration {
+	b.Name = &value
+	return b
+}
+
+// WithDeviceClassName sets the DeviceClassName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeviceClassName field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithDeviceClassName(value string) *DeviceSubRequestApplyConfiguration {
+	b.DeviceClassName = &value
+	return b
+}
+
+// WithSelectors adds the given value to the Selectors field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Selectors field.
+func (b *DeviceSubRequestApplyConfiguration) WithSelectors(values ...*DeviceSelectorApplyConfiguration) *DeviceSubRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithSelectors")
+		}
+		b.Selectors = append(b.Selectors, *values[i])
+	}
+	return b
+}
+
+// WithAllocationMode sets the AllocationMode field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the AllocationMode field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithAllocationMode(value resourcev1beta2.DeviceAllocationMode) *DeviceSubRequestApplyConfiguration {
+	b.AllocationMode = &value
+	return b
+}
+
+// WithCount sets the Count field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Count field is set to the value of the last call.
+func (b *DeviceSubRequestApplyConfiguration) WithCount(value int64) *DeviceSubRequestApplyConfiguration {
+	b.Count = &value
+	return b
+}
+
+// WithTolerations adds the given value to the Tolerations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Tolerations field.
+func (b *DeviceSubRequestApplyConfiguration) WithTolerations(values ...*DeviceTolerationApplyConfiguration) *DeviceSubRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTolerations")
+		}
+		b.Tolerations = append(b.Tolerations, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicetaint.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicetaint.go
new file mode 100644
index 0000000000..b21f98a152
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicetaint.go
@@ -0,0 +1,71 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// DeviceTaintApplyConfiguration represents a declarative configuration of the DeviceTaint type for use
+// with apply.
+type DeviceTaintApplyConfiguration struct {
+	Key       *string                            `json:"key,omitempty"`
+	Value     *string                            `json:"value,omitempty"`
+	Effect    *resourcev1beta2.DeviceTaintEffect `json:"effect,omitempty"`
+	TimeAdded *v1.Time                           `json:"timeAdded,omitempty"`
+}
+
+// DeviceTaintApplyConfiguration constructs a declarative configuration of the DeviceTaint type for use with
+// apply.
+func DeviceTaint() *DeviceTaintApplyConfiguration {
+	return &DeviceTaintApplyConfiguration{}
+}
+
+// WithKey sets the Key field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Key field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithKey(value string) *DeviceTaintApplyConfiguration {
+	b.Key = &value
+	return b
+}
+
+// WithValue sets the Value field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Value field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithValue(value string) *DeviceTaintApplyConfiguration {
+	b.Value = &value
+	return b
+}
+
+// WithEffect sets the Effect field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Effect field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithEffect(value resourcev1beta2.DeviceTaintEffect) *DeviceTaintApplyConfiguration {
+	b.Effect = &value
+	return b
+}
+
+// WithTimeAdded sets the TimeAdded field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TimeAdded field is set to the value of the last call.
+func (b *DeviceTaintApplyConfiguration) WithTimeAdded(value v1.Time) *DeviceTaintApplyConfiguration {
+	b.TimeAdded = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicetoleration.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicetoleration.go
new file mode 100644
index 0000000000..ae471233f4
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/devicetoleration.go
@@ -0,0 +1,79 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+)
+
+// DeviceTolerationApplyConfiguration represents a declarative configuration of the DeviceToleration type for use
+// with apply.
+type DeviceTolerationApplyConfiguration struct {
+	Key               *string                                   `json:"key,omitempty"`
+	Operator          *resourcev1beta2.DeviceTolerationOperator `json:"operator,omitempty"`
+	Value             *string                                   `json:"value,omitempty"`
+	Effect            *resourcev1beta2.DeviceTaintEffect        `json:"effect,omitempty"`
+	TolerationSeconds *int64                                    `json:"tolerationSeconds,omitempty"`
+}
+
+// DeviceTolerationApplyConfiguration constructs a declarative configuration of the DeviceToleration type for use with
+// apply.
+func DeviceToleration() *DeviceTolerationApplyConfiguration {
+	return &DeviceTolerationApplyConfiguration{}
+}
+
+// WithKey sets the Key field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Key field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithKey(value string) *DeviceTolerationApplyConfiguration {
+	b.Key = &value
+	return b
+}
+
+// WithOperator sets the Operator field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Operator field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithOperator(value resourcev1beta2.DeviceTolerationOperator) *DeviceTolerationApplyConfiguration {
+	b.Operator = &value
+	return b
+}
+
+// WithValue sets the Value field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Value field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithValue(value string) *DeviceTolerationApplyConfiguration {
+	b.Value = &value
+	return b
+}
+
+// WithEffect sets the Effect field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Effect field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithEffect(value resourcev1beta2.DeviceTaintEffect) *DeviceTolerationApplyConfiguration {
+	b.Effect = &value
+	return b
+}
+
+// WithTolerationSeconds sets the TolerationSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the TolerationSeconds field is set to the value of the last call.
+func (b *DeviceTolerationApplyConfiguration) WithTolerationSeconds(value int64) *DeviceTolerationApplyConfiguration {
+	b.TolerationSeconds = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/exactdevicerequest.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/exactdevicerequest.go
new file mode 100644
index 0000000000..2d7d7155e4
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/exactdevicerequest.go
@@ -0,0 +1,98 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+)
+
+// ExactDeviceRequestApplyConfiguration represents a declarative configuration of the ExactDeviceRequest type for use
+// with apply.
+type ExactDeviceRequestApplyConfiguration struct {
+	DeviceClassName *string                               `json:"deviceClassName,omitempty"`
+	Selectors       []DeviceSelectorApplyConfiguration    `json:"selectors,omitempty"`
+	AllocationMode  *resourcev1beta2.DeviceAllocationMode `json:"allocationMode,omitempty"`
+	Count           *int64                                `json:"count,omitempty"`
+	AdminAccess     *bool                                 `json:"adminAccess,omitempty"`
+	Tolerations     []DeviceTolerationApplyConfiguration  `json:"tolerations,omitempty"`
+}
+
+// ExactDeviceRequestApplyConfiguration constructs a declarative configuration of the ExactDeviceRequest type for use with
+// apply.
+func ExactDeviceRequest() *ExactDeviceRequestApplyConfiguration {
+	return &ExactDeviceRequestApplyConfiguration{}
+}
+
+// WithDeviceClassName sets the DeviceClassName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeviceClassName field is set to the value of the last call.
+func (b *ExactDeviceRequestApplyConfiguration) WithDeviceClassName(value string) *ExactDeviceRequestApplyConfiguration {
+	b.DeviceClassName = &value
+	return b
+}
+
+// WithSelectors adds the given value to the Selectors field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Selectors field.
+func (b *ExactDeviceRequestApplyConfiguration) WithSelectors(values ...*DeviceSelectorApplyConfiguration) *ExactDeviceRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithSelectors")
+		}
+		b.Selectors = append(b.Selectors, *values[i])
+	}
+	return b
+}
+
+// WithAllocationMode sets the AllocationMode field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the AllocationMode field is set to the value of the last call.
+func (b *ExactDeviceRequestApplyConfiguration) WithAllocationMode(value resourcev1beta2.DeviceAllocationMode) *ExactDeviceRequestApplyConfiguration {
+	b.AllocationMode = &value
+	return b
+}
+
+// WithCount sets the Count field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Count field is set to the value of the last call.
+func (b *ExactDeviceRequestApplyConfiguration) WithCount(value int64) *ExactDeviceRequestApplyConfiguration {
+	b.Count = &value
+	return b
+}
+
+// WithAdminAccess sets the AdminAccess field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the AdminAccess field is set to the value of the last call.
+func (b *ExactDeviceRequestApplyConfiguration) WithAdminAccess(value bool) *ExactDeviceRequestApplyConfiguration {
+	b.AdminAccess = &value
+	return b
+}
+
+// WithTolerations adds the given value to the Tolerations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Tolerations field.
+func (b *ExactDeviceRequestApplyConfiguration) WithTolerations(values ...*DeviceTolerationApplyConfiguration) *ExactDeviceRequestApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithTolerations")
+		}
+		b.Tolerations = append(b.Tolerations, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/networkdevicedata.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/networkdevicedata.go
new file mode 100644
index 0000000000..9b0944f8f2
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/networkdevicedata.go
@@ -0,0 +1,59 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// NetworkDeviceDataApplyConfiguration represents a declarative configuration of the NetworkDeviceData type for use
+// with apply.
+type NetworkDeviceDataApplyConfiguration struct {
+	InterfaceName   *string  `json:"interfaceName,omitempty"`
+	IPs             []string `json:"ips,omitempty"`
+	HardwareAddress *string  `json:"hardwareAddress,omitempty"`
+}
+
+// NetworkDeviceDataApplyConfiguration constructs a declarative configuration of the NetworkDeviceData type for use with
+// apply.
+func NetworkDeviceData() *NetworkDeviceDataApplyConfiguration {
+	return &NetworkDeviceDataApplyConfiguration{}
+}
+
+// WithInterfaceName sets the InterfaceName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the InterfaceName field is set to the value of the last call.
+func (b *NetworkDeviceDataApplyConfiguration) WithInterfaceName(value string) *NetworkDeviceDataApplyConfiguration {
+	b.InterfaceName = &value
+	return b
+}
+
+// WithIPs adds the given value to the IPs field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the IPs field.
+func (b *NetworkDeviceDataApplyConfiguration) WithIPs(values ...string) *NetworkDeviceDataApplyConfiguration {
+	for i := range values {
+		b.IPs = append(b.IPs, values[i])
+	}
+	return b
+}
+
+// WithHardwareAddress sets the HardwareAddress field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the HardwareAddress field is set to the value of the last call.
+func (b *NetworkDeviceDataApplyConfiguration) WithHardwareAddress(value string) *NetworkDeviceDataApplyConfiguration {
+	b.HardwareAddress = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/opaquedeviceconfiguration.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/opaquedeviceconfiguration.go
new file mode 100644
index 0000000000..aa8fe43f3e
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/opaquedeviceconfiguration.go
@@ -0,0 +1,52 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// OpaqueDeviceConfigurationApplyConfiguration represents a declarative configuration of the OpaqueDeviceConfiguration type for use
+// with apply.
+type OpaqueDeviceConfigurationApplyConfiguration struct {
+	Driver     *string               `json:"driver,omitempty"`
+	Parameters *runtime.RawExtension `json:"parameters,omitempty"`
+}
+
+// OpaqueDeviceConfigurationApplyConfiguration constructs a declarative configuration of the OpaqueDeviceConfiguration type for use with
+// apply.
+func OpaqueDeviceConfiguration() *OpaqueDeviceConfigurationApplyConfiguration {
+	return &OpaqueDeviceConfigurationApplyConfiguration{}
+}
+
+// WithDriver sets the Driver field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Driver field is set to the value of the last call.
+func (b *OpaqueDeviceConfigurationApplyConfiguration) WithDriver(value string) *OpaqueDeviceConfigurationApplyConfiguration {
+	b.Driver = &value
+	return b
+}
+
+// WithParameters sets the Parameters field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Parameters field is set to the value of the last call.
+func (b *OpaqueDeviceConfigurationApplyConfiguration) WithParameters(value runtime.RawExtension) *OpaqueDeviceConfigurationApplyConfiguration {
+	b.Parameters = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaim.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaim.go
new file mode 100644
index 0000000000..65b3a6e0bb
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaim.go
@@ -0,0 +1,264 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	managedfields "k8s.io/apimachinery/pkg/util/managedfields"
+	internal "k8s.io/client-go/applyconfigurations/internal"
+	v1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// ResourceClaimApplyConfiguration represents a declarative configuration of the ResourceClaim type for use
+// with apply.
+type ResourceClaimApplyConfiguration struct {
+	v1.TypeMetaApplyConfiguration    `json:",inline"`
+	*v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
+	Spec                             *ResourceClaimSpecApplyConfiguration   `json:"spec,omitempty"`
+	Status                           *ResourceClaimStatusApplyConfiguration `json:"status,omitempty"`
+}
+
+// ResourceClaim constructs a declarative configuration of the ResourceClaim type for use with
+// apply.
+func ResourceClaim(name, namespace string) *ResourceClaimApplyConfiguration {
+	b := &ResourceClaimApplyConfiguration{}
+	b.WithName(name)
+	b.WithNamespace(namespace)
+	b.WithKind("ResourceClaim")
+	b.WithAPIVersion("resource.k8s.io/v1beta2")
+	return b
+}
+
+// ExtractResourceClaim extracts the applied configuration owned by fieldManager from
+// resourceClaim. If no managedFields are found in resourceClaim for fieldManager, a
+// ResourceClaimApplyConfiguration is returned with only the Name, Namespace (if applicable),
+// APIVersion and Kind populated. It is possible that no managed fields were found for because other
+// field managers have taken ownership of all the fields previously owned by fieldManager, or because
+// the fieldManager never owned fields any fields.
+// resourceClaim must be a unmodified ResourceClaim API object that was retrieved from the Kubernetes API.
+// ExtractResourceClaim provides a way to perform a extract/modify-in-place/apply workflow.
+// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously
+// applied if another fieldManager has updated or force applied any of the previously applied fields.
+// Experimental!
+func ExtractResourceClaim(resourceClaim *resourcev1beta2.ResourceClaim, fieldManager string) (*ResourceClaimApplyConfiguration, error) {
+	return extractResourceClaim(resourceClaim, fieldManager, "")
+}
+
+// ExtractResourceClaimStatus is the same as ExtractResourceClaim except
+// that it extracts the status subresource applied configuration.
+// Experimental!
+func ExtractResourceClaimStatus(resourceClaim *resourcev1beta2.ResourceClaim, fieldManager string) (*ResourceClaimApplyConfiguration, error) {
+	return extractResourceClaim(resourceClaim, fieldManager, "status")
+}
+
+func extractResourceClaim(resourceClaim *resourcev1beta2.ResourceClaim, fieldManager string, subresource string) (*ResourceClaimApplyConfiguration, error) {
+	b := &ResourceClaimApplyConfiguration{}
+	err := managedfields.ExtractInto(resourceClaim, internal.Parser().Type("io.k8s.api.resource.v1beta2.ResourceClaim"), fieldManager, b, subresource)
+	if err != nil {
+		return nil, err
+	}
+	b.WithName(resourceClaim.Name)
+	b.WithNamespace(resourceClaim.Namespace)
+
+	b.WithKind("ResourceClaim")
+	b.WithAPIVersion("resource.k8s.io/v1beta2")
+	return b, nil
+}
+
+// WithKind sets the Kind field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Kind field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithKind(value string) *ResourceClaimApplyConfiguration {
+	b.TypeMetaApplyConfiguration.Kind = &value
+	return b
+}
+
+// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the APIVersion field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithAPIVersion(value string) *ResourceClaimApplyConfiguration {
+	b.TypeMetaApplyConfiguration.APIVersion = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithName(value string) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Name = &value
+	return b
+}
+
+// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the GenerateName field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithGenerateName(value string) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.GenerateName = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithNamespace(value string) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Namespace = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithUID(value types.UID) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.UID = &value
+	return b
+}
+
+// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceVersion field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithResourceVersion(value string) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.ResourceVersion = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithGeneration(value int64) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Generation = &value
+	return b
+}
+
+// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CreationTimestamp field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.CreationTimestamp = &value
+	return b
+}
+
+// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value
+	return b
+}
+
+// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value
+	return b
+}
+
+// WithLabels puts the entries into the Labels field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Labels field,
+// overwriting an existing map entries in Labels field with the same key.
+func (b *ResourceClaimApplyConfiguration) WithLabels(entries map[string]string) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Labels[k] = v
+	}
+	return b
+}
+
+// WithAnnotations puts the entries into the Annotations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Annotations field,
+// overwriting an existing map entries in Annotations field with the same key.
+func (b *ResourceClaimApplyConfiguration) WithAnnotations(entries map[string]string) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Annotations[k] = v
+	}
+	return b
+}
+
+// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
+func (b *ResourceClaimApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithOwnerReferences")
+		}
+		b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i])
+	}
+	return b
+}
+
+// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Finalizers field.
+func (b *ResourceClaimApplyConfiguration) WithFinalizers(values ...string) *ResourceClaimApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i])
+	}
+	return b
+}
+
+func (b *ResourceClaimApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
+	if b.ObjectMetaApplyConfiguration == nil {
+		b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{}
+	}
+}
+
+// WithSpec sets the Spec field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Spec field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithSpec(value *ResourceClaimSpecApplyConfiguration) *ResourceClaimApplyConfiguration {
+	b.Spec = value
+	return b
+}
+
+// WithStatus sets the Status field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Status field is set to the value of the last call.
+func (b *ResourceClaimApplyConfiguration) WithStatus(value *ResourceClaimStatusApplyConfiguration) *ResourceClaimApplyConfiguration {
+	b.Status = value
+	return b
+}
+
+// GetName retrieves the value of the Name field in the declarative configuration.
+func (b *ResourceClaimApplyConfiguration) GetName() *string {
+	b.ensureObjectMetaApplyConfigurationExists()
+	return b.ObjectMetaApplyConfiguration.Name
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimconsumerreference.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimconsumerreference.go
new file mode 100644
index 0000000000..b7824e8599
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimconsumerreference.go
@@ -0,0 +1,70 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	types "k8s.io/apimachinery/pkg/types"
+)
+
+// ResourceClaimConsumerReferenceApplyConfiguration represents a declarative configuration of the ResourceClaimConsumerReference type for use
+// with apply.
+type ResourceClaimConsumerReferenceApplyConfiguration struct {
+	APIGroup *string    `json:"apiGroup,omitempty"`
+	Resource *string    `json:"resource,omitempty"`
+	Name     *string    `json:"name,omitempty"`
+	UID      *types.UID `json:"uid,omitempty"`
+}
+
+// ResourceClaimConsumerReferenceApplyConfiguration constructs a declarative configuration of the ResourceClaimConsumerReference type for use with
+// apply.
+func ResourceClaimConsumerReference() *ResourceClaimConsumerReferenceApplyConfiguration {
+	return &ResourceClaimConsumerReferenceApplyConfiguration{}
+}
+
+// WithAPIGroup sets the APIGroup field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the APIGroup field is set to the value of the last call.
+func (b *ResourceClaimConsumerReferenceApplyConfiguration) WithAPIGroup(value string) *ResourceClaimConsumerReferenceApplyConfiguration {
+	b.APIGroup = &value
+	return b
+}
+
+// WithResource sets the Resource field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Resource field is set to the value of the last call.
+func (b *ResourceClaimConsumerReferenceApplyConfiguration) WithResource(value string) *ResourceClaimConsumerReferenceApplyConfiguration {
+	b.Resource = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ResourceClaimConsumerReferenceApplyConfiguration) WithName(value string) *ResourceClaimConsumerReferenceApplyConfiguration {
+	b.Name = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *ResourceClaimConsumerReferenceApplyConfiguration) WithUID(value types.UID) *ResourceClaimConsumerReferenceApplyConfiguration {
+	b.UID = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimspec.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimspec.go
new file mode 100644
index 0000000000..e1fce17157
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimspec.go
@@ -0,0 +1,39 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// ResourceClaimSpecApplyConfiguration represents a declarative configuration of the ResourceClaimSpec type for use
+// with apply.
+type ResourceClaimSpecApplyConfiguration struct {
+	Devices *DeviceClaimApplyConfiguration `json:"devices,omitempty"`
+}
+
+// ResourceClaimSpecApplyConfiguration constructs a declarative configuration of the ResourceClaimSpec type for use with
+// apply.
+func ResourceClaimSpec() *ResourceClaimSpecApplyConfiguration {
+	return &ResourceClaimSpecApplyConfiguration{}
+}
+
+// WithDevices sets the Devices field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Devices field is set to the value of the last call.
+func (b *ResourceClaimSpecApplyConfiguration) WithDevices(value *DeviceClaimApplyConfiguration) *ResourceClaimSpecApplyConfiguration {
+	b.Devices = value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimstatus.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimstatus.go
new file mode 100644
index 0000000000..a3e7ae258f
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimstatus.go
@@ -0,0 +1,67 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// ResourceClaimStatusApplyConfiguration represents a declarative configuration of the ResourceClaimStatus type for use
+// with apply.
+type ResourceClaimStatusApplyConfiguration struct {
+	Allocation  *AllocationResultApplyConfiguration                `json:"allocation,omitempty"`
+	ReservedFor []ResourceClaimConsumerReferenceApplyConfiguration `json:"reservedFor,omitempty"`
+	Devices     []AllocatedDeviceStatusApplyConfiguration          `json:"devices,omitempty"`
+}
+
+// ResourceClaimStatusApplyConfiguration constructs a declarative configuration of the ResourceClaimStatus type for use with
+// apply.
+func ResourceClaimStatus() *ResourceClaimStatusApplyConfiguration {
+	return &ResourceClaimStatusApplyConfiguration{}
+}
+
+// WithAllocation sets the Allocation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Allocation field is set to the value of the last call.
+func (b *ResourceClaimStatusApplyConfiguration) WithAllocation(value *AllocationResultApplyConfiguration) *ResourceClaimStatusApplyConfiguration {
+	b.Allocation = value
+	return b
+}
+
+// WithReservedFor adds the given value to the ReservedFor field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the ReservedFor field.
+func (b *ResourceClaimStatusApplyConfiguration) WithReservedFor(values ...*ResourceClaimConsumerReferenceApplyConfiguration) *ResourceClaimStatusApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithReservedFor")
+		}
+		b.ReservedFor = append(b.ReservedFor, *values[i])
+	}
+	return b
+}
+
+// WithDevices adds the given value to the Devices field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Devices field.
+func (b *ResourceClaimStatusApplyConfiguration) WithDevices(values ...*AllocatedDeviceStatusApplyConfiguration) *ResourceClaimStatusApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithDevices")
+		}
+		b.Devices = append(b.Devices, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimtemplate.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimtemplate.go
new file mode 100644
index 0000000000..eb1f3ca060
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimtemplate.go
@@ -0,0 +1,255 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	managedfields "k8s.io/apimachinery/pkg/util/managedfields"
+	internal "k8s.io/client-go/applyconfigurations/internal"
+	v1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// ResourceClaimTemplateApplyConfiguration represents a declarative configuration of the ResourceClaimTemplate type for use
+// with apply.
+type ResourceClaimTemplateApplyConfiguration struct {
+	v1.TypeMetaApplyConfiguration    `json:",inline"`
+	*v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
+	Spec                             *ResourceClaimTemplateSpecApplyConfiguration `json:"spec,omitempty"`
+}
+
+// ResourceClaimTemplate constructs a declarative configuration of the ResourceClaimTemplate type for use with
+// apply.
+func ResourceClaimTemplate(name, namespace string) *ResourceClaimTemplateApplyConfiguration {
+	b := &ResourceClaimTemplateApplyConfiguration{}
+	b.WithName(name)
+	b.WithNamespace(namespace)
+	b.WithKind("ResourceClaimTemplate")
+	b.WithAPIVersion("resource.k8s.io/v1beta2")
+	return b
+}
+
+// ExtractResourceClaimTemplate extracts the applied configuration owned by fieldManager from
+// resourceClaimTemplate. If no managedFields are found in resourceClaimTemplate for fieldManager, a
+// ResourceClaimTemplateApplyConfiguration is returned with only the Name, Namespace (if applicable),
+// APIVersion and Kind populated. It is possible that no managed fields were found for because other
+// field managers have taken ownership of all the fields previously owned by fieldManager, or because
+// the fieldManager never owned fields any fields.
+// resourceClaimTemplate must be a unmodified ResourceClaimTemplate API object that was retrieved from the Kubernetes API.
+// ExtractResourceClaimTemplate provides a way to perform a extract/modify-in-place/apply workflow.
+// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously
+// applied if another fieldManager has updated or force applied any of the previously applied fields.
+// Experimental!
+func ExtractResourceClaimTemplate(resourceClaimTemplate *resourcev1beta2.ResourceClaimTemplate, fieldManager string) (*ResourceClaimTemplateApplyConfiguration, error) {
+	return extractResourceClaimTemplate(resourceClaimTemplate, fieldManager, "")
+}
+
+// ExtractResourceClaimTemplateStatus is the same as ExtractResourceClaimTemplate except
+// that it extracts the status subresource applied configuration.
+// Experimental!
+func ExtractResourceClaimTemplateStatus(resourceClaimTemplate *resourcev1beta2.ResourceClaimTemplate, fieldManager string) (*ResourceClaimTemplateApplyConfiguration, error) {
+	return extractResourceClaimTemplate(resourceClaimTemplate, fieldManager, "status")
+}
+
+func extractResourceClaimTemplate(resourceClaimTemplate *resourcev1beta2.ResourceClaimTemplate, fieldManager string, subresource string) (*ResourceClaimTemplateApplyConfiguration, error) {
+	b := &ResourceClaimTemplateApplyConfiguration{}
+	err := managedfields.ExtractInto(resourceClaimTemplate, internal.Parser().Type("io.k8s.api.resource.v1beta2.ResourceClaimTemplate"), fieldManager, b, subresource)
+	if err != nil {
+		return nil, err
+	}
+	b.WithName(resourceClaimTemplate.Name)
+	b.WithNamespace(resourceClaimTemplate.Namespace)
+
+	b.WithKind("ResourceClaimTemplate")
+	b.WithAPIVersion("resource.k8s.io/v1beta2")
+	return b, nil
+}
+
+// WithKind sets the Kind field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Kind field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithKind(value string) *ResourceClaimTemplateApplyConfiguration {
+	b.TypeMetaApplyConfiguration.Kind = &value
+	return b
+}
+
+// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the APIVersion field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithAPIVersion(value string) *ResourceClaimTemplateApplyConfiguration {
+	b.TypeMetaApplyConfiguration.APIVersion = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithName(value string) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Name = &value
+	return b
+}
+
+// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the GenerateName field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithGenerateName(value string) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.GenerateName = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithNamespace(value string) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Namespace = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithUID(value types.UID) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.UID = &value
+	return b
+}
+
+// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceVersion field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithResourceVersion(value string) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.ResourceVersion = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithGeneration(value int64) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Generation = &value
+	return b
+}
+
+// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CreationTimestamp field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.CreationTimestamp = &value
+	return b
+}
+
+// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value
+	return b
+}
+
+// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value
+	return b
+}
+
+// WithLabels puts the entries into the Labels field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Labels field,
+// overwriting an existing map entries in Labels field with the same key.
+func (b *ResourceClaimTemplateApplyConfiguration) WithLabels(entries map[string]string) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Labels[k] = v
+	}
+	return b
+}
+
+// WithAnnotations puts the entries into the Annotations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Annotations field,
+// overwriting an existing map entries in Annotations field with the same key.
+func (b *ResourceClaimTemplateApplyConfiguration) WithAnnotations(entries map[string]string) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Annotations[k] = v
+	}
+	return b
+}
+
+// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
+func (b *ResourceClaimTemplateApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithOwnerReferences")
+		}
+		b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i])
+	}
+	return b
+}
+
+// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Finalizers field.
+func (b *ResourceClaimTemplateApplyConfiguration) WithFinalizers(values ...string) *ResourceClaimTemplateApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i])
+	}
+	return b
+}
+
+func (b *ResourceClaimTemplateApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
+	if b.ObjectMetaApplyConfiguration == nil {
+		b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{}
+	}
+}
+
+// WithSpec sets the Spec field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Spec field is set to the value of the last call.
+func (b *ResourceClaimTemplateApplyConfiguration) WithSpec(value *ResourceClaimTemplateSpecApplyConfiguration) *ResourceClaimTemplateApplyConfiguration {
+	b.Spec = value
+	return b
+}
+
+// GetName retrieves the value of the Name field in the declarative configuration.
+func (b *ResourceClaimTemplateApplyConfiguration) GetName() *string {
+	b.ensureObjectMetaApplyConfigurationExists()
+	return b.ObjectMetaApplyConfiguration.Name
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimtemplatespec.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimtemplatespec.go
new file mode 100644
index 0000000000..c2aef66c7d
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceclaimtemplatespec.go
@@ -0,0 +1,194 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	v1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// ResourceClaimTemplateSpecApplyConfiguration represents a declarative configuration of the ResourceClaimTemplateSpec type for use
+// with apply.
+type ResourceClaimTemplateSpecApplyConfiguration struct {
+	*v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
+	Spec                             *ResourceClaimSpecApplyConfiguration `json:"spec,omitempty"`
+}
+
+// ResourceClaimTemplateSpecApplyConfiguration constructs a declarative configuration of the ResourceClaimTemplateSpec type for use with
+// apply.
+func ResourceClaimTemplateSpec() *ResourceClaimTemplateSpecApplyConfiguration {
+	return &ResourceClaimTemplateSpecApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithName(value string) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Name = &value
+	return b
+}
+
+// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the GenerateName field is set to the value of the last call.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithGenerateName(value string) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.GenerateName = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithNamespace(value string) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Namespace = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithUID(value types.UID) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.UID = &value
+	return b
+}
+
+// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceVersion field is set to the value of the last call.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithResourceVersion(value string) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.ResourceVersion = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithGeneration(value int64) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Generation = &value
+	return b
+}
+
+// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CreationTimestamp field is set to the value of the last call.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.CreationTimestamp = &value
+	return b
+}
+
+// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value
+	return b
+}
+
+// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value
+	return b
+}
+
+// WithLabels puts the entries into the Labels field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Labels field,
+// overwriting an existing map entries in Labels field with the same key.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithLabels(entries map[string]string) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Labels[k] = v
+	}
+	return b
+}
+
+// WithAnnotations puts the entries into the Annotations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Annotations field,
+// overwriting an existing map entries in Annotations field with the same key.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithAnnotations(entries map[string]string) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Annotations[k] = v
+	}
+	return b
+}
+
+// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithOwnerReferences")
+		}
+		b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i])
+	}
+	return b
+}
+
+// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Finalizers field.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithFinalizers(values ...string) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i])
+	}
+	return b
+}
+
+func (b *ResourceClaimTemplateSpecApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
+	if b.ObjectMetaApplyConfiguration == nil {
+		b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{}
+	}
+}
+
+// WithSpec sets the Spec field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Spec field is set to the value of the last call.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) WithSpec(value *ResourceClaimSpecApplyConfiguration) *ResourceClaimTemplateSpecApplyConfiguration {
+	b.Spec = value
+	return b
+}
+
+// GetName retrieves the value of the Name field in the declarative configuration.
+func (b *ResourceClaimTemplateSpecApplyConfiguration) GetName() *string {
+	b.ensureObjectMetaApplyConfigurationExists()
+	return b.ObjectMetaApplyConfiguration.Name
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourcepool.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourcepool.go
new file mode 100644
index 0000000000..6923085d6b
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourcepool.go
@@ -0,0 +1,57 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+// ResourcePoolApplyConfiguration represents a declarative configuration of the ResourcePool type for use
+// with apply.
+type ResourcePoolApplyConfiguration struct {
+	Name               *string `json:"name,omitempty"`
+	Generation         *int64  `json:"generation,omitempty"`
+	ResourceSliceCount *int64  `json:"resourceSliceCount,omitempty"`
+}
+
+// ResourcePoolApplyConfiguration constructs a declarative configuration of the ResourcePool type for use with
+// apply.
+func ResourcePool() *ResourcePoolApplyConfiguration {
+	return &ResourcePoolApplyConfiguration{}
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ResourcePoolApplyConfiguration) WithName(value string) *ResourcePoolApplyConfiguration {
+	b.Name = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *ResourcePoolApplyConfiguration) WithGeneration(value int64) *ResourcePoolApplyConfiguration {
+	b.Generation = &value
+	return b
+}
+
+// WithResourceSliceCount sets the ResourceSliceCount field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceSliceCount field is set to the value of the last call.
+func (b *ResourcePoolApplyConfiguration) WithResourceSliceCount(value int64) *ResourcePoolApplyConfiguration {
+	b.ResourceSliceCount = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceslice.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceslice.go
new file mode 100644
index 0000000000..7333d709de
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceslice.go
@@ -0,0 +1,253 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	managedfields "k8s.io/apimachinery/pkg/util/managedfields"
+	internal "k8s.io/client-go/applyconfigurations/internal"
+	v1 "k8s.io/client-go/applyconfigurations/meta/v1"
+)
+
+// ResourceSliceApplyConfiguration represents a declarative configuration of the ResourceSlice type for use
+// with apply.
+type ResourceSliceApplyConfiguration struct {
+	v1.TypeMetaApplyConfiguration    `json:",inline"`
+	*v1.ObjectMetaApplyConfiguration `json:"metadata,omitempty"`
+	Spec                             *ResourceSliceSpecApplyConfiguration `json:"spec,omitempty"`
+}
+
+// ResourceSlice constructs a declarative configuration of the ResourceSlice type for use with
+// apply.
+func ResourceSlice(name string) *ResourceSliceApplyConfiguration {
+	b := &ResourceSliceApplyConfiguration{}
+	b.WithName(name)
+	b.WithKind("ResourceSlice")
+	b.WithAPIVersion("resource.k8s.io/v1beta2")
+	return b
+}
+
+// ExtractResourceSlice extracts the applied configuration owned by fieldManager from
+// resourceSlice. If no managedFields are found in resourceSlice for fieldManager, a
+// ResourceSliceApplyConfiguration is returned with only the Name, Namespace (if applicable),
+// APIVersion and Kind populated. It is possible that no managed fields were found for because other
+// field managers have taken ownership of all the fields previously owned by fieldManager, or because
+// the fieldManager never owned fields any fields.
+// resourceSlice must be a unmodified ResourceSlice API object that was retrieved from the Kubernetes API.
+// ExtractResourceSlice provides a way to perform a extract/modify-in-place/apply workflow.
+// Note that an extracted apply configuration will contain fewer fields than what the fieldManager previously
+// applied if another fieldManager has updated or force applied any of the previously applied fields.
+// Experimental!
+func ExtractResourceSlice(resourceSlice *resourcev1beta2.ResourceSlice, fieldManager string) (*ResourceSliceApplyConfiguration, error) {
+	return extractResourceSlice(resourceSlice, fieldManager, "")
+}
+
+// ExtractResourceSliceStatus is the same as ExtractResourceSlice except
+// that it extracts the status subresource applied configuration.
+// Experimental!
+func ExtractResourceSliceStatus(resourceSlice *resourcev1beta2.ResourceSlice, fieldManager string) (*ResourceSliceApplyConfiguration, error) {
+	return extractResourceSlice(resourceSlice, fieldManager, "status")
+}
+
+func extractResourceSlice(resourceSlice *resourcev1beta2.ResourceSlice, fieldManager string, subresource string) (*ResourceSliceApplyConfiguration, error) {
+	b := &ResourceSliceApplyConfiguration{}
+	err := managedfields.ExtractInto(resourceSlice, internal.Parser().Type("io.k8s.api.resource.v1beta2.ResourceSlice"), fieldManager, b, subresource)
+	if err != nil {
+		return nil, err
+	}
+	b.WithName(resourceSlice.Name)
+
+	b.WithKind("ResourceSlice")
+	b.WithAPIVersion("resource.k8s.io/v1beta2")
+	return b, nil
+}
+
+// WithKind sets the Kind field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Kind field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithKind(value string) *ResourceSliceApplyConfiguration {
+	b.TypeMetaApplyConfiguration.Kind = &value
+	return b
+}
+
+// WithAPIVersion sets the APIVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the APIVersion field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithAPIVersion(value string) *ResourceSliceApplyConfiguration {
+	b.TypeMetaApplyConfiguration.APIVersion = &value
+	return b
+}
+
+// WithName sets the Name field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Name field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithName(value string) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Name = &value
+	return b
+}
+
+// WithGenerateName sets the GenerateName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the GenerateName field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithGenerateName(value string) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.GenerateName = &value
+	return b
+}
+
+// WithNamespace sets the Namespace field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Namespace field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithNamespace(value string) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Namespace = &value
+	return b
+}
+
+// WithUID sets the UID field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the UID field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithUID(value types.UID) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.UID = &value
+	return b
+}
+
+// WithResourceVersion sets the ResourceVersion field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ResourceVersion field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithResourceVersion(value string) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.ResourceVersion = &value
+	return b
+}
+
+// WithGeneration sets the Generation field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Generation field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithGeneration(value int64) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.Generation = &value
+	return b
+}
+
+// WithCreationTimestamp sets the CreationTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the CreationTimestamp field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithCreationTimestamp(value metav1.Time) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.CreationTimestamp = &value
+	return b
+}
+
+// WithDeletionTimestamp sets the DeletionTimestamp field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionTimestamp field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithDeletionTimestamp(value metav1.Time) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionTimestamp = &value
+	return b
+}
+
+// WithDeletionGracePeriodSeconds sets the DeletionGracePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the DeletionGracePeriodSeconds field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithDeletionGracePeriodSeconds(value int64) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	b.ObjectMetaApplyConfiguration.DeletionGracePeriodSeconds = &value
+	return b
+}
+
+// WithLabels puts the entries into the Labels field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Labels field,
+// overwriting an existing map entries in Labels field with the same key.
+func (b *ResourceSliceApplyConfiguration) WithLabels(entries map[string]string) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Labels == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Labels = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Labels[k] = v
+	}
+	return b
+}
+
+// WithAnnotations puts the entries into the Annotations field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, the entries provided by each call will be put on the Annotations field,
+// overwriting an existing map entries in Annotations field with the same key.
+func (b *ResourceSliceApplyConfiguration) WithAnnotations(entries map[string]string) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	if b.ObjectMetaApplyConfiguration.Annotations == nil && len(entries) > 0 {
+		b.ObjectMetaApplyConfiguration.Annotations = make(map[string]string, len(entries))
+	}
+	for k, v := range entries {
+		b.ObjectMetaApplyConfiguration.Annotations[k] = v
+	}
+	return b
+}
+
+// WithOwnerReferences adds the given value to the OwnerReferences field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the OwnerReferences field.
+func (b *ResourceSliceApplyConfiguration) WithOwnerReferences(values ...*v1.OwnerReferenceApplyConfiguration) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithOwnerReferences")
+		}
+		b.ObjectMetaApplyConfiguration.OwnerReferences = append(b.ObjectMetaApplyConfiguration.OwnerReferences, *values[i])
+	}
+	return b
+}
+
+// WithFinalizers adds the given value to the Finalizers field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Finalizers field.
+func (b *ResourceSliceApplyConfiguration) WithFinalizers(values ...string) *ResourceSliceApplyConfiguration {
+	b.ensureObjectMetaApplyConfigurationExists()
+	for i := range values {
+		b.ObjectMetaApplyConfiguration.Finalizers = append(b.ObjectMetaApplyConfiguration.Finalizers, values[i])
+	}
+	return b
+}
+
+func (b *ResourceSliceApplyConfiguration) ensureObjectMetaApplyConfigurationExists() {
+	if b.ObjectMetaApplyConfiguration == nil {
+		b.ObjectMetaApplyConfiguration = &v1.ObjectMetaApplyConfiguration{}
+	}
+}
+
+// WithSpec sets the Spec field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Spec field is set to the value of the last call.
+func (b *ResourceSliceApplyConfiguration) WithSpec(value *ResourceSliceSpecApplyConfiguration) *ResourceSliceApplyConfiguration {
+	b.Spec = value
+	return b
+}
+
+// GetName retrieves the value of the Name field in the declarative configuration.
+func (b *ResourceSliceApplyConfiguration) GetName() *string {
+	b.ensureObjectMetaApplyConfigurationExists()
+	return b.ObjectMetaApplyConfiguration.Name
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceslicespec.go b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceslicespec.go
new file mode 100644
index 0000000000..5a000829f9
--- /dev/null
+++ b/vendor/k8s.io/client-go/applyconfigurations/resource/v1beta2/resourceslicespec.go
@@ -0,0 +1,116 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by applyconfiguration-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	v1 "k8s.io/client-go/applyconfigurations/core/v1"
+)
+
+// ResourceSliceSpecApplyConfiguration represents a declarative configuration of the ResourceSliceSpec type for use
+// with apply.
+type ResourceSliceSpecApplyConfiguration struct {
+	Driver                 *string                            `json:"driver,omitempty"`
+	Pool                   *ResourcePoolApplyConfiguration    `json:"pool,omitempty"`
+	NodeName               *string                            `json:"nodeName,omitempty"`
+	NodeSelector           *v1.NodeSelectorApplyConfiguration `json:"nodeSelector,omitempty"`
+	AllNodes               *bool                              `json:"allNodes,omitempty"`
+	Devices                []DeviceApplyConfiguration         `json:"devices,omitempty"`
+	PerDeviceNodeSelection *bool                              `json:"perDeviceNodeSelection,omitempty"`
+	SharedCounters         []CounterSetApplyConfiguration     `json:"sharedCounters,omitempty"`
+}
+
+// ResourceSliceSpecApplyConfiguration constructs a declarative configuration of the ResourceSliceSpec type for use with
+// apply.
+func ResourceSliceSpec() *ResourceSliceSpecApplyConfiguration {
+	return &ResourceSliceSpecApplyConfiguration{}
+}
+
+// WithDriver sets the Driver field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Driver field is set to the value of the last call.
+func (b *ResourceSliceSpecApplyConfiguration) WithDriver(value string) *ResourceSliceSpecApplyConfiguration {
+	b.Driver = &value
+	return b
+}
+
+// WithPool sets the Pool field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the Pool field is set to the value of the last call.
+func (b *ResourceSliceSpecApplyConfiguration) WithPool(value *ResourcePoolApplyConfiguration) *ResourceSliceSpecApplyConfiguration {
+	b.Pool = value
+	return b
+}
+
+// WithNodeName sets the NodeName field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeName field is set to the value of the last call.
+func (b *ResourceSliceSpecApplyConfiguration) WithNodeName(value string) *ResourceSliceSpecApplyConfiguration {
+	b.NodeName = &value
+	return b
+}
+
+// WithNodeSelector sets the NodeSelector field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeSelector field is set to the value of the last call.
+func (b *ResourceSliceSpecApplyConfiguration) WithNodeSelector(value *v1.NodeSelectorApplyConfiguration) *ResourceSliceSpecApplyConfiguration {
+	b.NodeSelector = value
+	return b
+}
+
+// WithAllNodes sets the AllNodes field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the AllNodes field is set to the value of the last call.
+func (b *ResourceSliceSpecApplyConfiguration) WithAllNodes(value bool) *ResourceSliceSpecApplyConfiguration {
+	b.AllNodes = &value
+	return b
+}
+
+// WithDevices adds the given value to the Devices field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the Devices field.
+func (b *ResourceSliceSpecApplyConfiguration) WithDevices(values ...*DeviceApplyConfiguration) *ResourceSliceSpecApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithDevices")
+		}
+		b.Devices = append(b.Devices, *values[i])
+	}
+	return b
+}
+
+// WithPerDeviceNodeSelection sets the PerDeviceNodeSelection field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the PerDeviceNodeSelection field is set to the value of the last call.
+func (b *ResourceSliceSpecApplyConfiguration) WithPerDeviceNodeSelection(value bool) *ResourceSliceSpecApplyConfiguration {
+	b.PerDeviceNodeSelection = &value
+	return b
+}
+
+// WithSharedCounters adds the given value to the SharedCounters field in the declarative configuration
+// and returns the receiver, so that objects can be build by chaining "With" function invocations.
+// If called multiple times, values provided by each call will be appended to the SharedCounters field.
+func (b *ResourceSliceSpecApplyConfiguration) WithSharedCounters(values ...*CounterSetApplyConfiguration) *ResourceSliceSpecApplyConfiguration {
+	for i := range values {
+		if values[i] == nil {
+			panic("nil value passed to WithSharedCounters")
+		}
+		b.SharedCounters = append(b.SharedCounters, *values[i])
+	}
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/storage/v1/csidriverspec.go b/vendor/k8s.io/client-go/applyconfigurations/storage/v1/csidriverspec.go
index 1b58c6db89..fc6f2fbf94 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/storage/v1/csidriverspec.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/storage/v1/csidriverspec.go
@@ -25,14 +25,15 @@ import (
 // CSIDriverSpecApplyConfiguration represents a declarative configuration of the CSIDriverSpec type for use
 // with apply.
 type CSIDriverSpecApplyConfiguration struct {
-	AttachRequired       *bool                            `json:"attachRequired,omitempty"`
-	PodInfoOnMount       *bool                            `json:"podInfoOnMount,omitempty"`
-	VolumeLifecycleModes []storagev1.VolumeLifecycleMode  `json:"volumeLifecycleModes,omitempty"`
-	StorageCapacity      *bool                            `json:"storageCapacity,omitempty"`
-	FSGroupPolicy        *storagev1.FSGroupPolicy         `json:"fsGroupPolicy,omitempty"`
-	TokenRequests        []TokenRequestApplyConfiguration `json:"tokenRequests,omitempty"`
-	RequiresRepublish    *bool                            `json:"requiresRepublish,omitempty"`
-	SELinuxMount         *bool                            `json:"seLinuxMount,omitempty"`
+	AttachRequired                     *bool                            `json:"attachRequired,omitempty"`
+	PodInfoOnMount                     *bool                            `json:"podInfoOnMount,omitempty"`
+	VolumeLifecycleModes               []storagev1.VolumeLifecycleMode  `json:"volumeLifecycleModes,omitempty"`
+	StorageCapacity                    *bool                            `json:"storageCapacity,omitempty"`
+	FSGroupPolicy                      *storagev1.FSGroupPolicy         `json:"fsGroupPolicy,omitempty"`
+	TokenRequests                      []TokenRequestApplyConfiguration `json:"tokenRequests,omitempty"`
+	RequiresRepublish                  *bool                            `json:"requiresRepublish,omitempty"`
+	SELinuxMount                       *bool                            `json:"seLinuxMount,omitempty"`
+	NodeAllocatableUpdatePeriodSeconds *int64                           `json:"nodeAllocatableUpdatePeriodSeconds,omitempty"`
 }
 
 // CSIDriverSpecApplyConfiguration constructs a declarative configuration of the CSIDriverSpec type for use with
@@ -111,3 +112,11 @@ func (b *CSIDriverSpecApplyConfiguration) WithSELinuxMount(value bool) *CSIDrive
 	b.SELinuxMount = &value
 	return b
 }
+
+// WithNodeAllocatableUpdatePeriodSeconds sets the NodeAllocatableUpdatePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeAllocatableUpdatePeriodSeconds field is set to the value of the last call.
+func (b *CSIDriverSpecApplyConfiguration) WithNodeAllocatableUpdatePeriodSeconds(value int64) *CSIDriverSpecApplyConfiguration {
+	b.NodeAllocatableUpdatePeriodSeconds = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/storage/v1/volumeerror.go b/vendor/k8s.io/client-go/applyconfigurations/storage/v1/volumeerror.go
index c16c5c3af3..9becf77268 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/storage/v1/volumeerror.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/storage/v1/volumeerror.go
@@ -25,8 +25,9 @@ import (
 // VolumeErrorApplyConfiguration represents a declarative configuration of the VolumeError type for use
 // with apply.
 type VolumeErrorApplyConfiguration struct {
-	Time    *metav1.Time `json:"time,omitempty"`
-	Message *string      `json:"message,omitempty"`
+	Time      *metav1.Time `json:"time,omitempty"`
+	Message   *string      `json:"message,omitempty"`
+	ErrorCode *int32       `json:"errorCode,omitempty"`
 }
 
 // VolumeErrorApplyConfiguration constructs a declarative configuration of the VolumeError type for use with
@@ -50,3 +51,11 @@ func (b *VolumeErrorApplyConfiguration) WithMessage(value string) *VolumeErrorAp
 	b.Message = &value
 	return b
 }
+
+// WithErrorCode sets the ErrorCode field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ErrorCode field is set to the value of the last call.
+func (b *VolumeErrorApplyConfiguration) WithErrorCode(value int32) *VolumeErrorApplyConfiguration {
+	b.ErrorCode = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/storage/v1alpha1/volumeerror.go b/vendor/k8s.io/client-go/applyconfigurations/storage/v1alpha1/volumeerror.go
index ef8f6bbe64..19e5275105 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/storage/v1alpha1/volumeerror.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/storage/v1alpha1/volumeerror.go
@@ -25,8 +25,9 @@ import (
 // VolumeErrorApplyConfiguration represents a declarative configuration of the VolumeError type for use
 // with apply.
 type VolumeErrorApplyConfiguration struct {
-	Time    *v1.Time `json:"time,omitempty"`
-	Message *string  `json:"message,omitempty"`
+	Time      *v1.Time `json:"time,omitempty"`
+	Message   *string  `json:"message,omitempty"`
+	ErrorCode *int32   `json:"errorCode,omitempty"`
 }
 
 // VolumeErrorApplyConfiguration constructs a declarative configuration of the VolumeError type for use with
@@ -50,3 +51,11 @@ func (b *VolumeErrorApplyConfiguration) WithMessage(value string) *VolumeErrorAp
 	b.Message = &value
 	return b
 }
+
+// WithErrorCode sets the ErrorCode field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ErrorCode field is set to the value of the last call.
+func (b *VolumeErrorApplyConfiguration) WithErrorCode(value int32) *VolumeErrorApplyConfiguration {
+	b.ErrorCode = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/storage/v1beta1/csidriverspec.go b/vendor/k8s.io/client-go/applyconfigurations/storage/v1beta1/csidriverspec.go
index e62fe58883..b1c9ec6d12 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/storage/v1beta1/csidriverspec.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/storage/v1beta1/csidriverspec.go
@@ -25,14 +25,15 @@ import (
 // CSIDriverSpecApplyConfiguration represents a declarative configuration of the CSIDriverSpec type for use
 // with apply.
 type CSIDriverSpecApplyConfiguration struct {
-	AttachRequired       *bool                                `json:"attachRequired,omitempty"`
-	PodInfoOnMount       *bool                                `json:"podInfoOnMount,omitempty"`
-	VolumeLifecycleModes []storagev1beta1.VolumeLifecycleMode `json:"volumeLifecycleModes,omitempty"`
-	StorageCapacity      *bool                                `json:"storageCapacity,omitempty"`
-	FSGroupPolicy        *storagev1beta1.FSGroupPolicy        `json:"fsGroupPolicy,omitempty"`
-	TokenRequests        []TokenRequestApplyConfiguration     `json:"tokenRequests,omitempty"`
-	RequiresRepublish    *bool                                `json:"requiresRepublish,omitempty"`
-	SELinuxMount         *bool                                `json:"seLinuxMount,omitempty"`
+	AttachRequired                     *bool                                `json:"attachRequired,omitempty"`
+	PodInfoOnMount                     *bool                                `json:"podInfoOnMount,omitempty"`
+	VolumeLifecycleModes               []storagev1beta1.VolumeLifecycleMode `json:"volumeLifecycleModes,omitempty"`
+	StorageCapacity                    *bool                                `json:"storageCapacity,omitempty"`
+	FSGroupPolicy                      *storagev1beta1.FSGroupPolicy        `json:"fsGroupPolicy,omitempty"`
+	TokenRequests                      []TokenRequestApplyConfiguration     `json:"tokenRequests,omitempty"`
+	RequiresRepublish                  *bool                                `json:"requiresRepublish,omitempty"`
+	SELinuxMount                       *bool                                `json:"seLinuxMount,omitempty"`
+	NodeAllocatableUpdatePeriodSeconds *int64                               `json:"nodeAllocatableUpdatePeriodSeconds,omitempty"`
 }
 
 // CSIDriverSpecApplyConfiguration constructs a declarative configuration of the CSIDriverSpec type for use with
@@ -111,3 +112,11 @@ func (b *CSIDriverSpecApplyConfiguration) WithSELinuxMount(value bool) *CSIDrive
 	b.SELinuxMount = &value
 	return b
 }
+
+// WithNodeAllocatableUpdatePeriodSeconds sets the NodeAllocatableUpdatePeriodSeconds field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the NodeAllocatableUpdatePeriodSeconds field is set to the value of the last call.
+func (b *CSIDriverSpecApplyConfiguration) WithNodeAllocatableUpdatePeriodSeconds(value int64) *CSIDriverSpecApplyConfiguration {
+	b.NodeAllocatableUpdatePeriodSeconds = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/storage/v1beta1/volumeerror.go b/vendor/k8s.io/client-go/applyconfigurations/storage/v1beta1/volumeerror.go
index fec1c9ade3..015bcd86d5 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/storage/v1beta1/volumeerror.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/storage/v1beta1/volumeerror.go
@@ -25,8 +25,9 @@ import (
 // VolumeErrorApplyConfiguration represents a declarative configuration of the VolumeError type for use
 // with apply.
 type VolumeErrorApplyConfiguration struct {
-	Time    *v1.Time `json:"time,omitempty"`
-	Message *string  `json:"message,omitempty"`
+	Time      *v1.Time `json:"time,omitempty"`
+	Message   *string  `json:"message,omitempty"`
+	ErrorCode *int32   `json:"errorCode,omitempty"`
 }
 
 // VolumeErrorApplyConfiguration constructs a declarative configuration of the VolumeError type for use with
@@ -50,3 +51,11 @@ func (b *VolumeErrorApplyConfiguration) WithMessage(value string) *VolumeErrorAp
 	b.Message = &value
 	return b
 }
+
+// WithErrorCode sets the ErrorCode field in the declarative configuration to the given value
+// and returns the receiver, so that objects can be built by chaining "With" function invocations.
+// If called multiple times, the ErrorCode field is set to the value of the last call.
+func (b *VolumeErrorApplyConfiguration) WithErrorCode(value int32) *VolumeErrorApplyConfiguration {
+	b.ErrorCode = &value
+	return b
+}
diff --git a/vendor/k8s.io/client-go/applyconfigurations/utils.go b/vendor/k8s.io/client-go/applyconfigurations/utils.go
index afbabac943..eec40ba9f1 100644
--- a/vendor/k8s.io/client-go/applyconfigurations/utils.go
+++ b/vendor/k8s.io/client-go/applyconfigurations/utils.go
@@ -62,6 +62,7 @@ import (
 	rbacv1beta1 "k8s.io/api/rbac/v1beta1"
 	v1alpha3 "k8s.io/api/resource/v1alpha3"
 	resourcev1beta1 "k8s.io/api/resource/v1beta1"
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
 	schedulingv1 "k8s.io/api/scheduling/v1"
 	schedulingv1alpha1 "k8s.io/api/scheduling/v1alpha1"
 	schedulingv1beta1 "k8s.io/api/scheduling/v1beta1"
@@ -117,6 +118,7 @@ import (
 	applyconfigurationsrbacv1beta1 "k8s.io/client-go/applyconfigurations/rbac/v1beta1"
 	resourcev1alpha3 "k8s.io/client-go/applyconfigurations/resource/v1alpha3"
 	applyconfigurationsresourcev1beta1 "k8s.io/client-go/applyconfigurations/resource/v1beta1"
+	applyconfigurationsresourcev1beta2 "k8s.io/client-go/applyconfigurations/resource/v1beta2"
 	applyconfigurationsschedulingv1 "k8s.io/client-go/applyconfigurations/scheduling/v1"
 	applyconfigurationsschedulingv1alpha1 "k8s.io/client-go/applyconfigurations/scheduling/v1alpha1"
 	applyconfigurationsschedulingv1beta1 "k8s.io/client-go/applyconfigurations/scheduling/v1beta1"
@@ -624,6 +626,10 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		return &applyconfigurationscertificatesv1beta1.CertificateSigningRequestSpecApplyConfiguration{}
 	case certificatesv1beta1.SchemeGroupVersion.WithKind("CertificateSigningRequestStatus"):
 		return &applyconfigurationscertificatesv1beta1.CertificateSigningRequestStatusApplyConfiguration{}
+	case certificatesv1beta1.SchemeGroupVersion.WithKind("ClusterTrustBundle"):
+		return &applyconfigurationscertificatesv1beta1.ClusterTrustBundleApplyConfiguration{}
+	case certificatesv1beta1.SchemeGroupVersion.WithKind("ClusterTrustBundleSpec"):
+		return &applyconfigurationscertificatesv1beta1.ClusterTrustBundleSpecApplyConfiguration{}
 
 		// Group=coordination.k8s.io, Version=v1
 	case coordinationv1.SchemeGroupVersion.WithKind("Lease"):
@@ -640,6 +646,10 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		// Group=coordination.k8s.io, Version=v1beta1
 	case coordinationv1beta1.SchemeGroupVersion.WithKind("Lease"):
 		return &applyconfigurationscoordinationv1beta1.LeaseApplyConfiguration{}
+	case coordinationv1beta1.SchemeGroupVersion.WithKind("LeaseCandidate"):
+		return &applyconfigurationscoordinationv1beta1.LeaseCandidateApplyConfiguration{}
+	case coordinationv1beta1.SchemeGroupVersion.WithKind("LeaseCandidateSpec"):
+		return &applyconfigurationscoordinationv1beta1.LeaseCandidateSpecApplyConfiguration{}
 	case coordinationv1beta1.SchemeGroupVersion.WithKind("LeaseSpec"):
 		return &applyconfigurationscoordinationv1beta1.LeaseSpecApplyConfiguration{}
 
@@ -848,6 +858,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		return &applyconfigurationscorev1.NodeSpecApplyConfiguration{}
 	case corev1.SchemeGroupVersion.WithKind("NodeStatus"):
 		return &applyconfigurationscorev1.NodeStatusApplyConfiguration{}
+	case corev1.SchemeGroupVersion.WithKind("NodeSwapStatus"):
+		return &applyconfigurationscorev1.NodeSwapStatusApplyConfiguration{}
 	case corev1.SchemeGroupVersion.WithKind("NodeSystemInfo"):
 		return &applyconfigurationscorev1.NodeSystemInfoApplyConfiguration{}
 	case corev1.SchemeGroupVersion.WithKind("ObjectFieldSelector"):
@@ -1052,6 +1064,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		return &applyconfigurationsdiscoveryv1.EndpointPortApplyConfiguration{}
 	case discoveryv1.SchemeGroupVersion.WithKind("EndpointSlice"):
 		return &applyconfigurationsdiscoveryv1.EndpointSliceApplyConfiguration{}
+	case discoveryv1.SchemeGroupVersion.WithKind("ForNode"):
+		return &applyconfigurationsdiscoveryv1.ForNodeApplyConfiguration{}
 	case discoveryv1.SchemeGroupVersion.WithKind("ForZone"):
 		return &applyconfigurationsdiscoveryv1.ForZoneApplyConfiguration{}
 
@@ -1066,6 +1080,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		return &applyconfigurationsdiscoveryv1beta1.EndpointPortApplyConfiguration{}
 	case discoveryv1beta1.SchemeGroupVersion.WithKind("EndpointSlice"):
 		return &applyconfigurationsdiscoveryv1beta1.EndpointSliceApplyConfiguration{}
+	case discoveryv1beta1.SchemeGroupVersion.WithKind("ForNode"):
+		return &applyconfigurationsdiscoveryv1beta1.ForNodeApplyConfiguration{}
 	case discoveryv1beta1.SchemeGroupVersion.WithKind("ForZone"):
 		return &applyconfigurationsdiscoveryv1beta1.ForZoneApplyConfiguration{}
 
@@ -1406,6 +1422,10 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		return &applyconfigurationsnetworkingv1.IngressStatusApplyConfiguration{}
 	case networkingv1.SchemeGroupVersion.WithKind("IngressTLS"):
 		return &applyconfigurationsnetworkingv1.IngressTLSApplyConfiguration{}
+	case networkingv1.SchemeGroupVersion.WithKind("IPAddress"):
+		return &applyconfigurationsnetworkingv1.IPAddressApplyConfiguration{}
+	case networkingv1.SchemeGroupVersion.WithKind("IPAddressSpec"):
+		return &applyconfigurationsnetworkingv1.IPAddressSpecApplyConfiguration{}
 	case networkingv1.SchemeGroupVersion.WithKind("IPBlock"):
 		return &applyconfigurationsnetworkingv1.IPBlockApplyConfiguration{}
 	case networkingv1.SchemeGroupVersion.WithKind("NetworkPolicy"):
@@ -1420,8 +1440,16 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		return &applyconfigurationsnetworkingv1.NetworkPolicyPortApplyConfiguration{}
 	case networkingv1.SchemeGroupVersion.WithKind("NetworkPolicySpec"):
 		return &applyconfigurationsnetworkingv1.NetworkPolicySpecApplyConfiguration{}
+	case networkingv1.SchemeGroupVersion.WithKind("ParentReference"):
+		return &applyconfigurationsnetworkingv1.ParentReferenceApplyConfiguration{}
 	case networkingv1.SchemeGroupVersion.WithKind("ServiceBackendPort"):
 		return &applyconfigurationsnetworkingv1.ServiceBackendPortApplyConfiguration{}
+	case networkingv1.SchemeGroupVersion.WithKind("ServiceCIDR"):
+		return &applyconfigurationsnetworkingv1.ServiceCIDRApplyConfiguration{}
+	case networkingv1.SchemeGroupVersion.WithKind("ServiceCIDRSpec"):
+		return &applyconfigurationsnetworkingv1.ServiceCIDRSpecApplyConfiguration{}
+	case networkingv1.SchemeGroupVersion.WithKind("ServiceCIDRStatus"):
+		return &applyconfigurationsnetworkingv1.ServiceCIDRStatusApplyConfiguration{}
 
 		// Group=networking.k8s.io, Version=v1alpha1
 	case networkingv1alpha1.SchemeGroupVersion.WithKind("IPAddress"):
@@ -1590,6 +1618,10 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		return &resourcev1alpha3.BasicDeviceApplyConfiguration{}
 	case v1alpha3.SchemeGroupVersion.WithKind("CELDeviceSelector"):
 		return &resourcev1alpha3.CELDeviceSelectorApplyConfiguration{}
+	case v1alpha3.SchemeGroupVersion.WithKind("Counter"):
+		return &resourcev1alpha3.CounterApplyConfiguration{}
+	case v1alpha3.SchemeGroupVersion.WithKind("CounterSet"):
+		return &resourcev1alpha3.CounterSetApplyConfiguration{}
 	case v1alpha3.SchemeGroupVersion.WithKind("Device"):
 		return &resourcev1alpha3.DeviceApplyConfiguration{}
 	case v1alpha3.SchemeGroupVersion.WithKind("DeviceAllocationConfiguration"):
@@ -1612,12 +1644,26 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		return &resourcev1alpha3.DeviceConfigurationApplyConfiguration{}
 	case v1alpha3.SchemeGroupVersion.WithKind("DeviceConstraint"):
 		return &resourcev1alpha3.DeviceConstraintApplyConfiguration{}
+	case v1alpha3.SchemeGroupVersion.WithKind("DeviceCounterConsumption"):
+		return &resourcev1alpha3.DeviceCounterConsumptionApplyConfiguration{}
 	case v1alpha3.SchemeGroupVersion.WithKind("DeviceRequest"):
 		return &resourcev1alpha3.DeviceRequestApplyConfiguration{}
 	case v1alpha3.SchemeGroupVersion.WithKind("DeviceRequestAllocationResult"):
 		return &resourcev1alpha3.DeviceRequestAllocationResultApplyConfiguration{}
 	case v1alpha3.SchemeGroupVersion.WithKind("DeviceSelector"):
 		return &resourcev1alpha3.DeviceSelectorApplyConfiguration{}
+	case v1alpha3.SchemeGroupVersion.WithKind("DeviceSubRequest"):
+		return &resourcev1alpha3.DeviceSubRequestApplyConfiguration{}
+	case v1alpha3.SchemeGroupVersion.WithKind("DeviceTaint"):
+		return &resourcev1alpha3.DeviceTaintApplyConfiguration{}
+	case v1alpha3.SchemeGroupVersion.WithKind("DeviceTaintRule"):
+		return &resourcev1alpha3.DeviceTaintRuleApplyConfiguration{}
+	case v1alpha3.SchemeGroupVersion.WithKind("DeviceTaintRuleSpec"):
+		return &resourcev1alpha3.DeviceTaintRuleSpecApplyConfiguration{}
+	case v1alpha3.SchemeGroupVersion.WithKind("DeviceTaintSelector"):
+		return &resourcev1alpha3.DeviceTaintSelectorApplyConfiguration{}
+	case v1alpha3.SchemeGroupVersion.WithKind("DeviceToleration"):
+		return &resourcev1alpha3.DeviceTolerationApplyConfiguration{}
 	case v1alpha3.SchemeGroupVersion.WithKind("NetworkDeviceData"):
 		return &resourcev1alpha3.NetworkDeviceDataApplyConfiguration{}
 	case v1alpha3.SchemeGroupVersion.WithKind("OpaqueDeviceConfiguration"):
@@ -1650,6 +1696,10 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		return &applyconfigurationsresourcev1beta1.BasicDeviceApplyConfiguration{}
 	case resourcev1beta1.SchemeGroupVersion.WithKind("CELDeviceSelector"):
 		return &applyconfigurationsresourcev1beta1.CELDeviceSelectorApplyConfiguration{}
+	case resourcev1beta1.SchemeGroupVersion.WithKind("Counter"):
+		return &applyconfigurationsresourcev1beta1.CounterApplyConfiguration{}
+	case resourcev1beta1.SchemeGroupVersion.WithKind("CounterSet"):
+		return &applyconfigurationsresourcev1beta1.CounterSetApplyConfiguration{}
 	case resourcev1beta1.SchemeGroupVersion.WithKind("Device"):
 		return &applyconfigurationsresourcev1beta1.DeviceApplyConfiguration{}
 	case resourcev1beta1.SchemeGroupVersion.WithKind("DeviceAllocationConfiguration"):
@@ -1674,12 +1724,20 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 		return &applyconfigurationsresourcev1beta1.DeviceConfigurationApplyConfiguration{}
 	case resourcev1beta1.SchemeGroupVersion.WithKind("DeviceConstraint"):
 		return &applyconfigurationsresourcev1beta1.DeviceConstraintApplyConfiguration{}
+	case resourcev1beta1.SchemeGroupVersion.WithKind("DeviceCounterConsumption"):
+		return &applyconfigurationsresourcev1beta1.DeviceCounterConsumptionApplyConfiguration{}
 	case resourcev1beta1.SchemeGroupVersion.WithKind("DeviceRequest"):
 		return &applyconfigurationsresourcev1beta1.DeviceRequestApplyConfiguration{}
 	case resourcev1beta1.SchemeGroupVersion.WithKind("DeviceRequestAllocationResult"):
 		return &applyconfigurationsresourcev1beta1.DeviceRequestAllocationResultApplyConfiguration{}
 	case resourcev1beta1.SchemeGroupVersion.WithKind("DeviceSelector"):
 		return &applyconfigurationsresourcev1beta1.DeviceSelectorApplyConfiguration{}
+	case resourcev1beta1.SchemeGroupVersion.WithKind("DeviceSubRequest"):
+		return &applyconfigurationsresourcev1beta1.DeviceSubRequestApplyConfiguration{}
+	case resourcev1beta1.SchemeGroupVersion.WithKind("DeviceTaint"):
+		return &applyconfigurationsresourcev1beta1.DeviceTaintApplyConfiguration{}
+	case resourcev1beta1.SchemeGroupVersion.WithKind("DeviceToleration"):
+		return &applyconfigurationsresourcev1beta1.DeviceTolerationApplyConfiguration{}
 	case resourcev1beta1.SchemeGroupVersion.WithKind("NetworkDeviceData"):
 		return &applyconfigurationsresourcev1beta1.NetworkDeviceDataApplyConfiguration{}
 	case resourcev1beta1.SchemeGroupVersion.WithKind("OpaqueDeviceConfiguration"):
@@ -1703,6 +1761,80 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
 	case resourcev1beta1.SchemeGroupVersion.WithKind("ResourceSliceSpec"):
 		return &applyconfigurationsresourcev1beta1.ResourceSliceSpecApplyConfiguration{}
 
+		// Group=resource.k8s.io, Version=v1beta2
+	case resourcev1beta2.SchemeGroupVersion.WithKind("AllocatedDeviceStatus"):
+		return &applyconfigurationsresourcev1beta2.AllocatedDeviceStatusApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("AllocationResult"):
+		return &applyconfigurationsresourcev1beta2.AllocationResultApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("CELDeviceSelector"):
+		return &applyconfigurationsresourcev1beta2.CELDeviceSelectorApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("Counter"):
+		return &applyconfigurationsresourcev1beta2.CounterApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("CounterSet"):
+		return &applyconfigurationsresourcev1beta2.CounterSetApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("Device"):
+		return &applyconfigurationsresourcev1beta2.DeviceApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceAllocationConfiguration"):
+		return &applyconfigurationsresourcev1beta2.DeviceAllocationConfigurationApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceAllocationResult"):
+		return &applyconfigurationsresourcev1beta2.DeviceAllocationResultApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceAttribute"):
+		return &applyconfigurationsresourcev1beta2.DeviceAttributeApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceCapacity"):
+		return &applyconfigurationsresourcev1beta2.DeviceCapacityApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceClaim"):
+		return &applyconfigurationsresourcev1beta2.DeviceClaimApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceClaimConfiguration"):
+		return &applyconfigurationsresourcev1beta2.DeviceClaimConfigurationApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceClass"):
+		return &applyconfigurationsresourcev1beta2.DeviceClassApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceClassConfiguration"):
+		return &applyconfigurationsresourcev1beta2.DeviceClassConfigurationApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceClassSpec"):
+		return &applyconfigurationsresourcev1beta2.DeviceClassSpecApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceConfiguration"):
+		return &applyconfigurationsresourcev1beta2.DeviceConfigurationApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceConstraint"):
+		return &applyconfigurationsresourcev1beta2.DeviceConstraintApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceCounterConsumption"):
+		return &applyconfigurationsresourcev1beta2.DeviceCounterConsumptionApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceRequest"):
+		return &applyconfigurationsresourcev1beta2.DeviceRequestApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceRequestAllocationResult"):
+		return &applyconfigurationsresourcev1beta2.DeviceRequestAllocationResultApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceSelector"):
+		return &applyconfigurationsresourcev1beta2.DeviceSelectorApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceSubRequest"):
+		return &applyconfigurationsresourcev1beta2.DeviceSubRequestApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceTaint"):
+		return &applyconfigurationsresourcev1beta2.DeviceTaintApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("DeviceToleration"):
+		return &applyconfigurationsresourcev1beta2.DeviceTolerationApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("ExactDeviceRequest"):
+		return &applyconfigurationsresourcev1beta2.ExactDeviceRequestApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("NetworkDeviceData"):
+		return &applyconfigurationsresourcev1beta2.NetworkDeviceDataApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("OpaqueDeviceConfiguration"):
+		return &applyconfigurationsresourcev1beta2.OpaqueDeviceConfigurationApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("ResourceClaim"):
+		return &applyconfigurationsresourcev1beta2.ResourceClaimApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("ResourceClaimConsumerReference"):
+		return &applyconfigurationsresourcev1beta2.ResourceClaimConsumerReferenceApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("ResourceClaimSpec"):
+		return &applyconfigurationsresourcev1beta2.ResourceClaimSpecApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("ResourceClaimStatus"):
+		return &applyconfigurationsresourcev1beta2.ResourceClaimStatusApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("ResourceClaimTemplate"):
+		return &applyconfigurationsresourcev1beta2.ResourceClaimTemplateApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("ResourceClaimTemplateSpec"):
+		return &applyconfigurationsresourcev1beta2.ResourceClaimTemplateSpecApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("ResourcePool"):
+		return &applyconfigurationsresourcev1beta2.ResourcePoolApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("ResourceSlice"):
+		return &applyconfigurationsresourcev1beta2.ResourceSliceApplyConfiguration{}
+	case resourcev1beta2.SchemeGroupVersion.WithKind("ResourceSliceSpec"):
+		return &applyconfigurationsresourcev1beta2.ResourceSliceSpecApplyConfiguration{}
+
 		// Group=scheduling.k8s.io, Version=v1
 	case schedulingv1.SchemeGroupVersion.WithKind("PriorityClass"):
 		return &applyconfigurationsschedulingv1.PriorityClassApplyConfiguration{}
diff --git a/vendor/k8s.io/client-go/discovery/aggregated_discovery.go b/vendor/k8s.io/client-go/discovery/aggregated_discovery.go
index f5eaaedab3..82d46b4895 100644
--- a/vendor/k8s.io/client-go/discovery/aggregated_discovery.go
+++ b/vendor/k8s.io/client-go/discovery/aggregated_discovery.go
@@ -156,7 +156,7 @@ func convertAPISubresource(parent metav1.APIResource, in apidiscovery.APISubreso
 	return result, nil
 }
 
-// Please note the functions below will be removed in v1.33. They facilitate conversion
+// Please note the functions below will be removed in v1.35. They facilitate conversion
 // between the deprecated type apidiscoveryv2beta1.APIGroupDiscoveryList.
 
 // SplitGroupsAndResourcesV2Beta1 transforms "aggregated" discovery top-level structure into
diff --git a/vendor/k8s.io/client-go/discovery/discovery_client.go b/vendor/k8s.io/client-go/discovery/discovery_client.go
index ef14fee5f0..646820cbc2 100644
--- a/vendor/k8s.io/client-go/discovery/discovery_client.go
+++ b/vendor/k8s.io/client-go/discovery/discovery_client.go
@@ -29,9 +29,8 @@ import (
 	"sync"
 	"time"
 
-	//nolint:staticcheck // SA1019 Keep using module since it's still being maintained and the api of google.golang.org/protobuf/proto differs
-	"github.com/golang/protobuf/proto"
 	openapi_v2 "github.com/google/gnostic-models/openapiv2"
+	"google.golang.org/protobuf/proto"
 
 	apidiscoveryv2 "k8s.io/api/apidiscovery/v2"
 	apidiscoveryv2beta1 "k8s.io/api/apidiscovery/v2beta1"
diff --git a/vendor/k8s.io/client-go/discovery/doc.go b/vendor/k8s.io/client-go/discovery/doc.go
index 6baa1ef2a5..76495588ef 100644
--- a/vendor/k8s.io/client-go/discovery/doc.go
+++ b/vendor/k8s.io/client-go/discovery/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // Package discovery provides ways to discover server-supported
 // API groups, versions and resources.
-package discovery // import "k8s.io/client-go/discovery"
+package discovery
diff --git a/vendor/k8s.io/client-go/features/known_features.go b/vendor/k8s.io/client-go/features/known_features.go
index a74f6a8333..344d2ebb72 100644
--- a/vendor/k8s.io/client-go/features/known_features.go
+++ b/vendor/k8s.io/client-go/features/known_features.go
@@ -53,6 +53,12 @@ const (
 	// alpha: v1.30
 	InformerResourceVersion Feature = "InformerResourceVersion"
 
+	// owner: @deads2k
+	// beta: v1.33
+	//
+	// Refactor informers to deliver watch stream events in order instead of out of order.
+	InOrderInformers Feature = "InOrderInformers"
+
 	// owner: @p0lyn0mial
 	// beta: v1.30
 	//
@@ -73,5 +79,6 @@ var defaultKubernetesFeatureGates = map[Feature]FeatureSpec{
 	ClientsAllowCBOR:        {Default: false, PreRelease: Alpha},
 	ClientsPreferCBOR:       {Default: false, PreRelease: Alpha},
 	InformerResourceVersion: {Default: false, PreRelease: Alpha},
+	InOrderInformers:        {Default: true, PreRelease: Beta},
 	WatchListClient:         {Default: false, PreRelease: Beta},
 }
diff --git a/vendor/k8s.io/client-go/gentype/fake.go b/vendor/k8s.io/client-go/gentype/fake.go
index bcb9ca27f5..6ea3cbe0c0 100644
--- a/vendor/k8s.io/client-go/gentype/fake.go
+++ b/vendor/k8s.io/client-go/gentype/fake.go
@@ -183,6 +183,7 @@ func (l *alsoFakeLister[T, L]) List(ctx context.Context, opts metav1.ListOptions
 
 // Watch returns a watch.Interface that watches the requested resources.
 func (c *FakeClient[T]) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) {
+	opts.Watch = true
 	return c.Fake.
 		InvokesWatch(testing.NewWatchActionWithOptions(c.resource, c.ns, opts))
 }
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1/mutatingwebhookconfiguration.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1/mutatingwebhookconfiguration.go
index 11c67480f9..7adafde23e 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1/mutatingwebhookconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1/mutatingwebhookconfiguration.go
@@ -61,13 +61,25 @@ func NewFilteredMutatingWebhookConfigurationInformer(client kubernetes.Interface
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1().MutatingWebhookConfigurations().List(context.TODO(), options)
+				return client.AdmissionregistrationV1().MutatingWebhookConfigurations().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1().MutatingWebhookConfigurations().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1().MutatingWebhookConfigurations().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1().MutatingWebhookConfigurations().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1().MutatingWebhookConfigurations().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1.MutatingWebhookConfiguration{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingadmissionpolicy.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingadmissionpolicy.go
index e6974238c6..92cfa1fa4f 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingadmissionpolicy.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingadmissionpolicy.go
@@ -61,13 +61,25 @@ func NewFilteredValidatingAdmissionPolicyInformer(client kubernetes.Interface, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1().ValidatingAdmissionPolicies().List(context.TODO(), options)
+				return client.AdmissionregistrationV1().ValidatingAdmissionPolicies().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1().ValidatingAdmissionPolicies().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1().ValidatingAdmissionPolicies().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1().ValidatingAdmissionPolicies().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1().ValidatingAdmissionPolicies().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1.ValidatingAdmissionPolicy{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingadmissionpolicybinding.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingadmissionpolicybinding.go
index 34067ca383..e0c35ec5e3 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingadmissionpolicybinding.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingadmissionpolicybinding.go
@@ -61,13 +61,25 @@ func NewFilteredValidatingAdmissionPolicyBindingInformer(client kubernetes.Inter
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1().ValidatingAdmissionPolicyBindings().List(context.TODO(), options)
+				return client.AdmissionregistrationV1().ValidatingAdmissionPolicyBindings().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1().ValidatingAdmissionPolicyBindings().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1().ValidatingAdmissionPolicyBindings().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1().ValidatingAdmissionPolicyBindings().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1().ValidatingAdmissionPolicyBindings().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1.ValidatingAdmissionPolicyBinding{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingwebhookconfiguration.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingwebhookconfiguration.go
index 42ca69c228..8ddeb0492d 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingwebhookconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1/validatingwebhookconfiguration.go
@@ -61,13 +61,25 @@ func NewFilteredValidatingWebhookConfigurationInformer(client kubernetes.Interfa
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1().ValidatingWebhookConfigurations().List(context.TODO(), options)
+				return client.AdmissionregistrationV1().ValidatingWebhookConfigurations().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1().ValidatingWebhookConfigurations().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1().ValidatingWebhookConfigurations().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1().ValidatingWebhookConfigurations().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1().ValidatingWebhookConfigurations().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1.ValidatingWebhookConfiguration{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/mutatingadmissionpolicy.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/mutatingadmissionpolicy.go
index 5a23158bfa..939eff9835 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/mutatingadmissionpolicy.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/mutatingadmissionpolicy.go
@@ -61,13 +61,25 @@ func NewFilteredMutatingAdmissionPolicyInformer(client kubernetes.Interface, res
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicies().List(context.TODO(), options)
+				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicies().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicies().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicies().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicies().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicies().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1alpha1.MutatingAdmissionPolicy{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/mutatingadmissionpolicybinding.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/mutatingadmissionpolicybinding.go
index efa143fe55..a94f6d27bd 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/mutatingadmissionpolicybinding.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/mutatingadmissionpolicybinding.go
@@ -61,13 +61,25 @@ func NewFilteredMutatingAdmissionPolicyBindingInformer(client kubernetes.Interfa
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicyBindings().List(context.TODO(), options)
+				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicyBindings().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicyBindings().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicyBindings().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicyBindings().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1alpha1().MutatingAdmissionPolicyBindings().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1alpha1.MutatingAdmissionPolicyBinding{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/validatingadmissionpolicy.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/validatingadmissionpolicy.go
index aaae7b297f..1a6f7d56de 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/validatingadmissionpolicy.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/validatingadmissionpolicy.go
@@ -61,13 +61,25 @@ func NewFilteredValidatingAdmissionPolicyInformer(client kubernetes.Interface, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicies().List(context.TODO(), options)
+				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicies().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicies().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicies().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicies().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicies().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1alpha1.ValidatingAdmissionPolicy{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/validatingadmissionpolicybinding.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/validatingadmissionpolicybinding.go
index d62c59061c..3afaa3beca 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/validatingadmissionpolicybinding.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1alpha1/validatingadmissionpolicybinding.go
@@ -61,13 +61,25 @@ func NewFilteredValidatingAdmissionPolicyBindingInformer(client kubernetes.Inter
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicyBindings().List(context.TODO(), options)
+				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicyBindings().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicyBindings().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicyBindings().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicyBindings().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1alpha1().ValidatingAdmissionPolicyBindings().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1alpha1.ValidatingAdmissionPolicyBinding{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
index c6ca36ea29..697dae852a 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration.go
@@ -61,13 +61,25 @@ func NewFilteredMutatingWebhookConfigurationInformer(client kubernetes.Interface
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations().List(context.TODO(), options)
+				return client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1beta1.MutatingWebhookConfiguration{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingadmissionpolicy.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingadmissionpolicy.go
index d5b4204f1b..31c3569d94 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingadmissionpolicy.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingadmissionpolicy.go
@@ -61,13 +61,25 @@ func NewFilteredValidatingAdmissionPolicyInformer(client kubernetes.Interface, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicies().List(context.TODO(), options)
+				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicies().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicies().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicies().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicies().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicies().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1beta1.ValidatingAdmissionPolicy{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingadmissionpolicybinding.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingadmissionpolicybinding.go
index dbb5153ef3..fb2c10e3e7 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingadmissionpolicybinding.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingadmissionpolicybinding.go
@@ -61,13 +61,25 @@ func NewFilteredValidatingAdmissionPolicyBindingInformer(client kubernetes.Inter
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicyBindings().List(context.TODO(), options)
+				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicyBindings().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicyBindings().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicyBindings().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicyBindings().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1beta1().ValidatingAdmissionPolicyBindings().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1beta1.ValidatingAdmissionPolicyBinding{},
diff --git a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingwebhookconfiguration.go b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingwebhookconfiguration.go
index 602b361afa..2eb6991cb5 100644
--- a/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingwebhookconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/admissionregistration/v1beta1/validatingwebhookconfiguration.go
@@ -61,13 +61,25 @@ func NewFilteredValidatingWebhookConfigurationInformer(client kubernetes.Interfa
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().List(context.TODO(), options)
+				return client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().Watch(context.TODO(), options)
+				return client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations().Watch(ctx, options)
 			},
 		},
 		&apiadmissionregistrationv1beta1.ValidatingWebhookConfiguration{},
diff --git a/vendor/k8s.io/client-go/informers/apiserverinternal/v1alpha1/storageversion.go b/vendor/k8s.io/client-go/informers/apiserverinternal/v1alpha1/storageversion.go
index a99dbd17d2..e8e1669d12 100644
--- a/vendor/k8s.io/client-go/informers/apiserverinternal/v1alpha1/storageversion.go
+++ b/vendor/k8s.io/client-go/informers/apiserverinternal/v1alpha1/storageversion.go
@@ -61,13 +61,25 @@ func NewFilteredStorageVersionInformer(client kubernetes.Interface, resyncPeriod
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.InternalV1alpha1().StorageVersions().List(context.TODO(), options)
+				return client.InternalV1alpha1().StorageVersions().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.InternalV1alpha1().StorageVersions().Watch(context.TODO(), options)
+				return client.InternalV1alpha1().StorageVersions().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.InternalV1alpha1().StorageVersions().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.InternalV1alpha1().StorageVersions().Watch(ctx, options)
 			},
 		},
 		&apiapiserverinternalv1alpha1.StorageVersion{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/controllerrevision.go b/vendor/k8s.io/client-go/informers/apps/v1/controllerrevision.go
index 334a1b8f81..64eeddec0e 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/controllerrevision.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/controllerrevision.go
@@ -62,13 +62,25 @@ func NewFilteredControllerRevisionInformer(client kubernetes.Interface, namespac
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1().ControllerRevisions(namespace).List(context.TODO(), options)
+				return client.AppsV1().ControllerRevisions(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1().ControllerRevisions(namespace).Watch(context.TODO(), options)
+				return client.AppsV1().ControllerRevisions(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1().ControllerRevisions(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1().ControllerRevisions(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1.ControllerRevision{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/daemonset.go b/vendor/k8s.io/client-go/informers/apps/v1/daemonset.go
index 73adf8cbf8..4a3e95e1f1 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/daemonset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/daemonset.go
@@ -62,13 +62,25 @@ func NewFilteredDaemonSetInformer(client kubernetes.Interface, namespace string,
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1().DaemonSets(namespace).List(context.TODO(), options)
+				return client.AppsV1().DaemonSets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1().DaemonSets(namespace).Watch(context.TODO(), options)
+				return client.AppsV1().DaemonSets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1().DaemonSets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1().DaemonSets(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1.DaemonSet{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/deployment.go b/vendor/k8s.io/client-go/informers/apps/v1/deployment.go
index f9314844cc..9c0c20c536 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/deployment.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/deployment.go
@@ -62,13 +62,25 @@ func NewFilteredDeploymentInformer(client kubernetes.Interface, namespace string
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1().Deployments(namespace).List(context.TODO(), options)
+				return client.AppsV1().Deployments(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1().Deployments(namespace).Watch(context.TODO(), options)
+				return client.AppsV1().Deployments(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1().Deployments(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1().Deployments(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1.Deployment{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/replicaset.go b/vendor/k8s.io/client-go/informers/apps/v1/replicaset.go
index dfa8ae87a9..75c7a79e82 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/replicaset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/replicaset.go
@@ -62,13 +62,25 @@ func NewFilteredReplicaSetInformer(client kubernetes.Interface, namespace string
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1().ReplicaSets(namespace).List(context.TODO(), options)
+				return client.AppsV1().ReplicaSets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1().ReplicaSets(namespace).Watch(context.TODO(), options)
+				return client.AppsV1().ReplicaSets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1().ReplicaSets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1().ReplicaSets(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1.ReplicaSet{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1/statefulset.go b/vendor/k8s.io/client-go/informers/apps/v1/statefulset.go
index 84ca50123f..f759e0464f 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1/statefulset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1/statefulset.go
@@ -62,13 +62,25 @@ func NewFilteredStatefulSetInformer(client kubernetes.Interface, namespace strin
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1().StatefulSets(namespace).List(context.TODO(), options)
+				return client.AppsV1().StatefulSets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1().StatefulSets(namespace).Watch(context.TODO(), options)
+				return client.AppsV1().StatefulSets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1().StatefulSets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1().StatefulSets(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1.StatefulSet{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta1/controllerrevision.go b/vendor/k8s.io/client-go/informers/apps/v1beta1/controllerrevision.go
index c0a51dbe36..79b2fb907e 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta1/controllerrevision.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta1/controllerrevision.go
@@ -62,13 +62,25 @@ func NewFilteredControllerRevisionInformer(client kubernetes.Interface, namespac
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta1().ControllerRevisions(namespace).List(context.TODO(), options)
+				return client.AppsV1beta1().ControllerRevisions(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta1().ControllerRevisions(namespace).Watch(context.TODO(), options)
+				return client.AppsV1beta1().ControllerRevisions(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta1().ControllerRevisions(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta1().ControllerRevisions(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1beta1.ControllerRevision{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta1/deployment.go b/vendor/k8s.io/client-go/informers/apps/v1beta1/deployment.go
index 027ae402d7..1334c03a97 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta1/deployment.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta1/deployment.go
@@ -62,13 +62,25 @@ func NewFilteredDeploymentInformer(client kubernetes.Interface, namespace string
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta1().Deployments(namespace).List(context.TODO(), options)
+				return client.AppsV1beta1().Deployments(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta1().Deployments(namespace).Watch(context.TODO(), options)
+				return client.AppsV1beta1().Deployments(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta1().Deployments(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta1().Deployments(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1beta1.Deployment{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta1/statefulset.go b/vendor/k8s.io/client-go/informers/apps/v1beta1/statefulset.go
index bc357d7e7b..2d52ae02da 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta1/statefulset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta1/statefulset.go
@@ -62,13 +62,25 @@ func NewFilteredStatefulSetInformer(client kubernetes.Interface, namespace strin
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta1().StatefulSets(namespace).List(context.TODO(), options)
+				return client.AppsV1beta1().StatefulSets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta1().StatefulSets(namespace).Watch(context.TODO(), options)
+				return client.AppsV1beta1().StatefulSets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta1().StatefulSets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta1().StatefulSets(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1beta1.StatefulSet{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/controllerrevision.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/controllerrevision.go
index 62a560fdaf..0936ef7b96 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/controllerrevision.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/controllerrevision.go
@@ -62,13 +62,25 @@ func NewFilteredControllerRevisionInformer(client kubernetes.Interface, namespac
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta2().ControllerRevisions(namespace).List(context.TODO(), options)
+				return client.AppsV1beta2().ControllerRevisions(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta2().ControllerRevisions(namespace).Watch(context.TODO(), options)
+				return client.AppsV1beta2().ControllerRevisions(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta2().ControllerRevisions(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta2().ControllerRevisions(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1beta2.ControllerRevision{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/daemonset.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/daemonset.go
index 9d4c8ede98..d5c49d77f2 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/daemonset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/daemonset.go
@@ -62,13 +62,25 @@ func NewFilteredDaemonSetInformer(client kubernetes.Interface, namespace string,
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta2().DaemonSets(namespace).List(context.TODO(), options)
+				return client.AppsV1beta2().DaemonSets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta2().DaemonSets(namespace).Watch(context.TODO(), options)
+				return client.AppsV1beta2().DaemonSets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta2().DaemonSets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta2().DaemonSets(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1beta2.DaemonSet{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/deployment.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/deployment.go
index be85192cf4..575ddbfca8 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/deployment.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/deployment.go
@@ -62,13 +62,25 @@ func NewFilteredDeploymentInformer(client kubernetes.Interface, namespace string
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta2().Deployments(namespace).List(context.TODO(), options)
+				return client.AppsV1beta2().Deployments(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta2().Deployments(namespace).Watch(context.TODO(), options)
+				return client.AppsV1beta2().Deployments(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta2().Deployments(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta2().Deployments(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1beta2.Deployment{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/replicaset.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/replicaset.go
index e5d2797087..cfc4b3289f 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/replicaset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/replicaset.go
@@ -62,13 +62,25 @@ func NewFilteredReplicaSetInformer(client kubernetes.Interface, namespace string
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta2().ReplicaSets(namespace).List(context.TODO(), options)
+				return client.AppsV1beta2().ReplicaSets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta2().ReplicaSets(namespace).Watch(context.TODO(), options)
+				return client.AppsV1beta2().ReplicaSets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta2().ReplicaSets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta2().ReplicaSets(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1beta2.ReplicaSet{},
diff --git a/vendor/k8s.io/client-go/informers/apps/v1beta2/statefulset.go b/vendor/k8s.io/client-go/informers/apps/v1beta2/statefulset.go
index d147fc8851..a514c5bbb5 100644
--- a/vendor/k8s.io/client-go/informers/apps/v1beta2/statefulset.go
+++ b/vendor/k8s.io/client-go/informers/apps/v1beta2/statefulset.go
@@ -62,13 +62,25 @@ func NewFilteredStatefulSetInformer(client kubernetes.Interface, namespace strin
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta2().StatefulSets(namespace).List(context.TODO(), options)
+				return client.AppsV1beta2().StatefulSets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AppsV1beta2().StatefulSets(namespace).Watch(context.TODO(), options)
+				return client.AppsV1beta2().StatefulSets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta2().StatefulSets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AppsV1beta2().StatefulSets(namespace).Watch(ctx, options)
 			},
 		},
 		&apiappsv1beta2.StatefulSet{},
diff --git a/vendor/k8s.io/client-go/informers/autoscaling/v1/horizontalpodautoscaler.go b/vendor/k8s.io/client-go/informers/autoscaling/v1/horizontalpodautoscaler.go
index fce275934f..e92f756394 100644
--- a/vendor/k8s.io/client-go/informers/autoscaling/v1/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/client-go/informers/autoscaling/v1/horizontalpodautoscaler.go
@@ -62,13 +62,25 @@ func NewFilteredHorizontalPodAutoscalerInformer(client kubernetes.Interface, nam
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AutoscalingV1().HorizontalPodAutoscalers(namespace).List(context.TODO(), options)
+				return client.AutoscalingV1().HorizontalPodAutoscalers(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AutoscalingV1().HorizontalPodAutoscalers(namespace).Watch(context.TODO(), options)
+				return client.AutoscalingV1().HorizontalPodAutoscalers(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AutoscalingV1().HorizontalPodAutoscalers(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AutoscalingV1().HorizontalPodAutoscalers(namespace).Watch(ctx, options)
 			},
 		},
 		&apiautoscalingv1.HorizontalPodAutoscaler{},
diff --git a/vendor/k8s.io/client-go/informers/autoscaling/v2/horizontalpodautoscaler.go b/vendor/k8s.io/client-go/informers/autoscaling/v2/horizontalpodautoscaler.go
index 92104f8227..b5d4123e52 100644
--- a/vendor/k8s.io/client-go/informers/autoscaling/v2/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/client-go/informers/autoscaling/v2/horizontalpodautoscaler.go
@@ -62,13 +62,25 @@ func NewFilteredHorizontalPodAutoscalerInformer(client kubernetes.Interface, nam
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AutoscalingV2().HorizontalPodAutoscalers(namespace).List(context.TODO(), options)
+				return client.AutoscalingV2().HorizontalPodAutoscalers(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AutoscalingV2().HorizontalPodAutoscalers(namespace).Watch(context.TODO(), options)
+				return client.AutoscalingV2().HorizontalPodAutoscalers(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AutoscalingV2().HorizontalPodAutoscalers(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AutoscalingV2().HorizontalPodAutoscalers(namespace).Watch(ctx, options)
 			},
 		},
 		&apiautoscalingv2.HorizontalPodAutoscaler{},
diff --git a/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/horizontalpodautoscaler.go b/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/horizontalpodautoscaler.go
index b776027186..5a64e7ef9e 100644
--- a/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/client-go/informers/autoscaling/v2beta1/horizontalpodautoscaler.go
@@ -62,13 +62,25 @@ func NewFilteredHorizontalPodAutoscalerInformer(client kubernetes.Interface, nam
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AutoscalingV2beta1().HorizontalPodAutoscalers(namespace).List(context.TODO(), options)
+				return client.AutoscalingV2beta1().HorizontalPodAutoscalers(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AutoscalingV2beta1().HorizontalPodAutoscalers(namespace).Watch(context.TODO(), options)
+				return client.AutoscalingV2beta1().HorizontalPodAutoscalers(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AutoscalingV2beta1().HorizontalPodAutoscalers(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AutoscalingV2beta1().HorizontalPodAutoscalers(namespace).Watch(ctx, options)
 			},
 		},
 		&apiautoscalingv2beta1.HorizontalPodAutoscaler{},
diff --git a/vendor/k8s.io/client-go/informers/autoscaling/v2beta2/horizontalpodautoscaler.go b/vendor/k8s.io/client-go/informers/autoscaling/v2beta2/horizontalpodautoscaler.go
index 1848429b14..2d4c3f1de6 100644
--- a/vendor/k8s.io/client-go/informers/autoscaling/v2beta2/horizontalpodautoscaler.go
+++ b/vendor/k8s.io/client-go/informers/autoscaling/v2beta2/horizontalpodautoscaler.go
@@ -62,13 +62,25 @@ func NewFilteredHorizontalPodAutoscalerInformer(client kubernetes.Interface, nam
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AutoscalingV2beta2().HorizontalPodAutoscalers(namespace).List(context.TODO(), options)
+				return client.AutoscalingV2beta2().HorizontalPodAutoscalers(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.AutoscalingV2beta2().HorizontalPodAutoscalers(namespace).Watch(context.TODO(), options)
+				return client.AutoscalingV2beta2().HorizontalPodAutoscalers(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AutoscalingV2beta2().HorizontalPodAutoscalers(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.AutoscalingV2beta2().HorizontalPodAutoscalers(namespace).Watch(ctx, options)
 			},
 		},
 		&apiautoscalingv2beta2.HorizontalPodAutoscaler{},
diff --git a/vendor/k8s.io/client-go/informers/batch/v1/cronjob.go b/vendor/k8s.io/client-go/informers/batch/v1/cronjob.go
index 2a188acdd6..ee4f8808a8 100644
--- a/vendor/k8s.io/client-go/informers/batch/v1/cronjob.go
+++ b/vendor/k8s.io/client-go/informers/batch/v1/cronjob.go
@@ -62,13 +62,25 @@ func NewFilteredCronJobInformer(client kubernetes.Interface, namespace string, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.BatchV1().CronJobs(namespace).List(context.TODO(), options)
+				return client.BatchV1().CronJobs(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.BatchV1().CronJobs(namespace).Watch(context.TODO(), options)
+				return client.BatchV1().CronJobs(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.BatchV1().CronJobs(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.BatchV1().CronJobs(namespace).Watch(ctx, options)
 			},
 		},
 		&apibatchv1.CronJob{},
diff --git a/vendor/k8s.io/client-go/informers/batch/v1/job.go b/vendor/k8s.io/client-go/informers/batch/v1/job.go
index 439ec7a6a5..d3965f53e9 100644
--- a/vendor/k8s.io/client-go/informers/batch/v1/job.go
+++ b/vendor/k8s.io/client-go/informers/batch/v1/job.go
@@ -62,13 +62,25 @@ func NewFilteredJobInformer(client kubernetes.Interface, namespace string, resyn
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.BatchV1().Jobs(namespace).List(context.TODO(), options)
+				return client.BatchV1().Jobs(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.BatchV1().Jobs(namespace).Watch(context.TODO(), options)
+				return client.BatchV1().Jobs(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.BatchV1().Jobs(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.BatchV1().Jobs(namespace).Watch(ctx, options)
 			},
 		},
 		&apibatchv1.Job{},
diff --git a/vendor/k8s.io/client-go/informers/batch/v1beta1/cronjob.go b/vendor/k8s.io/client-go/informers/batch/v1beta1/cronjob.go
index 1f061e16c2..1cf169d92e 100644
--- a/vendor/k8s.io/client-go/informers/batch/v1beta1/cronjob.go
+++ b/vendor/k8s.io/client-go/informers/batch/v1beta1/cronjob.go
@@ -62,13 +62,25 @@ func NewFilteredCronJobInformer(client kubernetes.Interface, namespace string, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.BatchV1beta1().CronJobs(namespace).List(context.TODO(), options)
+				return client.BatchV1beta1().CronJobs(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.BatchV1beta1().CronJobs(namespace).Watch(context.TODO(), options)
+				return client.BatchV1beta1().CronJobs(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.BatchV1beta1().CronJobs(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.BatchV1beta1().CronJobs(namespace).Watch(ctx, options)
 			},
 		},
 		&apibatchv1beta1.CronJob{},
diff --git a/vendor/k8s.io/client-go/informers/certificates/v1/certificatesigningrequest.go b/vendor/k8s.io/client-go/informers/certificates/v1/certificatesigningrequest.go
index 0bd32ab95b..076da13627 100644
--- a/vendor/k8s.io/client-go/informers/certificates/v1/certificatesigningrequest.go
+++ b/vendor/k8s.io/client-go/informers/certificates/v1/certificatesigningrequest.go
@@ -61,13 +61,25 @@ func NewFilteredCertificateSigningRequestInformer(client kubernetes.Interface, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CertificatesV1().CertificateSigningRequests().List(context.TODO(), options)
+				return client.CertificatesV1().CertificateSigningRequests().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CertificatesV1().CertificateSigningRequests().Watch(context.TODO(), options)
+				return client.CertificatesV1().CertificateSigningRequests().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CertificatesV1().CertificateSigningRequests().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CertificatesV1().CertificateSigningRequests().Watch(ctx, options)
 			},
 		},
 		&apicertificatesv1.CertificateSigningRequest{},
diff --git a/vendor/k8s.io/client-go/informers/certificates/v1alpha1/clustertrustbundle.go b/vendor/k8s.io/client-go/informers/certificates/v1alpha1/clustertrustbundle.go
index 046688961c..ca5ee2c979 100644
--- a/vendor/k8s.io/client-go/informers/certificates/v1alpha1/clustertrustbundle.go
+++ b/vendor/k8s.io/client-go/informers/certificates/v1alpha1/clustertrustbundle.go
@@ -61,13 +61,25 @@ func NewFilteredClusterTrustBundleInformer(client kubernetes.Interface, resyncPe
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CertificatesV1alpha1().ClusterTrustBundles().List(context.TODO(), options)
+				return client.CertificatesV1alpha1().ClusterTrustBundles().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CertificatesV1alpha1().ClusterTrustBundles().Watch(context.TODO(), options)
+				return client.CertificatesV1alpha1().ClusterTrustBundles().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CertificatesV1alpha1().ClusterTrustBundles().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CertificatesV1alpha1().ClusterTrustBundles().Watch(ctx, options)
 			},
 		},
 		&apicertificatesv1alpha1.ClusterTrustBundle{},
diff --git a/vendor/k8s.io/client-go/informers/certificates/v1beta1/certificatesigningrequest.go b/vendor/k8s.io/client-go/informers/certificates/v1beta1/certificatesigningrequest.go
index b3aff1cc86..f93d435a06 100644
--- a/vendor/k8s.io/client-go/informers/certificates/v1beta1/certificatesigningrequest.go
+++ b/vendor/k8s.io/client-go/informers/certificates/v1beta1/certificatesigningrequest.go
@@ -61,13 +61,25 @@ func NewFilteredCertificateSigningRequestInformer(client kubernetes.Interface, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CertificatesV1beta1().CertificateSigningRequests().List(context.TODO(), options)
+				return client.CertificatesV1beta1().CertificateSigningRequests().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CertificatesV1beta1().CertificateSigningRequests().Watch(context.TODO(), options)
+				return client.CertificatesV1beta1().CertificateSigningRequests().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CertificatesV1beta1().CertificateSigningRequests().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CertificatesV1beta1().CertificateSigningRequests().Watch(ctx, options)
 			},
 		},
 		&apicertificatesv1beta1.CertificateSigningRequest{},
diff --git a/vendor/k8s.io/client-go/informers/certificates/v1beta1/clustertrustbundle.go b/vendor/k8s.io/client-go/informers/certificates/v1beta1/clustertrustbundle.go
new file mode 100644
index 0000000000..c4a69b22ef
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/certificates/v1beta1/clustertrustbundle.go
@@ -0,0 +1,101 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	context "context"
+	time "time"
+
+	apicertificatesv1beta1 "k8s.io/api/certificates/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	certificatesv1beta1 "k8s.io/client-go/listers/certificates/v1beta1"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// ClusterTrustBundleInformer provides access to a shared informer and lister for
+// ClusterTrustBundles.
+type ClusterTrustBundleInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() certificatesv1beta1.ClusterTrustBundleLister
+}
+
+type clusterTrustBundleInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+}
+
+// NewClusterTrustBundleInformer constructs a new informer for ClusterTrustBundle type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewClusterTrustBundleInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredClusterTrustBundleInformer(client, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredClusterTrustBundleInformer constructs a new informer for ClusterTrustBundle type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredClusterTrustBundleInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CertificatesV1beta1().ClusterTrustBundles().List(context.Background(), options)
+			},
+			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CertificatesV1beta1().ClusterTrustBundles().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CertificatesV1beta1().ClusterTrustBundles().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CertificatesV1beta1().ClusterTrustBundles().Watch(ctx, options)
+			},
+		},
+		&apicertificatesv1beta1.ClusterTrustBundle{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *clusterTrustBundleInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredClusterTrustBundleInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *clusterTrustBundleInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&apicertificatesv1beta1.ClusterTrustBundle{}, f.defaultInformer)
+}
+
+func (f *clusterTrustBundleInformer) Lister() certificatesv1beta1.ClusterTrustBundleLister {
+	return certificatesv1beta1.NewClusterTrustBundleLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/informers/certificates/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/certificates/v1beta1/interface.go
index 258dd1d0e6..f13d5e6633 100644
--- a/vendor/k8s.io/client-go/informers/certificates/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/certificates/v1beta1/interface.go
@@ -26,6 +26,8 @@ import (
 type Interface interface {
 	// CertificateSigningRequests returns a CertificateSigningRequestInformer.
 	CertificateSigningRequests() CertificateSigningRequestInformer
+	// ClusterTrustBundles returns a ClusterTrustBundleInformer.
+	ClusterTrustBundles() ClusterTrustBundleInformer
 }
 
 type version struct {
@@ -43,3 +45,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
 func (v *version) CertificateSigningRequests() CertificateSigningRequestInformer {
 	return &certificateSigningRequestInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
 }
+
+// ClusterTrustBundles returns a ClusterTrustBundleInformer.
+func (v *version) ClusterTrustBundles() ClusterTrustBundleInformer {
+	return &clusterTrustBundleInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+}
diff --git a/vendor/k8s.io/client-go/informers/coordination/v1/lease.go b/vendor/k8s.io/client-go/informers/coordination/v1/lease.go
index 0627d73099..2d0c812d6b 100644
--- a/vendor/k8s.io/client-go/informers/coordination/v1/lease.go
+++ b/vendor/k8s.io/client-go/informers/coordination/v1/lease.go
@@ -62,13 +62,25 @@ func NewFilteredLeaseInformer(client kubernetes.Interface, namespace string, res
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoordinationV1().Leases(namespace).List(context.TODO(), options)
+				return client.CoordinationV1().Leases(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoordinationV1().Leases(namespace).Watch(context.TODO(), options)
+				return client.CoordinationV1().Leases(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoordinationV1().Leases(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoordinationV1().Leases(namespace).Watch(ctx, options)
 			},
 		},
 		&apicoordinationv1.Lease{},
diff --git a/vendor/k8s.io/client-go/informers/coordination/v1alpha2/leasecandidate.go b/vendor/k8s.io/client-go/informers/coordination/v1alpha2/leasecandidate.go
index f38adf6524..c220a9b20c 100644
--- a/vendor/k8s.io/client-go/informers/coordination/v1alpha2/leasecandidate.go
+++ b/vendor/k8s.io/client-go/informers/coordination/v1alpha2/leasecandidate.go
@@ -62,13 +62,25 @@ func NewFilteredLeaseCandidateInformer(client kubernetes.Interface, namespace st
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoordinationV1alpha2().LeaseCandidates(namespace).List(context.TODO(), options)
+				return client.CoordinationV1alpha2().LeaseCandidates(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoordinationV1alpha2().LeaseCandidates(namespace).Watch(context.TODO(), options)
+				return client.CoordinationV1alpha2().LeaseCandidates(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoordinationV1alpha2().LeaseCandidates(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoordinationV1alpha2().LeaseCandidates(namespace).Watch(ctx, options)
 			},
 		},
 		&apicoordinationv1alpha2.LeaseCandidate{},
diff --git a/vendor/k8s.io/client-go/informers/coordination/v1beta1/interface.go b/vendor/k8s.io/client-go/informers/coordination/v1beta1/interface.go
index 360266206c..707e510869 100644
--- a/vendor/k8s.io/client-go/informers/coordination/v1beta1/interface.go
+++ b/vendor/k8s.io/client-go/informers/coordination/v1beta1/interface.go
@@ -26,6 +26,8 @@ import (
 type Interface interface {
 	// Leases returns a LeaseInformer.
 	Leases() LeaseInformer
+	// LeaseCandidates returns a LeaseCandidateInformer.
+	LeaseCandidates() LeaseCandidateInformer
 }
 
 type version struct {
@@ -43,3 +45,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
 func (v *version) Leases() LeaseInformer {
 	return &leaseInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
 }
+
+// LeaseCandidates returns a LeaseCandidateInformer.
+func (v *version) LeaseCandidates() LeaseCandidateInformer {
+	return &leaseCandidateInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
+}
diff --git a/vendor/k8s.io/client-go/informers/coordination/v1beta1/lease.go b/vendor/k8s.io/client-go/informers/coordination/v1beta1/lease.go
index 563a25c30f..ef91381c1d 100644
--- a/vendor/k8s.io/client-go/informers/coordination/v1beta1/lease.go
+++ b/vendor/k8s.io/client-go/informers/coordination/v1beta1/lease.go
@@ -62,13 +62,25 @@ func NewFilteredLeaseInformer(client kubernetes.Interface, namespace string, res
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoordinationV1beta1().Leases(namespace).List(context.TODO(), options)
+				return client.CoordinationV1beta1().Leases(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoordinationV1beta1().Leases(namespace).Watch(context.TODO(), options)
+				return client.CoordinationV1beta1().Leases(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoordinationV1beta1().Leases(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoordinationV1beta1().Leases(namespace).Watch(ctx, options)
 			},
 		},
 		&apicoordinationv1beta1.Lease{},
diff --git a/vendor/k8s.io/client-go/informers/coordination/v1beta1/leasecandidate.go b/vendor/k8s.io/client-go/informers/coordination/v1beta1/leasecandidate.go
new file mode 100644
index 0000000000..4315e50c32
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/coordination/v1beta1/leasecandidate.go
@@ -0,0 +1,102 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	context "context"
+	time "time"
+
+	apicoordinationv1beta1 "k8s.io/api/coordination/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	coordinationv1beta1 "k8s.io/client-go/listers/coordination/v1beta1"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// LeaseCandidateInformer provides access to a shared informer and lister for
+// LeaseCandidates.
+type LeaseCandidateInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() coordinationv1beta1.LeaseCandidateLister
+}
+
+type leaseCandidateInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+	namespace        string
+}
+
+// NewLeaseCandidateInformer constructs a new informer for LeaseCandidate type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewLeaseCandidateInformer(client kubernetes.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredLeaseCandidateInformer(client, namespace, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredLeaseCandidateInformer constructs a new informer for LeaseCandidate type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredLeaseCandidateInformer(client kubernetes.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoordinationV1beta1().LeaseCandidates(namespace).List(context.Background(), options)
+			},
+			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoordinationV1beta1().LeaseCandidates(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoordinationV1beta1().LeaseCandidates(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoordinationV1beta1().LeaseCandidates(namespace).Watch(ctx, options)
+			},
+		},
+		&apicoordinationv1beta1.LeaseCandidate{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *leaseCandidateInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredLeaseCandidateInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *leaseCandidateInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&apicoordinationv1beta1.LeaseCandidate{}, f.defaultInformer)
+}
+
+func (f *leaseCandidateInformer) Lister() coordinationv1beta1.LeaseCandidateLister {
+	return coordinationv1beta1.NewLeaseCandidateLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/informers/core/v1/componentstatus.go b/vendor/k8s.io/client-go/informers/core/v1/componentstatus.go
index 2a97c638fe..a7992bfdff 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/componentstatus.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/componentstatus.go
@@ -61,13 +61,25 @@ func NewFilteredComponentStatusInformer(client kubernetes.Interface, resyncPerio
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().ComponentStatuses().List(context.TODO(), options)
+				return client.CoreV1().ComponentStatuses().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().ComponentStatuses().Watch(context.TODO(), options)
+				return client.CoreV1().ComponentStatuses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().ComponentStatuses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().ComponentStatuses().Watch(ctx, options)
 			},
 		},
 		&apicorev1.ComponentStatus{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/configmap.go b/vendor/k8s.io/client-go/informers/core/v1/configmap.go
index 07f5fb1f79..014e55afe4 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/configmap.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/configmap.go
@@ -62,13 +62,25 @@ func NewFilteredConfigMapInformer(client kubernetes.Interface, namespace string,
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().ConfigMaps(namespace).List(context.TODO(), options)
+				return client.CoreV1().ConfigMaps(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().ConfigMaps(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().ConfigMaps(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().ConfigMaps(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().ConfigMaps(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.ConfigMap{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/endpoints.go b/vendor/k8s.io/client-go/informers/core/v1/endpoints.go
index 6171d5df6b..2d4412ad00 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/endpoints.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/endpoints.go
@@ -62,13 +62,25 @@ func NewFilteredEndpointsInformer(client kubernetes.Interface, namespace string,
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Endpoints(namespace).List(context.TODO(), options)
+				return client.CoreV1().Endpoints(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Endpoints(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().Endpoints(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Endpoints(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Endpoints(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.Endpoints{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/event.go b/vendor/k8s.io/client-go/informers/core/v1/event.go
index 55500679d2..80a5cad843 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/event.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/event.go
@@ -62,13 +62,25 @@ func NewFilteredEventInformer(client kubernetes.Interface, namespace string, res
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Events(namespace).List(context.TODO(), options)
+				return client.CoreV1().Events(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Events(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().Events(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Events(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Events(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.Event{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/limitrange.go b/vendor/k8s.io/client-go/informers/core/v1/limitrange.go
index 2c2dec79f1..cf8e1eb422 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/limitrange.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/limitrange.go
@@ -62,13 +62,25 @@ func NewFilteredLimitRangeInformer(client kubernetes.Interface, namespace string
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().LimitRanges(namespace).List(context.TODO(), options)
+				return client.CoreV1().LimitRanges(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().LimitRanges(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().LimitRanges(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().LimitRanges(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().LimitRanges(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.LimitRange{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/namespace.go b/vendor/k8s.io/client-go/informers/core/v1/namespace.go
index 09e0740ba9..ae09888b9b 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/namespace.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/namespace.go
@@ -61,13 +61,25 @@ func NewFilteredNamespaceInformer(client kubernetes.Interface, resyncPeriod time
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Namespaces().List(context.TODO(), options)
+				return client.CoreV1().Namespaces().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Namespaces().Watch(context.TODO(), options)
+				return client.CoreV1().Namespaces().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Namespaces().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Namespaces().Watch(ctx, options)
 			},
 		},
 		&apicorev1.Namespace{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/node.go b/vendor/k8s.io/client-go/informers/core/v1/node.go
index 608aa9fb7c..a036db034b 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/node.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/node.go
@@ -61,13 +61,25 @@ func NewFilteredNodeInformer(client kubernetes.Interface, resyncPeriod time.Dura
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Nodes().List(context.TODO(), options)
+				return client.CoreV1().Nodes().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Nodes().Watch(context.TODO(), options)
+				return client.CoreV1().Nodes().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Nodes().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Nodes().Watch(ctx, options)
 			},
 		},
 		&apicorev1.Node{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/persistentvolume.go b/vendor/k8s.io/client-go/informers/core/v1/persistentvolume.go
index 19c0929e5e..4d1d63eadc 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/persistentvolume.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/persistentvolume.go
@@ -61,13 +61,25 @@ func NewFilteredPersistentVolumeInformer(client kubernetes.Interface, resyncPeri
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().PersistentVolumes().List(context.TODO(), options)
+				return client.CoreV1().PersistentVolumes().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().PersistentVolumes().Watch(context.TODO(), options)
+				return client.CoreV1().PersistentVolumes().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().PersistentVolumes().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().PersistentVolumes().Watch(ctx, options)
 			},
 		},
 		&apicorev1.PersistentVolume{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/persistentvolumeclaim.go b/vendor/k8s.io/client-go/informers/core/v1/persistentvolumeclaim.go
index 27c35fec1a..87a4cc037c 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/persistentvolumeclaim.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/persistentvolumeclaim.go
@@ -62,13 +62,25 @@ func NewFilteredPersistentVolumeClaimInformer(client kubernetes.Interface, names
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().PersistentVolumeClaims(namespace).List(context.TODO(), options)
+				return client.CoreV1().PersistentVolumeClaims(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().PersistentVolumeClaims(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().PersistentVolumeClaims(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().PersistentVolumeClaims(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().PersistentVolumeClaims(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.PersistentVolumeClaim{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/pod.go b/vendor/k8s.io/client-go/informers/core/v1/pod.go
index c661704bd1..e3a40729f1 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/pod.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/pod.go
@@ -62,13 +62,25 @@ func NewFilteredPodInformer(client kubernetes.Interface, namespace string, resyn
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Pods(namespace).List(context.TODO(), options)
+				return client.CoreV1().Pods(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Pods(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().Pods(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Pods(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Pods(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.Pod{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/podtemplate.go b/vendor/k8s.io/client-go/informers/core/v1/podtemplate.go
index 0d16c5b4e2..9d6e7048e6 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/podtemplate.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/podtemplate.go
@@ -62,13 +62,25 @@ func NewFilteredPodTemplateInformer(client kubernetes.Interface, namespace strin
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().PodTemplates(namespace).List(context.TODO(), options)
+				return client.CoreV1().PodTemplates(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().PodTemplates(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().PodTemplates(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().PodTemplates(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().PodTemplates(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.PodTemplate{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/replicationcontroller.go b/vendor/k8s.io/client-go/informers/core/v1/replicationcontroller.go
index 5866ec1510..89c216e821 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/replicationcontroller.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/replicationcontroller.go
@@ -62,13 +62,25 @@ func NewFilteredReplicationControllerInformer(client kubernetes.Interface, names
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().ReplicationControllers(namespace).List(context.TODO(), options)
+				return client.CoreV1().ReplicationControllers(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().ReplicationControllers(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().ReplicationControllers(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().ReplicationControllers(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().ReplicationControllers(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.ReplicationController{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/resourcequota.go b/vendor/k8s.io/client-go/informers/core/v1/resourcequota.go
index 999b49546f..aa77e05702 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/resourcequota.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/resourcequota.go
@@ -62,13 +62,25 @@ func NewFilteredResourceQuotaInformer(client kubernetes.Interface, namespace str
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().ResourceQuotas(namespace).List(context.TODO(), options)
+				return client.CoreV1().ResourceQuotas(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().ResourceQuotas(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().ResourceQuotas(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().ResourceQuotas(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().ResourceQuotas(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.ResourceQuota{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/secret.go b/vendor/k8s.io/client-go/informers/core/v1/secret.go
index f3d371501b..be5a80a969 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/secret.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/secret.go
@@ -62,13 +62,25 @@ func NewFilteredSecretInformer(client kubernetes.Interface, namespace string, re
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Secrets(namespace).List(context.TODO(), options)
+				return client.CoreV1().Secrets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Secrets(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().Secrets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Secrets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Secrets(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.Secret{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/service.go b/vendor/k8s.io/client-go/informers/core/v1/service.go
index c4bc294a3f..10b0587579 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/service.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/service.go
@@ -62,13 +62,25 @@ func NewFilteredServiceInformer(client kubernetes.Interface, namespace string, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Services(namespace).List(context.TODO(), options)
+				return client.CoreV1().Services(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().Services(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().Services(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Services(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().Services(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.Service{},
diff --git a/vendor/k8s.io/client-go/informers/core/v1/serviceaccount.go b/vendor/k8s.io/client-go/informers/core/v1/serviceaccount.go
index b04b44cb41..594439618f 100644
--- a/vendor/k8s.io/client-go/informers/core/v1/serviceaccount.go
+++ b/vendor/k8s.io/client-go/informers/core/v1/serviceaccount.go
@@ -62,13 +62,25 @@ func NewFilteredServiceAccountInformer(client kubernetes.Interface, namespace st
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().ServiceAccounts(namespace).List(context.TODO(), options)
+				return client.CoreV1().ServiceAccounts(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.CoreV1().ServiceAccounts(namespace).Watch(context.TODO(), options)
+				return client.CoreV1().ServiceAccounts(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().ServiceAccounts(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.CoreV1().ServiceAccounts(namespace).Watch(ctx, options)
 			},
 		},
 		&apicorev1.ServiceAccount{},
diff --git a/vendor/k8s.io/client-go/informers/discovery/v1/endpointslice.go b/vendor/k8s.io/client-go/informers/discovery/v1/endpointslice.go
index ec09b2d267..38f09183cd 100644
--- a/vendor/k8s.io/client-go/informers/discovery/v1/endpointslice.go
+++ b/vendor/k8s.io/client-go/informers/discovery/v1/endpointslice.go
@@ -62,13 +62,25 @@ func NewFilteredEndpointSliceInformer(client kubernetes.Interface, namespace str
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.DiscoveryV1().EndpointSlices(namespace).List(context.TODO(), options)
+				return client.DiscoveryV1().EndpointSlices(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.DiscoveryV1().EndpointSlices(namespace).Watch(context.TODO(), options)
+				return client.DiscoveryV1().EndpointSlices(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.DiscoveryV1().EndpointSlices(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.DiscoveryV1().EndpointSlices(namespace).Watch(ctx, options)
 			},
 		},
 		&apidiscoveryv1.EndpointSlice{},
diff --git a/vendor/k8s.io/client-go/informers/discovery/v1beta1/endpointslice.go b/vendor/k8s.io/client-go/informers/discovery/v1beta1/endpointslice.go
index 3af1a3be99..23c51eb7b2 100644
--- a/vendor/k8s.io/client-go/informers/discovery/v1beta1/endpointslice.go
+++ b/vendor/k8s.io/client-go/informers/discovery/v1beta1/endpointslice.go
@@ -62,13 +62,25 @@ func NewFilteredEndpointSliceInformer(client kubernetes.Interface, namespace str
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.DiscoveryV1beta1().EndpointSlices(namespace).List(context.TODO(), options)
+				return client.DiscoveryV1beta1().EndpointSlices(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.DiscoveryV1beta1().EndpointSlices(namespace).Watch(context.TODO(), options)
+				return client.DiscoveryV1beta1().EndpointSlices(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.DiscoveryV1beta1().EndpointSlices(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.DiscoveryV1beta1().EndpointSlices(namespace).Watch(ctx, options)
 			},
 		},
 		&apidiscoveryv1beta1.EndpointSlice{},
diff --git a/vendor/k8s.io/client-go/informers/doc.go b/vendor/k8s.io/client-go/informers/doc.go
index f37c3e4d01..231bffb69b 100644
--- a/vendor/k8s.io/client-go/informers/doc.go
+++ b/vendor/k8s.io/client-go/informers/doc.go
@@ -15,4 +15,4 @@ limitations under the License.
 */
 
 // Package informers provides generated informers for Kubernetes APIs.
-package informers // import "k8s.io/client-go/informers"
+package informers
diff --git a/vendor/k8s.io/client-go/informers/events/v1/event.go b/vendor/k8s.io/client-go/informers/events/v1/event.go
index 518d798415..139cc155ab 100644
--- a/vendor/k8s.io/client-go/informers/events/v1/event.go
+++ b/vendor/k8s.io/client-go/informers/events/v1/event.go
@@ -62,13 +62,25 @@ func NewFilteredEventInformer(client kubernetes.Interface, namespace string, res
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.EventsV1().Events(namespace).List(context.TODO(), options)
+				return client.EventsV1().Events(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.EventsV1().Events(namespace).Watch(context.TODO(), options)
+				return client.EventsV1().Events(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.EventsV1().Events(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.EventsV1().Events(namespace).Watch(ctx, options)
 			},
 		},
 		&apieventsv1.Event{},
diff --git a/vendor/k8s.io/client-go/informers/events/v1beta1/event.go b/vendor/k8s.io/client-go/informers/events/v1beta1/event.go
index 5324599bb7..75818c0efb 100644
--- a/vendor/k8s.io/client-go/informers/events/v1beta1/event.go
+++ b/vendor/k8s.io/client-go/informers/events/v1beta1/event.go
@@ -62,13 +62,25 @@ func NewFilteredEventInformer(client kubernetes.Interface, namespace string, res
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.EventsV1beta1().Events(namespace).List(context.TODO(), options)
+				return client.EventsV1beta1().Events(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.EventsV1beta1().Events(namespace).Watch(context.TODO(), options)
+				return client.EventsV1beta1().Events(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.EventsV1beta1().Events(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.EventsV1beta1().Events(namespace).Watch(ctx, options)
 			},
 		},
 		&apieventsv1beta1.Event{},
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/daemonset.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/daemonset.go
index ea77575c9e..ce8612c1c2 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/daemonset.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/daemonset.go
@@ -62,13 +62,25 @@ func NewFilteredDaemonSetInformer(client kubernetes.Interface, namespace string,
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ExtensionsV1beta1().DaemonSets(namespace).List(context.TODO(), options)
+				return client.ExtensionsV1beta1().DaemonSets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ExtensionsV1beta1().DaemonSets(namespace).Watch(context.TODO(), options)
+				return client.ExtensionsV1beta1().DaemonSets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ExtensionsV1beta1().DaemonSets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ExtensionsV1beta1().DaemonSets(namespace).Watch(ctx, options)
 			},
 		},
 		&apiextensionsv1beta1.DaemonSet{},
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/deployment.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/deployment.go
index 1b2770ce0b..5dd957baa4 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/deployment.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/deployment.go
@@ -62,13 +62,25 @@ func NewFilteredDeploymentInformer(client kubernetes.Interface, namespace string
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ExtensionsV1beta1().Deployments(namespace).List(context.TODO(), options)
+				return client.ExtensionsV1beta1().Deployments(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ExtensionsV1beta1().Deployments(namespace).Watch(context.TODO(), options)
+				return client.ExtensionsV1beta1().Deployments(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ExtensionsV1beta1().Deployments(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ExtensionsV1beta1().Deployments(namespace).Watch(ctx, options)
 			},
 		},
 		&apiextensionsv1beta1.Deployment{},
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/ingress.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/ingress.go
index 63e7340604..935f6868c2 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/ingress.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/ingress.go
@@ -62,13 +62,25 @@ func NewFilteredIngressInformer(client kubernetes.Interface, namespace string, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ExtensionsV1beta1().Ingresses(namespace).List(context.TODO(), options)
+				return client.ExtensionsV1beta1().Ingresses(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ExtensionsV1beta1().Ingresses(namespace).Watch(context.TODO(), options)
+				return client.ExtensionsV1beta1().Ingresses(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ExtensionsV1beta1().Ingresses(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ExtensionsV1beta1().Ingresses(namespace).Watch(ctx, options)
 			},
 		},
 		&apiextensionsv1beta1.Ingress{},
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/networkpolicy.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/networkpolicy.go
index 024653af2e..f485f3149c 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/networkpolicy.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/networkpolicy.go
@@ -62,13 +62,25 @@ func NewFilteredNetworkPolicyInformer(client kubernetes.Interface, namespace str
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ExtensionsV1beta1().NetworkPolicies(namespace).List(context.TODO(), options)
+				return client.ExtensionsV1beta1().NetworkPolicies(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ExtensionsV1beta1().NetworkPolicies(namespace).Watch(context.TODO(), options)
+				return client.ExtensionsV1beta1().NetworkPolicies(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ExtensionsV1beta1().NetworkPolicies(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ExtensionsV1beta1().NetworkPolicies(namespace).Watch(ctx, options)
 			},
 		},
 		&apiextensionsv1beta1.NetworkPolicy{},
diff --git a/vendor/k8s.io/client-go/informers/extensions/v1beta1/replicaset.go b/vendor/k8s.io/client-go/informers/extensions/v1beta1/replicaset.go
index 392ccef861..4b1be5421c 100644
--- a/vendor/k8s.io/client-go/informers/extensions/v1beta1/replicaset.go
+++ b/vendor/k8s.io/client-go/informers/extensions/v1beta1/replicaset.go
@@ -62,13 +62,25 @@ func NewFilteredReplicaSetInformer(client kubernetes.Interface, namespace string
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ExtensionsV1beta1().ReplicaSets(namespace).List(context.TODO(), options)
+				return client.ExtensionsV1beta1().ReplicaSets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ExtensionsV1beta1().ReplicaSets(namespace).Watch(context.TODO(), options)
+				return client.ExtensionsV1beta1().ReplicaSets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ExtensionsV1beta1().ReplicaSets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ExtensionsV1beta1().ReplicaSets(namespace).Watch(ctx, options)
 			},
 		},
 		&apiextensionsv1beta1.ReplicaSet{},
diff --git a/vendor/k8s.io/client-go/informers/flowcontrol/v1/flowschema.go b/vendor/k8s.io/client-go/informers/flowcontrol/v1/flowschema.go
index 945bc351ef..f8918dcf72 100644
--- a/vendor/k8s.io/client-go/informers/flowcontrol/v1/flowschema.go
+++ b/vendor/k8s.io/client-go/informers/flowcontrol/v1/flowschema.go
@@ -61,13 +61,25 @@ func NewFilteredFlowSchemaInformer(client kubernetes.Interface, resyncPeriod tim
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1().FlowSchemas().List(context.TODO(), options)
+				return client.FlowcontrolV1().FlowSchemas().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1().FlowSchemas().Watch(context.TODO(), options)
+				return client.FlowcontrolV1().FlowSchemas().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1().FlowSchemas().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1().FlowSchemas().Watch(ctx, options)
 			},
 		},
 		&apiflowcontrolv1.FlowSchema{},
diff --git a/vendor/k8s.io/client-go/informers/flowcontrol/v1/prioritylevelconfiguration.go b/vendor/k8s.io/client-go/informers/flowcontrol/v1/prioritylevelconfiguration.go
index eec6388b29..2ec4f39887 100644
--- a/vendor/k8s.io/client-go/informers/flowcontrol/v1/prioritylevelconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/flowcontrol/v1/prioritylevelconfiguration.go
@@ -61,13 +61,25 @@ func NewFilteredPriorityLevelConfigurationInformer(client kubernetes.Interface,
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1().PriorityLevelConfigurations().List(context.TODO(), options)
+				return client.FlowcontrolV1().PriorityLevelConfigurations().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1().PriorityLevelConfigurations().Watch(context.TODO(), options)
+				return client.FlowcontrolV1().PriorityLevelConfigurations().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1().PriorityLevelConfigurations().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1().PriorityLevelConfigurations().Watch(ctx, options)
 			},
 		},
 		&apiflowcontrolv1.PriorityLevelConfiguration{},
diff --git a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/flowschema.go b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/flowschema.go
index 30d0997739..322fa31813 100644
--- a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/flowschema.go
+++ b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/flowschema.go
@@ -61,13 +61,25 @@ func NewFilteredFlowSchemaInformer(client kubernetes.Interface, resyncPeriod tim
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta1().FlowSchemas().List(context.TODO(), options)
+				return client.FlowcontrolV1beta1().FlowSchemas().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta1().FlowSchemas().Watch(context.TODO(), options)
+				return client.FlowcontrolV1beta1().FlowSchemas().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta1().FlowSchemas().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta1().FlowSchemas().Watch(ctx, options)
 			},
 		},
 		&apiflowcontrolv1beta1.FlowSchema{},
diff --git a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/prioritylevelconfiguration.go b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/prioritylevelconfiguration.go
index 2a8a867c43..aebc788f7e 100644
--- a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/prioritylevelconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta1/prioritylevelconfiguration.go
@@ -61,13 +61,25 @@ func NewFilteredPriorityLevelConfigurationInformer(client kubernetes.Interface,
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta1().PriorityLevelConfigurations().List(context.TODO(), options)
+				return client.FlowcontrolV1beta1().PriorityLevelConfigurations().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta1().PriorityLevelConfigurations().Watch(context.TODO(), options)
+				return client.FlowcontrolV1beta1().PriorityLevelConfigurations().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta1().PriorityLevelConfigurations().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta1().PriorityLevelConfigurations().Watch(ctx, options)
 			},
 		},
 		&apiflowcontrolv1beta1.PriorityLevelConfiguration{},
diff --git a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta2/flowschema.go b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta2/flowschema.go
index edfed12c5c..522e24b7b5 100644
--- a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta2/flowschema.go
+++ b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta2/flowschema.go
@@ -61,13 +61,25 @@ func NewFilteredFlowSchemaInformer(client kubernetes.Interface, resyncPeriod tim
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta2().FlowSchemas().List(context.TODO(), options)
+				return client.FlowcontrolV1beta2().FlowSchemas().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta2().FlowSchemas().Watch(context.TODO(), options)
+				return client.FlowcontrolV1beta2().FlowSchemas().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta2().FlowSchemas().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta2().FlowSchemas().Watch(ctx, options)
 			},
 		},
 		&apiflowcontrolv1beta2.FlowSchema{},
diff --git a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta2/prioritylevelconfiguration.go b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta2/prioritylevelconfiguration.go
index 624e0373e8..0ee0506e25 100644
--- a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta2/prioritylevelconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta2/prioritylevelconfiguration.go
@@ -61,13 +61,25 @@ func NewFilteredPriorityLevelConfigurationInformer(client kubernetes.Interface,
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta2().PriorityLevelConfigurations().List(context.TODO(), options)
+				return client.FlowcontrolV1beta2().PriorityLevelConfigurations().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta2().PriorityLevelConfigurations().Watch(context.TODO(), options)
+				return client.FlowcontrolV1beta2().PriorityLevelConfigurations().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta2().PriorityLevelConfigurations().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta2().PriorityLevelConfigurations().Watch(ctx, options)
 			},
 		},
 		&apiflowcontrolv1beta2.PriorityLevelConfiguration{},
diff --git a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta3/flowschema.go b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta3/flowschema.go
index bd3f5e6edb..3b0dca3cc2 100644
--- a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta3/flowschema.go
+++ b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta3/flowschema.go
@@ -61,13 +61,25 @@ func NewFilteredFlowSchemaInformer(client kubernetes.Interface, resyncPeriod tim
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta3().FlowSchemas().List(context.TODO(), options)
+				return client.FlowcontrolV1beta3().FlowSchemas().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta3().FlowSchemas().Watch(context.TODO(), options)
+				return client.FlowcontrolV1beta3().FlowSchemas().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta3().FlowSchemas().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta3().FlowSchemas().Watch(ctx, options)
 			},
 		},
 		&apiflowcontrolv1beta3.FlowSchema{},
diff --git a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta3/prioritylevelconfiguration.go b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta3/prioritylevelconfiguration.go
index 5695d5d4dd..77ff4e4e7c 100644
--- a/vendor/k8s.io/client-go/informers/flowcontrol/v1beta3/prioritylevelconfiguration.go
+++ b/vendor/k8s.io/client-go/informers/flowcontrol/v1beta3/prioritylevelconfiguration.go
@@ -61,13 +61,25 @@ func NewFilteredPriorityLevelConfigurationInformer(client kubernetes.Interface,
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta3().PriorityLevelConfigurations().List(context.TODO(), options)
+				return client.FlowcontrolV1beta3().PriorityLevelConfigurations().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.FlowcontrolV1beta3().PriorityLevelConfigurations().Watch(context.TODO(), options)
+				return client.FlowcontrolV1beta3().PriorityLevelConfigurations().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta3().PriorityLevelConfigurations().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.FlowcontrolV1beta3().PriorityLevelConfigurations().Watch(ctx, options)
 			},
 		},
 		&apiflowcontrolv1beta3.PriorityLevelConfiguration{},
diff --git a/vendor/k8s.io/client-go/informers/generic.go b/vendor/k8s.io/client-go/informers/generic.go
index fd331686d5..9659553545 100644
--- a/vendor/k8s.io/client-go/informers/generic.go
+++ b/vendor/k8s.io/client-go/informers/generic.go
@@ -63,6 +63,7 @@ import (
 	rbacv1beta1 "k8s.io/api/rbac/v1beta1"
 	v1alpha3 "k8s.io/api/resource/v1alpha3"
 	resourcev1beta1 "k8s.io/api/resource/v1beta1"
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
 	schedulingv1 "k8s.io/api/scheduling/v1"
 	schedulingv1alpha1 "k8s.io/api/scheduling/v1alpha1"
 	schedulingv1beta1 "k8s.io/api/scheduling/v1beta1"
@@ -199,6 +200,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
 		// Group=certificates.k8s.io, Version=v1beta1
 	case certificatesv1beta1.SchemeGroupVersion.WithResource("certificatesigningrequests"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Certificates().V1beta1().CertificateSigningRequests().Informer()}, nil
+	case certificatesv1beta1.SchemeGroupVersion.WithResource("clustertrustbundles"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Certificates().V1beta1().ClusterTrustBundles().Informer()}, nil
 
 		// Group=coordination.k8s.io, Version=v1
 	case coordinationv1.SchemeGroupVersion.WithResource("leases"):
@@ -211,6 +214,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
 		// Group=coordination.k8s.io, Version=v1beta1
 	case coordinationv1beta1.SchemeGroupVersion.WithResource("leases"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Coordination().V1beta1().Leases().Informer()}, nil
+	case coordinationv1beta1.SchemeGroupVersion.WithResource("leasecandidates"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Coordination().V1beta1().LeaseCandidates().Informer()}, nil
 
 		// Group=core, Version=v1
 	case corev1.SchemeGroupVersion.WithResource("componentstatuses"):
@@ -303,12 +308,16 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Internal().V1alpha1().StorageVersions().Informer()}, nil
 
 		// Group=networking.k8s.io, Version=v1
+	case networkingv1.SchemeGroupVersion.WithResource("ipaddresses"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1().IPAddresses().Informer()}, nil
 	case networkingv1.SchemeGroupVersion.WithResource("ingresses"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1().Ingresses().Informer()}, nil
 	case networkingv1.SchemeGroupVersion.WithResource("ingressclasses"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1().IngressClasses().Informer()}, nil
 	case networkingv1.SchemeGroupVersion.WithResource("networkpolicies"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1().NetworkPolicies().Informer()}, nil
+	case networkingv1.SchemeGroupVersion.WithResource("servicecidrs"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1().ServiceCIDRs().Informer()}, nil
 
 		// Group=networking.k8s.io, Version=v1alpha1
 	case networkingv1alpha1.SchemeGroupVersion.WithResource("ipaddresses"):
@@ -379,6 +388,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
 		// Group=resource.k8s.io, Version=v1alpha3
 	case v1alpha3.SchemeGroupVersion.WithResource("deviceclasses"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Resource().V1alpha3().DeviceClasses().Informer()}, nil
+	case v1alpha3.SchemeGroupVersion.WithResource("devicetaintrules"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Resource().V1alpha3().DeviceTaintRules().Informer()}, nil
 	case v1alpha3.SchemeGroupVersion.WithResource("resourceclaims"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Resource().V1alpha3().ResourceClaims().Informer()}, nil
 	case v1alpha3.SchemeGroupVersion.WithResource("resourceclaimtemplates"):
@@ -396,6 +407,16 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
 	case resourcev1beta1.SchemeGroupVersion.WithResource("resourceslices"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Resource().V1beta1().ResourceSlices().Informer()}, nil
 
+		// Group=resource.k8s.io, Version=v1beta2
+	case resourcev1beta2.SchemeGroupVersion.WithResource("deviceclasses"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Resource().V1beta2().DeviceClasses().Informer()}, nil
+	case resourcev1beta2.SchemeGroupVersion.WithResource("resourceclaims"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Resource().V1beta2().ResourceClaims().Informer()}, nil
+	case resourcev1beta2.SchemeGroupVersion.WithResource("resourceclaimtemplates"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Resource().V1beta2().ResourceClaimTemplates().Informer()}, nil
+	case resourcev1beta2.SchemeGroupVersion.WithResource("resourceslices"):
+		return &genericInformer{resource: resource.GroupResource(), informer: f.Resource().V1beta2().ResourceSlices().Informer()}, nil
+
 		// Group=scheduling.k8s.io, Version=v1
 	case schedulingv1.SchemeGroupVersion.WithResource("priorityclasses"):
 		return &genericInformer{resource: resource.GroupResource(), informer: f.Scheduling().V1().PriorityClasses().Informer()}, nil
diff --git a/vendor/k8s.io/client-go/informers/networking/v1/ingress.go b/vendor/k8s.io/client-go/informers/networking/v1/ingress.go
index a0deccf16e..6f1b0b7816 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1/ingress.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1/ingress.go
@@ -62,13 +62,25 @@ func NewFilteredIngressInformer(client kubernetes.Interface, namespace string, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1().Ingresses(namespace).List(context.TODO(), options)
+				return client.NetworkingV1().Ingresses(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1().Ingresses(namespace).Watch(context.TODO(), options)
+				return client.NetworkingV1().Ingresses(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().Ingresses(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().Ingresses(namespace).Watch(ctx, options)
 			},
 		},
 		&apinetworkingv1.Ingress{},
diff --git a/vendor/k8s.io/client-go/informers/networking/v1/ingressclass.go b/vendor/k8s.io/client-go/informers/networking/v1/ingressclass.go
index 7eb1745169..b0d4803d89 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1/ingressclass.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1/ingressclass.go
@@ -61,13 +61,25 @@ func NewFilteredIngressClassInformer(client kubernetes.Interface, resyncPeriod t
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1().IngressClasses().List(context.TODO(), options)
+				return client.NetworkingV1().IngressClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1().IngressClasses().Watch(context.TODO(), options)
+				return client.NetworkingV1().IngressClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().IngressClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().IngressClasses().Watch(ctx, options)
 			},
 		},
 		&apinetworkingv1.IngressClass{},
diff --git a/vendor/k8s.io/client-go/informers/networking/v1/interface.go b/vendor/k8s.io/client-go/informers/networking/v1/interface.go
index a48d92c4ef..09634929b3 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1/interface.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1/interface.go
@@ -24,12 +24,16 @@ import (
 
 // Interface provides access to all the informers in this group version.
 type Interface interface {
+	// IPAddresses returns a IPAddressInformer.
+	IPAddresses() IPAddressInformer
 	// Ingresses returns a IngressInformer.
 	Ingresses() IngressInformer
 	// IngressClasses returns a IngressClassInformer.
 	IngressClasses() IngressClassInformer
 	// NetworkPolicies returns a NetworkPolicyInformer.
 	NetworkPolicies() NetworkPolicyInformer
+	// ServiceCIDRs returns a ServiceCIDRInformer.
+	ServiceCIDRs() ServiceCIDRInformer
 }
 
 type version struct {
@@ -43,6 +47,11 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
 	return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
 }
 
+// IPAddresses returns a IPAddressInformer.
+func (v *version) IPAddresses() IPAddressInformer {
+	return &iPAddressInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+}
+
 // Ingresses returns a IngressInformer.
 func (v *version) Ingresses() IngressInformer {
 	return &ingressInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
@@ -57,3 +66,8 @@ func (v *version) IngressClasses() IngressClassInformer {
 func (v *version) NetworkPolicies() NetworkPolicyInformer {
 	return &networkPolicyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
 }
+
+// ServiceCIDRs returns a ServiceCIDRInformer.
+func (v *version) ServiceCIDRs() ServiceCIDRInformer {
+	return &serviceCIDRInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+}
diff --git a/vendor/k8s.io/client-go/informers/networking/v1/ipaddress.go b/vendor/k8s.io/client-go/informers/networking/v1/ipaddress.go
new file mode 100644
index 0000000000..e3459e72ba
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/networking/v1/ipaddress.go
@@ -0,0 +1,101 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	context "context"
+	time "time"
+
+	apinetworkingv1 "k8s.io/api/networking/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	networkingv1 "k8s.io/client-go/listers/networking/v1"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// IPAddressInformer provides access to a shared informer and lister for
+// IPAddresses.
+type IPAddressInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() networkingv1.IPAddressLister
+}
+
+type iPAddressInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+}
+
+// NewIPAddressInformer constructs a new informer for IPAddress type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewIPAddressInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredIPAddressInformer(client, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredIPAddressInformer constructs a new informer for IPAddress type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredIPAddressInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().IPAddresses().List(context.Background(), options)
+			},
+			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().IPAddresses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().IPAddresses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().IPAddresses().Watch(ctx, options)
+			},
+		},
+		&apinetworkingv1.IPAddress{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *iPAddressInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredIPAddressInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *iPAddressInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&apinetworkingv1.IPAddress{}, f.defaultInformer)
+}
+
+func (f *iPAddressInformer) Lister() networkingv1.IPAddressLister {
+	return networkingv1.NewIPAddressLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/informers/networking/v1/networkpolicy.go b/vendor/k8s.io/client-go/informers/networking/v1/networkpolicy.go
index d4bac29112..0dba59c5ef 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1/networkpolicy.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1/networkpolicy.go
@@ -62,13 +62,25 @@ func NewFilteredNetworkPolicyInformer(client kubernetes.Interface, namespace str
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1().NetworkPolicies(namespace).List(context.TODO(), options)
+				return client.NetworkingV1().NetworkPolicies(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1().NetworkPolicies(namespace).Watch(context.TODO(), options)
+				return client.NetworkingV1().NetworkPolicies(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().NetworkPolicies(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().NetworkPolicies(namespace).Watch(ctx, options)
 			},
 		},
 		&apinetworkingv1.NetworkPolicy{},
diff --git a/vendor/k8s.io/client-go/informers/networking/v1/servicecidr.go b/vendor/k8s.io/client-go/informers/networking/v1/servicecidr.go
new file mode 100644
index 0000000000..039cdc7539
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/networking/v1/servicecidr.go
@@ -0,0 +1,101 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	context "context"
+	time "time"
+
+	apinetworkingv1 "k8s.io/api/networking/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	networkingv1 "k8s.io/client-go/listers/networking/v1"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// ServiceCIDRInformer provides access to a shared informer and lister for
+// ServiceCIDRs.
+type ServiceCIDRInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() networkingv1.ServiceCIDRLister
+}
+
+type serviceCIDRInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+}
+
+// NewServiceCIDRInformer constructs a new informer for ServiceCIDR type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewServiceCIDRInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredServiceCIDRInformer(client, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredServiceCIDRInformer constructs a new informer for ServiceCIDR type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredServiceCIDRInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().ServiceCIDRs().List(context.Background(), options)
+			},
+			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().ServiceCIDRs().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().ServiceCIDRs().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1().ServiceCIDRs().Watch(ctx, options)
+			},
+		},
+		&apinetworkingv1.ServiceCIDR{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *serviceCIDRInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredServiceCIDRInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *serviceCIDRInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&apinetworkingv1.ServiceCIDR{}, f.defaultInformer)
+}
+
+func (f *serviceCIDRInformer) Lister() networkingv1.ServiceCIDRLister {
+	return networkingv1.NewServiceCIDRLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/informers/networking/v1alpha1/ipaddress.go b/vendor/k8s.io/client-go/informers/networking/v1alpha1/ipaddress.go
index f04c14535e..f357be93b8 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1alpha1/ipaddress.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1alpha1/ipaddress.go
@@ -61,13 +61,25 @@ func NewFilteredIPAddressInformer(client kubernetes.Interface, resyncPeriod time
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1alpha1().IPAddresses().List(context.TODO(), options)
+				return client.NetworkingV1alpha1().IPAddresses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1alpha1().IPAddresses().Watch(context.TODO(), options)
+				return client.NetworkingV1alpha1().IPAddresses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1alpha1().IPAddresses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1alpha1().IPAddresses().Watch(ctx, options)
 			},
 		},
 		&apinetworkingv1alpha1.IPAddress{},
diff --git a/vendor/k8s.io/client-go/informers/networking/v1alpha1/servicecidr.go b/vendor/k8s.io/client-go/informers/networking/v1alpha1/servicecidr.go
index 86af6d226d..30cb61a653 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1alpha1/servicecidr.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1alpha1/servicecidr.go
@@ -61,13 +61,25 @@ func NewFilteredServiceCIDRInformer(client kubernetes.Interface, resyncPeriod ti
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1alpha1().ServiceCIDRs().List(context.TODO(), options)
+				return client.NetworkingV1alpha1().ServiceCIDRs().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1alpha1().ServiceCIDRs().Watch(context.TODO(), options)
+				return client.NetworkingV1alpha1().ServiceCIDRs().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1alpha1().ServiceCIDRs().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1alpha1().ServiceCIDRs().Watch(ctx, options)
 			},
 		},
 		&apinetworkingv1alpha1.ServiceCIDR{},
diff --git a/vendor/k8s.io/client-go/informers/networking/v1beta1/ingress.go b/vendor/k8s.io/client-go/informers/networking/v1beta1/ingress.go
index aa337d8e7f..6c616b902b 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1beta1/ingress.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1beta1/ingress.go
@@ -62,13 +62,25 @@ func NewFilteredIngressInformer(client kubernetes.Interface, namespace string, r
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1beta1().Ingresses(namespace).List(context.TODO(), options)
+				return client.NetworkingV1beta1().Ingresses(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1beta1().Ingresses(namespace).Watch(context.TODO(), options)
+				return client.NetworkingV1beta1().Ingresses(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1beta1().Ingresses(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1beta1().Ingresses(namespace).Watch(ctx, options)
 			},
 		},
 		&apinetworkingv1beta1.Ingress{},
diff --git a/vendor/k8s.io/client-go/informers/networking/v1beta1/ingressclass.go b/vendor/k8s.io/client-go/informers/networking/v1beta1/ingressclass.go
index 6ff9d51695..dd3a9aa7c5 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1beta1/ingressclass.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1beta1/ingressclass.go
@@ -61,13 +61,25 @@ func NewFilteredIngressClassInformer(client kubernetes.Interface, resyncPeriod t
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1beta1().IngressClasses().List(context.TODO(), options)
+				return client.NetworkingV1beta1().IngressClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1beta1().IngressClasses().Watch(context.TODO(), options)
+				return client.NetworkingV1beta1().IngressClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1beta1().IngressClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1beta1().IngressClasses().Watch(ctx, options)
 			},
 		},
 		&apinetworkingv1beta1.IngressClass{},
diff --git a/vendor/k8s.io/client-go/informers/networking/v1beta1/ipaddress.go b/vendor/k8s.io/client-go/informers/networking/v1beta1/ipaddress.go
index 401ecd7cba..32ce3c4a8a 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1beta1/ipaddress.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1beta1/ipaddress.go
@@ -61,13 +61,25 @@ func NewFilteredIPAddressInformer(client kubernetes.Interface, resyncPeriod time
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1beta1().IPAddresses().List(context.TODO(), options)
+				return client.NetworkingV1beta1().IPAddresses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1beta1().IPAddresses().Watch(context.TODO(), options)
+				return client.NetworkingV1beta1().IPAddresses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1beta1().IPAddresses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1beta1().IPAddresses().Watch(ctx, options)
 			},
 		},
 		&apinetworkingv1beta1.IPAddress{},
diff --git a/vendor/k8s.io/client-go/informers/networking/v1beta1/servicecidr.go b/vendor/k8s.io/client-go/informers/networking/v1beta1/servicecidr.go
index ff40692f29..25843d2fef 100644
--- a/vendor/k8s.io/client-go/informers/networking/v1beta1/servicecidr.go
+++ b/vendor/k8s.io/client-go/informers/networking/v1beta1/servicecidr.go
@@ -61,13 +61,25 @@ func NewFilteredServiceCIDRInformer(client kubernetes.Interface, resyncPeriod ti
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1beta1().ServiceCIDRs().List(context.TODO(), options)
+				return client.NetworkingV1beta1().ServiceCIDRs().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NetworkingV1beta1().ServiceCIDRs().Watch(context.TODO(), options)
+				return client.NetworkingV1beta1().ServiceCIDRs().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1beta1().ServiceCIDRs().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NetworkingV1beta1().ServiceCIDRs().Watch(ctx, options)
 			},
 		},
 		&apinetworkingv1beta1.ServiceCIDR{},
diff --git a/vendor/k8s.io/client-go/informers/node/v1/runtimeclass.go b/vendor/k8s.io/client-go/informers/node/v1/runtimeclass.go
index 7fef7e3328..85625e3e01 100644
--- a/vendor/k8s.io/client-go/informers/node/v1/runtimeclass.go
+++ b/vendor/k8s.io/client-go/informers/node/v1/runtimeclass.go
@@ -61,13 +61,25 @@ func NewFilteredRuntimeClassInformer(client kubernetes.Interface, resyncPeriod t
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NodeV1().RuntimeClasses().List(context.TODO(), options)
+				return client.NodeV1().RuntimeClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NodeV1().RuntimeClasses().Watch(context.TODO(), options)
+				return client.NodeV1().RuntimeClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NodeV1().RuntimeClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NodeV1().RuntimeClasses().Watch(ctx, options)
 			},
 		},
 		&apinodev1.RuntimeClass{},
diff --git a/vendor/k8s.io/client-go/informers/node/v1alpha1/runtimeclass.go b/vendor/k8s.io/client-go/informers/node/v1alpha1/runtimeclass.go
index aee61406f1..b3ac2e2a22 100644
--- a/vendor/k8s.io/client-go/informers/node/v1alpha1/runtimeclass.go
+++ b/vendor/k8s.io/client-go/informers/node/v1alpha1/runtimeclass.go
@@ -61,13 +61,25 @@ func NewFilteredRuntimeClassInformer(client kubernetes.Interface, resyncPeriod t
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NodeV1alpha1().RuntimeClasses().List(context.TODO(), options)
+				return client.NodeV1alpha1().RuntimeClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NodeV1alpha1().RuntimeClasses().Watch(context.TODO(), options)
+				return client.NodeV1alpha1().RuntimeClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NodeV1alpha1().RuntimeClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NodeV1alpha1().RuntimeClasses().Watch(ctx, options)
 			},
 		},
 		&apinodev1alpha1.RuntimeClass{},
diff --git a/vendor/k8s.io/client-go/informers/node/v1beta1/runtimeclass.go b/vendor/k8s.io/client-go/informers/node/v1beta1/runtimeclass.go
index ab9b8e0eee..b562476d48 100644
--- a/vendor/k8s.io/client-go/informers/node/v1beta1/runtimeclass.go
+++ b/vendor/k8s.io/client-go/informers/node/v1beta1/runtimeclass.go
@@ -61,13 +61,25 @@ func NewFilteredRuntimeClassInformer(client kubernetes.Interface, resyncPeriod t
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NodeV1beta1().RuntimeClasses().List(context.TODO(), options)
+				return client.NodeV1beta1().RuntimeClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.NodeV1beta1().RuntimeClasses().Watch(context.TODO(), options)
+				return client.NodeV1beta1().RuntimeClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NodeV1beta1().RuntimeClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.NodeV1beta1().RuntimeClasses().Watch(ctx, options)
 			},
 		},
 		&apinodev1beta1.RuntimeClass{},
diff --git a/vendor/k8s.io/client-go/informers/policy/v1/poddisruptionbudget.go b/vendor/k8s.io/client-go/informers/policy/v1/poddisruptionbudget.go
index baacb59daa..f80d7dd914 100644
--- a/vendor/k8s.io/client-go/informers/policy/v1/poddisruptionbudget.go
+++ b/vendor/k8s.io/client-go/informers/policy/v1/poddisruptionbudget.go
@@ -62,13 +62,25 @@ func NewFilteredPodDisruptionBudgetInformer(client kubernetes.Interface, namespa
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.PolicyV1().PodDisruptionBudgets(namespace).List(context.TODO(), options)
+				return client.PolicyV1().PodDisruptionBudgets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.PolicyV1().PodDisruptionBudgets(namespace).Watch(context.TODO(), options)
+				return client.PolicyV1().PodDisruptionBudgets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.PolicyV1().PodDisruptionBudgets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.PolicyV1().PodDisruptionBudgets(namespace).Watch(ctx, options)
 			},
 		},
 		&apipolicyv1.PodDisruptionBudget{},
diff --git a/vendor/k8s.io/client-go/informers/policy/v1beta1/poddisruptionbudget.go b/vendor/k8s.io/client-go/informers/policy/v1beta1/poddisruptionbudget.go
index 081b2e08e4..92e37d0eb7 100644
--- a/vendor/k8s.io/client-go/informers/policy/v1beta1/poddisruptionbudget.go
+++ b/vendor/k8s.io/client-go/informers/policy/v1beta1/poddisruptionbudget.go
@@ -62,13 +62,25 @@ func NewFilteredPodDisruptionBudgetInformer(client kubernetes.Interface, namespa
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.PolicyV1beta1().PodDisruptionBudgets(namespace).List(context.TODO(), options)
+				return client.PolicyV1beta1().PodDisruptionBudgets(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.PolicyV1beta1().PodDisruptionBudgets(namespace).Watch(context.TODO(), options)
+				return client.PolicyV1beta1().PodDisruptionBudgets(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.PolicyV1beta1().PodDisruptionBudgets(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.PolicyV1beta1().PodDisruptionBudgets(namespace).Watch(ctx, options)
 			},
 		},
 		&apipolicyv1beta1.PodDisruptionBudget{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1/clusterrole.go b/vendor/k8s.io/client-go/informers/rbac/v1/clusterrole.go
index 0606fb4646..4118bffff6 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1/clusterrole.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1/clusterrole.go
@@ -61,13 +61,25 @@ func NewFilteredClusterRoleInformer(client kubernetes.Interface, resyncPeriod ti
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1().ClusterRoles().List(context.TODO(), options)
+				return client.RbacV1().ClusterRoles().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1().ClusterRoles().Watch(context.TODO(), options)
+				return client.RbacV1().ClusterRoles().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1().ClusterRoles().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1().ClusterRoles().Watch(ctx, options)
 			},
 		},
 		&apirbacv1.ClusterRole{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1/clusterrolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1/clusterrolebinding.go
index dca087c9d2..67c06d6012 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1/clusterrolebinding.go
@@ -61,13 +61,25 @@ func NewFilteredClusterRoleBindingInformer(client kubernetes.Interface, resyncPe
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1().ClusterRoleBindings().List(context.TODO(), options)
+				return client.RbacV1().ClusterRoleBindings().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1().ClusterRoleBindings().Watch(context.TODO(), options)
+				return client.RbacV1().ClusterRoleBindings().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1().ClusterRoleBindings().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1().ClusterRoleBindings().Watch(ctx, options)
 			},
 		},
 		&apirbacv1.ClusterRoleBinding{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1/role.go b/vendor/k8s.io/client-go/informers/rbac/v1/role.go
index 66f9c3f23c..e931d23962 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1/role.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1/role.go
@@ -62,13 +62,25 @@ func NewFilteredRoleInformer(client kubernetes.Interface, namespace string, resy
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1().Roles(namespace).List(context.TODO(), options)
+				return client.RbacV1().Roles(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1().Roles(namespace).Watch(context.TODO(), options)
+				return client.RbacV1().Roles(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1().Roles(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1().Roles(namespace).Watch(ctx, options)
 			},
 		},
 		&apirbacv1.Role{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1/rolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1/rolebinding.go
index 6d72601a48..89b11efff2 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1/rolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1/rolebinding.go
@@ -62,13 +62,25 @@ func NewFilteredRoleBindingInformer(client kubernetes.Interface, namespace strin
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1().RoleBindings(namespace).List(context.TODO(), options)
+				return client.RbacV1().RoleBindings(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1().RoleBindings(namespace).Watch(context.TODO(), options)
+				return client.RbacV1().RoleBindings(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1().RoleBindings(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1().RoleBindings(namespace).Watch(ctx, options)
 			},
 		},
 		&apirbacv1.RoleBinding{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrole.go b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrole.go
index 52249f6b4e..ff95f62ff9 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrole.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrole.go
@@ -61,13 +61,25 @@ func NewFilteredClusterRoleInformer(client kubernetes.Interface, resyncPeriod ti
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1alpha1().ClusterRoles().List(context.TODO(), options)
+				return client.RbacV1alpha1().ClusterRoles().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1alpha1().ClusterRoles().Watch(context.TODO(), options)
+				return client.RbacV1alpha1().ClusterRoles().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1alpha1().ClusterRoles().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1alpha1().ClusterRoles().Watch(ctx, options)
 			},
 		},
 		&apirbacv1alpha1.ClusterRole{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrolebinding.go
index c8f7c4c10e..1002f16300 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/clusterrolebinding.go
@@ -61,13 +61,25 @@ func NewFilteredClusterRoleBindingInformer(client kubernetes.Interface, resyncPe
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1alpha1().ClusterRoleBindings().List(context.TODO(), options)
+				return client.RbacV1alpha1().ClusterRoleBindings().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1alpha1().ClusterRoleBindings().Watch(context.TODO(), options)
+				return client.RbacV1alpha1().ClusterRoleBindings().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1alpha1().ClusterRoleBindings().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1alpha1().ClusterRoleBindings().Watch(ctx, options)
 			},
 		},
 		&apirbacv1alpha1.ClusterRoleBinding{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/role.go b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/role.go
index dcdddc0576..ad7b1c0b8b 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/role.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/role.go
@@ -62,13 +62,25 @@ func NewFilteredRoleInformer(client kubernetes.Interface, namespace string, resy
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1alpha1().Roles(namespace).List(context.TODO(), options)
+				return client.RbacV1alpha1().Roles(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1alpha1().Roles(namespace).Watch(context.TODO(), options)
+				return client.RbacV1alpha1().Roles(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1alpha1().Roles(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1alpha1().Roles(namespace).Watch(ctx, options)
 			},
 		},
 		&apirbacv1alpha1.Role{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/rolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/rolebinding.go
index 9184a5baf4..c5d915d23a 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1alpha1/rolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1alpha1/rolebinding.go
@@ -62,13 +62,25 @@ func NewFilteredRoleBindingInformer(client kubernetes.Interface, namespace strin
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1alpha1().RoleBindings(namespace).List(context.TODO(), options)
+				return client.RbacV1alpha1().RoleBindings(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1alpha1().RoleBindings(namespace).Watch(context.TODO(), options)
+				return client.RbacV1alpha1().RoleBindings(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1alpha1().RoleBindings(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1alpha1().RoleBindings(namespace).Watch(ctx, options)
 			},
 		},
 		&apirbacv1alpha1.RoleBinding{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrole.go b/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrole.go
index d86dd771ab..24aad0b826 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrole.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrole.go
@@ -61,13 +61,25 @@ func NewFilteredClusterRoleInformer(client kubernetes.Interface, resyncPeriod ti
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1beta1().ClusterRoles().List(context.TODO(), options)
+				return client.RbacV1beta1().ClusterRoles().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1beta1().ClusterRoles().Watch(context.TODO(), options)
+				return client.RbacV1beta1().ClusterRoles().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1beta1().ClusterRoles().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1beta1().ClusterRoles().Watch(ctx, options)
 			},
 		},
 		&apirbacv1beta1.ClusterRole{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrolebinding.go
index 70c1cd9842..3506b79722 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1beta1/clusterrolebinding.go
@@ -61,13 +61,25 @@ func NewFilteredClusterRoleBindingInformer(client kubernetes.Interface, resyncPe
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1beta1().ClusterRoleBindings().List(context.TODO(), options)
+				return client.RbacV1beta1().ClusterRoleBindings().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1beta1().ClusterRoleBindings().Watch(context.TODO(), options)
+				return client.RbacV1beta1().ClusterRoleBindings().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1beta1().ClusterRoleBindings().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1beta1().ClusterRoleBindings().Watch(ctx, options)
 			},
 		},
 		&apirbacv1beta1.ClusterRoleBinding{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1beta1/role.go b/vendor/k8s.io/client-go/informers/rbac/v1beta1/role.go
index 2995e1e63e..119a601f09 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1beta1/role.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1beta1/role.go
@@ -62,13 +62,25 @@ func NewFilteredRoleInformer(client kubernetes.Interface, namespace string, resy
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1beta1().Roles(namespace).List(context.TODO(), options)
+				return client.RbacV1beta1().Roles(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1beta1().Roles(namespace).Watch(context.TODO(), options)
+				return client.RbacV1beta1().Roles(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1beta1().Roles(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1beta1().Roles(namespace).Watch(ctx, options)
 			},
 		},
 		&apirbacv1beta1.Role{},
diff --git a/vendor/k8s.io/client-go/informers/rbac/v1beta1/rolebinding.go b/vendor/k8s.io/client-go/informers/rbac/v1beta1/rolebinding.go
index 11854f38de..c36c295c0c 100644
--- a/vendor/k8s.io/client-go/informers/rbac/v1beta1/rolebinding.go
+++ b/vendor/k8s.io/client-go/informers/rbac/v1beta1/rolebinding.go
@@ -62,13 +62,25 @@ func NewFilteredRoleBindingInformer(client kubernetes.Interface, namespace strin
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1beta1().RoleBindings(namespace).List(context.TODO(), options)
+				return client.RbacV1beta1().RoleBindings(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.RbacV1beta1().RoleBindings(namespace).Watch(context.TODO(), options)
+				return client.RbacV1beta1().RoleBindings(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1beta1().RoleBindings(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.RbacV1beta1().RoleBindings(namespace).Watch(ctx, options)
 			},
 		},
 		&apirbacv1beta1.RoleBinding{},
diff --git a/vendor/k8s.io/client-go/informers/resource/interface.go b/vendor/k8s.io/client-go/informers/resource/interface.go
index 0d75732af6..f4bcd92706 100644
--- a/vendor/k8s.io/client-go/informers/resource/interface.go
+++ b/vendor/k8s.io/client-go/informers/resource/interface.go
@@ -22,6 +22,7 @@ import (
 	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
 	v1alpha3 "k8s.io/client-go/informers/resource/v1alpha3"
 	v1beta1 "k8s.io/client-go/informers/resource/v1beta1"
+	v1beta2 "k8s.io/client-go/informers/resource/v1beta2"
 )
 
 // Interface provides access to each of this group's versions.
@@ -30,6 +31,8 @@ type Interface interface {
 	V1alpha3() v1alpha3.Interface
 	// V1beta1 provides access to shared informers for resources in V1beta1.
 	V1beta1() v1beta1.Interface
+	// V1beta2 provides access to shared informers for resources in V1beta2.
+	V1beta2() v1beta2.Interface
 }
 
 type group struct {
@@ -52,3 +55,8 @@ func (g *group) V1alpha3() v1alpha3.Interface {
 func (g *group) V1beta1() v1beta1.Interface {
 	return v1beta1.New(g.factory, g.namespace, g.tweakListOptions)
 }
+
+// V1beta2 returns a new v1beta2.Interface.
+func (g *group) V1beta2() v1beta2.Interface {
+	return v1beta2.New(g.factory, g.namespace, g.tweakListOptions)
+}
diff --git a/vendor/k8s.io/client-go/informers/resource/v1alpha3/deviceclass.go b/vendor/k8s.io/client-go/informers/resource/v1alpha3/deviceclass.go
index da322c8d04..cff6279196 100644
--- a/vendor/k8s.io/client-go/informers/resource/v1alpha3/deviceclass.go
+++ b/vendor/k8s.io/client-go/informers/resource/v1alpha3/deviceclass.go
@@ -61,13 +61,25 @@ func NewFilteredDeviceClassInformer(client kubernetes.Interface, resyncPeriod ti
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1alpha3().DeviceClasses().List(context.TODO(), options)
+				return client.ResourceV1alpha3().DeviceClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1alpha3().DeviceClasses().Watch(context.TODO(), options)
+				return client.ResourceV1alpha3().DeviceClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().DeviceClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().DeviceClasses().Watch(ctx, options)
 			},
 		},
 		&apiresourcev1alpha3.DeviceClass{},
diff --git a/vendor/k8s.io/client-go/informers/resource/v1alpha3/devicetaintrule.go b/vendor/k8s.io/client-go/informers/resource/v1alpha3/devicetaintrule.go
new file mode 100644
index 0000000000..9a07c8f4e5
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/resource/v1alpha3/devicetaintrule.go
@@ -0,0 +1,101 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1alpha3
+
+import (
+	context "context"
+	time "time"
+
+	apiresourcev1alpha3 "k8s.io/api/resource/v1alpha3"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	resourcev1alpha3 "k8s.io/client-go/listers/resource/v1alpha3"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// DeviceTaintRuleInformer provides access to a shared informer and lister for
+// DeviceTaintRules.
+type DeviceTaintRuleInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() resourcev1alpha3.DeviceTaintRuleLister
+}
+
+type deviceTaintRuleInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+}
+
+// NewDeviceTaintRuleInformer constructs a new informer for DeviceTaintRule type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewDeviceTaintRuleInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredDeviceTaintRuleInformer(client, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredDeviceTaintRuleInformer constructs a new informer for DeviceTaintRule type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredDeviceTaintRuleInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().DeviceTaintRules().List(context.Background(), options)
+			},
+			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().DeviceTaintRules().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().DeviceTaintRules().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().DeviceTaintRules().Watch(ctx, options)
+			},
+		},
+		&apiresourcev1alpha3.DeviceTaintRule{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *deviceTaintRuleInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredDeviceTaintRuleInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *deviceTaintRuleInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&apiresourcev1alpha3.DeviceTaintRule{}, f.defaultInformer)
+}
+
+func (f *deviceTaintRuleInformer) Lister() resourcev1alpha3.DeviceTaintRuleLister {
+	return resourcev1alpha3.NewDeviceTaintRuleLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/informers/resource/v1alpha3/interface.go b/vendor/k8s.io/client-go/informers/resource/v1alpha3/interface.go
index 356c46179d..11c7f849af 100644
--- a/vendor/k8s.io/client-go/informers/resource/v1alpha3/interface.go
+++ b/vendor/k8s.io/client-go/informers/resource/v1alpha3/interface.go
@@ -26,6 +26,8 @@ import (
 type Interface interface {
 	// DeviceClasses returns a DeviceClassInformer.
 	DeviceClasses() DeviceClassInformer
+	// DeviceTaintRules returns a DeviceTaintRuleInformer.
+	DeviceTaintRules() DeviceTaintRuleInformer
 	// ResourceClaims returns a ResourceClaimInformer.
 	ResourceClaims() ResourceClaimInformer
 	// ResourceClaimTemplates returns a ResourceClaimTemplateInformer.
@@ -50,6 +52,11 @@ func (v *version) DeviceClasses() DeviceClassInformer {
 	return &deviceClassInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
 }
 
+// DeviceTaintRules returns a DeviceTaintRuleInformer.
+func (v *version) DeviceTaintRules() DeviceTaintRuleInformer {
+	return &deviceTaintRuleInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+}
+
 // ResourceClaims returns a ResourceClaimInformer.
 func (v *version) ResourceClaims() ResourceClaimInformer {
 	return &resourceClaimInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
diff --git a/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceclaim.go b/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceclaim.go
index 822d145bcb..2ee78d35d6 100644
--- a/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceclaim.go
+++ b/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceclaim.go
@@ -62,13 +62,25 @@ func NewFilteredResourceClaimInformer(client kubernetes.Interface, namespace str
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1alpha3().ResourceClaims(namespace).List(context.TODO(), options)
+				return client.ResourceV1alpha3().ResourceClaims(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1alpha3().ResourceClaims(namespace).Watch(context.TODO(), options)
+				return client.ResourceV1alpha3().ResourceClaims(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().ResourceClaims(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().ResourceClaims(namespace).Watch(ctx, options)
 			},
 		},
 		&apiresourcev1alpha3.ResourceClaim{},
diff --git a/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceclaimtemplate.go b/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceclaimtemplate.go
index 94680730af..bd1e7abefc 100644
--- a/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceclaimtemplate.go
+++ b/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceclaimtemplate.go
@@ -62,13 +62,25 @@ func NewFilteredResourceClaimTemplateInformer(client kubernetes.Interface, names
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1alpha3().ResourceClaimTemplates(namespace).List(context.TODO(), options)
+				return client.ResourceV1alpha3().ResourceClaimTemplates(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1alpha3().ResourceClaimTemplates(namespace).Watch(context.TODO(), options)
+				return client.ResourceV1alpha3().ResourceClaimTemplates(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().ResourceClaimTemplates(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().ResourceClaimTemplates(namespace).Watch(ctx, options)
 			},
 		},
 		&apiresourcev1alpha3.ResourceClaimTemplate{},
diff --git a/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceslice.go b/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceslice.go
index 15394575f5..9b6422e96e 100644
--- a/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceslice.go
+++ b/vendor/k8s.io/client-go/informers/resource/v1alpha3/resourceslice.go
@@ -61,13 +61,25 @@ func NewFilteredResourceSliceInformer(client kubernetes.Interface, resyncPeriod
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1alpha3().ResourceSlices().List(context.TODO(), options)
+				return client.ResourceV1alpha3().ResourceSlices().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1alpha3().ResourceSlices().Watch(context.TODO(), options)
+				return client.ResourceV1alpha3().ResourceSlices().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().ResourceSlices().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1alpha3().ResourceSlices().Watch(ctx, options)
 			},
 		},
 		&apiresourcev1alpha3.ResourceSlice{},
diff --git a/vendor/k8s.io/client-go/informers/resource/v1beta1/deviceclass.go b/vendor/k8s.io/client-go/informers/resource/v1beta1/deviceclass.go
index 9623788c48..bb0b28245b 100644
--- a/vendor/k8s.io/client-go/informers/resource/v1beta1/deviceclass.go
+++ b/vendor/k8s.io/client-go/informers/resource/v1beta1/deviceclass.go
@@ -61,13 +61,25 @@ func NewFilteredDeviceClassInformer(client kubernetes.Interface, resyncPeriod ti
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1beta1().DeviceClasses().List(context.TODO(), options)
+				return client.ResourceV1beta1().DeviceClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1beta1().DeviceClasses().Watch(context.TODO(), options)
+				return client.ResourceV1beta1().DeviceClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta1().DeviceClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta1().DeviceClasses().Watch(ctx, options)
 			},
 		},
 		&apiresourcev1beta1.DeviceClass{},
diff --git a/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceclaim.go b/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceclaim.go
index 107b7fda7d..5e13b79732 100644
--- a/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceclaim.go
+++ b/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceclaim.go
@@ -62,13 +62,25 @@ func NewFilteredResourceClaimInformer(client kubernetes.Interface, namespace str
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1beta1().ResourceClaims(namespace).List(context.TODO(), options)
+				return client.ResourceV1beta1().ResourceClaims(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1beta1().ResourceClaims(namespace).Watch(context.TODO(), options)
+				return client.ResourceV1beta1().ResourceClaims(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta1().ResourceClaims(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta1().ResourceClaims(namespace).Watch(ctx, options)
 			},
 		},
 		&apiresourcev1beta1.ResourceClaim{},
diff --git a/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceclaimtemplate.go b/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceclaimtemplate.go
index 9ae634ad0b..86c13a8f21 100644
--- a/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceclaimtemplate.go
+++ b/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceclaimtemplate.go
@@ -62,13 +62,25 @@ func NewFilteredResourceClaimTemplateInformer(client kubernetes.Interface, names
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1beta1().ResourceClaimTemplates(namespace).List(context.TODO(), options)
+				return client.ResourceV1beta1().ResourceClaimTemplates(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1beta1().ResourceClaimTemplates(namespace).Watch(context.TODO(), options)
+				return client.ResourceV1beta1().ResourceClaimTemplates(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta1().ResourceClaimTemplates(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta1().ResourceClaimTemplates(namespace).Watch(ctx, options)
 			},
 		},
 		&apiresourcev1beta1.ResourceClaimTemplate{},
diff --git a/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceslice.go b/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceslice.go
index 8ab6cb4fcb..6cc3c65fdf 100644
--- a/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceslice.go
+++ b/vendor/k8s.io/client-go/informers/resource/v1beta1/resourceslice.go
@@ -61,13 +61,25 @@ func NewFilteredResourceSliceInformer(client kubernetes.Interface, resyncPeriod
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1beta1().ResourceSlices().List(context.TODO(), options)
+				return client.ResourceV1beta1().ResourceSlices().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.ResourceV1beta1().ResourceSlices().Watch(context.TODO(), options)
+				return client.ResourceV1beta1().ResourceSlices().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta1().ResourceSlices().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta1().ResourceSlices().Watch(ctx, options)
 			},
 		},
 		&apiresourcev1beta1.ResourceSlice{},
diff --git a/vendor/k8s.io/client-go/informers/resource/v1beta2/deviceclass.go b/vendor/k8s.io/client-go/informers/resource/v1beta2/deviceclass.go
new file mode 100644
index 0000000000..372d35d8aa
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/resource/v1beta2/deviceclass.go
@@ -0,0 +1,101 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	context "context"
+	time "time"
+
+	apiresourcev1beta2 "k8s.io/api/resource/v1beta2"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	resourcev1beta2 "k8s.io/client-go/listers/resource/v1beta2"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// DeviceClassInformer provides access to a shared informer and lister for
+// DeviceClasses.
+type DeviceClassInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() resourcev1beta2.DeviceClassLister
+}
+
+type deviceClassInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+}
+
+// NewDeviceClassInformer constructs a new informer for DeviceClass type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewDeviceClassInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredDeviceClassInformer(client, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredDeviceClassInformer constructs a new informer for DeviceClass type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredDeviceClassInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().DeviceClasses().List(context.Background(), options)
+			},
+			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().DeviceClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().DeviceClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().DeviceClasses().Watch(ctx, options)
+			},
+		},
+		&apiresourcev1beta2.DeviceClass{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *deviceClassInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredDeviceClassInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *deviceClassInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&apiresourcev1beta2.DeviceClass{}, f.defaultInformer)
+}
+
+func (f *deviceClassInformer) Lister() resourcev1beta2.DeviceClassLister {
+	return resourcev1beta2.NewDeviceClassLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/informers/resource/v1beta2/interface.go b/vendor/k8s.io/client-go/informers/resource/v1beta2/interface.go
new file mode 100644
index 0000000000..4627d6f3e2
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/resource/v1beta2/interface.go
@@ -0,0 +1,66 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+)
+
+// Interface provides access to all the informers in this group version.
+type Interface interface {
+	// DeviceClasses returns a DeviceClassInformer.
+	DeviceClasses() DeviceClassInformer
+	// ResourceClaims returns a ResourceClaimInformer.
+	ResourceClaims() ResourceClaimInformer
+	// ResourceClaimTemplates returns a ResourceClaimTemplateInformer.
+	ResourceClaimTemplates() ResourceClaimTemplateInformer
+	// ResourceSlices returns a ResourceSliceInformer.
+	ResourceSlices() ResourceSliceInformer
+}
+
+type version struct {
+	factory          internalinterfaces.SharedInformerFactory
+	namespace        string
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+}
+
+// New returns a new Interface.
+func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface {
+	return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
+}
+
+// DeviceClasses returns a DeviceClassInformer.
+func (v *version) DeviceClasses() DeviceClassInformer {
+	return &deviceClassInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+}
+
+// ResourceClaims returns a ResourceClaimInformer.
+func (v *version) ResourceClaims() ResourceClaimInformer {
+	return &resourceClaimInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
+}
+
+// ResourceClaimTemplates returns a ResourceClaimTemplateInformer.
+func (v *version) ResourceClaimTemplates() ResourceClaimTemplateInformer {
+	return &resourceClaimTemplateInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
+}
+
+// ResourceSlices returns a ResourceSliceInformer.
+func (v *version) ResourceSlices() ResourceSliceInformer {
+	return &resourceSliceInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
+}
diff --git a/vendor/k8s.io/client-go/informers/resource/v1beta2/resourceclaim.go b/vendor/k8s.io/client-go/informers/resource/v1beta2/resourceclaim.go
new file mode 100644
index 0000000000..e245d998c1
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/resource/v1beta2/resourceclaim.go
@@ -0,0 +1,102 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	context "context"
+	time "time"
+
+	apiresourcev1beta2 "k8s.io/api/resource/v1beta2"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	resourcev1beta2 "k8s.io/client-go/listers/resource/v1beta2"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// ResourceClaimInformer provides access to a shared informer and lister for
+// ResourceClaims.
+type ResourceClaimInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() resourcev1beta2.ResourceClaimLister
+}
+
+type resourceClaimInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+	namespace        string
+}
+
+// NewResourceClaimInformer constructs a new informer for ResourceClaim type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewResourceClaimInformer(client kubernetes.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredResourceClaimInformer(client, namespace, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredResourceClaimInformer constructs a new informer for ResourceClaim type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredResourceClaimInformer(client kubernetes.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceClaims(namespace).List(context.Background(), options)
+			},
+			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceClaims(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceClaims(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceClaims(namespace).Watch(ctx, options)
+			},
+		},
+		&apiresourcev1beta2.ResourceClaim{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *resourceClaimInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredResourceClaimInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *resourceClaimInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&apiresourcev1beta2.ResourceClaim{}, f.defaultInformer)
+}
+
+func (f *resourceClaimInformer) Lister() resourcev1beta2.ResourceClaimLister {
+	return resourcev1beta2.NewResourceClaimLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/informers/resource/v1beta2/resourceclaimtemplate.go b/vendor/k8s.io/client-go/informers/resource/v1beta2/resourceclaimtemplate.go
new file mode 100644
index 0000000000..4b973bd969
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/resource/v1beta2/resourceclaimtemplate.go
@@ -0,0 +1,102 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	context "context"
+	time "time"
+
+	apiresourcev1beta2 "k8s.io/api/resource/v1beta2"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	resourcev1beta2 "k8s.io/client-go/listers/resource/v1beta2"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// ResourceClaimTemplateInformer provides access to a shared informer and lister for
+// ResourceClaimTemplates.
+type ResourceClaimTemplateInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() resourcev1beta2.ResourceClaimTemplateLister
+}
+
+type resourceClaimTemplateInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+	namespace        string
+}
+
+// NewResourceClaimTemplateInformer constructs a new informer for ResourceClaimTemplate type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewResourceClaimTemplateInformer(client kubernetes.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredResourceClaimTemplateInformer(client, namespace, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredResourceClaimTemplateInformer constructs a new informer for ResourceClaimTemplate type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredResourceClaimTemplateInformer(client kubernetes.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceClaimTemplates(namespace).List(context.Background(), options)
+			},
+			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceClaimTemplates(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceClaimTemplates(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceClaimTemplates(namespace).Watch(ctx, options)
+			},
+		},
+		&apiresourcev1beta2.ResourceClaimTemplate{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *resourceClaimTemplateInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredResourceClaimTemplateInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *resourceClaimTemplateInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&apiresourcev1beta2.ResourceClaimTemplate{}, f.defaultInformer)
+}
+
+func (f *resourceClaimTemplateInformer) Lister() resourcev1beta2.ResourceClaimTemplateLister {
+	return resourcev1beta2.NewResourceClaimTemplateLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/informers/resource/v1beta2/resourceslice.go b/vendor/k8s.io/client-go/informers/resource/v1beta2/resourceslice.go
new file mode 100644
index 0000000000..c0cdc67a83
--- /dev/null
+++ b/vendor/k8s.io/client-go/informers/resource/v1beta2/resourceslice.go
@@ -0,0 +1,101 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by informer-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	context "context"
+	time "time"
+
+	apiresourcev1beta2 "k8s.io/api/resource/v1beta2"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	watch "k8s.io/apimachinery/pkg/watch"
+	internalinterfaces "k8s.io/client-go/informers/internalinterfaces"
+	kubernetes "k8s.io/client-go/kubernetes"
+	resourcev1beta2 "k8s.io/client-go/listers/resource/v1beta2"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// ResourceSliceInformer provides access to a shared informer and lister for
+// ResourceSlices.
+type ResourceSliceInformer interface {
+	Informer() cache.SharedIndexInformer
+	Lister() resourcev1beta2.ResourceSliceLister
+}
+
+type resourceSliceInformer struct {
+	factory          internalinterfaces.SharedInformerFactory
+	tweakListOptions internalinterfaces.TweakListOptionsFunc
+}
+
+// NewResourceSliceInformer constructs a new informer for ResourceSlice type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewResourceSliceInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
+	return NewFilteredResourceSliceInformer(client, resyncPeriod, indexers, nil)
+}
+
+// NewFilteredResourceSliceInformer constructs a new informer for ResourceSlice type.
+// Always prefer using an informer factory to get a shared informer instead of getting an independent
+// one. This reduces memory footprint and number of connections to the server.
+func NewFilteredResourceSliceInformer(client kubernetes.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
+	return cache.NewSharedIndexInformer(
+		&cache.ListWatch{
+			ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceSlices().List(context.Background(), options)
+			},
+			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceSlices().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceSlices().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.ResourceV1beta2().ResourceSlices().Watch(ctx, options)
+			},
+		},
+		&apiresourcev1beta2.ResourceSlice{},
+		resyncPeriod,
+		indexers,
+	)
+}
+
+func (f *resourceSliceInformer) defaultInformer(client kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
+	return NewFilteredResourceSliceInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
+}
+
+func (f *resourceSliceInformer) Informer() cache.SharedIndexInformer {
+	return f.factory.InformerFor(&apiresourcev1beta2.ResourceSlice{}, f.defaultInformer)
+}
+
+func (f *resourceSliceInformer) Lister() resourcev1beta2.ResourceSliceLister {
+	return resourcev1beta2.NewResourceSliceLister(f.Informer().GetIndexer())
+}
diff --git a/vendor/k8s.io/client-go/informers/scheduling/v1/priorityclass.go b/vendor/k8s.io/client-go/informers/scheduling/v1/priorityclass.go
index 20b9fc0dc4..df42636632 100644
--- a/vendor/k8s.io/client-go/informers/scheduling/v1/priorityclass.go
+++ b/vendor/k8s.io/client-go/informers/scheduling/v1/priorityclass.go
@@ -61,13 +61,25 @@ func NewFilteredPriorityClassInformer(client kubernetes.Interface, resyncPeriod
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.SchedulingV1().PriorityClasses().List(context.TODO(), options)
+				return client.SchedulingV1().PriorityClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.SchedulingV1().PriorityClasses().Watch(context.TODO(), options)
+				return client.SchedulingV1().PriorityClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.SchedulingV1().PriorityClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.SchedulingV1().PriorityClasses().Watch(ctx, options)
 			},
 		},
 		&apischedulingv1.PriorityClass{},
diff --git a/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/priorityclass.go b/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/priorityclass.go
index 904bc6c4ee..228240af12 100644
--- a/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/priorityclass.go
+++ b/vendor/k8s.io/client-go/informers/scheduling/v1alpha1/priorityclass.go
@@ -61,13 +61,25 @@ func NewFilteredPriorityClassInformer(client kubernetes.Interface, resyncPeriod
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.SchedulingV1alpha1().PriorityClasses().List(context.TODO(), options)
+				return client.SchedulingV1alpha1().PriorityClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.SchedulingV1alpha1().PriorityClasses().Watch(context.TODO(), options)
+				return client.SchedulingV1alpha1().PriorityClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.SchedulingV1alpha1().PriorityClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.SchedulingV1alpha1().PriorityClasses().Watch(ctx, options)
 			},
 		},
 		&apischedulingv1alpha1.PriorityClass{},
diff --git a/vendor/k8s.io/client-go/informers/scheduling/v1beta1/priorityclass.go b/vendor/k8s.io/client-go/informers/scheduling/v1beta1/priorityclass.go
index 299d376737..fd40bd0860 100644
--- a/vendor/k8s.io/client-go/informers/scheduling/v1beta1/priorityclass.go
+++ b/vendor/k8s.io/client-go/informers/scheduling/v1beta1/priorityclass.go
@@ -61,13 +61,25 @@ func NewFilteredPriorityClassInformer(client kubernetes.Interface, resyncPeriod
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.SchedulingV1beta1().PriorityClasses().List(context.TODO(), options)
+				return client.SchedulingV1beta1().PriorityClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.SchedulingV1beta1().PriorityClasses().Watch(context.TODO(), options)
+				return client.SchedulingV1beta1().PriorityClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.SchedulingV1beta1().PriorityClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.SchedulingV1beta1().PriorityClasses().Watch(ctx, options)
 			},
 		},
 		&apischedulingv1beta1.PriorityClass{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1/csidriver.go b/vendor/k8s.io/client-go/informers/storage/v1/csidriver.go
index 79282873bb..b79a51ca00 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1/csidriver.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1/csidriver.go
@@ -61,13 +61,25 @@ func NewFilteredCSIDriverInformer(client kubernetes.Interface, resyncPeriod time
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1().CSIDrivers().List(context.TODO(), options)
+				return client.StorageV1().CSIDrivers().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1().CSIDrivers().Watch(context.TODO(), options)
+				return client.StorageV1().CSIDrivers().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1().CSIDrivers().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1().CSIDrivers().Watch(ctx, options)
 			},
 		},
 		&apistoragev1.CSIDriver{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1/csinode.go b/vendor/k8s.io/client-go/informers/storage/v1/csinode.go
index 00345f897a..7a6040795e 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1/csinode.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1/csinode.go
@@ -61,13 +61,25 @@ func NewFilteredCSINodeInformer(client kubernetes.Interface, resyncPeriod time.D
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1().CSINodes().List(context.TODO(), options)
+				return client.StorageV1().CSINodes().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1().CSINodes().Watch(context.TODO(), options)
+				return client.StorageV1().CSINodes().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1().CSINodes().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1().CSINodes().Watch(ctx, options)
 			},
 		},
 		&apistoragev1.CSINode{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1/csistoragecapacity.go b/vendor/k8s.io/client-go/informers/storage/v1/csistoragecapacity.go
index 5a72272fcb..84ef70f2e7 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1/csistoragecapacity.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1/csistoragecapacity.go
@@ -62,13 +62,25 @@ func NewFilteredCSIStorageCapacityInformer(client kubernetes.Interface, namespac
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1().CSIStorageCapacities(namespace).List(context.TODO(), options)
+				return client.StorageV1().CSIStorageCapacities(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1().CSIStorageCapacities(namespace).Watch(context.TODO(), options)
+				return client.StorageV1().CSIStorageCapacities(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1().CSIStorageCapacities(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1().CSIStorageCapacities(namespace).Watch(ctx, options)
 			},
 		},
 		&apistoragev1.CSIStorageCapacity{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1/storageclass.go b/vendor/k8s.io/client-go/informers/storage/v1/storageclass.go
index 6eecc50f74..7f17ecf8c7 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1/storageclass.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1/storageclass.go
@@ -61,13 +61,25 @@ func NewFilteredStorageClassInformer(client kubernetes.Interface, resyncPeriod t
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1().StorageClasses().List(context.TODO(), options)
+				return client.StorageV1().StorageClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1().StorageClasses().Watch(context.TODO(), options)
+				return client.StorageV1().StorageClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1().StorageClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1().StorageClasses().Watch(ctx, options)
 			},
 		},
 		&apistoragev1.StorageClass{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1/volumeattachment.go b/vendor/k8s.io/client-go/informers/storage/v1/volumeattachment.go
index deca09cdac..3dee340d52 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1/volumeattachment.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1/volumeattachment.go
@@ -61,13 +61,25 @@ func NewFilteredVolumeAttachmentInformer(client kubernetes.Interface, resyncPeri
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1().VolumeAttachments().List(context.TODO(), options)
+				return client.StorageV1().VolumeAttachments().List(context.Background(), options)
 			},
 			WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1().VolumeAttachments().Watch(context.TODO(), options)
+				return client.StorageV1().VolumeAttachments().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1().VolumeAttachments().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1().VolumeAttachments().Watch(ctx, options)
 			},
 		},
 		&apistoragev1.VolumeAttachment{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1alpha1/csistoragecapacity.go b/vendor/k8s.io/client-go/informers/storage/v1alpha1/csistoragecapacity.go
index 2253f700e6..794de10db1 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1alpha1/csistoragecapacity.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1alpha1/csistoragecapacity.go
@@ -62,13 +62,25 @@ func NewFilteredCSIStorageCapacityInformer(client kubernetes.Interface, namespac
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1alpha1().CSIStorageCapacities(namespace).List(context.TODO(), options)
+				return client.StorageV1alpha1().CSIStorageCapacities(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1alpha1().CSIStorageCapacities(namespace).Watch(context.TODO(), options)
+				return client.StorageV1alpha1().CSIStorageCapacities(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1alpha1().CSIStorageCapacities(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1alpha1().CSIStorageCapacities(namespace).Watch(ctx, options)
 			},
 		},
 		&apistoragev1alpha1.CSIStorageCapacity{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattachment.go b/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattachment.go
index f319899530..dc68be2344 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattachment.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattachment.go
@@ -61,13 +61,25 @@ func NewFilteredVolumeAttachmentInformer(client kubernetes.Interface, resyncPeri
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1alpha1().VolumeAttachments().List(context.TODO(), options)
+				return client.StorageV1alpha1().VolumeAttachments().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1alpha1().VolumeAttachments().Watch(context.TODO(), options)
+				return client.StorageV1alpha1().VolumeAttachments().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1alpha1().VolumeAttachments().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1alpha1().VolumeAttachments().Watch(ctx, options)
 			},
 		},
 		&apistoragev1alpha1.VolumeAttachment{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattributesclass.go b/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattributesclass.go
index 8a688312a9..5210ea79a9 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattributesclass.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1alpha1/volumeattributesclass.go
@@ -61,13 +61,25 @@ func NewFilteredVolumeAttributesClassInformer(client kubernetes.Interface, resyn
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1alpha1().VolumeAttributesClasses().List(context.TODO(), options)
+				return client.StorageV1alpha1().VolumeAttributesClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1alpha1().VolumeAttributesClasses().Watch(context.TODO(), options)
+				return client.StorageV1alpha1().VolumeAttributesClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1alpha1().VolumeAttributesClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1alpha1().VolumeAttributesClasses().Watch(ctx, options)
 			},
 		},
 		&apistoragev1alpha1.VolumeAttributesClass{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1beta1/csidriver.go b/vendor/k8s.io/client-go/informers/storage/v1beta1/csidriver.go
index f538deed51..a21dc94ff8 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1beta1/csidriver.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1beta1/csidriver.go
@@ -61,13 +61,25 @@ func NewFilteredCSIDriverInformer(client kubernetes.Interface, resyncPeriod time
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().CSIDrivers().List(context.TODO(), options)
+				return client.StorageV1beta1().CSIDrivers().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().CSIDrivers().Watch(context.TODO(), options)
+				return client.StorageV1beta1().CSIDrivers().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().CSIDrivers().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().CSIDrivers().Watch(ctx, options)
 			},
 		},
 		&apistoragev1beta1.CSIDriver{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1beta1/csinode.go b/vendor/k8s.io/client-go/informers/storage/v1beta1/csinode.go
index 5d26cffdcf..e789fe3096 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1beta1/csinode.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1beta1/csinode.go
@@ -61,13 +61,25 @@ func NewFilteredCSINodeInformer(client kubernetes.Interface, resyncPeriod time.D
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().CSINodes().List(context.TODO(), options)
+				return client.StorageV1beta1().CSINodes().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().CSINodes().Watch(context.TODO(), options)
+				return client.StorageV1beta1().CSINodes().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().CSINodes().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().CSINodes().Watch(ctx, options)
 			},
 		},
 		&apistoragev1beta1.CSINode{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1beta1/csistoragecapacity.go b/vendor/k8s.io/client-go/informers/storage/v1beta1/csistoragecapacity.go
index 9ad42e9f83..fa75b0b4f9 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1beta1/csistoragecapacity.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1beta1/csistoragecapacity.go
@@ -62,13 +62,25 @@ func NewFilteredCSIStorageCapacityInformer(client kubernetes.Interface, namespac
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().CSIStorageCapacities(namespace).List(context.TODO(), options)
+				return client.StorageV1beta1().CSIStorageCapacities(namespace).List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().CSIStorageCapacities(namespace).Watch(context.TODO(), options)
+				return client.StorageV1beta1().CSIStorageCapacities(namespace).Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().CSIStorageCapacities(namespace).List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().CSIStorageCapacities(namespace).Watch(ctx, options)
 			},
 		},
 		&apistoragev1beta1.CSIStorageCapacity{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1beta1/storageclass.go b/vendor/k8s.io/client-go/informers/storage/v1beta1/storageclass.go
index 2d8649e9b8..23d7ca4fc7 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1beta1/storageclass.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1beta1/storageclass.go
@@ -61,13 +61,25 @@ func NewFilteredStorageClassInformer(client kubernetes.Interface, resyncPeriod t
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().StorageClasses().List(context.TODO(), options)
+				return client.StorageV1beta1().StorageClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().StorageClasses().Watch(context.TODO(), options)
+				return client.StorageV1beta1().StorageClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().StorageClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().StorageClasses().Watch(ctx, options)
 			},
 		},
 		&apistoragev1beta1.StorageClass{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattachment.go b/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattachment.go
index 93d3826936..691b2c6d12 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattachment.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattachment.go
@@ -61,13 +61,25 @@ func NewFilteredVolumeAttachmentInformer(client kubernetes.Interface, resyncPeri
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().VolumeAttachments().List(context.TODO(), options)
+				return client.StorageV1beta1().VolumeAttachments().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().VolumeAttachments().Watch(context.TODO(), options)
+				return client.StorageV1beta1().VolumeAttachments().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().VolumeAttachments().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().VolumeAttachments().Watch(ctx, options)
 			},
 		},
 		&apistoragev1beta1.VolumeAttachment{},
diff --git a/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattributesclass.go b/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattributesclass.go
index dd9734bdc6..7d66c58156 100644
--- a/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattributesclass.go
+++ b/vendor/k8s.io/client-go/informers/storage/v1beta1/volumeattributesclass.go
@@ -61,13 +61,25 @@ func NewFilteredVolumeAttributesClassInformer(client kubernetes.Interface, resyn
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().VolumeAttributesClasses().List(context.TODO(), options)
+				return client.StorageV1beta1().VolumeAttributesClasses().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StorageV1beta1().VolumeAttributesClasses().Watch(context.TODO(), options)
+				return client.StorageV1beta1().VolumeAttributesClasses().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().VolumeAttributesClasses().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StorageV1beta1().VolumeAttributesClasses().Watch(ctx, options)
 			},
 		},
 		&apistoragev1beta1.VolumeAttributesClass{},
diff --git a/vendor/k8s.io/client-go/informers/storagemigration/v1alpha1/storageversionmigration.go b/vendor/k8s.io/client-go/informers/storagemigration/v1alpha1/storageversionmigration.go
index 49d6dd2e5b..4debb5eef9 100644
--- a/vendor/k8s.io/client-go/informers/storagemigration/v1alpha1/storageversionmigration.go
+++ b/vendor/k8s.io/client-go/informers/storagemigration/v1alpha1/storageversionmigration.go
@@ -61,13 +61,25 @@ func NewFilteredStorageVersionMigrationInformer(client kubernetes.Interface, res
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StoragemigrationV1alpha1().StorageVersionMigrations().List(context.TODO(), options)
+				return client.StoragemigrationV1alpha1().StorageVersionMigrations().List(context.Background(), options)
 			},
 			WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
 				if tweakListOptions != nil {
 					tweakListOptions(&options)
 				}
-				return client.StoragemigrationV1alpha1().StorageVersionMigrations().Watch(context.TODO(), options)
+				return client.StoragemigrationV1alpha1().StorageVersionMigrations().Watch(context.Background(), options)
+			},
+			ListWithContextFunc: func(ctx context.Context, options v1.ListOptions) (runtime.Object, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StoragemigrationV1alpha1().StorageVersionMigrations().List(ctx, options)
+			},
+			WatchFuncWithContext: func(ctx context.Context, options v1.ListOptions) (watch.Interface, error) {
+				if tweakListOptions != nil {
+					tweakListOptions(&options)
+				}
+				return client.StoragemigrationV1alpha1().StorageVersionMigrations().Watch(ctx, options)
 			},
 		},
 		&apistoragemigrationv1alpha1.StorageVersionMigration{},
diff --git a/vendor/k8s.io/client-go/kubernetes/clientset.go b/vendor/k8s.io/client-go/kubernetes/clientset.go
index a6dbc23a9c..b333d6b8a1 100644
--- a/vendor/k8s.io/client-go/kubernetes/clientset.go
+++ b/vendor/k8s.io/client-go/kubernetes/clientset.go
@@ -70,6 +70,7 @@ import (
 	rbacv1beta1 "k8s.io/client-go/kubernetes/typed/rbac/v1beta1"
 	resourcev1alpha3 "k8s.io/client-go/kubernetes/typed/resource/v1alpha3"
 	resourcev1beta1 "k8s.io/client-go/kubernetes/typed/resource/v1beta1"
+	resourcev1beta2 "k8s.io/client-go/kubernetes/typed/resource/v1beta2"
 	schedulingv1 "k8s.io/client-go/kubernetes/typed/scheduling/v1"
 	schedulingv1alpha1 "k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1"
 	schedulingv1beta1 "k8s.io/client-go/kubernetes/typed/scheduling/v1beta1"
@@ -128,6 +129,7 @@ type Interface interface {
 	RbacV1() rbacv1.RbacV1Interface
 	RbacV1beta1() rbacv1beta1.RbacV1beta1Interface
 	RbacV1alpha1() rbacv1alpha1.RbacV1alpha1Interface
+	ResourceV1beta2() resourcev1beta2.ResourceV1beta2Interface
 	ResourceV1beta1() resourcev1beta1.ResourceV1beta1Interface
 	ResourceV1alpha3() resourcev1alpha3.ResourceV1alpha3Interface
 	SchedulingV1alpha1() schedulingv1alpha1.SchedulingV1alpha1Interface
@@ -187,6 +189,7 @@ type Clientset struct {
 	rbacV1                        *rbacv1.RbacV1Client
 	rbacV1beta1                   *rbacv1beta1.RbacV1beta1Client
 	rbacV1alpha1                  *rbacv1alpha1.RbacV1alpha1Client
+	resourceV1beta2               *resourcev1beta2.ResourceV1beta2Client
 	resourceV1beta1               *resourcev1beta1.ResourceV1beta1Client
 	resourceV1alpha3              *resourcev1alpha3.ResourceV1alpha3Client
 	schedulingV1alpha1            *schedulingv1alpha1.SchedulingV1alpha1Client
@@ -423,6 +426,11 @@ func (c *Clientset) RbacV1alpha1() rbacv1alpha1.RbacV1alpha1Interface {
 	return c.rbacV1alpha1
 }
 
+// ResourceV1beta2 retrieves the ResourceV1beta2Client
+func (c *Clientset) ResourceV1beta2() resourcev1beta2.ResourceV1beta2Interface {
+	return c.resourceV1beta2
+}
+
 // ResourceV1beta1 retrieves the ResourceV1beta1Client
 func (c *Clientset) ResourceV1beta1() resourcev1beta1.ResourceV1beta1Interface {
 	return c.resourceV1beta1
@@ -692,6 +700,10 @@ func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset,
 	if err != nil {
 		return nil, err
 	}
+	cs.resourceV1beta2, err = resourcev1beta2.NewForConfigAndClient(&configShallowCopy, httpClient)
+	if err != nil {
+		return nil, err
+	}
 	cs.resourceV1beta1, err = resourcev1beta1.NewForConfigAndClient(&configShallowCopy, httpClient)
 	if err != nil {
 		return nil, err
@@ -794,6 +806,7 @@ func New(c rest.Interface) *Clientset {
 	cs.rbacV1 = rbacv1.New(c)
 	cs.rbacV1beta1 = rbacv1beta1.New(c)
 	cs.rbacV1alpha1 = rbacv1alpha1.New(c)
+	cs.resourceV1beta2 = resourcev1beta2.New(c)
 	cs.resourceV1beta1 = resourcev1beta1.New(c)
 	cs.resourceV1alpha3 = resourcev1alpha3.New(c)
 	cs.schedulingV1alpha1 = schedulingv1alpha1.New(c)
diff --git a/vendor/k8s.io/client-go/kubernetes/doc.go b/vendor/k8s.io/client-go/kubernetes/doc.go
index e052f81b85..9cef4242f2 100644
--- a/vendor/k8s.io/client-go/kubernetes/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // Package kubernetes holds packages which implement a clientset for Kubernetes
 // APIs.
-package kubernetes // import "k8s.io/client-go/kubernetes"
+package kubernetes
diff --git a/vendor/k8s.io/client-go/kubernetes/fake/clientset_generated.go b/vendor/k8s.io/client-go/kubernetes/fake/clientset_generated.go
index 6b583818b6..a454c6f191 100644
--- a/vendor/k8s.io/client-go/kubernetes/fake/clientset_generated.go
+++ b/vendor/k8s.io/client-go/kubernetes/fake/clientset_generated.go
@@ -19,6 +19,7 @@ limitations under the License.
 package fake
 
 import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/watch"
 	applyconfigurations "k8s.io/client-go/applyconfigurations"
@@ -119,6 +120,8 @@ import (
 	fakeresourcev1alpha3 "k8s.io/client-go/kubernetes/typed/resource/v1alpha3/fake"
 	resourcev1beta1 "k8s.io/client-go/kubernetes/typed/resource/v1beta1"
 	fakeresourcev1beta1 "k8s.io/client-go/kubernetes/typed/resource/v1beta1/fake"
+	resourcev1beta2 "k8s.io/client-go/kubernetes/typed/resource/v1beta2"
+	fakeresourcev1beta2 "k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake"
 	schedulingv1 "k8s.io/client-go/kubernetes/typed/scheduling/v1"
 	fakeschedulingv1 "k8s.io/client-go/kubernetes/typed/scheduling/v1/fake"
 	schedulingv1alpha1 "k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1"
@@ -156,9 +159,13 @@ func NewSimpleClientset(objects ...runtime.Object) *Clientset {
 	cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake}
 	cs.AddReactor("*", "*", testing.ObjectReaction(o))
 	cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) {
+		var opts metav1.ListOptions
+		if watchActcion, ok := action.(testing.WatchActionImpl); ok {
+			opts = watchActcion.ListOptions
+		}
 		gvr := action.GetResource()
 		ns := action.GetNamespace()
-		watch, err := o.Watch(gvr, ns)
+		watch, err := o.Watch(gvr, ns, opts)
 		if err != nil {
 			return false, nil, err
 		}
@@ -205,9 +212,13 @@ func NewClientset(objects ...runtime.Object) *Clientset {
 	cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake}
 	cs.AddReactor("*", "*", testing.ObjectReaction(o))
 	cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) {
+		var opts metav1.ListOptions
+		if watchActcion, ok := action.(testing.WatchActionImpl); ok {
+			opts = watchActcion.ListOptions
+		}
 		gvr := action.GetResource()
 		ns := action.GetNamespace()
-		watch, err := o.Watch(gvr, ns)
+		watch, err := o.Watch(gvr, ns, opts)
 		if err != nil {
 			return false, nil, err
 		}
@@ -447,6 +458,11 @@ func (c *Clientset) RbacV1alpha1() rbacv1alpha1.RbacV1alpha1Interface {
 	return &fakerbacv1alpha1.FakeRbacV1alpha1{Fake: &c.Fake}
 }
 
+// ResourceV1beta2 retrieves the ResourceV1beta2Client
+func (c *Clientset) ResourceV1beta2() resourcev1beta2.ResourceV1beta2Interface {
+	return &fakeresourcev1beta2.FakeResourceV1beta2{Fake: &c.Fake}
+}
+
 // ResourceV1beta1 retrieves the ResourceV1beta1Client
 func (c *Clientset) ResourceV1beta1() resourcev1beta1.ResourceV1beta1Interface {
 	return &fakeresourcev1beta1.FakeResourceV1beta1{Fake: &c.Fake}
diff --git a/vendor/k8s.io/client-go/kubernetes/fake/register.go b/vendor/k8s.io/client-go/kubernetes/fake/register.go
index 849b1ac900..1332509c1d 100644
--- a/vendor/k8s.io/client-go/kubernetes/fake/register.go
+++ b/vendor/k8s.io/client-go/kubernetes/fake/register.go
@@ -66,6 +66,7 @@ import (
 	rbacv1beta1 "k8s.io/api/rbac/v1beta1"
 	resourcev1alpha3 "k8s.io/api/resource/v1alpha3"
 	resourcev1beta1 "k8s.io/api/resource/v1beta1"
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
 	schedulingv1 "k8s.io/api/scheduling/v1"
 	schedulingv1alpha1 "k8s.io/api/scheduling/v1alpha1"
 	schedulingv1beta1 "k8s.io/api/scheduling/v1beta1"
@@ -129,6 +130,7 @@ var localSchemeBuilder = runtime.SchemeBuilder{
 	rbacv1.AddToScheme,
 	rbacv1beta1.AddToScheme,
 	rbacv1alpha1.AddToScheme,
+	resourcev1beta2.AddToScheme,
 	resourcev1beta1.AddToScheme,
 	resourcev1alpha3.AddToScheme,
 	schedulingv1alpha1.AddToScheme,
diff --git a/vendor/k8s.io/client-go/kubernetes/import.go b/vendor/k8s.io/client-go/kubernetes/import.go
index c4f9a91bcf..93f3e4c6e8 100644
--- a/vendor/k8s.io/client-go/kubernetes/import.go
+++ b/vendor/k8s.io/client-go/kubernetes/import.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // This file exists to enforce this clientset's vanity import path.
 
-package kubernetes // import "k8s.io/client-go/kubernetes"
+package kubernetes
diff --git a/vendor/k8s.io/client-go/kubernetes/scheme/register.go b/vendor/k8s.io/client-go/kubernetes/scheme/register.go
index a9a5d8eb7d..e0dfc986f1 100644
--- a/vendor/k8s.io/client-go/kubernetes/scheme/register.go
+++ b/vendor/k8s.io/client-go/kubernetes/scheme/register.go
@@ -66,6 +66,7 @@ import (
 	rbacv1beta1 "k8s.io/api/rbac/v1beta1"
 	resourcev1alpha3 "k8s.io/api/resource/v1alpha3"
 	resourcev1beta1 "k8s.io/api/resource/v1beta1"
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
 	schedulingv1 "k8s.io/api/scheduling/v1"
 	schedulingv1alpha1 "k8s.io/api/scheduling/v1alpha1"
 	schedulingv1beta1 "k8s.io/api/scheduling/v1beta1"
@@ -129,6 +130,7 @@ var localSchemeBuilder = runtime.SchemeBuilder{
 	rbacv1.AddToScheme,
 	rbacv1beta1.AddToScheme,
 	rbacv1alpha1.AddToScheme,
+	resourcev1beta2.AddToScheme,
 	resourcev1beta1.AddToScheme,
 	resourcev1alpha3.AddToScheme,
 	schedulingv1alpha1.AddToScheme,
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1/admissionregistration_client.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1/admissionregistration_client.go
index 74d2967f66..859ad913b9 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1/admissionregistration_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1/admissionregistration_client.go
@@ -60,9 +60,7 @@ func (c *AdmissionregistrationV1Client) ValidatingWebhookConfigurations() Valida
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AdmissionregistrationV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +72,7 @@ func NewForConfig(c *rest.Config) (*AdmissionregistrationV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AdmissionregistrationV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +95,7 @@ func New(c rest.Interface) *AdmissionregistrationV1Client {
 	return &AdmissionregistrationV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := admissionregistrationv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +104,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/admissionregistration_client.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/admissionregistration_client.go
index f8a67c6d89..8ffb7da7fd 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/admissionregistration_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1alpha1/admissionregistration_client.go
@@ -60,9 +60,7 @@ func (c *AdmissionregistrationV1alpha1Client) ValidatingAdmissionPolicyBindings(
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AdmissionregistrationV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +72,7 @@ func NewForConfig(c *rest.Config) (*AdmissionregistrationV1alpha1Client, error)
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AdmissionregistrationV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +95,7 @@ func New(c rest.Interface) *AdmissionregistrationV1alpha1Client {
 	return &AdmissionregistrationV1alpha1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := admissionregistrationv1alpha1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +104,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/admissionregistration_client.go b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/admissionregistration_client.go
index 16c42b0ec6..cfb825359b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/admissionregistration_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1/admissionregistration_client.go
@@ -60,9 +60,7 @@ func (c *AdmissionregistrationV1beta1Client) ValidatingWebhookConfigurations() V
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AdmissionregistrationV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +72,7 @@ func NewForConfig(c *rest.Config) (*AdmissionregistrationV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AdmissionregistrationV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +95,7 @@ func New(c rest.Interface) *AdmissionregistrationV1beta1Client {
 	return &AdmissionregistrationV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := admissionregistrationv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +104,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apiserverinternal/v1alpha1/apiserverinternal_client.go b/vendor/k8s.io/client-go/kubernetes/typed/apiserverinternal/v1alpha1/apiserverinternal_client.go
index b76fadf91b..2ea2568bfe 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apiserverinternal/v1alpha1/apiserverinternal_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apiserverinternal/v1alpha1/apiserverinternal_client.go
@@ -45,9 +45,7 @@ func (c *InternalV1alpha1Client) StorageVersions() StorageVersionInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*InternalV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*InternalV1alpha1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*InternalV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *InternalV1alpha1Client {
 	return &InternalV1alpha1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := apiserverinternalv1alpha1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/apps_client.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/apps_client.go
index cb0bf87bad..7371f6265c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/apps_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1/apps_client.go
@@ -65,9 +65,7 @@ func (c *AppsV1Client) StatefulSets(namespace string) StatefulSetInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AppsV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -79,9 +77,7 @@ func NewForConfig(c *rest.Config) (*AppsV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AppsV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -104,7 +100,7 @@ func New(c rest.Interface) *AppsV1Client {
 	return &AppsV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := appsv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -113,8 +109,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/apps_client.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/apps_client.go
index 72bde633bf..02e09bdda2 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/apps_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta1/apps_client.go
@@ -55,9 +55,7 @@ func (c *AppsV1beta1Client) StatefulSets(namespace string) StatefulSetInterface
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AppsV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -69,9 +67,7 @@ func NewForConfig(c *rest.Config) (*AppsV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AppsV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -94,7 +90,7 @@ func New(c rest.Interface) *AppsV1beta1Client {
 	return &AppsV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := appsv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -103,8 +99,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/apps_client.go b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/apps_client.go
index e13d12a763..28309fa6a1 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/apps_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/apps/v1beta2/apps_client.go
@@ -65,9 +65,7 @@ func (c *AppsV1beta2Client) StatefulSets(namespace string) StatefulSetInterface
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AppsV1beta2Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -79,9 +77,7 @@ func NewForConfig(c *rest.Config) (*AppsV1beta2Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AppsV1beta2Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -104,7 +100,7 @@ func New(c rest.Interface) *AppsV1beta2Client {
 	return &AppsV1beta2Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := appsv1beta2.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -113,8 +109,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/authentication_client.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/authentication_client.go
index bd5df77983..d030dae320 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/authentication_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1/authentication_client.go
@@ -50,9 +50,7 @@ func (c *AuthenticationV1Client) TokenReviews() TokenReviewInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AuthenticationV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -64,9 +62,7 @@ func NewForConfig(c *rest.Config) (*AuthenticationV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthenticationV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -89,7 +85,7 @@ func New(c rest.Interface) *AuthenticationV1Client {
 	return &AuthenticationV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := authenticationv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -98,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1alpha1/authentication_client.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1alpha1/authentication_client.go
index 8212658591..d317d7f9bc 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1alpha1/authentication_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1alpha1/authentication_client.go
@@ -45,9 +45,7 @@ func (c *AuthenticationV1alpha1Client) SelfSubjectReviews() SelfSubjectReviewInt
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthenticationV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *AuthenticationV1alpha1Client {
 	return &AuthenticationV1alpha1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := authenticationv1alpha1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/authentication_client.go b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/authentication_client.go
index 7b22e46e31..b8c8eab7f3 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/authentication_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authentication/v1beta1/authentication_client.go
@@ -50,9 +50,7 @@ func (c *AuthenticationV1beta1Client) TokenReviews() TokenReviewInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AuthenticationV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -64,9 +62,7 @@ func NewForConfig(c *rest.Config) (*AuthenticationV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthenticationV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -89,7 +85,7 @@ func New(c rest.Interface) *AuthenticationV1beta1Client {
 	return &AuthenticationV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := authenticationv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -98,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/authorization_client.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/authorization_client.go
index 71fb89b383..5c290f9f32 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/authorization_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1/authorization_client.go
@@ -60,9 +60,7 @@ func (c *AuthorizationV1Client) SubjectAccessReviews() SubjectAccessReviewInterf
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AuthorizationV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +72,7 @@ func NewForConfig(c *rest.Config) (*AuthorizationV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthorizationV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +95,7 @@ func New(c rest.Interface) *AuthorizationV1Client {
 	return &AuthorizationV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := authorizationv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +104,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/authorization_client.go b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/authorization_client.go
index f33619eb38..648e692259 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/authorization_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/authorization/v1beta1/authorization_client.go
@@ -60,9 +60,7 @@ func (c *AuthorizationV1beta1Client) SubjectAccessReviews() SubjectAccessReviewI
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AuthorizationV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +72,7 @@ func NewForConfig(c *rest.Config) (*AuthorizationV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AuthorizationV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +95,7 @@ func New(c rest.Interface) *AuthorizationV1beta1Client {
 	return &AuthorizationV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := authorizationv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +104,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/autoscaling_client.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/autoscaling_client.go
index 6ceaaf82af..4f7de82a01 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/autoscaling_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v1/autoscaling_client.go
@@ -45,9 +45,7 @@ func (c *AutoscalingV1Client) HorizontalPodAutoscalers(namespace string) Horizon
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AutoscalingV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*AutoscalingV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AutoscalingV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *AutoscalingV1Client {
 	return &AutoscalingV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := autoscalingv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2/autoscaling_client.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2/autoscaling_client.go
index 78a2609bf4..bedc3d8a17 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2/autoscaling_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2/autoscaling_client.go
@@ -45,9 +45,7 @@ func (c *AutoscalingV2Client) HorizontalPodAutoscalers(namespace string) Horizon
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AutoscalingV2Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*AutoscalingV2Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AutoscalingV2Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *AutoscalingV2Client {
 	return &AutoscalingV2Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := autoscalingv2.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/autoscaling_client.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/autoscaling_client.go
index 1fcda17c81..25e38f371d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/autoscaling_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta1/autoscaling_client.go
@@ -45,9 +45,7 @@ func (c *AutoscalingV2beta1Client) HorizontalPodAutoscalers(namespace string) Ho
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AutoscalingV2beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*AutoscalingV2beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AutoscalingV2beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *AutoscalingV2beta1Client {
 	return &AutoscalingV2beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := autoscalingv2beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta2/autoscaling_client.go b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta2/autoscaling_client.go
index 62f5b743c7..21626e5ce7 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta2/autoscaling_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/autoscaling/v2beta2/autoscaling_client.go
@@ -45,9 +45,7 @@ func (c *AutoscalingV2beta2Client) HorizontalPodAutoscalers(namespace string) Ho
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*AutoscalingV2beta2Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*AutoscalingV2beta2Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AutoscalingV2beta2Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *AutoscalingV2beta2Client {
 	return &AutoscalingV2beta2Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := autoscalingv2beta2.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/batch_client.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/batch_client.go
index 614d049f3b..56deda20ce 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/batch_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1/batch_client.go
@@ -50,9 +50,7 @@ func (c *BatchV1Client) Jobs(namespace string) JobInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*BatchV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -64,9 +62,7 @@ func NewForConfig(c *rest.Config) (*BatchV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*BatchV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -89,7 +85,7 @@ func New(c rest.Interface) *BatchV1Client {
 	return &BatchV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := batchv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -98,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/batch_client.go b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/batch_client.go
index 2da9e41350..9de08074fc 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/batch_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/batch/v1beta1/batch_client.go
@@ -45,9 +45,7 @@ func (c *BatchV1beta1Client) CronJobs(namespace string) CronJobInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*BatchV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*BatchV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*BatchV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *BatchV1beta1Client {
 	return &BatchV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := batchv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1/certificates_client.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1/certificates_client.go
index 60337cd23f..a13c3559db 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1/certificates_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1/certificates_client.go
@@ -45,9 +45,7 @@ func (c *CertificatesV1Client) CertificateSigningRequests() CertificateSigningRe
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*CertificatesV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*CertificatesV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*CertificatesV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *CertificatesV1Client {
 	return &CertificatesV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := certificatesv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1alpha1/certificates_client.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1alpha1/certificates_client.go
index 36e08253af..163ddad017 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1alpha1/certificates_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1alpha1/certificates_client.go
@@ -45,9 +45,7 @@ func (c *CertificatesV1alpha1Client) ClusterTrustBundles() ClusterTrustBundleInt
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*CertificatesV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*CertificatesV1alpha1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*CertificatesV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *CertificatesV1alpha1Client {
 	return &CertificatesV1alpha1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := certificatesv1alpha1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificates_client.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificates_client.go
index f040e7664e..8de95609f5 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificates_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/certificates_client.go
@@ -29,6 +29,7 @@ import (
 type CertificatesV1beta1Interface interface {
 	RESTClient() rest.Interface
 	CertificateSigningRequestsGetter
+	ClusterTrustBundlesGetter
 }
 
 // CertificatesV1beta1Client is used to interact with features provided by the certificates.k8s.io group.
@@ -40,14 +41,16 @@ func (c *CertificatesV1beta1Client) CertificateSigningRequests() CertificateSign
 	return newCertificateSigningRequests(c)
 }
 
+func (c *CertificatesV1beta1Client) ClusterTrustBundles() ClusterTrustBundleInterface {
+	return newClusterTrustBundles(c)
+}
+
 // NewForConfig creates a new CertificatesV1beta1Client for the given config.
 // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient),
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*CertificatesV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +62,7 @@ func NewForConfig(c *rest.Config) (*CertificatesV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*CertificatesV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +85,7 @@ func New(c rest.Interface) *CertificatesV1beta1Client {
 	return &CertificatesV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := certificatesv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/clustertrustbundle.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/clustertrustbundle.go
new file mode 100644
index 0000000000..c4d93d7b22
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/clustertrustbundle.go
@@ -0,0 +1,73 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	context "context"
+
+	certificatesv1beta1 "k8s.io/api/certificates/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	applyconfigurationscertificatesv1beta1 "k8s.io/client-go/applyconfigurations/certificates/v1beta1"
+	gentype "k8s.io/client-go/gentype"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+)
+
+// ClusterTrustBundlesGetter has a method to return a ClusterTrustBundleInterface.
+// A group's client should implement this interface.
+type ClusterTrustBundlesGetter interface {
+	ClusterTrustBundles() ClusterTrustBundleInterface
+}
+
+// ClusterTrustBundleInterface has methods to work with ClusterTrustBundle resources.
+type ClusterTrustBundleInterface interface {
+	Create(ctx context.Context, clusterTrustBundle *certificatesv1beta1.ClusterTrustBundle, opts v1.CreateOptions) (*certificatesv1beta1.ClusterTrustBundle, error)
+	Update(ctx context.Context, clusterTrustBundle *certificatesv1beta1.ClusterTrustBundle, opts v1.UpdateOptions) (*certificatesv1beta1.ClusterTrustBundle, error)
+	Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
+	DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
+	Get(ctx context.Context, name string, opts v1.GetOptions) (*certificatesv1beta1.ClusterTrustBundle, error)
+	List(ctx context.Context, opts v1.ListOptions) (*certificatesv1beta1.ClusterTrustBundleList, error)
+	Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
+	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *certificatesv1beta1.ClusterTrustBundle, err error)
+	Apply(ctx context.Context, clusterTrustBundle *applyconfigurationscertificatesv1beta1.ClusterTrustBundleApplyConfiguration, opts v1.ApplyOptions) (result *certificatesv1beta1.ClusterTrustBundle, err error)
+	ClusterTrustBundleExpansion
+}
+
+// clusterTrustBundles implements ClusterTrustBundleInterface
+type clusterTrustBundles struct {
+	*gentype.ClientWithListAndApply[*certificatesv1beta1.ClusterTrustBundle, *certificatesv1beta1.ClusterTrustBundleList, *applyconfigurationscertificatesv1beta1.ClusterTrustBundleApplyConfiguration]
+}
+
+// newClusterTrustBundles returns a ClusterTrustBundles
+func newClusterTrustBundles(c *CertificatesV1beta1Client) *clusterTrustBundles {
+	return &clusterTrustBundles{
+		gentype.NewClientWithListAndApply[*certificatesv1beta1.ClusterTrustBundle, *certificatesv1beta1.ClusterTrustBundleList, *applyconfigurationscertificatesv1beta1.ClusterTrustBundleApplyConfiguration](
+			"clustertrustbundles",
+			c.RESTClient(),
+			scheme.ParameterCodec,
+			"",
+			func() *certificatesv1beta1.ClusterTrustBundle { return &certificatesv1beta1.ClusterTrustBundle{} },
+			func() *certificatesv1beta1.ClusterTrustBundleList {
+				return &certificatesv1beta1.ClusterTrustBundleList{}
+			},
+			gentype.PrefersProtobuf[*certificatesv1beta1.ClusterTrustBundle](),
+		),
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/fake/fake_certificates_client.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/fake/fake_certificates_client.go
index 313df7abd2..fba168ea18 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/fake/fake_certificates_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/fake/fake_certificates_client.go
@@ -32,6 +32,10 @@ func (c *FakeCertificatesV1beta1) CertificateSigningRequests() v1beta1.Certifica
 	return newFakeCertificateSigningRequests(c)
 }
 
+func (c *FakeCertificatesV1beta1) ClusterTrustBundles() v1beta1.ClusterTrustBundleInterface {
+	return newFakeClusterTrustBundles(c)
+}
+
 // RESTClient returns a RESTClient that is used to communicate
 // with API server by this client implementation.
 func (c *FakeCertificatesV1beta1) RESTClient() rest.Interface {
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/fake/fake_clustertrustbundle.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/fake/fake_clustertrustbundle.go
new file mode 100644
index 0000000000..ff88f73538
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/fake/fake_clustertrustbundle.go
@@ -0,0 +1,53 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1beta1 "k8s.io/api/certificates/v1beta1"
+	certificatesv1beta1 "k8s.io/client-go/applyconfigurations/certificates/v1beta1"
+	gentype "k8s.io/client-go/gentype"
+	typedcertificatesv1beta1 "k8s.io/client-go/kubernetes/typed/certificates/v1beta1"
+)
+
+// fakeClusterTrustBundles implements ClusterTrustBundleInterface
+type fakeClusterTrustBundles struct {
+	*gentype.FakeClientWithListAndApply[*v1beta1.ClusterTrustBundle, *v1beta1.ClusterTrustBundleList, *certificatesv1beta1.ClusterTrustBundleApplyConfiguration]
+	Fake *FakeCertificatesV1beta1
+}
+
+func newFakeClusterTrustBundles(fake *FakeCertificatesV1beta1) typedcertificatesv1beta1.ClusterTrustBundleInterface {
+	return &fakeClusterTrustBundles{
+		gentype.NewFakeClientWithListAndApply[*v1beta1.ClusterTrustBundle, *v1beta1.ClusterTrustBundleList, *certificatesv1beta1.ClusterTrustBundleApplyConfiguration](
+			fake.Fake,
+			"",
+			v1beta1.SchemeGroupVersion.WithResource("clustertrustbundles"),
+			v1beta1.SchemeGroupVersion.WithKind("ClusterTrustBundle"),
+			func() *v1beta1.ClusterTrustBundle { return &v1beta1.ClusterTrustBundle{} },
+			func() *v1beta1.ClusterTrustBundleList { return &v1beta1.ClusterTrustBundleList{} },
+			func(dst, src *v1beta1.ClusterTrustBundleList) { dst.ListMeta = src.ListMeta },
+			func(list *v1beta1.ClusterTrustBundleList) []*v1beta1.ClusterTrustBundle {
+				return gentype.ToPointerSlice(list.Items)
+			},
+			func(list *v1beta1.ClusterTrustBundleList, items []*v1beta1.ClusterTrustBundle) {
+				list.Items = gentype.FromPointerSlice(items)
+			},
+		),
+		fake,
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/generated_expansion.go
index f6df769632..408936e06b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1/generated_expansion.go
@@ -17,3 +17,5 @@ limitations under the License.
 // Code generated by client-gen. DO NOT EDIT.
 
 package v1beta1
+
+type ClusterTrustBundleExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1/coordination_client.go b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1/coordination_client.go
index 427cb7e936..52cfcca052 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1/coordination_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1/coordination_client.go
@@ -45,9 +45,7 @@ func (c *CoordinationV1Client) Leases(namespace string) LeaseInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*CoordinationV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*CoordinationV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*CoordinationV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *CoordinationV1Client {
 	return &CoordinationV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := coordinationv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1alpha2/coordination_client.go b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1alpha2/coordination_client.go
index 4c286d4632..2fd87f68e4 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1alpha2/coordination_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1alpha2/coordination_client.go
@@ -45,9 +45,7 @@ func (c *CoordinationV1alpha2Client) LeaseCandidates(namespace string) LeaseCand
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*CoordinationV1alpha2Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*CoordinationV1alpha2Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*CoordinationV1alpha2Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *CoordinationV1alpha2Client {
 	return &CoordinationV1alpha2Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := coordinationv1alpha2.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/coordination_client.go b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/coordination_client.go
index 1f1afba240..fa0af1c0a5 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/coordination_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/coordination_client.go
@@ -29,6 +29,7 @@ import (
 type CoordinationV1beta1Interface interface {
 	RESTClient() rest.Interface
 	LeasesGetter
+	LeaseCandidatesGetter
 }
 
 // CoordinationV1beta1Client is used to interact with features provided by the coordination.k8s.io group.
@@ -40,14 +41,16 @@ func (c *CoordinationV1beta1Client) Leases(namespace string) LeaseInterface {
 	return newLeases(c, namespace)
 }
 
+func (c *CoordinationV1beta1Client) LeaseCandidates(namespace string) LeaseCandidateInterface {
+	return newLeaseCandidates(c, namespace)
+}
+
 // NewForConfig creates a new CoordinationV1beta1Client for the given config.
 // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient),
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*CoordinationV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +62,7 @@ func NewForConfig(c *rest.Config) (*CoordinationV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*CoordinationV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +85,7 @@ func New(c rest.Interface) *CoordinationV1beta1Client {
 	return &CoordinationV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := coordinationv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/fake/fake_coordination_client.go b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/fake/fake_coordination_client.go
index 41b3ce06bf..c4eca7ecd1 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/fake/fake_coordination_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/fake/fake_coordination_client.go
@@ -32,6 +32,10 @@ func (c *FakeCoordinationV1beta1) Leases(namespace string) v1beta1.LeaseInterfac
 	return newFakeLeases(c, namespace)
 }
 
+func (c *FakeCoordinationV1beta1) LeaseCandidates(namespace string) v1beta1.LeaseCandidateInterface {
+	return newFakeLeaseCandidates(c, namespace)
+}
+
 // RESTClient returns a RESTClient that is used to communicate
 // with API server by this client implementation.
 func (c *FakeCoordinationV1beta1) RESTClient() rest.Interface {
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/fake/fake_leasecandidate.go b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/fake/fake_leasecandidate.go
new file mode 100644
index 0000000000..bd5587b924
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/fake/fake_leasecandidate.go
@@ -0,0 +1,53 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1beta1 "k8s.io/api/coordination/v1beta1"
+	coordinationv1beta1 "k8s.io/client-go/applyconfigurations/coordination/v1beta1"
+	gentype "k8s.io/client-go/gentype"
+	typedcoordinationv1beta1 "k8s.io/client-go/kubernetes/typed/coordination/v1beta1"
+)
+
+// fakeLeaseCandidates implements LeaseCandidateInterface
+type fakeLeaseCandidates struct {
+	*gentype.FakeClientWithListAndApply[*v1beta1.LeaseCandidate, *v1beta1.LeaseCandidateList, *coordinationv1beta1.LeaseCandidateApplyConfiguration]
+	Fake *FakeCoordinationV1beta1
+}
+
+func newFakeLeaseCandidates(fake *FakeCoordinationV1beta1, namespace string) typedcoordinationv1beta1.LeaseCandidateInterface {
+	return &fakeLeaseCandidates{
+		gentype.NewFakeClientWithListAndApply[*v1beta1.LeaseCandidate, *v1beta1.LeaseCandidateList, *coordinationv1beta1.LeaseCandidateApplyConfiguration](
+			fake.Fake,
+			namespace,
+			v1beta1.SchemeGroupVersion.WithResource("leasecandidates"),
+			v1beta1.SchemeGroupVersion.WithKind("LeaseCandidate"),
+			func() *v1beta1.LeaseCandidate { return &v1beta1.LeaseCandidate{} },
+			func() *v1beta1.LeaseCandidateList { return &v1beta1.LeaseCandidateList{} },
+			func(dst, src *v1beta1.LeaseCandidateList) { dst.ListMeta = src.ListMeta },
+			func(list *v1beta1.LeaseCandidateList) []*v1beta1.LeaseCandidate {
+				return gentype.ToPointerSlice(list.Items)
+			},
+			func(list *v1beta1.LeaseCandidateList, items []*v1beta1.LeaseCandidate) {
+				list.Items = gentype.FromPointerSlice(items)
+			},
+		),
+		fake,
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/generated_expansion.go
index dfd180daf3..a341e2aff3 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/generated_expansion.go
@@ -19,3 +19,5 @@ limitations under the License.
 package v1beta1
 
 type LeaseExpansion interface{}
+
+type LeaseCandidateExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/leasecandidate.go b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/leasecandidate.go
new file mode 100644
index 0000000000..505be1be0d
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/coordination/v1beta1/leasecandidate.go
@@ -0,0 +1,71 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	context "context"
+
+	coordinationv1beta1 "k8s.io/api/coordination/v1beta1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	applyconfigurationscoordinationv1beta1 "k8s.io/client-go/applyconfigurations/coordination/v1beta1"
+	gentype "k8s.io/client-go/gentype"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+)
+
+// LeaseCandidatesGetter has a method to return a LeaseCandidateInterface.
+// A group's client should implement this interface.
+type LeaseCandidatesGetter interface {
+	LeaseCandidates(namespace string) LeaseCandidateInterface
+}
+
+// LeaseCandidateInterface has methods to work with LeaseCandidate resources.
+type LeaseCandidateInterface interface {
+	Create(ctx context.Context, leaseCandidate *coordinationv1beta1.LeaseCandidate, opts v1.CreateOptions) (*coordinationv1beta1.LeaseCandidate, error)
+	Update(ctx context.Context, leaseCandidate *coordinationv1beta1.LeaseCandidate, opts v1.UpdateOptions) (*coordinationv1beta1.LeaseCandidate, error)
+	Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
+	DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
+	Get(ctx context.Context, name string, opts v1.GetOptions) (*coordinationv1beta1.LeaseCandidate, error)
+	List(ctx context.Context, opts v1.ListOptions) (*coordinationv1beta1.LeaseCandidateList, error)
+	Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
+	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *coordinationv1beta1.LeaseCandidate, err error)
+	Apply(ctx context.Context, leaseCandidate *applyconfigurationscoordinationv1beta1.LeaseCandidateApplyConfiguration, opts v1.ApplyOptions) (result *coordinationv1beta1.LeaseCandidate, err error)
+	LeaseCandidateExpansion
+}
+
+// leaseCandidates implements LeaseCandidateInterface
+type leaseCandidates struct {
+	*gentype.ClientWithListAndApply[*coordinationv1beta1.LeaseCandidate, *coordinationv1beta1.LeaseCandidateList, *applyconfigurationscoordinationv1beta1.LeaseCandidateApplyConfiguration]
+}
+
+// newLeaseCandidates returns a LeaseCandidates
+func newLeaseCandidates(c *CoordinationV1beta1Client, namespace string) *leaseCandidates {
+	return &leaseCandidates{
+		gentype.NewClientWithListAndApply[*coordinationv1beta1.LeaseCandidate, *coordinationv1beta1.LeaseCandidateList, *applyconfigurationscoordinationv1beta1.LeaseCandidateApplyConfiguration](
+			"leasecandidates",
+			c.RESTClient(),
+			scheme.ParameterCodec,
+			namespace,
+			func() *coordinationv1beta1.LeaseCandidate { return &coordinationv1beta1.LeaseCandidate{} },
+			func() *coordinationv1beta1.LeaseCandidateList { return &coordinationv1beta1.LeaseCandidateList{} },
+			gentype.PrefersProtobuf[*coordinationv1beta1.LeaseCandidate](),
+		),
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/core_client.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/core_client.go
index abf85cba64..0a9380cf82 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/core_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/core_client.go
@@ -120,9 +120,7 @@ func (c *CoreV1Client) ServiceAccounts(namespace string) ServiceAccountInterface
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*CoreV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -134,9 +132,7 @@ func NewForConfig(c *rest.Config) (*CoreV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*CoreV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -159,7 +155,7 @@ func New(c rest.Interface) *CoreV1Client {
 	return &CoreV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := corev1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/api"
@@ -168,8 +164,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/event_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/event_expansion.go
index 4243572328..ddecf93b1e 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/event_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/event_expansion.go
@@ -31,13 +31,29 @@ import (
 // The EventExpansion interface allows manually adding extra methods to the EventInterface.
 type EventExpansion interface {
 	// CreateWithEventNamespace is the same as a Create, except that it sends the request to the event.Namespace.
+	//
+	// Deprecated: use CreateWithEventNamespaceWithContext instead.
 	CreateWithEventNamespace(event *v1.Event) (*v1.Event, error)
 	// UpdateWithEventNamespace is the same as a Update, except that it sends the request to the event.Namespace.
+	//
+	// Deprecated: use UpdateWithEventNamespaceWithContext instead.
 	UpdateWithEventNamespace(event *v1.Event) (*v1.Event, error)
 	// PatchWithEventNamespace is the same as a Patch, except that it sends the request to the event.Namespace.
+	//
+	// Deprecated: use PatchWithEventNamespaceWithContext instead.
 	PatchWithEventNamespace(event *v1.Event, data []byte) (*v1.Event, error)
 	// Search finds events about the specified object
+	//
+	// Deprecated: use SearchWithContext instead.
 	Search(scheme *runtime.Scheme, objOrRef runtime.Object) (*v1.EventList, error)
+	// CreateWithEventNamespaceWithContext is the same as a Create, except that it sends the request to the event.Namespace.
+	CreateWithEventNamespaceWithContext(ctx context.Context, event *v1.Event) (*v1.Event, error)
+	// UpdateWithEventNamespaceWithContext is the same as a Update, except that it sends the request to the event.Namespace.
+	UpdateWithEventNamespaceWithContext(ctx context.Context, event *v1.Event) (*v1.Event, error)
+	// PatchWithEventNamespaceWithContext is the same as a Patch, except that it sends the request to the event.Namespace.
+	PatchWithEventNamespaceWithContext(ctx context.Context, event *v1.Event, data []byte) (*v1.Event, error)
+	// SearchWithContext finds events about the specified object
+	SearchWithContext(ctx context.Context, scheme *runtime.Scheme, objOrRef runtime.Object) (*v1.EventList, error)
 	// Returns the appropriate field selector based on the API version being used to communicate with the server.
 	// The returned field selector can be used with List and Watch to filter desired events.
 	GetFieldSelector(involvedObjectName, involvedObjectNamespace, involvedObjectKind, involvedObjectUID *string) fields.Selector
@@ -47,7 +63,17 @@ type EventExpansion interface {
 // or an error. The namespace to create the event within is deduced from the
 // event; it must either match this event client's namespace, or this event
 // client must have been created with the "" namespace.
+//
+// Deprecated: use CreateWithEventNamespaceWithContext instead.
 func (e *events) CreateWithEventNamespace(event *v1.Event) (*v1.Event, error) {
+	return e.CreateWithEventNamespaceWithContext(context.Background(), event)
+}
+
+// CreateWithEventNamespaceWithContext makes a new event. Returns the copy of the event the server returns,
+// or an error. The namespace to create the event within is deduced from the
+// event; it must either match this event client's namespace, or this event
+// client must have been created with the "" namespace.
+func (e *events) CreateWithEventNamespaceWithContext(ctx context.Context, event *v1.Event) (*v1.Event, error) {
 	if e.GetNamespace() != "" && event.Namespace != e.GetNamespace() {
 		return nil, fmt.Errorf("can't create an event with namespace '%v' in namespace '%v'", event.Namespace, e.GetNamespace())
 	}
@@ -56,7 +82,7 @@ func (e *events) CreateWithEventNamespace(event *v1.Event) (*v1.Event, error) {
 		NamespaceIfScoped(event.Namespace, len(event.Namespace) > 0).
 		Resource("events").
 		Body(event).
-		Do(context.TODO()).
+		Do(ctx).
 		Into(result)
 	return result, err
 }
@@ -66,7 +92,18 @@ func (e *events) CreateWithEventNamespace(event *v1.Event) (*v1.Event, error) {
 // namespace must either match this event client's namespace, or this event client must have been
 // created with the "" namespace. Update also requires the ResourceVersion to be set in the event
 // object.
+//
+// Deprecated: use UpdateWithEventNamespaceWithContext instead.
 func (e *events) UpdateWithEventNamespace(event *v1.Event) (*v1.Event, error) {
+	return e.UpdateWithEventNamespaceWithContext(context.Background(), event)
+}
+
+// UpdateWithEventNamespaceWithContext modifies an existing event. It returns the copy of the event that the server returns,
+// or an error. The namespace and key to update the event within is deduced from the event. The
+// namespace must either match this event client's namespace, or this event client must have been
+// created with the "" namespace. Update also requires the ResourceVersion to be set in the event
+// object.
+func (e *events) UpdateWithEventNamespaceWithContext(ctx context.Context, event *v1.Event) (*v1.Event, error) {
 	if e.GetNamespace() != "" && event.Namespace != e.GetNamespace() {
 		return nil, fmt.Errorf("can't update an event with namespace '%v' in namespace '%v'", event.Namespace, e.GetNamespace())
 	}
@@ -76,7 +113,7 @@ func (e *events) UpdateWithEventNamespace(event *v1.Event) (*v1.Event, error) {
 		Resource("events").
 		Name(event.Name).
 		Body(event).
-		Do(context.TODO()).
+		Do(ctx).
 		Into(result)
 	return result, err
 }
@@ -86,7 +123,18 @@ func (e *events) UpdateWithEventNamespace(event *v1.Event) (*v1.Event, error) {
 // target event is deduced from the incompleteEvent. The namespace must either
 // match this event client's namespace, or this event client must have been
 // created with the "" namespace.
+//
+// Deprecated: use PatchWithEventNamespaceWithContext instead.
 func (e *events) PatchWithEventNamespace(incompleteEvent *v1.Event, data []byte) (*v1.Event, error) {
+	return e.PatchWithEventNamespaceWithContext(context.Background(), incompleteEvent, data)
+}
+
+// PatchWithEventNamespaceWithContext modifies an existing event. It returns the copy of
+// the event that the server returns, or an error. The namespace and name of the
+// target event is deduced from the incompleteEvent. The namespace must either
+// match this event client's namespace, or this event client must have been
+// created with the "" namespace.
+func (e *events) PatchWithEventNamespaceWithContext(ctx context.Context, incompleteEvent *v1.Event, data []byte) (*v1.Event, error) {
 	if e.GetNamespace() != "" && incompleteEvent.Namespace != e.GetNamespace() {
 		return nil, fmt.Errorf("can't patch an event with namespace '%v' in namespace '%v'", incompleteEvent.Namespace, e.GetNamespace())
 	}
@@ -96,7 +144,7 @@ func (e *events) PatchWithEventNamespace(incompleteEvent *v1.Event, data []byte)
 		Resource("events").
 		Name(incompleteEvent.Name).
 		Body(data).
-		Do(context.TODO()).
+		Do(ctx).
 		Into(result)
 	return result, err
 }
@@ -104,7 +152,16 @@ func (e *events) PatchWithEventNamespace(incompleteEvent *v1.Event, data []byte)
 // Search finds events about the specified object. The namespace of the
 // object must match this event's client namespace unless the event client
 // was made with the "" namespace.
+//
+// Deprecated: use SearchWithContext instead.
 func (e *events) Search(scheme *runtime.Scheme, objOrRef runtime.Object) (*v1.EventList, error) {
+	return e.SearchWithContext(context.Background(), scheme, objOrRef)
+}
+
+// SearchWithContext finds events about the specified object. The namespace of the
+// object must match this event's client namespace unless the event client
+// was made with the "" namespace.
+func (e *events) SearchWithContext(ctx context.Context, scheme *runtime.Scheme, objOrRef runtime.Object) (*v1.EventList, error) {
 	ref, err := ref.GetReference(scheme, objOrRef)
 	if err != nil {
 		return nil, err
@@ -123,7 +180,7 @@ func (e *events) Search(scheme *runtime.Scheme, objOrRef runtime.Object) (*v1.Ev
 		refUID = &stringRefUID
 	}
 	fieldSelector := e.GetFieldSelector(&ref.Name, &ref.Namespace, refKind, refUID)
-	return e.List(context.TODO(), metav1.ListOptions{FieldSelector: fieldSelector.String()})
+	return e.List(ctx, metav1.ListOptions{FieldSelector: fieldSelector.String()})
 }
 
 // Returns the appropriate field selector based on the API version being used to communicate with the server.
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_event_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_event_expansion.go
index 3840f6323c..944d6808de 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_event_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/core/v1/fake/fake_event_expansion.go
@@ -17,6 +17,8 @@ limitations under the License.
 package fake
 
 import (
+	"context"
+
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/fields"
@@ -25,7 +27,12 @@ import (
 	core "k8s.io/client-go/testing"
 )
 
+// Deprecated: use CreateWithEventNamespaceWithContext instead.
 func (c *fakeEvents) CreateWithEventNamespace(event *v1.Event) (*v1.Event, error) {
+	return c.CreateWithEventNamespaceWithContext(context.Background(), event)
+}
+
+func (c *fakeEvents) CreateWithEventNamespaceWithContext(_ context.Context, event *v1.Event) (*v1.Event, error) {
 	var action core.CreateActionImpl
 	if c.Namespace() != "" {
 		action = core.NewCreateAction(c.Resource(), c.Namespace(), event)
@@ -41,7 +48,14 @@ func (c *fakeEvents) CreateWithEventNamespace(event *v1.Event) (*v1.Event, error
 }
 
 // Update replaces an existing event. Returns the copy of the event the server returns, or an error.
+//
+// Deprecated: use UpdateWithEventNamespaceWithContext instead.
 func (c *fakeEvents) UpdateWithEventNamespace(event *v1.Event) (*v1.Event, error) {
+	return c.UpdateWithEventNamespaceWithContext(context.Background(), event)
+}
+
+// Update replaces an existing event. Returns the copy of the event the server returns, or an error.
+func (c *fakeEvents) UpdateWithEventNamespaceWithContext(_ context.Context, event *v1.Event) (*v1.Event, error) {
 	var action core.UpdateActionImpl
 	if c.Namespace() != "" {
 		action = core.NewUpdateAction(c.Resource(), c.Namespace(), event)
@@ -58,7 +72,15 @@ func (c *fakeEvents) UpdateWithEventNamespace(event *v1.Event) (*v1.Event, error
 
 // PatchWithEventNamespace patches an existing event. Returns the copy of the event the server returns, or an error.
 // TODO: Should take a PatchType as an argument probably.
+//
+// Deprecated: use PatchWithEventNamespaceWithContext instead.
 func (c *fakeEvents) PatchWithEventNamespace(event *v1.Event, data []byte) (*v1.Event, error) {
+	return c.PatchWithEventNamespaceWithContext(context.Background(), event, data)
+}
+
+// PatchWithEventNamespaceWithContext patches an existing event. Returns the copy of the event the server returns, or an error.
+// TODO: Should take a PatchType as an argument probably.
+func (c *fakeEvents) PatchWithEventNamespaceWithContext(_ context.Context, event *v1.Event, data []byte) (*v1.Event, error) {
 	// TODO: Should be configurable to support additional patch strategies.
 	pt := types.StrategicMergePatchType
 	var action core.PatchActionImpl
@@ -76,7 +98,14 @@ func (c *fakeEvents) PatchWithEventNamespace(event *v1.Event, data []byte) (*v1.
 }
 
 // Search returns a list of events matching the specified object.
+//
+// Deprecated: use SearchWithContext instead.
 func (c *fakeEvents) Search(scheme *runtime.Scheme, objOrRef runtime.Object) (*v1.EventList, error) {
+	return c.SearchWithContext(context.Background(), scheme, objOrRef)
+}
+
+// SearchWithContext returns a list of events matching the specified object.
+func (c *fakeEvents) SearchWithContext(_ context.Context, scheme *runtime.Scheme, objOrRef runtime.Object) (*v1.EventList, error) {
 	var action core.ListActionImpl
 	if c.Namespace() != "" {
 		action = core.NewListAction(c.Resource(), c.Kind(), c.Namespace(), metav1.ListOptions{})
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/discovery/v1/discovery_client.go b/vendor/k8s.io/client-go/kubernetes/typed/discovery/v1/discovery_client.go
index fbc685df82..876058d7a2 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/discovery/v1/discovery_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/discovery/v1/discovery_client.go
@@ -45,9 +45,7 @@ func (c *DiscoveryV1Client) EndpointSlices(namespace string) EndpointSliceInterf
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*DiscoveryV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*DiscoveryV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*DiscoveryV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *DiscoveryV1Client {
 	return &DiscoveryV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := discoveryv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/discovery/v1beta1/discovery_client.go b/vendor/k8s.io/client-go/kubernetes/typed/discovery/v1beta1/discovery_client.go
index 908446c6d5..d37de40506 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/discovery/v1beta1/discovery_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/discovery/v1beta1/discovery_client.go
@@ -45,9 +45,7 @@ func (c *DiscoveryV1beta1Client) EndpointSlices(namespace string) EndpointSliceI
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*DiscoveryV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*DiscoveryV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*DiscoveryV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *DiscoveryV1beta1Client {
 	return &DiscoveryV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := discoveryv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/events/v1/events_client.go b/vendor/k8s.io/client-go/kubernetes/typed/events/v1/events_client.go
index 959ff5f81a..6d7f7553b6 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/events/v1/events_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/events/v1/events_client.go
@@ -45,9 +45,7 @@ func (c *EventsV1Client) Events(namespace string) EventInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*EventsV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*EventsV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*EventsV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *EventsV1Client {
 	return &EventsV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := eventsv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/event_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/event_expansion.go
index 4ddbaa31af..bdade2c7fe 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/event_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/event_expansion.go
@@ -52,7 +52,7 @@ func (e *events) CreateWithEventNamespace(event *v1beta1.Event) (*v1beta1.Event,
 		NamespaceIfScoped(event.Namespace, len(event.Namespace) > 0).
 		Resource("events").
 		Body(event).
-		Do(context.TODO()).
+		Do(context.Background() /* Nothing to do here, v1beta1 will be removed eventually. */).
 		Into(result)
 	return result, err
 }
@@ -73,7 +73,7 @@ func (e *events) UpdateWithEventNamespace(event *v1beta1.Event) (*v1beta1.Event,
 		Resource("events").
 		Name(event.Name).
 		Body(event).
-		Do(context.TODO()).
+		Do(context.Background() /* Nothing to do here, v1beta1 will be removed eventually. */).
 		Into(result)
 	return result, err
 }
@@ -93,7 +93,7 @@ func (e *events) PatchWithEventNamespace(event *v1beta1.Event, data []byte) (*v1
 		Resource("events").
 		Name(event.Name).
 		Body(data).
-		Do(context.TODO()).
+		Do(context.Background() /* Nothing to do here, v1beta1 will be removed eventually. */).
 		Into(result)
 	return result, err
 }
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/events_client.go b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/events_client.go
index 0bfc3cb607..6670d57cd1 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/events_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/events/v1beta1/events_client.go
@@ -45,9 +45,7 @@ func (c *EventsV1beta1Client) Events(namespace string) EventInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*EventsV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*EventsV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*EventsV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *EventsV1beta1Client {
 	return &EventsV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := eventsv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/extensions_client.go b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/extensions_client.go
index 88f2279bb0..ccbd29637d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/extensions_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/extensions/v1beta1/extensions_client.go
@@ -65,9 +65,7 @@ func (c *ExtensionsV1beta1Client) ReplicaSets(namespace string) ReplicaSetInterf
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*ExtensionsV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -79,9 +77,7 @@ func NewForConfig(c *rest.Config) (*ExtensionsV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ExtensionsV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -104,7 +100,7 @@ func New(c rest.Interface) *ExtensionsV1beta1Client {
 	return &ExtensionsV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := extensionsv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -113,8 +109,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1/flowcontrol_client.go b/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1/flowcontrol_client.go
index 3b19586e91..a8af7106a3 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1/flowcontrol_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1/flowcontrol_client.go
@@ -50,9 +50,7 @@ func (c *FlowcontrolV1Client) PriorityLevelConfigurations() PriorityLevelConfigu
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*FlowcontrolV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -64,9 +62,7 @@ func NewForConfig(c *rest.Config) (*FlowcontrolV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*FlowcontrolV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -89,7 +85,7 @@ func New(c rest.Interface) *FlowcontrolV1Client {
 	return &FlowcontrolV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := flowcontrolv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -98,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/flowcontrol_client.go b/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/flowcontrol_client.go
index ac3f5ffe81..d7517f9868 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/flowcontrol_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta1/flowcontrol_client.go
@@ -50,9 +50,7 @@ func (c *FlowcontrolV1beta1Client) PriorityLevelConfigurations() PriorityLevelCo
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*FlowcontrolV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -64,9 +62,7 @@ func NewForConfig(c *rest.Config) (*FlowcontrolV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*FlowcontrolV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -89,7 +85,7 @@ func New(c rest.Interface) *FlowcontrolV1beta1Client {
 	return &FlowcontrolV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := flowcontrolv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -98,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta2/flowcontrol_client.go b/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta2/flowcontrol_client.go
index 7652d4f39b..6cac8b89a9 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta2/flowcontrol_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta2/flowcontrol_client.go
@@ -50,9 +50,7 @@ func (c *FlowcontrolV1beta2Client) PriorityLevelConfigurations() PriorityLevelCo
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*FlowcontrolV1beta2Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -64,9 +62,7 @@ func NewForConfig(c *rest.Config) (*FlowcontrolV1beta2Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*FlowcontrolV1beta2Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -89,7 +85,7 @@ func New(c rest.Interface) *FlowcontrolV1beta2Client {
 	return &FlowcontrolV1beta2Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := flowcontrolv1beta2.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -98,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta3/flowcontrol_client.go b/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta3/flowcontrol_client.go
index b32dc911c7..340cedd67a 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta3/flowcontrol_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta3/flowcontrol_client.go
@@ -50,9 +50,7 @@ func (c *FlowcontrolV1beta3Client) PriorityLevelConfigurations() PriorityLevelCo
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*FlowcontrolV1beta3Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -64,9 +62,7 @@ func NewForConfig(c *rest.Config) (*FlowcontrolV1beta3Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*FlowcontrolV1beta3Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -89,7 +85,7 @@ func New(c rest.Interface) *FlowcontrolV1beta3Client {
 	return &FlowcontrolV1beta3Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := flowcontrolv1beta3.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -98,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/fake/fake_ipaddress.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/fake/fake_ipaddress.go
new file mode 100644
index 0000000000..15f4e3c1ce
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/fake/fake_ipaddress.go
@@ -0,0 +1,49 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1 "k8s.io/api/networking/v1"
+	networkingv1 "k8s.io/client-go/applyconfigurations/networking/v1"
+	gentype "k8s.io/client-go/gentype"
+	typednetworkingv1 "k8s.io/client-go/kubernetes/typed/networking/v1"
+)
+
+// fakeIPAddresses implements IPAddressInterface
+type fakeIPAddresses struct {
+	*gentype.FakeClientWithListAndApply[*v1.IPAddress, *v1.IPAddressList, *networkingv1.IPAddressApplyConfiguration]
+	Fake *FakeNetworkingV1
+}
+
+func newFakeIPAddresses(fake *FakeNetworkingV1) typednetworkingv1.IPAddressInterface {
+	return &fakeIPAddresses{
+		gentype.NewFakeClientWithListAndApply[*v1.IPAddress, *v1.IPAddressList, *networkingv1.IPAddressApplyConfiguration](
+			fake.Fake,
+			"",
+			v1.SchemeGroupVersion.WithResource("ipaddresses"),
+			v1.SchemeGroupVersion.WithKind("IPAddress"),
+			func() *v1.IPAddress { return &v1.IPAddress{} },
+			func() *v1.IPAddressList { return &v1.IPAddressList{} },
+			func(dst, src *v1.IPAddressList) { dst.ListMeta = src.ListMeta },
+			func(list *v1.IPAddressList) []*v1.IPAddress { return gentype.ToPointerSlice(list.Items) },
+			func(list *v1.IPAddressList, items []*v1.IPAddress) { list.Items = gentype.FromPointerSlice(items) },
+		),
+		fake,
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/fake/fake_networking_client.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/fake/fake_networking_client.go
index 3b6a36ffee..ba61689e60 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/fake/fake_networking_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/fake/fake_networking_client.go
@@ -28,6 +28,10 @@ type FakeNetworkingV1 struct {
 	*testing.Fake
 }
 
+func (c *FakeNetworkingV1) IPAddresses() v1.IPAddressInterface {
+	return newFakeIPAddresses(c)
+}
+
 func (c *FakeNetworkingV1) Ingresses(namespace string) v1.IngressInterface {
 	return newFakeIngresses(c, namespace)
 }
@@ -40,6 +44,10 @@ func (c *FakeNetworkingV1) NetworkPolicies(namespace string) v1.NetworkPolicyInt
 	return newFakeNetworkPolicies(c, namespace)
 }
 
+func (c *FakeNetworkingV1) ServiceCIDRs() v1.ServiceCIDRInterface {
+	return newFakeServiceCIDRs(c)
+}
+
 // RESTClient returns a RESTClient that is used to communicate
 // with API server by this client implementation.
 func (c *FakeNetworkingV1) RESTClient() rest.Interface {
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/fake/fake_servicecidr.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/fake/fake_servicecidr.go
new file mode 100644
index 0000000000..c82391fb40
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/fake/fake_servicecidr.go
@@ -0,0 +1,49 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1 "k8s.io/api/networking/v1"
+	networkingv1 "k8s.io/client-go/applyconfigurations/networking/v1"
+	gentype "k8s.io/client-go/gentype"
+	typednetworkingv1 "k8s.io/client-go/kubernetes/typed/networking/v1"
+)
+
+// fakeServiceCIDRs implements ServiceCIDRInterface
+type fakeServiceCIDRs struct {
+	*gentype.FakeClientWithListAndApply[*v1.ServiceCIDR, *v1.ServiceCIDRList, *networkingv1.ServiceCIDRApplyConfiguration]
+	Fake *FakeNetworkingV1
+}
+
+func newFakeServiceCIDRs(fake *FakeNetworkingV1) typednetworkingv1.ServiceCIDRInterface {
+	return &fakeServiceCIDRs{
+		gentype.NewFakeClientWithListAndApply[*v1.ServiceCIDR, *v1.ServiceCIDRList, *networkingv1.ServiceCIDRApplyConfiguration](
+			fake.Fake,
+			"",
+			v1.SchemeGroupVersion.WithResource("servicecidrs"),
+			v1.SchemeGroupVersion.WithKind("ServiceCIDR"),
+			func() *v1.ServiceCIDR { return &v1.ServiceCIDR{} },
+			func() *v1.ServiceCIDRList { return &v1.ServiceCIDRList{} },
+			func(dst, src *v1.ServiceCIDRList) { dst.ListMeta = src.ListMeta },
+			func(list *v1.ServiceCIDRList) []*v1.ServiceCIDR { return gentype.ToPointerSlice(list.Items) },
+			func(list *v1.ServiceCIDRList, items []*v1.ServiceCIDR) { list.Items = gentype.FromPointerSlice(items) },
+		),
+		fake,
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/generated_expansion.go
index 52b70c514e..88f0f9f673 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/generated_expansion.go
@@ -18,8 +18,12 @@ limitations under the License.
 
 package v1
 
+type IPAddressExpansion interface{}
+
 type IngressExpansion interface{}
 
 type IngressClassExpansion interface{}
 
 type NetworkPolicyExpansion interface{}
+
+type ServiceCIDRExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/ipaddress.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/ipaddress.go
new file mode 100644
index 0000000000..c3328cc3d7
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/ipaddress.go
@@ -0,0 +1,71 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	context "context"
+
+	networkingv1 "k8s.io/api/networking/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	applyconfigurationsnetworkingv1 "k8s.io/client-go/applyconfigurations/networking/v1"
+	gentype "k8s.io/client-go/gentype"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+)
+
+// IPAddressesGetter has a method to return a IPAddressInterface.
+// A group's client should implement this interface.
+type IPAddressesGetter interface {
+	IPAddresses() IPAddressInterface
+}
+
+// IPAddressInterface has methods to work with IPAddress resources.
+type IPAddressInterface interface {
+	Create(ctx context.Context, iPAddress *networkingv1.IPAddress, opts metav1.CreateOptions) (*networkingv1.IPAddress, error)
+	Update(ctx context.Context, iPAddress *networkingv1.IPAddress, opts metav1.UpdateOptions) (*networkingv1.IPAddress, error)
+	Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error
+	DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error
+	Get(ctx context.Context, name string, opts metav1.GetOptions) (*networkingv1.IPAddress, error)
+	List(ctx context.Context, opts metav1.ListOptions) (*networkingv1.IPAddressList, error)
+	Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error)
+	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *networkingv1.IPAddress, err error)
+	Apply(ctx context.Context, iPAddress *applyconfigurationsnetworkingv1.IPAddressApplyConfiguration, opts metav1.ApplyOptions) (result *networkingv1.IPAddress, err error)
+	IPAddressExpansion
+}
+
+// iPAddresses implements IPAddressInterface
+type iPAddresses struct {
+	*gentype.ClientWithListAndApply[*networkingv1.IPAddress, *networkingv1.IPAddressList, *applyconfigurationsnetworkingv1.IPAddressApplyConfiguration]
+}
+
+// newIPAddresses returns a IPAddresses
+func newIPAddresses(c *NetworkingV1Client) *iPAddresses {
+	return &iPAddresses{
+		gentype.NewClientWithListAndApply[*networkingv1.IPAddress, *networkingv1.IPAddressList, *applyconfigurationsnetworkingv1.IPAddressApplyConfiguration](
+			"ipaddresses",
+			c.RESTClient(),
+			scheme.ParameterCodec,
+			"",
+			func() *networkingv1.IPAddress { return &networkingv1.IPAddress{} },
+			func() *networkingv1.IPAddressList { return &networkingv1.IPAddressList{} },
+			gentype.PrefersProtobuf[*networkingv1.IPAddress](),
+		),
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networking_client.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networking_client.go
index 692b52f025..3411c053bb 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networking_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/networking_client.go
@@ -28,9 +28,11 @@ import (
 
 type NetworkingV1Interface interface {
 	RESTClient() rest.Interface
+	IPAddressesGetter
 	IngressesGetter
 	IngressClassesGetter
 	NetworkPoliciesGetter
+	ServiceCIDRsGetter
 }
 
 // NetworkingV1Client is used to interact with features provided by the networking.k8s.io group.
@@ -38,6 +40,10 @@ type NetworkingV1Client struct {
 	restClient rest.Interface
 }
 
+func (c *NetworkingV1Client) IPAddresses() IPAddressInterface {
+	return newIPAddresses(c)
+}
+
 func (c *NetworkingV1Client) Ingresses(namespace string) IngressInterface {
 	return newIngresses(c, namespace)
 }
@@ -50,14 +56,16 @@ func (c *NetworkingV1Client) NetworkPolicies(namespace string) NetworkPolicyInte
 	return newNetworkPolicies(c, namespace)
 }
 
+func (c *NetworkingV1Client) ServiceCIDRs() ServiceCIDRInterface {
+	return newServiceCIDRs(c)
+}
+
 // NewForConfig creates a new NetworkingV1Client for the given config.
 // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient),
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*NetworkingV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -69,9 +77,7 @@ func NewForConfig(c *rest.Config) (*NetworkingV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*NetworkingV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -94,7 +100,7 @@ func New(c rest.Interface) *NetworkingV1Client {
 	return &NetworkingV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := networkingv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -103,8 +109,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/servicecidr.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/servicecidr.go
new file mode 100644
index 0000000000..b22f30c2ca
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1/servicecidr.go
@@ -0,0 +1,75 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	context "context"
+
+	networkingv1 "k8s.io/api/networking/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	applyconfigurationsnetworkingv1 "k8s.io/client-go/applyconfigurations/networking/v1"
+	gentype "k8s.io/client-go/gentype"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+)
+
+// ServiceCIDRsGetter has a method to return a ServiceCIDRInterface.
+// A group's client should implement this interface.
+type ServiceCIDRsGetter interface {
+	ServiceCIDRs() ServiceCIDRInterface
+}
+
+// ServiceCIDRInterface has methods to work with ServiceCIDR resources.
+type ServiceCIDRInterface interface {
+	Create(ctx context.Context, serviceCIDR *networkingv1.ServiceCIDR, opts metav1.CreateOptions) (*networkingv1.ServiceCIDR, error)
+	Update(ctx context.Context, serviceCIDR *networkingv1.ServiceCIDR, opts metav1.UpdateOptions) (*networkingv1.ServiceCIDR, error)
+	// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
+	UpdateStatus(ctx context.Context, serviceCIDR *networkingv1.ServiceCIDR, opts metav1.UpdateOptions) (*networkingv1.ServiceCIDR, error)
+	Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error
+	DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error
+	Get(ctx context.Context, name string, opts metav1.GetOptions) (*networkingv1.ServiceCIDR, error)
+	List(ctx context.Context, opts metav1.ListOptions) (*networkingv1.ServiceCIDRList, error)
+	Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error)
+	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *networkingv1.ServiceCIDR, err error)
+	Apply(ctx context.Context, serviceCIDR *applyconfigurationsnetworkingv1.ServiceCIDRApplyConfiguration, opts metav1.ApplyOptions) (result *networkingv1.ServiceCIDR, err error)
+	// Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus().
+	ApplyStatus(ctx context.Context, serviceCIDR *applyconfigurationsnetworkingv1.ServiceCIDRApplyConfiguration, opts metav1.ApplyOptions) (result *networkingv1.ServiceCIDR, err error)
+	ServiceCIDRExpansion
+}
+
+// serviceCIDRs implements ServiceCIDRInterface
+type serviceCIDRs struct {
+	*gentype.ClientWithListAndApply[*networkingv1.ServiceCIDR, *networkingv1.ServiceCIDRList, *applyconfigurationsnetworkingv1.ServiceCIDRApplyConfiguration]
+}
+
+// newServiceCIDRs returns a ServiceCIDRs
+func newServiceCIDRs(c *NetworkingV1Client) *serviceCIDRs {
+	return &serviceCIDRs{
+		gentype.NewClientWithListAndApply[*networkingv1.ServiceCIDR, *networkingv1.ServiceCIDRList, *applyconfigurationsnetworkingv1.ServiceCIDRApplyConfiguration](
+			"servicecidrs",
+			c.RESTClient(),
+			scheme.ParameterCodec,
+			"",
+			func() *networkingv1.ServiceCIDR { return &networkingv1.ServiceCIDR{} },
+			func() *networkingv1.ServiceCIDRList { return &networkingv1.ServiceCIDRList{} },
+			gentype.PrefersProtobuf[*networkingv1.ServiceCIDR](),
+		),
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1alpha1/networking_client.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1alpha1/networking_client.go
index 9e1b3064d8..c9d1dfd299 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1alpha1/networking_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1alpha1/networking_client.go
@@ -50,9 +50,7 @@ func (c *NetworkingV1alpha1Client) ServiceCIDRs() ServiceCIDRInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*NetworkingV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -64,9 +62,7 @@ func NewForConfig(c *rest.Config) (*NetworkingV1alpha1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*NetworkingV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -89,7 +85,7 @@ func New(c rest.Interface) *NetworkingV1alpha1Client {
 	return &NetworkingV1alpha1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := networkingv1alpha1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -98,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1beta1/networking_client.go b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1beta1/networking_client.go
index cb4b0c601b..c30acf0a2b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/networking/v1beta1/networking_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/networking/v1beta1/networking_client.go
@@ -60,9 +60,7 @@ func (c *NetworkingV1beta1Client) ServiceCIDRs() ServiceCIDRInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*NetworkingV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +72,7 @@ func NewForConfig(c *rest.Config) (*NetworkingV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*NetworkingV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +95,7 @@ func New(c rest.Interface) *NetworkingV1beta1Client {
 	return &NetworkingV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := networkingv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +104,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/node/v1/node_client.go b/vendor/k8s.io/client-go/kubernetes/typed/node/v1/node_client.go
index 3bde211713..b1b2f7c07b 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/node/v1/node_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/node/v1/node_client.go
@@ -45,9 +45,7 @@ func (c *NodeV1Client) RuntimeClasses() RuntimeClassInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*NodeV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*NodeV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*NodeV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *NodeV1Client {
 	return &NodeV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := nodev1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/node/v1alpha1/node_client.go b/vendor/k8s.io/client-go/kubernetes/typed/node/v1alpha1/node_client.go
index e47ef35485..e11398de46 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/node/v1alpha1/node_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/node/v1alpha1/node_client.go
@@ -45,9 +45,7 @@ func (c *NodeV1alpha1Client) RuntimeClasses() RuntimeClassInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*NodeV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*NodeV1alpha1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*NodeV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *NodeV1alpha1Client {
 	return &NodeV1alpha1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := nodev1alpha1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/node/v1beta1/node_client.go b/vendor/k8s.io/client-go/kubernetes/typed/node/v1beta1/node_client.go
index c7864a4796..bc9b1f6a29 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/node/v1beta1/node_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/node/v1beta1/node_client.go
@@ -45,9 +45,7 @@ func (c *NodeV1beta1Client) RuntimeClasses() RuntimeClassInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*NodeV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*NodeV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*NodeV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *NodeV1beta1Client {
 	return &NodeV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := nodev1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1/policy_client.go b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1/policy_client.go
index 8d84f460b0..fdbbc922b6 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1/policy_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1/policy_client.go
@@ -50,9 +50,7 @@ func (c *PolicyV1Client) PodDisruptionBudgets(namespace string) PodDisruptionBud
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*PolicyV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -64,9 +62,7 @@ func NewForConfig(c *rest.Config) (*PolicyV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*PolicyV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -89,7 +85,7 @@ func New(c rest.Interface) *PolicyV1Client {
 	return &PolicyV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := policyv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -98,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/policy_client.go b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/policy_client.go
index d8e78627e1..666e1b7f87 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/policy_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/policy/v1beta1/policy_client.go
@@ -50,9 +50,7 @@ func (c *PolicyV1beta1Client) PodDisruptionBudgets(namespace string) PodDisrupti
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*PolicyV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -64,9 +62,7 @@ func NewForConfig(c *rest.Config) (*PolicyV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*PolicyV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -89,7 +85,7 @@ func New(c rest.Interface) *PolicyV1beta1Client {
 	return &PolicyV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := policyv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -98,8 +94,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rbac_client.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rbac_client.go
index c586ee638b..8eee912fc2 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rbac_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1/rbac_client.go
@@ -60,9 +60,7 @@ func (c *RbacV1Client) RoleBindings(namespace string) RoleBindingInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*RbacV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +72,7 @@ func NewForConfig(c *rest.Config) (*RbacV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*RbacV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +95,7 @@ func New(c rest.Interface) *RbacV1Client {
 	return &RbacV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := rbacv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +104,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rbac_client.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rbac_client.go
index df46fc3aaa..2e7dc98420 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rbac_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1alpha1/rbac_client.go
@@ -60,9 +60,7 @@ func (c *RbacV1alpha1Client) RoleBindings(namespace string) RoleBindingInterface
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*RbacV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +72,7 @@ func NewForConfig(c *rest.Config) (*RbacV1alpha1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*RbacV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +95,7 @@ func New(c rest.Interface) *RbacV1alpha1Client {
 	return &RbacV1alpha1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := rbacv1alpha1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +104,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rbac_client.go b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rbac_client.go
index 5739bb289e..69f464147a 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rbac_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/rbac/v1beta1/rbac_client.go
@@ -60,9 +60,7 @@ func (c *RbacV1beta1Client) RoleBindings(namespace string) RoleBindingInterface
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*RbacV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +72,7 @@ func NewForConfig(c *rest.Config) (*RbacV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*RbacV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +95,7 @@ func New(c rest.Interface) *RbacV1beta1Client {
 	return &RbacV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := rbacv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +104,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/devicetaintrule.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/devicetaintrule.go
new file mode 100644
index 0000000000..77e26b6e3a
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/devicetaintrule.go
@@ -0,0 +1,71 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1alpha3
+
+import (
+	context "context"
+
+	resourcev1alpha3 "k8s.io/api/resource/v1alpha3"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	applyconfigurationsresourcev1alpha3 "k8s.io/client-go/applyconfigurations/resource/v1alpha3"
+	gentype "k8s.io/client-go/gentype"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+)
+
+// DeviceTaintRulesGetter has a method to return a DeviceTaintRuleInterface.
+// A group's client should implement this interface.
+type DeviceTaintRulesGetter interface {
+	DeviceTaintRules() DeviceTaintRuleInterface
+}
+
+// DeviceTaintRuleInterface has methods to work with DeviceTaintRule resources.
+type DeviceTaintRuleInterface interface {
+	Create(ctx context.Context, deviceTaintRule *resourcev1alpha3.DeviceTaintRule, opts v1.CreateOptions) (*resourcev1alpha3.DeviceTaintRule, error)
+	Update(ctx context.Context, deviceTaintRule *resourcev1alpha3.DeviceTaintRule, opts v1.UpdateOptions) (*resourcev1alpha3.DeviceTaintRule, error)
+	Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
+	DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
+	Get(ctx context.Context, name string, opts v1.GetOptions) (*resourcev1alpha3.DeviceTaintRule, error)
+	List(ctx context.Context, opts v1.ListOptions) (*resourcev1alpha3.DeviceTaintRuleList, error)
+	Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
+	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *resourcev1alpha3.DeviceTaintRule, err error)
+	Apply(ctx context.Context, deviceTaintRule *applyconfigurationsresourcev1alpha3.DeviceTaintRuleApplyConfiguration, opts v1.ApplyOptions) (result *resourcev1alpha3.DeviceTaintRule, err error)
+	DeviceTaintRuleExpansion
+}
+
+// deviceTaintRules implements DeviceTaintRuleInterface
+type deviceTaintRules struct {
+	*gentype.ClientWithListAndApply[*resourcev1alpha3.DeviceTaintRule, *resourcev1alpha3.DeviceTaintRuleList, *applyconfigurationsresourcev1alpha3.DeviceTaintRuleApplyConfiguration]
+}
+
+// newDeviceTaintRules returns a DeviceTaintRules
+func newDeviceTaintRules(c *ResourceV1alpha3Client) *deviceTaintRules {
+	return &deviceTaintRules{
+		gentype.NewClientWithListAndApply[*resourcev1alpha3.DeviceTaintRule, *resourcev1alpha3.DeviceTaintRuleList, *applyconfigurationsresourcev1alpha3.DeviceTaintRuleApplyConfiguration](
+			"devicetaintrules",
+			c.RESTClient(),
+			scheme.ParameterCodec,
+			"",
+			func() *resourcev1alpha3.DeviceTaintRule { return &resourcev1alpha3.DeviceTaintRule{} },
+			func() *resourcev1alpha3.DeviceTaintRuleList { return &resourcev1alpha3.DeviceTaintRuleList{} },
+			gentype.PrefersProtobuf[*resourcev1alpha3.DeviceTaintRule](),
+		),
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/fake/fake_devicetaintrule.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/fake/fake_devicetaintrule.go
new file mode 100644
index 0000000000..62a55561f3
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/fake/fake_devicetaintrule.go
@@ -0,0 +1,53 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1alpha3 "k8s.io/api/resource/v1alpha3"
+	resourcev1alpha3 "k8s.io/client-go/applyconfigurations/resource/v1alpha3"
+	gentype "k8s.io/client-go/gentype"
+	typedresourcev1alpha3 "k8s.io/client-go/kubernetes/typed/resource/v1alpha3"
+)
+
+// fakeDeviceTaintRules implements DeviceTaintRuleInterface
+type fakeDeviceTaintRules struct {
+	*gentype.FakeClientWithListAndApply[*v1alpha3.DeviceTaintRule, *v1alpha3.DeviceTaintRuleList, *resourcev1alpha3.DeviceTaintRuleApplyConfiguration]
+	Fake *FakeResourceV1alpha3
+}
+
+func newFakeDeviceTaintRules(fake *FakeResourceV1alpha3) typedresourcev1alpha3.DeviceTaintRuleInterface {
+	return &fakeDeviceTaintRules{
+		gentype.NewFakeClientWithListAndApply[*v1alpha3.DeviceTaintRule, *v1alpha3.DeviceTaintRuleList, *resourcev1alpha3.DeviceTaintRuleApplyConfiguration](
+			fake.Fake,
+			"",
+			v1alpha3.SchemeGroupVersion.WithResource("devicetaintrules"),
+			v1alpha3.SchemeGroupVersion.WithKind("DeviceTaintRule"),
+			func() *v1alpha3.DeviceTaintRule { return &v1alpha3.DeviceTaintRule{} },
+			func() *v1alpha3.DeviceTaintRuleList { return &v1alpha3.DeviceTaintRuleList{} },
+			func(dst, src *v1alpha3.DeviceTaintRuleList) { dst.ListMeta = src.ListMeta },
+			func(list *v1alpha3.DeviceTaintRuleList) []*v1alpha3.DeviceTaintRule {
+				return gentype.ToPointerSlice(list.Items)
+			},
+			func(list *v1alpha3.DeviceTaintRuleList, items []*v1alpha3.DeviceTaintRule) {
+				list.Items = gentype.FromPointerSlice(items)
+			},
+		),
+		fake,
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/fake/fake_resource_client.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/fake/fake_resource_client.go
index 83dfdb2b93..d6d872d85d 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/fake/fake_resource_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/fake/fake_resource_client.go
@@ -32,6 +32,10 @@ func (c *FakeResourceV1alpha3) DeviceClasses() v1alpha3.DeviceClassInterface {
 	return newFakeDeviceClasses(c)
 }
 
+func (c *FakeResourceV1alpha3) DeviceTaintRules() v1alpha3.DeviceTaintRuleInterface {
+	return newFakeDeviceTaintRules(c)
+}
+
 func (c *FakeResourceV1alpha3) ResourceClaims(namespace string) v1alpha3.ResourceClaimInterface {
 	return newFakeResourceClaims(c, namespace)
 }
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/generated_expansion.go
index cd8862ea84..6a7ffeda81 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/generated_expansion.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/generated_expansion.go
@@ -20,6 +20,8 @@ package v1alpha3
 
 type DeviceClassExpansion interface{}
 
+type DeviceTaintRuleExpansion interface{}
+
 type ResourceClaimExpansion interface{}
 
 type ResourceClaimTemplateExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/resource_client.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/resource_client.go
index acc9b97c22..7e16ac1540 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/resource_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1alpha3/resource_client.go
@@ -29,6 +29,7 @@ import (
 type ResourceV1alpha3Interface interface {
 	RESTClient() rest.Interface
 	DeviceClassesGetter
+	DeviceTaintRulesGetter
 	ResourceClaimsGetter
 	ResourceClaimTemplatesGetter
 	ResourceSlicesGetter
@@ -43,6 +44,10 @@ func (c *ResourceV1alpha3Client) DeviceClasses() DeviceClassInterface {
 	return newDeviceClasses(c)
 }
 
+func (c *ResourceV1alpha3Client) DeviceTaintRules() DeviceTaintRuleInterface {
+	return newDeviceTaintRules(c)
+}
+
 func (c *ResourceV1alpha3Client) ResourceClaims(namespace string) ResourceClaimInterface {
 	return newResourceClaims(c, namespace)
 }
@@ -60,9 +65,7 @@ func (c *ResourceV1alpha3Client) ResourceSlices() ResourceSliceInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*ResourceV1alpha3Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +77,7 @@ func NewForConfig(c *rest.Config) (*ResourceV1alpha3Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ResourceV1alpha3Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +100,7 @@ func New(c rest.Interface) *ResourceV1alpha3Client {
 	return &ResourceV1alpha3Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := resourcev1alpha3.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +109,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta1/resource_client.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta1/resource_client.go
index c6a3b28369..789d34a91f 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta1/resource_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta1/resource_client.go
@@ -60,9 +60,7 @@ func (c *ResourceV1beta1Client) ResourceSlices() ResourceSliceInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*ResourceV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -74,9 +72,7 @@ func NewForConfig(c *rest.Config) (*ResourceV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ResourceV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -99,7 +95,7 @@ func New(c rest.Interface) *ResourceV1beta1Client {
 	return &ResourceV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := resourcev1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -108,8 +104,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/deviceclass.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/deviceclass.go
new file mode 100644
index 0000000000..0943193f67
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/deviceclass.go
@@ -0,0 +1,71 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	context "context"
+
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	applyconfigurationsresourcev1beta2 "k8s.io/client-go/applyconfigurations/resource/v1beta2"
+	gentype "k8s.io/client-go/gentype"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+)
+
+// DeviceClassesGetter has a method to return a DeviceClassInterface.
+// A group's client should implement this interface.
+type DeviceClassesGetter interface {
+	DeviceClasses() DeviceClassInterface
+}
+
+// DeviceClassInterface has methods to work with DeviceClass resources.
+type DeviceClassInterface interface {
+	Create(ctx context.Context, deviceClass *resourcev1beta2.DeviceClass, opts v1.CreateOptions) (*resourcev1beta2.DeviceClass, error)
+	Update(ctx context.Context, deviceClass *resourcev1beta2.DeviceClass, opts v1.UpdateOptions) (*resourcev1beta2.DeviceClass, error)
+	Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
+	DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
+	Get(ctx context.Context, name string, opts v1.GetOptions) (*resourcev1beta2.DeviceClass, error)
+	List(ctx context.Context, opts v1.ListOptions) (*resourcev1beta2.DeviceClassList, error)
+	Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
+	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *resourcev1beta2.DeviceClass, err error)
+	Apply(ctx context.Context, deviceClass *applyconfigurationsresourcev1beta2.DeviceClassApplyConfiguration, opts v1.ApplyOptions) (result *resourcev1beta2.DeviceClass, err error)
+	DeviceClassExpansion
+}
+
+// deviceClasses implements DeviceClassInterface
+type deviceClasses struct {
+	*gentype.ClientWithListAndApply[*resourcev1beta2.DeviceClass, *resourcev1beta2.DeviceClassList, *applyconfigurationsresourcev1beta2.DeviceClassApplyConfiguration]
+}
+
+// newDeviceClasses returns a DeviceClasses
+func newDeviceClasses(c *ResourceV1beta2Client) *deviceClasses {
+	return &deviceClasses{
+		gentype.NewClientWithListAndApply[*resourcev1beta2.DeviceClass, *resourcev1beta2.DeviceClassList, *applyconfigurationsresourcev1beta2.DeviceClassApplyConfiguration](
+			"deviceclasses",
+			c.RESTClient(),
+			scheme.ParameterCodec,
+			"",
+			func() *resourcev1beta2.DeviceClass { return &resourcev1beta2.DeviceClass{} },
+			func() *resourcev1beta2.DeviceClassList { return &resourcev1beta2.DeviceClassList{} },
+			gentype.PrefersProtobuf[*resourcev1beta2.DeviceClass](),
+		),
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/doc.go
new file mode 100644
index 0000000000..56518ef7f2
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/doc.go
@@ -0,0 +1,20 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+// This package has the automatically generated typed clients.
+package v1beta2
diff --git a/vendor/github.com/google/gofuzz/doc.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/doc.go
similarity index 77%
rename from vendor/github.com/google/gofuzz/doc.go
rename to vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/doc.go
index 9f9956d4a6..16f4439906 100644
--- a/vendor/github.com/google/gofuzz/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/doc.go
@@ -1,5 +1,5 @@
 /*
-Copyright 2014 Google Inc. All rights reserved.
+Copyright The Kubernetes Authors.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -14,5 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// Package fuzz is a library for populating go objects with random values.
-package fuzz
+// Code generated by client-gen. DO NOT EDIT.
+
+// Package fake has the automatically generated clients.
+package fake
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_deviceclass.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_deviceclass.go
new file mode 100644
index 0000000000..540f278ca1
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_deviceclass.go
@@ -0,0 +1,51 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1beta2 "k8s.io/api/resource/v1beta2"
+	resourcev1beta2 "k8s.io/client-go/applyconfigurations/resource/v1beta2"
+	gentype "k8s.io/client-go/gentype"
+	typedresourcev1beta2 "k8s.io/client-go/kubernetes/typed/resource/v1beta2"
+)
+
+// fakeDeviceClasses implements DeviceClassInterface
+type fakeDeviceClasses struct {
+	*gentype.FakeClientWithListAndApply[*v1beta2.DeviceClass, *v1beta2.DeviceClassList, *resourcev1beta2.DeviceClassApplyConfiguration]
+	Fake *FakeResourceV1beta2
+}
+
+func newFakeDeviceClasses(fake *FakeResourceV1beta2) typedresourcev1beta2.DeviceClassInterface {
+	return &fakeDeviceClasses{
+		gentype.NewFakeClientWithListAndApply[*v1beta2.DeviceClass, *v1beta2.DeviceClassList, *resourcev1beta2.DeviceClassApplyConfiguration](
+			fake.Fake,
+			"",
+			v1beta2.SchemeGroupVersion.WithResource("deviceclasses"),
+			v1beta2.SchemeGroupVersion.WithKind("DeviceClass"),
+			func() *v1beta2.DeviceClass { return &v1beta2.DeviceClass{} },
+			func() *v1beta2.DeviceClassList { return &v1beta2.DeviceClassList{} },
+			func(dst, src *v1beta2.DeviceClassList) { dst.ListMeta = src.ListMeta },
+			func(list *v1beta2.DeviceClassList) []*v1beta2.DeviceClass { return gentype.ToPointerSlice(list.Items) },
+			func(list *v1beta2.DeviceClassList, items []*v1beta2.DeviceClass) {
+				list.Items = gentype.FromPointerSlice(items)
+			},
+		),
+		fake,
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resource_client.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resource_client.go
new file mode 100644
index 0000000000..10c5c0e337
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resource_client.go
@@ -0,0 +1,52 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1beta2 "k8s.io/client-go/kubernetes/typed/resource/v1beta2"
+	rest "k8s.io/client-go/rest"
+	testing "k8s.io/client-go/testing"
+)
+
+type FakeResourceV1beta2 struct {
+	*testing.Fake
+}
+
+func (c *FakeResourceV1beta2) DeviceClasses() v1beta2.DeviceClassInterface {
+	return newFakeDeviceClasses(c)
+}
+
+func (c *FakeResourceV1beta2) ResourceClaims(namespace string) v1beta2.ResourceClaimInterface {
+	return newFakeResourceClaims(c, namespace)
+}
+
+func (c *FakeResourceV1beta2) ResourceClaimTemplates(namespace string) v1beta2.ResourceClaimTemplateInterface {
+	return newFakeResourceClaimTemplates(c, namespace)
+}
+
+func (c *FakeResourceV1beta2) ResourceSlices() v1beta2.ResourceSliceInterface {
+	return newFakeResourceSlices(c)
+}
+
+// RESTClient returns a RESTClient that is used to communicate
+// with API server by this client implementation.
+func (c *FakeResourceV1beta2) RESTClient() rest.Interface {
+	var ret *rest.RESTClient
+	return ret
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resourceclaim.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resourceclaim.go
new file mode 100644
index 0000000000..f093917621
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resourceclaim.go
@@ -0,0 +1,53 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1beta2 "k8s.io/api/resource/v1beta2"
+	resourcev1beta2 "k8s.io/client-go/applyconfigurations/resource/v1beta2"
+	gentype "k8s.io/client-go/gentype"
+	typedresourcev1beta2 "k8s.io/client-go/kubernetes/typed/resource/v1beta2"
+)
+
+// fakeResourceClaims implements ResourceClaimInterface
+type fakeResourceClaims struct {
+	*gentype.FakeClientWithListAndApply[*v1beta2.ResourceClaim, *v1beta2.ResourceClaimList, *resourcev1beta2.ResourceClaimApplyConfiguration]
+	Fake *FakeResourceV1beta2
+}
+
+func newFakeResourceClaims(fake *FakeResourceV1beta2, namespace string) typedresourcev1beta2.ResourceClaimInterface {
+	return &fakeResourceClaims{
+		gentype.NewFakeClientWithListAndApply[*v1beta2.ResourceClaim, *v1beta2.ResourceClaimList, *resourcev1beta2.ResourceClaimApplyConfiguration](
+			fake.Fake,
+			namespace,
+			v1beta2.SchemeGroupVersion.WithResource("resourceclaims"),
+			v1beta2.SchemeGroupVersion.WithKind("ResourceClaim"),
+			func() *v1beta2.ResourceClaim { return &v1beta2.ResourceClaim{} },
+			func() *v1beta2.ResourceClaimList { return &v1beta2.ResourceClaimList{} },
+			func(dst, src *v1beta2.ResourceClaimList) { dst.ListMeta = src.ListMeta },
+			func(list *v1beta2.ResourceClaimList) []*v1beta2.ResourceClaim {
+				return gentype.ToPointerSlice(list.Items)
+			},
+			func(list *v1beta2.ResourceClaimList, items []*v1beta2.ResourceClaim) {
+				list.Items = gentype.FromPointerSlice(items)
+			},
+		),
+		fake,
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resourceclaimtemplate.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resourceclaimtemplate.go
new file mode 100644
index 0000000000..5c4bb111d7
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resourceclaimtemplate.go
@@ -0,0 +1,53 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1beta2 "k8s.io/api/resource/v1beta2"
+	resourcev1beta2 "k8s.io/client-go/applyconfigurations/resource/v1beta2"
+	gentype "k8s.io/client-go/gentype"
+	typedresourcev1beta2 "k8s.io/client-go/kubernetes/typed/resource/v1beta2"
+)
+
+// fakeResourceClaimTemplates implements ResourceClaimTemplateInterface
+type fakeResourceClaimTemplates struct {
+	*gentype.FakeClientWithListAndApply[*v1beta2.ResourceClaimTemplate, *v1beta2.ResourceClaimTemplateList, *resourcev1beta2.ResourceClaimTemplateApplyConfiguration]
+	Fake *FakeResourceV1beta2
+}
+
+func newFakeResourceClaimTemplates(fake *FakeResourceV1beta2, namespace string) typedresourcev1beta2.ResourceClaimTemplateInterface {
+	return &fakeResourceClaimTemplates{
+		gentype.NewFakeClientWithListAndApply[*v1beta2.ResourceClaimTemplate, *v1beta2.ResourceClaimTemplateList, *resourcev1beta2.ResourceClaimTemplateApplyConfiguration](
+			fake.Fake,
+			namespace,
+			v1beta2.SchemeGroupVersion.WithResource("resourceclaimtemplates"),
+			v1beta2.SchemeGroupVersion.WithKind("ResourceClaimTemplate"),
+			func() *v1beta2.ResourceClaimTemplate { return &v1beta2.ResourceClaimTemplate{} },
+			func() *v1beta2.ResourceClaimTemplateList { return &v1beta2.ResourceClaimTemplateList{} },
+			func(dst, src *v1beta2.ResourceClaimTemplateList) { dst.ListMeta = src.ListMeta },
+			func(list *v1beta2.ResourceClaimTemplateList) []*v1beta2.ResourceClaimTemplate {
+				return gentype.ToPointerSlice(list.Items)
+			},
+			func(list *v1beta2.ResourceClaimTemplateList, items []*v1beta2.ResourceClaimTemplate) {
+				list.Items = gentype.FromPointerSlice(items)
+			},
+		),
+		fake,
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resourceslice.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resourceslice.go
new file mode 100644
index 0000000000..a53b6f81da
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake/fake_resourceslice.go
@@ -0,0 +1,53 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package fake
+
+import (
+	v1beta2 "k8s.io/api/resource/v1beta2"
+	resourcev1beta2 "k8s.io/client-go/applyconfigurations/resource/v1beta2"
+	gentype "k8s.io/client-go/gentype"
+	typedresourcev1beta2 "k8s.io/client-go/kubernetes/typed/resource/v1beta2"
+)
+
+// fakeResourceSlices implements ResourceSliceInterface
+type fakeResourceSlices struct {
+	*gentype.FakeClientWithListAndApply[*v1beta2.ResourceSlice, *v1beta2.ResourceSliceList, *resourcev1beta2.ResourceSliceApplyConfiguration]
+	Fake *FakeResourceV1beta2
+}
+
+func newFakeResourceSlices(fake *FakeResourceV1beta2) typedresourcev1beta2.ResourceSliceInterface {
+	return &fakeResourceSlices{
+		gentype.NewFakeClientWithListAndApply[*v1beta2.ResourceSlice, *v1beta2.ResourceSliceList, *resourcev1beta2.ResourceSliceApplyConfiguration](
+			fake.Fake,
+			"",
+			v1beta2.SchemeGroupVersion.WithResource("resourceslices"),
+			v1beta2.SchemeGroupVersion.WithKind("ResourceSlice"),
+			func() *v1beta2.ResourceSlice { return &v1beta2.ResourceSlice{} },
+			func() *v1beta2.ResourceSliceList { return &v1beta2.ResourceSliceList{} },
+			func(dst, src *v1beta2.ResourceSliceList) { dst.ListMeta = src.ListMeta },
+			func(list *v1beta2.ResourceSliceList) []*v1beta2.ResourceSlice {
+				return gentype.ToPointerSlice(list.Items)
+			},
+			func(list *v1beta2.ResourceSliceList, items []*v1beta2.ResourceSlice) {
+				list.Items = gentype.FromPointerSlice(items)
+			},
+		),
+		fake,
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/generated_expansion.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/generated_expansion.go
new file mode 100644
index 0000000000..230ab8ccd3
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/generated_expansion.go
@@ -0,0 +1,27 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1beta2
+
+type DeviceClassExpansion interface{}
+
+type ResourceClaimExpansion interface{}
+
+type ResourceClaimTemplateExpansion interface{}
+
+type ResourceSliceExpansion interface{}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resource_client.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resource_client.go
new file mode 100644
index 0000000000..aadde5be95
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resource_client.go
@@ -0,0 +1,116 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	http "net/http"
+
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+	rest "k8s.io/client-go/rest"
+)
+
+type ResourceV1beta2Interface interface {
+	RESTClient() rest.Interface
+	DeviceClassesGetter
+	ResourceClaimsGetter
+	ResourceClaimTemplatesGetter
+	ResourceSlicesGetter
+}
+
+// ResourceV1beta2Client is used to interact with features provided by the resource.k8s.io group.
+type ResourceV1beta2Client struct {
+	restClient rest.Interface
+}
+
+func (c *ResourceV1beta2Client) DeviceClasses() DeviceClassInterface {
+	return newDeviceClasses(c)
+}
+
+func (c *ResourceV1beta2Client) ResourceClaims(namespace string) ResourceClaimInterface {
+	return newResourceClaims(c, namespace)
+}
+
+func (c *ResourceV1beta2Client) ResourceClaimTemplates(namespace string) ResourceClaimTemplateInterface {
+	return newResourceClaimTemplates(c, namespace)
+}
+
+func (c *ResourceV1beta2Client) ResourceSlices() ResourceSliceInterface {
+	return newResourceSlices(c)
+}
+
+// NewForConfig creates a new ResourceV1beta2Client for the given config.
+// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient),
+// where httpClient was generated with rest.HTTPClientFor(c).
+func NewForConfig(c *rest.Config) (*ResourceV1beta2Client, error) {
+	config := *c
+	setConfigDefaults(&config)
+	httpClient, err := rest.HTTPClientFor(&config)
+	if err != nil {
+		return nil, err
+	}
+	return NewForConfigAndClient(&config, httpClient)
+}
+
+// NewForConfigAndClient creates a new ResourceV1beta2Client for the given config and http client.
+// Note the http client provided takes precedence over the configured transport values.
+func NewForConfigAndClient(c *rest.Config, h *http.Client) (*ResourceV1beta2Client, error) {
+	config := *c
+	setConfigDefaults(&config)
+	client, err := rest.RESTClientForConfigAndClient(&config, h)
+	if err != nil {
+		return nil, err
+	}
+	return &ResourceV1beta2Client{client}, nil
+}
+
+// NewForConfigOrDie creates a new ResourceV1beta2Client for the given config and
+// panics if there is an error in the config.
+func NewForConfigOrDie(c *rest.Config) *ResourceV1beta2Client {
+	client, err := NewForConfig(c)
+	if err != nil {
+		panic(err)
+	}
+	return client
+}
+
+// New creates a new ResourceV1beta2Client for the given RESTClient.
+func New(c rest.Interface) *ResourceV1beta2Client {
+	return &ResourceV1beta2Client{c}
+}
+
+func setConfigDefaults(config *rest.Config) {
+	gv := resourcev1beta2.SchemeGroupVersion
+	config.GroupVersion = &gv
+	config.APIPath = "/apis"
+	config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion()
+
+	if config.UserAgent == "" {
+		config.UserAgent = rest.DefaultKubernetesUserAgent()
+	}
+}
+
+// RESTClient returns a RESTClient that is used to communicate
+// with API server by this client implementation.
+func (c *ResourceV1beta2Client) RESTClient() rest.Interface {
+	if c == nil {
+		return nil
+	}
+	return c.restClient
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resourceclaim.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resourceclaim.go
new file mode 100644
index 0000000000..47efefa9cc
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resourceclaim.go
@@ -0,0 +1,75 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	context "context"
+
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	applyconfigurationsresourcev1beta2 "k8s.io/client-go/applyconfigurations/resource/v1beta2"
+	gentype "k8s.io/client-go/gentype"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+)
+
+// ResourceClaimsGetter has a method to return a ResourceClaimInterface.
+// A group's client should implement this interface.
+type ResourceClaimsGetter interface {
+	ResourceClaims(namespace string) ResourceClaimInterface
+}
+
+// ResourceClaimInterface has methods to work with ResourceClaim resources.
+type ResourceClaimInterface interface {
+	Create(ctx context.Context, resourceClaim *resourcev1beta2.ResourceClaim, opts v1.CreateOptions) (*resourcev1beta2.ResourceClaim, error)
+	Update(ctx context.Context, resourceClaim *resourcev1beta2.ResourceClaim, opts v1.UpdateOptions) (*resourcev1beta2.ResourceClaim, error)
+	// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
+	UpdateStatus(ctx context.Context, resourceClaim *resourcev1beta2.ResourceClaim, opts v1.UpdateOptions) (*resourcev1beta2.ResourceClaim, error)
+	Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
+	DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
+	Get(ctx context.Context, name string, opts v1.GetOptions) (*resourcev1beta2.ResourceClaim, error)
+	List(ctx context.Context, opts v1.ListOptions) (*resourcev1beta2.ResourceClaimList, error)
+	Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
+	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *resourcev1beta2.ResourceClaim, err error)
+	Apply(ctx context.Context, resourceClaim *applyconfigurationsresourcev1beta2.ResourceClaimApplyConfiguration, opts v1.ApplyOptions) (result *resourcev1beta2.ResourceClaim, err error)
+	// Add a +genclient:noStatus comment above the type to avoid generating ApplyStatus().
+	ApplyStatus(ctx context.Context, resourceClaim *applyconfigurationsresourcev1beta2.ResourceClaimApplyConfiguration, opts v1.ApplyOptions) (result *resourcev1beta2.ResourceClaim, err error)
+	ResourceClaimExpansion
+}
+
+// resourceClaims implements ResourceClaimInterface
+type resourceClaims struct {
+	*gentype.ClientWithListAndApply[*resourcev1beta2.ResourceClaim, *resourcev1beta2.ResourceClaimList, *applyconfigurationsresourcev1beta2.ResourceClaimApplyConfiguration]
+}
+
+// newResourceClaims returns a ResourceClaims
+func newResourceClaims(c *ResourceV1beta2Client, namespace string) *resourceClaims {
+	return &resourceClaims{
+		gentype.NewClientWithListAndApply[*resourcev1beta2.ResourceClaim, *resourcev1beta2.ResourceClaimList, *applyconfigurationsresourcev1beta2.ResourceClaimApplyConfiguration](
+			"resourceclaims",
+			c.RESTClient(),
+			scheme.ParameterCodec,
+			namespace,
+			func() *resourcev1beta2.ResourceClaim { return &resourcev1beta2.ResourceClaim{} },
+			func() *resourcev1beta2.ResourceClaimList { return &resourcev1beta2.ResourceClaimList{} },
+			gentype.PrefersProtobuf[*resourcev1beta2.ResourceClaim](),
+		),
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resourceclaimtemplate.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resourceclaimtemplate.go
new file mode 100644
index 0000000000..2140a45373
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resourceclaimtemplate.go
@@ -0,0 +1,71 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	context "context"
+
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	applyconfigurationsresourcev1beta2 "k8s.io/client-go/applyconfigurations/resource/v1beta2"
+	gentype "k8s.io/client-go/gentype"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+)
+
+// ResourceClaimTemplatesGetter has a method to return a ResourceClaimTemplateInterface.
+// A group's client should implement this interface.
+type ResourceClaimTemplatesGetter interface {
+	ResourceClaimTemplates(namespace string) ResourceClaimTemplateInterface
+}
+
+// ResourceClaimTemplateInterface has methods to work with ResourceClaimTemplate resources.
+type ResourceClaimTemplateInterface interface {
+	Create(ctx context.Context, resourceClaimTemplate *resourcev1beta2.ResourceClaimTemplate, opts v1.CreateOptions) (*resourcev1beta2.ResourceClaimTemplate, error)
+	Update(ctx context.Context, resourceClaimTemplate *resourcev1beta2.ResourceClaimTemplate, opts v1.UpdateOptions) (*resourcev1beta2.ResourceClaimTemplate, error)
+	Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
+	DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
+	Get(ctx context.Context, name string, opts v1.GetOptions) (*resourcev1beta2.ResourceClaimTemplate, error)
+	List(ctx context.Context, opts v1.ListOptions) (*resourcev1beta2.ResourceClaimTemplateList, error)
+	Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
+	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *resourcev1beta2.ResourceClaimTemplate, err error)
+	Apply(ctx context.Context, resourceClaimTemplate *applyconfigurationsresourcev1beta2.ResourceClaimTemplateApplyConfiguration, opts v1.ApplyOptions) (result *resourcev1beta2.ResourceClaimTemplate, err error)
+	ResourceClaimTemplateExpansion
+}
+
+// resourceClaimTemplates implements ResourceClaimTemplateInterface
+type resourceClaimTemplates struct {
+	*gentype.ClientWithListAndApply[*resourcev1beta2.ResourceClaimTemplate, *resourcev1beta2.ResourceClaimTemplateList, *applyconfigurationsresourcev1beta2.ResourceClaimTemplateApplyConfiguration]
+}
+
+// newResourceClaimTemplates returns a ResourceClaimTemplates
+func newResourceClaimTemplates(c *ResourceV1beta2Client, namespace string) *resourceClaimTemplates {
+	return &resourceClaimTemplates{
+		gentype.NewClientWithListAndApply[*resourcev1beta2.ResourceClaimTemplate, *resourcev1beta2.ResourceClaimTemplateList, *applyconfigurationsresourcev1beta2.ResourceClaimTemplateApplyConfiguration](
+			"resourceclaimtemplates",
+			c.RESTClient(),
+			scheme.ParameterCodec,
+			namespace,
+			func() *resourcev1beta2.ResourceClaimTemplate { return &resourcev1beta2.ResourceClaimTemplate{} },
+			func() *resourcev1beta2.ResourceClaimTemplateList { return &resourcev1beta2.ResourceClaimTemplateList{} },
+			gentype.PrefersProtobuf[*resourcev1beta2.ResourceClaimTemplate](),
+		),
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resourceslice.go b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resourceslice.go
new file mode 100644
index 0000000000..c4507803fc
--- /dev/null
+++ b/vendor/k8s.io/client-go/kubernetes/typed/resource/v1beta2/resourceslice.go
@@ -0,0 +1,71 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by client-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	context "context"
+
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	types "k8s.io/apimachinery/pkg/types"
+	watch "k8s.io/apimachinery/pkg/watch"
+	applyconfigurationsresourcev1beta2 "k8s.io/client-go/applyconfigurations/resource/v1beta2"
+	gentype "k8s.io/client-go/gentype"
+	scheme "k8s.io/client-go/kubernetes/scheme"
+)
+
+// ResourceSlicesGetter has a method to return a ResourceSliceInterface.
+// A group's client should implement this interface.
+type ResourceSlicesGetter interface {
+	ResourceSlices() ResourceSliceInterface
+}
+
+// ResourceSliceInterface has methods to work with ResourceSlice resources.
+type ResourceSliceInterface interface {
+	Create(ctx context.Context, resourceSlice *resourcev1beta2.ResourceSlice, opts v1.CreateOptions) (*resourcev1beta2.ResourceSlice, error)
+	Update(ctx context.Context, resourceSlice *resourcev1beta2.ResourceSlice, opts v1.UpdateOptions) (*resourcev1beta2.ResourceSlice, error)
+	Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
+	DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
+	Get(ctx context.Context, name string, opts v1.GetOptions) (*resourcev1beta2.ResourceSlice, error)
+	List(ctx context.Context, opts v1.ListOptions) (*resourcev1beta2.ResourceSliceList, error)
+	Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
+	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *resourcev1beta2.ResourceSlice, err error)
+	Apply(ctx context.Context, resourceSlice *applyconfigurationsresourcev1beta2.ResourceSliceApplyConfiguration, opts v1.ApplyOptions) (result *resourcev1beta2.ResourceSlice, err error)
+	ResourceSliceExpansion
+}
+
+// resourceSlices implements ResourceSliceInterface
+type resourceSlices struct {
+	*gentype.ClientWithListAndApply[*resourcev1beta2.ResourceSlice, *resourcev1beta2.ResourceSliceList, *applyconfigurationsresourcev1beta2.ResourceSliceApplyConfiguration]
+}
+
+// newResourceSlices returns a ResourceSlices
+func newResourceSlices(c *ResourceV1beta2Client) *resourceSlices {
+	return &resourceSlices{
+		gentype.NewClientWithListAndApply[*resourcev1beta2.ResourceSlice, *resourcev1beta2.ResourceSliceList, *applyconfigurationsresourcev1beta2.ResourceSliceApplyConfiguration](
+			"resourceslices",
+			c.RESTClient(),
+			scheme.ParameterCodec,
+			"",
+			func() *resourcev1beta2.ResourceSlice { return &resourcev1beta2.ResourceSlice{} },
+			func() *resourcev1beta2.ResourceSliceList { return &resourcev1beta2.ResourceSliceList{} },
+			gentype.PrefersProtobuf[*resourcev1beta2.ResourceSlice](),
+		),
+	}
+}
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1/scheduling_client.go b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1/scheduling_client.go
index bbb46a9def..85ea7722e3 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1/scheduling_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1/scheduling_client.go
@@ -45,9 +45,7 @@ func (c *SchedulingV1Client) PriorityClasses() PriorityClassInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*SchedulingV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*SchedulingV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*SchedulingV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *SchedulingV1Client {
 	return &SchedulingV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := schedulingv1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/scheduling_client.go b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/scheduling_client.go
index 056ab855ed..b17b182f13 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/scheduling_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1/scheduling_client.go
@@ -45,9 +45,7 @@ func (c *SchedulingV1alpha1Client) PriorityClasses() PriorityClassInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*SchedulingV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*SchedulingV1alpha1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*SchedulingV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *SchedulingV1alpha1Client {
 	return &SchedulingV1alpha1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := schedulingv1alpha1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1beta1/scheduling_client.go b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1beta1/scheduling_client.go
index 9e383398ea..0b2aa0e1ac 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1beta1/scheduling_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/scheduling/v1beta1/scheduling_client.go
@@ -45,9 +45,7 @@ func (c *SchedulingV1beta1Client) PriorityClasses() PriorityClassInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*SchedulingV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*SchedulingV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*SchedulingV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *SchedulingV1beta1Client {
 	return &SchedulingV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := schedulingv1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storage_client.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storage_client.go
index 70aaff169f..6ed5521201 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storage_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1/storage_client.go
@@ -65,9 +65,7 @@ func (c *StorageV1Client) VolumeAttachments() VolumeAttachmentInterface {
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*StorageV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -79,9 +77,7 @@ func NewForConfig(c *rest.Config) (*StorageV1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*StorageV1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -104,7 +100,7 @@ func New(c rest.Interface) *StorageV1Client {
 	return &StorageV1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := storagev1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -113,8 +109,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/storage_client.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/storage_client.go
index 17b680d199..44e1e1a23c 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/storage_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1alpha1/storage_client.go
@@ -55,9 +55,7 @@ func (c *StorageV1alpha1Client) VolumeAttributesClasses() VolumeAttributesClassI
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*StorageV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -69,9 +67,7 @@ func NewForConfig(c *rest.Config) (*StorageV1alpha1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*StorageV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -94,7 +90,7 @@ func New(c rest.Interface) *StorageV1alpha1Client {
 	return &StorageV1alpha1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := storagev1alpha1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -103,8 +99,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storage_client.go b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storage_client.go
index 63b1d42a33..02805e1b98 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storage_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storage/v1beta1/storage_client.go
@@ -70,9 +70,7 @@ func (c *StorageV1beta1Client) VolumeAttributesClasses() VolumeAttributesClassIn
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*StorageV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -84,9 +82,7 @@ func NewForConfig(c *rest.Config) (*StorageV1beta1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*StorageV1beta1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -109,7 +105,7 @@ func New(c rest.Interface) *StorageV1beta1Client {
 	return &StorageV1beta1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := storagev1beta1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -118,8 +114,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/kubernetes/typed/storagemigration/v1alpha1/storagemigration_client.go b/vendor/k8s.io/client-go/kubernetes/typed/storagemigration/v1alpha1/storagemigration_client.go
index dcd5a4bf8c..f7b5f5a1e2 100644
--- a/vendor/k8s.io/client-go/kubernetes/typed/storagemigration/v1alpha1/storagemigration_client.go
+++ b/vendor/k8s.io/client-go/kubernetes/typed/storagemigration/v1alpha1/storagemigration_client.go
@@ -45,9 +45,7 @@ func (c *StoragemigrationV1alpha1Client) StorageVersionMigrations() StorageVersi
 // where httpClient was generated with rest.HTTPClientFor(c).
 func NewForConfig(c *rest.Config) (*StoragemigrationV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	httpClient, err := rest.HTTPClientFor(&config)
 	if err != nil {
 		return nil, err
@@ -59,9 +57,7 @@ func NewForConfig(c *rest.Config) (*StoragemigrationV1alpha1Client, error) {
 // Note the http client provided takes precedence over the configured transport values.
 func NewForConfigAndClient(c *rest.Config, h *http.Client) (*StoragemigrationV1alpha1Client, error) {
 	config := *c
-	if err := setConfigDefaults(&config); err != nil {
-		return nil, err
-	}
+	setConfigDefaults(&config)
 	client, err := rest.RESTClientForConfigAndClient(&config, h)
 	if err != nil {
 		return nil, err
@@ -84,7 +80,7 @@ func New(c rest.Interface) *StoragemigrationV1alpha1Client {
 	return &StoragemigrationV1alpha1Client{c}
 }
 
-func setConfigDefaults(config *rest.Config) error {
+func setConfigDefaults(config *rest.Config) {
 	gv := storagemigrationv1alpha1.SchemeGroupVersion
 	config.GroupVersion = &gv
 	config.APIPath = "/apis"
@@ -93,8 +89,6 @@ func setConfigDefaults(config *rest.Config) error {
 	if config.UserAgent == "" {
 		config.UserAgent = rest.DefaultKubernetesUserAgent()
 	}
-
-	return nil
 }
 
 // RESTClient returns a RESTClient that is used to communicate
diff --git a/vendor/k8s.io/client-go/listers/certificates/v1beta1/clustertrustbundle.go b/vendor/k8s.io/client-go/listers/certificates/v1beta1/clustertrustbundle.go
new file mode 100644
index 0000000000..dfda2498b0
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/certificates/v1beta1/clustertrustbundle.go
@@ -0,0 +1,48 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	certificatesv1beta1 "k8s.io/api/certificates/v1beta1"
+	labels "k8s.io/apimachinery/pkg/labels"
+	listers "k8s.io/client-go/listers"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// ClusterTrustBundleLister helps list ClusterTrustBundles.
+// All objects returned here must be treated as read-only.
+type ClusterTrustBundleLister interface {
+	// List lists all ClusterTrustBundles in the indexer.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*certificatesv1beta1.ClusterTrustBundle, err error)
+	// Get retrieves the ClusterTrustBundle from the index for a given name.
+	// Objects returned here must be treated as read-only.
+	Get(name string) (*certificatesv1beta1.ClusterTrustBundle, error)
+	ClusterTrustBundleListerExpansion
+}
+
+// clusterTrustBundleLister implements the ClusterTrustBundleLister interface.
+type clusterTrustBundleLister struct {
+	listers.ResourceIndexer[*certificatesv1beta1.ClusterTrustBundle]
+}
+
+// NewClusterTrustBundleLister returns a new ClusterTrustBundleLister.
+func NewClusterTrustBundleLister(indexer cache.Indexer) ClusterTrustBundleLister {
+	return &clusterTrustBundleLister{listers.New[*certificatesv1beta1.ClusterTrustBundle](indexer, certificatesv1beta1.Resource("clustertrustbundle"))}
+}
diff --git a/vendor/k8s.io/client-go/listers/certificates/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/certificates/v1beta1/expansion_generated.go
index 68f993cd6e..12a2554df0 100644
--- a/vendor/k8s.io/client-go/listers/certificates/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/certificates/v1beta1/expansion_generated.go
@@ -21,3 +21,7 @@ package v1beta1
 // CertificateSigningRequestListerExpansion allows custom methods to be added to
 // CertificateSigningRequestLister.
 type CertificateSigningRequestListerExpansion interface{}
+
+// ClusterTrustBundleListerExpansion allows custom methods to be added to
+// ClusterTrustBundleLister.
+type ClusterTrustBundleListerExpansion interface{}
diff --git a/vendor/k8s.io/client-go/listers/coordination/v1beta1/expansion_generated.go b/vendor/k8s.io/client-go/listers/coordination/v1beta1/expansion_generated.go
index dddc53107b..d61788a322 100644
--- a/vendor/k8s.io/client-go/listers/coordination/v1beta1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/coordination/v1beta1/expansion_generated.go
@@ -25,3 +25,11 @@ type LeaseListerExpansion interface{}
 // LeaseNamespaceListerExpansion allows custom methods to be added to
 // LeaseNamespaceLister.
 type LeaseNamespaceListerExpansion interface{}
+
+// LeaseCandidateListerExpansion allows custom methods to be added to
+// LeaseCandidateLister.
+type LeaseCandidateListerExpansion interface{}
+
+// LeaseCandidateNamespaceListerExpansion allows custom methods to be added to
+// LeaseCandidateNamespaceLister.
+type LeaseCandidateNamespaceListerExpansion interface{}
diff --git a/vendor/k8s.io/client-go/listers/coordination/v1beta1/leasecandidate.go b/vendor/k8s.io/client-go/listers/coordination/v1beta1/leasecandidate.go
new file mode 100644
index 0000000000..9c176a3ec4
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/coordination/v1beta1/leasecandidate.go
@@ -0,0 +1,70 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+	coordinationv1beta1 "k8s.io/api/coordination/v1beta1"
+	labels "k8s.io/apimachinery/pkg/labels"
+	listers "k8s.io/client-go/listers"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// LeaseCandidateLister helps list LeaseCandidates.
+// All objects returned here must be treated as read-only.
+type LeaseCandidateLister interface {
+	// List lists all LeaseCandidates in the indexer.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*coordinationv1beta1.LeaseCandidate, err error)
+	// LeaseCandidates returns an object that can list and get LeaseCandidates.
+	LeaseCandidates(namespace string) LeaseCandidateNamespaceLister
+	LeaseCandidateListerExpansion
+}
+
+// leaseCandidateLister implements the LeaseCandidateLister interface.
+type leaseCandidateLister struct {
+	listers.ResourceIndexer[*coordinationv1beta1.LeaseCandidate]
+}
+
+// NewLeaseCandidateLister returns a new LeaseCandidateLister.
+func NewLeaseCandidateLister(indexer cache.Indexer) LeaseCandidateLister {
+	return &leaseCandidateLister{listers.New[*coordinationv1beta1.LeaseCandidate](indexer, coordinationv1beta1.Resource("leasecandidate"))}
+}
+
+// LeaseCandidates returns an object that can list and get LeaseCandidates.
+func (s *leaseCandidateLister) LeaseCandidates(namespace string) LeaseCandidateNamespaceLister {
+	return leaseCandidateNamespaceLister{listers.NewNamespaced[*coordinationv1beta1.LeaseCandidate](s.ResourceIndexer, namespace)}
+}
+
+// LeaseCandidateNamespaceLister helps list and get LeaseCandidates.
+// All objects returned here must be treated as read-only.
+type LeaseCandidateNamespaceLister interface {
+	// List lists all LeaseCandidates in the indexer for a given namespace.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*coordinationv1beta1.LeaseCandidate, err error)
+	// Get retrieves the LeaseCandidate from the indexer for a given namespace and name.
+	// Objects returned here must be treated as read-only.
+	Get(name string) (*coordinationv1beta1.LeaseCandidate, error)
+	LeaseCandidateNamespaceListerExpansion
+}
+
+// leaseCandidateNamespaceLister implements the LeaseCandidateNamespaceLister
+// interface.
+type leaseCandidateNamespaceLister struct {
+	listers.ResourceIndexer[*coordinationv1beta1.LeaseCandidate]
+}
diff --git a/vendor/k8s.io/client-go/listers/doc.go b/vendor/k8s.io/client-go/listers/doc.go
index 96c330c931..da6a80408f 100644
--- a/vendor/k8s.io/client-go/listers/doc.go
+++ b/vendor/k8s.io/client-go/listers/doc.go
@@ -15,4 +15,4 @@ limitations under the License.
 */
 
 // Package listers provides generated listers for Kubernetes APIs.
-package listers // import "k8s.io/client-go/listers"
+package listers
diff --git a/vendor/k8s.io/client-go/listers/networking/v1/expansion_generated.go b/vendor/k8s.io/client-go/listers/networking/v1/expansion_generated.go
index a380c2418f..a2d335e6bd 100644
--- a/vendor/k8s.io/client-go/listers/networking/v1/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/networking/v1/expansion_generated.go
@@ -18,6 +18,10 @@ limitations under the License.
 
 package v1
 
+// IPAddressListerExpansion allows custom methods to be added to
+// IPAddressLister.
+type IPAddressListerExpansion interface{}
+
 // IngressListerExpansion allows custom methods to be added to
 // IngressLister.
 type IngressListerExpansion interface{}
@@ -37,3 +41,7 @@ type NetworkPolicyListerExpansion interface{}
 // NetworkPolicyNamespaceListerExpansion allows custom methods to be added to
 // NetworkPolicyNamespaceLister.
 type NetworkPolicyNamespaceListerExpansion interface{}
+
+// ServiceCIDRListerExpansion allows custom methods to be added to
+// ServiceCIDRLister.
+type ServiceCIDRListerExpansion interface{}
diff --git a/vendor/k8s.io/client-go/listers/networking/v1/ipaddress.go b/vendor/k8s.io/client-go/listers/networking/v1/ipaddress.go
new file mode 100644
index 0000000000..e554bd38b4
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/networking/v1/ipaddress.go
@@ -0,0 +1,48 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	networkingv1 "k8s.io/api/networking/v1"
+	labels "k8s.io/apimachinery/pkg/labels"
+	listers "k8s.io/client-go/listers"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// IPAddressLister helps list IPAddresses.
+// All objects returned here must be treated as read-only.
+type IPAddressLister interface {
+	// List lists all IPAddresses in the indexer.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*networkingv1.IPAddress, err error)
+	// Get retrieves the IPAddress from the index for a given name.
+	// Objects returned here must be treated as read-only.
+	Get(name string) (*networkingv1.IPAddress, error)
+	IPAddressListerExpansion
+}
+
+// iPAddressLister implements the IPAddressLister interface.
+type iPAddressLister struct {
+	listers.ResourceIndexer[*networkingv1.IPAddress]
+}
+
+// NewIPAddressLister returns a new IPAddressLister.
+func NewIPAddressLister(indexer cache.Indexer) IPAddressLister {
+	return &iPAddressLister{listers.New[*networkingv1.IPAddress](indexer, networkingv1.Resource("ipaddress"))}
+}
diff --git a/vendor/k8s.io/client-go/listers/networking/v1/servicecidr.go b/vendor/k8s.io/client-go/listers/networking/v1/servicecidr.go
new file mode 100644
index 0000000000..6e326da16b
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/networking/v1/servicecidr.go
@@ -0,0 +1,48 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1
+
+import (
+	networkingv1 "k8s.io/api/networking/v1"
+	labels "k8s.io/apimachinery/pkg/labels"
+	listers "k8s.io/client-go/listers"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// ServiceCIDRLister helps list ServiceCIDRs.
+// All objects returned here must be treated as read-only.
+type ServiceCIDRLister interface {
+	// List lists all ServiceCIDRs in the indexer.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*networkingv1.ServiceCIDR, err error)
+	// Get retrieves the ServiceCIDR from the index for a given name.
+	// Objects returned here must be treated as read-only.
+	Get(name string) (*networkingv1.ServiceCIDR, error)
+	ServiceCIDRListerExpansion
+}
+
+// serviceCIDRLister implements the ServiceCIDRLister interface.
+type serviceCIDRLister struct {
+	listers.ResourceIndexer[*networkingv1.ServiceCIDR]
+}
+
+// NewServiceCIDRLister returns a new ServiceCIDRLister.
+func NewServiceCIDRLister(indexer cache.Indexer) ServiceCIDRLister {
+	return &serviceCIDRLister{listers.New[*networkingv1.ServiceCIDR](indexer, networkingv1.Resource("servicecidr"))}
+}
diff --git a/vendor/k8s.io/client-go/listers/resource/v1alpha3/devicetaintrule.go b/vendor/k8s.io/client-go/listers/resource/v1alpha3/devicetaintrule.go
new file mode 100644
index 0000000000..28d94ff2e4
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/resource/v1alpha3/devicetaintrule.go
@@ -0,0 +1,48 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1alpha3
+
+import (
+	resourcev1alpha3 "k8s.io/api/resource/v1alpha3"
+	labels "k8s.io/apimachinery/pkg/labels"
+	listers "k8s.io/client-go/listers"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// DeviceTaintRuleLister helps list DeviceTaintRules.
+// All objects returned here must be treated as read-only.
+type DeviceTaintRuleLister interface {
+	// List lists all DeviceTaintRules in the indexer.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*resourcev1alpha3.DeviceTaintRule, err error)
+	// Get retrieves the DeviceTaintRule from the index for a given name.
+	// Objects returned here must be treated as read-only.
+	Get(name string) (*resourcev1alpha3.DeviceTaintRule, error)
+	DeviceTaintRuleListerExpansion
+}
+
+// deviceTaintRuleLister implements the DeviceTaintRuleLister interface.
+type deviceTaintRuleLister struct {
+	listers.ResourceIndexer[*resourcev1alpha3.DeviceTaintRule]
+}
+
+// NewDeviceTaintRuleLister returns a new DeviceTaintRuleLister.
+func NewDeviceTaintRuleLister(indexer cache.Indexer) DeviceTaintRuleLister {
+	return &deviceTaintRuleLister{listers.New[*resourcev1alpha3.DeviceTaintRule](indexer, resourcev1alpha3.Resource("devicetaintrule"))}
+}
diff --git a/vendor/k8s.io/client-go/listers/resource/v1alpha3/expansion_generated.go b/vendor/k8s.io/client-go/listers/resource/v1alpha3/expansion_generated.go
index f626c92837..ff94d28691 100644
--- a/vendor/k8s.io/client-go/listers/resource/v1alpha3/expansion_generated.go
+++ b/vendor/k8s.io/client-go/listers/resource/v1alpha3/expansion_generated.go
@@ -22,6 +22,10 @@ package v1alpha3
 // DeviceClassLister.
 type DeviceClassListerExpansion interface{}
 
+// DeviceTaintRuleListerExpansion allows custom methods to be added to
+// DeviceTaintRuleLister.
+type DeviceTaintRuleListerExpansion interface{}
+
 // ResourceClaimListerExpansion allows custom methods to be added to
 // ResourceClaimLister.
 type ResourceClaimListerExpansion interface{}
diff --git a/vendor/k8s.io/client-go/listers/resource/v1beta2/deviceclass.go b/vendor/k8s.io/client-go/listers/resource/v1beta2/deviceclass.go
new file mode 100644
index 0000000000..a89e57202b
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/resource/v1beta2/deviceclass.go
@@ -0,0 +1,48 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	labels "k8s.io/apimachinery/pkg/labels"
+	listers "k8s.io/client-go/listers"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// DeviceClassLister helps list DeviceClasses.
+// All objects returned here must be treated as read-only.
+type DeviceClassLister interface {
+	// List lists all DeviceClasses in the indexer.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*resourcev1beta2.DeviceClass, err error)
+	// Get retrieves the DeviceClass from the index for a given name.
+	// Objects returned here must be treated as read-only.
+	Get(name string) (*resourcev1beta2.DeviceClass, error)
+	DeviceClassListerExpansion
+}
+
+// deviceClassLister implements the DeviceClassLister interface.
+type deviceClassLister struct {
+	listers.ResourceIndexer[*resourcev1beta2.DeviceClass]
+}
+
+// NewDeviceClassLister returns a new DeviceClassLister.
+func NewDeviceClassLister(indexer cache.Indexer) DeviceClassLister {
+	return &deviceClassLister{listers.New[*resourcev1beta2.DeviceClass](indexer, resourcev1beta2.Resource("deviceclass"))}
+}
diff --git a/vendor/k8s.io/client-go/listers/resource/v1beta2/expansion_generated.go b/vendor/k8s.io/client-go/listers/resource/v1beta2/expansion_generated.go
new file mode 100644
index 0000000000..590f26bd74
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/resource/v1beta2/expansion_generated.go
@@ -0,0 +1,43 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1beta2
+
+// DeviceClassListerExpansion allows custom methods to be added to
+// DeviceClassLister.
+type DeviceClassListerExpansion interface{}
+
+// ResourceClaimListerExpansion allows custom methods to be added to
+// ResourceClaimLister.
+type ResourceClaimListerExpansion interface{}
+
+// ResourceClaimNamespaceListerExpansion allows custom methods to be added to
+// ResourceClaimNamespaceLister.
+type ResourceClaimNamespaceListerExpansion interface{}
+
+// ResourceClaimTemplateListerExpansion allows custom methods to be added to
+// ResourceClaimTemplateLister.
+type ResourceClaimTemplateListerExpansion interface{}
+
+// ResourceClaimTemplateNamespaceListerExpansion allows custom methods to be added to
+// ResourceClaimTemplateNamespaceLister.
+type ResourceClaimTemplateNamespaceListerExpansion interface{}
+
+// ResourceSliceListerExpansion allows custom methods to be added to
+// ResourceSliceLister.
+type ResourceSliceListerExpansion interface{}
diff --git a/vendor/k8s.io/client-go/listers/resource/v1beta2/resourceclaim.go b/vendor/k8s.io/client-go/listers/resource/v1beta2/resourceclaim.go
new file mode 100644
index 0000000000..ec6d40663c
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/resource/v1beta2/resourceclaim.go
@@ -0,0 +1,70 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	labels "k8s.io/apimachinery/pkg/labels"
+	listers "k8s.io/client-go/listers"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// ResourceClaimLister helps list ResourceClaims.
+// All objects returned here must be treated as read-only.
+type ResourceClaimLister interface {
+	// List lists all ResourceClaims in the indexer.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*resourcev1beta2.ResourceClaim, err error)
+	// ResourceClaims returns an object that can list and get ResourceClaims.
+	ResourceClaims(namespace string) ResourceClaimNamespaceLister
+	ResourceClaimListerExpansion
+}
+
+// resourceClaimLister implements the ResourceClaimLister interface.
+type resourceClaimLister struct {
+	listers.ResourceIndexer[*resourcev1beta2.ResourceClaim]
+}
+
+// NewResourceClaimLister returns a new ResourceClaimLister.
+func NewResourceClaimLister(indexer cache.Indexer) ResourceClaimLister {
+	return &resourceClaimLister{listers.New[*resourcev1beta2.ResourceClaim](indexer, resourcev1beta2.Resource("resourceclaim"))}
+}
+
+// ResourceClaims returns an object that can list and get ResourceClaims.
+func (s *resourceClaimLister) ResourceClaims(namespace string) ResourceClaimNamespaceLister {
+	return resourceClaimNamespaceLister{listers.NewNamespaced[*resourcev1beta2.ResourceClaim](s.ResourceIndexer, namespace)}
+}
+
+// ResourceClaimNamespaceLister helps list and get ResourceClaims.
+// All objects returned here must be treated as read-only.
+type ResourceClaimNamespaceLister interface {
+	// List lists all ResourceClaims in the indexer for a given namespace.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*resourcev1beta2.ResourceClaim, err error)
+	// Get retrieves the ResourceClaim from the indexer for a given namespace and name.
+	// Objects returned here must be treated as read-only.
+	Get(name string) (*resourcev1beta2.ResourceClaim, error)
+	ResourceClaimNamespaceListerExpansion
+}
+
+// resourceClaimNamespaceLister implements the ResourceClaimNamespaceLister
+// interface.
+type resourceClaimNamespaceLister struct {
+	listers.ResourceIndexer[*resourcev1beta2.ResourceClaim]
+}
diff --git a/vendor/k8s.io/client-go/listers/resource/v1beta2/resourceclaimtemplate.go b/vendor/k8s.io/client-go/listers/resource/v1beta2/resourceclaimtemplate.go
new file mode 100644
index 0000000000..8ff19b88ec
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/resource/v1beta2/resourceclaimtemplate.go
@@ -0,0 +1,70 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	labels "k8s.io/apimachinery/pkg/labels"
+	listers "k8s.io/client-go/listers"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// ResourceClaimTemplateLister helps list ResourceClaimTemplates.
+// All objects returned here must be treated as read-only.
+type ResourceClaimTemplateLister interface {
+	// List lists all ResourceClaimTemplates in the indexer.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*resourcev1beta2.ResourceClaimTemplate, err error)
+	// ResourceClaimTemplates returns an object that can list and get ResourceClaimTemplates.
+	ResourceClaimTemplates(namespace string) ResourceClaimTemplateNamespaceLister
+	ResourceClaimTemplateListerExpansion
+}
+
+// resourceClaimTemplateLister implements the ResourceClaimTemplateLister interface.
+type resourceClaimTemplateLister struct {
+	listers.ResourceIndexer[*resourcev1beta2.ResourceClaimTemplate]
+}
+
+// NewResourceClaimTemplateLister returns a new ResourceClaimTemplateLister.
+func NewResourceClaimTemplateLister(indexer cache.Indexer) ResourceClaimTemplateLister {
+	return &resourceClaimTemplateLister{listers.New[*resourcev1beta2.ResourceClaimTemplate](indexer, resourcev1beta2.Resource("resourceclaimtemplate"))}
+}
+
+// ResourceClaimTemplates returns an object that can list and get ResourceClaimTemplates.
+func (s *resourceClaimTemplateLister) ResourceClaimTemplates(namespace string) ResourceClaimTemplateNamespaceLister {
+	return resourceClaimTemplateNamespaceLister{listers.NewNamespaced[*resourcev1beta2.ResourceClaimTemplate](s.ResourceIndexer, namespace)}
+}
+
+// ResourceClaimTemplateNamespaceLister helps list and get ResourceClaimTemplates.
+// All objects returned here must be treated as read-only.
+type ResourceClaimTemplateNamespaceLister interface {
+	// List lists all ResourceClaimTemplates in the indexer for a given namespace.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*resourcev1beta2.ResourceClaimTemplate, err error)
+	// Get retrieves the ResourceClaimTemplate from the indexer for a given namespace and name.
+	// Objects returned here must be treated as read-only.
+	Get(name string) (*resourcev1beta2.ResourceClaimTemplate, error)
+	ResourceClaimTemplateNamespaceListerExpansion
+}
+
+// resourceClaimTemplateNamespaceLister implements the ResourceClaimTemplateNamespaceLister
+// interface.
+type resourceClaimTemplateNamespaceLister struct {
+	listers.ResourceIndexer[*resourcev1beta2.ResourceClaimTemplate]
+}
diff --git a/vendor/k8s.io/client-go/listers/resource/v1beta2/resourceslice.go b/vendor/k8s.io/client-go/listers/resource/v1beta2/resourceslice.go
new file mode 100644
index 0000000000..f1a8174078
--- /dev/null
+++ b/vendor/k8s.io/client-go/listers/resource/v1beta2/resourceslice.go
@@ -0,0 +1,48 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by lister-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+	resourcev1beta2 "k8s.io/api/resource/v1beta2"
+	labels "k8s.io/apimachinery/pkg/labels"
+	listers "k8s.io/client-go/listers"
+	cache "k8s.io/client-go/tools/cache"
+)
+
+// ResourceSliceLister helps list ResourceSlices.
+// All objects returned here must be treated as read-only.
+type ResourceSliceLister interface {
+	// List lists all ResourceSlices in the indexer.
+	// Objects returned here must be treated as read-only.
+	List(selector labels.Selector) (ret []*resourcev1beta2.ResourceSlice, err error)
+	// Get retrieves the ResourceSlice from the index for a given name.
+	// Objects returned here must be treated as read-only.
+	Get(name string) (*resourcev1beta2.ResourceSlice, error)
+	ResourceSliceListerExpansion
+}
+
+// resourceSliceLister implements the ResourceSliceLister interface.
+type resourceSliceLister struct {
+	listers.ResourceIndexer[*resourcev1beta2.ResourceSlice]
+}
+
+// NewResourceSliceLister returns a new ResourceSliceLister.
+func NewResourceSliceLister(indexer cache.Indexer) ResourceSliceLister {
+	return &resourceSliceLister{listers.New[*resourcev1beta2.ResourceSlice](indexer, resourcev1beta2.Resource("resourceslice"))}
+}
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/doc.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/doc.go
index b99459757e..486790fa69 100644
--- a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/doc.go
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/doc.go
@@ -17,4 +17,4 @@ limitations under the License.
 // +k8s:deepcopy-gen=package
 // +groupName=client.authentication.k8s.io
 
-package clientauthentication // import "k8s.io/client-go/pkg/apis/clientauthentication"
+package clientauthentication
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1/doc.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1/doc.go
index 94ca35c2c9..e378b75cf6 100644
--- a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1/doc.go
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=client.authentication.k8s.io
 
-package v1 // import "k8s.io/client-go/pkg/apis/clientauthentication/v1"
+package v1
diff --git a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1beta1/doc.go b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1beta1/doc.go
index 22d1c588bc..6eb6a98157 100644
--- a/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1beta1/doc.go
+++ b/vendor/k8s.io/client-go/pkg/apis/clientauthentication/v1beta1/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 
 // +groupName=client.authentication.k8s.io
 
-package v1beta1 // import "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1"
+package v1beta1
diff --git a/vendor/k8s.io/client-go/pkg/version/doc.go b/vendor/k8s.io/client-go/pkg/version/doc.go
index 05e997e133..c3ace74513 100644
--- a/vendor/k8s.io/client-go/pkg/version/doc.go
+++ b/vendor/k8s.io/client-go/pkg/version/doc.go
@@ -18,4 +18,4 @@ limitations under the License.
 
 // Package version supplies version information collected at build time to
 // kubernetes components.
-package version // import "k8s.io/client-go/pkg/version"
+package version
diff --git a/vendor/k8s.io/client-go/rest/.mockery.yaml b/vendor/k8s.io/client-go/rest/.mockery.yaml
new file mode 100644
index 0000000000..e21d7b5be2
--- /dev/null
+++ b/vendor/k8s.io/client-go/rest/.mockery.yaml
@@ -0,0 +1,10 @@
+---
+dir: .
+filename: "mock_{{.InterfaceName | snakecase}}_test.go"
+boilerplate-file: ../../../../../hack/boilerplate/boilerplate.generatego.txt
+outpkg: rest
+with-expecter: true
+packages:
+  k8s.io/client-go/rest:
+    interfaces:
+      BackoffManager:
diff --git a/vendor/k8s.io/client-go/rest/client.go b/vendor/k8s.io/client-go/rest/client.go
index 159caa13fa..a085c334f9 100644
--- a/vendor/k8s.io/client-go/rest/client.go
+++ b/vendor/k8s.io/client-go/rest/client.go
@@ -93,7 +93,7 @@ type RESTClient struct {
 	content requestClientContentConfigProvider
 
 	// creates BackoffManager that is passed to requests.
-	createBackoffMgr func() BackoffManager
+	createBackoffMgr func() BackoffManagerWithContext
 
 	// rateLimiter is shared among all requests created by this client unless specifically
 	// overridden.
@@ -101,7 +101,7 @@ type RESTClient struct {
 
 	// warningHandler is shared among all requests created by this client.
 	// If not set, defaultWarningHandler is used.
-	warningHandler WarningHandler
+	warningHandler WarningHandlerWithContext
 
 	// Set specific behavior of the client.  If not set http.DefaultClient will be used.
 	Client *http.Client
@@ -178,7 +178,7 @@ func (c *RESTClient) GetRateLimiter() flowcontrol.RateLimiter {
 // readExpBackoffConfig handles the internal logic of determining what the
 // backoff policy is.  By default if no information is available, NoBackoff.
 // TODO Generalize this see #17727 .
-func readExpBackoffConfig() BackoffManager {
+func readExpBackoffConfig() BackoffManagerWithContext {
 	backoffBase := os.Getenv(envBackoffBase)
 	backoffDuration := os.Getenv(envBackoffDuration)
 
diff --git a/vendor/k8s.io/client-go/rest/config.go b/vendor/k8s.io/client-go/rest/config.go
index f2e813d075..82d4f7136a 100644
--- a/vendor/k8s.io/client-go/rest/config.go
+++ b/vendor/k8s.io/client-go/rest/config.go
@@ -129,10 +129,23 @@ type Config struct {
 	RateLimiter flowcontrol.RateLimiter
 
 	// WarningHandler handles warnings in server responses.
-	// If not set, the default warning handler is used.
-	// See documentation for SetDefaultWarningHandler() for details.
+	// If this and WarningHandlerWithContext are not set, the
+	// default warning handler is used. If both are set,
+	// WarningHandlerWithContext is used.
+	//
+	// See documentation for [SetDefaultWarningHandler] for details.
+	//
+	//logcheck:context // WarningHandlerWithContext should be used instead of WarningHandler in code which supports contextual logging.
 	WarningHandler WarningHandler
 
+	// WarningHandlerWithContext handles warnings in server responses.
+	// If this and WarningHandler are not set, the
+	// default warning handler is used. If both are set,
+	// WarningHandlerWithContext is used.
+	//
+	// See documentation for [SetDefaultWarningHandler] for details.
+	WarningHandlerWithContext WarningHandlerWithContext
+
 	// The maximum length of time to wait before giving up on a server request. A value of zero means no timeout.
 	Timeout time.Duration
 
@@ -381,12 +394,27 @@ func RESTClientForConfigAndClient(config *Config, httpClient *http.Client) (*RES
 	}
 
 	restClient, err := NewRESTClient(baseURL, versionedAPIPath, clientContent, rateLimiter, httpClient)
-	if err == nil && config.WarningHandler != nil {
-		restClient.warningHandler = config.WarningHandler
-	}
+	maybeSetWarningHandler(restClient, config.WarningHandler, config.WarningHandlerWithContext)
 	return restClient, err
 }
 
+// maybeSetWarningHandler sets the handlerWithContext if non-nil,
+// otherwise the handler with a wrapper if non-nil,
+// and does nothing if both are nil.
+//
+// May be called for a nil client.
+func maybeSetWarningHandler(c *RESTClient, handler WarningHandler, handlerWithContext WarningHandlerWithContext) {
+	if c == nil {
+		return
+	}
+	switch {
+	case handlerWithContext != nil:
+		c.warningHandler = handlerWithContext
+	case handler != nil:
+		c.warningHandler = warningLoggerNopContext{l: handler}
+	}
+}
+
 // UnversionedRESTClientFor is the same as RESTClientFor, except that it allows
 // the config.Version to be empty.
 func UnversionedRESTClientFor(config *Config) (*RESTClient, error) {
@@ -448,9 +476,7 @@ func UnversionedRESTClientForConfigAndClient(config *Config, httpClient *http.Cl
 	}
 
 	restClient, err := NewRESTClient(baseURL, versionedAPIPath, clientContent, rateLimiter, httpClient)
-	if err == nil && config.WarningHandler != nil {
-		restClient.warningHandler = config.WarningHandler
-	}
+	maybeSetWarningHandler(restClient, config.WarningHandler, config.WarningHandlerWithContext)
 	return restClient, err
 }
 
@@ -532,6 +558,7 @@ func InClusterConfig() (*Config, error) {
 	tlsClientConfig := TLSClientConfig{}
 
 	if _, err := certutil.NewPool(rootCAFile); err != nil {
+		//nolint:logcheck // The decision to log this instead of returning an error goes back to ~2016. It's part of the client-go API now, so not changing it just to support contextual logging.
 		klog.Errorf("Expected to load root CA config from %s, but got err: %v", rootCAFile, err)
 	} else {
 		tlsClientConfig.CAFile = rootCAFile
@@ -616,15 +643,16 @@ func AnonymousClientConfig(config *Config) *Config {
 			CAData:     config.TLSClientConfig.CAData,
 			NextProtos: config.TLSClientConfig.NextProtos,
 		},
-		RateLimiter:        config.RateLimiter,
-		WarningHandler:     config.WarningHandler,
-		UserAgent:          config.UserAgent,
-		DisableCompression: config.DisableCompression,
-		QPS:                config.QPS,
-		Burst:              config.Burst,
-		Timeout:            config.Timeout,
-		Dial:               config.Dial,
-		Proxy:              config.Proxy,
+		RateLimiter:               config.RateLimiter,
+		WarningHandler:            config.WarningHandler,
+		WarningHandlerWithContext: config.WarningHandlerWithContext,
+		UserAgent:                 config.UserAgent,
+		DisableCompression:        config.DisableCompression,
+		QPS:                       config.QPS,
+		Burst:                     config.Burst,
+		Timeout:                   config.Timeout,
+		Dial:                      config.Dial,
+		Proxy:                     config.Proxy,
 	}
 }
 
@@ -658,17 +686,18 @@ func CopyConfig(config *Config) *Config {
 			CAData:     config.TLSClientConfig.CAData,
 			NextProtos: config.TLSClientConfig.NextProtos,
 		},
-		UserAgent:          config.UserAgent,
-		DisableCompression: config.DisableCompression,
-		Transport:          config.Transport,
-		WrapTransport:      config.WrapTransport,
-		QPS:                config.QPS,
-		Burst:              config.Burst,
-		RateLimiter:        config.RateLimiter,
-		WarningHandler:     config.WarningHandler,
-		Timeout:            config.Timeout,
-		Dial:               config.Dial,
-		Proxy:              config.Proxy,
+		UserAgent:                 config.UserAgent,
+		DisableCompression:        config.DisableCompression,
+		Transport:                 config.Transport,
+		WrapTransport:             config.WrapTransport,
+		QPS:                       config.QPS,
+		Burst:                     config.Burst,
+		RateLimiter:               config.RateLimiter,
+		WarningHandler:            config.WarningHandler,
+		WarningHandlerWithContext: config.WarningHandlerWithContext,
+		Timeout:                   config.Timeout,
+		Dial:                      config.Dial,
+		Proxy:                     config.Proxy,
 	}
 	if config.ExecProvider != nil && config.ExecProvider.Config != nil {
 		c.ExecProvider.Config = config.ExecProvider.Config.DeepCopyObject()
diff --git a/vendor/k8s.io/client-go/rest/plugin.go b/vendor/k8s.io/client-go/rest/plugin.go
index ae5cbdc2c4..f7a4e4f344 100644
--- a/vendor/k8s.io/client-go/rest/plugin.go
+++ b/vendor/k8s.io/client-go/rest/plugin.go
@@ -21,8 +21,6 @@ import (
 	"net/http"
 	"sync"
 
-	"k8s.io/klog/v2"
-
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 )
 
@@ -65,7 +63,10 @@ func RegisterAuthProviderPlugin(name string, plugin Factory) error {
 	if _, found := plugins[name]; found {
 		return fmt.Errorf("auth Provider Plugin %q was registered twice", name)
 	}
-	klog.V(4).Infof("Registered Auth Provider Plugin %q", name)
+	// RegisterAuthProviderPlugin gets called during the init phase before
+	// logging is initialized and therefore should not emit logs. If you
+	// need this message for debugging something, then uncomment it.
+	// klog.V(4).Infof("Registered Auth Provider Plugin %q", name)
 	plugins[name] = plugin
 	return nil
 }
diff --git a/vendor/k8s.io/client-go/rest/request.go b/vendor/k8s.io/client-go/rest/request.go
index 0ec90ad188..1eb2f9b42a 100644
--- a/vendor/k8s.io/client-go/rest/request.go
+++ b/vendor/k8s.io/client-go/rest/request.go
@@ -54,7 +54,7 @@ import (
 	"k8s.io/utils/clock"
 )
 
-var (
+const (
 	// longThrottleLatency defines threshold for logging requests. All requests being
 	// throttled (via the provided rateLimiter) for more than longThrottleLatency will
 	// be logged.
@@ -103,10 +103,10 @@ type Request struct {
 	contentConfig     ClientContentConfig
 	contentTypeNotSet bool
 
-	warningHandler WarningHandler
+	warningHandler WarningHandlerWithContext
 
 	rateLimiter flowcontrol.RateLimiter
-	backoff     BackoffManager
+	backoff     BackoffManagerWithContext
 	timeout     time.Duration
 	maxRetries  int
 
@@ -136,7 +136,7 @@ type Request struct {
 
 // NewRequest creates a new request helper object for accessing runtime.Objects on a server.
 func NewRequest(c *RESTClient) *Request {
-	var backoff BackoffManager
+	var backoff BackoffManagerWithContext
 	if c.createBackoffMgr != nil {
 		backoff = c.createBackoffMgr()
 	}
@@ -259,20 +259,47 @@ func (r *Request) Resource(resource string) *Request {
 }
 
 // BackOff sets the request's backoff manager to the one specified,
-// or defaults to the stub implementation if nil is provided
+// or defaults to the stub implementation if nil is provided.
+//
+// Deprecated: BackoffManager.Sleep ignores the caller's context. Use BackOffWithContext and BackoffManagerWithContext instead.
 func (r *Request) BackOff(manager BackoffManager) *Request {
 	if manager == nil {
 		r.backoff = &NoBackoff{}
 		return r
 	}
 
+	r.backoff = &backoffManagerNopContext{BackoffManager: manager}
+	return r
+}
+
+// BackOffWithContext sets the request's backoff manager to the one specified,
+// or defaults to the stub implementation if nil is provided.
+func (r *Request) BackOffWithContext(manager BackoffManagerWithContext) *Request {
+	if manager == nil {
+		r.backoff = &NoBackoff{}
+		return r
+	}
+
 	r.backoff = manager
 	return r
 }
 
 // WarningHandler sets the handler this client uses when warning headers are encountered.
-// If set to nil, this client will use the default warning handler (see SetDefaultWarningHandler).
+// If set to nil, this client will use the default warning handler (see [SetDefaultWarningHandler]).
+//
+//logcheck:context // WarningHandlerWithContext should be used instead of WarningHandler in code which supports contextual logging.
 func (r *Request) WarningHandler(handler WarningHandler) *Request {
+	if handler == nil {
+		r.warningHandler = nil
+		return r
+	}
+	r.warningHandler = warningLoggerNopContext{l: handler}
+	return r
+}
+
+// WarningHandlerWithContext sets the handler this client uses when warning headers are encountered.
+// If set to nil, this client will use the default warning handler (see [SetDefaultWarningHandlerWithContext]).
+func (r *Request) WarningHandlerWithContext(handler WarningHandlerWithContext) *Request {
 	r.warningHandler = handler
 	return r
 }
@@ -649,21 +676,17 @@ func (r *Request) tryThrottleWithInfo(ctx context.Context, retryInfo string) err
 	}
 	latency := time.Since(now)
 
-	var message string
-	switch {
-	case len(retryInfo) > 0:
-		message = fmt.Sprintf("Waited for %v, %s - request: %s:%s", latency, retryInfo, r.verb, r.URL().String())
-	default:
-		message = fmt.Sprintf("Waited for %v due to client-side throttling, not priority and fairness, request: %s:%s", latency, r.verb, r.URL().String())
-	}
-
 	if latency > longThrottleLatency {
-		klog.V(3).Info(message)
-	}
-	if latency > extraLongThrottleLatency {
-		// If the rate limiter latency is very high, the log message should be printed at a higher log level,
-		// but we use a throttled logger to prevent spamming.
-		globalThrottledLogger.Infof("%s", message)
+		if retryInfo == "" {
+			retryInfo = "client-side throttling, not priority and fairness"
+		}
+		klog.FromContext(ctx).V(3).Info("Waited before sending request", "delay", latency, "reason", retryInfo, "verb", r.verb, "URL", r.URL())
+
+		if latency > extraLongThrottleLatency {
+			// If the rate limiter latency is very high, the log message should be printed at a higher log level,
+			// but we use a throttled logger to prevent spamming.
+			globalThrottledLogger.info(klog.FromContext(ctx), "Waited before sending request", "delay", latency, "reason", retryInfo, "verb", r.verb, "URL", r.URL())
+		}
 	}
 	metrics.RateLimiterLatency.Observe(ctx, r.verb, r.finalURLTemplate(), latency)
 
@@ -675,7 +698,7 @@ func (r *Request) tryThrottle(ctx context.Context) error {
 }
 
 type throttleSettings struct {
-	logLevel       klog.Level
+	logLevel       int
 	minLogInterval time.Duration
 
 	lastLogTime time.Time
@@ -700,9 +723,9 @@ var globalThrottledLogger = &throttledLogger{
 	},
 }
 
-func (b *throttledLogger) attemptToLog() (klog.Level, bool) {
+func (b *throttledLogger) attemptToLog(logger klog.Logger) (int, bool) {
 	for _, setting := range b.settings {
-		if bool(klog.V(setting.logLevel).Enabled()) {
+		if bool(logger.V(setting.logLevel).Enabled()) {
 			// Return early without write locking if possible.
 			if func() bool {
 				setting.lock.RLock()
@@ -724,9 +747,9 @@ func (b *throttledLogger) attemptToLog() (klog.Level, bool) {
 
 // Infof will write a log message at each logLevel specified by the receiver's throttleSettings
 // as long as it hasn't written a log message more recently than minLogInterval.
-func (b *throttledLogger) Infof(message string, args ...interface{}) {
-	if logLevel, ok := b.attemptToLog(); ok {
-		klog.V(logLevel).Infof(message, args...)
+func (b *throttledLogger) info(logger klog.Logger, message string, kv ...any) {
+	if logLevel, ok := b.attemptToLog(logger); ok {
+		logger.V(logLevel).Info(message, kv...)
 	}
 }
 
@@ -739,7 +762,7 @@ func (r *Request) Watch(ctx context.Context) (watch.Interface, error) {
 
 func (r *Request) watchInternal(ctx context.Context) (watch.Interface, runtime.Decoder, error) {
 	if r.body == nil {
-		logBody(ctx, 2, "Request Body", r.bodyBytes)
+		logBody(klog.FromContext(ctx), 2, "Request Body", r.bodyBytes)
 	}
 
 	// We specifically don't want to rate limit watches, so we
@@ -776,7 +799,7 @@ func (r *Request) watchInternal(ctx context.Context) (watch.Interface, runtime.D
 		resp, err := client.Do(req)
 		retry.After(ctx, r, resp, err)
 		if err == nil && resp.StatusCode == http.StatusOK {
-			return r.newStreamWatcher(resp)
+			return r.newStreamWatcher(ctx, resp)
 		}
 
 		done, transformErr := func() (bool, error) {
@@ -898,7 +921,7 @@ func (r WatchListResult) Into(obj runtime.Object) error {
 // to see what parameters are currently required.
 func (r *Request) WatchList(ctx context.Context) WatchListResult {
 	if r.body == nil {
-		logBody(ctx, 2, "Request Body", r.bodyBytes)
+		logBody(klog.FromContext(ctx), 2, "Request Body", r.bodyBytes)
 	}
 
 	if !clientfeatures.FeatureGates().Enabled(clientfeatures.WatchListClient) {
@@ -969,23 +992,24 @@ func (r *Request) handleWatchList(ctx context.Context, w watch.Interface, negoti
 	}
 }
 
-func (r *Request) newStreamWatcher(resp *http.Response) (watch.Interface, runtime.Decoder, error) {
+func (r *Request) newStreamWatcher(ctx context.Context, resp *http.Response) (watch.Interface, runtime.Decoder, error) {
 	contentType := resp.Header.Get("Content-Type")
 	mediaType, params, err := mime.ParseMediaType(contentType)
 	if err != nil {
-		klog.V(4).Infof("Unexpected content type from the server: %q: %v", contentType, err)
+		klog.FromContext(ctx).V(4).Info("Unexpected content type from the server", "contentType", contentType, "err", err)
 	}
 	objectDecoder, streamingSerializer, framer, err := r.contentConfig.Negotiator.StreamDecoder(mediaType, params)
 	if err != nil {
 		return nil, nil, err
 	}
 
-	handleWarnings(resp.Header, r.warningHandler)
+	handleWarnings(ctx, resp.Header, r.warningHandler)
 
 	frameReader := framer.NewFrameReader(resp.Body)
 	watchEventDecoder := streaming.NewDecoder(frameReader, streamingSerializer)
 
-	return watch.NewStreamWatcher(
+	return watch.NewStreamWatcherWithLogger(
+		klog.FromContext(ctx),
 		restclientwatch.NewDecoder(watchEventDecoder, objectDecoder),
 		// use 500 to indicate that the cause of the error is unknown - other error codes
 		// are more specific to HTTP interactions, and set a reason
@@ -1031,7 +1055,7 @@ func sanitize(req *Request, resp *http.Response, err error) (string, string) {
 // If we can, we return that as an error.  Otherwise, we create an error that lists the http status and the content of the response.
 func (r *Request) Stream(ctx context.Context) (io.ReadCloser, error) {
 	if r.body == nil {
-		logBody(ctx, 2, "Request Body", r.bodyBytes)
+		logBody(klog.FromContext(ctx), 2, "Request Body", r.bodyBytes)
 	}
 
 	if r.err != nil {
@@ -1067,7 +1091,7 @@ func (r *Request) Stream(ctx context.Context) (io.ReadCloser, error) {
 
 		switch {
 		case (resp.StatusCode >= 200) && (resp.StatusCode < 300):
-			handleWarnings(resp.Header, r.warningHandler)
+			handleWarnings(ctx, resp.Header, r.warningHandler)
 			return resp.Body, nil
 
 		default:
@@ -1175,7 +1199,7 @@ func (r *Request) request(ctx context.Context, fn func(*http.Request, *http.Resp
 	}()
 
 	if r.err != nil {
-		klog.V(4).Infof("Error in request: %v", r.err)
+		klog.FromContext(ctx).V(4).Info("Error in request", "err", r.err)
 		return r.err
 	}
 
@@ -1267,8 +1291,9 @@ func (r *Request) request(ctx context.Context, fn func(*http.Request, *http.Resp
 //   - If the server responds with a status: *errors.StatusError or *errors.UnexpectedObjectError
 //   - http.Client.Do errors are returned directly.
 func (r *Request) Do(ctx context.Context) Result {
+	logger := klog.FromContext(ctx)
 	if r.body == nil {
-		logBody(ctx, 2, "Request Body", r.bodyBytes)
+		logBody(logger, 2, "Request Body", r.bodyBytes)
 	}
 
 	var result Result
@@ -1276,7 +1301,7 @@ func (r *Request) Do(ctx context.Context) Result {
 		result = r.transformResponse(ctx, resp, req)
 	})
 	if err != nil {
-		return Result{err: err}
+		return Result{err: err, logger: logger}
 	}
 	if result.err == nil || len(result.body) > 0 {
 		metrics.ResponseSize.Observe(ctx, r.verb, r.URL().Host, float64(len(result.body)))
@@ -1286,14 +1311,15 @@ func (r *Request) Do(ctx context.Context) Result {
 
 // DoRaw executes the request but does not process the response body.
 func (r *Request) DoRaw(ctx context.Context) ([]byte, error) {
+	logger := klog.FromContext(ctx)
 	if r.body == nil {
-		logBody(ctx, 2, "Request Body", r.bodyBytes)
+		logBody(logger, 2, "Request Body", r.bodyBytes)
 	}
 
 	var result Result
 	err := r.request(ctx, func(req *http.Request, resp *http.Response) {
 		result.body, result.err = io.ReadAll(resp.Body)
-		logBody(ctx, 2, "Response Body", result.body)
+		logBody(logger, 2, "Response Body", result.body)
 		if resp.StatusCode < http.StatusOK || resp.StatusCode > http.StatusPartialContent {
 			result.err = r.transformUnstructuredResponseError(resp, req, result.body)
 		}
@@ -1309,6 +1335,7 @@ func (r *Request) DoRaw(ctx context.Context) ([]byte, error) {
 
 // transformResponse converts an API response into a structured API object
 func (r *Request) transformResponse(ctx context.Context, resp *http.Response, req *http.Request) Result {
+	logger := klog.FromContext(ctx)
 	var body []byte
 	if resp.Body != nil {
 		data, err := io.ReadAll(resp.Body)
@@ -1323,22 +1350,24 @@ func (r *Request) transformResponse(ctx context.Context, resp *http.Response, re
 			// 2. Apiserver sends back the headers and then part of the body
 			// 3. Apiserver closes connection.
 			// 4. client-go should catch this and return an error.
-			klog.V(2).Infof("Stream error %#v when reading response body, may be caused by closed connection.", err)
+			logger.V(2).Info("Stream error when reading response body, may be caused by closed connection", "err", err)
 			streamErr := fmt.Errorf("stream error when reading response body, may be caused by closed connection. Please retry. Original error: %w", err)
 			return Result{
-				err: streamErr,
+				err:    streamErr,
+				logger: logger,
 			}
 		default:
-			klog.Errorf("Unexpected error when reading response body: %v", err)
+			logger.Error(err, "Unexpected error when reading response body")
 			unexpectedErr := fmt.Errorf("unexpected error when reading response body. Please retry. Original error: %w", err)
 			return Result{
-				err: unexpectedErr,
+				err:    unexpectedErr,
+				logger: logger,
 			}
 		}
 	}
 
 	// Call depth is tricky. This one is okay for Do and DoRaw.
-	logBody(ctx, 7, "Response Body", body)
+	logBody(logger, 7, "Response Body", body)
 
 	// verify the content type is accurate
 	var decoder runtime.Decoder
@@ -1350,7 +1379,7 @@ func (r *Request) transformResponse(ctx context.Context, resp *http.Response, re
 		var err error
 		mediaType, params, err := mime.ParseMediaType(contentType)
 		if err != nil {
-			return Result{err: errors.NewInternalError(err)}
+			return Result{err: errors.NewInternalError(err), logger: logger}
 		}
 		decoder, err = r.contentConfig.Negotiator.Decoder(mediaType, params)
 		if err != nil {
@@ -1359,13 +1388,14 @@ func (r *Request) transformResponse(ctx context.Context, resp *http.Response, re
 			case resp.StatusCode == http.StatusSwitchingProtocols:
 				// no-op, we've been upgraded
 			case resp.StatusCode < http.StatusOK || resp.StatusCode > http.StatusPartialContent:
-				return Result{err: r.transformUnstructuredResponseError(resp, req, body)}
+				return Result{err: r.transformUnstructuredResponseError(resp, req, body), logger: logger}
 			}
 			return Result{
 				body:        body,
 				contentType: contentType,
 				statusCode:  resp.StatusCode,
-				warnings:    handleWarnings(resp.Header, r.warningHandler),
+				warnings:    handleWarnings(ctx, resp.Header, r.warningHandler),
+				logger:      logger,
 			}
 		}
 	}
@@ -1384,7 +1414,8 @@ func (r *Request) transformResponse(ctx context.Context, resp *http.Response, re
 			statusCode:  resp.StatusCode,
 			decoder:     decoder,
 			err:         err,
-			warnings:    handleWarnings(resp.Header, r.warningHandler),
+			warnings:    handleWarnings(ctx, resp.Header, r.warningHandler),
+			logger:      logger,
 		}
 	}
 
@@ -1393,7 +1424,8 @@ func (r *Request) transformResponse(ctx context.Context, resp *http.Response, re
 		contentType: contentType,
 		statusCode:  resp.StatusCode,
 		decoder:     decoder,
-		warnings:    handleWarnings(resp.Header, r.warningHandler),
+		warnings:    handleWarnings(ctx, resp.Header, r.warningHandler),
+		logger:      logger,
 	}
 }
 
@@ -1421,8 +1453,7 @@ func truncateBody(logger klog.Logger, body string) string {
 // whether the body is printable.
 //
 // It needs to be called by all functions which send or receive the data.
-func logBody(ctx context.Context, callDepth int, prefix string, body []byte) {
-	logger := klog.FromContext(ctx)
+func logBody(logger klog.Logger, callDepth int, prefix string, body []byte) {
 	if loggerV := logger.V(8); loggerV.Enabled() {
 		loggerV := loggerV.WithCallDepth(callDepth)
 		if bytes.IndexFunc(body, func(r rune) bool {
@@ -1524,6 +1555,7 @@ type Result struct {
 	contentType string
 	err         error
 	statusCode  int
+	logger      klog.Logger
 
 	decoder runtime.Decoder
 }
@@ -1629,7 +1661,7 @@ func (r Result) Error() error {
 	// to be backwards compatible with old servers that do not return a version, default to "v1"
 	out, _, err := r.decoder.Decode(r.body, &schema.GroupVersionKind{Version: "v1"}, nil)
 	if err != nil {
-		klog.V(5).Infof("body was not decodable (unable to check for Status): %v", err)
+		r.logger.V(5).Info("Body was not decodable (unable to check for Status)", "err", err)
 		return r.err
 	}
 	switch t := out.(type) {
diff --git a/vendor/k8s.io/client-go/rest/urlbackoff.go b/vendor/k8s.io/client-go/rest/urlbackoff.go
index 2f9962d7e5..5b7b4e216e 100644
--- a/vendor/k8s.io/client-go/rest/urlbackoff.go
+++ b/vendor/k8s.io/client-go/rest/urlbackoff.go
@@ -17,6 +17,8 @@ limitations under the License.
 package rest
 
 import (
+	"context"
+	"fmt"
 	"net/url"
 	"time"
 
@@ -32,12 +34,24 @@ import (
 var serverIsOverloadedSet = sets.NewInt(429)
 var maxResponseCode = 499
 
+//go:generate mockery
+
+// Deprecated: BackoffManager.Sleep ignores the caller's context. Use BackoffManagerWithContext instead.
 type BackoffManager interface {
-	UpdateBackoff(actualUrl *url.URL, err error, responseCode int)
-	CalculateBackoff(actualUrl *url.URL) time.Duration
+	UpdateBackoff(actualURL *url.URL, err error, responseCode int)
+	CalculateBackoff(actualURL *url.URL) time.Duration
 	Sleep(d time.Duration)
 }
 
+type BackoffManagerWithContext interface {
+	UpdateBackoffWithContext(ctx context.Context, actualURL *url.URL, err error, responseCode int)
+	CalculateBackoffWithContext(ctx context.Context, actualURL *url.URL) time.Duration
+	SleepWithContext(ctx context.Context, d time.Duration)
+}
+
+var _ BackoffManager = &URLBackoff{}
+var _ BackoffManagerWithContext = &URLBackoff{}
+
 // URLBackoff struct implements the semantics on top of Backoff which
 // we need for URL specific exponential backoff.
 type URLBackoff struct {
@@ -49,11 +63,19 @@ type URLBackoff struct {
 type NoBackoff struct {
 }
 
-func (n *NoBackoff) UpdateBackoff(actualUrl *url.URL, err error, responseCode int) {
+func (n *NoBackoff) UpdateBackoff(actualURL *url.URL, err error, responseCode int) {
 	// do nothing.
 }
 
-func (n *NoBackoff) CalculateBackoff(actualUrl *url.URL) time.Duration {
+func (n *NoBackoff) UpdateBackoffWithContext(ctx context.Context, actualURL *url.URL, err error, responseCode int) {
+	// do nothing.
+}
+
+func (n *NoBackoff) CalculateBackoff(actualURL *url.URL) time.Duration {
+	return 0 * time.Second
+}
+
+func (n *NoBackoff) CalculateBackoffWithContext(ctx context.Context, actualURL *url.URL) time.Duration {
 	return 0 * time.Second
 }
 
@@ -61,10 +83,21 @@ func (n *NoBackoff) Sleep(d time.Duration) {
 	time.Sleep(d)
 }
 
+func (n *NoBackoff) SleepWithContext(ctx context.Context, d time.Duration) {
+	if d == 0 {
+		return
+	}
+	t := time.NewTimer(d)
+	defer t.Stop()
+	select {
+	case <-ctx.Done():
+	case <-t.C:
+	}
+}
+
 // Disable makes the backoff trivial, i.e., sets it to zero.  This might be used
 // by tests which want to run 1000s of mock requests without slowing down.
 func (b *URLBackoff) Disable() {
-	klog.V(4).Infof("Disabling backoff strategy")
 	b.Backoff = flowcontrol.NewBackOff(0*time.Second, 0*time.Second)
 }
 
@@ -76,32 +109,74 @@ func (b *URLBackoff) baseUrlKey(rawurl *url.URL) string {
 	// in the future.
 	host, err := url.Parse(rawurl.String())
 	if err != nil {
-		klog.V(4).Infof("Error extracting url: %v", rawurl)
-		panic("bad url!")
+		panic(fmt.Sprintf("Error parsing bad URL %q: %v", rawurl, err))
 	}
 	return host.Host
 }
 
 // UpdateBackoff updates backoff metadata
-func (b *URLBackoff) UpdateBackoff(actualUrl *url.URL, err error, responseCode int) {
+func (b *URLBackoff) UpdateBackoff(actualURL *url.URL, err error, responseCode int) {
+	b.UpdateBackoffWithContext(context.Background(), actualURL, err, responseCode)
+}
+
+// UpdateBackoffWithContext updates backoff metadata
+func (b *URLBackoff) UpdateBackoffWithContext(ctx context.Context, actualURL *url.URL, err error, responseCode int) {
 	// range for retry counts that we store is [0,13]
 	if responseCode > maxResponseCode || serverIsOverloadedSet.Has(responseCode) {
-		b.Backoff.Next(b.baseUrlKey(actualUrl), b.Backoff.Clock.Now())
+		b.Backoff.Next(b.baseUrlKey(actualURL), b.Backoff.Clock.Now())
 		return
 	} else if responseCode >= 300 || err != nil {
-		klog.V(4).Infof("Client is returning errors: code %v, error %v", responseCode, err)
+		klog.FromContext(ctx).V(4).Info("Client is returning errors", "code", responseCode, "err", err)
 	}
 
 	//If we got this far, there is no backoff required for this URL anymore.
-	b.Backoff.Reset(b.baseUrlKey(actualUrl))
+	b.Backoff.Reset(b.baseUrlKey(actualURL))
 }
 
 // CalculateBackoff takes a url and back's off exponentially,
 // based on its knowledge of existing failures.
-func (b *URLBackoff) CalculateBackoff(actualUrl *url.URL) time.Duration {
-	return b.Backoff.Get(b.baseUrlKey(actualUrl))
+func (b *URLBackoff) CalculateBackoff(actualURL *url.URL) time.Duration {
+	return b.Backoff.Get(b.baseUrlKey(actualURL))
+}
+
+// CalculateBackoffWithContext takes a url and back's off exponentially,
+// based on its knowledge of existing failures.
+func (b *URLBackoff) CalculateBackoffWithContext(ctx context.Context, actualURL *url.URL) time.Duration {
+	return b.Backoff.Get(b.baseUrlKey(actualURL))
 }
 
 func (b *URLBackoff) Sleep(d time.Duration) {
 	b.Backoff.Clock.Sleep(d)
 }
+
+func (b *URLBackoff) SleepWithContext(ctx context.Context, d time.Duration) {
+	if d == 0 {
+		return
+	}
+	t := b.Backoff.Clock.NewTimer(d)
+	defer t.Stop()
+	select {
+	case <-ctx.Done():
+	case <-t.C():
+	}
+}
+
+// backoffManagerNopContext wraps a BackoffManager and adds the *WithContext methods.
+type backoffManagerNopContext struct {
+	BackoffManager
+}
+
+var _ BackoffManager = &backoffManagerNopContext{}
+var _ BackoffManagerWithContext = &backoffManagerNopContext{}
+
+func (b *backoffManagerNopContext) UpdateBackoffWithContext(ctx context.Context, actualURL *url.URL, err error, responseCode int) {
+	b.UpdateBackoff(actualURL, err, responseCode)
+}
+
+func (b *backoffManagerNopContext) CalculateBackoffWithContext(ctx context.Context, actualURL *url.URL) time.Duration {
+	return b.CalculateBackoff(actualURL)
+}
+
+func (b *backoffManagerNopContext) SleepWithContext(ctx context.Context, d time.Duration) {
+	b.Sleep(d)
+}
diff --git a/vendor/k8s.io/client-go/rest/warnings.go b/vendor/k8s.io/client-go/rest/warnings.go
index ad493659f2..713b2d64d6 100644
--- a/vendor/k8s.io/client-go/rest/warnings.go
+++ b/vendor/k8s.io/client-go/rest/warnings.go
@@ -17,6 +17,7 @@ limitations under the License.
 package rest
 
 import (
+	"context"
 	"fmt"
 	"io"
 	"net/http"
@@ -33,8 +34,15 @@ type WarningHandler interface {
 	HandleWarningHeader(code int, agent string, text string)
 }
 
+// WarningHandlerWithContext is an interface for handling warning headers with
+// support for contextual logging.
+type WarningHandlerWithContext interface {
+	// HandleWarningHeaderWithContext is called with the warn code, agent, and text when a warning header is countered.
+	HandleWarningHeaderWithContext(ctx context.Context, code int, agent string, text string)
+}
+
 var (
-	defaultWarningHandler     WarningHandler = WarningLogger{}
+	defaultWarningHandler     WarningHandlerWithContext = WarningLogger{}
 	defaultWarningHandlerLock sync.RWMutex
 )
 
@@ -43,33 +51,68 @@ var (
 //   - NoWarnings suppresses warnings.
 //   - WarningLogger logs warnings.
 //   - NewWarningWriter() outputs warnings to the provided writer.
+//
+// logcheck:context // SetDefaultWarningHandlerWithContext should be used instead of SetDefaultWarningHandler in code which supports contextual logging.
 func SetDefaultWarningHandler(l WarningHandler) {
+	if l == nil {
+		SetDefaultWarningHandlerWithContext(nil)
+		return
+	}
+	SetDefaultWarningHandlerWithContext(warningLoggerNopContext{l: l})
+}
+
+// SetDefaultWarningHandlerWithContext is a variant of [SetDefaultWarningHandler] which supports contextual logging.
+func SetDefaultWarningHandlerWithContext(l WarningHandlerWithContext) {
 	defaultWarningHandlerLock.Lock()
 	defer defaultWarningHandlerLock.Unlock()
 	defaultWarningHandler = l
 }
-func getDefaultWarningHandler() WarningHandler {
+
+func getDefaultWarningHandler() WarningHandlerWithContext {
 	defaultWarningHandlerLock.RLock()
 	defer defaultWarningHandlerLock.RUnlock()
 	l := defaultWarningHandler
 	return l
 }
 
-// NoWarnings is an implementation of WarningHandler that suppresses warnings.
+type warningLoggerNopContext struct {
+	l WarningHandler
+}
+
+func (w warningLoggerNopContext) HandleWarningHeaderWithContext(_ context.Context, code int, agent string, message string) {
+	w.l.HandleWarningHeader(code, agent, message)
+}
+
+// NoWarnings is an implementation of [WarningHandler] and [WarningHandlerWithContext] that suppresses warnings.
 type NoWarnings struct{}
 
 func (NoWarnings) HandleWarningHeader(code int, agent string, message string) {}
+func (NoWarnings) HandleWarningHeaderWithContext(ctx context.Context, code int, agent string, message string) {
+}
+
+var _ WarningHandler = NoWarnings{}
+var _ WarningHandlerWithContext = NoWarnings{}
 
-// WarningLogger is an implementation of WarningHandler that logs code 299 warnings
+// WarningLogger is an implementation of [WarningHandler] and [WarningHandlerWithContext] that logs code 299 warnings
 type WarningLogger struct{}
 
 func (WarningLogger) HandleWarningHeader(code int, agent string, message string) {
 	if code != 299 || len(message) == 0 {
 		return
 	}
-	klog.Warning(message)
+	klog.Background().Info("Warning: " + message)
 }
 
+func (WarningLogger) HandleWarningHeaderWithContext(ctx context.Context, code int, agent string, message string) {
+	if code != 299 || len(message) == 0 {
+		return
+	}
+	klog.FromContext(ctx).Info("Warning: " + message)
+}
+
+var _ WarningHandler = WarningLogger{}
+var _ WarningHandlerWithContext = WarningLogger{}
+
 type warningWriter struct {
 	// out is the writer to output warnings to
 	out io.Writer
@@ -134,14 +177,14 @@ func (w *warningWriter) WarningCount() int {
 	return w.writtenCount
 }
 
-func handleWarnings(headers http.Header, handler WarningHandler) []net.WarningHeader {
+func handleWarnings(ctx context.Context, headers http.Header, handler WarningHandlerWithContext) []net.WarningHeader {
 	if handler == nil {
 		handler = getDefaultWarningHandler()
 	}
 
 	warnings, _ := net.ParseWarningHeaders(headers["Warning"])
 	for _, warning := range warnings {
-		handler.HandleWarningHeader(warning.Code, warning.Agent, warning.Text)
+		handler.HandleWarningHeaderWithContext(ctx, warning.Code, warning.Agent, warning.Text)
 	}
 	return warnings
 }
diff --git a/vendor/k8s.io/client-go/rest/with_retry.go b/vendor/k8s.io/client-go/rest/with_retry.go
index eaaadc6a4c..e211c39d41 100644
--- a/vendor/k8s.io/client-go/rest/with_retry.go
+++ b/vendor/k8s.io/client-go/rest/with_retry.go
@@ -209,18 +209,18 @@ func (r *withRetry) Before(ctx context.Context, request *Request) error {
 		// we do a backoff sleep before the first attempt is made,
 		// (preserving current behavior).
 		if request.backoff != nil {
-			request.backoff.Sleep(request.backoff.CalculateBackoff(url))
+			request.backoff.SleepWithContext(ctx, request.backoff.CalculateBackoffWithContext(ctx, url))
 		}
 		return nil
 	}
 
 	// if we are here, we have made attempt(s) at least once before.
 	if request.backoff != nil {
-		delay := request.backoff.CalculateBackoff(url)
+		delay := request.backoff.CalculateBackoffWithContext(ctx, url)
 		if r.retryAfter.Wait > delay {
 			delay = r.retryAfter.Wait
 		}
-		request.backoff.Sleep(delay)
+		request.backoff.SleepWithContext(ctx, delay)
 	}
 
 	// We are retrying the request that we already send to
@@ -231,7 +231,7 @@ func (r *withRetry) Before(ctx context.Context, request *Request) error {
 		return err
 	}
 
-	klog.V(4).Infof("Got a Retry-After %s response for attempt %d to %v", r.retryAfter.Wait, r.retryAfter.Attempt, request.URL().String())
+	klog.FromContext(ctx).V(4).Info("Got a Retry-After response", "delay", r.retryAfter.Wait, "attempt", r.retryAfter.Attempt, "url", request.URL())
 	return nil
 }
 
@@ -258,9 +258,9 @@ func (r *withRetry) After(ctx context.Context, request *Request, resp *http.Resp
 
 	if request.c.base != nil {
 		if err != nil {
-			request.backoff.UpdateBackoff(request.URL(), err, 0)
+			request.backoff.UpdateBackoffWithContext(ctx, request.URL(), err, 0)
 		} else {
-			request.backoff.UpdateBackoff(request.URL(), err, resp.StatusCode)
+			request.backoff.UpdateBackoffWithContext(ctx, request.URL(), err, resp.StatusCode)
 		}
 	}
 }
diff --git a/vendor/k8s.io/client-go/tools/cache/controller.go b/vendor/k8s.io/client-go/tools/cache/controller.go
index e523a66522..1497700d81 100644
--- a/vendor/k8s.io/client-go/tools/cache/controller.go
+++ b/vendor/k8s.io/client-go/tools/cache/controller.go
@@ -17,7 +17,9 @@ limitations under the License.
 package cache
 
 import (
+	"context"
 	"errors"
+	clientgofeaturegate "k8s.io/client-go/features"
 	"sync"
 	"time"
 
@@ -71,16 +73,15 @@ type Config struct {
 	// resync.
 	ShouldResync ShouldResyncFunc
 
-	// If true, when Process() returns an error, re-enqueue the object.
-	// TODO: add interface to let you inject a delay/backoff or drop
-	//       the object completely if desired. Pass the object in
-	//       question to this interface as a parameter.  This is probably moot
-	//       now that this functionality appears at a higher level.
-	RetryOnError bool
-
 	// Called whenever the ListAndWatch drops the connection with an error.
+	//
+	// Contextual logging: WatchErrorHandlerWithContext should be used instead of WatchErrorHandler in code which supports contextual logging.
 	WatchErrorHandler WatchErrorHandler
 
+	// Called whenever the ListAndWatch drops the connection with an error
+	// and WatchErrorHandler is not set.
+	WatchErrorHandlerWithContext WatchErrorHandlerWithContext
+
 	// WatchListPageSize is the requested chunk size of initial and relist watch lists.
 	WatchListPageSize int64
 }
@@ -104,12 +105,21 @@ type controller struct {
 // Controller is a low-level controller that is parameterized by a
 // Config and used in sharedIndexInformer.
 type Controller interface {
-	// Run does two things.  One is to construct and run a Reflector
+	// RunWithContext does two things.  One is to construct and run a Reflector
 	// to pump objects/notifications from the Config's ListerWatcher
 	// to the Config's Queue and possibly invoke the occasional Resync
 	// on that Queue.  The other is to repeatedly Pop from the Queue
 	// and process with the Config's ProcessFunc.  Both of these
-	// continue until `stopCh` is closed.
+	// continue until the context is canceled.
+	//
+	// It's an error to call RunWithContext more than once.
+	// RunWithContext blocks; call via go.
+	RunWithContext(ctx context.Context)
+
+	// Run does the same as RunWithContext with a stop channel instead of
+	// a context.
+	//
+	// Contextual logging: RunWithcontext should be used instead of Run in code which supports contextual logging.
 	Run(stopCh <-chan struct{})
 
 	// HasSynced delegates to the Config's Queue
@@ -129,13 +139,16 @@ func New(c *Config) Controller {
 	return ctlr
 }
 
-// Run begins processing items, and will continue until a value is sent down stopCh or it is closed.
-// It's an error to call Run more than once.
-// Run blocks; call via go.
+// Run implements [Controller.Run].
 func (c *controller) Run(stopCh <-chan struct{}) {
-	defer utilruntime.HandleCrash()
+	c.RunWithContext(wait.ContextForChannel(stopCh))
+}
+
+// RunWithContext implements [Controller.RunWithContext].
+func (c *controller) RunWithContext(ctx context.Context) {
+	defer utilruntime.HandleCrashWithContext(ctx)
 	go func() {
-		<-stopCh
+		<-ctx.Done()
 		c.config.Queue.Close()
 	}()
 	r := NewReflectorWithOptions(
@@ -152,7 +165,11 @@ func (c *controller) Run(stopCh <-chan struct{}) {
 	r.ShouldResync = c.config.ShouldResync
 	r.WatchListPageSize = c.config.WatchListPageSize
 	if c.config.WatchErrorHandler != nil {
-		r.watchErrorHandler = c.config.WatchErrorHandler
+		r.watchErrorHandler = func(_ context.Context, r *Reflector, err error) {
+			c.config.WatchErrorHandler(r, err)
+		}
+	} else if c.config.WatchErrorHandlerWithContext != nil {
+		r.watchErrorHandler = c.config.WatchErrorHandlerWithContext
 	}
 
 	c.reflectorMutex.Lock()
@@ -161,9 +178,9 @@ func (c *controller) Run(stopCh <-chan struct{}) {
 
 	var wg wait.Group
 
-	wg.StartWithChannel(stopCh, r.Run)
+	wg.StartWithContext(ctx, r.RunWithContext)
 
-	wait.Until(c.processLoop, time.Second, stopCh)
+	wait.UntilWithContext(ctx, c.processLoop, time.Second)
 	wg.Wait()
 }
 
@@ -185,22 +202,16 @@ func (c *controller) LastSyncResourceVersion() string {
 // TODO: Consider doing the processing in parallel. This will require a little thought
 // to make sure that we don't end up processing the same object multiple times
 // concurrently.
-//
-// TODO: Plumb through the stopCh here (and down to the queue) so that this can
-// actually exit when the controller is stopped. Or just give up on this stuff
-// ever being stoppable. Converting this whole package to use Context would
-// also be helpful.
-func (c *controller) processLoop() {
+func (c *controller) processLoop(ctx context.Context) {
 	for {
-		obj, err := c.config.Queue.Pop(PopProcessFunc(c.config.Process))
+		// TODO: Plumb through the ctx so that this can
+		// actually exit when the controller is stopped. Or just give up on this stuff
+		// ever being stoppable.
+		_, err := c.config.Queue.Pop(PopProcessFunc(c.config.Process))
 		if err != nil {
 			if err == ErrFIFOClosed {
 				return
 			}
-			if c.config.RetryOnError {
-				// This is the safe way to re-enqueue.
-				c.config.Queue.AddIfNotPresent(obj)
-			}
 		}
 	}
 }
@@ -582,11 +593,17 @@ func newInformer(clientState Store, options InformerOptions) Controller {
 	// This will hold incoming changes. Note how we pass clientState in as a
 	// KeyLister, that way resync operations will result in the correct set
 	// of update/delete deltas.
-	fifo := NewDeltaFIFOWithOptions(DeltaFIFOOptions{
-		KnownObjects:          clientState,
-		EmitDeltaTypeReplaced: true,
-		Transformer:           options.Transform,
-	})
+
+	var fifo Queue
+	if clientgofeaturegate.FeatureGates().Enabled(clientgofeaturegate.InOrderInformers) {
+		fifo = NewRealFIFO(MetaNamespaceKeyFunc, clientState, options.Transform)
+	} else {
+		fifo = NewDeltaFIFOWithOptions(DeltaFIFOOptions{
+			KnownObjects:          clientState,
+			EmitDeltaTypeReplaced: true,
+			Transformer:           options.Transform,
+		})
+	}
 
 	cfg := &Config{
 		Queue:            fifo,
@@ -594,7 +611,6 @@ func newInformer(clientState Store, options InformerOptions) Controller {
 		ObjectType:       options.ObjectType,
 		FullResyncPeriod: options.ResyncPeriod,
 		MinWatchTimeout:  options.MinWatchTimeout,
-		RetryOnError:     false,
 
 		Process: func(obj interface{}, isInInitialList bool) error {
 			if deltas, ok := obj.(Deltas); ok {
diff --git a/vendor/k8s.io/client-go/tools/cache/delta_fifo.go b/vendor/k8s.io/client-go/tools/cache/delta_fifo.go
index ce74dfb6f1..264d7559a0 100644
--- a/vendor/k8s.io/client-go/tools/cache/delta_fifo.go
+++ b/vendor/k8s.io/client-go/tools/cache/delta_fifo.go
@@ -55,6 +55,9 @@ type DeltaFIFOOptions struct {
 	// If set, will be called for objects before enqueueing them. Please
 	// see the comment on TransformFunc for details.
 	Transformer TransformFunc
+
+	// If set, log output will go to this logger instead of klog.Background().
+	Logger *klog.Logger
 }
 
 // DeltaFIFO is like FIFO, but differs in two ways.  One is that the
@@ -136,6 +139,10 @@ type DeltaFIFO struct {
 
 	// Called with every object if non-nil.
 	transformer TransformFunc
+
+	// logger is a per-instance logger. This gets chosen when constructing
+	// the instance, with klog.Background() as default.
+	logger klog.Logger
 }
 
 // TransformFunc allows for transforming an object before it will be processed.
@@ -253,6 +260,10 @@ func NewDeltaFIFOWithOptions(opts DeltaFIFOOptions) *DeltaFIFO {
 
 		emitDeltaTypeReplaced: opts.EmitDeltaTypeReplaced,
 		transformer:           opts.Transformer,
+		logger:                klog.Background(),
+	}
+	if opts.Logger != nil {
+		f.logger = *opts.Logger
 	}
 	f.cond.L = &f.lock
 	return f
@@ -358,43 +369,6 @@ func (f *DeltaFIFO) Delete(obj interface{}) error {
 	return f.queueActionLocked(Deleted, obj)
 }
 
-// AddIfNotPresent inserts an item, and puts it in the queue. If the item is already
-// present in the set, it is neither enqueued nor added to the set.
-//
-// This is useful in a single producer/consumer scenario so that the consumer can
-// safely retry items without contending with the producer and potentially enqueueing
-// stale items.
-//
-// Important: obj must be a Deltas (the output of the Pop() function). Yes, this is
-// different from the Add/Update/Delete functions.
-func (f *DeltaFIFO) AddIfNotPresent(obj interface{}) error {
-	deltas, ok := obj.(Deltas)
-	if !ok {
-		return fmt.Errorf("object must be of type deltas, but got: %#v", obj)
-	}
-	id, err := f.KeyOf(deltas)
-	if err != nil {
-		return KeyError{obj, err}
-	}
-	f.lock.Lock()
-	defer f.lock.Unlock()
-	f.addIfNotPresent(id, deltas)
-	return nil
-}
-
-// addIfNotPresent inserts deltas under id if it does not exist, and assumes the caller
-// already holds the fifo lock.
-func (f *DeltaFIFO) addIfNotPresent(id string, deltas Deltas) {
-	f.populated = true
-	if _, exists := f.items[id]; exists {
-		return
-	}
-
-	f.queue = append(f.queue, id)
-	f.items[id] = deltas
-	f.cond.Broadcast()
-}
-
 // re-listing and watching can deliver the same update multiple times in any
 // order. This will combine the most recent two deltas if they are the same.
 func dedupDeltas(deltas Deltas) Deltas {
@@ -487,71 +461,16 @@ func (f *DeltaFIFO) queueActionInternalLocked(actionType, internalActionType Del
 		// when given a non-empty list (as it is here).
 		// If somehow it happens anyway, deal with it but complain.
 		if oldDeltas == nil {
-			klog.Errorf("Impossible dedupDeltas for id=%q: oldDeltas=%#+v, obj=%#+v; ignoring", id, oldDeltas, obj)
+			f.logger.Error(nil, "Impossible dedupDeltas, ignoring", "id", id, "oldDeltas", oldDeltas, "obj", obj)
 			return nil
 		}
-		klog.Errorf("Impossible dedupDeltas for id=%q: oldDeltas=%#+v, obj=%#+v; breaking invariant by storing empty Deltas", id, oldDeltas, obj)
+		f.logger.Error(nil, "Impossible dedupDeltas, breaking invariant by storing empty Deltas", "id", id, "oldDeltas", oldDeltas, "obj", obj)
 		f.items[id] = newDeltas
 		return fmt.Errorf("Impossible dedupDeltas for id=%q: oldDeltas=%#+v, obj=%#+v; broke DeltaFIFO invariant by storing empty Deltas", id, oldDeltas, obj)
 	}
 	return nil
 }
 
-// List returns a list of all the items; it returns the object
-// from the most recent Delta.
-// You should treat the items returned inside the deltas as immutable.
-func (f *DeltaFIFO) List() []interface{} {
-	f.lock.RLock()
-	defer f.lock.RUnlock()
-	return f.listLocked()
-}
-
-func (f *DeltaFIFO) listLocked() []interface{} {
-	list := make([]interface{}, 0, len(f.items))
-	for _, item := range f.items {
-		list = append(list, item.Newest().Object)
-	}
-	return list
-}
-
-// ListKeys returns a list of all the keys of the objects currently
-// in the FIFO.
-func (f *DeltaFIFO) ListKeys() []string {
-	f.lock.RLock()
-	defer f.lock.RUnlock()
-	list := make([]string, 0, len(f.queue))
-	for _, key := range f.queue {
-		list = append(list, key)
-	}
-	return list
-}
-
-// Get returns the complete list of deltas for the requested item,
-// or sets exists=false.
-// You should treat the items returned inside the deltas as immutable.
-func (f *DeltaFIFO) Get(obj interface{}) (item interface{}, exists bool, err error) {
-	key, err := f.KeyOf(obj)
-	if err != nil {
-		return nil, false, KeyError{obj, err}
-	}
-	return f.GetByKey(key)
-}
-
-// GetByKey returns the complete list of deltas for the requested item,
-// setting exists=false if that list is empty.
-// You should treat the items returned inside the deltas as immutable.
-func (f *DeltaFIFO) GetByKey(key string) (item interface{}, exists bool, err error) {
-	f.lock.RLock()
-	defer f.lock.RUnlock()
-	d, exists := f.items[key]
-	if exists {
-		// Copy item's slice so operations on this slice
-		// won't interfere with the object we return.
-		d = copyDeltas(d)
-	}
-	return d, exists, nil
-}
-
 // IsClosed checks if the queue is closed
 func (f *DeltaFIFO) IsClosed() bool {
 	f.lock.Lock()
@@ -565,9 +484,7 @@ func (f *DeltaFIFO) IsClosed() bool {
 // is returned, so if you don't successfully process it, you need to add it back
 // with AddIfNotPresent().
 // process function is called under lock, so it is safe to update data structures
-// in it that need to be in sync with the queue (e.g. knownKeys). The PopProcessFunc
-// may return an instance of ErrRequeue with a nested error to indicate the current
-// item should be requeued (equivalent to calling AddIfNotPresent under the lock).
+// in it that need to be in sync with the queue (e.g. knownKeys).
 // process should avoid expensive I/O operation so that other queue operations, i.e.
 // Add() and Get(), won't be blocked for too long.
 //
@@ -597,7 +514,7 @@ func (f *DeltaFIFO) Pop(process PopProcessFunc) (interface{}, error) {
 		item, ok := f.items[id]
 		if !ok {
 			// This should never happen
-			klog.Errorf("Inconceivable! %q was in f.queue but not f.items; ignoring.", id)
+			f.logger.Error(nil, "Inconceivable! Item was in f.queue but not f.items; ignoring", "id", id)
 			continue
 		}
 		delete(f.items, id)
@@ -614,10 +531,6 @@ func (f *DeltaFIFO) Pop(process PopProcessFunc) (interface{}, error) {
 			defer trace.LogIfLong(100 * time.Millisecond)
 		}
 		err := process(item, isInInitialList)
-		if e, ok := err.(ErrRequeue); ok {
-			f.addIfNotPresent(id, item)
-			err = e.Err
-		}
 		// Don't need to copyDeltas here, because we're transferring
 		// ownership to the caller.
 		return item, err
@@ -694,10 +607,10 @@ func (f *DeltaFIFO) Replace(list []interface{}, _ string) error {
 			deletedObj, exists, err := f.knownObjects.GetByKey(k)
 			if err != nil {
 				deletedObj = nil
-				klog.Errorf("Unexpected error %v during lookup of key %v, placing DeleteFinalStateUnknown marker without object", err, k)
+				f.logger.Error(err, "Unexpected error during lookup, placing DeleteFinalStateUnknown marker without object", "key", k)
 			} else if !exists {
 				deletedObj = nil
-				klog.Infof("Key %v does not exist in known objects store, placing DeleteFinalStateUnknown marker without object", k)
+				f.logger.Info("Key does not exist in known objects store, placing DeleteFinalStateUnknown marker without object", "key", k)
 			}
 			queuedDeletions++
 			if err := f.queueActionLocked(Deleted, DeletedFinalStateUnknown{k, deletedObj}); err != nil {
@@ -737,10 +650,10 @@ func (f *DeltaFIFO) Resync() error {
 func (f *DeltaFIFO) syncKeyLocked(key string) error {
 	obj, exists, err := f.knownObjects.GetByKey(key)
 	if err != nil {
-		klog.Errorf("Unexpected error %v during lookup of key %v, unable to queue object for sync", err, key)
+		f.logger.Error(err, "Unexpected error during lookup, unable to queue object for sync", "key", key)
 		return nil
 	} else if !exists {
-		klog.Infof("Key %v does not exist in known objects store, unable to queue object for sync", key)
+		f.logger.Info("Key does not exist in known objects store, unable to queue object for sync", "key", key)
 		return nil
 	}
 
diff --git a/vendor/k8s.io/client-go/tools/cache/doc.go b/vendor/k8s.io/client-go/tools/cache/doc.go
index 56b61d3006..4f593f0d3d 100644
--- a/vendor/k8s.io/client-go/tools/cache/doc.go
+++ b/vendor/k8s.io/client-go/tools/cache/doc.go
@@ -21,4 +21,4 @@ limitations under the License.
 // list currently available nodes), and one that additionally acts as
 // a FIFO queue (for example, to allow a scheduler to process incoming
 // pods).
-package cache // import "k8s.io/client-go/tools/cache"
+package cache
diff --git a/vendor/k8s.io/client-go/tools/cache/fifo.go b/vendor/k8s.io/client-go/tools/cache/fifo.go
index dd13c4ea77..5c2ca90084 100644
--- a/vendor/k8s.io/client-go/tools/cache/fifo.go
+++ b/vendor/k8s.io/client-go/tools/cache/fifo.go
@@ -27,30 +27,16 @@ import (
 // It is supposed to process the accumulator popped from the queue.
 type PopProcessFunc func(obj interface{}, isInInitialList bool) error
 
-// ErrRequeue may be returned by a PopProcessFunc to safely requeue
-// the current item. The value of Err will be returned from Pop.
-type ErrRequeue struct {
-	// Err is returned by the Pop function
-	Err error
-}
-
 // ErrFIFOClosed used when FIFO is closed
 var ErrFIFOClosed = errors.New("DeltaFIFO: manipulating with closed queue")
 
-func (e ErrRequeue) Error() string {
-	if e.Err == nil {
-		return "the popped item should be requeued without returning an error"
-	}
-	return e.Err.Error()
-}
-
-// Queue extends Store with a collection of Store keys to "process".
+// Queue extends ReflectorStore with a collection of Store keys to "process".
 // Every Add, Update, or Delete may put the object's key in that collection.
 // A Queue has a way to derive the corresponding key given an accumulator.
 // A Queue can be accessed concurrently from multiple goroutines.
 // A Queue can be "closed", after which Pop operations return an error.
 type Queue interface {
-	Store
+	ReflectorStore
 
 	// Pop blocks until there is at least one key to process or the
 	// Queue is closed.  In the latter case Pop returns with an error.
@@ -64,11 +50,6 @@ type Queue interface {
 	// Pop.
 	Pop(PopProcessFunc) (interface{}, error)
 
-	// AddIfNotPresent puts the given accumulator into the Queue (in
-	// association with the accumulator's key) if and only if that key
-	// is not already associated with a non-empty accumulator.
-	AddIfNotPresent(interface{}) error
-
 	// HasSynced returns true if the first batch of keys have all been
 	// popped.  The first batch of keys are those of the first Replace
 	// operation if that happened before any Add, AddIfNotPresent,
@@ -177,36 +158,6 @@ func (f *FIFO) Add(obj interface{}) error {
 	return nil
 }
 
-// AddIfNotPresent inserts an item, and puts it in the queue. If the item is already
-// present in the set, it is neither enqueued nor added to the set.
-//
-// This is useful in a single producer/consumer scenario so that the consumer can
-// safely retry items without contending with the producer and potentially enqueueing
-// stale items.
-func (f *FIFO) AddIfNotPresent(obj interface{}) error {
-	id, err := f.keyFunc(obj)
-	if err != nil {
-		return KeyError{obj, err}
-	}
-	f.lock.Lock()
-	defer f.lock.Unlock()
-	f.addIfNotPresent(id, obj)
-	return nil
-}
-
-// addIfNotPresent assumes the fifo lock is already held and adds the provided
-// item to the queue under id if it does not already exist.
-func (f *FIFO) addIfNotPresent(id string, obj interface{}) {
-	f.populated = true
-	if _, exists := f.items[id]; exists {
-		return
-	}
-
-	f.queue = append(f.queue, id)
-	f.items[id] = obj
-	f.cond.Broadcast()
-}
-
 // Update is the same as Add in this implementation.
 func (f *FIFO) Update(obj interface{}) error {
 	return f.Add(obj)
@@ -227,46 +178,6 @@ func (f *FIFO) Delete(obj interface{}) error {
 	return err
 }
 
-// List returns a list of all the items.
-func (f *FIFO) List() []interface{} {
-	f.lock.RLock()
-	defer f.lock.RUnlock()
-	list := make([]interface{}, 0, len(f.items))
-	for _, item := range f.items {
-		list = append(list, item)
-	}
-	return list
-}
-
-// ListKeys returns a list of all the keys of the objects currently
-// in the FIFO.
-func (f *FIFO) ListKeys() []string {
-	f.lock.RLock()
-	defer f.lock.RUnlock()
-	list := make([]string, 0, len(f.items))
-	for key := range f.items {
-		list = append(list, key)
-	}
-	return list
-}
-
-// Get returns the requested item, or sets exists=false.
-func (f *FIFO) Get(obj interface{}) (item interface{}, exists bool, err error) {
-	key, err := f.keyFunc(obj)
-	if err != nil {
-		return nil, false, KeyError{obj, err}
-	}
-	return f.GetByKey(key)
-}
-
-// GetByKey returns the requested item, or sets exists=false.
-func (f *FIFO) GetByKey(key string) (item interface{}, exists bool, err error) {
-	f.lock.RLock()
-	defer f.lock.RUnlock()
-	item, exists = f.items[key]
-	return item, exists, nil
-}
-
 // IsClosed checks if the queue is closed
 func (f *FIFO) IsClosed() bool {
 	f.lock.Lock()
@@ -307,10 +218,6 @@ func (f *FIFO) Pop(process PopProcessFunc) (interface{}, error) {
 		}
 		delete(f.items, id)
 		err := process(item, isInInitialList)
-		if e, ok := err.(ErrRequeue); ok {
-			f.addIfNotPresent(id, item)
-			err = e.Err
-		}
 		return item, err
 	}
 }
diff --git a/vendor/k8s.io/client-go/tools/cache/listers.go b/vendor/k8s.io/client-go/tools/cache/listers.go
index a60f44943e..9e050ff45e 100644
--- a/vendor/k8s.io/client-go/tools/cache/listers.go
+++ b/vendor/k8s.io/client-go/tools/cache/listers.go
@@ -62,7 +62,12 @@ func ListAllByNamespace(indexer Indexer, namespace string, selector labels.Selec
 	items, err := indexer.Index(NamespaceIndex, &metav1.ObjectMeta{Namespace: namespace})
 	if err != nil {
 		// Ignore error; do slow search without index.
-		klog.Warningf("can not retrieve list of objects using index : %v", err)
+		//
+		// ListAllByNamespace is called by generated code
+		// (k8s.io/client-go/listers) and probably not worth converting
+		// to contextual logging, which would require changing all of
+		// those APIs.
+		klog.TODO().Info("Warning: can not retrieve list of objects using index", "err", err)
 		for _, m := range indexer.List() {
 			metadata, err := meta.Accessor(m)
 			if err != nil {
diff --git a/vendor/k8s.io/client-go/tools/cache/listwatch.go b/vendor/k8s.io/client-go/tools/cache/listwatch.go
index f5708ffeb1..30d30e8858 100644
--- a/vendor/k8s.io/client-go/tools/cache/listwatch.go
+++ b/vendor/k8s.io/client-go/tools/cache/listwatch.go
@@ -27,50 +27,160 @@ import (
 )
 
 // Lister is any object that knows how to perform an initial list.
+//
+// Ideally, all implementations of Lister should also implement ListerWithContext.
 type Lister interface {
 	// List should return a list type object; the Items field will be extracted, and the
 	// ResourceVersion field will be used to start the watch in the right place.
+	//
+	// Deprecated: use ListerWithContext.ListWithContext instead.
 	List(options metav1.ListOptions) (runtime.Object, error)
 }
 
+// ListerWithContext is any object that knows how to perform an initial list.
+type ListerWithContext interface {
+	// ListWithContext should return a list type object; the Items field will be extracted, and the
+	// ResourceVersion field will be used to start the watch in the right place.
+	ListWithContext(ctx context.Context, options metav1.ListOptions) (runtime.Object, error)
+}
+
+func ToListerWithContext(l Lister) ListerWithContext {
+	if l, ok := l.(ListerWithContext); ok {
+		return l
+	}
+	return listerWrapper{
+		parent: l,
+	}
+}
+
+type listerWrapper struct {
+	parent Lister
+}
+
+func (l listerWrapper) ListWithContext(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+	return l.parent.List(options)
+}
+
 // Watcher is any object that knows how to start a watch on a resource.
+//
+// Ideally, all implementations of Watcher should also implement WatcherWithContext.
 type Watcher interface {
 	// Watch should begin a watch at the specified version.
 	//
 	// If Watch returns an error, it should handle its own cleanup, including
 	// but not limited to calling Stop() on the watch, if one was constructed.
 	// This allows the caller to ignore the watch, if the error is non-nil.
+	//
+	// Deprecated: use WatcherWithContext.WatchWithContext instead.
 	Watch(options metav1.ListOptions) (watch.Interface, error)
 }
 
+// WatcherWithContext is any object that knows how to start a watch on a resource.
+type WatcherWithContext interface {
+	// WatchWithContext should begin a watch at the specified version.
+	//
+	// If Watch returns an error, it should handle its own cleanup, including
+	// but not limited to calling Stop() on the watch, if one was constructed.
+	// This allows the caller to ignore the watch, if the error is non-nil.
+	WatchWithContext(ctx context.Context, options metav1.ListOptions) (watch.Interface, error)
+}
+
+func ToWatcherWithContext(w Watcher) WatcherWithContext {
+	if w, ok := w.(WatcherWithContext); ok {
+		return w
+	}
+	return watcherWrapper{
+		parent: w,
+	}
+}
+
+type watcherWrapper struct {
+	parent Watcher
+}
+
+func (l watcherWrapper) WatchWithContext(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+	return l.parent.Watch(options)
+}
+
 // ListerWatcher is any object that knows how to perform an initial list and start a watch on a resource.
+//
+// Ideally, all implementations of ListerWatcher should also implement ListerWatcherWithContext.
 type ListerWatcher interface {
 	Lister
 	Watcher
 }
 
+// ListerWatcherWithContext is any object that knows how to perform an initial list and start a watch on a resource.
+type ListerWatcherWithContext interface {
+	ListerWithContext
+	WatcherWithContext
+}
+
+func ToListerWatcherWithContext(lw ListerWatcher) ListerWatcherWithContext {
+	if lw, ok := lw.(ListerWatcherWithContext); ok {
+		return lw
+	}
+	return listerWatcherWrapper{
+		ListerWithContext:  ToListerWithContext(lw),
+		WatcherWithContext: ToWatcherWithContext(lw),
+	}
+}
+
+type listerWatcherWrapper struct {
+	ListerWithContext
+	WatcherWithContext
+}
+
 // ListFunc knows how to list resources
+//
+// Deprecated: use ListWithContextFunc instead.
 type ListFunc func(options metav1.ListOptions) (runtime.Object, error)
 
+// ListWithContextFunc knows how to list resources
+type ListWithContextFunc func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error)
+
 // WatchFunc knows how to watch resources
+//
+// Deprecated: use WatchFuncWithContext instead.
 type WatchFunc func(options metav1.ListOptions) (watch.Interface, error)
 
-// ListWatch knows how to list and watch a set of apiserver resources.  It satisfies the ListerWatcher interface.
+// WatchFuncWithContext knows how to watch resources
+type WatchFuncWithContext func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error)
+
+// ListWatch knows how to list and watch a set of apiserver resources.
+// It satisfies the ListerWatcher and ListerWatcherWithContext interfaces.
 // It is a convenience function for users of NewReflector, etc.
-// ListFunc and WatchFunc must not be nil
+// ListFunc or ListWithContextFunc must be set. Same for WatchFunc and WatchFuncWithContext.
+// ListWithContextFunc and WatchFuncWithContext are preferred if
+// a context is available, otherwise ListFunc and WatchFunc.
+//
+// NewFilteredListWatchFromClient sets all of the functions to ensure that callers
+// which only know about ListFunc and WatchFunc continue to work.
 type ListWatch struct {
-	ListFunc  ListFunc
+	// Deprecated: use ListWithContext instead.
+	ListFunc ListFunc
+	// Deprecated: use WatchWithContext instead.
 	WatchFunc WatchFunc
+
+	ListWithContextFunc  ListWithContextFunc
+	WatchFuncWithContext WatchFuncWithContext
+
 	// DisableChunking requests no chunking for this list watcher.
 	DisableChunking bool
 }
 
+var (
+	_ ListerWatcher            = &ListWatch{}
+	_ ListerWatcherWithContext = &ListWatch{}
+)
+
 // Getter interface knows how to access Get method from RESTClient.
 type Getter interface {
 	Get() *restclient.Request
 }
 
 // NewListWatchFromClient creates a new ListWatch from the specified client, resource, namespace and field selector.
+// For backward compatibility, all function fields are populated.
 func NewListWatchFromClient(c Getter, resource string, namespace string, fieldSelector fields.Selector) *ListWatch {
 	optionsModifier := func(options *metav1.ListOptions) {
 		options.FieldSelector = fieldSelector.String()
@@ -81,6 +191,7 @@ func NewListWatchFromClient(c Getter, resource string, namespace string, fieldSe
 // NewFilteredListWatchFromClient creates a new ListWatch from the specified client, resource, namespace, and option modifier.
 // Option modifier is a function takes a ListOptions and modifies the consumed ListOptions. Provide customized modifier function
 // to apply modification to ListOptions with a field selector, a label selector, or any other desired options.
+// For backward compatibility, all function fields are populated.
 func NewFilteredListWatchFromClient(c Getter, resource string, namespace string, optionsModifier func(options *metav1.ListOptions)) *ListWatch {
 	listFunc := func(options metav1.ListOptions) (runtime.Object, error) {
 		optionsModifier(&options)
@@ -88,7 +199,7 @@ func NewFilteredListWatchFromClient(c Getter, resource string, namespace string,
 			Namespace(namespace).
 			Resource(resource).
 			VersionedParams(&options, metav1.ParameterCodec).
-			Do(context.TODO()).
+			Do(context.Background()).
 			Get()
 	}
 	watchFunc := func(options metav1.ListOptions) (watch.Interface, error) {
@@ -98,19 +209,70 @@ func NewFilteredListWatchFromClient(c Getter, resource string, namespace string,
 			Namespace(namespace).
 			Resource(resource).
 			VersionedParams(&options, metav1.ParameterCodec).
-			Watch(context.TODO())
+			Watch(context.Background())
+	}
+	listFuncWithContext := func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+		optionsModifier(&options)
+		return c.Get().
+			Namespace(namespace).
+			Resource(resource).
+			VersionedParams(&options, metav1.ParameterCodec).
+			Do(ctx).
+			Get()
+	}
+	watchFuncWithContext := func(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+		options.Watch = true
+		optionsModifier(&options)
+		return c.Get().
+			Namespace(namespace).
+			Resource(resource).
+			VersionedParams(&options, metav1.ParameterCodec).
+			Watch(ctx)
+	}
+	return &ListWatch{
+		ListFunc:             listFunc,
+		WatchFunc:            watchFunc,
+		ListWithContextFunc:  listFuncWithContext,
+		WatchFuncWithContext: watchFuncWithContext,
 	}
-	return &ListWatch{ListFunc: listFunc, WatchFunc: watchFunc}
 }
 
 // List a set of apiserver resources
+//
+// Deprecated: use ListWatchWithContext.ListWithContext instead.
 func (lw *ListWatch) List(options metav1.ListOptions) (runtime.Object, error) {
 	// ListWatch is used in Reflector, which already supports pagination.
 	// Don't paginate here to avoid duplication.
+	if lw.ListFunc != nil {
+		return lw.ListFunc(options)
+	}
+	return lw.ListWithContextFunc(context.Background(), options)
+}
+
+// List a set of apiserver resources
+func (lw *ListWatch) ListWithContext(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
+	// ListWatch is used in Reflector, which already supports pagination.
+	// Don't paginate here to avoid duplication.
+	if lw.ListWithContextFunc != nil {
+		return lw.ListWithContextFunc(ctx, options)
+	}
 	return lw.ListFunc(options)
 }
 
 // Watch a set of apiserver resources
+//
+// Deprecated: use ListWatchWithContext.WatchWithContext instead.
 func (lw *ListWatch) Watch(options metav1.ListOptions) (watch.Interface, error) {
+	if lw.WatchFunc != nil {
+		return lw.WatchFunc(options)
+	}
+	return lw.WatchFuncWithContext(context.Background(), options)
+}
+
+// Watch a set of apiserver resources
+func (lw *ListWatch) WatchWithContext(ctx context.Context, options metav1.ListOptions) (watch.Interface, error) {
+	if lw.WatchFuncWithContext != nil {
+		return lw.WatchFuncWithContext(ctx, options)
+	}
 	return lw.WatchFunc(options)
 }
diff --git a/vendor/k8s.io/client-go/tools/cache/mutation_cache.go b/vendor/k8s.io/client-go/tools/cache/mutation_cache.go
index c6f953d8e0..6800a62508 100644
--- a/vendor/k8s.io/client-go/tools/cache/mutation_cache.go
+++ b/vendor/k8s.io/client-go/tools/cache/mutation_cache.go
@@ -60,7 +60,7 @@ type ResourceVersionComparator interface {
 // If includeAdds is true, objects in the mutation cache will be returned even if they don't exist
 // in the underlying store. This is only safe if your use of the cache can handle mutation entries
 // remaining in the cache for up to ttl when mutations and deletes occur very closely in time.
-func NewIntegerResourceVersionMutationCache(backingCache Store, indexer Indexer, ttl time.Duration, includeAdds bool) MutationCache {
+func NewIntegerResourceVersionMutationCache(logger klog.Logger, backingCache Store, indexer Indexer, ttl time.Duration, includeAdds bool) MutationCache {
 	return &mutationCache{
 		backingCache:  backingCache,
 		indexer:       indexer,
@@ -68,6 +68,7 @@ func NewIntegerResourceVersionMutationCache(backingCache Store, indexer Indexer,
 		comparator:    etcdObjectVersioner{},
 		ttl:           ttl,
 		includeAdds:   includeAdds,
+		logger:        logger,
 	}
 }
 
@@ -75,6 +76,7 @@ func NewIntegerResourceVersionMutationCache(backingCache Store, indexer Indexer,
 // since you can't distinguish between, "didn't observe create" and "was deleted after create",
 // if the key is missing from the backing cache, we always return it as missing
 type mutationCache struct {
+	logger        klog.Logger
 	lock          sync.Mutex
 	backingCache  Store
 	indexer       Indexer
@@ -157,7 +159,7 @@ func (c *mutationCache) ByIndex(name string, indexKey string) ([]interface{}, er
 			}
 			elements, err := fn(updated)
 			if err != nil {
-				klog.V(4).Infof("Unable to calculate an index entry for mutation cache entry %s: %v", key, err)
+				c.logger.V(4).Info("Unable to calculate an index entry for mutation cache entry", "key", key, "err", err)
 				continue
 			}
 			for _, inIndex := range elements {
@@ -204,7 +206,7 @@ func (c *mutationCache) Mutation(obj interface{}) {
 	key, err := DeletionHandlingMetaNamespaceKeyFunc(obj)
 	if err != nil {
 		// this is a "nice to have", so failures shouldn't do anything weird
-		utilruntime.HandleError(err)
+		utilruntime.HandleErrorWithLogger(c.logger, err, "DeletionHandlingMetaNamespaceKeyFunc")
 		return
 	}
 
diff --git a/vendor/k8s.io/client-go/tools/cache/mutation_detector.go b/vendor/k8s.io/client-go/tools/cache/mutation_detector.go
index b37537cbd8..27ea62bfbb 100644
--- a/vendor/k8s.io/client-go/tools/cache/mutation_detector.go
+++ b/vendor/k8s.io/client-go/tools/cache/mutation_detector.go
@@ -50,6 +50,7 @@ func NewCacheMutationDetector(name string) MutationDetector {
 	if !mutationDetectionEnabled {
 		return dummyMutationDetector{}
 	}
+	//nolint:logcheck // This code shouldn't be used in production.
 	klog.Warningln("Mutation detector is enabled, this will result in memory leakage.")
 	return &defaultCacheMutationDetector{name: name, period: 1 * time.Second, retainDuration: 2 * time.Minute}
 }
diff --git a/vendor/k8s.io/client-go/tools/cache/reflector.go b/vendor/k8s.io/client-go/tools/cache/reflector.go
index 030b452979..8e2a827002 100644
--- a/vendor/k8s.io/client-go/tools/cache/reflector.go
+++ b/vendor/k8s.io/client-go/tools/cache/reflector.go
@@ -55,6 +55,28 @@ var (
 	defaultMinWatchTimeout = 5 * time.Minute
 )
 
+// ReflectorStore is the subset of cache.Store that the reflector uses
+type ReflectorStore interface {
+	// Add adds the given object to the accumulator associated with the given object's key
+	Add(obj interface{}) error
+
+	// Update updates the given object in the accumulator associated with the given object's key
+	Update(obj interface{}) error
+
+	// Delete deletes the given object from the accumulator associated with the given object's key
+	Delete(obj interface{}) error
+
+	// Replace will delete the contents of the store, using instead the
+	// given list. Store takes ownership of the list, you should not reference
+	// it after calling this function.
+	Replace([]interface{}, string) error
+
+	// Resync is meaningless in the terms appearing here but has
+	// meaning in some implementations that have non-trivial
+	// additional behavior (e.g., DeltaFIFO).
+	Resync() error
+}
+
 // Reflector watches a specified resource and causes all changes to be reflected in the given store.
 type Reflector struct {
 	// name identifies this reflector. By default, it will be a file:line if possible.
@@ -72,9 +94,9 @@ type Reflector struct {
 	// The GVK of the object we expect to place in the store if unstructured.
 	expectedGVK *schema.GroupVersionKind
 	// The destination to sync up with the watch source
-	store Store
+	store ReflectorStore
 	// listerWatcher is used to perform lists and watches.
-	listerWatcher ListerWatcher
+	listerWatcher ListerWatcherWithContext
 	// backoff manages backoff of ListWatch
 	backoffManager wait.BackoffManager
 	resyncPeriod   time.Duration
@@ -95,7 +117,7 @@ type Reflector struct {
 	// lastSyncResourceVersionMutex guards read/write access to lastSyncResourceVersion
 	lastSyncResourceVersionMutex sync.RWMutex
 	// Called whenever the ListAndWatch drops the connection with an error.
-	watchErrorHandler WatchErrorHandler
+	watchErrorHandler WatchErrorHandlerWithContext
 	// WatchListPageSize is the requested chunk size of initial and resync watch lists.
 	// If unset, for consistent reads (RV="") or reads that opt-into arbitrarily old data
 	// (RV="0") it will default to pager.PageSize, for the rest (RV != "" && RV != "0")
@@ -150,20 +172,32 @@ type ResourceVersionUpdater interface {
 // should be offloaded.
 type WatchErrorHandler func(r *Reflector, err error)
 
-// DefaultWatchErrorHandler is the default implementation of WatchErrorHandler
-func DefaultWatchErrorHandler(r *Reflector, err error) {
+// The WatchErrorHandler is called whenever ListAndWatch drops the
+// connection with an error. After calling this handler, the informer
+// will backoff and retry.
+//
+// The default implementation looks at the error type and tries to log
+// the error message at an appropriate level.
+//
+// Implementations of this handler may display the error message in other
+// ways. Implementations should return quickly - any expensive processing
+// should be offloaded.
+type WatchErrorHandlerWithContext func(ctx context.Context, r *Reflector, err error)
+
+// DefaultWatchErrorHandler is the default implementation of WatchErrorHandlerWithContext.
+func DefaultWatchErrorHandler(ctx context.Context, r *Reflector, err error) {
 	switch {
 	case isExpiredError(err):
 		// Don't set LastSyncResourceVersionUnavailable - LIST call with ResourceVersion=RV already
 		// has a semantic that it returns data at least as fresh as provided RV.
 		// So first try to LIST with setting RV to resource version of last observed object.
-		klog.V(4).Infof("%s: watch of %v closed with: %v", r.name, r.typeDescription, err)
+		klog.FromContext(ctx).V(4).Info("Watch closed", "reflector", r.name, "type", r.typeDescription, "err", err)
 	case err == io.EOF:
 		// watch closed normally
 	case err == io.ErrUnexpectedEOF:
-		klog.V(1).Infof("%s: Watch for %v closed with unexpected EOF: %v", r.name, r.typeDescription, err)
+		klog.FromContext(ctx).V(1).Info("Watch closed with unexpected EOF", "reflector", r.name, "type", r.typeDescription, "err", err)
 	default:
-		utilruntime.HandleError(fmt.Errorf("%s: Failed to watch %v: %v", r.name, r.typeDescription, err))
+		utilruntime.HandleErrorWithContext(ctx, err, "Failed to watch", "reflector", r.name, "type", r.typeDescription)
 	}
 }
 
@@ -177,13 +211,13 @@ func NewNamespaceKeyedIndexerAndReflector(lw ListerWatcher, expectedType interfa
 
 // NewReflector creates a new Reflector with its name defaulted to the closest source_file.go:line in the call stack
 // that is outside this package. See NewReflectorWithOptions for further information.
-func NewReflector(lw ListerWatcher, expectedType interface{}, store Store, resyncPeriod time.Duration) *Reflector {
+func NewReflector(lw ListerWatcher, expectedType interface{}, store ReflectorStore, resyncPeriod time.Duration) *Reflector {
 	return NewReflectorWithOptions(lw, expectedType, store, ReflectorOptions{ResyncPeriod: resyncPeriod})
 }
 
 // NewNamedReflector creates a new Reflector with the specified name. See NewReflectorWithOptions for further
 // information.
-func NewNamedReflector(name string, lw ListerWatcher, expectedType interface{}, store Store, resyncPeriod time.Duration) *Reflector {
+func NewNamedReflector(name string, lw ListerWatcher, expectedType interface{}, store ReflectorStore, resyncPeriod time.Duration) *Reflector {
 	return NewReflectorWithOptions(lw, expectedType, store, ReflectorOptions{Name: name, ResyncPeriod: resyncPeriod})
 }
 
@@ -222,7 +256,7 @@ type ReflectorOptions struct {
 // "yes".  This enables you to use reflectors to periodically process
 // everything as well as incrementally processing the things that
 // change.
-func NewReflectorWithOptions(lw ListerWatcher, expectedType interface{}, store Store, options ReflectorOptions) *Reflector {
+func NewReflectorWithOptions(lw ListerWatcher, expectedType interface{}, store ReflectorStore, options ReflectorOptions) *Reflector {
 	reflectorClock := options.Clock
 	if reflectorClock == nil {
 		reflectorClock = clock.RealClock{}
@@ -236,14 +270,14 @@ func NewReflectorWithOptions(lw ListerWatcher, expectedType interface{}, store S
 		resyncPeriod:    options.ResyncPeriod,
 		minWatchTimeout: minWatchTimeout,
 		typeDescription: options.TypeDescription,
-		listerWatcher:   lw,
+		listerWatcher:   ToListerWatcherWithContext(lw),
 		store:           store,
 		// We used to make the call every 1sec (1 QPS), the goal here is to achieve ~98% traffic reduction when
 		// API server is not healthy. With these parameters, backoff will stop at [30,60) sec interval which is
 		// 0.22 QPS. If we don't backoff for 2min, assume API server is healthy and we reset the backoff.
 		backoffManager:    wait.NewExponentialBackoffManager(800*time.Millisecond, 30*time.Second, 2*time.Minute, 2.0, 1.0, reflectorClock),
 		clock:             reflectorClock,
-		watchErrorHandler: WatchErrorHandler(DefaultWatchErrorHandler),
+		watchErrorHandler: WatchErrorHandlerWithContext(DefaultWatchErrorHandler),
 		expectedType:      reflect.TypeOf(expectedType),
 	}
 
@@ -309,14 +343,24 @@ var internalPackages = []string{"client-go/tools/cache/"}
 // Run repeatedly uses the reflector's ListAndWatch to fetch all the
 // objects and subsequent deltas.
 // Run will exit when stopCh is closed.
+//
+// Contextual logging: RunWithContext should be used instead of Run in code which supports contextual logging.
 func (r *Reflector) Run(stopCh <-chan struct{}) {
-	klog.V(3).Infof("Starting reflector %s (%s) from %s", r.typeDescription, r.resyncPeriod, r.name)
+	r.RunWithContext(wait.ContextForChannel(stopCh))
+}
+
+// RunWithContext repeatedly uses the reflector's ListAndWatch to fetch all the
+// objects and subsequent deltas.
+// Run will exit when the context is canceled.
+func (r *Reflector) RunWithContext(ctx context.Context) {
+	logger := klog.FromContext(ctx)
+	logger.V(3).Info("Starting reflector", "type", r.typeDescription, "resyncPeriod", r.resyncPeriod, "reflector", r.name)
 	wait.BackoffUntil(func() {
-		if err := r.ListAndWatch(stopCh); err != nil {
-			r.watchErrorHandler(r, err)
+		if err := r.ListAndWatchWithContext(ctx); err != nil {
+			r.watchErrorHandler(ctx, r, err)
 		}
-	}, r.backoffManager, true, stopCh)
-	klog.V(3).Infof("Stopping reflector %s (%s) from %s", r.typeDescription, r.resyncPeriod, r.name)
+	}, r.backoffManager, true, ctx.Done())
+	logger.V(3).Info("Stopping reflector", "type", r.typeDescription, "resyncPeriod", r.resyncPeriod, "reflector", r.name)
 }
 
 var (
@@ -345,21 +389,31 @@ func (r *Reflector) resyncChan() (<-chan time.Time, func() bool) {
 // ListAndWatch first lists all items and get the resource version at the moment of call,
 // and then use the resource version to watch.
 // It returns error if ListAndWatch didn't even try to initialize watch.
+//
+// Contextual logging: ListAndWatchWithContext should be used instead of ListAndWatch in code which supports contextual logging.
 func (r *Reflector) ListAndWatch(stopCh <-chan struct{}) error {
-	klog.V(3).Infof("Listing and watching %v from %s", r.typeDescription, r.name)
+	return r.ListAndWatchWithContext(wait.ContextForChannel(stopCh))
+}
+
+// ListAndWatchWithContext first lists all items and get the resource version at the moment of call,
+// and then use the resource version to watch.
+// It returns error if ListAndWatchWithContext didn't even try to initialize watch.
+func (r *Reflector) ListAndWatchWithContext(ctx context.Context) error {
+	logger := klog.FromContext(ctx)
+	logger.V(3).Info("Listing and watching", "type", r.typeDescription, "reflector", r.name)
 	var err error
 	var w watch.Interface
 	useWatchList := ptr.Deref(r.UseWatchList, false)
 	fallbackToList := !useWatchList
 
 	if useWatchList {
-		w, err = r.watchList(stopCh)
+		w, err = r.watchList(ctx)
 		if w == nil && err == nil {
 			// stopCh was closed
 			return nil
 		}
 		if err != nil {
-			klog.Warningf("The watchlist request ended with an error, falling back to the standard LIST/WATCH semantics because making progress is better than deadlocking, err = %v", err)
+			logger.Error(err, "The watchlist request ended with an error, falling back to the standard LIST/WATCH semantics because making progress is better than deadlocking")
 			fallbackToList = true
 			// ensure that we won't accidentally pass some garbage down the watch.
 			w = nil
@@ -367,20 +421,21 @@ func (r *Reflector) ListAndWatch(stopCh <-chan struct{}) error {
 	}
 
 	if fallbackToList {
-		err = r.list(stopCh)
+		err = r.list(ctx)
 		if err != nil {
 			return err
 		}
 	}
 
-	klog.V(2).Infof("Caches populated for %v from %s", r.typeDescription, r.name)
-	return r.watchWithResync(w, stopCh)
+	logger.V(2).Info("Caches populated", "type", r.typeDescription, "reflector", r.name)
+	return r.watchWithResync(ctx, w)
 }
 
 // startResync periodically calls r.store.Resync() method.
 // Note that this method is blocking and should be
 // called in a separate goroutine.
-func (r *Reflector) startResync(stopCh <-chan struct{}, cancelCh <-chan struct{}, resyncerrc chan error) {
+func (r *Reflector) startResync(ctx context.Context, resyncerrc chan error) {
+	logger := klog.FromContext(ctx)
 	resyncCh, cleanup := r.resyncChan()
 	defer func() {
 		cleanup() // Call the last one written into cleanup
@@ -388,13 +443,11 @@ func (r *Reflector) startResync(stopCh <-chan struct{}, cancelCh <-chan struct{}
 	for {
 		select {
 		case <-resyncCh:
-		case <-stopCh:
-			return
-		case <-cancelCh:
+		case <-ctx.Done():
 			return
 		}
 		if r.ShouldResync == nil || r.ShouldResync() {
-			klog.V(4).Infof("%s: forcing resync", r.name)
+			logger.V(4).Info("Forcing resync", "reflector", r.name)
 			if err := r.store.Resync(); err != nil {
 				resyncerrc <- err
 				return
@@ -406,16 +459,27 @@ func (r *Reflector) startResync(stopCh <-chan struct{}, cancelCh <-chan struct{}
 }
 
 // watchWithResync runs watch with startResync in the background.
-func (r *Reflector) watchWithResync(w watch.Interface, stopCh <-chan struct{}) error {
+func (r *Reflector) watchWithResync(ctx context.Context, w watch.Interface) error {
 	resyncerrc := make(chan error, 1)
-	cancelCh := make(chan struct{})
-	defer close(cancelCh)
-	go r.startResync(stopCh, cancelCh, resyncerrc)
-	return r.watch(w, stopCh, resyncerrc)
+	cancelCtx, cancel := context.WithCancel(ctx)
+	// Waiting for completion of the goroutine is relevant for race detector.
+	// Without this, there is a race between "this function returns + code
+	// waiting for it" and "goroutine does something".
+	var wg wait.Group
+	defer func() {
+		cancel()
+		wg.Wait()
+	}()
+	wg.Start(func() {
+		r.startResync(cancelCtx, resyncerrc)
+	})
+	return r.watch(ctx, w, resyncerrc)
 }
 
 // watch simply starts a watch request with the server.
-func (r *Reflector) watch(w watch.Interface, stopCh <-chan struct{}, resyncerrc chan error) error {
+func (r *Reflector) watch(ctx context.Context, w watch.Interface, resyncerrc chan error) error {
+	stopCh := ctx.Done()
+	logger := klog.FromContext(ctx)
 	var err error
 	retry := NewRetryWithDeadline(r.MaxInternalErrorRetryDuration, time.Minute, apierrors.IsInternalError, r.clock)
 
@@ -448,10 +512,10 @@ func (r *Reflector) watch(w watch.Interface, stopCh <-chan struct{}, resyncerrc
 				AllowWatchBookmarks: true,
 			}
 
-			w, err = r.listerWatcher.Watch(options)
+			w, err = r.listerWatcher.WatchWithContext(ctx, options)
 			if err != nil {
 				if canRetry := isWatchErrorRetriable(err); canRetry {
-					klog.V(4).Infof("%s: watch of %v returned %v - backing off", r.name, r.typeDescription, err)
+					logger.V(4).Info("Watch failed - backing off", "reflector", r.name, "type", r.typeDescription, "err", err)
 					select {
 					case <-stopCh:
 						return nil
@@ -463,8 +527,8 @@ func (r *Reflector) watch(w watch.Interface, stopCh <-chan struct{}, resyncerrc
 			}
 		}
 
-		err = handleWatch(start, w, r.store, r.expectedType, r.expectedGVK, r.name, r.typeDescription, r.setLastSyncResourceVersion,
-			r.clock, resyncerrc, stopCh)
+		err = handleWatch(ctx, start, w, r.store, r.expectedType, r.expectedGVK, r.name, r.typeDescription, r.setLastSyncResourceVersion,
+			r.clock, resyncerrc)
 		// Ensure that watch will not be reused across iterations.
 		w.Stop()
 		w = nil
@@ -476,9 +540,9 @@ func (r *Reflector) watch(w watch.Interface, stopCh <-chan struct{}, resyncerrc
 					// Don't set LastSyncResourceVersionUnavailable - LIST call with ResourceVersion=RV already
 					// has a semantic that it returns data at least as fresh as provided RV.
 					// So first try to LIST with setting RV to resource version of last observed object.
-					klog.V(4).Infof("%s: watch of %v closed with: %v", r.name, r.typeDescription, err)
+					logger.V(4).Info("Watch closed", "reflector", r.name, "type", r.typeDescription, "err", err)
 				case apierrors.IsTooManyRequests(err):
-					klog.V(2).Infof("%s: watch of %v returned 429 - backing off", r.name, r.typeDescription)
+					logger.V(2).Info("Watch returned 429 - backing off", "reflector", r.name, "type", r.typeDescription)
 					select {
 					case <-stopCh:
 						return nil
@@ -486,10 +550,10 @@ func (r *Reflector) watch(w watch.Interface, stopCh <-chan struct{}, resyncerrc
 						continue
 					}
 				case apierrors.IsInternalError(err) && retry.ShouldRetry():
-					klog.V(2).Infof("%s: retrying watch of %v internal error: %v", r.name, r.typeDescription, err)
+					logger.V(2).Info("Retrying watch after internal error", "reflector", r.name, "type", r.typeDescription, "err", err)
 					continue
 				default:
-					klog.Warningf("%s: watch of %v ended with: %v", r.name, r.typeDescription, err)
+					logger.Info("Warning: watch ended with error", "reflector", r.name, "type", r.typeDescription, "err", err)
 				}
 			}
 			return nil
@@ -499,7 +563,7 @@ func (r *Reflector) watch(w watch.Interface, stopCh <-chan struct{}, resyncerrc
 
 // list simply lists all items and records a resource version obtained from the server at the moment of the call.
 // the resource version can be used for further progress notification (aka. watch).
-func (r *Reflector) list(stopCh <-chan struct{}) error {
+func (r *Reflector) list(ctx context.Context) error {
 	var resourceVersion string
 	options := metav1.ListOptions{ResourceVersion: r.relistResourceVersion()}
 
@@ -519,7 +583,7 @@ func (r *Reflector) list(stopCh <-chan struct{}) error {
 		// Attempt to gather list in chunks, if supported by listerWatcher, if not, the first
 		// list request will return the full response.
 		pager := pager.New(pager.SimplePageFunc(func(opts metav1.ListOptions) (runtime.Object, error) {
-			return r.listerWatcher.List(opts)
+			return r.listerWatcher.ListWithContext(ctx, opts)
 		}))
 		switch {
 		case r.WatchListPageSize != 0:
@@ -558,7 +622,7 @@ func (r *Reflector) list(stopCh <-chan struct{}) error {
 		close(listCh)
 	}()
 	select {
-	case <-stopCh:
+	case <-ctx.Done():
 		return nil
 	case r := <-panicCh:
 		panic(r)
@@ -566,7 +630,6 @@ func (r *Reflector) list(stopCh <-chan struct{}) error {
 	}
 	initTrace.Step("Objects listed", trace.Field{Key: "error", Value: err})
 	if err != nil {
-		klog.Warningf("%s: failed to list %v: %v", r.name, r.typeDescription, err)
 		return fmt.Errorf("failed to list %v: %w", r.typeDescription, err)
 	}
 
@@ -624,7 +687,9 @@ func (r *Reflector) list(stopCh <-chan struct{}) error {
 // After receiving a "Bookmark" event the reflector is considered to be synchronized.
 // It replaces its internal store with the collected items and
 // reuses the current watch requests for getting further events.
-func (r *Reflector) watchList(stopCh <-chan struct{}) (watch.Interface, error) {
+func (r *Reflector) watchList(ctx context.Context) (watch.Interface, error) {
+	stopCh := ctx.Done()
+	logger := klog.FromContext(ctx)
 	var w watch.Interface
 	var err error
 	var temporaryStore Store
@@ -634,7 +699,7 @@ func (r *Reflector) watchList(stopCh <-chan struct{}) (watch.Interface, error) {
 	//  could be unified with the r.watch method
 	isErrorRetriableWithSideEffectsFn := func(err error) bool {
 		if canRetry := isWatchErrorRetriable(err); canRetry {
-			klog.V(2).Infof("%s: watch-list of %v returned %v - backing off", r.name, r.typeDescription, err)
+			logger.V(2).Info("watch-list failed - backing off", "reflector", r.name, "type", r.typeDescription, "err", err)
 			<-r.backoffManager.Backoff().C()
 			return true
 		}
@@ -674,16 +739,16 @@ func (r *Reflector) watchList(stopCh <-chan struct{}) (watch.Interface, error) {
 		}
 		start := r.clock.Now()
 
-		w, err = r.listerWatcher.Watch(options)
+		w, err = r.listerWatcher.WatchWithContext(ctx, options)
 		if err != nil {
 			if isErrorRetriableWithSideEffectsFn(err) {
 				continue
 			}
 			return nil, err
 		}
-		watchListBookmarkReceived, err := handleListWatch(start, w, temporaryStore, r.expectedType, r.expectedGVK, r.name, r.typeDescription,
+		watchListBookmarkReceived, err := handleListWatch(ctx, start, w, temporaryStore, r.expectedType, r.expectedGVK, r.name, r.typeDescription,
 			func(rv string) { resourceVersion = rv },
-			r.clock, make(chan error), stopCh)
+			r.clock, make(chan error))
 		if err != nil {
 			w.Stop() // stop and retry with clean state
 			if errors.Is(err, errorStopRequested) {
@@ -706,7 +771,7 @@ func (r *Reflector) watchList(stopCh <-chan struct{}) (watch.Interface, error) {
 	// we utilize the temporaryStore to ensure independence from the current store implementation.
 	// as of today, the store is implemented as a queue and will be drained by the higher-level
 	// component as soon as it finishes replacing the content.
-	checkWatchListDataConsistencyIfRequested(wait.ContextForChannel(stopCh), r.name, resourceVersion, wrapListFuncWithContext(r.listerWatcher.List), temporaryStore.List)
+	checkWatchListDataConsistencyIfRequested(ctx, r.name, resourceVersion, r.listerWatcher.ListWithContext, temporaryStore.List)
 
 	if err := r.store.Replace(temporaryStore.List(), resourceVersion); err != nil {
 		return nil, fmt.Errorf("unable to sync watch-list result: %w", err)
@@ -731,6 +796,7 @@ func (r *Reflector) syncWith(items []runtime.Object, resourceVersion string) err
 // retry. If successful, the watcher will be left open after receiving the
 // initial set of objects, to allow watching for future events.
 func handleListWatch(
+	ctx context.Context,
 	start time.Time,
 	w watch.Interface,
 	store Store,
@@ -741,20 +807,20 @@ func handleListWatch(
 	setLastSyncResourceVersion func(string),
 	clock clock.Clock,
 	errCh chan error,
-	stopCh <-chan struct{},
 ) (bool, error) {
 	exitOnWatchListBookmarkReceived := true
-	return handleAnyWatch(start, w, store, expectedType, expectedGVK, name, expectedTypeName,
-		setLastSyncResourceVersion, exitOnWatchListBookmarkReceived, clock, errCh, stopCh)
+	return handleAnyWatch(ctx, start, w, store, expectedType, expectedGVK, name, expectedTypeName,
+		setLastSyncResourceVersion, exitOnWatchListBookmarkReceived, clock, errCh)
 }
 
 // handleListWatch consumes events from w, updates the Store, and records the
 // last seen ResourceVersion, to allow continuing from that ResourceVersion on
 // retry. The watcher will always be stopped on exit.
 func handleWatch(
+	ctx context.Context,
 	start time.Time,
 	w watch.Interface,
-	store Store,
+	store ReflectorStore,
 	expectedType reflect.Type,
 	expectedGVK *schema.GroupVersionKind,
 	name string,
@@ -762,11 +828,10 @@ func handleWatch(
 	setLastSyncResourceVersion func(string),
 	clock clock.Clock,
 	errCh chan error,
-	stopCh <-chan struct{},
 ) error {
 	exitOnWatchListBookmarkReceived := false
-	_, err := handleAnyWatch(start, w, store, expectedType, expectedGVK, name, expectedTypeName,
-		setLastSyncResourceVersion, exitOnWatchListBookmarkReceived, clock, errCh, stopCh)
+	_, err := handleAnyWatch(ctx, start, w, store, expectedType, expectedGVK, name, expectedTypeName,
+		setLastSyncResourceVersion, exitOnWatchListBookmarkReceived, clock, errCh)
 	return err
 }
 
@@ -779,9 +844,11 @@ func handleWatch(
 // The watcher will always be stopped, unless exitOnWatchListBookmarkReceived is
 // true and watchListBookmarkReceived is true. This allows the same watch stream
 // to be re-used by the caller to continue watching for new events.
-func handleAnyWatch(start time.Time,
+func handleAnyWatch(
+	ctx context.Context,
+	start time.Time,
 	w watch.Interface,
-	store Store,
+	store ReflectorStore,
 	expectedType reflect.Type,
 	expectedGVK *schema.GroupVersionKind,
 	name string,
@@ -790,17 +857,17 @@ func handleAnyWatch(start time.Time,
 	exitOnWatchListBookmarkReceived bool,
 	clock clock.Clock,
 	errCh chan error,
-	stopCh <-chan struct{},
 ) (bool, error) {
 	watchListBookmarkReceived := false
 	eventCount := 0
-	initialEventsEndBookmarkWarningTicker := newInitialEventsEndBookmarkTicker(name, clock, start, exitOnWatchListBookmarkReceived)
+	logger := klog.FromContext(ctx)
+	initialEventsEndBookmarkWarningTicker := newInitialEventsEndBookmarkTicker(logger, name, clock, start, exitOnWatchListBookmarkReceived)
 	defer initialEventsEndBookmarkWarningTicker.Stop()
 
 loop:
 	for {
 		select {
-		case <-stopCh:
+		case <-ctx.Done():
 			return watchListBookmarkReceived, errorStopRequested
 		case err := <-errCh:
 			return watchListBookmarkReceived, err
@@ -813,19 +880,19 @@ loop:
 			}
 			if expectedType != nil {
 				if e, a := expectedType, reflect.TypeOf(event.Object); e != a {
-					utilruntime.HandleError(fmt.Errorf("%s: expected type %v, but watch event object had type %v", name, e, a))
+					utilruntime.HandleErrorWithContext(ctx, nil, "Unexpected watch event object type", "reflector", name, "expectedType", e, "actualType", a)
 					continue
 				}
 			}
 			if expectedGVK != nil {
 				if e, a := *expectedGVK, event.Object.GetObjectKind().GroupVersionKind(); e != a {
-					utilruntime.HandleError(fmt.Errorf("%s: expected gvk %v, but watch event object had gvk %v", name, e, a))
+					utilruntime.HandleErrorWithContext(ctx, nil, "Unexpected watch event object gvk", "reflector", name, "expectedGVK", e, "actualGVK", a)
 					continue
 				}
 			}
 			meta, err := meta.Accessor(event.Object)
 			if err != nil {
-				utilruntime.HandleError(fmt.Errorf("%s: unable to understand watch event %#v", name, event))
+				utilruntime.HandleErrorWithContext(ctx, err, "Unable to understand watch event", "reflector", name, "event", event)
 				continue
 			}
 			resourceVersion := meta.GetResourceVersion()
@@ -833,12 +900,12 @@ loop:
 			case watch.Added:
 				err := store.Add(event.Object)
 				if err != nil {
-					utilruntime.HandleError(fmt.Errorf("%s: unable to add watch event object (%#v) to store: %v", name, event.Object, err))
+					utilruntime.HandleErrorWithContext(ctx, err, "Unable to add watch event object to store", "reflector", name, "object", event.Object)
 				}
 			case watch.Modified:
 				err := store.Update(event.Object)
 				if err != nil {
-					utilruntime.HandleError(fmt.Errorf("%s: unable to update watch event object (%#v) to store: %v", name, event.Object, err))
+					utilruntime.HandleErrorWithContext(ctx, err, "Unable to update watch event object to store", "reflector", name, "object", event.Object)
 				}
 			case watch.Deleted:
 				// TODO: Will any consumers need access to the "last known
@@ -846,7 +913,7 @@ loop:
 				// to change this.
 				err := store.Delete(event.Object)
 				if err != nil {
-					utilruntime.HandleError(fmt.Errorf("%s: unable to delete watch event object (%#v) from store: %v", name, event.Object, err))
+					utilruntime.HandleErrorWithContext(ctx, err, "Unable to delete watch event object from store", "reflector", name, "object", event.Object)
 				}
 			case watch.Bookmark:
 				// A `Bookmark` means watch has synced here, just update the resourceVersion
@@ -854,7 +921,7 @@ loop:
 					watchListBookmarkReceived = true
 				}
 			default:
-				utilruntime.HandleError(fmt.Errorf("%s: unable to understand watch event %#v", name, event))
+				utilruntime.HandleErrorWithContext(ctx, err, "Unknown watch event", "reflector", name, "event", event)
 			}
 			setLastSyncResourceVersion(resourceVersion)
 			if rvu, ok := store.(ResourceVersionUpdater); ok {
@@ -863,7 +930,7 @@ loop:
 			eventCount++
 			if exitOnWatchListBookmarkReceived && watchListBookmarkReceived {
 				watchDuration := clock.Since(start)
-				klog.V(4).Infof("exiting %v Watch because received the bookmark that marks the end of initial events stream, total %v items received in %v", name, eventCount, watchDuration)
+				klog.FromContext(ctx).V(4).Info("Exiting watch because received the bookmark that marks the end of initial events stream", "reflector", name, "totalItems", eventCount, "duration", watchDuration)
 				return watchListBookmarkReceived, nil
 			}
 			initialEventsEndBookmarkWarningTicker.observeLastEventTimeStamp(clock.Now())
@@ -876,7 +943,7 @@ loop:
 	if watchDuration < 1*time.Second && eventCount == 0 {
 		return watchListBookmarkReceived, fmt.Errorf("very short watch: %s: Unexpected watch close - watch lasted less than a second and no items received", name)
 	}
-	klog.V(4).Infof("%s: Watch close - %v total %v items received", name, expectedTypeName, eventCount)
+	klog.FromContext(ctx).V(4).Info("Watch close", "reflector", name, "type", expectedTypeName, "totalItems", eventCount)
 	return watchListBookmarkReceived, nil
 }
 
@@ -990,13 +1057,6 @@ func isWatchErrorRetriable(err error) bool {
 	return false
 }
 
-// wrapListFuncWithContext simply wraps ListFunction into another function that accepts a context and ignores it.
-func wrapListFuncWithContext(listFn ListFunc) func(ctx context.Context, options metav1.ListOptions) (runtime.Object, error) {
-	return func(_ context.Context, options metav1.ListOptions) (runtime.Object, error) {
-		return listFn(options)
-	}
-}
-
 // initialEventsEndBookmarkTicker a ticker that produces a warning if the bookmark event
 // which marks the end of the watch stream, has not been received within the defined tick interval.
 //
@@ -1004,8 +1064,9 @@ func wrapListFuncWithContext(listFn ListFunc) func(ctx context.Context, options
 // The methods exposed by this type are not thread-safe.
 type initialEventsEndBookmarkTicker struct {
 	clock.Ticker
-	clock clock.Clock
-	name  string
+	clock  clock.Clock
+	name   string
+	logger klog.Logger
 
 	watchStart           time.Time
 	tickInterval         time.Duration
@@ -1019,15 +1080,15 @@ type initialEventsEndBookmarkTicker struct {
 // Note that the caller controls whether to call t.C() and t.Stop().
 //
 // In practice, the reflector exits the watchHandler as soon as the bookmark event is received and calls the t.C() method.
-func newInitialEventsEndBookmarkTicker(name string, c clock.Clock, watchStart time.Time, exitOnWatchListBookmarkReceived bool) *initialEventsEndBookmarkTicker {
-	return newInitialEventsEndBookmarkTickerInternal(name, c, watchStart, 10*time.Second, exitOnWatchListBookmarkReceived)
+func newInitialEventsEndBookmarkTicker(logger klog.Logger, name string, c clock.Clock, watchStart time.Time, exitOnWatchListBookmarkReceived bool) *initialEventsEndBookmarkTicker {
+	return newInitialEventsEndBookmarkTickerInternal(logger, name, c, watchStart, 10*time.Second, exitOnWatchListBookmarkReceived)
 }
 
-func newInitialEventsEndBookmarkTickerInternal(name string, c clock.Clock, watchStart time.Time, tickInterval time.Duration, exitOnWatchListBookmarkReceived bool) *initialEventsEndBookmarkTicker {
+func newInitialEventsEndBookmarkTickerInternal(logger klog.Logger, name string, c clock.Clock, watchStart time.Time, tickInterval time.Duration, exitOnWatchListBookmarkReceived bool) *initialEventsEndBookmarkTicker {
 	clockWithTicker, ok := c.(clock.WithTicker)
 	if !ok || !exitOnWatchListBookmarkReceived {
 		if exitOnWatchListBookmarkReceived {
-			klog.Warningf("clock does not support WithTicker interface but exitOnInitialEventsEndBookmark was requested")
+			logger.Info("Warning: clock does not support WithTicker interface but exitOnInitialEventsEndBookmark was requested")
 		}
 		return &initialEventsEndBookmarkTicker{
 			Ticker: &noopTicker{},
@@ -1038,6 +1099,7 @@ func newInitialEventsEndBookmarkTickerInternal(name string, c clock.Clock, watch
 		Ticker:       clockWithTicker.NewTicker(tickInterval),
 		clock:        c,
 		name:         name,
+		logger:       logger,
 		watchStart:   watchStart,
 		tickInterval: tickInterval,
 	}
@@ -1049,7 +1111,7 @@ func (t *initialEventsEndBookmarkTicker) observeLastEventTimeStamp(lastEventObse
 
 func (t *initialEventsEndBookmarkTicker) warnIfExpired() {
 	if err := t.produceWarningIfExpired(); err != nil {
-		klog.Warning(err)
+		t.logger.Info("Warning: event bookmark expired", "err", err)
 	}
 }
 
diff --git a/vendor/k8s.io/client-go/tools/cache/shared_informer.go b/vendor/k8s.io/client-go/tools/cache/shared_informer.go
index c805030bd7..9f194ff640 100644
--- a/vendor/k8s.io/client-go/tools/cache/shared_informer.go
+++ b/vendor/k8s.io/client-go/tools/cache/shared_informer.go
@@ -17,6 +17,7 @@ limitations under the License.
 package cache
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"sync"
@@ -29,6 +30,7 @@ import (
 	"k8s.io/client-go/tools/cache/synctrack"
 	"k8s.io/utils/buffer"
 	"k8s.io/utils/clock"
+	"k8s.io/utils/ptr"
 
 	"k8s.io/klog/v2"
 
@@ -142,6 +144,8 @@ type SharedInformer interface {
 	// It returns a registration handle for the handler that can be used to
 	// remove the handler again, or to tell if the handler is synced (has
 	// seen every item in the initial list).
+	//
+	// Contextual logging: AddEventHandlerWithOptions together with a logger in the options should be used instead of AddEventHandler in code which supports contextual logging.
 	AddEventHandler(handler ResourceEventHandler) (ResourceEventHandlerRegistration, error)
 	// AddEventHandlerWithResyncPeriod adds an event handler to the
 	// shared informer with the requested resync period; zero means
@@ -159,7 +163,12 @@ type SharedInformer interface {
 	// be competing load and scheduling noise.
 	// It returns a registration handle for the handler that can be used to remove
 	// the handler again and an error if the handler cannot be added.
+	//
+	// Contextual logging: AddEventHandlerWithOptions together with a logger in the options should be used instead of AddEventHandlerWithResyncPeriod in code which supports contextual logging.
 	AddEventHandlerWithResyncPeriod(handler ResourceEventHandler, resyncPeriod time.Duration) (ResourceEventHandlerRegistration, error)
+	// AddEventHandlerWithOptions is a variant of AddEventHandlerWithResyncPeriod where
+	// all optional parameters are passed in a struct.
+	AddEventHandlerWithOptions(handler ResourceEventHandler, options HandlerOptions) (ResourceEventHandlerRegistration, error)
 	// RemoveEventHandler removes a formerly added event handler given by
 	// its registration handle.
 	// This function is guaranteed to be idempotent, and thread-safe.
@@ -170,7 +179,12 @@ type SharedInformer interface {
 	GetController() Controller
 	// Run starts and runs the shared informer, returning after it stops.
 	// The informer will be stopped when stopCh is closed.
+	//
+	// Contextual logging: RunWithContext should be used instead of Run in code which uses contextual logging.
 	Run(stopCh <-chan struct{})
+	// RunWithContext starts and runs the shared informer, returning after it stops.
+	// The informer will be stopped when the context is canceled.
+	RunWithContext(ctx context.Context)
 	// HasSynced returns true if the shared informer's store has been
 	// informed by at least one full LIST of the authoritative state
 	// of the informer's object collection.  This is unrelated to "resync".
@@ -197,8 +211,14 @@ type SharedInformer interface {
 	// The handler is intended for visibility, not to e.g. pause the consumers.
 	// The handler should return quickly - any expensive processing should be
 	// offloaded.
+	//
+	// Contextual logging: SetWatchErrorHandlerWithContext should be used instead of SetWatchErrorHandler in code which supports contextual logging.
 	SetWatchErrorHandler(handler WatchErrorHandler) error
 
+	// SetWatchErrorHandlerWithContext is a variant of SetWatchErrorHandler where
+	// the handler is passed an additional context parameter.
+	SetWatchErrorHandlerWithContext(handler WatchErrorHandlerWithContext) error
+
 	// The TransformFunc is called for each object which is about to be stored.
 	//
 	// This function is intended for you to take the opportunity to
@@ -228,6 +248,21 @@ type ResourceEventHandlerRegistration interface {
 	HasSynced() bool
 }
 
+// Optional configuration options for [SharedInformer.AddEventHandlerWithOptions].
+// May be left empty.
+type HandlerOptions struct {
+	// Logger overrides the default klog.Background() logger.
+	Logger *klog.Logger
+
+	// ResyncPeriod requests a certain resync period from an informer. Zero
+	// means the handler does not care about resyncs. Not all informers do
+	// resyncs, even if requested. See
+	// [SharedInformer.AddEventHandlerWithResyncPeriod] for details.
+	//
+	// If nil, the default resync period of the shared informer is used.
+	ResyncPeriod *time.Duration
+}
+
 // SharedIndexInformer provides add and get Indexers ability based on SharedInformer.
 type SharedIndexInformer interface {
 	SharedInformer
@@ -309,15 +344,38 @@ const (
 // WaitForNamedCacheSync is a wrapper around WaitForCacheSync that generates log messages
 // indicating that the caller identified by name is waiting for syncs, followed by
 // either a successful or failed sync.
+//
+// Contextual logging: WaitForNamedCacheSyncWithContext should be used instead of WaitForNamedCacheSync in code which supports contextual logging.
 func WaitForNamedCacheSync(controllerName string, stopCh <-chan struct{}, cacheSyncs ...InformerSynced) bool {
-	klog.Infof("Waiting for caches to sync for %s", controllerName)
+	klog.Background().Info("Waiting for caches to sync", "controller", controllerName)
 
 	if !WaitForCacheSync(stopCh, cacheSyncs...) {
-		utilruntime.HandleError(fmt.Errorf("unable to sync caches for %s", controllerName))
+		utilruntime.HandleErrorWithContext(context.Background(), nil, "Unable to sync caches", "controller", controllerName)
+		return false
+	}
+
+	klog.Background().Info("Caches are synced", "controller", controllerName)
+	return true
+}
+
+// WaitForNamedCacheSyncWithContext is a wrapper around WaitForCacheSyncWithContext that generates log messages
+// indicating that the caller is waiting for syncs, followed by either a successful or failed sync.
+//
+// Contextual logging can be used to identify the caller in those log messages. The log level is zero,
+// the same as in [WaitForNamedCacheSync]. If this is too verbose, then store a logger with an increased
+// threshold in the context:
+//
+//	WaitForNamedCacheSyncWithContext(klog.NewContext(ctx, logger.V(5)), ...)
+func WaitForNamedCacheSyncWithContext(ctx context.Context, cacheSyncs ...InformerSynced) bool {
+	logger := klog.FromContext(ctx)
+	logger.Info("Waiting for caches to sync")
+
+	if !WaitForCacheSync(ctx.Done(), cacheSyncs...) {
+		utilruntime.HandleErrorWithContext(ctx, nil, "Unable to sync caches")
 		return false
 	}
 
-	klog.Infof("Caches are synced for %s", controllerName)
+	logger.Info("Caches are synced")
 	return true
 }
 
@@ -389,7 +447,7 @@ type sharedIndexInformer struct {
 	blockDeltas sync.Mutex
 
 	// Called whenever the ListAndWatch drops the connection with an error.
-	watchErrorHandler WatchErrorHandler
+	watchErrorHandler WatchErrorHandlerWithContext
 
 	transform TransformFunc
 }
@@ -403,6 +461,9 @@ type dummyController struct {
 	informer *sharedIndexInformer
 }
 
+func (v *dummyController) RunWithContext(context.Context) {
+}
+
 func (v *dummyController) Run(stopCh <-chan struct{}) {
 }
 
@@ -433,6 +494,12 @@ type deleteNotification struct {
 }
 
 func (s *sharedIndexInformer) SetWatchErrorHandler(handler WatchErrorHandler) error {
+	return s.SetWatchErrorHandlerWithContext(func(_ context.Context, r *Reflector, err error) {
+		handler(r, err)
+	})
+}
+
+func (s *sharedIndexInformer) SetWatchErrorHandlerWithContext(handler WatchErrorHandlerWithContext) error {
 	s.startedLock.Lock()
 	defer s.startedLock.Unlock()
 
@@ -457,10 +524,15 @@ func (s *sharedIndexInformer) SetTransform(handler TransformFunc) error {
 }
 
 func (s *sharedIndexInformer) Run(stopCh <-chan struct{}) {
-	defer utilruntime.HandleCrash()
+	s.RunWithContext(wait.ContextForChannel(stopCh))
+}
+
+func (s *sharedIndexInformer) RunWithContext(ctx context.Context) {
+	defer utilruntime.HandleCrashWithContext(ctx)
+	logger := klog.FromContext(ctx)
 
 	if s.HasStarted() {
-		klog.Warningf("The sharedIndexInformer has started, run more than once is not allowed")
+		logger.Info("Warning: the sharedIndexInformer has started, run more than once is not allowed")
 		return
 	}
 
@@ -468,11 +540,16 @@ func (s *sharedIndexInformer) Run(stopCh <-chan struct{}) {
 		s.startedLock.Lock()
 		defer s.startedLock.Unlock()
 
-		fifo := NewDeltaFIFOWithOptions(DeltaFIFOOptions{
-			KnownObjects:          s.indexer,
-			EmitDeltaTypeReplaced: true,
-			Transformer:           s.transform,
-		})
+		var fifo Queue
+		if clientgofeaturegate.FeatureGates().Enabled(clientgofeaturegate.InOrderInformers) {
+			fifo = NewRealFIFO(MetaNamespaceKeyFunc, s.indexer, s.transform)
+		} else {
+			fifo = NewDeltaFIFOWithOptions(DeltaFIFOOptions{
+				KnownObjects:          s.indexer,
+				EmitDeltaTypeReplaced: true,
+				Transformer:           s.transform,
+			})
+		}
 
 		cfg := &Config{
 			Queue:             fifo,
@@ -480,11 +557,10 @@ func (s *sharedIndexInformer) Run(stopCh <-chan struct{}) {
 			ObjectType:        s.objectType,
 			ObjectDescription: s.objectDescription,
 			FullResyncPeriod:  s.resyncCheckPeriod,
-			RetryOnError:      false,
 			ShouldResync:      s.processor.shouldResync,
 
-			Process:           s.HandleDeltas,
-			WatchErrorHandler: s.watchErrorHandler,
+			Process:                      s.HandleDeltas,
+			WatchErrorHandlerWithContext: s.watchErrorHandler,
 		}
 
 		s.controller = New(cfg)
@@ -492,20 +568,24 @@ func (s *sharedIndexInformer) Run(stopCh <-chan struct{}) {
 		s.started = true
 	}()
 
-	// Separate stop channel because Processor should be stopped strictly after controller
-	processorStopCh := make(chan struct{})
+	// Separate stop context because Processor should be stopped strictly after controller.
+	// Cancelation in the parent context is ignored and all values are passed on,
+	// including - but not limited to - a logger.
+	processorStopCtx, stopProcessor := context.WithCancelCause(context.WithoutCancel(ctx))
 	var wg wait.Group
-	defer wg.Wait()              // Wait for Processor to stop
-	defer close(processorStopCh) // Tell Processor to stop
-	wg.StartWithChannel(processorStopCh, s.cacheMutationDetector.Run)
-	wg.StartWithChannel(processorStopCh, s.processor.run)
+	defer wg.Wait()                                         // Wait for Processor to stop
+	defer stopProcessor(errors.New("informer is stopping")) // Tell Processor to stop
+	// TODO: extend the MutationDetector interface so that it optionally
+	// has a RunWithContext method that we can use here.
+	wg.StartWithChannel(processorStopCtx.Done(), s.cacheMutationDetector.Run)
+	wg.StartWithContext(processorStopCtx, s.processor.run)
 
 	defer func() {
 		s.startedLock.Lock()
 		defer s.startedLock.Unlock()
 		s.stopped = true // Don't want any new listeners
 	}()
-	s.controller.Run(stopCh)
+	s.controller.RunWithContext(ctx)
 }
 
 func (s *sharedIndexInformer) HasStarted() bool {
@@ -558,19 +638,19 @@ func (s *sharedIndexInformer) GetController() Controller {
 }
 
 func (s *sharedIndexInformer) AddEventHandler(handler ResourceEventHandler) (ResourceEventHandlerRegistration, error) {
-	return s.AddEventHandlerWithResyncPeriod(handler, s.defaultEventHandlerResyncPeriod)
+	return s.AddEventHandlerWithOptions(handler, HandlerOptions{})
 }
 
-func determineResyncPeriod(desired, check time.Duration) time.Duration {
+func determineResyncPeriod(logger klog.Logger, desired, check time.Duration) time.Duration {
 	if desired == 0 {
 		return desired
 	}
 	if check == 0 {
-		klog.Warningf("The specified resyncPeriod %v is invalid because this shared informer doesn't support resyncing", desired)
+		logger.Info("Warning: the specified resyncPeriod is invalid because this shared informer doesn't support resyncing", "desired", desired)
 		return 0
 	}
 	if desired < check {
-		klog.Warningf("The specified resyncPeriod %v is being increased to the minimum resyncCheckPeriod %v", desired, check)
+		logger.Info("Warning: the specified resyncPeriod is being increased to the minimum resyncCheckPeriod", "desired", desired, "resyncCheckPeriod", check)
 		return check
 	}
 	return desired
@@ -579,6 +659,10 @@ func determineResyncPeriod(desired, check time.Duration) time.Duration {
 const minimumResyncPeriod = 1 * time.Second
 
 func (s *sharedIndexInformer) AddEventHandlerWithResyncPeriod(handler ResourceEventHandler, resyncPeriod time.Duration) (ResourceEventHandlerRegistration, error) {
+	return s.AddEventHandlerWithOptions(handler, HandlerOptions{ResyncPeriod: &resyncPeriod})
+}
+
+func (s *sharedIndexInformer) AddEventHandlerWithOptions(handler ResourceEventHandler, options HandlerOptions) (ResourceEventHandlerRegistration, error) {
 	s.startedLock.Lock()
 	defer s.startedLock.Unlock()
 
@@ -586,27 +670,30 @@ func (s *sharedIndexInformer) AddEventHandlerWithResyncPeriod(handler ResourceEv
 		return nil, fmt.Errorf("handler %v was not added to shared informer because it has stopped already", handler)
 	}
 
+	logger := ptr.Deref(options.Logger, klog.Background())
+	resyncPeriod := ptr.Deref(options.ResyncPeriod, s.defaultEventHandlerResyncPeriod)
 	if resyncPeriod > 0 {
 		if resyncPeriod < minimumResyncPeriod {
-			klog.Warningf("resyncPeriod %v is too small. Changing it to the minimum allowed value of %v", resyncPeriod, minimumResyncPeriod)
+			logger.Info("Warning: resync period is too small. Changing it to the minimum allowed value", "resyncPeriod", resyncPeriod, "minimumResyncPeriod", minimumResyncPeriod)
 			resyncPeriod = minimumResyncPeriod
 		}
 
 		if resyncPeriod < s.resyncCheckPeriod {
 			if s.started {
-				klog.Warningf("resyncPeriod %v is smaller than resyncCheckPeriod %v and the informer has already started. Changing it to %v", resyncPeriod, s.resyncCheckPeriod, s.resyncCheckPeriod)
+				logger.Info("Warning: resync period is smaller than resync check period and the informer has already started. Changing it to the resync check period", "resyncPeriod", resyncPeriod, "resyncCheckPeriod", s.resyncCheckPeriod)
+
 				resyncPeriod = s.resyncCheckPeriod
 			} else {
 				// if the event handler's resyncPeriod is smaller than the current resyncCheckPeriod, update
 				// resyncCheckPeriod to match resyncPeriod and adjust the resync periods of all the listeners
 				// accordingly
 				s.resyncCheckPeriod = resyncPeriod
-				s.processor.resyncCheckPeriodChanged(resyncPeriod)
+				s.processor.resyncCheckPeriodChanged(logger, resyncPeriod)
 			}
 		}
 	}
 
-	listener := newProcessListener(handler, resyncPeriod, determineResyncPeriod(resyncPeriod, s.resyncCheckPeriod), s.clock.Now(), initialBufferSize, s.HasSynced)
+	listener := newProcessListener(logger, handler, resyncPeriod, determineResyncPeriod(logger, resyncPeriod, s.resyncCheckPeriod), s.clock.Now(), initialBufferSize, s.HasSynced)
 
 	if !s.started {
 		return s.processor.addListener(listener), nil
@@ -648,7 +735,7 @@ func (s *sharedIndexInformer) HandleDeltas(obj interface{}, isInInitialList bool
 // Conforms to ResourceEventHandler
 func (s *sharedIndexInformer) OnAdd(obj interface{}, isInInitialList bool) {
 	// Invocation of this function is locked under s.blockDeltas, so it is
-	// save to distribute the notification
+	// safe to distribute the notification
 	s.cacheMutationDetector.AddObject(obj)
 	s.processor.distribute(addNotification{newObj: obj, isInInitialList: isInInitialList}, false)
 }
@@ -670,7 +757,7 @@ func (s *sharedIndexInformer) OnUpdate(old, new interface{}) {
 	}
 
 	// Invocation of this function is locked under s.blockDeltas, so it is
-	// save to distribute the notification
+	// safe to distribute the notification
 	s.cacheMutationDetector.AddObject(new)
 	s.processor.distribute(updateNotification{oldObj: old, newObj: new}, isSync)
 }
@@ -678,7 +765,7 @@ func (s *sharedIndexInformer) OnUpdate(old, new interface{}) {
 // Conforms to ResourceEventHandler
 func (s *sharedIndexInformer) OnDelete(old interface{}) {
 	// Invocation of this function is locked under s.blockDeltas, so it is
-	// save to distribute the notification
+	// safe to distribute the notification
 	s.processor.distribute(deleteNotification{oldObj: old}, false)
 }
 
@@ -794,7 +881,7 @@ func (p *sharedProcessor) distribute(obj interface{}, sync bool) {
 	}
 }
 
-func (p *sharedProcessor) run(stopCh <-chan struct{}) {
+func (p *sharedProcessor) run(ctx context.Context) {
 	func() {
 		p.listenersLock.RLock()
 		defer p.listenersLock.RUnlock()
@@ -804,7 +891,7 @@ func (p *sharedProcessor) run(stopCh <-chan struct{}) {
 		}
 		p.listenersStarted = true
 	}()
-	<-stopCh
+	<-ctx.Done()
 
 	p.listenersLock.Lock()
 	defer p.listenersLock.Unlock()
@@ -844,13 +931,13 @@ func (p *sharedProcessor) shouldResync() bool {
 	return resyncNeeded
 }
 
-func (p *sharedProcessor) resyncCheckPeriodChanged(resyncCheckPeriod time.Duration) {
+func (p *sharedProcessor) resyncCheckPeriodChanged(logger klog.Logger, resyncCheckPeriod time.Duration) {
 	p.listenersLock.RLock()
 	defer p.listenersLock.RUnlock()
 
 	for listener := range p.listeners {
 		resyncPeriod := determineResyncPeriod(
-			listener.requestedResyncPeriod, resyncCheckPeriod)
+			logger, listener.requestedResyncPeriod, resyncCheckPeriod)
 		listener.setResyncPeriod(resyncPeriod)
 	}
 }
@@ -867,6 +954,7 @@ func (p *sharedProcessor) resyncCheckPeriodChanged(resyncCheckPeriod time.Durati
 // processorListener also keeps track of the adjusted requested resync
 // period of the listener.
 type processorListener struct {
+	logger klog.Logger
 	nextCh chan interface{}
 	addCh  chan interface{}
 
@@ -910,8 +998,9 @@ func (p *processorListener) HasSynced() bool {
 	return p.syncTracker.HasSynced()
 }
 
-func newProcessListener(handler ResourceEventHandler, requestedResyncPeriod, resyncPeriod time.Duration, now time.Time, bufferSize int, hasSynced func() bool) *processorListener {
+func newProcessListener(logger klog.Logger, handler ResourceEventHandler, requestedResyncPeriod, resyncPeriod time.Duration, now time.Time, bufferSize int, hasSynced func() bool) *processorListener {
 	ret := &processorListener{
+		logger:                logger,
 		nextCh:                make(chan interface{}),
 		addCh:                 make(chan interface{}),
 		handler:               handler,
@@ -934,7 +1023,7 @@ func (p *processorListener) add(notification interface{}) {
 }
 
 func (p *processorListener) pop() {
-	defer utilruntime.HandleCrash()
+	defer utilruntime.HandleCrashWithLogger(p.logger)
 	defer close(p.nextCh) // Tell .run() to stop
 
 	var nextCh chan<- interface{}
@@ -966,11 +1055,21 @@ func (p *processorListener) pop() {
 func (p *processorListener) run() {
 	// this call blocks until the channel is closed.  When a panic happens during the notification
 	// we will catch it, **the offending item will be skipped!**, and after a short delay (one second)
-	// the next notification will be attempted.  This is usually better than the alternative of never
+	// the next notification will be attempted. This is usually better than the alternative of never
 	// delivering again.
-	stopCh := make(chan struct{})
-	wait.Until(func() {
-		for next := range p.nextCh {
+	//
+	// This only applies if utilruntime is configured to not panic, which is not the default.
+	sleepAfterCrash := false
+	for next := range p.nextCh {
+		if sleepAfterCrash {
+			// Sleep before processing the next item.
+			time.Sleep(time.Second)
+		}
+		func() {
+			// Gets reset below, but only if we get that far.
+			sleepAfterCrash = true
+			defer utilruntime.HandleCrashWithLogger(p.logger)
+
 			switch notification := next.(type) {
 			case updateNotification:
 				p.handler.OnUpdate(notification.oldObj, notification.newObj)
@@ -982,15 +1081,14 @@ func (p *processorListener) run() {
 			case deleteNotification:
 				p.handler.OnDelete(notification.oldObj)
 			default:
-				utilruntime.HandleError(fmt.Errorf("unrecognized notification: %T", next))
+				utilruntime.HandleErrorWithLogger(p.logger, nil, "unrecognized notification", "notificationType", fmt.Sprintf("%T", next))
 			}
-		}
-		// the only way to get here is if the p.nextCh is empty and closed
-		close(stopCh)
-	}, 1*time.Second, stopCh)
+			sleepAfterCrash = false
+		}()
+	}
 }
 
-// shouldResync deterimines if the listener needs a resync. If the listener's resyncPeriod is 0,
+// shouldResync determines if the listener needs a resync. If the listener's resyncPeriod is 0,
 // this always returns false.
 func (p *processorListener) shouldResync(now time.Time) bool {
 	p.resyncLock.Lock()
diff --git a/vendor/k8s.io/client-go/tools/cache/the_real_fifo.go b/vendor/k8s.io/client-go/tools/cache/the_real_fifo.go
new file mode 100644
index 0000000000..9be14ff381
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/cache/the_real_fifo.go
@@ -0,0 +1,407 @@
+/*
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cache
+
+import (
+	"fmt"
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	"k8s.io/apimachinery/pkg/util/sets"
+	utiltrace "k8s.io/utils/trace"
+	"sync"
+	"time"
+)
+
+// RealFIFO is a Queue in which every notification from the Reflector is passed
+// in order to the Queue via Pop.
+// This means that it
+// 1. delivers notifications for items that have been deleted
+// 2. delivers multiple notifications per item instead of simply the most recent value
+type RealFIFO struct {
+	lock sync.RWMutex
+	cond sync.Cond
+
+	items []Delta
+
+	// populated is true if the first batch of items inserted by Replace() has been populated
+	// or Delete/Add/Update was called first.
+	populated bool
+	// initialPopulationCount is the number of items inserted by the first call of Replace()
+	initialPopulationCount int
+
+	// keyFunc is used to make the key used for queued item insertion and retrieval, and
+	// should be deterministic.
+	keyFunc KeyFunc
+
+	// knownObjects list keys that are "known" --- affecting Delete(),
+	// Replace(), and Resync()
+	knownObjects KeyListerGetter
+
+	// Indication the queue is closed.
+	// Used to indicate a queue is closed so a control loop can exit when a queue is empty.
+	// Currently, not used to gate any of CRUD operations.
+	closed bool
+
+	// Called with every object if non-nil.
+	transformer TransformFunc
+}
+
+var (
+	_ = Queue(&RealFIFO{}) // RealFIFO is a Queue
+)
+
+// Close the queue.
+func (f *RealFIFO) Close() {
+	f.lock.Lock()
+	defer f.lock.Unlock()
+	f.closed = true
+	f.cond.Broadcast()
+}
+
+// KeyOf exposes f's keyFunc, but also detects the key of a Deltas object or
+// DeletedFinalStateUnknown objects.
+func (f *RealFIFO) keyOf(obj interface{}) (string, error) {
+	if d, ok := obj.(Deltas); ok {
+		if len(d) == 0 {
+			return "", KeyError{obj, ErrZeroLengthDeltasObject}
+		}
+		obj = d.Newest().Object
+	}
+	if d, ok := obj.(Delta); ok {
+		obj = d.Object
+	}
+	if d, ok := obj.(DeletedFinalStateUnknown); ok {
+		return d.Key, nil
+	}
+	return f.keyFunc(obj)
+}
+
+// HasSynced returns true if an Add/Update/Delete are called first,
+// or the first batch of items inserted by Replace() has been popped.
+func (f *RealFIFO) HasSynced() bool {
+	f.lock.Lock()
+	defer f.lock.Unlock()
+	return f.hasSynced_locked()
+}
+
+// ignoring lint to reduce delta to the original for review.  It's ok adjust later.
+//
+//lint:file-ignore ST1003: should not use underscores in Go names
+func (f *RealFIFO) hasSynced_locked() bool {
+	return f.populated && f.initialPopulationCount == 0
+}
+
+// addToItems_locked appends to the delta list.
+func (f *RealFIFO) addToItems_locked(deltaActionType DeltaType, skipTransform bool, obj interface{}) error {
+	// we must be able to read the keys in order to determine whether the knownObjcts and the items
+	// in this FIFO overlap
+	_, err := f.keyOf(obj)
+	if err != nil {
+		return KeyError{obj, err}
+	}
+
+	// Every object comes through this code path once, so this is a good
+	// place to call the transform func.
+	//
+	// If obj is a DeletedFinalStateUnknown tombstone or the action is a Sync,
+	// then the object have already gone through the transformer.
+	//
+	// If the objects already present in the cache are passed to Replace(),
+	// the transformer must be idempotent to avoid re-mutating them,
+	// or coordinate with all readers from the cache to avoid data races.
+	// Default informers do not pass existing objects to Replace.
+	if f.transformer != nil {
+		_, isTombstone := obj.(DeletedFinalStateUnknown)
+		if !isTombstone && !skipTransform {
+			var err error
+			obj, err = f.transformer(obj)
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	f.items = append(f.items, Delta{
+		Type:   deltaActionType,
+		Object: obj,
+	})
+	f.cond.Broadcast()
+
+	return nil
+}
+
+// Add inserts an item, and puts it in the queue. The item is only enqueued
+// if it doesn't already exist in the set.
+func (f *RealFIFO) Add(obj interface{}) error {
+	f.lock.Lock()
+	defer f.lock.Unlock()
+
+	f.populated = true
+	retErr := f.addToItems_locked(Added, false, obj)
+
+	return retErr
+}
+
+// Update is the same as Add in this implementation.
+func (f *RealFIFO) Update(obj interface{}) error {
+	f.lock.Lock()
+	defer f.lock.Unlock()
+
+	f.populated = true
+	retErr := f.addToItems_locked(Updated, false, obj)
+
+	return retErr
+}
+
+// Delete removes an item. It doesn't add it to the queue, because
+// this implementation assumes the consumer only cares about the objects,
+// not the order in which they were created/added.
+func (f *RealFIFO) Delete(obj interface{}) error {
+	f.lock.Lock()
+	defer f.lock.Unlock()
+
+	f.populated = true
+	retErr := f.addToItems_locked(Deleted, false, obj)
+
+	return retErr
+}
+
+// IsClosed checks if the queue is closed
+func (f *RealFIFO) IsClosed() bool {
+	f.lock.Lock()
+	defer f.lock.Unlock()
+	return f.closed
+}
+
+// Pop waits until an item is ready and processes it. If multiple items are
+// ready, they are returned in the order in which they were added/updated.
+// The item is removed from the queue (and the store) before it is processed.
+// process function is called under lock, so it is safe
+// update data structures in it that need to be in sync with the queue.
+func (f *RealFIFO) Pop(process PopProcessFunc) (interface{}, error) {
+	f.lock.Lock()
+	defer f.lock.Unlock()
+
+	for len(f.items) == 0 {
+		// When the queue is empty, invocation of Pop() is blocked until new item is enqueued.
+		// When Close() is called, the f.closed is set and the condition is broadcasted.
+		// Which causes this loop to continue and return from the Pop().
+		if f.closed {
+			return nil, ErrFIFOClosed
+		}
+
+		f.cond.Wait()
+	}
+
+	isInInitialList := !f.hasSynced_locked()
+	item := f.items[0]
+	// The underlying array still exists and references this object, so the object will not be garbage collected unless we zero the reference.
+	f.items[0] = Delta{}
+	f.items = f.items[1:]
+	if f.initialPopulationCount > 0 {
+		f.initialPopulationCount--
+	}
+
+	// Only log traces if the queue depth is greater than 10 and it takes more than
+	// 100 milliseconds to process one item from the queue.
+	// Queue depth never goes high because processing an item is locking the queue,
+	// and new items can't be added until processing finish.
+	// https://github.com/kubernetes/kubernetes/issues/103789
+	if len(f.items) > 10 {
+		id, _ := f.keyOf(item)
+		trace := utiltrace.New("RealFIFO Pop Process",
+			utiltrace.Field{Key: "ID", Value: id},
+			utiltrace.Field{Key: "Depth", Value: len(f.items)},
+			utiltrace.Field{Key: "Reason", Value: "slow event handlers blocking the queue"})
+		defer trace.LogIfLong(100 * time.Millisecond)
+	}
+
+	// we wrap in Deltas here to be compatible with preview Pop functions and those interpreting the return value.
+	err := process(Deltas{item}, isInInitialList)
+	return Deltas{item}, err
+}
+
+// Replace
+// 1. finds those items in f.items that are not in newItems and creates synthetic deletes for them
+// 2. finds items in knownObjects that are not in newItems and creates synthetic deletes for them
+// 3. adds the newItems to the queue
+func (f *RealFIFO) Replace(newItems []interface{}, resourceVersion string) error {
+	f.lock.Lock()
+	defer f.lock.Unlock()
+
+	// determine the keys of everything we're adding.  We cannot add the items until after the synthetic deletes have been
+	// created for items that don't existing in newItems
+	newKeys := sets.Set[string]{}
+	for _, obj := range newItems {
+		key, err := f.keyOf(obj)
+		if err != nil {
+			return KeyError{obj, err}
+		}
+		newKeys.Insert(key)
+	}
+
+	queuedItems := f.items
+	queuedKeys := []string{}
+	lastQueuedItemForKey := map[string]Delta{}
+	for _, queuedItem := range queuedItems {
+		queuedKey, err := f.keyOf(queuedItem.Object)
+		if err != nil {
+			return KeyError{queuedItem.Object, err}
+		}
+
+		if _, seen := lastQueuedItemForKey[queuedKey]; !seen {
+			queuedKeys = append(queuedKeys, queuedKey)
+		}
+		lastQueuedItemForKey[queuedKey] = queuedItem
+	}
+
+	// all the deletes already in the queue are important. There are two cases
+	// 1. queuedItems has delete for key/X and newItems has replace for key/X.  This means the queued UID was deleted and a new one was created.
+	// 2. queuedItems has a delete for key/X and newItems does NOT have key/X.  This means the queued item was deleted.
+	// Do deletion detection against objects in the queue.
+	for _, queuedKey := range queuedKeys {
+		if newKeys.Has(queuedKey) {
+			continue
+		}
+
+		// Delete pre-existing items not in the new list.
+		// This could happen if watch deletion event was missed while
+		// disconnected from apiserver.
+		lastQueuedItem := lastQueuedItemForKey[queuedKey]
+		// if we've already got the item marked as deleted, no need to add another delete
+		if lastQueuedItem.Type == Deleted {
+			continue
+		}
+
+		// if we got here, then the last entry we have for the queued item is *not* a deletion and we need to add a delete
+		deletedObj := lastQueuedItem.Object
+
+		retErr := f.addToItems_locked(Deleted, true, DeletedFinalStateUnknown{
+			Key: queuedKey,
+			Obj: deletedObj,
+		})
+		if retErr != nil {
+			return fmt.Errorf("couldn't enqueue object: %w", retErr)
+		}
+	}
+
+	// Detect deletions for objects not present in the queue, but present in KnownObjects
+	knownKeys := f.knownObjects.ListKeys()
+	for _, knownKey := range knownKeys {
+		if newKeys.Has(knownKey) { // still present
+			continue
+		}
+		if _, inQueuedItems := lastQueuedItemForKey[knownKey]; inQueuedItems { // already added delete for these
+			continue
+		}
+
+		deletedObj, exists, err := f.knownObjects.GetByKey(knownKey)
+		if err != nil {
+			deletedObj = nil
+			utilruntime.HandleError(fmt.Errorf("error during lookup, placing DeleteFinalStateUnknown marker without object: key=%q, err=%w", knownKey, err))
+		} else if !exists {
+			deletedObj = nil
+			utilruntime.HandleError(fmt.Errorf("key does not exist in known objects store, placing DeleteFinalStateUnknown marker without object: key=%q", knownKey))
+		}
+		retErr := f.addToItems_locked(Deleted, false, DeletedFinalStateUnknown{
+			Key: knownKey,
+			Obj: deletedObj,
+		})
+		if retErr != nil {
+			return fmt.Errorf("couldn't enqueue object: %w", retErr)
+		}
+	}
+
+	// now that we have the deletes we need for items, we can add the newItems to the items queue
+	for _, obj := range newItems {
+		retErr := f.addToItems_locked(Replaced, false, obj)
+		if retErr != nil {
+			return fmt.Errorf("couldn't enqueue object: %w", retErr)
+		}
+	}
+
+	if !f.populated {
+		f.populated = true
+		f.initialPopulationCount = len(f.items)
+	}
+
+	return nil
+}
+
+// Resync will ensure that every object in the Store has its key in the queue.
+// This should be a no-op, because that property is maintained by all operations.
+func (f *RealFIFO) Resync() error {
+	// TODO this cannot logically be done by the FIFO, it can only be done by the indexer
+	f.lock.Lock()
+	defer f.lock.Unlock()
+
+	if f.knownObjects == nil {
+		return nil
+	}
+
+	keysInQueue := sets.Set[string]{}
+	for _, item := range f.items {
+		key, err := f.keyOf(item.Object)
+		if err != nil {
+			return KeyError{item, err}
+		}
+		keysInQueue.Insert(key)
+	}
+
+	knownKeys := f.knownObjects.ListKeys()
+	for _, knownKey := range knownKeys {
+		// If we are doing Resync() and there is already an event queued for that object,
+		// we ignore the Resync for it. This is to avoid the race, in which the resync
+		// comes with the previous value of object (since queueing an event for the object
+		// doesn't trigger changing the underlying store <knownObjects>.
+		if keysInQueue.Has(knownKey) {
+			continue
+		}
+
+		knownObj, exists, err := f.knownObjects.GetByKey(knownKey)
+		if err != nil {
+			utilruntime.HandleError(fmt.Errorf("unable to queue object for sync: key=%q, err=%w", knownKey, err))
+			continue
+		} else if !exists {
+			utilruntime.HandleError(fmt.Errorf("key does not exist in known objects store, unable to queue object for sync: key=%q", knownKey))
+			continue
+		}
+
+		retErr := f.addToItems_locked(Sync, true, knownObj)
+		if retErr != nil {
+			return fmt.Errorf("couldn't queue object: %w", err)
+		}
+	}
+
+	return nil
+}
+
+// NewRealFIFO returns a Store which can be used to queue up items to
+// process.
+func NewRealFIFO(keyFunc KeyFunc, knownObjects KeyListerGetter, transformer TransformFunc) *RealFIFO {
+	if knownObjects == nil {
+		panic("coding error: knownObjects must be provided")
+	}
+
+	f := &RealFIFO{
+		items:        make([]Delta, 0, 10),
+		keyFunc:      keyFunc,
+		knownObjects: knownObjects,
+		transformer:  transformer,
+	}
+	f.cond.L = &f.lock
+	return f
+}
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/api/doc.go b/vendor/k8s.io/client-go/tools/clientcmd/api/doc.go
index fd913a3083..5871575a66 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/api/doc.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/api/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // +k8s:deepcopy-gen=package
 
-package api // import "k8s.io/client-go/tools/clientcmd/api"
+package api
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/api/v1/doc.go b/vendor/k8s.io/client-go/tools/clientcmd/api/v1/doc.go
index 9e483e9d75..3ccdebc1c3 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/api/v1/doc.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/api/v1/doc.go
@@ -18,4 +18,4 @@ limitations under the License.
 // +k8s:deepcopy-gen=package
 // +k8s:defaulter-gen=Kind
 
-package v1 // import "k8s.io/client-go/tools/clientcmd/api/v1"
+package v1
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/doc.go b/vendor/k8s.io/client-go/tools/clientcmd/doc.go
index 424311ee12..c07ace6a58 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/doc.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/doc.go
@@ -34,4 +34,4 @@ Sample usage from merged .kubeconfig files (local directory, home directory)
 	client, err := metav1.New(config)
 	// ...
 */
-package clientcmd // import "k8s.io/client-go/tools/clientcmd"
+package clientcmd
diff --git a/vendor/k8s.io/client-go/tools/leaderelection/leasecandidate.go b/vendor/k8s.io/client-go/tools/leaderelection/leasecandidate.go
index 6ccd4cfbee..9aaf779eaa 100644
--- a/vendor/k8s.io/client-go/tools/leaderelection/leasecandidate.go
+++ b/vendor/k8s.io/client-go/tools/leaderelection/leasecandidate.go
@@ -22,14 +22,14 @@ import (
 	"time"
 
 	v1 "k8s.io/api/coordination/v1"
-	v1alpha2 "k8s.io/api/coordination/v1alpha2"
+	v1beta1 "k8s.io/api/coordination/v1beta1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/fields"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/client-go/informers"
 	"k8s.io/client-go/kubernetes"
-	coordinationv1alpha2client "k8s.io/client-go/kubernetes/typed/coordination/v1alpha2"
+	coordinationv1beta1client "k8s.io/client-go/kubernetes/typed/coordination/v1beta1"
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/client-go/util/workqueue"
 	"k8s.io/klog/v2"
@@ -43,7 +43,7 @@ type CacheSyncWaiter interface {
 }
 
 type LeaseCandidate struct {
-	leaseClient            coordinationv1alpha2client.LeaseCandidateInterface
+	leaseClient            coordinationv1beta1client.LeaseCandidateInterface
 	leaseCandidateInformer cache.SharedIndexInformer
 	informerFactory        informers.SharedInformerFactory
 	hasSynced              cache.InformerSynced
@@ -84,10 +84,10 @@ func NewCandidate(clientset kubernetes.Interface,
 			options.FieldSelector = fieldSelector
 		}),
 	)
-	leaseCandidateInformer := informerFactory.Coordination().V1alpha2().LeaseCandidates().Informer()
+	leaseCandidateInformer := informerFactory.Coordination().V1beta1().LeaseCandidates().Informer()
 
 	lc := &LeaseCandidate{
-		leaseClient:            clientset.CoordinationV1alpha2().LeaseCandidates(candidateNamespace),
+		leaseClient:            clientset.CoordinationV1beta1().LeaseCandidates(candidateNamespace),
 		leaseCandidateInformer: leaseCandidateInformer,
 		informerFactory:        informerFactory,
 		name:                   candidateName,
@@ -102,7 +102,7 @@ func NewCandidate(clientset kubernetes.Interface,
 
 	h, err := leaseCandidateInformer.AddEventHandler(cache.ResourceEventHandlerFuncs{
 		UpdateFunc: func(oldObj, newObj interface{}) {
-			if leasecandidate, ok := newObj.(*v1alpha2.LeaseCandidate); ok {
+			if leasecandidate, ok := newObj.(*v1beta1.LeaseCandidate); ok {
 				if leasecandidate.Spec.PingTime != nil && leasecandidate.Spec.PingTime.After(leasecandidate.Spec.RenewTime.Time) {
 					lc.enqueueLease()
 				}
@@ -184,13 +184,13 @@ func (c *LeaseCandidate) ensureLease(ctx context.Context) error {
 	return nil
 }
 
-func (c *LeaseCandidate) newLeaseCandidate() *v1alpha2.LeaseCandidate {
-	lc := &v1alpha2.LeaseCandidate{
+func (c *LeaseCandidate) newLeaseCandidate() *v1beta1.LeaseCandidate {
+	lc := &v1beta1.LeaseCandidate{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      c.name,
 			Namespace: c.namespace,
 		},
-		Spec: v1alpha2.LeaseCandidateSpec{
+		Spec: v1beta1.LeaseCandidateSpec{
 			LeaseName:        c.leaseName,
 			BinaryVersion:    c.binaryVersion,
 			EmulationVersion: c.emulationVersion,
diff --git a/vendor/k8s.io/client-go/tools/record/doc.go b/vendor/k8s.io/client-go/tools/record/doc.go
index 33d5fe78ee..23a35758c1 100644
--- a/vendor/k8s.io/client-go/tools/record/doc.go
+++ b/vendor/k8s.io/client-go/tools/record/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
 
 // Package record has all client logic for recording and reporting
 // "k8s.io/api/core/v1".Event events.
-package record // import "k8s.io/client-go/tools/record"
+package record
diff --git a/vendor/k8s.io/client-go/tools/record/event.go b/vendor/k8s.io/client-go/tools/record/event.go
index 55947d2094..f97c5d612e 100644
--- a/vendor/k8s.io/client-go/tools/record/event.go
+++ b/vendor/k8s.io/client-go/tools/record/event.go
@@ -489,7 +489,7 @@ func (recorder *recorderImpl) makeEvent(ref *v1.ObjectReference, annotations map
 	}
 	return &v1.Event{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:        fmt.Sprintf("%v.%x", ref.Name, t.UnixNano()),
+			Name:        util.GenerateEventName(ref.Name, t.UnixNano()),
 			Namespace:   namespace,
 			Annotations: annotations,
 		},
diff --git a/vendor/k8s.io/client-go/tools/record/util/util.go b/vendor/k8s.io/client-go/tools/record/util/util.go
index afcc6a6a07..7a82db0cd2 100644
--- a/vendor/k8s.io/client-go/tools/record/util/util.go
+++ b/vendor/k8s.io/client-go/tools/record/util/util.go
@@ -17,10 +17,14 @@ limitations under the License.
 package util
 
 import (
+	"fmt"
 	"net/http"
 
+	"github.com/google/uuid"
+
 	v1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
+	apimachineryvalidation "k8s.io/apimachinery/pkg/api/validation"
 )
 
 // ValidateEventType checks that eventtype is an expected type of event
@@ -38,3 +42,16 @@ func IsKeyNotFoundError(err error) bool {
 
 	return statusErr != nil && statusErr.Status().Code == http.StatusNotFound
 }
+
+// GenerateEventName generates a valid Event name from the referenced name and the passed UNIX timestamp.
+// The referenced Object name may not be a valid name for Events and cause the Event to fail
+// to be created, so we need to generate a new one in that case.
+// Ref: https://issues.k8s.io/127594
+func GenerateEventName(refName string, unixNano int64) string {
+	name := fmt.Sprintf("%s.%x", refName, unixNano)
+	if errs := apimachineryvalidation.NameIsDNSSubdomain(name, false); len(errs) > 0 {
+		// Using an uuid guarantees uniqueness and correctness
+		name = uuid.New().String()
+	}
+	return name
+}
diff --git a/vendor/k8s.io/client-go/transport/cache.go b/vendor/k8s.io/client-go/transport/cache.go
index 7c7f1b330f..b8dd866119 100644
--- a/vendor/k8s.io/client-go/transport/cache.go
+++ b/vendor/k8s.io/client-go/transport/cache.go
@@ -28,6 +28,7 @@ import (
 	utilnet "k8s.io/apimachinery/pkg/util/net"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/client-go/tools/metrics"
+	"k8s.io/klog/v2"
 )
 
 // TlsTransportCache caches TLS http.RoundTrippers different configurations. The
@@ -116,10 +117,13 @@ func (c *tlsTransportCache) get(config *Config) (http.RoundTripper, error) {
 	// If we use are reloading files, we need to handle certificate rotation properly
 	// TODO(jackkleeman): We can also add rotation here when config.HasCertCallback() is true
 	if config.TLS.ReloadTLSFiles && tlsConfig != nil && tlsConfig.GetClientCertificate != nil {
-		dynamicCertDialer := certRotatingDialer(tlsConfig.GetClientCertificate, dial)
+		// The TLS cache is a singleton, so sharing the same name for all of its
+		// background activity seems okay.
+		logger := klog.Background().WithName("tls-transport-cache")
+		dynamicCertDialer := certRotatingDialer(logger, tlsConfig.GetClientCertificate, dial)
 		tlsConfig.GetClientCertificate = dynamicCertDialer.GetClientCertificate
 		dial = dynamicCertDialer.connDialer.DialContext
-		go dynamicCertDialer.Run(DialerStopCh)
+		go dynamicCertDialer.run(DialerStopCh)
 	}
 
 	proxy := http.ProxyFromEnvironment
diff --git a/vendor/k8s.io/client-go/transport/cert_rotation.go b/vendor/k8s.io/client-go/transport/cert_rotation.go
index e76f65812d..e343f42be4 100644
--- a/vendor/k8s.io/client-go/transport/cert_rotation.go
+++ b/vendor/k8s.io/client-go/transport/cert_rotation.go
@@ -19,7 +19,6 @@ package transport
 import (
 	"bytes"
 	"crypto/tls"
-	"fmt"
 	"reflect"
 	"sync"
 	"time"
@@ -40,6 +39,7 @@ var CertCallbackRefreshDuration = 5 * time.Minute
 type reloadFunc func(*tls.CertificateRequestInfo) (*tls.Certificate, error)
 
 type dynamicClientCert struct {
+	logger     klog.Logger
 	clientCert *tls.Certificate
 	certMtx    sync.RWMutex
 
@@ -50,8 +50,9 @@ type dynamicClientCert struct {
 	queue workqueue.TypedRateLimitingInterface[string]
 }
 
-func certRotatingDialer(reload reloadFunc, dial utilnet.DialFunc) *dynamicClientCert {
+func certRotatingDialer(logger klog.Logger, reload reloadFunc, dial utilnet.DialFunc) *dynamicClientCert {
 	d := &dynamicClientCert{
+		logger:     logger,
 		reload:     reload,
 		connDialer: connrotation.NewDialer(connrotation.DialFunc(dial)),
 		queue: workqueue.NewTypedRateLimitingQueueWithConfig(
@@ -88,7 +89,7 @@ func (c *dynamicClientCert) loadClientCert() (*tls.Certificate, error) {
 		return cert, nil
 	}
 
-	klog.V(1).Infof("certificate rotation detected, shutting down client connections to start using new credentials")
+	c.logger.V(1).Info("Certificate rotation detected, shutting down client connections to start using new credentials")
 	c.connDialer.CloseAll()
 
 	return cert, nil
@@ -133,12 +134,12 @@ func byteMatrixEqual(left, right [][]byte) bool {
 }
 
 // run starts the controller and blocks until stopCh is closed.
-func (c *dynamicClientCert) Run(stopCh <-chan struct{}) {
-	defer utilruntime.HandleCrash()
+func (c *dynamicClientCert) run(stopCh <-chan struct{}) {
+	defer utilruntime.HandleCrashWithLogger(c.logger)
 	defer c.queue.ShutDown()
 
-	klog.V(3).Infof("Starting client certificate rotation controller")
-	defer klog.V(3).Infof("Shutting down client certificate rotation controller")
+	c.logger.V(3).Info("Starting client certificate rotation controller")
+	defer c.logger.V(3).Info("Shutting down client certificate rotation controller")
 
 	go wait.Until(c.runWorker, time.Second, stopCh)
 
@@ -168,7 +169,7 @@ func (c *dynamicClientCert) processNextWorkItem() bool {
 		return true
 	}
 
-	utilruntime.HandleError(fmt.Errorf("%v failed with : %v", dsKey, err))
+	utilruntime.HandleErrorWithLogger(c.logger, err, "Loading client cert failed", "key", dsKey)
 	c.queue.AddRateLimited(dsKey)
 
 	return true
diff --git a/vendor/k8s.io/client-go/transport/round_trippers.go b/vendor/k8s.io/client-go/transport/round_trippers.go
index 52fefb5316..39fcebd941 100644
--- a/vendor/k8s.io/client-go/transport/round_trippers.go
+++ b/vendor/k8s.io/client-go/transport/round_trippers.go
@@ -21,10 +21,12 @@ import (
 	"fmt"
 	"net/http"
 	"net/http/httptrace"
+	"sort"
 	"strings"
 	"sync"
 	"time"
 
+	"github.com/go-logr/logr"
 	"golang.org/x/oauth2"
 
 	utilnet "k8s.io/apimachinery/pkg/util/net"
@@ -68,19 +70,16 @@ func HTTPWrappersForConfig(config *Config, rt http.RoundTripper) (http.RoundTrip
 	return rt, nil
 }
 
-// DebugWrappers wraps a round tripper and logs based on the current log level.
+// DebugWrappers potentially wraps a round tripper with a wrapper that logs
+// based on the log level in the context of each individual request.
+//
+// At the moment, wrapping depends on the global log verbosity and is done
+// if that verbosity is >= 6. This may change in the future.
 func DebugWrappers(rt http.RoundTripper) http.RoundTripper {
-	switch {
-	case bool(klog.V(9).Enabled()):
-		rt = NewDebuggingRoundTripper(rt, DebugCurlCommand, DebugURLTiming, DebugDetailedTiming, DebugResponseHeaders)
-	case bool(klog.V(8).Enabled()):
-		rt = NewDebuggingRoundTripper(rt, DebugJustURL, DebugRequestHeaders, DebugResponseStatus, DebugResponseHeaders)
-	case bool(klog.V(7).Enabled()):
-		rt = NewDebuggingRoundTripper(rt, DebugJustURL, DebugRequestHeaders, DebugResponseStatus)
-	case bool(klog.V(6).Enabled()):
-		rt = NewDebuggingRoundTripper(rt, DebugURLTiming)
+	//nolint:logcheck // The actual logging is done with a different logger, so only checking here is okay.
+	if klog.V(6).Enabled() {
+		rt = NewDebuggingRoundTripper(rt, DebugByContext)
 	}
-
 	return rt
 }
 
@@ -380,14 +379,17 @@ func (r *requestInfo) toCurl() string {
 		}
 	}
 
-	return fmt.Sprintf("curl -v -X%s %s '%s'", r.RequestVerb, headers, r.RequestURL)
+	// Newline at the end makes this look better in the text log output (the
+	// only usage of this method) because it becomes a multi-line string with
+	// no quoting.
+	return fmt.Sprintf("curl -v -X%s %s '%s'\n", r.RequestVerb, headers, r.RequestURL)
 }
 
 // debuggingRoundTripper will display information about the requests passing
 // through it based on what is configured
 type debuggingRoundTripper struct {
 	delegatedRoundTripper http.RoundTripper
-	levels                map[DebugLevel]bool
+	levels                int
 }
 
 var _ utilnet.RoundTripperWrapper = &debuggingRoundTripper{}
@@ -412,6 +414,26 @@ const (
 	DebugResponseHeaders
 	// DebugDetailedTiming will add to the debug output the duration of the HTTP requests events.
 	DebugDetailedTiming
+	// DebugByContext will add any of the above depending on the verbosity of the per-request logger obtained from the requests context.
+	//
+	// Can be combined in NewDebuggingRoundTripper with some of the other options, in which case the
+	// debug roundtripper will always log what is requested there plus the information that gets
+	// enabled by the context's log verbosity.
+	DebugByContext
+)
+
+// Different log levels include different sets of information.
+//
+// Not exported because the exact content of log messages is not part
+// of of the package API.
+const (
+	levelsV6 = (1 << DebugURLTiming)
+	// Logging *less* information for the response at level 7 compared to 6 replicates prior behavior:
+	//  https://github.com/kubernetes/kubernetes/blob/2b472fe4690c83a2b343995f88050b2a3e9ff0fa/staging/src/k8s.io/client-go/transport/round_trippers.go#L79
+	// Presumably that was done because verb and URL are already in the request log entry.
+	levelsV7 = (1 << DebugJustURL) | (1 << DebugRequestHeaders) | (1 << DebugResponseStatus)
+	levelsV8 = (1 << DebugJustURL) | (1 << DebugRequestHeaders) | (1 << DebugResponseStatus) | (1 << DebugResponseHeaders)
+	levelsV9 = (1 << DebugCurlCommand) | (1 << DebugURLTiming) | (1 << DebugDetailedTiming) | (1 << DebugResponseHeaders)
 )
 
 // NewDebuggingRoundTripper allows to display in the logs output debug information
@@ -419,10 +441,9 @@ const (
 func NewDebuggingRoundTripper(rt http.RoundTripper, levels ...DebugLevel) http.RoundTripper {
 	drt := &debuggingRoundTripper{
 		delegatedRoundTripper: rt,
-		levels:                make(map[DebugLevel]bool, len(levels)),
 	}
 	for _, v := range levels {
-		drt.levels[v] = true
+		drt.levels |= 1 << v
 	}
 	return drt
 }
@@ -464,27 +485,51 @@ func maskValue(key string, value string) string {
 }
 
 func (rt *debuggingRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
+	logger := klog.FromContext(req.Context())
+	levels := rt.levels
+
+	// When logging depends on the context, it uses the verbosity of the per-context logger
+	// and a hard-coded mapping of verbosity to debug details. Otherwise all messages
+	// are logged as V(0).
+	if levels&(1<<DebugByContext) != 0 {
+		if loggerV := logger.V(9); loggerV.Enabled() {
+			logger = loggerV
+			// The curl command replaces logging of the URL.
+			levels |= levelsV9
+		} else if loggerV := logger.V(8); loggerV.Enabled() {
+			logger = loggerV
+			levels |= levelsV8
+		} else if loggerV := logger.V(7); loggerV.Enabled() {
+			logger = loggerV
+			levels |= levelsV7
+		} else if loggerV := logger.V(6); loggerV.Enabled() {
+			logger = loggerV
+			levels |= levelsV6
+		}
+	}
+
 	reqInfo := newRequestInfo(req)
 
-	if rt.levels[DebugJustURL] {
-		klog.Infof("%s %s", reqInfo.RequestVerb, reqInfo.RequestURL)
+	kvs := make([]any, 0, 8) // Exactly large enough for all appends below.
+	if levels&(1<<DebugJustURL) != 0 {
+		kvs = append(kvs,
+			"verb", reqInfo.RequestVerb,
+			"url", reqInfo.RequestURL,
+		)
 	}
-	if rt.levels[DebugCurlCommand] {
-		klog.Infof("%s", reqInfo.toCurl())
+	if levels&(1<<DebugCurlCommand) != 0 {
+		kvs = append(kvs, "curlCommand", reqInfo.toCurl())
 	}
-	if rt.levels[DebugRequestHeaders] {
-		klog.Info("Request Headers:")
-		for key, values := range reqInfo.RequestHeaders {
-			for _, value := range values {
-				value = maskValue(key, value)
-				klog.Infof("    %s: %s", key, value)
-			}
-		}
+	if levels&(1<<DebugRequestHeaders) != 0 {
+		kvs = append(kvs, "headers", newHeadersMap(reqInfo.RequestHeaders))
+	}
+	if len(kvs) > 0 {
+		logger.Info("Request", kvs...)
 	}
 
 	startTime := time.Now()
 
-	if rt.levels[DebugDetailedTiming] {
+	if levels&(1<<DebugDetailedTiming) != 0 {
 		var getConn, dnsStart, dialStart, tlsStart, serverStart time.Time
 		var host string
 		trace := &httptrace.ClientTrace{
@@ -499,7 +544,7 @@ func (rt *debuggingRoundTripper) RoundTrip(req *http.Request) (*http.Response, e
 				reqInfo.muTrace.Lock()
 				defer reqInfo.muTrace.Unlock()
 				reqInfo.DNSLookup = time.Since(dnsStart)
-				klog.Infof("HTTP Trace: DNS Lookup for %s resolved to %v", host, info.Addrs)
+				logger.Info("HTTP Trace: DNS Lookup resolved", "host", host, "address", info.Addrs)
 			},
 			// Dial
 			ConnectStart: func(network, addr string) {
@@ -512,9 +557,9 @@ func (rt *debuggingRoundTripper) RoundTrip(req *http.Request) (*http.Response, e
 				defer reqInfo.muTrace.Unlock()
 				reqInfo.Dialing = time.Since(dialStart)
 				if err != nil {
-					klog.Infof("HTTP Trace: Dial to %s:%s failed: %v", network, addr, err)
+					logger.Info("HTTP Trace: Dial failed", "network", network, "address", addr, "err", err)
 				} else {
-					klog.Infof("HTTP Trace: Dial to %s:%s succeed", network, addr)
+					logger.Info("HTTP Trace: Dial succeed", "network", network, "address", addr)
 				}
 			},
 			// TLS
@@ -556,40 +601,83 @@ func (rt *debuggingRoundTripper) RoundTrip(req *http.Request) (*http.Response, e
 
 	reqInfo.complete(response, err)
 
-	if rt.levels[DebugURLTiming] {
-		klog.Infof("%s %s %s in %d milliseconds", reqInfo.RequestVerb, reqInfo.RequestURL, reqInfo.ResponseStatus, reqInfo.Duration.Nanoseconds()/int64(time.Millisecond))
+	kvs = make([]any, 0, 20) // Exactly large enough for all appends below.
+	if levels&(1<<DebugURLTiming) != 0 {
+		kvs = append(kvs, "verb", reqInfo.RequestVerb, "url", reqInfo.RequestURL)
+	}
+	if levels&(1<<DebugURLTiming|1<<DebugResponseStatus) != 0 {
+		kvs = append(kvs, "status", reqInfo.ResponseStatus)
+	}
+	if levels&(1<<DebugResponseHeaders) != 0 {
+		kvs = append(kvs, "headers", newHeadersMap(reqInfo.ResponseHeaders))
+	}
+	if levels&(1<<DebugURLTiming|1<<DebugDetailedTiming|1<<DebugResponseStatus) != 0 {
+		kvs = append(kvs, "milliseconds", reqInfo.Duration.Nanoseconds()/int64(time.Millisecond))
 	}
-	if rt.levels[DebugDetailedTiming] {
-		stats := ""
+	if levels&(1<<DebugDetailedTiming) != 0 {
 		if !reqInfo.ConnectionReused {
-			stats += fmt.Sprintf(`DNSLookup %d ms Dial %d ms TLSHandshake %d ms`,
-				reqInfo.DNSLookup.Nanoseconds()/int64(time.Millisecond),
-				reqInfo.Dialing.Nanoseconds()/int64(time.Millisecond),
-				reqInfo.TLSHandshake.Nanoseconds()/int64(time.Millisecond),
+			kvs = append(kvs,
+				"dnsLookupMilliseconds", reqInfo.DNSLookup.Nanoseconds()/int64(time.Millisecond),
+				"dialMilliseconds", reqInfo.Dialing.Nanoseconds()/int64(time.Millisecond),
+				"tlsHandshakeMilliseconds", reqInfo.TLSHandshake.Nanoseconds()/int64(time.Millisecond),
 			)
 		} else {
-			stats += fmt.Sprintf(`GetConnection %d ms`, reqInfo.GetConnection.Nanoseconds()/int64(time.Millisecond))
+			kvs = append(kvs, "getConnectionMilliseconds", reqInfo.GetConnection.Nanoseconds()/int64(time.Millisecond))
 		}
 		if reqInfo.ServerProcessing != 0 {
-			stats += fmt.Sprintf(` ServerProcessing %d ms`, reqInfo.ServerProcessing.Nanoseconds()/int64(time.Millisecond))
+			kvs = append(kvs, "serverProcessingMilliseconds", reqInfo.ServerProcessing.Nanoseconds()/int64(time.Millisecond))
 		}
-		stats += fmt.Sprintf(` Duration %d ms`, reqInfo.Duration.Nanoseconds()/int64(time.Millisecond))
-		klog.Infof("HTTP Statistics: %s", stats)
 	}
+	if len(kvs) > 0 {
+		logger.Info("Response", kvs...)
+	}
+
+	return response, err
+}
 
-	if rt.levels[DebugResponseStatus] {
-		klog.Infof("Response Status: %s in %d milliseconds", reqInfo.ResponseStatus, reqInfo.Duration.Nanoseconds()/int64(time.Millisecond))
+// headerMap formats headers sorted and across multiple lines with no quoting
+// when using string output and as JSON when using zapr.
+type headersMap http.Header
+
+// newHeadersMap masks all sensitive values. This has to be done before
+// passing the map to a logger because while in practice all loggers
+// either use String or MarshalLog, that is not guaranteed.
+func newHeadersMap(header http.Header) headersMap {
+	h := make(headersMap, len(header))
+	for key, values := range header {
+		maskedValues := make([]string, 0, len(values))
+		for _, value := range values {
+			maskedValues = append(maskedValues, maskValue(key, value))
+		}
+		h[key] = maskedValues
 	}
-	if rt.levels[DebugResponseHeaders] {
-		klog.Info("Response Headers:")
-		for key, values := range reqInfo.ResponseHeaders {
-			for _, value := range values {
-				klog.Infof("    %s: %s", key, value)
-			}
+	return h
+}
+
+var _ fmt.Stringer = headersMap{}
+var _ logr.Marshaler = headersMap{}
+
+func (h headersMap) String() string {
+	// The fixed size typically avoids memory allocations when it is large enough.
+	keys := make([]string, 0, 20)
+	for key := range h {
+		keys = append(keys, key)
+	}
+	sort.Strings(keys)
+	var buffer strings.Builder
+	for _, key := range keys {
+		for _, value := range h[key] {
+			_, _ = buffer.WriteString(key)
+			_, _ = buffer.WriteString(": ")
+			_, _ = buffer.WriteString(value)
+			_, _ = buffer.WriteString("\n")
 		}
 	}
+	return buffer.String()
+}
 
-	return response, err
+func (h headersMap) MarshalLog() any {
+	return map[string][]string(h)
 }
 
 func (rt *debuggingRoundTripper) WrappedRoundTripper() http.RoundTripper {
diff --git a/vendor/k8s.io/client-go/transport/token_source.go b/vendor/k8s.io/client-go/transport/token_source.go
index 8e312800f7..469dd81765 100644
--- a/vendor/k8s.io/client-go/transport/token_source.go
+++ b/vendor/k8s.io/client-go/transport/token_source.go
@@ -182,7 +182,10 @@ func (ts *cachingTokenSource) Token() (*oauth2.Token, error) {
 		if ts.tok == nil {
 			return nil, err
 		}
-		klog.Errorf("Unable to rotate token: %v", err)
+		// Not using a caller-provided logger isn't ideal, but impossible to fix
+		// without new APIs that go up all the way to HTTPWrappersForConfig.
+		// This is currently deemed not worth changing (too much effort, not enough benefit).
+		klog.TODO().Error(err, "Unable to rotate token")
 		return ts.tok, nil
 	}
 
diff --git a/vendor/k8s.io/client-go/transport/transport.go b/vendor/k8s.io/client-go/transport/transport.go
index 4770331a0e..8fdcc5700b 100644
--- a/vendor/k8s.io/client-go/transport/transport.go
+++ b/vendor/k8s.io/client-go/transport/transport.go
@@ -353,7 +353,7 @@ func tryCancelRequest(rt http.RoundTripper, req *http.Request) {
 	case utilnet.RoundTripperWrapper:
 		tryCancelRequest(rt.WrappedRoundTripper(), req)
 	default:
-		klog.Warningf("Unable to cancel request for %T", rt)
+		klog.FromContext(req.Context()).Info("Warning: unable to cancel request", "roundTripperType", fmt.Sprintf("%T", rt))
 	}
 }
 
diff --git a/vendor/k8s.io/client-go/util/cert/cert.go b/vendor/k8s.io/client-go/util/cert/cert.go
index 91e171271a..1220461264 100644
--- a/vendor/k8s.io/client-go/util/cert/cert.go
+++ b/vendor/k8s.io/client-go/util/cert/cert.go
@@ -90,11 +90,37 @@ func NewSelfSignedCACert(cfg Config, key crypto.Signer) (*x509.Certificate, erro
 	return x509.ParseCertificate(certDERBytes)
 }
 
+// SelfSignedCertKeyOptions contains configuration parameters for generating self-signed certificates.
+type SelfSignedCertKeyOptions struct {
+	// Host is required, and identifies the host of the serving certificate. Can be a DNS name or IP address.
+	Host string
+	// AlternateIPs is optional, and identifies additional IPs the serving certificate should be valid for.
+	AlternateIPs []net.IP
+	// AlternateDNS is optional, and identifies additional DNS names the serving certificate should be valid for.
+	AlternateDNS []string
+
+	// MaxAge controls the duration of the issued certificate.
+	// Defaults to 1 year if unset.
+	// Ignored if FixtureDirectory is set.
+	MaxAge time.Duration
+
+	// FixtureDirectory is intended for use in tests.
+	// If non-empty, it is a directory path which can contain pre-generated certs. The format is:
+	// <host>_<ip>-<ip>_<alternateDNS>-<alternateDNS>.crt
+	// <host>_<ip>-<ip>_<alternateDNS>-<alternateDNS>.key
+	// Certs/keys not existing in that directory are created with a duration of 100 years.
+	FixtureDirectory string
+}
+
 // GenerateSelfSignedCertKey creates a self-signed certificate and key for the given host.
 // Host may be an IP or a DNS name
 // You may also specify additional subject alt names (either ip or dns names) for the certificate.
 func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS []string) ([]byte, []byte, error) {
-	return GenerateSelfSignedCertKeyWithFixtures(host, alternateIPs, alternateDNS, "")
+	return GenerateSelfSignedCertKeyWithOptions(SelfSignedCertKeyOptions{
+		Host:         host,
+		AlternateIPs: alternateIPs,
+		AlternateDNS: alternateDNS,
+	})
 }
 
 // GenerateSelfSignedCertKeyWithFixtures creates a self-signed certificate and key for the given host.
@@ -106,8 +132,26 @@ func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS
 // <host>_<ip>-<ip>_<alternateDNS>-<alternateDNS>.key
 // Certs/keys not existing in that directory are created.
 func GenerateSelfSignedCertKeyWithFixtures(host string, alternateIPs []net.IP, alternateDNS []string, fixtureDirectory string) ([]byte, []byte, error) {
+	return GenerateSelfSignedCertKeyWithOptions(SelfSignedCertKeyOptions{
+		Host:             host,
+		AlternateIPs:     alternateIPs,
+		AlternateDNS:     alternateDNS,
+		FixtureDirectory: fixtureDirectory,
+	})
+}
+
+// GenerateSelfSignedCertKeyWithOptions generates a self-signed certificate and key based on the provided options.
+func GenerateSelfSignedCertKeyWithOptions(opts SelfSignedCertKeyOptions) ([]byte, []byte, error) {
+	host := opts.Host
+	alternateIPs := opts.AlternateIPs
+	alternateDNS := opts.AlternateDNS
+	fixtureDirectory := opts.FixtureDirectory
+	maxAge := opts.MaxAge
+	if maxAge == 0 {
+		maxAge = 365 * 24 * time.Hour
+	}
+
 	validFrom := time.Now().Add(-time.Hour) // valid an hour earlier to avoid flakes due to clock skew
-	maxAge := time.Hour * 24 * 365          // one year self-signed certs
 
 	baseName := fmt.Sprintf("%s_%s_%s", host, strings.Join(ipsToStrings(alternateIPs), "-"), strings.Join(alternateDNS, "-"))
 	certFixturePath := filepath.Join(fixtureDirectory, baseName+".crt")
diff --git a/vendor/k8s.io/client-go/util/consistencydetector/data_consistency_detector.go b/vendor/k8s.io/client-go/util/consistencydetector/data_consistency_detector.go
index b33d08032f..72a871d434 100644
--- a/vendor/k8s.io/client-go/util/consistencydetector/data_consistency_detector.go
+++ b/vendor/k8s.io/client-go/util/consistencydetector/data_consistency_detector.go
@@ -22,7 +22,7 @@ import (
 	"sort"
 	"time"
 
-	"github.com/google/go-cmp/cmp"
+	"github.com/google/go-cmp/cmp" //nolint:depguard
 
 	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
diff --git a/vendor/k8s.io/client-go/util/flowcontrol/backoff.go b/vendor/k8s.io/client-go/util/flowcontrol/backoff.go
index 899b8e34ef..7cb46717c2 100644
--- a/vendor/k8s.io/client-go/util/flowcontrol/backoff.go
+++ b/vendor/k8s.io/client-go/util/flowcontrol/backoff.go
@@ -22,7 +22,6 @@ import (
 	"time"
 
 	"k8s.io/utils/clock"
-	testingclock "k8s.io/utils/clock/testing"
 )
 
 type backoffEntry struct {
@@ -49,7 +48,7 @@ type Backoff struct {
 	maxJitterFactor float64
 }
 
-func NewFakeBackOff(initial, max time.Duration, tc *testingclock.FakeClock) *Backoff {
+func NewFakeBackOff(initial, max time.Duration, tc clock.Clock) *Backoff {
 	return newBackoff(tc, initial, max, 0.0)
 }
 
@@ -57,7 +56,7 @@ func NewBackOff(initial, max time.Duration) *Backoff {
 	return NewBackOffWithJitter(initial, max, 0.0)
 }
 
-func NewFakeBackOffWithJitter(initial, max time.Duration, tc *testingclock.FakeClock, maxJitterFactor float64) *Backoff {
+func NewFakeBackOffWithJitter(initial, max time.Duration, tc clock.Clock, maxJitterFactor float64) *Backoff {
 	return newBackoff(tc, initial, max, maxJitterFactor)
 }
 
diff --git a/vendor/k8s.io/client-go/util/jsonpath/doc.go b/vendor/k8s.io/client-go/util/jsonpath/doc.go
index 0effb15c41..2a6e170617 100644
--- a/vendor/k8s.io/client-go/util/jsonpath/doc.go
+++ b/vendor/k8s.io/client-go/util/jsonpath/doc.go
@@ -17,4 +17,4 @@ limitations under the License.
 // package jsonpath is a template engine using jsonpath syntax,
 // which can be seen at http://goessner.net/articles/JsonPath/.
 // In addition, it has {range} {end} function to iterate list and slice.
-package jsonpath // import "k8s.io/client-go/util/jsonpath"
+package jsonpath
diff --git a/vendor/k8s.io/client-go/util/workqueue/delaying_queue.go b/vendor/k8s.io/client-go/util/workqueue/delaying_queue.go
index e33a6c6929..da444f4fb3 100644
--- a/vendor/k8s.io/client-go/util/workqueue/delaying_queue.go
+++ b/vendor/k8s.io/client-go/util/workqueue/delaying_queue.go
@@ -22,6 +22,7 @@ import (
 	"time"
 
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	"k8s.io/klog/v2"
 	"k8s.io/utils/clock"
 )
 
@@ -46,6 +47,10 @@ type DelayingQueueConfig = TypedDelayingQueueConfig[any]
 
 // TypedDelayingQueueConfig specifies optional configurations to customize a DelayingInterface.
 type TypedDelayingQueueConfig[T comparable] struct {
+	// An optional logger. The name of the queue does *not* get added to it, this should
+	// be done by the caller if desired.
+	Logger *klog.Logger
+
 	// Name for the queue. If unnamed, the metrics will not be registered.
 	Name string
 
@@ -94,6 +99,10 @@ func TypedNewDelayingQueue[T comparable]() TypedDelayingInterface[T] {
 // NewTypedDelayingQueueWithConfig constructs a new workqueue with options to
 // customize different properties.
 func NewTypedDelayingQueueWithConfig[T comparable](config TypedDelayingQueueConfig[T]) TypedDelayingInterface[T] {
+	logger := klog.Background()
+	if config.Logger != nil {
+		logger = *config.Logger
+	}
 	if config.Clock == nil {
 		config.Clock = clock.RealClock{}
 	}
@@ -106,7 +115,7 @@ func NewTypedDelayingQueueWithConfig[T comparable](config TypedDelayingQueueConf
 		})
 	}
 
-	return newDelayingQueue(config.Clock, config.Queue, config.Name, config.MetricsProvider)
+	return newDelayingQueue(logger, config.Clock, config.Queue, config.Name, config.MetricsProvider)
 }
 
 // NewDelayingQueueWithCustomQueue constructs a new workqueue with ability to
@@ -135,7 +144,7 @@ func NewDelayingQueueWithCustomClock(clock clock.WithTicker, name string) Delayi
 	})
 }
 
-func newDelayingQueue[T comparable](clock clock.WithTicker, q TypedInterface[T], name string, provider MetricsProvider) *delayingType[T] {
+func newDelayingQueue[T comparable](logger klog.Logger, clock clock.WithTicker, q TypedInterface[T], name string, provider MetricsProvider) *delayingType[T] {
 	ret := &delayingType[T]{
 		TypedInterface:  q,
 		clock:           clock,
@@ -145,7 +154,7 @@ func newDelayingQueue[T comparable](clock clock.WithTicker, q TypedInterface[T],
 		metrics:         newRetryMetrics(name, provider),
 	}
 
-	go ret.waitingLoop()
+	go ret.waitingLoop(logger)
 	return ret
 }
 
@@ -264,8 +273,8 @@ func (q *delayingType[T]) AddAfter(item T, duration time.Duration) {
 const maxWait = 10 * time.Second
 
 // waitingLoop runs until the workqueue is shutdown and keeps a check on the list of items to be added.
-func (q *delayingType[T]) waitingLoop() {
-	defer utilruntime.HandleCrash()
+func (q *delayingType[T]) waitingLoop(logger klog.Logger) {
+	defer utilruntime.HandleCrashWithLogger(logger)
 
 	// Make a placeholder channel to use when there are no items in our list
 	never := make(<-chan time.Time)
diff --git a/vendor/k8s.io/client-go/util/workqueue/doc.go b/vendor/k8s.io/client-go/util/workqueue/doc.go
index 8555aa95fe..a76d830ede 100644
--- a/vendor/k8s.io/client-go/util/workqueue/doc.go
+++ b/vendor/k8s.io/client-go/util/workqueue/doc.go
@@ -23,4 +23,4 @@ limitations under the License.
 //   - Multiple consumers and producers. In particular, it is allowed for an
 //     item to be reenqueued while it is being processed.
 //   - Shutdown notifications.
-package workqueue // import "k8s.io/client-go/util/workqueue"
+package workqueue
diff --git a/vendor/k8s.io/client-go/util/workqueue/parallelizer.go b/vendor/k8s.io/client-go/util/workqueue/parallelizer.go
index 366bf20a31..9f986a25a4 100644
--- a/vendor/k8s.io/client-go/util/workqueue/parallelizer.go
+++ b/vendor/k8s.io/client-go/util/workqueue/parallelizer.go
@@ -74,7 +74,7 @@ func ParallelizeUntil(ctx context.Context, workers, pieces int, doWorkPiece DoWo
 	wg.Add(workers)
 	for i := 0; i < workers; i++ {
 		go func() {
-			defer utilruntime.HandleCrash()
+			defer utilruntime.HandleCrashWithContext(ctx)
 			defer wg.Done()
 			for chunk := range toProcess {
 				start := chunk * chunkSize
diff --git a/vendor/k8s.io/kube-openapi/pkg/spec3/fuzz.go b/vendor/k8s.io/kube-openapi/pkg/spec3/fuzz.go
index 08b6246ceb..25e4fd09eb 100644
--- a/vendor/k8s.io/kube-openapi/pkg/spec3/fuzz.go
+++ b/vendor/k8s.io/kube-openapi/pkg/spec3/fuzz.go
@@ -4,7 +4,7 @@ import (
 	"math/rand"
 	"strings"
 
-	fuzz "github.com/google/gofuzz"
+	"sigs.k8s.io/randfill"
 
 	"k8s.io/kube-openapi/pkg/validation/spec"
 )
@@ -25,15 +25,15 @@ func randAlphanumString() string {
 }
 
 var OpenAPIV3FuzzFuncs []interface{} = []interface{}{
-	func(s *string, c fuzz.Continue) {
+	func(s *string, c randfill.Continue) {
 		// All OpenAPI V3 map keys must follow the corresponding
 		// regex. Note that this restricts the range for all other
 		// string values as well.
 		str := randAlphanumString()
 		*s = str
 	},
-	func(o *OpenAPI, c fuzz.Continue) {
-		c.FuzzNoCustom(o)
+	func(o *OpenAPI, c randfill.Continue) {
+		c.FillNoCustom(o)
 		o.Version = "3.0.0"
 		for i, val := range o.SecurityRequirement {
 			if val == nil {
@@ -48,45 +48,45 @@ var OpenAPIV3FuzzFuncs []interface{} = []interface{}{
 		}
 
 	},
-	func(r *interface{}, c fuzz.Continue) {
+	func(r *interface{}, c randfill.Continue) {
 		switch c.Intn(3) {
 		case 0:
 			*r = nil
 		case 1:
-			n := c.RandString() + "x"
+			n := c.String(0) + "x"
 			*r = n
 		case 2:
 			n := c.Float64()
 			*r = n
 		}
 	},
-	func(v **spec.Info, c fuzz.Continue) {
+	func(v **spec.Info, c randfill.Continue) {
 		// Info is never nil
 		*v = &spec.Info{}
-		c.FuzzNoCustom(*v)
-		(*v).Title = c.RandString() + "x"
+		c.FillNoCustom(*v)
+		(*v).Title = c.String(0) + "x"
 	},
-	func(v *Paths, c fuzz.Continue) {
-		c.Fuzz(&v.VendorExtensible)
+	func(v *Paths, c randfill.Continue) {
+		c.Fill(&v.VendorExtensible)
 		num := c.Intn(5)
 		if num > 0 {
 			v.Paths = make(map[string]*Path)
 		}
 		for i := 0; i < num; i++ {
 			val := Path{}
-			c.Fuzz(&val)
-			v.Paths["/"+c.RandString()] = &val
+			c.Fill(&val)
+			v.Paths["/"+c.String(0)] = &val
 		}
 	},
-	func(v *SecurityScheme, c fuzz.Continue) {
+	func(v *SecurityScheme, c randfill.Continue) {
 		if c.Intn(refChance) == 0 {
-			c.Fuzz(&v.Refable)
+			c.Fill(&v.Refable)
 			return
 		}
 		switch c.Intn(4) {
 		case 0:
 			v.Type = "apiKey"
-			v.Name = c.RandString() + "x"
+			v.Name = c.String(0) + "x"
 			switch c.Intn(3) {
 			case 0:
 				v.In = "query"
@@ -101,17 +101,17 @@ var OpenAPIV3FuzzFuncs []interface{} = []interface{}{
 			v.Type = "oauth2"
 			v.Flows = make(map[string]*OAuthFlow)
 			flow := OAuthFlow{}
-			flow.AuthorizationUrl = c.RandString() + "x"
+			flow.AuthorizationUrl = c.String(0) + "x"
 			v.Flows["implicit"] = &flow
 			flow.Scopes = make(map[string]string)
 			flow.Scopes["foo"] = "bar"
 		case 3:
 			v.Type = "openIdConnect"
-			v.OpenIdConnectUrl = "https://" + c.RandString()
+			v.OpenIdConnectUrl = "https://" + c.String(0)
 		}
 		v.Scheme = "basic"
 	},
-	func(v *spec.Ref, c fuzz.Continue) {
+	func(v *spec.Ref, c randfill.Continue) {
 		switch c.Intn(7) {
 		case 0:
 			*v = spec.MustCreateRef("#/components/schemas/" + randAlphanumString())
@@ -127,13 +127,13 @@ var OpenAPIV3FuzzFuncs []interface{} = []interface{}{
 			*v = spec.MustCreateRef("#/components/requestBodies/" + randAlphanumString())
 		}
 	},
-	func(v *Parameter, c fuzz.Continue) {
+	func(v *Parameter, c randfill.Continue) {
 		if c.Intn(refChance) == 0 {
-			c.Fuzz(&v.Refable)
+			c.Fill(&v.Refable)
 			return
 		}
-		c.Fuzz(&v.ParameterProps)
-		c.Fuzz(&v.VendorExtensible)
+		c.Fill(&v.ParameterProps)
+		c.Fill(&v.VendorExtensible)
 
 		switch c.Intn(3) {
 		case 0:
@@ -145,44 +145,44 @@ var OpenAPIV3FuzzFuncs []interface{} = []interface{}{
 			v.In = "cookie"
 		}
 	},
-	func(v *RequestBody, c fuzz.Continue) {
+	func(v *RequestBody, c randfill.Continue) {
 		if c.Intn(refChance) == 0 {
-			c.Fuzz(&v.Refable)
+			c.Fill(&v.Refable)
 			return
 		}
-		c.Fuzz(&v.RequestBodyProps)
-		c.Fuzz(&v.VendorExtensible)
+		c.Fill(&v.RequestBodyProps)
+		c.Fill(&v.VendorExtensible)
 	},
-	func(v *Header, c fuzz.Continue) {
+	func(v *Header, c randfill.Continue) {
 		if c.Intn(refChance) == 0 {
-			c.Fuzz(&v.Refable)
+			c.Fill(&v.Refable)
 			return
 		}
-		c.Fuzz(&v.HeaderProps)
-		c.Fuzz(&v.VendorExtensible)
+		c.Fill(&v.HeaderProps)
+		c.Fill(&v.VendorExtensible)
 	},
-	func(v *ResponsesProps, c fuzz.Continue) {
-		c.Fuzz(&v.Default)
+	func(v *ResponsesProps, c randfill.Continue) {
+		c.Fill(&v.Default)
 		n := c.Intn(5)
 		for i := 0; i < n; i++ {
 			r2 := Response{}
-			c.Fuzz(&r2)
+			c.Fill(&r2)
 			// HTTP Status code in 100-599 Range
 			code := c.Intn(500) + 100
 			v.StatusCodeResponses = make(map[int]*Response)
 			v.StatusCodeResponses[code] = &r2
 		}
 	},
-	func(v *Response, c fuzz.Continue) {
+	func(v *Response, c randfill.Continue) {
 		if c.Intn(refChance) == 0 {
-			c.Fuzz(&v.Refable)
+			c.Fill(&v.Refable)
 			return
 		}
-		c.Fuzz(&v.ResponseProps)
-		c.Fuzz(&v.VendorExtensible)
+		c.Fill(&v.ResponseProps)
+		c.Fill(&v.VendorExtensible)
 	},
-	func(v *Operation, c fuzz.Continue) {
-		c.FuzzNoCustom(v)
+	func(v *Operation, c randfill.Continue) {
+		c.FillNoCustom(v)
 		// Do not fuzz null values into the array.
 		for i, val := range v.SecurityRequirement {
 			if val == nil {
@@ -196,85 +196,85 @@ var OpenAPIV3FuzzFuncs []interface{} = []interface{}{
 			}
 		}
 	},
-	func(v *spec.Extensions, c fuzz.Continue) {
+	func(v *spec.Extensions, c randfill.Continue) {
 		numChildren := c.Intn(5)
 		for i := 0; i < numChildren; i++ {
 			if *v == nil {
 				*v = spec.Extensions{}
 			}
-			(*v)["x-"+c.RandString()] = c.RandString()
+			(*v)["x-"+c.String(0)] = c.String(0)
 		}
 	},
-	func(v *spec.ExternalDocumentation, c fuzz.Continue) {
-		c.Fuzz(&v.Description)
+	func(v *spec.ExternalDocumentation, c randfill.Continue) {
+		c.Fill(&v.Description)
 		v.URL = "https://" + randAlphanumString()
 	},
-	func(v *spec.SchemaURL, c fuzz.Continue) {
+	func(v *spec.SchemaURL, c randfill.Continue) {
 		*v = spec.SchemaURL("https://" + randAlphanumString())
 	},
-	func(v *spec.SchemaOrBool, c fuzz.Continue) {
+	func(v *spec.SchemaOrBool, c randfill.Continue) {
 		*v = spec.SchemaOrBool{}
 
-		if c.RandBool() {
-			v.Allows = c.RandBool()
+		if c.Bool() {
+			v.Allows = c.Bool()
 		} else {
 			v.Schema = &spec.Schema{}
 			v.Allows = true
-			c.Fuzz(&v.Schema)
+			c.Fill(&v.Schema)
 		}
 	},
-	func(v *spec.SchemaOrArray, c fuzz.Continue) {
+	func(v *spec.SchemaOrArray, c randfill.Continue) {
 		*v = spec.SchemaOrArray{}
-		if c.RandBool() {
+		if c.Bool() {
 			schema := spec.Schema{}
-			c.Fuzz(&schema)
+			c.Fill(&schema)
 			v.Schema = &schema
 		} else {
 			v.Schemas = []spec.Schema{}
 			numChildren := c.Intn(5)
 			for i := 0; i < numChildren; i++ {
 				schema := spec.Schema{}
-				c.Fuzz(&schema)
+				c.Fill(&schema)
 				v.Schemas = append(v.Schemas, schema)
 			}
 
 		}
 
 	},
-	func(v *spec.SchemaOrStringArray, c fuzz.Continue) {
-		if c.RandBool() {
+	func(v *spec.SchemaOrStringArray, c randfill.Continue) {
+		if c.Bool() {
 			*v = spec.SchemaOrStringArray{}
-			if c.RandBool() {
-				c.Fuzz(&v.Property)
+			if c.Bool() {
+				c.Fill(&v.Property)
 			} else {
-				c.Fuzz(&v.Schema)
+				c.Fill(&v.Schema)
 			}
 		}
 	},
-	func(v *spec.Schema, c fuzz.Continue) {
+	func(v *spec.Schema, c randfill.Continue) {
 		if c.Intn(refChance) == 0 {
-			c.Fuzz(&v.Ref)
+			c.Fill(&v.Ref)
 			return
 		}
-		if c.RandBool() {
+		if c.Bool() {
 			// file schema
-			c.Fuzz(&v.Default)
-			c.Fuzz(&v.Description)
-			c.Fuzz(&v.Example)
-			c.Fuzz(&v.ExternalDocs)
+			c.Fill(&v.Default)
+			c.Fill(&v.Description)
+			c.Fill(&v.Example)
+			c.Fill(&v.ExternalDocs)
 
-			c.Fuzz(&v.Format)
-			c.Fuzz(&v.ReadOnly)
-			c.Fuzz(&v.Required)
-			c.Fuzz(&v.Title)
+			c.Fill(&v.Format)
+			c.Fill(&v.ReadOnly)
+			c.Fill(&v.Required)
+			c.Fill(&v.Title)
 			v.Type = spec.StringOrArray{"file"}
 
 		} else {
 			// normal schema
-			c.Fuzz(&v.SchemaProps)
-			c.Fuzz(&v.SwaggerSchemaProps)
-			c.Fuzz(&v.VendorExtensible)
-			c.Fuzz(&v.ExtraProps)
+			c.Fill(&v.SchemaProps)
+			c.Fill(&v.SwaggerSchemaProps)
+			c.Fill(&v.VendorExtensible)
+			c.Fill(&v.ExtraProps)
 		}
 
 	},
diff --git a/vendor/k8s.io/utils/clock/testing/fake_clock.go b/vendor/k8s.io/utils/clock/testing/fake_clock.go
deleted file mode 100644
index 462c40c2c8..0000000000
--- a/vendor/k8s.io/utils/clock/testing/fake_clock.go
+++ /dev/null
@@ -1,362 +0,0 @@
-/*
-Copyright 2014 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package testing
-
-import (
-	"sync"
-	"time"
-
-	"k8s.io/utils/clock"
-)
-
-var (
-	_ = clock.PassiveClock(&FakePassiveClock{})
-	_ = clock.WithTicker(&FakeClock{})
-	_ = clock.Clock(&IntervalClock{})
-)
-
-// FakePassiveClock implements PassiveClock, but returns an arbitrary time.
-type FakePassiveClock struct {
-	lock sync.RWMutex
-	time time.Time
-}
-
-// FakeClock implements clock.Clock, but returns an arbitrary time.
-type FakeClock struct {
-	FakePassiveClock
-
-	// waiters are waiting for the fake time to pass their specified time
-	waiters []*fakeClockWaiter
-}
-
-type fakeClockWaiter struct {
-	targetTime    time.Time
-	stepInterval  time.Duration
-	skipIfBlocked bool
-	destChan      chan time.Time
-	afterFunc     func()
-}
-
-// NewFakePassiveClock returns a new FakePassiveClock.
-func NewFakePassiveClock(t time.Time) *FakePassiveClock {
-	return &FakePassiveClock{
-		time: t,
-	}
-}
-
-// NewFakeClock constructs a fake clock set to the provided time.
-func NewFakeClock(t time.Time) *FakeClock {
-	return &FakeClock{
-		FakePassiveClock: *NewFakePassiveClock(t),
-	}
-}
-
-// Now returns f's time.
-func (f *FakePassiveClock) Now() time.Time {
-	f.lock.RLock()
-	defer f.lock.RUnlock()
-	return f.time
-}
-
-// Since returns time since the time in f.
-func (f *FakePassiveClock) Since(ts time.Time) time.Duration {
-	f.lock.RLock()
-	defer f.lock.RUnlock()
-	return f.time.Sub(ts)
-}
-
-// SetTime sets the time on the FakePassiveClock.
-func (f *FakePassiveClock) SetTime(t time.Time) {
-	f.lock.Lock()
-	defer f.lock.Unlock()
-	f.time = t
-}
-
-// After is the fake version of time.After(d).
-func (f *FakeClock) After(d time.Duration) <-chan time.Time {
-	f.lock.Lock()
-	defer f.lock.Unlock()
-	stopTime := f.time.Add(d)
-	ch := make(chan time.Time, 1) // Don't block!
-	f.waiters = append(f.waiters, &fakeClockWaiter{
-		targetTime: stopTime,
-		destChan:   ch,
-	})
-	return ch
-}
-
-// NewTimer constructs a fake timer, akin to time.NewTimer(d).
-func (f *FakeClock) NewTimer(d time.Duration) clock.Timer {
-	f.lock.Lock()
-	defer f.lock.Unlock()
-	stopTime := f.time.Add(d)
-	ch := make(chan time.Time, 1) // Don't block!
-	timer := &fakeTimer{
-		fakeClock: f,
-		waiter: fakeClockWaiter{
-			targetTime: stopTime,
-			destChan:   ch,
-		},
-	}
-	f.waiters = append(f.waiters, &timer.waiter)
-	return timer
-}
-
-// AfterFunc is the Fake version of time.AfterFunc(d, cb).
-func (f *FakeClock) AfterFunc(d time.Duration, cb func()) clock.Timer {
-	f.lock.Lock()
-	defer f.lock.Unlock()
-	stopTime := f.time.Add(d)
-	ch := make(chan time.Time, 1) // Don't block!
-
-	timer := &fakeTimer{
-		fakeClock: f,
-		waiter: fakeClockWaiter{
-			targetTime: stopTime,
-			destChan:   ch,
-			afterFunc:  cb,
-		},
-	}
-	f.waiters = append(f.waiters, &timer.waiter)
-	return timer
-}
-
-// Tick constructs a fake ticker, akin to time.Tick
-func (f *FakeClock) Tick(d time.Duration) <-chan time.Time {
-	if d <= 0 {
-		return nil
-	}
-	f.lock.Lock()
-	defer f.lock.Unlock()
-	tickTime := f.time.Add(d)
-	ch := make(chan time.Time, 1) // hold one tick
-	f.waiters = append(f.waiters, &fakeClockWaiter{
-		targetTime:    tickTime,
-		stepInterval:  d,
-		skipIfBlocked: true,
-		destChan:      ch,
-	})
-
-	return ch
-}
-
-// NewTicker returns a new Ticker.
-func (f *FakeClock) NewTicker(d time.Duration) clock.Ticker {
-	f.lock.Lock()
-	defer f.lock.Unlock()
-	tickTime := f.time.Add(d)
-	ch := make(chan time.Time, 1) // hold one tick
-	f.waiters = append(f.waiters, &fakeClockWaiter{
-		targetTime:    tickTime,
-		stepInterval:  d,
-		skipIfBlocked: true,
-		destChan:      ch,
-	})
-
-	return &fakeTicker{
-		c: ch,
-	}
-}
-
-// Step moves the clock by Duration and notifies anyone that's called After,
-// Tick, or NewTimer.
-func (f *FakeClock) Step(d time.Duration) {
-	f.lock.Lock()
-	defer f.lock.Unlock()
-	f.setTimeLocked(f.time.Add(d))
-}
-
-// SetTime sets the time.
-func (f *FakeClock) SetTime(t time.Time) {
-	f.lock.Lock()
-	defer f.lock.Unlock()
-	f.setTimeLocked(t)
-}
-
-// Actually changes the time and checks any waiters. f must be write-locked.
-func (f *FakeClock) setTimeLocked(t time.Time) {
-	f.time = t
-	newWaiters := make([]*fakeClockWaiter, 0, len(f.waiters))
-	for i := range f.waiters {
-		w := f.waiters[i]
-		if !w.targetTime.After(t) {
-			if w.skipIfBlocked {
-				select {
-				case w.destChan <- t:
-				default:
-				}
-			} else {
-				w.destChan <- t
-			}
-
-			if w.afterFunc != nil {
-				w.afterFunc()
-			}
-
-			if w.stepInterval > 0 {
-				for !w.targetTime.After(t) {
-					w.targetTime = w.targetTime.Add(w.stepInterval)
-				}
-				newWaiters = append(newWaiters, w)
-			}
-
-		} else {
-			newWaiters = append(newWaiters, f.waiters[i])
-		}
-	}
-	f.waiters = newWaiters
-}
-
-// HasWaiters returns true if After or AfterFunc has been called on f but not yet satisfied (so you can
-// write race-free tests).
-func (f *FakeClock) HasWaiters() bool {
-	f.lock.RLock()
-	defer f.lock.RUnlock()
-	return len(f.waiters) > 0
-}
-
-// Sleep is akin to time.Sleep
-func (f *FakeClock) Sleep(d time.Duration) {
-	f.Step(d)
-}
-
-// IntervalClock implements clock.PassiveClock, but each invocation of Now steps the clock forward the specified duration.
-// IntervalClock technically implements the other methods of clock.Clock, but each implementation is just a panic.
-//
-// Deprecated: See SimpleIntervalClock for an alternative that only has the methods of PassiveClock.
-type IntervalClock struct {
-	Time     time.Time
-	Duration time.Duration
-}
-
-// Now returns i's time.
-func (i *IntervalClock) Now() time.Time {
-	i.Time = i.Time.Add(i.Duration)
-	return i.Time
-}
-
-// Since returns time since the time in i.
-func (i *IntervalClock) Since(ts time.Time) time.Duration {
-	return i.Time.Sub(ts)
-}
-
-// After is unimplemented, will panic.
-// TODO: make interval clock use FakeClock so this can be implemented.
-func (*IntervalClock) After(d time.Duration) <-chan time.Time {
-	panic("IntervalClock doesn't implement After")
-}
-
-// NewTimer is unimplemented, will panic.
-// TODO: make interval clock use FakeClock so this can be implemented.
-func (*IntervalClock) NewTimer(d time.Duration) clock.Timer {
-	panic("IntervalClock doesn't implement NewTimer")
-}
-
-// AfterFunc is unimplemented, will panic.
-// TODO: make interval clock use FakeClock so this can be implemented.
-func (*IntervalClock) AfterFunc(d time.Duration, f func()) clock.Timer {
-	panic("IntervalClock doesn't implement AfterFunc")
-}
-
-// Tick is unimplemented, will panic.
-// TODO: make interval clock use FakeClock so this can be implemented.
-func (*IntervalClock) Tick(d time.Duration) <-chan time.Time {
-	panic("IntervalClock doesn't implement Tick")
-}
-
-// NewTicker has no implementation yet and is omitted.
-// TODO: make interval clock use FakeClock so this can be implemented.
-func (*IntervalClock) NewTicker(d time.Duration) clock.Ticker {
-	panic("IntervalClock doesn't implement NewTicker")
-}
-
-// Sleep is unimplemented, will panic.
-func (*IntervalClock) Sleep(d time.Duration) {
-	panic("IntervalClock doesn't implement Sleep")
-}
-
-var _ = clock.Timer(&fakeTimer{})
-
-// fakeTimer implements clock.Timer based on a FakeClock.
-type fakeTimer struct {
-	fakeClock *FakeClock
-	waiter    fakeClockWaiter
-}
-
-// C returns the channel that notifies when this timer has fired.
-func (f *fakeTimer) C() <-chan time.Time {
-	return f.waiter.destChan
-}
-
-// Stop prevents the Timer from firing. It returns true if the call stops the
-// timer, false if the timer has already expired or been stopped.
-func (f *fakeTimer) Stop() bool {
-	f.fakeClock.lock.Lock()
-	defer f.fakeClock.lock.Unlock()
-
-	active := false
-	newWaiters := make([]*fakeClockWaiter, 0, len(f.fakeClock.waiters))
-	for i := range f.fakeClock.waiters {
-		w := f.fakeClock.waiters[i]
-		if w != &f.waiter {
-			newWaiters = append(newWaiters, w)
-			continue
-		}
-		// If timer is found, it has not been fired yet.
-		active = true
-	}
-
-	f.fakeClock.waiters = newWaiters
-
-	return active
-}
-
-// Reset changes the timer to expire after duration d. It returns true if the
-// timer had been active, false if the timer had expired or been stopped.
-func (f *fakeTimer) Reset(d time.Duration) bool {
-	f.fakeClock.lock.Lock()
-	defer f.fakeClock.lock.Unlock()
-
-	active := false
-
-	f.waiter.targetTime = f.fakeClock.time.Add(d)
-
-	for i := range f.fakeClock.waiters {
-		w := f.fakeClock.waiters[i]
-		if w == &f.waiter {
-			// If timer is found, it has not been fired yet.
-			active = true
-			break
-		}
-	}
-	if !active {
-		f.fakeClock.waiters = append(f.fakeClock.waiters, &f.waiter)
-	}
-
-	return active
-}
-
-type fakeTicker struct {
-	c <-chan time.Time
-}
-
-func (t *fakeTicker) C() <-chan time.Time {
-	return t.c
-}
-
-func (t *fakeTicker) Stop() {
-}
diff --git a/vendor/k8s.io/utils/clock/testing/simple_interval_clock.go b/vendor/k8s.io/utils/clock/testing/simple_interval_clock.go
deleted file mode 100644
index 951ca4d170..0000000000
--- a/vendor/k8s.io/utils/clock/testing/simple_interval_clock.go
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
-Copyright 2021 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package testing
-
-import (
-	"time"
-
-	"k8s.io/utils/clock"
-)
-
-var (
-	_ = clock.PassiveClock(&SimpleIntervalClock{})
-)
-
-// SimpleIntervalClock implements clock.PassiveClock, but each invocation of Now steps the clock forward the specified duration
-type SimpleIntervalClock struct {
-	Time     time.Time
-	Duration time.Duration
-}
-
-// Now returns i's time.
-func (i *SimpleIntervalClock) Now() time.Time {
-	i.Time = i.Time.Add(i.Duration)
-	return i.Time
-}
-
-// Since returns time since the time in i.
-func (i *SimpleIntervalClock) Since(ts time.Time) time.Duration {
-	return i.Time.Sub(ts)
-}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 4f82f38518..ff87098b00 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -1,14 +1,14 @@
 # cel.dev/expr v0.23.1
 ## explicit; go 1.22.0
 cel.dev/expr
-# cloud.google.com/go v0.120.0
+# cloud.google.com/go v0.121.1
 ## explicit; go 1.23.0
 cloud.google.com/go
 cloud.google.com/go/internal
 cloud.google.com/go/internal/optional
 cloud.google.com/go/internal/trace
 cloud.google.com/go/internal/version
-# cloud.google.com/go/auth v0.16.0
+# cloud.google.com/go/auth v0.16.2
 ## explicit; go 1.23.0
 cloud.google.com/go/auth
 cloud.google.com/go/auth/credentials
@@ -28,34 +28,34 @@ cloud.google.com/go/auth/internal/transport/cert
 # cloud.google.com/go/auth/oauth2adapt v0.2.8
 ## explicit; go 1.23.0
 cloud.google.com/go/auth/oauth2adapt
-# cloud.google.com/go/compute/metadata v0.6.0
-## explicit; go 1.21
+# cloud.google.com/go/compute/metadata v0.7.0
+## explicit; go 1.23.0
 cloud.google.com/go/compute/metadata
 # cloud.google.com/go/firestore v1.18.0
 ## explicit; go 1.21
 cloud.google.com/go/firestore/apiv1
 cloud.google.com/go/firestore/apiv1/firestorepb
 cloud.google.com/go/firestore/internal
-# cloud.google.com/go/iam v1.5.0
+# cloud.google.com/go/iam v1.5.2
 ## explicit; go 1.23.0
 cloud.google.com/go/iam
 cloud.google.com/go/iam/apiv1/iampb
-# cloud.google.com/go/kms v1.21.1
+# cloud.google.com/go/kms v1.22.0
 ## explicit; go 1.23.0
 cloud.google.com/go/kms/apiv1
 cloud.google.com/go/kms/apiv1/kmspb
 cloud.google.com/go/kms/internal
-# cloud.google.com/go/longrunning v0.6.6
+# cloud.google.com/go/longrunning v0.6.7
 ## explicit; go 1.23.0
 cloud.google.com/go/longrunning
 cloud.google.com/go/longrunning/autogen
 cloud.google.com/go/longrunning/autogen/longrunningpb
-# cloud.google.com/go/monitoring v1.24.1
+# cloud.google.com/go/monitoring v1.24.2
 ## explicit; go 1.23.0
 cloud.google.com/go/monitoring/apiv3/v2
 cloud.google.com/go/monitoring/apiv3/v2/monitoringpb
 cloud.google.com/go/monitoring/internal
-# cloud.google.com/go/storage v1.52.0
+# cloud.google.com/go/storage v1.53.0
 ## explicit; go 1.23.0
 cloud.google.com/go/storage
 cloud.google.com/go/storage/experimental
@@ -80,7 +80,7 @@ github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider
 ## explicit
 github.com/Azure/azure-sdk-for-go/services/preview/containerregistry/runtime/2019-08-15-preview/containerregistry
 github.com/Azure/azure-sdk-for-go/version
-# github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.1
+# github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0
 ## explicit; go 1.23.0
 github.com/Azure/azure-sdk-for-go/sdk/azcore
 github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/internal/resource
@@ -102,12 +102,12 @@ github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime
 github.com/Azure/azure-sdk-for-go/sdk/azcore/streaming
 github.com/Azure/azure-sdk-for-go/sdk/azcore/to
 github.com/Azure/azure-sdk-for-go/sdk/azcore/tracing
-# github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2
-## explicit; go 1.18
+# github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1
+## explicit; go 1.23.0
 github.com/Azure/azure-sdk-for-go/sdk/azidentity
 github.com/Azure/azure-sdk-for-go/sdk/azidentity/internal
-# github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0
-## explicit; go 1.18
+# github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1
+## explicit; go 1.23.0
 github.com/Azure/azure-sdk-for-go/sdk/internal/diag
 github.com/Azure/azure-sdk-for-go/sdk/internal/errorinfo
 github.com/Azure/azure-sdk-for-go/sdk/internal/exported
@@ -172,6 +172,7 @@ github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/oauth/o
 github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/options
 github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/shared
 github.com/AzureAD/microsoft-authentication-library-for-go/apps/internal/version
+github.com/AzureAD/microsoft-authentication-library-for-go/apps/managedidentity
 github.com/AzureAD/microsoft-authentication-library-for-go/apps/public
 # github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.27.0
 ## explicit; go 1.22
@@ -195,30 +196,6 @@ github.com/Microsoft/go-winio/pkg/guid
 # github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2
 ## explicit; go 1.13
 github.com/Netflix/go-expect
-# github.com/ProtonMail/go-crypto v1.1.5
-## explicit; go 1.17
-github.com/ProtonMail/go-crypto/bitcurves
-github.com/ProtonMail/go-crypto/brainpool
-github.com/ProtonMail/go-crypto/eax
-github.com/ProtonMail/go-crypto/internal/byteutil
-github.com/ProtonMail/go-crypto/ocb
-github.com/ProtonMail/go-crypto/openpgp
-github.com/ProtonMail/go-crypto/openpgp/aes/keywrap
-github.com/ProtonMail/go-crypto/openpgp/armor
-github.com/ProtonMail/go-crypto/openpgp/ecdh
-github.com/ProtonMail/go-crypto/openpgp/ecdsa
-github.com/ProtonMail/go-crypto/openpgp/ed25519
-github.com/ProtonMail/go-crypto/openpgp/ed448
-github.com/ProtonMail/go-crypto/openpgp/eddsa
-github.com/ProtonMail/go-crypto/openpgp/elgamal
-github.com/ProtonMail/go-crypto/openpgp/errors
-github.com/ProtonMail/go-crypto/openpgp/internal/algorithm
-github.com/ProtonMail/go-crypto/openpgp/internal/ecc
-github.com/ProtonMail/go-crypto/openpgp/internal/encoding
-github.com/ProtonMail/go-crypto/openpgp/packet
-github.com/ProtonMail/go-crypto/openpgp/s2k
-github.com/ProtonMail/go-crypto/openpgp/x25519
-github.com/ProtonMail/go-crypto/openpgp/x448
 # github.com/ThalesIgnite/crypto11 v1.2.5
 ## explicit; go 1.13
 github.com/ThalesIgnite/crypto11
@@ -265,7 +242,7 @@ github.com/antlr4-go/antlr/v4
 # github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2
 ## explicit; go 1.13
 github.com/asaskevich/govalidator
-# github.com/aws/aws-sdk-go v1.55.6
+# github.com/aws/aws-sdk-go v1.55.7
 ## explicit; go 1.19
 github.com/aws/aws-sdk-go/aws
 github.com/aws/aws-sdk-go/aws/auth/bearer
@@ -313,7 +290,7 @@ github.com/aws/aws-sdk-go/service/sso/ssoiface
 github.com/aws/aws-sdk-go/service/ssooidc
 github.com/aws/aws-sdk-go/service/sts
 github.com/aws/aws-sdk-go/service/sts/stsiface
-# github.com/aws/aws-sdk-go-v2 v1.36.3
+# github.com/aws/aws-sdk-go-v2 v1.36.4
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/aws
 github.com/aws/aws-sdk-go-v2/aws/defaults
@@ -339,10 +316,10 @@ github.com/aws/aws-sdk-go-v2/internal/shareddefaults
 github.com/aws/aws-sdk-go-v2/internal/strings
 github.com/aws/aws-sdk-go-v2/internal/sync/singleflight
 github.com/aws/aws-sdk-go-v2/internal/timeconv
-# github.com/aws/aws-sdk-go-v2/config v1.29.12
+# github.com/aws/aws-sdk-go-v2/config v1.29.16
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/config
-# github.com/aws/aws-sdk-go-v2/credentials v1.17.65
+# github.com/aws/aws-sdk-go-v2/credentials v1.17.69
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/credentials
 github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds
@@ -351,14 +328,14 @@ github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client
 github.com/aws/aws-sdk-go-v2/credentials/processcreds
 github.com/aws/aws-sdk-go-v2/credentials/ssocreds
 github.com/aws/aws-sdk-go-v2/credentials/stscreds
-# github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30
+# github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.31
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds/internal/config
-# github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34
+# github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.35
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/internal/configsources
-# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34
+# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.35
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2
 # github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3
@@ -377,25 +354,25 @@ github.com/aws/aws-sdk-go-v2/service/ecrpublic/types
 # github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding
-# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15
+# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.16
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url
-# github.com/aws/aws-sdk-go-v2/service/kms v1.38.1
+# github.com/aws/aws-sdk-go-v2/service/kms v1.41.0
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/service/kms
 github.com/aws/aws-sdk-go-v2/service/kms/internal/endpoints
 github.com/aws/aws-sdk-go-v2/service/kms/types
-# github.com/aws/aws-sdk-go-v2/service/sso v1.25.2
+# github.com/aws/aws-sdk-go-v2/service/sso v1.25.4
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/service/sso
 github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints
 github.com/aws/aws-sdk-go-v2/service/sso/types
-# github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.0
+# github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.2
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/service/ssooidc
 github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints
 github.com/aws/aws-sdk-go-v2/service/ssooidc/types
-# github.com/aws/aws-sdk-go-v2/service/sts v1.33.17
+# github.com/aws/aws-sdk-go-v2/service/sts v1.33.21
 ## explicit; go 1.22
 github.com/aws/aws-sdk-go-v2/service/sts
 github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints
@@ -444,6 +421,9 @@ github.com/blendle/zapdriver
 # github.com/cenkalti/backoff/v4 v4.3.0
 ## explicit; go 1.18
 github.com/cenkalti/backoff/v4
+# github.com/cenkalti/backoff/v5 v5.0.2
+## explicit; go 1.23
+github.com/cenkalti/backoff/v5
 # github.com/census-instrumentation/opencensus-proto v0.4.1
 ## explicit; go 1.18
 github.com/census-instrumentation/opencensus-proto/gen-go/agent/common/v1
@@ -479,20 +459,6 @@ github.com/cloudevents/sdk-go/v2/event/datacodec/xml
 github.com/cloudevents/sdk-go/v2/protocol
 github.com/cloudevents/sdk-go/v2/protocol/http
 github.com/cloudevents/sdk-go/v2/types
-# github.com/cloudflare/circl v1.6.1
-## explicit; go 1.22.0
-github.com/cloudflare/circl/dh/x25519
-github.com/cloudflare/circl/dh/x448
-github.com/cloudflare/circl/ecc/goldilocks
-github.com/cloudflare/circl/internal/conv
-github.com/cloudflare/circl/internal/sha3
-github.com/cloudflare/circl/math
-github.com/cloudflare/circl/math/fp25519
-github.com/cloudflare/circl/math/fp448
-github.com/cloudflare/circl/math/mlsbset
-github.com/cloudflare/circl/sign
-github.com/cloudflare/circl/sign/ed25519
-github.com/cloudflare/circl/sign/ed448
 # github.com/cncf/xds/go v0.0.0-20250326154945-ae57f3c0d45f
 ## explicit; go 1.19
 github.com/cncf/xds/go/udpa/annotations
@@ -519,7 +485,7 @@ github.com/cpuguy83/go-md2man/md2man
 # github.com/creack/pty v1.1.24
 ## explicit; go 1.18
 github.com/creack/pty
-# github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46
+# github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467
 ## explicit
 github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer
 # github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
@@ -546,8 +512,8 @@ github.com/docker/distribution/registry/client/auth/challenge
 # github.com/docker/docker v28.2.2+incompatible
 ## explicit
 github.com/docker/docker/pkg/homedir
-# github.com/docker/docker-credential-helpers v0.8.2
-## explicit; go 1.19
+# github.com/docker/docker-credential-helpers v0.9.3
+## explicit; go 1.21
 github.com/docker/docker-credential-helpers/client
 github.com/docker/docker-credential-helpers/credentials
 # github.com/dustin/go-humanize v1.0.1
@@ -705,7 +671,7 @@ github.com/go-kit/log/level
 # github.com/go-logfmt/logfmt v0.6.0
 ## explicit; go 1.17
 github.com/go-logfmt/logfmt
-# github.com/go-logr/logr v1.4.2
+# github.com/go-logr/logr v1.4.3
 ## explicit; go 1.18
 github.com/go-logr/logr
 github.com/go-logr/logr/funcr
@@ -776,7 +742,6 @@ github.com/golang-jwt/jwt/v5
 github.com/golang/groupcache/lru
 # github.com/golang/protobuf v1.5.4
 ## explicit; go 1.17
-github.com/golang/protobuf/proto
 github.com/golang/protobuf/ptypes/any
 github.com/golang/protobuf/ptypes/empty
 github.com/golang/protobuf/ptypes/struct
@@ -812,8 +777,8 @@ github.com/google/cel-go/interpreter
 github.com/google/cel-go/interpreter/functions
 github.com/google/cel-go/parser
 github.com/google/cel-go/parser/gen
-# github.com/google/certificate-transparency-go v1.3.1
-## explicit; go 1.22.0
+# github.com/google/certificate-transparency-go v1.3.2
+## explicit; go 1.23.0
 github.com/google/certificate-transparency-go
 github.com/google/certificate-transparency-go/asn1
 github.com/google/certificate-transparency-go/client
@@ -841,8 +806,8 @@ github.com/google/go-cmp/cmp/internal/diff
 github.com/google/go-cmp/cmp/internal/flags
 github.com/google/go-cmp/cmp/internal/function
 github.com/google/go-cmp/cmp/internal/value
-# github.com/google/go-containerregistry v0.20.3
-## explicit; go 1.23.0
+# github.com/google/go-containerregistry v0.20.6
+## explicit; go 1.24
 github.com/google/go-containerregistry/internal/and
 github.com/google/go-containerregistry/internal/compression
 github.com/google/go-containerregistry/internal/estargz
@@ -879,16 +844,12 @@ github.com/google/go-containerregistry/pkg/authn/k8schain
 # github.com/google/go-containerregistry/pkg/authn/kubernetes v0.0.0-20240108195214-a0658aa1d0cc
 ## explicit; go 1.18
 github.com/google/go-containerregistry/pkg/authn/kubernetes
-# github.com/google/go-github/v55 v55.0.0
-## explicit; go 1.17
-github.com/google/go-github/v55/github
+# github.com/google/go-github/v72 v72.0.0
+## explicit; go 1.23.0
+github.com/google/go-github/v72/github
 # github.com/google/go-querystring v1.1.0
 ## explicit; go 1.10
 github.com/google/go-querystring/query
-# github.com/google/gofuzz v1.2.0
-## explicit; go 1.12
-github.com/google/gofuzz
-github.com/google/gofuzz/bytesource
 # github.com/google/s2a-go v0.1.9
 ## explicit; go 1.20
 github.com/google/s2a-go
@@ -925,8 +886,8 @@ github.com/google/wire
 ## explicit; go 1.23.0
 github.com/googleapis/enterprise-certificate-proxy/client
 github.com/googleapis/enterprise-certificate-proxy/client/util
-# github.com/googleapis/gax-go/v2 v2.14.1
-## explicit; go 1.21
+# github.com/googleapis/gax-go/v2 v2.14.2
+## explicit; go 1.23.0
 github.com/googleapis/gax-go/v2
 github.com/googleapis/gax-go/v2/apierror
 github.com/googleapis/gax-go/v2/apierror/internal/proto
@@ -936,8 +897,8 @@ github.com/googleapis/gax-go/v2/internallog
 github.com/googleapis/gax-go/v2/internallog/grpclog
 github.com/googleapis/gax-go/v2/internallog/internal
 github.com/googleapis/gax-go/v2/iterator
-# github.com/gorilla/websocket v1.5.3
-## explicit; go 1.12
+# github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674
+## explicit; go 1.20
 github.com/gorilla/websocket
 # github.com/grafeas/grafeas v0.2.3
 ## explicit; go 1.20
@@ -946,8 +907,8 @@ github.com/grafeas/grafeas/proto/v1/grafeas_go_proto
 # github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79
 ## explicit
 github.com/gregjones/httpcache
-# github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1
-## explicit; go 1.22
+# github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3
+## explicit; go 1.23.0
 github.com/grpc-ecosystem/grpc-gateway/v2/internal/httprule
 github.com/grpc-ecosystem/grpc-gateway/v2/runtime
 github.com/grpc-ecosystem/grpc-gateway/v2/utilities
@@ -969,13 +930,13 @@ github.com/hashicorp/go-retryablehttp
 # github.com/hashicorp/go-rootcerts v1.0.2
 ## explicit; go 1.12
 github.com/hashicorp/go-rootcerts
-# github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7
-## explicit; go 1.16
+# github.com/hashicorp/go-secure-stdlib/parseutil v0.2.0
+## explicit; go 1.20
 github.com/hashicorp/go-secure-stdlib/parseutil
 # github.com/hashicorp/go-secure-stdlib/strutil v0.1.2
 ## explicit; go 1.16
 github.com/hashicorp/go-secure-stdlib/strutil
-# github.com/hashicorp/go-sockaddr v1.0.5
+# github.com/hashicorp/go-sockaddr v1.0.7
 ## explicit; go 1.19
 github.com/hashicorp/go-sockaddr
 # github.com/hashicorp/go-uuid v1.0.3
@@ -1201,7 +1162,7 @@ github.com/oklog/ulid
 # github.com/opencontainers/go-digest v1.0.0
 ## explicit; go 1.13
 github.com/opencontainers/go-digest
-# github.com/opencontainers/image-spec v1.1.0
+# github.com/opencontainers/image-spec v1.1.1
 ## explicit; go 1.18
 github.com/opencontainers/image-spec/specs-go
 github.com/opencontainers/image-spec/specs-go/v1
@@ -1213,7 +1174,7 @@ github.com/opentracing/opentracing-go/log
 # github.com/openzipkin/zipkin-go v0.4.3
 ## explicit; go 1.20
 github.com/openzipkin/zipkin-go/model
-# github.com/pelletier/go-toml/v2 v2.2.3
+# github.com/pelletier/go-toml/v2 v2.2.4
 ## explicit; go 1.21.0
 github.com/pelletier/go-toml/v2
 github.com/pelletier/go-toml/v2/internal/characters
@@ -1245,17 +1206,18 @@ github.com/planetscale/vtprotobuf/types/known/emptypb
 github.com/planetscale/vtprotobuf/types/known/structpb
 github.com/planetscale/vtprotobuf/types/known/timestamppb
 github.com/planetscale/vtprotobuf/types/known/wrapperspb
-# github.com/prometheus/client_golang v1.21.1
-## explicit; go 1.21
+# github.com/prometheus/client_golang v1.22.0
+## explicit; go 1.22
 github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil
 github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header
 github.com/prometheus/client_golang/prometheus
 github.com/prometheus/client_golang/prometheus/internal
 github.com/prometheus/client_golang/prometheus/promhttp
-# github.com/prometheus/client_model v0.6.1
-## explicit; go 1.19
+github.com/prometheus/client_golang/prometheus/promhttp/internal
+# github.com/prometheus/client_model v0.6.2
+## explicit; go 1.22.0
 github.com/prometheus/client_model/go
-# github.com/prometheus/common v0.62.0
+# github.com/prometheus/common v0.63.0
 ## explicit; go 1.21
 github.com/prometheus/common/expfmt
 github.com/prometheus/common/model
@@ -1300,8 +1262,8 @@ github.com/segmentio/ksuid
 # github.com/shibumi/go-pathspec v1.3.0
 ## explicit; go 1.17
 github.com/shibumi/go-pathspec
-# github.com/sigstore/cosign/v2 v2.5.0
-## explicit; go 1.23.4
+# github.com/sigstore/cosign/v2 v2.5.2
+## explicit; go 1.24.0
 github.com/sigstore/cosign/v2/cmd/cosign/cli/fulcio
 github.com/sigstore/cosign/v2/cmd/cosign/cli/options
 github.com/sigstore/cosign/v2/cmd/cosign/cli/sign/privacy
@@ -1335,10 +1297,10 @@ github.com/sigstore/cosign/v2/pkg/providers
 github.com/sigstore/cosign/v2/pkg/providers/filesystem
 github.com/sigstore/cosign/v2/pkg/signature
 github.com/sigstore/cosign/v2/pkg/types
-# github.com/sigstore/fulcio v1.6.6
-## explicit; go 1.23.3
+# github.com/sigstore/fulcio v1.7.1
+## explicit; go 1.24.0
 github.com/sigstore/fulcio/pkg/api
-# github.com/sigstore/protobuf-specs v0.4.1
+# github.com/sigstore/protobuf-specs v0.4.3
 ## explicit; go 1.22.0
 github.com/sigstore/protobuf-specs/gen/pb-go/bundle/v1
 github.com/sigstore/protobuf-specs/gen/pb-go/common/v1
@@ -1376,7 +1338,7 @@ github.com/sigstore/rekor/pkg/types/rekord
 github.com/sigstore/rekor/pkg/types/rekord/v0.0.1
 github.com/sigstore/rekor/pkg/util
 github.com/sigstore/rekor/pkg/verify
-# github.com/sigstore/sigstore v1.9.4
+# github.com/sigstore/sigstore v1.9.5
 ## explicit; go 1.23.0
 github.com/sigstore/sigstore/pkg/cryptoutils
 github.com/sigstore/sigstore/pkg/fulcioroots
@@ -1392,7 +1354,7 @@ github.com/sigstore/sigstore/pkg/signature/kms/cliplugin/internal/signerverifier
 github.com/sigstore/sigstore/pkg/signature/options
 github.com/sigstore/sigstore/pkg/signature/payload
 github.com/sigstore/sigstore/pkg/tuf
-# github.com/sigstore/sigstore-go v0.7.1
+# github.com/sigstore/sigstore-go v1.0.0
 ## explicit; go 1.23.0
 github.com/sigstore/sigstore-go/pkg/bundle
 github.com/sigstore/sigstore-go/pkg/fulcio/certificate
@@ -1401,19 +1363,19 @@ github.com/sigstore/sigstore-go/pkg/tlog
 github.com/sigstore/sigstore-go/pkg/tuf
 github.com/sigstore/sigstore-go/pkg/util
 github.com/sigstore/sigstore-go/pkg/verify
-# github.com/sigstore/sigstore/pkg/signature/kms/aws v1.9.1
+# github.com/sigstore/sigstore/pkg/signature/kms/aws v1.9.5
 ## explicit; go 1.23.0
 github.com/sigstore/sigstore/pkg/signature/kms/aws
-# github.com/sigstore/sigstore/pkg/signature/kms/azure v1.9.1
+# github.com/sigstore/sigstore/pkg/signature/kms/azure v1.9.5
 ## explicit; go 1.23.0
 github.com/sigstore/sigstore/pkg/signature/kms/azure
-# github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.9.1
+# github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.9.5
 ## explicit; go 1.23.0
 github.com/sigstore/sigstore/pkg/signature/kms/gcp
-# github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.9.1
+# github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.9.5
 ## explicit; go 1.23.0
 github.com/sigstore/sigstore/pkg/signature/kms/hashivault
-# github.com/sigstore/timestamp-authority v1.2.5
+# github.com/sigstore/timestamp-authority v1.2.8
 ## explicit; go 1.23.0
 github.com/sigstore/timestamp-authority/pkg/verification
 # github.com/sirupsen/logrus v1.9.3
@@ -1704,8 +1666,8 @@ github.com/theupdateframework/go-tuf/pkg/targets
 github.com/theupdateframework/go-tuf/sign
 github.com/theupdateframework/go-tuf/util
 github.com/theupdateframework/go-tuf/verify
-# github.com/theupdateframework/go-tuf/v2 v2.0.2
-## explicit; go 1.21
+# github.com/theupdateframework/go-tuf/v2 v2.1.1
+## explicit; go 1.23.0
 github.com/theupdateframework/go-tuf/v2/metadata
 github.com/theupdateframework/go-tuf/v2/metadata/config
 github.com/theupdateframework/go-tuf/v2/metadata/fetcher
@@ -1735,7 +1697,7 @@ github.com/transparency-dev/merkle
 github.com/transparency-dev/merkle/compact
 github.com/transparency-dev/merkle/proof
 github.com/transparency-dev/merkle/rfc6962
-# github.com/vbatts/tar-split v0.11.6
+# github.com/vbatts/tar-split v0.12.1
 ## explicit; go 1.17
 github.com/vbatts/tar-split/archive/tar
 # github.com/x448/float16 v0.8.4
@@ -1759,8 +1721,8 @@ github.com/youmark/pkcs8
 # github.com/zeebo/errs v1.4.0
 ## explicit; go 1.12
 github.com/zeebo/errs
-# gitlab.com/gitlab-org/api/client-go v0.127.0
-## explicit; go 1.22
+# gitlab.com/gitlab-org/api/client-go v0.130.1
+## explicit; go 1.23.0
 gitlab.com/gitlab-org/api/client-go
 # go.mongodb.org/mongo-driver v1.17.3
 ## explicit; go 1.18
@@ -1839,24 +1801,23 @@ go.opentelemetry.io/auto/sdk/internal/telemetry
 # go.opentelemetry.io/contrib/detectors/gcp v1.35.0
 ## explicit; go 1.22.0
 go.opentelemetry.io/contrib/detectors/gcp
-# go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0
-## explicit; go 1.22.0
+# go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0
+## explicit; go 1.23.0
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/internal
-# go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0
-## explicit; go 1.22.0
+# go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0
+## explicit; go 1.23.0
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil
-# go.opentelemetry.io/otel v1.35.0
-## explicit; go 1.22.0
+# go.opentelemetry.io/otel v1.36.0
+## explicit; go 1.23.0
 go.opentelemetry.io/otel
 go.opentelemetry.io/otel/attribute
+go.opentelemetry.io/otel/attribute/internal
 go.opentelemetry.io/otel/baggage
 go.opentelemetry.io/otel/codes
-go.opentelemetry.io/otel/internal
-go.opentelemetry.io/otel/internal/attribute
 go.opentelemetry.io/otel/internal/baggage
 go.opentelemetry.io/otel/internal/global
 go.opentelemetry.io/otel/propagation
@@ -1866,27 +1827,28 @@ go.opentelemetry.io/otel/semconv/v1.17.0/httpconv
 go.opentelemetry.io/otel/semconv/v1.20.0
 go.opentelemetry.io/otel/semconv/v1.24.0
 go.opentelemetry.io/otel/semconv/v1.26.0
-# go.opentelemetry.io/otel/metric v1.35.0
-## explicit; go 1.22.0
+go.opentelemetry.io/otel/semconv/v1.30.0
+# go.opentelemetry.io/otel/metric v1.36.0
+## explicit; go 1.23.0
 go.opentelemetry.io/otel/metric
 go.opentelemetry.io/otel/metric/embedded
 go.opentelemetry.io/otel/metric/noop
-# go.opentelemetry.io/otel/sdk v1.35.0
-## explicit; go 1.22.0
+# go.opentelemetry.io/otel/sdk v1.36.0
+## explicit; go 1.23.0
 go.opentelemetry.io/otel/sdk
 go.opentelemetry.io/otel/sdk/instrumentation
 go.opentelemetry.io/otel/sdk/internal/x
 go.opentelemetry.io/otel/sdk/resource
-# go.opentelemetry.io/otel/sdk/metric v1.35.0
-## explicit; go 1.22.0
+# go.opentelemetry.io/otel/sdk/metric v1.36.0
+## explicit; go 1.23.0
 go.opentelemetry.io/otel/sdk/metric
 go.opentelemetry.io/otel/sdk/metric/exemplar
 go.opentelemetry.io/otel/sdk/metric/internal
 go.opentelemetry.io/otel/sdk/metric/internal/aggregate
 go.opentelemetry.io/otel/sdk/metric/internal/x
 go.opentelemetry.io/otel/sdk/metric/metricdata
-# go.opentelemetry.io/otel/trace v1.35.0
-## explicit; go 1.22.0
+# go.opentelemetry.io/otel/trace v1.36.0
+## explicit; go 1.23.0
 go.opentelemetry.io/otel/trace
 go.opentelemetry.io/otel/trace/embedded
 go.opentelemetry.io/otel/trace/internal/telemetry
@@ -1915,7 +1877,7 @@ go.uber.org/zap/internal/stacktrace
 go.uber.org/zap/internal/ztest
 go.uber.org/zap/zapcore
 go.uber.org/zap/zaptest
-# goa.design/goa/v3 v3.20.0
+# goa.design/goa/v3 v3.20.1
 ## explicit; go 1.23.0
 goa.design/goa/v3/http
 goa.design/goa/v3/pkg
@@ -1944,9 +1906,8 @@ gocloud.dev/docstore/mongodocstore
 # gocloud.dev/pubsub/kafkapubsub v0.40.0
 ## explicit; go 1.21.0
 gocloud.dev/pubsub/kafkapubsub
-# golang.org/x/crypto v0.37.0
+# golang.org/x/crypto v0.39.0
 ## explicit; go 1.23.0
-golang.org/x/crypto/argon2
 golang.org/x/crypto/blake2b
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/cast5
@@ -1978,18 +1939,17 @@ golang.org/x/crypto/sha3
 golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
 golang.org/x/crypto/ssh/terminal
-# golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac
-## explicit; go 1.22.0
+# golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0
+## explicit; go 1.23.0
 golang.org/x/exp/maps
 golang.org/x/exp/slices
-# golang.org/x/mod v0.24.0
+# golang.org/x/mod v0.25.0
 ## explicit; go 1.23.0
 golang.org/x/mod/semver
 golang.org/x/mod/sumdb/dirhash
 golang.org/x/mod/sumdb/note
-# golang.org/x/net v0.39.0
+# golang.org/x/net v0.41.0
 ## explicit; go 1.23.0
-golang.org/x/net/context/ctxhttp
 golang.org/x/net/http/httpguts
 golang.org/x/net/http2
 golang.org/x/net/http2/h2c
@@ -2000,7 +1960,7 @@ golang.org/x/net/internal/socks
 golang.org/x/net/internal/timeseries
 golang.org/x/net/proxy
 golang.org/x/net/trace
-# golang.org/x/oauth2 v0.29.0
+# golang.org/x/oauth2 v0.30.0
 ## explicit; go 1.23.0
 golang.org/x/oauth2
 golang.org/x/oauth2/authhandler
@@ -2012,7 +1972,7 @@ golang.org/x/oauth2/google/internal/stsexchange
 golang.org/x/oauth2/internal
 golang.org/x/oauth2/jws
 golang.org/x/oauth2/jwt
-# golang.org/x/sync v0.13.0
+# golang.org/x/sync v0.15.0
 ## explicit; go 1.23.0
 golang.org/x/sync/errgroup
 golang.org/x/sync/semaphore
@@ -2027,7 +1987,7 @@ golang.org/x/sys/windows/registry
 # golang.org/x/term v0.32.0
 ## explicit; go 1.23.0
 golang.org/x/term
-# golang.org/x/text v0.24.0
+# golang.org/x/text v0.26.0
 ## explicit; go 1.23.0
 golang.org/x/text/cases
 golang.org/x/text/encoding
@@ -2053,7 +2013,7 @@ golang.org/x/text/transform
 golang.org/x/text/unicode/bidi
 golang.org/x/text/unicode/norm
 golang.org/x/text/width
-# golang.org/x/time v0.11.0
+# golang.org/x/time v0.12.0
 ## explicit; go 1.23.0
 golang.org/x/time/rate
 # golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da
@@ -2063,7 +2023,7 @@ golang.org/x/xerrors/internal
 # gomodules.xyz/jsonpatch/v2 v2.5.0
 ## explicit; go 1.20
 gomodules.xyz/jsonpatch/v2
-# google.golang.org/api v0.229.0
+# google.golang.org/api v0.237.0
 ## explicit; go 1.23.0
 google.golang.org/api/googleapi
 google.golang.org/api/googleapi/transport
@@ -2081,7 +2041,7 @@ google.golang.org/api/support/bundler
 google.golang.org/api/transport
 google.golang.org/api/transport/grpc
 google.golang.org/api/transport/http
-# google.golang.org/genproto v0.0.0-20250324211829-b45e905df463
+# google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2
 ## explicit; go 1.23.0
 google.golang.org/genproto/googleapis/cloud/location
 google.golang.org/genproto/googleapis/type/calendarperiod
@@ -2090,7 +2050,7 @@ google.golang.org/genproto/googleapis/type/expr
 google.golang.org/genproto/googleapis/type/latlng
 google.golang.org/genproto/googleapis/type/timeofday
 google.golang.org/genproto/protobuf/field_mask
-# google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e
+# google.golang.org/genproto/googleapis/api v0.0.0-20250519155744-55703ea1f237
 ## explicit; go 1.23.0
 google.golang.org/genproto/googleapis/api
 google.golang.org/genproto/googleapis/api/annotations
@@ -2100,13 +2060,13 @@ google.golang.org/genproto/googleapis/api/httpbody
 google.golang.org/genproto/googleapis/api/label
 google.golang.org/genproto/googleapis/api/metric
 google.golang.org/genproto/googleapis/api/monitoredres
-# google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e
+# google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822
 ## explicit; go 1.23.0
 google.golang.org/genproto/googleapis/rpc/code
 google.golang.org/genproto/googleapis/rpc/errdetails
 google.golang.org/genproto/googleapis/rpc/status
-# google.golang.org/grpc v1.72.0
-## explicit; go 1.23
+# google.golang.org/grpc v1.73.0
+## explicit; go 1.23.0
 google.golang.org/grpc
 google.golang.org/grpc/attributes
 google.golang.org/grpc/authz/audit
@@ -2123,6 +2083,7 @@ google.golang.org/grpc/balancer/leastrequest
 google.golang.org/grpc/balancer/pickfirst
 google.golang.org/grpc/balancer/pickfirst/internal
 google.golang.org/grpc/balancer/pickfirst/pickfirstleaf
+google.golang.org/grpc/balancer/ringhash
 google.golang.org/grpc/balancer/rls
 google.golang.org/grpc/balancer/rls/internal/adaptive
 google.golang.org/grpc/balancer/rls/internal/keys
@@ -2188,6 +2149,7 @@ google.golang.org/grpc/internal/resolver/dns
 google.golang.org/grpc/internal/resolver/dns/internal
 google.golang.org/grpc/internal/resolver/passthrough
 google.golang.org/grpc/internal/resolver/unix
+google.golang.org/grpc/internal/ringhash
 google.golang.org/grpc/internal/serviceconfig
 google.golang.org/grpc/internal/stats
 google.golang.org/grpc/internal/status
@@ -2230,7 +2192,6 @@ google.golang.org/grpc/xds/internal/balancer/clusterresolver
 google.golang.org/grpc/xds/internal/balancer/loadstore
 google.golang.org/grpc/xds/internal/balancer/outlierdetection
 google.golang.org/grpc/xds/internal/balancer/priority
-google.golang.org/grpc/xds/internal/balancer/ringhash
 google.golang.org/grpc/xds/internal/balancer/wrrlocality
 google.golang.org/grpc/xds/internal/clusterspecifier
 google.golang.org/grpc/xds/internal/clusterspecifier/rls
@@ -2331,8 +2292,8 @@ gotest.tools/v3/internal/cleanup
 gotest.tools/v3/internal/difflib
 gotest.tools/v3/internal/format
 gotest.tools/v3/internal/source
-# k8s.io/api v0.32.5
-## explicit; go 1.23.0
+# k8s.io/api v0.33.1
+## explicit; go 1.24.0
 k8s.io/api/admissionregistration/v1
 k8s.io/api/admissionregistration/v1alpha1
 k8s.io/api/admissionregistration/v1beta1
@@ -2383,6 +2344,7 @@ k8s.io/api/rbac/v1alpha1
 k8s.io/api/rbac/v1beta1
 k8s.io/api/resource/v1alpha3
 k8s.io/api/resource/v1beta1
+k8s.io/api/resource/v1beta2
 k8s.io/api/scheduling/v1
 k8s.io/api/scheduling/v1alpha1
 k8s.io/api/scheduling/v1beta1
@@ -2401,12 +2363,13 @@ k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset
 k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme
 k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1
 k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1
-# k8s.io/apimachinery v0.32.5
-## explicit; go 1.23.0
+# k8s.io/apimachinery v0.33.1
+## explicit; go 1.24.0
 k8s.io/apimachinery/pkg/api/equality
 k8s.io/apimachinery/pkg/api/errors
 k8s.io/apimachinery/pkg/api/meta
 k8s.io/apimachinery/pkg/api/meta/testrestmapper
+k8s.io/apimachinery/pkg/api/operation
 k8s.io/apimachinery/pkg/api/resource
 k8s.io/apimachinery/pkg/api/validation
 k8s.io/apimachinery/pkg/apis/meta/internalversion
@@ -2466,8 +2429,8 @@ k8s.io/cli-runtime/pkg/genericclioptions
 k8s.io/cli-runtime/pkg/genericiooptions
 k8s.io/cli-runtime/pkg/printers
 k8s.io/cli-runtime/pkg/resource
-# k8s.io/client-go v0.32.5
-## explicit; go 1.23.0
+# k8s.io/client-go v0.33.1
+## explicit; go 1.24.0
 k8s.io/client-go/applyconfigurations
 k8s.io/client-go/applyconfigurations/admissionregistration/v1
 k8s.io/client-go/applyconfigurations/admissionregistration/v1alpha1
@@ -2514,6 +2477,7 @@ k8s.io/client-go/applyconfigurations/rbac/v1alpha1
 k8s.io/client-go/applyconfigurations/rbac/v1beta1
 k8s.io/client-go/applyconfigurations/resource/v1alpha3
 k8s.io/client-go/applyconfigurations/resource/v1beta1
+k8s.io/client-go/applyconfigurations/resource/v1beta2
 k8s.io/client-go/applyconfigurations/scheduling/v1
 k8s.io/client-go/applyconfigurations/scheduling/v1alpha1
 k8s.io/client-go/applyconfigurations/scheduling/v1beta1
@@ -2590,6 +2554,7 @@ k8s.io/client-go/informers/rbac/v1beta1
 k8s.io/client-go/informers/resource
 k8s.io/client-go/informers/resource/v1alpha3
 k8s.io/client-go/informers/resource/v1beta1
+k8s.io/client-go/informers/resource/v1beta2
 k8s.io/client-go/informers/scheduling
 k8s.io/client-go/informers/scheduling/v1
 k8s.io/client-go/informers/scheduling/v1alpha1
@@ -2697,6 +2662,8 @@ k8s.io/client-go/kubernetes/typed/resource/v1alpha3
 k8s.io/client-go/kubernetes/typed/resource/v1alpha3/fake
 k8s.io/client-go/kubernetes/typed/resource/v1beta1
 k8s.io/client-go/kubernetes/typed/resource/v1beta1/fake
+k8s.io/client-go/kubernetes/typed/resource/v1beta2
+k8s.io/client-go/kubernetes/typed/resource/v1beta2/fake
 k8s.io/client-go/kubernetes/typed/scheduling/v1
 k8s.io/client-go/kubernetes/typed/scheduling/v1/fake
 k8s.io/client-go/kubernetes/typed/scheduling/v1alpha1
@@ -2754,6 +2721,7 @@ k8s.io/client-go/listers/rbac/v1alpha1
 k8s.io/client-go/listers/rbac/v1beta1
 k8s.io/client-go/listers/resource/v1alpha3
 k8s.io/client-go/listers/resource/v1beta1
+k8s.io/client-go/listers/resource/v1beta2
 k8s.io/client-go/listers/scheduling/v1
 k8s.io/client-go/listers/scheduling/v1alpha1
 k8s.io/client-go/listers/scheduling/v1beta1
@@ -2816,7 +2784,7 @@ k8s.io/klog/v2/internal/dbg
 k8s.io/klog/v2/internal/serialize
 k8s.io/klog/v2/internal/severity
 k8s.io/klog/v2/internal/sloghandler
-# k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7
+# k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff
 ## explicit; go 1.21
 k8s.io/kube-openapi/pkg/cached
 k8s.io/kube-openapi/pkg/common
@@ -2831,7 +2799,6 @@ k8s.io/kube-openapi/pkg/validation/spec
 ## explicit; go 1.18
 k8s.io/utils/buffer
 k8s.io/utils/clock
-k8s.io/utils/clock/testing
 k8s.io/utils/internal/third_party/forked/golang/golang-lru
 k8s.io/utils/internal/third_party/forked/golang/net
 k8s.io/utils/lru
@@ -3017,10 +2984,14 @@ sigs.k8s.io/kustomize/kyaml/yaml/merge2
 sigs.k8s.io/kustomize/kyaml/yaml/merge3
 sigs.k8s.io/kustomize/kyaml/yaml/schema
 sigs.k8s.io/kustomize/kyaml/yaml/walk
+# sigs.k8s.io/randfill v1.0.0
+## explicit; go 1.18
+sigs.k8s.io/randfill
+sigs.k8s.io/randfill/bytesource
 # sigs.k8s.io/release-utils v0.11.1
 ## explicit; go 1.23
 sigs.k8s.io/release-utils/version
-# sigs.k8s.io/structured-merge-diff/v4 v4.5.0
+# sigs.k8s.io/structured-merge-diff/v4 v4.6.0
 ## explicit; go 1.13
 sigs.k8s.io/structured-merge-diff/v4/fieldpath
 sigs.k8s.io/structured-merge-diff/v4/merge
diff --git a/vendor/sigs.k8s.io/randfill/CONTRIBUTING.md b/vendor/sigs.k8s.io/randfill/CONTRIBUTING.md
new file mode 100644
index 0000000000..7566c879ce
--- /dev/null
+++ b/vendor/sigs.k8s.io/randfill/CONTRIBUTING.md
@@ -0,0 +1,43 @@
+# Contributing Guidelines
+
+Welcome to Kubernetes. We are excited about the prospect of you joining our [community](https://git.k8s.io/community)! The Kubernetes community abides by the CNCF [code of conduct](code-of-conduct.md). Here is an excerpt:
+
+_As contributors and maintainers of this project, and in the interest of fostering an open and welcoming community, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities._
+
+## Getting Started
+
+We have full documentation on how to get started contributing here:
+
+<!---
+If your repo has certain guidelines for contribution, put them here ahead of the general k8s resources
+-->
+
+- [Contributor License Agreement](https://git.k8s.io/community/CLA.md) Kubernetes projects require that you sign a Contributor License Agreement (CLA) before we can accept your pull requests
+- [Kubernetes Contributor Guide](https://git.k8s.io/community/contributors/guide) - Main contributor documentation, or you can just jump directly to the [contributing section](https://git.k8s.io/community/contributors/guide#contributing)
+- [Contributor Cheat Sheet](https://git.k8s.io/community/contributors/guide/contributor-cheatsheet) - Common resources for existing developers
+
+## Mentorship
+
+- [Mentoring Initiatives](https://git.k8s.io/community/mentoring) - We have a diverse set of mentorship programs available that are always looking for volunteers!
+
+<!---
+Custom Information - if you're copying this template for the first time you can add custom content here, for example:
+
+## Contact Information
+
+- [Slack channel](https://kubernetes.slack.com/messages/kubernetes-users) - Replace `kubernetes-users` with your slack channel string, this will send users directly to your channel. 
+- [Mailing list](URL)
+
+-->
+
+## Project Management
+
+The [maintainers](https://github.com/kubernetes-sigs/randfill/blob/main/OWNERS_ALIASES#L12) of this project (and often others who have official positions on the [contributor ladder](https://github.com/kubernetes-sigs/randfill/blob/main/OWNERS_ALIASES)) are responsible for performing project management which oversees development and maintenance of the API, tests, tools, e.t.c. While we try to be generally flexible when it comes to the management of individual pieces (such as Issues or PRs), we have some rules and guidelines which help us plan, coordinate and reduce waste. In this section you'll find some rules/guidelines for contributors related to project management which may extend or go beyond what you would find in the standard [Kubernetes Contributor Guide](https://git.k8s.io/community/contributors/guide).
+
+### Bumping stale and closed Issues & PRs
+
+Maintainers are ultimately responsible for triaging new issues and PRs, accepting or declining them, deciding priority and fitting them into milestones intended for future releases. Bots are responsible for marking issues and PRs which stagnate as stale, or closing them if progress does not continue for a long period of time. Due to the nature of this community-driven development effort (we do not have dedicated engineering resources, we rely on the community which is effectively "volunteer time") **not all issues can be accepted, prioritized or completed**.
+
+You may find times when an issue you're subscribed to and interested in seems to stagnate, or perhaps gets auto-closed. Prior to bumping or directly re-opening issues yourself, we generally ask that you bring these up for discussion on the agenda for one of our community syncs if possible, or bring them up for discussion in Slack or the mailing list as this gives us a better opportunity to discuss the issue and determine viability and logistics. If feasible we **highly recommend being ready to contribute directly** to any stale or unprioritized effort that you want to see move forward, as **the best way to ensure progress is to engage with the community and personally invest time**.
+
+We (the community) aren't opposed to making exceptions in some cases, but when in doubt please follow the above guidelines before bumping closed or stale issues if you're not ready to personally invest time in them. We are responsible for managing these and without further context or engagement we may set these back to how they were previously organized.
diff --git a/vendor/github.com/google/gofuzz/LICENSE b/vendor/sigs.k8s.io/randfill/LICENSE
similarity index 99%
rename from vendor/github.com/google/gofuzz/LICENSE
rename to vendor/sigs.k8s.io/randfill/LICENSE
index d645695673..9dd29274c3 100644
--- a/vendor/github.com/google/gofuzz/LICENSE
+++ b/vendor/sigs.k8s.io/randfill/LICENSE
@@ -1,4 +1,3 @@
-
                                  Apache License
                            Version 2.0, January 2004
                         http://www.apache.org/licenses/
@@ -179,7 +178,7 @@
    APPENDIX: How to apply the Apache License to your work.
 
       To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
+      boilerplate notice, with the fields enclosed by brackets "{}"
       replaced with your own identifying information. (Don't include
       the brackets!)  The text should be enclosed in the appropriate
       comment syntax for the file format. We also recommend that a
@@ -187,7 +186,8 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright [yyyy] [name of copyright owner]
+   Copyright 2014 The gofuzz Authors
+   Copyright 2025 The Kubernetes Authors
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
diff --git a/vendor/sigs.k8s.io/randfill/NOTICE b/vendor/sigs.k8s.io/randfill/NOTICE
new file mode 100644
index 0000000000..6984e71f65
--- /dev/null
+++ b/vendor/sigs.k8s.io/randfill/NOTICE
@@ -0,0 +1,24 @@
+When donating the randfill project to the CNCF, we could not reach all the
+gofuzz contributors to sign the CNCF CLA. As such, according to the CNCF rules
+to donate a repository, we must add a NOTICE referencing section 7 of the CLA
+with a list of developers who could not be reached.
+
+`7. Should You wish to submit work that is not Your original creation, You may
+submit it to the Foundation separately from any Contribution, identifying the
+complete details of its source and of any license or other restriction
+(including, but not limited to, related patents, trademarks, and license
+agreements) of which you are personally aware, and conspicuously marking the
+work as "Submitted on behalf of a third-party: [named here]".`
+
+Submitted on behalf of a third-party: @dnephin (Daniel Nephin)
+Submitted on behalf of a third-party: @AlekSi (Alexey Palazhchenko)
+Submitted on behalf of a third-party: @bbigras (Bruno Bigras)
+Submitted on behalf of a third-party: @samirkut (Samir)
+Submitted on behalf of a third-party: @posener (Eyal Posener)
+Submitted on behalf of a third-party: @Ashikpaul (Ashik Paul)
+Submitted on behalf of a third-party: @kwongtailau (Kwongtai)
+Submitted on behalf of a third-party: @ericcornelissen (Eric Cornelissen)
+Submitted on behalf of a third-party: @eclipseo (Robert-André Mauchin)
+Submitted on behalf of a third-party: @yanzhoupan (Andrew Pan)
+Submitted on behalf of a third-party: @STRRL (Zhiqiang ZHOU)
+Submitted on behalf of a third-party: @disconnect3d (Disconnect3d)
diff --git a/vendor/sigs.k8s.io/randfill/OWNERS b/vendor/sigs.k8s.io/randfill/OWNERS
new file mode 100644
index 0000000000..59f6a50f6b
--- /dev/null
+++ b/vendor/sigs.k8s.io/randfill/OWNERS
@@ -0,0 +1,8 @@
+# See the OWNERS docs at https://go.k8s.io/owners
+# See the OWNERS_ALIASES file at https://github.com/kubernetes-sigs/randfill/blob/main/OWNERS_ALIASES for a list of members for each alias.
+
+approvers:
+  - sig-testing-leads
+  - thockin
+
+reviewers: []
diff --git a/vendor/sigs.k8s.io/randfill/OWNERS_ALIASES b/vendor/sigs.k8s.io/randfill/OWNERS_ALIASES
new file mode 100644
index 0000000000..927f1209b1
--- /dev/null
+++ b/vendor/sigs.k8s.io/randfill/OWNERS_ALIASES
@@ -0,0 +1,14 @@
+# See the OWNERS docs: https://git.k8s.io/community/contributors/guide/owners.md
+# This file should be kept in sync with k/org.
+
+aliases:
+  # Reference: https://github.com/kubernetes/org/blob/main/OWNERS_ALIASES
+  sig-testing-leads:
+    - BenTheElder
+    - alvaroaleman
+    - aojea
+    - cjwagner
+    - jbpratt
+    - michelle192837
+    - pohly
+    - xmcqueen
diff --git a/vendor/github.com/google/gofuzz/README.md b/vendor/sigs.k8s.io/randfill/README.md
similarity index 53%
rename from vendor/github.com/google/gofuzz/README.md
rename to vendor/sigs.k8s.io/randfill/README.md
index b503aae7d7..d892fc9f5d 100644
--- a/vendor/github.com/google/gofuzz/README.md
+++ b/vendor/sigs.k8s.io/randfill/README.md
@@ -1,39 +1,46 @@
-gofuzz
+randfill
 ======
 
-gofuzz is a library for populating go objects with random values.
+randfill is a library for populating go objects with random values.
 
-[![GoDoc](https://godoc.org/github.com/google/gofuzz?status.svg)](https://godoc.org/github.com/google/gofuzz)
-[![Travis](https://travis-ci.org/google/gofuzz.svg?branch=master)](https://travis-ci.org/google/gofuzz)
+This is a fork of github.com/google/gofuzz, which was archived.
+
+NOTE: This repo is supported only for use within Kubernetes.  It is not our
+intention to support general use.  That said, if it works for you, that's
+great!  If you have a problem, please feel free to file an issue, but be aware
+that it may not be a priority for us to fix it unless it is affecting
+Kubernetes.  PRs are welcome, within reason.
+
+[![GoDoc](https://godoc.org/sigs.k8s.io/randfill?status.svg)](https://godoc.org/sigs.k8s.io/randfill)
 
 This is useful for testing:
 
 * Do your project's objects really serialize/unserialize correctly in all cases?
 * Is there an incorrectly formatted object that will cause your project to panic?
 
-Import with ```import "github.com/google/gofuzz"```
+Import with ```import "sigs.k8s.io/randfill"```
 
 You can use it on single variables:
 ```go
-f := fuzz.New()
+f := randfill.New()
 var myInt int
-f.Fuzz(&myInt) // myInt gets a random value.
+f.Fill(&myInt) // myInt gets a random value.
 ```
 
 You can use it on maps:
 ```go
-f := fuzz.New().NilChance(0).NumElements(1, 1)
+f := randfill.New().NilChance(0).NumElements(1, 1)
 var myMap map[ComplexKeyType]string
-f.Fuzz(&myMap) // myMap will have exactly one element.
+f.Fill(&myMap) // myMap will have exactly one element.
 ```
 
 Customize the chance of getting a nil pointer:
 ```go
-f := fuzz.New().NilChance(.5)
+f := randfill.New().NilChance(.5)
 var fancyStruct struct {
   A, B, C, D *string
 }
-f.Fuzz(&fancyStruct) // About half the pointers should be set.
+f.Fill(&fancyStruct) // About half the pointers should be set.
 ```
 
 You can even customize the randomization completely if needed:
@@ -49,25 +56,27 @@ type MyInfo struct {
         BInfo *string
 }
 
-f := fuzz.New().NilChance(0).Funcs(
-        func(e *MyInfo, c fuzz.Continue) {
+f := randfill.New().NilChance(0).Funcs(
+        func(e *MyInfo, c randfill.Continue) {
                 switch c.Intn(2) {
                 case 0:
                         e.Type = A
-                        c.Fuzz(&e.AInfo)
+                        c.Fill(&e.AInfo)
                 case 1:
                         e.Type = B
-                        c.Fuzz(&e.BInfo)
+                        c.Fill(&e.BInfo)
                 }
         },
 )
 
 var myObject MyInfo
-f.Fuzz(&myObject) // Type will correspond to whether A or B info is set.
+f.Fill(&myObject) // Type will correspond to whether A or B info is set.
 ```
 
 See more examples in ```example_test.go```.
 
+## dvyukov/go-fuzz integration
+
 You can use this library for easier [go-fuzz](https://github.com/dvyukov/go-fuzz)ing.
 go-fuzz provides the user a byte-slice, which should be converted to different inputs
 for the tested function. This library can help convert the byte slice. Consider for
@@ -76,11 +85,11 @@ example a fuzz test for a the function `mypackage.MyFunc` that takes an int argu
 // +build gofuzz
 package mypackage
 
-import fuzz "github.com/google/gofuzz"
+import "sigs.k8s.io/randfill"
 
 func Fuzz(data []byte) int {
         var i int
-        fuzz.NewFromGoFuzz(data).Fuzz(&i)
+        randfill.NewFromGoFuzz(data).Fill(&i)
         MyFunc(i)
         return 0
 }
diff --git a/vendor/sigs.k8s.io/randfill/SECURITY_CONTACTS b/vendor/sigs.k8s.io/randfill/SECURITY_CONTACTS
new file mode 100644
index 0000000000..91d7853378
--- /dev/null
+++ b/vendor/sigs.k8s.io/randfill/SECURITY_CONTACTS
@@ -0,0 +1,16 @@
+# Defined below are the security contacts for this repo.
+#
+# They are the contact point for the Product Security Committee to reach out
+# to for triaging and handling of incoming issues.
+#
+# The below names agree to abide by the
+# [Embargo Policy](https://git.k8s.io/security/private-distributors-list.md#embargo-policy)
+# and will be removed and replaced if they violate that agreement.
+#
+# DO NOT REPORT SECURITY VULNERABILITIES DIRECTLY TO THESE NAMES, FOLLOW THE
+# INSTRUCTIONS AT https://kubernetes.io/security/
+
+thockin
+BenTheElder
+aojea
+pohly
diff --git a/vendor/github.com/google/gofuzz/bytesource/bytesource.go b/vendor/sigs.k8s.io/randfill/bytesource/bytesource.go
similarity index 100%
rename from vendor/github.com/google/gofuzz/bytesource/bytesource.go
rename to vendor/sigs.k8s.io/randfill/bytesource/bytesource.go
diff --git a/vendor/sigs.k8s.io/randfill/code-of-conduct.md b/vendor/sigs.k8s.io/randfill/code-of-conduct.md
new file mode 100644
index 0000000000..0d15c00cf3
--- /dev/null
+++ b/vendor/sigs.k8s.io/randfill/code-of-conduct.md
@@ -0,0 +1,3 @@
+# Kubernetes Community Code of Conduct
+
+Please refer to our [Kubernetes Community Code of Conduct](https://git.k8s.io/community/code-of-conduct.md)
diff --git a/vendor/sigs.k8s.io/randfill/randfill.go b/vendor/sigs.k8s.io/randfill/randfill.go
new file mode 100644
index 0000000000..b734824844
--- /dev/null
+++ b/vendor/sigs.k8s.io/randfill/randfill.go
@@ -0,0 +1,682 @@
+/*
+Copyright 2014 Google Inc. All rights reserved.
+Copyright 2014 The gofuzz Authors.
+Copyright 2025 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package randfill is a library for populating go objects with random values.
+package randfill
+
+import (
+	"fmt"
+	"math/rand"
+	"reflect"
+	"regexp"
+	"sync"
+	"time"
+	"unsafe"
+
+	"strings"
+
+	"sigs.k8s.io/randfill/bytesource"
+)
+
+// funcMap is a map from a type to a function that randfills that type.  The
+// function is a reflect.Value because the type being filled is different for
+// each func.
+type funcMap map[reflect.Type]reflect.Value
+
+// Filler knows how to fill any object with random fields.
+type Filler struct {
+	customFuncs           funcMap
+	defaultFuncs          funcMap
+	r                     *rand.Rand
+	nilChance             float64
+	minElements           int
+	maxElements           int
+	maxDepth              int
+	allowUnexportedFields bool
+	skipFieldPatterns     []*regexp.Regexp
+
+	lock sync.Mutex
+}
+
+// New returns a new Filler. Customize your Filler further by calling Funcs,
+// RandSource, NilChance, or NumElements in any order.
+func New() *Filler {
+	return NewWithSeed(time.Now().UnixNano())
+}
+
+func NewWithSeed(seed int64) *Filler {
+	f := &Filler{
+		defaultFuncs: funcMap{
+			reflect.TypeOf(&time.Time{}): reflect.ValueOf(randfillTime),
+		},
+
+		customFuncs:           funcMap{},
+		r:                     rand.New(rand.NewSource(seed)),
+		nilChance:             .2,
+		minElements:           1,
+		maxElements:           10,
+		maxDepth:              100,
+		allowUnexportedFields: false,
+	}
+	return f
+}
+
+// NewFromGoFuzz is a helper function that enables using randfill (this
+// project) with go-fuzz (https://github.com/dvyukov/go-fuzz) for continuous
+// fuzzing. Essentially, it enables translating the fuzzing bytes from
+// go-fuzz to any Go object using this library.
+//
+// This implementation promises a constant translation from a given slice of
+// bytes to the fuzzed objects. This promise will remain over future
+// versions of Go and of this library.
+//
+// Note: the returned Filler should not be shared between multiple goroutines,
+// as its deterministic output will no longer be available.
+//
+// Example: use go-fuzz to test the function `MyFunc(int)` in the package
+// `mypackage`. Add the file: "mypackage_fuzz.go" with the content:
+//
+// // +build gofuzz
+// package mypackage
+// import "sigs.k8s.io/randfill"
+//
+//	func Fuzz(data []byte) int {
+//		var i int
+//		randfill.NewFromGoFuzz(data).Fill(&i)
+//		MyFunc(i)
+//		return 0
+//	}
+func NewFromGoFuzz(data []byte) *Filler {
+	return New().RandSource(bytesource.New(data))
+}
+
+// Funcs registers custom fill functions for this Filler.
+//
+// Each entry in customFuncs must be a function taking two parameters.
+// The first parameter must be a pointer or map. It is the variable that
+// function will fill with random data. The second parameter must be a
+// randfill.Continue, which will provide a source of randomness and a way
+// to automatically continue filling smaller pieces of the first parameter.
+//
+// These functions are called sensibly, e.g., if you wanted custom string
+// filling, the function `func(s *string, c randfill.Continue)` would get
+// called and passed the address of strings. Maps and pointers will always
+// be made/new'd for you, ignoring the NilChance option. For slices, it
+// doesn't make much sense to pre-create them--Filler doesn't know how
+// long you want your slice--so take a pointer to a slice, and make it
+// yourself. (If you don't want your map/pointer type pre-made, take a
+// pointer to it, and make it yourself.) See the examples for a range of
+// custom functions.
+//
+// If a function is already registered for a type, and a new function is
+// provided, the previous function will be replaced with the new one.
+func (f *Filler) Funcs(customFuncs ...interface{}) *Filler {
+	for i := range customFuncs {
+		v := reflect.ValueOf(customFuncs[i])
+		if v.Kind() != reflect.Func {
+			panic("Filler.Funcs: all arguments must be functions")
+		}
+		t := v.Type()
+		if t.NumIn() != 2 || t.NumOut() != 0 {
+			panic("Filler.Funcs: all customFuncs must have 2 arguments and 0 returns")
+		}
+		argT := t.In(0)
+		switch argT.Kind() {
+		case reflect.Ptr, reflect.Map:
+		default:
+			panic("Filler.Funcs: customFuncs' first argument must be a pointer or map type")
+		}
+		if t.In(1) != reflect.TypeOf(Continue{}) {
+			panic("Filler.Funcs: customFuncs' second argument must be a randfill.Continue")
+		}
+		f.customFuncs[argT] = v
+	}
+	return f
+}
+
+// RandSource causes this Filler to get values from the given source of
+// randomness. Use this if you want deterministic filling.
+func (f *Filler) RandSource(s rand.Source) *Filler {
+	f.r = rand.New(s)
+	return f
+}
+
+// NilChance sets the probability of creating a nil pointer, map, or slice to
+// 'p'. 'p' should be between 0 (no nils) and 1 (all nils), inclusive.
+func (f *Filler) NilChance(p float64) *Filler {
+	if p < 0 || p > 1 {
+		panic("Filler.NilChance: p must be between 0 and 1, inclusive")
+	}
+	f.nilChance = p
+	return f
+}
+
+// NumElements sets the minimum and maximum number of elements that will be
+// added to a non-nil map or slice.
+func (f *Filler) NumElements(min, max int) *Filler {
+	if min < 0 {
+		panic("Filler.NumElements: min must be >= 0")
+	}
+	if min > max {
+		panic("Filler.NumElements: min must be <= max")
+	}
+	f.minElements = min
+	f.maxElements = max
+	return f
+}
+
+func (f *Filler) genElementCount() int {
+	if f.minElements == f.maxElements {
+		return f.minElements
+	}
+	return f.minElements + f.r.Intn(f.maxElements-f.minElements+1)
+}
+
+func (f *Filler) genShouldFill() bool {
+	return f.r.Float64() >= f.nilChance
+}
+
+// MaxDepth sets the maximum number of recursive fill calls that will be made
+// before stopping.  This includes struct members, pointers, and map and slice
+// elements.
+func (f *Filler) MaxDepth(d int) *Filler {
+	f.maxDepth = d
+	return f
+}
+
+// AllowUnexportedFields defines whether to fill unexported fields.
+func (f *Filler) AllowUnexportedFields(flag bool) *Filler {
+	f.allowUnexportedFields = flag
+	return f
+}
+
+// SkipFieldsWithPattern tells this Filler to skip any field whose name matches
+// the supplied pattern. Call this multiple times if needed. This is useful to
+// skip XXX_ fields generated by protobuf.
+func (f *Filler) SkipFieldsWithPattern(pattern *regexp.Regexp) *Filler {
+	f.skipFieldPatterns = append(f.skipFieldPatterns, pattern)
+	return f
+}
+
+// SimpleSelfFiller represents an object that knows how to randfill itself.
+//
+// Unlike NativeSelfFiller, this interface does not cause the type in question
+// to depend on the randfill package.  This is most useful for simple types.  For
+// more complex types, consider using NativeSelfFiller.
+type SimpleSelfFiller interface {
+	// RandFill fills the current object with random data.
+	RandFill(r *rand.Rand)
+}
+
+// NativeSelfFiller represents an object that knows how to randfill itself.
+//
+// Unlike SimpleSelfFiller, this interface allows for recursive filling of
+// child objects with the same rules as the parent Filler.
+type NativeSelfFiller interface {
+	// RandFill fills the current object with random data.
+	RandFill(c Continue)
+}
+
+// Fill recursively fills all of obj's fields with something random.  First
+// this tries to find a custom fill function (see Funcs).  If there is no
+// custom function, this tests whether the object implements SimpleSelfFiller
+// or NativeSelfFiller and if so, calls RandFill on it to fill itself.  If that
+// fails, this will see if there is a default fill function provided by this
+// package. If all of that fails, this will generate random values for all
+// primitive fields and then recurse for all non-primitives.
+//
+// This is safe for cyclic or tree-like structs, up to a limit.  Use the
+// MaxDepth method to adjust how deep you need it to recurse.
+//
+// obj must be a pointer. Exported (public) fields can always be set, and if
+// the AllowUnexportedFields() modifier was called it can try to set unexported
+// (private) fields, too.
+//
+// This is intended for tests, so will panic on bad input or unimplemented
+// types.  This method takes a lock for the whole Filler, so it is not
+// reentrant.  See Continue.
+func (f *Filler) Fill(obj interface{}) {
+	f.lock.Lock()
+	defer f.lock.Unlock()
+
+	v := reflect.ValueOf(obj)
+	if v.Kind() != reflect.Ptr {
+		panic("Filler.Fill: obj must be a pointer")
+	}
+	v = v.Elem()
+	f.fillWithContext(v, 0)
+}
+
+// FillNoCustom is just like Fill, except that any custom fill function for
+// obj's type will not be called and obj will not be tested for
+// SimpleSelfFiller or NativeSelfFiller. This applies only to obj and not other
+// instances of obj's type or to obj's child fields.
+//
+// obj must be a pointer. Exported (public) fields can always be set, and if
+// the AllowUnexportedFields() modifier was called it can try to set unexported
+// (private) fields, too.
+//
+// This is intended for tests, so will panic on bad input or unimplemented
+// types.  This method takes a lock for the whole Filler, so it is not
+// reentrant.  See Continue.
+func (f *Filler) FillNoCustom(obj interface{}) {
+	f.lock.Lock()
+	defer f.lock.Unlock()
+
+	v := reflect.ValueOf(obj)
+	if v.Kind() != reflect.Ptr {
+		panic("Filler.FillNoCustom: obj must be a pointer")
+	}
+	v = v.Elem()
+	f.fillWithContext(v, flagNoCustomFill)
+}
+
+const (
+	// Do not try to find a custom fill function.  Does not apply recursively.
+	flagNoCustomFill uint64 = 1 << iota
+)
+
+func (f *Filler) fillWithContext(v reflect.Value, flags uint64) {
+	fc := &fillerContext{filler: f}
+	fc.doFill(v, flags)
+}
+
+// fillerContext carries context about a single filling run, which lets Filler
+// be thread-safe.
+type fillerContext struct {
+	filler   *Filler
+	curDepth int
+}
+
+func (fc *fillerContext) doFill(v reflect.Value, flags uint64) {
+	if fc.curDepth >= fc.filler.maxDepth {
+		return
+	}
+	fc.curDepth++
+	defer func() { fc.curDepth-- }()
+
+	if !v.CanSet() {
+		if !fc.filler.allowUnexportedFields || !v.CanAddr() {
+			return
+		}
+		v = reflect.NewAt(v.Type(), unsafe.Pointer(v.UnsafeAddr())).Elem()
+	}
+
+	if flags&flagNoCustomFill == 0 {
+		// Check for both pointer and non-pointer custom functions.
+		if v.CanAddr() && fc.tryCustom(v.Addr()) {
+			return
+		}
+		if fc.tryCustom(v) {
+			return
+		}
+	}
+
+	if fn, ok := fillFuncMap[v.Kind()]; ok {
+		fn(v, fc.filler.r)
+		return
+	}
+
+	switch v.Kind() {
+	case reflect.Map:
+		if fc.filler.genShouldFill() {
+			v.Set(reflect.MakeMap(v.Type()))
+			n := fc.filler.genElementCount()
+			for i := 0; i < n; i++ {
+				key := reflect.New(v.Type().Key()).Elem()
+				fc.doFill(key, 0)
+				val := reflect.New(v.Type().Elem()).Elem()
+				fc.doFill(val, 0)
+				v.SetMapIndex(key, val)
+			}
+			return
+		}
+		v.Set(reflect.Zero(v.Type()))
+	case reflect.Ptr:
+		if fc.filler.genShouldFill() {
+			v.Set(reflect.New(v.Type().Elem()))
+			fc.doFill(v.Elem(), 0)
+			return
+		}
+		v.Set(reflect.Zero(v.Type()))
+	case reflect.Slice:
+		if fc.filler.genShouldFill() {
+			n := fc.filler.genElementCount()
+			v.Set(reflect.MakeSlice(v.Type(), n, n))
+			for i := 0; i < n; i++ {
+				fc.doFill(v.Index(i), 0)
+			}
+			return
+		}
+		v.Set(reflect.Zero(v.Type()))
+	case reflect.Array:
+		if fc.filler.genShouldFill() {
+			n := v.Len()
+			for i := 0; i < n; i++ {
+				fc.doFill(v.Index(i), 0)
+			}
+			return
+		}
+		v.Set(reflect.Zero(v.Type()))
+	case reflect.Struct:
+		for i := 0; i < v.NumField(); i++ {
+			skipField := false
+			fieldName := v.Type().Field(i).Name
+			for _, pattern := range fc.filler.skipFieldPatterns {
+				if pattern.MatchString(fieldName) {
+					skipField = true
+					break
+				}
+			}
+			if !skipField {
+				fc.doFill(v.Field(i), 0)
+			}
+		}
+	case reflect.Chan:
+		fallthrough
+	case reflect.Func:
+		fallthrough
+	case reflect.Interface:
+		fallthrough
+	default:
+		panic(fmt.Sprintf("can't fill type %v, kind %v", v.Type(), v.Kind()))
+	}
+}
+
+// tryCustom searches for custom handlers, and returns true iff it finds a match
+// and successfully randomizes v.
+func (fc *fillerContext) tryCustom(v reflect.Value) bool {
+	// First: see if we have a fill function for it.
+	doCustom, ok := fc.filler.customFuncs[v.Type()]
+	if !ok {
+		// Second: see if it can fill itself.
+		if v.CanInterface() {
+			intf := v.Interface()
+			if fillable, ok := intf.(SimpleSelfFiller); ok {
+				fillable.RandFill(fc.filler.r)
+				return true
+			}
+			if fillable, ok := intf.(NativeSelfFiller); ok {
+				fillable.RandFill(Continue{fc: fc, Rand: fc.filler.r})
+				return true
+			}
+		}
+		// Finally: see if there is a default fill function.
+		doCustom, ok = fc.filler.defaultFuncs[v.Type()]
+		if !ok {
+			return false
+		}
+	}
+
+	switch v.Kind() {
+	case reflect.Ptr:
+		if v.IsNil() {
+			if !v.CanSet() {
+				return false
+			}
+			v.Set(reflect.New(v.Type().Elem()))
+		}
+	case reflect.Map:
+		if v.IsNil() {
+			if !v.CanSet() {
+				return false
+			}
+			v.Set(reflect.MakeMap(v.Type()))
+		}
+	default:
+		return false
+	}
+
+	doCustom.Call([]reflect.Value{
+		v,
+		reflect.ValueOf(Continue{
+			fc:   fc,
+			Rand: fc.filler.r,
+		}),
+	})
+	return true
+}
+
+// Continue can be passed to custom fill functions to allow them to use
+// the correct source of randomness and to continue filling their members.
+type Continue struct {
+	fc *fillerContext
+
+	// For convenience, Continue implements rand.Rand via embedding.
+	// Use this for generating any randomness if you want your filling
+	// to be repeatable for a given seed.
+	*rand.Rand
+}
+
+// Fill continues filling obj. obj must be a pointer or a reflect.Value of a
+// pointer.  See Filler.Fill.
+func (c Continue) Fill(obj interface{}) {
+	v, ok := obj.(reflect.Value)
+	if !ok {
+		v = reflect.ValueOf(obj)
+	}
+	if v.Kind() != reflect.Ptr {
+		panic("Continue.Fill: obj must be a pointer")
+	}
+	v = v.Elem()
+	c.fc.doFill(v, 0)
+}
+
+// FillNoCustom continues filling obj, except that any custom fill function for
+// obj's type will not be called and obj will not be tested for
+// SimpleSelfFiller or NativeSelfFiller.  See Filler.FillNoCustom.
+func (c Continue) FillNoCustom(obj interface{}) {
+	v, ok := obj.(reflect.Value)
+	if !ok {
+		v = reflect.ValueOf(obj)
+	}
+	if v.Kind() != reflect.Ptr {
+		panic("Continue.FillNoCustom: obj must be a pointer")
+	}
+	v = v.Elem()
+	c.fc.doFill(v, flagNoCustomFill)
+}
+
+const defaultStringMaxLen = 20
+
+// String makes a random string up to n characters long. If n is 0, the default
+// size range is [0-20). The returned string may include a variety of (valid)
+// UTF-8 encodings.
+func (c Continue) String(n int) string {
+	return randString(c.Rand, n)
+}
+
+// Uint64 makes random 64 bit numbers.
+// Weirdly, rand doesn't have a function that gives you 64 random bits.
+func (c Continue) Uint64() uint64 {
+	return randUint64(c.Rand)
+}
+
+// Bool returns true or false randomly.
+func (c Continue) Bool() bool {
+	return randBool(c.Rand)
+}
+
+func fillInt(v reflect.Value, r *rand.Rand) {
+	v.SetInt(int64(randUint64(r)))
+}
+
+func fillUint(v reflect.Value, r *rand.Rand) {
+	v.SetUint(randUint64(r))
+}
+
+func randfillTime(t *time.Time, c Continue) {
+	var sec, nsec int64
+	// Allow for about 1000 years of random time values, which keeps things
+	// like JSON parsing reasonably happy.
+	sec = c.Rand.Int63n(1000 * 365 * 24 * 60 * 60)
+	// Nanosecond values greater than 1Bn are technically allowed but result in
+	// time.Time values with invalid timezone offsets.
+	nsec = c.Rand.Int63n(999999999)
+	*t = time.Unix(sec, nsec)
+}
+
+var fillFuncMap = map[reflect.Kind]func(reflect.Value, *rand.Rand){
+	reflect.Bool: func(v reflect.Value, r *rand.Rand) {
+		v.SetBool(randBool(r))
+	},
+	reflect.Int:     fillInt,
+	reflect.Int8:    fillInt,
+	reflect.Int16:   fillInt,
+	reflect.Int32:   fillInt,
+	reflect.Int64:   fillInt,
+	reflect.Uint:    fillUint,
+	reflect.Uint8:   fillUint,
+	reflect.Uint16:  fillUint,
+	reflect.Uint32:  fillUint,
+	reflect.Uint64:  fillUint,
+	reflect.Uintptr: fillUint,
+	reflect.Float32: func(v reflect.Value, r *rand.Rand) {
+		v.SetFloat(float64(r.Float32()))
+	},
+	reflect.Float64: func(v reflect.Value, r *rand.Rand) {
+		v.SetFloat(r.Float64())
+	},
+	reflect.Complex64: func(v reflect.Value, r *rand.Rand) {
+		v.SetComplex(complex128(complex(r.Float32(), r.Float32())))
+	},
+	reflect.Complex128: func(v reflect.Value, r *rand.Rand) {
+		v.SetComplex(complex(r.Float64(), r.Float64()))
+	},
+	reflect.String: func(v reflect.Value, r *rand.Rand) {
+		v.SetString(randString(r, 0))
+	},
+	reflect.UnsafePointer: func(v reflect.Value, r *rand.Rand) {
+		panic("filling of UnsafePointers is not implemented")
+	},
+}
+
+// randBool returns true or false randomly.
+func randBool(r *rand.Rand) bool {
+	return r.Int31()&(1<<30) == 0
+}
+
+type int63nPicker interface {
+	Int63n(int64) int64
+}
+
+// UnicodeRange describes a sequential range of unicode characters.
+// Last must be numerically greater than First.
+type UnicodeRange struct {
+	First, Last rune
+}
+
+// UnicodeRanges describes an arbitrary number of sequential ranges of unicode characters.
+// To be useful, each range must have at least one character (First <= Last) and
+// there must be at least one range.
+type UnicodeRanges []UnicodeRange
+
+// choose returns a random unicode character from the given range, using the
+// given randomness source.
+func (ur UnicodeRange) choose(r int63nPicker) rune {
+	count := int64(ur.Last - ur.First + 1)
+	return ur.First + rune(r.Int63n(count))
+}
+
+// CustomStringFillFunc constructs a FillFunc which produces random strings.
+// Each character is selected from the range ur. If there are no characters
+// in the range (cr.Last < cr.First), this will panic.
+func (ur UnicodeRange) CustomStringFillFunc(n int) func(s *string, c Continue) {
+	ur.check()
+	return func(s *string, c Continue) {
+		*s = ur.randString(c.Rand, n)
+	}
+}
+
+// check is a function that used to check whether the first of ur(UnicodeRange)
+// is greater than the last one.
+func (ur UnicodeRange) check() {
+	if ur.Last < ur.First {
+		panic("UnicodeRange.check: the last encoding must be greater than the first")
+	}
+}
+
+// randString of UnicodeRange makes a random string up to 20 characters long.
+// Each character is selected form ur(UnicodeRange).
+func (ur UnicodeRange) randString(r *rand.Rand, max int) string {
+	if max == 0 {
+		max = defaultStringMaxLen
+	}
+	n := r.Intn(max)
+	sb := strings.Builder{}
+	sb.Grow(n)
+	for i := 0; i < n; i++ {
+		sb.WriteRune(ur.choose(r))
+	}
+	return sb.String()
+}
+
+// defaultUnicodeRanges sets a default unicode range when users do not set
+// CustomStringFillFunc() but want to fill strings.
+var defaultUnicodeRanges = UnicodeRanges{
+	{' ', '~'},           // ASCII characters
+	{'\u00a0', '\u02af'}, // Multi-byte encoded characters
+	{'\u4e00', '\u9fff'}, // Common CJK (even longer encodings)
+}
+
+// CustomStringFillFunc constructs a FillFunc which produces random strings.
+// Each character is selected from one of the ranges of ur(UnicodeRanges).
+// Each range has an equal probability of being chosen. If there are no ranges,
+// or a selected range has no characters (.Last < .First), this will panic.
+// Do not modify any of the ranges in ur after calling this function.
+func (ur UnicodeRanges) CustomStringFillFunc(n int) func(s *string, c Continue) {
+	// Check unicode ranges slice is empty.
+	if len(ur) == 0 {
+		panic("UnicodeRanges is empty")
+	}
+	// if not empty, each range should be checked.
+	for i := range ur {
+		ur[i].check()
+	}
+	return func(s *string, c Continue) {
+		*s = ur.randString(c.Rand, n)
+	}
+}
+
+// randString of UnicodeRanges makes a random string up to 20 characters long.
+// Each character is selected form one of the ranges of ur(UnicodeRanges),
+// and each range has an equal probability of being chosen.
+func (ur UnicodeRanges) randString(r *rand.Rand, max int) string {
+	if max == 0 {
+		max = defaultStringMaxLen
+	}
+	n := r.Intn(max)
+	sb := strings.Builder{}
+	sb.Grow(n)
+	for i := 0; i < n; i++ {
+		sb.WriteRune(ur[r.Intn(len(ur))].choose(r))
+	}
+	return sb.String()
+}
+
+// randString makes a random string up to 20 characters long. The returned string
+// may include a variety of (valid) UTF-8 encodings.
+func randString(r *rand.Rand, max int) string {
+	return defaultUnicodeRanges.randString(r, max)
+}
+
+// randUint64 makes random 64 bit numbers.
+// Weirdly, rand doesn't have a function that gives you 64 random bits.
+func randUint64(r *rand.Rand) uint64 {
+	return uint64(r.Uint32())<<32 | uint64(r.Uint32())
+}